mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
r7582: Better way to have a fast path searching for a specific DN.
Old way was ugly and had a bug, you couldn't add an attribute named
dn or distinguishedName and search for it, tdb would change that search in a dn search.
This makes it also possible to search by dn against an ldap server as the old method was
not supported by ldap syntaxes.
sss
(This used to be commit a614466dec
)
This commit is contained in:
parent
056d63c62f
commit
9189833a87
@ -370,8 +370,8 @@ NTTIME samdb_result_allow_password_change(struct ldb_context *sam_ldb,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
minPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, NULL,
|
minPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0,
|
||||||
"minPwdAge", "dn=%s", domain_dn);
|
domain_dn, "minPwdAge", NULL);
|
||||||
|
|
||||||
/* yes, this is a -= not a += as minPwdAge is stored as the negative
|
/* yes, this is a -= not a += as minPwdAge is stored as the negative
|
||||||
of the number of 100-nano-seconds */
|
of the number of 100-nano-seconds */
|
||||||
@ -397,7 +397,7 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, NULL, "maxPwdAge", "dn=%s", domain_dn);
|
maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn, "maxPwdAge", NULL);
|
||||||
if (maxPwdAge == 0) {
|
if (maxPwdAge == 0) {
|
||||||
return 0;
|
return 0;
|
||||||
} else {
|
} else {
|
||||||
@ -605,7 +605,7 @@ static NTSTATUS _samdb_allocate_next_id(struct ldb_context *sam_ldb, TALLOC_CTX
|
|||||||
struct ldb_val vals[2];
|
struct ldb_val vals[2];
|
||||||
struct ldb_message_element els[2];
|
struct ldb_message_element els[2];
|
||||||
|
|
||||||
str = samdb_search_string(sam_ldb, mem_ctx, NULL, attr, "dn=%s", dn);
|
str = samdb_search_string(sam_ldb, mem_ctx, dn, attr, NULL);
|
||||||
if (!str) {
|
if (!str) {
|
||||||
DEBUG(1,("id not found at %s %s\n", dn, attr));
|
DEBUG(1,("id not found at %s %s\n", dn, attr));
|
||||||
return NT_STATUS_OBJECT_NAME_INVALID;
|
return NT_STATUS_OBJECT_NAME_INVALID;
|
||||||
|
@ -61,7 +61,7 @@ int gendb_search_v(struct ldb_context *ldb,
|
|||||||
/*
|
/*
|
||||||
search the LDB for the specified attributes - varargs variant
|
search the LDB for the specified attributes - varargs variant
|
||||||
*/
|
*/
|
||||||
int gendb_search(struct ldb_context *sam_ldb,
|
int gendb_search(struct ldb_context *ldb,
|
||||||
TALLOC_CTX *mem_ctx,
|
TALLOC_CTX *mem_ctx,
|
||||||
const char *basedn,
|
const char *basedn,
|
||||||
struct ldb_message ***res,
|
struct ldb_message ***res,
|
||||||
@ -72,12 +72,39 @@ int gendb_search(struct ldb_context *sam_ldb,
|
|||||||
int count;
|
int count;
|
||||||
|
|
||||||
va_start(ap, format);
|
va_start(ap, format);
|
||||||
count = gendb_search_v(sam_ldb, mem_ctx, basedn, res, attrs, format, ap);
|
count = gendb_search_v(ldb, mem_ctx, basedn, res, attrs, format, ap);
|
||||||
va_end(ap);
|
va_end(ap);
|
||||||
|
|
||||||
return count;
|
return count;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int gendb_search_dn(struct ldb_context *ldb,
|
||||||
|
TALLOC_CTX *mem_ctx,
|
||||||
|
const char *dn,
|
||||||
|
struct ldb_message ***res,
|
||||||
|
const char * const *attrs)
|
||||||
|
{
|
||||||
|
va_list ap;
|
||||||
|
int count;
|
||||||
|
|
||||||
|
*res = NULL;
|
||||||
|
|
||||||
|
count = ldb_search(ldb, dn, LDB_SCOPE_BASE, "", attrs, res);
|
||||||
|
|
||||||
|
if (count > 1) {
|
||||||
|
DEBUG(1, ("DB Corruption ? - Found more then one entry for dn: %s", dn));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (*res) talloc_steal(mem_ctx, *res);
