Fix more valgrind issues.

[samba.git] / source4 / ldap_server / ldap_backend.c

diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index ae0fd207b520708cfaaeef1559c16da00b1a9da6..9b43d7bd742ca757cc76089d1ab5c214b2bb60fe 100644 (file)
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -23,7 +23,7 @@
 #include "libcli/ldap/ldap.h"
 #include "lib/ldb/include/ldb.h"
 #include "lib/ldb/include/ldb_errors.h"
-#include "lib/db_wrap.h"
+#include "lib/ldb_wrap.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
 #include "param/param.h"
@@ -55,7 +55,10 @@ static int map_ldb_error(struct ldb_context *ldb, int err, const char **errstrin
 */
 NTSTATUS ldapsrv_backend_Init(struct ldapsrv_connection *conn) 
 {
-       conn->ldb = ldb_wrap_connect(conn, lp_sam_url(global_loadparm), conn->session_info,
+       conn->ldb = ldb_wrap_connect(conn, 
+                                    conn->lp_ctx,
+                                    lp_sam_url(conn->lp_ctx), 
+                                    conn->session_info,
                                     NULL, conn->global_catalog ? LDB_FLG_RDONLY : 0, NULL);
        if (conn->ldb == NULL) {
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
@@ -213,9 +216,6 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
        lreq = talloc(local_ctx, struct ldb_request);
        NT_STATUS_HAVE_NO_MEMORY(lreq);
 
-       res = talloc_zero(local_ctx, struct ldb_result);
-       NT_STATUS_HAVE_NO_MEMORY(res);
-       
        lreq->operation = LDB_SEARCH;
        lreq->op.search.base = basedn;
        lreq->op.search.scope = scope;
@@ -239,6 +239,9 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
                }
        }
 
+       res = talloc_zero(lreq, struct ldb_result);
+       NT_STATUS_HAVE_NO_MEMORY(res);
+       
        lreq->context = res;
        lreq->callback = ldb_search_default_callback;
 
@@ -258,6 +261,11 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
                        ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry);
                        NT_STATUS_HAVE_NO_MEMORY(ent_r);
 
+                       /* Better to have the whole message kept here,
+                        * than to find someone further up didn't put
+                        * a value in the right spot in the talloc tree */
+                       talloc_steal(ent_r, res->msgs[i]);
+                       
                        ent = &ent_r->msg->r.SearchResultEntry;
                        ent->dn = ldb_dn_alloc_linearized(ent_r, res->msgs[i]->dn);
                        ent->num_attributes = 0;
@@ -298,10 +306,6 @@ reply:
                        DEBUG(10,("SearchRequest: results: [%d]\n", res->count));
                        result = LDAP_SUCCESS;
                        errstr = NULL;
-               } else if (res->count == 0) {
-                       DEBUG(10,("SearchRequest: no results\n"));
-                       result = LDAP_NO_SUCH_OBJECT;
-                       errstr = ldb_errstring(samdb);
                }
                if (res->controls) {
                        done_r->msg->controls = res->controls;
@@ -722,6 +726,18 @@ static NTSTATUS ldapsrv_AbandonRequest(struct ldapsrv_call *call)
 
 NTSTATUS ldapsrv_do_call(struct ldapsrv_call *call)
 {
+       int i;
+       struct ldap_message *msg = call->request;
+       /* Check for undecoded critical extensions */
+       for (i=0; msg->controls && msg->controls[i]; i++) {
+               if (!msg->controls_decoded[i] && 
+                   msg->controls[i]->critical) {
+                       DEBUG(3, ("ldapsrv_do_call: Critical extension %s is not known to this server\n",
+                                 msg->controls[i]->oid));
+                       return ldapsrv_unwilling(call, LDAP_UNAVAILABLE_CRITICAL_EXTENSION);
+               }
+       }
+
        switch(call->request->type) {
        case LDAP_TAG_BindRequest:
                return ldapsrv_BindRequest(call);