summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c28
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c39
2 files changed, 49 insertions, 18 deletions
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index 62af0ecac8..5af1e8c265 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -249,3 +249,31 @@ void close_policy_by_pipe(pipes_struct *p)
DEBUG(10,("close_policy_by_pipe: deleted handle list for pipe %s\n", p->name ));
}
}
+
+/*******************************************************************
+Shall we allow access to this rpc? Currently this function
+implements the 'restrict anonymous' setting by denying access to
+anonymous users if the restrict anonymous level is > 0. Further work
+will be checking a security descriptor to determine whether a user
+token has enough access to access the pipe.
+********************************************************************/
+
+BOOL pipe_access_check(pipes_struct *p)
+{
+ /* Don't let anonymous users access this RPC if restrict
+ anonymous > 0 */
+
+ if (lp_restrict_anonymous() > 0) {
+ user_struct *user = get_valid_user_struct(p->vuid);
+
+ if (!user) {
+ DEBUG(3, ("invalid vuid %d\n", p->vuid));
+ return False;
+ }
+
+ if (user->guest)
+ return False;
+ }
+
+ return True;
+}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 967c7a8747..8965b11fe5 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -564,25 +564,8 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n,
uint32 info_level, uint32 resume_hnd, BOOL all)
{
- user_struct *user;
-
DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__));
- /* Don't let anonymous users access this RPC */
-
- if (!(user = get_valid_user_struct(p->vuid))) {
- DEBUG(3, ("invalid vuid %d in init_srv_r_net_share_enum()\n",
- p->vuid));
- r_n->status = WERR_ACCESS_DENIED;
- return;
- }
-
- if (lp_restrict_anonymous() > 0 && user->guest) {
- DEBUG(5, ("access denied to anonymous connection"));
- r_n->status = WERR_ACCESS_DENIED;
- return;
- }
-
if (init_srv_share_info_ctr(p, &r_n->ctr, info_level,
&resume_hnd, &r_n->total_entries, all)) {
r_n->status = WERR_OK;
@@ -1042,11 +1025,21 @@ WERROR _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R
DEBUG(5,("srv_net_srv_get_info: %d\n", __LINE__));
+ if (!pipe_access_check(p)) {
+ DEBUG(3, ("access denied to srv_net_srv_get_info\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
switch (q_u->switch_value) {
+
+ /* Technically level 102 should only be available to
+ Administrators but there isn't anything super-secret
+ here, as most of it is made up. */
+
case 102:
init_srv_info_102(&ctr->srv.sv102,
500, global_myname,
- string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH),
+ string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH),
lp_major_announce_version(), lp_minor_announce_version(),
lp_default_server_announce(),
0xffffffff, /* users */
@@ -1176,6 +1169,11 @@ WERROR _srv_net_share_enum_all(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R
{
DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__));
+ if (!pipe_access_check(p)) {
+ DEBUG(3, ("access denied to srv_net_share_enum_all\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
/* Create the list of shares for the response. */
init_srv_r_net_share_enum(p, r_u,
q_u->ctr.info_level,
@@ -1194,6 +1192,11 @@ WERROR _srv_net_share_enum(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET
{
DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__));
+ if (!pipe_access_check(p)) {
+ DEBUG(3, ("access denied to srv_net_share_enum\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
/* Create the list of shares for the response. */
init_srv_r_net_share_enum(p, r_u,
q_u->ctr.info_level,