svn commit: samba r26193 - in
branches/SAMBA_4_0/source/ldap_server: .
abartlet at samba.org
abartlet at samba.org
Thu Nov 29 08:02:36 GMT 2007
Author: abartlet
Date: 2007-11-29 08:02:36 +0000 (Thu, 29 Nov 2007)
New Revision: 26193
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=26193
Log:
In the LDAP server, use the new 'controls_decoded' element to
determine if this (possibly critical) control has been decoded. This
allows us to return an error, rather than just dropping the socket.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
Changeset:
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_backend.c 2007-11-29 08:00:04 UTC (rev 26192)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_backend.c 2007-11-29 08:02:36 UTC (rev 26193)
@@ -720,6 +720,18 @@
NTSTATUS ldapsrv_do_call(struct ldapsrv_call *call)
{
+ int i;
+ struct ldap_message *msg = call->request;
+ /* Check for undecoded critical extensions */
+ for (i=0; msg->controls && msg->controls[i]; i++) {
+ if (!msg->controls_decoded[i] &&
+ msg->controls[i]->critical) {
+ DEBUG(3, ("ldapsrv_do_call: Critical extension %s is not known to this server\n",
+ msg->controls[i]->oid));
+ return ldapsrv_unwilling(call, LDAP_UNAVAILABLE_CRITICAL_EXTENSION);
+ }
+ }
+
switch(call->request->type) {
case LDAP_TAG_BindRequest:
return ldapsrv_BindRequest(call);
More information about the samba-cvs
mailing list