diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2023-01-25 14:18:11 +1300 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2023-02-03 09:35:08 +0000 |
| commit | dee9067386531241846680e50dc892cc906b0a07 (patch) | |
| tree | f72f057e7fe69b4103825c6493af7501c20071b1 /source4 | |
| parent | be0cb18920243a422fe5bd77bb9ce241e71b4b62 (diff) | |
| download | samba-dee9067386531241846680e50dc892cc906b0a07.tar.gz | |
s4-rpc_server: Pre-check destination_dsa_guid in GetNCChanges for validity
This allows our new tests to pass as these need to be checked first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 115a3a10440f44ba11029be5ae3a05534a7b98c0)
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/rpc_server/drsuapi/getncchanges.c | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index 0e4272a9b62..57bd50b1268 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -2774,9 +2774,45 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ return WERR_DS_DRA_SOURCE_DISABLED; } - /* Perform access checks. */ - /* TODO: we need to support a sync on a specific non-root - * DN. We'll need to find the real partition root here */ + /* + * Help our tests pass by pre-checking the + * destination_dsa_guid before the NC permissions. Info on + * valid DSA GUIDs is not sensitive so this isn't a leak + */ + switch (req10->extended_op) { + case DRSUAPI_EXOP_FSMO_REQ_ROLE: + case DRSUAPI_EXOP_FSMO_RID_ALLOC: + case DRSUAPI_EXOP_FSMO_RID_REQ_ROLE: + case DRSUAPI_EXOP_FSMO_REQ_PDC: + case DRSUAPI_EXOP_FSMO_ABANDON_ROLE: + { + const char *attrs[] = { NULL }; + + ret = samdb_get_ntds_obj_by_guid(mem_ctx, + sam_ctx, + &req10->destination_dsa_guid, + attrs, + NULL); + if (ret == LDB_ERR_NO_SUCH_OBJECT) { + /* + * Error out with an EXOP error but success at + * the top level return value + */ + r->out.ctr->ctr6.extended_ret = DRSUAPI_EXOP_ERR_UNKNOWN_CALLER; + return WERR_OK; + } else if (ret != LDB_SUCCESS) { + return WERR_DS_DRA_INTERNAL_ERROR; + } + + break; + } + case DRSUAPI_EXOP_REPL_SECRET: + case DRSUAPI_EXOP_REPL_OBJ: + case DRSUAPI_EXOP_NONE: + break; + } + + /* Perform access checks. */ ncRoot = req10->naming_context; if (ncRoot == NULL) { DEBUG(0,(__location__ ": Request for DsGetNCChanges with no NC\n")); |