diff options
Diffstat (limited to 'source4')
22 files changed, 288 insertions, 2716 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk index 20f6e182e5..3790d731d9 100644 --- a/source4/dsdb/samdb/ldb_modules/config.mk +++ b/source4/dsdb/samdb/ldb_modules/config.mk @@ -33,16 +33,16 @@ OBJ_FILES = \ # End MODULE ldb_samldb ################################################ -################################################ -# Start MODULE ldb_proxy -[MODULE::ldb_proxy] -SUBSYSTEM = ldb -INIT_FUNCTION = proxy_module_init -OBJ_FILES = \ - proxy.o -# -# End MODULE ldb_proxy -################################################ +# ################################################ +# # Start MODULE ldb_proxy +# [MODULE::ldb_proxy] +# SUBSYSTEM = ldb +# INIT_FUNCTION = proxy_module_init +# OBJ_FILES = \ +# proxy.o +# +# # End MODULE ldb_proxy +# ################################################ ################################################ diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn.c b/source4/dsdb/samdb/ldb_modules/extended_dn.c index 8ca82b2670..1f2d406a28 100644 --- a/source4/dsdb/samdb/ldb_modules/extended_dn.c +++ b/source4/dsdb/samdb/ldb_modules/extended_dn.c @@ -167,90 +167,6 @@ static BOOL inject_extended_dn(struct ldb_message *msg, } /* search */ -static int extended_search(struct ldb_module *module, struct ldb_control *control, struct ldb_request *req) -{ - struct ldb_result *extended_result; - struct ldb_control **saved_controls; - struct ldb_extended_dn_control *extended_ctrl; - int i, ret; - const char * const *saved_attrs = NULL; - char **new_attrs; - BOOL remove_guid = False; - BOOL remove_sid = False; - - extended_ctrl = talloc_get_type(control->data, struct ldb_extended_dn_control); - if (!extended_ctrl) { - return LDB_ERR_PROTOCOL_ERROR; - } - - /* save it locally and remove it from the list */ - if (!save_controls(control, req, &saved_controls)) { - return LDB_ERR_OPERATIONS_ERROR; - } - - /* check if attrs only is specified, in that case check wether we need to modify them */ - if (req->op.search.attrs) { - if (! is_attr_in_list(req->op.search.attrs, "objectGUID")) { - remove_guid = True; - } - if (! is_attr_in_list(req->op.search.attrs, "objectSID")) { - remove_sid = True; - } - if (remove_guid || remove_sid) { - new_attrs = copy_attrs(req, req->op.search.attrs); - if (!new_attrs) - return LDB_ERR_OPERATIONS_ERROR; - - saved_attrs = req->op.search.attrs; - - if (remove_guid) { - if (!add_attrs(req, &new_attrs, "objectGUID")) - return LDB_ERR_OPERATIONS_ERROR; - } - if (remove_sid) { - if (!add_attrs(req, &new_attrs, "objectSID")) - return LDB_ERR_OPERATIONS_ERROR; - } - - req->op.search.attrs = (const char * const *)new_attrs; - } - } - - ret = ldb_next_request(module, req); - - /* put request back into original shape */ - /* TODO: build a new req and don't touch the original one */ - - if (req->controls) talloc_free(req->controls); - req->controls = saved_controls; - - if (saved_attrs) { - talloc_free(new_attrs); - req->op.search.attrs = saved_attrs; - } - - if (ret != LDB_SUCCESS) { - return ret; - } - - extended_result = req->op.search.res; - - for (i = 0; i < extended_result->count; i++) { - /* TODO: the following funtion updates only dn and - * distinguishedName. We still need to address other - * DN entries like objectCategory - */ - if (!inject_extended_dn(extended_result->msgs[i], - extended_ctrl->type, - remove_guid, remove_sid)) { - return LDB_ERR_OPERATIONS_ERROR; - } - } - - return LDB_SUCCESS; -} - -/* search */ struct extended_async_context { struct ldb_module *module; @@ -387,28 +303,6 @@ static int extended_search_async(struct ldb_module *module, struct ldb_request * return ret; } -static int extended_request(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_control *control; - - /* check if there's an extended dn control */ - control = get_control_from_list(req->controls, LDB_CONTROL_EXTENDED_DN_OID); - if (control == NULL) { - /* not found go on */ - return ldb_next_request(module, req); - } - - switch (req->operation) { - - case LDB_REQ_SEARCH: - return extended_search(module, control, req); - - default: - return LDB_ERR_OPERATIONS_ERROR; - - } -} - static int extended_init(struct ldb_module *module) { struct ldb_request *req; @@ -437,7 +331,6 @@ static int extended_init(struct ldb_module *module) static const struct ldb_module_ops extended_dn_ops = { .name = "extended_dn", .search = extended_search_async, - .request = extended_request, .init_context = extended_init }; diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index 23d96ba2b7..4e09faf269 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -98,40 +98,6 @@ static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module) } /* search */ -static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) -{ - struct kludge_private_data *data = talloc_get_type(module->private_data, struct kludge_private_data); - struct ldb_message *msg; - enum user_is user_type; - int i, j, ret; - - /* go down the path and wait for reply to filter out stuff if needed */ - ret = ldb_next_request(module, req); - - /* We may not be fully initialised yet, or we might have just - * got an error */ - if (ret != LDB_SUCCESS || !data->password_attrs) { - return ret; - } - - user_type = what_is_user(module); - switch (user_type) { - case SYSTEM: - case ADMINISTRATOR: - return ret; - default: - /* For every message, remove password attributes */ - for (i=0; i < req->op.search.res->count; i++) { - msg = req->op.search.res->msgs[i]; - for (j=0; data->password_attrs[j]; j++) { - ldb_msg_remove_attr(msg, data->password_attrs[j]); - } - } - } - return ret; -} - -/* search */ struct kludge_acl_async_context { struct ldb_module *module; @@ -260,28 +226,6 @@ static int kludge_acl_del_trans(struct ldb_module *module) return ldb_next_del_trans(module); } -static int kludge_acl_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_ADD: - case LDB_REQ_MODIFY: - case LDB_REQ_DELETE: - case LDB_REQ_RENAME: - return kludge_acl_change(module, req); - - case LDB_REQ_SEARCH: - return kludge_acl_search(module, req); - - case LDB_REQ_REGISTER: - return ldb_next_request(module, req); - - default: - /* anything else must be something new, let's throw an error */ - return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS; - } -} - static int kludge_acl_init(struct ldb_module *module) { int ret, i; @@ -351,7 +295,6 @@ static const struct ldb_module_ops kludge_acl_ops = { .modify = kludge_acl_change, .del = kludge_acl_change, .rename = kludge_acl_change, - .request = kludge_acl_request, .start_transaction = kludge_acl_start_trans, .end_transaction = kludge_acl_end_trans, .del_transaction = kludge_acl_del_trans, diff --git a/source4/dsdb/samdb/ldb_modules/objectguid.c b/source4/dsdb/samdb/ldb_modules/objectguid.c index 5ac3260339..643f8c17fd 100644 --- a/source4/dsdb/samdb/ldb_modules/objectguid.c +++ b/source4/dsdb/samdb/ldb_modules/objectguid.c @@ -53,62 +53,6 @@ static struct ldb_message_element *objectguid_find_attribute(const struct ldb_me /* add_record: add objectGUID attribute */ static int objectguid_add(struct ldb_module *module, struct ldb_request *req) { - struct ldb_message *msg = req->op.add.message; - struct ldb_val v; - struct ldb_message *msg2; - struct ldb_message_element *attribute; - struct GUID guid; - NTSTATUS nt_status; - int ret, i; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectguid_add_record\n"); - - if (ldb_dn_is_special(msg->dn)) { /* do not manipulate our control entries */ - return ldb_next_request(module, req); - } - - if ((attribute = objectguid_find_attribute(msg, "objectGUID")) != NULL ) { - return ldb_next_request(module, req); - } - - msg2 = talloc(module, struct ldb_message); - if (!msg2) { - return -1; - } - - msg2->dn = msg->dn; - msg2->num_elements = msg->num_elements; - msg2->private_data = msg->private_data; - msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements); - for (i = 0; i < msg2->num_elements; i++) { - msg2->elements[i] = msg->elements[i]; - } - - /* a new GUID */ - guid = GUID_random(); - - nt_status = ndr_push_struct_blob(&v, msg2, &guid, - (ndr_push_flags_fn_t)ndr_push_GUID); - if (!NT_STATUS_IS_OK(nt_status)) { - return -1; - } - - ret = ldb_msg_add_value(msg2, "objectGUID", &v); - if (ret) { - return ret; - } - - req->op.add.message = msg2; - ret = ldb_next_request(module, req); - req->op.add.message = msg; - - talloc_free(msg2); - - return ret; -} - -static int objectguid_add_async(struct ldb_module *module, struct ldb_request *req) -{ struct ldb_request *down_req; struct ldb_message_element *attribute; struct ldb_message *msg; @@ -167,23 +111,9 @@ static int objectguid_add_async(struct ldb_module *module, struct ldb_request *r return ret; } -static int objectguid_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_ADD: - return objectguid_add(module, req); - - default: - return ldb_next_request(module, req); - - } -} - static const struct ldb_module_ops objectguid_ops = { .name = "objectguid", - .add = objectguid_add_async, - .request = objectguid_request + .add = objectguid_add, }; diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index bdf1bcc27a..16fe6b8f4d 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -65,678 +65,10 @@ * */ - -static int password_hash_handle(struct ldb_module *module, struct ldb_request *req, - const struct ldb_message *msg) -{ - int ret, old_ret = -1; - uint_t pwdProperties, pwdHistoryLength; - uint_t userAccountControl; - const char *dnsDomain, *realm; - const char *sambaPassword = NULL; - struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory; - struct samr_Password *lmPwdHash, *ntPwdHash; - struct samr_Password *lmOldHash = NULL, *ntOldHash = NULL; - struct samr_Password *new_sambaLMPwdHistory, *new_sambaNTPwdHistory; - struct samr_Password local_lmNewHash, local_ntNewHash; - int sambaLMPwdHistory_len, sambaNTPwdHistory_len; - uint_t kvno; - struct dom_sid *domain_sid; - time_t now = time(NULL); - NTTIME now_nt; - int i; - krb5_error_code krb5_ret; - - struct smb_krb5_context *smb_krb5_context; - - struct ldb_message_element *attribute; - struct ldb_dn *dn = msg->dn; - struct ldb_message *msg2; - - struct ldb_request *search_request = NULL; - struct ldb_request *modify_request; - struct ldb_request *modified_orig_request; - struct ldb_result *res, *dom_res, *old_res; - - struct ldb_message_element *objectclasses; - struct ldb_val computer_val; - struct ldb_val person_val; - BOOL is_computer; - - struct ldb_message *modify_msg; - - const char *domain_expression; - const char *old_user_attrs[] = { "lmPwdHash", "ntPwdHash", NULL }; - const char *user_attrs[] = { "userAccountControl", "sambaLMPwdHistory", - "sambaNTPwdHistory", - "ntPwdHash", - "objectSid", "msDS-KeyVersionNumber", - "objectClass", "userPrincipalName", - "samAccountName", - NULL }; - const char * const domain_attrs[] = { "pwdProperties", "pwdHistoryLength", - "dnsDomain", NULL }; - - TALLOC_CTX *mem_ctx; - - /* Do the original action */ - - mem_ctx = talloc_new(module); - if (!mem_ctx) { - return LDB_ERR_OPERATIONS_ERROR; - } - - if (req->operation == LDB_REQ_MODIFY) { - search_request = talloc(mem_ctx, struct ldb_request); - if (!search_request) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* Look up the old ntPwdHash and lmPwdHash values, so - * we can later place these into the password - * history */ - - search_request->operation = LDB_REQ_SEARCH; - search_request->op.search.base = dn; - search_request->op.search.scope = LDB_SCOPE_BASE; - search_request->op.search.tree = ldb_parse_tree(module->ldb, NULL); - search_request->op.search.attrs = old_user_attrs; - search_request->controls = NULL; - - old_ret = ldb_next_request(module, search_request); - } - - /* we can't change things untill we copy it */ - msg2 = ldb_msg_copy_shallow(mem_ctx, msg); - - /* look again, this time at the copied attribute */ - if (!msg2 || (attribute = ldb_msg_find_element(msg2, "sambaPassword")) == NULL ) { - talloc_free(mem_ctx); - /* Gah? where did it go? Oh well... */ - return LDB_ERR_OPERATIONS_ERROR; - } - - /* Wipe out the sambaPassword attribute set, we will handle it in - * the second modify. We might not want it written to disk */ - - if (req->operation == LDB_REQ_ADD) { - if (attribute->num_values > 1) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "sambaPassword_handle: " - "attempted set of multiple sambaPassword attributes on %s rejected", - ldb_dn_linearize(mem_ctx, dn))); - talloc_free(mem_ctx); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - if (attribute->num_values == 1) { - sambaPassword = (const char *)attribute->values[0].data; - ldb_msg_remove_attr(msg2, "sambaPassword"); - } - } else if (((attribute->flags & LDB_FLAG_MOD_MASK) == LDB_FLAG_MOD_ADD) - || ((attribute->flags & LDB_FLAG_MOD_MASK) == LDB_FLAG_MOD_REPLACE)) { - if (attribute->num_values > 1) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "sambaPassword_handle: " - "attempted set of multiple sambaPassword attributes on %s rejected", - ldb_dn_linearize(mem_ctx, dn))); - talloc_free(mem_ctx); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - if (attribute->num_values == 1) { - sambaPassword = (const char *)attribute->values[0].data; - ldb_msg_remove_attr(msg2, "sambaPassword"); - } - } - - modified_orig_request = talloc(mem_ctx, struct ldb_request); - if (!modified_orig_request) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - *modified_orig_request = *req; - switch (modified_orig_request->operation) { - case LDB_REQ_ADD: - modified_orig_request->op.add.message = msg2; - break; - case LDB_REQ_MODIFY: - modified_orig_request->op.mod.message = msg2; - break; - default: - return LDB_ERR_OPERATIONS_ERROR; - } - - /* Send the (modified) request of the original caller down to the database */ - ret = ldb_next_request(module, modified_orig_request); - if (ret) { - talloc_free(mem_ctx); - return ret; - } - - /* While we do the search first (for the old password hashes), - * we don't want to override any error that the modify may - * have returned. Now check the error */ - if (req->operation == LDB_REQ_MODIFY) { - if (old_ret) { - talloc_free(mem_ctx); - return old_ret; - } - - /* Find out the old passwords details of the user */ - old_res = search_request->op.search.res; - talloc_steal(mem_ctx, old_res); - talloc_free(search_request); - - if (old_res->count != 1) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "(pre) search for %s found %d != 1 objects, for entry we just modified", - ldb_dn_linearize(mem_ctx, dn), - old_res->count)); - /* What happend? The above add/modify worked... */ - talloc_free(mem_ctx); - return LDB_ERR_NO_SUCH_OBJECT; - } - - lmOldHash = samdb_result_hash(mem_ctx, old_res->msgs[0], "lmPwdHash"); - ntOldHash = samdb_result_hash(mem_ctx, old_res->msgs[0], "ntPwdHash"); - } - - /* Start finding out details we need for the second modify. - * We do this after the first add/modify because other modules - * will have filled in the templates, and we may have had - * things like the username (affecting the salt) changed along - * with the password. */ - - /* Now find out what is on the entry after the above add/modify */ - search_request = talloc(mem_ctx, struct ldb_request); - if (!search_request) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - search_request->operation = LDB_REQ_SEARCH; - search_request->op.search.base = dn; - search_request->op.search.scope = LDB_SCOPE_BASE; - search_request->op.search.tree = ldb_parse_tree(module->ldb, NULL); - search_request->op.search.attrs = user_attrs; - search_request->controls = NULL; - - ret = ldb_next_request(module, search_request); - if (ret) { - talloc_free(mem_ctx); - return ret; - } - - /* Find out the full details of the user */ - res = search_request->op.search.res; - talloc_steal(mem_ctx, res); - talloc_free(search_request); - - if (res->count != 1) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "search for %s found %d != 1 objects, for entry we just added/modified", - ldb_dn_linearize(mem_ctx, dn), - res->count)); - /* What happend? The above add/modify worked... */ - talloc_free(mem_ctx); - return LDB_ERR_NO_SUCH_OBJECT; - } - - userAccountControl = samdb_result_uint(res->msgs[0], "userAccountControl", 0); - sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], - "sambaLMPwdHistory", &sambaLMPwdHistory); - sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], - "sambaNTPwdHistory", &sambaNTPwdHistory); - ntPwdHash = samdb_result_hash(mem_ctx, res->msgs[0], "ntPwdHash"); - kvno = samdb_result_uint(res->msgs[0], "msDS-KeyVersionNumber", 0); - - domain_sid = samdb_result_sid_prefix(mem_ctx, res->msgs[0], "objectSid"); - - - objectclasses = ldb_msg_find_element(res->msgs[0], "objectClass"); - person_val = data_blob_string_const("person"); - - if (!objectclasses || !ldb_msg_find_val(objectclasses, &person_val)) { - /* Not a 'person', so the rest of this doesn't make - * sense. How we got a sambaPassword this far I don't - * know... */ - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "attempted set of sambaPassword on non-'person' object %s rejected", - ldb_dn_linearize(mem_ctx, dn))); - talloc_free(mem_ctx); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - computer_val = data_blob_string_const("computer"); - - if (ldb_msg_find_val(objectclasses, &computer_val)) { - is_computer = True; - } else { - is_computer = False; - } - - domain_expression = talloc_asprintf(mem_ctx, "(&(objectSid=%s)(objectClass=domain))", - ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)); - - /* Find the user's domain, then find out the domain password - * properties */ - ret = ldb_search(module->ldb, NULL, LDB_SCOPE_SUBTREE, domain_expression, - domain_attrs, &dom_res); - if (ret) { - talloc_free(mem_ctx); - return ret; - } - - if (dom_res->count != 1) { - /* What happend? The user we are modifying must be odd... */ - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "search for domain %s found %d != 1 objects", - dom_sid_string(mem_ctx, domain_sid), - dom_res->count)); - talloc_free(mem_ctx); - return LDB_ERR_NO_SUCH_OBJECT; - } - - pwdProperties = samdb_result_uint(dom_res->msgs[0], "pwdProperties", 0); - pwdHistoryLength = samdb_result_uint(dom_res->msgs[0], "pwdHistoryLength", 0); - dnsDomain = ldb_msg_find_string(dom_res->msgs[0], "dnsDomain", NULL); - realm = strupper_talloc(mem_ctx, dnsDomain); - - /* Some operations below require kerberos contexts */ - if (smb_krb5_init_context(mem_ctx, &smb_krb5_context) != 0) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* Prepare the modifications to set all the hash/key types */ - modify_msg = ldb_msg_new(req); - modify_msg->dn = talloc_reference(modify_msg, dn); - -#define CHECK_RET(x) \ - do { \ - int check_ret = x; \ - if (check_ret != LDB_SUCCESS) { \ - talloc_free(mem_ctx); \ - return check_ret; \ - } \ - } while(0) - - /* Setup krb5Key (we want to either delete an existing value, - * or replace with a new one). Both the unicode and NT hash - * only branches append keys to this multivalued entry. */ - CHECK_RET(ldb_msg_add_empty(modify_msg, "krb5Key", LDB_FLAG_MOD_REPLACE)); - - /* Yay, we can compute new password hashes from the unicode - * password */ - if (sambaPassword) { - Principal *salt_principal; - const char *user_principal_name = ldb_msg_find_string(res->msgs[0], "userPrincipalName", NULL); - - Key *keys; - size_t num_keys; - - /* compute the new nt and lm hashes */ - if (E_deshash(sambaPassword, local_lmNewHash.hash)) { - lmPwdHash = &local_lmNewHash; - } else { - lmPwdHash = NULL; - } - E_md4hash(sambaPassword, local_ntNewHash.hash); - ntPwdHash = &local_ntNewHash; - CHECK_RET(ldb_msg_add_empty(modify_msg, "ntPwdHash", - LDB_FLAG_MOD_REPLACE)); - CHECK_RET(samdb_msg_add_hash(module->ldb, req, - modify_msg, "ntPwdHash", - ntPwdHash)); - CHECK_RET(ldb_msg_add_empty(modify_msg, "lmPwdHash", - LDB_FLAG_MOD_REPLACE)); - if (lmPwdHash) { - CHECK_RET(samdb_msg_add_hash(module->ldb, req, - modify_msg, "lmPwdHash", - lmPwdHash)); - } - - /* Many, many thanks to lukeh@padl.com for this - * algorithm, described in his Nov 10 2004 mail to - * samba-technical@samba.org */ - - if (is_computer) { - /* Determine a salting principal */ - char *samAccountName = talloc_strdup(mem_ctx, ldb_msg_find_string(res->msgs[0], "samAccountName", NULL)); - char *saltbody; - if (!samAccountName) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "generation of new kerberos keys failed: %s is a computer without a samAccountName", - ldb_dn_linearize(mem_ctx, dn))); - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - if (samAccountName[strlen(samAccountName)-1] == '$') { - samAccountName[strlen(samAccountName)-1] = '\0'; - } - saltbody = talloc_asprintf(mem_ctx, "%s.%s", samAccountName, dnsDomain); - - krb5_ret = krb5_make_principal(smb_krb5_context->krb5_context, &salt_principal, realm, "host", saltbody, NULL); - } else if (user_principal_name) { - char *p; - user_principal_name = talloc_strdup(mem_ctx, user_principal_name); - if (!user_principal_name) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } else { - p = strchr(user_principal_name, '@'); - if (p) { - p[0] = '\0'; - } - krb5_ret = krb5_make_principal(smb_krb5_context->krb5_context, &salt_principal, realm, user_principal_name, NULL); - } - } else { - const char *samAccountName = ldb_msg_find_string(res->msgs[0], "samAccountName", NULL); - if (!samAccountName) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "generation of new kerberos keys failed: %s has no samAccountName", - ldb_dn_linearize(mem_ctx, dn))); - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - krb5_ret = krb5_make_principal(smb_krb5_context->krb5_context, &salt_principal, realm, samAccountName, NULL); - } - - - if (krb5_ret) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "generation of a saltking principal failed: %s", - smb_get_krb5_error_message(smb_krb5_context->krb5_context, - krb5_ret, mem_ctx))); - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* TODO: We may wish to control the encryption types chosen in future */ - krb5_ret = hdb_generate_key_set_password(smb_krb5_context->krb5_context, - salt_principal, sambaPassword, &keys, &num_keys); - krb5_free_principal(smb_krb5_context->krb5_context, salt_principal); - - if (krb5_ret) { - ldb_set_errstring(module->ldb, - talloc_asprintf(mem_ctx, "password_hash_handle: " - "generation of new kerberos keys failed: %s", - smb_get_krb5_error_message(smb_krb5_context->krb5_context, - krb5_ret, mem_ctx))); - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* Walking all the key types generated, transform each - * key into an ASN.1 blob - */ - for (i=0; i < num_keys; i++) { - unsigned char *buf; - size_t buf_size; - size_t len; - struct ldb_val val; - - if (keys[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) { - /* We might end up doing this below: - * This ensures we get the unicode - * conversion right. This should also - * be fixed in the Heimdal libs */ - continue; - } - ASN1_MALLOC_ENCODE(Key, buf, buf_size, &keys[i], &len, krb5_ret); - if (krb5_ret) { - return LDB_ERR_OPERATIONS_ERROR; - } - - val.data = talloc_memdup(req, buf, len); - val.length = len; - free(buf); - if (!val.data || krb5_ret) { - hdb_free_keys (smb_krb5_context->krb5_context, num_keys, keys); - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - ret = ldb_msg_add_value(modify_msg, "krb5Key", &val); - if (ret != LDB_SUCCESS) { - hdb_free_keys (smb_krb5_context->krb5_context, num_keys, keys); - talloc_free(mem_ctx); - return ret; - } - } - - hdb_free_keys (smb_krb5_context->krb5_context, num_keys, keys); - } - - /* Possibly kill off the cleartext or store it */ - CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaPassword", LDB_FLAG_MOD_REPLACE)); - - if (sambaPassword && (pwdProperties & DOMAIN_PASSWORD_STORE_CLEARTEXT) && - (userAccountControl & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)) { - CHECK_RET(ldb_msg_add_string(modify_msg, "sambaPassword", sambaPassword)); - } - - /* Even if we didn't get a sambaPassword, we can still setup - * krb5Key from the NT hash. - * - * This is an append, so it works with the 'continue' in the - * unicode loop above, to use Samba's NT hash function, which - * is more correct than Heimdal's - */ - if (ntPwdHash) { - unsigned char *buf; - size_t buf_size; - size_t len; - struct ldb_val val; - Key key; - - key.mkvno = 0; - key.salt = NULL; /* No salt for this enc type */ - - krb5_ret = krb5_keyblock_init(smb_krb5_context->krb5_context, - ETYPE_ARCFOUR_HMAC_MD5, - ntPwdHash->hash, sizeof(ntPwdHash->hash), - &key.key); - if (krb5_ret) { - return LDB_ERR_OPERATIONS_ERROR; - } - ASN1_MALLOC_ENCODE(Key, buf, buf_size, &key, &len, krb5_ret); - if (krb5_ret) { - return LDB_ERR_OPERATIONS_ERROR; - } - krb5_free_keyblock_contents(smb_krb5_context->krb5_context, - &key.key); - - val.data = talloc_memdup(req, buf, len); - val.length = len; - free(buf); - if (!val.data || ret) { - return LDB_ERR_OPERATIONS_ERROR; - } - CHECK_RET(ldb_msg_add_value(modify_msg, "krb5Key", &val)); - } - - /* If the original caller did anything with pwdLastSet then skip this. It could be an incoming samsync */ - attribute = ldb_msg_find_element(msg, "pwdLastSet"); - if (attribute == NULL) { - /* Update the password last set time */ - unix_to_nt_time(&now_nt, now); - CHECK_RET(ldb_msg_add_empty(modify_msg, "pwdLastSet", LDB_FLAG_MOD_REPLACE)); - CHECK_RET(samdb_msg_add_uint64(module->ldb, mem_ctx, modify_msg, "pwdLastSet", now_nt)); - } - - /* If the original caller did anything with "msDS-KeyVersionNumber" then skip this. It could be an incoming samsync */ - attribute = ldb_msg_find_element(msg, "msDS-KeyVersionNumber"); - if (attribute == NULL) { - if (kvno == 0) { - CHECK_RET(ldb_msg_add_empty(modify_msg, "msDS-KeyVersionNumber", - LDB_FLAG_MOD_REPLACE)); - CHECK_RET(samdb_msg_add_uint(module->ldb, mem_ctx, modify_msg, "msDS-KeyVersionNumber", kvno + 1)); - } else { - /* While we should be in a transaction, go one extra - * step in the dance for an 'atomic' increment. This - * may be of value against remote LDAP servers. (Note - * however that Mulitmaster replication stil offers no - * such guarantee) */ - - struct ldb_val old_kvno, new_kvno; - old_kvno.data = (uint8_t *)talloc_asprintf(mem_ctx, "%u", kvno); - if (!old_kvno.data) { - return -1; - } - old_kvno.length = strlen((char *)old_kvno.data); - - new_kvno.data = (uint8_t *)talloc_asprintf(mem_ctx, "%u", kvno + 1); - if (!new_kvno.data) { - return -1; - } - new_kvno.length = strlen((char *)new_kvno.data); - - CHECK_RET(ldb_msg_add_empty(modify_msg, "msDS-KeyVersionNumber", - LDB_FLAG_MOD_DELETE)); - CHECK_RET(ldb_msg_add_empty(modify_msg, "msDS-KeyVersionNumber", - LDB_FLAG_MOD_ADD)); - modify_msg->elements[modify_msg->num_elements - 2].num_values = 1; - modify_msg->elements[modify_msg->num_elements - 2].values = &old_kvno; - modify_msg->elements[modify_msg->num_elements - 1].num_values = 1; - modify_msg->elements[modify_msg->num_elements - 1].values = &new_kvno; - } - } - - CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaLMPwdHistory", - LDB_FLAG_MOD_REPLACE)); - CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaNTPwdHistory", - LDB_FLAG_MOD_REPLACE)); - - /* If we have something to put into the history, or an old - * history element to expire, update the history */ - if (pwdHistoryLength > 0 && - ((sambaNTPwdHistory_len > 0) || (sambaLMPwdHistory_len > 0) - || lmOldHash || ntOldHash)) { - /* store the password history */ - new_sambaLMPwdHistory = talloc_array(mem_ctx, struct samr_Password, - pwdHistoryLength); - if (!new_sambaLMPwdHistory) { - return LDB_ERR_OPERATIONS_ERROR; - } - new_sambaNTPwdHistory = talloc_array(mem_ctx, struct samr_Password, - pwdHistoryLength); - if (!new_sambaNTPwdHistory) { - return LDB_ERR_OPERATIONS_ERROR; - } - for (i=0;i<MIN(pwdHistoryLength-1, sambaLMPwdHistory_len);i++) { - new_sambaLMPwdHistory[i+1] = sambaLMPwdHistory[i]; - } - for (i=0;i<MIN(pwdHistoryLength-1, sambaNTPwdHistory_len);i++) { - new_sambaNTPwdHistory[i+1] = sambaNTPwdHistory[i]; - } - - /* Don't store 'long' passwords in the LM history, - but make sure to 'expire' one password off the other end */ - if (lmOldHash) { - new_sambaLMPwdHistory[0] = *lmOldHash; - } else { - ZERO_STRUCT(new_sambaLMPwdHistory[0]); - } - sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len + 1, pwdHistoryLength); - - /* Likewise, we might not have an old NT password (lm - * only password change function on previous change) */ - if (ntOldHash) { - new_sambaNTPwdHistory[0] = *ntOldHash; - } else { - ZERO_STRUCT(new_sambaNTPwdHistory[0]); - } - sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len + 1, pwdHistoryLength); - - CHECK_RET(samdb_msg_add_hashes(mem_ctx, modify_msg, - "sambaLMPwdHistory", - new_sambaLMPwdHistory, - sambaLMPwdHistory_len)); - - CHECK_RET(samdb_msg_add_hashes(mem_ctx, modify_msg, - "sambaNTPwdHistory", - new_sambaNTPwdHistory, - sambaNTPwdHistory_len)); - } - - /* Too much code above, we should check we got it close to reasonable */ - CHECK_RET(ldb_msg_sanity_check(modify_msg)); - - modify_request = talloc(mem_ctx, struct ldb_request); - if (!modify_request) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - modify_request->operation = LDB_REQ_MODIFY; - modify_request->op.mod.message = modify_msg; - modify_request->controls = NULL; - - ret = ldb_next_request(module, modify_request); - - talloc_free(mem_ctx); - return ret; -} - -/* add_record: do things with the sambaPassword attribute */ -static int password_hash_add(struct ldb_module *module, struct ldb_request *req) -{ - const struct ldb_message *msg = req->op.add.message; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_add_record\n"); - - if (ldb_dn_is_special(msg->dn)) { /* do not manipulate our control entries */ - return ldb_next_request(module, req); - } - - /* If no part of this touches the sambaPassword, then we don't - * need to make any changes. For password changes/set there should - * be a 'delete' or a 'modify' on this attribute. */ - if (ldb_msg_find_element(msg, "sambaPassword") == NULL ) { - return ldb_next_request(module, req); - } - - return password_hash_handle(module, req, msg); -} - -/* modify_record: do things with the sambaPassword attribute */ -static int password_hash_modify(struct ldb_module *module, struct ldb_request *req) -{ - const struct ldb_message *msg = req->op.mod.message; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_modify_record\n"); - - if (ldb_dn_is_special(msg->dn)) { /* do not manipulate our control entries */ - return ldb_next_request(module, req); - } - - /* If no part of this touches the sambaPassword, then we don't - * need to make any changes. For password changes/set there should - * be a 'delete' or a 'modify' on this attribute. */ - if (ldb_msg_find_element(msg, "sambaPassword") == NULL ) { - return ldb_next_request(module, req); - } - - return password_hash_handle(module, req, msg); -} - -enum ph_type {PH_ADD, PH_MOD}; -enum ph_step {PH_ADD_SEARCH_DOM, PH_ADD_DO_ADD, PH_MOD_DO_REQ, PH_MOD_SEARCH_SELF, PH_MOD_SEARCH_DOM, PH_MOD_DO_MOD}; - struct ph_async_context { - enum ph_type type; - enum ph_step step; + enum ph_type {PH_ADD, PH_MOD} type; + enum ph_step {PH_ADD_SEARCH_DOM, PH_ADD_DO_ADD, PH_MOD_DO_REQ, PH_MOD_SEARCH_SELF, PH_MOD_SEARCH_DOM, PH_MOD_DO_MOD} step; struct ldb_module *module; struct ldb_request *orig_req; @@ -1212,7 +544,7 @@ static struct domain_data *get_domain_data(struct ldb_module *module, void *mem_ return data; } -static int password_hash_add_async(struct ldb_module *module, struct ldb_request *req) +static int password_hash_add(struct ldb_module *module, struct ldb_request *req) { struct ldb_async_handle *h; struct ph_async_context *ac; @@ -1220,7 +552,7 @@ static int password_hash_add_async(struct ldb_module *module, struct ldb_request struct dom_sid *domain_sid; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_add_async\n"); + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_add\n"); if (ldb_dn_is_special(req->op.add.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -1278,7 +610,7 @@ static int password_hash_add_async(struct ldb_module *module, struct ldb_request return ldb_next_request(module, ac->dom_req); } -static int password_hash_add_async_do_add(struct ldb_async_handle *h) { +static int password_hash_add_do_add(struct ldb_async_handle *h) { struct ph_async_context *ac; struct domain_data *domain; @@ -1357,9 +689,9 @@ static int password_hash_add_async_do_add(struct ldb_async_handle *h) { return ldb_next_request(ac->module, ac->down_req); } -static int password_hash_mod_async_search_self(struct ldb_async_handle *h); +static int password_hash_mod_search_self(struct ldb_async_handle *h); -static int password_hash_modify_async(struct ldb_module *module, struct ldb_request *req) +static int password_hash_modify(struct ldb_module *module, struct ldb_request *req) { struct ldb_async_handle *h; struct ph_async_context *ac; @@ -1367,7 +699,7 @@ static int password_hash_modify_async(struct ldb_module *module, struct ldb_requ struct ldb_message_element *ntAttr; struct ldb_message_element *lmAttr; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_add_async\n"); + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_modify\n"); if (ldb_dn_is_special(req->op.mod.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -1437,7 +769,7 @@ static int password_hash_modify_async(struct ldb_module *module, struct ldb_requ if (ac->down_req->op.mod.message->num_elements == 0) { talloc_free(ac->down_req); ac->down_req = NULL; - return password_hash_mod_async_search_self(h); + return password_hash_mod_search_self(h); } ac->down_req->async.context = NULL; @@ -1483,7 +815,7 @@ static int get_self_callback(struct ldb_context *ldb, void *context, struct ldb_ return LDB_SUCCESS; } -static int password_hash_mod_async_search_self(struct ldb_async_handle *h) { +static int password_hash_mod_search_self(struct ldb_async_handle *h) { struct ph_async_context *ac; @@ -1515,7 +847,7 @@ static int password_hash_mod_async_search_self(struct ldb_async_handle *h) { return ldb_next_request(ac->module, ac->search_req); } -static int password_hash_mod_async_search_dom(struct ldb_async_handle *h) { +static int password_hash_mod_search_dom(struct ldb_async_handle *h) { struct ph_async_context *ac; struct dom_sid *domain_sid; @@ -1541,7 +873,7 @@ static int password_hash_mod_async_search_dom(struct ldb_async_handle *h) { return ldb_next_request(ac->module, ac->dom_req); } -static int password_hash_mod_async_do_mod(struct ldb_async_handle *h) { +static int password_hash_mod_do_mod(struct ldb_async_handle *h) { struct ph_async_context *ac; struct domain_data *domain; @@ -1700,7 +1032,7 @@ static int ph_async_wait(struct ldb_async_handle *handle) { } /* domain search done, go on */ - return password_hash_add_async_do_add(handle); + return password_hash_add_do_add(handle); case PH_ADD_DO_ADD: ret = ldb_async_wait(ac->down_req->async.handle, LDB_WAIT_NONE); @@ -1737,7 +1069,7 @@ static int ph_async_wait(struct ldb_async_handle *handle) { } /* non-password mods done, go on */ - return password_hash_mod_async_search_self(handle); + return password_hash_mod_search_self(handle); case PH_MOD_SEARCH_SELF: ret = ldb_async_wait(ac->search_req->async.handle, LDB_WAIT_NONE); @@ -1756,7 +1088,7 @@ static int ph_async_wait(struct ldb_async_handle *handle) { } /* self search done, go on */ - return password_hash_mod_async_search_dom(handle); + return password_hash_mod_search_dom(handle); case PH_MOD_SEARCH_DOM: ret = ldb_async_wait(ac->dom_req->async.handle, LDB_WAIT_NONE); @@ -1775,7 +1107,7 @@ static int ph_async_wait(struct ldb_async_handle *handle) { } /* domain search done, go on */ - return password_hash_mod_async_do_mod(handle); + return password_hash_mod_do_mod(handle); case PH_MOD_DO_MOD: ret = ldb_async_wait(ac->mod_req->async.handle, LDB_WAIT_NONE); @@ -1830,27 +1162,10 @@ static int password_hash_async_wait(struct ldb_async_handle *handle, enum ldb_as } } -static int password_hash_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_ADD: - return password_hash_add(module, req); - - case LDB_REQ_MODIFY: - return password_hash_modify(module, req); - - default: - return ldb_next_request(module, req); - - } -} - static const struct ldb_module_ops password_hash_ops = { .name = "password_hash", - .add = password_hash_add_async, - .modify = password_hash_modify_async, - .request = password_hash_request, + .add = password_hash_add, + .modify = password_hash_modify, .async_wait = password_hash_async_wait }; diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 7e408264ec..46b34a469b 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -120,42 +120,6 @@ failed: /* handle search requests */ -static int rootdse_search_bytree(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_search *s = &req->op.search; - int ret; - TALLOC_CTX *tmp_ctx; - - /* see if its for the rootDSE */ - if (s->scope != LDB_SCOPE_BASE || - (s->base && s->base->comp_num != 0)) { - return ldb_next_request(module, req); - } - - tmp_ctx = talloc_new(module); - - /* in our db we store the rootDSE with a DN of cn=rootDSE */ - s->base = ldb_dn_explode(tmp_ctx, "cn=rootDSE"); - s->tree = ldb_parse_tree(tmp_ctx, "dn=*"); - if (s->base == NULL || s->tree == NULL) { - ldb_oom(module->ldb); - talloc_free(tmp_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* grab the static contents of the record */ - ret = ldb_next_request(module, req); - - req->op.search.res = s->res; - - if ((ret == LDB_SUCCESS) && (s->res->msgs != NULL)) { - ret = rootdse_add_dynamic(module, s->res->msgs[0], s->attrs); - } - - talloc_free(tmp_ctx); - - return ret; -} struct rootdse_async_context { struct ldb_module *module; @@ -192,7 +156,7 @@ error: return LDB_ERR_OPERATIONS_ERROR; } -static int rootdse_search_async(struct ldb_module *module, struct ldb_request *req) +static int rootdse_search(struct ldb_module *module, struct ldb_request *req) { struct rootdse_async_context *ac; struct ldb_request *down_req; @@ -274,8 +238,6 @@ static int rootdse_register_control(struct ldb_module *module, struct ldb_reques static int rootdse_request(struct ldb_module *module, struct ldb_request *req) { switch (req->operation) { - case LDB_REQ_SEARCH: - return rootdse_search_bytree(module, req); case LDB_REQ_REGISTER: return rootdse_register_control(module, req); @@ -305,7 +267,7 @@ static int rootdse_init(struct ldb_module *module) static const struct ldb_module_ops rootdse_ops = { .name = "rootdse", .init_context = rootdse_init, - .search = rootdse_search_async, + .search = rootdse_search, .request = rootdse_request }; diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 368fd161d4..40092e68de 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -615,13 +615,28 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const return LDB_ERR_OPERATIONS_ERROR; } + /* remove objectclasses so that they will be added in the right order for MMC to be happy */ + ldb_msg_remove_attr(msg, "objectclass"); + if (samldb_find_attribute(msg, "objectclass", "computer") != NULL) { + ret = samldb_copy_template(module, msg2, "(&(CN=TemplateComputer)(objectclass=userTemplate))"); if (ret) { ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_user_or_computer_object: Error copying computer template!