Changeset 740 for vendor/current/source4/lib/ldb-samba
- Timestamp:
- Nov 14, 2012, 12:59:34 PM (13 years ago)
- Location:
- vendor/current/source4/lib/ldb-samba
- Files:
-
- 6 added
- 1 deleted
- 2 edited
-
config.mk (deleted)
-
ldb_ildap.c (added)
-
ldb_wrap.c (added)
-
ldb_wrap.h (added)
-
ldif_handlers.c (modified) (56 diffs)
-
ldif_handlers.h (modified) (2 diffs)
-
pyldb.c (added)
-
samba_extensions.c (added)
-
wscript_build (added)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source4/lib/ldb-samba/ldif_handlers.c
r414 r740 3 3 4 4 Copyright (C) Andrew Tridgell 2005 5 Copyright (C) Andrew Bartlett 2006-200 75 Copyright (C) Andrew Bartlett 2006-2009 6 6 Copyright (C) Matthias Dieter Wallnöfer 2009 7 7 ** NOTE! The following LGPL license applies to the ldb … … 24 24 25 25 #include "includes.h" 26 #include "lib/ldb/include/ldb.h"27 #include "lib/ldb/include/ldb_module.h"26 #include <ldb.h> 27 #include <ldb_module.h> 28 28 #include "ldb_handlers.h" 29 29 #include "dsdb/samdb/samdb.h" … … 31 31 #include "librpc/gen_ndr/ndr_misc.h" 32 32 #include "librpc/gen_ndr/ndr_drsblobs.h" 33 #include "librpc/gen_ndr/ndr_dnsp.h" 33 34 #include "librpc/ndr/libndr.h" 34 35 #include "libcli/security/security.h" 35 36 #include "param/param.h" 37 #include "../lib/util/asn1.h" 36 38 37 39 /* 38 40 use ndr_print_* to convert a NDR formatted blob to a ldif formatted blob 41 42 If mask_errors is true, then function succeeds but out data 43 is set to "<Unable to decode binary data>" message 44 45 \return 0 on success; -1 on error 39 46 */ 40 47 static int ldif_write_NDR(struct ldb_context *ldb, void *mem_ctx, … … 42 49 size_t struct_size, 43 50 ndr_pull_flags_fn_t pull_fn, 44 ndr_print_fn_t print_fn) 51 ndr_print_fn_t print_fn, 52 bool mask_errors) 45 53 { 46 54 uint8_t *p; … … 51 59 p = talloc_size(mem_ctx, struct_size); 52 60 err = ndr_pull_struct_blob(in, mem_ctx, 53 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),54 61 p, pull_fn); 55 62 if (err != NDR_ERR_SUCCESS) { 63 /* fail in not in mask_error mode */ 64 if (!mask_errors) { 65 return -1; 66 } 56 67 talloc_free(p); 57 68 out->data = (uint8_t *)talloc_strdup(mem_ctx, "<Unable to decode binary data>"); … … 80 91 return -1; 81 92 } 82 ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL,sid,93 ndr_err = ndr_push_struct_blob(out, mem_ctx, sid, 83 94 (ndr_push_flags_fn_t)ndr_push_dom_sid); 84 95 talloc_free(sid); … … 92 103 convert a NDR formatted blob to a ldif formatted objectSid 93 104 */ 94 staticint ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx,105 int ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx, 95 106 const struct ldb_val *in, struct ldb_val *out) 96 107 { … … 102 113 return -1; 103 114 } 104 ndr_err = ndr_pull_struct_blob_all(in, sid, NULL,sid,115 ndr_err = ndr_pull_struct_blob_all(in, sid, sid, 105 116 (ndr_pull_flags_fn_t)ndr_pull_dom_sid); 106 117 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { … … 116 127 } 117 128 118 staticbool ldif_comparision_objectSid_isString(const struct ldb_val *v)129 bool ldif_comparision_objectSid_isString(const struct ldb_val *v) 119 130 { 120 131 if (v->length < 3) { … … 199 210 200 211 /* Check it looks like a SID */ 201 ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, NULL,&sid,212 ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, &sid, 202 213 (ndr_pull_flags_fn_t)ndr_pull_dom_sid); 203 214 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { … … 215 226 struct GUID guid; 216 227 NTSTATUS status; 217 enum ndr_err_code ndr_err;218 228 219 229 status = GUID_from_data_blob(in, &guid); … … 222 232 } 223 233 224 ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, &guid, 225 (ndr_push_flags_fn_t)ndr_push_GUID); 226 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 234 status = GUID_to_ndr_blob(&guid, mem_ctx, out); 235 if (!NT_STATUS_IS_OK(status)) { 227 236 return -1; 228 237 } … … 237 246 { 238 247 struct GUID guid; 239 enum ndr_err_code ndr_err;240 ndr_err = ndr_pull_struct_blob_all(in, mem_ctx, NULL, &guid, 241 (ndr_pull_flags_fn_t)ndr_pull_GUID);242 if (!N DR_ERR_CODE_IS_SUCCESS(ndr_err)) {248 NTSTATUS status; 249 250 status = GUID_from_ndr_blob(in, &guid); 251 if (!NT_STATUS_IS_OK(status)) { 243 252 return -1; 244 253 } … … 263 272 { 264 273 struct GUID guid; 265 enum ndr_err_code ndr_err; 274 NTSTATUS status; 275 266 276 if (in->length == 36 && ldif_read_objectGUID(ldb, mem_ctx, in, out) == 