From 5d375297718d06f7c5544372001b8955b23d7ba2 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 20 Aug 2008 13:09:40 +1000
Subject: Remove last traces of the old 'subclass' feature (This used to be
 commit ed19d0abea5b206d186a51fa11dc0c04197e6ee2)

---
 source4/lib/ldb/include/ldb_private.h | 7 -------
 1 file changed, 7 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h
index d7c2efe8a1..62a6e35999 100644
--- a/source4/lib/ldb/include/ldb_private.h
+++ b/source4/lib/ldb/include/ldb_private.h
@@ -91,13 +91,6 @@ struct ldb_schema {
 	/* attribute handling table */
 	unsigned num_attributes;
 	struct ldb_schema_attribute *attributes;
-
-	/* objectclass information */
-	unsigned num_classes;
-	struct ldb_subclass {
-		char *name;
-		char **subclasses;
-	} *classes;
 };
 
 /*
-- 
cgit 


From 4016cfcab7bfb3ffd48a7592fa16952688525493 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 12:51:06 +1000
Subject: Don't allow a NULL syntax (This used to be commit
 505a0c2b702b696b91dab683626bb25b14a49c38)

---
 source4/lib/ldb/common/ldb_attributes.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb/common/ldb_attributes.c b/source4/lib/ldb/common/ldb_attributes.c
index 3b9d01682c..747f241781 100644
--- a/source4/lib/ldb/common/ldb_attributes.c
+++ b/source4/lib/ldb/common/ldb_attributes.c
@@ -51,6 +51,10 @@ int ldb_schema_attribute_add_with_syntax(struct ldb_context *ldb,
 	int i, n;
 	struct ldb_schema_attribute *a;
 
+	if (!syntax) {
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
 	n = ldb->schema.num_attributes + 1;
 
 	a = talloc_realloc(ldb, ldb->schema.attributes,
-- 
cgit 


From 0d89adcd4bd2de35cbd4b6d5dc0675a4631c6132 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 12:51:55 +1000
Subject: Correct anr search commants and error messages in ldap.js (This used
 to be commit 233dd885c2a2b4ee7cc2287efe7d6e03625d4981)

---
 source4/lib/ldb/tests/python/ldap.py | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 13d4adf6d4..11a824a549 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -331,15 +331,15 @@ servicePrincipalName: host/ldaptest2computer29
         print "Testing Ambigious Name Resolution"
         # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
         res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
-        self.assertEquals(len(res), 3, "Could not find (&(anr=ldap testy)(objectClass=user))")
+        self.assertEquals(len(res), 3, "Found only %d of 3 for (&(anr=ldap testy)(objectClass=user))" % len(res))
 
         # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
         res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
-        self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
+        self.assertEquals(len(res), 2, "Found only %d of 2 for (&(anr=testy ldap)(objectClass=user))" % len(res))
 
         # Testing ldb.search for (&(anr=ldap)(objectClass=user))
         res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
-        self.assertEquals(len(res), 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
+        self.assertEquals(len(res), 4, "Found only %d of 4 for (&(anr=ldap)(objectClass=user))" % len(res))
 
         # Testing ldb.search for (&(anr==ldap)(objectClass=user))
         res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
@@ -353,13 +353,13 @@ servicePrincipalName: host/ldaptest2computer29
         res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
         self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
 
-        # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
+        # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
         res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
-        self.assertEquals(len(res), 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res))
+        self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
 
-        # Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
+        # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
         res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
-        self.assertEquals(len(res), 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res))
+        self.assertEquals(len(res), 1, "Found only %d for (&(anr==testy ldap)(objectClass=user))" % len(res))
 
         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
         self.assertEquals(res[0]["cn"][0], "ldaptestuser")
-- 
cgit 


From 473540d4a5550ff857a0710f077193869ed873f8 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 12:56:04 +1000
Subject: Don't hardcode attributes to be treated as a DN

This is now handled by reading the schema into the attributes.

Also, when we do set something here, mark it as FIXED, so the schema
and any reload from @ATTRIBUTES won't touch it.

