4 Copyright (C) Simo Sorce 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb dn creation and manipulation utility functions
29 * Description: - explode a dn into it's own basic elements
30 * and put them in a structure (only if necessary)
31 * - manipulate ldb_dn structures
36 #include "ldb_private.h"
39 #define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
41 #define LDB_FREE(x) do { talloc_free(x); x = NULL; } while(0)
44 internal ldb exploded dn structures
46 struct ldb_dn_component {
52 struct ldb_val cf_value;
55 struct ldb_dn_ext_component {
63 struct ldb_context *ldb;
65 /* Special DNs are always linearized */
75 unsigned int comp_num;
76 struct ldb_dn_component *components;
78 unsigned int ext_comp_num;
79 struct ldb_dn_ext_component *ext_components;
82 /* it is helpful to be able to break on this in gdb */
83 static void ldb_dn_mark_invalid(struct ldb_dn *dn)
88 /* strdn may be NULL */
89 struct ldb_dn *ldb_dn_from_ldb_val(TALLOC_CTX *mem_ctx,
90 struct ldb_context *ldb,
91 const struct ldb_val *strdn)
95 if (! ldb) return NULL;
97 if (strdn && strdn->data
98 && (strnlen((const char*)strdn->data, strdn->length) != strdn->length)) {
99 /* The RDN must not contain a character with value 0x0 */
103 dn = talloc_zero(mem_ctx, struct ldb_dn);
104 LDB_DN_NULL_FAILED(dn);
106 dn->ldb = talloc_get_type(ldb, struct ldb_context);
107 if (dn->ldb == NULL) {
108 /* the caller probably got the arguments to
109 ldb_dn_new() mixed up */
114 if (strdn->data && strdn->length) {
115 const char *data = (const char *)strdn->data;
116 size_t length = strdn->length;
118 if (data[0] == '@') {
121 dn->ext_linearized = talloc_strndup(dn, data, length);
122 LDB_DN_NULL_FAILED(dn->ext_linearized);
124 if (data[0] == '<') {
125 const char *p_save, *p = dn->ext_linearized;
134 if (p_save == dn->ext_linearized) {
135 dn->linearized = talloc_strdup(dn, "");
137 dn->linearized = talloc_strdup(dn, p_save);
139 LDB_DN_NULL_FAILED(dn->linearized);
141 dn->linearized = dn->ext_linearized;
142 dn->ext_linearized = NULL;
145 dn->linearized = talloc_strdup(dn, "");
146 LDB_DN_NULL_FAILED(dn->linearized);
156 /* strdn may be NULL */
157 struct ldb_dn *ldb_dn_new(TALLOC_CTX *mem_ctx,
158 struct ldb_context *ldb,
162 blob.data = discard_const_p(uint8_t, strdn);
163 blob.length = strdn ? strlen(strdn) : 0;
164 return ldb_dn_from_ldb_val(mem_ctx, ldb, &blob);
167 struct ldb_dn *ldb_dn_new_fmt(TALLOC_CTX *mem_ctx,
168 struct ldb_context *ldb,
169 const char *new_fmt, ...)
174 if ( (! mem_ctx) || (! ldb)) return NULL;
176 va_start(ap, new_fmt);
177 strdn = talloc_vasprintf(mem_ctx, new_fmt, ap);
181 struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb, strdn);
189 /* see RFC2253 section 2.4 */
190 static int ldb_dn_escape_internal(char *dst, const char *src, int len)
197 for (i = 0; i < len; i++){
201 if (i == 0 || i == len - 1) {
202 /* if at the beginning or end
203 * of the string then escape */
207 /* otherwise don't escape */
213 /* despite the RFC, windows escapes a #
214 anywhere in the string */
222 /* these must be escaped using \c form */
232 /* any others get \XX form */
234 const char *hexbytes = "0123456789ABCDEF";
235 v = (const unsigned char)c;
237 *d++ = hexbytes[v>>4];
238 *d++ = hexbytes[v&0xF];
246 /* return the length of the resulting string */
250 char *ldb_dn_escape_value(TALLOC_CTX *mem_ctx, struct ldb_val value)
257 /* allocate destination string, it will be at most 3 times the source */
258 dst = talloc_array(mem_ctx, char, value.length * 3 + 1);
264 len = ldb_dn_escape_internal(dst, (const char *)value.data, value.length);
266 dst = talloc_realloc(mem_ctx, dst, char, len + 1);
276 explode a DN string into a ldb_dn structure
277 based on RFC4514 except that we don't support multiple valued RDNs
279 TODO: according to MS-ADTS:3.1.1.5.2 Naming Constraints
280 DN must be compliant with RFC2253
282 static bool ldb_dn_explode(struct ldb_dn *dn)
284 char *p, *ex_name = NULL, *ex_value = NULL, *data, *d, *dt, *t;
286 bool in_extended = true;
287 bool in_ex_name = false;
288 bool in_ex_value = false;
289 bool in_attr = false;
290 bool in_value = false;
291 bool in_quote = false;
300 if ( ! dn || dn->invalid) return false;
302 if (dn->components) {
306 if (dn->ext_linearized) {
307 parse_dn = dn->ext_linearized;
309 parse_dn = dn->linearized;
316 is_index = (strncmp(parse_dn, "DN=@INDEX:", 10) == 0);
319 if (parse_dn[0] == '\0') {
323 /* Special DNs case */
328 /* make sure we free this if allocated previously before replacing */
329 LDB_FREE(dn->components);
332 LDB_FREE(dn->ext_components);
333 dn->ext_comp_num = 0;
