s3:rpc_server/samr: simplify the logic in get_user_info_18()

We only allow SetUserInformation(level=18) via NCALRPC.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 12 14:02:27 CEST 2016 on sn-devel-144

diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index 6354556d591e771ac21dc1b3d96cc1ce9467427b..adc9e41e49ed0051b8f83908c7ff42fbe48e4d5c 100644 (file)
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -2617,21 +2617,14 @@ static NTSTATUS get_user_info_18(struct pipes_struct *p,
 
        ZERO_STRUCTP(r);
 
-       if (security_token_is_system(p->session_info->security_token)) {
-               goto query;
-       }
-
-       if ((p->auth.auth_type != DCERPC_AUTH_TYPE_NTLMSSP) ||
-           (p->auth.auth_type != DCERPC_AUTH_TYPE_KRB5) ||
-           (p->auth.auth_type != DCERPC_AUTH_TYPE_SPNEGO)) {
-               return NT_STATUS_ACCESS_DENIED;
+       if (p->transport != NCALRPC) {
+               return NT_STATUS_INVALID_INFO_CLASS;
        }
 
-       if (p->auth.auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
+       if (!security_token_is_system(p->session_info->security_token)) {
                return NT_STATUS_ACCESS_DENIED;
        }
 
- query:
        /*
         * Do *NOT* do become_root()/unbecome_root() here ! JRA.
         */