[SCM] Samba Shared Repository - branch master updated

Sun, 30 May 2010 03:42:04 -0700 

The branch, master has been updated
       via  1cf5be3... s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in 
conjunction with Windows 2000
      from  76cd237... s4:web_server/wsgi.c - free the "env" and "inputstream" 
objects on an "asprintf" failure

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1cf5be39e30f9478606a5525eb7beeb21ee83c24
Author: Matthias Dieter Wallnöfer <[email protected]>
Date:   Sun May 30 12:02:24 2010 +0200

    s4:rpc_server/dcesrv_auth.c - Fix a RPC issue in conjunction with Windows 
2000
    
    Windows 2000 does strictly request header signing on some requests also if 
the
    server doesn't provide it. But there is a small trick (don't reset the 
actual
    session info) to make these special RPC operations work without a full 
header
    signing implementation.
    
    This fixes for example the list of domain groups in local groups when 
displayed
    sing the local user/group management tool.
    
    And this should finally fix bug #7113.
    
    The patch was inspired by another one by tridge and abartlet: 
http://gitweb.samba.org/samba.git/?p=tridge/samba.git;a=commitdiff;h=2dc19e2878371264606575d3fc09176776be7729

-----------------------------------------------------------------------

Summary of changes:
 source4/rpc_server/dcesrv_auth.c |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 4915c3c..c04a207 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -116,8 +116,18 @@ NTSTATUS dcesrv_auth_bind_ack(struct dcesrv_call_state 
*call, struct ncacn_packe
                               &dce_conn->auth_state.auth_info->credentials);
        
        if (NT_STATUS_IS_OK(status)) {
-               status = 
gensec_session_info(dce_conn->auth_state.gensec_security,
-                                            
&dce_conn->auth_state.session_info);
+               if ((call->pkt.pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
+                   && (talloc_get_type(dce_conn->auth_state.session_info,
+                                       struct auth_session_info) != NULL)) {
+                       /* This is a small hack to make some Windows 2000 RPC
+                        * operations work. It should be removed (always call
+                        * "gensec_session_info") when we fully support header
+                        * signing. */
+                       status = NT_STATUS_OK;
+               } else {
+                       status = 
gensec_session_info(dce_conn->auth_state.gensec_security,
+                                                    
&dce_conn->auth_state.session_info);
+               }
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(1, ("Failed to establish session_info: %s\n", 
nt_errstr(status)));
                        return status;


-- 
Samba Shared Repository

Reply via email to