2 Unix SMB/CIFS mplementation.
3 LDAP protocol helper functions for SAMBA
5 Copyright (C) Simo Sorce 2005
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "system/iconv.h"
25 #include "libcli/util/asn_1.h"
26 #include "libcli/ldap/ldap.h"
27 #include "lib/ldb/include/ldb.h"
29 struct control_handler {
31 BOOL (*decode)(void *mem_ctx, DATA_BLOB in, void **out);
32 BOOL (*encode)(void *mem_ctx, void *in, DATA_BLOB *out);
35 static BOOL decode_server_sort_response(void *mem_ctx, DATA_BLOB in, void **out)
38 struct asn1_data data;
39 struct ldb_sort_resp_control *lsrc;
41 if (!asn1_load(&data, in)) {
45 lsrc = talloc(mem_ctx, struct ldb_sort_resp_control);
50 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
54 if (!asn1_read_enumerated(&data, &(lsrc->result))) {
58 lsrc->attr_desc = NULL;
59 if (asn1_peek_tag(&data, ASN1_OCTET_STRING)) {
60 if (!asn1_read_OctetString(&data, &attr)) {
63 lsrc->attr_desc = talloc_strndup(lsrc, (const char *)attr.data, attr.length);
64 if (!lsrc->attr_desc) {
69 if (!asn1_end_tag(&data)) {
78 static BOOL decode_server_sort_request(void *mem_ctx, DATA_BLOB in, void **out)
82 struct asn1_data data;
83 struct ldb_server_sort_control **lssc;
86 if (!asn1_load(&data, in)) {
90 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
96 for (num = 0; asn1_peek_tag(&data, ASN1_SEQUENCE(0)); num++) {
97 lssc = talloc_realloc(mem_ctx, lssc, struct ldb_server_sort_control *, num + 2);
101 lssc[num] = talloc(lssc, struct ldb_server_sort_control);
106 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
110 if (!asn1_read_OctetString(&data, &attr)) {
114 lssc[num]->attributeName = talloc_strndup(lssc[num], (const char *)attr.data, attr.length);
115 if (!lssc [num]->attributeName) {
119 if (asn1_peek_tag(&data, ASN1_OCTET_STRING)) {
120 if (!asn1_read_OctetString(&data, &rule)) {
123 lssc[num]->orderingRule = talloc_strndup(lssc[num], (const char *)rule.data, rule.length);
124 if (!lssc[num]->orderingRule) {
129 if (asn1_peek_tag(&data, ASN1_BOOLEAN)) {
130 if (!asn1_read_BOOLEAN(&data, &(lssc[num]->reverse))) {
135 if (!asn1_end_tag(&data)) {
142 if (!asn1_end_tag(&data)) {
151 static BOOL decode_extended_dn_request(void *mem_ctx, DATA_BLOB in, void **out)
153 struct asn1_data data;
154 struct ldb_extended_dn_control *ledc;
156 if (!asn1_load(&data, in)) {
160 ledc = talloc(mem_ctx, struct ldb_extended_dn_control);
165 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
169 if (!asn1_read_Integer(&data, &(ledc->type))) {
173 if (!asn1_end_tag(&data)) {
182 static BOOL decode_paged_results_request(void *mem_ctx, DATA_BLOB in, void **out)
185 struct asn1_data data;
186 struct ldb_paged_control *lprc;
188 if (!asn1_load(&data, in)) {
192 lprc = talloc(mem_ctx, struct ldb_paged_control);
197 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
201 if (!asn1_read_Integer(&data, &(lprc->size))) {
205 if (!asn1_read_OctetString(&data, &cookie)) {
208 lprc->cookie_len = cookie.length;
209 if (lprc->cookie_len) {
210 lprc->cookie = talloc_memdup(lprc, cookie.data, cookie.length);
212 if (!(lprc->cookie)) {
219 if (!asn1_end_tag(&data)) {
228 static BOOL decode_dirsync_request(void *mem_ctx, DATA_BLOB in, void **out)
231 struct asn1_data data;
232 struct ldb_dirsync_control *ldc;
234 if (!asn1_load(&data, in)) {
238 ldc = talloc(mem_ctx, struct ldb_dirsync_control);
243 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
247 if (!asn1_read_Integer(&data, &(ldc->flags))) {
251 if (!asn1_read_Integer(&data, &(ldc->max_attributes))) {
255 if (!asn1_read_OctetString(&data, &cookie)) {
258 ldc->cookie_len = cookie.length;
