diff options
author | Stefan Metzmacher <metze@samba.org> | 2010-09-30 00:27:52 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2010-10-23 10:58:14 +0200 |
commit | fcc2f6ba4a1c853a6e836cd4b45c8da3e6601992 (patch) | |
tree | a8e29273a92d64cd4e7e16669c294132502b50c9 | |
parent | e297625d96a6ad6deba4edf2dc69756ba67aa452 (diff) | |
download | samba-fcc2f6ba4a1c853a6e836cd4b45c8da3e6601992.tar.gz samba-fcc2f6ba4a1c853a6e836cd4b45c8da3e6601992.tar.bz2 samba-fcc2f6ba4a1c853a6e836cd4b45c8da3e6601992.zip |
s4:rpc_server/netlogon: validate flags in netr_DsRGetDCNameEx2() and callers
Thanks to Tarun Chopra for the help of looking up all the bits in
the docs.
metze
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 39 |
1 files changed, 37 insertions, 2 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 6f88a723cf..8ef817127a 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -1589,6 +1589,43 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, /* "server_unc" is ignored by w2k3 */ + if (r->in.flags & ~(DSGETDC_VALID_FLAGS)) { + return WERR_INVALID_FLAGS; + } + + if (r->in.flags & DS_GC_SERVER_REQUIRED && + r->in.flags & DS_PDC_REQUIRED && + r->in.flags & DS_KDC_REQUIRED) { + return WERR_INVALID_FLAGS; + } + if (r->in.flags & DS_IS_FLAT_NAME && + r->in.flags & DS_IS_DNS_NAME) { + return WERR_INVALID_FLAGS; + } + if (r->in.flags & DS_RETURN_DNS_NAME && + r->in.flags & DS_RETURN_FLAT_NAME) { + return WERR_INVALID_FLAGS; + } + if (r->in.flags & DS_DIRECTORY_SERVICE_REQUIRED && + r->in.flags & DS_DIRECTORY_SERVICE_6_REQUIRED) { + return WERR_INVALID_FLAGS; + } + + if (r->in.flags & DS_GOOD_TIMESERV_PREFERRED && + r->in.flags & + (DS_DIRECTORY_SERVICE_REQUIRED | + DS_DIRECTORY_SERVICE_PREFERRED | + DS_GC_SERVER_REQUIRED | + DS_PDC_REQUIRED | + DS_KDC_REQUIRED)) { + return WERR_INVALID_FLAGS; + } + + if (r->in.flags & DS_TRY_NEXTCLOSEST_SITE && + r->in.site_name) { + return WERR_INVALID_FLAGS; + } + /* Proof server site parameter "site_name" if it was specified */ server_site_name = samdb_server_site_name(sam_ctx, mem_ctx); W_ERROR_HAVE_NO_MEMORY(server_site_name); @@ -1597,8 +1634,6 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, return WERR_NO_SUCH_DOMAIN; } - /* TODO: the flags are ignored for now */ - guid_str = r->in.domain_guid != NULL ? GUID_string(mem_ctx, r->in.domain_guid) : NULL; |