int ret;
int ret_domain;
- const char *domain_dn = NULL;
+ const struct ldb_dn *domain_dn = NULL;
const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash",
"userAccountControl",
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- domain_dn = samdb_result_string(msgs_domain[0], "nCName", NULL);
+ domain_dn = samdb_result_dn(mem_ctx, msgs_domain[0], "nCName", NULL);
}
/* pull the user attributes */
}
ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs,
- "(nCName=%s)", msgs_tmp[0]->dn);
+ "(nCName=%s)", ldb_dn_linearize(msgs_tmp, msgs_tmp[0]->dn));
if (ret_domain == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
if (ret_domain == 0) {
DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
- msgs_tmp[0]->dn));
+ ldb_dn_linearize(msgs_tmp, msgs_tmp[0]->dn)));
return NT_STATUS_NO_SUCH_USER;
}
if (ret_domain > 1) {
DEBUG(0,("Found %d records matching domain [%s]\n",
- ret_domain, msgs_tmp[0]->dn));
+ ret_domain, ldb_dn_linearize(msgs_tmp, msgs_tmp[0]->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
NTTIME last_set_time;
struct samr_Password *lm_pwd, *nt_pwd;
NTSTATUS nt_status;
- const char *domain_dn = samdb_result_string(msgs_domain[0], "nCName", "");
+ struct ldb_dn *domain_dn = samdb_result_dn(mem_ctx, msgs_domain[0], "nCName", ldb_dn_new(mem_ctx));
acct_flags = samdb_result_acct_flags(msgs[0], "userAccountControl");
struct dom_sid **groupSIDs = NULL;
struct dom_sid *account_sid;
struct dom_sid *primary_group_sid;
- const char *str, *ncname;
+ const char *str;
+ struct ldb_dn *ncname;
int i;
uint_t rid;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
group_ret = gendb_search(sam_ctx,
tmp_ctx, NULL, &group_msgs, group_attrs,
"(&(member=%s)(sAMAccountType=*))",
- msgs[0]->dn);
+ ldb_dn_linearize(tmp_ctx, msgs[0]->dn));
if (group_ret == -1) {
talloc_free(tmp_ctx);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
server_info->acct_expiry = samdb_result_nttime(msgs[0], "accountExpires", 0);
server_info->last_password_change = samdb_result_nttime(msgs[0], "pwdLastSet", 0);
- ncname = samdb_result_string(msgs_domain[0], "nCName", "");
+ ncname = samdb_result_dn(mem_ctx, msgs_domain[0], "nCName", ldb_dn_new(mem_ctx));
server_info->allow_password_change = samdb_result_allow_password_change(sam_ctx, mem_ctx,
ncname, msgs[0], "pwdLastSet");
return NT_STATUS_NO_MEMORY;
}
- msg = ldb_msg_new(mem_ctx);
+ msg = ldb_msg_new(ldb);
if (msg == NULL) {
talloc_free(ldb);
return NT_STATUS_NO_MEMORY;
}
- msg->dn = talloc_asprintf(msg, "computerName=%s", creds->computer_name);
+ msg->dn = ldb_dn_build_child(msg, "computerName", creds->computer_name, NULL);
if (msg->dn == NULL) {
talloc_free(ldb);
- talloc_free(msg);
return NT_STATUS_NO_MEMORY;
}
if (ret != 0) {
DEBUG(0,("Unable to add %s to session key db - %s\n",
- msg->dn, ldb_errstring(ldb)));
+ ldb_dn_linearize(msg, msg->dn), ldb_errstring(ldb)));
talloc_free(ldb);
- talloc_free(msg);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- talloc_free(msg);
talloc_free(ldb);
return NT_STATUS_OK;
/* try and find the domain */
ret = gendb_search(cldapd->samctx, mem_ctx, NULL, &ref_res, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
- dom_res[0]->dn);
+ ldb_dn_linearize(mem_ctx, dom_res[0]->dn));
if (ret != 1) {
- DEBUG(2,("Unable to find referece to '%s' in sam\n", dom_res[0]->dn));
+ DEBUG(2,("Unable to find referece to '%s' in sam\n",
+ ldb_dn_linearize(mem_ctx, dom_res[0]->dn)));
return NT_STATUS_NO_SUCH_DOMAIN;
}
const char *error_string;
};
-static int objectguid_search(struct ldb_module *module, const char *base,
+static int objectguid_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
return ldb_next_search(module, base, scope, expression, attrs, res);
}
-static int objectguid_search_bytree(struct ldb_module *module, const char *base,
+static int objectguid_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectguid_add_record\n");
- if (msg->dn[0] == '@') { /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) { /* do not manipulate our control entries */
return ldb_next_add_record(module, msg);
}
return ldb_next_modify_record(module, msg);
}
-static int objectguid_delete_record(struct ldb_module *module, const char *dn)
+static int objectguid_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectguid_delete_record\n");
return ldb_next_delete_record(module, dn);
}
-static int objectguid_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int objectguid_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectguid_rename_record\n");
return ldb_next_rename_record(module, olddn, newdn);
const char *error_string;
};
-static int samldb_search(struct ldb_module *module, const char *base,
+static int samldb_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
return ldb_next_search(module, base, scope, expression, attrs, res);
}
-static int samldb_search_bytree(struct ldb_module *module, const char *base,
+static int samldb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
return 0 on failure, the id on success
*/
static int samldb_allocate_next_rid(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
- const char *dn, uint32_t *id)
+ const struct ldb_dn *dn, uint32_t *id)
{
const char * const attrs[2] = { "nextRid", NULL };
struct ldb_message **res = NULL;
}
str = ldb_msg_find_string(res[0], "nextRid", NULL);
if (str == NULL) {
- ldb_debug(ldb, LDB_DEBUG_FATAL, "attribute nextRid not found in %s\n", dn);
+ ldb_debug(ldb, LDB_DEBUG_FATAL, "attribute nextRid not found in %s\n", ldb_dn_linearize(res, dn));
talloc_free(res);
return -1;
}
/* we do a delete and add as a single operation. That prevents
a race */
ZERO_STRUCT(msg);
- msg.dn = talloc_strdup(mem_ctx, dn);
+ msg.dn = ldb_dn_copy(mem_ctx, dn);
if (!msg.dn) {
return -1;
}
return 0;
}
-static char *samldb_search_domain(struct ldb_module *module, TALLOC_CTX *mem_ctx, const char *dn)
+static struct ldb_dn *samldb_search_domain(struct ldb_module *module, TALLOC_CTX *mem_ctx, const struct ldb_dn *dn)
{
- const char *sdn;
+ TALLOC_CTX *local_ctx;
+ struct ldb_dn *sdn;
struct ldb_message **res = NULL;
int ret = 0;
- sdn = dn;
- while ((sdn = strchr(sdn, ',')) != NULL) {
-
- sdn++;
+ local_ctx = talloc_named(mem_ctx, 0, "samldb_search_domain memory conext");
+ if (local_ctx == NULL) return NULL;
+ sdn = ldb_dn_copy(local_ctx, dn);
+ do {
ret = ldb_search(module->ldb, sdn, LDB_SCOPE_BASE, "objectClass=domain", NULL, &res);
talloc_free(res);
if (ret == 1)
break;
- }
+
+ } while ((sdn = ldb_dn_get_parent(local_ctx, sdn)));
if (ret != 1) {
+ talloc_free(local_ctx);
return NULL;
}
- return talloc_strdup(mem_ctx, sdn);
+ talloc_steal(mem_ctx, sdn);
+ talloc_free(local_ctx);
+
+ return sdn;
}
/* search the domain related to the provided dn
return the new sid string
*/
static struct dom_sid *samldb_get_new_sid(struct ldb_module *module,
- TALLOC_CTX *mem_ctx, const char *obj_dn)
+ TALLOC_CTX *mem_ctx, const struct ldb_dn *obj_dn)
{
const char * const attrs[2] = { "objectSid", NULL };
struct ldb_message **res = NULL;
- const char *dom_dn;
+ const struct ldb_dn *dom_dn;
uint32_t rid;
int ret, tries = 10;
struct dom_sid *dom_sid, *obj_sid;
dom_dn = samldb_search_domain(module, mem_ctx, obj_dn);
if (dom_dn == NULL) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Invalid dn (%s) not child of a domain object!\n", obj_dn);
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Invalid dn (%s) not child of a domain object!\n", ldb_dn_linearize(mem_ctx, obj_dn));
return NULL;
}
}
}
if (ret != 0) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to increment nextRid of %s\n", dom_dn);
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to increment nextRid of %s\n", ldb_dn_linearize(mem_ctx, dom_dn));
talloc_free(res);
return NULL;
}
return name;
}
-static BOOL samldb_get_rdn(void *mem_ctx, const char *dn, struct ldb_dn_component **rdn)
-{
- struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn);
-
- if (!dn_exploded) {
- return False;
- }
-
- if (dn_exploded->comp_num < 1) {
- return False;
- }
-
- *rdn = &dn_exploded->components[0];
- return True;
-}
-
/* if value is not null also check for attribute to have exactly that value */
static struct ldb_message_element *samldb_find_attribute(const struct ldb_message *msg, const char *name, const char *value)
{
return NULL;
}
- if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_group_object: Bad DN (%s)!\n", msg2->dn);
+ if ((rdn = ldb_dn_get_rdn(msg2, msg2->dn)) == NULL) {
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_group_object: Bad DN (%s)!\n", ldb_dn_linearize(msg2, msg2->dn));
return NULL;
}
if (strcasecmp(rdn->name, "cn") != 0) {
}
}
- if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
+ if ((rdn = ldb_dn_get_rdn(msg2, msg2->dn)) == NULL) {
return NULL;
}
if (strcasecmp(rdn->name, "cn") != 0) {
return NULL;
}
+ talloc_steal(msg, msg2);
+
if (samldb_copy_template(module, msg2, "(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))") != 0) {
ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_foreignSecurityPrincipal_object: Error copying template!\n");
return NULL;
}
- if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad DN (%s)!\n", msg2->dn);
+ if ((rdn = ldb_dn_get_rdn(msg2, msg2->dn)) == NULL) {
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad DN (%s)!\n", ldb_dn_linearize(msg2, msg2->dn));
return NULL;
}
if (strcasecmp(rdn->name, "cn") != 0) {
talloc_free(sid);
}
- talloc_steal(msg, msg2);
-
return msg2;
}
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_add_record\n");
- if (msg->dn[0] == '@') { /* do not manipulate our control entries */
+ if (strcmp(msg->dn->components[0].name, "@SPEACIAL") == 0) { /* do not manipulate our control entries */
return ldb_next_add_record(module, msg);
}
return ldb_next_modify_record(module, msg);
}
-static int samldb_delete_record(struct ldb_module *module, const char *dn)
+static int samldb_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_delete_record\n");
return ldb_next_delete_record(module, dn);
}
-static int samldb_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int samldb_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_rename_record\n");
return ldb_next_rename_record(module, olddn, newdn);
*/
int samdb_search_domain(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
struct ldb_message ***res,
const char * const *attrs,
const struct dom_sid *domain_sid,
*/
const char *samdb_search_string_v(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *attr_name,
const char *format, va_list ap) _PRINTF_ATTRIBUTE(5,0)
{
*/
const char *samdb_search_string(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *attr_name,
const char *format, ...) _PRINTF_ATTRIBUTE(5,6)
{
*/
struct dom_sid *samdb_search_dom_sid(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *attr_name,
const char *format, ...) _PRINTF_ATTRIBUTE(5,6)
{
*/
int samdb_search_count(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *format, ...) _PRINTF_ATTRIBUTE(4,5)
{
va_list ap;
uint_t samdb_search_uint(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
uint_t default_value,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *attr_name,
const char *format, ...) _PRINTF_ATTRIBUTE(6,7)
{
int64_t samdb_search_int64(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
int64_t default_value,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char *attr_name,
const char *format, ...) _PRINTF_ATTRIBUTE(6,7)
{
*/
int samdb_search_string_multiple(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
const char ***strs,
const char *attr_name,
const char *format, ...) _PRINTF_ATTRIBUTE(6,7)
return ldb_msg_find_string(msg, attr, default_value);
}
+struct ldb_dn *samdb_result_dn(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
+ const char *attr, struct ldb_dn *default_value)
+{
+ const char *string = samdb_result_string(msg, attr, NULL);
+ if (string == NULL) return default_value;
+ return ldb_dn_explode(mem_ctx, string);
+}
+
/*
pull a rid from a objectSid in a result set.
*/
*/
NTTIME samdb_result_allow_password_change(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *domain_dn,
+ const struct ldb_dn *domain_dn,
struct ldb_message *msg,
const char *attr)
{
}
minPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0,
- domain_dn, "minPwdAge", "dn=%s", domain_dn);
+ domain_dn, "minPwdAge", "dn=%s", ldb_dn_linearize(mem_ctx, domain_dn));
/* yes, this is a -= not a += as minPwdAge is stored as the negative
of the number of 100-nano-seconds */
*/
NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
TALLOC_CTX *mem_ctx,
- const char *domain_dn,
+ const struct ldb_dn *domain_dn,
struct ldb_message *msg,
const char *attr)
{
}
maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
- "maxPwdAge", "dn=%s", domain_dn);
+ "maxPwdAge", "dn=%s", ldb_dn_linearize(mem_ctx, domain_dn));
if (maxPwdAge == 0) {
return 0;
} else {
/*
delete a record
*/
-int samdb_delete(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, const char *dn)
+int samdb_delete(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, const struct ldb_dn *dn)
{
return ldb_delete(sam_ldb, dn);
}
struct netr_LMSessionKey;
struct ldb_val;
+struct ldb_dn;
struct ldb_message;
struct ldb_context;
struct ldb_parse_tree;
TALLOC_CTX *mem_ctx,
krb5_const_principal principal,
enum hdb_ldb_ent_type ent_type,
- const char *realm_dn,
+ const struct ldb_dn *realm_dn,
struct ldb_message ***pmsg)
{
krb5_error_code ret;
char *princ_str_talloc;
char *short_princ;
+ char *realm_dn_str;
+
struct ldb_message **msg = NULL;
/* Structure assignment, so we don't mess with the source parameter */
count = ldb_search(ldb_ctx, realm_dn, LDB_SCOPE_SUBTREE, filter,
princ_attrs, &msg);
+ realm_dn_str = ldb_dn_linearize(mem_ctx, realm_dn);
+
if (count < 1) {
krb5_warnx(context, "ldb_search: basedn: '%s' filter: '%s' failed: %d",
- realm_dn, filter, count);
+ realm_dn_str, filter, count);
krb5_set_error_string(context, "ldb_search: basedn: '%s' filter: '%s' failed: %d",
- realm_dn, filter, count);
+ realm_dn_str, filter, count);
return HDB_ERR_NOENTRY;
} else if (count > 1) {
talloc_free(msg);
krb5_warnx(context, "ldb_search: basedn: '%s' filter: '%s' more than 1 entry: %d",
- realm_dn, filter, count);
+ realm_dn_str, filter, count);
krb5_set_error_string(context, "ldb_search: basedn: '%s' filter: '%s' more than 1 entry: %d",
- realm_dn, filter, count);
+ realm_dn_str, filter, count);
return HDB_ERR_NOENTRY;
}
*pmsg = talloc_steal(mem_ctx, msg);
struct ldb_message ***pmsg)
{
int count;
- const char *realm_dn;
+ struct ldb_dn *realm_dn;
+ const char *realm_dn_str;
char *cross_ref_filter;
struct ldb_message **cross_ref_msg;
struct ldb_message **msg;
return HDB_ERR_NOENTRY;
}
- realm_dn = ldb_msg_find_string(cross_ref_msg[0], "nCName", NULL);
+ realm_dn_str = ldb_msg_find_string(cross_ref_msg[0], "nCName", NULL);
+ realm_dn = ldb_dn_explode(mem_ctx, realm_dn_str);
count = ldb_search(ldb_ctx, realm_dn, LDB_SCOPE_BASE, "(objectClass=domain)",
realm_attrs, &msg);
}
if (count < 1) {
- krb5_warnx(context, "ldb_search: dn: %s not found: %d", realm_dn, count);
- krb5_set_error_string(context, "ldb_search: dn: %s not found: %d", realm_dn, count);
+ krb5_warnx(context, "ldb_search: dn: %s not found: %d", realm_dn_str, count);
+ krb5_set_error_string(context, "ldb_search: dn: %s not found: %d", realm_dn_str, count);
return HDB_ERR_NOENTRY;
} else if (count > 1) {
- krb5_warnx(context, "ldb_search: dn: '%s' more than 1 entry: %d", realm_dn, count);
- krb5_set_error_string(context, "ldb_search: dn: %s more than 1 entry: %d", realm_dn, count);
+ krb5_warnx(context, "ldb_search: dn: '%s' more than 1 entry: %d", realm_dn_str, count);
+ krb5_set_error_string(context, "ldb_search: dn: %s more than 1 entry: %d", realm_dn_str, count);
return HDB_ERR_NOENTRY;
}
static krb5_error_code LDB_lookup_spn_alias(krb5_context context, struct ldb_context *ldb_ctx,
TALLOC_CTX *mem_ctx,
- const char *realm_dn,
+ const struct ldb_dn *realm_dn,
const char *alias_from,
char **alias_to)
{
int count;
struct ldb_message **msg;
struct ldb_message_element *spnmappings;
- char *service_dn = talloc_asprintf(mem_ctx,
- "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,%s",
- realm_dn);
+ struct ldb_dn *service_dn = ldb_dn_compose_string_dn(mem_ctx,
+ "CN=Directory Service,CN=Windows NT"
+ ",CN=Services,CN=Configuration",
+ realm_dn);
+ char *service_dn_str = ldb_dn_linearize(mem_ctx, service_dn);
const char *directory_attrs[] = {
"sPNMappings",
NULL
talloc_steal(mem_ctx, msg);
if (count < 1) {
- krb5_warnx(context, "ldb_search: dn: %s not found: %d", service_dn, count);
- krb5_set_error_string(context, "ldb_search: dn: %s not found: %d", service_dn, count);
+ krb5_warnx(context, "ldb_search: dn: %s not found: %d", service_dn_str, count);
+ krb5_set_error_string(context, "ldb_search: dn: %s not found: %d", service_dn_str, count);
return HDB_ERR_NOENTRY;
} else if (count > 1) {
- krb5_warnx(context, "ldb_search: dn: %s found %d times!", service_dn, count);
- krb5_set_error_string(context, "ldb_search: dn: %s found %d times!", service_dn, count);
+ krb5_warnx(context, "ldb_search: dn: %s found %d times!", service_dn_str, count);
+ krb5_set_error_string(context, "ldb_search: dn: %s found %d times!", service_dn_str, count);
return HDB_ERR_NOENTRY;
}
spnmappings = ldb_msg_find_element(msg[0], "sPNMappings");
