diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2007-06-21 10:18:20 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:53:27 -0500 |
| commit | e9d19477e43b65f91bd152f5249b684dbefa5cc6 (patch) | |
| tree | d8a0bae4a3d5f7cd7a6dd1069f1e174ff9c1b0f2 /source4/lib/ldb | |
| parent | b3f3a4b52900a72de88bbb69e4ea3c425d49c2d8 (diff) | |
| download | samba-e9d19477e43b65f91bd152f5249b684dbefa5cc6.tar.gz samba-e9d19477e43b65f91bd152f5249b684dbefa5cc6.tar.bz2 samba-e9d19477e43b65f91bd152f5249b684dbefa5cc6.zip | |
r23560: - Activate metze's schema modules (from metze's schema-loading-13 patch).
- samba3sam.js: rework the samba3sam test to not use objectCategory,
as it's has special rules (dnsName a simple match)
- ldap.js: Test the ordering of the objectClass attributes for the baseDN
- schema_init.c: Load the mayContain and mustContain (and system...) attributes when
reading the schema from ldb
- To make the schema load not suck in terms of performance, write the
schema into a static global variable
- ldif_handlers.c: Match objectCategory for equality and canonicolisation
based on the loaded schema, not simple tring manipuation
- ldb_msg.c: don't duplicate attributes when adding attributes to a list
- kludge_acl.c: return allowedAttributesEffective based on schema results
and privilages
Andrew Bartlett
(This used to be commit dcff83ebe463bc7391841f55856d7915c204d000)
Diffstat (limited to 'source4/lib/ldb')
| -rw-r--r-- | source4/lib/ldb/common/ldb_msg.c | 12 | ||||
| -rw-r--r-- | source4/lib/ldb/samba/ldif_handlers.c | 71 |
2 files changed, 39 insertions, 44 deletions
diff --git a/source4/lib/ldb/common/ldb_msg.c b/source4/lib/ldb/common/ldb_msg.c index 1d02fb0f3e..d0dd252e47 100644 --- a/source4/lib/ldb/common/ldb_msg.c +++ b/source4/lib/ldb/common/ldb_msg.c @@ -666,7 +666,15 @@ const char **ldb_attr_list_copy_add(TALLOC_CTX *mem_ctx, const char * const *att { const char **ret; int i; - for (i=0;attrs[i];i++) /* noop */ ; + bool found = false; + for (i=0;attrs[i];i++) { + if (ldb_attr_cmp(attrs[i], new_attr) == 0) { + found = true; + } + } + if (found) { + return ldb_attr_list_copy(mem_ctx, attrs); + } ret = talloc_array(mem_ctx, const char *, i+2); if (ret == NULL) { return NULL; @@ -686,7 +694,7 @@ const char **ldb_attr_list_copy_add(TALLOC_CTX *mem_ctx, const char * const *att int ldb_attr_in_list(const char * const *attrs, const char *attr) { int i; - for (i=0;attrs[i];i++) { + for (i=0;attrs && attrs[i];i++) { if (ldb_attr_cmp(attrs[i], attr) == 0) { return 1; } diff --git a/source4/lib/ldb/samba/ldif_handlers.c b/source4/lib/ldb/samba/ldif_handlers.c index 44b956a8b6..e1691d0cb3 100644 --- a/source4/lib/ldb/samba/ldif_handlers.c +++ b/source4/lib/ldb/samba/ldif_handlers.c @@ -299,66 +299,53 @@ static int ldif_canonicalise_objectCategory(struct ldb_context *ldb, void *mem_c const struct ldb_val *in, struct ldb_val *out) { struct ldb_dn *dn1 = NULL; - char *oc1, *oc2; + const struct dsdb_schema *schema = dsdb_get_schema(ldb); + const struct dsdb_class *class; + if (!schema) { + *out = data_blob_talloc(mem_ctx, in->data, in->length); + return LDB_SUCCESS; + } dn1 = ldb_dn_new(mem_ctx, ldb, (char *)in->data); if ( ! ldb_dn_validate(dn1)) { - oc1 = talloc_strndup(mem_ctx, (char *)in->data, in->length); - } else if (ldb_dn_get_comp_num(dn1) >= 1 && strcasecmp(ldb_dn_get_rdn_name(dn1), "cn") == 0) { + const char *lDAPDisplayName = talloc_strndup(mem_ctx, (char *)in->data, in->length); + class = dsdb_class_by_lDAPDisplayName(schema, lDAPDisplayName); + talloc_free(lDAPDisplayName); + } else if (ldb_dn_get_comp_num(dn1) >= 1 && ldb_attr_cmp(ldb_dn_get_rdn_name(dn1), "cn") == 0) { const struct ldb_val *val = ldb_dn_get_rdn_val(dn1); - oc1 = talloc_strndup(mem_ctx, (char *)val->data, val->length); + const char *cn = talloc_strndup(mem_ctx, (char *)val->data, val->length); + class = dsdb_class_by_cn(schema, cn); + talloc_free(cn); } else { + talloc_free(dn1); return -1; } - - oc2 = ldb_casefold(ldb, mem_ctx, oc1); - out->data = (void *)oc2; - out->length = strlen(oc2); - talloc_free(oc1); talloc_free(dn1); - return 0; + + if (!class) { + return -1; + } + + *out = data_blob_string_const(talloc_strdup(mem_ctx, class->lDAPDisplayName)); + + return LDB_SUCCESS; } static int ldif_comparison_objectCategory(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *v1, const struct ldb_val *v2) { - struct ldb_dn *dn1 = NULL, *dn2 = NULL; - const char *oc1, *oc2; - dn1 = ldb_dn_new(mem_ctx, ldb, (char *)v1->data); - if ( ! ldb_dn_validate(dn1)) { - oc1 = talloc_strndup(mem_ctx, (char *)v1->data, v1->length); - } else if (ldb_dn_get_comp_num(dn1) >= 1 && strcasecmp(ldb_dn_get_rdn_name(dn1), "cn") == 0) { - const struct ldb_val *val = ldb_dn_get_rdn_val(dn1); - oc1 = talloc_strndup(mem_ctx, (char *)val->data, val->length); - } else { - oc1 = NULL; - } + int ret1, ret2; + struct ldb_val v1_canon, v2_canon; + ret1 = ldif_canonicalise_objectCategory(ldb, mem_ctx, v1, &v1_canon); + ret2 = ldif_canonicalise_objectCategory(ldb, mem_ctx, v2, &v2_canon); - dn2 = ldb_dn_new(mem_ctx, ldb, (char *)v2->data); - if ( ! ldb_dn_validate(dn2)) { - oc2 = talloc_strndup(mem_ctx, (char *)v2->data, v2->length); - } else if (ldb_dn_get_comp_num(dn2) >= 2 && strcasecmp(ldb_dn_get_rdn_name(dn2), "cn") == 0) { - const struct ldb_val *val = ldb_dn_get_rdn_val(dn2); - oc2 = talloc_strndup(mem_ctx, (char *)val->data, val->length); + if (ret1 == LDB_SUCCESS && ret2 == LDB_SUCCESS) { + return ldb_attr_cmp(v1_canon.data, v2_canon.data); } else { - oc2 = NULL; + return strcasecmp(v1->data, v2->data); } - - oc1 = ldb_casefold(ldb, mem_ctx, oc1); - oc2 = ldb_casefold(ldb, mem_ctx, oc2); - if (!oc1 && oc2) { - return -1; - } - if (oc1 && !oc2) { - return 1; - } - if (!oc1 && !oc2) { - return -1; - } - - return strcmp(oc1, oc2); } #define LDB_SYNTAX_SAMBA_SID "LDB_SYNTAX_SAMBA_SID" |