diff options
author | Simo Sorce <idra@samba.org> | 2009-01-30 16:31:19 -0500 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2009-01-30 17:07:25 -0500 |
commit | d4aeed879b21db41643250a23b1009b543e6c99f (patch) | |
tree | 8b9d26d91beb4846f443c1298649487c0461bf62 /source4/dsdb | |
parent | 4519eae158e7821dcd2f818eea830cfcdd4a0105 (diff) | |
download | samba-d4aeed879b21db41643250a23b1009b543e6c99f.tar.gz samba-d4aeed879b21db41643250a23b1009b543e6c99f.tar.xz samba-d4aeed879b21db41643250a23b1009b543e6c99f.zip |
Fix all other modules to use ldb_module.h instead of ldb_private.h
The only 2 modules escaping the rule so far are rootdse and partitions
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/kludge_acl.c | 58 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/linked_attributes.c | 102 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/local_password.c | 105 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/naming_fsmo.c | 39 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/objectclass.c | 135 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 276 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/pdc_fsmo.c | 37 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/proxy.c | 60 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 155 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/rootdse.c | 62 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samba3sam.c | 15 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 176 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/schema_fsmo.c | 92 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/show_deleted.c | 16 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/simple_ldap_map.c | 27 | ||||
-rw-r--r-- | source4/dsdb/schema/schema_set.c | 4 |
16 files changed, 801 insertions, 558 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index bb95c7ee5a..1597f687a4 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -31,9 +31,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" +#include "ldb_module.h" #include "auth/auth.h" #include "libcli/security/security.h" #include "dsdb/samdb/samdb.h" @@ -52,15 +50,17 @@ struct kludge_private_data { static enum security_user_level what_is_user(struct ldb_module *module) { + struct ldb_context *ldb = ldb_module_get_ctx(module); struct auth_session_info *session_info - = (struct auth_session_info *)ldb_get_opaque(module->ldb, "sessionInfo"); + = (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo"); return security_session_user_level(session_info); } static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module) { + struct ldb_context *ldb = ldb_module_get_ctx(module); struct auth_session_info *session_info - = (struct auth_session_info *)ldb_get_opaque(module->ldb, "sessionInfo"); + = (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo"); if (!session_info) { return "UNKNOWN (NULL)"; } @@ -209,12 +209,14 @@ static int kludge_acl_childClasses(struct ldb_context *ldb, struct ldb_message * static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct kludge_acl_context *ac; struct kludge_private_data *data; int i, ret; ac = talloc_get_type(req->context, struct kludge_acl_context); - data = talloc_get_type(ac->module->private_data, struct kludge_private_data); + data = talloc_get_type(ldb_module_get_private(ac->module), struct kludge_private_data); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -228,7 +230,7 @@ static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) switch (ares->type) { case LDB_REPLY_ENTRY: if (ac->allowedAttributes) { - ret = kludge_acl_allowedAttributes(ac->module->ldb, + ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributes"); if (ret != LDB_SUCCESS) { @@ -236,7 +238,7 @@ static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) } } if (ac->allowedChildClasses) { - ret = kludge_acl_childClasses(ac->module->ldb, + ret = kludge_acl_childClasses(ldb, ares->message, "allowedChildClasses"); if (ret != LDB_SUCCESS) { @@ -249,14 +251,14 @@ static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) switch (ac->user_type) { case SECURITY_SYSTEM: if (ac->allowedAttributesEffective) { - ret = kludge_acl_allowedAttributes(ac->module->ldb, ares->message, + ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective"); if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); } } if (ac->allowedChildClassesEffective) { - ret = kludge_acl_childClasses(ac->module->ldb, ares->message, + ret = kludge_acl_childClasses(ldb, ares->message, "allowedChildClassesEffective"); if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); @@ -266,14 +268,14 @@ static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) case SECURITY_ADMINISTRATOR: if (ac->allowedAttributesEffective) { - ret = kludge_acl_allowedAttributes(ac->module->ldb, ares->message, + ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective"); if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); } } if (ac->allowedChildClassesEffective) { - ret = kludge_acl_childClasses(ac->module->ldb, ares->message, + ret = kludge_acl_childClasses(ldb, ares->message, "allowedChildClassesEffective"); if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); @@ -316,6 +318,7 @@ static int kludge_acl_callback(struct ldb_request *req, struct ldb_reply *ares) static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct kludge_acl_context *ac; struct ldb_request *down_req; struct kludge_private_data *data; @@ -324,13 +327,15 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) struct ldb_control *sd_control; struct ldb_control **sd_saved_controls; + ldb = ldb_module_get_ctx(module); + ac = talloc(req, struct kludge_acl_context); if (ac == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - data = talloc_get_type(module->private_data, struct kludge_private_data); + data = talloc_get_type(ldb_module_get_private(module), struct kludge_private_data); ac->module = module; ac->req = req; @@ -372,7 +377,7 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) } ret = ldb_build_search_req_ex(&down_req, - module->ldb, ac, + ldb, ac, req->op.search.base, req->op.search.scope, req->op.search.tree, @@ -402,13 +407,14 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) /* ANY change type */ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb = ldb_module_get_ctx(module); enum security_user_level user_type = what_is_user(module); switch (user_type) { case SECURITY_SYSTEM: case SECURITY_ADMINISTRATOR: return ldb_next_request(module, req); default: - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "kludge_acl_change: " "attempted database modify not permitted. " "User %s is not SYSTEM or an administrator", @@ -419,6 +425,7 @@ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req) static int kludge_acl_extended(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb = ldb_module_get_ctx(module); enum security_user_level user_type; /* allow everybody to read the sequence number */ @@ -434,7 +441,7 @@ static int kludge_acl_extended(struct ldb_module *module, struct ldb_request *re case SECURITY_ADMINISTRATOR: return ldb_next_request(module, req); default: - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "kludge_acl_change: " "attempted database modify not permitted. " "User %s is not SYSTEM or an administrator", @@ -445,6 +452,7 @@ static int kludge_acl_extended(struct ldb_module *module, struct ldb_request *re static int kludge_acl_init(struct ldb_module *module) { + struct ldb_context *ldb; int ret, i; TALLOC_CTX *mem_ctx = talloc_new(module); static const char *attrs[] = { "passwordAttribute", NULL }; @@ -454,22 +462,24 @@ static int kludge_acl_init(struct ldb_module *module) struct kludge_private_data *data; + ldb = ldb_module_get_ctx(module); + data = talloc(module, struct kludge_private_data); if (data == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } data->password_attrs = NULL; - module->private_data = data; + ldb_module_set_private(module, data); if (!mem_ctx) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_search(module->ldb, mem_ctx, &res, - ldb_dn_new(mem_ctx, module->ldb, "@KLUDGEACL"), + ret = ldb_search(ldb, mem_ctx, &res, + ldb_dn_new(mem_ctx, ldb, "@KLUDGEACL"), LDB_SCOPE_BASE, attrs, NULL); if (ret != LDB_SUCCESS) { goto done; @@ -492,7 +502,7 @@ static int kludge_acl_init(struct ldb_module *module) data->password_attrs = talloc_array(data, const char *, password_attributes->num_values + 1); if (!data->password_attrs) { talloc_free(mem_ctx); - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } for (i=0; i < password_attributes->num_values; i++) { @@ -503,7 +513,7 @@ static int kludge_acl_init(struct ldb_module *module) ret = ldb_mod_register_control(module, LDB_CONTROL_SD_FLAGS_OID); if (ret != LDB_SUCCESS) { - ldb_debug(module->ldb, LDB_DEBUG_ERROR, + ldb_debug(ldb, LDB_DEBUG_ERROR, "partition: Unable to register control with rootdse!\n"); return LDB_ERR_OPERATIONS_ERROR; } diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index a3318ccabd..2365a58f78 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -29,10 +29,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" -#include "ldb/include/dlinklist.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" struct la_op_store { @@ -65,15 +62,18 @@ struct la_context { static struct la_context *linked_attributes_init(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct la_context *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct la_context); if (ac == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return NULL; } - ac->schema = dsdb_get_schema(module->ldb); + ac->schema = dsdb_get_schema(ldb); ac->module = module; ac->req = req; @@ -86,19 +86,22 @@ static int la_store_op(struct la_context *ac, enum la_op op, struct ldb_val *dn, const char *name) { + struct ldb_context *ldb; struct la_op_store *os; struct ldb_dn *op_dn; - op_dn = ldb_dn_from_ldb_val(ac, ac->module->ldb, dn); + ldb = ldb_module_get_ctx(ac->module); + + op_dn = ldb_dn_from_ldb_val(ac, ldb, dn); if (!op_dn) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "could not parse attribute as a DN"); return LDB_ERR_INVALID_DN_SYNTAX; } os = talloc_zero(ac, struct la_op_store); if (!os) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -108,7 +111,7 @@ static int la_store_op(struct la_context *ac, os->name = talloc_strdup(os, name); if (!os->name) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -136,12 +139,15 @@ static int la_down_req(struct la_context *ac); /* add */ static int linked_attributes_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; const struct dsdb_attribute *target_attr; struct la_context *ac; const char *attr_name; int ret; int i, j; + ldb = ldb_module_get_ctx(module); + if (ldb_dn_is_special(req->op.add.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -164,7 +170,7 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request * const struct dsdb_attribute *schema_attr = dsdb_attribute_by_lDAPDisplayName(ac->schema, el->name); if (!schema_attr) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s is not a valid attribute in schema", el->name); return LDB_ERR_OBJECT_CLASS_VIOLATION; } @@ -175,7 +181,7 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request * if ((schema_attr->linkID & 1) == 1) { /* Odd is for the target. Illigal to modify */ - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s must not be modified directly, it is a linked attribute", el->name); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -222,6 +228,7 @@ static int linked_attributes_add(struct ldb_module *module, struct ldb_request * static int la_mod_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; const struct dsdb_attribute *schema_attr; const struct dsdb_attribute *target_attr; struct ldb_message_element *search_el; @@ -232,6 +239,7 @@ static int la_mod_search_callback(struct ldb_request *req, struct ldb_reply *are int ret = LDB_SUCCESS; ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); rc = ac->rc; if (!ares) { @@ -248,7 +256,7 @@ static int la_mod_search_callback(struct ldb_request *req, struct ldb_reply *are case LDB_REPLY_ENTRY: if (ldb_dn_compare(ares->message->dn, ac->req->op.mod.message->dn) != 0) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "linked_attributes: %s is not the DN we were looking for", ldb_dn_get_linearized(ares->message->dn)); /* Guh? We only asked for this DN */ talloc_free(ares); @@ -263,7 +271,7 @@ static int la_mod_search_callback(struct ldb_request *req, struct ldb_reply *are schema_attr = dsdb_attribute_by_lDAPDisplayName(ac->schema, rc->el[i].name); if (!schema_attr) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s is not a valid attribute in schema", rc->el[i].name); talloc_free(ares); @@ -348,6 +356,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques /* Determine the effect of the modification */ /* Apply the modify to the linked entry */ + struct ldb_context *ldb; int i, j; struct la_context *ac; struct ldb_request *search_req; @@ -355,6 +364,8 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques int ret; + ldb = ldb_module_get_ctx(module); + if (ldb_dn_is_special(req->op.mod.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -372,7 +383,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques ac->rc = talloc_zero(ac, struct replace_context); if (!ac->rc) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -384,7 +395,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques const struct dsdb_attribute *schema_attr = dsdb_attribute_by_lDAPDisplayName(ac->schema, el->name); if (!schema_attr) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s is not a valid attribute in schema", el->name); return LDB_ERR_OBJECT_CLASS_VIOLATION; } @@ -395,7 +406,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques if ((schema_attr->linkID & 1) == 1) { /* Odd is for the target. Illegal to modify */ - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s must not be modified directly, it is a linked attribute", el->name); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -466,7 +477,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques struct ldb_message_element, ac->rc->num_elements +1); if (!search_el) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } ac->rc->el = search_el; @@ -482,7 +493,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques attrs = talloc_array(ac->rc, const char *, ac->rc->num_elements + 1); if (!attrs) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } for (i = 0; ac->rc && i < ac->rc->num_elements; i++) { @@ -491,7 +502,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques attrs[i] = NULL; /* The callback does all the hard work here */ - ret = ldb_build_search_req(&search_req, module->ldb, ac, + ret = ldb_build_search_req(&search_req, ldb, ac, req->op.mod.message->dn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, @@ -523,6 +534,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques /* delete, rename */ static int linked_attributes_del(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_request *search_req; struct la_context *ac; const char **attrs; @@ -538,6 +550,8 @@ static int linked_attributes_del(struct ldb_module *module, struct ldb_request * - Regain our sainity */ + ldb = ldb_module_get_ctx(module); + ac = linked_attributes_init(module, req); if (!ac) { return LDB_ERR_OPERATIONS_ERROR; @@ -553,7 +567,7 @@ static int linked_attributes_del(struct ldb_module *module, struct ldb_request * return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&search_req, module->ldb, req, + ret = ldb_build_search_req(&search_req, ldb, req, req->op.del.dn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, NULL, @@ -601,6 +615,7 @@ static int linked_attributes_rename(struct ldb_module *module, struct ldb_reques static int la_op_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct la_context *ac; const struct dsdb_attribute *schema_attr; const struct dsdb_attribute *target_attr; @@ -610,6 +625,7 @@ static int la_op_search_callback(struct ldb_request *req, int ret; ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -647,7 +663,7 @@ static int la_op_search_callback(struct ldb_request *req, break; default: talloc_free(ares); - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "operations must be delete or rename"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -658,7 +674,7 @@ static int la_op_search_callback(struct ldb_request *req, schema_attr = dsdb_attribute_by_lDAPDisplayName(ac->schema, el->name); if (!schema_attr) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "attribute %s is not a valid attribute" " in schema", el->name); talloc_free(ares); @@ -737,7 +753,7 @@ static int la_op_search_callback(struct ldb_request *req, default: talloc_free(ares); - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "operations must be delete or rename"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -764,7 +780,7 @@ static int la_do_mod_request(struct la_context *ac) ac->op_response, LDB_SUCCESS); } - ldb = ac->module->ldb; + ldb = ldb_module_get_ctx(ac->module); /* Create the modify request */ new_msg = ldb_msg_new(ac); @@ -797,7 +813,7 @@ static int la_do_mod_request(struct la_context *ac) } #if 0 - ldb_debug(ac->module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "link on %s %s: %s %s\n", ldb_dn_get_linearized(new_msg->dn), ret_el->name, ret_el->values[0].data, ac->ops->op == LA_OP_ADD ? "added" : "deleted"); @@ -822,9 +838,11 @@ static int la_do_mod_request(struct la_context *ac) static int la_mod_callback(struct ldb_request *req, struct ldb_reply *ares) { struct la_context *ac; + struct ldb_context *ldb; struct la_op_store *os; ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -836,7 +854,7 @@ static int la_mod_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "invalid ldb_reply_type in callback"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -860,7 +878,10 @@ static int la_mod_del_callback(struct ldb_request *req, struct ldb_reply *ares) { int ret; struct la_context *ac; + struct ldb_context *ldb; + ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -872,7 +893,7 @@ static int la_mod_del_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "invalid ldb_reply_type in callback"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -903,7 +924,10 @@ static int la_rename_callback(struct ldb_request *req, struct ldb_reply *ares) struct ldb_request *search_req; const char **attrs; WERROR werr; + struct ldb_context *ldb; + ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -915,7 +939,7 @@ static int la_rename_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "invalid ldb_reply_type in callback"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -927,7 +951,7 @@ static int la_rename_callback(struct ldb_request *req, struct ldb_reply *ares) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&search_req, ac->module->ldb, req, + ret = ldb_build_search_req(&search_req, ldb, req, ac->req->op.rename.newdn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, NULL, @@ -964,7 +988,10 @@ static int la_add_callback(struct ldb_request *req, struct ldb_reply *ares) { int ret; struct la_context *ac; + struct ldb_context *ldb; + ac = talloc_get_type(req->context, struct la_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -976,7 +1003,7 @@ static int la_add_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "invalid ldb_reply_type in callback"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -989,7 +1016,7 @@ static int la_add_callback(struct ldb_request *req, struct ldb_reply *ares) /* The callback does all the hard work here - we need * the objectGUID and SID of the added record */ - ret = ldb_build_search_req(&search_req, ac->module->ldb, ac, + ret = ldb_build_search_req(&search_req, ldb, ac, ac->req->op.add.message->dn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, @@ -1023,31 +1050,34 @@ static int la_down_req(struct la_context *ac) { struct ldb_request *down_req; int ret; + struct ldb_context *ldb; + + ldb = ldb_module_get_ctx(ac->module); switch (ac->req->operation) { case LDB_ADD: - ret = ldb_build_add_req(&down_req, ac->module->ldb, ac, + ret = ldb_build_add_req(&down_req, ldb, ac, ac->req->op.add.message, ac->req->controls, ac, la_add_callback, ac->req); break; case LDB_MODIFY: - ret = ldb_build_mod_req(&down_req, ac->module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, ac->req->op.mod.message, ac->req->controls, ac, la_mod_del_callback, ac->req); break; case LDB_DELETE: - ret = ldb_build_del_req(&down_req, ac->module->ldb, ac, + ret = ldb_build_del_req(&down_req, ldb, ac, ac->req->op.del.dn, ac->req->controls, ac, la_mod_del_callback, ac->req); break; case LDB_RENAME: - ret = ldb_build_rename_req(&down_req, ac->module->ldb, ac, + ret = ldb_build_rename_req(&down_req, ldb, ac, ac->req->op.rename.olddn, ac->req->op.rename.newdn, ac->req->controls, diff --git a/source4/dsdb/samdb/ldb_modules/local_password.c b/source4/dsdb/samdb/ldb_modules/local_password.c index 55d895791a..58c0f1f0d5 100644 --- a/source4/dsdb/samdb/ldb_modules/local_password.c +++ b/source4/dsdb/samdb/ldb_modules/local_password.c @@ -31,8 +31,7 @@ #include "includes.h" #include "libcli/ldap/ldap.