The branch, master has been updated
via 75706a6 ldb:ldb_msg.c - use LDB result constants for checking
return values
via dabed32 s4:ldap.py - other important RDN check testcases
via 2275bfb s4:ldap.py - remove a debug output
via 736a462 ldb:rdn_name LDB module - more RDN constraint checks (from
AD)
via ea12adf s4/ldb - remove now superflous "ldb_dn_validate" checks
via 349b9b7 s4:dsdb - we don't need to check if a DN != NULL if we call
"ldb_dn_validate"
via 746194c Revert "s4:objectclass LDB module - if we cannot find DN's
parent then the DN itself is invalid"
via 76fb230 ldb:ldb_request - handle here the DN checks
via 86707c7 s4:objectclass LDB module - fix a comment
via e4b5bce s4:libnet/libnet_site.c - make use of LDB return constants
via 23810dc s4:waf-build fix disable-shared build for smbtorture
from 4b86beb s4:selftest: test using the machine account of the rodc
against itself
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 75706a627d0a54713f524cede1d7c72e5ff41cb4
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 20:51:07 2011 +0100
ldb:ldb_msg.c - use LDB result constants for checking return values
Reviewed by: Tridge
Autobuild-User: Matthias Dieter Wallnöfer <[email protected]>
Autobuild-Date: Fri Mar 4 22:51:57 CET 2011 on sn-devel-104
commit dabed32ffe631a334a126fec472f71e628032025
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 09:27:51 2011 +0100
s4:ldap.py - other important RDN check testcases
Reviewed by: Tridge
commit 2275bfb82d82e574f211389dc5ff9c594e8cb82c
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 09:26:40 2011 +0100
s4:ldap.py - remove a debug output
This has only been needed for developing this testcase and has been
forgotten to be removed afterwards.
Reviewed by: Tridge
commit 736a462c3e61500b9e53b76c6e5d743efa5a9e0a
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 11:11:08 2011 +0100
ldb:rdn_name LDB module - more RDN constraint checks (from AD)
Reviewed by: Tridge
commit ea12adf544ffaf86a7b323c60c7f9dfbede87808
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 10:49:47 2011 +0100
s4/ldb - remove now superflous "ldb_dn_validate" checks
If we immediately afterwards perform an LDB base operation then we don't
need an explicit "ldb_dn_validate" check anymore (only OOM makes sense).
Reviewed by: Tridge
commit 349b9b72ec36194a1275eaa42ca145071256b623
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 10:44:22 2011 +0100
s4:dsdb - we don't need to check if a DN != NULL if we call
"ldb_dn_validate"
"ldb_dn_validate" is NULL-safe and does the check implicitly.
Reviewed by: Tridge
commit 746194cfc4e0c119e1947f79ffc7cb50d50b9f43
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 10:15:59 2011 +0100
Revert "s4:objectclass LDB module - if we cannot find DN's parent then the
DN itself is invalid"
This is not needed anymore with the new DN checking.
This reverts commit 5896b7299331aedd065397d2078c62d85bcf68f6.
Reviewed by: Tridge
commit 76fb23064e6346346b5a9908b7908695456b5748
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 10:14:14 2011 +0100
ldb:ldb_request - handle here the DN checks
This is a much better solution than we had before - so all important DN
checks are enforced for each type of LDB database (and not limited to DSDB).
Many "ldb_dn_validate" checks will now become obsolete.
