Allow the 'extra' objectclass added to objectClass attributes by

ldb_map to be modified (or omitted).

This should allow the current abuse of extensibleObject to be replaced
by a normal objectClass, possibly samba4TOP

Andrew Bartlett
(This used to be commit 8831a5c793)

source4/dsdb/samdb/ldb_modules/samba3sam.c

@@ -918,7 +918,7 @@ static int samba3sam_init(struct ldb_module *module)
 {
 	int ret;
 
-	ret = ldb_map_init(module, samba3_attributes, samba3_objectclasses, NULL, "samba3sam");
+	ret = ldb_map_init(module, samba3_attributes, samba3_objectclasses, NULL, NULL, "samba3sam");
 	if (ret != LDB_SUCCESS)
 		return ret;
 

source4/dsdb/samdb/ldb_modules/simple_ldap_map.c

@@ -667,7 +667,7 @@ static int entryuuid_init(struct ldb_module *module)
 	struct map_private *map_private;
 	struct entryuuid_private *entryuuid_private;
 
-	ret = ldb_map_init(module, entryuuid_attributes, entryuuid_objectclasses, entryuuid_wildcard_attributes, NULL);
+	ret = ldb_map_init(module, entryuuid_attributes, entryuuid_objectclasses, entryuuid_wildcard_attributes, "extensibleObject", NULL);
         if (ret != LDB_SUCCESS)
                 return ret;
 
@@ -688,7 +688,7 @@ static int nsuniqueid_init(struct ldb_module *module)
 	struct map_private *map_private;
 	struct entryuuid_private *entryuuid_private;
 
-	ret = ldb_map_init(module, nsuniqueid_attributes, NULL, nsuniqueid_wildcard_attributes, NULL);
+	ret = ldb_map_init(module, nsuniqueid_attributes, NULL, nsuniqueid_wildcard_attributes, "extensibleObject", NULL);
         if (ret != LDB_SUCCESS)
                 return ret;
 

source4/lib/ldb/ldb_map/ldb_map.c

@@ -737,6 +737,7 @@ static struct ldb_val map_objectclass_convert_local(struct ldb_module *module, v
 /* Generate a remote message with a mapped objectClass. */
 static void map_objectclass_generate_remote(struct ldb_module *module, const char *local_attr, const struct ldb_message *old, struct ldb_message *remote, struct ldb_message *local)
 {
+	const struct ldb_map_context *data = map_get_context(module);
 	struct ldb_message_element *el, *oc;
 	struct ldb_val val;
 	bool found_extensibleObject = false;
@@ -770,16 +771,16 @@ static void map_objectclass_generate_remote(struct ldb_module *module, const cha
 	/* Convert all local objectClasses */
 	for (i = 0; i < el->num_values - 1; i++) {
 		el->values[i] = map_objectclass_convert_local(module, el->values, &oc->values[i]);
-		if (ldb_attr_cmp((char *)el->values[i].data, "extensibleObject") == 0) {
+		if (ldb_attr_cmp((char *)el->values[i].data, data->add_objectclass) == 0) {
 			found_extensibleObject = true;
 		}
 	}
 
 	if (!found_extensibleObject) {
-		val.data = (uint8_t *)talloc_strdup(el->values, "extensibleObject");
+		val.data = (uint8_t *)talloc_strdup(el->values, data->add_objectclass);
 		val.length = strlen((char *)val.data);
 
-		/* Append additional objectClass "extensibleObject" */
+		/* Append additional objectClass data->add_objectclass */
 		el->values[i] = val;
 	} else {
 		el->num_values--;
@@ -860,6 +861,19 @@ static struct ldb_message_element *map_objectclass_generate_local(struct ldb_mod
 	return el;
 }
 
+static const struct ldb_map_attribute objectclass_convert_map = {
+	.local_name = "objectClass",
+	.type = MAP_CONVERT,
+	.u = {
+		.convert = {
+			.remote_name = "objectClass",
+			.convert_local = map_objectclass_convert_local,
+			.convert_remote = map_objectclass_convert_remote,
+		},
+	},
+};
+
+
 /* Mappings for searches on objectClass= assuming a one-to-one
  * mapping.  Needed because this is a generate operator for the
  * add/modify code */
@@ -867,19 +881,7 @@ static int map_objectclass_convert_operator(struct ldb_module *module, void *mem
 					    struct ldb_parse_tree **new, const struct ldb_parse_tree *tree) 
 {
 	
