diff options
author | Simo Sorce <idra@samba.org> | 2006-11-22 00:59:34 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:28:22 -0500 |
commit | 4889eb9f7aae9349e426d0f6d2217adff67eaebd (patch) | |
tree | 7eb63c32bcbd19bf64d5c315f01785f30d3a789c /source4/dsdb/samdb | |
parent | ce0c2236b953dc977655dbceef40916825e843ae (diff) | |
download | samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.tar.gz samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.tar.bz2 samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.zip |
r19831: Big ldb_dn optimization and interfaces enhancement patch
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r-- | source4/dsdb/samdb/cracknames.c | 38 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/entryUUID.c | 12 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/extended_dn.c | 7 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/kludge_acl.c | 2 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/local_password.c | 25 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/partition.c | 35 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 6 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/proxy.c | 15 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/rootdse.c | 6 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 12 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/schema.c | 6 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/schema_syntax.c | 67 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/schema_syntax.h | 3 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 66 |
14 files changed, 149 insertions, 151 deletions
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index eb051a0fb2..16aa616983 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -38,12 +38,12 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, struct smb_krb5_context *smb_krb5_context, uint32_t format_flags, uint32_t format_offered, uint32_t format_desired, - const struct ldb_dn *name_dn, const char *name, + struct ldb_dn *name_dn, const char *name, const char *domain_filter, const char *result_filter, struct drsuapi_DsNameInfo1 *info1); static WERROR DsCrackNameOneSyntactical(TALLOC_CTX *mem_ctx, uint32_t format_offered, uint32_t format_desired, - const struct ldb_dn *name_dn, const char *name, + struct ldb_dn *name_dn, const char *name, struct drsuapi_DsNameInfo1 *info1); static enum drsuapi_DsNameStatus LDB_lookup_spn_alias(krb5_context context, struct ldb_context *ldb_ctx, @@ -69,10 +69,14 @@ static enum drsuapi_DsNameStatus LDB_lookup_spn_alias(krb5_context context, stru return DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR; } - service_dn = ldb_dn_string_compose(tmp_ctx, samdb_base_dn(ldb_ctx), - "CN=Directory Service,CN=Windows NT" - ",CN=Services,CN=Configuration"); + service_dn = ldb_dn_new(tmp_ctx, ldb_ctx, "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration"); + if ( ! ldb_dn_add_base(service_dn, samdb_base_dn(ldb_ctx))) { + return DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR; + } service_dn_str = ldb_dn_linearize(tmp_ctx, service_dn); + if ( ! service_dn_str) { + return DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR; + } ret = ldb_search(ldb_ctx, service_dn, LDB_SCOPE_BASE, "(objectClass=nTDSService)", directory_attrs, &res); @@ -358,9 +362,9 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, /* A LDAP DN as a string */ case DRSUAPI_DS_NAME_FORMAT_FQDN_1779: { - name_dn = ldb_dn_explode(mem_ctx, name); domain_filter = NULL; - if (!name_dn) { + name_dn = ldb_dn_new(mem_ctx, sam_ctx, name); + if (! ldb_dn_validate(name_dn)) { info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; return WERR_OK; } @@ -534,7 +538,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, static WERROR DsCrackNameOneSyntactical(TALLOC_CTX *mem_ctx, uint32_t format_offered, uint32_t format_desired, - const struct ldb_dn *name_dn, const char *name, + struct ldb_dn *name_dn, const char *name, struct drsuapi_DsNameInfo1 *info1) { char *cracked; @@ -573,7 +577,7 @@ static WERROR DsCrackNameOneSyntactical(TALLOC_CTX *mem_ctx, static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, struct smb_krb5_context *smb_krb5_context, uint32_t format_flags, uint32_t format_offered, uint32_t format_desired, - const struct ldb_dn *name_dn, const char *name, + struct ldb_dn *name_dn, const char *name, const char *domain_filter, const char *result_filter, struct drsuapi_DsNameInfo1 *info1) { @@ -582,8 +586,8 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ const char * const *domain_attrs; const char * const *result_attrs; struct ldb_message **result_res = NULL; - const struct ldb_dn *result_basedn; - const struct ldb_dn *partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx); + struct ldb_dn *result_basedn; + struct ldb_dn *partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx); const char * const _domain_attrs_1779[] = { "ncName", "dnsRoot", NULL}; const char * const _result_attrs_null[] = { NULL }; @@ -655,7 +659,7 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY; if (result_filter) { - result_basedn = samdb_result_dn(mem_ctx, domain_res[0], "ncName", NULL); + result_basedn = samdb_result_dn(sam_ctx, mem_ctx, domain_res[0], "ncName", NULL); ldb_ret = gendb_search(sam_ctx, mem_ctx, result_basedn, &result_res, result_attrs, "%s", result_filter); @@ -663,7 +667,7 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ ldb_ret = gendb_search_dn(sam_ctx, mem_ctx, name_dn, &result_res, result_attrs); } else { - name_dn = samdb_result_dn(mem_ctx, domain_res[0], "ncName", NULL); + name_dn = samdb_result_dn(sam_ctx, mem_ctx, domain_res[0], "ncName", NULL); ldb_ret = gendb_search_dn(sam_ctx, mem_ctx, name_dn, &result_res, result_attrs); } @@ -830,7 +834,7 @@ NTSTATUS crack_user_principal_name(struct ldb_context *sam_ctx, return NT_STATUS_UNSUCCESSFUL; } - *user_dn = ldb_dn_explode(mem_ctx, info1.result_name); + *user_dn = ldb_dn_new(mem_ctx, sam_ctx, info1.result_name); if (domain_dn) { werr = DsCrackNameOneName(sam_ctx, mem_ctx, 0, @@ -854,7 +858,7 @@ NTSTATUS crack_user_principal_name(struct ldb_context *sam_ctx, return NT_STATUS_UNSUCCESSFUL; } - *domain_dn = ldb_dn_explode(mem_ctx, info1.result_name); + *domain_dn = ldb_dn_new(mem_ctx, sam_ctx, info1.result_name); } return NT_STATUS_OK; @@ -893,7 +897,7 @@ NTSTATUS crack_service_principal_name(struct ldb_context *sam_ctx, return NT_STATUS_UNSUCCESSFUL; } - *user_dn = ldb_dn_explode(mem_ctx, info1.result_name); + *user_dn = ldb_dn_new(mem_ctx, sam_ctx, info1.result_name); if (domain_dn) { werr = DsCrackNameOneName(sam_ctx, mem_ctx, 0, @@ -917,7 +921,7 @@ NTSTATUS crack_service_principal_name(struct ldb_context *sam_ctx, return NT_STATUS_UNSUCCESSFUL; } - *domain_dn = ldb_dn_explode(mem_ctx, info1.result_name); + *domain_dn = ldb_dn_new(mem_ctx, sam_ctx, info1.result_name); } return NT_STATUS_OK; diff --git a/source4/dsdb/samdb/ldb_modules/entryUUID.c b/source4/dsdb/samdb/ldb_modules/entryUUID.c index 38f366dfa2..2bc97f2040 100644 --- a/source4/dsdb/samdb/ldb_modules/entryUUID.c +++ b/source4/dsdb/samdb/ldb_modules/entryUUID.c @@ -112,7 +112,7 @@ static struct ldb_val objectCategory_always_dn(struct ldb_module *module, TALLOC struct entryUUID_private *entryUUID_private; struct ldb_result *list; - if (ldb_dn_explode(ctx, (const char *)val->data)) { + if (ldb_dn_validate(ldb_dn_new(ctx, module->ldb, (const char *)val->data))) { return *val; } map_private = talloc_get_type(module->private_data, struct map_private); @@ -415,7 +415,7 @@ static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ct { const char *rootdse_attrs[] = {"schemaNamingContext", NULL}; struct ldb_dn *schema_dn; - struct ldb_dn *basedn = ldb_dn_explode(mem_ctx, ""); + struct ldb_dn *basedn = ldb_dn_new(mem_ctx, ldb, NULL); struct ldb_result *rootdse_res; int ldb_ret; if (!basedn) { @@ -436,7 +436,7 @@ static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ct } /* Locate schema */ - schema_dn = ldb_msg_find_attr_as_dn(mem_ctx, rootdse_res->msgs[0], "schemaNamingContext"); + schema_dn = ldb_msg_find_attr_as_dn(ldb, mem_ctx, rootdse_res->msgs[0], "schemaNamingContext"); if (!schema_dn) { return NULL; } @@ -490,8 +490,8 @@ static int get_remote_rootdse(struct ldb_context *ldb, void *context, if (!entryUUID_private->base_dns) { return LDB_ERR_OPERATIONS_ERROR; } - entryUUID_private->base_dns[i] = ldb_dn_explode(entryUUID_private->base_dns, (const char *)el->values[i].data); - if (!entryUUID_private->base_dns[i]) { + entryUUID_private->base_dns[i] = ldb_dn_new(entryUUID_private->base_dns, ldb, (const char *)el->values[i].data); + if ( ! ldb_dn_validate(entryUUID_private->base_dns[i])) { return LDB_ERR_OPERATIONS_ERROR; } } @@ -517,7 +517,7 @@ static int find_base_dns(struct ldb_module *module, } req->operation = LDB_SEARCH; - req->op.search.base = ldb_dn_new(req); + req->op.search.base = ldb_dn_new(req, module->ldb, NULL); req->op.search.scope = LDB_SCOPE_BASE; req->op.search.tree = ldb_parse_tree(req, "objectClass=*"); diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn.c b/source4/dsdb/samdb/ldb_modules/extended_dn.c index 64600fff8b..012ac74514 100644 --- a/source4/dsdb/samdb/ldb_modules/extended_dn.c +++ b/source4/dsdb/samdb/ldb_modules/extended_dn.c @@ -97,6 +97,7 @@ static BOOL add_attrs(void *mem_ctx, char ***attrs, const char *attr) } static BOOL inject_extended_dn(struct ldb_message *msg, + struct ldb_context *ldb, int type, BOOL remove_guid, BOOL remove_sid) @@ -152,8 +153,8 @@ static BOOL inject_extended_dn(struct ldb_message *msg, if (!new_dn) return False; - msg->dn = ldb_dn_explode_or_special(msg, new_dn); - if (!msg->dn) + msg->dn = ldb_dn_new(msg, ldb, new_dn); + if (! ldb_dn_validate(msg->dn)) return False; val = ldb_msg_find_ldb_val(msg, "distinguishedName"); @@ -193,7 +194,7 @@ static int extended_callback(struct ldb_context *ldb, void *context, struct ldb_ if (ares->type == LDB_REPLY_ENTRY) { /* for each record returned post-process to add any derived attributes that have been asked for */ - if (!inject_extended_dn(ares->message, ac->extended_type, ac->remove_guid, ac->remove_sid)) { + if (!inject_extended_dn(ares->message, ldb, ac->extended_type, ac->remove_guid, ac->remove_sid)) { goto error; } } diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index 088f2657cc..176cfbf3a5 