Reviewed by: Tridge
commit 86707c7cc49395453e9fa3fda14da159f0271961
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 09:33:52 2011 +0100
s4:objectclass LDB module - fix a comment
Reviewed by: Tridge
commit e4b5bce151232b64ec2190f230296c469bd94773
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Fri Mar 4 10:40:27 2011 +0100
s4:libnet/libnet_site.c - make use of LDB return constants
Reviewed by: Tridge
commit 23810dca45b2df1e54135974845260d94a88d16e
Author: Christian Ambach <[email protected]>
Date: Fri Mar 4 18:45:20 2011 +0100
s4:waf-build fix disable-shared build for smbtorture
building smbtorture4 with configure --disable-shared failed
with an error that ldb.h could not be found
Signed-off-by: Matthias Dieter Wallnöfer <[email protected]>
Reviewed by: Tridge
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/common/util.c | 4 +-
source4/dsdb/common/util_samr.c | 2 +-
source4/dsdb/samdb/ldb_modules/objectclass.c | 6 +-
source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +-
source4/dsdb/samdb/ldb_modules/simple_ldap_map.c | 2 +-
source4/dsdb/samdb/ldb_modules/wscript_build | 2 +-
source4/dsdb/tests/python/ldap.py | 68 +++++++++++++++++++++-
source4/ldap_server/ldap_server.c | 2 +-
source4/lib/ldb/common/ldb.c | 23 +++++++-
source4/lib/ldb/common/ldb_msg.c | 7 ++-
source4/lib/ldb/modules/rdn_name.c | 41 +++++++++++++-
source4/lib/ldb/pyldb.c | 3 +-
source4/lib/ldb/tools/ldbdel.c | 5 +-
source4/lib/ldb/tools/ldbedit.c | 5 +-
source4/lib/ldb/tools/ldbrename.c | 5 +-
source4/lib/ldb/tools/ldbsearch.c | 5 +-
source4/libnet/libnet_join.c | 2 +-
source4/libnet/libnet_site.c | 12 ++--
source4/rpc_server/drsuapi/getncchanges.c | 6 +-
19 files changed, 161 insertions(+), 41 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index d0efa05..2563b40 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3761,9 +3761,9 @@ int dsdb_search_by_dn_guid(struct ldb_context *ldb,
int ret;
dn = ldb_dn_new_fmt(tmp_ctx, ldb, "<GUID=%s>", GUID_string(tmp_ctx,
guid));
- if (!ldb_dn_validate(dn)) {
+ if (dn == NULL) {
talloc_free(tmp_ctx);
- return LDB_ERR_INVALID_DN_SYNTAX;
+ return ldb_oom(ldb);
}
ret = dsdb_search_dn(ldb, mem_ctx, _res, dn, attrs, dsdb_flags);
diff --git a/source4/dsdb/common/util_samr.c b/source4/dsdb/common/util_samr.c
index deaea2e..7a4f644 100644
--- a/source4/dsdb/common/util_samr.c
+++ b/source4/dsdb/common/util_samr.c
@@ -507,7 +507,7 @@ NTSTATUS dsdb_lookup_rids(struct ldb_context *ldb,
dom_sid_string(tmp_ctx,
dom_sid_add_rid(tmp_ctx,
domain_sid,
rids[i])));
- if (!dn || !ldb_dn_validate(dn)) {
+ if (dn == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c
b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 817f50a..d901584 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -421,9 +421,7 @@ static int objectclass_add(struct ldb_module *module,
struct ldb_request *req)
/* get copy of parent DN */
parent_dn = ldb_dn_get_parent(ac, ac->req->op.add.message->dn);
if (parent_dn == NULL) {
- /* the DN itself might be wrong - therefore
- * "ERR_INVALID_DN_SYNTAX" fits better here. */
- return LDB_ERR_INVALID_DN_SYNTAX;
+ return ldb_operr(ldb);
}
ret = ldb_build_search_req(&search_req, ldb,
@@ -836,7 +834,7 @@ static int objectclass_modify(struct ldb_module *module,
struct ldb_request *req
}
/* MS-ADTS 3.1.1.5.3.5 - on a forest level < 2003 we do allow updates
- * only on application NCs - not on the standard DCs */
+ * only on application NCs - not on the default ones */
if (oc_changes &&
(dsdb_forest_functional_level(ldb) < DS_DOMAIN_FUNCTION_2003)) {
struct ldb_dn *nc_root;
