diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-06-28 19:57:12 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-06-28 20:31:37 +0200 |
commit | 03ffed73db41e9433ddc41a6fddf79c2a632a043 (patch) | |
tree | 5aee9bf7f57742872e0691b22a81cea096b22b00 /source4 | |
parent | 5f9a053d6367fe85f0bb4d18eea658411685b1cc (diff) | |
download | samba-03ffed73db41e9433ddc41a6fddf79c2a632a043.tar.gz samba-03ffed73db41e9433ddc41a6fddf79c2a632a043.tar.xz samba-03ffed73db41e9433ddc41a6fddf79c2a632a043.zip |
s4:auth/sam.c - "authsam_expand_nested_groups" - use "dsdb_search_dn" where possible
And always catch LDB errors
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/sam.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/source4/auth/sam.c b/source4/auth/sam.c index b0fc9ca6cad..20e242b1cc0 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -322,7 +322,12 @@ NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx, status = dsdb_get_extended_dn_sid(dn, &sid, "SID"); if (!NT_STATUS_IS_OK(status)) { - ret = dsdb_search(sam_ctx, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, DSDB_SEARCH_SHOW_EXTENDED_DN, NULL); + ret = dsdb_search_dn(sam_ctx, tmp_ctx, &res, dn, attrs, + DSDB_SEARCH_SHOW_EXTENDED_DN); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } dn = res->msgs[0]->dn; status = dsdb_get_extended_dn_sid(dn, &sid, "SID"); } @@ -336,7 +341,8 @@ NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx, } if (only_childs) { - ret = dsdb_search(sam_ctx, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, DSDB_SEARCH_SHOW_EXTENDED_DN, NULL); + ret = dsdb_search_dn(sam_ctx, tmp_ctx, &res, dn, attrs, + DSDB_SEARCH_SHOW_EXTENDED_DN); } else { /* This is an O(n^2) linear search */ already_there = sids_contains_sid((const struct dom_sid**) *res_sids, @@ -345,7 +351,9 @@ NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx, return NT_STATUS_OK; } - ret = dsdb_search(sam_ctx, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, DSDB_SEARCH_SHOW_EXTENDED_DN, "%s", filter); + ret = dsdb_search(sam_ctx, tmp_ctx, &res, dn, LDB_SCOPE_BASE, + attrs, DSDB_SEARCH_SHOW_EXTENDED_DN, "%s", + filter); } if (ret == LDB_ERR_NO_SUCH_OBJECT) { |