3dd81fb822597f43145aadc102a8d34eda13d854
[samba.git] / source4 / dsdb / schema / schema_init.c
1 /* 
2    Unix SMB/CIFS mplementation.
3    DSDB schema header
4    
5    Copyright (C) Stefan Metzmacher <metze@samba.org> 2006
6    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007
7
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 3 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
20    
21 */
22
23 #include "includes.h"
24 #include "dsdb/samdb/samdb.h"
25 #include "lib/ldb/include/ldb_errors.h"
26 #include "lib/util/dlinklist.h"
27 #include "librpc/gen_ndr/ndr_misc.h"
28 #include "librpc/gen_ndr/ndr_drsuapi.h"
29 #include "librpc/gen_ndr/ndr_drsblobs.h"
30 #include "param/param.h"
31
32 WERROR dsdb_load_oid_mappings_drsuapi(struct dsdb_schema *schema, const struct drsuapi_DsReplicaOIDMapping_Ctr *ctr)
33 {
34         uint32_t i,j;
35
36         schema->prefixes = talloc_array(schema, struct dsdb_schema_oid_prefix, ctr->num_mappings);
37         W_ERROR_HAVE_NO_MEMORY(schema->prefixes);
38
39         for (i=0, j=0; i < ctr->num_mappings; i++) {
40                 if (ctr->mappings[i].oid.oid == NULL) {
41                         return WERR_INVALID_PARAM;
42                 }
43
44                 if (strncasecmp(ctr->mappings[i].oid.oid, "ff", 2) == 0) {
45                         if (ctr->mappings[i].id_prefix != 0) {
46                                 return WERR_INVALID_PARAM;
47                         }
48
49                         /* the magic value should be in the last array member */
50                         if (i != (ctr->num_mappings - 1)) {
51                                 return WERR_INVALID_PARAM;
52                         }
53
54                         if (ctr->mappings[i].oid.__ndr_size != 21) {
55                                 return WERR_INVALID_PARAM;
56                         }
57
58                         schema->schema_info = talloc_strdup(schema, ctr->mappings[i].oid.oid);
59                         W_ERROR_HAVE_NO_MEMORY(schema->schema_info);
60                 } else {
61                         /* the last array member should contain the magic value not a oid */
62                         if (i == (ctr->num_mappings - 1)) {
63                                 return WERR_INVALID_PARAM;
64                         }
65
66                         schema->prefixes[j].id  = ctr->mappings[i].id_prefix<<16;
67                         schema->prefixes[j].oid = talloc_asprintf(schema->prefixes, "%s.",
68                                                                   ctr->mappings[i].oid.oid);
69                         W_ERROR_HAVE_NO_MEMORY(schema->prefixes[j].oid);
70                         schema->prefixes[j].oid_len = strlen(schema->prefixes[j].oid);
71                         j++;
72                 }
73         }
74
75         schema->num_prefixes = j;
76         return WERR_OK;
77 }
78
79 WERROR dsdb_load_oid_mappings_ldb(struct dsdb_schema *schema,
80                                   const struct ldb_val *prefixMap,
81                                   const struct ldb_val *schemaInfo)
82 {
83         WERROR status;
84         enum ndr_err_code ndr_err;
85         struct prefixMapBlob pfm;
86         char *schema_info;
87
88         ndr_err = ndr_pull_struct_blob(prefixMap, schema, lp_iconv_convenience(global_loadparm), &pfm,
89                                        (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob);
90         if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
91                 NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err);
92                 return ntstatus_to_werror(nt_status);
93         }
94
95         if (pfm.version != PREFIX_MAP_VERSION_DSDB) {
96                 return WERR_FOOBAR;
97         }
98
99         if (schemaInfo->length != 21 && schemaInfo->data[0] == 0xFF) {
100                 return WERR_FOOBAR;
101         }
102
103         /* append the schema info as last element */
104         pfm.ctr.dsdb.num_mappings++;
105         pfm.ctr.dsdb.mappings = talloc_realloc(schema, pfm.ctr.dsdb.mappings,
106                                                struct drsuapi_DsReplicaOIDMapping,
107                                                pfm.ctr.dsdb.num_mappings);
108         W_ERROR_HAVE_NO_MEMORY(pfm.ctr.dsdb.mappings);
109
110         schema_info = data_blob_hex_string(pfm.ctr.dsdb.mappings, schemaInfo);
111         W_ERROR_HAVE_NO_MEMORY(schema_info);
112
113         pfm.ctr.dsdb.mappings[pfm.ctr.dsdb.num_mappings - 1].id_prefix          = 0;    
114         pfm.ctr.dsdb.mappings[pfm.ctr.dsdb.num_mappings - 1].oid.__ndr_size     = schemaInfo->length;
115         pfm.ctr.dsdb.mappings[pfm.ctr.dsdb.num_mappings - 1].oid.oid            = schema_info;
116
117         /* call the drsuapi version */
118         status = dsdb_load_oid_mappings_drsuapi(schema, &pfm.ctr.dsdb);
119         talloc_free(pfm.ctr.dsdb.mappings);
120         W_ERROR_NOT_OK_RETURN(status);
121
122         return WERR_OK;
123 }
124
125 WERROR dsdb_get_oid_mappings_drsuapi(const struct dsdb_schema *schema,
126                                      bool include_schema_info,
127                                      TALLOC_CTX *mem_ctx,
128                                      struct drsuapi_DsReplicaOIDMapping_Ctr **_ctr)
129 {
130         struct drsuapi_DsReplicaOIDMapping_Ctr *ctr;
131         uint32_t i;
132
133         ctr = talloc(mem_ctx, struct drsuapi_DsReplicaOIDMapping_Ctr);
134         W_ERROR_HAVE_NO_MEMORY(ctr);
135
136         ctr->num_mappings       = schema->num_prefixes;
137         if (include_schema_info) ctr->num_mappings++;
138         ctr->mappings = talloc_array(schema, struct drsuapi_DsReplicaOIDMapping, ctr->num_mappings);
139         W_ERROR_HAVE_NO_MEMORY(ctr->mappings);
140
141         for (i=0; i < schema->num_prefixes; i++) {
142                 ctr->mappings[i].id_prefix      = schema->prefixes[i].id>>16;
143                 ctr->mappings[i].oid.oid        = talloc_strndup(ctr->mappings,
144                                                                  schema->prefixes[i].oid,
145                                                                  schema->prefixes[i].oid_len - 1);
146                 W_ERROR_HAVE_NO_MEMORY(ctr->mappings[i].oid.oid);
147         }
148
149         if (include_schema_info) {
150                 ctr->mappings[i].id_prefix      = 0;
151                 ctr->mappings[i].oid.oid        = talloc_strdup(ctr->mappings,
152                                                                 schema->schema_info);
153                 W_ERROR_HAVE_NO_MEMORY(ctr->mappings[i].oid.oid);
154         }
155
156         *_ctr = ctr;
157         return WERR_OK;
158 }
159
160 WERROR dsdb_get_oid_mappings_ldb(const struct dsdb_schema *schema,
161                                  TALLOC_CTX *mem_ctx,
162                                  struct ldb_val *prefixMap,
163                                  struct ldb_val *schemaInfo)
164 {
165         WERROR status;
166         enum ndr_err_code ndr_err;
167         struct drsuapi_DsReplicaOIDMapping_Ctr *ctr;
168         struct prefixMapBlob pfm;
169
170         status = dsdb_get_oid_mappings_drsuapi(schema, false, mem_ctx, &ctr);
171         W_ERROR_NOT_OK_RETURN(status);
172
173         pfm.version     = PREFIX_MAP_VERSION_DSDB;
174         pfm.reserved    = 0;
175         pfm.ctr.dsdb    = *ctr;
176
177         ndr_err = ndr_push_struct_blob(prefixMap, mem_ctx, lp_iconv_convenience(global_loadparm), &pfm,
178                                        (ndr_push_flags_fn_t)ndr_push_prefixMapBlob);
179         talloc_free(ctr);
180         if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
181                 NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err);
182                 return ntstatus_to_werror(nt_status);
183         }
184
185         *schemaInfo = strhex_to_data_blob(schema->schema_info);
186         W_ERROR_HAVE_NO_MEMORY(schemaInfo->data);
187         talloc_steal(mem_ctx, schemaInfo->data);
188
189         return WERR_OK;
190 }
191
192 WERROR dsdb_verify_oid_mappings_drsuapi(const struct dsdb_schema *schema, const struct drsuapi_DsReplicaOIDMapping_Ctr *ctr)
193 {
194         uint32_t i,j;
195
196         for (i=0; i < ctr->num_mappings; i++) {
197                 if (ctr->mappings[i].oid.oid == NULL) {
198                         return WERR_INVALID_PARAM;
199                 }
200
201                 if (strncasecmp(ctr->mappings[i].oid.oid, "ff", 2) == 0) {
202                         if (ctr->mappings[i].id_prefix != 0) {
203                                 return WERR_INVALID_PARAM;
204                         }
205
206                         /* the magic value should be in the last array member */
207                         if (i != (ctr->num_mappings - 1)) {
208                                 return WERR_INVALID_PARAM;
209                         }
210
211                         if (ctr->mappings[i].oid.__ndr_size != 21) {
212                                 return WERR_INVALID_PARAM;
213                         }
214
215                         if (strcasecmp(schema->schema_info, ctr->mappings[i].oid.oid) != 0) {
216                                 return WERR_DS_DRA_SCHEMA_MISMATCH;
217                         }
218                 } else {
219                         /* the last array member should contain the magic value not a oid */
220                         if (i == (ctr->num_mappings - 1)) {
221                                 return WERR_INVALID_PARAM;
222                         }
223
224                         for (j=0; j < schema->num_prefixes; j++) {
225                                 size_t oid_len;
226                                 if (schema->prefixes[j].id != (ctr->mappings[i].id_prefix<<16)) {
227                                         continue;
228                                 }
229
230                                 oid_len = strlen(ctr->mappings[i].oid.oid);
231
232                                 if (oid_len != (schema->prefixes[j].oid_len - 1)) {
233                                         return WERR_DS_DRA_SCHEMA_MISMATCH;
234                                 }
235
236                                 if (strncmp(ctr->mappings[i].oid.oid, schema->prefixes[j].oid, oid_len) != 0) {
237                                         return WERR_DS_DRA_SCHEMA_MISMATCH;                             
238                                 }
239
240                                 break;
241                         }
242
243                         if (j == schema->num_prefixes) {
244                                 return WERR_DS_DRA_SCHEMA_MISMATCH;                             
245                         }
246                 }
247         }
248
249         return WERR_OK;
250 }
251
252 WERROR dsdb_map_oid2int(const struct dsdb_schema *schema, const char *in, uint32_t *out)
253 {
254         uint32_t i;
255
256         for (i=0; i < schema->num_prefixes; i++) {
257                 const char *val_str;
258                 char *end_str;
259                 unsigned val;
260
261                 if (strncmp(schema->prefixes[i].oid, in, schema->prefixes[i].oid_len) != 0) {
262                         continue;
263                 }
264
265                 val_str = in + schema->prefixes[i].oid_len;
266                 end_str = NULL;
267                 errno = 0;
268
269                 if (val_str[0] == '\0') {
270                         return WERR_INVALID_PARAM;
271                 }
272
273                 /* two '.' chars are invalid */
274                 if (val_str[0] == '.') {
275                         return WERR_INVALID_PARAM;
276                 }
277
278                 val = strtoul(val_str, &end_str, 10);
279                 if (end_str[0] == '.' && end_str[1] != '\0') {
280                         /*
281                          * if it's a '.' and not the last char
282                          * then maybe an other mapping apply
283                          */
284                         continue;
285                 } else if (end_str[0] != '\0') {
286                         return WERR_INVALID_PARAM;
287                 } else if (val > 0xFFFF) {
288                         return WERR_INVALID_PARAM;
289                 }
290
291                 *out = schema->prefixes[i].id | val;
292                 return WERR_OK;
293         }
294
295         return WERR_DS_NO_MSDS_INTID;
296 }
297
298 WERROR dsdb_map_int2oid(const struct dsdb_schema *schema, uint32_t in, TALLOC_CTX *mem_ctx, const char **out)
299 {
300         uint32_t i;
301
302         for (i=0; i < schema->num_prefixes; i++) {
303                 const char *val;
304                 if (schema->prefixes[i].id != (in & 0xFFFF0000)) {
305                         continue;
306                 }
307
308                 val = talloc_asprintf(mem_ctx, "%s%u",
309                                       schema->prefixes[i].oid,
310                                       in & 0xFFFF);
311                 W_ERROR_HAVE_NO_MEMORY(val);
312
313                 *out = val;
314                 return WERR_OK;
315         }
316
317         return WERR_DS_NO_MSDS_INTID;
318 }
319
320 #define GET_STRING_LDB(msg, attr, mem_ctx, p, elem, strict) do { \
321         (p)->elem = samdb_result_string(msg, attr, NULL);\
322         if (strict && (p)->elem == NULL) { \
323                 d_printf("%s: %s == NULL\n", __location__, attr); \
324                 return WERR_INVALID_PARAM; \
325         } \
326         talloc_steal(mem_ctx, (p)->elem); \
327 } while (0)
328
329 #define GET_STRING_LIST_LDB(msg, attr, mem_ctx, p, elem, strict) do {   \
330         int get_string_list_counter;                                    \
331         struct ldb_message_element *get_string_list_el = ldb_msg_find_element(msg, attr); \
332         if (get_string_list_el == NULL) {                               \
333                 if (strict) {                                           \
334                         d_printf("%s: %s == NULL\n", __location__, attr); \
335                         return WERR_INVALID_PARAM;                      \
336                 } else {                                                \
337                         (p)->elem = NULL;                               \
338                         break;                                          \
339                 }                                                       \
340         }                                                               \
341         (p)->elem = talloc_array(mem_ctx, const char *, get_string_list_el->num_values + 1); \
342         for (get_string_list_counter=0;                                 \
343              get_string_list_counter < get_string_list_el->num_values;  \
344              get_string_list_counter++) {                               \
345                 (p)->elem[get_string_list_counter] = talloc_strndup((p)->elem, \
346                                                                     (const char *)get_string_list_el->values[get_string_list_counter].data, \
347                                                                     get_string_list_el->values[get_string_list_counter].length); \
348                 if (!(p)->elem[get_string_list_counter]) {              \
349                         d_printf("%s: talloc_strndup failed for %s\n", __location__, attr); \
350                         return WERR_NOMEM;                              \
351                 }                                                       \
352                 (p)->elem[get_string_list_counter+1] = NULL;            \
353         }                                                               \
354         talloc_steal(mem_ctx, (p)->elem);                               \
355 } while (0)
356
357 #define GET_BOOL_LDB(msg, attr, p, elem, strict) do { \
358         const char *str; \
359         str = samdb_result_string(msg, attr, NULL);\
360         if (str == NULL) { \
361                 if (strict) { \
362                         d_printf("%s: %s == NULL\n", __location__, attr); \
363                         return WERR_INVALID_PARAM; \
364                 } else { \
365                         (p)->elem = false; \
366                 } \
367         } else if (strcasecmp("TRUE", str) == 0) { \
368                 (p)->elem = true; \
369         } else if (strcasecmp("FALSE", str) == 0) { \
370                 (p)->elem = false; \
371         } else { \
372                 d_printf("%s: %s == %s\n", __location__, attr, str); \
373                 return WERR_INVALID_PARAM; \
374         } \
375 } while (0)
376
377 #define GET_UINT32_LDB(msg, attr, p, elem) do { \
378         (p)->elem = samdb_result_uint(msg, attr, 0);\
379 } while (0)
380
381 #define GET_GUID_LDB(msg, attr, p, elem) do { \
382         (p)->elem = samdb_result_guid(msg, attr);\
383 } while (0)
384
385 #define GET_BLOB_LDB(msg, attr, mem_ctx, p, elem) do { \
386         const struct ldb_val *_val;\
387         _val = ldb_msg_find_ldb_val(msg, attr);\
388         if (_val) {\
389                 (p)->elem = *_val;\
390                 talloc_steal(mem_ctx, (p)->elem.data);\
391         } else {\
392                 ZERO_STRUCT((p)->elem);\
393         }\
394 } while (0)
395
396 WERROR dsdb_attribute_from_ldb(const struct dsdb_schema *schema,
397                                struct ldb_message *msg,
398                                TALLOC_CTX *mem_ctx,
399                                struct dsdb_attribute *attr)
400 {
401         WERROR status;
402
403         GET_STRING_LDB(msg, "cn", mem_ctx, attr, cn, false);
404         GET_STRING_LDB(msg, "lDAPDisplayName", mem_ctx, attr, lDAPDisplayName, true);
405         GET_STRING_LDB(msg, "attributeID", mem_ctx, attr, attributeID_oid, true);
406         if (schema->num_prefixes == 0) {
407                 /* set an invalid value */
408                 attr->attributeID_id = 0xFFFFFFFF;
409         } else {
410                 status = dsdb_map_oid2int(schema, attr->attributeID_oid, &attr->attributeID_id);
411                 if (!W_ERROR_IS_OK(status)) {
412                         DEBUG(0,("%s: '%s': unable to map attributeID %s: %s\n",
413                                 __location__, attr->lDAPDisplayName, attr->attributeID_oid,
414                                 win_errstr(status)));
415                         return status;
416                 }
417         }
418         GET_GUID_LDB(msg, "schemaIDGUID", attr, schemaIDGUID);
419         GET_UINT32_LDB(msg, "mAPIID", attr, mAPIID);
420
421         GET_GUID_LDB(msg, "attributeSecurityGUID", attr, attributeSecurityGUID);
422
423         GET_UINT32_LDB(msg, "searchFlags", attr, searchFlags);
424         GET_UINT32_LDB(msg, "systemFlags", attr, systemFlags);
425         GET_BOOL_LDB(msg, "isMemberOfPartialAttributeSet", attr, isMemberOfPartialAttributeSet, false);
426         GET_UINT32_LDB(msg, "linkID", attr, linkID);
427
428         GET_STRING_LDB(msg, "attributeSyntax", mem_ctx, attr, attributeSyntax_oid, true);
429         if (schema->num_prefixes == 0) {
430                 /* set an invalid value */
431                 attr->attributeSyntax_id = 0xFFFFFFFF;
432         } else {
433                 status = dsdb_map_oid2int(schema, attr->attributeSyntax_oid, &attr->attributeSyntax_id);
434                 if (!W_ERROR_IS_OK(status)) {
435                         DEBUG(0,("%s: '%s': unable to map attributeSyntax_ %s: %s\n",
436                                 __location__, attr->lDAPDisplayName, attr->attributeSyntax_oid,
437                                 win_errstr(status)));
438                         return status;
439                 }
440         }
441         GET_UINT32_LDB(msg, "oMSyntax", attr, oMSyntax);
442         GET_BLOB_LDB(msg, "oMObjectClass", mem_ctx, attr, oMObjectClass);
443
444         GET_BOOL_LDB(msg, "isSingleValued", attr, isSingleValued, true);
445         GET_UINT32_LDB(msg, "rangeLower", attr, rangeLower);
446         GET_UINT32_LDB(msg, "rangeUpper", attr, rangeUpper);
447         GET_BOOL_LDB(msg, "extendedCharsAllowed", attr, extendedCharsAllowed, false);
448
449         GET_UINT32_LDB(msg, "schemaFlagsEx", attr, schemaFlagsEx);
450         GET_BLOB_LDB(msg, "msDs-Schema-Extensions", mem_ctx, attr, msDs_Schema_Extensions);
451
452         GET_BOOL_LDB(msg, "showInAdvancedViewOnly", attr, showInAdvancedViewOnly, false);
453         GET_STRING_LDB(msg, "adminDisplayName", mem_ctx, attr, adminDisplayName, false);
454         GET_STRING_LDB(msg, "adminDescription", mem_ctx, attr, adminDescription, false);
455         GET_STRING_LDB(msg, "classDisplayName", mem_ctx, attr, classDisplayName, false);
456         GET_BOOL_LDB(msg, "isEphemeral", attr, isEphemeral, false);
457         GET_BOOL_LDB(msg, "isDefunct", attr, isDefunct, false);
458         GET_BOOL_LDB(msg, "systemOnly", attr, systemOnly, false);
459
460         attr->syntax = dsdb_syntax_for_attribute(attr);
461         if (!attr->syntax) {
462                 return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
463         }
464
465         return WERR_OK;
466 }
467
468 WERROR dsdb_class_from_ldb(const struct dsdb_schema *schema,
469                            struct ldb_message *msg,
470                            TALLOC_CTX *mem_ctx,
471                            struct dsdb_class *obj)
472 {
473         WERROR status;
474
475         GET_STRING_LDB(msg, "cn", mem_ctx, obj, cn, false);
476         GET_STRING_LDB(msg, "lDAPDisplayName", mem_ctx, obj, lDAPDisplayName, true);
477         GET_STRING_LDB(msg, "governsID", mem_ctx, obj, governsID_oid, true);
478         if (schema->num_prefixes == 0) {
479                 /* set an invalid value */
480                 obj->governsID_id = 0xFFFFFFFF;
481         } else {
482                 status = dsdb_map_oid2int(schema, obj->governsID_oid, &obj->governsID_id);
483                 if (!W_ERROR_IS_OK(status)) {
484                         DEBUG(0,("%s: '%s': unable to map governsID %s: %s\n",
485                                 __location__, obj->lDAPDisplayName, obj->governsID_oid,
486                                 win_errstr(status)));
487                         return status;
488                 }
489         }
490         GET_GUID_LDB(msg, "schemaIDGUID", obj, schemaIDGUID);
491
492         GET_UINT32_LDB(msg, "objectClassCategory", obj, objectClassCategory);
493         GET_STRING_LDB(msg, "rDNAttID", mem_ctx, obj, rDNAttID, false);
494         GET_STRING_LDB(msg, "defaultObjectCategory", mem_ctx, obj, defaultObjectCategory, true);
495  
496         GET_STRING_LDB(msg, "subClassOf", mem_ctx, obj, subClassOf, true);
497
498         obj->systemAuxiliaryClass       = NULL;
499
500         obj->auxiliaryClass             = NULL;
501
502         GET_STRING_LIST_LDB(msg, "systemMustContain", mem_ctx, obj, systemMustContain, false);
503         GET_STRING_LIST_LDB(msg, "systemMayContain", mem_ctx, obj, systemMayContain, false);
504         GET_STRING_LIST_LDB(msg, "mustContain", mem_ctx, obj, mustContain, false);
505         GET_STRING_LIST_LDB(msg, "mayContain", mem_ctx, obj, mayContain, false);
506
507         GET_STRING_LIST_LDB(msg, "systemPossSuperiors", mem_ctx, obj, systemPossSuperiors, false);
508         GET_STRING_LIST_LDB(msg, "possSuperiors", mem_ctx, obj, possSuperiors, false);
509         GET_STRING_LIST_LDB(msg, "possibleInferiors", mem_ctx, obj, possibleInferiors, false);
510
511         GET_STRING_LDB(msg, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false);
512
513         GET_UINT32_LDB(msg, "schemaFlagsEx", obj, schemaFlagsEx);
514         GET_BLOB_LDB(msg, "msDs-Schema-Extensions", mem_ctx, obj, msDs_Schema_Extensions);
515
516         GET_BOOL_LDB(msg, "showInAdvancedViewOnly", obj, showInAdvancedViewOnly, false);
517         GET_STRING_LDB(msg, "adminDisplayName", mem_ctx, obj, adminDisplayName, false);
518         GET_STRING_LDB(msg, "adminDescription", mem_ctx, obj, adminDescription, false);
519         GET_STRING_LDB(msg, "classDisplayName", mem_ctx, obj, classDisplayName, false);
520         GET_BOOL_LDB(msg, "defaultHidingValue", obj, defaultHidingValue, false);
521         GET_BOOL_LDB(msg, "isDefunct", obj, isDefunct, false);
522         GET_BOOL_LDB(msg, "systemOnly", obj, systemOnly, false);
523
524         return WERR_OK;
525 }
526
527 static const struct {
528         const char *name;
529         const char *oid;
530 } name_mappings[] = {
531         { "cn",                                 "2.5.4.3" },
532         { "name",                               "1.2.840.113556.1.4.1" },
533         { "lDAPDisplayName",                    "1.2.840.113556.1.2.460" },
534         { "attributeID",                        "1.2.840.113556.1.2.30" },
535         { "schemaIDGUID",                       "1.2.840.113556.1.4.148" },
536         { "mAPIID",                             "1.2.840.113556.1.2.49" },
537         { "attributeSecurityGUID",              "1.2.840.113556.1.4.149" },
538         { "searchFlags",                        "1.2.840.113556.1.2.334" },
539         { "systemFlags",                        "1.2.840.113556.1.4.375" },
540         { "isMemberOfPartialAttributeSet",      "1.2.840.113556.1.4.639" },
541         { "linkID",                             "1.2.840.113556.1.2.50" },
542         { "attributeSyntax",                    "1.2.840.113556.1.2.32" },
543         { "oMSyntax",                           "1.2.840.113556.1.2.231" },
544         { "oMObjectClass",                      "1.2.840.113556.1.2.218" },
545         { "isSingleValued",                     "1.2.840.113556.1.2.33" },
546         { "rangeLower",                         "1.2.840.113556.1.2.34" },
547         { "rangeUpper",                         "1.2.840.113556.1.2.35" },
548         { "extendedCharsAllowed",               "1.2.840.113556.1.2.380" },
549         { "schemaFlagsEx",                      "1.2.840.113556.1.4.120" },
550         { "msDs-Schema-Extensions",             "1.2.840.113556.1.4.1440" },
551         { "showInAdvancedViewOnly",             "1.2.840.113556.1.2.169" },
552         { "adminDisplayName",                   "1.2.840.113556.1.2.194" },
553         { "adminDescription",                   "1.2.840.113556.1.2.226" },
554         { "classDisplayName",                   "1.2.840.113556.1.4.610" },
555         { "isEphemeral",                        "1.2.840.113556.1.4.1212" },
556         { "isDefunct",                          "1.2.840.113556.1.4.661" },
557         { "systemOnly",                         "1.2.840.113556.1.4.170" },
558         { "governsID",                          "1.2.840.113556.1.2.22" },
559         { "objectClassCategory",                "1.2.840.113556.1.2.370" },
560         { "rDNAttID",                           "1.2.840.113556.1.2.26" },
561         { "defaultObjectCategory",              "1.2.840.113556.1.4.783" },
562         { "subClassOf",                         "1.2.840.113556.1.2.21" },
563         { "systemAuxiliaryClass",               "1.2.840.113556.1.4.198" },
564         { "systemPossSuperiors",                "1.2.840.113556.1.4.195" },
565         { "systemMustContain",                  "1.2.840.113556.1.4.197" },
566         { "systemMayContain",                   "1.2.840.113556.1.4.196" },
567         { "auxiliaryClass",                     "1.2.840.113556.1.2.351" },
