Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : ads (active directory) utility library
4 : Copyright (C) Guenther Deschner 2005-2007
5 : Copyright (C) Gerald (Jerry) Carter 2006
6 :
7 : This program is free software; you can redistribute it and/or modify
8 : it under the terms of the GNU General Public License as published by
9 : the Free Software Foundation; either version 3 of the License, or
10 : (at your option) any later version.
11 :
12 : This program is distributed in the hope that it will be useful,
13 : but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : GNU General Public License for more details.
16 :
17 : You should have received a copy of the GNU General Public License
18 : along with this program. If not, see <http://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include "includes.h"
22 : #include "ads.h"
23 : #include "libads/ldap_schema.h"
24 : #include "libads/ldap_schema_oids.h"
25 : #include "../libcli/ldap/ldap_ndr.h"
26 :
27 : #ifdef HAVE_LDAP
28 :
29 0 : static ADS_STATUS ads_get_attrnames_by_oids(ADS_STRUCT *ads,
30 : TALLOC_CTX *mem_ctx,
31 : const char *schema_path,
32 : const char **OIDs,
33 : size_t num_OIDs,
34 : char ***OIDs_out, char ***names,
35 : size_t *count)
36 : {
37 : ADS_STATUS status;
38 0 : LDAPMessage *res = NULL;
39 : LDAPMessage *msg;
40 0 : char *expr = NULL;
41 0 : const char *attrs[] = { "lDAPDisplayName", "attributeId", NULL };
42 0 : int i = 0, p = 0;
43 :
44 0 : if (!ads || !mem_ctx || !names || !count || !OIDs || !OIDs_out) {
45 0 : return ADS_ERROR(LDAP_PARAM_ERROR);
46 : }
47 :
48 0 : if (num_OIDs == 0 || OIDs[0] == NULL) {
49 0 : return ADS_ERROR_NT(NT_STATUS_NONE_MAPPED);
50 : }
51 :
52 0 : if ((expr = talloc_asprintf(mem_ctx, "(|")) == NULL) {
53 0 : return ADS_ERROR(LDAP_NO_MEMORY);
54 : }
55 :
56 0 : for (i=0; i<num_OIDs; i++) {
57 :
58 0 : if ((expr = talloc_asprintf_append_buffer(expr, "(attributeId=%s)",
59 0 : OIDs[i])) == NULL) {
60 0 : return ADS_ERROR(LDAP_NO_MEMORY);
61 : }
62 : }
63 :
64 0 : if ((expr = talloc_asprintf_append_buffer(expr, ")")) == NULL) {
65 0 : return ADS_ERROR(LDAP_NO_MEMORY);
66 : }
67 :
68 0 : status = ads_do_search_retry(ads, schema_path,
69 : LDAP_SCOPE_SUBTREE, expr, attrs, &res);
70 0 : if (!ADS_ERR_OK(status)) {
71 0 : return status;
72 : }
73 :
74 0 : *count = ads_count_replies(ads, res);
75 0 : if (*count == 0 || !res) {
76 0 : status = ADS_ERROR_NT(NT_STATUS_NONE_MAPPED);
77 0 : goto out;
78 : }
79 :
80 0 : if (((*names) = talloc_array(mem_ctx, char *, *count)) == NULL) {
81 0 : status = ADS_ERROR(LDAP_NO_MEMORY);
82 0 : goto out;
83 : }
84 0 : if (((*OIDs_out) = talloc_array(mem_ctx, char *, *count)) == NULL) {
85 0 : status = ADS_ERROR(LDAP_NO_MEMORY);
86 0 : goto out;
87 : }
88 :
89 0 : for (msg = ads_first_entry(ads, res); msg != NULL;
