summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--librpc/ndr/uuid.c49
-rw-r--r--source4/dsdb/repl/replicated_objects.c2
-rw-r--r--source4/dsdb/schema/schema.h6
-rw-r--r--source4/dsdb/schema/schema_description.c2
-rw-r--r--source4/dsdb/schema/schema_syntax.c203
-rw-r--r--source4/libcli/security/dom_sid.c2
-rw-r--r--source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt56
-rw-r--r--source4/setup/schema-map-openldap-2.37
-rw-r--r--source4/torture/raw/streams.c98
9 files changed, 363 insertions, 62 deletions
diff --git a/librpc/ndr/uuid.c b/librpc/ndr/uuid.c
index aa24ac4494..2b47246806 100644
--- a/librpc/ndr/uuid.c
+++ b/librpc/ndr/uuid.c
@@ -36,6 +36,7 @@ _PUBLIC_ NTSTATUS GUID_from_data_blob(const DATA_BLOB *s, struct GUID *guid)
uint32_t clock_seq[2];
uint32_t node[6];
uint8_t buf16[16];
+
DATA_BLOB blob16 = data_blob_const(buf16, sizeof(buf16));
int i;
@@ -43,20 +44,40 @@ _PUBLIC_ NTSTATUS GUID_from_data_blob(const DATA_BLOB *s, struct GUID *guid)
return NT_STATUS_INVALID_PARAMETER;
}
- if (s->length == 36 &&
- 11 == sscanf((const char *)s->data,
- "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
- &time_low, &time_mid, &time_hi_and_version,
- &clock_seq[0], &clock_seq[1],
- &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
- status = NT_STATUS_OK;
- } else if (s->length == 38
- && 11 == sscanf((const char *)s->data,
- "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}",
- &time_low, &time_mid, &time_hi_and_version,
- &clock_seq[0], &clock_seq[1],
- &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
- status = NT_STATUS_OK;
+ if (s->length == 36) {
+ TALLOC_CTX *mem_ctx;
+ const char *string;
+
+ mem_ctx = talloc_new(NULL);
+ NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+ string = talloc_strndup(mem_ctx, (const char *)s->data, s->length);
+ NT_STATUS_HAVE_NO_MEMORY(string);
+ if (11 == sscanf(string,
+ "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+ &time_low, &time_mid, &time_hi_and_version,
+ &clock_seq[0], &clock_seq[1],
+ &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
+ status = NT_STATUS_OK;
+ }
+ talloc_free(mem_ctx);
+
+ } else if (s->length == 38) {
+ TALLOC_CTX *mem_ctx;
+ const char *string;
+
+ mem_ctx = talloc_new(NULL);
+ NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+ string = talloc_strndup(mem_ctx, (const char *)s->data, s->length);
+ NT_STATUS_HAVE_NO_MEMORY(string);
+ if (11 == sscanf((const char *)s->data,
+ "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}",
+ &time_low, &time_mid, &time_hi_and_version,
+ &clock_seq[0], &clock_seq[1],
+ &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) {
+ status = NT_STATUS_OK;
+ }
+ talloc_free(mem_ctx);
+
} else if (s->length == 32) {
size_t rlen = strhex_to_str((char *)blob16.data, blob16.length,
(const char *)s->data, s->length);
diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c
index 9853a75347..560f75da7a 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -282,7 +282,7 @@ static WERROR dsdb_convert_object(struct ldb_context *ldb,
status = dsdb_decrypt_attribute(gensec_skey, rid, a);
W_ERROR_NOT_OK_RETURN(status);
- status = dsdb_attribute_drsuapi_to_ldb(schema, a, msg->elements, e);
+ status = dsdb_attribute_drsuapi_to_ldb(ldb, schema, a, msg->elements, e);
W_ERROR_NOT_OK_RETURN(status);
m->attid = a->attid;
diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h
index e8fefb5246..f7d59a7c39 100644
--- a/source4/dsdb/schema/schema.h
+++ b/source4/dsdb/schema/schema.h
@@ -37,12 +37,14 @@ struct dsdb_syntax {
const char *comment;
const char *ldb_syntax;
- WERROR (*drsuapi_to_ldb)(const struct dsdb_schema *schema,
+ WERROR (*drsuapi_to_ldb)(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
struct ldb_message_element *out);
