sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

s3-rpc_server: Provide hooks required for JSON message logging for the no-auth case

Browse Source 
This is triggered in the ncacn_np pass-though case in particular

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Bartlett 2017-03-14 11:01:54 +13:00
parent e9611b4bd0
commit 7cbe1c844e
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
selftest/knownfail
View File

@ -329,7 +329,6 @@
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_rpc_ncacn_np_krb_dns_smb2
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_rpc_ncacn_np_krb_srv
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_rpc_ncacn_np_krb_srv_sign
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_rpc_ncacn_np_ntlm_srv\(ad_dc:local\)
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_smb\(
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_smb_bad_password
^samba.tests.auth_log.samba.tests.auth_log.AuthLogTests.test_smb_bad_user

13
source3/rpc_server/srv_pipe.c
View File

@ -822,6 +822,8 @@ static bool api_pipe_bind_req(struct pipes_struct *p,
goto err_exit;
}
} else {
TALLOC_CTX *frame = talloc_stackframe();
struct auth4_context *auth4_context;
const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE;
if (p->transport == NCACN_NP) {
transport_protection = AUTHZ_TRANSPORT_PROTECTION_SMB;
@ -831,18 +833,27 @@ static bool api_pipe_bind_req(struct pipes_struct *p,
p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
p->auth.auth_context_id = 0;
status = make_auth4_context(frame, &auth4_context);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Unable to make auth context for authz log.\n"));
TALLOC_FREE(frame);
goto err_exit;
}
/*
* Log the authorization to this RPC interface. This
* covered ncacn_np pass-through auth, and anonymous
* DCE/RPC (eg epmapper, netlogon etc)
*/
log_successful_authz_event(NULL, NULL,
log_successful_authz_event(auth4_context->msg_ctx,
auth4_context->lp_ctx,
p->remote_address,
p->local_address,
table->name,
derpc_transport_string_by_transport(p->transport),
transport_protection,
p->session_info);
TALLOC_FREE(frame);
}
ZERO_STRUCT(u.bind_ack);