diff options
author | Andrew Bartlett <abartlet@samba.org> | 2007-03-13 00:59:06 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:49:29 -0500 |
commit | 9b03286b32a916dbef59f1459eefa01f0ebfeed3 (patch) | |
tree | acc52923c4ce8e92dc902b201c12b046f8a04826 /source4/libcli/ldap/ldap_controls.c | |
parent | b6b98f63009b00e3e6766eee46d1142b8772c966 (diff) | |
download | samba-9b03286b32a916dbef59f1459eefa01f0ebfeed3.tar.gz samba-9b03286b32a916dbef59f1459eefa01f0ebfeed3.tar.bz2 samba-9b03286b32a916dbef59f1459eefa01f0ebfeed3.zip |
r21806: I've been working over the last week to fix up the LDAP backend for
Samba4. This only broke on global catalog queries, which turned out to
be due to changes in the partitions module that metze needed for his
DRSUAPI work.
I've reworked partitions.c to always include the 'problematic' control,
and therefore demonstrated that this is the issue. This ensures
consistency, and should help with finding issues like this in future.
As this control (DSDB_CONTROL_CURRENT_PARTITION_OID) is not intended to
be linearised, I've added logic to allow it to be skipped when creating
network packets.
I've likewise make our LDAP server skip unknown controls, when marked
'not critical' on it's input, rather than just dropping the entire
request. I need some help to generate a correct error packet when it is
marked critical.
Further work could perhaps be to have the ldap_encode routine return a
textual description of what failed to encode, as that would have saved
me a lot of time...
Andrew Bartlett
(This used to be commit eef710668f91d1bbaa2d834d9e653e11c8aac817)
Diffstat (limited to 'source4/libcli/ldap/ldap_controls.c')
-rw-r--r-- | source4/libcli/ldap/ldap_controls.c | 71 |
1 files changed, 44 insertions, 27 deletions
diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c index 5cd0451136..bbb0cb1aa5 100644 --- a/source4/libcli/ldap/ldap_controls.c +++ b/source4/libcli/ldap/ldap_controls.c @@ -1059,14 +1059,35 @@ struct control_handler ldap_known_controls[] = { { "2.16.840.1.113730.3.4.2", decode_manageDSAIT_request, encode_manageDSAIT_request }, { "2.16.840.1.113730.3.4.9", decode_vlv_request, encode_vlv_request }, { "2.16.840.1.113730.3.4.10", decode_vlv_response, encode_vlv_response }, +/* DSDB_CONTROL_CURRENT_PARTITION_OID is internal only, and has no network representation */ + { "1.3.6.1.4.1.7165.4.3.2", NULL, NULL }, +/* DSDB_EXTENDED_REPLICATED_OBJECTS_OID is internal only, and has no network representation */ + { "1.3.6.1.4.1.7165.4.4.1", NULL, NULL }, { NULL, NULL, NULL } }; -BOOL ldap_decode_control(void *mem_ctx, struct asn1_data *data, struct ldb_control *ctrl) +BOOL ldap_decode_control_value(void *mem_ctx, DATA_BLOB value, struct ldb_control *ctrl) { int i; + + for (i = 0; ldap_known_controls[i].oid != NULL; i++) { + if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) { + if (!ldap_known_controls[i].decode || !ldap_known_controls[i].decode(mem_ctx, value, &ctrl->data)) { + return False; + } + break; + } + } + if (ldap_known_controls[i].oid == NULL) { + return False; + } + + return True; +} + +BOOL ldap_decode_control_wrapper(void *mem_ctx, struct asn1_data *data, struct ldb_control *ctrl, DATA_BLOB *value) +{ DATA_BLOB oid; - DATA_BLOB value; if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) { return False; @@ -1096,19 +1117,7 @@ BOOL ldap_decode_control(void *mem_ctx, struct asn1_data *data, struct ldb_contr goto end_tag; } - if (!asn1_read_OctetString(data, &value)) { - return False; - } - - for (i = 0; ldap_known_controls[i].oid != NULL; i++) { - if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) { - if (!ldap_known_controls[i].decode(mem_ctx, value, &ctrl->data)) { - return False; - } - break; - } - } - if (ldap_known_controls[i].oid == NULL) { + if (!asn1_read_OctetString(data, value)) { return False; } @@ -1125,6 +1134,26 @@ BOOL ldap_encode_control(void *mem_ctx, struct asn1_data *data, struct ldb_contr DATA_BLOB value; int i; + for (i = 0; ldap_known_controls[i].oid != NULL; i++) { + if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) { + if (!ldap_known_controls[i].encode) { + if (ctrl->critical) { + return False; + } else { + /* not encoding this control */ + return True; + } + } + if (!ldap_known_controls[i].encode(mem_ctx, ctrl->data, &value)) { + return False; + } + break; + } + } + if (ldap_known_controls[i].oid == NULL) { + return False; + } + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -1143,18 +1172,6 @@ BOOL ldap_encode_control(void *mem_ctx, struct asn1_data *data, struct ldb_contr goto pop_tag; } - for (i = 0; ldap_known_controls[i].oid != NULL; i++) { - if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) { - if (!ldap_known_controls[i].encode(mem_ctx, ctrl->data, &value)) { - return False; - } - break; - } - } - if (ldap_known_controls[i].oid == NULL) { - return False; - } - if (!asn1_write_OctetString(data, value.data, value.length)) { return False; } |