search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add tldap_pull_uint32
[Samba.git] / source3 / lib / tldap_util.c
blob1b0c3446ee633e78d5655d1ba86d44b535a37b64
1 /*
2 Unix SMB/CIFS implementation.
3 Infrastructure for async ldap client requests
4 Copyright (C) Volker Lendecke 2009
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21
22 bool tldap_entry_values(struct tldap_message *msg, const char *attribute,
23 int *num_values, DATA_BLOB **values)
24 {
25 struct tldap_attribute *attributes;
26 int i, num_attributes;
27
28 if (!tldap_entry_attributes(msg, &num_attributes, &attributes)) {
29 return false;
30 }
31
32 for (i=0; i<num_attributes; i++) {
33 if (strequal(attribute, attributes[i].name)) {
34 break;
35 }
36 }
37 if (i == num_attributes) {
38 return false;
39 }
40 *num_values = attributes[i].num_values;
41 *values = attributes[i].values;
42 return true;
43 }
44
45 bool tldap_get_single_valueblob(struct tldap_message *msg,
46 const char *attribute, DATA_BLOB *blob)
47 {
48 int num_values;
49 DATA_BLOB *values;
50
51 if (attribute == NULL) {
52 return NULL;
53 }
54 if (!tldap_entry_values(msg, attribute, &num_values, &values)) {
55 return NULL;
56 }
57 if (num_values != 1) {
58 return NULL;
59 }
60 *blob = values[0];
61 return true;
62 }
63
64 char *tldap_talloc_single_attribute(struct tldap_message *msg,
65 const char *attribute,
66 TALLOC_CTX *mem_ctx)
67 {
68 DATA_BLOB val;
69 char *result;
70 size_t len;
71
72 if (!tldap_get_single_valueblob(msg, attribute, &val)) {
73 return false;
74 }
75 if (!convert_string_talloc(mem_ctx, CH_UTF8, CH_UNIX,
76 val.data, val.length,
77 &result, &len, false)) {
78 return NULL;
79 }
80 return result;
81 }
82
83 bool tldap_pull_binsid(struct tldap_message *msg, const char *attribute,
84 struct dom_sid *sid)
85 {
86 DATA_BLOB val;
87
88 if (!tldap_get_single_valueblob(msg, attribute, &val)) {
89 return false;
90 }
91 return sid_parse((char *)val.data, val.length, sid);
92 }
93
94 static bool tldap_add_blob_vals(TALLOC_CTX *mem_ctx, struct tldap_mod *mod,
95 int num_newvals, DATA_BLOB *newvals)
96 {
97 int num_values = talloc_array_length(mod->values);
98 int i;
99 DATA_BLOB *tmp;
100
101 tmp = talloc_realloc(mem_ctx, mod->values, DATA_BLOB,
102 num_values + num_newvals);
103 if (tmp == NULL) {
104 return false;
105 }
106 mod->values = tmp;
107
108 for (i=0; i<num_newvals; i++) {
109 mod->values[i+num_values].data = (uint8_t *)talloc_memdup(
110 mod->values, newvals[i].data, newvals[i].length);
111 if (mod->values[i+num_values].data == NULL) {
112 return false;
113 }
114 mod->values[i+num_values].length = newvals[i].length;
115 }
116 mod->num_values = num_values + num_newvals;
117 return true;
118 }
119
120 bool tldap_add_mod_blobs(TALLOC_CTX *mem_ctx, struct tldap_mod **pmods,
121 int mod_op, const char *attrib,
122 int num_newvals, DATA_BLOB *newvals)
123 {
124 struct tldap_mod new_mod;
125 struct tldap_mod *mods = *pmods;
126 struct tldap_mod *mod = NULL;
127 int i, num_mods;
128
129 if (mods == NULL) {
130 mods = talloc_array(mem_ctx, struct tldap_mod, 0);
131 }
132 if (mods == NULL) {
133 return false;
134 }
135
136 num_mods = talloc_array_length(mods);
137
138 for (i=0; i<num_mods; i++) {
139 if ((mods[i].mod_op == mod_op)
140 && strequal(mods[i].attribute, attrib)) {
141 mod = &mods[i];
142 break;
143 }
144 }
145
146 if (mod == NULL) {
147 new_mod.mod_op = mod_op;
148 new_mod.attribute = talloc_strdup(mods, attrib);
149 if (new_mod.attribute == NULL) {
150 return false;
151 }
152 new_mod.num_values = 0;
