DWORD _VdcAddCopiesToHashTable( PLW_HASHMAP pHashMap, PCSTR pszKey, PCSTR pszValue ) { DWORD dwError = 0; PSTR pszKeyCopy = NULL; PSTR pszValueCopy = NULL; dwError = VmDirAllocateStringA(pszKey, &pszKeyCopy); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringA(pszValue, &pszValueCopy); BAIL_ON_VMDIR_ERROR(dwError); dwError = LwRtlHashMapInsert(pHashMap, pszKeyCopy, pszValueCopy, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: return dwError; error: VMDIR_SAFE_FREE_STRINGA(pszKeyCopy); VMDIR_SAFE_FREE_STRINGA(pszValueCopy); goto cleanup; }
DWORD TryToWriteSD( PVMDIR_TEST_STATE pState, PCSTR pszContainer ) { DWORD dwError = 0; PSTR ppszAttributeValues[] = { NULL, NULL }; PSTR pszUserName = NULL; PSTR pszUserDn = NULL; PSTR pszDomainSid = NULL; dwError = VmDirTestGetGuid(&pszUserName); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestCreateUser(pState, pszContainer, pszUserName, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszUserDn, "cn=%s,cn=%s,%s", pszUserName, pszContainer, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestGetDomainSid(pState, pState->pszBaseDN, &pszDomainSid); BAIL_ON_VMDIR_ERROR(dwError); // Random SD. Actual values don't (entirely) matter. dwError = VmDirAllocateStringPrintf( &ppszAttributeValues[0], "O:BAG:BAD:(A;;RCRPWPWDSD;;;%s-500)(A;;RCRPWPWDSD;;;%s-544)", pszDomainSid, pszDomainSid); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestReplaceAttributeValues( pState->pLd, pszUserDn, ATTR_ACL_STRING, (PCSTR*)ppszAttributeValues); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(ppszAttributeValues[0]); VMDIR_SAFE_FREE_STRINGA(pszDomainSid); VMDIR_SAFE_FREE_STRINGA(pszUserName); VMDIR_SAFE_FREE_STRINGA(pszUserDn); return dwError; error: goto cleanup; }
DWORD VmDirCreateTransientSecurityDescriptor( BOOLEAN bAllowAnonymousRead, PVMDIR_SECURITY_DESCRIPTOR pvsd ) { DWORD dwError = 0; PSTR pszDomainDN = NULL; PSTR pszAdminsGroupSid = NULL; PSTR pszDomainAdminsGroupSid = NULL; VMDIR_SECURITY_DESCRIPTOR SecDesc = {0}; pszDomainDN = BERVAL_NORM_VAL(gVmdirServerGlobals.systemDomainDN); dwError = VmDirGenerateWellknownSid( pszDomainDN, VMDIR_DOMAIN_ALIAS_RID_ADMINS, &pszAdminsGroupSid); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirGenerateWellknownSid( pszDomainDN, VMDIR_DOMAIN_ADMINS_RID, &pszDomainAdminsGroupSid); BAIL_ON_VMDIR_ERROR(dwError); // Create default security descriptor for internally-created entries. dwError = VmDirSrvCreateSecurityDescriptor( VMDIR_ENTRY_ALL_ACCESS_NO_DELETE_CHILD_BUT_DELETE_OBJECT, BERVAL_NORM_VAL(gVmdirServerGlobals.bvDefaultAdminDN), pszAdminsGroupSid, pszDomainAdminsGroupSid, FALSE, bAllowAnonymousRead, bAllowAnonymousRead, FALSE, FALSE, &SecDesc); BAIL_ON_VMDIR_ERROR(dwError); pvsd->pSecDesc = SecDesc.pSecDesc; pvsd->ulSecDesc = SecDesc.ulSecDesc; pvsd->SecInfo = SecDesc.SecInfo; cleanup: VMDIR_SAFE_FREE_STRINGA(pszAdminsGroupSid); VMDIR_SAFE_FREE_STRINGA(pszDomainAdminsGroupSid); return dwError; error: goto cleanup; }
static DWORD VmDirSetEnvironment( VOID ) { DWORD dwError = 0; PSTR pszKrb5Conf = NULL; dwError = VmDirRegReadKrb5Conf(&pszKrb5Conf); if (dwError) { dwError = VmDirAllocateStringA(VMDIR_DEFAULT_KRB5_CONF, &pszKrb5Conf); BAIL_ON_VMDIR_ERROR(dwError); } if (-1 == setenv("KRB5_CONFIG", pszKrb5Conf, 1)) { dwError = ERROR_NO_MEMORY; BAIL_ON_VMDIR_ERROR(dwError); } cleanup: VMDIR_SAFE_FREE_STRINGA(pszKrb5Conf); return dwError; error: VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "VmDirSetEnvironment failed (%u)", dwError); goto cleanup; }
DWORD VmDirTestConnectionFromUser( PVMDIR_TEST_STATE pState, PCSTR pszUserName, LDAP **ppLd ) { DWORD dwError = 0; PSTR pszUserUPN = NULL; LDAP *pLd; dwError = VmDirAllocateStringPrintf( &pszUserUPN, "%s@%s", pszUserName, pState->pszDomain); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSafeLDAPBind( &pLd, pState->pszServerName, pszUserUPN, pState->pszPassword); BAIL_ON_VMDIR_ERROR(dwError); *ppLd = pLd; cleanup: VMDIR_SAFE_FREE_STRINGA(pszUserUPN); return dwError; error: goto cleanup; }
DWORD VmDirSetBaseDN( PVMDIR_TEST_STATE pState ) { PSTR pszBaseDN = NULL; DWORD dwError = 0; PSTR pszDot = NULL; pszDot = strchr(pState->pszDomain, '.'); if (pszDot == NULL) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER); } *pszDot = '\0'; dwError = VmDirAllocateStringPrintf( &pszBaseDN, "dc=%s,dc=%s", pState->pszDomain, pszDot + 1); *pszDot = '.'; BAIL_ON_VMDIR_ERROR(dwError); pState->pszBaseDN = pszBaseDN; cleanup: return dwError; error: VMDIR_SAFE_FREE_STRINGA(pszBaseDN); goto cleanup; }
DWORD _VdcGetAttributeFromEntry( LDAP *pLd, LDAPMessage* pEntry, PSTR pszAttributeName, PSTR *ppszAttributeValue ) { DWORD dwError = 0; PSTR pszAttributeValue = NULL; BerValue** ppBerValues = NULL; ppBerValues = ldap_get_values_len(pLd, pEntry, pszAttributeName); if (ppBerValues != NULL && ldap_count_values_len(ppBerValues) > 0) { dwError = VmDirAllocateStringA(ppBerValues[0][0].bv_val, &pszAttributeValue); BAIL_ON_VMDIR_ERROR(dwError); } *ppszAttributeValue = pszAttributeValue; cleanup: if (ppBerValues) { ldap_value_free_len(ppBerValues); ppBerValues = NULL; } return dwError; error: VMDIR_SAFE_FREE_STRINGA(pszAttributeValue); goto cleanup; }
DWORD VmDirTestCreateContainer( PVMDIR_TEST_STATE pState, PCSTR pszContainer, PCSTR pszAcl /* OPTIONAL */ ) { DWORD dwError = 0; PCSTR valsCn[] = {pszContainer, NULL}; PCSTR valsClass[] = {"top", "container", NULL}; PCSTR valsAcl[] = {pszAcl, NULL}; PSTR pszDN = NULL; LDAPMod mod[]={ {LDAP_MOD_ADD, ATTR_CN, {(PSTR*)valsCn}}, {LDAP_MOD_ADD, ATTR_OBJECT_CLASS, {(PSTR*)valsClass}}, {LDAP_MOD_ADD, ATTR_ACL_STRING, {(PSTR*)valsAcl}}, }; LDAPMod *attrs[] = {&mod[0], &mod[1], &mod[2], NULL}; if (IsNullOrEmptyString(pszContainer)) { valsCn[0] = VmDirTestGetTestContainerCn(pState); dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,%s", VmDirTestGetTestContainerCn(pState), pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); } else { dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,cn=%s,%s", pszContainer, VmDirTestGetTestContainerCn(pState), pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); } if (IsNullOrEmptyString(pszAcl)) { attrs[2] = NULL; } dwError = ldap_add_ext_s( pState->pLd, pszDN, attrs, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
