search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:torture: Fix memory leak
[Samba.git] / source4 / dsdb / samdb / ldb_modules / resolve_oids.c
blob5c1639671e59d08b077f539f290fa121395df142
1 /*
2 ldb database library
3
4 Copyright (C) Stefan Metzmacher <metze@samba.org> 2009
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "ldb_module.h"
22 #include "dsdb/samdb/samdb.h"
23
24 static int resolve_oids_need_value(struct ldb_context *ldb,
25 struct dsdb_schema *schema,
26 const struct dsdb_attribute *a,
27 const struct ldb_val *valp)
28 {
29 const struct dsdb_attribute *va = NULL;
30 const struct dsdb_class *vo = NULL;
31 const void *p2;
32 char *str = NULL;
33
34 if (a->syntax->oMSyntax != 6) {
35 return LDB_ERR_COMPARE_FALSE;
36 }
37
38 if (valp) {
39 p2 = memchr(valp->data, '.', valp->length);
40 } else {
41 p2 = NULL;
42 }
43
44 if (!p2) {
45 return LDB_ERR_COMPARE_FALSE;
46 }
47
48 switch (a->attributeID_id) {
49 case DRSUAPI_ATTID_objectClass:
50 case DRSUAPI_ATTID_subClassOf:
51 case DRSUAPI_ATTID_auxiliaryClass:
52 case DRSUAPI_ATTID_systemPossSuperiors:
53 case DRSUAPI_ATTID_possSuperiors:
54 str = talloc_strndup(ldb, (char *)valp->data, valp->length);
55 if (!str) {
56 return ldb_oom(ldb);
57 }
58 vo = dsdb_class_by_governsID_oid(schema, str);
59 talloc_free(str);
60 if (!vo) {
61 return LDB_ERR_COMPARE_FALSE;
62 }
63 return LDB_ERR_COMPARE_TRUE;
64 case DRSUAPI_ATTID_systemMustContain:
65 case DRSUAPI_ATTID_systemMayContain:
66 case DRSUAPI_ATTID_mustContain:
67 case DRSUAPI_ATTID_mayContain:
68 str = talloc_strndup(ldb, (char *)valp->data, valp->length);
69 if (!str) {
70 return ldb_oom(ldb);
71 }
72 va = dsdb_attribute_by_attributeID_oid(schema, str);
73 talloc_free(str);
74 if (!va) {
75 return LDB_ERR_COMPARE_FALSE;
76 }
77 return LDB_ERR_COMPARE_TRUE;
78 case DRSUAPI_ATTID_governsID:
79 case DRSUAPI_ATTID_attributeID:
80 case DRSUAPI_ATTID_attributeSyntax:
81 return LDB_ERR_COMPARE_FALSE;
82 }
83
84 return LDB_ERR_COMPARE_FALSE;
85 }
86
87 static int resolve_oids_parse_tree_need(struct ldb_context *ldb,
88 struct dsdb_schema *schema,
89 const struct ldb_parse_tree *tree)
90 {
91 unsigned int i;
92 const struct dsdb_attribute *a = NULL;
93 const char *attr;
94 const char *p1;
95 const void *p2;
96 const struct ldb_val *valp = NULL;
97 int ret;
98
99 switch (tree->operation) {
100 case LDB_OP_AND:
101 case LDB_OP_OR:
102 for (i=0;i<tree->u.list.num_elements;i++) {
103 ret = resolve_oids_parse_tree_need(ldb, schema,
104 tree->u.list.elements[i]);
105 if (ret != LDB_ERR_COMPARE_FALSE) {
106 return ret;
107 }
108 }
109 return LDB_ERR_COMPARE_FALSE;
110 case LDB_OP_NOT:
111 return resolve_oids_parse_tree_need(ldb, schema,
112 tree->u.isnot.child);
113 case LDB_OP_EQUALITY:
114 attr = tree->u.equality.attr;
115 valp = &tree->u.equality.value;
116 break;
117 case LDB_OP_GREATER:
118 case LDB_OP_LESS:
119 case LDB_OP_APPROX:
120 attr = tree->u.comparison.attr;
121 valp = &tree->u.comparison.value;
122 break;
123 case LDB_OP_SUBSTRING:
124 attr = tree->u.substring.attr;
125 break;
126 case LDB_OP_PRESENT:
127 attr = tree->u.present.attr;
128 break;
129 case LDB_OP_EXTENDED:
130 attr = tree->u.extended.attr;
131 valp = &tree->u.extended.value;
132 break;
133 default:
134 return LDB_ERR_COMPARE_FALSE;
135 }
136
137 p1 = strchr(attr, '.');
138
139 if (valp) {
140 p2 = memchr(valp->data, '.', valp->length);
