diff options
| author | Simo Sorce <idra@samba.org> | 2006-11-22 00:59:34 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:28:22 -0500 |
| commit | 4889eb9f7aae9349e426d0f6d2217adff67eaebd (patch) | |
| tree | 7eb63c32bcbd19bf64d5c315f01785f30d3a789c /source4/rpc_server | |
| parent | ce0c2236b953dc977655dbceef40916825e843ae (diff) | |
| download | samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.tar.gz samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.tar.bz2 samba-4889eb9f7aae9349e426d0f6d2217adff67eaebd.zip | |
r19831: Big ldb_dn optimization and interfaces enhancement patch
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
Diffstat (limited to 'source4/rpc_server')
| -rw-r--r-- | source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 4 | ||||
| -rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 26 | ||||
| -rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 4 | ||||
| -rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 33 | ||||
| -rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.h | 4 | ||||
| -rw-r--r-- | source4/rpc_server/samr/samr_password.c | 8 |
6 files changed, 39 insertions, 40 deletions
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index e101195d9c..b7a5b2d242 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -280,8 +280,8 @@ static WERROR drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALL return WERR_NOMEM; } - msg->dn = ldb_dn_explode(msg, req->object_dn); - if (msg->dn == NULL) { + msg->dn = ldb_dn_new(msg, b_state->sam_ctx, req->object_dn); + if ( ! ldb_dn_validate(msg->dn)) { r->out.res.res1.status = WERR_OK; return WERR_OK; } diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 6dce61506d..af67835d03 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -52,9 +52,9 @@ struct lsa_policy_state { struct ldb_context *sam_ldb; struct sidmap_context *sidmap; uint32_t access_mask; - const struct ldb_dn *domain_dn; - const struct ldb_dn *builtin_dn; - const struct ldb_dn *system_dn; + struct ldb_dn *domain_dn; + struct ldb_dn *builtin_dn; + struct ldb_dn *system_dn; const char *domain_name; const char *domain_dns; struct dom_sid *domain_sid; @@ -91,7 +91,7 @@ struct lsa_secret_state { struct lsa_trusted_domain_state { struct lsa_policy_state *policy; uint32_t access_mask; - const struct ldb_dn *trusted_domain_dn; + struct ldb_dn *trusted_domain_dn; }; static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call, @@ -271,7 +271,7 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ struct lsa_policy_state **_state) { struct lsa_policy_state *state; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; struct ldb_result *dom_res; const char *dom_attrs[] = { "objectSid", @@ -833,10 +833,8 @@ static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALL return NT_STATUS_INTERNAL_DB_CORRUPTION; } - msg->dn = ldb_dn_build_child(mem_ctx, "cn", - r->in.info->name.string, - policy_state->system_dn); - if (!msg->dn) { + msg->dn = ldb_dn_copy(mem_ctx, policy_state->system_dn); + if ( ! ldb_dn_add_child_fmt(msg->dn, "sn=%s", r->in.info->name.string)) { return NT_STATUS_NO_MEMORY; } @@ -2218,8 +2216,8 @@ static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX return NT_STATUS_INTERNAL_DB_CORRUPTION; } - msg->dn = ldb_dn_build_child(mem_ctx, "cn", name2, policy_state->system_dn); - if (!name2 || !msg->dn) { + msg->dn = ldb_dn_copy(mem_ctx, policy_state->system_dn); + if (!name2 || ! ldb_dn_add_child_fmt(msg->dn, "cn=%s", name2)) { return NT_STATUS_NO_MEMORY; } @@ -2236,7 +2234,7 @@ static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX secret_state->sam_ldb = talloc_reference(secret_state, secrets_db_connect(mem_ctx)); /* search for the secret record */ ret = gendb_search(secret_state->sam_ldb, mem_ctx, - ldb_dn_explode(mem_ctx, "cn=LSA Secrets"), + ldb_dn_new(mem_ctx, secret_state->sam_ldb, "cn=LSA Secrets"), &msgs, attrs, "(&(cn=%s)(objectclass=secret))", ldb_binary_encode_string(mem_ctx, name)); @@ -2250,7 +2248,7 @@ static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX return NT_STATUS_INTERNAL_DB_CORRUPTION; } - msg->dn = ldb_dn_string_compose(mem_ctx, NULL, "cn=%s,cn=LSA Secrets", name); + msg->dn = ldb_dn_new_fmt(mem_ctx, secret_state->sam_ldb, "cn=%s,cn=LSA Secrets", name); samdb_msg_add_string(secret_state->sam_ldb, mem_ctx, msg, "cn", name); } @@ -2361,7 +2359,7 @@ static NTSTATUS lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *m /* search for the secret record */ ret = gendb_search(secret_state->sam_ldb, mem_ctx, - ldb_dn_explode(mem_ctx, "cn=LSA Secrets"), + ldb_dn_new(mem_ctx, secret_state->sam_ldb, "cn=LSA Secrets"), &msgs, attrs, "(&(cn=%s)(objectclass=secret))", ldb_binary_encode_string(mem_ctx, name)); diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index bd8b289ae5..9b43d1c70f 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -874,7 +874,7 @@ static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALL struct netr_DomainInfo1 *info1; int ret, ret1, ret2, i; NTSTATUS status; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; const char *local_domain; @@ -1130,7 +1130,7 @@ static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, struct ldb_message **dom_res, **ref_res; const char * const dom_attrs[] = { "objectSid", "objectGUID", NULL }; const char * const ref_attrs[] = { "nETBIOSName", "dnsRoot", NULL }; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; ZERO_STRUCT(r->out); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index b03c3789e7..3e8650eb55 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -225,7 +225,7 @@ static NTSTATUS samr_LookupDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX struct ldb_message **dom_msgs; struct ldb_message **ref_msgs; int ret; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; r->out.sid = NULL; @@ -253,7 +253,7 @@ static NTSTATUS samr_LookupDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX } ret = gendb_search_dn(c_state->sam_ctx, mem_ctx, - samdb_result_dn(mem_ctx, + samdb_result_dn(c_state->sam_ctx, mem_ctx, ref_msgs[0], "ncName", NULL), &dom_msgs, dom_attrs); } @@ -291,7 +291,7 @@ static NTSTATUS samr_EnumDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX const char * const ref_attrs[] = { "nETBIOSName", NULL}; struct ldb_message **dom_msgs; struct ldb_message **ref_msgs; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; *r->out.resume_handle = 0; r->out.sam = NULL; @@ -371,7 +371,7 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX * struct ldb_message **dom_msgs; struct ldb_message **ref_msgs; int ret; - const struct ldb_dn *partitions_basedn; + struct ldb_dn *partitions_basedn; ZERO_STRUCTP(r->out.domain_handle); @@ -934,8 +934,8 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO } /* add core elements to the ldb_message for the user */ - msg->dn = ldb_dn_string_compose(mem_ctx, d_state->domain_dn, - "CN=%s,CN=Users", groupname); + msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn); + ldb_dn_add_child_fmt(msg->dn, "CN=%s,CN=Users", groupname); if (!msg->dn) { return NT_STATUS_NO_MEMORY; } @@ -1197,11 +1197,12 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX } /* add core elements to the ldb_message for the user */ - msg->dn = ldb_dn_build_child(mem_ctx, "CN", cn_name, ldb_dn_build_child(mem_ctx, "CN", container, d_state->domain_dn)); - if (!msg->dn) { + msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn); + if ( ! ldb_dn_add_child_fmt(msg->dn, "CN=%s,CN=%s", cn_name, container)) { ldb_transaction_cancel(d_state->sam_ctx); - return NT_STATUS_NO_MEMORY; + return NT_STATUS_FOOBAR; } + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "sAMAccountName", account_name); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "objectClass", obj_class); @@ -1215,13 +1216,13 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX case LDB_ERR_ENTRY_ALREADY_EXISTS: ldb_transaction_cancel(d_state->sam_ctx); DEBUG(0,("Failed to create user record %s: %s\n", - ldb_dn_linearize(mem_ctx, msg->dn), + ldb_dn_get_linearized(msg->dn), ldb_errstring(d_state->sam_ctx))); return