2 Unix SMB/CIFS mplementation.
5 Copyright (C) Stefan Metzmacher <metze@samba.org> 2006
6 Copyright (C) Simo Sorce 2005
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "dsdb/samdb/samdb.h"
25 #include "librpc/gen_ndr/ndr_drsuapi.h"
26 #include "librpc/gen_ndr/ndr_security.h"
27 #include "librpc/gen_ndr/ndr_misc.h"
28 #include "lib/ldb/include/ldb.h"
29 #include "lib/ldb/include/ldb_errors.h"
30 #include "system/time.h"
31 #include "../lib/util/charset/charset.h"
32 #include "librpc/ndr/libndr.h"
34 static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(struct ldb_context *ldb,
35 const struct dsdb_schema *schema,
36 const struct dsdb_attribute *attr,
37 const struct drsuapi_DsReplicaAttribute *in,
39 struct ldb_message_element *out)
44 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
45 W_ERROR_HAVE_NO_MEMORY(out->name);
47 out->num_values = in->value_ctr.num_values;
48 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
49 W_ERROR_HAVE_NO_MEMORY(out->values);
51 for (i=0; i < out->num_values; i++) {
54 if (in->value_ctr.values[i].blob == NULL) {
58 str = talloc_asprintf(out->values, "%s: not implemented",
60 W_ERROR_HAVE_NO_MEMORY(str);
62 out->values[i] = data_blob_string_const(str);
68 static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(struct ldb_context *ldb,
69 const struct dsdb_schema *schema,
70 const struct dsdb_attribute *attr,
71 const struct ldb_message_element *in,
73 struct drsuapi_DsReplicaAttribute *out)
78 static WERROR dsdb_syntax_FOOBAR_validate_ldb(struct ldb_context *ldb,
79 const struct dsdb_schema *schema,
80 const struct dsdb_attribute *attr,
81 const struct ldb_message_element *in)
86 static WERROR dsdb_syntax_ALLOW_validate_ldb(struct ldb_context *ldb,
87 const struct dsdb_schema *schema,
88 const struct dsdb_attribute *attr,
89 const struct ldb_message_element *in)
91 if (attr->attributeID_id == 0xFFFFFFFF) {
98 static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(struct ldb_context *ldb,
99 const struct dsdb_schema *schema,
100 const struct dsdb_attribute *attr,
101 const struct drsuapi_DsReplicaAttribute *in,
103 struct ldb_message_element *out)
108 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
109 W_ERROR_HAVE_NO_MEMORY(out->name);
111 out->num_values = in->value_ctr.num_values;
112 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
113 W_ERROR_HAVE_NO_MEMORY(out->values);
115 for (i=0; i < out->num_values; i++) {
119 if (in->value_ctr.values[i].blob == NULL) {
123 if (in->value_ctr.values[i].blob->length != 4) {
127 v = IVAL(in->value_ctr.values[i].blob->data, 0);
130 str = talloc_strdup(out->values, "TRUE");
131 W_ERROR_HAVE_NO_MEMORY(str);
133 str = talloc_strdup(out->values, "FALSE");
134 W_ERROR_HAVE_NO_MEMORY(str);
137 out->values[i] = data_blob_string_const(str);
143 static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(struct ldb_context *ldb,
144 const struct dsdb_schema *schema,
145 const struct dsdb_attribute *attr,
146 const struct ldb_message_element *in,
148 struct drsuapi_DsReplicaAttribute *out)
153 if (attr->attributeID_id == 0xFFFFFFFF) {
157 out->attid = attr->attributeID_id;
158 out->value_ctr.num_values = in->num_values;
159 out->value_ctr.values = talloc_array(mem_ctx,
160 struct drsuapi_DsAttributeValue,
162 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
164 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
165 W_ERROR_HAVE_NO_MEMORY(blobs);
167 for (i=0; i < in->num_values; i++) {
168 out->value_ctr.values[i].blob = &blobs[i];
170 blobs[i] = data_blob_talloc(blobs, NULL, 4);
171 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
173 if (strcmp("TRUE", (const char *)in->values[i].data) == 0) {
174 SIVAL(blobs[i].data, 0, 0x00000001);
175 } else if (strcmp("FALSE", (const char *)in->values[i].data) == 0) {
176 SIVAL(blobs[i].data, 0, 0x00000000);
185 static WERROR dsdb_syntax_BOOL_validate_ldb(struct ldb_context *ldb,
186 const struct dsdb_schema *schema,
187 const struct dsdb_attribute *attr,
188 const struct ldb_message_element *in)
192 if (attr->attributeID_id == 0xFFFFFFFF) {
196 for (i=0; i < in->num_values; i++) {
200 (const char *)in->values[i].data,
201 in->values[i].length);
203 (const char *)in->values[i].data,
204 in->values[i].length);
206 if (t != 0 && f != 0) {
207 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
214 static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(struct ldb_context *ldb,
215 const struct dsdb_schema *schema,
216 const struct dsdb_attribute *attr,
217 const struct drsuapi_DsReplicaAttribute *in,
219 struct ldb_message_element *out)
224 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
225 W_ERROR_HAVE_NO_MEMORY(out->name);
227 out->num_values = in->value_ctr.num_values;
228 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
229 W_ERROR_HAVE_NO_MEMORY(out->values);
231 for (i=0; i < out->num_values; i++) {
235 if (in->value_ctr.values[i].blob == NULL) {
239 if (in->value_ctr.values[i].blob->length != 4) {
243 v = IVALS(in->value_ctr.values[i].blob->data, 0);
245 str = talloc_asprintf(out->values, "%d", v);
246 W_ERROR_HAVE_NO_MEMORY(str);
248 out->values[i] = data_blob_string_const(str);
254 static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(struct ldb_context *ldb,
255 const struct dsdb_schema *schema,
256 const struct dsdb_attribute *attr,
257 const struct ldb_message_element *in,
259 struct drsuapi_DsReplicaAttribute *out)
264 if (attr->attributeID_id == 0xFFFFFFFF) {
268 out->attid = attr->attributeID_id;
269 out->value_ctr.num_values = in->num_values;
270 out->value_ctr.values = talloc_array(mem_ctx,
271 struct drsuapi_DsAttributeValue,
273 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
275 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
276 W_ERROR_HAVE_NO_MEMORY(blobs);
278 for (i=0; i < in->num_values; i++) {
281 out->value_ctr.values[i].blob = &blobs[i];
283 blobs[i] = data_blob_talloc(blobs, NULL, 4);
284 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
286 /* We've to use "strtoll" here to have the intended overflows.