- WERROR (*ldb_to_drsuapi)(const struct dsdb_schema *schema,
+ WERROR (*ldb_to_drsuapi)(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
diff --git a/source4/dsdb/schema/schema_description.c b/source4/dsdb/schema/schema_description.c
index 9443c04bb0..5474eb5074 100644
--- a/source4/dsdb/schema/schema_description.c
+++ b/source4/dsdb/schema/schema_description.c
@@ -387,8 +387,6 @@ char *schema_class_to_dITContentRule(TALLOC_CTX *mem_ctx, const struct dsdb_clas
char *schema_class_to_extendedInfo(TALLOC_CTX *mem_ctx, const struct dsdb_class *sclass)
{
char *schema_description = NULL;
- DATA_BLOB guid_blob;
- char *guid_hex;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
return NULL;
diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c
index 7aed08605b..4141026b7e 100644
--- a/source4/dsdb/schema/schema_syntax.c
+++ b/source4/dsdb/schema/schema_syntax.c
@@ -23,12 +23,16 @@
#include "includes.h"
#include "dsdb/samdb/samdb.h"
#include "librpc/gen_ndr/ndr_drsuapi.h"
+#include "librpc/gen_ndr/ndr_security.h"
+#include "librpc/gen_ndr/ndr_misc.h"
#include "lib/ldb/include/ldb.h"
+#include "lib/ldb/include/ldb_errors.h"
#include "system/time.h"
#include "../lib/util/charset/charset.h"
#include "librpc/ndr/libndr.h"
-static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -61,7 +65,8 @@ static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(const struct dsdb_schema *schema
return WERR_OK;
}
-static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -70,7 +75,8 @@ static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(const struct dsdb_schema *schema
return WERR_FOOBAR;
}
-static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -114,7 +120,8 @@ static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -155,7 +162,8 @@ static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -194,7 +202,8 @@ static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -233,7 +242,8 @@ static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -272,7 +282,8 @@ static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -311,7 +322,8 @@ static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -361,7 +373,8 @@ static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(const struct dsdb_schema *sc
return WERR_OK;
}
-static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -403,7 +416,8 @@ static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(const struct dsdb_schema *sc
return WERR_OK;
}
-static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -445,7 +459,8 @@ static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(const struct dsdb_schema *schema
return WERR_OK;
}
-static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -487,7 +502,8 @@ static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(const struct dsdb_schema *schema
return WERR_OK;
}
-static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -520,7 +536,8 @@ static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(const struct dsdb_schema *sch
return WERR_OK;
}
-static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -553,7 +570,8 @@ static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(const struct dsdb_schema *sch
return WERR_OK;
}
-static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -599,7 +617,8 @@ static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(const struct dsdb_schema *sche
return WERR_OK;
}
-static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -639,7 +658,8 @@ static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(const struct dsdb_schema *sche
return WERR_OK;
}
-static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -649,11 +669,11 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema,
switch (attr->attributeID_id) {
case DRSUAPI_ATTRIBUTE_objectClass:
- return _dsdb_syntax_OID_obj_drsuapi_to_ldb(schema, attr, in, mem_ctx, out);
