Author: abartlet Date: 2006-08-11 22:53:21 +0000 (Fri, 11 Aug 2006) New Revision: 17501
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17501 Log: Samba accepts both string and binary forms of objectSid attributes in some places. This causes problems when we talk to an OpenLDAP server that assumes this is a binary quanity, particularly on searches. This patch adds this canonicolisation to the translations we do. Andrew Bartlett Modified: branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c Changeset: Modified: branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c =================================================================== --- branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c 2006-08-11 22:36:53 UTC (rev 17500) +++ branches/SOC/mkhl/samdb-map/ldb_modules/entryUUID.c 2006-08-11 22:53:21 UTC (rev 17501) @@ -75,6 +75,28 @@ return out; } +/* The backend holds binary sids, so just copy them back */ +static struct ldb_val sid_copy(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) +{ + struct ldb_val out = data_blob(NULL, 0); + ldb_handler_copy(module->ldb, ctx, val, &out); + + return out; +} + +/* Ensure we always convert sids into binary, so the backend doesn't have to know about both forms */ +static struct ldb_val sid_always_binary(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) +{ + struct ldb_val out = data_blob(NULL, 0); + const struct ldb_attrib_handler *handler = ldb_attrib_handler(module->ldb, "objectSid"); + + if (handler->canonicalise_fn(module->ldb, ctx, val, &out) != LDB_SUCCESS) { + return data_blob(NULL, 0); + } + + return out; +} + const struct ldb_map_attribute entryUUID_attributes[] = { /* objectGUID */ @@ -89,7 +111,19 @@ }, }, }, + /* objectSid */ { + .local_name = "objectSid", + .type = MAP_CONVERT, + .u = { + .convert = { + .remote_name = "objectSid", + .convert_local = sid_always_binary, + .convert_remote = sid_copy, + }, + }, + }, + { .local_name = "whenCreated", .type = MAP_RENAME, .u = {