2004-08-12 04:55:59 +00:00
/*
Unix SMB / CIFS mplementation .
LDAP protocol helper functions for SAMBA
Copyright ( C ) Andrew Tridgell 2004
Copyright ( C ) Volker Lendecke 2004
2004-08-13 07:10:46 +00:00
Copyright ( C ) Stefan Metzmacher 2004
Copyright ( C ) Simo Sorce 2004
2004-08-12 04:55:59 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 02:07:03 +00:00
the Free Software Foundation ; either version 3 of the License , or
2004-08-12 04:55:59 +00:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 02:07:03 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2004-08-12 04:55:59 +00:00
*/
# include "includes.h"
2006-01-03 15:40:05 +00:00
# include "libcli/util/asn_1.h"
2005-02-10 07:08:40 +00:00
# include "libcli/ldap/ldap.h"
2004-08-12 04:55:59 +00:00
2005-05-11 05:59:46 +00:00
2007-10-06 22:28:14 +00:00
static bool ldap_push_filter ( struct asn1_data * data , struct ldb_parse_tree * tree )
2004-08-12 04:55:59 +00:00
{
2005-06-14 03:53:35 +00:00
int i ;
2004-08-12 04:55:59 +00:00
switch ( tree - > operation ) {
2005-07-17 14:16:41 +00:00
case LDB_OP_AND :
case LDB_OP_OR :
asn1_push_tag ( data , ASN1_CONTEXT ( tree - > operation = = LDB_OP_AND ? 0 : 1 ) ) ;
for ( i = 0 ; i < tree - > u . list . num_elements ; i + + ) {
if ( ! ldap_push_filter ( data , tree - > u . list . elements [ i ] ) ) {
2007-10-06 22:28:14 +00:00
return false ;
2005-07-17 14:16:41 +00:00
}
}
asn1_pop_tag ( data ) ;
break ;
case LDB_OP_NOT :
asn1_push_tag ( data , ASN1_CONTEXT ( 2 ) ) ;
if ( ! ldap_push_filter ( data , tree - > u . isnot . child ) ) {
2007-10-06 22:28:14 +00:00
return false ;
2004-08-12 04:55:59 +00:00
}
2005-07-17 14:16:41 +00:00
asn1_pop_tag ( data ) ;
break ;
2004-08-12 04:55:59 +00:00
2005-07-19 09:09:00 +00:00
case LDB_OP_EQUALITY :
2005-06-14 03:53:35 +00:00
/* equality test */
2005-06-18 12:45:28 +00:00
asn1_push_tag ( data , ASN1_CONTEXT ( 3 ) ) ;
2005-07-19 09:09:00 +00:00
asn1_write_OctetString ( data , tree - > u . equality . attr ,
strlen ( tree - > u . equality . attr ) ) ;
asn1_write_OctetString ( data , tree - > u . equality . value . data ,
tree - > u . equality . value . length ) ;
2004-08-12 04:55:59 +00:00
asn1_pop_tag ( data ) ;
break ;
2005-07-17 14:16:41 +00:00
case LDB_OP_SUBSTRING :
/*
SubstringFilter : : = SEQUENCE {
type AttributeDescription ,
- - at least one must be present
substrings SEQUENCE OF CHOICE {
initial [ 0 ] LDAPString ,
any [ 1 ] LDAPString ,
final [ 2 ] LDAPString } }
*/
asn1_push_tag ( data , ASN1_CONTEXT ( 4 ) ) ;
asn1_write_OctetString ( data , tree - > u . substring . attr , strlen ( tree - > u . substring . attr ) ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
i = 0 ;
if ( ! tree - > u . substring . start_with_wildcard ) {
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
2005-10-12 06:10:23 +00:00
asn1_write_LDAPString ( data , ( char * ) tree - > u . substring . chunks [ i ] - > data ) ;
2005-07-17 14:16:41 +00:00
asn1_pop_tag ( data ) ;
i + + ;
}
while ( tree - > u . substring . chunks [ i ] ) {
int ctx ;
if ( ( ! tree - > u . substring . chunks [ i + 1 ] ) & &
( tree - > u . substring . end_with_wildcard = = 0 ) ) {
ctx = 2 ;
} else {
ctx = 1 ;
}
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( ctx ) ) ;
2005-10-12 06:10:23 +00:00
asn1_write_LDAPString ( data , ( char * ) tree - > u . substring . chunks [ i ] - > data ) ;
2005-07-17 14:16:41 +00:00
asn1_pop_tag ( data ) ;
i + + ;
}
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
break ;
2005-07-19 09:09:00 +00:00
case LDB_OP_GREATER :
/* greaterOrEqual test */
asn1_push_tag ( data , ASN1_CONTEXT ( 5 ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . attr ,
strlen ( tree - > u . comparison . attr ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . value . data ,
tree - > u . comparison . value . length ) ;
asn1_pop_tag ( data ) ;
break ;
case LDB_OP_LESS :
/* lessOrEqual test */
asn1_push_tag ( data , ASN1_CONTEXT ( 6 ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . attr ,
strlen ( tree - > u . comparison . attr ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . value . data ,
tree - > u . comparison . value . length ) ;
asn1_pop_tag ( data ) ;
break ;
2005-07-17 14:16:41 +00:00
case LDB_OP_PRESENT :
/* present test */
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 7 ) ) ;
asn1_write_LDAPString ( data , tree - > u . present . attr ) ;
asn1_pop_tag ( data ) ;
return ! data - > has_error ;
2005-07-19 09:09:00 +00:00
case LDB_OP_APPROX :
/* approx test */
asn1_push_tag ( data , ASN1_CONTEXT ( 8 ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . attr ,
strlen ( tree - > u . comparison . attr ) ) ;
asn1_write_OctetString ( data , tree - > u . comparison . value . data ,
tree - > u . comparison . value . length ) ;
asn1_pop_tag ( data ) ;
break ;
2005-06-14 03:53:35 +00:00
case LDB_OP_EXTENDED :
/*
MatchingRuleAssertion : : = SEQUENCE {
matchingRule [ 1 ] MatchingRuleID OPTIONAL ,
type [ 2 ] AttributeDescription OPTIONAL ,
matchValue [ 3 ] AssertionValue ,
dnAttributes [ 4 ] BOOLEAN DEFAULT FALSE
}
*/
2005-06-18 12:45:28 +00:00
asn1_push_tag ( data , ASN1_CONTEXT ( 9 ) ) ;
2005-06-14 03:53:35 +00:00
if ( tree - > u . extended . rule_id ) {
2005-06-18 12:45:28 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 1 ) ) ;
asn1_write_LDAPString ( data , tree - > u . extended . rule_id ) ;
2005-06-14 03:53:35 +00:00
asn1_pop_tag ( data ) ;
}
if ( tree - > u . extended . attr ) {
2005-06-18 12:45:28 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 2 ) ) ;
asn1_write_LDAPString ( data , tree - > u . extended . attr ) ;
2005-06-14 03:53:35 +00:00
asn1_pop_tag ( data ) ;
}
2005-06-18 12:45:28 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 3 ) ) ;
2005-10-12 06:10:23 +00:00
asn1_write_LDAPString ( data , ( char * ) tree - > u . extended . value . data ) ;
2005-06-18 12:45:28 +00:00
asn1_pop_tag ( data ) ;
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 4 ) ) ;
asn1_write_uint8 ( data , tree - > u . extended . dnAttributes ) ;
2005-06-14 03:53:35 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
asn1_pop_tag ( data ) ;
break ;
2005-06-18 10:38:06 +00:00
2004-08-12 04:55:59 +00:00
default :
2007-10-06 22:28:14 +00:00
return false ;
2004-08-12 04:55:59 +00:00
}
return ! data - > has_error ;
}
2004-11-02 06:42:15 +00:00
static void ldap_encode_response ( struct asn1_data * data , struct ldap_Result * result )
2004-08-12 04:55:59 +00:00
{
asn1_write_enumerated ( data , result - > resultcode ) ;
asn1_write_OctetString ( data , result - > dn ,
( result - > dn ) ? strlen ( result - > dn ) : 0 ) ;
asn1_write_OctetString ( data , result - > errormessage ,
( result - > errormessage ) ?
