#include "includes.h"
#include "dsdb/samdb/samdb.h"
#include "lib/ldb/include/ldb_errors.h"
-#include "lib/util/dlinklist.h"
+#include "../lib/util/dlinklist.h"
#include "librpc/gen_ndr/ndr_misc.h"
#include "librpc/gen_ndr/ndr_drsuapi.h"
#include "librpc/gen_ndr/ndr_drsblobs.h"
#include "param/param.h"
+#include "lib/ldb/include/ldb_module.h"
struct dsdb_schema *dsdb_new_schema(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience)
{
return ntstatus_to_werror(nt_status);
}
- *schemaInfo = strhex_to_data_blob(schema->schema_info);
+ *schemaInfo = strhex_to_data_blob(mem_ctx, schema->schema_info);
W_ERROR_HAVE_NO_MEMORY(schemaInfo->data);
- talloc_steal(mem_ctx, schemaInfo->data);
return WERR_OK;
}
return status;
}
+ talloc_free(schema->prefixes);
+ schema->prefixes = talloc_steal(schema, prefixes);
+ schema->num_prefixes = num_prefixes;
+
/* Update prefixMap in ldb*/
- status = dsdb_write_prefixes_to_ldb(mem_ctx, ldb, num_prefixes, prefixes);
+ status = dsdb_write_prefixes_from_schema_to_ldb(mem_ctx, ldb, schema);
if (!W_ERROR_IS_OK(status)) {
DEBUG(0,("dsdb_create_prefix_mapping: dsdb_write_prefixes_to_ldb: %s\n",
win_errstr(status)));
return status;
}
+ DEBUG(2,(__location__ " Added prefixMap %s - now have %u prefixes\n",
+ full_oid, num_prefixes));
+
talloc_free(mem_ctx);
return status;
}
return WERR_OK;
}
+ DEBUG(5,(__location__ " Failed to find oid %s - have %u prefixes\n", in, num_prefixes));
+
return WERR_DS_NO_MSDS_INTID;
}
-WERROR dsdb_write_prefixes_to_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
- uint32_t num_prefixes,
- const struct dsdb_schema_oid_prefix *prefixes)
+WERROR dsdb_write_prefixes_from_schema_to_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
+ const struct dsdb_schema *schema)
{
struct ldb_message msg;
struct ldb_dn *schema_dn;
schema_dn = samdb_schema_dn(ldb);
if (!schema_dn) {
- DEBUG(0,("dsdb_write_prefixes_to_ldb: no schema dn present\n"));
+ DEBUG(0,("dsdb_write_prefixes_from_schema_to_ldb: no schema dn present\n"));
return WERR_FOOBAR;
}
pm.version = PREFIX_MAP_VERSION_DSDB;
- pm.ctr.dsdb.num_mappings = num_prefixes;
+ pm.ctr.dsdb.num_mappings = schema->num_prefixes;
pm.ctr.dsdb.mappings = talloc_array(mem_ctx,
struct drsuapi_DsReplicaOIDMapping,
pm.ctr.dsdb.num_mappings);
return WERR_NOMEM;
}
- for (i=0; i < num_prefixes; i++) {
- pm.ctr.dsdb.mappings[i].id_prefix = prefixes[i].id>>16;
- pm.ctr.dsdb.mappings[i].oid.oid = talloc_strdup(pm.ctr.dsdb.mappings, prefixes[i].oid);
+ for (i=0; i < schema->num_prefixes; i++) {
+ pm.ctr.dsdb.mappings[i].id_prefix = schema->prefixes[i].id>>16;
+ pm.ctr.dsdb.mappings[i].oid.oid = talloc_strdup(pm.ctr.dsdb.mappings, schema->prefixes[i].oid);
}
ndr_err = ndr_push_struct_blob(&ndr_blob, ldb,
ret = ldb_modify( ldb, &msg );
if (ret != 0) {
- DEBUG(0,("dsdb_write_prefixes_to_ldb: ldb_modify failed\n"));
+ DEBUG(0,("dsdb_write_prefixes_from_schema_to_ldb: ldb_modify failed\n"));
return WERR_FOOBAR;
}
return WERR_FOOBAR;
}
- ret = ldb_search(ldb, schema_dn, LDB_SCOPE_BASE,NULL, schema_attrs,&schema_res);
+ ret = ldb_search(ldb, mem_ctx, &schema_res, schema_dn, LDB_SCOPE_BASE, schema_attrs, NULL);
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(0,("dsdb_read_prefixes_from_ldb: no prefix map present\n"));
+ talloc_free(schema_res);
return WERR_FOOBAR;
} else if (ret != LDB_SUCCESS) {
DEBUG(0,("dsdb_read_prefixes_from_ldb: failed to search the schema head\n"));
+ talloc_free(schema_res);
return WERR_FOOBAR;
}
prefix_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "prefixMap");
if (!prefix_val) {
DEBUG(0,("dsdb_read_prefixes_from_ldb: no prefixMap attribute found\n"));
+ talloc_free(schema_res);
return WERR_FOOBAR;
}
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0,("dsdb_read_prefixes_from_ldb: ndr_pull_struct_blob failed\n"));
talloc_free(blob);
+ talloc_free(schema_res);
return WERR_FOOBAR;
}
+ talloc_free(schema_res);
+
if (blob->version != PREFIX_MAP_VERSION_DSDB) {
DEBUG(0,("dsdb_read_prefixes_from_ldb: blob->version incorect\n"));
talloc_free(blob);
(*prefixes)[i].id = blob->ctr.dsdb.mappings[i].id_prefix<<16;
oid = talloc_strdup(mem_ctx, blob->ctr.dsdb.mappings[i].oid.oid);
(*prefixes)[i].oid = talloc_asprintf_append(oid, ".");
- (*prefixes)[i].oid_len = strlen(blob->ctr.dsdb.mappings[i].oid.oid);
+ (*prefixes)[i].oid_len = strlen((*prefixes)[i].oid);
}
talloc_free(blob);
return WERR_OK;
}
+/*
+ this will be replaced with something that looks at the right part of
+ the schema once we know where unique indexing information is hidden
+ */
+static bool dsdb_schema_unique_attribute(const char *attr)
+{
+ const char *attrs[] = { "objectGUID", "objectSID" , NULL };
+ int i;
+ for (i=0;attrs[i];i++) {
+ if (strcasecmp(attr, attrs[i]) == 0) {
+ return true;
+ }
+ }
+ return false;
+}
+
+
+/*
+ setup the ldb_schema_attribute field for a dsdb_attribute
+ */
+static int dsdb_schema_setup_ldb_schema_attribute(struct ldb_context *ldb,
+ struct dsdb_attribute *attr)
+{
+ const char *syntax = attr->syntax->ldb_syntax;
+ const struct ldb_schema_syntax *s;
+ struct ldb_schema_attribute *a;
+
+ if (!syntax) {
+ syntax = attr->syntax->ldap_oid;
+ }
+
+ s = ldb_samba_syntax_by_lDAPDisplayName(ldb, attr->lDAPDisplayName);
+ if (s == NULL) {
+ s = ldb_samba_syntax_by_name(ldb, syntax);
+ }
+ if (s == NULL) {
+ s = ldb_standard_syntax_by_name(ldb, syntax);
+ }
+
+ if (s == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ attr->ldb_schema_attribute = a = talloc(attr, struct ldb_schema_attribute);
+ if (attr->ldb_schema_attribute == NULL) {
+ ldb_oom(ldb);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ a->name = attr->lDAPDisplayName;
+ a->flags = 0;
+ a->syntax = s;
+
+ if (dsdb_schema_unique_attribute(a->name)) {
+ a->flags |= LDB_ATTR_FLAG_UNIQUE_INDEX;
+ }
+
+ return LDB_SUCCESS;
+}
+
+
#define GET_STRING_LDB(msg, attr, mem_ctx, p, elem, strict) do { \
- (p)->elem = samdb_result_string(msg, attr, NULL);\
- if (strict && (p)->elem == NULL) { \
- d_printf("%s: %s == NULL\n", __location__, attr); \
- return WERR_INVALID_PARAM; \
- } \
- talloc_steal(mem_ctx, (p)->elem); \
+ const struct ldb_val *get_string_val = ldb_msg_find_ldb_val(msg, attr); \
+ if (get_string_val == NULL) { \
+ if (strict) { \
+ d_printf("%s: %s == NULL\n", __location__, attr); \
+ return WERR_INVALID_PARAM; \
+ } else { \
+ (p)->elem = NULL; \
+ } \
+ } else { \
+ (p)->elem = talloc_strndup(mem_ctx, \
+ (const char *)get_string_val->data, \
+ get_string_val->length); \
+ if (!(p)->elem) { \
+ d_printf("%s: talloc_strndup failed for %s\n", __location__, attr); \
+ return WERR_NOMEM; \
+ } \
+ } \
} while (0)
#define GET_STRING_LIST_LDB(msg, attr, mem_ctx, p, elem, strict) do { \
(p)->elem = samdb_result_uint(msg, attr, 0);\
} while (0)
+#define GET_UINT32_PTR_LDB(msg, attr, p, elem) do { \
+ uint64_t _v = samdb_result_uint64(msg, attr, UINT64_MAX);\
+ if (_v == UINT64_MAX) { \
+ (p)->elem = NULL; \
+ } else if (_v > UINT32_MAX) { \
+ d_printf("%s: %s == 0x%llX\n", __location__, \
+ attr, (unsigned long long)_v); \
+ return WERR_INVALID_PARAM; \
+ } else { \
+ (p)->elem = talloc(mem_ctx, uint32_t); \
+ if (!(p)->elem) { \
+ d_printf("%s: talloc failed for %s\n", __location__, attr); \
+ return WERR_NOMEM; \
+ } \
+ *(p)->elem = (uint32_t)_v; \
+ } \
+} while (0)
+
#define GET_GUID_LDB(msg, attr, p, elem) do { \
(p)->elem = samdb_result_guid(msg, attr);\
} while (0)
}\
} while (0)
-WERROR dsdb_attribute_from_ldb(const struct dsdb_schema *schema,
+WERROR dsdb_attribute_from_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
struct ldb_message *msg,
TALLOC_CTX *mem_ctx,
struct dsdb_attribute *attr)
GET_BLOB_LDB(msg, "oMObjectClass", mem_ctx, attr, oMObjectClass);
GET_BOOL_LDB(msg, "isSingleValued", attr, isSingleValued, true);
- GET_UINT32_LDB(msg, "rangeLower", attr, rangeLower);
- GET_UINT32_LDB(msg, "rangeUpper", attr, rangeUpper);
+ GET_UINT32_PTR_LDB(msg, "rangeLower", attr, rangeLower);
+ GET_UINT32_PTR_LDB(msg, "rangeUpper", attr, rangeUpper);
GET_BOOL_LDB(msg, "extendedCharsAllowed", attr, extendedCharsAllowed, false);
GET_UINT32_LDB(msg, "schemaFlagsEx", attr, schemaFlagsEx);
return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
}
+ if (dsdb_schema_setup_ldb_schema_attribute(ldb, attr) != LDB_SUCCESS) {
+ return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
+ }
+
return WERR_OK;
}
GET_STRING_LIST_LDB(msg, "systemPossSuperiors", mem_ctx, obj, systemPossSuperiors, false);
GET_STRING_LIST_LDB(msg, "possSuperiors", mem_ctx, obj, possSuperiors, false);
- GET_STRING_LIST_LDB(msg, "possibleInferiors", mem_ctx, obj, possibleInferiors, false);
GET_STRING_LDB(msg, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false);
#define dsdb_oom(error_string, mem_ctx) *error_string = talloc_asprintf(mem_ctx, "dsdb out of memory at %s:%d\n", __FILE__, __LINE__)
+/*
+ Create a DSDB schema from the ldb results provided. This is called
+ directly when the schema is provisioned from an on-disk LDIF file, or
+ from dsdb_schema_from_schema_dn below
+*/
+
int dsdb_schema_from_ldb_results(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
struct smb_iconv_convenience *iconv_convenience,
struct ldb_result *schema_res,
}
info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
if (!info_val) {
- info_val_default = strhex_to_data_blob("FF0000000000000000000000000000000000000000");
+ info_val_default = strhex_to_data_blob(mem_ctx, "FF0000000000000000000000000000000000000000");
if (!info_val_default.data) {
dsdb_oom(error_string, mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
- talloc_steal(mem_ctx, info_val_default.data);
info_val = &info_val_default;
}
return LDB_ERR_OPERATIONS_ERROR;
}
- status = dsdb_attribute_from_ldb(schema, attrs_res->msgs[i], sa, sa);
+ status = dsdb_attribute_from_ldb(ldb, schema, attrs_res->msgs[i], sa, sa);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load attribute definition: %s:%s",
return LDB_SUCCESS;
}
-/* This recursive load of the objectClasses presumes that they
- * everything is in a strict subClassOf hirarchy.
- *
- * We load this in order so we produce certain outputs (such as the
- * exported schema for openldap, and sorted objectClass attribute) 'in
- * order' */
-
-static int fetch_oc_recursive(struct ldb_context *ldb, struct ldb_dn *schemadn,
- TALLOC_CTX *mem_ctx,
- struct ldb_result *search_from,
- struct ldb_result *res_list)
-{
- int i;
- int ret = 0;
- for (i=0; i < search_from->count; i++) {
- struct ldb_result *res;
- const char *name = ldb_msg_find_attr_as_string(search_from->msgs[i],
- "lDAPDisplayname", NULL);
-
- ret = ldb_search_exp_fmt(ldb, mem_ctx, &res,
- schemadn, LDB_SCOPE_SUBTREE, NULL,
- "(&(&(objectClass=classSchema)(subClassOf=%s))(!(lDAPDisplayName=%s)))",
- name, name);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- res_list->msgs = talloc_realloc(res_list, res_list->msgs,
- struct ldb_message *, res_list->count + 2);
- if (!res_list->msgs) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
- res_list->msgs[res_list->count] = talloc_move(res_list,
- &search_from->msgs[i]);
- res_list->count++;
- res_list->msgs[res_list->count] = NULL;
-
- if (res->count > 0) {
- ret = fetch_oc_recursive(ldb, schemadn, mem_ctx, res, res_list);
- }
- if (ret != LDB_SUCCESS) {
- return ret;
- }
- }
- return ret;
-}
-
-static int fetch_objectclass_schema(struct ldb_context *ldb, struct ldb_dn *schemadn,
- TALLOC_CTX *mem_ctx,
- struct ldb_result **objectclasses_res,
- char **error_string)
-{
- TALLOC_CTX *local_ctx = talloc_new(mem_ctx);
- struct ldb_result *top_res, *ret_res;
- int ret;
- if (!local_ctx) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- /* Download 'top' */
- ret = ldb_search(ldb, schemadn, LDB_SCOPE_SUBTREE,
- "(&(objectClass=classSchema)(lDAPDisplayName=top))",
- NULL, &top_res);
- if (ret != LDB_SUCCESS) {
- *error_string = talloc_asprintf(mem_ctx,
- "dsdb_schema: failed to search for top classSchema object: %s",
- ldb_errstring(ldb));
- return ret;
- }
-
- talloc_steal(local_ctx, top_res);
-
- if (top_res->count != 1) {
- *error_string = talloc_asprintf(mem_ctx,
- "dsdb_schema: failed to find top classSchema object");
- return LDB_ERR_NO_SUCH_OBJECT;
- }
-
- ret_res = talloc_zero(local_ctx, struct ldb_result);
- if (!ret_res) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- ret = fetch_oc_recursive(ldb, schemadn, local_ctx, top_res, ret_res);
-
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- *objectclasses_res = talloc_move(mem_ctx, &ret_res);
- return ret;
-}
+/*
+ Given an LDB, and the DN, return a populated schema
+*/
int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
struct smb_iconv_convenience *iconv_convenience,
/*
* setup the prefix mappings and schema info
*/
- ret = ldb_search(ldb, schema_dn,
- LDB_SCOPE_BASE,
- NULL, schema_attrs,
- &schema_res);
+ ret = ldb_search(ldb, tmp_ctx, &schema_res,
+ schema_dn, LDB_SCOPE_BASE, schema_attrs, NULL);
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
talloc_free(tmp_ctx);
return ret;
talloc_free(tmp_ctx);
return ret;
}
- talloc_steal(tmp_ctx, schema_res);
if (schema_res->count != 1) {
*error_string_out = talloc_asprintf(mem_ctx,
"dsdb_schema: [%u] schema heads found on a base search",
/*
* load the attribute definitions
*/
- ret = ldb_search(ldb, schema_dn,
- LDB_SCOPE_ONELEVEL,
- "(objectClass=attributeSchema)", NULL,
- &a_res);
+ ret = ldb_search(ldb, tmp_ctx, &a_res,
+ schema_dn, LDB_SCOPE_ONELEVEL, NULL,
+ "(objectClass=attributeSchema)");
if (ret != LDB_SUCCESS) {
*error_string_out = talloc_asprintf(mem_ctx,
"dsdb_schema: failed to search attributeSchema objects: %s",
talloc_free(tmp_ctx);
return ret;
}
- talloc_steal(tmp_ctx, a_res);
/*
* load the objectClass definitions
*/
- ret = fetch_objectclass_schema(ldb, schema_dn, tmp_ctx, &c_res, &error_string);
+ ret = ldb_search(ldb, tmp_ctx, &c_res,
+ schema_dn, LDB_SCOPE_ONELEVEL, NULL,
+ "(objectClass=classSchema)");
if (ret != LDB_SUCCESS) {
*error_string_out = talloc_asprintf(mem_ctx,
- "Failed to fetch objectClass schema elements: %s", error_string);
+ "dsdb_schema: failed to search attributeSchema objects: %s",
+ ldb_errstring(ldb));
talloc_free(tmp_ctx);
return ret;
}
return WERR_INVALID_PARAM; \
} \
if (_a && _a->value_ctr.num_values >= 1) { \
- ssize_t _ret; \
- _ret = convert_string_talloc(mem_ctx, s->iconv_convenience, CH_UTF16, CH_UNIX, \
+ size_t _ret; \
+ if (!convert_string_talloc_convenience(mem_ctx, s->iconv_convenience, CH_UTF16, CH_UNIX, \
_a->value_ctr.values[0].blob->data, \
_a->value_ctr.values[0].blob->length, \
- (void **)discard_const(&(p)->elem)); \
- if (_ret == -1) { \
+ (void **)discard_const(&(p)->elem), &_ret, false)) { \
DEBUG(0,("%s: invalid data!\n", attr)); \
dump_data(0, \
_a->value_ctr.values[0].blob->data, \
} \
} while (0)
+#define GET_UINT32_LIST_DS(s, r, attr, mem_ctx, p, elem) do { \
+ int list_counter; \
+ struct drsuapi_DsReplicaAttribute *_a; \
+ _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
+ (p)->elem = _a ? talloc_array(mem_ctx, uint32_t, _a->value_ctr.num_values + 1) : NULL; \
+ for (list_counter=0; \
+ _a && list_counter < _a->value_ctr.num_values; \
+ list_counter++) { \
+ if (_a->value_ctr.values[list_counter].blob->length != 4) { \
+ return WERR_INVALID_PARAM; \
+ } \
+ (p)->elem[list_counter] = IVAL(_a->value_ctr.values[list_counter].blob->data, 0); \
+ } \
+ if (_a) (p)->elem[list_counter] = 0; \
+} while (0)
+
#define GET_DN_DS(s, r, attr, mem_ctx, p, elem, strict) do { \
struct drsuapi_DsReplicaAttribute *_a; \
_a = dsdb_find_object_attr_name(s, r, attr, NULL); \
} \
} while (0)
+#define GET_UINT32_PTR_DS(s, r, attr, p, elem) do { \
+ struct drsuapi_DsReplicaAttribute *_a; \
+ _a = dsdb_find_object_attr_name(s, r, attr, NULL); \
+ if (_a && _a->value_ctr.num_values >= 1 \
+ && _a->value_ctr.values[0].blob \
+ && _a->value_ctr.values[0].blob->length == 4) { \
+ (p)->elem = talloc(mem_ctx, uint32_t); \
+ if (!(p)->elem) { \
+ d_printf("%s: talloc failed for %s\n", __location__, attr); \
+ return WERR_NOMEM; \
+ } \
+ *(p)->elem = IVAL(_a->value_ctr.values[0].blob->data,0);\
+ } else { \
+ (p)->elem = NULL; \
+ } \
+} while (0)
+
#define GET_GUID_DS(s, r, attr, mem_ctx, p, elem) do { \
struct drsuapi_DsReplicaAttribute *_a; \
_a = dsdb_find_object_attr_name(s, r, attr, NULL); \
}\
} while (0)
-WERROR dsdb_attribute_from_drsuapi(struct dsdb_schema *schema,
+WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb,
+ struct dsdb_schema *schema,
struct drsuapi_DsReplicaObject *r,
TALLOC_CTX *mem_ctx,
struct dsdb_attribute *attr)
GET_BLOB_DS(schema, r, "oMObjectClass", mem_ctx, attr, oMObjectClass);
GET_BOOL_DS(schema, r, "isSingleValued", attr, isSingleValued, true);
- GET_UINT32_DS(schema, r, "rangeLower", attr, rangeLower);
- GET_UINT32_DS(schema, r, "rangeUpper", attr, rangeUpper);
+ GET_UINT32_PTR_DS(schema, r, "rangeLower", attr, rangeLower);
+ GET_UINT32_PTR_DS(schema, r, "rangeUpper", attr, rangeUpper);
GET_BOOL_DS(schema, r, "extendedCharsAllowed", attr, extendedCharsAllowed, false);
GET_UINT32_DS(schema, r, "schemaFlagsEx", attr, schemaFlagsEx);
return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
}
+ if (dsdb_schema_setup_ldb_schema_attribute(ldb, attr) != LDB_SUCCESS) {
+ return WERR_DS_ATT_SCHEMA_REQ_SYNTAX;
+ }
+
return WERR_OK;
}
GET_STRING_DS(schema, r, "rDNAttID", mem_ctx, obj, rDNAttID, false);
GET_DN_DS(schema, r, "defaultObjectCategory", mem_ctx, obj, defaultObjectCategory, true);
- GET_STRING_DS(schema, r, "subClassOf", mem_ctx, obj, subClassOf, true);
+ GET_UINT32_DS(schema, r, "subClassOf", obj, subClassOf_id);
- obj->systemAuxiliaryClass = NULL;
- obj->systemPossSuperiors = NULL;
- obj->systemMustContain = NULL;
- obj->systemMayContain = NULL;
+ GET_UINT32_LIST_DS(schema, r, "systemAuxiliaryClass", mem_ctx, obj, systemAuxiliaryClass_ids);
+ GET_UINT32_LIST_DS(schema, r, "auxiliaryClass", mem_ctx, obj, auxiliaryClass_ids);
- obj->auxiliaryClass = NULL;
- obj->possSuperiors = NULL;
- obj->mustContain = NULL;
- obj->mayContain = NULL;
+ GET_UINT32_LIST_DS(schema, r, "systemMustContain", mem_ctx, obj, systemMustContain_ids);
+ GET_UINT32_LIST_DS(schema, r, "systemMayContain", mem_ctx, obj, systemMayContain_ids);
+ GET_UINT32_LIST_DS(schema, r, "mustContain", mem_ctx, obj, mustContain_ids);
+ GET_UINT32_LIST_DS(schema, r, "mayContain", mem_ctx, obj, mayContain_ids);
- obj->possibleInferiors = NULL;
+ GET_UINT32_LIST_DS(schema, r, "systemPossSuperiors", mem_ctx, obj, systemPossSuperiors_ids);
+ GET_UINT32_LIST_DS(schema, r, "possSuperiors", mem_ctx, obj, possSuperiors_ids);
GET_STRING_DS(schema, r, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false);
return WERR_OK;
}
-const struct dsdb_attribute *dsdb_attribute_by_attributeID_id(const struct dsdb_schema *schema,
- uint32_t id)
-{
