[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-368-g93cf0b3
Andrew Tridgell
tridge at samba.org
Fri Aug 22 08:40:05 GMT 2008
The branch, v4-0-test has been updated
via 93cf0b3c7e6d8a4758c44519de51e51be89f76c7 (commit)
via 115053ea7e70b067e7873668ed83f1f10908287d (commit)
via 3c058f50cc3b91d540feb51fb698d90565b2b7c9 (commit)
via 469fac2669991b130dec219e1a109a8b2ce224be (commit)
via 26c6aa5a80ffaf06fc33f30a6533f8f16ef538bc (commit)
via ed66feb80aac7432049fe9fd86a9232984587e17 (commit)
via 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2 (commit)
via 0b6e53f80b063d8702718c84409d7b069aee9c05 (commit)
via 44775d1ed4a4b8edc66a06e2b3710aba6a0dd019 (commit)
via 682ca3cae1d5e796bc58142f79c99d43742ac85c (commit)
via 6aa5dde2aa9a5f070871ecc117e44bfcad363459 (commit)
via b36c6a21ad12fdc1b53efdc3f29cde7614b4fa9e (commit)
via 747d683b0d92c3b1cde67245d514977a2c87dc44 (commit)
via 94d5e69190f34d66d4defd4a7de7ce24bee77bc3 (commit)
via 7b24701335398ece3d1b3a20cf5f1174500b16ce (commit)
via 233dd885c2a2b4ee7cc2287efe7d6e03625d4981 (commit)
via 505a0c2b702b696b91dab683626bb25b14a49c38 (commit)
via 8003ee9abf474de534677283fc499f9a3d992b20 (commit)
via 07d122ce2c255124dfb3acf71a3afdf52f06e1b1 (commit)
via ae502f9e3991209d70a745bef3a3e6e7484cdb5f (commit)
via 9fa48b3572cb4e55cfaa48a8b516a91904048573 (commit)
via 358477fcc041d5fb2e6ac5641c2f899cc49cfb69 (commit)
via 731d9e569a474da27014737e0805ae712366357d (commit)
via 300ed83526e75d834bd23ddd1c1c26ebe2555e0f (commit)
via ed19d0abea5b206d186a51fa11dc0c04197e6ee2 (commit)
via a484334fb4dafd1df514d1bf88f7e0c4f07dff86 (commit)
via 3024a43c25e3ec9821d94a27d5cf738890b1b8f3 (commit)
via a5cbe8c09c6f14f95ff9ba9b8782e2100fc55695 (commit)
from 8a2f9688275aa150b739b5525e738df15c5e25cc (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 93cf0b3c7e6d8a4758c44519de51e51be89f76c7
Merge: 115053ea7e70b067e7873668ed83f1f10908287d 8a2f9688275aa150b739b5525e738df15c5e25cc
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 18:39:52 2008 +1000
Merge commit 'origin/v4-0-test' into v4-0-test
commit 115053ea7e70b067e7873668ed83f1f10908287d
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 18:37:34 2008 +1000
fixed the GUID and objectSID canonicalisation functions
commit 3c058f50cc3b91d540feb51fb698d90565b2b7c9
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 18:37:11 2008 +1000
fixed a speellling erra
commit 469fac2669991b130dec219e1a109a8b2ce224be
Merge: adbff0b0f92aa0742a8293071776b388879cbd8e 26c6aa5a80ffaf06fc33f30a6533f8f16ef538bc
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 17:37:43 2008 +1000
Merge branch 'abartlet-4-0-local' into v4-0-test
commit 26c6aa5a80ffaf06fc33f30a6533f8f16ef538bc
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 17:36:56 2008 +1000
fixed a problem with length limited ldap values
The core ldb code for string matching assumed NULL terminated strings,
whereas the anr module used data_blob_const() to effectively truncate
a ldb_val by changing its length. The ldb code is supposed to be based
around length limited blobs, not NULL terminated strings, so the
correct fix was to change the string comparison functions to be length
limited
commit ed66feb80aac7432049fe9fd86a9232984587e17
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Aug 22 14:32:27 2008 +1000
fixed error handling in ANR code
when we can't process an ANR request we need to continue with the
parse tree we were given, not a NULL tree
commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 19:24:58 2008 +1000
Don't walk past the end of ldb values.