VOID VmDirFreeConnCredContent( PVMDIR_CONNECTION_CREDS pCreds ) { if (pCreds) { VMDIR_SAFE_FREE_STRINGA(pCreds->pszUPN); VMDIR_SECURE_FREE_STRINGA(pCreds->pszPassword); VMDIR_SECURE_FREE_STRINGA(pCreds->pszOldPassword); } }
VOID VmDirFreeDCConnContent( PVMDIR_DC_CONNECTION pDCConn ) { if (pDCConn) { VmDirFreeConnCredContent(&pDCConn->creds); VMDIR_SAFE_FREE_STRINGA(pDCConn->pszRemoteDCHostName); VDIR_SAFE_UNBIND_EXT_S(pDCConn->pLd); } }
DWORD VmDirTestCreateObjectByDNPrefix( PVMDIR_TEST_STATE pState, PCSTR pszDNPrefix, PCSTR pszClassName ) { DWORD dwError = 0; PSTR pszCN = NULL; PSTR pszDN = NULL; PSTR valsCn[] = { NULL, NULL }; PSTR valsClass[] = { NULL, NULL }; LDAPMod mod[]= { { LDAP_MOD_ADD, ATTR_CN, { valsCn } }, { LDAP_MOD_ADD, ATTR_OBJECT_CLASS, { valsClass } }, }; LDAPMod *attrs[] = {&mod[0], &mod[1], NULL}; dwError = VmDirDnLastRDNToCn(pszDNPrefix, &pszCN); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszDN, "%s,%s", pszDNPrefix, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); valsCn[0] = pszCN; valsClass[0] = (PSTR)pszClassName; dwError = ldap_add_ext_s(pState->pLd, pszDN, attrs, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszCN); VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
DWORD TryToListObject( PVMDIR_TEST_STATE pState, PCSTR pszContainer ) { DWORD dwError = 0; PSTR pszDn = NULL; PSTR pszUserName = NULL; dwError = VmDirTestGetGuid(&pszUserName); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestCreateUser(pState, pszContainer, pszUserName, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszDn, "cn=%s,cn=%s,%s", pszUserName, pszContainer, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = _VdcSearchForEntryAndAttribute( pState->pLd, pszDn, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszUserName); VMDIR_SAFE_FREE_STRINGA(pszDn); return dwError; error: goto cleanup; }
DWORD TryToReadSD( PVMDIR_TEST_STATE pState, PCSTR pszContainer ) { DWORD dwError = 0; PSTR pszAttribute = NULL; PSTR pszUserName = NULL; PSTR pszUserDn = NULL; dwError = VmDirTestGetGuid(&pszUserName); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestCreateUser(pState, pszContainer, pszUserName, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszUserDn, "cn=%s,cn=%s,%s", pszUserName, pszContainer, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = _VdcSearchForEntryAndAttribute( pState->pLd, pszUserDn, ATTR_ACL_STRING, &pszAttribute); BAIL_ON_VMDIR_ERROR(dwError); // // Make sure there's data. We don't bother validating the contents of the // SD as that's installation- and entry-specific. // if (strlen(pszAttribute) == 0) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION); } cleanup: VMDIR_SAFE_FREE_STRINGA(pszAttribute); return dwError; error: goto cleanup; }
DWORD VmDirUTDVectorCacheAdd( PVMDIR_UTDVECTOR_CACHE pUTDVector, PCSTR pszInvocationId, PCSTR pszUsn ) { DWORD dwError = 0; BOOLEAN bInLock = FALSE; PSTR pszDupKey = NULL; USN Usn = 0; LW_HASHMAP_PAIR pair = {0}; if (IsNullOrEmptyString(pszInvocationId) || !pUTDVector) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER); } dwError = VmDirAllocateStringA(pszInvocationId, &pszDupKey); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirStringToINT64(pszUsn, NULL, &Usn); BAIL_ON_VMDIR_ERROR(dwError); VMDIR_RWLOCK_READLOCK(bInLock, pUTDVector->pUtdVectorLock, 