diff options
author | Andrew Bartlett <abartlet@samba.org> | 2007-11-29 08:02:36 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2007-12-21 05:46:44 +0100 |
commit | 1da2cfe03d956e5f209b049f931851b4afa1287c (patch) | |
tree | c975f052c42658271af7069aab463fa2b2665a4e | |
parent | 364266e22a08e730f2442cf87ec385620cff2700 (diff) | |
download | samba-1da2cfe03d956e5f209b049f931851b4afa1287c.tar.gz samba-1da2cfe03d956e5f209b049f931851b4afa1287c.tar.bz2 samba-1da2cfe03d956e5f209b049f931851b4afa1287c.zip |
r26193: In the LDAP server, use the new 'controls_decoded' element to
determine if this (possibly critical) control has been decoded. This
allows us to return an error, rather than just dropping the socket.
Andrew Bartlett
(This used to be commit 230a60c1910f95ce5139c174d6d79786fca08433)
-rw-r--r-- | source4/ldap_server/ldap_backend.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c index 5a953947f3..a6697dfba8 100644 --- a/source4/ldap_server/ldap_backend.c +++ b/source4/ldap_server/ldap_backend.c @@ -720,6 +720,18 @@ static NTSTATUS ldapsrv_AbandonRequest(struct ldapsrv_call *call) NTSTATUS ldapsrv_do_call(struct ldapsrv_call *call) { + int i; + struct ldap_message *msg = call->request; + /* Check for undecoded critical extensions */ + for (i=0; msg->controls && msg->controls[i]; i++) { + if (!msg->controls_decoded[i] && + msg->controls[i]->critical) { + DEBUG(3, ("ldapsrv_do_call: Critical extension %s is not known to this server\n", + msg->controls[i]->oid)); + return ldapsrv_unwilling(call, LDAP_UNAVAILABLE_CRITICAL_EXTENSION); + } + } + switch(call->request->type) { case LDAP_TAG_BindRequest: return ldapsrv_BindRequest(call); |