static DWORD _CreateCopyOperation( LDAPMessage *pEntry, PVDIR_OPERATION pLdapOp ) { DWORD dwError = 0; dwError = VmDirInitStackOperation( pLdapOp, VDIR_OPERATION_TYPE_REPL, LDAP_REQ_MODIFY, NULL); BAIL_ON_VMDIR_ERROR(dwError); pLdapOp->pBEIF = VmDirBackendSelect(NULL); assert(pLdapOp->pBEIF); pLdapOp->reqDn.lberbv.bv_val = SUB_SCHEMA_SUB_ENTRY_DN; pLdapOp->reqDn.lberbv.bv_len = VmDirStringLenA(SUB_SCHEMA_SUB_ENTRY_DN); pLdapOp->request.modifyReq.dn.lberbv.bv_val = pLdapOp->reqDn.lberbv.bv_val; pLdapOp->request.modifyReq.dn.lberbv.bv_len = pLdapOp->reqDn.lberbv.bv_len; cleanup: return dwError; error: VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "%s,%d failed, error(%d)", __FUNCTION__, __LINE__, dwError ); goto cleanup; }
DWORD VmDirDeleteEntryViaDN( PCSTR pszDN ) { DWORD dwError = 0; VDIR_OPERATION op = {0}; DeleteReq *dr = NULL; if (IsNullOrEmptyString(pszDN)) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER); } dwError = VmDirInitStackOperation(&op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_DELETE, NULL); BAIL_ON_VMDIR_ERROR(dwError); op.pBEIF = VmDirBackendSelect(NULL); op.reqDn.lberbv_val = (PSTR)pszDN; op.reqDn.lberbv_len = VmDirStringLenA(pszDN); dr = &op.request.deleteReq; dr->dn.lberbv.bv_val = op.reqDn.lberbv.bv_val; dr->dn.lberbv.bv_len = op.reqDn.lberbv.bv_len; dwError = VmDirInternalDeleteEntry(&op); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&op); return dwError; error: goto cleanup; }
DWORD VmDirDeleteEntry( PVDIR_ENTRY pEntry ) { DWORD dwError = 0; VDIR_OPERATION op = {0}; DeleteReq *dr = NULL; dwError = VmDirInitStackOperation(&op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_DELETE, NULL); BAIL_ON_VMDIR_ERROR(dwError); op.pBEIF = VmDirBackendSelect(NULL); op.reqDn.lberbv_val = pEntry->dn.lberbv.bv_val; op.reqDn.lberbv_len = pEntry->dn.lberbv.bv_len; dr = &op.request.deleteReq; dr->dn.lberbv.bv_val = op.reqDn.lberbv.bv_val; dr->dn.lberbv.bv_len = op.reqDn.lberbv.bv_len; dwError = VmDirInternalDeleteEntry(&op); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&op); return dwError; error: goto cleanup; }
/* * After copying DB from partner, we need to derive UTDVector for new node from partner. * i.e. <whatever partner node current UTDVector> + <partner invoactionid:partner max commited USN> */ static DWORD _VmDirComposeUtdVector( PVMDIR_SWAP_DB_INFO pSwapDBInfo ) { DWORD dwError = 0; PVDIR_ENTRY pServerEntry = NULL; PVDIR_ATTRIBUTE pAttrUTDVector = NULL; PVDIR_ATTRIBUTE pAttrInvocationId = NULL; VDIR_OPERATION searchOp = {0}; dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalSearchSeverObj(pSwapDBInfo->pszOrgDBServerName, &searchOp); BAIL_ON_VMDIR_ERROR(dwError); pServerEntry = searchOp.internalSearchEntryArray.pEntry; pAttrUTDVector = VmDirEntryFindAttribute(ATTR_UP_TO_DATE_VECTOR, pServerEntry); pAttrInvocationId = VmDirEntryFindAttribute(ATTR_INVOCATION_ID, pServerEntry); dwError = _VmGetHighestCommittedUSN(&pSwapDBInfo->pszOrgDBMaxUSN); BAIL_ON_VMDIR_ERROR(dwError); VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "DB maxCommittedUSN %s", pSwapDBInfo->pszOrgDBMaxUSN); dwError = VmDirUTDVectorCacheInit(&pSwapDBInfo->pMyUTDVector); BAIL_ON_VMDIR_ERROR(dwError); if (pAttrUTDVector) { dwError = VmDirUTDVectorCacheReplace(pSwapDBInfo->pMyUTDVector, pAttrUTDVector->vals[0].lberbv.bv_val); BAIL_ON_VMDIR_ERROR(dwError); VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "DB UTDVector %s", pSwapDBInfo->pMyUTDVector->pszUtdVector); } dwError = VmDirUTDVectorCacheAdd( pSwapDBInfo->pMyUTDVector, pAttrInvocationId->vals[0].lberbv.bv_val, pSwapDBInfo->pszOrgDBMaxUSN); BAIL_ON_VMDIR_ERROR(dwError); VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "My UTDVector %s", pSwapDBInfo->pMyUTDVector->pszUtdVector); cleanup: VmDirFreeOperationContent(&searchOp); return dwError; error: VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "error (%u)", dwError); goto cleanup; }
static DWORD _VmDirSimpleEntryCreateInBEWithGuid( PVDIR_BACKEND_INTERFACE pBE, PVDIR_SCHEMA_CTX pSchemaCtx, PSTR* ppszEntryInitializer, PSTR pszDN, ENTRYID ulEntryId, PSTR pszGuid /* Optional */ ) { DWORD dwError = 0; VDIR_OPERATION ldapOp = {0}; dwError = VmDirInitStackOperation( &ldapOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_ADD, pSchemaCtx ); BAIL_ON_VMDIR_ERROR(dwError); ldapOp.pBEIF = pBE; assert(ldapOp.pBEIF); ldapOp.reqDn.lberbv.bv_val = pszDN; ldapOp.reqDn.lberbv.bv_len = VmDirStringLenA(pszDN); dwError = AttrListToEntry( pSchemaCtx, pszDN, ppszEntryInitializer, ldapOp.request.addReq.pEntry); BAIL_ON_VMDIR_ERROR(dwError); ldapOp.request.addReq.pEntry->eId = ulEntryId; if (!IsNullOrEmptyString(pszGuid)) { dwError = VmDirAllocateStringA(pszGuid, &ldapOp.request.addReq.pEntry->pszGuid); BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInternalAddEntry(&ldapOp); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&ldapOp); return dwError; error: goto cleanup; }
