From 3003bd40379b669e8b2cef7a40784f0114344f8e Mon Sep 17 00:00:00 2001 From: Nadezhda Ivanova Date: Wed, 27 Oct 2010 14:04:03 +0300 Subject: s4-ldb: Changes the aclread module to use LDB_HANDLE_FLAG_UNTRUSTED to determine the source of the request The aclread module used to use a control to make sure the request comes from the ldap server, but now the rootdse filters out any unregistered controls comming from ldap, so the control is lost. Using the LDB_HANDLE_FLAG_UNTRUSTED is a much more elegant solution. Autobuild-User: Nadezhda Ivanova Autobuild-Date: Wed Oct 27 11:55:11 UTC 2010 on sn-devel-104 --- source4/ldap_server/ldap_backend.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source4/ldap_server') diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c index 671e94adce..e45c180e31 100644 --- a/source4/ldap_server/ldap_backend.c +++ b/source4/ldap_server/ldap_backend.c @@ -594,7 +594,6 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call) } } - ldb_request_add_control(lreq, DSDB_CONTROL_SEARCH_APPLY_ACCESS, false, NULL); ldb_set_timeout(samdb, lreq, req->timelimit); ldb_req_mark_untrusted(lreq); -- cgit