From c3bd192703c6a0360f6fa7eef9e13bc32949c5eb Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Mon, 3 Jun 2002 03:02:39 +0000
Subject: Restrict anonymous checks for the SAMR pipe.  This is done by
 returning access denied for a SAMR_CONNECT by an anonymous user which seems
 to be the way 2K does it rather than blocking individual RPC calls like NT.

Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason
doesn't require a policy handle to return information.  No idea what
it's actually used.
(This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
---
 source3/rpc_server/srv_samr_nt.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'source3/rpc_server/srv_samr_nt.c')

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 7c16bc7128..066a293414 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2026,6 +2026,14 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO
 {
 	struct samr_info *info = NULL;
 
+    /* Access check */
+
+    if (!pipe_access_check(p)) {
+	    DEBUG(3, ("access denied to samr_connect_anon\n"));
+	    r_u->status = NT_STATUS_ACCESS_DENIED;
+	    return r_u->status;
+    }
+
     /* set up the SAMR connect_anon response */
 
     r_u->status = NT_STATUS_OK;
@@ -2053,6 +2061,14 @@ NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u
 
     DEBUG(5,("_samr_connect: %d\n", __LINE__));
 
+    /* Access check */
+
+    if (!pipe_access_check(p)) {
+	    DEBUG(3, ("access denied to samr_connect\n"));
+	    r_u->status = NT_STATUS_ACCESS_DENIED;
+	    return r_u->status;
+    }
+
     r_u->status = NT_STATUS_OK;
 
     /* associate the user's SID with the new handle. */
@@ -3594,7 +3610,18 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_
 
 NTSTATUS _samr_get_dom_pwinfo(pipes_struct *p, SAMR_Q_GET_DOM_PWINFO *q_u, SAMR_R_GET_DOM_PWINFO *r_u)
 {
+	/* Perform access check.  Since this rpc does not require a
+	   policy handle it will not be caught by the access checks on
+	   SAMR_CONNECT or SAMR_CONNECT_ANON. */
+
+	if (!pipe_access_check(p)) {
+		DEBUG(3, ("access denied to samr_get_dom_pwinfo\n"));
+		r_u->status = NT_STATUS_ACCESS_DENIED;
+		return r_u->status;
+	}
+
 	/* Actually, returning zeros here works quite well :-). */
+
 	return NT_STATUS_OK;
 }
 
-- 
cgit