From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 20 Jun 2016 14:11:37 +0000 (+0200)
Subject: s4:rpc_server: parse auth data only for BIND,ALTER_REQ,AUTH3
X-Git-Tag: samba-4.3.12~123
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b643c923c628d39e6dac97e92829951894ed71cc;p=thirdparty%2Fsamba.git

s4:rpc_server: parse auth data only for BIND,ALTER_REQ,AUTH3

We should tell dcerpc_pull_auth_trailer() that we only want
auth data.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11982

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 505a4e68d96e6fb3d8c7493632ecb4b0fc6caa9d)
---

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 2b3f8b07710..802876b2da7 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -44,7 +44,6 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
 	struct dcesrv_connection *dce_conn = call->conn;
 	struct dcesrv_auth *auth = &dce_conn->auth_state;
 	NTSTATUS status;
-	uint32_t auth_length;
 
 	if (pkt->auth_length == 0) {
 		auth->auth_type = DCERPC_AUTH_TYPE_NONE;
@@ -55,7 +54,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
 
 	status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.bind.auth_info,
 					  &call->in_auth_info,
-					  &auth_length, false);
+					  NULL, true);
 	if (!NT_STATUS_IS_OK(status)) {
 		return false;
 	}
@@ -241,7 +240,6 @@ bool dcesrv_auth_auth3(struct dcesrv_call_state *call)
 	struct ncacn_packet *pkt = &call->pkt;
 	struct dcesrv_connection *dce_conn = call->conn;
 	NTSTATUS status;
-	uint32_t auth_length;
 
 	if (pkt->auth_length == 0) {
 		return false;
@@ -257,7 +255,7 @@ bool dcesrv_auth_auth3(struct dcesrv_call_state *call)
 	}
 
 	status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.auth3.auth_info,
-					  &call->in_auth_info, &auth_length, true);
+					  &call->in_auth_info, NULL, true);
 	if (!NT_STATUS_IS_OK(status)) {
 		return false;
 	}
@@ -324,7 +322,6 @@ bool dcesrv_auth_alter(struct dcesrv_call_state *call)
 	struct ncacn_packet *pkt = &call->pkt;
 	struct dcesrv_connection *dce_conn = call->conn;
 	NTSTATUS status;
-	uint32_t auth_length;
 
 	/* on a pure interface change there is no auth blob */
 	if (pkt->auth_length == 0) {
@@ -344,7 +341,7 @@ bool dcesrv_auth_alter(struct dcesrv_call_state *call)
 	}
 
 	status = dcerpc_pull_auth_trailer(pkt, call, &pkt->u.alter.auth_info,
-					  &call->in_auth_info, &auth_length, true);
+					  &call->in_auth_info, NULL, true);
 	if (!NT_STATUS_IS_OK(status)) {
 		return false;
 	}