root/source4/dsdb/samdb/ldb_modules/rootdse.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. do_attribute
  2. do_attribute_explicit
  3. rootdse_add_dynamic
  4. rootdse_init_context
  5. rootdse_callback
  6. rootdse_search
  7. rootdse_register_control
  8. rootdse_register_partition
  9. rootdse_request
  10. rootdse_init
  11. rootdse_modify

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    rootDSE ldb module
   5 
   6    Copyright (C) Andrew Tridgell 2005
   7    Copyright (C) Simo Sorce 2005-2008
   8    
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13    
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18    
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22 
  23 #include "includes.h"
  24 #include "ldb_private.h"
  25 #include "system/time.h"
  26 #include "dsdb/samdb/samdb.h"
  27 #include "version.h"
  28 
  29 struct private_data {
  30         int num_controls;
  31         char **controls;
  32         int num_partitions;
  33         struct ldb_dn **partitions;
  34 };
  35 
  36 /*
  37   return 1 if a specific attribute has been requested
  38 */
  39 static int do_attribute(const char * const *attrs, const char *name)
     /* [<][>][^][v][top][bottom][index][help] */
  40 {
  41         return attrs == NULL ||
  42                 ldb_attr_in_list(attrs, name) ||
  43                 ldb_attr_in_list(attrs, "*");
  44 }
  45 
  46 static int do_attribute_explicit(const char * const *attrs, const char *name)
     /* [<][>][^][v][top][bottom][index][help] */
  47 {
  48         return attrs != NULL && ldb_attr_in_list(attrs, name);
  49 }
  50 
  51 
  52 /*
  53   add dynamically generated attributes to rootDSE result
  54 */
  55 static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *msg, const char * const *attrs)
     /* [<][>][^][v][top][bottom][index][help] */
  56 {
  57         struct ldb_context *ldb;
  58         struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
  59         char **server_sasl;
  60         const struct dsdb_schema *schema;
  61 
  62         ldb = ldb_module_get_ctx(module);
  63         schema = dsdb_get_schema(ldb);
  64 
  65         msg->dn = ldb_dn_new(msg, ldb, NULL);
  66 
  67         /* don't return the distinduishedName, cn and name attributes */
  68         ldb_msg_remove_attr(msg, "distinguishedName");
  69         ldb_msg_remove_attr(msg, "cn");
  70         ldb_msg_remove_attr(msg, "name");
  71 
  72         if (do_attribute(attrs, "currentTime")) {
  73                 if (ldb_msg_add_steal_string(msg, "currentTime", 
  74                                              ldb_timestring(msg, time(NULL))) != 0) {
  75                         goto failed;
  76                 }
  77         }
  78 
  79         if (do_attribute(attrs, "supportedControl")) {
  80                 int i;
  81                 for (i = 0; i < priv->num_controls; i++) {
  82                         char *control = talloc_strdup(msg, priv->controls[i]);
  83                         if (!control) {
  84                                 goto failed;
  85                         }
  86                         if (ldb_msg_add_steal_string(msg, "supportedControl",
  87                                                      control) != 0) {
  88                                 goto failed;
  89                         }
  90                 }
  91         }
  92 
  93         if (do_attribute(attrs, "namingContexts")) {
  94                 int i;
  95                 for (i = 0; i < priv->num_partitions; i++) {
  96                         struct ldb_dn *dn = priv->partitions[i];
  97                         if (ldb_msg_add_steal_string(msg, "namingContexts",
  98                                                      ldb_dn_alloc_linearized(msg, dn)) != 0) {
  99                                 goto failed;
 100                         }
 101                 }
 102         }
 103 
 104         server_sasl = talloc_get_type(ldb_get_opaque(ldb, "supportedSASLMechanims"), 
 105                                        char *);
 106         if (server_sasl && do_attribute(attrs, "supportedSASLMechanisms")) {
 107                 int i;
 108                 for (i = 0; server_sasl && server_sasl[i]; i++) {
 109                         char *sasl_name = talloc_strdup(msg, server_sasl[i]);
 110                         if (!sasl_name) {
 111                                 goto failed;
 112                         }
 113                         if (ldb_msg_add_steal_string(msg, "supportedSASLMechanisms",
 114                                                      sasl_name) != 0) {