strlen ( result - > errormessage ) : 0 ) ;
2004-11-06 20:43:36 +00:00
if ( result - > referral ) {
asn1_push_tag ( data , ASN1_CONTEXT ( 3 ) ) ;
2004-08-12 04:55:59 +00:00
asn1_write_OctetString ( data , result - > referral ,
strlen ( result - > referral ) ) ;
2004-11-06 20:43:36 +00:00
asn1_pop_tag ( data ) ;
}
2004-08-12 04:55:59 +00:00
}
2007-10-06 22:28:14 +00:00
bool ldap_encode ( struct ldap_message * msg , DATA_BLOB * result , TALLOC_CTX * mem_ctx )
2004-08-12 04:55:59 +00:00
{
2007-05-21 06:12:06 +00:00
struct asn1_data * data = asn1_init ( mem_ctx ) ;
2004-08-12 04:55:59 +00:00
int i , j ;
2007-10-06 22:28:14 +00:00
if ( ! data ) return false ;
2007-05-21 12:47:18 +00:00
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_Integer ( data , msg - > messageid ) ;
2004-08-12 04:55:59 +00:00
switch ( msg - > type ) {
case LDAP_TAG_BindRequest : {
struct ldap_BindRequest * r = & msg - > r . BindRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_Integer ( data , r - > version ) ;
asn1_write_OctetString ( data , r - > dn ,
2004-08-12 04:55:59 +00:00
( r - > dn ! = NULL ) ? strlen ( r - > dn ) : 0 ) ;
switch ( r - > mechanism ) {
case LDAP_AUTH_MECH_SIMPLE :
/* context, primitive */
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
asn1_write ( data , r - > creds . password ,
2004-08-12 04:55:59 +00:00
strlen ( r - > creds . password ) ) ;
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
case LDAP_AUTH_MECH_SASL :
/* context, constructed */
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT ( 3 ) ) ;
asn1_write_OctetString ( data , r - > creds . SASL . mechanism ,
2004-08-12 04:55:59 +00:00
strlen ( r - > creds . SASL . mechanism ) ) ;
2006-02-15 15:19:10 +00:00
if ( r - > creds . SASL . secblob ) {
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data , r - > creds . SASL . secblob - > data ,
2006-02-15 15:19:10 +00:00
r - > creds . SASL . secblob - > length ) ;
2006-02-04 11:19:09 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
default :
2007-10-06 22:28:14 +00:00
return false ;
2004-08-12 04:55:59 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_BindResponse : {
struct ldap_BindResponse * r = & msg - > r . BindResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , & r - > response ) ;
2006-02-15 15:19:10 +00:00
if ( r - > SASL . secblob ) {
2007-05-21 06:12:06 +00:00
asn1_write_ContextSimple ( data , 7 , r - > SASL . secblob ) ;
2006-02-04 11:19:09 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_UnbindRequest : {
/* struct ldap_UnbindRequest *r = &msg->r.UnbindRequest; */
break ;
}
case LDAP_TAG_SearchRequest : {
struct ldap_SearchRequest * r = & msg - > r . SearchRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > basedn , strlen ( r - > basedn ) ) ;
asn1_write_enumerated ( data , r - > scope ) ;
asn1_write_enumerated ( data , r - > deref ) ;
asn1_write_Integer ( data , r - > sizelimit ) ;
asn1_write_Integer ( data , r - > timelimit ) ;
asn1_write_BOOLEAN ( data , r - > attributesonly ) ;
if ( ! ldap_push_filter ( data , r - > tree ) ) {
2007-10-06 22:28:14 +00:00
return false ;
2005-06-18 12:45:28 +00:00
}
2004-08-12 04:55:59 +00:00
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2004-08-12 04:55:59 +00:00
for ( i = 0 ; i < r - > num_attributes ; i + + ) {
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data , r - > attributes [ i ] ,
2004-08-12 04:55:59 +00:00
strlen ( r - > attributes [ i ] ) ) ;
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_SearchResultEntry : {
struct ldap_SearchResEntry * r = & msg - > r . SearchResultEntry ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2004-08-12 04:55:59 +00:00
for ( i = 0 ; i < r - > num_attributes ; i + + ) {
2005-06-15 01:02:53 +00:00
struct ldb_message_element * attr = & r - > attributes [ i ] ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_OctetString ( data , attr - > name ,
2004-08-12 04:55:59 +00:00
strlen ( attr - > name ) ) ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 1 ) ) ;
2004-08-12 04:55:59 +00:00
for ( j = 0 ; j < attr - > num_values ; j + + ) {
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data ,
2004-08-12 04:55:59 +00:00
attr - > values [ j ] . data ,
attr - > values [ j ] . length ) ;
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_SearchResultDone : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . SearchResultDone ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ModifyRequest : {
struct ldap_ModifyRequest * r = & msg - > r . ModifyRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2004-08-12 04:55:59 +00:00
for ( i = 0 ; i < r - > num_mods ; i + + ) {
2005-06-15 01:02:53 +00:00
struct ldb_message_element * attrib = & r - > mods [ i ] . attrib ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_enumerated ( data , r - > mods [ i ] . type ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_OctetString ( data , attrib - > name ,
2004-08-12 04:55:59 +00:00
strlen ( attrib - > name ) ) ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SET ) ;
2004-08-12 04:55:59 +00:00
for ( j = 0 ; j < attrib - > num_values ; j + + ) {
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data ,
2004-08-12 04:55:59 +00:00
attrib - > values [ j ] . data ,
attrib - > values [ j ] . length ) ;
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ModifyResponse : {
struct ldap_Result * r = & msg - > r . ModifyResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_AddRequest : {
struct ldap_AddRequest * r = & msg - > r . AddRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2004-08-12 04:55:59 +00:00
for ( i = 0 ; i < r - > num_attributes ; i + + ) {
2005-06-15 01:02:53 +00:00
struct ldb_message_element * attrib = & r - > attributes [ i ] ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_OctetString ( data , attrib - > name ,
2004-08-12 04:55:59 +00:00
strlen ( attrib - > name ) ) ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_SET ) ;
2004-08-12 04:55:59 +00:00
for ( j = 0 ; j < r - > attributes [ i ] . num_values ; j + + ) {
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data ,
2004-08-12 04:55:59 +00:00
attrib - > values [ j ] . data ,
