From ff573597613e8253ff1b9d6c6a69cd127a9e4fb5 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 25 Mar 2006 11:40:16 +0000
Subject: r14715: Correct the definition of the DCE/RPC bind_nak, per the
 OpenGroup spec.

This allows us to correctly parse the bind_nak from NT4, when we use
an invalid auth type (the unsupported SPNEGO)..

Andrew Bartlett
(This used to be commit ce0c7f86fd5eeeacad885d732b66c65ac9103ace)
---
 source4/librpc/idl/dcerpc.idl      | 13 ++++++++++++-
 source4/librpc/rpc/dcerpc.c        |  7 +++++++
 source4/rpc_server/dcerpc_server.c |  7 ++++---
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl
index e0366adf07..5a91f66987 100644
--- a/source4/librpc/idl/dcerpc.idl
+++ b/source4/librpc/idl/dcerpc.idl
@@ -59,6 +59,8 @@ interface dcerpc
 
 	const int DCERPC_BIND_PROVIDER_REJECT = 2;
 	const int DCERPC_BIND_REASON_ASYNTAX  = 1;
+	const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4;
+	const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8;
 
 	typedef struct {
 		uint16 result;
@@ -78,9 +80,18 @@ interface dcerpc
 	} dcerpc_bind_ack;
 
 	typedef struct {
-		uint16 reject_reason;
 		uint32 num_versions;
 		uint32 versions[num_versions];
+	} dcerpc_bind_nak_versions;
+	
+	typedef [nodiscriminant] union {
+		[case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v;
+		[default] ;
+	} dcerpc_bind_nak_versions_ctr;
+
+	typedef struct {
+		uint16 reject_reason;
+		[switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions;
 	} dcerpc_bind_nak;
 
 	const uint8 DCERPC_RESPONSE_LENGTH = 24;
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 16721b4b03..a2cd62d399 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -72,6 +72,11 @@ struct dcerpc_connection *dcerpc_connection_init(TALLOC_CTX *mem_ctx,
 	}
 
 	c->event_ctx = ev;
+	
+	if (!talloc_reference(c, ev)) {
+		talloc_free(c);
+		return NULL;
+	}
 	c->call_id = 1;
 	c->security_state.auth_info = NULL;
 	c->security_state.session_key = dcerpc_generic_session_key;
@@ -478,6 +483,8 @@ static NTSTATUS dcerpc_map_reason(uint16_t reason)
 	switch (reason) {
 	case DCERPC_BIND_REASON_ASYNTAX:
 		return NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX;
+	case DCERPC_BIND_REASON_INVALID_AUTH_TYPE:
+		return NT_STATUS_INVALID_PARAMETER;
 	}
 	return NT_STATUS_UNSUCCESSFUL;
 }
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index 37026f901f..4c39333e86 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -433,7 +433,9 @@ static NTSTATUS dcesrv_bind_nak(struct dcesrv_call_state *call, uint32_t reason)
 	pkt.ptype = DCERPC_PKT_BIND_NAK;
 	pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST;
 	pkt.u.bind_nak.reject_reason = reason;
-	pkt.u.bind_nak.num_versions = 0;
+	if (pkt.u.bind_nak.reject_reason == DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED) {
+		pkt.u.bind_nak.versions.v.num_versions = 0;
+	}
 
 	rep = talloc(call, struct data_blob_list_item);
 	if (!rep) {
@@ -527,8 +529,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 
 	/* handle any authentication that is being requested */
 	if (!dcesrv_auth_bind(call)) {
-		/* TODO: work out the right reject code */
-		return dcesrv_bind_nak(call, 0);
+		return dcesrv_bind_nak(call, DCERPC_BIND_REASON_INVALID_AUTH_TYPE);
 	}
 
 	/* setup a bind_ack */
-- 
cgit