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "librpc/ndr/libndr.h" #include "dsdb/samdb/ldb_modules/password_modules.h" @@ -89,11 +88,14 @@ struct lpdb_context { static struct lpdb_context *lpdb_init_context(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct lpdb_context *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct lpdb_context); if (ac == NULL) { - ldb_set_errstring(module->ldb, "Out of Memory"); + ldb_set_errstring(ldb, "Out of Memory"); return NULL; } @@ -105,9 +107,11 @@ static struct lpdb_context *lpdb_init_context(struct ldb_module *module, static int lpdb_local_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct lpdb_context *ac; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -119,7 +123,7 @@ static int lpdb_local_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, "Unexpected reply type"); + ldb_set_errstring(ldb, "Unexpected reply type"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -141,6 +145,7 @@ static int lpdb_add_callback(struct ldb_request *req, static int local_password_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_message *remote_message; struct ldb_request *remote_req; struct lpdb_context *ac; @@ -148,14 +153,15 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req int ret; int i; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "local_password_add\n"); + ldb = ldb_module_get_ctx(module); + ldb_debug(ldb, LDB_DEBUG_TRACE, "local_password_add\n"); if (ldb_dn_is_special(req->op.add.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.add.message->dn) == 0) { return ldb_next_request(module, req); } @@ -173,7 +179,7 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req /* TODO: remove this when userPassword will be in schema */ if (!ldb_msg_check_string_attribute(req->op.add.message, "objectClass", "person")) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "Cannot relocate a password on entry: %s, does not have objectClass 'person'", ldb_dn_get_linearized(req->op.add.message->dn)); return LDB_ERR_OBJECT_CLASS_VIOLATION; @@ -213,7 +219,7 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req * to add the password. This may be changed to an 'add and * search', to allow the directory to create the objectGUID */ if (ldb_msg_find_ldb_val(req->op.add.message, "objectGUID") == NULL) { - ldb_set_errstring(module->ldb, + ldb_set_errstring(ldb, "no objectGUID found in search: " "local_password module must be " "onfigured below objectGUID module!\n"); @@ -221,7 +227,7 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req } ac->local_message->dn = ldb_dn_new(ac->local_message, - module->ldb, LOCAL_BASE); + ldb, LOCAL_BASE); if ((ac->local_message->dn == NULL) || ( ! ldb_dn_add_child_fmt(ac->local_message->dn, PASSWORD_GUID_ATTR "=%s", @@ -230,7 +236,7 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_add_req(&remote_req, module->ldb, ac, + ret = ldb_build_add_req(&remote_req, ldb, ac, remote_message, req->controls, ac, lpdb_add_callback, @@ -247,11 +253,13 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req static int lpdb_add_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct ldb_request *local_req; struct lpdb_context *ac; int ret; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -263,7 +271,7 @@ static int lpdb_add_callback(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, "Unexpected reply type"); + ldb_set_errstring(ldb, "Unexpected reply type"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -271,7 +279,7 @@ static int lpdb_add_callback(struct ldb_request *req, ac->remote_done = talloc_steal(ac, ares); - ret = ldb_build_add_req(&local_req, ac->module->ldb, ac, + ret = ldb_build_add_req(&local_req, ldb, ac, ac->local_message, NULL, ac, lpdb_local_callback, @@ -298,20 +306,22 @@ static int lpdb_mod_search_callback(struct ldb_request *req, static int local_password_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct lpdb_context *ac; struct ldb_message *remote_message; struct ldb_request *remote_req; int ret; int i; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "local_password_modify\n"); + ldb = ldb_module_get_ctx(module); + ldb_debug(ldb, LDB_DEBUG_TRACE, "local_password_modify\n"); if (ldb_dn_is_special(req->op.mod.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.mod.message->dn) == 0) { return ldb_next_request(module, req); } @@ -354,7 +364,7 @@ static int local_password_modify(struct ldb_module *module, struct ldb_request * ldb_msg_remove_attr(ac->local_message, remote_message->elements[i].name); } - ret = ldb_build_mod_req(&remote_req, module->ldb, ac, + ret = ldb_build_mod_req(&remote_req, ldb, ac, remote_message, req->controls, ac, lpdb_modify_callabck, @@ -371,12 +381,14 @@ static int local_password_modify(struct ldb_module *module, struct ldb_request * static int lpdb_modify_callabck(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; static const char * const attrs[] = { "objectGUID", "objectClass", NULL }; struct ldb_request *search_req; struct lpdb_context *ac; int ret; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -388,7 +400,7 @@ static int lpdb_modify_callabck(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, "Unexpected reply type"); + ldb_set_errstring(ldb, "Unexpected reply type"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -397,7 +409,7 @@ static int lpdb_modify_callabck(struct ldb_request *req, ac->remote_done = talloc_steal(ac, ares); /* prepare the search operation */ - ret = ldb_build_search_req(&search_req, ac->module->ldb, ac, + ret = ldb_build_search_req(&search_req, ldb, ac, ac->req->op.mod.message->dn, LDB_SCOPE_BASE, "(objectclass=*)", attrs, NULL, @@ -421,6 +433,7 @@ static int lpdb_modify_callabck(struct ldb_request *req, static int lpdb_mod_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct ldb_request *local_req; struct lpdb_context *ac; struct ldb_dn *local_dn; @@ -428,6 +441,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, int ret = LDB_SUCCESS; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -441,7 +455,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, switch (ares->type) { case LDB_REPLY_ENTRY: if (ac->remote != NULL) { - ldb_set_errstring(ac->module->ldb, "Too many results"); + ldb_set_errstring(ldb, "Too many results"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -465,7 +479,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, /* if it is not an entry of type person this is an error */ /* TODO: remove this when sambaPassword will be in schema */ if (ac->remote == NULL) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "entry just modified (%s) not found!", ldb_dn_get_linearized(req->op.search.base)); return ldb_module_done(ac->req, NULL, NULL, @@ -482,7 +496,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, if (ldb_msg_find_ldb_val(ac->remote->message, "objectGUID") == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "no objectGUID found in search: " "local_password module must be " "configured below objectGUID " @@ -494,7 +508,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, objectGUID = samdb_result_guid(ac->remote->message, "objectGUID"); - local_dn = ldb_dn_new(ac, ac->module->ldb, LOCAL_BASE); + local_dn = ldb_dn_new(ac, ldb, LOCAL_BASE); if ((local_dn == NULL) || ( ! ldb_dn_add_child_fmt(local_dn, PASSWORD_GUID_ATTR "=%s", @@ -504,7 +518,7 @@ static int lpdb_mod_search_callback(struct ldb_request *req, } ac->local_message->dn = local_dn; - ret = ldb_build_mod_req(&local_req, ac->module->ldb, ac, + ret = ldb_build_mod_req(&local_req, ldb, ac, ac->local_message, NULL, ac, lpdb_local_callback, @@ -535,11 +549,13 @@ static int lpdb_del_search_callback(struct ldb_request *req, static int local_password_delete(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_request *remote_req; struct lpdb_context *ac; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "local_password_delete\n"); + ldb = ldb_module_get_ctx(module); + ldb_debug(ldb, LDB_DEBUG_TRACE, "local_password_delete\n"); /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.mod.message->dn)) { @@ -548,7 +564,7 @@ static int local_password_delete(struct ldb_module *module, /* If the caller is manipulating the local passwords directly, * let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.del.dn) == 0) { return ldb_next_request(module, req); } @@ -559,7 +575,7 @@ static int local_password_delete(struct ldb_module *module, return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_del_req(&remote_req, module->ldb, ac, + ret = ldb_build_del_req(&remote_req, ldb, ac, req->op.del.dn, req->controls, ac, lpdb_delete_callabck, @@ -576,12 +592,14 @@ static int local_password_delete(struct ldb_module *module, static int lpdb_delete_callabck(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; static const char * const attrs[] = { "objectGUID", "objectClass", NULL }; struct ldb_request *search_req; struct lpdb_context *ac; int ret; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -593,7 +611,7 @@ static int lpdb_delete_callabck(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, "Unexpected reply type"); + ldb_set_errstring(ldb, "Unexpected reply type"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -602,7 +620,7 @@ static int lpdb_delete_callabck(struct ldb_request *req, ac->remote_done = talloc_steal(ac, ares); /* prepare the search operation */ - ret = ldb_build_search_req(&search_req, ac->module->ldb, ac, + ret = ldb_build_search_req(&search_req, ldb, ac, ac->req->op.del.dn, LDB_SCOPE_BASE, "(objectclass=*)", attrs, NULL, @@ -626,6 +644,7 @@ static int lpdb_delete_callabck(struct ldb_request *req, static int lpdb_del_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct ldb_request *local_req; struct lpdb_context *ac; struct ldb_dn *local_dn; @@ -633,6 +652,7 @@ static int lpdb_del_search_callback(struct ldb_request *req, int ret = LDB_SUCCESS; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -646,7 +666,7 @@ static int lpdb_del_search_callback(struct ldb_request *req, switch (ares->type) { case LDB_REPLY_ENTRY: if (ac->remote != NULL) { - ldb_set_errstring(ac->module->ldb, "Too many results"); + ldb_set_errstring(ldb, "Too many results"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -686,7 +706,7 @@ static int lpdb_del_search_callback(struct ldb_request *req, if (ldb_msg_find_ldb_val(ac->remote->message, "objectGUID") == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "no objectGUID found in search: " "local_password module must be " "configured below objectGUID " @@ -698,7 +718,7 @@ static int lpdb_del_search_callback(struct ldb_request *req, objectGUID = samdb_result_guid(ac->remote->message, "objectGUID"); - local_dn = ldb_dn_new(ac, ac->module->ldb, LOCAL_BASE); + local_dn = ldb_dn_new(ac, ldb, LOCAL_BASE); if ((local_dn == NULL) || ( ! ldb_dn_add_child_fmt(local_dn, PASSWORD_GUID_ATTR "=%s", @@ -707,7 +727,7 @@ static int lpdb_del_search_callback(struct ldb_request *req, LDB_ERR_OPERATIONS_ERROR); } - ret = ldb_build_del_req(&local_req, ac->module->ldb, ac, + ret = ldb_build_del_req(&local_req, ldb, ac, local_dn, NULL, ac, lpdb_local_callback, @@ -736,10 +756,13 @@ static int lpdb_local_search_callback(struct ldb_request *req, static int lpdb_local_search(struct lpdb_context *ac) { + struct ldb_context *ldb; struct ldb_request *local_req; int ret; - ret = ldb_build_search_req(&local_req, ac->module->ldb, ac, + ldb = ldb_module_get_ctx(ac->module); + + ret = ldb_build_search_req(&local_req, ldb, ac, ac->current->local_dn, LDB_SCOPE_BASE, "(objectclass=*)", @@ -757,6 +780,7 @@ static int lpdb_local_search(struct lpdb_context *ac) static int lpdb_local_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct lpdb_context *ac; struct ldb_reply *merge; struct lpdb_reply *lr; @@ -764,6 +788,7 @@ static int lpdb_local_search_callback(struct ldb_request *req, int i; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -781,7 +806,7 @@ static int lpdb_local_search_callback(struct ldb_request *req, case LDB_REPLY_ENTRY: if (lr->remote == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Too many results for password entry search!"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -868,6 +893,7 @@ static int lpdb_local_search_callback(struct ldb_request *req, static int lpdb_remote_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct lpdb_context *ac; struct ldb_dn *local_dn; struct GUID objectGUID; @@ -875,6 +901,7 @@ static int lpdb_remote_search_callback(struct ldb_request *req, int ret; ac = talloc_get_type(req->context, struct lpdb_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -903,7 +930,7 @@ static int lpdb_remote_search_callback(struct ldb_request *req, } if (ldb_msg_find_ldb_val(ares->message, "objectGUID") == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "no objectGUID found in search: local_password module must be configured below objectGUID module!\n"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -919,7 +946,7 @@ static int lpdb_remote_search_callback(struct ldb_request *req, ldb_msg_remove_attr(ares->message, "objectClass"); } - local_dn = ldb_dn_new(ac, ac->module->ldb, LOCAL_BASE); + local_dn = ldb_dn_new(ac, ldb, LOCAL_BASE); if ((local_dn == NULL) || (! ldb_dn_add_child_fmt(local_dn, PASSWORD_GUID_ATTR "=%s", @@ -984,13 +1011,15 @@ static int lpdb_remote_search_callback(struct ldb_request *req, static int local_password_search(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_request *remote_req; struct lpdb_context *ac; int i; int ret; const char * const *search_attrs = NULL; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "local_password_search\n"); + ldb = ldb_module_get_ctx(module); + ldb_debug(ldb, LDB_DEBUG_TRACE, "local_password_search\n"); if (ldb_dn_is_special(req->op.search.base)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -999,7 +1028,7 @@ static int local_password_search(struct ldb_module *module, struct ldb_request * search_attrs = NULL; /* If the caller is searching for the local passwords directly, let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.search.base) == 0) { return ldb_next_request(module, req); } @@ -1044,7 +1073,7 @@ static int local_password_search(struct ldb_module *module, struct ldb_request * search_attrs = req->op.search.attrs; } - ret = ldb_build_search_req_ex(&remote_req, module->ldb, ac, + ret = ldb_build_search_req_ex(&remote_req, ldb, ac, req->op.search.base, req->op.search.scope, req->op.search.tree, diff --git a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c index d90c2547a6..607bf054d2 100644 --- a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c @@ -22,9 +22,7 @@ */ #include "includes.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "librpc/gen_ndr/ndr_misc.h" #include "librpc/gen_ndr/ndr_drsuapi.h" @@ -33,6 +31,7 @@ static int naming_fsmo_init(struct ldb_module *module) { + struct ldb_context *ldb; TALLOC_CTX *mem_ctx; struct ldb_dn *naming_dn; struct dsdb_naming_fsmo *naming_fsmo; @@ -43,15 +42,17 @@ static int naming_fsmo_init(struct ldb_module *module) NULL }; + ldb = ldb_module_get_ctx(module); + mem_ctx = talloc_new(module); if (!mem_ctx) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - naming_dn = samdb_partitions_dn(module->ldb, mem_ctx); + naming_dn = samdb_partitions_dn(ldb, mem_ctx); if (!naming_dn) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); @@ -59,55 +60,55 @@ static int naming_fsmo_init(struct ldb_module *module) naming_fsmo = talloc_zero(mem_ctx, struct dsdb_naming_fsmo); if (!naming_fsmo) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - module->private_data = naming_fsmo; + ldb_module_set_private(module, naming_fsmo); - ret = ldb_search(module->ldb, mem_ctx, &naming_res, + ret = ldb_search(ldb, mem_ctx, &naming_res, naming_dn, LDB_SCOPE_BASE, naming_attrs, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); } if (ret != LDB_SUCCESS) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "naming_fsmo_init: failed to search the cross-ref container: %s: %s", - ldb_strerror(ret), ldb_errstring(module->ldb)); + ldb_strerror(ret), ldb_errstring(ldb)); talloc_free(mem_ctx); return ret; } if (naming_res->count == 0) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "naming_fsmo_init: no cross-ref container present: (skip loading of naming contexts details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); } else if (naming_res->count > 1) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "naming_fsmo_init: [%u] cross-ref containers found on a base search", naming_res->count); talloc_free(mem_ctx); return LDB_ERR_CONSTRAINT_VIOLATION; } - naming_fsmo->master_dn = ldb_msg_find_attr_as_dn(module->ldb, naming_fsmo, naming_res->msgs[0], "fSMORoleOwner"); - if (ldb_dn_compare(samdb_ntds_settings_dn(module->ldb), naming_fsmo->master_dn) == 0) { + naming_fsmo->master_dn = ldb_msg_find_attr_as_dn(ldb, naming_fsmo, naming_res->msgs[0], "fSMORoleOwner"); + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), naming_fsmo->master_dn) == 0) { naming_fsmo->we_are_master = true; } else { naming_fsmo->we_are_master = false; } - if (ldb_set_opaque(module->ldb, "dsdb_naming_fsmo", naming_fsmo) != LDB_SUCCESS) { - ldb_oom(module->ldb); + if (ldb_set_opaque(ldb, "dsdb_naming_fsmo", naming_fsmo) != LDB_SUCCESS) { + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } talloc_steal(module, naming_fsmo); - ldb_debug(module->ldb, LDB_DEBUG_TRACE, + ldb_debug(ldb, LDB_DEBUG_TRACE, "naming_fsmo_init: we are master: %s\n", (naming_fsmo->we_are_master?"yes":"no")); diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index 1d240a33fe..0261bb32e9 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -34,11 +34,8 @@ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" -#include "../lib/util/dlinklist.h" #include "librpc/ndr/libndr.h" #include "librpc/gen_ndr/ndr_security.h" #include "libcli/security/security.h" @@ -63,11 +60,14 @@ struct class_list { static struct oc_context *oc_init_context(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct oc_context *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct oc_context); if (ac == NULL) { - ldb_set_errstring(module->ldb, "Out of Memory"); + ldb_set_errstring(ldb, "Out of Memory"); return NULL; } @@ -89,11 +89,14 @@ static int objectclass_sort(struct ldb_module *module, struct ldb_message_element *objectclass_element, struct class_list **sorted_out) { + struct ldb_context *ldb; int i; int layer; struct class_list *sorted = NULL, *parent_class = NULL, *subclass = NULL, *unsorted = NULL, *current, *poss_subclass, *poss_parent, *new_parent; + ldb = ldb_module_get_ctx(module); + /* DESIGN: * * We work on 4 different 'bins' (implemented here as linked lists): @@ -127,12 +130,12 @@ static int objectclass_sort(struct ldb_module *module, for (i=0; i < objectclass_element->num_values; i++) { current = talloc(mem_ctx, struct class_list); if (!current) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } current->objectclass = dsdb_class_by_lDAPDisplayName(schema, (const char *)objectclass_element->values[i].data); if (!current->objectclass) { - ldb_asprintf_errstring(module->ldb, "objectclass %s is not a valid objectClass in schema", (const char *)objectclass_element->values[i].data); + ldb_asprintf_errstring(ldb, "objectclass %s is not a valid objectClass in schema", (const char *)objectclass_element->values[i].data); return LDB_ERR_OBJECT_CLASS_VIOLATION; } @@ -222,19 +225,20 @@ static int objectclass_sort(struct ldb_module *module, * was no 'top', a conflict in the objectClasses or some other * schema error? */ - ldb_asprintf_errstring(module->ldb, "objectclass %s is not a valid objectClass in objectClass chain", unsorted->objectclass->lDAPDisplayName); + ldb_asprintf_errstring(ldb, "objectclass %s is not a valid objectClass in objectClass chain", unsorted->objectclass->lDAPDisplayName); return LDB_ERR_OBJECT_CLASS_VIOLATION; } static DATA_BLOB *get_sd(struct ldb_module *module, TALLOC_CTX *mem_ctx, const struct dsdb_class *objectclass) { + struct ldb_context *ldb = ldb_module_get_ctx(module); enum ndr_err_code ndr_err; DATA_BLOB *linear_sd; struct auth_session_info *session_info - = ldb_get_opaque(module->ldb, "sessionInfo"); + = ldb_get_opaque(ldb, "sessionInfo"); struct security_descriptor *sd; - const struct dom_sid *domain_sid = samdb_domain_sid(module->ldb); + const struct dom_sid *domain_sid = samdb_domain_sid(ldb); if (!objectclass->defaultSecurityDescriptor || !domain_sid) { return NULL; @@ -257,7 +261,7 @@ static DATA_BLOB *get_sd(struct ldb_module *module, TALLOC_CTX *mem_ctx, } ndr_err = ndr_push_struct_blob(linear_sd, mem_ctx, - lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), sd, (ndr_push_flags_fn_t)ndr_push_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -270,10 +274,12 @@ static DATA_BLOB *get_sd(struct ldb_module *module, TALLOC_CTX *mem_ctx, static int get_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct oc_context *ac; int ret; ac = talloc_get_type(req->context, struct oc_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -288,7 +294,7 @@ static int get_search_callback(struct ldb_request *req, struct ldb_reply *ares) switch (ares->type) { case LDB_REPLY_ENTRY: if (ac->search_res != NULL) { - ldb_set_errstring(ac->module->ldb, "Too many results"); + ldb_set_errstring(ldb, "Too many results"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -402,12 +408,15 @@ static int objectclass_do_add(struct oc_context *ac); static int objectclass_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_request *search_req; struct oc_context *ac; struct ldb_dn *parent_dn; int ret; - - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectclass_add\n"); + + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "objectclass_add\n"); /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.add.message->dn)) { @@ -433,11 +442,11 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req) /* get copy of parent DN */ parent_dn = ldb_dn_get_parent(ac, ac->req->op.add.message->dn); if (parent_dn == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&search_req, module->ldb, + ret = ldb_build_search_req(&search_req, ldb, ac, parent_dn, LDB_SCOPE_BASE, "(objectClass=*)", NULL, NULL, @@ -455,6 +464,7 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req) static int objectclass_do_add(struct oc_context *ac) { + struct ldb_context *ldb; const struct dsdb_schema *schema; struct ldb_request *add_req; char *value; @@ -464,7 +474,8 @@ static int objectclass_do_add(struct oc_context *ac) struct class_list *sorted, *current; int ret; - schema = dsdb_get_schema(ac->module->ldb); + ldb = ldb_module_get_ctx(ac->module); + schema = dsdb_get_schema(ldb); mem_ctx = talloc_new(ac); if (mem_ctx == NULL) { @@ -475,14 +486,14 @@ static int objectclass_do_add(struct oc_context *ac) /* Check we have a valid parent */ if (ac->search_res == NULL) { - if (ldb_dn_compare(ldb_get_root_basedn(ac->module->ldb), + if (ldb_dn_compare(ldb_get_root_basedn(ldb), msg->dn) == 0) { /* Allow the tree to be started */ /* but don't keep any error string, it's meaningless */ - ldb_set_errstring(ac->module->ldb, NULL); + ldb_set_errstring(ldb, NULL); } else { - ldb_asprintf_errstring(ac->module->ldb, "objectclass: Cannot add %s, parent does not exist!", + ldb_asprintf_errstring(ldb, "objectclass: Cannot add %s, parent does not exist!", ldb_dn_get_linearized(msg->dn)); talloc_free(mem_ctx); return LDB_ERR_UNWILLING_TO_PERFORM; @@ -496,7 +507,7 @@ static int objectclass_do_add(struct oc_context *ac) &msg->dn); if (ret != LDB_SUCCESS) { - ldb_asprintf_errstring(ac->module->ldb, "Could not munge DN %s into normal form", + ldb_asprintf_errstring(ldb, "Could not munge DN %s into normal form", ldb_dn_get_linearized(ac->req->op.add.message->dn)); talloc_free(mem_ctx); return ret; @@ -509,7 +520,7 @@ static int objectclass_do_add(struct oc_context *ac) } if (schema) { - ret = fix_attributes(ac->module->ldb, schema, msg); + ret = fix_attributes(ldb, schema, msg); if (ret != LDB_SUCCESS) { talloc_free(mem_ctx); return ret; @@ -544,13 +555,13 @@ static int objectclass_do_add(struct oc_context *ac) for (current = sorted; current; current = current->next) { value = talloc_strdup(msg, current->objectclass->lDAPDisplayName); if (value == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_msg_add_string(msg, "objectClass", value); if (ret != LDB_SUCCESS) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "objectclass: could not re-add sorted " "objectclass to modify msg"); talloc_free(mem_ctx); @@ -563,7 +574,7 @@ static int objectclass_do_add(struct oc_context *ac) if (!ldb_msg_find_element(msg, "objectCategory")) { value = talloc_strdup(msg, current->objectclass->defaultObjectCategory); if (value == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; } @@ -612,21 +623,21 @@ static int objectclass_do_add(struct oc_context *ac) /* TODO: If parent object is site or subnet, also add (SYSTEM_FLAG_CONFIG_ALLOW_RENAME) */ if (el || systemFlags != 0) { - samdb_msg_add_int(ac->module->ldb, msg, msg, "systemFlags", systemFlags); + samdb_msg_add_int(ldb, msg, msg, "systemFlags", systemFlags); } } } } talloc_free(mem_ctx); - ret = ldb_msg_sanity_check(ac->module->ldb, msg); + ret = ldb_msg_sanity_check(ldb, msg); if (ret != LDB_SUCCESS) { return ret; } - ret = ldb_build_add_req(&add_req, ac->module->ldb, ac, + ret = ldb_build_add_req(&add_req, ldb, ac, msg, ac->req->controls, ac, oc_op_callback, @@ -645,9 +656,10 @@ static int objectclass_do_mod(struct oc_context *ac); static int objectclass_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_message_element *objectclass_element; struct ldb_message *msg; - const struct dsdb_schema *schema = dsdb_get_schema(module->ldb); + const struct dsdb_schema *schema = dsdb_get_schema(ldb); struct class_list *sorted, *current; struct ldb_request *down_req; struct oc_context *ac; @@ -655,7 +667,7 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req char *value; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectclass_modify\n"); + ldb_debug(ldb, LDB_DEBUG_TRACE, "objectclass_modify\n"); /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.mod.message->dn)) { @@ -684,12 +696,12 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req return LDB_ERR_OPERATIONS_ERROR; } - ret = fix_attributes(module->ldb, schema, msg); + ret = fix_attributes(ldb, schema, msg); if (ret != LDB_SUCCESS) { return ret; } - ret = ldb_build_mod_req(&down_req, module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, msg, req->controls, ac, oc_op_callback, @@ -721,7 +733,7 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req return LDB_ERR_OPERATIONS_ERROR; } - ret = fix_attributes(module->ldb, schema, msg); + ret = fix_attributes(ldb, schema, msg); if (ret != LDB_SUCCESS) { talloc_free(mem_ctx); return ret; @@ -752,13 +764,13 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req value = talloc_strdup(msg, current->objectclass->lDAPDisplayName); if (value == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_msg_add_string(msg, "objectClass", value); if (ret != LDB_SUCCESS) { - ldb_set_errstring(module->ldb, + ldb_set_errstring(ldb, "objectclass: could not re-add sorted " "objectclass to modify msg"); talloc_free(mem_ctx); @@ -768,12 +780,12 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req talloc_free(mem_ctx); - ret = ldb_msg_sanity_check(module->ldb, msg); + ret = ldb_msg_sanity_check(ldb, msg); if (ret != LDB_SUCCESS) { return ret; } - ret = ldb_build_mod_req(&down_req, module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, msg, req->controls, ac, oc_op_callback, @@ -793,17 +805,17 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req msg = ldb_msg_copy_shallow(ac, req->op.mod.message); if (msg == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = fix_attributes(module->ldb, schema, msg); + ret = fix_attributes(ldb, schema, msg); if (ret != LDB_SUCCESS) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return ret; } - ret = ldb_build_mod_req(&down_req, module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, msg, req->controls, ac, oc_modify_callback, @@ -817,12 +829,14 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req static int oc_modify_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; static const char * const attrs[] = { "objectClass", NULL }; struct ldb_request *search_req; struct oc_context *ac; int ret; ac = talloc_get_type(req->context, struct oc_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -839,7 +853,7 @@ static int oc_modify_callback(struct ldb_request *req, struct ldb_reply *ares) LDB_ERR_OPERATIONS_ERROR); } - ret = ldb_build_search_req(&search_req, ac->module->ldb, ac, + ret = ldb_build_search_req(&search_req, ldb, ac, ac->req->op.mod.message->dn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, NULL, @@ -860,7 +874,7 @@ static int oc_modify_callback(struct ldb_request *req, struct ldb_reply *ares) static int objectclass_do_mod(struct oc_context *ac) { - + struct ldb_context *ldb; const struct dsdb_schema *schema; struct ldb_request *mod_req; char *value; @@ -870,10 +884,12 @@ static int objectclass_do_mod(struct oc_context *ac) struct class_list *sorted, *current; int ret; + ldb = ldb_module_get_ctx(ac->module); + if (ac->search_res == NULL) { return LDB_ERR_OPERATIONS_ERROR; } - schema = dsdb_get_schema(ac->module->ldb); + schema = dsdb_get_schema(ldb); mem_ctx = talloc_new(ac); if (mem_ctx == NULL) { @@ -883,7 +899,7 @@ static int objectclass_do_mod(struct oc_context *ac) /* use a new message structure */ msg = ldb_msg_new(ac); if (msg == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "objectclass: could not create new modify msg"); talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; @@ -912,7 +928,7 @@ static int objectclass_do_mod(struct oc_context *ac) ret = ldb_msg_add_empty(msg, "objectClass", LDB_FLAG_MOD_REPLACE, NULL); if (ret != LDB_SUCCESS) { - ldb_set_errstring(ac->module->ldb, "objectclass: could not clear objectclass in modify msg"); + ldb_set_errstring(ldb, "objectclass: could not clear objectclass in modify msg"); talloc_free(mem_ctx); return ret; } @@ -921,24 +937,24 @@ static int objectclass_do_mod(struct oc_context *ac) for (current = sorted; current; current = current->next) { value = talloc_strdup(msg, current->objectclass->lDAPDisplayName); if (value == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_msg_add_string(msg, "objectClass", value); if (ret != LDB_SUCCESS) { - ldb_set_errstring(ac->module->ldb, "objectclass: could not re-add sorted objectclass to modify msg"); + ldb_set_errstring(ldb, "objectclass: could not re-add sorted objectclass to modify msg"); talloc_free(mem_ctx); return ret; } } - ret = ldb_msg_sanity_check(ac->module->ldb, msg); + ret = ldb_msg_sanity_check(ldb, msg); if (ret != LDB_SUCCESS) { talloc_free(mem_ctx); return ret; } - ret = ldb_build_mod_req(&mod_req, ac->module->ldb, ac, + ret = ldb_build_mod_req(&mod_req, ldb, ac, msg, ac->req->controls, ac, oc_op_callback, @@ -958,13 +974,15 @@ static int objectclass_do_rename(struct oc_context *ac); static int objectclass_rename(struct ldb_module *module, struct ldb_request *req) { static const char * const attrs[] = { NULL }; - + struct ldb_context *ldb; struct ldb_request *search_req; struct oc_context *ac; struct ldb_dn *parent_dn; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "objectclass_rename\n"); + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "objectclass_rename\n"); if (ldb_dn_is_special(req->op.rename.newdn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); @@ -973,7 +991,7 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req /* Firstly ensure we are not trying to rename it to be a child of itself */ if ((ldb_dn_compare_base(req->op.rename.olddn, req->op.rename.newdn) == 0) && (ldb_dn_compare(req->op.rename.olddn, req->op.rename.newdn) != 0)) { - ldb_asprintf_errstring(module->ldb, "Cannot rename %s to be a child of itself", + ldb_asprintf_errstring(ldb, "Cannot rename %s to be a child of itself", ldb_dn_get_linearized(req->op.rename.olddn)); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -985,10 +1003,10 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req parent_dn = ldb_dn_get_parent(ac, req->op.rename.newdn); if (parent_dn == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&search_req, module->ldb, + ret = ldb_build_search_req(&search_req, ldb, ac, parent_dn, LDB_SCOPE_BASE, "(objectClass=*)", attrs, NULL, @@ -1005,13 +1023,16 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req static int objectclass_do_rename(struct oc_context *ac) { + struct ldb_context *ldb; struct ldb_request *rename_req; struct ldb_dn *fixed_dn; int ret; + ldb = ldb_module_get_ctx(ac->module); + /* Check we have a valid parent */ if (ac->search_res == NULL) { - ldb_asprintf_errstring(ac->module->ldb, "objectclass: Cannot rename %s, parent does not exist!", + ldb_asprintf_errstring(ldb, "objectclass: Cannot rename %s, parent does not exist!", ldb_dn_get_linearized(ac->req->op.rename.newdn)); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -1030,7 +1051,7 @@ static int objectclass_do_rename(struct oc_context *ac) * by reading the allowedChildClasses and * allowedChildClasssesEffective attributes */ - ret = ldb_build_rename_req(&rename_req, ac->module->ldb, ac, + ret = ldb_build_rename_req(&rename_req, ldb, ac, ac->req->op.rename.olddn, fixed_dn, ac->req->controls, ac, oc_op_callback, diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 1707baba58..2c07fa1be6 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -33,9 +33,7 @@ #include "includes.h" #include "libcli/ldap/ldap_ndr.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_private.h" +#include "ldb_module.h" #include "librpc/gen_ndr/misc.h" #include "librpc/gen_ndr/samr.h" #include "libcli/auth/libcli_auth.h" @@ -150,9 +148,11 @@ struct setup_password_fields_io { static int setup_nt_fields(struct setup_password_fields_io *io) { + struct ldb_context *ldb; uint32_t i; io->g.nt_hash = io->n.nt_hash; + ldb = ldb_module_get_ctx(io->ac->module); if (io->domain->pwdHistoryLength == 0) { return LDB_SUCCESS; @@ -163,7 +163,7 @@ static int setup_nt_fields(struct setup_password_fields_io *io) struct samr_Password, io->domain->pwdHistoryLength); if (!io->g.nt_history) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -190,9 +190,11 @@ static int setup_nt_fields(struct setup_password_fields_io *io) static int setup_lm_fields(struct setup_password_fields_io *io) { + struct ldb_context *ldb; uint32_t i; io->g.lm_hash = io->n.lm_hash; + ldb = ldb_module_get_ctx(io->ac->module); if (io->domain->pwdHistoryLength == 0) { return LDB_SUCCESS; @@ -203,7 +205,7 @@ static int setup_lm_fields(struct setup_password_fields_io *io) struct samr_Password, io->domain->pwdHistoryLength); if (!io->g.lm_history) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -223,12 +225,14 @@ static int setup_lm_fields(struct setup_password_fields_io *io) static int setup_kerberos_keys(struct setup_password_fields_io *io) { + struct ldb_context *ldb; krb5_error_code krb5_ret; Principal *salt_principal; krb5_salt salt; krb5_keyblock key; krb5_data cleartext_data; + ldb = ldb_module_get_ctx(io->ac->module); cleartext_data.data = io->n.cleartext_utf8->data; cleartext_data.length = io->n.cleartext_utf8->length; @@ -245,7 +249,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) name = talloc_strdup(io->ac, io->u.sAMAccountName); if (!name) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -255,7 +259,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) saltbody = talloc_asprintf(io->ac, "%s.%s", name, io->domain->dns_domain); if (!saltbody) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -269,7 +273,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) user_principal_name = talloc_strdup(io->ac, io->u.user_principal_name); if (!user_principal_name) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -289,7 +293,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) NULL); } if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of a salting principal failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -303,7 +307,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt_principal, &salt); krb5_free_principal(io->smb_krb5_context->krb5_context, salt_principal); if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of krb5_salt failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -315,7 +319,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt.saltvalue.length); krb5_free_salt(io->smb_krb5_context->krb5_context, salt); if (!io->g.salt) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } salt.saltvalue.data = discard_const(io->g.salt); @@ -331,7 +335,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt, &key); if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of a aes256-cts-hmac-sha1-96 key failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -342,7 +346,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.aes_256.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -356,7 +360,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt, &key); if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of a aes128-cts-hmac-sha1-96 key failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -367,7 +371,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.aes_128.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -381,7 +385,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt, &key); if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of a des-cbc-md5 key failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -392,7 +396,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.des_md5.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -406,7 +410,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt, &key); if (krb5_ret) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_kerberos_keys: " "generation of a des-cbc-crc key failed: %s", smb_get_krb5_error_message(io->smb_krb5_context->krb5_context, krb5_ret, io->ac)); @@ -417,7 +421,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.des_crc.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -428,6 +432,7 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, const struct supplementalCredentialsBlob *old_scb, struct package_PrimaryKerberosBlob *pkb) { + struct ldb_context *ldb; struct package_PrimaryKerberosCtr3 *pkb3 = &pkb->ctr.ctr3; struct supplementalCredentialsPackage *old_scp = NULL; struct package_PrimaryKerberosBlob _old_pkb; @@ -435,6 +440,8 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, uint32_t i; enum ndr_err_code ndr_err; + ldb = ldb_module_get_ctx(io->ac->module); + /* * prepare generation of keys * @@ -448,7 +455,7 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, struct package_PrimaryKerberosKey3, pkb3->num_keys); if (!pkb3->keys) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -484,16 +491,16 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, blob = strhex_to_data_blob(io->ac, old_scp->data); if (!blob.