-/*
+/*
ldb database library
Copyright (C) Simo Sorce 2005
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
** under the LGPL
-
+
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
- version 2 of the License, or (at your option) any later version.
+ version 3 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
/*
* Author: Simo Sorce
*/
-#include "includes.h"
+#include "ldb_private.h"
#include <ctype.h>
-#include "ldb/include/includes.h"
#define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
struct ldb_val cf_value;
};
+struct ldb_dn_ext_component {
+
+ char *name;
+ struct ldb_val value;
+};
+
struct ldb_dn {
struct ldb_context *ldb;
bool special;
bool invalid;
- bool valid_lin;
- bool valid_comp;
bool valid_case;
char *linearized;
+ char *ext_linearized;
char *casefold;
unsigned int comp_num;
struct ldb_dn_component *components;
+ unsigned int ext_comp_num;
+ struct ldb_dn_ext_component *ext_components;
};
/* strdn may be NULL */
-struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *strdn)
+struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx,
+ struct ldb_context *ldb,
+ const struct ldb_val *strdn)
{
struct ldb_dn *dn;
- if ( (! mem_ctx) || (! ldb)) return NULL;
+ if (! ldb) return NULL;
dn = talloc_zero(mem_ctx, struct ldb_dn);
LDB_DN_NULL_FAILED(dn);
dn->ldb = ldb;
- if (strdn) {
- if (strdn[0] == '@') {
+ if (strdn->data && strdn->length) {
+ const char *data = (const char *)strdn->data;
+ size_t length = strdn->length;
+
+ if (data[0] == '@') {
dn->special = true;
}
- if (strncasecmp(strdn, "<GUID=", 6) == 0) {
- /* this is special DN returned when the
- * exploded_dn control is used */
- dn->special = true;
- /* FIXME: add a GUID string to ldb_dn structure */
+ dn->ext_linearized = talloc_strndup(dn, data, length);
+ LDB_DN_NULL_FAILED(dn->ext_linearized);
+
+ if (strlen(data) != length) {
+ /* The RDN must not contain a character with value 0x0 */
+ return NULL;
+ }
+
+ if (data[0] == '<') {
+ const char *p_save, *p = dn->ext_linearized;
+ do {
+ p_save = p;
+ p = strstr(p, ">;");
+ if (p) {
+ p = p + 2;
+ }
+ } while (p);
+
+ if (p_save == dn->ext_linearized) {
+ dn->linearized = talloc_strdup(dn, "");
+ } else {
+ dn->linearized = talloc_strdup(dn, p_save);
+ }
+ LDB_DN_NULL_FAILED(dn->linearized);
+ } else {
+ dn->linearized = dn->ext_linearized;
+ dn->ext_linearized = NULL;
}
- dn->linearized = talloc_strdup(dn, strdn);
} else {
dn->linearized = talloc_strdup(dn, "");
+ LDB_DN_NULL_FAILED(dn->linearized);
}
- LDB_DN_NULL_FAILED(dn->linearized);
-
- dn->valid_lin = true;
return dn;
return NULL;
}
-struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...)
+/* strdn may be NULL */
+struct ldb_dn *ldb_dn_new(void *mem_ctx,
+ struct ldb_context *ldb,
+ const char *strdn)
+{
+ struct ldb_val blob;
+ blob.data = strdn;
+ blob.length = strdn ? strlen(strdn) : 0;
+ return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
+}
+
+struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx,
+ struct ldb_context *ldb,
+ const char *new_fmt, ...)
{
- struct ldb_dn *dn;
char *strdn;
va_list ap;
if ( (! mem_ctx) || (! ldb)) return NULL;
- dn = talloc_zero(mem_ctx, struct ldb_dn);
- LDB_DN_NULL_FAILED(dn);
-
- dn->ldb = ldb;
-
va_start(ap, new_fmt);
- strdn = talloc_vasprintf(dn, new_fmt, ap);
+ strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
va_end(ap);
- LDB_DN_NULL_FAILED(strdn);
- if (strdn[0] == '@') {
- dn->special = true;
- }
- if (strncasecmp(strdn, "<GUID=", 6) == 0) {
- /* this is special DN returned when the
- * exploded_dn control is used */
- dn->special = true;
- /* FIXME: add a GUID string to ldb_dn structure */
+ if (strdn) {
+ struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, strdn);
+ talloc_free(strdn);
+ return dn;
}
- dn->linearized = strdn;
- dn->valid_lin = true;
-
- return dn;
-
-failed:
- talloc_free(dn);
return NULL;
}
if (p - src == len) /* found no escapable chars */
break;
- memcpy(d, s, p - s); /* copy the part of the string before the stop */
+ /* copy the part of the string before the stop */
+ memcpy(d, s, p - s);
d += (p - s); /* move to current position */
if (*p) { /* it is a normal escapable character */
/* return the length of the resulting string */
return (l + (d - dst));
-}
+}
char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value)
{