|
||||||
|
|
||||||
|
DEBUG(4,("gendb_search_dn: %s -> %d (%s)\n",
|
||||||
|
dn, count, count==-1?ldb_errstring(ldb):"OK"));
|
||||||
|
|
||||||
|
return count;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
setup some initial ldif in a ldb
|
setup some initial ldif in a ldb
|
||||||
*/
|
*/
|
||||||
|
@ -148,9 +148,11 @@ test-sqlite3:
|
|||||||
@echo "SKIP SQLITE3 TEST - NO SQLITE3 SUPPORT"
|
@echo "SKIP SQLITE3 TEST - NO SQLITE3 SUPPORT"
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
ifeq (1,0)
|
||||||
test-schema:
|
test-schema:
|
||||||
@echo "STARTING SCHEMA MODULE TEST"
|
@echo "STARTING SCHEMA MODULE TEST"
|
||||||
tests/test-schema.sh
|
tests/test-schema.sh
|
||||||
|
endif
|
||||||
|
|
||||||
test: $(BINS) test-tdb test-ldap test-sqlite3 test-schema
|
test: $(BINS) test-tdb test-ldap test-sqlite3 test-schema
|
||||||
|
|
||||||
|
@ -196,6 +196,10 @@ static int lldb_search(struct ldb_module *module, const char *base,
|
|||||||
base = "";
|
base = "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (expression == NULL || expression[0] == '\0') {
|
||||||
|
expression = "objectClass=*";
|
||||||
|
}
|
||||||
|
|
||||||
lldb->last_rc = ldap_search_s(lldb->ldap, base, (int)scope,
|
lldb->last_rc = ldap_search_s(lldb->ldap, base, (int)scope,
|
||||||
expression,
|
expression,
|
||||||
discard_const_p(char *, attrs),
|
discard_const_p(char *, attrs),
|
||||||
|
@ -272,7 +272,7 @@ int ltdb_search_dn1(struct ldb_module *module, const char *dn, struct ldb_messag
|
|||||||
/*
|
/*
|
||||||
search the database for a single simple dn
|
search the database for a single simple dn
|
||||||
*/
|
*/
|
||||||
int ltdb_search_dn(struct ldb_module *module, char *dn,
|
int ltdb_search_dn(struct ldb_module *module, const char *dn,
|
||||||
const char * const attrs[], struct ldb_message ***res)
|
const char * const attrs[], struct ldb_message ***res)
|
||||||
{
|
{
|
||||||
struct ldb_context *ldb = module->ldb;
|
struct ldb_context *ldb = module->ldb;
|
||||||
@ -482,17 +482,9 @@ int ltdb_search_bytree(struct ldb_module *module, const char *base,
|
|||||||
|
|
||||||
*res = NULL;
|
*res = NULL;
|
||||||
|
|
||||||
if (tree->operation == LDB_OP_SIMPLE &&
|
ret = ltdb_search_indexed(module, base, scope, tree, attrs, res);
|
||||||
(ldb_attr_cmp(tree->u.simple.attr, "dn") == 0 ||
|
if (ret == -1) {
|
||||||
ldb_attr_cmp(tree->u.simple.attr, "distinguishedName") == 0) &&
|
ret = ltdb_search_full(module, base, scope, tree, attrs, res);
|
||||||
!ltdb_has_wildcard(module, tree->u.simple.attr, &tree->u.simple.value)) {
|
|
||||||
/* yay! its a nice simple one */
|
|
||||||
ret = ltdb_search_dn(module, tree->u.simple.value.data, attrs, res);
|
|
||||||
} else {
|
|
||||||
ret = ltdb_search_indexed(module, base, scope, tree, attrs, res);
|
|
||||||
if (ret == -1) {
|
|
||||||
ret = ltdb_search_full(module, base, scope, tree, attrs, res);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ltdb_unlock_read(module);
|
ltdb_unlock_read(module);
|
||||||
@ -513,6 +505,13 @@ int ltdb_search(struct ldb_module *module, const char *base,
|
|||||||
struct ldb_parse_tree *tree;
|
struct ldb_parse_tree *tree;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
/* check if we are looking for a simple dn */
|
||||||
|
if (scope == LDB_SCOPE_BASE && (expression == NULL || expression[0] == '\0')) {
|
||||||
|
ret = ltdb_search_dn(module, base, attrs, res);
|
||||||
|
ltdb_unlock_read(module);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
tree = ldb_parse_tree(ltdb, expression);
|
