From 32995e84a2c28d8781a0386906df58b9754af24a Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 15 Dec 2009 11:01:18 +1100 Subject: s4-dsdb: use dsdb_dn_is_deleted_val() This also moves the check to before we parse the DN, which saves some unnecessary work Pair-Programmed-With: Andrew Bartlett --- source4/dsdb/samdb/ldb_modules/extended_dn_out.c | 47 +++++++++++------------- 1 file changed, 22 insertions(+), 25 deletions(-) diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c index 987a3b3cfb..bd57913ea6 100644 --- a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c +++ b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c @@ -434,6 +434,28 @@ static int extended_callback(struct ldb_request *req, struct ldb_reply *ares, struct ldb_dn *dn; struct dsdb_dn *dsdb_dn = NULL; struct ldb_val *plain_dn = &msg->elements[i].values[j]; + + if (!checked_reveal_control) { + have_reveal_control = + ldb_request_get_control(req, LDB_CONTROL_REVEAL_INTERNALS) != NULL; + checked_reveal_control = true; + } + + /* this is a fast method for detecting deleted + linked attributes, working on the unparsed + ldb_val */ + if (dsdb_dn_is_deleted_val(plain_dn) && !have_reveal_control) { + /* it's a deleted linked attribute, + and we don't have the reveal control */ + memmove(&msg->elements[i].values[j], + &msg->elements[i].values[j+1], + (msg->elements[i].num_values-(j+1))*sizeof(struct ldb_val)); + msg->elements[i].num_values--; + j--; + continue; + } + + dsdb_dn = dsdb_dn_parse(msg, ldb, plain_dn, attribute->syntax->ldap_oid); if (!dsdb_dn || !ldb_dn_validate(dsdb_dn->dn)) { @@ -447,31 +469,6 @@ static int extended_callback(struct ldb_request *req, struct ldb_reply *ares, } dn = dsdb_dn->dn; - if (!checked_reveal_control) { - have_reveal_control = - ldb_request_get_control(req, LDB_CONTROL_REVEAL_INTERNALS) != NULL; - checked_reveal_control = true; - } - - /* this is a fast method for detecting deleted - linked attributes. It relies on the - linearization of extended DNs sorting by name, - and "DELETED" being the first name */ - if (plain_dn->length >= 12 && - strncmp((const char *)plain_dn->data, ";", 12) == 0) { - if (!have_reveal_control) { - /* it's a deleted linked - * attribute, and we don't - * have the reveal control */ - memmove(&msg->elements[i].values[j], - &msg->elements[i].values[j+1], - (msg->elements[i].num_values-(j+1))*sizeof(struct ldb_val)); - msg->elements[i].num_values--; - j--; - continue; - } - } - /* don't let users see the internal extended GUID components */ if (!have_reveal_control) { -- cgit