2 Unix SMB/CIFS mplementation.
5 Copyright (C) Stefan Metzmacher <metze@samba.org> 2006
6 Copyright (C) Simo Sorce 2005
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "dsdb/samdb/samdb.h"
25 #include "librpc/gen_ndr/ndr_drsuapi.h"
26 #include "librpc/gen_ndr/ndr_security.h"
27 #include "librpc/gen_ndr/ndr_misc.h"
29 #include <ldb_errors.h>
30 #include "system/time.h"
31 #include "../lib/util/charset/charset.h"
32 #include "librpc/ndr/libndr.h"
33 #include "../lib/util/asn1.h"
36 * Initialize dsdb_syntax_ctx with default values
39 void dsdb_syntax_ctx_init(struct dsdb_syntax_ctx *ctx,
40 struct ldb_context *ldb,
41 const struct dsdb_schema *schema)
47 * 'true' will keep current behavior,
48 * i.e. attributeID_id will be returned by default
50 ctx->is_schema_nc = true;
52 ctx->pfm_remote = NULL;
57 * Returns ATTID for DRS attribute.
59 * ATTID depends on whether we are replicating
60 * Schema NC or msDs-IntId is set for schemaAttribute
63 uint32_t dsdb_attribute_get_attid(const struct dsdb_attribute *attr,
66 if (!for_schema_nc && attr->msDS_IntId) {
67 return attr->msDS_IntId;
70 return attr->attributeID_id;
74 * Map an ATTID from remote DC to a local ATTID
75 * using remote prefixMap
77 static bool dsdb_syntax_attid_from_remote_attid(const struct dsdb_syntax_ctx *ctx,
86 * map remote ATTID to local directly in case
87 * of no remote prefixMap (during provision for instance)
89 if (!ctx->pfm_remote) {
90 *id_local = id_remote;
94 werr = dsdb_schema_pfm_oid_from_attid(ctx->pfm_remote, id_remote, mem_ctx, &oid);
95 if (!W_ERROR_IS_OK(werr)) {
96 DEBUG(0,("ATTID->OID failed (%s) for: 0x%08X\n", win_errstr(werr), id_remote));
100 werr = dsdb_schema_pfm_attid_from_oid(ctx->schema->prefixmap, oid, id_local);
101 if (!W_ERROR_IS_OK(werr)) {
102 DEBUG(0,("OID->ATTID failed (%s) for: %s\n", win_errstr(werr), oid));
109 static WERROR dsdb_syntax_FOOBAR_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
110 const struct dsdb_attribute *attr,
111 const struct drsuapi_DsReplicaAttribute *in,
113 struct ldb_message_element *out)
118 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
119 W_ERROR_HAVE_NO_MEMORY(out->name);
121 out->num_values = in->value_ctr.num_values;
122 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
123 W_ERROR_HAVE_NO_MEMORY(out->values);
125 for (i=0; i < out->num_values; i++) {
128 if (in->value_ctr.values[i].blob == NULL) {
132 str = talloc_asprintf(out->values, "%s: not implemented",
134 W_ERROR_HAVE_NO_MEMORY(str);
136 out->values[i] = data_blob_string_const(str);
142 static WERROR dsdb_syntax_FOOBAR_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
143 const struct dsdb_attribute *attr,
144 const struct ldb_message_element *in,
146 struct drsuapi_DsReplicaAttribute *out)
151 static WERROR dsdb_syntax_FOOBAR_validate_ldb(const struct dsdb_syntax_ctx *ctx,
152 const struct dsdb_attribute *attr,
153 const struct ldb_message_element *in)
158 static WERROR dsdb_syntax_BOOL_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
159 const struct dsdb_attribute *attr,
160 const struct drsuapi_DsReplicaAttribute *in,
162 struct ldb_message_element *out)
167 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
168 W_ERROR_HAVE_NO_MEMORY(out->name);
170 out->num_values = in->value_ctr.num_values;
171 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
172 W_ERROR_HAVE_NO_MEMORY(out->values);
174 for (i=0; i < out->num_values; i++) {
178 if (in->value_ctr.values[i].blob == NULL) {
182 if (in->value_ctr.values[i].blob->length != 4) {
186 v = IVAL(in->value_ctr.values[i].blob->data, 0);
189 str = talloc_strdup(out->values, "TRUE");
190 W_ERROR_HAVE_NO_MEMORY(str);
192 str = talloc_strdup(out->values, "FALSE");
193 W_ERROR_HAVE_NO_MEMORY(str);
196 out->values[i] = data_blob_string_const(str);
202 static WERROR dsdb_syntax_BOOL_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
203 const struct dsdb_attribute *attr,
204 const struct ldb_message_element *in,
206 struct drsuapi_DsReplicaAttribute *out)
211 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
212 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
215 out->attid = dsdb_attribute_get_attid(attr,
217 out->value_ctr.num_values = in->num_values;
218 out->value_ctr.values = talloc_array(mem_ctx,
219 struct drsuapi_DsAttributeValue,
221 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
223 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
224 W_ERROR_HAVE_NO_MEMORY(blobs);
226 for (i=0; i < in->num_values; i++) {
227 out->value_ctr.values[i].blob = &blobs[i];
229 blobs[i] = data_blob_talloc(blobs, NULL, 4);
230 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
232 if (in->values[i].length >= 4 &&
233 strncmp("TRUE", (const char *)in->values[i].data, in->values[i].length) == 0) {
234 SIVAL(blobs[i].data, 0, 0x00000001);
235 } else if (in->values[i].length >= 5 &&
236 strncmp("FALSE", (const char *)in->values[i].data, in->values[i].length) == 0) {
237 SIVAL(blobs[i].data, 0, 0x00000000);
246 static WERROR dsdb_syntax_BOOL_validate_ldb(const struct dsdb_syntax_ctx *ctx,
247 const struct dsdb_attribute *attr,
248 const struct ldb_message_element *in)
252 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
253 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
256 for (i=0; i < in->num_values; i++) {
257 if (in->values[i].length == 0) {
258 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
261 if (in->values[i].length >= 4 &&
263 (const char *)in->values[i].data,
264 in->values[i].length) == 0) {
267 if (in->values[i].length >= 5 &&
269 (const char *)in->values[i].data,
270 in->values[i].length) == 0) {
273 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
279 static WERROR dsdb_syntax_INT32_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
280 const struct dsdb_attribute *attr,
281 const struct drsuapi_DsReplicaAttribute *in,
283 struct ldb_message_element *out)
288 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
289 W_ERROR_HAVE_NO_MEMORY(out->name);
291 out->num_values = in->value_ctr.num_values;
292 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
293 W_ERROR_HAVE_NO_MEMORY(out->values);
295 for (i=0; i < out->num_values; i++) {
299 if (in->value_ctr.values[i].blob == NULL) {
303 if (in->value_ctr.values[i].blob->length != 4) {
307 v = IVALS(in->value_ctr.values[i].blob->data, 0);
309 str = talloc_asprintf(out->values, "%d", v);
310 W_ERROR_HAVE_NO_MEMORY(str);
312 out->values[i] = data_blob_string_const(str);
318 static WERROR dsdb_syntax_INT32_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
319 const struct dsdb_attribute *attr,
320 const struct ldb_message_element *in,
322 struct drsuapi_DsReplicaAttribute *out)
327 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
328 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
331 out->attid = dsdb_attribute_get_attid(attr,
333 out->value_ctr.num_values = in->num_values;
334 out->value_ctr.values = talloc_array(mem_ctx,
335 struct drsuapi_DsAttributeValue,
337 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
339 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
340 W_ERROR_HAVE_NO_MEMORY(blobs);
342 for (i=0; i < in->num_values; i++) {
345 out->value_ctr.values[i].blob = &blobs[i];
347 blobs[i] = data_blob_talloc(blobs, NULL, 4);
348 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
350 /* We've to use "strtoll" here to have the intended overflows.
351 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */
352 v = (int32_t) strtoll((char *)in->values[i].data, NULL, 0);
354 SIVALS(blobs[i].data, 0, v);
360 static WERROR dsdb_syntax_INT32_validate_ldb(const struct dsdb_syntax_ctx *ctx,
361 const struct dsdb_attribute *attr,
362 const struct ldb_message_element *in)
366 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
367 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
370 for (i=0; i < in->num_values; i++) {
373 char buf[sizeof("-2147483648")];
377 if (in->values[i].length >= sizeof(buf)) {
378 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
381 memcpy(buf, in->values[i].data, in->values[i].length);
383 v = strtol(buf, &end, 10);
385 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
387 if (end && end[0] != '\0') {
388 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
394 DEBUG(0,("invalid[%s] n[%ld] v[%ld]\n",
396 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
399 if ((v & INT32_MIN) && buf[0] != '-') {
401 * if the 0x80000000 bit is set, it is a negative
402 * value. We need to make sure the it was given
403 * as a negativ string value.
405 * We need to accept '-2147483647', but reject
406 * '2147483649', both represent 0x80000001.
