4 Copyright (C) Simo Sorce 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb dn creation and manipulation utility functions
29 * Description: - explode a dn into it's own basic elements
30 * and put them in a structure (only if necessary)
31 * - manipulate ldb_dn structures
36 #include "ldb_private.h"
39 #define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
41 #define LDB_FREE(x) do { talloc_free(x); x = NULL; } while(0)
44 internal ldb exploded dn structures
46 struct ldb_dn_component {
52 struct ldb_val cf_value;
55 struct ldb_dn_ext_component {
63 struct ldb_context *ldb;
65 /* Special DNs are always linearized */
75 unsigned int comp_num;
76 struct ldb_dn_component *components;
78 unsigned int ext_comp_num;
79 struct ldb_dn_ext_component *ext_components;
82 /* it is helpful to be able to break on this in gdb */
83 static void ldb_dn_mark_invalid(struct ldb_dn *dn)
88 /* strdn may be NULL */
89 struct ldb_dn *ldb_dn_from_ldb_val(TALLOC_CTX *mem_ctx,
90 struct ldb_context *ldb,
91 const struct ldb_val *strdn)
95 if (! ldb) return NULL;
97 if (strdn && strdn->data
98 && (strnlen((const char*)strdn->data, strdn->length) != strdn->length)) {
99 /* The RDN must not contain a character with value 0x0 */
103 dn = talloc_zero(mem_ctx, struct ldb_dn);
104 LDB_DN_NULL_FAILED(dn);
106 dn->ldb = talloc_get_type(ldb, struct ldb_context);
107 if (dn->ldb == NULL) {
108 /* the caller probably got the arguments to
109 ldb_dn_new() mixed up */
114 if (strdn->data && strdn->length) {
115 const char *data = (const char *)strdn->data;
116 size_t length = strdn->length;
118 if (data[0] == '@') {
121 dn->ext_linearized = talloc_strndup(dn, data, length);
122 LDB_DN_NULL_FAILED(dn->ext_linearized);
124 if (data[0] == '<') {
125 const char *p_save, *p = dn->ext_linearized;
134 if (p_save == dn->ext_linearized) {
135 dn->linearized = talloc_strdup(dn, "");
137 dn->linearized = talloc_strdup(dn, p_save);
139 LDB_DN_NULL_FAILED(dn->linearized);
141 dn->linearized = dn->ext_linearized;
142 dn->ext_linearized = NULL;
145 dn->linearized = talloc_strdup(dn, "");
146 LDB_DN_NULL_FAILED(dn->linearized);
156 /* strdn may be NULL */
157 struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx,
158 struct ldb_context *ldb,
162 blob.data = discard_const_p(uint8_t, strdn);
163 blob.length = strdn ? strlen(strdn) : 0;
164 return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
167 struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx,
168 struct ldb_context *ldb,
169 const char *new_fmt, ...)
174 if ( (! mem_ctx) || (! ldb)) return NULL;
176 va_start(ap, new_fmt);
177 strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
181 struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, strdn);
189 /* see RFC2253 section 2.4 */
190 static int ldb_dn_escape_internal(char *dst, const char *src, int len)
199 while (p - src < len) {
200 p += strcspn(p, ",=\n\r+<>#;\\\" ");
202 if (p - src == len) /* found no escapable chars */
205 /* copy the part of the string before the stop */
207 d += (p - s); /* move to current position */
211 if (p == src || (p-src)==(len-1)) {
212 /* if at the beginning or end
213 * of the string then escape */
217 /* otherwise don't escape */
223 /* despite the RFC, windows escapes a #
224 anywhere in the string */
232 /* these must be escaped using \c form */
238 /* any others get \XX form */
240 const char *hexbytes = "0123456789ABCDEF";
241 v = *(const unsigned char *)p;
243 *d++ = hexbytes[v>>4];
244 *d++ = hexbytes[v&0xF];
249 s = p; /* move forward */
252 /* copy the last part (with zero) and return */
256 /* return the length of the resulting string */
257 return (l + (d - dst));
260 char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value)
267 /* allocate destination string, it will be at most 3 times the source */
268 dst = talloc_array(mem_ctx, char, value.length * 3 + 1);
274 ldb_dn_escape_internal(dst, (const char *)value.data, value.length);
276 dst = talloc_realloc(mem_ctx, dst, char, strlen(dst) + 1);
282 explode a DN string into a ldb_dn structure
283 based on RFC4514 except that we don't support multiple valued RDNs
285 TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
286 DN must be compliant with RFC2253
288 static bool ldb_dn_explode(struct ldb_dn *dn)
290 char *p, *ex_name, *ex_value, *data, *d, *dt, *t;
292 bool in_extended = true;
293 bool in_ex_name = false;
294 bool in_ex_value = false;
295 bool in_attr = false;
296 bool in_value = false;
297 bool in_quote = false;
306 if ( ! dn || dn->invalid) return false;
308 if (dn->components) {
312 if (dn->ext_linearized) {
313 parse_dn = dn->ext_linearized;
315 parse_dn = dn->linearized;
322 is_index = (strncmp(parse_dn, "DN=@INDEX:", 10) == 0);
325 if (parse_dn[0] == '\0') {
