summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-08-03 20:27:33 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:31:08 -0500
commitb37b8f1a2727937b40a51acecfd125993609bd8b (patch)
treede5d634028d93b41e21cf85a52d7f72f6fca5f7b /source4
parente0cc4f0f6d3642874749c4acf0cf8a152072f628 (diff)
downloadsamba-b37b8f1a2727937b40a51acecfd125993609bd8b.tar.gz
samba-b37b8f1a2727937b40a51acecfd125993609bd8b.tar.bz2
samba-b37b8f1a2727937b40a51acecfd125993609bd8b.zip
r9016: More work to avoid abuse of the "name" attribute, this time on
NETLOGON. Andrew Bartlett (This used to be commit e9837d49bc8d784b365c0a7470ebfbd6f396464d)
Diffstat (limited to 'source4')
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c38
1 files changed, 27 insertions, 11 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index ace5f9fffe..aad66ad314 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -870,11 +870,12 @@ static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX
fill in a netr_DomainTrustInfo from a ldb search result
*/
static NTSTATUS fill_domain_primary_info(TALLOC_CTX *mem_ctx, struct ldb_message *res,
- struct netr_DomainTrustInfo *info)
+ struct netr_DomainTrustInfo *info,
+ const char *local_domain)
{
ZERO_STRUCTP(info);
- info->domainname.string = samdb_result_string(res, "name", NULL);
+ info->domainname.string = local_domain;
info->fulldomainname.string = talloc_asprintf(info, "%s.", samdb_result_string(res, "dnsDomain", NULL));
/* TODO: we need proper forest support */
info->forest.string = info->fulldomainname.string;
@@ -888,12 +889,13 @@ static NTSTATUS fill_domain_primary_info(TALLOC_CTX *mem_ctx, struct ldb_message
fill in a netr_DomainTrustInfo from a ldb search result
*/
static NTSTATUS fill_domain_trust_info(TALLOC_CTX *mem_ctx, struct ldb_message *res,
- struct netr_DomainTrustInfo *info, BOOL is_local)
+ struct netr_DomainTrustInfo *info,
+ const char *local_domain, BOOL is_local)
{
ZERO_STRUCTP(info);
if (is_local) {
- info->domainname.string = samdb_result_string(res, "name", NULL);
+ info->domainname.string = local_domain;
info->fulldomainname.string = samdb_result_string(res, "dnsDomain", NULL);
info->forest.string = NULL;
info->guid = samdb_result_guid(res, "objectGUID");
@@ -917,15 +919,18 @@ static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALL
struct netr_LogonGetDomainInfo *r)
{
struct server_pipe_state *pipe_state = dce_call->context->private;
- const char * const attrs[] = { "name", "dnsDomain", "objectSid",
+ const char * const attrs[] = { "dnsDomain", "objectSid",
"objectGUID", "flatName", "securityIdentifier",
NULL };
- void *sam_ctx;
- struct ldb_message **res1, **res2;
+ const char * const ref_attrs[] = { "nETBIOSName", NULL };
+ struct ldb_context *sam_ctx;
+ struct ldb_message **res1, **res2, **ref_res;
struct netr_DomainInfo1 *info1;
- int ret1, ret2, i;
+ int ret, ret1, ret2, i;
NTSTATUS status;
+ const char *local_domain;
+
status = netr_creds_server_step_check(pipe_state,
r->in.credential, r->out.return_authenticator);
if (!NT_STATUS_IS_OK(status)) {
@@ -947,6 +952,17 @@ static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALL
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
+ /* try and find the domain */
+ ret = gendb_search(sam_ctx, mem_ctx, NULL,
+ &ref_res, ref_attrs,
+ "(&(objectClass=crossRef)(ncName=%s))",
+ res1[0]->dn);
+ if (ret != 1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ local_domain = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
+
ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
if (ret2 == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
@@ -966,19 +982,19 @@ static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALL
return NT_STATUS_NO_MEMORY;
}
- status = fill_domain_primary_info(mem_ctx, res1[0], &info1->domaininfo);
+ status = fill_domain_primary_info(mem_ctx, res1[0], &info1->domaininfo, local_domain);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
for (i=0;i<ret2;i++) {
- status = fill_domain_trust_info(mem_ctx, res2[i], &info1->trusts[i], False);
+ status = fill_domain_trust_info(mem_ctx, res2[i], &info1->trusts[i], NULL, False);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
- status = fill_domain_trust_info(mem_ctx, res1[0], &info1->trusts[i], True);
+ status = fill_domain_trust_info(mem_ctx, res1[0], &info1->trusts[i], local_domain, True);
if (!NT_STATUS_IS_OK(status)) {
return status;
}