141 } else {
142 p2 = NULL;
143 }
144
145 if (!p1 && !p2) {
146 return LDB_ERR_COMPARE_FALSE;
147 }
148
149 if (p1) {
150 a = dsdb_attribute_by_attributeID_oid(schema, attr);
151 } else {
152 a = dsdb_attribute_by_lDAPDisplayName(schema, attr);
153 }
154 if (!a) {
155 return LDB_ERR_COMPARE_FALSE;
156 }
157
158 if (!p2) {
159 return LDB_ERR_COMPARE_FALSE;
160 }
161
162 return resolve_oids_need_value(ldb, schema, a, valp);
163 }
164
165 static int resolve_oids_element_need(struct ldb_context *ldb,
166 struct dsdb_schema *schema,
167 const struct ldb_message_element *el)
168 {
169 unsigned int i;
170 const struct dsdb_attribute *a = NULL;
171 const char *p1;
172
173 p1 = strchr(el->name, '.');
174
175 if (p1) {
176 a = dsdb_attribute_by_attributeID_oid(schema, el->name);
177 } else {
178 a = dsdb_attribute_by_lDAPDisplayName(schema, el->name);
179 }
180 if (!a) {
181 return LDB_ERR_COMPARE_FALSE;
182 }
183
184 for (i=0; i < el->num_values; i++) {
185 int ret;
186 ret = resolve_oids_need_value(ldb, schema, a,
187 &el->values[i]);
188 if (ret != LDB_ERR_COMPARE_FALSE) {
189 return ret;
190 }
191 }
192
193 return LDB_ERR_COMPARE_FALSE;
194 }
195
196 static int resolve_oids_message_need(struct ldb_context *ldb,
197 struct dsdb_schema *schema,
198 const struct ldb_message *msg)
199 {
200 unsigned int i;
201
202 for (i=0; i < msg->num_elements; i++) {
203 int ret;
204 ret = resolve_oids_element_need(ldb, schema,
205 &msg->elements[i]);
206 if (ret != LDB_ERR_COMPARE_FALSE) {
207 return ret;
208 }
209 }
210
211 return LDB_ERR_COMPARE_FALSE;
212 }
213
214 static int resolve_oids_replace_value(struct ldb_context *ldb,
215 struct dsdb_schema *schema,
216 const struct dsdb_attribute *a,
217 struct ldb_val *valp)
218 {
219 const struct dsdb_attribute *va = NULL;
220 const struct dsdb_class *vo = NULL;
221 const void *p2;
222 char *str = NULL;
223
224 if (a->syntax->oMSyntax != 6) {
225 return LDB_SUCCESS;
226 }
227
228 if (valp) {
229 p2 = memchr(valp->data, '.', valp->length);
230 } else {
231 p2 = NULL;
232 }
233
234 if (!p2) {
235 return LDB_SUCCESS;
236 }
237
238 switch (a->attributeID_id) {
239 case DRSUAPI_ATTID_objectClass:
240 case DRSUAPI_ATTID_subClassOf:
241 case DRSUAPI_ATTID_auxiliaryClass:
242 case DRSUAPI_ATTID_systemPossSuperiors:
243 case DRSUAPI_ATTID_possSuperiors:
244 str = talloc_strndup(schema, (char *)valp->data, valp->length);
245 if (!str) {
246 return ldb_oom(ldb);
247 }
248 vo = dsdb_class_by_governsID_oid(schema, str);
249 talloc_free(str);
250 if (!vo) {
251 return LDB_SUCCESS;
252 }
253 *valp = data_blob_string_const(vo->lDAPDisplayName);
254 return LDB_SUCCESS;
255 case DRSUAPI_ATTID_systemMustContain:
256 case DRSUAPI_ATTID_systemMayContain:
257 case DRSUAPI_ATTID_mustContain:
258 case DRSUAPI_ATTID_mayContain:
259 str = talloc_strndup(schema, (char *)valp->data, valp->length);
260 if (!str) {
261 return ldb_oom(ldb);
262 }
263 va = dsdb_attribute_by_attributeID_oid(schema, str);
264 talloc_free(str);
265 if (!va) {
266 return LDB_SUCCESS;
267 }
268 *valp = data_blob_string_const(va->lDAPDisplayName);
269 return LDB_SUCCESS;
270 case DRSUAPI_ATTID_governsID:
271 case DRSUAPI_ATTID_attributeID:
272 case DRSUAPI_ATTID_attributeSyntax:
273 return LDB_SUCCESS;
274 }
275
276 return LDB_SUCCESS;
277 }
278
279 static int resolve_oids_parse_tree_replace(struct ldb_context *ldb,
280 struct dsdb_schema *schema,