Andrew Bartlett
(This used to be commit 7b24701335398ece3d1b3a20cf5f1174500b16ce)
---
 source4/lib/ldb-samba/ldif_handlers.c | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index 22a57da10b..7301193dc2 100644
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -617,19 +617,6 @@ static const struct {
 	{ "fRSReplicaSetGUID",		LDB_SYNTAX_SAMBA_GUID },
 	{ "netbootGUID",		LDB_SYNTAX_SAMBA_GUID },
 	{ "objectCategory",		LDB_SYNTAX_SAMBA_OBJECT_CATEGORY },
-	{ "member",			LDB_SYNTAX_DN },
-	{ "memberOf",			LDB_SYNTAX_DN },
-	{ "nCName",			LDB_SYNTAX_DN },
-	{ "schemaNamingContext",	LDB_SYNTAX_DN },
-	{ "configurationNamingContext",	LDB_SYNTAX_DN },
-	{ "rootDomainNamingContext",	LDB_SYNTAX_DN },
-	{ "defaultNamingContext",	LDB_SYNTAX_DN },
-	{ "subRefs",			LDB_SYNTAX_DN },
-	{ "dMDLocation",		LDB_SYNTAX_DN },
-	{ "serverReference",		LDB_SYNTAX_DN },
-	{ "masteredBy",			LDB_SYNTAX_DN },
-	{ "msDs-masteredBy",		LDB_SYNTAX_DN },
-	{ "fSMORoleOwner",		LDB_SYNTAX_DN },
 	{ "prefixMap",                  LDB_SYNTAX_SAMBA_PREFIX_MAP }
 };
 
@@ -669,7 +656,7 @@ int ldb_register_samba_handlers(struct ldb_context *ldb)
 			return -1;
 		}
 
-		ret = ldb_schema_attribute_add_with_syntax(ldb, samba_attributes[i].name, 0, s);
+		ret = ldb_schema_attribute_add_with_syntax(ldb, samba_attributes[i].name, LDB_ATTR_FLAG_FIXED, s);
 		if (ret != LDB_SUCCESS) {
 			return ret;
 		}
-- 
cgit 


From 64293ca4afb6aa252d9e49bbcb8450a3dff04c37 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 12:56:34 +1000
Subject: All these syntaxes are now handled by the schema. (This used to be
 commit 94d5e69190f34d66d4defd4a7de7ce24bee77bc3)

---
 source4/lib/ldb/modules/operational.c | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb/modules/operational.c b/source4/lib/ldb/modules/operational.c
index 7dc4ae08c3..a59e81becd 100644
--- a/source4/lib/ldb/modules/operational.c
+++ b/source4/lib/ldb/modules/operational.c
@@ -291,12 +291,6 @@ static int operational_init(struct ldb_module *ctx)
 {
 	int ret = 0;
 
-	/* setup some standard attribute handlers */
-	ret |= ldb_schema_attribute_add(ctx->ldb, "whenCreated", 0, LDB_SYNTAX_UTC_TIME);
-	ret |= ldb_schema_attribute_add(ctx->ldb, "whenChanged", 0, LDB_SYNTAX_UTC_TIME);
-	ret |= ldb_schema_attribute_add(ctx->ldb, "subschemaSubentry", 0, LDB_SYNTAX_DN);
-	ret |= ldb_schema_attribute_add(ctx->ldb, "structuralObjectClass", 0, LDB_SYNTAX_OBJECTCLASS);
-
 	if (ret != 0) {
 		return ret;
 	}
-- 
cgit 


From c36c42af296e5bbee1ceaaf66885d7280151a39f Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 15:10:40 +1000
Subject: Handle error cases in attribute handlers better.

We don't need to just bail, for all these error cases there is still
real result that can be made - just fall back to binary copy/compare.

