The branch, master has been updated
via 0b5719f s4:netlogon RPC server - "LogonGetDomainInfo" - check for
NULL attributes
via fecf925 s4:drsuapi RPC server - check for the "SPN" attribute !=
NULL
from 0e68867 s4:dsdb - always handle the attribute "options" as 32bit
unsigned integer
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0b5719f5fce6c7069c2faac72c83c20bb22db09f
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Tue Mar 1 13:06:19 2011 +0100
s4:netlogon RPC server - "LogonGetDomainInfo" - check for NULL attributes
This is needed to complete the transition from "samdb_msg_add_string" to
"ldb_msg_add_string".
And this patch yields better NTSTATUS error results than before
(INVALID_PARAMETER rather than OUT_OF_MEMORY).
Reviewed-by: Jelmer
Autobuild-User: Matthias Dieter Wallnöfer <[email protected]>
Autobuild-Date: Tue Mar 1 14:42:15 CET 2011 on sn-devel-104
commit fecf925043be5de1ed9d6f3a171ffeab1530d9c9
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Tue Mar 1 13:03:59 2011 +0100
s4:drsuapi RPC server - check for the "SPN" attribute != NULL
The SPN attribute could derive from an untrusted source (client).
Reviewed-by: Jelmer
-----------------------------------------------------------------------
Summary of changes:
source4/rpc_server/drsuapi/writespn.c | 6 +++
source4/rpc_server/netlogon/dcerpc_netlogon.c | 46 +++++++++++++++---------
2 files changed, 35 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/drsuapi/writespn.c
b/source4/rpc_server/drsuapi/writespn.c
index e2e12f1..63fdef2 100644
--- a/source4/rpc_server/drsuapi/writespn.c
+++ b/source4/rpc_server/drsuapi/writespn.c
@@ -59,6 +59,12 @@ static bool writespn_check_spn(struct drsuapi_bind_state
*b_state,
krb5_principal principal;
const char *dns_name, *dnsHostName;
+ /* The service principal name shouldn't be NULL */
+ if (spn == NULL) {
+ talloc_free(tmp_ctx);
+ return false;
+ }
+
/*
get the objectSid of the DN that is being modified, and
check it matches the user_sid in their token
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c
b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 3e0000c..8cd8257 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1378,7 +1378,6 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
struct ldb_dn *workstation_dn;
struct netr_DomainInformation *domain_info;
struct netr_LsaPolicyInformation *lsa_policy_info;
- struct netr_OsVersionInfoEx *os_version;
uint32_t default_supported_enc_types = 0xFFFFFFFF;
bool update_dns_hostname = true;
int ret, ret3, i;
@@ -1478,9 +1477,13 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
new_msg->dn = workstation_dn;
/* Sets the OS name */
- ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
- "operatingSystem",
-
r->in.query->workstation_info->os_name.string);
+
+ if (r->in.query->workstation_info->os_name.string == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ ret = ldb_msg_add_string(new_msg, "operatingSystem",
+
r->in.query->workstation_info->os_name.string);
if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
@@ -1490,22 +1493,31 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
* the values are cleared.
*/
if (r->in.query->workstation_info->os_version.os != NULL) {
+ struct netr_OsVersionInfoEx *os_version;
+ const char *os_version_str;
+
os_version =
&r->in.query->workstation_info->os_version.os->os;
- ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
- "operatingSystemServicePack",
- os_version->CSDVersion);
+ if (os_version->CSDVersion == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ os_version_str = talloc_asprintf(new_msg, "%u.%u (%u)",
+
os_version->MajorVersion,
+
os_version->MinorVersion,
+
os_version->BuildNumber);
+ NT_STATUS_HAVE_NO_MEMORY(os_version_str);
+
+ ret = ldb_msg_add_string(new_msg,
+ "operatingSystemServicePack",
+ os_version->CSDVersion);
if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
- ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
- "operatingSystemVersion",
- talloc_asprintf(mem_ctx,
- "%u.%u (%u)",
- os_version->MajorVersion,
- os_version->MinorVersion,
- os_version->BuildNumber));
+ ret = ldb_msg_add_string(new_msg,
+ "operatingSystemVersion",
+ os_version_str);
if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
@@ -1528,9 +1540,9 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
* are fine to start the update.
*/
if (update_dns_hostname) {
- ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
- "dNSHostname",
-
r->in.query->workstation_info->dns_hostname);
+ ret = ldb_msg_add_string(new_msg,
+ "dNSHostname",
+
r->in.query->workstation_info->dns_hostname);
if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
--
Samba Shared Repository