281 struct ldb_parse_tree *tree)
282 {
283 unsigned int i;
284 const struct dsdb_attribute *a = NULL;
285 const char **attrp;
286 const char *p1;
287 const void *p2;
288 struct ldb_val *valp = NULL;
289 int ret;
290
291 switch (tree->operation) {
292 case LDB_OP_AND:
293 case LDB_OP_OR:
294 for (i=0;i<tree->u.list.num_elements;i++) {
295 ret = resolve_oids_parse_tree_replace(ldb, schema,
296 tree->u.list.elements[i]);
297 if (ret != LDB_SUCCESS) {
298 return ret;
299 }
300 }
301 return LDB_SUCCESS;
302 case LDB_OP_NOT:
303 return resolve_oids_parse_tree_replace(ldb, schema,
304 tree->u.isnot.child);
305 case LDB_OP_EQUALITY:
306 attrp = &tree->u.equality.attr;
307 valp = &tree->u.equality.value;
308 break;
309 case LDB_OP_GREATER:
310 case LDB_OP_LESS:
311 case LDB_OP_APPROX:
312 attrp = &tree->u.comparison.attr;
313 valp = &tree->u.comparison.value;
314 break;
315 case LDB_OP_SUBSTRING:
316 attrp = &tree->u.substring.attr;
317 break;
318 case LDB_OP_PRESENT:
319 attrp = &tree->u.present.attr;
320 break;
321 case LDB_OP_EXTENDED:
322 attrp = &tree->u.extended.attr;
323 valp = &tree->u.extended.value;
324 break;
325 default:
326 return LDB_SUCCESS;
327 }
328
329 p1 = strchr(*attrp, '.');
330
331 if (valp) {
332 p2 = memchr(valp->data, '.', valp->length);
333 } else {
334 p2 = NULL;
335 }
336
337 if (!p1 && !p2) {
338 return LDB_SUCCESS;
339 }
340
341 if (p1) {
342 a = dsdb_attribute_by_attributeID_oid(schema, *attrp);
343 } else {
344 a = dsdb_attribute_by_lDAPDisplayName(schema, *attrp);
345 }
346 if (!a) {
347 return LDB_SUCCESS;
348 }
349
350 *attrp = a->lDAPDisplayName;
351
352 if (!p2) {
353 return LDB_SUCCESS;
354 }
355
356 if (a->syntax->oMSyntax != 6) {
357 return LDB_SUCCESS;
358 }
359
360 return resolve_oids_replace_value(ldb, schema, a, valp);
361 }
362
363 static int resolve_oids_element_replace(struct ldb_context *ldb,
364 struct dsdb_schema *schema,
365 struct ldb_message_element *el)
366 {
367 unsigned int i;
368 const struct dsdb_attribute *a = NULL;
369 const char *p1;
370
371 p1 = strchr(el->name, '.');
372
373 if (p1) {
374 a = dsdb_attribute_by_attributeID_oid(schema, el->name);
375 } else {
376 a = dsdb_attribute_by_lDAPDisplayName(schema, el->name);
377 }
378 if (!a) {
379 return LDB_SUCCESS;
380 }
381
382 el->name = a->lDAPDisplayName;
383
384 for (i=0; i < el->num_values; i++) {
385 int ret;
386 ret = resolve_oids_replace_value(ldb, schema, a,
387 &el->values[i]);
388 if (ret != LDB_SUCCESS) {
389 return ret;
390 }
391 }
392
393 return LDB_SUCCESS;
394 }
395
396 static int resolve_oids_message_replace(struct ldb_context *ldb,
397 struct dsdb_schema *schema,
398 struct ldb_message *msg)
399 {
400 unsigned int i;
401
402 for (i=0; i < msg->num_elements; i++) {
403 int ret;
404 ret = resolve_oids_element_replace(ldb, schema,
405 &msg->elements[i]);
406 if (ret != LDB_SUCCESS) {
407 return ret;
408 }
409 }
410
411 return LDB_SUCCESS;
412 }
413
414 struct resolve_oids_context {
415 struct ldb_module *module;
416 struct ldb_request *req;
417 };
418
419 static int resolve_oids_callback(struct ldb_request *req, struct ldb_reply *ares)
420 {
421 struct resolve_oids_context *ac;
422
423 ac = talloc_get_type_abort(req->context, struct resolve_oids_context);
424
425 if (!ares) {
426 return ldb_module_done(ac->req, NULL, NULL,
427 LDB_ERR_OPERATIONS_ERROR);
428 }
429 if (ares->error != LDB_SUCCESS) {