Andrew Bartlett
(This used to be commit 6aa5dde2aa9a5f070871ecc117e44bfcad363459)
---
 source4/lib/ldb-samba/ldif_handlers.c | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index 7301193dc2..750e35bca0 100644
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -97,13 +97,14 @@ static int ldb_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx,
 				    const struct ldb_val *v1, const struct ldb_val *v2)
 {
 	if (ldb_comparision_objectSid_isString(v1) && ldb_comparision_objectSid_isString(v2)) {
-		return strcmp((const char *)v1->data, (const char *)v2->data);
+		return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 	} else if (ldb_comparision_objectSid_isString(v1)
 		   && !ldb_comparision_objectSid_isString(v2)) {
 		struct ldb_val v;
 		int ret;
 		if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) {
-			return -1;
+			/* Perhaps not a string after all */
+			return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 		}
 		ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
 		talloc_free(v.data);
@@ -113,7 +114,8 @@ static int ldb_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx,
 		struct ldb_val v;
 		int ret;
 		if (ldif_read_objectSid(ldb, mem_ctx, v2, &v) != 0) {
-			return -1;
+			/* Perhaps not a string after all */
+			return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 		}
 		ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
 		talloc_free(v.data);
@@ -129,7 +131,10 @@ static int ldb_canonicalise_objectSid(struct ldb_context *ldb, void *mem_ctx,
 				      const struct ldb_val *in, struct ldb_val *out)
 {
 	if (ldb_comparision_objectSid_isString(in)) {
-		return ldif_read_objectSid(ldb, mem_ctx, in, out);
+		if (ldif_read_objectSid(ldb, mem_ctx, in, out) != 0) {
+			/* Perhaps not a string after all */
+			return ldb_handler_copy(ldb, mem_ctx, in, out);
+		}
 	}
 	return ldb_handler_copy(ldb, mem_ctx, in, out);
 }
@@ -203,13 +208,14 @@ static int ldb_comparison_objectGUID(struct ldb_context *ldb, void *mem_ctx,
 				     const struct ldb_val *v1, const struct ldb_val *v2)
 {
 	if (ldb_comparision_objectGUID_isString(v1) && ldb_comparision_objectGUID_isString(v2)) {
-		return strcmp((const char *)v1->data, (const char *)v2->data);
+		return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 	} else if (ldb_comparision_objectGUID_isString(v1)
 		   && !ldb_comparision_objectGUID_isString(v2)) {
 		struct ldb_val v;
 		int ret;
 		if (ldif_read_objectGUID(ldb, mem_ctx, v1, &v) != 0) {
-			return -1;
+			/* Perhaps it wasn't a valid string after all */
+			return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 		}
 		ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
 		talloc_free(v.data);
@@ -219,7 +225,8 @@ static int ldb_comparison_objectGUID(struct ldb_context *ldb, void *mem_ctx,
 		struct ldb_val v;
 		int ret;
 		if (ldif_read_objectGUID(ldb, mem_ctx, v2, &v) != 0) {
-			return -1;
+			/* Perhaps it wasn't a valid string after all */
+			return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
 		}
 		ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
 		talloc_free(v.data);
@@ -235,7 +242,10 @@ static int ldb_canonicalise_objectGUID(struct ldb_context *ldb, void *mem_ctx,
 				       const struct ldb_val *in, struct ldb_val *out)
 {
 	if (ldb_comparision_objectGUID_isString(in)) {
-		return ldif_read_objectGUID(ldb, mem_ctx, in, out);
+		if (ldif_read_objectGUID(ldb, mem_ctx, in, out) != 0) {
+			/* Perhaps it wasn't a valid string after all */
+			return ldb_handler_copy(ldb, mem_ctx, in, out);
+		}
 	}
 	return ldb_handler_copy(ldb, mem_ctx, in, out);
 }
-- 
cgit 


From 38f740529803054a3145ad547b3d7de8a25e983a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 17:29:47 +1000
Subject: Push loading the objectGUID and objectSID handlers earlier.

Andrew Bartlett
(This used to be commit 0b6e53f80b063d8702718c84409d7b069aee9c05)
---
 source4/lib/ldb_wrap.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb_wrap.c b/source4/lib/ldb_wrap.c
index 883597108a..6c683a1e33 100644
--- a/source4/lib/ldb_wrap.c
+++ b/source4/lib/ldb_wrap.c
@@ -147,17 +147,21 @@ struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx,
 		talloc_free(ldb);
 		return NULL;
 	}
-	
-	if (lp_ctx != NULL && strcmp(lp_sam_url(lp_ctx), url) == 0) {
-		dsdb_set_global_schema(ldb);
-	}
 
+	/* This must be done before we load the schema, as these
+	 * handlers for objectSid and objectGUID etc must take
+	 * precedence over the 'binary attribute' declaration in the
+	 * schema */
 	ret = ldb_register_samba_handlers(ldb);
 	if (ret == -1) {
 		talloc_free(ldb);
 		return NULL;
 	}
 
+	if (lp_ctx != NULL && strcmp(lp_sam_url(lp_ctx), url) == 0) {
+		dsdb_set_global_schema(ldb);
+	}
+
 	ldb_set_debug(ldb, ldb_wrap_debug, NULL);
 
 	ldb_set_utf8_fns(ldb, NULL, wrap_casefold);
-- 
cgit 


From 4ad97a1d0593b3401a352407009a99ead23f21f2 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 21 Aug 2008 19:24:58 +1000
Subject: Don't walk past the end of ldb values.

