static
DWORD
_CreateCopyOperation(
LDAPMessage *pEntry,
PVDIR_OPERATION pLdapOp
)
{
DWORD dwError = 0;
dwError = VmDirInitStackOperation(
pLdapOp,
VDIR_OPERATION_TYPE_REPL,
LDAP_REQ_MODIFY,
NULL);
BAIL_ON_VMDIR_ERROR(dwError);
pLdapOp->pBEIF = VmDirBackendSelect(NULL);
assert(pLdapOp->pBEIF);
pLdapOp->reqDn.lberbv.bv_val = SUB_SCHEMA_SUB_ENTRY_DN;
pLdapOp->reqDn.lberbv.bv_len = VmDirStringLenA(SUB_SCHEMA_SUB_ENTRY_DN);
pLdapOp->request.modifyReq.dn.lberbv.bv_val = pLdapOp->reqDn.lberbv.bv_val;
pLdapOp->request.modifyReq.dn.lberbv.bv_len = pLdapOp->reqDn.lberbv.bv_len;
cleanup:
return dwError;
error:
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
"%s,%d failed, error(%d)", __FUNCTION__, __LINE__, dwError );
goto cleanup;
}
DWORD
VmDirDeleteEntryViaDN(
PCSTR pszDN
)
{
DWORD dwError = 0;
VDIR_OPERATION op = {0};
DeleteReq *dr = NULL;
if (IsNullOrEmptyString(pszDN))
{
BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER);
}
dwError = VmDirInitStackOperation(&op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_DELETE, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
op.pBEIF = VmDirBackendSelect(NULL);
op.reqDn.lberbv_val = (PSTR)pszDN;
op.reqDn.lberbv_len = VmDirStringLenA(pszDN);
dr = &op.request.deleteReq;
dr->dn.lberbv.bv_val = op.reqDn.lberbv.bv_val;
dr->dn.lberbv.bv_len = op.reqDn.lberbv.bv_len;
dwError = VmDirInternalDeleteEntry(&op);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&op);
return dwError;
error:
goto cleanup;
}
DWORD
VmDirDeleteEntry(
PVDIR_ENTRY pEntry
)
{
DWORD dwError = 0;
VDIR_OPERATION op = {0};
DeleteReq *dr = NULL;
dwError = VmDirInitStackOperation(&op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_DELETE, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
op.pBEIF = VmDirBackendSelect(NULL);
op.reqDn.lberbv_val = pEntry->dn.lberbv.bv_val;
op.reqDn.lberbv_len = pEntry->dn.lberbv.bv_len;
dr = &op.request.deleteReq;
dr->dn.lberbv.bv_val = op.reqDn.lberbv.bv_val;
dr->dn.lberbv.bv_len = op.reqDn.lberbv.bv_len;
dwError = VmDirInternalDeleteEntry(&op);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&op);
return dwError;
error:
goto cleanup;
}
/*
* After copying DB from partner, we need to derive UTDVector for new node from partner.
* i.e. <whatever partner node current UTDVector> + <partner invoactionid:partner max commited USN>
*/
static
DWORD
_VmDirComposeUtdVector(
PVMDIR_SWAP_DB_INFO pSwapDBInfo
)
{
DWORD dwError = 0;
PVDIR_ENTRY pServerEntry = NULL;
PVDIR_ATTRIBUTE pAttrUTDVector = NULL;
PVDIR_ATTRIBUTE pAttrInvocationId = NULL;
VDIR_OPERATION searchOp = {0};
dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirInternalSearchSeverObj(pSwapDBInfo->pszOrgDBServerName, &searchOp);
BAIL_ON_VMDIR_ERROR(dwError);
pServerEntry = searchOp.internalSearchEntryArray.pEntry;
pAttrUTDVector = VmDirEntryFindAttribute(ATTR_UP_TO_DATE_VECTOR, pServerEntry);
pAttrInvocationId = VmDirEntryFindAttribute(ATTR_INVOCATION_ID, pServerEntry);
dwError = _VmGetHighestCommittedUSN(&pSwapDBInfo->pszOrgDBMaxUSN);
BAIL_ON_VMDIR_ERROR(dwError);
VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "DB maxCommittedUSN %s", pSwapDBInfo->pszOrgDBMaxUSN);
dwError = VmDirUTDVectorCacheInit(&pSwapDBInfo->pMyUTDVector);
BAIL_ON_VMDIR_ERROR(dwError);
if (pAttrUTDVector)
{
dwError = VmDirUTDVectorCacheReplace(pSwapDBInfo->pMyUTDVector, pAttrUTDVector->vals[0].lberbv.bv_val);
BAIL_ON_VMDIR_ERROR(dwError);
VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "DB UTDVector %s", pSwapDBInfo->pMyUTDVector->pszUtdVector);
}
dwError = VmDirUTDVectorCacheAdd(
pSwapDBInfo->pMyUTDVector,
pAttrInvocationId->vals[0].lberbv.bv_val,
pSwapDBInfo->pszOrgDBMaxUSN);
BAIL_ON_VMDIR_ERROR(dwError);
VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "My UTDVector %s", pSwapDBInfo->pMyUTDVector->pszUtdVector);
cleanup:
VmDirFreeOperationContent(&searchOp);
return dwError;
error:
VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "error (%u)", dwError);
goto cleanup;
}
static
DWORD
_VmDirSimpleEntryCreateInBEWithGuid(
PVDIR_BACKEND_INTERFACE pBE,
PVDIR_SCHEMA_CTX pSchemaCtx,
PSTR* ppszEntryInitializer,
PSTR pszDN,
ENTRYID ulEntryId,
PSTR pszGuid /* Optional */
)
{
DWORD dwError = 0;
VDIR_OPERATION ldapOp = {0};
dwError = VmDirInitStackOperation( &ldapOp,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_ADD,
pSchemaCtx );
BAIL_ON_VMDIR_ERROR(dwError);
ldapOp.pBEIF = pBE;
assert(ldapOp.pBEIF);
ldapOp.reqDn.lberbv.bv_val = pszDN;
ldapOp.reqDn.lberbv.bv_len = VmDirStringLenA(pszDN);
dwError = AttrListToEntry(
pSchemaCtx,
pszDN,
ppszEntryInitializer,
ldapOp.request.addReq.pEntry);
BAIL_ON_VMDIR_ERROR(dwError);
ldapOp.request.addReq.pEntry->eId = ulEntryId;
if (!IsNullOrEmptyString(pszGuid))
{
dwError = VmDirAllocateStringA(pszGuid, &ldapOp.request.addReq.pEntry->pszGuid);
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInternalAddEntry(&ldapOp);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&ldapOp);
return dwError;
error:
goto cleanup;
}
static
DWORD
_VmDirPagedSearchWorkerThread(
PVOID pArg
)
{
PVDIR_PAGED_SEARCH_RECORD pSearchRecord = (PVDIR_PAGED_SEARCH_RECORD)pArg;
DWORD dwError = 0;
PVDIR_PAGED_SEARCH_ENTRY_LIST pEntryIdList = NULL;
VDIR_OPERATION searchOp = {0};
VmDirDropThreadPriority(DEFAULT_THREAD_PRIORITY_DELTA);
dwError = VmDirInitStackOperation(
&searchOp,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_SEARCH,
NULL);
BAIL_ON_VMDIR_ERROR(dwError);
searchOp.pBEIF = VmDirBackendSelect(NULL);
searchOp.request.searchReq.filter = pSearchRecord->pFilter;
while (pSearchRecord->dwCandidatesProcessed < (DWORD)pSearchRecord->pTotalCandidates->size)
{
dwError = _VmDirPagedSearchEntryListAlloc(pSearchRecord, &pEntryIdList);
BAIL_ON_VMDIR_ERROR(dwError);
_VmDirPagedSearchProcessEntries(&searchOp, pSearchRecord, pEntryIdList);
if (pEntryIdList->dwCount == 0)
{
_VmDirPagedSearchEntryListFree(pEntryIdList);
}
else
{
dwError = VmDirPagedSearchCacheAddData(pSearchRecord, pEntryIdList);
BAIL_ON_VMDIR_ERROR(dwError);
}
}
_VmDirPagedSearchCacheWaitForClientCompletion(pSearchRecord);
cleanup:
// This will be freed when the pSearchRecord is released.