430 return ldb_module_done(ac->req, ares->controls,
431 ares->response, ares->error);
432 }
433
434 switch (ares->type) {
435 case LDB_REPLY_ENTRY:
436 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
437
438 case LDB_REPLY_REFERRAL:
439 return ldb_module_send_referral(ac->req, ares->referral);
440
441 case LDB_REPLY_DONE:
442 return ldb_module_done(ac->req, ares->controls,
443 ares->response, LDB_SUCCESS);
444
445 }
446 return LDB_SUCCESS;
447 }
448
449 static int resolve_oids_search(struct ldb_module *module, struct ldb_request *req)
450 {
451 struct ldb_context *ldb;
452 struct dsdb_schema *schema;
453 struct ldb_parse_tree *tree;
454 struct ldb_request *down_req;
455 struct resolve_oids_context *ac;
456 int ret;
457 bool needed = false;
458 const char * const *attrs1;
459 const char **attrs2;
460 unsigned int i;
461
462 ldb = ldb_module_get_ctx(module);
463 schema = dsdb_get_schema(ldb, NULL);
464
465 if (!schema) {
466 return ldb_next_request(module, req);
467 }
468
469 /* do not manipulate our control entries */
470 if (ldb_dn_is_special(req->op.search.base)) {
471 return ldb_next_request(module, req);
472 }
473
474 ret = resolve_oids_parse_tree_need(ldb, schema,
475 req->op.search.tree);
476 if (ret == LDB_ERR_COMPARE_TRUE) {
477 needed = true;
478 } else if (ret != LDB_ERR_COMPARE_FALSE) {
479 return ret;
480 }
481
482 attrs1 = req->op.search.attrs;
483
484 for (i=0; attrs1 && attrs1[i]; i++) {
485 const char *p;
486 const struct dsdb_attribute *a;
487
488 p = strchr(attrs1[i], '.');
489 if (p == NULL) {
490 continue;
491 }
492
493 a = dsdb_attribute_by_attributeID_oid(schema, attrs1[i]);
494 if (a == NULL) {
495 continue;
496 }
497
498 needed = true;
499 break;
500 }
501
502 if (!needed) {
503 return ldb_next_request(module, req);
504 }
505
506 ac = talloc(req, struct resolve_oids_context);
507 if (ac == NULL) {
508 return ldb_oom(ldb);
509 }
510 ac->module = module;
511 ac->req = req;
512
513 tree = ldb_parse_tree_copy_shallow(ac, req->op.search.tree);
514 if (!tree) {
515 return ldb_oom(ldb);
516 }
517
518 schema = talloc_reference(tree, schema);
519 if (!schema) {
520 return ldb_oom(ldb);
521 }
522
523 ret = resolve_oids_parse_tree_replace(ldb, schema,
524 tree);
525 if (ret != LDB_SUCCESS) {
526 return ret;
527 }
528
529 attrs2 = str_list_copy_const(ac,
530 discard_const_p(const char *, req->op.search.attrs));
531 if (req->op.search.attrs && !attrs2) {
532 return ldb_oom(ldb);
533 }
534
535 for (i=0; attrs2 && attrs2[i]; i++) {
536 const char *p;
537 const struct dsdb_attribute *a;
538
539 p = strchr(attrs2[i], '.');
540 if (p == NULL) {
541 continue;
542 }
543
544 a = dsdb_attribute_by_attributeID_oid(schema, attrs2[i]);
545 if (a == NULL) {
546 continue;
547 }
548
549 attrs2[i] = a->lDAPDisplayName;
550 }
551
552 ret = ldb_build_search_req_ex(&down_req, ldb, ac,
553 req->op.search.base,
554 req->op.search.scope,
555 tree,
556 attrs2,
557 req->controls,
558 ac, resolve_oids_callback,
559 req);
560 LDB_REQ_SET_LOCATION(down_req);
561 if (ret != LDB_SUCCESS) {
562 return ret;
563 }
564
565 /* go on with the call chain */
566 return ldb_next_request(module, down_req);
567 }
568
569 static int resolve_oids_add(struct ldb_module *module, struct ldb_request *req)
570 {
571 struct ldb_context *ldb;
572 struct dsdb_schema *schema;
573 int ret;
574 struct ldb_message *msg;
575 struct ldb_request *down_req;
