From fcadf47a156a9a9a9d43503c905e960f51f020eb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 19 Dec 2008 18:01:26 -0800 Subject: Add torture test for bug #5986 - streams rename, so we don't regress. Jeremy. --- source4/torture/raw/streams.c | 98 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 98 insertions(+) diff --git a/source4/torture/raw/streams.c b/source4/torture/raw/streams.c index 501da2335e..4e2a204cb6 100644 --- a/source4/torture/raw/streams.c +++ b/source4/torture/raw/streams.c @@ -1015,6 +1015,102 @@ done: return ret; } +#define CHECK_CALL_FNUM(call, rightstatus) do { \ + check_fnum = true; \ + call_name = #call; \ + sfinfo.generic.level = RAW_SFILEINFO_ ## call; \ + sfinfo.generic.in.file.fnum = fnum; \ + status = smb_raw_setfileinfo(cli->tree, &sfinfo); \ + if (!NT_STATUS_EQUAL(status, rightstatus)) { \ + printf("(%s) %s - %s (should be %s)\n", __location__, #call, \ + nt_errstr(status), nt_errstr(rightstatus)); \ + ret = false; \ + } \ + finfo1.generic.level = RAW_FILEINFO_ALL_INFO; \ + finfo1.generic.in.file.fnum = fnum; \ + status2 = smb_raw_fileinfo(cli->tree, tctx, &finfo1); \ + if (!NT_STATUS_IS_OK(status2)) { \ + printf("(%s) %s pathinfo - %s\n", __location__, #call, nt_errstr(status)); \ + ret = false; \ + }} while (0) + +/* + test stream renames +*/ +static bool test_stream_rename(struct torture_context *tctx, + struct smbcli_state *cli, + TALLOC_CTX *mem_ctx) +{ + NTSTATUS status, status2; + union smb_open io; + const char *fname = BASEDIR "\\stream_rename.txt"; + const char *sname1, *sname2; + union smb_fileinfo finfo1; + union smb_setfileinfo sfinfo; + bool ret = true; + int fnum = -1; + bool check_fnum; + const char *call_name; + + sname1 = talloc_asprintf(mem_ctx, "%s:%s", fname, "Stream One"); + sname2 = talloc_asprintf(mem_ctx, "%s:%s:$DaTa", fname, "Second Stream"); + + printf("(%s) testing stream renames\n", __location__); + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid = 0; + io.ntcreatex.in.flags = 0; + io.ntcreatex.in.access_mask = SEC_FILE_READ_ATTRIBUTE | + SEC_FILE_WRITE_ATTRIBUTE | + SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE | NTCREATEX_SHARE_ACCESS_DELETE; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = sname1; + + /* Create two streams. */ + status = smb_raw_open(cli->tree, mem_ctx, &io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + if (fnum != -1) smbcli_close(cli->tree, fnum); + + io.ntcreatex.in.fname = sname2; + status = smb_raw_open(cli->tree, mem_ctx, &io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + + if (fnum != -1) smbcli_close(cli->tree, fnum); + + /* + * Open the second stream. + */ + + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + status = smb_raw_open(cli->tree, mem_ctx, &io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + + /* + * Now rename the second stream onto the first. + */ + + ZERO_STRUCT(sfinfo); + + sfinfo.rename_information.in.overwrite = 1; + sfinfo.rename_information.in.root_fid = 0; + sfinfo.rename_information.in.new_name = ":Stream One"; + CHECK_CALL_FNUM(RENAME_INFORMATION, NT_STATUS_OK); + +done: + if (fnum != -1) smbcli_close(cli->tree, fnum); + status = smbcli_unlink(cli->tree, fname); + return ret; +} + + /* basic testing of streams calls */ @@ -1037,6 +1133,8 @@ bool torture_raw_streams(struct torture_context *torture, smb_raw_exit(cli->session); ret &= test_stream_names2(torture, cli, torture); smb_raw_exit(cli->session); + ret &= test_stream_rename(torture, cli, torture); + smb_raw_exit(cli->session); if (!torture_setting_bool(torture, "samba4", false)) { ret &= test_stream_delete(torture, cli, torture); } -- cgit From dd5a4681e8bc009e16d3586471630933710dd190 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 19 Dec 2008 15:23:58 +1100 Subject: Fix compiler warning when parsing a SID in a data blob --- source4/libcli/security/dom_sid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c index d8a83f2abb..36e3967910 100644 --- a/source4/libcli/security/dom_sid.c +++ b/source4/libcli/security/dom_sid.c @@ -152,7 +152,7 @@ struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr) struct dom_sid *dom_sid_parse_length(TALLOC_CTX *mem_ctx, const DATA_BLOB *sid) { struct dom_sid *ret; - char *p = talloc_strndup(mem_ctx, sid->data, sid->length); + char *p = talloc_strndup(mem_ctx, (char *)sid->data, sid->length); if (!p) { return NULL; } -- cgit From 6488afaafe028ad2deba03517294b577ea3b4167 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 19 Dec 2008 15:24:36 +1100 Subject: Now store the GUID and SID from a DN over DRSUAPI into ldb. Until the extended DN work was compleated, there was no way to store the additional metadata. Andrew Bartlett --- source4/dsdb/repl/replicated_objects.c | 2 +- source4/dsdb/schema/schema.h | 6 +- source4/dsdb/schema/schema_description.c | 2 - source4/dsdb/schema/schema_syntax.c | 195 +++++++++++++++++++++++++------ 4 files changed, 162 insertions(+), 43 deletions(-) diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c index 9853a75347..560f75da7a 100644 --- a/source4/dsdb/repl/replicated_objects.c +++ b/source4/dsdb/repl/replicated_objects.c @@ -282,7 +282,7 @@ static WERROR dsdb_convert_object(struct ldb_context *ldb, status = dsdb_decrypt_attribute(gensec_skey, rid, a); W_ERROR_NOT_OK_RETURN(status); - status = dsdb_attribute_drsuapi_to_ldb(schema, a, msg->elements, e); + status = dsdb_attribute_drsuapi_to_ldb(ldb, schema, a, msg->elements, e); W_ERROR_NOT_OK_RETURN(status); m->attid = a->attid; diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h index e8fefb5246..f7d59a7c39 100644 --- a/source4/dsdb/schema/schema.h +++ b/source4/dsdb/schema/schema.h @@ -37,12 +37,14 @@ struct dsdb_syntax { const char *comment; const char *ldb_syntax; - WERROR (*drsuapi_to_ldb)(const struct dsdb_schema *schema, + WERROR (*drsuapi_to_ldb)(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, struct ldb_message_element *out); - WERROR (*ldb_to_drsuapi)(const struct dsdb_schema *schema, + WERROR (*ldb_to_drsuapi)(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, diff --git a/source4/dsdb/schema/schema_description.c b/source4/dsdb/schema/schema_description.c index 9443c04bb0..5474eb5074 100644 --- a/source4/dsdb/schema/schema_description.c +++ b/source4/dsdb/schema/schema_description.c @@ -387,8 +387,6 @@ char *schema_class_to_dITContentRule(TALLOC_CTX *mem_ctx, const struct dsdb_clas char *schema_class_to_extendedInfo(TALLOC_CTX *mem_ctx, const struct dsdb_class *sclass) { char *schema_description = NULL; - DATA_BLOB guid_blob; - char *guid_hex; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return NULL; diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index 7aed08605b..6781ceb1d5 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -23,12 +23,16 @@ #include "includes.h" #include "dsdb/samdb/samdb.h" #include "librpc/gen_ndr/ndr_drsuapi.h" +#include "librpc/gen_ndr/ndr_security.h" +#include "librpc/gen_ndr/ndr_misc.h" #include "lib/ldb/include/ldb.h" +#include "lib/ldb/include/ldb_errors.h" #include "system/time.h" #include "../lib/util/charset/charset.h" #include "librpc/ndr/libndr.h" -static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -61,7 +65,8 @@ static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(const struct dsdb_schema *schema return WERR_OK; } -static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -70,7 +75,8 @@ static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(const struct dsdb_schema *schema return WERR_FOOBAR; } -static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -114,7 +120,8 @@ static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -155,7 +162,8 @@ static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -194,7 +202,8 @@ static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -233,7 +242,8 @@ static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -272,7 +282,8 @@ static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -311,7 +322,8 @@ static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -361,7 +373,8 @@ static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(const struct dsdb_schema *sc return WERR_OK; } -static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -403,7 +416,8 @@ static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(const struct dsdb_schema *sc return WERR_OK; } -static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -445,7 +459,8 @@ static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(const struct dsdb_schema *schema return WERR_OK; } -static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -487,7 +502,8 @@ static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(const struct dsdb_schema *schema return WERR_OK; } -static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -520,7 +536,8 @@ static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(const struct dsdb_schema *sch return WERR_OK; } -static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -553,7 +570,8 @@ static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(const struct dsdb_schema *sch return WERR_OK; } -static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -599,7 +617,8 @@ static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(const struct dsdb_schema *sche return WERR_OK; } -static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -639,7 +658,8 @@ static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(const struct dsdb_schema *sche return WERR_OK; } -static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -649,11 +669,11 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema, switch (attr->attributeID_id) { case DRSUAPI_ATTRIBUTE_objectClass: - return _dsdb_syntax_OID_obj_drsuapi_to_ldb(schema, attr, in, mem_ctx, out); + return _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); case DRSUAPI_ATTRIBUTE_governsID: case DRSUAPI_ATTRIBUTE_attributeID: case DRSUAPI_ATTRIBUTE_attributeSyntax: - return _dsdb_syntax_OID_oid_drsuapi_to_ldb(schema, attr, in, mem_ctx, out); + return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); } out->flags = 0; @@ -693,7 +713,8 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -711,7 +732,7 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema, case DRSUAPI_ATTRIBUTE_governsID: case DRSUAPI_ATTRIBUTE_attributeID: case DRSUAPI_ATTRIBUTE_attributeSyntax: - return dsdb_syntax_FOOBAR_ldb_to_drsuapi(schema, attr, in, mem_ctx, out); + return dsdb_syntax_FOOBAR_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out); } out->attid = attr->attributeID_id; @@ -740,7 +761,8 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_schema *schema, return WERR_OK; } -static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -784,7 +806,8 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_schema *schem return WERR_OK; } -static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -825,13 +848,15 @@ static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(const struct dsdb_schema *schem return WERR_OK; } -static WERROR dsdb_syntax_DN_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DN_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, struct ldb_message_element *out) { uint32_t i; + int ret; out->flags = 0; out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName); @@ -844,31 +869,83 @@ static WERROR dsdb_syntax_DN_drsuapi_to_ldb(const struct dsdb_schema *schema, for (i=0; i < out->num_values; i++) { struct drsuapi_DsReplicaObjectIdentifier3 id3; enum ndr_err_code ndr_err; + DATA_BLOB guid_blob; + struct ldb_dn *dn; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + if (!tmp_ctx) { + W_ERROR_HAVE_NO_MEMORY(tmp_ctx); + } if (in->value_ctr.values[i].blob == NULL) { + talloc_free(tmp_ctx); return WERR_FOOBAR; } if (in->value_ctr.values[i].blob->length == 0) { + talloc_free(tmp_ctx); return WERR_FOOBAR; } + + ndr_err = ndr_pull_struct_blob_all(in->value_ctr.values[i].blob, - out->values, schema->iconv_convenience, &id3, + tmp_ctx, schema->iconv_convenience, &id3, (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); return ntstatus_to_werror(status); } - /* TODO: handle id3.guid and id3.sid */ - out->values[i] = data_blob_string_const(id3.dn); + dn = ldb_dn_new(tmp_ctx, ldb, id3.dn); + if (!dn) { + talloc_free(tmp_ctx); + /* If this fails, it must be out of memory, as it does not do much parsing */ + W_ERROR_HAVE_NO_MEMORY(dn); + } + + ndr_err = ndr_push_struct_blob(&guid_blob, tmp_ctx, schema->iconv_convenience, &id3.guid, + (ndr_push_flags_fn_t)ndr_push_GUID); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); + return ntstatus_to_werror(status); + } + + ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return WERR_FOOBAR; + } + + talloc_free(guid_blob.data); + + if (id3.__ndr_size_sid) { + DATA_BLOB sid_blob; + ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, schema->iconv_convenience, &id3.sid, + (ndr_push_flags_fn_t)ndr_push_dom_sid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); + return ntstatus_to_werror(status); + } + + ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return WERR_FOOBAR; + } + } + + out->values[i] = data_blob_string_const(ldb_dn_get_extended_linearized(out->values, dn, 1)); + talloc_free(tmp_ctx); } return WERR_OK; } -static WERROR dsdb_syntax_DN_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DN_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -894,24 +971,61 @@ static WERROR dsdb_syntax_DN_ldb_to_drsuapi(const struct dsdb_schema *schema, for (i=0; i < in->num_values; i++) { struct drsuapi_DsReplicaObjectIdentifier3 id3; enum ndr_err_code ndr_err; + const DATA_BLOB *guid_blob, *sid_blob; + struct ldb_dn *dn; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + W_ERROR_HAVE_NO_MEMORY(tmp_ctx); out->value_ctr.values[i].blob = &blobs[i]; - /* TODO: handle id3.guid and id3.sid */ + dn = ldb_dn_from_ldb_val(tmp_ctx, ldb, &in->values[i]); + + W_ERROR_HAVE_NO_MEMORY(dn); + + guid_blob = ldb_dn_get_extended_component(dn, "GUID"); + ZERO_STRUCT(id3); - id3.dn = (const char *)in->values[i].data; + + if (guid_blob) { + ndr_err = ndr_pull_struct_blob_all(guid_blob, + tmp_ctx, schema->iconv_convenience, &id3.guid, + (ndr_pull_flags_fn_t)ndr_pull_GUID); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); + return ntstatus_to_werror(status); + } + } + + sid_blob = ldb_dn_get_extended_component(dn, "SID"); + if (sid_blob) { + + ndr_err = ndr_pull_struct_blob_all(sid_blob, + tmp_ctx, schema->iconv_convenience, &id3.sid, + (ndr_pull_flags_fn_t)ndr_pull_dom_sid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); + return ntstatus_to_werror(status); + } + } + + id3.dn = ldb_dn_get_linearized(dn); ndr_err = ndr_push_struct_blob(&blobs[i], blobs, schema->iconv_convenience, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + talloc_free(tmp_ctx); return ntstatus_to_werror(status); } + talloc_free(tmp_ctx); } return WERR_OK; } -static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -966,7 +1080,8 @@ static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(const struct dsdb_schema *sch return WERR_OK; } -static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -1011,7 +1126,8 @@ static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(const struct dsdb_schema *sch return WERR_OK; } -static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, @@ -1060,7 +1176,8 @@ static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(const struct dsdb_ return WERR_OK; } -static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(const struct dsdb_schema *schema, +static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct dsdb_attribute *attr, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, @@ -1394,7 +1511,8 @@ const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute return NULL; } -WERROR dsdb_attribute_drsuapi_to_ldb(const struct dsdb_schema *schema, +WERROR