From dab426476ffcab92df7fcb2f76064e46b5101d7f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 18 Oct 2010 10:24:56 +1100 Subject: [PATCH] Revert "s4:dsdb - make the RELAX control private" This must be available to the OpenLDAP backend, to set the GUID values in some situations. We need a proper ACL mechanism to control the use or abuse of this control. This reverts commit 10adee89367cee9add993869280542418fb3d370. --- source4/lib/ldb/include/ldb.h | 14 ++++++++------ source4/libcli/ldap/ldap_controls.c | 3 +-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index d346b0f2d44..7f4752e252f 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -510,12 +510,6 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); */ #define LDB_CONTROL_AS_SYSTEM_OID "1.3.6.1.4.1.7165.4.3.7" -/** - LDB_CONTROL_RELAX_OID relaxes some of the AD constraints to allow some - special operations - should be used carefully! -*/ -#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12" - /* AD controls */ /** @@ -673,6 +667,14 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); /* Other standardised controls */ +/** + OID for the allowing client to request temporary relaxed + enforcement of constraints of the x.500 model. + + \sa draft managedit. +*/ +#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12" + /* OID for LDAP Extended Operation PASSWORD_CHANGE. diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c index 37ade5b299c..8cc0a61cb31 100644 --- a/source4/libcli/ldap/ldap_controls.c +++ b/source4/libcli/ldap/ldap_controls.c @@ -1156,10 +1156,9 @@ static const struct ldap_control_handler ldap_known_controls[] = { { LDB_CONTROL_PERMISSIVE_MODIFY_OID, decode_flag_request, encode_flag_request }, { LDB_CONTROL_SERVER_LAZY_COMMIT, decode_flag_request, encode_flag_request }, { LDB_CONTROL_RODC_DCPROMO_OID, decode_flag_request, encode_flag_request }, + { LDB_CONTROL_RELAX_OID, decode_flag_request, encode_flag_request }, { DSDB_OPENLDAP_DEREFERENCE_CONTROL, decode_openldap_dereference, encode_openldap_dereference }, -/* LDB_CONTROL_RELAX_OID is internal only, and has no network representation */ - { LDB_CONTROL_RELAX_OID, NULL, NULL }, /* DSDB_CONTROL_CURRENT_PARTITION_OID is internal only, and has no network representation */ { DSDB_CONTROL_CURRENT_PARTITION_OID, NULL, NULL }, /* DSDB_CONTROL_REPLICATED_UPDATE_OID is internal only, and has no network representation */ -- 2.34.1