From cd5b5428781128b11de6bb3270828cc83a45cc03 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Mon, 22 Feb 2010 11:19:10 +0100 Subject: s4:partition DSDB module - change the search and domain scope control handling The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett --- source4/dsdb/samdb/ldb_modules/partition.c | 57 ++++++++++++------------------ 1 file changed, 22 insertions(+), 35 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index 9bd4578a7f..1d4717b8fd 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -450,6 +450,8 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) struct ldb_search_options_control *search_options = NULL; struct dsdb_partition *p; + + bool domain_scope = false, phantom_root = false; ret = partition_reload_if_required(module, data); if (ret != LDB_SUCCESS) { @@ -464,44 +466,40 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(p->module, req); } - + /* Get back the search options from the search control, and mark it as + * non-critical (to make backends and also dcpromo happy). + */ if (search_control) { search_options = talloc_get_type(search_control->data, struct ldb_search_options_control); + search_control->critical = 0; + } - /* Remove the domain_scope control, so we don't confuse a backend server */ + /* Remove the "domain_scope" control, so we don't confuse a backend + * server */ if (domain_scope_control && !save_controls(domain_scope_control, req, &saved_controls)) { ldb_oom(ldb_module_get_ctx(module)); return LDB_ERR_OPERATIONS_ERROR; } - /* - * for now pass down the LDB_CONTROL_SEARCH_OPTIONS_OID control - * down as uncritical to make windows 2008 dcpromo happy. - */ - if (search_control) { - search_control->critical = 0; + /* Locate the options */ + domain_scope = (search_options + && (search_options->search_options & LDB_SEARCH_OPTION_DOMAIN_SCOPE)) + || domain_scope_control; + phantom_root = search_options + && (search_options->search_options & LDB_SEARCH_OPTION_PHANTOM_ROOT); + + /* Remove handled options from the search control flag */ + if (search_options) { + search_options->search_options = search_options->search_options + & ~LDB_SEARCH_OPTION_DOMAIN_SCOPE + & ~LDB_SEARCH_OPTION_PHANTOM_ROOT; } - /* TODO: - * Generate referrals (look for a partition under this DN) if we don't - * have the LDB_CONTROL_DOMAIN_SCOPE_OID control specified. - */ - - if (search_options && (search_options->search_options & LDB_SEARCH_OPTION_PHANTOM_ROOT)) { + if ((!domain_scope) || phantom_root) { int i; struct partition_context *ac; - if ((search_options->search_options & ~LDB_SEARCH_OPTION_PHANTOM_ROOT) == 0) { - /* We have processed this flag, so we are done with this control now */ - - /* Remove search control, so we don't confuse a backend server */ - if (search_control && !save_controls(search_control, req, &saved_controls)) { - ldb_oom(ldb_module_get_ctx(module)); - return LDB_ERR_OPERATIONS_ERROR; - } - } - ac = partition_init_ctx(module, req); if (!ac) { return LDB_ERR_OPERATIONS_ERROR; @@ -556,17 +554,6 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) /* fire the first one */ return partition_call_first(ac); } else { - /* Handle this like all other requests */ - if (search_control && (search_options->search_options & ~LDB_SEARCH_OPTION_PHANTOM_ROOT) == 0) { - /* We have processed this flag, so we are done with this control now */ - - /* Remove search control, so we don't confuse a backend server */ - if (search_control && !save_controls(search_control, req, &saved_controls)) { - ldb_oom(ldb_module_get_ctx(module)); - return LDB_ERR_OPERATIONS_ERROR; - } - } - return partition_replicate(module, req, req->op.search.base); } } -- cgit