static DWORD _VmDirPagedSearchWorkerThread( PVOID pArg ) { PVDIR_PAGED_SEARCH_RECORD pSearchRecord = (PVDIR_PAGED_SEARCH_RECORD)pArg; DWORD dwError = 0; PVDIR_PAGED_SEARCH_ENTRY_LIST pEntryIdList = NULL; VDIR_OPERATION searchOp = {0}; VmDirDropThreadPriority(DEFAULT_THREAD_PRIORITY_DELTA); dwError = VmDirInitStackOperation( &searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL); BAIL_ON_VMDIR_ERROR(dwError); searchOp.pBEIF = VmDirBackendSelect(NULL); searchOp.request.searchReq.filter = pSearchRecord->pFilter; while (pSearchRecord->dwCandidatesProcessed < (DWORD)pSearchRecord->pTotalCandidates->size) { dwError = _VmDirPagedSearchEntryListAlloc(pSearchRecord, &pEntryIdList); BAIL_ON_VMDIR_ERROR(dwError); _VmDirPagedSearchProcessEntries(&searchOp, pSearchRecord, pEntryIdList); if (pEntryIdList->dwCount == 0) { _VmDirPagedSearchEntryListFree(pEntryIdList); } else { dwError = VmDirPagedSearchCacheAddData(pSearchRecord, pEntryIdList); BAIL_ON_VMDIR_ERROR(dwError); } } _VmDirPagedSearchCacheWaitForClientCompletion(pSearchRecord); cleanup: // This will be freed when the pSearchRecord is released. searchOp.request.searchReq.filter = NULL; VmDirFreeOperationContent(&searchOp); _DerefPagedSearchRecord(pSearchRecord); return dwError; error: goto cleanup; }
DWORD VmDirSimpleEntryDeleteAttribute( PCSTR pszDN, PCSTR pszAttr ) { DWORD dwError = 0; size_t dnlen = 0; size_t attrlen = 0; VDIR_OPERATION ldapOp = {0}; if (IsNullOrEmptyString(pszDN) || IsNullOrEmptyString(pszAttr)) { BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER); } dwError = VmDirInitStackOperation( &ldapOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL); BAIL_ON_VMDIR_ERROR(dwError); dnlen = VmDirStringLenA(pszDN); attrlen = VmDirStringLenA(pszAttr); ldapOp.pBEIF = VmDirBackendSelect(NULL); ldapOp.reqDn.lberbv_val = (PSTR)pszDN; ldapOp.reqDn.lberbv_len = dnlen; ldapOp.request.modifyReq.dn.lberbv_val = ldapOp.reqDn.lberbv_val; ldapOp.request.modifyReq.dn.lberbv_len = ldapOp.reqDn.lberbv_len; dwError = VmDirAppendAMod( &ldapOp, MOD_OP_DELETE, pszAttr, attrlen, NULL, 0); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalModifyEntry(&ldapOp); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&ldapOp); return dwError; error: goto cleanup; }
static DWORD _VmDirComposeHighWaterMark( PVMDIR_SWAP_DB_INFO pSwapDBInfo ) { DWORD dwError = 0; PVDIR_ENTRY pServerEntry = NULL; PVDIR_ATTRIBUTE pAttrInvocationId = NULL; VDIR_OPERATION searchOp = {0}; USN hwmUSN = 0; dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalSearchSeverObj(pSwapDBInfo->pszPartnerServerName, &searchOp); BAIL_ON_VMDIR_ERROR(dwError); pServerEntry = searchOp.internalSearchEntryArray.pEntry; pAttrInvocationId = VmDirEntryFindAttribute(ATTR_INVOCATION_ID, pServerEntry); // use this node max originating usn as high water mark dwError = VmDirUTDVectorCacheLookup( pSwapDBInfo->pMyUTDVector, pAttrInvocationId->vals[0].lberbv_val, &hwmUSN); if (dwError == LW_STATUS_NOT_FOUND) { VMDIR_LOG_WARNING(VMDIR_LOG_MASK_ALL, "Partner (%s,%s) not found in ORG DB UTDVector (%s). Join scenario NOT supported.", pSwapDBInfo->pszPartnerServerName, pAttrInvocationId->vals[0].lberbv_val, pSwapDBInfo->pMyUTDVector->pszUtdVector); } BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirAllocateStringPrintf(&pSwapDBInfo->pszMyHighWaterMark, "%" PRId64, hwmUSN); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&searchOp); return dwError; error: VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "error (%u)", dwError); goto cleanup; }
static DWORD VmDirSrvModifyPersistedDSERoot( PVDIR_SCHEMA_CTX pSchemaCtx, PSTR pszRootNamingContextDN, PSTR pszConfigNamingContextDN, PSTR pszSchemaNamingContextDN, PSTR pszSubSchemaSubEntryDN, PSTR pszServerDN, PSTR pszDefaultAdminDN, PSTR pszDCAccountDN, PSTR pszDCAccountUPN, PSTR pszDelObjsContainerDN, PSTR pszSiteName ) { DWORD dwError = 0; PSTR ppszPersistedDSERootAttrs[] = { ATTR_ROOT_DOMAIN_NAMING_CONTEXT, pszRootNamingContextDN, ATTR_DEFAULT_NAMING_CONTEXT, pszRootNamingContextDN, ATTR_CONFIG_NAMING_CONTEXT, pszConfigNamingContextDN, ATTR_SCHEMA_NAMING_CONTEXT, pszSchemaNamingContextDN, ATTR_SUB_SCHEMA_SUB_ENTRY, pszSubSchemaSubEntryDN, ATTR_NAMING_CONTEXTS, pszRootNamingContextDN, ATTR_NAMING_CONTEXTS, pszConfigNamingContextDN, ATTR_NAMING_CONTEXTS, pszSchemaNamingContextDN, ATTR_SERVER_NAME, pszServerDN, ATTR_DEFAULT_ADMIN_DN, pszDefaultAdminDN, ATTR_DC_ACCOUNT_DN, pszDCAccountDN, ATTR_DC_ACCOUNT_UPN, pszDCAccountUPN, ATTR_DEL_OBJS_CONTAINER, pszDelObjsContainerDN, ATTR_SITE_NAME, pszSiteName, NULL }; VDIR_OPERATION op = {0}; PSTR pszLocalErrMsg = NULL; VDIR_BERVALUE bvDSERootDN = VDIR_BERVALUE_INIT; int i = 0; dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: VmDirInitStackOperation failed with error code: %d.", dwError ); // Setup target DN bvDSERootDN.lberbv.bv_val = PERSISTED_DSE_ROOT_DN; bvDSERootDN.lberbv.bv_len = VmDirStringLenA( bvDSERootDN.lberbv.bv_val ); dwError = VmDirNormalizeDN( &bvDSERootDN, op.pSchemaCtx); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirBervalContentDup( &bvDSERootDN, &op.reqDn ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: BervalContentDup failed with error code: %d.", dwError ); op.pBEIF = VmDirBackendSelect(op.reqDn.lberbv.bv_val); assert(op.pBEIF); dwError = VmDirBervalContentDup( &op.reqDn, &op.request.modifyReq.dn ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: BervalContentDup failed with error code: %d.", dwError ); // Setup mods for (i = 0; ppszPersistedDSERootAttrs[i] != NULL; i += 2 ) { dwError = VmDirAppendAMod( &op, MOD_OP_REPLACE, ppszPersistedDSERootAttrs[i], (int) VmDirStringLenA(ppszPersistedDSERootAttrs[i]), ppszPersistedDSERootAttrs[i + 1], VmDirStringLenA(ppszPersistedDSERootAttrs[i + 1]) ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: VmDirAppendAMod failed with error code: %d.", dwError ); } dwError = VmDirAppendAMod( &op, MOD_OP_DELETE, ATTR_INVOCATION_ID, ATTR_INVOCATION_ID_LEN, gVmdirServerGlobals.invocationId.lberbv.bv_val, gVmdirServerGlobals.invocationId.lberbv.bv_len ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: VmDirAppendAMod failed with error code: %d.", dwError ); // Modify dwError = VmDirInternalModifyEntry( &op ); BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg, "VmDirSrvModifyPersistedDSERoot: InternalModifyEntry failed. DN: %s, Error code: %d, Error string: %s", op.reqDn.lberbv.bv_val, dwError, VDIR_SAFE_STRING( op.ldapResult.pszErrMsg ) ); cleanup: VmDirFreeBervalContent(&bvDSERootDN); VmDirFreeOperationContent(&op); VMDIR_SAFE_FREE_MEMORY(pszLocalErrMsg); return dwError; error: VmDirLog(LDAP_DEBUG_ANY, VDIR_SAFE_STRING(pszLocalErrMsg) ); goto cleanup; }
/* * Set vmwPasswordNeverExpires (if it doesn't have a value) to TRUE * on the domain administrator's account. */ DWORD VmDirSetAdministratorPasswordNeverExpires( VOID ) { DWORD dwError = 0; PCSTR pszDomainDn = NULL; const CHAR szAdministrator[] = "cn=Administrator,cn=Users"; const CHAR szTrue[] = "TRUE"; PSTR pszAdministratorDn = NULL; VDIR_OPERATION op = {0}; PSTR pszLocalErrMsg = NULL; VDIR_ENTRY_ARRAY entryArray = {0}; PVDIR_ENTRY pEntry = NULL; VDIR_BERVALUE bervBlob = VDIR_BERVALUE_INIT; pszDomainDn = gVmdirServerGlobals.systemDomainDN.lberbv.bv_val; if (pszDomainDn == NULL) { dwError = ERROR_INVALID_STATE; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirAllocateStringPrintf(&pszAdministratorDn, "%s,%s", szAdministrator, pszDomainDn); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSimpleEqualFilterInternalSearch( pszDomainDn, LDAP_SCOPE_SUBTREE, ATTR_DN, pszAdministratorDn, &entryArray); BAIL_ON_VMDIR_ERROR(dwError); if (entryArray.iSize != 1) { dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION; BAIL_ON_VMDIR_ERROR(dwError); } pEntry = &(entryArray.pEntry[0]); if (pEntry->allocType == ENTRY_STORAGE_FORMAT_PACK) { dwError = VmDirEntryUnpack( pEntry ); BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL); BAIL_ON_VMDIR_ERROR_WITH_MSG(dwError, pszLocalErrMsg, "VmDirSetAdministratorPasswordNeverExpire: VmDirInitStackOperation failed: %u", dwError); op.pBEIF = VmDirBackendSelect(NULL); assert(op.pBEIF); op.reqDn.lberbv.bv_val = pEntry->dn.lberbv.bv_val; op.reqDn.lberbv.bv_len = pEntry->dn.lberbv.bv_len; op.request.modifyReq.dn.lberbv = op.reqDn.lberbv; bervBlob.lberbv.bv_val = (PSTR) szTrue; bervBlob.lberbv.bv_len = strlen(szTrue); dwError = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_PASSWORD_NEVER_EXPIRES, ATTR_PASSWORD_NEVER_EXPIRES_LEN, bervBlob.lberbv_val, bervBlob.lberbv_len); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalModifyEntry(&op); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeEntryArrayContent(&entryArray); VmDirFreeOperationContent(&op); VMDIR_SAFE_FREE_STRINGA(pszAdministratorDn); return dwError; error: VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "VmDirSetAdministratorPasswordNeverExpires failed, (%u)", dwError); goto cleanup; }
/* * Set SRP Identifier's secret on existing entry with Password set */ DWORD VmDirSRPSetIdentityData( PCSTR pszUPN, PCSTR pszClearTextPassword ) { DWORD dwError = 0; VDIR_OPERATION op = {0}; PSTR pszLocalErrMsg = NULL; VDIR_ENTRY_ARRAY entryArray = {0}; PVDIR_ENTRY pEntry = NULL; PVDIR_ATTRIBUTE pAttrSecret = NULL; VDIR_BERVALUE bvUPN = VDIR_BERVALUE_INIT; VDIR_BERVALUE bvClearTextPassword = VDIR_BERVALUE_INIT; VDIR_BERVALUE bervSecretBlob = VDIR_BERVALUE_INIT; if ( IsNullOrEmptyString(pszUPN) || IsNullOrEmptyString(pszClearTextPassword) ) { dwError = VMDIR_ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } bvUPN.lberbv_val = (PSTR)pszUPN; bvUPN.lberbv_len = VmDirStringLenA(pszUPN); bvClearTextPassword.lberbv_val = (PSTR)pszClearTextPassword; bvClearTextPassword.lberbv_len = VmDirStringLenA(pszClearTextPassword); dwError = VmDirSimpleEqualFilterInternalSearch( "", LDAP_SCOPE_SUBTREE, ATTR_KRB_UPN, pszUPN, &entryArray); BAIL_ON_VMDIR_ERROR(dwError); if (entryArray.iSize == 1) { pAttrSecret = VmDirFindAttrByName(&(entryArray.pEntry[0]), ATTR_SRP_SECRET); if (pAttrSecret) { dwError = VMDIR_ERROR_ENTRY_ALREADY_EXIST; BAIL_ON_VMDIR_ERROR(dwError); } } else { dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION; BAIL_ON_VMDIR_ERROR(dwError); } pEntry = &(entryArray.pEntry[0]); dwError = VdirPasswordCheck(&bvClearTextPassword, pEntry); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirSRPCreateSecret(&bvUPN, &bvClearTextPassword, &bervSecretBlob); BAIL_ON_VMDIR_ERROR(dwError); if (pEntry->allocType == ENTRY_STORAGE_FORMAT_PACK) { dwError = VmDirEntryUnpack( pEntry ); BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL); BAIL_ON_VMDIR_ERROR_WITH_MSG(dwError, pszLocalErrMsg, "VmDirSRPSetIdentityData: VmDirInitStackOperation failed: %u", dwError); op.pBEIF = VmDirBackendSelect(NULL); assert(op.pBEIF); op.reqDn.lberbv.bv_val = pEntry->dn.lberbv.bv_val; op.reqDn.lberbv.bv_len = pEntry->dn.lberbv.bv_len; op.request.modifyReq.dn.lberbv = op.reqDn.lberbv; dwError = VmDirAppendAMod( &op, MOD_OP_ADD, ATTR_SRP_SECRET, ATTR_SRP_SECRET_LEN, bervSecretBlob.lberbv_val, bervSecretBlob.lberbv_len); BAIL_ON_VMDIR_ERROR(dwError); dwError = VmDirInternalModifyEntry(&op); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeBervalContent(&bervSecretBlob); VmDirFreeEntryArrayContent(&entryArray); VmDirFreeOperationContent(&op); return dwError; error: VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "VmDirSRPSetIdentityData (%s) failed, (%u)", VDIR_SAFE_STRING(pszUPN), dwError); goto cleanup; }
/* * This generic search with pagination is new and isn't mature. Please be * careful with the * scope, base, and use an indexed filter. * Note that ulPageSize == 0 will ignore paging. */ DWORD VmDirFilterInternalSearch( PCSTR pszBaseDN, int searchScope, PCSTR pszFilter, unsigned long ulPageSize, PSTR *ppszPageCookie, PVDIR_ENTRY_ARRAY pEntryArray ) { DWORD dwError = 0; VDIR_OPERATION searchOP = {0}; VDIR_BERVALUE bervDN = VDIR_BERVALUE_INIT; PVDIR_FILTER pFilter = NULL; PVDIR_LDAP_CONTROL showPagedResultsCtrl = NULL; PSTR pszPageCookie = NULL; if ( !pszBaseDN || !pszFilter || !pEntryArray || (ulPageSize != 0 && ppszPageCookie == NULL)) { dwError = VMDIR_ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } if (ulPageSize != 0) { dwError = VmDirAllocateMemory( sizeof(VDIR_LDAP_CONTROL), (PVOID *)&showPagedResultsCtrl ); BAIL_ON_VMDIR_ERROR(dwError); showPagedResultsCtrl->value.pagedResultCtrlVal.pageSize = ulPageSize; if (ppszPageCookie && *ppszPageCookie) { VmDirStringNCpyA(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie, VMDIR_ARRAY_SIZE(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie), *ppszPageCookie, VMDIR_ARRAY_SIZE(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie) - 1); } else { showPagedResultsCtrl->value.pagedResultCtrlVal.cookie[0] = '\0'; } } dwError = VmDirInitStackOperation( &searchOP, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL ); BAIL_ON_VMDIR_ERROR(dwError); bervDN.lberbv.bv_val = (PSTR)pszBaseDN; bervDN.lberbv.bv_len = VmDirStringLenA(pszBaseDN); searchOP.pBEIF = VmDirBackendSelect( pszBaseDN ); assert(searchOP.pBEIF); dwError = VmDirBervalContentDup( &bervDN, &searchOP.reqDn); BAIL_ON_VMDIR_ERROR(dwError); searchOP.request.searchReq.scope = searchScope; dwError = StrFilterToFilter(pszFilter, &pFilter); BAIL_ON_VMDIR_ERROR(dwError); searchOP.request.searchReq.filter = pFilter; pFilter = NULL; // search request takes over pFilter searchOP.showPagedResultsCtrl = showPagedResultsCtrl; dwError = VmDirInternalSearch( &searchOP ); BAIL_ON_VMDIR_ERROR(dwError); // caller takes over searchOP.internalSearchEntryArray contents pEntryArray->iSize = searchOP.internalSearchEntryArray.iSize; pEntryArray->pEntry = searchOP.internalSearchEntryArray.pEntry; searchOP.internalSearchEntryArray.iSize = 0; searchOP.internalSearchEntryArray.pEntry = NULL; if (showPagedResultsCtrl) { dwError = VmDirAllocateStringA(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie, &pszPageCookie); BAIL_ON_VMDIR_ERROR(dwError); *ppszPageCookie = pszPageCookie; pszPageCookie = NULL; } cleanup: VMDIR_SAFE_FREE_MEMORY(showPagedResultsCtrl); VmDirFreeOperationContent(&searchOP); if (pFilter) { DeleteFilter(pFilter); } return dwError; error: goto cleanup; }