ldb_dn_escape_internal(dst, (const char *)value.data, value.length);
+ dst = talloc_realloc(mem_ctx, dst, char, strlen(dst) + 1);
+
return dst;
}
/*
explode a DN string into a ldb_dn structure
based on RFC4514 except that we don't support multiple valued RDNs
+
+ TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
+ DN must be compliant with RFC2253
*/
static bool ldb_dn_explode(struct ldb_dn *dn)
{
- char *p, *data, *d, *dt, *t;
+ char *p, *ex_name, *ex_value, *data, *d, *dt, *t;
bool trim = false;
+ bool in_extended = false;
+ bool in_ex_name = false;
+ bool in_ex_value = false;
bool in_attr = false;
bool in_value = false;
bool in_quote = false;
bool is_oid = false;
bool escape = false;
unsigned x;
- int l;
+ int l, ret;
+ char *parse_dn;
if ( ! dn || dn->invalid) return false;
- if (dn->valid_comp) {
+ if (dn->components) {
return true;
}
- if ( ! dn->valid_lin) {
+ if (dn->ext_linearized) {
+ parse_dn = dn->ext_linearized;
+ } else {
+ parse_dn = dn->linearized;
+ }
+
+ if ( ! parse_dn ) {
+ return false;
+ }
+
+ /* The RDN size must be less than 255 characters */
+ if (strlen(parse_dn) > 255) {
return false;
}
/* Empty DNs */
- if (dn->linearized[0] == '\0') {
- dn->valid_comp = true;
+ if (parse_dn[0] == '\0') {
return true;
}
return true;
}
+ /* make sure we free this if alloced previously before replacing */
+ talloc_free(dn->components);
+
+ talloc_free(dn->ext_components);
+ dn->ext_components = NULL;
+
/* in the common case we have 3 or more components */
- /* make sure all components are zeroed, other functions depend on this */
+ /* make sure all components are zeroed, other functions depend on it */
dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
if ( ! dn->components) {
return false;
dn->comp_num = 0;
/* Components data space is allocated here once */
- data = talloc_array(dn->components, char, strlen(dn->linearized) + 1);
+ data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
+ if (!data) {
+ return false;
+ }
- p = dn->linearized;
- in_attr = true;
+ p = parse_dn;
+ in_extended = true;
+ in_ex_name = false;
+ in_ex_value = false;
trim = true;
t = NULL;
d = dt = data;
while (*p) {
+ if (in_extended) {
+
+ if (!in_ex_name && !in_ex_value) {
+
+ if (p[0] == '<') {
+ p++;
+ ex_name = d;
+ in_ex_name = true;
+ continue;
+ } else if (p[0] == '\0') {
+ p++;
+ continue;
+ } else {
+ in_extended = false;
+ in_attr = true;
+ dt = d;
+
+ continue;
+ }
+ }
+ if (in_ex_name && *p == '=') {
+ *d++ = '\0';
+ p++;
+ ex_value = d;
+ in_ex_name = false;
+ in_ex_value = true;
+ continue;
+ }
+
+ if (in_ex_value && *p == '>') {
+ const struct ldb_dn_extended_syntax *ext_syntax;
+ struct ldb_val ex_val = {
+ .data = (uint8_t *)ex_value,
+ .length = d - ex_value
+ };
+
+ *d++ = '\0';
+ p++;
+ in_ex_value = false;
+
+ /* Process name and ex_value */
+
+ dn->ext_components = talloc_realloc(dn,
+ dn->ext_components,
+ struct ldb_dn_ext_component,
+ dn->ext_comp_num + 1);
+ if ( ! dn->ext_components) {
+ /* ouch ! */
+ goto failed;
+ }
+
+ ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, ex_name);
+ if (!ext_syntax) {
+ /* We don't know about this type of extended DN */
+ goto failed;
+ }
+
+ dn->ext_components[dn->ext_comp_num].name = talloc_strdup(dn->ext_components, ex_name);
+ if (!dn->ext_components[dn->ext_comp_num].name) {
+ /* ouch */
+ goto failed;
+ }
+ ret = ext_syntax->read_fn(dn->ldb, dn->ext_components,
+ &ex_val, &dn->ext_components[dn->ext_comp_num].value);
+ if (ret != LDB_SUCCESS) {
+ dn->invalid = true;
+ goto failed;
+ }
+
+ dn->ext_comp_num++;
+
+ if (*p == '\0') {
+ /* We have reached the end (extended component only)! */
+ talloc_free(data);
+ return true;
+
+ } else if (*p == ';') {
+ p++;
+ continue;
+ } else {
+ dn->invalid = true;
+ goto failed;
+ }
+ }
+
+ *d++ = *p++;
+ continue;
+ }
if (in_attr) {
if (trim) {
if (*p == ' ') {
/* first char */
trim = false;
+ if (!isascii(*p)) {
+ /* attr names must be ascii only */
+ dn->invalid = true;
+ goto failed;
+ }
+
if (isdigit(*p)) {
is_oid = true;
} else
if ( ! isalpha(*p)) {
- /* not a digit nor an alpha, invalid attribute name */
+ /* not a digit nor an alpha,
+ * invalid attribute name */
dn->invalid = true;
goto failed;
}
-
+
+ /* Copy this character across from parse_dn,
+ * now we have trimmed out spaces */
*d++ = *p++;
continue;
}
}
if (trim && (*p != '=')) {
- /* spaces/tabs are not allowed in attribute names */
