-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrew Bartlett schrieb: > When searching in LDB, we don't currently ensure that the base DN > actually exists. With this patch we will - therefore returning correct > errors to clients, and matching behaviour with LDAP (making support for > an LDAP backend easier, as the same error paths apply). > > The main issue with this patch so far is that places where we expect > this non-standard behaviour. Many I've removed for the LDAP backend, > but I still need to work on SPOOLSS and WINS.
There's also the samba3 group mapping code and the OpenChange code. And I think there're lot more callers within samba which check for res->count == 0 instead of NO_SUCH_OBJECT, do a grep 'res->count' */*.c */*/*.c */*/*/*.c. In most cases this are BASE searches... I think we would be good to explict enable this new behavior via an @OPTIONS object. And only do for our samdb.ldb. > The main issue I can see with this patch is that it's racy - it is > theoretically possible for the base DN to exist, and be deleted before > we finish the search, as it's just a 'pre-check'. Doesn't ltdb_[un]lock_read() handle this. metze -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHNFQrm70gjA5TCD8RAlTCAJ9/ZsINRMjneP2z950bHBs4jc6ZVwCeIteH 6DDtoedHTs+S8KWhyd/RtY8= =N7gN -----END PGP SIGNATURE----- _______________________________________________ devel mailing list [email protected] http://mailman.openchange.org/listinfo/devel
