diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 42 | ||||
-rw-r--r-- | source4/lib/ldb/samba/ldif_handlers.c | 154 |
2 files changed, 165 insertions, 31 deletions
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index e2426738da..f51d3c6102 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -350,17 +350,22 @@ struct dom_sid *samdb_result_dom_sid(TALLOC_CTX *mem_ctx, struct ldb_message *ms */ struct GUID samdb_result_guid(struct ldb_message *msg, const char *attr) { + const struct ldb_val *v; NTSTATUS status; struct GUID guid; - const char *guidstr = ldb_msg_find_string(msg, attr, NULL); + TALLOC_CTX *mem_ctx; ZERO_STRUCT(guid); - if (!guidstr) return guid; + v = ldb_msg_find_ldb_val(msg, attr); + if (!v) return guid; - status = GUID_from_string(guidstr, &guid); + mem_ctx = talloc_named_const(NULL, 0, "samdb_result_guid"); + if (!mem_ctx) return guid; + status = ndr_pull_struct_blob(v, mem_ctx, &guid, + (ndr_pull_flags_fn_t)ndr_pull_GUID); + talloc_free(mem_ctx); if (!NT_STATUS_IS_OK(status)) { - ZERO_STRUCT(guid); return guid; } @@ -685,17 +690,17 @@ static NTSTATUS _samdb_allocate_next_id(struct ldb_context *sam_ldb, TALLOC_CTX els[1].flags = LDB_FLAG_MOD_ADD; els[1].name = els[0].name; - vals[0].data = talloc_asprintf(mem_ctx, "%u", *id); + vals[0].data = (uint8_t *)talloc_asprintf(mem_ctx, "%u", *id); if (!vals[0].data) { return NT_STATUS_NO_MEMORY; } - vals[0].length = strlen(vals[0].data); + vals[0].length = strlen((const char *)vals[0].data); - vals[1].data = talloc_asprintf(mem_ctx, "%u", (*id)+1); + vals[1].data = (uint8_t *)talloc_asprintf(mem_ctx, "%u", (*id)+1); if (!vals[1].data) { return NT_STATUS_NO_MEMORY; } - vals[1].length = strlen(vals[1].data); + vals[1].length = strlen((const char *)vals[1].data); ret = ldb_modify(sam_ldb, &msg); if (ret != 0) { @@ -764,6 +769,7 @@ int samdb_msg_add_dom_sid(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, stru return ldb_msg_add_value(sam_ldb, msg, attr_name, &v); } + /* add a delete element operation to a message */ @@ -971,18 +977,20 @@ int samdb_msg_set_ldaptime(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, str */ int samdb_add(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg) { - struct GUID guid; - const char *guidstr; - time_t now = time(NULL); - /* a new GUID */ - guid = GUID_random(); - guidstr = GUID_string(mem_ctx, &guid); - if (!guidstr) { + int ret; + struct ldb_val v; + NTSTATUS status; + struct GUID guid = GUID_random(); + + status = ndr_push_struct_blob(&v, mem_ctx, &guid, + (ndr_push_flags_fn_t)ndr_push_GUID); + if (!NT_STATUS_IS_OK(status)) { return -1; } - samdb_msg_add_string(sam_ldb, mem_ctx, msg, "objectGUID", guidstr); - samdb_msg_set_ldaptime(sam_ldb, mem_ctx, msg, "whenCreated", now); + ret = ldb_msg_add_value(sam_ldb, msg, "objectGUID", &v); + if (ret != 0) return ret; + return ldb_add(sam_ldb, msg); } diff --git a/source4/lib/ldb/samba/ldif_handlers.c b/source4/lib/ldb/samba/ldif_handlers.c index a6095cddbc..cd97fb08b0 100644 --- a/source4/lib/ldb/samba/ldif_handlers.c +++ b/source4/lib/ldb/samba/ldif_handlers.c @@ -35,7 +35,7 @@ static int ldif_read_objectSid(struct ldb_context *ldb, void *mem_ctx, { struct dom_sid *sid; NTSTATUS status; - sid = dom_sid_parse_talloc(mem_ctx, in->data); + sid = dom_sid_parse_talloc(mem_ctx, (const char *)in->data); if (sid == NULL) { return -1; } @@ -75,25 +75,34 @@ static int ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx, return 0; } +static BOOL ldb_comparision_objectSid_isString(const struct ldb_val *v) +{ + /* see if the input if null-terninated */ + if (v->data[v->length] != '\0') return False; + + if (strncmp("S-", v->data, 2) != 0) return False; + return True; +} + /* compare two objectSids */ static int ldb_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *v1, const struct ldb_val *v2) { - if (strncmp(v1->data, "S-", 2) == 0 && - strncmp(v2->data, "S-", 2) == 0) { - return strcmp(v1->data, v2->data); - } - if (strncmp(v1->data, "S-", 2) == 0) { - struct ldb_val v; - int