From 4ef36fda681409bf7050adb98bb4b3d574bc01a9 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 23 Nov 2012 09:31:05 +0100 Subject: s4:dsdb/descriptor: remove some nesting from descriptor_modify If the nTSecurityDescriptor attribute is not specified, we have nothing to do. Signed-off-by: Stefan Metzmacher Reviewed-by: Michael Adam --- source4/dsdb/samdb/ldb_modules/descriptor.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source4/dsdb') diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c index 9a4f3d3e04..b41c0aafba 100644 --- a/source4/dsdb/samdb/ldb_modules/descriptor.c +++ b/source4/dsdb/samdb/ldb_modules/descriptor.c @@ -619,7 +619,7 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req) const struct ldb_val *user_sd; struct ldb_dn *dn = req->op.mod.message->dn; struct ldb_dn *parent_dn; - struct ldb_message_element *objectclass_element; + struct ldb_message_element *objectclass_element, *sd_element; int ret; uint32_t instanceType; uint32_t sd_flags = dsdb_request_sd_flags(req, NULL); @@ -636,8 +636,15 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } + + sd_element = ldb_msg_find_element(req->op.mod.message, "nTSecurityDescriptor"); + if (sd_element == NULL) { + return ldb_next_request(module, req); + } + user_sd = ldb_msg_find_ldb_val(req->op.mod.message, "nTSecurityDescriptor"); - if (!user_sd) { + /* nTSecurityDescriptor without a value is an error, letting through so it is handled */ + if (user_sd == NULL) { return ldb_next_request(module, req); } @@ -707,14 +714,7 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req) if (msg == NULL) { return ldb_oom(ldb); } - if (sd != NULL) { - struct ldb_message_element *sd_element; - if (user_sd != NULL) { - sd_element = ldb_msg_find_element(msg, - "nTSecurityDescriptor"); - sd_element->values[0] = *sd; - } - } + sd_element->values[0] = *sd; ret = ldb_build_mod_req(&mod_req, ldb, req, msg, -- cgit