[PATCH] Some cleanups in asn1/tldap
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Feb 2 16:09:43 UTC 2016
Hi!
Attached find a patchset with some cleanup.
Review appreciated!
Thanks, Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From d2fac7448c9a2ac0176e9f3bbcacb64a8ffddd6a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Fri, 18 Dec 2015 17:23:19 +0100
Subject: [PATCH 01/19] tldap: Add some required includes
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/include/tldap.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/source3/include/tldap.h b/source3/include/tldap.h
index 1c704b4..829b124 100644
--- a/source3/include/tldap.h
+++ b/source3/include/tldap.h
@@ -20,6 +20,7 @@
#ifndef __TLDAP_H__
#define __TLDAP_H__
+#include "replace.h"
#include <talloc.h>
#include <tevent.h>
#include "lib/util/data_blob.h"
--
1.9.1
From 40fbee9a5410927f8196a8282c624ce6638b8709 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Fri, 18 Dec 2015 16:31:46 +0100
Subject: [PATCH 02/19] tldap: Mark server down if read failed
This matches tldap_msg_sent
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/lib/tldap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index d8b4f24..4c2319c 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -589,6 +589,7 @@ static void tldap_msg_received(struct tevent_req *subreq)
received = read_ldap_recv(subreq, talloc_tos(), &inbuf, &err);
TALLOC_FREE(subreq);
if (received == -1) {
+ ld->server_down = true;
status = TLDAP_SERVER_DOWN;
goto fail;
}
--
1.9.1
From f337c63937f3141862a583b3eded1e54174592e5 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 21 Dec 2015 21:28:35 +0100
Subject: [PATCH 03/19] tldap: Slightly simplify tldap_search_cb
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/lib/tldap.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 4c2319c..8476032 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -1788,11 +1788,10 @@ static void tldap_search_cb(struct tevent_req *req)
(struct tldap_sync_search_state *)
tevent_req_callback_data_void(req);
struct tldap_message *msg, **tmp;
- int rc, num_entries, num_refs;
+ int num_entries, num_refs;
- rc = tldap_search_recv(req, talloc_tos(), &msg);
- if (rc != TLDAP_SUCCESS) {
- state->rc = rc;
+ state->rc = tldap_search_recv(req, talloc_tos(), &msg);
+ if (state->rc != TLDAP_SUCCESS) {
return;
}
--
1.9.1
From d14eaa9597c951080b6d1e5ff9b47bdddbdd7054 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 26 Dec 2015 22:40:36 +0100
Subject: [PATCH 04/19] tldap: Parse the sasl output blob
---
source3/include/tldap.h | 7 ++--
source3/lib/tldap.c | 85 ++++++++++++++++++++++++++++++++++++++++---------
2 files changed, 75 insertions(+), 17 deletions(-)
diff --git a/source3/include/tldap.h b/source3/include/tldap.h
index 829b124..7f53ffc 100644
--- a/source3/include/tldap.h
+++ b/source3/include/tldap.h
@@ -65,7 +65,8 @@ struct tevent_req *tldap_sasl_bind_send(TALLOC_CTX *mem_ctx,
int num_sctrls,
struct tldap_control *cctrls,
int num_cctrls);
-int tldap_sasl_bind_recv(struct tevent_req *req);
+int tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds);
int tldap_sasl_bind(struct tldap_context *ldap,
const char *dn,
const char *mechanism,
@@ -73,7 +74,9 @@ int tldap_sasl_bind(struct tldap_context *ldap,
struct tldap_control *sctrls,
int num_sctrls,
struct tldap_control *cctrls,
- int num_ctrls);
+ int num_cctrls,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds);
struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 8476032..df95ec3 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -94,6 +94,7 @@ struct tldap_message {
char *res_matcheddn;
char *res_diagnosticmessage;
char *res_referral;
+ DATA_BLOB res_serverSaslCreds;
struct tldap_control *res_sctrls;
/* Controls sent by the server */
@@ -877,6 +878,7 @@ static void tldap_sasl_bind_done(struct tevent_req *subreq)
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
int err;
+ bool ok;
err = tldap_msg_recv(subreq, state, &state->result);
TALLOC_FREE(subreq);
@@ -888,25 +890,75 @@ static void tldap_sasl_bind_done(struct tevent_req *subreq)
tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
- if (!asn1_start_tag(state->result->data, state->result->type) ||
- !tldap_decode_response(state) ||
- !asn1_end_tag(state->result->data)) {
- tevent_req_error(req, TLDAP_DECODING_ERROR);
- return;
+
+ ok = asn1_start_tag(state->result->data, TLDAP_RES_BIND);
+ ok &= tldap_decode_response(state);
+
+ if (asn1_peek_tag(state->result->data, ASN1_CONTEXT_SIMPLE(7))) {
+ int len;
+
+ ok &= asn1_start_tag(state->result->data,
+ ASN1_CONTEXT_SIMPLE(7));
+ if (!ok) {
+ goto decode_error;
+ }
+
+ len = asn1_tag_remaining(state->result->data);
+ if (len == -1) {
+ goto decode_error;
+ }
+
+ state->result->res_serverSaslCreds =
+ data_blob_talloc(state->result, NULL, len);
+ if (state->result->res_serverSaslCreds.data == NULL) {
+ goto decode_error;
+ }
+
+ ok = asn1_read(state->result->data,
+ state->result->res_serverSaslCreds.data,
+ state->result->res_serverSaslCreds.length);
+
+ ok &= asn1_end_tag(state->result->data);
}
- /*
- * TODO: pull the reply blob
- */
- if (state->result->lderr != TLDAP_SUCCESS) {
+
+ ok &= asn1_end_tag(state->result->data);
+
+ if (!ok) {
+ goto decode_error;
+ }
+
+ if ((state->result->lderr != TLDAP_SUCCESS) &&
+ (state->result->lderr != TLDAP_SASL_BIND_IN_PROGRESS)) {
tevent_req_error(req, state->result->lderr);
return;
}
tevent_req_done(req);
+ return;
+
+decode_error:
+ tevent_req_error(req, TLDAP_DECODING_ERROR);
+ return;
}
-int tldap_sasl_bind_recv(struct tevent_req *req)
+int tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds)
{
- return tldap_simple_recv(req);
+ struct tldap_req_state *state = tevent_req_data(
+ req, struct tldap_req_state);
+ int err;
+
+ if (tevent_req_is_ldap_error(req, &err)) {
+ return err;
+ }
+
+ if (serverSaslCreds != NULL) {
+ serverSaslCreds->data = talloc_move(
+ mem_ctx, &state->result->res_serverSaslCreds.data);
+ serverSaslCreds->length =
+ state->result->res_serverSaslCreds.length;
+ }
+
+ return state->result->lderr;
}
int tldap_sasl_bind(struct tldap_context *ld,
@@ -916,7 +968,9 @@ int tldap_sasl_bind(struct tldap_context *ld,
struct tldap_control *sctrls,
int num_sctrls,
struct tldap_control *cctrls,
- int num_cctrls)
+ int num_cctrls,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
@@ -941,7 +995,7 @@ int tldap_sasl_bind(struct tldap_context *ld,
goto fail;
}
- result = tldap_sasl_bind_recv(req);
+ result = tldap_sasl_bind_recv(req, mem_ctx, serverSaslCreds);
tldap_save_msg(ld, req);
fail:
TALLOC_FREE(frame);
@@ -969,7 +1023,7 @@ struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
int tldap_simple_bind_recv(struct tevent_req *req)
{
- return tldap_sasl_bind_recv(req);
+ return tldap_sasl_bind_recv(req, NULL, NULL);
}
int tldap_simple_bind(struct tldap_context *ld, const char *dn,
@@ -984,7 +1038,8 @@ int tldap_simple_bind(struct tldap_context *ld, const char *dn,
cred.data = discard_const_p(uint8_t, "");
cred.length = 0;
}
- return tldap_sasl_bind(ld, dn, NULL, &cred, NULL, 0, NULL, 0);
+ return tldap_sasl_bind(ld, dn, NULL, &cred, NULL, 0, NULL, 0,
+ NULL, NULL);
}
/*****************************************************************************/
--
1.9.1
From 7ae3a38ea0436af1f4b207228262edb5455ac791 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 24 Jan 2016 11:53:48 +0100
Subject: [PATCH 05/19] lib: Introduce TLDAPRC
Make ldap return codes type safe
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/include/tldap.h | 208 +++++++--------
source3/include/tldap_util.h | 24 +-
source3/lib/tldap.c | 589 +++++++++++++++++++------------------------
source3/lib/tldap_util.c | 102 ++++----
4 files changed, 433 insertions(+), 490 deletions(-)
diff --git a/source3/include/tldap.h b/source3/include/tldap.h
index 7f53ffc..18317f7 100644
--- a/source3/include/tldap.h
+++ b/source3/include/tldap.h
@@ -47,7 +47,74 @@ struct tldap_mod {
DATA_BLOB *values;
};
-bool tevent_req_is_ldap_error(struct tevent_req *req, int *perr);
+typedef struct { uint8_t rc; } TLDAPRC;
+#define TLDAP_RC(x) ((TLDAPRC){.rc = x})
+#define TLDAP_RC_V(x) ((x).rc)
+
+#define TLDAP_RC_EQUAL(x,y) (TLDAP_RC_V(x)==TLDAP_RC_V(y))
+#define TLDAP_RC_IS_SUCCESS(x) TLDAP_RC_EQUAL(x,TLDAP_SUCCESS)
+
+#define TLDAP_SUCCESS TLDAP_RC(0x00)
+#define TLDAP_OPERATIONS_ERROR TLDAP_RC(0x01)
+#define TLDAP_PROTOCOL_ERROR TLDAP_RC(0x02)
+#define TLDAP_TIMELIMIT_EXCEEDED TLDAP_RC(0x03)
+#define TLDAP_SIZELIMIT_EXCEEDED TLDAP_RC(0x04)
+#define TLDAP_COMPARE_FALSE TLDAP_RC(0x05)
+#define TLDAP_COMPARE_TRUE TLDAP_RC(0x06)
+#define TLDAP_STRONG_AUTH_NOT_SUPPORTED TLDAP_RC(0x07)
+#define TLDAP_STRONG_AUTH_REQUIRED TLDAP_RC(0x08)
+#define TLDAP_REFERRAL TLDAP_RC(0x0a)
+#define TLDAP_ADMINLIMIT_EXCEEDED TLDAP_RC(0x0b)
+#define TLDAP_UNAVAILABLE_CRITICAL_EXTENSION TLDAP_RC(0x0c)
+#define TLDAP_CONFIDENTIALITY_REQUIRED TLDAP_RC(0x0d)
+#define TLDAP_SASL_BIND_IN_PROGRESS TLDAP_RC(0x0e)
+#define TLDAP_NO_SUCH_ATTRIBUTE TLDAP_RC(0x10)
+#define TLDAP_UNDEFINED_TYPE TLDAP_RC(0x11)
+#define TLDAP_INAPPROPRIATE_MATCHING TLDAP_RC(0x12)
+#define TLDAP_CONSTRAINT_VIOLATION TLDAP_RC(0x13)
+#define TLDAP_TYPE_OR_VALUE_EXISTS TLDAP_RC(0x14)
+#define TLDAP_INVALID_SYNTAX TLDAP_RC(0x15)
+#define TLDAP_NO_SUCH_OBJECT TLDAP_RC(0x20)
+#define TLDAP_ALIAS_PROBLEM TLDAP_RC(0x21)
+#define TLDAP_INVALID_DN_SYNTAX TLDAP_RC(0x22)
+#define TLDAP_IS_LEAF TLDAP_RC(0x23)
+#define TLDAP_ALIAS_DEREF_PROBLEM TLDAP_RC(0x24)
+#define TLDAP_INAPPROPRIATE_AUTH TLDAP_RC(0x30)
+#define TLDAP_INVALID_CREDENTIALS TLDAP_RC(0x31)
+#define TLDAP_INSUFFICIENT_ACCESS TLDAP_RC(0x32)
+#define TLDAP_BUSY TLDAP_RC(0x33)
+#define TLDAP_UNAVAILABLE TLDAP_RC(0x34)
+#define TLDAP_UNWILLING_TO_PERFORM TLDAP_RC(0x35)
+#define TLDAP_LOOP_DETECT TLDAP_RC(0x36)
+#define TLDAP_NAMING_VIOLATION TLDAP_RC(0x40)
+#define TLDAP_OBJECT_CLASS_VIOLATION TLDAP_RC(0x41)
+#define TLDAP_NOT_ALLOWED_ON_NONLEAF TLDAP_RC(0x42)
+#define TLDAP_NOT_ALLOWED_ON_RDN TLDAP_RC(0x43)
+#define TLDAP_ALREADY_EXISTS TLDAP_RC(0x44)
+#define TLDAP_NO_OBJECT_CLASS_MODS TLDAP_RC(0x45)
+#define TLDAP_RESULTS_TOO_LARGE TLDAP_RC(0x46)
+#define TLDAP_AFFECTS_MULTIPLE_DSAS TLDAP_RC(0x47)
+#define TLDAP_OTHER TLDAP_RC(0x50)
+#define TLDAP_SERVER_DOWN TLDAP_RC(0x51)
+#define TLDAP_LOCAL_ERROR TLDAP_RC(0x52)
+#define TLDAP_ENCODING_ERROR TLDAP_RC(0x53)
+#define TLDAP_DECODING_ERROR TLDAP_RC(0x54)
+#define TLDAP_TIMEOUT TLDAP_RC(0x55)
+#define TLDAP_AUTH_UNKNOWN TLDAP_RC(0x56)
+#define TLDAP_FILTER_ERROR TLDAP_RC(0x57)
+#define TLDAP_USER_CANCELLED TLDAP_RC(0x58)
+#define TLDAP_PARAM_ERROR TLDAP_RC(0x59)
+#define TLDAP_NO_MEMORY TLDAP_RC(0x5a)