tree = ldb_parse_tree(ltdb, expression);
|
||||||
if (tree == NULL) {
|
if (tree == NULL) {
|
||||||
ltdb->last_err_string = "expression parse failed";
|
ltdb->last_err_string = "expression parse failed";
|
||||||
|
@ -91,7 +91,7 @@ int ltdb_has_wildcard(struct ldb_module *module, const char *attr_name,
|
|||||||
const struct ldb_val *val);
|
const struct ldb_val *val);
|
||||||
void ltdb_search_dn1_free(struct ldb_module *module, struct ldb_message *msg);
|
void ltdb_search_dn1_free(struct ldb_module *module, struct ldb_message *msg);
|
||||||
int ltdb_search_dn1(struct ldb_module *module, const char *dn, struct ldb_message *msg);
|
int ltdb_search_dn1(struct ldb_module *module, const char *dn, struct ldb_message *msg);
|
||||||
int ltdb_search_dn(struct ldb_module *module, char *dn,
|
int ltdb_search_dn(struct ldb_module *module, const char *dn,
|
||||||
const char * const attrs[], struct ldb_message ***res);
|
const char * const attrs[], struct ldb_message ***res);
|
||||||
int ltdb_add_attr_results(struct ldb_module *module, struct ldb_message *msg,
|
int ltdb_add_attr_results(struct ldb_module *module, struct ldb_message *msg,
|
||||||
const char * const attrs[],
|
const char * const attrs[],
|
||||||
|
@ -3,3 +3,5 @@
|
|||||||
mkdir -p tests/tmp/db
|
mkdir -p tests/tmp/db
|
||||||
|
|
||||||
slapd -f tests/slapd.conf -h "`tests/ldapi_url.sh`" $*
|
slapd -f tests/slapd.conf -h "`tests/ldapi_url.sh`" $*
|
||||||
|
|
||||||
|
sleep 2
|
||||||
|
@ -266,8 +266,8 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
|
|||||||
return NT_STATUS_NO_SUCH_DOMAIN;
|
return NT_STATUS_NO_SUCH_DOMAIN;
|
||||||
}
|
}
|
||||||
|
|
||||||
sid_str = samdb_search_string(state->sam_ldb, mem_ctx, NULL,
|
sid_str = samdb_search_string(state->sam_ldb, mem_ctx,
|
||||||
"objectSid", "dn=%s", state->domain_dn);
|
state->domain_dn, "objectSid", NULL);
|
||||||
if (!sid_str) {
|
if (!sid_str) {
|
||||||
return NT_STATUS_NO_SUCH_DOMAIN;
|
return NT_STATUS_NO_SUCH_DOMAIN;
|
||||||
}
|
}
|
||||||
@ -283,8 +283,8 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
|
|||||||
}
|
}
|
||||||
|
|
||||||
state->domain_name = talloc_reference(state,
|
state->domain_name = talloc_reference(state,
|
||||||
samdb_search_string(state->sam_ldb, mem_ctx, NULL,
|
samdb_search_string(state->sam_ldb, mem_ctx,
|
||||||
"name", "dn=%s", state->domain_dn));
|
state->domain_dn, "name", NULL));
|
||||||
if (!state->domain_name) {
|
if (!state->domain_name) {
|
||||||
return NT_STATUS_NO_SUCH_DOMAIN;
|
return NT_STATUS_NO_SUCH_DOMAIN;
|
||||||
}
|
}
|
||||||
@ -359,8 +359,7 @@ static NTSTATUS lsa_info_AccountDomain(struct lsa_policy_state *state, TALLOC_CT
|
|||||||
int ret;
|
int ret;
|
||||||
struct ldb_message **res;
|
struct ldb_message **res;
|
||||||
|
|
||||||
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(state->sam_ldb, mem_ctx, state->domain_dn, &res, attrs);
|
||||||
"dn=%s", state->domain_dn);
|
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -381,8 +380,7 @@ static NTSTATUS lsa_info_DNS(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx
|
|||||||
int ret;
|
int ret;
|
||||||
struct ldb_message **res;
|
struct ldb_message **res;
|
||||||
|
|
||||||
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(state->sam_ldb, mem_ctx, state->domain_dn, &res, attrs);
|
||||||
"dn=%s", state->domain_dn);
|
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -850,8 +848,8 @@ static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, T
|
|||||||
trusted_domain_state = h->data;
|
trusted_domain_state = h->data;
|
||||||
|
|
||||||
