source/lib/db_wrap_proto.h
source/lib/charset/charset_proto.h
source/lib/cmdline/credentials.h
-source/lib/ldb/samba/ldif_handlers.h
+source/lib/ldb/samba/ldif_handlers_proto.h
source/lib/registry/regf.h
source/lib/registry/tdr_regf.c
source/lib/registry/tdr_regf.h
"schema_fsmo_init: dsdb_schema load failed: %s",
error_string);
talloc_free(mem_ctx);
+ return ret;
}
/* dsdb_set_schema() steal schema into the ldb_context */
ldb.add({"dn": "@PARTITION",
"partition": [s4.basedn + ":" + s4.url, s3.basedn + ":" + s3.url],
- "replicateEntries": ["@SUBCLASSES", "@ATTRIBUTES", "@INDEXLIST"]})
+ "replicateEntries": ["@ATTRIBUTES", "@INDEXLIST"]})
def setUp(self):
super(MapBaseTestCase, self).setUp()
#include "librpc/gen_ndr/security.h"
#include "lib/ldb/include/ldb.h"
+#include "lib/ldb-samba/ldif_handlers.h"
#include "librpc/gen_ndr/samr.h"
#include "librpc/gen_ndr/drsuapi.h"
#include "librpc/gen_ndr/drsblobs.h"
const char *equality;
const char *substring;
const char *comment;
+ const char *ldb_syntax;
WERROR (*drsuapi_to_ldb)(const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
if (!prefix_val) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: no prefixMap attribute found");
- talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load oid mappings: %s",
win_errstr(status));
- talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
"schema_fsmo_init: failed to load attribute definition: %s:%s",
ldb_dn_get_linearized(attrs_res->msgs[i]->dn),
win_errstr(status));
- talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
"schema_fsmo_init: failed to load class definition: %s:%s",
ldb_dn_get_linearized(objectclass_res->msgs[i]->dn),
win_errstr(status));
- talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
"(&(&(objectClass=classSchema)(subClassOf=%s))(!(lDAPDisplayName=%s)))",
name, name);
if (ret != LDB_SUCCESS) {
- printf("Search failed: %s\n", ldb_errstring(ldb));
return ret;
}
static int fetch_objectclass_schema(struct ldb_context *ldb, struct ldb_dn *schemadn,
TALLOC_CTX *mem_ctx,
- struct ldb_result **objectclasses_res)
+ struct ldb_result **objectclasses_res,
+ char **error_string)
{
TALLOC_CTX *local_ctx = talloc_new(mem_ctx);
struct ldb_result *top_res, *ret_res;
return LDB_ERR_OPERATIONS_ERROR;
}
- /* Downlaod 'top' */
+ /* Download 'top' */
ret = ldb_search(ldb, schemadn, LDB_SCOPE_SUBTREE,
"(&(objectClass=classSchema)(lDAPDisplayName=top))",
NULL, &top_res);
if (ret != LDB_SUCCESS) {
- printf("Search failed: %s\n", ldb_errstring(ldb));
- return LDB_ERR_OPERATIONS_ERROR;
+ *error_string = talloc_asprintf(mem_ctx,
+ "dsdb_schema: failed to search for top classSchema object: %s",
+ ldb_errstring(ldb));
+ return ret;
}
talloc_steal(local_ctx, top_res);
if (top_res->count != 1) {
- return LDB_ERR_OPERATIONS_ERROR;
+ *error_string = talloc_asprintf(mem_ctx,
+ "dsdb_schema: failed to find top classSchema object");
+ return LDB_ERR_NO_SUCH_OBJECT;
}
ret_res = talloc_zero(local_ctx, struct ldb_result);
ret = fetch_oc_recursive(ldb, schemadn, local_ctx, top_res, ret_res);
if (ret != LDB_SUCCESS) {
- printf("Search failed: %s\n", ldb_errstring(ldb));
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
*objectclasses_res = talloc_move(mem_ctx, &ret_res);
/*
* load the objectClass definitions
*/
- ret = fetch_objectclass_schema(ldb, schema_dn, tmp_ctx, &c_res);
+ ret = fetch_objectclass_schema(ldb, schema_dn, tmp_ctx, &c_res, &error_string);
if (ret != LDB_SUCCESS) {
*error_string_out = talloc_asprintf(mem_ctx,
- "Failed to fetch objectClass schema elements: %s\n", ldb_errstring(ldb));
+ "Failed to fetch objectClass schema elements: %s", error_string);
talloc_free(tmp_ctx);
return ret;
}
return WERR_OK;
}
-
#define OMOBJECTCLASS(val) { .length = sizeof(val) - 1, .data = discard_const_p(uint8_t, val) }
static const struct dsdb_syntax dsdb_syntaxes[] = {
