1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-15 23:24:37 +03:00

r19743: merge from samba3:

remove old unused schema module

metze
This commit is contained in:
Stefan Metzmacher 2006-11-16 11:15:02 +00:00 committed by Gerald (Jerry) Carter
parent 4edeef56dc
commit 3c16951b0d
4 changed files with 1 additions and 500 deletions

View File

@ -37,7 +37,7 @@ COMMON_OBJ=$(COMDIR)/ldb.o $(COMDIR)/ldb_ldif.o \
$(COMDIR)/attrib_handlers.o $(COMDIR)/ldb_controls.o $(COMDIR)/qsort.o
MODDIR=modules
MODULES_OBJ=$(MODDIR)/operational.o $(MODDIR)/schema.o $(MODDIR)/rdn_name.o \
MODULES_OBJ=$(MODDIR)/operational.o $(MODDIR)/rdn_name.o \
$(MODDIR)/objectclass.o \
$(MODDIR)/paged_results.o $(MODDIR)/sort.o $(MODDIR)/asq.o

View File

@ -154,7 +154,6 @@ static const struct ldb_module_ops *ldb_find_module_ops(const char *name)
LDAP_INIT \
SQLITE3_INIT \
ldb_tdb_init, \
ldb_schema_init, \
ldb_operational_init, \
ldb_rdn_name_init, \
ldb_objectclass_init, \

View File

@ -75,16 +75,6 @@ OBJ_FILES = \
# End MODULE ldb_rdn_name
################################################
# ################################################
# # Start MODULE ldb_schema
# [MODULE::ldb_schema]
# INIT_FUNCTION = ldb_schema_init
# SUBSYSTEM = ldb
# OBJ_FILES = \
# modules/schema.o
# # End MODULE ldb_schema
# ################################################
################################################
# Start MODULE ldb_ildap
[MODULE::ldb_ildap]