335 /* in the common case we have 3 or more components */
336 /* make sure all components are zeroed, other functions depend on it */
337 dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
338 if ( ! dn->components) {
342 /* Components data space is allocated here once */
343 data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
355 if (!in_ex_name && !in_ex_value) {
362 } else if (p[0] == '\0') {
374 if (in_ex_name && *p == '=') {
383 if (in_ex_value && *p == '>') {
384 const struct ldb_dn_extended_syntax *ext_syntax;
385 struct ldb_val ex_val = {
386 .data = (uint8_t *)ex_value,
387 .length = d - ex_value
394 /* Process name and ex_value */
396 dn->ext_components = talloc_realloc(dn,
398 struct ldb_dn_ext_component,
399 dn->ext_comp_num + 1);
400 if ( ! dn->ext_components) {
405 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, ex_name);
407 /* We don't know about this type of extended DN */
411 dn->ext_components[dn->ext_comp_num].name = talloc_strdup(dn->ext_components, ex_name);
412 if (!dn->ext_components[dn->ext_comp_num].name) {
416 ret = ext_syntax->read_fn(dn->ldb, dn->ext_components,
417 &ex_val, &dn->ext_components[dn->ext_comp_num].value);
418 if (ret != LDB_SUCCESS) {
419 ldb_dn_mark_invalid(dn);
426 /* We have reached the end (extended component only)! */
430 } else if (*p == ';') {
434 ldb_dn_mark_invalid(dn);
453 /* attr names must be ascii only */
454 ldb_dn_mark_invalid(dn);
461 if ( ! isalpha(*p)) {
462 /* not a digit nor an alpha,
463 * invalid attribute name */
464 ldb_dn_mark_invalid(dn);
468 /* Copy this character across from parse_dn,
469 * now we have trimmed out spaces */
476 /* valid only if we are at the end */
481 if (trim && (*p != '=')) {
482 /* spaces/tabs are not allowed */
483 ldb_dn_mark_invalid(dn);
488 /* attribute terminated */
494 /* Terminate this string in d
495 * (which is a copy of parse_dn
496 * with spaces trimmed) */
498 dn->components[dn->comp_num].name = talloc_strdup(dn->components, dt);
499 if ( ! dn->components[dn->comp_num].name) {
511 /* attr names must be ascii only */
512 ldb_dn_mark_invalid(dn);
516 if (is_oid && ( ! (isdigit(*p) || (*p == '.')))) {
517 /* not a digit nor a dot,
518 * invalid attribute oid */
519 ldb_dn_mark_invalid(dn);
522 if ( ! (isalpha(*p) || isdigit(*p) || (*p == '-'))) {
523 /* not ALPHA, DIGIT or HYPHEN */
524 ldb_dn_mark_invalid(dn);
564 /* TODO: support ber encoded values
575 /* ok found value terminator */
589 dn->components[dn->comp_num].value.data = (uint8_t *)talloc_strdup(dn->components, dt);
590 dn->components[dn->comp_num].value.length = l;
591 if ( ! dn->components[dn->comp_num].value.data) {
599 if (dn->comp_num > 2) {
600 dn->components = talloc_realloc(dn,
602 struct ldb_dn_component,
604 if ( ! dn->components) {
608 /* make sure all components are zeroed, other functions depend on this */
609 memset(&dn->components[dn->comp_num], '\0', sizeof(struct ldb_dn_component));
616 /* to main compatibility with earlier
617 versions of ldb indexing, we have to
618 accept the base64 encoded binary index
619 values, which contain a '+' or '='
620 which should normally be escaped */
632 /* a string with not escaped specials is invalid (tested) */
634 ldb_dn_mark_invalid(dn);
661 if (isxdigit(p[0]) && isxdigit(p[1])) {
662 if (sscanf(p, "%02x", &x) != 1) {
663 /* invalid escaping sequence */
664 ldb_dn_mark_invalid(dn);
668 *d++ = (unsigned char)x;
694 if (in_attr || in_quote) {
696 ldb_dn_mark_invalid(dn);
700 /* save last element */
708 dn->components[dn->comp_num].value.length = l;
709 dn->components[dn->comp_num].value.data =
710 (uint8_t *)talloc_strdup(dn->components, dt);
711 if ( ! dn->components[dn->comp_num].value.data) {
722 LDB_FREE(dn->components); /* "data" is implicitly free'd */
724 LDB_FREE(dn->ext_components);
725 dn->ext_comp_num = 0;
730 bool ldb_dn_validate(struct ldb_dn *dn)
732 return ldb_dn_explode(dn);
735 const char *ldb_dn_get_linearized(struct ldb_dn *dn)
741 if ( ! dn || ( dn->invalid)) return NULL;
743 if (dn->linearized) return dn->linearized;
745 if ( ! dn->components) {
746 ldb_dn_mark_invalid(dn);
750 if (dn->comp_num == 0) {
751 dn->linearized = talloc_strdup(dn, "");
752 if ( ! dn->linearized) return NULL;
753 return dn->linearized;
756 /* calculate maximum possible length of DN */
757 for (len = 0, i = 0; i < dn->comp_num; i++) {
759 len += strlen(dn->components[i].name);
760 /* max escaped data len */
761 len += (dn->components[i].value.length * 3);
762 len += 2; /* '=' and ',' */
764 dn->linearized = talloc_array(dn, char, len);
765 if ( ! dn->linearized) return NULL;
769 for (i = 0; i < dn->comp_num; i++) {
772 n = dn->components[i].name;
