LCOV - code coverage report
Current view: top level - source4/dsdb/samdb/ldb_modules - schema_data.c (source / functions) Hit Total Coverage
Test: coverage report for v4-17-test 1498b464 Lines: 176 269 65.4 %
Date: 2024-06-13 04:01:37 Functions: 10 13 76.9 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS Implementation.
       3             : 
       4             :    The module that handles the Schema checkings and dynamic attributes
       5             :    
       6             :    Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
       7             :    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
       8             :     
       9             :    This program is free software; you can redistribute it and/or modify
      10             :    it under the terms of the GNU General Public License as published by
      11             :    the Free Software Foundation; either version 3 of the License, or
      12             :    (at your option) any later version.
      13             :    
      14             :    This program is distributed in the hope that it will be useful,
      15             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      16             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      17             :    GNU General Public License for more details.
      18             :    
      19             :    You should have received a copy of the GNU General Public License
      20             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      21             :    
      22             : */
      23             : 
      24             : #include "includes.h"
      25             : #include "ldb_module.h"
      26             : #include "dsdb/samdb/samdb.h"
      27             : #include "librpc/gen_ndr/ndr_misc.h"
      28             : #include "librpc/gen_ndr/ndr_drsuapi.h"
      29             : #include "librpc/gen_ndr/ndr_drsblobs.h"
      30             : #include "param/param.h"
      31             : #include "dsdb/samdb/ldb_modules/util.h"
      32             : 
      33             : #undef strcasecmp
      34             : 
      35             : static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
      36             :                                   const struct dsdb_schema *schema);
      37             : static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
      38             :                                    const struct dsdb_schema *schema);
      39             : static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
      40             :                                     const struct dsdb_schema *schema);
      41             : static int generate_extendedAttributeInfo(struct ldb_context *ldb, struct ldb_message *msg,
      42             :                                           const struct dsdb_schema *schema);
      43             : static int generate_extendedClassInfo(struct ldb_context *ldb, struct ldb_message *msg,
      44             :                                       const struct dsdb_schema *schema);
      45             : static int generate_possibleInferiors(struct ldb_context *ldb, struct ldb_message *msg,
      46             :                                       const struct dsdb_schema *schema);
      47             : 
      48             : static const struct {
      49             :         const char *attr;
      50             :         int (*fn)(struct ldb_context *, struct ldb_message *, const struct dsdb_schema *);
      51             :         bool aggregate;
      52             : } generated_attrs[] = {
      53             :         {
      54             :                 .attr = "objectClasses",
      55             :                 .fn = generate_objectClasses,
      56             :                 .aggregate = true,
      57             :         },
      58             :         {
      59             :                 .attr = "attributeTypes",
      60             :                 .fn = generate_attributeTypes,
      61             :                 .aggregate = true,
      62             :         },
      63             :         {
      64             :                 .attr = "dITContentRules",
      65             :                 .fn = generate_dITContentRules,
      66             :                 .aggregate = true,
      67             :         },
      68             :         {
      69             :                 .attr = "extendedAttributeInfo",
      70             :                 .fn = generate_extendedAttributeInfo,
      71             :                 .aggregate = true,
      72             :         },
      73             :         {
      74             :                 .attr = "extendedClassInfo",
      75             :                 .fn = generate_extendedClassInfo,
      76             :                 .aggregate = true,
      77             :         },
      78             :         {
      79             :                 .attr = "possibleInferiors",
      80             :                 .fn = generate_possibleInferiors,
      81             :                 .aggregate = false,
      82             :         }
      83             : };
      84             : 
      85             : struct schema_data_private_data {
      86             :         struct ldb_dn *aggregate_dn;
      87             :         struct ldb_dn *schema_dn;
      88             : };
      89             : 
      90             : struct schema_data_search_data {
      91             :         struct ldb_module *module;
