From aec5a08774d312fad52b7dea37305f25af41e65f Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 02:30:48 +0200 Subject: s4:extended_dn: add support for , or as basedn We resolve them into the real basedn before do the real search. metze --- source4/dsdb/samdb/ldb_modules/extended_dn.c | 399 ++++++++++++++++++++++++--- 1 file changed, 355 insertions(+), 44 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn.c b/source4/dsdb/samdb/ldb_modules/extended_dn.c index e40190e86f..6a7ed4e7c6 100644 --- a/source4/dsdb/samdb/ldb_modules/extended_dn.c +++ b/source4/dsdb/samdb/ldb_modules/extended_dn.c @@ -202,10 +202,14 @@ struct extended_context { struct ldb_module *module; struct ldb_request *req; - + struct ldb_control *control; + struct ldb_dn *basedn; + char *wellknown_object; + bool inject; bool remove_guid; bool remove_sid; int extended_type; + const char * const *cast_attrs; }; static int extended_callback(struct ldb_request *req, struct ldb_reply *ares) @@ -226,13 +230,15 @@ static int extended_callback(struct ldb_request *req, struct ldb_reply *ares) switch (ares->type) { case LDB_REPLY_ENTRY: - /* for each record returned post-process to add any derived - attributes that have been asked for */ - ret = inject_extended_dn(ares->message, ac->module->ldb, - ac->extended_type, ac->remove_guid, - ac->remove_sid); - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); + if (ac->inject) { + /* for each record returned post-process to add any derived + attributes that have been asked for */ + ret = inject_extended_dn(ares->message, ac->module->ldb, + ac->extended_type, ac->remove_guid, + ac->remove_sid); + if (ret != LDB_SUCCESS) { + return ldb_module_done(ac->req, NULL, NULL, ret); + } } return ldb_module_send_entry(ac->req, ares->message); @@ -248,6 +254,118 @@ static int extended_callback(struct ldb_request *req, struct ldb_reply *ares) return LDB_SUCCESS; } +static int extended_base_callback(struct ldb_request *req, struct ldb_reply *ares) +{ + struct extended_context *ac; + struct ldb_request *down_req; + struct ldb_control **saved_controls; + struct ldb_message_element *el; + int ret; + size_t i; + size_t wkn_len = 0; + char *valstr = NULL; + const char *found = NULL; + + ac = talloc_get_type(req->context, struct extended_context); + + if (!ares) { + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + if (ares->error != LDB_SUCCESS) { + return ldb_module_done(ac->req, ares->controls, + ares->response, ares->error); + } + + switch (ares->type) { + case LDB_REPLY_ENTRY: + if (!ac->wellknown_object) { + ac->basedn = ares->message->dn; + break; + } + + wkn_len = strlen(ac->wellknown_object); + + el = ldb_msg_find_element(ares->message, "wellKnownObjects"); + if (!el) { + ac->basedn = NULL; + break; + } + + for (i=0; i < el->num_values; i++) { + valstr = talloc_strndup(ac, + (const char *)el->values[i].data, + el->values[i].length); + if (!valstr) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + + if (strncasecmp(valstr, ac->wellknown_object, wkn_len) != 0) { + talloc_free(valstr); + continue; + } + + found = &valstr[wkn_len]; + break; + } + + if (!found) { + break; + } + + ac->basedn = ldb_dn_new(ac, ac->module->ldb, found); + talloc_free(valstr); + if (!ac->basedn) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + + break; + + case LDB_REPLY_REFERRAL: + break; + + case LDB_REPLY_DONE: + + if (!ac->basedn) { + const char *str = talloc_asprintf(req, "Base-DN '%s' not found", + ldb_dn_get_linearized(ac->req->op.search.base)); + ldb_set_errstring(ac->module->ldb, str); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_NO_SUCH_OBJECT); + } + + ret = ldb_build_search_req_ex(&down_req, + ac->module->ldb, ac, + ac->basedn, + ac->req->op.search.scope, + ac->req->op.search.tree, + ac->cast_attrs, + ac->req->controls, + ac, extended_callback, + ac->req); + if (ret != LDB_SUCCESS) { + return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); + } + + if (ac->control) { + /* save it locally and remove it from the list */ + /* we do not need to replace them later as we + * are keeping the original req intact */ + if (!save_controls(ac->control, down_req, &saved_controls)) { + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + } + + /* perform the search */ + return ldb_next_request(ac->module, down_req); + } + return LDB_SUCCESS; +} static int extended_search(struct ldb_module *module, struct ldb_request *req) { @@ -256,25 +374,190 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) struct ldb_control **saved_controls; struct extended_context *ac; struct ldb_request *down_req; - const char * const *cast_attrs = NULL; char **new_attrs; int ret; + struct ldb_dn *base_dn = NULL; + enum ldb_scope base_dn_scope = LDB_SCOPE_BASE; + const char *base_dn_filter = NULL; + const char * const *base_dn_attrs = NULL; + char *wellknown_object = NULL; + static const char *dnattr[] = { + "distinguishedName", + NULL + }; + static const char *wkattr[] = { + "wellKnownObjects", + NULL + }; + + if (ldb_dn_is_special(req->op.search.base)) { + char *dn; + + dn = ldb_dn_alloc_linearized(req, req->op.search.base); + if (!dn) { + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + + if (strncasecmp(dn, "'); + if (!p) { + return LDB_ERR_INVALID_DN_SYNTAX; + } + p[0] = '\0'; + + if (strncasecmp(str, "S-", 2) == 0) { + valstr = str; + } else { + DATA_BLOB binary; + binary = strhex_to_data_blob(str); + if (!binary.data) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + valstr = ldb_binary_encode(req, binary); + data_blob_free(&binary); + if (!valstr) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + } + + /* TODO: do a search over all partitions */ + base_dn = ldb_get_default_basedn(module->ldb); + base_dn_filter = talloc_asprintf(req, "(objectSid=%s)", valstr); + if (!base_dn_filter) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + base_dn_scope = LDB_SCOPE_SUBTREE; + base_dn_attrs = dnattr; + } else if (strncasecmp(dn, "'); + if (!p) { + return LDB_ERR_INVALID_DN_SYNTAX; + } + p[0] = '\0'; + + if (strchr(str, '-')) { + valstr = str; + } else { + DATA_BLOB binary; + binary = strhex_to_data_blob(str); + if (!binary.data) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + valstr = ldb_binary_encode(req, binary); + data_blob_free(&binary); + if (!valstr) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + } + + /* TODO: do a search over all partitions */ + base_dn = ldb_get_default_basedn(module->ldb); + base_dn_filter = talloc_asprintf(req, "(objectGUID=%s)", valstr); + if (!base_dn_filter) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + base_dn_scope = LDB_SCOPE_SUBTREE; + base_dn_attrs = dnattr; + } else if (strncasecmp(dn, "module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + + tail_str = p; + p = strchr(tail_str, '>'); + if (!p) { + return LDB_ERR_INVALID_DN_SYNTAX; + } + p[0] = '\0'; + + base_dn = ldb_dn_new(req, module->ldb, tail_str); + if (!base_dn) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + base_dn_filter = talloc_strdup(req, "(objectClass=*)"); + if (!base_dn_filter) { + ldb_oom(ac->module->ldb); + return ldb_module_done(ac->req, NULL, NULL, + LDB_ERR_OPERATIONS_ERROR); + } + base_dn_scope = LDB_SCOPE_BASE; + base_dn_attrs = wkattr; + } + talloc_free(dn); + } /* check if there's an extended dn control */ control = ldb_request_get_control(req, LDB_CONTROL_EXTENDED_DN_OID); - if (control == NULL) { + if (control == NULL && base_dn_filter == NULL) { /* not found go on */ return ldb_next_request(module, req); } - if (control->data) { + if (control && control->data) { extended_ctrl = talloc_get_type(control->data, struct ldb_extended_dn_control); if (!extended_ctrl) { return LDB_ERR_PROTOCOL_ERROR; } } - ac = talloc(req, struct extended_context); + ac = talloc_zero(req, struct extended_context); if (ac == NULL) { ldb_oom(module->ldb); return LDB_ERR_OPERATIONS_ERROR; @@ -282,49 +565,75 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) ac->module = module; ac->req = req; + ac->control = control; + ac->basedn = NULL; + ac->wellknown_object = wellknown_object; + ac->inject = false; ac->remove_guid = false; ac->remove_sid = false; - if (extended_ctrl) { - ac->extended_type = extended_ctrl->type; - } else { - ac->extended_type = 0; - } - /* check if attrs only is specified, in that case check wether we need to