[cifs-protocol] [MS-NRPC] 3.1.4.1 Session-Key Negotiation lacking details - TrackingID#2309080040007879
Jeff McCashland (He/him)
jeffm at microsoft.com
Tue Sep 12 22:48:45 UTC 2023
Hi Metze,
I have reviewed [MS-NRPC] section 3.1.4.1 Session-Key negotiation, and I don't seen any mention of downgrade at all. I admit this is a document I'm not deeply familiar with.
Could you specify which steps you are referring to, what you mean by a downgrade, and specifically where you feel more detail is needed?
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Jeff McCashland (He/him)
Sent: Friday, September 8, 2023 1:46 PM
To: Stefan Metzmacher <metze at samba.org>; Ralph Böhme <slow at samba.org>
Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: [MS-NRPC] 3.1.4.1 Session-Key Negotiation lacking details - TrackingID#2309080040007879
[support on CC, updated Subject with new SR ID]
Hi Metze,
We have created SR 2309080040007879 to track this issue. I will look into it and get back to you.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Stefan Metzmacher <metze at samba.org>
Sent: Thursday, September 7, 2023 11:27 PM
To: Jeff McCashland (He/him) <jeffm at microsoft.com>; Ralph Böhme <slow at samba.org>
Cc: cifs-protocol at lists.samba.org
Subject: [EXTERNAL] Re: [MS-NRPC] DCERPC_NCA_S_FAULT_INVALID_TAG returned instead of STATUS_INVALID_LEVEL - TrackingID#2307200040007944
Hi Jeff,
> We have updated [MS-NRPC] for the next release to address this issue. We have added the following Behavior Note to section 3.5.4.4.10:
>
> <197> Section 3.5.4.4.10: Windows RPC layer may return its own error code instead of STATUS_INVALID_LEVEL. The error code that a client gets depends on where the calling application is getting the error from:
> 1. If the client is running on Windows and calling Windows RPC APIs, they may get the Win32 error code RPC_S_INVALID_TAG ([MS-ERREF] section 2.2).
> 2. If the client is running on third-party operating systems or getting the error code from the wire, they may get nca_s_fault_invalid_tag (0x1C000006). ([C706-RSCP] DCE 1.1: Remote Procedure Call - Reject Status Codes and Parameters).
> 3. The conversion between the on-the-wire nca_s_fault_invalid_tag and Win32 error code RPC_S_INVALID_TAG is specified in [MS-RPCE] Section 3.1.1.5.5.
>
> I hope that helps.
Yes, thanks!
In addition I think 3.1.4.1 Session-Key Negotiation could be much more verbose in a way that it would describe how safe downgrade is possible and how an unsafe downgrade is detected.
metze
More information about the cifs-protocol
mailing list