From 0fca76e5775e46dd69153eee93e92b1937df29b5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 9 Dec 2009 15:18:37 +1100 Subject: s4-dsdb: added dsdb_functional_level() helper function --- source4/dsdb/common/util.c | 16 ++++++++++++++++ source4/dsdb/samdb/ldb_modules/descriptor.c | 8 +------- source4/dsdb/samdb/ldb_modules/password_hash.c | 6 +----- source4/dsdb/samdb/ldb_modules/rootdse.c | 5 ++--- 4 files changed, 20 insertions(+), 15 deletions(-) (limited to 'source4/dsdb') diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index d9e03cec3e..512230f63c 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -2705,3 +2705,19 @@ const char *samdb_cn_to_lDAPDisplayName(TALLOC_CTX *mem_ctx, const char *cn) return ret; } + +/* + return domain functional level + returns DS_DOMAIN_FUNCTION_* + */ +int dsdb_functional_level(struct ldb_context *ldb) +{ + int *domainFunctionality = + talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int); + if (!domainFunctionality) { + DEBUG(0,(__location__ ": WARNING: domainFunctionality not setup\n")); + return DS_DOMAIN_FUNCTION_2000; + } + return *domainFunctionality; +} + diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c index da80ee540e..03cb1ff3e3 100644 --- a/source4/dsdb/samdb/ldb_modules/descriptor.c +++ b/source4/dsdb/samdb/ldb_modules/descriptor.c @@ -141,13 +141,7 @@ static struct dom_sid *get_default_group(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct dom_sid *dag) { - int *domainFunctionality; - - domainFunctionality = talloc_get_type( - ldb_get_opaque(ldb, "domainFunctionality"), int); - - if (*domainFunctionality - && (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008)) { + if (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008) { return dag; } diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 8791db2bc4..4d4f500e87 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1025,7 +1025,6 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) uint8_t zero16[16]; bool do_newer_keys = false; bool do_cleartext = false; - int *domainFunctionality; ZERO_STRUCT(zero16); ZERO_STRUCT(names); @@ -1065,10 +1064,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } } /* Per MS-SAMR 3.1.1.8.11.6 we create AES keys if our domain functionality level is 2008 or higher */ - domainFunctionality = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int); - - do_newer_keys = *domainFunctionality && - (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008); + do_newer_keys = (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008); if (io->domain->store_cleartext && (io->u.user_account_control & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)) { diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 661060d755..045b507ffd 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -322,10 +322,9 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms } } - if (priv && do_attribute(attrs, "domainFunctionality") - && (val = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int))) { + if (priv && do_attribute(attrs, "domainFunctionality")) { if (ldb_msg_add_fmt(msg, "domainFunctionality", - "%d", *val) != 0) { + "%d", dsdb_functional_level(ldb)) != 0) { goto failed; } } -- cgit