408 DEBUG(0,("invalid[%s] n[%ld] v[%ld]\n",
410 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
413 if (attr->rangeLower) {
414 if ((int32_t)v < (int32_t)*attr->rangeLower) {
415 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
419 if (attr->rangeUpper) {
420 if ((int32_t)v > (int32_t)*attr->rangeUpper) {
421 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
429 static WERROR dsdb_syntax_INT64_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
430 const struct dsdb_attribute *attr,
431 const struct drsuapi_DsReplicaAttribute *in,
433 struct ldb_message_element *out)
438 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
439 W_ERROR_HAVE_NO_MEMORY(out->name);
441 out->num_values = in->value_ctr.num_values;
442 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
443 W_ERROR_HAVE_NO_MEMORY(out->values);
445 for (i=0; i < out->num_values; i++) {
449 if (in->value_ctr.values[i].blob == NULL) {
453 if (in->value_ctr.values[i].blob->length != 8) {
457 v = BVALS(in->value_ctr.values[i].blob->data, 0);
459 str = talloc_asprintf(out->values, "%lld", (long long int)v);
460 W_ERROR_HAVE_NO_MEMORY(str);
462 out->values[i] = data_blob_string_const(str);
468 static WERROR dsdb_syntax_INT64_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
469 const struct dsdb_attribute *attr,
470 const struct ldb_message_element *in,
472 struct drsuapi_DsReplicaAttribute *out)
477 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
478 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
481 out->attid = dsdb_attribute_get_attid(attr,
483 out->value_ctr.num_values = in->num_values;
484 out->value_ctr.values = talloc_array(mem_ctx,
485 struct drsuapi_DsAttributeValue,
487 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
489 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
490 W_ERROR_HAVE_NO_MEMORY(blobs);
492 for (i=0; i < in->num_values; i++) {
495 out->value_ctr.values[i].blob = &blobs[i];
497 blobs[i] = data_blob_talloc(blobs, NULL, 8);
498 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
500 v = strtoll((const char *)in->values[i].data, NULL, 10);
502 SBVALS(blobs[i].data, 0, v);
508 static WERROR dsdb_syntax_INT64_validate_ldb(const struct dsdb_syntax_ctx *ctx,
509 const struct dsdb_attribute *attr,
510 const struct ldb_message_element *in)
514 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
515 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
518 for (i=0; i < in->num_values; i++) {
521 char buf[sizeof("-9223372036854775808")];
525 if (in->values[i].length >= sizeof(buf)) {
526 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
528 memcpy(buf, in->values[i].data, in->values[i].length);
531 v = strtoll(buf, &end, 10);
533 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
535 if (end && end[0] != '\0') {
536 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
542 DEBUG(0,("invalid[%s] n[%lld] v[%lld]\n",
544 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
547 if ((v & INT64_MIN) && buf[0] != '-') {
549 * if the 0x8000000000000000 bit is set,
550 * it is a negative value. We need to
551 * make sure the it was given as a negative
554 * We need to accept '-9223372036854775807',
555 * but reject '9223372036854775809',
556 * both represent 0x8000000000000001.
558 DEBUG(0,("invalid[%s] n[%lld] v[%lld]\n",
560 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
563 if (attr->rangeLower) {
564 if ((int64_t)v < (int64_t)*attr->rangeLower) {
565 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
569 if (attr->rangeUpper) {
570 if ((int64_t)v > (int64_t)*attr->rangeUpper) {
571 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
578 static WERROR dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
579 const struct dsdb_attribute *attr,
580 const struct drsuapi_DsReplicaAttribute *in,
582 struct ldb_message_element *out)
587 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
588 W_ERROR_HAVE_NO_MEMORY(out->name);
590 out->num_values = in->value_ctr.num_values;
591 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
592 W_ERROR_HAVE_NO_MEMORY(out->values);
594 for (i=0; i < out->num_values; i++) {
599 if (in->value_ctr.values[i].blob == NULL) {
603 if (in->value_ctr.values[i].blob->length != 8) {
607 v = BVAL(in->value_ctr.values[i].blob->data, 0);
609 /* special case for 1601 zero timestamp */
610 out->values[i] = data_blob_string_const("16010101000000.0Z");
614 t = nt_time_to_unix(v);
617 * NOTE: On a w2k3 server you can set a GeneralizedTime string
618 * via LDAP, but you get back an UTCTime string,
619 * but via DRSUAPI you get back the NTTIME_1sec value
620 * that represents the GeneralizedTime value!
622 * So if we store the UTCTime string in our ldb
623 * we'll loose information!
625 str = ldb_timestring_utc(out->values, t);
626 W_ERROR_HAVE_NO_MEMORY(str);
627 out->values[i] = data_blob_string_const(str);
633 static WERROR dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
634 const struct dsdb_attribute *attr,
635 const struct ldb_message_element *in,
637 struct drsuapi_DsReplicaAttribute *out)
642 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
643 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
646 out->attid = dsdb_attribute_get_attid(attr,
648 out->value_ctr.num_values = in->num_values;
649 out->value_ctr.values = talloc_array(mem_ctx,
650 struct drsuapi_DsAttributeValue,
652 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
654 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
655 W_ERROR_HAVE_NO_MEMORY(blobs);
657 for (i=0; i < in->num_values; i++) {
661 out->value_ctr.values[i].blob = &blobs[i];
663 blobs[i] = data_blob_talloc(blobs, NULL, 8);
664 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
666 if (ldb_val_string_cmp(&in->values[i], "16010101000000.0Z") == 0) {
667 SBVALS(blobs[i].data, 0, 0);
671 t = ldb_string_utc_to_time((const char *)in->values[i].data);
672 unix_to_nt_time(&v, t);
675 SBVAL(blobs[i].data, 0, v);
681 static WERROR dsdb_syntax_NTTIME_UTC_validate_ldb(const struct dsdb_syntax_ctx *ctx,
682 const struct dsdb_attribute *attr,
683 const struct ldb_message_element *in)
687 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
688 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
691 for (i=0; i < in->num_values; i++) {
693 char buf[sizeof("090826075717Z")];
696 if (in->values[i].length >= sizeof(buf)) {
697 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
699 memcpy(buf, in->values[i].data, in->values[i].length);
701 t = ldb_string_utc_to_time(buf);
703 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
706 if (attr->rangeLower) {
707 if ((int32_t)t < (int32_t)*attr->rangeLower) {
708 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
712 if (attr->rangeUpper) {
713 if ((int32_t)t > (int32_t)*attr->rangeUpper) {
714 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
719 * TODO: verify the comment in the
720 * dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb() function!
727 static WERROR dsdb_syntax_NTTIME_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
728 const struct dsdb_attribute *attr,
729 const struct drsuapi_DsReplicaAttribute *in,
731 struct ldb_message_element *out)
736 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
737 W_ERROR_HAVE_NO_MEMORY(out->name);
739 out->num_values = in->value_ctr.num_values;
740 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
741 W_ERROR_HAVE_NO_MEMORY(out->values);
743 for (i=0; i < out->num_values; i++) {
748 if (in->value_ctr.values[i].blob == NULL) {
752 if (in->value_ctr.values[i].blob->length != 8) {
756 v = BVAL(in->value_ctr.values[i].blob->data, 0);
758 /* special case for 1601 zero timestamp */
759 out->values[i] = data_blob_string_const("16010101000000.0Z");
763 t = nt_time_to_unix(v);
765 str = ldb_timestring(out->values, t);
766 W_ERROR_HAVE_NO_MEMORY(str);
768 out->values[i] = data_blob_string_const(str);
774 static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
775 const struct dsdb_attribute *attr,
776 const struct ldb_message_element *in,
778 struct drsuapi_DsReplicaAttribute *out)
783 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
784 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
787 out->attid = dsdb_attribute_get_attid(attr,
789 out->value_ctr.num_values = in->num_values;
790 out->value_ctr.values = talloc_array(mem_ctx,
791 struct drsuapi_DsAttributeValue,
793 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
795 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
796 W_ERROR_HAVE_NO_MEMORY(blobs);
798 for (i=0; i < in->num_values; i++) {
803 out->value_ctr.values[i].blob = &blobs[i];
805 blobs[i] = data_blob_talloc(blobs, NULL, 8);
806 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
808 if (ldb_val_string_cmp(&in->values[i], "16010101000000.0Z") == 0) {
809 SBVALS(blobs[i].data, 0, 0);
813 ret = ldb_val_to_time(&in->values[i], &t);
814 if (ret != LDB_SUCCESS) {
815 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
817 unix_to_nt_time(&v, t);
820 SBVAL(blobs[i].data, 0, v);
826 static WERROR dsdb_syntax_NTTIME_validate_ldb(const struct dsdb_syntax_ctx *ctx,
827 const struct dsdb_attribute *attr,
828 const struct ldb_message_element *in)
832 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
833 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
836 for (i=0; i < in->num_values; i++) {
840 ret = ldb_val_to_time(&in->values[i], &t);
841 if (ret != LDB_SUCCESS) {