searchOp.request.searchReq.filter = NULL;
VmDirFreeOperationContent(&searchOp);
_DerefPagedSearchRecord(pSearchRecord);
return dwError;
error:
goto cleanup;
}
DWORD
VmDirSimpleEntryDeleteAttribute(
PCSTR pszDN,
PCSTR pszAttr
)
{
DWORD dwError = 0;
size_t dnlen = 0;
size_t attrlen = 0;
VDIR_OPERATION ldapOp = {0};
if (IsNullOrEmptyString(pszDN) || IsNullOrEmptyString(pszAttr))
{
BAIL_WITH_VMDIR_ERROR(dwError, VMDIR_ERROR_INVALID_PARAMETER);
}
dwError = VmDirInitStackOperation(
&ldapOp,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_MODIFY,
NULL);
BAIL_ON_VMDIR_ERROR(dwError);
dnlen = VmDirStringLenA(pszDN);
attrlen = VmDirStringLenA(pszAttr);
ldapOp.pBEIF = VmDirBackendSelect(NULL);
ldapOp.reqDn.lberbv_val = (PSTR)pszDN;
ldapOp.reqDn.lberbv_len = dnlen;
ldapOp.request.modifyReq.dn.lberbv_val = ldapOp.reqDn.lberbv_val;
ldapOp.request.modifyReq.dn.lberbv_len = ldapOp.reqDn.lberbv_len;
dwError = VmDirAppendAMod(
&ldapOp, MOD_OP_DELETE, pszAttr, attrlen, NULL, 0);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirInternalModifyEntry(&ldapOp);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&ldapOp);
return dwError;
error:
goto cleanup;
}
static
DWORD
_VmDirComposeHighWaterMark(
PVMDIR_SWAP_DB_INFO pSwapDBInfo
)
{
DWORD dwError = 0;
PVDIR_ENTRY pServerEntry = NULL;
PVDIR_ATTRIBUTE pAttrInvocationId = NULL;
VDIR_OPERATION searchOp = {0};
USN hwmUSN = 0;
dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirInternalSearchSeverObj(pSwapDBInfo->pszPartnerServerName, &searchOp);
BAIL_ON_VMDIR_ERROR(dwError);
pServerEntry = searchOp.internalSearchEntryArray.pEntry;
pAttrInvocationId = VmDirEntryFindAttribute(ATTR_INVOCATION_ID, pServerEntry);
// use this node max originating usn as high water mark
dwError = VmDirUTDVectorCacheLookup(
pSwapDBInfo->pMyUTDVector, pAttrInvocationId->vals[0].lberbv_val, &hwmUSN);
if (dwError == LW_STATUS_NOT_FOUND)
{
VMDIR_LOG_WARNING(VMDIR_LOG_MASK_ALL,
"Partner (%s,%s) not found in ORG DB UTDVector (%s). Join scenario NOT supported.",
pSwapDBInfo->pszPartnerServerName,
pAttrInvocationId->vals[0].lberbv_val,
pSwapDBInfo->pMyUTDVector->pszUtdVector);
}
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirAllocateStringPrintf(&pSwapDBInfo->pszMyHighWaterMark, "%" PRId64, hwmUSN);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&searchOp);
return dwError;
error:
VMDIR_LOG_ERROR(VMDIR_LOG_MASK_ALL, "error (%u)", dwError);
goto cleanup;
}
static
DWORD
VmDirSrvModifyPersistedDSERoot(
PVDIR_SCHEMA_CTX pSchemaCtx,
PSTR pszRootNamingContextDN,
PSTR pszConfigNamingContextDN,
PSTR pszSchemaNamingContextDN,
PSTR pszSubSchemaSubEntryDN,
PSTR pszServerDN,
PSTR pszDefaultAdminDN,
PSTR pszDCAccountDN,
PSTR pszDCAccountUPN,
PSTR pszDelObjsContainerDN,
PSTR pszSiteName
)
{
DWORD dwError = 0;
PSTR ppszPersistedDSERootAttrs[] =
{
ATTR_ROOT_DOMAIN_NAMING_CONTEXT, pszRootNamingContextDN,
ATTR_DEFAULT_NAMING_CONTEXT, pszRootNamingContextDN,
ATTR_CONFIG_NAMING_CONTEXT, pszConfigNamingContextDN,
ATTR_SCHEMA_NAMING_CONTEXT, pszSchemaNamingContextDN,
ATTR_SUB_SCHEMA_SUB_ENTRY, pszSubSchemaSubEntryDN,
ATTR_NAMING_CONTEXTS, pszRootNamingContextDN,
ATTR_NAMING_CONTEXTS, pszConfigNamingContextDN,
ATTR_NAMING_CONTEXTS, pszSchemaNamingContextDN,
ATTR_SERVER_NAME, pszServerDN,
ATTR_DEFAULT_ADMIN_DN, pszDefaultAdminDN,
ATTR_DC_ACCOUNT_DN, pszDCAccountDN,
ATTR_DC_ACCOUNT_UPN, pszDCAccountUPN,
ATTR_DEL_OBJS_CONTAINER, pszDelObjsContainerDN,
ATTR_SITE_NAME, pszSiteName,
NULL
};
VDIR_OPERATION op = {0};
PSTR pszLocalErrMsg = NULL;
VDIR_BERVALUE bvDSERootDN = VDIR_BERVALUE_INIT;
int i = 0;
dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: VmDirInitStackOperation failed with error code: %d.", dwError );
// Setup target DN
bvDSERootDN.lberbv.bv_val = PERSISTED_DSE_ROOT_DN;
bvDSERootDN.lberbv.bv_len = VmDirStringLenA( bvDSERootDN.lberbv.bv_val );
dwError = VmDirNormalizeDN( &bvDSERootDN, op.pSchemaCtx);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirBervalContentDup( &bvDSERootDN, &op.reqDn );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: BervalContentDup failed with error code: %d.", dwError );
op.pBEIF = VmDirBackendSelect(op.reqDn.lberbv.bv_val);
assert(op.pBEIF);
dwError = VmDirBervalContentDup( &op.reqDn, &op.request.modifyReq.dn );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: BervalContentDup failed with error code: %d.", dwError );
// Setup mods
for (i = 0; ppszPersistedDSERootAttrs[i] != NULL; i += 2 )
{
dwError = VmDirAppendAMod( &op, MOD_OP_REPLACE,
ppszPersistedDSERootAttrs[i],
(int) VmDirStringLenA(ppszPersistedDSERootAttrs[i]),
ppszPersistedDSERootAttrs[i + 1],
VmDirStringLenA(ppszPersistedDSERootAttrs[i + 1]) );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: VmDirAppendAMod failed with error code: %d.", dwError );
}
dwError = VmDirAppendAMod( &op, MOD_OP_DELETE, ATTR_INVOCATION_ID, ATTR_INVOCATION_ID_LEN,
gVmdirServerGlobals.invocationId.lberbv.bv_val,