- struct dsdb_attribute *cur;
-
- /*
- * 0xFFFFFFFF is used as value when no mapping table is available,
- * so don't try to match with it
- */
- if (id == 0xFFFFFFFF) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (cur->attributeID_id != id) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_attributeID_oid(const struct dsdb_schema *schema,
- const char *oid)
-{
- struct dsdb_attribute *cur;
-
- if (!oid) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (strcmp(cur->attributeID_oid, oid) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_lDAPDisplayName(const struct dsdb_schema *schema,
- const char *name)
-{
- struct dsdb_attribute *cur;
-
- if (!name) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_linkID(const struct dsdb_schema *schema,
- int linkID)
-{
- struct dsdb_attribute *cur;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (cur->linkID != linkID) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_governsID_id(const struct dsdb_schema *schema,
- uint32_t id)
-{
- struct dsdb_class *cur;
-
- /*
- * 0xFFFFFFFF is used as value when no mapping table is available,
- * so don't try to match with it
- */
- if (id == 0xFFFFFFFF) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (cur->governsID_id != id) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_governsID_oid(const struct dsdb_schema *schema,
- const char *oid)
-{
- struct dsdb_class *cur;
-
- if (!oid) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (strcmp(cur->governsID_oid, oid) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_lDAPDisplayName(const struct dsdb_schema *schema,
- const char *name)
-{
- struct dsdb_class *cur;
-
- if (!name) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_cn(const struct dsdb_schema *schema,
- const char *cn)
-{
- struct dsdb_class *cur;
-
- if (!cn) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (strcasecmp(cur->cn, cn) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const char *dsdb_lDAPDisplayName_by_id(const struct dsdb_schema *schema,
- uint32_t id)
-{
- const struct dsdb_attribute *a;
- const struct dsdb_class *c;
-
- /* TODO: add binary search */
- a = dsdb_attribute_by_attributeID_id(schema, id);
- if (a) {
- return a->lDAPDisplayName;
- }
-
- c = dsdb_class_by_governsID_id(schema, id);
- if (c) {
- return c->lDAPDisplayName;
- }
-
- return NULL;
-}
-
-/**
- Return a list of linked attributes, in lDAPDisplayName format.
-
- This may be used to determine if a modification would require
- backlinks to be updated, for example
-*/
-
-WERROR dsdb_linked_attribute_lDAPDisplayName_list(const struct dsdb_schema *schema, TALLOC_CTX *mem_ctx, const char ***attr_list_ret)
-{
- const char **attr_list = NULL;
- struct dsdb_attribute *cur;
- int i = 0;
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (cur->linkID == 0) continue;
-
- attr_list = talloc_realloc(mem_ctx, attr_list, const char *, i+2);
- if (!attr_list) {
- return WERR_NOMEM;
- }
- attr_list[i] = cur->lDAPDisplayName;
- i++;
- }
- attr_list[i] = NULL;
- *attr_list_ret = attr_list;
- return WERR_OK;
-}
-
-char **merge_attr_list(TALLOC_CTX *mem_ctx,
- char **attrs, const char **new_attrs)
-{
- char **ret_attrs;
- int i;
- size_t new_len, orig_len = str_list_length((const char **)attrs);
- if (!new_attrs) {
- return attrs;
- }
-
- ret_attrs = talloc_realloc(mem_ctx,
- attrs, char *, orig_len + str_list_length(new_attrs) + 1);
- if (ret_attrs) {
- for (i=0; i < str_list_length(new_attrs); i++) {
- ret_attrs[orig_len + i] = new_attrs[i];
- }
- new_len = orig_len + str_list_length(new_attrs);
-
- ret_attrs[new_len] = NULL;
- }
-
- return ret_attrs;
-}
-
-/*
- Return a merged list of the attributes of exactly one class (not
- considering subclasses, auxillary classes etc)
-*/
-
-char **dsdb_attribute_list(TALLOC_CTX *mem_ctx, const struct dsdb_class *class, enum dsdb_attr_list_query query)
-{
- char **attr_list = NULL;
- switch (query) {
- case DSDB_SCHEMA_ALL_MAY:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mayContain);
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMayContain);
- break;
-
- case DSDB_SCHEMA_ALL_MUST:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mustContain);
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMustContain);
- break;
-
- case DSDB_SCHEMA_SYS_MAY:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMayContain);