.comment = "Boolean"
},{
.name = "Integer",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.27",
+ .ldap_oid = LDB_SYNTAX_INTEGER,
.oMSyntax = 2,
.attributeSyntax_oid = "2.5.5.9",
.drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_INT32_ldb_to_drsuapi,
.equality = "integerMatch",
- .comment = "Integer"
+ .comment = "Integer",
},{
.name = "String(Octet)",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.40",
+ .ldap_oid = LDB_SYNTAX_OCTET_STRING,
.oMSyntax = 4,
.attributeSyntax_oid = "2.5.5.10",
.drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
.equality = "octetStringMatch",
- .comment = "Octet String"
+ .comment = "Octet String",
},{
.name = "String(Sid)",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.40",
+ .ldap_oid = LDB_SYNTAX_OCTET_STRING,
.oMSyntax = 4,
.attributeSyntax_oid = "2.5.5.17",
.drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
.equality = "octetStringMatch",
- .comment = "Octet String - Security Identifier (SID)"
+ .comment = "Octet String - Security Identifier (SID)",
+ .ldb_syntax = LDB_SYNTAX_SAMBA_SID
},{
.name = "String(Object-Identifier)",
.ldap_oid = "1.3.6.1.4.1.1466.115.121.1.38",
.drsuapi_to_ldb = dsdb_syntax_OID_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_OID_ldb_to_drsuapi,
.equality = "caseIgnoreMatch", /* Would use "objectIdentifierMatch" but most are ldap attribute/class names */
- .comment = "OID String"
+ .comment = "OID String",
+ .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING
},{
.name = "Enumeration",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.27",
+ .ldap_oid = LDB_SYNTAX_INTEGER,
.oMSyntax = 10,
.attributeSyntax_oid = "2.5.5.9",
.drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
.equality = "caseIgnoreMatch",
.substring = "caseIgnoreSubstringsMatch",
- .comment = "Case Insensitive String"
+ .comment = "Case Insensitive String",
+ .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
},{
.name = "String(IA5)",
.ldap_oid = "1.3.6.1.4.1.1466.115.121.1.26",
.drsuapi_to_ldb = dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi,
.equality = "generalizedTimeMatch",
- .comment = "UTC Time"
+ .comment = "UTC Time",
},{
.name = "String(Generalized-Time)",
.ldap_oid = "1.3.6.1.4.1.1466.115.121.1.24",
.drsuapi_to_ldb = dsdb_syntax_NTTIME_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_NTTIME_ldb_to_drsuapi,
.equality = "generalizedTimeMatch",
- .comment = "Generalized Time"
+ .comment = "Generalized Time",
+ .ldb_syntax = LDB_SYNTAX_UTC_TIME,
},{
/* not used in w2k3 schema */
.name = "String(Case Sensitive)",
.ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
},{
.name = "String(Unicode)",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.15",
+ .ldap_oid = LDB_SYNTAX_DIRECTORY_STRING,
.oMSyntax = 64,
.attributeSyntax_oid = "2.5.5.12",
.drsuapi_to_ldb = dsdb_syntax_UNICODE_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_UNICODE_ldb_to_drsuapi,
.equality = "caseIgnoreMatch",
.substring = "caseIgnoreSubstringsMatch",
- .comment = "Directory String"
+ .comment = "Directory String",
},{
.name = "Interval/LargeInteger",
.ldap_oid = "1.2.840.113556.1.4.906",
.drsuapi_to_ldb = dsdb_syntax_INT64_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_INT64_ldb_to_drsuapi,
.equality = "integerMatch",
- .comment = "Large Integer"
+ .comment = "Large Integer",
+ .ldb_syntax = LDB_SYNTAX_INTEGER,
},{
.name = "String(NT-Sec-Desc)",
- .ldap_oid = "1.2.840.113556.1.4.907",
+ .ldap_oid = LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR,
.oMSyntax = 66,
.attributeSyntax_oid = "2.5.5.15",
.drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
},{
.name = "Object(DS-DN)",
- .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.12",
+ .ldap_oid = LDB_SYNTAX_DN,
.oMSyntax = 127,
.oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a"),