153 new_mod.values = NULL;
154 mod = &new_mod;
155 }
156
157 if ((num_newvals != 0)
158 && !tldap_add_blob_vals(mods, mod, num_newvals, newvals)) {
159 return false;
160 }
161
162 if (i == num_mods) {
163 mods = talloc_realloc(talloc_tos(), mods, struct tldap_mod,
164 num_mods+1);
165 if (mods == NULL) {
166 return false;
167 }
168 mods[num_mods] = *mod;
169 }
170
171 *pmods = mods;
172 return true;
173 }
174
175 static bool tldap_make_mod_blob_int(struct tldap_message *existing,
176 TALLOC_CTX *mem_ctx,
177 int *pnum_mods, struct tldap_mod **pmods,
178 const char *attrib, DATA_BLOB newval,
179 int (*comparison)(const DATA_BLOB *d1,
180 const DATA_BLOB *d2))
181 {
182 int num_values = 0;
183 DATA_BLOB *values = NULL;
184 DATA_BLOB oldval = data_blob_null;
185
186 if ((existing != NULL)
187 && tldap_entry_values(existing, attrib, &num_values, &values)) {
188
189 if (num_values > 1) {
190 /* can't change multivalue attributes atm */
191 return false;
192 }
193 if (num_values == 1) {
194 oldval = values[0];
195 }
196 }
197
198 if ((oldval.data != NULL) && (newval.data != NULL)
199 && (comparison(&oldval, &newval) == 0)) {
200 /* Believe it or not, but LDAP will deny a delete and
201 an add at the same time if the values are the
202 same... */
203 DEBUG(10,("smbldap_make_mod_blob: attribute |%s| not "
204 "changed.\n", attrib));
205 return true;
206 }
207
208 if (oldval.data != NULL) {
209 /* By deleting exactly the value we found in the entry this
210 * should be race-free in the sense that the LDAP-Server will
211 * deny the complete operation if somebody changed the
212 * attribute behind our back. */
213 /* This will also allow modifying single valued attributes in
214 * Novell NDS. In NDS you have to first remove attribute and
215 * then you could add new value */
216
217 DEBUG(10, ("smbldap_make_mod_blob: deleting attribute |%s|\n",
218 attrib));
219 if (!tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_DELETE,
220 attrib, 1, &oldval)) {
221 return false;
222 }
223 }
224
225 /* Regardless of the real operation (add or modify)
226 we add the new value here. We rely on deleting
227 the old value, should it exist. */
228
229 if (newval.data != NULL) {
230 DEBUG(10, ("smbldap_make_mod: adding attribute |%s| value len "
231 "%d\n", attrib, (int)newval.length));
232 if (!tldap_add_mod_blobs(mem_ctx, pmods, TLDAP_MOD_ADD,
233 attrib, 1, &newval)) {
234 return false;
235 }
236 }
237 *pnum_mods = talloc_array_length(*pmods);
238 return true;
239 }
240
241 bool tldap_make_mod_blob(struct tldap_message *existing, TALLOC_CTX *mem_ctx,
242 int *pnum_mods, struct tldap_mod **pmods,
243 const char *attrib, DATA_BLOB newval)
244 {
245 return tldap_make_mod_blob_int(existing, mem_ctx, pnum_mods, pmods,
246 attrib, newval, data_blob_cmp);
247 }
248
249 static int compare_utf8_blobs(const DATA_BLOB *d1, const DATA_BLOB *d2)
250 {
251 char *s1, *s2;
252 size_t s1len, s2len;
253 int ret;
254
255 if (!convert_string_talloc(talloc_tos(), CH_UTF8, CH_UNIX, d1->data,
256 d1->length, &s1, &s1len, false)) {
257 /* can't do much here */
258 return 0;
259 }
260 if (!convert_string_talloc(talloc_tos(), CH_UTF8, CH_UNIX, d2->data,
261 d2->length, &s2, &s2len, false)) {
262 /* can't do much here */
263 TALLOC_FREE(s1);
264 return 0;
265 }
266 ret = StrCaseCmp(s1, s2);
267 TALLOC_FREE(s2);
268 TALLOC_FREE(s1);
269 return ret;
270 }
271
272 bool tldap_make_mod_fmt(struct tldap_message *existing, TALLOC_CTX *mem_ctx,
273 int *pnum_mods, struct tldap_mod **pmods,
274 const char *attrib, const char *fmt, ...)
