[SCM] Samba Shared Repository - branch master updated
Matthias Dieter Wallnöfer
mdw at samba.org
Fri Mar 4 01:40:02 MST 2011
The branch, master has been updated
via b0c6899 ldb:ldb tools - remove a superflous "return" (usage internally calls "exit")
via b50ebc3 ldb:ldb tools - return LDB_ERR_INVALID_DN_SYNTAX on wrong DN parameters
via 1b93173 ldb:ldb tools - ldbtest - convert other result values to LDB codes as well
via 1343c07 s4:LDAP server - remove validation checks of input DNs
via 5896b72 s4:objectclass LDB module - if we cannot find DN's parent then the DN itself is invalid
from 3560db3 debug: fixed a valgrind error
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b0c6899973d3e0e5d4dbd2590157f7200c20f8ff
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Wed Mar 2 22:46:03 2011 +0100
ldb:ldb tools - remove a superflous "return" (usage internally calls "exit")
Reviewed by: Tridge
Autobuild-User: Matthias Dieter Wallnöfer <mdw at samba.org>
Autobuild-Date: Fri Mar 4 09:39:22 CET 2011 on sn-devel-104
commit b50ebc3228c9b4eacbccaf1ec4572c3ee7b07e1c
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Wed Mar 2 22:40:13 2011 +0100
ldb:ldb tools - return LDB_ERR_INVALID_DN_SYNTAX on wrong DN parameters
Not all LDB databases have further DN checks.
Reviewed by: Tridge
commit 1b9317381344c48be2d90353ba61490161615485
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Wed Mar 2 22:28:27 2011 +0100
ldb:ldb tools - ldbtest - convert other result values to LDB codes as well
I've forgotten this in my first patchset.
Reviewed by: Tridge
commit 1343c0723f129606a3bc6fedd8d5f92f1080392b
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Wed Mar 2 19:14:01 2011 +0100
s4:LDAP server - remove validation checks of input DNs
We should rather try to let the LDB modules perform these checks
otherwise different backends behaviour differently.
Reviewed by: Tridge
commit 5896b7299331aedd065397d2078c62d85bcf68f6
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Wed Mar 2 18:50:11 2011 +0100
s4:objectclass LDB module - if we cannot find DN's parent then the DN itself is invalid
ERR_INVALID_DN_SYNTAX fits better than ERR_OPERATION_ERROR in this case. This
one gets triggered if we perform "add" requests without the LDAP server.
Reviewed by: Tridge
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/objectclass.c | 4 ++-
source4/ldap_server/ldap_backend.c | 31 ++++++------------------
source4/lib/ldb/tools/ldbdel.c | 3 +-
source4/lib/ldb/tools/ldbedit.c | 2 +-
source4/lib/ldb/tools/ldbrename.c | 4 +++
source4/lib/ldb/tools/ldbsearch.c | 2 +-
source4/lib/ldb/tools/ldbtest.c | 32 +++++++++++++-------------
7 files changed, 34 insertions(+), 44 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index f48917c..817f50a 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -421,7 +421,9 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req)
/* get copy of parent DN */
parent_dn = ldb_dn_get_parent(ac, ac->req->op.add.message->dn);
if (parent_dn == NULL) {
- return ldb_operr(ldb);
+ /* the DN itself might be wrong - therefore
+ * "ERR_INVALID_DN_SYNTAX" fits better here. */
+ return LDB_ERR_INVALID_DN_SYNTAX;
}
ret = ldb_build_search_req(&search_req, ldb,
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index e96caa6..b180e0e 100644
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -30,17 +30,6 @@
#include <ldb_module.h>
#include "ldb_wrap.h"
-#define VALID_DN_SYNTAX(dn) do {\
- if (!(dn)) {\
- return NT_STATUS_NO_MEMORY;\
- } else if ( ! ldb_dn_validate(dn)) {\
- result = LDAP_INVALID_DN_SYNTAX;\
- map_ldb_error(local_ctx, LDB_ERR_INVALID_DN_SYNTAX, NULL,\
- &errstr);\
- goto reply;\
- }\
-} while(0)
-
static int map_ldb_error(TALLOC_CTX *mem_ctx, int ldb_err,
const char *add_err_string, const char **errstring)
{
@@ -521,7 +510,7 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
basedn = ldb_dn_new(local_ctx, samdb, req->basedn);
- VALID_DN_SYNTAX(basedn);
+ NT_STATUS_HAVE_NO_MEMORY(basedn);
DEBUG(10, ("SearchRequest: basedn: [%s]\n", req->basedn));