0); dwError = LwRtlHashMapInsert(pUTDVector->pUtdVectorMap, pszDupKey, (PVOID)Usn, &pair); BAIL_ON_VMDIR_ERROR(dwError); VmDirSimpleHashMapPairFreeKeyOnly(&pair, NULL); pszDupKey = NULL; VMDIR_SAFE_FREE_STRINGA(pUTDVector->pszUtdVector); dwError = VmDirVectorToStr(pUTDVector->pUtdVectorMap, _VmDirUTDVectorPairToStr, &pUTDVector->pszUtdVector); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_RWLOCK_UNLOCK(bInLock, pUTDVector->pUtdVectorLock); VMDIR_SAFE_FREE_MEMORY(pszDupKey); return dwError; error: VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "failed, error (%d)", dwError); goto cleanup; }
DWORD TestInfrastructureInitialize( PVMDIR_TEST_STATE pState ) { DWORD dwError = 0; PSTR pszLdapUri = NULL; pState->pfnCleanupCallback = TestInfrastructureCleanup; pState->pszTestContainerName = DEFAULT_TEST_CONTAINER_NAME; pState->pszInternalUserName = DEFAULT_INTERNAL_USER_NAME; dwError = VmDirSetBaseDN(pState); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSafeLDAPBind( &pState->pLd, pState->pszServerName, pState->pszUserUPN, pState->pszPassword); BAIL_ON_VMDIR_ERROR(dwError); // // Cleanup any leftover state from a previous run. // (VOID)VmDirTestDeleteContainer(pState, NULL); dwError = VmDirTestCreateAnonymousConnection( pState->pszServerName, &pState->pLdAnonymous); BAIL_ON_VMDIR_ERROR(dwError); dwError = _VmDirTestCreateLimitedUserAndConnection(pState); BAIL_ON_VMDIR_ERROR(dwError); dwError = _VmDirTestCreateTestContainer(pState); BAIL_ON_VMDIR_ERROR(dwError); cleanup: return dwError; error: VMDIR_SAFE_FREE_STRINGA(pszLdapUri); goto cleanup; }
static DWORD VmDirRegConfigGetString( PVMDIR_CONFIG_CONNECTION_HANDLE pCfgHandle, PCSTR pszSubKey, PCSTR pszKeyName, PSTR *ppszValue) { DWORD dwError = 0; char szValue[VMDIR_MAX_CONFIG_VALUE_LENGTH] = {0}; DWORD dwszValueSize = sizeof(szValue); PSTR pszValue = NULL; dwError = RegGetValueA( #ifndef _WIN32 pCfgHandle->hConnection, #endif pCfgHandle->hKey, pszSubKey, pszKeyName, RRF_RT_REG_SZ, NULL, szValue, &dwszValueSize); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringA(szValue, &pszValue); BAIL_ON_VMDIR_ERROR(dwError); *ppszValue = pszValue; cleanup: return dwError; error: *ppszValue = NULL; VMDIR_SAFE_FREE_STRINGA(pszValue); goto cleanup; }
DWORD VmDirTestCreateClass( PVMDIR_TEST_STATE pState, PCSTR pszClassName ) { DWORD dwError = 0; PCSTR valsCn[] = {pszClassName, NULL}; PCSTR valsClass[] = {"classschema", NULL}; PCSTR valsSubclass[] = {OC_TOP, NULL}; PCSTR valsGovernsId[] = {"111.111.4.001", NULL}; PCSTR valsCategory[] = {"1", NULL}; PSTR pszDN = NULL; LDAPMod mod[]={ {LDAP_MOD_ADD, ATTR_CN, {(PSTR*)valsCn}}, {LDAP_MOD_ADD, ATTR_OBJECT_CLASS, {(PSTR*)valsClass}}, {LDAP_MOD_ADD, "governsid", {(PSTR*)valsGovernsId}}, {LDAP_MOD_ADD, "objectclasscategory", {(PSTR*)valsCategory}}, {LDAP_MOD_ADD, "subclassof", {(PSTR*)valsSubclass}}, }; LDAPMod *attrs[] = {&mod[0], &mod[1], &mod[2], &mod[3], &mod[4], NULL}; dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,cn=schemacontext", pszClassName); BAIL_ON_VMDIR_ERROR(dwError); dwError = ldap_add_ext_s( pState->pLd, pszDN, attrs, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
