mirror of
https://github.com/samba-team/samba.git
synced 2025-01-17 02:05:21 +03:00
bdee131f30
quite a large change as we had lots of code that assumed that objectSid was a string in S- format. metze and simo tried to convince me to use NDR format months ago, but I didn't listen, so its fair that I have the pain of fixing all the code now :-) This builds on the ldb_register_samba_handlers() and ldif handlers code I did earlier this week. There are still three parts of this conversion I have not finished: - the ltdb index records need to use the string form of the objectSid (to keep the DNs sane). Until that it done I have disabled indexing on objectSid, which is a big performance hit, but allows us to pass all our tests while I rejig the indexing system to use a externally supplied conversion function - I haven't yet put in place the code that allows client to use the "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3 supports this, presumably by looking for the "S-" prefix to determine what type of objectSid form is being used by the client. I have been working on ways to handle this, but am not happy with them yet so they aren't part of this patch - I need to change pidl to generate push functions that take a "const void *" instead of a "void*" for the data pointer. That will fix the couple of new warnings this code generates. Luckily it many places the conversion to NDR formatted records actually simplified the code, as it means we no longer need as many calls to dom_sid_parse_talloc(). In some places it got more complex, but not many. (This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
93 lines
2.4 KiB
C
93 lines
2.4 KiB
C
/*
|
|
Unix SMB/CIFS mplementation.
|
|
|
|
wrap/unwrap NDR encoded elements for ldap calls
|
|
|
|
Copyright (C) Andrew Tridgell 2005
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
|
|
*/
|
|
|
|
#include "includes.h"
|
|
#include "libcli/ldap/ldap.h"
|
|
#include "librpc/gen_ndr/ndr_security.h"
|
|
|
|
/*
|
|
encode a NDR uint32 as a ldap filter element
|
|
*/
|
|
const char *ldap_encode_ndr_uint32(TALLOC_CTX *mem_ctx, uint32_t value)
|
|
{
|
|
uint8_t buf[4];
|
|
struct ldb_val val;
|
|
SIVAL(buf, 0, value);
|
|
val.data = buf;
|
|
val.length = 4;
|
|
return ldb_binary_encode(mem_ctx, val);
|
|
}
|
|
|
|
/*
|
|
encode a NDR dom_sid as a ldap filter element
|
|
*/
|
|
const char *ldap_encode_ndr_dom_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
|
|
{
|
|
DATA_BLOB blob;
|
|
NTSTATUS status;
|
|
const char *ret;
|
|
status = ndr_push_struct_blob(&blob, mem_ctx, sid,
|
|
(ndr_push_flags_fn_t)ndr_push_dom_sid);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
return NULL;
|
|
}
|
|
ret = ldb_binary_encode(mem_ctx, blob);
|
|
data_blob_free(&blob);
|
|
return ret;
|
|
}
|
|
|
|
|
|
/*
|
|
encode a NDR GUID as a ldap filter element
|
|
*/
|
|
const char *ldap_encode_ndr_GUID(TALLOC_CTX *mem_ctx, struct GUID *guid)
|
|
{
|
|
DATA_BLOB blob;
|
|
NTSTATUS status;
|
|
const char *ret;
|
|
status = ndr_push_struct_blob(&blob, mem_ctx, guid,
|
|
(ndr_push_flags_fn_t)ndr_push_GUID);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
return NULL;
|
|
}
|
|
ret = ldb_binary_encode(mem_ctx, blob);
|
|
data_blob_free(&blob);
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
decode a NDR GUID from a ldap filter element
|
|
*/
|
|
NTSTATUS ldap_decode_ndr_GUID(TALLOC_CTX *mem_ctx, struct ldb_val val, struct GUID *guid)
|
|
{
|
|
DATA_BLOB blob;
|
|
NTSTATUS status;
|
|
|
|
blob.data = val.data;
|
|
blob.length = val.length;
|
|
status = ndr_pull_struct_blob(&blob, mem_ctx, guid,
|
|
(ndr_pull_flags_fn_t)ndr_pull_GUID);
|
|
talloc_free(val.data);
|
|
return status;
|
|
}
|