90 0 : msg = ads_next_entry(ads, msg)) {
91 :
92 0 : (*names)[p] = ads_pull_string(ads, mem_ctx, msg,
93 : "lDAPDisplayName");
94 0 : (*OIDs_out)[p] = ads_pull_string(ads, mem_ctx, msg,
95 : "attributeId");
96 0 : if (((*names)[p] == NULL) || ((*OIDs_out)[p] == NULL)) {
97 0 : status = ADS_ERROR(LDAP_NO_MEMORY);
98 0 : goto out;
99 : }
100 :
101 0 : p++;
102 : }
103 :
104 0 : if (*count < num_OIDs) {
105 0 : status = ADS_ERROR_NT(STATUS_SOME_UNMAPPED);
106 0 : goto out;
107 : }
108 :
109 0 : status = ADS_ERROR(LDAP_SUCCESS);
110 0 : out:
111 0 : ads_msgfree(ads, res);
112 :
113 0 : return status;
114 : }
115 :
116 0 : const char *ads_get_attrname_by_guid(ADS_STRUCT *ads,
117 : const char *schema_path,
118 : TALLOC_CTX *mem_ctx,
119 : const struct GUID *schema_guid)
120 : {
121 : ADS_STATUS rc;
122 0 : LDAPMessage *res = NULL;
123 0 : char *expr = NULL;
124 0 : const char *attrs[] = { "lDAPDisplayName", NULL };
125 0 : const char *result = NULL;
126 0 : char *guid_bin = NULL;
127 :
128 0 : if (!ads || !mem_ctx || !schema_guid) {
129 0 : goto done;
130 : }
131 :
132 0 : guid_bin = ldap_encode_ndr_GUID(mem_ctx, schema_guid);
133 0 : if (!guid_bin) {
134 0 : goto done;
135 : }
136 :
137 0 : expr = talloc_asprintf(mem_ctx, "(schemaIDGUID=%s)", guid_bin);
138 0 : if (!expr) {
139 0 : goto done;
140 : }
141 :
142 0 : rc = ads_do_search_retry(ads, schema_path, LDAP_SCOPE_SUBTREE,
143 : expr, attrs, &res);
144 0 : if (!ADS_ERR_OK(rc)) {
145 0 : goto done;
146 : }
147 :
148 0 : if (ads_count_replies(ads, res) != 1) {
149 0 : goto done;
150 : }
151 :
152 0 : result = ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName");
153 :
154 0 : done:
155 0 : TALLOC_FREE(guid_bin);
156 0 : ads_msgfree(ads, res);
157 0 : return result;
158 :
159 : }
160 :
161 : /*********************************************************************
162 : *********************************************************************/
163 :
164 0 : ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path)
165 : {
166 : ADS_STATUS status;
167 : LDAPMessage *res;
168 : const char *schema;
169 0 : const char *attrs[] = { "schemaNamingContext", NULL };
170 :
171 0 : status = ads_do_search(ads, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, &res);
172 0 : if (!ADS_ERR_OK(status)) {
173 0 : return status;
174 : }
175 :
176 0 : if ( (schema = ads_pull_string(ads, mem_ctx, res, "schemaNamingContext")) == NULL ) {
177 0 : ads_msgfree(ads, res);
178 0 : return ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
179 : }
180 :
181 0 : if ( (*schema_path = talloc_strdup(mem_ctx, schema)) == NULL ) {
182 0 : ads_msgfree(ads, res);
183 0 : return ADS_ERROR(LDAP_NO_MEMORY);
184 : }
185 :
186 0 : ads_msgfree(ads, res);
187 :
188 0 : return status;
189 : }
190 :
191 : /**
192 : * Check for "Services for Unix" or rfc2307 Schema and load some attributes into the ADS_STRUCT