275 {
276 va_list ap;
277 char *newval;
278 bool ret;
279 DATA_BLOB blob = data_blob_null;
280
281 va_start(ap, fmt);
282 newval = talloc_vasprintf(talloc_tos(), fmt, ap);
283 va_end(ap);
284
285 if (newval == NULL) {
286 return false;
287 }
288
289 blob.length = strlen(newval);
290 if (blob.length != 0) {
291 blob.data = CONST_DISCARD(uint8_t *, newval);
292 }
293 ret = tldap_make_mod_blob_int(existing, mem_ctx, pnum_mods, pmods,
294 attrib, blob, compare_utf8_blobs);
295 TALLOC_FREE(newval);
296 return ret;
297 }
298
299 const char *tldap_errstr(TALLOC_CTX *mem_ctx, struct tldap_context *ld, int rc)
300 {
301 const char *ld_error = NULL;
302 char *res;
303
304 ld_error = tldap_ctx_diagnosticmessage(ld);
305 res = talloc_asprintf(mem_ctx, "LDAP error %d (%s), %s", rc,
306 tldap_err2string(rc),
307 ld_error ? ld_error : "unknown");
308 return res;
309 }
310
311 int tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
312 const char *attrs[], int num_attrs, int attrsonly,
313 TALLOC_CTX *mem_ctx, struct tldap_message ***res,
314 const char *fmt, ...)
315 {
316 va_list ap;
317 char *filter;
318 int ret;
319
320 va_start(ap, fmt);
321 filter = talloc_vasprintf(talloc_tos(), fmt, ap);
322 va_end(ap);
323
324 if (filter == NULL) {
325 return TLDAP_NO_MEMORY;
326 }
327 ret = tldap_search(ld, base, scope, filter,
328 attrs, num_attrs, attrsonly,
329 NULL /*sctrls*/, NULL /*cctrls*/,
330 0 /*timelimit*/, 0 /*sizelimit*/, 0 /*deref*/,
331 mem_ctx, res, NULL);
332 TALLOC_FREE(filter);
333 return ret;
334 }
335
336 bool tldap_pull_uint64(struct tldap_message *msg, const char *attr,
337 uint64_t *presult)
338 {
339 char *str;
340 uint64_t result;
341
342 str = tldap_talloc_single_attribute(msg, attr, talloc_tos());
343 if (str == NULL) {
344 DEBUG(10, ("Could not find attribute %s\n", attr));
345 return false;
346 }
347 result = strtoull(str, NULL, 10);
348 TALLOC_FREE(str);
349 *presult = result;
350 return true;
351 }
352
353 bool tldap_pull_uint32(struct tldap_message *msg, const char *attr,
354 uint32_t *presult)
355 {
356 uint64_t result;
357
358 if (!tldap_pull_uint64(msg, attr, &result)) {
359 return false;
360 }
361 *presult = (uint32_t)result;
362 return true;
363 }
Samba GIT mirror