This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb. There is much more work to do in
this area.
Andrew Bartlett
commit 0b6e53f80b063d8702718c84409d7b069aee9c05
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 17:29:47 2008 +1000
Push loading the objectGUID and objectSID handlers earlier.
Andrew Bartlett
commit 44775d1ed4a4b8edc66a06e2b3710aba6a0dd019
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 16:42:03 2008 +1000
Stop every ldb startup doing a write to the database.
Something in the search stack adds a distinguisedName record, which
isn't in the message we generate. So we compare, fail and rewrite the
record - every time ldb starts up...
Andrew Bartlett
commit 682ca3cae1d5e796bc58142f79c99d43742ac85c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 16:09:42 2008 +1000
Validate input in the CLDAP and DGRAM 'netlogon' responder.
commit 6aa5dde2aa9a5f070871ecc117e44bfcad363459
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 15:10:40 2008 +1000
Handle error cases in attribute handlers better.
We don't need to just bail, for all these error cases there is still
real result that can be made - just fall back to binary copy/compare.
Andrew Bartlett
commit b36c6a21ad12fdc1b53efdc3f29cde7614b4fa9e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:59:16 2008 +1000
The index handling is now configured from the schema load, not by a
template.
Andrew Bartlett
commit 747d683b0d92c3b1cde67245d514977a2c87dc44
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:58:00 2008 +1000
Set both attributes and indexes into the database on schema load.
This ensures that a rudementary schema is always present (for
bootstrapping), and that the indexes are maintained equal to the
schema (rather than hard-coded).
Andrew Bartlett
commit 94d5e69190f34d66d4defd4a7de7ce24bee77bc3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:56:34 2008 +1000
All these syntaxes are now handled by the schema.
commit 7b24701335398ece3d1b3a20cf5f1174500b16ce
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:56:04 2008 +1000
Don't hardcode attributes to be treated as a DN
This is now handled by reading the schema into the attributes.
Also, when we do set something here, mark it as FIXED, so the schema
and any reload from @ATTRIBUTES won't touch it.
Andrew Bartlett
commit 233dd885c2a2b4ee7cc2287efe7d6e03625d4981
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:51:55 2008 +1000
Correct anr search commants and error messages in ldap.js
commit 505a0c2b702b696b91dab683626bb25b14a49c38
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:51:06 2008 +1000
Don't allow a NULL syntax
commit 8003ee9abf474de534677283fc499f9a3d992b20
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 21 12:50:22 2008 +1000
Don't maniplate control entries in samldb
commit 07d122ce2c255124dfb3acf71a3afdf52f06e1b1
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 16:18:44 2008 +1000
Use the new SEARCH_FLAG_ANR define
commit ae502f9e3991209d70a745bef3a3e6e7484cdb5f
Merge: 9fa48b3572cb4e55cfaa48a8b516a91904048573 e860fc171fd127d73df23336089c1479911953da
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 16:02:13 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
commit 9fa48b3572cb4e55cfaa48a8b516a91904048573
Merge: 358477fcc041d5fb2e6ac5641c2f899cc49cfb69 3bdc906eb63a494f0d8478c13f8330828aa2f725
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 15:52:08 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
commit 358477fcc041d5fb2e6ac5641c2f899cc49cfb69
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 15:46:46 2008 +1000
Apply attributes (and their syntax) from the schema into ldb
This changes the @ATTRIBUTES record to be for bootstrapping only,
before we find the schema.
Andrew Bartlett
commit 731d9e569a474da27014737e0805ae712366357d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 15:45:16 2008 +1000
Add schema search flags from MS-ADTS
commit 300ed83526e75d834bd23ddd1c1c26ebe2555e0f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 13:22:16 2008 +1000
Split schema_init.c into smaller bits.
