git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c438226
)
s4-lsa: Fix dcesrv_lsa_EnumTrustDom() and avoid infite windows client loop.
author
Günther Deschner
<gd@samba.org>
Wed, 21 Oct 2009 00:18:54 +0000
(
02:18
+0200)
committer
Karolin Seeger
<kseeger@samba.org>
Thu, 26 Nov 2009 10:39:43 +0000
(11:39 +0100)
Found by RPC-LSA-TRUSTED-DOMAIN torture test.
Guenther
(cherry picked from commit
4b6cfbb6d27eea07400d0eacb08b2f69724b19ca
)
(cherry picked from commit
b2b836330c7c75130675354937a5609df54718c0
)
source4/rpc_server/lsa/dcesrv_lsa.c
patch
|
blob
|
history
diff --git
a/source4/rpc_server/lsa/dcesrv_lsa.c
b/source4/rpc_server/lsa/dcesrv_lsa.c
index 3d6352af46b98998fb78389257123a3852e24c7f..cf1a893a6eed12cdb7ca6821bb5159b27551308d 100644
(file)
--- a/
source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/
source4/rpc_server/lsa/dcesrv_lsa.c
@@
-1660,6
+1660,15
@@
static NTSTATUS dcesrv_lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALL
return STATUS_MORE_ENTRIES;
}
+ /* according to MS-LSAD 3.1.4.7.8 output resume handle MUST
+ * always be larger than the previous input resume handle, in
+ * particular when hitting the last query it is vital to set the
+ * resume handle correctly to avoid infinite client loops, as
+ * seen e.g. with Windows XP SP3 when resume handle is 0 and
+ * status is NT_STATUS_OK - gd */
+
+ *r->out.resume_handle = (uint32_t)-1;
+
return NT_STATUS_OK;
}