.attributeSyntax_oid = "2.5.5.1",
.drsuapi_to_ldb = dsdb_syntax_DN_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DN_ldb_to_drsuapi,
.equality = "distinguishedNameMatch",
- .comment = "Object(DS-DN) == a DN"
+ .comment = "Object(DS-DN) == a DN",
},{
.name = "Object(DN-Binary)",
.ldap_oid = "1.2.840.113556.1.4.903",
.drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
.equality = "distinguishedNameMatch",
- .comment = "OctetString: Binary+DN"
+ .comment = "OctetString: Binary+DN",
+ .ldb_syntax = LDB_SYNTAX_DN,
},{
/* not used in w2k3 schema */
.name = "Object(OR-Name)",
.drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
.equality = "distinguishedNameMatch",
- .comment = "OctetString: String+DN"
+ .comment = "OctetString: String+DN",
+ .ldb_syntax = LDB_SYNTAX_DN,
},{
/* not used in w2k3 schema */
.name = "Object(DN-String)",
.attributeSyntax_oid = "2.5.5.14",
.drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
.ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
+ .ldb_syntax = LDB_SYNTAX_DN,
}
};
################################################
LDBSAMBA_OBJ_FILES = $(ldb_sambasrcdir)/ldif_handlers.o
-$(eval $(call proto_header_template,$(ldb_sambasrcdir)/ldif_handlers.h,$(LDBSAMBA_OBJ_FILES:.o=.c)))
+$(eval $(call proto_header_template,$(ldb_sambasrcdir)/ldif_handlers_proto.h,$(LDBSAMBA_OBJ_FILES:.o=.c)))
return ret;
}
-#define LDB_SYNTAX_SAMBA_SID "LDB_SYNTAX_SAMBA_SID"
-#define LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR "LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR"
#define LDB_SYNTAX_SAMBA_GUID "LDB_SYNTAX_SAMBA_GUID"
#define LDB_SYNTAX_SAMBA_OBJECT_CATEGORY "LDB_SYNTAX_SAMBA_OBJECT_CATEGORY"
#define LDB_SYNTAX_SAMBA_PREFIX_MAP "LDB_SYNTAX_SAMBA_PREFIX_MAP"
{ "prefixMap", LDB_SYNTAX_SAMBA_PREFIX_MAP }
};
+const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name)
+{
+ uint32_t j;
+ const struct ldb_schema_syntax *s = NULL;
+
+ for (j=0; j < ARRAY_SIZE(samba_syntaxes); j++) {
+ if (strcmp(name, samba_syntaxes[j].name) == 0) {
+ s = &samba_syntaxes[j];
+ break;
+ }
+ }
+ return s;
+}
+
+
/*
register the samba ldif handlers
*/
for (i=0; i < ARRAY_SIZE(samba_attributes); i++) {
int ret;
- uint32_t j;
const struct ldb_schema_syntax *s = NULL;
- for (j=0; j < ARRAY_SIZE(samba_syntaxes); j++) {
- if (strcmp(samba_attributes[i].syntax, samba_syntaxes[j].name) == 0) {
- s = &samba_syntaxes[j];
- break;
- }
- }
+ s = ldb_samba_syntax_by_name(ldb, samba_attributes[i].syntax);
if (!s) {
s = ldb_standard_syntax_by_name(ldb, samba_attributes[i].syntax);
--- /dev/null
+#ifndef __LIB_LDB_SAMBA_LDIF_HANDLERS_H__
+#define __LIB_LDB_SAMBA_LDIF_HANDLERS_H__
+
+#define LDB_SYNTAX_SAMBA_SID "LDB_SYNTAX_SAMBA_SID"
+#define LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR "1.2.840.113556.1.4.907"
+
+#include "lib/ldb-samba/ldif_handlers_proto.h"
+
+#undef _PRINTF_ATTRIBUTE
+#define _PRINTF_ATTRIBUTE(a1, a2)
+
+#endif /* __LIB_LDB_SAMBA_LDIF_HANDLERS_H__ */
+
ldb->schema.attributes = a;
for (i = 0; i < ldb->schema.num_attributes; i++) {
- if (ldb_attr_cmp(attribute, a[i].name) < 0) {
+ int cmp = ldb_attr_cmp(attribute, a[i].name);
+ if (cmp == 0) {
+ if (a[i].flags & LDB_ATTR_FLAG_ALLOCATED) {
+ talloc_free(discard_const_p(char, a[i].name));
+ }
+ /* To cancel out increment below */
+ ldb->schema.num_attributes--;
+ break;
+ } else if (cmp < 0) {
memmove(a+i+1, a+i, sizeof(*a) * (ldb->schema.num_attributes-i));
break;
}
}
+ ldb->schema.num_attributes++;
a[i].name = attribute;
a[i].flags = flags;
}
}
- ldb->schema.num_attributes++;
return 0;
}
int i;
a = ldb_schema_attribute_by_name(ldb, name);
- if (a == NULL) {
+ if (a == NULL || a->name == NULL) {
return;
}
return NULL;
}
- if (strcasecmp(t->u.equality.attr, "objectclass") == 0) {
- /*
- * For object classes, we want to search for all objectclasses
- * that are subclasses as well.