773 while (*n) *d++ = *n++;
778 d += ldb_dn_escape_internal( d,
779 (char *)dn->components[i].value.data,
780 dn->components[i].value.length);
786 /* don't waste more memory than necessary */
787 dn->linearized = talloc_realloc(dn, dn->linearized,
788 char, (d - dn->linearized + 1));
790 return dn->linearized;
793 static int ldb_dn_extended_component_compare(const void *p1, const void *p2)
795 const struct ldb_dn_ext_component *ec1 = (const struct ldb_dn_ext_component *)p1;
796 const struct ldb_dn_ext_component *ec2 = (const struct ldb_dn_ext_component *)p2;
797 return strcmp(ec1->name, ec2->name);
800 char *ldb_dn_get_extended_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int mode)
802 const char *linearized = ldb_dn_get_linearized(dn);
810 if (!ldb_dn_has_extended(dn)) {
811 return talloc_strdup(mem_ctx, linearized);
814 if (!ldb_dn_validate(dn)) {
818 /* sort the extended components by name. The idea is to make
819 * the resulting DNs consistent, plus to ensure that we put
820 * 'DELETED' first, so it can be very quickly recognised
822 TYPESAFE_QSORT(dn->ext_components, dn->ext_comp_num,
823 ldb_dn_extended_component_compare);
825 for (i = 0; i < dn->ext_comp_num; i++) {
826 const struct ldb_dn_extended_syntax *ext_syntax;
827 const char *name = dn->ext_components[i].name;
828 struct ldb_val ec_val = dn->ext_components[i].value;
832 ext_syntax = ldb_dn_extended_syntax_by_name(dn->ldb, name);
838 ret = ext_syntax->write_clear_fn(dn->ldb, mem_ctx,
840 } else if (mode == 0) {
841 ret = ext_syntax->write_hex_fn(dn->ldb, mem_ctx,
847 if (ret != LDB_SUCCESS) {
852 p = talloc_asprintf(mem_ctx, "<%s=%s>",
855 p = talloc_asprintf_append_buffer(p, ";<%s=%s>",
859 talloc_free(val.data);
866 if (dn->ext_comp_num && *linearized) {
867 p = talloc_asprintf_append_buffer(p, ";%s", linearized);
878 filter out all but an acceptable list of extended DN components
880 void ldb_dn_extended_filter(struct ldb_dn *dn, const char * const *accept_list)
883 for (i=0; i<dn->ext_comp_num; i++) {
884 if (!ldb_attr_in_list(accept_list, dn->ext_components[i].name)) {
885 memmove(&dn->ext_components[i],
886 &dn->ext_components[i+1],
887 (dn->ext_comp_num-(i+1))*sizeof(dn->ext_components[0]));
892 LDB_FREE(dn->ext_linearized);
896 char *ldb_dn_alloc_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
898 return talloc_strdup(mem_ctx, ldb_dn_get_linearized(dn));
902 casefold a dn. We need to casefold the attribute names, and canonicalize
903 attribute values of case insensitive attributes.
906 static bool ldb_dn_casefold_internal(struct ldb_dn *dn)
911 if ( ! dn || dn->invalid) return false;
913 if (dn->valid_case) return true;
915 if (( ! dn->components) && ( ! ldb_dn_explode(dn))) {
919 for (i = 0; i < dn->comp_num; i++) {
920 const struct ldb_schema_attribute *a;
922 dn->components[i].cf_name =
923 ldb_attr_casefold(dn->components,
924 dn->components[i].name);
925 if (!dn->components[i].cf_name) {
929 a = ldb_schema_attribute_by_name(dn->ldb,
930 dn->components[i].cf_name);
932 ret = a->syntax->canonicalise_fn(dn->ldb, dn->components,
933 &(dn->components[i].value),
934 &(dn->components[i].cf_value));
940 dn->valid_case = true;
945 for (i = 0; i < dn->comp_num; i++) {
946 LDB_FREE(dn->components[i].cf_name);
947 LDB_FREE(dn->components[i].cf_value.data);
952 const char *ldb_dn_get_casefold(struct ldb_dn *dn)
958 if (dn->casefold) return dn->casefold;
961 dn->casefold = talloc_strdup(dn, dn->linearized);
962 if (!dn->casefold) return NULL;
963 dn->valid_case = true;
967 if ( ! ldb_dn_casefold_internal(dn)) {
971 if (dn->comp_num == 0) {
972 dn->casefold = talloc_strdup(dn, "");
976 /* calculate maximum possible length of DN */
977 for (len = 0, i = 0; i < dn->comp_num; i++) {
979 len += strlen(dn->components[i].cf_name);
980 /* max escaped data len */
981 len += (dn->components[i].cf_value.length * 3);
982 len += 2; /* '=' and ',' */
984 dn->casefold = talloc_array(dn, char, len);
985 if ( ! dn->casefold) return NULL;
989 for (i = 0; i < dn->comp_num; i++) {
992 n = dn->components[i].cf_name;
993 while (*n) *d++ = *n++;
998 d += ldb_dn_escape_internal( d,
999 (char *)dn->components[i].cf_value.data,
1000 dn->components[i].cf_value.length);
1005 /* don't waste more memory than necessary */
1006 dn->casefold = talloc_realloc(dn, dn->casefold,
1007 char, strlen(dn->casefold) + 1);
1009 return dn->casefold;
1012 char *ldb_dn_alloc_casefold(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1014 return talloc_strdup(mem_ctx, ldb_dn_get_casefold(dn));
1017 /* Determine if dn is below base, in the ldap tree. Used for
1018 * evaluating a subtree search.
