[PATCH] s3/rpc_server/samr get_user_info_18(): allow encrypted connexions
Andreas Schneider
asn at samba.org
Wed Mar 2 08:54:44 UTC 2016
On Monday 29 February 2016 18:21:37 Stefan Metzmacher wrote:
> I'm talking about something like this:
The patch looks correct. Can you propose a real patch please? Thanks!
> diff --git a/source3/rpc_server/samr/srv_samr_nt.c
> b/source3/rpc_server/samr/srv_samr_nt.c
> index 4b4b77a..a77bd9d 100644
> --- a/source3/rpc_server/samr/srv_samr_nt.c
> +++ b/source3/rpc_server/samr/srv_samr_nt.c
> @@ -2616,21 +2616,14 @@ static NTSTATUS get_user_info_18(struct
> pipes_struct *p,
>
> ZERO_STRUCTP(r);
>
> - if (security_token_is_system(p->session_info->security_token)) {
> - goto query;
> - }
> -
> - if ((p->auth.auth_type != DCERPC_AUTH_TYPE_NTLMSSP) ||
> - (p->auth.auth_type != DCERPC_AUTH_TYPE_KRB5) ||
> - (p->auth.auth_type != DCERPC_AUTH_TYPE_SPNEGO)) {
> - return NT_STATUS_ACCESS_DENIED;
> + if (p->transport != NCALRPC) {
> + return NT_STATUS_INVALID_INFO_CLASS;
> }
>
> - if (p->auth.auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
> + if (!security_token_is_system(p->session_info->security_token)) {
> return NT_STATUS_ACCESS_DENIED;
> }
>
> - query:
> /*
> * Do *NOT* do become_root()/unbecome_root() here ! JRA.
> */
>
> metze
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160302/077605d7/signature.sig>
More information about the samba-technical
mailing list