From ff456cd1007dc06a51c5e60394964bcf898b24d2 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 19 Oct 2010 11:17:53 +1100
Subject: s4-ldb: added ldb_req_mark_untrusted() and ldb_req_is_untrusted()

these will be used to determine if a ldb request comes from an
untrusted source. We want requests over ldap:// to be marked untrusted
so we can reject unregistered controls

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
---
 source4/lib/ldb/common/ldb.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'source4/lib/ldb/common')

diff --git a/source4/lib/ldb/common/ldb.c b/source4/lib/ldb/common/ldb.c
index 922237482f..33d6c48cbe 100644
--- a/source4/lib/ldb/common/ldb.c
+++ b/source4/lib/ldb/common/ldb.c
@@ -1810,3 +1810,20 @@ const char *ldb_req_location(struct ldb_request *req)
 {
 	return req->handle->location;
 }
+
+/**
+  mark a request as untrusted. This tells the rootdse module to remove
+  unregistered controls
+ */
+void ldb_req_mark_untrusted(struct ldb_request *req)
+{
+	req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
+}
+
+/**
+   return true is a request is untrusted
+ */
+bool ldb_req_is_untrusted(struct ldb_request *req)
+{
+	return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
+}
-- 
cgit