 115                                 goto failed;
 116                         }
 117                 }
 118         }
 119 
 120         if (do_attribute(attrs, "highestCommittedUSN")) {
 121                 uint64_t seq_num;
 122                 int ret = ldb_sequence_number(ldb, LDB_SEQ_HIGHEST_SEQ, &seq_num);
 123                 if (ret == LDB_SUCCESS) {
 124                         if (ldb_msg_add_fmt(msg, "highestCommittedUSN", 
 125                                             "%llu", (unsigned long long)seq_num) != 0) {
 126                                 goto failed;
 127                         }
 128                 }
 129         }
 130 
 131         if (schema && do_attribute_explicit(attrs, "dsSchemaAttrCount")) {
 132                 struct dsdb_attribute *cur;
 133                 uint32_t n = 0;
 134 
 135                 for (cur = schema->attributes; cur; cur = cur->next) {
 136                         n++;
 137                 }
 138 
 139                 if (ldb_msg_add_fmt(msg, "dsSchemaAttrCount", 
 140                                     "%u", n) != 0) {
 141                         goto failed;
 142                 }
 143         }
 144 
 145         if (schema && do_attribute_explicit(attrs, "dsSchemaClassCount")) {
 146                 struct dsdb_class *cur;
 147                 uint32_t n = 0;
 148 
 149                 for (cur = schema->classes; cur; cur = cur->next) {
 150                         n++;
 151                 }
 152 
 153                 if (ldb_msg_add_fmt(msg, "dsSchemaClassCount", 
 154                                     "%u", n) != 0) {
 155                         goto failed;
 156                 }
 157         }
 158 
 159         if (schema && do_attribute_explicit(attrs, "dsSchemaPrefixCount")) {
 160                 if (ldb_msg_add_fmt(msg, "dsSchemaPrefixCount", 
 161                                     "%u", schema->num_prefixes) != 0) {
 162                         goto failed;
 163                 }
 164         }
 165 
 166         if (do_attribute_explicit(attrs, "validFSMOs")) {
 167                 const struct dsdb_naming_fsmo *naming_fsmo;
 168                 const struct dsdb_pdc_fsmo *pdc_fsmo;
 169                 const char *dn_str;
 170 
 171                 if (schema && schema->fsmo.we_are_master) {
 172                         dn_str = ldb_dn_get_linearized(samdb_schema_dn(ldb));
 173                         if (dn_str && dn_str[0]) {
 174                                 if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) {
 175                                         goto failed;
 176                                 }
 177                         }
 178                 }
 179 
 180                 naming_fsmo = talloc_get_type(ldb_get_opaque(ldb, "dsdb_naming_fsmo"),
 181                                               struct dsdb_naming_fsmo);
 182                 if (naming_fsmo && naming_fsmo->we_are_master) {
 183                         dn_str = ldb_dn_get_linearized(samdb_partitions_dn(ldb, msg));
 184                         if (dn_str && dn_str[0]) {
 185                                 if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) {
 186                                         goto failed;
 187                                 }
 188                         }
 189                 }
 190 
 191                 pdc_fsmo = talloc_get_type(ldb_get_opaque(ldb, "dsdb_pdc_fsmo"),
 192                                            struct dsdb_pdc_fsmo);
 193                 if (pdc_fsmo && pdc_fsmo->we_are_master) {
 194                         dn_str = ldb_dn_get_linearized(samdb_base_dn(ldb));
 195                         if (dn_str && dn_str[0]) {
 196                                 if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) {
 197                                         goto failed;
 198                                 }
 199                         }
 200                 }
 201         }
 202 
 203         if (schema && do_attribute_explicit(attrs, "vendorVersion")) {
 204                 if (ldb_msg_add_fmt(msg, "vendorVersion", 
 205                                     "%s", SAMBA_VERSION_STRING) != 0) {
 206                         goto failed;
 207                 }
 208         }
 209 
 210         /* TODO: lots more dynamic attributes should be added here */
 211 
 212         return LDB_SUCCESS;
 213 
 214 failed:
 215         return LDB_ERR_OPERATIONS_ERROR;
 216 }
 217 
 218 /*
 219   handle search requests
 220 */
 221 
 222 struct rootdse_context {
 223         struct ldb_module *module;
 224         struct ldb_request *req;
 225 };
 226 
