r4630: for ncacn_np if we don't have an explicit request for one of the

advanced auth types we should do a plain bind. This fixes rpc
connections to ancient servers (like sun cascade)

diff --git a/source/librpc/rpc/dcerpc.h b/source/librpc/rpc/dcerpc.h
index 289e17fb81b6f21b8f25d7d7e3c913630610415e..4e58c3c75f4eff775f91dd42b43bf08f2d7b2720 100644 (file)
--- a/source/librpc/rpc/dcerpc.h
+++ b/source/librpc/rpc/dcerpc.h
@@ -120,8 +120,6 @@ struct dcerpc_pipe {
                                        DCERPC_SCHANNEL_DOMAIN| \
                                        DCERPC_SCHANNEL_WORKSTATION)
 
-#define DCERPC_AUTH_OPTIONS    (DCERPC_SEAL|DCERPC_SIGN|DCERPC_SCHANNEL_ANY)
-
 /* use a 128 bit session key */
 #define DCERPC_SCHANNEL_128            (1<<12)
 
@@ -131,6 +129,8 @@ struct dcerpc_pipe {
 /* set LIBNDR_FLAG_REF_ALLOC flag when decoding NDR */
 #define DCERPC_NDR_REF_ALLOC           (1<<14)
 
+#define DCERPC_AUTH_OPTIONS    (DCERPC_SEAL|DCERPC_SIGN|DCERPC_SCHANNEL_ANY|DCERPC_AUTH_SPNEGO)
+
 /* enable spnego auth */
 #define DCERPC_AUTH_SPNEGO             (1<<15)
 

diff --git a/source/librpc/rpc/dcerpc_util.c b/source/librpc/rpc/dcerpc_util.c
index 534c17678d9e22f9500903044e1cb8455b58830f..992368777c8ce5240e72f00be23ef10ff23b5f2b 100644 (file)
--- a/source/librpc/rpc/dcerpc_util.c
+++ b/source/librpc/rpc/dcerpc_util.c
@@ -882,6 +882,10 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
                talloc_free(p);
                return status;
        }
+
+       if (!(binding->flags & DCERPC_AUTH_OPTIONS)) {
+               username = NULL;
+       }
        
        status = dcerpc_pipe_auth(p, binding, pipe_uuid, pipe_version, domain, username, password);
        if (!NT_STATUS_IS_OK(status)) {