+#define TLDAP_CONNECT_ERROR TLDAP_RC(0x5b)
+#define TLDAP_NOT_SUPPORTED TLDAP_RC(0x5c)
+#define TLDAP_CONTROL_NOT_FOUND TLDAP_RC(0x5d)
+#define TLDAP_NO_RESULTS_RETURNED TLDAP_RC(0x5e)
+#define TLDAP_MORE_RESULTS_TO_RETURN TLDAP_RC(0x5f)
+#define TLDAP_CLIENT_LOOP TLDAP_RC(0x60)
+#define TLDAP_REFERRAL_LIMIT_EXCEEDED TLDAP_RC(0x61)
+
+bool tevent_req_ldap_error(struct tevent_req *req, TLDAPRC rc);
+bool tevent_req_is_ldap_error(struct tevent_req *req, TLDAPRC *perr);
struct tldap_context *tldap_context_create(TALLOC_CTX *mem_ctx, int fd);
bool tldap_connection_ok(struct tldap_context *ld);
@@ -65,27 +132,27 @@ struct tevent_req *tldap_sasl_bind_send(TALLOC_CTX *mem_ctx,
int num_sctrls,
struct tldap_control *cctrls,
int num_cctrls);
-int tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- DATA_BLOB *serverSaslCreds);
-int tldap_sasl_bind(struct tldap_context *ldap,
- const char *dn,
- const char *mechanism,
- DATA_BLOB *creds,
- struct tldap_control *sctrls,
- int num_sctrls,
- struct tldap_control *cctrls,
- int num_cctrls,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *serverSaslCreds);
+TLDAPRC tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds);
+TLDAPRC tldap_sasl_bind(struct tldap_context *ldap,
+ const char *dn,
+ const char *mechanism,
+ DATA_BLOB *creds,
+ struct tldap_control *sctrls,
+ int num_sctrls,
+ struct tldap_control *cctrls,
+ int num_cctrls,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds);
struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct tldap_context *ldap,
const char *dn,
const char *passwd);
-int tldap_simple_bind_recv(struct tevent_req *req);
-int tldap_simple_bind(struct tldap_context *ldap, const char *dn,
- const char *passwd);
+TLDAPRC tldap_simple_bind_recv(struct tevent_req *req);
+TLDAPRC tldap_simple_bind(struct tldap_context *ldap, const char *dn,
+ const char *passwd);
struct tevent_req *tldap_search_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -102,16 +169,16 @@ struct tevent_req *tldap_search_send(TALLOC_CTX *mem_ctx,
int timelimit,
int sizelimit,
int deref);
-int tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- struct tldap_message **pmsg);
-int tldap_search(struct tldap_context *ld,
- const char *base, int scope, const char *filter,
- const char **attrs, int num_attrs, int attrsonly,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls,
- int timelimit, int sizelimit, int deref,
- TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
- struct tldap_message ***refs);
+TLDAPRC tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message **pmsg);
+TLDAPRC tldap_search(struct tldap_context *ld,
+ const char *base, int scope, const char *filter,
+ const char **attrs, int num_attrs, int attrsonly,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls,
+ int timelimit, int sizelimit, int deref,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
+ struct tldap_message ***refs);
bool tldap_entry_dn(struct tldap_message *msg, char **dn);
bool tldap_entry_attributes(struct tldap_message *msg,
struct tldap_attribute **attributes,
@@ -127,11 +194,11 @@ struct tevent_req *tldap_add_send(TALLOC_CTX *mem_ctx,
int num_sctrls,
struct tldap_control *cctrls,
int num_cctrls);
-int tldap_add_recv(struct tevent_req *req);
-int tldap_add(struct tldap_context *ld, const char *dn,
- struct tldap_mod *attributes, int num_attributes,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls);
+TLDAPRC tldap_add_recv(struct tevent_req *req);
+TLDAPRC tldap_add(struct tldap_context *ld, const char *dn,
+ struct tldap_mod *attributes, int num_attributes,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls);
struct tevent_req *tldap_modify_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -142,11 +209,11 @@ struct tevent_req *tldap_modify_send(TALLOC_CTX *mem_ctx,
int num_sctrls,
struct tldap_control *cctrls,
int num_cctrls);
-int tldap_modify_recv(struct tevent_req *req);
-int tldap_modify(struct tldap_context *ld, const char *dn,
- struct tldap_mod *mods, int num_mods,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls);
+TLDAPRC tldap_modify_recv(struct tevent_req *req);
+TLDAPRC tldap_modify(struct tldap_context *ld, const char *dn,
+ struct tldap_mod *mods, int num_mods,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls);
struct tevent_req *tldap_delete_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -156,10 +223,10 @@ struct tevent_req *tldap_delete_send(TALLOC_CTX *mem_ctx,
int num_sctrls,
struct tldap_control *cctrls,
int num_cctrls);
-int tldap_delete_recv(struct tevent_req *req);
-int tldap_delete(struct tldap_context *ld, const char *dn,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls);
+TLDAPRC tldap_delete_recv(struct tevent_req *req);
+TLDAPRC tldap_delete(struct tldap_context *ld, const char *dn,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls);
int tldap_msg_id(const struct tldap_message *msg);
int tldap_msg_type(const struct tldap_message *msg);
@@ -169,7 +236,7 @@ const char *tldap_msg_referral(struct tldap_message *msg);
void tldap_msg_sctrls(struct tldap_message *msg, int *num_sctrls,
struct tldap_control **sctrls);
struct tldap_message *tldap_ctx_lastmsg(struct tldap_context *ld);
-const char *tldap_err2string(int rc);
+const char *tldap_rc2string(TLDAPRC rc);
/* DEBUG */
enum tldap_debug_level {
@@ -213,65 +280,6 @@ void tldap_set_debug(struct tldap_context *ld,
#define TLDAP_RES_EXTENDED (24 + 0x60)
#define TLDAP_RES_INTERMEDIATE (25 + 0x60)
-#define TLDAP_SUCCESS (0x00)
-#define TLDAP_OPERATIONS_ERROR (0x01)
-#define TLDAP_PROTOCOL_ERROR (0x02)
-#define TLDAP_TIMELIMIT_EXCEEDED (0x03)
-#define TLDAP_SIZELIMIT_EXCEEDED (0x04)
-#define TLDAP_COMPARE_FALSE (0x05)
-#define TLDAP_COMPARE_TRUE (0x06)
-#define TLDAP_STRONG_AUTH_NOT_SUPPORTED (0x07)
-#define TLDAP_STRONG_AUTH_REQUIRED (0x08)
-#define TLDAP_REFERRAL (0x0a)
-#define TLDAP_ADMINLIMIT_EXCEEDED (0x0b)
-#define TLDAP_UNAVAILABLE_CRITICAL_EXTENSION (0x0c)
-#define TLDAP_CONFIDENTIALITY_REQUIRED (0x0d)
-#define TLDAP_SASL_BIND_IN_PROGRESS (0x0e)
-#define TLDAP_NO_SUCH_ATTRIBUTE (0x10)
-#define TLDAP_UNDEFINED_TYPE (0x11)
-#define TLDAP_INAPPROPRIATE_MATCHING (0x12)
-#define TLDAP_CONSTRAINT_VIOLATION (0x13)
-#define TLDAP_TYPE_OR_VALUE_EXISTS (0x14)
-#define TLDAP_INVALID_SYNTAX (0x15)
-#define TLDAP_NO_SUCH_OBJECT (0x20)
-#define TLDAP_ALIAS_PROBLEM (0x21)
-#define TLDAP_INVALID_DN_SYNTAX (0x22)
-#define TLDAP_IS_LEAF (0x23)
-#define TLDAP_ALIAS_DEREF_PROBLEM (0x24)
-#define TLDAP_INAPPROPRIATE_AUTH (0x30)
-#define TLDAP_INVALID_CREDENTIALS (0x31)
-#define TLDAP_INSUFFICIENT_ACCESS (0x32)
-#define TLDAP_BUSY (0x33)
-#define TLDAP_UNAVAILABLE (0x34)
-#define TLDAP_UNWILLING_TO_PERFORM (0x35)
-#define TLDAP_LOOP_DETECT (0x36)
-#define TLDAP_NAMING_VIOLATION (0x40)
-#define TLDAP_OBJECT_CLASS_VIOLATION (0x41)
-#define TLDAP_NOT_ALLOWED_ON_NONLEAF (0x42)
-#define TLDAP_NOT_ALLOWED_ON_RDN (0x43)
-#define TLDAP_ALREADY_EXISTS (0x44)
-#define TLDAP_NO_OBJECT_CLASS_MODS (0x45)
-#define TLDAP_RESULTS_TOO_LARGE (0x46)
-#define TLDAP_AFFECTS_MULTIPLE_DSAS (0x47)
-#define TLDAP_OTHER (0x50)
-#define TLDAP_SERVER_DOWN (0x51)
-#define TLDAP_LOCAL_ERROR (0x52)
-#define TLDAP_ENCODING_ERROR (0x53)
-#define TLDAP_DECODING_ERROR (0x54)
-#define TLDAP_TIMEOUT (0x55)
-#define TLDAP_AUTH_UNKNOWN (0x56)
-#define TLDAP_FILTER_ERROR (0x57)
-#define TLDAP_USER_CANCELLED (0x58)
-#define TLDAP_PARAM_ERROR (0x59)
-#define TLDAP_NO_MEMORY (0x5a)
-#define TLDAP_CONNECT_ERROR (0x5b)
-#define TLDAP_NOT_SUPPORTED (0x5c)
-#define TLDAP_CONTROL_NOT_FOUND (0x5d)
-#define TLDAP_NO_RESULTS_RETURNED (0x5e)
-#define TLDAP_MORE_RESULTS_TO_RETURN (0x5f)
-#define TLDAP_CLIENT_LOOP (0x60)
-#define TLDAP_REFERRAL_LIMIT_EXCEEDED (0x61)
-
#define TLDAP_MOD_ADD (0)
#define TLDAP_MOD_DELETE (1)
#define TLDAP_MOD_REPLACE (2)
diff --git a/source3/include/tldap_util.h b/source3/include/tldap_util.h
index 53b0c7b..f9d088c 100644
--- a/source3/include/tldap_util.h
+++ b/source3/include/tldap_util.h
@@ -48,15 +48,15 @@ bool tldap_make_mod_fmt(struct tldap_message *existing, TALLOC_CTX *mem_ctx,
const char *attrib, const char *fmt, ...);
const char *tldap_errstr(TALLOC_CTX *mem_ctx, struct tldap_context *ld,
- int rc);
-int tldap_search_va(struct tldap_context *ld, const char *base, int scope,
- const char *attrs[], int num_attrs, int attrsonly,
- TALLOC_CTX *mem_ctx, struct tldap_message ***res,
+ TLDAPRC rc);
+TLDAPRC tldap_search_va(struct tldap_context *ld, const char *base, int scope,
+ const char *attrs[], int num_attrs, int attrsonly,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***res,
const char *fmt, va_list ap);
-int tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
- const char *attrs[], int num_attrs, int attrsonly,
- TALLOC_CTX *mem_ctx, struct tldap_message ***res,
- const char *fmt, ...);
+TLDAPRC tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
+ const char *attrs[], int num_attrs, int attrsonly,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***res,
+ const char *fmt, ...);
bool tldap_pull_uint64(struct tldap_message *msg, const char *attr,
uint64_t *presult);
bool tldap_pull_uint32(struct tldap_message *msg, const char *attr,
@@ -65,8 +65,8 @@ bool tldap_pull_uint32(struct tldap_message *msg, const char *attr,
struct tevent_req *tldap_fetch_rootdse_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct tldap_context *ld);
-int tldap_fetch_rootdse_recv(struct tevent_req *req);
-int tldap_fetch_rootdse(struct tldap_context *ld);
+TLDAPRC tldap_fetch_rootdse_recv(struct tevent_req *req);
+TLDAPRC tldap_fetch_rootdse(struct tldap_context *ld);
struct tldap_message *tldap_rootdse(struct tldap_context *ld);
bool tldap_entry_has_attrvalue(struct tldap_message *msg,
@@ -97,8 +97,8 @@ struct tevent_req *tldap_search_paged_send(TALLOC_CTX *mem_ctx,
int sizelimit,
int deref,
int page_size);
-int tldap_search_paged_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- struct tldap_message **pmsg);
+TLDAPRC tldap_search_paged_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message **pmsg);
#endif
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index df95ec3..8142f22 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -28,9 +28,26 @@
#include "../lib/tsocket/tsocket.h"
#include "../lib/util/tevent_unix.h"
-static int tldap_simple_recv(struct tevent_req *req);
+static TLDAPRC tldap_simple_recv(struct tevent_req *req);
-bool tevent_req_is_ldap_error(struct tevent_req *req, int *perr)
+#define TEVENT_TLDAP_RC_MAGIC (0x87bcd26e)
+
+bool tevent_req_ldap_error(struct tevent_req *req, TLDAPRC rc)
+{
+ uint64_t err;
+
+ if (TLDAP_RC_IS_SUCCESS(rc)) {
+ return false;
+ }
+
+ err = TEVENT_TLDAP_RC_MAGIC;
+ err <<= 32;
