From fbdbd67c7640757f80a2ffd70a17c6ab50491844 Mon Sep 17 00:00:00 2001
From: Fernando J V da Silva <fernandojvsilva@yahoo.com.br>
Date: Thu, 15 Apr 2010 17:38:47 -0300
Subject: s4-drs: dsdb_validate_client_flags() function

This function is intended to check if some client is not lying about
his flags. At this moment, it only checks for RODC flags.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 source4/dsdb/common/util.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'source4/dsdb')

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 842f56b3ed..9e2e358b3b 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2413,6 +2413,34 @@ int dsdb_find_sid_by_dn(struct ldb_context *ldb,
 }
 
 
+int dsdb_validate_client_flags(struct ldb_context *ldb,
+			       const struct repsFromTo1 *client_rf)
+{
+	int ret;
+	TALLOC_CTX *tmp_ctx = talloc_new(ldb);
+
+	if (client_rf->replica_flags & DRSUAPI_DRS_WRIT_REP) {
+		bool is_rodc;
+		ret = samdb_is_rodc(ldb, &client_rf->source_dsa_invocation_id, &is_rodc);
+		if (ret != LDB_SUCCESS) {
+			talloc_free(tmp_ctx);
+			return ret;
+		}
+		if (is_rodc) {
+			DEBUG(0,("Client %s claimed to be WRIT_REP, but is RODC\n",
+				 GUID_string(tmp_ctx, &client_rf->source_dsa_invocation_id)));
+			talloc_free(tmp_ctx);
+			return LDB_ERR_UNWILLING_TO_PERFORM;
+		}
+	}
+
+	/* TODO: we may need to validate more client flags here, if they
+	   are security sensitive */
+
+	talloc_free(tmp_ctx);
+	return LDB_SUCCESS;
+}
+
 
 /*
   load a repsFromTo blob list for a given partition GUID
-- 
cgit