2 ldb database library - ldif handlers for Samba
4 Copyright (C) Andrew Tridgell 2005
5 Copyright (C) Andrew Bartlett 2006-2009
6 Copyright (C) Matthias Dieter Wallnöfer 2009
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
26 #include "lib/ldb/include/ldb.h"
27 #include "lib/ldb/include/ldb_module.h"
28 #include "ldb_handlers.h"
29 #include "dsdb/samdb/samdb.h"
30 #include "librpc/gen_ndr/ndr_security.h"
31 #include "librpc/gen_ndr/ndr_misc.h"
32 #include "librpc/gen_ndr/ndr_drsblobs.h"
33 #include "librpc/ndr/libndr.h"
34 #include "libcli/security/security.h"
35 #include "param/param.h"
36 #include "../lib/util/asn1.h"
39 use ndr_print_* to convert a NDR formatted blob to a ldif formatted blob
41 If mask_errors is true, then function succeeds but out data
42 is set to "<Unable to decode binary data>" message
44 \return 0 on success; -1 on error
46 static int ldif_write_NDR(struct ldb_context *ldb, void *mem_ctx,
47 const struct ldb_val *in, struct ldb_val *out,
49 ndr_pull_flags_fn_t pull_fn,
50 ndr_print_fn_t print_fn,
54 enum ndr_err_code err;
55 if (!(ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY)) {
56 return ldb_handler_copy(ldb, mem_ctx, in, out);
58 p = talloc_size(mem_ctx, struct_size);
59 err = ndr_pull_struct_blob(in, mem_ctx,
61 if (err != NDR_ERR_SUCCESS) {
62 /* fail in not in mask_error mode */
67 out->data = (uint8_t *)talloc_strdup(mem_ctx, "<Unable to decode binary data>");
68 out->length = strlen((const char *)out->data);
71 out->data = (uint8_t *)ndr_print_struct_string(mem_ctx, print_fn, "NDR", p);
73 if (out->data == NULL) {
74 return ldb_handler_copy(ldb, mem_ctx, in, out);
76 out->length = strlen((char *)out->data);
81 convert a ldif formatted objectSid to a NDR formatted blob
83 static int ldif_read_objectSid(struct ldb_context *ldb, void *mem_ctx,
84 const struct ldb_val *in, struct ldb_val *out)
86 enum ndr_err_code ndr_err;
88 sid = dom_sid_parse_length(mem_ctx, in);
92 ndr_err = ndr_push_struct_blob(out, mem_ctx, sid,
93 (ndr_push_flags_fn_t)ndr_push_dom_sid);
95 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
102 convert a NDR formatted blob to a ldif formatted objectSid
104 int ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx,
105 const struct ldb_val *in, struct ldb_val *out)
108 enum ndr_err_code ndr_err;
110 sid = talloc(mem_ctx, struct dom_sid);
114 ndr_err = ndr_pull_struct_blob_all(in, sid, sid,
115 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
116 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
120 *out = data_blob_string_const(dom_sid_string(mem_ctx, sid));
122 if (out->data == NULL) {
128 bool ldif_comparision_objectSid_isString(const struct ldb_val *v)
134 if (strncmp("S-", (const char *)v->data, 2) != 0) return false;
140 compare two objectSids
142 static int ldif_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx,
143 const struct ldb_val *v1, const struct ldb_val *v2)
145 if (ldif_comparision_objectSid_isString(v1) && ldif_comparision_objectSid_isString(v2)) {
146 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
147 } else if (ldif_comparision_objectSid_isString(v1)
148 && !ldif_comparision_objectSid_isString(v2)) {
151 if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) {
152 /* Perhaps not a string after all */
153 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
155 ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
158 } else if (!ldif_comparision_objectSid_isString(v1)
159 && ldif_comparision_objectSid_isString(v2)) {
162 if (ldif_read_objectSid(ldb, mem_ctx, v2, &v) != 0) {