- break;
-
- case DSDB_SCHEMA_SYS_MUST:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMustContain);
- break;
-
- case DSDB_SCHEMA_MAY:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mayContain);
- break;
-
- case DSDB_SCHEMA_MUST:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mustContain);
- break;
-
- case DSDB_SCHEMA_ALL:
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mayContain);
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMayContain);
- attr_list = merge_attr_list(mem_ctx, attr_list, class->mustContain);
- attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMustContain);
- break;
- }
- return attr_list;
-}
-
-static char **dsdb_full_attribute_list_internal(TALLOC_CTX *mem_ctx,
- const struct dsdb_schema *schema,
- const char **class_list,
- enum dsdb_attr_list_query query)
-{
- int i;
- const struct dsdb_class *class;
-
- char **attr_list = NULL;
- char **this_class_list;
- char **recursive_list;
-
- for (i=0; class_list && class_list[i]; i++) {
- class = dsdb_class_by_lDAPDisplayName(schema, class_list[i]);
-
- this_class_list = dsdb_attribute_list(mem_ctx, class, query);
- attr_list = merge_attr_list(mem_ctx, attr_list, (const char **)this_class_list);
-
- recursive_list = dsdb_full_attribute_list_internal(mem_ctx, schema,
- class->systemAuxiliaryClass,
- query);
-
- attr_list = merge_attr_list(mem_ctx, attr_list, (const char **)recursive_list);
-
- recursive_list = dsdb_full_attribute_list_internal(mem_ctx, schema,
- class->auxiliaryClass,
- query);
-
- attr_list = merge_attr_list(mem_ctx, attr_list, (const char **)recursive_list);
-
- }
- return attr_list;
-}
-
-char **dsdb_full_attribute_list(TALLOC_CTX *mem_ctx,
- const struct dsdb_schema *schema,
- const char **class_list,
- enum dsdb_attr_list_query query)
-{
- char **attr_list = dsdb_full_attribute_list_internal(mem_ctx, schema, class_list, query);
- size_t new_len = str_list_length((const char **)attr_list);
-
- /* Remove duplicates */
- if (new_len > 1) {
- int i;
- qsort(attr_list, new_len,
- sizeof(*attr_list),
- (comparison_fn_t)strcasecmp);
-
- for (i=1 ; i < new_len; i++) {
- char **val1 = &attr_list[i-1];
- char **val2 = &attr_list[i];
- if (ldb_attr_cmp(*val1, *val2) == 0) {
- memmove(val1, val2, (new_len - i) * sizeof( *attr_list));
- new_len--;
- i--;
- }
- }
- }
- return attr_list;
-}
-/**
- * Attach the schema to an opaque pointer on the ldb, so ldb modules
- * can find it
- */
-
-int dsdb_set_schema(struct ldb_context *ldb, struct dsdb_schema *schema)
-{
- int ret;
-
- ret = ldb_set_opaque(ldb, "dsdb_schema", schema);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- talloc_steal(ldb, schema);
-
- return LDB_SUCCESS;
-}
-
-/**
- * Global variable to hold one copy of the schema, used to avoid memory bloat
- */
-static struct dsdb_schema *global_schema;
-
-/**
- * Make this ldb use the 'global' schema, setup to avoid having multiple copies in this process
- */
-int dsdb_set_global_schema(struct ldb_context *ldb)
-{
- int ret;
- if (!global_schema) {
- return LDB_SUCCESS;
- }
- ret = ldb_set_opaque(ldb, "dsdb_schema", global_schema);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- /* Keep a reference to this schema, just incase the global copy is replaced */
- if (talloc_reference(ldb, global_schema) == NULL) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- return LDB_SUCCESS;
-}
-
-/**
- * Find the schema object for this ldb
- */
-
-struct dsdb_schema *dsdb_get_schema(struct ldb_context *ldb)
-{
- const void *p;
- struct dsdb_schema *schema;
-
- /* see if we have a cached copy */
- p = ldb_get_opaque(ldb, "dsdb_schema");
- if (!p) {
- return NULL;
- }
-
- schema = talloc_get_type(p, struct dsdb_schema);
- if (!schema) {
- return NULL;
- }
-
- return schema;
-}
-
-/**
- * Make the schema found on this ldb the 'global' schema
- */
-
-void dsdb_make_schema_global(struct ldb_context *ldb)
-{
- struct dsdb_schema *schema = dsdb_get_schema(ldb);
- if (!schema) {
- return;
- }
-
- if (global_schema) {
- talloc_unlink(talloc_autofree_context(), schema);
- }
-
- talloc_steal(talloc_autofree_context(), schema);
- global_schema = schema;
-
- dsdb_set_global_schema(ldb);
-}
-
-
-/**
- * Rather than read a schema from the LDB itself, read it from an ldif
- * file. This allows schema to be loaded and used while adding the
- * schema itself to the directory.