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c
b/source4/dsdb/samdb/ldb_modules/rootdse.c
index be60d89..30fa4d9 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -103,7 +103,7 @@ static int expand_dn_in_message(struct ldb_module *module,
struct ldb_message *m
}
dn = ldb_dn_new(tmp_ctx, ldb, dn_string);
- if (!ldb_dn_validate(dn)) {
+ if (dn == NULL) {
talloc_free(tmp_ctx);
return ldb_operr(ldb);
}
diff --git a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
index fce4592..7412d29 100644
--- a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
+++ b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
@@ -147,7 +147,7 @@ static struct ldb_val objectCategory_always_dn(struct
ldb_module *module, TALLOC
const struct ldb_schema_attribute *a =
ldb_schema_attribute_by_name(ldb, "objectCategory");
dn = ldb_dn_from_ldb_val(ctx, ldb, val);
- if (dn && ldb_dn_validate(dn)) {
+ if (ldb_dn_validate(dn)) {
talloc_free(dn);
return val_copy(module, ctx, val);
}
diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build
b/source4/dsdb/samdb/ldb_modules/wscript_build
index 4ff5bdf..8ad893c 100644
--- a/source4/dsdb/samdb/ldb_modules/wscript_build
+++ b/source4/dsdb/samdb/ldb_modules/wscript_build
@@ -179,7 +179,7 @@ bld.SAMBA_MODULE('ldb_extended_dn_in',
init_function='ldb_extended_dn_in_module_init',
module_init_name='ldb_init_module',
internal_module=False,
- deps='talloc events samba-util'
+ deps='ldb talloc events samba-util'
)
diff --git a/source4/dsdb/tests/python/ldap.py
b/source4/dsdb/tests/python/ldap.py
index d324d40..d546717 100755
--- a/source4/dsdb/tests/python/ldap.py
+++ b/source4/dsdb/tests/python/ldap.py
@@ -889,6 +889,30 @@ class BasicTests(unittest.TestCase):
"""Tests the RDN"""
print "Tests the RDN"""
+ # Search
+
+ # empty RDN
+ try:
+ self.ldb.search("=,cn=users," + self.base_dn, scope=SCOPE_BASE)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ # empty RDN name
+ try:
+ self.ldb.search("cn=,cn=users," + self.base_dn, scope=SCOPE_BASE)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ try:
+ self.ldb.search("=ldaptestgroup,cn=users," + self.base_dn,
scope=SCOPE_BASE)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ # Add
+
# empty RDN
try:
self.ldb.add({
@@ -940,6 +964,29 @@ class BasicTests(unittest.TestCase):
self.assertTrue("name" in res[0])
self.assertTrue(res[0]["name"][0] == "ldaptestgroup")
+ # Modify
+
+ # empty RDN value
+ m = Message()
+ m.dn = Dn(ldb, "cn=,cn=users," + self.base_dn)
+ m["description"] = "test"
+ try:
+ self.ldb.modify(m)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ # Delete
+
+ # empty RDN value
+ try:
+ self.ldb.delete("cn=,cn=users," + self.base_dn)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ # Rename
+
# new empty RDN
try:
self.ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn,
@@ -964,6 +1011,26 @@ class BasicTests(unittest.TestCase):
except LdbError, (num, _):
self.assertEquals(num, ERR_NAMING_VIOLATION)
+ # new wrong RDN candidate
+ try:
+ self.ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn,
+ "description=xyz,cn=users," + self.base_dn)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+ delete_force(self.ldb, "description=xyz,cn=users," + self.base_dn)
+
+ # old empty RDN value
+ try:
+ self.ldb.rename("cn=,cn=users," + self.base_dn,
+ "cn=ldaptestgroup,cn=users," + self.base_dn)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
+
+ # names
+
m = Message()
m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
m["name"] = MessageElement("cn=ldaptestuser", FLAG_MOD_REPLACE,
@@ -2668,7 +2735,6 @@ class BaseDnTests(unittest.TestCase):
