They both had the same lifetime and the disconnect case is now
caught by auth->auth_invalid = true.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
call->conn->allow_bind = false;
call->conn->allow_alter = false;
call->conn->allow_bind = false;
call->conn->allow_alter = false;
- call->conn->allow_request = false;
call->conn->default_auth_state->auth_invalid = true;
call->conn->default_auth_state->auth_invalid = true;
struct ndr_pull *pull;
NTSTATUS status;
struct ndr_pull *pull;
NTSTATUS status;
- if (!call->conn->allow_request) {
+ if (!auth->auth_finished) {
return dcesrv_fault_disconnect(call, DCERPC_NCA_S_PROTO_ERROR);
}
return dcesrv_fault_disconnect(call, DCERPC_NCA_S_PROTO_ERROR);
}
/* we have to check the signing here, before combining the
pdus */
if (call->pkt.ptype == DCERPC_PKT_REQUEST) {
/* we have to check the signing here, before combining the
pdus */
if (call->pkt.ptype == DCERPC_PKT_REQUEST) {
- if (!call->conn->allow_request) {
+ if (!call->auth_state->auth_finished) {
return dcesrv_fault_disconnect(call,
DCERPC_NCA_S_PROTO_ERROR);
}
return dcesrv_fault_disconnect(call,
DCERPC_NCA_S_PROTO_ERROR);
}
dce_conn->allow_bind = false;
dce_conn->allow_alter = false;
dce_conn->allow_bind = false;
dce_conn->allow_alter = false;
- dce_conn->allow_request = false;
dce_conn->default_auth_state->auth_invalid = true;
dce_conn->default_auth_state->auth_invalid = true;
*/
bool allow_bind;
bool allow_alter;
*/
bool allow_bind;
bool allow_alter;
/* the association group the connection belongs to */
struct dcesrv_assoc_group *assoc_group;
/* the association group the connection belongs to */
struct dcesrv_assoc_group *assoc_group;
NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
{
NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
{
- struct dcesrv_connection *dce_conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
const char *pdu = "<unknown>";
struct dcesrv_auth *auth = call->auth_state;
const char *pdu = "<unknown>";
return status;
}
auth->auth_finished = true;
return status;
}
auth->auth_finished = true;
- dce_conn->allow_request = true;
if (call->pkt.ptype != DCERPC_PKT_AUTH3) {
return NT_STATUS_OK;
if (call->pkt.ptype != DCERPC_PKT_AUTH3) {
return NT_STATUS_OK;
if (call->pkt.auth_length == 0) {
auth->auth_finished = true;
if (call->pkt.auth_length == 0) {
auth->auth_finished = true;
- dce_conn->allow_request = true;
DATA_BLOB *payload_and_verifier)
{
struct ncacn_packet *pkt = &call->pkt;
DATA_BLOB *payload_and_verifier)
{
struct ncacn_packet *pkt = &call->pkt;
- struct dcesrv_connection *dce_conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
const struct dcerpc_auth tmp_auth = {
.auth_type = auth->auth_type,
struct dcesrv_auth *auth = call->auth_state;
const struct dcerpc_auth tmp_auth = {
.auth_type = auth->auth_type,
- if (!dce_conn->allow_request) {
+ if (!auth->auth_finished) {
call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
return false;
}
call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
return false;
}