summaryrefslogtreecommitdiff
path: root/source4/lib/ldb
diff options
context:
space:
mode:
Diffstat (limited to 'source4/lib/ldb')
-rw-r--r--source4/lib/ldb/common/attrib_handlers.c27
-rw-r--r--source4/lib/ldb/common/ldb_attributes.c4
-rw-r--r--source4/lib/ldb/common/ldb_dn.c23
-rw-r--r--source4/lib/ldb/common/ldb_msg.c6
-rw-r--r--source4/lib/ldb/common/ldb_utf8.c12
-rw-r--r--source4/lib/ldb/include/ldb.h9
-rw-r--r--source4/lib/ldb/include/ldb_private.h9
-rw-r--r--source4/lib/ldb/ldb_tdb/ldb_index.c2
-rw-r--r--source4/lib/ldb/modules/operational.c6
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap.py14
-rw-r--r--source4/lib/ldb/tools/ldbtest.c2
11 files changed, 61 insertions, 53 deletions
diff --git a/source4/lib/ldb/common/attrib_handlers.c b/source4/lib/ldb/common/attrib_handlers.c
index 8ed2763d4d..fb57e2dadc 100644
--- a/source4/lib/ldb/common/attrib_handlers.c
+++ b/source4/lib/ldb/common/attrib_handlers.c
@@ -55,11 +55,12 @@ int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
{
char *s, *t;
int l;
+
if (!in || !out || !(in->data)) {
return -1;
}
- out->data = (uint8_t *)ldb_casefold(ldb, mem_ctx, (const char *)(in->data));
+ out->data = (uint8_t *)ldb_casefold(ldb, mem_ctx, (const char *)(in->data), in->length);
if (out->data == NULL) {
ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_handler_fold: unable to casefold string [%s]", in->data);
return -1;
@@ -153,13 +154,14 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *v1, const struct ldb_val *v2)
{
const char *s1=(const char *)v1->data, *s2=(const char *)v2->data;
+ size_t n1 = v1->length, n2 = v2->length;
const char *u1, *u2;
char *b1, *b2;
int ret;
- while (*s1 == ' ') s1++;
- while (*s2 == ' ') s2++;
+ while (*s1 == ' ' && n1) { s1++; n1--; };
+ while (*s2 == ' ' && n2) { s2++; n2--; };
/* TODO: make utf8 safe, possibly with helper function from application */
- while (*s1 && *s2) {
+ while (*s1 && *s2 && n1 && n2) {
/* the first 127 (0x7F) chars are ascii and utf8 guarantes they
* never appear in multibyte sequences */
if (((unsigned char)s1[0]) & 0x80) goto utf8str;
@@ -167,10 +169,11 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
if (toupper((unsigned char)*s1) != toupper((unsigned char)*s2))
break;
if (*s1 == ' ') {
- while (s1[0] == s1[1]) s1++;
- while (s2[0] == s2[1]) s2++;
+ while (s1[0] == s1[1] && n1) { s1++; n1--; }
+ while (s2[0] == s2[1] && n2) { s2++; n2--; }
}
s1++; s2++;
+ n1--; n2--;
}
if (! (*s1 && *s2)) {
/* check for trailing spaces only if one of the pointers
@@ -178,15 +181,18 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
* can mistakenly match.