+ err |= TLDAP_RC_V(rc);
+
+ return tevent_req_error(req, err);
+}
+
+bool tevent_req_is_ldap_error(struct tevent_req *req, TLDAPRC *perr)
{
enum tevent_req_state state;
uint64_t err;
@@ -46,7 +63,10 @@ bool tevent_req_is_ldap_error(struct tevent_req *req, int *perr)
*perr = TLDAP_NO_MEMORY;
break;
case TEVENT_REQ_USER_ERROR:
- *perr = err;
+ if ((err >> 32) != TEVENT_TLDAP_RC_MAGIC) {
+ abort();
+ }
+ *perr = TLDAP_RC(err & 0xffffffff);
break;
default:
*perr = TLDAP_OPERATIONS_ERROR;
@@ -90,7 +110,7 @@ struct tldap_message {
struct tldap_attribute *attribs;
/* Error data sent by the server */
- int lderr;
+ TLDAPRC lderr;
char *res_matcheddn;
char *res_diagnosticmessage;
char *res_referral;
@@ -414,23 +434,23 @@ static struct tevent_req *tldap_msg_send(TALLOC_CTX *mem_ctx,
state->id = id;
if (state->ld->server_down) {
- tevent_req_error(req, TLDAP_SERVER_DOWN);
+ tevent_req_ldap_error(req, TLDAP_SERVER_DOWN);
return tevent_req_post(req, ev);
}
if (!tldap_push_controls(data, sctrls, num_sctrls)) {
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
if (!asn1_pop_tag(data)) {
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
if (!asn1_blob(data, &blob)) {
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -554,7 +574,7 @@ static void tldap_msg_sent(struct tevent_req *subreq)
TALLOC_FREE(subreq);
if (nwritten == -1) {
state->ld->server_down = true;
- tevent_req_error(req, TLDAP_SERVER_DOWN);
+ tevent_req_ldap_error(req, TLDAP_SERVER_DOWN);
return;
}
@@ -582,7 +602,8 @@ static void tldap_msg_received(struct tevent_req *subreq)
uint8_t *inbuf;
ssize_t received;
size_t num_pending;
- int i, err, status;
+ int i, err;
+ TLDAPRC status;
int id;
uint8_t type;
bool ok;
@@ -670,17 +691,17 @@ static void tldap_msg_received(struct tevent_req *subreq)
req = ld->pending[0];
state = tevent_req_data(req, struct tldap_msg_state);
tevent_req_defer_callback(req, state->ev);
- tevent_req_error(req, status);
+ tevent_req_ldap_error(req, status);
}
}
-static int tldap_msg_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- struct tldap_message **pmsg)
+static TLDAPRC tldap_msg_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message **pmsg)
{
struct tldap_msg_state *state = tevent_req_data(
req, struct tldap_msg_state);
struct tldap_message *msg;
- int err;
+ TLDAPRC err;
uint8_t msgtype;
if (tevent_req_is_ldap_error(req, &err)) {
@@ -792,9 +813,14 @@ static bool tldap_decode_response(struct tldap_req_state *state)
{
struct asn1_data *data = state->result->data;
struct tldap_message *msg = state->result;
+ int rc;
bool ok = true;
- ok &= asn1_read_enumerated(data, &msg->lderr);
+ ok &= asn1_read_enumerated(data, &rc);
+ if (ok) {
+ msg->lderr = TLDAP_RC(rc);
+ }
+
ok &= asn1_read_OctetString_talloc(msg, data, &msg->res_matcheddn);
ok &= asn1_read_OctetString_talloc(msg, data,
&msg->res_diagnosticmessage);
@@ -867,7 +893,7 @@ struct tevent_req *tldap_sasl_bind_send(TALLOC_CTX *mem_ctx,
err:
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -877,17 +903,16 @@ static void tldap_sasl_bind_done(struct tevent_req *subreq)
subreq, struct tevent_req);
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
- int err;
+ TLDAPRC rc;
bool ok;
- err = tldap_msg_recv(subreq, state, &state->result);
+ rc = tldap_msg_recv(subreq, state, &state->result);
TALLOC_FREE(subreq);
- if (err != TLDAP_SUCCESS) {
- tevent_req_error(req, err);
+ if (tevent_req_ldap_error(req, rc)) {
return;
}
if (state->result->type != TLDAP_RES_BIND) {
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
@@ -927,28 +952,29 @@ static void tldap_sasl_bind_done(struct tevent_req *subreq)
goto decode_error;
}
- if ((state->result->lderr != TLDAP_SUCCESS) &&
- (state->result->lderr != TLDAP_SASL_BIND_IN_PROGRESS)) {
- tevent_req_error(req, state->result->lderr);
+ if (!TLDAP_RC_IS_SUCCESS(state->result->lderr) &&
+ !TLDAP_RC_EQUAL(state->result->lderr,
+ TLDAP_SASL_BIND_IN_PROGRESS)) {
+ tevent_req_ldap_error(req, state->result->lderr);
return;
}
tevent_req_done(req);
return;
decode_error:
- tevent_req_error(req, TLDAP_DECODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_DECODING_ERROR);
return;
}
-int tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- DATA_BLOB *serverSaslCreds)
+TLDAPRC tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds)
{
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
- int err;
+ TLDAPRC rc;
- if (tevent_req_is_ldap_error(req, &err)) {
- return err;
+ if (tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
}
if (serverSaslCreds != NULL) {
@@ -961,45 +987,40 @@ int tldap_sasl_bind_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
return state->result->lderr;
}
-int tldap_sasl_bind(struct tldap_context *ld,
- const char *dn,
- const char *mechanism,
- DATA_BLOB *creds,
- struct tldap_control *sctrls,
- int num_sctrls,
- struct tldap_control *cctrls,
- int num_cctrls,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *serverSaslCreds)
+TLDAPRC tldap_sasl_bind(struct tldap_context *ld,
+ const char *dn,
+ const char *mechanism,
+ DATA_BLOB *creds,
+ struct tldap_control *sctrls,
+ int num_sctrls,
+ struct tldap_control *cctrls,
+ int num_cctrls,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *serverSaslCreds)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *req;
- int result;
+ TLDAPRC rc = TLDAP_NO_MEMORY;
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
req = tldap_sasl_bind_send(frame, ev, ld, dn, mechanism, creds,
sctrls, num_sctrls, cctrls, num_cctrls);
if (req == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
if (!tevent_req_poll(req, ev)) {
- result = TLDAP_OPERATIONS_ERROR;
+ rc = TLDAP_OPERATIONS_ERROR;
goto fail;
}
-
- result = tldap_sasl_bind_recv(req, mem_ctx, serverSaslCreds);
+ rc = tldap_sasl_bind_recv(req, mem_ctx, serverSaslCreds);
tldap_save_msg(ld, req);
fail:
TALLOC_FREE(frame);
- return result;
+ return rc;
}
struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
@@ -1021,13 +1042,13 @@ struct tevent_req *tldap_simple_bind_send(TALLOC_CTX *mem_ctx,
NULL, 0);
}
-int tldap_simple_bind_recv(struct tevent_req *req)
+TLDAPRC tldap_simple_bind_recv(struct tevent_req *req)
{
return tldap_sasl_bind_recv(req, NULL, NULL);
}
-int tldap_simple_bind(struct tldap_context *ld, const char *dn,
- const char *passwd)
+TLDAPRC tldap_simple_bind(struct tldap_context *ld, const char *dn,
+ const char *passwd)
{
DATA_BLOB cred;
@@ -1760,7 +1781,7 @@ struct tevent_req *tldap_search_send(TALLOC_CTX *mem_ctx,
return req;
encoding_error:
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -1770,11 +1791,10 @@ static void tldap_search_done(struct tevent_req *subreq)
subreq, struct tevent_req);
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
- int err;
+ TLDAPRC rc;
- err = tldap_msg_recv(subreq, state, &state->result);
- if (err != TLDAP_SUCCESS) {
- tevent_req_error(req, err);
+ rc = tldap_msg_recv(subreq, state, &state->result);
+ if (tevent_req_ldap_error(req, rc)) {
return;
}
switch (state->result->type) {
@@ -1793,27 +1813,27 @@ static void tldap_search_done(struct tevent_req *subreq)
!tldap_decode_response(state) ||
!asn1_end_tag(state->result->data) ||
!tldap_decode_controls(state)) {
- tevent_req_error(req, TLDAP_DECODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_DECODING_ERROR);
return;
}
tevent_req_done(req);
break;
default:
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
}
-int tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- struct tldap_message **pmsg)
+TLDAPRC tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message **pmsg)
{
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
- int err;
+ TLDAPRC rc;
if (!tevent_req_is_in_progress(req)
- && tevent_req_is_ldap_error(req, &err)) {
- return err;
+ && tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
}
if (tevent_req_is_in_progress(req)) {
@@ -1834,7 +1854,7 @@ struct tldap_sync_search_state {
TALLOC_CTX *mem_ctx;
struct tldap_message **entries;
struct tldap_message **refs;
- int rc;
+ TLDAPRC rc;
};
static void tldap_search_cb(struct tevent_req *req)
@@ -1846,7 +1866,7 @@ static void tldap_search_cb(struct tevent_req *req)
int num_entries, num_refs;
state->rc = tldap_search_recv(req, talloc_tos(), &msg);
- if (state->rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(state->rc)) {
return;
}
@@ -1883,14 +1903,14 @@ static void tldap_search_cb(struct tevent_req *req)
}
}
-int tldap_search(struct tldap_context *ld,
- const char *base, int scope, const char *filter,
- const char **attrs, int num_attrs, int attrsonly,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls,
- int timelimit, int sizelimit, int deref,
- TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
- struct tldap_message ***refs)
+TLDAPRC tldap_search(struct tldap_context *ld,
+ const char *base, int scope, const char *filter,
+ const char **attrs, int num_attrs, int attrsonly,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls,
+ int timelimit, int sizelimit, int deref,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
+ struct tldap_message ***refs)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
@@ -1923,14 +1943,14 @@ int tldap_search(struct tldap_context *ld,
}
}
- while (tevent_req_is_in_progress(req)
- && (state.rc == TLDAP_SUCCESS)) {
+ while (tevent_req_is_in_progress(req) &&
+ TLDAP_RC_IS_SUCCESS(state.rc)) {
if (tevent_loop_once(ev) == -1) {
return TLDAP_OPERATIONS_ERROR;
}
}
- if (state.rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(state.rc)) {
return state.rc;
}
@@ -2110,37 +2130,36 @@ static void tldap_simple_done(struct tevent_req *subreq, int type)
subreq, struct tevent_req);
struct tldap_req_state *state = tevent_req_data(
req, struct tldap_req_state);
- int err;
+ TLDAPRC rc;
- err = tldap_msg_recv(subreq, state, &state->result);
+ rc = tldap_msg_recv(subreq, state, &state->result);
TALLOC_FREE(subreq);
- if (err != TLDAP_SUCCESS) {
- tevent_req_error(req, err);
+ if (tevent_req_ldap_error(req, rc)) {
return;
}
if (state->result->type != type) {
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
if (!asn1_start_tag(state->result->data, state->result->type) ||
!tldap_decode_response(state) ||
!asn1_end_tag(state->result->data) ||
!tldap_decode_controls(state)) {
- tevent_req_error(req, TLDAP_DECODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_DECODING_ERROR);
return;
}
- if (state->result->lderr != TLDAP_SUCCESS) {
- tevent_req_error(req, state->result->lderr);
+ if (!TLDAP_RC_IS_SUCCESS(state->result->lderr)) {
+ tevent_req_ldap_error(req, state->result->lderr);
return;
}
tevent_req_done(req);
}
-static int tldap_simple_recv(struct tevent_req *req)
+static TLDAPRC tldap_simple_recv(struct tevent_req *req)