- */
- return lsqlite3_tprintf(mem_ctx,
- "SELECT eid FROM ldb_attribute_values\n"
- "WHERE norm_attr_name = 'OBJECTCLASS' "
- "AND norm_attr_value IN\n"
- " (SELECT class_name FROM ldb_object_classes\n"
- " WHERE tree_key GLOB\n"
- " (SELECT tree_key FROM ldb_object_classes\n"
- " WHERE class_name = '%q'\n"
- " ) || '*'\n"
- " )\n", value.data);
-
- } else if (strcasecmp(t->u.equality.attr, "dn") == 0) {
+ if (strcasecmp(t->u.equality.attr, "dn") == 0) {
/* DN query is a special ldb case */
const char *cdn = ldb_dn_get_casefold(
ldb_dn_new(mem_ctx, module->ldb,
/* See if this is an ltdb special */
if (ldb_dn_is_special(msg->dn)) {
- struct ldb_dn *c;
-
- c = ldb_dn_new(lsql_ac, module->ldb, "@SUBCLASSES");
- if (ldb_dn_compare(msg->dn, c) == 0) {
-#warning "insert subclasses into object class tree"
- ret = LDB_ERR_UNWILLING_TO_PERFORM;
- goto done;
- }
-
/*
+ struct ldb_dn *c;
c = ldb_dn_new(local_ctx, module->ldb, "@INDEXLIST");
if (ldb_dn_compare(module->ldb, msg->dn, c) == 0) {
#warning "should we handle indexes somehow ?"
/* See if this is an ltdb special */
if (ldb_dn_is_special(msg->dn)) {
- struct ldb_dn *c;
-
- c = ldb_dn_new(lsql_ac, module->ldb, "@SUBCLASSES");
- if (ldb_dn_compare(msg->dn, c) == 0) {
-#warning "modify subclasses into object class tree"
- ret = LDB_ERR_UNWILLING_TO_PERFORM;
- goto done;
- }
-
/* Others return an error */
ret = LDB_ERR_UNWILLING_TO_PERFORM;
goto done;
integer_p = 0
WHERE attr_name = 'dn'
--- ----------------------------------------------------------------------
-
-/*
- * dn: @SUBCLASSES
- * top: domain
- * top: person
- * domain: domainDNS
- * person: organizationalPerson
- * person: fooPerson
- * organizationalPerson: user
- * organizationalPerson: OpenLDAPperson
- * user: computer
- */
--- insertSubclass
-
-/* NOT YET UPDATED!!! *
-
-
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'domain', /* next_tree_key('top') */ '00010001';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'person', /* next_tree_key('top') */ '00010002';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'domainDNS', /* next_tree_key('domain') */ '000100010001';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'organizationalPerson', /* next_tree_key('person') */ '000100020001';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'fooPerson', /* next_tree_key('person') */ '000100020002';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'user', /* next_tree_key('organizationalPerson') */ '0001000200010001';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'OpenLDAPperson', /* next_tree_key('organizationPerson') */ '0001000200010002';
-INSERT OR REPLACE INTO ldb_object_classes (class_name, tree_key)
- SELECT 'computer', /* next_tree_key('user') */ '0001000200010001';
-
ou: CASE_INSENSITIVE
dn: CASE_INSENSITIVE
-dn: @SUBCLASSES
-top: domain
-top: person
-domain: domainDNS
-person: organizationalPerson
-person: fooPerson
-organizationalPerson: user
-organizationalPerson: OpenLDAPperson
-user: computer
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE
-dn: @SUBCLASSES
-top: person
-person: organizationalPerson
-organizationalPerson: OpenLDAPperson
"""
templates_ldb = SamDB(path, session_info=session_info,
credentials=credentials, lp=lp)
- templates_ldb.erase()
+ # Wipes the database
+ try:
+ templates_ldb.erase()
+ except:
+ os.unlink(path)
+
+ templates_ldb.load_ldif_file_add(setup_path("provision_templates_init.ldif"))
+
+ templates_ldb = SamDB(path, session_info=session_info,
+ credentials=credentials, lp=lp)
+
templates_ldb.load_ldif_file_add(setup_path("provision_templates.ldif"))
# Templates to be put in templates.ldb. Not part of main samdb any more.
###
-dn: @OPTIONS
-checkBaseOnSearch: TRUE
-
-dn: @INDEXLIST
-@IDXATTR: cn
-
-dn: @ATTRIBUTES
-cn: CASE_INSENSITIVE
-dn: CASE_INSENSITIVE
-
dn: CN=Templates
objectClass: top
objectClass: container
--- /dev/null
+dn: @OPTIONS
+checkBaseOnSearch: TRUE
+
+dn: @INDEXLIST
+@IDXATTR: cn
+
+dn: @ATTRIBUTES
+cn: CASE_INSENSITIVE
+dn: CASE_INSENSITIVE
+