This should make schema manipulation a little easier to follow.
Andrew Bartlett
commit ed19d0abea5b206d186a51fa11dc0c04197e6ee2
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 13:09:40 2008 +1000
Remove last traces of the old 'subclass' feature
commit a484334fb4dafd1df514d1bf88f7e0c4f07dff86
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Wed Aug 20 12:46:37 2008 +1000
Add a torture test for the new 'netlogon' flags.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 3024a43c25e3ec9821d94a27d5cf738890b1b8f3
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Wed Aug 20 12:45:41 2008 +1000
Add extra bits to our 'netlogon' response in CLDAP and NBT.
I've studied now the netlogon attribute from the CLDAP request and
have compared them with the table presented in the WSPP docs
(http://msdn.microsoft.com/en-us/library/cc201036.aspx). The first two
bytes seem to be correct, but that the third and fourth one is
completely clear with SAMBA 4.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit a5cbe8c09c6f14f95ff9ba9b8782e2100fc55695
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 20 12:21:36 2008 +1000
Update OpenLDAP MMR configuration per comments by Oliver Liebel
<oliver at itc.li>
This changes the RIDs to be <serverID><DBID>, to ease later debugging.
The need to specify the port on the MMR URLs is now included in the
help.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source/cldap_server/netlogon.c | 52 ++-
source/dsdb/common/flags.h | 11 +
source/dsdb/config.mk | 2 +
source/dsdb/samdb/ldb_modules/anr.c | 44 +-
source/dsdb/samdb/ldb_modules/linked_attributes.c | 8 +-
source/dsdb/samdb/ldb_modules/normalise.c | 2 +-
source/dsdb/samdb/ldb_modules/partition.c | 2 +-
source/dsdb/samdb/ldb_modules/samldb.c | 4 +
source/dsdb/samdb/ldb_modules/schema_syntax.c | 2 +-
source/dsdb/samdb/ldb_modules/simple_ldap_map.c | 2 +-
source/dsdb/schema/schema_init.c | 545 ---------------------
source/dsdb/schema/schema_query.c | 344 +++++++++++++
source/dsdb/schema/schema_set.c | 434 ++++++++++++++++
source/lib/charset/charset.h | 1 +
source/lib/charset/util_unistr.c | 17 +-
source/lib/ldb-samba/ldif_handlers.c | 58 ++-
source/lib/ldb/common/attrib_handlers.c | 27 +-
source/lib/ldb/common/ldb_attributes.c | 4 +
source/lib/ldb/common/ldb_dn.c | 23 +-
source/lib/ldb/common/ldb_msg.c | 6 +-
source/lib/ldb/common/ldb_utf8.c | 12 +-
source/lib/ldb/include/ldb.h | 9 +-
source/lib/ldb/include/ldb_private.h | 9 +-
source/lib/ldb/ldb_tdb/ldb_index.c | 2 +-
source/lib/ldb/modules/operational.c | 6 -
source/lib/ldb/tests/python/ldap.py | 14 +-
source/lib/ldb/tools/ldbtest.c | 2 +-
source/lib/ldb_wrap.c | 12 +-
source/lib/ldb_wrap.h | 2 +-
source/lib/util/data_blob.c | 2 +-
source/lib/util/util_ldb.c | 4 +-
source/lib/util/util_ldb.h | 2 +-
source/libcli/security/dom_sid.c | 15 +
source/librpc/idl/nbt.idl | 8 +-
source/scripting/python/samba/provision.py | 46 +-
source/setup/provision-backend | 2 +-
source/setup/provision_index.ldif | 19 -
source/setup/provision_init.ldif | 7 +
source/torture/ldap/cldap.c | 146 ++++++
39 files changed, 1186 insertions(+), 721 deletions(-)
create mode 100644 source/dsdb/schema/schema_query.c
create mode 100644 source/dsdb/schema/schema_set.c
delete mode 100644 source/setup/provision_index.ldif