NT_STATUS_USER_EXISTS; default: ldb_transaction_cancel(d_state->sam_ctx); DEBUG(0,("Failed to create user record %s: %s\n", - ldb_dn_linearize(mem_ctx, msg->dn), + ldb_dn_get_linearized(msg->dn), ldb_errstring(d_state->sam_ctx))); return NT_STATUS_INTERNAL_DB_CORRUPTION; } @@ -1464,8 +1465,8 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C } /* add core elements to the ldb_message for the alias */ - msg->dn = ldb_dn_string_compose(mem_ctx, d_state->domain_dn, - "CN=%s, CN=Users", alias_name); + msg->dn = ldb_dn_copy(mem_ctx, d_state->domain_dn); + ldb_dn_add_child_fmt(msg->dn, "CN=%s,CN=Users", alias_name); if (!msg->dn) { return NT_STATUS_NO_MEMORY; } @@ -2288,7 +2289,7 @@ static NTSTATUS samr_QueryGroupMember(struct dcesrv_call_state *dce_call, TALLOC struct ldb_message **res2; const char * const attrs2[2] = { "objectSid", NULL }; ret = gendb_search_dn(a_state->sam_ctx, mem_ctx, - ldb_dn_explode(mem_ctx, (const char *)el->values[i].data), + ldb_dn_new(mem_ctx, a_state->sam_ctx, (const char *)el->values[i].data), &res2, attrs2); if (ret != 1) return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -2682,7 +2683,7 @@ static NTSTATUS samr_GetMembersInAlias(struct dcesrv_call_state *dce_call, TALLO struct ldb_message **msgs2; const char * const attrs2[2] = { "objectSid", NULL }; ret = gendb_search_dn(a_state->sam_ctx, mem_ctx, - ldb_dn_explode(mem_ctx, (const char *)el->values[i].data), + ldb_dn_new(mem_ctx, a_state->sam_ctx, (const char *)el->values[i].data), &msgs2, attrs2); if (ret != 1) return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -3782,7 +3783,7 @@ static NTSTATUS samr_RemoveMemberFromForeignDomain(struct dcesrv_call_state *dce return NT_STATUS_NO_MEMORY; } - mod->dn = samdb_result_dn(mod, res[i], "distinguishedName", NULL); + mod->dn = samdb_result_dn(d_state->sam_ctx, mod, res[i], "distinguishedName", NULL); if (mod->dn == NULL) { talloc_free(mod); continue; diff --git a/source4/rpc_server/samr/dcesrv_samr.h b/source4/rpc_server/samr/dcesrv_samr.h index 8e53fa7a10..bebc60e0e7 100644 --- a/source4/rpc_server/samr/dcesrv_samr.h +++ b/source4/rpc_server/samr/dcesrv_samr.h @@ -49,7 +49,7 @@ struct samr_domain_state { uint32_t access_mask; struct dom_sid *domain_sid; const char *domain_name; - const struct ldb_dn *domain_dn; + struct ldb_dn *domain_dn; }; /* @@ -61,5 +61,5 @@ struct samr_account_state { uint32_t access_mask; struct dom_sid *account_sid; const char *account_name; - const struct ldb_dn *account_dn; + struct ldb_dn *account_dn; }; diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index a62e768980..3d15a29735 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -187,7 +187,7 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ uint32_t new_pass_len; struct samr_CryptPassword *pwbuf = r->in.password; struct ldb_context *sam_ctx; - const struct ldb_dn *user_dn; + struct ldb_dn *user_dn; int ret; struct ldb_message **res, *mod; const char * const attrs[] = { "objectSid", "lmPwdHash", NULL }; @@ -320,7 +320,7 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, char new_pass[512]; uint32_t new_pass_len; struct ldb_context *sam_ctx = NULL; - const struct ldb_dn *user_dn; + struct ldb_dn *user_dn; int ret; struct ldb_message **res, *mod; const char * const attrs[] = { "ntPwdHash", "lmPwdHash", NULL }; @@ -510,7 +510,7 @@ NTSTATUS samr_ChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX */ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call, void *sam_ctx, - const struct ldb_dn *account_dn, const struct ldb_dn *domain_dn, + struct ldb_dn *account_dn, struct ldb_dn *domain_dn, TALLOC_CTX *mem_ctx, struct ldb_message *msg, struct samr_CryptPassword *pwbuf) @@ -552,7 +552,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call, */ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call, struct ldb_context *sam_ctx, - const struct ldb_dn *account_dn, const struct ldb_dn *domain_dn, + struct ldb_dn *account_dn, struct ldb_dn *domain_dn, TALLOC_CTX *mem_ctx, struct ldb_message *msg, struct samr_CryptPasswordEx *pwbuf) |