329 /* Special DNs case */
334 /* make sure we free this if allocated previously before replacing */
335 LDB_FREE(dn->components);
338 LDB_FREE(dn->ext_components);
339 dn->ext_comp_num = 0;
341 /* in the common case we have 3 or more components */
342 /* make sure all components are zeroed, other functions depend on it */
343 dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
344 if ( ! dn->components) {
348 /* Components data space is allocated here once */
349 data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
361 if (!in_ex_name && !in_ex_value) {
368 } else if (p[0] == '\0') {
380 if (in_ex_name && *p == '=') {
389 if (in_ex_value && *p == '>') {
390 const struct ldb_dn_extended_syntax *ext_syntax;
391 struct ldb_val ex_val = {
392 .data = (uint8_t *)ex_value,
393 .length = d - ex_value
400 /* Process name and ex_value */
402 dn->ext_components = talloc_realloc(dn,
404 struct ldb_dn_ext_component,
405 dn->ext_comp_num + 1);
406 if ( ! dn->ext_components) {
411 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, ex_name);
413 /* We don't know about this type of extended DN */
417 dn->ext_components[dn->ext_comp_num].name = talloc_strdup(dn->ext_components, ex_name);
418 if (!dn->ext_components[dn->ext_comp_num].name) {
422 ret = ext_syntax->read_fn(dn->ldb, dn->ext_components,
423 &ex_val, &dn->ext_components[dn->ext_comp_num].value);
424 if (ret != LDB_SUCCESS) {
425 ldb_dn_mark_invalid(dn);
432 /* We have reached the end (extended component only)! */
436 } else if (*p == ';') {
440 ldb_dn_mark_invalid(dn);
459 /* attr names must be ascii only */
460 ldb_dn_mark_invalid(dn);
467 if ( ! isalpha(*p)) {
468 /* not a digit nor an alpha,
469 * invalid attribute name */
470 ldb_dn_mark_invalid(dn);
474 /* Copy this character across from parse_dn,
475 * now we have trimmed out spaces */
482 /* valid only if we are at the end */
487 if (trim && (*p != '=')) {
488 /* spaces/tabs are not allowed */
489 ldb_dn_mark_invalid(dn);
494 /* attribute terminated */
500 /* Terminate this string in d
501 * (which is a copy of parse_dn
502 * with spaces trimmed) */
504 dn->components[dn->comp_num].name = talloc_strdup(dn->components, dt);
505 if ( ! dn->components[dn->comp_num].name) {
517 /* attr names must be ascii only */
518 ldb_dn_mark_invalid(dn);
522 if (is_oid && ( ! (isdigit(*p) || (*p == '.')))) {
523 /* not a digit nor a dot,
524 * invalid attribute oid */
525 ldb_dn_mark_invalid(dn);
528 if ( ! (isalpha(*p) || isdigit(*p) || (*p == '-'))) {
529 /* not ALPHA, DIGIT or HYPHEN */
530 ldb_dn_mark_invalid(dn);
570 /* TODO: support ber encoded values
581 /* ok found value terminator */
595 dn->components[dn->comp_num].value.data = (uint8_t *)talloc_strdup(dn->components, dt);
596 dn->components[dn->comp_num].value.length = l;
597 if ( ! dn->components[dn->comp_num].value.data) {
605 if (dn->comp_num > 2) {
606 dn->components = talloc_realloc(dn,
608 struct ldb_dn_component,
610 if ( ! dn->components) {
614 /* make sure all components are zeroed, other functions depend on this */
615 memset(&dn->components[dn->comp_num], '\0', sizeof(struct ldb_dn_component));
622 /* to main compatibility with earlier
623 versions of ldb indexing, we have to
624 accept the base64 encoded binary index
625 values, which contain a '+' or '='
626 which should normally be escaped */
638 /* a string with not escaped specials is invalid (tested) */
640 ldb_dn_mark_invalid(dn);
667 if (isxdigit(p[0]) && isxdigit(p[1])) {
668 if (sscanf(p, "%02x", &x) != 1) {
669 /* invalid escaping sequence */
670 ldb_dn_mark_invalid(dn);
674 *d++ = (unsigned char)x;
700 if (in_attr || in_quote) {
702 ldb_dn_mark_invalid(dn);
706 /* save last element */
714 dn->components[dn->comp_num].value.length = l;
715 dn->components[dn->comp_num].value.data =
716 (uint8_t *)talloc_strdup(dn->components, dt);
717 if ( ! dn->components[dn->comp_num].value.data) {
728 LDB_FREE(dn->components); /* "data" is implicitly free'd */
730 LDB_FREE(dn->ext_components);
731 dn->ext_comp_num = 0;
736 bool ldb_dn_validate(struct ldb_dn *dn)
738 return ldb_dn_explode(dn);
741 const char *ldb_dn_get_linearized(struct ldb_dn *dn)
747 if ( ! dn || ( dn->invalid)) return NULL;
749 if (dn->linearized) return dn->linearized;
751 if ( ! dn->components) {
752 ldb_dn_mark_invalid(dn);
756 if (dn->comp_num == 0) {
757 dn->linearized = talloc_strdup(dn, "");
758 if ( ! dn->linearized) return NULL;
759 return dn->linearized;
762 /* calculate maximum possible length of DN */
763 for (len = 0, i = 0; i < dn->comp_num; i++) {
765 len += strlen(dn->components[i].name);
766 /* max escaped data len */
767 len += (dn->components[i].value.length * 3);
768 len += 2; /* '=' and ',' */
770 dn->linearized = talloc_array(dn, char, len);