842 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
845 if (attr->rangeLower) {
846 if ((int32_t)t < (int32_t)*attr->rangeLower) {
847 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
851 if (attr->rangeUpper) {
852 if ((int32_t)t > (int32_t)*attr->rangeUpper) {
853 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
861 static WERROR dsdb_syntax_DATA_BLOB_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
862 const struct dsdb_attribute *attr,
863 const struct drsuapi_DsReplicaAttribute *in,
865 struct ldb_message_element *out)
870 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
871 W_ERROR_HAVE_NO_MEMORY(out->name);
873 out->num_values = in->value_ctr.num_values;
874 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
875 W_ERROR_HAVE_NO_MEMORY(out->values);
877 for (i=0; i < out->num_values; i++) {
878 if (in->value_ctr.values[i].blob == NULL) {
882 if (in->value_ctr.values[i].blob->length == 0) {
886 out->values[i] = data_blob_dup_talloc(out->values,
887 *in->value_ctr.values[i].blob);
888 W_ERROR_HAVE_NO_MEMORY(out->values[i].data);
894 static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
895 const struct dsdb_attribute *attr,
896 const struct ldb_message_element *in,
898 struct drsuapi_DsReplicaAttribute *out)
903 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
904 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
907 out->attid = dsdb_attribute_get_attid(attr,
909 out->value_ctr.num_values = in->num_values;
910 out->value_ctr.values = talloc_array(mem_ctx,
911 struct drsuapi_DsAttributeValue,
913 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
915 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
916 W_ERROR_HAVE_NO_MEMORY(blobs);
918 for (i=0; i < in->num_values; i++) {
919 out->value_ctr.values[i].blob = &blobs[i];
921 blobs[i] = data_blob_dup_talloc(blobs, in->values[i]);
922 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
928 static WERROR dsdb_syntax_DATA_BLOB_validate_one_val(const struct dsdb_syntax_ctx *ctx,
929 const struct dsdb_attribute *attr,
930 const struct ldb_val *val)
932 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
933 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
936 if (attr->rangeLower) {
937 if ((uint32_t)val->length < (uint32_t)*attr->rangeLower) {
938 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
942 if (attr->rangeUpper) {
943 if ((uint32_t)val->length > (uint32_t)*attr->rangeUpper) {
944 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
951 static WERROR dsdb_syntax_DATA_BLOB_validate_ldb(const struct dsdb_syntax_ctx *ctx,
952 const struct dsdb_attribute *attr,
953 const struct ldb_message_element *in)
958 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
959 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
962 for (i=0; i < in->num_values; i++) {
963 if (in->values[i].length == 0) {
964 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
967 status = dsdb_syntax_DATA_BLOB_validate_one_val(ctx,
970 if (!W_ERROR_IS_OK(status)) {
978 static WERROR _dsdb_syntax_auto_OID_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
979 const struct dsdb_attribute *attr,
980 const struct drsuapi_DsReplicaAttribute *in,
982 struct ldb_message_element *out)
987 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
988 W_ERROR_HAVE_NO_MEMORY(out->name);
990 out->num_values = in->value_ctr.num_values;
991 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
992 W_ERROR_HAVE_NO_MEMORY(out->values);
994 for (i=0; i < out->num_values; i++) {
996 const struct dsdb_class *c;
997 const struct dsdb_attribute *a;
998 const char *str = NULL;
1000 if (in->value_ctr.values[i].blob == NULL) {
1004 if (in->value_ctr.values[i].blob->length != 4) {
1008 v = IVAL(in->value_ctr.values[i].blob->data, 0);
1010 if ((c = dsdb_class_by_governsID_id(ctx->schema, v))) {
1011 str = talloc_strdup(out->values, c->lDAPDisplayName);
1012 } else if ((a = dsdb_attribute_by_attributeID_id(ctx->schema, v))) {
1013 str = talloc_strdup(out->values, a->lDAPDisplayName);
1016 SMB_ASSERT(ctx->pfm_remote);
1017 werr = dsdb_schema_pfm_oid_from_attid(ctx->pfm_remote, v,
1019 W_ERROR_NOT_OK_RETURN(werr);
1021 W_ERROR_HAVE_NO_MEMORY(str);
1023 /* the values need to be reversed */
1024 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
1030 static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1031 const struct dsdb_attribute *attr,
1032 const struct drsuapi_DsReplicaAttribute *in,
1033 TALLOC_CTX *mem_ctx,
1034 struct ldb_message_element *out)
1039 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1040 W_ERROR_HAVE_NO_MEMORY(out->name);
1042 out->num_values = in->value_ctr.num_values;
1043 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1044 W_ERROR_HAVE_NO_MEMORY(out->values);
1046 for (i=0; i < out->num_values; i++) {
1048 const struct dsdb_class *c;
1051 if (in->value_ctr.values[i].blob == NULL) {
1055 if (in->value_ctr.values[i].blob->length != 4) {
1059 v = IVAL(in->value_ctr.values[i].blob->data, 0);
1062 /* convert remote ATTID to local ATTID */
1063 if (!dsdb_syntax_attid_from_remote_attid(ctx, mem_ctx, v, &v)) {
1064 DEBUG(1,(__location__ ": Failed to map remote ATTID to local ATTID!\n"));
1068 c = dsdb_class_by_governsID_id(ctx->schema, v);
1070 int dbg_level = ctx->schema->resolving_in_progress ? 10 : 0;
1071 DEBUG(dbg_level,(__location__ ": %s unknown local governsID 0x%08X remote 0x%08X%s\n",
1072 attr->lDAPDisplayName, v, vo,
1073 ctx->schema->resolving_in_progress ? "resolving in progress" : ""));
1074 return WERR_DS_OBJ_CLASS_NOT_DEFINED;
1077 str = talloc_strdup(out->values, c->lDAPDisplayName);
1078 W_ERROR_HAVE_NO_MEMORY(str);
1080 /* the values need to be reversed */
1081 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
1087 static WERROR _dsdb_syntax_OID_attr_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1088 const struct dsdb_attribute *attr,
1089 const struct drsuapi_DsReplicaAttribute *in,
1090 TALLOC_CTX *mem_ctx,
1091 struct ldb_message_element *out)
1096 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1097 W_ERROR_HAVE_NO_MEMORY(out->name);
1099 out->num_values = in->value_ctr.num_values;
1100 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1101 W_ERROR_HAVE_NO_MEMORY(out->values);
1103 for (i=0; i < out->num_values; i++) {
1105 const struct dsdb_attribute *a;
1108 if (in->value_ctr.values[i].blob == NULL) {
1109 DEBUG(0, ("Attribute has no value\n"));
1113 if (in->value_ctr.values[i].blob->length != 4) {
1114 DEBUG(0, ("Attribute has a value with 0 length\n"));
1118 v = IVAL(in->value_ctr.values[i].blob->data, 0);
1121 /* convert remote ATTID to local ATTID */
1122 if (!dsdb_syntax_attid_from_remote_attid(ctx, mem_ctx, v, &v)) {
1123 DEBUG(1,(__location__ ": Failed to map remote ATTID to local ATTID!\n"));
1127 a = dsdb_attribute_by_attributeID_id(ctx->schema, v);
1129 int dbg_level = ctx->schema->resolving_in_progress ? 10 : 0;
1130 DEBUG(dbg_level,(__location__ ": %s unknown local attributeID_id 0x%08X remote 0x%08X%s\n",
1131 attr->lDAPDisplayName, v, vo,
1132 ctx->schema->resolving_in_progress ? "resolving in progress" : ""));
1133 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1136 str = talloc_strdup(out->values, a->lDAPDisplayName);
1137 W_ERROR_HAVE_NO_MEMORY(str);
1139 /* the values need to be reversed */
1140 out->values[out->num_values - (i + 1)] = data_blob_string_const(str);
1146 static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1147 const struct dsdb_attribute *attr,
1148 const struct drsuapi_DsReplicaAttribute *in,
1149 TALLOC_CTX *mem_ctx,
1150 struct ldb_message_element *out)
1153 const struct dsdb_schema_prefixmap *prefixmap;
1155 if (ctx->pfm_remote != NULL) {
1156 prefixmap = ctx->pfm_remote;
1158 prefixmap = ctx->schema->prefixmap;
1160 SMB_ASSERT(prefixmap);
1163 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1164 W_ERROR_HAVE_NO_MEMORY(out->name);
1166 out->num_values = in->value_ctr.num_values;
1167 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1168 W_ERROR_HAVE_NO_MEMORY(out->values);
1170 for (i=0; i < out->num_values; i++) {
1175 if (in->value_ctr.values[i].blob == NULL) {
1179 if (in->value_ctr.values[i].blob->length != 4) {
1183 attid = IVAL(in->value_ctr.values[i].blob->data, 0);
1185 status = dsdb_schema_pfm_oid_from_attid(prefixmap, attid,
1187 if (!W_ERROR_IS_OK(status)) {
1188 DEBUG(0,(__location__ ": Error: Unknown ATTID 0x%08X\n",
1193 out->values[i] = data_blob_string_const(oid);
1199 static WERROR _dsdb_syntax_auto_OID_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1200 const struct dsdb_attribute *attr,
1201 const struct ldb_message_element *in,
1202 TALLOC_CTX *mem_ctx,
1203 struct drsuapi_DsReplicaAttribute *out)
1208 out->attid= dsdb_attribute_get_attid(attr,
1210 out->value_ctr.num_values= in->num_values;
1211 out->value_ctr.values= talloc_array(mem_ctx,
1212 struct drsuapi_DsAttributeValue,
1214 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1216 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1217 W_ERROR_HAVE_NO_MEMORY(blobs);
1219 for (i=0; i < in->num_values; i++) {
1220 const struct dsdb_class *obj_class;
1221 const struct dsdb_attribute *obj_attr;
1224 out->value_ctr.values[i].blob= &blobs[i];
1226 blobs[i] = data_blob_talloc(blobs, NULL, 4);
1227 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
1229 /* in DRS windows puts the classes in the opposite
1230 order to the order used in ldap */
1231 v = &in->values[(in->num_values-1)-i];