287 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */
288 v = (int32_t) strtoll((char *)in->values[i].data, NULL, 0);
290 SIVALS(blobs[i].data, 0, v);
296 static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(struct ldb_context *ldb,
297 const struct dsdb_schema *schema,
298 const struct dsdb_attribute *attr,
299 const struct drsuapi_DsReplicaAttribute *in,
301 struct ldb_message_element *out)
306 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
307 W_ERROR_HAVE_NO_MEMORY(out->name);
309 out->num_values = in->value_ctr.num_values;
310 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
311 W_ERROR_HAVE_NO_MEMORY(out->values);
313 for (i=0; i < out->num_values; i++) {
317 if (in->value_ctr.values[i].blob == NULL) {
321 if (in->value_ctr.values[i].blob->length != 8) {
325 v = BVALS(in->value_ctr.values[i].blob->data, 0);
327 str = talloc_asprintf(out->values, "%lld", (long long int)v);
328 W_ERROR_HAVE_NO_MEMORY(str);
330 out->values[i] = data_blob_string_const(str);
336 static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(struct ldb_context *ldb,
337 const struct dsdb_schema *schema,
338 const struct dsdb_attribute *attr,
339 const struct ldb_message_element *in,
341 struct drsuapi_DsReplicaAttribute *out)
346 if (attr->attributeID_id == 0xFFFFFFFF) {
350 out->attid = attr->attributeID_id;
351 out->value_ctr.num_values = in->num_values;
352 out->value_ctr.values = talloc_array(mem_ctx,
353 struct drsuapi_DsAttributeValue,
355 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
357 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
358 W_ERROR_HAVE_NO_MEMORY(blobs);
360 for (i=0; i < in->num_values; i++) {
363 out->value_ctr.values[i].blob = &blobs[i];
365 blobs[i] = data_blob_talloc(blobs, NULL, 8);
366 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
368 v = strtoll((const char *)in->values[i].data, NULL, 10);
370 SBVALS(blobs[i].data, 0, v);
376 static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(struct ldb_context *ldb,
377 const struct dsdb_schema *schema,
378 const struct dsdb_attribute *attr,
379 const struct drsuapi_DsReplicaAttribute *in,
381 struct ldb_message_element *out)
386 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
387 W_ERROR_HAVE_NO_MEMORY(out->name);
389 out->num_values = in->value_ctr.num_values;
390 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
391 W_ERROR_HAVE_NO_MEMORY(out->values);
393 for (i=0; i < out->num_values; i++) {
398 if (in->value_ctr.values[i].blob == NULL) {
402 if (in->value_ctr.values[i].blob->length != 8) {
406 v = BVAL(in->value_ctr.values[i].blob->data, 0);
408 t = nt_time_to_unix(v);
411 * NOTE: On a w2k3 server you can set a GeneralizedTime string
412 * via LDAP, but you get back an UTCTime string,
413 * but via DRSUAPI you get back the NTTIME_1sec value
414 * that represents the GeneralizedTime value!
416 * So if we store the UTCTime string in our ldb
417 * we'll loose information!
419 str = ldb_timestring_utc(out->values, t);
420 W_ERROR_HAVE_NO_MEMORY(str);
421 out->values[i] = data_blob_string_const(str);
427 static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(struct ldb_context *ldb,
428 const struct dsdb_schema *schema,
429 const struct dsdb_attribute *attr,
430 const struct ldb_message_element *in,
432 struct drsuapi_DsReplicaAttribute *out)
437 if (attr->attributeID_id == 0xFFFFFFFF) {
441 out->attid = attr->attributeID_id;
442 out->value_ctr.num_values = in->num_values;
443 out->value_ctr.values = talloc_array(mem_ctx,
444 struct drsuapi_DsAttributeValue,
446 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
448 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
449 W_ERROR_HAVE_NO_MEMORY(blobs);
451 for (i=0; i < in->num_values; i++) {
455 out->value_ctr.values[i].blob = &blobs[i];
457 blobs[i] = data_blob_talloc(blobs, NULL, 8);
458 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
460 t = ldb_string_utc_to_time((const char *)in->values[i].data);
461 unix_to_nt_time(&v, t);
464 SBVAL(blobs[i].data, 0, v);
470 static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(struct ldb_context *ldb,
471 const struct dsdb_schema *schema,
472 const struct dsdb_attribute *attr,
473 const struct drsuapi_DsReplicaAttribute *in,
475 struct ldb_message_element *out)
480 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
481 W_ERROR_HAVE_NO_MEMORY(out->name);
483 out->num_values = in->value_ctr.num_values;
484 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
485 W_ERROR_HAVE_NO_MEMORY(out->values);
487 for (i=0; i < out->num_values; i++) {
492 if (in->value_ctr.values[i].blob == NULL) {
496 if (in->value_ctr.values[i].blob->length != 8) {
500 v = BVAL(in->value_ctr.values[i].blob->data, 0);
502 t = nt_time_to_unix(v);
504 str = ldb_timestring(out->values, t);
505 W_ERROR_HAVE_NO_MEMORY(str);
507 out->values[i] = data_blob_string_const(str);
513 static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(struct ldb_context *ldb,
514 const struct dsdb_schema *schema,
515 const struct dsdb_attribute *attr,
516 const struct ldb_message_element *in,
518 struct drsuapi_DsReplicaAttribute *out)
523 if (attr->attributeID_id == 0xFFFFFFFF) {
527 out->attid = attr->attributeID_id;
528 out->value_ctr.num_values = in->num_values;
529 out->value_ctr.values = talloc_array(mem_ctx,
530 struct drsuapi_DsAttributeValue,
532 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
534 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
535 W_ERROR_HAVE_NO_MEMORY(blobs);
537 for (i=0; i < in->num_values; i++) {
542 out->value_ctr.values[i].blob = &blobs[i];
544 blobs[i] = data_blob_talloc(blobs, NULL, 8);
545 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
547 ret = ldb_val_to_time(&in->values[i], &t);
548 if (ret != LDB_SUCCESS) {
549 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
551 unix_to_nt_time(&v, t);
554 SBVAL(blobs[i].data, 0, v);
560 static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(struct ldb_context *ldb,
561 const struct dsdb_schema *schema,
562 const struct dsdb_attribute *attr,
563 const struct drsuapi_DsReplicaAttribute *in,
565 struct ldb_message_element *out)
570 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
571 W_ERROR_HAVE_NO_MEMORY(out->name);
573 out->num_values = in->value_ctr.num_values;
574 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
575 W_ERROR_HAVE_NO_MEMORY(out->values);
577 for (i=0; i < out->num_values; i++) {
578 if (in->value_ctr.values[i].blob == NULL) {
582 if (in->value_ctr.values[i].blob->length == 0) {