163 /* Perhaps not a string after all */
164 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
166 ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
170 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
174 canonicalise a objectSid
176 static int ldif_canonicalise_objectSid(struct ldb_context *ldb, void *mem_ctx,
177 const struct ldb_val *in, struct ldb_val *out)
179 if (ldif_comparision_objectSid_isString(in)) {
180 if (ldif_read_objectSid(ldb, mem_ctx, in, out) != 0) {
181 /* Perhaps not a string after all */
182 return ldb_handler_copy(ldb, mem_ctx, in, out);
186 return ldb_handler_copy(ldb, mem_ctx, in, out);
189 static int extended_dn_read_SID(struct ldb_context *ldb, void *mem_ctx,
190 const struct ldb_val *in, struct ldb_val *out)
193 enum ndr_err_code ndr_err;
194 if (ldif_comparision_objectSid_isString(in)) {
195 if (ldif_read_objectSid(ldb, mem_ctx, in, out) == 0) {
200 /* Perhaps not a string after all */
201 *out = data_blob_talloc(mem_ctx, NULL, in->length/2+1);
207 (*out).length = strhex_to_str((char *)out->data, out->length,
208 (const char *)in->data, in->length);
210 /* Check it looks like a SID */
211 ndr_err = ndr_pull_struct_blob_all(out, mem_ctx, &sid,
212 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
213 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
220 convert a ldif formatted objectGUID to a NDR formatted blob
222 static int ldif_read_objectGUID(struct ldb_context *ldb, void *mem_ctx,
223 const struct ldb_val *in, struct ldb_val *out)
228 status = GUID_from_data_blob(in, &guid);
229 if (!NT_STATUS_IS_OK(status)) {
233 status = GUID_to_ndr_blob(&guid, mem_ctx, out);
234 if (!NT_STATUS_IS_OK(status)) {
241 convert a NDR formatted blob to a ldif formatted objectGUID
243 static int ldif_write_objectGUID(struct ldb_context *ldb, void *mem_ctx,
244 const struct ldb_val *in, struct ldb_val *out)
249 status = GUID_from_ndr_blob(in, &guid);
250 if (!NT_STATUS_IS_OK(status)) {
253 out->data = (uint8_t *)GUID_string(mem_ctx, &guid);
254 if (out->data == NULL) {
257 out->length = strlen((const char *)out->data);
261 static bool ldif_comparision_objectGUID_isString(const struct ldb_val *v)
263 if (v->length != 36 && v->length != 38) return false;
265 /* Might be a GUID string, can't be a binary GUID (fixed 16 bytes) */
269 static int extended_dn_read_GUID(struct ldb_context *ldb, void *mem_ctx,
270 const struct ldb_val *in, struct ldb_val *out)
275 if (in->length == 36 && ldif_read_objectGUID(ldb, mem_ctx, in, out) == 0) {
279 /* Try as 'hex' form */
280 if (in->length != 32) {
284 *out = data_blob_talloc(mem_ctx, NULL, in->length/2+1);
290 (*out).length = strhex_to_str((char *)out->data, out->length,
291 (const char *)in->data, in->length);
293 /* Check it looks like a GUID */
294 status = GUID_from_ndr_blob(out, &guid);
295 if (!NT_STATUS_IS_OK(status)) {
303 compare two objectGUIDs
305 static int ldif_comparison_objectGUID(struct ldb_context *ldb, void *mem_ctx,
306 const struct ldb_val *v1, const struct ldb_val *v2)
308 if (ldif_comparision_objectGUID_isString(v1) && ldif_comparision_objectGUID_isString(v2)) {
309 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
310 } else if (ldif_comparision_objectGUID_isString(v1)
311 && !ldif_comparision_objectGUID_isString(v2)) {
314 if (ldif_read_objectGUID(ldb, mem_ctx, v1, &v) != 0) {
315 /* Perhaps it wasn't a valid string after all */
316 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
318 ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