DEBUG(10, ("SearchRequest: filter: [%s]\n", ldb_filter_from_tree(call, req->tree)));
@@ -735,7 +724,7 @@ static NTSTATUS ldapsrv_ModifyRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
@@ -843,7 +832,7 @@ static NTSTATUS ldapsrv_AddRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("AddRequest: dn: [%s]\n", req->dn));
@@ -879,7 +868,6 @@ static NTSTATUS ldapsrv_AddRequest(struct ldapsrv_call *call)
}
}
-reply:
add_reply = ldapsrv_init_reply(call, LDAP_TAG_AddResponse);
NT_STATUS_HAVE_NO_MEMORY(add_reply);
@@ -931,11 +919,10 @@ static NTSTATUS ldapsrv_DelRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("DelRequest: dn: [%s]\n", req->dn));
-reply:
del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
NT_STATUS_HAVE_NO_MEMORY(del_reply);
@@ -989,10 +976,10 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
olddn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(olddn);
+ NT_STATUS_HAVE_NO_MEMORY(olddn);
newrdn = ldb_dn_new(local_ctx, samdb, req->newrdn);
- VALID_DN_SYNTAX(newrdn);
+ NT_STATUS_HAVE_NO_MEMORY(newrdn);
DEBUG(10, ("ModifyDNRequest: olddn: [%s]\n", req->dn));
DEBUG(10, ("ModifyDNRequest: newrdn: [%s]\n", req->newrdn));
@@ -1022,9 +1009,8 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
}
if (req->newsuperior) {
- parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
- VALID_DN_SYNTAX(parentdn);
DEBUG(10, ("ModifyDNRequest: newsuperior: [%s]\n", req->newsuperior));
+ parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
}
if (!parentdn) {
@@ -1097,7 +1083,7 @@ static NTSTATUS ldapsrv_CompareRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("CompareRequest: dn: [%s]\n", req->dn));
filter = talloc_asprintf(local_ctx, "(%s=%*s)", req->attribute,
@@ -1108,7 +1094,6 @@ static NTSTATUS ldapsrv_CompareRequest(struct ldapsrv_call *call)
attrs[0] = NULL;
-reply:
compare_r = ldapsrv_init_reply(call, LDAP_TAG_CompareResponse);
NT_STATUS_HAVE_NO_MEMORY(compare_r);
diff --git a/source4/lib/ldb/tools/ldbdel.c b/source4/lib/ldb/tools/ldbdel.c
index d374fa9..35d0137 100644
--- a/source4/lib/ldb/tools/ldbdel.c
+++ b/source4/lib/ldb/tools/ldbdel.c
@@ -98,7 +98,6 @@ int main(int argc, const char **argv)
if (options->argc < 1) {
usage(ldb);
- return LDB_ERR_OPERATIONS_ERROR;
}
req_ctrls = ldb_parse_control_strings(ldb, ldb, (const char **)options->controls);
@@ -113,7 +112,7 @@ int main(int argc, const char **argv)
dn = ldb_dn_new(ldb, ldb, options->argv[i]);
if ( ! ldb_dn_validate(dn)) {
printf("Invalid DN format\n");
- return LDB_ERR_OPERATIONS_ERROR;
+ return LDB_ERR_INVALID_DN_SYNTAX;
}
if (options->recursive) {
ret = ldb_delete_recursive(ldb, dn,req_ctrls);
diff --git a/source4/lib/ldb/tools/ldbedit.c b/source4/lib/ldb/tools/ldbedit.c
index 6509263..8df3706 100644
--- a/source4/lib/ldb/tools/ldbedit.c
+++ b/source4/lib/ldb/tools/ldbedit.c
@@ -328,7 +328,7 @@ int main(int argc, const char **argv)
basedn = ldb_dn_new(ldb, ldb, options->basedn);
if ( ! ldb_dn_validate(basedn)) {
printf("Invalid Base DN format\n");
- return LDB_ERR_OPERATIONS_ERROR;
+ return LDB_ERR_INVALID_DN_SYNTAX;
}
}
diff --git a/source4/lib/ldb/tools/ldbrename.c b/source4/lib/ldb/tools/ldbrename.c
index 0a539cc..e8f6750 100644
--- a/source4/lib/ldb/tools/ldbrename.c
+++ b/source4/lib/ldb/tools/ldbrename.c
@@ -66,6 +66,10 @@ int main(int argc, const char **argv)
dn1 = ldb_dn_new(ldb, ldb, options->argv[0]);
dn2 = ldb_dn_new(ldb, ldb, options->argv[1]);
+ if ((!ldb_dn_validate(dn1)) || (!ldb_dn_validate(dn2))) {
+ printf("Invalid DN format(s)\n");
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
ret = ldb_rename(ldb, dn1, dn2);
if (ret == LDB_SUCCESS) {
diff --git a/source4/lib/ldb/tools/ldbsearch.c b/source4/lib/ldb/tools/ldbsearch.c
index 398710c..8c10171 100644
--- a/source4/lib/ldb/tools/ldbsearch.c
+++ b/source4/lib/ldb/tools/ldbsearch.c
@@ -299,7 +299,7 @@ int main(int argc, const char **argv)
basedn = ldb_dn_new(ldb, ldb, options->basedn);
if ( ! ldb_dn_validate(basedn)) {
fprintf(stderr, "Invalid Base DN format\n");
- return LDB_ERR_OPERATIONS_ERROR;
+ return LDB_ERR_INVALID_DN_SYNTAX;
