[dcerpc-dev] DCE-RPC with gss negotiate

James Peach jpeach at apple.com
Mon Mar 4 20:47:45 PST 2013 

On 25/02/2013, at 5:53 AM, SaNtosh kuLkarni <santosh.yesoptus at gmail.com> wrote:

> Hi,
> 
> I am trying to develop a DCE-RPC based client which talks to a MSRPC based server running on Windows.
> 
> I configured the DCE/RPC build     with --enable gss-negotiate.
> 
> The security nego flow on the linux rpc client is as follows
> 
>  unsigned32 authn_protocol = rpc_c_authn_gss_negotiate;
>  unsigned32 authn_level = rpc_c_authn_level_pkt_privacy;
> 
>   rpc_binding_set_auth_info (hello_IfHandle, (unsigned_char_p_t)principal,
>                         authn_level,
>                         authn_protocol,NULL,
>                         rpc_c_authz_name, &st);
>         if (st != rpc_s_ok) {
>                 dce_error_inq_text(st, error_text, &error_inq_st);
>                 fprintf(stderr, "Cannot set security authorization for server %s: %s\n", entry_name, error_text);
>         }
> 
> Is there anything else that need to be done.I have developed a similar windows client  which works fine.But when i do the same security api flow and set the protocol and auth level it fails on linux with the following

I'm not sure that we ever worked on the GSS mechanism. We did implement NETLOGON and local auth mechs, but you might have to make some changes to implement GSS. I'd be happy to merge any patches ...

J

> 
> 
> [pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC: 0x9954610 state->INIT_WAIT event->REJ_CONF
> [pid: 020951] [time: 000001] [thread: 099547a8]     [file: cnrcvr.c, line: 1259]
> [pid: 020951] [time: 000001] [thread: 099547a8] (rpc__mem_free) type 23 @ 0xb6900468
> [pid: 020951] [time: 000001] [thread: 099547a8]     [file: rpcmem.c, line: 171]
> [pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC: 0x9954610 new state->CLOSED
> [pid: 020951] [time: 000001] [thread: 099547a8]     [file: cnrcvr.c, line: 1259]
> [pid: 020951] [time: 000001] [thread: 09919008] CN: call_rep->0x994e400 assoc->0x9954610 desc->0x994e258 presentation negotiation failed st = 16c9a046
> [pid: 020951] [time: 000001] [thread: 09919008]     [file: cnassoc.c, line: 819]
> [pid: 020951] [time: 000001] [thread: 09919008] (rpc__cn_call_start) STATE CLIENT CALL:   0 new state->CALL_FAILED_DNE  
> 
> 
> I would be grateful if anyone could guide me on this.Thanks!
> 
> 
> 
> 
> -- 
> Regards,
> Santosh
> _______________________________________________
> dcerpc-dev mailing list
> dcerpc-dev at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/dcerpc-dev

More information about the dcerpc-dev mailing list