summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-10-23 11:02:43 +0200
committerStefan Metzmacher <metze@samba.org>2010-10-23 11:02:43 +0200
commitf0879fc3b2dbdf9508443429cdb242f759d31cfe (patch)
treed0ebba3e8661f7f611837cb32bbc96170f7fff02
parentc2696b2ec37815a1bc0594295b6fe81b3e156c11 (diff)
downloadsamba-f0879fc3b2dbdf9508443429cdb242f759d31cfe.tar.gz
samba-f0879fc3b2dbdf9508443429cdb242f759d31cfe.tar.bz2
samba-f0879fc3b2dbdf9508443429cdb242f759d31cfe.zip
s4:rpc_server/netlogon: netr_ServerAuthenticate3 should reject invalid sec_channel_types early
metze
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 0f4d7465b5..1e45207da9 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -125,6 +125,19 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
NETLOGON_NEG_AUTHENTICATED_RPC_LSASS |
NETLOGON_NEG_AUTHENTICATED_RPC;
+ switch (r->in.secure_channel_type) {
+ case SEC_CHAN_WKSTA:
+ case SEC_CHAN_DNS_DOMAIN:
+ case SEC_CHAN_DOMAIN:
+ case SEC_CHAN_BDC:
+ case SEC_CHAN_RODC:
+ break;
+ default:
+ DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
+ r->in.secure_channel_type));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx,
system_session(dce_call->conn->dce_ctx->lp_ctx), 0);
if (sam_ctx == NULL) {
@@ -221,9 +234,8 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
return NT_STATUS_ACCESS_DENIED;
}
} else {
- DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
- r->in.secure_channel_type));
- return NT_STATUS_ACCESS_DENIED;
+ /* we should never reach this */
+ return NT_STATUS_INTERNAL_ERROR;
}
*r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0],