* ex. "domain users" <-> "domainUpdates"
*/
- while (*s1 == ' ') s1++;
- while (*s2 == ' ') s2++;
+ while (*s1 == ' ') { s1++; n1--; }
+ while (*s2 == ' ') { s2++; n2--; }
+ }
+ if (n1 != n2) {
+ return n1 - n2;
}
return (int)(toupper(*s1)) - (int)(toupper(*s2));
utf8str:
/* no need to recheck from the start, just from the first utf8 char found */
- b1 = ldb_casefold(ldb, mem_ctx, s1);
- b2 = ldb_casefold(ldb, mem_ctx, s2);
+ b1 = ldb_casefold(ldb, mem_ctx, s1, n1);
+ b2 = ldb_casefold(ldb, mem_ctx, s2, n2);
if (b1 && b2) {
/* Both strings converted correctly */
@@ -221,6 +227,7 @@ utf8str:
return ret;
}
+
/*
canonicalise a attribute in DN format
*/
diff --git a/source4/lib/ldb/common/ldb_attributes.c b/source4/lib/ldb/common/ldb_attributes.c
index 3b9d01682c..747f241781 100644
--- a/source4/lib/ldb/common/ldb_attributes.c
+++ b/source4/lib/ldb/common/ldb_attributes.c
@@ -51,6 +51,10 @@ int ldb_schema_attribute_add_with_syntax(struct ldb_context *ldb,
int i, n;
struct ldb_schema_attribute *a;
+ if (!syntax) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
n = ldb->schema.num_attributes + 1;
a = talloc_realloc(ldb, ldb->schema.attributes,
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c
index 08911344b7..c0d36cfbf3 100644
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -71,7 +71,7 @@ struct ldb_dn {
};
/* strdn may be NULL */
-struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *strdn)
+struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn)
{
struct ldb_dn *dn;
@@ -82,27 +82,27 @@ struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *st
dn->ldb = ldb;
- if (strdn) {
- if (strdn[0] == '@') {
+ if (strdn->data && strdn->length) {
+ if (strdn->data[0] == '@') {
dn->special = true;
}
- if (strncasecmp(strdn, "<GUID=", 6) == 0) {
+ if (strdn->length >= 6 && strncasecmp((const char *)strdn->data, "<GUID=", 6) == 0) {
/* this is special DN returned when the
* exploded_dn control is used */
dn->special = true;
/* FIXME: add a GUID string to ldb_dn structure */
- } else if (strncasecmp(strdn, "<SID=", 8) == 0) {
+ } else if (strdn->length >= 8 && strncasecmp((const char *)strdn->data, "<SID=", 8) == 0) {
/* this is special DN returned when the
* exploded_dn control is used */
dn->special = true;
/* FIXME: add a SID string to ldb_dn structure */
- } else if (strncasecmp(strdn, "<WKGUID=", 8) == 0) {
+ } else if (strdn->length >= 8 && strncasecmp((const char *)strdn->data, "<WKGUID=", 8) == 0) {
/* this is special DN returned when the
* exploded_dn control is used */
dn->special = true;
/* FIXME: add a WKGUID string to ldb_dn structure */
}
- dn->linearized = talloc_strdup(dn, strdn);
+ dn->linearized = talloc_strndup(dn, (const char *)strdn->data, strdn->length);
} else {
dn->linearized = talloc_strdup(dn, "");
}
@@ -115,6 +115,15 @@ failed:
return NULL;
}
+/* strdn may be NULL */
+struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *strdn)
+{
+ struct ldb_val blob;
+ blob.data = strdn;
+ blob.length = strdn ? strlen(strdn) : 0;
+ return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
+}
+
struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...)
{
struct ldb_dn *dn;
diff --git a/source4/lib/ldb/common/ldb_msg.c b/source4/lib/ldb/common/ldb_msg.c
index c1ea9db56b..2f5fe1d18c 100644
--- a/source4/lib/ldb/common/ldb_msg.c
+++ b/source4/lib/ldb/common/ldb_msg.c
@@ -389,10 +389,10 @@ int ldb_msg_find_attr_as_bool(const struct ldb_message *msg,
if (!v || !v->data) {
return default_value;
}
- if (strcasecmp((const char *)v->data, "FALSE") == 0) {
+ if (v->length == 5 && strncasecmp((const char *)v->data, "FALSE", 5) == 0) {
return 0;
}
- if (strcasecmp((const char *)v->data, "TRUE") == 0) {
+ if (v->length == 4 && strncasecmp((const char *)v->data, "TRUE", 4) == 0) {
return 1;
}
return default_value;
@@ -421,7 +421,7 @@ struct ldb_dn *ldb_msg_find_attr_as_dn(struct ldb_context *ldb,