1233 if ((obj_class = dsdb_class_by_lDAPDisplayName_ldb_val(ctx->schema, v))) {
1234 SIVAL(blobs[i].data, 0, obj_class->governsID_id);
1235 } else if ((obj_attr = dsdb_attribute_by_lDAPDisplayName_ldb_val(ctx->schema, v))) {
1236 SIVAL(blobs[i].data, 0, obj_attr->attributeID_id);
1240 werr = dsdb_schema_pfm_attid_from_oid(ctx->schema->prefixmap,
1241 (const char *)v->data,
1243 W_ERROR_NOT_OK_RETURN(werr);
1244 SIVAL(blobs[i].data, 0, attid);
1253 static WERROR _dsdb_syntax_OID_obj_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1254 const struct dsdb_attribute *attr,
1255 const struct ldb_message_element *in,
1256 TALLOC_CTX *mem_ctx,
1257 struct drsuapi_DsReplicaAttribute *out)
1262 out->attid= dsdb_attribute_get_attid(attr,
1264 out->value_ctr.num_values= in->num_values;
1265 out->value_ctr.values= talloc_array(mem_ctx,
1266 struct drsuapi_DsAttributeValue,
1268 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1270 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1271 W_ERROR_HAVE_NO_MEMORY(blobs);
1273 for (i=0; i < in->num_values; i++) {
1274 const struct dsdb_class *obj_class;
1276 out->value_ctr.values[i].blob= &blobs[i];
1278 blobs[i] = data_blob_talloc(blobs, NULL, 4);
1279 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
1281 /* in DRS windows puts the classes in the opposite
1282 order to the order used in ldap */
1283 obj_class = dsdb_class_by_lDAPDisplayName(ctx->schema,
1284 (const char *)in->values[(in->num_values-1)-i].data);
1288 SIVAL(blobs[i].data, 0, obj_class->governsID_id);
1295 static WERROR _dsdb_syntax_OID_attr_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1296 const struct dsdb_attribute *attr,
1297 const struct ldb_message_element *in,
1298 TALLOC_CTX *mem_ctx,
1299 struct drsuapi_DsReplicaAttribute *out)
1304 out->attid= dsdb_attribute_get_attid(attr,
1306 out->value_ctr.num_values= in->num_values;
1307 out->value_ctr.values= talloc_array(mem_ctx,
1308 struct drsuapi_DsAttributeValue,
1310 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1312 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1313 W_ERROR_HAVE_NO_MEMORY(blobs);
1315 for (i=0; i < in->num_values; i++) {
1316 const struct dsdb_attribute *obj_attr;
1318 out->value_ctr.values[i].blob= &blobs[i];
1320 blobs[i] = data_blob_talloc(blobs, NULL, 4);
1321 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
1323 obj_attr = dsdb_attribute_by_lDAPDisplayName(ctx->schema, (const char *)in->values[i].data);
1325 DEBUG(0, ("Unable to find attribute %s in the schema\n", (const char *)in->values[i].data));
1328 SIVAL(blobs[i].data, 0, obj_attr->attributeID_id);
1335 static WERROR _dsdb_syntax_OID_oid_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1336 const struct dsdb_attribute *attr,
1337 const struct ldb_message_element *in,
1338 TALLOC_CTX *mem_ctx,
1339 struct drsuapi_DsReplicaAttribute *out)
1344 out->attid= dsdb_attribute_get_attid(attr,
1346 out->value_ctr.num_values= in->num_values;
1347 out->value_ctr.values= talloc_array(mem_ctx,
1348 struct drsuapi_DsAttributeValue,
1350 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1352 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1353 W_ERROR_HAVE_NO_MEMORY(blobs);
1355 for (i=0; i < in->num_values; i++) {
1359 out->value_ctr.values[i].blob= &blobs[i];
1361 blobs[i] = data_blob_talloc(blobs, NULL, 4);
1362 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
1364 status = dsdb_schema_pfm_attid_from_oid(ctx->schema->prefixmap,
1365 (const char *)in->values[i].data,
1367 W_ERROR_NOT_OK_RETURN(status);
1369 SIVAL(blobs[i].data, 0, attid);
1375 static WERROR dsdb_syntax_OID_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1376 const struct dsdb_attribute *attr,
1377 const struct drsuapi_DsReplicaAttribute *in,
1378 TALLOC_CTX *mem_ctx,
1379 struct ldb_message_element *out)
1383 switch (attr->attributeID_id) {
1384 case DRSUAPI_ATTID_objectClass:
1385 case DRSUAPI_ATTID_subClassOf:
1386 case DRSUAPI_ATTID_auxiliaryClass:
1387 case DRSUAPI_ATTID_systemAuxiliaryClass:
1388 case DRSUAPI_ATTID_systemPossSuperiors:
1389 case DRSUAPI_ATTID_possSuperiors:
1390 werr = _dsdb_syntax_OID_obj_drsuapi_to_ldb(ctx, attr, in, mem_ctx, out);
1392 case DRSUAPI_ATTID_systemMustContain:
1393 case DRSUAPI_ATTID_systemMayContain:
1394 case DRSUAPI_ATTID_mustContain:
1395 case DRSUAPI_ATTID_rDNAttId:
1396 case DRSUAPI_ATTID_transportAddressAttribute:
1397 case DRSUAPI_ATTID_mayContain:
1398 werr = _dsdb_syntax_OID_attr_drsuapi_to_ldb(ctx, attr, in, mem_ctx, out);
1400 case DRSUAPI_ATTID_governsID:
1401 case DRSUAPI_ATTID_attributeID:
1402 case DRSUAPI_ATTID_attributeSyntax:
1403 werr = _dsdb_syntax_OID_oid_drsuapi_to_ldb(ctx, attr, in, mem_ctx, out);
1406 DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
1407 attr->lDAPDisplayName));
1408 return _dsdb_syntax_auto_OID_drsuapi_to_ldb(ctx, attr, in, mem_ctx, out);
1411 /* When we are doing the vampire of a schema, we don't want
1412 * the inability to reference an OID to get in the way.
1413 * Otherwise, we won't get the new schema with which to
1414 * understand this */
1415 if (!W_ERROR_IS_OK(werr) && ctx->schema->relax_OID_conversions) {
1416 return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ctx, attr, in, mem_ctx, out);
1421 static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1422 const struct dsdb_attribute *attr,
1423 const struct ldb_message_element *in,
1424 TALLOC_CTX *mem_ctx,
1425 struct drsuapi_DsReplicaAttribute *out)
1427 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1428 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1431 switch (attr->attributeID_id) {
1432 case DRSUAPI_ATTID_objectClass:
1433 case DRSUAPI_ATTID_subClassOf:
1434 case DRSUAPI_ATTID_auxiliaryClass:
1435 case DRSUAPI_ATTID_systemAuxiliaryClass:
1436 case DRSUAPI_ATTID_systemPossSuperiors:
1437 case DRSUAPI_ATTID_possSuperiors:
1438 return _dsdb_syntax_OID_obj_ldb_to_drsuapi(ctx, attr, in, mem_ctx, out);
1439 case DRSUAPI_ATTID_systemMustContain:
1440 case DRSUAPI_ATTID_systemMayContain:
1441 case DRSUAPI_ATTID_mustContain:
1442 case DRSUAPI_ATTID_rDNAttId:
1443 case DRSUAPI_ATTID_transportAddressAttribute:
1444 case DRSUAPI_ATTID_mayContain:
1445 return _dsdb_syntax_OID_attr_ldb_to_drsuapi(ctx, attr, in, mem_ctx, out);
1446 case DRSUAPI_ATTID_governsID:
1447 case DRSUAPI_ATTID_attributeID:
1448 case DRSUAPI_ATTID_attributeSyntax:
1449 return _dsdb_syntax_OID_oid_ldb_to_drsuapi(ctx, attr, in, mem_ctx, out);
1452 DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
1453 attr->lDAPDisplayName));
1455 return _dsdb_syntax_auto_OID_ldb_to_drsuapi(ctx, attr, in, mem_ctx, out);
1458 static WERROR _dsdb_syntax_OID_validate_numericoid(const struct dsdb_syntax_ctx *ctx,
1459 const struct dsdb_attribute *attr,
1460 const struct ldb_message_element *in)
1463 TALLOC_CTX *tmp_ctx;
1465 tmp_ctx = talloc_new(ctx->ldb);
1466 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1468 for (i=0; i < in->num_values; i++) {
1471 const char *oid = (const char*)in->values[i].data;
1473 if (in->values[i].length == 0) {
1474 talloc_free(tmp_ctx);
1475 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1478 if (!ber_write_OID_String(tmp_ctx, &blob, oid)) {
1479 DEBUG(0,("ber_write_OID_String() failed for %s\n", oid));
1480 talloc_free(tmp_ctx);
1481 return WERR_INVALID_PARAMETER;
1484 if (!ber_read_OID_String(tmp_ctx, blob, &oid_out)) {
1485 DEBUG(0,("ber_read_OID_String() failed for %s\n",
1486 hex_encode_talloc(tmp_ctx, blob.data, blob.length)));
1487 talloc_free(tmp_ctx);
1488 return WERR_INVALID_PARAMETER;
1491 if (strcmp(oid, oid_out) != 0) {
1492 talloc_free(tmp_ctx);
1493 return WERR_INVALID_PARAMETER;
1497 talloc_free(tmp_ctx);
1501 static WERROR dsdb_syntax_OID_validate_ldb(const struct dsdb_syntax_ctx *ctx,
1502 const struct dsdb_attribute *attr,
1503 const struct ldb_message_element *in)
1506 struct drsuapi_DsReplicaAttribute drs_tmp;
1507 struct ldb_message_element ldb_tmp;
1508 TALLOC_CTX *tmp_ctx;
1510 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1511 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1514 switch (attr->attributeID_id) {
1515 case DRSUAPI_ATTID_governsID:
1516 case DRSUAPI_ATTID_attributeID:
1517 case DRSUAPI_ATTID_attributeSyntax:
1518 return _dsdb_syntax_OID_validate_numericoid(ctx, attr, in);
1522 * TODO: optimize and verify this code
1525 tmp_ctx = talloc_new(ctx->ldb);
1526 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1528 status = dsdb_syntax_OID_ldb_to_drsuapi(ctx,
1533 if (!W_ERROR_IS_OK(status)) {
1534 talloc_free(tmp_ctx);
1538 status = dsdb_syntax_OID_drsuapi_to_ldb(ctx,
1543 if (!W_ERROR_IS_OK(status)) {
1544 talloc_free(tmp_ctx);
1548 talloc_free(tmp_ctx);
1552 static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1553 const struct dsdb_attribute *attr,
1554 const struct drsuapi_DsReplicaAttribute *in,
1555 TALLOC_CTX *mem_ctx,
1556 struct ldb_message_element *out)
1561 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1562 W_ERROR_HAVE_NO_MEMORY(out->name);
1564 out->num_values = in->value_ctr.num_values;
1565 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1566 W_ERROR_HAVE_NO_MEMORY(out->values);
1568 for (i=0; i < out->num_values; i++) {
1569 size_t converted_size = 0;
1572 if (in->value_ctr.values[i].blob == NULL) {
1576 if (in->value_ctr.values[i].blob->length == 0) {
1580 if (!convert_string_talloc(out->values,
1582 in->value_ctr.values[i].blob->data,
