[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Wed Oct 14 23:03:05 MDT 2009
The branch, master has been updated
via 818d98a... s4-ldap: test the rDN size limit
via fdeeafb... s4-dsdb: implement limit on rDN length
via 144686a... s4-ldb: removed incorrect rDN length test
from 4185e37... s4-ldb: removed bugus RDN length check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 818d98acf1c1c80bd6d22868674f750ee704c0fc
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Oct 15 15:54:40 2009 +1100
s4-ldap: test the rDN size limit
commit fdeeafb481778ee9ef7e87f8afa046d5f311a769
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Oct 15 15:54:20 2009 +1100
s4-dsdb: implement limit on rDN length
w2k8 imposes a limit of 64 characters on the rDN
commit 144686a838ca33ce5ccfed0f559e3165563946cc
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Oct 15 15:53:40 2009 +1100
s4-ldb: removed incorrect rDN length test
This is a property of AD, not ldb, so should be in our ldb
modules.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/objectclass.c | 14 +++++++++++---
source4/lib/ldb/tests/python/ldap.py | 25 +++++++++++++++++++++++++
source4/torture/ldb/ldb.c | 13 -------------
3 files changed, 36 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index b5e058d..003d673 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -330,6 +330,8 @@ static int fix_dn(TALLOC_CTX *mem_ctx,
struct ldb_dn **fixed_dn)
{
char *upper_rdn_attr;
+ const struct ldb_val *rdn_val;
+
/* Fix up the DN to be in the standard form, taking particular care to match the parent DN */
*fixed_dn = ldb_dn_copy(mem_ctx, parent_dn);
@@ -339,15 +341,21 @@ static int fix_dn(TALLOC_CTX *mem_ctx,
if (!upper_rdn_attr) {
return LDB_ERR_OPERATIONS_ERROR;
}
-
+
/* Create a new child */
if (ldb_dn_add_child_fmt(*fixed_dn, "X=X") == false) {
return LDB_ERR_OPERATIONS_ERROR;
}
+ /* AD doesn't allow the rDN to be longer than 64 characters */
+ rdn_val = ldb_dn_get_rdn_val(newdn);
+ if (!rdn_val || rdn_val->length > 64) {
+ DEBUG(2,(__location__ ": rDN longer than 64 limit for '%s'\n", ldb_dn_get_linearized(newdn)));
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
/* And replace it with CN=foo (we need the attribute in upper case */
- return ldb_dn_set_component(*fixed_dn, 0, upper_rdn_attr,
- *ldb_dn_get_rdn_val(newdn));
+ return ldb_dn_set_component(*fixed_dn, 0, upper_rdn_attr, *rdn_val);
}
/* Fix all attribute names to be in the correct case, and check they are all valid per the schema */
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 49aea28..3011b7e 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -484,6 +484,30 @@ class BasicTests(unittest.TestCase):
self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+ def test_largeRDN(self):
+ """Testing large rDN (limit 64 characters)"""
+ rdn = "CN=a012345678901234567890123456789012345678901234567890123456789012";
+ self.delete_force(self.ldb, "%s,%s" % (rdn, self.base_dn))
+ ldif = """
+dn: %s,%s""" % (rdn,self.base_dn) + """
+objectClass: container
+"""
+ self.ldb.add_ldif(ldif)
+ self.delete_force(self.ldb, "%s,%s" % (rdn, self.base_dn))
+
+ rdn = "CN=a0123456789012345678901234567890123456789012345678901234567890120";
+ self.delete_force(self.ldb, "%s,%s" % (rdn, self.base_dn))
+ try:
+ ldif = """
+dn: %s,%s""" % (rdn,self.base_dn) + """
+objectClass: container
+"""
+ self.ldb.add_ldif(ldif)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+ self.delete_force(self.ldb, "%s,%s" % (rdn, self.base_dn))
+
def test_rename(self):
"""Tests the rename operation"""
print "Tests the rename operations"""
@@ -1848,6 +1872,7 @@ class SchemaTests(unittest.TestCase):
self.assertFalse("objectClasses" in res[0])
self.assertFalse("attributeTypes" in res[0])
+
def test_schemaUpdateNow(self):
"""Testing schemaUpdateNow"""
class_name = "test-class" + time.strftime("%s", time.gmtime())
diff --git a/source4/torture/ldb/ldb.c b/source4/torture/ldb/ldb.c
index c702194..23c9bb2 100644
--- a/source4/torture/ldb/ldb.c
+++ b/source4/torture/ldb/ldb.c
@@ -671,19 +671,6 @@ static bool torture_ldb_dn(struct torture_context *torture)
NULL == ldb_dn_from_ldb_val(mem_ctx, ldb, &val),
"should fail to create a DN with 0x0 in it");
- torture_assert(torture,
- dn = ldb_dn_new(mem_ctx, ldb, "CN=loooooooooooooooooooooooooooo"
-"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
-"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
-"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
-"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
-"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooongdn,DC=SAMBA,DC=org"),
- "Failed to create a DN with size more than 255 characters");
-
- torture_assert(torture,
- ldb_dn_validate(dn) == false,
- "should have failed to validate DN with size more than 255 characters");
-
talloc_free(mem_ctx);
return true;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list