s3-rpc_server: Log authorization to DCE/RPC for anonymous and ncacn_np pass-though

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 446679f39d4945c10058077d4f3fc2fdeed7327e..bd56be6b79e6fc82c45890ecb86997083e5a2861 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -825,6 +825,17 @@ static bool api_pipe_bind_req(struct pipes_struct *p,
                p->auth.auth_type = DCERPC_AUTH_TYPE_NONE;
                p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
                p->auth.auth_context_id = 0;
+
+               /*
+                * Log the authorization to this RPC interface.  This
+                * covered ncacn_np pass-through auth, and anonymous
+                * DCE/RPC (eg epmapper, netlogon etc)
+                */
+               log_successful_authz_event(p->remote_address,
+                                          p->local_address,
+                                          table->name,
+                                          derpc_transport_string_by_transport(p->transport),
+                                          p->session_info);
        }
 
        ZERO_STRUCT(u.bind_ack);