+ /* spaces/tabs are not allowed */
dn->invalid = true;
goto failed;
}
trim = true;
l = 0;
+ /* Terminate this string in d
+ * (which is a copy of parse_dn
+ * with spaces trimmed) */
*d++ = '\0';
- dn->components[dn->comp_num].name = dt;
+ dn->components[dn->comp_num].name = talloc_strdup(dn->components, dt);
+ if ( ! dn->components[dn->comp_num].name) {
+ /* ouch */
+ goto failed;
+ }
+
dt = d;
p++;
continue;
}
+ if (!isascii(*p)) {
+ /* attr names must be ascii only */
+ dn->invalid = true;
+ goto failed;
+ }
+
if (is_oid && ( ! (isdigit(*p) || (*p == '.')))) {
- /* not a digit nor a dot, invalid attribute oid */
+ /* not a digit nor a dot,
+ * invalid attribute oid */
dn->invalid = true;
goto failed;
} else
p++;
*d++ = '\0';
- dn->components[dn->comp_num].value.data = (uint8_t *)dt;
+ dn->components[dn->comp_num].value.data = (uint8_t *)talloc_strdup(dn->components, dt);
dn->components[dn->comp_num].value.length = l;
+ if ( ! dn->components[dn->comp_num].value.data) {
+ /* ouch ! */
+ goto failed;
+ }
+
dt = d;
dn->comp_num++;
break;
}
- if (*p == ' ') {
+ if (*p == ' ') {
if ( ! t) t = p;
} else {
if ( t ) t = NULL;
*d++ = *p++;
l++;
-
+
break;
}
}
*d++ = '\0';
- dn->components[dn->comp_num].value.data = (uint8_t *)dt;
dn->components[dn->comp_num].value.length = l;
+ dn->components[dn->comp_num].value.data =
+ (uint8_t *)talloc_strdup(dn->components, dt);
+ if ( ! dn->components[dn->comp_num].value.data) {
+ /* ouch */
+ goto failed;
+ }
dn->comp_num++;
- dn->valid_comp = true;
+ talloc_free(data);
return true;
failed:
+ dn->comp_num = 0;
talloc_free(dn->components);
return false;
}
if ( ! dn || ( dn->invalid)) return NULL;
- if (dn->valid_lin) return dn->linearized;
+ if (dn->linearized) return dn->linearized;
- if ( ! dn->valid_comp) {
+ if ( ! dn->components) {
dn->invalid = true;
return NULL;
}
if (dn->comp_num == 0) {
dn->linearized = talloc_strdup(dn, "");
if ( ! dn->linearized) return NULL;
- dn->valid_lin = true;
return dn->linearized;
}
/* calculate maximum possible length of DN */
for (len = 0, i = 0; i < dn->comp_num; i++) {
- len += strlen(dn->components[i].name); /* name len */
- len += (dn->components[i].value.length * 3); /* max escaped data len */
+ /* name len */
+ len += strlen(dn->components[i].name);
+ /* max escaped data len */
+ len += (dn->components[i].value.length * 3);
len += 2; /* '=' and ',' */
}
dn->linearized = talloc_array(dn, char, len);
*(--d) = '\0';
- dn->valid_lin = true;
-
/* don't waste more memory than necessary */
- dn->linearized = talloc_realloc(dn, dn->linearized, char, (d - dn->linearized + 1));
+ dn->linearized = talloc_realloc(dn, dn->linearized,
+ char, (d - dn->linearized + 1));
return dn->linearized;
}
+char *ldb_dn_get_extended_linearized(void *mem_ctx, struct ldb_dn *dn, int mode)
+{
+ const char *linearized = ldb_dn_get_linearized(dn);
+ char *p;
+ int i;
+
+ if (!linearized) {
+ return NULL;
+ }
+
+ if (!ldb_dn_has_extended(dn)) {
+ return talloc_strdup(mem_ctx, linearized);
+ }
+
+ if (!ldb_dn_validate(dn)) {
+ return NULL;
+ }
+
+ for (i = 0; i < dn->ext_comp_num; i++) {
+ const struct ldb_dn_extended_syntax *ext_syntax;
+ const char *name = dn->ext_components[i].name;
+ struct ldb_val ec_val = dn->ext_components[i].value;
+ struct ldb_val val;
+ int ret;
+
+ ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, name);
+
+ if (mode == 1) {
+ ret = ext_syntax->write_clear_fn(dn->ldb, mem_ctx,
+ &ec_val, &val);
+ } else if (mode == 0) {
+ ret = ext_syntax->write_hex_fn(dn->ldb, mem_ctx,
+ &ec_val, &val);
+ } else {
+ ret = -1;
+ }
+
+ if (ret != LDB_SUCCESS) {
+ return NULL;
+ }
+
+ if (i == 0) {
+ p = talloc_asprintf(mem_ctx, "<%s=%s>",
+ name, val.data);
+ } else {
+ p = talloc_asprintf_append(p, ";<%s=%s>",
+ name, val.data);
+ }
+
+ talloc_free(val.data);
+
+ if (!p) {
+ return NULL;
+ }
+ }
+
+ if (dn->ext_comp_num && *linearized) {
+ p = talloc_asprintf_append(p, ";%s", linearized);
+ }
+
+ if (!p) {
+ return NULL;
+ }
+
+ return p;
+}
+
+
+
char *ldb_dn_alloc_linearized(void *mem_ctx, struct ldb_dn *dn)
{
return talloc_strdup(mem_ctx, ldb_dn_get_linearized(dn));
}
/*
- casefold a dn. We need to casefold the attribute names, and canonicalize
+ casefold a dn. We need to casefold the attribute names, and canonicalize
attribute values of case insensitive attributes.