0) { 267 277 return 0; … … 283 293 284 294 /* Check it looks like a GUID */ 285 ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, NULL, &guid,286 (ndr_pull_flags_fn_t)ndr_pull_GUID);287 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {295 status = GUID_from_ndr_blob(out, &guid); 296 if (!NT_STATUS_IS_OK(status)) { 297 data_blob_free(out); 288 298 return -1; 289 299 } … … 356 366 } 357 367 358 ndr_err = ndr_pull_struct_blob(in, sd, NULL,sd,368 ndr_err = ndr_pull_struct_blob(in, sd, sd, 359 369 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); 360 370 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 361 371 /* If this does not parse, then it is probably SDDL, and we should try it that way */ 362 372 363 373 const struct dom_sid *sid = samdb_domain_sid(ldb); 364 374 talloc_free(sd); … … 369 379 } 370 380 371 ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL,sd,381 ndr_err = ndr_push_struct_blob(out, mem_ctx, sd, 372 382 (ndr_push_flags_fn_t)ndr_push_security_descriptor); 373 383 talloc_free(sd); … … 392 402 sizeof(struct security_descriptor), 393 403 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor, 394 (ndr_print_fn_t)ndr_print_security_descriptor); 404 (ndr_print_fn_t)ndr_print_security_descriptor, 405 true); 395 406 396 407 } … … 401 412 } 402 413 /* We can't use ndr_pull_struct_blob_all because this contains relative pointers */ 403 ndr_err = ndr_pull_struct_blob(in, sd, NULL,sd,414 ndr_err = ndr_pull_struct_blob(in, sd, sd, 404 415 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); 405 416 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { … … 407 418 return -1; 408 419 } 409 out->data = (uint8_t *)sddl_encode(mem_ctx, sd, NULL);420 out->data = (uint8_t *)sddl_encode(mem_ctx, sd, samdb_domain_sid_cache_only(ldb)); 410 421 talloc_free(sd); 411 422 if (out->data == NULL) { … … 417 428 418 429 /* 419 canonicalise an objectCategory. We use the short form as the can noical form:430 canonicalise an objectCategory. We use the short form as the canonical form: 420 431 cn=Person,cn=Schema,cn=Configuration,<basedn> becomes 'person' 421 432 */ … … 425 436 { 426 437 struct ldb_dn *dn1 = NULL; 427 const struct dsdb_schema *schema = dsdb_get_schema(ldb );438 const struct dsdb_schema *schema = dsdb_get_schema(ldb, NULL); 428 439 const struct dsdb_class *sclass; 429 440 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); … … 477 488 const struct ldb_val *v2) 478 489 { 479 480 int ret, ret1, ret2; 481 struct ldb_val v1_canon, v2_canon; 482 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); 483 484 /* I could try and bail if tmp_ctx was NULL, but what return 485 * value would I use? 486 * 487 * It seems easier to continue on the NULL context 488 */ 489 ret1 = ldif_canonicalise_objectCategory(ldb, tmp_ctx, v1, &v1_canon); 490 ret2 = ldif_canonicalise_objectCategory(ldb, tmp_ctx, v2, &v2_canon); 491 492 if (ret1 == LDB_SUCCESS && ret2 == LDB_SUCCESS) { 493 ret = data_blob_cmp(&v1_canon, &v2_canon); 494 } else { 495 ret = data_blob_cmp(v1, v2); 496 } 497 talloc_free(tmp_ctx); 498 return ret; 490 return ldb_any_comparison(ldb, mem_ctx, ldif_canonicalise_objectCategory, 491 v1, v2); 492 } 493 494 /* 495 convert a NDR formatted blob to a ldif formatted schemaInfo 496 */ 497 static int ldif_write_schemaInfo(struct ldb_context *ldb, void *mem_ctx, 498 const struct ldb_val *in, struct ldb_val *out) 499 { 500 return ldif_write_NDR(ldb, mem_ctx, in, out, 501 sizeof(struct repsFromToBlob), 502 (ndr_pull_flags_fn_t)ndr_pull_schemaInfoBlob, 503 (ndr_print_fn_t)ndr_print_schemaInfoBlob, 504 true); 499 505 } 500 506 … … 508 514 enum ndr_err_code ndr_err; 509 515 char *string, *line, *p, *oid; 516 DATA_BLOB oid_blob; 510 517 511 518 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); … … 517 524 blob = talloc_zero(tmp_ctx, struct prefixMapBlob); 518 525 if (blob == NULL) { 519 talloc_free(blob); 520 return -1; 521 } 522 526 talloc_free(tmp_ctx); 527 return -1; 528 } 529 530 /* use the switch value to detect if this is in the binary 531 * format 532 */ 533 if (in->length >= 4 && IVAL(in->data, 0) == PREFIX_MAP_VERSION_DSDB) { 534 ndr_err = ndr_pull_struct_blob(in, tmp_ctx, blob, 535 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob); 536 if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 537 ndr_err = ndr_push_struct_blob(out, mem_ctx, 538 blob, 539 (ndr_push_flags_fn_t)ndr_push_prefixMapBlob); 540 talloc_free(tmp_ctx); 541 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 542 return -1; 543 } 544 return 0; 545 } 546 } 547 548 /* If this does not parse, then it is probably the text version, and we should try it that way */ 523 549 blob->version = PREFIX_MAP_VERSION_DSDB; 524 550 … … 540 566 } 541 567 } 542 /* allow a tra ling seperator */568 /* allow a trailing separator */ 543 569 if (line == p) { 544 570 break; … … 564 590 oid++; 565 591 566 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.oid 567 = talloc_strdup(blob->ctr.dsdb.mappings, oid); 592 if (!ber_write_partial_OID_String(blob->ctr.dsdb.mappings, &oid_blob, oid)) { 593 talloc_free(tmp_ctx); 594 return -1; 595 } 596 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.length = oid_blob.length; 597 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.binary_oid = oid_blob.data; 568 598 569 599 blob->ctr.dsdb.num_mappings++; … … 578 608 579 609 ndr_err = ndr_push_struct_blob(out, mem_ctx, 580 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),581 610 blob, 582 611 (ndr_push_flags_fn_t)ndr_push_prefixMapBlob); … … 600 629 601 630 if (ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY) { 602 return ldif_write_NDR(ldb, mem_ctx, in, out, 603 sizeof(struct prefixMapBlob), 604 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob, 605 (ndr_print_fn_t)ndr_print_prefixMapBlob); 606 631 int err; 632 /* try to decode the blob as S4 prefixMap */ 633 err = ldif_write_NDR(ldb, mem_ctx, in, out, 634 sizeof(struct prefixMapBlob), 635 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob, 636 (ndr_print_fn_t)ndr_print_prefixMapBlob, 637 false); 638 if (0 == err) { 639 return err; 640 } 641 /* try parsing it as Windows PrefixMap value */ 642 return ldif_write_NDR(ldb, mem_ctx, in, out, 643 sizeof(struct drsuapi_MSPrefixMap_Ctr), 644 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_MSPrefixMap_Ctr, 645 (ndr_print_fn_t)ndr_print_drsuapi_MSPrefixMap_Ctr, 646 true); 607 647 } 608 648 … … 612 652 } 613 653 ndr_err = ndr_pull_struct_blob_all(in, blob, 614 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),615 654 blob, 616 655 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob); 617 656 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 618 talloc_free(blob); 619 return -1; 657 goto failed; 620 658 } 621 659 if (blob->version != PREFIX_MAP_VERSION_DSDB) { 622 return -1;660 goto failed; 623 661 } 624 662 string = talloc_strdup(mem_ctx, ""); 625 663 if (string == NULL) { 626 return -1;664 goto failed; 627 665 } 628 666 629 667 for (i=0; i < blob->ctr.dsdb.num_mappings; i++) { 668 DATA_BLOB oid_blob; 669 char *partial_oid = NULL; 670 630 671 if (i > 0) { 631 672 string = talloc_asprintf_append(string, ";"); 632 673 } 674 675 oid_blob = data_blob_const(blob->ctr.dsdb.mappings[i].oid.binary_oid, 676 blob->ctr.dsdb.mappings[i].oid.length); 677 if (!ber_read_partial_OID_String(blob, oid_blob, &partial_oid)) { 678 DEBUG(0, ("ber_read_partial_OID failed on prefixMap item with id: 0x%X", 679 blob->ctr.dsdb.mappings[i].id_prefix)); 680 goto failed; 681 } 633 682 string = talloc_asprintf_append(string, "%u:%s", 634 683 blob->ctr.dsdb.mappings[i].id_prefix, 635 blob->ctr.dsdb.mappings[i].oid.oid); 684 partial_oid); 685 talloc_free(discard_const(partial_oid)); 636 686 if (string == NULL) { 637 return -1;687 goto failed; 638 688 } 639 689 } … … 642 692 *out = data_blob_string_const(string); 643 693 return 0; 694 695 failed: 696 talloc_free(blob); 697 return -1; 644 698 } 645 699 … … 673 727 const struct ldb_val *v2) 674 728 { 675 676 int ret, ret1, ret2; 677 struct ldb_val v1_canon, v2_canon; 678 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); 679 680 /* I could try and bail if tmp_ctx was NULL, but what return 681 * value would I use? 682 * 683 * It seems easier to continue on the NULL context 684 */ 685 ret1 = ldif_canonicalise_prefixMap(ldb, tmp_ctx, v1, &v1_canon); 686 ret2 = ldif_canonicalise_prefixMap(ldb, tmp_ctx, v2, &v2_canon); 687 688 if (ret1 == LDB_SUCCESS && ret2 == LDB_SUCCESS) { 689 ret = data_blob_cmp(&v1_canon, &v2_canon); 690 } else { 691 ret = data_blob_cmp(v1, v2); 692 } 693 talloc_free(tmp_ctx); 694 return ret; 729 return ldb_any_comparison(ldb, mem_ctx, ldif_canonicalise_prefixMap, 730 v1, v2); 731 } 732 733 /* length limited conversion of a ldb_val to a int32_t */ 734 static int val_to_int32(const struct ldb_val *in, int32_t *v) 735 { 736 char *end; 737 char buf[64]; 738 739 /* make sure we don't read past the end of the data */ 740 if (in->length > sizeof(buf)-1) { 741 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 742 } 743 strncpy(buf, (char *)in->data, in->length); 744 buf[in->length] = 0; 745 746 /* We've to use "strtoll" here to have the intended overflows. 