summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2011-01-13 12:13:42 +1100
committerAndrew Tridgell <tridge@samba.org>2011-01-14 16:39:32 +1100
commit504a3cc6b36056f8240dae70a2445be1ad8cc6de (patch)
treef19086d16e075b6724152b85a3a64f9b683d214b
parent74493af86f953d209c57649178421929e8061c99 (diff)
downloadsamba-504a3cc6b36056f8240dae70a2445be1ad8cc6de.tar.gz
samba-504a3cc6b36056f8240dae70a2445be1ad8cc6de.tar.bz2
samba-504a3cc6b36056f8240dae70a2445be1ad8cc6de.zip
ldb: added ldb_dn_minimise()
this removes any extraneous components from a DN. For an extended DN, this means removing the string DN and all but the first extended component. This is needed as AD returns "invalid syntax" if you don't use a minimal DN as the base DN for a search. A non-minimal DN also doesn't ever match in a search expression. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/lib/ldb/common/ldb_dn.c54
-rw-r--r--source4/lib/ldb/include/ldb.h10
2 files changed, 64 insertions, 0 deletions
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c
index 07594551ea..d5442e410e 100644
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -2045,3 +2045,57 @@ int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn)
return LDB_SUCCESS;
}
+
+/*
+ minimise a DN. The caller must pass in a validated DN.
+
+ If the DN has an extended component then only the first extended
+ component is kept, the DN string is stripped.
+
+ The existing dn is modified
+ */
+bool ldb_dn_minimise(struct ldb_dn *dn)
+{
+ int i;
+
+ if (!ldb_dn_validate(dn)) {
+ return false;
+ }
+ if (dn->ext_comp_num == 0) {
+ return true;
+ }
+
+ /* free components */
+ for (i = 0; i < dn->comp_num; i++) {
+ LDB_FREE(dn->components[i].name);
+ LDB_FREE(dn->components[i].value.data);
+ LDB_FREE(dn->components[i].cf_name);
+ LDB_FREE(dn->components[i].cf_value.data);
+ }
+ dn->comp_num = 0;
+ dn->valid_case = false;
+
+ LDB_FREE(dn->casefold);
+ LDB_FREE(dn->linearized);
+
+ /* note that we don't free dn->components as this there are
+ * several places in ldb_dn.c that rely on it being non-NULL
+ * for an exploded DN
+ */
+
+ for (i = 1; i < dn->ext_comp_num; i++) {
+ LDB_FREE(dn->ext_components[i].name);
+ LDB_FREE(dn->ext_components[i].value.data);
+ }
+ dn->ext_comp_num = 1;
+
+ dn->ext_components = talloc_realloc(dn, dn->ext_components, struct ldb_dn_ext_component, 1);
+ if (dn->ext_components == NULL) {
+ ldb_dn_mark_invalid(dn);
+ return false;
+ }
+
+ LDB_FREE(dn->ext_linearized);
+
+ return true;
+}
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index e7f7ebba46..4b1a5fb708 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -2172,4 +2172,14 @@ const char *ldb_req_location(struct ldb_request *req);
/* set the location marker on a request handle - used for debugging */
#define LDB_REQ_SET_LOCATION(req) ldb_req_set_location(req, __location__)
+/*
+ minimise a DN. The caller must pass in a validated DN.
+
+ If the DN has an extended component then only the first extended
+ component is kept, the DN string is stripped.
+
+ The existing dn is modified
+ */
+bool ldb_dn_minimise(struct ldb_dn *dn);
+
#endif