if (!v || !v->data) {
return NULL;
}
- res_dn = ldb_dn_new(mem_ctx, ldb, (const char *)v->data);
+ res_dn = ldb_dn_from_ldb_val(mem_ctx, ldb, v);
if ( ! ldb_dn_validate(res_dn)) {
talloc_free(res_dn);
return NULL;
diff --git a/source4/lib/ldb/common/ldb_utf8.c b/source4/lib/ldb/common/ldb_utf8.c
index b7b4a60122..69ee2b6964 100644
--- a/source4/lib/ldb/common/ldb_utf8.c
+++ b/source4/lib/ldb/common/ldb_utf8.c
@@ -40,8 +40,8 @@
function to handle utf8 caseless comparisons
*/
void ldb_set_utf8_fns(struct ldb_context *ldb,
- void *context,
- char *(*casefold)(void *, void *, const char *))
+ void *context,
+ char *(*casefold)(void *, void *, const char *, size_t))
{
if (context)
ldb->utf8_fns.context = context;
@@ -53,10 +53,10 @@ void ldb_set_utf8_fns(struct ldb_context *ldb,
a simple case folding function
NOTE: does not handle UTF8
*/
-char *ldb_casefold_default(void *context, void *mem_ctx, const char *s)
+char *ldb_casefold_default(void *context, void *mem_ctx, const char *s, size_t n)
{
int i;
- char *ret = talloc_strdup(mem_ctx, s);
+ char *ret = talloc_strndup(mem_ctx, s, n);
if (!s) {
errno = ENOMEM;
return NULL;
@@ -72,9 +72,9 @@ void ldb_set_utf8_default(struct ldb_context *ldb)
ldb_set_utf8_fns(ldb, NULL, ldb_casefold_default);
}
-char *ldb_casefold(struct ldb_context *ldb, void *mem_ctx, const char *s)
+char *ldb_casefold(struct ldb_context *ldb, void *mem_ctx, const char *s, size_t n)
{
- return ldb->utf8_fns.casefold(ldb->utf8_fns.context, mem_ctx, s);
+ return ldb->utf8_fns.casefold(ldb->utf8_fns.context, mem_ctx, s, n);
}
/*
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 7ce6103422..937029f52c 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -203,7 +203,7 @@ struct ldb_debug_ops {
*/
struct ldb_utf8_fns {
void *context;
- char *(*casefold)(void *context, TALLOC_CTX *mem_ctx, const char *s);
+ char *(*casefold)(void *context, TALLOC_CTX *mem_ctx, const char *s, size_t n);
};
/**
@@ -1216,7 +1216,7 @@ void ldb_set_utf8_default(struct ldb_context *ldb);
\note The default function is not yet UTF8 aware. Provide your own
set of functions through ldb_set_utf8_fns()
*/
-char *ldb_casefold(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *s);
+char *ldb_casefold(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *s, size_t n);
/**
Check the attribute name is valid according to rfc2251
@@ -1381,6 +1381,7 @@ int ldb_base64_decode(char *s);
struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *dn);
struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...) PRINTF_ATTRIBUTE(3,4);
+struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn);
bool ldb_dn_validate(struct ldb_dn *dn);
char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value);
@@ -1602,8 +1603,8 @@ int ldb_set_debug(struct ldb_context *ldb,
this allows the user to set custom utf8 function for error reporting
*/
void ldb_set_utf8_fns(struct ldb_context *ldb,
- void *context,
- char *(*casefold)(void *, void *, const char *));
+ void *context,
+ char *(*casefold)(void *, void *, const char *, size_t n));
/**
this sets up debug to print messages on stderr
diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h
index d7c2efe8a1..e1026ab781 100644
--- a/source4/lib/ldb/include/ldb_private.h
+++ b/source4/lib/ldb/include/ldb_private.h
@@ -91,13 +91,6 @@ struct ldb_schema {
/* attribute handling table */
unsigned num_attributes;
struct ldb_schema_attribute *attributes;
-
- /* objectclass information */
- unsigned num_classes;
- struct ldb_subclass {
- char *name;
- char **subclasses;
- } *classes;
};
/*
@@ -242,7 +235,7 @@ int save_controls(struct ldb_control *exclude, struct ldb_request *req, struct l
int check_critical_controls(struct ldb_control **controls);
/* The following definitions come from lib/ldb/common/ldb_utf8.c */
-char *ldb_casefold_default(void *context, void *mem_ctx, const char *s);
