diff options
| -rw-r--r-- | source4/rpc_server/dcesrv_auth.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index 7ec0d43bfd..a11526ddae 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -319,6 +319,9 @@ bool dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet) if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.gensec_security) { + if (pkt->auth_length != 0) { + return false; + } return true; } @@ -353,6 +356,18 @@ bool dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet) return false; } + if (auth.auth_type != dce_conn->auth_state.auth_info->auth_type) { + return false; + } + + if (auth.auth_level != dce_conn->auth_state.auth_info->auth_level) { + return false; + } + + if (auth.auth_context_id != dce_conn->auth_state.auth_info->auth_context_id) { + return false; + } + pkt->u.request.stub_and_verifier.length -= auth_length; /* check signature or unseal the packet */ |