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } /* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */ - ndr_err = ndr_pull_struct_blob(&blob, io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), &_old_pkb, + ndr_err = ndr_pull_struct_blob(&blob, io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &_old_pkb, (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_primary_kerberos: " "failed to pull old package_PrimaryKerberosBlob: %s", nt_errstr(status)); @@ -501,7 +508,7 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, } if (_old_pkb.version != 3) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_primary_kerberos: " "package_PrimaryKerberosBlob version[%u] expected[3]", _old_pkb.version); @@ -527,6 +534,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, const struct supplementalCredentialsBlob *old_scb, struct package_PrimaryKerberosBlob *pkb) { + struct ldb_context *ldb; struct package_PrimaryKerberosCtr4 *pkb4 = &pkb->ctr.ctr4; struct supplementalCredentialsPackage *old_scp = NULL; struct package_PrimaryKerberosBlob _old_pkb; @@ -534,6 +542,8 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, uint32_t i; enum ndr_err_code ndr_err; + ldb = ldb_module_get_ctx(io->ac->module); + /* * prepare generation of keys * @@ -551,7 +561,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, struct package_PrimaryKerberosKey4, pkb4->num_keys); if (!pkb4->keys) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -597,18 +607,18 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, blob = strhex_to_data_blob(io->ac, old_scp->data); if (!blob.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } /* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */ ndr_err = ndr_pull_struct_blob(&blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &_old_pkb, (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_primary_kerberos_newer: " "failed to pull old package_PrimaryKerberosBlob: %s", nt_errstr(status)); @@ -616,7 +626,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, } if (_old_pkb.version != 4) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_primary_kerberos_newer: " "package_PrimaryKerberosBlob version[%u] expected[4]", _old_pkb.version); @@ -644,6 +654,7 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, const struct supplementalCredentialsBlob *old_scb, struct package_PrimaryWDigestBlob *pdb) { + struct ldb_context *ldb = ldb_module_get_ctx(io->ac->module); DATA_BLOB sAMAccountName; DATA_BLOB sAMAccountName_l; DATA_BLOB sAMAccountName_u; @@ -890,12 +901,12 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, sAMAccountName = data_blob_string_const(io->u.sAMAccountName); sAMAccountName_l = data_blob_string_const(strlower_talloc(io->ac, io->u.sAMAccountName)); if (!sAMAccountName_l.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } sAMAccountName_u = data_blob_string_const(strupper_talloc(io->ac, io->u.sAMAccountName)); if (!sAMAccountName_u.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -905,31 +916,31 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, io->u.sAMAccountName, io->domain->dns_domain); if (!user_principal_name) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } } userPrincipalName = data_blob_string_const(user_principal_name); userPrincipalName_l = data_blob_string_const(strlower_talloc(io->ac, user_principal_name)); if (!userPrincipalName_l.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } userPrincipalName_u = data_blob_string_const(strupper_talloc(io->ac, user_principal_name)); if (!userPrincipalName_u.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } netbios_domain = data_blob_string_const(io->domain->netbios_domain); netbios_domain_l = data_blob_string_const(strlower_talloc(io->ac, io->domain->netbios_domain)); if (!netbios_domain_l.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } netbios_domain_u = data_blob_string_const(strupper_talloc(io->ac, io->domain->netbios_domain)); if (!netbios_domain_u.data) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -945,7 +956,7 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, pdb->num_hashes = ARRAY_SIZE(wdigest); pdb->hashes = talloc_array(io->ac, struct package_PrimaryWDigestHash, pdb->num_hashes); if (!pdb->hashes) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -971,6 +982,7 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, static int setup_supplemental_field(struct setup_password_fields_io *io) { + struct ldb_context *ldb; struct supplementalCredentialsBlob scb; struct supplementalCredentialsBlob _old_scb; struct supplementalCredentialsBlob *old_scb = NULL; @@ -1017,6 +1029,8 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) ZERO_STRUCT(zero16); ZERO_STRUCT(names); + ldb = ldb_module_get_ctx(io->ac->module); + if (!io->n.cleartext_utf8) { /* * when we don't have a cleartext password @@ -1028,12 +1042,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) /* if there's an old supplementaCredentials blob then parse it */ if (io->o.supplemental) { ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &_old_scb, (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to pull old supplementalCredentialsBlob: %s", nt_errstr(status)); @@ -1043,7 +1057,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) if (_old_scb.sub.signature == SUPPLEMENTAL_CREDENTIALS_SIGNATURE) { old_scb = &_old_scb; } else { - ldb_debug(io->ac->module->ldb, LDB_DEBUG_ERROR, + ldb_debug(ldb, LDB_DEBUG_ERROR, "setup_supplemental_field: " "supplementalCredentialsBlob signature[0x%04X] expected[0x%04X]", _old_scb.sub.signature, SUPPLEMENTAL_CREDENTIALS_SIGNATURE); @@ -1051,7 +1065,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } /* TODO: do the correct check for this, it maybe depends on the functional level? */ - do_newer_keys = lp_parm_bool(ldb_get_opaque(io->ac->module->ldb, "loadparm"), + do_newer_keys = lp_parm_bool(ldb_get_opaque(ldb, "loadparm"), NULL, "password_hash", "create_aes_key", false); if (io->domain->store_cleartext && @@ -1110,12 +1124,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } ndr_err = ndr_push_struct_blob(&pknb_blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &pknb, (ndr_push_flags_fn_t)ndr_push_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push package_PrimaryKerberosNeverBlob: %s", nt_errstr(status)); @@ -1123,7 +1137,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pknb_hexstr = data_blob_hex_string(io->ac, &pknb_blob); if (!pknb_hexstr) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } pkn->name = "Primary:Kerberos-Newer-Keys"; @@ -1142,12 +1156,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } ndr_err = ndr_push_struct_blob(&pkb_blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &pkb, (ndr_push_flags_fn_t)ndr_push_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push package_PrimaryKerberosBlob: %s", nt_errstr(status)); @@ -1155,7 +1169,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pkb_hexstr = data_blob_hex_string(io->ac, &pkb_blob); if (!pkb_hexstr) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } pk->name = "Primary:Kerberos"; @@ -1173,12 +1187,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } ndr_err = ndr_push_struct_blob(&pdb_blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &pdb, (ndr_push_flags_fn_t)ndr_push_package_PrimaryWDigestBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push package_PrimaryWDigestBlob: %s", nt_errstr(status)); @@ -1186,7 +1200,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pdb_hexstr = data_blob_hex_string(io->ac, &pdb_blob); if (!pdb_hexstr) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } pd->name = "Primary:WDigest"; @@ -1202,12 +1216,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) pcb.cleartext = *io->n.cleartext_utf16; ndr_err = ndr_push_struct_blob(&pcb_blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &pcb, (ndr_push_flags_fn_t)ndr_push_package_PrimaryCLEARTEXTBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push package_PrimaryCLEARTEXTBlob: %s", nt_errstr(status)); @@ -1215,7 +1229,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pcb_hexstr = data_blob_hex_string(io->ac, &pcb_blob); if (!pcb_hexstr) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } pc->name = "Primary:CLEARTEXT"; @@ -1228,12 +1242,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) */ pb.names = names; ndr_err = ndr_push_struct_blob(&pb_blob, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &pb, (ndr_push_flags_fn_t)ndr_push_package_PackagesBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push package_PackagesBlob: %s", nt_errstr(status)); @@ -1241,7 +1255,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pb_hexstr = data_blob_hex_string(io->ac, &pb_blob); if (!pb_hexstr) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } pp->name = "Packages"; @@ -1256,12 +1270,12 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) scb.sub.packages = packages; ndr_err = ndr_push_struct_blob(&io->g.supplemental, io->ac, - lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &scb, (ndr_push_flags_fn_t)ndr_push_supplementalCredentialsBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_supplemental_field: " "failed to push supplementalCredentialsBlob: %s", nt_errstr(status)); @@ -1289,23 +1303,26 @@ static int setup_kvno_field(struct setup_password_fields_io *io) static int setup_password_fields(struct setup_password_fields_io *io) { + struct ldb_context *ldb; bool ok; int ret; ssize_t converted_pw_len; - + + ldb = ldb_module_get_ctx(io->ac->module); + /* * refuse the change if someone want to change the cleartext * and supply his own hashes at the same time... */ if ((io->n.cleartext_utf8 || io->n.cleartext_utf16) && (io->n.nt_hash || io->n.lm_hash)) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_password_fields: " "it's only allowed to set the cleartext password or the password hashes"); return LDB_ERR_UNWILLING_TO_PERFORM; } if (io->n.cleartext_utf8 && io->n.cleartext_utf16) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_password_fields: " "it's only allowed to set the cleartext password as userPassword or clearTextPasssword, not both at once"); return LDB_ERR_UNWILLING_TO_PERFORM; @@ -1316,14 +1333,14 @@ static int setup_password_fields(struct setup_password_fields_io *io) struct ldb_val *cleartext_utf16_blob; io->n.cleartext_utf16 = cleartext_utf16_blob = talloc(io->ac, struct ldb_val); if (!io->n.cleartext_utf16) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF8, CH_UTF16, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length, (void **)&cleartext_utf16_str); if (converted_pw_len == -1) { - ldb_asprintf_errstring(io->ac->module->ldb, + ldb_asprintf_errstring(ldb, "setup_password_fields: " "failed to generate UTF16 password from cleartext UTF8 password"); return LDB_ERR_OPERATIONS_ERROR; @@ -1334,10 +1351,10 @@ static int setup_password_fields(struct setup_password_fields_io *io) struct ldb_val *cleartext_utf8_blob; io->n.cleartext_utf8 = cleartext_utf8_blob = talloc(io->ac, struct ldb_val); if (!io->n.cleartext_utf8) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF16MUNGED, CH_UTF8, io->n.cleartext_utf16->data, io->n.cleartext_utf16->length, (void **)&cleartext_utf8_str); if (converted_pw_len == -1) { @@ -1351,7 +1368,7 @@ static int setup_password_fields(struct setup_password_fields_io *io) struct samr_Password *nt_hash; nt_hash = talloc(io->ac, struct samr_Password); if (!nt_hash) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } io->n.nt_hash = nt_hash; @@ -1363,13 +1380,13 @@ static int setup_password_fields(struct setup_password_fields_io *io) if (io->n.cleartext_utf8) { struct samr_Password *lm_hash; char *cleartext_unix; - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF8, CH_UNIX, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length, (void **)&cleartext_unix); if (converted_pw_len != -1) { lm_hash = talloc(io->ac, struct samr_Password); if (!lm_hash) { - ldb_oom(io->ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -1419,11 +1436,14 @@ static int setup_password_fields(struct setup_password_fields_io *io) static struct ph_context *ph_init_context(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ph_context *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct ph_context); if (ac == NULL) { - ldb_set_errstring(module->ldb, "Out of Memory"); + ldb_set_errstring(ldb, "Out of Memory"); return NULL; } @@ -1467,6 +1487,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac); static int get_domain_data_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct domain_data *data; struct ph_context *ac; int ret; @@ -1474,6 +1495,7 @@ static int get_domain_data_callback(struct ldb_request *req, char *p; ac = talloc_get_type(req->context, struct ph_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -1487,7 +1509,7 @@ static int get_domain_data_callback(struct ldb_request *req, switch (ares->type) { case LDB_REPLY_ENTRY: if (ac->domain != NULL) { - ldb_set_errstring(ac->module->ldb, "Too many results"); + ldb_set_errstring(ldb, "Too many results"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -1521,13 +1543,13 @@ static int get_domain_data_callback(struct ldb_request *req, data->dns_domain = strlower_talloc(data, tmp); if (data->dns_domain == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } data->realm = strupper_talloc(data, tmp); if (data->realm == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -1538,7 +1560,7 @@ static int get_domain_data_callback(struct ldb_request *req, } data->netbios_domain = strupper_talloc(data, tmp); if (data->netbios_domain == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -1581,19 +1603,22 @@ static int build_domain_data_request(struct ph_context *ac) /* attrs[] is returned from this function in ac->dom_req->op.search.attrs, so it must be static, as otherwise the compiler can put it on the stack */ + struct ldb_context *ldb; static const char * const attrs[] = { "pwdProperties", "pwdHistoryLength", NULL }; char *filter; + ldb = ldb_module_get_ctx(ac->module); + filter = talloc_asprintf(ac, "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))", ldap_encode_ndr_dom_sid(ac, ac->domain_sid)); if (filter == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - return ldb_build_search_req(&ac->dom_req, ac->module->ldb, ac, - ldb_get_default_basedn(ac->module->ldb), + return ldb_build_search_req(&ac->dom_req, ldb, ac, + ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, filter, attrs, NULL, @@ -1603,6 +1628,7 @@ static int build_domain_data_request(struct ph_context *ac) static int password_hash_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ph_context *ac; struct ldb_message_element *sambaAttr; struct ldb_message_element *clearTextPasswordAttr; @@ -1610,14 +1636,16 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) struct ldb_message_element *lmAttr; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_add\n"); + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_add\n"); if (ldb_dn_is_special(req->op.add.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.add.message->dn) == 0) { return ldb_next_request(module, req); } @@ -1648,46 +1676,46 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) /* if it is not an entry of type person its an error */ /* TODO: remove this when userPassword will be in schema */ if (!ldb_msg_check_string_attribute(req->op.add.message, "objectClass", "person")) { - ldb_set_errstring(module->ldb, "Cannot set a password on entry that does not have objectClass 'person'"); + ldb_set_errstring(ldb, "Cannot set a password on entry that does not have objectClass 'person'"); return LDB_ERR_OBJECT_CLASS_VIOLATION; } /* check userPassword is single valued here */ /* TODO: remove this when userPassword will be single valued in schema */ if (sambaAttr && sambaAttr->num_values > 1) { - ldb_set_errstring(module->ldb, "mupltiple values for userPassword not allowed!\n"); + ldb_set_errstring(ldb, "mupltiple values for userPassword not allowed!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (clearTextPasswordAttr && clearTextPasswordAttr->num_values > 1) { - ldb_set_errstring(module->ldb, "mupltiple values for clearTextPassword not allowed!\n"); + ldb_set_errstring(ldb, "mupltiple values for clearTextPassword not allowed!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (ntAttr && (ntAttr->num_values > 1)) { - ldb_set_errstring(module->ldb, "mupltiple values for unicodePwd not allowed!\n"); + ldb_set_errstring(ldb, "mupltiple values for unicodePwd not allowed!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (lmAttr && (lmAttr->num_values > 1)) { - ldb_set_errstring(module->ldb, "mupltiple values for dBCSPwd not allowed!\n"); + ldb_set_errstring(ldb, "mupltiple values for dBCSPwd not allowed!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (sambaAttr && sambaAttr->num_values == 0) { - ldb_set_errstring(module->ldb, "userPassword must have a value!\n"); + ldb_set_errstring(ldb, "userPassword must have a value!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (clearTextPasswordAttr && clearTextPasswordAttr->num_values == 0) { - ldb_set_errstring(module->ldb, "clearTextPassword must have a value!\n"); + ldb_set_errstring(ldb, "clearTextPassword must have a value!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (ntAttr && (ntAttr->num_values == 0)) { - ldb_set_errstring(module->ldb, "unicodePwd must have a value!\n"); + ldb_set_errstring(ldb, "unicodePwd must have a value!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } if (lmAttr && (lmAttr->num_values == 0)) { - ldb_set_errstring(module->ldb, "dBCSPwd must have a value!\n"); + ldb_set_errstring(ldb, "dBCSPwd must have a value!\n"); return LDB_ERR_CONSTRAINT_VIOLATION; } @@ -1699,7 +1727,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) /* get user domain data */ ac->domain_sid = samdb_result_sid_prefix(ac, req->op.add.message, "objectSid"); if (ac->domain_sid == NULL) { - ldb_debug(module->ldb, LDB_DEBUG_ERROR, + ldb_debug(ldb, LDB_DEBUG_ERROR, "can't handle entry with missing objectSid!