svn commit: samba r17501 - in branches/SOC/mkhl/samdb-map/ldb_modules: .

abartlet at samba.org abartlet at samba.org
Fri Aug 11 22:53:22 GMT 2006 

Author: abartlet
Date: 2006-08-11 22:53:21 +0000 (Fri, 11 Aug 2006)
New Revision: 17501

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17501

Log:
Samba accepts both string and binary forms of objectSid attributes in
some places.

This causes problems when we talk to an OpenLDAP server that assumes
this is a binary quanity, particularly on searches.

This patch adds this canonicolisation to the translations we do.

Andrew Bartlett


Modified:
   branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c


Changeset:
Modified: branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c
===================================================================
--- branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c	2006-08-11 22:36:53 UTC (rev 17500)
+++ branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c	2006-08-11 22:53:21 UTC (rev 17501)
@@ -75,6 +75,28 @@
 	return out;
 }
 
+/* The backend holds binary sids, so just copy them back */
+static struct ldb_val sid_copy(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
+{
+	struct ldb_val out = data_blob(NULL, 0);
+	ldb_handler_copy(module->ldb, ctx, val, &out);
+
+	return out;
+}
+
+/* Ensure we always convert sids into binary, so the backend doesn't have to know about both forms */
+static struct ldb_val sid_always_binary(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
+{
+	struct ldb_val out = data_blob(NULL, 0);
+	const struct ldb_attrib_handler *handler = ldb_attrib_handler(module->ldb, "objectSid");
+	
+	if (handler->canonicalise_fn(module->ldb, ctx, val, &out) != LDB_SUCCESS) {
+		return data_blob(NULL, 0);
+	}
+
+	return out;
+}
+
 const struct ldb_map_attribute entryUUID_attributes[] = 
 {
 	/* objectGUID */
@@ -89,7 +111,19 @@
 			},
 		},
 	},
+	/* objectSid */
 	{
+		.local_name = "objectSid",
+		.type = MAP_CONVERT,
+		.u = {
+			.convert = {
+				.remote_name = "objectSid", 
+				.convert_local = sid_always_binary,
+				.convert_remote = sid_copy,
+			},
+		},
+	},
+	{
 		.local_name = "whenCreated",
 		.type = MAP_RENAME,
 		.u = {

More information about the samba-cvs mailing list