+ return _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
case DRSUAPI_ATTRIBUTE_governsID:
case DRSUAPI_ATTRIBUTE_attributeID:
case DRSUAPI_ATTRIBUTE_attributeSyntax:
- return _dsdb_syntax_OID_oid_drsuapi_to_ldb(schema, attr, in, mem_ctx, out);
+ return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
}
out->flags = 0;
@@ -693,7 +713,8 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -711,7 +732,7 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema,
case DRSUAPI_ATTRIBUTE_governsID:
case DRSUAPI_ATTRIBUTE_attributeID:
case DRSUAPI_ATTRIBUTE_attributeSyntax:
- return dsdb_syntax_FOOBAR_ldb_to_drsuapi(schema, attr, in, mem_ctx, out);
+ return dsdb_syntax_FOOBAR_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out);
}
out->attid = attr->attributeID_id;
@@ -740,7 +761,8 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema,
return WERR_OK;
}
-static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -784,7 +806,8 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_schema *schem
return WERR_OK;
}
-static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -825,13 +848,15 @@ static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(const struct dsdb_schema *schem
return WERR_OK;
}
-static WERROR dsdb_syntax_DN_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DN_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
struct ldb_message_element *out)
{
uint32_t i;
+ int ret;
out->flags = 0;
out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
@@ -844,31 +869,83 @@ static WERROR dsdb_syntax_DN_drsuapi_to_ldb(const struct dsdb_schema *schema,
for (i=0; i < out->num_values; i++) {
struct drsuapi_DsReplicaObjectIdentifier3 id3;
enum ndr_err_code ndr_err;
+ DATA_BLOB guid_blob;
+ struct ldb_dn *dn;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
+ }
if (in->value_ctr.values[i].blob == NULL) {
+ talloc_free(tmp_ctx);
return WERR_FOOBAR;
}
if (in->value_ctr.values[i].blob->length == 0) {
+ talloc_free(tmp_ctx);
return WERR_FOOBAR;
}
+
+
ndr_err = ndr_pull_struct_blob_all(in->value_ctr.values[i].blob,
- out->values, schema->iconv_convenience, &id3,
+ tmp_ctx, schema->iconv_convenience, &id3,
(ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
return ntstatus_to_werror(status);
}
- /* TODO: handle id3.guid and id3.sid */
- out->values[i] = data_blob_string_const(id3.dn);
+ dn = ldb_dn_new(tmp_ctx, ldb, id3.dn);
+ if (!dn) {
+ talloc_free(tmp_ctx);
+ /* If this fails, it must be out of memory, as it does not do much parsing */
+ W_ERROR_HAVE_NO_MEMORY(dn);
+ }
+
+ ndr_err = ndr_push_struct_blob(&guid_blob, tmp_ctx, schema->iconv_convenience, &id3.guid,
+ (ndr_push_flags_fn_t)ndr_push_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
+ return ntstatus_to_werror(status);
+ }
+
+ ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return WERR_FOOBAR;
+ }
+
+ talloc_free(guid_blob.data);
+
+ if (id3.__ndr_size_sid) {
+ DATA_BLOB sid_blob;
+ ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, schema->iconv_convenience, &id3.sid,
+ (ndr_push_flags_fn_t)ndr_push_dom_sid);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
+ return ntstatus_to_werror(status);
+ }
+
+ ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return WERR_FOOBAR;
+ }
+ }
+
+ out->values[i] = data_blob_string_const(ldb_dn_get_extended_linearized(out->values, dn, 1));
+ talloc_free(tmp_ctx);
}
return WERR_OK;
}
-static WERROR dsdb_syntax_DN_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DN_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -894,24 +971,61 @@ static WERROR dsdb_syntax_DN_ldb_to_drsuapi(const struct dsdb_schema *schema,
for (i=0; i < in->num_values; i++) {
struct drsuapi_DsReplicaObjectIdentifier3 id3;
enum ndr_err_code ndr_err;
