summaryrefslogtreecommitdiff
path: root/source4/lib
diff options
context:
space:
mode:
authorAndrew Kroeger <andrew@sprocks.gotdns.com>2008-01-18 01:50:33 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-01-18 03:41:59 +0100
commit4d8a60f617f941ff6481bcfbac73d7ed69e43daa (patch)
tree3e1dc32100479edcc6992442309df9a595524fd4 /source4/lib
parent158a2eed334512c28a7101b3af2c364b4ac1b3fd (diff)
downloadsamba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.tar.gz
samba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.tar.bz2
samba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.zip
When Windows initially creates a new value, the value name is "New Value #1".
The '#' character was causing problems, as it was not being escaped for the dn, but the failure returned by ldb_dn_add_child_fmt() was not being caught. This was causing the new value to be added on the parent key, not the current key. When attempting to delete the new value (now on the parent key) the same escaping error was returned by ldb_dn_add_child_fmt(), causing the delete to delete the key and not the value. When attempting to rename a value, Windows first tries to ensure the new name does not already exist. When a value does not exist, Windows expects a return value of WERR_BADFILE, but WERR_NOT_FOUND was being returned instead. Providing the WERR_BADFILE that Windows expects allows values to be renamed. (This used to be commit 94fb39cfd967455ce5a554720c1c7e6183f91056)
Diffstat (limited to 'source4/lib')
-rw-r--r--source4/lib/registry/ldb.c24
1 files changed, 22 insertions, 2 deletions
diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c
index d87bc6cf8e..884aed1579 100644
--- a/source4/lib/registry/ldb.c
+++ b/source4/lib/registry/ldb.c
@@ -112,6 +112,16 @@ static struct ldb_message *reg_ldb_pack_value(struct ldb_context *ctx,
}
+static char *reg_ldb_escape(TALLOC_CTX *mem_ctx, const char *value)
+{
+ struct ldb_val val;
+
+ val.data = discard_const_p(uint8_t, value);
+ val.length = strlen(value);
+
+ return ldb_dn_escape_value(mem_ctx, val);
+}
+
static int reg_close_ldb_key(struct ldb_key_data *key)
{
if (key->subkeys != NULL) {
@@ -447,7 +457,12 @@ static WERROR ldb_del_value (struct hive_key *key, const char *child)
struct ldb_dn *childdn;
childdn = ldb_dn_copy(kd->ldb, kd->dn);
- ldb_dn_add_child_fmt(childdn, "value=%s", child);
+ if (!ldb_dn_add_child_fmt(childdn, "value=%s",
+ reg_ldb_escape(childdn, child)))
+ {
+ talloc_free(childdn);
+ return WERR_FOOBAR;
+ }
ret = ldb_delete(kd->ldb, childdn);
@@ -475,7 +490,12 @@ static WERROR ldb_set_value(struct hive_key *parent,
msg = reg_ldb_pack_value(kd->ldb, mem_ctx, name, type, data);
msg->dn = ldb_dn_copy(msg, kd->dn);
- ldb_dn_add_child_fmt(msg->dn, "value=%s", name);
+ if (!ldb_dn_add_child_fmt(msg->dn, "value=%s",
+ reg_ldb_escape(mem_ctx, name)))
+ {
+ talloc_free(mem_ctx);
+ return WERR_FOOBAR;
+ }
ret = ldb_add(kd->ldb, msg);
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {