1 /*
2 ldb database library
3
4 Copyright (C) Simo Sorce 2005
5
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
8 ** under the LGPL
9
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
14
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24 /*
25 * Name: ldb_controls.c
26 *
27 * Component: ldb controls utility functions
28 *
29 * Description: helper functions for control modules
30 *
31 * Author: Simo Sorce
32 */
33
34 #include "ldb_private.h"
35
36 /* check if a control with the specified "oid" exist and return it */
37 /* returns NULL if not found */
ldb_request_get_control(struct ldb_request * req,const char * oid)38 struct ldb_control *ldb_request_get_control(struct ldb_request *req, const char *oid)
39 {
40 unsigned int i;
41
42 if (req->controls != NULL) {
43 for (i = 0; req->controls[i]; i++) {
44 if (req->controls[i]->oid && strcmp(oid, req->controls[i]->oid) == 0) {
45 break;
46 }
47 }
48
49 return req->controls[i];
50 }
51
52 return NULL;
53 }
54
55 /* check if a control with the specified "oid" exist and return it */
56 /* returns NULL if not found */
ldb_reply_get_control(struct ldb_reply * rep,const char * oid)57 struct ldb_control *ldb_reply_get_control(struct ldb_reply *rep, const char *oid)
58 {
59 unsigned int i;
60
61 if (rep->controls != NULL) {
62 for (i = 0; rep->controls[i]; i++) {
63 if (rep->controls[i]->oid && strcmp(oid, rep->controls[i]->oid) == 0) {
64 break;
65 }
66 }
67
68 return rep->controls[i];
69 }
70
71 return NULL;
72 }
73
74 /*
75 * Saves the current controls list into the "saver" (can also be NULL) and
76 * replace the one in "req" with a new one excluding the "exclude" control
77 * (if it is NULL then the list remains the same)
78 *
79 * Returns 0 on error.
80 */
ldb_save_controls(struct ldb_control * exclude,struct ldb_request * req,struct ldb_control *** saver)81 int ldb_save_controls(struct ldb_control *exclude, struct ldb_request *req, struct ldb_control ***saver)
82 {
83 struct ldb_control **lcs, **lcs_old;
84 unsigned int i, j;
85
86 lcs_old = req->controls;
87 if (saver != NULL) {
88 *saver = lcs_old;
89 }
90
91 for (i = 0; req->controls && req->controls[i]; i++);
92 if (i == 0) {
93 req->controls = NULL;
94 return 1;
95 }
96
97 lcs = talloc_array(req, struct ldb_control *, i + 1);
98 if (!lcs) {
99 return 0;
100 }
101
102 for (i = 0, j = 0; lcs_old[i]; i++) {
103 if (exclude == lcs_old[i]) continue;
104 lcs[j] = lcs_old[i];
105 j++;
106 }
107 lcs[j] = NULL;
108
109 req->controls = talloc_realloc(req, lcs, struct ldb_control *, j + 1);
110 if (req->controls == NULL) {
111 return 0;
112 }
113 return 1;
114 }
115
116 /*
117 * Returns a list of controls, except the one specified with "exclude" (can
118 * also be NULL). Included controls become a child of returned list if they
119 * were children of "controls_in".
120 *
121 * Returns NULL on error (OOM) or an empty control list.
122 */
ldb_controls_except_specified(struct ldb_control ** controls_in,TALLOC_CTX * mem_ctx,struct ldb_control * exclude)123 struct ldb_control **ldb_controls_except_specified(struct ldb_control **controls_in,
124 TALLOC_CTX *mem_ctx,
125 struct ldb_control *exclude)
126 {
127 struct ldb_control **lcs = NULL;
128 unsigned int i, j, n;
129
130 for (i = 0; controls_in && controls_in[i]; i++);
131 if (i == 0) {
132 return NULL;
133 }
134 n = i;
135
136 for (i = 0, j = 0; controls_in && controls_in[i]; i++) {
137 if (exclude == controls_in[i]) continue;
138
139 if (!lcs) {
140 /* Allocate here so if we remove the only
141 * control, or there were no controls, we
142 * don't allocate at all, and just return
143 * NULL */
144 lcs = talloc_array(mem_ctx, struct ldb_control *,
145 n + 1);
146 if (!lcs) {
147 return NULL;
148 }
149 }
150
151 lcs[j] = controls_in[i];
152 talloc_reparent(controls_in, lcs, lcs[j]);
153 j++;
154 }
155 if (lcs) {
156 lcs[j] = NULL;
157
158 lcs = talloc_realloc(mem_ctx, lcs, struct ldb_control *, j + 1);
159 }
160
161 return lcs;
162 }
163
164 /* check if there's any control marked as critical in the list */
165 /* return True if any, False if none */
ldb_check_critical_controls(struct ldb_control ** controls)166 int ldb_check_critical_controls(struct ldb_control **controls)
167 {
168 unsigned int i;
169
170 if (controls == NULL) {
171 return 0;
172 }
173
174 for (i = 0; controls[i]; i++) {
175 if (controls[i]->critical) {
176 return 1;
177 }
178 }
179
180 return 0;
181 }
182
ldb_request_add_control(struct ldb_request * req,const char * oid,bool critical,void * data)183 int ldb_request_add_control(struct ldb_request *req, const char *oid, bool critical, void *data)
184 {
185 unsigned int i, n;
186 struct ldb_control **ctrls;
187 struct ldb_control *ctrl;
188
189 for (n=0; req->controls && req->controls[n];n++) {
190 /* having two controls of the same OID makes no sense */
191 if (req->controls[n]->oid && strcmp(oid, req->controls[n]->oid) == 0) {
192 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
193 }
194 }
195
196 ctrls = talloc_array(req,
197 struct ldb_control *,
198 n + 2);
199 if (!ctrls) return LDB_ERR_OPERATIONS_ERROR;
200
201 for (i=0; i<n; i++) {
202 ctrls[i] = req->controls[i];
203 }
204
205 req->controls = ctrls;
206 ctrls[n] = NULL;
207 ctrls[n+1] = NULL;
208
209 ctrl = talloc(ctrls, struct ldb_control);
210 if (!ctrl) return LDB_ERR_OPERATIONS_ERROR;
211
212 ctrl->oid = talloc_strdup(ctrl, oid);
213 if (!ctrl->oid) return LDB_ERR_OPERATIONS_ERROR;
214 ctrl->critical = critical;
215 ctrl->data = data;
216
217 ctrls[n] = ctrl;
218 return LDB_SUCCESS;
219 }
220
ldb_reply_add_control(struct ldb_reply * ares,const char * oid,bool critical,void * data)221 int ldb_reply_add_control(struct ldb_reply *ares, const char *oid, bool critical, void *data)
222 {
223 unsigned n;
224 struct ldb_control **ctrls;
225 struct ldb_control *ctrl;
226
227 for (n=0; ares->controls && ares->controls[n];) {
228 /* having two controls of the same OID makes no sense */
229 if (ares->controls[n]->oid && strcmp(oid, ares->controls[n]->oid) == 0) {
230 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
231 }
232 n++;
233 }
234
235 ctrls = talloc_realloc(ares, ares->controls,
236 struct ldb_control *,
237 n + 2);
238 if (!ctrls) return LDB_ERR_OPERATIONS_ERROR;
239 ares->controls = ctrls;
240 ctrls[n] = NULL;
241 ctrls[n+1] = NULL;
242
243 ctrl = talloc(ctrls, struct ldb_control);
244 if (!ctrl) return LDB_ERR_OPERATIONS_ERROR;
245
246 ctrl->oid = talloc_strdup(ctrl, oid);
247 if (!ctrl->oid) return LDB_ERR_OPERATIONS_ERROR;
248 ctrl->critical = critical;
249 ctrl->data = data;
250
251 ctrls[n] = ctrl;
252 return LDB_SUCCESS;
253 }
254
255 /* Add a control to the request, replacing the old one if it is already in the request */
ldb_request_replace_control(struct ldb_request * req,const char * oid,bool critical,void * data)256 int ldb_request_replace_control(struct ldb_request *req, const char *oid, bool critical, void *data)
257 {
258 unsigned int n;
259 int ret;
260
261 ret = ldb_request_add_control(req, oid, critical, data);
262 if (ret != LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
263 return ret;
264 }
265
266 for (n=0; req->controls[n];n++) {
267 if (req->controls[n]->oid && strcmp(oid, req->controls[n]->oid) == 0) {
268 req->controls[n]->critical = critical;
269 req->controls[n]->data = data;
270 return LDB_SUCCESS;
271 }
272 }
273
274 return LDB_ERR_OPERATIONS_ERROR;
275 }
276
277 /*
278 * Return a control as string
279 * the project (ie. name:value1:value2:...:valuen
280 * The string didn't include the criticity of the critical flag
281 */
ldb_control_to_string(TALLOC_CTX * mem_ctx,const struct ldb_control * control)282 char *ldb_control_to_string(TALLOC_CTX *mem_ctx, const struct ldb_control *control)
283 {
284 char *res = NULL;
285
286 if (strcmp(control->oid, LDB_CONTROL_PAGED_RESULTS_OID) == 0) {
287 struct ldb_paged_control *rep_control = talloc_get_type(control->data, struct ldb_paged_control);
288 char *cookie;
289
290 cookie = ldb_base64_encode(mem_ctx, rep_control->cookie, rep_control->cookie_len);
291 if (cookie == NULL) {
292 return NULL;
293 }
294 if (cookie[0] != '\0') {
295 res = talloc_asprintf(mem_ctx, "%s:%d:%s",
296 LDB_CONTROL_PAGED_RESULTS_NAME,
297 control->critical,
298 cookie);
299
300 talloc_free(cookie);
301 } else {
302 res = talloc_asprintf(mem_ctx, "%s:%d",
303 LDB_CONTROL_PAGED_RESULTS_NAME,
304 control->critical);
305 }
306 return res;
307 }
308
309 if (strcmp(control->oid, LDB_CONTROL_VLV_RESP_OID) == 0) {
310 struct ldb_vlv_resp_control *rep_control = talloc_get_type(control->data,
311 struct ldb_vlv_resp_control);
312
313 char *cookie;
314
315 cookie = ldb_base64_encode(mem_ctx,
316 (char *)rep_control->contextId,
317 rep_control->ctxid_len);
318 if (cookie == NULL) {
319 return NULL;
320 }
321
322 res = talloc_asprintf(mem_ctx, "%s:%d:%d:%d:%d:%s",
323 LDB_CONTROL_VLV_RESP_NAME,
324 control->critical,
325 rep_control->targetPosition,
326 rep_control->contentCount,
327 rep_control->vlv_result,
328 cookie);
329
330 return res;
331 }
332
333 if (strcmp(control->oid, LDB_CONTROL_SORT_RESP_OID) == 0) {
334 struct ldb_sort_resp_control *rep_control = talloc_get_type(control->data,
335 struct ldb_sort_resp_control);
336
337 res = talloc_asprintf(mem_ctx, "%s:%d:%d:%s",
338 LDB_CONTROL_SORT_RESP_NAME,
339 control->critical,
340 rep_control->result,
341 rep_control->attr_desc);
342
343 return res;
344 }
345
346 if (strcmp(control->oid, LDB_CONTROL_ASQ_OID) == 0) {
347 struct ldb_asq_control *rep_control = talloc_get_type(control->data,
348 struct ldb_asq_control);
349
350 res = talloc_asprintf(mem_ctx, "%s:%d:%d",
351 LDB_CONTROL_SORT_RESP_NAME,
352 control->critical,
353 rep_control->result);
354
355 return res;
356 }
357
358 if (strcmp(control->oid, LDB_CONTROL_DIRSYNC_OID) == 0) {
359 char *cookie;
360 struct ldb_dirsync_control *rep_control = talloc_get_type(control->data,
361 struct ldb_dirsync_control);
362
363 cookie = ldb_base64_encode(mem_ctx, rep_control->cookie,
364 rep_control->cookie_len);
365 if (cookie == NULL) {
366 return NULL;
367 }
368 res = talloc_asprintf(mem_ctx, "%s:%d:%d:%d:%s",
369 LDB_CONTROL_DIRSYNC_NAME,
370 control->critical,
371 rep_control->flags,
372 rep_control->max_attributes,
373 cookie);
374
375 talloc_free(cookie);
376 return res;
377 }
378 if (strcmp(control->oid, LDB_CONTROL_DIRSYNC_EX_OID) == 0) {
379 char *cookie;
380 struct ldb_dirsync_control *rep_control = talloc_get_type(control->data,
381 struct ldb_dirsync_control);
382
383 cookie = ldb_base64_encode(mem_ctx, rep_control->cookie,
384 rep_control->cookie_len);
385 if (cookie == NULL) {
386 return NULL;
387 }
388 res = talloc_asprintf(mem_ctx, "%s:%d:%d:%d:%s",
389 LDB_CONTROL_DIRSYNC_EX_NAME,
390 control->critical,
391 rep_control->flags,
392 rep_control->max_attributes,
393 cookie);
394
395 talloc_free(cookie);
396 return res;
397 }
398
399 if (strcmp(control->oid, LDB_CONTROL_VERIFY_NAME_OID) == 0) {
400 struct ldb_verify_name_control *rep_control = talloc_get_type(control->data, struct ldb_verify_name_control);
401
402 if (rep_control->gc != NULL) {
403 res = talloc_asprintf(mem_ctx, "%s:%d:%d:%s",
404 LDB_CONTROL_VERIFY_NAME_NAME,
405 control->critical,
406 rep_control->flags,
407 rep_control->gc);
408
409 } else {
410 res = talloc_asprintf(mem_ctx, "%s:%d:%d",
411 LDB_CONTROL_VERIFY_NAME_NAME,
412 control->critical,
413 rep_control->flags);
414 }
415 return res;
416 }
417
418 /*
419 * From here we don't know the control
420 */
421 if (control->data == NULL) {
422 /*
423 * We don't know the control but there is no real data attached
424 * to it so we can represent it with local_oid:oid:criticity.
425 */
426 res = talloc_asprintf(mem_ctx, "local_oid:%s:%d",
427 control->oid,
428 control->critical);
429 } else {
430 res = talloc_asprintf(mem_ctx, "unknown oid:%s",
431 control->oid);
432 }
433 return res;
434 }
435
436
437 /*
438 * A little trick to allow one to use constants defined in headers rather than
439 * hardwritten in the file.
440 * "sizeof" will return the \0 char as well so it will take the place of ":"
441 * in the length of the string.
442 */
443 #define LDB_CONTROL_CMP(control, NAME) strncmp(control, NAME ":", sizeof(NAME))
444
445 /* Parse one string and return associated control if parsing is successful*/
ldb_parse_control_from_string(struct ldb_context * ldb,TALLOC_CTX * mem_ctx,const char * control_strings)446 struct ldb_control *ldb_parse_control_from_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *control_strings)
447 {
448 struct ldb_control *ctrl;
449
450 if (!(ctrl = talloc(mem_ctx, struct ldb_control))) {
451 ldb_oom(ldb);
452 return NULL;
453 }
454
455 if (LDB_CONTROL_CMP(control_strings,
456 LDB_CONTROL_VLV_REQ_NAME) == 0) {
457 struct ldb_vlv_req_control *control;
458 const char *p;
459 char attr[1024];
460 char ctxid[1024];
461 int crit, bc, ac, os, cc, ret;
462
463 attr[0] = '\0';
464 ctxid[0] = '\0';
465 p = &(control_strings[sizeof(LDB_CONTROL_VLV_REQ_NAME)]);
466 ret = sscanf(p, "%d:%d:%d:%d:%d:%1023[^$]", &crit, &bc, &ac, &os, &cc, ctxid);
467 /* We allow 2 ways to encode the GT_EQ case, because the
468 comparison string might contain null bytes or colons, which
469 would break sscanf (or indeed any parsing mechanism). */
470 if (ret == 3) {
471 ret = sscanf(p, "%d:%d:%d:>=%1023[^:]:%1023[^$]", &crit, &bc, &ac, attr, ctxid);
472 }
473 if (ret == 3) {
474 int len;
475 ret = sscanf(p, "%d:%d:%d:base64>=%1023[^:]:%1023[^$]", &crit, &bc, &ac, attr, ctxid);
476 len = ldb_base64_decode(attr);
477 if (len < 0) {
478 ret = -1;
479 }
480 }
481
482 if ((ret < 4) || (crit < 0) || (crit > 1)) {
483 ldb_set_errstring(ldb,
484 "invalid VLV control syntax\n"
485 " syntax: crit(b):bc(n):ac(n):"
486 "{os(n):cc(n)|>=val(s)|base64>=val(o)}[:ctxid(o)]\n"
487 " note: b = boolean, n = number, s = string, o = b64 binary blob");
488 talloc_free(ctrl);
489 return NULL;
490 }
491 ctrl->oid = LDB_CONTROL_VLV_REQ_OID;
492 ctrl->critical = crit;
493 if (!(control = talloc(ctrl,
494 struct ldb_vlv_req_control))) {
495 ldb_oom(ldb);
496 talloc_free(ctrl);
497 return NULL;
498 }
499 control->beforeCount = bc;
500 control->afterCount = ac;
501 if (attr[0]) {
502 control->type = 1;
503 control->match.gtOrEq.value = talloc_strdup(control, attr);
504 control->match.gtOrEq.value_len = strlen(attr);
505 } else {
506 control->type = 0;
507 control->match.byOffset.offset = os;
508 control->match.byOffset.contentCount = cc;
509 }
510 if (ctxid[0]) {
511 int len = ldb_base64_decode(ctxid);
512 if (len < 0) {
513 ldb_set_errstring(ldb,
514 "invalid VLV context_id\n");
515 talloc_free(ctrl);
516 return NULL;
517 }
518 control->ctxid_len = len;
519 control->contextId = talloc_memdup(control, ctxid,
520 control->ctxid_len);
521 if (control->contextId == NULL) {
522 ldb_oom(ldb);
523 talloc_free(ctrl);
524 return NULL;
525 }
526 } else {
527 control->ctxid_len = 0;
528 control->contextId = NULL;
529 }
530 ctrl->data = control;
531
532 return ctrl;
533 }
534
535 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_DIRSYNC_NAME) == 0) {
536 struct ldb_dirsync_control *control;
537 const char *p;
538 char *cookie = NULL;
539 int crit, max_attrs, ret;
540 uint32_t flags;
541
542 cookie = talloc_zero_array(ctrl, char,
543 strlen(control_strings) + 1);
544 if (cookie == NULL) {
545 ldb_oom(ldb);
546 talloc_free(ctrl);
547 return NULL;
548 }
549
550 p = &(control_strings[sizeof(LDB_CONTROL_DIRSYNC_NAME)]);
551 ret = sscanf(p, "%d:%u:%d:%[^$]", &crit, &flags, &max_attrs, cookie);
552
553 if ((ret < 3) || (crit < 0) || (crit > 1) || (max_attrs < 0)) {
554 ldb_set_errstring(ldb,
555 "invalid dirsync control syntax\n"
556 " syntax: crit(b):flags(n):max_attrs(n)[:cookie(o)]\n"
557 " note: b = boolean, n = number, o = b64 binary blob");
558 talloc_free(ctrl);
559 return NULL;
560 }
561
562 /* w2k3 seems to ignore the parameter,
563 * but w2k sends a wrong cookie when this value is to small
564 * this would cause looping forever, while getting
565 * the same data and same cookie forever
566 */
567 if (max_attrs == 0) max_attrs = 0x0FFFFFFF;
568
569 ctrl->oid = LDB_CONTROL_DIRSYNC_OID;
570 ctrl->critical = crit;
571 control = talloc(ctrl, struct ldb_dirsync_control);
572 if (control == NULL) {
573 ldb_oom(ldb);
574 talloc_free(ctrl);
575 return NULL;
576 }
577 control->flags = flags;
578 control->max_attributes = max_attrs;
579 if (*cookie) {
580 int len = ldb_base64_decode(cookie);
581 if (len < 0) {
582 ldb_set_errstring(ldb,
583 "invalid dirsync cookie\n");
584 talloc_free(ctrl);
585 return NULL;
586 }
587 control->cookie_len = len;
588 control->cookie = (char *)talloc_memdup(control, cookie, control->cookie_len);
589 if (control->cookie == NULL) {
590 ldb_oom(ldb);
591 talloc_free(ctrl);
592 return NULL;
593 }
594 } else {
595 control->cookie = NULL;
596 control->cookie_len = 0;
597 }
598 ctrl->data = control;
599 TALLOC_FREE(cookie);
600
601 return ctrl;
602 }
603 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_DIRSYNC_EX_NAME) == 0) {
604 struct ldb_dirsync_control *control;
605 const char *p;
606 char *cookie = NULL;
607 int crit, max_attrs, ret;
608 uint32_t flags;
609
610 cookie = talloc_zero_array(ctrl, char,
611 strlen(control_strings) + 1);
612 if (cookie == NULL) {
613 ldb_oom(ldb);
614 talloc_free(ctrl);
615 return NULL;
616 }
617
618 p = &(control_strings[sizeof(LDB_CONTROL_DIRSYNC_EX_NAME)]);
619 ret = sscanf(p, "%d:%u:%d:%1023[^$]", &crit, &flags, &max_attrs, cookie);
620
621 if ((ret < 3) || (crit < 0) || (crit > 1) || (max_attrs < 0)) {
622 ldb_set_errstring(ldb,
623 "invalid dirsync_ex control syntax\n"
624 " syntax: crit(b):flags(n):max_attrs(n)[:cookie(o)]\n"
625 " note: b = boolean, n = number, o = b64 binary blob");
626 talloc_free(ctrl);
627 return NULL;
628 }
629
630 /* w2k3 seems to ignore the parameter,
631 * but w2k sends a wrong cookie when this value is to small
632 * this would cause looping forever, while getting
633 * the same data and same cookie forever
634 */
635 if (max_attrs == 0) max_attrs = 0x0FFFFFFF;
636
637 ctrl->oid = LDB_CONTROL_DIRSYNC_EX_OID;
638 ctrl->critical = crit;
639 control = talloc(ctrl, struct ldb_dirsync_control);
640 if (control == NULL) {
641 ldb_oom(ldb);
642 talloc_free(ctrl);
643 return NULL;
644 }
645 control->flags = flags;
646 control->max_attributes = max_attrs;
647 if (*cookie) {
648 int len = ldb_base64_decode(cookie);
649 if (len < 0) {
650 ldb_set_errstring(ldb,
651 "invalid dirsync_ex cookie"