586 out->values[i] = data_blob_dup_talloc(out->values,
587 in->value_ctr.values[i].blob);
588 W_ERROR_HAVE_NO_MEMORY(out->values[i].data);
594 static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(struct ldb_context *ldb,
595 const struct dsdb_schema *schema,
596 const struct dsdb_attribute *attr,
597 const struct ldb_message_element *in,
599 struct drsuapi_DsReplicaAttribute *out)
604 if (attr->attributeID_id == 0xFFFFFFFF) {
608 out->attid = attr->attributeID_id;
609 out->value_ctr.num_values = in->num_values;
610 out->value_ctr.values = talloc_array(mem_ctx,
611 struct drsuapi_DsAttributeValue,
613 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
615 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
616 W_ERROR_HAVE_NO_MEMORY(blobs);
618 for (i=0; i < in->num_values; i++) {
619 out->value_ctr.values[i].blob = &blobs[i];
621 blobs[i] = data_blob_dup_talloc(blobs, &in->values[i]);
622 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
628 static WERROR _dsdb_syntax_auto_OID_drsuapi_to_ldb(struct ldb_context *ldb,
629 const struct dsdb_schema *schema,
630 const struct dsdb_attribute *attr,
631 const struct drsuapi_DsReplicaAttribute *in,
633 struct ldb_message_element *out)
638 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
639 W_ERROR_HAVE_NO_MEMORY(out->name);
641 out->num_values = in->value_ctr.num_values;
642 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
643 W_ERROR_HAVE_NO_MEMORY(out->values);
645 for (i=0; i < out->num_values; i++) {
647 const struct dsdb_class *c;
648 const struct dsdb_attribute *a;
649 const char *str = NULL;
651 if (in->value_ctr.values[i].blob == NULL) {
655 if (in->value_ctr.values[i].blob->length != 4) {
659 v = IVAL(in->value_ctr.values[i].blob->data, 0);
661 if ((c = dsdb_class_by_governsID_id(schema, v))) {
662 str = talloc_strdup(out->values, c->lDAPDisplayName);
663 } else if ((a = dsdb_attribute_by_attributeID_id(schema, v))) {
664 str = talloc_strdup(out->values, a->lDAPDisplayName);
667 werr = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, v, out->values, &str);
668 W_ERROR_NOT_OK_RETURN(werr);
670 W_ERROR_HAVE_NO_MEMORY(str);
672 /* the values need to be reversed */
673 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
679 static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(struct ldb_context *ldb,
680 const struct dsdb_schema *schema,
681 const struct dsdb_attribute *attr,
682 const struct drsuapi_DsReplicaAttribute *in,
684 struct ldb_message_element *out)
689 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
690 W_ERROR_HAVE_NO_MEMORY(out->name);
692 out->num_values = in->value_ctr.num_values;
693 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
694 W_ERROR_HAVE_NO_MEMORY(out->values);
696 for (i=0; i < out->num_values; i++) {
698 const struct dsdb_class *c;
701 if (in->value_ctr.values[i].blob == NULL) {
705 if (in->value_ctr.values[i].blob->length != 4) {
709 v = IVAL(in->value_ctr.values[i].blob->data, 0);
711 c = dsdb_class_by_governsID_id(schema, v);
716 str = talloc_strdup(out->values, c->lDAPDisplayName);
717 W_ERROR_HAVE_NO_MEMORY(str);
719 /* the values need to be reversed */
720 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
726 static WERROR _dsdb_syntax_OID_attr_drsuapi_to_ldb(struct ldb_context *ldb,
727 const struct dsdb_schema *schema,
728 const struct dsdb_attribute *attr,
729 const struct drsuapi_DsReplicaAttribute *in,
731 struct ldb_message_element *out)
736 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
737 W_ERROR_HAVE_NO_MEMORY(out->name);
739 out->num_values = in->value_ctr.num_values;
740 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
741 W_ERROR_HAVE_NO_MEMORY(out->values);
743 for (i=0; i < out->num_values; i++) {
745 const struct dsdb_attribute *a;
748 if (in->value_ctr.values[i].blob == NULL) {
752 if (in->value_ctr.values[i].blob->length != 4) {
756 v = IVAL(in->value_ctr.values[i].blob->data, 0);
758 a = dsdb_attribute_by_attributeID_id(schema, v);
763 str = talloc_strdup(out->values, a->lDAPDisplayName);
764 W_ERROR_HAVE_NO_MEMORY(str);
766 /* the values need to be reversed */
767 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
773 static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(struct ldb_context *ldb,
774 const struct dsdb_schema *schema,
775 const struct dsdb_attribute *attr,
776 const struct drsuapi_DsReplicaAttribute *in,
778 struct ldb_message_element *out)
783 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
784 W_ERROR_HAVE_NO_MEMORY(out->name);
786 out->num_values = in->value_ctr.num_values;
787 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
788 W_ERROR_HAVE_NO_MEMORY(out->values);
790 for (i=0; i < out->num_values; i++) {
795 if (in->value_ctr.values[i].blob == NULL) {
799 if (in->value_ctr.values[i].blob->length != 4) {
803 attid = IVAL(in->value_ctr.values[i].blob->data, 0);
805 status = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, attid, out->values, &oid);
806 W_ERROR_NOT_OK_RETURN(status);
808 out->values[i] = data_blob_string_const(oid);
814 static WERROR _dsdb_syntax_auto_OID_ldb_to_drsuapi(struct ldb_context *ldb,
815 const struct dsdb_schema *schema,
816 const struct dsdb_attribute *attr,
817 const struct ldb_message_element *in,
819 struct drsuapi_DsReplicaAttribute *out)
824 out->attid= attr->attributeID_id;
825 out->value_ctr.num_values= in->num_values;
826 out->value_ctr.values= talloc_array(mem_ctx,
827 struct drsuapi_DsAttributeValue,
829 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
831 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
832 W_ERROR_HAVE_NO_MEMORY(blobs);
834 for (i=0; i < in->num_values; i++) {
835 const struct dsdb_class *obj_class;
836 const struct dsdb_attribute *obj_attr;
839 out->value_ctr.values[i].blob= &blobs[i];
841 blobs[i] = data_blob_talloc(blobs, NULL, 4);
842 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
844 /* in DRS windows puts the classes in the opposite
845 order to the order used in ldap */
846 v = &in->values[(in->num_values-1)-i];
848 if ((obj_class = dsdb_class_by_lDAPDisplayName_ldb_val(schema, v))) {
849 SIVAL(blobs[i].data, 0, obj_class->governsID_id);
850 } else if ((obj_attr = dsdb_attribute_by_lDAPDisplayName_ldb_val(schema, v))) {
851 SIVAL(blobs[i].data, 0, obj_attr->attributeID_id);
855 werr = dsdb_schema_pfm_make_attid(schema->prefixmap,
856 (const char *)v->data,
858 W_ERROR_NOT_OK_RETURN(werr);
859 SIVAL(blobs[i].data, 0, attid);
868 static WERROR _dsdb_syntax_OID_obj_ldb_to_drsuapi(struct ldb_context *ldb,
869 const struct dsdb_schema *schema,
870 const struct dsdb_attribute *attr,
871 const struct ldb_message_element *in,
873 struct drsuapi_DsReplicaAttribute *out)
878 out->attid= attr->attributeID_id;
879 out->value_ctr.num_values= in->num_values;
880 out->value_ctr.values= talloc_array(mem_ctx,
881 struct drsuapi_DsAttributeValue,
883 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
885 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
886 W_ERROR_HAVE_NO_MEMORY(blobs);
888 for (i=0; i < in->num_values; i++) {
889 const struct dsdb_class *obj_class;
891 out->value_ctr.values[i].blob= &blobs[i];
893 blobs[i] = data_blob_talloc(blobs, NULL, 4);
894 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
896 /* in DRS windows puts the classes in the opposite
897 order to the order used in ldap */
898 obj_class = dsdb_class_by_lDAPDisplayName(schema,
899 (const char *)in->values[(in->num_values-1)-i].data);
903 SIVAL(blobs[i].data, 0, obj_class->governsID_id);
910 static WERROR _dsdb_syntax_OID_attr_ldb_to_drsuapi(struct ldb_context *ldb,
911 const struct dsdb_schema *schema,
912 const struct dsdb_attribute *attr,
913 const struct ldb_message_element *in,
915 struct drsuapi_DsReplicaAttribute *out)
920 out->attid= attr->attributeID_id;
921 out->value_ctr.num_values= in->num_values;
922 out->value_ctr.values= talloc_array(mem_ctx,
923 struct drsuapi_DsAttributeValue,
925 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
927 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
928 W_ERROR_HAVE_NO_MEMORY(blobs);
930 for (i=0; i < in->num_values; i++) {
931 const struct dsdb_attribute *obj_attr;
933 out->value_ctr.values[i].blob= &blobs[i];
935 blobs[i] = data_blob_talloc(blobs, NULL, 4);
936 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
938 obj_attr = dsdb_attribute_by_lDAPDisplayName(schema, (const char *)in->values[i].data);
942 SIVAL(blobs[i].data, 0, obj_attr->attributeID_id);
949 static WERROR _dsdb_syntax_OID_oid_ldb_to_drsuapi(struct ldb_context *ldb,
950 const struct dsdb_schema *schema,
951 const struct dsdb_attribute *attr,
952 const struct ldb_message_element *in,
954 struct drsuapi_DsReplicaAttribute *out)
959 out->attid= attr->attributeID_id;
960 out->value_ctr.num_values= in->num_values;
961 out->value_ctr.values= talloc_array(mem_ctx,
962 struct drsuapi_DsAttributeValue,
964 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
966 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
967 W_ERROR_HAVE_NO_MEMORY(blobs);
969 for (i=0; i < in->num_values; i++) {
973 out->value_ctr.values[i].blob= &blobs[i];
975 blobs[i] = data_blob_talloc(blobs, NULL, 4);
976 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
978 status = dsdb_schema_pfm_make_attid(schema->prefixmap,
979 (const char *)in->values[i].data,
981 W_ERROR_NOT_OK_RETURN(status);
983 SIVAL(blobs[i].data, 0, attid);
989 static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb,
990 const struct dsdb_schema *schema,
991 const struct dsdb_attribute *attr,
992 const struct drsuapi_DsReplicaAttribute *in,
994 struct ldb_message_element *out)
996 switch (attr->attributeID_id) {
997 case DRSUAPI_ATTRIBUTE_objectClass:
998 case DRSUAPI_ATTRIBUTE_subClassOf:
999 case DRSUAPI_ATTRIBUTE_auxiliaryClass:
1000 case DRSUAPI_ATTRIBUTE_systemAuxiliaryClass:
1001 case DRSUAPI_ATTRIBUTE_systemPossSuperiors:
1002 case DRSUAPI_ATTRIBUTE_possSuperiors:
1003 return _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
1004 case DRSUAPI_ATTRIBUTE_systemMustContain:
1005 case DRSUAPI_ATTRIBUTE_systemMayContain:
1006 case DRSUAPI_ATTRIBUTE_mustContain:
1007 case DRSUAPI_ATTRIBUTE_rDNAttId:
1008 case DRSUAPI_ATTRIBUTE_transportAddressAttribute:
1009 case DRSUAPI_ATTRIBUTE_mayContain:
1010 return _dsdb_syntax_OID_attr_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
1011 case DRSUAPI_ATTRIBUTE_governsID:
1012 case DRSUAPI_ATTRIBUTE_attributeID:
1013 case DRSUAPI_ATTRIBUTE_attributeSyntax:
1014 return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
1017 DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
1018 attr->lDAPDisplayName));
1019 return _dsdb_syntax_auto_OID_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
1022 static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb,
1023 const struct dsdb_schema *schema,
1024 const struct dsdb_attribute *attr,
1025 const struct ldb_message_element *in,
1026 TALLOC_CTX *mem_ctx,
1027 struct drsuapi_DsReplicaAttribute *out)
1029 if (attr->attributeID_id == 0xFFFFFFFF) {
1033 switch (attr->attributeID_id) {
1034 case DRSUAPI_ATTRIBUTE_objectClass:
1035 case DRSUAPI_ATTRIBUTE_subClassOf:
1036 case DRSUAPI_ATTRIBUTE_auxiliaryClass:
1037 case DRSUAPI_ATTRIBUTE_systemAuxiliaryClass:
1038 case DRSUAPI_ATTRIBUTE_systemPossSuperiors:
1039 case DRSUAPI_ATTRIBUTE_possSuperiors:
1040 return _dsdb_syntax_OID_obj_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out);
1041 case DRSUAPI_ATTRIBUTE_systemMustContain:
1042 case DRSUAPI_ATTRIBUTE_systemMayContain:
1043 case DRSUAPI_ATTRIBUTE_mustContain:
1044 case DRSUAPI_ATTRIBUTE_rDNAttId:
1045 case DRSUAPI_ATTRIBUTE_transportAddressAttribute:
1046 case DRSUAPI_ATTRIBUTE_mayContain:
1047 return _dsdb_syntax_OID_attr_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out);
1048 case DRSUAPI_ATTRIBUTE_governsID:
1049 case DRSUAPI_ATTRIBUTE_attributeID:
1050 case DRSUAPI_ATTRIBUTE_attributeSyntax:
1051 return _dsdb_syntax_OID_oid_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out);
1054 DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
1055 attr->lDAPDisplayName));
1057 return _dsdb_syntax_auto_OID_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out);
1060 static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb,
1061 const struct dsdb_schema *schema,
1062 const struct dsdb_attribute *attr,
1063 const struct drsuapi_DsReplicaAttribute *in,
1064 TALLOC_CTX *mem_ctx,
1065 struct ldb_message_element *out)
1070 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1071 W_ERROR_HAVE_NO_MEMORY(out->name);
1073 out->num_values = in->value_ctr.num_values;
1074 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1075 W_ERROR_HAVE_NO_MEMORY(out->values);
1077 for (i=0; i < out->num_values; i++) {
1080 if (in->value_ctr.values[i].blob == NULL) {
1084 if (in->value_ctr.values[i].blob->length == 0) {
1088 if (!convert_string_talloc_convenience(out->values,
1089 schema->iconv_convenience,
1091 in->value_ctr.values[i].blob->data,
1092 in->value_ctr.values[i].blob->length,
1093 (void **)&str, NULL, false)) {
1097 out->values[i] = data_blob_string_const(str);
