diff options
author | Volker Lendecke <vl@samba.org> | 2023-04-18 12:04:17 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2023-05-16 10:53:40 +0000 |
commit | 1d11e0489b2c91fc05c6befc0463695d7102abcc (patch) | |
tree | ca479513a1aae1b350a1ca8b74e7f98bcce0965a /librpc | |
parent | 244ee8ad75c2c968997dfdd5eeb9e9cb97a191fb (diff) | |
download | samba-1d11e0489b2c91fc05c6befc0463695d7102abcc.tar.gz |
librpc: Simplify dcerpc_is_transport_encrypted()
Simplify logic by using security_token_count_flag_sids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'librpc')
-rw-r--r-- | librpc/rpc/dcerpc_helper.c | 25 |
1 files changed, 10 insertions, 15 deletions
diff --git a/librpc/rpc/dcerpc_helper.c b/librpc/rpc/dcerpc_helper.c index cf0deeb2079..eec78e034ee 100644 --- a/librpc/rpc/dcerpc_helper.c +++ b/librpc/rpc/dcerpc_helper.c @@ -20,6 +20,7 @@ #include "librpc/gen_ndr/auth.h" #include "lib/crypto/gnutls_helpers.h" #include "libcli/security/dom_sid.h" +#include "libcli/security/security_token.h" #include "libcli/smb/smb2_constants.h" #include "dcerpc_helper.h" @@ -75,23 +76,17 @@ bool dcerpc_is_transport_encrypted(struct auth_session_info *session_info) uint16_t dialect = 0; uint16_t encrypt = 0; uint16_t cipher = 0; - uint32_t i; + size_t num_smb3_sids; bool ok; - for (i = 0; i < token->num_sids; i++) { - int cmp; - - /* There is only one SMB3 SID allowed! */ - cmp = dom_sid_compare_domain(&token->sids[i], &smb3_dom_sid); - if (cmp == 0) { - if (smb3_sid == NULL) { - smb3_sid = &token->sids[i]; - } else { - DBG_ERR("ERROR: The SMB3 SID has been detected " - "multiple times\n"); - return false; - } - } + num_smb3_sids = security_token_count_flag_sids(token, + &smb3_dom_sid, + 3, + &smb3_sid); + if (num_smb3_sids > 1) { + DBG_ERR("ERROR: The SMB3 SID has been detected %zu times\n", + num_smb3_sids); + return false; } if (smb3_sid == NULL) { |