From: Gary Lockyer Date: Tue, 6 Mar 2018 02:27:51 +0000 (+1300) Subject: ldb_tdb: Make sure max_key_length != 0 requires a GUID index mode X-Git-Tag: ldb-1.4.0~452 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=705cf715f9015e879bb7fe712fffe3a69b805aad;p=thirdparty%2Fsamba.git ldb_tdb: Make sure max_key_length != 0 requires a GUID index mode We need to enforce the GUID index mode so end-users do not get a supprise in mid-operation and we enforce a max key length of 511 so that the index key trunctation is done correctly. Otherwise the DB will appear to work until a very long key (DN or index) is used, after which it will be sad. Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher --- diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c index 1d06566aa30..873ebbcab0e 100644 --- a/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/lib/ldb/ldb_tdb/ldb_tdb.c @@ -651,6 +651,16 @@ static int ltdb_add(struct ltdb_context *ctx) struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private); int ret = LDB_SUCCESS; + if (ltdb->max_key_length != 0 && + ltdb->cache->GUID_index_attribute == NULL && + !ldb_dn_is_special(req->op.add.message->dn)) + { + ldb_set_errstring(ldb_module_get_ctx(module), + "Must operate ldb_mdb in GUID " + "index mode, but " LTDB_IDXGUID " not set."); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + ret = ltdb_check_special_dn(module, req->op.add.message); if (ret != LDB_SUCCESS) { return ret; @@ -2149,7 +2159,13 @@ int init_store(struct ltdb_private *ltdb, *_module = module; /* - * Set the maximum key length + * Set or override the maximum key length + * + * The ldb_mdb code will have set this to 511, but our tests + * set this even smaller (to make the tests more practical). + * + * This must only be used for the selftest as the length + * becomes encoded in the index keys. */ { const char *len_str =