Hi Jeff,
We have updated [MS-NRPC] for the next release to address this issue. We have
added the following Behavior Note to section 3.5.4.4.10:
<197> Section 3.5.4.4.10: Windows RPC layer may return its own error code
instead of STATUS_INVALID_LEVEL. The error code that a client gets depends on where
the calling application is getting the error from:
1. If the client is running on Windows and calling Windows RPC APIs, they may
get the Win32 error code RPC_S_INVALID_TAG ([MS-ERREF] section 2.2).
2. If the client is running on third-party operating systems or getting the
error code from the wire, they may get nca_s_fault_invalid_tag (0x1C000006).
([C706-RSCP] DCE 1.1: Remote Procedure Call - Reject Status Codes and
Parameters).
3. The conversion between the on-the-wire nca_s_fault_invalid_tag and Win32
error code RPC_S_INVALID_TAG is specified in [MS-RPCE] Section 3.1.1.5.5.
I hope that helps.
Yes, thanks!
In addition I think 3.1.4.1 Session-Key Negotiation could be much more verbose
in a way that it would
describe how safe downgrade is possible and how an unsafe downgrade is detected.
metze
_______________________________________________
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
