Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002
Copyright (C) Guenther Deschner 2005
Copyright (C) Gerald Carter 2006
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "lib/ldb/include/includes.h"
+#include "lib/ldb/include/ldb.h"
#ifdef HAVE_LDAP
if (gotalarm != 0)
return LDAP_TIMELIMIT_EXCEEDED;
+ /*
+ * A bug in OpenLDAP means ldap_search_ext_s can return
+ * LDAP_SUCCESS but with a NULL res pointer. Cope with
+ * this. See bug #6279 for details. JRA.
+ */
+
+ if (*res == NULL) {
+ return LDAP_TIMELIMIT_EXCEEDED;
+ }
+
return result;
}
{
char *srv;
struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply;
- TALLOC_CTX *mem_ctx = NULL;
+ TALLOC_CTX *frame = talloc_stackframe();
bool ret = false;
if (!server || !*server) {
+ TALLOC_FREE(frame);
return False;
}
-
- DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n",
- server, ads->server.realm));
- mem_ctx = talloc_init("ads_try_connect");
- if (!mem_ctx) {
- DEBUG(0,("out of memory\n"));
+ if (!is_ipaddress(server)) {
+ struct sockaddr_storage ss;
+ char addr[INET6_ADDRSTRLEN];
+
+ if (!resolve_name(server, &ss, 0x20, true)) {
+ DEBUG(5,("ads_try_connect: unable to resolve name %s\n",
+ server ));
+ TALLOC_FREE(frame);
+ return false;
+ }
+ print_sockaddr(addr, sizeof(addr), &ss);
+ srv = talloc_strdup(frame, addr);
+ } else {
+ /* this copes with inet_ntoa brokenness */
+ srv = talloc_strdup(frame, server);
+ }
+
+ if (!srv) {
+ TALLOC_FREE(frame);
return false;
}
- /* this copes with inet_ntoa brokenness */
-
- srv = SMB_STRDUP(server);
+ DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n",
+ srv, ads->server.realm));
ZERO_STRUCT( cldap_reply );
- if ( !ads_cldap_netlogon_5(mem_ctx, srv, ads->server.realm, &cldap_reply ) ) {
+ if ( !ads_cldap_netlogon_5(frame, srv, ads->server.realm, &cldap_reply ) ) {
DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", srv));
ret = false;
goto out;
sitename_store( cldap_reply.dns_domain, cldap_reply.client_site);
ret = true;
+
out:
- SAFE_FREE(srv);
- TALLOC_FREE(mem_ctx);
+ TALLOC_FREE(frame);
return ret;
}
SAFE_FREE(sitename);
return NT_STATUS_OK;
}
-
+
/* keep track of failures */
add_failed_connection_entry( realm, server, NT_STATUS_UNSUCCESSFUL );
}
#endif
/* If the caller() requested no LDAP bind, then we are done */
-
+
if (ads->auth.flags & ADS_AUTH_NO_BIND) {
status = ADS_SUCCESS;
goto out;
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
goto out;
}
-
+
/* Otherwise setup the TCP LDAP session */
ads->ldap.ld = ldap_open_with_timeout(ads->config.ldap_server_name,
ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
- status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version));
- if (!ADS_ERR_OK(status)) {
- goto out;
+ if ( lp_ldap_ssl_ads() ) {
+ status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version));
+ if (!ADS_ERR_OK(status)) {
+ goto out;
+ }
}