1019 * 0 if they match, otherwise non-zero
1022 int ldb_dn_compare_base(struct ldb_dn *base, struct ldb_dn *dn)
1025 unsigned int n_base, n_dn;
1027 if ( ! base || base->invalid) return 1;
1028 if ( ! dn || dn->invalid) return -1;
1030 if (( ! base->valid_case) || ( ! dn->valid_case)) {
1031 if (base->linearized && dn->linearized && dn->special == base->special) {
1032 /* try with a normal compare first, if we are lucky
1033 * we will avoid exploding and casfolding */
1035 dif = strlen(dn->linearized) - strlen(base->linearized);
1039 if (strcmp(base->linearized,
1040 &dn->linearized[dif]) == 0) {
1045 if ( ! ldb_dn_casefold_internal(base)) {
1049 if ( ! ldb_dn_casefold_internal(dn)) {
1055 /* if base has more components,
1056 * they don't have the same base */
1057 if (base->comp_num > dn->comp_num) {
1058 return (dn->comp_num - base->comp_num);
1061 if ((dn->comp_num == 0) || (base->comp_num == 0)) {
1062 if (dn->special && base->special) {
1063 return strcmp(base->linearized, dn->linearized);
1064 } else if (dn->special) {
1066 } else if (base->special) {
1073 n_base = base->comp_num - 1;
1074 n_dn = dn->comp_num - 1;
1076 while (n_base != (unsigned int) -1) {
1077 char *b_name = base->components[n_base].cf_name;
1078 char *dn_name = dn->components[n_dn].cf_name;
1080 char *b_vdata = (char *)base->components[n_base].cf_value.data;
1081 char *dn_vdata = (char *)dn->components[n_dn].cf_value.data;
1083 size_t b_vlen = base->components[n_base].cf_value.length;
1084 size_t dn_vlen = dn->components[n_dn].cf_value.length;
1086 /* compare attr names */
1087 ret = strcmp(b_name, dn_name);
1088 if (ret != 0) return ret;
1090 /* compare attr.cf_value. */
1091 if (b_vlen != dn_vlen) {
1092 return b_vlen - dn_vlen;
1094 ret = strncmp(b_vdata, dn_vdata, b_vlen);
1095 if (ret != 0) return ret;
1104 /* compare DNs using casefolding compare functions.
1106 If they match, then return 0
1109 int ldb_dn_compare(struct ldb_dn *dn0, struct ldb_dn *dn1)
1114 if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
1118 if (( ! dn0->valid_case) || ( ! dn1->valid_case)) {
1119 if (dn0->linearized && dn1->linearized) {
1120 /* try with a normal compare first, if we are lucky
1121 * we will avoid exploding and casfolding */
1122 if (strcmp(dn0->linearized, dn1->linearized) == 0) {
1127 if ( ! ldb_dn_casefold_internal(dn0)) {
1131 if ( ! ldb_dn_casefold_internal(dn1)) {
1137 if (dn0->comp_num != dn1->comp_num) {
1138 return (dn1->comp_num - dn0->comp_num);
1141 if (dn0->comp_num == 0) {
1142 if (dn0->special && dn1->special) {
1143 return strcmp(dn0->linearized, dn1->linearized);
1144 } else if (dn0->special) {
1146 } else if (dn1->special) {
1153 for (i = 0; i < dn0->comp_num; i++) {
1154 char *dn0_name = dn0->components[i].cf_name;
1155 char *dn1_name = dn1->components[i].cf_name;
1157 char *dn0_vdata = (char *)dn0->components[i].cf_value.data;
1158 char *dn1_vdata = (char *)dn1->components[i].cf_value.data;
1160 size_t dn0_vlen = dn0->components[i].cf_value.length;
1161 size_t dn1_vlen = dn1->components[i].cf_value.length;
1163 /* compare attr names */
1164 ret = strcmp(dn0_name, dn1_name);
1169 /* compare attr.cf_value. */
1170 if (dn0_vlen != dn1_vlen) {
1171 return dn0_vlen - dn1_vlen;
1173 ret = strncmp(dn0_vdata, dn1_vdata, dn0_vlen);
1182 static struct ldb_dn_component ldb_dn_copy_component(
1183 TALLOC_CTX *mem_ctx,
1184 struct ldb_dn_component *src)
1186 struct ldb_dn_component dst;
1188 memset(&dst, 0, sizeof(dst));
1194 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1195 if (dst.value.data == NULL) {
1199 dst.name = talloc_strdup(mem_ctx, src->name);
1200 if (dst.name == NULL) {
1201 LDB_FREE(dst.value.data);
1205 if (src->cf_value.data) {
1206 dst.cf_value = ldb_val_dup(mem_ctx, &(src->cf_value));
1207 if (dst.cf_value.data == NULL) {
1208 LDB_FREE(dst.value.data);
1213 dst.cf_name = talloc_strdup(mem_ctx, src->cf_name);
1214 if (dst.cf_name == NULL) {
1215 LDB_FREE(dst.cf_name);
1216 LDB_FREE(dst.value.data);
1221 dst.cf_value.data = NULL;
1228 static struct ldb_dn_ext_component ldb_dn_ext_copy_component(
1229 TALLOC_CTX *mem_ctx,
1230 struct ldb_dn_ext_component *src)
1232 struct ldb_dn_ext_component dst;
1234 memset(&dst, 0, sizeof(dst));
1240 dst.value = ldb_val_dup(mem_ctx, &(src->value));
1241 if (dst.value.data == NULL) {
1245 dst.name = talloc_strdup(mem_ctx, src->name);
1246 if (dst.name == NULL) {
1247 LDB_FREE(dst.value.data);
1254 struct ldb_dn *ldb_dn_copy(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1256 struct ldb_dn *new_dn;
1258 if (!dn || dn->invalid) {
1262 new_dn = talloc_zero(mem_ctx, struct ldb_dn);
1269 if (dn->components) {
1272 new_dn->components =
1273 talloc_zero_array(new_dn,
1274 struct ldb_dn_component,
1276 if ( ! new_dn->components) {
1277 talloc_free(new_dn);
1281 for (i = 0; i < dn->comp_num; i++) {
1282 new_dn->components[i] =
1283 ldb_dn_copy_component(new_dn->components,
1284 &dn->components[i]);
1285 if ( ! new_dn->components[i].value.data) {
1286 talloc_free(new_dn);
1292 if (dn->ext_components) {
1295 new_dn->ext_components =
1296 talloc_zero_array(new_dn,
1297 struct ldb_dn_ext_component,
1299 if ( ! new_dn->ext_components) {
1300 talloc_free(new_dn);
1304 for (i = 0; i < dn->ext_comp_num; i++) {
1305 new_dn->ext_components[i] =
1306 ldb_dn_ext_copy_component(
1307 new_dn->ext_components,
1308 &dn->ext_components[i]);
1309 if ( ! new_dn->ext_components[i].value.data) {
1310 talloc_free(new_dn);
1317 new_dn->casefold = talloc_strdup(new_dn, dn->casefold);
1318 if ( ! new_dn->casefold) {
1319 talloc_free(new_dn);
1324 if (dn->linearized) {
1325 new_dn->linearized = talloc_strdup(new_dn, dn->linearized);
1326 if ( ! new_dn->linearized) {
1327 talloc_free(new_dn);
1332 if (dn->ext_linearized) {
1333 new_dn->ext_linearized = talloc_strdup(new_dn,
1334 dn->ext_linearized);
1335 if ( ! new_dn->ext_linearized) {
1336 talloc_free(new_dn);
1344 /* modify the given dn by adding a base.
1346 * return true if successful and false if not
1347 * if false is returned the dn may be marked invalid
1349 bool ldb_dn_add_base(struct ldb_dn *dn, struct ldb_dn *base)
1354 if ( !base || base->invalid || !dn || dn->invalid) {
1358 if (dn->components) {
1361 if ( ! ldb_dn_validate(base)) {
1366 if (dn->valid_case) {
1367 if ( ! (s = ldb_dn_get_casefold(base))) {
1372 dn->components = talloc_realloc(dn,
1374 struct ldb_dn_component,
1375 dn->comp_num + base->comp_num);
1376 if ( ! dn->components) {
1377 ldb_dn_mark_invalid(dn);
1381 for (i = 0; i < base->comp_num; dn->comp_num++, i++) {
1382 dn->components[dn->comp_num] =
1383 ldb_dn_copy_component(dn->components,
1384 &base->components[i]);
1385 if (dn->components[dn->comp_num].value.data == NULL) {
1386 ldb_dn_mark_invalid(dn);
1391 if (dn->casefold && s) {
1392 if (*dn->casefold) {
1393 t = talloc_asprintf(dn, "%s,%s",
1396 t = talloc_strdup(dn, s);
1398 LDB_FREE(dn->casefold);
1403 if (dn->linearized) {
1405 s = ldb_dn_get_linearized(base);
1410 if (*dn->linearized) {
1411 t = talloc_asprintf(dn, "%s,%s",
1414 t = talloc_strdup(dn, s);
1417 ldb_dn_mark_invalid(dn);
1420 LDB_FREE(dn->linearized);
1424 /* Wipe the ext_linearized DN,
1425 * the GUID and SID are almost certainly no longer valid */
1426 LDB_FREE(dn->ext_linearized);
1427 LDB_FREE(dn->ext_components);
1428 dn->ext_comp_num = 0;
1433 /* modify the given dn by adding a base.
1435 * return true if successful and false if not
1436 * if false is returned the dn may be marked invalid
1438 bool ldb_dn_add_base_fmt(struct ldb_dn *dn, const char *base_fmt, ...)
1440 struct ldb_dn *base;
1445 if ( !dn || dn->invalid) {
1449 va_start(ap, base_fmt);
1450 base_str = talloc_vasprintf(dn, base_fmt, ap);
1453 if (base_str == NULL) {
1457 base = ldb_dn_new(base_str, dn->ldb, base_str);
1459 ret = ldb_dn_add_base(dn, base);
1461 talloc_free(base_str);
1466 /* modify the given dn by adding children elements.
1468 * return true if successful and false if not
1469 * if false is returned the dn may be marked invalid
1471 bool ldb_dn_add_child(struct ldb_dn *dn, struct ldb_dn *child)
1476 if ( !child || child->invalid || !dn || dn->invalid) {
1480 if (dn->components) {
1484 if (dn->comp_num == 0) {
1488 if ( ! ldb_dn_validate(child)) {
1493 if (dn->valid_case) {
1494 if ( ! (s = ldb_dn_get_casefold(child))) {
1499 n = dn->comp_num + child->comp_num;
1501 dn->components = talloc_realloc(dn,
1503 struct ldb_dn_component,
1505 if ( ! dn->components) {
1506 ldb_dn_mark_invalid(dn);
1510 for (i = dn->comp_num - 1, j = n - 1; i != (unsigned int) -1;
1512 dn->components[j] = dn->components[i];
1515 for (i = 0; i < child->comp_num; i++) {
1517 ldb_dn_copy_component(dn->components,
1518 &child->components[i]);
1519 if (dn->components[i].value.data == NULL) {
1520 ldb_dn_mark_invalid(dn);
1527 if (dn->casefold && s) {
1528 t = talloc_asprintf(dn, "%s,%s", s, dn->casefold);
1529 LDB_FREE(dn->casefold);
1534 if (dn->linearized) {
1535 if (dn->linearized[0] == '\0') {
1539 s = ldb_dn_get_linearized(child);
1544 t = talloc_asprintf(dn, "%s,%s", s, dn->linearized);
1546 ldb_dn_mark_invalid(dn);
1549 LDB_FREE(dn->linearized);
1553 /* Wipe the ext_linearized DN,
1554 * the GUID and SID are almost certainly no longer valid */
1555 LDB_FREE(dn->ext_linearized);
1556 LDB_FREE(dn->ext_components);
1557 dn->ext_comp_num = 0;
1562 /* modify the given dn by adding children elements.