\n"); talloc_free(mem_ctx); return ret; } + + /* readd user and then computer objectclasses */ + if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "user", "user")) { + talloc_free(mem_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "computer", "computer")) { + talloc_free(mem_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + } else { ret = samldb_copy_template(module, msg2, "(&(CN=TemplateUser)(objectclass=userTemplate))"); if (ret) { @@ -629,6 +644,11 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const talloc_free(mem_ctx); return ret; } + /* readd user objectclass */ + if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "user", "user")) { + talloc_free(mem_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } } rdn = ldb_dn_get_rdn(msg2, msg2->dn); @@ -639,14 +659,6 @@ static int samldb_fill_user_or_computer_object(struct ldb_module *module, const return LDB_ERR_CONSTRAINT_VIOLATION; } - /* if the only attribute was: "objectclass: computer", then make sure we also add "user" objectclass */ - if ( ! samldb_find_or_add_value(module, msg2, "objectclass", "user", "user")) { - talloc_free(mem_ctx); - return LDB_ERR_OPERATIONS_ERROR; - } - - /* meddle with objectclass */ - if (ldb_msg_find_element(msg2, "samAccountName") == NULL) { name = samldb_generate_samAccountName(module, mem_ctx); if (!name) { @@ -769,61 +781,6 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct ldb_module *module } /* add_record */ -static int samldb_add(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_message *msg = req->op.add.message; - struct ldb_message *msg2 = NULL; - int ret; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_add_record\n"); - - - if (ldb_dn_is_special(msg->dn)) { /* do not manipulate our control entries */ - return ldb_next_request(module, req); - } - - /* is user or computer? */ - if ((samldb_find_attribute(msg, "objectclass", "user") != NULL) || - (samldb_find_attribute(msg, "objectclass", "computer") != NULL)) { - /* add all relevant missing objects */ - ret = samldb_fill_user_or_computer_object(module, msg, &msg2); - if (ret) { - return ret; - } - } - - /* is group? add all relevant missing objects */ - if ( ! msg2 ) { - if (samldb_find_attribute(msg, "objectclass", "group") != NULL) { - ret = samldb_fill_group_object(module, msg, &msg2); - if (ret) { - return ret; - } - } - } - - /* perhaps a foreignSecurityPrincipal? */ - if ( ! msg2 ) { - if (samldb_find_attribute(msg, "objectclass", "foreignSecurityPrincipal") != NULL) { - ret = samldb_fill_foreignSecurityPrincipal_object(module, msg, &msg2); - if (ret) { - return ret; - } - } - } - - if (msg2) { - req->op.add.message = msg2; - ret = ldb_next_request(module, req); - req->op.add.message = msg; - } else { - ret = ldb_next_request(module, req); - } - - return ret; -} - -/* add_record */ /* * FIXME @@ -833,7 +790,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) * left SYNC for now until we think of a good solution. */ -static int samldb_add_async(struct ldb_module *module, struct ldb_request *req) +static int samldb_add(struct ldb_module *module, struct ldb_request *req) { const struct ldb_message *msg = req->op.add.message; struct ldb_message *msg2 = NULL; @@ -908,19 +865,6 @@ static int samldb_destructor(void *module_ctx) return 0; } -static int samldb_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_ADD: - return samldb_add(module, req); - - default: - return ldb_next_request(module, req); - - } -} - static int samldb_init(struct ldb_module *module) { talloc_set_destructor(module, samldb_destructor); @@ -930,8 +874,7 @@ static int samldb_init(struct ldb_module *module) static const struct ldb_module_ops samldb_ops = { .name = "samldb", .init_context = samldb_init, - .add = samldb_add_async, - .request = samldb_request + .add = samldb_add, }; diff --git a/source4/lib/ldb/common/ldb.c b/source4/lib/ldb/common/ldb.c index 28b9728d0a..5fbaf54920 100644 --- a/source4/lib/ldb/common/ldb.c +++ b/source4/lib/ldb/common/ldb.c @@ -273,35 +273,16 @@ static int ldb_op_finish(struct ldb_context *ldb, int status) /* start an ldb request - autostarts a transacion if none active and the operation is not a search - does not work for ASYNC operations NOTE: the request must be a talloc context. returns LDB_ERR_* on errors. */ int ldb_request(struct ldb_context *ldb, struct ldb_request *req) { struct ldb_module *module; - int ret, started_transaction=0; + int ret; ldb_reset_err_string(ldb); - if (req->operation == LDB_REQ_SEARCH) { - req->op.search.res = NULL; - } - - /* start a transaction if SYNC and not search */ - if ((!ldb->transaction_active) && - (req->operation == LDB_REQ_ADD || - req->operation == LDB_REQ_MODIFY || - req->operation == LDB_REQ_DELETE || - req->operation == LDB_REQ_RENAME)) { - ret = ldb_transaction_start(ldb); - if (ret != LDB_SUCCESS) { - return ret; - } - started_transaction = 1; - } - /* call the first module in the chain */ switch (req->operation) { case LDB_ASYNC_SEARCH: @@ -330,10 +311,6 @@ int ldb_request(struct ldb_context *ldb, struct ldb_request *req) break; } - if (started_transaction) { - return ldb_op_finish(ldb, ret); - } - return ret; } @@ -463,6 +440,7 @@ int ldb_search(struct ldb_context *ldb, return ret; } +/* autostarts a transacion if none active */ static int ldb_autotransaction_request(struct ldb_context *ldb, struct ldb_request *req) { int ret, close_transaction; diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk index 54fba24555..68dbdd10f0 100644 --- a/source4/lib/ldb/config.mk +++ b/source4/lib/ldb/config.mk @@ -38,15 +38,15 @@ OBJ_FILES = \ # End MODULE ldb_operational ################################################ -################################################ -# Start MODULE ldb_objectclass -[MODULE::ldb_objectclass] -INIT_FUNCTION = ldb_objectclass_init -SUBSYSTEM = ldb -OBJ_FILES = \ - modules/objectclass.o -# End MODULE ldb_objectclass -################################################ +# ################################################ +# # Start MODULE ldb_objectclass +# [MODULE::ldb_objectclass] +# INIT_FUNCTION = ldb_objectclass_init +# SUBSYSTEM = ldb +# OBJ_FILES = \ +# modules/objectclass.o +# # End MODULE ldb_objectclass +# ################################################ ################################################ # Start MODULE ldb_rdn_name @@ -58,15 +58,15 @@ OBJ_FILES = \ # End MODULE ldb_rdn_name ################################################ -################################################ -# Start MODULE ldb_schema -[MODULE::ldb_schema] -INIT_FUNCTION = ldb_schema_init -SUBSYSTEM = ldb -OBJ_FILES = \ - modules/schema.o -# End MODULE ldb_schema -################################################ +# ################################################ +# # Start MODULE ldb_schema +# [MODULE::ldb_schema] +# INIT_FUNCTION = ldb_schema_init +# SUBSYSTEM = ldb +# OBJ_FILES = \ +# modules/schema.o +# # End MODULE ldb_schema +# ################################################ ################################################ # Start MODULE ldb_ildap @@ -81,13 +81,13 @@ PUBLIC_DEPENDENCIES = \ # End MODULE ldb_ildap ################################################ -################################################ -# Start MODULE ldb_map -[SUBSYSTEM::ldb_map] -PUBLIC_DEPENDENCIES = ldb -OBJ_FILES = modules/ldb_map.o -# End MODULE ldb_map -################################################ +# ################################################ +# # Start MODULE ldb_map +# [SUBSYSTEM::ldb_map] +# PUBLIC_DEPENDENCIES = ldb +# OBJ_FILES = modules/ldb_map.o +# # End MODULE ldb_map +# ################################################ ################################################ # Start MODULE ldb_skel diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index 8f21aec046..8e61ccd73c 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -562,11 +562,6 @@ struct ldb_control { }; enum ldb_request_type { - LDB_REQ_SEARCH, - LDB_REQ_ADD, - LDB_REQ_MODIFY, - LDB_REQ_DELETE, - LDB_REQ_RENAME, LDB_ASYNC_SEARCH, LDB_ASYNC_ADD, LDB_ASYNC_MODIFY, diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index 1454b565e0..3bb431e34f 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -148,7 +148,7 @@ static void ildb_request_timeout(struct event_context *ev, struct timed_event *t return; } -static void ildb_async_callback(struct ldap_request *req) +static void ildb_callback(struct ldap_request *req) { struct ldb_async_handle *handle = talloc_get_type(req->async.private_data, struct ldb_async_handle); struct ildb_async_context *ac = talloc_get_type(handle->private_data, struct ildb_async_context); @@ -365,7 +365,7 @@ static int ildb_request_send(struct ldb_module *module, struct ldap_message *msg ildb_ac->context = context; ildb_ac->callback = callback; - req->async.fn = ildb_async_callback; + req->async.fn = ildb_callback; req->async.private_data = (void *)h; talloc_free(req->time_event); @@ -385,7 +385,7 @@ static int ildb_request_send(struct ldb_module *module, struct ldap_message *msg /* search for matching records using an asynchronous function */ -static int ildb_search_async(struct ldb_module *module, struct ldb_request *req) +static int ildb_search(struct ldb_module *module, struct ldb_request *req) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); struct ldap_message *msg; @@ -447,122 +447,10 @@ static int ildb_search_async(struct ldb_module *module, struct ldb_request *req) return ildb_request_send(module, msg, req->async.context, req->async.callback, req->async.timeout, &(req->async.handle)); } -static int ildb_search_sync_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) -{ - struct ldb_result *res; - int n; - - if (!context) { - ldb_set_errstring(ldb, talloc_asprintf(ldb, "NULL Context in callback")); - return LDB_ERR_OPERATIONS_ERROR; - } - - res = *((struct ldb_result **)context); - - if (!res || !ares) { - goto error; - } - - if (ares->type == LDB_REPLY_ENTRY) { - res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); - if (! res->msgs) { - goto error; - } - - res->msgs[res->count + 1] = NULL; - - res->msgs[res->count] = talloc_steal(res->msgs, ares->message); - if (! res->msgs[res->count]) { - goto error; - } - - res->count++; - } - - if (ares->type == LDB_REPLY_REFERRAL) { - if (res->refs) { - for (n = 0; res->refs[n]; n++) /*noop*/ ; - } else { - n = 0; - } - - res->refs = talloc_realloc(res, res->refs, char *, n + 2); - if (! res->refs) { - goto error; - } - - res->refs[n] = talloc_steal(res->refs, ares->referral); - res->refs[n + 1] = NULL; - } - - if (ares->controls) { - res->controls = talloc_steal(res, ares->controls); - if (! res->controls) { - goto error; - } - } - - talloc_free(ares); - return LDB_SUCCESS; - -error: - talloc_free(ares); - talloc_free(res); - *((struct ldb_result **)context) = NULL; - return LDB_ERR_OPERATIONS_ERROR; -} - -/* - search for matching records using a synchronous function - */ -static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, struct ldb_parse_tree *tree, - const char * const *attrs, - struct ldb_control **control_req, - struct ldb_result **res) -{ - struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_request *req; - int ret; - - *res = talloc_zero(ildb, struct ldb_result); - if (! *res) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req = talloc_zero(ildb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_SEARCH; - req->op.search.base = base; - req->op.search.scope = scope; - req->op.search.tree = tree; - req->op.search.attrs = attrs; - req->controls = control_req; - req->async.context = (void *)res; - req->async.callback = ildb_search_sync_callback; - req->async.timeout = ildb->ldap->timeout; - - ret = ildb_search_async(module, req); - - if (ret == LDB_SUCCESS) { - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - talloc_free(req); - } - - if (ret != LDB_SUCCESS) { - talloc_free(*res); - } - - return ret; -} - /* add a record */ -static int ildb_add_async(struct ldb_module *module, struct ldb_request *req) +static int ildb_add(struct ldb_module *module, struct ldb_request *req) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); struct ldap_message *msg; @@ -609,41 +497,10 @@ static int ildb_add_async(struct ldb_module *module, struct ldb_request *req) return ildb_request_send(module, msg, req->async.context, req->async.callback, req->async.timeout, &(req->async.handle)); } -static int ildb_add(struct ldb_module *module, const struct ldb_message *msg) -{ - struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(ildb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_ADD; - req->op.add.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = ildb->ldap->timeout; - - ret = ildb_add_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* modify a record */ -static int ildb_modify_async(struct ldb_module *module, struct ldb_request *req) +static int ildb_modify(struct ldb_module *module, struct ldb_request *req) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); struct ldap_message *msg; @@ -694,41 +551,10 @@ static int ildb_modify_async(struct ldb_module *module, struct ldb_request *req) &(req->async.handle)); } -static int ildb_modify(struct ldb_module *module, const struct ldb_message *msg) -{ - struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(ildb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_MODIFY; - req->op.mod.