res3 = self.ldb.search(res2[0]["dsServiceName"][0], scope=SCOPE_BASE,
attrs=["msDS-Behavior-Version"])
self.assertEquals(len(res3), 1)
- print res3[0]
self.assertEquals(len(res3[0]["msDS-Behavior-Version"]), 1)
self.assertEquals(int(res[0]["domainControllerFunctionality"][0]),
int(res3[0]["msDS-Behavior-Version"][0]))
diff --git a/source4/ldap_server/ldap_server.c
b/source4/ldap_server/ldap_server.c
index cd90b47..adcf7bc 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -175,7 +175,7 @@ static int ldapsrv_load_limits(struct ldapsrv_connection
*conn)
}
basedn = ldb_dn_new(tmp_ctx, conn->ldb, NULL);
- if ( ! ldb_dn_validate(basedn)) {
+ if (basedn == NULL) {
goto failed;
}
diff --git a/source4/lib/ldb/common/ldb.c b/source4/lib/ldb/common/ldb.c
index f644855..d902482 100644
--- a/source4/lib/ldb/common/ldb.c
+++ b/source4/lib/ldb/common/ldb.c
@@ -823,10 +823,21 @@ int ldb_request(struct ldb_context *ldb, struct
ldb_request *req)
/* call the first module in the chain */
switch (req->operation) {
case LDB_SEARCH:
+ /* due to "ldb_build_search_req" base DN always != NULL */
+ if (!ldb_dn_validate(req->op.search.base)) {
+ ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn
'%s'",
+
ldb_dn_get_linearized(req->op.search.base));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
FIRST_OP(ldb, search);
ret = module->ops->search(module, req);
break;
case LDB_ADD:
+ if (!ldb_dn_validate(req->op.add.message->dn)) {
+ ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
+
ldb_dn_get_linearized(req->op.add.message->dn));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
/*
* we have to normalize here, as so many places
* in modules and backends assume we don't have two
@@ -838,14 +849,19 @@ int ldb_request(struct ldb_context *ldb, struct
ldb_request *req)
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
+ FIRST_OP(ldb, add);
ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
if (ret != LDB_SUCCESS) {
return ret;
}
- FIRST_OP(ldb, add);
ret = module->ops->add(module, req);
break;
case LDB_MODIFY:
+ if (!ldb_dn_validate(req->op.mod.message->dn)) {
+ ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn
'%s'",
+
ldb_dn_get_linearized(req->op.mod.message->dn));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
FIRST_OP(ldb, modify);
ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
if (ret != LDB_SUCCESS) {
@@ -854,6 +870,11 @@ int ldb_request(struct ldb_context *ldb, struct
ldb_request *req)
ret = module->ops->modify(module, req);
break;
case LDB_DELETE:
+ if (!ldb_dn_validate(req->op.del.dn)) {
+ ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn
'%s'",
+
ldb_dn_get_linearized(req->op.del.dn));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
FIRST_OP(ldb, del);
ret = module->ops->del(module, req);
break;
diff --git a/source4/lib/ldb/common/ldb_msg.c b/source4/lib/ldb/common/ldb_msg.c
index 8b51ad0..d1c77f8 100644
--- a/source4/lib/ldb/common/ldb_msg.c
+++ b/source4/lib/ldb/common/ldb_msg.c
@@ -890,11 +890,14 @@ int ldb_msg_rename_attr(struct ldb_message *msg, const
char *attr, const char *r
int ldb_msg_copy_attr(struct ldb_message *msg, const char *attr, const char
*replace)
{
struct ldb_message_element *el = ldb_msg_find_element(msg, attr);
+ int ret;
+
if (el == NULL) {
return LDB_SUCCESS;
}
- if (ldb_msg_add(msg, el, 0) != 0) {
- return LDB_ERR_OPERATIONS_ERROR;
+ ret = ldb_msg_add(msg, el, 0);
+ if (ret != LDB_SUCCESS) {
+ return ret;
}
return ldb_msg_rename_attr(msg, attr, replace);
}
diff --git a/source4/lib/ldb/modules/rdn_name.c
