diff options
author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-07 12:00:11 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-07 12:05:56 +0200 |
commit | b11aaadb68802dc4fd5591923600b1b414567620 (patch) | |
tree | aea1bd5bab4c18f8fd8e824369a3efc421dd0ec4 | |
parent | 1c2f4919abe99d07540b7380ad16d475d62aa50b (diff) | |
download | samba-b11aaadb68802dc4fd5591923600b1b414567620.tar.gz samba-b11aaadb68802dc4fd5591923600b1b414567620.tar.bz2 samba-b11aaadb68802dc4fd5591923600b1b414567620.zip |
s4:LogonGetDomainInfo - add a basic check for the hostname
This check is specified in Windows Server after release 2003.
The parameter "hostname" should match as prefix of the dns hostname given as
parameter in the "workstation" structure.
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index b364062ba1..d597ca6886 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -1121,6 +1121,7 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal struct netlogon_creds_CredentialState *creds; const char * const attrs[] = { "objectSid", "objectGUID", "flatName", "securityIdentifier", "trustPartner", NULL }; + const char *temp_str; const char *old_dns_hostname; struct ldb_context *sam_ctx; struct ldb_message **res1, **res2, *new_msg; @@ -1152,14 +1153,28 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal switch (r->in.level) { case 1: /* Domain information */ + /* TODO: check NTSTATUS results - and fail also on SAMDB + * errors (needs some testing against Windows Server 2008) */ + + /* + * Check that the computer name parameter matches as prefix with + * the DNS hostname in the workstation info structure. + */ + temp_str = strndup(r->in.query->workstation_info->dns_hostname, + strcspn(r->in.query->workstation_info->dns_hostname, + ".")); + if (strcasecmp(r->in.computer_name, temp_str) != 0) + return NT_STATUS_INVALID_PARAMETER; + workstation_dn = ldb_dn_new_fmt(mem_ctx, sam_ctx, "<SID=%s>", dom_sid_string(mem_ctx, creds->sid)); NT_STATUS_HAVE_NO_MEMORY(workstation_dn); /* Gets the old DNS hostname */ old_dns_hostname = samdb_search_string(sam_ctx, mem_ctx, - workstation_dn, "dNSHostName", - NULL); + workstation_dn, + "dNSHostName", + NULL); /* Gets host informations and put them in our directory */ new_msg = ldb_msg_new(mem_ctx); |