svn commit: samba r6272 - in branches/SAMBA_4_0/source/librpc/rpc: .
abartlet at samba.org
abartlet at samba.org
Sun Apr 10 10:13:58 GMT 2005
Author: abartlet
Date: 2005-04-10 10:13:57 +0000 (Sun, 10 Apr 2005)
New Revision: 6272
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6272
Log:
For 'programmed' use of an anonymous account, we should use
cli_credentials_set_conf(), not cli_credentials_guess().
Also, clarify why for particular flags, we don't do a DCERPC-level
authentication.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
===================================================================
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2005-04-10 10:11:36 UTC (rev 6271)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2005-04-10 10:13:57 UTC (rev 6272)
@@ -806,8 +806,8 @@
struct cli_credentials *anon_creds
= cli_credentials_init(mem_ctx);
+ cli_credentials_set_conf(anon_creds);
cli_credentials_set_anonymous(anon_creds);
- cli_credentials_guess(anon_creds);
/* First, check if there is a default endpoint specified in the IDL */
@@ -939,7 +939,14 @@
} else if (!cli_credentials_is_anonymous(credentials) &&
!(binding->transport == NCACN_NP &&
!(binding->flags & DCERPC_SIGN) &&
- !(binding->flags & DCERPC_SEAL))) {
+ !(binding->flags & DCERPC_SEAL))) {
+
+ /* Perform an authenticated DCE-RPC bind, except where
+ * we ask for a connection on NCACN_NP, and that
+ * connection is not signed or sealed. For that case
+ * we rely on the already authenicated CIFS connection
+ */
+
uint8_t auth_type;
if (binding->flags & DCERPC_AUTH_SPNEGO) {
auth_type = DCERPC_AUTH_TYPE_SPNEGO;
More information about the samba-cvs
mailing list