dsdb_attribute_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct drsuapi_DsReplicaAttribute *in, TALLOC_CTX *mem_ctx, struct ldb_message_element *out) @@ -1406,10 +1524,11 @@ WERROR dsdb_attribute_drsuapi_to_ldb(const struct dsdb_schema *schema, return WERR_FOOBAR; } - return sa->syntax->drsuapi_to_ldb(schema, sa, in, mem_ctx, out); + return sa->syntax->drsuapi_to_ldb(ldb, schema, sa, in, mem_ctx, out); } -WERROR dsdb_attribute_ldb_to_drsuapi(const struct dsdb_schema *schema, +WERROR dsdb_attribute_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, const struct ldb_message_element *in, TALLOC_CTX *mem_ctx, struct drsuapi_DsReplicaAttribute *out) @@ -1421,5 +1540,5 @@ WERROR dsdb_attribute_ldb_to_drsuapi(const struct dsdb_schema *schema, return WERR_FOOBAR; } - return sa->syntax->ldb_to_drsuapi(schema, sa, in, mem_ctx, out); + return sa->syntax->ldb_to_drsuapi(ldb, schema, sa, in, mem_ctx, out); } -- cgit From 18c095e5d86d1353eff8aea1b641968d504b6c80 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 20 Dec 2008 12:05:48 +1100 Subject: Don't trust sscanf not to run off the end of the string The memory allocations here are wasteful, but they do nicely ensure we cannot walk off the end of the DATA_BLOB that might be a string, or might be binary and might not be NULL terminated. Andrew Bartlett --- librpc/ndr/uuid.c | 49 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 14 deletions(-) diff --git a/librpc/ndr/uuid.c b/librpc/ndr/uuid.c index aa24ac4494..2b47246806 100644 --- a/librpc/ndr/uuid.c +++ b/librpc/ndr/uuid.c @@ -36,6 +36,7 @@ _PUBLIC_ NTSTATUS GUID_from_data_blob(const DATA_BLOB *s, struct GUID *guid) uint32_t clock_seq[2]; uint32_t node[6]; uint8_t buf16[16]; + DATA_BLOB blob16 = data_blob_const(buf16, sizeof(buf16)); int i; @@ -43,20 +44,40 @@ _PUBLIC_ NTSTATUS GUID_from_data_blob(const DATA_BLOB *s, struct GUID *guid) return NT_STATUS_INVALID_PARAMETER; } - if (s->length == 36 && - 11 == sscanf((const char *)s->data, - "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", - &time_low, &time_mid, &time_hi_and_version, - &clock_seq[0], &clock_seq[1], - &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { - status = NT_STATUS_OK; - } else if (s->length == 38 - && 11 == sscanf((const char *)s->data, - "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", - &time_low, &time_mid, &time_hi_and_version, - &clock_seq[0], &clock_seq[1], - &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { - status = NT_STATUS_OK; + if (s->length == 36) { + TALLOC_CTX *mem_ctx; + const char *string; + + mem_ctx = talloc_new(NULL); + NT_STATUS_HAVE_NO_MEMORY(mem_ctx); + string = talloc_strndup(mem_ctx, (const char *)s->data, s->length); + NT_STATUS_HAVE_NO_MEMORY(string); + if (11 == sscanf(string, + "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + status = NT_STATUS_OK; + } + talloc_free(mem_ctx); + + } else if (s->length == 38) { + TALLOC_CTX *mem_ctx; + const char *string; + + mem_ctx = talloc_new(NULL); + NT_STATUS_HAVE_NO_MEMORY(mem_ctx); + string = talloc_strndup(mem_ctx, (const char *)s->data, s->length); + NT_STATUS_HAVE_NO_MEMORY(string); + if (11 == sscanf((const char *)s->data, + "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + status = NT_STATUS_OK; + } + talloc_free(mem_ctx); + } else if (s->length == 32) { size_t rlen = strhex_to_str((char *)blob16.data, blob16.length, (const char *)s->data, s->length); -- cgit From 012a6524f7f8d2bca9e760dfe36ea8037766274a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 20 Dec 2008 15:11:40 +1100 Subject: Treat DN+STring as a binary string for now This matches the way we work with DN+Binary. We need this for the OpenLDAP backend. Andrew Bartlett --- source4/dsdb/schema/schema_syntax.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index 6781ceb1d5..4141026b7e 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -1446,11 +1446,11 @@ static const struct dsdb_syntax dsdb_syntaxes[] = { .oMSyntax = 127, .