321 } else if (!ldif_comparision_objectGUID_isString(v1)
322 && ldif_comparision_objectGUID_isString(v2)) {
325 if (ldif_read_objectGUID(ldb, mem_ctx, v2, &v) != 0) {
326 /* Perhaps it wasn't a valid string after all */
327 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
329 ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
333 return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
337 canonicalise a objectGUID
339 static int ldif_canonicalise_objectGUID(struct ldb_context *ldb, void *mem_ctx,
340 const struct ldb_val *in, struct ldb_val *out)
342 if (ldif_comparision_objectGUID_isString(in)) {
343 if (ldif_read_objectGUID(ldb, mem_ctx, in, out) != 0) {
344 /* Perhaps it wasn't a valid string after all */
345 return ldb_handler_copy(ldb, mem_ctx, in, out);
349 return ldb_handler_copy(ldb, mem_ctx, in, out);
354 convert a ldif (SDDL) formatted ntSecurityDescriptor to a NDR formatted blob
356 static int ldif_read_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ctx,
357 const struct ldb_val *in, struct ldb_val *out)
359 struct security_descriptor *sd;
360 enum ndr_err_code ndr_err;
362 sd = talloc(mem_ctx, struct security_descriptor);
367 ndr_err = ndr_pull_struct_blob(in, sd, sd,
368 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
369 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
370 /* If this does not parse, then it is probably SDDL, and we should try it that way */
372 const struct dom_sid *sid = samdb_domain_sid(ldb);
374 sd = sddl_decode(mem_ctx, (const char *)in->data, sid);
380 ndr_err = ndr_push_struct_blob(out, mem_ctx, sd,
381 (ndr_push_flags_fn_t)ndr_push_security_descriptor);
383 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
391 convert a NDR formatted blob to a ldif formatted ntSecurityDescriptor (SDDL format)
393 static int ldif_write_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ctx,
394 const struct ldb_val *in, struct ldb_val *out)
396 struct security_descriptor *sd;
397 enum ndr_err_code ndr_err;
399 if (ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY) {
400 return ldif_write_NDR(ldb, mem_ctx, in, out,
401 sizeof(struct security_descriptor),
402 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor,
403 (ndr_print_fn_t)ndr_print_security_descriptor,
408 sd = talloc(mem_ctx, struct security_descriptor);
412 /* We can't use ndr_pull_struct_blob_all because this contains relative pointers */
413 ndr_err = ndr_pull_struct_blob(in, sd, sd,
414 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
415 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
419 out->data = (uint8_t *)sddl_encode(mem_ctx, sd, samdb_domain_sid_cache_only(ldb));
421 if (out->data == NULL) {
424 out->length = strlen((const char *)out->data);
429 canonicalise an objectCategory. We use the short form as the cannoical form:
430 cn=Person,cn=Schema,cn=Configuration,<basedn> becomes 'person'
433 static int ldif_canonicalise_objectCategory(struct ldb_context *ldb, void *mem_ctx,
434 const struct ldb_val *in, struct ldb_val *out)
436 struct ldb_dn *dn1 = NULL;
437 const struct dsdb_schema *schema = dsdb_get_schema(ldb, NULL);
438 const struct dsdb_class *sclass;
439 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
441 return LDB_ERR_OPERATIONS_ERROR;
445 talloc_free(tmp_ctx);
446 *out = data_blob_talloc(mem_ctx, in->data, in->length);
447 if (in->data && !out->data) {
448 return LDB_ERR_OPERATIONS_ERROR;
452 dn1 = ldb_dn_from_ldb_val(tmp_ctx, ldb, in);
453 if ( ! ldb_dn_validate(dn1)) {
