4 Copyright (C) Simo Sorce 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb dn creation and manipulation utility functions
29 * Description: - explode a dn into it's own basic elements
30 * and put them in a structure (only if necessary)
31 * - manipulate ldb_dn structures
36 #include "ldb_private.h"
39 #define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
41 #define LDB_FREE(x) do { talloc_free(x); x = NULL; } while(0)
44 internal ldb exploded dn structures
46 struct ldb_dn_component {
52 struct ldb_val cf_value;
55 struct ldb_dn_ext_component {
63 struct ldb_context *ldb;
65 /* Special DNs are always linearized */
75 unsigned int comp_num;
76 struct ldb_dn_component *components;
78 unsigned int ext_comp_num;
79 struct ldb_dn_ext_component *ext_components;
82 /* it is helpful to be able to break on this in gdb */
83 static void ldb_dn_mark_invalid(struct ldb_dn *dn)
88 /* strdn may be NULL */
89 struct ldb_dn *ldb_dn_from_ldb_val(TALLOC_CTX *mem_ctx,
90 struct ldb_context *ldb,
91 const struct ldb_val *strdn)
95 if (! ldb) return NULL;
97 if (strdn && strdn->data
98 && (strnlen((const char*)strdn->data, strdn->length) != strdn->length)) {
99 /* The RDN must not contain a character with value 0x0 */
103 dn = talloc_zero(mem_ctx, struct ldb_dn);
104 LDB_DN_NULL_FAILED(dn);
106 dn->ldb = talloc_get_type(ldb, struct ldb_context);
107 if (dn->ldb == NULL) {
108 /* the caller probably got the arguments to
109 ldb_dn_new() mixed up */
114 if (strdn->data && strdn->length) {
115 const char *data = (const char *)strdn->data;
116 size_t length = strdn->length;
118 if (data[0] == '@') {
121 dn->ext_linearized = talloc_strndup(dn, data, length);
122 LDB_DN_NULL_FAILED(dn->ext_linearized);
124 if (data[0] == '<') {
125 const char *p_save, *p = dn->ext_linearized;
134 if (p_save == dn->ext_linearized) {
135 dn->linearized = talloc_strdup(dn, "");
137 dn->linearized = talloc_strdup(dn, p_save);
139 LDB_DN_NULL_FAILED(dn->linearized);
141 dn->linearized = dn->ext_linearized;
142 dn->ext_linearized = NULL;
145 dn->linearized = talloc_strdup(dn, "");
146 LDB_DN_NULL_FAILED(dn->linearized);
156 /* strdn may be NULL */
157 struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx,
158 struct ldb_context *ldb,
162 blob.data = discard_const_p(uint8_t, strdn);
163 blob.length = strdn ? strlen(strdn) : 0;
164 return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
167 struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx,
168 struct ldb_context *ldb,
169 const char *new_fmt, ...)
174 if ( (! mem_ctx) || (! ldb)) return NULL;
176 va_start(ap, new_fmt);
177 strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
181 struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, strdn);
189 /* see RFC2253 section 2.4 */
190 static int ldb_dn_escape_internal(char *dst, const char *src, int len)
197 for (i = 0; i < len; i++){
201 if (i == 0 || i == len - 1) {
202 /* if at the beginning or end
203 * of the string then escape */
207 /* otherwise don't escape */
213 /* despite the RFC, windows escapes a #
214 anywhere in the string */
222 /* these must be escaped using \c form */
232 /* any others get \XX form */
234 const char *hexbytes = "0123456789ABCDEF";
235 v = (const unsigned char)c;
237 *d++ = hexbytes[v>>4];
238 *d++ = hexbytes[v&0xF];
246 /* return the length of the resulting string */
250 char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value)
257 /* allocate destination string, it will be at most 3 times the source */
258 dst = talloc_array(mem_ctx, char, value.length * 3 + 1);
264 ldb_dn_escape_internal(dst, (const char *)value.data, value.length);
266 dst = talloc_realloc(mem_ctx, dst, char, strlen(dst) + 1);
272 explode a DN string into a ldb_dn structure
273 based on RFC4514 except that we don't support multiple valued RDNs
275 TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
276 DN must be compliant with RFC2253
278 static bool ldb_dn_explode(struct ldb_dn *dn)
280 char *p, *ex_name = NULL, *ex_value = NULL, *data, *d, *dt, *t;
282 bool in_extended = true;
283 bool in_ex_name = false;
284 bool in_ex_value = false;
285 bool in_attr = false;
286 bool in_value = false;
287 bool in_quote = false;
296 if ( ! dn || dn->invalid) return false;
298 if (dn->components) {
302 if (dn->ext_linearized) {
303 parse_dn = dn->ext_linearized;
305 parse_dn = dn->linearized;
312 is_index = (strncmp(parse_dn, "DN=@INDEX:", 10) == 0);
315 if (parse_dn[0] == '\0') {
319 /* Special DNs case */
324 /* make sure we free this if allocated previously before replacing */
325 LDB_FREE(dn->components);
328 LDB_FREE(dn->ext_components);
329 dn->ext_comp_num = 0;
