search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ldb_map: Fix CID 1034791 Dereference null return value
[Samba.git] / lib / ldb / ldb_map / ldb_map.c
blobce2d660c87eeb5f2ef6243c2f5fcfa0dd4114add
1 /*
2 ldb database mapping module
3
4 Copyright (C) Jelmer Vernooij 2005
5 Copyright (C) Martin Kuehl <mkhl@samba.org> 2006
6 Copyright (C) Simo Sorce 2008
7
8 ** NOTE! The following LGPL license applies to the ldb
9 ** library. This does NOT imply that all of Samba is released
10 ** under the LGPL
11
12 This library is free software; you can redistribute it and/or
13 modify it under the terms of the GNU Lesser General Public
14 License as published by the Free Software Foundation; either
15 version 3 of the License, or (at your option) any later version.
16
17 This library is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 Lesser General Public License for more details.
21
22 You should have received a copy of the GNU Lesser General Public
23 License along with this library; if not, see <http://www.gnu.org/licenses/>.
24
25 */
26
27 /*
28 * Name: ldb
29 *
30 * Component: ldb ldb_map module
31 *
32 * Description: Map portions of data into a different format on a
33 * remote partition.
34 *
35 * Author: Jelmer Vernooij, Martin Kuehl
36 */
37
38 #include "replace.h"
39 #include "system/filesys.h"
40 #include "system/time.h"
41 #include "ldb_map.h"
42 #include "ldb_map_private.h"
43
44 #ifndef _PUBLIC_
45 #define _PUBLIC_
46 #endif
47
48 /* Description of the provided ldb requests:
49 - special attribute 'isMapped'
50
51 - search:
52 - if parse tree can be split
53 - search remote records w/ remote attrs and parse tree
54 - otherwise
55 - enumerate all remote records
56 - for each remote result
57 - map remote result to local message
58 - search local result
59 - is present
60 - merge local into remote result
61 - run callback on merged result
62 - otherwise
63 - run callback on remote result
64
65 - add:
66 - split message into local and remote part
67 - if local message is not empty
68 - add isMapped to local message
69 - add local message
70 - add remote message
71
72 - modify:
73 - split message into local and remote part
74 - if local message is not empty
75 - add isMapped to local message
76 - search for local record
77 - if present
78 - modify local record
79 - otherwise
80 - add local message
81 - modify remote record
82
83 - delete:
84 - search for local record
85 - if present
86 - delete local record
87 - delete remote record
88
89 - rename:
90 - search for local record
91 - if present
92 - rename local record
93 - modify local isMapped
94 - rename remote record
95 */
96
97
98
99 /* Private data structures
100 * ======================= */
101
102 /* Global private data */
103 /* Extract mappings from private data. */
104 const struct ldb_map_context *map_get_context(struct ldb_module *module)
105 {
106 const struct map_private *data = talloc_get_type(ldb_module_get_private(module), struct map_private);
107 return data->context;
108 }
109
110 /* Create a generic request context. */
111 struct map_context *map_init_context(struct ldb_module *module,
112 struct ldb_request *req)
113 {
114 struct ldb_context *ldb;
115 struct map_context *ac;
116
117 ldb = ldb_module_get_ctx(module);
118
119 ac = talloc_zero(req, struct map_context);
120 if (ac == NULL) {
121 ldb_set_errstring(ldb, "Out of Memory");
122 return NULL;
123 }
124
125 ac->module = module;
126 ac->req = req;
127
128 return ac;
129 }
130
131 /* Dealing with DNs for different partitions
132 * ========================================= */
133
134 /* Check whether any data should be stored in the local partition. */
135 bool map_check_local_db(struct ldb_module *module)
136 {
137 const struct ldb_map_context *data = map_get_context(module);
138
139 if (!data->remote_base_dn || !data->local_base_dn) {
140 return false;
141 }
142
143 return true;
144 }
145
146 /* Copy a DN with the base DN of the local partition. */
147 static struct ldb_dn *ldb_dn_rebase_local(void *mem_ctx, const struct ldb_map_context *data, struct ldb_dn *dn)
148 {
149 struct ldb_dn *new_dn;
150