*/
if (dn->valid_case) return true;
- if (( ! dn->valid_comp) && ( ! ldb_dn_explode(dn))) {
+ if (( ! dn->components) && ( ! ldb_dn_explode(dn))) {
return false;
}
for (i = 0; i < dn->comp_num; i++) {
- struct ldb_dn_component dc;
- const struct ldb_attrib_handler *h;
+ const struct ldb_schema_attribute *a;
- memset(&dc, 0, sizeof(dc));
- dn->components[i].cf_name = ldb_attr_casefold(dn->components, dn->components[i].name);
+ dn->components[i].cf_name =
+ ldb_attr_casefold(dn->components,
+ dn->components[i].name);
if (!dn->components[i].cf_name) {
- return false;
+ goto failed;
}
- h = ldb_attrib_handler(dn->ldb, dn->components[i].cf_name);
- ret = h->canonicalise_fn(dn->ldb, dn->components,
- &(dn->components[i].value),
- &(dn->components[i].cf_value));
+ a = ldb_schema_attribute_by_name(dn->ldb,
+ dn->components[i].cf_name);
+
+ ret = a->syntax->canonicalise_fn(dn->ldb, dn->components,
+ &(dn->components[i].value),
+ &(dn->components[i].cf_value));
if (ret != 0) {
- return false;
+ goto failed;
}
}
+ dn->valid_case = true;
+
return true;
+
+failed:
+ for (i = 0; i < dn->comp_num; i++) {
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
+ return false;
}
const char *ldb_dn_get_casefold(struct ldb_dn *dn)
int i, len;
char *d, *n;
+ if (dn->casefold) return dn->casefold;
+
+ if (dn->special) {
+ dn->casefold = talloc_strdup(dn, dn->linearized);
+ if (!dn->casefold) return NULL;
+ dn->valid_case = true;
+ return dn->casefold;
+ }
+
if ( ! ldb_dn_casefold_internal(dn)) {
return NULL;
}
- if (dn->casefold) return dn->casefold;
-
if (dn->comp_num == 0) {
- if (dn->special) {
- len = strlen(dn->linearized);
- dn->casefold = talloc_array(dn, char, len * 3 + 1);
- if ( ! dn->casefold) return NULL;
- ldb_dn_escape_internal(dn->casefold, dn->linearized, len);
- /* don't waste more memory than necessary */
- dn->casefold = talloc_realloc(dn, dn->casefold, char, strlen(dn->casefold) + 1);
- } else {
- dn->casefold = talloc_strdup(dn, "");
- if ( ! dn->casefold) return NULL;
- }
- dn->valid_case = true;
+ dn->casefold = talloc_strdup(dn, "");
return dn->casefold;
}
/* calculate maximum possible length of DN */
for (len = 0, i = 0; i < dn->comp_num; i++) {
- len += strlen(dn->components[i].cf_name); /* name len */
- len += (dn->components[i].cf_value.length * 3); /* max escaped data len */
+ /* name len */
+ len += strlen(dn->components[i].cf_name);
+ /* max escaped data len */
+ len += (dn->components[i].cf_value.length * 3);
len += 2; /* '=' and ',' */
}
dn->casefold = talloc_array(dn, char, len);
}
*(--d) = '\0';
- dn->valid_case = true;
+ /* don't waste more memory than necessary */
+ dn->casefold = talloc_realloc(dn, dn->casefold,
+ char, strlen(dn->casefold) + 1);
return dn->casefold;
}
if ( ! dn || dn->invalid) return -1;
if (( ! base->valid_case) || ( ! dn->valid_case)) {
- if (base->valid_lin && dn->valid_lin) {
+ if (base->linearized && dn->linearized) {
/* try with a normal compare first, if we are lucky
* we will avoid exploding and casfolding */
int dif;
dif = strlen(dn->linearized) - strlen(base->linearized);
- if (dif < 0) return dif;
- if (strcmp(base->linearized, &dn->linearized[dif]) == 0) return 0;
+ if (dif < 0) {
+ return dif;
+ }
+ if (strcmp(base->linearized,
+ &dn->linearized[dif]) == 0) {
+ return 0;
+ }
}
if ( ! ldb_dn_casefold_internal(base)) {
if (dn->comp_num == 0) {
if (dn->special && base->special) {
return strcmp(base->linearized, dn->linearized);
+ } else if (dn->special) {
+ return -1;
+ } else if (base->special) {
+ return 1;
} else {
return 0;
}
n_dn = dn->comp_num - 1;
while (n_base >= 0) {
+ char *b_name = base->components[n_base].cf_name;
+ char *dn_name = dn->components[n_dn].cf_name;
+
+ char *b_vdata = (char *)base->components[n_base].cf_value.data;
+ char *dn_vdata = (char *)dn->components[n_dn].cf_value.data;
+
+ size_t b_vlen = base->components[n_base].cf_value.length;
+ size_t dn_vlen = dn->components[n_dn].cf_value.length;
+
/* compare attr names */
- ret = strcmp(base->components[n_base].cf_name, dn->components[n_dn].cf_name);
+ ret = strcmp(b_name, dn_name);
if (ret != 0) return ret;
- /* compare attr.cf_value. */
- if (base->components[n_base].cf_value.length != dn->components[n_dn].cf_value.length) {
- return base->components[n_base].cf_value.length - dn->components[n_dn].cf_value.length;
+ /* compare attr.cf_value. */
+ if (b_vlen != dn_vlen) {
+ return b_vlen - dn_vlen;
}
- ret = strcmp((char *)base->components[n_base].cf_value.data, (char *)dn->components[n_dn].cf_value.data);
+ ret = strcmp(b_vdata, dn_vdata);
if (ret != 0) return ret;
n_base--;
return 0;
}
-/* compare DNs using casefolding compare functions.
