svn commit: samba r20377 - in branches/SAMBA_4_0/source/dsdb/samdb:
.
abartlet at samba.org
abartlet at samba.org
Thu Dec 28 04:52:46 GMT 2006
Author: abartlet
Date: 2006-12-28 04:52:45 +0000 (Thu, 28 Dec 2006)
New Revision: 20377
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20377
Log:
Rework the CrackNames implementation to handle some of the BUILTIN sid
cases.
Adjust our 'look for this value in this attribute, of the result'
function samdb_find_attribute() to use the correct comparison
function, no matter what that may be.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c
branches/SAMBA_4_0/source/dsdb/samdb/samdb.c
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c 2006-12-28 04:44:34 UTC (rev 20376)
+++ branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c 2006-12-28 04:52:45 UTC (rev 20377)
@@ -632,7 +632,7 @@
const char * const _result_attrs_canonical[] = { "canonicalName", NULL };
const char * const _domain_attrs_nt4[] = { "ncName", "dnsRoot", "nETBIOSName", NULL};
- const char * const _result_attrs_nt4[] = { "sAMAccountName", "objectSid", NULL};
+ const char * const _result_attrs_nt4[] = { "sAMAccountName", "objectSid", "objectClass", NULL};
const char * const _domain_attrs_guid[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_guid[] = { "objectGUID", NULL};
@@ -786,15 +786,11 @@
result->dn, name, info1);
}
case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT: {
+
const struct dom_sid *sid = samdb_result_dom_sid(mem_ctx, result, "objectSid");
const char *_acc = "", *_dom = "";
- if (!sid || (sid->num_auths < 4) || (sid->num_auths > 5)) {
- info1->status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING;
- return WERR_OK;
- }
-
- if (sid->num_auths == 4) {
+ if (samdb_find_attribute(sam_ctx, result, "objectClass", "domain")) {
ldb_ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &domain_res, domain_attrs,
"(ncName=%s)", ldb_dn_get_linearized(result->dn));
if (ldb_ret != 1) {
@@ -803,33 +799,38 @@
}
_dom = samdb_result_string(domain_res[0], "nETBIOSName", NULL);
W_ERROR_HAVE_NO_MEMORY(_dom);
-
- } else if (sid->num_auths == 5) {
- const char *attrs[] = { NULL };
- struct ldb_message **domain_res2;
- struct dom_sid *dom_sid = dom_sid_dup(mem_ctx, sid);
- if (!dom_sid) {
+ } else {
+ _acc = samdb_result_string(result, "sAMAccountName", NULL);
+ if (!_acc) {
+ info1->status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING;
return WERR_OK;
}
- dom_sid->num_auths--;
- ldb_ret = gendb_search(sam_ctx, mem_ctx, NULL, &domain_res, attrs,
- "(&(objectSid=%s)(objectClass=domain))", ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
- if (ldb_ret != 1) {
- info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
- return WERR_OK;
+ if (dom_sid_in_domain(dom_sid_parse_talloc(mem_ctx, SID_BUILTIN), sid)) {
+ _dom = "BUILTIN";
+ } else {
+ const char *attrs[] = { NULL };
+ struct ldb_message **domain_res2;
+ struct dom_sid *dom_sid = dom_sid_dup(mem_ctx, sid);
+ if (!dom_sid) {
+ return WERR_OK;
+ }
+ dom_sid->num_auths--;
+ ldb_ret = gendb_search(sam_ctx, mem_ctx, NULL, &domain_res, attrs,
+ "(&(objectSid=%s)(objectClass=domain))", ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
+ if (ldb_ret != 1) {
+ info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
+ return WERR_OK;
+ }
+ ldb_ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &domain_res2, domain_attrs,
+ "(ncName=%s)", ldb_dn_get_linearized(domain_res[0]->dn));
+ if (ldb_ret != 1) {
+ info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
+ return WERR_OK;
+ }
+
+ _dom = samdb_result_string(domain_res2[0], "nETBIOSName", NULL);
+ W_ERROR_HAVE_NO_MEMORY(_dom);
}
- ldb_ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &domain_res2, domain_attrs,
- "(ncName=%s)", ldb_dn_get_linearized(domain_res[0]->dn));
- if (ldb_ret != 1) {
- info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
- return WERR_OK;
- }
-
- _dom = samdb_result_string(domain_res2[0], "nETBIOSName", NULL);
- W_ERROR_HAVE_NO_MEMORY(_dom);
-
- _acc = samdb_result_string(result, "sAMAccountName", NULL);
- W_ERROR_HAVE_NO_MEMORY(_acc);
}
info1->result_name = talloc_asprintf(mem_ctx, "%s\\%s", _dom, _acc);
Modified: branches/SAMBA_4_0/source/dsdb/samdb/samdb.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/samdb.c 2006-12-28 04:44:34 UTC (rev 20376)
+++ branches/SAMBA_4_0/source/dsdb/samdb/samdb.c 2006-12-28 04:52:45 UTC (rev 20377)
@@ -632,21 +632,32 @@
{
int i;
struct ldb_message_element *el = ldb_msg_find_element(msg, name);
+ const struct ldb_schema_attribute *a;
struct ldb_val v;
+ TALLOC_CTX *tmp_ctx = talloc_new(ldb);
+ if (!tmp_ctx) {
+ return NULL;
+ }
+
v.data = discard_const_p(uint8_t, value);
v.length = strlen(value);
if (!el) {
+ talloc_free(tmp_ctx);
return NULL;
}
+ a = ldb_schema_attribute_by_name(ldb, name);
+
for (i=0;i<el->num_values;i++) {
- if (strcasecmp(value, (char *)el->values[i].data) == 0) {
+ if (a->syntax->comparison_fn(ldb, tmp_ctx, &el->values[i], &v) == 0) {
+ talloc_free(tmp_ctx);
return el;
}
}
+ talloc_free(tmp_ctx);
return NULL;
}
More information about the samba-cvs
mailing list