{
- int err;
- if (tevent_req_is_ldap_error(req, &err)) {
- return err;
+ TLDAPRC rc;
+ if (tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
}
return TLDAP_SUCCESS;
}
@@ -2199,7 +2218,7 @@ struct tevent_req *tldap_add_send(TALLOC_CTX *mem_ctx,
err:
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -2208,44 +2227,39 @@ static void tldap_add_done(struct tevent_req *subreq)
tldap_simple_done(subreq, TLDAP_RES_ADD);
}
-int tldap_add_recv(struct tevent_req *req)
+TLDAPRC tldap_add_recv(struct tevent_req *req)
{
return tldap_simple_recv(req);
}
-int tldap_add(struct tldap_context *ld, const char *dn,
- struct tldap_mod *attributes, int num_attributes,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls)
+TLDAPRC tldap_add(struct tldap_context *ld, const char *dn,
+ struct tldap_mod *attributes, int num_attributes,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *req;
- int result;
+ TLDAPRC rc = TLDAP_NO_MEMORY;
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
req = tldap_add_send(frame, ev, ld, dn, attributes, num_attributes,
sctrls, num_sctrls, cctrls, num_cctrls);
if (req == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
if (!tevent_req_poll(req, ev)) {
- result = TLDAP_OPERATIONS_ERROR;
+ rc = TLDAP_OPERATIONS_ERROR;
goto fail;
}
-
- result = tldap_add_recv(req);
+ rc = tldap_add_recv(req);
tldap_save_msg(ld, req);
fail:
TALLOC_FREE(frame);
- return result;
+ return rc;
}
static void tldap_modify_done(struct tevent_req *subreq);
@@ -2304,7 +2318,7 @@ struct tevent_req *tldap_modify_send(TALLOC_CTX *mem_ctx,
err:
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -2313,44 +2327,39 @@ static void tldap_modify_done(struct tevent_req *subreq)
tldap_simple_done(subreq, TLDAP_RES_MODIFY);
}
-int tldap_modify_recv(struct tevent_req *req)
+TLDAPRC tldap_modify_recv(struct tevent_req *req)
{
return tldap_simple_recv(req);
}
-int tldap_modify(struct tldap_context *ld, const char *dn,
- struct tldap_mod *mods, int num_mods,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls)
+TLDAPRC tldap_modify(struct tldap_context *ld, const char *dn,
+ struct tldap_mod *mods, int num_mods,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *req;
- int result;
+ TLDAPRC rc = TLDAP_NO_MEMORY;
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
req = tldap_modify_send(frame, ev, ld, dn, mods, num_mods,
sctrls, num_sctrls, cctrls, num_cctrls);
if (req == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
if (!tevent_req_poll(req, ev)) {
- result = TLDAP_OPERATIONS_ERROR;
+ rc = TLDAP_OPERATIONS_ERROR;
goto fail;
}
-
- result = tldap_modify_recv(req);
+ rc = tldap_modify_recv(req);
tldap_save_msg(ld, req);
fail:
TALLOC_FREE(frame);
- return result;
+ return rc;
}
static void tldap_delete_done(struct tevent_req *subreq);
@@ -2386,7 +2395,7 @@ struct tevent_req *tldap_delete_send(TALLOC_CTX *mem_ctx,
err:
- tevent_req_error(req, TLDAP_ENCODING_ERROR);
+ tevent_req_ldap_error(req, TLDAP_ENCODING_ERROR);
return tevent_req_post(req, ev);
}
@@ -2395,43 +2404,38 @@ static void tldap_delete_done(struct tevent_req *subreq)
tldap_simple_done(subreq, TLDAP_RES_DELETE);
}
-int tldap_delete_recv(struct tevent_req *req)
+TLDAPRC tldap_delete_recv(struct tevent_req *req)
{
return tldap_simple_recv(req);
}
-int tldap_delete(struct tldap_context *ld, const char *dn,
- struct tldap_control *sctrls, int num_sctrls,
- struct tldap_control *cctrls, int num_cctrls)
+TLDAPRC tldap_delete(struct tldap_context *ld, const char *dn,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *req;
- int result;
+ TLDAPRC rc = TLDAP_NO_MEMORY;
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
req = tldap_delete_send(frame, ev, ld, dn, sctrls, num_sctrls,
cctrls, num_cctrls);
if (req == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
if (!tevent_req_poll(req, ev)) {
- result = TLDAP_OPERATIONS_ERROR;
+ rc = TLDAP_OPERATIONS_ERROR;
goto fail;
}
-
- result = tldap_delete_recv(req);
+ rc = tldap_delete_recv(req);
tldap_save_msg(ld, req);
fail:
TALLOC_FREE(frame);
- return result;
+ return rc;
}
int tldap_msg_id(const struct tldap_message *msg)
@@ -2485,198 +2489,135 @@ struct tldap_message *tldap_ctx_lastmsg(struct tldap_context *ld)
return ld->last_msg;
}
-const char *tldap_err2string(int rc)
-{
- const char *res = NULL;
+static const struct { TLDAPRC rc; const char *string; } tldaprc_errmap[] =
+{
+ { TLDAP_SUCCESS,
+ "TLDAP_SUCCESS" },
+ { TLDAP_OPERATIONS_ERROR,
+ "TLDAP_OPERATIONS_ERROR" },
+ { TLDAP_PROTOCOL_ERROR,
+ "TLDAP_PROTOCOL_ERROR" },
+ { TLDAP_TIMELIMIT_EXCEEDED,
+ "TLDAP_TIMELIMIT_EXCEEDED" },
+ { TLDAP_SIZELIMIT_EXCEEDED,
+ "TLDAP_SIZELIMIT_EXCEEDED" },
+ { TLDAP_COMPARE_FALSE,
+ "TLDAP_COMPARE_FALSE" },
+ { TLDAP_COMPARE_TRUE,
+ "TLDAP_COMPARE_TRUE" },
+ { TLDAP_STRONG_AUTH_NOT_SUPPORTED,
+ "TLDAP_STRONG_AUTH_NOT_SUPPORTED" },
+ { TLDAP_STRONG_AUTH_REQUIRED,
+ "TLDAP_STRONG_AUTH_REQUIRED" },
+ { TLDAP_REFERRAL,
+ "TLDAP_REFERRAL" },
+ { TLDAP_ADMINLIMIT_EXCEEDED,
+ "TLDAP_ADMINLIMIT_EXCEEDED" },
+ { TLDAP_UNAVAILABLE_CRITICAL_EXTENSION,
+ "TLDAP_UNAVAILABLE_CRITICAL_EXTENSION" },
+ { TLDAP_CONFIDENTIALITY_REQUIRED,
+ "TLDAP_CONFIDENTIALITY_REQUIRED" },
+ { TLDAP_SASL_BIND_IN_PROGRESS,
+ "TLDAP_SASL_BIND_IN_PROGRESS" },
+ { TLDAP_NO_SUCH_ATTRIBUTE,
+ "TLDAP_NO_SUCH_ATTRIBUTE" },
+ { TLDAP_UNDEFINED_TYPE,
+ "TLDAP_UNDEFINED_TYPE" },
+ { TLDAP_INAPPROPRIATE_MATCHING,
+ "TLDAP_INAPPROPRIATE_MATCHING" },
+ { TLDAP_CONSTRAINT_VIOLATION,
+ "TLDAP_CONSTRAINT_VIOLATION" },
+ { TLDAP_TYPE_OR_VALUE_EXISTS,
+ "TLDAP_TYPE_OR_VALUE_EXISTS" },
+ { TLDAP_INVALID_SYNTAX,
+ "TLDAP_INVALID_SYNTAX" },
+ { TLDAP_NO_SUCH_OBJECT,
+ "TLDAP_NO_SUCH_OBJECT" },
+ { TLDAP_ALIAS_PROBLEM,
+ "TLDAP_ALIAS_PROBLEM" },
+ { TLDAP_INVALID_DN_SYNTAX,
+ "TLDAP_INVALID_DN_SYNTAX" },
+ { TLDAP_IS_LEAF,
+ "TLDAP_IS_LEAF" },
+ { TLDAP_ALIAS_DEREF_PROBLEM,
+ "TLDAP_ALIAS_DEREF_PROBLEM" },
+ { TLDAP_INAPPROPRIATE_AUTH,
+ "TLDAP_INAPPROPRIATE_AUTH" },
+ { TLDAP_INVALID_CREDENTIALS,
+ "TLDAP_INVALID_CREDENTIALS" },
+ { TLDAP_INSUFFICIENT_ACCESS,
+ "TLDAP_INSUFFICIENT_ACCESS" },
+ { TLDAP_BUSY,
+ "TLDAP_BUSY" },
+ { TLDAP_UNAVAILABLE,
+ "TLDAP_UNAVAILABLE" },
+ { TLDAP_UNWILLING_TO_PERFORM,
+ "TLDAP_UNWILLING_TO_PERFORM" },
+ { TLDAP_LOOP_DETECT,
+ "TLDAP_LOOP_DETECT" },
+ { TLDAP_NAMING_VIOLATION,
+ "TLDAP_NAMING_VIOLATION" },
+ { TLDAP_OBJECT_CLASS_VIOLATION,
+ "TLDAP_OBJECT_CLASS_VIOLATION" },
+ { TLDAP_NOT_ALLOWED_ON_NONLEAF,
+ "TLDAP_NOT_ALLOWED_ON_NONLEAF" },
+ { TLDAP_NOT_ALLOWED_ON_RDN,
+ "TLDAP_NOT_ALLOWED_ON_RDN" },
+ { TLDAP_ALREADY_EXISTS,
+ "TLDAP_ALREADY_EXISTS" },
+ { TLDAP_NO_OBJECT_CLASS_MODS,
+ "TLDAP_NO_OBJECT_CLASS_MODS" },
+ { TLDAP_RESULTS_TOO_LARGE,
+ "TLDAP_RESULTS_TOO_LARGE" },
+ { TLDAP_AFFECTS_MULTIPLE_DSAS,
+ "TLDAP_AFFECTS_MULTIPLE_DSAS" },
+ { TLDAP_OTHER,
+ "TLDAP_OTHER" },
+ { TLDAP_SERVER_DOWN,
+ "TLDAP_SERVER_DOWN" },
+ { TLDAP_LOCAL_ERROR,
+ "TLDAP_LOCAL_ERROR" },
+ { TLDAP_ENCODING_ERROR,
+ "TLDAP_ENCODING_ERROR" },
+ { TLDAP_DECODING_ERROR,
+ "TLDAP_DECODING_ERROR" },
+ { TLDAP_TIMEOUT,
+ "TLDAP_TIMEOUT" },
+ { TLDAP_AUTH_UNKNOWN,
+ "TLDAP_AUTH_UNKNOWN" },
+ { TLDAP_FILTER_ERROR,
+ "TLDAP_FILTER_ERROR" },
+ { TLDAP_USER_CANCELLED,
+ "TLDAP_USER_CANCELLED" },
+ { TLDAP_PARAM_ERROR,
+ "TLDAP_PARAM_ERROR" },
+ { TLDAP_NO_MEMORY,
+ "TLDAP_NO_MEMORY" },
+ { TLDAP_CONNECT_ERROR,
+ "TLDAP_CONNECT_ERROR" },
+ { TLDAP_NOT_SUPPORTED,
+ "TLDAP_NOT_SUPPORTED" },
+ { TLDAP_CONTROL_NOT_FOUND,
+ "TLDAP_CONTROL_NOT_FOUND" },
+ { TLDAP_NO_RESULTS_RETURNED,
+ "TLDAP_NO_RESULTS_RETURNED" },
+ { TLDAP_MORE_RESULTS_TO_RETURN,
+ "TLDAP_MORE_RESULTS_TO_RETURN" },
+ { TLDAP_CLIENT_LOOP,
+ "TLDAP_CLIENT_LOOP" },
+ { TLDAP_REFERRAL_LIMIT_EXCEEDED,
+ "TLDAP_REFERRAL_LIMIT_EXCEEDED" },
+};
- /*
- * This would normally be a table, but the error codes are not fully
- * sequential. Let the compiler figure out the optimum implementation
- * :-)
- */
+const char *tldap_rc2string(TLDAPRC rc)
+{
+ size_t i;
- switch (rc) {
- case TLDAP_SUCCESS:
- res = "TLDAP_SUCCESS";
- break;
- case TLDAP_OPERATIONS_ERROR:
- res = "TLDAP_OPERATIONS_ERROR";
- break;
- case TLDAP_PROTOCOL_ERROR:
- res = "TLDAP_PROTOCOL_ERROR";
- break;
- case TLDAP_TIMELIMIT_EXCEEDED:
- res = "TLDAP_TIMELIMIT_EXCEEDED";
- break;
- case TLDAP_SIZELIMIT_EXCEEDED:
- res = "TLDAP_SIZELIMIT_EXCEEDED";
- break;
- case TLDAP_COMPARE_FALSE:
- res = "TLDAP_COMPARE_FALSE";
- break;
- case TLDAP_COMPARE_TRUE:
- res = "TLDAP_COMPARE_TRUE";
- break;
- case TLDAP_STRONG_AUTH_NOT_SUPPORTED:
- res = "TLDAP_STRONG_AUTH_NOT_SUPPORTED";
- break;
- case TLDAP_STRONG_AUTH_REQUIRED:
- res = "TLDAP_STRONG_AUTH_REQUIRED";
- break;
- case TLDAP_REFERRAL:
- res = "TLDAP_REFERRAL";
- break;
- case TLDAP_ADMINLIMIT_EXCEEDED:
- res = "TLDAP_ADMINLIMIT_EXCEEDED";
- break;
- case TLDAP_UNAVAILABLE_CRITICAL_EXTENSION:
- res = "TLDAP_UNAVAILABLE_CRITICAL_EXTENSION";
- break;
- case TLDAP_CONFIDENTIALITY_REQUIRED:
- res = "TLDAP_CONFIDENTIALITY_REQUIRED";
- break;
- case TLDAP_SASL_BIND_IN_PROGRESS:
- res = "TLDAP_SASL_BIND_IN_PROGRESS";
- break;
- case TLDAP_NO_SUCH_ATTRIBUTE:
- res = "TLDAP_NO_SUCH_ATTRIBUTE";
- break;
- case TLDAP_UNDEFINED_TYPE:
- res = "TLDAP_UNDEFINED_TYPE";
- break;
- case TLDAP_INAPPROPRIATE_MATCHING:
- res = "TLDAP_INAPPROPRIATE_MATCHING";
- break;
- case TLDAP_CONSTRAINT_VIOLATION:
- res = "TLDAP_CONSTRAINT_VIOLATION";
- break;
- case TLDAP_TYPE_OR_VALUE_EXISTS:
- res = "TLDAP_TYPE_OR_VALUE_EXISTS";
- break;
- case TLDAP_INVALID_SYNTAX:
- res = "TLDAP_INVALID_SYNTAX";
- break;
- case TLDAP_NO_SUCH_OBJECT:
- res = "TLDAP_NO_SUCH_OBJECT";
- break;
- case TLDAP_ALIAS_PROBLEM:
- res = "TLDAP_ALIAS_PROBLEM";
- break;
- case TLDAP_INVALID_DN_SYNTAX:
- res = "TLDAP_INVALID_DN_SYNTAX";
- break;
- case TLDAP_IS_LEAF:
- res = "TLDAP_IS_LEAF";
- break;
- case TLDAP_ALIAS_DEREF_PROBLEM:
- res = "TLDAP_ALIAS_DEREF_PROBLEM";
- break;
- case TLDAP_INAPPROPRIATE_AUTH:
- res = "TLDAP_INAPPROPRIATE_AUTH";
- break;
- case TLDAP_INVALID_CREDENTIALS:
- res = "TLDAP_INVALID_CREDENTIALS";
- break;
- case TLDAP_INSUFFICIENT_ACCESS:
- res = "TLDAP_INSUFFICIENT_ACCESS";
- break;
- case TLDAP_BUSY:
- res = "TLDAP_BUSY";
- break;
- case TLDAP_UNAVAILABLE:
- res = "TLDAP_UNAVAILABLE";
- break;
- case TLDAP_UNWILLING_TO_PERFORM:
- res = "TLDAP_UNWILLING_TO_PERFORM";
- break;
- case TLDAP_LOOP_DETECT:
- res = "TLDAP_LOOP_DETECT";
- break;
- case TLDAP_NAMING_VIOLATION:
- res = "TLDAP_NAMING_VIOLATION";
- break;
- case TLDAP_OBJECT_CLASS_VIOLATION:
- res = "TLDAP_OBJECT_CLASS_VIOLATION";
- break;
- case TLDAP_NOT_ALLOWED_ON_NONLEAF:
- res = "TLDAP_NOT_ALLOWED_ON_NONLEAF";
- break;
- case TLDAP_NOT_ALLOWED_ON_RDN:
- res = "TLDAP_NOT_ALLOWED_ON_RDN";
