Joseph Doherty
2fc327a8d5
Replace the hand-rolled CallbackExporter (TCP listener + custom
OBJREF) with a real `windows-rs` `#[implement]` COM class for
INmxSvcCallback, marshalled via CoMarshalInterface. NmxSvc validates
the callback OBJREF by calling IObjectExporter::ResolveOxid against
the local RPCSS at 127.0.0.1:135; hand-rolled OXIDs aren't registered
there, which is why RegisterEngine2 returned RPC_S_SERVER_UNAVAILABLE
(1722) on every live attempt. CoMarshalInterface registers the OXID
with RPCSS automatically, so the SCM-side resolution succeeds.
Mirrors MxNativeSession.CreateRegisteredService (cs:624), which is
the .NET reference's working path:
ComObjRefProvider.MarshalInterfaceObjRef(callback,
INmxSvcCallback, DifferentMachine)
Layout:
- mxaccess-callback::dcom_sink — INmxSvcCallback + DcomCallbackSink
+ create_dcom_callback_sink_objref. Forwards inbound calls into
the same CallbackEvent::CallbackInvoked { opnum, body } shape the
legacy exporter produces, so callback_router stays path-agnostic.
- Session::from_nmx_client — branched on `windows-com`. Real DCOM
sink when on; legacy CallbackExporter when off (kept for unit
tests that run against an in-process fake NMX peer).
- SessionInner.dcom_sink_holder: Option<IUnknownHolder> — keeps the
COM ref alive for the session's lifetime; shutdown_nmx drops it.
- mxaccess-rpc + mxaccess-callback: windows-rs 0.59 → 0.62. The 0.59
#[implement] macro generates code that doesn't compile under
edition 2024; 0.62 is fixed.
Live result: cargo test -p mxaccess-compat --features
live-windows-com --test lmx_write_complete_live -- --ignored
--nocapture passes end-to-end. RegisterEngine2 OK, write
round-trips, OnWriteComplete fires with the captured MxStatus shape.
Unblocks F49 step 5; F55 marked Resolved in design/followups.md.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
48 lines
1.5 KiB
TOML
48 lines
1.5 KiB
TOML
[package]
|
|
name = "mxaccess-rpc"
|
|
description = "DCE/RPC PDU codec + NTLMv2 + OBJREF + OXID resolution + RemQI for the NMX transport."
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
license.workspace = true
|
|
repository.workspace = true
|
|
rust-version.workspace = true
|
|
authors.workspace = true
|
|
|
|
[dependencies]
|
|
thiserror = { workspace = true }
|
|
tokio = { workspace = true }
|
|
hmac = "0.12"
|
|
md-5 = "0.10"
|
|
md4 = "0.10"
|
|
rc4 = "0.2"
|
|
rand = "0.8"
|
|
# F2 — constant-time MAC compare for verify_signature (server-to-client
|
|
# direction). subtle::ConstantTimeEq prevents timing oracles on the
|
|
# 8-byte MAC field of inbound NTLM-signed PDUs.
|
|
subtle = "2"
|
|
|
|
# F6 — Win32 OBJREF emitter via CoMarshalInterface. Optional, gated by the
|
|
# `windows-com` feature so the default footprint stays slim. windows-rs
|
|
# pulls a small set of submodules — Win32_System_Com for IUnknown / IStream
|
|
# / CoCreateInstance / CoMarshalInterface, Win32_System_Memory for
|
|
# GlobalLock / GlobalSize, Win32_System_Ole for the historical
|
|
# CreateStreamOnHGlobal / GetHGlobalFromStream re-exports.
|
|
windows = { version = "0.62", features = [
|
|
"Win32_Foundation",
|
|
"Win32_System_Com",
|
|
"Win32_System_Com_Marshal",
|
|
"Win32_System_Com_StructuredStorage",
|
|
"Win32_System_Memory",
|
|
], optional = true }
|
|
|
|
[features]
|
|
default = []
|
|
# Gates the Win32 OBJREF emitter port (`com_objref_provider` module). The
|
|
# module itself is `cfg(windows)`-gated so non-Windows builds with the
|
|
# feature on stay green (the `windows` crate compiles to stubs on
|
|
# non-Windows targets).
|
|
windows-com = ["dep:windows"]
|
|
|
|
[lints]
|
|
workspace = true
|