From 68a4081dd47344651cb4dfdf57247ce8e893a96e Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@symas.com>
Date: Mon, 16 Sep 2013 19:51:20 -0700
Subject: Add an OpenLDAP-specific extended_dn_in module

Don't "fix" plain DNs before sending them to OpenLDAP

Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
---
 source4/dsdb/samdb/ldb_modules/extended_dn_in.c | 25 ++++++++++++++++++++++++-
 source4/dsdb/samdb/ldb_modules/samba_dsdb.c     | 17 +++++++++++++----
 2 files changed, 37 insertions(+), 5 deletions(-)

(limited to 'source4/dsdb')

diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn_in.c b/source4/dsdb/samdb/ldb_modules/extended_dn_in.c
index 034d22a2ca..df45f75265 100644
--- a/source4/dsdb/samdb/ldb_modules/extended_dn_in.c
+++ b/source4/dsdb/samdb/ldb_modules/extended_dn_in.c
@@ -56,6 +56,9 @@ static const char *wkattr[] = {
 	"otherWellKnownObjects",
 	NULL
 };
+
+static const struct ldb_module_ops ldb_extended_dn_in_openldap_module_ops;
+
 /* An extra layer of indirection because LDB does not allow the original request to be altered */
 
 static int extended_final_callback(struct ldb_request *req, struct ldb_reply *ares)
@@ -376,7 +379,14 @@ static int extended_dn_filter_callback(struct ldb_parse_tree *tree, void *privat
 	has_extended_component = (memchr(tree->u.equality.value.data, '<',
 					 tree->u.equality.value.length) != NULL);
 
-	if (!attribute->one_way_link && !has_extended_component) {
+	/*
+	 * Don't turn it into an extended DN if we're talking to OpenLDAP.
+	 * We just check the module_ops pointer instead of adding a private
+	 * pointer and a boolean to tell us the exact same thing.
+	 */
+	if (!has_extended_component) {
+		if (!attribute->one_way_link ||
+		    ldb_module_get_ops(filter_ctx->module) == &ldb_extended_dn_in_openldap_module_ops)
 		return LDB_SUCCESS;
 	}
 
@@ -706,8 +716,21 @@ static const struct ldb_module_ops ldb_extended_dn_in_module_ops = {
 	.rename            = extended_dn_in_rename,
 };
 
+static const struct ldb_module_ops ldb_extended_dn_in_openldap_module_ops = {
+	.name		   = "extended_dn_in_openldap",
+	.search            = extended_dn_in_search,
+	.modify            = extended_dn_in_modify,
+	.del               = extended_dn_in_del,
+	.rename            = extended_dn_in_rename,
+};
+
 int ldb_extended_dn_in_module_init(const char *version)
 {
+	int ret;
 	LDB_MODULE_CHECK_VERSION(version);
+	ret = ldb_register_module(&ldb_extended_dn_in_openldap_module_ops);
+	if (ret != LDB_SUCCESS) {
+		return ret;
+	}
 	return ldb_register_module(&ldb_extended_dn_in_module_ops);
 }
diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
index cde53bc9ce..060a9d75fb 100644
--- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
+++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
@@ -253,7 +253,7 @@ static int samba_dsdb_init(struct ldb_module *module)
 	  stack visually - the code below then handles the creation of the list
 	  based on the parameters loaded from the database.
 	*/
-	static const char *modules_list[] = {"resolve_oids",
+	static const char *modules_list1[] = {"resolve_oids",
 					     "rootdse",
 					     "schema_load",
 					     "lazy_commit",
@@ -264,8 +264,9 @@ static int samba_dsdb_init(struct ldb_module *module)
 					     "server_sort",
 					     "asq",
 					     "extended_dn_store",
-					     "extended_dn_in",
-					     "objectclass",
+					     NULL };
+	/* extended_dn_in or extended_dn_in_openldap goes here */
+	static const char *modules_list1a[] = {"objectclass",
 					     "descriptor",
 					     "acl",
 					     "aclread",
@@ -293,6 +294,7 @@ static int samba_dsdb_init(struct ldb_module *module)
 	const char *extended_dn_module_ldb = "extended_dn_out_ldb";
 	const char *extended_dn_module_fds = "extended_dn_out_fds";
 	const char *extended_dn_module_openldap = "extended_dn_out_openldap";
+	const char *extended_dn_in_module = "extended_dn_in";
 
 	static const char *modules_list2[] = {"show_deleted",
 					      "new_partition",
@@ -357,6 +359,7 @@ static int samba_dsdb_init(struct ldb_module *module)
 			link_modules = openldap_modules;
 			backend_modules = openldap_backend_modules;
 			extended_dn_module = extended_dn_module_openldap;
+			extended_dn_in_module = "extended_dn_in_openldap";
 		} else {
 			return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR, "invalid backend type");
 		}
@@ -382,7 +385,13 @@ static int samba_dsdb_init(struct ldb_module *module)
 		}						\
 	} while (0)
 
-	final_module_list = str_list_copy_const(tmp_ctx, modules_list);
+	final_module_list = str_list_copy_const(tmp_ctx, modules_list1);
+	CHECK_MODULE_LIST;
+
+	final_module_list = str_list_add_const(final_module_list, extended_dn_in_module);
+	CHECK_MODULE_LIST;
+
+	final_module_list = str_list_append_const(final_module_list, modules_list1a);
 	CHECK_MODULE_LIST;
 
 	final_module_list = str_list_append_const(final_module_list, link_modules);
-- 
cgit