331 /* in the common case we have 3 or more components */
332 /* make sure all components are zeroed, other functions depend on it */
333 dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
334 if ( ! dn->components) {
338 /* Components data space is allocated here once */
339 data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
351 if (!in_ex_name && !in_ex_value) {
358 } else if (p[0] == '\0') {
370 if (in_ex_name && *p == '=') {
379 if (in_ex_value && *p == '>') {
380 const struct ldb_dn_extended_syntax *ext_syntax;
381 struct ldb_val ex_val = {
382 .data = (uint8_t *)ex_value,
383 .length = d - ex_value
390 /* Process name and ex_value */
392 dn->ext_components = talloc_realloc(dn,
394 struct ldb_dn_ext_component,
395 dn->ext_comp_num + 1);
396 if ( ! dn->ext_components) {
401 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, ex_name);
403 /* We don't know about this type of extended DN */
407 dn->ext_components[dn->ext_comp_num].name = talloc_strdup(dn->ext_components, ex_name);
408 if (!dn->ext_components[dn->ext_comp_num].name) {
412 ret = ext_syntax->read_fn(dn->ldb, dn->ext_components,
413 &ex_val, &dn->ext_components[dn->ext_comp_num].value);
414 if (ret != LDB_SUCCESS) {
415 ldb_dn_mark_invalid(dn);
422 /* We have reached the end (extended component only)! */
426 } else if (*p == ';') {
430 ldb_dn_mark_invalid(dn);
449 /* attr names must be ascii only */
450 ldb_dn_mark_invalid(dn);
457 if ( ! isalpha(*p)) {
458 /* not a digit nor an alpha,
459 * invalid attribute name */
460 ldb_dn_mark_invalid(dn);
464 /* Copy this character across from parse_dn,
465 * now we have trimmed out spaces */
472 /* valid only if we are at the end */
477 if (trim && (*p != '=')) {
478 /* spaces/tabs are not allowed */
479 ldb_dn_mark_invalid(dn);
484 /* attribute terminated */
490 /* Terminate this string in d
491 * (which is a copy of parse_dn
492 * with spaces trimmed) */
494 dn->components[dn->comp_num].name = talloc_strdup(dn->components, dt);
495 if ( ! dn->components[dn->comp_num].name) {
507 /* attr names must be ascii only */
508 ldb_dn_mark_invalid(dn);
512 if (is_oid && ( ! (isdigit(*p) || (*p == '.')))) {
513 /* not a digit nor a dot,
514 * invalid attribute oid */
515 ldb_dn_mark_invalid(dn);
518 if ( ! (isalpha(*p) || isdigit(*p) || (*p == '-'))) {
519 /* not ALPHA, DIGIT or HYPHEN */
520 ldb_dn_mark_invalid(dn);
560 /* TODO: support ber encoded values
571 /* ok found value terminator */
585 dn->components[dn->comp_num].value.data = (uint8_t *)talloc_strdup(dn->components, dt);
586 dn->components[dn->comp_num].value.length = l;
587 if ( ! dn->components[dn->comp_num].value.data) {
595 if (dn->comp_num > 2) {
596 dn->components = talloc_realloc(dn,
598 struct ldb_dn_component,
600 if ( ! dn->components) {
604 /* make sure all components are zeroed, other functions depend on this */
605 memset(&dn->components[dn->comp_num], '\0', sizeof(struct ldb_dn_component));
612 /* to main compatibility with earlier
613 versions of ldb indexing, we have to
614 accept the base64 encoded binary index
615 values, which contain a '+' or '='
616 which should normally be escaped */
628 /* a string with not escaped specials is invalid (tested) */
630 ldb_dn_mark_invalid(dn);
657 if (isxdigit(p[0]) && isxdigit(p[1])) {
658 if (sscanf(p, "%02x", &x) != 1) {
659 /* invalid escaping sequence */
660 ldb_dn_mark_invalid(dn);
664 *d++ = (unsigned char)x;
690 if (in_attr || in_quote) {
692 ldb_dn_mark_invalid(dn);
696 /* save last element */
704 dn->components[dn->comp_num].value.length = l;
705 dn->components[dn->comp_num].value.data =
706 (uint8_t *)talloc_strdup(dn->components, dt);
707 if ( ! dn->components[dn->comp_num].value.data) {
718 LDB_FREE(dn->components); /* "data" is implicitly free'd */
720 LDB_FREE(dn->ext_components);
721 dn->ext_comp_num = 0;
726 bool ldb_dn_validate(struct ldb_dn *dn)
728 return ldb_dn_explode(dn);
731 const char *ldb_dn_get_linearized(struct ldb_dn *dn)
737 if ( ! dn || ( dn->invalid)) return NULL;
739 if (dn->linearized) return dn->linearized;
741 if ( ! dn->components) {
742 ldb_dn_mark_invalid(dn);
746 if (dn->comp_num == 0) {
747 dn->linearized = talloc_strdup(dn, "");
748 if ( ! dn->linearized) return NULL;
749 return dn->linearized;
752 /* calculate maximum possible length of DN */
753 for (len = 0, i = 0; i < dn->comp_num; i++) {
755 len += strlen(dn->components[i].name);
756 /* max escaped data len */
757 len += (dn->components[i].value.length * 3);
758 len += 2; /* '=' and ',' */
760 dn->linearized = talloc_array(dn, char, len);
761 if ( ! dn->linearized) return NULL;
765 for (i = 0; i < dn->comp_num; i++) {