1103 static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(struct ldb_context *ldb,
1104 const struct dsdb_schema *schema,
1105 const struct dsdb_attribute *attr,
1106 const struct ldb_message_element *in,
1107 TALLOC_CTX *mem_ctx,
1108 struct drsuapi_DsReplicaAttribute *out)
1113 if (attr->attributeID_id == 0xFFFFFFFF) {
1117 out->attid = attr->attributeID_id;
1118 out->value_ctr.num_values = in->num_values;
1119 out->value_ctr.values = talloc_array(mem_ctx,
1120 struct drsuapi_DsAttributeValue,
1122 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1124 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1125 W_ERROR_HAVE_NO_MEMORY(blobs);
1127 for (i=0; i < in->num_values; i++) {
1128 out->value_ctr.values[i].blob = &blobs[i];
1130 if (!convert_string_talloc_convenience(blobs,
1131 schema->iconv_convenience, CH_UNIX, CH_UTF16,
1132 in->values[i].data, in->values[i].length,
1133 (void **)&blobs[i].data, &blobs[i].length, false)) {
1142 WERROR dsdb_syntax_one_DN_drsuapi_to_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
1143 const struct dsdb_syntax *syntax,
1144 struct smb_iconv_convenience *iconv_convenience,
1145 const DATA_BLOB *in, DATA_BLOB *out)
1147 struct drsuapi_DsReplicaObjectIdentifier3 id3;
1148 enum ndr_err_code ndr_err;
1149 DATA_BLOB guid_blob;
1151 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1156 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1160 talloc_free(tmp_ctx);
1164 if (in->length == 0) {
1165 talloc_free(tmp_ctx);
1170 /* windows sometimes sends an extra two pad bytes here */
1171 ndr_err = ndr_pull_struct_blob(in,
1172 tmp_ctx, iconv_convenience, &id3,
1173 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3);
1174 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1175 status = ndr_map_error2ntstatus(ndr_err);
1176 talloc_free(tmp_ctx);
1177 return ntstatus_to_werror(status);
1180 dn = ldb_dn_new(tmp_ctx, ldb, id3.dn);
1182 talloc_free(tmp_ctx);
1183 /* If this fails, it must be out of memory, as it does not do much parsing */
1184 W_ERROR_HAVE_NO_MEMORY(dn);
1187 if (!GUID_all_zero(&id3.guid)) {
1188 status = GUID_to_ndr_blob(&id3.guid, tmp_ctx, &guid_blob);
1189 if (!NT_STATUS_IS_OK(status)) {
1190 talloc_free(tmp_ctx);
1191 return ntstatus_to_werror(status);
1194 ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob);
1195 if (ret != LDB_SUCCESS) {
1196 talloc_free(tmp_ctx);
1199 talloc_free(guid_blob.data);
1202 if (id3.__ndr_size_sid) {
1204 ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, iconv_convenience, &id3.sid,
1205 (ndr_push_flags_fn_t)ndr_push_dom_sid);
1206 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1207 status = ndr_map_error2ntstatus(ndr_err);
1208 talloc_free(tmp_ctx);
1209 return ntstatus_to_werror(status);
1212 ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob);
1213 if (ret != LDB_SUCCESS) {
1214 talloc_free(tmp_ctx);
1219 *out = data_blob_string_const(ldb_dn_get_extended_linearized(mem_ctx, dn, 1));
1220 talloc_free(tmp_ctx);
1224 static WERROR dsdb_syntax_DN_drsuapi_to_ldb(struct ldb_context *ldb,
1225 const struct dsdb_schema *schema,
1226 const struct dsdb_attribute *attr,
1227 const struct drsuapi_DsReplicaAttribute *in,
1228 TALLOC_CTX *mem_ctx,
1229 struct ldb_message_element *out)
1234 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1235 W_ERROR_HAVE_NO_MEMORY(out->name);
1237 out->num_values = in->value_ctr.num_values;
1238 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1239 W_ERROR_HAVE_NO_MEMORY(out->values);
1241 for (i=0; i < out->num_values; i++) {
1242 WERROR status = dsdb_syntax_one_DN_drsuapi_to_ldb(out->values, ldb, attr->syntax,
1243 schema->iconv_convenience,
1244 in->value_ctr.values[i].blob,
1246 if (!W_ERROR_IS_OK(status)) {
1255 static WERROR dsdb_syntax_DN_ldb_to_drsuapi(struct ldb_context *ldb,
1256 const struct dsdb_schema *schema,
1257 const struct dsdb_attribute *attr,
1258 const struct ldb_message_element *in,
1259 TALLOC_CTX *mem_ctx,
1260 struct drsuapi_DsReplicaAttribute *out)
1265 if (attr->attributeID_id == 0xFFFFFFFF) {
1269 out->attid = attr->attributeID_id;
1270 out->value_ctr.num_values = in->num_values;
1271 out->value_ctr.values = talloc_array(mem_ctx,
1272 struct drsuapi_DsAttributeValue,
1274 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1276 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1277 W_ERROR_HAVE_NO_MEMORY(blobs);
1279 for (i=0; i < in->num_values; i++) {
1280 struct drsuapi_DsReplicaObjectIdentifier3 id3;
1281 enum ndr_err_code ndr_err;
1282 const DATA_BLOB *sid_blob;
1284 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1287 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1289 out->value_ctr.values[i].blob = &blobs[i];
1291 dn = ldb_dn_from_ldb_val(tmp_ctx, ldb, &in->values[i]);
1293 W_ERROR_HAVE_NO_MEMORY(dn);
1297 status = dsdb_get_extended_dn_guid(dn, &id3.guid, "GUID");
1298 if (!NT_STATUS_IS_OK(status) &&
1299 !NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1300 talloc_free(tmp_ctx);
1301 return ntstatus_to_werror(status);
1304 sid_blob = ldb_dn_get_extended_component(dn, "SID");
1307 ndr_err = ndr_pull_struct_blob_all(sid_blob,
1308 tmp_ctx, schema->iconv_convenience, &id3.sid,
1309 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
1310 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1311 status = ndr_map_error2ntstatus(ndr_err);
1312 talloc_free(tmp_ctx);
1313 return ntstatus_to_werror(status);
1317 id3.dn = ldb_dn_get_linearized(dn);
1319 ndr_err = ndr_push_struct_blob(&blobs[i], blobs, schema->iconv_convenience, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3);
1320 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1321 status = ndr_map_error2ntstatus(ndr_err);
1322 talloc_free(tmp_ctx);
1323 return ntstatus_to_werror(status);
1325 talloc_free(tmp_ctx);
1333 static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(struct ldb_context *ldb,
1334 const struct dsdb_schema *schema,
1335 const struct dsdb_attribute *attr,
1336 const struct drsuapi_DsReplicaAttribute *in,
1337 TALLOC_CTX *mem_ctx,
1338 struct ldb_message_element *out)
1344 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1345 W_ERROR_HAVE_NO_MEMORY(out->name);
1347 out->num_values = in->value_ctr.num_values;
1348 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1349 W_ERROR_HAVE_NO_MEMORY(out->values);
1351 for (i=0; i < out->num_values; i++) {
1352 struct drsuapi_DsReplicaObjectIdentifier3Binary id3;
1353 enum ndr_err_code ndr_err;
1354 DATA_BLOB guid_blob;
1356 struct dsdb_dn *dsdb_dn;
1358 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1360 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1363 if (in->value_ctr.values[i].blob == NULL) {
1364 talloc_free(tmp_ctx);
1368 if (in->value_ctr.values[i].blob->length == 0) {
1369 talloc_free(tmp_ctx);
1374 /* windows sometimes sends an extra two pad bytes here */
1375 ndr_err = ndr_pull_struct_blob(in->value_ctr.values[i].blob,
1376 tmp_ctx, schema->iconv_convenience, &id3,
1377 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3Binary);
1378 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1379 status = ndr_map_error2ntstatus(ndr_err);
1380 talloc_free(tmp_ctx);
1381 return ntstatus_to_werror(status);
1384 dn = ldb_dn_new(tmp_ctx, ldb, id3.dn);
1386 talloc_free(tmp_ctx);
1387 /* If this fails, it must be out of memory, as it does not do much parsing */
1388 W_ERROR_HAVE_NO_MEMORY(dn);
1391 status = GUID_to_ndr_blob(&id3.guid, tmp_ctx, &guid_blob);
1392 if (!NT_STATUS_IS_OK(status)) {
1393 talloc_free(tmp_ctx);
1394 return ntstatus_to_werror(status);
1397 ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob);
1398 if (ret != LDB_SUCCESS) {
1399 talloc_free(tmp_ctx);
1403 talloc_free(guid_blob.data);
1405 if (id3.__ndr_size_sid) {
1407 ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, schema->iconv_convenience, &id3.sid,
1408 (ndr_push_flags_fn_t)ndr_push_dom_sid);
1409 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1410 status = ndr_map_error2ntstatus(ndr_err);
1411 talloc_free(tmp_ctx);
1412 return ntstatus_to_werror(status);
1415 ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob);
1416 if (ret != LDB_SUCCESS) {
1417 talloc_free(tmp_ctx);
1422 /* set binary stuff */
1423 dsdb_dn = dsdb_dn_construct(tmp_ctx, dn, id3.binary, attr->syntax->ldap_oid);
1425 /* If this fails, it must be out of memory, we know the ldap_oid is valid */
1426 talloc_free(tmp_ctx);
1427 W_ERROR_HAVE_NO_MEMORY(dsdb_dn);
1429 out->values[i] = data_blob_string_const(dsdb_dn_get_extended_linearized(out->values, dsdb_dn, 1));
1430 talloc_free(tmp_ctx);
1436 static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(struct ldb_context *ldb,
1437 const struct dsdb_schema *schema,
1438 const struct dsdb_attribute *attr,
1439 const struct ldb_message_element *in,
1440 TALLOC_CTX *mem_ctx,
1441 struct drsuapi_DsReplicaAttribute *out)
1446 if (attr->attributeID_id == 0xFFFFFFFF) {
1450 out->attid = attr->attributeID_id;
1451 out->value_ctr.num_values = in->num_values;
1452 out->value_ctr.values = talloc_array(mem_ctx,
1453 struct drsuapi_DsAttributeValue,
1455 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1457 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1458 W_ERROR_HAVE_NO_MEMORY(blobs);
1460 for (i=0; i < in->num_values; i++) {
1461 struct drsuapi_DsReplicaObjectIdentifier3Binary id3;
1462 enum ndr_err_code ndr_err;
1463 const DATA_BLOB *sid_blob;
1464 struct dsdb_dn *dsdb_dn;
1465 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1468 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1470 out->value_ctr.values[i].blob = &blobs[i];
1472 dsdb_dn = dsdb_dn_parse(tmp_ctx, ldb, &in->values[i], attr->syntax->ldap_oid);
1475 talloc_free(tmp_ctx);
1476 return ntstatus_to_werror(NT_STATUS_INVALID_PARAMETER);
1481 status = dsdb_get_extended_dn_guid(dsdb_dn->dn, &id3.guid, "GUID");
1482 if (!NT_STATUS_IS_OK(status) &&
1483 !NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1484 talloc_free(tmp_ctx);
1485 return ntstatus_to_werror(status);
1488 sid_blob = ldb_dn_get_extended_component(dsdb_dn->dn, "SID");
1491 ndr_err = ndr_pull_struct_blob_all(sid_blob,
1492 tmp_ctx, schema->iconv_convenience, &id3.sid,
1493 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
1494 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1495 status = ndr_map_error2ntstatus(ndr_err);
1496 talloc_free(tmp_ctx);
1497 return ntstatus_to_werror(status);
1501 id3.dn = ldb_dn_get_linearized(dsdb_dn->dn);
1503 /* get binary stuff */
1504 id3.binary = dsdb_dn->extra_part;
1506 ndr_err = ndr_push_struct_blob(&blobs[i], blobs, schema->iconv_convenience, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3Binary);
1507 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1508 status = ndr_map_error2ntstatus(ndr_err);
1509 talloc_free(tmp_ctx);
1510 return ntstatus_to_werror(status);
1512 talloc_free(tmp_ctx);
1518 static WERROR dsdb_syntax_DN_STRING_drsuapi_to_ldb(struct ldb_context *ldb,
1519 const struct dsdb_schema *schema,
1520 const struct dsdb_attribute *attr,
1521 const struct drsuapi_DsReplicaAttribute *in,
1522 TALLOC_CTX *mem_ctx,
1523 struct ldb_message_element *out)
1525 return dsdb_syntax_DN_BINARY_drsuapi_to_ldb(ldb,
1533 static WERROR dsdb_syntax_DN_STRING_ldb_to_drsuapi(struct ldb_context *ldb,
1534 const struct dsdb_schema *schema,
1535 const struct dsdb_attribute *attr,
1536 const struct ldb_message_element *in,
1537 TALLOC_CTX *mem_ctx,
1538 struct drsuapi_DsReplicaAttribute *out)
1540 return dsdb_syntax_DN_BINARY_ldb_to_drsuapi(ldb,
1548 static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(struct ldb_context *ldb,
1549 const struct dsdb_schema *schema,
1550 const struct dsdb_attribute *attr,
1551 const struct drsuapi_DsReplicaAttribute *in,
1552 TALLOC_CTX *mem_ctx,
1553 struct ldb_message_element *out)
1558 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1559 W_ERROR_HAVE_NO_MEMORY(out->name);
1561 out->num_values = in->value_ctr.num_values;
1562 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1563 W_ERROR_HAVE_NO_MEMORY(out->values);
1565 for (i=0; i < out->num_values; i++) {
1569 if (in->value_ctr.values[i].blob == NULL) {
1573 if (in->value_ctr.values[i].blob->length < 4) {
1577 len = IVAL(in->value_ctr.values[i].blob->data, 0);
1579 if (len != in->value_ctr.values[i].blob->length) {
1583 if (!convert_string_talloc_convenience(out->values, schema->iconv_convenience, CH_UTF16, CH_UNIX,
1584 in->value_ctr.values[i].blob->data+4,
1585 in->value_ctr.values[i].blob->length-4,
1586 (void **)&str, NULL, false)) {
1590 out->values[i] = data_blob_string_const(str);
1596 static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(struct ldb_context *ldb,
1597 const struct dsdb_schema *schema,
1598 const struct dsdb_attribute *attr,
1599 const struct ldb_message_element *in,
1600 TALLOC_CTX *mem_ctx,
1601 struct drsuapi_DsReplicaAttribute *out)
1606 if (attr->attributeID_id == 0xFFFFFFFF) {
1610 out->attid = attr->attributeID_id;
1611 out->value_ctr.num_values = in->num_values;
1612 out->value_ctr.values = talloc_array(mem_ctx,