DWORD TryToReadProperties( PVMDIR_TEST_STATE pState, PCSTR pszContainer ) { DWORD dwError = 0; PSTR pszAttribute = NULL; PSTR pszUserName = NULL; PSTR pszUserDn = NULL; dwError = VmDirTestGetGuid(&pszUserName); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestCreateUser(pState, pszContainer, pszUserName, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszUserDn, "cn=%s,cn=%s,%s", pszUserName, pszContainer, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = _VdcSearchForEntryAndAttribute( pState->pLd, pszUserDn, ATTR_SAM_ACCOUNT_NAME, &pszAttribute); BAIL_ON_VMDIR_ERROR(dwError); if (strcmp(pszAttribute, pszUserName) != 0) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION); } cleanup: VMDIR_SAFE_FREE_STRINGA(pszAttribute); return dwError; error: goto cleanup; }
/* * Bind to a host with the handle to be used later */ DWORD VmDirConnectLDAPServerWithMachineAccount( PCSTR pszHostName, PCSTR pszDomain, LDAP** ppLd ) { DWORD dwError = 0; PSTR pszDCAccount = NULL; PSTR pszDCAccountPassword = NULL; char bufUPN[VMDIR_MAX_UPN_LEN] = {0}; LDAP* pLd = NULL; dwError = VmDirRegReadDCAccount( &pszDCAccount); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirReadDCAccountPassword( &pszDCAccountPassword); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirStringPrintFA( bufUPN, sizeof(bufUPN)-1, "%s@%s", pszDCAccount, pszDomain); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSafeLDAPBindExt1( &pLd, pszHostName, bufUPN, pszDCAccountPassword, MAX_LDAP_CONNECT_NETWORK_TIMEOUT); BAIL_ON_VMDIR_ERROR(dwError); *ppLd = pLd; cleanup: VMDIR_SAFE_FREE_STRINGA(pszDCAccount); VMDIR_SECURE_FREE_STRINGA(pszDCAccountPassword); return dwError; error: goto cleanup; }
/* * Caller release schema ctx */ VOID VmDirSchemaCtxRelease( PVDIR_SCHEMA_CTX pCtx ) { BOOLEAN bInLock = FALSE; USHORT usRefCnt = 0; USHORT usSelfRef = 0; if ( pCtx ) { if ( pCtx->pSchema ) { VMDIR_LOCK_MUTEX(bInLock, pCtx->pSchema->mutex); pCtx->pSchema->usRefCount--; usRefCnt = pCtx->pSchema->usRefCount; usSelfRef = pCtx->pSchema->usNumSelfRef; VMDIR_UNLOCK_MUTEX(bInLock, pCtx->pSchema->mutex); if (usRefCnt == usSelfRef) { // only self reference within pSchema exists, free pSchema itself. // self references are established during init before normal references. VMDIR_LOG_VERBOSE( VMDIR_LOG_MASK_ALL, "Free unreferenced schema instance (%p)", pCtx->pSchema); #if 0 /* BUGBUG - reenable this when Purify report is clean */ VdirSchemaInstanceFree(pCtx->pSchema); #endif } } VMDIR_SAFE_FREE_STRINGA(pCtx->pszErrorMsg); VMDIR_SAFE_FREE_MEMORY(pCtx); } return; }
DWORD _VmDirTestCreateLimitedUserAndConnection( PVMDIR_TEST_STATE pState ) { DWORD dwError = 0; PSTR pszUserUPN = NULL; LDAP *pLd; dwError = VmDirTestCreateUser( pState, NULL, VmDirTestGetInternalUserCn(pState), NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf( &pszUserUPN, "%s@%s", VmDirTestGetInternalUserCn(pState), pState->pszDomain); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSafeLDAPBind( &pLd, pState->pszServerName, pszUserUPN, pState->pszPassword); BAIL_ON_VMDIR_ERROR(dwError); pState->pLdLimited = pLd; cleanup: VMDIR_SAFE_FREE_STRINGA(pszUserUPN); return dwError; error: printf("%s failed with error %d\n", __FUNCTION__, dwError); goto cleanup; }