}
}
diff --git a/source4/lib/ldb/tools/ldbtest.c b/source4/lib/ldb/tools/ldbtest.c
index 28c0674..a9d8faf 100644
--- a/source4/lib/ldb/tools/ldbtest.c
+++ b/source4/lib/ldb/tools/ldbtest.c
@@ -66,7 +66,7 @@ static void add_records(struct ldb_context *ldb,
#if 0
if (ldb_lock(ldb, "transaction") != 0) {
printf("transaction lock failed\n");
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
#endif
for (i=0;i<count;i++) {
@@ -128,7 +128,7 @@ static void add_records(struct ldb_context *ldb,
if (ldb_add(ldb, &msg) != 0) {
printf("Add of %s failed - %s\n", name, ldb_errstring(ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
printf("adding uid %s\r", name);
@@ -139,7 +139,7 @@ static void add_records(struct ldb_context *ldb,
#if 0
if (ldb_unlock(ldb, "transaction") != 0) {
printf("transaction unlock failed\n");
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
#endif
printf("\n");
@@ -185,7 +185,7 @@ static void modify_records(struct ldb_context *ldb,
if (ldb_modify(ldb, &msg) != 0) {
printf("Modify of %s failed - %s\n", name, ldb_errstring(ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
printf("Modifying uid %s\r", name);
@@ -215,7 +215,7 @@ static void delete_records(struct ldb_context *ldb,
if (ldb_delete(ldb, dn) != 0) {
printf("Delete of %s failed - %s\n", ldb_dn_get_linearized(dn), ldb_errstring(ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
talloc_free(name);
}
@@ -239,12 +239,12 @@ static void search_uid(struct ldb_context *ldb, struct ldb_dn *basedn,
if (ret != LDB_SUCCESS || (uid < nrecords && res->count != 1)) {
printf("Failed to find %s - %s\n", expr, ldb_errstring(ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
if (uid >= nrecords && res->count > 0) {
printf("Found %s !? - %d\n", expr, ret);
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
printf("Testing uid %d/%d - %d \r", i, uid, res->count);
@@ -264,8 +264,8 @@ static void start_test(struct ldb_context *ldb, unsigned int nrecords,
basedn = ldb_dn_new(ldb, ldb, options->basedn);
if ( ! ldb_dn_validate(basedn)) {
- printf("Invalid base DN\n");
- exit(1);
+ printf("Invalid base DN format\n");
+ exit(LDB_ERR_INVALID_DN_SYNTAX);
}
printf("Adding %d records\n", nrecords);
@@ -330,7 +330,7 @@ static void start_test_index(struct ldb_context **ldb)
if (ldb_add(*ldb, msg) != 0) {
printf("Add of %s failed - %s\n", ldb_dn_get_linearized(msg->dn), ldb_errstring(*ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
basedn = ldb_dn_new(*ldb, *ldb, options->basedn);
@@ -345,12 +345,12 @@ static void start_test_index(struct ldb_context **ldb)
if (ldb_add(*ldb, msg) != 0) {
printf("Add of %s failed - %s\n", ldb_dn_get_linearized(msg->dn), ldb_errstring(*ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
if (talloc_free(*ldb) != 0) {
printf("failed to free/close ldb database");
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
(*ldb) = ldb_init(options, NULL);
@@ -358,7 +358,7 @@ static void start_test_index(struct ldb_context **ldb)
ret = ldb_connect(*ldb, options->url, flags, NULL);
if (ret != 0) {
printf("failed to connect to %s\n", options->url);
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
basedn = ldb_dn_new(*ldb, *ldb, options->basedn);
@@ -368,11 +368,11 @@ static void start_test_index(struct ldb_context **ldb)
ret = ldb_search(*ldb, *ldb, &res, basedn, LDB_SCOPE_SUBTREE, NULL, "uid=test");
if (ret != LDB_SUCCESS) {
printf("Search with (uid=test) filter failed!\n");
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
if(res->count != 1) {
printf("Should have found 1 record - found %d\n", res->count);
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
indexlist = ldb_dn_new(*ldb, *ldb, "@INDEXLIST");
@@ -380,7 +380,7 @@ static void start_test_index(struct ldb_context **ldb)
if (ldb_delete(*ldb, msg->dn) != 0 ||
ldb_delete(*ldb, indexlist) != 0) {
printf("cleanup failed - %s\n", ldb_errstring(*ldb));
- exit(1);
+ exit(LDB_ERR_OPERATIONS_ERROR);
}
printf("Finished index test\n");
--
Samba Shared Repository
More information about the samba-cvs
mailing list