4 Copyright (C) Stefan Metzmacher <metze@samba.org> 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "ldb_module.h"
22 #include "dsdb/samdb/samdb.h"
24 static int resolve_oids_need_value(struct ldb_context *ldb,
25 struct dsdb_schema *schema,
26 const struct dsdb_attribute *a,
27 const struct ldb_val *valp)
29 const struct dsdb_attribute *va = NULL;
30 const struct dsdb_class *vo = NULL;
34 if (a->syntax->oMSyntax != 6) {
35 return LDB_ERR_COMPARE_FALSE;
39 p2 = memchr(valp->data, '.', valp->length);
45 return LDB_ERR_COMPARE_FALSE;
48 switch (a->attributeID_id) {
49 case DRSUAPI_ATTRIBUTE_objectClass:
50 case DRSUAPI_ATTRIBUTE_subClassOf:
51 case DRSUAPI_ATTRIBUTE_auxiliaryClass:
52 case DRSUAPI_ATTRIBUTE_systemPossSuperiors:
53 case DRSUAPI_ATTRIBUTE_possSuperiors:
54 str = talloc_strndup(ldb, (char *)valp->data, valp->length);
58 vo = dsdb_class_by_governsID_oid(schema, str);
61 return LDB_ERR_COMPARE_FALSE;
63 return LDB_ERR_COMPARE_TRUE;
64 case DRSUAPI_ATTRIBUTE_systemMustContain:
65 case DRSUAPI_ATTRIBUTE_systemMayContain:
66 case DRSUAPI_ATTRIBUTE_mustContain:
67 case DRSUAPI_ATTRIBUTE_mayContain:
68 str = talloc_strndup(ldb, (char *)valp->data, valp->length);
72 va = dsdb_attribute_by_attributeID_oid(schema, str);
75 return LDB_ERR_COMPARE_FALSE;
77 return LDB_ERR_COMPARE_TRUE;
78 case DRSUAPI_ATTRIBUTE_governsID:
79 case DRSUAPI_ATTRIBUTE_attributeID:
80 case DRSUAPI_ATTRIBUTE_attributeSyntax:
81 return LDB_ERR_COMPARE_FALSE;
84 return LDB_ERR_COMPARE_FALSE;
87 static int resolve_oids_parse_tree_need(struct ldb_context *ldb,
88 struct dsdb_schema *schema,
89 const struct ldb_parse_tree *tree)
92 const struct dsdb_attribute *a = NULL;
96 const struct ldb_val *valp = NULL;
99 switch (tree->operation) {
102 for (i=0;i<tree->u.list.num_elements;i++) {
103 ret = resolve_oids_parse_tree_need(ldb, schema,
104 tree->u.list.elements[i]);
105 if (ret != LDB_ERR_COMPARE_FALSE) {
109 return LDB_ERR_COMPARE_FALSE;
111 return resolve_oids_parse_tree_need(ldb, schema,
112 tree->u.isnot.child);
113 case LDB_OP_EQUALITY:
117 attr = tree->u.equality.attr;
118 valp = &tree->u.equality.value;
120 case LDB_OP_SUBSTRING:
121 attr = tree->u.substring.attr;
124 attr = tree->u.present.attr;
126 case LDB_OP_EXTENDED:
127 attr = tree->u.extended.attr;
128 valp = &tree->u.extended.value;
131 return LDB_ERR_COMPARE_FALSE;
134 p1 = strchr(attr, '.');
137 p2 = memchr(valp->data, '.', valp->length);
143 return LDB_ERR_COMPARE_FALSE;
147 a = dsdb_attribute_by_attributeID_oid(schema, attr);
149 a = dsdb_attribute_by_lDAPDisplayName(schema, attr);
152 return LDB_ERR_COMPARE_FALSE;
156 return LDB_ERR_COMPARE_FALSE;
159 if (a->syntax->oMSyntax != 6) {
160 return LDB_ERR_COMPARE_FALSE;
163 return resolve_oids_need_value(ldb, schema, a, valp);
166 static int resolve_oids_element_need(struct ldb_context *ldb,
167 struct dsdb_schema *schema,
168 const struct ldb_message_element *el)
171 const struct dsdb_attribute *a = NULL;
174 p1 = strchr(el->name, '.');