/* fill in the current time and offsets */
-
+
status = ads_current_time( ads );
if ( !ADS_ERR_OK(status) ) {
goto out;
}
/* Now do the bind */
-
+
if (ads->auth.flags & ADS_AUTH_ANON_BIND) {
status = ADS_ERROR(ldap_simple_bind_s(ads->ldap.ld, NULL, NULL));
goto out;
{
struct berval **values;
int i;
-
+
if (!in_vals) return NULL;
for (i=0; in_vals[i]; i++)
; /* count values */
char **values;
int i;
size_t converted_size;
-
+
if (!in_vals) return NULL;
for (i=0; in_vals[i]; i++)
; /* count values */
goto done;
}
}
-
+
/* Paged results only available on ldap v3 or later */
ldap_get_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (version < LDAP_VERSION3) {
cookie_be = ber_alloc_t(LBER_USE_DER);
if (*cookie) {
- ber_printf(cookie_be, "{iO}", (ber_int_t) 1000, *cookie);
+ ber_printf(cookie_be, "{iO}", (ber_int_t) ads->config.ldap_page_size, *cookie);
ber_bvfree(*cookie); /* don't need it from last time */
*cookie = NULL;
} else {
- ber_printf(cookie_be, "{io}", (ber_int_t) 1000, "", 0);
+ ber_printf(cookie_be, "{io}", (ber_int_t) ads->config.ldap_page_size, "", 0);
}
ber_flatten(cookie_be, &cookie_bv);
PagedResults.ldctl_oid = CONST_DISCARD(char *, ADS_PAGE_CTL_OID);
handle them and paged results at the same time. Using them
together results in the result record containing the server
page control being removed from the result list (tridge/jmcd)
-
+
leaving this in despite the control that says don't generate
referrals, in case the server doesn't support it (jmcd)
*/
if (ext_bv) {
ber_bvfree(ext_bv);
}
-
+
/* if/when we decide to utf8-encode attrs, take out this next line */
TALLOC_FREE(search_attrs);
&res, &count, &cookie);
if (!ADS_ERR_OK(status)) break;
-
+
ads_process_results(ads, res, fn, data_area);
ads_msgfree(ads, res);
}
ldap_msgfree(msg);
}
-/**
- * Free up memory from various ads requests
- * @param ads connection to ads server
- * @param mem Area to free
- **/
-void ads_memfree(ADS_STRUCT *ads, void *mem)
-{
- SAFE_FREE(mem);
-}
-
/**
* Get a dn from search results
* @param ads connection to ads server
* @param msg Search result
* @return dn string
**/
- char *ads_get_dn(ADS_STRUCT *ads, LDAPMessage *msg)
+ char *ads_get_dn(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg)
{
char *utf8_dn, *unix_dn;
size_t converted_size;
return NULL;
}
- if (!pull_utf8_allocate(&unix_dn, utf8_dn, &converted_size)) {
+ if (!pull_utf8_talloc(mem_ctx, &unix_dn, utf8_dn, &converted_size)) {
DEBUG(0,("ads_get_dn: string conversion failure utf8 [%s]\n",
utf8_dn ));
return NULL;
DEBUG(1, ("asprintf failed!\n"));
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
-
+
status = ads_search(ads, res, expr, attrs);
SAFE_FREE(expr);
return status;
{
#define ADS_MODLIST_ALLOC_SIZE 10
LDAPMod **mods;
-
+
if ((mods = TALLOC_ZERO_ARRAY(ctx, LDAPMod *, ADS_MODLIST_ALLOC_SIZE + 1)))
/* -1 is safety to make sure we don't go over the end.
need to reset it to NULL before doing ldap modify */
mods[ADS_MODLIST_ALLOC_SIZE] = (LDAPMod *) -1;
-
+
return (ADS_MODLIST)mods;
}
modlist[curmod+ADS_MODLIST_ALLOC_SIZE] = (LDAPMod *) -1;
*mods = (ADS_MODLIST)modlist;
}
-
+
if (!(modlist[curmod] = TALLOC_ZERO_P(ctx, LDAPMod)))
return ADS_ERROR(LDAP_NO_MEMORY);
modlist[curmod]->mod_type = talloc_strdup(ctx, name);
controls[0] = &PermitModify;
controls[1] = NULL;
- if (!push_utf8_allocate(&utf8_dn, mod_dn, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, mod_dn, &converted_size)) {
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
mods[i] = NULL;
ret = ldap_modify_ext_s(ads->ldap.ld, utf8_dn,
(LDAPMod **) mods, controls, NULL);
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return ADS_ERROR(ret);
}
char *utf8_dn = NULL;
size_t converted_size;
- if (!push_utf8_allocate(&utf8_dn, new_dn, &converted_size)) {
- DEBUG(1, ("ads_gen_add: push_utf8_allocate failed!"));
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, new_dn, &converted_size)) {
+ DEBUG(1, ("ads_gen_add: push_utf8_talloc failed!"));
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
-
+
/* find the end of the list, marked by NULL or -1 */
for(i=0;(mods[i]!=0)&&(mods[i]!=(LDAPMod *) -1);i++);
/* make sure the end of the list is NULL */
mods[i] = NULL;
ret = ldap_add_s(ads->ldap.ld, utf8_dn, (LDAPMod**)mods);
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return ADS_ERROR(ret);
}
int ret;
char *utf8_dn = NULL;
size_t converted_size;
- if (!push_utf8_allocate(&utf8_dn, del_dn, &converted_size)) {
- DEBUG(1, ("ads_del_dn: push_utf8_allocate failed!"));
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, del_dn, &converted_size)) {
+ DEBUG(1, ("ads_del_dn: push_utf8_talloc failed!"));
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
-
+
ret = ldap_delete_s(ads->ldap.ld, utf8_dn);
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return ADS_ERROR(ret);
}
/* samba4 might not yet respond to a wellknownobject-query */
return ret ? ret : SMB_STRDUP("cn=Computers");
}
-
+
if (strequal(org_unit, "Computers")) {
return SMB_STRDUP("cn=Computers");
}
}
/* substitute the bind-path from the well-known-guid-search result */
- wkn_dn = ads_get_dn(ads, res);
+ wkn_dn = ads_get_dn(ads, talloc_tos(), res);
if (!wkn_dn) {
goto out;
}
for (i=1; i < new_ln; i++) {
char *s = NULL;
-
+
if (asprintf(&s, "%s,%s", ret, wkn_dn_exp[i]) == -1) {
SAFE_FREE(ret);
goto out;
out:
SAFE_FREE(base);
ads_msgfree(ads, res);
- ads_memfree(ads, wkn_dn);
+ TALLOC_FREE(wkn_dn);
if (wkn_dn_exp) {
ldap_value_free(wkn_dn_exp);
}
return kvno;
}
- dn_string = ads_get_dn(ads, res);
+ dn_string = ads_get_dn(ads, talloc_tos(), res);
if (!dn_string) {
DEBUG(0,("ads_get_kvno: out of memory.\n"));
ads_msgfree(ads, res);
return kvno;
}
DEBUG(5,("ads_get_kvno: Using: %s\n", dn_string));
- ads_memfree(ads, dn_string);
+ TALLOC_FREE(dn_string);
/* ---------------------------------------------------------
* 0 is returned as a default KVNO from this point on...
