summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-06-15 22:26:22 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-06-16 09:57:52 +1000
commit5150f8597a2211414ddbd588e8bd64e0ef3c29a7 (patch)
tree8d4e116564ad44559940685933a58c6eb304644b /source4
parentf9018bc0ea882bf9303350ca594262c88942c38f (diff)
downloadsamba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.tar.gz
samba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.tar.bz2
samba-5150f8597a2211414ddbd588e8bd64e0ef3c29a7.zip
s4:dsdb Assert that we can't get backlinks as input in linked_attributes
The objectclass_attr module should prevent users creating such links, and the mrepl_meta_data module should only create them in functional level 2003 or above. Andrew Bartlett
Diffstat (limited to 'source4')
-rw-r--r--source4/dsdb/samdb/ldb_modules/linked_attributes.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 82fe27ef7f..4f36509a85 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -229,9 +229,16 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request *
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
/* We have a valid attribute, now find out if it is a forward link */
- if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) {
+ if ((schema_attr->linkID == 0)) {
continue;
}
+
+ if ((schema_attr->linkID & 1) == 1) {
+ unsigned int functional_level;
+
+ functional_level = dsdb_functional_level(ldb);
+ SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000);
+ }
/* Even link IDs are for the originating attribute */
target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1);
@@ -456,10 +463,16 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques
}
/* We have a valid attribute, now find out if it is a forward link
(Even link IDs are for the originating attribute) */
- if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) {
+ if (schema_attr->linkID == 0) {
continue;
}
+ if ((schema_attr->linkID & 1) == 1) {
+ unsigned int functional_level;
+
+ functional_level = dsdb_functional_level(ldb);
+ SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000);
+ }
/* Now find the target attribute */
target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1);
if (!target_attr) {