568         { "possSuperiors",                      "1.2.840.113556.1.2.8" },
569         { "mustContain",                        "1.2.840.113556.1.2.24" },
570         { "mayContain",                         "1.2.840.113556.1.2.25" },
571         { "defaultSecurityDescriptor",          "1.2.840.113556.1.4.224" },
572         { "defaultHidingValue",                 "1.2.840.113556.1.4.518" },
573 };
574
575 static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb_schema *schema,
576                                                                      struct drsuapi_DsReplicaObject *obj,
577                                                                      const char *name,
578                                                                      uint32_t *idx)
579 {
580         WERROR status;
581         uint32_t i, id;
582         const char *oid = NULL;
583
584         for(i=0; i < ARRAY_SIZE(name_mappings); i++) {
585                 if (strcmp(name_mappings[i].name, name) != 0) continue;
586
587                 oid = name_mappings[i].oid;
588                 break;
589         }
590
591         if (!oid) {
592                 return NULL;
593         }
594
595         status = dsdb_map_oid2int(schema, oid, &id);
596         if (!W_ERROR_IS_OK(status)) {
597                 return NULL;
598         }
599
600         for (i=0; i < obj->attribute_ctr.num_attributes; i++) {
601                 if (obj->attribute_ctr.attributes[i].attid != id) continue;
602
603                 if (idx) *idx = i;
604                 return &obj->attribute_ctr.attributes[i];
605         }
606
607         return NULL;
608 }
609
610 #define GET_STRING_DS(s, r, attr, mem_ctx, p, elem, strict) do { \
611         struct drsuapi_DsReplicaAttribute *_a; \
612         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
613         if (strict && !_a) { \
614                 d_printf("%s: %s == NULL\n", __location__, attr); \
615                 return WERR_INVALID_PARAM; \
616         } \
617         if (strict && _a->value_ctr.num_values != 1) { \
618                 d_printf("%s: %s num_values == %u\n", __location__, attr, \
619                         _a->value_ctr.num_values); \
620                 return WERR_INVALID_PARAM; \
621         } \
622         if (_a && _a->value_ctr.num_values >= 1) { \
623                 ssize_t _ret; \
624                 _ret = convert_string_talloc(mem_ctx, lp_iconv_convenience(global_loadparm), CH_UTF16, CH_UNIX, \
625                                              _a->value_ctr.values[0].blob->data, \
626                                              _a->value_ctr.values[0].blob->length, \
627                                              (void **)discard_const(&(p)->elem)); \
628                 if (_ret == -1) { \
629                         DEBUG(0,("%s: invalid data!\n", attr)); \
630                         dump_data(0, \
631                                      _a->value_ctr.values[0].blob->data, \
632                                      _a->value_ctr.values[0].blob->length); \
633                         return WERR_FOOBAR; \
634                 } \
635         } else { \
636                 (p)->elem = NULL; \
637         } \
638 } while (0)
639
640 #define GET_DN_DS(s, r, attr, mem_ctx, p, elem, strict) do { \
641         struct drsuapi_DsReplicaAttribute *_a; \
642         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
643         if (strict && !_a) { \
644                 d_printf("%s: %s == NULL\n", __location__, attr); \
645                 return WERR_INVALID_PARAM; \
646         } \
647         if (strict && _a->value_ctr.num_values != 1) { \
648                 d_printf("%s: %s num_values == %u\n", __location__, attr, \
649                         _a->value_ctr.num_values); \
650                 return WERR_INVALID_PARAM; \
651         } \
652         if (strict && !_a->value_ctr.values[0].blob) { \
653                 d_printf("%s: %s data == NULL\n", __location__, attr); \
654                 return WERR_INVALID_PARAM; \
655         } \
656         if (_a && _a->value_ctr.num_values >= 1 \
657             && _a->value_ctr.values[0].blob) { \
658                 struct drsuapi_DsReplicaObjectIdentifier3 _id3; \
659                 enum ndr_err_code _ndr_err; \
660                 _ndr_err = ndr_pull_struct_blob_all(_a->value_ctr.values[0].blob, \
661                                                       mem_ctx, lp_iconv_convenience(global_loadparm), &_id3,\
662                                                       (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3);\
663                 if (!NDR_ERR_CODE_IS_SUCCESS(_ndr_err)) { \
664                         NTSTATUS _nt_status = ndr_map_error2ntstatus(_ndr_err); \
665                         return ntstatus_to_werror(_nt_status); \
666                 } \
667                 (p)->elem = _id3.dn; \
668         } else { \
669                 (p)->elem = NULL; \
670         } \
671 } while (0)
672
673 #define GET_BOOL_DS(s, r, attr, p, elem, strict) do { \
674         struct drsuapi_DsReplicaAttribute *_a; \
675         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
676         if (strict && !_a) { \
677                 d_printf("%s: %s == NULL\n", __location__, attr); \
678                 return WERR_INVALID_PARAM; \
679         } \
680         if (strict && _a->value_ctr.num_values != 1) { \
681                 d_printf("%s: %s num_values == %u\n", __location__, attr, \
682                          (unsigned int)_a->value_ctr.num_values);       \
683                 return WERR_INVALID_PARAM; \
684         } \
685         if (strict && !_a->value_ctr.values[0].blob) { \
686                 d_printf("%s: %s data == NULL\n", __location__, attr); \
687                 return WERR_INVALID_PARAM; \
688         } \
689         if (strict && _a->value_ctr.values[0].blob->length != 4) { \
690                 d_printf("%s: %s length == %u\n", __location__, attr, \
691                          (unsigned int)_a->value_ctr.values[0].blob->length); \
692                 return WERR_INVALID_PARAM; \
693         } \
694         if (_a && _a->value_ctr.num_values >= 1 \
695             && _a->value_ctr.values[0].blob \
696             && _a->value_ctr.values[0].blob->length == 4) { \
697                 (p)->elem = (IVAL(_a->value_ctr.values[0].blob->data,0)?true:false);\
698         } else { \
699                 (p)->elem = false; \
700         } \
701 } while (0)
702
703 #define GET_UINT32_DS(s, r, attr, p, elem) do { \
704         struct drsuapi_DsReplicaAttribute *_a; \
705         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
706         if (_a && _a->value_ctr.num_values >= 1 \
707             && _a->value_ctr.values[0].blob \
708             && _a->value_ctr.values[0].blob->length == 4) { \