talloc_destroy(ctx);
return ret;
}
- dn_string = ads_get_dn(ads, res);
+ dn_string = ads_get_dn(ads, talloc_tos(), res);
if (!dn_string) {
talloc_destroy(ctx);
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
}
ret = ads_gen_mod(ads, dn_string, mods);
- ads_memfree(ads,dn_string);
+ TALLOC_FREE(dn_string);
if (!ADS_ERR_OK(ret)) {
DEBUG(1,("ads_clear_service_principal_names: Error: Updating Service Principals for machine %s in LDAP\n",
machine_name));
}
/* add short name spn */
-
+
if ( (psp1 = talloc_asprintf(ctx, "%s/%s", spn, machine_name)) == NULL ) {
talloc_destroy(ctx);
ads_msgfree(ads, res);
strupper_m(psp1);
strlower_m(&psp1[strlen(spn)]);
servicePrincipalName[0] = psp1;
-
+
DEBUG(5,("ads_add_service_principal_name: INFO: Adding %s to host %s\n",
psp1, machine_name));
/* add fully qualified spn */
-
+
if ( (psp2 = talloc_asprintf(ctx, "%s/%s", spn, my_fqdn)) == NULL ) {
ret = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
ret = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
}
-
+
ret = ads_add_strlist(ctx, &mods, "servicePrincipalName", servicePrincipalName);
if (!ADS_ERR_OK(ret)) {
DEBUG(1,("ads_add_service_principal_name: Error: Updating Service Principals in LDAP\n"));
goto out;
}
-
- if ( (dn_string = ads_get_dn(ads, res)) == NULL ) {
+
+ if ( (dn_string = ads_get_dn(ads, ctx, res)) == NULL ) {
ret = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
}
-
+
ret = ads_gen_mod(ads, dn_string, mods);
- ads_memfree(ads,dn_string);
if (!ADS_ERR_OK(ret)) {
DEBUG(1,("ads_add_service_principal_name: Error: Updating Service Principals in LDAP\n"));
goto out;
uint32 acct_control = ( UF_WORKSTATION_TRUST_ACCOUNT |\
UF_DONT_EXPIRE_PASSWD |\
UF_ACCOUNTDISABLE );
-
+
if (!(ctx = talloc_init("ads_add_machine_acct")))
return ADS_ERROR(LDAP_NO_MEMORY);
if ( !new_dn || !samAccountName ) {
goto done;
}
-
+
#ifndef ENCTYPE_ARCFOUR_HMAC
acct_control |= UF_USE_DES_KEY_ONLY;
#endif
if (!(mods = ads_init_mods(ctx))) {
goto done;
}
-
+
ads_mod_str(ctx, &mods, "cn", machine_name);
ads_mod_str(ctx, &mods, "sAMAccountName", samAccountName);
ads_mod_strlist(ctx, &mods, "objectClass", objectClass);
SAFE_FREE(machine_escaped);
ads_msgfree(ads, res);
talloc_destroy(ctx);
-
+
return ret;
}
goto done;
}
- computer_dn = ads_get_dn(ads, res);
+ computer_dn = ads_get_dn(ads, talloc_tos(), res);
if (!computer_dn) {
rc = ADS_ERROR(LDAP_NO_MEMORY);
goto done;
done:
ads_msgfree(ads, res);
SAFE_FREE(filter);
- SAFE_FREE(computer_dn);
+ TALLOC_FREE(computer_dn);
SAFE_FREE(computer_rdn);
if (!ADS_ERR_OK(rc)) {
for (i=0; values[i]; i++) {
DOM_SID sid;
fstring tmp;
- sid_parse(values[i]->bv_val, values[i]->bv_len, &sid);
+ if (!sid_parse(values[i]->bv_val, values[i]->bv_len, &sid)) {
+ continue;
+ }
printf("%s: %s\n", field, sid_to_fstring(tmp, &sid));
}
}
msg = ads_next_entry(ads, msg)) {
char *utf8_field;
BerElement *b;
-
+
for (utf8_field=ldap_first_attribute(ads->ldap.ld,
(LDAPMessage *)msg,&b);
utf8_field;
values = ldap_get_values(ads->ldap.ld, msg, field);
if (!values)
return NULL;
-
+
if (values[0] && pull_utf8_talloc(mem_ctx, &ux_string, values[0],
&converted_size))
{
size_t num_new_strings;
unsigned long int range_start;
unsigned long int range_end;
-
+
/* we might have been given the whole lot anyway */
if ((strings = ads_pull_strings(ads, mem_ctx, msg, field, num_strings))) {
*more_strings = False;
*more_strings = False;
return NULL;
}
-
+
if (sscanf(&range_attr[strlen(expected_range_attrib)], "%lu-%lu",
&range_start, &range_end) == 2) {