1564 * return true if successful and false if not
1565 * if false is returned the dn may be marked invalid
1567 bool ldb_dn_add_child_fmt(struct ldb_dn *dn, const char *child_fmt, ...)
1569 struct ldb_dn *child;
1574 if ( !dn || dn->invalid) {
1578 va_start(ap, child_fmt);
1579 child_str = talloc_vasprintf(dn, child_fmt, ap);
1582 if (child_str == NULL) {
1586 child = ldb_dn_new(child_str, dn->ldb, child_str);
1588 ret = ldb_dn_add_child(dn, child);
1590 talloc_free(child_str);
1595 bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num)
1599 if ( ! ldb_dn_validate(dn)) {
1603 if (dn->comp_num < num) {
1607 /* free components */
1608 for (i = dn->comp_num - num; i < dn->comp_num; i++) {
1609 LDB_FREE(dn->components[i].name);
1610 LDB_FREE(dn->components[i].value.data);
1611 LDB_FREE(dn->components[i].cf_name);
1612 LDB_FREE(dn->components[i].cf_value.data);
1615 dn->comp_num -= num;
1617 if (dn->valid_case) {
1618 for (i = 0; i < dn->comp_num; i++) {
1619 LDB_FREE(dn->components[i].cf_name);
1620 LDB_FREE(dn->components[i].cf_value.data);
1622 dn->valid_case = false;
1625 LDB_FREE(dn->casefold);
1626 LDB_FREE(dn->linearized);
1628 /* Wipe the ext_linearized DN,
1629 * the GUID and SID are almost certainly no longer valid */
1630 LDB_FREE(dn->ext_linearized);
1631 LDB_FREE(dn->ext_components);
1632 dn->ext_comp_num = 0;
1637 bool ldb_dn_remove_child_components(struct ldb_dn *dn, unsigned int num)
1641 if ( ! ldb_dn_validate(dn)) {
1645 if (dn->comp_num < num) {
1649 for (i = 0, j = num; j < dn->comp_num; i++, j++) {
1651 LDB_FREE(dn->components[i].name);
1652 LDB_FREE(dn->components[i].value.data);
1653 LDB_FREE(dn->components[i].cf_name);
1654 LDB_FREE(dn->components[i].cf_value.data);
1656 dn->components[i] = dn->components[j];
1659 dn->comp_num -= num;
1661 if (dn->valid_case) {
1662 for (i = 0; i < dn->comp_num; i++) {
1663 LDB_FREE(dn->components[i].cf_name);
1664 LDB_FREE(dn->components[i].cf_value.data);
1666 dn->valid_case = false;
1669 LDB_FREE(dn->casefold);
1670 LDB_FREE(dn->linearized);
1672 /* Wipe the ext_linearized DN,
1673 * the GUID and SID are almost certainly no longer valid */
1674 LDB_FREE(dn->ext_linearized);
1675 LDB_FREE(dn->ext_components);
1676 dn->ext_comp_num = 0;
1682 /* replace the components of a DN with those from another DN, without
1683 * touching the extended components
1685 * return true if successful and false if not
1686 * if false is returned the dn may be marked invalid
1688 bool ldb_dn_replace_components(struct ldb_dn *dn, struct ldb_dn *new_dn)
1692 if ( ! ldb_dn_validate(dn) || ! ldb_dn_validate(new_dn)) {
1696 /* free components */
1697 for (i = 0; i < dn->comp_num; i++) {
1698 LDB_FREE(dn->components[i].name);
1699 LDB_FREE(dn->components[i].value.data);
1700 LDB_FREE(dn->components[i].cf_name);
1701 LDB_FREE(dn->components[i].cf_value.data);
1704 dn->components = talloc_realloc(dn,
1706 struct ldb_dn_component,
1708 if (dn->components == NULL) {
1709 ldb_dn_mark_invalid(dn);
1713 dn->comp_num = new_dn->comp_num;
1714 dn->valid_case = new_dn->valid_case;
1716 for (i = 0; i < dn->comp_num; i++) {
1717 dn->components[i] = ldb_dn_copy_component(dn->components, &new_dn->components[i]);
1718 if (dn->components[i].name == NULL) {
1719 ldb_dn_mark_invalid(dn);
1723 if (new_dn->linearized == NULL) {
1724 dn->linearized = NULL;
1726 dn->linearized = talloc_strdup(dn, new_dn->linearized);
1727 if (dn->linearized == NULL) {
1728 ldb_dn_mark_invalid(dn);
1737 struct ldb_dn *ldb_dn_get_parent(TALLOC_CTX *mem_ctx, struct ldb_dn *dn)
1739 struct ldb_dn *new_dn;
1741 new_dn = ldb_dn_copy(mem_ctx, dn);
1746 if ( ! ldb_dn_remove_child_components(new_dn, 1)) {
1747 talloc_free(new_dn);
1754 /* Create a 'canonical name' string from a DN:
1756 ie dc=samba,dc=org -> samba.org/
1757 uid=administrator,ou=users,dc=samba,dc=org = samba.org/users/administrator
1759 There are two formats,
1760 the EX format has the last '/' replaced with a newline (\n).