DWORD VmDirTestDeleteContainer( PVMDIR_TEST_STATE pState, PCSTR pszContainer ) { DWORD dwError = 0; PSTR pszDN = NULL; if (IsNullOrEmptyString(pszContainer)) { dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,%s", VmDirTestGetTestContainerCn(pState), pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); } else { dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,cn=%s,%s", pszContainer, VmDirTestGetTestContainerCn(pState), pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirTestDeleteContainerByDn(pState->pLd, pszDN); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
static VOID VmDirRegConfigTableFreeContents( PVMDIR_CONFIG_ENTRY pCfgTable, DWORD dwNumEntries ) { DWORD iEntry = 0; for (; iEntry < dwNumEntries; iEntry++) { PVMDIR_CONFIG_ENTRY pEntry = &pCfgTable[iEntry]; if (pEntry->Type == VMDIR_CONFIG_VALUE_TYPE_STRING) { VMDIR_SAFE_FREE_STRINGA(pEntry->pszValue); } else if (pEntry->Type == VMDIR_CONFIG_VALUE_TYPE_MULTISTRING) { VMDIR_SAFE_FREE_MEMORY(pEntry->pszValue); } } }
DWORD VmDirTestDeleteObjectByDNPrefix( PVMDIR_TEST_STATE pState, PCSTR pszDNPrefix ) { DWORD dwError = 0; PSTR pszDN = NULL; dwError = VmDirAllocateStringPrintf( &pszDN, "%s,%s", pszDNPrefix, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = ldap_delete_ext_s(pState->pLd, pszDN, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
DWORD VmDirTestCreateObject( PVMDIR_TEST_STATE pState, PCSTR pszContainer, PCSTR pszClassName, PCSTR pszObjectName ) { DWORD dwError = 0; PCSTR valsCn[] = {pszObjectName, NULL}; PCSTR valsClass[] = {"classschema", NULL}; PSTR pszDN = NULL; LDAPMod mod[]={ {LDAP_MOD_ADD, ATTR_CN, {(PSTR*)valsCn}}, {LDAP_MOD_ADD, ATTR_OBJECT_CLASS, {(PSTR*)valsClass}}, }; LDAPMod *attrs[] = {&mod[0], &mod[1], NULL}; dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,cn=%s,cn=%s,%s", pszClassName, pszContainer, VmDirTestGetTestContainerCn(pState), pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = ldap_add_ext_s(pState->pLd, pszDN, attrs, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: goto cleanup; }
DWORD TryToDeleteObject( PVMDIR_TEST_STATE pState, PCSTR pszContainer // TODO ) { DWORD dwError = 0; PSTR pszUserName = NULL; dwError = VmDirTestGetGuid(&pszUserName); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestCreateUser(pState, pszContainer, pszUserName, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestDeleteUser(pState, pszContainer, pszUserName); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszUserName); return dwError; error: goto cleanup; }
/* Replace attribute on all matched entries */ DWORD VdcLdapReplaceAttrOnEntries( LDAP *pLd, PCSTR pszBase, int ldapScope, PCSTR pszFilter, PCSTR pAttrName, PCSTR pAttrVal ) { DWORD dwError = 0; LDAPMessage *pResult = NULL; PSTR pszDn = NULL; PCSTR ppszAttrs[] = {ATTR_DN, NULL}; LDAPMod mod = {0}; LDAPMod* mods[2] = {&mod, NULL}; PSTR vals[2] = {0}; int totalCnt = 0; int failedCnt = 0; int alreadyUpdatedCnt = 0; PSTR oldAttrVal = NULL; mod.mod_op = LDAP_MOD_REPLACE; mod.mod_type = (PSTR)pAttrName; vals[0] = (PSTR)pAttrVal; vals[1] = NULL; mod.mod_vals.modv_strvals = vals; dwError = ldap_search_ext_s( pLd, pszBase, ldapScope, pszFilter ? pszFilter : "", (PSTR*)ppszAttrs, 0, NULL, NULL, NULL, -1, &pResult); BAIL_ON_VMDIR_ERROR(dwError); if (ldap_count_entries(pLd, pResult) > 0) { LDAPMessage* pEntry = ldap_first_entry(pLd, pResult); for (; pEntry != NULL; pEntry = ldap_next_entry(pLd, pEntry)) { if (pszDn) { ldap_memfree(pszDn); pszDn = NULL; } pszDn = ldap_get_dn(pLd, pEntry); VMDIR_SAFE_FREE_STRINGA(oldAttrVal); dwError = VdcLdapGetAttributeValue( pLd, pszDn, pAttrName, &oldAttrVal); if (dwError == LDAP_SUCCESS && VmDirStringCompareA(oldAttrVal, pAttrVal, FALSE)==0) { totalCnt++; alreadyUpdatedCnt++; continue; } dwError = ldap_modify_ext_s( pLd, pszDn, mods, NULL, NULL); if (dwError != LDAP_SUCCESS) { failedCnt++; } totalCnt++; } } cleanup: if (pResult) { ldap_msgfree(pResult); pResult = NULL; } if (pszDn) { ldap_memfree(pszDn); pszDn = NULL; } VMDIR_SAFE_FREE_STRINGA(oldAttrVal); return dwError; error: goto cleanup; }
DWORD _VmDirTestCreateTestContainer( PVMDIR_TEST_STATE pState ) { DWORD dwError = 0; PCSTR valsCn[] = {DEFAULT_TEST_CONTAINER_NAME, NULL}; PCSTR valsClass[] = {OC_TOP, OC_CONTAINER, NULL}; PCSTR valsAcl[] = {NULL, NULL}; PSTR pszDN = NULL; PSTR pszDomainSid = NULL; PSTR pszAclString = NULL; PSTR pszLimitedUserSid = NULL; LDAPMod mod[] = { {LDAP_MOD_ADD, ATTR_CN, {(PSTR*)valsCn}}, {LDAP_MOD_ADD, ATTR_OBJECT_CLASS, {(PSTR*)valsClass}}, {LDAP_MOD_ADD, ATTR_ACL_STRING, {(PSTR*)valsAcl}}, }; LDAPMod *attrs[] = {&mod[0], &mod[1], &mod[2], NULL}; dwError = VmDirAllocateStringPrintf( &pszDN, "cn=%s,%s", DEFAULT_TEST_CONTAINER_NAME, pState->pszBaseDN); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestGetDomainSid(pState, pState->pszBaseDN, &pszDomainSid); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirTestGetUserSid(pState, VmDirTestGetInternalUserCn(pState), NULL, &pszLimitedUserSid); BAIL_ON_VMDIR_ERROR(dwError); // O:%s-500G:BAD:(A;;RPWP;;;S-1-7-32-666)(A;;GXNRNWGXCCDCRPWP;;;BA)(A;;GXNRNWGXCCDCRPWP;;;%s-500)", dwError = VmDirAllocateStringPrintf( &pszAclString, "O:%s-500G:BAD:(A;;CCDCRPWP;;;BA)(A;;CCDCRPWP;;;%s-500)(A;;CCRPWP;;;%s)", pszDomainSid, pszDomainSid, pszLimitedUserSid); BAIL_ON_VMDIR_ERROR(dwError); valsAcl[0] = pszAclString; dwError = ldap_add_ext_s( pState->pLd, pszDN, attrs, NULL, NULL); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VMDIR_SAFE_FREE_STRINGA(pszAclString); VMDIR_SAFE_FREE_STRINGA(pszLimitedUserSid); VMDIR_SAFE_FREE_STRINGA(pszDomainSid); VMDIR_SAFE_FREE_STRINGA(pszDN); return dwError; error: printf("%s failed with error %d\n", __FUNCTION__, dwError); goto cleanup; }
/* * Set vmwPasswordNeverExpires (if it doesn't have a value) to TRUE * on the domain administrator's account. */ DWORD VmDirSetAdministratorPasswordNeverExpires( VOID ) { DWORD dwError = 0; PCSTR pszDomainDn = NULL; const CHAR szAdministrator[] = "cn=Administrator,cn=Users"; const CHAR szTrue[] = "TRUE"; PSTR pszAdministratorDn = NULL; VDIR_OPERATION op = {0}; PSTR pszLocalErrMsg = NULL; VDIR_ENTRY_ARRAY entryArray = {0}; PVDIR_ENTRY pEntry = NULL; VDIR_BERVALUE bervBlob = VDIR_BERVALUE_INIT; pszDomainDn = gVmdirServerGlobals.systemDomainDN.lberbv.bv_val; if (pszDomainDn == NULL) { dwError = ERROR_INVALID_STATE; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirAllocateStringPrintf(&pszAdministratorDn, "%s,%s", szAdministrator, pszDomainDn); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSimpleEqualFilterInternalSearch( pszDomainDn, LDAP_SCOPE_SUBTREE, ATTR_DN, pszAdministratorDn, &entryArray); BAIL_ON_VMDIR_ERROR(dwError); if (entryArray.iSize != 1) { dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION; BAIL_ON_VMDIR_ERROR(dwError); } pEntry = &(entryArray.pEntry[0]); if (pEntry->allocType == ENTRY_STORAGE_FORMAT_PACK) { dwError = VmDirEntryUnpack( pEntry ); BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL); BAIL_ON_VMDIR_ERROR_WITH_MSG(dwError, pszLocalErrMsg, "VmDirSetAdministratorPasswordNeverExpire: VmDirInitStackOperation failed: %u", dwError); op.pBEIF = VmDirBackendSelect(NULL); assert(op.pBEIF); op.reqDn.lberbv.bv_val = pEntry->dn.lberbv.bv_val; op.reqDn.lberbv.bv_len = pEntry->dn.lberbv.bv_len; op.request.modifyReq.dn.lberbv = op.reqDn.lberbv; bervBlob.lberbv.bv_val = (PSTR) szTrue; bervBlob.lberbv.bv_len = strlen(szTrue); dwError = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_PASSWORD_NEVER_EXPIRES, ATTR_PASSWORD_NEVER_EXPIRES_LEN, bervBlob.lberbv_val, bervBlob.lberbv_len); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalModifyEntry(&op); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeEntryArrayContent(&entryArray); VmDirFreeOperationContent(&op); VMDIR_SAFE_FREE_STRINGA(pszAdministratorDn); return dwError; error: VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "VmDirSetAdministratorPasswordNeverExpires failed, (%u)", dwError); goto cleanup; }
int VmDirCreateSyncRequestControl( PCSTR pszInvocationId, USN lastLocalUsnProcessed, PCSTR pszUtdVector, LDAPControl * syncReqCtrl ) { int retVal = LDAP_SUCCESS; BerElement * ber = NULL; PSTR pszLastLocalUsnProcessed = NULL; if (syncReqCtrl == NULL) { retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_SIMPLE_LDAP_ERROR(retVal); } if ((ber = ber_alloc()) == NULL) { retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_SIMPLE_LDAP_ERROR(retVal); } if (VmDirAllocateStringPrintf(&pszLastLocalUsnProcessed, "%lld", lastLocalUsnProcessed)) { retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_SIMPLE_LDAP_ERROR(retVal); } if ( ber_printf( ber, "{i{sss}}", LDAP_SYNC_REFRESH_ONLY, pszInvocationId, pszLastLocalUsnProcessed, pszUtdVector ) == -1) { VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "VmDirCreateSyncRequestControl: ber_printf failed." ); retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_SIMPLE_LDAP_ERROR( retVal ); } memset( syncReqCtrl, 0, sizeof( LDAPControl )); syncReqCtrl->ldctl_oid = LDAP_CONTROL_SYNC; syncReqCtrl->ldctl_iscritical = '1'; if (ber_flatten2(ber, &syncReqCtrl->ldctl_value, 1)) { retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_SIMPLE_LDAP_ERROR(retVal); } cleanup: VMDIR_SAFE_FREE_STRINGA(pszLastLocalUsnProcessed); if (ber) { ber_free(ber, 1); } return retVal; ldaperror: ber_bvfree(&syncReqCtrl->ldctl_value); goto cleanup; }