+ const DATA_BLOB *guid_blob, *sid_blob;
+ struct ldb_dn *dn;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
out->value_ctr.values[i].blob = &blobs[i];
- /* TODO: handle id3.guid and id3.sid */
+ dn = ldb_dn_from_ldb_val(tmp_ctx, ldb, &in->values[i]);
+
+ W_ERROR_HAVE_NO_MEMORY(dn);
+
+ guid_blob = ldb_dn_get_extended_component(dn, "GUID");
+
ZERO_STRUCT(id3);
- id3.dn = (const char *)in->values[i].data;
+
+ if (guid_blob) {
+ ndr_err = ndr_pull_struct_blob_all(guid_blob,
+ tmp_ctx, schema->iconv_convenience, &id3.guid,
+ (ndr_pull_flags_fn_t)ndr_pull_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
+ return ntstatus_to_werror(status);
+ }
+ }
+
+ sid_blob = ldb_dn_get_extended_component(dn, "SID");
+ if (sid_blob) {
+
+ ndr_err = ndr_pull_struct_blob_all(sid_blob,
+ tmp_ctx, schema->iconv_convenience, &id3.sid,
+ (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
+ return ntstatus_to_werror(status);
+ }
+ }
+
+ id3.dn = ldb_dn_get_linearized(dn);
ndr_err = ndr_push_struct_blob(&blobs[i], blobs, schema->iconv_convenience, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
+ talloc_free(tmp_ctx);
return ntstatus_to_werror(status);
}
+ talloc_free(tmp_ctx);
}
return WERR_OK;
}
-static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -966,7 +1080,8 @@ static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(const struct dsdb_schema *sch
return WERR_OK;
}
-static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -1011,7 +1126,8 @@ static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(const struct dsdb_schema *sch
return WERR_OK;
}
-static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
@@ -1060,7 +1176,8 @@ static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(const struct dsdb_
return WERR_OK;
}
-static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(const struct dsdb_schema *schema,
+static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
@@ -1329,11 +1446,11 @@ static const struct dsdb_syntax dsdb_syntaxes[] = {
.oMSyntax = 127,
.oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c"),
.attributeSyntax_oid = "2.5.5.14",
- .drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
- .ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
- .equality = "distinguishedNameMatch",
+ .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
+ .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
+ .equality = "octetStringMatch",
.comment = "OctetString: String+DN",
- .ldb_syntax = LDB_SYNTAX_DN,
+ .ldb_syntax = LDB_SYNTAX_OCTET_STRING,
}
};
@@ -1394,7 +1511,8 @@ const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute
return NULL;
}
-WERROR dsdb_attribute_drsuapi_to_ldb(const struct dsdb_schema *schema,
+WERROR dsdb_attribute_drsuapi_to_ldb(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
struct ldb_message_element *out)
@@ -1406,10 +1524,11 @@ WERROR dsdb_attribute_drsuapi_to_ldb(const struct dsdb_schema *schema,
return WERR_FOOBAR;
}
- return sa->syntax->drsuapi_to_ldb(schema, sa, in, mem_ctx, out);
+ return sa->syntax->drsuapi_to_ldb(ldb, schema, sa, in, mem_ctx, out);
}
-WERROR dsdb_attribute_ldb_to_drsuapi(const struct dsdb_schema *schema,
+WERROR dsdb_attribute_ldb_to_drsuapi(struct ldb_context *ldb,
+ const struct dsdb_schema *schema,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
struct drsuapi_DsReplicaAttribute *out)
@@ -1421,5 +1540,5 @@ WERROR dsdb_attribute_ldb_to_drsuapi(const struct dsdb_schema *schema,
return WERR_FOOBAR;
}
- return sa->syntax->ldb_to_drsuapi(schema, sa, in, mem_ctx, out);
+ return sa->syntax->ldb_to_drsuapi(ldb, schema, sa, in, mem_ctx, out);
}
diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c
index d8a83f2abb..36e3967910 100644
--- a/source4/libcli/security/dom_sid.c
+++ b/source4/libcli/security/dom_sid.c