151 new_dn = ldb_dn_copy(mem_ctx, dn);
152 if ( ! ldb_dn_validate(new_dn)) {
153 talloc_free(new_dn);
154 return NULL;
155 }
156
157 /* may be we don't need to rebase at all */
158 if ( ! data->remote_base_dn || ! data->local_base_dn) {
159 return new_dn;
160 }
161
162 if ( ! ldb_dn_remove_base_components(new_dn, ldb_dn_get_comp_num(data->remote_base_dn))) {
163 talloc_free(new_dn);
164 return NULL;
165 }
166
167 if ( ! ldb_dn_add_base(new_dn, data->local_base_dn)) {
168 talloc_free(new_dn);
169 return NULL;
170 }
171
172 return new_dn;
173 }
174
175 /* Copy a DN with the base DN of the remote partition. */
176 static struct ldb_dn *ldb_dn_rebase_remote(void *mem_ctx, const struct ldb_map_context *data, struct ldb_dn *dn)
177 {
178 struct ldb_dn *new_dn;
179
180 new_dn = ldb_dn_copy(mem_ctx, dn);
181 if ( ! ldb_dn_validate(new_dn)) {
182 talloc_free(new_dn);
183 return NULL;
184 }
185
186 /* may be we don't need to rebase at all */
187 if ( ! data->remote_base_dn || ! data->local_base_dn) {
188 return new_dn;
189 }
190
191 if ( ! ldb_dn_remove_base_components(new_dn, ldb_dn_get_comp_num(data->local_base_dn))) {
192 talloc_free(new_dn);
193 return NULL;
194 }
195
196 if ( ! ldb_dn_add_base(new_dn, data->remote_base_dn)) {
197 talloc_free(new_dn);
198 return NULL;
199 }
200
201 return new_dn;
202 }
203
204 /* Run a request and make sure it targets the remote partition. */
205 /* TODO: free old DNs and messages? */
206 int ldb_next_remote_request(struct ldb_module *module, struct ldb_request *request)
207 {
208 const struct ldb_map_context *data = map_get_context(module);
209 struct ldb_context *ldb;
210 struct ldb_message *msg;
211
212 ldb = ldb_module_get_ctx(module);
213
214 switch (request->operation) {
215 case LDB_SEARCH:
216 if (request->op.search.base) {
217 request->op.search.base = ldb_dn_rebase_remote(request, data, request->op.search.base);
218 } else {
219 request->op.search.base = data->remote_base_dn;
220 /* TODO: adjust scope? */
221 }
222 break;
223
224 case LDB_ADD:
225 msg = ldb_msg_copy_shallow(request, request->op.add.message);
226 if (msg == NULL) {
227 return LDB_ERR_OPERATIONS_ERROR;
228 }
229 msg->dn = ldb_dn_rebase_remote(msg, data, msg->dn);
230 request->op.add.message = msg;
231 break;
232
233 case LDB_MODIFY:
234 msg = ldb_msg_copy_shallow(request, request->op.mod.message);
235 if (msg == NULL) {
236 return LDB_ERR_OPERATIONS_ERROR;
237 }
238 msg->dn = ldb_dn_rebase_remote(msg, data, msg->dn);
239 request->op.mod.message = msg;
240 break;
241
242 case LDB_DELETE:
243 request->op.del.dn = ldb_dn_rebase_remote(request, data, request->op.del.dn);
244 break;
245
246 case LDB_RENAME:
247 request->op.rename.olddn = ldb_dn_rebase_remote(request, data, request->op.rename.olddn);
248 request->op.rename.newdn = ldb_dn_rebase_remote(request, data, request->op.rename.newdn);
249 break;
250
251 default:
252 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
253 "Invalid remote request!");
254 return LDB_ERR_OPERATIONS_ERROR;
255 }
256
257 return ldb_next_request(module, request);
258 }
259
260
261 /* Finding mappings for attributes and objectClasses
262 * ================================================= */
263
264 /* Find an objectClass mapping by the local name. */
265 static const struct ldb_map_objectclass *map_objectclass_find_local(const struct ldb_map_context *data, const char *name)
266 {
267 unsigned int i;
268
269 for (i = 0; data->objectclass_maps && data->objectclass_maps[i].local_name; i++) {
270 if (ldb_attr_cmp(data->objectclass_maps[i].local_name, name) == 0) {
271 return &data->objectclass_maps[i];
272 }
273 }
274
275 return NULL;
276 }
277
278 /* Find an objectClass mapping by the remote name. */
279 static const struct ldb_map_objectclass *map_objectclass_find_remote(const struct ldb_map_context *data, const char *name)
280 {
281 unsigned int i;
282
283 for (i = 0; data->objectclass_maps && data->objectclass_maps[i].remote_name; i++) {
284 if (ldb_attr_cmp(data->objectclass_maps[i].remote_name, name) == 0) {
285 return &data->objectclass_maps[i];
286 }
287 }
288
289 return NULL;
290 }
291
292 /* Find an attribute mapping by the local name. */
293 const struct ldb_map_attribute *map_attr_find_local(const struct ldb_map_context *data, const char *name)
294 {
295 unsigned int i;
296
297 for (i = 0; data->attribute_maps[i].local_name; i++) {
298 if (ldb_attr_cmp(data->attribute_maps[i].local_name, name) == 0) {
299 return &data->attribute_maps[i];
300 }
301 }
302 for (i = 0; data->attribute_maps[i].local_name; i++) {
303 if (ldb_attr_cmp(data->attribute_maps[i].local_name, "*") == 0) {
304 return &data->attribute_maps[i];
305 }
306 }
307
308 return NULL;
309 }
310
311 /* Find an attribute mapping by the remote name. */
312 const struct ldb_map_attribute *map_attr_find_remote(const struct ldb_map_context *data, const char *name)
313 {
314 const struct ldb_map_attribute *map;
315 const struct ldb_map_attribute *wildcard = NULL;
316 unsigned int i, j;
317
318 for (i = 0; data->attribute_maps[i].local_name; i++) {
319 map = &data->attribute_maps[i];
320 if (ldb_attr_cmp(map->local_name, "*") == 0) {
321 wildcard = &data->attribute_maps[i];
322 }
323
324 switch (map->type) {
325 case LDB_MAP_IGNORE:
326 break;
327
328 case LDB_MAP_KEEP:
329 if (ldb_attr_cmp(map->local_name, name) == 0) {
330 return map;
331 }
332 break;
333
334 case LDB_MAP_RENAME:
335 case LDB_MAP_CONVERT:
336 if (ldb_attr_cmp(map->u.rename.remote_name, name) == 0) {
337 return map;
338 }
339 break;
340
341 case LDB_MAP_GENERATE:
342 for (j = 0; map->u.generate.remote_names && map->u.generate.remote_names[j]; j++) {
343 if (ldb_attr_cmp(map->u.generate.remote_names[j], name) == 0) {
344 return map;
345 }
346 }
347 break;
348 }
349 }
350
351 /* We didn't find it, so return the wildcard record if one was configured */
352 return wildcard;
353 }
354
355
356 /* Mapping attributes
357 * ================== */
358
359 /* Check whether an attribute will be mapped into the remote partition. */
360 bool map_attr_check_remote(const struct ldb_map_context *data, const char *attr)
361 {
362 const struct ldb_map_attribute *map = map_attr_find_local(data, attr);
363
364 if (map == NULL) {
365 return false;
366 }
367 if (map->type == LDB_MAP_IGNORE) {
368 return false;
369 }
370
371 return true;
372 }
373
374 /* Map an attribute name into the remote partition. */
375 const char *map_attr_map_local(void *mem_ctx, const struct ldb_map_attribute *map, const char *attr)
376 {
377 if (map == NULL) {
378 return talloc_strdup(mem_ctx, attr);
379 }
380
381 switch (map->type) {
382 case LDB_MAP_KEEP:
383 return talloc_strdup(mem_ctx, attr);
384
385 case LDB_MAP_RENAME:
386 case LDB_MAP_CONVERT:
387 return talloc_strdup(mem_ctx, map->u.rename.remote_name);
388
389 default:
390 return NULL;
391 }
392 }
393
394 /* Map an attribute name back into the local partition. */
395 const char *map_attr_map_remote(void *mem_ctx, const struct ldb_map_attribute *map, const char *attr)
396 {
397 if (map == NULL) {
398 return talloc_strdup(mem_ctx, attr);
399 }
400
401 if (map->type == LDB_MAP_KEEP) {
402 return talloc_strdup(mem_ctx, attr);
403 }
404
405 return talloc_strdup(mem_ctx, map->local_name);
406 }
407
408
409 /* Merge two lists of attributes into a single one. */
410 int map_attrs_merge(struct ldb_module *module, void *mem_ctx,
411 const char ***attrs, const char * const *more_attrs)
412 {
413 unsigned int i, j, k;
414
415 for (i = 0; *attrs && (*attrs)[i]; i++) /* noop */ ;
416 for (j = 0; more_attrs && more_attrs[j]; j++) /* noop */ ;
417
418 *attrs = talloc_realloc(mem_ctx, *attrs, const char *, i+j+1);
419 if (*attrs == NULL) {
420 map_oom(module);
421 return -1;
422 }
423
424 for (k = 0; k < j; k++) {
425 (*attrs)[i + k] = more_attrs[k];
426 }
427
428 (*attrs)[i+k] = NULL;
429
430 return 0;
431 }
432
433 /* Mapping ldb values
434 * ================== */
435
436 /* Map an ldb value into the remote partition. */
437 struct ldb_val ldb_val_map_local(struct ldb_module *module, void *mem_ctx,
438 const struct ldb_map_attribute *map, const struct ldb_val *val)
439 {
440 if (map && (map->type == LDB_MAP_CONVERT) && (map->u.convert.convert_local)) {
441 return map->u.convert.convert_local(module, mem_ctx, val);
442 }
443
444 return ldb_val_dup(mem_ctx, val);
445 }
446
447 /* Map an ldb value back into the local partition. */
448 struct ldb_val ldb_val_map_remote(struct ldb_module *module, void *mem_ctx,
449 const struct ldb_map_attribute *map, const struct ldb_val *val)
450 {
451 if (map && (map->type == LDB_MAP_CONVERT) && (map->u.convert.convert_remote)) {
452 return map->u.convert.convert_remote(module, mem_ctx, val);
453 }
454
455 return ldb_val_dup(mem_ctx, val);
456 }
457
458
459 /* Mapping DNs
460 * =========== */
461
462 /* Check whether a DN is below the local baseDN. */
463 bool ldb_dn_check_local(struct ldb_module *module, struct ldb_dn *dn)
464 {
465 const struct ldb_map_context *data = map_get_context(module);
466
467 if (!data->local_base_dn) {
468 return true;
469 }
470
471 return ldb_dn_compare_base(data->local_base_dn, dn) == 0;
472 }
473
474 /* Map a DN into the remote partition. */
475 struct ldb_dn *ldb_dn_map_local(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
476 {
477 const struct ldb_map_context *data = map_get_context(module);
478 struct ldb_context *ldb;
479 struct ldb_dn *newdn;
480 const struct ldb_map_attribute *map;
481 enum ldb_map_attr_type map_type;
482 const char *name;
483 struct ldb_val value;
484 int i, ret;
485
486 if (dn == NULL) {
487 return NULL;
488 }
489
490 ldb = ldb_module_get_ctx(module);
491
492 newdn = ldb_dn_copy(mem_ctx, dn);
493 if (newdn == NULL) {
494 map_oom(module);
495 return NULL;
496 }
497
498 /* For each RDN, map the component name and possibly the value */
499 for (i = 0; i < ldb_dn_get_comp_num(newdn); i++) {
500 map = map_attr_find_local(data, ldb_dn_get_component_name(dn, i));
501
502 /* Unknown attribute - leave this RDN as is and hope the best... */
503 if (map == NULL) {
504 map_type = LDB_MAP_KEEP;
505 } else {
506 map_type = map->type;
507 }
508
509 switch (map_type) {
510 case LDB_MAP_IGNORE:
511 case LDB_MAP_GENERATE:
512 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
513 "LDB_MAP_IGNORE/LDB_MAP_GENERATE attribute '%s' "
514 "used in DN!", ldb_dn_get_component_name(dn, i));
515 goto failed;
516
517 case LDB_MAP_CONVERT:
518 if (map->u.convert.convert_local == NULL) {
519 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
520 "'convert_local' not set for attribute '%s' "
521 "used in DN!", ldb_dn_get_component_name(dn, i));
522 goto failed;
523 }
524 /* fall through */
525 case LDB_MAP_KEEP:
526 case LDB_MAP_RENAME:
527 name = map_attr_map_local(newdn, map, ldb_dn_get_component_name(dn, i));
528 if (name == NULL) goto failed;
529
530 value = ldb_val_map_local(module, newdn, map, ldb_dn_get_component_val(dn, i));
531 if (value.data == NULL) goto failed;
532
533 ret = ldb_dn_set_component(newdn, i, name, value);
534 if (ret != LDB_SUCCESS) {
535 goto failed;
536 }
537
538 break;
539 }
540 }
541
542 return newdn;
543
544 failed:
545 talloc_free(newdn);
546 return NULL;
547 }
548
549 /* Map a DN into the local partition. */
550 struct ldb_dn *ldb_dn_map_remote(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
551 {
552 const struct ldb_map_context *data = map_get_context(module);
553 struct ldb_context *ldb;
554 struct ldb_dn *newdn;
555 const struct ldb_map_attribute *map;
556 enum ldb_map_attr_type map_type;
557 const char *name;
558 struct ldb_val value;
559 int i, ret;
560
561 if (dn == NULL) {
562 return NULL;
563 }
564
565 ldb = ldb_module_get_ctx(module);
566
567 newdn = ldb_dn_copy(mem_ctx, dn);
568 if (newdn == NULL) {
569 map_oom(module);
570 return NULL;
571 }
572
573 /* For each RDN, map the component name and possibly the value */
574 for (i = 0; i < ldb_dn_get_comp_num(newdn); i++) {
575 map = map_attr_find_remote(data, ldb_dn_get_component_name(dn, i));
576
577 /* Unknown attribute - leave this RDN as is and hope the best... */
578 if (map == NULL) {
579 map_type = LDB_MAP_KEEP;
580 } else {
581 map_type = map->type;
582 }
583
584 switch (map_type) {
585 case LDB_MAP_IGNORE:
586 case LDB_MAP_GENERATE:
587 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
588 "LDB_MAP_IGNORE/LDB_MAP_GENERATE attribute '%s' "
