summaryrefslogtreecommitdiff
path: root/source4/dsdb
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2010-02-22 11:19:10 +0100
committerAndrew Bartlett <abartlet@samba.org>2010-02-25 08:17:00 +1100
commitcd5b5428781128b11de6bb3270828cc83a45cc03 (patch)
tree130840cada3391ab45b7ad1935cb367b9f14229e /source4/dsdb
parent545889a048da0bc58c4a4db4500839ab050518fa (diff)
downloadsamba-cd5b5428781128b11de6bb3270828cc83a45cc03.tar.gz
samba-cd5b5428781128b11de6bb3270828cc83a45cc03.tar.bz2
samba-cd5b5428781128b11de6bb3270828cc83a45cc03.zip
s4:partition DSDB module - change the search and domain scope control handling
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/partition.c57
1 files changed, 22 insertions, 35 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c
index 9bd4578a7f..1d4717b8fd 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -450,6 +450,8 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req)
struct ldb_search_options_control *search_options = NULL;
struct dsdb_partition *p;
+
+ bool domain_scope = false, phantom_root = false;
ret = partition_reload_if_required(module, data);
if (ret != LDB_SUCCESS) {
@@ -464,44 +466,40 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(p->module, req);
}
-
+ /* Get back the search options from the search control, and mark it as
+ * non-critical (to make backends and also dcpromo happy).
+ */
if (search_control) {
search_options = talloc_get_type(search_control->data, struct ldb_search_options_control);
+ search_control->critical = 0;
+
}
- /* Remove the domain_scope control, so we don't confuse a backend server */
+ /* Remove the "domain_scope" control, so we don't confuse a backend
+ * server */
if (domain_scope_control && !save_controls(domain_scope_control, req, &saved_controls)) {
ldb_oom(ldb_module_get_ctx(module));
return LDB_ERR_OPERATIONS_ERROR;
}
- /*
- * for now pass down the LDB_CONTROL_SEARCH_OPTIONS_OID control
- * down as uncritical to make windows 2008 dcpromo happy.
- */
- if (search_control) {
- search_control->critical = 0;
+ /* Locate the options */
+ domain_scope = (search_options
+ && (search_options->search_options & LDB_SEARCH_OPTION_DOMAIN_SCOPE))
+ || domain_scope_control;
+ phantom_root = search_options
+ && (search_options->search_options & LDB_SEARCH_OPTION_PHANTOM_ROOT);
+
+ /* Remove handled options from the search control flag */
+ if (search_options) {
+ search_options->search_options = search_options->search_options
+ & ~LDB_SEARCH_OPTION_DOMAIN_SCOPE
+ & ~LDB_SEARCH_OPTION_PHANTOM_ROOT;
}
- /* TODO:
- * Generate referrals (look for a partition under this DN) if we don't
- * have the LDB_CONTROL_DOMAIN_SCOPE_OID control specified.
- */
-
- if (search_options && (search_options->search_options & LDB_SEARCH_OPTION_PHANTOM_ROOT)) {
+ if ((!domain_scope) || phantom_root) {
int i;
struct partition_context *ac;
- if ((search_options->search_options & ~LDB_SEARCH_OPTION_PHANTOM_ROOT) == 0) {
- /* We have processed this flag, so we are done with this control now */
-
- /* Remove search control, so we don't confuse a backend server */
- if (search_control && !save_controls(search_control, req, &saved_controls)) {
- ldb_oom(ldb_module_get_ctx(module));
- return LDB_ERR_OPERATIONS_ERROR;
- }
- }
-
ac = partition_init_ctx(module, req);
if (!ac) {
return LDB_ERR_OPERATIONS_ERROR;
@@ -556,17 +554,6 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req)
/* fire the first one */
return partition_call_first(ac);
} else {
- /* Handle this like all other requests */
- if (search_control && (search_options->search_options & ~LDB_SEARCH_OPTION_PHANTOM_ROOT) == 0) {
- /* We have processed this flag, so we are done with this control now */
-
- /* Remove search control, so we don't confuse a backend server */
- if (search_control && !save_controls(search_control, req, &saved_controls)) {
- ldb_oom(ldb_module_get_ctx(module));
- return LDB_ERR_OPERATIONS_ERROR;
- }
- }
-
return partition_replicate(module, req, req->op.search.base);
}
}