git.samba.org / kamenim / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f9018bc)
s4:dsdb Assert that we can't get backlinks as input in linked_attributes
authorAndrew Bartlett <abartlet@samba.org>
Tue, 15 Jun 2010 12:26:22 +0000 (22:26 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 15 Jun 2010 23:57:52 +0000 (09:57 +1000)
The objectclass_attr module should prevent users creating such links,
and the mrepl_meta_data module should only create them in functional
level 2003 or above.

Andrew Bartlett

source4/dsdb/samdb/ldb_modules/linked_attributes.c patch | blob | history

diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 82fe27ef7f964b7096fee0fe385cdb996d1e1f14..4f36509a85567e6ce1abb320e0c398e259b7e76b 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -229,9 +229,16 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request *
                        return LDB_ERR_OBJECT_CLASS_VIOLATION;                  
                }
                /* We have a valid attribute, now find out if it is a forward link */
-               if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) {
+               if ((schema_attr->linkID == 0)) {
                        continue;
                }
+
+               if ((schema_attr->linkID & 1) == 1) {
+                       unsigned int functional_level;
+                       
+                       functional_level = dsdb_functional_level(ldb);
+                       SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000);
+               }
                
                /* Even link IDs are for the originating attribute */
                target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1);
@@ -456,10 +463,16 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques
                }
                /* We have a valid attribute, now find out if it is a forward link
                   (Even link IDs are for the originating attribute) */
-               if ((schema_attr->linkID == 0) || ((schema_attr->linkID & 1) == 1)) {
+               if (schema_attr->linkID == 0) {
                        continue;
                }
 
+               if ((schema_attr->linkID & 1) == 1) {
+                       unsigned int functional_level;
+                       
+                       functional_level = dsdb_functional_level(ldb);
+                       SMB_ASSERT(functional_level > DS_DOMAIN_FUNCTION_2000);
+               }
                /* Now find the target attribute */
                target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1);
                if (!target_attr) {
kamenim's wip repo