\n"); return LDB_ERR_OPERATIONS_ERROR; } @@ -1712,14 +1740,17 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, ac->dom_req); } -static int password_hash_add_do_add(struct ph_context *ac) { - +static int password_hash_add_do_add(struct ph_context *ac) +{ + struct ldb_context *ldb; struct ldb_request *down_req; struct smb_krb5_context *smb_krb5_context; struct ldb_message *msg; struct setup_password_fields_io io; int ret; + ldb = ldb_module_get_ctx(ac->module); + msg = ldb_msg_copy_shallow(ac, ac->req->op.add.message); if (msg == NULL) { return LDB_ERR_OPERATIONS_ERROR; @@ -1727,8 +1758,8 @@ static int password_hash_add_do_add(struct ph_context *ac) { /* Some operations below require kerberos contexts */ if (smb_krb5_init_context(ac, - ldb_get_event_context(ac->module->ldb), - (struct loadparm_context *)ldb_get_opaque(ac->module->ldb, "loadparm"), + ldb_get_event_context(ldb), + (struct loadparm_context *)ldb_get_opaque(ldb, "loadparm"), &smb_krb5_context) != 0) { return LDB_ERR_OPERATIONS_ERROR; } @@ -1763,14 +1794,14 @@ static int password_hash_add_do_add(struct ph_context *ac) { } if (io.g.nt_hash) { - ret = samdb_msg_add_hash(ac->module->ldb, ac, msg, + ret = samdb_msg_add_hash(ldb, ac, msg, "unicodePwd", io.g.nt_hash); if (ret != LDB_SUCCESS) { return ret; } } if (io.g.lm_hash) { - ret = samdb_msg_add_hash(ac->module->ldb, ac, msg, + ret = samdb_msg_add_hash(ldb, ac, msg, "dBCSPwd", io.g.lm_hash); if (ret != LDB_SUCCESS) { return ret; @@ -1801,20 +1832,20 @@ static int password_hash_add_do_add(struct ph_context *ac) { return ret; } } - ret = samdb_msg_add_uint64(ac->module->ldb, ac, msg, + ret = samdb_msg_add_uint64(ldb, ac, msg, "pwdLastSet", io.g.last_set); if (ret != LDB_SUCCESS) { return ret; } - ret = samdb_msg_add_uint(ac->module->ldb, ac, msg, + ret = samdb_msg_add_uint(ldb, ac, msg, "msDs-KeyVersionNumber", io.g.kvno); if (ret != LDB_SUCCESS) { return ret; } - ret = ldb_build_add_req(&down_req, ac->module->ldb, ac, + ret = ldb_build_add_req(&down_req, ldb, ac, msg, ac->req->controls, ac, ph_op_callback, @@ -1828,6 +1859,7 @@ static int password_hash_add_do_add(struct ph_context *ac) { static int password_hash_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ph_context *ac; struct ldb_message_element *sambaAttr; struct ldb_message_element *clearTextAttr; @@ -1837,14 +1869,16 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r struct ldb_request *down_req; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_modify\n"); + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_modify\n"); if (ldb_dn_is_special(req->op.mod.message->dn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); } /* If the caller is manipulating the local passwords directly, let them pass */ - if (ldb_dn_compare_base(ldb_dn_new(req, module->ldb, LOCAL_BASE), + if (ldb_dn_compare_base(ldb_dn_new(req, ldb, LOCAL_BASE), req->op.mod.message->dn) == 0) { return ldb_next_request(module, req); } @@ -1897,7 +1931,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r /* use a new message structure so that we can modify it */ msg = ldb_msg_copy_shallow(ac, req->op.mod.message); if (msg == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -1913,7 +1947,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r return password_hash_mod_search_self(ac); } - ret = ldb_build_mod_req(&down_req, module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, msg, req->controls, ac, ph_modify_callback, @@ -1958,10 +1992,12 @@ static int ph_modify_callback(struct ldb_request *req, struct ldb_reply *ares) static int ph_mod_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct ph_context *ac; int ret; ac = talloc_get_type(req->context, struct ph_context); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -1977,7 +2013,7 @@ static int ph_mod_search_callback(struct ldb_request *req, struct ldb_reply *are case LDB_REPLY_ENTRY: if (ac->search_res != NULL) { - ldb_set_errstring(ac->module->ldb, "Too many results"); + ldb_set_errstring(ldb, "Too many results"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -1986,7 +2022,7 @@ static int ph_mod_search_callback(struct ldb_request *req, struct ldb_reply *are /* if it is not an entry of type person this is an error */ /* TODO: remove this when sambaPassword will be in schema */ if (!ldb_msg_check_string_attribute(ares->message, "objectClass", "person")) { - ldb_set_errstring(ac->module->ldb, "Object class violation"); + ldb_set_errstring(ldb, "Object class violation"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OBJECT_CLASS_VIOLATION); @@ -2002,7 +2038,7 @@ static int ph_mod_search_callback(struct ldb_request *req, struct ldb_reply *are ac->search_res->message, "objectSid"); if (ac->domain_sid == NULL) { - ldb_debug(ac->module->ldb, LDB_DEBUG_ERROR, + ldb_debug(ldb, LDB_DEBUG_ERROR, "can't handle entry without objectSid!\n"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -2025,8 +2061,9 @@ static int ph_mod_search_callback(struct ldb_request *req, struct ldb_reply *are return LDB_SUCCESS; } -static int password_hash_mod_search_self(struct ph_context *ac) { - +static int password_hash_mod_search_self(struct ph_context *ac) +{ + struct ldb_context *ldb; static const char * const attrs[] = { "userAccountControl", "lmPwdHistory", "ntPwdHistory", "objectSid", "msDS-KeyVersionNumber", @@ -2038,7 +2075,9 @@ static int password_hash_mod_search_self(struct ph_context *ac) { struct ldb_request *search_req; int ret; - ret = ldb_build_search_req(&search_req, ac->module->ldb, ac, + ldb = ldb_module_get_ctx(ac->module); + + ret = ldb_build_search_req(&search_req, ldb, ac, ac->req->op.mod.message->dn, LDB_SCOPE_BASE, "(objectclass=*)", @@ -2054,8 +2093,9 @@ static int password_hash_mod_search_self(struct ph_context *ac) { return ldb_next_request(ac->module, search_req); } -static int password_hash_mod_do_mod(struct ph_context *ac) { - +static int password_hash_mod_do_mod(struct ph_context *ac) +{ + struct ldb_context *ldb; struct ldb_request *mod_req; struct smb_krb5_context *smb_krb5_context; struct ldb_message *msg; @@ -2064,6 +2104,8 @@ static int password_hash_mod_do_mod(struct ph_context *ac) { struct setup_password_fields_io io; int ret; + ldb = ldb_module_get_ctx(ac->module); + /* use a new message structure so that we can modify it */ msg = ldb_msg_new(ac); if (msg == NULL) { @@ -2075,8 +2117,8 @@ static int password_hash_mod_do_mod(struct ph_context *ac) { /* Some operations below require kerberos contexts */ if (smb_krb5_init_context(ac, - ldb_get_event_context(ac->module->ldb), - (struct loadparm_context *)ldb_get_opaque(ac->module->ldb, "loadparm"), + ldb_get_event_context(ldb), + (struct loadparm_context *)ldb_get_opaque(ldb, "loadparm"), &smb_krb5_context) != 0) { return LDB_ERR_OPERATIONS_ERROR; } @@ -2119,14 +2161,14 @@ static int password_hash_mod_do_mod(struct ph_context *ac) { ret = ldb_msg_add_empty(msg, "msDs-KeyVersionNumber", LDB_FLAG_MOD_REPLACE, NULL); if (io.g.nt_hash) { - ret = samdb_msg_add_hash(ac->module->ldb, ac, msg, + ret = samdb_msg_add_hash(ldb, ac, msg, "unicodePwd", io.g.nt_hash); if (ret != LDB_SUCCESS) { return ret; } } if (io.g.lm_hash) { - ret = samdb_msg_add_hash(ac->module->ldb, ac, msg, + ret = samdb_msg_add_hash(ldb, ac, msg, "dBCSPwd", io.g.lm_hash); if (ret != LDB_SUCCESS) { return ret; @@ -2157,20 +2199,20 @@ static int password_hash_mod_do_mod(struct ph_context *ac) { return ret; } } - ret = samdb_msg_add_uint64(ac->module->ldb, ac, msg, + ret = samdb_msg_add_uint64(ldb, ac, msg, "pwdLastSet", io.g.last_set); if (ret != LDB_SUCCESS) { return ret; } - ret = samdb_msg_add_uint(ac->module->ldb, ac, msg, + ret = samdb_msg_add_uint(ldb, ac, msg, "msDs-KeyVersionNumber", io.g.kvno); if (ret != LDB_SUCCESS) { return ret; } - ret = ldb_build_mod_req(&mod_req, ac->module->ldb, ac, + ret = ldb_build_mod_req(&mod_req, ldb, ac, msg, ac->req->controls, ac, ph_op_callback, diff --git a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c index 198b667358..fefaef4755 100644 --- a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c @@ -21,9 +21,7 @@ */ #include "includes.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "librpc/gen_ndr/ndr_misc.h" #include "librpc/gen_ndr/ndr_drsuapi.h" @@ -32,6 +30,7 @@ static int pdc_fsmo_init(struct ldb_module *module) { + struct ldb_context *ldb; TALLOC_CTX *mem_ctx; struct ldb_dn *pdc_dn; struct dsdb_pdc_fsmo *pdc_fsmo; @@ -42,15 +41,17 @@ static int pdc_fsmo_init(struct ldb_module *module) NULL }; + ldb = ldb_module_get_ctx(module); + mem_ctx = talloc_new(module); if (!mem_ctx) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - pdc_dn = samdb_base_dn(module->ldb); + pdc_dn = samdb_base_dn(ldb); if (!pdc_dn) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "pdc_fsmo_init: no domain dn present: (skip loading of domain details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); @@ -58,54 +59,54 @@ static int pdc_fsmo_init(struct ldb_module *module) pdc_fsmo = talloc_zero(mem_ctx, struct dsdb_pdc_fsmo); if (!pdc_fsmo) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - module->private_data = pdc_fsmo; + ldb_module_set_private(module, pdc_fsmo); - ret = ldb_search(module->ldb, mem_ctx, &pdc_res, + ret = ldb_search(ldb, mem_ctx, &pdc_res, pdc_dn, LDB_SCOPE_BASE, pdc_attrs, NULL); if (ret == LDB_ERR_NO_SUCH_OBJECT) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "pdc_fsmo_init: no domain object present: (skip loading of domain details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); } else if (ret != LDB_SUCCESS) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "pdc_fsmo_init: failed to search the domain object: %d:%s", ret, ldb_strerror(ret)); talloc_free(mem_ctx); return ret; } if (pdc_res->count == 0) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_debug(ldb, LDB_DEBUG_WARNING, "pdc_fsmo_init: no domain object present: (skip loading of domain details)\n"); talloc_free(mem_ctx); return ldb_next_init(module); } else if (pdc_res->count > 1) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "pdc_fsmo_init: [%u] domain objects found on a base search", pdc_res->count); talloc_free(mem_ctx); return LDB_ERR_CONSTRAINT_VIOLATION; } - pdc_fsmo->master_dn = ldb_msg_find_attr_as_dn(module->ldb, mem_ctx, pdc_res->msgs[0], "fSMORoleOwner"); - if (ldb_dn_compare(samdb_ntds_settings_dn(module->ldb), pdc_fsmo->master_dn) == 0) { + pdc_fsmo->master_dn = ldb_msg_find_attr_as_dn(ldb, mem_ctx, pdc_res->msgs[0], "fSMORoleOwner"); + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), pdc_fsmo->master_dn) == 0) { pdc_fsmo->we_are_master = true; } else { pdc_fsmo->we_are_master = false; } - if (ldb_set_opaque(module->ldb, "dsdb_pdc_fsmo", pdc_fsmo) != LDB_SUCCESS) { - ldb_oom(module->ldb); + if (ldb_set_opaque(ldb, "dsdb_pdc_fsmo", pdc_fsmo) != LDB_SUCCESS) { + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } talloc_steal(module, pdc_fsmo); - ldb_debug(module->ldb, LDB_DEBUG_TRACE, + ldb_debug(ldb, LDB_DEBUG_TRACE, "pdc_fsmo_init: we are master: %s\n", (pdc_fsmo->we_are_master?"yes":"no")); diff --git a/source4/dsdb/samdb/ldb_modules/proxy.c b/source4/dsdb/samdb/ldb_modules/proxy.c index 23116be9ac..9a5091ce90 100644 --- a/source4/dsdb/samdb/ldb_modules/proxy.c +++ b/source4/dsdb/samdb/ldb_modules/proxy.c @@ -37,9 +37,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" +#include "ldb_module.h" #include "auth/credentials/credentials.h" struct proxy_data { @@ -64,7 +62,8 @@ struct proxy_ctx { */ static int load_proxy_info(struct ldb_module *module) { - struct proxy_data *proxy = talloc_get_type(module->private_data, struct proxy_data); + struct ldb = ldb_module_get_ctx(module); + struct proxy_data *proxy = talloc_get_type(ldb_module_get_private(module), struct proxy_data); struct ldb_dn *dn; struct ldb_result *res = NULL; int ret; @@ -76,14 +75,14 @@ static int load_proxy_info(struct ldb_module *module) return LDB_SUCCESS; } - dn = ldb_dn_new(proxy, module->ldb, "@PROXYINFO"); + dn = ldb_dn_new(proxy, ldb, "@PROXYINFO"); if (dn == NULL) { goto failed; } - ret = ldb_search(module->ldb, proxy, &res, dn, LDB_SCOPE_BASE, NULL, NULL); + ret = ldb_search(ldb, proxy, &res, dn, LDB_SCOPE_BASE, NULL, NULL); talloc_free(dn); if (ret != LDB_SUCCESS || res->count != 1) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Can't find @PROXYINFO\n"); + ldb_debug(ldb, LDB_DEBUG_FATAL, "Can't find @PROXYINFO\n"); goto failed; } @@ -96,47 +95,47 @@ static int load_proxy_info(struct ldb_module *module) newstr = ldb_msg_find_attr_as_string(res->msgs[0], "newstr", NULL); if (url == NULL || olddn == NULL || newdn == NULL || username == NULL || password == NULL) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Need url, olddn, newdn, oldstr, newstr, username and password in @PROXYINFO\n"); + ldb_debug(ldb, LDB_DEBUG_FATAL, "Need url, olddn, newdn, oldstr, newstr, username and password in @PROXYINFO\n"); goto failed; } - proxy->olddn = ldb_dn_new(proxy, module->ldb, olddn); + proxy->olddn = ldb_dn_new(proxy, ldb, olddn); if (proxy->olddn == NULL) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to explode olddn '%s'\n", olddn); + ldb_debug(ldb, LDB_DEBUG_FATAL, "Failed to explode olddn '%s'\n", olddn); goto failed; } - proxy->newdn = ldb_dn_new(proxy, module->ldb, newdn); + proxy->newdn = ldb_dn_new(proxy, ldb, newdn); if (proxy->newdn == NULL) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to explode newdn '%s'\n", newdn); + ldb_debug(ldb, LDB_DEBUG_FATAL, "Failed to explode newdn '%s'\n", newdn); goto failed; } proxy->upstream = ldb_init(proxy, ldb_get_event_context(ldb)); if (proxy->upstream == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); goto failed; } proxy->oldstr = str_list_make(proxy, oldstr, ", "); if (proxy->oldstr == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); goto failed; } proxy->newstr = str_list_make(proxy, newstr, ", "); if (proxy->newstr == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); goto failed; } /* setup credentials for connection */ creds = cli_credentials_init(proxy->upstream); if (creds == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); goto failed; } - cli_credentials_guess(creds, ldb_get_opaque(module->ldb, "loadparm")); + cli_credentials_guess(creds, ldb_get_opaque(ldb, "loadparm")); cli_credentials_set_username(creds, username, CRED_SPECIFIED); cli_credentials_set_password(creds, password, CRED_SPECIFIED); @@ -144,11 +143,11 @@ static int load_proxy_info(struct ldb_module *module) ret = ldb_connect(proxy->upstream, url, 0, NULL); if (ret != 0) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "proxy failed to connect to %s\n", url); + ldb_debug(ldb, LDB_DEBUG_FATAL, "proxy failed to connect to %s\n", url); goto failed; } - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "proxy connected to %s\n", url); + ldb_debug(ldb, LDB_DEBUG_TRACE, "proxy connected to %s\n", url); talloc_free(res); @@ -256,12 +255,14 @@ static void proxy_convert_record(struct ldb_context *ldb, static int proxy_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct proxy_data *proxy; struct proxy_ctx *ac; int ret; ac = talloc_get_type(req->context, struct proxy_ctx); - proxy = talloc_get_type(ac->module->private_data, struct proxy_data); + ldb = ldb_module_get_ctx(ac->module); + proxy = talloc_get_type(private_data, struct proxy_data); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -279,7 +280,7 @@ static int proxy_search_callback(struct ldb_request *req, #ifdef DEBUG_PROXY ac->count++; #endif - proxy_convert_record(ac->module->ldb, proxy, ares->message); + proxy_convert_record(ldb, proxy, ares->message); ret = ldb_module_send_entry(ac->req, ares->message, ares->controls); break; @@ -304,13 +305,16 @@ static int proxy_search_callback(struct ldb_request *req, /* search */ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct proxy_ctx *ac; struct ldb_parse_tree *newtree; - struct proxy_data *proxy = talloc_get_type(module->private_data, struct proxy_data); + struct proxy_data *proxy = talloc_get_type(ldb_module_get_private(module), struct proxy_data); struct ldb_request *newreq; struct ldb_dn *base; int ret, i; + ldb = ldb_module_get_ctx(module); + if (req->op.search.base == NULL || (req->op.search.base->comp_num == 1 && req->op.search.base->components[0].name[0] == '@')) { @@ -347,13 +351,13 @@ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *re ldb_dn_remove_base_components(base, ldb_dn_get_comp_num(proxy->newdn)); ldb_dn_add_base(base, proxy->olddn); - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "proxying: '%s' with dn '%s' \n", + ldb_debug(ldb, LDB_DEBUG_FATAL, "proxying: '%s' with dn '%s' \n", ldb_filter_from_tree(ac, newreq->op.search.tree), ldb_dn_get_linearized(newreq->op.search.base)); for (i = 0; req->op.search.attrs && req->op.search.attrs[i]; i++) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "attr: '%s'\n", req->op.search.attrs[i]); + ldb_debug(ldb, LDB_DEBUG_FATAL, "attr: '%s'\n", req->op.search.attrs[i]); } - ret = ldb_build_search_req_ex(&newreq, module->ldb, ac, + ret = ldb_build_search_req_ex(&newreq, ldb, ac, base, req->op.search.scope, newtree, req->op.search.attrs, req->controls, @@ -364,16 +368,16 @@ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *re * for now this makes the module *not* ASYNC */ ret = ldb_request(proxy->upstream, newreq); if (ret != LDB_SUCCESS) { - ldb_set_errstring(module->ldb, ldb_errstring(proxy->upstream)); + ldb_set_errstring(ldb, ldb_errstring(proxy->upstream)); } ret = ldb_wait(newreq->handle, LDB_WAIT_ALL); if (ret != LDB_SUCCESS) { - ldb_set_errstring(module->ldb, ldb_errstring(proxy->upstream)); + ldb_set_errstring(ldb, ldb_errstring(proxy->upstream)); } return ret; failed: - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "proxy failed for %s\n", + ldb_debug(ldb, LDB_DEBUG_TRACE, "proxy failed for %s\n", ldb_dn_get_linearized(req->op.search.base)); passthru: diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index f30748c85c..1ea1ab1b81 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -39,9 +39,7 @@ */ #include "includes.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "dsdb/common/flags.h" #include "librpc/gen_ndr/ndr_misc.h" @@ -68,11 +66,14 @@ struct replmd_replicated_request { static struct replmd_replicated_request *replmd_ctx_init(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct replmd_replicated_request *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct replmd_replicated_request); if (ac == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return NULL; } @@ -204,9 +205,11 @@ static void replmd_ldb_message_sort(struct ldb_message *msg, static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct replmd_replicated_request *ac; ac = talloc_get_type(req->context, struct replmd_replicated_request); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -218,7 +221,7 @@ static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares) } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "invalid ldb_reply_type in callback"); talloc_free(ares); return ldb_module_done(ac->req, NULL, NULL, @@ -231,6 +234,7 @@ static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares) static int replmd_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct replmd_replicated_request *ac; const struct dsdb_schema *schema; enum ndr_err_code ndr_err; @@ -254,11 +258,13 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "replmd_add\n"); + ldb = ldb_module_get_ctx(ac->module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "replmd_add\n"); - schema = dsdb_get_schema(module->ldb); + schema = dsdb_get_schema(ldb); if (!schema) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "replmd_modify: no dsdb_schema loaded"); return LDB_ERR_CONSTRAINT_VIOLATION; } @@ -271,13 +277,13 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) ac->schema = schema; if (ldb_msg_find_element(req->op.add.message, "objectGUID") != NULL) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "replmd_add: it's not allowed to add an object with objectGUID\n"); return LDB_ERR_UNWILLING_TO_PERFORM; } /* Get a sequence number from the backend */ - ret = ldb_sequence_number(module->ldb, LDB_SEQ_NEXT, &seq_num); + ret = ldb_sequence_number(ldb, LDB_SEQ_NEXT, &seq_num); if (ret != LDB_SUCCESS) { return ret; } @@ -286,9 +292,9 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) guid = GUID_random(); /* get our invicationId */ - our_invocation_id = samdb_ntds_invocation_id(module->ldb); + our_invocation_id = samdb_ntds_invocation_id(ldb); if (!our_invocation_id) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "replmd_add: unable to find invocationId\n"); return LDB_ERR_OPERATIONS_ERROR; } @@ -296,7 +302,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) /* we have to copy the message as the caller might have it as a const */ msg = ldb_msg_copy_shallow(ac, req->op.add.message); if (msg == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -321,7 +327,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) */ ret = ldb_msg_add_string(msg, "whenCreated", time_str); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -333,7 +339,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) struct replPropertyMetaData1, nmd.ctr.ctr1.count); if (!nmd.ctr.ctr1.array) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -346,7 +352,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) sa = dsdb_attribute_by_lDAPDisplayName(schema, e->name); if (!sa) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "replmd_add: attribute '%s' not defined in schema\n", e->name); return LDB_ERR_NO_SUCH_ATTRIBUTE; @@ -386,15 +392,15 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) &guid, (ndr_push_flags_fn_t)ndr_push_GUID); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } ndr_err = ndr_push_struct_blob(&nmd_value, msg, - lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &nmd, (ndr_push_flags_fn_t)ndr_push_replPropertyMetaDataBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -403,27 +409,27 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) */ ret = ldb_msg_add_value(msg, "objectGUID", &guid_value, NULL); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_msg_add_string(msg, "whenChanged", time_str); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = samdb_msg_add_uint64(module->ldb, msg, msg, "uSNCreated", seq_num); + ret = samdb_msg_add_uint64(ldb, msg, msg, "uSNCreated", seq_num); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = samdb_msg_add_uint64(module->ldb, msg, msg, "uSNChanged", seq_num); + ret = samdb_msg_add_uint64(ldb, msg, msg, "uSNChanged", seq_num); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_msg_add_value(msg, "replPropertyMetaData", &nmd_value, NULL); if (ret != LDB_SUCCESS) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -432,7 +438,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) */ replmd_ldb_message_sort(msg, schema); - ret = ldb_build_add_req(&down_req, module->ldb, ac, + ret = ldb_build_add_req(&down_req, ldb, ac, msg, req->controls, ac, replmd_op_callback, @@ -447,6 +453,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) static int replmd_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct replmd_replicated_request *ac; const struct dsdb_schema *schema; struct ldb_request *down_req; @@ -460,11 +467,13 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "replmd_modify\n"); + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "replmd_modify\n"); - schema = dsdb_get_schema(module->ldb); + schema = dsdb_get_schema(ldb); if (!schema) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "replmd_modify: no dsdb_schema loaded"); return LDB_ERR_CONSTRAINT_VIOLATION; } @@ -501,7 +510,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req) } /* Get a sequence number from the backend */ - ret = ldb_sequence_number(module->ldb, LDB_SEQ_NEXT, &seq_num); + ret = ldb_sequence_number(ldb, LDB_SEQ_NEXT, &seq_num); if (ret == LDB_SUCCESS) { if (add_uint64_element(msg, "uSNChanged", seq_num) != LDB_SUCCESS) { talloc_free(ac); @@ -514,7 +523,7 @@ static int replmd_modify(struct ldb_module *module, struct ldb_request *req) * - replace the old object with the newly constructed one */ - ret = ldb_build_mod_req(&down_req, module->ldb, ac, + ret = ldb_build_mod_req(&down_req, ldb, ac, msg, req->controls, ac, replmd_op_callback, @@ -545,10 +554,12 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar); static int replmd_replicated_apply_add_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct replmd_replicated_request *ar = talloc_get_type(req->context, struct replmd_replicated_request); int ret; + ldb = ldb_module_get_ctx(ar->module); if (!ares) { return ldb_module_done(ar->req, NULL, NULL, @@ -560,7 +571,7 @@ static int replmd_replicated_apply_add_callback(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ar->module->ldb, "Invalid reply type\n!"); + ldb_set_errstring(ldb, "Invalid reply type\n!"); return ldb_module_done(ar->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -578,6 +589,7 @@ static int replmd_replicated_apply_add_callback(struct ldb_request *req, static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) { + struct ldb_context *ldb; struct ldb_request *change_req; enum ndr_err_code ndr_err; struct ldb_message *msg; @@ -596,10 +608,11 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) * same name exist */ + ldb = ldb_module_get_ctx(ar->module); msg = ar->objs->objects[ar->index_current].msg; md = ar->objs->objects[ar->index_current].meta_data; - ret = ldb_sequence_number(ar->module->ldb, LDB_SEQ_NEXT, &seq_num); + ret = ldb_sequence_number(ldb, LDB_SEQ_NEXT, &seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } @@ -614,12 +627,12 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) return replmd_replicated_request_error(ar, ret); } - ret = samdb_msg_add_uint64(ar->module->ldb, msg, msg, "uSNCreated", seq_num); + ret = samdb_msg_add_uint64(ldb, msg, msg, "uSNCreated", seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } - ret = samdb_msg_add_uint64(ar->module->ldb, msg, msg, "uSNChanged", seq_num); + ret = samdb_msg_add_uint64(ldb, msg, msg, "uSNChanged", seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } @@ -631,7 +644,7 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) md->ctr.ctr1.array[i].local_usn = seq_num; } ndr_err = ndr_push_struct_blob(&md_value, msg, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), md, (ndr_push_flags_fn_t)ndr_push_replPropertyMetaDataBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -646,7 +659,7 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) replmd_ldb_message_sort(msg, ar->schema); ret = ldb_build_add_req(&change_req, - ar->module->ldb, + ldb, ar, msg, ar->controls, @@ -682,10 +695,13 @@ static int replmd_replPropertyMetaData1_conflict_compare(struct replPropertyMeta static int replmd_replicated_apply_merge_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct replmd_replicated_request *ar = talloc_get_type(req->context, struct replmd_replicated_request); int ret; + ldb = ldb_module_get_ctx(ar->module); + if (!ares) { return ldb_module_done(ar->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -696,7 +712,7 @@ static int replmd_replicated_apply_merge_callback(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ar->module->ldb, "Invalid reply type\n!"); + ldb_set_errstring(ldb, "Invalid reply type\n!"); return ldb_module_done(ar->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -714,6 +730,7 @@ static int replmd_replicated_apply_merge_callback(struct ldb_request *req, static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) { + struct ldb_context *ldb; struct ldb_request *change_req; enum ndr_err_code ndr_err; struct ldb_message *msg; @@ -727,6 +744,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) uint64_t seq_num; int ret; + ldb = ldb_module_get_ctx(ar->module); msg = ar->objs->objects[ar->index_current].msg; rmd = ar->objs->objects[ar->index_current].meta_data; ZERO_STRUCT(omd); @@ -736,15 +754,15 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) * TODO: add rename conflict handling */ if (ldb_dn_compare(msg->dn, ar->search_msg->dn) != 0) { - ldb_debug_set(ar->module->ldb, LDB_DEBUG_FATAL, "replmd_replicated_apply_merge[%u]: rename not supported", + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "replmd_replicated_apply_merge[%u]: rename not supported", ar->index_current); - ldb_debug(ar->module->ldb, LDB_DEBUG_FATAL, "%s => %s\n", + ldb_debug(ldb, LDB_DEBUG_FATAL, "%s => %s\n", ldb_dn_get_linearized(ar->search_msg->dn), ldb_dn_get_linearized(msg->dn)); return replmd_replicated_request_werror(ar, WERR_NOT_SUPPORTED); } - ret = ldb_sequence_number(ar->module->ldb, LDB_SEQ_NEXT, &seq_num); + ret = ldb_sequence_number(ldb, LDB_SEQ_NEXT, &seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } @@ -753,7 +771,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) omd_value = ldb_msg_find_ldb_val(ar->search_msg, "replPropertyMetaData"); if (omd_value) { ndr_err = ndr_pull_struct_blob(omd_value, ar, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), &omd, + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &omd, (ndr_pull_flags_fn_t)ndr_pull_replPropertyMetaDataBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err); @@ -837,7 +855,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) /* create the meta data value */ ndr_err = ndr_push_struct_blob(&nmd_value, msg, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &nmd, (ndr_push_flags_fn_t)ndr_push_replPropertyMetaDataBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -849,14 +867,14 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) * check if some replicated attributes left, otherwise skip the ldb_modify() call */ if (msg->num_elements == 0) { - ldb_debug(ar->module->ldb, LDB_DEBUG_TRACE, "replmd_replicated_apply_merge[%u]: skip replace\n", + ldb_debug(ldb, LDB_DEBUG_TRACE, "replmd_replicated_apply_merge[%u]: skip replace\n", ar->index_current); ar->index_current++; return replmd_replicated_apply_next(ar); } - ldb_debug(ar->module->ldb, LDB_DEBUG_TRACE, "replmd_replicated_apply_merge[%u]: replace %u attributes\n", + ldb_debug(ldb, LDB_DEBUG_TRACE, "replmd_replicated_apply_merge[%u]: replace %u attributes\n", ar->index_current, msg->num_elements); /* @@ -867,7 +885,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } - ret = samdb_msg_add_uint64(ar->module->ldb, msg, msg, "uSNChanged", seq_num); + ret = samdb_msg_add_uint64(ldb, msg, msg, "uSNChanged", seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } @@ -884,7 +902,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) } ret = ldb_build_mod_req(&change_req, - ar->module->ldb, + ldb, ar, msg, ar->controls, @@ -941,6 +959,7 @@ static int replmd_replicated_uptodate_vector(struct replmd_replicated_request *a static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) { + struct ldb_context *ldb; int ret; char *tmp_str; char *filter; @@ -951,6 +970,7 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) return replmd_replicated_uptodate_vector(ar); } + ldb = ldb_module_get_ctx(ar->module); ar->search_msg = NULL; tmp_str = ldb_binary_encode(ar, ar->objs->objects[ar->index_current].guid_value); @@ -961,7 +981,7 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) talloc_free(tmp_str); ret = ldb_build_search_req(&search_req, - ar->module->ldb, + ldb, ar, ar->objs->partition_dn, LDB_SCOPE_SUBTREE, @@ -979,8 +999,10 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) static int replmd_replicated_uptodate_modify_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct replmd_replicated_request *ar = talloc_get_type(req->context, struct replmd_replicated_request); + ldb = ldb_module_get_ctx(ar->module); if (!ares) { return ldb_module_done(ar->req, NULL, NULL, @@ -992,7 +1014,7 @@ static int replmd_replicated_uptodate_modify_callback(struct ldb_request *req, } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ar->module->ldb, "Invalid reply type\n!"); + ldb_set_errstring(ldb, "Invalid reply type\n!"); return ldb_module_done(ar->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); } @@ -1010,6 +1032,7 @@ static int replmd_drsuapi_DsReplicaCursor2_compare(const struct drsuapi_DsReplic static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *ar) { + struct ldb_context *ldb; struct ldb_request *change_req; enum ndr_err_code ndr_err; struct ldb_message *msg; @@ -1031,6 +1054,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a NTTIME now; int ret; + ldb = ldb_module_get_ctx(ar->module); ruv = ar->objs->uptodateness_vector; ZERO_STRUCT(ouv); ouv.version = 2; @@ -1044,7 +1068,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a * because we will do a modify request and this will increment * our highest_usn */ - ret = ldb_sequence_number(ar->module->ldb, LDB_SEQ_NEXT, &seq_num); + ret = ldb_sequence_number(ldb, LDB_SEQ_NEXT, &seq_num); if (ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ret); } @@ -1055,7 +1079,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a ouv_value = ldb_msg_find_ldb_val(ar->search_msg, "replUpToDateVector"); if (ouv_value) { ndr_err = ndr_pull_struct_blob(ouv_value, ar, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), &ouv, + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &ouv, (ndr_pull_flags_fn_t)ndr_pull_replUpToDateVectorBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err); @@ -1087,7 +1111,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a } /* get our invocation_id if we have one already attached to the ldb */ - our_invocation_id = samdb_ntds_invocation_id(ar->module->ldb); + our_invocation_id = samdb_ntds_invocation_id(ldb); /* merge in the source_dsa vector is available */ for (i=0; (ruv && i < ruv->count); i++) { @@ -1181,7 +1205,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a msg->dn = ar->search_msg->dn; ndr_err = ndr_push_struct_blob(&nuv_value, msg, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &nuv, (ndr_push_flags_fn_t)ndr_push_replUpToDateVectorBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -1219,7 +1243,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a trf = talloc(ar, struct repsFromToBlob); if (!trf) return replmd_replicated_request_werror(ar, WERR_NOMEM); - ndr_err = ndr_pull_struct_blob(&orf_el->values[i], trf, lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), trf, + ndr_err = ndr_pull_struct_blob(&orf_el->values[i], trf, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), trf, (ndr_pull_flags_fn_t)ndr_pull_repsFromToBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS nt_status = ndr_map_error2ntstatus(ndr_err); @@ -1270,7 +1294,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a /* we now fill the value which is already attached to ldb_message */ ndr_err = ndr_push_struct_blob(nrf_value, msg, - lp_iconv_convenience(ldb_get_opaque(ar->module->ldb, "loadparm")), + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), &nrf, (ndr_push_flags_fn_t)ndr_push_repsFromToBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -1286,7 +1310,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a /* prepare the ldb_modify() request */ ret = ldb_build_mod_req(&change_req, - ar->module->ldb, + ldb, ar, msg, ar->controls, @@ -1342,6 +1366,7 @@ static int replmd_replicated_uptodate_search_callback(struct ldb_request *req, static int replmd_replicated_uptodate_vector(struct replmd_replicated_request *ar) { + struct ldb_context *ldb; int ret; static const char *attrs[] = { "replUpToDateVector", @@ -1350,10 +1375,11 @@ static int replmd_replicated_uptodate_vector(struct replmd_replicated_request *a }; struct ldb_request *search_req; + ldb = ldb_module_get_ctx(ar->module); ar->search_msg = NULL; ret = ldb_build_search_req(&search_req, - ar->module->ldb, + ldb, ar, ar->objs->partition_dn, LDB_SCOPE_BASE, @@ -1370,21 +1396,24 @@ static int replmd_replicated_uptodate_vector(struct replmd_replicated_request *a static int replmd_extended_replicated_objects(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct dsdb_extended_replicated_objects *objs; struct replmd_replicated_request *ar; struct ldb_control **ctrls; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "replmd_extended_replicated_objects\n"); + ldb = ldb_module_get_ctx(module); + + ldb_debug(ldb, LDB_DEBUG_TRACE, "replmd_extended_replicated_objects\n"); objs = talloc_get_type(req->op.extended.data, struct dsdb_extended_replicated_objects); if (!objs) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: invalid extended data\n"); + ldb_debug(ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: invalid extended data\n"); return LDB_ERR_PROTOCOL_ERROR; } if (objs->version != DSDB_EXTENDED_REPLICATED_OBJECTS_VERSION) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: extended data invalid version [%u != %u]\n", + ldb_debug(ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: extended data invalid version [%u != %u]\n", objs->version, DSDB_EXTENDED_REPLICATED_OBJECTS_VERSION); return LDB_ERR_PROTOCOL_ERROR; } @@ -1394,9 +1423,9 @@ static int replmd_extended_replicated_objects(struct ldb_module *module, struct return LDB_ERR_OPERATIONS_ERROR; ar->objs = objs; - ar->schema = dsdb_get_schema(module->ldb); + ar->schema = dsdb_get_schema(ldb); if (!ar->schema) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, "replmd_ctx_init: no loaded schema found\n"); + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "replmd_ctx_init: no loaded schema found\n"); talloc_free(ar); return LDB_ERR_CONSTRAINT_VIOLATION; } diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 461a554ec0..9ae894d55f 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -21,9 +21,7 @@ */ #include "includes.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" +#include "ldb_private.h" #include "system/time.h" #include "dsdb/samdb/samdb.h" #include "version.h" @@ -56,13 +54,15 @@ static int do_attribute_explicit(const char * const *attrs, const char *name) */ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *msg, const char * const *attrs) { - struct private_data *priv = talloc_get_type(module->private_data, struct private_data); + struct ldb_context *ldb; + struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data); char **server_sasl; const struct dsdb_schema *schema; - schema = dsdb_get_schema(module->ldb); + ldb = ldb_module_get_ctx(module); + schema = dsdb_get_schema(ldb); - msg->dn = ldb_dn_new(msg, module->ldb, NULL); + msg->dn = ldb_dn_new(msg, ldb, NULL); /* don't return the distinduishedName, cn and name attributes */ ldb_msg_remove_attr(msg, "distinguishedName"); @@ -101,7 +101,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms } } - server_sasl = talloc_get_type(ldb_get_opaque(module->ldb, "supportedSASLMechanims"), + server_sasl = talloc_get_type(ldb_get_opaque(ldb, "supportedSASLMechanims"), char *); if (server_sasl && do_attribute(attrs, "supportedSASLMechanisms")) { int i; @@ -119,7 +119,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms if (do_attribute(attrs, "highestCommittedUSN")) { uint64_t seq_num; - int ret = ldb_sequence_number(module->ldb, LDB_SEQ_HIGHEST_SEQ, &seq_num); + int ret = ldb_sequence_number(ldb, LDB_SEQ_HIGHEST_SEQ, &seq_num); if (ret == LDB_SUCCESS) { if (ldb_msg_add_fmt(msg, "highestCommittedUSN", "%llu", (unsigned long long)seq_num) != 0) { @@ -169,7 +169,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms const char *dn_str; if (schema && schema->fsmo.we_are_master) { - dn_str = ldb_dn_get_linearized(samdb_schema_dn(module->ldb)); + dn_str = ldb_dn_get_linearized(samdb_schema_dn(ldb)); if (dn_str && dn_str[0]) { if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) { goto failed; @@ -177,10 +177,10 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms } } - naming_fsmo = talloc_get_type(ldb_get_opaque(module->ldb, "dsdb_naming_fsmo"), + naming_fsmo = talloc_get_type(ldb_get_opaque(ldb, "dsdb_naming_fsmo"), struct dsdb_naming_fsmo); if (naming_fsmo && naming_fsmo->we_are_master) { - dn_str = ldb_dn_get_linearized(samdb_partitions_dn(module->ldb, msg)); + dn_str = ldb_dn_get_linearized(samdb_partitions_dn(ldb, msg)); if (dn_str && dn_str[0]) { if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) { goto failed; @@ -188,10 +188,10 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms } } - pdc_fsmo = talloc_get_type(ldb_get_opaque(module->ldb, "dsdb_pdc_fsmo"), + pdc_fsmo = talloc_get_type(ldb_get_opaque(ldb, "dsdb_pdc_fsmo"), struct dsdb_pdc_fsmo); if (pdc_fsmo && pdc_fsmo->we_are_master) { - dn_str = ldb_dn_get_linearized(samdb_base_dn(module->ldb)); + dn_str = ldb_dn_get_linearized(samdb_base_dn(ldb)); if (dn_str && dn_str[0]) { if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) { goto failed; @@ -227,11 +227,14 @@ struct rootdse_context { static struct rootdse_context *rootdse_init_context(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct rootdse_context *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct rootdse_context); if (ac == NULL) { - ldb_set_errstring(module->ldb, "Out of Memory"); + ldb_set_errstring(ldb, "Out of Memory"); return NULL; } @@ -296,10 +299,13 @@ static int rootdse_callback(struct ldb_request *req, struct ldb_reply *ares) static int rootdse_search(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct rootdse_context *ac; struct ldb_request *down_req; int ret; + ldb = ldb_module_get_ctx(module); + /* see if its for the rootDSE - only a base search on the "" DN qualifies */ if (!