diff options
author | Volker Lendecke <vl@samba.org> | 2020-08-11 18:09:14 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2020-09-03 13:34:11 +0000 |
commit | 1549dc562806a0c3b4ef39303cf5089e3a891892 (patch) | |
tree | cc5d3383c296040fcaf3bc1b25a9f889cc96ec17 | |
parent | c785fc601dee4eea76aa7bc6046812ae99860a74 (diff) | |
download | samba-1549dc562806a0c3b4ef39303cf5089e3a891892.tar.gz |
tldap: Receiving "msgid == 0" means the connection is dead
We never use msgid=0, see tldap_next_msgid(). RFC4511 section 4.4.1
says that the unsolicited disconnect response uses msgid 0. We don't
parse this message, which supposedly is an extended response: Windows
up to 2019 sends an extended response in an ASN.1 encoding that does
not match RFC4511.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 21 20:37:25 UTC 2020 on sn-devel-184
(cherry picked from commit ccaf661f7c75717341140e3fbfb2a48f96ea952c)
-rw-r--r-- | selftest/knownfail.d/ticket_expiry | 1 | ||||
-rw-r--r-- | source3/lib/tldap.c | 11 |
2 files changed, 11 insertions, 1 deletions
diff --git a/selftest/knownfail.d/ticket_expiry b/selftest/knownfail.d/ticket_expiry deleted file mode 100644 index 04e508a9f8e..00000000000 --- a/selftest/knownfail.d/ticket_expiry +++ /dev/null @@ -1 +0,0 @@ -idmap_ad.ticket_expiry.timeout.DURATION.*\(ad_member_idmap_ad:local\) diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c index af6959ee895..0e39a307728 100644 --- a/source3/lib/tldap.c +++ b/source3/lib/tldap.c @@ -704,6 +704,17 @@ static void tldap_msg_received(struct tevent_req *subreq) tldap_debug(ld, TLDAP_DEBUG_TRACE, "tldap_msg_received: got msg %d " "type %d\n", id, (int)type); + if (id == 0) { + tldap_debug( + ld, + TLDAP_DEBUG_WARNING, + "tldap_msg_received: got msgid 0 of " + "type %"PRIu8", disconnecting\n", + type); + tldap_context_disconnect(ld, TLDAP_SERVER_DOWN); + return; + } + num_pending = talloc_array_length(ld->pending); for (i=0; i<num_pending; i++) { |