diff options
-rw-r--r-- | source/librpc/idl/dcerpc.idl | 13 | ||||
-rw-r--r-- | source/librpc/rpc/dcerpc.c | 7 | ||||
-rw-r--r-- | source/rpc_server/dcerpc_server.c | 7 |
3 files changed, 23 insertions, 4 deletions
diff --git a/source/librpc/idl/dcerpc.idl b/source/librpc/idl/dcerpc.idl index e0366adf07b..5a91f669875 100644 --- a/source/librpc/idl/dcerpc.idl +++ b/source/librpc/idl/dcerpc.idl @@ -59,6 +59,8 @@ interface dcerpc const int DCERPC_BIND_PROVIDER_REJECT = 2; const int DCERPC_BIND_REASON_ASYNTAX = 1; + const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4; + const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8; typedef struct { uint16 result; @@ -78,9 +80,18 @@ interface dcerpc } dcerpc_bind_ack; typedef struct { - uint16 reject_reason; uint32 num_versions; uint32 versions[num_versions]; + } dcerpc_bind_nak_versions; + + typedef [nodiscriminant] union { + [case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v; + [default] ; + } dcerpc_bind_nak_versions_ctr; + + typedef struct { + uint16 reject_reason; + [switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions; } dcerpc_bind_nak; const uint8 DCERPC_RESPONSE_LENGTH = 24; diff --git a/source/librpc/rpc/dcerpc.c b/source/librpc/rpc/dcerpc.c index 16721b4b03a..a2cd62d399d 100644 --- a/source/librpc/rpc/dcerpc.c +++ b/source/librpc/rpc/dcerpc.c @@ -72,6 +72,11 @@ struct dcerpc_connection *dcerpc_connection_init(TALLOC_CTX *mem_ctx, } c->event_ctx = ev; + + if (!talloc_reference(c, ev)) { + talloc_free(c); + return NULL; + } c->call_id = 1; c->security_state.auth_info = NULL; c->security_state.session_key = dcerpc_generic_session_key; @@ -478,6 +483,8 @@ static NTSTATUS dcerpc_map_reason(uint16_t reason) switch (reason) { case DCERPC_BIND_REASON_ASYNTAX: return NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX; + case DCERPC_BIND_REASON_INVALID_AUTH_TYPE: + return NT_STATUS_INVALID_PARAMETER; } return NT_STATUS_UNSUCCESSFUL; } diff --git a/source/rpc_server/dcerpc_server.c b/source/rpc_server/dcerpc_server.c index 37026f901f5..4c39333e861 100644 --- a/source/rpc_server/dcerpc_server.c +++ b/source/rpc_server/dcerpc_server.c @@ -433,7 +433,9 @@ static NTSTATUS dcesrv_bind_nak(struct dcesrv_call_state *call, uint32_t reason) pkt.ptype = DCERPC_PKT_BIND_NAK; pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; pkt.u.bind_nak.reject_reason = reason; - pkt.u.bind_nak.num_versions = 0; + if (pkt.u.bind_nak.reject_reason == DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED) { + pkt.u.bind_nak.versions.v.num_versions = 0; + } rep = talloc(call, struct data_blob_list_item); if (!rep) { @@ -527,8 +529,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) /* handle any authentication that is being requested */ if (!dcesrv_auth_bind(call)) { - /* TODO: work out the right reject code */ - return dcesrv_bind_nak(call, 0); + return dcesrv_bind_nak(call, DCERPC_BIND_REASON_INVALID_AUTH_TYPE); } /* setup a bind_ack */ |