[PATCH] Setting nTSecurityDescriptor via LDAP fails
Jelmer Vernooij
jelmer at samba.org
Fri Mar 20 15:16:37 GMT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stefan (metze) Metzmacher wrote:
> Jelmer Vernooij schrieb:
>> Stefan (metze) Metzmacher wrote:>
>>> why does PyObject_AsMessageElement() copy the string for one case but
>>> not for the multiple value case.
>> Good point; since we borrow the reference to the list, we don't need to
>> do a dup there at all.
>>
>>> Also why doesn't it use a->syntax->ldif_read_fn() as
>>> PyObject_FromLdbValue() also uses a->syntax->ldif_write_fn().
>> PyObject_FromLdbValue() probably shouldn't be using
>> a->syntax->ldif_write_fn().
>>
>>> I wonder why we only handle ldif correctly in samba.Ldb and not in
>>> the LDB.Ldb class.
>> LDB.Ldb doesn't load any of the Samba-specific code, including nt
>> security descriptor handling.
>>
>> I'll have a look at Zahari's patches and these issues later today.
>
> But I think LDB.Ldb should detect base64 and only accept valid LDIF.
> And no hand made binary strings. Also a->syntax is a plain ldb feature.
> only the implementations are samba specific.
In that case, LDB itself should be doing that.
There's no reason for LDB/Python to behave differently here, and suffer
a performance hit. Doing automatic conversions leads to all sorts of
strange side-effects. What if you're trying to add a string to LDB that
also happens to be valid base64 string?
Cheers,
Jelmer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iJwEAQECAAYFAknDsy8ACgkQDLQl4QYPZuXHDAP+Kc8l5qkNclCLpyY+9xbsJmVX
WMfTmHNxZa46KAlrUBYcMqQkzjRnCBJac1R5t1RXNWN660nIjzeBdL/sGO84NiuE
kCRN9o5cYr9NlookdVxTfNbs/FRWBU4fyk3w/i4nsqyvv1MLzMVW+acXQk/SeUvr
epmDUZ1Jar8y9diiujI=
=D1MQ
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list