(req->op.search.scope == LDB_SCOPE_BASE && ldb_dn_is_null(req->op.search.base))) { /* Otherwise, pass down to the rest of the stack */ @@ -312,8 +318,8 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req) } /* in our db we store the rootDSE with a DN of @ROOTDSE */ - ret = ldb_build_search_req(&down_req, module->ldb, ac, - ldb_dn_new(ac, module->ldb, "@ROOTDSE"), + ret = ldb_build_search_req(&down_req, ldb, ac, + ldb_dn_new(ac, ldb, "@ROOTDSE"), LDB_SCOPE_BASE, NULL, req->op.search.attrs, @@ -329,7 +335,7 @@ static int rootdse_search(struct ldb_module *module, struct ldb_request *req) static int rootdse_register_control(struct ldb_module *module, struct ldb_request *req) { - struct private_data *priv = talloc_get_type(module->private_data, struct private_data); + struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data); char **list; list = talloc_realloc(priv, priv->controls, char *, priv->num_controls + 1); @@ -350,7 +356,7 @@ static int rootdse_register_control(struct ldb_module *module, struct ldb_reques static int rootdse_register_partition(struct ldb_module *module, struct ldb_request *req) { - struct private_data *priv = talloc_get_type(module->private_data, struct private_data); + struct private_data *priv = talloc_get_type(ldb_module_get_private(module), struct private_data); struct ldb_dn **list; list = talloc_realloc(priv, priv->partitions, struct ldb_dn *, priv->num_partitions + 1); @@ -387,8 +393,11 @@ static int rootdse_request(struct ldb_module *module, struct ldb_request *req) static int rootdse_init(struct ldb_module *module) { + struct ldb_context *ldb; struct private_data *data; + ldb = ldb_module_get_ctx(module); + data = talloc(module, struct private_data); if (data == NULL) { return -1; @@ -398,15 +407,16 @@ static int rootdse_init(struct ldb_module *module) data->controls = NULL; data->num_partitions = 0; data->partitions = NULL; - module->private_data = data; + ldb_module_set_private(module, data); - ldb_set_default_dns(module->ldb); + ldb_set_default_dns(ldb); return ldb_next_init(module); } static int rootdse_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_result *ext_res; int ret; struct ldb_dn *schema_dn; @@ -418,7 +428,9 @@ static int rootdse_modify(struct ldb_module *module, struct ldb_request *req) if (!ldb_dn_is_null(req->op.mod.message->dn)) { return ldb_next_request(module, req); } - + + ldb = ldb_module_get_ctx(module); + /* dn is empty so check for schemaUpdateNow attribute "The type of modification and values specified in the LDAP modify operation do not matter." MSDN @@ -428,15 +440,15 @@ static int rootdse_modify(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OPERATIONS_ERROR; } - schema_dn = samdb_schema_dn(module->ldb); + schema_dn = samdb_schema_dn(ldb); if (!schema_dn) { - ldb_reset_err_string(module->ldb); - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_reset_err_string(ldb); + ldb_debug(ldb, LDB_DEBUG_WARNING, "rootdse_modify: no schema dn present: (skip ldb_extended call)\n"); return ldb_next_request(module, req); } - ret = ldb_extended(module->ldb, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID, schema_dn, &ext_res); + ret = ldb_extended(ldb, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID, schema_dn, &ext_res); if (ret != LDB_SUCCESS) { return LDB_ERR_OPERATIONS_ERROR; } diff --git a/source4/dsdb/samdb/ldb_modules/samba3sam.c b/source4/dsdb/samdb/ldb_modules/samba3sam.c index 7a123c818f..3f10748085 100644 --- a/source4/dsdb/samdb/ldb_modules/samba3sam.c +++ b/source4/dsdb/samdb/ldb_modules/samba3sam.c @@ -6,9 +6,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_private.h" -#include "ldb/include/ldb_errors.h" +#include "ldb/include/ldb_module.h" #include "ldb/ldb_map/ldb_map.h" #include "system/passwd.h" @@ -118,20 +116,23 @@ static void generate_sambaPrimaryGroupSID(struct ldb_module *module, const char static struct ldb_val convert_uid_samaccount(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { struct ldb_val out = data_blob(NULL, 0); - ldb_handler_copy(module->ldb, ctx, val, &out); + out = ldb_val_dup(ctx, val); return out; } static struct ldb_val lookup_homedir(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { + struct ldb_context *ldb; struct passwd *pwd; struct ldb_val retval; - + + ldb = ldb_module_get_ctx(module); + pwd = getpwnam((char *)val->data); if (!pwd) { - ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Unable to lookup '%s' in passwd", (char *)val->data); + ldb_debug(ldb, LDB_DEBUG_WARNING, "Unable to lookup '%s' in passwd", (char *)val->data); return *talloc_zero(ctx, struct ldb_val); } @@ -145,7 +146,7 @@ static struct ldb_val lookup_gid(struct ldb_module *module, TALLOC_CTX *ctx, con { struct passwd *pwd; struct ldb_val retval; - + pwd = getpwnam((char *)val->data); if (!pwd) { diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 5ab577c33d..65e36416f1 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -34,10 +34,7 @@ #include "includes.h" #include "libcli/ldap/ldap_ndr.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_private.h" -#include "lib/events/events.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "libcli/security/security.h" #include "librpc/gen_ndr/ndr_security.h" @@ -83,11 +80,14 @@ struct samldb_ctx { static struct samldb_ctx *samldb_ctx_init(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct samldb_ctx *ac; + ldb = ldb_module_get_ctx(module); + ac = talloc_zero(req, struct samldb_ctx); if (ac == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return NULL; } @@ -144,10 +144,12 @@ static int samldb_next_step(struct samldb_ctx *ac) static int samldb_search_template_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { ret = LDB_ERR_OPERATIONS_ERROR; @@ -163,7 +165,7 @@ static int samldb_search_template_callback(struct ldb_request *req, /* save entry */ if (ac->ares != NULL) { /* one too many! */ - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid number of results while searching " "for template objects"); ret = LDB_ERR_OPERATIONS_ERROR; @@ -197,6 +199,7 @@ done: static int samldb_search_template(struct samldb_ctx *ac) { + struct ldb_context *ldb; struct tevent_context *ev; struct loadparm_context *lparm_ctx; struct ldb_context *templates_ldb; @@ -206,31 +209,33 @@ static int samldb_search_template(struct samldb_ctx *ac) void *opaque; int ret; - opaque = ldb_get_opaque(ac->module->ldb, "loadparm"); + ldb = ldb_module_get_ctx(ac->module); + + opaque = ldb_get_opaque(ldb, "loadparm"); lparm_ctx = talloc_get_type(opaque, struct loadparm_context); if (lparm_ctx == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Unable to find loadparm context\n"); return LDB_ERR_OPERATIONS_ERROR; } - opaque = ldb_get_opaque(ac->module->ldb, "templates_ldb"); + opaque = ldb_get_opaque(ldb, "templates_ldb"); templates_ldb = talloc_get_type(opaque, struct ldb_context); /* make sure we have the templates ldb */ if (!templates_ldb) { - templates_ldb_path = samdb_relative_path(ac->module->ldb, ac, + templates_ldb_path = samdb_relative_path(ldb, ac, "templates.ldb"); if (!templates_ldb_path) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "samldb_init_template: ERROR: Failed " "to contruct path for template db"); return LDB_ERR_OPERATIONS_ERROR; } - ev = ldb_get_event_context(ac->module->ldb); + ev = ldb_get_event_context(ldb); - templates_ldb = ldb_wrap_connect(ac->module->ldb, ev, + templates_ldb = ldb_wrap_connect(ldb, ev, lparm_ctx, templates_ldb_path, NULL, NULL, 0, NULL); talloc_free(templates_ldb_path); @@ -243,7 +248,7 @@ static int samldb_search_template(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_set_opaque(ac->module->ldb, + ret = ldb_set_opaque(ldb, "templates_ldb", templates_ldb); if (ret != LDB_SUCCESS) { return ret; @@ -254,7 +259,7 @@ static int samldb_search_template(struct samldb_ctx *ac) basedn = ldb_dn_new_fmt(ac, templates_ldb, "cn=Template%s,cn=Templates", ac->type); if (basedn == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "samldb_init_template: ERROR: Failed " "to contruct DN for template"); return LDB_ERR_OPERATIONS_ERROR; @@ -279,11 +284,13 @@ static int samldb_search_template(struct samldb_ctx *ac) static int samldb_apply_template(struct samldb_ctx *ac) { + struct ldb_context *ldb; struct ldb_message_element *el; struct ldb_message *msg; int i, j; int ret; + ldb = ldb_module_get_ctx(ac->module); msg = ac->ares->message; for (i = 0; i < msg->num_elements; i++) { @@ -300,10 +307,10 @@ static int samldb_apply_template(struct samldb_ctx *ac) } for (j = 0; j < el->num_values; j++) { ret = samdb_find_or_add_attribute( - ac->module->ldb, ac->msg, el->name, + ldb, ac->msg, el->name, (char *)el->values[j].data); if (ret != LDB_SUCCESS) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Failed adding template attribute\n"); return LDB_ERR_OPERATIONS_ERROR; } @@ -318,11 +325,13 @@ static int samldb_get_parent_domain(struct samldb_ctx *ac); static int samldb_get_parent_domain_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; const char *nextRid; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { ret = LDB_ERR_OPERATIONS_ERROR; @@ -338,7 +347,7 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, /* save entry */ if (ac->domain_dn != NULL) { /* one too many! */ - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid number of results while searching " "for domain object"); ret = LDB_ERR_OPERATIONS_ERROR; @@ -348,7 +357,7 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, nextRid = ldb_msg_find_attr_as_string(ares->message, "nextRid", NULL); if (nextRid == NULL) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "while looking for domain above %s attribute nextRid not found in %s\n", ldb_dn_get_linearized(ac->req->op.add.message->dn), ldb_dn_get_linearized(ares->message->dn)); @@ -361,7 +370,7 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, ac->domain_sid = samdb_result_dom_sid(ac, ares->message, "objectSid"); if (ac->domain_sid == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "error retrieving parent domain domain sid!\n"); ret = LDB_ERR_CONSTRAINT_VIOLATION; break; @@ -370,7 +379,7 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, talloc_free(ares); ret = LDB_SUCCESS; - ldb_reset_err_string(ac->module->ldb); + ldb_reset_err_string(ldb); break; case LDB_REPLY_REFERRAL: @@ -403,25 +412,28 @@ done: /* Find a domain object in the parents of a particular DN. */ static int samldb_get_parent_domain(struct samldb_ctx *ac) { + struct ldb_context *ldb; static const char * const attrs[3] = { "objectSid", "nextRid", NULL }; struct ldb_request *req; struct ldb_dn *dn; int ret; + ldb = ldb_module_get_ctx(ac->module); + if (ac->check_dn == NULL) { return LDB_ERR_OPERATIONS_ERROR; } dn = ldb_dn_get_parent(ac, ac->check_dn); if (dn == NULL) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Unable to find parent domain object"); return LDB_ERR_CONSTRAINT_VIOLATION; } ac->check_dn = dn; - ret = ldb_build_search_req(&req, ac->module->ldb, ac, + ret = ldb_build_search_req(&req, ldb, ac, dn, LDB_SCOPE_BASE, "(|(objectClass=domain)" "(objectClass=builtinDomain)" @@ -503,11 +515,14 @@ done: static int samldb_check_samAccountName(struct samldb_ctx *ac) { + struct ldb_context *ldb; struct ldb_request *req; const char *name; char *filter; int ret; + ldb = ldb_module_get_ctx(ac->module); + if (ldb_msg_find_element(ac->msg, "samAccountName") == NULL) { ret = samldb_generate_samAccountName(ac->msg); if (ret != LDB_SUCCESS) { @@ -524,7 +539,7 @@ static int samldb_check_samAccountName(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&req, ac->module->ldb, ac, + ret = ldb_build_search_req(&req, ldb, ac, ac->domain_dn, LDB_SCOPE_SUBTREE, filter, NULL, NULL, @@ -540,14 +555,17 @@ static int samldb_check_samAccountName(struct samldb_ctx *ac) static int samldb_check_samAccountType(struct samldb_ctx *ac) { + struct ldb_context *ldb; unsigned int account_type; unsigned int group_type; unsigned int uac; int ret; + ldb = ldb_module_get_ctx(ac->module); + /* make sure sAMAccountType is not specified */ if (ldb_msg_find_element(ac->msg, "sAMAccountType") != NULL) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "sAMAccountType must not be specified"); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -555,12 +573,12 @@ static int samldb_check_samAccountType(struct samldb_ctx *ac) if (strcmp("user", ac->type) == 0) { uac = samdb_result_uint(ac->msg, "userAccountControl", 0); if (uac == 0) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "userAccountControl invalid"); return LDB_ERR_UNWILLING_TO_PERFORM; } else { account_type = samdb_uf2atype(uac); - ret = samdb_msg_add_uint(ac->module->ldb, + ret = samdb_msg_add_uint(ldb, ac->msg, ac->msg, "sAMAccountType", account_type); @@ -573,12 +591,12 @@ static int samldb_check_samAccountType(struct samldb_ctx *ac) group_type = samdb_result_uint(ac->msg, "groupType", 0); if (group_type == 0) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "groupType invalid"); return LDB_ERR_UNWILLING_TO_PERFORM; } else { account_type = samdb_gtype2atype(group_type); - ret = samdb_msg_add_uint(ac->module->ldb, + ret = samdb_msg_add_uint(ldb, ac->msg, ac->msg, "sAMAccountType", account_type); @@ -594,11 +612,13 @@ static int samldb_check_samAccountType(struct samldb_ctx *ac) static int samldb_get_sid_domain_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; const char *nextRid; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { ret = LDB_ERR_OPERATIONS_ERROR; @@ -614,7 +634,7 @@ static int samldb_get_sid_domain_callback(struct ldb_request *req, /* save entry */ if (ac->next_rid != 0) { /* one too many! */ - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid number of results while searching " "for domain object"); ret = LDB_ERR_OPERATIONS_ERROR; @@ -624,7 +644,7 @@ static int samldb_get_sid_domain_callback(struct ldb_request *req, nextRid = ldb_msg_find_attr_as_string(ares->message, "nextRid", NULL); if (nextRid == NULL) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "attribute nextRid not found in %s\n", ldb_dn_get_linearized(ares->message->dn)); ret = LDB_ERR_OPERATIONS_ERROR; @@ -648,7 +668,7 @@ static int samldb_get_sid_domain_callback(struct ldb_request *req, case LDB_REPLY_DONE: if (ac->next_rid == 0) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "Unable to get nextRid from domain entry\n"); ret = LDB_ERR_OPERATIONS_ERROR; break; @@ -670,11 +690,14 @@ done: /* Find a domain object in the parents of a particular DN. */ static int samldb_get_sid_domain(struct samldb_ctx *ac) { + struct ldb_context *ldb; static const char * const attrs[2] = { "nextRid", NULL }; struct ldb_request *req; char *filter; int ret; + ldb = ldb_module_get_ctx(ac->module); + if (ac->sid == NULL) { return LDB_ERR_OPERATIONS_ERROR; } @@ -695,8 +718,8 @@ static int samldb_get_sid_domain(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&req, ac->module->ldb, ac, - ldb_get_default_basedn(ac->module->ldb), + ret = ldb_build_search_req(&req, ldb, ac, + ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, filter, attrs, NULL, @@ -793,6 +816,7 @@ done: static int samldb_check_sid(struct samldb_ctx *ac) { + struct ldb_context *ldb; const char *const attrs[2] = { "objectSid", NULL }; struct ldb_request *req; char *filter; @@ -802,14 +826,16 @@ static int samldb_check_sid(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } + ldb = ldb_module_get_ctx(ac->module); + filter = talloc_asprintf(ac, "(objectSid=%s)", ldap_encode_ndr_dom_sid(ac, ac->sid)); if (filter == NULL) { return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&req, ac->module->ldb, ac, - ldb_get_default_basedn(ac->module->ldb), + ret = ldb_build_search_req(&req, ldb, ac, + ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, filter, attrs, NULL, @@ -826,10 +852,12 @@ static int samldb_check_sid(struct samldb_ctx *ac) static int samldb_notice_sid_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { ret = LDB_ERR_OPERATIONS_ERROR; @@ -840,7 +868,7 @@ static int samldb_notice_sid_callback(struct ldb_request *req, ares->response, ares->error); } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid reply type!\n"); ret = LDB_ERR_OPERATIONS_ERROR; goto done; @@ -861,6 +889,7 @@ done: *atomically. */ static int samldb_notice_sid(struct samldb_ctx *ac) { + struct ldb_context *ldb; uint32_t old_id, new_id; struct ldb_request *req; struct ldb_message *msg; @@ -868,6 +897,7 @@ static int samldb_notice_sid(struct samldb_ctx *ac) struct ldb_val *vals; int ret; + ldb = ldb_module_get_ctx(ac->module); old_id = ac->next_rid; new_id = ac->sid->sub_auths[ac->sid->num_auths - 1]; @@ -880,17 +910,17 @@ static int samldb_notice_sid(struct samldb_ctx *ac) a race, in case we are not actually on a transaction db */ msg = talloc_zero(ac, struct ldb_message); if (msg == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } els = talloc_array(msg, struct ldb_message_element, 2); if (els == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } vals = talloc_array(msg, struct ldb_val, 2); if (vals == NULL) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } msg->dn = ac->domain_dn; @@ -902,7 +932,7 @@ static int samldb_notice_sid(struct samldb_ctx *ac) els[0].flags = LDB_FLAG_MOD_DELETE; els[0].name = talloc_strdup(msg, "nextRid"); if (!els[0].name) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -913,19 +943,19 @@ static int samldb_notice_sid(struct samldb_ctx *ac) vals[0].data = (uint8_t *)talloc_asprintf(vals, "%u", old_id); if (!vals[0].data) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } vals[0].length = strlen((char *)vals[0].data); vals[1].data = (uint8_t *)talloc_asprintf(vals, "%u", new_id); if (!vals[1].data) { - ldb_oom(ac->module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } vals[1].length = strlen((char *)vals[1].data); - ret = ldb_build_mod_req(&req, ac->module->ldb, ac, + ret = ldb_build_mod_req(&req, ldb, ac, msg, NULL, ac, samldb_notice_sid_callback, ac->req); @@ -939,9 +969,11 @@ static int samldb_notice_sid(struct samldb_ctx *ac) static int samldb_add_entry_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -952,7 +984,7 @@ static int samldb_add_entry_callback(struct ldb_request *req, ares->response, ares->error); } if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid reply type!\n"); return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); @@ -965,10 +997,13 @@ static int samldb_add_entry_callback(struct ldb_request *req, static int samldb_add_entry(struct samldb_ctx *ac) { + struct ldb_context *ldb; struct ldb_request *req; int ret; - ret = ldb_build_add_req(&req, ac->module->ldb, ac, + ldb = ldb_module_get_ctx(ac->module); + + ret = ldb_build_add_req(&req, ldb, ac, ac->msg, ac->req->controls, ac, samldb_add_entry_callback, @@ -1037,12 +1072,14 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) static int samldb_foreign_notice_sid_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; const char *nextRid; const char *name; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { ret = LDB_ERR_OPERATIONS_ERROR; @@ -1058,7 +1095,7 @@ static int samldb_foreign_notice_sid_callback(struct ldb_request *req, /* save entry */ if (ac->next_rid != 0) { /* one too many! */ - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "Invalid number of results while searching " "for domain object"); ret = LDB_ERR_OPERATIONS_ERROR; @@ -1068,7 +1105,7 @@ static int samldb_foreign_notice_sid_callback(struct ldb_request *req, nextRid = ldb_msg_find_attr_as_string(ares->message, "nextRid", NULL); if (nextRid == NULL) { - ldb_asprintf_errstring(ac->module->ldb, + ldb_asprintf_errstring(ldb, "while looking for forign sid %s attribute nextRid not found in %s\n", dom_sid_string(ares, ac->sid), ldb_dn_get_linearized(ares->message->dn)); ret = LDB_ERR_OPERATIONS_ERROR; @@ -1080,7 +1117,7 @@ static int samldb_foreign_notice_sid_callback(struct ldb_request *req, ac->domain_dn = talloc_steal(ac, ares->message->dn); name = samdb_result_string(ares->message, "name", NULL); - ldb_debug(ac->module->ldb, LDB_DEBUG_TRACE, + ldb_debug(ldb, LDB_DEBUG_TRACE, "NOTE (strange but valid): Adding foreign SID " "record with SID %s, but this domain (%s) is " "not foreign in the database", @@ -1118,12 +1155,15 @@ done: /* Find a domain object in the parents of a particular DN. */ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) { + struct ldb_context *ldb; static const char * const attrs[3] = { "nextRid", "name", NULL }; struct ldb_request *req; NTSTATUS status; char *filter; int ret; + ldb = ldb_module_get_ctx(ac->module); + if (ac->sid == NULL) { return LDB_ERR_OPERATIONS_ERROR; } @@ -1139,8 +1179,8 @@ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&req, ac->module->ldb, ac, - ldb_get_default_basedn(ac->module->ldb), + ret = ldb_build_search_req(&req, ldb, ac, + ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, filter, attrs, NULL, @@ -1157,14 +1197,17 @@ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac) { + struct ldb_context *ldb; int ret; + ldb = ldb_module_get_ctx(ac->module); + ac->sid = samdb_result_dom_sid(ac->msg, ac->msg, "objectSid"); if (ac->sid == NULL) { ac->sid = dom_sid_parse_talloc(ac->msg, (const char *)ldb_dn_get_rdn_val(ac->msg->dn)->data); if (!ac->sid) { - ldb_set_errstring(ac->module->ldb, + ldb_set_errstring(ldb, "No valid found SID in " "ForeignSecurityPrincipal CN!"); talloc_free(ac); @@ -1202,12 +1245,14 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac) static int samldb_check_rdn(struct ldb_module *module, struct ldb_dn *dn) { + struct ldb_context *ldb; const char *rdn_name; + ldb = ldb_module_get_ctx(module); rdn_name = ldb_dn_get_rdn_name(dn); if (strcasecmp(rdn_name, "cn") != 0) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "Bad RDN (%s=) for samldb object, " "should be CN=!