Common errors in ldb use

[Simo]

On Tue, 2005-12-27 at 21:35 +1100, Andrew Bartlett wrote:
> On Tue, 2005-12-27 at 11:24 +0100, Simo Sorce wrote:
> > On Tue, 2005-12-27 at 20:51 +1100, Andrew Bartlett wrote:
> > > This was allegedly part of the win2000 issue in the KDC.  The
> > > sam_get_results_principal() is in auth/auth_sam.c, and uses the
> > > attribute lists at the top of this file, but they are queried in
> > > hdb-ldb.c  
> > > 
> > > The issue that prompted this mail is in rpc_server/samr/samr_password.c
> > > 
> > > The list of user_attrs[] in samdb_set_password() does not include
> > > "msDS-KeyVersionNumber", but the code:
> > > 
> > > 	kvno =               samdb_result_uint(res[0],
> > > "msDS-KeyVersionNumber", 0);
> > > 
> > > expects it to be there in the result. 
> > 
> > Sorry but you cannot blame ldb, or request changes in it, for mistakes
> > done at the caller level.
> 
> I think that I very well can!  
> 
> > I'd say lack of testing, but anyway, to solve this problem I'd make the
> > right call where needed instead of searching for a tutor underneath.
> 
> By the same argument there is no value in talloc_get_type(), because we
> never make mistakes in passing void* pointers, as perfect programmers.

No, that's a different thing, your request is like asking nsswitch
subsystem to abort when you ask for bob and joe users if jane is not
returned back ...

> Back in the real world, I humbly request the provision and use of APIs
> that make it easier to detect the mistakes that I (as a mere human) tend
> to make.

the API is clear in this case, I welcome eventually an upper layer call
that makes extra checks if you need them, I see no need to double check
in ldb if what you asked is exactly what you get back.

Simo.