return result;
}
+ char * smbldap_talloc_smallest_attribute(LDAP *ldap_struct, LDAPMessage *entry,
+ const char *attribute,
+ TALLOC_CTX *mem_ctx)
+{
+ char **values;
+ char *result;
+ size_t converted_size;
+ int i, num_values;
+
+ if (attribute == NULL) {
+ return NULL;
+ }
+
+ values = ldap_get_values(ldap_struct, entry, attribute);
+
+ if (values == NULL) {
+ DEBUG(10, ("attribute %s does not exist\n", attribute));
+ return NULL;
+ }
+
+ if (!pull_utf8_talloc(mem_ctx, &result, values[0], &converted_size)) {
+ DEBUG(10, ("pull_utf8_talloc failed\n"));
+ ldap_value_free(values);
+ return NULL;
+ }
+
+ num_values = ldap_count_values(values);
+
+ for (i=1; i<num_values; i++) {
+ char *tmp;
+
+ if (!pull_utf8_talloc(mem_ctx, &tmp, values[i],
+ &converted_size)) {
+ DEBUG(10, ("pull_utf8_talloc failed\n"));
+ TALLOC_FREE(result);
+ ldap_value_free(values);
+ return NULL;
+ }
+
+ if (StrCaseCmp(tmp, result) < 0) {
+ TALLOC_FREE(result);
+ result = tmp;
+ } else {
+ TALLOC_FREE(tmp);
+ }
+ }
+
+ ldap_value_free(values);
+
+#ifdef DEBUG_PASSWORDS
+ DEBUG (100, ("smbldap_get_single_attribute: [%s] = [%s]\n",
+ attribute, result));
+#endif
+ return result;
+}
+
+ bool smbldap_pull_sid(LDAP *ld, LDAPMessage *msg, const char *attrib,
+ struct dom_sid *sid)
+{
+ struct berval **values;
+ bool ret = False;
+
+ values = ldap_get_values_len(ld, msg, attrib);
+
+ if (!values) {
+ return false;
+ }
+
+ if (values[0] != NULL) {
+ ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
+ }
+
+ ldap_value_free_len(values);
+ return ret;
+}
+
static int ldapmsg_destructor(LDAPMessage **result) {
ldap_msgfree(*result);
return 0;
/* notreached. */
}
- if (!push_utf8_allocate(&utf8_value, value, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_value, value, &converted_size)) {
smb_panic("smbldap_set_mod: String conversion failure!");
/* notreached. */
}
-
- mods[i]->mod_values[j] = utf8_value;
+
+
+ mods[i]->mod_values[j] = SMB_STRDUP(utf8_value);
+ TALLOC_FREE(utf8_value);
+ SMB_ASSERT(mods[i]->mod_values[j] != NULL);
mods[i]->mod_values[j + 1] = NULL;
}
int smb_ldap_start_tls(LDAP *ldap_struct, int version)
{
+#ifdef LDAP_OPT_X_TLS
int rc;
+#endif
if (lp_ldap_ssl() != LDAP_SSL_START_TLS) {
return LDAP_SUCCESS;
static void smbldap_idle_fn(struct event_context *event_ctx,
struct timed_event *te,
- const struct timeval *now,
+ struct timeval now,
void *private_data);
/**********************************************************************
int rc, opt_rc;
bool reopen = False;
SMB_ASSERT(ldap_state);
-
-#ifndef NO_LDAP_SECURITY
- if (geteuid() != 0) {
- DEBUG(0, ("smbldap_open: cannot access LDAP when not root\n"));
- return LDAP_INSUFFICIENT_ACCESS;
- }
-#endif
if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + SMBLDAP_DONT_PING_TIME) < time(NULL))) {
ldap_state->idle_event = event_add_timed(
ldap_state->event_context, NULL,
timeval_current_ofs(SMBLDAP_IDLE_TIME, 0),
- "smbldap_idle_fn", smbldap_idle_fn, ldap_state);
+ smbldap_idle_fn, ldap_state);
}
DEBUG(4,("The LDAP server is successfully connected\n"));