768 n = dn->components[i].name;
769 while (*n) *d++ = *n++;
774 d += ldb_dn_escape_internal( d,
775 (char *)dn->components[i].value.data,
776 dn->components[i].value.length);
782 /* don't waste more memory than necessary */
783 dn->linearized = talloc_realloc(dn, dn->linearized,
784 char, (d - dn->linearized + 1));
786 return dn->linearized;
789 static int ldb_dn_extended_component_compare(const void *p1, const void *p2)
791 const struct ldb_dn_ext_component *ec1 = (const struct ldb_dn_ext_component *)p1;
792 const struct ldb_dn_ext_component *ec2 = (const struct ldb_dn_ext_component *)p2;
793 return strcmp(ec1->name, ec2->name);
796 char *ldb_dn_get_extended_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int mode)
798 const char *linearized = ldb_dn_get_linearized(dn);
806 if (!ldb_dn_has_extended(dn)) {
807 return talloc_strdup(mem_ctx, linearized);
810 if (!ldb_dn_validate(dn)) {
814 /* sort the extended components by name. The idea is to make
815 * the resulting DNs consistent, plus to ensure that we put
816 * 'DELETED' first, so it can be very quickly recognised
818 TYPESAFE_QSORT(dn->ext_components, dn->ext_comp_num,
819 ldb_dn_extended_component_compare);
821 for (i = 0; i < dn->ext_comp_num; i++) {
822 const struct ldb_dn_extended_syntax *ext_syntax;
823 const char *name = dn->ext_components[i].name;
824 struct ldb_val ec_val = dn->ext_components[i].value;
828 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, name);
834 ret = ext_syntax->write_clear_fn(dn->ldb, mem_ctx,
836 } else if (mode == 0) {
837 ret = ext_syntax->write_hex_fn(dn->ldb, mem_ctx,
843 if (ret != LDB_SUCCESS) {
848 p = talloc_asprintf(mem_ctx, "<%s=%s>",
851 p = talloc_asprintf_append_buffer(p, ";<%s=%s>",
855 talloc_free(val.data);
862 if (dn->ext_comp_num && *linearized) {
863 p = talloc_asprintf_append_buffer(p, ";%s", linearized);
874 filter out all but an acceptable list of extended DN components
876 void ldb_dn_extended_filter(struct ldb_dn *dn, const char * const *accept_list)
879 for (i=0; i<dn->ext_comp_num; i++) {
880 if (!ldb_attr_in_list(accept_list, dn->ext_components[i].name)) {
881 memmove(&dn->ext_components[i],
882 &dn->ext_components[i+1],
883 (dn->ext_comp_num-(i+1))*sizeof(dn->ext_components[0]));
888 LDB_FREE(dn->ext_linearized);
892 char *ldb_dn_alloc_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
894 return talloc_strdup(mem_ctx, ldb_dn_get_linearized(dn));
898 casefold a dn. We need to casefold the attribute names, and canonicalize
899 attribute values of case insensitive attributes.
902 static bool ldb_dn_casefold_internal(struct ldb_dn *dn)
907 if ( ! dn || dn->invalid) return false;
909 if (dn->valid_case) return true;
911 if (( ! dn->components) && ( ! ldb_dn_explode(dn))) {
915 for (i = 0; i < dn->comp_num; i++) {
916 const struct ldb_schema_attribute *a;
918 dn->components[i].cf_name =
919 ldb_attr_casefold(dn->components,
920 dn->components[i].name);
921 if (!dn->components[i].cf_name) {
925 a = ldb_schema_attribute_by_name(dn->ldb,
926 dn->components[i].cf_name);
928 ret = a->syntax->canonicalise_fn(dn->ldb, dn->components,
929 &(dn->components[i].value),
930 &(dn->components[i].cf_value));
936 dn->valid_case = true;
941 for (i = 0; i < dn->comp_num; i++) {
942 LDB_FREE(dn->components[i].cf_name);
943 LDB_FREE(dn->components[i].cf_value.data);
948 const char *ldb_dn_get_casefold(struct ldb_dn *dn)
954 if (dn->casefold) return dn->casefold;
957 dn->casefold = talloc_strdup(dn, dn->linearized);
958 if (!dn->casefold) return NULL;
959 dn->valid_case = true;
963 if ( ! ldb_dn_casefold_internal(dn)) {
967 if (dn->comp_num == 0) {
968 dn->casefold = talloc_strdup(dn, "");
972 /* calculate maximum possible length of DN */
973 for (len = 0, i = 0; i < dn->comp_num; i++) {
975 len += strlen(dn->components[i].cf_name);
976 /* max escaped data len */
977 len += (dn->components[i].cf_value.length * 3);
978 len += 2; /* '=' and ',' */
980 dn->casefold = talloc_array(dn, char, len);
981 if ( ! dn->casefold) return NULL;
985 for (i = 0; i < dn->comp_num; i++) {
988 n = dn->components[i].cf_name;
989 while (*n) *d++ = *n++;
994 d += ldb_dn_escape_internal( d,
995 (char *)dn->components[i].cf_value.data,
996 dn->components[i].cf_value.length);
1001 /* don't waste more memory than necessary */
1002 dn->casefold = talloc_realloc(dn, dn->casefold,
1003 char, strlen(dn->casefold) + 1);
1005 return dn->casefold;
1008 char *ldb_dn_alloc_casefold(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1010 return talloc_strdup(mem_ctx, ldb_dn_get_casefold(dn));
1013 /* Determine if dn is below base, in the ldap tree. Used for
1014 * evaluating a subtree search.
