ldap_syntaxes.py test fixes

Andrew Bartlett abartlet at samba.org
Tue Dec 21 04:15:19 MST 2010


On Tue, 2010-12-21 at 10:14 +0200, Anatoliy Atanasov wrote:
> Hi Andrew,
> 
> > > On Mon, 2010-12-20 at 23:22 +0200, Anatoliy Atanasov wrote:
> > > Hi Andrew, 
> > > 
> > > I was able to fix the test against sam.ldb but it still fails 
> > against samba4 ldap server.
> > > The fixes are here: 
> > http://git.samba.org/?p=anatoliy/anatoliy.git;a=shortlog;h=refs/heads/l
> > dap-syntaxes
> > 
> > I'm not sure about the change to deny DNs with a SID or GUID but not a
> > string DN.  DNs in AD can be any of these 3 things, so I'm don't
> > understand why you think it's INVALID_DN_SYNTAX. 
> Sorry, about that, i meant to be like this (branch is updated).
> I got consistent behavior from windows about that, so i guess that's the correct error code.
> I am looking through the documentation to find the allowed values for DN.

That might make things clearer.

> +
> +       /*format specific checks*/
> +       switch (dn_format) {
> +       case DSDB_BINARY_DN:
> +       case DSDB_STRING_DN:
> +               /*check if we have GUID or SID only instead of a DN in the binary part*/
> +               if ((strcmp(ldb_dn_get_linearized(dn), "") == 0) &&
> +                   (strcmp(ldb_dn_get_extended_linearized(tmp_ctx, dn, 0), "") != 0)) {
> +                       DEBUG(10, (__location__ ": we have a dn with invalid part %s\n",
> +                                  ldb_dn_get_extended_linearized(tmp_ctx, dn, 0)));
> +                       *ldb_error = LDB_ERR_CONSTRAINT_VIOLATION;
> +                       goto failed;
> +               }
> +       }

It still seems odd that DN+Binary can't be created with only a SID.  All
other DNs can be.  I'm also just not sure it's the right place to deal
with this - perhaps the syntax validation module should be doing it,
rather than the parser?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.



More information about the samba-technical mailing list