From 6c5158e3de26cd6e911f740a1c36789d77ea1c70 Mon Sep 17 00:00:00 2001
From: Shekhar Amlekar <samlekar@in.ibm.com>
Date: Tue, 7 May 2013 17:58:16 +0530
Subject: s3:rpc_server/srvsvc check access before doing work

Before doing the (potentially) costly enumerations,
check if the user has necessary privileges first

Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Tue May 14 16:22:24 CEST 2013 on sn-devel-104
---
 source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

(limited to 'source3/rpc_server')

diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index 2d58466850..011d41fa52 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -1226,16 +1226,6 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
 	bool not_root = False;
 	WERROR werr;
 
-	username = r->in.user;
-	machine = r->in.client;
-
-	/* strip leading backslashes if any */
-	if (machine && machine[0] == '\\' && machine[1] == '\\') {
-		machine += 2;
-	}
-
-	num_sessions = list_sessions(p->mem_ctx, &session_list);
-
 	DEBUG(5,("_srvsvc_NetSessDel: %d\n", __LINE__));
 
 	werr = WERR_ACCESS_DENIED;
@@ -1249,6 +1239,16 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
 		goto done;
 	}
 
+	username = r->in.user;
+	machine = r->in.client;
+
+	/* strip leading backslashes if any */
+	if (machine && machine[0] == '\\' && machine[1] == '\\') {
+		machine += 2;
+	}
+
+	num_sessions = list_sessions(p->mem_ctx, &session_list);
+
 	for (snum = 0; snum < num_sessions; snum++) {
 
 		if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&
-- 
cgit