svn commit: samba r16129 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .

abartlet at samba.org abartlet at samba.org
Fri Jun 9 21:10:12 GMT 2006 

Author: abartlet
Date: 2006-06-09 21:10:08 +0000 (Fri, 09 Jun 2006)
New Revision: 16129

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16129

Log:
Further clean up the samldb module.

This adds more/better setting of the ldb error string, and avoids
using gendb_search(), as this doens't return the error code.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c


Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c	2006-06-09 19:32:17 UTC (rev 16128)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c	2006-06-09 21:10:08 UTC (rev 16129)
@@ -351,31 +351,36 @@
 	int ret;
 	struct ldb_dn *dom_dn;
 	struct dom_sid *dom_sid;
-	const char *dom_attrs[] = { NULL };
-	struct ldb_message **dom_msgs;
+	const char *attrs[] = { NULL };
+	struct ldb_result *dom_res;
+	struct ldb_result *res;
 	uint32_t old_rid;
+	char *filter;
 
-	/* find the domain DN */
+	/* find if this SID already exists */
 
-	ret = gendb_search(module->ldb,
-			   mem_ctx, NULL, &dom_msgs, dom_attrs,
-			   "objectSid=%s",
-			   ldap_encode_ndr_dom_sid(mem_ctx, sid));
-	if (ret > 0) {
-		ldb_set_errstring(module->ldb,
-				  talloc_asprintf(mem_ctx,
-						  "Attempt to add record with SID %s rejected,"
-						  " because this SID is already in the database",
-						  dom_sid_string(mem_ctx, sid)));
-		/* We have a duplicate SID, we must reject the add */
-		talloc_free(dom_msgs);
-		return LDB_ERR_CONSTRAINT_VIOLATION;
+	filter = talloc_asprintf(mem_ctx, "(objectSid=%s)",
+				 ldap_encode_ndr_dom_sid(mem_ctx, sid));
+
+	ret = ldb_search(module->ldb, samdb_base_dn(mem_ctx), LDB_SCOPE_SUBTREE, filter, attrs, &res);
+	if (ret == LDB_SUCCESS) {
+		if (res->count > 0) {
+			talloc_free(res);
+			ldb_set_errstring(module->ldb,
+					  talloc_asprintf(mem_ctx,
+							  "Attempt to add record with SID %s rejected,"
+							  " because this SID is already in the database",
+							  dom_sid_string(mem_ctx, sid)));
+			/* We have a duplicate SID, we must reject the add */
+			return LDB_ERR_CONSTRAINT_VIOLATION;
+		}
+		talloc_free(res);
+	} else {
+		ldb_set_errstring(module->ldb, talloc_asprintf(module, "samldb_notice_sid: error searching to see if sid %s is in use: %s\n", 
+							       dom_sid_string(dom_res, sid), 
+							       ldb_errstring(module->ldb)));
+		return ret;
 	}
-	
-	if (ret == -1) {
-		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_get_new_sid: error searching for proposed sid!\n");
-		return LDB_ERR_OPERATIONS_ERROR;
-	}
 
 	dom_sid = dom_sid_dup(mem_ctx, sid);
 	if (!dom_sid) {
@@ -385,33 +390,38 @@
 	dom_sid->num_auths--;
 
 	/* find the domain DN */
+	
+	filter = talloc_asprintf(mem_ctx, "(&(objectSid=%s)(objectclass=domain))",
+				 ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
 
-	ret = gendb_search(module->ldb,
-			   mem_ctx, NULL, &dom_msgs, dom_attrs,
-			   "(&(objectSid=%s)(objectclass=domain))",
-			   ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
-	if (ret == 0) {
-		/* This isn't an operation on a domain we know about, so nothing to update */
-		return LDB_SUCCESS;
-	}
+	ret = ldb_search(module->ldb, samdb_base_dn(mem_ctx), LDB_SCOPE_SUBTREE, filter, attrs, &dom_res);
+	if (ret == LDB_SUCCESS) {
+		talloc_steal(mem_ctx, dom_res);
+		if (dom_res->count == 0) {
+			talloc_free(dom_res);
+			/* This isn't an operation on a domain we know about, so nothing to update */
+			return LDB_SUCCESS;
+		}
 
-	if (ret > 1) {
-		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_get_new_sid: error retrieving domain from sid: duplicate domains!\n");
-		talloc_free(dom_msgs);
-		return LDB_ERR_OPERATIONS_ERROR;
+		if (dom_res->count > 1) {
+			talloc_free(dom_res);
+			ldb_set_errstring(module->ldb, talloc_asprintf(module, "samldb_notice_sid: error retrieving domain from sid: duplicate (found %d) domain: %s!\n", 
+								       dom_res->count, dom_sid_string(dom_res, dom_sid)));
+			return LDB_ERR_OPERATIONS_ERROR;
+		}
+	} else {
+		ldb_set_errstring(module->ldb, talloc_asprintf(module, "samldb_notice_sid: error retrieving domain from sid: %s: %s\n", 
+							       dom_sid_string(dom_res, dom_sid), 
+							       ldb_errstring(module->ldb)));
+		return ret;
 	}
 
-	if (ret != 1) {
-		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_get_new_sid: error retrieving domain sid!\n");
-		return LDB_ERR_OPERATIONS_ERROR;
-	}
+	dom_dn = dom_res->msgs[0]->dn;
 
-	dom_dn = dom_msgs[0]->dn;
-
 	ret = samldb_find_next_rid(module, mem_ctx, 
 				   dom_dn, &old_rid);
 	if (ret) {
-		talloc_free(dom_msgs);
+		talloc_free(dom_res);
 		return ret;
 	}
 
@@ -419,7 +429,7 @@
 		ret = samldb_set_next_rid(module->ldb, mem_ctx, dom_dn, old_rid, 
 					  sid->sub_auths[sid->num_auths - 1] + 1);
 	}
-	talloc_free(dom_msgs);
+	talloc_free(dom_res);
 	return ret;
 }
 
@@ -432,7 +442,7 @@
 	if (sid == NULL) { 
 		sid = samldb_get_new_sid(module, msg2, msg2->dn);
 		if (sid == NULL) {
-			ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_user_or_computer_object: internal error! Can't generate new sid\n");
+			ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_handle_sid: internal error! Can't generate new sid\n");
 			return LDB_ERR_OPERATIONS_ERROR;
 		}

More information about the samba-cvs mailing list