- break;
- case TLDAP_ALREADY_EXISTS:
- res = "TLDAP_ALREADY_EXISTS";
- break;
- case TLDAP_NO_OBJECT_CLASS_MODS:
- res = "TLDAP_NO_OBJECT_CLASS_MODS";
- break;
- case TLDAP_RESULTS_TOO_LARGE:
- res = "TLDAP_RESULTS_TOO_LARGE";
- break;
- case TLDAP_AFFECTS_MULTIPLE_DSAS:
- res = "TLDAP_AFFECTS_MULTIPLE_DSAS";
- break;
- case TLDAP_OTHER:
- res = "TLDAP_OTHER";
- break;
- case TLDAP_SERVER_DOWN:
- res = "TLDAP_SERVER_DOWN";
- break;
- case TLDAP_LOCAL_ERROR:
- res = "TLDAP_LOCAL_ERROR";
- break;
- case TLDAP_ENCODING_ERROR:
- res = "TLDAP_ENCODING_ERROR";
- break;
- case TLDAP_DECODING_ERROR:
- res = "TLDAP_DECODING_ERROR";
- break;
- case TLDAP_TIMEOUT:
- res = "TLDAP_TIMEOUT";
- break;
- case TLDAP_AUTH_UNKNOWN:
- res = "TLDAP_AUTH_UNKNOWN";
- break;
- case TLDAP_FILTER_ERROR:
- res = "TLDAP_FILTER_ERROR";
- break;
- case TLDAP_USER_CANCELLED:
- res = "TLDAP_USER_CANCELLED";
- break;
- case TLDAP_PARAM_ERROR:
- res = "TLDAP_PARAM_ERROR";
- break;
- case TLDAP_NO_MEMORY:
- res = "TLDAP_NO_MEMORY";
- break;
- case TLDAP_CONNECT_ERROR:
- res = "TLDAP_CONNECT_ERROR";
- break;
- case TLDAP_NOT_SUPPORTED:
- res = "TLDAP_NOT_SUPPORTED";
- break;
- case TLDAP_CONTROL_NOT_FOUND:
- res = "TLDAP_CONTROL_NOT_FOUND";
- break;
- case TLDAP_NO_RESULTS_RETURNED:
- res = "TLDAP_NO_RESULTS_RETURNED";
- break;
- case TLDAP_MORE_RESULTS_TO_RETURN:
- res = "TLDAP_MORE_RESULTS_TO_RETURN";
- break;
- case TLDAP_CLIENT_LOOP:
- res = "TLDAP_CLIENT_LOOP";
- break;
- case TLDAP_REFERRAL_LIMIT_EXCEEDED:
- res = "TLDAP_REFERRAL_LIMIT_EXCEEDED";
- break;
- default:
- res = talloc_asprintf(talloc_tos(), "Unknown LDAP Error (%d)",
- rc);
- break;
- }
- if (res == NULL) {
- res = "Unknown LDAP Error";
+ for (i=0; i<ARRAY_SIZE(tldaprc_errmap); i++) {
+ if (TLDAP_RC_EQUAL(rc, tldaprc_errmap[i].rc)) {
+ return tldaprc_errmap[i].string;
+ }
}
- return res;
+
+ return "Unknown LDAP Error";
}
diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c
index de1d4ba..88e704f 100644
--- a/source3/lib/tldap_util.c
+++ b/source3/lib/tldap_util.c
@@ -333,7 +333,8 @@ bool tldap_make_mod_fmt(struct tldap_message *existing, TALLOC_CTX *mem_ctx,
return ret;
}
-const char *tldap_errstr(TALLOC_CTX *mem_ctx, struct tldap_context *ld, int rc)
+const char *tldap_errstr(TALLOC_CTX *mem_ctx, struct tldap_context *ld,
+ TLDAPRC rc)
{
const char *ld_error = NULL;
char *res;
@@ -341,47 +342,47 @@ const char *tldap_errstr(TALLOC_CTX *mem_ctx, struct tldap_context *ld, int rc)
if (ld != NULL) {
ld_error = tldap_msg_diagnosticmessage(tldap_ctx_lastmsg(ld));
}
- res = talloc_asprintf(mem_ctx, "LDAP error %d (%s), %s", rc,
- tldap_err2string(rc),
+ res = talloc_asprintf(mem_ctx, "LDAP error %d (%s), %s",
+ (int)TLDAP_RC_V(rc), tldap_rc2string(rc),
ld_error ? ld_error : "unknown");
return res;
}
-int tldap_search_va(struct tldap_context *ld, const char *base, int scope,
- const char *attrs[], int num_attrs, int attrsonly,
- TALLOC_CTX *mem_ctx, struct tldap_message ***res,
- const char *fmt, va_list ap)
+TLDAPRC tldap_search_va(struct tldap_context *ld, const char *base, int scope,
+ const char *attrs[], int num_attrs, int attrsonly,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***res,
+ const char *fmt, va_list ap)
{
char *filter;
- int ret;
+ TLDAPRC rc;
filter = talloc_vasprintf(talloc_tos(), fmt, ap);
if (filter == NULL) {
return TLDAP_NO_MEMORY;
}
- ret = tldap_search(ld, base, scope, filter,
- attrs, num_attrs, attrsonly,
- NULL /*sctrls*/, 0, NULL /*cctrls*/, 0,
- 0 /*timelimit*/, 0 /*sizelimit*/, 0 /*deref*/,
- mem_ctx, res, NULL);
+ rc = tldap_search(ld, base, scope, filter,
+ attrs, num_attrs, attrsonly,
+ NULL /*sctrls*/, 0, NULL /*cctrls*/, 0,
+ 0 /*timelimit*/, 0 /*sizelimit*/, 0 /*deref*/,
+ mem_ctx, res, NULL);
TALLOC_FREE(filter);
- return ret;
+ return rc;
}
-int tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
- const char *attrs[], int num_attrs, int attrsonly,
- TALLOC_CTX *mem_ctx, struct tldap_message ***res,
- const char *fmt, ...)
+TLDAPRC tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
+ const char *attrs[], int num_attrs, int attrsonly,
+ TALLOC_CTX *mem_ctx, struct tldap_message ***res,
+ const char *fmt, ...)
{
va_list ap;
- int ret;
+ TLDAPRC rc;
va_start(ap, fmt);
- ret = tldap_search_va(ld, base, scope, attrs, num_attrs, attrsonly,
- mem_ctx, res, fmt, ap);
+ rc = tldap_search_va(ld, base, scope, attrs, num_attrs, attrsonly,
+ mem_ctx, res, fmt, ap);
va_end(ap);
- return ret;
+ return rc;
}
bool tldap_pull_uint64(struct tldap_message *msg, const char *attr,
@@ -453,12 +454,11 @@ static void tldap_fetch_rootdse_done(struct tevent_req *subreq)
struct tldap_fetch_rootdse_state *state = tevent_req_data(
req, struct tldap_fetch_rootdse_state);
struct tldap_message *msg;
- int rc;
+ TLDAPRC rc;
rc = tldap_search_recv(subreq, state, &msg);
- if (rc != TLDAP_SUCCESS) {
+ if (tevent_req_ldap_error(req, rc)) {
TALLOC_FREE(subreq);
- tevent_req_error(req, rc);
return;
}
@@ -482,19 +482,19 @@ static void tldap_fetch_rootdse_done(struct tevent_req *subreq)
return;
protocol_error:
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
-int tldap_fetch_rootdse_recv(struct tevent_req *req)
+TLDAPRC tldap_fetch_rootdse_recv(struct tevent_req *req)
{
struct tldap_fetch_rootdse_state *state = tevent_req_data(
req, struct tldap_fetch_rootdse_state);
- int err;
+ TLDAPRC rc;
char *dn;
- if (tevent_req_is_ldap_error(req, &err)) {
- return err;
+ if (tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
}
/* Trigger parsing the dn, just to make sure it's ok */
if (!tldap_entry_dn(state->rootdse, &dn)) {
@@ -504,37 +504,33 @@ int tldap_fetch_rootdse_recv(struct tevent_req *req)
&state->rootdse)) {
return TLDAP_NO_MEMORY;
}
- return 0;
+ return TLDAP_SUCCESS;
}
-int tldap_fetch_rootdse(struct tldap_context *ld)
+TLDAPRC tldap_fetch_rootdse(struct tldap_context *ld)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *req;
- int result;
+ TLDAPRC rc = TLDAP_NO_MEMORY;
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
req = tldap_fetch_rootdse_send(frame, ev, ld);
if (req == NULL) {
- result = TLDAP_NO_MEMORY;
goto fail;
}
-
if (!tevent_req_poll(req, ev)) {
- result = TLDAP_OPERATIONS_ERROR;
+ rc = TLDAP_OPERATIONS_ERROR;
goto fail;
}
- result = tldap_fetch_rootdse_recv(req);
+ rc = tldap_fetch_rootdse_recv(req);
fail:
TALLOC_FREE(frame);
- return result;
+ return rc;
}
struct tldap_message *tldap_rootdse(struct tldap_context *ld)
@@ -739,12 +735,12 @@ static void tldap_search_paged_done(struct tevent_req *subreq)
req, struct tldap_search_paged_state);
struct asn1_data *asn1 = NULL;
struct tldap_control *pgctrl;
- int rc, size;
+ TLDAPRC rc;
+ int size;
rc = tldap_search_recv(subreq, state, &state->result);
- if (rc != TLDAP_SUCCESS) {
+ if (tevent_req_ldap_error(req, rc)) {
TALLOC_FREE(subreq);
- tevent_req_error(req, rc);
return;
}
@@ -759,7 +755,7 @@ static void tldap_search_paged_done(struct tevent_req *subreq)
break;
default:
TALLOC_FREE(subreq);
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
@@ -771,15 +767,14 @@ static void tldap_search_paged_done(struct tevent_req *subreq)
TLDAP_CONTROL_PAGEDRESULTS);
if (pgctrl == NULL) {
/* RFC2696 requires the server to return the control */
- tevent_req_error(req, TLDAP_PROTOCOL_ERROR);
+ tevent_req_ldap_error(req, TLDAP_PROTOCOL_ERROR);
return;
}
TALLOC_FREE(state->cookie.data);
asn1 = asn1_init(talloc_tos());
- if (asn1 == NULL) {
- tevent_req_error(req, TLDAP_NO_MEMORY);
+ if (tevent_req_nomem(asn1, req)) {
return;
}
@@ -808,20 +803,19 @@ static void tldap_search_paged_done(struct tevent_req *subreq)
err:
TALLOC_FREE(asn1);
- tevent_req_error(req, TLDAP_DECODING_ERROR);
- return;
+ tevent_req_ldap_error(req, TLDAP_DECODING_ERROR);
}
-int tldap_search_paged_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
- struct tldap_message **pmsg)
+TLDAPRC tldap_search_paged_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message **pmsg)
{
struct tldap_search_paged_state *state = tevent_req_data(
req, struct tldap_search_paged_state);
- int err;
+ TLDAPRC rc;
if (!tevent_req_is_in_progress(req)
- && tevent_req_is_ldap_error(req, &err)) {
- return err;
+ && tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
}
if (tevent_req_is_in_progress(req)) {
switch (tldap_msg_type(state->result)) {
--
1.9.1
From 934c7d02188122b4cbc602f7fe20c076ad1fb2b4 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 25 Jan 2016 09:26:06 +0100
Subject: [PATCH 06/19] smbtorture3: Convert the tldap caller to TLDAPRC
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/torture/torture.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 6c34e4c..8196993 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -7901,14 +7901,14 @@ static bool run_shortname_test(int dummy)
static void pagedsearch_cb(struct tevent_req *req)
{
- int rc;
+ TLDAPRC rc;
struct tldap_message *msg;
char *dn;
rc = tldap_search_paged_recv(req, talloc_tos(), &msg);
- if (rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_search_paged_recv failed: %s\n",
- tldap_err2string(rc));
+ tldap_rc2string(rc));
return;
}
if (tldap_msg_type(msg) != TLDAP_RES_SEARCH_ENTRY) {
@@ -7926,7 +7926,8 @@ static void pagedsearch_cb(struct tevent_req *req)
static bool run_tldap(int dummy)
{
struct tldap_context *ld;
- int fd, rc;
+ int fd;
+ TLDAPRC rc;
NTSTATUS status;
struct sockaddr_storage addr;
struct tevent_context *ev;
@@ -7952,7 +7953,7 @@ static bool run_tldap(int dummy)
}
rc = tldap_fetch_rootdse(ld);
- if (rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_fetch_rootdse failed: %s\n",
tldap_errstr(talloc_tos(), ld, rc));
return false;
@@ -7993,7 +7994,7 @@ static bool run_tldap(int dummy)
rc = tldap_search(ld, "", TLDAP_SCOPE_BASE, filter,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0,
talloc_tos(), NULL, NULL);
- if (rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_search with complex filter failed: %s\n",
tldap_errstr(talloc_tos(), ld, rc));
return false;
--
1.9.1
From d24248a44c55dd426457c799ace2d070cd42cdf8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 25 Jan 2016 12:38:36 +0100
Subject: [PATCH 07/19] ldb: Fix some whitespace
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/ldb/common/ldb_ldif.c | 58 +++++++++++++++++++++++------------------------
1 file changed, 29 insertions(+), 29 deletions(-)
diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_ldif.c
index f9743dc..a8ad4aa 100644
--- a/lib/ldb/common/ldb_ldif.c
+++ b/lib/ldb/common/ldb_ldif.c
@@ -1,4 +1,4 @@
-/*
+/*
ldb database library
Copyright (C) Andrew Tridgell 2004
@@ -6,7 +6,7 @@
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
** under the LGPL
-
+
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
@@ -39,7 +39,7 @@
#include "system/locale.h"
/*
-
+
*/
static int ldb_read_data_file(TALLOC_CTX *mem_ctx, struct ldb_val *value)
{
@@ -236,7 +236,7 @@ static int fold_string(int (*fprintf_fn)(void *, const char *, ...), void *priva
encode as base64 to a file
*/
static int base64_encode_f(struct ldb_context *ldb,
- int (*fprintf_fn)(void *, const char *, ...),
+ int (*fprintf_fn)(void *, const char *, ...),
void *private_data,
const char *buf, int len, int start_pos)
{
@@ -273,9 +273,9 @@ static const struct {
write to ldif, using a caller supplied write method, and only printing secrets if we are not in a trace
*/
static int ldb_ldif_write_trace(struct ldb_context *ldb,
- int (*fprintf_fn)(void *, const char *, ...),
+ int (*fprintf_fn)(void *, const char *, ...),
void *private_data,
- const struct ldb_ldif *ldif,
+ const struct ldb_ldif *ldif,
bool in_trace)
{
TALLOC_CTX *mem_ctx;
@@ -324,20 +324,20 @@ static int ldb_ldif_write_trace(struct ldb_context *ldb,
if (ldif->changetype == LDB_CHANGETYPE_MODIFY) {
switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
case LDB_FLAG_MOD_ADD:
- fprintf_fn(private_data, "add: %s\n",
+ fprintf_fn(private_data, "add: %s\n",
msg->elements[i].name);
break;
case LDB_FLAG_MOD_DELETE:
- fprintf_fn(private_data, "delete: %s\n",
+ fprintf_fn(private_data, "delete: %s\n",
msg->elements[i].name);
break;
case LDB_FLAG_MOD_REPLACE:
- fprintf_fn(private_data, "replace: %s\n",
+ fprintf_fn(private_data, "replace: %s\n",
msg->elements[i].name);
break;
}
}
-
+
if (in_trace && secret_attributes && ldb_attr_in_list(secret_attributes, msg->elements[i].name)) {
/* Deliberatly skip printing this password */
ret = fprintf_fn(private_data, "# %s::: REDACTED SECRET ATTRIBUTE\n",
@@ -356,10 +356,10 @@ static int ldb_ldif_write_trace(struct ldb_context *ldb,
use_b64_encode = !(ldb->flags & LDB_FLG_SHOW_BINARY)
&& ldb_should_b64_encode(ldb, &v);
if (ret != LDB_SUCCESS || use_b64_encode) {
- ret = fprintf_fn(private_data, "%s:: ",
+ ret = fprintf_fn(private_data, "%s:: ",
msg->elements[i].name);
CHECK_RET;
- ret = base64_encode_f(ldb, fprintf_fn, private_data,
+ ret = base64_encode_f(ldb, fprintf_fn, private_data,
(char *)v.data, v.length,
strlen(msg->elements[i].name)+3);
CHECK_RET;
@@ -369,7 +369,7 @@ static int ldb_ldif_write_trace(struct ldb_context *ldb,
ret = fprintf_fn(private_data, "%s: ", msg->elements[i].name);
CHECK_RET;
if (ldb->flags & LDB_FLG_SHOW_BINARY) {
- ret = fprintf_fn(private_data, "%*.*s",
+ ret = fprintf_fn(private_data, "%*.*s",
v.length, v.length, (char *)v.data);
} else {
ret = fold_string(fprintf_fn, private_data,
@@ -403,7 +403,7 @@ static int ldb_ldif_write_trace(struct ldb_context *ldb,
write to ldif, using a caller supplied write method
*/
int ldb_ldif_write(struct ldb_context *ldb,
- int (*fprintf_fn)(void *, const char *, ...),
+ int (*fprintf_fn)(void *, const char *, ...),
void *private_data,
const struct ldb_ldif *ldif)
{
@@ -417,7 +417,7 @@ int ldb_ldif_write(struct ldb_context *ldb,
caller frees
*/
-static char *next_chunk(struct ldb_context *ldb,
+static char *next_chunk(struct ldb_context *ldb,
int (*fgetc_fn)(void *), void *private_data)
{
size_t alloc_size=0, chunk_size = 0;
@@ -442,15 +442,15 @@ static char *next_chunk(struct ldb_context *ldb,
if (c == '\n') {
in_comment = 0;
}
- continue;
+ continue;
}
-
+
/* handle continuation lines - see RFC2849 */
if (c == ' ' && chunk_size > 1 && chunk[chunk_size-1] == '\n') {
chunk_size--;
continue;
}
-
+
/* chunks are terminated by a double line-feed */
if (c == '\n' && chunk_size > 0 && chunk[chunk_size-1] == '\n') {
chunk[chunk_size-1] = 0;
@@ -785,7 +785,7 @@ struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
if (next_attr(ldif, &s, &attr, &value) != 0) {
goto failed;
}
-
+
/* first line must be a dn */
if (ldb_attr_cmp(attr, "dn") != 0) {
ldb_debug(ldb, LDB_DEBUG_ERROR, "Error: First line of ldif must be a dn not '%s'",
@@ -845,7 +845,7 @@ struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
}
continue;
}
-
+
el = &msg->elements[msg->num_elements-1];
a = ldb_schema_attribute_by_name(ldb, attr);
@@ -853,8 +853,8 @@ struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
if (msg->num_elements > 0 && ldb_attr_cmp(attr, el->name) == 0 &&
flags == el->flags) {
/* its a continuation */
- el->values =
- talloc_realloc(msg->elements, el->values,
+ el->values =
+ talloc_realloc(msg->elements, el->values,
struct ldb_val, el->num_values+1);
if (!el->values) {
goto failed;
@@ -874,8 +874,8 @@ struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
el->num_values++;
} else {
/* its a new attribute */
- msg->elements = talloc_realloc(msg, msg->elements,
- struct ldb_message_element,
+ msg->elements = talloc_realloc(msg, msg->elements,
+ struct ldb_message_element,
msg->num_elements+1);
if (!msg->elements) {
goto failed;
@@ -934,7 +934,7 @@ static int fgetc_file(void *private_data)
return c;
}
-struct ldb_ldif *ldb_ldif_read_file_state(struct ldb_context *ldb,
+struct ldb_ldif *ldb_ldif_read_file_state(struct ldb_context *ldb,
struct ldif_read_file_state *state)
{
return ldb_ldif_read(ldb, fgetc_file, state);
@@ -1020,7 +1020,7 @@ static int ldif_printf_string(void *private_data, const char *fmt, ...)
va_list ap;
size_t oldlen = talloc_get_size(state->string);
va_start(ap, fmt);
-
+
state->string = talloc_vasprintf_append(state->string, fmt, ap);
va_end(ap);
if (!state->string) {
@@ -1030,7 +1030,7 @@ static int ldif_printf_string(void *private_data, const char *fmt, ...)
return talloc_get_size(state->string) - oldlen;
}
-char *ldb_ldif_write_redacted_trace_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
+char *ldb_ldif_write_redacted_trace_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
const struct ldb_ldif *ldif)
{
struct ldif_write_string_state state;
@@ -1044,7 +1044,7 @@ char *ldb_ldif_write_redacted_trace_string(struct ldb_context *ldb, TALLOC_CTX *
return state.string;
}
-char *ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
+char *ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
const struct ldb_ldif *ldif)
{
struct ldif_write_string_state state;
@@ -1062,7 +1062,7 @@ char *ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
convenient function to turn a ldb_message into a string. Useful for
debugging
*/
-char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
+char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
enum ldb_changetype changetype,
const struct ldb_message *msg)
{
--
1.9.1
From 991884623767184d718a1d757c4a0b44e39a7af7 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 25 Jan 2016 12:40:53 +0100
Subject: [PATCH 08/19] ldb: Avoid a "talloc_steal"
There's only one caller of "next_chunk" that does a talloc_steal right
after the call. Pass in a talloc context.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/ldb/common/ldb_ldif.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_ldif.c
index a8ad4aa..07de517 100644
--- a/lib/ldb/common/ldb_ldif.c
+++ b/lib/ldb/common/ldb_ldif.c
@@ -417,7 +417,7 @@ int ldb_ldif_write(struct ldb_context *ldb,
caller frees
*/
-static char *next_chunk(struct ldb_context *ldb,
+static char *next_chunk(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
int (*fgetc_fn)(void *), void *private_data)
{
size_t alloc_size=0, chunk_size = 0;
@@ -429,7 +429,7 @@ static char *next_chunk(struct ldb_context *ldb,
if (chunk_size+1 >= alloc_size) {
char *c2;
alloc_size += 1024;
- c2 = talloc_realloc(ldb, chunk, char, alloc_size);
+ c2 = talloc_realloc(mem_ctx, chunk, char, alloc_size);
if (!c2) {
talloc_free(chunk);
errno = ENOMEM;
@@ -774,11 +774,10 @@ struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
msg->elements = NULL;
msg->num_elements = 0;
- chunk = next_chunk(ldb, fgetc_fn, private_data);
+ chunk = next_chunk(ldb, ldif, fgetc_fn, private_data);
if (!chunk) {
goto failed;
}
- talloc_steal(ldif, chunk);
s = chunk;
--
1.9.1
From be8acda8b4410767cf69d434f5df2b6266383331 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 25 Jan 2016 16:29:01 +0100
Subject: [PATCH 09/19] libads: Factor out ldap_schema_oids.h
Make the oids accessible without having to include ADS_STRUCT&friends
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/libads/ldap_schema.c | 1 +
source3/libads/ldap_schema.h | 25 --------------------
source3/libads/ldap_schema_oids.h | 49 +++++++++++++++++++++++++++++++++++++++
3 files changed, 50 insertions(+), 25 deletions(-)
create mode 100644 source3/libads/ldap_schema_oids.h
diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c
index 7368be8..d8192e0 100644
--- a/source3/libads/ldap_schema.c
+++ b/source3/libads/ldap_schema.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "ads.h"
#include "libads/ldap_schema.h"
+#include "libads/ldap_schema_oids.h"
#include "../libcli/ldap/ldap_ndr.h"
#ifdef HAVE_LDAP
diff --git a/source3/libads/ldap_schema.h b/source3/libads/ldap_schema.h
index fc4ed07..f36d3e0 100644
--- a/source3/libads/ldap_schema.h
+++ b/source3/libads/ldap_schema.h
@@ -33,31 +33,6 @@ struct posix_schema {
char *posix_uid_attr;
};
-/* ldap attribute oids (Services for Unix 3.0, 3.5) */
-#define ADS_ATTR_SFU_UIDNUMBER_OID "1.2.840.113556.1.6.18.1.310"
-#define ADS_ATTR_SFU_GIDNUMBER_OID "1.2.840.113556.1.6.18.1.311"
-#define ADS_ATTR_SFU_HOMEDIR_OID "1.2.840.113556.1.6.18.1.344"
-#define ADS_ATTR_SFU_SHELL_OID "1.2.840.113556.1.6.18.1.312"
-#define ADS_ATTR_SFU_GECOS_OID "1.2.840.113556.1.6.18.1.337"
-#define ADS_ATTR_SFU_UID_OID "1.2.840.113556.1.6.18.1.309"
-
-/* ldap attribute oids (Services for Unix 2.0) */
-#define ADS_ATTR_SFU20_UIDNUMBER_OID "1.2.840.113556.1.4.7000.187.70"
-#define ADS_ATTR_SFU20_GIDNUMBER_OID "1.2.840.113556.1.4.7000.187.71"
-#define ADS_ATTR_SFU20_HOMEDIR_OID "1.2.840.113556.1.4.7000.187.106"
-#define ADS_ATTR_SFU20_SHELL_OID "1.2.840.113556.1.4.7000.187.72"
-#define ADS_ATTR_SFU20_GECOS_OID "1.2.840.113556.1.4.7000.187.97"
-#define ADS_ATTR_SFU20_UID_OID "1.2.840.113556.1.4.7000.187.102"
-
-
-/* ldap attribute oids (RFC2307) */
-#define ADS_ATTR_RFC2307_UIDNUMBER_OID "1.3.6.1.1.1.1.0"
-#define ADS_ATTR_RFC2307_GIDNUMBER_OID "1.3.6.1.1.1.1.1"
-#define ADS_ATTR_RFC2307_HOMEDIR_OID "1.3.6.1.1.1.1.3"
-#define ADS_ATTR_RFC2307_SHELL_OID "1.3.6.1.1.1.1.4"
-#define ADS_ATTR_RFC2307_GECOS_OID "1.3.6.1.1.1.1.2"
-#define ADS_ATTR_RFC2307_UID_OID "0.9.2342.19200300.100.1.1"
-
enum wb_posix_mapping {
WB_POSIX_MAP_UNKNOWN = -1,
WB_POSIX_MAP_TEMPLATE = 0,
diff --git a/source3/libads/ldap_schema_oids.h b/source3/libads/ldap_schema_oids.h
new file mode 100644
index 0000000..cb17b3c
--- /dev/null
+++ b/source3/libads/ldap_schema_oids.h
@@ -0,0 +1,49 @@
+/*
+ Unix SMB/CIFS implementation.
+ ads (active directory) utility library
+ Copyright (C) Guenther Deschner 2005-2007
+ Copyright (C) Gerald (Jerry) Carter 2006
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _LIBADS_LDAP_SCHEMA_OIDS_H_
+#define _LIBADS_LDAP_SCHEMA_OIDS_H_
+
+/* ldap attribute oids (Services for Unix 3.0, 3.5) */
+#define ADS_ATTR_SFU_UIDNUMBER_OID "1.2.840.113556.1.6.18.1.310"
+#define ADS_ATTR_SFU_GIDNUMBER_OID "1.2.840.113556.1.6.18.1.311"
+#define ADS_ATTR_SFU_HOMEDIR_OID "1.2.840.113556.1.6.18.1.344"
+#define ADS_ATTR_SFU_SHELL_OID "1.2.840.113556.1.6.18.1.312"
+#define ADS_ATTR_SFU_GECOS_OID "1.2.840.113556.1.6.18.1.337"
+#define ADS_ATTR_SFU_UID_OID "1.2.840.113556.1.6.18.1.309"
+
+/* ldap attribute oids (Services for Unix 2.0) */
+#define ADS_ATTR_SFU20_UIDNUMBER_OID "1.2.840.113556.1.4.7000.187.70"
+#define ADS_ATTR_SFU20_GIDNUMBER_OID "1.2.840.113556.1.4.7000.187.71"
+#define ADS_ATTR_SFU20_HOMEDIR_OID "1.2.840.113556.1.4.7000.187.106"
+#define ADS_ATTR_SFU20_SHELL_OID "1.2.840.113556.1.4.7000.187.72"
+#define ADS_ATTR_SFU20_GECOS_OID "1.2.840.113556.1.4.7000.187.97"
+#define ADS_ATTR_SFU20_UID_OID "1.2.840.113556.1.4.7000.187.102"
+
+
+/* ldap attribute oids (RFC2307) */
+#define ADS_ATTR_RFC2307_UIDNUMBER_OID "1.3.6.1.1.1.1.0"
+#define ADS_ATTR_RFC2307_GIDNUMBER_OID "1.3.6.1.1.1.1.1"
+#define ADS_ATTR_RFC2307_HOMEDIR_OID "1.3.6.1.1.1.1.3"
+#define ADS_ATTR_RFC2307_SHELL_OID "1.3.6.1.1.1.1.4"
+#define ADS_ATTR_RFC2307_GECOS_OID "1.3.6.1.1.1.1.2"
+#define ADS_ATTR_RFC2307_UID_OID "0.9.2342.19200300.100.1.1"
+
+#endif
--
1.9.1
From ae0d416406df9cf3e1437e27a1537302cb7140d5 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 11 Jan 2016 21:49:21 +0100
Subject: [PATCH 10/19] spnego: Correctly check asn1_tag_remaining retval
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/libsmb/clispnego.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 82f13b7..9aab8fd 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -349,7 +349,7 @@ bool spnego_parse_challenge(TALLOC_CTX *ctx, const DATA_BLOB blob,
if (!asn1_end_tag(data)) goto err;
/* the second challenge is optional (XP doesn't send it) */
- if (asn1_tag_remaining(data)) {
+ if (asn1_tag_remaining(data) > 0) {
if (!asn1_start_tag(data,ASN1_CONTEXT(3))) goto err;
if (!asn1_read_OctetString(data, ctx, chal2)) goto err;
if (!asn1_end_tag(data)) goto err;
@@ -438,12 +438,12 @@ bool spnego_parse_auth_response(TALLOC_CTX *ctx,
if (!asn1_check_enumerated(data, negResult)) goto err;
if (!asn1_end_tag(data)) goto err;
- if (asn1_tag_remaining(data)) {
+ if (asn1_tag_remaining(data) > 0) {
if (!asn1_start_tag(data,ASN1_CONTEXT(1))) goto err;
if (!asn1_check_OID(data, mechOID)) goto err;
if (!asn1_end_tag(data)) goto err;
- if (asn1_tag_remaining(data)) {
+ if (asn1_tag_remaining(data) > 0) {
if (!asn1_start_tag(data,ASN1_CONTEXT(2))) goto err;
if (!asn1_read_OctetString(data, ctx, auth)) goto err;
if (!asn1_end_tag(data)) goto err;
@@ -457,7 +457,7 @@ bool spnego_parse_auth_response(TALLOC_CTX *ctx,
* the optional mechListMIC field. This is a bug in Win2K. We ignore
* this field if it exists. Win2K8 may return a proper mechListMIC at
* which point we need to implement the integrity checking. */
- if (asn1_tag_remaining(data)) {
+ if (asn1_tag_remaining(data) > 0) {
DATA_BLOB mechList = data_blob_null;
if (!asn1_start_tag(data, ASN1_CONTEXT(3))) goto err;
if (!asn1_read_OctetString(data, ctx, &mechList)) goto err;
--
1.9.1
From 75e084fa5d3e853acd11f1130e19ba077d4a8856 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 11 Jan 2016 21:49:21 +0100
Subject: [PATCH 11/19] ldap: Correctly check asn1_tag_remaining retval
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/ldap/ldap_message.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libcli/ldap/ldap_message.c b/libcli/ldap/ldap_message.c
index 76d2ee9..c89705b 100644
--- a/libcli/ldap/ldap_message.c
+++ b/libcli/ldap/ldap_message.c
@@ -886,7 +886,7 @@ static struct ldb_parse_tree *ldap_decode_filter_tree(TALLOC_CTX *mem_ctx,
goto failed;
}
- while (asn1_tag_remaining(data)) {
+ while (asn1_tag_remaining(data) > 0) {
if (!asn1_peek_uint8(data, &subs_tag)) goto failed;
subs_tag &= 0x1f; /* strip off the asn1 stuff */
if (subs_tag > 2) goto failed;
--
1.9.1
From f6f891b4c604246b5c1fdd7d0988c16360f9a604 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 11 Jan 2016 22:05:43 +0100
Subject: [PATCH 12/19] asn1: Simplify _ber_read_OID_String_impl
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/util/asn1.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/lib/util/asn1.c b/lib/util/asn1.c
index 8f2c516..8beaf52 100644
--- a/lib/util/asn1.c
+++ b/lib/util/asn1.c
@@ -718,9 +718,7 @@ static bool _ber_read_OID_String_impl(TALLOC_CTX *mem_ctx, DATA_BLOB blob,
b = blob.data;
- tmp_oid = talloc_asprintf(mem_ctx, "%u", b[0]/40);
- if (!tmp_oid) goto nomem;
- tmp_oid = talloc_asprintf_append_buffer(tmp_oid, ".%u", b[0]%40);
+ tmp_oid = talloc_asprintf(mem_ctx, "%u.%u", b[0]/40, b[0]%40);
if (!tmp_oid) goto nomem;
if (bytes_eaten != NULL) {
--
1.9.1
From aae4080cb2fa8f4e5881f06edc78ff43ae3a93de Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 11 Jan 2016 21:58:25 +0100
Subject: [PATCH 13/19] spnego: Some simplifications
asn1_tag_remaining already checks for has_error and only
returns positive if there is error-free space left
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/auth/spnego_parse.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/libcli/auth/spnego_parse.c b/libcli/auth/spnego_parse.c
index 1b294df..a608dce 100644
--- a/libcli/auth/spnego_parse.c
+++ b/libcli/auth/spnego_parse.c
@@ -32,7 +32,7 @@ static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
- while (!asn1_has_error(asn1) && 0 < asn1_tag_remaining(asn1)) {
+ while (asn1_tag_remaining(asn1) > 0) {
int i;
uint8_t context;
@@ -54,8 +54,7 @@ static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
asn1_set_error(asn1);
return false;
}
- for (i = 0; !asn1_has_error(asn1) &&
- 0 < asn1_tag_remaining(asn1); i++) {
+ for (i = 0; asn1_tag_remaining(asn1) > 0; i++) {
char *oid;
const char **p;
p = talloc_realloc(mem_ctx,
@@ -201,7 +200,7 @@ static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
- while (!asn1_has_error(asn1) && 0 < asn1_tag_remaining(asn1)) {
+ while (asn1_tag_remaining(asn1) > 0) {
uint8_t context;
char *oid;
if (!asn1_peek_uint8(asn1, &context)) {
--
1.9.1
From 60b0c58e1254779bcf9c23e59fb7017f3cef61a6 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 31 Jan 2016 11:12:23 +0100
Subject: [PATCH 14/19] asn1: Fix whitespace
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/util/asn1.c | 25 ++++++++++++-------------
lib/util/asn1.h | 10 +++++-----
2 files changed, 17 insertions(+), 18 deletions(-)
diff --git a/lib/util/asn1.c b/lib/util/asn1.c
index 8beaf52..9aa9772 100644
--- a/lib/util/asn1.c
+++ b/lib/util/asn1.c
@@ -1,18 +1,18 @@
-/*
+/*
Unix SMB/CIFS implementation.
simple ASN1 routines
Copyright (C) Andrew Tridgell 2001
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -143,7 +143,7 @@ bool asn1_pop_tag(struct asn1_data *data)
}
len = data->ofs - (nesting->start+1);
/* yes, this is ugly. We don't know in advance how many bytes the length
- of a tag will take, so we assumed 1 byte. If we were wrong then we
+ of a tag will take, so we assumed 1 byte. If we were wrong then we
need to correct our mistake */
if (len > 0xFFFFFF) {
data->data[nesting->start] = 0x84;
@@ -617,7 +617,7 @@ bool asn1_start_tag(struct asn1_data *data, uint8_t tag)
{
uint8_t b;
struct nesting *nesting;
-
+
if (!asn1_read_uint8(data, &b))
return false;
@@ -641,7 +641,7 @@ bool asn1_start_tag(struct asn1_data *data, uint8_t tag)
return false;
nesting->taglen = b;
while (n > 1) {
- if (!asn1_read_uint8(data, &b))
+ if (!asn1_read_uint8(data, &b))
return false;
nesting->taglen = (nesting->taglen << 8) | b;
n--;
@@ -938,8 +938,7 @@ bool asn1_read_implicit_Integer(struct asn1_data *data, int *i)
}
*i = (*i << 8) + b;
}
- return !data->has_error;
-
+ return !data->has_error;
}
/* read an integer */
@@ -949,7 +948,7 @@ bool asn1_read_Integer(struct asn1_data *data, int *i)
if (!asn1_start_tag(data, ASN1_INTEGER)) return false;
if (!asn1_read_implicit_Integer(data, i)) return false;
- return asn1_end_tag(data);
+ return asn1_end_tag(data);
}
/* read a BIT STRING */
@@ -989,7 +988,7 @@ bool asn1_read_BitString(struct asn1_data *data, TALLOC_CTX *mem_ctx, DATA_BLOB
bool asn1_read_enumerated(struct asn1_data *data, int *v)
{
*v = 0;
-
+
if (!asn1_start_tag(data, ASN1_ENUMERATED)) return false;
while (!data->has_error && asn1_tag_remaining(data)>0) {
uint8_t b;
@@ -998,7 +997,7 @@ bool asn1_read_enumerated(struct asn1_data *data, int *v)
}
*v = (*v << 8) + b;
}
- return asn1_end_tag(data);
+ return asn1_end_tag(data);
}
/* check a enumerated value is correct */
@@ -1087,7 +1086,7 @@ int asn1_peek_full_tag(DATA_BLOB blob, uint8_t tag, size_t *packet_size)
if (size > blob.length) {
*packet_size = size;
return EAGAIN;
- }
+ }
*packet_size = size;
return 0;
diff --git a/lib/util/asn1.h b/lib/util/asn1.h
index 9ebf453..95e7dbf 100644
--- a/lib/util/asn1.h
+++ b/lib/util/asn1.h
@@ -1,18 +1,18 @@
-/*
- Unix SMB/CIFS implementation.
+/*
+ Unix SMB/CIFS implementation.
simple ASN1 code
Copyright (C) Andrew Tridgell 2001
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
--
1.9.1
From 22254bf41e55147e14280098ac543e7b872bc513 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 31 Jan 2016 12:25:32 +0100
Subject: [PATCH 15/19] tldap: Avoid a "ret == false"
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/lib/tldap.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 8142f22..0148d30 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -2116,10 +2116,10 @@ static bool tldap_decode_controls(struct tldap_req_state *state)
out:
- if (ret == false) {
- TALLOC_FREE(sctrls);
- } else {
+ if (ret) {
msg->res_sctrls = sctrls;
+ } else {
+ TALLOC_FREE(sctrls);
}
return ret;
}
--
1.9.1
From 75e17a03cab431c524d6f47551046f654a832668 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 22 Dec 2015 13:32:01 +0100
Subject: [PATCH 16/19] tldap: Add tldap_search_all
Signed-off-by: Volker Lendecke <vl at samba.org>
TLDAPRC
---
source3/include/tldap.h | 12 +++++++
source3/lib/tldap.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 105 insertions(+)
diff --git a/source3/include/tldap.h b/source3/include/tldap.h
index 18317f7..a5f2ddc 100644
--- a/source3/include/tldap.h
+++ b/source3/include/tldap.h
@@ -171,6 +171,18 @@ struct tevent_req *tldap_search_send(TALLOC_CTX *mem_ctx,
int deref);
TLDAPRC tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
struct tldap_message **pmsg);
+
+struct tevent_req *tldap_search_all_send(
+ TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+ struct tldap_context *ld, const char *base, int scope,
+ const char *filter, const char **attrs, int num_attrs, int attrsonly,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls,
+ int timelimit, int sizelimit, int deref);
+TLDAPRC tldap_search_all_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message ***msgs,
+ struct tldap_message **result);
+
TLDAPRC tldap_search(struct tldap_context *ld,
const char *base, int scope, const char *filter,
const char **attrs, int num_attrs, int attrsonly,
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 0148d30..3072482 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -1850,6 +1850,99 @@ TLDAPRC tldap_search_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
return TLDAP_SUCCESS;
}
+struct tldap_search_all_state {
+ struct tldap_message **msgs;
+ struct tldap_message *result;
+};
+
+static void tldap_search_all_done(struct tevent_req *subreq);
+
+struct tevent_req *tldap_search_all_send(
+ TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+ struct tldap_context *ld, const char *base, int scope,
+ const char *filter, const char **attrs, int num_attrs, int attrsonly,
+ struct tldap_control *sctrls, int num_sctrls,
+ struct tldap_control *cctrls, int num_cctrls,
+ int timelimit, int sizelimit, int deref)
+{
+ struct tevent_req *req, *subreq;
+ struct tldap_search_all_state *state;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct tldap_search_all_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ subreq = tldap_search_send(state, ev, ld, base, scope, filter,
+ attrs, num_attrs, attrsonly,
+ sctrls, num_sctrls, cctrls, num_cctrls,
+ timelimit, sizelimit, deref);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, tldap_search_all_done, req);
+ return req;
+}
+
+static void tldap_search_all_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct tldap_search_all_state *state = tevent_req_data(
+ req, struct tldap_search_all_state);
+ struct tldap_message *msg, **tmp;
+ size_t num_msgs;
+ TLDAPRC rc;
+ int msgtype;
+
+ rc = tldap_search_recv(subreq, state, &msg);
+ /* No TALLOC_FREE(subreq), this is multi-step */
+ if (tevent_req_ldap_error(req, rc)) {
+ TALLOC_FREE(subreq);
+ return;
+ }
+
+ msgtype = tldap_msg_type(msg);
+ if (msgtype == TLDAP_RES_SEARCH_RESULT) {
+ state->result = msg;
+ tevent_req_done(req);
+ return;
+ }
+
+ num_msgs = talloc_array_length(state->msgs);
+
+ tmp = talloc_realloc(state, state->msgs, struct tldap_message *,
+ num_msgs + 1);
+ if (tevent_req_nomem(tmp, req)) {
+ return;
+ }
+ state->msgs = tmp;
+ state->msgs[num_msgs] = talloc_move(state->msgs, &msg);
+}
+
+TLDAPRC tldap_search_all_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+ struct tldap_message ***msgs,
+ struct tldap_message **result)
+{
+ struct tldap_search_all_state *state = tevent_req_data(
+ req, struct tldap_search_all_state);
+ TLDAPRC rc;
+
+ if (tevent_req_is_ldap_error(req, &rc)) {
+ return rc;
+ }
+
+ if (msgs != NULL) {
+ *msgs = talloc_move(mem_ctx, &state->msgs);
+ }
+ if (result != NULL) {
+ *result = talloc_move(mem_ctx, &state->result);
+ }
+
+ return TLDAP_SUCCESS;
+}
+
struct tldap_sync_search_state {
TALLOC_CTX *mem_ctx;
struct tldap_message **entries;
--
1.9.1
From c006665c366656dfdd72da30ac6a7e5f7671007d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 31 Jan 2016 15:15:46 +0100
Subject: [PATCH 17/19] tldap: Add tldap_pending_reqs()
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/lib/tldap.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 3072482..1220323 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -191,6 +191,11 @@ bool tldap_connection_ok(struct tldap_context *ld)
return !ld->server_down;
}
+static size_t tldap_pending_reqs(struct tldap_context *ld)
+{
+ return talloc_array_length(ld->pending);
+}
+
static struct tldap_ctx_attribute *tldap_context_findattr(
struct tldap_context *ld, const char *name)
{
@@ -471,7 +476,7 @@ static void tldap_msg_unset_pending(struct tevent_req *req)
struct tldap_msg_state *state = tevent_req_data(
req, struct tldap_msg_state);
struct tldap_context *ld = state->ld;
- int num_pending = talloc_array_length(ld->pending);
+ int num_pending = tldap_pending_reqs(ld);
int i;
tevent_req_set_cleanup_fn(req, NULL);
@@ -533,7 +538,7 @@ static bool tldap_msg_set_pending(struct tevent_req *req)
struct tevent_req *subreq;
ld = state->ld;
- num_pending = talloc_array_length(ld->pending);
+ num_pending = tldap_pending_reqs(ld);
pending = talloc_realloc(ld, ld->pending, struct tevent_req *,
num_pending+1);
--
1.9.1
From d10806f26574d7c06cc9a47a8ff25668b85a4bb8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 31 Jan 2016 15:29:29 +0100
Subject: [PATCH 18/19] tldap: Make tldap_search use tldap_search_all
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/include/tldap.h | 4 +-
source3/lib/tldap.c | 121 ++++++++++------------------------------------
source3/lib/tldap_util.c | 2 +-
source3/torture/torture.c | 2 +-
4 files changed, 30 insertions(+), 99 deletions(-)
diff --git a/source3/include/tldap.h b/source3/include/tldap.h
index a5f2ddc..0d7e55d 100644
--- a/source3/include/tldap.h
+++ b/source3/include/tldap.h
@@ -189,8 +189,8 @@ TLDAPRC tldap_search(struct tldap_context *ld,
struct tldap_control *sctrls, int num_sctrls,
struct tldap_control *cctrls, int num_cctrls,
int timelimit, int sizelimit, int deref,
- TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
- struct tldap_message ***refs);
+ TALLOC_CTX *mem_ctx, struct tldap_message ***pmsgs);
+
bool tldap_entry_dn(struct tldap_message *msg, char **dn);
bool tldap_entry_attributes(struct tldap_message *msg,
struct tldap_attribute **attributes,
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 1220323..1f9462a 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -1948,124 +1948,55 @@ TLDAPRC tldap_search_all_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
return TLDAP_SUCCESS;
}
-struct tldap_sync_search_state {
- TALLOC_CTX *mem_ctx;
- struct tldap_message **entries;
- struct tldap_message **refs;
- TLDAPRC rc;
-};
-
-static void tldap_search_cb(struct tevent_req *req)
-{
- struct tldap_sync_search_state *state =
- (struct tldap_sync_search_state *)
- tevent_req_callback_data_void(req);
- struct tldap_message *msg, **tmp;
- int num_entries, num_refs;
-
- state->rc = tldap_search_recv(req, talloc_tos(), &msg);
- if (!TLDAP_RC_IS_SUCCESS(state->rc)) {
- return;
- }
-
- switch (tldap_msg_type(msg)) {
- case TLDAP_RES_SEARCH_ENTRY:
- num_entries = talloc_array_length(state->entries);
- tmp = talloc_realloc(state->mem_ctx, state->entries,
- struct tldap_message *, num_entries + 1);
- if (tmp == NULL) {
- state->rc = TLDAP_NO_MEMORY;
- return;
- }
- state->entries = tmp;
- state->entries[num_entries] = talloc_move(state->entries,
- &msg);
- break;
- case TLDAP_RES_SEARCH_REFERENCE:
- num_refs = talloc_array_length(state->refs);
- tmp = talloc_realloc(state->mem_ctx, state->refs,
- struct tldap_message *, num_refs + 1);
- if (tmp == NULL) {
- state->rc = TLDAP_NO_MEMORY;
- return;
- }
- state->refs = tmp;
- state->refs[num_refs] = talloc_move(state->refs, &msg);
- break;
- case TLDAP_RES_SEARCH_RESULT:
- state->rc = TLDAP_SUCCESS;
- break;
- default:
- state->rc = TLDAP_PROTOCOL_ERROR;
- break;
- }
-}
-
TLDAPRC tldap_search(struct tldap_context *ld,
const char *base, int scope, const char *filter,
const char **attrs, int num_attrs, int attrsonly,
struct tldap_control *sctrls, int num_sctrls,
struct tldap_control *cctrls, int num_cctrls,
int timelimit, int sizelimit, int deref,
- TALLOC_CTX *mem_ctx, struct tldap_message ***entries,
- struct tldap_message ***refs)
+ TALLOC_CTX *mem_ctx, struct tldap_message ***pmsgs)
{
- TALLOC_CTX *frame = talloc_stackframe();
+ TALLOC_CTX *frame;
struct tevent_context *ev;
struct tevent_req *req;
- struct tldap_sync_search_state state = {
- .mem_ctx = mem_ctx, .rc = TLDAP_SUCCESS
- };
+ TLDAPRC rc = TLDAP_NO_MEMORY;
+ struct tldap_message **msgs;
+ struct tldap_message *result;
+
+ if (tldap_pending_reqs(ld)) {
+ return TLDAP_BUSY;
+ }
+
+ frame = talloc_stackframe();
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- state.rc = TLDAP_NO_MEMORY;
goto fail;
}
-
- req = tldap_search_send(frame, ev, ld, base, scope, filter,
- attrs, num_attrs, attrsonly,
- sctrls, num_sctrls, cctrls, num_cctrls,
- timelimit, sizelimit, deref);
+ req = tldap_search_all_send(frame, ev, ld, base, scope, filter,
+ attrs, num_attrs, attrsonly,
+ sctrls, num_sctrls, cctrls, num_cctrls,
+ timelimit, sizelimit, deref);
if (req == NULL) {
- state.rc = TLDAP_NO_MEMORY;
goto fail;
}
-
- tevent_req_set_callback(req, tldap_search_cb, &state);
-
- if (!tevent_req_is_in_progress(req)) {
- /* an error happend before sending */
- if (tevent_req_is_ldap_error(req, &state.rc)) {
- goto fail;
- }
+ if (!tevent_req_poll(req, ev)) {
+ rc = TLDAP_OPERATIONS_ERROR;
+ goto fail;
}
-
- while (tevent_req_is_in_progress(req) &&
- TLDAP_RC_IS_SUCCESS(state.rc)) {
- if (tevent_loop_once(ev) == -1) {
- return TLDAP_OPERATIONS_ERROR;
- }
+ rc = tldap_search_all_recv(req, mem_ctx, &msgs, &result);
+ TALLOC_FREE(req);
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
+ return rc;
}
- if (!TLDAP_RC_IS_SUCCESS(state.rc)) {
- return state.rc;
- }
+ TALLOC_FREE(ld->last_msg);
+ ld->last_msg = talloc_move(ld, &result);
- if (entries != NULL) {
- *entries = state.entries;
- } else {
- TALLOC_FREE(state.entries);
- }
- if (refs != NULL) {
- *refs = state.refs;
- } else {
- TALLOC_FREE(state.refs);
- }
- tldap_save_msg(ld, req);
+ *pmsgs = msgs;
fail:
TALLOC_FREE(frame);
- return state.rc;
+ return rc;
}
static bool tldap_parse_search_entry(struct tldap_message *msg)
diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c
index 88e704f..b7233f6 100644
--- a/source3/lib/tldap_util.c
+++ b/source3/lib/tldap_util.c
@@ -365,7 +365,7 @@ TLDAPRC tldap_search_va(struct tldap_context *ld, const char *base, int scope,
attrs, num_attrs, attrsonly,
NULL /*sctrls*/, 0, NULL /*cctrls*/, 0,
0 /*timelimit*/, 0 /*sizelimit*/, 0 /*deref*/,
- mem_ctx, res, NULL);
+ mem_ctx, res);
TALLOC_FREE(filter);
return rc;
}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 8196993..1df2ba0 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -7993,7 +7993,7 @@ static bool run_tldap(int dummy)
rc = tldap_search(ld, "", TLDAP_SCOPE_BASE, filter,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0,
- talloc_tos(), NULL, NULL);
+ talloc_tos(), NULL);
if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_search with complex filter failed: %s\n",
tldap_errstr(talloc_tos(), ld, rc));
--
1.9.1
From 7a4a879f92f1da0c34147cf32f0323b15fcafe24 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 2 Feb 2016 12:15:49 +0100
Subject: [PATCH 19/19] tldap: Parse a search entry only if it is one
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/lib/tldap.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 1f9462a..a702783 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -2003,7 +2003,12 @@ static bool tldap_parse_search_entry(struct tldap_message *msg)
{
int num_attribs = 0;
- if (!asn1_start_tag(msg->data, msg->type)) return false;
+ if (msg->type != TLDAP_RES_SEARCH_ENTRY) {
+ return false;
+ }
+ if (!asn1_start_tag(msg->data, TLDAP_RES_SEARCH_ENTRY)) {
+ return false;
+ }
/* dn */
--
1.9.1
More information about the samba-technical
mailing list