summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-02-01 07:59:29 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-02-01 07:59:29 +0000
commit963e88aa90853a7e45c72cbc6630aa705b6d4e55 (patch)
treed77fa7772f51d6644b093a420b6dfb32e9d359ce /source3/libads
parent9c858c3188bf26a754936fff5f1a1a0c263ba7cd (diff)
downloadsamba-963e88aa90853a7e45c72cbc6630aa705b6d4e55.tar.gz
samba-963e88aa90853a7e45c72cbc6630aa705b6d4e55.tar.bz2
samba-963e88aa90853a7e45c72cbc6630aa705b6d4e55.zip
Merge LDAP filter parinoia from HEAD, a few other pdb_ldap updates and some
misc libads fixes. Andrew Bartlett (This used to be commit 9c3a1710efba9fa4160004a554687d4b85927bb1)
Diffstat (limited to 'source3/libads')
-rw-r--r--source3/libads/ldap.c28
-rw-r--r--source3/libads/ldap_user.c9
2 files changed, 28 insertions, 9 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 0a95e019bf..603f17c994 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -974,7 +974,7 @@ ADS_STATUS ads_gen_add(ADS_STRUCT *ads, const char *new_dn, ADS_MODLIST mods)
/* make sure the end of the list is NULL */
mods[i] = NULL;
- ret = ldap_add_s(ads->ld, utf8_dn ? utf8_dn : new_dn, mods);
+ ret = ldap_add_s(ads->ld, utf8_dn, mods);
SAFE_FREE(utf8_dn);
return ADS_ERROR(ret);
}
@@ -994,7 +994,7 @@ ADS_STATUS ads_del_dn(ADS_STRUCT *ads, char *del_dn)
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
- ret = ldap_delete(ads->ld, utf8_dn ? utf8_dn : del_dn);
+ ret = ldap_delete(ads->ld, utf8_dn);
return ADS_ERROR(ret);
}
@@ -1029,8 +1029,8 @@ static ADS_STATUS ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname,
ADS_MODLIST mods;
const char *objectClass[] = {"top", "person", "organizationalPerson",
"user", "computer", NULL};
- const char *servicePrincipalName[3] = {NULL, NULL, NULL};
- char *psp;
+ const char *servicePrincipalName[5] = {NULL, NULL, NULL, NULL, NULL};
+ char *psp, *psp2;
unsigned acct_control;
if (!(ctx = talloc_init("machine_account")))
@@ -1051,10 +1051,16 @@ static ADS_STATUS ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname,
ads->config.bind_path);
servicePrincipalName[0] = talloc_asprintf(ctx, "HOST/%s", hostname);
psp = talloc_asprintf(ctx, "HOST/%s.%s",
- hostname,
- ads->config.realm);
+ hostname,
+ ads->config.realm);
strlower(&psp[5]);
servicePrincipalName[1] = psp;
+ servicePrincipalName[2] = talloc_asprintf(ctx, "CIFS/%s", hostname);
+ psp2 = talloc_asprintf(ctx, "CIFS/%s.%s",
+ hostname,
+ ads->config.realm);
+ strlower(&psp2[5]);
+ servicePrincipalName[3] = psp2;
free(ou_str);
if (!new_dn)
@@ -1405,6 +1411,7 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
size_t sd_size = 0;
struct berval bval = {0, NULL};
prs_struct ps_wire;
+ char *escaped_hostname = escape_ldap_string_alloc(hostname);
LDAPMessage *res = 0;
LDAPMessage *msg = 0;
@@ -1420,11 +1427,18 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
ret = ADS_ERROR(LDAP_SUCCESS);
- if (asprintf(&exp, "(samAccountName=%s$)", hostname) == -1) {
+ if (!escaped_hostname) {
+ return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+ }
+
+ if (asprintf(&exp, "(samAccountName=%s$)", escaped_hostname) == -1) {
DEBUG(1, ("ads_set_machine_sd: asprintf failed!\n"));
+ SAFE_FREE(escaped_hostname);
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
+ SAFE_FREE(escaped_hostname);
+
ret = ads_search(ads, (void *) &res, exp, attrs);
if (!ADS_ERR_OK(ret)) return ret;
diff --git a/source3/libads/ldap_user.c b/source3/libads/ldap_user.c
index 2e38e7a00d..7efe5338f3 100644
--- a/source3/libads/ldap_user.c
+++ b/source3/libads/ldap_user.c
@@ -30,10 +30,15 @@ ADS_STATUS ads_find_user_acct(ADS_STRUCT *ads, void **res, const char *user)
ADS_STATUS status;
char *exp;
const char *attrs[] = {"*", NULL};
+ char *escaped_user = escape_ldap_string_alloc(user);
+ if (!escaped_user) {
+ return ADS_ERROR(LDAP_NO_MEMORY);
+ }
- asprintf(&exp, "(samAccountName=%s)", user);
+ asprintf(&exp, "(samAccountName=%s)", escaped_user);
status = ads_search(ads, res, exp, attrs);
- free(exp);
+ SAFE_FREE(exp);
+ SAFE_FREE(escaped_user);
return status;
}