git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
934bb28
)
s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor
author
Andrew Tridgell
<tridge@samba.org>
Wed, 16 Dec 2009 09:39:55 +0000
(20:39 +1100)
committer
Andrew Tridgell
<tridge@samba.org>
Wed, 16 Dec 2009 09:56:24 +0000
(20:56 +1100)
source4/dsdb/samdb/ldb_modules/operational.c
patch
|
blob
|
history
diff --git
a/source4/dsdb/samdb/ldb_modules/operational.c
b/source4/dsdb/samdb/ldb_modules/operational.c
index 0ea4b798b46356d96209e326aa51d8d6f299d204..3b1b13faf51e9912b7722af1234431f40229bed6 100644
(file)
--- a/
source4/dsdb/samdb/ldb_modules/operational.c
+++ b/
source4/dsdb/samdb/ldb_modules/operational.c
@@
-214,7
+214,8
@@
static const struct {
enum op_remove {
OPERATIONAL_REMOVE_ALWAYS, /* remove always */
enum op_remove {
OPERATIONAL_REMOVE_ALWAYS, /* remove always */
- OPERATIONAL_REMOVE_UNASKED /* remove if not requested */
+ OPERATIONAL_REMOVE_UNASKED,/* remove if not requested */
+ OPERATIONAL_SD_FLAGS /* show if SD_FLAGS_OID set, or asked for */
};
/*
};
/*
@@
-225,7
+226,7
@@
static const struct {
const char *attr;
enum op_remove op;
} operational_remove[] = {
const char *attr;
enum op_remove op;
} operational_remove[] = {
- { "nTSecurityDescriptor", OPERATIONAL_
REMOVE_UNASKED
},
+ { "nTSecurityDescriptor", OPERATIONAL_
SD_FLAGS
},
{ "parentGUID", OPERATIONAL_REMOVE_ALWAYS },
{ "replPropertyMetaData", OPERATIONAL_REMOVE_UNASKED },
{ "unicodePwd", OPERATIONAL_REMOVE_UNASKED },
{ "parentGUID", OPERATIONAL_REMOVE_ALWAYS },
{ "replPropertyMetaData", OPERATIONAL_REMOVE_UNASKED },
{ "unicodePwd", OPERATIONAL_REMOVE_UNASKED },
@@
-244,7
+245,8
@@
static const struct {
*/
static int operational_search_post_process(struct ldb_module *module,
struct ldb_message *msg,
*/
static int operational_search_post_process(struct ldb_module *module,
struct ldb_message *msg,
- const char * const *attrs)
+ const char * const *attrs,
+ bool sd_flags_set)
{
struct ldb_context *ldb;
int i, a=0;
{
struct ldb_context *ldb;
int i, a=0;
@@
-253,18
+255,20
@@
static int operational_search_post_process(struct ldb_module *module,
/* removed any attrs that should not be shown to the user */
for (i=0; i<ARRAY_SIZE(operational_remove); i++) {
/* removed any attrs that should not be shown to the user */
for (i=0; i<ARRAY_SIZE(operational_remove); i++) {
- struct ldb_message_element *el;
-
switch (operational_remove[i].op) {
case OPERATIONAL_REMOVE_UNASKED:
if (ldb_attr_in_list(attrs, operational_remove[i].attr)) {
continue;
}
case OPERATIONAL_REMOVE_ALWAYS:
switch (operational_remove[i].op) {
case OPERATIONAL_REMOVE_UNASKED:
if (ldb_attr_in_list(attrs, operational_remove[i].attr)) {
continue;
}
case OPERATIONAL_REMOVE_ALWAYS:
- el = ldb_msg_find_element(msg, operational_remove[i].attr);
- if (el) {
- ldb_msg_remove_element(msg, el);
+ ldb_msg_remove_attr(msg, operational_remove[i].attr);
+ break;
+ case OPERATIONAL_SD_FLAGS:
+ if (sd_flags_set ||
+ ldb_attr_in_list(attrs, operational_remove[i].attr)) {
+ continue;
}
}
+ ldb_msg_remove_attr(msg, operational_remove[i].attr);
break;
}
}
break;
}
}
@@
-321,6
+325,7
@@
struct operational_context {
struct ldb_request *req;
const char * const *attrs;
struct ldb_request *req;
const char * const *attrs;
+ bool sd_flags_set;
};
static int operational_callback(struct ldb_request *req, struct ldb_reply *ares)
};
static int operational_callback(struct ldb_request *req, struct ldb_reply *ares)
@@
-344,8
+349,9
@@
static int operational_callback(struct ldb_request *req, struct ldb_reply *ares)
/* for each record returned post-process to add any derived
attributes that have been asked for */
ret = operational_search_post_process(ac->module,
/* for each record returned post-process to add any derived
attributes that have been asked for */
ret = operational_search_post_process(ac->module,
- ares->message,
- ac->attrs);
+ ares->message,
+ ac->attrs,
+ ac->sd_flags_set);
if (ret != 0) {
return ldb_module_done(ac->req, NULL, NULL,
LDB_ERR_OPERATIONS_ERROR);
if (ret != 0) {
return ldb_module_done(ac->req, NULL, NULL,
LDB_ERR_OPERATIONS_ERROR);
@@
-432,6
+438,9
@@
static int operational_search(struct ldb_module *module, struct ldb_request *req
}
}
}
}
+ /* remember if the SD_FLAGS_OID was set */
+ ac->sd_flags_set = (ldb_request_get_control(req, LDB_CONTROL_SD_FLAGS_OID) != NULL);
+
ret = ldb_build_search_req_ex(&down_req, ldb, ac,
req->op.search.base,
req->op.search.scope,
ret = ldb_build_search_req_ex(&down_req, ldb, ac,
req->op.search.base,
req->op.search.scope,