sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Code

dsdb-acl: don't call dsdb_user_password_support() if we don't use the result

Browse Source 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
This commit is contained in:
Stefan Metzmacher 2013-01-17 08:37:12 +01:00 committed by Matthieu Patou
parent 8e63a72ec1
commit 947985b259
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
source4/dsdb/samdb/ldb_modules/acl.c
View File

@ -982,7 +982,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
struct security_descriptor *sd; struct security_descriptor *sd;
struct dom_sid *sid = NULL; struct dom_sid *sid = NULL;
struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID); struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID);
bool userPassword = dsdb_user_password_support(module, req, req); bool userPassword;
TALLOC_CTX *tmp_ctx = talloc_new(req); TALLOC_CTX *tmp_ctx = talloc_new(req);
static const char *acl_attrs[] = { static const char *acl_attrs[] = {
"nTSecurityDescriptor", "nTSecurityDescriptor",
@ -1017,6 +1017,8 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
goto fail; goto fail;
} }
userPassword = dsdb_user_password_support(module, req, req);
schema = dsdb_get_schema(ldb, tmp_ctx); schema = dsdb_get_schema(ldb, tmp_ctx);
if (!schema) { if (!schema) {
talloc_free(tmp_ctx); talloc_free(tmp_ctx);
@ -1661,7 +1663,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req)
ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses"); ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses");
ac->allowedChildClassesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedChildClassesEffective"); ac->allowedChildClassesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedChildClassesEffective");
ac->sDRightsEffective = ldb_attr_in_list(req->op.search.attrs, "sDRightsEffective"); ac->sDRightsEffective = ldb_attr_in_list(req->op.search.attrs, "sDRightsEffective");
ac->userPassword = dsdb_user_password_support(module, ac, req); ac->userPassword = true;
ac->schema = dsdb_get_schema(ldb, ac); ac->schema = dsdb_get_schema(ldb, ac);
ac->constructed_attrs |= ac->allowedAttributes; ac->constructed_attrs |= ac->allowedAttributes;
@ -1681,6 +1683,10 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(module, req); return ldb_next_request(module, req);
} }
if (!ac->am_system) {
ac->userPassword = dsdb_user_password_support(module, ac, req);
}
ret = acl_search_update_confidential_attrs(ac, data); ret = acl_search_update_confidential_attrs(ac, data);
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {
return ret; return ret;