if (!spnmappings || spnmappings->num_values == 0) {
- krb5_warnx(context, "ldb_search: dn: %s no sPNMappings attribute", service_dn);
- krb5_set_error_string(context, "ldb_search: dn: %s no sPNMappings attribute", service_dn);
+ krb5_warnx(context, "ldb_search: dn: %s no sPNMappings attribute", service_dn_str);
+ krb5_set_error_string(context, "ldb_search: dn: %s no sPNMappings attribute", service_dn_str);
return HDB_ERR_NOENTRY;
}
mapping = talloc_strdup(mem_ctx,
(const char *)spnmappings->values[i].data);
if (!mapping) {
- krb5_warnx(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
- krb5_set_error_string(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
+ krb5_warnx(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn_str);
+ krb5_set_error_string(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn_str);
return HDB_ERR_NOENTRY;
}
p = strchr(mapping, '=');
if (!p) {
krb5_warnx(context, "ldb_search: dn: %s sPNMapping malformed: %s",
- service_dn, mapping);
+ service_dn_str, mapping);
krb5_set_error_string(context, "ldb_search: dn: %s sPNMapping malformed: %s",
- service_dn, mapping);
+ service_dn_str, mapping);
return HDB_ERR_NOENTRY;
}
p[0] = '\0';
krb5_error_code ret;
const char *realm;
- const char *realm_dn;
+ const struct ldb_dn *realm_dn;
TALLOC_CTX *mem_ctx = talloc_named(NULL, 0, "LDB_fetch context");
if (!mem_ctx) {
struct ldb_context *ldb_ctx = (struct ldb_context *)db->hdb_db;
struct hdb_ldb_seq *priv = (struct hdb_ldb_seq *)db->hdb_openp;
char *realm;
- char *realm_dn = NULL;
+ struct ldb_dn *realm_dn = NULL;
struct ldb_message **msgs = NULL;
struct ldb_message **realm_msgs = NULL;
krb5_error_code ret;
ldap_server/ldap_backend.o \
ldap_server/ldap_bind.o \
ldap_server/ldap_rootdse.o \
- ldap_server/ldap_parse.o \
ldap_server/ldap_simple_ldb.o \
ldap_server/ldap_hacked_ldb.o
REQUIRED_SUBSYSTEMS = \
#include "includes.h"
#include "dynconfig.h"
#include "ldap_server/ldap_server.h"
-#include "ldap_parse.h"
#include "lib/ldb/include/ldb.h"
#include "librpc/gen_ndr/ndr_security.h"
#include "librpc/gen_ndr/ndr_misc.h"
/* first the NC stuff */
- count = ldb_search(samdb, "", LDB_SCOPE_BASE, nc_filter, s_attrs, &res);
+ count = ldb_search(samdb, NULL, LDB_SCOPE_BASE, nc_filter, s_attrs, &res);
if (count != 1) {
DEBUG(0, (__location__": convert_values(ncname): nc_count: %d \n", count));
return NT_STATUS_FOOBAR;
}
-DEBUG(0, (__location__": convert_values(ncname): nc_res '%s'\n", res[0]->dn));
+DEBUG(0, (__location__": convert_values(ncname): nc_res '%s'\n", ldb_dn_linearize(mem_ctx, res[0]->dn)));
nc_guid_str = samdb_result_string(res[0], "objectGUID", NULL);
status = GUID_from_string(nc_guid_str, &nc_guid);
dom_filter = talloc_asprintf(mem_ctx, "(dn=%s)", dom_dn);
DEBUG(0, (__location__": convert_values(ncname): dom dn = '%s'\n", dom_filter));
- count = ldb_search(samdb, "", LDB_SCOPE_BASE, dom_filter, s_attrs, &res);
+ count = ldb_search(samdb, NULL, LDB_SCOPE_BASE, dom_filter, s_attrs, &res);
if (count != 1) {
DEBUG(0, (__location__": convert_values(ncname): dom_count: %d \n", count));
return NT_STATUS_OK;
int count, j, y, i;
const char **attrs = NULL;
enum ldb_scope scope = LDB_SCOPE_DEFAULT;
- struct ldap_dn *basedn;
- const char *basedn_str;
+ struct ldb_dn *basedn;
local_ctx = talloc_named(call, 0, "hacked_Search local memory context");
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
- basedn = ldap_parse_dn(local_ctx, r->basedn);
- if (!basedn) {
- basedn_str = r->basedn;
- } else {
- basedn_str = basedn->dn;
- }
+ basedn = ldb_dn_explode(local_ctx, r->basedn);
switch (r->scope) {
case LDAP_SEARCH_SCOPE_BASE:
}
attrs[j] = NULL;
}
-DEBUG(0,("hacked basedn: %s\n", basedn_str));
+DEBUG(0,("hacked basedn: %s\n", ldb_dn_linearize(local_ctx, basedn)));
DEBUGADD(0,("hacked filter: %s\n", ldb_filter_from_tree(r, r->tree)));
- count = ldb_search_bytree(samdb, basedn_str, scope, r->tree, attrs, &res);
+ count = ldb_search_bytree(samdb, basedn, scope, r->tree, attrs, &res);
talloc_steal(samdb, res);
if (count < 1) {
NT_STATUS_HAVE_NO_MEMORY(ent_r);
ent = &ent_r->msg->r.SearchResultEntry;
- ent->dn = talloc_steal(ent_r, res[0]->dn);
+ ent->dn = ldb_dn_linearize(ent_r, res[0]->dn);
DEBUG(0,("hacked result [0] dn: %s\n", ent->dn));
ent->num_attributes = 0;
ent->attributes = NULL;
NT_STATUS_HAVE_NO_MEMORY(ent_r);
ent = &ent_r->msg->r.SearchResultEntry;
- ent->dn = talloc_steal(ent_r, res[i]->dn);
+ ent->dn = ldb_dn_linearize(ent_r, res[i]->dn);
DEBUG(0,("hacked result [%d] dn: %s\n", i, ent->dn));
ent->num_attributes = 0;
ent->attributes = NULL;
struct ldap_AddRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *add_result;
struct ldapsrv_reply *add_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
- VALID_DN_SYNTAX(dn,1);
-
- DEBUG(10, ("hldb_add: dn: [%s]\n", dn->dn));
-
msg = talloc(local_ctx, struct ldb_message);
NT_STATUS_HAVE_NO_MEMORY(msg);
- msg->dn = dn->dn;
+ msg->dn = ldb_dn_explode(local_ctx, r->dn);
+ VALID_DN_SYNTAX(dn, 1);
+
+ DEBUG(10, ("hldb_add: dn: [%s]\n", ldb_dn_linearize(local_ctx, dn)));
+
msg->private_data = NULL;
msg->num_elements = 0;
msg->elements = NULL;
if (result == LDAP_SUCCESS) {
ldb_ret = ldb_add(samdb, msg);
if (ldb_ret == 0) {
- DEBUG(0,("hldb_Add: added: '%s'\n", msg->dn));
+ DEBUG(0,("hldb_Add: added: '%s'\n", ldb_dn_linearize(msg, msg->dn)));
result = LDAP_SUCCESS;
errstr = NULL;
} else {
struct ldap_DelRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *del_result;
struct ldapsrv_reply *del_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
+ dn = ldb_dn_explode(local_ctx, r->dn);
VALID_DN_SYNTAX(dn,1);
- DEBUG(10, ("hldb_Del: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("hldb_Del: dn: [%s]\n", ldb_dn_linearize(local_ctx, dn)));
reply:
del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
NT_STATUS_HAVE_NO_MEMORY(del_reply);
if (result == LDAP_SUCCESS) {
- ldb_ret = ldb_delete(samdb, dn->dn);
+ ldb_ret = ldb_delete(samdb, dn);
if (ldb_ret == 0) {
result = LDAP_SUCCESS;
errstr = NULL;
struct ldap_ModifyRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *modify_result;
struct ldapsrv_reply *modify_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
- VALID_DN_SYNTAX(dn,1);
-
- DEBUG(10, ("hldb_modify: dn: [%s]\n", dn->dn));
-
msg = talloc(local_ctx, struct ldb_message);
NT_STATUS_HAVE_NO_MEMORY(msg);
- msg->dn = dn->dn;
+ msg->dn = ldb_dn_explode(local_ctx, r->dn);
+ VALID_DN_SYNTAX(dn,1);
+
+ DEBUG(10, ("hldb_modify: dn: [%s]\n", ldb_dn_linearize(local_ctx, dn)));
+
msg->private_data = NULL;
msg->num_elements = 0;
msg->elements = NULL;
if (strcmp("Type or value exists", errstr) ==0){
result = LDAP_ATTRIBUTE_OR_VALUE_EXISTS;
}
- DEBUG(0,("failed to modify: %s - %u - %s\n", msg->dn, result, errstr));
+ DEBUG(0,("failed to modify: %s - %u - %s\n", ldb_dn_linearize(local_ctx, msg->dn), result, errstr));
}
}
struct ldap_CompareRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *compare;
struct ldapsrv_reply *compare_r;
int result = LDAP_SUCCESS;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
+ dn = ldb_dn_explode(local_ctx, r->dn);
VALID_DN_SYNTAX(dn,1);
- DEBUG(10, ("hldb_Compare: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("hldb_Compare: dn: [%s]\n", ldb_dn_linearize(local_ctx, dn)));
filter = talloc_asprintf(local_ctx, "(%s=%*s)", r->attribute,
(int)r->value.length, r->value.data);
NT_STATUS_HAVE_NO_MEMORY(filter);
NT_STATUS_HAVE_NO_MEMORY(compare_r);
if (result == LDAP_SUCCESS) {
- count = ldb_search(samdb, dn->dn, LDB_SCOPE_BASE, filter, attrs, &res);
+ count = ldb_search(samdb, dn, LDB_SCOPE_BASE, filter, attrs, &res);
talloc_steal(samdb, res);
if (count == 1) {
DEBUG(10,("hldb_Compare: matched\n"));
static NTSTATUS hldb_ModifyDN(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r)
{
void *local_ctx;
- struct ldap_dn *olddn, *newrdn, *newsuperior;
+ struct ldb_dn *olddn, *newrdn, *newsuperior;
struct ldap_Result *modifydn;
struct ldapsrv_reply *modifydn_r;
int ldb_ret;
struct ldb_context *samdb;
const char *errstr = NULL;
int result = LDAP_SUCCESS;
- const char *newdn = NULL;
- char *parentdn = NULL;
+ const struct ldb_dn *newdn = NULL;
+ struct ldb_dn *parentdn = NULL;
local_ctx = talloc_named(call, 0, "hldb_ModifyDN local memory context");
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- olddn = ldap_parse_dn(local_ctx, r->dn);
+ olddn = ldb_dn_explode(local_ctx, r->dn);
VALID_DN_SYNTAX(olddn,2);
- newrdn = ldap_parse_dn(local_ctx, r->newrdn);
+ newrdn = ldb_dn_explode(local_ctx, r->newrdn);
VALID_DN_SYNTAX(newrdn,1);
- DEBUG(10, ("hldb_ModifyDN: olddn: [%s]\n", olddn->dn));
- DEBUG(10, ("hldb_ModifyDN: newrdn: [%s]\n", newrdn->dn));
+ DEBUG(10, ("hldb_ModifyDN: olddn: [%s]\n", ldb_dn_linearize(local_ctx, olddn)));
+ DEBUG(10, ("hldb_ModifyDN: newrdn: [%s]\n", ldb_dn_linearize(local_ctx, newrdn)));
/* we can't handle the rename if we should not remove the old dn */
if (!r->deleteolddn) {
}
if (r->newsuperior) {
- newsuperior = ldap_parse_dn(local_ctx, r->newsuperior);
+ newsuperior = ldb_dn_explode(local_ctx, r->newsuperior);
VALID_DN_SYNTAX(newsuperior,0);
- DEBUG(10, ("hldb_ModifyDN: newsuperior: [%s]\n", newsuperior->dn));
+ DEBUG(10, ("hldb_ModifyDN: newsuperior: [%s]\n", ldb_dn_linearize(local_ctx, newsuperior)));
if (newsuperior->comp_num < 1) {
result = LDAP_AFFECTS_MULTIPLE_DSAS;
errstr = "Error new Superior DN invalid";
goto reply;
}
- parentdn = newsuperior->dn;
+ parentdn = newsuperior;
}
if (!parentdn) {
- int i;
- parentdn = talloc_strdup(local_ctx, olddn->components[1]->component);
- NT_STATUS_HAVE_NO_MEMORY(parentdn);
- for(i=2; i < olddn->comp_num; i++) {
- char *old = parentdn;
- parentdn = talloc_asprintf(local_ctx, "%s,%s", old, olddn->components[i]->component);
- NT_STATUS_HAVE_NO_MEMORY(parentdn);
- talloc_free(old);
- }
+ parentdn = ldb_dn_get_parent(local_ctx, olddn);
}
- newdn = talloc_asprintf(local_ctx, "%s,%s", newrdn->dn, parentdn);
+ newdn = ldb_dn_make_child(local_ctx, ldb_dn_get_rdn(local_ctx, newrdn), parentdn);
NT_STATUS_HAVE_NO_MEMORY(newdn);
reply:
NT_STATUS_HAVE_NO_MEMORY(modifydn_r);
if (result == LDAP_SUCCESS) {
- ldb_ret = ldb_rename(samdb, olddn->dn, newdn);
+ ldb_ret = ldb_rename(samdb, olddn, newdn);
if (ldb_ret == 0) {
result = LDAP_SUCCESS;
errstr = NULL;
#include "includes.h"
#include "ldap_server/ldap_server.h"
-#include "ldap_parse.h"
#include "lib/ldb/include/ldb.h"
#include "db_wrap.h"
struct ldap_SearchRequest *r)
{
void *local_ctx;
- struct ldap_dn *basedn;
+ struct ldb_dn *basedn;
struct ldap_Result *done;
struct ldap_SearchResEntry *ent;
struct ldapsrv_reply *ent_r, *done_r;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- basedn = ldap_parse_dn(local_ctx, r->basedn);
- VALID_DN_SYNTAX(basedn,0);
+ basedn = ldb_dn_explode(local_ctx, r->basedn);
+ VALID_DN_SYNTAX(basedn, 0);
- DEBUG(10, ("sldb_Search: basedn: [%s]\n", basedn->dn));
+ DEBUG(10, ("sldb_Search: basedn: [%s]\n", r->basedn));
DEBUG(10, ("sldb_Search: filter: [%s]\n", ldb_filter_from_tree(call, r->tree)));
switch (r->scope) {
case LDAP_SEARCH_SCOPE_BASE:
DEBUG(10,("sldb_Search: scope: [BASE]\n"));
scope = LDB_SCOPE_BASE;
- success_limit = 1;
+ success_limit = 0;
break;
case LDAP_SEARCH_SCOPE_SINGLE:
DEBUG(10,("sldb_Search: scope: [ONE]\n"));
}
DEBUG(5,("ldb_search_bytree dn=%s filter=%s\n",
- basedn->dn, ldb_filter_from_tree(call, r->tree)));
+ r->basedn, ldb_filter_from_tree(call, r->tree)));
- count = ldb_search_bytree(samdb, basedn->dn, scope, r->tree, attrs, &res);
+ count = ldb_search_bytree(samdb, basedn, scope, r->tree, attrs, &res);
talloc_steal(samdb, res);
for (i=0; i < count; i++) {
NT_STATUS_HAVE_NO_MEMORY(ent_r);
ent = &ent_r->msg->r.SearchResultEntry;
- ent->dn = talloc_steal(ent_r, res[i]->dn);
+ ent->dn = ldb_dn_linearize(ent_r, res[i]->dn);
ent->num_attributes = 0;
ent->attributes = NULL;
if (res[i]->num_elements == 0) {
struct ldap_AddRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *add_result;
struct ldapsrv_reply *add_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
+ dn = ldb_dn_explode(local_ctx, r->dn);
VALID_DN_SYNTAX(dn,1);
- DEBUG(10, ("sldb_add: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("sldb_add: dn: [%s]\n", r->dn));
msg = talloc(local_ctx, struct ldb_message);
NT_STATUS_HAVE_NO_MEMORY(msg);
- msg->dn = dn->dn;
+ msg->dn = dn;
msg->private_data = NULL;
msg->num_elements = 0;
msg->elements = NULL;
struct ldap_DelRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *del_result;
struct ldapsrv_reply *del_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
+ dn = ldb_dn_explode(local_ctx, r->dn);
VALID_DN_SYNTAX(dn,1);
- DEBUG(10, ("sldb_Del: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("sldb_Del: dn: [%s]\n", r->dn));
reply:
del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
NT_STATUS_HAVE_NO_MEMORY(del_reply);
if (result == LDAP_SUCCESS) {
- ldb_ret = ldb_delete(samdb, dn->dn);
+ ldb_ret = ldb_delete(samdb, dn);
if (ldb_ret == 0) {
result = LDAP_SUCCESS;
errstr = NULL;
struct ldap_ModifyRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *modify_result;
struct ldapsrv_reply *modify_reply;
int ldb_ret;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
- VALID_DN_SYNTAX(dn,1);
+ dn = ldb_dn_explode(local_ctx, r->dn);
+ VALID_DN_SYNTAX(dn, 1);
- DEBUG(10, ("sldb_modify: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("sldb_modify: dn: [%s]\n", r->dn));
msg = talloc(local_ctx, struct ldb_message);
NT_STATUS_HAVE_NO_MEMORY(msg);
- msg->dn = dn->dn;
+ msg->dn = dn;
msg->private_data = NULL;
msg->num_elements = 0;
msg->elements = NULL;
struct ldap_CompareRequest *r)
{
void *local_ctx;
- struct ldap_dn *dn;
+ struct ldb_dn *dn;
struct ldap_Result *compare;
struct ldapsrv_reply *compare_r;
int result = LDAP_SUCCESS;
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- dn = ldap_parse_dn(local_ctx, r->dn);
- VALID_DN_SYNTAX(dn,1);
+ dn = ldb_dn_explode(local_ctx, r->dn);
+ VALID_DN_SYNTAX(dn, 1);
- DEBUG(10, ("sldb_Compare: dn: [%s]\n", dn->dn));
+ DEBUG(10, ("sldb_Compare: dn: [%s]\n", r->dn));
filter = talloc_asprintf(local_ctx, "(%s=%*s)", r->attribute,
(int)r->value.length, r->value.data);
NT_STATUS_HAVE_NO_MEMORY(filter);
NT_STATUS_HAVE_NO_MEMORY(compare_r);
if (result == LDAP_SUCCESS) {
- count = ldb_search(samdb, dn->dn, LDB_SCOPE_BASE, filter, attrs, &res);
+ count = ldb_search(samdb, dn, LDB_SCOPE_BASE, filter, attrs, &res);
talloc_steal(samdb, res);
if (count == 1) {
DEBUG(10,("sldb_Compare: matched\n"));
static NTSTATUS sldb_ModifyDN(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r)
{
void *local_ctx;
- struct ldap_dn *olddn, *newrdn, *newsuperior;
+ struct ldb_dn *olddn, *newdn, *newrdn;
+ struct ldb_dn *parentdn = NULL;
struct ldap_Result *modifydn;
struct ldapsrv_reply *modifydn_r;
int ldb_ret;
struct ldb_context *samdb;
const char *errstr = NULL;
int result = LDAP_SUCCESS;
- const char *newdn = NULL;
- char *parentdn = NULL;
local_ctx = talloc_named(call, 0, "sldb_ModifyDN local memory context");
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
samdb = ldapsrv_sam_connect(call);
NT_STATUS_HAVE_NO_MEMORY(samdb);
- olddn = ldap_parse_dn(local_ctx, r->dn);
- VALID_DN_SYNTAX(olddn,2);
+ olddn = ldb_dn_explode(local_ctx, r->dn);
+ VALID_DN_SYNTAX(olddn, 2);
- newrdn = ldap_parse_dn(local_ctx, r->newrdn);
- VALID_DN_SYNTAX(newrdn,1);
+ newrdn = ldb_dn_explode(local_ctx, r->newrdn);
+ VALID_DN_SYNTAX(newrdn, 1);
- DEBUG(10, ("sldb_ModifyDN: olddn: [%s]\n", olddn->dn));
- DEBUG(10, ("sldb_ModifyDN: newrdn: [%s]\n", newrdn->dn));
+ DEBUG(10, ("sldb_ModifyDN: olddn: [%s]\n", r->dn));
+ DEBUG(10, ("sldb_ModifyDN: newrdn: [%s]\n", r->newrdn));
/* we can't handle the rename if we should not remove the old dn */
if (!r->deleteolddn) {
}
if (r->newsuperior) {
- newsuperior = ldap_parse_dn(local_ctx, r->newsuperior);
- VALID_DN_SYNTAX(newsuperior,0);
- DEBUG(10, ("sldb_ModifyDN: newsuperior: [%s]\n", newsuperior->dn));
+ parentdn = ldb_dn_explode(local_ctx, r->newsuperior);
+ VALID_DN_SYNTAX(parentdn, 0);
+ DEBUG(10, ("sldb_ModifyDN: newsuperior: [%s]\n", r->newsuperior));
- if (newsuperior->comp_num < 1) {
+ if (parentdn->comp_num < 1) {
result = LDAP_AFFECTS_MULTIPLE_DSAS;
errstr = "Error new Superior DN invalid";
goto reply;
}
- parentdn = newsuperior->dn;
}
if (!parentdn) {
- int i;
- parentdn = talloc_strdup(local_ctx, olddn->components[1]->component);
+ parentdn = ldb_dn_get_parent(local_ctx, olddn);
NT_STATUS_HAVE_NO_MEMORY(parentdn);
- for(i=2; i < olddn->comp_num; i++) {
- char *old = parentdn;
- parentdn = talloc_asprintf(local_ctx, "%s,%s", old, olddn->components[i]->component);
- NT_STATUS_HAVE_NO_MEMORY(parentdn);
- talloc_free(old);
- }
}
- newdn = talloc_asprintf(local_ctx, "%s,%s", newrdn->dn, parentdn);
+
+ newdn = ldb_dn_make_child(local_ctx, ldb_dn_get_rdn(local_ctx, newrdn), parentdn);
NT_STATUS_HAVE_NO_MEMORY(newdn);
reply:
NT_STATUS_HAVE_NO_MEMORY(modifydn_r);
if (result == LDAP_SUCCESS) {
- ldb_ret = ldb_rename(samdb, olddn->dn, newdn);
+ ldb_ret = ldb_rename(samdb, olddn, newdn);
if (ldb_ret == 0) {
result = LDAP_SUCCESS;
errstr = NULL;
*/
int gendb_search_v(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
struct ldb_message ***res,
const char * const *attrs,
const char *format,
if (*res) talloc_steal(mem_ctx, *res);
DEBUG(4,("gendb_search_v: %s %s -> %d (%s)\n",
- basedn?basedn:"NULL", expr?expr:"NULL", count,
