summaryrefslogtreecommitdiff
path: root/source4/lib
diff options
context:
space:
mode:
authorAnatoliy Atanasov <anatoliy.atanasov@postpath.com>2009-09-21 17:14:06 -0700
committerAnatoliy Atanasov <anatoliy.atanasov@postpath.com>2009-09-21 17:18:10 -0700
commitb850d7fb08b97fff8ce5ec2cbff2256aa390e440 (patch)
tree282dafecbce2817de29a2ca3fa324fc173b3aa35 /source4/lib
parent6033ce24038dfa467e7bf56b04dc6b45f6bff815 (diff)
downloadsamba-b850d7fb08b97fff8ce5ec2cbff2256aa390e440.tar.gz
samba-b850d7fb08b97fff8ce5ec2cbff2256aa390e440.tar.bz2
samba-b850d7fb08b97fff8ce5ec2cbff2256aa390e440.zip
Add support in the ldb_dn.c code for MS-ADTS:3.1.1.5.1.2 Naming Constraints
Diffstat (limited to 'source4/lib')
-rw-r--r--source4/lib/ldb/common/ldb_dn.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c
index d905f47040..af00ef96f3 100644
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -103,6 +103,11 @@ struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx,
dn->ext_linearized = talloc_strndup(dn, data, length);
LDB_DN_NULL_FAILED(dn->ext_linearized);
+ if (strlen(data) != length) {
+ /* The RDN must not contain a character with value 0x0 */
+ return NULL;
+ }
+
if (data[0] == '<') {
const char *p_save, *p = dn->ext_linearized;
do {
@@ -231,6 +236,9 @@ char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value)
/*
explode a DN string into a ldb_dn structure
based on RFC4514 except that we don't support multiple valued RDNs
+
+ TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
+ DN must be compliant with RFC2253
*/
static bool ldb_dn_explode(struct ldb_dn *dn)
{
@@ -264,6 +272,11 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
return false;
}
+ /* The RDN size must be less than 255 characters */
+ if (strlen(parse_dn) > 255) {
+ return false;
+ }
+
/* Empty DNs */
if (parse_dn[0] == '\0') {
return true;