177 a = dsdb_attribute_by_attributeID_oid(schema, el->name);
179 a = dsdb_attribute_by_lDAPDisplayName(schema, el->name);
182 return LDB_ERR_COMPARE_FALSE;
185 for (i=0; i < el->num_values; i++) {
187 ret = resolve_oids_need_value(ldb, schema, a,
189 if (ret != LDB_ERR_COMPARE_FALSE) {
194 return LDB_ERR_COMPARE_FALSE;
197 static int resolve_oids_message_need(struct ldb_context *ldb,
198 struct dsdb_schema *schema,
199 const struct ldb_message *msg)
203 for (i=0; i < msg->num_elements; i++) {
205 ret = resolve_oids_element_need(ldb, schema,
207 if (ret != LDB_ERR_COMPARE_FALSE) {
212 return LDB_ERR_COMPARE_FALSE;
215 static int resolve_oids_replace_value(struct ldb_context *ldb,
216 struct dsdb_schema *schema,
217 const struct dsdb_attribute *a,
218 struct ldb_val *valp)
220 const struct dsdb_attribute *va = NULL;
221 const struct dsdb_class *vo = NULL;
225 if (a->syntax->oMSyntax != 6) {
230 p2 = memchr(valp->data, '.', valp->length);
239 switch (a->attributeID_id) {
240 case DRSUAPI_ATTRIBUTE_objectClass:
241 case DRSUAPI_ATTRIBUTE_subClassOf:
242 case DRSUAPI_ATTRIBUTE_auxiliaryClass:
243 case DRSUAPI_ATTRIBUTE_systemPossSuperiors:
244 case DRSUAPI_ATTRIBUTE_possSuperiors:
245 str = talloc_strndup(schema, (char *)valp->data, valp->length);
249 vo = dsdb_class_by_governsID_oid(schema, str);
254 *valp = data_blob_string_const(vo->lDAPDisplayName);
256 case DRSUAPI_ATTRIBUTE_systemMustContain:
257 case DRSUAPI_ATTRIBUTE_systemMayContain:
258 case DRSUAPI_ATTRIBUTE_mustContain:
259 case DRSUAPI_ATTRIBUTE_mayContain:
260 str = talloc_strndup(schema, (char *)valp->data, valp->length);
264 va = dsdb_attribute_by_attributeID_oid(schema, str);
269 *valp = data_blob_string_const(va->lDAPDisplayName);
271 case DRSUAPI_ATTRIBUTE_governsID:
272 case DRSUAPI_ATTRIBUTE_attributeID:
273 case DRSUAPI_ATTRIBUTE_attributeSyntax:
280 static int resolve_oids_parse_tree_replace(struct ldb_context *ldb,
281 struct dsdb_schema *schema,
282 struct ldb_parse_tree *tree)
285 const struct dsdb_attribute *a = NULL;
289 struct ldb_val *valp = NULL;
292 switch (tree->operation) {
295 for (i=0;i<tree->u.list.num_elements;i++) {
296 ret = resolve_oids_parse_tree_replace(ldb, schema,
297 tree->u.list.elements[i]);
298 if (ret != LDB_SUCCESS) {
304 return resolve_oids_parse_tree_replace(ldb, schema,
305 tree->u.isnot.child);
306 case LDB_OP_EQUALITY:
310 attrp = &tree->u.equality.attr;
311 valp = &tree->u.equality.value;
313 case LDB_OP_SUBSTRING:
314 attrp = &tree->u.substring.attr;
317 attrp = &tree->u.present.attr;
319 case LDB_OP_EXTENDED:
320 attrp = &tree->u.extended.attr;
321 valp = &tree->u.extended.value;
327 p1 = strchr(*attrp, '.');
330 p2 = memchr(valp->data, '.', valp->length);
340 a = dsdb_attribute_by_attributeID_oid(schema, *attrp);
342 a = dsdb_attribute_by_lDAPDisplayName(schema, *attrp);
348 *attrp = a->lDAPDisplayName;
354 if (a->syntax->oMSyntax != 6) {
358 return resolve_oids_replace_value(ldb, schema, a, valp);
361 static int resolve_oids_element_replace(struct ldb_context *ldb,