193 : * @param ads connection to ads server
194 : * @param enum mapping type
195 : * @return ADS_STATUS status of search (False if one or more attributes couldn't be
196 : * found in Active Directory)
197 : **/
198 0 : ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx,
199 : ADS_STRUCT *ads,
200 : enum wb_posix_mapping map_type,
201 : struct posix_schema **s )
202 : {
203 0 : TALLOC_CTX *ctx = NULL;
204 : ADS_STATUS status;
205 : char **oids_out, **names_out;
206 : size_t num_names;
207 0 : char *schema_path = NULL;
208 : int i;
209 0 : struct posix_schema *schema = NULL;
210 :
211 0 : const char *oids_sfu[] = { ADS_ATTR_SFU_UIDNUMBER_OID,
212 : ADS_ATTR_SFU_GIDNUMBER_OID,
213 : ADS_ATTR_SFU_HOMEDIR_OID,
214 : ADS_ATTR_SFU_SHELL_OID,
215 : ADS_ATTR_SFU_GECOS_OID,
216 : ADS_ATTR_SFU_UID_OID };
217 :
218 0 : const char *oids_sfu20[] = { ADS_ATTR_SFU20_UIDNUMBER_OID,
219 : ADS_ATTR_SFU20_GIDNUMBER_OID,
220 : ADS_ATTR_SFU20_HOMEDIR_OID,
221 : ADS_ATTR_SFU20_SHELL_OID,
222 : ADS_ATTR_SFU20_GECOS_OID,
223 : ADS_ATTR_SFU20_UID_OID };
224 :
225 0 : const char *oids_rfc2307[] = { ADS_ATTR_RFC2307_UIDNUMBER_OID,
226 : ADS_ATTR_RFC2307_GIDNUMBER_OID,
227 : ADS_ATTR_RFC2307_HOMEDIR_OID,
228 : ADS_ATTR_RFC2307_SHELL_OID,
229 : ADS_ATTR_RFC2307_GECOS_OID,
230 : ADS_ATTR_RFC2307_UID_OID };
231 :
232 0 : DEBUG(10,("ads_check_posix_schema_mapping for schema mode: %d\n", map_type));
233 :
234 0 : switch (map_type) {
235 :
236 0 : case WB_POSIX_MAP_TEMPLATE:
237 : case WB_POSIX_MAP_UNIXINFO:
238 0 : DEBUG(10,("ads_check_posix_schema_mapping: nothing to do\n"));
239 0 : return ADS_ERROR(LDAP_SUCCESS);
240 :
241 0 : case WB_POSIX_MAP_SFU:
242 : case WB_POSIX_MAP_SFU20:
243 : case WB_POSIX_MAP_RFC2307:
244 0 : break;
245 :
246 0 : default:
247 0 : DEBUG(0,("ads_check_posix_schema_mapping: "
248 : "unknown enum %d\n", map_type));
249 0 : return ADS_ERROR(LDAP_PARAM_ERROR);
250 : }
251 :
252 0 : if ( (ctx = talloc_init("ads_check_posix_schema_mapping")) == NULL ) {
253 0 : return ADS_ERROR(LDAP_NO_MEMORY);
254 : }
255 :
256 0 : if ( (schema = talloc(mem_ctx, struct posix_schema)) == NULL ) {
257 0 : TALLOC_FREE( ctx );
258 0 : return ADS_ERROR(LDAP_NO_MEMORY);
259 : }
260 :
261 0 : status = ads_schema_path(ads, ctx, &schema_path);
262 0 : if (!ADS_ERR_OK(status)) {
263 0 : DEBUG(3,("ads_check_posix_mapping: Unable to retrieve schema DN!\n"));
264 0 : goto done;
265 : }
266 :
267 0 : switch (map_type) {
268 0 : case WB_POSIX_MAP_SFU:
269 0 : status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu,
270 : ARRAY_SIZE(oids_sfu),
271 : &oids_out, &names_out, &num_names);
272 0 : break;
273 0 : case WB_POSIX_MAP_SFU20:
274 0 : status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_sfu20,
275 : ARRAY_SIZE(oids_sfu20),
276 : &oids_out, &names_out, &num_names);
