From a73a0372f9fec93c9e6620859c9410ae4e702f88 Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat@matws.net>
Date: Wed, 23 Sep 2009 13:34:58 +0400
Subject: [PATCH] s4-ldb: Add new relax controls that allow relaxed x500
 constraints checks

---
 source4/lib/ldb/common/ldb_controls.c | 27 +++++++++++++++++++++++++++
 source4/lib/ldb/include/ldb.h         |  8 ++++++++
 2 files changed, 35 insertions(+)

diff --git a/source4/lib/ldb/common/ldb_controls.c b/source4/lib/ldb/common/ldb_controls.c
index b38373ec12f..32b2c0f66df 100644
--- a/source4/lib/ldb/common/ldb_controls.c
+++ b/source4/lib/ldb/common/ldb_controls.c
@@ -407,6 +407,33 @@ struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, void *me
 			continue;
 		}
 
+		if (strncmp(control_strings[i], "relax:", 6) == 0) {
+			const char *p;
+			int crit, ret;
+
+			p = &(control_strings[i][6]);
+			ret = sscanf(p, "%d", &crit);
+			if ((ret != 1) || (crit < 0) || (crit > 1)) {
+				error_string = talloc_asprintf(mem_ctx, "invalid relax control syntax\n");
+				error_string = talloc_asprintf_append(error_string, " syntax: crit(b)\n");
+				error_string = talloc_asprintf_append(error_string, "   note: b = boolean");
+				ldb_set_errstring(ldb, error_string);
+				talloc_free(error_string);
+				return NULL;
+			}
+
+			ctrl[i] = talloc(ctrl, struct ldb_control);
+			if (!ctrl[i]) {
+				ldb_oom(ldb);
+				return NULL;
+			}
+			ctrl[i]->oid = LDB_CONTROL_RELAX_OID;
+			ctrl[i]->critical = crit;
+			ctrl[i]->data = NULL;
+
+			continue;
+		}
+
 		if (strncmp(control_strings[i], "domain_scope:", 13) == 0) {
 			const char *p;
 			int crit, ret;
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 04f7ccb3f28..d4af95b394c 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -457,6 +457,14 @@ const struct ldb_dn_extended_syntax *ldb_dn_extended_syntax_by_name(struct ldb_c
 typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque);
 
 /**
+   OID for the allowing client to request temporary relaxed 
+   enforcement of constraints of the x.500 model.
+
+   \sa <a href="http://opends.dev.java.net/public/standards/draft-zeilenga-ldap-managedit.txt">draft managedit</a>.
+*/
+
+#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12"
+/**
    OID for the paged results control. This control is included in the
    searchRequest and searchResultDone messages as part of the controls
    field of the LDAPMessage, as defined in Section 4.1.12 of
-- 
2.11.4.GIT