s4:librpc/rpc: let ncacn_push_request_sign() handle sig_size == 0 with auth_info...

Don't send plaintext on the wire because of an internal error...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 719407468299f84f4d4697909820cee2c81b2726..f1c6d474ec657508ea43b391627e4cb9e8db427b 100644 (file)
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -832,13 +832,16 @@ static NTSTATUS ncacn_push_request_sign(struct dcecli_connection *c,
        size_t hdr_size = DCERPC_REQUEST_LENGTH;
 
        /* non-signed packets are simpler */
-       if (sig_size == 0) {
+       if (c->security_state.auth_info == NULL) {
                return ncacn_push_auth(blob, mem_ctx, pkt, NULL);
        }
 
        switch (c->security_state.auth_info->auth_level) {
        case DCERPC_AUTH_LEVEL_PRIVACY:
        case DCERPC_AUTH_LEVEL_INTEGRITY:
+               if (sig_size == 0) {
+                       return NT_STATUS_INTERNAL_ERROR;
+               }
                break;
 
        case DCERPC_AUTH_LEVEL_CONNECT: