4 Copyright (C) Simo Sorce 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 * Name: ldb_controls.c
27 * Component: ldb controls utility functions
29 * Description: helper functions for control modules
34 #include "ldb_private.h"
36 /* check if a control with the specified "oid" exist and return it */
37 /* returns NULL if not found */
38 struct ldb_control
*ldb_request_get_control(struct ldb_request
*req
, const char *oid
)
42 /* check if there's a paged request control */
43 if (req
->controls
!= NULL
) {
44 for (i
= 0; req
->controls
[i
]; i
++) {
45 if (strcmp(oid
, req
->controls
[i
]->oid
) == 0) {
50 return req
->controls
[i
];
56 /* check if a control with the specified "oid" exist and return it */
57 /* returns NULL if not found */
58 struct ldb_control
*ldb_reply_get_control(struct ldb_reply
*rep
, const char *oid
)
62 /* check if there's a paged request control */
63 if (rep
->controls
!= NULL
) {
64 for (i
= 0; rep
->controls
[i
]; i
++) {
65 if (strcmp(oid
, rep
->controls
[i
]->oid
) == 0) {
70 return rep
->controls
[i
];
76 /* saves the current controls list into the "saver" and replace the one in req with a new one excluding
77 the "exclude" control */
78 /* returns False on error */
79 int save_controls(struct ldb_control
*exclude
, struct ldb_request
*req
, struct ldb_control
***saver
)
81 struct ldb_control
**lcs
;
84 *saver
= req
->controls
;
85 for (i
= 0; req
->controls
[i
]; i
++);
91 lcs
= talloc_array(req
, struct ldb_control
*, i
);
96 for (i
= 0, j
= 0; (*saver
)[i
]; i
++) {
97 if (exclude
== (*saver
)[i
]) continue;
107 /* check if there's any control marked as critical in the list */
108 /* return True if any, False if none */
109 int check_critical_controls(struct ldb_control
**controls
)
113 if (controls
== NULL
) {
117 for (i
= 0; controls
[i
]; i
++) {
118 if (controls
[i
]->critical
) {
126 int ldb_request_add_control(struct ldb_request
*req
, const char *oid
, bool critical
, void *data
)
129 struct ldb_control
**ctrls
;
130 struct ldb_control
*ctrl
;
132 for (n
=0; req
->controls
&& req
->controls
[n
];) { n
++; }
134 ctrls
= talloc_realloc(req
, req
->controls
,
135 struct ldb_control
*,
137 if (!ctrls
) return LDB_ERR_OPERATIONS_ERROR
;
138 req
->controls
= ctrls
;
142 ctrl
= talloc(ctrls
, struct ldb_control
);
143 if (!ctrl
) return LDB_ERR_OPERATIONS_ERROR
;
145 ctrl
->oid
= talloc_strdup(ctrl
, oid
);
146 if (!ctrl
->oid
) return LDB_ERR_OPERATIONS_ERROR
;
147 ctrl
->critical
= critical
;
154 /* Parse controls from the format used on the command line and in ejs */
156 struct ldb_control
**ldb_parse_control_strings(struct ldb_context
*ldb
, void *mem_ctx
, const char **control_strings
)
159 struct ldb_control
**ctrl
;
161 char *error_string
= NULL
;
163 if (control_strings
== NULL
|| control_strings
[0] == NULL
)
166 for (i
= 0; control_strings
[i
]; i
++);
168 ctrl
= talloc_array(mem_ctx
, struct ldb_control
*, i
+ 1);
170 for (i
= 0; control_strings
[i
]; i
++) {
171 if (strncmp(control_strings
[i
], "vlv:", 4) == 0) {
172 struct ldb_vlv_req_control
*control
;
176 int crit
, bc
, ac
, os
, cc
, ret
;
180 p
= &(control_strings
[i
][4]);
181 ret
= sscanf(p
, "%d:%d:%d:%d:%d:%1023[^$]", &crit
, &bc
, &ac
, &os
, &cc
, ctxid
);
183 ret
= sscanf(p
, "%d:%d:%d:%1023[^:]:%1023[^$]", &crit
, &bc
, &ac
, attr
, ctxid
);
186 if ((ret
< 4) || (crit
< 0) || (crit
> 1)) {
187 error_string
= talloc_asprintf(mem_ctx
, "invalid server_sort control syntax\n");
188 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):bc(n):ac(n):<os(n):cc(n)|attr(s)>[:ctxid(o)]\n");
189 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, n = number, s = string, o = b64 binary blob");
190 ldb_set_errstring(ldb
, error_string
);
191 talloc_free(error_string
);
194 if (!(ctrl
[i
] = talloc(ctrl
, struct ldb_control
))) {
198 ctrl
[i
]->oid
= LDB_CONTROL_VLV_REQ_OID
;
199 ctrl
[i
]->critical
= crit
;
200 if (!(control
= talloc(ctrl
[i
],
201 struct ldb_vlv_req_control
))) {
205 control
->beforeCount
= bc
;
206 control
->afterCount
= ac
;
209 control
->match
.gtOrEq
.value
= talloc_strdup(control
, attr
);
210 control
->match
.gtOrEq
.value_len
= strlen(attr
);
213 control
->match
.byOffset
.offset
= os
;
214 control
->match
.byOffset
.contentCount
= cc
;
217 control
->ctxid_len
= ldb_base64_decode(ctxid
);
218 control
->contextId
= (char *)talloc_memdup(control
, ctxid
, control
->ctxid_len
);
220 control
->ctxid_len
= 0;
221 control
->contextId
= NULL
;
223 ctrl
[i
]->data
= control
;
228 if (strncmp(control_strings
[i
], "dirsync:", 8) == 0) {
229 struct ldb_dirsync_control
*control
;
232 int crit
, flags
, max_attrs
, ret
;
235 p
= &(control_strings
[i
][8]);
236 ret
= sscanf(p
, "%d:%d:%d:%1023[^$]", &crit
, &flags
, &max_attrs
, cookie
);
238 if ((ret
< 3) || (crit
< 0) || (crit
> 1) || (flags
< 0) || (max_attrs
< 0)) {
239 error_string
= talloc_asprintf(mem_ctx
, "invalid dirsync control syntax\n");
240 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):flags(n):max_attrs(n)[:cookie(o)]\n");
241 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, n = number, o = b64 binary blob");
242 ldb_set_errstring(ldb
, error_string
);
243 talloc_free(error_string
);
247 /* w2k3 seems to ignore the parameter,
248 * but w2k sends a wrong cookie when this value is to small
249 * this would cause looping forever, while getting
250 * the same data and same cookie forever
252 if (max_attrs
== 0) max_attrs
= 0x0FFFFFFF;
254 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
255 ctrl
[i
]->oid
= LDB_CONTROL_DIRSYNC_OID
;
256 ctrl
[i
]->critical
= crit
;
257 control
= talloc(ctrl
[i
], struct ldb_dirsync_control
);
258 control
->flags
= flags
;
259 control
->max_attributes
= max_attrs
;
261 control
->cookie_len
= ldb_base64_decode(cookie
);
262 control
->cookie
= (char *)talloc_memdup(control
, cookie
, control
->cookie_len
);
264 control
->cookie
= NULL
;
265 control
->cookie_len
= 0;
267 ctrl
[i
]->data
= control
;
272 if (strncmp(control_strings
[i
], "asq:", 4) == 0) {
273 struct ldb_asq_control
*control
;
279 p
= &(control_strings
[i
][4]);
280 ret
= sscanf(p
, "%d:%255[^$]", &crit
, attr
);
281 if ((ret
!= 2) || (crit
< 0) || (crit
> 1) || (attr
[0] == '\0')) {
282 error_string
= talloc_asprintf(mem_ctx
, "invalid asq control syntax\n");
283 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):attr(s)\n");
284 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, s = string");
285 ldb_set_errstring(ldb
, error_string
);
286 talloc_free(error_string
);
290 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
295 ctrl
[i
]->oid
= LDB_CONTROL_ASQ_OID
;
296 ctrl
[i
]->critical
= crit
;
297 control
= talloc(ctrl
[i
], struct ldb_asq_control
);
298 control
->request
= 1;
299 control
->source_attribute
= talloc_strdup(control
, attr
);
300 control
->src_attr_len
= strlen(attr
);
301 ctrl
[i
]->data
= control
;
306 if (strncmp(control_strings
[i
], "extended_dn:", 12) == 0) {
307 struct ldb_extended_dn_control
*control
;
311 p
= &(control_strings
[i
][12]);
312 ret
= sscanf(p
, "%d:%d", &crit
, &type
);
313 if ((ret
!= 2) || (crit
< 0) || (crit
> 1) || (type
< 0) || (type
> 1)) {
314 ret
= sscanf(p
, "%d", &crit
);
315 if ((ret
!= 1) || (crit
< 0) || (crit
> 1)) {
316 error_string
= talloc_asprintf(mem_ctx
, "invalid extended_dn control syntax\n");
317 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b)[:type(i)]\n");
