From b495bb246c474cdac37e8176457c94262836e21f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 21 Nov 2005 02:52:33 +0000 Subject: r11816: this fixes some of the problems with the recent async rpc changes and ncacn_ip_tcp/ncalrpc. The problem was that svn revision 11809 removed the logic that forced the CONNECT auth type for authenticated binds which don't have an explicit SIGN or SEAL flag set. (This used to be commit e7a1f11e8bcba3839f74c7303bd82533a6acfbcd) --- source4/librpc/rpc/dcerpc_util.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'source4/librpc/rpc') diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index 400a8b5e21..c3e928b6f1 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -975,6 +975,18 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p, */ uint8_t auth_type; + + if ((p->conn->flags & (DCERPC_SIGN|DCERPC_SEAL)) == 0) { + /* + we are doing an authenticated connection, + but not using sign or seal. We must force + the CONNECT dcerpc auth type as a NONE auth + type doesn't allow authentication + information to be passed. + */ + p->conn->flags |= DCERPC_CONNECT; + } + if (binding->flags & DCERPC_AUTH_SPNEGO) { auth_type = DCERPC_AUTH_TYPE_SPNEGO; } else if (binding->flags & DCERPC_AUTH_KRB5) { -- cgit