gVmdirServerGlobals.invocationId.lberbv.bv_len );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: VmDirAppendAMod failed with error code: %d.", dwError );
// Modify
dwError = VmDirInternalModifyEntry( &op );
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrMsg,
"VmDirSrvModifyPersistedDSERoot: InternalModifyEntry failed. DN: %s, Error code: %d, Error string: %s",
op.reqDn.lberbv.bv_val, dwError, VDIR_SAFE_STRING( op.ldapResult.pszErrMsg ) );
cleanup:
VmDirFreeBervalContent(&bvDSERootDN);
VmDirFreeOperationContent(&op);
VMDIR_SAFE_FREE_MEMORY(pszLocalErrMsg);
return dwError;
error:
VmDirLog(LDAP_DEBUG_ANY, VDIR_SAFE_STRING(pszLocalErrMsg) );
goto cleanup;
}
/*
* Set vmwPasswordNeverExpires (if it doesn't have a value) to TRUE
* on the domain administrator's account.
*/
DWORD
VmDirSetAdministratorPasswordNeverExpires(
VOID
)
{
DWORD dwError = 0;
PCSTR pszDomainDn = NULL;
const CHAR szAdministrator[] = "cn=Administrator,cn=Users";
const CHAR szTrue[] = "TRUE";
PSTR pszAdministratorDn = NULL;
VDIR_OPERATION op = {0};
PSTR pszLocalErrMsg = NULL;
VDIR_ENTRY_ARRAY entryArray = {0};
PVDIR_ENTRY pEntry = NULL;
VDIR_BERVALUE bervBlob = VDIR_BERVALUE_INIT;
pszDomainDn = gVmdirServerGlobals.systemDomainDN.lberbv.bv_val;
if (pszDomainDn == NULL)
{
dwError = ERROR_INVALID_STATE;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirAllocateStringPrintf(&pszAdministratorDn, "%s,%s", szAdministrator, pszDomainDn);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSimpleEqualFilterInternalSearch(
pszDomainDn,
LDAP_SCOPE_SUBTREE,
ATTR_DN,
pszAdministratorDn,
&entryArray);
BAIL_ON_VMDIR_ERROR(dwError);
if (entryArray.iSize != 1)
{
dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION;
BAIL_ON_VMDIR_ERROR(dwError);
}
pEntry = &(entryArray.pEntry[0]);
if (pEntry->allocType == ENTRY_STORAGE_FORMAT_PACK)
{
dwError = VmDirEntryUnpack( pEntry );
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL);
BAIL_ON_VMDIR_ERROR_WITH_MSG(dwError, pszLocalErrMsg, "VmDirSetAdministratorPasswordNeverExpire: VmDirInitStackOperation failed: %u", dwError);
op.pBEIF = VmDirBackendSelect(NULL);
assert(op.pBEIF);
op.reqDn.lberbv.bv_val = pEntry->dn.lberbv.bv_val;
op.reqDn.lberbv.bv_len = pEntry->dn.lberbv.bv_len;
op.request.modifyReq.dn.lberbv = op.reqDn.lberbv;
bervBlob.lberbv.bv_val = (PSTR) szTrue;
bervBlob.lberbv.bv_len = strlen(szTrue);
dwError = VmDirAppendAMod( &op,
MOD_OP_REPLACE,
ATTR_PASSWORD_NEVER_EXPIRES,
ATTR_PASSWORD_NEVER_EXPIRES_LEN,
bervBlob.lberbv_val,
bervBlob.lberbv_len);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirInternalModifyEntry(&op);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeEntryArrayContent(&entryArray);
VmDirFreeOperationContent(&op);
VMDIR_SAFE_FREE_STRINGA(pszAdministratorDn);
return dwError;
error:
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
"VmDirSetAdministratorPasswordNeverExpires failed, (%u)", dwError);
goto cleanup;
}
/*
* Set SRP Identifier's secret on existing entry with Password set
*/
DWORD
VmDirSRPSetIdentityData(
PCSTR pszUPN,
PCSTR pszClearTextPassword
)
{
DWORD dwError = 0;
VDIR_OPERATION op = {0};
PSTR pszLocalErrMsg = NULL;
VDIR_ENTRY_ARRAY entryArray = {0};
PVDIR_ENTRY pEntry = NULL;
PVDIR_ATTRIBUTE pAttrSecret = NULL;
VDIR_BERVALUE bvUPN = VDIR_BERVALUE_INIT;
VDIR_BERVALUE bvClearTextPassword = VDIR_BERVALUE_INIT;
VDIR_BERVALUE bervSecretBlob = VDIR_BERVALUE_INIT;
if ( IsNullOrEmptyString(pszUPN) ||
IsNullOrEmptyString(pszClearTextPassword)
)
{
dwError = VMDIR_ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
bvUPN.lberbv_val = (PSTR)pszUPN;
bvUPN.lberbv_len = VmDirStringLenA(pszUPN);
bvClearTextPassword.lberbv_val = (PSTR)pszClearTextPassword;
bvClearTextPassword.lberbv_len = VmDirStringLenA(pszClearTextPassword);
dwError = VmDirSimpleEqualFilterInternalSearch(
"",
LDAP_SCOPE_SUBTREE,
ATTR_KRB_UPN,
pszUPN,
&entryArray);
BAIL_ON_VMDIR_ERROR(dwError);
if (entryArray.iSize == 1)
{
pAttrSecret = VmDirFindAttrByName(&(entryArray.pEntry[0]), ATTR_SRP_SECRET);
if (pAttrSecret)
{
dwError = VMDIR_ERROR_ENTRY_ALREADY_EXIST;
BAIL_ON_VMDIR_ERROR(dwError);
}
}
else
{
dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION;
BAIL_ON_VMDIR_ERROR(dwError);
}
pEntry = &(entryArray.pEntry[0]);
dwError = VdirPasswordCheck(&bvClearTextPassword, pEntry);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSRPCreateSecret(&bvUPN, &bvClearTextPassword, &bervSecretBlob);
BAIL_ON_VMDIR_ERROR(dwError);
if (pEntry->allocType == ENTRY_STORAGE_FORMAT_PACK)
{
dwError = VmDirEntryUnpack( pEntry );
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInitStackOperation( &op, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, NULL);
BAIL_ON_VMDIR_ERROR_WITH_MSG(dwError, pszLocalErrMsg, "VmDirSRPSetIdentityData: VmDirInitStackOperation failed: %u", dwError);
op.pBEIF = VmDirBackendSelect(NULL);
assert(op.pBEIF);
op.reqDn.lberbv.bv_val = pEntry->dn.lberbv.bv_val;
op.reqDn.lberbv.bv_len = pEntry->dn.lberbv.bv_len;
op.request.modifyReq.dn.lberbv = op.reqDn.lberbv;