+/* compare DNs using casefolding compare functions.
If they match, then return 0
*/
{
int i, ret;
- if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) return -1;
+ if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
+ return -1;
+ }
if (( ! dn0->valid_case) || ( ! dn1->valid_case)) {
- if (dn0->valid_lin && dn1->valid_lin) {
+ if (dn0->linearized && dn1->linearized) {
/* try with a normal compare first, if we are lucky
* we will avoid exploding and casfolding */
- if (strcmp(dn0->linearized, dn1->linearized) == 0) return 0;
+ if (strcmp(dn0->linearized, dn1->linearized) == 0) {
+ return 0;
+ }
}
if ( ! ldb_dn_casefold_internal(dn0)) {
if (dn0->comp_num == 0) {
if (dn0->special && dn1->special) {
return strcmp(dn0->linearized, dn1->linearized);
+ } else if (dn0->special) {
+ return 1;
+ } else if (dn1->special) {
+ return -1;
} else {
return 0;
}
}
for (i = 0; i < dn0->comp_num; i++) {
+ char *dn0_name = dn0->components[i].cf_name;
+ char *dn1_name = dn1->components[i].cf_name;
+
+ char *dn0_vdata = (char *)dn0->components[i].cf_value.data;
+ char *dn1_vdata = (char *)dn1->components[i].cf_value.data;
+
+ size_t dn0_vlen = dn0->components[i].cf_value.length;
+ size_t dn1_vlen = dn1->components[i].cf_value.length;
+
/* compare attr names */
- ret = strcmp(dn0->components[i].cf_name, dn1->components[i].cf_name);
- if (ret != 0) return ret;
+ ret = strcmp(dn0_name, dn1_name);
+ if (ret != 0) {
+ return ret;
+ }
- /* compare attr.cf_value. */
- if (dn0->components[i].cf_value.length != dn1->components[i].cf_value.length) {
- return dn0->components[i].cf_value.length - dn1->components[i].cf_value.length;
+ /* compare attr.cf_value. */
+ if (dn0_vlen != dn1_vlen) {
+ return dn0_vlen - dn1_vlen;
+ }
+ ret = strcmp(dn0_vdata, dn1_vdata);
+ if (ret != 0) {
+ return ret;
}
- ret = strcmp((char *)dn0->components[i].cf_value.data, (char *)dn1->components[i].cf_value.data);
- if (ret != 0) return ret;
}
return 0;
}
-static struct ldb_dn_component ldb_dn_copy_component(void *mem_ctx, struct ldb_dn_component *src)
+static struct ldb_dn_component ldb_dn_copy_component(
+ void *mem_ctx,
+ struct ldb_dn_component *src)
{
struct ldb_dn_component dst;
dst.name = talloc_strdup(mem_ctx, src->name);
if (dst.name == NULL) {
LDB_FREE(dst.value.data);
+ return dst;
}
if (src->cf_value.data) {
return dst;
}
+static struct ldb_dn_ext_component ldb_dn_ext_copy_component(
+ void *mem_ctx,
+ struct ldb_dn_ext_component *src)
+{
+ struct ldb_dn_ext_component dst;
+
+ memset(&dst, 0, sizeof(dst));
+
+ if (src == NULL) {
+ return dst;
+ }
+
+ dst.value = ldb_val_dup(mem_ctx, &(src->value));
+ if (dst.value.data == NULL) {
+ return dst;
+ }
+
+ dst.name = talloc_strdup(mem_ctx, src->name);
+ if (dst.name == NULL) {
+ LDB_FREE(dst.value.data);
+ return dst;
+ }
+
+ return dst;
+}
+
struct ldb_dn *ldb_dn_copy(void *mem_ctx, struct ldb_dn *dn)
{
struct ldb_dn *new_dn;
*new_dn = *dn;
- if (dn->valid_comp) {
+ if (dn->components) {
int i;
- new_dn->components = talloc_zero_array(new_dn, struct ldb_dn_component, dn->comp_num);
+ new_dn->components =
+ talloc_zero_array(new_dn,
+ struct ldb_dn_component,
+ dn->comp_num);
if ( ! new_dn->components) {
talloc_free(new_dn);
return NULL;
}
for (i = 0; i < dn->comp_num; i++) {
- new_dn->components[i] = ldb_dn_copy_component(new_dn->components, &dn->components[i]);
+ new_dn->components[i] =
+ ldb_dn_copy_component(new_dn->components,
+ &dn->components[i]);
if ( ! new_dn->components[i].value.data) {
talloc_free(new_dn);
return NULL;
}
}
+ }
+
+ if (dn->ext_components) {
+ int i;
+
+ new_dn->ext_components =
+ talloc_zero_array(new_dn,
+ struct ldb_dn_ext_component,
+ dn->ext_comp_num);
+ if ( ! new_dn->ext_components) {
+ talloc_free(new_dn);
+ return NULL;
+ }
- if (dn->casefold) {
- new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
- if ( ! new_dn->casefold) {
+ for (i = 0; i < dn->ext_comp_num; i++) {
+ new_dn->ext_components[i] =
+ ldb_dn_ext_copy_component(
+ new_dn->ext_components,
+ &dn->ext_components[i]);
+ if ( ! new_dn->ext_components[i].value.data) {
talloc_free(new_dn);
return NULL;
}
}
}
- if (dn->valid_lin) {
+ if (dn->casefold) {
+ new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
+ if ( ! new_dn->casefold) {
+ talloc_free(new_dn);
+ return NULL;
+ }
+ }
+
+ if (dn->linearized) {
new_dn->linearized = talloc_strdup(new_dn, dn->linearized);
if ( ! new_dn->linearized) {
talloc_free(new_dn);
}
}
+ if (dn->ext_linearized) {
+ new_dn->ext_linearized = talloc_strdup(new_dn,
+ dn->ext_linearized);
+ if ( ! new_dn->ext_linearized) {
+ talloc_free(new_dn);
+ return NULL;
+ }
+ }
+
return new_dn;
}
return false;
}
- if (dn->valid_comp) {
+ if (dn->components) {
int i;
if ( ! ldb_dn_validate(base)) {
}
for (i = 0; i < base->comp_num; dn->comp_num++, i++) {
- dn->components[dn->comp_num] = ldb_dn_copy_component(dn->components, &base->components[i]);
+ dn->components[dn->comp_num] =
+ ldb_dn_copy_component(dn->components,
+ &base->components[i]);
if (dn->components[dn->comp_num].value.data == NULL) {
dn->invalid = true;
return false;
}
}
- if (s) {
- t = talloc_asprintf(dn, "%s,%s", dn->casefold, s);
+ if (dn->casefold && s) {
+ if (*dn->casefold) {
+ t = talloc_asprintf(dn, "%s,%s",
+ dn->casefold, s);
+ } else {
+ t = talloc_strdup(dn, s);
+ }
LDB_FREE(dn->casefold);
dn->casefold = t;
}
}
- if (dn->valid_lin) {
+ if (dn->linearized) {
s = ldb_dn_get_linearized(base);
if ( ! s) {
return false;
}
-
- t = talloc_asprintf(dn, "%s,%s", dn->linearized, s);
+
+ if (*dn->linearized) {
+ t = talloc_asprintf(dn, "%s,%s",
+ dn->linearized, s);
+ } else {
+ t = talloc_strdup(dn, s);
+ }
if ( ! t) {
dn->invalid = true;
return false;
dn->linearized = t;
}
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ if (dn->ext_linearized) {
+ LDB_FREE(dn->ext_linearized);
+ }
+
+ LDB_FREE(dn->ext_components);
+ dn->ext_comp_num = 0;
return true;
}
talloc_free(base_str);
return ret;
-}
+}
/* modify the given dn by adding children elements.