589 "used in DN!", ldb_dn_get_component_name(dn, i));
590 goto failed;
591
592 case LDB_MAP_CONVERT:
593 if (map->u.convert.convert_remote == NULL) {
594 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
595 "'convert_remote' not set for attribute '%s' "
596 "used in DN!", ldb_dn_get_component_name(dn, i));
597 goto failed;
598 }
599 /* fall through */
600 case LDB_MAP_KEEP:
601 case LDB_MAP_RENAME:
602 name = map_attr_map_remote(newdn, map, ldb_dn_get_component_name(dn, i));
603 if (name == NULL) goto failed;
604
605 value = ldb_val_map_remote(module, newdn, map, ldb_dn_get_component_val(dn, i));
606 if (value.data == NULL) goto failed;
607
608 ret = ldb_dn_set_component(newdn, i, name, value);
609 if (ret != LDB_SUCCESS) {
610 goto failed;
611 }
612
613 break;
614 }
615 }
616
617 return newdn;
618
619 failed:
620 talloc_free(newdn);
621 return NULL;
622 }
623
624 /* Map a DN and its base into the local partition. */
625 /* TODO: This should not be required with GUIDs. */
626 struct ldb_dn *ldb_dn_map_rebase_remote(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
627 {
628 const struct ldb_map_context *data = map_get_context(module);
629 struct ldb_dn *dn1, *dn2;
630
631 dn1 = ldb_dn_rebase_local(mem_ctx, data, dn);
632 dn2 = ldb_dn_map_remote(module, mem_ctx, dn1);
633
634 talloc_free(dn1);
635 return dn2;
636 }
637
638
639 /* Converting DNs and objectClasses (as ldb values)
640 * ================================================ */
641
642 /* Map a DN contained in an ldb value into the remote partition. */
643 static struct ldb_val ldb_dn_convert_local(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
644 {
645 struct ldb_context *ldb;
646 struct ldb_dn *dn, *newdn;
647 struct ldb_val newval;
648
649 ldb = ldb_module_get_ctx(module);
650
651 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, val);
652 if (! ldb_dn_validate(dn)) {
653 newval.length = 0;
654 newval.data = NULL;
655 talloc_free(dn);
656 return newval;
657 }
658 newdn = ldb_dn_map_local(module, mem_ctx, dn);
659 talloc_free(dn);
660
661 newval.length = 0;
662 newval.data = (uint8_t *)ldb_dn_alloc_linearized(mem_ctx, newdn);
663 if (newval.data) {
664 newval.length = strlen((char *)newval.data);
665 }
666 talloc_free(newdn);
667
668 return newval;
669 }
670
671 /* Map a DN contained in an ldb value into the local partition. */
672 static struct ldb_val ldb_dn_convert_remote(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
673 {
674 struct ldb_context *ldb;
675 struct ldb_dn *dn, *newdn;
676 struct ldb_val newval;
677
678 ldb = ldb_module_get_ctx(module);
679
680 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, val);
681 if (! ldb_dn_validate(dn)) {
682 newval.length = 0;
683 newval.data = NULL;
684 talloc_free(dn);
685 return newval;
686 }
687 newdn = ldb_dn_map_remote(module, mem_ctx, dn);
688 talloc_free(dn);
689
690 newval.length = 0;
691 newval.data = (uint8_t *)ldb_dn_alloc_linearized(mem_ctx, newdn);
692 if (newval.data) {
693 newval.length = strlen((char *)newval.data);
694 }
695 talloc_free(newdn);
696
697 return newval;
698 }
699
700 /* Map an objectClass into the remote partition. */
701 static struct ldb_val map_objectclass_convert_local(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
702 {
703 const struct ldb_map_context *data = map_get_context(module);
704 const char *name = (char *)val->data;
705 const struct ldb_map_objectclass *map = map_objectclass_find_local(data, name);
706 struct ldb_val newval;
707
708 if (map) {
709 newval.data = (uint8_t*)talloc_strdup(mem_ctx, map->remote_name);
710 newval.length = strlen((char *)newval.data);
711 return newval;
712 }
713
714 return ldb_val_dup(mem_ctx, val);
715 }
716
717 /* Generate a remote message with a mapped objectClass. */
718 static void map_objectclass_generate_remote(struct ldb_module *module, const char *local_attr, const struct ldb_message *old, struct ldb_message *remote, struct ldb_message *local)
719 {
720 const struct ldb_map_context *data = map_get_context(module);
721 struct ldb_context *ldb;
722 struct ldb_message_element *el, *oc;
723 struct ldb_val val;