*more_strings = True;
}
new_strings = ads_pull_strings(ads, mem_ctx, msg, range_attr, &num_new_strings);
-
+
if (*more_strings && ((*num_strings + num_new_strings) != (range_end + 1))) {
DEBUG(1, ("ads_pull_strings_range: Range attribute (%s) tells us we have %lu "
"strings in this bunch, but we only got %lu - aborting range retreival\n",
strings = TALLOC_REALLOC_ARRAY(mem_ctx, current_strings, char *,
*num_strings + num_new_strings);
-
+
if (strings == NULL) {
ldap_memfree(range_attr);
*more_strings = False;
return NULL;
}
-
+
if (new_strings && num_new_strings) {
memcpy(&strings[*num_strings], new_strings,
sizeof(*new_strings) * num_new_strings);
"%s;range=%d-*",
field,
(int)*num_strings);
-
+
if (!*next_attribute) {
DEBUG(1, ("talloc_asprintf for next attribute failed!\n"));
ldap_memfree(range_attr);
values = ldap_get_values(ads->ldap.ld, msg, "objectGUID");
if (!values)
return False;
-
+
if (values[0]) {
memcpy(&flat_guid.info, values[0], sizeof(UUID_FLAT));
smb_uuid_unpack(flat_guid, guid);
bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field,
DOM_SID *sid)
{
- struct berval **values;
- bool ret = False;
-
- values = ldap_get_values_len(ads->ldap.ld, msg, field);
-
- if (!values)
- return False;
-
- if (values[0])
- ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
-
- ldap_value_free_len(values);
- return ret;
+ return smbldap_pull_sid(ads->ldap.ld, msg, field, sid);
}
/**
count++;
}
}
-
+
ldap_value_free_len(values);
return count;
}
ret = false;
}
}
-
+
ldap_value_free_len(values);
return ret;
}
}
/* but save the time and offset in the original ADS_STRUCT */
-
+
ads->config.current_time = ads_parse_time(timestr);
if (ads->config.current_time != 0) {
ADS_STATUS status;
LDAPMessage *res;
ADS_STRUCT *ads_s = ads;
-
+
*val = DS_DOMAIN_FUNCTION_2000;
/* establish a new ldap tcp session if necessary */
/* If the attribute does not exist assume it is a Windows 2000
functional domain */
-
+
status = ads_do_search(ads_s, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res);
if (!ADS_ERR_OK(status)) {
if ( status.err.rc == LDAP_NO_SUCH_ATTRIBUTE ) {
}
DEBUG(3,("ads_domain_func_level: %d\n", *val));
-
+
ads_msgfree(ads, res);
done:
return ADS_ERROR_SYSTEM(ENOENT);
}
ads_msgfree(ads, res);
-
+
return ADS_SUCCESS;
}
return ADS_ERROR(LDAP_NO_SUCH_OBJECT);
}
- dn = ads_get_dn(ads, res);
+ dn = ads_get_dn(ads, mem_ctx, res);
if (dn == NULL) {
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
parent = ads_parent_dn(ads_parent_dn(ads_parent_dn(dn)));
if (parent == NULL) {
ads_msgfree(ads, res);
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
return ADS_ERROR(LDAP_NO_MEMORY);
}
*site_dn = talloc_strdup(mem_ctx, parent);
if (*site_dn == NULL) {
ads_msgfree(ads, res);
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return status;
char *dn = NULL;
- dn = ads_get_dn(ads, msg);
+ dn = ads_get_dn(ads, talloc_tos(), msg);
if (!dn) {
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
if (!add_string_to_array(mem_ctx, dn,
(const char ***)ous,
(int *)num_ous)) {
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
}
ads_msgfree(ads, res);
ADS_STATUS status;
int count = 0;
char *name = NULL;
-
+
status = ads_find_machine_acct(ads, &res, global_myname());
if (!ADS_ERR_OK(status)) {
DEBUG(0,("ads_get_dnshostname: Failed to find account for %s\n",
global_myname()));
goto out;
}
-
+
if ( (count = ads_count_replies(ads, res)) != 1 ) {
DEBUG(1,("ads_get_dnshostname: %d entries returned!\n", count));