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = ildb->ldap->timeout; - - ret = ildb_modify_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* delete a record */ -static int ildb_delete_async(struct ldb_module *module, struct ldb_request *req) +static int ildb_delete(struct ldb_module *module, struct ldb_request *req) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); struct ldap_message *msg; @@ -760,41 +586,10 @@ static int ildb_delete_async(struct ldb_module *module, struct ldb_request *req) &(req->async.handle)); } -static int ildb_delete(struct ldb_module *module, const struct ldb_dn *dn) -{ - struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(ildb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_DELETE; - req->op.del.dn = dn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = ildb->ldap->timeout; - - ret = ildb_delete_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* rename a record */ -static int ildb_rename_async(struct ldb_module *module, struct ldb_request *req) +static int ildb_rename(struct ldb_module *module, struct ldb_request *req) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); struct ldap_message *msg; @@ -844,90 +639,30 @@ static int ildb_rename_async(struct ldb_module *module, struct ldb_request *req) &(req->async.handle)); } -static int ildb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn) -{ - struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(ildb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_RENAME; - req->op.rename.olddn = olddn; - req->op.rename.newdn = newdn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = ildb->ldap->timeout; - - ret = ildb_rename_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - static int ildb_start_trans(struct ldb_module *module) { /* TODO implement a local locking mechanism here */ - return 0; + return LDB_SUCCESS; } static int ildb_end_trans(struct ldb_module *module) { /* TODO implement a local transaction mechanism here */ - return 0; + return LDB_SUCCESS; } static int ildb_del_trans(struct ldb_module *module) { /* TODO implement a local locking mechanism here */ - return 0; + return LDB_SUCCESS; } static int ildb_request(struct ldb_module *module, struct ldb_request *req) { - switch (req->operation) { - - case LDB_REQ_SEARCH: - return ildb_search_bytree(module, - req->op.search.base, - req->op.search.scope, - req->op.search.tree, - req->op.search.attrs, - req->controls, - &req->op.search.res); - - case LDB_REQ_ADD: - return ildb_add(module, req->op.add.message); - - case LDB_REQ_MODIFY: - return ildb_modify(module, req->op.mod.message); - - case LDB_REQ_DELETE: - return ildb_delete(module, req->op.del.dn); - - case LDB_REQ_RENAME: - return ildb_rename(module, - req->op.rename.olddn, - req->op.rename.newdn); - - default: - return -1; - - } + return LDB_ERR_OPERATIONS_ERROR; } static int ildb_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait_type type) @@ -964,34 +699,80 @@ static int ildb_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait_ return LDB_SUCCESS; } +static int ildb_rootdse_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) +{ + struct ildb_private *ildb; + + if (!context || !ares) { + ldb_set_errstring(ldb, talloc_asprintf(ldb, "NULL Context or Result in callback")); + goto error; + } + + ildb = talloc_get_type(context, struct ildb_private); + + if (ildb->rootDSE != NULL) { + /* what ? more than one rootdse entry ?! */ + goto error; + } + + /* we are interested only in the single reply (rootdse) we receive here */ + if (ares->type == LDB_REPLY_ENTRY) { + ildb->rootDSE = talloc_steal(ildb, ares->message); + } + + talloc_free(ares); + return LDB_SUCCESS; + +error: + talloc_free(ares); + return LDB_ERR_OPERATIONS_ERROR; +} + /* fetch the rootDSE for later use */ static int ildb_init(struct ldb_module *module) { struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private); - struct ldb_result *res = NULL; - struct ldb_dn *empty_dn = ldb_dn_new(ildb); + struct ldb_request *req; int ret; - ret = ildb_search_bytree(module, empty_dn, LDB_SCOPE_BASE, - ldb_parse_tree(empty_dn, "dn=dc=rootDSE"), - NULL, NULL, &res); - if (ret == LDB_SUCCESS && res->count == 1) { - ildb->rootDSE = talloc_steal(ildb, res->msgs[0]); + + req = talloc(ildb, struct ldb_request); + if (req == NULL) { + return LDB_ERR_OPERATIONS_ERROR; } - if (ret == LDB_SUCCESS) talloc_free(res); - talloc_free(empty_dn); - return LDB_SUCCESS; + ildb->rootDSE = NULL; + + req->operation = LDB_ASYNC_SEARCH; + req->op.search.base = ldb_dn_new(req); + req->op.search.scope = LDB_SCOPE_BASE; + req->op.search.tree = ldb_parse_tree(req, "dn=dc=rootDSE"); + req->op.search.attrs = NULL; + req->controls = NULL; + req->async.context = ildb; + req->async.callback = ildb_rootdse_callback; + req->async.timeout = 60; + + ret = ildb_search(module, req); + if (ret != LDB_SUCCESS) { + talloc_free(req); + return ret; + } + + ret = ildb_async_wait(req->async.handle, LDB_WAIT_ALL); + + talloc_free(req); + return ret; } static const struct ldb_module_ops ildb_ops = { .name = "ldap", - .search = ildb_search_async, - .add = ildb_add_async, - .modify = ildb_modify_async, - .del = ildb_delete_async, - .rename = ildb_rename_async, + .search = ildb_search, + .add = ildb_add, + .modify = ildb_modify, + .del = ildb_delete, + .rename = ildb_rename, .request = ildb_request, .start_transaction = ildb_start_trans, .end_transaction = ildb_end_trans, diff --git a/source4/lib/ldb/ldb_ldap/ldb_ldap.c b/source4/lib/ldb/ldb_ldap/ldb_ldap.c index f372e5fd04..5748c2ecd7 100644 --- a/source4/lib/ldb/ldb_ldap/ldb_ldap.c +++ b/source4/lib/ldb/ldb_ldap/ldb_ldap.c @@ -224,7 +224,7 @@ static int lldb_add_msg_attr(struct ldb_context *ldb, /* search for matching records */ -static int lldb_search_async(struct ldb_module *module, struct ldb_request *req) +static int lldb_search(struct ldb_module *module, struct ldb_request *req) { struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); struct lldb_async_context *lldb_ac; @@ -300,124 +300,10 @@ static int lldb_search_async(struct ldb_module *module, struct ldb_request *req) return lldb_ldap_to_ldb(ret); } -static int lldb_search_sync_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) -{ - struct ldb_result *res; - int n; - - if (!context) { - ldb_set_errstring(ldb, talloc_asprintf(ldb, "NULL Context in callback")); - return LDB_ERR_OPERATIONS_ERROR; - } - - res = *((struct ldb_result **)context); - - if (!res || !ares) { - goto error; - } - - if (ares->type == LDB_REPLY_ENTRY) { - res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); - if (! res->msgs) { - goto error; - } - - res->msgs[res->count + 1] = NULL; - - res->msgs[res->count] = talloc_steal(res->msgs, ares->message); - if (! res->msgs[res->count]) { - goto error; - } - - res->count++; - } - - if (ares->type == LDB_REPLY_REFERRAL) { - if (res->refs) { - for (n = 0; res->refs[n]; n++) /*noop*/ ; - } else { - n = 0; - } - - res->refs = talloc_realloc(res, res->refs, char *, n + 2); - if (! res->refs) { - goto error; - } - - res->refs[n] = talloc_steal(res->refs, ares->referral); - res->refs[n + 1] = NULL; - } - - if (ares->type == LDB_REPLY_DONE) { - if (ares->controls) { - res->controls = talloc_steal(res, ares->controls); - if (! res->controls) { - goto error; - } - } - } - - talloc_free(ares); - return LDB_SUCCESS; - -error: - talloc_free(ares); - talloc_free(res); - *((struct ldb_result **)context) = NULL; - return LDB_ERR_OPERATIONS_ERROR; -} - -/* - search for matching records using a synchronous function - */ -static int lldb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, struct ldb_parse_tree *tree, - const char * const *attrs, - struct ldb_control **control_req, - struct ldb_result **res) -{ - struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); - struct ldb_request *req; - int ret; - - *res = talloc_zero(lldb, struct ldb_result); - if (! *res) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req = talloc_zero(lldb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_SEARCH; - req->op.search.base = base; - req->op.search.scope = scope; - req->op.search.tree = tree; - req->op.search.attrs = attrs; - req->controls = control_req; - req->async.context = (void *)res; - req->async.callback = lldb_search_sync_callback; - req->async.timeout = lldb->timeout; - - ret = lldb_search_async(module, req); - - if (ret == LDB_SUCCESS) { - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - talloc_free(req); - } - - if (ret != LDB_SUCCESS) { - talloc_free(*res); - } - - return ret; -} - /* add a record */ -static int lldb_add_async(struct ldb_module *module, struct ldb_request *req) +static int lldb_add(struct ldb_module *module, struct ldb_request *req) { struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); struct lldb_async_context *lldb_ac; @@ -459,42 +345,10 @@ static int lldb_add_async(struct ldb_module *module, struct ldb_request *req) return lldb_ldap_to_ldb(ret); } -static int lldb_add(struct ldb_module *module, const struct ldb_message *msg) -{ - struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(lldb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_ADD; - req->op.add.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = lldb->timeout; - - ret = lldb_add_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - - /* modify a record */ -static int lldb_modify_async(struct ldb_module *module, struct ldb_request *req) +static int lldb_modify(struct ldb_module *module, struct ldb_request *req) { struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); struct lldb_async_context *lldb_ac; @@ -536,41 +390,10 @@ static int lldb_modify_async(struct ldb_module *module, struct ldb_request *req) return lldb_ldap_to_ldb(ret); } -static int lldb_modify(struct ldb_module *module, const struct ldb_message *msg) -{ - struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(lldb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_MODIFY; - req->op.mod.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = lldb->timeout; - - ret = lldb_modify_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* delete a record */ -static int lldb_delete_async(struct ldb_module *module, struct ldb_request *req) +static int lldb_delete(struct ldb_module *module, struct ldb_request *req) { struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); struct lldb_async_context *lldb_ac; @@ -603,41 +426,10 @@ static int lldb_delete_async(struct ldb_module *module, struct ldb_request *req) return lldb_ldap_to_ldb(ret); } -static int lldb_delete(struct ldb_module *module, const struct ldb_dn *dn) -{ - struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(lldb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_DELETE; - req->op.del.dn = dn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = lldb->timeout; - - ret = lldb_delete_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* rename a record */ -static int lldb_rename_async(struct ldb_module *module, struct ldb_request *req) +static int lldb_rename(struct ldb_module *module, struct ldb_request *req) { struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); struct lldb_async_context *lldb_ac; @@ -686,38 +478,6 @@ static int lldb_rename_async(struct ldb_module *module, struct ldb_request *req) return lldb_ldap_to_ldb(ret); } -static int lldb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn) -{ - struct lldb_private *lldb = talloc_get_type(module->private_data, struct lldb_private); - struct ldb_request *req; - int ret; - - req = talloc_zero(lldb, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_RENAME; - req->op.rename.olddn = olddn; - req->op.rename.newdn = newdn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - req->async.timeout = lldb->timeout; - - ret = lldb_rename_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - static int lldb_parse_result(struct ldb_async_handle *handle, LDAPMessage *result) { struct lldb_async_context *ac = talloc_get_type(handle->private_data, struct lldb_async_context); @@ -951,63 +711,35 @@ static int lldb_start_trans(struct ldb_module *module) { /* TODO implement a local transaction mechanism here */ - return 0; + return LDB_SUCCESS; } static int lldb_end_trans(struct ldb_module *module) { /* TODO implement a local transaction mechanism here */ - return 0; + return LDB_SUCCESS; } static int lldb_del_trans(struct ldb_module *module) { /* TODO implement a local transaction mechanism here */ - return 0; + return LDB_SUCCESS; } static int lldb_request(struct ldb_module *module, struct ldb_request *req) { - switch (req->operation) { - - case LDB_REQ_SEARCH: - return lldb_search_bytree(module, - req->op.search.base, - req->op.search.scope, - req->op.search.tree, - req->op.search.attrs, - req->controls, - &req->op.search.res); - - case LDB_REQ_ADD: - return lldb_add(module, req->op.add.message); - - case LDB_REQ_MODIFY: - return lldb_modify(module, req->op.mod.message); - - case LDB_REQ_DELETE: - return lldb_delete(module, req->op.del.dn); - - case LDB_REQ_RENAME: - return lldb_rename(module, - req->op.rename.olddn, - req->op.rename.newdn); - - default: - return -1; - - } + return LDB_ERR_OPERATIONS_ERROR; } static const struct ldb_module_ops lldb_ops = { .name = "ldap", - .search = lldb_search_async, - .add = lldb_add_async, - .modify = lldb_modify_async, - .del = lldb_delete_async, - .rename = lldb_rename_async, + .search = lldb_search, + .add = lldb_add, + .modify = lldb_modify, + .del = lldb_delete, + .rename = lldb_rename, .request = lldb_request, .start_transaction = lldb_start_trans, .end_transaction = lldb_end_trans, diff --git a/source4/lib/ldb/ldb_tdb/ldb_search.c b/source4/lib/ldb/ldb_tdb/ldb_search.c index 9b45697098..529049e36b 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_search.c +++ b/source4/lib/ldb/ldb_tdb/ldb_search.c @@ -470,51 +470,11 @@ static int ltdb_search_full(struct ldb_async_handle *handle) return LDB_SUCCESS; } -static int ltdb_search_sync_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) -{ - struct ldb_result *res = NULL; - - if (!context) { - ldb_set_errstring(ldb, talloc_strdup(ldb, "NULL Context in callback")); - goto error; - } - - res = *((struct ldb_result **)context); - - if (!res || !ares) { - goto error; - } - - if (ares->type == LDB_REPLY_ENTRY) { - res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); - if (! res->msgs) { - goto error; - } - - res->msgs[res->count + 1] = NULL; - - res->msgs[res->count] = talloc_steal(res->msgs, ares->message); - if (! res->msgs[res->count]) { - goto error; - } - - res->count++; - } else { - ldb_debug(ldb, LDB_DEBUG_ERROR, "unrecognized async reply in ltdb_search_sync_callback!