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c"), .attributeSyntax_oid = "2.5.5.14", - .drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb, - .ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi, - .equality = "distinguishedNameMatch", + .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb, + .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi, + .equality = "octetStringMatch", .comment = "OctetString: String+DN", - .ldb_syntax = LDB_SYNTAX_DN, + .ldb_syntax = LDB_SYNTAX_OCTET_STRING, } }; -- cgit From f210fbe68b07cadd8ca3e358b1579a9c602cc7f8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 20 Dec 2008 16:43:48 +1100 Subject: Corrections to Microsoft's schema and the OpenLDAP mapping file --- .../MS-AD_Schema_Attributes_v20080618.txt | 56 ++++++++++++++++++++++ source4/setup/schema-map-openldap-2.3 | 7 +++ 2 files changed, 63 insertions(+) diff --git a/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt index 743e1d0abe..ab4f3999bd 100644 --- a/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt +++ b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt @@ -2423,6 +2423,20 @@ searchFlags: 0 systemFlags: FLAG_SCHEMA_BASE_OBJECT schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +cn: Global-Address-List2 +ldapDisplayName: globalAddressList2 +attributeId: 1.2.840.113556.1.4.2047 +attributeSyntax: 2.5.5.1 +linkID: 2124 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 4898f63d-4112-477c-8826-3ca00bd8277d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + cn: Governs-ID ldapDisplayName: governsID attributeId: 1.2.840.113556.1.2.22 @@ -3891,6 +3905,20 @@ searchFlags: 0 systemFlags: FLAG_SCHEMA_BASE_OBJECT schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +cn: Address-Book-Roots2 +ldapDisplayName: addressBookRoots2 +attributeId: 1.2.840.113556.1.4.2046 +attributeSyntax: 2.5.5.1 +linkID: 2122 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 508ca374-a511-4e4e-9f4f-856f61a6b7e4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + cn: Address-Entry-Display-Table ldapDisplayName: addressEntryDisplayTable attributeId: 1.2.840.113556.1.2.324 @@ -5835,6 +5863,20 @@ rangeLower: 0 systemFlags: FLAG_SCHEMA_BASE_OBJECT schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +cn: ms-DS-BridgeHead-Servers-Used +ldapDisplayName: msDS-BridgeHeadServersUsed +attributeId: 1.2.840.113556.1.4.2049 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +linkID: 2160 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +schemaIdGuid: 3ced1465-7b71-2541-8780-1e1ea6243a82 +searchFlags: 0 +systemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + cn: ms-DS-Byte-Array ldapDisplayName: msDS-ByteArray attributeId: 1.2.840.113556.1.4.1831 @@ -13740,6 +13782,20 @@ searchFlags: 0 systemFlags: FLAG_SCHEMA_BASE_OBJECT schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +cn: Template-Roots2 +ldapDisplayName: templateRoots2 +attributeId: 1.2.840.113556.1.4.2048 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +linkId: 2126 +schemaIdGuid: b1cba91a-0682-4362-a659-153e201ef069 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + cn: Terminal-Server ldapDisplayName: terminalServer attributeId: 1.2.840.113556.1.4.885 diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3 index bff1695c8f..233f9a9613 100644 --- a/source4/setup/schema-map-openldap-2.3 +++ b/source4/setup/schema-map-openldap-2.3 @@ -11,6 +11,9 @@ distinguishedName description cn top +entryTTL +uidNumber +gidNumber #The memberOf plugin provides this attribute memberOf #These conflict with OpenLDAP builtins @@ -42,3 +45,7 @@ modifyTimeStamp:samba4ModifyTimestamp 1.3.6.1.4.1.1466.115.121.1.38:1.3.6.1.4.1.1466.115.121.1.44 #Treat Object(DN-Binary) as a binary blob 1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.40 +#Treat Object(DN-String) as a binary blob +1.2.840.113556.1.4.904:1.3.6.1.4.1.1466.115.121.1.40 +#Treat UTC-Time as GeneralizedTime +1.3.6.1.4.1.1466.115.121.1.53:1.3.6.1.4.1.1466.115.121.1.24 -- cgit