svn commit: samba r14715 - in branches/SAMBA_4_0/source: librpc/idl
librpc/rpc rpc_server
abartlet at samba.org
abartlet at samba.org
Sat Mar 25 11:40:17 GMT 2006
Author: abartlet
Date: 2006-03-25 11:40:16 +0000 (Sat, 25 Mar 2006)
New Revision: 14715
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14715
Log:
Correct the definition of the DCE/RPC bind_nak, per the OpenGroup spec.
This allows us to correctly parse the bind_nak from NT4, when we use
an invalid auth type (the unsupported SPNEGO)..
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/librpc/idl/dcerpc.idl
branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c
branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/dcerpc.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/dcerpc.idl 2006-03-25 11:39:09 UTC (rev 14714)
+++ branches/SAMBA_4_0/source/librpc/idl/dcerpc.idl 2006-03-25 11:40:16 UTC (rev 14715)
@@ -59,6 +59,8 @@
const int DCERPC_BIND_PROVIDER_REJECT = 2;
const int DCERPC_BIND_REASON_ASYNTAX = 1;
+ const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4;
+ const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8;
typedef struct {
uint16 result;
@@ -78,9 +80,18 @@
} dcerpc_bind_ack;
typedef struct {
- uint16 reject_reason;
uint32 num_versions;
uint32 versions[num_versions];
+ } dcerpc_bind_nak_versions;
+
+ typedef [nodiscriminant] union {
+ [case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v;
+ [default] ;
+ } dcerpc_bind_nak_versions_ctr;
+
+ typedef struct {
+ uint16 reject_reason;
+ [switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions;
} dcerpc_bind_nak;
const uint8 DCERPC_RESPONSE_LENGTH = 24;
Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c
===================================================================
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2006-03-25 11:39:09 UTC (rev 14714)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2006-03-25 11:40:16 UTC (rev 14715)
@@ -72,6 +72,11 @@
}
c->event_ctx = ev;
+
+ if (!talloc_reference(c, ev)) {
+ talloc_free(c);
+ return NULL;
+ }
c->call_id = 1;
c->security_state.auth_info = NULL;
c->security_state.session_key = dcerpc_generic_session_key;
@@ -478,6 +483,8 @@
switch (reason) {
case DCERPC_BIND_REASON_ASYNTAX:
return NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX;
+ case DCERPC_BIND_REASON_INVALID_AUTH_TYPE:
+ return NT_STATUS_INVALID_PARAMETER;
}
return NT_STATUS_UNSUCCESSFUL;
}
Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c 2006-03-25 11:39:09 UTC (rev 14714)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c 2006-03-25 11:40:16 UTC (rev 14715)
@@ -433,7 +433,9 @@
pkt.ptype = DCERPC_PKT_BIND_NAK;
pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST;
pkt.u.bind_nak.reject_reason = reason;
- pkt.u.bind_nak.num_versions = 0;
+ if (pkt.u.bind_nak.reject_reason == DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED) {
+ pkt.u.bind_nak.versions.v.num_versions = 0;
+ }
rep = talloc(call, struct data_blob_list_item);
if (!rep) {
@@ -527,8 +529,7 @@
/* handle any authentication that is being requested */
if (!dcesrv_auth_bind(call)) {
- /* TODO: work out the right reject code */
- return dcesrv_bind_nak(call, 0);
+ return dcesrv_bind_nak(call, DCERPC_BIND_REASON_INVALID_AUTH_TYPE);
}
/* setup a bind_ack */
More information about the samba-cvs
mailing list