1613 struct drsuapi_DsAttributeValue,
1615 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1617 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1618 W_ERROR_HAVE_NO_MEMORY(blobs);
1620 for (i=0; i < in->num_values; i++) {
1624 out->value_ctr.values[i].blob = &blobs[i];
1626 if (!convert_string_talloc_convenience(blobs, schema->iconv_convenience, CH_UNIX, CH_UTF16,
1628 in->values[i].length,
1629 (void **)&data, &ret, false)) {
1633 blobs[i] = data_blob_talloc(blobs, NULL, 4 + ret);
1634 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
1636 SIVAL(blobs[i].data, 0, 4 + ret);
1639 memcpy(blobs[i].data + 4, data, ret);
1647 #define OMOBJECTCLASS(val) { .length = sizeof(val) - 1, .data = discard_const_p(uint8_t, val) }
1649 static const struct dsdb_syntax dsdb_syntaxes[] = {
1652 .ldap_oid = LDB_SYNTAX_BOOLEAN,
1654 .attributeSyntax_oid = "2.5.5.8",
1655 .drsuapi_to_ldb = dsdb_syntax_BOOL_drsuapi_to_ldb,
1656 .ldb_to_drsuapi = dsdb_syntax_BOOL_ldb_to_drsuapi,
1657 .validate_ldb = dsdb_syntax_BOOL_validate_ldb,
1658 .equality = "booleanMatch",
1659 .comment = "Boolean"
1662 .ldap_oid = LDB_SYNTAX_INTEGER,
1664 .attributeSyntax_oid = "2.5.5.9",
1665 .drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
1666 .ldb_to_drsuapi = dsdb_syntax_INT32_ldb_to_drsuapi,
1667 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1668 .equality = "integerMatch",
1669 .comment = "Integer",
1670 .ldb_syntax = LDB_SYNTAX_SAMBA_INT32
1672 .name = "String(Octet)",
1673 .ldap_oid = LDB_SYNTAX_OCTET_STRING,
1675 .attributeSyntax_oid = "2.5.5.10",
1676 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1677 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1678 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1679 .equality = "octetStringMatch",
1680 .comment = "Octet String",
1682 .name = "String(Sid)",
1683 .ldap_oid = LDB_SYNTAX_OCTET_STRING,
1685 .attributeSyntax_oid = "2.5.5.17",
1686 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1687 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1688 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1689 .equality = "octetStringMatch",
1690 .comment = "Octet String - Security Identifier (SID)",
1691 .ldb_syntax = LDB_SYNTAX_SAMBA_SID
1693 .name = "String(Object-Identifier)",
1694 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.38",
1696 .attributeSyntax_oid = "2.5.5.2",
1697 .drsuapi_to_ldb = dsdb_syntax_OID_drsuapi_to_ldb,
1698 .ldb_to_drsuapi = dsdb_syntax_OID_ldb_to_drsuapi,
1699 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1700 .equality = "caseIgnoreMatch", /* Would use "objectIdentifierMatch" but most are ldap attribute/class names */
1701 .comment = "OID String",
1702 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING
1704 .name = "Enumeration",
1705 .ldap_oid = LDB_SYNTAX_INTEGER,
1707 .attributeSyntax_oid = "2.5.5.9",
1708 .drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
1709 .ldb_to_drsuapi = dsdb_syntax_INT32_ldb_to_drsuapi,
1710 .validate_ldb = dsdb_syntax_INT32_validate_ldb,
1711 .ldb_syntax = LDB_SYNTAX_SAMBA_INT32
1713 /* not used in w2k3 forest */
1714 .name = "String(Numeric)",
1715 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.36",
1717 .attributeSyntax_oid = "2.5.5.6",
1718 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1719 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1720 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1721 .equality = "numericStringMatch",
1722 .substring = "numericStringSubstringsMatch",
1723 .comment = "Numeric String",
1724 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
1726 .name = "String(Printable)",
1727 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.44",
1729 .attributeSyntax_oid = "2.5.5.5",
1730 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1731 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1732 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1733 .ldb_syntax = LDB_SYNTAX_OCTET_STRING,
1735 .name = "String(Teletex)",
1736 .ldap_oid = "1.2.840.113556.1.4.905",
1738 .attributeSyntax_oid = "2.5.5.4",
1739 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1740 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1741 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1742 .equality = "caseIgnoreMatch",
1743 .substring = "caseIgnoreSubstringsMatch",
1744 .comment = "Case Insensitive String",
1745 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
1747 .name = "String(IA5)",
1748 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.26",
1750 .attributeSyntax_oid = "2.5.5.5",
1751 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1752 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1753 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1754 .equality = "caseExactIA5Match",
1755 .comment = "Printable String",
1756 .ldb_syntax = LDB_SYNTAX_OCTET_STRING,
1758 .name = "String(UTC-Time)",
1759 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.53",
1761 .attributeSyntax_oid = "2.5.5.11",
1762 .drsuapi_to_ldb = dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb,
1763 .ldb_to_drsuapi = dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi,
1764 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1765 .equality = "generalizedTimeMatch",
1766 .comment = "UTC Time",
1768 .name = "String(Generalized-Time)",
1769 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.24",
1771 .attributeSyntax_oid = "2.5.5.11",
1772 .drsuapi_to_ldb = dsdb_syntax_NTTIME_drsuapi_to_ldb,
1773 .ldb_to_drsuapi = dsdb_syntax_NTTIME_ldb_to_drsuapi,
1774 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1775 .equality = "generalizedTimeMatch",
1776 .comment = "Generalized Time",
1777 .ldb_syntax = LDB_SYNTAX_UTC_TIME,
1779 /* not used in w2k3 schema */
1780 .name = "String(Case Sensitive)",
1781 .ldap_oid = "1.2.840.113556.1.4.1362",
1783 .attributeSyntax_oid = "2.5.5.3",
1784 .drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
1785 .ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
1786 .validate_ldb = dsdb_syntax_FOOBAR_validate_ldb,
1788 .name = "String(Unicode)",
1789 .ldap_oid = LDB_SYNTAX_DIRECTORY_STRING,
1791 .attributeSyntax_oid = "2.5.5.12",
1792 .drsuapi_to_ldb = dsdb_syntax_UNICODE_drsuapi_to_ldb,
1793 .ldb_to_drsuapi = dsdb_syntax_UNICODE_ldb_to_drsuapi,
1794 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1795 .equality = "caseIgnoreMatch",
1796 .substring = "caseIgnoreSubstringsMatch",
1797 .comment = "Directory String",
1799 .name = "Interval/LargeInteger",