\n"); - goto error; - } - - talloc_free(ares); - return LDB_SUCCESS; - -error: - if (ares) talloc_free(ares); - if (res) talloc_free(res); - if (context) *((struct ldb_result **)context) = NULL; - return LDB_ERR_OPERATIONS_ERROR; -} - -int ltdb_search_async(struct ldb_module *module, struct ldb_request *req) +/* + search the database with a LDAP-like expression. + choses a search method +*/ +int ltdb_search(struct ldb_module *module, struct ldb_request *req) { struct ltdb_private *ltdb = talloc_get_type(module->private_data, struct ltdb_private); struct ltdb_async_context *ltdb_ac; @@ -566,48 +526,3 @@ int ltdb_search_async(struct ldb_module *module, struct ldb_request *req) return LDB_SUCCESS; } -/* - search the database with a LDAP-like expression. - choses a search method -*/ -int ltdb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, struct ldb_parse_tree *tree, - const char * const attrs[], struct ldb_result **res) -{ - struct ldb_request *req; - int ret; - - *res = talloc_zero(module, struct ldb_result); - if (! *res) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req = talloc_zero(module, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_SEARCH; - req->op.search.base = base; - req->op.search.scope = scope; - req->op.search.tree = tree; - req->op.search.attrs = attrs; - req->controls = NULL; - req->async.context = (void *)res; - req->async.callback = ltdb_search_sync_callback; - - ret = ltdb_search_async(module, req); - - if (ret == LDB_SUCCESS) { - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - talloc_free(req); - } - - if (ret != LDB_SUCCESS) { - talloc_free(*res); - } - - return ret; -} - - diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c index e5b0ca0668..5ea92aa1b1 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c @@ -256,41 +256,58 @@ done: } +static int ltdb_add_internal(struct ldb_module *module, struct ldb_message *msg) +{ + int ret; + + ret = ltdb_check_special_dn(module, msg); + if (ret != LDB_SUCCESS) { + return LDB_ERR_OPERATIONS_ERROR; + } + + if (ltdb_cache_load(module) != 0) { + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = ltdb_store(module, msg, TDB_INSERT); + + if (ret != LDB_SUCCESS) { + return LDB_ERR_OPERATIONS_ERROR; + } + + ltdb_modified(module, msg->dn); + + return LDB_SUCCESS; +} + /* add a record to the database */ -static int ltdb_add_async(struct ldb_module *module, struct ldb_request *req) +static int ltdb_add(struct ldb_module *module, struct ldb_request *req) { struct ltdb_private *ltdb = talloc_get_type(module->private_data, struct ltdb_private); struct ltdb_async_context *ltdb_ac; int tret, ret = LDB_SUCCESS; + if (req->controls != NULL) { + ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Controls should not reach the ldb_tdb backend!\n"); + if (check_critical_controls(req->controls)) { + return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + } + } + req->async.handle = init_ltdb_handle(ltdb, module, req->async.context, req->async.callback); if (req->async.handle == NULL) { return LDB_ERR_OPERATIONS_ERROR; } ltdb_ac = talloc_get_type(req->async.handle->private_data, struct ltdb_async_context); - tret = ltdb_check_special_dn(module, req->op.add.message); + tret = ltdb_add_internal(module, req->op.add.message); if (tret != LDB_SUCCESS) { req->async.handle->status = tret; goto done; } - if (ltdb_cache_load(module) != 0) { - ret = LDB_ERR_OTHER; - goto done; - } - - tret = ltdb_store(module, req->op.add.message, TDB_INSERT); - - if (tret != LDB_SUCCESS) { - req->async.handle->status = tret; - goto done; - } - - ltdb_modified(module, req->op.add.message->dn); - if (ltdb_ac->callback) { ret = ltdb_ac->callback(module->ldb, ltdb_ac->context, NULL); } @@ -300,35 +317,6 @@ done: return ret; } -static int ltdb_add(struct ldb_module *module, const struct ldb_message *msg) -{ - struct ldb_request *req; - int ret; - - req = talloc_zero(module, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_ADD; - req->op.add.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - - ret = ltdb_add_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* delete a record from the database, not updating indexes (used for deleting index records) @@ -354,16 +342,59 @@ int ltdb_delete_noindex(struct ldb_module *module, const struct ldb_dn *dn) return ret; } +static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn) +{ + struct ldb_message *msg; + int ret; + + msg = talloc(module, struct ldb_message); + if (msg == NULL) { + return LDB_ERR_OPERATIONS_ERROR; + } + + /* in case any attribute of the message was indexed, we need + to fetch the old record */ + ret = ltdb_search_dn1(module, dn, msg); + if (ret != 1) { + /* not finding the old record is an error */ + talloc_free(msg); + return LDB_ERR_NO_SUCH_OBJECT; + } + + ret = ltdb_delete_noindex(module, dn); + if (ret != LDB_SUCCESS) { + talloc_free(msg); + return LDB_ERR_NO_SUCH_OBJECT; + } + + /* remove any indexed attributes */ + ret = ltdb_index_del(module, msg); + if (ret != LDB_SUCCESS) { + talloc_free(msg); + return LDB_ERR_OPERATIONS_ERROR; + } + ltdb_modified(module, dn); + + talloc_free(msg); + return LDB_SUCCESS; +} + /* delete a record from the database */ -static int ltdb_delete_async(struct ldb_module *module, struct ldb_request *req) +static int ltdb_delete(struct ldb_module *module, struct ldb_request *req) { struct ltdb_private *ltdb = talloc_get_type(module->private_data, struct ltdb_private); struct ltdb_async_context *ltdb_ac; - struct ldb_message *msg; int tret, ret = LDB_SUCCESS; + if (req->controls != NULL) { + ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Controls should not reach the ldb_tdb backend!\n"); + if (check_critical_controls(req->controls)) { + return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + } + } + req->async.handle = NULL; if (ltdb_cache_load(module) != 0) { @@ -376,34 +407,11 @@ static int ltdb_delete_async(struct ldb_module *module, struct ldb_request *req) } ltdb_ac = talloc_get_type(req->async.handle->private_data, struct ltdb_async_context); - msg = talloc(ltdb_ac, struct ldb_message); - if (msg == NULL) { - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - - /* in case any attribute of the message was indexed, we need - to fetch the old record */ - tret = ltdb_search_dn1(module, req->op.del.dn, msg); - if (tret != 1) { - /* not finding the old record is an error */ - req->async.handle->status = LDB_ERR_NO_SUCH_OBJECT; - goto done; - } - - tret = ltdb_delete_noindex(module, req->op.del.dn); - if (tret != LDB_SUCCESS) { - req->async.handle->status = LDB_ERR_NO_SUCH_OBJECT; - goto done; - } - - /* remove any indexed attributes */ - tret = ltdb_index_del(module, msg); + tret = ltdb_delete_internal(module, req->op.del.dn); if (tret != LDB_SUCCESS) { - req->async.handle->status = LDB_ERR_NO_SUCH_OBJECT; + req->async.handle->status = tret; goto done; } - ltdb_modified(module, req->op.del.dn); if (ltdb_ac->callback) ret = ltdb_ac->callback(module->ldb, ltdb_ac->context, NULL); @@ -413,36 +421,6 @@ done: return ret; } -static int ltdb_delete(struct ldb_module *module, const struct ldb_dn *dn) -{ - struct ldb_request *req; - int ret; - - req = talloc_zero(module, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_DELETE; - req->op.del.dn = dn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - - ret = ltdb_delete_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - - /* find an element by attribute name. At the moment this does a linear search, it should be re-coded to use a binary search once all places that modify records guarantee @@ -754,12 +732,19 @@ failed: /* modify a record */ -static int ltdb_modify_async(struct ldb_module *module, struct ldb_request *req) +static int ltdb_modify(struct ldb_module *module, struct ldb_request *req) { struct ltdb_private *ltdb = talloc_get_type(module->private_data, struct ltdb_private); struct ltdb_async_context *ltdb_ac; int tret, ret = LDB_SUCCESS; + if (req->controls != NULL) { + ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Controls should not reach the ldb_tdb backend!\n"); + if (check_critical_controls(req->controls)) { + return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + } + } + req->async.handle = NULL; req->async.handle = init_ltdb_handle(ltdb, module, req->async.context, req->async.callback); @@ -796,45 +781,23 @@ done: return ret; } -static int ltdb_modify(struct ldb_module *module, const struct ldb_message *msg) -{ - struct ldb_request *req; - int ret; - - req = talloc_zero(module, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_MODIFY; - req->op.mod.message = msg; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - - ret = ltdb_modify_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - /* rename a record */ -static int ltdb_rename_async(struct ldb_module *module, struct ldb_request *req) +static int ltdb_rename(struct ldb_module *module, struct ldb_request *req) { struct ltdb_private *ltdb = talloc_get_type(module->private_data, struct ltdb_private); struct ltdb_async_context *ltdb_ac; struct ldb_message *msg; int tret, ret = LDB_SUCCESS; + if (req->controls != NULL) { + ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Controls should not reach the ldb_tdb backend!\n"); + if (check_critical_controls(req->controls)) { + return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + } + } + req->async.handle = NULL; if (ltdb_cache_load(module) != 0) { @@ -868,15 +831,15 @@ static int ltdb_rename_async(struct ldb_module *module, struct ldb_request *req) goto done; } - tret = ltdb_add(module, msg); + tret = ltdb_add_internal(module, msg); if (tret != LDB_SUCCESS) { ret = LDB_ERR_OPERATIONS_ERROR; goto done; } - tret = ltdb_delete(module, req->op.rename.olddn); + tret = ltdb_delete_internal(module, req->op.rename.olddn); if (tret != LDB_SUCCESS) { - ltdb_delete(module, req->op.rename.newdn); + ltdb_delete_internal(module, req->op.rename.newdn); ret = LDB_ERR_OPERATIONS_ERROR; goto done; } @@ -889,36 +852,6 @@ done: return ret; } -static int ltdb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn) -{ - struct ldb_request *req; - int ret; - - req = talloc_zero(module, struct ldb_request); - if (! req) { - return LDB_ERR_OPERATIONS_ERROR; - } - - req->operation = LDB_ASYNC_RENAME; - req->op.rename.olddn = olddn; - req->op.rename.newdn = newdn; - req->controls = NULL; - req->async.context = NULL; - req->async.callback = NULL; - - ret = ltdb_rename_async(module, req); - - if (ret != LDB_SUCCESS) { - talloc_free(req); - return ret; - } - - ret = ldb_async_wait(req->async.handle, LDB_WAIT_ALL); - - talloc_free(req); - return ret; -} - static int ltdb_start_trans(struct ldb_module *module) { struct ltdb_private *ltdb = module->private_data; @@ -960,43 +893,15 @@ static int ltdb_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait_ static int ltdb_request(struct ldb_module *module, struct ldb_request *req) { /* check for oustanding critical controls and return an error if found */ - if (req->controls != NULL) { ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Controls should not reach the ldb_tdb backend!