/* pull all the user attributes */
|
/* pull all the user attributes */
|
||||||
ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(trusted_domain_state->policy->sam_ldb, mem_ctx,
|
||||||
"dn=%s", trusted_domain_state->trusted_domain_dn);
|
trusted_domain_state->trusted_domain_dn, &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -1373,8 +1371,8 @@ static NTSTATUS lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
|
|||||||
r->out.privs->unknown = 0;
|
r->out.privs->unknown = 0;
|
||||||
r->out.privs->set = NULL;
|
r->out.privs->set = NULL;
|
||||||
|
|
||||||
ret = gendb_search(astate->policy->sam_ldb, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(astate->policy->sam_ldb, mem_ctx,
|
||||||
"dn=%s", astate->account_dn);
|
astate->account_dn, &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_OK;
|
return NT_STATUS_OK;
|
||||||
}
|
}
|
||||||
@ -2048,9 +2046,8 @@ static NTSTATUS lsa_SetSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *me
|
|||||||
};
|
};
|
||||||
|
|
||||||
/* search for the secret record */
|
/* search for the secret record */
|
||||||
ret = gendb_search(secret_state->sam_ldb,
|
ret = gendb_search_dn(secret_state->sam_ldb,mem_ctx,
|
||||||
mem_ctx, NULL, &res, attrs,
|
secret_state->secret_dn, &res, attrs);
|
||||||
"(dn=%s)", secret_state->secret_dn);
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
|
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
|
||||||
}
|
}
|
||||||
@ -2121,8 +2118,8 @@ static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *
|
|||||||
secret_state = h->data;
|
secret_state = h->data;
|
||||||
|
|
||||||
/* pull all the user attributes */
|
/* pull all the user attributes */
|
||||||
ret = gendb_search(secret_state->sam_ldb, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(secret_state->sam_ldb, mem_ctx,
|
||||||
"dn=%s", secret_state->secret_dn);
|
secret_state->secret_dn, &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
|
@ -343,8 +343,8 @@ static NTSTATUS samr_info_DomInfo1(struct samr_domain_state *state,
|
|||||||
int ret;
|
int ret;
|
||||||
struct ldb_message **res;
|
struct ldb_message **res;
|
||||||
|
|
||||||
ret = gendb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", state->domain_dn);
|
state->domain_dn , &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -373,8 +373,8 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX *
|
|||||||
int ret;
|
int ret;
|
||||||
struct ldb_message **res;
|
struct ldb_message **res;
|
||||||
|
|
||||||
ret = gendb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", state->domain_dn);
|
state->domain_dn , &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -527,10 +527,8 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO
|
|||||||
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
||||||
|
|
||||||
/* retrieve the sidstring for the group just created */
|
/* retrieve the sidstring for the group just created */
|
||||||
sidstr = samdb_search_string(d_state->sam_ctx, a_state, NULL,
|
sidstr = samdb_search_string(d_state->sam_ctx, a_state,
|
||||||
"objectSid",
|
msg->dn, "objectSid", NULL);
|
||||||
"dn=%s",
|
|
||||||
msg->dn);
|
|
||||||
if (sidstr == NULL) {
|
if (sidstr == NULL) {
|
||||||
return NT_STATUS_UNSUCCESSFUL;
|
return NT_STATUS_UNSUCCESSFUL;
|
||||||
}
|
}
|
||||||
@ -759,10 +757,8 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
|
|||||||
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
||||||
|
|
||||||
/* retrieve the sidstring for the group just created */
|
/* retrieve the sidstring for the group just created */
|
||||||