454 const char *lDAPDisplayName = talloc_strndup(tmp_ctx, (char *)in->data, in->length);
455 sclass = dsdb_class_by_lDAPDisplayName(schema, lDAPDisplayName);
457 struct ldb_dn *dn = ldb_dn_new(mem_ctx, ldb,
458 sclass->defaultObjectCategory);
459 *out = data_blob_string_const(ldb_dn_alloc_casefold(mem_ctx, dn));
460 talloc_free(tmp_ctx);
463 return LDB_ERR_OPERATIONS_ERROR;
467 *out = data_blob_talloc(mem_ctx, in->data, in->length);
468 talloc_free(tmp_ctx);
470 if (in->data && !out->data) {
471 return LDB_ERR_OPERATIONS_ERROR;
476 *out = data_blob_string_const(ldb_dn_alloc_casefold(mem_ctx, dn1));
477 talloc_free(tmp_ctx);
480 return LDB_ERR_OPERATIONS_ERROR;
485 static int ldif_comparison_objectCategory(struct ldb_context *ldb, void *mem_ctx,
486 const struct ldb_val *v1,
487 const struct ldb_val *v2)
489 return ldb_any_comparison(ldb, mem_ctx, ldif_canonicalise_objectCategory,
494 convert a NDR formatted blob to a ldif formatted schemaInfo
496 static int ldif_write_schemaInfo(struct ldb_context *ldb, void *mem_ctx,
497 const struct ldb_val *in, struct ldb_val *out)
499 return ldif_write_NDR(ldb, mem_ctx, in, out,
500 sizeof(struct repsFromToBlob),
501 (ndr_pull_flags_fn_t)ndr_pull_schemaInfoBlob,
502 (ndr_print_fn_t)ndr_print_schemaInfoBlob,
507 convert a ldif formatted prefixMap to a NDR formatted blob
509 static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx,
510 const struct ldb_val *in, struct ldb_val *out)
512 struct prefixMapBlob *blob;
513 enum ndr_err_code ndr_err;
514 char *string, *line, *p, *oid;
517 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
519 if (tmp_ctx == NULL) {
523 blob = talloc_zero(tmp_ctx, struct prefixMapBlob);
529 blob->version = PREFIX_MAP_VERSION_DSDB;
531 string = talloc_strndup(mem_ctx, (const char *)in->data, in->length);
532 if (string == NULL) {
538 while (line && line[0]) {
543 p=strchr(line, '\n');
548 /* allow a trailing separator */
553 blob->ctr.dsdb.mappings = talloc_realloc(blob,
554 blob->ctr.dsdb.mappings,
555 struct drsuapi_DsReplicaOIDMapping,
556 blob->ctr.dsdb.num_mappings+1);
557 if (!blob->ctr.dsdb.mappings) {
558 talloc_free(tmp_ctx);
562 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = strtoul(line, &oid, 10);
565 talloc_free(tmp_ctx);
569 /* we know there must be at least ":" */
572 if (!ber_write_partial_OID_String(blob->ctr.dsdb.mappings, &oid_blob, oid)) {
573 talloc_free(tmp_ctx);
576 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.length = oid_blob.length;
577 blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].oid.binary_oid = oid_blob.data;
579 blob->ctr.dsdb.num_mappings++;
581 /* Now look past the terminator we added above */
589 ndr_err = ndr_push_struct_blob(out, mem_ctx,
591 (ndr_push_flags_fn_t)ndr_push_prefixMapBlob);
592 talloc_free(tmp_ctx);
593 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
600 convert a NDR formatted blob to a ldif formatted prefixMap
602 static int ldif_write_prefixMap(struct ldb_context *ldb, void *mem_ctx,
603 const struct ldb_val *in, struct ldb_val *out)
605 struct prefixMapBlob *blob;
606 enum ndr_err_code ndr_err;
610 if (ldb_get_flags(ldb) & LDB_FLG_SHOW_BINARY) {
612 /* try to decode the blob as S4 prefixMap */
613 err = ldif_write_NDR(ldb, mem_ctx, in, out,
614 sizeof(struct prefixMapBlob),
615 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob,
616 (ndr_print_fn_t)ndr_print_prefixMapBlob,
621 /* try parsing it as Windows PrefixMap value */
622 return ldif_write_NDR(ldb, mem_ctx, in, out,
623 sizeof(struct drsuapi_MSPrefixMap_Ctr),