- */
-
-WERROR dsdb_attach_schema_from_ldif_file(struct ldb_context *ldb, const char *pf, const char *df)
-{
- struct ldb_ldif *ldif;
- struct ldb_message *msg;
- TALLOC_CTX *mem_ctx;
- WERROR status;
- int ret;
- struct dsdb_schema *schema;
- const struct ldb_val *prefix_val;
- const struct ldb_val *info_val;
- struct ldb_val info_val_default;
-
- mem_ctx = talloc_new(ldb);
- if (!mem_ctx) {
- goto nomem;
- }
-
- schema = dsdb_new_schema(mem_ctx, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")));
-
- schema->fsmo.we_are_master = true;
- schema->fsmo.master_dn = ldb_dn_new_fmt(schema, ldb, "@PROVISION_SCHEMA_MASTER");
- if (!schema->fsmo.master_dn) {
- goto nomem;
- }
-
- /*
- * load the prefixMap attribute from pf
- */
- ldif = ldb_ldif_read_string(ldb, &pf);
- if (!ldif) {
- status = WERR_INVALID_PARAM;
- goto failed;
- }
- talloc_steal(mem_ctx, ldif);
-
- msg = ldb_msg_canonicalize(ldb, ldif->msg);
- if (!msg) {
- goto nomem;
- }
- talloc_steal(mem_ctx, msg);
- talloc_free(ldif);
-
- prefix_val = ldb_msg_find_ldb_val(msg, "prefixMap");
- if (!prefix_val) {
- status = WERR_INVALID_PARAM;
- goto failed;
- }
-
- info_val = ldb_msg_find_ldb_val(msg, "schemaInfo");
- if (!info_val) {
- info_val_default = strhex_to_data_blob("FF0000000000000000000000000000000000000000");
- if (!info_val_default.data) {
- goto nomem;
- }
- talloc_steal(mem_ctx, info_val_default.data);
- info_val = &info_val_default;
- }
-
- status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
- if (!W_ERROR_IS_OK(status)) {
- goto failed;
- }
-
- /*
- * load the attribute and class definitions outof df
- */
- while ((ldif = ldb_ldif_read_string(ldb, &df))) {
- bool is_sa;
- bool is_sc;
-
- talloc_steal(mem_ctx, ldif);
-
- msg = ldb_msg_canonicalize(ldb, ldif->msg);
- if (!msg) {
- goto nomem;
- }
-
- talloc_steal(mem_ctx, msg);
- talloc_free(ldif);
-
- is_sa = ldb_msg_check_string_attribute(msg, "objectClass", "attributeSchema");
- is_sc = ldb_msg_check_string_attribute(msg, "objectClass", "classSchema");
-
- if (is_sa) {
- struct dsdb_attribute *sa;
-
- sa = talloc_zero(schema, struct dsdb_attribute);
- if (!sa) {
- goto nomem;
- }
-
- status = dsdb_attribute_from_ldb(schema, msg, sa, sa);
- if (!W_ERROR_IS_OK(status)) {
- goto failed;
- }
-
- DLIST_ADD_END(schema->attributes, sa, struct dsdb_attribute *);
- } else if (is_sc) {
- struct dsdb_class *sc;
-
- sc = talloc_zero(schema, struct dsdb_class);
- if (!sc) {
- goto nomem;
- }
-
- status = dsdb_class_from_ldb(schema, msg, sc, sc);
- if (!W_ERROR_IS_OK(status)) {
- goto failed;
- }
-
- DLIST_ADD_END(schema->classes, sc, struct dsdb_class *);
- }
- }
-
- ret = dsdb_set_schema(ldb, schema);
- if (ret != LDB_SUCCESS) {
- status = WERR_FOOBAR;
- goto failed;
- }
-
- goto done;
-
-nomem:
- status = WERR_NOMEM;
-failed:
-done:
- talloc_free(mem_ctx);
- return status;
-}
git.samba.org / ira / wip.git / blobdiff