1015 * 0 if they match, otherwise non-zero
1018 int ldb_dn_compare_base(struct ldb_dn *base, struct ldb_dn *dn)
1021 unsigned int n_base, n_dn;
1023 if ( ! base || base->invalid) return 1;
1024 if ( ! dn || dn->invalid) return -1;
1026 if (( ! base->valid_case) || ( ! dn->valid_case)) {
1027 if (base->linearized && dn->linearized && dn->special == base->special) {
1028 /* try with a normal compare first, if we are lucky
1029 * we will avoid exploding and casfolding */
1031 dif = strlen(dn->linearized) - strlen(base->linearized);
1035 if (strcmp(base->linearized,
1036 &dn->linearized[dif]) == 0) {
1041 if ( ! ldb_dn_casefold_internal(base)) {
1045 if ( ! ldb_dn_casefold_internal(dn)) {
1051 /* if base has more components,
1052 * they don't have the same base */
1053 if (base->comp_num > dn->comp_num) {
1054 return (dn->comp_num - base->comp_num);
1057 if ((dn->comp_num == 0) || (base->comp_num == 0)) {
1058 if (dn->special && base->special) {
1059 return strcmp(base->linearized, dn->linearized);
1060 } else if (dn->special) {
1062 } else if (base->special) {
1069 n_base = base->comp_num - 1;
1070 n_dn = dn->comp_num - 1;
1072 while (n_base != (unsigned int) -1) {
1073 char *b_name = base->components[n_base].cf_name;
1074 char *dn_name = dn->components[n_dn].cf_name;
1076 char *b_vdata = (char *)base->components[n_base].cf_value.data;
1077 char *dn_vdata = (char *)dn->components[n_dn].cf_value.data;
1079 size_t b_vlen = base->components[n_base].cf_value.length;
1080 size_t dn_vlen = dn->components[n_dn].cf_value.length;
1082 /* compare attr names */
1083 ret = strcmp(b_name, dn_name);
1084 if (ret != 0) return ret;
1086 /* compare attr.cf_value. */
1087 if (b_vlen != dn_vlen) {
1088 return b_vlen - dn_vlen;
1090 ret = strncmp(b_vdata, dn_vdata, b_vlen);
1091 if (ret != 0) return ret;
1100 /* compare DNs using casefolding compare functions.
1102 If they match, then return 0
1105 int ldb_dn_compare(struct ldb_dn *dn0, struct ldb_dn *dn1)
1110 if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
1114 if (( ! dn0->valid_case) || ( ! dn1->valid_case)) {
1115 if (dn0->linearized && dn1->linearized) {
1116 /* try with a normal compare first, if we are lucky
1117 * we will avoid exploding and casfolding */
1118 if (strcmp(dn0->linearized, dn1->linearized) == 0) {
1123 if ( ! ldb_dn_casefold_internal(dn0)) {
1127 if ( ! ldb_dn_casefold_internal(dn1)) {
1133 if (dn0->comp_num != dn1->comp_num) {
1134 return (dn1->comp_num - dn0->comp_num);
1137 if (dn0->comp_num == 0) {
1138 if (dn0->special && dn1->special) {
1139 return strcmp(dn0->linearized, dn1->linearized);
1140 } else if (dn0->special) {
1142 } else if (dn1->special) {
1149 for (i = 0; i < dn0->comp_num; i++) {
1150 char *dn0_name = dn0->components[i].cf_name;
1151 char *dn1_name = dn1->components[i].cf_name;
1153 char *dn0_vdata = (char *)dn0->components[i].cf_value.data;
1154 char *dn1_vdata = (char *)dn1->components[i].cf_value.data;
1156 size_t dn0_vlen = dn0->components[i].cf_value.length;
1157 size_t dn1_vlen = dn1->components[i].cf_value.length;
1159 /* compare attr names */
1160 ret = strcmp(dn0_name, dn1_name);
1165 /* compare attr.cf_value. */
1166 if (dn0_vlen != dn1_vlen) {
1167 return dn0_vlen - dn1_vlen;
1169 ret = strncmp(dn0_vdata, dn1_vdata, dn0_vlen);
1178 static struct ldb_dn_component ldb_dn_copy_component(
1179 TALLOC_CTX *mem_ctx,
1180 struct ldb_dn_component *src)
1182 struct ldb_dn_component dst;
1184 memset(&dst, 0, sizeof(dst));
1190 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1191 if (dst.value.data == NULL) {
1195 dst.name = talloc_strdup(mem_ctx, src->name);
1196 if (dst.name == NULL) {
1197 LDB_FREE(dst.value.data);
1201 if (src->cf_value.data) {
1202 dst.cf_value = ldb_val_dup(mem_ctx, &(src->cf_value));
1203 if (dst.cf_value.data == NULL) {
1204 LDB_FREE(dst.value.data);
1209 dst.cf_name = talloc_strdup(mem_ctx, src->cf_name);
1210 if (dst.cf_name == NULL) {
1211 LDB_FREE(dst.cf_name);
1212 LDB_FREE(dst.value.data);
1217 dst.cf_value.data = NULL;
1224 static struct ldb_dn_ext_component ldb_dn_ext_copy_component(
1225 TALLOC_CTX *mem_ctx,
1226 struct ldb_dn_ext_component *src)
1228 struct ldb_dn_ext_component dst;
1230 memset(&dst, 0, sizeof(dst));
1236 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1237 if (dst.value.data == NULL) {
1241 dst.name = talloc_strdup(mem_ctx, src->name);
1242 if (dst.name == NULL) {
1243 LDB_FREE(dst.value.data);
1250 struct ldb_dn *ldb_dn_copy(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1252 struct ldb_dn *new_dn;
1254 if (!dn || dn->invalid) {
1258 new_dn = talloc_zero(mem_ctx, struct ldb_dn);
1265 if (dn->components) {
1268 new_dn->components =