attrib - > values [ j ] . length ) ;
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_AddResponse : {
struct ldap_Result * r = & msg - > r . AddResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-27 15:40:12 +00:00
case LDAP_TAG_DelRequest : {
struct ldap_DelRequest * r = & msg - > r . DelRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION_SIMPLE ( msg - > type ) ) ;
asn1_write ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-27 15:40:12 +00:00
case LDAP_TAG_DelResponse : {
struct ldap_Result * r = & msg - > r . DelResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ModifyDNRequest : {
struct ldap_ModifyDNRequest * r = & msg - > r . ModifyDNRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_write_OctetString ( data , r - > newrdn , strlen ( r - > newrdn ) ) ;
asn1_write_BOOLEAN ( data , r - > deleteolddn ) ;
2006-02-15 15:19:10 +00:00
if ( r - > newsuperior ) {
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
asn1_write ( data , r - > newsuperior ,
2004-08-12 04:55:59 +00:00
strlen ( r - > newsuperior ) ) ;
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ModifyDNResponse : {
2004-08-17 11:22:44 +00:00
struct ldap_Result * r = & msg - > r . ModifyDNResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_CompareRequest : {
struct ldap_CompareRequest * r = & msg - > r . CompareRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > dn , strlen ( r - > dn ) ) ;
asn1_push_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_write_OctetString ( data , r - > attribute ,
2004-08-12 04:55:59 +00:00
strlen ( r - > attribute ) ) ;
2007-05-21 06:12:06 +00:00
asn1_write_OctetString ( data , r - > value . data ,
2004-09-29 12:18:06 +00:00
r - > value . length ) ;
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_CompareResponse : {
2004-09-29 12:18:06 +00:00
struct ldap_Result * r = & msg - > r . ModifyDNResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , r ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_AbandonRequest : {
struct ldap_AbandonRequest * r = & msg - > r . AbandonRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION_SIMPLE ( msg - > type ) ) ;
asn1_write_implicit_Integer ( data , r - > messageid ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_SearchResultReference : {
2004-11-06 20:43:36 +00:00
struct ldap_SearchResRef * r = & msg - > r . SearchResultReference ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_write_OctetString ( data , r - > referral , strlen ( r - > referral ) ) ;
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ExtendedRequest : {
struct ldap_ExtendedRequest * r = & msg - > r . ExtendedRequest ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
asn1_write ( data , r - > oid , strlen ( r - > oid ) ) ;
asn1_pop_tag ( data ) ;
2006-02-15 15:19:10 +00:00
if ( r - > value ) {
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 1 ) ) ;
asn1_write ( data , r - > value - > data , r - > value - > length ) ;
asn1_pop_tag ( data ) ;
2006-02-15 15:19:10 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case LDAP_TAG_ExtendedResponse : {
struct ldap_ExtendedResponse * r = & msg - > r . ExtendedResponse ;
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_APPLICATION ( msg - > type ) ) ;
ldap_encode_response ( data , & r - > response ) ;
2006-02-15 15:19:10 +00:00
if ( r - > oid ) {
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 10 ) ) ;
asn1_write ( data , r - > oid , strlen ( r - > oid ) ) ;
asn1_pop_tag ( data ) ;
2006-02-15 15:19:10 +00:00
}
if ( r - > value ) {
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT_SIMPLE ( 11 ) ) ;
asn1_write ( data , r - > value - > data , r - > value - > length ) ;
asn1_pop_tag ( data ) ;
2006-02-15 15:19:10 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
default :
2007-10-06 22:28:14 +00:00
return false ;
2004-08-12 04:55:59 +00:00
}
2006-01-06 04:01:23 +00:00
if ( msg - > controls ! = NULL ) {
2007-05-21 06:12:06 +00:00
asn1_push_tag ( data , ASN1_CONTEXT ( 0 ) ) ;
2006-01-06 04:01:23 +00:00
for ( i = 0 ; msg - > controls [ i ] ! = NULL ; i + + ) {
2007-05-21 06:12:06 +00:00
if ( ! ldap_encode_control ( mem_ctx , data , msg - > controls [ i ] ) ) {
2007-10-06 22:28:14 +00:00
return false ;
2006-01-06 04:01:23 +00:00
}
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2006-01-06 04:01:23 +00:00
}
2007-05-21 06:12:06 +00:00
asn1_pop_tag ( data ) ;
2005-06-18 12:45:28 +00:00
2007-05-21 06:12:06 +00:00
if ( data - > has_error ) {
asn1_free ( data ) ;
2007-10-06 22:28:14 +00:00
return false ;
2005-06-18 12:45:28 +00:00
}
2007-05-21 06:12:06 +00:00
* result = data_blob_talloc ( mem_ctx , data - > data , data - > length ) ;
asn1_free ( data ) ;
2007-10-06 22:28:14 +00:00
return true ;
2004-08-12 04:55:59 +00:00
}
static const char * blob2string_talloc ( TALLOC_CTX * mem_ctx ,
DATA_BLOB blob )
{
2007-09-07 15:08:14 +00:00
char * result = talloc_array ( mem_ctx , char , blob . length + 1 ) ;
2004-08-12 04:55:59 +00:00
memcpy ( result , blob . data , blob . length ) ;
result [ blob . length ] = ' \0 ' ;
return result ;
}
2007-10-06 22:28:14 +00:00
static bool asn1_read_OctetString_talloc ( TALLOC_CTX * mem_ctx ,
2004-11-02 06:42:15 +00:00
struct asn1_data * data ,
2004-08-12 04:55:59 +00:00
const char * * result )
{
DATA_BLOB string ;
2007-05-21 06:12:06 +00:00
if ( ! asn1_read_OctetString ( data , mem_ctx , & string ) )
2007-10-06 22:28:14 +00:00
return false ;
2004-08-12 04:55:59 +00:00
* result = blob2string_talloc ( mem_ctx , string ) ;
data_blob_free ( & string ) ;
2007-10-06 22:28:14 +00:00
return true ;
2004-08-12 04:55:59 +00:00
}
static void ldap_decode_response ( TALLOC_CTX * mem_ctx ,
2004-11-02 06:42:15 +00:00
struct asn1_data * data ,
2004-08-12 04:55:59 +00:00
struct ldap_Result * result )
{
asn1_read_enumerated ( data , & result - > resultcode ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & result - > dn ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & result - > errormessage ) ;
2004-08-17 11:22:44 +00:00
if ( asn1_peek_tag ( data , ASN1_CONTEXT ( 3 ) ) ) {
asn1_start_tag ( data , ASN1_CONTEXT ( 3 ) ) ;
2004-08-12 04:55:59 +00:00
