s4-dsdb: added dsdb_functional_level() helper function

author Andrew Tridgell <tridge@samba.org>

Wed, 9 Dec 2009 04:18:37 +0000 (15:18 +1100)

committer Andrew Tridgell <tridge@samba.org>

Wed, 9 Dec 2009 07:18:26 +0000 (18:18 +1100)
author Andrew Tridgell <tridge@samba.org>
Wed, 9 Dec 2009 04:18:37 +0000 (15:18 +1100)
committer Andrew Tridgell <tridge@samba.org>
Wed, 9 Dec 2009 07:18:26 +0000 (18:18 +1100)
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c

index c565f2fb1ad2ac962464a6a7aa550bffff3e28e5..049b0085b33c930cf42662cfee473476a2b7540b 100644 (file)
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -215,10 +215,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
  #endif
  
         if (samdb_is_pdc(sam_ctx)) {
-               int *domainFunctionality;
                 server_type |= DS_SERVER_PDC;
-               domainFunctionality = talloc_get_type(ldb_get_opaque(sam_ctx, "domainFunctionality"), int);
-               if (domainFunctionality && *domainFunctionality >= DS_DOMAIN_FUNCTION_2008) {
+               if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008) {
                         server_type |= DS_SERVER_FULL_SECRET_DOMAIN_6;
                 }
         }
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c

index d9e03cec3ef10d2f7163462580c6f9c7de8d00c2..512230f63c0ec84eecea8e355596e2913ac6960a 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2705,3 +2705,19 @@ const char *samdb_cn_to_lDAPDisplayName(TALLOC_CTX *mem_ctx, const char *cn)
  
         return ret;
  }
+
+/*
+  return domain functional level
+  returns DS_DOMAIN_FUNCTION_*
+ */
+int dsdb_functional_level(struct ldb_context *ldb)
+{
+       int *domainFunctionality =
+               talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
+       if (!domainFunctionality) {
+               DEBUG(0,(__location__ ": WARNING: domainFunctionality not setup\n"));
+               return DS_DOMAIN_FUNCTION_2000;
+       }
+       return *domainFunctionality;
+}
+
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c

index da80ee540ed698ac6510c2e7c5748a05f867794d..03cb1ff3e33ff823aa7a1522880735b3a6d9cf9c 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -141,13 +141,7 @@ static struct dom_sid *get_default_group(TALLOC_CTX *mem_ctx,
                                          struct ldb_context *ldb,
                                          struct dom_sid *dag)
  {
-       int *domainFunctionality;
-
-       domainFunctionality = talloc_get_type(
-               ldb_get_opaque(ldb, "domainFunctionality"), int);
-
-       if (*domainFunctionality
-                       && (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008)) {
+       if (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008) {
                 return dag;
         }
  
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c

index 8791db2bc4fcd4d31cf223e25f2ae5af0b9fc1c9..4d4f500e87571591ffc7b827d89079bdc8308f0d 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1025,7 +1025,6 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
         uint8_t zero16[16];
         bool do_newer_keys = false;
         bool do_cleartext = false;
-       int *domainFunctionality;
  
         ZERO_STRUCT(zero16);
         ZERO_STRUCT(names);
@@ -1065,10 +1064,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
                 }
         }
         /* Per MS-SAMR 3.1.1.8.11.6 we create AES keys if our domain functionality level is 2008 or higher */
-       domainFunctionality = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
-
-       do_newer_keys = *domainFunctionality &&
-               (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008);
+       do_newer_keys = (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2008);
  
         if (io->domain->store_cleartext &&
             (io->u.user_account_control & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)) {
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c

index 661060d7552046e94040303e6ffbaa6f5e77b73c..045b507ffd9a771c94f9908e8b0b75bb43dd1add 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -322,10 +322,9 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms
                 }
         }
  
-       if (priv && do_attribute(attrs, "domainFunctionality")
-           && (val = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int))) {
+       if (priv && do_attribute(attrs, "domainFunctionality")) {
                 if (ldb_msg_add_fmt(msg, "domainFunctionality", 
-                                   "%d", *val) != 0) {
+                                   "%d", dsdb_functional_level(ldb)) != 0) {
                         goto failed;
                 }
         }
author	Andrew Tridgell <tridge@samba.org>
	Wed, 9 Dec 2009 04:18:37 +0000 (15:18 +1100)
committer	Andrew Tridgell <tridge@samba.org>
	Wed, 9 Dec 2009 07:18:26 +0000 (18:18 +1100)
source4/cldap_server/netlogon.c		patch \| blob \| history
source4/dsdb/common/util.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/descriptor.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/password_hash.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/rootdse.c		patch \| blob \| history