[Patches] fix client side ncacn_np:server[packet] handling

Stefan Metzmacher metze at samba.org
Thu Dec 29 21:18:36 UTC 2016


Hi,

here're some patches to fix the problems with DCERPC_AUTH_LEVEL_PACKET,
it's important that we handle this in the same way as
DCERPC_AUTH_LEVEL_INTEGRITY.

Please review and push:-)

Thanks!
metze
-------------- next part --------------
From 8c54dbfc80631d50dfad983a8b0fe37f04431075 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Thu, 29 Dec 2016 11:11:50 +0100
Subject: [PATCH 1/2] s4:librpc/rpc: don't do an anonymous bind over
 ncacn_np:server[packet]

DCERPC_AUTH_LEVEL_PACKET is basically the same as
DCERPC_AUTH_LEVEL_INTEGRITY.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
 source4/librpc/rpc/dcerpc_util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index 85356cf..39f7d87 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -661,7 +661,7 @@ struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
 	 * if not doing sign or seal
 	 */
 	if (conn->transport.transport == NCACN_NP &&
-	    !(conn->flags & (DCERPC_SIGN|DCERPC_SEAL))) {
+	    !(conn->flags & (DCERPC_PACKET|DCERPC_SIGN|DCERPC_SEAL))) {
 		auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe, s->table);
 		composite_continue(c, auth_none_req, continue_auth_none, c);
 		return c;
-- 
1.9.1


From afebaf6a9daa32b8a34a5e02dc796491ea8ae617 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Thu, 29 Dec 2016 11:13:55 +0100
Subject: [PATCH 2/2] s4:librpc/rpc: make sure we handle DCERPC_PACKET before
 DCERPC_CONNECT

Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
 source4/librpc/rpc/dcerpc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index bdebf79..a0b00af 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -2051,10 +2051,10 @@ uint32_t dcerpc_auth_level(struct dcecli_connection *c)
 		auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
 	} else if (c->flags & DCERPC_SIGN) {
 		auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
-	} else if (c->flags & DCERPC_CONNECT) {
-		auth_level = DCERPC_AUTH_LEVEL_CONNECT;
 	} else if (c->flags & DCERPC_PACKET) {
 		auth_level = DCERPC_AUTH_LEVEL_PACKET;
+	} else if (c->flags & DCERPC_CONNECT) {
+		auth_level = DCERPC_AUTH_LEVEL_CONNECT;
 	} else {
 		auth_level = DCERPC_AUTH_LEVEL_NONE;
 	}
-- 
1.9.1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20161229/d72e066c/signature.sig>


More information about the samba-technical mailing list