+ basedn?ldb_dn_linearize(mem_ctx,basedn):"NULL",
+ expr?expr:"NULL", count,
count==-1?ldb_errstring(ldb):"OK"));
free(expr);
*/
int gendb_search(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
struct ldb_message ***res,
const char * const *attrs,
const char *format, ...) _PRINTF_ATTRIBUTE(6,7)
int gendb_search_dn(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *dn,
+ const struct ldb_dn *dn,
struct ldb_message ***res,
const char * const *attrs)
{
- return gendb_search(ldb, mem_ctx, dn, res, attrs, "dn=%s", dn);
+ return gendb_search(ldb, mem_ctx, dn, res, attrs, "dn=%s", ldb_dn_linearize(mem_ctx, dn));
}
/*
*/
int ldb_search(struct ldb_context *ldb,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
const char *expression,
const char * const *attrs, struct ldb_message ***res)
*/
int ldb_search_bytree(struct ldb_context *ldb,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
/*
delete a record from the database
*/
-int ldb_delete(struct ldb_context *ldb, const char *dn)
+int ldb_delete(struct ldb_context *ldb, const struct ldb_dn *dn)
{
return ldb->modules->ops->delete_record(ldb->modules, dn);
}
/*
rename a record in the database
*/
-int ldb_rename(struct ldb_context *ldb, const char *olddn, const char *newdn)
+int ldb_rename(struct ldb_context *ldb, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
return ldb->modules->ops->rename_record(ldb->modules, olddn, newdn);
}
#define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
+#define LDB_SPECIAL "@SPECIAL"
+
+BOOL ldb_dn_is_special(const struct ldb_dn *dn)
+{
+ if (dn == NULL || dn->comp_num != 1) return 0;
+
+ return ! strcmp(dn->components[0].name, LDB_SPECIAL);
+}
+
+BOOL ldb_dn_check_special(const struct ldb_dn *dn, const char *check)
+{
+ if (dn == NULL || dn->comp_num != 1) return 0;
+
+ return ! strcmp(dn->components[0].value.data, check);
+}
+
static int ldb_dn_is_valid_attribute_name(const char *name)
{
+ if (name == NULL) return 0;
+
while (*name) {
if (! isascii(*name)) {
return 0;
{
const char *p;
+ if (source == NULL || quote_start == NULL || quote_end == NULL) return -1;
+
p = source;
/* check if there are quotes surrounding the value */
char *p;
int ret, qs, qe;
+ if (string == NULL || separators == NULL) return NULL;
+
p = strchr(string, '=');
LDB_DN_NULL_FAILED(p);
char *p;
int ret, qs, qe;
+ if (raw_component == NULL) {
+ dc.name = NULL;
+ return dc;
+ }
+
/* find attribute type/value separator */
p = strchr(raw_component, '=');
LDB_DN_NULL_FAILED(p);
return dc;
}
-struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn)
+struct ldb_dn *ldb_dn_new(void *mem_ctx)
{
- struct ldb_dn *edn; /* the exploded dn */
- char *pdn, *p;
+ struct ldb_dn *edn;
- pdn = NULL;
-
- /* Allocate a structure to hold the exploded DN */
edn = talloc(mem_ctx, struct ldb_dn);
LDB_DN_NULL_FAILED(edn);
edn->comp_num = 0;
edn->components = NULL;
+ return edn;
+
+failed:
+ return NULL;
+}
+
+struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn)
+{
+ struct ldb_dn *edn; /* the exploded dn */
+ char *pdn, *p;
+
+ if (dn == NULL) return NULL;
+
+ /* Allocate a structure to hold the exploded DN */
+ edn = ldb_dn_new(mem_ctx);
+
+ /* Empty DNs */
+ if (dn[0] == '\0') {
+ return edn;
+ }
+
/* Special DNs case */
if (dn[0] == '@') {
edn->comp_num = 1;
edn->components = talloc(edn, struct ldb_dn_component);
if (edn->components == NULL) goto failed;
- edn->components[0].name = talloc_strdup(edn->components, "@SPECIAL");
+ edn->components[0].name = talloc_strdup(edn->components, LDB_SPECIAL);
if (edn->components[0].name == NULL) goto failed;
edn->components[0].value.data = talloc_strdup(edn->components, dn);
if (edn->components[0].value.data== NULL) goto failed;
char *dn, *value;
int i;
+ if (edn == NULL) return NULL;
+
/* Special DNs */
- if ((edn->comp_num == 1) && strcmp("@SPECIAL", edn->components[0].name) == 0) {
+ if (ldb_dn_is_special(edn)) {
dn = talloc_strdup(mem_ctx, edn->components[0].value.data);
return dn;
}
return (dn->comp_num - base->comp_num);
}
+ if (base == NULL || base->comp_num == 0) return 0;
+ if (dn == NULL || dn->comp_num == 0) return -1;
+ if (base->comp_num > dn->comp_num) return -1;
+
/* if the number of components doesn't match they differ */
n0 = base->comp_num - 1;
n1 = dn->comp_num - 1;
const struct ldb_dn *edn0,
const struct ldb_dn *edn1)
{
+ if (edn0 == NULL || edn1 == NULL) return edn1 - edn0;
+
if (edn0->comp_num != edn1->comp_num)
return (edn1->comp_num - edn0->comp_num);
struct ldb_dn *edn1;
int ret;
+ if (dn0 == NULL || dn1 == NULL) return dn1 - dn0;
+
edn0 = ldb_dn_explode_casefold(ldb, dn0);
if (edn0 == NULL) return 0;
struct ldb_dn *cedn;
int i;
- cedn = talloc(ldb, struct ldb_dn);
+ if (edn == NULL) return NULL;
+
+ cedn = ldb_dn_new(ldb);
LDB_DN_NULL_FAILED(cedn);
cedn->comp_num = edn->comp_num;
{
struct ldb_dn *edn, *cdn;
+ if (dn == NULL) return NULL;
+
edn = ldb_dn_explode(ldb, dn);
if (edn == NULL) return NULL;
talloc_free(edn);
return cdn;
}
+
+char *ldb_dn_linearize_casefold(struct ldb_context *ldb, const struct ldb_dn *edn)
+{
+ struct ldb_dn *cdn;
+ char *dn;
+
+ if (edn == NULL) return NULL;
+
+ /* Special DNs */
+ if (ldb_dn_is_special(edn)) {
+ dn = talloc_strdup(ldb, edn->components[0].value.data);
+ return dn;
+ }
+
+ cdn = ldb_dn_casefold(ldb, edn);
+ if (cdn == NULL) return NULL;
+
+ dn = ldb_dn_linearize(ldb, cdn);
+ if (dn == NULL) {
+ talloc_free(cdn);
+ return NULL;
+ }
+
+ talloc_free(cdn);
+ return dn;
+}
+
+static struct ldb_dn_component ldb_dn_copy_component(void *mem_ctx, struct ldb_dn_component *src)
+{
+ struct ldb_dn_component dst;
+
+ dst.name = NULL;
+
+ if (src == NULL) {
+ return dst;
+ }
+
+ dst.value = ldb_val_dup(mem_ctx, &(src->value));
+ if (dst.value.data == NULL) {
+ return dst;
+ }
+
+ dst.name = talloc_strdup(mem_ctx, src->name);
+ if (dst.name == NULL) {
+ talloc_free(dst.value.data);
+ }
+
+ return dst;
+}
+
+/* copy specified number of elements of a dn into a new one
+ element are copied from top level up to the unique rdn
+ num_el may be greater then dn->comp_num (see ldb_dn_make_child)
+*/
+struct ldb_dn *ldb_dn_copy_partial(void *mem_ctx, const struct ldb_dn *dn, int num_el)
+{
+ struct ldb_dn *new;
+ int i, n, e;
+
+ if (dn == NULL) return NULL;
+ if (num_el <= 0) return NULL;
+
+ new = ldb_dn_new(mem_ctx);
+ LDB_DN_NULL_FAILED(new);
+
+ new->comp_num = num_el;
+ n = new->comp_num - 1;
+ new->components = talloc_array(new, struct ldb_dn_component, new->comp_num);
+
+ if (dn->comp_num == 0) return new;
+ e = dn->comp_num - 1;
+
+ for (i = 0; i < new->comp_num; i++) {
+ new->components[n - i] = ldb_dn_copy_component(new->components,
+ &(dn->components[e - i]));
+ if ((e - i) == 0) {
+ return new;
+ }
+ }
+
+ return new;
+
+failed:
+ talloc_free(new);
+ return NULL;
+}
+
+struct ldb_dn *ldb_dn_copy(void *mem_ctx, const struct ldb_dn *dn)
+{
+ if (dn == NULL) return NULL;
+ return ldb_dn_copy_partial(mem_ctx, dn, dn->comp_num);
+}
+
+struct ldb_dn *ldb_dn_get_parent(void *mem_ctx, const struct ldb_dn *dn)
+{
+ if (dn == NULL) return NULL;
+ return ldb_dn_copy_partial(mem_ctx, dn, dn->comp_num - 1);
+}
+
+struct ldb_dn_component *ldb_dn_build_component(void *mem_ctx, const char *attr,
+ const char *val)
+{
+ struct ldb_dn_component *dc;
+
+ if (attr == NULL || val == NULL) return NULL;
+
+ dc = talloc(mem_ctx, struct ldb_dn_component);
+ if (dc == NULL) return NULL;
+
+ dc->name = talloc_strdup(dc, attr);
+ if (dc->name == NULL) {
+ talloc_free(dc);
+ return NULL;
+ }
+
+ dc->value.data = talloc_strdup(dc, val);
+ if (dc->value.data == NULL) {
+ talloc_free(dc);
+ return NULL;
+ }
+
+ dc->value.length = strlen(val);
+
+ return dc;
+}
+
+struct ldb_dn *ldb_dn_build_child(void *mem_ctx, const char *attr,
+ const char * value,
+ const struct ldb_dn *base)
+{
+ struct ldb_dn *new;
+ if (! ldb_dn_is_valid_attribute_name(attr)) return NULL;
+ if (value == NULL || value == '\0') return NULL;
+
+ if (base != NULL) {
+ new = ldb_dn_copy_partial(mem_ctx, base, base->comp_num + 1);
+ LDB_DN_NULL_FAILED(new);
+ } else {
+ new = ldb_dn_new(mem_ctx);
+ LDB_DN_NULL_FAILED(new);
+
+ new->comp_num = 1;
+ new->components = talloc_array(new, struct ldb_dn_component, new->comp_num);
+ }
+
+ new->components[0].name = talloc_strdup(new->components, attr);
+ LDB_DN_NULL_FAILED(new->components[0].name);
+
+ new->components[0].value.data = talloc_strdup(new->components, value);
+ LDB_DN_NULL_FAILED(new->components[0].value.data);
+ new->components[0].value.length = strlen(new->components[0].value.data);
+
+ return new;
+
+failed:
+ talloc_free(new);
+ return NULL;
+
+}
+
+struct ldb_dn *ldb_dn_make_child(void *mem_ctx, const struct ldb_dn_component *component,
+ const struct ldb_dn *base)
+{
+ if (component == NULL) return NULL;
+
+ return ldb_dn_build_child(mem_ctx, component->name, component->value.data, base);
+}
+
+struct ldb_dn *ldb_dn_compose(void *mem_ctx, const struct ldb_dn *dn1, const struct ldb_dn *dn2)
+{
+ int i;
+ struct ldb_dn *new;
+
+ if (dn2 == NULL && dn1 == NULL) {
+ return NULL;
+ }
+
+ if (dn2 == NULL) {
+ new = ldb_dn_new(mem_ctx);
+ LDB_DN_NULL_FAILED(new);
+
+ new->comp_num = dn1->comp_num;
+ new->components = talloc_array(new, struct ldb_dn_component, new->comp_num);
+ } else {
+ new = ldb_dn_copy_partial(mem_ctx, dn2, dn2->comp_num + dn1?dn1->comp_num:0);
+ }
+
+ if (dn1 == NULL) {
+ return new;
+ }
+
+ for (i = 0; i < dn1->comp_num; i++) {
+ new->components[i] = ldb_dn_copy_component(new->components,
+ &(dn1->components[i]));
+ }
+
+ return new;
+
+failed:
+ talloc_free(new);
+ return NULL;
+}
+
+struct ldb_dn *ldb_dn_compose_string_dn(void *mem_ctx, const char *dn1, const struct ldb_dn *dn2)
+{
+ if (dn1 == NULL) return NULL;
+
+ return ldb_dn_compose(mem_ctx, ldb_dn_explode(mem_ctx, dn1), dn2);
+}
+
+struct ldb_dn_component *ldb_dn_get_rdn(void *mem_ctx, const struct ldb_dn *dn)
+{
+ struct ldb_dn_component *rdn;
+
+ if (dn == NULL) return NULL;
+
+ if (dn->comp_num < 1) {
+ return NULL;
+ }
+
+ rdn = talloc(mem_ctx, struct ldb_dn_component);
+ if (rdn == NULL) return NULL;
+
+ *rdn = ldb_dn_copy_component(mem_ctx, &dn->components[0]);
+ if (rdn->name == NULL) {
+ talloc_free(rdn);
+ return NULL;
+ }
+
+ return rdn;
+}
+
msg = ldif->msg;
- ret = fprintf_fn(private_data, "dn: %s\n", msg->dn);
+ ret = fprintf_fn(private_data, "dn: %s\n", ldb_dn_linearize(msg->dn, msg->dn));
CHECK_RET;
if (ldif->changetype != LDB_CHANGETYPE_NONE) {
goto failed;
}
- msg->dn = value.data;
+ msg->dn = ldb_dn_explode(msg, value.data);
while (next_attr(ldif, &s, &attr, &value) == 0) {
const struct ldb_attrib_handler *h;
check if the scope matches in a search result
*/
static int ldb_match_scope(struct ldb_context *ldb,
- const char *base_str,
- const char *dn_str,
+ const struct ldb_dn *base,
+ const struct ldb_dn *dn,
enum ldb_scope scope)
{
- struct ldb_dn *base;
- struct ldb_dn *dn;
int ret = 0;
- if (base_str == NULL) {
+ if (base == NULL || dn == NULL) {
return 1;
}
- base = ldb_dn_explode_casefold(ldb, base_str);
- if (base == NULL) return 0;
-
- dn = ldb_dn_explode_casefold(ldb, dn_str);
- if (dn == NULL) {
- talloc_free(base);
- return 0;
- }
-
switch (scope) {
case LDB_SCOPE_BASE:
if (ldb_dn_compare(ldb, base, dn) == 0) {
break;
}
- talloc_free(base);
- talloc_free(dn);
return ret;
}
static int ldb_match_present(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope)
{
static int ldb_match_comparison(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope,
enum ldb_parse_op comp_op)
{
static int ldb_match_equality(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope)
{
unsigned int i;
struct ldb_message_element *el;
const struct ldb_attrib_handler *h;
- struct ldb_dn *msgdn, *valuedn;
+ struct ldb_dn *valuedn;
int ret;
if (ldb_attr_cmp(tree->u.equality.attr, "dn") == 0) {
- msgdn = ldb_dn_explode_casefold(ldb, msg->dn);
- if (msgdn == NULL) return 0;
-
valuedn = ldb_dn_explode_casefold(ldb, tree->u.equality.value.data);
if (valuedn == NULL) {
- talloc_free(msgdn);
return 0;
}
- ret = ldb_dn_compare(ldb, msgdn, valuedn);
+ ret = ldb_dn_compare(ldb, msg->dn, valuedn);
- talloc_free(msgdn);
talloc_free(valuedn);
if (ret == 0) return 1;
static int ldb_match_substring(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope)
{
unsigned int i;
static int ldb_match_extended(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope)
{
int i;
static int ldb_match_message(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
enum ldb_scope scope)
{
unsigned int i;
switch (tree->operation) {
case LDB_OP_AND:
for (i=0;i<tree->u.list.num_elements;i++) {
- v = ldb_match_message(ldb, msg, tree->u.list.elements[i],
- base, scope);
+ v = ldb_match_message(ldb, msg, tree->u.list.elements[i], scope);
if (!v) return 0;
}
return 1;
case LDB_OP_OR:
for (i=0;i<tree->u.list.num_elements;i++) {
- v = ldb_match_message(ldb, msg, tree->u.list.elements[i],
- base, scope);
+ v = ldb_match_message(ldb, msg, tree->u.list.elements[i], scope);
if (v) return 1;
}
return 0;
case LDB_OP_NOT:
- return ! ldb_match_message(ldb, msg, tree->u.isnot.child, base, scope);
+ return ! ldb_match_message(ldb, msg, tree->u.isnot.child, scope);
case LDB_OP_EQUALITY:
- return ldb_match_equality(ldb, msg, tree, base, scope);
+ return ldb_match_equality(ldb, msg, tree, scope);
case LDB_OP_SUBSTRING:
- return ldb_match_substring(ldb, msg, tree, base, scope);
+ return ldb_match_substring(ldb, msg, tree, scope);
case LDB_OP_GREATER:
- return ldb_match_comparison(ldb, msg, tree, base, scope, LDB_OP_GREATER);
+ return ldb_match_comparison(ldb, msg, tree, scope, LDB_OP_GREATER);
case LDB_OP_LESS:
- return ldb_match_comparison(ldb, msg, tree, base, scope, LDB_OP_LESS);
+ return ldb_match_comparison(ldb, msg, tree, scope, LDB_OP_LESS);
case LDB_OP_PRESENT:
- return ldb_match_present(ldb, msg, tree, base, scope);
+ return ldb_match_present(ldb, msg, tree, scope);
case LDB_OP_APPROX:
- return ldb_match_comparison(ldb, msg, tree, base, scope, LDB_OP_APPROX);
+ return ldb_match_comparison(ldb, msg, tree, scope, LDB_OP_APPROX);
case LDB_OP_EXTENDED:
- return ldb_match_extended(ldb, msg, tree, base, scope);
+ return ldb_match_extended(ldb, msg, tree, scope);
}
int ldb_match_msg(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope)
{
if ( ! ldb_match_scope(ldb, base, msg->dn, scope) ) {
return 0;
}
- return ldb_match_message(ldb, msg, tree, base, scope);
+ return ldb_match_message(ldb, msg, tree, scope);
}
int ret;
const char * const attrs[] = { "@LIST" , NULL};
struct ldb_message **msg = NULL;
+ struct ldb_dn *mods;
- ret = ldb_search(ldb, "@MODULES", LDB_SCOPE_BASE, "", attrs, &msg);
+ mods = ldb_dn_explode(ldb, "@MODULES");
+ if (mods == NULL) {
+ return -1;
+ }
+
+ ret = ldb_search(ldb, mods, LDB_SCOPE_BASE, "", attrs, &msg);
+ talloc_free(mods);
if (ret == 0 || (ret == 1 && msg[0]->num_elements == 0)) {
ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db\n");
} else {
*/
int ldb_next_search(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
const char *expression,
const char * const *attrs, struct ldb_message ***res)
}
int ldb_next_search_bytree(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
return module->next->ops->modify_record(module->next, message);
}
-int ldb_next_delete_record(struct ldb_module *module, const char *dn)
+int ldb_next_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
if (!module->next) {
return -1;
return module->next->ops->delete_record(module->next, dn);
}
-int ldb_next_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+int ldb_next_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
if (!module->next) {
return -1;
return v->data;
}
-
/*
sort the elements of a message by name
*/
(comparison_fn_t)ldb_msg_element_compare_name);
}
-
-/*
- free a message created using ldb_msg_copy
-*/
-void ldb_msg_free(struct ldb_context *ldb, struct ldb_message *msg)
-{
- talloc_free(msg);
-}
-
/*
copy a message, allocating new memory for all parts
*/
-struct ldb_message *ldb_msg_copy(struct ldb_context *ldb,
+struct ldb_message *ldb_msg_copy(TALLOC_CTX *mem_ctx,
const struct ldb_message *msg)
{
struct ldb_message *msg2;
int i, j;
- msg2 = talloc(ldb, struct ldb_message);
+ msg2 = talloc(mem_ctx, struct ldb_message);
if (msg2 == NULL) return NULL;
msg2->elements = NULL;
msg2->num_elements = 0;
msg2->private_data = NULL;
- msg2->dn = talloc_strdup(msg2, msg->dn);
+ msg2->dn = ldb_dn_copy(msg2, msg->dn);
if (msg2->dn == NULL) goto failed;
msg2->elements = talloc_array(msg2, struct ldb_message_element, msg->num_elements);
if (el2->name == NULL) goto failed;
el2->values = talloc_array(msg2->elements, struct ldb_val, el1->num_values);
for (j=0;j<el1->num_values;j++) {
- el2->values[j] = ldb_val_dup(ldb, &el1->values[j]);
+ el2->values[j] = ldb_val_dup(el2->values, &el1->values[j]);
if (el2->values[j].data == NULL &&
el1->values[j].length != 0) {
goto failed;
}
- el2->values[j].data = talloc_steal(el2->values, el2->values[j].data);
el2->num_values++;
}
};
#endif
+/* internal ldb exploded dn structures */
+struct ldb_dn_component {
+ char *name;
+ struct ldb_val value;
+};
+struct ldb_dn {
+ int comp_num;
+ struct ldb_dn_component *components;
+};
+
/* these flags are used in ldd_message_element.flags fields. The
LDA_FLAGS_MOD_* flags are used in ldap_modify() calls to specify
whether attributes are being added, deleted or modified */
number of elements.
