sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-02 00:22:11 +03:00
Code Activity

s4:objectclass LDB module - we should not simply ignore additional "objectClass" attribute changes

Browse Source 
There first one we perform all other tentatives are terminated with
ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows).

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104
This commit is contained in:
Matthias Dieter Wallnöfer
2010-11-12 19:49:47 +01:00
parent 584a2d125e
commit 37bd313304
2 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
source4/dsdb/samdb/ldb_modules/objectclass.c
View File

@ -1082,12 +1082,26 @@ static int objectclass_do_mod(struct oc_context *ac)
break;
}
/* Only one "objectclass" attribute change element per modify request
* allowed! */
for (i = 0; i < ac->req->op.mod.message->num_elements; i++) {
if (ldb_attr_cmp(ac->req->op.mod.message->elements[i].name,
"objectClass") != 0) continue;
if (ldb_msg_element_compare(&ac->req->op.mod.message->elements[i],
oc_el_change) != 0) {
ldb_set_errstring(ldb,
"objectclass: only one 'objectClass' attribute change per modify request allowed!");
talloc_free(mem_ctx);
return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
}
}
ret = ldb_msg_add_empty(msg, "objectClass",
LDB_FLAG_MOD_REPLACE, &oc_el_change);
if (ret != LDB_SUCCESS) {
ldb_oom(ldb);
talloc_free(mem_ctx);
return ret;
return ldb_oom(ldb);
}
/* Move from the linked list back into an ldb msg */

13
source4/dsdb/tests/python/ldap.py
View File

@ -310,6 +310,19 @@ class BasicTests(unittest.TestCase):
except LdbError, (num, _):
self.assertEquals(num, ERR_OBJECT_CLASS_VIOLATION)
# More than one change operation is not allowed
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["objectClass"] = MessageElement("bootableDevice", FLAG_MOD_DELETE,
"objectClass")
m["objectClass"] = MessageElement("bootableDevice", FLAG_MOD_ADD,
"objectClass")
try:
ldb.modify(m)
self.fail()
except LdbError, (num, _):
self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
# We cannot remove all object classes by an empty replace
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)