771 if ( ! dn->linearized) return NULL;
775 for (i = 0; i < dn->comp_num; i++) {
778 n = dn->components[i].name;
779 while (*n) *d++ = *n++;
784 d += ldb_dn_escape_internal( d,
785 (char *)dn->components[i].value.data,
786 dn->components[i].value.length);
792 /* don't waste more memory than necessary */
793 dn->linearized = talloc_realloc(dn, dn->linearized,
794 char, (d - dn->linearized + 1));
796 return dn->linearized;
799 static int ldb_dn_extended_component_compare(const void *p1, const void *p2)
801 const struct ldb_dn_ext_component *ec1 = (const struct ldb_dn_ext_component *)p1;
802 const struct ldb_dn_ext_component *ec2 = (const struct ldb_dn_ext_component *)p2;
803 return strcmp(ec1->name, ec2->name);
806 char *ldb_dn_get_extended_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int mode)
808 const char *linearized = ldb_dn_get_linearized(dn);
816 if (!ldb_dn_has_extended(dn)) {
817 return talloc_strdup(mem_ctx, linearized);
820 if (!ldb_dn_validate(dn)) {
824 /* sort the extended components by name. The idea is to make
825 * the resulting DNs consistent, plus to ensure that we put
826 * 'DELETED' first, so it can be very quickly recognised
828 TYPESAFE_QSORT(dn->ext_components, dn->ext_comp_num,
829 ldb_dn_extended_component_compare);
831 for (i = 0; i < dn->ext_comp_num; i++) {
832 const struct ldb_dn_extended_syntax *ext_syntax;
833 const char *name = dn->ext_components[i].name;
834 struct ldb_val ec_val = dn->ext_components[i].value;
838 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, name);
844 ret = ext_syntax->write_clear_fn(dn->ldb, mem_ctx,
846 } else if (mode == 0) {
847 ret = ext_syntax->write_hex_fn(dn->ldb, mem_ctx,
853 if (ret != LDB_SUCCESS) {
858 p = talloc_asprintf(mem_ctx, "<%s=%s>",
861 p = talloc_asprintf_append_buffer(p, ";<%s=%s>",
865 talloc_free(val.data);
872 if (dn->ext_comp_num && *linearized) {
873 p = talloc_asprintf_append_buffer(p, ";%s", linearized);
884 filter out all but an acceptable list of extended DN components
886 void ldb_dn_extended_filter(struct ldb_dn *dn, const char * const *accept_list)
889 for (i=0; i<dn->ext_comp_num; i++) {
890 if (!ldb_attr_in_list(accept_list, dn->ext_components[i].name)) {
891 memmove(&dn->ext_components[i],
892 &dn->ext_components[i+1],
893 (dn->ext_comp_num-(i+1))*sizeof(dn->ext_components[0]));
898 LDB_FREE(dn->ext_linearized);
902 char *ldb_dn_alloc_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
904 return talloc_strdup(mem_ctx, ldb_dn_get_linearized(dn));
908 casefold a dn. We need to casefold the attribute names, and canonicalize
909 attribute values of case insensitive attributes.
912 static bool ldb_dn_casefold_internal(struct ldb_dn *dn)
917 if ( ! dn || dn->invalid) return false;
919 if (dn->valid_case) return true;
921 if (( ! dn->components) && ( ! ldb_dn_explode(dn))) {
925 for (i = 0; i < dn->comp_num; i++) {
926 const struct ldb_schema_attribute *a;
928 dn->components[i].cf_name =
929 ldb_attr_casefold(dn->components,
930 dn->components[i].name);
931 if (!dn->components[i].cf_name) {
935 a = ldb_schema_attribute_by_name(dn->ldb,
936 dn->components[i].cf_name);
938 ret = a->syntax->canonicalise_fn(dn->ldb, dn->components,
939 &(dn->components[i].value),
940 &(dn->components[i].cf_value));
946 dn->valid_case = true;
951 for (i = 0; i < dn->comp_num; i++) {
952 LDB_FREE(dn->components[i].cf_name);
953 LDB_FREE(dn->components[i].cf_value.data);
958 const char *ldb_dn_get_casefold(struct ldb_dn *dn)
964 if (dn->casefold) return dn->casefold;
967 dn->casefold = talloc_strdup(dn, dn->linearized);
968 if (!dn->casefold) return NULL;
969 dn->valid_case = true;
973 if ( ! ldb_dn_casefold_internal(dn)) {
977 if (dn->comp_num == 0) {
978 dn->casefold = talloc_strdup(dn, "");
982 /* calculate maximum possible length of DN */
983 for (len = 0, i = 0; i < dn->comp_num; i++) {
985 len += strlen(dn->components[i].cf_name);
986 /* max escaped data len */
987 len += (dn->components[i].cf_value.length * 3);
988 len += 2; /* '=' and ',' */
990 dn->casefold = talloc_array(dn, char, len);
991 if ( ! dn->casefold) return NULL;
995 for (i = 0; i < dn->comp_num; i++) {
998 n = dn->components[i].cf_name;
999 while (*n) *d++ = *n++;
1004 d += ldb_dn_escape_internal( d,
1005 (char *)dn->components[i].cf_value.data,
1006 dn->components[i].cf_value.length);
1011 /* don't waste more memory than necessary */
1012 dn->casefold = talloc_realloc(dn, dn->casefold,
1013 char, strlen(dn->casefold) + 1);
1015 return dn->casefold;
1018 char *ldb_dn_alloc_casefold(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1020 return talloc_strdup(mem_ctx, ldb_dn_get_casefold(dn));
1023 /* Determine if dn is below base, in the ldap tree. Used for
1024 * evaluating a subtree search.