624 (ndr_pull_flags_fn_t)ndr_pull_drsuapi_MSPrefixMap_Ctr,
625 (ndr_print_fn_t)ndr_print_drsuapi_MSPrefixMap_Ctr,
629 blob = talloc(mem_ctx, struct prefixMapBlob);
633 ndr_err = ndr_pull_struct_blob_all(in, blob,
635 (ndr_pull_flags_fn_t)ndr_pull_prefixMapBlob);
636 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
639 if (blob->version != PREFIX_MAP_VERSION_DSDB) {
642 string = talloc_strdup(mem_ctx, "");
643 if (string == NULL) {
647 for (i=0; i < blob->ctr.dsdb.num_mappings; i++) {
649 const char *partial_oid = NULL;
652 string = talloc_asprintf_append(string, ";");
655 oid_blob = data_blob_const(blob->ctr.dsdb.mappings[i].oid.binary_oid,
656 blob->ctr.dsdb.mappings[i].oid.length);
657 if (!ber_read_partial_OID_String(blob, oid_blob, &partial_oid)) {
658 DEBUG(0, ("ber_read_partial_OID failed on prefixMap item with id: 0x%X",
659 blob->ctr.dsdb.mappings[i].id_prefix));
662 string = talloc_asprintf_append(string, "%u:%s",
663 blob->ctr.dsdb.mappings[i].id_prefix,
665 talloc_free(discard_const(partial_oid));
666 if (string == NULL) {
672 *out = data_blob_string_const(string);
680 static bool ldif_comparision_prefixMap_isString(const struct ldb_val *v)
686 if (IVAL(v->data, 0) == PREFIX_MAP_VERSION_DSDB) {
694 canonicalise a prefixMap
696 static int ldif_canonicalise_prefixMap(struct ldb_context *ldb, void *mem_ctx,
697 const struct ldb_val *in, struct ldb_val *out)
699 if (ldif_comparision_prefixMap_isString(in)) {
700 return ldif_read_prefixMap(ldb, mem_ctx, in, out);
702 return ldb_handler_copy(ldb, mem_ctx, in, out);
705 static int ldif_comparison_prefixMap(struct ldb_context *ldb, void *mem_ctx,
706 const struct ldb_val *v1,
707 const struct ldb_val *v2)
709 return ldb_any_comparison(ldb, mem_ctx, ldif_canonicalise_prefixMap,
713 /* length limited conversion of a ldb_val to a int32_t */
714 static int val_to_int32(const struct ldb_val *in, int32_t *v)
719 /* make sure we don't read past the end of the data */
720 if (in->length > sizeof(buf)-1) {
721 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
723 strncpy(buf, (char *)in->data, in->length);
726 /* We've to use "strtoll" here to have the intended overflows.
727 * Otherwise we may get "LONG_MAX" and the conversion is wrong. */
728 *v = (int32_t) strtoll(buf, &end, 0);
730 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
735 /* length limited conversion of a ldb_val to a int64_t */
736 static int val_to_int64(const struct ldb_val *in, int64_t *v)
741 /* make sure we don't read past the end of the data */
742 if (in->length > sizeof(buf)-1) {
743 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
745 strncpy(buf, (char *)in->data, in->length);
748 *v = (int64_t) strtoll(buf, &end, 0);
750 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
755 /* Canonicalisation of two 32-bit integers */
756 static int ldif_canonicalise_int32(struct ldb_context *ldb, void *mem_ctx,
757 const struct ldb_val *in, struct ldb_val *out)
762 ret = val_to_int32(in, &i);
763 if (ret != LDB_SUCCESS) {
766 out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%d", i);
767 if (out->data == NULL) {
769 return LDB_ERR_OPERATIONS_ERROR;
771 out->length = strlen((char *)out->data);
775 /* Comparison of two 32-bit integers */
776 static int ldif_comparison_int32(struct ldb_context *ldb, void *mem_ctx,
777 const struct ldb_val *v1, const struct ldb_val *v2)
780 val_to_int32(v1, &i1);
781 val_to_int32(v2, &i2);
782 if (i1 == i2) return 0;
783 return i1 > i2? 1 : -1;
786 /* Canonicalisation of two 64-bit integers */