asn1_read_OctetString_talloc ( mem_ctx , data , & result - > referral ) ;
2004-08-17 11:22:44 +00:00
asn1_end_tag ( data ) ;
2004-08-13 06:27:02 +00:00
} else {
2004-08-17 11:22:44 +00:00
result - > referral = NULL ;
2004-08-13 06:27:02 +00:00
}
}
2005-07-17 14:16:41 +00:00
static struct ldb_val * * ldap_decode_substring ( TALLOC_CTX * mem_ctx , struct ldb_val * * chunks , int chunk_num , char * value )
{
chunks = talloc_realloc ( mem_ctx , chunks , struct ldb_val * , chunk_num + 2 ) ;
if ( chunks = = NULL ) {
return NULL ;
}
chunks [ chunk_num ] = talloc ( mem_ctx , struct ldb_val ) ;
if ( chunks [ chunk_num ] = = NULL ) {
return NULL ;
}
2005-10-12 06:10:23 +00:00
chunks [ chunk_num ] - > data = ( uint8_t * ) talloc_strdup ( mem_ctx , value ) ;
2005-07-17 14:16:41 +00:00
if ( chunks [ chunk_num ] - > data = = NULL ) {
return NULL ;
}
2006-06-07 04:23:42 +00:00
chunks [ chunk_num ] - > length = strlen ( value ) ;
2005-07-17 14:16:41 +00:00
2006-06-07 04:23:42 +00:00
chunks [ chunk_num + 1 ] = ' \0 ' ;
2005-07-17 14:16:41 +00:00
return chunks ;
}
2005-06-13 09:10:17 +00:00
/*
parse the ASN .1 formatted search string into a ldb_parse_tree
*/
2005-06-13 07:36:52 +00:00
static struct ldb_parse_tree * ldap_decode_filter_tree ( TALLOC_CTX * mem_ctx ,
struct asn1_data * data )
2004-08-12 04:55:59 +00:00
{
2005-06-18 12:45:28 +00:00
uint8_t filter_tag ;
2005-06-13 07:36:52 +00:00
struct ldb_parse_tree * ret ;
2005-05-10 01:57:47 +00:00
2005-06-13 07:36:52 +00:00
if ( ! asn1_peek_uint8 ( data , & filter_tag ) ) {
return NULL ;
}
2004-08-12 04:55:59 +00:00
filter_tag & = 0x1f ; /* strip off the asn1 stuff */
2005-06-13 07:36:52 +00:00
ret = talloc ( mem_ctx , struct ldb_parse_tree ) ;
if ( ret = = NULL ) return NULL ;
2004-08-12 04:55:59 +00:00
2005-06-13 07:36:52 +00:00
switch ( filter_tag ) {
case 0 :
case 1 :
/* AND or OR of one or more filters */
ret - > operation = ( filter_tag = = 0 ) ? LDB_OP_AND : LDB_OP_OR ;
ret - > u . list . num_elements = 0 ;
ret - > u . list . elements = NULL ;
if ( ! asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ) {
goto failed ;
}
2004-08-12 04:55:59 +00:00
while ( asn1_tag_remaining ( data ) > 0 ) {
2005-06-13 07:36:52 +00:00
struct ldb_parse_tree * subtree ;
subtree = ldap_decode_filter_tree ( ret , data ) ;
if ( subtree = = NULL ) {
goto failed ;
}
ret - > u . list . elements =
talloc_realloc ( ret , ret - > u . list . elements ,
struct ldb_parse_tree * ,
ret - > u . list . num_elements + 1 ) ;
if ( ret - > u . list . elements = = NULL ) {
goto failed ;
}
talloc_steal ( ret - > u . list . elements , subtree ) ;
ret - > u . list . elements [ ret - > u . list . num_elements ] = subtree ;
ret - > u . list . num_elements + + ;
}
if ( ! asn1_end_tag ( data ) ) {
goto failed ;
2004-08-12 04:55:59 +00:00
}
break ;
2005-06-13 07:36:52 +00:00
2005-06-14 03:53:35 +00:00
case 2 :
/* 'not' operation */
if ( ! asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ) {
goto failed ;
}
2005-06-13 06:06:29 +00:00
2005-06-14 03:53:35 +00:00
ret - > operation = LDB_OP_NOT ;
2005-07-13 05:55:28 +00:00
ret - > u . isnot . child = ldap_decode_filter_tree ( ret , data ) ;
if ( ret - > u . isnot . child = = NULL ) {
2005-06-19 10:37:45 +00:00
goto failed ;
}
2005-06-14 03:53:35 +00:00
if ( ! asn1_end_tag ( data ) ) {
2005-06-13 07:36:52 +00:00
goto failed ;
}
2005-06-14 03:53:35 +00:00
break ;
2005-06-13 07:36:52 +00:00
2005-06-14 03:53:35 +00:00
case 3 : {
/* equalityMatch */
const char * attrib ;
DATA_BLOB value ;
asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ;
2004-08-12 04:55:59 +00:00
asn1_read_OctetString_talloc ( mem_ctx , data , & attrib ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , mem_ctx , & value ) ;
2004-08-12 04:55:59 +00:00
asn1_end_tag ( data ) ;
2005-06-13 07:36:52 +00:00
if ( ( data - > has_error ) | | ( attrib = = NULL ) | | ( value . data = = NULL ) ) {
goto failed ;
}
2005-06-14 03:53:35 +00:00
2005-07-19 09:09:00 +00:00
ret - > operation = LDB_OP_EQUALITY ;
ret - > u . equality . attr = talloc_steal ( ret , attrib ) ;
ret - > u . equality . value . data = talloc_steal ( ret , value . data ) ;
ret - > u . equality . value . length = value . length ;
2004-08-12 04:55:59 +00:00
break ;
}
2005-07-17 14:16:41 +00:00
case 4 : {
/* substrings */
DATA_BLOB attr ;
uint8_t subs_tag ;
char * value ;
int chunk_num = 0 ;
if ( ! asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ) {
goto failed ;
}
2007-05-21 06:12:06 +00:00
if ( ! asn1_read_OctetString ( data , mem_ctx , & attr ) ) {
2005-07-17 14:16:41 +00:00
goto failed ;
}
ret - > operation = LDB_OP_SUBSTRING ;
2005-10-12 06:10:23 +00:00
ret - > u . substring . attr = talloc_strndup ( ret , ( char * ) attr . data , attr . length ) ;
2005-07-17 14:16:41 +00:00
ret - > u . substring . chunks = NULL ;
ret - > u . substring . start_with_wildcard = 1 ;
ret - > u . substring . end_with_wildcard = 1 ;
if ( ! asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ) {
goto failed ;
}
while ( asn1_tag_remaining ( data ) ) {
asn1_peek_uint8 ( data , & subs_tag ) ;
subs_tag & = 0x1f ; /* strip off the asn1 stuff */
if ( subs_tag > 2 ) goto failed ;
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( subs_tag ) ) ;
2007-05-21 06:12:06 +00:00
asn1_read_LDAPString ( data , mem_ctx , & value ) ;
2005-07-17 14:16:41 +00:00
asn1_end_tag ( data ) ;
switch ( subs_tag ) {
case 0 :
if ( ret - > u . substring . chunks ! = NULL ) {
/* initial value found in the middle */
goto failed ;
}
ret - > u . substring . chunks = ldap_decode_substring ( ret , NULL , 0 , value ) ;
if ( ret - > u . substring . chunks = = NULL ) {
goto failed ;
}
ret - > u . substring . start_with_wildcard = 0 ;
chunk_num = 1 ;
break ;
case 1 :
if ( ret - > u . substring . end_with_wildcard = = 0 ) {
/* "any" value found after a "final" value */
goto failed ;
}
ret - > u . substring . chunks = ldap_decode_substring ( ret ,
ret - > u . substring . chunks ,
chunk_num ,
value ) ;
if ( ret - > u . substring . chunks = = NULL ) {
goto failed ;
}
chunk_num + + ;
break ;
case 2 :
ret - > u . substring . chunks = ldap_decode_substring ( ret ,
ret - > u . substring . chunks ,
chunk_num ,
value ) ;
