diff options
Diffstat (limited to 'source4')
25 files changed, 335 insertions, 235 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 00dc565504..2db4de58b2 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -107,7 +107,7 @@ static int acl_module_init(struct ldb_module *module) ret = dsdb_module_search_dn(module, mem_ctx, &res, ldb_dn_new(mem_ctx, ldb, "@KLUDGEACL"), attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, NULL); if (ret != LDB_SUCCESS) { goto done; } @@ -591,7 +591,7 @@ static int acl_check_spn(TALLOC_CTX *mem_ctx, &acl_res, req->op.mod.message->dn, acl_attrs, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_DELETED); + DSDB_SEARCH_SHOW_DELETED, req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -606,6 +606,7 @@ static int acl_check_spn(TALLOC_CTX *mem_ctx, LDB_SCOPE_ONELEVEL, netbios_attrs, DSDB_FLAG_NEXT_MODULE, + req, "(ncName=%s)", ldb_dn_get_linearized(ldb_get_default_basedn(ldb))); @@ -686,7 +687,7 @@ static int acl_add(struct ldb_module *module, struct ldb_request *req) guid = class_schemaid_guid_by_lDAPDisplayName(schema, (char *)oc_el->values[oc_el->num_values-1].data); - ret = dsdb_module_check_access_on_dn(module, req, parent, SEC_ADS_CREATE_CHILD, guid); + ret = dsdb_module_check_access_on_dn(module, req, parent, SEC_ADS_CREATE_CHILD, guid, req); if (ret != LDB_SUCCESS) { return ret; } @@ -850,7 +851,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) struct security_descriptor *sd; struct dom_sid *sid = NULL; struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID); - bool userPassword = dsdb_user_password_support(module, req); + bool userPassword = dsdb_user_password_support(module, req, req); TALLOC_CTX *tmp_ctx = talloc_new(req); static const char *acl_attrs[] = { "nTSecurityDescriptor", @@ -876,7 +877,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) } ret = dsdb_module_search_dn(module, tmp_ctx, &acl_res, req->op.mod.message->dn, acl_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, req); if (ret != LDB_SUCCESS) { goto fail; @@ -1075,7 +1076,7 @@ static int acl_delete(struct ldb_module *module, struct ldb_request *req) /* First check if we have delete object right */ ret = dsdb_module_check_access_on_dn(module, req, req->op.del.dn, - SEC_STD_DELETE, NULL); + SEC_STD_DELETE, NULL, req); if (ret == LDB_SUCCESS) { return ldb_next_request(module, req); } @@ -1083,7 +1084,7 @@ static int acl_delete(struct ldb_module *module, struct ldb_request *req) /* Nope, we don't have delete object. Lets check if we have delete * child on the parent */ ret = dsdb_module_check_access_on_dn(module, req, parent, - SEC_ADS_DELETE_CHILD, NULL); + SEC_ADS_DELETE_CHILD, NULL, req); if (ret != LDB_SUCCESS) { return ret; } @@ -1151,7 +1152,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) ret = dsdb_module_search_dn(module, tmp_ctx, &acl_res, req->op.rename.olddn, acl_attrs, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, req); /* we sould be able to find the parent */ if (ret != LDB_SUCCESS) { DEBUG(10,("acl: failed to find object %s\n", @@ -1240,7 +1241,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) return ldb_module_done(req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } - ret = dsdb_module_check_access_on_dn(module, req, newparent, SEC_ADS_CREATE_CHILD, guid); + ret = dsdb_module_check_access_on_dn(module, req, newparent, SEC_ADS_CREATE_CHILD, guid, req); if (ret != LDB_SUCCESS) { DEBUG(10,("acl:access_denied renaming %s", ldb_dn_get_linearized(req->op.rename.olddn))); talloc_free(tmp_ctx); @@ -1259,7 +1260,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } /* what about delete child on the current parent */ - ret = dsdb_module_check_access_on_dn(module, req, oldparent, SEC_ADS_DELETE_CHILD, NULL); + ret = dsdb_module_check_access_on_dn(module, req, oldparent, SEC_ADS_DELETE_CHILD, NULL, req); if (ret != LDB_SUCCESS) { DEBUG(10,("acl:access_denied renaming %s", ldb_dn_get_linearized(req->op.rename.olddn))); talloc_free(tmp_ctx); @@ -1308,7 +1309,7 @@ static int acl_search_callback(struct ldb_request *req, struct ldb_reply *ares) || ac->sDRightsEffective) { ret = dsdb_module_search_dn(ac->module, ac, &acl_res, ares->message->dn, acl_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, req); if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); } @@ -1390,7 +1391,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req) ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses"); ac->allowedChildClassesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedChildClassesEffective"); ac->sDRightsEffective = ldb_attr_in_list(req->op.search.attrs, "sDRightsEffective"); - ac->userPassword = dsdb_user_password_support(module, ac); + ac->userPassword = dsdb_user_password_support(module, ac, req); ac->schema = dsdb_get_schema(ldb, ac); /* replace any attributes in the parse tree that are private, diff --git a/source4/dsdb/samdb/ldb_modules/acl_read.c b/source4/dsdb/samdb/ldb_modules/acl_read.c index 27cc1e79cf..4ed057cf63 100644 --- a/source4/dsdb/samdb/ldb_modules/acl_read.c +++ b/source4/dsdb/samdb/ldb_modules/acl_read.c @@ -105,7 +105,7 @@ static int aclread_callback(struct ldb_request *req, struct ldb_reply *ares) tmp_ctx, parent_dn, SEC_ADS_LIST, - NULL); + NULL, req); if (ret == LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS) { talloc_free(tmp_ctx); return LDB_SUCCESS; @@ -253,7 +253,7 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req) ret = dsdb_module_search_dn(module, req, &res, req->op.search.base, acl_attrs, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_DELETED); + DSDB_SEARCH_SHOW_DELETED, req); if (ret != LDB_SUCCESS) { return ldb_error(ldb, ret, "acl_read: Error retrieving instanceType for base."); @@ -268,7 +268,7 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req) req, parent_dn, SEC_ADS_LIST, - NULL); + NULL, req); if (ret == LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS) { return ldb_module_done(req, NULL, NULL, LDB_ERR_NO_SUCH_OBJECT); } else if (ret != LDB_SUCCESS) { diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c index 1fb8b9a475..a7bc331f8e 100644 --- a/source4/dsdb/samdb/ldb_modules/acl_util.c +++ b/source4/dsdb/samdb/ldb_modules/acl_util.c @@ -55,7 +55,8 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *dn, uint32_t access_mask, - const struct GUID *guid) + const struct GUID *guid, + struct ldb_request *parent) { int ret; struct ldb_result *acl_res; @@ -73,7 +74,8 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module, ret = dsdb_module_search_dn(module, mem_ctx, &acl_res, dn, acl_attrs, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, + parent); if (ret != LDB_SUCCESS) { DEBUG(0,("access_check: failed to find object %s\n", ldb_dn_get_linearized(dn))); return ret; @@ -90,7 +92,8 @@ int dsdb_module_check_access_on_guid(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct GUID *guid, uint32_t access_mask, - const struct GUID *oc_guid) + const struct GUID *oc_guid, + struct ldb_request *parent) { int ret; struct ldb_result *acl_res; @@ -109,6 +112,7 @@ int dsdb_module_check_access_on_guid(struct ldb_module *module, acl_attrs, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_RECYCLED, + parent, "objectGUID=%s", GUID_string(mem_ctx, guid)); if (ret != LDB_SUCCESS || acl_res->count == 0) { diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c index 0ea91ba600..dfbfdf6dec 100644 --- a/source4/dsdb/samdb/ldb_modules/descriptor.c +++ b/source4/dsdb/samdb/ldb_modules/descriptor.c @@ -572,7 +572,7 @@ static int descriptor_do_mod(struct descriptor_context *ac) return ldb_operr(ldb); } - objectclass = get_last_structural_class(schema, objectclass_element); + objectclass = get_last_structural_class(schema, objectclass_element, ac->req); if (objectclass == NULL) { return ldb_operr(ldb); } @@ -667,7 +667,7 @@ static int descriptor_do_add(struct descriptor_context *ac) } objectclass = get_last_structural_class(schema, - objectclass_element); + objectclass_element, ac->req); if (objectclass == NULL) { return ldb_operr(ldb); } diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index ebbc7c609c..324faa2c2a 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -594,7 +594,8 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques static int linked_attributes_fix_links(struct ldb_module *module, struct ldb_dn *old_dn, struct ldb_dn *new_dn, struct ldb_message_element *el, struct dsdb_schema *schema, - const struct dsdb_attribute *schema_attr) + const struct dsdb_attribute *schema_attr, + struct ldb_request *parent) { unsigned int i, j; TALLOC_CTX *tmp_ctx = talloc_new(module); @@ -629,7 +630,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | - DSDB_SEARCH_REVEAL_INTERNALS); + DSDB_SEARCH_REVEAL_INTERNALS, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Linked attribute %s->%s between %s and %s - remote not found - %s", el->name, target->lDAPDisplayName, @@ -690,7 +691,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, disable checking for this attribute */ el2->flags |= LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Linked attribute %s->%s between %s and %s - update failed - %s", el->name, target->lDAPDisplayName, @@ -725,7 +726,7 @@ static int linked_attributes_rename(struct ldb_module *module, struct ldb_reques ret = dsdb_module_search_dn(module, req, &res, req->op.rename.olddn, NULL, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, req); if (ret != LDB_SUCCESS) { return ret; } @@ -745,7 +746,7 @@ static int linked_attributes_rename(struct ldb_module *module, struct ldb_reques continue; } ret = linked_attributes_fix_links(module, msg->dn, req->op.rename.newdn, el, - schema, schema_attr); + schema, schema_attr, req); if (ret != LDB_SUCCESS) { talloc_free(res); return ret; @@ -986,7 +987,7 @@ static int la_do_op_request(struct ldb_module *module, struct la_context *ac, st ldb_ldif_message_string(ldb, op, LDB_CHANGETYPE_MODIFY, new_msg))); } - ret = dsdb_module_modify(module, new_msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, new_msg, DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { ldb_debug(ldb, LDB_DEBUG_WARNING, "Failed to apply linked attribute change '%s'\n%s\n", ldb_errstring(ldb), diff --git a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c