\n", rdn_name); return LDB_ERR_CONSTRAINT_VIOLATION; @@ -1219,10 +1264,12 @@ static int samldb_check_rdn(struct ldb_module *module, struct ldb_dn *dn) /* add_record */ static int samldb_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct samldb_ctx *ac; int ret; - ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_add_record\n"); + ldb = ldb_module_get_ctx(module); + ldb_debug(ldb, LDB_DEBUG_TRACE, "samldb_add_record\n"); /* do not manipulate our control entries */ if (ldb_dn_is_special(req->op.add.message->dn)) { @@ -1238,17 +1285,17 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) ac->msg = ldb_msg_copy(ac, ac->req->op.add.message); if (!ac->msg) { talloc_free(ac); - ldb_debug(ac->module->ldb, LDB_DEBUG_FATAL, + ldb_debug(ldb, LDB_DEBUG_FATAL, "samldb_add: ldb_msg_copy failed!\n"); return LDB_ERR_OPERATIONS_ERROR; } - if (samdb_find_attribute(module->ldb, ac->msg, + if (samdb_find_attribute(ldb, ac->msg, "objectclass", "computer") != NULL) { /* make sure the computer object also has the 'user' * objectclass so it will be handled by the next call */ - ret = samdb_find_or_add_value(module->ldb, ac->msg, + ret = samdb_find_or_add_value(ldb, ac->msg, "objectclass", "user"); if (ret != LDB_SUCCESS) { talloc_free(ac); @@ -1256,7 +1303,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) } } - if (samdb_find_attribute(module->ldb, ac->msg, + if (samdb_find_attribute(ldb, ac->msg, "objectclass", "user") != NULL) { ret = samldb_check_rdn(module, ac->req->op.add.message->dn); @@ -1268,7 +1315,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) return samldb_fill_object(ac, "user"); } - if (samdb_find_attribute(module->ldb, ac->msg, + if (samdb_find_attribute(ldb, ac->msg, "objectclass", "group") != NULL) { ret = samldb_check_rdn(module, ac->req->op.add.message->dn); @@ -1281,7 +1328,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) } /* perhaps a foreignSecurityPrincipal? */ - if (samdb_find_attribute(module->ldb, ac->msg, + if (samdb_find_attribute(ldb, ac->msg, "objectclass", "foreignSecurityPrincipal") != NULL) { @@ -1303,6 +1350,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) /* modify */ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_message *msg; struct ldb_message_element *el, *el2; int ret; @@ -1311,8 +1359,10 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } + ldb = ldb_module_get_ctx(module); + if (ldb_msg_find_element(req->op.mod.message, "sAMAccountType") != NULL) { - ldb_asprintf_errstring(module->ldb, "sAMAccountType must not be specified"); + ldb_asprintf_errstring(ldb, "sAMAccountType must not be specified"); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -1324,7 +1374,7 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) group_type = strtoul((const char *)el->values[0].data, NULL, 0); account_type = samdb_gtype2atype(group_type); - ret = samdb_msg_add_uint(module->ldb, msg, msg, + ret = samdb_msg_add_uint(ldb, msg, msg, "sAMAccountType", account_type); if (ret != LDB_SUCCESS) { @@ -1340,7 +1390,7 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) user_account_control = strtoul((const char *)el->values[0].data, NULL, 0); account_type = samdb_uf2atype(user_account_control); - ret = samdb_msg_add_uint(module->ldb, msg, msg, + ret = samdb_msg_add_uint(ldb, msg, msg, "sAMAccountType", account_type); if (ret != LDB_SUCCESS) { diff --git a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c index bfcf239f3a..a134a3d4d0 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c @@ -22,14 +22,11 @@ */ #include "includes.h" -#include "lib/ldb/include/ldb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" +#include "ldb_module.h" #include "dsdb/samdb/samdb.h" #include "librpc/gen_ndr/ndr_misc.h" #include "librpc/gen_ndr/ndr_drsuapi.h" #include "librpc/gen_ndr/ndr_drsblobs.h" -#include "../lib/util/dlinklist.h" #include "param/param.h" static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg, @@ -82,6 +79,7 @@ struct schema_fsmo_search_data { static int schema_fsmo_init(struct ldb_module *module) { + struct ldb_context *ldb; TALLOC_CTX *mem_ctx; struct ldb_dn *schema_dn; struct dsdb_schema *schema; @@ -89,53 +87,54 @@ static int schema_fsmo_init(struct ldb_module *module) int ret; struct schema_fsmo_private_data *data; - schema_dn = samdb_schema_dn(module->ldb); + ldb = ldb_module_get_ctx(module); + schema_dn = samdb_schema_dn(ldb); if (!schema_dn) { - ldb_reset_err_string(module->ldb); - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_reset_err_string(ldb); + ldb_debug(ldb, LDB_DEBUG_WARNING, "schema_fsmo_init: no schema dn present: (skip schema loading)\n"); return ldb_next_init(module); } data = talloc(module, struct schema_fsmo_private_data); if (data == NULL) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } /* Check to see if this is a result on the CN=Aggregate schema */ data->aggregate_dn = ldb_dn_copy(data, schema_dn); if (!ldb_dn_add_child_fmt(data->aggregate_dn, "CN=Aggregate")) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - module->private_data = data; + ldb_module_set_private(module, data); - if (dsdb_get_schema(module->ldb)) { + if (dsdb_get_schema(ldb)) { return ldb_next_init(module); } mem_ctx = talloc_new(module); if (!mem_ctx) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = dsdb_schema_from_schema_dn(mem_ctx, module->ldb, - lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")), + ret = dsdb_schema_from_schema_dn(mem_ctx, ldb, + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), schema_dn, &schema, &error_string); if (ret == LDB_ERR_NO_SUCH_OBJECT) { - ldb_reset_err_string(module->ldb); - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_reset_err_string(ldb); + ldb_debug(ldb, LDB_DEBUG_WARNING, "schema_fsmo_init: no schema head present: (skip schema loading)\n"); talloc_free(mem_ctx); return ldb_next_init(module); } if (ret != LDB_SUCCESS) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "schema_fsmo_init: dsdb_schema load failed: %s", error_string); talloc_free(mem_ctx); @@ -143,9 +142,9 @@ static int schema_fsmo_init(struct ldb_module *module) } /* dsdb_set_schema() steal schema into the ldb_context */ - ret = dsdb_set_schema(module->ldb, schema); + ret = dsdb_set_schema(ldb, schema); if (ret != LDB_SUCCESS) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "schema_fsmo_init: dsdb_set_schema() failed: %d:%s", ret, ldb_strerror(ret)); talloc_free(mem_ctx); @@ -158,6 +157,7 @@ static int schema_fsmo_init(struct ldb_module *module) static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct dsdb_schema *schema; const char *attributeID = NULL; const char *governsID = NULL; @@ -166,6 +166,8 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) uint32_t id32; WERROR status; + ldb = ldb_module_get_ctx(module); + /* special objects should always go through */ if (ldb_dn_is_special(req->op.add.message->dn)) { return ldb_next_request(module, req); @@ -176,13 +178,13 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } - schema = dsdb_get_schema(module->ldb); + schema = dsdb_get_schema(ldb); if (!schema) { return ldb_next_request(module, req); } if (!schema->fsmo.we_are_master) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "schema_fsmo_add: we are not master: reject request\n"); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -206,15 +208,15 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) if (W_ERROR_IS_OK(status)) { return ldb_next_request(module, req); } else if (!W_ERROR_EQUAL(WERR_DS_NO_MSDS_INTID, status)) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "schema_fsmo_add: failed to map %s[%s]: %s\n", oid_attr, oid, win_errstr(status)); return LDB_ERR_UNWILLING_TO_PERFORM; } - status = dsdb_create_prefix_mapping(module->ldb, schema, oid); + status = dsdb_create_prefix_mapping(ldb, schema, oid); if (!W_ERROR_IS_OK(status)) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, + ldb_debug_set(ldb, LDB_DEBUG_ERROR, "schema_fsmo_add: failed to create prefix mapping for %s[%s]: %s\n", oid_attr, oid, win_errstr(status)); return LDB_ERR_UNWILLING_TO_PERFORM; @@ -225,44 +227,47 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_dn *schema_dn; struct dsdb_schema *schema; char *error_string = NULL; int ret; TALLOC_CTX *mem_ctx; - + + ldb = ldb_module_get_ctx(module); + if (strcmp(req->op.extended.oid, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID) != 0) { return ldb_next_request(module, req); } - schema_dn = samdb_schema_dn(module->ldb); + schema_dn = samdb_schema_dn(ldb); if (!schema_dn) { - ldb_reset_err_string(module->ldb); - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_reset_err_string(ldb); + ldb_debug(ldb, LDB_DEBUG_WARNING, "schema_fsmo_extended: no schema dn present: (skip schema loading)\n"); return ldb_next_request(module, req); } mem_ctx = talloc_new(module); if (!mem_ctx) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = dsdb_schema_from_schema_dn(mem_ctx, module->ldb, - lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")), + ret = dsdb_schema_from_schema_dn(mem_ctx, ldb, + lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), schema_dn, &schema, &error_string); if (ret == LDB_ERR_NO_SUCH_OBJECT) { - ldb_reset_err_string(module->ldb); - ldb_debug(module->ldb, LDB_DEBUG_WARNING, + ldb_reset_err_string(ldb); + ldb_debug(ldb, LDB_DEBUG_WARNING, "schema_fsmo_extended: no schema head present: (skip schema loading)\n"); talloc_free(mem_ctx); return ldb_next_request(module, req); } if (ret != LDB_SUCCESS) { - ldb_asprintf_errstring(module->ldb, + ldb_asprintf_errstring(ldb, "schema_fsmo_extended: dsdb_schema load failed: %s", error_string); talloc_free(mem_ctx); @@ -270,9 +275,9 @@ static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *r } /* Replace the old schema*/ - ret = dsdb_set_schema(module->ldb, schema); + ret = dsdb_set_schema(ldb, schema); if (ret != LDB_SUCCESS) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "schema_fsmo_extended: dsdb_set_schema() failed: %d:%s", ret, ldb_strerror(ret)); talloc_free(mem_ctx); @@ -385,12 +390,14 @@ static int generate_extendedClassInfo(struct ldb_context *ldb, */ static int schema_fsmo_search_callback(struct ldb_request *req, struct ldb_reply *ares) { + struct ldb_context *ldb; struct schema_fsmo_search_data *ac; struct schema_fsmo_private_data *mc; int i, ret; ac = talloc_get_type(req->context, struct schema_fsmo_search_data); - mc = talloc_get_type(ac->module->private_data, struct schema_fsmo_private_data); + mc = talloc_get_type(ldb_module_get_private(ac->module), struct schema_fsmo_private_data); + ldb = ldb_module_get_ctx(ac->module); if (!ares) { return ldb_module_done(ac->req, NULL, NULL, @@ -411,7 +418,7 @@ static int schema_fsmo_search_callback(struct ldb_request *req, struct ldb_reply for (i=0; i < ARRAY_SIZE(generated_attrs); i++) { if (ldb_attr_in_list(ac->req->op.search.attrs, generated_attrs[i].attr)) { - ret = generated_attrs[i].fn(ac->module->ldb, ares->message, ac->schema); + ret = generated_attrs[i].fn(ldb, ares->message, ac->schema); if (ret != LDB_SUCCESS) { return ret; } @@ -436,12 +443,13 @@ static int schema_fsmo_search_callback(struct ldb_request *req, struct ldb_reply /* search */ static int schema_fsmo_search(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb = ldb_module_get_ctx(module); int i, ret; struct schema_fsmo_search_data *search_context; struct ldb_request *down_req; - struct dsdb_schema *schema = dsdb_get_schema(module->ldb); + struct dsdb_schema *schema = dsdb_get_schema(ldb); - if (!schema || !module->private_data) { + if (!schema || !ldb_module_get_private(module)) { /* If there is no schema, there is little we can do */ return ldb_next_request(module, req); } @@ -458,7 +466,7 @@ static int schema_fsmo_search(struct ldb_module *module, struct ldb_request *req search_context = talloc(req, struct schema_fsmo_search_data); if (!search_context) { - ldb_oom(module->ldb); + ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } @@ -466,7 +474,7 @@ static int schema_fsmo_search(struct ldb_module *module, struct ldb_request *req search_context->req = req; search_context->schema = schema; - ret = ldb_build_search_req_ex(&down_req, module->ldb, search_context, + ret = ldb_build_search_req_ex(&down_req, ldb, search_context, req->op.search.base, req->op.search.scope, req->op.search.tree, diff --git a/source4/dsdb/samdb/ldb_modules/show_deleted.c b/source4/dsdb/samdb/ldb_modules/show_deleted.c index 0914e51ebe..d619558c21 100644 --- a/source4/dsdb/samdb/ldb_modules/show_deleted.c +++ b/source4/dsdb/samdb/ldb_modules/show_deleted.c @@ -33,9 +33,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_errors.h" -#include "ldb/include/ldb_private.h" +#include "ldb/include/ldb_module.h" #include "dsdb/samdb/samdb.h" /* search */ @@ -79,6 +77,7 @@ static int show_deleted_search_callback(struct ldb_request *req, static int show_deleted_search(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; struct ldb_control *control; struct ldb_control **saved_controls; struct show_deleted_search_request *ar; @@ -87,6 +86,8 @@ static int show_deleted_search(struct ldb_module *module, struct ldb_request *re char *new_filter; int ret; + ldb = ldb_module_get_ctx(module); + ar = talloc_zero(req, struct show_deleted_search_request); if (ar == NULL) { return LDB_ERR_OPERATIONS_ERROR; @@ -102,7 +103,7 @@ static int show_deleted_search(struct ldb_module *module, struct ldb_request *re new_filter = talloc_asprintf(ar, "(&(!(isDeleted=TRUE))%s)", old_filter); - ret = ldb_build_search_req(&down_req, module->ldb, ar, + ret = ldb_build_search_req(&down_req, ldb, ar, req->op.search.base, req->op.search.scope, new_filter, @@ -112,7 +113,7 @@ static int show_deleted_search(struct ldb_module *module, struct ldb_request *re req); } else { - ret = ldb_build_search_req_ex(&down_req, module->ldb, ar, + ret = ldb_build_search_req_ex(&down_req, ldb, ar, req->op.search.base, req->op.search.scope, req->op.search.tree, @@ -136,11 +137,14 @@ static int show_deleted_search(struct ldb_module *module, struct ldb_request *re static int show_deleted_init(struct ldb_module *module) { + struct ldb_context *ldb; int ret; + ldb = ldb_module_get_ctx(module); + ret = ldb_mod_register_control(module, LDB_CONTROL_SHOW_DELETED_OID); if (ret != LDB_SUCCESS) { - ldb_debug(module->ldb, LDB_DEBUG_ERROR, + ldb_debug(ldb, LDB_DEBUG_ERROR, "extended_dn: Unable to register control with rootdse!\n"); return LDB_ERR_OPERATIONS_ERROR; } diff --git a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c index 0e42f7869a..948241b094 100644 --- a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c +++ b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c @@ -27,9 +27,7 @@ */ #include "includes.h" -#include "ldb/include/ldb.h" -#include "ldb/include/ldb_private.h" -#include "ldb/include/ldb_errors.h" +#include "ldb/include/ldb_module.h" #include "ldb/ldb_map/ldb_map.h" #include "librpc/gen_ndr/ndr_misc.h" @@ -105,7 +103,7 @@ static struct ldb_val guid_ns_string(struct ldb_module *module, TALLOC_CTX *ctx, static struct ldb_val val_copy(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { struct ldb_val out = data_blob(NULL, 0); - ldb_handler_copy(module->ldb, ctx, val, &out); + out = ldb_val_dup(ctx, val); return out; } @@ -113,10 +111,11 @@ static struct ldb_val val_copy(struct ldb_module *module, TALLOC_CTX *ctx, const /* Ensure we always convert sids into binary, so the backend doesn't have to know about both forms */ static struct ldb_val sid_always_binary(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { + struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_val out = data_blob(NULL, 0); - const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(module->ldb, "objectSid"); + const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, "objectSid"); - if (a->syntax->canonicalise_fn(module->ldb, ctx, val, &out) != LDB_SUCCESS) { + if (a->syntax->canonicalise_fn(ldb, ctx, val, &out) != LDB_SUCCESS) { return data_blob(NULL, 0); } @@ -126,18 +125,19 @@ static struct ldb_val sid_always_binary(struct ldb_module *module, TALLOC_CTX *c /* Ensure we always convert objectCategory into a DN */ static struct ldb_val objectCategory_always_dn(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { + struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_dn *dn; struct ldb_val out = data_blob(NULL, 0); - const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(module->ldb, "objectCategory"); + const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, "objectCategory"); - dn = ldb_dn_from_ldb_val(ctx, module->ldb, val); + dn = ldb_dn_from_ldb_val(ctx, ldb, val); if (dn && ldb_dn_validate(dn)) { talloc_free(dn); return val_copy(module, ctx, val); } talloc_free(dn); - if (a->syntax->canonicalise_fn(module->ldb, ctx, val, &out) != LDB_SUCCESS) { + if (a->syntax->canonicalise_fn(ldb, ctx, val, &out) != LDB_SUCCESS) { return data_blob(NULL, 0); } @@ -603,6 +603,7 @@ static int get_seq_callback(struct ldb_request *req, static int entryuuid_sequence_number(struct ldb_module *module, struct ldb_request *req) { + struct ldb_context *ldb; int ret; struct map_private *map_private; struct entryuuid_private *entryuuid_private; @@ -620,16 +621,18 @@ static int entryuuid_sequence_number(struct ldb_module *module, struct ldb_reque struct ldb_seqnum_result *seqr; struct ldb_extended *ext; + ldb = ldb_module_get_ctx(module); + seq = talloc_get_type(req->op.extended.data, struct ldb_seqnum_request); - map_private = talloc_get_type(module->private_data, struct map_private); + map_private = talloc_get_type(ldb_module_get_private(module), struct map_private); entryuuid_private = talloc_get_type(map_private->caller_private, struct entryuuid_private); /* All this to get the DN of the parition, so we can search the right thing */ partition_ctrl = ldb_request_get_control(req, DSDB_CONTROL_CURRENT_PARTITION_OID); if (!partition_ctrl) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, + ldb_debug_set(ldb, LDB_DEBUG_FATAL, "entryuuid_sequence_number: no current partition control found"); return LDB_ERR_CONSTRAINT_VIOLATION; } @@ -638,7 +641,7 @@ static int entryuuid_sequence_number(struct ldb_module *module, struct ldb_reque struct dsdb_control_current_partition); SMB_ASSERT(partition && partition->version == DSDB_CONTROL_CURRENT_PARTITION_VERSION); - ret = ldb_build_search_req(&search_req, module->ldb, req, + ret = ldb_build_search_req(&search_req, ldb, req, partition->dn, LDB_SCOPE_BASE, NULL, contextCSN_attr, NULL, &seq_num, get_seq_callback, diff --git a/source4/dsdb/schema/schema_set.c b/source4/dsdb/schema/schema_set.c index d0aae4e221..d6b3e40e1a 100644 --- a/source4/dsdb/schema/schema_set.c +++ b/source4/dsdb/schema/schema_set.c @@ -22,9 +22,7 @@ #include "includes.h" #include "dsdb/samdb/samdb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "lib/ldb/include/ldb_private.h" -#include "../lib/util/dlinklist.h" +#include "lib/ldb/include/ldb_module.h" #include "param/param.h" |