      92             :         struct ldb_request *req;
      93             : 
      94             :         const struct dsdb_schema *schema;
      95             : };
      96             : 
      97      108012 : static int schema_data_init(struct ldb_module *module)
      98             : {
      99             :         struct ldb_context *ldb;
     100             :         struct ldb_dn *schema_dn;
     101             :         int ret;
     102             :         struct schema_data_private_data *data;
     103             : 
     104      108012 :         ret = ldb_next_init(module);
     105      108012 :         if (ret != LDB_SUCCESS) {
     106           0 :                 return ret;
     107             :         }
     108             : 
     109      108012 :         ldb = ldb_module_get_ctx(module);
     110      108012 :         schema_dn = ldb_get_schema_basedn(ldb);
     111      108012 :         if (!schema_dn) {
     112           0 :                 ldb_reset_err_string(ldb);
     113           0 :                 ldb_debug(ldb, LDB_DEBUG_WARNING,
     114             :                           "schema_data_init: no schema dn present: (skip schema loading)\n");
     115           0 :                 return LDB_SUCCESS;
     116             :         }
     117             : 
     118      108012 :         data = talloc(module, struct schema_data_private_data);
     119      108012 :         if (data == NULL) {
     120           0 :                 return ldb_oom(ldb);
     121             :         }
     122             : 
     123      108012 :         data->schema_dn = schema_dn;
     124             : 
     125             :         /* Used to check to see if this is a result on the CN=Aggregate schema */
     126      108012 :         data->aggregate_dn = samdb_aggregate_schema_dn(ldb, data);
     127      108012 :         if (!data->aggregate_dn) {
     128           0 :                 ldb_asprintf_errstring(ldb, "schema_data_init: Could not build aggregate schema DN for schema in %s", ldb_dn_get_linearized(schema_dn));
     129           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     130             :         }
     131             : 
     132      108012 :         ldb_module_set_private(module, data);
     133      108012 :         return LDB_SUCCESS;
     134             : }
     135             : 
     136      250029 : static int schema_data_add(struct ldb_module *module, struct ldb_request *req)
     137             : {
     138             :         struct ldb_context *ldb;
     139             :         struct dsdb_schema *schema;
     140      250029 :         const struct ldb_val *attributeID = NULL;
     141      250029 :         const struct ldb_val *governsID = NULL;
     142      250029 :         const char *oid_attr = NULL;
     143      250029 :         const char *oid = NULL;
     144      250029 :         struct ldb_dn *parent_dn = NULL;
     145             :         int cmp;
     146             :         WERROR status;
     147      250029 :         bool rodc = false;
     148             :         int ret;
     149             :         struct schema_data_private_data *mc;
     150      250029 :         mc = talloc_get_type(ldb_module_get_private(module), struct schema_data_private_data);
     151             : 
     152      250029 :         ldb = ldb_module_get_ctx(module);
     153             : 
     154             :         /* special objects should always go through */
     155      250029 :         if (ldb_dn_is_special(req->op.add.message->dn)) {
     156         806 :                 return ldb_next_request(module, req);
     157             :         }
     158             : 
     159             :         /* replicated update should always go through */
     160      249223 :         if (ldb_request_get_control(req, DSDB_CONTROL_REPLICATED_UPDATE_OID)) {
     161      121300 :                 return ldb_next_request(module, req);
     162             :         }
     163             : 
     164      127923 :         schema = dsdb_get_schema(ldb, req);
     165      127923 :         if (!schema) {
     166           0 :                 return ldb_next_request(module, req);
     167             :         }
     168             : 
     169      127923 :         ret = samdb_rodc(ldb, &rodc);
     170      127923 :         if (ret != LDB_SUCCESS) {
     171           0 :                 DEBUG(4, (__location__ ": unable to tell if we are an RODC \n"));
     172             :         }
     173             : 
     174      127923 :         if (!schema->fsmo.we_are_master && !rodc) {
     175           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     176             :                           "schema_data_add: we are not master: reject add request\n");
     177           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     178             :         }
     179             : 
     180      127923 :         if (!schema->fsmo.update_allowed && !rodc) {
     181           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     182             :                           "schema_data_add: updates are not allowed: reject add request\n");
     183           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     184             :         }
     185             : 
     186      127923 :         if (ldb_request_get_control(req, LDB_CONTROL_RELAX_OID)) {
     187             :                 /*
     188             :                  * the provision code needs to create
     189             :                  * the schema root object.