if ( ret - > u . substring . chunks = = NULL ) {
goto failed ;
}
ret - > u . substring . end_with_wildcard = 0 ;
break ;
default :
goto failed ;
}
}
if ( ! asn1_end_tag ( data ) ) { /* SEQUENCE */
goto failed ;
}
if ( ! asn1_end_tag ( data ) ) {
goto failed ;
}
break ;
}
2005-07-19 09:09:00 +00:00
case 5 : {
/* greaterOrEqual */
const char * attrib ;
DATA_BLOB value ;
asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & attrib ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , mem_ctx , & value ) ;
2005-07-19 09:09:00 +00:00
asn1_end_tag ( data ) ;
if ( ( data - > has_error ) | | ( attrib = = NULL ) | | ( value . data = = NULL ) ) {
goto failed ;
}
ret - > operation = LDB_OP_GREATER ;
ret - > u . comparison . attr = talloc_steal ( ret , attrib ) ;
ret - > u . comparison . value . data = talloc_steal ( ret , value . data ) ;
ret - > u . comparison . value . length = value . length ;
break ;
}
case 6 : {
/* lessOrEqual */
const char * attrib ;
DATA_BLOB value ;
asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & attrib ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , mem_ctx , & value ) ;
2005-07-19 09:09:00 +00:00
asn1_end_tag ( data ) ;
if ( ( data - > has_error ) | | ( attrib = = NULL ) | | ( value . data = = NULL ) ) {
goto failed ;
}
ret - > operation = LDB_OP_LESS ;
ret - > u . comparison . attr = talloc_steal ( ret , attrib ) ;
ret - > u . comparison . value . data = talloc_steal ( ret , value . data ) ;
ret - > u . comparison . value . length = value . length ;
break ;
}
2004-08-12 04:55:59 +00:00
case 7 : {
/* Normal presence, "attribute=*" */
2005-06-14 03:53:35 +00:00
char * attr ;
if ( ! asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( filter_tag ) ) ) {
2005-06-13 07:36:52 +00:00
goto failed ;
}
2007-05-21 06:12:06 +00:00
if ( ! asn1_read_LDAPString ( data , ret , & attr ) ) {
2005-06-13 07:36:52 +00:00
goto failed ;
}
2005-07-17 14:16:41 +00:00
ret - > operation = LDB_OP_PRESENT ;
ret - > u . present . attr = talloc_steal ( ret , attr ) ;
2005-06-14 03:53:35 +00:00
if ( ! asn1_end_tag ( data ) ) {
2005-06-13 07:36:52 +00:00
goto failed ;
}
2005-06-14 03:53:35 +00:00
break ;
}
2005-07-19 09:09:00 +00:00
case 8 : {
/* approx */
const char * attrib ;
DATA_BLOB value ;
asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & attrib ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , mem_ctx , & value ) ;
2005-07-19 09:09:00 +00:00
asn1_end_tag ( data ) ;
if ( ( data - > has_error ) | | ( attrib = = NULL ) | | ( value . data = = NULL ) ) {
goto failed ;
}
ret - > operation = LDB_OP_APPROX ;
ret - > u . comparison . attr = talloc_steal ( ret , attrib ) ;
ret - > u . comparison . value . data = talloc_steal ( ret , value . data ) ;
ret - > u . comparison . value . length = value . length ;
break ;
}
2005-06-14 03:53:35 +00:00
case 9 : {
2005-08-02 14:04:22 +00:00
char * oid = NULL , * attr = NULL , * value ;
2005-06-14 03:53:35 +00:00
uint8_t dnAttributes ;
/* an extended search */
if ( ! asn1_start_tag ( data , ASN1_CONTEXT ( filter_tag ) ) ) {
2005-06-13 07:36:52 +00:00
goto failed ;
}
2005-06-14 03:53:35 +00:00
2005-08-02 14:04:22 +00:00
/* FIXME: read carefully rfc2251.txt there are a number of 'MUST's
we need to check we properly implement - - SSS */
/* either oid or type must be defined */
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 1 ) ) ) { /* optional */
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 1 ) ) ;
2007-05-21 06:12:06 +00:00
asn1_read_LDAPString ( data , ret , & oid ) ;
2005-08-02 14:04:22 +00:00
asn1_end_tag ( data ) ;
}
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 2 ) ) ) { /* optional */
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 2 ) ) ;
2007-05-21 06:12:06 +00:00
asn1_read_LDAPString ( data , ret , & attr ) ;
2005-08-02 14:04:22 +00:00
asn1_end_tag ( data ) ;
}
2005-06-14 03:53:35 +00:00
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 3 ) ) ;
2007-05-21 06:12:06 +00:00
asn1_read_LDAPString ( data , ret , & value ) ;
2005-06-14 03:53:35 +00:00
asn1_end_tag ( data ) ;
2005-08-02 14:04:22 +00:00
/* dnAttributes is marked as BOOLEAN DEFAULT FALSE
it is not marked as OPTIONAL but openldap tools
do not set this unless it is to be set as TRUE
NOTE : openldap tools do not work with AD as it
seems that AD always requires the dnAttributes
boolean value to be set */
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 4 ) ) ) {
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 4 ) ) ;
asn1_read_uint8 ( data , & dnAttributes ) ;
asn1_end_tag ( data ) ;
} else {
dnAttributes = 0 ;
}
if ( ( oid = = NULL & & attr = = NULL ) | | ( value = = NULL ) ) {
2005-06-14 03:53:35 +00:00
goto failed ;
}
2005-08-02 14:04:22 +00:00
if ( oid ) {
ret - > operation = LDB_OP_EXTENDED ;
2005-06-14 03:53:35 +00:00
2005-08-02 14:04:22 +00:00
/* From the RFC2251: If the type field is
absent and matchingRule is present , the matchValue is compared
against all attributes in an entry which support that matchingRule
*/
if ( attr ) {
ret - > u . extended . attr = talloc_steal ( ret , attr ) ;
} else {
ret - > u . extended . attr = talloc_strdup ( ret , " * " ) ;
}
ret - > u . extended . rule_id = talloc_steal ( ret , oid ) ;
ret - > u . extended . value . data = talloc_steal ( ret , value ) ;
ret - > u . extended . value . length = strlen ( value ) ;
ret - > u . extended . dnAttributes = dnAttributes ;
} else {
ret - > operation = LDB_OP_EQUALITY ;
ret - > u . equality . attr = talloc_steal ( ret , attr ) ;
ret - > u . equality . value . data = talloc_steal ( ret , value ) ;
ret - > u . equality . value . length = strlen ( value ) ;
}
2005-06-13 07:36:52 +00:00
if ( ! asn1_end_tag ( data ) ) {
goto failed ;
}
2004-08-12 04:55:59 +00:00
break ;
}
2005-06-14 03:53:35 +00:00
2004-08-12 04:55:59 +00:00
default :
2005-06-13 07:36:52 +00:00
DEBUG ( 0 , ( " Unsupported LDAP filter operation 0x%x \n " , filter_tag ) ) ;
goto failed ;
2004-08-12 04:55:59 +00:00
}
2005-06-13 07:36:52 +00:00
return ret ;
failed :
talloc_free ( ret ) ;
return NULL ;
}
2005-05-10 01:57:47 +00:00
2004-11-02 06:42:15 +00:00
static void ldap_decode_attrib ( TALLOC_CTX * mem_ctx , struct asn1_data * data ,