goto out;
}
-
+
if ( (name = ads_pull_string(ads, ctx, res, "dNSHostName")) == NULL ) {
DEBUG(0,("ads_get_dnshostname: No dNSHostName attribute!\n"));
}
out:
ads_msgfree(ads, res);
-
+
return name;
}
ADS_STATUS status;
int count = 0;
char *name = NULL;
-
+
status = ads_find_machine_acct(ads, &res, global_myname());
if (!ADS_ERR_OK(status)) {
DEBUG(0,("ads_get_dnshostname: Failed to find account for %s\n",
global_myname()));
goto out;
}
-
+
if ( (count = ads_count_replies(ads, res)) != 1 ) {
DEBUG(1,("ads_get_dnshostname: %d entries returned!\n", count));
goto out;
}
-
+
if ( (name = ads_pull_string(ads, ctx, res, "sAMAccountName")) == NULL ) {
DEBUG(0,("ads_get_dnshostname: No sAMAccountName attribute!\n"));
}
out:
ads_msgfree(ads, res);
-
+
return name;
}
return ADS_ERROR_SYSTEM(ENOENT);
}
- hostnameDN = ads_get_dn(ads, (LDAPMessage *)msg);
+ hostnameDN = ads_get_dn(ads, talloc_tos(), (LDAPMessage *)msg);
rc = ldap_delete_ext_s(ads->ldap.ld, hostnameDN, pldap_control, NULL);
if (rc) {
if (!ADS_ERR_OK(status)) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
char *dn = NULL;
- if ((dn = ads_get_dn(ads, msg_sub)) == NULL) {
+ if ((dn = ads_get_dn(ads, talloc_tos(), msg_sub)) == NULL) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return ADS_ERROR(LDAP_NO_MEMORY);
}
if (!ADS_ERR_OK(status)) {
DEBUG(3,("failed to delete dn %s: %s\n", dn, ads_errstr(status)));
SAFE_FREE(host);
- ads_memfree(ads, dn);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(dn);
+ TALLOC_FREE(hostnameDN);
return status;
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
}
/* there should be no subordinate objects anymore */
if (!ADS_ERR_OK(status) || ( (ads_count_replies(ads, res)) > 0 ) ) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
if (!ADS_ERR_OK(status)) {
SAFE_FREE(host);
DEBUG(3,("failed to delete dn %s: %s\n", hostnameDN, ads_errstr(status)));
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
}
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
status = ads_find_machine_acct(ads, &res, host);
if (ADS_ERR_OK(status) && ads_count_replies(ads, res) == 1) {
status = ads_do_search_all(ads, ads->config.bind_path,
LDAP_SCOPE_SUBTREE,
filter, attrs, &res);
-
+
if (!ADS_ERR_OK(status)) {
goto out;
}
goto out;
}
- dn = ads_get_dn(ads, res);
+ dn = ads_get_dn(ads, talloc_tos(), res);
if (dn == NULL) {
status = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
}
}
out:
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return status;
done:
ads_msgfree(ads, res);
return result;
-
}
/**
ADS_STRUCT *ads,
const char **account_ou)
{
- struct ldb_dn *name_dn = NULL;
- const char *name = NULL;
- char *ou_string = NULL;
+ char **exploded_dn;
+ const char *name;
+ char *ou_string;
- name_dn = ldb_dn_explode(mem_ctx, *account_ou);
- if (name_dn) {
+ exploded_dn = ldap_explode_dn(*account_ou, 0);
+ if (exploded_dn) {
+ ldap_value_free(exploded_dn);
return ADS_SUCCESS;
}
name = talloc_asprintf(mem_ctx, "%s,%s", ou_string,
ads->config.bind_path);
SAFE_FREE(ou_string);
+
if (!name) {
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
}
- name_dn = ldb_dn_explode(mem_ctx, name);
- if (!name_dn) {
+ exploded_dn = ldap_explode_dn(name, 0);
+ if (!exploded_dn) {
return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX);
}
+ ldap_value_free(exploded_dn);
- *account_ou = talloc_strdup(mem_ctx, name);
- if (!*account_ou) {
- return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
- }
-
+ *account_ou = name;
return ADS_SUCCESS;
}