787 static int ldif_canonicalise_int64(struct ldb_context *ldb, void *mem_ctx,
788 const struct ldb_val *in, struct ldb_val *out)
793 ret = val_to_int64(in, &i);
794 if (ret != LDB_SUCCESS) {
797 out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%lld", (long long)i);
798 if (out->data == NULL) {
800 return LDB_ERR_OPERATIONS_ERROR;
802 out->length = strlen((char *)out->data);
806 /* Comparison of two 64-bit integers */
807 static int ldif_comparison_int64(struct ldb_context *ldb, void *mem_ctx,
808 const struct ldb_val *v1, const struct ldb_val *v2)
811 val_to_int64(v1, &i1);
812 val_to_int64(v2, &i2);
813 if (i1 == i2) return 0;
814 return i1 > i2? 1 : -1;
818 convert a NDR formatted blob to a ldif formatted repsFromTo
820 static int ldif_write_repsFromTo(struct ldb_context *ldb, void *mem_ctx,
821 const struct ldb_val *in, struct ldb_val *out)
823 return ldif_write_NDR(ldb, mem_ctx, in, out,
824 sizeof(struct repsFromToBlob),
825 (ndr_pull_flags_fn_t)ndr_pull_repsFromToBlob,
826 (ndr_print_fn_t)ndr_print_repsFromToBlob,
831 convert a NDR formatted blob to a ldif formatted replPropertyMetaData
833 static int ldif_write_replPropertyMetaData(struct ldb_context *ldb, void *mem_ctx,
834 const struct ldb_val *in, struct ldb_val *out)
836 return ldif_write_NDR(ldb, mem_ctx, in, out,
837 sizeof(struct replPropertyMetaDataBlob),
838 (ndr_pull_flags_fn_t)ndr_pull_replPropertyMetaDataBlob,
839 (ndr_print_fn_t)ndr_print_replPropertyMetaDataBlob,
844 convert a NDR formatted blob to a ldif formatted replUpToDateVector
846 static int ldif_write_replUpToDateVector(struct ldb_context *ldb, void *mem_ctx,
847 const struct ldb_val *in, struct ldb_val *out)
849 return ldif_write_NDR(ldb, mem_ctx, in, out,
850 sizeof(struct replUpToDateVectorBlob),
851 (ndr_pull_flags_fn_t)ndr_pull_replUpToDateVectorBlob,
852 (ndr_print_fn_t)ndr_print_replUpToDateVectorBlob,
857 static int extended_dn_write_hex(struct ldb_context *ldb, void *mem_ctx,
858 const struct ldb_val *in, struct ldb_val *out)
860 *out = data_blob_string_const(data_blob_hex_string_lower(mem_ctx, in));
869 write a 64 bit 2-part range
871 static int ldif_write_range64(struct ldb_context *ldb, void *mem_ctx,
872 const struct ldb_val *in, struct ldb_val *out)
876 ret = val_to_int64(in, &v);
877 if (ret != LDB_SUCCESS) {
880 out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%lu-%lu",
881 (unsigned long)(v&0xFFFFFFFF),
882 (unsigned long)(v>>32));
883 if (out->data == NULL) {
885 return LDB_ERR_OPERATIONS_ERROR;
887 out->length = strlen((char *)out->data);
892 read a 64 bit 2-part range
894 static int ldif_read_range64(struct ldb_context *ldb, void *mem_ctx,
895 const struct ldb_val *in, struct ldb_val *out)
897 unsigned long high, low;
900 if (memchr(in->data, '-', in->length) == NULL) {
901 return ldb_handler_copy(ldb, mem_ctx, in, out);
904 if (in->length > sizeof(buf)-1) {
905 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
907 strncpy(buf, (const char *)in->data, in->length);
910 if (sscanf(buf, "%lu-%lu", &low, &high) != 2) {
911 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
914 out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%llu",
915 (unsigned long long)(((uint64_t)high)<<32) | (low));
917 if (out->data == NULL) {
919 return LDB_ERR_OPERATIONS_ERROR;
921 out->length = strlen((char *)out->data);
925 static const struct ldb_schema_syntax samba_syntaxes[] = {
927 .name = LDB_SYNTAX_SAMBA_SID,
928 .ldif_read_fn = ldif_read_objectSid,
929 .ldif_write_fn = ldif_write_objectSid,
