s3-dcerps: check auth_type

make sure the auth type used throught the auth operation is consistent.

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 1e369154af9c9434fdc75c4b9fa6602f64b8fef5..98de58c5574b70b5428bb54fcf2452f51667fb86 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1201,6 +1201,13 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
         * as zero. JRA.
         */
 
+       if (auth_info.auth_type != p->auth.auth_type) {
+               DEBUG(0, ("Auth type mismatch! Client sent %d, "
+                         "but auth was started as type %d!\n",
+                         auth_info.auth_type, p->auth.auth_type));
+               goto err;
+       }
+
        switch (auth_info.auth_type) {
        case DCERPC_AUTH_TYPE_NTLMSSP:
                ntlmssp_ctx = talloc_get_type_abort(p->auth.auth_ctx,
@@ -1344,6 +1351,14 @@ static bool api_pipe_alter_context(struct pipes_struct *p,
                        goto err_exit;
                }
 
+               if (auth_info.auth_type != p->auth.auth_type) {
+                       DEBUG(0, ("Auth type mismatch! Client sent %d, "
+                                 "but auth was started as type %d!\n",
+                                 auth_info.auth_type, p->auth.auth_type));
+                       goto err_exit;
+               }
+
+
                switch (auth_info.auth_type) {
                case DCERPC_AUTH_TYPE_SPNEGO:
                        spnego_ctx = talloc_get_type_abort(p->auth.auth_ctx,