[dcerpc-dev] DCE-RPC with gss negotiate

SaNtosh kuLkarni santosh.yesoptus at gmail.com
Mon Feb 25 05:53:33 PST 2013 

Hi,

I am trying to develop a DCE-RPC based client which talks to a MSRPC based
server running on Windows.

I configured the DCE/RPC build     with --enable gss-negotiate.

The security nego flow on the linux rpc client is as follows

 unsigned32 authn_protocol = rpc_c_authn_gss_negotiate;
 unsigned32 authn_level = rpc_c_authn_level_pkt_privacy;

  rpc_binding_set_auth_info (hello_IfHandle, (unsigned_char_p_t)principal,
                        authn_level,
                        authn_protocol,NULL,
                        rpc_c_authz_name, &st);
        if (st != rpc_s_ok) {
                dce_error_inq_text(st, error_text, &error_inq_st);
                fprintf(stderr, "Cannot set security authorization for
server %s: %s\n", entry_name, error_text);
        }

Is there anything else that need to be done.I have developed a similar
windows client  which works fine.But when i do the same security api flow
and set the protocol and auth level it fails on linux with the following


[pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC:
0x9954610 state->INIT_WAIT event->REJ_CONF
[pid: 020951] [time: 000001] [thread: 099547a8]     [file: cnrcvr.c, line:
1259]
[pid: 020951] [time: 000001] [thread: 099547a8] (rpc__mem_free) type 23 @
0xb6900468
[pid: 020951] [time: 000001] [thread: 099547a8]     [file: rpcmem.c, line:
171]
[pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC:
0x9954610 new state->CLOSED
[pid: 020951] [time: 000001] [thread: 099547a8]     [file: cnrcvr.c, line:
1259]
[pid: 020951] [time: 000001] [thread: 09919008] CN: call_rep->0x994e400
assoc->0x9954610 desc->0x994e258 presentation negotiation failed st =
16c9a046
[pid: 020951] [time: 000001] [thread: 09919008]     [file: cnassoc.c, line:
819]
[pid: 020951] [time: 000001] [thread: 09919008] (rpc__cn_call_start) STATE
CLIENT CALL:   0 new state->CALL_FAILED_DNE


I would be grateful if anyone could guide me on this.Thanks!




-- 
*Regards,
Santosh*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/dcerpc-dev/attachments/20130225/e4af8e03/attachment.html>

More information about the dcerpc-dev mailing list