From 0ff7e52340aa0e8319a9d0127ae8d6822e1ff301 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Mar 2006 16:23:19 +0000
Subject: r14653: make sure we always have a valid session_info

metze
(This used to be commit 42b3f83d1c5a4dced146cbc3861bcc838fda26c0)
---
 source4/rpc_server/dcerpc_server.c | 19 +++++++++++++------
 source4/rpc_server/dcerpc_sock.c   | 11 +++++++++++
 2 files changed, 24 insertions(+), 6 deletions(-)

(limited to 'source4/rpc_server')

diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index f9eb9e92d7..37026f901f 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -289,15 +289,25 @@ static int dcesrv_endpoint_destructor(void *ptr)
 NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
 				 TALLOC_CTX *mem_ctx,
 				 const struct dcesrv_endpoint *ep,
+				 struct auth_session_info *session_info,
 				 struct event_context *event_ctx,
 				 uint32_t state_flags,
 				 struct dcesrv_connection **_p)
 {
 	struct dcesrv_connection *p;
 
+	if (!session_info) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
 	p = talloc(mem_ctx, struct dcesrv_connection);
 	NT_STATUS_HAVE_NO_MEMORY(p);
 
+	if (!talloc_reference(p, session_info)) {
+		talloc_free(p);
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	p->dce_ctx = dce_ctx;
 	p->endpoint = ep;
 	p->contexts = NULL;
@@ -307,7 +317,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
 	p->partial_input = data_blob(NULL, 0);
 	p->auth_state.auth_info = NULL;
 	p->auth_state.gensec_security = NULL;
-	p->auth_state.session_info = NULL;
+	p->auth_state.session_info = session_info;
 	p->auth_state.session_key = dcesrv_generic_session_key;
 	p->event_ctx = event_ctx;
 	p->processing = False;
@@ -340,12 +350,9 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx,
 		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
 	}
 
-	status = dcesrv_endpoint_connect(dce_ctx, mem_ctx, ep, event_ctx, state_flags, dce_conn_p);
-	if (!NT_STATUS_IS_OK(status)) {
-		return status;
-	}
+	status = dcesrv_endpoint_connect(dce_ctx, mem_ctx, ep, session_info, event_ctx, state_flags, dce_conn_p);
+	NT_STATUS_NOT_OK_RETURN(status);
 
-	(*dce_conn_p)->auth_state.session_info = talloc_reference((*dce_conn_p), session_info);
 	(*dce_conn_p)->auth_state.session_key = dcesrv_inherited_session_key;
 
 	/* TODO: check security descriptor of the endpoint here 
diff --git a/source4/rpc_server/dcerpc_sock.c b/source4/rpc_server/dcerpc_sock.c
index 79cf1113eb..587e8259f8 100644
--- a/source4/rpc_server/dcerpc_sock.c
+++ b/source4/rpc_server/dcerpc_sock.c
@@ -31,6 +31,7 @@
 #include "lib/messaging/irpc.h"
 #include "system/network.h"
 #include "netif/netif.h"
+#include "auth/auth.h"
 
 struct dcesrv_socket_context {
 	const struct dcesrv_endpoint *endpoint;
@@ -97,10 +98,20 @@ static void dcesrv_sock_accept(struct stream_connection *srv_conn)
 	struct dcesrv_socket_context *dcesrv_sock = 
 		talloc_get_type(srv_conn->private, struct dcesrv_socket_context);
 	struct dcesrv_connection *dcesrv_conn = NULL;
+	struct auth_session_info *session_info = NULL;
+
+	status = auth_anonymous_session_info(srv_conn, &session_info);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("dcesrv_sock_accept: auth_anonymous_session_info failed: %s\n", 
+			nt_errstr(status)));
+		stream_terminate_connection(srv_conn, nt_errstr(status));
+		return;
+	}
 
 	status = dcesrv_endpoint_connect(dcesrv_sock->dcesrv_ctx,
 					 srv_conn,
 					 dcesrv_sock->endpoint,
+					 session_info,
 					 srv_conn->event.ctx,
 					 DCESRV_CALL_STATE_FLAG_MAY_ASYNC,
 					 &dcesrv_conn);
-- 
cgit