CVS update: samba/source/rpc_server
Luke Leighton
lkcl at samba.anu.edu.au
Mon Feb 28 06:12:07 EST 2000
Date: Monday February 28, 2000 @ 6:12
Author: lkcl
Update of /data/cvs/samba/source/rpc_server
In directory samba:/tmp/cvs-serv26652/rpc_server
Modified Files:
Tag: SAMBA_TNG
srv_pipe_ntlmssp.c srv_pipe_srv.c
Log Message:
added bind nack to server-side.
jeremy, the majority of "negative" responses are actually "fault" pdus.
the only circumstances in which a bind nack is returned is if there is
something wrong with a bind request. e.g the NTLMSSP auth bind-request
(negotiate) stage, which contains the client hostname and client domain,
contains an unrecognised name such as NULL.
e.g the NETSEC (netlogon secure channel) auth bind-request stage which
again happens (coincidentally) to contain the client hostname and client
domain, contains a hostname/domainname tuple for which no NetrReqChal+
NetrAuth2 with flags 0x400001ff has just previously been done.
i.e: NetrReqChal("\\myserver", "mydomain", ...);
NetrAuth2("\\myserver", mydomain, 0x400001ff, ...);
[now do netsec]
NetSecBindRequest("\\somestupidservername", "totalgarbagedomainname")
this should be rejected with a bind NACK.
<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href=" http://cb1.com/~lkcl" > Samba and Network Development </a>
<a href=" http://samba.org" > Samba Web site </a>
<a href=" http://www.iss.net" > Internet Security Systems, Inc. </a>
<a href=" http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-cvs
mailing list