*
return false;
}
- if (dn->valid_comp) {
+ if (dn->components) {
int n, i, j;
if ( ! ldb_dn_validate(child)) {
dn->components[j] = dn->components[i];
}
- for (i = 0; i < child->comp_num; i++) {
- dn->components[i] = ldb_dn_copy_component(dn->components, &child->components[i]);
+ for (i = 0; i < child->comp_num; i++) {
+ dn->components[i] =
+ ldb_dn_copy_component(dn->components,
+ &child->components[i]);
if (dn->components[i].value.data == NULL) {
dn->invalid = true;
return false;
dn->comp_num = n;
- if (s) {
+ if (dn->casefold && s) {
t = talloc_asprintf(dn, "%s,%s", s, dn->casefold);
LDB_FREE(dn->casefold);
dn->casefold = t;
}
}
- if (dn->valid_lin) {
+ if (dn->linearized) {
s = ldb_dn_get_linearized(child);
if ( ! s) {
return false;
}
-
+
t = talloc_asprintf(dn, "%s,%s", s, dn->linearized);
if ( ! t) {
dn->invalid = true;
dn->linearized = t;
}
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ LDB_FREE(dn->ext_linearized);
+
+ LDB_FREE(dn->ext_components);
+ dn->ext_comp_num = 0;
+
return true;
}
bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num)
{
+ int i;
+
if ( ! ldb_dn_validate(dn)) {
return false;
}
return false;
}
- dn->comp_num -= num;
+ /* free components */
+ for (i = num; i > 0; i--) {
+ LDB_FREE(dn->components[dn->comp_num - i].name);
+ LDB_FREE(dn->components[dn->comp_num - i].value.data);
+ LDB_FREE(dn->components[dn->comp_num - i].cf_name);
+ LDB_FREE(dn->components[dn->comp_num - i].cf_value.data);
+ }
- dn->valid_case = false;
+ dn->comp_num -= num;
- if (dn->valid_lin) {
- dn->valid_lin = false;
- LDB_FREE(dn->linearized);
+ if (dn->valid_case) {
+ for (i = 0; i < dn->comp_num; i++) {
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
+ dn->valid_case = false;
}
+ LDB_FREE(dn->casefold);
+ LDB_FREE(dn->linearized);
+
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ LDB_FREE(dn->ext_linearized);
+
+ LDB_FREE(dn->ext_components);
+ dn->ext_comp_num = 0;
+
return true;
}
}
for (i = 0, j = num; j < dn->comp_num; i++, j++) {
+ if (i < num) {
+ LDB_FREE(dn->components[i].name);
+ LDB_FREE(dn->components[i].value.data);
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
dn->components[i] = dn->components[j];
}
dn->comp_num -= num;
- dn->valid_case = false;
-
- if (dn->valid_lin) {
- dn->valid_lin = false;
- LDB_FREE(dn->linearized);
+ if (dn->valid_case) {
+ for (i = 0; i < dn->comp_num; i++) {
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
+ dn->valid_case = false;
}
+ LDB_FREE(dn->casefold);
+ LDB_FREE(dn->linearized);
+
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ LDB_FREE(dn->ext_linearized);
+
+ LDB_FREE(dn->ext_components);
+ dn->ext_comp_num = 0;
return true;
}
return NULL;
}
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ LDB_FREE(dn->ext_linearized);
+
+ LDB_FREE(dn->ext_components);
+ dn->ext_comp_num = 0;
return new_dn;
}
ie dc=samba,dc=org -> samba.org/
uid=administrator,ou=users,dc=samba,dc=org = samba.org/users/administrator
- There are two formats, the EX format has the last / replaced with a newline (\n).
+ There are two formats,
+ the EX format has the last '/' replaced with a newline (\n).
*/
static char *ldb_dn_canonical(void *mem_ctx, struct ldb_dn *dn, int ex_format) {
int i;
+ TALLOC_CTX *tmpctx;
char *cracked = NULL;
-
+ const char *format = (ex_format ? "\n" : "/" );
+
if ( ! ldb_dn_validate(dn)) {
return NULL;
}
+
+ tmpctx = talloc_new(mem_ctx);
+
/* Walk backwards down the DN, grabbing 'dc' components at first */
for (i = dn->comp_num - 1 ; i >= 0; i--) {
if (ldb_attr_cmp(dn->components[i].name, "dc") != 0) {
break;
}
if (cracked) {
- cracked = talloc_asprintf(mem_ctx, "%s.%s",
- ldb_dn_escape_value(mem_ctx, dn->components[i].value),
+ cracked = talloc_asprintf(tmpctx, "%s.%s",
+ ldb_dn_escape_value(tmpctx,
+ dn->components[i].value),
cracked);
} else {
- cracked = ldb_dn_escape_value(mem_ctx, dn->components[i].value);
+ cracked = ldb_dn_escape_value(tmpctx,
+ dn->components[i].value);
}
if (!cracked) {
- return NULL;
+ goto done;
}
}
/* Only domain components? Finish here */
if (i < 0) {
- if (ex_format) {
- cracked = talloc_asprintf(mem_ctx, "%s\n", cracked);
- } else {
- cracked = talloc_asprintf(mem_ctx, "%s/", cracked);
- }
- return cracked;
+ cracked = talloc_strdup_append_buffer(cracked, format);
+ talloc_steal(mem_ctx, cracked);
+ goto done;
}
/* Now walk backwards appending remaining components */
for (; i > 0; i--) {
- cracked = talloc_asprintf(mem_ctx, "%s/%s", cracked,
- ldb_dn_escape_value(mem_ctx, dn->components[i].value));
+ cracked = talloc_asprintf_append_buffer(cracked, "/%s",
+ ldb_dn_escape_value(tmpctx,
+ dn->components[i].value));
if (!cracked) {