652 " (probably too long)\n");
653 talloc_free(ctrl);
654 return NULL;
655 }
656 control->cookie_len = len;
657 control->cookie = (char *)talloc_memdup(control, cookie, control->cookie_len);
658 if (control->cookie == NULL) {
659 ldb_oom(ldb);
660 talloc_free(ctrl);
661 return NULL;
662 }
663 } else {
664 control->cookie = NULL;
665 control->cookie_len = 0;
666 }
667 ctrl->data = control;
668 TALLOC_FREE(cookie);
669
670 return ctrl;
671 }
672
673 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_ASQ_NAME) == 0) {
674 struct ldb_asq_control *control;
675 const char *p;
676 char attr[256];
677 int crit, ret;
678
679 attr[0] = '\0';
680 p = &(control_strings[sizeof(LDB_CONTROL_ASQ_NAME)]);
681 ret = sscanf(p, "%d:%255[^$]", &crit, attr);
682 if ((ret != 2) || (crit < 0) || (crit > 1) || (attr[0] == '\0')) {
683 ldb_set_errstring(ldb,
684 "invalid asq control syntax\n"
685 " syntax: crit(b):attr(s)\n"
686 " note: b = boolean, s = string");
687 talloc_free(ctrl);
688 return NULL;
689 }
690
691 ctrl->oid = LDB_CONTROL_ASQ_OID;
692 ctrl->critical = crit;
693 control = talloc(ctrl, struct ldb_asq_control);
694 if (control == NULL) {
695 ldb_oom(ldb);
696 talloc_free(ctrl);
697 return NULL;
698 }
699 control->request = 1;
700 control->source_attribute = talloc_strdup(control, attr);
701 control->src_attr_len = strlen(attr);
702 ctrl->data = control;
703
704 return ctrl;
705 }
706
707 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_EXTENDED_DN_NAME) == 0) {
708 struct ldb_extended_dn_control *control;
709 const char *p;
710 int crit, type, ret;
711
712 p = &(control_strings[sizeof(LDB_CONTROL_EXTENDED_DN_NAME)]);
713 ret = sscanf(p, "%d:%d", &crit, &type);
714 if ((ret != 2) || (crit < 0) || (crit > 1) || (type < 0) || (type > 1)) {
715 ret = sscanf(p, "%d", &crit);
716 if ((ret != 1) || (crit < 0) || (crit > 1)) {
717 ldb_set_errstring(ldb,
718 "invalid extended_dn control syntax\n"
719 " syntax: crit(b)[:type(i)]\n"
720 " note: b = boolean\n"
721 " i = integer\n"
722 " valid values are: 0 - hexadecimal representation\n"
723 " 1 - normal string representation");
724 talloc_free(ctrl);
725 return NULL;
726 }
727 control = NULL;
728 } else {
729 control = talloc(ctrl, struct ldb_extended_dn_control);
730 if (control == NULL) {
731 ldb_oom(ldb);
732 talloc_free(ctrl);
733 return NULL;
734 }
735 control->type = type;
736 }
737
738 ctrl->oid = LDB_CONTROL_EXTENDED_DN_OID;
739 ctrl->critical = crit;
740 ctrl->data = talloc_steal(ctrl, control);
741
742 return ctrl;
743 }
744
745 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SD_FLAGS_NAME) == 0) {
746 struct ldb_sd_flags_control *control;
747 const char *p;
748 int crit, ret;
749 unsigned secinfo_flags;
750
751 p = &(control_strings[sizeof(LDB_CONTROL_SD_FLAGS_NAME)]);
752 ret = sscanf(p, "%d:%u", &crit, &secinfo_flags);
753 if ((ret != 2) || (crit < 0) || (crit > 1) || (secinfo_flags > 0xF)) {
754 ldb_set_errstring(ldb,
755 "invalid sd_flags control syntax\n"
756 " syntax: crit(b):secinfo_flags(n)\n"
757 " note: b = boolean, n = number");
758 talloc_free(ctrl);
759 return NULL;
760 }
761
762 ctrl->oid = LDB_CONTROL_SD_FLAGS_OID;
763 ctrl->critical = crit;
764 control = talloc(ctrl, struct ldb_sd_flags_control);
765 if (control == NULL) {
766 ldb_oom(ldb);
767 talloc_free(ctrl);
768 return NULL;
769 }
770
771 control->secinfo_flags = secinfo_flags;
772 ctrl->data = control;
773
774 return ctrl;
775 }
776
777 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SEARCH_OPTIONS_NAME) == 0) {
778 struct ldb_search_options_control *control;
779 const char *p;
780 int crit, ret;
781 unsigned search_options;
782
783 p = &(control_strings[sizeof(LDB_CONTROL_SEARCH_OPTIONS_NAME)]);
784 ret = sscanf(p, "%d:%u", &crit, &search_options);
785 if ((ret != 2) || (crit < 0) || (crit > 1) || (search_options > 0xF)) {
786 ldb_set_errstring(ldb,
787 "invalid search_options control syntax\n"
788 " syntax: crit(b):search_options(n)\n"
789 " note: b = boolean, n = number");
790 talloc_free(ctrl);
791 return NULL;
792 }
793
794 ctrl->oid = LDB_CONTROL_SEARCH_OPTIONS_OID;
795 ctrl->critical = crit;
796 control = talloc(ctrl, struct ldb_search_options_control);
797 if (control == NULL) {
798 ldb_oom(ldb);
799 talloc_free(ctrl);
800 return NULL;
801 }
802
803 control->search_options = search_options;
804 ctrl->data = control;
805
806 return ctrl;
807 }
808
809 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_BYPASS_OPERATIONAL_NAME) == 0) {
810 const char *p;
811 int crit, ret;
812
813 p = &(control_strings[sizeof(LDB_CONTROL_BYPASS_OPERATIONAL_NAME)]);
814 ret = sscanf(p, "%d", &crit);