2005-06-15 01:02:53 +00:00
struct ldb_message_element * attrib )
2004-08-12 04:55:59 +00:00
{
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_read_OctetString_talloc ( mem_ctx , data , & attrib - > name ) ;
asn1_start_tag ( data , ASN1_SET ) ;
while ( asn1_peek_tag ( data , ASN1_OCTET_STRING ) ) {
DATA_BLOB blob ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , mem_ctx , & blob ) ;
2005-06-15 01:12:31 +00:00
add_value_to_attrib ( mem_ctx , & blob , attrib ) ;
2004-08-12 04:55:59 +00:00
}
asn1_end_tag ( data ) ;
asn1_end_tag ( data ) ;
}
2004-11-02 06:42:15 +00:00
static void ldap_decode_attribs ( TALLOC_CTX * mem_ctx , struct asn1_data * data ,
2005-06-15 01:02:53 +00:00
struct ldb_message_element * * attributes ,
2004-08-12 04:55:59 +00:00
int * num_attributes )
{
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
while ( asn1_peek_tag ( data , ASN1_SEQUENCE ( 0 ) ) ) {
2005-06-15 01:02:53 +00:00
struct ldb_message_element attrib ;
2004-08-12 04:55:59 +00:00
ZERO_STRUCT ( attrib ) ;
ldap_decode_attrib ( mem_ctx , data , & attrib ) ;
add_attrib_to_array_talloc ( mem_ctx , & attrib ,
attributes , num_attributes ) ;
}
asn1_end_tag ( data ) ;
}
2007-03-13 00:59:06 +00:00
/* This routine returns LDAP status codes */
NTSTATUS ldap_decode ( struct asn1_data * data , struct ldap_message * msg )
2004-08-12 04:55:59 +00:00
{
2005-02-10 05:09:35 +00:00
uint8_t tag ;
2004-08-12 04:55:59 +00:00
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
asn1_read_Integer ( data , & msg - > messageid ) ;
if ( ! asn1_peek_uint8 ( data , & tag ) )
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2004-08-12 04:55:59 +00:00
switch ( tag ) {
case ASN1_APPLICATION ( LDAP_TAG_BindRequest ) : {
struct ldap_BindRequest * r = & msg - > r . BindRequest ;
msg - > type = LDAP_TAG_BindRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2004-08-12 04:55:59 +00:00
asn1_read_Integer ( data , & r - > version ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
2004-10-08 12:08:43 +00:00
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ) {
2004-08-12 04:55:59 +00:00
int pwlen ;
r - > creds . password = " " ;
2004-10-08 12:08:43 +00:00
r - > mechanism = LDAP_AUTH_MECH_SIMPLE ;
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
2004-08-12 04:55:59 +00:00
pwlen = asn1_tag_remaining ( data ) ;
2006-09-29 04:45:15 +00:00
if ( pwlen = = - 1 ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2004-08-12 04:55:59 +00:00
if ( pwlen ! = 0 ) {
2007-09-07 15:08:14 +00:00
char * pw = talloc_array ( msg , char , pwlen + 1 ) ;
2006-09-29 04:45:15 +00:00
if ( ! pw ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2004-08-12 04:55:59 +00:00
asn1_read ( data , pw , pwlen ) ;
pw [ pwlen ] = ' \0 ' ;
r - > creds . password = pw ;
}
asn1_end_tag ( data ) ;
2004-10-08 12:08:43 +00:00
} else if ( asn1_peek_tag ( data , ASN1_CONTEXT ( 3 ) ) ) {
asn1_start_tag ( data , ASN1_CONTEXT ( 3 ) ) ;
r - > mechanism = LDAP_AUTH_MECH_SASL ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > creds . SASL . mechanism ) ;
2005-11-05 11:24:10 +00:00
if ( asn1_peek_tag ( data , ASN1_OCTET_STRING ) ) { /* optional */
2006-02-15 15:19:10 +00:00
DATA_BLOB tmp_blob = data_blob ( NULL , 0 ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , msg , & tmp_blob ) ;
2006-02-15 15:19:10 +00:00
r - > creds . SASL . secblob = talloc ( msg , DATA_BLOB ) ;
if ( ! r - > creds . SASL . secblob ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2005-11-05 11:24:10 +00:00
}
2006-02-15 15:19:10 +00:00
* r - > creds . SASL . secblob = data_blob_talloc ( r - > creds . SASL . secblob ,
tmp_blob . data , tmp_blob . length ) ;
data_blob_free ( & tmp_blob ) ;
2005-11-05 11:24:10 +00:00
} else {
2006-02-15 15:19:10 +00:00
r - > creds . SASL . secblob = NULL ;
2004-10-08 12:08:43 +00:00
}
asn1_end_tag ( data ) ;
2006-09-29 04:45:15 +00:00
} else {
/* Neither Simple nor SASL bind */
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2004-08-12 04:55:59 +00:00
}
asn1_end_tag ( data ) ;
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_BindResponse ) : {
struct ldap_BindResponse * r = & msg - > r . BindResponse ;
msg - > type = LDAP_TAG_BindResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , & r - > response ) ;
2004-08-17 11:22:44 +00:00
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 7 ) ) ) {
DATA_BLOB tmp_blob = data_blob ( NULL , 0 ) ;
asn1_read_ContextSimple ( data , 7 , & tmp_blob ) ;
2006-02-15 15:19:10 +00:00
r - > SASL . secblob = talloc ( msg , DATA_BLOB ) ;
if ( ! r - > SASL . secblob ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-02-15 15:19:10 +00:00
}
* r - > SASL . secblob = data_blob_talloc ( r - > SASL . secblob ,
tmp_blob . data , tmp_blob . length ) ;
2004-08-17 11:22:44 +00:00
data_blob_free ( & tmp_blob ) ;
} else {
2006-02-15 15:19:10 +00:00
r - > SASL . secblob = NULL ;
2004-08-17 11:22:44 +00:00
}
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-22 10:42:58 +00:00
case ASN1_APPLICATION_SIMPLE ( LDAP_TAG_UnbindRequest ) : {
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_UnbindRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2004-09-22 10:42:58 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_SearchRequest ) : {
struct ldap_SearchRequest * r = & msg - > r . SearchRequest ;
msg - > type = LDAP_TAG_SearchRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > basedn ) ;
2004-08-12 04:55:59 +00:00
asn1_read_enumerated ( data , ( int * ) & ( r - > scope ) ) ;
asn1_read_enumerated ( data , ( int * ) & ( r - > deref ) ) ;
asn1_read_Integer ( data , & r - > sizelimit ) ;
asn1_read_Integer ( data , & r - > timelimit ) ;
2004-09-01 14:49:43 +00:00
asn1_read_BOOLEAN ( data , & r - > attributesonly ) ;
2004-08-12 04:55:59 +00:00
2005-06-15 00:27:51 +00:00
r - > tree = ldap_decode_filter_tree ( msg , data ) ;
2005-06-13 09:10:17 +00:00
if ( r - > tree = = NULL ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2005-06-13 09:10:17 +00:00
}
2004-08-12 04:55:59 +00:00
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
r - > num_attributes = 0 ;
r - > attributes = NULL ;
2007-03-13 00:59:06 +00:00
