4 Copyright (C) Simo Sorce 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb dn creation and manipulation utility functions
29 * Description: - explode a dn into it's own basic elements
30 * and put them in a structure (only if necessary)
31 * - manipulate ldb_dn structures
36 #include "ldb_private.h"
39 #define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
41 #define LDB_FREE(x) do { talloc_free(x); x = NULL; } while(0)
44 internal ldb exploded dn structures
46 struct ldb_dn_component {
52 struct ldb_val cf_value;
55 struct ldb_dn_ext_component {
63 struct ldb_context *ldb;
65 /* Special DNs are always linearized */
75 unsigned int comp_num;
76 struct ldb_dn_component *components;
78 unsigned int ext_comp_num;
79 struct ldb_dn_ext_component *ext_components;
82 /* it is helpful to be able to break on this in gdb */
83 static void ldb_dn_mark_invalid(struct ldb_dn *dn)
88 /* strdn may be NULL */
89 struct ldb_dn *ldb_dn_from_ldb_val(TALLOC_CTX *mem_ctx,
90 struct ldb_context *ldb,
91 const struct ldb_val *strdn)
95 if (! ldb) return NULL;
97 if (strdn && strdn->data
98 && (strnlen((const char*)strdn->data, strdn->length) != strdn->length)) {
99 /* The RDN must not contain a character with value 0x0 */
103 dn = talloc_zero(mem_ctx, struct ldb_dn);
104 LDB_DN_NULL_FAILED(dn);
106 dn->ldb = talloc_get_type(ldb, struct ldb_context);
107 if (dn->ldb == NULL) {
108 /* the caller probably got the arguments to
109 ldb_dn_new() mixed up */
114 if (strdn->data && strdn->length) {
115 const char *data = (const char *)strdn->data;
116 size_t length = strdn->length;
118 if (data[0] == '@') {
121 dn->ext_linearized = talloc_strndup(dn, data, length);
122 LDB_DN_NULL_FAILED(dn->ext_linearized);
124 if (data[0] == '<') {
125 const char *p_save, *p = dn->ext_linearized;
134 if (p_save == dn->ext_linearized) {
135 dn->linearized = talloc_strdup(dn, "");
137 dn->linearized = talloc_strdup(dn, p_save);
139 LDB_DN_NULL_FAILED(dn->linearized);
141 dn->linearized = dn->ext_linearized;
142 dn->ext_linearized = NULL;
145 dn->linearized = talloc_strdup(dn, "");
146 LDB_DN_NULL_FAILED(dn->linearized);
156 /* strdn may be NULL */
157 struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx,
158 struct ldb_context *ldb,
162 blob.data = discard_const_p(uint8_t, strdn);
163 blob.length = strdn ? strlen(strdn) : 0;
164 return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
167 struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx,
168 struct ldb_context *ldb,
169 const char *new_fmt, ...)
174 if ( (! mem_ctx) || (! ldb)) return NULL;
176 va_start(ap, new_fmt);
177 strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
181 struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, strdn);
189 /* see RFC2253 section 2.4 */
190 static int ldb_dn_escape_internal(char *dst, const char *src, int len)
199 while (p - src < len) {
200 p += strcspn(p, ",=\n\r+<>#;\\\" ");
202 if (p - src == len) /* found no escapable chars */
205 /* copy the part of the string before the stop */
207 d += (p - s); /* move to current position */
211 if (p == src || (p-src)==(len-1)) {
212 /* if at the beginning or end
213 * of the string then escape */
217 /* otherwise don't escape */
223 /* despite the RFC, windows escapes a #
224 anywhere in the string */
232 /* these must be escaped using \c form */
238 /* any others get \XX form */
240 const char *hexbytes = "0123456789ABCDEF";
241 v = *(const unsigned char *)p;
243 *d++ = hexbytes[v>>4];
244 *d++ = hexbytes[v&0xF];
249 s = p; /* move forward */
252 /* copy the last part (with zero) and return */
256 /* return the length of the resulting string */
257 return (l + (d - dst));
260 char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value)
267 /* allocate destination string, it will be at most 3 times the source */
268 dst = talloc_array(mem_ctx, char, value.length * 3 + 1);
274 ldb_dn_escape_internal(dst, (const char *)value.data, value.length);
276 dst = talloc_realloc(mem_ctx, dst, char, strlen(dst) + 1);
282 explode a DN string into a ldb_dn structure
283 based on RFC4514 except that we don't support multiple valued RDNs
285 TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
286 DN must be compliant with RFC2253
288 static bool ldb_dn_explode(struct ldb_dn *dn)
290 char *p, *ex_name, *ex_value, *data, *d, *dt, *t;
292 bool in_extended = false;
293 bool in_ex_name = false;
294 bool in_ex_value = false;
295 bool in_attr = false;
296 bool in_value = false;
297 bool in_quote = false;
306 if ( ! dn || dn->invalid) return false;
308 if (dn->components) {
312 if (dn->ext_linearized) {
313 parse_dn = dn->ext_linearized;
315 parse_dn = dn->linearized;
322 is_index = (strncmp(parse_dn, "DN=@INDEX:", 10) == 0);
325 if (parse_dn[0] == '\0') {
329 /* Special DNs case */
334 /* make sure we free this if allocated previously before replacing */
335 LDB_FREE(dn->components);
338 LDB_FREE(dn->ext_components);
339 dn->ext_comp_num = 0;
341 /* in the common case we have 3 or more components */
342 /* make sure all components are zeroed, other functions depend on it */
343 dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
344 if ( ! dn->components) {
348 /* Components data space is allocated here once */
349 data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
365 if (!in_ex_name && !in_ex_value) {
372 } else if (p[0] == '\0') {
384 if (in_ex_name && *p == '=') {
393 if (in_ex_value && *p == '>') {
394 const struct ldb_dn_extended_syntax *ext_syntax;
395 struct ldb_val ex_val = {
396 .data = (uint8_t *)ex_value,
397 .length = d - ex_value
404 /* Process name and ex_value */
406 dn->ext_components = talloc_realloc(dn,
408 struct ldb_dn_ext_component,
409 dn->ext_comp_num + 1);
410 if ( ! dn->ext_components) {
415 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, ex_name);
417 /* We don't know about this type of extended DN */
421 dn->ext_components[dn->ext_comp_num].name = talloc_strdup(dn->ext_components, ex_name);
422 if (!dn->ext_components[dn->ext_comp_num].name) {
426 ret = ext_syntax->read_fn(dn->ldb, dn->ext_components,
427 &ex_val, &dn->ext_components[dn->ext_comp_num].value);
428 if (ret != LDB_SUCCESS) {
429 ldb_dn_mark_invalid(dn);
436 /* We have reached the end (extended component only)! */
440 } else if (*p == ';') {
444 ldb_dn_mark_invalid(dn);
463 /* attr names must be ascii only */
464 ldb_dn_mark_invalid(dn);
471 if ( ! isalpha(*p)) {
472 /* not a digit nor an alpha,
473 * invalid attribute name */
474 ldb_dn_mark_invalid(dn);
478 /* Copy this character across from parse_dn,
479 * now we have trimmed out spaces */
486 /* valid only if we are at the end */
491 if (trim && (*p != '=')) {
492 /* spaces/tabs are not allowed */
493 ldb_dn_mark_invalid(dn);
498 /* attribute terminated */
504 /* Terminate this string in d
505 * (which is a copy of parse_dn
506 * with spaces trimmed) */
508 dn->components[dn->comp_num].name = talloc_strdup(dn->components, dt);
509 if ( ! dn->components[dn->comp_num].name) {
521 /* attr names must be ascii only */
522 ldb_dn_mark_invalid(dn);
526 if (is_oid && ( ! (isdigit(*p) || (*p == '.')))) {
527 /* not a digit nor a dot,
528 * invalid attribute oid */
529 ldb_dn_mark_invalid(dn);
532 if ( ! (isalpha(*p) || isdigit(*p) || (*p == '-'))) {
533 /* not ALPHA, DIGIT or HYPHEN */
534 ldb_dn_mark_invalid(dn);
574 /* TODO: support ber encoded values
585 /* ok found value terminator */
599 dn->components[dn->comp_num].value.data = (uint8_t *)talloc_strdup(dn->components, dt);
600 dn->components[dn->comp_num].value.length = l;
601 if ( ! dn->components[dn->comp_num].value.data) {
609 if (dn->comp_num > 2) {
610 dn->components = talloc_realloc(dn,
612 struct ldb_dn_component,
614 if ( ! dn->components) {
618 /* make sure all components are zeroed, other functions depend on this */
619 memset(&dn->components[dn->comp_num], '\0', sizeof(struct ldb_dn_component));
626 /* to main compatibility with earlier
627 versions of ldb indexing, we have to
628 accept the base64 encoded binary index
629 values, which contain a '+' or '='
630 which should normally be escaped */
642 /* a string with not escaped specials is invalid (tested) */
644 ldb_dn_mark_invalid(dn);
671 if (isxdigit(p[0]) && isxdigit(p[1])) {
672 if (sscanf(p, "%02x", &x) != 1) {
673 /* invalid escaping sequence */
674 ldb_dn_mark_invalid(dn);
678 *d++ = (unsigned char)x;
704 if (in_attr || in_quote) {
706 ldb_dn_mark_invalid(dn);
710 /* save last element */
718 dn->components[dn->comp_num].value.length = l;
719 dn->components[dn->comp_num].value.data =
720 (uint8_t *)talloc_strdup(dn->components, dt);
721 if ( ! dn->components[dn->comp_num].value.data) {
732 LDB_FREE(dn->components);
734 LDB_FREE(dn->ext_components);
735 dn->ext_comp_num = 0;
740 bool ldb_dn_validate(struct ldb_dn *dn)
742 return ldb_dn_explode(dn);
745 const char *ldb_dn_get_linearized(struct ldb_dn *dn)
751 if ( ! dn || ( dn->invalid)) return NULL;
753 if (dn->linearized) return dn->linearized;
755 if ( ! dn->components) {
756 ldb_dn_mark_invalid(dn);
760 if (dn->comp_num == 0) {
761 dn->linearized = talloc_strdup(dn, "");
762 if ( ! dn->linearized) return NULL;
763 return dn->linearized;
766 /* calculate maximum possible length of DN */
767 for (len = 0, i = 0; i < dn->comp_num; i++) {
769 len += strlen(dn->components[i].name);
770 /* max escaped data len */
771 len += (dn->components[i].value.length * 3);
772 len += 2; /* '=' and ',' */
774 dn->linearized = talloc_array(dn, char, len);
