diff options
| author | Andrew Tridgell <tridge@samba.org> | 2011-08-02 17:16:44 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2011-08-04 16:17:25 +1000 |
| commit | 849d042dd88e8e7de2748524b054b350af06a859 (patch) | |
| tree | 1becf591e4a25e2b419c788100e8dc277f19cca0 | |
| parent | e07ca09a7bac30b99b0033a59746ba166e429aec (diff) | |
| download | samba-849d042dd88e8e7de2748524b054b350af06a859.tar.gz | |
ldb: added a new always-fail ldap extended match OID
this is used when rewriting filter rules to replace a filter rule with
one that is guaranteed not to match
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
| -rw-r--r-- | lib/ldb/common/ldb_match.c | 13 | ||||
| -rw-r--r-- | lib/ldb/include/ldb_module.h | 2 | ||||
| -rw-r--r-- | source4/setup/schema_samba4.ldif | 8 |
3 files changed, 22 insertions, 1 deletions
diff --git a/lib/ldb/common/ldb_match.c b/lib/ldb/common/ldb_match.c index c23e80478af..5eee02dea31 100644 --- a/lib/ldb/common/ldb_match.c +++ b/lib/ldb/common/ldb_match.c @@ -380,6 +380,16 @@ static int ldb_comparator_bitmask(const char *oid, const struct ldb_val *v1, con return LDB_SUCCESS; } +/* + always return false +*/ +static int ldb_comparator_false(const char *oid, const struct ldb_val *v1, const struct ldb_val *v2, + bool *matched) +{ + *matched = false; + return LDB_SUCCESS; +} + /* extended match, handles things like bitops @@ -395,7 +405,8 @@ static int ldb_match_extended(struct ldb_context *ldb, int (*comparator)(const char *, const struct ldb_val *, const struct ldb_val *, bool *); } rules[] = { { LDB_OID_COMPARATOR_AND, ldb_comparator_bitmask}, - { LDB_OID_COMPARATOR_OR, ldb_comparator_bitmask} + { LDB_OID_COMPARATOR_OR, ldb_comparator_bitmask}, + { SAMBA_LDAP_MATCH_ALWAYS_FALSE, ldb_comparator_false} }; int (*comp)(const char *,const struct ldb_val *, const struct ldb_val *, bool *) = NULL; struct ldb_message_element *el; diff --git a/lib/ldb/include/ldb_module.h b/lib/ldb/include/ldb_module.h index fecf0c7ede9..2acd8f364be 100644 --- a/lib/ldb/include/ldb_module.h +++ b/lib/ldb/include/ldb_module.h @@ -52,6 +52,8 @@ struct ldb_module; /* force single value checking on this attribute */ #define LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK 0x80 +/* an extended match rule that always fails to match */ +#define SAMBA_LDAP_MATCH_ALWAYS_FALSE "1.3.6.1.4.1.7165.4.5.1" /* these function pointers define the operations that a ldb module can intercept diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index 986f0f0f205..1102fcd8d4e 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -12,6 +12,8 @@ ## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations ### see dsdb/samdb/samdb.h +## 1.3.6.1.4.1.7165.4.5.x - ldap extended matches + ## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track # # @@ -197,6 +199,12 @@ #Allocated: DSDB_EXTENDED_CREATE_PARTITION_OID 1.3.6.1.4.1.7165.4.4.4 #Allocated: DSDB_EXTENDED_ALLOCATE_RID_POOL 1.3.6.1.4.1.7165.4.4.5 + +############ +# ldap extended matches +#Allocated: SAMBA_LDAP_MATCH_ALWAYS_FALSE 1.3.6.1.4.1.7165.4.5.1 + + #Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1 #Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2 |