summaryrefslogtreecommitdiffstats
path: root/source4/rpc_server/dcerpc_server.c
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-07-23 14:41:16 +0200
committerStefan Metzmacher <metze@samba.org>2008-07-23 14:46:05 +0200
commit5bb679aa0fe87b5dd7f7c82d09157bc93b8b54cb (patch)
tree535bd10e1a31e49f5dad16eaf5a09518857ad07a /source4/rpc_server/dcerpc_server.c
parenta9c3f4700c16e50b963b83bed9b9699f4e37322c (diff)
downloadsamba-5bb679aa0fe87b5dd7f7c82d09157bc93b8b54cb.tar.gz
samba-5bb679aa0fe87b5dd7f7c82d09157bc93b8b54cb.tar.xz
samba-5bb679aa0fe87b5dd7f7c82d09157bc93b8b54cb.zip
rpc_server: be more strict with the incoming assoc_group_id
Allow 0 and 0x12345678 only. This fixes the RPC-HANDLES test. metze (This used to be commit c123e597cc84685abf2b0d3564e1a26d80bbef2f)
Diffstat (limited to 'source4/rpc_server/dcerpc_server.c')
-rw-r--r--source4/rpc_server/dcerpc_server.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index a2ca897981..ac36825acd 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -543,20 +543,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
uint32_t context_id;
const struct dcesrv_interface *iface;
-#if 0
- /* It is not safe to enable this check - windows clients
- * (WinXP in particular) will use it for NETLOGON calls, for
- * the subsequent SCHANNEL bind. It turns out that NETLOGON
- * calls include no policy handles, so it is safe there. Let
- * the failure occour on the attempt to reuse a poilcy handle,
- * rather than here */
-
- /* Association groups allow policy handles to be shared across
- * multiple client connections. We don't implement this yet. */
- if (call->pkt.u.bind.assoc_group_id != 0) {
+ /*
+ * Association groups allow policy handles to be shared across
+ * multiple client connections. We don't implement this yet.
+ *
+ * So we just allow 0 if the client wants to create a new
+ * association group.
+ *
+ * And we allow the 0x12345678 value, we give away as
+ * assoc_group_id back to the clients
+ */
+ if (call->pkt.u.bind.assoc_group_id != 0 &&
+ call->pkt.u.bind.assoc_group_id != 0x12345678) {
return dcesrv_bind_nak(call, 0);
}
-#endif
if (call->pkt.u.bind.num_contexts < 1 ||
call->pkt.u.bind.ctx_list[0].num_transfer_syntaxes < 1) {