diff options
| author | Stefan Metzmacher <metze@samba.org> | 2018-11-22 13:26:21 +0100 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2019-01-12 03:13:37 +0100 |
| commit | b46df3a85c39240d33ecb2ea0d54afcaa97c5815 (patch) | |
| tree | ad6bd299d11d933b813dce6ebfad6499ebca0ef1 /source4 | |
| parent | 76976eab01cd64ccf3ea2a2247a77997db3094ed (diff) | |
| download | samba-b46df3a85c39240d33ecb2ea0d54afcaa97c5815.tar.gz | |
s4:rpc_server: split out log_successful_dcesrv_authz_event()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/rpc_server/dcesrv_auth.c | 48 |
1 files changed, 28 insertions, 20 deletions
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index 60bebe39cbd..c64aa20bcfc 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -201,6 +201,33 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call) return true; } +static void log_successful_dcesrv_authz_event(struct dcesrv_call_state *call) +{ + struct dcesrv_auth *auth = call->auth_state; + enum dcerpc_transport_t transport = + dcerpc_binding_get_transport(call->conn->endpoint->ep_description); + const char *auth_type = derpc_transport_string_by_transport(transport); + const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE; + + if (transport == NCACN_NP) { + transport_protection = AUTHZ_TRANSPORT_PROTECTION_SMB; + } + + /* + * Log the authorization to this RPC interface. This + * covered ncacn_np pass-through auth, and anonymous + * DCE/RPC (eg epmapper, netlogon etc) + */ + log_successful_authz_event(call->conn->msg_ctx, + call->conn->dce_ctx->lp_ctx, + call->conn->remote_address, + call->conn->local_address, + "DCE/RPC", + auth_type, + transport_protection, + auth->session_info); +} + /* parse any auth information from a dcerpc bind request return false if we can't handle the auth request for some @@ -213,30 +240,11 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call) NTSTATUS status; if (pkt->auth_length == 0) { - enum dcerpc_transport_t transport = - dcerpc_binding_get_transport(call->conn->endpoint->ep_description); - const char *auth_type = derpc_transport_string_by_transport(transport); - const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE; - if (transport == NCACN_NP) { - transport_protection = AUTHZ_TRANSPORT_PROTECTION_SMB; - } auth->auth_type = DCERPC_AUTH_TYPE_NONE; auth->auth_level = DCERPC_AUTH_LEVEL_NONE; auth->auth_context_id = 0; - /* - * Log the authorization to this RPC interface. This - * covered ncacn_np pass-through auth, and anonymous - * DCE/RPC (eg epmapper, netlogon etc) - */ - log_successful_authz_event(call->conn->msg_ctx, - call->conn->dce_ctx->lp_ctx, - call->conn->remote_address, - call->conn->local_address, - "DCE/RPC", - auth_type, - transport_protection, - auth->session_info); + log_successful_dcesrv_authz_event(call); return true; } |