775 if ( ! dn->linearized) return NULL;
779 for (i = 0; i < dn->comp_num; i++) {
782 n = dn->components[i].name;
783 while (*n) *d++ = *n++;
788 d += ldb_dn_escape_internal( d,
789 (char *)dn->components[i].value.data,
790 dn->components[i].value.length);
796 /* don't waste more memory than necessary */
797 dn->linearized = talloc_realloc(dn, dn->linearized,
798 char, (d - dn->linearized + 1));
800 return dn->linearized;
803 static int ldb_dn_extended_component_compare(const void *p1, const void *p2)
805 const struct ldb_dn_ext_component *ec1 = (const struct ldb_dn_ext_component *)p1;
806 const struct ldb_dn_ext_component *ec2 = (const struct ldb_dn_ext_component *)p2;
807 return strcmp(ec1->name, ec2->name);
810 char *ldb_dn_get_extended_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int mode)
812 const char *linearized = ldb_dn_get_linearized(dn);
820 if (!ldb_dn_has_extended(dn)) {
821 return talloc_strdup(mem_ctx, linearized);
824 if (!ldb_dn_validate(dn)) {
828 /* sort the extended components by name. The idea is to make
829 * the resulting DNs consistent, plus to ensure that we put
830 * 'DELETED' first, so it can be very quickly recognised
832 TYPESAFE_QSORT(dn->ext_components, dn->ext_comp_num,
833 ldb_dn_extended_component_compare);
835 for (i = 0; i < dn->ext_comp_num; i++) {
836 const struct ldb_dn_extended_syntax *ext_syntax;
837 const char *name = dn->ext_components[i].name;
838 struct ldb_val ec_val = dn->ext_components[i].value;
842 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, name);
848 ret = ext_syntax->write_clear_fn(dn->ldb, mem_ctx,
850 } else if (mode == 0) {
851 ret = ext_syntax->write_hex_fn(dn->ldb, mem_ctx,
857 if (ret != LDB_SUCCESS) {
862 p = talloc_asprintf(mem_ctx, "<%s=%s>",
865 p = talloc_asprintf_append_buffer(p, ";<%s=%s>",
869 talloc_free(val.data);
876 if (dn->ext_comp_num && *linearized) {
877 p = talloc_asprintf_append_buffer(p, ";%s", linearized);
888 filter out all but an acceptable list of extended DN components
890 void ldb_dn_extended_filter(struct ldb_dn *dn, const char * const *accept)
893 for (i=0; i<dn->ext_comp_num; i++) {
894 if (!ldb_attr_in_list(accept, dn->ext_components[i].name)) {
895 memmove(&dn->ext_components[i],
896 &dn->ext_components[i+1],
897 (dn->ext_comp_num-(i+1))*sizeof(dn->ext_components[0]));
902 LDB_FREE(dn->ext_linearized);
906 char *ldb_dn_alloc_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
908 return talloc_strdup(mem_ctx, ldb_dn_get_linearized(dn));
912 casefold a dn. We need to casefold the attribute names, and canonicalize
913 attribute values of case insensitive attributes.
916 static bool ldb_dn_casefold_internal(struct ldb_dn *dn)
921 if ( ! dn || dn->invalid) return false;
923 if (dn->valid_case) return true;
925 if (( ! dn->components) && ( ! ldb_dn_explode(dn))) {
929 for (i = 0; i < dn->comp_num; i++) {
930 const struct ldb_schema_attribute *a;
932 dn->components[i].cf_name =
933 ldb_attr_casefold(dn->components,
934 dn->components[i].name);
935 if (!dn->components[i].cf_name) {
939 a = ldb_schema_attribute_by_name(dn->ldb,
940 dn->components[i].cf_name);
942 ret = a->syntax->canonicalise_fn(dn->ldb, dn->components,
943 &(dn->components[i].value),
944 &(dn->components[i].cf_value));
950 dn->valid_case = true;
955 for (i = 0; i < dn->comp_num; i++) {
956 LDB_FREE(dn->components[i].cf_name);
957 LDB_FREE(dn->components[i].cf_value.data);
962 const char *ldb_dn_get_casefold(struct ldb_dn *dn)
968 if (dn->casefold) return dn->casefold;
971 dn->casefold = talloc_strdup(dn, dn->linearized);
972 if (!dn->casefold) return NULL;
973 dn->valid_case = true;
977 if ( ! ldb_dn_casefold_internal(dn)) {
981 if (dn->comp_num == 0) {
982 dn->casefold = talloc_strdup(dn, "");
986 /* calculate maximum possible length of DN */
987 for (len = 0, i = 0; i < dn->comp_num; i++) {
989 len += strlen(dn->components[i].cf_name);
990 /* max escaped data len */
991 len += (dn->components[i].cf_value.length * 3);
992 len += 2; /* '=' and ',' */
994 dn->casefold = talloc_array(dn, char, len);
995 if ( ! dn->casefold) return NULL;
999 for (i = 0; i < dn->comp_num; i++) {
1002 n = dn->components[i].cf_name;
1003 while (*n) *d++ = *n++;
1008 d += ldb_dn_escape_internal( d,
1009 (char *)dn->components[i].cf_value.data,
1010 dn->components[i].cf_value.length);
1015 /* don't waste more memory than necessary */
1016 dn->casefold = talloc_realloc(dn, dn->casefold,
1017 char, strlen(dn->casefold) + 1);
1019 return dn->casefold;
1022 char *ldb_dn_alloc_casefold(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1024 return talloc_strdup(mem_ctx, ldb_dn_get_casefold(dn));
1027 /* Determine if dn is below base, in the ldap tree. Used for
1028 * evaluating a subtree search.