815 if ((ret != 1) || (crit < 0) || (crit > 1)) {
816 ldb_set_errstring(ldb,
817 "invalid bypassoperational control syntax\n"
818 " syntax: crit(b)\n"
819 " note: b = boolean");
820 talloc_free(ctrl);
821 return NULL;
822 }
823
824 ctrl->oid = LDB_CONTROL_BYPASS_OPERATIONAL_OID;
825 ctrl->critical = crit;
826 ctrl->data = NULL;
827
828 return ctrl;
829 }
830
831 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_RELAX_NAME) == 0) {
832 const char *p;
833 int crit, ret;
834
835 p = &(control_strings[sizeof(LDB_CONTROL_RELAX_NAME)]);
836 ret = sscanf(p, "%d", &crit);
837 if ((ret != 1) || (crit < 0) || (crit > 1)) {
838 ldb_set_errstring(ldb,
839 "invalid relax control syntax\n"
840 " syntax: crit(b)\n"
841 " note: b = boolean");
842 talloc_free(ctrl);
843 return NULL;
844 }
845
846 ctrl->oid = LDB_CONTROL_RELAX_OID;
847 ctrl->critical = crit;
848 ctrl->data = NULL;
849
850 return ctrl;
851 }
852
853 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_RECALCULATE_SD_NAME) == 0) {
854 const char *p;
855 int crit, ret;
856
857 p = &(control_strings[sizeof(LDB_CONTROL_RECALCULATE_SD_NAME)]);
858 ret = sscanf(p, "%d", &crit);
859 if ((ret != 1) || (crit < 0) || (crit > 1)) {
860 ldb_set_errstring(ldb,
861 "invalid recalculate_sd control syntax\n"
862 " syntax: crit(b)\n"
863 " note: b = boolean");
864 talloc_free(ctrl);
865 return NULL;
866 }
867
868 ctrl->oid = LDB_CONTROL_RECALCULATE_SD_OID;
869 ctrl->critical = crit;
870 ctrl->data = NULL;
871
872 return ctrl;
873 }
874
875 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_DOMAIN_SCOPE_NAME) == 0) {
876 const char *p;
877 int crit, ret;
878
879 p = &(control_strings[sizeof(LDB_CONTROL_DOMAIN_SCOPE_NAME)]);
880 ret = sscanf(p, "%d", &crit);
881 if ((ret != 1) || (crit < 0) || (crit > 1)) {
882 ldb_set_errstring(ldb,
883 "invalid domain_scope control syntax\n"
884 " syntax: crit(b)\n"
885 " note: b = boolean");
886 talloc_free(ctrl);
887 return NULL;
888 }
889
890 ctrl->oid = LDB_CONTROL_DOMAIN_SCOPE_OID;
891 ctrl->critical = crit;
892 ctrl->data = NULL;
893
894 return ctrl;
895 }
896
897 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_PAGED_RESULTS_NAME) == 0) {
898 struct ldb_paged_control *control;
899 const char *p;
900 char cookie[1024];
901 int crit, size, ret;
902
903 cookie[0] = '\0';
904 p = &(control_strings[sizeof(LDB_CONTROL_PAGED_RESULTS_NAME)]);
905 ret = sscanf(p, "%d:%d:%1023[^$]", &crit, &size, cookie);
906 if ((ret < 2) || (ret > 3) || (crit < 0) || (crit > 1) ||
907 (size < 0)) {
908 ldb_set_errstring(ldb,
909 "invalid paged_results control syntax\n"
910 " syntax: crit(b):size(n)[:cookie(base64)]\n"
911 " note: b = boolean, n = number");
912 talloc_free(ctrl);
913 return NULL;
914 }
915
916 ctrl->oid = LDB_CONTROL_PAGED_RESULTS_OID;
917 ctrl->critical = crit;
918 control = talloc(ctrl, struct ldb_paged_control);
919 if (control == NULL) {
920 ldb_oom(ldb);
921 talloc_free(ctrl);
922 return NULL;
923 }
924
925 control->size = size;
926 if (cookie[0] != '\0') {
927 int len = ldb_base64_decode(cookie);
928 if (len < 0) {
929 ldb_set_errstring(ldb,
930 "invalid paged_results cookie"
931 " (probably too long)\n");
932 talloc_free(ctrl);
933 return NULL;
934 }
935 control->cookie_len = len;
936 control->cookie = talloc_memdup(control, cookie, control->cookie_len);
937 if (control->cookie == NULL) {
938 ldb_oom(ldb);
939 talloc_free(ctrl);
940 return NULL;
941 }
942 } else {
943 control->cookie = NULL;
944 control->cookie_len = 0;
945 }
946 ctrl->data = control;
947
948 return ctrl;
949 }
950
951 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SERVER_SORT_NAME) == 0) {
952 struct ldb_server_sort_control **control;
953 const char *p;
954 char attr[256];
955 char rule[128];
956 int crit, rev, ret;
957
958 attr[0] = '\0';
959 rule[0] = '\0';
960 p = &(control_strings[sizeof(LDB_CONTROL_SERVER_SORT_NAME)]);
961 ret = sscanf(p, "%d:%d:%255[^:]:%127[^:]", &crit, &rev, attr, rule);
962 if ((ret < 3) || (crit < 0) || (crit > 1) || (rev < 0 ) || (rev > 1) ||attr[0] == '\0') {
963 ldb_set_errstring(ldb,
964 "invalid server_sort control syntax\n"
965 " syntax: crit(b):rev(b):attr(s)[:rule(s)]\n"
966 " note: b = boolean, s = string");
967 talloc_free(ctrl);
968 return NULL;
969 }
970 ctrl->oid = LDB_CONTROL_SERVER_SORT_OID;
971 ctrl->critical = crit;
972 control = talloc_array(ctrl, struct ldb_server_sort_control *, 2);
973 if (control == NULL) {
974 ldb_oom(ldb);
975 talloc_free(ctrl);
976 return NULL;
977 }
978
979 control[0] = talloc(control, struct ldb_server_sort_control);
980 if (control[0] == NULL) {
981 ldb_oom(ldb);
982 talloc_free(ctrl);
983 return NULL;
