CVS update: samba/source/include

[Luke Leighton]

Date:	Monday February 28, 2000 @ 6:12
Author:	lkcl

Update of /data/cvs/samba/source/include
In directory samba:/tmp/cvs-serv26652/include

Modified Files:
      Tag: SAMBA_TNG
	lib_smb_proto.h proto.h rpc_dce.h rpc_parse_proto.h 
	winbindd_proto.h 
Log Message:
added bind nack to server-side.

jeremy, the majority of "negative" responses are actually "fault" pdus.

the only circumstances in which a bind nack is returned is if there is
something wrong with a bind request.  e.g the NTLMSSP auth bind-request
(negotiate) stage, which contains the client hostname and client domain,
contains an unrecognised name such as NULL.

e.g the NETSEC (netlogon secure channel) auth bind-request stage which
again happens (coincidentally) to contain the client hostname and client
domain, contains a hostname/domainname tuple for which no NetrReqChal+
NetrAuth2 with flags 0x400001ff has just previously been done.

i.e: NetrReqChal("\\myserver", "mydomain", ...);
NetrAuth2("\\myserver", mydomain, 0x400001ff, ...);
[now do netsec]
NetSecBindRequest("\\somestupidservername", "totalgarbagedomainname")
this should be rejected with a bind NACK.

<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton    </a>
<a href=" http://cb1.com/~lkcl"  > Samba and Network Development   </a>
<a href=" http://samba.org"      > Samba Web site                  </a>
<a href=" http://www.iss.net"    > Internet Security Systems, Inc. </a>
<a href=" http://mcp.com"        > Macmillan Technical Publishing  </a>
 
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals