[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-904-gee956c9
Matthias Dieter Wallnöfer
mdw at samba.org
Fri Oct 2 05:15:14 MDT 2009
The branch, master has been updated
via ee956c9172c25f40de8cc1b0f8598a4f6075dd44 (commit)
via 0d05a2412a2f6186ab644900cbbdea2554e57706 (commit)
via ff9fc4e4e0dd4e6a7563449de07934a0056f088b (commit)
via 984ea88156767776dc2ab0b7da84c9701c34f345 (commit)
via 1c71c096459da85b1e5276d8c315b05e7bc870fa (commit)
via 46c2af361252ae5543691854e8e3896d1e4b8e92 (commit)
via 737f21bd9d2032b80d46b6e4a7d896dc9e1cdb32 (commit)
via 4c235ca78728a472215bd761fe041efdb1831a07 (commit)
via c7358d989034c9d936c04f2a7e4f89db252b798e (commit)
via e7846f69cacdd0551fcd777a71bf833a2fc9ca2b (commit)
via 14c9070322d089dd96b389e8087c4f4bf1a6c7cc (commit)
via bcbf0ae1e707c2355824800dc213d364070f070a (commit)
via a610843e9f21ee77fd29356313d2ef05fe25a1ed (commit)
via f0c2c9854c7659221fe9480110a7d9b2b48afbf9 (commit)
via 38f87f40bfd7892043d49009067ae28431279580 (commit)
via 8bf517d340b4abbbcbda39c35e449d3c896a3728 (commit)
via 977a0aa273cf355408c51639bc1b30cab41f5642 (commit)
via 8d7a987766b99e34b965b56bd2b1792ca7e95b5f (commit)
via a73a0372f9fec93c9e6620859c9410ae4e702f88 (commit)
via ba0eba9e09805b7b0cbaffd66797419e381b1022 (commit)
via 642dd95d817521f75f193a1e594b4dacf04d7b26 (commit)
from 61598258450589db4b42e3ef38453c37080c5265 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ee956c9172c25f40de8cc1b0f8598a4f6075dd44
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Fri Oct 2 12:23:25 2009 +0200
s4:ldb.h - cosmetic - add whitespace
commit 0d05a2412a2f6186ab644900cbbdea2554e57706
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Fri Oct 2 12:18:03 2009 +0200
s4:provision - Cosmetic - right indentations
commit ff9fc4e4e0dd4e6a7563449de07934a0056f088b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Sep 25 17:37:21 2009 -0700
s4:dsdb Fix crash from LDAP login of DOM\\
The issue here is that when we resolve DOM\\ into an NT4 name, we
would not initilise the nt4_account output.
Andrew Bartlett
commit 984ea88156767776dc2ab0b7da84c9701c34f345
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Sep 24 15:06:11 2009 -0700
s4:dsdb rework instanceType module - put instanceType in provision
The instanceType needs to be specified in future because that's how
the partitions are actually created.
commit 1c71c096459da85b1e5276d8c315b05e7bc870fa
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Sep 25 08:34:33 2009 -0700
s4:dsdb Don't allow creating of new objects with an isDefunct schema class
commit 46c2af361252ae5543691854e8e3896d1e4b8e92
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Sep 25 08:08:18 2009 -0700
s4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OID
This allows this control to be specified as critical. We support the
control because we choose to always be durable in our transactions.
We really, really need a 'duplicate request' API, as at the
moment we can't do this without a large, error-prone set of code that
cannot cope with new request fields or types.
Andrew Bartlett
commit 737f21bd9d2032b80d46b6e4a7d896dc9e1cdb32
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Sep 25 08:06:37 2009 -0700
s4:ldap_server Ensure we don't segfault when sent a NULL new RDN
The Microsoft testsuite tried to rename
cn=administrator,cn=users,... into "",cn=users... which didn't go so well.
Andrew Bartlett
commit 4c235ca78728a472215bd761fe041efdb1831a07
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Sep 24 17:21:47 2009 -0700
s4:provision Ensure we add the schema with the 'relax' control
(allows addition of systemOnly classes)
commit c7358d989034c9d936c04f2a7e4f89db252b798e
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Sep 22 22:15:11 2009 -0700
s4-ldb: fixed a memory leak
commit e7846f69cacdd0551fcd777a71bf833a2fc9ca2b
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Sep 22 22:14:30 2009 -0700
s4-ldb: overallocate idxptr to reduce memory fragmentation
commit 14c9070322d089dd96b389e8087c4f4bf1a6c7cc
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 22 21:11:41 2009 -0700
s4-ldb: merged with master
commit bcbf0ae1e707c2355824800dc213d364070f070a
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 1 19:55:30 2009 +1000
s4:ldb Remove LTDB_PACKING_FORMAT_NODN
The restructured code makes this hader to support, and we have not had
this kind of LDB for a very long time now.
Andrew Bartlett
commit a610843e9f21ee77fd29356313d2ef05fe25a1ed
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 1 12:07:49 2009 +1000
s4:ldb always talloc_free() the ldb_ldif_write context, even on success
commit f0c2c9854c7659221fe9480110a7d9b2b48afbf9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 1 12:01:03 2009 +1000
s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA
(The format of index records in the internal manipulation changed)
Andrew Bartlett
commit 38f87f40bfd7892043d49009067ae28431279580
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 1 11:59:50 2009 +1000
s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks.
We would use the mem_ctx for internal work, but previously we did not
clean it up on exit.
Andrew Bartlett
commit 8bf517d340b4abbbcbda39c35e449d3c896a3728
Author: Matthieu Patou <mat at matws.net>
Date: Wed Sep 23 01:49:22 2009 +0400
s4: Improve provisioning: use relax control
Give the possibility to specify controls when loading ldif files.
Relax control is specified by default for all ldb_add_diff (request Andrew B).
Set domainguid if specified at the creation of object instead of modifying afterward
Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade.
commit 977a0aa273cf355408c51639bc1b30cab41f5642
Author: Matthieu Patou <mat at matws.net>
Date: Wed Sep 23 00:51:25 2009 +0400
pythonbindings: allow add() to have an array of controls as second parameter
commit 8d7a987766b99e34b965b56bd2b1792ca7e95b5f
Author: Matthieu Patou <mat at matws.net>
Date: Wed Sep 23 13:36:40 2009 +0400
s4-ldb: Use relax control to check in replace metadata module if we accept request that specify objectGUID attribute.
commit a73a0372f9fec93c9e6620859c9410ae4e702f88
Author: Matthieu Patou <mat at matws.net>
Date: Wed Sep 23 13:34:58 2009 +0400
s4-ldb: Add new relax controls that allow relaxed x500 constraints checks
commit ba0eba9e09805b7b0cbaffd66797419e381b1022
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 22 14:14:19 2009 -0700
s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()
This segfault occoured in cases where we rejected (or never attempted)
the tree connect, so had an invalid private pointer for the logoff
codepath.
Andrew Bartlett
commit 642dd95d817521f75f193a1e594b4dacf04d7b26
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Sep 21 17:24:43 2009 -0700
s4:Ensure the selected RDN is the right one per the schema
The relative DN must be the one that the most specific structural
objectclass specifies.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/cracknames.c | 8 +-
source4/dsdb/samdb/ldb_modules/config.mk | 12 +
source4/dsdb/samdb/ldb_modules/instancetype.c | 38 +-
source4/dsdb/samdb/ldb_modules/lazy_commit.c | 132 ++++
source4/dsdb/samdb/ldb_modules/objectclass.c | 16 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 43 +-
source4/ldap_server/ldap_backend.c | 11 +-
source4/lib/ldb-samba/ldif_handlers.c | 59 ++-
source4/lib/ldb/common/ldb_controls.c | 27 +
source4/lib/ldb/common/ldb_ldif.c | 1 +
source4/lib/ldb/include/ldb.h | 17 +
source4/lib/ldb/ldb_tdb/ldb_cache.c | 84 ++-
source4/lib/ldb/ldb_tdb/ldb_index.c | 801 ++++++++++-----------
source4/lib/ldb/ldb_tdb/ldb_pack.c | 7 -
source4/lib/ldb/ldb_tdb/ldb_search.c | 52 +-
source4/lib/ldb/ldb_tdb/ldb_tdb.c | 187 +++--
source4/lib/ldb/ldb_tdb/ldb_tdb.h | 54 ++-
source4/lib/ldb/pyldb.c | 1 +
source4/ntvfs/unixuid/vfs_unixuid.c | 5 +-
source4/scripting/python/samba/__init__.py | 4 +-
source4/scripting/python/samba/provision.py | 55 +-
source4/setup/provision_basedn.ldif | 3 +-
source4/setup/provision_basedn_modify.ldif | 1 -
source4/setup/provision_configuration_basedn.ldif | 1 +
source4/setup/provision_schema_basedn.ldif | 1 +
source4/setup/provision_self_join.ldif | 1 +
26 files changed, 986 insertions(+), 635 deletions(-)
create mode 100644 source4/dsdb/samdb/ldb_modules/lazy_commit.c
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 723f513..8f7f481 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -1288,11 +1288,9 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
}
p[0] = '\0';
- if (p[1]) {
- *nt4_account = talloc_strdup(mem_ctx, &p[1]);
- if (*nt4_account == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ *nt4_account = talloc_strdup(mem_ctx, &p[1]);
+ if (*nt4_account == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk
index a49b238..456ff57 100644
--- a/source4/dsdb/samdb/ldb_modules/config.mk
+++ b/source4/dsdb/samdb/ldb_modules/config.mk
@@ -369,3 +369,15 @@ INIT_FUNCTION = LDB_MODULE(acl)
################################################
ldb_acl_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/acl.o
+
+################################################
+# Start MODULE ldb_lazy_commit
+[MODULE::ldb_lazy_commit]
+PRIVATE_DEPENDENCIES = SAMDB
+SUBSYSTEM = LIBLDB
+INIT_FUNCTION = LDB_MODULE(lazy_commit)
+
+# End MODULE ldb_lazy_commit
+################################################
+
+ldb_lazy_commit_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/lazy_commit.o
diff --git a/source4/dsdb/samdb/ldb_modules/instancetype.c b/source4/dsdb/samdb/ldb_modules/instancetype.c
index de46c0a..201ed04 100644
--- a/source4/dsdb/samdb/ldb_modules/instancetype.c
+++ b/source4/dsdb/samdb/ldb_modules/instancetype.c
@@ -77,8 +77,6 @@ static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
struct it_context *ac;
uint32_t instance_type;
int ret;
- const struct ldb_control *partition_ctrl;
- const struct dsdb_control_current_partition *partition;
ldb = ldb_module_get_ctx(module);
@@ -90,31 +88,19 @@ static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
}
if (ldb_msg_find_element(req->op.add.message, "instanceType")) {
+ unsigned int instanceType = ldb_msg_find_attr_as_uint(req->op.add.message, "instanceType", 0);
+
+ if (instanceType & INSTANCE_TYPE_IS_NC_HEAD) {
+ /* Do something in future */
+ }
+
/* TODO: we need to validate and possibly create a new
partition */
return ldb_next_request(module, req);
}
- partition_ctrl = ldb_request_get_control(req, DSDB_CONTROL_CURRENT_PARTITION_OID);
- if (!partition_ctrl) {
- ldb_debug_set(ldb, LDB_DEBUG_FATAL,
- "instancetype_add: no current partition control found");
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
-
- partition = talloc_get_type(partition_ctrl->data,
- struct dsdb_control_current_partition);
- SMB_ASSERT(partition && partition->version == DSDB_CONTROL_CURRENT_PARTITION_VERSION);
-
- ac = talloc(req, struct it_context);
- if (ac == NULL) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
- ac->module = module;
- ac->req = req;
-
/* we have to copy the message as the caller might have it as a const */
- msg = ldb_msg_copy_shallow(ac, req->op.add.message);
+ msg = ldb_msg_copy_shallow(req, req->op.add.message);
if (msg == NULL) {
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
@@ -124,12 +110,6 @@ static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
* TODO: calculate correct instance type
*/
instance_type = INSTANCE_TYPE_WRITE;
- if (ldb_dn_compare(partition->dn, msg->dn) == 0) {
- instance_type |= INSTANCE_TYPE_IS_NC_HEAD;
- if (ldb_dn_compare(msg->dn, samdb_base_dn(ldb)) != 0) {
- instance_type |= INSTANCE_TYPE_NC_ABOVE;
- }
- }
ret = ldb_msg_add_fmt(msg, "instanceType", "%u", instance_type);
if (ret != LDB_SUCCESS) {
@@ -137,10 +117,10 @@ static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
return LDB_ERR_OPERATIONS_ERROR;
}
- ret = ldb_build_add_req(&down_req, ldb, ac,
+ ret = ldb_build_add_req(&down_req, ldb, req,
msg,
req->controls,
- ac, it_callback,
+ req->context, req->callback,
req);
if (ret != LDB_SUCCESS) {
return ret;
diff --git a/source4/dsdb/samdb/ldb_modules/lazy_commit.c b/source4/dsdb/samdb/ldb_modules/lazy_commit.c
new file mode 100644
index 0000000..69ac99e
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/lazy_commit.c
@@ -0,0 +1,132 @@
+/*
+ ldb database library
+
+ Copyright (C) Andrew Bartlett <abartlet at samba.org> 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * Name: ldb
+ *
+ * Component: ldb lazy_commit module
+ *
+ * Description: module to pretend to support the 'lazy commit' control
+ *
+ * Author: Andrew Bartlett
+ */
+
+#include "ldb_module.h"
+
+static int unlazy_op(struct ldb_module *module, struct ldb_request *req)
+{
+ int ret;
+ struct ldb_request *new_req;
+ struct ldb_control **saved_controls;
+ struct ldb_control *control = ldb_request_get_control(req, LDB_CONTROL_SERVER_LAZY_COMMIT);
+ if (!control) {
+ return ldb_next_request(module, req);
+ }
+
+ switch (req->operation) {
+ case LDB_SEARCH:
+ ret = ldb_build_search_req_ex(&new_req, ldb_module_get_ctx(module),
+ req,
+ req->op.search.base,
+ req->op.search.scope,
+ req->op.search.tree,
+ req->op.search.attrs,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ case LDB_ADD:
+ ret = ldb_build_add_req(&new_req, ldb_module_get_ctx(module), req,
+ req->op.add.message,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ case LDB_MODIFY:
+ ret = ldb_build_mod_req(&new_req, ldb_module_get_ctx(module), req,
+ req->op.mod.message,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ case LDB_DELETE:
+ ret = ldb_build_del_req(&new_req, ldb_module_get_ctx(module), req,
+ req->op.del.dn,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ case LDB_RENAME:
+ ret = ldb_build_rename_req(&new_req, ldb_module_get_ctx(module), req,
+ req->op.rename.olddn,
+ req->op.rename.newdn,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ case LDB_EXTENDED:
+ ret = ldb_build_extended_req(&new_req, ldb_module_get_ctx(module),
+ req,
+ req->op.extended.oid,
+ req->op.extended.data,
+ req->controls,
+ req->context, req->callback,
+ req);
+ break;
+ default:
+ ldb_set_errstring(ldb_module_get_ctx(module),
+ "Unsupported request type!");
+ ret = LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ save_controls(control, req, &saved_controls);
+ return ldb_next_request(module, new_req);
+}
+
+static int unlazy_init(struct ldb_module *module)
+{
+ int ret;
+ struct ldb_context *ldb;
+ ldb = ldb_module_get_ctx(module);
+
+ ret = ldb_mod_register_control(module, LDB_CONTROL_SHOW_DELETED_OID);
+ if (ret != LDB_SUCCESS) {
+ ldb_debug(ldb, LDB_DEBUG_ERROR,
+ "lazy_commit: Unable to register control with rootdse!\n");
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ return ldb_next_init(module);
+}
+
+const struct ldb_module_ops ldb_lazy_commit_module_ops = {
+ .name = "lazy_commit",
+ .search = unlazy_op,
+ .add = unlazy_op,
+ .modify = unlazy_op,
+ .del = unlazy_op,
+ .rename = unlazy_op,
+ .request = unlazy_op,
+ .extended = unlazy_op,
+ .init_context = unlazy_init,
+};
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 3cf252c..cc88d6b 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -138,7 +138,13 @@ static int objectclass_sort(struct ldb_module *module,
if (!current->objectclass) {
ldb_asprintf_errstring(ldb, "objectclass %.*s is not a valid objectClass in schema",
(int)objectclass_element->values[i].length, (const char *)objectclass_element->values[i].data);
- return LDB_ERR_OBJECT_CLASS_VIOLATION;
+ /* This looks weird, but windows apparently returns this for invalid objectClass values */
+ return LDB_ERR_NO_SUCH_ATTRIBUTE;
+ } else if (current->objectclass->isDefunct) {
+ ldb_asprintf_errstring(ldb, "objectclass %.*s marked as isDefunct objectClass in schema - not valid for new objects",
+ (int)objectclass_element->values[i].length, (const char *)objectclass_element->values[i].data);
+ /* This looks weird, but windows apparently returns this for invalid objectClass values */
+ return LDB_ERR_NO_SUCH_ATTRIBUTE;
}
/* this is the root of the tree. We will start
@@ -547,7 +553,13 @@ static int objectclass_do_add(struct oc_context *ac)
if (!current->next) {
struct ldb_message_element *el;
int32_t systemFlags = 0;
- DATA_BLOB *sd;
+ const char *rdn_name = ldb_dn_get_rdn_name(msg->dn);
+ if (ldb_attr_cmp(rdn_name, current->objectclass->rDNAttID) != 0) {
+ ldb_asprintf_errstring(ldb, "RDN %s is not correct for most specific structural objectclass %s, should be %s",
+ rdn_name, current->objectclass->lDAPDisplayName, current->objectclass->rDNAttID);
+ return LDB_ERR_NAMING_VIOLATION;
+ }
+
if (!ldb_msg_find_element(msg, "objectCategory")) {
value = talloc_strdup(msg, current->objectclass->defaultObjectCategory);
if (value == NULL) {
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 253596d..73c070a 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -457,11 +457,14 @@ static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares)
static int replmd_add(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb;
+ struct ldb_control *control;
+ struct ldb_control **saved_controls;
struct replmd_replicated_request *ac;
const struct dsdb_schema *schema;
enum ndr_err_code ndr_err;
struct ldb_request *down_req;
struct ldb_message *msg;
+ const DATA_BLOB *guid_blob;
struct GUID guid;
struct ldb_val guid_value;
struct replPropertyMetaDataBlob nmd;
@@ -473,6 +476,14 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
char *time_str;
int ret;
uint32_t i, ni=0;
+ int allow_add_guid=0;
+ int remove_current_guid=0;
+
+ /* check if there's a show deleted control */
+ control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID);
+ if (control) {
+ allow_add_guid = 1;
+ }
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.add.message->dn)) {
@@ -498,10 +509,26 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
ac->schema = schema;
- if (ldb_msg_find_element(req->op.add.message, "objectGUID") != NULL) {
- ldb_debug_set(ldb, LDB_DEBUG_ERROR,
+ guid_blob = ldb_msg_find_ldb_val(req->op.add.message, "objectGUID");
+ if ( guid_blob != NULL ) {
+ if( !allow_add_guid ) {
+ ldb_debug_set(ldb, LDB_DEBUG_ERROR,
"replmd_add: it's not allowed to add an object with objectGUID\n");
- return LDB_ERR_UNWILLING_TO_PERFORM;
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ } else {
+ NTSTATUS status = GUID_from_data_blob(guid_blob,&guid);
+ if ( !NT_STATUS_IS_OK(status)) {
+ ldb_debug_set(ldb, LDB_DEBUG_ERROR,
+ "replmd_add: Unable to parse as a GUID the attribute objectGUID\n");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+ /* we remove this attribute as it can be a string and will not be treated
+ correctly and then we will readd it latter on in the good format*/
+ remove_current_guid = 1;
+ }
+ } else {
+ /* a new GUID */
+ guid = GUID_random();
}
/* Get a sequence number from the backend */
@@ -510,8 +537,6 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
return ret;
}
- /* a new GUID */
- guid = GUID_random();
/* get our invocationId */
our_invocation_id = samdb_ntds_invocation_id(ldb);
@@ -534,6 +559,9 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
if (!time_str) {
return LDB_ERR_OPERATIONS_ERROR;
}
+ if (remove_current_guid) {
+ ldb_msg_remove_attr(msg,"objectGUID");
+ }
/*
* remove autogenerated attributes
@@ -681,6 +709,11 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
return ret;
}
+ /* if a control is there remove if from the modified request */
+ if (control && !save_controls(control, down_req, &saved_controls)) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
/* go on with the call chain */
return ldb_next_request(module, down_req);
}
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index 27b9c87..7bbc679 100644
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -750,6 +750,12 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
DEBUG(10, ("ModifyDNRequest: olddn: [%s]\n", req->dn));
DEBUG(10, ("ModifyDNRequest: newrdn: [%s]\n", req->newrdn));
+ if (ldb_dn_get_comp_num(req->newrdn) != 1) {
+ result = LDAP_INVALID_DN_SYNTAX;
+ map_ldb_error(local_ctx, LDB_ERR_INVALID_DN_SYNTAX, &errstr);
+ goto reply;
+ }
+
/* we can't handle the rename if we should not remove the old dn */
if (!req->deleteolddn) {
result = LDAP_UNWILLING_TO_PERFORM;
@@ -779,10 +785,7 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(parentdn);
}
- if ( ! ldb_dn_add_child_fmt(parentdn,
- "%s=%s",
- ldb_dn_get_rdn_name(newrdn),
- (char *)ldb_dn_get_rdn_val(newrdn)->data)) {
+ if ( ! ldb_dn_add_child(parentdn, newrdn)) {
result = LDAP_OTHER;
goto reply;
}
diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index 43a1045..839a8f2 100644
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -181,28 +181,38 @@ static int extended_dn_read_SID(struct ldb_context *ldb, void *mem_ctx,
{
struct dom_sid sid;
enum ndr_err_code ndr_err;
+ TALLOC_CTX *tmp_ctx;
if (ldif_comparision_objectSid_isString(in)) {
if (ldif_read_objectSid(ldb, mem_ctx, in, out) == 0) {
return 0;
}
}
+ tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ return -1;
+ }
+
/* Perhaps not a string after all */
- *out = data_blob_talloc(mem_ctx, NULL, in->length/2+1);
+ *out = data_blob_talloc(tmp_ctx, NULL, in->length/2+1);
if (!out->data) {
+ talloc_free(tmp_ctx);
return -1;
}
- (*out).length = strhex_to_str((char *)out->data, out->length,
- (const char *)in->data, in->length);
+ out->length = strhex_to_str((char *)out->data, out->length,
+ (const char *)in->data, in->length);
/* Check it looks like a SID */
- ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, NULL, &sid,
+ ndr_err = ndr_pull_struct_blob_all(out, tmp_ctx, NULL, &sid,
(ndr_pull_flags_fn_t)ndr_pull_dom_sid);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(tmp_ctx);
return -1;
}
+ talloc_steal(mem_ctx, out->data);
+ talloc_free(tmp_ctx);
return 0;
}
@@ -215,17 +225,24 @@ static int ldif_read_objectGUID(struct ldb_context *ldb, void *mem_ctx,
struct GUID guid;
NTSTATUS status;
enum ndr_err_code ndr_err;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ return -1;
+ }
status = GUID_from_data_blob(in, &guid);
if (!NT_STATUS_IS_OK(status)) {
return -1;
}
- ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, &guid,
+ ndr_err = ndr_push_struct_blob(out, tmp_ctx, NULL, &guid,
(ndr_push_flags_fn_t)ndr_push_GUID);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(tmp_ctx);
return -1;
}
+ talloc_steal(mem_ctx, out->data);
+ talloc_free(tmp_ctx);
return 0;
}
@@ -237,12 +254,18 @@ static int ldif_write_objectGUID(struct ldb_context *ldb, void *mem_ctx,
{
struct GUID guid;
enum ndr_err_code ndr_err;
- ndr_err = ndr_pull_struct_blob_all(in, mem_ctx, NULL, &guid,
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ return -1;
+ }
+ ndr_err = ndr_pull_struct_blob_all(in, tmp_ctx, NULL, &guid,
(ndr_pull_flags_fn_t)ndr_pull_GUID);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(tmp_ctx);
return -1;
--
Samba Shared Repository
More information about the samba-cvs
mailing list