diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-06-15 22:26:22 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-06-16 09:57:52 +1000 |
commit | 5150f8597a2211414ddbd588e8bd64e0ef3c29a7 (patch) | |
tree | 8d4e116564ad44559940685933a58c6eb304644b /source4/dsdb/samdb | |
parent | f9018bc0ea882bf9303350ca594262c88942c38f (diff) | |
download | samba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.tar.gz samba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.tar.bz2 samba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.zip |
s4:dsdb Assert that we can't get backlinks as input in linked_attributes
The objectclass_attr module should prevent users creating such links,
and the mrepl_meta_data module should only create them in functional
level 2003 or above.
Andrew Bartlett
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/linked_attributes.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 82fe27ef7f..4f36509a85 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -229,9 +229,16 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request * return LDB_ERR_OBJECT_CLASS_VIOLATION; } /* We have a valid attribute, now find out if it is a forward link */ - if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) { + if ((schema_attr->linkID == 0)) { continue; } + + if ((schema_attr->linkID & 1) == 1) { + unsigned int functional_level; + + functional_level = dsdb_functional_level(ldb); + SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000); + } /* Even link IDs are for the originating attribute */ target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); @@ -456,10 +463,16 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques } /* We have a valid attribute, now find out if it is a forward link (Even link IDs are for the originating attribute) */ - if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) { + if (schema_attr->linkID == 0) { continue; } + if ((schema_attr->linkID & 1) == 1) { + unsigned int functional_level; + + functional_level = dsdb_functional_level(ldb); + SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000); + } /* Now find the target attribute */ target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); if (!target_attr) { |