1029 * 0 if they match, otherwise non-zero
1032 int ldb_dn_compare_base(struct ldb_dn *base, struct ldb_dn *dn)
1035 unsigned int n_base, n_dn;
1037 if ( ! base || base->invalid) return 1;
1038 if ( ! dn || dn->invalid) return -1;
1040 if (( ! base->valid_case) || ( ! dn->valid_case)) {
1041 if (base->linearized && dn->linearized) {
1042 /* try with a normal compare first, if we are lucky
1043 * we will avoid exploding and casfolding */
1045 dif = strlen(dn->linearized) - strlen(base->linearized);
1049 if (strcmp(base->linearized,
1050 &dn->linearized[dif]) == 0) {
1055 if ( ! ldb_dn_casefold_internal(base)) {
1059 if ( ! ldb_dn_casefold_internal(dn)) {
1065 /* if base has more components,
1066 * they don't have the same base */
1067 if (base->comp_num > dn->comp_num) {
1068 return (dn->comp_num - base->comp_num);
1071 if ((dn->comp_num == 0) || (base->comp_num == 0)) {
1072 if (dn->special && base->special) {
1073 return strcmp(base->linearized, dn->linearized);
1074 } else if (dn->special) {
1076 } else if (base->special) {
1083 n_base = base->comp_num - 1;
1084 n_dn = dn->comp_num - 1;
1086 while (n_base != (unsigned int) -1) {
1087 char *b_name = base->components[n_base].cf_name;
1088 char *dn_name = dn->components[n_dn].cf_name;
1090 char *b_vdata = (char *)base->components[n_base].cf_value.data;
1091 char *dn_vdata = (char *)dn->components[n_dn].cf_value.data;
1093 size_t b_vlen = base->components[n_base].cf_value.length;
1094 size_t dn_vlen = dn->components[n_dn].cf_value.length;
1096 /* compare attr names */
1097 ret = strcmp(b_name, dn_name);
1098 if (ret != 0) return ret;
1100 /* compare attr.cf_value. */
1101 if (b_vlen != dn_vlen) {
1102 return b_vlen - dn_vlen;
1104 ret = strcmp(b_vdata, dn_vdata);
1105 if (ret != 0) return ret;
1114 /* compare DNs using casefolding compare functions.
1116 If they match, then return 0
1119 int ldb_dn_compare(struct ldb_dn *dn0, struct ldb_dn *dn1)
1124 if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
1128 if (( ! dn0->valid_case) || ( ! dn1->valid_case)) {
1129 if (dn0->linearized && dn1->linearized) {
1130 /* try with a normal compare first, if we are lucky
1131 * we will avoid exploding and casfolding */
1132 if (strcmp(dn0->linearized, dn1->linearized) == 0) {
1137 if ( ! ldb_dn_casefold_internal(dn0)) {
1141 if ( ! ldb_dn_casefold_internal(dn1)) {
1147 if (dn0->comp_num != dn1->comp_num) {
1148 return (dn1->comp_num - dn0->comp_num);
1151 if (dn0->comp_num == 0) {
1152 if (dn0->special && dn1->special) {
1153 return strcmp(dn0->linearized, dn1->linearized);
1154 } else if (dn0->special) {
1156 } else if (dn1->special) {
1163 for (i = 0; i < dn0->comp_num; i++) {
1164 char *dn0_name = dn0->components[i].cf_name;
1165 char *dn1_name = dn1->components[i].cf_name;
1167 char *dn0_vdata = (char *)dn0->components[i].cf_value.data;
1168 char *dn1_vdata = (char *)dn1->components[i].cf_value.data;
1170 size_t dn0_vlen = dn0->components[i].cf_value.length;
1171 size_t dn1_vlen = dn1->components[i].cf_value.length;
1173 /* compare attr names */
1174 ret = strcmp(dn0_name, dn1_name);
1179 /* compare attr.cf_value. */
1180 if (dn0_vlen != dn1_vlen) {
1181 return dn0_vlen - dn1_vlen;
1183 ret = strcmp(dn0_vdata, dn1_vdata);
1192 static struct ldb_dn_component ldb_dn_copy_component(
1193 TALLOC_CTX *mem_ctx,
1194 struct ldb_dn_component *src)
1196 struct ldb_dn_component dst;
1198 memset(&dst, 0, sizeof(dst));
1204 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1205 if (dst.value.data == NULL) {
1209 dst.name = talloc_strdup(mem_ctx, src->name);
1210 if (dst.name == NULL) {
1211 LDB_FREE(dst.value.data);
1215 if (src->cf_value.data) {
