CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 2926f06d5f89861bacd7c4684fb77f6f9f3817e2..a37cb3f6918beaff03de8f587c4a897110d24c29 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -926,7 +926,7 @@ bool api_pipe_bind_auth3(struct pipes_struct *p, struct ncacn_packet *pkt)
        return true;
 
 err:
-
+       p->pipe_bound = false;
        TALLOC_FREE(p->auth.auth_ctx);
        return false;
 }