sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code

ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags

Browse Source 
This is what Windows 2008 R2 returns:

LDB_MOD_ADD     => LDB_ERR_UNWILLING_TO_PERFORM
LDB_MOD_REPLACE => LDB_ERR_CONSTRAINT_VIOLATION
LDB_MOD_DEL     => LDB_ERR_UNWILLING_TO_PERFORM

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2013-09-25 01:30:23 +02:00
parent da7ef12b43
commit d2ff474766
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/ldb/modules/rdn_name.c
View File

@ -371,6 +371,7 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
{ {
struct ldb_context *ldb; struct ldb_context *ldb;
const struct ldb_val *rdn_val_p; const struct ldb_val *rdn_val_p;
struct ldb_message_element *e = NULL;
ldb = ldb_module_get_ctx(module); ldb = ldb_module_get_ctx(module);
@ -389,10 +390,15 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
return LDB_ERR_INVALID_DN_SYNTAX; return LDB_ERR_INVALID_DN_SYNTAX;
} }
if (ldb_msg_find_element(req->op.mod.message, "distinguishedName")) { e = ldb_msg_find_element(req->op.mod.message, "distinguishedName");
if (e != NULL) {
ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead", ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead",
ldb_dn_get_linearized(req->op.mod.message->dn)); ldb_dn_get_linearized(req->op.mod.message->dn));
if (e->flags == LDB_FLAG_MOD_REPLACE) {
return LDB_ERR_CONSTRAINT_VIOLATION; return LDB_ERR_CONSTRAINT_VIOLATION;
} else {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
} }
if (ldb_msg_find_element(req->op.mod.message, "name")) { if (ldb_msg_find_element(req->op.mod.message, "name")) {