- return NULL;
+ goto done;
}
}
/* Last one, possibly a newline for the 'ex' format */
- if (ex_format) {
- cracked = talloc_asprintf(mem_ctx, "%s\n%s", cracked,
- ldb_dn_escape_value(mem_ctx, dn->components[i].value));
- } else {
- cracked = talloc_asprintf(mem_ctx, "%s/%s", cracked,
- ldb_dn_escape_value(mem_ctx, dn->components[i].value));
- }
+ cracked = talloc_asprintf_append_buffer(cracked, "%s%s", format,
+ ldb_dn_escape_value(tmpctx,
+ dn->components[i].value));
+
+ talloc_steal(mem_ctx, cracked);
+done:
+ talloc_free(tmpctx);
return cracked;
}
return dn->components[num].name;
}
-const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn, unsigned int num)
+const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn,
+ unsigned int num)
{
if ( ! ldb_dn_validate(dn)) {
return NULL;
return &dn->components[0].value;
}
-int ldb_dn_set_component(struct ldb_dn *dn, int num, const char *name, const struct ldb_val val)
+int ldb_dn_set_component(struct ldb_dn *dn, int num,
+ const char *name, const struct ldb_val val)
{
char *n;
struct ldb_val v;
v.length = val.length;
v.data = (uint8_t *)talloc_memdup(dn, val.data, v.length+1);
if ( ! v.data) {
+ talloc_free(n);
return LDB_ERR_OTHER;
}
dn->components[num].name = n;
dn->components[num].value = v;
- if (dn->valid_case) dn->valid_case = false;
- if (dn->casefold) LDB_FREE(dn->casefold);
+ if (dn->valid_case) {
+ int i;
+ for (i = 0; i < dn->comp_num; i++) {
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
+ dn->valid_case = false;
+ }
+ LDB_FREE(dn->casefold);
+ LDB_FREE(dn->linearized);
+
+ /* Wipe the ext_linearized DN,
+ * the GUID and SID are almost certainly no longer valid */
+ LDB_FREE(dn->ext_linearized);
+ dn->ext_comp_num = 0;
+ LDB_FREE(dn->ext_components);
return LDB_SUCCESS;
}
+const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn,
+ const char *name)
+{
+ int i;
+ if ( ! ldb_dn_validate(dn)) {
+ return NULL;
+ }
+ for (i=0; i < dn->ext_comp_num; i++) {
+ if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
+ return &dn->ext_components[i].value;
+ }
+ }
+ return NULL;
+}
+
+int ldb_dn_set_extended_component(struct ldb_dn *dn,
+ const char *name, const struct ldb_val *val)
+{
+ struct ldb_dn_ext_component *p;
+ int i;
+
+ if ( ! ldb_dn_validate(dn)) {
+ return LDB_ERR_OTHER;
+ }
+
+ for (i=0; i < dn->ext_comp_num; i++) {
+ if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
+ if (val) {
+ dn->ext_components[i].value =
+ ldb_val_dup(dn->ext_components, val);
+
+ dn->ext_components[i].name =
+ talloc_strdup(dn->ext_components, name);
+ if (!dn->ext_components[i].name ||
+ !dn->ext_components[i].value.data) {
+ dn->invalid = true;
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ } else {
+ if (i != (dn->ext_comp_num - 1)) {
+ memmove(&dn->ext_components[i],
+ &dn->ext_components[i+1],
+ ((dn->ext_comp_num-1) - i) *
+ sizeof(*dn->ext_components));
+ }
+ dn->ext_comp_num--;
+
+ dn->ext_components = talloc_realloc(dn,
+ dn->ext_components,
+ struct ldb_dn_ext_component,
+ dn->ext_comp_num);
+ if (!dn->ext_components) {
+ dn->invalid = true;
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ return LDB_SUCCESS;
+ }
+ }
+ }
+
+ p = dn->ext_components
+ = talloc_realloc(dn,
+ dn->ext_components,
+ struct ldb_dn_ext_component,
+ dn->ext_comp_num + 1);
+ if (!dn->ext_components) {
+ dn->invalid = true;
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ p[dn->ext_comp_num].value = ldb_val_dup(dn->ext_components, val);
+ p[dn->ext_comp_num].name = talloc_strdup(p, name);
+
+ if (!dn->ext_components[i].name || !dn->ext_components[i].value.data) {
+ dn->invalid = true;
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ dn->ext_components = p;
+ dn->ext_comp_num++;
+
+ return LDB_SUCCESS;
+}
+
+void ldb_dn_remove_extended_components(struct ldb_dn *dn)
+{
+ dn->ext_comp_num = 0;
+ LDB_FREE(dn->ext_components);
+}
+
bool ldb_dn_is_valid(struct ldb_dn *dn)
{
if ( ! dn) return false;
return dn->special;
}
+bool ldb_dn_has_extended(struct ldb_dn *dn)
+{
+ if ( ! dn || dn->invalid) return false;
+ if (dn->ext_linearized && (dn->ext_linearized[0] == '<')) return true;
+ return dn->ext_comp_num != 0;
+}
+
bool ldb_dn_check_special(struct ldb_dn *dn, const char *check)
{
if ( ! dn || dn->invalid) return false;
bool ldb_dn_is_null(struct ldb_dn *dn)
{
if ( ! dn || dn->invalid) return false;
- if (dn->special) return false;
- if (dn->valid_comp) {
- if (dn->comp_num == 0) return true;
- return false;
- } else {
- if (dn->linearized[0] == '\0') return true;
- }
+ if (ldb_dn_has_extended(dn)) return false;
+ if (dn->linearized && (dn->linearized[0] == '\0')) return true;
return false;
}