ret; - if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) { - return -1; + if (ldb_comparision_objectSid_isString(v1)) { + if (ldb_comparision_objectSid_isString(v1)) { + return strcmp(v1->data, v2->data); + } else { + struct ldb_val v; + int ret; + if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) { + return -1; + } + ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2); + talloc_free(v.data); + return ret; } - ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2); - talloc_free(v.data); - return ret; } return ldb_comparison_binary(ldb, mem_ctx, v1, v2); } @@ -104,12 +113,105 @@ static int ldb_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx, static int ldb_canonicalise_objectSid(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out) { - if (strncmp(in->data, "S-", 2) == 0) { + if (ldb_comparision_objectSid_isString(in)) { return ldif_read_objectSid(ldb, mem_ctx, in, out); } return ldb_handler_copy(ldb, mem_ctx, in, out); } +/* + convert a ldif formatted objectGUID to a NDR formatted blob +*/ +static int ldif_read_objectGUID(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + struct GUID guid; + NTSTATUS status; + + status = GUID_from_string(in->data, &guid); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + + status = ndr_push_struct_blob(out, mem_ctx, &guid, + (ndr_push_flags_fn_t)ndr_push_GUID); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + return 0; +} + +/* + convert a NDR formatted blob to a ldif formatted objectGUID +*/ +static int ldif_write_objectGUID(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + struct GUID guid; + NTSTATUS status; + status = ndr_pull_struct_blob(in, mem_ctx, &guid, + (ndr_pull_flags_fn_t)ndr_pull_GUID); + if (!NT_STATUS_IS_OK(status)) { + return -1; + } + out->data = GUID_string(mem_ctx, &guid); + if (out->data == NULL) { + return -1; + } + out->length = strlen(out->data); + return 0; +} + +static BOOL ldb_comparision_objectGUID_isString(const struct ldb_val *v) +{ + struct GUID guid; + NTSTATUS status; + + /* see if the input if null-terninated */ + if (v->data[v->length] != '\0') return False; + + status = GUID_from_string(v->data, &guid); + if (!NT_STATUS_IS_OK(status)) { + return False; + } + + return True; +} + +/* + compare two objectGUIDs +*/ +static int ldb_comparison_objectGUID(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *v1, const struct ldb_val *v2) +{ + if (ldb_comparision_objectGUID_isString(v1)) { + if (ldb_comparision_objectGUID_isString(v2)) { + return strcmp(v1->data, v2->data); + } else { + struct ldb_val v; + int ret; + if (ldif_read_objectGUID(ldb, mem_ctx, v1, &v) != 0) { + return -1; + } + ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2); + talloc_free(v.data); + return ret; + } + } + return ldb_comparison_binary(ldb, mem_ctx, v1, v2); +} + +/* + canonicalise a objectGUID +*/ +static int ldb_canonicalise_objectGUID(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + if (ldb_comparision_objectGUID_isString(in)) { + return ldif_read_objectGUID(ldb, mem_ctx, in, out); + } + return ldb_handler_copy(ldb, mem_ctx, in, out); +} static const struct ldb_attrib_handler samba_handlers[] = { { @@ -119,6 +221,30 @@ static const struct ldb_attrib_handler samba_handlers[] = { .ldif_write_fn = ldif_write_objectSid, .canonicalise_fn = ldb_canonicalise_objectSid, .comparison_fn = ldb_comparison_objectSid + }, + { + .attr = "securityIdentifier", + .flags = 0, + .ldif_read_fn = ldif_read_objectSid, + .ldif_write_fn = ldif_write_objectSid, + .canonicalise_fn = ldb_canonicalise_objectSid, + .comparison_fn = ldb_comparison_objectSid + }, + { + .attr = "objectGUID", + .flags = 0, + .ldif_read_fn = ldif_read_objectGUID, + .ldif_write_fn = ldif_write_objectGUID, + .canonicalise_fn = ldb_canonicalise_objectGUID, + .comparison_fn = ldb_comparison_objectGUID + }, + { + .attr = "invocationId", + .flags = 0, + .ldif_read_fn = ldif_read_objectGUID, + .ldif_write_fn = ldif_write_objectGUID, + .canonicalise_fn = ldb_canonicalise_objectGUID, + .comparison_fn = ldb_comparison_objectGUID } }; |