modify them */ - if (req->op.search.attrs) { - if (! is_attr_in_list(req->op.search.attrs, "objectGUID")) { - ac->remove_guid = true; - } - if (! is_attr_in_list(req->op.search.attrs, "objectSID")) { - ac->remove_sid = true; + if (control) { + ac->inject = true; + if (extended_ctrl) { + ac->extended_type = extended_ctrl->type; + } else { + ac->extended_type = 0; } - if (ac->remove_guid || ac->remove_sid) { - new_attrs = copy_attrs(ac, req->op.search.attrs); - if (new_attrs == NULL) { - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; + + /* check if attrs only is specified, in that case check wether we need to modify them */ + if (req->op.search.attrs) { + if (! is_attr_in_list(req->op.search.attrs, "objectGUID")) { + ac->remove_guid = true; } - - if (ac->remove_guid) { - if (!add_attrs(ac, &new_attrs, "objectGUID")) - return LDB_ERR_OPERATIONS_ERROR; + if (! is_attr_in_list(req->op.search.attrs, "objectSID")) { + ac->remove_sid = true; } - if (ac->remove_sid) { - if (!add_attrs(ac, &new_attrs, "objectSID")) + if (ac->remove_guid || ac->remove_sid) { + new_attrs = copy_attrs(ac, req->op.search.attrs); + if (new_attrs == NULL) { + ldb_oom(module->ldb); return LDB_ERR_OPERATIONS_ERROR; + } + + if (ac->remove_guid) { + if (!add_attrs(ac, &new_attrs, "objectGUID")) + return LDB_ERR_OPERATIONS_ERROR; + } + if (ac->remove_sid) { + if (!add_attrs(ac, &new_attrs, "objectSID")) + return LDB_ERR_OPERATIONS_ERROR; + } + ac->cast_attrs = (const char * const *)new_attrs; + } else { + ac->cast_attrs = req->op.search.attrs; } - cast_attrs = (const char * const *)new_attrs; - } else { - cast_attrs = req->op.search.attrs; } } + if (base_dn) { + ret = ldb_build_search_req(&down_req, + module->ldb, ac, + base_dn, + base_dn_scope, + base_dn_filter, + base_dn_attrs, + NULL, + ac, extended_base_callback, + req); + if (ret != LDB_SUCCESS) { + return LDB_ERR_OPERATIONS_ERROR; + } + + /* perform the search */ + return ldb_next_request(module, down_req); + } + ret = ldb_build_search_req_ex(&down_req, module->ldb, ac, req->op.search.base, req->op.search.scope, req->op.search.tree, - cast_attrs, + ac->cast_attrs, req->controls, ac, extended_callback, req); @@ -332,11 +641,13 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OPERATIONS_ERROR; } - /* save it locally and remove it from the list */ - /* we do not need to replace them later as we - * are keeping the original req intact */ - if (!save_controls(control, down_req, &saved_controls)) { - return LDB_ERR_OPERATIONS_ERROR; + if (ac->control) { + /* save it locally and remove it from the list */ + /* we do not need to replace them later as we + * are keeping the original req intact */ + if (!save_controls(control, down_req, &saved_controls)) { + return LDB_ERR_OPERATIONS_ERROR; + } } /* perform the search */ -- cgit From 8aff4430308b36ae1a1a6629d67bba87eebb0dde Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 02:44:25 +0200 Subject: s4:kludge_acl: just fake support for the SD_FLAGS control metze --- source4/dsdb/samdb/ldb_modules/kludge_acl.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index 24527c36c9..6e6da5581d 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -321,6 +321,8 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) struct kludge_private_data *data; const char * const *attrs; int ret, i; + struct ldb_control *sd_control; + struct ldb_control **sd_saved_controls; ac = talloc(req, struct kludge_acl_context); if (ac == NULL) { @@ -382,6 +384,17 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OPERATIONS_ERROR; } + /* check if there's an SD_FLAGS control */ + sd_control = ldb_request_get_control(down_req, LDB_CONTROL_SD_FLAGS_OID); + if (sd_control) { + /* save it locally and remove it from the list */ + /* we do not need to replace them later as we + * are keeping the original req intact */ + if (!save_controls(sd_control, down_req, &sd_saved_controls)) { + return LDB_ERR_OPERATIONS_ERROR; + } + } + /* perform the search */ return ldb_next_request(module, down_req); } @@ -462,6 +475,13 @@ static int kludge_acl_init(struct ldb_module *module) } data->password_attrs[i] = NULL; + ret = ldb_mod_register_control(module, LDB_CONTROL_SD_FLAGS_OID); + if (ret != LDB_SUCCESS) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, + "partition: Unable to register control with rootdse!