Merge branch 'master' of git://git.samba.org/samba
authorNadezhda Ivanova <nadezhda.ivanova@postpath.com>
Tue, 22 Sep 2009 00:29:28 +0000 (17:29 -0700)
committerNadezhda Ivanova <nadezhda.ivanova@postpath.com>
Tue, 22 Sep 2009 00:29:28 +0000 (17:29 -0700)
14 files changed:
source4/dsdb/common/util.c
source4/dsdb/samdb/ldb_modules/descriptor.c
source4/dsdb/samdb/ldb_modules/rootdse.c
source4/dsdb/schema/schema_init.c
source4/lib/ldb/common/ldb.c
source4/lib/ldb/common/ldb_debug.c
source4/lib/ldb/common/ldb_dn.c
source4/lib/ldb/common/ldb_ldif.c
source4/lib/ldb/common/ldb_modules.c
source4/lib/ldb/include/ldb.h
source4/lib/ldb/tools/cmdline.c
source4/lib/ldb/tools/cmdline.h
source4/lib/ldb_wrap.c
source4/torture/ldb/ldb.c

index 1fe5979c694860fafe6f4bb42a918cdcaf8f8348..126f9fa8292ba44fbac0710a4b7443fe250e8c62 100644 (file)
@@ -1454,7 +1454,7 @@ bool samdb_is_capable_dc(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
                samdb_base_dn(ldb), "nTMixedDomain", NULL);
 
        if (errmsg != NULL)
-               *errmsg = talloc_asprintf(mem_ctx, "");
+               *errmsg = talloc_strdup(mem_ctx, "");
 
        if (level_forest == -1 || level_domain == -1 || level_domain_mixed == -1) {
                ret = false;
index 7b5b700916dc899229a57b02146d495ae29805c1..b0a5467bb7202ef0462bfc69f1dbc12439e8d903 100644 (file)
@@ -43,7 +43,6 @@
 #include "param/param.h"
 
 struct descriptor_data {
-       bool inherit;
 };
 
 struct descriptor_context {
@@ -405,9 +404,6 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
        data = talloc_get_type(ldb_module_get_private(module), struct descriptor_data);
        ldb = ldb_module_get_ctx(module);
 
-       if (!data->inherit)
-               return ldb_next_request(module, req);
-
        ldb_debug(ldb, LDB_DEBUG_TRACE, "descriptor_add\n");
 
        if (ldb_dn_is_special(req->op.add.message->dn)) {
@@ -473,8 +469,6 @@ static int descriptor_init(struct ldb_module *module)
                return LDB_ERR_OPERATIONS_ERROR;
        }
 
-       data->inherit = lp_parm_bool(ldb_get_opaque(ldb, "loadparm"),
-                                 NULL, "acl", "inheritance", false);
        ldb_module_set_private(module, data);
        return ldb_next_init(module);
 }
index 59ea51dbce5d8a9e0a97fd6d4833d03ec92a62ce..a8e08ec3ad58638d79aa28d264377dd9e9e396c0 100644 (file)
@@ -50,16 +50,129 @@ static int do_attribute_explicit(const char * const *attrs, const char *name)
 }
 