362 struct dsdb_schema *schema,
363 struct ldb_message_element *el)
366 const struct dsdb_attribute *a = NULL;
369 p1 = strchr(el->name, '.');
372 a = dsdb_attribute_by_attributeID_oid(schema, el->name);
374 a = dsdb_attribute_by_lDAPDisplayName(schema, el->name);
380 el->name = a->lDAPDisplayName;
382 for (i=0; i < el->num_values; i++) {
384 ret = resolve_oids_replace_value(ldb, schema, a,
386 if (ret != LDB_SUCCESS) {
394 static int resolve_oids_message_replace(struct ldb_context *ldb,
395 struct dsdb_schema *schema,
396 struct ldb_message *msg)
400 for (i=0; i < msg->num_elements; i++) {
402 ret = resolve_oids_element_replace(ldb, schema,
404 if (ret != LDB_SUCCESS) {
412 struct resolve_oids_context {
413 struct ldb_module *module;
414 struct ldb_request *req;
417 static int resolve_oids_callback(struct ldb_request *req, struct ldb_reply *ares)
419 struct ldb_context *ldb;
420 struct resolve_oids_context *ac;
422 ac = talloc_get_type_abort(req->context, struct resolve_oids_context);
423 ldb = ldb_module_get_ctx(ac->module);
426 return ldb_module_done(ac->req, NULL, NULL,
427 LDB_ERR_OPERATIONS_ERROR);
429 if (ares->error != LDB_SUCCESS) {
430 return ldb_module_done(ac->req, ares->controls,
431 ares->response, ares->error);
434 switch (ares->type) {
435 case LDB_REPLY_ENTRY:
436 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
438 case LDB_REPLY_REFERRAL:
439 return ldb_module_send_referral(ac->req, ares->referral);
442 return ldb_module_done(ac->req, ares->controls,
443 ares->response, LDB_SUCCESS);
449 static int resolve_oids_search(struct ldb_module *module, struct ldb_request *req)
451 struct ldb_context *ldb;
452 struct dsdb_schema *schema;
453 struct ldb_parse_tree *tree;
454 struct ldb_request *down_req;
455 struct resolve_oids_context *ac;
458 const char * const *attrs1;
462 ldb = ldb_module_get_ctx(module);
463 schema = dsdb_get_schema(ldb, NULL);
466 return ldb_next_request(module, req);
469 /* do not manipulate our control entries */
470 if (ldb_dn_is_special(req->op.search.base)) {
471 return ldb_next_request(module, req);
474 ret = resolve_oids_parse_tree_need(ldb, schema,
475 req->op.search.tree);
476 if (ret == LDB_ERR_COMPARE_TRUE) {
478 } else if (ret != LDB_ERR_COMPARE_FALSE) {
482 attrs1 = req->op.search.attrs;
484 for (i=0; attrs1 && attrs1[i]; i++) {
486 const struct dsdb_attribute *a;
488 p = strchr(attrs1[i], '.');
493 a = dsdb_attribute_by_attributeID_oid(schema, attrs1[i]);
503 return ldb_next_request(module, req);
506 ac = talloc(req, struct resolve_oids_context);
513 tree = ldb_parse_tree_copy_shallow(ac, req->op.search.tree);
518 schema = talloc_reference(tree, schema);
523 ret = resolve_oids_parse_tree_replace(ldb, schema,
525 if (ret != LDB_SUCCESS) {
529 attrs2 = str_list_copy_const(ac,
530 discard_const_p(const char *, req->op.search.attrs));
531 if (req->op.search.attrs && !attrs2) {
535 for (i=0; attrs2 && attrs2[i]; i++) {
537 const struct dsdb_attribute *a;
539 p = strchr(attrs2[i], '.');
