From d2aecd8755413fb32c3e05a4b644a7015a6dc47b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 8 Nov 2018 09:45:15 +0100 Subject: [PATCH] s4:rpc_server: only AUTH_TYPE_NONE should get a transport session key There's only a logic change for NCALRPC and NCACN_UNIX_STREAM. dcesrv_generic_session_key() already returned NT_STATUS_NO_USER_SESSION_KEY for all other cases. BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- source4/rpc_server/dcerpc_server.c | 4 ++++ source4/rpc_server/dcesrv_auth.c | 3 --- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 398b2227988..299469b601d 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -479,6 +479,10 @@ NTSTATUS dcesrv_inherited_session_key(struct dcesrv_connection *p, { struct dcesrv_auth *auth = &p->auth_state; + if (auth->auth_type != DCERPC_AUTH_TYPE_NONE) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + return dcesrv_session_info_session_key(auth, session_key); } diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index d48d03eefdc..efc16e91339 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -285,9 +285,6 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status) dce_conn->auth_state.auth_finished = true; dce_conn->allow_request = true; - /* Now that we are authenticated, go back to the generic session key... */ - dce_conn->auth_state.session_key = dcesrv_generic_session_key; - if (call->pkt.ptype != DCERPC_PKT_AUTH3) { return NT_STATUS_OK; }