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -231,7 +231,7 @@ static int kludge_acl_init(struct ldb_module *module) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_search(module->ldb, ldb_dn_explode(mem_ctx, "@KLUDGEACL"), + ret = ldb_search(module->ldb, ldb_dn_new(mem_ctx, module->ldb, "@KLUDGEACL"), LDB_SCOPE_BASE, NULL, attrs, &res); diff --git a/source4/dsdb/samdb/ldb_modules/local_password.c b/source4/dsdb/samdb/ldb_modules/local_password.c index b5cff0272d..57323d859f 100644 --- a/source4/dsdb/samdb/ldb_modules/local_password.c +++ b/source4/dsdb/samdb/ldb_modules/local_password.c @@ -140,8 +140,7 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(module->ldb, - ldb_dn_explode(req, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), req->op.add.message->dn) == 0) { return ldb_next_request(module, req); } @@ -225,9 +224,8 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req /* Find the objectGUID to use as the key */ objectGUID = samdb_result_guid(ac->orig_req->op.add.message, "objectGUID"); - local_message->dn = ldb_dn_string_compose(local_message, - ldb_dn_explode(local_message, LOCAL_BASE), - PASSWORD_GUID_ATTR "=%s", GUID_string(local_message, &objectGUID)); + local_message->dn = ldb_dn_new(local_message, module->ldb, LOCAL_BASE); + ldb_dn_add_child_fmt(local_message->dn, PASSWORD_GUID_ATTR "=%s", GUID_string(local_message, &objectGUID)); ac->local_req->op.add.message = local_message; @@ -276,8 +274,7 @@ static int local_password_modify(struct ldb_module *module, struct ldb_request * } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(module->ldb, - ldb_dn_explode(req, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), req->op.mod.message->dn) == 0) { return ldb_next_request(module, req); } @@ -447,9 +444,8 @@ static int local_password_mod_local(struct ldb_handle *h) { objectGUID = samdb_result_guid(ac->search_res->message, "objectGUID"); - ac->local_message->dn = ldb_dn_string_compose(ac, - ldb_dn_explode(ac, LOCAL_BASE), - PASSWORD_GUID_ATTR "=%s", GUID_string(ac, &objectGUID)); + ac->local_message->dn = ldb_dn_new(ac, ac->module->ldb, LOCAL_BASE); + ldb_dn_add_child_fmt(ac->local_message->dn, PASSWORD_GUID_ATTR "=%s", GUID_string(ac, &objectGUID)); h->state = LDB_ASYNC_INIT; h->status = LDB_SUCCESS; @@ -591,10 +587,8 @@ static int lpdb_remote_search_callback(struct ldb_context *ldb, void *context, s local_context->remote_res = ares; local_context->local_res = NULL; - req->op.search.base = ldb_dn_string_compose(ac, - ldb_dn_explode(ac, LOCAL_BASE), - PASSWORD_GUID_ATTR "=%s", GUID_string(ac, &objectGUID)); - if (!req->op.search.base) { + req->op.search.base = ldb_dn_new(ac, ac->module->ldb, LOCAL_BASE); + if ( ! ldb_dn_add_child_fmt(req->op.search.base, PASSWORD_GUID_ATTR "=%s", GUID_string(ac, &objectGUID))) { return LDB_ERR_OPERATIONS_ERROR; } req->operation = LDB_SEARCH; @@ -642,8 +636,7 @@ static int local_password_search(struct ldb_module *module, struct ldb_request * } /* If the caller is searching for the local passwords directly, let them pass */ - if (ldb_dn_compare_base(module->ldb, - ldb_dn_explode(req, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), req->op.search.base) == 0) { return ldb_next_request(module, req); } diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index d678364b6e..625c846bdc 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -100,7 +100,7 @@ struct ldb_module *make_module_for_next_request(TALLOC_CTX *mem_ctx, return current; } -struct ldb_module *find_backend(struct ldb_module *module, struct ldb_request *req, const struct ldb_dn *dn) +struct ldb_module *find_backend(struct ldb_module *module, struct ldb_request *req, struct ldb_dn *dn) { int i; struct partition_private_data *data = talloc_get_type(module->private_data, @@ -109,8 +109,7 @@ struct ldb_module *find_backend(struct ldb_module *module, struct ldb_request *r /* Figure out which partition it is under */ /* Skip the lot if 'data' isn't here yet (initialistion) */ for (i=0; data && data->partitions && data->partitions[i]; i++) { - if (ldb_dn_compare_base(module->ldb, - data->partitions[i]->dn, + if (ldb_dn_compare_base(data->partitions[i]->dn, dn) == 0) { return make_module_for_next_request(req, module->ldb, data->partitions[i]->module); } @@ -210,8 +209,7 @@ static int partition_send_request(struct partition_context *ac, struct ldb_modul /* If the search is for 'more' than this partition, * then change the basedn, so a remote LDAP server * doesn't object */ - if (ldb_dn_compare_base(ac->module->ldb, - partition_base_dn, req->op.search.base) != 0) { + if (ldb_dn_compare_base(partition_base_dn, req->op.search.base) != 0) { req->op.search.base = partition_base_dn; } req->callback = partition_search_callback; @@ -253,7 +251,7 @@ static int partition_send_all(struct ldb_module *module, /* Figure out which backend a request needs to be aimed at. Some * requests must be replicated to all backends */ -static int partition_replicate(struct ldb_module *module, struct ldb_request *req, const struct ldb_dn *dn) +static int partition_replicate(struct ldb_module *module, struct ldb_request *req, struct ldb_dn *dn) { int i; struct ldb_module *backend; @@ -262,8 +260,7 @@ static int partition_replicate(struct ldb_module *module, struct ldb_request *re /* Is this a special DN, we need to replicate to every backend? */ for (i=0; data->replicate && data->replicate[i]; i++) { - if (ldb_dn_compare(module->ldb, - data->replicate[i], + if (ldb_dn_compare(data->replicate[i], dn) == 0) { struct ldb_handle *h; struct partition_context *ac; @@ -316,13 +313,12 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) ac = talloc_get_type(h->private_data, struct partition_context); /* Search from the base DN */ - if (!req->op.search.base || (ldb_dn_get_comp_num(req->op.search.base) == 0)) { + if (!req->op.search.base || ldb_dn_is_null(req->op.search.base)) { return partition_send_all(module, ac, req); } for (i=0; data && data->partitions && data->partitions[i]; i++) { /* Find all partitions under the search base */ - if (ldb_dn_compare_base(module->ldb, - req->op.search.base, + if (ldb_dn_compare_base(req->op.search.base, data->partitions[i]->dn) == 0) { ret = partition_send_request(ac, data->partitions[i]->module, data->partitions[i]->dn); if (ret != LDB_SUCCESS) { @@ -577,13 +573,12 @@ static int partition_sequence_number(struct ldb_module *module, struct ldb_reque static int sort_compare(void *void1, void *void2, void *opaque) { - struct ldb_context *ldb = talloc_get_type(opaque, struct ldb_context); struct partition **pp1 = void1; struct partition **pp2 = void2; struct partition *partition1 = talloc_get_type(*pp1, struct partition); struct partition *partition2 = talloc_get_type(*pp2, struct partition); - return ldb_dn_compare(ldb, partition1->dn, partition2->dn); + return ldb_dn_compare(partition1->dn, partition2->dn); } static int partition_init(struct ldb_module *module) @@ -608,7 +603,7 @@ static int partition_init(struct ldb_module *module) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_search(module->ldb, ldb_dn_explode(mem_ctx, "@PARTITION"), + ret = ldb_search(module->ldb, ldb_dn_new(mem_ctx, module->ldb, "@PARTITION"), LDB_SCOPE_BASE, NULL, attrs, &res); @@ -665,7 +660,7 @@ static int partition_init(struct ldb_module *module) return LDB_ERR_OPERATIONS_ERROR; } - data->partitions[i]->dn = ldb_dn_explode(data->partitions[i], base); + data->partitions[i]->dn = ldb_dn_new(data->partitions[i], module->ldb, base); if (!data->partitions[i]->dn) { ldb_asprintf_errstring(module->ldb, "partition_init: invalid DN in partition record: %s", base); @@ -718,8 +713,8 @@ static int partition_init(struct ldb_module *module) } for (i=0; i < replicate_attributes->num_values; i++) { - data->replicate[i] = ldb_dn_explode(data->replicate, (const char *)replicate_attributes->values[i].data); - if (!data->replicate[i]) { + data->replicate[i] = ldb_dn_new(data->replicate, module->ldb, (const char *)replicate_attributes->values[i].data); + if (!ldb_dn_validate(data->replicate[i])) { ldb_asprintf_errstring(module->ldb, "partition_init: " "invalid DN in partition replicate record: %s", @@ -765,14 +760,14 @@ static int partition_init(struct ldb_module *module) modules = ldb_modules_list_from_string(module->ldb, mem_ctx, p); - base_dn = ldb_dn_explode(mem_ctx, base); - if (!base_dn) { + base_dn = ldb_dn_new(mem_ctx, module->ldb, base); + if (!ldb_dn_validate(base_dn)) { talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; } for (partition_idx = 0; data->partitions[partition_idx]; partition_idx++) { - if (ldb_dn_compare(module->ldb, data->partitions[partition_idx]->dn, + if (ldb_dn_compare(data->partitions[partition_idx]->dn, base_dn) == 0) { partition = data->partitions[partition_idx]; break; diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 1b35ec3e8c..b25beb7a8f 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -588,8 +588,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(module->ldb, - ldb_dn_explode(req, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), req->op.add.message->dn) == 0) { return ldb_next_request(module, req); } @@ -783,8 +782,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(module->ldb, - ldb_dn_explode(req, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), req->op.mod.message->dn) == 0) { return ldb_next_request(module, req); } diff --git a/source4/dsdb/samdb/ldb_modules/proxy.c b/source4/dsdb/samdb/ldb_modules/proxy.c index d2628f5d1d..41fe8b68c9 100644 --- a/source4/dsdb/samdb/ldb_modules/proxy.c +++ b/source4/dsdb/samdb/ldb_modules/proxy.c @@ -70,7 +70,7 @@ static int load_proxy_info(struct ldb_module *module) return 0; } - dn = ldb_dn_explode(proxy, "@PROXYINFO"); + dn = ldb_dn_new(proxy, module->ldb, "@PROXYINFO"); if (dn == NULL) { goto failed; } @@ -94,13 +94,13 @@ static int load_proxy_info(struct ldb_module *module) goto failed; } - proxy->olddn = ldb_dn_explode(proxy, olddn); + proxy->olddn = ldb_dn_new(proxy, module->ldb, olddn); if (proxy->olddn == NULL) { ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to explode olddn '%s'\n", olddn); goto failed; } - proxy->newdn = ldb_dn_explode(proxy, newdn); + proxy->newdn = ldb_dn_new(proxy, module->ldb, newdn); if (proxy->newdn == NULL) { ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to explode newdn '%s'\n", newdn); goto failed; @@ -226,9 +226,8 @@ static void proxy_convert_record(struct ldb_module *module, struct ldb_message * /* fix the message DN */ if (ldb_dn_compare_base(module->ldb, proxy->olddn, msg->dn) == 0) { - struct ldb_dn *newdn = ldb_dn_copy(msg, msg->dn); - newdn->comp_num -= proxy->olddn->comp_num; - msg->dn = ldb_dn_compose(msg, newdn, proxy->newdn); + ldb_dn_remove_base_components(msg->dn, ldb_dn_get_comp_num(proxy->olddn)); + ldb_dn_add_base(msg->dn, proxy->newdn); } /* fix any attributes */ @@ -282,8 +281,8 @@ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *re talloc_free(newreq); goto failed; } - base->comp_num -= proxy->newdn->comp_num; - base = ldb_dn_compose(proxy, newreq->op.search.base, proxy->olddn); + ldb_dn_remove_base_components(base, ldb_dn_get_comp_num(proxy->newdn)); + ldb_dn_add_base(base, proxy->olddn); ldb_debug(module->ldb, LDB_DEBUG_FATAL, "proxying: '%s' with dn '%s' \n", ldb_filter_from_tree(proxy, newreq->op.search.tree), ldb_dn_linearize(proxy, newreq->op.search.base)); diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 371031be26..e073c8f89b 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -53,7 +53,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms struct private_data *priv = talloc_get_type(module->private_data, struct private_data); char **server_sasl; - msg->dn = ldb_dn_explode(msg, ""); + msg->dn = ldb_dn_new(msg, module->ldb, NULL); /* don't return the distinduishedName, cn and name attributes */ ldb_msg_remove_attr(msg, "distinguishedName"); @@ -182,7 +182,7 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req) /* see if its for the rootDSE */ if (req->op.search.scope != LDB_SCOPE_BASE || - (req->op.search.base && ldb_dn_get_comp_num(req->op.search.base) != 0)) { + ( ! ldb_dn_is_null(req->op.search.base))) { return ldb_next_request(module, req); } @@ -203,7 +203,7 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req) down_req->operation = req->operation; /* in our db we store the rootDSE with a DN of cn=rootDSE */ - down_req->op.search.base = ldb_dn_explode(down_req, "cn=rootDSE"); + down_req->op.search.base = ldb_dn_new(down_req, module->ldb, "cn=rootDSE"); down_req->op.search.scope = LDB_SCOPE_BASE; down_req->op.search.tree = ldb_parse_tree(down_req, NULL); if (down_req->op.search.base == NULL || down_req->op.search.tree == NULL) { diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 3ce5cc1b5c..667b0d5ca8 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -62,7 +62,7 @@ static BOOL samldb_msg_add_sid(struct ldb_module *module, struct ldb_message *ms return 0 on failure, the id on success */ static int samldb_set_next_rid(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *dn, uint32_t old_id, uint32_t new_id) + struct ldb_dn *dn, uint32_t old_id, uint32_t new_id) { struct ldb_message msg; int ret; @@ -119,7 +119,7 @@ static int samldb_set_next_rid(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, return 0 on failure, the id on success */ static int samldb_find_next_rid(struct ldb_module *module, TALLOC_CTX *mem_ctx, - const struct ldb_dn *dn, uint32_t *old_rid) + struct ldb_dn *dn, uint32_t *old_rid) { const char * const attrs[2] = { "nextRid", NULL }; struct ldb_result *res = NULL; @@ -150,7 +150,7 @@ static int samldb_find_next_rid(struct ldb_module *module, TALLOC_CTX *mem_ctx, } static int samldb_allocate_next_rid(struct ldb_module *module, TALLOC_CTX *mem_ctx, - const struct ldb_dn *dn, const struct dom_sid *dom_sid, + struct ldb_dn *dn, const struct dom_sid *dom_sid, struct dom_sid **new_sid) { struct dom_sid *obj_sid; @@ -185,7 +185,7 @@ static int samldb_allocate_next_rid(struct ldb_module *module, TALLOC_CTX *mem_c } /* Find a domain object in the parents of a particular DN. */ -static struct ldb_dn *samldb_search_domain(struct ldb_module *module, TALLOC_CTX *mem_ctx, const struct ldb_dn *dn) +static struct ldb_dn *samldb_search_domain(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *dn) { TALLOC_CTX *local_ctx; struct ldb_dn *sdn; @@ -224,12 +224,12 @@ static struct ldb_dn *samldb_search_domain(struct ldb_module *module, TALLOC_CTX return the new sid string */ static int samldb_get_new_sid(struct ldb_module *module, - TALLOC_CTX *mem_ctx, const struct ldb_dn *obj_dn, + TALLOC_CTX *mem_ctx, struct ldb_dn *obj_dn, struct dom_sid **sid) { const char * const attrs[2] = { "objectSid", NULL }; struct ldb_result *res = NULL; - const struct ldb_dn *dom_dn; + struct ldb_dn *dom_dn; int ret; struct dom_sid *dom_sid; diff --git a/source4/dsdb/samdb/ldb_modules/schema.c b/source4/dsdb/samdb/ldb_modules/schema.c index fe275ce841..f7bbb7b2c5 100644 --- a/source4/dsdb/samdb/ldb_modules/schema.c +++ b/source4/dsdb/samdb/ldb_modules/schema.c @@ -946,7 +946,7 @@ static int schema_check_attributes_syntax(struct schema_context *sctx) if (attr == NULL) { return LDB_ERR_NO_SUCH_ATTRIBUTE; } - ret = schema_validate(&msg->elements[i], attr->syntax, attr->single, attr->min, attr->max); + ret = schema_validate(sctx->module->ldb, &msg->elements[i], attr->syntax, attr->single, attr->min, attr->max); if (ret != LDB_SUCCESS) { return ret; } @@ -1187,7 +1187,7 @@ static int schema_init(struct ldb_module *module) /* find the schema partition */ ret = ldb_search(module->ldb, - ldb_dn_new(module), + ldb_dn_new(module, module->ldb, NULL), LDB_SCOPE_BASE, "(objectClass=*)", schema_attrs, @@ -1200,7 +1200,7 @@ static int schema_init(struct ldb_module *module) return LDB_ERR_OPERATIONS_ERROR; } - data->schema_dn = ldb_msg_find_attr_as_dn(data, res->msgs[0], "schemaNamingContext"); + data->schema_dn = ldb_msg_find_attr_as_dn(module->ldb, data, res->msgs[0], "schemaNamingContext"); if (data->schema_dn == NULL) { /* FIXME: return a clear error string */ talloc_free(data); diff --git a/source4/dsdb/samdb/ldb_modules/schema_syntax.c b/source4/dsdb/samdb/ldb_modules/schema_syntax.c index f23c2d156d..f394c75047 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_syntax.c +++ b/source4/dsdb/samdb/ldb_modules/schema_syntax.c @@ -137,7 +137,7 @@ int map_schema_syntax(uint32_t om_syntax, const char *attr_syntax, const struct return ret; } -static int schema_validate_boolean(struct ldb_val *val, int min, int max) +static int schema_validate_boolean(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { if ((strncmp("TRUE", (const char *)val->data, val->length) != 0) && @@ -148,7 +148,7 @@ static int schema_validate_boolean(struct ldb_val *val, int min, int max) return LDB_SUCCESS; } -static int schema_validate_integer(struct ldb_val *val, int min, int max) +static int schema_validate_integer(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { int value; char *endptr; @@ -163,19 +163,19 @@ static int schema_validate_integer(struct ldb_val *val, int min, int max) return LDB_SUCCESS; } -static int schema_validate_binary_blob(struct ldb_val *val, int min, int max) +static int schema_validate_binary_blob(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* is there anythign we should check in a binary blob ? */ return LDB_SUCCESS; } -static int schema_validate_sid(struct ldb_val *val, int min, int max) +static int schema_validate_sid(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate binary form of objectSid */ return LDB_SUCCESS; } -static int schema_validate_oid(struct ldb_val *val, int min, int max) +static int schema_validate_oid(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { if (strspn((const char *)val->data, "0123456789.") != val->length) return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; @@ -183,7 +183,7 @@ static int schema_validate_oid(struct ldb_val *val, int min, int max) return LDB_SUCCESS; } -static int schema_validate_numeric_string(struct ldb_val *val, int min, int max) +static int schema_validate_numeric_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { if (strspn((const char *)val->data, "0123456789") != val->length) return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; @@ -191,80 +191,76 @@ static int schema_validate_numeric_string(struct ldb_val *val, int min, int max) return LDB_SUCCESS; } -static int schema_validate_printable_string(struct ldb_val *val, int min, int max) +static int schema_validate_printable_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what constitutes the printable character set */ return LDB_SUCCESS; } -static int schema_validate_teletext_string(struct ldb_val *val, int min, int max) +static int schema_validate_teletext_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what constitutes the teletext character set */ return LDB_SUCCESS; } -static int schema_validate_ia5_string(struct ldb_val *val, int min, int max) +static int schema_validate_ia5_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what constitutes the IA5 character set */ return LDB_SUCCESS; } -static int schema_validate_utc_time(struct ldb_val *val, int min, int max) +static int schema_validate_utc_time(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate syntax of UTC Time string */ return LDB_SUCCESS; } -static int schema_validate_generalized_time(struct ldb_val *val, int min, int max) +static int schema_validate_generalized_time(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate syntax of Generalized Time string */ return LDB_SUCCESS; } /* NOTE: not a single attribute has this syntax in the basic w2k3 schema */ -static int schema_validate_sensitive_string(struct ldb_val *val, int min, int max) +static int schema_validate_sensitive_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what constitutes a "case sensitive string" */ return LDB_SUCCESS; } -static int schema_validate_unicode_string(struct ldb_val *val, int min, int max) +static int schema_validate_unicode_string(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate utf8 string */ return LDB_SUCCESS; } -static int schema_validate_large_integer(struct ldb_val *val, int min, int max) +static int schema_validate_large_integer(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate large integer/interval */ return LDB_SUCCESS; } -static int schema_validate_object_sd(struct ldb_val *val, int min, int max) +static int schema_validate_object_sd(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: validate object Security Descriptor */ return LDB_SUCCESS; } -static int schema_validate_dn(struct ldb_val *val, int min, int