*/
struct ldb_message {
- char *dn;
+ struct ldb_dn *dn;
unsigned int num_elements;
struct ldb_message_element *elements;
void *private_data; /* private to the backend */
use talloc_free to free the ldb_message returned
*/
int ldb_search(struct ldb_context *ldb,
- const char *base,
+ const const struct ldb_dn *base,
enum ldb_scope scope,
const char *expression,
const char * const *attrs, struct ldb_message ***res);
like ldb_search() but takes a parse tree
*/
int ldb_search_bytree(struct ldb_context *ldb,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res);
/*
rename a record in the database
*/
-int ldb_rename(struct ldb_context *ldb, const char *olddn, const char *newdn);
+int ldb_rename(struct ldb_context *ldb, const struct ldb_dn *olddn, const struct ldb_dn *newdn);
/*
create a named lock
/*
delete a record from the database
*/
-int ldb_delete(struct ldb_context *ldb, const char *dn);
+int ldb_delete(struct ldb_context *ldb, const struct ldb_dn *dn);
/*
const struct ldb_attrib_handler *handlers,
unsigned num_handlers);
+/* The following definitions come from lib/ldb/common/ldb_dn.c */
+BOOL ldb_dn_is_special(const struct ldb_dn *dn);
+BOOL ldb_dn_check_special(const struct ldb_dn *dn, const char *check);
+char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value);
+struct ldb_dn *ldb_dn_new(void *mem_ctx);
+struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn);
+char *ldb_dn_linearize(void *mem_ctx, const struct ldb_dn *edn);
+char *ldb_dn_linearize_casefold(struct ldb_context *ldb, const struct ldb_dn *edn);
+int ldb_dn_compare_base(struct ldb_context *ldb, const struct ldb_dn *base, const struct ldb_dn *dn);
+int ldb_dn_compare(struct ldb_context *ldb, const struct ldb_dn *edn0, const struct ldb_dn *edn1);
+struct ldb_dn *ldb_dn_casefold(struct ldb_context *ldb, const struct ldb_dn *edn);
+struct ldb_dn *ldb_dn_explode_casefold(struct ldb_context *ldb, const char *dn);
+struct ldb_dn *ldb_dn_copy_partial(void *mem_ctx, const struct ldb_dn *dn, int num_el);
+struct ldb_dn *ldb_dn_copy(void *mem_ctx, const struct ldb_dn *dn);
+struct ldb_dn *ldb_dn_get_parent(void *mem_ctx, const struct ldb_dn *dn);
+struct ldb_dn_component *ldb_dn_build_component(void *mem_ctx, const char *attr,
+ const char *val);
+struct ldb_dn *ldb_dn_build_child(void *mem_ctx, const char *attr,
+ const char * value,
+ const struct ldb_dn *base);
+struct ldb_dn *ldb_dn_make_child(void *mem_ctx,
+ const struct ldb_dn_component *component,
+ const struct ldb_dn *base);
+struct ldb_dn *ldb_dn_compose(void *mem_ctx, const struct ldb_dn *dn1, const struct ldb_dn *dn2);
+struct ldb_dn *ldb_dn_compose_string_dn(void *mem_ctx, const char *dn1, const struct ldb_dn *dn2);
+struct ldb_dn_component *ldb_dn_get_rdn(void *mem_ctx, const struct ldb_dn *dn);
/* useful functions for ldb_message structure manipulation */
-
int ldb_dn_cmp(struct ldb_context *ldb, const char *dn1, const char *dn2);
int ldb_attr_cmp(const char *dn1, const char *dn2);
char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value);
-/* case-fold a DN */
-char *ldb_dn_fold(void * mem_ctx,
- const char * dn,
- void * user_data,
- int (* case_fold_attr_fn)(void * user_data, char * attr));
-
/* create an empty message */
struct ldb_message *ldb_msg_new(void *mem_ctx);
void ldb_msg_sort_elements(struct ldb_message *msg);
-void ldb_msg_free(struct ldb_context *ldb, struct ldb_message *msg);
-
-struct ldb_message *ldb_msg_copy(struct ldb_context *ldb,
+struct ldb_message *ldb_msg_copy(void *mem_ctx,
const struct ldb_message *msg);
struct ldb_message *ldb_msg_canonicalize(struct ldb_context *ldb,
*/
struct ldb_module_ops {
const char *name;
- int (*search)(struct ldb_module *, const char *, enum ldb_scope,
+ int (*search)(struct ldb_module *, const struct ldb_dn *, enum ldb_scope,
const char *, const char * const [], struct ldb_message ***);
- int (*search_bytree)(struct ldb_module *, const char *, enum ldb_scope,
+ int (*search_bytree)(struct ldb_module *, const struct ldb_dn *, enum ldb_scope,
struct ldb_parse_tree *, const char * const [], struct ldb_message ***);
int (*add_record)(struct ldb_module *, const struct ldb_message *);
int (*modify_record)(struct ldb_module *, const struct ldb_message *);
- int (*delete_record)(struct ldb_module *, const char *);
- int (*rename_record)(struct ldb_module *, const char *, const char *);
+ int (*delete_record)(struct ldb_module *, const struct ldb_dn *);
+ int (*rename_record)(struct ldb_module *, const struct ldb_dn *, const struct ldb_dn *);
int (*named_lock)(struct ldb_module *, const char *);
int (*named_unlock)(struct ldb_module *, const char *);
const char * (*errstring)(struct ldb_module *);
struct ldb_schema schema;
};
-/* internal ldb exploded dn structures */
-struct ldb_dn_component {
- char *name;
- struct ldb_val value;
-};
-struct ldb_dn {
- int comp_num;
- struct ldb_dn_component *components;
-};
-
/* the modules init function */
typedef struct ldb_module *(*ldb_module_init_function)(struct ldb_context *ldb, const char *options[]);
int ldb_load_modules(struct ldb_context *ldb, const char *options[]);
int ldb_next_search(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
const char *expression,
const char * const *attrs, struct ldb_message ***res);
int ldb_next_search_bytree(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res);
int ldb_next_add_record(struct ldb_module *module, const struct ldb_message *message);
int ldb_next_modify_record(struct ldb_module *module, const struct ldb_message *message);
-int ldb_next_delete_record(struct ldb_module *module, const char *dn);
-int ldb_next_rename_record(struct ldb_module *module, const char *olddn, const char *newdn);
+int ldb_next_delete_record(struct ldb_module *module, const struct ldb_dn *dn);
+int ldb_next_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn);
int ldb_next_named_lock(struct ldb_module *module, const char *lockname);
int ldb_next_named_unlock(struct ldb_module *module, const char *lockname);
const char *ldb_next_errstring(struct ldb_module *module);
struct ldb_module *rdn_name_module_init(struct ldb_context *ldb, const char *options[]);
-int ldb_match_msg(struct ldb_context *ldb,
+int ldb_match_msg(struct ldb_context *ldb,
struct ldb_message *msg,
struct ldb_parse_tree *tree,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope);
void ldb_remove_attrib_handler(struct ldb_context *ldb, const char *attrib);
unsigned num_handlers);
int ldb_setup_wellknown_attributes(struct ldb_context *ldb);
-
-/* The following definitions come from lib/ldb/common/ldb_dn.c */
-struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn);
-char *ldb_dn_linearize(void *mem_ctx, const struct ldb_dn *edn);
-int ldb_dn_compare_base(struct ldb_context *ldb, const struct ldb_dn *base, const struct ldb_dn *dn);
-int ldb_dn_compare(struct ldb_context *ldb, const struct ldb_dn *edn0, const struct ldb_dn *edn1);
-struct ldb_dn *ldb_dn_casefold(struct ldb_context *ldb, const struct ldb_dn *edn);
-struct ldb_dn *ldb_dn_explode_casefold(struct ldb_context *ldb, const char *dn);
-
/* The following definitions come from lib/ldb/common/ldb_attributes.c */
const char **ldb_subclass_list(struct ldb_context *ldb, const char *class);
void ldb_subclass_remove(struct ldb_context *ldb, const char *class);
/*
rename a record
*/
-static int ildb_rename(struct ldb_module *module, const char *olddn, const char *newdn)
+static int ildb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
+ TALLOC_CTX *local_ctx;
struct ildb_private *ildb = module->private_data;
int ret = 0;
- char *newrdn, *p;
- const char *parentdn = "";
+ char *old_dn;
+ char *newrdn, *parentdn;
/* ignore ltdb specials */
- if (olddn[0] == '@' ||newdn[0] == '@') {
+ if (ldb_dn_is_special(olddn) || ldb_dn_is_special(newdn)) {
return 0;
}
- newrdn = talloc_strdup(ildb, newdn);
- if (!newrdn) {
+ local_ctx = talloc_named(ildb, 0, "ildb_rename local context");
+ if (local_ctx == NULL) {
return -1;
}
- p = strchr(newrdn, ',');
- if (p) {
- *p++ = '\0';
- parentdn = p;
+ old_dn = ldb_dn_linearize(local_ctx, olddn);
+ if (old_dn == NULL) {
+ goto failed;
+ }
+
+ newrdn = talloc_asprintf(local_ctx, "%s=%s",
+ newdn->components[0].name,
+ ldb_dn_escape_value(ildb, newdn->components[0].value));
+ if (newrdn == NULL) {
+ goto failed;
+ }
+
+ parentdn = ldb_dn_linearize(local_ctx, ldb_dn_get_parent(ildb, newdn));
+ if (parentdn == NULL) {
+ goto failed;
}
- ildb->last_rc = ildap_rename(ildb->ldap, olddn, newrdn, parentdn, True);
+ ildb->last_rc = ildap_rename(ildb->ldap, old_dn, newrdn, parentdn, True);
if (!NT_STATUS_IS_OK(ildb->last_rc)) {
ret = -1;
}
- talloc_free(newrdn);
-
+ talloc_free(local_ctx);
return ret;
+
+failed:
+ talloc_free(local_ctx);
+ return -1;
}
/*
delete a record
*/
-static int ildb_delete(struct ldb_module *module, const char *dn)
+static int ildb_delete(struct ldb_module *module, const struct ldb_dn *dn)
{
struct ildb_private *ildb = module->private_data;
+ char *del_dn;
int ret = 0;
/* ignore ltdb specials */
- if (dn[0] == '@') {
+ if (ldb_dn_is_special(dn)) {
return 0;
}
- ildb->last_rc = ildap_delete(ildb->ldap, dn);
+ del_dn = ldb_dn_linearize(ildb, dn);
+
+ ildb->last_rc = ildap_delete(ildb->ldap, del_dn);
if (!NT_STATUS_IS_OK(ildb->last_rc)) {
ret = -1;
}
+ talloc_free(del_dn);
+
return ret;
}
/*
search for matching records
*/
-static int ildb_search(struct ldb_module *module, const char *base,
+static int ildb_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
struct ildb_private *ildb = module->private_data;
int count, i;
struct ldap_message **ldapres, *msg;
+ char *search_base;
if (scope == LDB_SCOPE_DEFAULT) {
scope = LDB_SCOPE_SUBTREE;
ildb_rootdse(module);
}
if (ildb->rootDSE != NULL) {
- base = ldb_msg_find_string(ildb->rootDSE,
- "defaultNamingContext", "");
+ search_base = talloc_strdup(ildb,
+ ldb_msg_find_string(ildb->rootDSE,
+ "defaultNamingContext", ""));
} else {
- base = "";
+ search_base = talloc_strdup(ildb, "");
}
+ } else {
+ search_base = ldb_dn_linearize(ildb, base);
+ }
+ if (search_base == NULL) {
+ return -1;
}
if (expression == NULL || expression[0] == '\0') {
expression = "objectClass=*";
}
- ildb->last_rc = ildap_search(ildb->ldap, base, scope, expression, attrs,
+ ildb->last_rc = ildap_search(ildb->ldap, search_base, scope, expression, attrs,
0, &ldapres);
+ talloc_free(search_base);
if (!NT_STATUS_IS_OK(ildb->last_rc)) {
return -1;
}
}
(*res)[i+1] = NULL;
- (*res)[i]->dn = talloc_steal((*res)[i], search->dn);
+ (*res)[i]->dn = ldb_dn_explode((*res)[i], search->dn);
+ if ((*res)[i]->dn == NULL) {
+ goto failed;
+ }
(*res)[i]->num_elements = search->num_attributes;
(*res)[i]->elements = talloc_steal((*res)[i], search->attributes);
(*res)[i]->private_data = NULL;
/*
search for matching records using a ldb_parse_tree
*/
-static int ildb_search_bytree(struct ldb_module *module, const char *base,
+static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
struct ldb_context *ldb = module->ldb;
struct ildb_private *ildb = module->private_data;
struct ldap_mod **mods;
+ char *dn;
int ret = 0;
/* ignore ltdb specials */
- if (msg->dn[0] == '@') {
+ if (ldb_dn_is_special(msg->dn)) {
return 0;
}
mods = ildb_msg_to_mods(ldb, msg, 0);
+ if (mods == NULL) {
+ return -1;
+ }
- ildb->last_rc = ildap_add(ildb->ldap, msg->dn, mods);
+ dn = ldb_dn_linearize(mods, msg->dn);
+ if (dn == NULL) {
+ talloc_free(mods);
+ return -1;
+ }
+
+ ildb->last_rc = ildap_add(ildb->ldap, dn, mods);
if (!NT_STATUS_IS_OK(ildb->last_rc)) {
ret = -1;
}
struct ldb_context *ldb = module->ldb;
struct ildb_private *ildb = module->private_data;
struct ldap_mod **mods;
+ char *dn;
int ret = 0;
/* ignore ltdb specials */
- if (msg->dn[0] == '@') {
+ if (ldb_dn_is_special(msg->dn)) {
return 0;
}
mods = ildb_msg_to_mods(ldb, msg, 1);
+ if (mods == NULL) {
+ return -1;
+ }
+
+ dn = ldb_dn_linearize(mods, msg->dn);
+ if (dn == NULL) {
+ talloc_free(mods);
+ return -1;
+ }
- ildb->last_rc = ildap_modify(ildb->ldap, msg->dn, mods);
+ ildb->last_rc = ildap_modify(ildb->ldap, dn, mods);
if (!NT_STATUS_IS_OK(ildb->last_rc)) {
ret = -1;
}
{
struct ildb_private *ildb = module->private_data;
struct ldb_message **res = NULL;
+ struct ldb_dn *empty_dn = ldb_dn_new(ildb);
int ret;
- ret = ildb_search(module, "", LDB_SCOPE_BASE, "dn=dc=rootDSE", NULL, &res);
+ ret = ildb_search(module, empty_dn, LDB_SCOPE_BASE, "dn=dc=rootDSE", NULL, &res);
if (ret == 1) {
ildb->rootDSE = talloc_steal(ildb, res[0]);
}
- talloc_free(res);
+ if (ret != -1) talloc_free(res);
+ talloc_free(empty_dn);
}
/*
rename a record
*/
-static int lldb_rename(struct ldb_module *module, const char *olddn, const char *newdn)
+static int lldb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
+ TALLOC_CTX *local_ctx;
struct lldb_private *lldb = module->private_data;
int ret = 0;
- char *newrdn, *p;
+ char *old_dn;
+ char *newrdn;
const char *parentdn = "";
/* ignore ltdb specials */
- if (olddn[0] == '@' ||newdn[0] == '@') {
+ if (ldb_dn_is_special(olddn) || ldb_dn_is_special(newdn)) {
return 0;
}
- newrdn = talloc_strdup(lldb, newdn);
- if (!newrdn) {
+ local_ctx = talloc_named(lldb, 0, "lldb_rename local context");
+ if (local_ctx == NULL) {
return -1;
}
- p = strchr(newrdn, ',');
- if (p) {
- *p++ = '\0';
- parentdn = p;
+ old_dn = ldb_dn_linearize(local_ctx, olddn);
+ if (old_dn == NULL) {
+ goto failed;
+ }
+
+ newrdn = talloc_asprintf(lldb, "%s=%s",
+ newdn->components[0].name,
+ ldb_dn_escape_value(lldb, newdn->components[0].value));
+ if (!newrdn) {
+ goto failed;
+ }
+
+ parentdn = ldb_dn_linearize(lldb, ldb_dn_get_parent(lldb, newdn));
+ if (!parentdn) {
+ goto failed;
}
- lldb->last_rc = ldap_rename_s(lldb->ldap, olddn, newrdn, parentdn, 1, NULL, NULL);
+ lldb->last_rc = ldap_rename_s(lldb->ldap, old_dn, newrdn, parentdn, 1, NULL, NULL);
if (lldb->last_rc != LDAP_SUCCESS) {
ret = -1;
}
- talloc_free(newrdn);
-
+ talloc_free(local_ctx);
return ret;
+
+failed:
+ talloc_free(local_ctx);
+ return -1;
}
/*
delete a record
*/
-static int lldb_delete(struct ldb_module *module, const char *dn)
+static int lldb_delete(struct ldb_module *module, const struct ldb_dn *edn)
{
struct lldb_private *lldb = module->private_data;
+ char *dn;
int ret = 0;
/* ignore ltdb specials */
- if (dn[0] == '@') {
+ if (ldb_dn_is_special(edn)) {
return 0;
}
-
+
+ dn = ldb_dn_linearize(lldb, edn);
+
lldb->last_rc = ldap_delete_s(lldb->ldap, dn);
if (lldb->last_rc != LDAP_SUCCESS) {
ret = -1;
}
+ talloc_free(dn);
return ret;
}
/*
search for matching records
*/
-static int lldb_search(struct ldb_module *module, const char *base,
+static int lldb_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
struct ldb_context *ldb = module->ldb;
struct lldb_private *lldb = module->private_data;
int count, msg_count;
+ char *search_base;
LDAPMessage *ldapres, *msg;
+ search_base = ldb_dn_linearize(ldb, base);
if (base == NULL) {
- base = "";
+ search_base = talloc_strdup(ldb, "");
+ }
+ if (search_base == NULL) {
+ return -1;
}
if (expression == NULL || expression[0] == '\0') {
expression = "objectClass=*";
}
- lldb->last_rc = ldap_search_s(lldb->ldap, base, (int)scope,
+ lldb->last_rc = ldap_search_s(lldb->ldap, search_base, (int)scope,
expression,
discard_const_p(char *, attrs),
0, &ldapres);
+ talloc_free(search_base);
if (lldb->last_rc != LDAP_SUCCESS) {
return -1;
}
goto failed;
}
- (*res)[msg_count]->dn = talloc_strdup((*res)[msg_count], dn);
+ (*res)[msg_count]->dn = ldb_dn_explode((*res)[msg_count], dn);
ldap_memfree(dn);
if (!(*res)[msg_count]->dn) {
goto failed;
/*
search for matching records using a ldb_parse_tree
*/
-static int lldb_search_bytree(struct ldb_module *module, const char *base,
+static int lldb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
struct ldb_context *ldb = module->ldb;
struct lldb_private *lldb = module->private_data;
LDAPMod **mods;
+ char *dn;
int ret = 0;
/* ignore ltdb specials */
- if (msg->dn[0] == '@') {
+ if (ldb_dn_is_special(msg->dn)) {
return 0;
}
mods = lldb_msg_to_mods(ldb, msg, 0);
+ if (mods == NULL) {
+ return -1;
+ }
- lldb->last_rc = ldap_add_s(lldb->ldap, msg->dn, mods);
+ dn = ldb_dn_linearize(mods, msg->dn);
+ if (dn == NULL) {
+ talloc_free(mods);
+ return -1;
+ }
+
+ lldb->last_rc = ldap_add_s(lldb->ldap, dn, mods);
if (lldb->last_rc != LDAP_SUCCESS) {
ret = -1;
}
struct ldb_context *ldb = module->ldb;
struct lldb_private *lldb = module->private_data;
LDAPMod **mods;
+ char *dn;
int ret = 0;
/* ignore ltdb specials */
- if (msg->dn[0] == '@') {
+ if (ldb_dn_is_special(msg->dn)) {
return 0;
}
mods = lldb_msg_to_mods(ldb, msg, 1);
+ if (mods == NULL) {
+ return -1;
+ }
+
+ dn = ldb_dn_linearize(mods, msg->dn);
+ if (dn == NULL) {
+ talloc_free(mods);
+ return -1;
+ }
- lldb->last_rc = ldap_modify_s(lldb->ldap, msg->dn, mods);
+ lldb->last_rc = ldap_modify_s(lldb->ldap, dn, mods);
if (lldb->last_rc != LDAP_SUCCESS) {
ret = -1;
}
{
struct ltdb_private *ltdb = module->private_data;
struct ldb_message *msg = ltdb->cache->attributes;
+ struct ldb_dn *dn;
int i;
- if (ltdb_search_dn1(module, LTDB_ATTRIBUTES, msg) == -1) {
+ dn = ldb_dn_explode(module->ldb, LTDB_ATTRIBUTES);
+ if (dn == NULL) goto failed;
+
+ if (ltdb_search_dn1(module, dn, msg) == -1) {
+ talloc_free(dn);
goto failed;
}
+ talloc_free(dn);
/* mapping these flags onto ldap 'syntaxes' isn't strictly correct,
but its close enough for now */
for (i=0;i<msg->num_elements;i++) {
{
struct ltdb_private *ltdb = module->private_data;
struct ldb_message *msg = ltdb->cache->subclasses;
+ struct ldb_dn *dn;
int i, j;
- if (ltdb_search_dn1(module, LTDB_SUBCLASSES, msg) == -1) {
+ dn = ldb_dn_explode(module->ldb, LTDB_SUBCLASSES);
+ if (dn == NULL) goto failed;
+
+ if (ltdb_search_dn1(module, dn, msg) == -1) {
+ talloc_free(dn);
goto failed;
}
+ talloc_free(dn);
for (i=0;i<msg->num_elements;i++) {
struct ldb_message_element *el = &msg->elements[i];
msg->num_elements = 1;
msg->elements = ⪙
- msg->dn = talloc_strdup(msg, LTDB_BASEINFO);
+ msg->dn = ldb_dn_explode(msg, LTDB_BASEINFO);
if (!msg->dn) {
goto failed;
}
int ltdb_cache_load(struct ldb_module *module)
{
struct ltdb_private *ltdb = module->private_data;
+ struct ldb_dn *baseinfo_dn = NULL;
+ struct ldb_dn *indexlist_dn = NULL;
double seq;
if (ltdb->cache == NULL) {
talloc_free(ltdb->cache->baseinfo);
ltdb->cache->baseinfo = talloc(ltdb->cache, struct ldb_message);
if (ltdb->cache->baseinfo == NULL) goto failed;
-
- if (ltdb_search_dn1(module, LTDB_BASEINFO, ltdb->cache->baseinfo) == -1) {
+
+ baseinfo_dn = ldb_dn_explode(module->ldb, LTDB_BASEINFO);
+ if (baseinfo_dn == NULL) goto failed;
+
+ if (ltdb_search_dn1(module, baseinfo_dn, ltdb->cache->baseinfo) == -1) {
goto failed;
}
if (ltdb_baseinfo_init(module) != 0) {
goto failed;
}
- if (ltdb_search_dn1(module, LTDB_BASEINFO, ltdb->cache->baseinfo) != 1) {
+ if (ltdb_search_dn1(module, baseinfo_dn, ltdb->cache->baseinfo) != 1) {
goto failed;
}
}
goto failed;
}
- if (ltdb_search_dn1(module, LTDB_INDEXLIST, ltdb->cache->indexlist) == -1) {
+ indexlist_dn = ldb_dn_explode(module->ldb, LTDB_INDEXLIST);
+ if (indexlist_dn == NULL) goto failed;
+
+ if (ltdb_search_dn1(module, indexlist_dn, ltdb->cache->indexlist) == -1) {
goto failed;
}
}
done:
+ talloc_free(baseinfo_dn);
+ talloc_free(indexlist_dn);
return 0;
failed:
+ talloc_free(baseinfo_dn);
+ talloc_free(indexlist_dn);
return -1;
}
msg->num_elements = 1;
msg->elements = ⪙
- msg->dn = talloc_strdup(msg, LTDB_BASEINFO);
+ msg->dn = ldb_dn_explode(msg, LTDB_BASEINFO);
+ if (msg->dn == NULL) {
+ talloc_free(msg);
+ errno = ENOMEM;
+ return -1;
+ }
el.name = talloc_strdup(msg, LTDB_SEQUENCE_NUMBER);
+ if (el.name == NULL) {
+ talloc_free(msg);
+ errno = ENOMEM;
+ return -1;
+ }
el.values = &val;
el.num_values = 1;
el.flags = LDB_FLAG_MOD_REPLACE;
return the dn key to be used for an index
caller frees
*/
-static char *ldb_dn_key(struct ldb_context *ldb,
+static struct ldb_dn *ldb_dn_key(struct ldb_context *ldb,
const char *attr, const struct ldb_val *value)
{
- char *ret = NULL;
+ struct ldb_dn *ret;
+ char *dn;
struct ldb_val v;
const struct ldb_attrib_handler *h;
char *attr_folded;
if (ldb_should_b64_encode(&v)) {
char *vstr = ldb_base64_encode(ldb, v.data, v.length);
if (!vstr) return NULL;
- ret = talloc_asprintf(ldb, "%s:%s::%s", LTDB_INDEX, attr_folded, vstr);
+ dn = talloc_asprintf(ldb, "%s:%s::%s", LTDB_INDEX, attr_folded, vstr);
talloc_free(vstr);
if (v.data != value->data) {
talloc_free(v.data);
}
talloc_free(attr_folded);
- return ret;
+ if (dn == NULL) return NULL;
+ goto done;
}
- ret = talloc_asprintf(ldb, "%s:%s:%.*s",
+ dn = talloc_asprintf(ldb, "%s:%s:%.*s",
LTDB_INDEX, attr_folded, (int)v.length, (char *)v.data);
if (v.data != value->data) {
}
talloc_free(attr_folded);
+done:
+ ret = ldb_dn_explode(ldb, dn);
+ talloc_free(dn);
return ret;
}
struct dn_list *list)
{
