diff options
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 71 |
1 files changed, 65 insertions, 6 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index c91fcb2f40..b91d5e3db2 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -170,7 +170,8 @@ static int add_uint64_element(struct ldb_message *msg, const char *attr, uint64_ static int replmd_add_originating(struct ldb_module *module, struct ldb_request *req, - const struct dsdb_schema *schema) + const struct dsdb_schema *schema, + const struct dsdb_control_current_partition *partition) { struct ldb_request *down_req; struct ldb_message_element *attribute; @@ -251,6 +252,8 @@ static int replmd_add_originating(struct ldb_module *module, static int replmd_add(struct ldb_module *module, struct ldb_request *req) { const struct dsdb_schema *schema; + const struct ldb_control *partition_ctrl; + const struct dsdb_control_current_partition *partition; /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.add.message->dn)) { @@ -259,16 +262,40 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) schema = dsdb_get_schema(module->ldb); if (!schema) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, "replmd_add: no dsdb_schema loaded"); + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_add: no dsdb_schema loaded"); return LDB_ERR_CONSTRAINT_VIOLATION; } - return replmd_add_originating(module, req, schema); + partition_ctrl = get_control_from_list(req->controls, DSDB_CONTROL_CURRENT_PARTITION_OID); + if (!partition_ctrl) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_add: no current partition control found"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + partition = talloc_get_type(partition_ctrl->data, + struct dsdb_control_current_partition); + if (!partition) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_add: current partition control contains invalid data"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + if (partition->version != DSDB_CONTROL_CURRENT_PARTITION_VERSION) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_add: current partition control contains invalid version [%u != %u]\n", + partition->version, DSDB_CONTROL_CURRENT_PARTITION_VERSION); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + return replmd_add_originating(module, req, schema, partition); } static int replmd_modify_originating(struct ldb_module *module, struct ldb_request *req, - const struct dsdb_schema *schema) + const struct dsdb_schema *schema, + const struct dsdb_control_current_partition *partition) { struct ldb_request *down_req; struct ldb_message *msg; @@ -323,6 +350,8 @@ static int replmd_modify_originating(struct ldb_module *module, static int replmd_modify(struct ldb_module *module, struct ldb_request *req) { const struct dsdb_schema *schema; + const struct ldb_control *partition_ctrl; + const struct dsdb_control_current_partition *partition; /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.mod.message->dn)) { @@ -331,11 +360,41 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req) schema = dsdb_get_schema(module->ldb); if (!schema) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, "replmd_modify: no dsdb_schema loaded"); + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_modify: no dsdb_schema loaded"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + schema = dsdb_get_schema(module->ldb); + if (!schema) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_modify: no dsdb_schema loaded"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + partition_ctrl = get_control_from_list(req->controls, DSDB_CONTROL_CURRENT_PARTITION_OID); + if (!partition_ctrl) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_modify: no current partition control found"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + partition = talloc_get_type(partition_ctrl->data, + struct dsdb_control_current_partition); + if (!partition) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_modify: current partition control contains invalid data"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + if (partition->version != DSDB_CONTROL_CURRENT_PARTITION_VERSION) { + ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + "replmd_modify: current partition control contains invalid version [%u != %u]\n", + partition->version, DSDB_CONTROL_CURRENT_PARTITION_VERSION); return LDB_ERR_CONSTRAINT_VIOLATION; } - return replmd_modify_originating(module, req, schema); + return replmd_modify_originating(module, req, schema, partition); } static int replmd_replicated_request_reply_helper(struct replmd_replicated_request *ar, int ret) |