576 struct resolve_oids_context *ac;
577
578 ldb = ldb_module_get_ctx(module);
579 schema = dsdb_get_schema(ldb, NULL);
580
581 if (!schema) {
582 return ldb_next_request(module, req);
583 }
584
585 /* do not manipulate our control entries */
586 if (ldb_dn_is_special(req->op.add.message->dn)) {
587 return ldb_next_request(module, req);
588 }
589
590 ret = resolve_oids_message_need(ldb, schema,
591 req->op.add.message);
592 if (ret == LDB_ERR_COMPARE_FALSE) {
593 return ldb_next_request(module, req);
594 } else if (ret != LDB_ERR_COMPARE_TRUE) {
595 return ret;
596 }
597
598 ac = talloc(req, struct resolve_oids_context);
599 if (ac == NULL) {
600 return ldb_oom(ldb);
601 }
602 ac->module = module;
603 ac->req = req;
604
605 msg = ldb_msg_copy_shallow(ac, ac->req->op.add.message);
606 if (!msg) {
607 return ldb_oom(ldb);
608 }
609
610 if (!talloc_reference(msg, schema)) {
611 return ldb_oom(ldb);
612 }
613
614 ret = resolve_oids_message_replace(ldb, schema, msg);
615 if (ret != LDB_SUCCESS) {
616 return ret;
617 }
618
619 ret = ldb_build_add_req(&down_req, ldb, ac,
620 msg,
621 req->controls,
622 ac, resolve_oids_callback,
623 req);
624 LDB_REQ_SET_LOCATION(down_req);
625 if (ret != LDB_SUCCESS) {
626 return ret;
627 }
628
629 /* go on with the call chain */
630 return ldb_next_request(module, down_req);
631 }
632
633 static int resolve_oids_modify(struct ldb_module *module, struct ldb_request *req)
634 {
635 struct ldb_context *ldb;
636 struct dsdb_schema *schema;
637 int ret;
638 struct ldb_message *msg;
639 struct ldb_request *down_req;
640 struct resolve_oids_context *ac;
641
642 ldb = ldb_module_get_ctx(module);
643 schema = dsdb_get_schema(ldb, NULL);
644
645 if (!schema) {
646 return ldb_next_request(module, req);
647 }
648
649 /* do not manipulate our control entries */
650 if (ldb_dn_is_special(req->op.mod.message->dn)) {
651 return ldb_next_request(module, req);
652 }
653
654 ret = resolve_oids_message_need(ldb, schema,
655 req->op.mod.message);
656 if (ret == LDB_ERR_COMPARE_FALSE) {
657 return ldb_next_request(module, req);
658 } else if (ret != LDB_ERR_COMPARE_TRUE) {
659 return ret;
660 }
661
662 ac = talloc(req, struct resolve_oids_context);
663 if (ac == NULL) {
664 return ldb_oom(ldb);
665 }
666 ac->module = module;
667 ac->req = req;
668
669 /* we have to copy the message as the caller might have it as a const */
670 msg = ldb_msg_copy_shallow(ac, req->op.mod.message);
671 if (msg == NULL) {
672 return ldb_oom(ldb);
673 }
674
675 if (!talloc_reference(msg, schema)) {
676 return ldb_oom(ldb);
677 }
678
679 ret = resolve_oids_message_replace(ldb, schema, msg);
680 if (ret != LDB_SUCCESS) {
681 return ret;
682 }
683
684 ret = ldb_build_mod_req(&down_req, ldb, ac,
685 msg,
686 req->controls,
687 ac, resolve_oids_callback,
688 req);
689 LDB_REQ_SET_LOCATION(down_req);
690 if (ret != LDB_SUCCESS) {
691 return ret;
692 }
693
694 /* go on with the call chain */
695 return ldb_next_request(module, down_req);
696 }
697
698 static const struct ldb_module_ops ldb_resolve_oids_module_ops = {
699 .name = "resolve_oids",
700 .search = resolve_oids_search,
701 .add = resolve_oids_add,
702 .modify = resolve_oids_modify,
703 };
704
705
706 int ldb_resolve_oids_module_init(const char *version)
707 {
708 LDB_MODULE_CHECK_VERSION(version);
709 return ldb_register_module(&ldb_resolve_oids_module_ops);
710 }
Samba GIT mirror