struct ldb_context *ldb = module->ldb;
- char *dn = NULL;
+ struct ldb_dn *dn;
int ret;
unsigned int i, j;
struct ldb_message *msg;
extracting just the given attributes
*/
static int ldb_index_filter(struct ldb_module *module, struct ldb_parse_tree *tree,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
const struct dn_list *dn_list,
const char * const attrs[], struct ldb_message ***res)
unsigned int i;
int count = 0;
- for (i=0;i<dn_list->count;i++) {
+ for (i = 0; i < dn_list->count; i++) {
struct ldb_message *msg;
+ struct ldb_dn *dn;
int ret;
msg = talloc(module, struct ldb_message);
return -1;
}
- ret = ltdb_search_dn1(module, dn_list->dn[i], msg);
+ dn = ldb_dn_explode(msg, dn_list->dn[i]);
+ if (dn == NULL) {
+ talloc_free(msg);
+ return -1;
+ }
+
+ ret = ltdb_search_dn1(module, dn, msg);
+ talloc_free(dn);
if (ret == 0) {
/* the record has disappeared? yes, this can happen */
talloc_free(msg);
case the caller should call ltdb_search_full()
*/
int ltdb_search_indexed(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const attrs[], struct ldb_message ***res)
{
struct ldb_context *ldb = module->ldb;
struct ldb_message *msg;
- char *dn_key;
+ struct ldb_dn *dn_key;
int ret;
unsigned int i;
- dn_key = ldb_dn_key(ldb, el->name, &el->values[v_idx]);
- if (!dn_key) {
+ msg = talloc(module, struct ldb_message);
+ if (msg == NULL) {
+ errno = ENOMEM;
return -1;
}
- msg = talloc(dn_key, struct ldb_message);
- if (msg == NULL) {
+ dn_key = ldb_dn_key(ldb, el->name, &el->values[v_idx]);
+ if (!dn_key) {
+ talloc_free(msg);
+ errno = ENOMEM;
return -1;
}
+ talloc_steal(msg, dn_key);
ret = ltdb_search_dn1(module, dn_key, msg);
if (ret == -1) {
- talloc_free(dn_key);
+ talloc_free(msg);
return -1;
}
if (ret == 0) {
- msg->dn = talloc_strdup(msg, dn_key);
- if (!msg->dn) {
- talloc_free(dn_key);
- errno = ENOMEM;
- return -1;
- }
+ msg->dn = dn_key;
msg->num_elements = 0;
msg->elements = NULL;
}
ret = ltdb_store(module, msg, TDB_REPLACE);
}
- talloc_free(dn_key);
+ talloc_free(msg);
return ret;
}
-/*
- add the index entries for a new record
- return -1 on failure
-*/
-int ltdb_index_add(struct ldb_module *module, const struct ldb_message *msg)
+static int ltdb_index_add0(struct ldb_module *module, char *dn,
+ struct ldb_message_element *elements, int num_el)
{
struct ltdb_private *ltdb = module->private_data;
int ret;
unsigned int i, j;
- if (msg->dn[0] == '@') {
+ if (dn[0] == '@') {
return 0;
}
return 0;
}
- for (i=0;i<msg->num_elements;i++) {
- ret = ldb_msg_find_idx(ltdb->cache->indexlist, msg->elements[i].name,
+ for (i = 0; i < num_el; i++) {
+ ret = ldb_msg_find_idx(ltdb->cache->indexlist, elements[i].name,
NULL, LTDB_IDXATTR);
if (ret == -1) {
continue;
}
- for (j=0;j<msg->elements[i].num_values;j++) {
- ret = ltdb_index_add1(module, msg->dn, &msg->elements[i], j);
+ for (j = 0; j < elements[i].num_values; j++) {
+ ret = ltdb_index_add1(module, dn, &elements[i], j);
if (ret == -1) {
+ talloc_free(dn);
return -1;
}
}
return 0;
}
+/*
+ add the index entries for a new record
+ return -1 on failure
+*/
+int ltdb_index_add(struct ldb_module *module, const struct ldb_message *msg)
+{
+ struct ltdb_private *ltdb = module->private_data;
+ char *dn;
+ int ret;
+
+ dn = ldb_dn_linearize(ltdb, msg->dn);
+ if (dn == NULL) {
+ return -1;
+ }
+
+ ret = ltdb_index_add0(module, dn, msg->elements, msg->num_elements);
+
+ talloc_free(dn);
+
+ return ret;
+}
+
/*
delete an index entry for one message element
{
struct ldb_context *ldb = module->ldb;
struct ldb_message *msg;
- char *dn_key;
+ struct ldb_dn *dn_key;
int ret, i;
unsigned int j;
i = ldb_msg_find_idx(msg, dn, &j, LTDB_IDX);
if (i == -1) {
- ldb_debug(ldb, LDB_DEBUG_ERROR, "ERROR: dn %s not found in %s\n", dn, dn_key);
+ ldb_debug(ldb, LDB_DEBUG_ERROR,
+ "ERROR: dn %s not found in %s\n", dn,
+ ldb_dn_linearize(dn_key, dn_key));
/* it ain't there. hmmm */
talloc_free(dn_key);
return 0;
{
struct ltdb_private *ltdb = module->private_data;
int ret;
+ char *dn;
unsigned int i, j;
- if (msg->dn[0] == '@') {
+ if (ldb_dn_is_special(msg->dn)) {
return 0;
}
+ dn = ldb_dn_linearize(ltdb, msg->dn);
+ if (dn == NULL) {
+ return -1;
+ }
+
/* find the list of indexed fields */
if (ltdb->cache->indexlist->num_elements == 0) {
/* no indexed fields */
return 0;
}
- for (i=0;i<msg->num_elements;i++) {
+ for (i = 0; i < msg->num_elements; i++) {
ret = ldb_msg_find_idx(ltdb->cache->indexlist, msg->elements[i].name,
NULL, LTDB_IDXATTR);
if (ret == -1) {
continue;
}
- for (j=0;j<msg->elements[i].num_values;j++) {
- ret = ltdb_index_del_value(module, msg->dn, &msg->elements[i], j);
+ for (j = 0; j < msg->elements[i].num_values; j++) {
+ ret = ltdb_index_del_value(module, dn, &msg->elements[i], j);
if (ret == -1) {
+ talloc_free(dn);
return -1;
}
}
}
+ talloc_free(dn);
return 0;
}
{
struct ldb_module *module = state;
struct ldb_message *msg;
+ char *dn = NULL;
int ret;
TDB_DATA key2;
key2 = ltdb_key(module, msg->dn);
if (key2.dptr == NULL) {
/* probably a corrupt record ... darn */
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Invalid DN in re_index: %s\n", msg->dn);
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Invalid DN in re_index: %s\n",
+ ldb_dn_linearize(msg, msg->dn));
+ talloc_free(msg);
return 0;
}
if (strcmp(key2.dptr, key.dptr) != 0) {
}
talloc_free(key2.dptr);
- if (!msg->dn) {
- msg->dn = key.dptr+3;
+ if (msg->dn == NULL) {
+ dn = key.dptr + 3;
+ } else {
+ dn = ldb_dn_linearize(msg->dn, msg->dn);
}
- ret = ltdb_index_add(module, msg);
+ ret = ltdb_index_add0(module, dn, msg->elements, msg->num_elements);
talloc_free(msg);
struct ldb_context *ldb = module->ldb;
unsigned int i, j, real_elements=0;
size_t size;
+ char *dn;
char *p;
size_t len;
+ dn = ldb_dn_linearize(ldb, message->dn);
+ if (dn == NULL) {
+ errno = ENOMEM;
+ return -1;
+ }
+
for (i=0;i<message->num_elements;i++) {
if (message->elements[i].num_values != 0) {
real_elements++;
/* work out how big it needs to be */
size = 8;
- size += 1 + strlen(message->dn);
+ size += 1 + strlen(dn);
for (i=0;i<message->num_elements;i++) {
if (message->elements[i].num_values == 0) {
/* allocate it */
data->dptr = talloc_array(ldb, char, size);
if (!data->dptr) {
+ talloc_free(dn);
errno = ENOMEM;
return -1;
}
/* the dn needs to be packed so we can be case preserving
while hashing on a case folded dn */
- len = strlen(message->dn);
- memcpy(p, message->dn, len+1);
+ len = strlen(dn);
+ memcpy(p, dn, len+1);
p += len + 1;
for (i=0;i<message->num_elements;i++) {
}
}
+ talloc_free(dn);
return 0;
}
errno = EIO;
goto failed;
}
- message->dn = p;
+ message->dn = ldb_dn_explode(message, p);
+ if (message->dn == NULL) {
+ errno = ENOMEM;
+ goto failed;
+ }
remaining -= len + 1;
p += len + 1;
break;
for (i=0;i<msg->num_elements;i++) {
const struct ldb_attrib_handler *h;
h = ldb_attrib_handler(ldb, msg->elements[i].name);
- if ((msg->dn[0] != '@') && (h->flags & LDB_ATTR_FLAG_HIDDEN)) {
+ if (ldb_dn_is_special(msg->dn) && (h->flags & LDB_ATTR_FLAG_HIDDEN)) {
continue;
}
if (msg_add_element(ldb, ret, &msg->elements[i]) != 0) {
return NULL;
}
- ret->dn = talloc_strdup(ret, msg->dn);
+ ret->dn = ldb_dn_copy(ret, msg->dn);
if (!ret->dn) {
talloc_free(ret);
return NULL;
}
el2.num_values = 1;
el2.values = &val;
- val.data = ret->dn;
- val.length = strlen(ret->dn);
+ val.data = ldb_dn_linearize(ret, ret->dn);
+ val.length = strlen(val.data);
if (msg_add_element(ldb, ret, &el2) != 0) {
talloc_free(ret);
return 1 on success, 0 on record-not-found and -1 on error
*/
-int ltdb_search_dn1(struct ldb_module *module, const char *dn, struct ldb_message *msg)
+int ltdb_search_dn1(struct ldb_module *module, const struct ldb_dn *dn, struct ldb_message *msg)
{
struct ltdb_private *ltdb = module->private_data;
int ret;
}
if (!msg->dn) {
- msg->dn = talloc_strdup(tdb_data2.dptr, dn);
+ msg->dn = ldb_dn_copy(tdb_data2.dptr, dn);
}
if (!msg->dn) {
talloc_free(tdb_data2.dptr);
/*
search the database for a single simple dn
*/
-static int ltdb_search_dn(struct ldb_module *module, const char *dn,
+static int ltdb_search_dn(struct ldb_module *module, const struct ldb_dn *dn,
const char * const attrs[], struct ldb_message ***res)
{
struct ldb_context *ldb = module->ldb;
struct ltdb_search_info {
struct ldb_module *module;
struct ldb_parse_tree *tree;
- const char *base;
+ const struct ldb_dn *base;
enum ldb_scope scope;
const char * const *attrs;
struct ldb_message **msgs;
}
if (!msg->dn) {
- msg->dn = key.dptr + 3;
+ msg->dn = ldb_dn_explode(msg, key.dptr + 3);
+ if (msg->dn == NULL) {
+ talloc_free(msg);
+ return -1;
+ }
}
/* see if it matches the given expression */
this is the "full search" non-indexed variant
*/
static int ltdb_search_full(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const attrs[], struct ldb_message ***res)
search the database with a LDAP-like expression.
choses a search method
*/
-int ltdb_search_bytree(struct ldb_module *module, const char *base,
+int ltdb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const attrs[], struct ldb_message ***res)
{
if (tree->operation == LDB_OP_EQUALITY &&
(ldb_attr_cmp(tree->u.equality.attr, "dn") == 0 ||
ldb_attr_cmp(tree->u.equality.attr, "distinguishedName") == 0)) {
- return ltdb_search_dn(module, tree->u.equality.value.data, attrs, res);
+ struct ldb_dn *dn;
+ dn = ldb_dn_explode(module->ldb, tree->u.equality.value.data);
+ if (dn == NULL) {
+ return -1;
+ }
+ ret = ltdb_search_dn(module, dn, attrs, res);
+ talloc_free(dn);
+ return ret;
}
if (ltdb_lock_read(module) != 0) {
search the database with a LDAP-like expression.
choses a search method
*/
-int ltdb_search(struct ldb_module *module, const char *base,
+int ltdb_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const attrs[], struct ldb_message ***res)
{
note that the key for a record can depend on whether the
dn refers to a case sensitive index record or not
*/
-struct TDB_DATA ltdb_key(struct ldb_module *module, const char *dn)
+struct TDB_DATA ltdb_key(struct ldb_module *module, const struct ldb_dn *dn)
{
struct ldb_context *ldb = module->ldb;
TDB_DATA key;
char *key_str = NULL;
char *dn_folded = NULL;
- struct ldb_dn *edn = NULL;
- struct ldb_dn *cedn = NULL;
/*
most DNs are case insensitive. The exception is index DNs for
2) if the dn starts with @ then leave it alone - the indexing code handles
the rest
*/
- if (*dn == '@') {
- dn_folded = talloc_strdup(ldb, dn);
- } else {
- edn = ldb_dn_explode(ldb, dn);
- if (!edn)
- goto failed;
-
- cedn = ldb_dn_casefold(ldb, edn);
- if (!cedn)
- goto failed;
-
- dn_folded = ldb_dn_linearize(ldb, cedn);
- if (!dn_folded)
- goto failed;
- talloc_free(edn);
- talloc_free(cedn);
+ dn_folded = ldb_dn_linearize_casefold(ldb, dn);
+ if (!dn_folded) {
+ goto failed;
}
key_str = talloc_asprintf(ldb, "DN=%s", dn_folded);
+
talloc_free(dn_folded);
if (!key_str) {
return key;
failed:
- talloc_free(edn);
- talloc_free(cedn);
errno = ENOMEM;
key.dptr = NULL;
key.dsize = 0;
static int ltdb_lock(struct ldb_module *module, const char *lockname)
{
struct ltdb_private *ltdb = module->private_data;
- char *lock_dn;
+ struct ldb_dn *lock_dn;
+ char *ldn;
TDB_DATA key;
int ret;
return -1;
}
- lock_dn = talloc_asprintf(module->ldb, "%s_%s", LDBLOCK, lockname);
+ ldn = talloc_asprintf(module->ldb, "%s_%s", LDBLOCK, lockname);
+ if (ldn == NULL) {
+ return -1;
+ }
+
+ lock_dn = ldb_dn_explode(module->ldb, ldn);
if (lock_dn == NULL) {
+ talloc_free(ldn);
return -1;
}
+ talloc_free(ldn);
key = ltdb_key(module, lock_dn);
if (!key.dptr) {
static int ltdb_unlock(struct ldb_module *module, const char *lockname)
{
struct ltdb_private *ltdb = module->private_data;
- char *lock_dn;
+ struct ldb_dn *lock_dn;
+ char *ldn;
TDB_DATA key;
if (lockname == NULL) {
return -1;
}
- lock_dn = talloc_asprintf(module->ldb, "%s_%s", LDBLOCK, lockname);
+ ldn = talloc_asprintf(module->ldb, "%s_%s", LDBLOCK, lockname);
+ if (ldn == NULL) {
+ return -1;
+ }
+
+ lock_dn = ldb_dn_explode(module->ldb, ldn);
if (lock_dn == NULL) {
+ talloc_free(ldn);
return -1;
}
+ talloc_free(ldn);
key = ltdb_key(module, lock_dn);
if (!key.dptr) {
{
struct ltdb_private *ltdb = module->private_data;
TDB_DATA key;
+ struct ldb_dn *lock_dn;
int ret;
- key = ltdb_key(module, LDBLOCK);
+
+ lock_dn = ldb_dn_explode(module, LDBLOCK);
+ if (lock_dn == NULL) {
+ return -1;
+ }
+
+ key = ltdb_key(module, lock_dn);
if (!key.dptr) {
+ talloc_free(lock_dn);
return -1;
}
+ talloc_free(lock_dn);
+
ret = tdb_chainlock_read(ltdb->tdb, key);
talloc_free(key.dptr);
return ret;
int ltdb_unlock_read(struct ldb_module *module)
{
struct ltdb_private *ltdb = module->private_data;
+ struct ldb_dn *lock_dn;
TDB_DATA key;
- key = ltdb_key(module, LDBLOCK);
+
+ lock_dn = ldb_dn_explode(module, LDBLOCK);
+ if (lock_dn == NULL) {
+ return -1;
+ }
+
+ key = ltdb_key(module, lock_dn);
if (!key.dptr) {
+ talloc_free(lock_dn);
return -1;
}
+ talloc_free(lock_dn);
+
tdb_chainunlock_read(ltdb->tdb, key);
talloc_free(key.dptr);
return 0;
{
struct ltdb_private *ltdb = module->private_data;
int i, j;
-
- if (strcmp(msg->dn, LTDB_ATTRIBUTES) != 0) {
+
+ if (! ldb_dn_is_special(msg->dn) ||
+ ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
return 0;
}
we've made a modification to a dn - possibly reindex and
update sequence number
*/
-static int ltdb_modified(struct ldb_module *module, const char *dn)
+static int ltdb_modified(struct ldb_module *module, const struct ldb_dn *dn)
{
int ret = 0;
- if (strcmp(dn, LTDB_INDEXLIST) == 0 ||
- strcmp(dn, LTDB_ATTRIBUTES) == 0) {
+ if (ldb_dn_is_special(dn) &&
+ (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
+ ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
ret = ltdb_reindex(module);
}
if (ret == 0 &&
- strcmp(dn, LTDB_BASEINFO) != 0) {
+ !(ldb_dn_is_special(dn) &&
+ ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
ret = ltdb_increase_sequence_number(module);
}
delete a record from the database, not updating indexes (used for deleting
index records)
*/
-int ltdb_delete_noindex(struct ldb_module *module, const char *dn)
+int ltdb_delete_noindex(struct ldb_module *module, const struct ldb_dn *dn)
{
struct ltdb_private *ltdb = module->private_data;
TDB_DATA tdb_key;
/*
delete a record from the database
*/
-static int ltdb_delete(struct ldb_module *module, const char *dn)
+static int ltdb_delete(struct ldb_module *module, const struct ldb_dn *dn)
{
struct ltdb_private *ltdb = module->private_data;
int ret;
struct ldb_context *ldb,
struct ldb_message *msg, const char *name)
{
+ char *dn;
unsigned int i, j;
+ dn = ldb_dn_linearize(ldb, msg->dn);
+ if (dn == NULL) {
+ return -1;
+ }
+
for (i=0;i<msg->num_elements;i++) {
if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
for (j=0;j<msg->elements[i].num_values;j++) {
- ltdb_index_del_value(module, msg->dn, &msg->elements[i], j);
+ ltdb_index_del_value(module, dn, &msg->elements[i], j);
}
talloc_free(msg->elements[i].values);
if (msg->num_elements > (i+1)) {
}
}
+ talloc_free(dn);
return 0;
}
struct ldb_message_element *el = &msg->elements[i];
struct ldb_message_element *el2;
struct ldb_val *vals;
+ char *dn;
switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
break;
case LDB_FLAG_MOD_DELETE:
+
+ dn = ldb_dn_linearize(msg2, msg->dn);
+ if (dn == NULL) goto failed;
+
/* we could be being asked to delete all
values or just some values */
if (msg->elements[i].num_values == 0) {
ltdb->last_err_string = "No such attribute";
goto failed;
}
- if (ltdb_index_del_value(module, msg->dn, &msg->elements[i], j) != 0) {
+ if (ltdb_index_del_value(module, dn, &msg->elements[i], j) != 0) {
goto failed;
}
}
/*
rename a record
*/
-static int ltdb_rename(struct ldb_module *module, const char *olddn, const char *newdn)
+static int ltdb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
struct ltdb_private *ltdb = module->private_data;
int ret;
goto failed;
}
- msg->dn = talloc_strdup(msg, newdn);
+ msg->dn = ldb_dn_copy(msg, newdn);
if (!msg->dn) {
goto failed;
}
struct ldb_parse_tree;
int ltdb_search_indexed(struct ldb_module *module,
- const char *base,
+ const struct ldb_dn *base,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const attrs[], struct ldb_message ***res);
int ltdb_has_wildcard(struct ldb_module *module, const char *attr_name,
const struct ldb_val *val);
void ltdb_search_dn1_free(struct ldb_module *module, struct ldb_message *msg);
-int ltdb_search_dn1(struct ldb_module *module, const char *dn, struct ldb_message *msg);
+int ltdb_search_dn1(struct ldb_module *module, const struct ldb_dn *dn, struct ldb_message *msg);
int ltdb_add_attr_results(struct ldb_module *module, struct ldb_message *msg,
const char * const attrs[],
int *count,
struct ldb_message ***res);
-int ltdb_search(struct ldb_module *module, const char *base,
+int ltdb_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const attrs[], struct ldb_message ***res);
-int ltdb_search_bytree(struct ldb_module *module, const char *base,
+int ltdb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const attrs[], struct ldb_message ***res);
/* The following definitions come from lib/ldb/ldb_tdb/ldb_tdb.c */
-struct TDB_DATA ltdb_key(struct ldb_module *module, const char *dn);
+struct TDB_DATA ltdb_key(struct ldb_module *module, const struct ldb_dn *dn);
int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs);
-int ltdb_delete_noindex(struct ldb_module *module, const char *dn);
+int ltdb_delete_noindex(struct ldb_module *module, const struct ldb_dn *dn);
int ltdb_modify_internal(struct ldb_module *module, const struct ldb_message *msg);
int ltdb_lock_read(struct ldb_module *module);
int ltdb_unlock_read(struct ldb_module *module);
const char *error_string;
};
-static int rdn_name_search(struct ldb_module *module, const char *base,
+static int rdn_name_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
return ldb_next_search(module, base, scope, expression, attrs, res);
}
-static int rdn_name_search_bytree(struct ldb_module *module, const char *base,
+static int rdn_name_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
return NULL;
}
-static struct ldb_dn_component *get_rdn(void *mem_ctx, const char *dn)
-{
- struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn);
-
- if (!dn_exploded) {
- return NULL;
- }
-
- if (dn_exploded->comp_num < 1) {
- return NULL;
- }
-
- return &dn_exploded->components[0];
-}
-
/* add_record: add crateTimestamp/modifyTimestamp attributes */
static int rdn_name_add_record(struct ldb_module *module, const struct ldb_message *msg)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_add_record\n");
- if (msg->dn[0] == '@') { /* do not manipulate our control entries */
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
return ldb_next_add_record(module, msg);
}
msg2->elements[i] = msg->elements[i];
}
- rdn = get_rdn(msg2, msg2->dn);
+ rdn = ldb_dn_get_rdn(msg2, msg2->dn);
if (!rdn) {
+ talloc_free(msg2);
return -1;
}
if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) {
+ talloc_free(msg2);
return -1;
}
if (!attribute) {
if (ldb_msg_add_value(module->ldb, msg2, rdn->name, &rdn->value) != 0) {
+ talloc_free(msg2);
return -1;
}
} else {
}
}
if (i == attribute->num_values) {
- data->error_string = talloc_asprintf(data, "RDN mismatch on %s: %s", msg2->dn, rdn->name);
+ data->error_string = talloc_asprintf(data, "RDN mismatch on %s: %s", ldb_dn_linearize(msg2, msg2->dn), rdn->name);
ldb_debug(module->ldb, LDB_DEBUG_FATAL, "%s\n", data->error_string);
+ talloc_free(msg2);
return -1;
}
}
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_modify_record\n");
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
+ return ldb_next_add_record(module, msg);
+ }
+
/* Perhaps someone above us knows better */
if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) {
return ldb_next_add_record(module, msg);
msg2->elements[i] = msg->elements[i];
}
- rdn = get_rdn(msg2, msg2->dn);
+ rdn = ldb_dn_get_rdn(msg2, msg2->dn);
if (!rdn) {
+ talloc_free(msg2);
return -1;
}
if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) {
+ talloc_free(msg2);
return -1;
}
attribute = rdn_name_find_attribute(msg2, "name");
if (!attribute) {
+ talloc_free(msg2);
return -1;
}
return ret;
}
-static int rdn_name_delete_record(struct ldb_module *module, const char *dn)
+static int rdn_name_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_delete_record\n");
return ldb_next_delete_record(module, dn);
}
-static int rdn_name_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int rdn_name_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_rename_record\n");
return ldb_next_rename_record(module, olddn, newdn);
/*
ldb database library
- Copyright (C) Simo Sorce 2004
+ Copyright (C) Simo Sorce 2004-2005
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
struct schema_attribute_list optional_attrs;
};
-/* This function embedds the knowledge of aliased names.
