summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-09-11 09:52:42 -0400
committerGünther Deschner <gd@samba.org>2010-09-23 10:54:25 -0700
commit76f249fb44599450a12b7f0c62f5f3830d203a24 (patch)
tree19a6a374bc5a8a20105f5b764accf01c464b278b
parent926a3f4fcdb82c86dff94a9ac78010d59a04ea1b (diff)
downloadsamba-76f249fb44599450a12b7f0c62f5f3830d203a24.tar.gz
samba-76f249fb44599450a12b7f0c62f5f3830d203a24.tar.bz2
samba-76f249fb44599450a12b7f0c62f5f3830d203a24.zip
s3-dcerps: check auth_type
make sure the auth type used throught the auth operation is consistent. Signed-off-by: Günther Deschner <gd@samba.org>
-rw-r--r--source3/rpc_server/srv_pipe.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 1e369154af..98de58c557 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1201,6 +1201,13 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
* as zero. JRA.
*/
+ if (auth_info.auth_type != p->auth.auth_type) {
+ DEBUG(0, ("Auth type mismatch! Client sent %d, "
+ "but auth was started as type %d!\n",
+ auth_info.auth_type, p->auth.auth_type));
+ goto err;
+ }
+
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_NTLMSSP:
ntlmssp_ctx = talloc_get_type_abort(p->auth.auth_ctx,
@@ -1344,6 +1351,14 @@ static bool api_pipe_alter_context(struct pipes_struct *p,
goto err_exit;
}
+ if (auth_info.auth_type != p->auth.auth_type) {
+ DEBUG(0, ("Auth type mismatch! Client sent %d, "
+ "but auth was started as type %d!\n",
+ auth_info.auth_type, p->auth.auth_type));
+ goto err_exit;
+ }
+
+
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
spnego_ctx = talloc_get_type_abort(p->auth.auth_ctx,