*/
#include "includes.h"
-#include "ldb_includes.h"
-#include "ldb_handlers.h"
-
+#include "lib/ldb/include/ldb_includes.h"
+#include "dsdb/samdb/samdb.h"
#include "librpc/gen_ndr/ndr_security.h"
#include "librpc/gen_ndr/ndr_misc.h"
-#include "dsdb/samdb/samdb.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
#include "libcli/security/security.h"
+#include "param/param.h"
/*
convert a ldif formatted objectSid to a NDR formatted blob
static int ldif_read_objectSid(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *in, struct ldb_val *out)
{
+ enum ndr_err_code ndr_err;
struct dom_sid *sid;
- NTSTATUS status;
- sid = dom_sid_parse_talloc(mem_ctx, (const char *)in->data);
+ sid = dom_sid_parse_length(mem_ctx, in);
if (sid == NULL) {
return -1;
}
- status = ndr_push_struct_blob(out, mem_ctx, sid,
- (ndr_push_flags_fn_t)ndr_push_dom_sid);
+ ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, sid,
+ (ndr_push_flags_fn_t)ndr_push_dom_sid);
talloc_free(sid);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return -1;
}
return 0;
const struct ldb_val *in, struct ldb_val *out)
{
struct dom_sid *sid;
- NTSTATUS status;
+ enum ndr_err_code ndr_err;
+
sid = talloc(mem_ctx, struct dom_sid);
if (sid == NULL) {
return -1;
}
- status = ndr_pull_struct_blob(in, sid, sid,
- (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
- if (!NT_STATUS_IS_OK(status)) {
+ ndr_err = ndr_pull_struct_blob(in, sid, NULL, sid,
+ (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(sid);
return -1;
}
- out->data = (uint8_t *)dom_sid_string(mem_ctx, sid);
+ *out = data_blob_string_const(dom_sid_string(mem_ctx, sid));
talloc_free(sid);
if (out->data == NULL) {
return -1;
}
- out->length = strlen((const char *)out->data);
return 0;
}
const struct ldb_val *v1, const struct ldb_val *v2)
{
if (ldb_comparision_objectSid_isString(v1) && ldb_comparision_objectSid_isString(v2)) {
- return strcmp((const char *)v1->data, (const char *)v2->data);
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
} else if (ldb_comparision_objectSid_isString(v1)
&& !ldb_comparision_objectSid_isString(v2)) {
struct ldb_val v;
int ret;
if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) {
- return -1;
+ /* Perhaps not a string after all */
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
}
ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
talloc_free(v.data);
struct ldb_val v;
int ret;
if (ldif_read_objectSid(ldb, mem_ctx, v2, &v) != 0) {
- return -1;
+ /* Perhaps not a string after all */
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
}
ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
talloc_free(v.data);
const struct ldb_val *in, struct ldb_val *out)
{
if (ldb_comparision_objectSid_isString(in)) {
- return ldif_read_objectSid(ldb, mem_ctx, in, out);
+ if (ldif_read_objectSid(ldb, mem_ctx, in, out) != 0) {
+ /* Perhaps not a string after all */
+ return ldb_handler_copy(ldb, mem_ctx, in, out);
+ }
}
return ldb_handler_copy(ldb, mem_ctx, in, out);
}
const struct ldb_val *in, struct ldb_val *out)
{
struct GUID guid;
+ char *guid_string;
NTSTATUS status;
+ enum ndr_err_code ndr_err;
+ guid_string = talloc_strndup(mem_ctx, in->data, in->length);
+ if (!guid_string) {
+ return -1;
+ }
- status = GUID_from_string((const char *)in->data, &guid);
+ status = GUID_from_string(guid_string, &guid);
+ talloc_free(guid_string);
if (!NT_STATUS_IS_OK(status)) {
return -1;
}
- status = ndr_push_struct_blob(out, mem_ctx, &guid,
- (ndr_push_flags_fn_t)ndr_push_GUID);
- if (!NT_STATUS_IS_OK(status)) {
+ ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, &guid,
+ (ndr_push_flags_fn_t)ndr_push_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return -1;