 
+/*
+  expand a DN attribute to include extended DN information if requested
+ */
+static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *msg,
+                               const char *attrname, struct ldb_control *edn_control,
+                               struct ldb_request *req)
+{
+       struct ldb_dn *dn, *dn2;
+       struct ldb_val *v;
+       int ret;
+       struct ldb_request *req2;
+       char *dn_string;
+       const char *no_attrs[] = { NULL };
+       struct ldb_result *res;
+       struct ldb_extended_dn_control *edn;
+       TALLOC_CTX *tmp_ctx = talloc_new(req);
+       struct ldb_context *ldb;
+       int edn_type = 0;
+
+       ldb = ldb_module_get_ctx(module);
+
+       edn = talloc_get_type(edn_control->data, struct ldb_extended_dn_control);
+       if (edn) {
+               edn_type = edn->type;
+       }
+
+       v = discard_const_p(struct ldb_val, ldb_msg_find_ldb_val(msg, attrname));
+       if (v == NULL) {
+               talloc_free(tmp_ctx);
+               return 0;
+       }
+
+       dn_string = talloc_strndup(tmp_ctx, (const char *)v->data, v->length);
+       if (dn_string == NULL) {
+               talloc_free(tmp_ctx);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
+       res = talloc_zero(tmp_ctx, struct ldb_result);
+       if (res == NULL) {
+               talloc_free(tmp_ctx);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
+       dn = ldb_dn_new(tmp_ctx, ldb, dn_string);
+       if (!ldb_dn_validate(dn)) {
+               talloc_free(tmp_ctx);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
+       ret = ldb_build_search_req(&req2, ldb, tmp_ctx,
+                                  dn,
+                                  LDB_SCOPE_BASE,
+                                  NULL,
+                                  no_attrs,
+                                  NULL,
+                                  res, ldb_search_default_callback,
+                                  req);
+       if (ret != LDB_SUCCESS) {
+               talloc_free(tmp_ctx);
+               return ret;
+       }
+
+
+       ret = ldb_request_add_control(req2,
+                                     LDB_CONTROL_EXTENDED_DN_OID,
+                                     edn_control->critical, edn);
+       if (ret != LDB_SUCCESS) {
+               talloc_free(tmp_ctx);
+               return ret;
+       }
+
+       ret = ldb_next_request(module, req2);
+       if (ret == LDB_SUCCESS) {
+               ret = ldb_wait(req2->handle, LDB_WAIT_ALL);
+       }
+       if (ret != LDB_SUCCESS) {
+               talloc_free(tmp_ctx);
+               return ret;
+       }
+
+       if (!res || res->count != 1) {
+               talloc_free(tmp_ctx);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
+       dn2 = res->msgs[0]->dn;
+
+       v->data = (uint8_t *)ldb_dn_get_extended_linearized(msg->elements, dn2, edn_type);
+       v->length = strlen((char *)v->data);
+
+       if (v->data == NULL) {
+               talloc_free(tmp_ctx);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
+       talloc_free(tmp_ctx);
+
+       return 0;
+}      
+                       
+
 /*
   add dynamically generated attributes to rootDSE result
 */
-static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *msg, const char * const *attrs)
+static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *msg, 
+                              const char * const *attrs, struct ldb_request *req)
 {
        struct ldb_context *ldb;
        struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
        char **server_sasl;
        const struct dsdb_schema *schema;
        int *val;
+       struct ldb_control *edn_control;
+       const char *dn_attrs[] = {
+               "configurationNamingContext",
+               "defaultNamingContext",
+               "dsServiceName",
+               "rootDomainNamingContext",
+               "schemaNamingContext",
+               "serverName",
+               NULL
+       };
 
        ldb = ldb_module_get_ctx(module);
        schema = dsdb_get_schema(ldb);
@@ -233,6 +346,26 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms
                }
        }
 
+       edn_control = ldb_request_get_control(req, LDB_CONTROL_EXTENDED_DN_OID);
+
+       /* if the client sent us the EXTENDED_DN control then we need
+          to expand the DNs to have GUID and SID. W2K8 join relies on
+          this */
+       if (edn_control) {
+               int i, ret;
+               for (i=0; dn_attrs[i]; i++) {
+                       if (!do_attribute(attrs, dn_attrs[i])) continue;
+                       ret = expand_dn_in_message(module, msg, dn_attrs[i],
+                                                  edn_control, req);
+                       if (ret != LDB_SUCCESS) {
+                               DEBUG(0,(__location__ ": Failed to expand DN in rootDSE for %s\n",
+                                        dn_attrs[i]));
+                               goto failed;
+                       }
+               }
+       }
+
+
        /* TODO: lots more dynamic attributes should be added here */
 
        return LDB_SUCCESS;
@@ -301,7 +434,7 @@ static int rootdse_callback(struct ldb_request *req, struct ldb_reply *ares)
                /* for each record returned post-process to add any dynamic
                   attributes that have been asked for */
                ret = rootdse_add_dynamic(ac->module, ares->message,
-                                         ac->req->op.search.attrs);
+                                         ac->req->op.search.attrs, ac->req);
                if (ret != LDB_SUCCESS) {
                        talloc_free(ares);
                        return ldb_module_done(ac->req, NULL, NULL, ret);
index 9f7d96715867f3eacd840412f5d019636b2339bc..fa1953a14fd9969ce6dfd75d1baa2106995c8e72 100644 (file)
@@ -1028,6 +1028,7 @@ int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
                "fSMORoleOwner",
                NULL
        };
+       unsigned flags;
 
        tmp_ctx = talloc_new(mem_ctx);
        if (!tmp_ctx) {
@@ -1035,27 +1036,28 @@ int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
                return LDB_ERR_OPERATIONS_ERROR;
        }
 
