s4-rpc: don't use auth padding in rpc bind requests as it breaks s3

The s3 RPC server returns a bind_nak if it gets a rpc bind with auth
padding. This change forces a padding length of zero to maximimise
compatibility with s3 servers. 

I've left the padding code in as a #if 0 to make it easier for us to
test/fix the s3 server code, which should be changed to correctly
handle arbitrary auth padding in all rpc requests with auth trailers.

1 files changed, 7 insertions, 0 deletions

diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index f41236148a..aafa283fc6 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -83,12 +83,19 @@ NTSTATUS ncacn_push_auth(DATA_BLOB *blob, TALLOC_CTX *mem_ctx,
 	}
 
 	if (auth_info) {
+#if 0
+		/* the s3 rpc server doesn't handle auth padding in
+		   bind requests. Use zero auth padding to keep us
+		   working with old servers */
 		uint32_t offset = ndr->offset;
 		ndr_err = ndr_push_align(ndr, 16);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			return ndr_map_error2ntstatus(ndr_err);
 		}
 		auth_info->auth_pad_length = ndr->offset - offset;
+#else
+		auth_info->auth_pad_length = 0;
+#endif
 		ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			return ndr_map_error2ntstatus(ndr_err);