Changeset truncated at 500 lines:
diff --git a/source/cldap_server/netlogon.c b/source/cldap_server/netlogon.c
index f263f33..d424206 100644
--- a/source/cldap_server/netlogon.c
+++ b/source/cldap_server/netlogon.c
@@ -71,6 +71,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
struct ldb_dn *partitions_basedn;
struct interface *ifaces;
bool user_known;
+ NTSTATUS status;
partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx);
@@ -87,7 +88,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
partitions_basedn, LDB_SCOPE_ONELEVEL,
ref_attrs,
"(&(&(objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*))",
- domain);
+ ldb_binary_encode_string(mem_ctx, domain));
if (ret != LDB_SUCCESS) {
DEBUG(2,("Unable to find referece to '%s' in sam: %s\n",
@@ -126,7 +127,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
partitions_basedn, LDB_SCOPE_ONELEVEL,
ref_attrs,
"(&(objectClass=crossRef)(ncName=*)(nETBIOSName=%s))",
- netbios_domain);
+ ldb_binary_encode_string(mem_ctx, netbios_domain));
if (ret != LDB_SUCCESS) {
DEBUG(2,("Unable to find referece to '%s' in sam: %s\n",
@@ -161,17 +162,45 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
ref_res = NULL;
if (domain_guid) {
+ struct GUID binary_guid;
+ struct ldb_val guid_val;
+ enum ndr_err_code ndr_err;
+
+ /* By this means, we ensure we don't have funny stuff in the GUID */
+
+ status = GUID_from_string(domain_guid, &binary_guid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ /* And this gets the result into the binary format we want anyway */
+ ndr_err = ndr_push_struct_blob(&guid_val, mem_ctx, NULL, &binary_guid,
+ (ndr_push_flags_fn_t)ndr_push_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &dom_res,
NULL, LDB_SCOPE_SUBTREE,
dom_attrs,
- "(&(objectClass=domainDNS)(objectGUID=%s))",
- domain_guid);
+ "(&(objectCategory=Domain-DNS)(objectGUID=%s))",
+ ldb_binary_encode(mem_ctx, guid_val));
} else { /* domain_sid case */
+ struct dom_sid *sid;
+ struct ldb_val sid_val;
+ enum ndr_err_code ndr_err;
+
+ /* Rather than go via the string, just push into the NDR form */
+ ndr_err = ndr_push_struct_blob(&sid_val, mem_ctx, NULL, &sid,
+ (ndr_push_flags_fn_t)ndr_push_dom_sid);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &dom_res,
NULL, LDB_SCOPE_SUBTREE,
dom_attrs,
- "(&(objectClass=domainDNS)(objectSID=%s))",
- dom_sid_string(mem_ctx, domain_sid));
+ "(&(objectCategory=Domain-DNS)(objectSID=%s))",
+ ldb_binary_encode(mem_ctx, sid_val));
}
if (ret != LDB_SUCCESS) {
@@ -237,7 +266,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
"(&(objectClass=user)(samAccountName=%s)"
"(!(userAccountControl:" LDB_OID_COMPARATOR_AND ":=%u))"
"(userAccountControl:" LDB_OID_COMPARATOR_OR ":=%u))",
- user, UF_ACCOUNTDISABLE, samdb_acb2uf(acct_control));
+ ldb_binary_encode_string(mem_ctx, user),
+ UF_ACCOUNTDISABLE, samdb_acb2uf(acct_control));
if (ret != LDB_SUCCESS) {
DEBUG(2,("Unable to find referece to user '%s' with ACB 0x%8x under %s: %s\n",
user, acct_control, ldb_dn_get_linearized(dom_res->msgs[0]->dn),
@@ -256,7 +286,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type =
NBT_SERVER_DS | NBT_SERVER_TIMESERV |
NBT_SERVER_CLOSEST | NBT_SERVER_WRITABLE |
- NBT_SERVER_GOOD_TIMESERV;
+ NBT_SERVER_GOOD_TIMESERV | NBT_SERVER_DS_DNS_CONTR |
