From a73a0372f9fec93c9e6620859c9410ae4e702f88 Mon Sep 17 00:00:00 2001 From: Matthieu Patou Date: Wed, 23 Sep 2009 13:34:58 +0400 Subject: s4-ldb: Add new relax controls that allow relaxed x500 constraints checks --- source4/lib/ldb/common/ldb_controls.c | 27 +++++++++++++++++++++++++++ source4/lib/ldb/include/ldb.h | 8 ++++++++ 2 files changed, 35 insertions(+) (limited to 'source4/lib') diff --git a/source4/lib/ldb/common/ldb_controls.c b/source4/lib/ldb/common/ldb_controls.c index b38373ec12..32b2c0f66d 100644 --- a/source4/lib/ldb/common/ldb_controls.c +++ b/source4/lib/ldb/common/ldb_controls.c @@ -407,6 +407,33 @@ struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, void *me continue; } + if (strncmp(control_strings[i], "relax:", 6) == 0) { + const char *p; + int crit, ret; + + p = &(control_strings[i][6]); + ret = sscanf(p, "%d", &crit); + if ((ret != 1) || (crit < 0) || (crit > 1)) { + error_string = talloc_asprintf(mem_ctx, "invalid relax control syntax\n"); + error_string = talloc_asprintf_append(error_string, " syntax: crit(b)\n"); + error_string = talloc_asprintf_append(error_string, " note: b = boolean"); + ldb_set_errstring(ldb, error_string); + talloc_free(error_string); + return NULL; + } + + ctrl[i] = talloc(ctrl, struct ldb_control); + if (!ctrl[i]) { + ldb_oom(ldb); + return NULL; + } + ctrl[i]->oid = LDB_CONTROL_RELAX_OID; + ctrl[i]->critical = crit; + ctrl[i]->data = NULL; + + continue; + } + if (strncmp(control_strings[i], "domain_scope:", 13) == 0) { const char *p; int crit, ret; diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index 04f7ccb3f2..d4af95b394 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -456,6 +456,14 @@ const struct ldb_dn_extended_syntax *ldb_dn_extended_syntax_by_name(struct ldb_c /* sorting helpers */ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); +/** + OID for the allowing client to request temporary relaxed + enforcement of constraints of the x.500 model. + + \sa draft managedit. +*/ + +#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12" /** OID for the paged results control. This control is included in the searchRequest and searchResultDone messages as part of the controls -- cgit