r8998: More work on the RPC server code to avoid abusing the name attribute
authorAndrew Bartlett <abartlet@samba.org>
Wed, 3 Aug 2005 07:24:42 +0000 (07:24 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:31:05 +0000 (13:31 -0500)
as a netbios name.

Andrew Bartlett
(This used to be commit 242db48b98a04eed46bb35946dcd68b579bffe00)

source4/rpc_server/drsuapi/drsuapi_cracknames.c
source4/rpc_server/netlogon/dcerpc_netlogon.c

index f915c8a1b612a37ae0a8a38677dc0a39dfaa087c..e9b78b184b3ba9c7208ee85be86ddaa1160cbb2c 100644 (file)
@@ -58,18 +58,19 @@ static WERROR DsCrackNameOneName(struct drsuapi_bind_state *b_state, TALLOC_CTX
                case DRSUAPI_DS_NAME_FORMAT_CANONICAL: {
                        char *str;
 
-                       str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
+                       str = talloc_strdup(mem_ctx, name);
                        WERR_TALLOC_CHECK(str);
-
-                       ret = strcasecmp(str, name);
-                       talloc_free(str);
-                       if (ret != 0) {
-                               info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
+                       
+                       if (strlen(str) == 0 || str[strlen(str)-1] != '/') {
+                               info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
                                return WERR_OK;
                        }
+                       
+                       str[strlen(str)-1] = '\0';
 
-                       domain_filter = talloc_asprintf(mem_ctx, "(&(objectClass=domainDNS)(name=%s))",
-                                                               lp_workgroup());
+                       domain_filter = talloc_asprintf(mem_ctx, 
+                                                       "(&(&(&(dnsRoot=%s)(objectclass=crossRef)))(nETBIOSName=*)(ncName=*))", 
+                                                       str);
                        WERR_TALLOC_CHECK(domain_filter);
 
                        break;
index 31db7c81f381653dbb8d3c656374991e2bc5bb07..ace5f9fffec1d041ba606124bbe72afc4cf46eed 100644 (file)
@@ -1233,9 +1233,10 @@ static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call,
 {
        struct netr_DomainTrust *trusts;
        void *sam_ctx;
-       int ret, i;
-       struct ldb_message **res;
-       const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
+       int ret;
+       struct ldb_message **dom_res, **ref_res;
+       const char * const dom_attrs[] = { "dnsDomain", "objectSid", "objectGUID", NULL };
+       const char * const ref_attrs[] = { "nETBIOSName", NULL };
 
        ZERO_STRUCT(r->out);
 
@@ -1244,39 +1245,47 @@ static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call,
                return WERR_GENERAL_FAILURE;
        }
 
-       ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
+       ret = gendb_search(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs, "(&(objectClass=domainDNS)(dnsDomain=%s))", lp_realm());
        if (ret == -1) {
                return WERR_GENERAL_FAILURE;            
        }
 
-       if (ret == 0) {
-               return WERR_OK;
+       if (ret != 1) {
+               return WERR_GENERAL_FAILURE;
+       }
+
+       ret = gendb_search(sam_ctx, mem_ctx, NULL, &ref_res, ref_attrs, "(&(objectClass=crossRef)(ncName=%s))", dom_res[0]->dn);
+       if (ret == -1) {
+               return WERR_GENERAL_FAILURE;
+       }
+
+       if (ret != 1) {
+               return WERR_GENERAL_FAILURE;
        }
 
+
+
        trusts = talloc_array(mem_ctx, struct netr_DomainTrust, ret);
        if (trusts == NULL) {
                return WERR_NOMEM;
        }
        
-       r->out.count = ret;
+       r->out.count = 1;
        r->out.trusts = trusts;
 
        /* TODO: add filtering by trust_flags, and correct trust_type
           and attributes */
-       for (i=0;i<ret;i++) {
-               trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
-               trusts[i].dns_name     = samdb_result_string(res[i], "dnsDomain", NULL);
-               trusts[i].trust_flags = 
-                       NETR_TRUST_FLAG_TREEROOT | 
-                       NETR_TRUST_FLAG_IN_FOREST | 
-                       NETR_TRUST_FLAG_PRIMARY;
-               trusts[i].parent_index = 0;
-               trusts[i].trust_type = 2;
-               trusts[i].trust_attributes = 0;
-               trusts[i].sid  = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
-               trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
-       }
-       
+       trusts[0].netbios_name = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
+       trusts[0].dns_name     = samdb_result_string(dom_res[0], "dnsDomain", NULL);
+       trusts[0].trust_flags = 
+               NETR_TRUST_FLAG_TREEROOT | 
+               NETR_TRUST_FLAG_IN_FOREST | 
+               NETR_TRUST_FLAG_PRIMARY;
+       trusts[0].parent_index = 0;
+       trusts[0].trust_type = 2;
+       trusts[0].trust_attributes = 0;
+       trusts[0].sid  = samdb_result_dom_sid(mem_ctx, dom_res[0], "objectSid");
+       trusts[0].guid = samdb_result_guid(dom_res[0], "objectGUID");
 
        return WERR_OK;
 }