544 a = dsdb_attribute_by_attributeID_oid(schema, attrs2[i]);
549 attrs2[i] = a->lDAPDisplayName;
552 ret = ldb_build_search_req_ex(&down_req, ldb, ac,
554 req->op.search.scope,
558 ac, resolve_oids_callback,
560 LDB_REQ_SET_LOCATION(down_req);
561 if (ret != LDB_SUCCESS) {
565 /* go on with the call chain */
566 return ldb_next_request(module, down_req);
569 static int resolve_oids_add(struct ldb_module *module, struct ldb_request *req)
571 struct ldb_context *ldb;
572 struct dsdb_schema *schema;
574 struct ldb_message *msg;
575 struct ldb_request *down_req;
576 struct resolve_oids_context *ac;
578 ldb = ldb_module_get_ctx(module);
579 schema = dsdb_get_schema(ldb, NULL);
582 return ldb_next_request(module, req);
585 /* do not manipulate our control entries */
586 if (ldb_dn_is_special(req->op.add.message->dn)) {
587 return ldb_next_request(module, req);
590 ret = resolve_oids_message_need(ldb, schema,
591 req->op.add.message);
592 if (ret == LDB_ERR_COMPARE_FALSE) {
593 return ldb_next_request(module, req);
594 } else if (ret != LDB_ERR_COMPARE_TRUE) {
598 ac = talloc(req, struct resolve_oids_context);
605 msg = ldb_msg_copy_shallow(ac, ac->req->op.add.message);
610 if (!talloc_reference(msg, schema)) {
614 ret = resolve_oids_message_replace(ldb, schema, msg);
615 if (ret != LDB_SUCCESS) {
619 ret = ldb_build_add_req(&down_req, ldb, ac,
622 ac, resolve_oids_callback,
624 LDB_REQ_SET_LOCATION(down_req);
625 if (ret != LDB_SUCCESS) {
629 /* go on with the call chain */
630 return ldb_next_request(module, down_req);
633 static int resolve_oids_modify(struct ldb_module *module, struct ldb_request *req)
635 struct ldb_context *ldb;
636 struct dsdb_schema *schema;
638 struct ldb_message *msg;
639 struct ldb_request *down_req;
640 struct resolve_oids_context *ac;
642 ldb = ldb_module_get_ctx(module);
643 schema = dsdb_get_schema(ldb, NULL);
646 return ldb_next_request(module, req);
649 /* do not manipulate our control entries */
650 if (ldb_dn_is_special(req->op.mod.message->dn)) {
651 return ldb_next_request(module, req);
654 ret = resolve_oids_message_need(ldb, schema,
655 req->op.mod.message);
656 if (ret == LDB_ERR_COMPARE_FALSE) {
657 return ldb_next_request(module, req);
658 } else if (ret != LDB_ERR_COMPARE_TRUE) {
662 ac = talloc(req, struct resolve_oids_context);
669 /* we have to copy the message as the caller might have it as a const */
670 msg = ldb_msg_copy_shallow(ac, req->op.mod.message);
675 if (!talloc_reference(msg, schema)) {
679 ret = resolve_oids_message_replace(ldb, schema, msg);
680 if (ret != LDB_SUCCESS) {
684 ret = ldb_build_mod_req(&down_req, ldb, ac,
687 ac, resolve_oids_callback,
689 LDB_REQ_SET_LOCATION(down_req);
690 if (ret != LDB_SUCCESS) {
694 /* go on with the call chain */
695 return ldb_next_request(module, down_req);
698 _PUBLIC_ const struct ldb_module_ops ldb_resolve_oids_module_ops = {
699 .name = "resolve_oids",
700 .search = resolve_oids_search,
701 .add = resolve_oids_add,
702 .modify = resolve_oids_modify,