Common errors in ldb use

Andrew Bartlett abartlet at samba.org
Tue Dec 27 09:51:39 GMT 2005 

On Tue, 2005-12-27 at 10:42 +0100, Simo Sorce wrote:
> On Tue, 2005-12-27 at 20:14 +1100, Andrew Bartlett wrote:
> > I've been thinking about common mistakes I have been making with the LDB
> > APIs:
> > 
> > The first issue is transactions:  We need to have a generic way to
> > automatically cancel a transaction from talloc
> >  
> > However, the issue that prompts this mail is that of mismatches between
> > the attributes asked for in a search, and those we enquire of in a
> > result.  
> > 
> > That is, when we do not include (for example) "msDS-KeyVersionNumber" in
> > the search attributes, but then enquire of it's value.  This happens
> > frequently.
> 
> Can you point me at an example, I'm no sure I completely understand the
> problem.
> 
> > I was wondering if we should add a new member to struct ldb_message, to
> > contain the list of attributes requested.  If (in calling
> > ldb_msg_find_element()) we ask for an attribute not in that list (and we
> > didn't ask for all attributes), we should abort().  
> 
> I can't understand the need for such a thing.
> In which case you get back a list of attributes that are not requested ?

This was allegedly part of the win2000 issue in the KDC.  The
sam_get_results_principal() is in auth/auth_sam.c, and uses the
attribute lists at the top of this file, but they are queried in
hdb-ldb.c  

The issue that prompted this mail is in rpc_server/samr/samr_password.c

The list of user_attrs[] in samdb_set_password() does not include
"msDS-KeyVersionNumber", but the code:

	kvno =               samdb_result_uint(res[0],
"msDS-KeyVersionNumber", 0);

expects it to be there in the result. 

> If that's just for sanity, then you should probably build a function
> that check your expectations by passing in a list of attributes and an
> ldb_message structure.

Frankly, I don't care were the function is (samdb, gendb, ldb), but I
would suggest that we made the mistake too often to just trust the
current functions.

> I do not see any good reason to make this inside general usage
> functions.

It is the lack of this safety that causes bugs in Samba4 today. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051227/a2550a47/attachment.bin

More information about the samba-technical mailing list