+       /* we don't want to trace the schema load */
+       flags = ldb_get_flags(ldb);
+       ldb_set_flags(ldb, flags & ~LDB_FLG_ENABLE_TRACING);
+
        /*
         * setup the prefix mappings and schema info
         */
        ret = ldb_search(ldb, tmp_ctx, &schema_res,
                         schema_dn, LDB_SCOPE_BASE, schema_attrs, NULL);
        if (ret == LDB_ERR_NO_SUCH_OBJECT) {
-               talloc_free(tmp_ctx);
-               return ret;
+               goto failed;
        } else if (ret != LDB_SUCCESS) {
                *error_string_out = talloc_asprintf(mem_ctx, 
                                       "dsdb_schema: failed to search the schema head: %s",
                                       ldb_errstring(ldb));
-               talloc_free(tmp_ctx);
-               return ret;
+               goto failed;
        }
        if (schema_res->count != 1) {
                *error_string_out = talloc_asprintf(mem_ctx, 
                              "dsdb_schema: [%u] schema heads found on a base search",
                              schema_res->count);
-               talloc_free(tmp_ctx);
-               return LDB_ERR_CONSTRAINT_VIOLATION;
+               goto failed;
        }
 
        /*
@@ -1068,8 +1070,7 @@ int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
                *error_string_out = talloc_asprintf(mem_ctx, 
                                       "dsdb_schema: failed to search attributeSchema objects: %s",
                                       ldb_errstring(ldb));
-               talloc_free(tmp_ctx);
-               return ret;
+               goto failed;
        }
 
        /*
@@ -1082,8 +1083,7 @@ int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
                *error_string_out = talloc_asprintf(mem_ctx, 
                                       "dsdb_schema: failed to search attributeSchema objects: %s",
                                       ldb_errstring(ldb));
-               talloc_free(tmp_ctx);
-               return ret;
+               goto failed;
        }
 
        ret = dsdb_schema_from_ldb_results(tmp_ctx, ldb,
@@ -1093,13 +1093,25 @@ int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
                *error_string_out = talloc_asprintf(mem_ctx, 
                                                    "dsdb_schema load failed: %s",
                                                    error_string);
-               talloc_free(tmp_ctx);
-               return ret;
+               goto failed;
        }
        talloc_steal(mem_ctx, *schema);
        talloc_free(tmp_ctx);
 
+       if (flags & LDB_FLG_ENABLE_TRACING) {
+               flags = ldb_get_flags(ldb);
+               ldb_set_flags(ldb, flags | LDB_FLG_ENABLE_TRACING);
+       }
+
        return LDB_SUCCESS;
+
+failed:
+       if (flags & LDB_FLG_ENABLE_TRACING) {
+               flags = ldb_get_flags(ldb);
+               ldb_set_flags(ldb, flags | LDB_FLG_ENABLE_TRACING);
+       }
+       talloc_free(tmp_ctx);
+       return ret;
 }      
 
 
index b75d837674c3c1f9bd362422632732a7c3818523..02298c1dfff5010366a49297e5f82b4ce13fd0f4 100644 (file)
@@ -622,6 +622,94 @@ int ldb_request_get_status(struct ldb_request *req)
        return req->handle->status;
 }
 