1269 talloc_zero_array(new_dn,
1270 struct ldb_dn_component,
1272 if ( ! new_dn->components) {
1273 talloc_free(new_dn);
1277 for (i = 0; i < dn->comp_num; i++) {
1278 new_dn->components[i] =
1279 ldb_dn_copy_component(new_dn->components,
1280 &dn->components[i]);
1281 if ( ! new_dn->components[i].value.data) {
1282 talloc_free(new_dn);
1288 if (dn->ext_components) {
1291 new_dn->ext_components =
1292 talloc_zero_array(new_dn,
1293 struct ldb_dn_ext_component,
1295 if ( ! new_dn->ext_components) {
1296 talloc_free(new_dn);
1300 for (i = 0; i < dn->ext_comp_num; i++) {
1301 new_dn->ext_components[i] =
1302 ldb_dn_ext_copy_component(
1303 new_dn->ext_components,
1304 &dn->ext_components[i]);
1305 if ( ! new_dn->ext_components[i].value.data) {
1306 talloc_free(new_dn);
1313 new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
1314 if ( ! new_dn->casefold) {
1315 talloc_free(new_dn);
1320 if (dn->linearized) {
1321 new_dn->linearized = talloc_strdup(new_dn, dn->linearized);
1322 if ( ! new_dn->linearized) {
1323 talloc_free(new_dn);
1328 if (dn->ext_linearized) {
1329 new_dn->ext_linearized = talloc_strdup(new_dn,
1330 dn->ext_linearized);
1331 if ( ! new_dn->ext_linearized) {
1332 talloc_free(new_dn);
1340 /* modify the given dn by adding a base.
1342 * return true if successful and false if not
1343 * if false is returned the dn may be marked invalid
1345 bool ldb_dn_add_base(struct ldb_dn *dn, struct ldb_dn *base)
1350 if ( !base || base->invalid || !dn || dn->invalid) {
1354 if (dn->components) {
1357 if ( ! ldb_dn_validate(base)) {
1362 if (dn->valid_case) {
1363 if ( ! (s = ldb_dn_get_casefold(base))) {
1368 dn->components = talloc_realloc(dn,
1370 struct ldb_dn_component,
1371 dn->comp_num + base->comp_num);
1372 if ( ! dn->components) {
1373 ldb_dn_mark_invalid(dn);
1377 for (i = 0; i < base->comp_num; dn->comp_num++, i++) {
1378 dn->components[dn->comp_num] =
1379 ldb_dn_copy_component(dn->components,
1380 &base->components[i]);
1381 if (dn->components[dn->comp_num].value.data == NULL) {
1382 ldb_dn_mark_invalid(dn);
1387 if (dn->casefold && s) {
1388 if (*dn->casefold) {
1389 t = talloc_asprintf(dn, "%s,%s",
1392 t = talloc_strdup(dn, s);
1394 LDB_FREE(dn->casefold);
1399 if (dn->linearized) {
1401 s = ldb_dn_get_linearized(base);
1406 if (*dn->linearized) {
1407 t = talloc_asprintf(dn, "%s,%s",
1410 t = talloc_strdup(dn, s);
1413 ldb_dn_mark_invalid(dn);
1416 LDB_FREE(dn->linearized);
1420 /* Wipe the ext_linearized DN,
1421 * the GUID and SID are almost certainly no longer valid */
1422 LDB_FREE(dn->ext_linearized);
1423 LDB_FREE(dn->ext_components);
1424 dn->ext_comp_num = 0;
1429 /* modify the given dn by adding a base.
1431 * return true if successful and false if not
1432 * if false is returned the dn may be marked invalid
1434 bool ldb_dn_add_base_fmt(struct ldb_dn *dn, const char *base_fmt, ...)
1436 struct ldb_dn *base;
1441 if ( !dn || dn->invalid) {
1445 va_start(ap, base_fmt);
1446 base_str = talloc_vasprintf(dn, base_fmt, ap);
1449 if (base_str == NULL) {
1453 base = ldb_dn_new(base_str, dn->ldb, base_str);
1455 ret = ldb_dn_add_base(dn, base);
1457 talloc_free(base_str);
1462 /* modify the given dn by adding children elements.
1464 * return true if successful and false if not
1465 * if false is returned the dn may be marked invalid
1467 bool ldb_dn_add_child(struct ldb_dn *dn, struct ldb_dn *child)
1472 if ( !child || child->invalid || !dn || dn->invalid) {
1476 if (dn->components) {
1480 if (dn->comp_num == 0) {
1484 if ( ! ldb_dn_validate(child)) {
1489 if (dn->valid_case) {
1490 if ( ! (s = ldb_dn_get_casefold(child))) {
1495 n = dn->comp_num + child->comp_num;
1497 dn->components = talloc_realloc(dn,
1499 struct ldb_dn_component,
1501 if ( ! dn->components) {
1502 ldb_dn_mark_invalid(dn);
1506 for (i = dn->comp_num - 1, j = n - 1; i != (unsigned int) -1;
1508 dn->components[j] = dn->components[i];
1511 for (i = 0; i < child->comp_num; i++) {
1513 ldb_dn_copy_component(dn->components,
1514 &child->components[i]);
1515 if (dn->components[i].value.data == NULL) {
1516 ldb_dn_mark_invalid(dn);
1523 if (dn->casefold && s) {
1524 t = talloc_asprintf(dn, "%s,%s", s, dn->casefold);
1525 LDB_FREE(dn->casefold);
1530 if (dn->linearized) {
1531 if (dn->linearized[0] == '\0') {
1535 s = ldb_dn_get_linearized(child);
1540 t = talloc_asprintf(dn, "%s,%s", s, dn->linearized);
1542 ldb_dn_mark_invalid(dn);
1545 LDB_FREE(dn->linearized);
1549 /* Wipe the ext_linearized DN,
1550 * the GUID and SID are almost certainly no longer valid */
1551 LDB_FREE(dn->ext_linearized);
1552 LDB_FREE(dn->ext_components);
1553 dn->ext_comp_num = 0;
1558 /* modify the given dn by adding children elements.