\n"); + return LDB_ERR_OPERATIONS_ERROR; + } + done: talloc_free(mem_ctx); return ldb_next_init(module); -- cgit From 3ebf3f316b003000b77499f494cf4d017ef870ad Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 11:05:02 +0200 Subject: s4:linked_attributes: fix a crash bug when the definition of a target attribute is missing Windows 2003 has a broken schema where the definition of msDS-IsDomainFor is missing (which is supposed to be the backlink of the msDS-HasDomainNCs attribute. Our schema is extracted from windows 2003, so we have the problem. As the NET-API-BECOME-DC test triggers this bug, windows 2003 seems to just skip creating a backlink. metze --- source4/dsdb/samdb/ldb_modules/linked_attributes.c | 38 ++++++++++++++++++++-- 1 file changed, 35 insertions(+), 3 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 3b389afffb..14fd107d81 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -217,6 +217,17 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request * /* Even link IDs are for the originating attribute */ target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); + if (!target_attr) { + /* + * windows 2003 has a broken schema where + * the definition of msDS-IsDomainFor + * is missing (which is supposed to be + * the backlink of the msDS-HasDomainNCs + * attribute + */ + continue; + } + attr_name = target_attr->lDAPDisplayName; attr_val = ldb_dn_get_linearized(ac->req->op.add.message->dn); @@ -301,6 +312,16 @@ static int la_mod_search_callback(struct ldb_request *req, struct ldb_reply *are } target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); + if (!target_attr) { + /* + * windows 2003 has a broken schema where + * the definition of msDS-IsDomainFor + * is missing (which is supposed to be + * the backlink of the msDS-HasDomainNCs + * attribute + */ + continue; + } attr_name = target_attr->lDAPDisplayName; /* make sure we manage each value */ @@ -399,9 +420,14 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques /* Now find the target attribute */ target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); if (!target_attr) { - ldb_asprintf_errstring(module->ldb, - "attribute %s does not have valid link target", el->name); - return LDB_ERR_OBJECT_CLASS_VIOLATION; + /* + * windows 2003 has a broken schema where + * the definition of msDS-IsDomainFor + * is missing (which is supposed to be + * the backlink of the msDS-HasDomainNCs + * attribute + */ + continue; } attr_name = target_attr->lDAPDisplayName; @@ -654,9 +680,15 @@ static int la_op_search_callback(struct ldb_request *req, if ((schema_attr->linkID & 1) == 0) { /* Odd is for the target. */ target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID + 1); + if (!target_attr) { + continue; + } attr_name = target_attr->lDAPDisplayName; } else { target_attr = dsdb_attribute_by_linkID(ac->schema, schema_attr->linkID - 1); + if (!target_attr) { + continue; + } attr_name = target_attr->lDAPDisplayName; } for (j = 0; j < el->num_values; j++) { -- cgit From 551bbd853c87002fe068b5fb2a044c424ab7e874 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 11:11:14 +0200 Subject: s4:partition: pass down the SEARCH_OPTIONS control as uncritical metze --- source4/dsdb/samdb/ldb_modules/partition.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index ad2901c308..ad3518e6b2 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -466,6 +466,14 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OPERATIONS_ERROR; } + /* + * for now pass down the LDB_CONTROL_SEARCH_OPTIONS_OID control + * down as uncritical to make windows 2008 dcpromo happy. + */ + if (search_control) { + search_control->critical = 0; + } + /* TODO: Generate referrals (look for a partition under this DN) if we don't have the above control specified */ -- cgit From 81b3358f2a61c38ddd9d10accea8a4fe432f3085 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 11:22:33 +0200 Subject: s4:partition: register DOMAIN_SCOPE and SEARCH_OPTIONS controls metze --- source4/dsdb/samdb/ldb_modules/partition.