- Currently it handles only dn vs distinguishedNAme as a special case as AD
- only have this special alias case, in future we should read the schema
- to find out which names have an alias and check for them */
-static int schema_attr_cmp(const char *attr1, const char *attr2)
-{
- int ret;
-
- ret = ldb_attr_cmp(attr1, attr2);
- if (ret != 0) {
- if ((ldb_attr_cmp("dn", attr1) == 0) &&
- (ldb_attr_cmp("distinguishedName", attr2) == 0)) {
- return 0;
- }
- if ((ldb_attr_cmp("dn", attr2) == 0) &&
- (ldb_attr_cmp("distinguishedName", attr1) == 0)) {
- return 0;
- }
- }
- return ret;
-}
-
static struct schema_attribute *schema_find_attribute(struct schema_attribute_list *list, const char *attr_name)
{
unsigned int i;
objectclasses go in the objectclasses structure */
static int get_msg_attributes(struct schema_structures *ss, const struct ldb_message *msg, int flag_mask)
{
- int i, j, k, l;
+ int i, j, anum, cnum;
ss->entry_attrs.attr = talloc_realloc(ss, ss->entry_attrs.attr,
struct schema_attribute,
return -1;
}
- for (i = 0, j = ss->entry_attrs.num; i < msg->num_elements; i++) {
+ for (i = 0, anum = ss->entry_attrs.num; i < msg->num_elements; i++) {
- if (schema_attr_cmp(msg->elements[i].name, "objectclass") == 0) {
+ if (ldb_attr_cmp(msg->elements[i].name, "objectclass") == 0) {
ss->objectclasses.attr = talloc_realloc(ss, ss->objectclasses.attr,
struct schema_attribute,
return -1;
}
- for (k = 0, l = ss->objectclasses.num; k < msg->elements[i].num_values; k++) {
- ss->objectclasses.attr[l].name = msg->elements[i].values[k].data;
- ss->objectclasses.attr[l].flags = msg->elements[i].flags & flag_mask;
- l++;
+ for (j = 0, cnum = ss->objectclasses.num; j < msg->elements[i].num_values; j++) {
+ ss->objectclasses.attr[cnum+j].name = msg->elements[i].values[j].data;
+ ss->objectclasses.attr[cnum+j].flags = msg->elements[i].flags & flag_mask;
}
ss->objectclasses.num += msg->elements[i].num_values;
}
- ss->entry_attrs.attr[j].flags = msg->elements[i].flags & flag_mask;
- ss->entry_attrs.attr[j].name = talloc_reference(ss->entry_attrs.attr,
+ /* TODO: Check for proper attribute Syntax ! */
+
+ ss->entry_attrs.attr[anum+i].flags = msg->elements[i].flags & flag_mask;
+ ss->entry_attrs.attr[anum+i].name = talloc_reference(ss->entry_attrs.attr,
msg->elements[i].name);
- if (ss->entry_attrs.attr[j].name == NULL) {
+ if (ss->entry_attrs.attr[anum+i].name == NULL) {
return -1;
}
- j++;
}
ss->entry_attrs.num += msg->num_elements;
return 0;
}
-static int get_entry_attributes(struct ldb_context *ldb, const char *dn, struct schema_structures *ss)
+static int get_entry_attributes(struct ldb_context *ldb, const struct ldb_dn *dn, struct schema_structures *ss)
{
- char *filter = talloc_asprintf(ss, "dn=%s", dn);
struct ldb_message **srch;
int ret;
- ret = ldb_search(ldb, NULL, LDB_SCOPE_SUBTREE, filter, NULL, &srch);
+ ret = ldb_search(ldb, dn, LDB_SCOPE_BASE, NULL, NULL, &srch);
if (ret != 1) {
return ret;
}
for (c = 0; c < list->num; c++) {
len = strlen(list->attr[c].name);
if (len == el->values[i].length) {
- if (schema_attr_cmp(list->attr[c].name, el->values[i].data) == 0) {
+ if (ldb_attr_cmp(list->attr[c].name, el->values[i].data) == 0) {
found = 1;
break;
}
is_aux = 0;
is_class = 0;
- if (schema_attr_cmp((*srch)->elements[j].name, "systemAuxiliaryclass") == 0) {
+ if (ldb_attr_cmp((*srch)->elements[j].name, "systemAuxiliaryclass") == 0) {
is_aux = SCHEMA_FLAG_AUXILIARY;
is_class = 1;
}
- if (schema_attr_cmp((*srch)->elements[j].name, "subClassOf") == 0) {
+ if (ldb_attr_cmp((*srch)->elements[j].name, "auxiliaryClass") == 0) {
+ is_aux = SCHEMA_FLAG_AUXILIARY;
+ is_class = 1;
+ }
+ if (ldb_attr_cmp((*srch)->elements[j].name, "subClassOf") == 0) {
is_class = 1;
}
}
} else {
- if (schema_attr_cmp((*srch)->elements[j].name, "mustContain") == 0 ||
- schema_attr_cmp((*srch)->elements[j].name, "SystemMustContain") == 0) {
+ if (ldb_attr_cmp((*srch)->elements[j].name, "mustContain") == 0 ||
+ ldb_attr_cmp((*srch)->elements[j].name, "SystemMustContain") == 0) {
if (add_attribute_uniq(schema_struct,
&schema_struct->required_attrs,
SCHEMA_FLAG_RESET,
}
}
- if (schema_attr_cmp((*srch)->elements[j].name, "mayContain") == 0 ||
- schema_attr_cmp((*srch)->elements[j].name, "SystemMayContain") == 0) {
+ if (ldb_attr_cmp((*srch)->elements[j].name, "mayContain") == 0 ||
+ ldb_attr_cmp((*srch)->elements[j].name, "SystemMayContain") == 0) {
if (add_attribute_uniq(schema_struct,
&schema_struct->optional_attrs,
}
/* search */
-static int schema_search(struct ldb_module *module, const char *base,
+static int schema_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
return ldb_next_search(module, base, scope, expression, attrs, res);
}
-static int schema_search_bytree(struct ldb_module *module, const char *base,
+static int schema_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
Free all structures and commit the change
*/
- if (msg->dn[0] == '@') { /* do not check on our control entries */
+ /* do not check on our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
return ldb_next_add_record(module, msg);
}
+ /* TODO: check parent exists */
+
entry_structs = talloc_zero(module, struct schema_structures);
if (!entry_structs) {
return -1;
Free all structures and commit the change.
*/
- if (msg->dn[0] == '@') { /* do not check on our control entries */
- return ldb_next_modify_record(module, msg);
+ /* do not check on our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
+ return ldb_next_add_record(module, msg);
}
/* allocate object structs */
}
/* delete_record */
-static int schema_delete_record(struct ldb_module *module, const char *dn)
+static int schema_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
/* struct private_data *data = (struct private_data *)module->private_data; */
return ldb_next_delete_record(module, dn);
}
/* rename_record */
-static int schema_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int schema_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
return ldb_next_rename_record(module, olddn, newdn);
}
};
/* search */
-static int skel_search(struct ldb_module *module, const char *base,
+static int skel_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
}
/* delete_record */
-static int skel_delete_record(struct ldb_module *module, const char *dn)
+static int skel_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
return ldb_next_delete_record(module, dn);
}
/* rename_record */
-static int skel_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int skel_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
return ldb_next_rename_record(module, olddn, newdn);
}
const char *error_string;
};
-static int timestamps_search(struct ldb_module *module, const char *base,
+static int timestamps_search(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, const char *expression,
const char * const *attrs, struct ldb_message ***res)
{
return ldb_next_search(module, base, scope, expression, attrs, res);
}
-static int timestamps_search_bytree(struct ldb_module *module, const char *base,
+static int timestamps_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
enum ldb_scope scope, struct ldb_parse_tree *tree,
const char * const *attrs, struct ldb_message ***res)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "timestamps_add_record\n");
- if (msg->dn[0] == '@') { /* do not manipulate our control entries */
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
return ldb_next_add_record(module, msg);
}
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "timestamps_modify_record\n");
- if (msg->dn[0] == '@') { /* do not manipulate our control entries */
- return ldb_next_modify_record(module, msg);
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(msg->dn)) {
+ return ldb_next_add_record(module, msg);
}
timeval = time(NULL);
return ret;
}
-static int timestamps_delete_record(struct ldb_module *module, const char *dn)
+static int timestamps_delete_record(struct ldb_module *module, const struct ldb_dn *dn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "timestamps_delete_record\n");
return ldb_next_delete_record(module, dn);
}
-static int timestamps_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+static int timestamps_rename_record(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
{
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "timestamps_rename_record\n");
return ldb_next_rename_record(module, olddn, newdn);
{ "all", 'a', POPT_ARG_NONE, &options.all_records, 0, "dn=*", NULL },
{ "sorted", 'S', POPT_ARG_NONE, &options.sorted, 0, "sort attributes", NULL },
{ "sasl-mechanism", 0, POPT_ARG_STRING, &options.sasl_mechanism, 0, "choose SASL mechanism", "MECHANISM" },
+ { "input", 'I', POPT_ARG_STRING, &options.input, 0, "Input File", "Input" },
+ { "output", 'O', POPT_ARG_STRING, &options.output, 0, "Output File", "Output" },
{ NULL, 'o', POPT_ARG_STRING, NULL, 'o', "ldb_connect option", "OPTION" },
#ifdef _SAMBA_BUILD_
POPT_COMMON_SAMBA
*ret = options;
/* all utils need some option */
- if (ret->url == NULL) {
- fprintf(stderr, "You must supply a url with -H or with $LDB_URL\n");
- if (usage) usage();
- goto failed;
- }
+ if (ldb) {
+ if (ret->url == NULL) {
+ fprintf(stderr, "You must supply a url with -H or with $LDB_URL\n");
+ if (usage) usage();
+ goto failed;
+ }
- if (ldb_connect(ldb, ret->url, 0, ret->options) != 0) {
- fprintf(stderr, "Failed to connect to %s - %s\n",
- ret->url, ldb_errstring(ldb));
- goto failed;
+ if (ldb_connect(ldb, ret->url, 0, ret->options) != 0) {
+ fprintf(stderr, "Failed to connect to %s - %s\n",
+ ret->url, ldb_errstring(ldb));
+ goto failed;
+ }
}
return ret;
int num_records;
int num_searches;
const char *sasl_mechanism;
+ const char *input;
+ const char *output;
};
struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv,
ret = ldb_add(ldb, ldif->msg);
if (ret != 0) {
fprintf(stderr, "ERR: \"%s\" on DN %s\n",
- ldb_errstring(ldb), ldif->msg->dn);
+ ldb_errstring(ldb), ldb_dn_linearize(ldb, ldif->msg->dn));
failures++;
} else {
count++;
#include "system/filesys.h"
#endif
-static int ldb_delete_recursive(struct ldb_context *ldb, const char *dn)
+static int ldb_delete_recursive(struct ldb_context *ldb, const struct ldb_dn *dn)
{
int ret, i, total=0;
const char *attrs[] = { "dn", NULL };
}
for (i=0;i<options->argc;i++) {
- const char *dn = options->argv[i];
+ const struct ldb_dn *dn;
+
+ dn = ldb_dn_explode(ldb, options->argv[i]);
+ if (dn == NULL) {
+ printf("Invalid DN format\n");
+ exit(1);
+ }
if (options->recursive) {
ret = ldb_delete_recursive(ldb, dn);
} else {
}
}
if (ret != 0) {
- printf("delete of '%s' failed - %s\n", dn, ldb_errstring(ldb));
+ printf("delete of '%s' failed - %s\n",
+ ldb_dn_linearize(ldb, dn),
+ ldb_errstring(ldb));
}
}
if (ldb_modify(ldb, mod) != 0) {
fprintf(stderr, "failed to modify %s - %s\n",
- msg1->dn, ldb_errstring(ldb));
+ ldb_dn_linearize(ldb, msg1->dn), ldb_errstring(ldb));
return -1;
}
static struct ldb_message *msg_find(struct ldb_context *ldb,
struct ldb_message **msgs,
int count,
- const char *dn)
+ const struct ldb_dn *dn)
{
int i;
for (i=0;i<count;i++) {
- if (ldb_dn_cmp(ldb, dn, msgs[i]->dn) == 0) {
+ if (ldb_dn_compare(ldb, dn, msgs[i]->dn) == 0) {
return msgs[i];
}
}
}
if (ldb_add(ldb, msgs2[i]) != 0) {
fprintf(stderr, "failed to add %s - %s\n",
- msgs2[i]->dn, ldb_errstring(ldb));
+ ldb_dn_linearize(ldb, msgs2[i]->dn),
+ ldb_errstring(ldb));
return -1;
}
adds++;
}
if (ldb_delete(ldb, msgs1[i]->dn) != 0) {
fprintf(stderr, "failed to delete %s - %s\n",
- msgs1[i]->dn, ldb_errstring(ldb));
+ ldb_dn_linearize(ldb, msgs1[i]->dn),
+ ldb_errstring(ldb));
return -1;
}
deletes++;
{
struct ldb_context *ldb;
struct ldb_message **msgs;
+ struct ldb_dn *basedn = NULL;
int ret;
const char *expression = "(|(objectclass=*)(dn=*))";
const char * const * attrs = NULL;
attrs = (const char * const *)(options->argv);
}
- ret = ldb_search(ldb, options->basedn, options->scope, expression, attrs, &msgs);
+ if (options->basedn != NULL) {
+ basedn = ldb_dn_explode(ldb, options->basedn);
+ if (basedn == NULL) {
+ printf("Invalid Base DN format\n");
+ exit(1);
+ }
+ }
+
+ ret = ldb_search(ldb, basedn, options->scope, expression, attrs, &msgs);
if (ret == -1) {
printf("search failed - %s\n", ldb_errstring(ldb));
exit(1);
}
if (ret != 0) {
fprintf(stderr, "ERR: \"%s\" on DN %s\n",
- ldb_errstring(ldb), ldif->msg->dn);
+ ldb_errstring(ldb), ldb_dn_linearize(ldb, ldif->msg->dn));
failures++;
} else {
count++;
struct ldb_context *ldb;
int ret;
struct ldb_cmdline *options;
- const char *dn1, *dn2;
+ const struct ldb_dn *dn1, *dn2;
ldb = ldb_init(NULL);
usage();
}
- dn1 = options->argv[0];
- dn2 = options->argv[1];
+ dn1 = ldb_dn_explode(ldb, options->argv[0]);
+ dn2 = ldb_dn_explode(ldb, options->argv[1]);
ret = ldb_rename(ldb, dn1, dn2);
if (ret == 0) {
printf("Renamed 1 record\n");
} else {
printf("rename of '%s' to '%s' failed - %s\n",
- dn1, dn2, ldb_errstring(ldb));
+ options->argv[0], options->argv[1], ldb_errstring(ldb));
}
talloc_free(ldb);
static int do_compare_msg(struct ldb_message **el1,
struct ldb_message **el2)
{
- return ldb_dn_cmp(ldbsearch_ldb, (*el1)->dn, (*el2)->dn);
+ return ldb_dn_compare(ldbsearch_ldb, (*el1)->dn, (*el2)->dn);
}
static int do_search(struct ldb_context *ldb,
- const char *basedn,
+ const struct ldb_dn *basedn,
int scope,
int sort_attribs,
const char *expression,
int main(int argc, const char **argv)
{
struct ldb_context *ldb;
+ struct ldb_dn *basedn = NULL;
const char * const * attrs = NULL;
struct ldb_cmdline *options;
int ret = -1;
attrs = (const char * const *)(options->argv);
}
+ if (options->basedn != NULL) {
+ basedn = ldb_dn_explode(ldb, options->basedn);
+ if (basedn == NULL) {
+ fprintf(stderr, "Invalid Base DN format\n");
+ exit(1);
+ }
+ }
+
if (options->interactive) {
char line[1024];
while (fgets(line, sizeof(line), stdin)) {
- if (do_search(ldb, options->basedn,
+ if (do_search(ldb, basedn,
options->scope, options->sorted, line, attrs) == -1) {
ret = -1;
}
}
} else {
- ret = do_search(ldb, options->basedn, options->scope, options->sorted,
+ ret = do_search(ldb, basedn, options->scope, options->sorted,
expression, attrs);
}
}
static void add_records(struct ldb_context *ldb,
- const char *basedn,
+ const struct ldb_dn *basedn,
int count)
{
struct ldb_message msg;
asprintf(&name, "Test%d", i);
- msg.dn = talloc_asprintf(tmp_ctx, "cn=%s,%s", name, basedn);
+ msg.dn = ldb_dn_build_child(tmp_ctx, "cn", name, basedn);
msg.num_elements = 6;
msg.elements = el;
}
static void modify_records(struct ldb_context *ldb,
- const char *basedn,
+ const struct ldb_dn *basedn,
int count)
{
struct ldb_message msg;
TALLOC_CTX *tmp_ctx = talloc_new(ldb);
name = talloc_asprintf(tmp_ctx, "Test%d", i);
- msg.dn = talloc_asprintf(tmp_ctx, "cn=%s,%s", name, basedn);
+ msg.dn = ldb_dn_build_child(tmp_ctx, "cn", name, basedn);
msg.num_elements = 3;
msg.elements = el;
static void delete_records(struct ldb_context *ldb,
- const char *basedn,
+ const struct ldb_dn *basedn,
int count)
{
int i;
for (i=0;i<count;i++) {
- char *dn;
- asprintf(&dn, "cn=Test%d,%s", i, basedn);
+ struct ldb_dn *dn;
+ char *name = talloc_asprintf(ldb, "Test%d", i);
+ dn = ldb_dn_build_child(name, "cn", name, basedn);
printf("Deleting uid Test%d\r", i);
fflush(stdout);
if (ldb_delete(ldb, dn) != 0) {
- printf("Delete of %s failed - %s\n", dn, ldb_errstring(ldb));
+ printf("Delete of %s failed - %s\n", ldb_dn_linearize(ldb, dn), ldb_errstring(ldb));
exit(1);
}
- free(dn);
+ talloc_free(name);
}
printf("\n");
}
-static void search_uid(struct ldb_context *ldb, int nrecords, int nsearches)
+static void search_uid(struct ldb_context *ldb, struct ldb_dn *basedn, int nrecords, int nsearches)
{
int i;
int ret;
asprintf(&expr, "(uid=TEST%d)", uid);
- ret = ldb_search(ldb, options->basedn, LDB_SCOPE_SUBTREE, expr, NULL, &res);
+ ret = ldb_search(ldb, basedn, LDB_SCOPE_SUBTREE, expr, NULL, &res);
if (uid < nrecords && ret != 1) {
printf("Failed to find %s - %s\n", expr, ldb_errstring(ldb));
static void start_test(struct ldb_context *ldb, int nrecords, int nsearches)
{
+ struct ldb_dn *basedn;
+
+ basedn = ldb_dn_explode(ldb, options->basedn);
+
printf("Adding %d records\n", nrecords);
- add_records(ldb, options->basedn, nrecords);
+ add_records(ldb, basedn, nrecords);
printf("Starting search on uid\n");
_start_timer();
- search_uid(ldb, nrecords, nsearches);
+ search_uid(ldb, basedn, nrecords, nsearches);
printf("uid search took %.2f seconds\n", _end_timer());
printf("Modifying records\n");
- modify_records(ldb, options->basedn, nrecords);
+ modify_records(ldb, basedn, nrecords);
printf("Deleting records\n");
- delete_records(ldb, options->basedn, nrecords);
+ delete_records(ldb, basedn, nrecords);
}
{
struct ldb_message *msg;
struct ldb_message **res;
+ struct ldb_dn *indexlist;
+ struct ldb_dn *basedn;
int ret;
printf("Starting index test\n");
- ldb_delete(*ldb, "@INDEXLIST");
+ indexlist = ldb_dn_explode(NULL, "@INDEXLIST");
+
+ ldb_delete(*ldb, indexlist);
msg = ldb_msg_new(NULL);
- msg->dn = strdup("@INDEXLIST");
+ msg->dn = indexlist;
ldb_msg_add_string(*ldb, msg, "@IDXATTR", strdup("uid"));
if (ldb_add(*ldb, msg) != 0) {
- printf("Add of %s failed - %s\n", msg->dn, ldb_errstring(*ldb));
+ printf("Add of %s failed - %s\n", ldb_dn_linearize(*ldb, msg->dn), ldb_errstring(*ldb));
exit(1);
}
+ basedn = ldb_dn_explode(NULL, options->basedn);
+
memset(msg, 0, sizeof(*msg));
- asprintf(&msg->dn, "cn=%s,%s", "test", options->basedn);
+ msg->dn = ldb_dn_build_child(msg, "cn", "test", basedn);
ldb_msg_add_string(*ldb, msg, "cn", strdup("test"));
ldb_msg_add_string(*ldb, msg, "sn", strdup("test"));
ldb_msg_add_string(*ldb, msg, "uid", strdup("test"));
ldb_msg_add_string(*ldb, msg, "objectClass", strdup("OpenLDAPperson"));
if (ldb_add(*ldb, msg) != 0) {
- printf("Add of %s failed - %s\n", msg->dn, ldb_errstring(*ldb));
