From 39c45ce4f1a0cce9dc23e6d8df3f93bb124a19a0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 18 May 2006 16:08:28 +0000 Subject: r15697: I take no comments as no objections :) Expand the "winbind nss info" to also take "rfc2307" to support the plain posix attributes LDAP schema from win2k3-r2. This work is based on patches from Howard Wilkinson and Bob Gautier (and closes bug #3345). Guenther (This used to be commit 52423e01dc209ba5abde808a446287714ed11567) --- source3/libads/ldap_schema.c | 329 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 329 insertions(+) create mode 100644 source3/libads/ldap_schema.c (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c new file mode 100644 index 0000000000..a0c735208f --- /dev/null +++ b/source3/libads/ldap_schema.c @@ -0,0 +1,329 @@ +/* + Unix SMB/CIFS implementation. + ads (active directory) utility library + Copyright (C) Guenther Deschner 2005-2006 + Copyright (C) Gerald (Jerry) Carter 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#ifdef HAVE_LDAP + +ADS_STATUS ads_get_attrnames_by_oids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, + const char *schema_path, + const char **OIDs, size_t num_OIDs, + char ***OIDs_out, char ***names, size_t *count) +{ + ADS_STATUS status; + void *res = NULL; + LDAPMessage *msg; + char *expr = NULL; + const char *attrs[] = { "lDAPDisplayName", "attributeId", NULL }; + int i = 0, p = 0; + + if (!ads || !mem_ctx || !names || !count || !OIDs || !OIDs_out) { + return ADS_ERROR(LDAP_PARAM_ERROR); + } + + if (num_OIDs == 0 || OIDs[0] == NULL) { + return ADS_ERROR_NT(NT_STATUS_NONE_MAPPED); + } + + if ((expr = talloc_asprintf(mem_ctx, "(|")) == NULL) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + for (i=0; ischema.posix_uidnumber_attr = NULL; + ads->schema.posix_gidnumber_attr = NULL; + ads->schema.posix_homedir_attr = NULL; + ads->schema.posix_shell_attr = NULL; + ads->schema.posix_gecos_attr = NULL; + + ctx = talloc_init("ads_check_posix_schema_mapping"); + if (ctx == NULL) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + /* establish a new ldap tcp session if necessary */ + + if (!ads->ld) { + if ((ads_s = ads_init(ads->server.realm, ads->server.workgroup, + ads->server.ldap_server)) == NULL) { + status = ADS_ERROR(LDAP_SERVER_DOWN); + goto done; + } + + ads_s->auth.flags = ADS_AUTH_ANON_BIND; + status = ads_connect(ads_s); + if (!ADS_ERR_OK(status)) { + goto done; + } + } + + status = ads_schema_path(ads, ctx, &schema_path); + if (!ADS_ERR_OK(status)) { + DEBUG(3,("ads_check_posix_mapping: Unable to retrieve schema DN!\n")); + goto done; + } + + if (map_type == WB_POSIX_MAP_SFU) { + status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu, + ARRAY_SIZE(oids_sfu), + &oids_out, &names_out, &num_names); + } else { + status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_rfc2307, + ARRAY_SIZE(oids_rfc2307), + &oids_out, &names_out, &num_names); + } + + if (!ADS_ERR_OK(status)) { + DEBUG(3,("ads_check_posix_schema_mapping: failed %s\n", + ads_errstr(status))); + goto done; + } + + DEBUG(10,("ads_check_posix_schema_mapping: query succeeded, identified: %s\n", + wb_posix_map_str(map_type))); + + for (i=0; ischema.posix_uidnumber_attr = SMB_STRDUP(names_out[i]); + } + if (strequal(ADS_ATTR_RFC2307_GIDNUMBER_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i])) { + ads->schema.posix_gidnumber_attr = SMB_STRDUP(names_out[i]); + } + if (strequal(ADS_ATTR_RFC2307_HOMEDIR_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i])) { + ads->schema.posix_homedir_attr = SMB_STRDUP(names_out[i]); + } + if (strequal(ADS_ATTR_RFC2307_SHELL_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i])) { + ads->schema.posix_shell_attr = SMB_STRDUP(names_out[i]); + } + if (strequal(ADS_ATTR_RFC2307_GECOS_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i])) { + ads->schema.posix_gecos_attr = SMB_STRDUP(names_out[i]); + } + } + + talloc_destroy(ctx); + + ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_uidnumber_attr); + ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_gidnumber_attr); + ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_homedir_attr); + ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_shell_attr); + ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_gecos_attr); + + status = ADS_ERROR(LDAP_SUCCESS); + + ads->schema.map_type = map_type; +done: + /* free any temporary ads connections */ + if (ads_s != ads) { + ads_destroy(&ads_s); + } + if (ctx) { + talloc_destroy(ctx); + } + + return status; +} + +#endif -- cgit From 2b7b5e9ece6cf81ff2efbdd5b7bc2b2b2baf8e9c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 31 May 2006 10:32:12 +0000 Subject: r15980: Correctly destroy talloc_ctx when the LDAP posix attribute query has failed. Noticed by Bob Gautier. Guenther (This used to be commit 7327f94546a90df25c688dcafd42e0993133057a) --- source3/libads/ldap_schema.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index a0c735208f..13a8ab0cb0 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -303,13 +303,14 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping } } - talloc_destroy(ctx); - - ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_uidnumber_attr); - ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_gidnumber_attr); - ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_homedir_attr); - ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_shell_attr); - ADS_ERROR_HAVE_NO_MEMORY(ads->schema.posix_gecos_attr); + if (!ads->schema.posix_uidnumber_attr || + !ads->schema.posix_gidnumber_attr || + !ads->schema.posix_homedir_attr || + !ads->schema.posix_shell_attr || + !ads->schema.posix_gecos_attr) { + status = ADS_ERROR(LDAP_NO_MEMORY); + goto done; + } status = ADS_ERROR(LDAP_SUCCESS); -- cgit From 49f6498a6f4efca5097e6338b14bcfe07a8261df Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 28 Jun 2006 01:21:54 +0000 Subject: r16589: Fix Klocwork #1999. Although it should be impossible to get duplicate OID's returned in the oids_out list it is still good programming practice to clear out a malloc'ed string before re-writing it (especially in a loop). Jeremy (This used to be commit ae02c05bfca46eb6a8ba25b124c18a358a759cb5) --- source3/libads/ldap_schema.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 13a8ab0cb0..b65ff956ac 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -283,22 +283,27 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping if (strequal(ADS_ATTR_RFC2307_UIDNUMBER_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_UIDNUMBER_OID, oids_out[i])) { + SAFE_FREE(ads->schema.posix_uidnumber_attr); ads->schema.posix_uidnumber_attr = SMB_STRDUP(names_out[i]); } if (strequal(ADS_ATTR_RFC2307_GIDNUMBER_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i])) { + SAFE_FREE(ads->schema.posix_gidnumber_attr); ads->schema.posix_gidnumber_attr = SMB_STRDUP(names_out[i]); } if (strequal(ADS_ATTR_RFC2307_HOMEDIR_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i])) { + SAFE_FREE(ads->schema.posix_homedir_attr); ads->schema.posix_homedir_attr = SMB_STRDUP(names_out[i]); } if (strequal(ADS_ATTR_RFC2307_SHELL_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i])) { + SAFE_FREE(ads->schema.posix_shell_attr); ads->schema.posix_shell_attr = SMB_STRDUP(names_out[i]); } if (strequal(ADS_ATTR_RFC2307_GECOS_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i])) { + SAFE_FREE(ads->schema.posix_gecos_attr); ads->schema.posix_gecos_attr = SMB_STRDUP(names_out[i]); } } -- cgit From ee0e397d6f003c583768803aa27716b2b7a23981 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 3 Sep 2006 21:07:16 +0000 Subject: r18019: Fix a C++ warnings: Don't use void * in libads/ for LDAPMessage anymore. Compiled it on systems with and without LDAP, I hope it does not break the build farm too badly. If it does, I'll fix it tomorrow. Volker (This used to be commit b2ff9680ebe0979fbeef7f2dabc2e3f27c959d11) --- source3/libads/ldap_schema.