dwError = VmDirAppendAMod( &op,
MOD_OP_ADD,
ATTR_SRP_SECRET,
ATTR_SRP_SECRET_LEN,
bervSecretBlob.lberbv_val,
bervSecretBlob.lberbv_len);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirInternalModifyEntry(&op);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeBervalContent(&bervSecretBlob);
VmDirFreeEntryArrayContent(&entryArray);
VmDirFreeOperationContent(&op);
return dwError;
error:
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
"VmDirSRPSetIdentityData (%s) failed, (%u)", VDIR_SAFE_STRING(pszUPN), dwError);
goto cleanup;
}
/*
* This generic search with pagination is new and isn't mature. Please be
* careful with the * scope, base, and use an indexed filter.
* Note that ulPageSize == 0 will ignore paging.
*/
DWORD
VmDirFilterInternalSearch(
PCSTR pszBaseDN,
int searchScope,
PCSTR pszFilter,
unsigned long ulPageSize,
PSTR *ppszPageCookie,
PVDIR_ENTRY_ARRAY pEntryArray
)
{
DWORD dwError = 0;
VDIR_OPERATION searchOP = {0};
VDIR_BERVALUE bervDN = VDIR_BERVALUE_INIT;
PVDIR_FILTER pFilter = NULL;
PVDIR_LDAP_CONTROL showPagedResultsCtrl = NULL;
PSTR pszPageCookie = NULL;
if ( !pszBaseDN || !pszFilter || !pEntryArray ||
(ulPageSize != 0 && ppszPageCookie == NULL))
{
dwError = VMDIR_ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
if (ulPageSize != 0)
{
dwError = VmDirAllocateMemory( sizeof(VDIR_LDAP_CONTROL), (PVOID *)&showPagedResultsCtrl );
BAIL_ON_VMDIR_ERROR(dwError);
showPagedResultsCtrl->value.pagedResultCtrlVal.pageSize = ulPageSize;
if (ppszPageCookie && *ppszPageCookie)
{
VmDirStringNCpyA(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie,
VMDIR_ARRAY_SIZE(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie),
*ppszPageCookie,
VMDIR_ARRAY_SIZE(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie) - 1);
}
else
{
showPagedResultsCtrl->value.pagedResultCtrlVal.cookie[0] = '\0';
}
}
dwError = VmDirInitStackOperation( &searchOP,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_SEARCH,
NULL );
BAIL_ON_VMDIR_ERROR(dwError);
bervDN.lberbv.bv_val = (PSTR)pszBaseDN;
bervDN.lberbv.bv_len = VmDirStringLenA(pszBaseDN);
searchOP.pBEIF = VmDirBackendSelect( pszBaseDN );
assert(searchOP.pBEIF);
dwError = VmDirBervalContentDup( &bervDN, &searchOP.reqDn);
BAIL_ON_VMDIR_ERROR(dwError);
searchOP.request.searchReq.scope = searchScope;
dwError = StrFilterToFilter(pszFilter, &pFilter);
BAIL_ON_VMDIR_ERROR(dwError);
searchOP.request.searchReq.filter = pFilter;
pFilter = NULL; // search request takes over pFilter
searchOP.showPagedResultsCtrl = showPagedResultsCtrl;
dwError = VmDirInternalSearch( &searchOP );
BAIL_ON_VMDIR_ERROR(dwError);
// caller takes over searchOP.internalSearchEntryArray contents
pEntryArray->iSize = searchOP.internalSearchEntryArray.iSize;
pEntryArray->pEntry = searchOP.internalSearchEntryArray.pEntry;
searchOP.internalSearchEntryArray.iSize = 0;
searchOP.internalSearchEntryArray.pEntry = NULL;
if (showPagedResultsCtrl)
{
dwError = VmDirAllocateStringA(showPagedResultsCtrl->value.pagedResultCtrlVal.cookie, &pszPageCookie);
BAIL_ON_VMDIR_ERROR(dwError);
*ppszPageCookie = pszPageCookie;
pszPageCookie = NULL;
}
cleanup:
VMDIR_SAFE_FREE_MEMORY(showPagedResultsCtrl);
VmDirFreeOperationContent(&searchOP);
if (pFilter)
{
DeleteFilter(pFilter);
}
return dwError;
error:
goto cleanup;
}
/*
* TODO, to generalize, we should create a strToFilter(pszFilter, &pOutFilter);
*/
DWORD
VmDirSimpleEqualFilterInternalSearch(
PCSTR pszBaseDN,
int searchScope,
PCSTR pszAttrName,
PCSTR pszAttrValue,
PVDIR_ENTRY_ARRAY pEntryArray
)
{
DWORD dwError = 0;
VDIR_OPERATION searchOP = {0};
VDIR_BERVALUE bervDN = VDIR_BERVALUE_INIT;
PVDIR_FILTER pFilter = NULL;
if ( !pszBaseDN || !pszAttrName || !pszAttrValue || !pEntryArray )
{
dwError = VMDIR_ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInitStackOperation( &searchOP,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_SEARCH,
NULL );
BAIL_ON_VMDIR_ERROR(dwError);
bervDN.lberbv.bv_val = (PSTR)pszBaseDN;
bervDN.lberbv.bv_len = VmDirStringLenA(pszBaseDN);
searchOP.pBEIF = VmDirBackendSelect( pszBaseDN );
assert(searchOP.pBEIF);
dwError = VmDirBervalContentDup( &bervDN, &searchOP.reqDn);
BAIL_ON_VMDIR_ERROR(dwError);
searchOP.request.searchReq.scope = searchScope;
{
dwError = VmDirAllocateMemory( sizeof( VDIR_FILTER ), (PVOID*)&pFilter );
BAIL_ON_VMDIR_ERROR(dwError);
pFilter->choice = LDAP_FILTER_EQUALITY;
pFilter->filtComp.ava.type.lberbv.bv_val = (PSTR)pszAttrName;
pFilter->filtComp.ava.type.lberbv.bv_len = VmDirStringLenA(pszAttrName);
pFilter->filtComp.ava.pATDesc = VmDirSchemaAttrNameToDesc(
searchOP.pSchemaCtx,
pszAttrName);
if (pFilter->filtComp.ava.pATDesc == NULL)
{
dwError = VMDIR_ERROR_NO_SUCH_ATTRIBUTE;
BAIL_ON_VMDIR_ERROR( dwError );
}
pFilter->filtComp.ava.value.lberbv.bv_val = (PSTR)pszAttrValue;
pFilter->filtComp.ava.value.lberbv.bv_len = VmDirStringLenA(pszAttrValue);
dwError = VmDirSchemaBervalNormalize( // TODO, may want to have filter code to do this?