1025 * 0 if they match, otherwise non-zero
1028 int ldb_dn_compare_base(struct ldb_dn *base, struct ldb_dn *dn)
1031 unsigned int n_base, n_dn;
1033 if ( ! base || base->invalid) return 1;
1034 if ( ! dn || dn->invalid) return -1;
1036 if (( ! base->valid_case) || ( ! dn->valid_case)) {
1037 if (base->linearized && dn->linearized) {
1038 /* try with a normal compare first, if we are lucky
1039 * we will avoid exploding and casfolding */
1041 dif = strlen(dn->linearized) - strlen(base->linearized);
1045 if (strcmp(base->linearized,
1046 &dn->linearized[dif]) == 0) {
1051 if ( ! ldb_dn_casefold_internal(base)) {
1055 if ( ! ldb_dn_casefold_internal(dn)) {
1061 /* if base has more components,
1062 * they don't have the same base */
1063 if (base->comp_num > dn->comp_num) {
1064 return (dn->comp_num - base->comp_num);
1067 if ((dn->comp_num == 0) || (base->comp_num == 0)) {
1068 if (dn->special && base->special) {
1069 return strcmp(base->linearized, dn->linearized);
1070 } else if (dn->special) {
1072 } else if (base->special) {
1079 n_base = base->comp_num - 1;
1080 n_dn = dn->comp_num - 1;
1082 while (n_base != (unsigned int) -1) {
1083 char *b_name = base->components[n_base].cf_name;
1084 char *dn_name = dn->components[n_dn].cf_name;
1086 char *b_vdata = (char *)base->components[n_base].cf_value.data;
1087 char *dn_vdata = (char *)dn->components[n_dn].cf_value.data;
1089 size_t b_vlen = base->components[n_base].cf_value.length;
1090 size_t dn_vlen = dn->components[n_dn].cf_value.length;
1092 /* compare attr names */
1093 ret = strcmp(b_name, dn_name);
1094 if (ret != 0) return ret;
1096 /* compare attr.cf_value. */
1097 if (b_vlen != dn_vlen) {
1098 return b_vlen - dn_vlen;
1100 ret = strcmp(b_vdata, dn_vdata);
1101 if (ret != 0) return ret;
1110 /* compare DNs using casefolding compare functions.
1112 If they match, then return 0
1115 int ldb_dn_compare(struct ldb_dn *dn0, struct ldb_dn *dn1)
1120 if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
1124 if (( ! dn0->valid_case) || ( ! dn1->valid_case)) {
1125 if (dn0->linearized && dn1->linearized) {
1126 /* try with a normal compare first, if we are lucky
1127 * we will avoid exploding and casfolding */
1128 if (strcmp(dn0->linearized, dn1->linearized) == 0) {
1133 if ( ! ldb_dn_casefold_internal(dn0)) {
1137 if ( ! ldb_dn_casefold_internal(dn1)) {
1143 if (dn0->comp_num != dn1->comp_num) {
1144 return (dn1->comp_num - dn0->comp_num);
1147 if (dn0->comp_num == 0) {
1148 if (dn0->special && dn1->special) {
1149 return strcmp(dn0->linearized, dn1->linearized);
1150 } else if (dn0->special) {
1152 } else if (dn1->special) {
1159 for (i = 0; i < dn0->comp_num; i++) {
1160 char *dn0_name = dn0->components[i].cf_name;
1161 char *dn1_name = dn1->components[i].cf_name;
1163 char *dn0_vdata = (char *)dn0->components[i].cf_value.data;
1164 char *dn1_vdata = (char *)dn1->components[i].cf_value.data;
1166 size_t dn0_vlen = dn0->components[i].cf_value.length;
1167 size_t dn1_vlen = dn1->components[i].cf_value.length;
1169 /* compare attr names */
1170 ret = strcmp(dn0_name, dn1_name);
1175 /* compare attr.cf_value. */
1176 if (dn0_vlen != dn1_vlen) {
1177 return dn0_vlen - dn1_vlen;
1179 ret = strcmp(dn0_vdata, dn1_vdata);
1188 static struct ldb_dn_component ldb_dn_copy_component(
1189 TALLOC_CTX *mem_ctx,
1190 struct ldb_dn_component *src)
1192 struct ldb_dn_component dst;
1194 memset(&dst, 0, sizeof(dst));
1200 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1201 if (dst.value.data == NULL) {
1205 dst.name = talloc_strdup(mem_ctx, src->name);
1206 if (dst.name == NULL) {
1207 LDB_FREE(dst.value.data);
1211 if (src->cf_value.data) {
1212 dst.cf_value = ldb_val_dup(mem_ctx, &(src->cf_value));
1213 if (dst.cf_value.data == NULL) {
1214 LDB_FREE(dst.value.data);
1219 dst.cf_name = talloc_strdup(mem_ctx, src->cf_name);
1220 if (dst.cf_name == NULL) {
1221 LDB_FREE(dst.cf_name);
1222 LDB_FREE(dst.value.data);
