summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/samdb/ldb_modules/repl_meta_data.c71
1 files changed, 65 insertions, 6 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index c91fcb2f40..b91d5e3db2 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -170,7 +170,8 @@ static int add_uint64_element(struct ldb_message *msg, const char *attr, uint64_
static int replmd_add_originating(struct ldb_module *module,
struct ldb_request *req,
- const struct dsdb_schema *schema)
+ const struct dsdb_schema *schema,
+ const struct dsdb_control_current_partition *partition)
{
struct ldb_request *down_req;
struct ldb_message_element *attribute;
@@ -251,6 +252,8 @@ static int replmd_add_originating(struct ldb_module *module,
static int replmd_add(struct ldb_module *module, struct ldb_request *req)
{
const struct dsdb_schema *schema;
+ const struct ldb_control *partition_ctrl;
+ const struct dsdb_control_current_partition *partition;
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.add.message->dn)) {
@@ -259,16 +262,40 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req)
schema = dsdb_get_schema(module->ldb);
if (!schema) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, "replmd_add: no dsdb_schema loaded");
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_add: no dsdb_schema loaded");
return LDB_ERR_CONSTRAINT_VIOLATION;
}
- return replmd_add_originating(module, req, schema);
+ partition_ctrl = get_control_from_list(req->controls, DSDB_CONTROL_CURRENT_PARTITION_OID);
+ if (!partition_ctrl) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_add: no current partition control found");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ partition = talloc_get_type(partition_ctrl->data,
+ struct dsdb_control_current_partition);
+ if (!partition) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_add: current partition control contains invalid data");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ if (partition->version != DSDB_CONTROL_CURRENT_PARTITION_VERSION) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_add: current partition control contains invalid version [%u != %u]\n",
+ partition->version, DSDB_CONTROL_CURRENT_PARTITION_VERSION);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ return replmd_add_originating(module, req, schema, partition);
}
static int replmd_modify_originating(struct ldb_module *module,
struct ldb_request *req,
- const struct dsdb_schema *schema)
+ const struct dsdb_schema *schema,
+ const struct dsdb_control_current_partition *partition)
{
struct ldb_request *down_req;
struct ldb_message *msg;
@@ -323,6 +350,8 @@ static int replmd_modify_originating(struct ldb_module *module,
static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
{
const struct dsdb_schema *schema;
+ const struct ldb_control *partition_ctrl;
+ const struct dsdb_control_current_partition *partition;
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.mod.message->dn)) {
@@ -331,11 +360,41 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req)
schema = dsdb_get_schema(module->ldb);
if (!schema) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, "replmd_modify: no dsdb_schema loaded");
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_modify: no dsdb_schema loaded");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ schema = dsdb_get_schema(module->ldb);
+ if (!schema) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_modify: no dsdb_schema loaded");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ partition_ctrl = get_control_from_list(req->controls, DSDB_CONTROL_CURRENT_PARTITION_OID);
+ if (!partition_ctrl) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_modify: no current partition control found");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ partition = talloc_get_type(partition_ctrl->data,
+ struct dsdb_control_current_partition);
+ if (!partition) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_modify: current partition control contains invalid data");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ if (partition->version != DSDB_CONTROL_CURRENT_PARTITION_VERSION) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
+ "replmd_modify: current partition control contains invalid version [%u != %u]\n",
+ partition->version, DSDB_CONTROL_CURRENT_PARTITION_VERSION);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
- return replmd_modify_originating(module, req, schema);
+ return replmd_modify_originating(module, req, schema, partition);
}
static int replmd_replicated_request_reply_helper(struct replmd_replicated_request *ar, int ret)