930 .canonicalise_fn = ldif_canonicalise_objectSid,
931 .comparison_fn = ldif_comparison_objectSid
933 .name = LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR,
934 .ldif_read_fn = ldif_read_ntSecurityDescriptor,
935 .ldif_write_fn = ldif_write_ntSecurityDescriptor,
936 .canonicalise_fn = ldb_handler_copy,
937 .comparison_fn = ldb_comparison_binary
939 .name = LDB_SYNTAX_SAMBA_GUID,
940 .ldif_read_fn = ldif_read_objectGUID,
941 .ldif_write_fn = ldif_write_objectGUID,
942 .canonicalise_fn = ldif_canonicalise_objectGUID,
943 .comparison_fn = ldif_comparison_objectGUID
945 .name = LDB_SYNTAX_SAMBA_OBJECT_CATEGORY,
946 .ldif_read_fn = ldb_handler_copy,
947 .ldif_write_fn = ldb_handler_copy,
948 .canonicalise_fn = ldif_canonicalise_objectCategory,
949 .comparison_fn = ldif_comparison_objectCategory
951 .name = LDB_SYNTAX_SAMBA_SCHEMAINFO,
952 .ldif_read_fn = ldb_handler_copy,
953 .ldif_write_fn = ldif_write_schemaInfo,
954 .canonicalise_fn = ldb_handler_copy,
955 .comparison_fn = ldb_comparison_binary
957 .name = LDB_SYNTAX_SAMBA_PREFIX_MAP,
958 .ldif_read_fn = ldif_read_prefixMap,
959 .ldif_write_fn = ldif_write_prefixMap,
960 .canonicalise_fn = ldif_canonicalise_prefixMap,
961 .comparison_fn = ldif_comparison_prefixMap
963 .name = LDB_SYNTAX_SAMBA_INT32,
964 .ldif_read_fn = ldb_handler_copy,
965 .ldif_write_fn = ldb_handler_copy,
966 .canonicalise_fn = ldif_canonicalise_int32,
967 .comparison_fn = ldif_comparison_int32
969 .name = LDB_SYNTAX_SAMBA_REPSFROMTO,
970 .ldif_read_fn = ldb_handler_copy,
971 .ldif_write_fn = ldif_write_repsFromTo,
972 .canonicalise_fn = ldb_handler_copy,
973 .comparison_fn = ldb_comparison_binary
975 .name = LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA,
976 .ldif_read_fn = ldb_handler_copy,
977 .ldif_write_fn = ldif_write_replPropertyMetaData,
978 .canonicalise_fn = ldb_handler_copy,
979 .comparison_fn = ldb_comparison_binary
981 .name = LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR,
982 .ldif_read_fn = ldb_handler_copy,
983 .ldif_write_fn = ldif_write_replUpToDateVector,
984 .canonicalise_fn = ldb_handler_copy,
985 .comparison_fn = ldb_comparison_binary
987 .name = DSDB_SYNTAX_BINARY_DN,
988 .ldif_read_fn = ldb_handler_copy,
989 .ldif_write_fn = ldb_handler_copy,
990 .canonicalise_fn = dsdb_dn_binary_canonicalise,
991 .comparison_fn = dsdb_dn_binary_comparison
993 .name = DSDB_SYNTAX_STRING_DN,
994 .ldif_read_fn = ldb_handler_copy,
995 .ldif_write_fn = ldb_handler_copy,
996 .canonicalise_fn = dsdb_dn_string_canonicalise,
997 .comparison_fn = dsdb_dn_string_comparison
999 .name = LDB_SYNTAX_SAMBA_RANGE64,
1000 .ldif_read_fn = ldif_read_range64,
1001 .ldif_write_fn = ldif_write_range64,
1002 .canonicalise_fn = ldif_canonicalise_int64,
1003 .comparison_fn = ldif_comparison_int64
1007 static const struct ldb_dn_extended_syntax samba_dn_syntax[] = {
1010 .read_fn = extended_dn_read_SID,
1011 .write_clear_fn = ldif_write_objectSid,
1012 .write_hex_fn = extended_dn_write_hex
1015 .read_fn = extended_dn_read_GUID,
1016 .write_clear_fn = ldif_write_objectGUID,
1017 .write_hex_fn = extended_dn_write_hex
1020 .read_fn = ldb_handler_copy,
1021 .write_clear_fn = ldb_handler_copy,
1022 .write_hex_fn = ldb_handler_copy
1024 .name = "RMD_INVOCID",
1025 .read_fn = extended_dn_read_GUID,
1026 .write_clear_fn = ldif_write_objectGUID,
1027 .write_hex_fn = extended_dn_write_hex
1029 .name = "RMD_FLAGS",
1030 .read_fn = ldb_handler_copy,
1031 .write_clear_fn = ldb_handler_copy,
1032 .write_hex_fn = ldb_handler_copy
1034 .name = "RMD_ADDTIME",