1560 * return true if successful and false if not
1561 * if false is returned the dn may be marked invalid
1563 bool ldb_dn_add_child_fmt(struct ldb_dn *dn, const char *child_fmt, ...)
1565 struct ldb_dn *child;
1570 if ( !dn || dn->invalid) {
1574 va_start(ap, child_fmt);
1575 child_str = talloc_vasprintf(dn, child_fmt, ap);
1578 if (child_str == NULL) {
1582 child = ldb_dn_new(child_str, dn->ldb, child_str);
1584 ret = ldb_dn_add_child(dn, child);
1586 talloc_free(child_str);
1591 bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num)
1595 if ( ! ldb_dn_validate(dn)) {
1599 if (dn->comp_num < num) {
1603 /* free components */
1604 for (i = dn->comp_num - num; i < dn->comp_num; i++) {
1605 LDB_FREE(dn->components[i].name);
1606 LDB_FREE(dn->components[i].value.data);
1607 LDB_FREE(dn->components[i].cf_name);
1608 LDB_FREE(dn->components[i].cf_value.data);
1611 dn->comp_num -= num;
1613 if (dn->valid_case) {
1614 for (i = 0; i < dn->comp_num; i++) {
1615 LDB_FREE(dn->components[i].cf_name);
1616 LDB_FREE(dn->components[i].cf_value.data);
1618 dn->valid_case = false;
1621 LDB_FREE(dn->casefold);
1622 LDB_FREE(dn->linearized);
1624 /* Wipe the ext_linearized DN,
1625 * the GUID and SID are almost certainly no longer valid */
1626 LDB_FREE(dn->ext_linearized);
1627 LDB_FREE(dn->ext_components);
1628 dn->ext_comp_num = 0;
1633 bool ldb_dn_remove_child_components(struct ldb_dn *dn, unsigned int num)
1637 if ( ! ldb_dn_validate(dn)) {
1641 if (dn->comp_num < num) {
1645 for (i = 0, j = num; j < dn->comp_num; i++, j++) {
1647 LDB_FREE(dn->components[i].name);
1648 LDB_FREE(dn->components[i].value.data);
1649 LDB_FREE(dn->components[i].cf_name);
1650 LDB_FREE(dn->components[i].cf_value.data);
1652 dn->components[i] = dn->components[j];
1655 dn->comp_num -= num;
1657 if (dn->valid_case) {
1658 for (i = 0; i < dn->comp_num; i++) {
1659 LDB_FREE(dn->components[i].cf_name);
1660 LDB_FREE(dn->components[i].cf_value.data);
1662 dn->valid_case = false;
1665 LDB_FREE(dn->casefold);
1666 LDB_FREE(dn->linearized);
1668 /* Wipe the ext_linearized DN,
1669 * the GUID and SID are almost certainly no longer valid */
1670 LDB_FREE(dn->ext_linearized);
1671 LDB_FREE(dn->ext_components);
1672 dn->ext_comp_num = 0;
1678 /* replace the components of a DN with those from another DN, without
1679 * touching the extended components
1681 * return true if successful and false if not
1682 * if false is returned the dn may be marked invalid
1684 bool ldb_dn_replace_components(struct ldb_dn *dn, struct ldb_dn *new_dn)
1688 if ( ! ldb_dn_validate(dn) || ! ldb_dn_validate(new_dn)) {
1692 /* free components */
1693 for (i = 0; i < dn->comp_num; i++) {
1694 LDB_FREE(dn->components[i].name);
1695 LDB_FREE(dn->components[i].value.data);
1696 LDB_FREE(dn->components[i].cf_name);
1697 LDB_FREE(dn->components[i].cf_value.data);
1700 dn->components = talloc_realloc(dn,
1702 struct ldb_dn_component,
1704 if (dn->components == NULL) {
1705 ldb_dn_mark_invalid(dn);
1709 dn->comp_num = new_dn->comp_num;
1710 dn->valid_case = new_dn->valid_case;
1712 for (i = 0; i < dn->comp_num; i++) {
1713 dn->components[i] = ldb_dn_copy_component(dn->components, &new_dn->components[i]);
1714 if (dn->components[i].name == NULL) {
1715 ldb_dn_mark_invalid(dn);
1719 if (new_dn->linearized == NULL) {
1720 dn->linearized = NULL;
1722 dn->linearized = talloc_strdup(dn, new_dn->linearized);
1723 if (dn->linearized == NULL) {
1724 ldb_dn_mark_invalid(dn);
1733 struct ldb_dn *ldb_dn_get_parent(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1735 struct ldb_dn *new_dn;
1737 new_dn = ldb_dn_copy(mem_ctx, dn);
1742 if ( ! ldb_dn_remove_child_components(new_dn, 1)) {
1743 talloc_free(new_dn);
1750 /* Create a 'canonical name' string from a DN:
1752 ie dc=samba,dc=org -> samba.org/
1753 uid=administrator,ou=users,dc=samba,dc=org = samba.org/users/administrator
1755 There are two formats,
1756 the EX format has the last '/' replaced with a newline (\n).
