TALLOC_FREE(call->context);
+ if (call->fault_code == DCERPC_NCA_S_PROTO_ERROR) {
+ return dcesrv_bind_nak(call,
+ DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED);
+ }
+
if (auth->auth_level != DCERPC_AUTH_LEVEL_NONE) {
/*
* We only give INVALID_AUTH_TYPE if the auth_level was
/* handle the auth3 in the auth code */
if (!dcesrv_auth_auth3(call)) {
call->conn->auth_state.auth_invalid = true;
+ if (call->fault_code != 0) {
+ return dcesrv_fault_disconnect(call, call->fault_code);
+ }
}
talloc_free(call);
auth_ok = dcesrv_auth_alter(call);
if (!auth_ok) {
- if (call->in_auth_info.auth_type == DCERPC_AUTH_TYPE_NONE) {
- return dcesrv_fault_disconnect(call,
- DCERPC_FAULT_ACCESS_DENIED);
+ if (call->fault_code != 0) {
+ return dcesrv_fault_disconnect(call, call->fault_code);
}
}
&call->in_auth_info,
NULL, true);
if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * This will cause a
+ * DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED
+ * in the caller
+ */
+ call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
return false;
}
status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.auth3.auth_info,
&call->in_auth_info, NULL, true);
if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * Windows returns DCERPC_NCA_S_FAULT_REMOTE_NO_MEMORY
+ * instead of DCERPC_NCA_S_PROTO_ERROR.
+ */
+ call->fault_code = DCERPC_NCA_S_FAULT_REMOTE_NO_MEMORY;
return false;
}
}
if (dce_conn->auth_state.auth_finished) {
+ call->fault_code = DCERPC_FAULT_ACCESS_DENIED;
return false;
}
status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.alter.auth_info,
&call->in_auth_info, NULL, true);
if (!NT_STATUS_IS_OK(status)) {
+ call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
+ return false;
+ }
+
+ if (call->in_auth_info.auth_type == DCERPC_AUTH_TYPE_NONE) {
+ call->fault_code = DCERPC_FAULT_ACCESS_DENIED;
return false;
}