This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb.  There is much more work to do in
this area.

Andrew Bartlett
(This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
---
 source4/lib/ldb-samba/ldif_handlers.c | 15 ++++++++++-----
 source4/lib/ldb/common/ldb_dn.c       | 23 ++++++++++++++++-------
 source4/lib/ldb/common/ldb_msg.c      |  6 +++---
 source4/lib/ldb/include/ldb.h         |  1 +
 source4/lib/util/data_blob.c          |  2 +-
 5 files changed, 31 insertions(+), 16 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index 750e35bca0..04fcd66b6e 100644
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -38,7 +38,7 @@ static int ldif_read_objectSid(struct ldb_context *ldb, void *mem_ctx,
 {
 	enum ndr_err_code ndr_err;
 	struct dom_sid *sid;
-	sid = dom_sid_parse_talloc(mem_ctx, (const char *)in->data);
+	sid = dom_sid_parse_length(mem_ctx, in);
 	if (sid == NULL) {
 		return -1;
 	}
@@ -70,12 +70,11 @@ static int ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx,
 		talloc_free(sid);
 		return -1;
 	}
-	out->data = (uint8_t *)dom_sid_string(mem_ctx, sid);
+	*out = data_blob_string_const(dom_sid_string(mem_ctx, sid));
 	talloc_free(sid);
 	if (out->data == NULL) {
 		return -1;
 	}
-	out->length = strlen((const char *)out->data);
 	return 0;
 }
 
@@ -146,10 +145,16 @@ static int ldif_read_objectGUID(struct ldb_context *ldb, void *mem_ctx,
 			        const struct ldb_val *in, struct ldb_val *out)
 {
 	struct GUID guid;
+	char *guid_string;
 	NTSTATUS status;
 	enum ndr_err_code ndr_err;
+	guid_string = talloc_strndup(mem_ctx, in->data, in->length);
+	if (!guid_string) {
+		return -1;
+	}
 
-	status = GUID_from_string((const char *)in->data, &guid);
+	status = GUID_from_string(guid_string, &guid);
+	talloc_free(guid_string);
 	if (!NT_STATUS_IS_OK(status)) {
 		return -1;
 	}
@@ -324,7 +329,7 @@ static int ldif_canonicalise_objectCategory(struct ldb_context *ldb, void *mem_c
 		}
 		return LDB_SUCCESS;
 	}
-	dn1 = ldb_dn_new(tmp_ctx, ldb, (char *)in->data);
+	dn1 = ldb_dn_from_ldb_val(tmp_ctx, ldb, in);
 	if ( ! ldb_dn_validate(dn1)) {
 		const char *lDAPDisplayName = talloc_strndup(tmp_ctx, (char *)in->data, in->length);
 		class = dsdb_class_by_lDAPDisplayName(schema, lDAPDisplayName);
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c
index 08911344b7..c0d36cfbf3 100644
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -71,7 +71,7 @@ struct ldb_dn {
 };
 
 /* strdn may be NULL */
-struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *strdn)
+struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn)
 {
 	struct ldb_dn *dn;
 
@@ -82,27 +82,27 @@ struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *st
 
 	dn->ldb = ldb;
 
-	if (strdn) {
-		if (strdn[0] == '@') {
+	if (strdn->data && strdn->length) {
+		if (strdn->data[0] == '@') {
 			dn->special = true;
 		}
-		if (strncasecmp(strdn, "<GUID=", 6) == 0) {
+		if (strdn->length >= 6 && strncasecmp((const char *)strdn->data, "<GUID=", 6) == 0) {
 			/* this is special DN returned when the
 			 * exploded_dn control is used */
 			dn->special = true;
 			/* FIXME: add a GUID string to ldb_dn structure */
-		} else if (strncasecmp(strdn, "<SID=", 8) == 0) {
+		} else if (strdn->length >= 8 && strncasecmp((const char *)strdn->data, "<SID=", 8) == 0) {
 			/* this is special DN returned when the
 			 * exploded_dn control is used */
 			dn->special = true;
 			/* FIXME: add a SID string to ldb_dn structure */
-		} else if (strncasecmp(strdn, "<WKGUID=", 8) == 0) {
+		} else if (strdn->length >= 8 && strncasecmp((const char *)strdn->data, "<WKGUID=", 8) == 0) {
 			/* this is special DN returned when the
 			 * exploded_dn control is used */
 			dn->special = true;
 			/* FIXME: add a WKGUID string to ldb_dn structure */
 		}
-		dn->linearized = talloc_strdup(dn, strdn);
+		dn->linearized = talloc_strndup(dn, (const char *)strdn->data, strdn->length);
 	} else {
 		dn->linearized = talloc_strdup(dn, "");
 	}
@@ -115,6 +115,15 @@ failed:
 	return NULL;
 }
 