1763 static char *ldb_dn_canonical(TALLOC_CTX *mem_ctx, struct ldb_dn *dn, int ex_format) {
1766 char *cracked = NULL;
1767 const char *format = (ex_format ? "\n" : "/" );
1769 if ( ! ldb_dn_validate(dn)) {
1773 tmpctx = talloc_new(mem_ctx);
1775 /* Walk backwards down the DN, grabbing 'dc' components at first */
1776 for (i = dn->comp_num - 1; i != (unsigned int) -1; i--) {
1777 if (ldb_attr_cmp(dn->components[i].name, "dc") != 0) {
1781 cracked = talloc_asprintf(tmpctx, "%s.%s",
1782 ldb_dn_escape_value(tmpctx,
1783 dn->components[i].value),
1786 cracked = ldb_dn_escape_value(tmpctx,
1787 dn->components[i].value);
1794 /* Only domain components? Finish here */
1795 if (i == (unsigned int) -1) {
1796 cracked = talloc_strdup_append_buffer(cracked, format);
1797 talloc_steal(mem_ctx, cracked);
1801 /* Now walk backwards appending remaining components */
1802 for (; i > 0; i--) {
1803 cracked = talloc_asprintf_append_buffer(cracked, "/%s",
1804 ldb_dn_escape_value(tmpctx,
1805 dn->components[i].value));
1811 /* Last one, possibly a newline for the 'ex' format */
1812 cracked = talloc_asprintf_append_buffer(cracked, "%s%s", format,
1813 ldb_dn_escape_value(tmpctx,
1814 dn->components[i].value));
1816 talloc_steal(mem_ctx, cracked);
1818 talloc_free(tmpctx);
1822 /* Wrapper functions for the above, for the two different string formats */
1823 char *ldb_dn_canonical_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1824 return ldb_dn_canonical(mem_ctx, dn, 0);
1828 char *ldb_dn_canonical_ex_string(TALLOC_CTX *mem_ctx, struct ldb_dn *dn) {
1829 return ldb_dn_canonical(mem_ctx, dn, 1);
1832 int ldb_dn_get_comp_num(struct ldb_dn *dn)
1834 if ( ! ldb_dn_validate(dn)) {
1837 return dn->comp_num;
1840 int ldb_dn_get_extended_comp_num(struct ldb_dn *dn)
1842 if ( ! ldb_dn_validate(dn)) {
1845 return dn->ext_comp_num;
1848 const char *ldb_dn_get_component_name(struct ldb_dn *dn, unsigned int num)
1850 if ( ! ldb_dn_validate(dn)) {
1853 if (num >= dn->comp_num) return NULL;
1854 return dn->components[num].name;
1857 const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn,
1860 if ( ! ldb_dn_validate(dn)) {
1863 if (num >= dn->comp_num) return NULL;
1864 return &dn->components[num].value;
1867 const char *ldb_dn_get_rdn_name(struct ldb_dn *dn)
1869 if ( ! ldb_dn_validate(dn)) {
1872 if (dn->comp_num == 0) return NULL;
1873 return dn->components[0].name;
1876 const struct ldb_val *ldb_dn_get_rdn_val(struct ldb_dn *dn)
1878 if ( ! ldb_dn_validate(dn)) {
1881 if (dn->comp_num == 0) return NULL;
1882 return &dn->components[0].value;
1885 int ldb_dn_set_component(struct ldb_dn *dn, int num,
1886 const char *name, const struct ldb_val val)
1891 if ( ! ldb_dn_validate(dn)) {
1892 return LDB_ERR_OTHER;
1895 if (num >= dn->comp_num) {
1896 return LDB_ERR_OTHER;
1899 n = talloc_strdup(dn, name);
1901 return LDB_ERR_OTHER;
1904 v.length = val.length;
1905 v.data = (uint8_t *)talloc_memdup(dn, val.data, v.length+1);
1908 return LDB_ERR_OTHER;
1911 talloc_free(dn->components[num].name);
1912 talloc_free(dn->components[num].value.data);
1913 dn->components[num].name = n;
1914 dn->components[num].value = v;
1916 if (dn->valid_case) {
1918 for (i = 0; i < dn->comp_num; i++) {
1919 LDB_FREE(dn->components[i].cf_name);
1920 LDB_FREE(dn->components[i].cf_value.data);
1922 dn->valid_case = false;
1924 LDB_FREE(dn->casefold);
1925 LDB_FREE(dn->linearized);
1927 /* Wipe the ext_linearized DN,
1928 * the GUID and SID are almost certainly no longer valid */
1929 LDB_FREE(dn->ext_linearized);
1930 LDB_FREE(dn->ext_components);
1931 dn->ext_comp_num = 0;
1936 const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn,
1940 if ( ! ldb_dn_validate(dn)) {
1943 for (i=0; i < dn->ext_comp_num; i++) {
1944 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1945 return &dn->ext_components[i].value;
1951 int ldb_dn_set_extended_component(struct ldb_dn *dn,
1952 const char *name, const struct ldb_val *val)
1954 struct ldb_dn_ext_component *p;
1958 if ( ! ldb_dn_validate(dn)) {
1959 return LDB_ERR_OTHER;
1962 if (!ldb_dn_extended_syntax_by_name(dn->ldb, name)) {
1963 /* We don't know how to handle this type of thing */
1964 return LDB_ERR_INVALID_DN_SYNTAX;