     190             :                  */
     191      127252 :                 cmp = ldb_dn_compare(req->op.add.message->dn, mc->schema_dn);
     192      127252 :                 if (cmp == 0) {
     193          76 :                         return ldb_next_request(module, req);
     194             :                 }
     195             :         }
     196             : 
     197      127847 :         parent_dn = ldb_dn_get_parent(req, req->op.add.message->dn);
     198      127847 :         if (!parent_dn) {
     199           0 :                 return ldb_oom(ldb);
     200             :         }
     201             : 
     202      127847 :         cmp = ldb_dn_compare(parent_dn, mc->schema_dn);
     203      127847 :         if (cmp != 0) {
     204           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     205             :                           "schema_data_add: no direct child :%s\n",
     206           0 :                           ldb_dn_get_linearized(req->op.add.message->dn));
     207           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     208             :         }
     209             : 
     210      127847 :         attributeID = ldb_msg_find_ldb_val(req->op.add.message, "attributeID");
     211      127847 :         governsID = ldb_msg_find_ldb_val(req->op.add.message, "governsID");
     212             : 
     213      127847 :         if (attributeID) {
     214      108059 :                 oid_attr = "attributeID";
     215      108059 :                 oid = talloc_strndup(req, (const char *)attributeID->data, attributeID->length);
     216       19788 :         } else if (governsID) {
     217       19712 :                 oid_attr = "governsID";
     218       19712 :                 oid = talloc_strndup(req, (const char *)governsID->data, governsID->length);
     219             :         } else {
     220          76 :                 return ldb_next_request(module, req);
     221             :         }
     222             : 
     223      127771 :         if (!oid) {
     224           0 :                 return ldb_oom(ldb);
     225             :         }
     226             : 
     227      127771 :         status = dsdb_schema_pfm_find_oid(schema->prefixmap, oid, NULL);
     228      127771 :         if (!W_ERROR_IS_OK(status)) {
     229             :                 /* check for internal errors */
     230         410 :                 if (!W_ERROR_EQUAL(status, WERR_NOT_FOUND)) {
     231           0 :                         ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     232             :                                       "schema_data_add: failed to map %s[%s]: %s\n",
     233             :                                       oid_attr, oid, win_errstr(status));
     234           0 :                         return LDB_ERR_UNWILLING_TO_PERFORM;
     235             :                 }
     236             : 
     237             :                 /* Update prefixMap and save it */
     238         410 :                 status = dsdb_create_prefix_mapping(ldb, schema, oid);
     239         410 :                 if (!W_ERROR_IS_OK(status)) {
     240           0 :                         ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     241             :                                   "schema_data_add: failed to create prefix mapping for %s[%s]: %s\n",
     242             :                                   oid_attr, oid, win_errstr(status));
     243           0 :                         return LDB_ERR_UNWILLING_TO_PERFORM;
     244             :                 }
     245             :         }
     246             : 
     247      127771 :         return ldb_next_request(module, req);
     248             : }
     249             : 
     250      184125 : static int schema_data_modify(struct ldb_module *module, struct ldb_request *req)
     251             : {
     252             :         struct ldb_context *ldb;
     253             :         struct dsdb_schema *schema;
     254             :         int cmp;
     255      184125 :         bool rodc = false;
     256             :         int ret;
     257             :         struct ldb_control *sd_propagation_control;
     258             :         struct schema_data_private_data *mc;
     259      184125 :         mc = talloc_get_type(ldb_module_get_private(module), struct schema_data_private_data);
     260             : 
     261      184125 :         ldb = ldb_module_get_ctx(module);
     262             : 
     263             :         /* special objects should always go through */
     264      184125 :         if (ldb_dn_is_special(req->op.mod.message->dn)) {
     265        1670 :                 return ldb_next_request(module, req);
     266             :         }
     267             : 
     268             :         /* replicated update should always go through */
     269      182455 :         if (ldb_request_get_control(req, DSDB_CONTROL_REPLICATED_UPDATE_OID)) {