1583 in->value_ctr.values[i].blob->length,
1584 (void **)&str, &converted_size)) {
1588 out->values[i] = data_blob_const(str, converted_size);
1594 static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1595 const struct dsdb_attribute *attr,
1596 const struct ldb_message_element *in,
1597 TALLOC_CTX *mem_ctx,
1598 struct drsuapi_DsReplicaAttribute *out)
1603 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1604 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1607 out->attid = dsdb_attribute_get_attid(attr,
1609 out->value_ctr.num_values = in->num_values;
1610 out->value_ctr.values = talloc_array(mem_ctx,
1611 struct drsuapi_DsAttributeValue,
1613 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1615 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1616 W_ERROR_HAVE_NO_MEMORY(blobs);
1618 for (i=0; i < in->num_values; i++) {
1619 out->value_ctr.values[i].blob = &blobs[i];
1621 if (!convert_string_talloc(blobs,
1623 in->values[i].data, in->values[i].length,
1624 (void **)&blobs[i].data, &blobs[i].length)) {
1632 static WERROR dsdb_syntax_UNICODE_validate_one_val(const struct dsdb_syntax_ctx *ctx,
1633 const struct dsdb_attribute *attr,
1634 const struct ldb_val *val)
1640 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1641 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1644 ok = convert_string_talloc(ctx->ldb,
1652 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1655 if (attr->rangeLower) {
1656 if ((size/2) < *attr->rangeLower) {
1657 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1661 if (attr->rangeUpper) {
1662 if ((size/2) > *attr->rangeUpper) {
1663 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1670 static WERROR dsdb_syntax_UNICODE_validate_ldb(const struct dsdb_syntax_ctx *ctx,
1671 const struct dsdb_attribute *attr,
1672 const struct ldb_message_element *in)
1677 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1678 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1681 for (i=0; i < in->num_values; i++) {
1682 if (in->values[i].length == 0) {
1683 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1686 status = dsdb_syntax_UNICODE_validate_one_val(ctx,
1689 if (!W_ERROR_IS_OK(status)) {
1697 static WERROR dsdb_syntax_one_DN_drsuapi_to_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
1698 const struct dsdb_syntax *syntax,
1699 const DATA_BLOB *in, DATA_BLOB *out)
1701 struct drsuapi_DsReplicaObjectIdentifier3 id3;
1702 enum ndr_err_code ndr_err;
1703 DATA_BLOB guid_blob;
1705 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1710 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1714 talloc_free(tmp_ctx);
1718 if (in->length == 0) {
1719 talloc_free(tmp_ctx);
1724 /* windows sometimes sends an extra two pad bytes here */
1725 ndr_err = ndr_pull_struct_blob(in,
1727 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3);
1728 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1729 status = ndr_map_error2ntstatus(ndr_err);
1730 talloc_free(tmp_ctx);
1731 return ntstatus_to_werror(status);
1734 dn = ldb_dn_new(tmp_ctx, ldb, id3.dn);
1736 talloc_free(tmp_ctx);
1737 /* If this fails, it must be out of memory, as it does not do much parsing */
1738 W_ERROR_HAVE_NO_MEMORY(dn);
1741 if (!GUID_all_zero(&id3.guid)) {
1742 status = GUID_to_ndr_blob(&id3.guid, tmp_ctx, &guid_blob);
1743 if (!NT_STATUS_IS_OK(status)) {
1744 talloc_free(tmp_ctx);
1745 return ntstatus_to_werror(status);
1748 ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob);
1749 if (ret != LDB_SUCCESS) {
1750 talloc_free(tmp_ctx);
1753 talloc_free(guid_blob.data);
1756 if (id3.__ndr_size_sid) {
1758 ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, &id3.sid,
1759 (ndr_push_flags_fn_t)ndr_push_dom_sid);
1760 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1761 status = ndr_map_error2ntstatus(ndr_err);
1762 talloc_free(tmp_ctx);
1763 return ntstatus_to_werror(status);
1766 ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob);
1767 if (ret != LDB_SUCCESS) {
1768 talloc_free(tmp_ctx);
1773 *out = data_blob_string_const(ldb_dn_get_extended_linearized(mem_ctx, dn, 1));
1774 talloc_free(tmp_ctx);
1778 static WERROR dsdb_syntax_DN_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
1779 const struct dsdb_attribute *attr,
1780 const struct drsuapi_DsReplicaAttribute *in,
1781 TALLOC_CTX *mem_ctx,
1782 struct ldb_message_element *out)
1787 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
1788 W_ERROR_HAVE_NO_MEMORY(out->name);
1790 out->num_values = in->value_ctr.num_values;
1791 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
1792 W_ERROR_HAVE_NO_MEMORY(out->values);
1794 for (i=0; i < out->num_values; i++) {
1795 WERROR status = dsdb_syntax_one_DN_drsuapi_to_ldb(out->values, ctx->ldb, attr->syntax,
1796 in->value_ctr.values[i].blob,
1798 if (!W_ERROR_IS_OK(status)) {
1807 static WERROR dsdb_syntax_DN_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
1808 const struct dsdb_attribute *attr,
1809 const struct ldb_message_element *in,
1810 TALLOC_CTX *mem_ctx,
1811 struct drsuapi_DsReplicaAttribute *out)
1816 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1817 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1820 out->attid = dsdb_attribute_get_attid(attr,
1822 out->value_ctr.num_values = in->num_values;
1823 out->value_ctr.values = talloc_array(mem_ctx,
1824 struct drsuapi_DsAttributeValue,
1826 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
1828 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
1829 W_ERROR_HAVE_NO_MEMORY(blobs);
1831 for (i=0; i < in->num_values; i++) {
1832 struct drsuapi_DsReplicaObjectIdentifier3 id3;
1833 enum ndr_err_code ndr_err;
1835 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1838 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1840 out->value_ctr.values[i].blob = &blobs[i];
1842 dn = ldb_dn_from_ldb_val(tmp_ctx, ctx->ldb, &in->values[i]);
1844 W_ERROR_HAVE_NO_MEMORY(dn);
1848 status = dsdb_get_extended_dn_guid(dn, &id3.guid, "GUID");
1849 if (!NT_STATUS_IS_OK(status) &&
1850 !NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1851 talloc_free(tmp_ctx);
1852 return ntstatus_to_werror(status);
1855 status = dsdb_get_extended_dn_sid(dn, &id3.sid, "SID");
1856 if (!NT_STATUS_IS_OK(status) &&
1857 !NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1858 talloc_free(tmp_ctx);
1859 return ntstatus_to_werror(status);
1862 id3.dn = ldb_dn_get_linearized(dn);
1864 ndr_err = ndr_push_struct_blob(&blobs[i], blobs, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3);
1865 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1866 status = ndr_map_error2ntstatus(ndr_err);
1867 talloc_free(tmp_ctx);
1868 return ntstatus_to_werror(status);
1870 talloc_free(tmp_ctx);
1876 static WERROR dsdb_syntax_DN_validate_one_val(const struct dsdb_syntax_ctx *ctx,
1877 const struct dsdb_attribute *attr,
1878 const struct ldb_val *val,
1879 TALLOC_CTX *mem_ctx,
1880 struct dsdb_dn **_dsdb_dn)
1882 static const char * const extended_list[] = { "GUID", "SID", NULL };
1883 enum ndr_err_code ndr_err;
1886 const DATA_BLOB *sid_blob;
1887 struct dsdb_dn *dsdb_dn;
1893 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
1896 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1898 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1899 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1902 dsdb_dn = dsdb_dn_parse(tmp_ctx, ctx->ldb, val,
1903 attr->syntax->ldap_oid);
1905 talloc_free(tmp_ctx);
1906 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1910 dn2 = ldb_dn_copy(tmp_ctx, dn);
1912 talloc_free(tmp_ctx);
1913 return WERR_NOT_ENOUGH_MEMORY;
1916 num_components = ldb_dn_get_comp_num(dn);
1918 status = dsdb_get_extended_dn_guid(dn, &guid, "GUID");
1919 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1921 } else if (!NT_STATUS_IS_OK(status)) {
1922 talloc_free(tmp_ctx);
1923 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1926 sid_blob = ldb_dn_get_extended_component(dn, "SID");
1929 ndr_err = ndr_pull_struct_blob_all(sid_blob,
1932 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
1933 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1934 talloc_free(tmp_ctx);
1935 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1939 /* Do not allow links to the RootDSE */
1940 if (num_components == 0) {
1941 talloc_free(tmp_ctx);
1942 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1946 * We need to check that only "GUID" and "SID" are
1947 * specified as extended components, we do that
1948 * by comparing the dn's after removing all components
1949 * from one dn and only the allowed subset from the other
1952 ldb_dn_extended_filter(dn, extended_list);
1954 dn_str = ldb_dn_get_extended_linearized(tmp_ctx, dn, 0);
1955 if (dn_str == NULL) {
1956 talloc_free(tmp_ctx);
1957 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1959 dn2_str = ldb_dn_get_extended_linearized(tmp_ctx, dn2, 0);
1960 if (dn2_str == NULL) {
1961 talloc_free(tmp_ctx);
1962 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1965 if (strcmp(dn_str, dn2_str) != 0) {
1966 talloc_free(tmp_ctx);
1967 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
1970 *_dsdb_dn = talloc_move(mem_ctx, &dsdb_dn);
1971 talloc_free(tmp_ctx);
1975 static WERROR dsdb_syntax_DN_validate_ldb(const struct dsdb_syntax_ctx *ctx,
1976 const struct dsdb_attribute *attr,
1977 const struct ldb_message_element *in)
1981 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