 227 static struct rootdse_context *rootdse_init_context(struct ldb_module *module,
     /* [<][>][^][v][top][bottom][index][help] */
 228                                                     struct ldb_request *req)
 229 {
 230         struct ldb_context *ldb;
 231         struct rootdse_context *ac;
 232 
 233         ldb = ldb_module_get_ctx(module);
 234 
 235         ac = talloc_zero(req, struct rootdse_context);
 236         if (ac == NULL) {
 237                 ldb_set_errstring(ldb, "Out of Memory");
 238                 return NULL;
 239         }
 240 
 241         ac->module = module;
 242         ac->req = req;
 243 
 244         return ac;
 245 }
 246 
 247 static int rootdse_callback(struct ldb_request *req, struct ldb_reply *ares)
     /* [<][>][^][v][top][bottom][index][help] */
 248 {
 249         struct rootdse_context *ac;
 250         int ret;
 251 
 252         ac = talloc_get_type(req->context, struct rootdse_context);
 253 
 254         if (!ares) {
 255                 return ldb_module_done(ac->req, NULL, NULL,
 256                                         LDB_ERR_OPERATIONS_ERROR);
 257         }
 258         if (ares->error != LDB_SUCCESS) {
 259                 return ldb_module_done(ac->req, ares->controls,
 260                                         ares->response, ares->error);
 261         }
 262 
 263         switch (ares->type) {
 264         case LDB_REPLY_ENTRY:
 265                 /*
 266                  * if the client explicit asks for the 'netlogon' attribute
 267                  * the reply_entry needs to be skipped
 268                  */
 269                 if (ac->req->op.search.attrs &&
 270                     ldb_attr_in_list(ac->req->op.search.attrs, "netlogon")) {
 271                         talloc_free(ares);
 272                         return LDB_SUCCESS;
 273                 }
 274 
 275                 /* for each record returned post-process to add any dynamic
 276                    attributes that have been asked for */
 277                 ret = rootdse_add_dynamic(ac->module, ares->message,
 278                                           ac->req->op.search.attrs);
 279                 if (ret != LDB_SUCCESS) {
 280                         talloc_free(ares);
 281                         return ldb_module_done(ac->req, NULL, NULL, ret);
 282                 }
 283 
 284                 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
 285 
 286         case LDB_REPLY_REFERRAL:
 287                 /* should we allow the backend to return referrals in this case
 288                  * ?? */
 289                 break;
 290 
 291         case LDB_REPLY_DONE:
 292                 return ldb_module_done(ac->req, ares->controls,
 293                                         ares->response, ares->error);
 294         }
 295 
 296         talloc_free(ares);
 297         return LDB_SUCCESS;
 298 }
 299 
 300 static int rootdse_search(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 301 {
 302         struct ldb_context *ldb;
 303         struct rootdse_context *ac;
 304         struct ldb_request *down_req;
 305         int ret;
 306 
 307         ldb = ldb_module_get_ctx(module);
 308 
 309         /* see if its for the rootDSE - only a base search on the "" DN qualifies */
 310         if (!(req->op.search.scope == LDB_SCOPE_BASE && ldb_dn_is_null(req->op.search.base))) {
 311                 /* Otherwise, pass down to the rest of the stack */
 312                 return ldb_next_request(module, req);
 313         }
 314 
 315         ac = rootdse_init_context(module, req);
 316         if (ac == NULL) {
 317                 return LDB_ERR_OPERATIONS_ERROR;
 318         }
 319 
 320         /* in our db we store the rootDSE with a DN of @ROOTDSE */
 321         ret = ldb_build_search_req(&down_req, ldb, ac,
 322                                         ldb_dn_new(ac, ldb, "@ROOTDSE"),
 323                                         LDB_SCOPE_BASE,
 324                                         NULL,
 325                                         req->op.search.attrs,
 326                                         NULL,/* for now skip the controls from the client */
 327                                         ac, rootdse_callback,
 328                                         req);
 329         if (ret != LDB_SUCCESS) {
 330                 return ret;
 331         }
 332 
 333         return ldb_next_request(module, down_req);
 334 }
 335 
 336 static int rootdse_register_control(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 337 {
 338         struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
 339         char **list;
 340 
