diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-04-10 10:13:57 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:11:29 -0500 |
commit | 3ae4d872f5292f5620fc2d75b3c5434c52d726a1 (patch) | |
tree | 0d15069bcb730245d00e99c9903ae7e1d30e4029 /source4 | |
parent | 6d1ae6d35aca66cff090d40927da1ac093dc65ce (diff) | |
download | samba-3ae4d872f5292f5620fc2d75b3c5434c52d726a1.tar.gz samba-3ae4d872f5292f5620fc2d75b3c5434c52d726a1.tar.bz2 samba-3ae4d872f5292f5620fc2d75b3c5434c52d726a1.zip |
r6272: For 'programmed' use of an anonymous account, we should use
cli_credentials_set_conf(), not cli_credentials_guess().
Also, clarify why for particular flags, we don't do a DCERPC-level
authentication.
Andrew Bartlett
(This used to be commit 838925761d004a1426107f4c5c84d0276fddb2c0)
Diffstat (limited to 'source4')
-rw-r--r-- | source4/librpc/rpc/dcerpc_util.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index f45ae92bab..d1d9977b39 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -806,8 +806,8 @@ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *bind struct cli_credentials *anon_creds = cli_credentials_init(mem_ctx); + cli_credentials_set_conf(anon_creds); cli_credentials_set_anonymous(anon_creds); - cli_credentials_guess(anon_creds); /* First, check if there is a default endpoint specified in the IDL */ @@ -939,7 +939,14 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p, } else if (!cli_credentials_is_anonymous(credentials) && !(binding->transport == NCACN_NP && !(binding->flags & DCERPC_SIGN) && - !(binding->flags & DCERPC_SEAL))) { + !(binding->flags & DCERPC_SEAL))) { + + /* Perform an authenticated DCE-RPC bind, except where + * we ask for a connection on NCACN_NP, and that + * connection is not signed or sealed. For that case + * we rely on the already authenicated CIFS connection + */ + uint8_t auth_type; if (binding->flags & DCERPC_AUTH_SPNEGO) { auth_type = DCERPC_AUTH_TYPE_SPNEGO; |