+ NBT_SERVER_DS_DNS_DOMAIN;
if (samdb_is_pdc(sam_ctx)) {
server_type |= NBT_SERVER_PDC;
@@ -274,6 +305,10 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= NBT_SERVER_KDC;
}
+ if (!ldb_dn_compare_base(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx))) {
+ server_type |= NBT_SERVER_DS_DNS_FOREST;
+ }
+
pdc_name = talloc_asprintf(mem_ctx, "\\\\%s", lp_netbios_name(lp_ctx));
domain_uuid = samdb_result_guid(dom_res->msgs[0], "objectGUID");
realm = samdb_result_string(ref_res->msgs[0], "dnsRoot", lp_realm(lp_ctx));
@@ -285,6 +320,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
flatname = samdb_result_string(ref_res->msgs[0], "nETBIOSName",
lp_workgroup(lp_ctx));
+ /* FIXME: Hardcoded site names */
server_site = "Default-First-Site-Name";
client_site = "Default-First-Site-Name";
load_interfaces(mem_ctx, lp_interfaces(lp_ctx), &ifaces);
diff --git a/source/dsdb/common/flags.h b/source/dsdb/common/flags.h
index e8802fd..bdd61a3 100644
--- a/source/dsdb/common/flags.h
+++ b/source/dsdb/common/flags.h
@@ -119,6 +119,17 @@
#define SYSTEM_FLAG_CONFIG_ALLOW_RENAME 0x40000000
#define SYSTEM_FLAG_DISALLOW_DELTE 0x80000000
+#define SEARCH_FLAG_ATTINDEX 0x0000001
+#define SEARCH_FLAG_PDNTATTINDEX 0x0000002
+#define SEARCH_FLAG_ANR 0x0000004
+#define SEARCH_FLAG_PRESERVEONDELETE 0x0000008
+#define SEARCH_FLAG_COPY 0x0000010
+#define SEARCH_FLAG_TUPLEINDEX 0x0000020
+#define SEARCH_FLAG_SUBTREEATTRINDEX 0x0000040
+#define SEARCH_FLAG_CONFIDENTIAL 0x0000080
+#define SEARCH_FLAG_NEVERVALUEAUDIT 0x0000100
+#define SEARCH_FLAG_RODC_ATTRIBUTE 0x0000200
+
#define DS_BEHAVIOR_WIN2000 0
#define DS_BEHAVIOR_WIN2003_INTERIM 1
#define DS_BEHAVIOR_WIN2003 2
diff --git a/source/dsdb/config.mk b/source/dsdb/config.mk
index ae35078..63e8a77 100644
--- a/source/dsdb/config.mk
+++ b/source/dsdb/config.mk
@@ -34,6 +34,8 @@ PRIVATE_DEPENDENCIES = SAMDB_COMMON NDR_DRSUAPI NDR_DRSBLOBS
SAMDB_SCHEMA_OBJ_FILES = $(addprefix $(dsdbsrcdir)/schema/, \
schema_init.o \
+ schema_set.o \
+ schema_query.o \
schema_syntax.o \
schema_description.o)
diff --git a/source/dsdb/samdb/ldb_modules/anr.c b/source/dsdb/samdb/ldb_modules/anr.c
index 1252c9e..4e2c527 100644
--- a/source/dsdb/samdb/ldb_modules/anr.c
+++ b/source/dsdb/samdb/ldb_modules/anr.c
@@ -146,7 +146,7 @@ struct ldb_parse_tree *anr_replace_callback(TALLOC_CTX *mem_ctx,
op = LDB_OP_SUBSTRING;
}
for (cur = schema->attributes; cur; cur = cur->next) {
- if (!(cur->searchFlags & 0x4)) continue;
+ if (!(cur->searchFlags & SEARCH_FLAG_ANR)) continue;
match_tree = make_match_tree(module, mem_ctx, op, cur->lDAPDisplayName, match);
if (tree) {
@@ -224,30 +224,26 @@ struct ldb_parse_tree *anr_replace_subtrees(struct ldb_parse_tree *tree,
void *context)
{
int i;
+ struct ldb_parse_tree *tmp;
+
switch (tree->operation) {
case LDB_OP_AND:
case LDB_OP_OR:
for (i=0;i<tree->u.list.num_elements;i++) {
- tree->u.list.elements[i] = anr_replace_subtrees(tree->u.list.elements[i],
- attr, callback, context);
- if (!tree->u.list.elements[i]) {
- return NULL;
- }
+ tmp = anr_replace_subtrees(tree->u.list.elements[i],
+ attr, callback, context);
+ if (tmp) tree->u.list.elements[i] = tmp;
}
break;
case LDB_OP_NOT:
- tree->u.isnot.child = anr_replace_subtrees(tree->u.isnot.child, attr, callback, context);