1227 dst.cf_value.data = NULL;
1234 static struct ldb_dn_ext_component ldb_dn_ext_copy_component(
1235 TALLOC_CTX *mem_ctx,
1236 struct ldb_dn_ext_component *src)
1238 struct ldb_dn_ext_component dst;
1240 memset(&dst, 0, sizeof(dst));
1246 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1247 if (dst.value.data == NULL) {
1251 dst.name = talloc_strdup(mem_ctx, src->name);
1252 if (dst.name == NULL) {
1253 LDB_FREE(dst.value.data);
1260 struct ldb_dn *ldb_dn_copy(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1262 struct ldb_dn *new_dn;
1264 if (!dn || dn->invalid) {
1268 new_dn = talloc_zero(mem_ctx, struct ldb_dn);
1275 if (dn->components) {
1278 new_dn->components =
1279 talloc_zero_array(new_dn,
1280 struct ldb_dn_component,
1282 if ( ! new_dn->components) {
1283 talloc_free(new_dn);
1287 for (i = 0; i < dn->comp_num; i++) {
1288 new_dn->components[i] =
1289 ldb_dn_copy_component(new_dn->components,
1290 &dn->components[i]);
1291 if ( ! new_dn->components[i].value.data) {
1292 talloc_free(new_dn);
1298 if (dn->ext_components) {
1301 new_dn->ext_components =
1302 talloc_zero_array(new_dn,
1303 struct ldb_dn_ext_component,
1305 if ( ! new_dn->ext_components) {
1306 talloc_free(new_dn);
1310 for (i = 0; i < dn->ext_comp_num; i++) {
1311 new_dn->ext_components[i] =
1312 ldb_dn_ext_copy_component(
1313 new_dn->ext_components,
1314 &dn->ext_components[i]);
1315 if ( ! new_dn->ext_components[i].value.data) {
1316 talloc_free(new_dn);
1323 new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
1324 if ( ! new_dn->casefold) {
1325 talloc_free(new_dn);
1330 if (dn->linearized) {
1331 new_dn->linearized = talloc_strdup(new_dn, dn->linearized);
1332 if ( ! new_dn->linearized) {
1333 talloc_free(new_dn);
1338 if (dn->ext_linearized) {
1339 new_dn->ext_linearized = talloc_strdup(new_dn,
1340 dn->ext_linearized);
1341 if ( ! new_dn->ext_linearized) {
1342 talloc_free(new_dn);
1350 /* modify the given dn by adding a base.
1352 * return true if successful and false if not
1353 * if false is returned the dn may be marked invalid
1355 bool ldb_dn_add_base(struct ldb_dn *dn, struct ldb_dn *base)
1360 if ( !base || base->invalid || !dn || dn->invalid) {
1364 if (dn->components) {
1367 if ( ! ldb_dn_validate(base)) {
1372 if (dn->valid_case) {
1373 if ( ! (s = ldb_dn_get_casefold(base))) {
1378 dn->components = talloc_realloc(dn,
1380 struct ldb_dn_component,
1381 dn->comp_num + base->comp_num);
1382 if ( ! dn->components) {
1383 ldb_dn_mark_invalid(dn);
1387 for (i = 0; i < base->comp_num; dn->comp_num++, i++) {
1388 dn->components[dn->comp_num] =
1389 ldb_dn_copy_component(dn->components,
1390 &base->components[i]);
1391 if (dn->components[dn->comp_num].value.data == NULL) {
1392 ldb_dn_mark_invalid(dn);
1397 if (dn->casefold && s) {
1398 if (*dn->casefold) {
1399 t = talloc_asprintf(dn, "%s,%s",
1402 t = talloc_strdup(dn, s);
1404 LDB_FREE(dn->casefold);
1409 if (dn->linearized) {
1411 s = ldb_dn_get_linearized(base);
1416 if (*dn->linearized) {
1417 t = talloc_asprintf(dn, "%s,%s",
1420 t = talloc_strdup(dn, s);
1423 ldb_dn_mark_invalid(dn);
1426 LDB_FREE(dn->linearized);
1430 /* Wipe the ext_linearized DN,
1431 * the GUID and SID are almost certainly no longer valid */
1432 LDB_FREE(dn->ext_linearized);
1433 LDB_FREE(dn->ext_components);
1434 dn->ext_comp_num = 0;
1439 /* modify the given dn by adding a base.
1441 * return true if successful and false if not
1442 * if false is returned the dn may be marked invalid
1444 bool ldb_dn_add_base_fmt(struct ldb_dn *dn, const char *base_fmt, ...)
1446 struct ldb_dn *base;
1451 if ( !dn || dn->invalid) {
1455 va_start(ap, base_fmt);
1456 base_str = talloc_vasprintf(dn, base_fmt, ap);
1459 if (base_str == NULL) {
1463 base = ldb_dn_new(base_str, dn->ldb, base_str);
1465 ret = ldb_dn_add_base(dn, base);
1467 talloc_free(base_str);
1472 /* modify the given dn by adding children elements.