724 bool found_extensibleObject = false;
725 unsigned int i;
726
727 ldb = ldb_module_get_ctx(module);
728
729 /* Find old local objectClass */
730 oc = ldb_msg_find_element(old, "objectClass");
731 if (oc == NULL) {
732 return;
733 }
734
735 /* Prepare new element */
736 el = talloc_zero(remote, struct ldb_message_element);
737 if (el == NULL) {
738 ldb_oom(ldb);
739 return; /* TODO: fail? */
740 }
741
742 /* Copy local objectClass element, reverse space for an extra value */
743 el->num_values = oc->num_values + 1;
744 el->values = talloc_array(el, struct ldb_val, el->num_values);
745 if (el->values == NULL) {
746 talloc_free(el);
747 ldb_oom(ldb);
748 return; /* TODO: fail? */
749 }
750
751 /* Copy local element name "objectClass" */
752 el->name = talloc_strdup(el, local_attr);
753
754 /* Convert all local objectClasses */
755 for (i = 0; i < el->num_values - 1; i++) {
756 el->values[i] = map_objectclass_convert_local(module, el->values, &oc->values[i]);
757 if (ldb_attr_cmp((char *)el->values[i].data, data->add_objectclass) == 0) {
758 found_extensibleObject = true;
759 }
760 }
761
762 if (!found_extensibleObject) {
763 val.data = (uint8_t *)talloc_strdup(el->values, data->add_objectclass);
764 val.length = strlen((char *)val.data);
765
766 /* Append additional objectClass data->add_objectclass */
767 el->values[i] = val;
768 } else {
769 el->num_values--;
770 }
771
772 /* Add new objectClass to remote message */
773 ldb_msg_add(remote, el, 0);
774 }
775
776 /* Map an objectClass into the local partition. */
777 static struct ldb_val map_objectclass_convert_remote(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
778 {
779 const struct ldb_map_context *data = map_get_context(module);
780 const char *name = (char *)val->data;
781 const struct ldb_map_objectclass *map = map_objectclass_find_remote(data, name);
782 struct ldb_val newval;
783
784 if (map) {
785 newval.data = (uint8_t*)talloc_strdup(mem_ctx, map->local_name);
786 newval.length = strlen((char *)newval.data);
787 return newval;
788 }
789
790 return ldb_val_dup(mem_ctx, val);
791 }
792
793 /* Generate a local message with a mapped objectClass. */
794 static struct ldb_message_element *map_objectclass_generate_local(struct ldb_module *module, void *mem_ctx, const char *local_attr, const struct ldb_message *remote)
795 {
796 const struct ldb_map_context *data = map_get_context(module);
797 struct ldb_context *ldb;
798 struct ldb_message_element *el, *oc;
799 struct ldb_val val;
800 unsigned int i;
801
802 ldb = ldb_module_get_ctx(module);
803
804 /* Find old remote objectClass */
805 oc = ldb_msg_find_element(remote, "objectClass");
806 if (oc == NULL) {
807 return NULL;
808 }
809
810 /* Prepare new element */
811 el = talloc_zero(mem_ctx, struct ldb_message_element);
812 if (el == NULL) {
813 ldb_oom(ldb);
814 return NULL;
815 }
816
817 /* Copy remote objectClass element */
818 el->num_values = oc->num_values;
819 el->values = talloc_array(el, struct ldb_val, el->num_values);
820 if (el->values == NULL) {
821 talloc_free(el);
822 ldb_oom(ldb);
823 return NULL;
824 }
825
826 /* Copy remote element name "objectClass" */
827 el->name = talloc_strdup(el, local_attr);
828
829 /* Convert all remote objectClasses */
830 for (i = 0; i < el->num_values; i++) {
831 el->values[i] = map_objectclass_convert_remote(module, el->values, &oc->values[i]);
832 }
833
834 val.data = (uint8_t *)talloc_strdup(el->values, data->add_objectclass);
835 val.length = strlen((char *)val.data);
836
837 /* Remove last value if it was the string in data->add_objectclass (eg samba4top, extensibleObject) */
838 if (ldb_val_equal_exact(&val, &el->values[i-1])) {
839 el->num_values--;
840 el->values = talloc_realloc(el, el->values, struct ldb_val, el->num_values);
841 if (el->values == NULL) {
842 talloc_free(el);
843 ldb_oom(ldb);
844 return NULL;
845 }
846 }
847
848 return el;
849 }
850
851 static const struct ldb_map_attribute objectclass_convert_map = {
852 .local_name = "objectClass",
853 .type = LDB_MAP_CONVERT,
854 .u = {
855 .convert = {
856 .remote_name = "objectClass",
857 .convert_local = map_objectclass_convert_local,