- if (!tree->u.isnot.child) {
- return NULL;
- }
+ tmp = anr_replace_subtrees(tree->u.isnot.child, attr, callback, context);
+ if (tmp) tree->u.isnot.child = tmp;
break;
case LDB_OP_EQUALITY:
if (ldb_attr_cmp(tree->u.equality.attr, attr) == 0) {
- tree = callback(tree, &tree->u.equality.value,
+ tmp = callback(tree, &tree->u.equality.value,
context);
- if (!tree) {
- return NULL;
- }
+ if (tmp) tree = tmp;
}
break;
case LDB_OP_SUBSTRING:
@@ -256,10 +252,8 @@ struct ldb_parse_tree *anr_replace_subtrees(struct ldb_parse_tree *tree,
tree->u.substring.end_with_wildcard == 1 &&
tree->u.substring.chunks[0] != NULL &&
tree->u.substring.chunks[1] == NULL) {
- tree = callback(tree, tree->u.substring.chunks[0], context);
- if (!tree) {
- return NULL;
- }
+ tmp = callback(tree, tree->u.substring.chunks[0], context);
+ if (tmp) tree = tmp;
}
}
break;
@@ -280,17 +274,29 @@ static int anr_search(struct ldb_module *module, struct ldb_request *req)
context->module = module;
context->found_anr = false;
+#if 0
+ printf("oldanr : %s\n", ldb_filter_from_tree (0, req->op.search.tree));
+#endif
+
/* Yes, this is a problem with req->op.search.tree being const... */
anr_tree = anr_replace_subtrees(req->op.search.tree, "anr", anr_replace_callback, context);
if (!anr_tree) {
+ talloc_free(context);
return LDB_ERR_OPERATIONS_ERROR;
}
if (context->found_anr) {
/* The above function modifies the tree if it finds "anr", so no
* point just setting this on the down_req */
+#if 0
+ printf("newtree: %s\n", ldb_filter_from_tree (0, anr_tree));
+#endif
req->op.search.tree = talloc_steal(req, anr_tree);
-
+ } else {
+ if (anr_tree != req->op.search.tree) {
+ talloc_free(anr_tree);
+ }
+ talloc_free(context);
}
return ldb_next_request(module, req);
}
diff --git a/source/dsdb/samdb/ldb_modules/linked_attributes.c b/source/dsdb/samdb/ldb_modules/linked_attributes.c
index 04b9987..e644724 100644
--- a/source/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -160,7 +160,7 @@ static int setup_modifies(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
- new_msg->dn = ldb_dn_new(new_msg, ldb, (char *)el->values[j].data);
+ new_msg->dn = ldb_dn_from_ldb_val(new_msg, ldb, &el->values[j]);
if (!new_msg->dn) {
ldb_asprintf_errstring(ldb,
"attribute %s value %s was not a valid DN", msg->elements[i].name,
@@ -330,7 +330,7 @@ static int linked_attributes_mod_replace_search_callback(struct ldb_context *ldb
/* Add all the existing elements, marking as 'proposed for delete' by setting .add = false */
for (i=0; i < search_el->num_values; i++) {
merged_list = talloc_realloc(ares, merged_list, struct merge, size + 1);
- merged_list[size].dn = ldb_dn_new(merged_list, ldb, (char *)search_el->values[i].data);
+ merged_list[size].dn = ldb_dn_from_ldb_val(merged_list, ldb, &search_el->values[i]);
merged_list[size].add = false;
merged_list[size].ignore = false;
size++;
@@ -339,7 +339,7 @@ static int linked_attributes_mod_replace_search_callback(struct ldb_context *ldb
/* Add all the new replacement elements, marking as 'proposed for add' by setting .add = true */
for (i=0; i < ac2->el->num_values; i++) {
merged_list = talloc_realloc(ares, merged_list, struct merge, size + 1);
- merged_list[size].dn = ldb_dn_new(merged_list, ldb, (char *)ac2->el->values[i].data);
