summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2012-05-05 17:03:37 -0700
committerMatthieu Patou <mat@samba.org>2012-05-06 04:17:56 +0200
commitdb11c1b12018b0f92672d07fcf15c3b404f923d3 (patch)
treee0367b49de535b62b8c03b03b55757c387906761 /source4/dsdb/samdb/ldb_modules
parent191dd54cbc42fc4816f249742d3488d091d96a26 (diff)
downloadsamba-db11c1b12018b0f92672d07fcf15c3b404f923d3.tar.gz
samba-db11c1b12018b0f92672d07fcf15c3b404f923d3.tar.bz2
samba-db11c1b12018b0f92672d07fcf15c3b404f923d3.zip
s4-schema: Validate more class attribute when adding a new class in the schema
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sun May 6 04:17:56 CEST 2012 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules')
-rw-r--r--source4/dsdb/samdb/ldb_modules/objectclass_attrs.c29
1 files changed, 29 insertions, 0 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
index 1fc2752016..e50c8e2369 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
@@ -299,6 +299,7 @@ static int attr_handler2(struct oc_context *ac)
const struct dsdb_attribute *attr;
unsigned int i;
bool found;
+ bool isSchemaAttr = false;
ldb = ldb_module_get_ctx(ac->module);
@@ -339,6 +340,9 @@ static int attr_handler2(struct oc_context *ac)
return LDB_ERR_UNWILLING_TO_PERFORM;
}
}
+ if (strcmp(attname, "attributeSchema") == 0) {
+ isSchemaAttr = true;
+ }
}
must_contain = dsdb_full_attribute_list(ac, ac->schema, oc_element,
@@ -419,6 +423,31 @@ static int attr_handler2(struct oc_context *ac)
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
+ if (isSchemaAttr) {
+ /* Before really adding an attribute in the database,
+ * let's check that we can translate it into a dbsd_attribute and
+ * that we can find a valid syntax object.
+ * If not it's better to reject this attribute than not be able
+ * to start samba next time due to schema being unloadable.
+ */
+ struct dsdb_attribute *att = talloc(ac, struct dsdb_attribute);
+ const struct dsdb_syntax *attrSyntax;
+ WERROR status;
+
+ status= dsdb_attribute_from_ldb(ac->schema, msg, att);
+ if (!W_ERROR_IS_OK(status)) {
+ ldb_set_errstring(ldb,
+ "objectclass: failed to translate the schemaAttribute to a dsdb_attribute");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
+ attrSyntax = dsdb_syntax_for_attribute(att);
+ if (!attrSyntax) {
+ ldb_set_errstring(ldb,
+ "objectclass: unknown attribute syntax");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+ }
return ldb_module_done(ac->req, ac->mod_ares->controls,
ac->mod_ares->response, LDB_SUCCESS);
}