From 4a5e9cf0ed909faef1325efff4581a4c5ee8d736 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Fri, 29 Apr 2011 11:38:56 +0200 Subject: s4:subtree_rename LDB module - fix the move/rename constraints s4:subtree_rename LDB module - fix the move/rename constraints By the inspiration of an email request by ekacnet I have rechecked the move/rename constraints and re-read the chapter 3.1.1.5.4.1 located in the MS-ADTS technical documentation. It really turns out that the constraint checking is only performed on the root object of a request. In addition add my copyright notice (I've written these constraint checks). Autobuild-User: Matthieu Patou Autobuild-Date: Wed Aug 10 01:05:19 CEST 2011 on sn-devel-104 --- source4/dsdb/samdb/ldb_modules/subtree_rename.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'source4/dsdb') diff --git a/source4/dsdb/samdb/ldb_modules/subtree_rename.c b/source4/dsdb/samdb/ldb_modules/subtree_rename.c index f26a99ed09..a4714acb61 100644 --- a/source4/dsdb/samdb/ldb_modules/subtree_rename.c +++ b/source4/dsdb/samdb/ldb_modules/subtree_rename.c @@ -3,6 +3,7 @@ Copyright (C) Andrew Bartlett 2006-2007 Copyright (C) Stefan Metzmacher 2007 + Copyright (C) Matthias Dieter Wallnöfer 2010-2011 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -319,9 +320,12 @@ static int subtree_rename_search_callback(struct ldb_request *req, switch (ares->type) { case LDB_REPLY_ENTRY: if (ldb_dn_compare(ares->message->dn, ac->list->olddn) == 0) { - /* this was already stored by the - * subtree_rename_search() */ - + /* + * This is the root entry of the originating move + * respectively rename request. It has been already + * stored in the list using "subtree_rename_search()". + * Only this one is subject to constraint checking. + */ ret = check_constraints(ares->message, ac, ac->list->olddn, ac->list->newdn); @@ -356,13 +360,6 @@ static int subtree_rename_search_callback(struct ldb_request *req, return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } - - ret = check_constraints(ares->message, ac, - store->olddn, store->newdn); - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); - } - break; case LDB_REPLY_REFERRAL: -- cgit