709                 (p)->elem = IVAL(_a->value_ctr.values[0].blob->data,0);\
710         } else { \
711                 (p)->elem = 0; \
712         } \
713 } while (0)
714
715 #define GET_GUID_DS(s, r, attr, mem_ctx, p, elem) do { \
716         struct drsuapi_DsReplicaAttribute *_a; \
717         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
718         if (_a && _a->value_ctr.num_values >= 1 \
719             && _a->value_ctr.values[0].blob \
720             && _a->value_ctr.values[0].blob->length == 16) { \
721                 enum ndr_err_code _ndr_err; \
722                 _ndr_err = ndr_pull_struct_blob_all(_a->value_ctr.values[0].blob, \
723                                                       mem_ctx, lp_iconv_convenience(global_loadparm), &(p)->elem, \
724                                                       (ndr_pull_flags_fn_t)ndr_pull_GUID); \
725                 if (!NDR_ERR_CODE_IS_SUCCESS(_ndr_err)) { \
726                         NTSTATUS _nt_status = ndr_map_error2ntstatus(_ndr_err); \
727                         return ntstatus_to_werror(_nt_status); \
728                 } \
729         } else { \
730                 ZERO_STRUCT((p)->elem);\
731         } \
732 } while (0)
733
734 #define GET_BLOB_DS(s, r, attr, mem_ctx, p, elem) do { \
735         struct drsuapi_DsReplicaAttribute *_a; \
736         _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
737         if (_a && _a->value_ctr.num_values >= 1 \
738             && _a->value_ctr.values[0].blob) { \
739                 (p)->elem = *_a->value_ctr.values[0].blob;\
740                 talloc_steal(mem_ctx, (p)->elem.data); \
741         } else { \
742                 ZERO_STRUCT((p)->elem);\
743         }\
744 } while (0)
745
746 WERROR dsdb_attribute_from_drsuapi(struct dsdb_schema *schema,
747                                    struct drsuapi_DsReplicaObject *r,
748                                    TALLOC_CTX *mem_ctx,
749                                    struct dsdb_attribute *attr)
750 {
751         WERROR status;
752
753         GET_STRING_DS(schema, r, "name", mem_ctx, attr, cn, true);
754         GET_STRING_DS(schema, r, "lDAPDisplayName", mem_ctx, attr, lDAPDisplayName, true);
755         GET_UINT32_DS(schema, r, "attributeID", attr, attributeID_id);
756         status = dsdb_map_int2oid(schema, attr->attributeID_id, mem_ctx, &attr->attributeID_oid);
757         if (!W_ERROR_IS_OK(status)) {
758                 DEBUG(0,("%s: '%s': unable to map attributeID 0x%08X: %s\n",
759                         __location__, attr->lDAPDisplayName, attr->attributeID_id,
760                         win_errstr(status)));
761                 return status;
762         }
763         GET_GUID_DS(schema, r, "schemaIDGUID", mem_ctx, attr, schemaIDGUID);
764         GET_UINT32_DS(schema, r, "mAPIID", attr, mAPIID);
765
766         GET_GUID_DS(schema, r, "attributeSecurityGUID", mem_ctx, attr, attributeSecurityGUID);
767
768         GET_UINT32_DS(schema, r, "searchFlags", attr, searchFlags);
769         GET_UINT32_DS(schema, r, "systemFlags", attr, systemFlags);
770         GET_BOOL_DS(schema, r, "isMemberOfPartialAttributeSet", attr, isMemberOfPartialAttributeSet, false);
771         GET_UINT32_DS(schema, r, "linkID", attr, linkID);
772
773         GET_UINT32_DS(schema, r, "attributeSyntax", attr, attributeSyntax_id);
774         status = dsdb_map_int2oid(schema, attr->attributeSyntax_id, mem_ctx, &attr->attributeSyntax_oid);
775         if (!W_ERROR_IS_OK(status)) {
776                 DEBUG(0,("%s: '%s': unable to map attributeSyntax 0x%08X: %s\n",
777                         __location__, attr->lDAPDisplayName, attr->attributeSyntax_id,
778                         win_errstr(status)));
779                 return status;
780         }
781         GET_UINT32_DS(schema, r, "oMSyntax", attr, oMSyntax);
782         GET_BLOB_DS(schema, r, "oMObjectClass", mem_ctx, attr, oMObjectClass);
783
784         GET_BOOL_DS(schema, r, "isSingleValued", attr, isSingleValued, true);
785         GET_UINT32_DS(schema, r, "rangeLower", attr, rangeLower);
786         GET_UINT32_DS(schema, r, "rangeUpper", attr, rangeUpper);
787         GET_BOOL_DS(schema, r, "extendedCharsAllowed", attr, extendedCharsAllowed, false);
788
789         GET_UINT32_DS(schema, r, "schemaFlagsEx", attr, schemaFlagsEx);
790         GET_BLOB_DS(schema, r, "msDs-Schema-Extensions", mem_ctx, attr, msDs_Schema_Extensions);
791
792         GET_BOOL_DS(schema, r, "showInAdvancedViewOnly", attr, showInAdvancedViewOnly, false);
793         GET_STRING_DS(schema, r, "adminDisplayName", mem_ctx, attr, adminDisplayName, false);
794         GET_STRING_DS(schema, r, "adminDescription", mem_ctx, attr, adminDescription, false);
795         GET_STRING_DS(schema, r, "classDisplayName", mem_ctx, attr, classDisplayName, false);
796         GET_BOOL_DS(schema, r, "isEphemeral", attr, isEphemeral, false);
797         GET_BOOL_DS(schema, r, "isDefunct", attr, isDefunct, false);
798         GET_BOOL_DS(schema, r, "systemOnly", attr, systemOnly, false);
799
800         attr->syntax = dsdb_syntax_for_attribute(attr);
801         if (!attr->syntax) {
802                 return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
803         }
804
805         return WERR_OK;
806 }
807
808 WERROR dsdb_class_from_drsuapi(struct dsdb_schema *schema,
809                                struct drsuapi_DsReplicaObject *r,
810                                TALLOC_CTX *mem_ctx,
811                                struct dsdb_class *obj)
812 {
813         WERROR status;
814
815         GET_STRING_DS(schema, r, "name", mem_ctx, obj, cn, true);
816         GET_STRING_DS(schema, r, "lDAPDisplayName", mem_ctx, obj, lDAPDisplayName, true);
817         GET_UINT32_DS(schema, r, "governsID", obj, governsID_id);
818         status = dsdb_map_int2oid(schema, obj->governsID_id, mem_ctx, &obj->governsID_oid);
819         if (!W_ERROR_IS_OK(status)) {
820                 DEBUG(0,("%s: '%s': unable to map governsID 0x%08X: %s\n",
821                         __location__, obj->lDAPDisplayName, obj->governsID_id,
822                         win_errstr(status)));
823                 return status;
824         }
825         GET_GUID_DS(schema, r, "schemaIDGUID", mem_ctx, obj, schemaIDGUID);
826
827         GET_UINT32_DS(schema, r, "objectClassCategory", obj, objectClassCategory);
828         GET_STRING_DS(schema, r, "rDNAttID", mem_ctx, obj, rDNAttID, false);
829         GET_DN_DS(schema, r, "defaultObjectCategory", mem_ctx, obj, defaultObjectCategory, true);
830
831         GET_STRING_DS(schema, r, "subClassOf", mem_ctx, obj, subClassOf, true);
832
833         obj->systemAuxiliaryClass       = NULL;
834         obj->systemPossSuperiors        = NULL;
835         obj->systemMustContain          = NULL;
836         obj->systemMayContain           = NULL;
837