984 }
985
986 control[0]->attributeName = talloc_strdup(control, attr);
987 if (control[0]->attributeName == NULL) {
988 ldb_oom(ldb);
989 talloc_free(ctrl);
990 return NULL;
991 }
992
993 if (rule[0]) {
994 control[0]->orderingRule = talloc_strdup(control, rule);
995 if (control[0]->orderingRule == NULL) {
996 ldb_oom(ldb);
997 talloc_free(ctrl);
998 return NULL;
999 }
1000 } else {
1001 control[0]->orderingRule = NULL;
1002 }
1003 control[0]->reverse = rev;
1004 control[1] = NULL;
1005 ctrl->data = control;
1006
1007 return ctrl;
1008 }
1009
1010 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_NOTIFICATION_NAME) == 0) {
1011 const char *p;
1012 int crit, ret;
1013
1014 p = &(control_strings[sizeof(LDB_CONTROL_NOTIFICATION_NAME)]);
1015 ret = sscanf(p, "%d", &crit);
1016 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1017 ldb_set_errstring(ldb,
1018 "invalid notification control syntax\n"
1019 " syntax: crit(b)\n"
1020 " note: b = boolean");
1021 talloc_free(ctrl);
1022 return NULL;
1023 }
1024
1025 ctrl->oid = LDB_CONTROL_NOTIFICATION_OID;
1026 ctrl->critical = crit;
1027 ctrl->data = NULL;
1028
1029 return ctrl;
1030 }
1031
1032 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_TREE_DELETE_NAME) == 0) {
1033 const char *p;
1034 int crit, ret;
1035
1036 p = &(control_strings[sizeof(LDB_CONTROL_TREE_DELETE_NAME)]);
1037 ret = sscanf(p, "%d", &crit);
1038 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1039 ldb_set_errstring(ldb,
1040 "invalid tree_delete control syntax\n"
1041 " syntax: crit(b)\n"
1042 " note: b = boolean");
1043 talloc_free(ctrl);
1044 return NULL;
1045 }
1046
1047 ctrl->oid = LDB_CONTROL_TREE_DELETE_OID;
1048 ctrl->critical = crit;
1049 ctrl->data = NULL;
1050
1051 return ctrl;
1052 }
1053
1054 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SHOW_DELETED_NAME) == 0) {
1055 const char *p;
1056 int crit, ret;
1057
1058 p = &(control_strings[sizeof(LDB_CONTROL_SHOW_DELETED_NAME)]);
1059 ret = sscanf(p, "%d", &crit);
1060 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1061 ldb_set_errstring(ldb,
1062 "invalid show_deleted control syntax\n"
1063 " syntax: crit(b)\n"
1064 " note: b = boolean");
1065 talloc_free(ctrl);
1066 return NULL;
1067 }
1068
1069 ctrl->oid = LDB_CONTROL_SHOW_DELETED_OID;
1070 ctrl->critical = crit;
1071 ctrl->data = NULL;
1072
1073 return ctrl;
1074 }
1075
1076 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SHOW_DEACTIVATED_LINK_NAME) == 0) {
1077 const char *p;
1078 int crit, ret;
1079
1080 p = &(control_strings[sizeof(LDB_CONTROL_SHOW_DEACTIVATED_LINK_NAME)]);
1081 ret = sscanf(p, "%d", &crit);
1082 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1083 ldb_set_errstring(ldb,
1084 "invalid show_deactivated_link control syntax\n"
1085 " syntax: crit(b)\n"
1086 " note: b = boolean");
1087 talloc_free(ctrl);
1088 return NULL;
1089 }
1090
1091 ctrl->oid = LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID;
1092 ctrl->critical = crit;
1093 ctrl->data = NULL;
1094
1095 return ctrl;
1096 }
1097
1098 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_SHOW_RECYCLED_NAME) == 0) {
1099 const char *p;
1100 int crit, ret;
1101
1102 p = &(control_strings[sizeof(LDB_CONTROL_SHOW_RECYCLED_NAME)]);
1103 ret = sscanf(p, "%d", &crit);
1104 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1105 ldb_set_errstring(ldb,
1106 "invalid show_recycled control syntax\n"
1107 " syntax: crit(b)\n"
1108 " note: b = boolean");
1109 talloc_free(ctrl);
1110 return NULL;
1111 }
1112
1113 ctrl->oid = LDB_CONTROL_SHOW_RECYCLED_OID;
1114 ctrl->critical = crit;
1115 ctrl->data = NULL;
1116
1117 return ctrl;
1118 }
1119
1120 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_PERMISSIVE_MODIFY_NAME) == 0) {
1121 const char *p;
1122 int crit, ret;
1123
1124 p = &(control_strings[sizeof(LDB_CONTROL_PERMISSIVE_MODIFY_NAME)]);
1125 ret = sscanf(p, "%d", &crit);
1126 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1127 ldb_set_errstring(ldb,
1128 "invalid permissive_modify control syntax\n"
1129 " syntax: crit(b)\n"
1130 " note: b = boolean");
1131 talloc_free(ctrl);
1132 return NULL;
1133 }
1134
1135 ctrl->oid = LDB_CONTROL_PERMISSIVE_MODIFY_OID;
1136 ctrl->critical = crit;
1137 ctrl->data = NULL;
1138
1139 return ctrl;
1140 }
1141
1142 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_REVEAL_INTERNALS_NAME) == 0) {
1143 const char *p;
1144 int crit, ret;
1145
1146 p = &(control_strings[sizeof(LDB_CONTROL_REVEAL_INTERNALS_NAME)]);
1147 ret = sscanf(p, "%d", &crit);
1148 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1149 ldb_set_errstring(ldb,