747 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */ 748 *v = (int32_t) strtoll(buf, &end, 0); 749 if (*end != 0) { 750 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 751 } 752 return LDB_SUCCESS; 753 } 754 755 /* length limited conversion of a ldb_val to a int64_t */ 756 static int val_to_int64(const struct ldb_val *in, int64_t *v) 757 { 758 char *end; 759 char buf[64]; 760 761 /* make sure we don't read past the end of the data */ 762 if (in->length > sizeof(buf)-1) { 763 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 764 } 765 strncpy(buf, (char *)in->data, in->length); 766 buf[in->length] = 0; 767 768 *v = (int64_t) strtoll(buf, &end, 0); 769 if (*end != 0) { 770 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 771 } 772 return LDB_SUCCESS; 695 773 } 696 774 … … 699 777 const struct ldb_val *in, struct ldb_val *out) 700 778 { 701 char *end;702 /* We've to use "strtoll" here to have the intended overflows.703 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */ 704 int32_t i = (int32_t) strtoll((char *)in->data, &end, 0);705 if ( *end != 0) {706 return -1;779 int32_t i; 780 int ret; 781 782 ret = val_to_int32(in, &i); 783 if (ret != LDB_SUCCESS) { 784 return ret; 707 785 } 708 786 out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%d", i); 709 787 if (out->data == NULL) { 710 return -1; 788 ldb_oom(ldb); 789 return LDB_ERR_OPERATIONS_ERROR; 711 790 } 712 791 out->length = strlen((char *)out->data); … … 716 795 /* Comparison of two 32-bit integers */ 717 796 static int ldif_comparison_int32(struct ldb_context *ldb, void *mem_ctx, 718 const struct ldb_val *v1, const struct ldb_val *v2) 719 { 720 /* We've to use "strtoll" here to have the intended overflows. 721 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */ 722 return (int32_t) strtoll((char *)v1->data, NULL, 0) 723 - (int32_t) strtoll((char *)v2->data, NULL, 0); 797 const struct ldb_val *v1, const struct ldb_val *v2) 798 { 799 int32_t i1=0, i2=0; 800 val_to_int32(v1, &i1); 801 val_to_int32(v2, &i2); 802 if (i1 == i2) return 0; 803 return i1 > i2? 1 : -1; 804 } 805 806 /* Canonicalisation of two 64-bit integers */ 807 static int ldif_canonicalise_int64(struct ldb_context *ldb, void *mem_ctx, 808 const struct ldb_val *in, struct ldb_val *out) 809 { 810 int64_t i; 811 int ret; 812 813 ret = val_to_int64(in, &i); 814 if (ret != LDB_SUCCESS) { 815 return ret; 816 } 817 out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%lld", (long long)i); 818 if (out->data == NULL) { 819 ldb_oom(ldb); 820 return LDB_ERR_OPERATIONS_ERROR; 821 } 822 out->length = strlen((char *)out->data); 823 return 0; 824 } 825 826 /* Comparison of two 64-bit integers */ 827 static int ldif_comparison_int64(struct ldb_context *ldb, void *mem_ctx, 828 const struct ldb_val *v1, const struct ldb_val *v2) 829 { 830 int64_t i1=0, i2=0; 831 val_to_int64(v1, &i1); 832 val_to_int64(v2, &i2); 833 if (i1 == i2) return 0; 834 return i1 > i2? 1 : -1; 724 835 } 725 836 … … 733 844 sizeof(struct repsFromToBlob), 734 845 (ndr_pull_flags_fn_t)ndr_pull_repsFromToBlob, 735 (ndr_print_fn_t)ndr_print_repsFromToBlob); 846 (ndr_print_fn_t)ndr_print_repsFromToBlob, 847 true); 736 848 } 737 849 … … 745 857 sizeof(struct replPropertyMetaDataBlob), 746 858 (ndr_pull_flags_fn_t)ndr_pull_replPropertyMetaDataBlob, 747 (ndr_print_fn_t)ndr_print_replPropertyMetaDataBlob); 859 (ndr_print_fn_t)ndr_print_replPropertyMetaDataBlob, 860 true); 748 861 } 749 862 … … 757 870 sizeof(struct replUpToDateVectorBlob), 758 871 (ndr_pull_flags_fn_t)ndr_pull_replUpToDateVectorBlob, 759 (ndr_print_fn_t)ndr_print_replPropertyMetaDataBlob); 872 (ndr_print_fn_t)ndr_print_replUpToDateVectorBlob, 873 true); 874 } 875 876 877 /* 878 convert a NDR formatted blob to a ldif formatted dnsRecord 879 */ 880 static int ldif_write_dnsRecord(struct ldb_context *ldb, void *mem_ctx, 881 const struct ldb_val *in, struct ldb_val *out) 882 { 883 return ldif_write_NDR(ldb, mem_ctx, in, out, 884 sizeof(struct dnsp_DnssrvRpcRecord), 885 (ndr_pull_flags_fn_t)ndr_pull_dnsp_DnssrvRpcRecord, 