-	static const struct ldb_map_attribute objectclass_map = {
-		.local_name = "objectClass",
-		.type = MAP_CONVERT,
-		.u = {
-			.convert = {
-				 .remote_name = "objectClass",
-				 .convert_local = map_objectclass_convert_local,
-				 .convert_remote = map_objectclass_convert_remote,
-			 },
-		},
-	};
-
-	return map_subtree_collect_remote_simple(module, mem_ctx, new, tree, &objectclass_map);
+	return map_subtree_collect_remote_simple(module, mem_ctx, new, tree, &objectclass_convert_map);
 }
 
 /* Auxiliary request construction
@@ -1221,23 +1223,25 @@ static const struct ldb_map_attribute builtin_attribute_maps[] = {
 			 },
 		},
 	},
-	{
-		.local_name = "objectClass",
-		.type = MAP_GENERATE,
-		.convert_operator = map_objectclass_convert_operator,
-		.u = {
-			.generate = {
-				 .remote_names = { "objectClass", NULL },
-				 .generate_local = map_objectclass_generate_local,
-				 .generate_remote = map_objectclass_generate_remote,
-			 },
-		},
-	},
 	{
 		.local_name = NULL,
 	}
 };
 
+static const struct ldb_map_attribute objectclass_attribute_map	= {
+	.local_name = "objectClass",
+	.type = MAP_GENERATE,
+	.convert_operator = map_objectclass_convert_operator,
+	.u = {
+		.generate = {
+			.remote_names = { "objectClass", NULL },
+			.generate_local = map_objectclass_generate_local,
+			.generate_remote = map_objectclass_generate_remote,
+		},
+	},
+};
+
+
 /* Find the special 'MAP_DN_NAME' record and store local and remote
  * base DNs in private data. */
 static int map_init_dns(struct ldb_module *module, struct ldb_map_context *data, const char *name)
@@ -1302,7 +1306,7 @@ static int map_init_maps(struct ldb_module *module, struct ldb_map_context *data
 	for (j = 0; builtin_attribute_maps[j].local_name; j++) /* noop */ ;
 
 	/* Store list of attribute maps */
-	data->attribute_maps = talloc_array(data, struct ldb_map_attribute, i+j+1);
+	data->attribute_maps = talloc_array(data, struct ldb_map_attribute, i+j+2);
 	if (data->attribute_maps == NULL) {
 		map_oom(module);
 		return LDB_ERR_OPERATIONS_ERROR;
@@ -1320,6 +1324,15 @@ static int map_init_maps(struct ldb_module *module, struct ldb_map_context *data
 		last++;
 	}
 
+	if (data->add_objectclass) {
+		/* ObjectClass one is very last, if required */
+		data->attribute_maps[last] = objectclass_attribute_map;
+		last++;
+	} else if (ocls) {
+		data->attribute_maps[last] = objectclass_convert_map;
+		last++;
+	}
+
 	/* Ensure 'local_name == NULL' for the last entry */
 	memset(&data->attribute_maps[last], 0, sizeof(struct ldb_map_attribute));
 
@@ -1339,9 +1352,10 @@ _PUBLIC_ struct ldb_module_ops ldb_map_get_ops(void)
 
 /* Initialize global private data. */
 _PUBLIC_ int ldb_map_init(struct ldb_module *module, const struct ldb_map_attribute *attrs, 
-		 const struct ldb_map_objectclass *ocls,
-		 const char * const *wildcard_attributes,
-		 const char *name)
+			  const struct ldb_map_objectclass *ocls,
+			  const char * const *wildcard_attributes,
+			  const char *add_objectclass,
+			  const char *name)
 {
 	struct map_private *data;
 	int ret;
@@ -1368,6 +1382,8 @@ _PUBLIC_ int ldb_map_init(struct ldb_module *module, const struct ldb_map_attrib
 		return ret;
 	}
 
+	data->context->add_objectclass = add_objectclass;
+
 	/* Store list of attribute and objectClass maps */
 	ret = map_init_maps(module, data->context, attrs, ocls, wildcard_attributes);
 	if (ret != LDB_SUCCESS) {

source4/lib/ldb/ldb_map/ldb_map.h

@@ -134,6 +134,9 @@ struct ldb_map_context {
 	 * to any wildcard search */
 	const char * const *wildcard_attributes;
 
+	/* ObjectClass (if any) to be added to remote attributes on add */
+	const char *add_objectclass;
+
 	/* struct ldb_context *mapped_ldb; */
 	struct ldb_dn *local_base_dn;
 	struct ldb_dn *remote_base_dn;
@@ -149,6 +152,7 @@ struct map_private {
 int ldb_map_init(struct ldb_module *module, const struct ldb_map_attribute *attrs, 
 		 const struct ldb_map_objectclass *ocls,
 		 const char * const *wildcard_attributes,
+		 const char *add_objectclass,
 		 const char *name);
 
 /* get copy of map_ops */