b/source4/lib/ldb/modules/rdn_name.c
index 313d999..50b63ae 100644
--- a/source4/lib/ldb/modules/rdn_name.c
+++ b/source4/lib/ldb/modules/rdn_name.c
@@ -370,6 +370,7 @@ static int rdn_name_rename(struct ldb_module *module,
struct ldb_request *req)
static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb;
+ const struct ldb_val *rdn_val_p;
ldb = ldb_module_get_ctx(module);
@@ -378,6 +379,16 @@ static int rdn_name_modify(struct ldb_module *module,
struct ldb_request *req)
return ldb_next_request(module, req);
}
+ rdn_val_p = ldb_dn_get_rdn_val(req->op.mod.message->dn);
+ if (rdn_val_p == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if (rdn_val_p->length == 0) {
+ ldb_asprintf_errstring(ldb, "Empty RDN value on %s not
permitted!",
+
ldb_dn_get_linearized(req->op.mod.message->dn));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
+
if (ldb_msg_find_element(req->op.mod.message, "distinguishedName")) {
ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on
%s not permitted, must use 'rename' operation instead",
ldb_dn_get_linearized(req->op.mod.message->dn));
@@ -400,11 +411,39 @@ static int rdn_name_modify(struct ldb_module *module,
struct ldb_request *req)
return ldb_next_request(module, req);
}
+static int rdn_name_search(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_context *ldb;
+ const char *rdn_name;
+ const struct ldb_val *rdn_val_p;
+
+ ldb = ldb_module_get_ctx(module);
+
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(req->op.search.base)) {
+ return ldb_next_request(module, req);
+ }
+
+ rdn_name = ldb_dn_get_rdn_name(req->op.search.base);
+ rdn_val_p = ldb_dn_get_rdn_val(req->op.search.base);
+ if ((rdn_name != NULL) && (rdn_val_p == NULL)) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if ((rdn_val_p != NULL) && (rdn_val_p->length == 0)) {
+ ldb_asprintf_errstring(ldb, "Empty RDN value on %s not
permitted!",
+
ldb_dn_get_linearized(req->op.search.base));
+ return LDB_ERR_INVALID_DN_SYNTAX;
+ }
+
+ return ldb_next_request(module, req);
+}
+
static const struct ldb_module_ops ldb_rdn_name_module_ops = {
.name = "rdn_name",
.add = rdn_name_add,
.modify = rdn_name_modify,
- .rename = rdn_name_rename
+ .rename = rdn_name_rename,
+ .search = rdn_name_search
};
int ldb_rdn_name_init(const char *version)
diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c
index c1962e6..d14487b 100644
--- a/source4/lib/ldb/pyldb.c
+++ b/source4/lib/ldb/pyldb.c
@@ -553,8 +553,7 @@ static PyObject *py_ldb_dn_new(PyTypeObject *type, PyObject
*args, PyObject *kwa
}
ret = ldb_dn_new(mem_ctx, ldb_ctx, str);
-
- if (ret == NULL || !ldb_dn_validate(ret)) {
+ if (!ldb_dn_validate(ret)) {
talloc_free(mem_ctx);
PyErr_SetString(PyExc_ValueError, "unable to parse dn string");
return NULL;
diff --git a/source4/lib/ldb/tools/ldbdel.c b/source4/lib/ldb/tools/ldbdel.c
index 35d0137..8036d09 100644
--- a/source4/lib/ldb/tools/ldbdel.c
+++ b/source4/lib/ldb/tools/ldbdel.c
@@ -110,9 +110,8 @@ int main(int argc, const char **argv)
struct ldb_dn *dn;
dn = ldb_dn_new(ldb, ldb, options->argv[i]);
- if ( ! ldb_dn_validate(dn)) {
- printf("Invalid DN format\n");
- return LDB_ERR_INVALID_DN_SYNTAX;
+ if (dn == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
}
if (options->recursive) {
ret = ldb_delete_recursive(ldb, dn,req_ctrls);
diff --git a/source4/lib/ldb/tools/ldbedit.c b/source4/lib/ldb/tools/ldbedit.c
index 8df3706..36d054e 100644
--- a/source4/lib/ldb/tools/ldbedit.c
+++ b/source4/lib/ldb/tools/ldbedit.c
@@ -326,9 +326,8 @@ int main(int argc, const char **argv)
if (options->basedn != NULL) {