sidstr = samdb_search_string(d_state->sam_ctx, a_state, NULL,
|
sidstr = samdb_search_string(d_state->sam_ctx, a_state,
|
||||||
"objectSid",
|
msg->dn, "objectSid", NULL);
|
||||||
"dn=%s",
|
|
||||||
msg->dn);
|
|
||||||
if (sidstr == NULL) {
|
if (sidstr == NULL) {
|
||||||
return NT_STATUS_UNSUCCESSFUL;
|
return NT_STATUS_UNSUCCESSFUL;
|
||||||
}
|
}
|
||||||
@ -965,10 +961,8 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C
|
|||||||
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
a_state->account_dn = talloc_steal(a_state, msg->dn);
|
||||||
|
|
||||||
/* retrieve the sidstring for the group just created */
|
/* retrieve the sidstring for the group just created */
|
||||||
sidstr = samdb_search_string(d_state->sam_ctx, a_state, NULL,
|
sidstr = samdb_search_string(d_state->sam_ctx, a_state,
|
||||||
"objectSid",
|
msg->dn, "objectSid", NULL);
|
||||||
"dn=%s",
|
|
||||||
msg->dn);
|
|
||||||
if (sidstr == NULL) {
|
if (sidstr == NULL) {
|
||||||
return NT_STATUS_UNSUCCESSFUL;
|
return NT_STATUS_UNSUCCESSFUL;
|
||||||
}
|
}
|
||||||
@ -1490,8 +1484,8 @@ static NTSTATUS samr_QueryGroupInfo(struct dcesrv_call_state *dce_call, TALLOC_C
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
/* pull all the group attributes */
|
/* pull all the group attributes */
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn, &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -1750,8 +1744,8 @@ static NTSTATUS samr_QueryGroupMember(struct dcesrv_call_state *dce_call, TALLOC
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
/* pull the member attribute */
|
/* pull the member attribute */
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn, &res, attrs);
|
||||||
|
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
@ -1784,9 +1778,9 @@ static NTSTATUS samr_QueryGroupMember(struct dcesrv_call_state *dce_call, TALLOC
|
|||||||
for (i=0; i<el->num_values; i++) {
|
for (i=0; i<el->num_values; i++) {
|
||||||
struct ldb_message **res2;
|
struct ldb_message **res2;
|
||||||
const char * const attrs2[2] = { "objectSid", NULL };
|
const char * const attrs2[2] = { "objectSid", NULL };
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
&res2, attrs2, "dn=%s",
|
(char *)el->values[i].data,
|
||||||
(char *)el->values[i].data);
|
&res2, attrs2);
|
||||||
if (ret != 1)
|
if (ret != 1)
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
|
|
||||||
@ -1916,8 +1910,8 @@ static NTSTATUS samr_QueryAliasInfo(struct dcesrv_call_state *dce_call, TALLOC_C
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
/* pull all the alias attributes */
|
/* pull all the alias attributes */
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn ,&res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -2229,8 +2223,8 @@ static NTSTATUS samr_GetMembersInAlias(struct dcesrv_call_state *dce_call, TALLO
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
d_state = a_state->domain_state;
|
d_state = a_state->domain_state;
|
||||||
|
|
||||||
ret = gendb_search(d_state->sam_ctx, mem_ctx, NULL, &msgs, attrs,
|
ret = gendb_search_dn(d_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn, &msgs, attrs);
|
||||||
|
|
||||||
if (ret != 1)
|
if (ret != 1)
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
@ -2252,9 +2246,9 @@ static NTSTATUS samr_GetMembersInAlias(struct dcesrv_call_state *dce_call, TALLO
|
|||||||
for (i=0; i<el->num_values; i++) {
|
for (i=0; i<el->num_values; i++) {
|
||||||
struct ldb_message **msgs2;
|
struct ldb_message **msgs2;
|
||||||
const char * const attrs2[2] = { "objectSid", NULL };