}
return 0;
const struct ldb_val *in, struct ldb_val *out)
{
struct GUID guid;
- NTSTATUS status;
- status = ndr_pull_struct_blob(in, mem_ctx, &guid,
- (ndr_pull_flags_fn_t)ndr_pull_GUID);
- if (!NT_STATUS_IS_OK(status)) {
+ enum ndr_err_code ndr_err;
+ ndr_err = ndr_pull_struct_blob(in, mem_ctx, NULL, &guid,
+ (ndr_pull_flags_fn_t)ndr_pull_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return -1;
}
out->data = (uint8_t *)GUID_string(mem_ctx, &guid);
const struct ldb_val *v1, const struct ldb_val *v2)
{
if (ldb_comparision_objectGUID_isString(v1) && ldb_comparision_objectGUID_isString(v2)) {
- return strcmp((const char *)v1->data, (const char *)v2->data);
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
} else if (ldb_comparision_objectGUID_isString(v1)
&& !ldb_comparision_objectGUID_isString(v2)) {
struct ldb_val v;
int ret;
if (ldif_read_objectGUID(ldb, mem_ctx, v1, &v) != 0) {
- return -1;
+ /* Perhaps it wasn't a valid string after all */
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
}
ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
talloc_free(v.data);
struct ldb_val v;
int ret;
if (ldif_read_objectGUID(ldb, mem_ctx, v2, &v) != 0) {
- return -1;
+ /* Perhaps it wasn't a valid string after all */
+ return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
}
ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
talloc_free(v.data);
const struct ldb_val *in, struct ldb_val *out)
{
if (ldb_comparision_objectGUID_isString(in)) {
- return ldif_read_objectGUID(ldb, mem_ctx, in, out);
+ if (ldif_read_objectGUID(ldb, mem_ctx, in, out) != 0) {
+ /* Perhaps it wasn't a valid string after all */
+ return ldb_handler_copy(ldb, mem_ctx, in, out);
+ }
}
return ldb_handler_copy(ldb, mem_ctx, in, out);
}
const struct ldb_val *in, struct ldb_val *out)
{
struct security_descriptor *sd;
- NTSTATUS status;
+ enum ndr_err_code ndr_err;
sd = sddl_decode(mem_ctx, (const char *)in->data, NULL);
if (sd == NULL) {
return -1;
}
- status = ndr_push_struct_blob(out, mem_ctx, sd,
- (ndr_push_flags_fn_t)ndr_push_security_descriptor);
+ ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, sd,
+ (ndr_push_flags_fn_t)ndr_push_security_descriptor);
talloc_free(sd);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return -1;
}
return 0;
const struct ldb_val *in, struct ldb_val *out)
{
struct security_descriptor *sd;
- NTSTATUS status;
+ enum ndr_err_code ndr_err;
sd = talloc(mem_ctx, struct security_descriptor);
if (sd == NULL) {
return -1;
}
- status = ndr_pull_struct_blob(in, sd, sd,
- (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
- if (!NT_STATUS_IS_OK(status)) {
+ ndr_err = ndr_pull_struct_blob(in, sd, NULL, sd,
+ (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(sd);
return -1;
}
}
/*
- canonicolise an objectCategory. We use the short form as the cannoical form:
+ canonicalise an objectCategory. We use the short form as the cannoical form:
cn=Person,cn=Schema,cn=Configuration,<basedn> becomes 'person'
*/
}
return LDB_SUCCESS;
}
- dn1 = ldb_dn_new(tmp_ctx, ldb, (char *)in->data);
+ dn1 = ldb_dn_from_ldb_val(tmp_ctx, ldb, in);
if ( ! ldb_dn_validate(dn1)) {
const char *lDAPDisplayName = talloc_strndup(tmp_ctx, (char *)in->data, in->length);
class = dsdb_class_by_lDAPDisplayName(schema, lDAPDisplayName);
return ret;
}
-#define LDB_SYNTAX_SAMBA_SID "LDB_SYNTAX_SAMBA_SID"
-#define LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR "LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR"
+/*
+ convert a ldif formatted prefixMap to a NDR formatted blob
+*/
+static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx,
+ const struct ldb_val *in, struct ldb_val *out)