886 (ndr_print_fn_t)ndr_print_dnsp_DnssrvRpcRecord, 887 true); 888 } 889 890 /* 891 convert a NDR formatted blob of a supplementalCredentials into text 892 */ 893 static int ldif_write_supplementalCredentialsBlob(struct ldb_context *ldb, void *mem_ctx, 894 const struct ldb_val *in, struct ldb_val *out) 895 { 896 return ldif_write_NDR(ldb, mem_ctx, in, out, 897 sizeof(struct supplementalCredentialsBlob), 898 (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob, 899 (ndr_print_fn_t)ndr_print_supplementalCredentialsBlob, 900 true); 760 901 } 761 902 … … 764 905 const struct ldb_val *in, struct ldb_val *out) 765 906 { 766 *out = data_blob_string_const(data_blob_hex_string (mem_ctx, in));907 *out = data_blob_string_const(data_blob_hex_string_lower(mem_ctx, in)); 767 908 if (!out->data) { 768 909 return -1; … … 770 911 return 0; 771 912 } 913 914 /* 915 compare two dns 916 */ 917 static int samba_ldb_dn_link_comparison(struct ldb_context *ldb, void *mem_ctx, 918 const struct ldb_val *v1, const struct ldb_val *v2) 919 { 920 struct ldb_dn *dn1 = NULL, *dn2 = NULL; 921 int ret; 922 923 if (dsdb_dn_is_deleted_val(v1)) { 924 /* If the DN is deleted, then we can't search for it */ 925 return -1; 926 } 927 928 if (dsdb_dn_is_deleted_val(v2)) { 929 /* If the DN is deleted, then we can't search for it */ 930 return -1; 931 } 932 933 dn1 = ldb_dn_from_ldb_val(mem_ctx, ldb, v1); 934 if ( ! ldb_dn_validate(dn1)) return -1; 935 936 dn2 = ldb_dn_from_ldb_val(mem_ctx, ldb, v2); 937 if ( ! ldb_dn_validate(dn2)) { 938 talloc_free(dn1); 939 return -1; 940 } 941 942 ret = ldb_dn_compare(dn1, dn2); 943 944 talloc_free(dn1); 945 talloc_free(dn2); 946 return ret; 947 } 948 949 static int samba_ldb_dn_link_canonicalise(struct ldb_context *ldb, void *mem_ctx, 950 const struct ldb_val *in, struct ldb_val *out) 951 { 952 struct ldb_dn *dn; 953 int ret = -1; 954 955 out->length = 0; 956 out->data = NULL; 957 958 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, in); 959 if ( ! ldb_dn_validate(dn)) { 960 return LDB_ERR_INVALID_DN_SYNTAX; 961 } 962 963 /* By including the RMD_FLAGS of a deleted DN, we ensure it 964 * does not casually match a not deleted DN */ 965 if (dsdb_dn_is_deleted_val(in)) { 966 out->data = (uint8_t *)talloc_asprintf(mem_ctx, 967 "<RMD_FLAGS=%u>%s", 968 dsdb_dn_val_rmd_flags(in), 969 ldb_dn_get_casefold(dn)); 970 } else { 971 out->data = (uint8_t *)ldb_dn_alloc_casefold(mem_ctx, dn); 972 } 973 974 if (out->data == NULL) { 975 goto done; 976 } 977 out->length = strlen((char *)out->data); 978 979 ret = 0; 980 981 done: 982 talloc_free(dn); 983 984 return ret; 985 } 986 987 988 /* 989 write a 64 bit 2-part range 990 */ 991 static int ldif_write_range64(struct ldb_context *ldb, void *mem_ctx, 992 const struct ldb_val *in, struct ldb_val *out) 993 { 994 int64_t v; 995 int ret; 996 ret = val_to_int64(in, &v); 997 if (ret != LDB_SUCCESS) { 998 return ret; 999 } 1000 out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%lu-%lu", 1001 (unsigned long)(v&0xFFFFFFFF), 1002 (unsigned long)(v>>32)); 1003 if (out->data == NULL) { 1004 ldb_oom(ldb); 1005 return LDB_ERR_OPERATIONS_ERROR; 1006 } 1007 out->length = strlen((char *)out->data); 1008 return LDB_SUCCESS; 1009 } 1010 1011 /* 1012 read a 64 bit 2-part range 1013 */ 1014 static int ldif_read_range64(struct ldb_context *ldb, void *mem_ctx, 1015 const struct ldb_val *in, struct ldb_val *out) 1016 { 1017 unsigned long high, low; 1018 char buf[64]; 1019 1020 if (memchr(in->data, '-', in->length) == NULL) { 1021 return ldb_handler_copy(ldb, mem_ctx, in, out); 1022 } 1023 1024 if (in->length > sizeof(buf)-1) { 1025 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 1026 } 1027 strncpy(buf, (const char *)in->data, in->length); 1028 buf[in->length] = 0; 1029 1030 if (sscanf(buf, "%lu-%lu", &low, &high) != 2) { 1031 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; 1032 } 1033 1034 out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%llu", 1035 (unsigned long long)(((uint64_t)high)<<32) | (low)); 1036 1037 if (out->data == NULL) { 1038 ldb_oom(ldb); 1039 return LDB_ERR_OPERATIONS_ERROR; 1040 } 1041 out->length = strlen((char *)out->data); 1042 return LDB_SUCCESS; 1043 } 1044 1045 /* 1046 when this operator_fn is set for a syntax, the backend calls is in 1047 preference to the comparison function. We are told the exact 1048 comparison operation that is needed, and we can return errors 