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index ad3518e6b2..f600c72748 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -1160,6 +1160,20 @@ static int partition_init(struct ldb_module *module) } } + ret = ldb_mod_register_control(module, LDB_CONTROL_DOMAIN_SCOPE_OID); + if (ret != LDB_SUCCESS) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, + "partition: Unable to register control with rootdse!\n"); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = ldb_mod_register_control(module, LDB_CONTROL_SEARCH_OPTIONS_OID); + if (ret != LDB_SUCCESS) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, + "partition: Unable to register control with rootdse!\n"); + return LDB_ERR_OPERATIONS_ERROR; + } + talloc_free(mem_ctx); return ldb_next_init(module); } -- cgit From 1e24fd3ba20ace6e8f7e974dd7b7fc1738ade8be Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Oct 2008 11:20:10 +0200 Subject: s4:rootdse: for now don't pass down controls for the rootdse search metze --- source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 0d14a54464..b38e182cf7 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -318,7 +318,7 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req) LDB_SCOPE_BASE, NULL, req->op.search.attrs, - req->controls, + NULL,/* for now skip the controls from the client */ ac, rootdse_callback, req); if (ret != LDB_SUCCESS) { -- cgit From b174765d54c202eb507b1caaed95c33bcd54d243 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 2 Oct 2008 17:15:00 -0400 Subject: Fix crash bugs in error paths: ac is not yet initialized here, and we don't need to call ldb_module_done in the main module functions, we can directly return an error. ldb_module_done() is for callbacks --- source4/dsdb/samdb/ldb_modules/extended_dn.c | 45 +++++++++++----------------- 1 file changed, 18 insertions(+), 27 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn.c b/source4/dsdb/samdb/ldb_modules/extended_dn.c index 6a7ed4e7c6..88a8887056 100644 --- a/source4/dsdb/samdb/ldb_modules/extended_dn.c +++ b/source4/dsdb/samdb/ldb_modules/extended_dn.c @@ -426,16 +426,14 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) DATA_BLOB binary; binary = strhex_to_data_blob(str); if (!binary.data) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } valstr = ldb_binary_encode(req, binary); data_blob_free(&binary); if (!valstr) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } } @@ -443,9 +441,8 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) base_dn = ldb_get_default_basedn(module->ldb); base_dn_filter = talloc_asprintf(req, "(objectSid=%s)", valstr); if (!base_dn_filter) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } base_dn_scope = LDB_SCOPE_SUBTREE; base_dn_attrs = dnattr; @@ -476,16 +473,14 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) DATA_BLOB binary; binary = strhex_to_data_blob(str); if (!binary.data) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } valstr = ldb_binary_encode(req, binary); data_blob_free(&binary); if (!valstr) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } } @@ -493,9 +488,8 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) base_dn = ldb_get_default_basedn(module->ldb); base_dn_filter = talloc_asprintf(req, "(objectGUID=%s)", valstr); if (!base_dn_filter) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } base_dn_scope = LDB_SCOPE_SUBTREE; base_dn_attrs = dnattr; @@ -513,9 +507,8 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) wellknown_object = talloc_asprintf(req, "B:32:%s:", &dn[8]); if (!wellknown_object) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } tail_str = p; @@ -527,15 +520,13 @@ static int extended_search(struct ldb_module *module, struct ldb_request *req) base_dn = ldb_dn_new(req, module->ldb, tail_str); if (!base_dn) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } base_dn_filter = talloc_strdup(req, "(objectClass=*)"); if (!base_dn_filter) { - ldb_oom(ac->module->ldb); - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + ldb_oom(module->ldb); + return LDB_ERR_OPERATIONS_ERROR; } base_dn_scope = LDB_SCOPE_BASE; base_dn_attrs = wkattr; -- cgit