Merge branch 'master' of ssh://git.samba.org/data/git/abartlet/samba into extended...

[abartlet/samba.git/.git] / source4 / lib / ldb-samba / ldif_handlers.c

diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index 58da780d7d47e9d23ca73e8d27102bc11fe47439..5ab31d771bd6a753098d5f47323eb17682116b08 100644 (file)
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -226,20 +226,25 @@ static int extended_dn_read_GUID(struct ldb_context *ldb, void *mem_ctx,
 {
        struct GUID guid;
        enum ndr_err_code ndr_err;
-       if (ldif_read_objectGUID(ldb, mem_ctx, in, out) == 0) {
+       if (in->length == 36 && ldif_read_objectGUID(ldb, mem_ctx, in, out) == 0) {
                return 0;
        }
-       /* Perhaps not a string after all */
-       *out = data_blob_talloc(mem_ctx, NULL, in->length/2+1);
 
+       /* Try as 'hex' form */
+       if (in->length != 32) {
+               return -1;
+       }
+               
+       *out = data_blob_talloc(mem_ctx, NULL, in->length/2+1);
+       
        if (!out->data) {
                return -1;
        }
-
+       
        (*out).length = strhex_to_str((char *)out->data, out->length,
-                                    (const char *)in->data, in->length);
-
-       /* Check it looks like a SID */
+                                     (const char *)in->data, in->length);
+       
+       /* Check it looks like a GUID */
        ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, NULL, &guid,
                                           (ndr_pull_flags_fn_t)ndr_pull_GUID);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
@@ -334,7 +339,8 @@ static int ldif_write_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ct
        if (sd == NULL) {
                return -1;
        }
-       ndr_err = ndr_pull_struct_blob_all(in, sd, NULL, sd,
+       /* We can't use ndr_pull_struct_blob_all because this contains relative pointers */
+       ndr_err = ndr_pull_struct_blob(in, sd, NULL, sd,
                                           (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                talloc_free(sd);