+{
+ struct prefixMapBlob *blob;
+ enum ndr_err_code ndr_err;
+ char *string, *line, *p, *oid;
+
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+
+ if (tmp_ctx == NULL) {
+ return -1;
+ }
+
+ blob = talloc_zero(tmp_ctx, struct prefixMapBlob);
+ if (blob == NULL) {
+ talloc_free(blob);
+ return -1;
+ }
+
+ blob->version = PREFIX_MAP_VERSION_DSDB;
+
+ string = talloc_strndup(mem_ctx, (const char *)in->data, in->length);
+ if (string == NULL) {
+ talloc_free(blob);
+ return -1;
+ }
+
+ line = string;
+ while (line && line[0]) {
+ p=strchr(line, ';');
+ if (p) {
+ p[0] = '\0';
+ } else {
+ p=strchr(line, '\n');
+ if (p) {
+ p[0] = '\0';
+ }
+ }
+ /* allow a traling seperator */
+ if (line == p) {
+ break;
+ }
+
+ blob->ctr.dsdb.mappings = talloc_realloc(blob,
+ blob->ctr.dsdb.mappings,
+ struct drsuapi_DsReplicaOIDMapping,
+ blob->ctr.dsdb.num_mappings+1);
+ if (!blob->ctr.dsdb.mappings) {
+ talloc_free(tmp_ctx);
+ return -1;
+ }
+
+ blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = strtoul(line, &oid, 10);
+
+ if (oid[0] != ':') {
+ talloc_free(tmp_ctx);
+ return -1;
+ }
+
+ /* we know there must be at least ":" */
+ oid++;
+
+ blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.oid
+ = talloc_strdup(blob->ctr.dsdb.mappings, oid);
+
+ blob->ctr.dsdb.num_mappings++;
+
+ /* Now look past the terminator we added above */
+ if (p) {
+ line = p + 1;
+ } else {
+ line = NULL;
+ }
+ }
+
+ ndr_err = ndr_push_struct_blob(out, mem_ctx,
+ lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
+ blob,
+ (ndr_push_flags_fn_t)ndr_push_prefixMapBlob);
+ talloc_free(tmp_ctx);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return -1;
+ }
+ return 0;
+}
+
+/*
+ convert a NDR formatted blob to a ldif formatted prefixMap
+*/
+static int ldif_write_prefixMap(struct ldb_context *ldb, void *mem_ctx,
+ const struct ldb_val *in, struct ldb_val *out)
+{
+ struct prefixMapBlob *blob;
+ enum ndr_err_code ndr_err;
+ char *string;
+ uint32_t i;
+
+ blob = talloc(mem_ctx, struct prefixMapBlob);
+ if (blob == NULL) {
+ return -1;
+ }
+ ndr_err = ndr_pull_struct_blob(in, blob,
+ lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
+ blob,
+ (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(blob);
+ return -1;
+ }
+ if (blob->version != PREFIX_MAP_VERSION_DSDB) {
+ return -1;
+ }
+ string = talloc_strdup(mem_ctx, "");
+ if (string == NULL) {
+ return -1;
+ }
+
+ for (i=0; i < blob->ctr.dsdb.num_mappings; i++) {
+ if (i > 0) {
+ string = talloc_asprintf_append(string, ";");
+ }
+ string = talloc_asprintf_append(string, "%u:%s",
+ blob->ctr.dsdb.mappings[i].id_prefix,
+ blob->ctr.dsdb.mappings[i].oid.oid);
+ if (string == NULL) {
+ return -1;
+ }
+ }
+
+ talloc_free(blob);
+ *out = data_blob_string_const(string);
+ return 0;
+}
+
+static bool ldif_comparision_prefixMap_isString(const struct ldb_val *v)
+{
+ if (v->length < 4) {
+ return true;
+ }
+
+ if (IVAL(v->data, 0) == PREFIX_MAP_VERSION_DSDB) {
+ return false;
+ }
+
+ return true;
+}
+
+/*
+ canonicalise a prefixMap
+*/
+static int ldif_canonicalise_prefixMap(struct ldb_context *ldb, void *mem_ctx,
+ const struct ldb_val *in, struct ldb_val *out)
+{
+ if (ldif_comparision_prefixMap_isString(in)) {
+ return ldif_read_prefixMap(ldb, mem_ctx, in, out);
+ }
+ return ldb_handler_copy(ldb, mem_ctx, in, out);
+}
+
+static int ldif_comparison_prefixMap(struct ldb_context *ldb, void *mem_ctx,
+ const struct ldb_val *v1,
+ const struct ldb_val *v2)
+{
+
+ int ret, ret1, ret2;
+ struct ldb_val v1_canon, v2_canon;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+
+ /* I could try and bail if tmp_ctx was NULL, but what return
+ * value would I use?