1216 dst.cf_value = ldb_val_dup(mem_ctx, &(src->cf_value));
1217 if (dst.cf_value.data == NULL) {
1218 LDB_FREE(dst.value.data);
1223 dst.cf_name = talloc_strdup(mem_ctx, src->cf_name);
1224 if (dst.cf_name == NULL) {
1225 LDB_FREE(dst.cf_name);
1226 LDB_FREE(dst.value.data);
1231 dst.cf_value.data = NULL;
1238 static struct ldb_dn_ext_component ldb_dn_ext_copy_component(
1239 TALLOC_CTX *mem_ctx,
1240 struct ldb_dn_ext_component *src)
1242 struct ldb_dn_ext_component dst;
1244 memset(&dst, 0, sizeof(dst));
1250 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1251 if (dst.value.data == NULL) {
1255 dst.name = talloc_strdup(mem_ctx, src->name);
1256 if (dst.name == NULL) {
1257 LDB_FREE(dst.value.data);
1264 struct ldb_dn *ldb_dn_copy(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1266 struct ldb_dn *new_dn;
1268 if (!dn || dn->invalid) {
1272 new_dn = talloc_zero(mem_ctx, struct ldb_dn);
1279 if (dn->components) {
1282 new_dn->components =
1283 talloc_zero_array(new_dn,
1284 struct ldb_dn_component,
1286 if ( ! new_dn->components) {
1287 talloc_free(new_dn);
1291 for (i = 0; i < dn->comp_num; i++) {
1292 new_dn->components[i] =
1293 ldb_dn_copy_component(new_dn->components,
1294 &dn->components[i]);
1295 if ( ! new_dn->components[i].value.data) {
1296 talloc_free(new_dn);
1302 if (dn->ext_components) {
1305 new_dn->ext_components =
1306 talloc_zero_array(new_dn,
1307 struct ldb_dn_ext_component,
1309 if ( ! new_dn->ext_components) {
1310 talloc_free(new_dn);
1314 for (i = 0; i < dn->ext_comp_num; i++) {
1315 new_dn->ext_components[i] =
1316 ldb_dn_ext_copy_component(
1317 new_dn->ext_components,
1318 &dn->ext_components[i]);
1319 if ( ! new_dn->ext_components[i].value.data) {
1320 talloc_free(new_dn);
1327 new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
1328 if ( ! new_dn->casefold) {
1329 talloc_free(new_dn);
1334 if (dn->linearized) {
1335 new_dn->linearized = talloc_strdup(new_dn, dn->linearized);
1336 if ( ! new_dn->linearized) {
1337 talloc_free(new_dn);
1342 if (dn->ext_linearized) {
1343 new_dn->ext_linearized = talloc_strdup(new_dn,
1344 dn->ext_linearized);
1345 if ( ! new_dn->ext_linearized) {
1346 talloc_free(new_dn);
1354 /* modify the given dn by adding a base.
1356 * return true if successful and false if not
1357 * if false is returned the dn may be marked invalid
1359 bool ldb_dn_add_base(struct ldb_dn *dn, struct ldb_dn *base)
1364 if ( !base || base->invalid || !dn || dn->invalid) {
1368 if (dn->components) {
1371 if ( ! ldb_dn_validate(base)) {
1376 if (dn->valid_case) {
1377 if ( ! (s = ldb_dn_get_casefold(base))) {
1382 dn->components = talloc_realloc(dn,
1384 struct ldb_dn_component,
1385 dn->comp_num + base->comp_num);
1386 if ( ! dn->components) {
1387 ldb_dn_mark_invalid(dn);
1391 for (i = 0; i < base->comp_num; dn->comp_num++, i++) {
1392 dn->components[dn->comp_num] =
1393 ldb_dn_copy_component(dn->components,
1394 &base->components[i]);
1395 if (dn->components[dn->comp_num].value.data == NULL) {
1396 ldb_dn_mark_invalid(dn);
1401 if (dn->casefold && s) {
1402 if (*dn->casefold) {
1403 t = talloc_asprintf(dn, "%s,%s",
1406 t = talloc_strdup(dn, s);
1408 LDB_FREE(dn->casefold);
1413 if (dn->linearized) {
1415 s = ldb_dn_get_linearized(base);
1420 if (*dn->linearized) {
1421 t = talloc_asprintf(dn, "%s,%s",
1424 t = talloc_strdup(dn, s);
1427 ldb_dn_mark_invalid(dn);
1430 LDB_FREE(dn->linearized);
1434 /* Wipe the ext_linearized DN,
1435 * the GUID and SID are almost certainly no longer valid */
1436 LDB_FREE(dn->ext_linearized);
1437 LDB_FREE(dn->ext_components);
1438 dn->ext_comp_num = 0;
1443 /* modify the given dn by adding a base.