858 .convert_remote = map_objectclass_convert_remote,
859 },
860 },
861 };
862
863
864 /* Mappings for searches on objectClass= assuming a one-to-one
865 * mapping. Needed because this is a generate operator for the
866 * add/modify code */
867 static int map_objectclass_convert_operator(struct ldb_module *module, void *mem_ctx,
868 struct ldb_parse_tree **new, const struct ldb_parse_tree *tree)
869 {
870
871 return map_subtree_collect_remote_simple(module, mem_ctx, new, tree, &objectclass_convert_map);
872 }
873
874 /* Auxiliary request construction
875 * ============================== */
876
877 /* Build a request to search a record by its DN. */
878 struct ldb_request *map_search_base_req(struct map_context *ac, struct ldb_dn *dn, const char * const *attrs, struct ldb_parse_tree *tree, void *context, ldb_map_callback_t callback)
879 {
880 struct ldb_parse_tree *search_tree;
881 struct ldb_context *ldb;
882 struct ldb_request *req;
883 int ret;
884
885 ldb = ldb_module_get_ctx(ac->module);
886
887 if (tree) {
888 search_tree = tree;
889 } else {
890 search_tree = ldb_parse_tree(ac, NULL);
891 if (search_tree == NULL) {
892 return NULL;
893 }
894 }
895
896 ret = ldb_build_search_req_ex(&req, ldb, ac,
897 dn, LDB_SCOPE_BASE,
898 search_tree, attrs,
899 NULL,
900 context, callback,
901 ac->req);
902 LDB_REQ_SET_LOCATION(req);
903 if (ret != LDB_SUCCESS) {
904 return NULL;
905 }
906
907 return req;
908 }
909
910 /* Build a request to update the 'IS_MAPPED' attribute */
911 struct ldb_request *map_build_fixup_req(struct map_context *ac,
912 struct ldb_dn *olddn,
913 struct ldb_dn *newdn,
914 void *context,
915 ldb_map_callback_t callback)
916 {
917 struct ldb_context *ldb;
918 struct ldb_request *req;
919 struct ldb_message *msg;
920 const char *dn;
921 int ret;
922
923 ldb = ldb_module_get_ctx(ac->module);
924
925 /* Prepare message */
926 msg = ldb_msg_new(ac);
927 if (msg == NULL) {
928 map_oom(ac->module);
929 return NULL;
930 }
931
932 /* Update local 'IS_MAPPED' to the new remote DN */
933 msg->dn = ldb_dn_copy(msg, olddn);
934 dn = ldb_dn_alloc_linearized(msg, newdn);
935 if ( ! dn || ! ldb_dn_validate(msg->dn)) {
936 goto failed;
937 }
938 if (ldb_msg_add_empty(msg, IS_MAPPED, LDB_FLAG_MOD_REPLACE, NULL) != 0) {
939 goto failed;
940 }
941 if (ldb_msg_add_string(msg, IS_MAPPED, dn) != 0) {
942 goto failed;
943 }
944
945 /* Prepare request */
946 ret = ldb_build_mod_req(&req, ldb,
947 ac, msg, NULL,
948 context, callback,
949 ac->req);
950 LDB_REQ_SET_LOCATION(req);
951 if (ret != LDB_SUCCESS) {
952 goto failed;
953 }
954 talloc_steal(req, msg);
955
956 return req;
957 failed:
958 talloc_free(msg);
959 return NULL;
960 }
961
962 /* Module initialization
963 * ===================== */
964
965
966 /* Builtin mappings for DNs and objectClasses */
967 static const struct ldb_map_attribute builtin_attribute_maps[] = {
968 {
969 .local_name = "dn",
970 .type = LDB_MAP_CONVERT,
971 .u = {
972 .convert = {
973 .remote_name = "dn",
974 .convert_local = ldb_dn_convert_local,
975 .convert_remote = ldb_dn_convert_remote,
976 },
977 },
978 },
979 {
980 .local_name = NULL,
981 }
982 };
983
984 static const struct ldb_map_attribute objectclass_attribute_map = {
985 .local_name = "objectClass",
986 .type = LDB_MAP_GENERATE,
987 .convert_operator = map_objectclass_convert_operator,
988 .u = {
989 .generate = {
990 .remote_names = { "objectClass", NULL },
991 .generate_local = map_objectclass_generate_local,
992 .generate_remote = map_objectclass_generate_remote,
993 },
994 },
995 };
996
997
998 /* Find the special 'MAP_DN_NAME' record and store local and remote
999 * base DNs in private data. */
1000 static int map_init_dns(struct ldb_module *module, struct ldb_map_context *data, const char *name)
1001 {
1002 static const char * const attrs[] = { MAP_DN_FROM, MAP_DN_TO, NULL };
1003 struct ldb_context *ldb;
1004 struct ldb_dn *dn;
1005 struct ldb_message *msg;
1006 struct ldb_result *res;
1007 int ret;
1008
1009 if (!name) {
1010 data->local_base_dn = NULL;
1011 data->remote_base_dn = NULL;
1012 return LDB_SUCCESS;