max) +static int schema_validate_dn(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { - TALLOC_CTX *memctx; struct ldb_dn *dn; int ret = LDB_SUCCESS; - memctx = talloc_new(NULL); - if (!memctx) return LDB_ERR_OPERATIONS_ERROR; - - dn = ldb_dn_explode(memctx, (const char *)val->data); - if (!dn) { + dn = ldb_dn_new(ldb, ldb, (const char *)val->data); + if ( ! ldb_dn_validate(dn)) { ret = LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - talloc_free(memctx); + talloc_free(dn); return ret; } -static int schema_validate_binary_plus_dn(struct ldb_val *val, int min, int max) +static int schema_validate_binary_plus_dn(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { int ret = LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; TALLOC_CTX *memctx; @@ -319,8 +315,8 @@ static int schema_validate_binary_plus_dn(struct ldb_val *val, int min, int max) str = p + 1; - dn = ldb_dn_explode(memctx, str); - if (dn) { + dn = ldb_dn_new(memctx, ldb, str); + if (ldb_dn_validate(dn)) { ret = LDB_SUCCESS; } @@ -329,26 +325,26 @@ done: return ret; } -static int schema_validate_x400_or_name(struct ldb_val *val, int min, int max) +static int schema_validate_x400_or_name(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what is the syntax of an X400 OR NAME */ return LDB_SUCCESS; } -static int schema_validate_presentation_address(struct ldb_val *val, int min, int max) +static int schema_validate_presentation_address(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what is the syntax of a presentation address */ return LDB_SUCCESS; } -static int schema_validate_x400_access_point(struct ldb_val *val, int min, int max) +static int schema_validate_x400_access_point(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { /* TODO: find out what is the syntax of an X400 Access Point */ return LDB_SUCCESS; } /* NOTE: seem there isn't a single attribute defined like this in the base w2k3 schema */ -static int schema_validate_string_plus_dn(struct ldb_val *val, int min, int max) +static int schema_validate_string_plus_dn(struct ldb_context *ldb, struct ldb_val *val, int min, int max) { int ret = LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; TALLOC_CTX *memctx; @@ -403,8 +399,8 @@ static int schema_validate_string_plus_dn(struct ldb_val *val, int min, int max) str = p + 1; - dn = ldb_dn_explode(memctx, str); - if (dn) { + dn = ldb_dn_new(memctx, ldb, str); + if (ldb_dn_validate(dn)) { ret = LDB_SUCCESS; } @@ -415,7 +411,7 @@ done: struct schema_syntax_validator { enum schema_internal_syntax type; - int (*validate)(struct ldb_val *, int, int); + int (*validate)(struct ldb_context *ldb, struct ldb_val *, int, int); }; struct schema_syntax_validator schema_syntax_validators[] = { @@ -445,7 +441,8 @@ struct schema_syntax_validator schema_syntax_validators[] = { { -1, NULL } }; -int schema_validate(struct ldb_message_element *el, +int schema_validate(struct ldb_context *ldb, + struct ldb_message_element *el, enum schema_internal_syntax type, bool single, int min, int max) { @@ -466,7 +463,7 @@ int schema_validate(struct ldb_message_element *el, v = &schema_syntax_validators[i]; for (i = 0; i < el->num_values; i++) { - ret = v->validate(&el->values[i], min, max); + ret = v->validate(ldb, &el->values[i], min, max); } return LDB_SUCCESS; diff --git a/source4/dsdb/samdb/ldb_modules/schema_syntax.h b/source4/dsdb/samdb/ldb_modules/schema_syntax.h index 453f79a3c2..39a5603cae 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_syntax.h +++ b/source4/dsdb/samdb/ldb_modules/schema_syntax.h @@ -67,7 +67,8 @@ int map_schema_syntax(uint32_t om_syntax, const struct ldb_val *om_class, enum schema_internal_syntax *syntax); -int schema_validate(struct ldb_message_element *el, +int schema_validate(struct ldb_context *ldb, + struct ldb_message_element *el, enum schema_internal_syntax type, bool single, int min, int max); diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index f9ef3bc907..4439335ca5 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -59,7 +59,7 @@ struct ldb_context *samdb_connect(TALLOC_CTX *mem_ctx, */ int samdb_search_domain(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, struct ldb_message ***res, const char * const *attrs, const struct dom_sid *domain_sid, @@ -100,7 +100,7 @@ int samdb_search_domain(struct ldb_context *sam_ldb, */ const char *samdb_search_string_v(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *attr_name, const char *format, va_list ap) _PRINTF_ATTRIBUTE(5,0) { @@ -129,7 +129,7 @@ const char *samdb_search_string_v(struct ldb_context *sam_ldb, */ const char *samdb_search_string(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *attr_name, const char *format, ...) _PRINTF_ATTRIBUTE(5,6) { @@ -145,7 +145,7 @@ const char *samdb_search_string(struct ldb_context *sam_ldb, struct ldb_dn *samdb_search_dn(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *format, ...) _PRINTF_ATTRIBUTE(4,5) { va_list ap; @@ -170,7 +170,7 @@ struct ldb_dn *samdb_search_dn(struct ldb_context *sam_ldb, */ struct dom_sid *samdb_search_dom_sid(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *attr_name, const char *format, ...) _PRINTF_ATTRIBUTE(5,6) { @@ -203,7 +203,7 @@ struct dom_sid *samdb_search_dom_sid(struct ldb_context *sam_ldb, */ int samdb_search_count(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *format, ...) _PRINTF_ATTRIBUTE(4,5) { va_list ap; @@ -225,7 +225,7 @@ int samdb_search_count(struct ldb_context *sam_ldb, uint_t samdb_search_uint(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, uint_t default_value, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *attr_name, const char *format, ...) _PRINTF_ATTRIBUTE(6,7) { @@ -253,7 +253,7 @@ uint_t samdb_search_uint(struct ldb_context *sam_ldb, int64_t samdb_search_int64(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, int64_t default_value, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char *attr_name, const char *format, ...) _PRINTF_ATTRIBUTE(6,7) { @@ -281,7 +281,7 @@ int64_t samdb_search_int64(struct ldb_context *sam_ldb, */ int samdb_search_string_multiple(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *basedn, + struct ldb_dn *basedn, const char ***strs, const char *attr_name, const char *format, ...) _PRINTF_ATTRIBUTE(6,7) @@ -350,12 +350,18 @@ const char *samdb_result_string(const struct ldb_message *msg, const char *attr, return ldb_msg_find_attr_as_string(msg, attr, default_value); } -struct ldb_dn *samdb_result_dn(TALLOC_CTX *mem_ctx, const struct ldb_message *msg, +struct ldb_dn *samdb_result_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *msg, const char *attr, struct ldb_dn *default_value) { + struct ldb_dn *res_dn; const char *string = samdb_result_string(msg, attr, NULL); if (string == NULL) return default_value; - return ldb_dn_explode(mem_ctx, string); + res_dn = ldb_dn_new(mem_ctx, ldb, string); + if ( ! ldb_dn_validate(res_dn)) { + talloc_free(res_dn); + return NULL; + } + return res_dn; } /* @@ -467,7 +473,7 @@ uint64_t samdb_result_uint64(struct ldb_message *msg, const char *attr, uint64_t */ NTTIME samdb_result_allow_password_change(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *domain_dn, + struct ldb_dn *domain_dn, struct ldb_message *msg, const char *attr) { @@ -493,7 +499,7 @@ NTTIME samdb_result_allow_password_change(struct ldb_context *sam_ldb, */ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, - const struct ldb_dn *domain_dn, + struct ldb_dn *domain_dn, struct ldb_message *msg) { uint64_t attr_time = samdb_result_uint64(msg, "pwdLastSet", 0); @@ -679,7 +685,7 @@ int samdb_copy_template(struct ldb_context *ldb, struct ldb_result *res; struct ldb_message *t; int ret, i, j; - struct ldb_dn *basedn = ldb_dn_explode(ldb, "cn=Templates"); + struct ldb_dn *basedn = ldb_dn_new(ldb, ldb, "cn=Templates"); *errstring = NULL; @@ -982,7 +988,7 @@ int samdb_add(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_messa /* delete a record */ -int samdb_delete(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, const struct ldb_dn *dn) +int samdb_delete(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *dn) { return ldb_delete(sam_ldb, dn); } @@ -1023,19 +1029,23 @@ struct security_descriptor *samdb_default_security_descriptor(TALLOC_CTX *mem_ct return sd; } -const struct ldb_dn *samdb_base_dn(struct ldb_context *sam_ctx) +struct ldb_dn *samdb_base_dn(struct ldb_context *sam_ctx) { return ldb_get_default_basedn(sam_ctx); } -const struct ldb_dn *samdb_partitions_dn(struct ldb_context *sam_ctx, - TALLOC_CTX *mem_ctx) +struct ldb_dn *samdb_partitions_dn(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx) { - return ldb_dn_string_compose(mem_ctx, samdb_base_dn(sam_ctx), - "CN=Partitions,CN=Configuration"); -} + struct ldb_dn *new_dn; + new_dn = ldb_dn_copy(mem_ctx, samdb_base_dn(sam_ctx)); + if ( ! ldb_dn_add_child_fmt(new_dn, "CN=Partitions,CN=Configuration")) { + talloc_free(new_dn); + return NULL; + } + return new_dn; +} /* work out the domain sid for the current open ldb @@ -1061,7 +1071,7 @@ const struct dom_sid *samdb_domain_sid(struct ldb_context *ldb) goto failed; } - basedn = ldb_dn_explode(tmp_ctx, ""); + basedn = ldb_dn_new(tmp_ctx, ldb, NULL); if (basedn == NULL) { goto failed; } @@ -1078,8 +1088,8 @@ const struct dom_sid *samdb_domain_sid(struct ldb_context *ldb) goto failed; } - basedn = ldb_dn_explode(tmp_ctx, basedn_s); - if (basedn == NULL) { + basedn = ldb_dn_new(tmp_ctx, ldb, basedn_s); + if ( ! ldb_dn_validate(basedn)) { goto failed; } @@ -1129,8 +1139,8 @@ static BOOL samdb_password_complexity_ok(const char *pass) The caller should probably have a transaction wrapping this */ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, - const struct ldb_dn *user_dn, - const struct ldb_dn *domain_dn, + struct ldb_dn *user_dn, + struct ldb_dn *domain_dn, struct ldb_message *mod, const char *new_pass, struct samr_Password *lmNewHash, @@ -1542,8 +1552,8 @@ NTSTATUS samdb_create_foreign_security_principal(struct ldb_context *sam_ctx, TA } /* add core elements to the ldb_message for the alias */ - msg->dn = ldb_dn_build_child(mem_ctx, "CN", sidstr, basedn); - if (msg->dn == NULL) + msg->dn = ldb_dn_copy(mem_ctx, basedn); + if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s", sidstr)) return NT_STATUS_NO_MEMORY; samdb_msg_add_string(sam_ctx, mem_ctx, msg, |