dcerpc_util: let dcerpc_pull_auth_trailer() expose the reject reason

author Stefan Metzmacher <metze@samba.org>

Wed, 11 Nov 2020 16:59:45 +0000 (17:59 +0100)

committer Jule Anger <janger@samba.org>

Thu, 7 Nov 2024 08:18:16 +0000 (08:18 +0000)
author Stefan Metzmacher <metze@samba.org>
Wed, 11 Nov 2020 16:59:45 +0000 (17:59 +0100)
committer Jule Anger <janger@samba.org>
Thu, 7 Nov 2024 08:18:16 +0000 (08:18 +0000)
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c

index 8684df35b7fef67a7043260df392276dad443959..ffe80f3182df3a6d958f5affc8d3cb0b0c85c091 100644 (file)
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -278,7 +278,7 @@ NTSTATUS dcerpc_pull_auth_trailer(const struct ncacn_packet *pkt,
  
         auth_length = DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length;
         if (pkt_trailer->length < auth_length) {
-               return NT_STATUS_RPC_PROTOCOL_ERROR;
+               return NT_STATUS_INTERNAL_ERROR;
         }
  
         data_and_pad = pkt_trailer->length - auth_length;
@@ -286,6 +286,7 @@ NTSTATUS dcerpc_pull_auth_trailer(const struct ncacn_packet *pkt,
         if ((auth_offset % 4) != 0) {
                 DBG_WARNING("auth_offset[%u] not 4 byte aligned\n",
                             (unsigned)auth_offset);
+               auth->auth_context_id = DCERPC_BIND_NAK_REASON_NOT_SPECIFIED;
                 return NT_STATUS_RPC_PROTOCOL_ERROR;
         }
  
@@ -349,6 +350,7 @@ NTSTATUS dcerpc_pull_auth_trailer(const struct ncacn_packet *pkt,
                           auth->auth_pad_length));
                 talloc_free(ndr);
                 ZERO_STRUCTP(auth);
+               auth->auth_context_id = DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED;
                 return NT_STATUS_RPC_PROTOCOL_ERROR;
         }
  
@@ -378,6 +380,7 @@ NTSTATUS dcerpc_pull_auth_trailer(const struct ncacn_packet *pkt,
                             auth->auth_pad_length);
                 talloc_free(ndr);
                 ZERO_STRUCTP(auth);
+               auth->auth_context_id = DCERPC_BIND_NAK_REASON_NOT_SPECIFIED;
                 return NT_STATUS_RPC_PROTOCOL_ERROR;
         }
  
diff --git a/librpc/rpc/dcesrv_auth.c b/librpc/rpc/dcesrv_auth.c

index 1fc6255892daace6dd7bc2050c83d2412a83745a..5c3190a82ebfc434fed7e5cd26e2c3fef6952680 100644 (file)
--- a/librpc/rpc/dcesrv_auth.c
+++ b/librpc/rpc/dcesrv_auth.c
@@ -320,8 +320,13 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
                  */
                 auth->auth_type = DCERPC_AUTH_TYPE_NONE;
                 auth->auth_level = DCERPC_AUTH_LEVEL_NONE;
-               auth->auth_context_id =
-                       DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED;
+               if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTOCOL_ERROR)) {
+                       auth->auth_context_id =
+                               call->in_auth_info.auth_context_id;
+               } else {
+                       auth->auth_context_id =
+                               DCERPC_BIND_NAK_REASON_NOT_SPECIFIED;
+               }
                 return false;
         }
  
diff --git a/selftest/knownfail.d/dcerpc-auth-pad b/selftest/knownfail.d/dcerpc-auth-pad

index 9ea88114ce7ff78ba8b64200fa7d04bbe479b483..ae54bd75cc979b7d314d3c25068d38e716a9c945 100644 (file)
--- a/selftest/knownfail.d/dcerpc-auth-pad
+++ b/selftest/knownfail.d/dcerpc-auth-pad
@@ -6,8 +6,6 @@
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_ntlm_auth3
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_spnego_alter
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_mid_pad_spnego_auth3
-^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_bind_align2_ntlm
-^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_bind_align2_spnego
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_ntlm
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_spnego
  ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_alter
author	Stefan Metzmacher <metze@samba.org>
	Wed, 11 Nov 2020 16:59:45 +0000 (17:59 +0100)
committer	Jule Anger <janger@samba.org>
	Thu, 7 Nov 2024 08:18:16 +0000 (08:18 +0000)
librpc/rpc/dcerpc_util.c		patch \| blob \| blame \| history
librpc/rpc/dcesrv_auth.c		patch \| blob \| blame \| history
selftest/knownfail.d/dcerpc-auth-pad		patch \| blob \| blame \| history