summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2012-12-11 14:41:34 +0100
committerStefan Metzmacher <metze@samba.org>2012-12-12 11:29:33 +0100
commitc9055a0be444260ddbf44eb13007399bf7dff5e1 (patch)
tree76ced7fec53c4ca09e9e4a4cb59895bacb1e602b
parentf22efd402adf61842dd0a97e462a097e80d878a4 (diff)
downloadsamba-c9055a0be444260ddbf44eb13007399bf7dff5e1.tar.gz
samba-c9055a0be444260ddbf44eb13007399bf7dff5e1.tar.bz2
samba-c9055a0be444260ddbf44eb13007399bf7dff5e1.zip
s3-rpc_server: limit allowed transports for samr_ValidatePassword().
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source3/rpc_server/samr/srv_samr_nt.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index 1065f2ac6a..580638b74d 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -6807,6 +6807,11 @@ NTSTATUS _samr_ValidatePassword(struct pipes_struct *p,
struct samr_GetDomPwInfo pw;
struct samr_PwInfo dom_pw_info;
+ if (p->transport != NCACN_IP_TCP && p->transport != NCALRPC) {
+ p->fault_state = DCERPC_FAULT_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if (r->in.level < 1 || r->in.level > 3) {
return NT_STATUS_INVALID_INFO_CLASS;
}