diff --git a/source4/dsdb/samdb/ldb_modules/schema.c b/source4/dsdb/samdb/ldb_modules/schema.c index 1a7060a524f..87b1d30269c 100644 --- a/source4/dsdb/samdb/ldb_modules/schema.c +++ b/source4/dsdb/samdb/ldb_modules/schema.c @@ -234,108 +234,6 @@ struct schema_attribute **schema_get_attrs_list(struct ldb_module *module, return list; } -static int map_schema_syntax(uint32_t om_syntax, const char *attr_syntax, const struct ldb_val *om_class, enum schema_internal_syntax *syntax) -{ - int ret; - - ret = LDB_SUCCESS; - - switch(om_syntax) { - case 1: - *syntax = SCHEMA_AS_BOOLEAN; - break; - case 2: - *syntax = SCHEMA_AS_INTEGER; - break; - case 4: - if (strcmp(attr_syntax, "2.5.5.10") == 0) { - *syntax = SCHEMA_AS_OCTET_STRING; - break; - } - if (strcmp(attr_syntax, "2.5.5.17") == 0) { - *syntax = SCHEMA_AS_SID; - break; - } - ret = LDB_ERR_OPERATIONS_ERROR; - break; - case 6: - *syntax = SCHEMA_AS_OID; - break; - case 10: - *syntax = SCHEMA_AS_ENUMERATION; - break; - case 18: - *syntax = SCHEMA_AS_NUMERIC_STRING; - break; - case 19: - *syntax = SCHEMA_AS_PRINTABLE_STRING; - break; - case 20: - *syntax = SCHEMA_AS_CASE_IGNORE_STRING; - break; - case 22: - *syntax = SCHEMA_AS_IA5_STRING; - break; - case 23: - *syntax = SCHEMA_AS_UTC_TIME; - break; - case 24: - *syntax = SCHEMA_AS_GENERALIZED_TIME; - break; - case 27: - *syntax = SCHEMA_AS_CASE_SENSITIVE_STRING; - break; - case 64: - *syntax = SCHEMA_AS_DIRECTORY_STRING; - break; - case 65: - *syntax = SCHEMA_AS_LARGE_INTEGER; - break; - case 66: - *syntax = SCHEMA_AS_OBJECT_SECURITY_DESCRIPTOR; - break; - case 127: - if (!om_class) { - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a\x00", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_DN; - break; - } - if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0b", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_DN_BINARY; - break; - } - if (memcmp(om_class->data, "\x56\x06\x01\x02\x05\x0b\x1d\x00\x00\x00", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_OR_NAME; - break; - } - if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x06", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_REPLICA_LINK; - break; - } - if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x5c\x00", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_PRESENTATION_ADDRESS; - break; - } - if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x3e\x00", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_ACCESS_POINT; - break; - } - if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c", MIN(om_class->length, 10)) == 0) { - *syntax = SCHEMA_AS_DN_STRING; - break; - } - /* not found will error in default: */ - default: - ret = LDB_ERR_OPERATIONS_ERROR; - } - - return ret; -} - static int schema_init_attrs(struct ldb_module *module, struct schema_private_data *data) { static const char *schema_attrs[] = { "attributeID", @@ -435,7 +333,7 @@ static int schema_init_classes(struct ldb_module *module, struct schema_private_ static const char *schema_attrs[] = { "governsID", "lDAPDisplayName", "objectClassCategory", - "defaultObjectCategory" + "defaultObjectCategory", "systemOnly", "systemFlag", "isDefunct", @@ -662,7 +560,7 @@ static int schema_add_build_parent_req(struct schema_context *sctx) sctx->parent_req->operation = LDB_SEARCH; sctx->parent_req->op.search.scope = LDB_SCOPE_BASE; sctx->parent_req->op.search.base = ldb_dn_get_parent(sctx->parent_req, sctx->orig_req->op.add.message->dn); - sctx->parent_req->op.search.tree = ldb_parse_tree(sctx->module->ldb, "(objectClass=*)"); + sctx->parent_req->op.search.tree = ldb_parse_tree(sctx->parent_req, "(objectClass=*)"); sctx->parent_req->op.search.attrs = parent_attrs; sctx->parent_req->controls = NULL; sctx->parent_req->context = sctx; @@ -1036,6 +934,27 @@ static int schema_add_build_down_req(struct schema_context *sctx) return LDB_SUCCESS; } +static int schema_check_attributes_syntax(struct schema_context *sctx) +{ + struct ldb_message *msg; + struct schema_attribute *attr; + int i, ret; + + msg = sctx->orig_req->op.add.message; + for (i = 0; i < msg->num_elements; i++) { + attr = schema_store_find(sctx->data->attrs_store, msg->elements[i].name); + if (attr == NULL) { + return LDB_ERR_NO_SUCH_ATTRIBUTE; + } + ret = schema_validate(&msg->elements[i], attr->syntax, attr->single, attr->min, attr->max); + if (ret != LDB_SUCCESS) { + return ret; + } + } + + return LDB_SUCCESS; +} + static int schema_add_continue(struct ldb_handle *h) { struct schema_context *sctx; @@ -1077,12 +996,11 @@ static int schema_add_continue(struct ldb_handle *h) } /* check attributes syntax */ - /* + ret = schema_check_attributes_syntax(sctx); if (ret != LDB_SUCCESS) { break; } - */ ret = schema_add_build_down_req(sctx); if (ret != LDB_SUCCESS) { diff --git a/source4/dsdb/samdb/ldb_modules/schema_syntax.c b/source4/dsdb/samdb/ldb_modules/schema_syntax.c index 02c42bbf8f4..f23c2d156df 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_syntax.c +++ b/source4/dsdb/samdb/ldb_modules/schema_syntax.c @@ -35,6 +35,108 @@ #include "ldb/include/ldb_errors.h" #include "schema_syntax.h" +int map_schema_syntax(uint32_t om_syntax, const char *attr_syntax, const struct ldb_val *om_class, enum schema_internal_syntax *syntax) +{ + int ret; + + ret = LDB_SUCCESS; + + switch(om_syntax) { + case 1: + *syntax = SCHEMA_AS_BOOLEAN; + break; + case 2: + *syntax = SCHEMA_AS_INTEGER; + break; + case 4: + if (strcmp(attr_syntax, "2.5.5.10") == 0) { + *syntax = SCHEMA_AS_OCTET_STRING; + break; + } + if (strcmp(attr_syntax, "2.5.5.17") == 0) { + *syntax = SCHEMA_AS_SID; + break; + } + ret = LDB_ERR_OPERATIONS_ERROR; + break; + case 6: + *syntax = SCHEMA_AS_OID; + break; + case 10: + *syntax = SCHEMA_AS_ENUMERATION; + break; + case 18: + *syntax = SCHEMA_AS_NUMERIC_STRING; + break; + case 19: + *syntax = SCHEMA_AS_PRINTABLE_STRING; + break; + case 20: + *syntax = SCHEMA_AS_CASE_IGNORE_STRING; + break; + case 22: + *syntax = SCHEMA_AS_IA5_STRING; + break; + case 23: + *syntax = SCHEMA_AS_UTC_TIME; + break; + case 24: + *syntax = SCHEMA_AS_GENERALIZED_TIME; + break; + case 27: + *syntax = SCHEMA_AS_CASE_SENSITIVE_STRING; + break; + case 64: + *syntax = SCHEMA_AS_DIRECTORY_STRING; + break; + case 65: + *syntax = SCHEMA_AS_LARGE_INTEGER; + break; + case 66: + *syntax = SCHEMA_AS_OBJECT_SECURITY_DESCRIPTOR; + break; + case 127: + if (!om_class) { + ret = LDB_ERR_OPERATIONS_ERROR; + break; + } + + if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a\x00", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_DN; + break; + } + if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0b", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_DN_BINARY; + break; + } + if (memcmp(om_class->data, "\x56\x06\x01\x02\x05\x0b\x1d\x00\x00\x00", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_OR_NAME; + break; + } + if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x06", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_REPLICA_LINK; + break; + } + if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x5c\x00", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_PRESENTATION_ADDRESS; + break; + } + if (memcmp(om_class->data, "\x2b\x0c\x02\x87\x73\x1c\x00\x85\x3e\x00", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_ACCESS_POINT; + break; + } + if (memcmp(om_class->data, "\x2a\x86\x48\x86\xf7\x14\x01\x01\x01\x0c", MIN(om_class->length, 10)) == 0) { + *syntax = SCHEMA_AS_DN_STRING; + break; + } + /* not found will error in default: */ + default: + ret = LDB_ERR_OPERATIONS_ERROR; + } + + return ret; +} + static int schema_validate_boolean(struct ldb_val *val, int min, int max) { diff --git a/source4/dsdb/samdb/ldb_modules/schema_syntax.h b/source4/dsdb/samdb/ldb_modules/schema_syntax.h index 1974c10b994..453f79a3c22 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_syntax.h +++ b/source4/dsdb/samdb/ldb_modules/schema_syntax.h @@ -62,3 +62,12 @@ enum schema_internal_syntax { SCHEMA_AS_DN_STRING = 23 }; +int map_schema_syntax(uint32_t om_syntax, + const char *attr_syntax, + const struct ldb_val *om_class, + enum schema_internal_syntax *syntax); + +int schema_validate(struct ldb_message_element *el, + enum schema_internal_syntax type, + bool single, int min, int max); +