     270         274 :                 return ldb_next_request(module, req);
     271             :         }
     272             : 
     273             :         /* dbcheck should be able to fix things */
     274      182181 :         if (ldb_request_get_control(req, DSDB_CONTROL_DBCHECK)) {
     275       42891 :                 return ldb_next_request(module, req);
     276             :         }
     277             : 
     278      139290 :         sd_propagation_control = ldb_request_get_control(req,
     279             :                                         DSDB_CONTROL_SEC_DESC_PROPAGATION_OID);
     280      139290 :         if (sd_propagation_control != NULL) {
     281      113323 :                 if (req->op.mod.message->num_elements != 1) {
     282           0 :                         return ldb_module_operr(module);
     283             :                 }
     284      113323 :                 ret = strcmp(req->op.mod.message->elements[0].name,
     285             :                              "nTSecurityDescriptor");
     286      113323 :                 if (ret != 0) {
     287           0 :                         return ldb_module_operr(module);
     288             :                 }
     289             : 
     290      113323 :                 return ldb_next_request(module, req);
     291             :         }
     292             : 
     293       25967 :         schema = dsdb_get_schema(ldb, req);
     294       25967 :         if (!schema) {
     295           0 :                 return ldb_next_request(module, req);
     296             :         }
     297             : 
     298       25967 :         cmp = ldb_dn_compare(req->op.mod.message->dn, mc->schema_dn);
     299       25967 :         if (cmp == 0) {
     300             :                 static const char * const constrained_attrs[] = {
     301             :                         "schemaInfo",
     302             :                         "prefixMap",
     303             :                         "msDs-Schema-Extensions",
     304             :                         "msDS-IntId",
     305             :                         NULL
     306             :                 };
     307             :                 size_t i;
     308             :                 struct ldb_message_element *el;
     309             : 
     310        5505 :                 if (ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID)) {
     311        2097 :                         return ldb_next_request(module, req);
     312             :                 }
     313             : 
     314       31990 :                 for (i=0; constrained_attrs[i]; i++) {
     315       13632 :                         el = ldb_msg_find_element(req->op.mod.message,
     316        1672 :                                                   constrained_attrs[i]);
     317       13632 :                         if (el == NULL) {
     318       13632 :                                 continue;
     319             :                         }
     320             : 
     321           0 :                         ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     322             :                                       "schema_data_modify: reject update "
     323             :                                       "of attribute[%s]\n",
     324           0 :                                       constrained_attrs[i]);
     325           0 :                         return LDB_ERR_CONSTRAINT_VIOLATION;
     326             :                 }
     327             : 
     328        3408 :                 return ldb_next_request(module, req);
     329             :         }
     330             : 
     331       20462 :         ret = samdb_rodc(ldb, &rodc);
     332       20462 :         if (ret != LDB_SUCCESS) {
     333           0 :                 DEBUG(4, (__location__ ": unable to tell if we are an RODC \n"));
     334             :         }
     335             : 
     336       20462 :         if (!schema->fsmo.we_are_master && !rodc) {
     337           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     338             :                           "schema_data_modify: we are not master: reject modify request\n");
     339           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     340             :         }
     341             : 
     342       20462 :         if (!schema->fsmo.update_allowed && !rodc) {
     343           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     344             :                           "schema_data_modify: updates are not allowed: reject modify request\n");
     345           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     346             :         }
     347             : 
     348       20462 :         return ldb_next_request(module, req);
     349             : }
     350             : 
     351           0 : static int schema_data_del(struct ldb_module *module, struct ldb_request *req)
     352             : {
     353             :         struct ldb_context *ldb;