+/* strdn may be NULL */
+struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *strdn)
+{
+	struct ldb_val blob;
+	blob.data = strdn;
+	blob.length = strdn ? strlen(strdn) : 0;
+	return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
+}
+
 struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...)
 {
 	struct ldb_dn *dn;
diff --git a/source4/lib/ldb/common/ldb_msg.c b/source4/lib/ldb/common/ldb_msg.c
index c1ea9db56b..2f5fe1d18c 100644
--- a/source4/lib/ldb/common/ldb_msg.c
+++ b/source4/lib/ldb/common/ldb_msg.c
@@ -389,10 +389,10 @@ int ldb_msg_find_attr_as_bool(const struct ldb_message *msg,
 	if (!v || !v->data) {
 		return default_value;
 	}
-	if (strcasecmp((const char *)v->data, "FALSE") == 0) {
+	if (v->length == 5 && strncasecmp((const char *)v->data, "FALSE", 5) == 0) {
 		return 0;
 	}
-	if (strcasecmp((const char *)v->data, "TRUE") == 0) {
+	if (v->length == 4 && strncasecmp((const char *)v->data, "TRUE", 4) == 0) {
 		return 1;
 	}
 	return default_value;
@@ -421,7 +421,7 @@ struct ldb_dn *ldb_msg_find_attr_as_dn(struct ldb_context *ldb,
 	if (!v || !v->data) {
 		return NULL;
 	}
-	res_dn = ldb_dn_new(mem_ctx, ldb, (const char *)v->data);
+	res_dn = ldb_dn_from_ldb_val(mem_ctx, ldb, v);
 	if ( ! ldb_dn_validate(res_dn)) {
 		talloc_free(res_dn);
 		return NULL;
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 7ce6103422..5dbf99e5bf 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -1381,6 +1381,7 @@ int ldb_base64_decode(char *s);
 
 struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *dn);
 struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...) PRINTF_ATTRIBUTE(3,4);
+struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, struct ldb_context *ldb, const struct ldb_val *strdn);
 bool ldb_dn_validate(struct ldb_dn *dn);
 
 char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value);
diff --git a/source4/lib/util/data_blob.c b/source4/lib/util/data_blob.c
index b258e47bba..57b34b7ae7 100644
--- a/source4/lib/util/data_blob.c
+++ b/source4/lib/util/data_blob.c
@@ -176,7 +176,7 @@ _PUBLIC_ DATA_BLOB data_blob_string_const(const char *str)
 {
 	DATA_BLOB blob;
 	blob.data = discard_const_p(uint8_t, str);
-	blob.length = strlen(str);
+	blob.length = str ? strlen(str) : 0;
 	return blob;
 }
 
-- 
cgit 


From cc43037f19056ed24d7fffa54456d597c63ad105 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 22 Aug 2008 17:36:56 +1000
Subject: fixed a problem with length limited ldap values

The core ldb code for string matching assumed NULL terminated strings,
whereas the anr module used data_blob_const() to effectively truncate
a ldb_val by changing its length. The ldb code is supposed to be based
around length limited blobs, not NULL terminated strings, so the
correct fix was to change the string comparison functions to be length
limited
(This used to be commit 26c6aa5a80ffaf06fc33f30a6533f8f16ef538bc)
---
 source4/lib/charset/charset.h            |  1 +
 source4/lib/charset/util_unistr.c        | 17 ++++++++++++++---
 source4/lib/ldb/common/attrib_handlers.c | 27 +++++++++++++++++----------
 source4/lib/ldb/common/ldb_utf8.c        | 12 ++++++------
 source4/lib/ldb/include/ldb.h            |  8 ++++----
 source4/lib/ldb/include/ldb_private.h    |  2 +-
 source4/lib/ldb/tools/ldbtest.c          |  2 +-
 source4/lib/ldb_wrap.h                   |  2 +-
 source4/lib/util/util_ldb.c              |  4 ++--
 source4/lib/util/util_ldb.h              |  2 +-
 10 files changed, 48 insertions(+), 29 deletions(-)

