[Samba] RPC: Problem Deleting LDAP-Entries in pdb_ldap.c

Wed Feb 25 11:37:11 GMT 2004

On Wed, 2004-02-25 at 22:07, Yohann Fourteau wrote:
> The patch revisited.
> I've :
> * removed strtok, safe_strcat uses
> * used talloc functions
> * added comments
> * done modifications before renaming the entry
> * compared two UTF8 strings with strcmp function
> 
> What are you thinking about ?
> 
> -----------------------------
> --- a/smbldap.c	Thu Feb 19 15:52:00 2004
> +++ b/smbldap.c	Wed Feb 25 11:56:43 2004
> @@ -971,21 +971,257 @@
>  	int 		attempts = 0;
>  	char           *utf8_dn;
>  
> -	SMB_ASSERT(ldap_state);
> +	BOOL		do_rename = False;
> +	BOOL		naming_deleted = False;
> +	BOOL		naming_more_value = False;
> +	int		i,j,k;
> +	char	       *rdn_attribut;
> +	char 	      **rdn;
> +	char	       *new_rdn;
> +	char	       *first_rdn;
> +	char	       *utf8_new_rdn;
> +	char	       *new_rdn_value;
> +	char	       *rdn_value;
> +	char	       *utf8_rdn_value;
> +	TALLOC_CTX     *t_ctx;
> +
> +	/* 
> +	 *  The naming attribute is the attribute used in the first RDN
> +	 *  of the DN (first from the left). 
> +	 *  Ex : uid=foo,ou=people,dc=boo,dc=com => Naming attribut is "uid"
> +	 *
> +	 *  In fact, it's a little bit more complex with multiple naming 
> +	 *  attributes :
> +	 *  Ex : uid=foo+cn=bar,ou=people,dc=boo,dc=com 
> +	 *  (Not supported by that patch)
> +	 * 
> +	 *  The attrs array contains the list of the modification. 
> +	 *  If the naming attribute is modified or deleted, the DN won't be
> +	 *  correct.
> +	 *
> +	 *  To apply a modification on the naming attribute, you must modify 
> +	 *  the DN with the ldap_modrdn2_s function. That function change the 
> +	 *  naming attribute both in the DN and in the entry.
> +	 * 
> +	 *  The problem is that we must extract and remove the modification 
> +	 *  of the naming attribute from the attrs array.
> +	 *
> +	 * */

Great explanation!

> +	/* 
> +	 *  Extraction of the naming attribute from the DN
> +	 *  rdn : array of rdn extrated from the DN
> +	 *  rdn_attribut : naming attribute (string)
> +	 *  utf8_rdn_value : value of the naming attribute 
> +	 *  			in the DN (UTF8 string)
> +	 *  
> +	 * */
> +	t_ctx=talloc_init("smbldap_modify");
>  
> +	rdn = ldap_explode_dn(dn,0);
> +	first_rdn=rdn[0];
> +	rdn_value=strchr(first_rdn,'=')+1;
> +	if (push_utf8_allocate(&utf8_rdn_value, rdn_value) == (size_t)-1) {
> +		talloc_destroy(t_ctx);
> +		return LDAP_NO_MEMORY;
> +	}

This seems wrong.  ldap_explode_dn is already returning a UTF8 string.

> +	/*
> +	 *  There is no talloc_strndup() ...
> +	 * */
> +	rdn_attribut=strndup(first_rdn, strlen(first_rdn)-strlen(rdn_value)-1);
> +	if (!rdn_attribut) {
> +		SAFE_FREE(utf8_rdn_value);
> +		talloc_destroy(t_ctx);
> +		return LDAP_NO_MEMORY;
> +	}	

I'm sure we could write a talloc_strndup if you want :-).  Or just
talloc_strdup it, and null out the =.

>  
>  	if (push_utf8_allocate(&utf8_dn, dn) == (size_t)-1) {
> +		SAFE_FREE(utf8_new_rdn);
>  		return LDAP_NO_MEMORY;
>  	}

I think we need to put that at the top of the procedure, and declare
that it is 'all UTF8'.  That way, you don't need to convert the strings
pulled from LDAP, or the strings we are playing with.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040225/aa34bb04/attachment.bin