It doesn't make any sense to allow other auth levels.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
*out = data_blob(NULL, 0);
+ if (gensec_security->dcerpc_auth_level < DCERPC_AUTH_LEVEL_INTEGRITY) {
+ switch (gensec_security->gensec_role) {
+ case GENSEC_CLIENT:
+ return NT_STATUS_INVALID_PARAMETER_MIX;
+ case GENSEC_SERVER:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
switch (gensec_security->gensec_role) {
case GENSEC_CLIENT:
if (state != NULL) {