(limited to 'source4/lib')

diff --git a/source4/lib/charset/charset.h b/source4/lib/charset/charset.h
index baa7df532b..c49745cd7f 100644
--- a/source4/lib/charset/charset.h
+++ b/source4/lib/charset/charset.h
@@ -97,6 +97,7 @@ size_t count_chars_w(const char *s, char c);
 void strupper_m(char *s);
 void strlower_m(char *s);
 char *strupper_talloc(TALLOC_CTX *ctx, const char *src);
+char *strupper_talloc_n(TALLOC_CTX *ctx, const char *src, size_t n);
 char *strlower_talloc(TALLOC_CTX *ctx, const char *src);
 bool strhasupper(const char *string);
 bool strhaslower(const char *string);
diff --git a/source4/lib/charset/util_unistr.c b/source4/lib/charset/util_unistr.c
index 19a4f3236c..09ec7b0471 100644
--- a/source4/lib/charset/util_unistr.c
+++ b/source4/lib/charset/util_unistr.c
@@ -518,8 +518,9 @@ _PUBLIC_ char *strlower_talloc(TALLOC_CTX *ctx, const char *src)
 
 /**
  Convert a string to UPPER case, allocated with talloc
+ source length limited to n bytes
 **/
-_PUBLIC_ char *strupper_talloc(TALLOC_CTX *ctx, const char *src)
+_PUBLIC_ char *strupper_talloc_n(TALLOC_CTX *ctx, const char *src, size_t n)
 {
 	size_t size=0;
 	char *dest;
@@ -531,12 +532,12 @@ _PUBLIC_ char *strupper_talloc(TALLOC_CTX *ctx, const char *src)
 
 	/* this takes advantage of the fact that upper/lower can't
 	   change the length of a character by more than 1 byte */
-	dest = talloc_array(ctx, char, 2*(strlen(src))+1);
+	dest = talloc_array(ctx, char, 2*(n+1));
 	if (dest == NULL) {
 		return NULL;
 	}
 
-	while (*src) {
+	while (*src && n--) {
 		size_t c_size;
 		codepoint_t c = next_codepoint(iconv_convenience, src, &c_size);
 		src += c_size;
@@ -561,6 +562,16 @@ _PUBLIC_ char *strupper_talloc(TALLOC_CTX *ctx, const char *src)
 	return dest;
 }
 
+/**
+ Convert a string to UPPER case, allocated with talloc
+**/
+_PUBLIC_ char *strupper_talloc(TALLOC_CTX *ctx, const char *src)
+{
+	return strupper_talloc_n(ctx, src, src?strlen(src):0);
+}
+
+
+
 /**
  Convert a string to lower case.
 **/
diff --git a/source4/lib/ldb/common/attrib_handlers.c b/source4/lib/ldb/common/attrib_handlers.c
index 8ed2763d4d..fb57e2dadc 100644
--- a/source4/lib/ldb/common/attrib_handlers.c
+++ b/source4/lib/ldb/common/attrib_handlers.c
@@ -55,11 +55,12 @@ int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
 {
 	char *s, *t;
 	int l;
+
 	if (!in || !out || !(in->data)) {
 		return -1;
 	}
 