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index b65ff956ac..30d0cb2c0d 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -29,7 +29,7 @@ ADS_STATUS ads_get_attrnames_by_oids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char ***OIDs_out, char ***names, size_t *count) { ADS_STATUS status; - void *res = NULL; + LDAPMessage *res = NULL; LDAPMessage *msg; char *expr = NULL; const char *attrs[] = { "lDAPDisplayName", "attributeId", NULL }; @@ -111,7 +111,7 @@ const char *ads_get_attrname_by_oid(ADS_STRUCT *ads, const char *schema_path, TA { ADS_STATUS rc; int count = 0; - void *res = NULL; + LDAPMessage *res = NULL; char *expr = NULL; const char *attrs[] = { "lDAPDisplayName", NULL }; char *result; @@ -155,7 +155,7 @@ failed: static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path) { ADS_STATUS status; - void *res; + LDAPMessage *res; const char *schema; const char *attrs[] = { "schemaNamingContext", NULL }; -- cgit From dda94fdf96e9a2ec77e98ed6304ffb94252e4c7c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 14 Sep 2006 09:44:48 +0000 Subject: r18508: A query for the LDAP schema can never be done anonymously against AD. Guenther (This used to be commit 8bb6e82f02044a715dbeee020bcc4a01a83c4a64) --- source3/libads/ldap_schema.c | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 30d0cb2c0d..da8b168c21 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -181,7 +181,7 @@ static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **s * Check for "Services for Unix" or rfc2307 Schema and load some attributes into the ADS_STRUCT * @param ads connection to ads server * @param enum mapping type - * @return BOOL status of search (False if one or more attributes couldn't be + * @return ADS_STATUS status of search (False if one or more attributes couldn't be * found in Active Directory) **/ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping map_type) @@ -191,7 +191,6 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping char **oids_out, **names_out; size_t num_names; char *schema_path = NULL; - ADS_STRUCT *ads_s = ads; int i; const char *oids_sfu[] = { ADS_ATTR_SFU_UIDNUMBER_OID, @@ -236,22 +235,6 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping return ADS_ERROR(LDAP_NO_MEMORY); } - /* establish a new ldap tcp session if necessary */ - - if (!ads->ld) { - if ((ads_s = ads_init(ads->server.realm, ads->server.workgroup, - ads->server.ldap_server)) == NULL) { - status = ADS_ERROR(LDAP_SERVER_DOWN); - goto done; - } - - ads_s->auth.flags = ADS_AUTH_ANON_BIND; - status = ads_connect(ads_s); - if (!ADS_ERR_OK(status)) { - goto done; - } - } - status = ads_schema_path(ads, ctx, &schema_path); if (!ADS_ERR_OK(status)) { DEBUG(3,("ads_check_posix_mapping: Unable to retrieve schema DN!\n")); @@ -321,10 +304,6 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping ads->schema.map_type = map_type; done: - /* free any temporary ads connections */ - if (ads_s != ads) { - ads_destroy(&ads_s); - } if (ctx) { talloc_destroy(ctx); } -- cgit From 4fa5a1c8453379e1b1bd39dea14b7e736b9ae41f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 19 Sep 2006 02:04:11 +0000 Subject: r18670: Fix memleaks. Guenther (This used to be commit 2fc63fb8f7927ea61c565801b4c6308d3a4afcd1) --- source3/libads/ldap_schema.