samba3/ldb: Update the ldb_dn API to match that of the Samba 4 LDB:

 * ldb_dn_new() now takes an initial DN string
 * ldb_dn_string_compose() -> ldb_dn_new_fmt()
 * dummy ldb_dn_validate(), since LDB DNs in the current implementation
   are always valid if they could be created.

diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c
index 143f4ed6cfd21cb236ccd0168d6cedfa14bd02a6..7ad0bbb703efb07908e42bc94497556092daa39b 100644 (file)
--- a/source3/groupdb/mapping_ldb.c
+++ b/source3/groupdb/mapping_ldb.c
@@ -23,7 +23,7 @@
 
 #include "includes.h"
 #include "groupdb/mapping.h"
-#include "lib/ldb/include/includes.h"
+#include "lib/ldb/include/ldb.h"
 #include "lib/ldb/include/ldb_errors.h"
 
 static struct ldb_context *ldb;
@@ -133,8 +133,8 @@ static struct ldb_dn *mapping_dn(TALLOC_CTX *mem_ctx, const DOM_SID *sid)
        }
        /* we split by domain and rid so we can do a subtree search
           when we only want one domain */
-       return ldb_dn_string_compose(mem_ctx, NULL, "rid=%u,domain=%s", 
-                                    rid, string_sid);
+       return ldb_dn_new_fmt(mem_ctx, ldb, "rid=%u,domain=%s", 
+                             rid, string_sid);
 }
 
 /*
@@ -328,7 +328,7 @@ static bool enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_
        /* we do a subtree search on the domain */
        if (domsid != NULL) {
                sid_to_fstring(name, domsid);
-               basedn = ldb_dn_string_compose(tmp_ctx, NULL, "domain=%s", name);
+               basedn = ldb_dn_new_fmt(tmp_ctx, ldb, "domain=%s", name);
                if (basedn == NULL) goto failed;
        }
 

diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c
index 0ea80fecfcf8abaf67bc7d2175939c716190b81e..791c1863d703bdd5796c9ee429f6191e95ecdf76 100644 (file)
--- a/source3/lib/ldb/common/ldb.c
+++ b/source3/lib/ldb/common/ldb.c
@@ -166,7 +166,7 @@ static const struct ldb_dn *ldb_set_default_basedn(struct ldb_context *ldb)
        }
 
        tmp_ctx = talloc_new(ldb);
-       ret = ldb_search(ldb, ldb, &res, ldb_dn_new(tmp_ctx), LDB_SCOPE_BASE, 
+       ret = ldb_search(ldb, ldb, &res, ldb_dn_new(tmp_ctx, ldb, NULL), LDB_SCOPE_BASE, 
                         attrs, "(objectClass=*)");
        if (ret == LDB_SUCCESS) {
                if (res->count == 1) {
@@ -601,7 +601,7 @@ int ldb_build_search_req(struct ldb_request **ret_req,
 
        req->operation = LDB_SEARCH;
        if (base == NULL) {
-               req->op.search.base = ldb_dn_new(req);
+               req->op.search.base = ldb_dn_new(req, ldb, NULL);
        } else {
                req->op.search.base = base;
        }

diff --git a/source3/lib/ldb/common/ldb_dn.c b/source3/lib/ldb/common/ldb_dn.c
index 7ef3c3802496d0952f5599b19b33169428d4ed22..09d58555bd4583df128956fe07be7823935f15db 100644 (file)
--- a/source3/lib/ldb/common/ldb_dn.c
+++ b/source3/lib/ldb/common/ldb_dn.c
@@ -332,21 +332,44 @@ failed:
        return dc;
 }
 
-struct ldb_dn *ldb_dn_new(void *mem_ctx)
+struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *text)
 {
        struct ldb_dn *edn;
 
-       edn = talloc(mem_ctx, struct ldb_dn);
-       LDB_DN_NULL_FAILED(edn);
-
-       /* Initially there are no components */
-       edn->comp_num = 0;
-       edn->components = NULL;
+       if (text == NULL) {
+               edn = talloc_zero(mem_ctx, struct ldb_dn);
+       } else {
+               edn = ldb_dn_explode(mem_ctx, text);
+       }
 
        return edn;
+}
 
-failed:
-       return NULL;
+bool ldb_dn_validate(struct ldb_dn *dn)
+{
+       /* This implementation does not do "lazy" evaluation of DN's, so 
+        * if a DN can be created it will be valid. */
+       return true;
+}
+
+struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...)
+{
+       char *strdn;
+       va_list ap;
+       struct ldb_dn *dn;
+
+       if ( (! mem_ctx) || (! ldb)) return NULL;
+
+       va_start(ap, new_fmt);
+       strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
+       if (strdn == NULL)
+               return NULL;
+       va_end(ap);
+
+       dn = ldb_dn_explode(mem_ctx, strdn);
+
+       talloc_free(strdn);
+       return dn;
 }
 