     354             :         struct dsdb_schema *schema;
     355           0 :         bool rodc = false;
     356             :         int ret;
     357             : 
     358           0 :         ldb = ldb_module_get_ctx(module);
     359             : 
     360             :         /* special objects should always go through */
     361           0 :         if (ldb_dn_is_special(req->op.del.dn)) {
     362           0 :                 return ldb_next_request(module, req);
     363             :         }
     364             : 
     365             :         /* replicated update should always go through */
     366           0 :         if (ldb_request_get_control(req, DSDB_CONTROL_REPLICATED_UPDATE_OID)) {
     367           0 :                 return ldb_next_request(module, req);
     368             :         }
     369             : 
     370             :         /* dbcheck should be able to fix things */
     371           0 :         if (ldb_request_get_control(req, DSDB_CONTROL_DBCHECK)) {
     372           0 :                 return ldb_next_request(module, req);
     373             :         }
     374             : 
     375           0 :         schema = dsdb_get_schema(ldb, req);
     376           0 :         if (!schema) {
     377           0 :                 return ldb_next_request(module, req);
     378             :         }
     379             : 
     380           0 :         ret = samdb_rodc(ldb, &rodc);
     381           0 :         if (ret != LDB_SUCCESS) {
     382           0 :                 DEBUG(4, (__location__ ": unable to tell if we are an RODC \n"));
     383             :         }
     384             : 
     385           0 :         if (!schema->fsmo.we_are_master && !rodc) {
     386           0 :                 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     387             :                           "schema_data_modify: we are not master: reject request\n");
     388           0 :                 return LDB_ERR_UNWILLING_TO_PERFORM;
     389             :         }
     390             : 
     391             :         /*
     392             :          * normaly the DACL will prevent delete
     393             :          * with LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS
     394             :          * above us.
     395             :          */
     396           0 :         ldb_debug_set(ldb, LDB_DEBUG_ERROR,
     397             :                       "schema_data_del: delete is not allowed in the schema\n");
     398           0 :         return LDB_ERR_UNWILLING_TO_PERFORM;
     399             : }
     400             : 
     401           9 : static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
     402             :                                   const struct dsdb_schema *schema) 
     403             : {
     404             :         const struct dsdb_class *sclass;
     405             :         int ret;
     406             : 
     407        2165 :         for (sclass = schema->classes; sclass; sclass = sclass->next) {
     408        2156 :                 char *v = schema_class_to_description(msg, sclass);
     409        2156 :                 if (v == NULL) {
     410           0 :                         return ldb_oom(ldb);
     411             :                 }
     412        2156 :                 ret = ldb_msg_add_steal_string(msg, "objectClasses", v);
     413        2156 :                 if (ret != LDB_SUCCESS) {
     414           0 :                         return ret;
     415             :                 }
     416             :         }
     417           9 :         return LDB_SUCCESS;
     418             : }
     419           9 : static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
     420             :                                   const struct dsdb_schema *schema) 
     421             : {
     422             :         const struct dsdb_attribute *attribute;
     423             :         int ret;
     424             : 
     425       12152 :         for (attribute = schema->attributes; attribute; attribute = attribute->next) {
     426       12143 :                 char *v = schema_attribute_to_description(msg, attribute);
     427       12143 :                 if (v == NULL) {
     428           0 :                         return ldb_oom(ldb);
     429             :                 }
     430       12143 :                 ret = ldb_msg_add_steal_string(msg, "attributeTypes", v);
     431       12143 :                 if (ret != LDB_SUCCESS) {
     432           0 :                         return ret;
     433             :                 }
     434             :         }
     435           9 :         return LDB_SUCCESS;
     436             : }
     437             : 
     438           9 : static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
     439             :                                     const struct dsdb_schema *schema) 
     440             : {
     441             :         const struct dsdb_class *sclass;