|
const char * const attrs2[2] = { "objectSid", NULL };
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
&msgs2, attrs2, "dn=%s",
|
(char *)el->values[i].data,
|
||||||
(char *)el->values[i].data);
|
&msgs2, attrs2);
|
||||||
if (ret != 1)
|
if (ret != 1)
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
|
|
||||||
@ -2391,8 +2385,8 @@ static NTSTATUS samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TALLOC_CT
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
/* pull all the user attributes */
|
/* pull all the user attributes */
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, NULL,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn ,&res, NULL);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -3117,10 +3111,10 @@ static NTSTATUS samr_GetUserPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CT
|
|||||||
|
|
||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
r->out.info.min_password_length = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0, NULL, "minPwdLength",
|
r->out.info.min_password_length = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0,
|
||||||
"dn=%s", a_state->domain_state->domain_dn);
|
a_state->domain_state->domain_dn, "minPwdLength", NULL);
|
||||||
r->out.info.password_properties = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0, NULL, "pwdProperties",
|
r->out.info.password_properties = samdb_search_uint(a_state->sam_ctx, mem_ctx, 0,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn, "pwdProperties", NULL);
|
||||||
return NT_STATUS_OK;
|
return NT_STATUS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -50,8 +50,8 @@ NTSTATUS samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALLOC_CTX
|
|||||||
a_state = h->data;
|
a_state = h->data;
|
||||||
|
|
||||||
/* fetch the old hashes */
|
/* fetch the old hashes */
|
||||||
ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs,
|
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
|
||||||
"dn=%s", a_state->account_dn);
|
a_state->account_dn, &res, attrs);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -400,9 +400,8 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
|
|||||||
return NT_STATUS_OK;
|
return NT_STATUS_OK;
|
||||||
|
|
||||||
failed:
|
failed:
|
||||||
ret = gendb_search(sam_ctx,
|
ret = gendb_search_dn(sam_ctx, mem_ctx,
|
||||||
mem_ctx, NULL, &res, dom_attrs,
|
domain_dn, &res, dom_attrs);
|
||||||
"dn=%s", domain_dn);
|
|
||||||
|
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
return status;
|
return status;
|
||||||
@ -517,7 +516,7 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx,
|
|||||||
unix_to_nt_time(&now_nt, now);
|
unix_to_nt_time(&now_nt, now);
|
||||||
|
|
||||||
/* pull all the user parameters */
|
/* pull all the user parameters */
|
||||||
count = gendb_search(ctx, mem_ctx, NULL, &res, user_attrs, "dn=%s", user_dn);
|
count = gendb_search_dn(ctx, mem_ctx, user_dn, &res, user_attrs);
|
||||||
if (count != 1) {
|
if (count != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
@ -533,7 +532,7 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx,
|
|||||||
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
|
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
|
||||||
|
|
||||||
/* pull the domain parameters */
|
/* pull the domain parameters */
|
||||||
count = gendb_search(ctx, mem_ctx, NULL, &res, domain_attrs, "dn=%s", domain_dn);
|
count = gendb_search_dn(ctx, mem_ctx, domain_dn, &res, domain_attrs);
|
||||||
if (count != 1) {
|
if (count != 1) {
|
||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user