index b309035fa1..f59919ca1a 100644 --- a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c @@ -67,7 +67,7 @@ static int naming_fsmo_init(struct ldb_module *module) ret = dsdb_module_search_dn(module, mem_ctx, &naming_res, naming_dn, naming_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { ldb_debug(ldb, LDB_DEBUG_TRACE, "naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details)"); diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index 48813e5ac0..b72b9bb8e7 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -613,7 +613,7 @@ static int objectclass_do_add(struct oc_context *ac) /* Make sure its valid to add an object of this type */ objectclass = get_last_structural_class(ac->schema, - objectclass_element); + objectclass_element, ac->req); if(objectclass == NULL) { ldb_asprintf_errstring(ldb, "Failed to find a structural class for %s", @@ -1039,7 +1039,7 @@ static int objectclass_do_mod(struct oc_context *ac) } objectclass = get_last_structural_class(ac->schema, - oc_el_change); + oc_el_change, ac->req); if (objectclass != NULL) { ldb_asprintf_errstring(ldb, "objectclass: cannot add a new top-most structural objectclass '%s'!", @@ -1075,7 +1075,7 @@ static int objectclass_do_mod(struct oc_context *ac) case LDB_FLAG_MOD_DELETE: /* get the actual top-most structural objectclass */ objectclass = get_last_structural_class(ac->schema, - oc_el_entry); + oc_el_entry, ac->req); if (objectclass == NULL) { /* no structural objectclass? */ talloc_free(mem_ctx); @@ -1352,7 +1352,7 @@ static int objectclass_do_rename2(struct oc_context *ac) /* existing entry without a valid object class? */ return ldb_operr(ldb); } - objectclass = get_last_structural_class(ac->schema, oc_el_entry); + objectclass = get_last_structural_class(ac->schema, oc_el_entry, ac->req); if (objectclass == NULL) { /* existing entry without a valid object class? */ return ldb_operr(ldb); diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c index a1b5a2e94b..ae61089198 100644 --- a/source4/dsdb/samdb/ldb_modules/operational.c +++ b/source4/dsdb/samdb/ldb_modules/operational.c @@ -89,7 +89,8 @@ struct operational_data { construct a canonical name from a message */ static int construct_canonical_name(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { char *canonicalName; canonicalName = ldb_dn_canonical_string(msg, msg->dn); @@ -103,7 +104,8 @@ static int construct_canonical_name(struct ldb_module *module, construct a primary group token for groups from a message */ static int construct_primary_group_token(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { struct ldb_context *ldb; uint32_t primary_group_token; @@ -127,7 +129,8 @@ static int construct_primary_group_token(struct ldb_module *module, construct the token groups for SAM objects from a message */ static int construct_token_groups(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { struct ldb_context *ldb = ldb_module_get_ctx(module);; TALLOC_CTX *tmp_ctx = talloc_new(msg); @@ -265,7 +268,8 @@ static int construct_token_groups(struct ldb_module *module, construct the parent GUID for an entry from a message */ static int construct_parent_guid(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { struct ldb_result *res, *parent_res; const struct ldb_val *parent_guid; @@ -279,7 +283,7 @@ static int construct_parent_guid(struct ldb_module *module, /* determine if the object is NC by instance type */ ret = dsdb_module_search_dn(module, msg, &res, msg->dn, attrs, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, parent); instanceType = ldb_msg_find_attr_as_uint(res->msgs[0], "instanceType", 0); @@ -298,7 +302,7 @@ static int construct_parent_guid(struct ldb_module *module, } ret = dsdb_module_search_dn(module, msg, &parent_res, parent_dn, attrs2, DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, parent); talloc_free(parent_dn); /* not NC, so the object should have a parent*/ @@ -330,7 +334,8 @@ static int construct_parent_guid(struct ldb_module *module, construct a subSchemaSubEntry */ static int construct_subschema_subentry(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { struct operational_data *data = talloc_get_type(ldb_module_get_private(module), struct operational_data); char *subSchemaSubEntry; @@ -394,7 +399,8 @@ static int construct_msds_isrodc_with_dn(struct ldb_module *module, static int construct_msds_isrodc_with_server_dn(struct ldb_module *module, struct ldb_message *msg, - struct ldb_dn *dn) + struct ldb_dn *dn, + struct ldb_request *parent) { struct ldb_dn *server_dn; const char *attr_obj_cat[] = { "objectCategory", NULL }; @@ -410,7 +416,7 @@ static int construct_msds_isrodc_with_server_dn(struct ldb_module *module, } ret = dsdb_module_search_dn(module, msg, &res, server_dn, attr_obj_cat, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, parent); if (ret == LDB_ERR_NO_SUCH_OBJECT) { DEBUG(4,(__location__ ": Can't get objectCategory for %s \n", ldb_dn_get_linearized(server_dn))); @@ -429,7 +435,8 @@ static int construct_msds_isrodc_with_server_dn(struct ldb_module *module, } static int construct_msds_isrodc_with_computer_dn(struct ldb_module *module, - struct ldb_message *msg) + struct ldb_message *msg, + struct ldb_request *parent) { struct ldb_context *ldb; const char *attr[] = { "serverReferenceBL", NULL }; @@ -438,7 +445,7 @@ static int construct_msds_isrodc_with_computer_dn(struct ldb_module *module, struct ldb_dn *server_dn; ret = dsdb_module_search_dn(module, msg, &res, msg->dn, attr, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, parent); if (ret == LDB_ERR_NO_SUCH_OBJECT) { DEBUG(4,(__location__ ": Can't get serverReferenceBL for %s \n", ldb_dn_get_linearized(msg->dn))); @@ -458,14 +465,15 @@ static int construct_msds_isrodc_with_computer_dn(struct ldb_module *module, ldb_dn_get_linearized(res->msgs[0]->dn))); return LDB_SUCCESS; } - return construct_msds_isrodc_with_server_dn(module, msg, server_dn); + return construct_msds_isrodc_with_server_dn(module, msg, server_dn, parent); } /* construct msDS-isRODC attr */ static int construct_msds_isrodc(struct ldb_module *module, - struct ldb_message *msg, enum ldb_scope scope) + struct ldb_message *msg, enum ldb_scope scope, + struct ldb_request *parent) { struct ldb_message_element * object_class; struct ldb_message_element * object_category; @@ -496,13 +504,13 @@ static int construct_msds_isrodc(struct ldb_module *module, * the DN of TO. Apply the previous rule for the "TO is an nTDSDSA object" case, * substituting TN for TO. */ - return construct_msds_isrodc_with_server_dn(module, msg, msg->dn); + return construct_msds_isrodc_with_server_dn(module, msg, msg->dn, parent); } if (strequal((const char*)object_class->values[i].data, "computer")) { /* Let TS be the server object named by TO!serverReferenceBL. Apply the previous * rule for the "TO is a server object" case, substituting TS for TO. */ - return construct_msds_isrodc_with_computer_dn(module, msg); + return construct_msds_isrodc_with_computer_dn(module, msg, parent); } } @@ -518,7 +526,8 @@ static int construct_msds_isrodc(struct ldb_module *module, */ static int construct_msds_keyversionnumber(struct ldb_module *module, struct ldb_message *msg, - enum ldb_scope scope) + enum ldb_scope scope, + struct ldb_request *parent) { uint32_t i; enum ndr_err_code ndr_err; @@ -605,7 +614,7 @@ static const struct { const char *attr; const char *replace; const char *extra_attr; - int (*constructor)(struct ldb_module *, struct ldb_message *, enum ldb_scope); + int (*constructor)(struct ldb_module *, struct ldb_message *, enum ldb_scope, struct ldb_request *); } search_sub[] = { { "createTimestamp", "whenCreated", NULL , NULL }, { "modifyTimestamp", "whenChanged", NULL , NULL }, @@ -657,7 +666,8 @@ static int operational_search_post_process(struct ldb_module *module, enum ldb_scope scope, const char * const *attrs_from_user, const char * const *attrs_searched_for, - struct op_controls_flags* controls_flags) + struct op_controls_flags* controls_flags, + struct ldb_request *parent) { struct ldb_context *ldb; unsigned int i, a = 0; @@ -708,7 +718,7 @@ static int operational_search_post_process(struct ldb_module *module, constructor or a simple copy */ constructed_attributes = true; if (search_sub[i].constructor != NULL) { - if (search_sub[i].constructor(module, msg, scope) != LDB_SUCCESS) { + if (search_sub[i].constructor(module, msg, scope, parent) != LDB_SUCCESS) { goto failed; } } else if (ldb_msg_copy_attr(msg, @@ -784,7 +794,7 @@ static int operational_callback(struct ldb_request *req, struct ldb_reply *ares) ac->scope, ac->attrs, req->op.search.attrs, - ac->controls_flags); + ac->controls_flags, req); if (ret != 0) { return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index 244b67950f..613cfa3a11 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -469,7 +469,7 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) int ret; bool domain_scope = false, phantom_root = false; - ret = partition_reload_if_required(module, data); + ret = partition_reload_if_required(module, data, req); if (ret != LDB_SUCCESS) { return ret; } @@ -724,7 +724,7 @@ static int partition_start_trans(struct ldb_module *module) return ret; } - ret = partition_reload_if_required(module, data); + ret = partition_reload_if_required(module, data, NULL); if (ret != LDB_SUCCESS) { return ret; } @@ -1169,7 +1169,7 @@ static int partition_extended(struct ldb_module *module, struct ldb_request *req return ldb_next_request(module, req); } - ret = partition_reload_if_required(module, data); + ret = partition_reload_if_required(module, data, req); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/partition_init.c b/source4/dsdb/samdb/ldb_modules/partition_init.c index eb67cd3e30..97fc670761 100644 --- a/source4/dsdb/samdb/ldb_modules/partition_init.c +++ b/source4/dsdb/samdb/ldb_modules/partition_init.c @@ -130,7 +130,9 @@ static int partition_load_modules(struct ldb_context *ldb, return LDB_SUCCESS; } -static int partition_reload_metadata(struct ldb_module *module, struct partition_private_data *data, TALLOC_CTX *mem_ctx, struct ldb_message **_msg) +static int partition_reload_metadata(struct ldb_module *module, struct partition_private_data *data, + TALLOC_CTX *mem_ctx, struct ldb_message **_msg, + struct ldb_request *parent) { int ret; struct ldb_message *msg, *module_msg; @@ -141,7 +143,7 @@ static int partition_reload_metadata(struct ldb_module *module, struct partition ret = dsdb_module_search_dn(module, mem_ctx, &res, ldb_dn_new(mem_ctx, ldb, DSDB_PARTITION_DN), attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { return ret; } @@ -372,7 +374,8 @@ static int add_partition_to_data(struct ldb_context *ldb, struct partition_priva } int partition_reload_if_required(struct ldb_module *module, - struct partition_private_data *data) + struct partition_private_data *data, + struct ldb_request *parent) { uint64_t seq; int ret; @@ -402,7 +405,7 @@ int partition_reload_if_required(struct ldb_module *module, return LDB_SUCCESS; } - ret = partition_reload_metadata(module, data, mem_ctx, &msg); + ret = partition_reload_metadata(module, data, mem_ctx, &msg, parent); if (ret != LDB_SUCCESS) { talloc_free(mem_ctx); return ret; @@ -505,7 +508,7 @@ int partition_reload_if_required(struct ldb_module *module, /* Get the 'correct' case of the partition DNs from the database */ ret = dsdb_module_search_dn(partition->module, data, &dn_res, dn, no_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, parent); if (ret == LDB_SUCCESS) { talloc_free(partition->ctrl->dn); partition->ctrl->dn = talloc_steal(partition->ctrl, dn_res->msgs[0]->dn); @@ -547,7 +550,7 @@ static int new_partition_set_replicated_metadata(struct ldb_context *ldb, ret = dsdb_module_search_dn(module, last_req, &replicate_res, data->replicate[i], NULL, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { continue; } @@ -826,7 +829,7 @@ int partition_init(struct ldb_module *module) struct ldb_message); /* This loads the partitions */ - ret = partition_reload_if_required(module, data); + ret = partition_reload_if_required(module, data, NULL); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 75df54be29..ea51001365 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -2693,7 +2693,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) *ntAttr, *lmAttr; int ret; struct ldb_control *bypass = NULL; - bool userPassword = dsdb_user_password_support(module, req); + bool userPassword = dsdb_user_password_support(module, req, req); ldb = ldb_module_get_ctx(module); @@ -2892,7 +2892,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r struct ldb_request *down_req; int ret; struct ldb_control *bypass = NULL; - bool userPassword = dsdb_user_password_support(module, req); + bool userPassword = dsdb_user_password_support(module, req, req); ldb = ldb_module_get_ctx(module); diff --git a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c index 5c7d400497..68f181581c 100644 --- a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c @@ -66,7 +66,7 @@ static int pdc_fsmo_init(struct ldb_module *module) ret = dsdb_module_search_dn(module, mem_ctx, &pdc_res, pdc_dn, pdc_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { ldb_debug(ldb, LDB_DEBUG_TRACE, "pdc_fsmo_init: no domain object present: (skip loading of domain details)"); diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 28aef32d07..2cc52b9918 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -195,7 +195,7 @@ struct la_backlink { process a backlinks we accumulated during a transaction, adding and deleting the backlinks from the target objects */ -static int replmd_process_backlink(struct ldb_module *module, struct la_backlink *bl) +static int replmd_process_backlink(struct ldb_module *module, struct la_backlink *bl, struct ldb_request *parent) { struct ldb_dn *target_dn, *source_dn; int ret; @@ -210,14 +210,14 @@ static int replmd_process_backlink(struct ldb_module *module, struct la_backlink - construct ldb_message - either an add or a delete */ - ret = dsdb_module_dn_by_guid(module, tmp_ctx, &bl->target_guid, &target_dn); + ret = dsdb_module_dn_by_guid(module, tmp_ctx, &bl->target_guid, &target_dn, parent); if (ret != LDB_SUCCESS) { DEBUG(2,(__location__ ": WARNING: Failed to find target DN for linked attribute with GUID %s\n", GUID_string(bl, &bl->target_guid))); return LDB_SUCCESS; } - ret = dsdb_module_dn_by_guid(module, tmp_ctx, &bl->forward_guid, &source_dn); + ret = dsdb_module_dn_by_guid(module, tmp_ctx, &bl->forward_guid, &source_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find source DN for linked attribute with GUID %s\n", GUID_string(bl, &bl->forward_guid)); @@ -247,7 +247,7 @@ static int replmd_process_backlink(struct ldb_module *module, struct la_backlink } msg->elements[0].flags = bl->active?LDB_FLAG_MOD_ADD:LDB_FLAG_MOD_DELETE; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to %s backlink from %s to %s - %s", bl->active?"add":"remove", @@ -335,7 +335,7 @@ static int replmd_add_backlink(struct ldb_module *module, const struct dsdb_sche /* the caller may ask for this backlink to be processed immediately */ if (immediate) { - int ret = replmd_process_backlink(module, bl); + int ret = replmd_process_backlink(module, bl, NULL); talloc_free(bl); return ret; } @@ -448,7 +448,7 @@ static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares) * update a @REPLCHANGED record in each partition if there have been * any writes of replicated data in the partition */ -static int replmd_notify_store(struct ldb_module *module) +static int replmd_notify_store(struct ldb_module *module, struct ldb_request *parent) { struct replmd_private *replmd_private = talloc_get_type(ldb_module_get_private(module), struct replmd_private); @@ -459,7 +459,7 @@ static int replmd_notify_store(struct ldb_module *module) ret = dsdb_module_save_partition_usn(module, modified_partition->dn, modified_partition->mod_usn, - modified_partition->mod_usn_urgent); + modified_partition->mod_usn_urgent, parent); if (ret != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to save partition uSN for %s\n", ldb_dn_get_linearized(modified_partition->dn))); @@ -663,7 +663,7 @@ static int replmd_build_la_val(TALLOC_CTX *mem_ctx, struct ldb_val *v, struct ds */ static int replmd_add_fix_la(struct ldb_module *module, struct ldb_message_element *el, uint64_t seq_num, const struct GUID *invocationId, time_t t, - struct GUID *guid, const struct dsdb_attribute *sa) + struct GUID *guid, const struct dsdb_attribute *sa, struct ldb_request *parent) { unsigned int i; TALLOC_CTX *tmp_ctx = talloc_new(el->values); @@ -686,7 +686,7 @@ static int replmd_add_fix_la(struct ldb_module *module, struct ldb_message_eleme components from the extended_dn_store module */ status = dsdb_get_extended_dn_guid(dsdb_dn->dn, &target_guid, "GUID"); if (!NT_STATUS_IS_OK(status) || GUID_all_zero(&target_guid)) { - ret = dsdb_module_guid_by_dn(module, dsdb_dn->dn, &target_guid); + ret = dsdb_module_guid_by_dn(module, dsdb_dn->dn, &target_guid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -882,7 +882,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) } if (sa->linkID != 0 && functional_level > DS_DOMAIN_FUNCTION_2000) { - ret = replmd_add_fix_la(module, e, ac->seq_num, our_invocation_id, t, &guid, sa); + ret = replmd_add_fix_la(module, e, ac->seq_num, our_invocation_id, t, &guid, sa, req); if (ret != LDB_SUCCESS) { talloc_free(ac); return ret; @@ -1184,7 +1184,7 @@ static int replmd_update_rpmd(struct ldb_module *module, DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_SHOW_EXTENDED_DN | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | - DSDB_SEARCH_REVEAL_INTERNALS); + DSDB_SEARCH_REVEAL_INTERNALS, req); if (ret != LDB_SUCCESS || res->count != 1) { DEBUG(0,(__location__ ": Object %s failed to find uSNChanged\n", @@ -1217,7 +1217,7 @@ static int replmd_update_rpmd(struct ldb_module *module, DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_SHOW_EXTENDED_DN | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | - DSDB_SEARCH_REVEAL_INTERNALS); + DSDB_SEARCH_REVEAL_INTERNALS, req); if (ret != LDB_SUCCESS || res->count != 1) { DEBUG(0,(__location__ ": Object %s failed to find replPropertyMetaData\n", ldb_dn_get_linearized(msg->dn))); @@ -1356,7 +1356,7 @@ static struct parsed_dn *parsed_dn_find(struct parsed_dn *pdn, */ static int get_parsed_dns(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_message_element *el, struct parsed_dn **pdn, - const char *ldap_oid) + const char *ldap_oid, struct ldb_request *parent) { unsigned int i; struct ldb_context *ldb = ldb_module_get_ctx(module); @@ -1396,7 +1396,7 @@ static int get_parsed_dns(struct ldb_module *module, TALLOC_CTX *mem_ctx, status = dsdb_get_extended_dn_guid(dn, p->guid, "GUID"); if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { /* we got a DN without a GUID - go find the GUID */ - int ret = dsdb_module_guid_by_dn(module, dn, p->guid); + int ret = dsdb_module_guid_by_dn(module, dn, p->guid, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Unable to find GUID for DN %s\n", ldb_dn_get_linearized(dn)); @@ -1649,7 +1649,8 @@ static int replmd_modify_la_add(struct ldb_module *module, const struct dsdb_attribute *schema_attr, uint64_t seq_num, time_t t, - struct GUID *msg_guid) + struct GUID *msg_guid, + struct ldb_request *parent) { unsigned int i; struct parsed_dn *dns, *old_dns; @@ -1664,13 +1665,13 @@ static int replmd_modify_la_add(struct ldb_module *module, unix_to_nt_time(&now, t); - ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } - ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -1768,7 +1769,8 @@ static int replmd_modify_la_delete(struct ldb_module *module, const struct dsdb_attribute *schema_attr, uint64_t seq_num, time_t t, - struct GUID *msg_guid) + struct GUID *msg_guid, + struct ldb_request *parent) { unsigned int i; struct parsed_dn *dns, *old_dns; @@ -1790,13 +1792,13 @@ static int replmd_modify_la_delete(struct ldb_module *module, return LDB_ERR_NO_SUCH_ATTRIBUTE; } - ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } - ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -1887,7 +1889,8 @@ static int replmd_modify_la_replace(struct ldb_module *module, const struct dsdb_attribute *schema_attr, uint64_t seq_num, time_t t, - struct GUID *msg_guid) + struct GUID *msg_guid, + struct ldb_request *parent) { unsigned int i; struct parsed_dn *dns, *old_dns; @@ -1908,13 +1911,13 @@ static int