View File

@ -1,488 +0,0 @@
/*
ldb database library
Copyright (C) Simo Sorce 2004-2005
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
** under the LGPL
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* Name: ldb
*
* Component: ldb schema module
*
* Description: add schema check functionality
*
* Author: Simo Sorce
*/
#include "includes.h"
#include "ldb/include/includes.h"
#define SCHEMA_FLAG_RESET 0
#define SCHEMA_FLAG_MOD_MASK 0x003
#define SCHEMA_FLAG_MOD_ADD 0x001
#define SCHEMA_FLAG_MOD_REPLACE 0x002
#define SCHEMA_FLAG_MOD_DELETE 0x003
#define SCHEMA_FLAG_AUXILIARY 0x010
#define SCHEMA_FLAG_ABSTRACT 0x020
#define SCHEMA_FLAG_STRUCTURAL 0x040
#define SCHEMA_FLAG_CHECKED 0x100
/* TODO: check attributes syntaxes
check there's only one structrual class (or a chain of structural classes)
*/
struct schema_attribute {
int flags;
char *name;
};
struct schema_attribute_list {
struct schema_attribute *attr;
int num;
};
struct schema_structures {
struct schema_attribute_list entry_attrs;
struct schema_attribute_list objectclasses;
struct schema_attribute_list required_attrs;
struct schema_attribute_list optional_attrs;
};
static struct schema_attribute *schema_find_attribute(struct schema_attribute_list *list, const char *attr_name)
{
unsigned int i;
for (i = 0; i < list->num; i++) {
if (ldb_attr_cmp(list->attr[i].name, attr_name) == 0) {
return &(list->attr[i]);
}
}
return NULL;
}
/* get all the attributes and objectclasses found in msg and put them in schema_structure
attributes go in the entry_attrs structure for later checking
objectclasses go in the objectclasses structure */
static int get_msg_attributes(struct schema_structures *ss, const struct ldb_message *msg, int flag_mask)
{
int i, j, anum, cnum;
ss->entry_attrs.attr = talloc_realloc(ss, ss->entry_attrs.attr,
struct schema_attribute,
ss->entry_attrs.num + msg->num_elements);
if (ss->entry_attrs.attr == NULL) {
return -1;
}
for (i = 0, anum = ss->entry_attrs.num; i < msg->num_elements; i++) {
if (ldb_attr_cmp(msg->elements[i].name, "objectclass") == 0) {
ss->objectclasses.attr = talloc_realloc(ss, ss->objectclasses.attr,
struct schema_attribute,
ss->objectclasses.num + msg->elements[i].num_values);
if (ss->objectclasses.attr == NULL) {
return -1;
}
for (j = 0, cnum = ss->objectclasses.num; j < msg->elements[i].num_values; j++) {
ss->objectclasses.attr[cnum+j].name = (char *)msg->elements[i].values[j].data;
ss->objectclasses.attr[cnum+j].flags = msg->elements[i].flags & flag_mask;
}
ss->objectclasses.num += msg->elements[i].num_values;
}
/* TODO: Check for proper attribute Syntax ! */
ss->entry_attrs.attr[anum+i].flags = msg->elements[i].flags & flag_mask;
ss->entry_attrs.attr[anum+i].name = talloc_reference(ss->entry_attrs.attr,
msg->elements[i].name);
if (ss->entry_attrs.attr[anum+i].name == NULL) {
return -1;
}
}
ss->entry_attrs.num += msg->num_elements;
return 0;
}
static int get_entry_attributes(struct ldb_context *ldb, const struct ldb_dn *dn, struct schema_structures *ss)
{
struct ldb_result *srch;
int ret;
ret = ldb_search(ldb, dn, LDB_SCOPE_BASE, NULL, NULL, &srch);
if (ret != 1) {
return ret;
}
talloc_steal(ss, srch);
/* set flags to 0 as flags on search have undefined values */
ret = get_msg_attributes(ss, *(srch->msgs), 0);
if (ret != 0) {
talloc_free(srch);
return ret;
}
return 0;
}
/* add all attributes in el avoiding duplicates in schema_attribute_list */
static int add_attribute_uniq(void *mem_ctx, struct schema_attribute_list *list, int flags, struct ldb_message_element *el)
{
int i, j, vals;
vals = el->num_values;
list->attr = talloc_realloc(mem_ctx, list->attr, struct schema_attribute, list->num + vals);
if (list->attr == NULL) {
return -1;
}
for (i = 0, j = 0; i < vals; i++) {
int c, found, len;
found = 0;
for (c = 0; c < list->num; c++) {
len = strlen(list->attr[c].name);
if (len == el->values[i].length) {
if (ldb_attr_cmp(list->attr[c].name,
(char *)el->values[i].data) == 0) {
found = 1;
break;
}
}
}
if (!found) {
list->attr[j + list->num].name = (char *)el->values[i].data;