\n"); - } - - if (check_critical_controls(req->controls)) { - return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + if (check_critical_controls(req->controls)) { + return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; + } } - switch (req->operation) { - - case LDB_REQ_SEARCH: - return ltdb_search_bytree(module, - req->op.search.base, - req->op.search.scope, - req->op.search.tree, - req->op.search.attrs, - &req->op.search.res); - - case LDB_REQ_ADD: - return ltdb_add(module, req->op.add.message); - - case LDB_REQ_MODIFY: - return ltdb_modify(module, req->op.mod.message); - - case LDB_REQ_DELETE: - return ltdb_delete(module, req->op.del.dn); - - case LDB_REQ_RENAME: - return ltdb_rename(module, - req->op.rename.olddn, - req->op.rename.newdn); - - default: - return LDB_ERR_OPERATIONS_ERROR; - - } + /* search, add, modify, delete, rename are handled by their own, no other op supported */ + return LDB_ERR_OPERATIONS_ERROR; } /* @@ -1026,11 +931,11 @@ static uint64_t ltdb_sequence_number(struct ldb_context *ldb) static const struct ldb_module_ops ltdb_ops = { .name = "tdb", - .search = ltdb_search_async, - .add = ltdb_add_async, - .modify = ltdb_modify_async, - .del = ltdb_delete_async, - .rename = ltdb_rename_async, + .search = ltdb_search, + .add = ltdb_add, + .modify = ltdb_modify, + .del = ltdb_delete, + .rename = ltdb_rename, .request = ltdb_request, .start_transaction = ltdb_start_trans, .end_transaction = ltdb_end_trans, diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.h b/source4/lib/ldb/ldb_tdb/ldb_tdb.h index ad9e5c10c6..0c44a80edd 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.h +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.h @@ -100,11 +100,7 @@ int ltdb_add_attr_results(struct ldb_module *module, unsigned int *count, struct ldb_message ***res); int ltdb_filter_attrs(struct ldb_message *msg, const char * const *attrs); -int ltdb_search_async(struct ldb_module *module, struct ldb_request *req); -int ltdb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, struct ldb_parse_tree *tree, - const char * const attrs[], struct ldb_result **res); - +int ltdb_search(struct ldb_module *module, struct ldb_request *req); /* The following definitions come from lib/ldb/ldb_tdb/ldb_tdb.c */ struct ldb_async_handle *init_ltdb_handle(struct ltdb_private *ltdb, struct ldb_module *module, diff --git a/source4/lib/ldb/modules/asq.c b/source4/lib/ldb/modules/asq.c index 884616abdd..005d1e41b0 100644 --- a/source4/lib/ldb/modules/asq.c +++ b/source4/lib/ldb/modules/asq.c @@ -41,152 +41,6 @@ #define ASQ_CTRL_UNWILLING_TO_PERFORM 53 #define ASQ_CTRL_AFFECTS_MULTIPLE_DSA 71 -static int build_response(struct ldb_result *res, int result) -{ - struct ldb_asq_control *asq; - int i; - - if (res->controls) { - for (i = 0; res->controls[i]; i++); - res->controls = talloc_realloc(res, res->controls, struct ldb_control *, i + 2); - } else { - i = 0; - res->controls = talloc_array(res, struct ldb_control *, 2); - } - if (res->controls == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - res->controls[i] = talloc(res->controls, struct ldb_control); - if (res->controls[i] == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - res->controls[i]->oid = LDB_CONTROL_ASQ_OID; - res->controls[i]->critical = 0; - - asq = talloc_zero(res->controls[i], struct ldb_asq_control); - if (asq == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - asq->result = result; - - res->controls[i]->data = asq; - - res->controls[i + 1] = NULL; - - return LDB_SUCCESS; -} - -/* search */ -static int asq_search_sync(struct ldb_module *module, struct ldb_control *control, struct ldb_request *req) -{ - struct ldb_asq_control *asq_ctrl; - struct ldb_request *base_req; - struct ldb_message_element *el; - struct ldb_result *res; - char **base_attrs; - int i, c, ret; - - /* pre-allocate a clean result structure */ - req->op.search.res = res = talloc_zero(req, struct ldb_result); - if (res == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - /* check the search is well formed */ - if (req->op.search.scope != LDB_SCOPE_BASE) { - return build_response(res, ASQ_CTRL_UNWILLING_TO_PERFORM); - } - - asq_ctrl = talloc_get_type(control->data, struct ldb_asq_control); - if (!asq_ctrl) { - return LDB_ERR_PROTOCOL_ERROR; - } - - /* get the object to retrieve the DNs to search */ - base_req = talloc_zero(req, struct ldb_request); - if (base_req == NULL) - return LDB_ERR_OPERATIONS_ERROR; - base_req->operation = LDB_REQ_SEARCH; - base_req->op.search.base = req->op.search.base; - base_req->op.search.scope = LDB_SCOPE_BASE; - base_req->op.search.tree = req->op.search.tree; - base_attrs = talloc_array(base_req, char *, 2); - if (base_attrs == NULL) - return LDB_ERR_OPERATIONS_ERROR; - base_attrs[0] = talloc_strdup(base_attrs, asq_ctrl->source_attribute); - if (base_attrs[0] == NULL) - return LDB_ERR_OPERATIONS_ERROR; - base_attrs[1] = NULL; - base_req->op.search.attrs = (const char * const *)base_attrs; - - ret = ldb_request(module->ldb, base_req); - - if (ret != LDB_SUCCESS) { - talloc_free(base_req); - return ret; - } - - if (base_req->op.search.res->count == 0) { - talloc_free(base_req); - return build_response(res, ASQ_CTRL_SUCCESS); - } - - /* look up the DNs */ - el = ldb_msg_find_element(base_req->op.search.res->msgs[0], - asq_ctrl->source_attribute); - /* no values found */ - if (el == NULL) { - talloc_free(base_req); - return build_response(res, ASQ_CTRL_SUCCESS); - } - - for (i = 0, c = 0; i < el->num_values; i++) { - struct ldb_request *exp_req; - - exp_req = talloc_zero(req, struct ldb_request); - if (exp_req == NULL) - return LDB_ERR_OPERATIONS_ERROR; - exp_req->operation = LDB_REQ_SEARCH; - exp_req->op.search.base = ldb_dn_explode(exp_req, (const char *)el->values[i].data); - if (exp_req->op.search.base == NULL) { - return build_response(res, ASQ_CTRL_INVALID_ATTRIBUTE_SYNTAX); - } - exp_req->op.search.scope = LDB_SCOPE_BASE; - exp_req->op.search.tree = req->op.search.tree; - exp_req->op.search.attrs = req->op.search.attrs; - - ret = ldb_request(module->ldb, exp_req); - - if (ret != LDB_SUCCESS) - return ret; - - if (exp_req->op.search.res && exp_req->op.search.res->count != 0) { - if (res->msgs == NULL) { - res->msgs = talloc_array(res, - struct ldb_message *, 2); - } else { - res->msgs = talloc_realloc(res, res->msgs, - struct ldb_message *, c + 2); - } - if (res->msgs == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - res->msgs[c] = talloc_steal(res->msgs, exp_req->op.search.res->msgs[0]); - c++; - } - - if (res->msgs) { - res->msgs[c] = NULL; - res->count = c; - } - - talloc_free(exp_req); - } - - talloc_free(base_req); - - return build_response(res, ASQ_CTRL_SUCCESS); -} - struct asq_async_context { enum {ASQ_SEARCH_BASE, ASQ_SEARCH_MULTI} step; @@ -580,28 +434,6 @@ static int asq_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait_t } } -static int asq(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_control *control; - - /* check if there's a paged request control */ - control = get_control_from_list(req->controls, LDB_CONTROL_ASQ_OID); - if (control == NULL) { - /* not found go on */ - return ldb_next_request(module, req); - } - - switch (req->operation) { - - case LDB_REQ_SEARCH: - return asq_search_sync(module, control, req); - - default: - return LDB_ERR_PROTOCOL_ERROR; - - } -} - static int asq_init(struct ldb_module *module) { struct ldb_request request; @@ -624,7 +456,6 @@ static int asq_init(struct ldb_module *module) static const struct ldb_module_ops asq_ops = { .name = "asq", .search = asq_search, - .request = asq, .async_wait = asq_async_wait, .init_context = asq_init }; diff --git a/source4/lib/ldb/modules/operational.c b/source4/lib/ldb/modules/operational.c index 084105fd85..4b1daba30f 100644 --- a/source4/lib/ldb/modules/operational.c +++ b/source4/lib/ldb/modules/operational.c @@ -170,76 +170,6 @@ failed: } /* - hook search operations -*/ -static int operational_search_bytree(struct ldb_module *module, struct ldb_request *req) -{ - int i, r, a; - int ret; - const char * const *attrs = req->op.search.attrs; - const char **search_attrs = NULL; - - req->op.search.res = NULL; - - /* replace any attributes in the parse tree that are - searchable, but are stored using a different name in the - backend */ - for (i=0;i<ARRAY_SIZE(parse_tree_sub);i++) { - ldb_parse_tree_attr_replace(req->op.search.tree, - parse_tree_sub[i].attr, - parse_tree_sub[i].replace); - } - - /* in the list of attributes we are looking for, rename any - attributes to the alias for any hidden attributes that can - be fetched directly using non-hidden names */ - for (a=0;attrs && attrs[a];a++) { - for (i=0;i<ARRAY_SIZE(search_sub);i++) { - if (ldb_attr_cmp(attrs[a], search_sub[i].attr) == 0 && - search_sub[i].replace) { - if (!search_attrs) { - search_attrs = ldb_attr_list_copy(req, attrs); - if (search_attrs == NULL) { - goto failed; - } - } - search_attrs[a] = search_sub[i].replace; - } - } - } - - /* use new set of attrs if any */ - if (search_attrs) req->op.search.attrs = search_attrs; - /* perform the search */ - ret = ldb_next_request(module, req); - /* set back saved attrs if needed */ - if (search_attrs) req->op.search.attrs = attrs; - - /* check operation result */ - if (ret != LDB_SUCCESS) { - return ret; - } - - /* for each record returned post-process to add any derived - attributes that have been asked for */ - for (r = 0; r < req->op.search.res->count; r++) { - if (operational_search_post_process(module, req->op.search.res->msgs[r], attrs) != 0) { - goto failed; - } - } - - /* all done */ - talloc_free(search_attrs); - return ret; - -failed: - talloc_free(search_attrs); - talloc_free(req->op.search.res); - ldb_oom(module->ldb); - return LDB_ERR_OTHER; -} - -/* add a time element to a record */ static int add_time_element(struct ldb_message *msg, const char *attr, time_t t) @@ -293,95 +223,6 @@ static int add_uint64_element(struct ldb_message *msg, const char *attr, uint64_ /* - hook add record ops -*/ -static int operational_add_sync(struct ldb_module *module, struct ldb_request *req) -{ - const struct ldb_message *msg = req->op.add.message; - time_t t = time(NULL); - struct ldb_message *msg2; - int ret; - - if (ldb_dn_is_special(msg->dn)) { - return ldb_next_request(module, req); - } - - /* we have to copy the message as the caller might have it as a const */ - msg2 = ldb_msg_copy_shallow(module, msg); - if (msg2 == NULL) { - return -1; - } - if (add_time_element(msg2, "whenCreated", t) != 0 || - add_time_element(msg2, "whenChanged", t) != 0) { - talloc_free(msg2); - return -1; - } - - /* see if the backend can give us the USN */ - if (module->ldb->sequence_number != NULL) { - uint64_t seq_num = module->ldb->sequence_number(module->ldb); - if (add_uint64_element(msg2, "uSNCreated", seq_num) != 0 || - add_uint64_element(msg2, "uSNChanged", seq_num) != 0) { - talloc_free(msg2); - return -1; - } - } - - /* use the new structure for the call chain below this point */ - req->op.add.message = msg2; - /* go on with the call chain */ - ret = ldb_next_request(module, req); - /* put back saved message */ - req->op.add.message = msg; - /* free temproary compy */ - talloc_free(msg2); - return ret; -} - -/* - hook modify record ops -*/ -static int operational_modify_sync(struct ldb_module *module, struct ldb_request *req) -{ - const struct ldb_message *msg = req->op.mod.message; - time_t t = time(NULL); - struct ldb_message *msg2; - int ret; - - if (ldb_dn_is_special(msg->dn)) { - return ldb_next_request(module, req); - } - - /* we have to copy the message as the caller might have it as a const */ - msg2 = ldb_msg_copy_shallow(module, msg); - if (msg2 == NULL) { - return -1; - } - if (add_time_element(msg2, "whenChanged", t) != 0) { - talloc_free(msg2); - return -1; - } - - /* update the records USN if possible */ - if (module->ldb->sequence_number != NULL && - add_uint64_element(msg2, "uSNChanged", - module->ldb->sequence_number(module->ldb)) != 0) { - talloc_free(msg2); - return -1; - } - - /* use the new structure for the call chain below this point */ - req->op.mod.message = msg2; - /* go on with the call chain */ - ret = ldb_next_request(module, req); - /* put back saved message */ - req->op.mod.message = msg; - /* free temproary compy */ - talloc_free(msg2); - return ret; -} - -/* hook search operations */ @@ -607,26 +448,6 @@ static int operational_modify(struct ldb_module *module, struct ldb_request *req return ret; } - -static int operational_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_SEARCH: - return operational_search_bytree(module, req); - - case LDB_REQ_ADD: - return operational_add_sync(module, req); - - case LDB_REQ_MODIFY: - return operational_modify_sync(module, req); - - default: - return ldb_next_request(module, req); - - } -} - static int operational_init(struct ldb_module *ctx) { /* setup some standard attribute handlers */ @@ -643,7 +464,6 @@ static const struct ldb_module_ops operational_ops = { .search = operational_search, .add = operational_add, .modify = operational_modify, - .request = operational_request, .init_context = operational_init }; diff --git a/source4/lib/ldb/modules/paged_results.c b/source4/lib/ldb/modules/paged_results.c index 71b99184a1..6d864375c6 100644 --- a/source4/lib/ldb/modules/paged_results.c +++ b/source4/lib/ldb/modules/paged_results.c @@ -122,135 +122,6 @@ static struct results_store *new_store(struct private_data *priv) return new; } -/* search */ -static int paged_search_sync(struct ldb_module *module, struct ldb_control *control, struct ldb_request *req) -{ - struct private_data *private_data = talloc_get_type(module->private_data, struct private_data); - struct results_store *current = NULL; - struct ldb_result *paged_result; - struct ldb_control **saved_controls; - struct ldb_paged_control *paged_ctrl; - struct ldb_paged_control *paged_ret; - int i, ret; - - paged_ctrl = talloc_get_type(control->data, struct ldb_paged_control); - if (!paged_ctrl) { - return LDB_ERR_PROTOCOL_ERROR; - } - - /* check if it is a continuation search the store */ - if (paged_ctrl->cookie_len != 0) { - for (current = private_data->store; current; current = current->next) { - if (strcmp(current->cookie, paged_ctrl->cookie) == 0) { - current->timestamp = time(NULL); - break; - } - } - if (current == NULL) { - return LDB_ERR_UNWILLING_TO_PERFORM; - } - } - - /* is this a brand new paged request ? */ - if (current == NULL) { - - /* save controls list and remove this one from the list */ - if (!save_controls(control, req, &saved_controls)) { - return LDB_ERR_OTHER; - } - - /* perform the search */ - ret = ldb_next_request(module, req); - - /* restore original controls list */ - if (req->controls) talloc_free(req->controls); - req->controls = saved_controls; - - if (ret != LDB_SUCCESS) { - return ret; - } - - /* create a new entry in the cache */ - current = new_store(private_data); - if (!current) { - return LDB_ERR_OTHER; - } - - /* steal the search result */ - current->result = talloc_steal(current, req->op.search.res); - req->op.search.res = NULL; - } - - /* create a container for the next batch of results */ - paged_result = talloc(current, struct ldb_result); - if (!paged_result) { - return LDB_ERR_OTHER; - } - paged_result->count = 0; - paged_result->msgs = NULL; - paged_result->controls = NULL; - - /* check if it is an abandon */ - if (paged_ctrl->size == 0) { - req->op.search.res = talloc_steal(private_data, paged_result); - talloc_free(current); - return LDB_SUCCESS; - } - - /* return a batch of results */ - - paged_result->controls = talloc_array(paged_result, struct ldb_control *, 2); - if (!paged_result->controls) { - talloc_free(paged_result); - return LDB_ERR_OTHER; - } - - paged_result->controls[0] = talloc(paged_result->controls, struct ldb_control); - if (!paged_result->controls[0]) { - talloc_free(paged_result); - return LDB_ERR_OTHER; - } - paged_result->controls[0]->oid = talloc_strdup(paged_result->controls[0], LDB_CONTROL_PAGED_RESULTS_OID); - paged_result->controls[0]->critical = 0; - paged_result->controls[1] = NULL; - - paged_ret = talloc(paged_result->controls[0], struct ldb_paged_control); - if (!paged_ret) { - talloc_free(paged_result); - return LDB_ERR_OTHER; - } - paged_result->controls[0]->data = paged_ret; - - if (paged_ctrl->size >= current->result->count) { - paged_ret->size = 0; - paged_ret->cookie = NULL; - paged_ret->cookie_len = 0; - paged_result->count = current->result->count; - current->result->count = 0; - } else { - paged_ret->size = current->result->count; - paged_ret->cookie = talloc_strdup(paged_ret, current->cookie); - paged_ret->cookie_len = strlen(paged_ret->cookie) + 1; - paged_result->count = paged_ctrl->size; - current->result->count -= paged_ctrl->size; - } - - paged_result->msgs = talloc_array(paged_result, struct ldb_message *, paged_result->count + 1); - if (!paged_result->msgs) { - talloc_free(paged_result); - return LDB_ERR_OTHER; - } - for (i = 0; i < paged_result->count; i++) { - paged_result->msgs[i] = talloc_steal(paged_result->msgs, current->result->msgs[current->num_sent + i]); - } - current->num_sent += paged_result->count; - paged_result->msgs[paged_result->count] = NULL; - - req->op.search.res = paged_result; - - return LDB_SUCCESS; -} - struct paged_async_context { struct ldb_module *module; void *up_context; @@ -654,28 +525,6 @@ static int paged_async_wait(struct ldb_async_handle *handle, enum ldb_async_wait return ret; } -static int paged_request(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_control *control; - - /* check if there's a paged request control */ - control = get_control_from_list(req->controls, LDB_CONTROL_PAGED_RESULTS_OID); - if (control == NULL) { - /* not found go on */ - return ldb_next_request(module, req); - } - - switch (req->operation) { - - case LDB_REQ_SEARCH: - return paged_search_sync(module, control, req); - - default: - return LDB_ERR_PROTOCOL_ERROR; - - } -} - static int paged_request_init(struct ldb_module *module) { struct private_data *data; @@ -714,7 +563,6 @@ static int paged_request_init(struct ldb_module *module) static const struct ldb_module_ops paged_ops = { .name = "paged_results", .search = paged_search, - .request = paged_request, .async_wait = paged_async_wait, .init_context = paged_request_init }; diff --git a/source4/lib/ldb/modules/rdn_name.c b/source4/lib/ldb/modules/rdn_name.c index 2004002e38..059e7843cd 100644 --- a/source4/lib/ldb/modules/rdn_name.c +++ b/source4/lib/ldb/modules/rdn_name.c @@ -53,85 +53,6 @@ static struct ldb_message_element *rdn_name_find_attribute(const struct ldb_mess return NULL; } -static int rdn_name_add_sync(struct ldb_module *module, struct ldb_request *req) -{ - const struct ldb_message *msg = req->op.add.message; - struct ldb_message *msg2; - struct ldb_message_element *attribute; - struct ldb_dn_component *rdn; - int i, ret; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_add_record\n"); - - /* do not manipulate our control entries */ - if (ldb_dn_is_special(msg->dn)) { - return ldb_next_request(module, req); - } - - msg2 = talloc(module, struct ldb_message); - if (!msg2) { - return -1; - } - - msg2->dn = msg->dn; - msg2->num_elements = msg->num_elements; - msg2->private_data = msg->private_data; - msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements); - for (i = 0; i < msg2->num_elements; i++) { - msg2->elements[i] = msg->elements[i]; - } - - rdn = ldb_dn_get_rdn(msg2, msg2->dn); - if (!rdn) { - talloc_free(msg2); - return -1; - } - - /* Perhaps someone above us tried to set this? */ - if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) { - attribute->num_values = 0; - } - - if (ldb_msg_add_value(msg2, "name", &rdn->value) != 0) { - talloc_free(msg2); - return -1; - } - - attribute = rdn_name_find_attribute(msg2, rdn->name); - - if (!attribute) { - if (ldb_msg_add_value(msg2, rdn->name, &rdn->value) != 0) { - talloc_free(msg2); - return -1; - } - } else { - const struct ldb_attrib_handler *handler - = ldb_attrib_handler(module->ldb, rdn->name); - for (i=0; i < attribute->num_values; i++) { - if (handler->comparison_fn(module->ldb, msg2, &rdn->value, &attribute->values[i]) == 0) { - /* overwrite so it matches in case */ - attribute->values[i] = rdn->value; - break; - } - } - if (i == attribute->num_values) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, - "RDN mismatch on %s: %s", - ldb_dn_linearize(msg2, msg2->dn), rdn->name); - talloc_free(msg2); - return -1; - } - } - - req->op.add.message = msg2; - ret = ldb_next_request(module, req); - req->op.add.message = msg; - - talloc_free(msg2); - - return ret; -} - static int rdn_name_add(struct ldb_module *module, struct ldb_request *req) { struct ldb_request *down_req; @@ -402,24 +323,10 @@ static int rdn_name_async_wait(struct ldb_async_handle *handle, enum ldb_async_w } } -static int rdn_name_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - - case LDB_REQ_ADD: - return rdn_name_add_sync(module, req); - - default: - return ldb_next_request(module, req); - - } -} - static const struct ldb_module_ops rdn_name_ops = { .name = "rdn_name", .add = rdn_name_add, .rename = rdn_name_rename, - .request = rdn_name_request, .async_wait = rdn_name_async_wait }; diff --git a/source4/lib/ldb/modules/sort.c b/source4/lib/ldb/modules/sort.c index 6905417e95..2f9d7dfc96 100644 --- a/source4/lib/ldb/modules/sort.c +++ b/source4/lib/ldb/modules/sort.c @@ -196,91 +196,7 @@ static int sort_compare_async(struct ldb_message **msg1, struct ldb_message **ms return ac->h->comparison_fn(ac->module->ldb, ac, &el1->values[0], &el2->values[0]); } -/* search */ -static int server_sort_search(struct ldb_module *module, struct ldb_control *control, struct ldb_request *req) -{ - struct ldb_result *sort_result = NULL; - struct ldb_control **saved_controls; - struct ldb_server_sort_control **sort_ctrls; - int ret, result = 0; - int do_sort = 1; - - sort_ctrls = talloc_get_type(control->data, struct ldb_server_sort_control *); - if (!sort_ctrls) { - return LDB_ERR_PROTOCOL_ERROR; - } - - /* FIXME: we do not support more than one attribute for sorting right now */ - /* FIXME: we need to check if the attribute type exist or return an error */ - if (sort_ctrls[1] != NULL) - do_sort = 0; - - if (!do_sort && control->critical) { - sort_result = talloc_zero(req, struct ldb_result); - if (!sort_result) - return LDB_ERR_OPERATIONS_ERROR; - - req->op.search.res = sort_result; - - /* 53 = unwilling to perform */ - if ((ret = build_response(sort_result, &sort_result->controls, 53, "sort control is not complete yet")) != LDB_SUCCESS) { - return ret; - } - - return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION; - } - - /* save it locally and remove it from the list */ - if (!save_controls(control, req, &saved_controls)) { - return LDB_ERR_OPERATIONS_ERROR; - } - - ret = ldb_next_request(module, req); - - if (req->controls) talloc_free(req->controls); - req->controls = saved_controls; - - if (ret != LDB_SUCCESS) { - return ret; - } - - sort_result = req->op.search.res; - - /* SORT HERE */ - if (do_sort) { - struct opaque *data; - - data = talloc(module, struct opaque); - if (!data) - return LDB_ERR_OPERATIONS_ERROR; - - data->attribute = sort_ctrls[0]->attributeName; - data->reverse = sort_ctrls[0]->reverse; - data->ldb = module->ldb; - data->h = ldb_attrib_handler(data->ldb, data->attribute); - data->result = 0; - - ldb_qsort(sort_result->msgs, - sort_result->count, - sizeof(struct ldb_message *), - data, - (ldb_qsort_cmp_fn_t)sort_compare); - - result = data->result; - - talloc_free(data); - } else { - result = 53; - } - - if ((ret = build_response(sort_result, &sort_result->controls, result, "sort control is not complete yet")) != LDB_SUCCESS) { - return ret; - } - - return LDB_SUCCESS; -} - -static int server_sort_search_async_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) +static int server_sort_search_callback(struct ldb_context *ldb, void *context, struct ldb_async_result *ares) { struct sort_async_context *ac = NULL; @@ -340,7 +256,7 @@ error: return LDB_ERR_OPERATIONS_ERROR; } -static int server_sort_search_async(struct ldb_module *module, struct ldb_request *req) +static int server_sort_search(struct ldb_module *module, struct ldb_request *req) { struct ldb_control *control; struct ldb_server_sort_control **sort_ctrls; @@ -425,7 +341,7 @@ static int server_sort_search_async(struct ldb_module *module, struct ldb_reques } ac->req->async.context = ac; - ac->req->async.callback = server_sort_search_async_callback; + ac->req->async.callback = server_sort_search_callback; ac->req->async.timeout = req->async.timeout; req->async.handle = h; @@ -433,7 +349,7 @@ static int server_sort_search_async(struct ldb_module *module, struct ldb_reques return ldb_next_request(module, ac->req); } -static int server_sort_async_results(struct ldb_async_handle *handle) +static int server_sort_results(struct ldb_async_handle *handle) { struct sort_async_context *ac; struct ldb_async_result *ares; @@ -527,34 +443,12 @@ static int server_sort_async_wait(struct ldb_async_handle *handle, enum ldb_asyn } if (handle->state == LDB_ASYNC_DONE) { - ret = server_sort_async_results(handle); + ret = server_sort_results(handle); } return ret; } -static int server_sort(struct ldb_module *module, struct ldb_request *req) -{ - struct ldb_control *control; - - /* check if there's a paged request control */ - control = get_control_from_list(req->controls, LDB_CONTROL_SERVER_SORT_OID); - if (control == NULL) { - /* not found go on */ - return ldb_next_request(module, req); - } - - switch (req->operation) { - - case LDB_REQ_SEARCH: - return server_sort_search(module, control, req); - - default: - return LDB_ERR_PROTOCOL_ERROR; - - } -} - static int server_sort_init(struct ldb_module *module) { struct ldb_request *req; @@ -582,8 +476,7 @@ static int server_sort_init(struct ldb_module *module) static const struct ldb_module_ops server_sort_ops = { .name = "server_sort", - .search = server_sort_search_async, - .request = server_sort, + .search = server_sort_search, .async_wait = server_sort_async_wait, .init_context = server_sort_init }; diff --git a/source4/nbt_server/wins/wins_ldb.c b/source4/nbt_server/wins/wins_ldb.c index 5c45a64413..1926977092 100644 --- a/source4/nbt_server/wins/wins_ldb.c +++ b/source4/nbt_server/wins/wins_ldb.c @@ -45,12 +45,10 @@ static int wins_ldb_verify(struct ldb_module *module, struct ldb_request *req) char *error = NULL; switch (req->operation) { - case LDB_REQ_ADD: case LDB_ASYNC_ADD: msg = req->op.add.message; break; - case LDB_REQ_MODIFY: case LDB_ASYNC_MODIFY: msg = req->op.mod.message; break; @@ -86,18 +84,6 @@ static int wins_ldb_verify(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OTHER; } -static int wins_ldb_request(struct ldb_module *module, struct ldb_request *req) -{ - switch (req->operation) { - case LDB_REQ_ADD: - case LDB_REQ_MODIFY: - return wins_ldb_verify(module, req); - default: - return ldb_next_request(module, req); - } -} - - static int wins_ldb_init(struct ldb_module *ctx) { struct winsdb_handle *h; @@ -131,7 +117,6 @@ static const struct ldb_module_ops wins_ldb_ops = { .name = "wins_ldb", .add = wins_ldb_verify, .modify = wins_ldb_verify, - .request = wins_ldb_request, .init_context = wins_ldb_init }; diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif index 6698b27e33..e91d4db630 100644 --- a/source4/setup/provision_init.ldif +++ b/source4/setup/provision_init.ldif @@ -85,5 +85,5 @@ vendorVersion: ${VERSION} # - samldb must be before password_hash, because password_hash checks that the objectclass is of type person (filled in by samldb) dn: @MODULES -@LIST: rootdse,kludge_acl,paged_results,server_sort,extended_dn,asq,samldb,password_hash,operational,objectguid,rdn_name,objectclass +@LIST: rootdse,kludge_acl,paged_results,server_sort,extended_dn,asq,samldb,password_hash,operational,objectguid,rdn_name |