-	out->data = (uint8_t *)ldb_casefold(ldb, mem_ctx, (const char *)(in->data));
+	out->data = (uint8_t *)ldb_casefold(ldb, mem_ctx, (const char *)(in->data), in->length);
 	if (out->data == NULL) {
 		ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_handler_fold: unable to casefold string [%s]", in->data);
 		return -1;
@@ -153,13 +154,14 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
 			       const struct ldb_val *v1, const struct ldb_val *v2)
 {
 	const char *s1=(const char *)v1->data, *s2=(const char *)v2->data;
+	size_t n1 = v1->length, n2 = v2->length;
 	const char *u1, *u2;
 	char *b1, *b2;
 	int ret;
-	while (*s1 == ' ') s1++;
-	while (*s2 == ' ') s2++;
+	while (*s1 == ' ' && n1) { s1++; n1--; };
+	while (*s2 == ' ' && n2) { s2++; n2--; };
 	/* TODO: make utf8 safe, possibly with helper function from application */
-	while (*s1 && *s2) {
+	while (*s1 && *s2 && n1 && n2) {
 		/* the first 127 (0x7F) chars are ascii and utf8 guarantes they
 		 * never appear in multibyte sequences */
 		if (((unsigned char)s1[0]) & 0x80) goto utf8str;
@@ -167,10 +169,11 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
 		if (toupper((unsigned char)*s1) != toupper((unsigned char)*s2))
 			break;
 		if (*s1 == ' ') {
-			while (s1[0] == s1[1]) s1++;
-			while (s2[0] == s2[1]) s2++;
+			while (s1[0] == s1[1] && n1) { s1++; n1--; }
+			while (s2[0] == s2[1] && n2) { s2++; n2--; }
 		}
 		s1++; s2++;
+		n1--; n2--;
 	}
 	if (! (*s1 && *s2)) {
 		/* check for trailing spaces only if one of the pointers
@@ -178,15 +181,18 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx,
 		 * can mistakenly match.
 		 * ex. "domain users" <-> "domainUpdates"
 		 */
-		while (*s1 == ' ') s1++;
-		while (*s2 == ' ') s2++;
+		while (*s1 == ' ') { s1++; n1--; }
+		while (*s2 == ' ') { s2++; n2--; }
+	}
+	if (n1 != n2) {
+		return n1 - n2;
 	}
 	return (int)(toupper(*s1)) - (int)(toupper(*s2));
 
 utf8str:
 	/* no need to recheck from the start, just from the first utf8 char found */
-	b1 = ldb_casefold(ldb, mem_ctx, s1);
-	b2 = ldb_casefold(ldb, mem_ctx, s2);
+	b1 = ldb_casefold(ldb, mem_ctx, s1, n1);
+	b2 = ldb_casefold(ldb, mem_ctx, s2, n2);
 
 	if (b1 && b2) {
 		/* Both strings converted correctly */
@@ -221,6 +227,7 @@ utf8str:
 	return ret;
 }
 
+
 /*
   canonicalise a attribute in DN format
 */
diff --git a/source4/lib/ldb/common/ldb_utf8.c b/source4/lib/ldb/common/ldb_utf8.c
index b7b4a60122..69ee2b6964 100644
--- a/source4/lib/ldb/common/ldb_utf8.c
+++ b/source4/lib/ldb/common/ldb_utf8.c
@@ -40,8 +40,8 @@
   function to handle utf8 caseless comparisons
  */
 void ldb_set_utf8_fns(struct ldb_context *ldb,
-			void *context,
-			char *(*casefold)(void *, void *, const char *))
+		      void *context,
+		      char *(*casefold)(void *, void *, const char *, size_t))
 {
 	if (context)
 		ldb->utf8_fns.context = context;
@@ -53,10 +53,10 @@ void ldb_set_utf8_fns(struct ldb_context *ldb,
   a simple case folding function
   NOTE: does not handle UTF8
 */
-char *ldb_casefold_default(void *context, void *mem_ctx, const char *s)
+char *ldb_casefold_default(void *context, void *mem_ctx, const char *s, size_t n)
 {
 	int i;
-	char *ret = talloc_strdup(mem_ctx, s);
+	char *ret = talloc_strndup(mem_ctx, s, n);
 	if (!s) {
 		errno = ENOMEM;
 		return NULL;
@@ -72,9 +72,9 @@ void ldb_set_utf8_default(struct ldb_context *ldb)
 	ldb_set_utf8_fns(ldb, NULL, ldb_casefold_default);
 }
 
-char *ldb_casefold(struct ldb_context *ldb, void *mem_ctx, const char *s)
+char *ldb_casefold(struct ldb_context *ldb, void *mem_ctx, const char *s, size_t n)
 {
-	return ldb->utf8_fns.casefold(ldb->utf8_fns.context, mem_ctx, s);
+	return ldb->utf8_fns.casefold(ldb->utf8_fns.context, mem_ctx, s, n);
 }
 
 /*
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 5dbf99e5bf..937029f52c 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -203,7 +203,7 @@ struct ldb_debug_ops {
 */
 struct ldb_utf8_fns {
 	void *context;
-	char *(*casefold)(void *context, TALLOC_CTX *mem_ctx, const char *s);
+	char *(*casefold)(void *context, TALLOC_CTX *mem_ctx, const char *s, size_t n);
 };
 