+ printf("Add of %s failed - %s\n", ldb_dn_linearize(*ldb, msg->dn), ldb_errstring(*ldb));
exit(1);
}
exit(1);
}
- ret = ldb_search(*ldb, options->basedn, LDB_SCOPE_SUBTREE, "uid=test", NULL, &res);
+ ret = ldb_search(*ldb, basedn, LDB_SCOPE_SUBTREE, "uid=test", NULL, &res);
if (ret != 1) {
printf("Should have found 1 record - found %d\n", ret);
exit(1);
}
if (ldb_delete(*ldb, msg->dn) != 0 ||
- ldb_delete(*ldb, "@INDEXLIST") != 0) {
+ ldb_delete(*ldb, indexlist) != 0) {
printf("cleanup failed - %s\n", ldb_errstring(*ldb));
exit(1);
}
struct ldb_key_data
{
- const char *dn;
+ const struct ldb_dn *dn;
struct ldb_message **subkeys, **values;
int subkey_count, value_count;
};
return 0;
}
-static char *reg_path_to_ldb(TALLOC_CTX *mem_ctx, struct registry_key *from, const char *path, const char *add)
+static struct ldb_dn *reg_path_to_ldb(TALLOC_CTX *mem_ctx, struct registry_key *from, const char *path, const char *add)
{
- char *ret = talloc_strdup(mem_ctx, "");
+ TALLOC_CTX *local_ctx;
+ struct ldb_dn *ret = ldb_dn_new(mem_ctx);
char *mypath = talloc_strdup(mem_ctx, path);
char *begin;
struct ldb_key_data *kd = from->backend_data;
- if(add)
- ret = talloc_asprintf_append(ret, "%s", add);
+ local_ctx = talloc_named(mem_ctx, 0, "reg_path_to_ldb context");
+
+ if (add)
+ ret = ldb_dn_compose(local_ctx, ret, ldb_dn_explode(mem_ctx, add));
while(mypath) {
char *keyname;
- struct ldb_val val;
- char *key;
begin = strrchr(mypath, '\\');
if (begin) keyname = begin + 1;
else keyname = mypath;
- val.data = keyname;
- val.length = strlen(keyname);
-
- key = ldb_dn_escape_value(mem_ctx, val);
- if (key == NULL) {
- return NULL;
- }
+ if(strlen(keyname)) {
+ struct ldb_dn *base;
- if (strlen(key))
- ret = talloc_asprintf_append(ret, "key=%s,", key);
+ base = ldb_dn_build_child(local_ctx, "key", keyname, NULL);
+ ret = ldb_dn_compose(local_ctx, ret, base);
+ }
- talloc_free(key);
-
if(begin) {
*begin = '\0';
} else {
}
}
- ret = talloc_asprintf_append(ret, "%s", kd->dn);
+ ret = ldb_dn_compose(local_ctx, ret, kd->dn);
return ret;
}
kd->subkey_count = ldb_search(c, kd->dn, LDB_SCOPE_ONELEVEL, "(key=*)", NULL, &kd->subkeys);
if(kd->subkey_count < 0) {
- DEBUG(0, ("Error getting subkeys for '%s': %s\n", kd->dn, ldb_errstring(c)));
+ DEBUG(0, ("Error getting subkeys for '%s': %s\n", ldb_dn_linearize(mem_ctx, kd->dn), ldb_errstring(c)));
return WERR_FOOBAR;
}
}
(*subkey)->backend_data = newkd = talloc_zero(*subkey, struct ldb_key_data);
(*subkey)->last_mod = 0; /* TODO: we need to add this to the
ldb backend properly */
- newkd->dn = talloc_strdup(mem_ctx, kd->subkeys[idx]->dn);
+ newkd->dn = ldb_dn_copy(mem_ctx, kd->subkeys[idx]->dn);
return WERR_OK;
}
kd->value_count = ldb_search(c, kd->dn, LDB_SCOPE_ONELEVEL, "(value=*)", NULL,&kd->values);
if(kd->value_count < 0) {
- DEBUG(0, ("Error getting values for '%s': %s\n", kd->dn, ldb_errstring(c)));
+ DEBUG(0, ("Error getting values for '%s': %s\n", ldb_dn_linearize(mem_ctx, kd->dn), ldb_errstring(c)));
return WERR_FOOBAR;
}
}
{
struct ldb_context *c = h->hive->backend_data;
struct ldb_message **msg;
- char *ldap_path;
+ struct ldb_dn *ldap_path;
int ret;
struct ldb_key_data *newkd;
ldap_path = reg_path_to_ldb(mem_ctx, h, name, NULL);
- ret = ldb_search(c, ldap_path, LDB_SCOPE_BASE, "(key=*)", NULL,&msg);
+ ret = ldb_search(c, ldap_path, LDB_SCOPE_BASE, "(key=*)", NULL, &msg);
if(ret == 0) {
return WERR_BADFILE;
} else if(ret < 0) {
- DEBUG(0, ("Error opening key '%s': %s\n", ldap_path, ldb_errstring(c)));
+ DEBUG(0, ("Error opening key '%s': %s\n", ldb_dn_linearize(ldap_path, ldap_path), ldb_errstring(c)));
return WERR_FOOBAR;
}
talloc_set_destructor(*key, reg_close_ldb_key);
(*key)->name = talloc_strdup(mem_ctx, strrchr(name, '\\')?strchr(name, '\\'):name);
(*key)->backend_data = newkd = talloc_zero(*key, struct ldb_key_data);
- newkd->dn = talloc_strdup(mem_ctx, msg[0]->dn);
+ newkd->dn = ldb_dn_copy(mem_ctx, msg[0]->dn);
talloc_free(msg);
talloc_set_destructor (hive, ldb_free_hive);
(*k)->name = talloc_strdup(*k, "");
(*k)->backend_data = kd = talloc_zero(*k, struct ldb_key_data);
- kd->dn = talloc_strdup(*k, "hive=NONE");
+ kd->dn = ldb_dn_explode(*k, "hive=NONE");
return WERR_OK;
{
int ret;
struct ldb_key_data *kd = key->backend_data;
- char *childdn = talloc_asprintf(NULL, "key=%s,%s", child, kd->dn);
+ TALLOC_CTX *local_ctx = talloc_named(NULL, 0, "ldb_del_key mem ctx");
+ struct ldb_dn *childdn = ldb_dn_build_child(local_ctx, "key", child, kd->dn);
ret = ldb_delete(key->hive->backend_data, childdn);
- talloc_free(childdn);
+ talloc_free(local_ctx);
if (ret < 0) {
DEBUG(1, ("ldb_del_key: %s\n", ldb_errstring(key->hive->backend_data)));
{
int ret;
struct ldb_key_data *kd = key->backend_data;
- char *childdn = talloc_asprintf(NULL, "value=%s,%s", child, kd->dn);
+ TALLOC_CTX *local_ctx = talloc_named(NULL, 0, "ldb_del_value mem ctx");
+ struct ldb_dn *childdn = ldb_dn_build_child(local_ctx, "value", child, kd->dn);
ret = ldb_delete(key->hive->backend_data, childdn);
- talloc_free(childdn);
+ talloc_free(local_ctx);
if (ret < 0) {
DEBUG(1, ("ldb_del_value: %s\n", ldb_errstring(key->hive->backend_data)));
msg = reg_ldb_pack_value(ctx, mem_ctx, name, type, data, len);
- msg->dn = talloc_asprintf(mem_ctx, "value=%s,%s", name, kd->dn);
+ msg->dn = ldb_dn_build_child(msg, "value", name, kd->dn);
ret = ldb_add(ctx, msg);
if (ret < 0) {
struct dom_sid *domain_sid;
const char *domain_name;
const char *realm = NULL; /* Also flag for remote being AD */
- const char *account_dn;
+ const struct ldb_dn *account_dn;
char *remote_ldb_url;
struct ldb_message **msgs, *msg;
return NT_STATUS_UNSUCCESSFUL;
}
- account_dn = r_crack_names.out.ctr.ctr1->array[0].result_name;
-
+ account_dn = ldb_dn_explode(mem_ctx, r_crack_names.out.ctr.ctr1->array[0].result_name);
+ if (account_dn == NULL) {
+ r->out.error_string
+ = talloc_asprintf(mem_ctx, "Invalid account dn: %s",
+ r_crack_names.out.ctr.ctr1->array[0].result_name);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
/* Now we know the user's DN, open with LDAP, read and modify a few things */
if (ldb_ret != 1) {
r->out.error_string
= talloc_asprintf(mem_ctx,
- "ldb_search for %s failed - %s\n",
- account_dn,
+ "ldb_search for %s failed - %s\n",
+ ldb_dn_linearize(mem_ctx, account_dn),
ldb_errstring(remote_ldb));
return NT_STATUS_UNSUCCESSFUL;
}
r->out.error_string
= talloc_asprintf(mem_ctx,
"Failed to replace entries on %s\n",
- msg->dn);
+ ldb_dn_linearize(mem_ctx, msg->dn));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
struct ldb_context *ldb;
struct libnet_JoinDomain r2;
- const char *base_dn = "cn=Primary Domains";
+ const struct ldb_dn *base_dn = ldb_dn_explode(mem_ctx, "cn=Primary Domains");
const struct ldb_val *prior_secret;
const struct ldb_val *prior_modified_time;
struct ldb_message **msgs, *msg;
/* search for the secret record */
ret = gendb_search(ldb,
- mem_ctx, base_dn, &msgs, attrs,
+ mem_ctx, base_dn,
+ &msgs, attrs,
"(|" SECRETS_PRIMARY_DOMAIN_FILTER "(realm=%s))",
r2.out.domain_name, r2.out.realm);
- msg->dn = talloc_asprintf(mem_ctx, "flatname=%s,%s",
- r2.out.domain_name,
- base_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "flatname", r2.out.domain_name, base_dn);
samdb_msg_add_string(ldb, mem_ctx, msg, "flatname", r2.out.domain_name);
if (r2.out.realm) {
r->out.error_string
= talloc_asprintf(mem_ctx,
"Failed to create secret record %s\n",
- msg->dn);
+ ldb_dn_linearize(ldb, msg->dn));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return NT_STATUS_OK;
struct samsync_ldb_state {
struct dom_sid *dom_sid[3];
struct ldb_context *sam_ldb;
- char *base_dn[3];
+ struct ldb_dn *base_dn[3];
struct samsync_ldb_secret *secrets;
struct samsync_ldb_trusted_domain *trusted_domains;
};
static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx,
struct samsync_ldb_state *state,
struct dom_sid *sid,
- char **fsp_dn)
+ struct ldb_dn **fsp_dn)
{
const char *sidstr = dom_sid_string(mem_ctx, sid);
/* We assume that ForeignSecurityPrincipals are under the BASEDN of the main domain */
- const char *basedn = samdb_search_string(state->sam_ldb, mem_ctx, state->base_dn[SAM_DATABASE_DOMAIN],
- "dn",
- "(&(objectClass=container)"
- "(cn=ForeignSecurityPrincipals))");
+ struct ldb_dn *basedn = ldb_dn_explode(mem_ctx,
+ samdb_search_string(state->sam_ldb, mem_ctx,
+ state->base_dn[SAM_DATABASE_DOMAIN],
+ "dn", "(&(objectClass=container)"
+ "(cn=ForeignSecurityPrincipals))"));
struct ldb_message *msg;
int ret;
}
/* add core elements to the ldb_message for the alias */
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,%s", sidstr, basedn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "CN", sidstr, basedn);
if (msg->dn == NULL)
return NT_STATUS_NO_MEMORY;
ret = samdb_add(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
DEBUG(0,("Failed to create foreignSecurityPrincipal "
- "record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ "record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return NT_STATUS_OK;
state->dom_sid[database]
= talloc_steal(state,
samdb_search_dom_sid(state->sam_ldb, state,
- state->base_dn[database], "objectSid",
- "dn=%s", state->base_dn[database]));
+ state->base_dn[database], "objectSid", "dn=%s",
+ ldb_dn_linearize(mem_ctx, state->base_dn[database])));
} else if (database == SAM_DATABASE_BUILTIN) {
/* work out the builtin_dn - useful for so many calls its worth
fetching here */
}
/* search for the user, by rid */
- ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[database], &msgs, attrs,
- "(&(objectClass=user)(objectSid=%s))",
+ ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[database],
+ &msgs, attrs, "(&(objectClass=user)(objectSid=%s))",
ldap_encode_ndr_dom_sid(mem_ctx, dom_sid_add_rid(mem_ctx, state->dom_sid[database], rid)));
if (ret == -1) {
if (add) {
samdb_msg_add_string(state->sam_ldb, mem_ctx, msg,
"objectClass", obj_class);
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s",
- cn_name, container, state->base_dn[database]);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "CN", cn_name,
+ ldb_dn_build_child(mem_ctx,
+ "CN", container,
+ state->base_dn[database]));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
ret = samdb_add(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create user record %s\n", msg->dn));
+ DEBUG(0,("Failed to create user record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else {
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify user record %s\n", msg->dn));
+ DEBUG(0,("Failed to modify user record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
const char *attrs[] = { NULL };
/* search for the user, by rid */
- ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[database], &msgs, attrs,
- "(&(objectClass=user)(objectSid=%s))",
+ ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[database],
+ &msgs, attrs, "(&(objectClass=user)(objectSid=%s))",
ldap_encode_ndr_dom_sid(mem_ctx, dom_sid_add_rid(mem_ctx, state->dom_sid[database], rid)));
if (ret == -1) {
ret = samdb_delete(state->sam_ldb, mem_ctx, msgs[0]->dn);
if (ret != 0) {
- DEBUG(0,("Failed to delete user record %s: %s\n", msgs[0]->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to delete user record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msgs[0]->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (add) {
samdb_msg_add_string(state->sam_ldb, mem_ctx, msg,
"objectClass", obj_class);
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s",
- cn_name, container, state->base_dn[database]);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "CN", cn_name,
+ ldb_dn_build_child(mem_ctx,
+ "CN", container,
+ state->base_dn[database]));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
ret = samdb_add(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create group record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to create group record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else {
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify group record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to modify group record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
ret = samdb_delete(state->sam_ldb, mem_ctx, msgs[0]->dn);
if (ret != 0) {
- DEBUG(0,("Failed to delete group record %s: %s\n", msgs[0]->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to delete group record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msgs[0]->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else if (ret > 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
} else {
- samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "member", msgs[0]->dn);
+ samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "member", ldb_dn_linearize(mem_ctx, msgs[0]->dn));
}
talloc_free(msgs);
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify group record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to modify group record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (add) {
samdb_msg_add_string(state->sam_ldb, mem_ctx, msg,
"objectClass", obj_class);
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s",
- cn_name, container, state->base_dn[database]);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "CN", cn_name,
+ ldb_dn_build_child(mem_ctx,
+ "CN", container,
+ state->base_dn[database]));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
ret = samdb_add(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create alias record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to create alias record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else {
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify alias record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to modify alias record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
ret = samdb_delete(state->sam_ldb, mem_ctx, msgs[0]->dn);
if (ret != 0) {
- DEBUG(0,("Failed to delete alias record %s: %s\n", msgs[0]->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to delete alias record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msgs[0]->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
talloc_free(msgs);
for (i=0; i<alias_member->sids.num_sids; i++) {
- char *alias_member_dn;
+ struct ldb_dn *alias_member_dn;
/* search for members, in the top basedn (normal users are builtin aliases) */
ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[SAM_DATABASE_DOMAIN], &msgs, attrs,
"(objectSid=%s)",
} else {
alias_member_dn = msgs[0]->dn;
}
- samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "member", alias_member_dn);
+ samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "member", ldb_dn_linearize(mem_ctx, alias_member_dn));
talloc_free(msgs);
}
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify group record %s: %s\n", msg->dn, ldb_errstring(state->sam_ldb)));
+ DEBUG(0,("Failed to modify group record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
struct ldb_message *msg;
struct ldb_message **msgs;
- char *privilage_dn;
+ struct ldb_dn *privilege_dn;
int ret;
const char *attrs[] = { NULL };
int i;
NTSTATUS nt_status;
nt_status = samsync_ldb_add_foreignSecurityPrincipal(mem_ctx, state,
sid,
- &privilage_dn);
- privilage_dn = talloc_steal(msg, privilage_dn);
+ &privilege_dn);
+ privilege_dn = talloc_steal(msg, privilege_dn);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
dom_sid_string(mem_ctx, sid)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
} else {
- privilage_dn = talloc_steal(msg, msgs[0]->dn);
+ privilege_dn = talloc_steal(msg, msgs[0]->dn);
}
- msg->dn = privilage_dn;
+ msg->dn = privilege_dn;
for (i=0; i< account->privilege_entries; i++) {
- samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "privilage",
+ samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "privilege",
account->privilege_name[i].string);
}
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify privilage record %s\n", msg->dn));
+ DEBUG(0,("Failed to modify privilege record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to modify privilage record %s\n", msg->dn));
+ DEBUG(0,("Failed to modify privilege record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* try and find the domain */
ret = gendb_search_dn(samctx, samctx,
- samdb_result_string(ref_res[0], "ncName", NULL),
+ samdb_result_dn(samctx, ref_res[0], "ncName", NULL),
&dom_res, dom_attrs);
if (ret != 1) {
- DEBUG(2,("Unable to find domain from reference '%s' in sam\n", ref_res[0]->dn));
+ DEBUG(2,("Unable to find domain from reference '%s' in sam\n",
+ ldb_dn_linearize(samctx, ref_res[0]->dn)));
return;
}
struct ldb_message *msg = ldb_msg_new(winssrv);
if (msg == NULL) goto failed;
- msg->dn = talloc_strdup(msg, "CN=VERSION");
+ msg->dn = ldb_dn_explode(msg, "CN=VERSION");
if (msg->dn == NULL) goto failed;
ret |= ldb_msg_add_fmt(ldb, msg, "minVersion", "%llu", winssrv->min_version);
struct ldb_message *msg = ldb_msg_new(mem_ctx);
if (msg == NULL) goto failed;
- msg->dn = winsdb_dn(msg, rec->name);
+ msg->dn = ldb_dn_explode(msg, winsdb_dn(msg, rec->name));
if (msg->dn == NULL) goto failed;
ret |= ldb_msg_add_fmt(ldb, msg, "objectClass", "wins");
ret |= ldb_msg_add_fmt(ldb, msg, "active", "%u", rec->state);
struct ldb_context *ldb = winssrv->wins_db;
TALLOC_CTX *tmp_ctx = talloc_new(winssrv);
int ret;
- const char *dn;
+ const struct ldb_dn *dn;
winsdb_remove_version(winssrv, rec->version);
- dn = winsdb_dn(tmp_ctx, rec->name);
+ dn = ldb_dn_explode(tmp_ctx, winsdb_dn(tmp_ctx, rec->name));
if (dn == NULL) goto failed;
ret = ldb_delete(ldb, dn);
static int sptr_db_search(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
struct ldb_message ***res,
const char * const *attrs,
const char *format, ...) PRINTF_ATTRIBUTE(6,7);
static int sptr_db_search(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *basedn,
+ const struct ldb_dn *basedn,
struct ldb_message ***res,
const char * const *attrs,
const char *format, ...)
