From 366f8cf0903e3583fda42696df62a5337f22131f Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 6 Mar 2017 14:10:17 +1300
Subject: auth: Log the transport connection for the authorization

We also log if a simple bind was over TLS, as this particular case matters to a lot of folks

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/rpc_server/dcesrv_auth.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source4/rpc_server/dcesrv_auth.c')

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 4b0bfdf1e20..1ebb5143b93 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -49,6 +49,10 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
 		enum dcerpc_transport_t transport =
 			dcerpc_binding_get_transport(call->conn->endpoint->ep_description);
 		const char *auth_type = derpc_transport_string_by_transport(transport);
+		const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE;
+		if (transport == NCACN_NP) {
+			transport_protection = AUTHZ_TRANSPORT_PROTECTION_SMB;
+		}
 		auth->auth_type = DCERPC_AUTH_TYPE_NONE;
 		auth->auth_level = DCERPC_AUTH_LEVEL_NONE;
 		auth->auth_context_id = 0;
@@ -62,6 +66,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
 					   call->conn->local_address,
 					   "DCE/RPC",
 					   auth_type,
+					   transport_protection,
 					   call->conn->auth_state.session_info);
 
 		return true;
-- 
cgit v1.2.1