1445 * return true if successful and false if not
1446 * if false is returned the dn may be marked invalid
1448 bool ldb_dn_add_base_fmt(struct ldb_dn *dn, const char *base_fmt, ...)
1450 struct ldb_dn *base;
1455 if ( !dn || dn->invalid) {
1459 va_start(ap, base_fmt);
1460 base_str = talloc_vasprintf(dn, base_fmt, ap);
1463 if (base_str == NULL) {
1467 base = ldb_dn_new(base_str, dn->ldb, base_str);
1469 ret = ldb_dn_add_base(dn, base);
1471 talloc_free(base_str);
1476 /* modify the given dn by adding children elements.
1478 * return true if successful and false if not
1479 * if false is returned the dn may be marked invalid
1481 bool ldb_dn_add_child(struct ldb_dn *dn, struct ldb_dn *child)
1486 if ( !child || child->invalid || !dn || dn->invalid) {
1490 if (dn->components) {
1494 if (dn->comp_num == 0) {
1498 if ( ! ldb_dn_validate(child)) {
1503 if (dn->valid_case) {
1504 if ( ! (s = ldb_dn_get_casefold(child))) {
1509 n = dn->comp_num + child->comp_num;
1511 dn->components = talloc_realloc(dn,
1513 struct ldb_dn_component,
1515 if ( ! dn->components) {
1516 ldb_dn_mark_invalid(dn);
1520 for (i = dn->comp_num - 1, j = n - 1; i != (unsigned int) -1;
1522 dn->components[j] = dn->components[i];
1525 for (i = 0; i < child->comp_num; i++) {
1527 ldb_dn_copy_component(dn->components,
1528 &child->components[i]);
1529 if (dn->components[i].value.data == NULL) {
1530 ldb_dn_mark_invalid(dn);
1537 if (dn->casefold && s) {
1538 t = talloc_asprintf(dn, "%s,%s", s, dn->casefold);
1539 LDB_FREE(dn->casefold);
1544 if (dn->linearized) {
1545 if (dn->linearized[0] == '\0') {
1549 s = ldb_dn_get_linearized(child);
1554 t = talloc_asprintf(dn, "%s,%s", s, dn->linearized);
1556 ldb_dn_mark_invalid(dn);
1559 LDB_FREE(dn->linearized);
1563 /* Wipe the ext_linearized DN,
1564 * the GUID and SID are almost certainly no longer valid */
1565 LDB_FREE(dn->ext_linearized);
1566 LDB_FREE(dn->ext_components);
1567 dn->ext_comp_num = 0;
1572 /* modify the given dn by adding children elements.
1574 * return true if successful and false if not
1575 * if false is returned the dn may be marked invalid
1577 bool ldb_dn_add_child_fmt(struct ldb_dn *dn, const char *child_fmt, ...)
1579 struct ldb_dn *child;
1584 if ( !dn || dn->invalid) {
1588 va_start(ap, child_fmt);
1589 child_str = talloc_vasprintf(dn, child_fmt, ap);
1592 if (child_str == NULL) {
1596 child = ldb_dn_new(child_str, dn->ldb, child_str);
1598 ret = ldb_dn_add_child(dn, child);
1600 talloc_free(child_str);
1605 bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num)
1609 if ( ! ldb_dn_validate(dn)) {
1613 if (dn->comp_num < num) {
1617 /* free components */
1618 for (i = dn->comp_num - num; i < dn->comp_num; i++) {
1619 LDB_FREE(dn->components[i].name);
1620 LDB_FREE(dn->components[i].value.data);
1621 LDB_FREE(dn->components[i].cf_name);
1622 LDB_FREE(dn->components[i].cf_value.data);
1625 dn->comp_num -= num;
1627 if (dn->valid_case) {
1628 for (i = 0; i < dn->comp_num; i++) {
1629 LDB_FREE(dn->components[i].cf_name);
1630 LDB_FREE(dn->components[i].cf_value.data);
1632 dn->valid_case = false;
1635 LDB_FREE(dn->casefold);
1636 LDB_FREE(dn->linearized);
1638 /* Wipe the ext_linearized DN,
1639 * the GUID and SID are almost certainly no longer valid */
1640 LDB_FREE(dn->ext_linearized);
1641 LDB_FREE(dn->ext_components);
1642 dn->ext_comp_num = 0;
1647 bool ldb_dn_remove_child_components(struct ldb_dn *dn, unsigned int num)
1651 if ( ! ldb_dn_validate(dn)) {
1655 if (dn->comp_num < num) {
1659 for (i = 0, j = num; j < dn->comp_num; i++, j++) {
1661 LDB_FREE(dn->components[i].name);
1662 LDB_FREE(dn->components[i].value.data);
1663 LDB_FREE(dn->components[i].cf_name);
1664 LDB_FREE(dn->components[i].cf_value.data);
1666 dn->components[i] = dn->components[j];
1669 dn->comp_num -= num;
1671 if (dn->valid_case) {
1672 for (i = 0; i < dn->comp_num; i++) {
1673 LDB_FREE(dn->components[i].cf_name);
1674 LDB_FREE(dn->components[i].cf_value.data);
1676 dn->valid_case = false;
1679 LDB_FREE(dn->casefold);
1680 LDB_FREE(dn->linearized);
1682 /* Wipe the ext_linearized DN,
1683 * the GUID and SID are almost certainly no longer valid */
1684 LDB_FREE(dn->ext_linearized);
1685 LDB_FREE(dn->ext_components);
1686 dn->ext_comp_num = 0;
1691 struct ldb_dn *ldb_dn_get_parent(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1693 struct ldb_dn *new_dn;
1695 new_dn = ldb_dn_copy(mem_ctx, dn);
1700 if ( ! ldb_dn_remove_child_components(new_dn, 1)) {
1701 talloc_free(new_dn);
1708 /* Create a 'canonical name' string from a DN:
1710 ie dc=samba,dc=org -> samba.org/
1711 uid=administrator,ou=users,dc=samba,dc=org = samba.org/users/administrator
1713 There are two formats,
1714 the EX format has the last '/' replaced with a newline (\n).