1474 * return true if successful and false if not
1475 * if false is returned the dn may be marked invalid
1477 bool ldb_dn_add_child(struct ldb_dn *dn, struct ldb_dn *child)
1482 if ( !child || child->invalid || !dn || dn->invalid) {
1486 if (dn->components) {
1490 if (dn->comp_num == 0) {
1494 if ( ! ldb_dn_validate(child)) {
1499 if (dn->valid_case) {
1500 if ( ! (s = ldb_dn_get_casefold(child))) {
1505 n = dn->comp_num + child->comp_num;
1507 dn->components = talloc_realloc(dn,
1509 struct ldb_dn_component,
1511 if ( ! dn->components) {
1512 ldb_dn_mark_invalid(dn);
1516 for (i = dn->comp_num - 1, j = n - 1; i != (unsigned int) -1;
1518 dn->components[j] = dn->components[i];
1521 for (i = 0; i < child->comp_num; i++) {
1523 ldb_dn_copy_component(dn->components,
1524 &child->components[i]);
1525 if (dn->components[i].value.data == NULL) {
1526 ldb_dn_mark_invalid(dn);
1533 if (dn->casefold && s) {
1534 t = talloc_asprintf(dn, "%s,%s", s, dn->casefold);
1535 LDB_FREE(dn->casefold);
1540 if (dn->linearized) {
1541 if (dn->linearized[0] == '\0') {
1545 s = ldb_dn_get_linearized(child);
1550 t = talloc_asprintf(dn, "%s,%s", s, dn->linearized);
1552 ldb_dn_mark_invalid(dn);
1555 LDB_FREE(dn->linearized);
1559 /* Wipe the ext_linearized DN,
1560 * the GUID and SID are almost certainly no longer valid */
1561 LDB_FREE(dn->ext_linearized);
1562 LDB_FREE(dn->ext_components);
1563 dn->ext_comp_num = 0;
1568 /* modify the given dn by adding children elements.
1570 * return true if successful and false if not
1571 * if false is returned the dn may be marked invalid
1573 bool ldb_dn_add_child_fmt(struct ldb_dn *dn, const char *child_fmt, ...)
1575 struct ldb_dn *child;
1580 if ( !dn || dn->invalid) {
1584 va_start(ap, child_fmt);
1585 child_str = talloc_vasprintf(dn, child_fmt, ap);
1588 if (child_str == NULL) {
1592 child = ldb_dn_new(child_str, dn->ldb, child_str);
1594 ret = ldb_dn_add_child(dn, child);
1596 talloc_free(child_str);
1601 bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num)
1605 if ( ! ldb_dn_validate(dn)) {
1609 if (dn->comp_num < num) {
1613 /* free components */
1614 for (i = dn->comp_num - num; i < dn->comp_num; i++) {
1615 LDB_FREE(dn->components[i].name);
1616 LDB_FREE(dn->components[i].value.data);
1617 LDB_FREE(dn->components[i].cf_name);
1618 LDB_FREE(dn->components[i].cf_value.data);
1621 dn->comp_num -= num;
1623 if (dn->valid_case) {
1624 for (i = 0; i < dn->comp_num; i++) {
1625 LDB_FREE(dn->components[i].cf_name);
1626 LDB_FREE(dn->components[i].cf_value.data);
1628 dn->valid_case = false;
1631 LDB_FREE(dn->casefold);
1632 LDB_FREE(dn->linearized);
1634 /* Wipe the ext_linearized DN,
1635 * the GUID and SID are almost certainly no longer valid */
1636 LDB_FREE(dn->ext_linearized);
1637 LDB_FREE(dn->ext_components);
1638 dn->ext_comp_num = 0;
1643 bool ldb_dn_remove_child_components(struct ldb_dn *dn, unsigned int num)
1647 if ( ! ldb_dn_validate(dn)) {
1651 if (dn->comp_num < num) {
1655 for (i = 0, j = num; j < dn->comp_num; i++, j++) {
1657 LDB_FREE(dn->components[i].name);
1658 LDB_FREE(dn->components[i].value.data);
1659 LDB_FREE(dn->components[i].cf_name);
1660 LDB_FREE(dn->components[i].cf_value.data);
1662 dn->components[i] = dn->components[j];
1665 dn->comp_num -= num;
1667 if (dn->valid_case) {
1668 for (i = 0; i < dn->comp_num; i++) {
1669 LDB_FREE(dn->components[i].cf_name);
1670 LDB_FREE(dn->components[i].cf_value.data);
1672 dn->valid_case = false;
1675 LDB_FREE(dn->casefold);
1676 LDB_FREE(dn->linearized);
1678 /* Wipe the ext_linearized DN,
1679 * the GUID and SID are almost certainly no longer valid */
1680 LDB_FREE(dn->ext_linearized);
1681 LDB_FREE(dn->ext_components);
1682 dn->ext_comp_num = 0;
1687 struct ldb_dn *ldb_dn_get_parent(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1689 struct ldb_dn *new_dn;
1691 new_dn = ldb_dn_copy(mem_ctx, dn);
1696 if ( ! ldb_dn_remove_child_components(new_dn, 1)) {
1697 talloc_free(new_dn);
1704 /* Create a 'canonical name' string from a DN:
1706 ie dc=samba,dc=org -> samba.org/
1707 uid=administrator,ou=users,dc=samba,dc=org = samba.org/users/administrator
1709 There are two formats,
1710 the EX format has the last '/' replaced with a newline (\n).
