From 2028b84c1647730a084e02a2ec04ac0d5efc628e Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 3 Mar 2017 12:03:04 +1300
Subject: [PATCH] s3-rpc_server: Log authorization to DCE/RPC for anonymous and
 ncacn_np pass-though

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
---
 source3/rpc_server/srv_pipe.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 446679f39d4..bd56be6b79e 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -825,6 +825,17 @@ static bool api_pipe_bind_req(struct pipes_struct *p,
 		p->auth.auth_type = DCERPC_AUTH_TYPE_NONE;
 		p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
 		p->auth.auth_context_id = 0;
+
+		/*
+		 * Log the authorization to this RPC interface.  This
+		 * covered ncacn_np pass-through auth, and anonymous
+		 * DCE/RPC (eg epmapper, netlogon etc)
+		 */
+		log_successful_authz_event(p->remote_address,
+					   p->local_address,
+					   table->name,
+					   derpc_transport_string_by_transport(p->transport),
+					   p->session_info);
 	}
 
 	ZERO_STRUCT(u.bind_ack);