1013 }
1014
1015 ldb = ldb_module_get_ctx(module);
1016
1017 dn = ldb_dn_new_fmt(data, ldb, "%s=%s", MAP_DN_NAME, name);
1018 if ( ! ldb_dn_validate(dn)) {
1019 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
1020 "Failed to construct '%s' DN!", MAP_DN_NAME);
1021 return LDB_ERR_OPERATIONS_ERROR;
1022 }
1023
1024 ret = ldb_search(ldb, data, &res, dn, LDB_SCOPE_BASE, attrs, NULL);
1025 talloc_free(dn);
1026 if (ret != LDB_SUCCESS) {
1027 return ret;
1028 }
1029 if (res->count == 0) {
1030 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
1031 "No results for '%s=%s'!", MAP_DN_NAME, name);
1032 talloc_free(res);
1033 return LDB_ERR_CONSTRAINT_VIOLATION;
1034 }
1035 if (res->count > 1) {
1036 ldb_debug(ldb, LDB_DEBUG_ERROR, "ldb_map: "
1037 "Too many results for '%s=%s'!", MAP_DN_NAME, name);
1038 talloc_free(res);
1039 return LDB_ERR_CONSTRAINT_VIOLATION;
1040 }
1041
1042 msg = res->msgs[0];
1043 data->local_base_dn = ldb_msg_find_attr_as_dn(ldb, data, msg, MAP_DN_FROM);
1044 data->remote_base_dn = ldb_msg_find_attr_as_dn(ldb, data, msg, MAP_DN_TO);
1045 talloc_free(res);
1046
1047 return LDB_SUCCESS;
1048 }
1049
1050 /* Store attribute maps and objectClass maps in private data. */
1051 static int map_init_maps(struct ldb_module *module, struct ldb_map_context *data,
1052 const struct ldb_map_attribute *attrs,
1053 const struct ldb_map_objectclass *ocls,
1054 const char * const *wildcard_attributes)
1055 {
1056 unsigned int i, j, last;
1057 last = 0;
1058
1059 /* Count specified attribute maps */
1060 for (i = 0; attrs[i].local_name; i++) /* noop */ ;
1061 /* Count built-in attribute maps */
1062 for (j = 0; builtin_attribute_maps[j].local_name; j++) /* noop */ ;
1063
1064 /* Store list of attribute maps */
1065 data->attribute_maps = talloc_array(data, struct ldb_map_attribute, i+j+2);
1066 if (data->attribute_maps == NULL) {
1067 map_oom(module);
1068 return LDB_ERR_OPERATIONS_ERROR;
1069 }
1070
1071 /* Specified ones go first */
1072 for (i = 0; attrs[i].local_name; i++) {
1073 data->attribute_maps[last] = attrs[i];
1074 last++;
1075 }
1076
1077 /* Built-in ones go last */
1078 for (i = 0; builtin_attribute_maps[i].local_name; i++) {
1079 data->attribute_maps[last] = builtin_attribute_maps[i];
1080 last++;
1081 }
1082
1083 if (data->add_objectclass) {
1084 /* ObjectClass one is very last, if required */
1085 data->attribute_maps[last] = objectclass_attribute_map;
1086 last++;
1087 } else if (ocls) {
1088 data->attribute_maps[last] = objectclass_convert_map;
1089 last++;
1090 }
1091
1092 /* Ensure 'local_name == NULL' for the last entry */
1093 memset(&data->attribute_maps[last], 0, sizeof(struct ldb_map_attribute));
1094
1095 /* Store list of objectClass maps */
1096 data->objectclass_maps = ocls;
1097
1098 data->wildcard_attributes = wildcard_attributes;
1099
1100 return LDB_SUCCESS;
1101 }
1102
1103 /* Initialize global private data. */
1104 _PUBLIC_ int ldb_map_init(struct ldb_module *module, const struct ldb_map_attribute *attrs,
1105 const struct ldb_map_objectclass *ocls,
1106 const char * const *wildcard_attributes,
1107 const char *add_objectclass,
1108 const char *name)
1109 {
1110 struct map_private *data;
1111 int ret;
1112
1113 /* Prepare private data */
1114 data = talloc_zero(module, struct map_private);
1115 if (data == NULL) {
1116 map_oom(module);
1117 return LDB_ERR_OPERATIONS_ERROR;
1118 }
1119
1120 ldb_module_set_private(module, data);
1121
1122 data->context = talloc_zero(data, struct ldb_map_context);
1123 if (!data->context) {
1124 map_oom(module);
1125 return LDB_ERR_OPERATIONS_ERROR;
1126 }
1127
1128 /* Store local and remote baseDNs */
1129 ret = map_init_dns(module, data->context, name);
1130 if (ret != LDB_SUCCESS) {
1131 talloc_free(data);
1132 return ret;
1133 }
1134
1135 data->context->add_objectclass = add_objectclass;
1136
1137 /* Store list of attribute and objectClass maps */
1138 ret = map_init_maps(module, data->context, attrs, ocls, wildcard_attributes);
1139 if (ret != LDB_SUCCESS) {
1140 talloc_free(data);
1141 return ret;
1142 }
1143
1144 return LDB_SUCCESS;
1145 }
Samba GIT mirror