+ merged_list[size].dn = ldb_dn_from_ldb_val(merged_list, ldb, &ac2->el->values[i]);
merged_list[size].add = true;
merged_list[size].ignore = false;
size++;
@@ -610,7 +610,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques
ldb_oom(module->ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
- new_msg->dn = ldb_dn_new(new_msg, module->ldb, (char *)el->values[j].data);
+ new_msg->dn = ldb_dn_from_ldb_val(new_msg, module->ldb, &el->values[j]);
if (!new_msg->dn) {
ldb_asprintf_errstring(module->ldb,
"attribute %s value %s was not a valid DN", req->op.mod.message->elements[i].name,
diff --git a/source/dsdb/samdb/ldb_modules/normalise.c b/source/dsdb/samdb/ldb_modules/normalise.c
index 8de9e33..3306fd3 100644
--- a/source/dsdb/samdb/ldb_modules/normalise.c
+++ b/source/dsdb/samdb/ldb_modules/normalise.c
@@ -112,7 +112,7 @@ static int normalise_search_callback(struct ldb_context *ldb, void *context, str
}
for (j = 0; j < ares->message->elements[i].num_values; j++) {
const char *dn_str;
- struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, (const char *)ares->message->elements[i].values[j].data);
+ struct ldb_dn *dn = ldb_dn_from_ldb_val(mem_ctx, ldb, &ares->message->elements[i].values[j]);
if (!dn) {
talloc_free(mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
diff --git a/source/dsdb/samdb/ldb_modules/partition.c b/source/dsdb/samdb/ldb_modules/partition.c
index 9285d6d..9cae6ab 100644
--- a/source/dsdb/samdb/ldb_modules/partition.c
+++ b/source/dsdb/samdb/ldb_modules/partition.c
@@ -925,7 +925,7 @@ static int partition_init(struct ldb_module *module)
}
for (i=0; i < replicate_attributes->num_values; i++) {
- data->replicate[i] = ldb_dn_new(data->replicate, module->ldb, (const char *)replicate_attributes->values[i].data);
+ data->replicate[i] = ldb_dn_from_ldb_val(data->replicate, module->ldb, &replicate_attributes->values[i]);
if (!ldb_dn_validate(data->replicate[i])) {
ldb_asprintf_errstring(module->ldb,
"partition_init: "
diff --git a/source/dsdb/samdb/ldb_modules/samldb.c b/source/dsdb/samdb/ldb_modules/samldb.c
index 88590f3..bd491bd 100644
--- a/source/dsdb/samdb/ldb_modules/samldb.c
+++ b/source/dsdb/samdb/ldb_modules/samldb.c
@@ -768,6 +768,10 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
struct ldb_message_element *el, *el2;
int ret;
unsigned int group_type, user_account_control, account_type;
+ if (ldb_dn_is_special(req->op.mod.message->dn)) { /* do not manipulate our control entries */
+ return ldb_next_request(module, req);
+ }
+
if (ldb_msg_find_element(req->op.mod.message, "sAMAccountType") != NULL) {
ldb_asprintf_errstring(module->ldb, "sAMAccountType must not be specified");
return LDB_ERR_UNWILLING_TO_PERFORM;
diff --git a/source/dsdb/samdb/ldb_modules/schema_syntax.c b/source/dsdb/samdb/ldb_modules/schema_syntax.c
index d800e4b..ab9f32c 100644
--- a/source/dsdb/samdb/ldb_modules/schema_syntax.c
+++ b/source/dsdb/samdb/ldb_modules/schema_syntax.c
@@ -248,7 +248,7 @@ static int schema_validate_dn(struct ldb_context *ldb, struct ldb_val *val, int
struct ldb_dn *dn;
int ret = LDB_SUCCESS;
- dn = ldb_dn_new(ldb, ldb, (const char *)val->data);
+ dn = ldb_dn_from_ldb_val(ldb, ldb, val);
if ( ! ldb_dn_validate(dn)) {
ret = LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