+ *
+ * It seems easier to continue on the NULL context
+ */
+ ret1 = ldif_canonicalise_prefixMap(ldb, tmp_ctx, v1, &v1_canon);
+ ret2 = ldif_canonicalise_prefixMap(ldb, tmp_ctx, v2, &v2_canon);
+
+ if (ret1 == LDB_SUCCESS && ret2 == LDB_SUCCESS) {
+ ret = data_blob_cmp(&v1_canon, &v2_canon);
+ } else {
+ ret = data_blob_cmp(v1, v2);
+ }
+ talloc_free(tmp_ctx);
+ return ret;
+}
+
#define LDB_SYNTAX_SAMBA_GUID "LDB_SYNTAX_SAMBA_GUID"
#define LDB_SYNTAX_SAMBA_OBJECT_CATEGORY "LDB_SYNTAX_SAMBA_OBJECT_CATEGORY"
+#define LDB_SYNTAX_SAMBA_PREFIX_MAP "LDB_SYNTAX_SAMBA_PREFIX_MAP"
static const struct ldb_schema_syntax samba_syntaxes[] = {
{
.ldif_write_fn = ldb_handler_copy,
.canonicalise_fn= ldif_canonicalise_objectCategory,
.comparison_fn = ldif_comparison_objectCategory
+ },{
+ .name = LDB_SYNTAX_SAMBA_PREFIX_MAP,
+ .ldif_read_fn = ldif_read_prefixMap,
+ .ldif_write_fn = ldif_write_prefixMap,
+ .canonicalise_fn= ldif_canonicalise_prefixMap,
+ .comparison_fn = ldif_comparison_prefixMap
}
};
{ "fRSReplicaSetGUID", LDB_SYNTAX_SAMBA_GUID },
{ "netbootGUID", LDB_SYNTAX_SAMBA_GUID },
{ "objectCategory", LDB_SYNTAX_SAMBA_OBJECT_CATEGORY },
- { "member", LDB_SYNTAX_DN },
- { "memberOf", LDB_SYNTAX_DN },
- { "nCName", LDB_SYNTAX_DN },
- { "schemaNamingContext", LDB_SYNTAX_DN },
- { "configurationNamingContext", LDB_SYNTAX_DN },
- { "rootDomainNamingContext", LDB_SYNTAX_DN },
- { "defaultNamingContext", LDB_SYNTAX_DN },
- { "subRefs", LDB_SYNTAX_DN },
- { "dMDLocation", LDB_SYNTAX_DN },
- { "serverReference", LDB_SYNTAX_DN },
- { "masteredBy", LDB_SYNTAX_DN },
- { "msDs-masteredBy", LDB_SYNTAX_DN },
- { "fSMORoleOwner", LDB_SYNTAX_DN },
+ { "prefixMap", LDB_SYNTAX_SAMBA_PREFIX_MAP }
};
+const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name)
+{
+ uint32_t j;
+ const struct ldb_schema_syntax *s = NULL;
+
+ for (j=0; j < ARRAY_SIZE(samba_syntaxes); j++) {
+ if (strcmp(name, samba_syntaxes[j].name) == 0) {
+ s = &samba_syntaxes[j];
+ break;
+ }
+ }
+ return s;
+}
+
+
/*
register the samba ldif handlers
*/
for (i=0; i < ARRAY_SIZE(samba_attributes); i++) {
int ret;
- uint32_t j;
const struct ldb_schema_syntax *s = NULL;
- for (j=0; j < ARRAY_SIZE(samba_syntaxes); j++) {
- if (strcmp(samba_attributes[i].syntax, samba_syntaxes[j].name) == 0) {
- s = &samba_syntaxes[j];
- break;
- }
- }
+ s = ldb_samba_syntax_by_name(ldb, samba_attributes[i].syntax);
if (!s) {
s = ldb_standard_syntax_by_name(ldb, samba_attributes[i].syntax);
return -1;
}
- ret = ldb_schema_attribute_add_with_syntax(ldb, samba_attributes[i].name, 0, s);
+ ret = ldb_schema_attribute_add_with_syntax(ldb, samba_attributes[i].name, LDB_ATTR_FLAG_FIXED, s);
if (ret != LDB_SUCCESS) {
return ret;
}
git.samba.org / sfrench / samba-autobuild / .git / blobdiff