1717 static char *ldb_dn_canonical(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int ex_format) {
1720 char *cracked = NULL;
1721 const char *format = (ex_format ? "\n" : "/" );
1723 if ( ! ldb_dn_validate(dn)) {
1727 tmpctx = talloc_new(mem_ctx);
1729 /* Walk backwards down the DN, grabbing 'dc' components at first */
1730 for (i = dn->comp_num - 1; i != (unsigned int) -1; i--) {
1731 if (ldb_attr_cmp(dn->components[i].name, "dc") != 0) {
1735 cracked = talloc_asprintf(tmpctx, "%s.%s",
1736 ldb_dn_escape_value(tmpctx,
1737 dn->components[i].value),
1740 cracked = ldb_dn_escape_value(tmpctx,
1741 dn->components[i].value);
1748 /* Only domain components? Finish here */
1749 if (i == (unsigned int) -1) {
1750 cracked = talloc_strdup_append_buffer(cracked, format);
1751 talloc_steal(mem_ctx, cracked);
1755 /* Now walk backwards appending remaining components */
1756 for (; i > 0; i--) {
1757 cracked = talloc_asprintf_append_buffer(cracked, "/%s",
1758 ldb_dn_escape_value(tmpctx,
1759 dn->components[i].value));
1765 /* Last one, possibly a newline for the 'ex' format */
1766 cracked = talloc_asprintf_append_buffer(cracked, "%s%s", format,
1767 ldb_dn_escape_value(tmpctx,
1768 dn->components[i].value));
1770 talloc_steal(mem_ctx, cracked);
1772 talloc_free(tmpctx);
1776 /* Wrapper functions for the above, for the two different string formats */
1777 char *ldb_dn_canonical_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1778 return ldb_dn_canonical(mem_ctx, dn, 0);
1782 char *ldb_dn_canonical_ex_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1783 return ldb_dn_canonical(mem_ctx, dn, 1);
1786 int ldb_dn_get_comp_num(struct ldb_dn *dn)
1788 if ( ! ldb_dn_validate(dn)) {
1791 return dn->comp_num;
1794 const char *ldb_dn_get_component_name(struct ldb_dn *dn, unsigned int num)
1796 if ( ! ldb_dn_validate(dn)) {
1799 if (num >= dn->comp_num) return NULL;
1800 return dn->components[num].name;
1803 const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn,
1806 if ( ! ldb_dn_validate(dn)) {
1809 if (num >= dn->comp_num) return NULL;
1810 return &dn->components[num].value;
1813 const char *ldb_dn_get_rdn_name(struct ldb_dn *dn)
1815 if ( ! ldb_dn_validate(dn)) {
1818 if (dn->comp_num == 0) return NULL;
1819 return dn->components[0].name;
1822 const struct ldb_val *ldb_dn_get_rdn_val(struct ldb_dn *dn)
1824 if ( ! ldb_dn_validate(dn)) {
1827 if (dn->comp_num == 0) return NULL;
1828 return &dn->components[0].value;
1831 int ldb_dn_set_component(struct ldb_dn *dn, int num,
1832 const char *name, const struct ldb_val val)
1837 if ( ! ldb_dn_validate(dn)) {
1838 return LDB_ERR_OTHER;
1841 if (num >= dn->comp_num) {
1842 return LDB_ERR_OTHER;
1845 n = talloc_strdup(dn, name);
1847 return LDB_ERR_OTHER;
1850 v.length = val.length;
1851 v.data = (uint8_t *)talloc_memdup(dn, val.data, v.length+1);
1854 return LDB_ERR_OTHER;
1857 talloc_free(dn->components[num].name);
1858 talloc_free(dn->components[num].value.data);
1859 dn->components[num].name = n;
1860 dn->components[num].value = v;
1862 if (dn->valid_case) {
1864 for (i = 0; i < dn->comp_num; i++) {
1865 LDB_FREE(dn->components[i].cf_name);
1866 LDB_FREE(dn->components[i].cf_value.data);
1868 dn->valid_case = false;
1870 LDB_FREE(dn->casefold);
1871 LDB_FREE(dn->linearized);
1873 /* Wipe the ext_linearized DN,
1874 * the GUID and SID are almost certainly no longer valid */
1875 LDB_FREE(dn->ext_linearized);
1876 LDB_FREE(dn->ext_components);
1877 dn->ext_comp_num = 0;
1882 const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn,