 341         list = talloc_realloc(priv, priv->controls, char *, priv->num_controls + 1);
 342         if (!list) {
 343                 return LDB_ERR_OPERATIONS_ERROR;
 344         }
 345 
 346         list[priv->num_controls] = talloc_strdup(list, req->op.reg_control.oid);
 347         if (!list[priv->num_controls]) {
 348                 return LDB_ERR_OPERATIONS_ERROR;
 349         }
 350 
 351         priv->num_controls += 1;
 352         priv->controls = list;
 353 
 354         return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
 355 }
 356 
 357 static int rootdse_register_partition(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 358 {
 359         struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data);
 360         struct ldb_dn **list;
 361 
 362         list = talloc_realloc(priv, priv->partitions, struct ldb_dn *, priv->num_partitions + 1);
 363         if (!list) {
 364                 return LDB_ERR_OPERATIONS_ERROR;
 365         }
 366 
 367         list[priv->num_partitions] = ldb_dn_copy(list, req->op.reg_partition.dn);
 368         if (!list[priv->num_partitions]) {
 369                 return LDB_ERR_OPERATIONS_ERROR;
 370         }
 371 
 372         priv->num_partitions += 1;
 373         priv->partitions = list;
 374 
 375         return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
 376 }
 377 
 378 
 379 static int rootdse_request(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 380 {
 381         switch (req->operation) {
 382 
 383         case LDB_REQ_REGISTER_CONTROL:
 384                 return rootdse_register_control(module, req);
 385         case LDB_REQ_REGISTER_PARTITION:
 386                 return rootdse_register_partition(module, req);
 387 
 388         default:
 389                 break;
 390         }
 391         return ldb_next_request(module, req);
 392 }
 393 
 394 static int rootdse_init(struct ldb_module *module)
     /* [<][>][^][v][top][bottom][index][help] */
 395 {
 396         struct ldb_context *ldb;
 397         struct private_data *data;
 398 
 399         ldb = ldb_module_get_ctx(module);
 400 
 401         data = talloc(module, struct private_data);
 402         if (data == NULL) {
 403                 return -1;
 404         }
 405 
 406         data->num_controls = 0;
 407         data->controls = NULL;
 408         data->num_partitions = 0;
 409         data->partitions = NULL;
 410         ldb_module_set_private(module, data);
 411 
 412         ldb_set_default_dns(ldb);
 413 
 414         return ldb_next_init(module);
 415 }
 416 
 417 static int rootdse_modify(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 418 {
 419         struct ldb_context *ldb;
 420         struct ldb_result *ext_res;
 421         int ret;
 422         struct ldb_dn *schema_dn;
 423         struct ldb_message_element *schemaUpdateNowAttr;
 424         
 425         /*
 426                 If dn is not "" we should let it pass through
 427         */
 428         if (!ldb_dn_is_null(req->op.mod.message->dn)) {
 429                 return ldb_next_request(module, req);
 430         }
 431 
 432         ldb = ldb_module_get_ctx(module);
 433 
 434         /*
 435                 dn is empty so check for schemaUpdateNow attribute
 436                 "The type of modification and values specified in the LDAP modify operation do not matter." MSDN
 437         */
 438         schemaUpdateNowAttr = ldb_msg_find_element(req->op.mod.message, "schemaUpdateNow");
 439         if (!schemaUpdateNowAttr) {
 440                 return LDB_ERR_OPERATIONS_ERROR;
 441         }
 442 
 443         schema_dn = samdb_schema_dn(ldb);
 444         if (!schema_dn) {
 445                 ldb_reset_err_string(ldb);
 446                 ldb_debug(ldb, LDB_DEBUG_WARNING,
 447                           "rootdse_modify: no schema dn present: (skip ldb_extended call)\n");
 448                 return ldb_next_request(module, req);
 449         }
 450 
 451         ret = ldb_extended(ldb, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID, schema_dn, &ext_res);
 452         if (ret != LDB_SUCCESS) {
 453                 return LDB_ERR_OPERATIONS_ERROR;
 454         }
 455         
 456         talloc_free(ext_res);
 457         return ret;
 458 }
 459 
 460 _PUBLIC_ const struct ldb_module_ops ldb_rootdse_module_ops = {
 461         .name                   = "rootdse",
 462         .init_context   = rootdse_init,
 463         .search         = rootdse_search,
 464         .request                = rootdse_request,
 465         .modify         = rootdse_modify
 466 };

/* [<][>][^][v][top][bottom][index][help] */