259 if (ldc->cookie_len) {
260 ldc->cookie = talloc_memdup(ldc, cookie.data, cookie.length);
262 if (!(ldc->cookie)) {
269 if (!asn1_end_tag(&data)) {
278 /* seem that this controls has 2 forms one in case it is used with
279 * a Search Request and another when used ina Search Response
281 static BOOL decode_asq_control(void *mem_ctx, DATA_BLOB in, void **out)
283 DATA_BLOB source_attribute;
284 struct asn1_data data;
285 struct ldb_asq_control *lac;
287 if (!asn1_load(&data, in)) {
291 lac = talloc(mem_ctx, struct ldb_asq_control);
296 if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) {
300 if (asn1_peek_tag(&data, ASN1_OCTET_STRING)) {
302 if (!asn1_read_OctetString(&data, &source_attribute)) {
305 lac->src_attr_len = source_attribute.length;
306 if (lac->src_attr_len) {
307 lac->source_attribute = talloc_strndup(lac, source_attribute.data, source_attribute.length);
309 if (!(lac->source_attribute)) {
313 lac->source_attribute = NULL;
318 } else if (asn1_peek_tag(&data, ASN1_ENUMERATED)) {
320 if (!asn1_read_enumerated(&data, &(lac->result))) {
330 if (!asn1_end_tag(&data)) {
339 static BOOL decode_notification_request(void *mem_ctx, DATA_BLOB in, void **out)
341 if (in.length != 0) {
348 static BOOL decode_manageDSAIT_request(void *mem_ctx, DATA_BLOB in, void **out)
350 if (in.length != 0) {
357 static BOOL encode_server_sort_response(void *mem_ctx, void *in, DATA_BLOB *out)
359 struct ldb_sort_resp_control *lsrc = talloc_get_type(in, struct ldb_sort_resp_control);
360 struct asn1_data data;
364 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
368 if (!asn1_write_enumerated(&data, lsrc->result)) {
372 if (lsrc->attr_desc) {
373 if (!asn1_write_OctetString(&data, lsrc->attr_desc, strlen(lsrc->attr_desc))) {
378 if (!asn1_pop_tag(&data)) {
382 *out = data_blob_talloc(mem_ctx, data.data, data.length);
383 if (out->data == NULL) {
390 static BOOL encode_server_sort_request(void *mem_ctx, void *in, DATA_BLOB *out)
392 struct ldb_server_sort_control **lssc = talloc_get_type(in, struct ldb_server_sort_control *);
393 struct asn1_data data;
398 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
402 for (num = 0; lssc[num]; num++) {
403 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
407 if (!asn1_write_OctetString(&data, lssc[num]->attributeName, strlen(lssc[num]->attributeName))) {
411 if (lssc[num]->orderingRule) {
412 if (!asn1_write_OctetString(&data, lssc[num]->orderingRule, strlen(lssc[num]->orderingRule))) {
417 if (lssc[num]->reverse) {
418 if (!asn1_write_BOOLEAN(&data, lssc[num]->reverse)) {
423 if (!asn1_pop_tag(&data)) {
428 if (!asn1_pop_tag(&data)) {
432 *out = data_blob_talloc(mem_ctx, data.data, data.length);
433 if (out->data == NULL) {
440 static BOOL encode_extended_dn_request(void *mem_ctx, void *in, DATA_BLOB *out)
442 struct ldb_extended_dn_control *ledc = talloc_get_type(in, struct ldb_extended_dn_control);
443 struct asn1_data data;
447 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
451 if (!asn1_write_Integer(&data, ledc->type)) {
455 if (!asn1_pop_tag(&data)) {
459 *out = data_blob_talloc(mem_ctx, data.data, data.length);
460 if (out->data == NULL) {
467 static BOOL encode_paged_results_request(void *mem_ctx, void *in, DATA_BLOB *out)
469 struct ldb_paged_control *lprc = talloc_get_type(in, struct ldb_paged_control);
470 struct asn1_data data;
474 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
478 if (!asn1_write_Integer(&data, lprc->size)) {
482 if (!asn1_write_OctetString(&data, lprc->cookie, lprc->cookie_len)) {
486 if (!asn1_pop_tag(&data)) {
490 *out = data_blob_talloc(mem_ctx, data.data, data.length);
