From 4fd7aaf2b148fff7d5efc15e9f1923bf56b5b54a Mon Sep 17 00:00:00 2001
From: =?utf8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Tue, 11 Dec 2012 14:43:07 +0100
Subject: [PATCH] s4-rpc_server: limit allowed transports for
 samr_ValidatePassword().
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---
 source4/rpc_server/samr/dcesrv_samr.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index d987fbaaef7..3826075ebcd 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -4290,6 +4290,11 @@ static NTSTATUS dcesrv_samr_ValidatePassword(struct dcesrv_call_state *dce_call,
 	DATA_BLOB password;
 	enum samr_ValidationStatus res;
 	NTSTATUS status;
+	enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
+
+	if (transport != NCACN_IP_TCP && transport != NCALRPC) {
+		DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+	}
 
 	(*r->out.rep) = talloc_zero(mem_ctx, union samr_ValidatePasswordRep);
 
-- 
2.11.4.GIT