[SCM] Samba Shared Repository - branch master updated

Matthias Dieter Wallnöfer mdw at samba.org
Sun May 30 04:41:54 MDT 2010 

The branch, master has been updated
       via  1cf5be3... s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in conjunction with Windows 2000
      from  76cd237... s4:web_server/wsgi.c - free the "env" and "inputstream" objects on an "asprintf" failure

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1cf5be39e30f9478606a5525eb7beeb21ee83c24
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Sun May 30 12:02:24 2010 +0200

    s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in conjunction with Windows 2000
    
    Windows 2000 does strictly request header signing on some requests also if the
    server doesn't provide it. But there is a small trick (don't reset the actual
    session info) to make these special RPC operations work without a full header
    signing implementation.
    
    This fixes for example the list of domain groups in local groups when displayed
    sing the local user/group management tool.
    
    And this should finally fix bug #7113.
    
    The patch was inspired by another one by tridge and abartlet: http://gitweb.samba.org/samba.git/?p=tridge/samba.git;a=commitdiff;h=2dc19e2878371264606575d3fc09176776be7729

-----------------------------------------------------------------------

Summary of changes:
 source4/rpc_server/dcesrv_auth.c |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 4915c3c..c04a207 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -116,8 +116,18 @@ NTSTATUS dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct ncacn_packe
 			       &dce_conn->auth_state.auth_info->credentials);
 	
 	if (NT_STATUS_IS_OK(status)) {
-		status = gensec_session_info(dce_conn->auth_state.gensec_security,
-					     &dce_conn->auth_state.session_info);
+		if ((call->pkt.pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
+		    && (talloc_get_type(dce_conn->auth_state.session_info,
+					struct auth_session_info) != NULL)) {
+			/* This is a small hack to make some Windows 2000 RPC
+			 * operations work. It should be removed (always call
+			 * "gensec_session_info") when we fully support header
+			 * signing. */
+			status = NT_STATUS_OK;
+		} else {
+			status = gensec_session_info(dce_conn->auth_state.gensec_security,
+						     &dce_conn->auth_state.session_info);
+		}
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status)));
 			return status;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list