diff options
author | Andrew Bartlett <abartlet@samba.org> | 2015-08-19 13:26:41 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2015-10-26 05:11:21 +0100 |
commit | 4b25650577cd5c20729f3405c64c20ddf71b0ae3 (patch) | |
tree | cd8dfc1d539815b66268bd059be3896a02b828da /source4/libnet | |
parent | 6d301ad1c9ff0f1ccd4f97bd5f234b10707a15bf (diff) | |
download | samba-4b25650577cd5c20729f3405c64c20ddf71b0ae3.tar.gz |
repl: Give an error if we get a secret when not expecting one
We should never get a secret from a server when we specify DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING
This asserts that this is the case.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Diffstat (limited to 'source4/libnet')
-rw-r--r-- | source4/libnet/libnet_vampire.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index 1c3403fdb1c..1d649fc33d0 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -553,6 +553,7 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data, const struct drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector; struct dsdb_extended_replicated_objects *objs; uint32_t req_replica_flags; + uint32_t dsdb_repl_flags = 0; struct repsFromTo1 *s_dsa; char *tmp_dns_name; uint32_t i; @@ -679,6 +680,10 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data, return NT_STATUS_INTERNAL_ERROR; } + if (req_replica_flags & DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING) { + dsdb_repl_flags |= DSDB_REPL_FLAG_EXPECT_NO_SECRETS; + } + status = dsdb_replicated_objects_convert(s->ldb, schema, c->partition->nc.dn, @@ -690,7 +695,7 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data, s_dsa, uptodateness_vector, c->gensec_skey, - 0, + dsdb_repl_flags, s, &objs); if (!W_ERROR_IS_OK(status)) { DEBUG(0,("Failed to convert objects: %s\n", win_errstr(status))); |