searchOP.pSchemaCtx, // so caller does not have to handle this.
pFilter->filtComp.ava.pATDesc,
&(pFilter->filtComp.ava.value) );
BAIL_ON_VMDIR_ERROR(dwError);
pFilter->next = NULL;
}
//TODO, ideally, we should take pszFilter and dwError = VmDirStrToFilter(pszFilter, &pFilter);
searchOP.request.searchReq.filter = pFilter;
pFilter = NULL; // search request takes over pFilter
dwError = VmDirInternalSearch( &searchOP );
BAIL_ON_VMDIR_ERROR(dwError);
// caller takes over searchOP.internalSearchEntryArray contents
pEntryArray->iSize = searchOP.internalSearchEntryArray.iSize;
pEntryArray->pEntry = searchOP.internalSearchEntryArray.pEntry;
searchOP.internalSearchEntryArray.iSize = 0;
searchOP.internalSearchEntryArray.pEntry = NULL;
cleanup:
VmDirFreeOperationContent(&searchOP);
if (pFilter)
{
DeleteFilter(pFilter);
}
return dwError;
error:
goto cleanup;
}
/*
* Convenient function to replace ONE single value attribute via InternalModifyEntry
* *****************************************************************************
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
* You should NOT call this function while in a backend txn/ctx.
* *****************************************************************************
* This may not be easy to determine as we could call this in different places, which
* may be nested in external and internal OPERATION.
* A better approach is to pass in pOperation and use the same beCtx if exists.
* However, this could also cause logic error, e.g. you could lost track if entry/data
* has already been changed by beCtx and reread them.
* *****************************************************************************
*/
DWORD
VmDirInternalEntryAttributeReplace(
PVDIR_SCHEMA_CTX pSchemaCtx,
PCSTR pszNormDN,
PCSTR pszAttrName,
PVDIR_BERVALUE pBervAttrValue
)
{
DWORD dwError = 0;
VDIR_OPERATION ldapOp = {0};
PVDIR_MODIFICATION pMod = NULL;
if (!pszNormDN || !pszAttrName || !pBervAttrValue)
{
dwError = VMDIR_ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInitStackOperation(
&ldapOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_MODIFY, pSchemaCtx);
BAIL_ON_VMDIR_ERROR(dwError);
ldapOp.pBEIF = VmDirBackendSelect(pszNormDN);
assert(ldapOp.pBEIF);
ldapOp.reqDn.lberbv.bv_val = (PSTR)pszNormDN;
ldapOp.reqDn.lberbv.bv_len = VmDirStringLenA(pszNormDN);
dwError = VmDirAllocateMemory(sizeof(*pMod)*1, (PVOID)&pMod);
BAIL_ON_VMDIR_ERROR(dwError);
pMod->next = NULL;
pMod->operation = MOD_OP_REPLACE;
dwError = VmDirModAddSingleValueAttribute(
pMod,
ldapOp.pSchemaCtx,
pszAttrName,
pBervAttrValue->lberbv.bv_val,
pBervAttrValue->lberbv.bv_len);
BAIL_ON_VMDIR_ERROR(dwError);
ldapOp.request.modifyReq.dn.lberbv.bv_val = (PSTR)pszNormDN;
ldapOp.request.modifyReq.dn.lberbv.bv_len = VmDirStringLenA(pszNormDN);
ldapOp.request.modifyReq.mods = pMod;
pMod = NULL;
ldapOp.request.modifyReq.numMods = 1;
dwError = VmDirInternalModifyEntry(&ldapOp);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirFreeOperationContent(&ldapOp);
if (pMod)
{
VmDirModificationFree(pMod);
}
return dwError;
error:
goto cleanup;
}
static
int
_VmDirSwapDB(
PCSTR dbHomeDir,
BOOLEAN bHasXlog)
{
int retVal = LDAP_SUCCESS;
char dbExistingName[VMDIR_MAX_FILE_NAME_LEN] = {0};
char dbNewName[VMDIR_MAX_FILE_NAME_LEN] = {0};
PSTR pszLocalErrorMsg = NULL;
int errorCode = 0;
BOOLEAN bLegacyDataLoaded = FALSE;
PVDIR_BACKEND_INTERFACE pBE = NULL;
#ifndef _WIN32
const char fileSeperator = '/';
#else
const char fileSeperator = '\\';
#endif
// Shutdown backend
pBE = VmDirBackendSelect(NULL);
assert(pBE);
VmDirdStateSet(VMDIRD_STATE_SHUTDOWN);
VmDirIndexLibShutdown();
VmDirSchemaLibShutdown();
pBE->pfnBEShutdown();
VmDirBackendContentFree(pBE);
// move .mdb files
retVal = VmDirStringPrintFA( dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator,
LOCAL_PARTNER_DIR, fileSeperator, VMDIR_MDB_DATA_FILE_NAME);
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal );
retVal = VmDirStringPrintFA( dbNewName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s", dbHomeDir, fileSeperator,
VMDIR_MDB_DATA_FILE_NAME );
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal );
#ifdef WIN32
if (MoveFileEx(dbExistingName, dbNewName, MOVEFILE_COPY_ALLOWED|MOVEFILE_REPLACE_EXISTING) == 0)
{
retVal = LDAP_OPERATIONS_ERROR;
errorCode = GetLastError();
#else
if (rename(dbExistingName, dbNewName) != 0)
{
retVal = LDAP_OPERATIONS_ERROR;
errorCode = errno;
#endif
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: rename file from %s to %s failed, errno %d", dbExistingName, dbNewName, errorCode );
}
retVal = VmDirStringPrintFA(dbNewName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator, VMDIR_MDB_XLOGS_DIR_NAME);