+
+/*
+  trace a ldb request
+*/
+static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
+{
+       TALLOC_CTX *tmp_ctx = talloc_new(req);
+       int i;
+
+       switch (req->operation) {
+       case LDB_SEARCH:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: SEARCH");
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " dn: %s",
+                         ldb_dn_get_linearized(req->op.search.base));
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " scope: %s", 
+                         req->op.search.scope==LDB_SCOPE_BASE?"base":
+                         req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
+                         req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " expr: %s", 
+                         ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
+               if (req->op.search.attrs == NULL) {
+                       ldb_debug(ldb, LDB_DEBUG_TRACE, " attr: <ALL>");
+               } else {
+                       for (i=0; req->op.search.attrs[i]; i++) {
+                               ldb_debug(ldb, LDB_DEBUG_TRACE, " attr: %s", req->op.search.attrs[i]);
+                       }
+               }
+               break;
+       case LDB_DELETE:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: DELETE");
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " dn: %s", 
+                         ldb_dn_get_linearized(req->op.del.dn));
+               break;
+       case LDB_RENAME:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: RENAME");
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " olddn: %s", 
+                         ldb_dn_get_linearized(req->op.rename.olddn));
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " newdn: %s", 
+                         ldb_dn_get_linearized(req->op.rename.newdn));
+               break;
+       case LDB_EXTENDED:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: EXTENDED");
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " oid: %s", req->op.extended.oid);
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " data: %s", req->op.extended.data?"yes":"no");
+               break;
+       case LDB_ADD:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: ADD");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "%s", 
+                         ldb_ldif_message_string(req->handle->ldb, tmp_ctx, 
+                                                 LDB_CHANGETYPE_ADD, req->op.add.message));
+               break;
+       case LDB_MODIFY:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: MODIFY");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "%s", 
+                         ldb_ldif_message_string(req->handle->ldb, tmp_ctx, 
+                                                 LDB_CHANGETYPE_ADD, req->op.mod.message));
+               break;
+       case LDB_REQ_REGISTER_CONTROL:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: REGISTER_CONTROL");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "%s", 
+                         req->op.reg_control.oid);
+               break;
+       case LDB_REQ_REGISTER_PARTITION:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: REGISTER_PARTITION");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "%s", 
+                         ldb_dn_get_linearized(req->op.reg_partition.dn));
+               break;
+       default:
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: UNKNOWN(%u)", 
+                         req->operation);
+               break;
+       }
+
+       if (req->controls == NULL) {
+               ldb_debug(ldb, LDB_DEBUG_TRACE, " control: <NONE>");
+       } else {
+               for (i=0; req->controls && req->controls[i]; i++) {
+                       ldb_debug(ldb, LDB_DEBUG_TRACE, " control: %s  crit:%u  data:%s", 
+                                 req->controls[i]->oid, 
+                                 req->controls[i]->critical, 
+                                 req->controls[i]->data?"yes":"no");
+               }
+       }
+
+       talloc_free(tmp_ctx);
+}
+
+
 /*
   start an ldb request
   NOTE: the request must be a talloc context.
@@ -639,6 +727,10 @@ int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
 
        ldb_reset_err_string(ldb);
 
+       if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
+               ldb_trace_request(ldb, req);
+       }
+
        /* call the first module in the chain */
        switch (req->operation) {
        case LDB_SEARCH:
@@ -1509,3 +1601,9 @@ unsigned int ldb_get_flags(struct ldb_context *ldb)
 {
        return ldb->flags;
 }
+
+/* set the ldb flags */
+void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
+{
+       ldb->flags = flags;
+}
index 7680862c2cd9485ba1470b8b71e27e54adc91f99..4612b016f6b68a03ad7889c482cfc625984021ab 100644 (file)
@@ -60,6 +60,15 @@ static void ldb_debug_stderr(void *context, enum ldb_debug_level level,
        }
 }
 
+static void ldb_debug_stderr_all(void *context, enum ldb_debug_level level, 
+                            const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
+static void ldb_debug_stderr_all(void *context, enum ldb_debug_level level, 
+                            const char *fmt, va_list ap)
+{
+       vfprintf(stderr, fmt, ap);
+       fprintf(stderr, "\n");
+}
+
 /*
   convenience function to setup debug messages on stderr
   messages of level LDB_DEBUG_WARNING and higher are printed
@@ -76,7 +85,11 @@ void ldb_debug(struct ldb_context *ldb, enum ldb_debug_level level, const char *
 {
        va_list ap;
        if (ldb->debug_ops.debug == NULL) {
-               ldb_set_debug_stderr(ldb);
+               if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
+                       ldb_set_debug(ldb, ldb_debug_stderr_all, ldb);
+               } else {
+                       ldb_set_debug_stderr(ldb);
+               }
        }
        va_start(ap, fmt);
        ldb->debug_ops.debug(ldb->debug_ops.context, level, fmt, ap);
index d905f47040b4e42dfce4214bf87903acbc49d323..af00ef96f3035c5a4485e6abdcf6ff158fcafe98 100644 (file)
@@ -103,6 +103,11 @@ struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx,
                dn->ext_linearized = talloc_strndup(dn, data, length);
                LDB_DN_NULL_FAILED(dn->ext_linearized);
 