     442             :         int ret;
     443             : 
     444        2165 :         for (sclass = schema->classes; sclass; sclass = sclass->next) {
     445        2156 :                 if (sclass->auxiliaryClass || sclass->systemAuxiliaryClass) {
     446          81 :                         char *ditcontentrule = schema_class_to_dITContentRule(msg, sclass, schema);
     447          81 :                         if (!ditcontentrule) {
     448           0 :                                 return ldb_oom(ldb);
     449             :                         }
     450          81 :                         ret = ldb_msg_add_steal_string(msg, "dITContentRules", ditcontentrule);
     451          81 :                         if (ret != LDB_SUCCESS) {
     452           0 :                                 return ret;
     453             :                         }
     454             :                 }
     455             :         }
     456           9 :         return LDB_SUCCESS;
     457             : }
     458             : 
     459           0 : static int generate_extendedAttributeInfo(struct ldb_context *ldb,
     460             :                                           struct ldb_message *msg,
     461             :                                           const struct dsdb_schema *schema)
     462             : {
     463             :         const struct dsdb_attribute *attribute;
     464             :         int ret;
     465             : 
     466           0 :         for (attribute = schema->attributes; attribute; attribute = attribute->next) {
     467           0 :                 char *val = schema_attribute_to_extendedInfo(msg, attribute);
     468           0 :                 if (!val) {
     469           0 :                         return ldb_oom(ldb);
     470             :                 }
     471             : 
     472           0 :                 ret = ldb_msg_add_steal_string(msg, "extendedAttributeInfo", val);
     473           0 :                 if (ret != LDB_SUCCESS) {
     474           0 :                         return ret;
     475             :                 }
     476             :         }
     477             : 
     478           0 :         return LDB_SUCCESS;
     479             : }
     480             : 
     481           0 : static int generate_extendedClassInfo(struct ldb_context *ldb,
     482             :                                       struct ldb_message *msg,
     483             :                                       const struct dsdb_schema *schema)
     484             : {
     485             :         const struct dsdb_class *sclass;
     486             :         int ret;
     487             : 
     488           0 :         for (sclass = schema->classes; sclass; sclass = sclass->next) {
     489           0 :                 char *val = schema_class_to_extendedInfo(msg, sclass);
     490           0 :                 if (!val) {
     491           0 :                         return ldb_oom(ldb);
     492             :                 }
     493             : 
     494           0 :                 ret = ldb_msg_add_steal_string(msg, "extendedClassInfo", val);
     495           0 :                 if (ret != LDB_SUCCESS) {
     496           0 :                         return ret;
     497             :                 }
     498             :         }
     499             : 
     500           0 :         return LDB_SUCCESS;
     501             : }
     502             : 
     503             : 
     504        2210 : static int generate_possibleInferiors(struct ldb_context *ldb, struct ldb_message *msg,
     505             :                                       const struct dsdb_schema *schema) 
     506             : {
     507        2210 :         struct ldb_dn *dn = msg->dn;
     508             :         unsigned int i;
     509             :         int ret;
     510        2210 :         const char *first_component_name = ldb_dn_get_component_name(dn, 0);
     511             :         const struct ldb_val *first_component_val;
     512             :         const struct dsdb_class *schema_class;
     513             :         const char **possibleInferiors;
     514             : 
     515        2210 :         if (strcasecmp(first_component_name, "cn") != 0) {
     516           0 :                 return LDB_SUCCESS;
     517             :         }
     518             : 
     519        2210 :         first_component_val = ldb_dn_get_component_val(dn, 0);
     520             : 
     521        2210 :         schema_class = dsdb_class_by_cn_ldb_val(schema, first_component_val);
     522        2210 :         if (schema_class == NULL) {
     523           0 :                 return LDB_SUCCESS;
     524             :         }
     525             :         
     526        2210 :         possibleInferiors = schema_class->possibleInferiors;
     527        2210 :         if (possibleInferiors == NULL) {
