From e3a272c3f23139e69c4e671e6b7b756d727c4e61 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 16 Feb 2010 22:18:16 +1100 Subject: s4-rpc: don't use auth padding in rpc bind requests as it breaks s3 The s3 RPC server returns a bind_nak if it gets a rpc bind with auth padding. This change forces a padding length of zero to maximimise compatibility with s3 servers. I've left the padding code in as a #if 0 to make it easier for us to test/fix the s3 server code, which should be changed to correctly handle arbitrary auth padding in all rpc requests with auth trailers. --- source4/librpc/rpc/dcerpc_util.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source4') diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index f41236148a..aafa283fc6 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -83,12 +83,19 @@ NTSTATUS ncacn_push_auth(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, } if (auth_info) { +#if 0 + /* the s3 rpc server doesn't handle auth padding in + bind requests. Use zero auth padding to keep us + working with old servers */ uint32_t offset = ndr->offset; ndr_err = ndr_push_align(ndr, 16); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return ndr_map_error2ntstatus(ndr_err); } auth_info->auth_pad_length = ndr->offset - offset; +#else + auth_info->auth_pad_length = 0; +#endif ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return ndr_map_error2ntstatus(ndr_err); -- cgit