list->attr[j + list->num].flags = flags;
j++;
}
}
list->num += j;
return 0;
}
/* we need to get all attributes referenced by the entry objectclasses,
recursively get parent objectlasses attributes */
static int get_attr_list_recursive(struct ldb_module *module, struct schema_structures *schema_struct)
{
struct ldb_result *srch;
int i, j;
int ret;
for (i = 0; i < schema_struct->objectclasses.num; i++) {
char *filter;
if ((schema_struct->objectclasses.attr[i].flags & SCHEMA_FLAG_MOD_MASK) == SCHEMA_FLAG_MOD_DELETE) {
continue;
}
filter = talloc_asprintf(schema_struct, "lDAPDisplayName=%s", schema_struct->objectclasses.attr[i].name);
if (filter == NULL) {
return -1;
}
ret = ldb_search(module->ldb, NULL, LDB_SCOPE_SUBTREE, filter, NULL, &srch);
if (ret != 1) {
return ret;
}
talloc_steal(schema_struct, srch);
if (ret <= 0) {
/* Schema DB Error: Error occurred retrieving
Object Class Description */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"Error retrieving Objectclass %s.\n",
schema_struct->objectclasses.attr[i].name);
return -1;
}
if (ret > 1) {
/* Schema DB Error: Too Many Records */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"Too many records found retrieving Objectclass %s.\n",
schema_struct->objectclasses.attr[i].name);
return -1;
}
/* Add inherited classes eliminating duplicates */
/* fill in required_attrs and optional_attrs attribute lists */
for (j = 0; j < srch->msgs[0]->num_elements; j++) {
int is_aux, is_class;
is_aux = 0;
is_class = 0;
if (ldb_attr_cmp(srch->msgs[0]->elements[j].name, "systemAuxiliaryclass") == 0) {
is_aux = SCHEMA_FLAG_AUXILIARY;
is_class = 1;
}
if (ldb_attr_cmp(srch->msgs[0]->elements[j].name, "auxiliaryClass") == 0) {
is_aux = SCHEMA_FLAG_AUXILIARY;
is_class = 1;
}
if (ldb_attr_cmp(srch->msgs[0]->elements[j].name, "subClassOf") == 0) {
is_class = 1;
}
if (is_class) {
if (add_attribute_uniq(schema_struct,
&schema_struct->objectclasses,
is_aux,
&srch->msgs[0]->elements[j]) != 0) {
return -1;
}
} else {
if (ldb_attr_cmp(srch->msgs[0]->elements[j].name, "mustContain") == 0 ||
ldb_attr_cmp(srch->msgs[0]->elements[j].name, "SystemMustContain") == 0) {
if (add_attribute_uniq(schema_struct,
&schema_struct->required_attrs,
SCHEMA_FLAG_RESET,
&srch->msgs[0]->elements[j]) != 0) {
return -1;
}
}
if (ldb_attr_cmp(srch->msgs[0]->elements[j].name, "mayContain") == 0 ||
ldb_attr_cmp(srch->msgs[0]->elements[j].name, "SystemMayContain") == 0) {
if (add_attribute_uniq(schema_struct,
&schema_struct->optional_attrs,
SCHEMA_FLAG_RESET,
&srch->msgs[0]->elements[j]) != 0) {
return -1;
}
}
}
}
}
return 0;
}
/* add_record */
static int schema_add(struct ldb_module *module, struct ldb_request *req)
{
const struct ldb_message *msg = req->op.add.message;
struct schema_structures *entry_structs;
unsigned int i;
int ret;
/* First implementation:
Build up a list of required_attrs and optional_attrs attributes from each objectclass
Check all the required_attrs attributes are present and all the other attributes
are optional_attrs attributes
Throw an error in case a check fail
Free all structures and commit the change
*/
/* do not check on our control entries */
if (ldb_dn_is_special(msg->dn)) {
return ldb_next_request(module, req);
}
/* TODO: check parent exists */
entry_structs = talloc_zero(module, struct schema_structures);
if (!entry_structs) {
return -1;
}
ret = get_msg_attributes(entry_structs, msg, SCHEMA_FLAG_MOD_MASK);
if (ret != 0) {
talloc_free(entry_structs);
return ret;
}
ret = get_attr_list_recursive(module, entry_structs);
if (ret != 0) {
talloc_free(entry_structs);
return ret;
}
/* now check all required_attrs attributes are present */
for (i = 0; i < entry_structs->required_attrs.num; i++) {
struct schema_attribute *attr;
attr = schema_find_attribute(&entry_structs->entry_attrs,
entry_structs->required_attrs.attr[i].name);
if (attr == NULL) { /* not found */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"The required_attrs attribute %s is missing.\n",
entry_structs->required_attrs.attr[i].name);
talloc_free(entry_structs);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