     528        1359 :                 return LDB_SUCCESS;
     529             :         }
     530             : 
     531       13351 :         for (i=0;possibleInferiors[i];i++) {
     532       12500 :                 char *v = talloc_strdup(msg, possibleInferiors[i]);
     533       12500 :                 if (v == NULL) {
     534           0 :                         return ldb_oom(ldb);
     535             :                 }
     536       12500 :                 ret = ldb_msg_add_steal_string(msg, "possibleInferiors", v);
     537       12500 :                 if (ret != LDB_SUCCESS) {
     538           0 :                         return ret;
     539             :                 }
     540             :         }
     541             : 
     542         851 :         return LDB_SUCCESS;
     543             : }
     544             : 
     545             : 
     546             : /* Add objectClasses, attributeTypes and dITContentRules from the
     547             :    schema object (they are not stored in the database)
     548             :  */
     549        4438 : static int schema_data_search_callback(struct ldb_request *req, struct ldb_reply *ares)
     550             : {
     551             :         struct ldb_context *ldb;
     552             :         struct schema_data_search_data *ac;
     553             :         struct schema_data_private_data *mc;
     554             :         unsigned int i;
     555             :         int ret;
     556             : 
     557        4438 :         ac = talloc_get_type(req->context, struct schema_data_search_data);
     558        4438 :         mc = talloc_get_type(ldb_module_get_private(ac->module), struct schema_data_private_data);
     559        4438 :         ldb = ldb_module_get_ctx(ac->module);
     560             : 
     561        4438 :         if (!ares) {
     562           0 :                 return ldb_module_done(ac->req, NULL, NULL,
     563             :                                         LDB_ERR_OPERATIONS_ERROR);
     564             :         }
     565        4438 :         if (ares->error != LDB_SUCCESS) {
     566           0 :                 return ldb_module_done(ac->req, ares->controls,
     567             :                                         ares->response, ares->error);
     568             :         }
     569             :         /* Only entries are interesting, and we handle the case of the parent seperatly */
     570             : 
     571        4438 :         switch (ares->type) {
     572        2219 :         case LDB_REPLY_ENTRY:
     573             : 
     574        2219 :                 if (ldb_dn_compare(ares->message->dn, mc->aggregate_dn) == 0) {
     575          63 :                         for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
     576          99 :                                 if (generated_attrs[i].aggregate &&
     577          45 :                                     ldb_attr_in_list(ac->req->op.search.attrs, generated_attrs[i].attr)) {
     578          27 :                                         ret = generated_attrs[i].fn(ldb, ares->message, ac->schema);
     579          27 :                                         if (ret != LDB_SUCCESS) {
     580           0 :                                                 return ret;
     581             :                                         }
     582             :                                 }
     583             :                         }
     584        2210 :                 } else if ((ldb_dn_compare_base(mc->schema_dn, ares->message->dn) == 0)
     585        2210 :                            && (ldb_dn_compare(mc->schema_dn, ares->message->dn) != 0)) {
     586       15470 :                         for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
     587       15470 :                                 if (!generated_attrs[i].aggregate &&
     588        2210 :                                     ldb_attr_in_list(ac->req->op.search.attrs, generated_attrs[i].attr)) {
     589        2210 :                                         ret = generated_attrs[i].fn(ldb, ares->message, ac->schema);
     590        2210 :                                         if (ret != LDB_SUCCESS) {
     591           0 :                                                 return ret;
     592             :                                         }
     593             :                                 }
     594             :                         }
     595             :                 }
     596             : 
     597             : 
     598        2219 :                 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
     599             : 
     600           0 :         case LDB_REPLY_REFERRAL:
     601             : 
     602           0 :                 return ldb_module_send_referral(ac->req, ares->referral);
     603             : 
     604        2219 :         case LDB_REPLY_DONE:
     605             : 
     606        2219 :                 return ldb_module_done(ac->req, ares->controls,
