The branch, master has been updated
via 497234c1cbded9855b817114a6517c58daa25805 (commit)
from f9c0f889624681c9244140c263b4ed072980dbcc (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 497234c1cbded9855b817114a6517c58daa25805
Author: Andrew Bartlett <abart...@samba.org>
Date: Sat Aug 22 11:09:30 2009 +1000
s4:ntp_signd Fix bug 6656 - Set protocol version to 0, as used by ntpd
The change to protocol version 1 was not intentional, and broke the
protocol established with the ntp.org project.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source4/librpc/idl/ntp_signd.idl | 6 ++++--
source4/ntp_signd/ntp_signd.c | 4 +---
source4/torture/ntp/ntp_signd.c | 3 +--
3 files changed, 6 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/librpc/idl/ntp_signd.idl b/source4/librpc/idl/ntp_signd.idl
index 2b2fbc7..b784205 100644
--- a/source4/librpc/idl/ntp_signd.idl
+++ b/source4/librpc/idl/ntp_signd.idl
@@ -12,6 +12,8 @@
interface ntp_signd
{
+ const int NTP_SIGND_PROTOCOL_VERSION_0 = 0;
+
typedef [v1_enum] enum {
SIGN_TO_CLIENT = 0,
ASK_SERVER_TO_SIGN = 1,
@@ -21,7 +23,7 @@ interface ntp_signd
} ntp_signd_op;
typedef [flag(NDR_BIG_ENDIAN),public] struct {
- uint32 version;
+ [value(NTP_SIGND_PROTOCOL_VERSION_0)] uint32 version;
ntp_signd_op op;
uint16 packet_id;
[flag(NDR_LITTLE_ENDIAN)] uint32 key_id;
@@ -30,7 +32,7 @@ interface ntp_signd
} sign_request;
typedef [flag(NDR_BIG_ENDIAN),public] struct samba_key_out {
- uint32 version;
+ [value(NTP_SIGND_PROTOCOL_VERSION_0)] uint32 version;
ntp_signd_op op;
uint32 packet_id;
[flag(NDR_REMAINING)] DATA_BLOB signed_packet;
diff --git a/source4/ntp_signd/ntp_signd.c b/source4/ntp_signd/ntp_signd.c
index 6c6416d..8ea7fe4 100644
--- a/source4/ntp_signd/ntp_signd.c
+++ b/source4/ntp_signd/ntp_signd.c
@@ -74,7 +74,6 @@ static NTSTATUS signing_failure(struct ntp_signd_connection
*ntp_signdconn,
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- signed_reply.version = 1;
signed_reply.op = SIGNING_FAILURE;
signed_reply.packet_id = packet_id;
signed_reply.signed_packet = data_blob(NULL, 0);
@@ -155,7 +154,7 @@ static NTSTATUS ntp_signd_recv(void *private_data,
DATA_BLOB wrapped_input)
/* We need to implement 'check signature' and 'request server
* to sign' operations at some point */
- if (sign_request.version != 1) {
+ if (sign_request.version != NTP_SIGND_PROTOCOL_VERSION_0) {
talloc_free(tmp_ctx);
return signing_failure(ntp_signdconn, sign_request.packet_id);
}
@@ -214,7 +213,6 @@ static NTSTATUS ntp_signd_recv(void *private_data,
DATA_BLOB wrapped_input)
}
/* Generate the reply packet */
- signed_reply.version = 1;
signed_reply.packet_id = sign_request.packet_id;
signed_reply.op = SIGNING_SUCCESS;
signed_reply.signed_packet = data_blob_talloc(tmp_ctx,
diff --git a/source4/torture/ntp/ntp_signd.c b/source4/torture/ntp/ntp_signd.c
index e82276a..1b3c595 100644
--- a/source4/torture/ntp/ntp_signd.c
+++ b/source4/torture/ntp/ntp_signd.c
@@ -154,7 +154,6 @@ static bool test_ntp_signd(struct torture_context *tctx,
torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate3");
torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
"Credential chaining failed");
- sign_req.version = 1;
sign_req.op = SIGN_TO_CLIENT;
sign_req.packet_id = 1;
sign_req.key_id = rid;
@@ -225,7 +224,7 @@ static bool test_ntp_signd(struct torture_context *tctx,
torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err),
ndr_map_error2string(ndr_err));
torture_assert_u64_equal(tctx, signed_reply.version,
- sign_req.version, "Invalid Version");
+ NTP_SIGND_PROTOCOL_VERSION_0, "Invalid
Version");
torture_assert_u64_equal(tctx, signed_reply.packet_id,
sign_req.packet_id, "Invalid Packet ID");
torture_assert_u64_equal(tctx, signed_reply.op,
--
Samba Shared Repository
