#include "includes.h"
#include "groupdb/mapping.h"
-#include "lib/ldb/include/includes.h"
+#include "lib/ldb/include/ldb.h"
#include "lib/ldb/include/ldb_errors.h"
static struct ldb_context *ldb;
}
/* we split by domain and rid so we can do a subtree search
when we only want one domain */
- return ldb_dn_string_compose(mem_ctx, NULL, "rid=%u,domain=%s",
- rid, string_sid);
+ return ldb_dn_new_fmt(mem_ctx, ldb, "rid=%u,domain=%s",
+ rid, string_sid);
}
/*
/* we do a subtree search on the domain */
if (domsid != NULL) {
sid_to_fstring(name, domsid);
- basedn = ldb_dn_string_compose(tmp_ctx, NULL, "domain=%s", name);
+ basedn = ldb_dn_new_fmt(tmp_ctx, ldb, "domain=%s", name);
if (basedn == NULL) goto failed;
}
}
tmp_ctx = talloc_new(ldb);
- ret = ldb_search(ldb, ldb, &res, ldb_dn_new(tmp_ctx), LDB_SCOPE_BASE,
+ ret = ldb_search(ldb, ldb, &res, ldb_dn_new(tmp_ctx, ldb, NULL), LDB_SCOPE_BASE,
attrs, "(objectClass=*)");
if (ret == LDB_SUCCESS) {
if (res->count == 1) {
req->operation = LDB_SEARCH;
if (base == NULL) {
- req->op.search.base = ldb_dn_new(req);
+ req->op.search.base = ldb_dn_new(req, ldb, NULL);
} else {
req->op.search.base = base;
}
return dc;
}
-struct ldb_dn *ldb_dn_new(void *mem_ctx)
+struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *text)
{
struct ldb_dn *edn;
- edn = talloc(mem_ctx, struct ldb_dn);
- LDB_DN_NULL_FAILED(edn);
-
- /* Initially there are no components */
- edn->comp_num = 0;
- edn->components = NULL;
+ if (text == NULL) {
+ edn = talloc_zero(mem_ctx, struct ldb_dn);
+ } else {
+ edn = ldb_dn_explode(mem_ctx, text);
+ }
return edn;
+}
-failed:
- return NULL;
+bool ldb_dn_validate(struct ldb_dn *dn)
+{
+ /* This implementation does not do "lazy" evaluation of DN's, so
+ * if a DN can be created it will be valid. */
+ return true;
+}
+
+struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...)
+{
+ char *strdn;
+ va_list ap;
+ struct ldb_dn *dn;
+
+ if ( (! mem_ctx) || (! ldb)) return NULL;
+
+ va_start(ap, new_fmt);
+ strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
+ if (strdn == NULL)
+ return NULL;
+ va_end(ap);
+
+ dn = ldb_dn_explode(mem_ctx, strdn);
+
+ talloc_free(strdn);
+ return dn;
}
/*
if (dn == NULL) return NULL;
/* Allocate a structure to hold the exploded DN */
- edn = ldb_dn_new(mem_ctx);
+ edn = talloc_zero(mem_ctx, struct ldb_dn);
if (edn == NULL) {
return NULL;
}
*/
/* Allocate a structure to hold the exploded DN */
- if (!(edn = ldb_dn_new(mem_ctx))) {
+ if (!(edn = talloc_zero(mem_ctx, struct ldb_dn))) {
return NULL;
}
if (edn == NULL) return NULL;
- cedn = ldb_dn_new(mem_ctx);
+ cedn = talloc_zero(mem_ctx, struct ldb_dn);
if (!cedn) {
return NULL;
}
if (dn == NULL) return NULL;
if (num_el <= 0) return NULL;
- newdn = ldb_dn_new(mem_ctx);
+ newdn = talloc_zero(mem_ctx, struct ldb_dn);
LDB_DN_NULL_FAILED(newdn);
newdn->comp_num = num_el;
newdn = ldb_dn_copy_partial(mem_ctx, base, base->comp_num + 1);
LDB_DN_NULL_FAILED(newdn);
} else {
- newdn = ldb_dn_new(mem_ctx);
+ newdn = talloc_zero(mem_ctx, struct ldb_dn);
LDB_DN_NULL_FAILED(newdn);
newdn->comp_num = 1;
}
if (dn2 == NULL) {
- newdn = ldb_dn_new(mem_ctx);
+ newdn = talloc_zero(mem_ctx, struct ldb_dn);
LDB_DN_NULL_FAILED(newdn);
newdn->comp_num = dn1->comp_num;
*/
#include "includes.h"
-#include "lib/ldb/include/includes.h"
+#include "lib/ldb/include/ldb.h"
#ifdef HAVE_LDAP
char *ou_string = NULL;
struct ldb_context *ldb = ldb_init(mem_ctx, NULL);
- name_dn = ldb_dn_explode(mem_ctx, *account_ou);
- if (name_dn) {
+ name_dn = ldb_dn_new(mem_ctx, ldb, *account_ou);
+ if (name_dn && ldb_dn_validate(name_dn)) {
+ talloc_free(ldb);
return ADS_SUCCESS;
}
ou_string = ads_ou_string(ads, *account_ou);
if (!ou_string) {
+ talloc_free(ldb);
return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX);
}
- name = talloc_asprintf(mem_ctx, "%s,%s", ou_string,
- ads->config.bind_path);
+ name_dn = ldb_dn_new_fmt(mem_ctx, ldb, "%s,%s", ou_string,
+ ads->config.bind_path);
SAFE_FREE(ou_string);
- if (!name) {
- return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
- }
- name_dn = ldb_dn_explode(mem_ctx, name);
- if (!name_dn) {
+ if (!name_dn || !ldb_dn_validate(name_dn)) {
+ talloc_free(ldb);
return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX);
}