1049 */ 1050 static int samba_syntax_operator_fn(struct ldb_context *ldb, enum ldb_parse_op operation, 1051 const struct ldb_schema_attribute *a, 1052 const struct ldb_val *v1, const struct ldb_val *v2, bool *matched) 1053 { 1054 switch (operation) { 1055 case LDB_OP_AND: 1056 case LDB_OP_OR: 1057 case LDB_OP_NOT: 1058 case LDB_OP_SUBSTRING: 1059 case LDB_OP_APPROX: 1060 case LDB_OP_EXTENDED: 1061 /* handled in the backends */ 1062 return LDB_ERR_INAPPROPRIATE_MATCHING; 1063 1064 case LDB_OP_GREATER: 1065 case LDB_OP_LESS: 1066 case LDB_OP_EQUALITY: 1067 { 1068 TALLOC_CTX *tmp_ctx = talloc_new(ldb); 1069 int ret; 1070 if (tmp_ctx == NULL) { 1071 return ldb_oom(ldb); 1072 } 1073 ret = a->syntax->comparison_fn(ldb, tmp_ctx, v1, v2); 1074 talloc_free(tmp_ctx); 1075 if (operation == LDB_OP_GREATER) { 1076 *matched = (ret > 0); 1077 } else if (operation == LDB_OP_LESS) { 1078 *matched = (ret < 0); 1079 } else { 1080 *matched = (ret == 0); 1081 } 1082 return LDB_SUCCESS; 1083 } 1084 1085 case LDB_OP_PRESENT: 1086 *matched = true; 1087 return LDB_SUCCESS; 1088 } 1089 1090 /* we shouldn't get here */ 1091 return LDB_ERR_INAPPROPRIATE_MATCHING; 1092 } 1093 1094 /* 1095 special operation for DNs, to take account of the RMD_FLAGS deleted bit 1096 */ 1097 static int samba_syntax_operator_dn(struct ldb_context *ldb, enum ldb_parse_op operation, 1098 const struct ldb_schema_attribute *a, 1099 const struct ldb_val *v1, const struct ldb_val *v2, bool *matched) 1100 { 1101 if (operation == LDB_OP_PRESENT && dsdb_dn_is_deleted_val(v1)) { 1102 /* If the DN is deleted, then we can't search for it */ 1103 *matched = false; 1104 return LDB_SUCCESS; 1105 } 1106 return samba_syntax_operator_fn(ldb, operation, a, v1, v2, matched); 1107 } 1108 772 1109 773 1110 static const struct ldb_schema_syntax samba_syntaxes[] = { … … 777 1114 .ldif_write_fn = ldif_write_objectSid, 778 1115 .canonicalise_fn = ldif_canonicalise_objectSid, 779 .comparison_fn = ldif_comparison_objectSid 1116 .comparison_fn = ldif_comparison_objectSid, 1117 .operator_fn = samba_syntax_operator_fn 780 1118 },{ 781 1119 .name = LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR, … … 783 1121 .ldif_write_fn = ldif_write_ntSecurityDescriptor, 784 1122 .canonicalise_fn = ldb_handler_copy, 785 .comparison_fn = ldb_comparison_binary 1123 .comparison_fn = ldb_comparison_binary, 1124 .operator_fn = samba_syntax_operator_fn 786 1125 },{ 787 1126 .name = LDB_SYNTAX_SAMBA_GUID, … … 789 1128 .ldif_write_fn = ldif_write_objectGUID, 790 1129 .canonicalise_fn = ldif_canonicalise_objectGUID, 791 .comparison_fn = ldif_comparison_objectGUID 1130 .comparison_fn = ldif_comparison_objectGUID, 1131 .operator_fn = samba_syntax_operator_fn 792 1132 },{ 793 1133 .name = LDB_SYNTAX_SAMBA_OBJECT_CATEGORY, … … 795 1135 .ldif_write_fn = ldb_handler_copy, 796 1136 .canonicalise_fn = ldif_canonicalise_objectCategory, 797 .comparison_fn = ldif_comparison_objectCategory 1137 .comparison_fn = ldif_comparison_objectCategory, 1138 .operator_fn = samba_syntax_operator_fn 1139 },{ 1140 .name = LDB_SYNTAX_SAMBA_SCHEMAINFO, 1141 .ldif_read_fn = ldb_handler_copy, 1142 .ldif_write_fn = ldif_write_schemaInfo, 1143 .canonicalise_fn = ldb_handler_copy, 1144 .comparison_fn = ldb_comparison_binary, 1145 .operator_fn = samba_syntax_operator_fn 798 1146 },{ 799 1147 .name = LDB_SYNTAX_SAMBA_PREFIX_MAP, … … 801 1149 .ldif_write_fn = ldif_write_prefixMap, 802 1150 .canonicalise_fn = ldif_canonicalise_prefixMap, 803 .comparison_fn = ldif_comparison_prefixMap 1151 .comparison_fn = ldif_comparison_prefixMap, 1152 .operator_fn = samba_syntax_operator_fn 804 1153 },{ 805 1154 .name = LDB_SYNTAX_SAMBA_INT32, … … 807 1156 .ldif_write_fn = ldb_handler_copy, 808 1157 .canonicalise_fn = ldif_canonicalise_int32, 809 .comparison_fn = ldif_comparison_int32 1158 .comparison_fn = ldif_comparison_int32, 1159 .operator_fn = samba_syntax_operator_fn 810 1160 },{ 811 1161 .name = LDB_SYNTAX_SAMBA_REPSFROMTO, … … 813 1163 .ldif_write_fn = ldif_write_repsFromTo, 814 1164 .canonicalise_fn = ldb_handler_copy, 815 .comparison_fn = ldb_comparison_binary 1165 .comparison_fn = ldb_comparison_binary, 1166 .operator_fn = samba_syntax_operator_fn 816 1167 },{ 817 1168 .name = LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA, … … 819 1170 .ldif_write_fn = ldif_write_replPropertyMetaData, 820 1171 .canonicalise_fn = ldb_handler_copy, 821 .comparison_fn = ldb_comparison_binary 1172 .comparison_fn = ldb_comparison_binary, 1173 .operator_fn = samba_syntax_operator_fn 822 1174 },{ 823 1175 .name = LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR, … … 825 1177 .ldif_write_fn = ldif_write_replUpToDateVector, 826 1178 .canonicalise_fn = ldb_handler_copy, 827 .comparison_fn = ldb_comparison_binary 828 }, 1179 .comparison_fn = ldb_comparison_binary, 1180 .operator_fn = samba_syntax_operator_fn 1181 },{ 1182 .name = DSDB_SYNTAX_BINARY_DN, 1183 .ldif_read_fn = ldb_handler_copy, 1184 .ldif_write_fn = ldb_handler_copy, 1185 .canonicalise_fn = dsdb_dn_binary_canonicalise, 1186 .comparison_fn = dsdb_dn_binary_comparison, 1187 .operator_fn = samba_syntax_operator_fn 1188 },{ 1189 .name = DSDB_SYNTAX_STRING_DN, 1190 .ldif_read_fn = ldb_handler_copy, 1191 .ldif_write_fn = ldb_handler_copy, 1192 .canonicalise_fn = dsdb_dn_string_canonicalise, 1193 .comparison_fn = dsdb_dn_string_comparison, 1194 .operator_fn = samba_syntax_operator_fn 1195 },{ 1196 .name = LDB_SYNTAX_DN, 1197 .ldif_read_fn = ldb_handler_copy, 1198 .ldif_write_fn = ldb_handler_copy, 1199 .canonicalise_fn = samba_ldb_dn_link_canonicalise, 1200 .comparison_fn = samba_ldb_dn_link_comparison, 1201 .operator_fn = samba_syntax_operator_dn 1202 },{ 1203 .name = LDB_SYNTAX_SAMBA_RANGE64, 1204 .ldif_read_fn = ldif_read_range64, 1205 .ldif_write_fn = ldif_write_range64, 1206 .canonicalise_fn = ldif_canonicalise_int64, 1207 .comparison_fn = ldif_comparison_int64, 1208 .operator_fn = samba_syntax_operator_fn 1209 },{ 1210 .name = LDB_SYNTAX_SAMBA_DNSRECORD, 1211 .ldif_read_fn = ldb_handler_copy, 1212 .ldif_write_fn = ldif_write_dnsRecord, 1213 .canonicalise_fn = ldb_handler_copy, 1214 .comparison_fn = ldb_comparison_binary, 1215 .operator_fn = samba_syntax_operator_fn 1216 },{ 1217 .name = LDB_SYNTAX_SAMBA_SUPPLEMENTALCREDENTIALS, 1218 .ldif_read_fn = ldb_handler_copy, 1219 .ldif_write_fn = ldif_write_supplementalCredentialsBlob, 1220 .canonicalise_fn = ldb_handler_copy, 1221 .comparison_fn = ldb_comparison_binary, 1222 .operator_fn = samba_syntax_operator_fn 1223 } 829 1224 }; 830 1225 … … 842 1237 },{ 843 1238 .name = "WKGUID", 1239 .read_fn = ldb_handler_copy, 1240 .write_clear_fn = ldb_handler_copy, 1241 .write_hex_fn = ldb_handler_copy 1242 },{ 1243 .name = "RMD_INVOCID", 1244 .read_fn = extended_dn_read_GUID, 1245 .write_clear_fn = ldif_write_objectGUID, 1246 .write_hex_fn = extended_dn_write_hex 1247 },{ 1248 .name = "RMD_FLAGS", 1249 .read_fn = ldb_handler_copy, 1250 .write_clear_fn = ldb_handler_copy, 1251 .write_hex_fn = ldb_handler_copy 1252 },{ 1253 .name = "RMD_ADDTIME", 1254 .read_fn = ldb_handler_copy, 1255 .write_clear_fn = ldb_handler_copy, 1256 .write_hex_fn = ldb_handler_copy 1257 },{ 1258 .name = "RMD_CHANGETIME", 1259 .read_fn = ldb_handler_copy, 1260 .write_clear_fn = ldb_handler_copy, 1261 .write_hex_fn = ldb_handler_copy 1262 },{ 1263 .name = "RMD_LOCAL_USN", 1264 .read_fn = ldb_handler_copy, 1265 .write_clear_fn = ldb_handler_copy, 1266 .write_hex_fn = ldb_handler_copy 1267 },{ 1268 .name = "RMD_ORIGINATING_USN", 1269 .read_fn = ldb_handler_copy, 1270 .write_clear_fn = ldb_handler_copy, 1271 .write_hex_fn = ldb_handler_copy 1272 },{ 1273 .name = "RMD_VERSION", 844 1274 .read_fn = ldb_handler_copy, 845 1275 .write_clear_fn = ldb_handler_copy, … … 855 1285 { "objectSid", LDB_SYNTAX_SAMBA_SID }, 856 1286 { "securityIdentifier", LDB_SYNTAX_SAMBA_SID }, 1287 { "tokenGroups", LDB_SYNTAX_SAMBA_SID }, 857 1288 { "ntSecurityDescriptor", LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR }, 858 { "objectGUID", LDB_SYNTAX_SAMBA_GUID }, 859 { "invocationId", LDB_SYNTAX_SAMBA_GUID }, 860 { "schemaIDGUID", LDB_SYNTAX_SAMBA_GUID }, 861 { "attributeSecurityGUID", LDB_SYNTAX_SAMBA_GUID }, 862 { "parentGUID", LDB_SYNTAX_SAMBA_GUID }, 863 { "siteGUID", LDB_SYNTAX_SAMBA_GUID }, 864 { "pKTGUID", LDB_SYNTAX_SAMBA_GUID }, 865 { "fRSVersionGUID", LDB_SYNTAX_SAMBA_GUID }, 866 { "fRSReplicaSetGUID", LDB_SYNTAX_SAMBA_GUID }, 867 { "netbootGUID", LDB_SYNTAX_SAMBA_GUID }, 1289 { "oMSyntax", LDB_SYNTAX_SAMBA_INT32 }, 868 1290 { "objectCategory", LDB_SYNTAX_SAMBA_OBJECT_CATEGORY }, 1291 { "schemaInfo", LDB_SYNTAX_SAMBA_SCHEMAINFO }, 869 1292 { "prefixMap", LDB_SYNTAX_SAMBA_PREFIX_MAP }, 870 1293 { "repsFrom", LDB_SYNTAX_SAMBA_REPSFROMTO }, … … 872 1295 { "replPropertyMetaData", LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA }, 