ZERO_STRUCT(ldap_state->last_rebind);
}
- if (!push_utf8_allocate(&utf8_filter, filter, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_filter, filter, &converted_size)) {
return LDAP_NO_MEMORY;
}
}
}
- SAFE_FREE(utf8_filter);
+ TALLOC_FREE(utf8_filter);
/* Teardown timeout. */
CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN);
DEBUG(5,("smbldap_modify: dn => [%s]\n", dn ));
- if (!push_utf8_allocate(&utf8_dn, dn, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, dn, &converted_size)) {
return LDAP_NO_MEMORY;
}
}
}
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return rc;
}
DEBUG(5,("smbldap_add: dn => [%s]\n", dn ));
- if (!push_utf8_allocate(&utf8_dn, dn, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, dn, &converted_size)) {
return LDAP_NO_MEMORY;
}
}
}
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return rc;
}
DEBUG(5,("smbldap_delete: dn => [%s]\n", dn ));
- if (!push_utf8_allocate(&utf8_dn, dn, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_dn, dn, &converted_size)) {
return LDAP_NO_MEMORY;
}
}
}
- SAFE_FREE(utf8_dn);
+ TALLOC_FREE(utf8_dn);
return rc;
}
static void smbldap_idle_fn(struct event_context *event_ctx,
struct timed_event *te,
- const struct timeval *now,
+ struct timeval now,
void *private_data)
{
struct smbldap_state *state = (struct smbldap_state *)private_data;
return;
}
- if ((state->last_use+SMBLDAP_IDLE_TIME) > now->tv_sec) {
+ if ((state->last_use+SMBLDAP_IDLE_TIME) > now.tv_sec) {
DEBUG(10,("ldap connection not idle...\n"));
state->idle_event = event_add_timed(
event_ctx, NULL,
- timeval_add(now, SMBLDAP_IDLE_TIME, 0),
- "smbldap_idle_fn", smbldap_idle_fn,
+ timeval_add(&now, SMBLDAP_IDLE_TIME, 0),
+ smbldap_idle_fn,
private_data);
return;
}
return NT_STATUS_OK;
}
-/*******************************************************************
- Return a copy of the DN for a LDAPMessage. Convert from utf8 to CH_UNIX.
-********************************************************************/
-char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry)
-{
- char *utf8_dn, *unix_dn;
- size_t converted_size;
-
- utf8_dn = ldap_get_dn(ld, entry);
- if (!utf8_dn) {
- DEBUG (5, ("smbldap_get_dn: ldap_get_dn failed\n"));
- return NULL;
- }
- if (!pull_utf8_allocate(&unix_dn, utf8_dn, &converted_size)) {
- DEBUG (0, ("smbldap_get_dn: String conversion failure utf8 "
- "[%s]\n", utf8_dn));
- return NULL;
- }
- ldap_memfree(utf8_dn);
- return unix_dn;
-}
-
- const char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
- LDAPMessage *entry)
+ char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
+ LDAPMessage *entry)
{
char *utf8_dn, *unix_dn;
size_t converted_size;
utf8_dn = ldap_get_dn(ld, entry);
if (!utf8_dn) {
- DEBUG (5, ("smbldap_get_dn: ldap_get_dn failed\n"));
+ DEBUG (5, ("smbldap_talloc_dn: ldap_get_dn failed\n"));
return NULL;
}
if (!pull_utf8_talloc(mem_ctx, &unix_dn, utf8_dn, &converted_size)) {
- DEBUG (0, ("smbldap_get_dn: String conversion failure utf8 "
+ DEBUG (0, ("smbldap_talloc_dn: String conversion failure utf8 "
"[%s]\n", utf8_dn));
return NULL;
}