/* * TODO, to generalize, we should create a strToFilter(pszFilter, &pOutFilter); */ DWORD VmDirSimpleEqualFilterInternalSearch( PCSTR pszBaseDN, int searchScope, PCSTR pszAttrName, PCSTR pszAttrValue, PVDIR_ENTRY_ARRAY pEntryArray ) { DWORD dwError = 0; VDIR_OPERATION searchOP = {0}; VDIR_BERVALUE bervDN = VDIR_BERVALUE_INIT; PVDIR_FILTER pFilter = NULL; if ( !pszBaseDN || !pszAttrName || !pszAttrValue || !pEntryArray ) { dwError = VMDIR_ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation( &searchOP, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL ); BAIL_ON_VMDIR_ERROR(dwError); bervDN.lberbv.bv_val = (PSTR)pszBaseDN; bervDN.lberbv.bv_len = VmDirStringLenA(pszBaseDN); searchOP.pBEIF = VmDirBackendSelect( pszBaseDN ); assert(searchOP.pBEIF); dwError = VmDirBervalContentDup( &bervDN, &searchOP.reqDn); BAIL_ON_VMDIR_ERROR(dwError); searchOP.request.searchReq.scope = searchScope; { dwError = VmDirAllocateMemory( sizeof( VDIR_FILTER ), (PVOID*)&pFilter ); BAIL_ON_VMDIR_ERROR(dwError); pFilter->choice = LDAP_FILTER_EQUALITY; pFilter->filtComp.ava.type.lberbv.bv_val = (PSTR)pszAttrName; pFilter->filtComp.ava.type.lberbv.bv_len = VmDirStringLenA(pszAttrName); pFilter->filtComp.ava.pATDesc = VmDirSchemaAttrNameToDesc( searchOP.pSchemaCtx, pszAttrName); if (pFilter->filtComp.ava.pATDesc == NULL) { dwError = VMDIR_ERROR_NO_SUCH_ATTRIBUTE; BAIL_ON_VMDIR_ERROR( dwError ); } pFilter->filtComp.ava.value.lberbv.bv_val = (PSTR)pszAttrValue; pFilter->filtComp.ava.value.lberbv.bv_len = VmDirStringLenA(pszAttrValue); dwError = VmDirSchemaBervalNormalize( // TODO, may want to have filter code to do this? searchOP.pSchemaCtx, // so caller does not have to handle this. pFilter->filtComp.ava.pATDesc, &(pFilter->filtComp.ava.value) ); BAIL_ON_VMDIR_ERROR(dwError); pFilter->next = NULL; } //TODO, ideally, we should take pszFilter and dwError = VmDirStrToFilter(pszFilter, &pFilter); searchOP.request.searchReq.filter = pFilter; pFilter = NULL; // search request takes over pFilter dwError = VmDirInternalSearch( &searchOP ); BAIL_ON_VMDIR_ERROR(dwError); // caller takes over searchOP.internalSearchEntryArray contents pEntryArray->iSize = searchOP.internalSearchEntryArray.iSize; pEntryArray->pEntry = searchOP.internalSearchEntryArray.pEntry; searchOP.internalSearchEntryArray.iSize = 0; searchOP.internalSearchEntryArray.pEntry = NULL; cleanup: VmDirFreeOperationContent(&searchOP); if (pFilter) { DeleteFilter(pFilter); } return dwError; error: goto cleanup; }
/* * Convenient function to replace ONE single value attribute via InternalModifyEntry * ***************************************************************************** * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING * You should NOT call this function while in a backend txn/ctx. * ***************************************************************************** * This may not be easy to determine as we could call this in different places, which * may be nested in external and internal OPERATION. * A better approach is to pass in pOperation and use the same beCtx if exists. * However, this could also cause logic error, e.g. you could lost track if entry/data * has already been changed by beCtx and reread them. * ***************************************************************************** */ DWORD VmDirInternalEntryAttributeReplace( PVDIR_SCHEMA_CTX pSchemaCtx, PCSTR pszNormDN, PCSTR pszAttrName, PVDIR_BERVALUE pBervAttrValue ) { DWORD dwError = 0; VDIR_OPERATION ldapOp = {0}; PVDIR_MODIFICATION pMod = NULL; if (!pszNormDN || !pszAttrName || !pBervAttrValue) { dwError = VMDIR_ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation( &ldapOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, pSchemaCtx); BAIL_ON_VMDIR_ERROR(dwError); ldapOp.pBEIF = VmDirBackendSelect(pszNormDN); assert(ldapOp.pBEIF); ldapOp.reqDn.lberbv.bv_val = (PSTR)pszNormDN; ldapOp.reqDn.lberbv.bv_len = VmDirStringLenA(pszNormDN); dwError = VmDirAllocateMemory(sizeof(*pMod)*1, (PVOID)&pMod); BAIL_ON_VMDIR_ERROR(dwError); pMod->next = NULL; pMod->operation = MOD_OP_REPLACE; dwError = VmDirModAddSingleValueAttribute( pMod, ldapOp.pSchemaCtx, pszAttrName, pBervAttrValue->lberbv.bv_val, pBervAttrValue->lberbv.bv_len); BAIL_ON_VMDIR_ERROR(dwError); ldapOp.request.modifyReq.dn.lberbv.bv_val = (PSTR)pszNormDN; ldapOp.request.modifyReq.dn.lberbv.bv_len = VmDirStringLenA(pszNormDN); ldapOp.request.modifyReq.mods = pMod; pMod = NULL; ldapOp.request.modifyReq.numMods = 1; dwError = VmDirInternalModifyEntry(&ldapOp); BAIL_ON_VMDIR_ERROR(dwError); cleanup: VmDirFreeOperationContent(&ldapOp); if (pMod) { VmDirModificationFree(pMod); } return dwError; error: goto cleanup; }
static int _VmDirSwapDB( PCSTR dbHomeDir, BOOLEAN bHasXlog) { int retVal = LDAP_SUCCESS; char dbExistingName[VMDIR_MAX_FILE_NAME_LEN] = {0}; char dbNewName[VMDIR_MAX_FILE_NAME_LEN] = {0}; PSTR pszLocalErrorMsg = NULL; int errorCode = 0; BOOLEAN bLegacyDataLoaded = FALSE; PVDIR_BACKEND_INTERFACE pBE = NULL; #ifndef _WIN32 const char fileSeperator = '/'; #else const char fileSeperator = '\\'; #endif // Shutdown backend pBE = VmDirBackendSelect(NULL); assert(pBE); VmDirdStateSet(VMDIRD_STATE_SHUTDOWN); VmDirIndexLibShutdown(); VmDirSchemaLibShutdown(); pBE->pfnBEShutdown(); VmDirBackendContentFree(pBE); // move .mdb files retVal = VmDirStringPrintFA( dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator, LOCAL_PARTNER_DIR, fileSeperator, VMDIR_MDB_DATA_FILE_NAME); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal ); retVal = VmDirStringPrintFA( dbNewName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s", dbHomeDir, fileSeperator, VMDIR_MDB_DATA_FILE_NAME ); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal ); #ifdef WIN32 if (MoveFileEx(dbExistingName, dbNewName, MOVEFILE_COPY_ALLOWED|MOVEFILE_REPLACE_EXISTING) == 0) { retVal = LDAP_OPERATIONS_ERROR; errorCode = GetLastError(); #else if (rename(dbExistingName, dbNewName) != 0) { retVal = LDAP_OPERATIONS_ERROR; errorCode = errno; #endif BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: rename file from %s to %s failed, errno %d", dbExistingName, dbNewName, errorCode ); } retVal = VmDirStringPrintFA(dbNewName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator, VMDIR_MDB_XLOGS_DIR_NAME); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal ); if (bHasXlog) { //move xlog directory retVal = VmDirStringPrintFA(dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator, LOCAL_PARTNER_DIR, fileSeperator, VMDIR_MDB_XLOGS_DIR_NAME); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal ); #ifdef WIN32 if (MoveFileEx(dbExistingName, dbNewName, MOVEFILE_COPY_ALLOWED|MOVEFILE_REPLACE_EXISTING) == 0) { retVal = LDAP_OPERATIONS_ERROR; errorCode = GetLastError(); #else if (rmdir(dbNewName) != 0) { retVal = LDAP_OPERATIONS_ERROR; errorCode = errno; BAIL_ON_VMDIR_ERROR_WITH_MSG(retVal, (pszLocalErrorMsg), "_VmDirSwapDB cannot remove directory %s, errno %d", dbNewName, errorCode); } if (rename(dbExistingName, dbNewName) != 0) { retVal = LDAP_OPERATIONS_ERROR; errorCode = errno; #endif BAIL_ON_VMDIR_ERROR_WITH_MSG(retVal, (pszLocalErrorMsg), "_VmDirSwapDB cannot move directory from %s to %s, errno %d", dbNewName, dbExistingName, errorCode); } } retVal = VmDirStringPrintFA(dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s", dbHomeDir, fileSeperator, LOCAL_PARTNER_DIR); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg), "_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal ); #ifdef WIN32 if (RemoveDirectory(dbExistingName)==0) { errorCode = GetLastError(); #else if (rmdir(dbExistingName)) { errorCode = errno; #endif VMDIR_LOG_WARNING(VMDIR_LOG_MASK_ALL, "cannot remove directory %s errno %d", dbExistingName, errorCode); } VmDirdStateSet(VMDIRD_STATE_STARTUP); retVal = VmDirInitBackend(&bLegacyDataLoaded); BAIL_ON_VMDIR_ERROR(retVal); if (bLegacyDataLoaded) { retVal = VmDirPatchLocalSubSchemaSubEntry(); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, pszLocalErrorMsg, "_VmDirSwapDB: failed to patch subschema subentry: %d", retVal ); retVal = VmDirWriteSchemaObjects(); BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, pszLocalErrorMsg, "_VmDirSwapDB: failed to create schema tree: %d", retVal ); } VmDirdStateSet(VMDIRD_STATE_NORMAL); cleanup: VMDIR_SAFE_FREE_MEMORY(pszLocalErrorMsg); return retVal; error: retVal = LDAP_OPERATIONS_ERROR; VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "%s", VDIR_SAFE_STRING(pszLocalErrorMsg) ); goto cleanup; } static int _VmDirWrapUpFirstReplicationCycle( PCSTR pszHostname, VMDIR_REPLICATION_AGREEMENT * pReplAgr) { int retVal = LDAP_SUCCESS; PVDIR_ENTRY pPartnerServerEntry = NULL; PVDIR_ATTRIBUTE pAttrUpToDateVector = NULL; PVDIR_ATTRIBUTE pAttrInvocationId = NULL; USN localUsn = 0; USN partnerLocalUsn = 0; char partnerlocalUsnStr[VMDIR_MAX_USN_STR_LEN]; VDIR_BACKEND_CTX beCtx = {0}; struct berval syncDoneCtrlVal = {0}; PVDIR_SCHEMA_CTX pSchemaCtx = NULL; VDIR_OPERATION searchOp = {0}; PVDIR_FILTER pSearchFilter = NULL; PSTR pszSeparator = NULL; retVal = VmDirSchemaCtxAcquire(&pSchemaCtx); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirInitStackOperation( &searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, pSchemaCtx ); BAIL_ON_VMDIR_ERROR(retVal); searchOp.pBEIF = VmDirBackendSelect(NULL); assert(searchOp.pBEIF); searchOp.reqDn.lberbv.bv_val = ""; searchOp.reqDn.lberbv.bv_len = 0; searchOp.request.searchReq.scope = LDAP_SCOPE_SUBTREE; retVal = VmDirConcatTwoFilters(searchOp.pSchemaCtx, ATTR_CN, (PSTR) pszHostname, ATTR_OBJECT_CLASS, OC_DIR_SERVER, &pSearchFilter); BAIL_ON_VMDIR_ERROR(retVal); searchOp.request.searchReq.filter = pSearchFilter; retVal = VmDirInternalSearch(&searchOp); BAIL_ON_VMDIR_ERROR(retVal); if (searchOp.internalSearchEntryArray.iSize != 1) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: Unexpected (not 1) number of partner server entries found (%d)", searchOp.internalSearchEntryArray.iSize ); retVal = LDAP_OPERATIONS_ERROR; BAIL_ON_VMDIR_ERROR(retVal); } pPartnerServerEntry = searchOp.internalSearchEntryArray.pEntry; pAttrUpToDateVector = VmDirEntryFindAttribute( ATTR_UP_TO_DATE_VECTOR, pPartnerServerEntry ); pAttrInvocationId = VmDirEntryFindAttribute( ATTR_INVOCATION_ID, pPartnerServerEntry ); assert( pAttrInvocationId != NULL ); beCtx.pBE = VmDirBackendSelect(NULL); assert(beCtx.pBE); if ((retVal = beCtx.pBE->pfnBEGetNextUSN( &beCtx, &localUsn )) != 0) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: pfnBEGetNextUSN failed with error code: %d, " "error message: %s", retVal, VDIR_SAFE_STRING(beCtx.pszBEErrorMsg) ); BAIL_ON_VMDIR_ERROR( retVal ); } retVal = _VmGetHighestCommittedUSN(localUsn, &partnerLocalUsn); BAIL_ON_VMDIR_ERROR( retVal ); VMDIR_LOG_INFO( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: partnerLocalUsn %llu locaUsn %llu", partnerLocalUsn, localUsn); if ((retVal = VmDirStringNPrintFA( partnerlocalUsnStr, sizeof(partnerlocalUsnStr), sizeof(partnerlocalUsnStr) - 1, "%" PRId64, partnerLocalUsn)) != 0) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: VmDirStringNPrintFA failed with error code: %d", retVal ); BAIL_ON_VMDIR_ERROR( retVal ); } if (pAttrUpToDateVector) { if (VmDirStringEndsWith( pAttrUpToDateVector->vals[0].lberbv.bv_val, ",", FALSE)) { pszSeparator = ""; } else { pszSeparator = ","; } // <partnerLocalUSN>,<partner up-to-date vector>,<partner server GUID>:<partnerLocalUSN>, retVal = VmDirAllocateStringPrintf( &(syncDoneCtrlVal.bv_val), "%s,%s%s%s:%s,", partnerlocalUsnStr, pAttrUpToDateVector->vals[0].lberbv.bv_val, pszSeparator, pAttrInvocationId->vals[0].lberbv.bv_val, partnerlocalUsnStr); BAIL_ON_VMDIR_ERROR(retVal); } else { // <partnerLocalUSN>,<partner server GUID>:<partnerLocalUSN>, retVal = VmDirAllocateStringPrintf( &(syncDoneCtrlVal.bv_val), "%s,%s:%s,", partnerlocalUsnStr, pAttrInvocationId->vals[0].lberbv.bv_val, partnerlocalUsnStr); BAIL_ON_VMDIR_ERROR(retVal); } VmDirSetACLMode(); syncDoneCtrlVal.bv_len = VmDirStringLenA(syncDoneCtrlVal.bv_val); if ((retVal = VmDirReplUpdateCookies( pSchemaCtx, &(syncDoneCtrlVal), pReplAgr )) != LDAP_SUCCESS) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "vdirReplicationThrFun: UpdateCookies failed. Error: %d", retVal ); BAIL_ON_VMDIR_ERROR( retVal ); } if ((retVal = _VmDirPatchDSERoot(pSchemaCtx)) != LDAP_SUCCESS) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "vdirReplicationThrFun: _VmDirPatchDSERoot failed. Error: %d", retVal ); BAIL_ON_VMDIR_ERROR( retVal ); } cleanup: VmDirFreeOperationContent(&searchOp); VmDirBackendCtxContentFree(&beCtx); VMDIR_SAFE_FREE_MEMORY(syncDoneCtrlVal.bv_val); VmDirSchemaCtxRelease(pSchemaCtx); return retVal; error: retVal = LDAP_OPERATIONS_ERROR; goto cleanup; } #ifndef VDIR_PSC_VERSION #define VDIR_PSC_VERSION "6.7.0" #endif static int _VmDirPatchDSERoot( PVDIR_SCHEMA_CTX pSchemaCtx) { int retVal = LDAP_SUCCESS; VDIR_OPERATION op = {0}; VDIR_BERVALUE bvDSERootDN = VDIR_BERVALUE_INIT; VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "_VmDirPatchDSERoot: Begin" ); bvDSERootDN.lberbv.bv_val = PERSISTED_DSE_ROOT_DN; bvDSERootDN.lberbv.bv_len = VmDirStringLenA( bvDSERootDN.lberbv.bv_val ); retVal = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, pSchemaCtx ); BAIL_ON_VMDIR_ERROR(retVal); retVal = VmDirNormalizeDN( &bvDSERootDN, pSchemaCtx); BAIL_ON_VMDIR_ERROR(retVal); retVal = VmDirBervalContentDup( &bvDSERootDN, &op.reqDn ); BAIL_ON_VMDIR_ERROR(retVal); op.pBEIF = VmDirBackendSelect(op.reqDn.lberbv.bv_val); assert(op.pBEIF); if (VmDirBervalContentDup( &op.reqDn, &op.request.modifyReq.dn ) != 0) { VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirPatchDSERoot: BervalContentDup failed." ); BAIL_ON_VMDIR_ERROR( retVal ); } retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_DC_ACCOUNT_UPN, ATTR_DC_ACCOUNT_UPN_LEN, gVmdirServerGlobals.dcAccountUPN.lberbv.bv_val, gVmdirServerGlobals.dcAccountUPN.lberbv.bv_len ); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_DC_ACCOUNT_DN, ATTR_DC_ACCOUNT_DN_LEN, gVmdirServerGlobals.dcAccountDN.lberbv.bv_val, gVmdirServerGlobals.dcAccountDN.lberbv.bv_len ); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_SERVER_NAME, ATTR_SERVER_NAME_LEN, gVmdirServerGlobals.serverObjDN.lberbv.bv_val, gVmdirServerGlobals.serverObjDN.lberbv.bv_len ); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_SITE_NAME, ATTR_SITE_NAME_LEN, gVmdirServerGlobals.pszSiteName, VmDirStringLenA(gVmdirServerGlobals.pszSiteName) ); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_PSC_VERSION, ATTR_PSC_VERSION_LEN, VDIR_PSC_VERSION, VmDirStringLenA(VDIR_PSC_VERSION) ); BAIL_ON_VMDIR_ERROR( retVal ); retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_MAX_DOMAIN_FUNCTIONAL_LEVEL, ATTR_MAX_DOMAIN_FUNCTIONAL_LEVEL_LEN, VMDIR_MAX_DFL_STRING, VmDirStringLenA(VMDIR_MAX_DFL_STRING) ); BAIL_ON_VMDIR_ERROR( retVal ); if ((retVal = VmDirInternalModifyEntry( &op )) != 0) { // If VmDirInternall call failed, reset retVal to LDAP level error space (for B/C) retVal = op.ldapResult.errCode; VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirPatchDSERoot: InternalModifyEntry failed. " "Error code: %d, Error string: %s", retVal, VDIR_SAFE_STRING( op.ldapResult.pszErrMsg ) ); BAIL_ON_VMDIR_ERROR( retVal ); } cleanup: VmDirFreeOperationContent(&op); VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "_VmDirPatchDSERoot: End" ); return retVal; error: retVal = LDAP_OPERATIONS_ERROR; goto cleanup; }