838         obj->auxiliaryClass             = NULL;
839         obj->possSuperiors              = NULL;
840         obj->mustContain                = NULL;
841         obj->mayContain                 = NULL;
842
843         obj->possibleInferiors          = NULL;
844
845         GET_STRING_DS(schema, r, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false);
846
847         GET_UINT32_DS(schema, r, "schemaFlagsEx", obj, schemaFlagsEx);
848         GET_BLOB_DS(schema, r, "msDs-Schema-Extensions", mem_ctx, obj, msDs_Schema_Extensions);
849
850         GET_BOOL_DS(schema, r, "showInAdvancedViewOnly", obj, showInAdvancedViewOnly, false);
851         GET_STRING_DS(schema, r, "adminDisplayName", mem_ctx, obj, adminDisplayName, false);
852         GET_STRING_DS(schema, r, "adminDescription", mem_ctx, obj, adminDescription, false);
853         GET_STRING_DS(schema, r, "classDisplayName", mem_ctx, obj, classDisplayName, false);
854         GET_BOOL_DS(schema, r, "defaultHidingValue", obj, defaultHidingValue, false);
855         GET_BOOL_DS(schema, r, "isDefunct", obj, isDefunct, false);
856         GET_BOOL_DS(schema, r, "systemOnly", obj, systemOnly, false);
857
858         return WERR_OK;
859 }
860
861 const struct dsdb_attribute *dsdb_attribute_by_attributeID_id(const struct dsdb_schema *schema,
862                                                               uint32_t id)
863 {
864         struct dsdb_attribute *cur;
865
866         /*
867          * 0xFFFFFFFF is used as value when no mapping table is available,
868          * so don't try to match with it
869          */
870         if (id == 0xFFFFFFFF) return NULL;
871
872         /* TODO: add binary search */
873         for (cur = schema->attributes; cur; cur = cur->next) {
874                 if (cur->attributeID_id != id) continue;
875
876                 return cur;
877         }
878
879         return NULL;
880 }
881
882 const struct dsdb_attribute *dsdb_attribute_by_attributeID_oid(const struct dsdb_schema *schema,
883                                                                const char *oid)
884 {
885         struct dsdb_attribute *cur;
886
887         if (!oid) return NULL;
888
889         /* TODO: add binary search */
890         for (cur = schema->attributes; cur; cur = cur->next) {
891                 if (strcmp(cur->attributeID_oid, oid) != 0) continue;
892
893                 return cur;
894         }
895
896         return NULL;
897 }
898
899 const struct dsdb_attribute *dsdb_attribute_by_lDAPDisplayName(const struct dsdb_schema *schema,
900                                                                const char *name)
901 {
902         struct dsdb_attribute *cur;
903
904         if (!name) return NULL;
905
906         /* TODO: add binary search */
907         for (cur = schema->attributes; cur; cur = cur->next) {
908                 if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
909
910                 return cur;
911         }
912
913         return NULL;
914 }
915
916 const struct dsdb_attribute *dsdb_attribute_by_linkID(const struct dsdb_schema *schema,
917                                                       int linkID)
918 {
919         struct dsdb_attribute *cur;
920
921         /* TODO: add binary search */
922         for (cur = schema->attributes; cur; cur = cur->next) {
923                 if (cur->linkID != linkID) continue;
924
925                 return cur;
926         }
927
928         return NULL;
929 }
930
931 const struct dsdb_class *dsdb_class_by_governsID_id(const struct dsdb_schema *schema,
932                                                     uint32_t id)
933 {
934         struct dsdb_class *cur;
935
936         /*
937          * 0xFFFFFFFF is used as value when no mapping table is available,
938          * so don't try to match with it
939          */
940         if (id == 0xFFFFFFFF) return NULL;
941
942         /* TODO: add binary search */
943         for (cur = schema->classes; cur; cur = cur->next) {
944                 if (cur->governsID_id != id) continue;
945
946                 return cur;
947         }
948
949         return NULL;
950 }
951
952 const struct dsdb_class *dsdb_class_by_governsID_oid(const struct dsdb_schema *schema,
953                                                      const char *oid)
954 {
955         struct dsdb_class *cur;
956
957         if (!oid) return NULL;
958
959         /* TODO: add binary search */
960         for (cur = schema->classes; cur; cur = cur->next) {
961                 if (strcmp(cur->governsID_oid, oid) != 0) continue;
962
963                 return cur;
964         }
965
966         return NULL;
967 }
968
969 const struct dsdb_class *dsdb_class_by_lDAPDisplayName(const struct dsdb_schema *schema,
970                                                        const char *name)
971 {
972         struct dsdb_class *cur;
973
974         if (!name) return NULL;
975
976         /* TODO: add binary search */
977         for (cur = schema->classes; cur; cur = cur->next) {
978                 if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
979
980                 return cur;
981         }
982
983         return NULL;
984 }
985
986 const struct dsdb_class *dsdb_class_by_cn(const struct dsdb_schema *schema,
987                                           const char *cn)
988 {
989         struct dsdb_class *cur;
990
991         if (!cn) return NULL;
992
993         /* TODO: add binary search */
994         for (cur = schema->classes; cur; cur = cur->next) {
995                 if (strcasecmp(cur->cn, cn) != 0) continue;
996
997                 return cur;
998         }
999
1000         return NULL;
1001 }
1002
1003 const char *dsdb_lDAPDisplayName_by_id(const struct dsdb_schema *schema,
1004                                        uint32_t id)
1005 {
1006         const struct dsdb_attribute *a;
1007         const struct dsdb_class *c;
1008
1009         /* TODO: add binary search */
1010         a = dsdb_attribute_by_attributeID_id(schema, id);
1011         if (a) {
1012                 return a->lDAPDisplayName;
1013         }
1014
1015         c = dsdb_class_by_governsID_id(schema, id);
1016         if (c) {
1017                 return c->lDAPDisplayName;
1018         }
1019
1020         return NULL;
1021 }
1022
1023 WERROR dsdb_linked_attribute_lDAPDisplayName_list(const struct dsdb_schema *schema, TALLOC_CTX *mem_ctx, const char ***attr_list_ret)
1024 {
1025         const char **attr_list = NULL;
1026         struct dsdb_attribute *cur;
1027         int i = 0;
1028         for (cur = schema->attributes; cur; cur = cur->next) {
1029                 if (cur->linkID == 0) continue;
1030                 
1031                 attr_list = talloc_realloc(mem_ctx, attr_list, const char *, i+2);
1032                 if (!attr_list) {
1033                         return WERR_NOMEM;
1034                 }
