From d873fb72bc3f7b410a66f98b5045101292718717 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Wed, 3 Nov 2010 16:25:17 +0100 Subject: s4:objectclass_attrs LDB module - refactor the "dSHeuristics" checker The checks are done when there are more than 0 values. The other checks should be performed by the other parts of the module. --- source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) (limited to 'source4/dsdb/samdb') diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c index f609e9210b..bd4e0be646 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c @@ -72,21 +72,18 @@ static int oc_op_callback(struct ldb_request *req, struct ldb_reply *ares); /* checks correctness of dSHeuristics attribute * as described in MS-ADTS 7.1.1.2.4.1.2 dSHeuristics */ - static int oc_validate_dsheuristics(struct ldb_message_element *el) { - if (LDB_FLAG_MOD_TYPE(el->flags) == LDB_FLAG_MOD_DELETE || - el->num_values < 1) { - return LDB_SUCCESS; - } - if (el->values[0].length > DS_HR_LDAP_BYPASS_UPPER_LIMIT_BOUNDS) { - return LDB_ERR_CONSTRAINT_VIOLATION; - } else if (el->values[0].length >= DS_HR_TENTH_CHAR - && el->values[0].data[DS_HR_TENTH_CHAR-1] != '1') { - return LDB_ERR_CONSTRAINT_VIOLATION; - } else { - return LDB_SUCCESS; + if (el->num_values > 0) { + if (el->values[0].length > DS_HR_LDAP_BYPASS_UPPER_LIMIT_BOUNDS) { + return LDB_ERR_CONSTRAINT_VIOLATION; + } else if (el->values[0].length >= DS_HR_TENTH_CHAR + && el->values[0].data[DS_HR_TENTH_CHAR-1] != '1') { + return LDB_ERR_CONSTRAINT_VIOLATION; + } } + + return LDB_SUCCESS; } static int attr_handler(struct oc_context *ac) -- cgit