From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 3 Feb 2022 13:48:03 +0000 (+0100)
Subject: s3:libnet: split out parse_user() in libnet_dssync_keytab.c
X-Git-Tag: tdb-1.4.11~643
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=feff15fc88b548f9b59aef1427dd1fb5d72ef2a1;p=thirdparty%2Fsamba.git

s3:libnet: split out parse_user() in libnet_dssync_keytab.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c
index e954e0edada..de6c32b4015 100644
--- a/source3/libnet/libnet_dssync_keytab.c
+++ b/source3/libnet/libnet_dssync_keytab.c
@@ -233,9 +233,9 @@ done:
 	return status;
 }
 
-static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
-			     struct libnet_keytab_context *ctx,
-			     struct drsuapi_DsReplicaObjectListItemEx *cur)
+static NTSTATUS parse_user(TALLOC_CTX *mem_ctx,
+			   struct libnet_keytab_context *ctx,
+			   struct drsuapi_DsReplicaObjectListItemEx *cur)
 {
 	NTSTATUS status = NT_STATUS_OK;
 	uchar nt_passwd[16];
@@ -266,7 +266,7 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	DEBUG(3, ("parsing object '%s'\n", object_dn));
+	DEBUG(3, ("parsing user '%s'\n", object_dn));
 
 	for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
 
@@ -528,6 +528,68 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
 	return status;
 }
 
+static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
+			     struct libnet_keytab_context *ctx,
+			     struct drsuapi_DsReplicaObjectListItemEx *cur)
+{
+	uint32_t i;
+
+	if (cur->object.identifier->dn == NULL) {
+		return NT_STATUS_OK;
+	}
+
+	for (i = 0; i < cur->object.attribute_ctr.num_attributes; i++) {
+		struct drsuapi_DsReplicaAttribute *attr =
+			&cur->object.attribute_ctr.attributes[i];
+		const DATA_BLOB *blob = NULL;
+		uint32_t val;
+
+		switch (attr->attid) {
+		case DRSUAPI_ATTID_isDeleted:
+		case DRSUAPI_ATTID_isRecycled:
+			break;
+		default:
+			continue;
+		}
+
+		if (attr->value_ctr.num_values != 1) {
+			continue;
+		}
+
+		if (attr->value_ctr.values[0].blob == NULL) {
+			continue;
+		}
+
+		blob = attr->value_ctr.values[0].blob;
+
+		if (blob->length != 4) {
+			continue;
+		}
+
+		val = PULL_LE_U32(blob->data, 0);
+		if (val != 0) {
+			/* ignore deleted object */
+			return NT_STATUS_OK;
+		}
+	}
+
+	for (i = 0; i < cur->object.attribute_ctr.num_attributes; i++) {
+		struct drsuapi_DsReplicaAttribute *attr =
+			&cur->object.attribute_ctr.attributes[i];
+
+		switch (attr->attid) {
+		case DRSUAPI_ATTID_unicodePwd:
+		case DRSUAPI_ATTID_ntPwdHistory:
+		case DRSUAPI_ATTID_supplementalCredentials:
+			return parse_user(mem_ctx, ctx, cur);
+		default:
+			continue;
+		}
+	}
+
+	return NT_STATUS_OK;
+}
+
 static bool dn_is_in_object_list(struct dssync_context *ctx,
 				 const char *dn)
 {