repl_meta_data: Explain that we do not truncate the DN at present

author Andrew Bartlett <abartlet@samba.org>

Mon, 16 Oct 2017 22:36:03 +0000 (11:36 +1300)

committer Garming Sam <garming@samba.org>

Sun, 29 Oct 2017 23:16:39 +0000 (00:16 +0100)
author Andrew Bartlett <abartlet@samba.org>
Mon, 16 Oct 2017 22:36:03 +0000 (11:36 +1300)
committer Garming Sam <garming@samba.org>
Sun, 29 Oct 2017 23:16:39 +0000 (00:16 +0100)
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c

index bdc6aee944ebb6a8e0945081abed998532edf1bc..d0cf3cd36e064a7c44c88c5338d66719b1c58e0b 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -4531,7 +4531,16 @@ static int replmd_make_prefix_child_dn(TALLOC_CTX *tmp_ctx,
                 return LDB_ERR_OPERATIONS_ERROR;
         }
  
-
+       /*
+        * TODO: Per MS-ADTS 3.1.1.5.5 Delete Operation
+        * we should truncate this value to ensure the RDN is not more than 255 chars.
+        *
+        * However we MS-ADTS 3.1.1.5.1.2 Naming Constraints indicates that:
+        *
+        * "Naming constraints are not enforced for replicated
+        * updates." so this is safe and we don't have to work out not
+        * splitting a UTF8 char right now.
+        */
         deleted_child_rdn_val = ldb_val_dup(tmp_ctx, rdn_value);
  
         /*
author	Andrew Bartlett <abartlet@samba.org>
	Mon, 16 Oct 2017 22:36:03 +0000 (11:36 +1300)
committer	Garming Sam <garming@samba.org>
	Sun, 29 Oct 2017 23:16:39 +0000 (00:16 +0100)