From 938cb40290af72bdd887d964f46ccc00d80ab744 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 10 Oct 2010 17:15:11 +0200 Subject: ldb-samba: Add convenience function for doing a Samba-style LDB init. --- source4/lib/ldb-samba/ldb_wrap.c | 111 +++++++++++++++++++--------------- source4/lib/ldb-samba/ldb_wrap.h | 9 +++ source4/lib/ldb-samba/ldif_handlers.c | 2 +- 3 files changed, 73 insertions(+), 49 deletions(-) (limited to 'source4') diff --git a/source4/lib/ldb-samba/ldb_wrap.c b/source4/lib/ldb-samba/ldb_wrap.c index 7cf9128e96..9d1f5157a1 100644 --- a/source4/lib/ldb-samba/ldb_wrap.c +++ b/source4/lib/ldb-samba/ldb_wrap.c @@ -117,41 +117,13 @@ static int ldb_wrap_destructor(struct ldb_wrap *w) return 0; } - -/* - wrapped connection to a ldb database - to close just talloc_free() the returned ldb_context - - TODO: We need an error_string parameter - */ - struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct loadparm_context *lp_ctx, - const char *url, - struct auth_session_info *session_info, - struct cli_credentials *credentials, - unsigned int flags) +static ldb_context *samba_ldb_init(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct loadparm_context *lp_ctx, + struct auth_session_info *session_info, + struct cli_credentials *credentials + ) { - struct ldb_context *ldb; - int ret; - char *real_url = NULL; - struct ldb_wrap *w; - struct ldb_wrap_context c; - - c.url = url; - c.ev = ev; - c.lp_ctx = lp_ctx; - c.session_info = session_info; - c.credentials = credentials; - c.flags = flags; - - /* see if we can re-use an existing ldb */ - for (w=ldb_wrap_list; w; w=w->next) { - if (ldb_wrap_same_context(&c, &w->context)) { - return talloc_reference(mem_ctx, w->ldb); - } - } - /* we want to use the existing event context if possible. This relies on the fact that in smbd, everything is a child of the main event_context */ @@ -169,6 +141,10 @@ static int ldb_wrap_destructor(struct ldb_wrap *w) "%s/ldb", lpcfg_modulesdir(lp_ctx))); + ldb_set_debug(ldb, ldb_wrap_debug, NULL); + + ldb_set_utf8_fns(ldb, NULL, wrap_casefold); + if (session_info) { if (ldb_set_opaque(ldb, "sessionInfo", session_info)) { talloc_free(ldb); @@ -198,20 +174,6 @@ static int ldb_wrap_destructor(struct ldb_wrap *w) return NULL; } - if (lp_ctx != NULL && strcmp(lpcfg_sam_url(lp_ctx), url) == 0) { - dsdb_set_global_schema(ldb); - } - - ldb_set_debug(ldb, ldb_wrap_debug, NULL); - - ldb_set_utf8_fns(ldb, NULL, wrap_casefold); - - real_url = private_path(ldb, lp_ctx, url); - if (real_url == NULL) { - talloc_free(ldb); - return NULL; - } - /* allow admins to force non-sync ldb for all databases */ if (lpcfg_parm_bool(lp_ctx, NULL, "ldb", "nosync", false)) { flags |= LDB_FLG_NOSYNC; @@ -225,6 +187,59 @@ static int ldb_wrap_destructor(struct ldb_wrap *w) find we need one public, we will need to add a parameter to ldb_wrap_connect() */ ldb_set_create_perms(ldb, 0600); + + return ldb; +} + +/* + wrapped connection to a ldb database + to close just talloc_free() the returned ldb_context + + TODO: We need an error_string parameter + */ + struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct loadparm_context *lp_ctx, + const char *url, + struct auth_session_info *session_info, + struct cli_credentials *credentials, + unsigned int flags) +{ + struct ldb_context *ldb; + int ret; + char *real_url = NULL; + struct ldb_wrap *w; + struct ldb_wrap_context c; + + c.url = url; + c.ev = ev; + c.lp_ctx = lp_ctx; + c.session_info = session_info; + c.credentials = credentials; + c.flags = flags; + + /* see if we can re-use an existing ldb */ + for (w=ldb_wrap_list; w; w=w->next) { + if (ldb_wrap_same_context(&c, &w->context)) { + return talloc_reference(mem_ctx, w->ldb); + } + } + + ldb = samba_ldb_init(mem_ctx, ev, lp_ctx, session_info, credentials); + + if (ldb == NULL) + return NULL; + + if (lp_ctx != NULL && strcmp(lpcfg_sam_url(lp_ctx), url) == 0) { + dsdb_set_global_schema(ldb); + } + + real_url = private_path(ldb, lp_ctx, url); + if (real_url == NULL) { + talloc_free(ldb); + return NULL; + } + ret = ldb_connect(ldb, real_url, flags, NULL); if (ret != LDB_SUCCESS) { diff --git a/source4/lib/ldb-samba/ldb_wrap.h b/source4/lib/ldb-samba/ldb_wrap.h index 650f97d17d..66281fde4a 100644 --- a/source4/lib/ldb-samba/ldb_wrap.h +++ b/source4/lib/ldb-samba/ldb_wrap.h @@ -40,4 +40,13 @@ struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx, unsigned int flags); void ldb_wrap_fork_hook(void); + +static ldb_context *samba_ldb_init(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct loadparm_context *lp_ctx, + struct auth_session_info *session_info, + struct cli_credentials *credentials + ); + + #endif /* _LDB_WRAP_H_ */ diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c index 7cb42e36dc..b2a0adc550 100644 --- a/source4/lib/ldb-samba/ldif_handlers.c +++ b/source4/lib/ldb-samba/ldif_handlers.c @@ -369,7 +369,7 @@ static int ldif_read_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ctx (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { /* If this does not parse, then it is probably SDDL, and we should try it that way */ - + const struct dom_sid *sid = samdb_domain_sid(ldb); talloc_free(sd); sd = sddl_decode(mem_ctx, (const char *)in->data, sid); -- cgit