1150 "invalid reveal_internals control syntax\n"
1151 " syntax: crit(b)\n"
1152 " note: b = boolean");
1153 talloc_free(ctrl);
1154 return NULL;
1155 }
1156
1157 ctrl->oid = LDB_CONTROL_REVEAL_INTERNALS;
1158 ctrl->critical = crit;
1159 ctrl->data = NULL;
1160
1161 return ctrl;
1162 }
1163
1164 if (strncmp(control_strings, "local_oid:", 10) == 0) {
1165 const char *p;
1166 int crit = 0, ret = 0;
1167 char oid[256];
1168
1169 oid[0] = '\0';
1170 p = &(control_strings[10]);
1171 ret = sscanf(p, "%255[^:]:%d", oid, &crit);
1172
1173 if ((ret != 2) || strlen(oid) == 0 || (crit < 0) || (crit > 1)) {
1174 ldb_set_errstring(ldb,
1175 "invalid local_oid control syntax\n"
1176 " syntax: oid(s):crit(b)\n"
1177 " note: b = boolean, s = string");
1178 talloc_free(ctrl);
1179 return NULL;
1180 }
1181
1182 ctrl->oid = talloc_strdup(ctrl, oid);
1183 if (!ctrl->oid) {
1184 ldb_oom(ldb);
1185 talloc_free(ctrl);
1186 return NULL;
1187 }
1188 ctrl->critical = crit;
1189 ctrl->data = NULL;
1190
1191 return ctrl;
1192 }
1193
1194 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_RODC_DCPROMO_NAME) == 0) {
1195 const char *p;
1196 int crit, ret;
1197
1198 p = &(control_strings[sizeof(LDB_CONTROL_RODC_DCPROMO_NAME)]);
1199 ret = sscanf(p, "%d", &crit);
1200 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1201 ldb_set_errstring(ldb,
1202 "invalid rodc_join control syntax\n"
1203 " syntax: crit(b)\n"
1204 " note: b = boolean");
1205 talloc_free(ctrl);
1206 return NULL;
1207 }
1208
1209 ctrl->oid = LDB_CONTROL_RODC_DCPROMO_OID;
1210 ctrl->critical = crit;
1211 ctrl->data = NULL;
1212
1213 return ctrl;
1214 }
1215
1216 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_PROVISION_NAME) == 0) {
1217 const char *p;
1218 int crit, ret;
1219
1220 p = &(control_strings[sizeof(LDB_CONTROL_PROVISION_NAME)]);
1221 ret = sscanf(p, "%d", &crit);
1222 if ((ret != 1) || (crit < 0) || (crit > 1)) {
1223 ldb_set_errstring(ldb,
1224 "invalid provision control syntax\n"
1225 " syntax: crit(b)\n"
1226 " note: b = boolean");
1227 talloc_free(ctrl);
1228 return NULL;
1229 }
1230
1231 ctrl->oid = LDB_CONTROL_PROVISION_OID;
1232 ctrl->critical = crit;
1233 ctrl->data = NULL;
1234
1235 return ctrl;
1236 }
1237 if (LDB_CONTROL_CMP(control_strings, LDB_CONTROL_VERIFY_NAME_NAME) == 0) {
1238 const char *p;
1239 char gc[1024];
1240 int crit, flags, ret;
1241 struct ldb_verify_name_control *control;
1242
1243 gc[0] = '\0';
1244
1245 p = &(control_strings[sizeof(LDB_CONTROL_VERIFY_NAME_NAME)]);
1246 ret = sscanf(p, "%d:%d:%1023[^$]", &crit, &flags, gc);
1247 if ((ret != 3) || (crit < 0) || (crit > 1)) {
1248 ret = sscanf(p, "%d:%d", &crit, &flags);
1249 if ((ret != 2) || (crit < 0) || (crit > 1)) {
1250 ldb_set_errstring(ldb,
1251 "invalid verify_name control syntax\n"
1252 " syntax: crit(b):flags(i)[:gc(s)]\n"
1253 " note: b = boolean"
1254 " note: i = integer"
1255 " note: s = string");
1256 talloc_free(ctrl);
1257 return NULL;
1258 }
1259 }
1260
1261 ctrl->oid = LDB_CONTROL_VERIFY_NAME_OID;
1262 ctrl->critical = crit;
1263 control = talloc(ctrl, struct ldb_verify_name_control);
1264 if (control == NULL) {
1265 ldb_oom(ldb);
1266 talloc_free(ctrl);
1267 return NULL;
1268 }
1269
1270 control->gc = talloc_strdup(control, gc);
1271 if (control->gc == NULL) {
1272 ldb_oom(ldb);
1273 talloc_free(ctrl);
1274 return NULL;
1275 }
1276
1277 control->gc_len = strlen(gc);
1278 control->flags = flags;
1279 ctrl->data = control;
1280 return ctrl;
1281 }
1282 /*
1283 * When no matching control has been found.
1284 */
1285 TALLOC_FREE(ctrl);
1286 return NULL;
1287 }
1288
1289 /* Parse controls from the format used on the command line and in ejs */
ldb_parse_control_strings(struct ldb_context * ldb,TALLOC_CTX * mem_ctx,const char ** control_strings)1290 struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char **control_strings)
1291 {
1292 unsigned int i;
1293 struct ldb_control **ctrl;
1294
1295 if (control_strings == NULL || control_strings[0] == NULL)
1296 return NULL;
1297
1298 for (i = 0; control_strings[i]; i++);
1299
1300 ctrl = talloc_array(mem_ctx, struct ldb_control *, i + 1);
1301
1302 ldb_reset_err_string(ldb);
1303 for (i = 0; control_strings[i]; i++) {
1304 ctrl[i] = ldb_parse_control_from_string(ldb, ctrl, control_strings[i]);
1305 if (ctrl[i] == NULL) {
1306 if (ldb_errstring(ldb) == NULL) {
1307 /* no controls matched, throw an error */
1308 ldb_asprintf_errstring(ldb, "Invalid control name: '%s'", control_strings[i]);
1309 }
1310 talloc_free(ctrl);
1311 return NULL;
1312 }
1313 }
1314
1315 ctrl[i] = NULL;
1316
1317 return ctrl;
1318 }
1319
1320
1321