sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

ldb: added a new always-fail ldap extended match OID

Browse Source 
this is used when rewriting filter rules to replace a filter rule with
one that is guaranteed not to match

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Tridgell 2011-08-02 17:16:44 +10:00
parent e07ca09a7b
commit 849d042dd8
3 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/ldb/common/ldb_match.c
View File

@ -380,6 +380,16 @@ static int ldb_comparator_bitmask(const char *oid, const struct ldb_val *v1, con
return LDB_SUCCESS; return LDB_SUCCESS;
} }
/*
always return false
*/
static int ldb_comparator_false(const char *oid, const struct ldb_val *v1, const struct ldb_val *v2,
bool *matched)
{
*matched = false;
return LDB_SUCCESS;
}
/* /*
extended match, handles things like bitops extended match, handles things like bitops
@ -395,7 +405,8 @@ static int ldb_match_extended(struct ldb_context *ldb,
int (*comparator)(const char *, const struct ldb_val *, const struct ldb_val *, bool *); int (*comparator)(const char *, const struct ldb_val *, const struct ldb_val *, bool *);
} rules[] = { } rules[] = {
{ LDB_OID_COMPARATOR_AND, ldb_comparator_bitmask}, { LDB_OID_COMPARATOR_AND, ldb_comparator_bitmask},
{ LDB_OID_COMPARATOR_OR, ldb_comparator_bitmask} { LDB_OID_COMPARATOR_OR, ldb_comparator_bitmask},
{ SAMBA_LDAP_MATCH_ALWAYS_FALSE, ldb_comparator_false}
}; };
int (*comp)(const char *,const struct ldb_val *, const struct ldb_val *, bool *) = NULL; int (*comp)(const char *,const struct ldb_val *, const struct ldb_val *, bool *) = NULL;
struct ldb_message_element *el; struct ldb_message_element *el;

2
lib/ldb/include/ldb_module.h
View File

@ -52,6 +52,8 @@ struct ldb_module;
/* force single value checking on this attribute */ /* force single value checking on this attribute */
#define LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK 0x80 #define LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK 0x80
/* an extended match rule that always fails to match */
#define SAMBA_LDAP_MATCH_ALWAYS_FALSE "1.3.6.1.4.1.7165.4.5.1"
/* /*
these function pointers define the operations that a ldb module can intercept these function pointers define the operations that a ldb module can intercept

8
source4/setup/schema_samba4.ldif
View File

@ -12,6 +12,8 @@
## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations ## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations
### see dsdb/samdb/samdb.h ### see dsdb/samdb/samdb.h
## 1.3.6.1.4.1.7165.4.5.x - ldap extended matches
## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track ## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track
# #
# #
@ -197,6 +199,12 @@
#Allocated: DSDB_EXTENDED_CREATE_PARTITION_OID 1.3.6.1.4.1.7165.4.4.4 #Allocated: DSDB_EXTENDED_CREATE_PARTITION_OID 1.3.6.1.4.1.7165.4.4.4
#Allocated: DSDB_EXTENDED_ALLOCATE_RID_POOL 1.3.6.1.4.1.7165.4.4.5 #Allocated: DSDB_EXTENDED_ALLOCATE_RID_POOL 1.3.6.1.4.1.7165.4.4.5
############
# ldap extended matches
#Allocated: SAMBA_LDAP_MATCH_ALWAYS_FALSE 1.3.6.1.4.1.7165.4.5.1
#Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1 #Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1
#Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2 #Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2