1713 static char *ldb_dn_canonical(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int ex_format) {
1716 char *cracked = NULL;
1717 const char *format = (ex_format ? "\n" : "/" );
1719 if ( ! ldb_dn_validate(dn)) {
1723 tmpctx = talloc_new(mem_ctx);
1725 /* Walk backwards down the DN, grabbing 'dc' components at first */
1726 for (i = dn->comp_num - 1; i != (unsigned int) -1; i--) {
1727 if (ldb_attr_cmp(dn->components[i].name, "dc") != 0) {
1731 cracked = talloc_asprintf(tmpctx, "%s.%s",
1732 ldb_dn_escape_value(tmpctx,
1733 dn->components[i].value),
1736 cracked = ldb_dn_escape_value(tmpctx,
1737 dn->components[i].value);
1744 /* Only domain components? Finish here */
1745 if (i == (unsigned int) -1) {
1746 cracked = talloc_strdup_append_buffer(cracked, format);
1747 talloc_steal(mem_ctx, cracked);
1751 /* Now walk backwards appending remaining components */
1752 for (; i > 0; i--) {
1753 cracked = talloc_asprintf_append_buffer(cracked, "/%s",
1754 ldb_dn_escape_value(tmpctx,
1755 dn->components[i].value));
1761 /* Last one, possibly a newline for the 'ex' format */
1762 cracked = talloc_asprintf_append_buffer(cracked, "%s%s", format,
1763 ldb_dn_escape_value(tmpctx,
1764 dn->components[i].value));
1766 talloc_steal(mem_ctx, cracked);
1768 talloc_free(tmpctx);
1772 /* Wrapper functions for the above, for the two different string formats */
1773 char *ldb_dn_canonical_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1774 return ldb_dn_canonical(mem_ctx, dn, 0);
1778 char *ldb_dn_canonical_ex_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1779 return ldb_dn_canonical(mem_ctx, dn, 1);
1782 int ldb_dn_get_comp_num(struct ldb_dn *dn)
1784 if ( ! ldb_dn_validate(dn)) {
1787 return dn->comp_num;
1790 int ldb_dn_get_extended_comp_num(struct ldb_dn *dn)
1792 if ( ! ldb_dn_validate(dn)) {
1795 return dn->ext_comp_num;
1798 const char *ldb_dn_get_component_name(struct ldb_dn *dn, unsigned int num)
1800 if ( ! ldb_dn_validate(dn)) {
1803 if (num >= dn->comp_num) return NULL;
1804 return dn->components[num].name;
1807 const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn,
1810 if ( ! ldb_dn_validate(dn)) {
1813 if (num >= dn->comp_num) return NULL;
1814 return &dn->components[num].value;
1817 const char *ldb_dn_get_rdn_name(struct ldb_dn *dn)
1819 if ( ! ldb_dn_validate(dn)) {
1822 if (dn->comp_num == 0) return NULL;
1823 return dn->components[0].name;
1826 const struct ldb_val *ldb_dn_get_rdn_val(struct ldb_dn *dn)
1828 if ( ! ldb_dn_validate(dn)) {
1831 if (dn->comp_num == 0) return NULL;
1832 return &dn->components[0].value;
1835 int ldb_dn_set_component(struct ldb_dn *dn, int num,
1836 const char *name, const struct ldb_val val)
1841 if ( ! ldb_dn_validate(dn)) {
1842 return LDB_ERR_OTHER;
1845 if (num >= dn->comp_num) {
1846 return LDB_ERR_OTHER;
1849 n = talloc_strdup(dn, name);
1851 return LDB_ERR_OTHER;
1854 v.length = val.length;
1855 v.data = (uint8_t *)talloc_memdup(dn, val.data, v.length+1);
1858 return LDB_ERR_OTHER;
1861 talloc_free(dn->components[num].name);
1862 talloc_free(dn->components[num].value.data);
1863 dn->components[num].name = n;
1864 dn->components[num].value = v;
1866 if (dn->valid_case) {
1868 for (i = 0; i < dn->comp_num; i++) {
1869 LDB_FREE(dn->components[i].cf_name);
1870 LDB_FREE(dn->components[i].cf_value.data);
1872 dn->valid_case = false;
1874 LDB_FREE(dn->casefold);
1875 LDB_FREE(dn->linearized);
1877 /* Wipe the ext_linearized DN,
1878 * the GUID and SID are almost certainly no longer valid */
1879 LDB_FREE(dn->ext_linearized);
1880 LDB_FREE(dn->ext_components);
1881 dn->ext_comp_num = 0;
1886 const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn,
1890 if ( ! ldb_dn_validate(dn)) {
1893 for (i=0; i < dn->ext_comp_num; i++) {
1894 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1895 return &dn->ext_components[i].value;
1901 int ldb_dn_set_extended_component(struct ldb_dn *dn,
1902 const char *name, const struct ldb_val *val)
1904 struct ldb_dn_ext_component *p;
1908 if ( ! ldb_dn_validate(dn)) {
1909 return LDB_ERR_OTHER;
1912 if (!ldb_dn_extended_syntax_by_name(dn->ldb, name)) {
1913 /* We don't know how to handle this type of thing */
1914 return LDB_ERR_INVALID_DN_SYNTAX;
