/** * Add an element to the schema (attribute or class) from an LDB message */ WERROR dsdb_schema_set_el_from_ldb_msg(struct ldb_context *ldb, struct dsdb_schema *schema, struct ldb_message *msg) { static struct ldb_parse_tree *attr_tree, *class_tree; if (!attr_tree) { attr_tree = ldb_parse_tree(talloc_autofree_context(), "(objectClass=attributeSchema)"); if (!attr_tree) { return WERR_NOMEM; } } if (!class_tree) { class_tree = ldb_parse_tree(talloc_autofree_context(), "(objectClass=classSchema)"); if (!class_tree) { return WERR_NOMEM; } } if (ldb_match_msg(ldb, msg, attr_tree, NULL, LDB_SCOPE_BASE)) { return dsdb_attribute_from_ldb(ldb, schema, msg); } else if (ldb_match_msg(ldb, msg, class_tree, NULL, LDB_SCOPE_BASE)) { return dsdb_class_from_ldb(schema, msg); } /* Don't fail on things not classes or attributes */ return WERR_OK; }
static NTSTATUS tcp_ldap_rootdse(void *data, TALLOC_CTX *mem_ctx, struct cldap_search *io) { struct ldap_connection *conn = talloc_get_type(data, struct ldap_connection); struct ldap_message *msg, *result; struct ldap_request *req; int i; NTSTATUS status; msg = new_ldap_message(mem_ctx); if (!msg) { return NT_STATUS_NO_MEMORY; } msg->type = LDAP_TAG_SearchRequest; msg->r.SearchRequest.basedn = ""; msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE; msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER; msg->r.SearchRequest.timelimit = 0; msg->r.SearchRequest.sizelimit = 0; msg->r.SearchRequest.attributesonly = false; msg->r.SearchRequest.tree = ldb_parse_tree(msg, io->in.filter); msg->r.SearchRequest.num_attributes = str_list_length(io->in.attributes); msg->r.SearchRequest.attributes = io->in.attributes; req = ldap_request_send(conn, msg); if (req == NULL) { printf("Could not setup ldap search\n"); return NT_STATUS_UNSUCCESSFUL; } ZERO_STRUCT(io->out); for (i = 0; i < 2; ++i) { status = ldap_result_n(req, i, &result); if (!NT_STATUS_IS_OK(status)) { return status; } switch (result->type) { case LDAP_TAG_SearchResultEntry: if (i != 0) { return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } io->out.response = &result->r.SearchResultEntry; break; case LDAP_TAG_SearchResultDone: io->out.result = &result->r.SearchResultDone; if (io->out.result->resultcode != LDAP_SUCCESS) { return NT_STATUS_LDAP(io->out.result->resultcode); } return NT_STATUS_OK; default: return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } } return NT_STATUS_OK; }
/* Build a request to search the local record by its DN. */ static int map_search_self_req(struct ldb_request **req, struct map_context *ac, struct ldb_dn *dn) { /* attrs[] is returned from this function in * ac->search_req->op.search.attrs, so it must be static, as * otherwise the compiler can put it on the stack */ static const char * const attrs[] = { IS_MAPPED, NULL }; struct ldb_parse_tree *tree; /* Limit search to records with 'IS_MAPPED' present */ tree = ldb_parse_tree(ac, "(" IS_MAPPED "=*)"); if (tree == NULL) { map_oom(ac->module); return LDB_ERR_OPERATIONS_ERROR; } *req = map_search_base_req(ac, dn, attrs, tree, ac, map_search_self_callback); if (*req == NULL) { return LDB_ERR_OPERATIONS_ERROR; } return LDB_SUCCESS; }
static bool test_search_auth_empty_substring(struct ldap_connection *conn, const char *basedn) { bool ret = true; struct ldap_message *msg, *result; struct ldap_request *req; NTSTATUS status; struct ldap_Result *r; printf("Testing authenticated base Search with objectclass= substring filter\n"); msg = new_ldap_message(conn); if (!msg) { return false; } msg->type = LDAP_TAG_SearchRequest; msg->r.SearchRequest.basedn = basedn; msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE; msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER; msg->r.SearchRequest.timelimit = 0; msg->r.SearchRequest.sizelimit = 0; msg->r.SearchRequest.attributesonly = false; msg->r.SearchRequest.tree = ldb_parse_tree(msg, "(objectclass=*)"); msg->r.SearchRequest.tree->operation = LDB_OP_SUBSTRING; msg->r.SearchRequest.tree->u.substring.attr = "objectclass"; msg->r.SearchRequest.tree->u.substring.start_with_wildcard = 1; msg->r.SearchRequest.tree->u.substring.end_with_wildcard = 1; msg->r.SearchRequest.tree->u.substring.chunks = NULL; msg->r.SearchRequest.num_attributes = 0; msg->r.SearchRequest.attributes = NULL; req = ldap_request_send(conn, msg); if (req == NULL) { printf("Could not setup ldap search\n"); return false; } status = ldap_result_one(req, &result, LDAP_TAG_SearchResultDone); if (!NT_STATUS_IS_OK(status)) { printf("looking for search result done failed - %s\n", nt_errstr(status)); return false; } printf("received %d replies\n", req->num_replies); r = &result->r.SearchResultDone; if (r->resultcode != LDAP_SUCCESS) { printf("search result done gave error - %s\n", ldb_strerror(r->resultcode)); return false; } return ret; }
ADS_STATUS ads_do_search_all_sd_flags (ADS_STRUCT *ads, const char *dn, int scope, const char *filter, const char **attrs, uint32_t sd_flags, LDAPMessage **res) { int rv; struct ldb_request *req; struct ldb_control **controls; struct ldb_parse_tree *tree; struct ldb_dn *ldb_dn; controls = talloc_zero_array(ads, struct ldb_control *, 2); controls[0] = talloc(ads, struct ldb_control); controls[0]->oid = LDB_CONTROL_SD_FLAGS_OID; controls[0]->data = &sd_flags; controls[0]->critical = 1; tree = ldb_parse_tree(ads, filter); ldb_dn = ldb_dn_new(ads, ads->ldbctx, dn); rv = ldb_build_search_req_ex(&req, ads->ldbctx, (TALLOC_CTX *)res, ldb_dn, scope, tree, attrs, controls, res, ldb_search_default_callback, NULL); if (rv != LDB_SUCCESS) { talloc_free(*res); talloc_free(req); talloc_free(tree); return ADS_ERROR(rv); } rv = ldb_request(ads->ldbctx, req); if (rv == LDB_SUCCESS) { rv = ldb_wait(req->handle, LDB_WAIT_ALL); } talloc_free(req); talloc_free(tree); return ADS_ERROR(rv); }
static bool test_search_rootDSE(struct ldap_connection *conn, const char **basedn, const char ***partitions) { bool ret = true; struct ldap_message *msg, *result; struct ldap_request *req; int i; struct ldap_SearchResEntry *r; NTSTATUS status; printf("Testing RootDSE Search\n"); *basedn = NULL; if (partitions != NULL) { *partitions = const_str_list(str_list_make_empty(conn)); } msg = new_ldap_message(conn); if (!msg) { return false; } msg->type = LDAP_TAG_SearchRequest; msg->r.SearchRequest.basedn = ""; msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE; msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER; msg->r.SearchRequest.timelimit = 0; msg->r.SearchRequest.sizelimit = 0; msg->r.SearchRequest.attributesonly = false; msg->r.SearchRequest.tree = ldb_parse_tree(msg, "(objectclass=*)"); msg->r.SearchRequest.num_attributes = 0; msg->r.SearchRequest.attributes = NULL; req = ldap_request_send(conn, msg); if (req == NULL) { printf("Could not setup ldap search\n"); return false; } status = ldap_result_one(req, &result, LDAP_TAG_SearchResultEntry); if (!NT_STATUS_IS_OK(status)) { printf("search failed - %s\n", nt_errstr(status)); return false; } printf("received %d replies\n", req->num_replies); r = &result->r.SearchResultEntry; DEBUG(1,("\tdn: %s\n", r->dn)); for (i=0; i<r->num_attributes; i++) { int j; for (j=0; j<r->attributes[i].num_values; j++) { DEBUG(1,("\t%s: %d %.*s\n", r->attributes[i].name, (int)r->attributes[i].values[j].length, (int)r->attributes[i].values[j].length, (char *)r->attributes[i].values[j].data)); if (!(*basedn) && strcasecmp("defaultNamingContext",r->attributes[i].name)==0) { *basedn = talloc_asprintf(conn, "%.*s", (int)r->attributes[i].values[j].length, (char *)r->attributes[i].values[j].data); } if ((partitions != NULL) && (strcasecmp("namingContexts", r->attributes[i].name) == 0)) { char *entry = talloc_asprintf(conn, "%.*s", (int)r->attributes[i].values[j].length, (char *)r->attributes[i].values[j].data); *partitions = str_list_add(*partitions, entry); } } } return ret; }