diff options
| author | Tim Potter <tpot@samba.org> | 2002-06-03 03:02:39 +0000 |
|---|---|---|
| committer | Tim Potter <tpot@samba.org> | 2002-06-03 03:02:39 +0000 |
| commit | c3bd192703c6a0360f6fa7eef9e13bc32949c5eb (patch) | |
| tree | 56d8dd29d8d2e98e311c0a29aa8eb032ea8dc373 /source3 | |
| parent | d706b5dc555bd61670359955770cb85ed0ce2896 (diff) | |
| download | samba-c3bd192703c6a0360f6fa7eef9e13bc32949c5eb.tar.gz samba-c3bd192703c6a0360f6fa7eef9e13bc32949c5eb.tar.bz2 samba-c3bd192703c6a0360f6fa7eef9e13bc32949c5eb.zip | |
Restrict anonymous checks for the SAMR pipe. This is done by
returning access denied for a SAMR_CONNECT by an anonymous user which
seems to be the way 2K does it rather than blocking individual RPC
calls like NT.
Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason
doesn't require a policy handle to return information. No idea what
it's actually used.
(This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 7c16bc7128..066a293414 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2026,6 +2026,14 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO { struct samr_info *info = NULL; + /* Access check */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect_anon\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + /* set up the SAMR connect_anon response */ r_u->status = NT_STATUS_OK; @@ -2053,6 +2061,14 @@ NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u DEBUG(5,("_samr_connect: %d\n", __LINE__)); + /* Access check */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + r_u->status = NT_STATUS_OK; /* associate the user's SID with the new handle. */ @@ -3594,7 +3610,18 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ NTSTATUS _samr_get_dom_pwinfo(pipes_struct *p, SAMR_Q_GET_DOM_PWINFO *q_u, SAMR_R_GET_DOM_PWINFO *r_u) { + /* Perform access check. Since this rpc does not require a + policy handle it will not be caught by the access checks on + SAMR_CONNECT or SAMR_CONNECT_ANON. */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_get_dom_pwinfo\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + /* Actually, returning zeros here works quite well :-). */ + return NT_STATUS_OK; } |