dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaData

author Andrew Bartlett <abartlet@samba.org>

Sat, 21 Sep 2013 21:33:21 +0000 (14:33 -0700)

committer Karolin Seeger <kseeger@samba.org>

Fri, 27 Sep 2013 07:28:57 +0000 (09:28 +0200)
author Andrew Bartlett <abartlet@samba.org>
Sat, 21 Sep 2013 21:33:21 +0000 (14:33 -0700)
committer Karolin Seeger <kseeger@samba.org>
Fri, 27 Sep 2013 07:28:57 +0000 (09:28 +0200)
diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c

index e018aa4e779165ade86830ede91bacc916d09a4c..d1d69fa8f8cae017b38ce9c618621990c7ff4364 100644 (file)
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -427,6 +427,15 @@ WERROR dsdb_convert_object_ex(struct ldb_context *ldb,
                         continue;
                 }
  
+               if (GUID_all_zero(&d->originating_invocation_id)) {
+                       status = WERR_DS_SRC_GUID_MISMATCH;
+                       DEBUG(0, ("Refusing replication of object containing invalid zero invocationID on attribute %d of %s: %s\n",
+                                 a->attid,
+                                 ldb_dn_get_linearized(msg->dn),
+                                 win_errstr(status)));
+                       return status;
+               }
+
                 if (a->attid == DRSUAPI_ATTID_instanceType) {
                         if (instanceType_e != NULL) {
                                 return WERR_FOOBAR;
author	Andrew Bartlett <abartlet@samba.org>
	Sat, 21 Sep 2013 21:33:21 +0000 (14:33 -0700)
committer	Karolin Seeger <kseeger@samba.org>
	Fri, 27 Sep 2013 07:28:57 +0000 (09:28 +0200)