summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-10-23 16:15:51 +0200
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-10-23 16:37:29 +0200
commitf9a6ff482c8d03e7e46fd6925d58214b7a097e02 (patch)
tree36bf703986179f59947e6d380162109f87338563
parent89c42a96fcaa43a7f2c9aef9e708276a639e0051 (diff)
downloadsamba-f9a6ff482c8d03e7e46fd6925d58214b7a097e02.tar.gz
samba-f9a6ff482c8d03e7e46fd6925d58214b7a097e02.tar.bz2
samba-f9a6ff482c8d03e7e46fd6925d58214b7a097e02.zip
s4/ldb:introduce the LDB_CONTROL_PROVISION_OID control
This control is exactly thought for the actions which previously were performed using the RELAX one. We agreed that the RELAX control will only remain for interactions with OpenLDAP.
-rw-r--r--source4/dsdb/common/util.c7
-rw-r--r--source4/dsdb/common/util.h1
-rw-r--r--source4/lib/ldb/common/ldb_controls.c27
-rw-r--r--source4/lib/ldb/include/ldb.h6
-rw-r--r--source4/libcli/ldap/ldap_controls.c2
-rw-r--r--source4/setup/schema_samba4.ldif1
6 files changed, 44 insertions, 0 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index f56cd07f3a..9b813d1b52 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3660,6 +3660,13 @@ int dsdb_request_add_controls(struct ldb_request *req, uint32_t dsdb_flags)
}
}
+ if (dsdb_flags & DSDB_PROVISION) {
+ ret = ldb_request_add_control(req, LDB_CONTROL_PROVISION_OID, false, NULL);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ }
+
return LDB_SUCCESS;
}
diff --git a/source4/dsdb/common/util.h b/source4/dsdb/common/util.h
index 7dabef8d87..fa876484cb 100644
--- a/source4/dsdb/common/util.h
+++ b/source4/dsdb/common/util.h
@@ -34,5 +34,6 @@
#define DSDB_TREE_DELETE 0x0100
#define DSDB_SEARCH_ONE_ONLY 0x0200 /* give an error unless 1 record */
#define DSDB_SEARCH_SHOW_RECYCLED 0x0400
+#define DSDB_PROVISION 0x0800
bool is_attr_in_list(const char * const * attrs, const char *attr);
diff --git a/source4/lib/ldb/common/ldb_controls.c b/source4/lib/ldb/common/ldb_controls.c
index 6ce08652a7..99154aa7d9 100644
--- a/source4/lib/ldb/common/ldb_controls.c
+++ b/source4/lib/ldb/common/ldb_controls.c
@@ -939,6 +939,33 @@ struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, TALLOC_C
continue;
}
+ if (strncmp(control_strings[i], "provision:", 10) == 0) {
+ const char *p;
+ int crit, ret;
+
+ p = &(control_strings[i][10]);
+ ret = sscanf(p, "%d", &crit);
+ if ((ret != 1) || (crit < 0) || (crit > 1)) {
+ error_string = talloc_asprintf(mem_ctx, "invalid provision control syntax\n");
+ error_string = talloc_asprintf_append(error_string, " syntax: crit(b)\n");
+ error_string = talloc_asprintf_append(error_string, " note: b = boolean");
+ ldb_set_errstring(ldb, error_string);
+ talloc_free(error_string);
+ return NULL;
+ }
+
+ ctrl[i] = talloc(ctrl, struct ldb_control);
+ if (!ctrl[i]) {
+ ldb_oom(ldb);
+ return NULL;
+ }
+ ctrl[i]->oid = LDB_CONTROL_PROVISION_OID;
+ ctrl[i]->critical = crit;
+ ctrl[i]->data = NULL;
+
+ continue;
+ }
+
/* no controls matched, throw an error */
ldb_asprintf_errstring(ldb, "Invalid control name: '%s'", control_strings[i]);
return NULL;
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 7edad06957..d1e29010b1 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -510,6 +510,12 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque);
*/
#define LDB_CONTROL_AS_SYSTEM_OID "1.3.6.1.4.1.7165.4.3.7"
+/**
+ LDB_CONTROL_PROVISION_OID is used to skip some constraint checks. It's is
+ mainly thought to be used for the provisioning.
+*/
+#define LDB_CONTROL_PROVISION_OID "1.3.6.1.4.1.7165.4.3.16"
+
/* AD controls */
/**
diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c
index 478481b422..592635d59c 100644
--- a/source4/libcli/ldap/ldap_controls.c
+++ b/source4/libcli/ldap/ldap_controls.c
@@ -1187,6 +1187,8 @@ static const struct ldap_control_handler ldap_known_controls[] = {
{ DSDB_CONTROL_CHANGEREPLMETADATA_OID, NULL, NULL },
/* DSDB_CONTROL_SEARCH_APPLY_ACCESS is internal only, and has no network representation */
{ DSDB_CONTROL_SEARCH_APPLY_ACCESS, NULL, NULL },
+/* LDB_CONTROL_PROVISION_OID is internal only, and has no network representation */
+ { LDB_CONTROL_PROVISION_OID, NULL, NULL },
/* DSDB_EXTENDED_REPLICATED_OBJECTS_OID is internal only, and has no network representation */
{ DSDB_EXTENDED_REPLICATED_OBJECTS_OID, NULL, NULL },
/* DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID is internal only, and has no network representation */
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index f703b5aaad..212097ba5f 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -188,6 +188,7 @@
#Allocated: LDB_CONTROL_BYPASS_OPERATIONAL_OID 1.3.6.1.4.1.7165.4.3.13
#Allocated: DSDB_CONTROL_CHANGEREPLMETADATA_OID 1.3.6.1.4.1.7165.4.3.14
#Allocated: DSDB_CONTROL_SEARCH_APPLY_ACCESS 1.3.6.1.4.1.7165.4.3.15
+#Allocated: LDB_CONTROL_PROVISION_OID 1.3.6.1.4.1.7165.4.3.16
# Extended 1.3.6.1.4.1.7165.4.4.x
#Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1