1886 if ( ! ldb_dn_validate(dn)) {
1889 for (i=0; i < dn->ext_comp_num; i++) {
1890 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1891 return &dn->ext_components[i].value;
1897 int ldb_dn_set_extended_component(struct ldb_dn *dn,
1898 const char *name, const struct ldb_val *val)
1900 struct ldb_dn_ext_component *p;
1904 if ( ! ldb_dn_validate(dn)) {
1905 return LDB_ERR_OTHER;
1908 if (!ldb_dn_extended_syntax_by_name(dn->ldb, name)) {
1909 /* We don't know how to handle this type of thing */
1910 return LDB_ERR_INVALID_DN_SYNTAX;
1913 for (i=0; i < dn->ext_comp_num; i++) {
1914 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1916 dn->ext_components[i].value =
1917 ldb_val_dup(dn->ext_components, val);
1919 dn->ext_components[i].name =
1920 talloc_strdup(dn->ext_components, name);
1921 if (!dn->ext_components[i].name ||
1922 !dn->ext_components[i].value.data) {
1923 ldb_dn_mark_invalid(dn);
1924 return LDB_ERR_OPERATIONS_ERROR;
1927 if (i != (dn->ext_comp_num - 1)) {
1928 memmove(&dn->ext_components[i],
1929 &dn->ext_components[i+1],
1930 ((dn->ext_comp_num-1) - i) *
1931 sizeof(*dn->ext_components));
1935 dn->ext_components = talloc_realloc(dn,
1937 struct ldb_dn_ext_component,
1939 if (!dn->ext_components) {
1940 ldb_dn_mark_invalid(dn);
1941 return LDB_ERR_OPERATIONS_ERROR;
1944 LDB_FREE(dn->ext_linearized);
1951 /* removing a value that doesn't exist is not an error */
1957 p = dn->ext_components
1958 = talloc_realloc(dn,
1960 struct ldb_dn_ext_component,
1961 dn->ext_comp_num + 1);
1962 if (!dn->ext_components) {
1963 ldb_dn_mark_invalid(dn);
1964 return LDB_ERR_OPERATIONS_ERROR;
1967 p[dn->ext_comp_num].value = ldb_val_dup(dn->ext_components, &v2);
1968 p[dn->ext_comp_num].name = talloc_strdup(p, name);
1970 if (!dn->ext_components[i].name || !dn->ext_components[i].value.data) {
1971 ldb_dn_mark_invalid(dn);
1972 return LDB_ERR_OPERATIONS_ERROR;
1974 dn->ext_components = p;
1977 LDB_FREE(dn->ext_linearized);
1982 void ldb_dn_remove_extended_components(struct ldb_dn *dn)
1984 LDB_FREE(dn->ext_linearized);
1985 LDB_FREE(dn->ext_components);
1986 dn->ext_comp_num = 0;
1989 bool ldb_dn_is_valid(struct ldb_dn *dn)
1991 if ( ! dn) return false;
1992 return ! dn->invalid;
1995 bool ldb_dn_is_special(struct ldb_dn *dn)
1997 if ( ! dn || dn->invalid) return false;
2001 bool ldb_dn_has_extended(struct ldb_dn *dn)
2003 if ( ! dn || dn->invalid) return false;
2004 if (dn->ext_linearized && (dn->ext_linearized[0] == '<')) return true;
2005 return dn->ext_comp_num != 0;
2008 bool ldb_dn_check_special(struct ldb_dn *dn, const char *check)
2010 if ( ! dn || dn->invalid) return false;
2011 return ! strcmp(dn->linearized, check);
2014 bool ldb_dn_is_null(struct ldb_dn *dn)
2016 if ( ! dn || dn->invalid) return false;
2017 if (ldb_dn_has_extended(dn)) return false;
2018 if (dn->linearized && (dn->linearized[0] == '\0')) return true;
2023 this updates dn->components, taking the components from ref_dn.
2024 This is used by code that wants to update the DN path of a DN
2025 while not impacting on the extended DN components
2027 int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn)
2029 dn->components = talloc_realloc(dn, dn->components,
2030 struct ldb_dn_component, ref_dn->comp_num);
2031 if (!dn->components) {
2032 return LDB_ERR_OPERATIONS_ERROR;
2034 memcpy(dn->components, ref_dn->components,
2035 sizeof(struct ldb_dn_component)*ref_dn->comp_num);
2036 dn->comp_num = ref_dn->comp_num;
2038 LDB_FREE(dn->casefold);
2039 LDB_FREE(dn->linearized);
2040 LDB_FREE(dn->ext_linearized);