summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/samldb.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/samldb.c')
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c173
1 files changed, 24 insertions, 149 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 2f0c6f2d17..c95fb70820 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -45,45 +45,6 @@
int samldb_notice_sid(struct ldb_module *module,
TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
-/* if value is not null also check for attribute to have exactly that value */
-static struct ldb_message_element *samldb_find_attribute(const struct ldb_message *msg, const char *name, const char *value)
-{
- int j;
- struct ldb_message_element *el = ldb_msg_find_element(msg, name);
- if (!el) {
- return NULL;
- }
-
- if (!value) {
- return el;
- }
-
- for (j = 0; j < el->num_values; j++) {
- if (strcasecmp(value,
- (char *)el->values[j].data) == 0) {
- return el;
- }
- }
-
- return NULL;
-}
-
-static BOOL samldb_msg_add_string(struct ldb_module *module, struct ldb_message *msg, const char *name, const char *value)
-{
- char *aval = talloc_strdup(msg, value);
-
- if (aval == NULL) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_msg_add_string: talloc_strdup failed!\n");
- return False;
- }
-
- if (ldb_msg_add_string(msg, name, aval) != 0) {
- return False;
- }
-
- return True;
-}
-
static BOOL samldb_msg_add_sid(struct ldb_module *module, struct ldb_message *msg, const char *name, const struct dom_sid *sid)
{
struct ldb_val v;
@@ -96,34 +57,6 @@ static BOOL samldb_msg_add_sid(struct ldb_module *module, struct ldb_message *ms
return (ldb_msg_add_value(msg, name, &v) == 0);
}
-static BOOL samldb_find_or_add_value(struct ldb_module *module, struct ldb_message *msg, const char *name, const char *value, const char *set_value)
-{
- if (msg == NULL || name == NULL || value == NULL || set_value == NULL) {
- return False;
- }
-
- if (samldb_find_attribute(msg, name, value) == NULL) {
- return samldb_msg_add_string(module, msg, name, set_value);
- }
- return True;
-}
-
-static BOOL samldb_find_or_add_attribute(struct ldb_module *module, struct ldb_message *msg, const char *name, const char *set_value)
-{
- struct ldb_message_element *el;
-
- if (msg == NULL || name == NULL || set_value == NULL) {
- return False;
- }
-
- el = ldb_msg_find_element(msg, name);
- if (el) {
- return True;
- }
-
- return samldb_msg_add_string(module, msg, name, set_value);
-}
-
/*
allocate a new id, attempting to do it atomically
return 0 on failure, the id on success
@@ -484,69 +417,6 @@ static char *samldb_generate_samAccountName(struct ldb_module *module, TALLOC_CT
} while (1);
}
-static int samldb_copy_template(struct ldb_module *module, struct ldb_message *msg, const char *filter)
-{
- struct ldb_result *res;
- struct ldb_message *t;
- int ret, i, j;
-
- struct ldb_dn *basedn = ldb_dn_explode(msg, "cn=Templates");
-
- /* pull the template record */
- ret = ldb_search(module->ldb, basedn, LDB_SCOPE_SUBTREE, filter, NULL, &res);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
- if (res->count != 1) {
- ldb_set_errstring(module->ldb, talloc_asprintf(module, "samldb_copy_template: ERROR: template '%s' matched %d records, expected 1\n", filter,
- res->count));
- return LDB_ERR_OPERATIONS_ERROR;
- }
- t = res->msgs[0];
-
- for (i = 0; i < t->num_elements; i++) {
- struct ldb_message_element *el = &t->elements[i];
- /* some elements should not be copied from the template */
- if (strcasecmp(el->name, "cn") == 0 ||
- strcasecmp(el->name, "name") == 0 ||
- strcasecmp(el->name, "sAMAccountName") == 0 ||
- strcasecmp(el->name, "objectGUID") == 0) {
- continue;
- }
- for (j = 0; j < el->num_values; j++) {
- if (strcasecmp(el->name, "objectClass") == 0) {
- if (strcasecmp((char *)el->values[j].data, "Template") == 0 ||
- strcasecmp((char *)el->values[j].data, "userTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "secretTemplate") == 0) {
- continue;
- }
- if ( ! samldb_find_or_add_value(module, msg, el->name,
- (char *)el->values[j].data,
- (char *)el->values[j].data)) {
- ldb_set_errstring(module->ldb, talloc_asprintf(module, "Adding objectClass %s failed.\n", el->values[j].data));
- talloc_free(res);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- } else {
- if ( ! samldb_find_or_add_attribute(module, msg, el->name,
- (char *)el->values[j].data)) {
- ldb_set_errstring(module->ldb, talloc_asprintf(module, "Adding attribute %s failed.\n", el->name));
- talloc_free(res);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- }
- }
- }
-
- talloc_free(res);
-
- return LDB_SUCCESS;
-}
-
static int samldb_fill_group_object(struct ldb_module *module, const struct ldb_message *msg,
struct ldb_message **ret_msg)
{