277 0 : break;
278 0 : case WB_POSIX_MAP_RFC2307:
279 0 : status = ads_get_attrnames_by_oids(ads, ctx, schema_path, oids_rfc2307,
280 : ARRAY_SIZE(oids_rfc2307),
281 : &oids_out, &names_out, &num_names);
282 0 : break;
283 0 : default:
284 0 : status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
285 0 : break;
286 : }
287 :
288 0 : if (!ADS_ERR_OK(status)) {
289 0 : DEBUG(3,("ads_check_posix_schema_mapping: failed %s\n",
290 : ads_errstr(status)));
291 0 : goto done;
292 : }
293 :
294 0 : for (i=0; i<num_names; i++) {
295 :
296 0 : DEBUGADD(10,("\tOID %s has name: %s\n", oids_out[i], names_out[i]));
297 :
298 0 : if (strequal(ADS_ATTR_RFC2307_UIDNUMBER_OID, oids_out[i]) ||
299 0 : strequal(ADS_ATTR_SFU_UIDNUMBER_OID, oids_out[i]) ||
300 0 : strequal(ADS_ATTR_SFU20_UIDNUMBER_OID, oids_out[i])) {
301 0 : schema->posix_uidnumber_attr = talloc_strdup(schema, names_out[i]);
302 0 : continue;
303 : }
304 :
305 0 : if (strequal(ADS_ATTR_RFC2307_GIDNUMBER_OID, oids_out[i]) ||
306 0 : strequal(ADS_ATTR_SFU_GIDNUMBER_OID, oids_out[i]) ||
307 0 : strequal(ADS_ATTR_SFU20_GIDNUMBER_OID, oids_out[i])) {
308 0 : schema->posix_gidnumber_attr = talloc_strdup(schema, names_out[i]);
309 0 : continue;
310 : }
311 :
312 0 : if (strequal(ADS_ATTR_RFC2307_HOMEDIR_OID, oids_out[i]) ||
313 0 : strequal(ADS_ATTR_SFU_HOMEDIR_OID, oids_out[i]) ||
314 0 : strequal(ADS_ATTR_SFU20_HOMEDIR_OID, oids_out[i])) {
315 0 : schema->posix_homedir_attr = talloc_strdup(schema, names_out[i]);
316 0 : continue;
317 : }
318 :
319 0 : if (strequal(ADS_ATTR_RFC2307_SHELL_OID, oids_out[i]) ||
320 0 : strequal(ADS_ATTR_SFU_SHELL_OID, oids_out[i]) ||
321 0 : strequal(ADS_ATTR_SFU20_SHELL_OID, oids_out[i])) {
322 0 : schema->posix_shell_attr = talloc_strdup(schema, names_out[i]);
323 0 : continue;
324 : }
325 :
326 0 : if (strequal(ADS_ATTR_RFC2307_GECOS_OID, oids_out[i]) ||
327 0 : strequal(ADS_ATTR_SFU_GECOS_OID, oids_out[i]) ||
328 0 : strequal(ADS_ATTR_SFU20_GECOS_OID, oids_out[i])) {
329 0 : schema->posix_gecos_attr = talloc_strdup(schema, names_out[i]);
330 : }
331 :
332 0 : if (strequal(ADS_ATTR_RFC2307_UID_OID, oids_out[i]) ||
333 0 : strequal(ADS_ATTR_SFU_UID_OID, oids_out[i]) ||
334 0 : strequal(ADS_ATTR_SFU20_UID_OID, oids_out[i])) {
335 0 : schema->posix_uid_attr = talloc_strdup(schema, names_out[i]);
336 : }
337 : }
338 :
339 0 : if (!schema->posix_uidnumber_attr ||
340 0 : !schema->posix_gidnumber_attr ||
341 0 : !schema->posix_homedir_attr ||
342 0 : !schema->posix_shell_attr ||
343 0 : !schema->posix_gecos_attr) {
344 0 : status = ADS_ERROR(LDAP_NO_MEMORY);
345 0 : TALLOC_FREE( schema );
346 0 : goto done;
347 : }
348 :
349 0 : *s = schema;
350 :
351 0 : status = ADS_ERROR(LDAP_SUCCESS);
352 :
353 0 : done:
354 0 : TALLOC_FREE(ctx);
355 :
356 0 : return status;
357 : }
358 :
359 : #endif
|