+char *ldb_casefold_default(void *context, void *mem_ctx, const char *s, size_t n);
void ldb_msg_remove_element(struct ldb_message *msg, struct ldb_message_element *el);
diff --git a/source4/lib/ldb/ldb_tdb/ldb_index.c b/source4/lib/ldb/ldb_tdb/ldb_index.c
index 1b6d9feed6..269305a468 100644
--- a/source4/lib/ldb/ldb_tdb/ldb_index.c
+++ b/source4/lib/ldb/ldb_tdb/ldb_index.c
@@ -767,7 +767,7 @@ int ltdb_search_indexed(struct ldb_handle *handle)
if ((ac->scope == LDB_SCOPE_ONELEVEL && (idxattr+idxone == 0)) ||
(ac->scope == LDB_SCOPE_SUBTREE && idxattr == 0)) {
- /* no indexs? must do full search */
+ /* no indexes? must do full search */
return LDB_ERR_OPERATIONS_ERROR;
}
diff --git a/source4/lib/ldb/modules/operational.c b/source4/lib/ldb/modules/operational.c
index 7dc4ae08c3..a59e81becd 100644
--- a/source4/lib/ldb/modules/operational.c
+++ b/source4/lib/ldb/modules/operational.c
@@ -291,12 +291,6 @@ static int operational_init(struct ldb_module *ctx)
{
int ret = 0;
- /* setup some standard attribute handlers */
- ret |= ldb_schema_attribute_add(ctx->ldb, "whenCreated", 0, LDB_SYNTAX_UTC_TIME);
- ret |= ldb_schema_attribute_add(ctx->ldb, "whenChanged", 0, LDB_SYNTAX_UTC_TIME);
- ret |= ldb_schema_attribute_add(ctx->ldb, "subschemaSubentry", 0, LDB_SYNTAX_DN);
- ret |= ldb_schema_attribute_add(ctx->ldb, "structuralObjectClass", 0, LDB_SYNTAX_OBJECTCLASS);
-
if (ret != 0) {
return ret;
}
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 13d4adf6d4..11a824a549 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -331,15 +331,15 @@ servicePrincipalName: host/ldaptest2computer29
print "Testing Ambigious Name Resolution"
# Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
- self.assertEquals(len(res), 3, "Could not find (&(anr=ldap testy)(objectClass=user))")
+ self.assertEquals(len(res), 3, "Found only %d of 3 for (&(anr=ldap testy)(objectClass=user))" % len(res))
# Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
- self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
+ self.assertEquals(len(res), 2, "Found only %d of 2 for (&(anr=testy ldap)(objectClass=user))" % len(res))
# Testing ldb.search for (&(anr=ldap)(objectClass=user))
res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
- self.assertEquals(len(res), 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
+ self.assertEquals(len(res), 4, "Found only %d of 4 for (&(anr=ldap)(objectClass=user))" % len(res))
# Testing ldb.search for (&(anr==ldap)(objectClass=user))
res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
@@ -353,13 +353,13 @@ servicePrincipalName: host/ldaptest2computer29
res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
- # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
+ # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
- self.assertEquals(len(res), 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res))
+ self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
- # Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
+ # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
- self.assertEquals(len(res), 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res))
+ self.assertEquals(len(res), 1, "Found only %d for (&(anr==testy ldap)(objectClass=user))" % len(res))
self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
self.assertEquals(res[0]["cn"][0], "ldaptestuser")
diff --git a/source4/lib/ldb/tools/ldbtest.c b/source4/lib/ldb/tools/ldbtest.c
index 6d141478ad..169ff02da1 100644
--- a/source4/lib/ldb/tools/ldbtest.c
+++ b/source4/lib/ldb/tools/ldbtest.c
@@ -93,7 +93,7 @@ static void add_records(struct ldb_context *ldb,
el[2].name = talloc_strdup(tmp_ctx, "uid");
el[2].num_values = 1;
el[2].values = vals[2];
- vals[2][0].data = (uint8_t *)ldb_casefold(ldb, tmp_ctx, name);
+ vals[2][0].data = (uint8_t *)ldb_casefold(ldb, tmp_ctx, name, strlen(name));
vals[2][0].length = strlen((char *)vals[2][0].data);
el[3].flags = 0;