1982 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
1985 for (i=0; i < in->num_values; i++) {
1987 struct dsdb_dn *dsdb_dn;
1988 TALLOC_CTX *tmp_ctx = talloc_new(ctx->ldb);
1989 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
1991 status = dsdb_syntax_DN_validate_one_val(ctx,
1995 if (!W_ERROR_IS_OK(status)) {
1996 talloc_free(tmp_ctx);
2000 if (dsdb_dn->dn_format != DSDB_NORMAL_DN) {
2001 talloc_free(tmp_ctx);
2002 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
2005 talloc_free(tmp_ctx);
2011 static WERROR dsdb_syntax_DN_BINARY_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
2012 const struct dsdb_attribute *attr,
2013 const struct drsuapi_DsReplicaAttribute *in,
2014 TALLOC_CTX *mem_ctx,
2015 struct ldb_message_element *out)
2021 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
2022 W_ERROR_HAVE_NO_MEMORY(out->name);
2024 out->num_values = in->value_ctr.num_values;
2025 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
2026 W_ERROR_HAVE_NO_MEMORY(out->values);
2028 for (i=0; i < out->num_values; i++) {
2029 struct drsuapi_DsReplicaObjectIdentifier3Binary id3;
2030 enum ndr_err_code ndr_err;
2031 DATA_BLOB guid_blob;
2033 struct dsdb_dn *dsdb_dn;
2035 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
2037 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
2040 if (in->value_ctr.values[i].blob == NULL) {
2041 talloc_free(tmp_ctx);
2045 if (in->value_ctr.values[i].blob->length == 0) {
2046 talloc_free(tmp_ctx);
2051 /* windows sometimes sends an extra two pad bytes here */
2052 ndr_err = ndr_pull_struct_blob(in->value_ctr.values[i].blob,
2054 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_DsReplicaObjectIdentifier3Binary);
2055 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
2056 status = ndr_map_error2ntstatus(ndr_err);
2057 talloc_free(tmp_ctx);
2058 return ntstatus_to_werror(status);
2061 dn = ldb_dn_new(tmp_ctx, ctx->ldb, id3.dn);
2063 talloc_free(tmp_ctx);
2064 /* If this fails, it must be out of memory, as it does not do much parsing */
2065 W_ERROR_HAVE_NO_MEMORY(dn);
2068 if (!GUID_all_zero(&id3.guid)) {
2069 status = GUID_to_ndr_blob(&id3.guid, tmp_ctx, &guid_blob);
2070 if (!NT_STATUS_IS_OK(status)) {
2071 talloc_free(tmp_ctx);
2072 return ntstatus_to_werror(status);
2075 ret = ldb_dn_set_extended_component(dn, "GUID", &guid_blob);
2076 if (ret != LDB_SUCCESS) {
2077 talloc_free(tmp_ctx);
2080 talloc_free(guid_blob.data);
2083 if (id3.__ndr_size_sid) {
2085 ndr_err = ndr_push_struct_blob(&sid_blob, tmp_ctx, &id3.sid,
2086 (ndr_push_flags_fn_t)ndr_push_dom_sid);
2087 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
2088 status = ndr_map_error2ntstatus(ndr_err);
2089 talloc_free(tmp_ctx);
2090 return ntstatus_to_werror(status);
2093 ret = ldb_dn_set_extended_component(dn, "SID", &sid_blob);
2094 if (ret != LDB_SUCCESS) {
2095 talloc_free(tmp_ctx);
2100 /* set binary stuff */
2101 dsdb_dn = dsdb_dn_construct(tmp_ctx, dn, id3.binary, attr->syntax->ldap_oid);
2103 /* If this fails, it must be out of memory, we know the ldap_oid is valid */
2104 talloc_free(tmp_ctx);
2105 W_ERROR_HAVE_NO_MEMORY(dsdb_dn);
2107 out->values[i] = data_blob_string_const(dsdb_dn_get_extended_linearized(out->values, dsdb_dn, 1));
2108 talloc_free(tmp_ctx);
2114 static WERROR dsdb_syntax_DN_BINARY_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
2115 const struct dsdb_attribute *attr,
2116 const struct ldb_message_element *in,
2117 TALLOC_CTX *mem_ctx,
2118 struct drsuapi_DsReplicaAttribute *out)
2123 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
2124 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2127 out->attid = dsdb_attribute_get_attid(attr,
2129 out->value_ctr.num_values = in->num_values;
2130 out->value_ctr.values = talloc_array(mem_ctx,
2131 struct drsuapi_DsAttributeValue,
2133 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
2135 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
2136 W_ERROR_HAVE_NO_MEMORY(blobs);
2138 for (i=0; i < in->num_values; i++) {
2139 struct drsuapi_DsReplicaObjectIdentifier3Binary id3;
2140 enum ndr_err_code ndr_err;
2141 const DATA_BLOB *sid_blob;
2142 struct dsdb_dn *dsdb_dn;
2143 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
2146 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
2148 out->value_ctr.values[i].blob = &blobs[i];
2150 dsdb_dn = dsdb_dn_parse(tmp_ctx, ctx->ldb, &in->values[i], attr->syntax->ldap_oid);
2153 talloc_free(tmp_ctx);
2154 return ntstatus_to_werror(NT_STATUS_INVALID_PARAMETER);
2159 status = dsdb_get_extended_dn_guid(dsdb_dn->dn, &id3.guid, "GUID");
2160 if (!NT_STATUS_IS_OK(status) &&
2161 !NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2162 talloc_free(tmp_ctx);
2163 return ntstatus_to_werror(status);
2166 sid_blob = ldb_dn_get_extended_component(dsdb_dn->dn, "SID");
2169 ndr_err = ndr_pull_struct_blob_all(sid_blob,
2171 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
2172 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
2173 status = ndr_map_error2ntstatus(ndr_err);
2174 talloc_free(tmp_ctx);
2175 return ntstatus_to_werror(status);
2179 id3.dn = ldb_dn_get_linearized(dsdb_dn->dn);
2181 /* get binary stuff */
2182 id3.binary = dsdb_dn->extra_part;
2184 ndr_err = ndr_push_struct_blob(&blobs[i], blobs, &id3, (ndr_push_flags_fn_t)ndr_push_drsuapi_DsReplicaObjectIdentifier3Binary);
2185 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
2186 status = ndr_map_error2ntstatus(ndr_err);
2187 talloc_free(tmp_ctx);
2188 return ntstatus_to_werror(status);
2190 talloc_free(tmp_ctx);
2196 static WERROR dsdb_syntax_DN_BINARY_validate_ldb(const struct dsdb_syntax_ctx *ctx,
2197 const struct dsdb_attribute *attr,
2198 const struct ldb_message_element *in)
2202 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
2203 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2206 for (i=0; i < in->num_values; i++) {
2208 struct dsdb_dn *dsdb_dn;
2209 TALLOC_CTX *tmp_ctx = talloc_new(ctx->ldb);
2210 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
2212 status = dsdb_syntax_DN_validate_one_val(ctx,
2216 if (!W_ERROR_IS_OK(status)) {
2217 talloc_free(tmp_ctx);
2221 if (dsdb_dn->dn_format != DSDB_BINARY_DN) {
2222 talloc_free(tmp_ctx);
2223 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
2226 status = dsdb_syntax_DATA_BLOB_validate_one_val(ctx,
2228 &dsdb_dn->extra_part);
2229 if (!W_ERROR_IS_OK(status)) {
2230 talloc_free(tmp_ctx);
2234 talloc_free(tmp_ctx);
2240 static WERROR dsdb_syntax_DN_STRING_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
2241 const struct dsdb_attribute *attr,
2242 const struct drsuapi_DsReplicaAttribute *in,
2243 TALLOC_CTX *mem_ctx,
2244 struct ldb_message_element *out)
2246 return dsdb_syntax_DN_BINARY_drsuapi_to_ldb(ctx,
2253 static WERROR dsdb_syntax_DN_STRING_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
2254 const struct dsdb_attribute *attr,
2255 const struct ldb_message_element *in,
2256 TALLOC_CTX *mem_ctx,
2257 struct drsuapi_DsReplicaAttribute *out)
2259 return dsdb_syntax_DN_BINARY_ldb_to_drsuapi(ctx,
2266 static WERROR dsdb_syntax_DN_STRING_validate_ldb(const struct dsdb_syntax_ctx *ctx,
2267 const struct dsdb_attribute *attr,
2268 const struct ldb_message_element *in)
2272 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
2273 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2276 for (i=0; i < in->num_values; i++) {
2278 struct dsdb_dn *dsdb_dn;
2279 TALLOC_CTX *tmp_ctx = talloc_new(ctx->ldb);
2280 W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
2282 status = dsdb_syntax_DN_validate_one_val(ctx,
2286 if (!W_ERROR_IS_OK(status)) {
2287 talloc_free(tmp_ctx);
2291 if (dsdb_dn->dn_format != DSDB_STRING_DN) {
2292 talloc_free(tmp_ctx);
2293 return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
2296 status = dsdb_syntax_UNICODE_validate_one_val(ctx,
2298 &dsdb_dn->extra_part);
2299 if (!W_ERROR_IS_OK(status)) {
2300 talloc_free(tmp_ctx);
2304 talloc_free(tmp_ctx);
2310 static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(const struct dsdb_syntax_ctx *ctx,
2311 const struct dsdb_attribute *attr,
2312 const struct drsuapi_DsReplicaAttribute *in,
2313 TALLOC_CTX *mem_ctx,
2314 struct ldb_message_element *out)
2319 out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName);
2320 W_ERROR_HAVE_NO_MEMORY(out->name);
2322 out->num_values = in->value_ctr.num_values;
2323 out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values);
2324 W_ERROR_HAVE_NO_MEMORY(out->values);
2326 for (i=0; i < out->num_values; i++) {
2328 size_t converted_size = 0;
2331 if (in->value_ctr.values[i].blob == NULL) {
2335 if (in->value_ctr.values[i].blob->length < 4) {
2339 len = IVAL(in->value_ctr.values[i].blob->data, 0);
2341 if (len != in->value_ctr.values[i].blob->length) {
2345 if (!convert_string_talloc(out->values, CH_UTF16, CH_UNIX,
2346 in->value_ctr.values[i].blob->data+4,
2347 in->value_ctr.values[i].blob->length-4,
2348 (void **)&str, &converted_size)) {
2352 out->values[i] = data_blob_string_const(str);
2358 static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx,
2359 const struct dsdb_attribute *attr,
2360 const struct ldb_message_element *in,
2361 TALLOC_CTX *mem_ctx,
2362 struct drsuapi_DsReplicaAttribute *out)
2367 if (attr->attributeID_id == DRSUAPI_ATTID_INVALID) {
2368 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2371 out->attid = dsdb_attribute_get_attid(attr,
2373 out->value_ctr.num_values = in->num_values;
