summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-01-17 08:37:12 +0100
committerMatthieu Patou <mat@matws.net>2013-01-17 00:16:24 -0800
commit947985b259ac05e95d65be19c67f384579a797ce (patch)
treec28c087046f93470da6d2ce1f93104bde39ad40b /source4
parent8e63a72ec1e9ea9efcbcdf156274afaed9a4b2ea (diff)
downloadsamba-947985b259ac05e95d65be19c67f384579a797ce.tar.gz
samba-947985b259ac05e95d65be19c67f384579a797ce.tar.bz2
samba-947985b259ac05e95d65be19c67f384579a797ce.zip
dsdb-acl: don't call dsdb_user_password_support() if we don't use the result
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
Diffstat (limited to 'source4')
-rw-r--r--source4/dsdb/samdb/ldb_modules/acl.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 9056a41cae..19271326aa 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -982,7 +982,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
struct security_descriptor *sd;
struct dom_sid *sid = NULL;
struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID);
- bool userPassword = dsdb_user_password_support(module, req, req);
+ bool userPassword;
TALLOC_CTX *tmp_ctx = talloc_new(req);
static const char *acl_attrs[] = {
"nTSecurityDescriptor",
@@ -1017,6 +1017,8 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
goto fail;
}
+ userPassword = dsdb_user_password_support(module, req, req);
+
schema = dsdb_get_schema(ldb, tmp_ctx);
if (!schema) {
talloc_free(tmp_ctx);
@@ -1661,7 +1663,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req)
ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses");
ac->allowedChildClassesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedChildClassesEffective");
ac->sDRightsEffective = ldb_attr_in_list(req->op.search.attrs, "sDRightsEffective");
- ac->userPassword = dsdb_user_password_support(module, ac, req);
+ ac->userPassword = true;
ac->schema = dsdb_get_schema(ldb, ac);
ac->constructed_attrs |= ac->allowedAttributes;
@@ -1681,6 +1683,10 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(module, req);
}
+ if (!ac->am_system) {
+ ac->userPassword = dsdb_user_password_support(module, ac, req);
+ }
+
ret = acl_search_update_confidential_attrs(ac, data);
if (ret != LDB_SUCCESS) {
return ret;