491 if (out->data == NULL) {
498 /* seem that this controls has 2 forms one in case it is used with
499 * a Search Request and another when used ina Search Response
501 static BOOL encode_asq_control(void *mem_ctx, void *in, DATA_BLOB *out)
503 struct ldb_asq_control *lac = talloc_get_type(in, struct ldb_asq_control);
504 struct asn1_data data;
508 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
514 if (!asn1_write_OctetString(&data, lac->source_attribute, lac->src_attr_len)) {
518 if (!asn1_write_enumerated(&data, lac->result)) {
523 if (!asn1_pop_tag(&data)) {
527 *out = data_blob_talloc(mem_ctx, data.data, data.length);
528 if (out->data == NULL) {
535 static BOOL encode_dirsync_request(void *mem_ctx, void *in, DATA_BLOB *out)
537 struct ldb_dirsync_control *ldc = talloc_get_type(in, struct ldb_dirsync_control);
538 struct asn1_data data;
542 if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) {
546 if (!asn1_write_Integer(&data, ldc->flags)) {
550 if (!asn1_write_Integer(&data, ldc->max_attributes)) {
554 if (!asn1_write_OctetString(&data, ldc->cookie, ldc->cookie_len)) {
558 if (!asn1_pop_tag(&data)) {
562 *out = data_blob_talloc(mem_ctx, data.data, data.length);
563 if (out->data == NULL) {
570 static BOOL encode_notification_request(void *mem_ctx, void *in, DATA_BLOB *out)
576 *out = data_blob(NULL, 0);
580 static BOOL encode_manageDSAIT_request(void *mem_ctx, void *in, DATA_BLOB *out)
586 *out = data_blob(NULL, 0);
590 struct control_handler ldap_known_controls[] = {
591 { "1.2.840.113556.1.4.319", decode_paged_results_request, encode_paged_results_request },
592 { "1.2.840.113556.1.4.529", decode_extended_dn_request, encode_extended_dn_request },
593 { "1.2.840.113556.1.4.473", decode_server_sort_request, encode_server_sort_request },
594 { "1.2.840.113556.1.4.474", decode_server_sort_response, encode_server_sort_response },
595 { "1.2.840.113556.1.4.1504", decode_asq_control, encode_asq_control },
596 { "1.2.840.113556.1.4.841", decode_dirsync_request, encode_dirsync_request },
597 { "1.2.840.113556.1.4.528", decode_notification_request, encode_notification_request },
598 { "2.16.840.1.113730.3.4.2", decode_manageDSAIT_request, encode_manageDSAIT_request },
602 BOOL ldap_decode_control(void *mem_ctx, struct asn1_data *data, struct ldap_Control *ctrl)
608 if (!asn1_start_tag(data, ASN1_SEQUENCE(0))) {
612 if (!asn1_read_OctetString(data, &oid)) {
615 ctrl->oid = talloc_strndup(mem_ctx, (char *)oid.data, oid.length);
620 if (asn1_peek_tag(data, ASN1_BOOLEAN)) {
621 if (!asn1_read_BOOLEAN(data, &(ctrl->critical))) {
625 ctrl->critical = False;
630 for (i = 0; ldap_known_controls[i].oid != NULL; i++) {
631 if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) {
633 if (!asn1_read_OctetString(data, &value)) {
636 if (!ldap_known_controls[i].decode(mem_ctx, value, &(ctrl->value))) {
642 if (ldap_known_controls[i].oid == NULL) {
646 if (!asn1_end_tag(data)) {
653 BOOL ldap_encode_control(void *mem_ctx, struct asn1_data *data, struct ldap_Control *ctrl)
658 if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
662 if (!asn1_write_OctetString(data, ctrl->oid, strlen(ctrl->oid))) {
666 if (ctrl->critical) {
667 if (!asn1_write_BOOLEAN(data, ctrl->critical)) {
672 for (i = 0; ldap_known_controls[i].oid != NULL; i++) {
673 if (strcmp(ldap_known_controls[i].oid, ctrl->oid) == 0) {
674 if (!ldap_known_controls[i].encode(mem_ctx, ctrl->value, &value)) {
680 if (ldap_known_controls[i].oid == NULL) {
684 if (value.length != 0) {
685 if (!asn1_write_OctetString(data, value.data, value.length)) {
690 if (!asn1_pop_tag(data)) {