@@ -567,7 +437,7 @@ static int samldb_fill_group_object(struct ldb_module *module, const struct ldb_
return LDB_ERR_OPERATIONS_ERROR;
}
- ret = samldb_copy_template(module, msg2, "(&(CN=TemplateGroup)(objectclass=groupTemplate))");
+ ret = samdb_copy_template(module->ldb, msg2, "(&(CN=TemplateGroup)(objectclass=groupTemplate))");
if (ret != 0) {
talloc_free(mem_ctx);
return ret;
@@ -588,9 +458,10 @@ static int samldb_fill_group_object(struct ldb_module *module, const struct ldb_
talloc_free(mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
- if ( ! samldb_find_or_add_attribute(module, msg2, "sAMAccountName", name)) {
+ ret = samdb_find_or_add_attribute(module->ldb, msg2, "sAMAccountName", name);
+ if (ret) {
talloc_free(mem_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
}
@@ -625,9 +496,9 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const
return LDB_ERR_OPERATIONS_ERROR;
}
- if (samldb_find_attribute(msg, "objectclass", "computer") != NULL) {
+ if (samdb_find_attribute(module->ldb, msg, "objectclass", "computer") != NULL) {
- ret = samldb_copy_template(module, msg2, "(&(CN=TemplateComputer)(objectclass=userTemplate))");
+ ret = samdb_copy_template(module->ldb, msg2, "(&(CN=TemplateComputer)(objectclass=userTemplate))");
if (ret) {
ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_user_or_computer_object: Error copying computer template!\n");
talloc_free(mem_ctx);
@@ -635,26 +506,29 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const
}
/* readd user and then computer objectclasses */
- if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "user", "user")) {
+ ret = samdb_find_or_add_value(module->ldb, msg2, "objectclass", "user");
+ if (ret) {
talloc_free(mem_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
- if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "computer", "computer")) {
+ ret = samdb_find_or_add_value(module->ldb, msg2, "objectclass", "computer");
+ if (ret) {
talloc_free(mem_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
} else {
- ret = samldb_copy_template(module, msg2, "(&(CN=TemplateUser)(objectclass=userTemplate))");
+ ret = samdb_copy_template(module->ldb, msg2, "(&(CN=TemplateUser)(objectclass=userTemplate))");
if (ret) {
ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_user_or_computer_object: Error copying user template!\n");
talloc_free(mem_ctx);
return ret;
}
/* readd user objectclass */
- if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "user", "user")) {
+ ret = samdb_find_or_add_value(module->ldb, msg2, "objectclass", "user");
+ if (ret) {
talloc_free(mem_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
}
@@ -672,9 +546,10 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const
talloc_free(mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
- if ( ! samldb_find_or_add_attribute(module, msg2, "sAMAccountName", name)) {
+ ret = samdb_find_or_add_attribute(module->ldb, msg2, "sAMAccountName", name);
+ if (ret) {
talloc_free(mem_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
}
@@ -719,7 +594,7 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct ldb_module *module
return LDB_ERR_OPERATIONS_ERROR;
}
- ret = samldb_copy_template(module, msg2, "(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))");
+ ret = samdb_copy_template(module->ldb, msg2, "(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))");
if (ret != 0) {
ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_foreignSecurityPrincipal_object: Error copying template!\n");
talloc_free(mem_ctx);
@@ -815,8 +690,8 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
}
/* is user or computer? */
- if ((samldb_find_attribute(msg, "objectclass", "user") != NULL) ||
- (samldb_find_attribute(msg, "objectclass", "computer") != NULL)) {
+ if ((samdb_find_attribute(module->ldb, msg, "objectclass", "user") != NULL) ||
+ (samdb_find_attribute(module->ldb, msg, "objectclass", "computer") != NULL)) {
/* add all relevant missing objects */
ret = samldb_fill_user_or_computer_object(module, msg, &msg2);
if (ret) {
@@ -826,7 +701,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
/* is group? add all relevant missing objects */
if ( ! msg2 ) {
- if (samldb_find_attribute(msg, "objectclass", "group") != NULL) {
+ if (samdb_find_attribute(module->ldb, msg, "objectclass", "group") != NULL) {
ret = samldb_fill_group_object(module, msg, &msg2);
if (ret) {
return ret;
@@ -836,7 +711,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
/* perhaps a foreignSecurityPrincipal? */
if ( ! msg2 ) {
- if (samldb_find_attribute(msg, "objectclass", "foreignSecurityPrincipal") != NULL) {
+ if (samdb_find_attribute(module->ldb, msg, "objectclass", "foreignSecurityPrincipal") != NULL) {
ret = samldb_fill_foreignSecurityPrincipal_object(module, msg, &msg2);
if (ret) {
return ret;