[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-616-gb850d7f
Anatoliy Atanasov
anatoliy at samba.org
Mon Sep 21 18:20:30 MDT 2009
The branch, master has been updated
via b850d7fb08b97fff8ce5ec2cbff2256aa390e440 (commit)
via 6033ce24038dfa467e7bf56b04dc6b45f6bff815 (commit)
from bc53052d38092d32f08fb794d7ea90f89367c229 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b850d7fb08b97fff8ce5ec2cbff2256aa390e440
Author: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
Date: Mon Sep 21 17:14:06 2009 -0700
Add support in the ldb_dn.c code for MS-ADTS:3.1.1.5.1.2 Naming Constraints
commit 6033ce24038dfa467e7bf56b04dc6b45f6bff815
Author: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
Date: Mon Sep 21 17:01:20 2009 -0700
Add tests for MS-ADTS:3.1.1.5.1.2 Naming Constraints
-----------------------------------------------------------------------
Summary of changes:
source4/lib/ldb/common/ldb_dn.c | 13 +++++++++++++
source4/torture/ldb/ldb.c | 29 +++++++++++++++++++++++++++++
2 files changed, 42 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c
index d905f47..af00ef9 100644
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -103,6 +103,11 @@ struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx,
dn->ext_linearized = talloc_strndup(dn, data, length);
LDB_DN_NULL_FAILED(dn->ext_linearized);
+ if (strlen(data) != length) {
+ /* The RDN must not contain a character with value 0x0 */
+ return NULL;
+ }
+
if (data[0] == '<') {
const char *p_save, *p = dn->ext_linearized;
do {
@@ -231,6 +236,9 @@ char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value)
/*
explode a DN string into a ldb_dn structure
based on RFC4514 except that we don't support multiple valued RDNs
+
+ TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
+ DN must be compliant with RFC2253
*/
static bool ldb_dn_explode(struct ldb_dn *dn)
{
@@ -264,6 +272,11 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
return false;
}
+ /* The RDN size must be less than 255 characters */
+ if (strlen(parse_dn) > 255) {
+ return false;
+ }
+
/* Empty DNs */
if (parse_dn[0] == '\0') {
return true;
diff --git a/source4/torture/ldb/ldb.c b/source4/torture/ldb/ldb.c
index d9036dd..64ed669 100644
--- a/source4/torture/ldb/ldb.c
+++ b/source4/torture/ldb/ldb.c
@@ -587,6 +587,7 @@ static bool torture_ldb_dn(struct torture_context *torture)
struct ldb_dn *dn;
struct ldb_dn *child_dn;
struct ldb_dn *typo_dn;
+ struct ldb_val val;
torture_assert(torture,
ldb = ldb_init(mem_ctx, torture->ev),
@@ -655,6 +656,34 @@ static bool torture_ldb_dn(struct torture_context *torture)
ldb_dn_compare_base(dn, typo_dn) != 0,
"Base Comparison on dc=samba,dc=org and c=samba,dc=org should != 0");
+ /* Check DN based on MS-ADTS:3.1.1.5.1.2 Naming Constraints*/
+ torture_assert(torture,
+ dn = ldb_dn_new(mem_ctx, ldb, "CN=New\nLine,DC=SAMBA,DC=org"),
+ "Failed to create a DN with 0xA in it");
+
+ torture_assert(torture,
+ ldb_dn_validate(dn) == false,
+ "should have failed to validate a DN with 0xA in it");
+
+ val.data = "CN=Zer\0,DC=SAMBA,DC=org";
+ val.length = 23;
+ torture_assert(torture,
+ NULL == ldb_dn_from_ldb_val(mem_ctx, ldb, &val),
+ "should fail to create a DN with 0x0 in it");
+
+ torture_assert(torture,
+ dn = ldb_dn_new(mem_ctx, ldb, "CN=loooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooongdn,DC=SAMBA,DC=org"),
+ "Failed to create a DN with size more than 255 characters");
+
+ torture_assert(torture,
+ ldb_dn_validate(dn) == false,
+ "should have failed to validate DN with size more than 255 characters");
+
talloc_free(mem_ctx);
return true;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list