replmd_modify_la_replace(struct ldb_module *module, return LDB_SUCCESS; } - ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, el, &dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } - ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns, schema_attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -2034,7 +2037,8 @@ static int replmd_modify_la_replace(struct ldb_module *module, */ static int replmd_modify_handle_linked_attribs(struct ldb_module *module, struct ldb_message *msg, - uint64_t seq_num, time_t t) + uint64_t seq_num, time_t t, + struct ldb_request *parent) { struct ldb_result *res; unsigned int i; @@ -2061,7 +2065,8 @@ static int replmd_modify_handle_linked_attribs(struct ldb_module *module, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_REVEAL_INTERNALS | - DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT); + DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT, + parent); if (ret != LDB_SUCCESS) { return ret; } @@ -2097,13 +2102,13 @@ static int replmd_modify_handle_linked_attribs(struct ldb_module *module, old_el = ldb_msg_find_element(old_msg, el->name); switch (el->flags & LDB_FLAG_MOD_MASK) { case LDB_FLAG_MOD_REPLACE: - ret = replmd_modify_la_replace(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid); + ret = replmd_modify_la_replace(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid, parent); break; case LDB_FLAG_MOD_DELETE: - ret = replmd_modify_la_delete(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid); + ret = replmd_modify_la_delete(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid, parent); break; case LDB_FLAG_MOD_ADD: - ret = replmd_modify_la_add(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid); + ret = replmd_modify_la_add(module, schema, msg, el, old_el, schema_attr, seq_num, t, &old_guid, parent); break; default: ldb_asprintf_errstring(ldb, @@ -2204,7 +2209,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req) return ret; } - ret = replmd_modify_handle_linked_attribs(module, msg, ac->seq_num, t); + ret = replmd_modify_handle_linked_attribs(module, msg, ac->seq_num, t, req); if (ret != LDB_SUCCESS) { talloc_free(ac); return ret; @@ -2385,7 +2390,8 @@ static int replmd_delete_remove_link(struct ldb_module *module, const struct dsdb_schema *schema, struct ldb_dn *dn, struct ldb_message_element *el, - const struct dsdb_attribute *sa) + const struct dsdb_attribute *sa, + struct ldb_request *parent) { unsigned int i; TALLOC_CTX *tmp_ctx = talloc_new(module); @@ -2443,7 +2449,7 @@ static int replmd_delete_remove_link(struct ldb_module *module, el2->values = &dn_val; el2->num_values = 1; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_OWN_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_OWN_MODULE, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -2514,7 +2520,7 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req) DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_REVEAL_INTERNALS | - DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT); + DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT, req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -2654,7 +2660,7 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req) DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | DSDB_SEARCH_REVEAL_INTERNALS| - DSDB_SEARCH_SHOW_RECYCLED); + DSDB_SEARCH_SHOW_RECYCLED, req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -2731,7 +2737,7 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req) continue; } if (sa->linkID && sa->linkID & 1) { - ret = replmd_delete_remove_link(module, schema, old_dn, el, sa); + ret = replmd_delete_remove_link(module, schema, old_dn, el, sa, req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return LDB_ERR_OPERATIONS_ERROR; @@ -2790,7 +2796,7 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req) } } - ret = dsdb_module_modify(module, msg, DSDB_FLAG_OWN_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_OWN_MODULE, req); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "replmd_delete: Failed to modify object %s in delete - %s", ldb_dn_get_linearized(old_dn), ldb_errstring(ldb)); @@ -2800,7 +2806,7 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req) if (deletion_state == OBJECT_NOT_DELETED) { /* now rename onto the new DN */ - ret = dsdb_module_rename(module, old_dn, new_dn, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_rename(module, old_dn, new_dn, DSDB_FLAG_NEXT_MODULE, req); if (ret != LDB_SUCCESS){ DEBUG(0,(__location__ ": Failed to rename object from '%s' to '%s' - %s\n", ldb_dn_get_linearized(old_dn), @@ -2994,7 +3000,8 @@ replmd_replPropertyMetaData1_find_attid(struct replPropertyMetaDataBlob *md_blob static int replmd_replicated_handle_rename(struct replmd_replicated_request *ar, struct ldb_message *msg, struct replPropertyMetaDataBlob *rmd, - struct replPropertyMetaDataBlob *omd) + struct replPropertyMetaDataBlob *omd, + struct ldb_request *parent) { struct replPropertyMetaData1 *md_remote; struct replPropertyMetaData1 *md_local; @@ -3022,7 +3029,7 @@ static int replmd_replicated_handle_rename(struct replmd_replicated_request *ar, * so it doesn't appear as an originating update */ return dsdb_module_rename(ar->module, ar->search_msg->dn, msg->dn, - DSDB_FLAG_NEXT_MODULE | DSDB_MODIFY_RELAX); + DSDB_FLAG_NEXT_MODULE | DSDB_MODIFY_RELAX, parent); } /* we're going to keep our old object */ @@ -3071,7 +3078,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) } /* handle renames that come in over DRS */ - ret = replmd_replicated_handle_rename(ar, msg, rmd, &omd); + ret = replmd_replicated_handle_rename(ar, msg, rmd, &omd, ar->req); if (ret != LDB_SUCCESS) { ldb_debug(ldb, LDB_DEBUG_FATAL, "replmd_replicated_request rename %s => %s failed - %s\n", @@ -3828,7 +3835,8 @@ static int replmd_extended_replicated_objects(struct ldb_module *module, struct process one linked attribute structure */ static int replmd_process_linked_attribute(struct ldb_module *module, - struct la_entry *la_entry) + struct la_entry *la_entry, + struct ldb_request *parent) { struct drsuapi_DsReplicaLinkedAttribute *la = la_entry->la; struct ldb_context *ldb = ldb_module_get_ctx(module); @@ -3905,6 +3913,7 @@ linked_attributes[0]: DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | DSDB_SEARCH_REVEAL_INTERNALS, + parent, "objectGUID=%s", GUID_string(tmp_ctx, &la->identifier->guid)); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -3931,7 +3940,7 @@ linked_attributes[0]: } /* parse the existing links */ - ret = get_parsed_dns(module, tmp_ctx, old_el, &pdn_list, attr->syntax->ldap_oid); + ret = get_parsed_dns(module, tmp_ctx, old_el, &pdn_list, attr->syntax->ldap_oid, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -3969,7 +3978,7 @@ linked_attributes[0]: /* re-resolve the DN by GUID, as the DRS server may give us an old DN value */ - ret = dsdb_module_dn_by_guid(module, dsdb_dn, &guid, &dsdb_dn->dn); + ret = dsdb_module_dn_by_guid(module, dsdb_dn, &guid, &dsdb_dn->dn, parent); if (ret != LDB_SUCCESS) { DEBUG(2,(__location__ ": WARNING: Failed to re-resolve GUID %s - using %s", GUID_string(tmp_ctx, &guid), @@ -4105,7 +4114,7 @@ linked_attributes[0]: old_el->flags |= LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_debug(ldb, LDB_DEBUG_WARNING, "Failed to apply linked attribute change '%s'\n%s\n", ldb_errstring(ldb), @@ -4172,7 +4181,7 @@ static int replmd_prepare_commit(struct ldb_module *module) for (la = DLIST_TAIL(replmd_private->la_list); la; la=prev) { prev = DLIST_PREV(la); DLIST_REMOVE(replmd_private->la_list, la); - ret = replmd_process_linked_attribute(module, la); + ret = replmd_process_linked_attribute(module, la, NULL); if (ret != LDB_SUCCESS) { replmd_txn_cleanup(replmd_private); return ret; @@ -4182,7 +4191,7 @@ static int replmd_prepare_commit(struct ldb_module *module) /* process our backlink list, creating and deleting backlinks as necessary */ for (bl=replmd_private->la_backlinks; bl; bl=bl->next) { - ret = replmd_process_backlink(module, bl); + ret = replmd_process_backlink(module, bl, NULL); if (ret != LDB_SUCCESS) { replmd_txn_cleanup(replmd_private); return ret; @@ -4192,7 +4201,7 @@ static int replmd_prepare_commit(struct ldb_module *module) replmd_txn_cleanup(replmd_private); /* possibly change @REPLCHANGED */ - ret = replmd_notify_store(module); + ret = replmd_notify_store(module, NULL); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c b/source4/dsdb/samdb/ldb_modules/ridalloc.c index 9cde5c89f7..9e7c0ed780 100644 --- a/source4/dsdb/samdb/ldb_modules/ridalloc.c +++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c @@ -180,7 +180,8 @@ static int ridalloc_set_ridset_values(struct ldb_module *module, /* allocate a new range of RIDs in the RID Manager object */ -static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_dn *rid_manager_dn, uint64_t *new_pool) +static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_dn *rid_manager_dn, uint64_t *new_pool, + struct ldb_request *parent) { int ret; TALLOC_CTX *tmp_ctx = talloc_new(module); @@ -192,7 +193,7 @@ static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_d const unsigned alloc_size = 500; ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_manager_dn, - attrs, DSDB_FLAG_NEXT_MODULE); + attrs, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find rIDAvailablePool in %s - %s", ldb_dn_get_linearized(rid_manager_dn), ldb_errstring(ldb)); @@ -223,7 +224,7 @@ static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_d new_rid_pool = rid_pool_lo | (((uint64_t)rid_pool_hi)<<32); ret = dsdb_module_constrainted_update_uint64(module, rid_manager_dn, "rIDAvailablePool", - &rid_pool, &new_rid_pool); + &rid_pool, &new_rid_pool, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to update rIDAvailablePool - %s", ldb_errstring(ldb)); @@ -241,7 +242,8 @@ static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_d */ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *rid_manager_dn, - struct ldb_dn *ntds_dn, struct ldb_dn **dn) + struct ldb_dn *ntds_dn, struct ldb_dn **dn, + struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); struct ldb_dn *server_dn, *machine_dn, *rid_set_dn; @@ -278,7 +280,7 @@ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *m return