 /**
@@ -1216,7 +1216,7 @@ void ldb_set_utf8_default(struct ldb_context *ldb);
    \note The default function is not yet UTF8 aware. Provide your own
          set of functions through ldb_set_utf8_fns()
 */
-char *ldb_casefold(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *s);
+char *ldb_casefold(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *s, size_t n);
 
 /**
    Check the attribute name is valid according to rfc2251
@@ -1603,8 +1603,8 @@ int ldb_set_debug(struct ldb_context *ldb,
   this allows the user to set custom utf8 function for error reporting
 */
 void ldb_set_utf8_fns(struct ldb_context *ldb,
-			void *context,
-			char *(*casefold)(void *, void *, const char *));
+		      void *context,
+		      char *(*casefold)(void *, void *, const char *, size_t n));
 
 /**
    this sets up debug to print messages on stderr
diff --git a/source4/lib/ldb/include/ldb_private.h b/source4/lib/ldb/include/ldb_private.h
index 62a6e35999..e1026ab781 100644
--- a/source4/lib/ldb/include/ldb_private.h
+++ b/source4/lib/ldb/include/ldb_private.h
@@ -235,7 +235,7 @@ int save_controls(struct ldb_control *exclude, struct ldb_request *req, struct l
 int check_critical_controls(struct ldb_control **controls);
 
 /* The following definitions come from lib/ldb/common/ldb_utf8.c */
-char *ldb_casefold_default(void *context, void *mem_ctx, const char *s);
+char *ldb_casefold_default(void *context, void *mem_ctx, const char *s, size_t n);
 
 void ldb_msg_remove_element(struct ldb_message *msg, struct ldb_message_element *el);
 
diff --git a/source4/lib/ldb/tools/ldbtest.c b/source4/lib/ldb/tools/ldbtest.c
index 6d141478ad..169ff02da1 100644
--- a/source4/lib/ldb/tools/ldbtest.c
+++ b/source4/lib/ldb/tools/ldbtest.c
@@ -93,7 +93,7 @@ static void add_records(struct ldb_context *ldb,
 		el[2].name = talloc_strdup(tmp_ctx, "uid");
 		el[2].num_values = 1;
 		el[2].values = vals[2];
-		vals[2][0].data = (uint8_t *)ldb_casefold(ldb, tmp_ctx, name);
+		vals[2][0].data = (uint8_t *)ldb_casefold(ldb, tmp_ctx, name, strlen(name));
 		vals[2][0].length = strlen((char *)vals[2][0].data);
 
 		el[3].flags = 0;
diff --git a/source4/lib/ldb_wrap.h b/source4/lib/ldb_wrap.h
index e626b6ef8a..f2982302ab 100644
--- a/source4/lib/ldb_wrap.h
+++ b/source4/lib/ldb_wrap.h
@@ -29,7 +29,7 @@ struct cli_credentials;
 struct loadparm_context;
 struct event_context;
 
-char *wrap_casefold(void *context, void *mem_ctx, const char *s);
+char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n);
 
 struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx,
 				     struct event_context *ev,
diff --git a/source4/lib/util/util_ldb.c b/source4/lib/util/util_ldb.c
index 0a7433696e..fab729c036 100644
--- a/source4/lib/util/util_ldb.c
+++ b/source4/lib/util/util_ldb.c
@@ -125,9 +125,9 @@ int gendb_add_ldif(struct ldb_context *ldb, const char *ldif_string)
 	return ret;
 }
 
-char *wrap_casefold(void *context, void *mem_ctx, const char *s)
+char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n)
 {
-	return strupper_talloc(mem_ctx, s);
+	return strupper_talloc_n(mem_ctx, s, n);
 }
 
 
diff --git a/source4/lib/util/util_ldb.h b/source4/lib/util/util_ldb.h
index 030ba7ebee..43f98ae1a9 100644
--- a/source4/lib/util/util_ldb.h
+++ b/source4/lib/util/util_ldb.h
@@ -22,6 +22,6 @@ int gendb_search_dn(struct ldb_context *ldb,
 		 struct ldb_message ***res,
 		 const char * const *attrs);
 int gendb_add_ldif(struct ldb_context *ldb, const char *ldif_string);
-char *wrap_casefold(void *context, void *mem_ctx, const char *s);
+char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n);
 
 #endif /* __LIB_UTIL_UTIL_LDB_H__ */
-- 
cgit