+               if (strlen(data) != length) {
+                       /* The RDN must not contain a character with value 0x0 */
+                       return NULL;
+               }
+
                if (data[0] == '<') {
                        const char *p_save, *p = dn->ext_linearized;
                        do {
@@ -231,6 +236,9 @@ char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value)
 /*
   explode a DN string into a ldb_dn structure
   based on RFC4514 except that we don't support multiple valued RDNs
+
+  TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
+  DN must be compliant with RFC2253
 */
 static bool ldb_dn_explode(struct ldb_dn *dn)
 {
@@ -264,6 +272,11 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
                return false;
        }
 
+       /* The RDN size must be less than 255 characters */
+       if (strlen(parse_dn) > 255) {
+               return false;
+       }
+
        /* Empty DNs */
        if (parse_dn[0] == '\0') {
                return true;
index cde21320a2dd353475ecebf86c2cd652f12ccce1..b7ab7300b2508347005e5e14231321507a64c2c2 100644 (file)
@@ -783,7 +783,7 @@ static int ldif_printf_string(void *private_data, const char *fmt, ...)
        struct ldif_write_string_state *state =
                (struct ldif_write_string_state *)private_data;
        va_list ap;
-       size_t oldlen = strlen(state->string);
+       size_t oldlen = talloc_get_size(state->string);
        va_start(ap, fmt);
        
        state->string = talloc_vasprintf_append(state->string, fmt, ap);
@@ -791,8 +791,8 @@ static int ldif_printf_string(void *private_data, const char *fmt, ...)
        if (!state->string) {
                return -1;
        }
-               
-       return strlen(state->string) - oldlen;
+
+       return talloc_get_size(state->string) - oldlen;
 }
 
 char *ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, 
index 206b225ca83be6595fd9c9df88a6c97de2eec391..c57d0e407d22772cc1ec4090374c892583eb0f36 100644 (file)
@@ -672,6 +672,14 @@ int ldb_module_send_entry(struct ldb_request *req,
        ares->controls = talloc_steal(ares, ctrls);
        ares->error = LDB_SUCCESS;
 
+       if (req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) {
+               char *s;
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "ldb_trace_response: ENTRY");
+               s = ldb_ldif_message_string(req->handle->ldb, msg, LDB_CHANGETYPE_NONE, msg);
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "%s", s);
+               talloc_free(s);                   
+       }
+
        return req->callback(req, ares);
 }
 
@@ -697,6 +705,11 @@ int ldb_module_send_referral(struct ldb_request *req,
        ares->referral = talloc_steal(ares, ref);
        ares->error = LDB_SUCCESS;
 
+       if (req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) {
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "ldb_trace_response: REFERRAL");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "ref: %s", ref);
+       }
+
        return req->callback(req, ares);
 }
 
@@ -729,6 +742,15 @@ int ldb_module_done(struct ldb_request *req,
 
        req->handle->flags |= LDB_HANDLE_FLAG_DONE_CALLED;
 
+       if (req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) {
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "ldb_trace_response: DONE");
+               ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "error: %u", error);
+               if (ldb_errstring(req->handle->ldb)) {
+                       ldb_debug(req->handle->ldb, LDB_DEBUG_TRACE, "msg: %s", 
+                                 ldb_errstring(req->handle->ldb));
+               }
+       }
+
        req->callback(req, ares);
        return error;
 }
index 047e66c8b768a87d656595b3cd3934e460ae4a5a..0378697f4b086635656b34c17a12969a2cc9e6bf 100644 (file)
@@ -246,6 +246,11 @@ struct ldb_utf8_fns {
 */
 #define LDB_FLG_SHOW_BINARY 16
 
+/**
+   Flags to enable ldb tracing
+*/
+#define LDB_FLG_ENABLE_TRACING 32
+
 /*
    structures for ldb_parse_tree handling code
 */
@@ -1914,4 +1919,8 @@ struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, TALLOC_C
 */
 unsigned int ldb_get_flags(struct ldb_context *ldb);
 
