diff options
author | Andrew Bartlett <abartlet@samba.org> | 2022-12-12 16:15:44 +1300 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-02-03 09:35:08 +0000 |
commit | 85cc464195bf9cf70159d113f33582af02ac6614 (patch) | |
tree | ad603ec3a38fc189b87156d1a6af6320bce522ab | |
parent | 96adf5afc01ee07f2b9ecd2415c6bda5d7e1ff1a (diff) | |
download | samba-85cc464195bf9cf70159d113f33582af02ac6614.tar.gz |
s4-rpc_server/drsuapi: Use dsdb_normalise_dn_and_find_nc_root()
This reuses the search done for dsdb_find_nc_root() to normalise the DN.
This will allow a GUID-input DN to be compared safely with a RID Manager DN
or Naming Context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit e96dfc74b3ece40fe64a33aa8b8d810b576982bd)
-rw-r--r-- | source4/rpc_server/drsuapi/updaterefs.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c index 289dc8117ce..7450ddd3a31 100644 --- a/source4/rpc_server/drsuapi/updaterefs.c +++ b/source4/rpc_server/drsuapi/updaterefs.c @@ -196,6 +196,7 @@ WERROR drsuapi_UpdateRefs(struct imessaging_context *msg_ctx, WERROR werr; int ret; struct ldb_dn *dn; + struct ldb_dn *dn_normalised; struct ldb_dn *nc_root; struct ldb_context *sam_ctx = b_state->sam_ctx_system?b_state->sam_ctx_system:b_state->sam_ctx; struct dcerpc_binding_handle *irpc_handle; @@ -227,13 +228,18 @@ WERROR drsuapi_UpdateRefs(struct imessaging_context *msg_ctx, dn = drs_ObjectIdentifier_to_dn(mem_ctx, sam_ctx, req->naming_context); W_ERROR_HAVE_NO_MEMORY(dn); - ret = dsdb_find_nc_root(sam_ctx, dn, dn, &nc_root); + ret = dsdb_normalise_dn_and_find_nc_root(sam_ctx, dn, + dn, + &dn_normalised, + &nc_root); if (ret != LDB_SUCCESS) { DEBUG(2, ("Didn't find a nc for %s\n", ldb_dn_get_linearized(dn))); return WERR_DS_DRA_BAD_NC; } - if (ldb_dn_compare(dn, nc_root) != 0) { - DEBUG(2, ("dn %s is not equal to %s\n", ldb_dn_get_linearized(dn), ldb_dn_get_linearized(nc_root))); + if (ldb_dn_compare(dn_normalised, nc_root) != 0) { + DBG_NOTICE("dn %s is not equal to %s\n", + ldb_dn_get_linearized(dn_normalised), + ldb_dn_get_linearized(nc_root)); return WERR_DS_DRA_BAD_NC; } |