sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code

s4:rpc_server/remote: add dcerpc_remote:allow_anonymous_fallback option

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Stefan Metzmacher 2018-11-23 13:13:53 +01:00 committed by Jeremy Allison
parent 23d1393a5f
commit 3a17389e1b
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
source4/rpc_server/remote/dcesrv_remote.c
View File

@ -50,6 +50,7 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
struct cli_credentials *credentials; struct cli_credentials *credentials;
bool must_free_credentials = false; bool must_free_credentials = false;
bool machine_account; bool machine_account;
bool allow_anonymous;
struct dcerpc_binding *b; struct dcerpc_binding *b;
struct composite_context *pipe_conn_req; struct composite_context *pipe_conn_req;
uint32_t flags = 0; uint32_t flags = 0;
@ -80,6 +81,11 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
"dcerpc_remote", "dcerpc_remote",
"use_machine_account", "use_machine_account",
false); false);
allow_anonymous = lpcfg_parm_bool(dce_call->conn->dce_ctx->lp_ctx,
NULL,
"dcerpc_remote",
"allow_anonymous_fallback",
false);
credentials = dcesrv_call_credentials(dce_call); credentials = dcesrv_call_credentials(dce_call);
@ -113,6 +119,13 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
} }
} else if (credentials != NULL) { } else if (credentials != NULL) {
DEBUG(5, ("dcerpc_remote: RPC Proxy: Using delegated credentials\n")); DEBUG(5, ("dcerpc_remote: RPC Proxy: Using delegated credentials\n"));
} else if (allow_anonymous) {
DEBUG(5, ("dcerpc_remote: RPC Proxy: Using anonymous\n"));
credentials = cli_credentials_init_anon(priv);
if (!credentials) {
return NT_STATUS_NO_MEMORY;
}
must_free_credentials = true;
} else { } else {
DEBUG(1,("dcerpc_remote: RPC Proxy: You must supply binding, user and password or have delegated credentials\n")); DEBUG(1,("dcerpc_remote: RPC Proxy: You must supply binding, user and password or have delegated credentials\n"));
return NT_STATUS_INVALID_PARAMETER; return NT_STATUS_INVALID_PARAMETER;