[SCM] Samba Shared Repository - branch v4-0-test updated
- release-4-0-0alpha5-107-g532ccbb
Stefan (metze) Metzmacher
metze at samba.org
Wed Jul 23 08:32:11 GMT 2008
Andrew Bartlett schrieb:
> The branch, v4-0-test has been updated
> via 532ccbbe7aa360440f455dfa136f425b9996e998 (commit)
> via f8628fa330abcd50923d995d5bda1f4811582ea9 (commit)
> via 1c909973977ae117703c1ccf7589acc4625e76e5 (commit)
> from b91bbc5fe4a47e5823be6be5f2f203f1f14105de (commit)
>
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
>
>
> - Log -----------------------------------------------------------------
> commit 532ccbbe7aa360440f455dfa136f425b9996e998
> Merge: f8628fa330abcd50923d995d5bda1f4811582ea9 b91bbc5fe4a47e5823be6be5f2f203f1f14105de
> Author: Andrew Bartlett <abartlet at samba.org>
> Date: Wed Jul 23 16:15:46 2008 +1000
>
> Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
>
> commit f8628fa330abcd50923d995d5bda1f4811582ea9
> Author: Andrew Bartlett <abartlet at samba.org>
> Date: Wed Jul 23 16:14:20 2008 +1000
>
> Remove the 'accoc_group_id' check in the RPC server.
>
> This check breaks more than it fixes, and while technically not
> correct, is the best solution we have at this time. Otherwise,
> SCHANNEL binds from WinXP fail.
>
> Andrew Bartlett
>
> commit 1c909973977ae117703c1ccf7589acc4625e76e5
> Author: Andrew Bartlett <abartlet at samba.org>
> Date: Wed Jul 23 13:49:00 2008 +1000
>
> Explain where some other OIDs are allocated.
>
> This is an odd place for an OID registry - we perhaps need a central
> wiki page.
>
> Andrew Bartlett
>
> -----------------------------------------------------------------------
>
> Summary of changes:
> source/rpc_server/dcerpc_server.c | 11 +++++++++++
> source/setup/schema_samba4.ldif | 6 ++++++
> 2 files changed, 17 insertions(+), 0 deletions(-)
>
>
> Changeset truncated at 500 lines:
>
> diff --git a/source/rpc_server/dcerpc_server.c b/source/rpc_server/dcerpc_server.c
> index d8dafd6..91ae5fc 100644
> --- a/source/rpc_server/dcerpc_server.c
> +++ b/source/rpc_server/dcerpc_server.c
> @@ -534,9 +534,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
> uint32_t context_id;
> const struct dcesrv_interface *iface;
>
> +#if 0
> + /* It is not safe to enable this check - windows clients
> + * (WinXP in particular) will use it for NETLOGON calls, for
> + * the subsequent SCHANNEL bind. It turns out that NETLOGON
> + * calls include no policy handles, so it is safe there. Let
> + * the failure occour on the attempt to reuse a poilcy handle,
> + * rather than here */
> +
> + /* Association groups allow policy handles to be shared across
> + * multiple client connections. We don't implement this yet. */
> if (call->pkt.u.bind.assoc_group_id != 0) {
> return dcesrv_bind_nak(call, 0);
> }
> +#endif
I think we should just allow 0 or the 0x12345678 value we give away
and fail all other values...
Would that be enough to make WinXP work?
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20080723/983aad52/signature.bin
More information about the samba-technical
mailing list