@@ -152,7 +152,7 @@ struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr)
struct dom_sid *dom_sid_parse_length(TALLOC_CTX *mem_ctx, const DATA_BLOB *sid)
{
struct dom_sid *ret;
- char *p = talloc_strndup(mem_ctx, sid->data, sid->length);
+ char *p = talloc_strndup(mem_ctx, (char *)sid->data, sid->length);
if (!p) {
return NULL;
}
diff --git a/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt
index 743e1d0abe..ab4f3999bd 100644
--- a/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt
+++ b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt
@@ -2423,6 +2423,20 @@ searchFlags: 0
systemFlags: FLAG_SCHEMA_BASE_OBJECT
schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+cn: Global-Address-List2
+ldapDisplayName: globalAddressList2
+attributeId: 1.2.840.113556.1.4.2047
+attributeSyntax: 2.5.5.1
+linkID: 2124
+omSyntax: 127
+omObjectClass: 1.3.12.2.1011.28.0.714
+isSingleValued: FALSE
+schemaIdGuid: 4898f63d-4112-477c-8826-3ca00bd8277d
+systemOnly: FALSE
+searchFlags: 0
+systemFlags: FLAG_SCHEMA_BASE_OBJECT
+schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+
cn: Governs-ID
ldapDisplayName: governsID
attributeId: 1.2.840.113556.1.2.22
@@ -3891,6 +3905,20 @@ searchFlags: 0
systemFlags: FLAG_SCHEMA_BASE_OBJECT
schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+cn: Address-Book-Roots2
+ldapDisplayName: addressBookRoots2
+attributeId: 1.2.840.113556.1.4.2046
+attributeSyntax: 2.5.5.1
+linkID: 2122
+omSyntax: 127
+omObjectClass: 1.3.12.2.1011.28.0.714
+isSingleValued: FALSE
+schemaIdGuid: 508ca374-a511-4e4e-9f4f-856f61a6b7e4
+systemOnly: FALSE
+searchFlags: 0
+systemFlags: FLAG_SCHEMA_BASE_OBJECT
+schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+
cn: Address-Entry-Display-Table
ldapDisplayName: addressEntryDisplayTable
attributeId: 1.2.840.113556.1.2.324
@@ -5835,6 +5863,20 @@ rangeLower: 0
systemFlags: FLAG_SCHEMA_BASE_OBJECT
schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+cn: ms-DS-BridgeHead-Servers-Used
+ldapDisplayName: msDS-BridgeHeadServersUsed
+attributeId: 1.2.840.113556.1.4.2049
+attributeSyntax: 2.5.5.7
+omSyntax: 127
+omObjectClass: 1.2.840.113556.1.1.1.11
+linkID: 2160
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+schemaIdGuid: 3ced1465-7b71-2541-8780-1e1ea6243a82
+searchFlags: 0
+systemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECT
+schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+
cn: ms-DS-Byte-Array
ldapDisplayName: msDS-ByteArray
attributeId: 1.2.840.113556.1.4.1831
@@ -13740,6 +13782,20 @@ searchFlags: 0
systemFlags: FLAG_SCHEMA_BASE_OBJECT
schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+cn: Template-Roots2
+ldapDisplayName: templateRoots2
+attributeId: 1.2.840.113556.1.4.2048
+attributeSyntax: 2.5.5.1
+omSyntax: 127
+omObjectClass: 1.3.12.2.1011.28.0.714
+isSingleValued: FALSE
+linkId: 2126
+schemaIdGuid: b1cba91a-0682-4362-a659-153e201ef069
+systemOnly: FALSE
+searchFlags: 0
+systemFlags: FLAG_SCHEMA_BASE_OBJECT
+schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
+
cn: Terminal-Server
ldapDisplayName: terminalServer
attributeId: 1.2.840.113556.1.4.885
diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3
index bff1695c8f..233f9a9613 100644
--- a/source4/setup/schema-map-openldap-2.3
+++ b/source4/setup/schema-map-openldap-2.3
@@ -11,6 +11,9 @@ distinguishedName
description
cn
top
+entryTTL
+uidNumber
+gidNumber
#The memberOf plugin provides this attribute
memberOf
#These conflict with OpenLDAP builtins
@@ -42,3 +45,7 @@ modifyTimeStamp:samba4ModifyTimestamp
1.3.6.1.4.1.1466.115.121.1.38:1.3.6.1.4.1.1466.115.121.1.44
#Treat Object(DN-Binary) as a binary blob
1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.40
+#Treat Object(DN-String) as a binary blob
+1.2.840.113556.1.4.904:1.3.6.1.4.1.1466.115.121.1.40