1967 for (i=0; i < dn->ext_comp_num; i++) {
1968 if (ldb_attr_cmp(dn->ext_components[i].name, name) == 0) {
1970 dn->ext_components[i].value =
1971 ldb_val_dup(dn->ext_components, val);
1973 dn->ext_components[i].name =
1974 talloc_strdup(dn->ext_components, name);
1975 if (!dn->ext_components[i].name ||
1976 !dn->ext_components[i].value.data) {
1977 ldb_dn_mark_invalid(dn);
1978 return LDB_ERR_OPERATIONS_ERROR;
1981 if (i != (dn->ext_comp_num - 1)) {
1982 memmove(&dn->ext_components[i],
1983 &dn->ext_components[i+1],
1984 ((dn->ext_comp_num-1) - i) *
1985 sizeof(*dn->ext_components));
1989 dn->ext_components = talloc_realloc(dn,
1991 struct ldb_dn_ext_component,
1993 if (!dn->ext_components) {
1994 ldb_dn_mark_invalid(dn);
1995 return LDB_ERR_OPERATIONS_ERROR;
1998 LDB_FREE(dn->ext_linearized);
2005 /* removing a value that doesn't exist is not an error */
2011 p = dn->ext_components
2012 = talloc_realloc(dn,
2014 struct ldb_dn_ext_component,
2015 dn->ext_comp_num + 1);
2016 if (!dn->ext_components) {
2017 ldb_dn_mark_invalid(dn);
2018 return LDB_ERR_OPERATIONS_ERROR;
2021 p[dn->ext_comp_num].value = ldb_val_dup(dn->ext_components, &v2);
2022 p[dn->ext_comp_num].name = talloc_strdup(p, name);
2024 if (!dn->ext_components[i].name || !dn->ext_components[i].value.data) {
2025 ldb_dn_mark_invalid(dn);
2026 return LDB_ERR_OPERATIONS_ERROR;
2028 dn->ext_components = p;
2031 LDB_FREE(dn->ext_linearized);
2036 void ldb_dn_remove_extended_components(struct ldb_dn *dn)
2038 LDB_FREE(dn->ext_linearized);
2039 LDB_FREE(dn->ext_components);
2040 dn->ext_comp_num = 0;
2043 bool ldb_dn_is_valid(struct ldb_dn *dn)
2045 if ( ! dn) return false;
2046 return ! dn->invalid;
2049 bool ldb_dn_is_special(struct ldb_dn *dn)
2051 if ( ! dn || dn->invalid) return false;
2055 bool ldb_dn_has_extended(struct ldb_dn *dn)
2057 if ( ! dn || dn->invalid) return false;
2058 if (dn->ext_linearized && (dn->ext_linearized[0] == '<')) return true;
2059 return dn->ext_comp_num != 0;
2062 bool ldb_dn_check_special(struct ldb_dn *dn, const char *check)
2064 if ( ! dn || dn->invalid) return false;
2065 return ! strcmp(dn->linearized, check);
2068 bool ldb_dn_is_null(struct ldb_dn *dn)
2070 if ( ! dn || dn->invalid) return false;
2071 if (ldb_dn_has_extended(dn)) return false;
2072 if (dn->linearized && (dn->linearized[0] == '\0')) return true;
2077 this updates dn->components, taking the components from ref_dn.
2078 This is used by code that wants to update the DN path of a DN
2079 while not impacting on the extended DN components
2081 int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn)
2083 dn->components = talloc_realloc(dn, dn->components,
2084 struct ldb_dn_component, ref_dn->comp_num);
2085 if (!dn->components) {
2086 return LDB_ERR_OPERATIONS_ERROR;
2088 memcpy(dn->components, ref_dn->components,
2089 sizeof(struct ldb_dn_component)*ref_dn->comp_num);
2090 dn->comp_num = ref_dn->comp_num;
2092 LDB_FREE(dn->casefold);
2093 LDB_FREE(dn->linearized);
2094 LDB_FREE(dn->ext_linearized);
2100 minimise a DN. The caller must pass in a validated DN.
2102 If the DN has an extended component then only the first extended
2103 component is kept, the DN string is stripped.
2105 The existing dn is modified
2107 bool ldb_dn_minimise(struct ldb_dn *dn)
2111 if (!ldb_dn_validate(dn)) {
2114 if (dn->ext_comp_num == 0) {
2118 /* free components */
2119 for (i = 0; i < dn->comp_num; i++) {
2120 LDB_FREE(dn->components[i].name);
2121 LDB_FREE(dn->components[i].value.data);
2122 LDB_FREE(dn->components[i].cf_name);
2123 LDB_FREE(dn->components[i].cf_value.data);
2126 dn->valid_case = false;
2128 LDB_FREE(dn->casefold);
2129 LDB_FREE(dn->linearized);
2131 /* note that we don't free dn->components as this there are
2132 * several places in ldb_dn.c that rely on it being non-NULL
2133 * for an exploded DN
2136 for (i = 1; i < dn->ext_comp_num; i++) {
2137 LDB_FREE(dn->ext_components[i].name);
2138 LDB_FREE(dn->ext_components[i].value.data);
2140 dn->ext_comp_num = 1;
2142 dn->ext_components = talloc_realloc(dn, dn->ext_components, struct ldb_dn_ext_component, 1);
2143 if (dn->ext_components == NULL) {
2144 ldb_dn_mark_invalid(dn);
2148 LDB_FREE(dn->ext_linearized);