2374 out->value_ctr.values = talloc_array(mem_ctx,
2375 struct drsuapi_DsAttributeValue,
2377 W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
2379 blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
2380 W_ERROR_HAVE_NO_MEMORY(blobs);
2382 for (i=0; i < in->num_values; i++) {
2386 out->value_ctr.values[i].blob = &blobs[i];
2388 if (!convert_string_talloc(blobs, CH_UNIX, CH_UTF16,
2390 in->values[i].length,
2391 (void **)&data, &ret)) {
2395 blobs[i] = data_blob_talloc(blobs, NULL, 4 + ret);
2396 W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
2398 SIVAL(blobs[i].data, 0, 4 + ret);
2401 memcpy(blobs[i].data + 4, data, ret);
2409 static WERROR dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb(const struct dsdb_syntax_ctx *ctx,
2410 const struct dsdb_attribute *attr,
2411 const struct ldb_message_element *in)
2413 return dsdb_syntax_UNICODE_validate_ldb(ctx,
2418 #define OMOBJECTCLASS(val) { .length = sizeof(val) - 1, .data = discard_const_p(uint8_t, val) }
2420 static const struct dsdb_syntax dsdb_syntaxes[] = {
2423 .ldap_oid = LDB_SYNTAX_BOOLEAN,
2425 .attributeSyntax_oid = "2.5.5.8",
2426 .drsuapi_to_ldb = dsdb_syntax_BOOL_drsuapi_to_ldb,
2427 .ldb_to_drsuapi = dsdb_syntax_BOOL_ldb_to_drsuapi,
2428 .validate_ldb = dsdb_syntax_BOOL_validate_ldb,
2429 .equality = "booleanMatch",
2430 .comment = "Boolean",
2431 .auto_normalise = true
2434 .ldap_oid = LDB_SYNTAX_INTEGER,
2436 .attributeSyntax_oid = "2.5.5.9",
2437 .drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
2438 .ldb_to_drsuapi = dsdb_syntax_INT32_ldb_to_drsuapi,
2439 .validate_ldb = dsdb_syntax_INT32_validate_ldb,
2440 .equality = "integerMatch",
2441 .comment = "Integer",
2442 .ldb_syntax = LDB_SYNTAX_SAMBA_INT32,
2443 .auto_normalise = true
2445 .name = "String(Octet)",
2446 .ldap_oid = LDB_SYNTAX_OCTET_STRING,
2448 .attributeSyntax_oid = "2.5.5.10",
2449 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2450 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2451 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2452 .equality = "octetStringMatch",
2453 .comment = "Octet String",
2454 .userParameters = true,
2455 .ldb_syntax = LDB_SYNTAX_SAMBA_OCTET_STRING
2457 .name = "String(Sid)",
2458 .ldap_oid = LDB_SYNTAX_OCTET_STRING,
2460 .attributeSyntax_oid = "2.5.5.17",
2461 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2462 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2463 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2464 .equality = "octetStringMatch",
2465 .comment = "Octet String - Security Identifier (SID)",
2466 .ldb_syntax = LDB_SYNTAX_SAMBA_SID
2468 .name = "String(Object-Identifier)",
2469 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.38",
2471 .attributeSyntax_oid = "2.5.5.2",
2472 .drsuapi_to_ldb = dsdb_syntax_OID_drsuapi_to_ldb,
2473 .ldb_to_drsuapi = dsdb_syntax_OID_ldb_to_drsuapi,
2474 .validate_ldb = dsdb_syntax_OID_validate_ldb,
2475 .equality = "caseIgnoreMatch", /* Would use "objectIdentifierMatch" but most are ldap attribute/class names */
2476 .comment = "OID String",
2477 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING
2479 .name = "Enumeration",
2480 .ldap_oid = LDB_SYNTAX_INTEGER,
2482 .attributeSyntax_oid = "2.5.5.9",
2483 .drsuapi_to_ldb = dsdb_syntax_INT32_drsuapi_to_ldb,
2484 .ldb_to_drsuapi = dsdb_syntax_INT32_ldb_to_drsuapi,
2485 .validate_ldb = dsdb_syntax_INT32_validate_ldb,
2486 .ldb_syntax = LDB_SYNTAX_SAMBA_INT32,
2487 .auto_normalise = true
2489 /* not used in w2k3 forest */
2490 .name = "String(Numeric)",
2491 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.36",
2493 .attributeSyntax_oid = "2.5.5.6",
2494 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2495 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2496 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2497 .equality = "numericStringMatch",
2498 .substring = "numericStringSubstringsMatch",
2499 .comment = "Numeric String",
2500 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
2502 .name = "String(Printable)",
2503 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.44",
2505 .attributeSyntax_oid = "2.5.5.5",
2506 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2507 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2508 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2509 .ldb_syntax = LDB_SYNTAX_SAMBA_OCTET_STRING,
2511 .name = "String(Teletex)",
2512 .ldap_oid = "1.2.840.113556.1.4.905",
2514 .attributeSyntax_oid = "2.5.5.4",
2515 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2516 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2517 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2518 .equality = "caseIgnoreMatch",
2519 .substring = "caseIgnoreSubstringsMatch",
2520 .comment = "Case Insensitive String",
2521 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
2523 .name = "String(IA5)",
2524 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.26",
2526 .attributeSyntax_oid = "2.5.5.5",
2527 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2528 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2529 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2530 .equality = "caseExactIA5Match",
2531 .comment = "Printable String",
2532 .ldb_syntax = LDB_SYNTAX_SAMBA_OCTET_STRING,
2534 .name = "String(UTC-Time)",
2535 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.53",
2537 .attributeSyntax_oid = "2.5.5.11",
2538 .drsuapi_to_ldb = dsdb_syntax_NTTIME_UTC_drsuapi_to_ldb,
2539 .ldb_to_drsuapi = dsdb_syntax_NTTIME_UTC_ldb_to_drsuapi,
2540 .validate_ldb = dsdb_syntax_NTTIME_UTC_validate_ldb,
2541 .equality = "generalizedTimeMatch",
2542 .comment = "UTC Time",
2543 .auto_normalise = true
2545 .name = "String(Generalized-Time)",
2546 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.24",
2548 .attributeSyntax_oid = "2.5.5.11",
2549 .drsuapi_to_ldb = dsdb_syntax_NTTIME_drsuapi_to_ldb,
2550 .ldb_to_drsuapi = dsdb_syntax_NTTIME_ldb_to_drsuapi,
2551 .validate_ldb = dsdb_syntax_NTTIME_validate_ldb,
2552 .equality = "generalizedTimeMatch",
2553 .comment = "Generalized Time",
2554 .auto_normalise = true
2556 /* not used in w2k3 schema */
2557 .name = "String(Case Sensitive)",
2558 .ldap_oid = "1.2.840.113556.1.4.1362",
2560 .attributeSyntax_oid = "2.5.5.3",
2561 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2562 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2563 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2564 .equality = "caseExactMatch",
2565 .substring = "caseExactSubstringsMatch",
2566 /* TODO (kim): according to LDAP rfc we should be using same comparison
2567 * as Directory String (LDB_SYNTAX_DIRECTORY_STRING), but case sensitive.
2568 * But according to ms docs binary compare should do the job:
2569 * http://msdn.microsoft.com/en-us/library/cc223200(v=PROT.10).aspx */
2570 .ldb_syntax = LDB_SYNTAX_SAMBA_OCTET_STRING,
2572 .name = "String(Unicode)",
2573 .ldap_oid = LDB_SYNTAX_DIRECTORY_STRING,
2575 .attributeSyntax_oid = "2.5.5.12",
2576 .drsuapi_to_ldb = dsdb_syntax_UNICODE_drsuapi_to_ldb,
2577 .ldb_to_drsuapi = dsdb_syntax_UNICODE_ldb_to_drsuapi,
2578 .validate_ldb = dsdb_syntax_UNICODE_validate_ldb,
2579 .equality = "caseIgnoreMatch",
2580 .substring = "caseIgnoreSubstringsMatch",
2581 .comment = "Directory String",
2583 .name = "Interval/LargeInteger",
2584 .ldap_oid = "1.2.840.113556.1.4.906",
2586 .attributeSyntax_oid = "2.5.5.16",
2587 .drsuapi_to_ldb = dsdb_syntax_INT64_drsuapi_to_ldb,
2588 .ldb_to_drsuapi = dsdb_syntax_INT64_ldb_to_drsuapi,
2589 .validate_ldb = dsdb_syntax_INT64_validate_ldb,
2590 .equality = "integerMatch",
2591 .comment = "Large Integer",
2592 .ldb_syntax = LDB_SYNTAX_INTEGER,
2593 .auto_normalise = true
2595 .name = "String(NT-Sec-Desc)",
2596 .ldap_oid = LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR,
2598 .attributeSyntax_oid = "2.5.5.15",
2599 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2600 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2601 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2603 .name = "Object(DS-DN)",
2604 .ldap_oid = LDB_SYNTAX_DN,
2606 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a"),
2607 .attributeSyntax_oid = "2.5.5.1",
2608 .drsuapi_to_ldb = dsdb_syntax_DN_drsuapi_to_ldb,
2609 .ldb_to_drsuapi = dsdb_syntax_DN_ldb_to_drsuapi,
2610 .validate_ldb = dsdb_syntax_DN_validate_ldb,
2611 .equality = "distinguishedNameMatch",
2612 .comment = "Object(DS-DN) == a DN",
2614 .name = "Object(DN-Binary)",
2615 .ldap_oid = DSDB_SYNTAX_BINARY_DN,
2617 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0b"),
2618 .attributeSyntax_oid = "2.5.5.7",
2619 .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
2620 .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
2621 .validate_ldb = dsdb_syntax_DN_BINARY_validate_ldb,
2622 .equality = "octetStringMatch",
2623 .comment = "OctetString: Binary+DN",
2625 /* not used in w2k3 schema, but used in Exchange schema*/
2626 .name = "Object(OR-Name)",
2627 .ldap_oid = DSDB_SYNTAX_OR_NAME,
2629 .oMObjectClass = OMOBJECTCLASS("\x56\x06\x01\x02\x05\x0b\x1D"),
2630 .attributeSyntax_oid = "2.5.5.7",
2631 .drsuapi_to_ldb = dsdb_syntax_DN_BINARY_drsuapi_to_ldb,
2632 .ldb_to_drsuapi = dsdb_syntax_DN_BINARY_ldb_to_drsuapi,
2633 .validate_ldb = dsdb_syntax_DN_BINARY_validate_ldb,
2634 .equality = "caseIgnoreMatch",
2635 .ldb_syntax = LDB_SYNTAX_DN,
2638 * TODO: verify if DATA_BLOB is correct here...!
