diff options
author | Matthieu Patou <mat@matws.net> | 2012-09-27 15:02:06 -0700 |
---|---|---|
committer | Matthieu Patou <mat@matws.net> | 2012-10-07 21:51:03 -0700 |
commit | 8be6a106ab3a701e593b43e4d5b589b8a1e9013d (patch) | |
tree | 4edc10da432b7d5b5a2750da520d4db733bbaffb /source4/rpc_server/drsuapi | |
parent | 8bbb4d7b518d7a6f5a1eefdb37e61295dc69ebdd (diff) | |
download | samba-8be6a106ab3a701e593b43e4d5b589b8a1e9013d.tar.gz samba-8be6a106ab3a701e593b43e4d5b589b8a1e9013d.tar.bz2 samba-8be6a106ab3a701e593b43e4d5b589b8a1e9013d.zip |
drsuapi: check more carefully the validity of the NC
Check that both the GUID and DN are the GUID/DN of a NC if not return
WERR_DS_DRA_BAD_NC
Diffstat (limited to 'source4/rpc_server/drsuapi')
-rw-r--r-- | source4/rpc_server/drsuapi/updaterefs.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c index 2d62718f01..e82ae48f3c 100644 --- a/source4/rpc_server/drsuapi/updaterefs.c +++ b/source4/rpc_server/drsuapi/updaterefs.c @@ -127,7 +127,9 @@ WERROR drsuapi_UpdateRefs(struct drsuapi_bind_state *b_state, TALLOC_CTX *mem_ct struct drsuapi_DsReplicaUpdateRefsRequest1 *req) { WERROR werr; + int ret; struct ldb_dn *dn; + struct ldb_dn *nc_root; struct ldb_context *sam_ctx = b_state->sam_ctx_system?b_state->sam_ctx_system:b_state->sam_ctx; DEBUG(4,("DsReplicaUpdateRefs for host '%s' with GUID %s options 0x%08x nc=%s\n", @@ -135,15 +137,20 @@ WERROR drsuapi_UpdateRefs(struct drsuapi_bind_state *b_state, TALLOC_CTX *mem_ct req->options, drs_ObjectIdentifier_to_string(mem_ctx, req->naming_context))); - dn = ldb_dn_new(mem_ctx, sam_ctx, req->naming_context->dn); - if (dn == NULL) { - return WERR_DS_INVALID_DN_SYNTAX; + dn = drs_ObjectIdentifier_to_dn(mem_ctx, sam_ctx, req->naming_context); + W_ERROR_HAVE_NO_MEMORY(dn); + ret = dsdb_find_nc_root(sam_ctx, dn, dn, &nc_root); + if (ret != LDB_SUCCESS) { + return WERR_DS_DRA_BAD_NC; + } + if (ldb_dn_compare(dn, nc_root) != 0) { + return WERR_DS_DRA_BAD_NC; } if (ldb_transaction_start(sam_ctx) != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to start transaction on samdb: %s\n", ldb_errstring(sam_ctx))); - return WERR_DS_DRA_INTERNAL_ERROR; + return WERR_DS_DRA_INTERNAL_ERROR; } if (req->options & DRSUAPI_DRS_DEL_REF) { |