summaryrefslogtreecommitdiff
path: root/source4/dsdb
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2009-12-09 15:18:37 +1100
committerAndrew Tridgell <tridge@samba.org>2009-12-09 18:18:26 +1100
commit0fca76e5775e46dd69153eee93e92b1937df29b5 (patch)
treef0e864a26d38b2fdedb69f52a568c642abed9b1b /source4/dsdb
parent732c701c52932419e602adfe726dee89d89549d3 (diff)
downloadsamba-0fca76e5775e46dd69153eee93e92b1937df29b5.tar.gz
samba-0fca76e5775e46dd69153eee93e92b1937df29b5.tar.bz2
samba-0fca76e5775e46dd69153eee93e92b1937df29b5.zip
s4-dsdb: added dsdb_functional_level() helper function
Diffstat (limited to 'source4/dsdb')
-rw-r--r--source4/dsdb/common/util.c16
-rw-r--r--source4/dsdb/samdb/ldb_modules/descriptor.c8
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c6
-rw-r--r--source4/dsdb/samdb/ldb_modules/rootdse.c5
4 files changed, 20 insertions, 15 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index d9e03cec3e..512230f63c 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2705,3 +2705,19 @@ const char *samdb_cn_to_lDAPDisplayName(TALLOC_CTX *mem_ctx, const char *cn)
return ret;
}
+
+/*
+ return domain functional level
+ returns DS_DOMAIN_FUNCTION_*
+ */
+int dsdb_functional_level(struct ldb_context *ldb)
+{
+ int *domainFunctionality =
+ talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
+ if (!domainFunctionality) {
+ DEBUG(0,(__location__ ": WARNING: domainFunctionality not setup\n"));
+ return DS_DOMAIN_FUNCTION_2000;
+ }
+ return *domainFunctionality;
+}
+
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index da80ee540e..03cb1ff3e3 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -141,13 +141,7 @@ static struct dom_sid *get_default_group(TALLOC_CTX *mem_ctx,
struct ldb_context *ldb,
struct dom_sid *dag)
{
- int *domainFunctionality;
-
- domainFunctionality = talloc_get_type(
- ldb_get_opaque(ldb, "domainFunctionality"), int);
-
- if (*domainFunctionality
- && (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008)) {
+ if (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008) {
return dag;
}
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 8791db2bc4..4d4f500e87 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1025,7 +1025,6 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
uint8_t zero16[16];
bool do_newer_keys = false;
bool do_cleartext = false;
- int *domainFunctionality;
ZERO_STRUCT(zero16);
ZERO_STRUCT(names);
@@ -1065,10 +1064,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
}
}
/* Per MS-SAMR 3.1.1.8.11.6 we create AES keys if our domain functionality level is 2008 or higher */
- domainFunctionality = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
-
- do_newer_keys = *domainFunctionality &&
- (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008);
+ do_newer_keys = (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008);
if (io->domain->store_cleartext &&
(io->u.user_account_control & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)) {
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 661060d755..045b507ffd 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -322,10 +322,9 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms
}
}
- if (priv && do_attribute(attrs, "domainFunctionality")
- && (val = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int))) {
+ if (priv && do_attribute(attrs, "domainFunctionality")) {
if (ldb_msg_add_fmt(msg, "domainFunctionality",
- "%d", *val) != 0) {
+ "%d", dsdb_functional_level(ldb)) != 0) {
goto failed;
}
}