1759 static char *ldb_dn_canonical(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int ex_format) {
1762 char *cracked = NULL;
1763 const char *format = (ex_format ? "\n" : "/" );
1765 if ( ! ldb_dn_validate(dn)) {
1769 tmpctx = talloc_new(mem_ctx);
1771 /* Walk backwards down the DN, grabbing 'dc' components at first */
1772 for (i = dn->comp_num - 1; i != (unsigned int) -1; i--) {
1773 if (ldb_attr_cmp(dn->components[i].name, "dc") != 0) {
1777 cracked = talloc_asprintf(tmpctx, "%s.%s",
1778 ldb_dn_escape_value(tmpctx,
1779 dn->components[i].value),
1782 cracked = ldb_dn_escape_value(tmpctx,
1783 dn->components[i].value);
1790 /* Only domain components? Finish here */
1791 if (i == (unsigned int) -1) {
1792 cracked = talloc_strdup_append_buffer(cracked, format);
1793 talloc_steal(mem_ctx, cracked);
1797 /* Now walk backwards appending remaining components */
1798 for (; i > 0; i--) {
1799 cracked = talloc_asprintf_append_buffer(cracked, "/%s",
1800 ldb_dn_escape_value(tmpctx,
1801 dn->components[i].value));
1807 /* Last one, possibly a newline for the 'ex' format */
1808 cracked = talloc_asprintf_append_buffer(cracked, "%s%s", format,
1809 ldb_dn_escape_value(tmpctx,
1810 dn->components[i].value));
1812 talloc_steal(mem_ctx, cracked);
1814 talloc_free(tmpctx);
1818 /* Wrapper functions for the above, for the two different string formats */
1819 char *ldb_dn_canonical_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1820 return ldb_dn_canonical(mem_ctx, dn, 0);
1824 char *ldb_dn_canonical_ex_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1825 return ldb_dn_canonical(mem_ctx, dn, 1);
1828 int ldb_dn_get_comp_num(struct ldb_dn *dn)
1830 if ( ! ldb_dn_validate(dn)) {
1833 return dn->comp_num;
1836 int ldb_dn_get_extended_comp_num(struct ldb_dn *dn)
1838 if ( ! ldb_dn_validate(dn)) {
1841 return dn->ext_comp_num;
1844 const char *ldb_dn_get_component_name(struct ldb_dn *dn, unsigned int num)
1846 if ( ! ldb_dn_validate(dn)) {
1849 if (num >= dn->comp_num) return NULL;
1850 return dn->components[num].name;
1853 const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn,
1856 if ( ! ldb_dn_validate(dn)) {
1859 if (num >= dn->comp_num) return NULL;
1860 return &dn->components[num].value;
1863 const char *ldb_dn_get_rdn_name(struct ldb_dn *dn)
1865 if ( ! ldb_dn_validate(dn)) {
1868 if (dn->comp_num == 0) return NULL;
1869 return dn->components[0].name;
1872 const struct ldb_val *ldb_dn_get_rdn_val(struct ldb_dn *dn)
1874 if ( ! ldb_dn_validate(dn)) {
1877 if (dn->comp_num == 0) return NULL;
1878 return &dn->components[0].value;
1881 int ldb_dn_set_component(struct ldb_dn *dn, int num,
1882 const char *name, const struct ldb_val val)
1887 if ( ! ldb_dn_validate(dn)) {
1888 return LDB_ERR_OTHER;
1891 if (num >= dn->comp_num) {
1892 return LDB_ERR_OTHER;
1895 n = talloc_strdup(dn, name);
1897 return LDB_ERR_OTHER;
1900 v.length = val.length;
1901 v.data = (uint8_t *)talloc_memdup(dn, val.data, v.length+1);
1904 return LDB_ERR_OTHER;
1907 talloc_free(dn->components[num].name);
1908 talloc_free(dn->components[num].value.data);
1909 dn->components[num].name = n;
1910 dn->components[num].value = v;
1912 if (dn->valid_case) {
1914 for (i = 0; i < dn->comp_num; i++) {
1915 LDB_FREE(dn->components[i].cf_name);
1916 LDB_FREE(dn->components[i].cf_value.data);
1918 dn->valid_case = false;
1920 LDB_FREE(dn->casefold);
1921 LDB_FREE(dn->linearized);
1923 /* Wipe the ext_linearized DN,
1924 * the GUID and SID are almost certainly no longer valid */
1925 LDB_FREE(dn->ext_linearized);
1926 LDB_FREE(dn->ext_components);
1927 dn->ext_comp_num = 0;
1932 const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn,
1936 if ( ! ldb_dn_validate(dn)) {
1939 for (i=0; i < dn->ext_comp_num; i++) {
1940 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1941 return &dn->ext_components[i].value;
1947 int ldb_dn_set_extended_component(struct ldb_dn *dn,
1948 const char *name, const struct ldb_val *val)
1950 struct ldb_dn_ext_component *p;
1954 if ( ! ldb_dn_validate(dn)) {
1955 return LDB_ERR_OTHER;
1958 if (!ldb_dn_extended_syntax_by_name(dn->ldb, name)) {
1959 /* We don't know how to handle this type of thing */
1960 return LDB_ERR_INVALID_DN_SYNTAX;