2640 * repsFrom and repsTo are the only attributes using
2641 * this attribute syntax, but they're not replicated...
2643 .name = "Object(Replica-Link)",
2644 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.40",
2646 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x06"),
2647 .attributeSyntax_oid = "2.5.5.10",
2648 .drsuapi_to_ldb = dsdb_syntax_DATA_BLOB_drsuapi_to_ldb,
2649 .ldb_to_drsuapi = dsdb_syntax_DATA_BLOB_ldb_to_drsuapi,
2650 .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb,
2652 .name = "Object(Presentation-Address)",
2653 .ldap_oid = "1.3.6.1.4.1.1466.115.121.1.43",
2655 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x5c"),
2656 .attributeSyntax_oid = "2.5.5.13",
2657 .drsuapi_to_ldb = dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb,
2658 .ldb_to_drsuapi = dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi,
2659 .validate_ldb = dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb,
2660 .comment = "Presentation Address",
2661 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
2663 /* not used in w2k3 schema */
2664 .name = "Object(Access-Point)",
2665 .ldap_oid = DSDB_SYNTAX_ACCESS_POINT,
2667 .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x3e"),
2668 .attributeSyntax_oid = "2.5.5.14",
2669 .drsuapi_to_ldb = dsdb_syntax_FOOBAR_drsuapi_to_ldb,
2670 .ldb_to_drsuapi = dsdb_syntax_FOOBAR_ldb_to_drsuapi,
2671 .validate_ldb = dsdb_syntax_FOOBAR_validate_ldb,
2672 .ldb_syntax = LDB_SYNTAX_DIRECTORY_STRING,
2674 /* not used in w2k3 schema */
2675 .name = "Object(DN-String)",
2676 .ldap_oid = DSDB_SYNTAX_STRING_DN,
2678 .oMObjectClass = OMOBJECTCLASS("\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c"),
2679 .attributeSyntax_oid = "2.5.5.14",
2680 .drsuapi_to_ldb = dsdb_syntax_DN_STRING_drsuapi_to_ldb,
2681 .ldb_to_drsuapi = dsdb_syntax_DN_STRING_ldb_to_drsuapi,
2682 .validate_ldb = dsdb_syntax_DN_STRING_validate_ldb,
2683 .equality = "octetStringMatch",
2684 .comment = "OctetString: String+DN",
2688 const struct dsdb_syntax *find_syntax_map_by_ad_oid(const char *ad_oid)
2691 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
2692 if (strcasecmp(ad_oid, dsdb_syntaxes[i].attributeSyntax_oid) == 0) {
2693 return &dsdb_syntaxes[i];
2699 const struct dsdb_syntax *find_syntax_map_by_ad_syntax(int oMSyntax)
2702 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
2703 if (oMSyntax == dsdb_syntaxes[i].oMSyntax) {
2704 return &dsdb_syntaxes[i];
2710 const struct dsdb_syntax *find_syntax_map_by_standard_oid(const char *standard_oid)
2713 for (i=0; dsdb_syntaxes[i].ldap_oid; i++) {
2714 if (strcasecmp(standard_oid, dsdb_syntaxes[i].ldap_oid) == 0) {
2715 return &dsdb_syntaxes[i];
2721 const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute *attr)
2725 for (i=0; i < ARRAY_SIZE(dsdb_syntaxes); i++) {
2727 * We must pretend that userParameters was declared
2728 * binary string, so we can store the 'UTF16' (not
2729 * really string) structure as given over SAMR to samba
2731 if (dsdb_syntaxes[i].userParameters &&
2732 (strcasecmp(attr->lDAPDisplayName, "userParameters") == 0))
2734 return &dsdb_syntaxes[i];
2736 if (attr->oMSyntax != dsdb_syntaxes[i].oMSyntax) continue;
2738 if (attr->oMObjectClass.length != dsdb_syntaxes[i].oMObjectClass.length) continue;
2740 if (attr->oMObjectClass.length) {
2742 ret = memcmp(attr->oMObjectClass.data,
2743 dsdb_syntaxes[i].oMObjectClass.data,
2744 attr->oMObjectClass.length);
2745 if (ret != 0) continue;
2748 if (strcmp(attr->attributeSyntax_oid, dsdb_syntaxes[i].attributeSyntax_oid) != 0) continue;
2750 return &dsdb_syntaxes[i];
2756 WERROR dsdb_attribute_drsuapi_remote_to_local(const struct dsdb_syntax_ctx *ctx,
2757 enum drsuapi_DsAttributeId remote_attid_as_enum,
2758 enum drsuapi_DsAttributeId *local_attid_as_enum,
2759 const struct dsdb_attribute **_sa)
2761 TALLOC_CTX *frame = talloc_stackframe();
2762 const struct dsdb_attribute *sa;
2763 uint32_t attid_local;
2766 if (ctx->pfm_remote == NULL) {
2767 smb_panic(__location__);
2770 switch (dsdb_pfm_get_attid_type(remote_attid_as_enum)) {
2771 case DSDB_ATTID_TYPE_PFM:
2772 /* map remote ATTID to local ATTID */
2773 ok = dsdb_syntax_attid_from_remote_attid(ctx, frame,
2774 remote_attid_as_enum,
2777 DEBUG(0,(__location__ ": Can't find local ATTID for 0x%08X\n",
2778 remote_attid_as_enum));
2780 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2783 case DSDB_ATTID_TYPE_INTID:
2784 /* use IntId value directly */
2785 attid_local = remote_attid_as_enum;
2788 /* we should never get here */
2789 DEBUG(0,(__location__ ": Invalid ATTID type passed for conversion - 0x%08X\n",
2790 remote_attid_as_enum));
2792 return WERR_INVALID_PARAMETER;
2795 sa = dsdb_attribute_by_attributeID_id(ctx->schema, attid_local);
2797 int dbg_level = ctx->schema->resolving_in_progress ? 10 : 0;
2798 DEBUG(dbg_level,(__location__ ": Unknown local attributeID_id 0x%08X remote 0x%08X%s\n",
2799 attid_local, remote_attid_as_enum,
2800 ctx->schema->resolving_in_progress ? "resolving in progress" : ""));
2802 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2806 * We return the same class of attid as we were given. That
2807 * is, we trust the remote server not to use an
2808 * msDS-IntId value in the schema partition
2810 if (local_attid_as_enum != NULL) {
2811 *local_attid_as_enum = (enum drsuapi_DsAttributeId)attid_local;
2822 WERROR dsdb_attribute_drsuapi_to_ldb(struct ldb_context *ldb,
2823 const struct dsdb_schema *schema,
2824 const struct dsdb_schema_prefixmap *pfm_remote,
2825 const struct drsuapi_DsReplicaAttribute *in,
2826 TALLOC_CTX *mem_ctx,
2827 struct ldb_message_element *out,
2828 enum drsuapi_DsAttributeId *local_attid_as_enum)
2830 struct dsdb_syntax_ctx syntax_ctx;
2831 const struct dsdb_attribute *sa = NULL;
2834 /* use default syntax conversion context */
2835 dsdb_syntax_ctx_init(&syntax_ctx, ldb, schema);
2836 syntax_ctx.pfm_remote = pfm_remote;
2838 werr = dsdb_attribute_drsuapi_remote_to_local(&syntax_ctx,
2840 local_attid_as_enum,
2842 if (!W_ERROR_IS_OK(werr)) {
2846 return sa->syntax->drsuapi_to_ldb(&syntax_ctx, sa, in, mem_ctx, out);
2849 WERROR dsdb_attribute_ldb_to_drsuapi(struct ldb_context *ldb,
2850 const struct dsdb_schema *schema,
2851 const struct ldb_message_element *in,
2852 TALLOC_CTX *mem_ctx,
2853 struct drsuapi_DsReplicaAttribute *out)
2855 const struct dsdb_attribute *sa;
2856 struct dsdb_syntax_ctx syntax_ctx;
2858 sa = dsdb_attribute_by_lDAPDisplayName(schema, in->name);
2860 return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
2863 /* use default syntax conversion context */
2864 dsdb_syntax_ctx_init(&syntax_ctx, ldb, schema);
2866 return sa->syntax->ldb_to_drsuapi(&syntax_ctx, sa, in, mem_ctx, out);
git.samba.org / metze / samba / wip.git / blob