diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-09-14 13:21:34 +1200 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2023-03-30 15:10:10 +0000 |
| commit | 3ecdec683b60cf100b1c031841b709c91191c8f2 (patch) | |
| tree | 71511d1a10e7af2894b4f339e4731bc297bbd901 | |
| parent | b1c7df203d02410d829381f7b7fcfbc7c8d4bfd1 (diff) | |
| download | samba-3ecdec683b60cf100b1c031841b709c91191c8f2.tar.gz | |
CVE-2020-25720 pydsdb: Add AD schema GUID constants
This helps reduce the profusion of magic constant values in Python
tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14810
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15329
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 2563f85237bd4260b7b527f3695f27da4cc61a74)
[abartlet@samba.org Required context for backport of bug 15329 to
Samba 4.17]
| -rw-r--r-- | libds/common/flags.h | 14 | ||||
| -rw-r--r-- | source4/dsdb/pydsdb.c | 13 |
2 files changed, 27 insertions, 0 deletions
diff --git a/libds/common/flags.h b/libds/common/flags.h index bee1016b294..c013d2f0f25 100644 --- a/libds/common/flags.h +++ b/libds/common/flags.h @@ -237,6 +237,20 @@ /* wellknown GUIDs for optional directory features */ #define DS_GUID_FEATURE_RECYCLE_BIN "766ddcd8-acd0-445e-f3b9-a7f9b6744f2a" +/* GUIDs for AD schema attributes and classes */ +#define DS_GUID_SCHEMA_ATTR_DEPARTMENT "bf96794f-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_ATTR_DNS_HOST_NAME "72e39547-7b18-11d1-adef-00c04fd8d5cd" +#define DS_GUID_SCHEMA_ATTR_INSTANCE_TYPE "bf96798c-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_ATTR_MS_SFU_30 "16c5d1d3-35c2-4061-a870-a5cefda804f0" +#define DS_GUID_SCHEMA_ATTR_NT_SECURITY_DESCRIPTOR "bf9679e3-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_ATTR_PRIMARY_GROUP_ID "bf967a00-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_ATTR_SERVICE_PRINCIPAL_NAME "f3a64788-5306-11d1-a9c5-0000f80367c1" +#define DS_GUID_SCHEMA_ATTR_USER_ACCOUNT_CONTROL "bf967a68-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_ATTR_USER_PASSWORD "bf967a6e-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_CLASS_COMPUTER "bf967a86-0de6-11d0-a285-00aa003049e2" +#define DS_GUID_SCHEMA_CLASS_MANAGED_SERVICE_ACCOUNT "ce206244-5827-4a86-ba1c-1c0c386c1b64" +#define DS_GUID_SCHEMA_CLASS_USER "bf967aba-0de6-11d0-a285-00aa003049e2" + /* dsHeuristics character indexes see MS-ADTS 7.1.1.2.4.1.2 */ #define DS_HR_SUPFIRSTLASTANR 0x00000001 diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c index 626d849a561..804007e9e86 100644 --- a/source4/dsdb/pydsdb.c +++ b/source4/dsdb/pydsdb.c @@ -1755,5 +1755,18 @@ MODULE_INIT_FUNC(dsdb) ADD_DSDB_STRING(DS_GUID_SYSTEMS_CONTAINER); ADD_DSDB_STRING(DS_GUID_USERS_CONTAINER); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_DEPARTMENT); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_DNS_HOST_NAME); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_INSTANCE_TYPE); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_MS_SFU_30); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_NT_SECURITY_DESCRIPTOR); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_PRIMARY_GROUP_ID); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_SERVICE_PRINCIPAL_NAME); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_USER_ACCOUNT_CONTROL); + ADD_DSDB_STRING(DS_GUID_SCHEMA_ATTR_USER_PASSWORD); + ADD_DSDB_STRING(DS_GUID_SCHEMA_CLASS_COMPUTER); + ADD_DSDB_STRING(DS_GUID_SCHEMA_CLASS_MANAGED_SERVICE_ACCOUNT); + ADD_DSDB_STRING(DS_GUID_SCHEMA_CLASS_USER); + return m; } |