/* mark the attribute as checked */
attr->flags = SCHEMA_FLAG_CHECKED;
}
/* now check all others atribs are at least optional_attrs */
for (i = 0; i < entry_structs->entry_attrs.num; i++) {
if (entry_structs->entry_attrs.attr[i].flags != SCHEMA_FLAG_CHECKED) {
struct schema_attribute *attr;
attr = schema_find_attribute(&entry_structs->optional_attrs,
entry_structs->entry_attrs.attr[i].name);
if (attr == NULL) { /* not found */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"The attribute %s is not referenced by any objectclass.\n",
entry_structs->entry_attrs.attr[i].name);
talloc_free(entry_structs);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
}
}
talloc_free(entry_structs);
return ldb_next_request(module, req);
}
/* modify_record */
static int schema_modify(struct ldb_module *module, struct ldb_request *req)
{
const struct ldb_message *msg = req->op.mod.message;
struct schema_structures *entry_structs;
unsigned int i;
int ret;
/* First implementation:
Retrieve the ldap entry and get the objectclasses,
add msg contained objectclasses if any.
Build up a list of required_attrs and optional_attrs attributes from each objectclass
Check all the attributes are optional_attrs or required_attrs.
Throw an error in case a check fail.
Free all structures and commit the change.
*/
/* do not check on our control entries */
if (ldb_dn_is_special(msg->dn)) {
return ldb_next_request(module, req);
}
/* allocate object structs */
entry_structs = talloc_zero(module, struct schema_structures);
if (!entry_structs) {
return -1;
}
/* now search for the stored entry objectclasses and attributes*/
ret = get_entry_attributes(module->ldb, msg->dn, entry_structs);
if (ret != 0) {
talloc_free(entry_structs);
return ret;
}
/* get list of values to modify */
ret = get_msg_attributes(entry_structs, msg, SCHEMA_FLAG_MOD_MASK);
if (ret != 0) {
talloc_free(entry_structs);
return ret;
}
ret = get_attr_list_recursive(module, entry_structs);
if (ret != 0) {
talloc_free(entry_structs);
return ret;
}
/* now check all required_attrs attributes are present */
for (i = 0; i < entry_structs->required_attrs.num; i++) {
struct schema_attribute *attr;
attr = schema_find_attribute(&entry_structs->entry_attrs,
entry_structs->required_attrs.attr[i].name);
if (attr == NULL) { /* not found */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"The required_attrs attribute %s is missing.\n",
entry_structs->required_attrs.attr[i].name);
talloc_free(entry_structs);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
/* check we are not trying to delete a required attribute */
/* TODO: consider multivalued attrs */
if ((attr->flags & SCHEMA_FLAG_MOD_DELETE) != 0) {
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"Trying to delete the required attribute %s.\n",
attr->name);
talloc_free(entry_structs);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
/* mark the attribute as checked */
attr->flags = SCHEMA_FLAG_CHECKED;
}
/* now check all others atribs are at least optional_attrs */
for (i = 0; i < entry_structs->entry_attrs.num; i++) {
if (entry_structs->entry_attrs.attr[i].flags != SCHEMA_FLAG_CHECKED) {
struct schema_attribute *attr;
attr = schema_find_attribute(&entry_structs->optional_attrs,
entry_structs->entry_attrs.attr[i].name);
if (attr == NULL) { /* not found */
ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
"The attribute %s is not referenced by any objectclass.\n",
entry_structs->entry_attrs.attr[i].name);
talloc_free(entry_structs);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
}
}
talloc_free(entry_structs);
return ldb_next_request(module, req);
}
static int schema_request(struct ldb_module *module, struct ldb_request *req)
{
switch (req->operation) {
case LDB_ADD:
return schema_add(module, req);
case LDB_MODIFY:
return schema_modify(module, req);
default:
return ldb_next_request(module, req);
}
}
static const struct ldb_module_ops schema_ops = {
.name = "schema",
.request = schema_request
};
int ldb_schema_init(void)
{
return ldb_register_module(&schema_ops);
}