diff -u -r samba-3.2.10/source/rpc_server/srv_lsa_nt.c samba-3.2.8/source/rpc_server/srv_lsa_nt.c --- samba-3.2.10/source/rpc_server/srv_lsa_nt.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_lsa_nt.c 2009-02-03 08:10:07.000000000 -0800 @@ -830,10 +830,6 @@ &names, &mapped_count); - if (NT_STATUS_IS_ERR(status)) { - return status; - } - /* Convert from lsa_TranslatedName2 to lsa_TranslatedName */ names_out = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedName, num_sids); diff -u -r samba-3.2.10/source/rpc_server/srv_netlog_nt.c samba-3.2.8/source/rpc_server/srv_netlog_nt.c --- samba-3.2.10/source/rpc_server/srv_netlog_nt.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_netlog_nt.c 2009-02-03 08:10:07.000000000 -0800 @@ -474,32 +474,6 @@ uint32_t srv_flgs; struct netr_Credential srv_chal_out; - /* According to Microsoft (see bugid #6099) - * Windows 7 looks at the negotiate_flags - * returned in this structure *even if the - * call fails with access denied ! So in order - * to allow Win7 to connect to a Samba NT style - * PDC we set the flags before we know if it's - * an error or not. - */ - - /* 0x000001ff */ - srv_flgs = NETLOGON_NEG_ACCOUNT_LOCKOUT | - NETLOGON_NEG_PERSISTENT_SAMREPL | - NETLOGON_NEG_ARCFOUR | - NETLOGON_NEG_PROMOTION_COUNT | - NETLOGON_NEG_CHANGELOG_BDC | - NETLOGON_NEG_FULL_SYNC_REPL | - NETLOGON_NEG_MULTIPLE_SIDS | - NETLOGON_NEG_REDO | - NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL; - - if (lp_server_schannel() != false) { - srv_flgs |= NETLOGON_NEG_SCHANNEL; - } - - *r->out.negotiate_flags = srv_flgs; - /* We use this as the key to store the creds: */ /* r->in.computer_name */ @@ -547,9 +521,16 @@ return NT_STATUS_ACCESS_DENIED; } + srv_flgs = 0x000001ff; + + if (lp_server_schannel() != false) { + srv_flgs |= NETLOGON_NEG_SCHANNEL; + } + /* set up the LSA AUTH 2 response */ memcpy(r->out.return_credentials->data, &srv_chal_out.data, sizeof(r->out.return_credentials->data)); + *r->out.negotiate_flags = srv_flgs; fstrcpy(p->dc->mach_acct, r->in.account_name); fstrcpy(p->dc->remote_machine, r->in.computer_name); @@ -701,7 +682,7 @@ /* set up the LSA Server Password Set response */ memcpy(r->out.return_authenticator, &cred_out, - sizeof(*(r->out.return_authenticator))); + sizeof(r->out.return_authenticator)); TALLOC_FREE(sampass); return status; @@ -1361,10 +1342,11 @@ /**************************************************************** ****************************************************************/ -NTSTATUS _netr_LogonGetCapabilities(pipes_struct *p, - struct netr_LogonGetCapabilities *r) +WERROR _netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p, + struct netr_NETRLOGONDUMMYROUTINE1 *r) { - return NT_STATUS_NOT_IMPLEMENTED; + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; } /**************************************************************** diff -u -r samba-3.2.10/source/rpc_server/srv_pipe.c samba-3.2.8/source/rpc_server/srv_pipe.c --- samba-3.2.10/source/rpc_server/srv_pipe.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_pipe.c 2009-02-03 08:10:07.000000000 -0800 @@ -2101,11 +2101,7 @@ auth_len = p->hdr.auth_len; - if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN || - auth_len > RPC_HEADER_LEN + - RPC_HDR_REQ_LEN + - RPC_HDR_AUTH_LEN + - auth_len) { + if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { DEBUG(0,("Incorrect auth_len %u.\n", (unsigned int)auth_len )); return False; } diff -u -r samba-3.2.10/source/rpc_server/srv_pipe_hnd.c samba-3.2.8/source/rpc_server/srv_pipe_hnd.c --- samba-3.2.10/source/rpc_server/srv_pipe_hnd.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_pipe_hnd.c 2009-02-03 08:10:07.000000000 -0800 @@ -601,7 +601,7 @@ * will not fit in the initial buffer of size 0x1068 --jerry 22/01/2002 */ - if(prs_offset(&p->in_data.data) + data_len > MAX_RPC_DATA_SIZE) { + if(prs_offset(&p->in_data.data) + data_len > 15*1024*1024) { DEBUG(0,("process_request_pdu: rpc data buffer too large (%u) + (%u)\n", (unsigned int)prs_data_size(&p->in_data.data), (unsigned int)data_len )); set_incoming_fault(p); diff -u -r samba-3.2.10/source/rpc_server/srv_samr_nt.c samba-3.2.8/source/rpc_server/srv_samr_nt.c --- samba-3.2.10/source/rpc_server/srv_samr_nt.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_samr_nt.c 2009-02-03 08:10:07.000000000 -0800 @@ -1177,7 +1177,9 @@ *r->out.sam = samr_array; *r->out.num_entries = num_groups; + /* this was missing, IMHO: *r->out.resume_handle = num_groups + *r->in.resume_handle; + */ DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__)); diff -u -r samba-3.2.10/source/rpc_server/srv_spoolss_nt.c samba-3.2.8/source/rpc_server/srv_spoolss_nt.c --- samba-3.2.10/source/rpc_server/srv_spoolss_nt.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_spoolss_nt.c 2009-02-03 08:10:07.000000000 -0800 @@ -4729,10 +4729,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -5090,10 +5086,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -5755,10 +5747,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -6832,10 +6820,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -7212,10 +7196,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -7283,10 +7263,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -7695,10 +7671,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -8108,10 +8080,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -8739,10 +8707,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -8822,10 +8786,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -8954,10 +8914,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -9134,10 +9090,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; @@ -9779,10 +9731,6 @@ return WERR_INVALID_PARAM; } - if (offered > MAX_RPC_DATA_SIZE) { - return WERR_INVALID_PARAM; - } - rpcbuf_move(q_u->buffer, &r_u->buffer); buffer = r_u->buffer; diff -u -r samba-3.2.10/source/rpc_server/srv_srvsvc_nt.c samba-3.2.8/source/rpc_server/srv_srvsvc_nt.c --- samba-3.2.10/source/rpc_server/srv_srvsvc_nt.c 2009-04-01 04:43:23.000000000 -0700 +++ samba-3.2.8/source/rpc_server/srv_srvsvc_nt.c 2009-02-03 08:10:07.000000000 -0800 @@ -2316,8 +2316,6 @@ /*allow one struct srvsvc_NetDiskInfo0 for null terminator*/ - r->out.info->count = 0; - for(i = 0; i < MAX_SERVER_DISK_ENTRIES -1 && (disk_name = next_server_disk_enum(&resume)); i++) { r->out.info->count++;