DWORD VmDirGetUPNMemberships( PCSTR pszUpnName, PSTR **pppszMemberships, PDWORD pdwMemberships ) { DWORD dwError = 0; VDIR_ENTRY_ARRAY entryArray = {0}; VDIR_OPERATION searchOp = {0}; BOOLEAN bHasTxn = FALSE; PVDIR_ATTRIBUTE pMemberOf = NULL; PSTR *ppszMemberships = NULL; DWORD dwMemberships = 0; DWORD i = 0; if (IsNullOrEmptyString(pszUpnName) || pppszMemberships == NULL || pdwMemberships == NULL) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirSimpleEqualFilterInternalSearch( "", LDAP_SCOPE_SUBTREE, ATTR_KRB_UPN, pszUpnName, &entryArray); BAIL_ON_VMDIR_ERROR(dwError); if (entryArray.iSize == 0) { dwError = VMDIR_ERROR_ENTRY_NOT_FOUND; BAIL_ON_VMDIR_ERROR(dwError); } else if (entryArray.iSize > 1) { dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION; BAIL_ON_VMDIR_ERROR(dwError); } dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL); BAIL_ON_VMDIR_ERROR(dwError); searchOp.pBEIF = VmDirBackendSelect(NULL); dwError = searchOp.pBEIF->pfnBETxnBegin(searchOp.pBECtx, VDIR_BACKEND_TXN_READ); BAIL_ON_VMDIR_ERROR(dwError); bHasTxn = TRUE; dwError = VmDirBuildMemberOfAttribute(&searchOp, entryArray.pEntry, &pMemberOf); BAIL_ON_VMDIR_ERROR(dwError); if (pMemberOf) { dwMemberships = pMemberOf->numVals; } if (dwMemberships) { dwError = VmDirAllocateMemory(dwMemberships * sizeof(PSTR), (PVOID)&ppszMemberships); BAIL_ON_VMDIR_ERROR(dwError); for (i = 0; i < dwMemberships; i++) { PCSTR pszMemberOf = pMemberOf->vals[i].lberbv.bv_val; dwError = VmDirAllocateStringA(pszMemberOf, &ppszMemberships[i]); BAIL_ON_VMDIR_ERROR(dwError); } } *pppszMemberships = ppszMemberships; *pdwMemberships = dwMemberships; cleanup: if (pMemberOf) { VmDirFreeAttribute(pMemberOf); } if (bHasTxn) { searchOp.pBEIF->pfnBETxnCommit(searchOp.pBECtx); } VmDirFreeOperationContent(&searchOp); VmDirFreeEntryArrayContent(&entryArray); return dwError; error: VmDirFreeMemberships(ppszMemberships, dwMemberships); goto cleanup; }
static int LoadReplicationAgreements() { // Load my Replication Agreements VDIR_OPERATION op = {0}; PVDIR_FILTER replAgrFilter = NULL; DWORD dwError = 0; int iCnt = 0; VmDirLog( LDAP_DEBUG_TRACE, "LoadReplicationAgreements: Begin" ); if ( gVmdirServerGlobals.serverObjDN.lberbv.bv_val != NULL ) { dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL ); BAIL_ON_VMDIR_ERROR(dwError); op.pBEIF = VmDirBackendSelect( gVmdirServerGlobals.serverObjDN.lberbv.bv_val ); assert(op.pBEIF); if (VmDirBervalContentDup( &gVmdirServerGlobals.serverObjDN, &op.reqDn ) != 0) { VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: BervalContentDup failed." ); dwError = -1; BAIL_ON_VMDIR_ERROR( dwError ); } op.request.searchReq.scope = LDAP_SCOPE_SUBTREE; if (VmDirAllocateMemory( sizeof( VDIR_FILTER ), (PVOID *)&replAgrFilter ) != 0) { VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: VmDirAllocateMemory failed. " ); dwError = -1; BAIL_ON_VMDIR_ERROR( dwError ); } op.request.searchReq.filter = replAgrFilter; replAgrFilter->choice = LDAP_FILTER_EQUALITY; replAgrFilter->filtComp.ava.type.lberbv.bv_val = ATTR_OBJECT_CLASS; replAgrFilter->filtComp.ava.type.lberbv.bv_len = ATTR_OBJECT_CLASS_LEN; if ((replAgrFilter->filtComp.ava.pATDesc = VmDirSchemaAttrNameToDesc( op.pSchemaCtx, replAgrFilter->filtComp.ava.type.lberbv.bv_val)) == NULL) { dwError = -1; VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: Getting pATDesc for ATTR_OBJECT_CLASS failed " "(hmm... STRANGE). " ); BAIL_ON_VMDIR_ERROR( dwError ); } replAgrFilter->filtComp.ava.value.lberbv.bv_val = OC_REPLICATION_AGREEMENT; replAgrFilter->filtComp.ava.value.lberbv.bv_len = OC_REPLICATION_AGREEMENT_LEN; if (VmDirSchemaBervalNormalize( op.pSchemaCtx, replAgrFilter->filtComp.ava.pATDesc, &(replAgrFilter->filtComp.ava.value) ) != LDAP_SUCCESS) { dwError = -1; VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: Attribute value normalization failed for " "filter type = %s", replAgrFilter->filtComp.ava.type.lberbv.bv_val ); BAIL_ON_VMDIR_ERROR( dwError ); } replAgrFilter->next = NULL; if ((dwError = VmDirInternalSearch( &op )) != 0) { VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: InternalSearch for Replication Agreements failed. " "Error code: %d, Error string: %s", dwError, VDIR_SAFE_STRING(op.ldapResult.pszErrMsg)); dwError = -1; BAIL_ON_VMDIR_ERROR( dwError ); } // load all replication agreements for (iCnt=0; iCnt < op.internalSearchEntryArray.iSize; iCnt++) { dwError = ProcessReplicationAgreementEntry( op.internalSearchEntryArray.pEntry + iCnt ); BAIL_ON_VMDIR_ERROR( dwError ); } VmDirPopulateInvocationIdInReplAgr(); } cleanup: VmDirFreeOperationContent(&op); VmDirLog( LDAP_DEBUG_TRACE, "LoadReplicationAgreements: End" ); return dwError; error: goto cleanup; }