+static bool merge_attr_list(TALLOC_CTX *mem_ctx,
+ struct ldb_message_element *attrs, struct ldb_message_element *new_attrs)
+{
+ struct ldb_val *values;
+ if (!new_attrs) {
+ return true;
+ }
+
+ values = talloc_realloc(mem_ctx,
+ attrs->values, struct ldb_val, attrs->num_values + new_attrs->num_values);
+
+ attrs->values = values;
+
+ memcpy(&attrs->values[attrs->num_values], new_attrs->values, sizeof(*new_attrs->values) * new_attrs->num_values);
+ attrs->num_values = attrs->num_values + new_attrs->num_values;
+
+ /* Add sort and unique implementation here */
+
+ return true;
+}
+
+static bool find_aux_classes(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_dn *schema_dn,
+ struct ldb_message_element *aux_class, struct ldb_message_element *must,
+ struct ldb_message_element *sys_must, struct ldb_message_element *may,
+ struct ldb_message_element *sys_may)
+{
+ int i, ret;
+ struct ldb_message *msg;
+ struct ldb_result *res;
+
+ for (i=0; aux_class && i < aux_class->num_values; i++) {
+ ret = ldb_search_exp_fmt(ldb, mem_ctx, &res,
+ schema_dn, LDB_SCOPE_SUBTREE, oc_attrs,
+ "(&(objectClass=classSchema)(lDAPDisplayName=%s))",
+ aux_class->values[i].data);
+ if (ret != LDB_SUCCESS) {
+ return false;
+ }
+
+ msg = res->msgs[0];
+
+ if (!merge_attr_list(mem_ctx, must, ldb_msg_find_element(msg, "mustContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, sys_must, ldb_msg_find_element(msg, "systemMustContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, may, ldb_msg_find_element(msg, "mayContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, sys_may, ldb_msg_find_element(msg, "systemMayContain"))) {
+ return false;
+ }
+
+
+ if (res->count == 0) {
+ return false;
+ }
+
+ if (!find_aux_classes(mem_ctx, ldb, schema_dn,
+ ldb_msg_find_element(msg, "auxiliaryClass"), must, sys_must, may, sys_may)) {
+ return false;
+ }
+ if (!find_aux_classes(mem_ctx, ldb, schema_dn,
+ ldb_msg_find_element(msg, "systemAuxiliaryClass"), must, sys_must, may, sys_may)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+