1035 .read_fn = ldb_handler_copy,
1036 .write_clear_fn = ldb_handler_copy,
1037 .write_hex_fn = ldb_handler_copy
1039 .name = "RMD_CHANGETIME",
1040 .read_fn = ldb_handler_copy,
1041 .write_clear_fn = ldb_handler_copy,
1042 .write_hex_fn = ldb_handler_copy
1044 .name = "RMD_LOCAL_USN",
1045 .read_fn = ldb_handler_copy,
1046 .write_clear_fn = ldb_handler_copy,
1047 .write_hex_fn = ldb_handler_copy
1049 .name = "RMD_ORIGINATING_USN",
1050 .read_fn = ldb_handler_copy,
1051 .write_clear_fn = ldb_handler_copy,
1052 .write_hex_fn = ldb_handler_copy
1054 .name = "RMD_VERSION",
1055 .read_fn = ldb_handler_copy,
1056 .write_clear_fn = ldb_handler_copy,
1057 .write_hex_fn = ldb_handler_copy
1061 /* TODO: Should be dynamic at some point */
1062 static const struct {
1065 } samba_attributes[] = {
1066 { "objectSid", LDB_SYNTAX_SAMBA_SID },
1067 { "securityIdentifier", LDB_SYNTAX_SAMBA_SID },
1068 { "tokenGroups", LDB_SYNTAX_SAMBA_SID },
1069 { "ntSecurityDescriptor", LDB_SYNTAX_SAMBA_SECURITY_DESCRIPTOR },
1070 { "objectGUID", LDB_SYNTAX_SAMBA_GUID },
1071 { "invocationId", LDB_SYNTAX_SAMBA_GUID },
1072 { "schemaIDGUID", LDB_SYNTAX_SAMBA_GUID },
1073 { "oMSyntax", LDB_SYNTAX_SAMBA_INT32 },
1074 { "attributeSecurityGUID", LDB_SYNTAX_SAMBA_GUID },
1075 { "parentGUID", LDB_SYNTAX_SAMBA_GUID },
1076 { "siteGUID", LDB_SYNTAX_SAMBA_GUID },
1077 { "pKTGUID", LDB_SYNTAX_SAMBA_GUID },
1078 { "fRSVersionGUID", LDB_SYNTAX_SAMBA_GUID },
1079 { "fRSReplicaSetGUID", LDB_SYNTAX_SAMBA_GUID },
1080 { "netbootGUID", LDB_SYNTAX_SAMBA_GUID },
1081 { "msDS-OptionalFeatureGUID", LDB_SYNTAX_SAMBA_GUID },
1082 { "objectCategory", LDB_SYNTAX_SAMBA_OBJECT_CATEGORY },
1083 { "schemaInfo", LDB_SYNTAX_SAMBA_SCHEMAINFO },
1084 { "prefixMap", LDB_SYNTAX_SAMBA_PREFIX_MAP },
1085 { "repsFrom", LDB_SYNTAX_SAMBA_REPSFROMTO },
1086 { "repsTo", LDB_SYNTAX_SAMBA_REPSFROMTO },
1087 { "replPropertyMetaData", LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA },
1088 { "replUpToDateVector", LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR },
1089 { "rIDAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 },
1090 { "rIDPreviousAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 },
1091 { "rIDAvailablePool", LDB_SYNTAX_SAMBA_RANGE64 },
1094 const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name)
1097 const struct ldb_schema_syntax *s = NULL;
1099 for (j=0; j < ARRAY_SIZE(samba_syntaxes); j++) {
1100 if (strcmp(name, samba_syntaxes[j].name) == 0) {
1101 s = &samba_syntaxes[j];
1108 const struct ldb_schema_syntax *ldb_samba_syntax_by_lDAPDisplayName(struct ldb_context *ldb, const char *name)
1111 const struct ldb_schema_syntax *s = NULL;
1113 for (j=0; j < ARRAY_SIZE(samba_attributes); j++) {
1114 if (strcmp(samba_attributes[j].name, name) == 0) {
1115 s = ldb_samba_syntax_by_name(ldb, samba_attributes[j].syntax);
1124 register the samba ldif handlers
1126 int ldb_register_samba_handlers(struct ldb_context *ldb)
1130 for (i=0; i < ARRAY_SIZE(samba_attributes); i++) {
1132 const struct ldb_schema_syntax *s = NULL;
1134 s = ldb_samba_syntax_by_name(ldb, samba_attributes[i].syntax);
1137 s = ldb_standard_syntax_by_name(ldb, samba_attributes[i].syntax);
1144 ret = ldb_schema_attribute_add_with_syntax(ldb, samba_attributes[i].name, LDB_ATTR_FLAG_FIXED, s);
1145 if (ret != LDB_SUCCESS) {
1150 for (i=0; i < ARRAY_SIZE(samba_dn_syntax); i++) {
1152 ret = ldb_dn_extended_add_syntax(ldb, LDB_ATTR_FLAG_FIXED, &samba_dn_syntax[i]);
1153 if (ret != LDB_SUCCESS) {
git.samba.org / mat / samba.git / blob