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal );
if (bHasXlog)
{
//move xlog directory
retVal = VmDirStringPrintFA(dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s%c%s", dbHomeDir, fileSeperator,
LOCAL_PARTNER_DIR, fileSeperator, VMDIR_MDB_XLOGS_DIR_NAME);
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal );
#ifdef WIN32
if (MoveFileEx(dbExistingName, dbNewName, MOVEFILE_COPY_ALLOWED|MOVEFILE_REPLACE_EXISTING) == 0)
{
retVal = LDAP_OPERATIONS_ERROR;
errorCode = GetLastError();
#else
if (rmdir(dbNewName) != 0)
{
retVal = LDAP_OPERATIONS_ERROR;
errorCode = errno;
BAIL_ON_VMDIR_ERROR_WITH_MSG(retVal, (pszLocalErrorMsg), "_VmDirSwapDB cannot remove directory %s, errno %d",
dbNewName, errorCode);
}
if (rename(dbExistingName, dbNewName) != 0)
{
retVal = LDAP_OPERATIONS_ERROR;
errorCode = errno;
#endif
BAIL_ON_VMDIR_ERROR_WITH_MSG(retVal, (pszLocalErrorMsg), "_VmDirSwapDB cannot move directory from %s to %s, errno %d",
dbNewName, dbExistingName, errorCode);
}
}
retVal = VmDirStringPrintFA(dbExistingName, VMDIR_MAX_FILE_NAME_LEN, "%s%c%s", dbHomeDir, fileSeperator, LOCAL_PARTNER_DIR);
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, (pszLocalErrorMsg),
"_VmDirSwapDB: VmDirStringPrintFA() call failed with error: %d", retVal );
#ifdef WIN32
if (RemoveDirectory(dbExistingName)==0)
{
errorCode = GetLastError();
#else
if (rmdir(dbExistingName))
{
errorCode = errno;
#endif
VMDIR_LOG_WARNING(VMDIR_LOG_MASK_ALL, "cannot remove directory %s errno %d", dbExistingName, errorCode);
}
VmDirdStateSet(VMDIRD_STATE_STARTUP);
retVal = VmDirInitBackend(&bLegacyDataLoaded);
BAIL_ON_VMDIR_ERROR(retVal);
if (bLegacyDataLoaded)
{
retVal = VmDirPatchLocalSubSchemaSubEntry();
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, pszLocalErrorMsg,
"_VmDirSwapDB: failed to patch subschema subentry: %d", retVal );
retVal = VmDirWriteSchemaObjects();
BAIL_ON_VMDIR_ERROR_WITH_MSG( retVal, pszLocalErrorMsg,
"_VmDirSwapDB: failed to create schema tree: %d", retVal );
}
VmDirdStateSet(VMDIRD_STATE_NORMAL);
cleanup:
VMDIR_SAFE_FREE_MEMORY(pszLocalErrorMsg);
return retVal;
error:
retVal = LDAP_OPERATIONS_ERROR;
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "%s", VDIR_SAFE_STRING(pszLocalErrorMsg) );
goto cleanup;
}
static
int
_VmDirWrapUpFirstReplicationCycle(
PCSTR pszHostname,
VMDIR_REPLICATION_AGREEMENT * pReplAgr)
{
int retVal = LDAP_SUCCESS;
PVDIR_ENTRY pPartnerServerEntry = NULL;
PVDIR_ATTRIBUTE pAttrUpToDateVector = NULL;
PVDIR_ATTRIBUTE pAttrInvocationId = NULL;
USN localUsn = 0;
USN partnerLocalUsn = 0;
char partnerlocalUsnStr[VMDIR_MAX_USN_STR_LEN];
VDIR_BACKEND_CTX beCtx = {0};
struct berval syncDoneCtrlVal = {0};
PVDIR_SCHEMA_CTX pSchemaCtx = NULL;
VDIR_OPERATION searchOp = {0};
PVDIR_FILTER pSearchFilter = NULL;
PSTR pszSeparator = NULL;
retVal = VmDirSchemaCtxAcquire(&pSchemaCtx);
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirInitStackOperation( &searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, pSchemaCtx );
BAIL_ON_VMDIR_ERROR(retVal);
searchOp.pBEIF = VmDirBackendSelect(NULL);
assert(searchOp.pBEIF);
searchOp.reqDn.lberbv.bv_val = "";
searchOp.reqDn.lberbv.bv_len = 0;
searchOp.request.searchReq.scope = LDAP_SCOPE_SUBTREE;
retVal = VmDirConcatTwoFilters(searchOp.pSchemaCtx, ATTR_CN, (PSTR) pszHostname, ATTR_OBJECT_CLASS, OC_DIR_SERVER,
&pSearchFilter);
BAIL_ON_VMDIR_ERROR(retVal);
searchOp.request.searchReq.filter = pSearchFilter;
retVal = VmDirInternalSearch(&searchOp);
BAIL_ON_VMDIR_ERROR(retVal);
if (searchOp.internalSearchEntryArray.iSize != 1)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
"_VmDirWrapUpFirstReplicationCycle: Unexpected (not 1) number of partner server entries found (%d)",
searchOp.internalSearchEntryArray.iSize );
retVal = LDAP_OPERATIONS_ERROR;
BAIL_ON_VMDIR_ERROR(retVal);
}
pPartnerServerEntry = searchOp.internalSearchEntryArray.pEntry;
pAttrUpToDateVector = VmDirEntryFindAttribute( ATTR_UP_TO_DATE_VECTOR, pPartnerServerEntry );
pAttrInvocationId = VmDirEntryFindAttribute( ATTR_INVOCATION_ID, pPartnerServerEntry );
assert( pAttrInvocationId != NULL );
beCtx.pBE = VmDirBackendSelect(NULL);
assert(beCtx.pBE);
if ((retVal = beCtx.pBE->pfnBEGetNextUSN( &beCtx, &localUsn )) != 0)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: pfnBEGetNextUSN failed with error code: %d, "
"error message: %s", retVal, VDIR_SAFE_STRING(beCtx.pszBEErrorMsg) );
BAIL_ON_VMDIR_ERROR( retVal );
}
retVal = _VmGetHighestCommittedUSN(localUsn, &partnerLocalUsn);
BAIL_ON_VMDIR_ERROR( retVal );
VMDIR_LOG_INFO( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: partnerLocalUsn %llu locaUsn %llu", partnerLocalUsn, localUsn);
