summaryrefslogtreecommitdiff
path: root/source4/rpc_server/lsa/lsa_lookup.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/rpc_server/lsa/lsa_lookup.c')
-rw-r--r--source4/rpc_server/lsa/lsa_lookup.c25
1 files changed, 25 insertions, 0 deletions
diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c
index b96adaa13d..e8fd7920d4 100644
--- a/source4/rpc_server/lsa/lsa_lookup.c
+++ b/source4/rpc_server/lsa/lsa_lookup.c
@@ -639,9 +639,14 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupSids2 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *state;
struct dcesrv_handle *h;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
@@ -716,10 +721,15 @@ NTSTATUS dcesrv_lsa_LookupSids3(struct dcesrv_call_state *dce_call,
NTSTATUS dcesrv_lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupSids *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_LookupSids2 r2;
NTSTATUS status;
uint32_t i;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
ZERO_STRUCT(r2);
r2.in.handle = r->in.handle;
@@ -849,9 +859,14 @@ NTSTATUS dcesrv_lsa_LookupNames3(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames3 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *policy_state;
struct dcesrv_handle *policy_handle;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
policy_state = policy_handle->data;
@@ -926,12 +941,17 @@ NTSTATUS dcesrv_lsa_LookupNames2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames2 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *state;
struct dcesrv_handle *h;
uint32_t i;
struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
struct lsa_RefDomainList *domains;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
*r->out.domains = NULL;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
@@ -1016,10 +1036,15 @@ NTSTATUS dcesrv_lsa_LookupNames2(struct dcesrv_call_state *dce_call,
NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupNames *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_LookupNames2 r2;
NTSTATUS status;
uint32_t i;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
ZERO_STRUCT(r2);
r2.in.handle = r->in.handle;
generated by cgit (git 2.34.1) at 2024-07-03 09:00:16 +0000