From: Andrew Bartlett Date: Fri, 3 Feb 2017 02:35:02 +0000 (+1300) Subject: replmd linked attrs: fully parse dn for upgrade check X-Git-Tag: talloc-2.1.9~241 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=06cca52d7824f6615a67938c742236cf6482c811;p=thirdparty%2Fsamba.git replmd linked attrs: fully parse dn for upgrade check Elsewhere we use the dsdb_dn pointer as a flag indicating parsed-ness, so we have to be consistent. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett --- diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index bdb1a8d9f8d..6b91b4bb5b7 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -1804,6 +1804,25 @@ struct compare_ctx { const struct GUID *invocation_id; }; +/* When a parsed_dn comes from the database, sometimes it is not really parsed. */ + +static int really_parse_trusted_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, + struct parsed_dn *pdn, const char *ldap_oid) +{ + NTSTATUS status; + struct dsdb_dn *dsdb_dn = dsdb_dn_parse_trusted(mem_ctx, ldb, pdn->v, + ldap_oid); + if (dsdb_dn == NULL) { + return LDB_ERR_INVALID_DN_SYNTAX; + } + + status = dsdb_get_extended_dn_guid(dsdb_dn->dn, &pdn->guid, "GUID"); + if (!NT_STATUS_IS_OK(status)) { + return LDB_ERR_OPERATIONS_ERROR; + } + pdn->dsdb_dn = dsdb_dn; + return LDB_SUCCESS; +} static int parsed_dn_compare(struct parsed_dn *pdn1, struct parsed_dn *pdn2) { @@ -2167,9 +2186,9 @@ static int replmd_check_upgrade_links(struct ldb_context *ldb, uint32_t version; int ret; if (dns[i].dsdb_dn == NULL) { - dns[i].dsdb_dn = dsdb_dn_parse(dns, ldb, dns[i].v, - ldap_oid); - if (dns[i].dsdb_dn == NULL) { + ret = really_parse_trusted_dn(dns, ldb, &dns[i], + ldap_oid); + if (ret != LDB_SUCCESS) { return LDB_ERR_INVALID_DN_SYNTAX; } }