CVE-2016-2118: s4:rpc_server/mgmt: allow DCERPC_AUTH_LEVEL_CONNECT by default

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

diff --git a/source4/rpc_server/dcesrv_mgmt.c b/source4/rpc_server/dcesrv_mgmt.c
index 8c4eb63ec306ec72dcfe60896aec01ff67516a8c..4d3428d13cff7ecc13b0c29478b0bee04b3af58d 100644 (file)
--- a/source4/rpc_server/dcesrv_mgmt.c
+++ b/source4/rpc_server/dcesrv_mgmt.c
@@ -23,6 +23,14 @@
 #include "rpc_server/dcerpc_server.h"
 #include "librpc/gen_ndr/ndr_mgmt.h"
 
+#define DCESRV_INTERFACE_MGMT_BIND(call, iface) \
+       dcesrv_interface_mgmt_bind(call, iface)
+static NTSTATUS dcesrv_interface_mgmt_bind(struct dcesrv_call_state *dce_call,
+                                            const struct dcesrv_interface *iface)
+{
+       return dcesrv_interface_bind_allow_connect(dce_call, iface);
+}
+
 /* 
   mgmt_inq_if_ids 
 */