From 426cf362ed672d44e266c18d58dff1cbe5f61c53 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 25 Jun 2012 18:49:11 +0200
Subject: s3-lsarpc: Restrict lsa_LookupSids3 to ncacn_ip_tcp connections.

See MS-LAT, Section 2.1 Transport.
---
 source3/rpc_server/lsa/srv_lsa_nt.c | 35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)

(limited to 'source3')

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index 8ffcd13474..d74ed73fdd 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -1034,12 +1034,8 @@ NTSTATUS _lsa_LookupSids(struct pipes_struct *p,
 	return status;
 }
 
-/***************************************************************************
- _lsa_LookupSids2
- ***************************************************************************/
-
-NTSTATUS _lsa_LookupSids2(struct pipes_struct *p,
-			  struct lsa_LookupSids2 *r)
+static NTSTATUS _lsa_LookupSids_common(struct pipes_struct *p,
+				struct lsa_LookupSids2 *r)
 {
 	NTSTATUS status;
 	struct lsa_info *handle;
@@ -1049,11 +1045,6 @@ NTSTATUS _lsa_LookupSids2(struct pipes_struct *p,
 	struct lsa_TranslatedName2 *names = NULL;
 	bool check_policy = true;
 
-	if (p->transport != NCACN_NP && p->transport != NCALRPC) {
-		p->fault_state = DCERPC_FAULT_ACCESS_DENIED;
-		return NT_STATUS_ACCESS_DENIED;
-	}
-
 	switch (p->opnum) {
 		case NDR_LSA_LOOKUPSIDS3:
 			check_policy = false;
@@ -1105,6 +1096,21 @@ NTSTATUS _lsa_LookupSids2(struct pipes_struct *p,
 	return status;
 }
 
+/***************************************************************************
+ _lsa_LookupSids2
+ ***************************************************************************/
+
+NTSTATUS _lsa_LookupSids2(struct pipes_struct *p,
+			  struct lsa_LookupSids2 *r)
+{
+	if (p->transport != NCACN_NP && p->transport != NCALRPC) {
+		p->fault_state = DCERPC_FAULT_ACCESS_DENIED;
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return _lsa_LookupSids_common(p, r);
+}
+
 /***************************************************************************
  _lsa_LookupSids3
  ***************************************************************************/
@@ -1114,6 +1120,11 @@ NTSTATUS _lsa_LookupSids3(struct pipes_struct *p,
 {
 	struct lsa_LookupSids2 q;
 
+	if (p->transport != NCACN_IP_TCP) {
+		p->fault_state = DCERPC_FAULT_ACCESS_DENIED;
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
 	/* No policy handle on this call. Restrict to crypto connections. */
 	if (p->auth.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
 		DEBUG(0,("_lsa_LookupSids3: client %s not using schannel for netlogon\n",
@@ -1133,7 +1144,7 @@ NTSTATUS _lsa_LookupSids3(struct pipes_struct *p,
 	q.out.names		= r->out.names;
 	q.out.count		= r->out.count;
 
-	return _lsa_LookupSids2(p, &q);
+	return _lsa_LookupSids_common(p, &q);
 }
 
 /***************************************************************************
-- 
cgit