basedn = ldb_dn_new(ldb, ldb, options->basedn);
- if ( ! ldb_dn_validate(basedn)) {
- printf("Invalid Base DN format\n");
- return LDB_ERR_INVALID_DN_SYNTAX;
+ if (basedn == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
}
}
diff --git a/source4/lib/ldb/tools/ldbrename.c
b/source4/lib/ldb/tools/ldbrename.c
index e8f6750..9bbd1f0 100644
--- a/source4/lib/ldb/tools/ldbrename.c
+++ b/source4/lib/ldb/tools/ldbrename.c
@@ -66,9 +66,8 @@ int main(int argc, const char **argv)
dn1 = ldb_dn_new(ldb, ldb, options->argv[0]);
dn2 = ldb_dn_new(ldb, ldb, options->argv[1]);
- if ((!ldb_dn_validate(dn1)) || (!ldb_dn_validate(dn2))) {
- printf("Invalid DN format(s)\n");
- return LDB_ERR_INVALID_DN_SYNTAX;
+ if ((dn1 == NULL) || (dn2 == NULL)) {
+ return LDB_ERR_OPERATIONS_ERROR;
}
ret = ldb_rename(ldb, dn1, dn2);
diff --git a/source4/lib/ldb/tools/ldbsearch.c
b/source4/lib/ldb/tools/ldbsearch.c
index 8c10171..d10b965 100644
--- a/source4/lib/ldb/tools/ldbsearch.c
+++ b/source4/lib/ldb/tools/ldbsearch.c
@@ -297,9 +297,8 @@ int main(int argc, const char **argv)
if (options->basedn != NULL) {
basedn = ldb_dn_new(ldb, ldb, options->basedn);
- if ( ! ldb_dn_validate(basedn)) {
- fprintf(stderr, "Invalid Base DN format\n");
- return LDB_ERR_INVALID_DN_SYNTAX;
+ if (basedn == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
}
}
diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index 715f21b..6e76df4 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -236,7 +236,7 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context
*ctx, struct libnet_J
}
account_dn = ldb_dn_new(tmp_ctx, remote_ldb, account_dn_str);
- if (! ldb_dn_validate(account_dn)) {
+ if (account_dn == NULL) {
r->out.error_string = talloc_asprintf(r, "Invalid account dn:
%s",
account_dn_str);
talloc_free(tmp_ctx);
diff --git a/source4/libnet/libnet_site.c b/source4/libnet/libnet_site.c
index 5332b04..9bfca74 100644
--- a/source4/libnet/libnet_site.c
+++ b/source4/libnet/libnet_site.c
@@ -203,19 +203,19 @@ NTSTATUS libnet_JoinSite(struct libnet_context *ctx,
}
rtn = ldb_msg_add_string(msg, "objectClass", "server");
- if (rtn != 0) {
+ if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string = NULL;
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
rtn = ldb_msg_add_string(msg, "systemFlags", "50000000");
- if (rtn != 0) {
+ if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string = NULL;
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
rtn = ldb_msg_add_string(msg, "serverReference",
libnet_r->out.account_dn_str);
- if (rtn != 0) {
+ if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string = NULL;
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
@@ -246,7 +246,7 @@ NTSTATUS libnet_JoinSite(struct libnet_context *ctx,
msg->dn = server_dn;
rtn = ldb_msg_add_string(msg,
"serverReference",libnet_r->out.account_dn_str);
- if (rtn != 0) {
+ if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string = NULL;
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
@@ -259,7 +259,7 @@ NTSTATUS libnet_JoinSite(struct libnet_context *ctx,
}
rtn = ldb_modify(remote_ldb, msg);
- if (rtn != 0) {
+ if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string
= talloc_asprintf(libnet_r,
"Failed to modify server
entry %s: %s: %d",
@@ -268,7 +268,7 @@ NTSTATUS libnet_JoinSite(struct libnet_context *ctx,
talloc_free(tmp_ctx);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- } else if (rtn != 0) {
+ } else if (rtn != LDB_SUCCESS) {
libnet_r->out.error_string
= talloc_asprintf(libnet_r,
"Failed to add server entry %s: %s: %d",
--
Samba Shared Repository