+#Treat UTC-Time as GeneralizedTime
+1.3.6.1.4.1.1466.115.121.1.53:1.3.6.1.4.1.1466.115.121.1.24
diff --git a/source4/torture/raw/streams.c b/source4/torture/raw/streams.c
index 501da2335e..4e2a204cb6 100644
--- a/source4/torture/raw/streams.c
+++ b/source4/torture/raw/streams.c
@@ -1015,6 +1015,102 @@ done:
return ret;
}
+#define CHECK_CALL_FNUM(call, rightstatus) do { \
+ check_fnum = true; \
+ call_name = #call; \
+ sfinfo.generic.level = RAW_SFILEINFO_ ## call; \
+ sfinfo.generic.in.file.fnum = fnum; \
+ status = smb_raw_setfileinfo(cli->tree, &sfinfo); \
+ if (!NT_STATUS_EQUAL(status, rightstatus)) { \
+ printf("(%s) %s - %s (should be %s)\n", __location__, #call, \
+ nt_errstr(status), nt_errstr(rightstatus)); \
+ ret = false; \
+ } \
+ finfo1.generic.level = RAW_FILEINFO_ALL_INFO; \
+ finfo1.generic.in.file.fnum = fnum; \
+ status2 = smb_raw_fileinfo(cli->tree, tctx, &finfo1); \
+ if (!NT_STATUS_IS_OK(status2)) { \
+ printf("(%s) %s pathinfo - %s\n", __location__, #call, nt_errstr(status)); \
+ ret = false; \
+ }} while (0)
+
+/*
+ test stream renames
+*/
+static bool test_stream_rename(struct torture_context *tctx,
+ struct smbcli_state *cli,
+ TALLOC_CTX *mem_ctx)
+{
+ NTSTATUS status, status2;
+ union smb_open io;
+ const char *fname = BASEDIR "\\stream_rename.txt";
+ const char *sname1, *sname2;
+ union smb_fileinfo finfo1;
+ union smb_setfileinfo sfinfo;
+ bool ret = true;
+ int fnum = -1;
+ bool check_fnum;
+ const char *call_name;
+
+ sname1 = talloc_asprintf(mem_ctx, "%s:%s", fname, "Stream One");
+ sname2 = talloc_asprintf(mem_ctx, "%s:%s:$DaTa", fname, "Second Stream");
+
+ printf("(%s) testing stream renames\n", __location__);
+ io.generic.level = RAW_OPEN_NTCREATEX;
+ io.ntcreatex.in.root_fid = 0;
+ io.ntcreatex.in.flags = 0;
+ io.ntcreatex.in.access_mask = SEC_FILE_READ_ATTRIBUTE |
+ SEC_FILE_WRITE_ATTRIBUTE |
+ SEC_RIGHTS_FILE_ALL;
+ io.ntcreatex.in.create_options = 0;
+ io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE | NTCREATEX_SHARE_ACCESS_DELETE;
+ io.ntcreatex.in.alloc_size = 0;
+ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
+ io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ io.ntcreatex.in.security_flags = 0;
+ io.ntcreatex.in.fname = sname1;
+
+ /* Create two streams. */
+ status = smb_raw_open(cli->tree, mem_ctx, &io);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = io.ntcreatex.out.file.fnum;
+ if (fnum != -1) smbcli_close(cli->tree, fnum);
+
+ io.ntcreatex.in.fname = sname2;
+ status = smb_raw_open(cli->tree, mem_ctx, &io);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = io.ntcreatex.out.file.fnum;
+
+ if (fnum != -1) smbcli_close(cli->tree, fnum);
+
+ /*
+ * Open the second stream.
+ */
+
+ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
+ status = smb_raw_open(cli->tree, mem_ctx, &io);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ fnum = io.ntcreatex.out.file.fnum;
+
+ /*
+ * Now rename the second stream onto the first.
+ */
+
+ ZERO_STRUCT(sfinfo);
+
+ sfinfo.rename_information.in.overwrite = 1;
+ sfinfo.rename_information.in.root_fid = 0;
+ sfinfo.rename_information.in.new_name = ":Stream One";
+ CHECK_CALL_FNUM(RENAME_INFORMATION, NT_STATUS_OK);
+
+done:
+ if (fnum != -1) smbcli_close(cli->tree, fnum);
+ status = smbcli_unlink(cli->tree, fname);
+ return ret;
+}
+
+
/*
basic testing of streams calls
*/
@@ -1037,6 +1133,8 @@ bool torture_raw_streams(struct torture_context *torture,
smb_raw_exit(cli->session);
ret &= test_stream_names2(torture, cli, torture);
smb_raw_exit(cli->session);
+ ret &= test_stream_rename(torture, cli, torture);
+ smb_raw_exit(cli->session);
if (!torture_setting_bool(torture, "samba4", false)) {
ret &= test_stream_delete(torture, cli, torture);
}
generated by cgit (git 2.34.1) at 2025-11-04 02:03:54 +0000