diff options
author | Stefan Metzmacher <metze@samba.org> | 2006-08-05 10:26:23 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:15:23 -0500 |
commit | b4028ca1041fc8e0266de2f5c858dd40e660aafb (patch) | |
tree | eff2d4ed3e318869c7f1c3ca9f17d0fbe944ac26 /source4 | |
parent | 0c739e8cde82c22e7258061b324281d083c41a4e (diff) | |
download | samba-b4028ca1041fc8e0266de2f5c858dd40e660aafb.tar.gz samba-b4028ca1041fc8e0266de2f5c858dd40e660aafb.tar.bz2 samba-b4028ca1041fc8e0266de2f5c858dd40e660aafb.zip |
r17418: add client support for the LDAP_SERVER_SD_FLAGS control
metze
(This used to be commit 23759a1e9b05c4fde475a9016cb0b7447656d7e7)
Diffstat (limited to 'source4')
-rw-r--r-- | source4/lib/ldb/include/ldb.h | 17 | ||||
-rw-r--r-- | source4/lib/ldb/tools/cmdline.c | 27 | ||||
-rw-r--r-- | source4/libcli/ldap/ldap_controls.c | 59 |
3 files changed, 102 insertions, 1 deletions
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index 08bb2dd2f6..6730824fdd 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -423,6 +423,13 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); #define LDB_CONTROL_PAGED_RESULTS_OID "1.2.840.113556.1.4.319" /** + OID for specifying the returned elements of the ntSecurityDescriptor + + \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_sd_flags_oid.asp">Microsoft documentation of this OID</a> +*/ +#define LDB_CONTROL_SD_FLAGS_OID "1.2.840.113556.1.4.801" + +/** OID for notification \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_notification_oid.asp">Microsoft documentation of this OID</a> @@ -518,6 +525,16 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); */ #define LDB_EXTENDED_FAST_BIND_OID "1.2.840.113556.1.4.1781" +struct ldb_sd_flags_control { + /* + * request the owner 0x00000001 + * request the group 0x00000002 + * request the DACL 0x00000004 + * request the SACL 0x00000008 + */ + unsigned secinfo_flags; +}; + struct ldb_paged_control { int size; int cookie_len; diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c index e7e5186b55..d5a52cf370 100644 --- a/source4/lib/ldb/tools/cmdline.c +++ b/source4/lib/ldb/tools/cmdline.c @@ -381,6 +381,31 @@ struct ldb_control **parse_controls(void *mem_ctx, char **control_strings) continue; } + if (strncmp(control_strings[i], "sd_flags:", 9) == 0) { + struct ldb_sd_flags_control *control; + const char *p; + int crit, ret; + unsigned secinfo_flags; + + p = &(control_strings[i][9]); + ret = sscanf(p, "%d:%u", &crit, &secinfo_flags); + if ((ret != 2) || (crit < 0) || (crit > 1) || (secinfo_flags < 0) || (secinfo_flags > 0xF)) { + fprintf(stderr, "invalid sd_flags control syntax\n"); + fprintf(stderr, " syntax: crit(b):secinfo_flags(n)\n"); + fprintf(stderr, " note: b = boolean, n = number\n"); + return NULL; + } + + ctrl[i] = talloc(ctrl, struct ldb_control); + ctrl[i]->oid = LDB_CONTROL_SD_FLAGS_OID; + ctrl[i]->critical = crit; + control = talloc(ctrl[i], struct ldb_sd_flags_control); + control->secinfo_flags = secinfo_flags; + ctrl[i]->data = control; + + continue; + } + if (strncmp(control_strings[i], "paged_results:", 14) == 0) { struct ldb_paged_control *control; const char *p; @@ -464,7 +489,7 @@ struct ldb_control **parse_controls(void *mem_ctx, char **control_strings) } /* no controls matched, throw an error */ - fprintf(stderr, "Invalid control name\n"); + fprintf(stderr, "Invalid control name: '%s'\n", control_strings[i]); return NULL; } diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c index ee8f9d4bb1..445b5f8086 100644 --- a/source4/libcli/ldap/ldap_controls.c +++ b/source4/libcli/ldap/ldap_controls.c @@ -182,6 +182,37 @@ static BOOL decode_extended_dn_request(void *mem_ctx, DATA_BLOB in, void **out) return True; } +static BOOL decode_sd_flags_request(void *mem_ctx, DATA_BLOB in, void **out) +{ + struct asn1_data data; + struct ldb_sd_flags_control *lsdfc; + + if (!asn1_load(&data, in)) { + return False; + } + + lsdfc = talloc(mem_ctx, struct ldb_sd_flags_control); + if (!lsdfc) { + return False; + } + + if (!asn1_start_tag(&data, ASN1_SEQUENCE(0))) { + return False; + } + + if (!asn1_read_Integer(&data, &(lsdfc->secinfo_flags))) { + return False; + } + + if (!asn1_end_tag(&data)) { + return False; + } + + *out = lsdfc; + + return True; +} + static BOOL decode_paged_results_request(void *mem_ctx, DATA_BLOB in, void **out) { DATA_BLOB cookie; @@ -631,6 +662,33 @@ static BOOL encode_extended_dn_request(void *mem_ctx, void *in, DATA_BLOB *out) return True; } +static BOOL encode_sd_flags_request(void *mem_ctx, void *in, DATA_BLOB *out) +{ + struct ldb_sd_flags_control *lsdfc = talloc_get_type(in, struct ldb_sd_flags_control); + struct asn1_data data; + + ZERO_STRUCT(data); + + if (!asn1_push_tag(&data, ASN1_SEQUENCE(0))) { + return False; + } + + if (!asn1_write_Integer(&data, lsdfc->secinfo_flags)) { + return False; + } + + if (!asn1_pop_tag(&data)) { + return False; + } + + *out = data_blob_talloc(mem_ctx, data.data, data.length); + if (out->data == NULL) { + return False; + } + + return True; +} + static BOOL encode_paged_results_request(void *mem_ctx, void *in, DATA_BLOB *out) { struct ldb_paged_control *lprc = talloc_get_type(in, struct ldb_paged_control); @@ -878,6 +936,7 @@ struct control_handler ldap_known_controls[] = { { "1.2.840.113556.1.4.1504", decode_asq_control, encode_asq_control }, { "1.2.840.113556.1.4.841", decode_dirsync_request, encode_dirsync_request }, { "1.2.840.113556.1.4.528", decode_notification_request, encode_notification_request }, + { "1.2.840.113556.1.4.801", decode_sd_flags_request, encode_sd_flags_request }, { "2.16.840.1.113730.3.4.2", decode_manageDSAIT_request, encode_manageDSAIT_request }, { "2.16.840.1.113730.3.4.9", decode_vlv_request, encode_vlv_request }, { "2.16.840.1.113730.3.4.10", decode_vlv_response, encode_vlv_response }, |