+/* set the ldb flags */
+void ldb_set_flags(struct ldb_context *ldb, unsigned flags);
+
+
 #endif
index 8541106060c3de0af61ab719fc3d624346e9240d..73bf2a93a758792aef1f87a2546d173bdd29de3e 100644 (file)
@@ -44,6 +44,7 @@ static struct poptOption popt_options[] = {
        { "editor",    'e', POPT_ARG_STRING, &options.editor, 0, "external editor", "PROGRAM" },
        { "scope",     's', POPT_ARG_STRING, NULL, 's', "search scope", "SCOPE" },
        { "verbose",   'v', POPT_ARG_NONE, NULL, 'v', "increase verbosity", NULL },
+       { "trace",     0,   POPT_ARG_NONE, &options.tracing, 0, "enable tracing", NULL },
        { "interactive", 'i', POPT_ARG_NONE, &options.interactive, 0, "input from stdin", NULL },
        { "recursive", 'r', POPT_ARG_NONE, &options.recursive, 0, "recursive delete", NULL },
        { "modules-path", 0, POPT_ARG_STRING, &options.modules_path, 0, "modules path", "PATH" },
@@ -220,6 +221,10 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb,
                flags |= LDB_FLG_SHOW_BINARY;
        }
 
+       if (options.tracing) {
+               flags |= LDB_FLG_ENABLE_TRACING;
+       }
+
 #if (_SAMBA_BUILD_ >= 4)
        /* Must be after we have processed command line options */
        gensec_init(cmdline_lp_ctx); 
index 9f728fba0bd77e1015f740dd5447c9a748f3288d..28061a5a7d6d2206bf2d508d839500549768dada 100644 (file)
@@ -45,6 +45,7 @@ struct ldb_cmdline {
        const char *output;
        char **controls;
        int show_binary;
+       int tracing;
 };
 
 struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv,
index 15cf11f942db3735a193ddd9706d69bb58881ff3..74502afde283684c9c8282b9853b711dd8c16205 100644 (file)
@@ -169,6 +169,10 @@ struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx,
                flags |= LDB_FLG_NOSYNC;
        }
 
+       if (DEBUGLVL(10)) {
+               flags |= LDB_FLG_ENABLE_TRACING;
+       }
+
        /* we usually want Samba databases to be private. If we later
           find we need one public, we will need to add a parameter to
           ldb_wrap_connect() */
index d9036dd672f6ee034e5646de2ae2dc6e0251ebd2..64ed669fc18352ec5d4e2d0cb08d13290ad77902 100644 (file)
@@ -587,6 +587,7 @@ static bool torture_ldb_dn(struct torture_context *torture)
        struct ldb_dn *dn;
        struct ldb_dn *child_dn;
        struct ldb_dn *typo_dn;
+       struct ldb_val val;
 
        torture_assert(torture, 
                       ldb = ldb_init(mem_ctx, torture->ev),
@@ -655,6 +656,34 @@ static bool torture_ldb_dn(struct torture_context *torture)
                       ldb_dn_compare_base(dn, typo_dn) != 0,
                       "Base Comparison on dc=samba,dc=org and c=samba,dc=org should != 0");
 
+       /* Check DN based on MS-ADTS:3.1.1.5.1.2 Naming Constraints*/
+       torture_assert(torture,
+                      dn = ldb_dn_new(mem_ctx, ldb, "CN=New\nLine,DC=SAMBA,DC=org"),
+                      "Failed to create a DN with 0xA in it");
+
+       torture_assert(torture,
+                      ldb_dn_validate(dn) == false,
+                      "should have failed to validate a DN with 0xA in it");
+
+       val.data = "CN=Zer\0,DC=SAMBA,DC=org";
+       val.length = 23;
+       torture_assert(torture,
+                      NULL == ldb_dn_from_ldb_val(mem_ctx, ldb, &val),
+                      "should fail to create a DN with 0x0 in it");
+
+       torture_assert(torture,
+                      dn = ldb_dn_new(mem_ctx, ldb, "CN=loooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo"
+"ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooongdn,DC=SAMBA,DC=org"),
+                      "Failed to create a DN with size more than 255 characters");
+
+       torture_assert(torture,
+                      ldb_dn_validate(dn) == false,
+                      "should have failed to validate DN with size more than 255 characters");
+
        talloc_free(mem_ctx);
        return true;
 }