     607             :                                         ares->response, ares->error);
     608             :         }
     609             : 
     610           0 :         return LDB_SUCCESS;
     611             : }
     612             : 
     613             : /* search */
     614    17924693 : static int schema_data_search(struct ldb_module *module, struct ldb_request *req)
     615             : {
     616    17924693 :         struct ldb_context *ldb = ldb_module_get_ctx(module);
     617             :         unsigned int i;
     618             :         int ret;
     619             :         struct schema_data_search_data *search_context;
     620             :         struct ldb_request *down_req;
     621             :         const struct dsdb_schema *schema;
     622    17924693 :         if (!ldb_module_get_private(module)) {
     623             :                 /* If there is no module data, there is little we can do */
     624           0 :                 return ldb_next_request(module, req);
     625             :         }
     626             : 
     627             :         /* The schema manipulation does not apply to special DNs */
     628    17924693 :         if (ldb_dn_is_special(req->op.search.base)) {
     629        8114 :                 return ldb_next_request(module, req);
     630             :         }
     631             : 
     632   125413789 :         for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
     633   107499429 :                 if (ldb_attr_in_list(req->op.search.attrs, generated_attrs[i].attr)) {
     634        2219 :                         break;
     635             :                 }
     636             :         }
     637    17916579 :         if (i == ARRAY_SIZE(generated_attrs)) {
     638             :                 /* No request for a generated attr found, nothing to
     639             :                  * see here, move along... */
     640    17914360 :                 return ldb_next_request(module, req);
     641             :         }
     642             : 
     643        2219 :         schema = dsdb_get_schema(ldb, NULL);
     644        2219 :         if (!schema || !ldb_module_get_private(module)) {
     645             :                 /* If there is no schema, there is little we can do */
     646           0 :                 return ldb_next_request(module, req);
     647             :         }
     648             : 
     649        2219 :         search_context = talloc(req, struct schema_data_search_data);
     650        2219 :         if (!search_context) {
     651           0 :                 return ldb_oom(ldb);
     652             :         }
     653             : 
     654        2219 :         search_context->module = module;
     655        2219 :         search_context->req = req;
     656        2219 :         search_context->schema = talloc_reference(search_context, schema);
     657        2219 :         if (!search_context->schema) {
     658           0 :                 return ldb_oom(ldb);
     659             :         }
     660             : 
     661        2219 :         ret = ldb_build_search_req_ex(&down_req, ldb, search_context,
     662             :                                         req->op.search.base,
     663             :                                         req->op.search.scope,
     664             :                                         req->op.search.tree,
     665             :                                         req->op.search.attrs,
     666             :                                         req->controls,
     667             :                                         search_context, schema_data_search_callback,
     668             :                                         req);
     669        2219 :         LDB_REQ_SET_LOCATION(down_req);
     670        2219 :         if (ret != LDB_SUCCESS) {
     671           0 :                 return ldb_operr(ldb);
     672             :         }
     673             : 
     674        2219 :         return ldb_next_request(module, down_req);
     675             : }
     676             : 
     677             : 
     678             : static const struct ldb_module_ops ldb_schema_data_module_ops = {
     679             :         .name           = "schema_data",
     680             :         .init_context   = schema_data_init,
     681             :         .add            = schema_data_add,
     682             :         .modify         = schema_data_modify,
     683             :         .del            = schema_data_del,
     684             :         .search         = schema_data_search
     685             : };
     686             : 
     687        4310 : int ldb_schema_data_module_init(const char *version)
     688             : {
     689        4310 :         LDB_MODULE_CHECK_VERSION(version);
     690        4310 :         return ldb_register_module(&ldb_schema_data_module_ops);
     691             : }

Generated by: LCOV version 1.13