#include "lib/ldb/include/ldb_errors.h"
#include "lib/ldb_wrap.h"
-#define VALID_DN_SYNTAX(dn,i) do {\
+#define VALID_DN_SYNTAX(dn) do {\
if (!(dn)) {\
return NT_STATUS_NO_MEMORY;\
} else if ( ! ldb_dn_validate(dn)) {\
result = LDAP_INVALID_DN_SYNTAX;\
errstr = "Invalid DN format";\
goto reply;\
- } else if (ldb_dn_get_comp_num(dn) < (i)) {\
- result = LDAP_INVALID_DN_SYNTAX;\
- errstr = "Invalid DN (" #i " components needed for '" #dn "')";\
- goto reply;\
}\
} while(0)
= gensec_use_kerberos_mechs(conn, backends, conn->server_credentials);
int i, j = 0;
for (i = 0; ops && ops[i]; i++) {
+ if (!gensec_security_ops_enabled(ops[i], conn->lp_ctx))
+ continue;
+
if (ops[i]->sasl_name && ops[i]->server_start) {
char *sasl_name = talloc_strdup(conn, ops[i]->sasl_name);
struct ldb_request *lreq;
struct ldb_control *search_control;
struct ldb_search_options_control *search_options;
+ struct ldb_control *extended_dn_control;
+ struct ldb_extended_dn_control *extended_dn_decoded = NULL;
enum ldb_scope scope = LDB_SCOPE_DEFAULT;
const char **attrs = NULL;
const char *scope_str, *errstr = NULL;
int result = -1;
int ldb_ret = -1;
int i, j;
+ int extended_type = 1;
DEBUG(10, ("SearchRequest"));
DEBUGADD(10, (" basedn: %s", req->basedn));
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
basedn = ldb_dn_new(local_ctx, samdb, req->basedn);
- VALID_DN_SYNTAX(basedn, 0);
+ VALID_DN_SYNTAX(basedn);
DEBUG(10, ("SearchRequest: basedn: [%s]\n", req->basedn));
DEBUG(10, ("SearchRequest: filter: [%s]\n", ldb_filter_from_tree(call, req->tree)));
ldb_request_add_control(lreq, LDB_CONTROL_SEARCH_OPTIONS_OID, false, search_options);
}
}
+
+ extended_dn_control = ldb_request_get_control(lreq, LDB_CONTROL_EXTENDED_DN_OID);
+
+ if (extended_dn_control) {
+ if (extended_dn_control->data) {
+ extended_dn_decoded = talloc_get_type(extended_dn_control->data, struct ldb_extended_dn_control);
+ extended_type = extended_dn_decoded->type;
+ } else {
+ extended_type = 0;
+ }
+ }
+
ldb_set_timeout(samdb, lreq, req->timelimit);
ldb_ret = ldb_request(samdb, lreq);
talloc_steal(ent_r, res->msgs[i]);
ent = &ent_r->msg->r.SearchResultEntry;
- ent->dn = ldb_dn_alloc_linearized(ent_r, res->msgs[i]->dn);
+ ent->dn = ldb_dn_get_extended_linearized(ent_r, res->msgs[i]->dn, extended_type);
ent->num_attributes = 0;
ent->attributes = NULL;
if (res->msgs[i]->num_elements == 0) {
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn, 0);
+ VALID_DN_SYNTAX(dn);
DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn,1);
+ VALID_DN_SYNTAX(dn);
DEBUG(10, ("AddRequest: dn: [%s]\n", req->dn));
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn,1);
+ VALID_DN_SYNTAX(dn);
DEBUG(10, ("DelRequest: dn: [%s]\n", req->dn));
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
olddn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(olddn, 2);
+ VALID_DN_SYNTAX(olddn);
newrdn = ldb_dn_new(local_ctx, samdb, req->newrdn);
- VALID_DN_SYNTAX(newrdn, 1);
+ VALID_DN_SYNTAX(newrdn);
DEBUG(10, ("ModifyDNRequest: olddn: [%s]\n", req->dn));
DEBUG(10, ("ModifyDNRequest: newrdn: [%s]\n", req->newrdn));
if (req->newsuperior) {
parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
- VALID_DN_SYNTAX(parentdn, 0);
+ VALID_DN_SYNTAX(parentdn);
DEBUG(10, ("ModifyDNRequest: newsuperior: [%s]\n", req->newsuperior));
if (ldb_dn_get_comp_num(parentdn) < 1) {
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn, 1);
+ VALID_DN_SYNTAX(dn);
DEBUG(10, ("CompareRequest: dn: [%s]\n", req->dn));
filter = talloc_asprintf(local_ctx, "(%s=%*s)", req->attribute,