318 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean\n");
319 error_string
= talloc_asprintf_append(error_string
, " i = integer\n");
320 error_string
= talloc_asprintf_append(error_string
, " valid values are: 0 - hexadecimal representation\n");
321 error_string
= talloc_asprintf_append(error_string
, " 1 - normal string representation");
322 ldb_set_errstring(ldb
, error_string
);
323 talloc_free(error_string
);
328 control
= talloc(ctrl
, struct ldb_extended_dn_control
);
329 control
->type
= type
;
332 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
337 ctrl
[i
]->oid
= LDB_CONTROL_EXTENDED_DN_OID
;
338 ctrl
[i
]->critical
= crit
;
339 ctrl
[i
]->data
= talloc_steal(ctrl
[i
], control
);
344 if (strncmp(control_strings
[i
], "sd_flags:", 9) == 0) {
345 struct ldb_sd_flags_control
*control
;
348 unsigned secinfo_flags
;
350 p
= &(control_strings
[i
][9]);
351 ret
= sscanf(p
, "%d:%u", &crit
, &secinfo_flags
);
352 if ((ret
!= 2) || (crit
< 0) || (crit
> 1) || (secinfo_flags
< 0) || (secinfo_flags
> 0xF)) {
353 error_string
= talloc_asprintf(mem_ctx
, "invalid sd_flags control syntax\n");
354 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):secinfo_flags(n)\n");
355 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, n = number");
356 ldb_set_errstring(ldb
, error_string
);
357 talloc_free(error_string
);
361 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
366 ctrl
[i
]->oid
= LDB_CONTROL_SD_FLAGS_OID
;
367 ctrl
[i
]->critical
= crit
;
368 control
= talloc(ctrl
[i
], struct ldb_sd_flags_control
);
369 control
->secinfo_flags
= secinfo_flags
;
370 ctrl
[i
]->data
= control
;
375 if (strncmp(control_strings
[i
], "search_options:", 15) == 0) {
376 struct ldb_search_options_control
*control
;
379 unsigned search_options
;
381 p
= &(control_strings
[i
][15]);
382 ret
= sscanf(p
, "%d:%u", &crit
, &search_options
);
383 if ((ret
!= 2) || (crit
< 0) || (crit
> 1) || (search_options
< 0) || (search_options
> 0xF)) {
384 error_string
= talloc_asprintf(mem_ctx
, "invalid search_options control syntax\n");
385 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):search_options(n)\n");
386 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, n = number");
387 ldb_set_errstring(ldb
, error_string
);
388 talloc_free(error_string
);
392 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
397 ctrl
[i
]->oid
= LDB_CONTROL_SEARCH_OPTIONS_OID
;
398 ctrl
[i
]->critical
= crit
;
399 control
= talloc(ctrl
[i
], struct ldb_search_options_control
);
400 control
->search_options
= search_options
;
401 ctrl
[i
]->data
= control
;
406 if (strncmp(control_strings
[i
], "domain_scope:", 13) == 0) {
410 p
= &(control_strings
[i
][13]);
411 ret
= sscanf(p
, "%d", &crit
);
412 if ((ret
!= 1) || (crit
< 0) || (crit
> 1)) {
413 error_string
= talloc_asprintf(mem_ctx
, "invalid domain_scope control syntax\n");
414 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b)\n");
415 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean");
416 ldb_set_errstring(ldb
, error_string
);
417 talloc_free(error_string
);
421 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
426 ctrl
[i
]->oid
= LDB_CONTROL_DOMAIN_SCOPE_OID
;
427 ctrl
[i
]->critical
= crit
;
428 ctrl
[i
]->data
= NULL
;
433 if (strncmp(control_strings
[i
], "paged_results:", 14) == 0) {
434 struct ldb_paged_control
*control
;
438 p
= &(control_strings
[i
][14]);
439 ret
= sscanf(p
, "%d:%d", &crit
, &size
);
441 if ((ret
!= 2) || (crit
< 0) || (crit
> 1) || (size
< 0)) {
442 error_string
= talloc_asprintf(mem_ctx
, "invalid paged_results control syntax\n");
443 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):size(n)\n");
444 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, n = number");