873 1296 { "replUpToDateVector", LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR }, 1297 { "rIDAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, 1298 { "rIDPreviousAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, 1299 { "rIDAvailablePool", LDB_SYNTAX_SAMBA_RANGE64 }, 1300 1301 /* 1302 * these are extracted by searching 1303 * (&(attributeSyntax=2.5.5.10)(rangeLower=16)(rangeUpper=16)(omSyntax=4)) 1304 */ 1305 { "attributeSecurityGUID", LDB_SYNTAX_SAMBA_GUID }, 1306 { "categoryId", LDB_SYNTAX_SAMBA_GUID }, 1307 { "controlAccessRights", LDB_SYNTAX_SAMBA_GUID }, 1308 { "currMachineId", LDB_SYNTAX_SAMBA_GUID }, 1309 { "fRSReplicaSetGUID", LDB_SYNTAX_SAMBA_GUID }, 1310 { "fRSVersionGUID", LDB_SYNTAX_SAMBA_GUID }, 1311 { "implementedCategories", LDB_SYNTAX_SAMBA_GUID }, 1312 { "msDS-AzObjectGuid", LDB_SYNTAX_SAMBA_GUID }, 1313 { "msDFSR-ContentSetGuid", LDB_SYNTAX_SAMBA_GUID }, 1314 { "msDFSR-ReplicationGroupGuid", LDB_SYNTAX_SAMBA_GUID }, 1315 { "mSMQDigests", LDB_SYNTAX_SAMBA_GUID }, 1316 { "mSMQOwnerID", LDB_SYNTAX_SAMBA_GUID }, 1317 { "mSMQQMID", LDB_SYNTAX_SAMBA_GUID }, 1318 { "mSMQQueueType", LDB_SYNTAX_SAMBA_GUID }, 1319 { "mSMQSites", LDB_SYNTAX_SAMBA_GUID }, 1320 { "netbootGUID", LDB_SYNTAX_SAMBA_GUID }, 1321 { "objectGUID", LDB_SYNTAX_SAMBA_GUID }, 1322 { "pKTGuid", LDB_SYNTAX_SAMBA_GUID }, 1323 { "requiredCategories", LDB_SYNTAX_SAMBA_GUID }, 1324 { "schemaIDGUID", LDB_SYNTAX_SAMBA_GUID }, 1325 { "siteGUID", LDB_SYNTAX_SAMBA_GUID }, 1326 { "msDFS-GenerationGUIDv2", LDB_SYNTAX_SAMBA_GUID }, 1327 { "msDFS-LinkIdentityGUIDv2", LDB_SYNTAX_SAMBA_GUID }, 1328 { "msDFS-NamespaceIdentityGUIDv2", LDB_SYNTAX_SAMBA_GUID }, 1329 1330 /* 1331 * these are known to be GUIDs 1332 */ 1333 { "invocationId", LDB_SYNTAX_SAMBA_GUID }, 1334 { "parentGUID", LDB_SYNTAX_SAMBA_GUID }, 1335 { "msDS-OptionalFeatureGUID", LDB_SYNTAX_SAMBA_GUID }, 1336 1337 /* These NDR encoded things we want to be able to read with --show-binary */ 1338 { "dnsRecord", LDB_SYNTAX_SAMBA_DNSRECORD }, 1339 { "supplementalCredentials", LDB_SYNTAX_SAMBA_SUPPLEMENTALCREDENTIALS} 874 1340 }; 875 1341 876 1342 const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name) 877 1343 { 878 u int32_t j;1344 unsigned int j; 879 1345 const struct ldb_schema_syntax *s = NULL; 880 1346 … … 890 1356 const struct ldb_schema_syntax *ldb_samba_syntax_by_lDAPDisplayName(struct ldb_context *ldb, const char *name) 891 1357 { 892 u int32_t j;1358 unsigned int j; 893 1359 const struct ldb_schema_syntax *s = NULL; 894 1360 … … 908 1374 int ldb_register_samba_handlers(struct ldb_context *ldb) 909 1375 { 910 uint32_t i; 1376 unsigned int i; 1377 int ret; 1378 1379 if (ldb_get_opaque(ldb, "SAMBA_HANDLERS_REGISTERED") != NULL) { 1380 return LDB_SUCCESS; 1381 } 911 1382 912 1383 for (i=0; i < ARRAY_SIZE(samba_attributes); i++) { 913 int ret;914 1384 const struct ldb_schema_syntax *s = NULL; 915 1385 … … 921 1391 922 1392 if (!s) { 923 return -1;1393 return LDB_ERR_OPERATIONS_ERROR; 924 1394 } 925 1395 … … 931 1401 932 1402 for (i=0; i < ARRAY_SIZE(samba_dn_syntax); i++) { 933 int ret;934 1403 ret = ldb_dn_extended_add_syntax(ldb, LDB_ATTR_FLAG_FIXED, &samba_dn_syntax[i]); 935 1404 if (ret != LDB_SUCCESS) { … … 937 1406 } 938 1407 939 1408 } 1409 1410 ret = ldb_set_opaque(ldb, "SAMBA_HANDLERS_REGISTERED", (void*)1); 1411 if (ret != LDB_SUCCESS) { 1412 return ret; 940 1413 } 941 1414 -
vendor/current/source4/lib/ldb-samba/ldif_handlers.h
r414 r740 6 6 #define LDB_SYNTAX_SAMBA_GUID "LDB_SYNTAX_SAMBA_GUID" 7 7 #define LDB_SYNTAX_SAMBA_OBJECT_CATEGORY "LDB_SYNTAX_SAMBA_OBJECT_CATEGORY" 8 #define LDB_SYNTAX_SAMBA_SCHEMAINFO "LDB_SYNTAX_SAMBA_SCHEMAINFO" 8 9 #define LDB_SYNTAX_SAMBA_PREFIX_MAP "LDB_SYNTAX_SAMBA_PREFIX_MAP" 9 10 #define LDB_SYNTAX_SAMBA_INT32 "LDB_SYNTAX_SAMBA_INT32" … … 11 12 #define LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA "LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA" 12 13 #define LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR "LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR" 13 14 #define LDB_SYNTAX_SAMBA_RANGE64 "LDB_SYNTAX_SAMBA_RANGE64" 15 #define LDB_SYNTAX_SAMBA_DNSRECORD "LDB_SYNTAX_SAMBA_DNSRECORD" 16 #define LDB_SYNTAX_SAMBA_SUPPLEMENTALCREDENTIALS "LDB_SYNTAX_SAMBA_SUPPLEMENTALCREDENTIALS" 14 17 #include "lib/ldb-samba/ldif_handlers_proto.h" 15 18
Note:
See TracChangeset
for help on using the changeset viewer.