while ( asn1_tag_remaining ( data ) > 0 ) {
2004-08-12 04:55:59 +00:00
const char * attr ;
2005-06-15 00:27:51 +00:00
if ( ! asn1_read_OctetString_talloc ( msg , data ,
2004-08-12 04:55:59 +00:00
& attr ) )
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2005-06-15 00:27:51 +00:00
if ( ! add_string_to_array ( msg , attr ,
2004-08-12 04:55:59 +00:00
& r - > attributes ,
& r - > num_attributes ) )
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2004-08-12 04:55:59 +00:00
}
asn1_end_tag ( data ) ;
asn1_end_tag ( data ) ;
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_SearchResultEntry ) : {
struct ldap_SearchResEntry * r = & msg - > r . SearchResultEntry ;
msg - > type = LDAP_TAG_SearchResultEntry ;
r - > attributes = NULL ;
r - > num_attributes = 0 ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
ldap_decode_attribs ( msg , data , & r - > attributes ,
2004-08-12 04:55:59 +00:00
& r - > num_attributes ) ;
asn1_end_tag ( data ) ;
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_SearchResultDone ) : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . SearchResultDone ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_SearchResultDone ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_SearchResultReference ) : {
2004-11-06 20:43:36 +00:00
struct ldap_SearchResRef * r = & msg - > r . SearchResultReference ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_SearchResultReference ;
2004-11-06 20:43:36 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > referral ) ;
2004-11-06 20:43:36 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ModifyRequest ) : {
struct ldap_ModifyRequest * r = & msg - > r . ModifyRequest ;
msg - > type = LDAP_TAG_ModifyRequest ;
asn1_start_tag ( data , ASN1_APPLICATION ( LDAP_TAG_ModifyRequest ) ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
2004-08-12 04:55:59 +00:00
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
r - > num_mods = 0 ;
r - > mods = NULL ;
while ( asn1_tag_remaining ( data ) > 0 ) {
struct ldap_mod mod ;
2004-11-02 11:16:34 +00:00
int v ;
2004-08-12 04:55:59 +00:00
ZERO_STRUCT ( mod ) ;
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2004-11-02 11:16:34 +00:00
asn1_read_enumerated ( data , & v ) ;
mod . type = v ;
2005-06-15 00:27:51 +00:00
ldap_decode_attrib ( msg , data , & mod . attrib ) ;
2004-08-12 04:55:59 +00:00
asn1_end_tag ( data ) ;
2005-06-15 00:27:51 +00:00
if ( ! add_mod_to_array_talloc ( msg , & mod ,
2006-09-29 04:45:15 +00:00
& r - > mods , & r - > num_mods ) ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2004-08-12 04:55:59 +00:00
}
asn1_end_tag ( data ) ;
asn1_end_tag ( data ) ;
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ModifyResponse ) : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . ModifyResponse ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_ModifyResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_AddRequest ) : {
struct ldap_AddRequest * r = & msg - > r . AddRequest ;
msg - > type = LDAP_TAG_AddRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
2004-08-12 04:55:59 +00:00
r - > attributes = NULL ;
r - > num_attributes = 0 ;
2005-06-15 00:27:51 +00:00
ldap_decode_attribs ( msg , data , & r - > attributes ,
2004-08-12 04:55:59 +00:00
& r - > num_attributes ) ;
asn1_end_tag ( data ) ;
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_AddResponse ) : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . AddResponse ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_AddResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-27 15:40:12 +00:00
case ASN1_APPLICATION_SIMPLE ( LDAP_TAG_DelRequest ) : {
struct ldap_DelRequest * r = & msg - > r . DelRequest ;
2004-08-12 04:55:59 +00:00
int len ;
char * dn ;
2004-09-27 15:40:12 +00:00
msg - > type = LDAP_TAG_DelRequest ;
2004-08-12 04:55:59 +00:00
asn1_start_tag ( data ,
2004-09-27 15:40:12 +00:00
ASN1_APPLICATION_SIMPLE ( LDAP_TAG_DelRequest ) ) ;
2004-08-12 04:55:59 +00:00
len = asn1_tag_remaining ( data ) ;
2006-09-29 04:45:15 +00:00
if ( len = = - 1 ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2007-09-07 15:08:14 +00:00
dn = talloc_array ( msg , char , len + 1 ) ;
2004-08-12 04:55:59 +00:00
if ( dn = = NULL )
break ;
asn1_read ( data , dn , len ) ;
dn [ len ] = ' \0 ' ;
r - > dn = dn ;
asn1_end_tag ( data ) ;
break ;
}
2004-09-27 15:40:12 +00:00
case ASN1_APPLICATION ( LDAP_TAG_DelResponse ) : {
struct ldap_Result * r = & msg - > r . DelResponse ;
msg - > type = LDAP_TAG_DelResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ModifyDNRequest ) : {
2004-08-17 11:22:44 +00:00
struct ldap_ModifyDNRequest * r = & msg - > r . ModifyDNRequest ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_ModifyDNRequest ;
2004-08-17 11:22:44 +00:00
asn1_start_tag ( data ,
ASN1_APPLICATION ( LDAP_TAG_ModifyDNRequest ) ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
asn1_read_OctetString_talloc ( msg , data , & r - > newrdn ) ;
2004-09-01 14:49:43 +00:00
asn1_read_BOOLEAN ( data , & r - > deleteolddn ) ;
2004-08-17 11:22:44 +00:00
r - > newsuperior = NULL ;
if ( asn1_tag_remaining ( data ) > 0 ) {
int len ;
char * newsup ;
asn1_start_tag ( data , ASN1_CONTEXT_SIMPLE ( 0 ) ) ;
len = asn1_tag_remaining ( data ) ;
2006-09-29 04:45:15 +00:00
if ( len = = - 1 ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2007-09-07 15:08:14 +00:00
newsup = talloc_array ( msg , char , len + 1 ) ;
2006-09-29 04:45:15 +00:00
if ( newsup = = NULL ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-09-29 04:45:15 +00:00
}
2004-08-17 11:22:44 +00:00
asn1_read ( data , newsup , len ) ;
newsup [ len ] = ' \0 ' ;
r - > newsuperior = newsup ;
asn1_end_tag ( data ) ;
}
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ModifyDNResponse ) : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . ModifyDNResponse ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_ModifyDNResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_CompareRequest ) : {
2004-09-29 12:18:06 +00:00
struct ldap_CompareRequest * r = & msg - > r . CompareRequest ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_CompareRequest ;
2004-09-29 12:18:06 +00:00