ldb_module_oom(module); } - ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); + ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find serverReference in %s - %s", ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); @@ -298,7 +300,7 @@ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *m } /* grab a pool from the RID Manager object */ - ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, &n.alloc_pool); + ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, &n.alloc_pool, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -323,7 +325,7 @@ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *m /* we need this to go all the way to the top of the module * stack, as we need all the extra attributes added (including * complex ones like ntsecuritydescriptor) */ - ret = dsdb_module_add(module, msg, DSDB_FLAG_TOP_MODULE | DSDB_MODIFY_RELAX); + ret = dsdb_module_add(module, msg, DSDB_FLAG_TOP_MODULE | DSDB_MODIFY_RELAX, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to add RID Set %s - %s", ldb_dn_get_linearized(msg->dn), @@ -343,7 +345,7 @@ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *m } msg->elements[0].flags = LDB_FLAG_MOD_ADD; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to add rIDSetReferences to %s - %s", ldb_dn_get_linearized(msg->dn), @@ -363,7 +365,7 @@ static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *m create a RID Set object for this DC */ static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *mem_ctx, - struct ldb_dn **dn) + struct ldb_dn **dn, struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); struct ldb_dn *rid_manager_dn, *fsmo_role_dn; @@ -371,7 +373,7 @@ static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *me struct ldb_context *ldb = ldb_module_get_ctx(module); /* work out who is the RID Manager */ - ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", ldb_errstring(ldb)); @@ -380,7 +382,7 @@ static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *me } /* find the DN of the RID Manager */ - ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", ldb_errstring(ldb)); @@ -395,7 +397,7 @@ static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *me return LDB_ERR_UNWILLING_TO_PERFORM; } - ret = ridalloc_create_rid_set_ntds(module, mem_ctx, rid_manager_dn, fsmo_role_dn, dn); + ret = ridalloc_create_rid_set_ntds(module, mem_ctx, rid_manager_dn, fsmo_role_dn, dn, parent); talloc_free(tmp_ctx); return ret; } @@ -404,7 +406,7 @@ static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *me get a new RID pool for ourselves also returns the first rid for the new pool */ -static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool) +static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool, struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(module); struct ldb_dn *rid_manager_dn, *fsmo_role_dn; @@ -412,7 +414,7 @@ static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool) struct ldb_context *ldb = ldb_module_get_ctx(module); /* work out who is the RID Manager */ - ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", ldb_errstring(ldb)); @@ -421,7 +423,7 @@ static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool) } /* find the DN of the RID Manager */ - ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", ldb_errstring(ldb)); @@ -437,7 +439,7 @@ static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool) } /* grab a pool from the RID Manager object */ - ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool); + ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -452,7 +454,7 @@ static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool) If we run out of RIDs then allocate a new pool either locally or by contacting the RID Manager */ -int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) +int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid, struct ldb_request *parent) { struct ldb_context *ldb; int ret; @@ -469,7 +471,7 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) ret = samdb_rid_set_dn(ldb, tmp_ctx, &rid_set_dn); if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { - ret = ridalloc_create_own_rid_set(module, tmp_ctx, &rid_set_dn); + ret = ridalloc_create_own_rid_set(module, tmp_ctx, &rid_set_dn, parent); } if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": No RID Set DN - %s", @@ -479,7 +481,7 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) } ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_set_dn, - ridalloc_ridset_attrs, DSDB_FLAG_NEXT_MODULE); + ridalloc_ridset_attrs, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": No RID Set %s", ldb_dn_get_linearized(rid_set_dn)); @@ -524,7 +526,7 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) * Otherwise we fail the operation and * ask async for a new pool. */ - ret = ridalloc_new_own_pool(module, &nridset.alloc_pool); + ret = ridalloc_new_own_pool(module, &nridset.alloc_pool, parent); if (ret == LDB_ERR_UNWILLING_TO_PERFORM) { ridalloc_poke_rid_manager(module); talloc_free(tmp_ctx); @@ -570,7 +572,7 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) * Otherwise we fail the operation and * ask async for a new pool. */ - ret = ridalloc_new_own_pool(module, &nridset.alloc_pool); + ret = ridalloc_new_own_pool(module, &nridset.alloc_pool, parent); if (ret == LDB_ERR_UNWILLING_TO_PERFORM) { ridalloc_poke_rid_manager(module); ret = LDB_SUCCESS; @@ -597,7 +599,7 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) return ret; } - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -612,7 +614,8 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) /* called by DSDB_EXTENDED_ALLOCATE_RID_POOL extended operation in samldb */ -int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_extended_op *exop) +int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_extended_op *exop, + struct ldb_request *parent) { struct ldb_dn *ntds_dn, *server_dn, *machine_dn, *rid_set_dn; struct ldb_dn *rid_manager_dn; @@ -623,7 +626,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ struct ldb_message *msg; struct ridalloc_ridset_values oridset, nridset; - ret = dsdb_module_dn_by_guid(module, tmp_ctx, &exop->destination_dsa_guid, &ntds_dn); + ret = dsdb_module_dn_by_guid(module, tmp_ctx, &exop->destination_dsa_guid, &ntds_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": Unable to find NTDS object for guid %s - %s\n", GUID_string(tmp_ctx, &exop->destination_dsa_guid), ldb_errstring(ldb)); @@ -637,7 +640,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ return ldb_module_oom(module); } - ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); + ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": Failed to find serverReference in %s - %s", ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); @@ -645,7 +648,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ return ret; } - ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": Failed to find RID Manager object - %s", ldb_errstring(ldb)); @@ -653,9 +656,9 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ return ret; } - ret = dsdb_module_reference_dn(module, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn); + ret = dsdb_module_reference_dn(module, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn, parent); if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { - ret = ridalloc_create_rid_set_ntds(module, tmp_ctx, rid_manager_dn, ntds_dn, &rid_set_dn); + ret = ridalloc_create_rid_set_ntds(module, tmp_ctx, rid_manager_dn, ntds_dn, &rid_set_dn, parent); talloc_free(tmp_ctx); return ret; } @@ -668,7 +671,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ } ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_set_dn, - ridalloc_ridset_attrs, DSDB_FLAG_NEXT_MODULE); + ridalloc_ridset_attrs, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ ": No RID Set %s", ldb_dn_get_linearized(rid_set_dn)); @@ -699,7 +702,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ } /* grab a pool from the RID Manager object */ - ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, &nridset.alloc_pool); + ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, &nridset.alloc_pool, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -721,7 +724,7 @@ int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_ return ret; } - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to modify RID Set object %s - %s", ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 2c0fcfcdd1..157a8c0ae5 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -206,7 +206,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms int ret; const char *dns_attrs[] = { "dNSHostName", NULL }; ret = dsdb_module_search_dn(module, msg, &res, samdb_server_dn(ldb, msg), - dns_attrs, DSDB_FLAG_NEXT_MODULE); + dns_attrs, DSDB_FLAG_NEXT_MODULE, req); if (ret == LDB_SUCCESS) { const char *hostname = ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", NULL); if (hostname != NULL) { @@ -878,7 +878,7 @@ static int rootdse_init(struct ldb_module *module) } } - data->block_anonymous = dsdb_block_anonymous_ops(module); + data->block_anonymous = dsdb_block_anonymous_ops(module, NULL); talloc_free(mem_ctx); @@ -938,16 +938,18 @@ static int get_optional_feature_dn_guid(struct ldb_request *req, struct ldb_cont * ldb_message object. */ static int dsdb_find_optional_feature(struct ldb_module *module, struct ldb_context *ldb, - TALLOC_CTX *mem_ctx, struct GUID op_feature_guid, struct ldb_message **msg) + TALLOC_CTX *mem_ctx, struct GUID op_feature_guid, struct ldb_message **msg, + struct ldb_request *parent) { struct ldb_result *res; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); int ret; ret = dsdb_module_search(module, tmp_ctx, &res, NULL, LDB_SCOPE_SUBTREE, - NULL, - DSDB_FLAG_NEXT_MODULE | - DSDB_SEARCH_SEARCH_ALL_PARTITIONS, + NULL, + DSDB_FLAG_NEXT_MODULE | + DSDB_SEARCH_SEARCH_ALL_PARTITIONS, + parent, "(&(objectClass=msDS-OptionalFeature)" "(msDS-OptionalFeatureGUID=%s))",GUID_string(tmp_ctx, &op_feature_guid)); @@ -974,8 +976,8 @@ static int dsdb_find_optional_feature(struct ldb_module *module, struct ldb_cont } static int rootdse_enable_recycle_bin(struct ldb_module *module,struct ldb_context *ldb, - TALLOC_CTX *mem_ctx, struct ldb_dn *op_feature_scope_dn, - struct ldb_message *op_feature_msg) + TALLOC_CTX *mem_ctx, struct ldb_dn *op_feature_scope_dn, + struct ldb_message *op_feature_msg, struct ldb_request *parent) { int ret; const int domain_func_level = dsdb_functional_level(ldb); @@ -1015,7 +1017,7 @@ static int rootdse_enable_recycle_bin(struct ldb_module *module,struct ldb_conte ldb_msg_add_linearized_dn(msg, "msDS-EnabledFeature", op_feature_msg->dn); msg->elements[el_count++].flags = LDB_FLAG_MOD_ADD; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "rootdse_enable_recycle_bin: Failed to modify object %s - %s", @@ -1026,7 +1028,7 @@ static int rootdse_enable_recycle_bin(struct ldb_module *module,struct ldb_conte } msg->dn = op_feature_scope_dn; - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "rootdse_enable_recycle_bin: Failed to modify object %s - %s", @@ -1078,7 +1080,7 @@ static int rootdse_enableoptionalfeature(struct ldb_module *module, struct ldb_r return LDB_ERR_UNWILLING_TO_PERFORM; } - ret = dsdb_find_optional_feature(module, ldb, tmp_ctx, op_feature_guid, &op_feature_msg); + ret = dsdb_find_optional_feature(module, ldb, tmp_ctx, op_feature_guid, &op_feature_msg, req); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "rootdse: unable to find optional feature for %s - %s", @@ -1090,7 +1092,7 @@ static int rootdse_enableoptionalfeature(struct ldb_module *module, struct ldb_r if (strcasecmp(DS_GUID_FEATURE_RECYCLE_BIN, guid_string) == 0) { ret = rootdse_enable_recycle_bin(module, ldb, tmp_ctx, op_feature_scope_dn, - op_feature_msg); + op_feature_msg, req); } else { ldb_asprintf_errstring(ldb, "rootdse: unknown optional feature %s", diff --git a/source4/dsdb/samdb/ldb_modules/samba3sid.c b/source4/dsdb/samdb/ldb_modules/samba3sid.c index 76bcfce713..f38ab407bb 100644 --- a/source4/dsdb/samdb/ldb_modules/samba3sid.c +++ b/source4/dsdb/samdb/ldb_modules/samba3sid.c @@ -37,7 +37,8 @@ (loosely based on Volkers code) */ static int samba3sid_next_sid(struct ldb_module *module, - TALLOC_CTX *mem_ctx, char **sid) + TALLOC_CTX *mem_ctx, char **sid, + struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); struct ldb_result *res; @@ -53,6 +54,7 @@ static int samba3sid_next_sid(struct ldb_module *module, attrs, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SEARCH_ALL_PARTITIONS, + parent, "(&(objectClass=sambaDomain)(sambaDomainName=%s))", lpcfg_sam_name(ldb_get_opaque(ldb, "loadparm"))); if (ret != LDB_SUCCESS) { @@ -119,7 +121,7 @@ static int samba3sid_next_sid(struct ldb_module *module, ret = dsdb_module_constrainted_update_uint32(module, msg->dn, "sambaNextRid", - &sambaNextRid, &rid); + &sambaNextRid, &rid, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, __location__ @@ -169,7 +171,7 @@ static int samba3sid_add(struct ldb_module *module, struct ldb_request *req) return ldb_module_oom(module); } - ret = samba3sid_next_sid(module, new_msg, &sid); + ret = samba3sid_next_sid(module, new_msg, &sid, req); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index df2cd9897a..bc5784e5ac 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -39,7 +39,7 @@ #include "librpc/ndr/libndr.h" static int read_at_rootdse_record(struct ldb_context *ldb, struct ldb_module *module, TALLOC_CTX *mem_ctx, - struct ldb_message **msg) + struct ldb_message **msg, struct ldb_request *parent) { int ret; static const char *rootdse_attrs[] = { "defaultNamingContext", "configurationNamingContext", "schemaNamingContext", NULL }; @@ -57,7 +57,7 @@ static int read_at_rootdse_record(struct ldb_context *ldb, struct ldb_module *mo } ret = dsdb_module_search_dn(module, tmp_ctx, &rootdse_res, rootdse_dn, - rootdse_attrs, DSDB_FLAG_NEXT_MODULE); + rootdse_attrs, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -239,7 +239,7 @@ static int samba_dsdb_init(struct ldb_module *module) } while (0) ret = dsdb_module_search_dn(module, tmp_ctx, &res, samba_dsdb_dn, - samba_dsdb_attrs, DSDB_FLAG_NEXT_MODULE); + samba_dsdb_attrs, DSDB_FLAG_NEXT_MODULE, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { backendType = "ldb"; serverRole = "domain controller"; @@ -294,7 +294,7 @@ static int samba_dsdb_init(struct ldb_module *module) CHECK_MODULE_LIST; - ret = read_at_rootdse_record(ldb, module, tmp_ctx, &rootdse_msg); + ret = read_at_rootdse_record(ldb, module, tmp_ctx, &rootdse_msg, NULL); CHECK_LDB_RET(ret); partition_msg = ldb_msg_new(tmp_ctx); diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index e60f24023d..53c45e62bc 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -187,7 +187,9 @@ static int samldb_check_sAMAccountName(struct samldb_ctx *ac) ret = dsdb_module_search(ac->module, ac, &res, NULL, LDB_SCOPE_SUBTREE, noattrs, - DSDB_FLAG_NEXT_MODULE, "(sAMAccountName=%s)", + DSDB_FLAG_NEXT_MODULE, + ac->req, + "(sAMAccountName=%s)", ldb_binary_encode_string(ac, name)); if (ret != LDB_SUCCESS) { return ret; @@ -229,7 +231,7 @@ static int samldb_allocate_sid(struct samldb_ctx *ac) struct ldb_context *ldb = ldb_module_get_ctx(ac->module); int ret; - ret = ridalloc_allocate_rid(ac->module, &rid); + ret = ridalloc_allocate_rid(ac->module, &rid, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -260,6 +262,7 @@ static bool samldb_krbtgtnumber_available(struct samldb_ctx *ac, ret = dsdb_module_search(ac->module, tmp_ctx, &res, NULL, LDB_SCOPE_SUBTREE, no_attrs, DSDB_FLAG_NEXT_MODULE, + ac->req, "(msDC-SecondaryKrbTgtNumber=%u)", krbtgt_number); if (ret == LDB_SUCCESS && res->count == 0) { @@ -358,6 +361,7 @@ static int samldb_find_for_defaultObjectCategory(struct samldb_ctx *ac) ac->dn, LDB_SCOPE_BASE, no_attrs, DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | DSDB_FLAG_NEXT_MODULE, + ac->req, "(objectClass=classSchema)"); if (ret == LDB_ERR_NO_SUCH_OBJECT) { /* Don't be pricky when the DN doesn't exist if we have the */ @@ -440,6 +444,7 @@ static int samldb_add_handle_msDS_IntId(struct samldb_ctx *ac) &ldb_res, schema_dn, LDB_SCOPE_ONELEVEL, NULL, DSDB_FLAG_NEXT_MODULE, + ac->req, "(msDS-IntId=%d)", msds_intid); if (ret != LDB_SUCCESS) { ldb_debug_set(ldb, LDB_DEBUG_ERROR, @@ -773,7 +778,7 @@ static int samldb_schema_info_update(struct samldb_ctx *ac) } ret = dsdb_module_schema_info_update(ac->module, schema, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "samldb_schema_info_update: dsdb_module_schema_info_update failed with %s", @@ -1029,7 +1034,9 @@ static int samldb_prim_group_set(struct samldb_ctx *ac) } ret = dsdb_module_search(ac->module, ac, &res, NULL, LDB_SCOPE_SUBTREE, - noattrs, DSDB_FLAG_NEXT_MODULE, "(objectSid=%s)", + noattrs, DSDB_FLAG_NEXT_MODULE, + ac->req, + "(objectSid=%s)", ldap_encode_ndr_dom_sid(ac, sid)); if (ret != LDB_SUCCESS) { return ret; @@ -1117,7 +1124,9 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) } ret = dsdb_module_search(ac->module, ac, &group_res, NULL, LDB_SCOPE_SUBTREE, - noattrs, DSDB_FLAG_NEXT_MODULE, "(objectSid=%s)", + noattrs, DSDB_FLAG_NEXT_MODULE, + ac->req, + "(objectSid=%s)", ldap_encode_ndr_dom_sid(ac, prev_sid)); if (ret != LDB_SUCCESS) { return ret; @@ -1133,7 +1142,9 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) } ret = dsdb_module_search(ac->module, ac, &group_res, NULL, LDB_SCOPE_SUBTREE, - noattrs, DSDB_FLAG_NEXT_MODULE, "(objectSid=%s)", + noattrs, DSDB_FLAG_NEXT_MODULE, + ac->req, + "(objectSid=%s)", ldap_encode_ndr_dom_sid(ac, new_sid)); if (ret != LDB_SUCCESS) { return ret; @@ -1166,7 +1177,7 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) return ret; } - ret = dsdb_module_modify(ac->module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(ac->module, msg, DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -1185,7 +1196,7 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) return ret; } - ret = dsdb_module_modify(ac->module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(ac->module, msg, DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -1311,7 +1322,7 @@ static int samldb_group_type_change(struct samldb_ctx *ac) talloc_free(tmp_msg); ret = dsdb_module_search_dn(ac->module, ac, &res, ac->msg->dn, attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -1526,7 +1537,7 @@ static int samldb_member_check(struct samldb_ctx *ac) ret = dsdb_module_search_dn(ac->module, ac, &group_res, member_dn, group_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, ac->req); if (ret == LDB_ERR_NO_SUCH_OBJECT) { /* member DN doesn't exist yet */ continue; @@ -1668,7 +1679,7 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac) talloc_free(msg); ret = dsdb_module_search_dn(ac->module, ac, &res, ac->msg->dn, - dns_attrs, DSDB_FLAG_NEXT_MODULE); + dns_attrs, DSDB_FLAG_NEXT_MODULE, ac->req); if (ret == LDB_SUCCESS) { old_dns_hostname = ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", NULL); } @@ -1692,7 +1703,7 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac) talloc_free(msg); ret = dsdb_module_search_dn(ac->module, ac, &res, ac->msg->dn, acct_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, ac->req); if (ret == LDB_SUCCESS) { tempstr2 = talloc_strdup(ac, ldb_msg_find_attr_as_string(res->msgs[0], @@ -1763,7 +1774,7 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac) } while (el != NULL); ret = dsdb_module_modify(ac->module, msg, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -2092,7 +2103,7 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) ldb = ldb_module_get_ctx(ac->module); /* Finds out the SID/RID of the SAM object */ - ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, attrs, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, attrs, DSDB_FLAG_NEXT_MODULE, ac->req); if (ret != LDB_SUCCESS) { return ret; } @@ -2114,6 +2125,7 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) /* Deny delete requests from groups which are primary ones */ ret = dsdb_module_search(ac->module, ac, &res, NULL, LDB_SCOPE_SUBTREE, noattrs, DSDB_FLAG_NEXT_MODULE, + ac->req, "(&(primaryGroupID=%u)(objectClass=user))", rid); if (ret != LDB_SUCCESS) { return ret; @@ -2166,7 +2178,7 @@ static int samldb_extended_allocate_rid_pool(struct ldb_module *module, struct l return LDB_ERR_PROTOCOL_ERROR; } - ret = ridalloc_allocate_rid_pool_fsmo(module, exop); + ret = ridalloc_allocate_rid_pool_fsmo(module, exop, req); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/schema.c b/source4/dsdb/samdb/ldb_modules/schema.c