diff --git a/source/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
index 6e967aa..8f92995 100644
--- a/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
+++ b/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
@@ -154,7 +154,7 @@ static struct ldb_val objectCategory_always_dn(struct ldb_module *module, TALLOC
struct ldb_val out = data_blob(NULL, 0);
const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(module->ldb, "objectCategory");
- dn = ldb_dn_new(ctx, module->ldb, val->data);
+ dn = ldb_dn_from_ldb_val(ctx, module->ldb, val);
if (dn && ldb_dn_validate(dn)) {
talloc_free(dn);
return val_copy(module, ctx, val);
diff --git a/source/dsdb/schema/schema_init.c b/source/dsdb/schema/schema_init.c
index 73be580..3ed7dae 100644
--- a/source/dsdb/schema/schema_init.c
+++ b/source/dsdb/schema/schema_init.c
@@ -1409,548 +1409,3 @@ WERROR dsdb_class_from_drsuapi(struct dsdb_schema *schema,
return WERR_OK;
}
-const struct dsdb_attribute *dsdb_attribute_by_attributeID_id(const struct dsdb_schema *schema,
- uint32_t id)
-{
- struct dsdb_attribute *cur;
-
- /*
- * 0xFFFFFFFF is used as value when no mapping table is available,
- * so don't try to match with it
- */
- if (id == 0xFFFFFFFF) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (cur->attributeID_id != id) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_attributeID_oid(const struct dsdb_schema *schema,
- const char *oid)
-{
- struct dsdb_attribute *cur;
-
- if (!oid) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (strcmp(cur->attributeID_oid, oid) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_lDAPDisplayName(const struct dsdb_schema *schema,
- const char *name)
-{
- struct dsdb_attribute *cur;
-
- if (!name) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_attribute *dsdb_attribute_by_linkID(const struct dsdb_schema *schema,
- int linkID)
-{
- struct dsdb_attribute *cur;
-
- /* TODO: add binary search */
- for (cur = schema->attributes; cur; cur = cur->next) {
- if (cur->linkID != linkID) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_governsID_id(const struct dsdb_schema *schema,
- uint32_t id)
-{
- struct dsdb_class *cur;
-
- /*
- * 0xFFFFFFFF is used as value when no mapping table is available,
- * so don't try to match with it
- */
- if (id == 0xFFFFFFFF) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (cur->governsID_id != id) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_governsID_oid(const struct dsdb_schema *schema,
- const char *oid)
-{
- struct dsdb_class *cur;
-
- if (!oid) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (strcmp(cur->governsID_oid, oid) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_lDAPDisplayName(const struct dsdb_schema *schema,
- const char *name)
-{
- struct dsdb_class *cur;
-
- if (!name) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
- if (strcasecmp(cur->lDAPDisplayName, name) != 0) continue;
-
- return cur;
- }
-
- return NULL;
-}
-
-const struct dsdb_class *dsdb_class_by_cn(const struct dsdb_schema *schema,
- const char *cn)
-{
- struct dsdb_class *cur;
-
- if (!cn) return NULL;
-
- /* TODO: add binary search */
- for (cur = schema->classes; cur; cur = cur->next) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list