1917 for (i=0; i < dn->ext_comp_num; i++) {
1918 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1920 dn->ext_components[i].value =
1921 ldb_val_dup(dn->ext_components, val);
1923 dn->ext_components[i].name =
1924 talloc_strdup(dn->ext_components, name);
1925 if (!dn->ext_components[i].name ||
1926 !dn->ext_components[i].value.data) {
1927 ldb_dn_mark_invalid(dn);
1928 return LDB_ERR_OPERATIONS_ERROR;
1931 if (i != (dn->ext_comp_num - 1)) {
1932 memmove(&dn->ext_components[i],
1933 &dn->ext_components[i+1],
1934 ((dn->ext_comp_num-1) - i) *
1935 sizeof(*dn->ext_components));
1939 dn->ext_components = talloc_realloc(dn,
1941 struct ldb_dn_ext_component,
1943 if (!dn->ext_components) {
1944 ldb_dn_mark_invalid(dn);
1945 return LDB_ERR_OPERATIONS_ERROR;
1948 LDB_FREE(dn->ext_linearized);
1955 /* removing a value that doesn't exist is not an error */
1961 p = dn->ext_components
1962 = talloc_realloc(dn,
1964 struct ldb_dn_ext_component,
1965 dn->ext_comp_num + 1);
1966 if (!dn->ext_components) {
1967 ldb_dn_mark_invalid(dn);
1968 return LDB_ERR_OPERATIONS_ERROR;
1971 p[dn->ext_comp_num].value = ldb_val_dup(dn->ext_components, &v2);
1972 p[dn->ext_comp_num].name = talloc_strdup(p, name);
1974 if (!dn->ext_components[i].name || !dn->ext_components[i].value.data) {
1975 ldb_dn_mark_invalid(dn);
1976 return LDB_ERR_OPERATIONS_ERROR;
1978 dn->ext_components = p;
1981 LDB_FREE(dn->ext_linearized);
1986 void ldb_dn_remove_extended_components(struct ldb_dn *dn)
1988 LDB_FREE(dn->ext_linearized);
1989 LDB_FREE(dn->ext_components);
1990 dn->ext_comp_num = 0;
1993 bool ldb_dn_is_valid(struct ldb_dn *dn)
1995 if ( ! dn) return false;
1996 return ! dn->invalid;
1999 bool ldb_dn_is_special(struct ldb_dn *dn)
2001 if ( ! dn || dn->invalid) return false;
2005 bool ldb_dn_has_extended(struct ldb_dn *dn)
2007 if ( ! dn || dn->invalid) return false;
2008 if (dn->ext_linearized && (dn->ext_linearized[0] == '<')) return true;
2009 return dn->ext_comp_num != 0;
2012 bool ldb_dn_check_special(struct ldb_dn *dn, const char *check)
2014 if ( ! dn || dn->invalid) return false;
2015 return ! strcmp(dn->linearized, check);
2018 bool ldb_dn_is_null(struct ldb_dn *dn)
2020 if ( ! dn || dn->invalid) return false;
2021 if (ldb_dn_has_extended(dn)) return false;
2022 if (dn->linearized && (dn->linearized[0] == '\0')) return true;
2027 this updates dn->components, taking the components from ref_dn.
2028 This is used by code that wants to update the DN path of a DN
2029 while not impacting on the extended DN components
2031 int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn)
2033 dn->components = talloc_realloc(dn, dn->components,
2034 struct ldb_dn_component, ref_dn->comp_num);
2035 if (!dn->components) {
2036 return LDB_ERR_OPERATIONS_ERROR;
2038 memcpy(dn->components, ref_dn->components,
2039 sizeof(struct ldb_dn_component)*ref_dn->comp_num);
2040 dn->comp_num = ref_dn->comp_num;
2042 LDB_FREE(dn->casefold);
2043 LDB_FREE(dn->linearized);
2044 LDB_FREE(dn->ext_linearized);
2050 minimise a DN. The caller must pass in a validated DN.
2052 If the DN has an extended component then only the first extended
2053 component is kept, the DN string is stripped.
2055 The existing dn is modified
2057 bool ldb_dn_minimise(struct ldb_dn *dn)
2061 if (!ldb_dn_validate(dn)) {
2064 if (dn->ext_comp_num == 0) {
2068 /* free components */
2069 for (i = 0; i < dn->comp_num; i++) {
2070 LDB_FREE(dn->components[i].name);
2071 LDB_FREE(dn->components[i].value.data);
2072 LDB_FREE(dn->components[i].cf_name);
2073 LDB_FREE(dn->components[i].cf_value.data);
2076 dn->valid_case = false;
2078 LDB_FREE(dn->casefold);
2079 LDB_FREE(dn->linearized);
2081 /* note that we don't free dn->components as this there are
2082 * several places in ldb_dn.c that rely on it being non-NULL
2083 * for an exploded DN
2086 for (i = 1; i < dn->ext_comp_num; i++) {
2087 LDB_FREE(dn->ext_components[i].name);
2088 LDB_FREE(dn->ext_components[i].value.data);
2090 dn->ext_comp_num = 1;
2092 dn->ext_components = talloc_realloc(dn, dn->ext_components, struct ldb_dn_ext_component, 1);
2093 if (dn->ext_components == NULL) {
2094 ldb_dn_mark_invalid(dn);
2098 LDB_FREE(dn->ext_linearized);