index 1a507fe1c9..752e4d10b8 100644 --- a/source4/dsdb/samdb/ldb_modules/schema.c +++ b/source4/dsdb/samdb/ldb_modules/schema.c @@ -29,7 +29,8 @@ #include "libcli/security/security.h" -const struct dsdb_class * get_last_structural_class(const struct dsdb_schema *schema,const struct ldb_message_element *element) +const struct dsdb_class * get_last_structural_class(const struct dsdb_schema *schema,const struct ldb_message_element *element, + struct ldb_request *parent) { const struct dsdb_class *last_class = NULL; unsigned int i; diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c b/source4/dsdb/samdb/ldb_modules/schema_load.c index 4b6fc4690b..69aa691472 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_load.c +++ b/source4/dsdb/samdb/ldb_modules/schema_load.c @@ -121,7 +121,7 @@ struct dsdb_schema *dsdb_schema_refresh(struct ldb_module *module, struct dsdb_s schema->reload_seq_number = tseqr->seq_num; talloc_free(res); - ret = dsdb_module_load_partition_usn(module, schema->base_dn, ¤t_usn, NULL); + ret = dsdb_module_load_partition_usn(module, schema->base_dn, ¤t_usn, NULL, NULL); if (ret != LDB_SUCCESS || current_usn == schema->loaded_usn) { return schema; } @@ -174,7 +174,7 @@ static int dsdb_schema_from_db(struct ldb_module *module, struct ldb_dn *schema_ */ ret = dsdb_module_search_dn(module, tmp_ctx, &schema_res, schema_dn, schema_attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { ldb_reset_err_string(ldb); ldb_debug(ldb, LDB_DEBUG_WARNING, @@ -193,6 +193,7 @@ static int dsdb_schema_from_db(struct ldb_module *module, struct ldb_dn *schema_ ret = dsdb_module_search(module, tmp_ctx, &a_res, schema_dn, LDB_SCOPE_ONELEVEL, NULL, DSDB_FLAG_NEXT_MODULE, + NULL, "(objectClass=attributeSchema)"); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, @@ -208,6 +209,7 @@ static int dsdb_schema_from_db(struct ldb_module *module, struct ldb_dn *schema_ schema_dn, LDB_SCOPE_ONELEVEL, NULL, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT, + NULL, "(objectClass=classSchema)"); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, @@ -297,7 +299,7 @@ static int schema_load_init(struct ldb_module *module) return LDB_SUCCESS; } - ret = dsdb_module_load_partition_usn(module, schema_dn, ¤t_usn, NULL); + ret = dsdb_module_load_partition_usn(module, schema_dn, ¤t_usn, NULL, NULL); if (ret != LDB_SUCCESS) { /* Ignore the error and just reload the DB more often */ current_usn = 0; diff --git a/source4/dsdb/samdb/ldb_modules/schema_util.c b/source4/dsdb/samdb/ldb_modules/schema_util.c index aa7a33af42..e115104a40 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_util.c +++ b/source4/dsdb/samdb/ldb_modules/schema_util.c @@ -39,7 +39,8 @@ int dsdb_module_schema_info_blob_read(struct ldb_module *ldb_module, uint32_t dsdb_flags, TALLOC_CTX *mem_ctx, - struct ldb_val *schema_info_blob) + struct ldb_val *schema_info_blob, + struct ldb_request *parent) { int ldb_err; const struct ldb_val *blob_val; @@ -57,7 +58,8 @@ int dsdb_module_schema_info_blob_read(struct ldb_module *ldb_module, } ldb_err = dsdb_module_search(ldb_module, mem_ctx, &schema_res, schema_dn, - LDB_SCOPE_BASE, schema_attrs, dsdb_flags, NULL); + LDB_SCOPE_BASE, schema_attrs, dsdb_flags, parent, + NULL); if (ldb_err == LDB_ERR_NO_SUCH_OBJECT) { DEBUG(0,("dsdb_module_schema_info_blob_read: Schema DN not found!\n")); talloc_free(schema_res); @@ -137,7 +139,8 @@ static int dsdb_schema_info_write_prepare(struct ldb_context *ldb, */ int dsdb_module_schema_info_blob_write(struct ldb_module *ldb_module, uint32_t dsdb_flags, - struct ldb_val *schema_info_blob) + struct ldb_val *schema_info_blob, + struct ldb_request *parent) { int ldb_err; struct ldb_message *msg; @@ -158,7 +161,7 @@ int dsdb_module_schema_info_blob_write(struct ldb_module *ldb_module, } - ldb_err = dsdb_module_modify(ldb_module, msg, dsdb_flags); + ldb_err = dsdb_module_modify(ldb_module, msg, dsdb_flags, parent); talloc_free(temp_ctx); @@ -181,7 +184,8 @@ int dsdb_module_schema_info_blob_write(struct ldb_module *ldb_module, static int dsdb_module_schema_info_read(struct ldb_module *ldb_module, uint32_t dsdb_flags, TALLOC_CTX *mem_ctx, - struct dsdb_schema_info **_schema_info) + struct dsdb_schema_info **_schema_info, + struct ldb_request *parent) { int ret; DATA_BLOB ndr_blob; @@ -194,7 +198,7 @@ static int dsdb_module_schema_info_read(struct ldb_module *ldb_module, } /* read serialized schemaInfo from LDB */ - ret = dsdb_module_schema_info_blob_read(ldb_module, dsdb_flags, temp_ctx, &ndr_blob); + ret = dsdb_module_schema_info_blob_read(ldb_module, dsdb_flags, temp_ctx, &ndr_blob, parent); if (ret != LDB_SUCCESS) { talloc_free(temp_ctx); return ret; @@ -226,7 +230,8 @@ static int dsdb_module_schema_info_read(struct ldb_module *ldb_module, */ static int dsdb_module_schema_info_write(struct ldb_module *ldb_module, uint32_t dsdb_flags, - const struct dsdb_schema_info *schema_info) + const struct dsdb_schema_info *schema_info, + struct ldb_request *parent) { WERROR werr; int ret; @@ -247,7 +252,7 @@ static int dsdb_module_schema_info_write(struct ldb_module *ldb_module, } /* write serialized schemaInfo into LDB */ - ret = dsdb_module_schema_info_blob_write(ldb_module, dsdb_flags, &ndr_blob); + ret = dsdb_module_schema_info_blob_write(ldb_module, dsdb_flags, &ndr_blob, parent); talloc_free(temp_ctx); @@ -267,7 +272,7 @@ static int dsdb_module_schema_info_write(struct ldb_module *ldb_module, */ int dsdb_module_schema_info_update(struct ldb_module *ldb_module, struct dsdb_schema *schema, - int dsdb_flags) + int dsdb_flags, struct ldb_request *parent) { int ret; const struct GUID *invocation_id; @@ -287,7 +292,7 @@ int dsdb_module_schema_info_update(struct ldb_module *ldb_module, } /* read serialized schemaInfo from LDB */ - ret = dsdb_module_schema_info_read(ldb_module, dsdb_flags, temp_ctx, &schema_info); + ret = dsdb_module_schema_info_read(ldb_module, dsdb_flags, temp_ctx, &schema_info, parent); if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { /* make default value in case * we have no schemaInfo value yet */ @@ -307,7 +312,7 @@ int dsdb_module_schema_info_update(struct ldb_module *ldb_module, schema_info->revision++; schema_info->invocation_id = *invocation_id; - ret = dsdb_module_schema_info_write(ldb_module, dsdb_flags, schema_info); + ret = dsdb_module_schema_info_write(ldb_module, dsdb_flags, schema_info, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb_module_get_ctx(ldb_module), "dsdb_module_schema_info_update: failed to save schemaInfo - %s\n", diff --git a/source4/dsdb/samdb/ldb_modules/subtree_delete.c b/source4/dsdb/samdb/ldb_modules/subtree_delete.c index 07a75922f8..d82c3ab828 100644 --- a/source4/dsdb/samdb/ldb_modules/subtree_delete.c +++ b/source4/dsdb/samdb/ldb_modules/subtree_delete.c @@ -55,6 +55,7 @@ static int subtree_delete(struct ldb_module *module, struct ldb_request *req) ret = dsdb_module_search(module, req, &res, req->op.del.dn, LDB_SCOPE_ONELEVEL, attrs, DSDB_FLAG_NEXT_MODULE, + req, "(objectClass=*)"); if (ret != LDB_SUCCESS) { talloc_free(res); @@ -82,7 +83,7 @@ static int subtree_delete(struct ldb_module *module, struct ldb_request *req) } for (i = 0; i < res->count; i++) { - ret = dsdb_module_del(module, res->msgs[i]->dn, flags); + ret = dsdb_module_del(module, res->msgs[i]->dn, flags, req); if (ret != LDB_SUCCESS) { return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 78dd59012c..e3e908f033 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -37,7 +37,8 @@ int dsdb_module_search_dn(struct ldb_module *module, struct ldb_result **_res, struct ldb_dn *basedn, const char * const *attrs, - uint32_t dsdb_flags) + uint32_t dsdb_flags, + struct ldb_request *parent) { int ret; struct ldb_request *req; @@ -60,7 +61,7 @@ int dsdb_module_search_dn(struct ldb_module *module, NULL, res, ldb_search_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -73,6 +74,10 @@ int dsdb_module_search_dn(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + /* Run the new request */ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, req); @@ -114,7 +119,8 @@ int dsdb_module_search(struct ldb_module *module, struct ldb_dn *basedn, enum ldb_scope scope, const char * const *attrs, int dsdb_flags, - const char *format, ...) _PRINTF_ATTRIBUTE(8, 9) + struct ldb_request *parent, + const char *format, ...) _PRINTF_ATTRIBUTE(9, 10) { int ret; struct ldb_request *req; @@ -152,7 +158,7 @@ int dsdb_module_search(struct ldb_module *module, NULL, res, ldb_search_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -165,6 +171,10 @@ int dsdb_module_search(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, req); } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { @@ -190,7 +200,8 @@ int dsdb_module_search(struct ldb_module *module, find a DN given a GUID. This searches across all partitions */ int dsdb_module_dn_by_guid(struct ldb_module *module, TALLOC_CTX *mem_ctx, - const struct GUID *guid, struct ldb_dn **dn) + const struct GUID *guid, struct ldb_dn **dn, + struct ldb_request *parent) { struct ldb_result *res; const char *attrs[] = { NULL }; @@ -203,6 +214,7 @@ int dsdb_module_dn_by_guid(struct ldb_module *module, TALLOC_CTX *mem_ctx, DSDB_SEARCH_SHOW_RECYCLED | DSDB_SEARCH_SEARCH_ALL_PARTITIONS | DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT, + parent, "objectGUID=%s", GUID_string(tmp_ctx, guid)); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -228,7 +240,8 @@ int dsdb_module_dn_by_guid(struct ldb_module *module, TALLOC_CTX *mem_ctx, /* find a GUID given a DN. */ -int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct GUID *guid) +int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct GUID *guid, + struct ldb_request *parent) { const char *attrs[] = { NULL }; struct ldb_result *res; @@ -239,7 +252,8 @@ int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct ret = dsdb_module_search_dn(module, tmp_ctx, &res, dn, attrs, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_RECYCLED | - DSDB_SEARCH_SHOW_EXTENDED_DN); + DSDB_SEARCH_SHOW_EXTENDED_DN, + parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb_module_get_ctx(module), "Failed to find GUID for %s", ldb_dn_get_linearized(dn)); @@ -263,7 +277,8 @@ int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct */ int dsdb_module_modify(struct ldb_module *module, const struct ldb_message *message, - uint32_t dsdb_flags) + uint32_t dsdb_flags, + struct ldb_request *parent) { struct ldb_request *mod_req; int ret; @@ -282,7 +297,7 @@ int dsdb_module_modify(struct ldb_module *module, NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(mod_req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -295,6 +310,10 @@ int dsdb_module_modify(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(mod_req); + } + /* Run the new request */ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, mod_req); @@ -320,8 +339,9 @@ int dsdb_module_modify(struct ldb_module *module, current module */ int dsdb_module_rename(struct ldb_module *module, - struct ldb_dn *olddn, struct ldb_dn *newdn, - uint32_t dsdb_flags) + struct ldb_dn *olddn, struct ldb_dn *newdn, + uint32_t dsdb_flags, + struct ldb_request *parent) { struct ldb_request *req; int ret; @@ -341,7 +361,7 @@ int dsdb_module_rename(struct ldb_module *module, NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -354,6 +374,10 @@ int dsdb_module_rename(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + /* Run the new request */ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, req); @@ -378,7 +402,8 @@ int dsdb_module_rename(struct ldb_module *module, */ int dsdb_module_add(struct ldb_module *module, const struct ldb_message *message, - uint32_t dsdb_flags) + uint32_t dsdb_flags, + struct ldb_request *parent) { struct ldb_request *req; int ret; @@ -397,7 +422,7 @@ int dsdb_module_add(struct ldb_module *module, NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -410,6 +435,10 @@ int dsdb_module_add(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + /* Run the new request */ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, req); @@ -434,7 +463,8 @@ int dsdb_module_add(struct ldb_module *module, */ int dsdb_module_del(struct ldb_module *module, struct ldb_dn *dn, - uint32_t dsdb_flags) + uint32_t dsdb_flags, + struct ldb_request *parent) { struct ldb_request *req; int ret; @@ -453,7 +483,7 @@ int dsdb_module_del(struct ldb_module *module, NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -466,6 +496,10 @@ int dsdb_module_del(struct ldb_module *module, return ret; } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + /* Run the new request */ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { ret = ldb_next_request(module, req); @@ -577,7 +611,7 @@ int dsdb_check_optional_feature(struct ldb_module *module, struct ldb_dn *scope, (eg. serverReference, rIDManagerReference etc) */ int dsdb_module_reference_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *base, - const char *attribute, struct ldb_dn **dn) + const char *attribute, struct ldb_dn **dn, struct ldb_request *parent) { const char *attrs[2]; struct ldb_result *res; @@ -587,7 +621,7 @@ int dsdb_module_reference_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, str attrs[1] = NULL; ret = dsdb_module_search_dn(module, mem_ctx, &res, base, attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { return ret; } @@ -608,11 +642,12 @@ int dsdb_module_reference_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, str find the RID Manager$ DN via the rIDManagerReference attribute in the base DN */ -int dsdb_module_rid_manager_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn **dn) +int dsdb_module_rid_manager_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn **dn, + struct ldb_request *parent) { return dsdb_module_reference_dn(module, mem_ctx, ldb_get_default_basedn(ldb_module_get_ctx(module)), - "rIDManagerReference", dn); + "rIDManagerReference", dn, parent); } /* @@ -631,7 +666,7 @@ int dsdb_next_callback(struct ldb_request *req, struct ldb_reply *ares) object for a partition */ int dsdb_module_load_partition_usn(struct ldb_module *module, struct ldb_dn *dn, - uint64_t *uSN, uint64_t *urgent_uSN) + uint64_t *uSN, uint64_t *urgent_uSN, struct ldb_request *parent) { struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_request *req; @@ -652,7 +687,7 @@ int dsdb_module_load_partition_usn(struct ldb_module *module, struct ldb_dn *dn, NULL, NULL, NULL, res, ldb_search_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -719,7 +754,8 @@ int dsdb_module_load_partition_usn(struct ldb_module *module, struct ldb_dn *dn, partition */ int dsdb_module_save_partition_usn(struct ldb_module *module, struct ldb_dn *dn, - uint64_t uSN, uint64_t urgent_uSN) + uint64_t uSN, uint64_t urgent_uSN, + struct ldb_request *parent) { struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_request *req; @@ -776,7 +812,7 @@ int dsdb_module_save_partition_usn(struct ldb_module *module, struct ldb_dn *dn, NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); again: if (ret != LDB_SUCCESS) { @@ -804,7 +840,7 @@ again: NULL, res, ldb_modify_default_callback, - NULL); + parent); LDB_REQ_SET_LOCATION(req); goto again; } @@ -978,7 +1014,8 @@ int dsdb_module_constrainted_update_int32(struct ldb_module *module, struct ldb_dn *dn, const char *attr, const int32_t *old_val, - const int32_t *new_val) + const int32_t *new_val, + struct ldb_request *parent) { struct ldb_message *msg; int ret; @@ -995,7 +1032,7 @@ int dsdb_module_constrainted_update_int32(struct ldb_module *module, return ret; } - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); talloc_free(msg); return ret; } @@ -1004,11 +1041,12 @@ int dsdb_module_constrainted_update_uint32(struct ldb_module *module, struct ldb_dn *dn, const char *attr, const uint32_t *old_val, - const uint32_t *new_val) + const uint32_t *new_val, + struct ldb_request *parent) { return dsdb_module_constrainted_update_int32(module, dn, attr, (const int32_t *)old_val, - (const int32_t *)new_val); + (const int32_t *)new_val, parent); } /* @@ -1018,7 +1056,8 @@ int dsdb_module_constrainted_update_int64(struct ldb_module *module, struct ldb_dn *dn, const char *attr, const int64_t *old_val, - const int64_t *new_val) + const int64_t *new_val, + struct ldb_request *parent) { struct ldb_message *msg; int ret; @@ -1035,7 +1074,7 @@ int dsdb_module_constrainted_update_int64(struct ldb_module *module, return ret; } - ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE); + ret = dsdb_module_modify(module, msg, DSDB_FLAG_NEXT_MODULE, parent); talloc_free(msg); return ret; } @@ -1044,16 +1083,18 @@ int dsdb_module_constrainted_update_uint64(struct ldb_module *module, struct ldb_dn *dn, const char *attr, const uint64_t *old_val, - const uint64_t *new_val) + const uint64_t *new_val, + struct ldb_request *parent) { return dsdb_module_constrainted_update_int64(module, dn, attr, (const int64_t *)old_val, - (const int64_t *)new_val); + (const int64_t *)new_val, + parent); } const struct ldb_val *dsdb_module_find_dsheuristics(struct ldb_module *module, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, struct ldb_request *parent) { int ret; struct ldb_dn *new_dn; @@ -1070,7 +1111,8 @@ const struct ldb_val *dsdb_module_find_dsheuristics(struct ldb_module *module, ret = dsdb_module_search_dn(module, mem_ctx, &res, new_dn, attrs, - DSDB_FLAG_NEXT_MODULE); + DSDB_FLAG_NEXT_MODULE, + parent); if (ret == LDB_SUCCESS && res->count == 1) { talloc_free(new_dn); return ldb_msg_find_ldb_val(res->msgs[0], @@ -1080,12 +1122,12 @@ const struct ldb_val *dsdb_module_find_dsheuristics(struct ldb_module *module, return NULL; } -bool dsdb_block_anonymous_ops(struct ldb_module *module) +bool dsdb_block_anonymous_ops(struct ldb_module *module, struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(module); bool result; const struct ldb_val *hr_val = dsdb_module_find_dsheuristics(module, - tmp_ctx); + tmp_ctx, parent); if (hr_val == NULL || hr_val->length < DS_HR_BLOCK_ANONYMOUS_OPS) { result = true; } else if (hr_val->data[DS_HR_BLOCK_ANONYMOUS_OPS -1] == '2') { @@ -1099,12 +1141,14 @@ bool dsdb_block_anonymous_ops(struct ldb_module *module) } bool dsdb_user_password_support(struct ldb_module *module, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); bool result; const struct ldb_val *hr_val = dsdb_module_find_dsheuristics(module, - tmp_ctx); + tmp_ctx, + parent); if (hr_val == NULL || hr_val->length < DS_HR_USER_PASSWORD_SUPPORT) { result = false; } else if ((hr_val->data[DS_HR_USER_PASSWORD_SUPPORT -1] == '2') || diff --git a/source4/dsdb/samdb/ldb_modules/util.h b/source4/dsdb/samdb/ldb_modules/util.h index e37b0b7b59..c21304213a 100644 --- a/source4/dsdb/samdb/ldb_modules/util.h +++ b/source4/dsdb/samdb/ldb_modules/util.h @@ -35,4 +35,4 @@ struct dom_sid; #define DSDB_FLAG_NEXT_MODULE 0x00100000 #define DSDB_FLAG_OWN_MODULE 0x00400000 #define DSDB_FLAG_TOP_MODULE 0x00800000 - +#define DSDB_FLAG_TRUSTED 0x01000000 diff --git a/source4/torture/drs/unit/schemainfo_tests.c b/source4/torture/drs/unit/schemainfo_tests.c index 7fa55c4f42..3db7c8cdc9 100644 --- a/source4/torture/drs/unit/schemainfo_tests.c +++ b/source4/torture/drs/unit/schemainfo_tests.c @@ -395,11 +395,11 @@ static bool test_dsdb_module_schema_info_blob_rw(struct torture_context *tctx, ldb_err = dsdb_module_schema_info_blob_write(priv->ldb_module, DSDB_FLAG_TOP_MODULE, - &blob_write); + &blob_write, NULL); torture_assert_int_equal(tctx, ldb_err, LDB_SUCCESS, "dsdb_module_schema_info_blob_write() failed"); ldb_err = dsdb_module_schema_info_blob_read(priv->ldb_module, DSDB_FLAG_TOP_MODULE, - priv, &blob_read); + priv, &blob_read, NULL); torture_assert_int_equal(tctx, ldb_err, LDB_SUCCESS, "dsdb_module_schema_info_blob_read() failed"); /* check if we get what we wrote */ @@ -427,12 +427,12 @@ static bool test_dsdb_module_schema_info_update(struct torture_context *tctx, ldb_err = dsdb_module_schema_info_update(priv->ldb_module, priv->schema, - DSDB_FLAG_TOP_MODULE | DSDB_FLAG_AS_SYSTEM); + DSDB_FLAG_TOP_MODULE | DSDB_FLAG_AS_SYSTEM, NULL); torture_assert_int_equal(tctx, ldb_err, LDB_SUCCESS, "dsdb_module_schema_info_update() failed"); /* get updated schemaInfo */ ldb_err = dsdb_module_schema_info_blob_read(priv->ldb_module, DSDB_FLAG_TOP_MODULE, - priv, &blob); + priv, &blob, NULL); torture_assert_int_equal(tctx, ldb_err, LDB_SUCCESS, "dsdb_module_schema_info_blob_read() failed"); werr = dsdb_schema_info_from_blob(&blob, priv, &schema_info); |