1963 for (i=0; i < dn->ext_comp_num; i++) {
1964 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1966 dn->ext_components[i].value =
1967 ldb_val_dup(dn->ext_components, val);
1969 dn->ext_components[i].name =
1970 talloc_strdup(dn->ext_components, name);
1971 if (!dn->ext_components[i].name ||
1972 !dn->ext_components[i].value.data) {
1973 ldb_dn_mark_invalid(dn);
1974 return LDB_ERR_OPERATIONS_ERROR;
1977 if (i != (dn->ext_comp_num - 1)) {
1978 memmove(&dn->ext_components[i],
1979 &dn->ext_components[i+1],
1980 ((dn->ext_comp_num-1) - i) *
1981 sizeof(*dn->ext_components));
1985 dn->ext_components = talloc_realloc(dn,
1987 struct ldb_dn_ext_component,
1989 if (!dn->ext_components) {
1990 ldb_dn_mark_invalid(dn);
1991 return LDB_ERR_OPERATIONS_ERROR;
1994 LDB_FREE(dn->ext_linearized);
2001 /* removing a value that doesn't exist is not an error */
2007 p = dn->ext_components
2008 = talloc_realloc(dn,
2010 struct ldb_dn_ext_component,
2011 dn->ext_comp_num + 1);
2012 if (!dn->ext_components) {
2013 ldb_dn_mark_invalid(dn);
2014 return LDB_ERR_OPERATIONS_ERROR;
2017 p[dn->ext_comp_num].value = ldb_val_dup(dn->ext_components, &v2);
2018 p[dn->ext_comp_num].name = talloc_strdup(p, name);
2020 if (!dn->ext_components[i].name || !dn->ext_components[i].value.data) {
2021 ldb_dn_mark_invalid(dn);
2022 return LDB_ERR_OPERATIONS_ERROR;
2024 dn->ext_components = p;
2027 LDB_FREE(dn->ext_linearized);
2032 void ldb_dn_remove_extended_components(struct ldb_dn *dn)
2034 LDB_FREE(dn->ext_linearized);
2035 LDB_FREE(dn->ext_components);
2036 dn->ext_comp_num = 0;
2039 bool ldb_dn_is_valid(struct ldb_dn *dn)
2041 if ( ! dn) return false;
2042 return ! dn->invalid;
2045 bool ldb_dn_is_special(struct ldb_dn *dn)
2047 if ( ! dn || dn->invalid) return false;
2051 bool ldb_dn_has_extended(struct ldb_dn *dn)
2053 if ( ! dn || dn->invalid) return false;
2054 if (dn->ext_linearized && (dn->ext_linearized[0] == '<')) return true;
2055 return dn->ext_comp_num != 0;
2058 bool ldb_dn_check_special(struct ldb_dn *dn, const char *check)
2060 if ( ! dn || dn->invalid) return false;
2061 return ! strcmp(dn->linearized, check);
2064 bool ldb_dn_is_null(struct ldb_dn *dn)
2066 if ( ! dn || dn->invalid) return false;
2067 if (ldb_dn_has_extended(dn)) return false;
2068 if (dn->linearized && (dn->linearized[0] == '\0')) return true;
2073 this updates dn->components, taking the components from ref_dn.
2074 This is used by code that wants to update the DN path of a DN
2075 while not impacting on the extended DN components
2077 int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn)
2079 dn->components = talloc_realloc(dn, dn->components,
2080 struct ldb_dn_component, ref_dn->comp_num);
2081 if (!dn->components) {
2082 return LDB_ERR_OPERATIONS_ERROR;
2084 memcpy(dn->components, ref_dn->components,
2085 sizeof(struct ldb_dn_component)*ref_dn->comp_num);
2086 dn->comp_num = ref_dn->comp_num;
2088 LDB_FREE(dn->casefold);
2089 LDB_FREE(dn->linearized);
2090 LDB_FREE(dn->ext_linearized);
2096 minimise a DN. The caller must pass in a validated DN.
2098 If the DN has an extended component then only the first extended
2099 component is kept, the DN string is stripped.
2101 The existing dn is modified
2103 bool ldb_dn_minimise(struct ldb_dn *dn)
2107 if (!ldb_dn_validate(dn)) {
2110 if (dn->ext_comp_num == 0) {
2114 /* free components */
2115 for (i = 0; i < dn->comp_num; i++) {
2116 LDB_FREE(dn->components[i].name);
2117 LDB_FREE(dn->components[i].value.data);
2118 LDB_FREE(dn->components[i].cf_name);
2119 LDB_FREE(dn->components[i].cf_value.data);
2122 dn->valid_case = false;
2124 LDB_FREE(dn->casefold);
2125 LDB_FREE(dn->linearized);
2127 /* note that we don't free dn->components as this there are
2128 * several places in ldb_dn.c that rely on it being non-NULL
2129 * for an exploded DN
2132 for (i = 1; i < dn->ext_comp_num; i++) {
2133 LDB_FREE(dn->ext_components[i].name);
2134 LDB_FREE(dn->ext_components[i].value.data);
2136 dn->ext_comp_num = 1;
2138 dn->ext_components = talloc_realloc(dn, dn->ext_components, struct ldb_dn_ext_component, 1);
2139 if (dn->ext_components == NULL) {
2140 ldb_dn_mark_invalid(dn);
2144 LDB_FREE(dn->ext_linearized);
git.samba.org / samba.git / blob