if ((retVal = VmDirStringNPrintFA( partnerlocalUsnStr, sizeof(partnerlocalUsnStr), sizeof(partnerlocalUsnStr) - 1,
"%" PRId64, partnerLocalUsn)) != 0)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirWrapUpFirstReplicationCycle: VmDirStringNPrintFA failed with error code: %d",
retVal );
BAIL_ON_VMDIR_ERROR( retVal );
}
if (pAttrUpToDateVector)
{
if (VmDirStringEndsWith( pAttrUpToDateVector->vals[0].lberbv.bv_val, ",", FALSE))
{
pszSeparator = "";
}
else
{
pszSeparator = ",";
}
// <partnerLocalUSN>,<partner up-to-date vector>,<partner server GUID>:<partnerLocalUSN>,
retVal = VmDirAllocateStringPrintf( &(syncDoneCtrlVal.bv_val), "%s,%s%s%s:%s,",
partnerlocalUsnStr,
pAttrUpToDateVector->vals[0].lberbv.bv_val,
pszSeparator,
pAttrInvocationId->vals[0].lberbv.bv_val,
partnerlocalUsnStr);
BAIL_ON_VMDIR_ERROR(retVal);
}
else
{
// <partnerLocalUSN>,<partner server GUID>:<partnerLocalUSN>,
retVal = VmDirAllocateStringPrintf( &(syncDoneCtrlVal.bv_val), "%s,%s:%s,",
partnerlocalUsnStr,
pAttrInvocationId->vals[0].lberbv.bv_val,
partnerlocalUsnStr);
BAIL_ON_VMDIR_ERROR(retVal);
}
VmDirSetACLMode();
syncDoneCtrlVal.bv_len = VmDirStringLenA(syncDoneCtrlVal.bv_val);
if ((retVal = VmDirReplUpdateCookies( pSchemaCtx, &(syncDoneCtrlVal), pReplAgr )) != LDAP_SUCCESS)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "vdirReplicationThrFun: UpdateCookies failed. Error: %d", retVal );
BAIL_ON_VMDIR_ERROR( retVal );
}
if ((retVal = _VmDirPatchDSERoot(pSchemaCtx)) != LDAP_SUCCESS)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "vdirReplicationThrFun: _VmDirPatchDSERoot failed. Error: %d", retVal );
BAIL_ON_VMDIR_ERROR( retVal );
}
cleanup:
VmDirFreeOperationContent(&searchOp);
VmDirBackendCtxContentFree(&beCtx);
VMDIR_SAFE_FREE_MEMORY(syncDoneCtrlVal.bv_val);
VmDirSchemaCtxRelease(pSchemaCtx);
return retVal;
error:
retVal = LDAP_OPERATIONS_ERROR;
goto cleanup;
}
#ifndef VDIR_PSC_VERSION
#define VDIR_PSC_VERSION "6.7.0"
#endif
static
int
_VmDirPatchDSERoot(
PVDIR_SCHEMA_CTX pSchemaCtx)
{
int retVal = LDAP_SUCCESS;
VDIR_OPERATION op = {0};
VDIR_BERVALUE bvDSERootDN = VDIR_BERVALUE_INIT;
VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "_VmDirPatchDSERoot: Begin" );
bvDSERootDN.lberbv.bv_val = PERSISTED_DSE_ROOT_DN;
bvDSERootDN.lberbv.bv_len = VmDirStringLenA( bvDSERootDN.lberbv.bv_val );
retVal = VmDirInitStackOperation( &op,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_MODIFY,
pSchemaCtx );
BAIL_ON_VMDIR_ERROR(retVal);
retVal = VmDirNormalizeDN( &bvDSERootDN, pSchemaCtx);
BAIL_ON_VMDIR_ERROR(retVal);
retVal = VmDirBervalContentDup( &bvDSERootDN, &op.reqDn );
BAIL_ON_VMDIR_ERROR(retVal);
op.pBEIF = VmDirBackendSelect(op.reqDn.lberbv.bv_val);
assert(op.pBEIF);
if (VmDirBervalContentDup( &op.reqDn, &op.request.modifyReq.dn ) != 0)
{
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirPatchDSERoot: BervalContentDup failed." );
BAIL_ON_VMDIR_ERROR( retVal );
}
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_DC_ACCOUNT_UPN, ATTR_DC_ACCOUNT_UPN_LEN,
gVmdirServerGlobals.dcAccountUPN.lberbv.bv_val,
gVmdirServerGlobals.dcAccountUPN.lberbv.bv_len );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_DC_ACCOUNT_DN, ATTR_DC_ACCOUNT_DN_LEN,
gVmdirServerGlobals.dcAccountDN.lberbv.bv_val,
gVmdirServerGlobals.dcAccountDN.lberbv.bv_len );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_SERVER_NAME, ATTR_SERVER_NAME_LEN,
gVmdirServerGlobals.serverObjDN.lberbv.bv_val,
gVmdirServerGlobals.serverObjDN.lberbv.bv_len );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_SITE_NAME, ATTR_SITE_NAME_LEN,
gVmdirServerGlobals.pszSiteName,
VmDirStringLenA(gVmdirServerGlobals.pszSiteName) );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_PSC_VERSION, ATTR_PSC_VERSION_LEN,
VDIR_PSC_VERSION,
VmDirStringLenA(VDIR_PSC_VERSION) );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAppendAMod( &op, MOD_OP_REPLACE, ATTR_MAX_DOMAIN_FUNCTIONAL_LEVEL,
ATTR_MAX_DOMAIN_FUNCTIONAL_LEVEL_LEN,
VMDIR_MAX_DFL_STRING,
VmDirStringLenA(VMDIR_MAX_DFL_STRING) );
BAIL_ON_VMDIR_ERROR( retVal );
if ((retVal = VmDirInternalModifyEntry( &op )) != 0)
{
// If VmDirInternall call failed, reset retVal to LDAP level error space (for B/C)
retVal = op.ldapResult.errCode;
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL, "_VmDirPatchDSERoot: InternalModifyEntry failed. "
"Error code: %d, Error string: %s", retVal, VDIR_SAFE_STRING( op.ldapResult.pszErrMsg ) );
BAIL_ON_VMDIR_ERROR( retVal );
}
cleanup:
VmDirFreeOperationContent(&op);
VMDIR_LOG_DEBUG( LDAP_DEBUG_TRACE, "_VmDirPatchDSERoot: End" );
return retVal;
error:
retVal = LDAP_OPERATIONS_ERROR;
goto cleanup;
}
DWORD
VmDirGetUPNMemberships(
PCSTR pszUpnName,
PSTR **pppszMemberships,
PDWORD pdwMemberships
)
{
DWORD dwError = 0;
