diff options
author | Stefan Metzmacher <metze@samba.org> | 2013-01-17 08:37:12 +0100 |
---|---|---|
committer | Matthieu Patou <mat@matws.net> | 2013-01-17 00:16:24 -0800 |
commit | 947985b259ac05e95d65be19c67f384579a797ce (patch) | |
tree | c28c087046f93470da6d2ce1f93104bde39ad40b /source4/dsdb | |
parent | 8e63a72ec1e9ea9efcbcdf156274afaed9a4b2ea (diff) | |
download | samba-947985b259ac05e95d65be19c67f384579a797ce.tar.gz samba-947985b259ac05e95d65be19c67f384579a797ce.tar.bz2 samba-947985b259ac05e95d65be19c67f384579a797ce.zip |
dsdb-acl: don't call dsdb_user_password_support() if we don't use the result
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/acl.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 9056a41cae..19271326aa 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -982,7 +982,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) struct security_descriptor *sd; struct dom_sid *sid = NULL; struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID); - bool userPassword = dsdb_user_password_support(module, req, req); + bool userPassword; TALLOC_CTX *tmp_ctx = talloc_new(req); static const char *acl_attrs[] = { "nTSecurityDescriptor", @@ -1017,6 +1017,8 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) goto fail; } + userPassword = dsdb_user_password_support(module, req, req); + schema = dsdb_get_schema(ldb, tmp_ctx); if (!schema) { talloc_free(tmp_ctx); @@ -1661,7 +1663,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req) ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses"); ac->allowedChildClassesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedChildClassesEffective"); ac->sDRightsEffective = ldb_attr_in_list(req->op.search.attrs, "sDRightsEffective"); - ac->userPassword = dsdb_user_password_support(module, ac, req); + ac->userPassword = true; ac->schema = dsdb_get_schema(ldb, ac); ac->constructed_attrs |= ac->allowedAttributes; @@ -1681,6 +1683,10 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } + if (!ac->am_system) { + ac->userPassword = dsdb_user_password_support(module, ac, req); + } + ret = acl_search_update_confidential_attrs(ac, data); if (ret != LDB_SUCCESS) { return ret; |