 /*
@@ -360,7 +383,7 @@ struct ldb_dn *ldb_dn_explode(void *mem_ctx, const char *dn)
        if (dn == NULL) return NULL;
 
        /* Allocate a structure to hold the exploded DN */
-       edn = ldb_dn_new(mem_ctx);
+       edn = talloc_zero(mem_ctx, struct ldb_dn);
        if (edn == NULL) {
                return NULL;
        }
@@ -440,7 +463,7 @@ struct ldb_dn *ldb_dn_explode_or_special(void *mem_ctx, const char *dn)
                 */
 
                /* Allocate a structure to hold the exploded DN */
-               if (!(edn = ldb_dn_new(mem_ctx))) {
+               if (!(edn = talloc_zero(mem_ctx, struct ldb_dn))) {
                        return NULL;
                }
 
@@ -599,7 +622,7 @@ struct ldb_dn *ldb_dn_casefold(struct ldb_context *ldb, void *mem_ctx, const str
 
        if (edn == NULL) return NULL;
 
-       cedn = ldb_dn_new(mem_ctx);
+       cedn = talloc_zero(mem_ctx, struct ldb_dn);
        if (!cedn) {
                return NULL;
        }
@@ -737,7 +760,7 @@ struct ldb_dn *ldb_dn_copy_partial(void *mem_ctx, const struct ldb_dn *dn, int n
        if (dn == NULL) return NULL;
        if (num_el <= 0) return NULL;
 
-       newdn = ldb_dn_new(mem_ctx);
+       newdn = talloc_zero(mem_ctx, struct ldb_dn);
        LDB_DN_NULL_FAILED(newdn);
 
        newdn->comp_num = num_el;
@@ -814,7 +837,7 @@ struct ldb_dn *ldb_dn_build_child(void *mem_ctx, const char *attr,
                newdn = ldb_dn_copy_partial(mem_ctx, base, base->comp_num + 1);
                LDB_DN_NULL_FAILED(newdn);
        } else {
-               newdn = ldb_dn_new(mem_ctx);
+               newdn = talloc_zero(mem_ctx, struct ldb_dn);
                LDB_DN_NULL_FAILED(newdn);
 
                newdn->comp_num = 1;
@@ -847,7 +870,7 @@ struct ldb_dn *ldb_dn_compose(void *mem_ctx, const struct ldb_dn *dn1, const str
        }
 
        if (dn2 == NULL) {
-               newdn = ldb_dn_new(mem_ctx);
+               newdn = talloc_zero(mem_ctx, struct ldb_dn);
                LDB_DN_NULL_FAILED(newdn);
 
                newdn->comp_num = dn1->comp_num;

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 44a73cbfdbb616bd9966e1613a0394f6c63808f9..588c0a131c37122490251a554167e173f29b0ca7 100644 (file)
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -22,7 +22,7 @@
 */
 
 #include "includes.h"
-#include "lib/ldb/include/includes.h"
+#include "lib/ldb/include/ldb.h"
 
 #ifdef HAVE_LDAP
 
@@ -3860,25 +3860,24 @@ ADS_STATUS ads_check_ou_dn(TALLOC_CTX *mem_ctx,
        char *ou_string = NULL;
        struct ldb_context *ldb = ldb_init(mem_ctx, NULL);
 
-       name_dn = ldb_dn_explode(mem_ctx, *account_ou);
-       if (name_dn) {
+       name_dn = ldb_dn_new(mem_ctx, ldb, *account_ou);
+       if (name_dn && ldb_dn_validate(name_dn)) {
+               talloc_free(ldb);
                return ADS_SUCCESS;
        }
 
        ou_string = ads_ou_string(ads, *account_ou);
        if (!ou_string) {
+               talloc_free(ldb);
                return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX);
        }
 
-       name = talloc_asprintf(mem_ctx, "%s,%s", ou_string,
-                              ads->config.bind_path);
+       name_dn = ldb_dn_new_fmt(mem_ctx, ldb, "%s,%s", ou_string,
+                                ads->config.bind_path);
        SAFE_FREE(ou_string);
-       if (!name) {
-               return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
-       }
 
-       name_dn = ldb_dn_explode(mem_ctx, name);
-       if (!name_dn) {
+       if (!name_dn || !ldb_dn_validate(name_dn)) {
+               talloc_free(ldb);
                return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX);
        }