445 ldb_set_errstring(ldb
, error_string
);
446 talloc_free(error_string
);
450 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
455 ctrl
[i
]->oid
= LDB_CONTROL_PAGED_RESULTS_OID
;
456 ctrl
[i
]->critical
= crit
;
457 control
= talloc(ctrl
[i
], struct ldb_paged_control
);
458 control
->size
= size
;
459 control
->cookie
= NULL
;
460 control
->cookie_len
= 0;
461 ctrl
[i
]->data
= control
;
466 if (strncmp(control_strings
[i
], "server_sort:", 12) == 0) {
467 struct ldb_server_sort_control
**control
;
475 p
= &(control_strings
[i
][12]);
476 ret
= sscanf(p
, "%d:%d:%255[^:]:%127[^:]", &crit
, &rev
, attr
, rule
);
477 if ((ret
< 3) || (crit
< 0) || (crit
> 1) || (rev
< 0 ) || (rev
> 1) ||attr
[0] == '\0') {
478 error_string
= talloc_asprintf(mem_ctx
, "invalid server_sort control syntax\n");
479 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b):rev(b):attr(s)[:rule(s)]\n");
480 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean, s = string");
481 ldb_set_errstring(ldb
, error_string
);
482 talloc_free(error_string
);
485 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
490 ctrl
[i
]->oid
= LDB_CONTROL_SERVER_SORT_OID
;
491 ctrl
[i
]->critical
= crit
;
492 control
= talloc_array(ctrl
[i
], struct ldb_server_sort_control
*, 2);
493 control
[0] = talloc(control
, struct ldb_server_sort_control
);
494 control
[0]->attributeName
= talloc_strdup(control
, attr
);
496 control
[0]->orderingRule
= talloc_strdup(control
, rule
);
498 control
[0]->orderingRule
= NULL
;
499 control
[0]->reverse
= rev
;
501 ctrl
[i
]->data
= control
;
506 if (strncmp(control_strings
[i
], "notification:", 13) == 0) {
510 p
= &(control_strings
[i
][13]);
511 ret
= sscanf(p
, "%d", &crit
);
512 if ((ret
!= 1) || (crit
< 0) || (crit
> 1)) {
513 error_string
= talloc_asprintf(mem_ctx
, "invalid notification control syntax\n");
514 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b)\n");
515 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean");
516 ldb_set_errstring(ldb
, error_string
);
517 talloc_free(error_string
);
521 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
526 ctrl
[i
]->oid
= LDB_CONTROL_NOTIFICATION_OID
;
527 ctrl
[i
]->critical
= crit
;
528 ctrl
[i
]->data
= NULL
;
533 if (strncmp(control_strings
[i
], "show_deleted:", 13) == 0) {
537 p
= &(control_strings
[i
][13]);
538 ret
= sscanf(p
, "%d", &crit
);
539 if ((ret
!= 1) || (crit
< 0) || (crit
> 1)) {
540 error_string
= talloc_asprintf(mem_ctx
, "invalid show_deleted control syntax\n");
541 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b)\n");
542 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean");
543 ldb_set_errstring(ldb
, error_string
);
544 talloc_free(error_string
);
548 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
553 ctrl
[i
]->oid
= LDB_CONTROL_SHOW_DELETED_OID
;
554 ctrl
[i
]->critical
= crit
;
555 ctrl
[i
]->data
= NULL
;
560 if (strncmp(control_strings
[i
], "permissive_modify:", 18) == 0) {
564 p
= &(control_strings
[i
][18]);
565 ret
= sscanf(p
, "%d", &crit
);
566 if ((ret
!= 1) || (crit
< 0) || (crit
> 1)) {
567 error_string
= talloc_asprintf(mem_ctx
, "invalid permissive_modify control syntax\n");
568 error_string
= talloc_asprintf_append(error_string
, " syntax: crit(b)\n");
569 error_string
= talloc_asprintf_append(error_string
, " note: b = boolean");
570 ldb_set_errstring(ldb
, error_string
);
571 talloc_free(error_string
);
575 ctrl
[i
] = talloc(ctrl
, struct ldb_control
);
580 ctrl
[i
]->oid
= LDB_CONTROL_PERMISSIVE_MODIFY_OID
;
581 ctrl
[i
]->critical
= crit
;
582 ctrl
[i
]->data
= NULL
;
587 /* no controls matched, throw an error */
588 ldb_asprintf_errstring(ldb
, "Invalid control name: '%s'", control_strings
[i
]);