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index da8b168c21..b4a512cbfe 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -165,10 +165,12 @@ static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **s } if ( (schema = ads_pull_string(ads, mem_ctx, res, "schemaNamingContext")) == NULL ) { + ads_msgfree(ads, res); return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); } if ( (*schema_path = talloc_strdup(mem_ctx, schema)) == NULL ) { + ads_msgfree(ads, res); return ADS_ERROR(LDAP_NO_MEMORY); } -- cgit From b9b26be1744b792a54f0a77af140237b4dc5a870 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 24 Jan 2007 01:48:08 +0000 Subject: r20986: Commit the prototype of the nss_info plugin interface. This allows a provider to supply the homedirectory, etc... attributes for a user without requiring support in core winbindd code. The idmap_ad.c module has been modified to provide the idmap 'ad' library as well as the rfc2307 and sfu "winbind nss info" support. The SID/id mapping is working in idmap_ad but the nss_info still has a few quirks that I'm in the process of resolving. (This used to be commit aaec0115e2c96935499052d9a637a20c6445986e) --- source3/libads/ldap_schema.c | 77 ++++++++++++++++++-------------------------- 1 file changed, 32 insertions(+), 45 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index b4a512cbfe..5d91d98549 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -186,7 +186,10 @@ static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **s * @return ADS_STATUS status of search (False if one or more attributes couldn't be * found in Active Directory) **/ -ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping map_type) +ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, + ADS_STRUCT *ads, + enum wb_posix_mapping map_type, + struct posix_schema **s ) { TALLOC_CTX *ctx = NULL; ADS_STATUS status; @@ -194,6 +197,7 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping size_t num_names; char *schema_path = NULL; int i; + struct posix_schema *schema = NULL; const char *oids_sfu[] = { ADS_ATTR_SFU_UIDNUMBER_OID, ADS_ATTR_SFU_GIDNUMBER_OID, @@ -209,34 +213,15 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping DEBUG(10,("ads_check_posix_schema_mapping\n")); - switch (map_type) { - - case WB_POSIX_MAP_TEMPLATE: - case WB_POSIX_MAP_UNIXINFO: - DEBUG(10,("ads_check_posix_schema_mapping: nothing to do\n")); - return ADS_ERROR(LDAP_SUCCESS); - - case WB_POSIX_MAP_SFU: - case WB_POSIX_MAP_RFC2307: - break; - - default: - DEBUG(0,("ads_check_posix_schema_mapping: " - "unknown enum %d\n", map_type)); - return ADS_ERROR(LDAP_PARAM_ERROR); + if ( (ctx = talloc_init("ads_check_posix_schema_mapping")) == NULL ) { + return ADS_ERROR(LDAP_NO_MEMORY); } - ads->schema.posix_uidnumber_attr = NULL; - ads->schema.posix_gidnumber_attr = NULL; - ads->schema.posix_homedir_attr = NULL; - ads->schema.posix_shell_attr = NULL; - ads->schema.posix_gecos_attr = NULL; - - ctx = talloc_init("ads_check_posix_schema_mapping"); - if (ctx == NULL) { + if ( (schema = TALLOC_P(mem_ctx, struct posix_schema)) == NULL ) { + TALLOC_FREE( ctx ); return ADS_ERROR(LDAP_NO_MEMORY); } - + status = ads_schema_path(ads, ctx, &schema_path); if (!ADS_ERR_OK(status)) { DEBUG(3,("ads_check_posix_mapping: Unable to retrieve schema DN!\n")); @@ -257,10 +242,7 @@ ADS_STATUS ads_check_posix_schema_mapping(ADS_STRUCT *ads, enum wb_posix_mapping DEBUG(3,("ads_check_posix_schema_mapping: failed %s\n", ads_errstr(status))); goto done; - } - - DEBUG(10,("ads_check_posix_schema_mapping: query succeeded, identified: %s\n", - wb_posix_map_str(map_type))); + } for (i=0; ischema.posix_uidnumber_attr); - ads->schema.posix_uidnumber_attr = SMB_STRDUP(names_out[i]); + schema->posix_uidnumber_attr = talloc_strdup(schema, names_out[i]); + continue; } + if (strequal(ADS_ATTR_RFC2307_GIDNUMBER_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i])) { - SAFE_FREE(ads->schema.posix_gidnumber_attr); - ads->schema.posix_gidnumber_attr = SMB_STRDUP(names_out[i]); + schema->posix_gidnumber_attr = talloc_strdup(schema, names_out[i]); + continue; } + if (strequal(ADS_ATTR_RFC2307_HOMEDIR_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i])) { - SAFE_FREE(ads->schema.posix_homedir_attr); - ads->schema.posix_homedir_attr = SMB_STRDUP(names_out[i]); + schema->posix_homedir_attr = talloc_strdup(schema, names_out[i]); + continue; } + if (strequal(ADS_ATTR_RFC2307_SHELL_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i])) { - SAFE_FREE(ads->schema.posix_shell_attr); - ads->schema.posix_shell_attr = SMB_STRDUP(names_out[i]); + schema->posix_shell_attr = talloc_strdup(schema, names_out[i]); + continue; } + if (strequal(ADS_ATTR_RFC2307_GECOS_OID, oids_out[i]) || strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i])) { - SAFE_FREE(ads->schema.posix_gecos_attr); - ads->schema.posix_gecos_attr = SMB_STRDUP(names_out[i]); + schema->posix_gecos_attr = talloc_strdup(schema, names_out[i]); } } - if (!ads->schema.posix_uidnumber_attr || - !ads->schema.posix_gidnumber_attr || - !ads->schema.posix_homedir_attr || - !ads->schema.posix_shell_attr || - !ads->schema.posix_gecos_attr) { + if (!schema->posix_uidnumber_attr || + !schema->posix_gidnumber_attr || + !schema->posix_homedir_attr || + !schema->posix_shell_attr || + !schema->posix_gecos_attr) { status = ADS_ERROR(LDAP_NO_MEMORY); + TALLOC_FREE( schema ); goto done; } + + *s = schema; status = ADS_ERROR(LDAP_SUCCESS); - ads->schema.map_type = map_type; done: if (ctx) { talloc_destroy(ctx); -- cgit From 47bd42ab1c0c5de62e0692f152c01df80abecdeb Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 26 Jun 2007 09:15:37 +0000 Subject: r23607: Add legacy support for Services for Unix (SFU) 2.0. Guenther (This used to be commit 11b390309b9677805e5b68f3a1b780658ae85137) --- source3/libads/ldap_schema.c | 72 +++++++++++++++++++++++++++++++++----------- 1 file changed, 55 insertions(+), 17 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 5d91d98549..a8b93cbdbc 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -205,13 +205,37 @@ ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, ADS_ATTR_SFU_SHELL_OID, ADS_ATTR_SFU_GECOS_OID}; + const char *oids_sfu20[] = { ADS_ATTR_SFU20_UIDNUMBER_OID, + ADS_ATTR_SFU20_GIDNUMBER_OID, + ADS_ATTR_SFU20_HOMEDIR_OID, + ADS_ATTR_SFU20_SHELL_OID, + ADS_ATTR_SFU20_GECOS_OID}; + const char *oids_rfc2307[] = { ADS_ATTR_RFC2307_UIDNUMBER_OID, ADS_ATTR_RFC2307_GIDNUMBER_OID, ADS_ATTR_RFC2307_HOMEDIR_OID, ADS_ATTR_RFC2307_SHELL_OID, ADS_ATTR_RFC2307_GECOS_OID }; - DEBUG(10,("ads_check_posix_schema_mapping\n")); + DEBUG(10,("ads_check_posix_schema_mapping for schema mode: %d\n", map_type)); + + switch (map_type) { + + case WB_POSIX_MAP_TEMPLATE: + case WB_POSIX_MAP_UNIXINFO: + DEBUG(10,("ads_check_posix_schema_mapping: nothing to do\n")); + return ADS_ERROR(LDAP_SUCCESS); + + case WB_POSIX_MAP_SFU: + case WB_POSIX_MAP_SFU20: + case WB_POSIX_MAP_RFC2307: + break; + + default: + DEBUG(0,("ads_check_posix_schema_mapping: " + "unknown enum %d\n", map_type)); + return ADS_ERROR(LDAP_PARAM_ERROR); + } if ( (ctx = talloc_init("ads_check_posix_schema_mapping")) == NULL ) { return ADS_ERROR(LDAP_NO_MEMORY); @@ -228,14 +252,25 @@ ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, goto done; } - if (map_type == WB_POSIX_MAP_SFU) { - status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu, - ARRAY_SIZE(oids_sfu), - &oids_out, &names_out, &num_names); - } else { - status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_rfc2307, - ARRAY_SIZE(oids_rfc2307), - &oids_out, &names_out, &num_names); + switch (map_type) { + case WB_POSIX_MAP_SFU: + status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu, + ARRAY_SIZE(oids_sfu), + &oids_out, &names_out, &num_names); + break; + case WB_POSIX_MAP_SFU20: + status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu20, + ARRAY_SIZE(oids_sfu20), + &oids_out, &names_out, &num_names); + break; + case WB_POSIX_MAP_RFC2307: + status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_rfc2307, + ARRAY_SIZE(oids_rfc2307), + &oids_out, &names_out, &num_names); + break; + default: + status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); + break; } if (!ADS_ERR_OK(status)) { @@ -249,31 +284,36 @@ ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, DEBUGADD(10,("\tOID %s has name: %s\n", oids_out[i], names_out[i])); if (strequal(ADS_ATTR_RFC2307_UIDNUMBER_OID, oids_out[i]) || - strequal(ADS_ATTR_SFU_UIDNUMBER_OID, oids_out[i])) { + strequal(ADS_ATTR_SFU_UIDNUMBER_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU20_UIDNUMBER_OID, oids_out[i])) { schema->posix_uidnumber_attr = talloc_strdup(schema, names_out[i]); continue; } if (strequal(ADS_ATTR_RFC2307_GIDNUMBER_OID, oids_out[i]) || - strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i])) { + strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU20_GIDNUMBER_OID, oids_out[i])) { schema->posix_gidnumber_attr = talloc_strdup(schema, names_out[i]); continue; } if (strequal(ADS_ATTR_RFC2307_HOMEDIR_OID, oids_out[i]) || - strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i])) { + strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU20_HOMEDIR_OID, oids_out[i])) { schema->posix_homedir_attr = talloc_strdup(schema, names_out[i]); continue; } if (strequal(ADS_ATTR_RFC2307_SHELL_OID, oids_out[i]) || - strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i])) { + strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU20_SHELL_OID, oids_out[i])) { schema->posix_shell_attr = talloc_strdup(schema, names_out[i]); continue; } if (strequal(ADS_ATTR_RFC2307_GECOS_OID, oids_out[i]) || - strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i])) { + strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i]) || + strequal(ADS_ATTR_SFU20_GECOS_OID, oids_out[i])) { schema->posix_gecos_attr = talloc_strdup(schema, names_out[i]); } } @@ -293,9 +333,7 @@ ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, status = ADS_ERROR(LDAP_SUCCESS); done: - if (ctx) { - talloc_destroy(ctx); - } + TALLOC_FREE(ctx); return status; } -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/libads/ldap_schema.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index a8b93cbdbc..0f0b20c1bf 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -6,7 +6,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/libads/ldap_schema.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 0f0b20c1bf..f71f53adb6 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -15,8 +15,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From e7705f9eb920715b95a331e2f3c1f1c60258ac18 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 11 Jul 2007 10:26:02 +0000 Subject: r23829: Add ads_get_attrname_by_guid(). Guenther (This used to be commit a84fd8300661fd895ed7a8a104b743628718dfc8) --- source3/libads/ldap_schema.c | 53 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 51 insertions(+), 2 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index f71f53adb6..2672d88306 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. ads (active directory) utility library - Copyright (C) Guenther Deschner 2005-2006 + Copyright (C) Guenther Deschner 2005-2007 Copyright (C) Gerald (Jerry) Carter 2006 This program is free software; you can redistribute it and/or modify @@ -106,6 +106,56 @@ out: return status; } +const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, + const char *schema_path, + TALLOC_CTX *mem_ctx, + const char *schema_guid) +{ + ADS_STATUS rc; + LDAPMessage *res = NULL; + char *expr = NULL; + const char *attrs[] = { "lDAPDisplayName", NULL }; + const char *result = NULL; + struct GUID guid; + char *guid_bin = NULL; + + if (!ads || !mem_ctx || !schema_guid) { + goto done; + } + + if (!NT_STATUS_IS_OK(GUID_from_string(schema_guid, &guid))) { + goto done; + } + + guid_bin = guid_binstring(&guid); + if (!guid_bin) { + goto done; + } + + expr = talloc_asprintf(mem_ctx, "(schemaIDGUID=%s)", guid_bin); + if (!expr) { + goto done; + } + + rc = ads_do_search_retry(ads, schema_path, LDAP_SCOPE_SUBTREE, + expr, attrs, &res); + if (!ADS_ERR_OK(rc)) { + goto done; + } + + if (ads_count_replies(ads, res) != 1) { + goto done; + } + + result = ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName"); + + done: + SAFE_FREE(guid_bin); + ads_msgfree(ads, res); + return result; + +} + const char *ads_get_attrname_by_oid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, const char * OID) { ADS_STATUS rc; @@ -147,7 +197,6 @@ failed: ads_msgfree(ads, res); return NULL; } - /********************************************************************* *********************************************************************/ -- cgit From fd8dc4b5610c840830a9498b16b69f56e6b73c31 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 11 Jul 2007 13:23:56 +0000 Subject: r23835: Pass down a struct GUID to ads_get_attrname_by_guid() directly. Guenther (This used to be commit a4d5206d0bcbee713790834f119b182e0b419e8c) --- source3/libads/ldap_schema.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 2672d88306..1cdd51faca 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -109,25 +109,20 @@ out: const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, - const char *schema_guid) + const struct GUID *schema_guid) { ADS_STATUS rc; LDAPMessage *res = NULL; char *expr = NULL; const char *attrs[] = { "lDAPDisplayName", NULL }; const char *result = NULL; - struct GUID guid; char *guid_bin = NULL; if (!ads || !mem_ctx || !schema_guid) { goto done; } - if (!NT_STATUS_IS_OK(GUID_from_string(schema_guid, &guid))) { - goto done; - } - - guid_bin = guid_binstring(&guid); + guid_bin = guid_binstring(schema_guid); if (!guid_bin) { goto done; } -- cgit From 34d091f1c6867ac6bc6925fb99dd00724cf3c289 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 11 Jul 2007 13:41:04 +0000 Subject: r23839: Try to get the attribute name from schema GUIDs or the display name from extended rights GUID from ad while dumping the security descriptors's aces. This would perform much better with a guid cache, but for the rare cases where it is used net ads search cn=mymachine ntSecurityDescriptor -U user%pass it should be ok for now. Guenther (This used to be commit b36913433eb74203b29f2b7d412a86e60591ea22) --- source3/libads/ldap_schema.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 1cdd51faca..170ee65df7 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -195,7 +195,7 @@ failed: /********************************************************************* *********************************************************************/ -static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path) +ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path) { ADS_STATUS status; LDAPMessage *res; -- cgit From ab9d7bf4f950a78d9ca7973294d133290c99096c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 14 Sep 2007 17:42:10 +0000 Subject: r25165: Use talloc_asprintf_append_buffer with an unmodified string. Jeremy. (This used to be commit fe30a523dfc77cc373145624246fd3ad5c62b9ac) --- source3/libads/ldap_schema.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/libads/ldap_schema.c') diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c index 170ee65df7..ff41ccc861 100644 --- a/source3/libads/ldap_schema.c +++ b/source3/libads/ldap_schema.c @@ -48,13 +48,13 @@ ADS_STATUS ads_get_attrnames_by_oids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, for (i=0; i