int i;
union spoolss_FormInfo *info;
- count = sptr_db_search(sptr_db, mem_ctx, "CN=Forms,CN=PrintServer", &msgs, NULL,
- "(&(objectClass=form))");
+ count = sptr_db_search(sptr_db, mem_ctx,
+ ldb_dn_explode(mem_ctx, "CN=Forms,CN=PrintServer"),
+ &msgs, NULL, "(&(objectClass=form))");
if (count == 0) return WERR_OK;
if (count < 0) return WERR_GENERAL_FAILURE;
if (!r->in.info.info1) {
return WERR_FOOBAR;
}
- count = sptr_db_search(sptr_db, mem_ctx, "CN=Forms,CN=PrintServer", &msgs, attrs,
- "(&(form-name=%s)(objectClass=form))",
+ count = sptr_db_search(sptr_db, mem_ctx,
+ ldb_dn_explode(mem_ctx, "CN=Forms,CN=PrintServer"),
+ &msgs, attrs, "(&(form-name=%s)(objectClass=form))",
r->in.info.info1->form_name);
if (count == 1) return WERR_FOOBAR;
W_ERROR_HAVE_NO_MEMORY(msg);
/* add core elements to the ldb_message for the Form */
- msg->dn = talloc_asprintf(msg, "form-name=%s,CN=Forms,CN=PrintServer",
- r->in.info.info1->form_name);
+ msg->dn = ldb_dn_build_child(msg,
+ "form-name", r->in.info.info1->form_name,
+ ldb_dn_explode(msg, "CN=Forms,CN=PrintServer"));
SET_STRING(sptr_db, msg, "objectClass", "form");
SET_UINT(sptr_db, msg, "flags", r->in.info.info1->flags);
return WERR_FOOBAR;
}
- count = sptr_db_search(sptr_db, mem_ctx, "CN=Forms,CN=PrintServer", &msgs, attrs,
- "(&(form-name=%s)(objectClass=form))",
+ count = sptr_db_search(sptr_db, mem_ctx,
+ ldb_dn_explode(mem_ctx, "CN=Forms,CN=PrintServer"),
+ &msgs, attrs, "(&(form-name=%s)(objectClass=form))",
r->in.info.info1->form_name);
if (count == 0) return WERR_FOOBAR;
return WERR_FOOBAR;
}
- count = sptr_db_search(sptr_db, mem_ctx, "CN=Forms,CN=PrintServer", &msgs, attrs,
- "(&(form-name=%s)(objectclass=form))",
+ count = sptr_db_search(sptr_db, mem_ctx,
+ ldb_dn_explode(mem_ctx, "CN=Forms,CN=PrintServer"),
+ &msgs, attrs, "(&(form-name=%s)(objectclass=form))",
r->in.form_name);
if (count == 0) return WERR_FOOBAR;
{
struct ldb_context *sptr_db = talloc_get_type(printer->ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
- const char *base_dn;
+ const struct ldb_dn *base_dn;
int count;
union spoolss_FormInfo *info;
* }
*/
- base_dn = talloc_asprintf(mem_ctx, "CN=Forms,CN=%s,CN=Printers", printer->object_name);
+ base_dn = ldb_dn_compose_string_dn(mem_ctx,
+ "CN=Forms",
+ ldb_dn_build_child(mem_ctx,
+ "CN", printer->object_name,
+ ldb_dn_explode(mem_ctx, "CN=Printers")));
W_ERROR_HAVE_NO_MEMORY(base_dn);
count = sptr_db_search(sptr_db, mem_ctx, base_dn, &msgs, NULL,
const char *domain_filter = NULL;
const char * const *domain_attrs;
struct ldb_message **domain_res = NULL;
- const char *result_basedn = NULL;
+ const struct ldb_dn *result_basedn = NULL;
const char *result_filter = NULL;
const char * const *result_attrs;
struct ldb_message **result_res = NULL;
info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY;
if (result_filter) {
- result_basedn = samdb_result_string(domain_res[0], "ncName", NULL);
+ result_basedn = samdb_result_dn(mem_ctx, domain_res[0], "ncName", NULL);
ret = gendb_search(b_state->sam_ctx, mem_ctx, result_basedn, &result_res,
result_attrs, "%s", result_filter);
/* here we can use result_res[0] and domain_res[0] */
switch (format_desired) {
case DRSUAPI_DS_NAME_FORMAT_FQDN_1779: {
- info1->result_name = result_res[0]->dn;
+ info1->result_name = ldb_dn_linearize(mem_ctx, result_res[0]->dn);
WERR_TALLOC_CHECK(info1->result_name);
info1->status = DRSUAPI_DS_NAME_STATUS_OK;
struct ldb_context *sam_ldb;
struct sidmap_context *sidmap;
uint32_t access_mask;
- const char *domain_dn;
- const char *builtin_dn;
- const char *system_dn;
+ const struct ldb_dn *domain_dn;
+ const struct ldb_dn *builtin_dn;
+ const struct ldb_dn *system_dn;
const char *domain_name;
struct dom_sid *domain_sid;
struct dom_sid *builtin_sid;
struct lsa_policy_state *policy;
uint32_t access_mask;
struct dom_sid *account_sid;
- const char *account_dn;
+ const struct ldb_dn *account_dn;
};
struct lsa_secret_state {
struct lsa_policy_state *policy;
uint32_t access_mask;
- const char *secret_dn;
+ const struct ldb_dn *secret_dn;
struct ldb_context *sam_ldb;
BOOL global;
};
struct lsa_trusted_domain_state {
struct lsa_policy_state *policy;
uint32_t access_mask;
- const char *trusted_domain_dn;
+ const struct ldb_dn *trusted_domain_dn;
};
/*
/* work out the domain_dn - useful for so many calls its worth
fetching here */
- state->domain_dn = talloc_steal(state, samdb_result_string(msgs_domain[0], "nCName", NULL));
+ state->domain_dn = samdb_result_dn(state, msgs_domain[0], "nCName", NULL);
if (!state->domain_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
/* work out the builtin_dn - useful for so many calls its worth
fetching here */
- state->builtin_dn = talloc_steal(state,
+ state->builtin_dn = ldb_dn_explode(state,
samdb_search_string(state->sam_ldb, mem_ctx, NULL,
"dn", "objectClass=builtinDomain"));
if (!state->builtin_dn) {
/* work out the system_dn - useful for so many calls its worth
fetching here */
- state->system_dn = talloc_steal(state,
+ state->system_dn = ldb_dn_explode(state,
samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn,
"dn", "(&(objectClass=container)(cn=System))"));
if (!state->system_dn) {
state->domain_sid = talloc_steal(state,
samdb_search_dom_sid(state->sam_ldb, state,
- state->domain_dn, "objectSid",
- "dn=%s", state->domain_dn));
+ state->domain_dn, "objectSid", "dn=%s",
+ ldb_dn_linearize(mem_ctx, state->domain_dn)));
if (!state->domain_sid) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
}
if (ret < 0 || ret > 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- msg->dn = talloc_asprintf(mem_ctx, "cn=%s,%s", r->in.info->name.string,
- policy_state->system_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "cn",
+ r->in.info->name.string,
+ policy_state->system_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
/* create the trusted_domain */
ret = samdb_add(trusted_domain_state->policy->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create trusted_domain record %s\n", msg->dn));
+ DEBUG(0,("Failed to create trusted_domain record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
if (ret != 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
if (ret != 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* check it really exists */
astate->account_dn =
- samdb_search_string(state->sam_ldb, astate,
- NULL, "dn",
- "(&(objectSid=%s)(objectClass=group))",
- ldap_encode_ndr_dom_sid(mem_ctx,
- astate->account_sid));
+ ldb_dn_explode(mem_ctx,
+ samdb_search_string(state->sam_ldb, astate,
+ NULL, "dn",
+ "(&(objectSid=%s)(objectClass=group))",
+ ldap_encode_ndr_dom_sid(mem_ctx,
+ astate->account_sid)));
if (astate->account_dn == NULL) {
talloc_free(astate);
return NT_STATUS_NO_SUCH_USER;
return NT_STATUS_NO_SUCH_USER;
}
- msg->dn = talloc_strdup(mem_ctx, dn);
+ msg->dn = ldb_dn_explode(mem_ctx, dn);
if (msg->dn == NULL) {
return NT_STATUS_NO_MEMORY;
}
}
if (ret < 0 || ret > 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- msg->dn = talloc_asprintf(mem_ctx, "cn=%s,%s", name2, policy_state->system_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "cn", name2, policy_state->system_dn);
if (!name2 || !msg->dn) {
return NT_STATUS_NO_MEMORY;
}
secret_state->sam_ldb = talloc_reference(secret_state, secrets_db_connect(mem_ctx));
/* search for the secret record */
- ret = gendb_search(secret_state->sam_ldb,
- mem_ctx, "cn=LSA Secrets", &msgs, attrs,
- "(&(cn=%s)(objectclass=secret))",
- name);
+ ret = gendb_search(secret_state->sam_ldb, mem_ctx,
+ ldb_dn_explode(mem_ctx, "cn=LSA Secrets"),
+ &msgs, attrs,
+ "(&(cn=%s)(objectclass=secret))", name);
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret < 0 || ret > 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- msg->dn = talloc_asprintf(mem_ctx, "cn=%s,cn=LSA Secrets", name);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "cn", name,
+ ldb_dn_build_child(mem_ctx,
+ "cn", "LSA Secrets", NULL));
samdb_msg_add_string(secret_state->sam_ldb, mem_ctx, msg, "cn", name);
}
/* create the secret */
ret = samdb_add(secret_state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create secret record %s\n", msg->dn));
+ DEBUG(0,("Failed to create secret record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
if (ret != 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
/* search for the secret record */
- ret = gendb_search(secret_state->sam_ldb,
- mem_ctx, "cn=LSA Secrets", &msgs, attrs,
- "(&(cn=%s)(objectclass=secret))",
- name);
+ ret = gendb_search(secret_state->sam_ldb, mem_ctx,
+ ldb_dn_explode(mem_ctx, "cn=LSA Secrets"),
+ &msgs, attrs,
+ "(&(cn=%s)(objectclass=secret))", name);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
- DEBUG(0,("Found %d records matching DN %s\n", ret, policy_state->system_dn));
+ DEBUG(0,("Found %d records matching DN %s\n", ret,
+ ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
}
if (ret != 1) {
- DEBUG(0,("Found %d records matching dn=%s\n", ret, secret_state->secret_dn));
+ DEBUG(0,("Found %d records matching dn=%s\n", ret,
+ ldb_dn_linearize(mem_ctx, secret_state->secret_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
ret = gendb_search(sam_ctx, mem_ctx, NULL,
&ref_res, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
- res1[0]->dn);
+ ldb_dn_linearize(mem_ctx, res1[0]->dn));
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return WERR_GENERAL_FAILURE;
}
- ret = gendb_search(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs, "(&(objectClass=domainDNS)(dnsDomain=%s))", lp_realm());
+ ret = gendb_search(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs,
+ "(&(objectClass=domainDNS)(dnsDomain=%s))", lp_realm());
if (ret == -1) {
return WERR_GENERAL_FAILURE;
}
return WERR_GENERAL_FAILURE;
}
- ret = gendb_search(sam_ctx, mem_ctx, NULL, &ref_res, ref_attrs, "(&(objectClass=crossRef)(ncName=%s))", dom_res[0]->dn);
+ ret = gendb_search(sam_ctx, mem_ctx, NULL, &ref_res, ref_attrs,
+ "(&(objectClass=crossRef)(ncName=%s))",
+ ldb_dn_linearize(mem_ctx, dom_res[0]->dn));
if (ret == -1) {
return WERR_GENERAL_FAILURE;
}
}
ret = gendb_search_dn(c_state->sam_ctx, mem_ctx,
- samdb_result_string(ref_msgs[0], "ncName", NULL),
+ samdb_result_dn(mem_ctx,
+ ref_msgs[0], "ncName", NULL),
&dom_msgs, dom_attrs);
}
ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL,
&ref_msgs, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
- dom_msgs[i]->dn);
+ ldb_dn_linearize(mem_ctx, dom_msgs[i]->dn));
if (ret == 1) {
array->entries[i].name.string = samdb_result_string(ref_msgs[0], "nETBIOSName", NULL);
} else {
ret = gendb_search(c_state->sam_ctx,
mem_ctx, NULL, &ref_msgs, ref_attrs,
"(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))",
- dom_msgs[0]->dn);
+ ldb_dn_linearize(mem_ctx, dom_msgs[0]->dn));
if (ret != 1) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
d_state->sam_ctx = c_state->sam_ctx;
d_state->domain_sid = dom_sid_dup(d_state, r->in.sid);
d_state->domain_name = talloc_strdup(d_state, domain_name);
- d_state->domain_dn = talloc_strdup(d_state, dom_msgs[0]->dn);
+ d_state->domain_dn = ldb_dn_copy(d_state, dom_msgs[0]->dn);
if (!d_state->domain_sid || !d_state->domain_name || !d_state->domain_dn) {
talloc_free(d_state);
return NT_STATUS_NO_MEMORY;
}
/* add core elements to the ldb_message for the user */
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", groupname,
- d_state->domain_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "CN", groupname,
+ ldb_dn_build_child(mem_ctx,
+ "CN", "Users",
+ d_state->domain_dn));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
/* create the group */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create group record %s\n", msg->dn));
+ DEBUG(0,("Failed to create group record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* retrieve the sid for the group just created */
sid = samdb_search_dom_sid(d_state->sam_ctx, a_state,
- msg->dn, "objectSid", "dn=%s", msg->dn);
+ msg->dn, "objectSid", "dn=%s",
+ ldb_dn_linearize(mem_ctx, msg->dn));
if (sid == NULL) {
return NT_STATUS_UNSUCCESSFUL;
}
}
/* add core elements to the ldb_message for the user */
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s", cn_name, container, d_state->domain_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "CN", cn_name, ldb_dn_build_child(mem_ctx, "CN", container, d_state->domain_dn));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
/* create the user */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create user record %s\n", msg->dn));
+ DEBUG(0,("Failed to create user record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* retrieve the sid for the user just created */
sid = samdb_search_dom_sid(d_state->sam_ctx, a_state,
- msg->dn, "objectSid", "dn=%s", msg->dn);
+ msg->dn, "objectSid", "dn=%s", ldb_dn_linearize(mem_ctx, msg->dn));
if (sid == NULL) {
return NT_STATUS_UNSUCCESSFUL;
}
}
/* add core elements to the ldb_message for the alias */
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", alias_name,
- d_state->domain_dn);
+ msg->dn = ldb_dn_build_child(mem_ctx,
+ "CN", alias_name,
+ ldb_dn_build_child(mem_ctx,
+ "CN", "Users",
+ d_state->domain_dn));
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
/* create the alias */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
if (ret != 0) {
- DEBUG(0,("Failed to create alias record %s\n", msg->dn));
+ DEBUG(0,("Failed to create alias record %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* retrieve the sid for the alias just created */
sid = samdb_search_dom_sid(d_state->sam_ctx, a_state,
- msg->dn, "objectSid", "dn=%s", msg->dn);
+ msg->dn, "objectSid", "dn=%s",
+ ldb_dn_linearize(mem_ctx, msg->dn));
a_state->account_name = talloc_strdup(a_state, alias_name);
if (!a_state->account_name) {
return NT_STATUS_NO_MEMORY;
}
- msg->dn = talloc_strdup(mem_ctx, a_state->account_dn);
+ msg->dn = ldb_dn_copy(mem_ctx, a_state->account_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
struct ldb_message **res2;
const char * const attrs2[2] = { "objectSid", NULL };
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
- (char *)el->values[i].data,
+ ldb_dn_explode(mem_ctx, el->values[i].data),
&res2, attrs2);
if (ret != 1)
return NT_STATUS_INTERNAL_DB_CORRUPTION;
return NT_STATUS_NO_MEMORY;
}
- msg->dn = talloc_strdup(mem_ctx, a_state->account_dn);
+ msg->dn = ldb_dn_copy(mem_ctx, a_state->account_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
struct ldb_message *mod;
struct ldb_message **msgs;
const char * const attrs[2] = { "dn", NULL };
- const char *memberdn = NULL;
+ struct ldb_dn *memberdn = NULL;
int ret;
DCESRV_PULL_HANDLE(h, r->in.alias_handle, SAMR_HANDLE_ALIAS);
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
if (ret == 1) {
- memberdn = ldb_msg_find_string(msgs[0], "dn", NULL);
+ memberdn = ldb_dn_explode(mem_ctx, ldb_msg_find_string(msgs[0], "dn", NULL));
} else if (ret > 1) {
DEBUG(0,("Found %d records matching sid %s\n",
ret, dom_sid_string(mem_ctx, r->in.sid)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
} else if (ret == 0) {
struct ldb_message *msg;
- const char *basedn, *sidstr;
+ struct ldb_dn *basedn;
+ const char *sidstr;
sidstr = dom_sid_string(mem_ctx, r->in.sid);
NT_STATUS_HAVE_NO_MEMORY(sidstr);
* cn=For...,cn=Builtin,dc={BASEDN}. -- vl
*/
- basedn = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
- "dn",
- "(&(objectClass=container)"
- "(cn=ForeignSecurityPrincipals))");
+ basedn = ldb_dn_explode(mem_ctx,
+ samdb_search_string(d_state->sam_ctx,
+ mem_ctx, NULL, "dn",
+ "(&(objectClass=container)"
+ "(cn=ForeignSecurityPrincipals))"));
if (basedn == NULL) {
DEBUG(0, ("Failed to find DN for "
}
/* add core elements to the ldb_message for the alias */
- msg->dn = talloc_asprintf(mem_ctx, "CN=%s,%s", sidstr, basedn);
+ msg->dn = ldb_dn_build_child(mem_ctx, "CN", sidstr, basedn);
if (msg->dn == NULL)
return NT_STATUS_NO_MEMORY;
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
if (ret != 0) {
DEBUG(0,("Failed to create foreignSecurityPrincipal "
- "record %s\n", msg->dn));
+ "record %s\n", ldb_dn_linearize(mem_ctx, msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else {
mod->dn = talloc_reference(mem_ctx, a_state->account_dn);
if (samdb_msg_add_addval(d_state->sam_ctx, mem_ctx, mod, "member",
- memberdn) != 0)
+ ldb_dn_linearize(mem_ctx, memberdn)) != 0)
return NT_STATUS_UNSUCCESSFUL;
if (samdb_modify(a_state->sam_ctx, mem_ctx, mod) != 0)
struct ldb_message **msgs2;
const char * const attrs2[2] = { "objectSid", NULL };
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
- (char *)el->values[i].data,
+ ldb_dn_explode(mem_ctx, el->values[i].data),
&msgs2, attrs2);
if (ret != 1)
return NT_STATUS_INTERNAL_DB_CORRUPTION;
count = samdb_search_domain(a_state->sam_ctx, mem_ctx, NULL, &res,
attrs, d_state->domain_sid,
"(&(member=%s)(grouptype=%s)(objectclass=group))",
- a_state->account_dn,
+ ldb_dn_linearize(mem_ctx, a_state->account_dn),
ldb_hexstr(mem_ctx,
GTYPE_SECURITY_GLOBAL_GROUP));
if (count < 0)
r->out.info.min_password_length = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0,
a_state->domain_state->domain_dn, "minPwdLength",
"dn=%s",
- a_state->domain_state->domain_dn);
+ ldb_dn_linearize(mem_ctx, a_state->domain_state->domain_dn));
r->out.info.password_properties = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0,
a_state->account_dn,
- "pwdProperties",
- "dn=%s", a_state->account_dn);
+ "pwdProperties", "dn=%s",
+ ldb_dn_linearize(mem_ctx, a_state->account_dn));
return NT_STATUS_OK;
}
return NT_STATUS_NO_MEMORY;
}
- mod->dn = talloc_reference(mod,
- samdb_result_string(res[i], "dn",
- NULL));
+ mod->dn = samdb_result_dn(mod, res[i], "dn", NULL);
if (mod->dn == NULL) {
talloc_free(mod);
continue;
uint32_t access_mask;
struct dom_sid *domain_sid;
const char *domain_name;
- const char *domain_dn;
+ const struct ldb_dn *domain_dn;
};
/*
uint32_t access_mask;
struct dom_sid *account_sid;
const char *account_name;
- const char *account_dn;
+ const struct ldb_dn *account_dn;
};
return NT_STATUS_NO_MEMORY;
}
- msg->dn = talloc_strdup(msg, a_state->account_dn);
+ msg->dn = ldb_dn_copy(msg, a_state->account_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
uint32_t new_pass_len;
struct samr_CryptPassword *pwbuf = r->in.password;
void *sam_ctx;
- const char *user_dn, *domain_dn;
+ const struct ldb_dn *user_dn, *domain_dn;
int ret;
struct ldb_message **res, *mod;
const char * const attrs[] = { "objectSid", "lmPwdHash", "unicodePwd", NULL };
return NT_STATUS_NO_SUCH_USER;
}
- domain_dn = samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
- "(objectSid=%s)",
- ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
+ domain_dn = ldb_dn_explode(mem_ctx,
+ samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
+ "(objectSid=%s)",
+ ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)));
if (!domain_dn) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return NT_STATUS_NO_MEMORY;
}
- mod->dn = talloc_strdup(mod, user_dn);
+ mod->dn = ldb_dn_copy(mod, user_dn);
if (!mod->dn) {
return NT_STATUS_NO_MEMORY;
}
char new_pass[512];
uint32_t new_pass_len;
void *sam_ctx = NULL;
- const char *user_dn, *domain_dn = NULL;
+ const struct ldb_dn *user_dn, *domain_dn = NULL;
int ret;
struct ldb_message **res, *mod;
const char * const attrs[] = { "objectSid", "ntPwdHash", "lmPwdHash", "unicodePwd", NULL };
goto failed;
}
- domain_dn = samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
- "(objectSid=%s)",
- ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
+ domain_dn = ldb_dn_explode(mem_ctx,
+ samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
+ "(objectSid=%s)",
+ ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)));
if (!domain_dn) {
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto failed;
return NT_STATUS_NO_MEMORY;
}
- mod->dn = talloc_strdup(mod, user_dn);
+ mod->dn = ldb_dn_copy(mod, user_dn);
if (!mod->dn) {
status = NT_STATUS_NO_MEMORY;
goto failed;
changes (as is needed by some of the set user info levels)
*/
NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx,
- const char *user_dn, const char *domain_dn,
+ const struct ldb_dn *user_dn,
+ const struct ldb_dn *domain_dn,
struct ldb_message *mod,
const char *new_pass,
struct samr_Password *lmNewHash,
*/
NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
void *sam_ctx,
- const char *account_dn, const char *domain_dn,
+ const struct ldb_dn *account_dn, const struct ldb_dn *domain_dn,
TALLOC_CTX *mem_ctx,
struct ldb_message *msg,
struct samr_CryptPassword *pwbuf)
*/
NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
void *sam_ctx,
- const char *account_dn, const char *domain_dn,
+ const struct ldb_dn *account_dn, const struct ldb_dn *domain_dn,
TALLOC_CTX *mem_ctx,
struct ldb_message *msg,
struct samr_CryptPasswordEx *pwbuf)
const char *multivalued[] = { "objectClass", "memberOf", "privilege",
"member", NULL };
- var = mprObject(msg->dn);
+ var = mprObject(ldb_dn_linearize(msg, msg->dn));
for (i=0;i<msg->num_elements;i++) {
struct ldb_message_element *el = &msg->elements[i];
/* add the dn if it is not already specified */
if (mprGetProperty(&var, "dn", 0) == 0) {
- mprSetVar(&var, "dn", mprString(msg->dn));
+ mprSetVar(&var, "dn", mprString(ldb_dn_linearize(msg, msg->dn)));
}
return var;
{
const char **attrs = NULL;
const char *expression;
- const char *basedn = NULL;
+ const char *base = NULL;
+ struct ldb_dn *basedn = NULL;
int scope = LDB_SCOPE_DEFAULT;
TALLOC_CTX *tmp_ctx = talloc_new(mprMemCtx());
struct ldb_context *ldb;
goto failed;
}
if (argc > 1) {
- basedn = mprToString(argv[1]);
+ base = mprToString(argv[1]);
/* a null basedn is valid */
}
+ if (base != NULL) {
+ basedn = ldb_dn_explode(tmp_ctx, base);
+ if (basedn == NULL) {
+ ejsSetErrorMsg(eid, "ldb.search malformed base dn");
+ goto failed;
+ }
+ }
if (argc > 2) {
scope = mprToInt(argv[2]);
switch (scope) {
*/
static int ejs_ldbDelete(MprVarHandle eid, int argc, struct MprVar **argv)
{
- const char *dn;
+ struct ldb_dn *dn;
struct ldb_context *ldb;
int ret;
return -1;
}
- dn = mprToString(argv[0]);
-
ldb = ejs_get_ldb_context(eid);
if (ldb == NULL) {
return -1;
}
+
+ dn = ldb_dn_explode(ldb, mprToString(argv[0]));
+ if (dn == NULL) {
+ ejsSetErrorMsg(eid, "ldb.delete malformed dn");
+ return -1;
+ }
+
ret = ldb_delete(ldb, dn);
+ talloc_free(dn);
+
mpr_Return(eid, mprCreateBoolVar(ret == 0));
return 0;
}
*/
static int ejs_ldbRename(MprVarHandle eid, int argc, struct MprVar **argv)
{
- const char *dn1, *dn2;
+ struct ldb_dn *dn1, *dn2;
struct ldb_context *ldb;
int ret;
return -1;
}
- dn1 = mprToString(argv[0]);
- dn2 = mprToString(argv[1]);
- if (dn1 == NULL || dn2 == NULL) {
- ejsSetErrorMsg(eid, "ldb.rename invalid arguments");
+ ldb = ejs_get_ldb_context(eid);
+ if (ldb == NULL) {
return -1;
}
- ldb = ejs_get_ldb_context(eid);
- if (ldb == NULL) {
+ dn1 = ldb_dn_explode(ldb, mprToString(argv[0]));
+ dn2 = ldb_dn_explode(ldb, mprToString(argv[1]));
+ if (dn1 == NULL || dn2 == NULL) {
+ ejsSetErrorMsg(eid, "ldb.rename invalid or malformed arguments");
return -1;
}
ret = ldb_rename(ldb, dn1, dn2);
+ talloc_free(dn1);
+ talloc_free(dn2);
+
mpr_Return(eid, mprCreateBoolVar(ret == 0));
return 0;
}
}
if ((account->privilege_entries && !e.out.privs)) {
- printf("Account %s has privilages in SamSync, but not LSA\n",
+ printf("Account %s has privileges in SamSync, but not LSA\n",
dom_sid_string(mem_ctx, dom_sid));
return False;
}
if (!account->privilege_entries && e.out.privs && e.out.privs->count) {
- printf("Account %s has privilages in LSA, but not SamSync\n",
+ printf("Account %s has privileges in LSA, but not SamSync\n",
dom_sid_string(mem_ctx, dom_sid));
return False;
}
git.samba.org / samba.git / commitdiff