diff options
author | Stefan Metzmacher <metze@samba.org> | 2014-01-09 10:59:01 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2014-02-11 16:02:14 +0100 |
commit | 7676bf32a498ac844bd1c8631c1fa8a457ede3ef (patch) | |
tree | 0d07281ea9071795fd1289bec380e5a2ba9e4e91 /source4/rpc_server | |
parent | 2e093cc0cc0ff14ff189947ab0a267f089fab97c (diff) | |
download | samba-7676bf32a498ac844bd1c8631c1fa8a457ede3ef.tar.gz samba-7676bf32a498ac844bd1c8631c1fa8a457ede3ef.tar.xz samba-7676bf32a498ac844bd1c8631c1fa8a457ede3ef.zip |
s4:rpc_server: verifiy the auth_info against the per connection values
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/dcesrv_auth.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index 7ec0d43bfd7..a11526ddaec 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -319,6 +319,9 @@ bool dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet) if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.gensec_security) { + if (pkt->auth_length != 0) { + return false; + } return true; } @@ -353,6 +356,18 @@ bool dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet) return false; } + if (auth.auth_type != dce_conn->auth_state.auth_info->auth_type) { + return false; + } + + if (auth.auth_level != dce_conn->auth_state.auth_info->auth_level) { + return false; + } + + if (auth.auth_context_id != dce_conn->auth_state.auth_info->auth_context_id) { + return false; + } + pkt->u.request.stub_and_verifier.length -= auth_length; /* check signature or unseal the packet */ |