mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
s3-rpc_server: allow to set minimal auth level for a DCE/RPC service
Guenther Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
4635c22411
commit
1ec825b28a
source3/rpc_server
@ -98,6 +98,11 @@ struct pipe_rpc_fns {
|
||||
* shall we allow "connect" auth level for this interface ?
|
||||
*/
|
||||
bool allow_connect;
|
||||
|
||||
/*
|
||||
* minimal required auth level
|
||||
*/
|
||||
enum dcerpc_AuthLevel min_auth_level;
|
||||
};
|
||||
|
||||
/*
|
||||
|
@ -1357,6 +1357,18 @@ static bool api_pipe_request(struct pipes_struct *p,
|
||||
pipe_fns->syntax.if_version);
|
||||
SMB_ASSERT(interface_name != NULL);
|
||||
|
||||
if (p->auth.auth_level < pipe_fns->min_auth_level) {
|
||||
|
||||
DEBUG(1, ("%s: auth level required for %s: 0x%x, got: 0x%0x\n",
|
||||
__func__, interface_name,
|
||||
pipe_fns->min_auth_level,
|
||||
p->auth.auth_level));
|
||||
|
||||
setup_fault_pdu(p, NT_STATUS(DCERPC_FAULT_ACCESS_DENIED));
|
||||
TALLOC_FREE(frame);
|
||||
return true;
|
||||
}
|
||||
|
||||
switch (p->auth.auth_level) {
|
||||
case DCERPC_AUTH_LEVEL_NONE:
|
||||
case DCERPC_AUTH_LEVEL_PACKET:
|
||||
|
Loading…
Reference in New Issue
Block a user