asn1_start_tag ( data ,
ASN1_APPLICATION ( LDAP_TAG_CompareRequest ) ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > dn ) ;
2004-09-29 12:18:06 +00:00
asn1_start_tag ( data , ASN1_SEQUENCE ( 0 ) ) ;
2005-06-15 00:27:51 +00:00
asn1_read_OctetString_talloc ( msg , data , & r - > attribute ) ;
2007-05-21 06:12:06 +00:00
asn1_read_OctetString ( data , msg , & r - > value ) ;
2004-09-29 12:18:06 +00:00
if ( r - > value . data ) {
2005-06-15 00:27:51 +00:00
talloc_steal ( msg , r - > value . data ) ;
2004-09-29 12:18:06 +00:00
}
asn1_end_tag ( data ) ;
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_CompareResponse ) : {
2004-08-12 06:37:12 +00:00
struct ldap_Result * r = & msg - > r . CompareResponse ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_CompareResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , r ) ;
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-29 13:06:26 +00:00
case ASN1_APPLICATION_SIMPLE ( LDAP_TAG_AbandonRequest ) : {
struct ldap_AbandonRequest * r = & msg - > r . AbandonRequest ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_AbandonRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2004-09-29 13:06:26 +00:00
asn1_read_implicit_Integer ( data , & r - > messageid ) ;
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ExtendedRequest ) : {
2004-09-22 10:42:58 +00:00
struct ldap_ExtendedRequest * r = & msg - > r . ExtendedRequest ;
DATA_BLOB tmp_blob = data_blob ( NULL , 0 ) ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_ExtendedRequest ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2004-09-22 10:42:58 +00:00
if ( ! asn1_read_ContextSimple ( data , 0 , & tmp_blob ) ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2004-09-22 10:42:58 +00:00
}
2005-06-15 00:27:51 +00:00
r - > oid = blob2string_talloc ( msg , tmp_blob ) ;
2004-09-22 10:42:58 +00:00
data_blob_free ( & tmp_blob ) ;
if ( ! r - > oid ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2004-09-22 10:42:58 +00:00
}
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 1 ) ) ) {
asn1_read_ContextSimple ( data , 1 , & tmp_blob ) ;
2006-02-15 15:19:10 +00:00
r - > value = talloc ( msg , DATA_BLOB ) ;
if ( ! r - > value ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-02-15 15:19:10 +00:00
}
* r - > value = data_blob_talloc ( r - > value , tmp_blob . data , tmp_blob . length ) ;
2004-09-22 10:42:58 +00:00
data_blob_free ( & tmp_blob ) ;
} else {
2006-02-15 15:19:10 +00:00
r - > value = NULL ;
2004-09-22 10:42:58 +00:00
}
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
case ASN1_APPLICATION ( LDAP_TAG_ExtendedResponse ) : {
struct ldap_ExtendedResponse * r = & msg - > r . ExtendedResponse ;
2006-02-15 15:19:10 +00:00
DATA_BLOB tmp_blob = data_blob ( NULL , 0 ) ;
2004-08-12 04:55:59 +00:00
msg - > type = LDAP_TAG_ExtendedResponse ;
2004-10-08 12:08:43 +00:00
asn1_start_tag ( data , tag ) ;
2005-06-15 00:27:51 +00:00
ldap_decode_response ( msg , data , & r - > response ) ;
2006-02-15 15:19:10 +00:00
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 10 ) ) ) {
asn1_read_ContextSimple ( data , 1 , & tmp_blob ) ;
r - > oid = blob2string_talloc ( msg , tmp_blob ) ;
data_blob_free ( & tmp_blob ) ;
if ( ! r - > oid ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-02-15 15:19:10 +00:00
}
} else {
r - > oid = NULL ;
}
if ( asn1_peek_tag ( data , ASN1_CONTEXT_SIMPLE ( 11 ) ) ) {
asn1_read_ContextSimple ( data , 1 , & tmp_blob ) ;
r - > value = talloc ( msg , DATA_BLOB ) ;
if ( ! r - > value ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2006-02-15 15:19:10 +00:00
}
* r - > value = data_blob_talloc ( r - > value , tmp_blob . data , tmp_blob . length ) ;
data_blob_free ( & tmp_blob ) ;
} else {
r - > value = NULL ;
}
2004-10-08 12:08:43 +00:00
asn1_end_tag ( data ) ;
2004-08-12 04:55:59 +00:00
break ;
}
2004-09-22 10:42:58 +00:00
default :
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
2004-08-12 04:55:59 +00:00
}
2004-10-09 23:59:12 +00:00
msg - > controls = NULL ;
if ( asn1_peek_tag ( data , ASN1_CONTEXT ( 0 ) ) ) {
2007-03-13 00:59:06 +00:00
int i = 0 ;
2006-02-22 01:31:35 +00:00
struct ldb_control * * ctrl = NULL ;
2004-10-09 23:59:12 +00:00
asn1_start_tag ( data , ASN1_CONTEXT ( 0 ) ) ;
2007-03-13 00:59:06 +00:00
while ( asn1_peek_tag ( data , ASN1_SEQUENCE ( 0 ) ) ) {
DATA_BLOB value ;
2006-01-13 22:48:08 +00:00
/* asn1_start_tag(data, ASN1_SEQUENCE(0)); */
2004-10-09 23:59:12 +00:00
2006-02-22 01:31:35 +00:00
ctrl = talloc_realloc ( msg , ctrl , struct ldb_control * , i + 2 ) ;
2004-10-09 23:59:12 +00:00
if ( ! ctrl ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2004-10-09 23:59:12 +00:00
}
2006-02-22 01:31:35 +00:00
ctrl [ i ] = talloc ( ctrl , struct ldb_control ) ;
2006-01-06 04:01:23 +00:00
if ( ! ctrl [ i ] ) {
2007-03-13 00:59:06 +00:00
return NT_STATUS_LDAP ( LDAP_OPERATIONS_ERROR ) ;
2004-10-09 23:59:12 +00:00
}
2007-03-13 00:59:06 +00:00
if ( ! ldap_decode_control_wrapper ( ctrl , data , ctrl [ i ] , & value ) ) {
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
}
if ( ! ldap_decode_control_value ( ctrl , value , ctrl [ i ] ) ) {
if ( ctrl [ i ] - > critical ) {
return NT_STATUS_LDAP ( LDAP_UNAVAILABLE_CRITICAL_EXTENSION ) ;
} else {
talloc_free ( ctrl [ i ] ) ;
ctrl [ i ] = NULL ;
}
} else {
i + + ;
2004-10-09 23:59:12 +00:00
}
}
2006-01-06 04:01:23 +00:00
2006-03-15 05:30:39 +00:00
if ( ctrl ! = NULL ) {
ctrl [ i ] = NULL ;
}
2006-01-06 04:01:23 +00:00
2004-10-09 23:59:12 +00:00
msg - > controls = ctrl ;
asn1_end_tag ( data ) ;
}
2004-08-12 04:55:59 +00:00
asn1_end_tag ( data ) ;
2007-03-13 00:59:06 +00:00
if ( ( data - > has_error ) | | ( data - > nesting ! = NULL ) ) {
return NT_STATUS_LDAP ( LDAP_PROTOCOL_ERROR ) ;
}
return NT_STATUS_OK ;
2004-08-12 04:55:59 +00:00
}
2005-05-10 01:57:47 +00:00
2005-11-10 00:28:02 +00:00
/*
return NT_STATUS_OK if a blob has enough bytes in it to be a full
ldap packet . Set packet_size if true .
*/
2006-02-22 01:31:35 +00:00
NTSTATUS ldap_full_packet ( void * private_data , DATA_BLOB blob , size_t * packet_size )
2005-11-10 00:28:02 +00:00
{
return asn1_full_tag ( blob , ASN1_SEQUENCE ( 0 ) , packet_size ) ;
}