1800 .ldap_oid = "1.2.840.113556.1.4.906",
1802 .attributeSyntax_oid = "2.5.5.16",
1803 .drsuapi_to_ldb = dsdb_syntax_INT64_drsuapi_to_ldb,
1804 .ldb_to_drsuapi = dsdb_syntax_INT64_ldb_to_drsuapi,
1805 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1806 .equality = "integerMatch",
1807 .comment = "Large Integer",
1808 .ldb_syntax = LDB_SYNTAX_INTEGER,
1810 .name = "String(NT-Sec-Desc)",
1811 .ldap_oid = LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR,
1813 .attributeSyntax_oid = "2.5.5.15",
1814 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1815 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1816 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1818 .name = "Object(DS-DN)",
1819 .ldap_oid = LDB_SYNTAX_DN,
1821 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a"),
1822 .attributeSyntax_oid = "2.5.5.1",
1823 .drsuapi_to_ldb = dsdb_syntax_DN_drsuapi_to_ldb,
1824 .ldb_to_drsuapi = dsdb_syntax_DN_ldb_to_drsuapi,
1825 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1826 .equality = "distinguishedNameMatch",
1827 .comment = "Object(DS-DN) == a DN",
1829 .name = "Object(DN-Binary)",
1830 .ldap_oid = DSDB_SYNTAX_BINARY_DN,
1832 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0b"),
1833 .attributeSyntax_oid = "2.5.5.7",
1834 .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
1835 .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
1836 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1837 .equality = "octetStringMatch",
1838 .comment = "OctetString: Binary+DN",
1840 /* not used in w2k3 schema, but used in Exchange schema*/
1841 .name = "Object(OR-Name)",
1842 .ldap_oid = DSDB_SYNTAX_OR_NAME,
1844 .oMObjectClass = OMOBJECTCLASS("\x56\x06\x01\x02\x05\x0b\x1D"),
1845 .attributeSyntax_oid = "2.5.5.7",
1846 .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
1847 .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
1848 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1849 .equality = "caseIgnoreMatch",
1850 .ldb_syntax = LDB_SYNTAX_DN,
1853 * TODO: verify if DATA_BLOB is correct here...!
1855 * repsFrom and repsTo are the only attributes using
1856 * this attribute syntax, but they're not replicated...
1858 .name = "Object(Replica-Link)",
1859 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.40",
1861 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x06"),
1862 .attributeSyntax_oid = "2.5.5.10",
1863 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
1864 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
1865 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1867 .name = "Object(Presentation-Address)",
1868 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.43",
1870 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x5c"),
1871 .attributeSyntax_oid = "2.5.5.13",
1872 .drsuapi_to_ldb = dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb,
1873 .ldb_to_drsuapi = dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi,
1874 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1875 .comment = "Presentation Address",
1876 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
1878 /* not used in w2k3 schema */
1879 .name = "Object(Access-Point)",
1880 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.2",
1882 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x3e"),
1883 .attributeSyntax_oid = "2.5.5.14",
1884 .drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
1885 .ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
1886 .validate_ldb = dsdb_syntax_FOOBAR_validate_ldb,
1887 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
1889 /* not used in w2k3 schema */
1890 .name = "Object(DN-String)",
1891 .ldap_oid = DSDB_SYNTAX_STRING_DN,
1893 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c"),
1894 .attributeSyntax_oid = "2.5.5.14",
1895 .drsuapi_to_ldb = dsdb_syntax_DN_STRING_drsuapi_to_ldb,
1896 .ldb_to_drsuapi = dsdb_syntax_DN_STRING_ldb_to_drsuapi,
1897 .validate_ldb = dsdb_syntax_ALLOW_validate_ldb,
1898 .equality = "octetStringMatch",
1899 .comment = "OctetString: String+DN",
1903 const struct dsdb_syntax *find_syntax_map_by_ad_oid(const char *ad_oid)
1906 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
1907 if (strcasecmp(ad_oid, dsdb_syntaxes[i].attributeSyntax_oid) == 0) {
1908 return &dsdb_syntaxes[i];
1914 const struct dsdb_syntax *find_syntax_map_by_ad_syntax(int oMSyntax)
1917 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
1918 if (oMSyntax == dsdb_syntaxes[i].oMSyntax) {
1919 return &dsdb_syntaxes[i];
1925 const struct dsdb_syntax *find_syntax_map_by_standard_oid(const char *standard_oid)
1928 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
1929 if (strcasecmp(standard_oid, dsdb_syntaxes[i].ldap_oid) == 0) {
1930 return &dsdb_syntaxes[i];
1935 const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute *attr)
1939 for (i=0; i < ARRAY_SIZE(dsdb_syntaxes); i++) {
1940 if (attr->oMSyntax != dsdb_syntaxes[i].oMSyntax) continue;
1942 if (attr->oMObjectClass.length != dsdb_syntaxes[i].oMObjectClass.length) continue;
1944 if (attr->oMObjectClass.length) {
1946 ret = memcmp(attr->oMObjectClass.data,
1947 dsdb_syntaxes[i].oMObjectClass.data,
1948 attr->oMObjectClass.length);
1949 if (ret != 0) continue;
1952 if (strcmp(attr->attributeSyntax_oid, dsdb_syntaxes[i].attributeSyntax_oid) != 0) continue;
1954 return &dsdb_syntaxes[i];
1960 WERROR dsdb_attribute_drsuapi_to_ldb(struct ldb_context *ldb,
1961 const struct dsdb_schema *schema,
1962 const struct drsuapi_DsReplicaAttribute *in,
1963 TALLOC_CTX *mem_ctx,
1964 struct ldb_message_element *out)
1966 const struct dsdb_attribute *sa;
1968 sa = dsdb_attribute_by_attributeID_id(schema, in->attid);
1973 return sa->syntax->drsuapi_to_ldb(ldb, schema, sa, in, mem_ctx, out);
1976 WERROR dsdb_attribute_ldb_to_drsuapi(struct ldb_context *ldb,
1977 const struct dsdb_schema *schema,
1978 const struct ldb_message_element *in,
1979 TALLOC_CTX *mem_ctx,
1980 struct drsuapi_DsReplicaAttribute *out)
1982 const struct dsdb_attribute *sa;
1984 sa = dsdb_attribute_by_lDAPDisplayName(schema, in->name);
1989 return sa->syntax->ldb_to_drsuapi(ldb, schema, sa, in, mem_ctx, out);
1992 WERROR dsdb_attribute_validate_ldb(struct ldb_context *ldb,
1993 const struct dsdb_schema *schema,
1994 const struct ldb_message_element *in)
1996 const struct dsdb_attribute *sa;
1998 sa = dsdb_attribute_by_lDAPDisplayName(schema, in->name);
2000 return WERR_DS_ATTRIBUTE_TYPE_UNDEFINED;
2003 return sa->syntax->validate_ldb(ldb, schema, sa, in);
git.samba.org / ira / wip.git / blob