git.samba.org - vlendec/samba-autobuild/.git/commit

author	Tim Beale <timbeale@catalyst.net.nz>
	Wed, 16 Aug 2017 04:20:37 +0000 (16:20 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 29 Aug 2017 05:23:28 +0000 (07:23 +0200)
commit	2d0766a48b3a62de15aa834b1aedd0f6b8c7f6e1
tree	3cbc65f1b5c8ca17bf3bab68178ebdf75afaf81f	tree
parent	6158f1839fe42e9a5c9daacd3182f06527462fdf	commit \| diff

s4-drsuapi: Set getnc_state *after* we've checked request is valid

We were creating the getnc_state (and storing it on the connection)
before we had done some basic checks that the request was valid. If the
request was not valid and we returned early with an error, then the
partially-initialized getnc_state was left hanging on the connection.
The next request that got sent on the connection would try to use this,
rather than creating a new getnc_state from scratch.

The main side-effect of this was if you sent an invalid GetNCChanges
request twice, then it could be rejected the first time and accepted the
second time.

Note that although an invalid request was accepted, it would typically
not return any objects, so it would not actually leak any secure
information.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

selftest/knownfail.d/repl_rodc	[deleted file]	blob \| history
source4/rpc_server/drsuapi/getncchanges.c		diff \| blob \| history