VDIR_ENTRY_ARRAY entryArray = {0};
VDIR_OPERATION searchOp = {0};
BOOLEAN bHasTxn = FALSE;
PVDIR_ATTRIBUTE pMemberOf = NULL;
PSTR *ppszMemberships = NULL;
DWORD dwMemberships = 0;
DWORD i = 0;
if (IsNullOrEmptyString(pszUpnName) ||
pppszMemberships == NULL ||
pdwMemberships == NULL)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirSimpleEqualFilterInternalSearch(
"",
LDAP_SCOPE_SUBTREE,
ATTR_KRB_UPN,
pszUpnName,
&entryArray);
BAIL_ON_VMDIR_ERROR(dwError);
if (entryArray.iSize == 0)
{
dwError = VMDIR_ERROR_ENTRY_NOT_FOUND;
BAIL_ON_VMDIR_ERROR(dwError);
}
else if (entryArray.iSize > 1)
{
dwError = VMDIR_ERROR_DATA_CONSTRAINT_VIOLATION;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = VmDirInitStackOperation(&searchOp, VDIR_OPERATION_TYPE_INTERNAL, LDAP_REQ_SEARCH, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
searchOp.pBEIF = VmDirBackendSelect(NULL);
dwError = searchOp.pBEIF->pfnBETxnBegin(searchOp.pBECtx, VDIR_BACKEND_TXN_READ);
BAIL_ON_VMDIR_ERROR(dwError);
bHasTxn = TRUE;
dwError = VmDirBuildMemberOfAttribute(&searchOp, entryArray.pEntry, &pMemberOf);
BAIL_ON_VMDIR_ERROR(dwError);
if (pMemberOf)
{
dwMemberships = pMemberOf->numVals;
}
if (dwMemberships)
{
dwError = VmDirAllocateMemory(dwMemberships * sizeof(PSTR), (PVOID)&ppszMemberships);
BAIL_ON_VMDIR_ERROR(dwError);
for (i = 0; i < dwMemberships; i++)
{
PCSTR pszMemberOf = pMemberOf->vals[i].lberbv.bv_val;
dwError = VmDirAllocateStringA(pszMemberOf, &ppszMemberships[i]);
BAIL_ON_VMDIR_ERROR(dwError);
}
}
*pppszMemberships = ppszMemberships;
*pdwMemberships = dwMemberships;
cleanup:
if (pMemberOf)
{
VmDirFreeAttribute(pMemberOf);
}
if (bHasTxn)
{
searchOp.pBEIF->pfnBETxnCommit(searchOp.pBECtx);
}
VmDirFreeOperationContent(&searchOp);
VmDirFreeEntryArrayContent(&entryArray);
return dwError;
error:
VmDirFreeMemberships(ppszMemberships, dwMemberships);
goto cleanup;
}
static
int
LoadReplicationAgreements()
{
// Load my Replication Agreements
VDIR_OPERATION op = {0};
PVDIR_FILTER replAgrFilter = NULL;
DWORD dwError = 0;
int iCnt = 0;
VmDirLog( LDAP_DEBUG_TRACE, "LoadReplicationAgreements: Begin" );
if ( gVmdirServerGlobals.serverObjDN.lberbv.bv_val != NULL )
{
dwError = VmDirInitStackOperation( &op,
VDIR_OPERATION_TYPE_INTERNAL,
LDAP_REQ_SEARCH,
NULL );
BAIL_ON_VMDIR_ERROR(dwError);
op.pBEIF = VmDirBackendSelect( gVmdirServerGlobals.serverObjDN.lberbv.bv_val );
assert(op.pBEIF);
if (VmDirBervalContentDup( &gVmdirServerGlobals.serverObjDN, &op.reqDn ) != 0)
{
VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: BervalContentDup failed." );
dwError = -1;
BAIL_ON_VMDIR_ERROR( dwError );
}
op.request.searchReq.scope = LDAP_SCOPE_SUBTREE;
if (VmDirAllocateMemory( sizeof( VDIR_FILTER ), (PVOID *)&replAgrFilter ) != 0)
{
VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: VmDirAllocateMemory failed. " );
dwError = -1;
BAIL_ON_VMDIR_ERROR( dwError );
}
op.request.searchReq.filter = replAgrFilter;
replAgrFilter->choice = LDAP_FILTER_EQUALITY;
replAgrFilter->filtComp.ava.type.lberbv.bv_val = ATTR_OBJECT_CLASS;
replAgrFilter->filtComp.ava.type.lberbv.bv_len = ATTR_OBJECT_CLASS_LEN;
if ((replAgrFilter->filtComp.ava.pATDesc = VmDirSchemaAttrNameToDesc(
op.pSchemaCtx,
replAgrFilter->filtComp.ava.type.lberbv.bv_val)) == NULL)
{
dwError = -1;
VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: Getting pATDesc for ATTR_OBJECT_CLASS failed "
"(hmm... STRANGE). " );
BAIL_ON_VMDIR_ERROR( dwError );
}
replAgrFilter->filtComp.ava.value.lberbv.bv_val = OC_REPLICATION_AGREEMENT;
replAgrFilter->filtComp.ava.value.lberbv.bv_len = OC_REPLICATION_AGREEMENT_LEN;
if (VmDirSchemaBervalNormalize( op.pSchemaCtx, replAgrFilter->filtComp.ava.pATDesc,
&(replAgrFilter->filtComp.ava.value) ) != LDAP_SUCCESS)
{
dwError = -1;
VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: Attribute value normalization failed for "
"filter type = %s", replAgrFilter->filtComp.ava.type.lberbv.bv_val );
BAIL_ON_VMDIR_ERROR( dwError );
}
replAgrFilter->next = NULL;
if ((dwError = VmDirInternalSearch( &op )) != 0)
{
VmDirLog( LDAP_DEBUG_ANY, "LoadReplicationAgreements: InternalSearch for Replication Agreements failed. "
"Error code: %d, Error string: %s", dwError, VDIR_SAFE_STRING(op.ldapResult.pszErrMsg));
dwError = -1;
BAIL_ON_VMDIR_ERROR( dwError );
}
// load all replication agreements
for (iCnt=0; iCnt < op.internalSearchEntryArray.iSize; iCnt++)
{
dwError = ProcessReplicationAgreementEntry( op.internalSearchEntryArray.pEntry + iCnt );
BAIL_ON_VMDIR_ERROR( dwError );
}
VmDirPopulateInvocationIdInReplAgr();
}
cleanup:
VmDirFreeOperationContent(&op);
VmDirLog( LDAP_DEBUG_TRACE, "LoadReplicationAgreements: End" );
return dwError;
error:
goto cleanup;
}