these will be used to determine if a ldb request comes from an
untrusted source. We want requests over ldap:// to be marked untrusted
so we can reject unregistered controls
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
{
return req->handle->location;
}
+
+/**
+ mark a request as untrusted. This tells the rootdse module to remove
+ unregistered controls
+ */
+void ldb_req_mark_untrusted(struct ldb_request *req)
+{
+ req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
+}
+
+/**
+ return true is a request is untrusted
+ */
+bool ldb_req_is_untrusted(struct ldb_request *req)
+{
+ return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
+}
*/
int ldb_reply_add_control(struct ldb_reply *ares, const char *oid, bool critical, void *data);
+/**
+ mark a request as untrusted. This tells the rootdse module to remove
+ unregistered controls
+ */
+void ldb_req_mark_untrusted(struct ldb_request *req);
+
+/**
+ return true is a request is untrusted
+ */
+bool ldb_req_is_untrusted(struct ldb_request *req);
+
#endif
struct ldb_backend_ops;
#define LDB_HANDLE_FLAG_DONE_CALLED 1
+/* call is from an untrusted source - eg. over ldap:// */
+#define LDB_HANDLE_FLAG_UNTRUSTED 2
struct ldb_handle {
int status;