diff options
author | Andreas Schneider <asn@samba.org> | 2012-06-29 17:59:17 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2012-07-06 10:00:58 +0200 |
commit | 1744e99d0a339824a4e73038dccd673920f0c7bb (patch) | |
tree | 4301f987575cd03f287f5d6ac9191ac48158f9ad /source4/rpc_server/lsa/dcesrv_lsa.c | |
parent | 997c780d24d8f59890ffe92c26107ff4f544a038 (diff) | |
download | samba-1744e99d0a339824a4e73038dccd673920f0c7bb.tar.gz samba-1744e99d0a339824a4e73038dccd673920f0c7bb.tar.bz2 samba-1744e99d0a339824a4e73038dccd673920f0c7bb.zip |
s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for np
Diffstat (limited to 'source4/rpc_server/lsa/dcesrv_lsa.c')
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index cece2b7523..bdd0777757 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -144,8 +144,13 @@ static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_ static NTSTATUS dcesrv_lsa_Close(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct lsa_Close *r) { + enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport; struct dcesrv_handle *h; + if (transport != NCACN_NP && transport != NCALRPC) { + DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED); + } + *r->out.handle = *r->in.handle; DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY); @@ -3634,12 +3639,17 @@ static NTSTATUS dcesrv_lsa_RetrievePrivateData(struct dcesrv_call_state *dce_cal static NTSTATUS dcesrv_lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct lsa_GetUserName *r) { + enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport; NTSTATUS status = NT_STATUS_OK; const char *account_name; const char *authority_name; struct lsa_String *_account_name; struct lsa_String *_authority_name = NULL; + if (transport != NCACN_NP && transport != NCALRPC) { + DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED); + } + /* this is what w2k3 does */ r->out.account_name = r->in.account_name; r->out.authority_name = r->in.authority_name; |