summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2011-03-02 19:14:01 +0100
committerMatthias Dieter Wallnöfer <mdw@samba.org>2011-03-04 08:51:38 +0100
commit1343c0723f129606a3bc6fedd8d5f92f1080392b (patch)
treeb9ef944620dc5d35548af4e9f5bdfe2dfa95d8f4
parent5896b7299331aedd065397d2078c62d85bcf68f6 (diff)
downloadsamba-1343c0723f129606a3bc6fedd8d5f92f1080392b.tar.gz
samba-1343c0723f129606a3bc6fedd8d5f92f1080392b.tar.bz2
samba-1343c0723f129606a3bc6fedd8d5f92f1080392b.zip
s4:LDAP server - remove validation checks of input DNs
We should rather try to let the LDB modules perform these checks otherwise different backends behaviour differently. Reviewed by: Tridge
-rw-r--r--source4/ldap_server/ldap_backend.c31
1 files changed, 8 insertions, 23 deletions
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index e96caa6b07..b180e0ed73 100644
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -30,17 +30,6 @@
#include <ldb_module.h>
#include "ldb_wrap.h"
-#define VALID_DN_SYNTAX(dn) do {\
- if (!(dn)) {\
- return NT_STATUS_NO_MEMORY;\
- } else if ( ! ldb_dn_validate(dn)) {\
- result = LDAP_INVALID_DN_SYNTAX;\
- map_ldb_error(local_ctx, LDB_ERR_INVALID_DN_SYNTAX, NULL,\
- &errstr);\
- goto reply;\
- }\
-} while(0)
-
static int map_ldb_error(TALLOC_CTX *mem_ctx, int ldb_err,
const char *add_err_string, const char **errstring)
{
@@ -521,7 +510,7 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
basedn = ldb_dn_new(local_ctx, samdb, req->basedn);
- VALID_DN_SYNTAX(basedn);
+ NT_STATUS_HAVE_NO_MEMORY(basedn);
DEBUG(10, ("SearchRequest: basedn: [%s]\n", req->basedn));
DEBUG(10, ("SearchRequest: filter: [%s]\n", ldb_filter_from_tree(call, req->tree)));
@@ -735,7 +724,7 @@ static NTSTATUS ldapsrv_ModifyRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
@@ -843,7 +832,7 @@ static NTSTATUS ldapsrv_AddRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("AddRequest: dn: [%s]\n", req->dn));
@@ -879,7 +868,6 @@ static NTSTATUS ldapsrv_AddRequest(struct ldapsrv_call *call)
}
}
-reply:
add_reply = ldapsrv_init_reply(call, LDAP_TAG_AddResponse);
NT_STATUS_HAVE_NO_MEMORY(add_reply);
@@ -931,11 +919,10 @@ static NTSTATUS ldapsrv_DelRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("DelRequest: dn: [%s]\n", req->dn));
-reply:
del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
NT_STATUS_HAVE_NO_MEMORY(del_reply);
@@ -989,10 +976,10 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
olddn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(olddn);
+ NT_STATUS_HAVE_NO_MEMORY(olddn);
newrdn = ldb_dn_new(local_ctx, samdb, req->newrdn);
- VALID_DN_SYNTAX(newrdn);
+ NT_STATUS_HAVE_NO_MEMORY(newrdn);
DEBUG(10, ("ModifyDNRequest: olddn: [%s]\n", req->dn));
DEBUG(10, ("ModifyDNRequest: newrdn: [%s]\n", req->newrdn));
@@ -1022,9 +1009,8 @@ static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
}
if (req->newsuperior) {
- parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
- VALID_DN_SYNTAX(parentdn);
DEBUG(10, ("ModifyDNRequest: newsuperior: [%s]\n", req->newsuperior));
+ parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
}
if (!parentdn) {
@@ -1097,7 +1083,7 @@ static NTSTATUS ldapsrv_CompareRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn);
+ NT_STATUS_HAVE_NO_MEMORY(dn);
DEBUG(10, ("CompareRequest: dn: [%s]\n", req->dn));
filter = talloc_asprintf(local_ctx, "(%s=%*s)", req->attribute,
@@ -1108,7 +1094,6 @@ static NTSTATUS ldapsrv_CompareRequest(struct ldapsrv_call *call)
attrs[0] = NULL;
-reply:
compare_r = ldapsrv_init_reply(call, LDAP_TAG_CompareResponse);
NT_STATUS_HAVE_NO_MEMORY(compare_r);