1035                 attr_list[i] = cur->lDAPDisplayName;
1036                 i++;
1037         }
1038         attr_list[i] = NULL;
1039         *attr_list_ret = attr_list;
1040         return WERR_OK;
1041 }
1042
1043 /**
1044  * Attach the schema to an opaque pointer on the ldb, so ldb modules
1045  * can find it 
1046  */
1047
1048 int dsdb_set_schema(struct ldb_context *ldb, struct dsdb_schema *schema)
1049 {
1050         int ret;
1051
1052         ret = ldb_set_opaque(ldb, "dsdb_schema", schema);
1053         if (ret != LDB_SUCCESS) {
1054                 return ret;
1055         }
1056
1057         talloc_steal(ldb, schema);
1058
1059         return LDB_SUCCESS;
1060 }
1061
1062 /**
1063  * Global variable to hold one copy of the schema, used to avoid memory bloat
1064  */
1065 static struct dsdb_schema *global_schema;
1066
1067 /**
1068  * Make this ldb use the 'global' schema, setup to avoid having multiple copies in this process
1069  */
1070 int dsdb_set_global_schema(struct ldb_context *ldb)
1071 {
1072         int ret;
1073         if (!global_schema) {
1074                 return LDB_SUCCESS;
1075         }
1076         ret = ldb_set_opaque(ldb, "dsdb_schema", global_schema);
1077         if (ret != LDB_SUCCESS) {
1078                 return ret;
1079         }
1080
1081         return LDB_SUCCESS;
1082 }
1083
1084 /**
1085  * Find the schema object for this ldb
1086  */
1087
1088 struct dsdb_schema *dsdb_get_schema(struct ldb_context *ldb)
1089 {
1090         const void *p;
1091         struct dsdb_schema *schema;
1092
1093         /* see if we have a cached copy */
1094         p = ldb_get_opaque(ldb, "dsdb_schema");
1095         if (!p) {
1096                 return NULL;
1097         }
1098
1099         schema = talloc_get_type(p, struct dsdb_schema);
1100         if (!schema) {
1101                 return NULL;
1102         }
1103
1104         return schema;
1105 }
1106
1107 /**
1108  * Make the schema found on this ldb the 'global' schema
1109  */
1110
1111 void dsdb_make_schema_global(struct ldb_context *ldb)
1112 {
1113         struct dsdb_schema *schema = dsdb_get_schema(ldb);
1114         if (!schema) {
1115                 return;
1116         }
1117
1118         talloc_steal(talloc_autofree_context(), schema);
1119         global_schema = schema;
1120
1121         dsdb_set_global_schema(ldb);
1122 }
1123
1124
1125 /**
1126  * Rather than read a schema from the LDB itself, read it from an ldif
1127  * file.  This allows schema to be loaded and used while adding the
1128  * schema itself to the directory.
1129  */
1130
1131 WERROR dsdb_attach_schema_from_ldif_file(struct ldb_context *ldb, const char *pf, const char *df)
1132 {
1133         struct ldb_ldif *ldif;
1134         struct ldb_message *msg;
1135         TALLOC_CTX *mem_ctx;
1136         WERROR status;
1137         int ret;
1138         struct dsdb_schema *schema;
1139         const struct ldb_val *prefix_val;
1140         const struct ldb_val *info_val;
1141         struct ldb_val info_val_default;
1142
1143         mem_ctx = talloc_new(ldb);
1144         if (!mem_ctx) {
1145                 goto nomem;
1146         }
1147
1148         schema = talloc_zero(mem_ctx, struct dsdb_schema);
1149         if (!schema) {
1150                 goto nomem;
1151         }
1152
1153         /*
1154          * load the prefixMap attribute from pf
1155          */
1156         ldif = ldb_ldif_read_string(ldb, &pf);
1157         if (!ldif) {
1158                 status = WERR_INVALID_PARAM;
1159                 goto failed;
1160         }
1161         talloc_steal(mem_ctx, ldif);
1162
1163         msg = ldb_msg_canonicalize(ldb, ldif->msg);
1164         if (!msg) {
1165                 goto nomem;
1166         }
1167
1168         prefix_val = ldb_msg_find_ldb_val(msg, "prefixMap");
1169         if (!prefix_val) {
1170                 status = WERR_INVALID_PARAM;
1171                 goto failed;
1172         }
1173
1174         info_val = ldb_msg_find_ldb_val(msg, "schemaInfo");
1175         if (!info_val) {
1176                 info_val_default = strhex_to_data_blob("FF0000000000000000000000000000000000000000");
1177                 if (!info_val_default.data) {
1178                         goto nomem;
1179                 }
1180                 talloc_steal(mem_ctx, info_val_default.data);
1181                 info_val = &info_val_default;
1182         }
1183
1184         status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
1185         if (!W_ERROR_IS_OK(status)) {
1186                 goto failed;
1187         }
1188
1189         /*
1190          * load the attribute and class definitions outof df
1191          */
1192         while ((ldif = ldb_ldif_read_string(ldb, &df))) {
1193                 bool is_sa;
1194                 bool is_sc;
1195
1196                 talloc_steal(mem_ctx, ldif);
1197
1198                 msg = ldb_msg_canonicalize(ldb, ldif->msg);
1199                 if (!msg) {
1200                         goto nomem;
1201                 }
1202
1203                 is_sa = ldb_msg_check_string_attribute(msg, "objectClass", "attributeSchema");
1204                 is_sc = ldb_msg_check_string_attribute(msg, "objectClass", "classSchema");
1205
1206                 if (is_sa) {
1207                         struct dsdb_attribute *sa;
1208
1209                         sa = talloc_zero(schema, struct dsdb_attribute);
1210                         if (!sa) {
1211                                 goto nomem;
1212                         }
1213
1214                         status = dsdb_attribute_from_ldb(schema, msg, sa, sa);
1215                         if (!W_ERROR_IS_OK(status)) {
1216                                 goto failed;
1217                         }
1218
1219                         DLIST_ADD_END(schema->attributes, sa, struct dsdb_attribute *);
1220                 } else if (is_sc) {
1221                         struct dsdb_class *sc;
1222
1223                         sc = talloc_zero(schema, struct dsdb_class);
1224                         if (!sc) {
1225                                 goto nomem;
1226                         }
1227
1228                         status = dsdb_class_from_ldb(schema, msg, sc, sc);
1229                         if (!W_ERROR_IS_OK(status)) {
1230                                 goto failed;
1231                         }
1232
1233                         DLIST_ADD_END(schema->classes, sc, struct dsdb_class *);
1234                 }
1235         }
1236
1237         ret = dsdb_set_schema(ldb, schema);
1238         if (ret != LDB_SUCCESS) {
1239                 status = WERR_FOOBAR;
1240                 goto failed;
1241         }
1242
1243         goto done;
1244
1245 nomem:
1246         status = WERR_NOMEM;
1247 failed:
1248 done:
1249         talloc_free(mem_ctx);
1250         return status;
1251 }