From 90e28c1825b2c48714d7b34fdb57d3878116d07e Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 25 Apr 2013 19:57:09 +0200 Subject: s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- source3/rpc_client/cli_pipe.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index a935030965..477853494a 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1802,8 +1802,7 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) status = dcerpc_netr_LogonGetCapabilities_r_recv(subreq, talloc_tos()); TALLOC_FREE(subreq); if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) { - if (state->cli->dc && state->cli->dc->negotiate_flags & - NETLOGON_NEG_SUPPORTS_AES) { + if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { DEBUG(5, ("AES is not supported and the error was %s\n", nt_errstr(status))); tevent_req_nterror(req, @@ -1854,9 +1853,6 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) return; } - TALLOC_FREE(state->cli->dc); - state->cli->dc = talloc_steal(state->cli, state->creds); - if (!NT_STATUS_IS_OK(state->r.out.result)) { DEBUG(0, ("dcerpc_netr_LogonGetCapabilities_r_recv failed with %s\n", nt_errstr(state->r.out.result))); @@ -1864,18 +1860,17 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) return; } - if (state->creds->negotiate_flags != - state->r.out.capabilities->server_capabilities) { - DEBUG(0, ("The client capabilities don't match the server " - "capabilities: local[0x%08X] remote[0x%08X]\n", - state->creds->negotiate_flags, - state->capabilities.server_capabilities)); + if (!(state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES)) { + DEBUG(0, ("netr_LogonGetCapabilities is supported by %s, " + "but AES was not negotiated - downgrade detected", + state->cli->desthost)); tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); return; } - /* TODO: Add downgrade dectection. */ + TALLOC_FREE(state->cli->dc); + state->cli->dc = talloc_move(state->cli, &state->creds); tevent_req_done(req); return; -- cgit