diff options
author | Matthieu Patou <mat@matws.net> | 2012-05-05 17:03:37 -0700 |
---|---|---|
committer | Matthieu Patou <mat@samba.org> | 2012-05-06 04:17:56 +0200 |
commit | db11c1b12018b0f92672d07fcf15c3b404f923d3 (patch) | |
tree | e0367b49de535b62b8c03b03b55757c387906761 /source4/dsdb/samdb | |
parent | 191dd54cbc42fc4816f249742d3488d091d96a26 (diff) | |
download | samba-db11c1b12018b0f92672d07fcf15c3b404f923d3.tar.gz samba-db11c1b12018b0f92672d07fcf15c3b404f923d3.tar.bz2 samba-db11c1b12018b0f92672d07fcf15c3b404f923d3.zip |
s4-schema: Validate more class attribute when adding a new class in the schema
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun May 6 04:17:56 CEST 2012 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c index 1fc2752016..e50c8e2369 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c @@ -299,6 +299,7 @@ static int attr_handler2(struct oc_context *ac) const struct dsdb_attribute *attr; unsigned int i; bool found; + bool isSchemaAttr = false; ldb = ldb_module_get_ctx(ac->module); @@ -339,6 +340,9 @@ static int attr_handler2(struct oc_context *ac) return LDB_ERR_UNWILLING_TO_PERFORM; } } + if (strcmp(attname, "attributeSchema") == 0) { + isSchemaAttr = true; + } } must_contain = dsdb_full_attribute_list(ac, ac->schema, oc_element, @@ -419,6 +423,31 @@ static int attr_handler2(struct oc_context *ac) return LDB_ERR_OBJECT_CLASS_VIOLATION; } + if (isSchemaAttr) { + /* Before really adding an attribute in the database, + * let's check that we can translate it into a dbsd_attribute and + * that we can find a valid syntax object. + * If not it's better to reject this attribute than not be able + * to start samba next time due to schema being unloadable. + */ + struct dsdb_attribute *att = talloc(ac, struct dsdb_attribute); + const struct dsdb_syntax *attrSyntax; + WERROR status; + + status= dsdb_attribute_from_ldb(ac->schema, msg, att); + if (!W_ERROR_IS_OK(status)) { + ldb_set_errstring(ldb, + "objectclass: failed to translate the schemaAttribute to a dsdb_attribute"); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + + attrSyntax = dsdb_syntax_for_attribute(att); + if (!attrSyntax) { + ldb_set_errstring(ldb, + "objectclass: unknown attribute syntax"); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + } return ldb_module_done(ac->req, ac->mod_ares->controls, ac->mod_ares->response, LDB_SUCCESS); } |