adsldp: Add support for IDirectorySearch::SetSearchPreference(ADS_SEARCHPREF_SECURITY_MASK).

Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Dmitry Timoshkov 2020-04-02 17:16:59 +08:00 committed by Alexandre Julliard
parent 0d49dcd39f
commit af1c34294d
4 changed files with 101 additions and 2 deletions

View File

@ -45,6 +45,10 @@
WINE_DEFAULT_DEBUG_CHANNEL(adsldp);
#ifndef LDAP_OPT_SERVER_CONTROLS
#define LDAP_OPT_SERVER_CONTROLS 0x0012
#endif
DEFINE_GUID(CLSID_LDAP,0x228d9a81,0xc302,0x11cf,0x9a,0xa4,0x00,0xaa,0x00,0x4a,0x56,0x91);
DEFINE_GUID(CLSID_LDAPNamespace,0x228d9a82,0xc302,0x11cf,0x9a,0xa4,0x00,0xaa,0x00,0x4a,0x56,0x91);
@ -1127,6 +1131,7 @@ static ULONG WINAPI search_Release(IDirectorySearch *iface)
static HRESULT WINAPI search_SetSearchPreference(IDirectorySearch *iface, PADS_SEARCHPREF_INFO prefs, DWORD count)
{
LDAP_namespace *ldap = impl_from_IDirectorySearch(iface);
HRESULT hr = S_OK;
DWORD i;
TRACE("%p,%p,%u\n", iface, prefs, count);
@ -1159,6 +1164,56 @@ static HRESULT WINAPI search_SetSearchPreference(IDirectorySearch *iface, PADS_S
}
break;
case ADS_SEARCHPREF_SECURITY_MASK:
{
int security_mask;
ULONG err;
BerElement *ber;
struct berval *berval;
LDAPControlW *ctrls[2], mask;
if (prefs[i].vValue.dwType != ADSTYPE_INTEGER)
{
FIXME("ADS_SEARCHPREF_SECURITY_MASK: not supportd dwType %d\n", prefs[i].vValue.dwType);
prefs[i].dwStatus = ADS_STATUS_INVALID_SEARCHPREFVALUE;
break;
}
TRACE("SECURITY_MASK: %08x\n", prefs[i].vValue.u.Integer);
security_mask = prefs[i].vValue.u.Integer;
if (!security_mask)
security_mask = ADS_SECURITY_INFO_OWNER;
ber = ber_alloc_t(LBER_USE_DER);
if (!ber || ber_printf(ber, (char *)"{i}", security_mask) == -1 || ber_flatten(ber, &berval) == -1)
{
ber_free(ber, 1);
prefs[i].dwStatus = ADS_STATUS_INVALID_SEARCHPREF;
break;
}
TRACE("ber: %s\n", debugstr_an(berval->bv_val, berval->bv_len));
mask.ldctl_oid = (WCHAR *)L"1.2.840.113556.1.4.801";
mask.ldctl_iscritical = TRUE;
mask.ldctl_value.bv_val = berval->bv_val;
mask.ldctl_value.bv_len = berval->bv_len;
ctrls[0] = &mask;
ctrls[1] = NULL;
err = ldap_set_optionW(ldap->ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
if (err != LDAP_SUCCESS)
{
TRACE("ldap_set_option error %#x\n", err);
prefs[i].dwStatus = ADS_STATUS_INVALID_SEARCHPREF;
hr = S_ADS_ERRORSOCCURRED;
}
else
prefs[i].dwStatus = ADS_STATUS_S_OK;
ber_bvfree(berval);
ber_free(ber, 1);
break;
}
default:
FIXME("pref %d, type %u: stub\n", prefs[i].dwSearchPref, prefs[i].vValue.dwType);
prefs[i].dwStatus = ADS_STATUS_INVALID_SEARCHPREF;
@ -1166,7 +1221,7 @@ static HRESULT WINAPI search_SetSearchPreference(IDirectorySearch *iface, PADS_S
}
}
return S_OK;
return hr;
}
static HRESULT WINAPI search_ExecuteSearch(IDirectorySearch *iface, LPWSTR filter, LPWSTR *names,

View File

@ -465,6 +465,9 @@ static void test_DirectoryObject(void)
IDirectoryObject *dirobj;
IUnknown *unk;
IDirectorySearch *ds;
ADS_SEARCHPREF_INFO pref[2];
ADS_SEARCH_HANDLE sh;
ADS_SEARCH_COLUMN col;
hr = ADsGetObject(L"LDAP://ldap.forumsys.com/OU=scientists,DC=example,DC=com", &IID_IDirectoryObject, (void **)&dirobj);
if (hr == HRESULT_FROM_WIN32(ERROR_DS_SERVER_DOWN))
@ -485,8 +488,39 @@ todo_wine
IUnknown_Release(unk);
hr = IDirectoryObject_QueryInterface(dirobj, &IID_IDirectorySearch, (void **)&ds);
ok(hr == S_OK, "got %#x\n", hr);
IDirectorySearch_Release(ds);
pref[0].dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
pref[0].vValue.dwType = ADSTYPE_INTEGER;
pref[0].vValue.Integer = ADS_SCOPE_BASE;
pref[0].dwStatus = 0xdeadbeef;
pref[1].dwSearchPref = ADS_SEARCHPREF_SECURITY_MASK;
pref[1].vValue.dwType = ADSTYPE_INTEGER;
pref[1].vValue.Integer = ADS_SECURITY_INFO_OWNER | ADS_SECURITY_INFO_GROUP | ADS_SECURITY_INFO_DACL;
pref[1].dwStatus = 0xdeadbeef;
hr = IDirectorySearch_SetSearchPreference(ds, pref, ARRAY_SIZE(pref));
todo_wine
ok(hr == S_ADS_ERRORSOCCURRED, "got %#x\n", hr);
ok(pref[0].dwStatus == ADS_STATUS_S_OK, "got %d\n", pref[0].dwStatus);
/* ldap.forumsys.com doesn't support NT security, real ADs DC - does */
todo_wine
ok(pref[1].dwStatus == ADS_STATUS_INVALID_SEARCHPREF, "got %d\n", pref[1].dwStatus);
hr = IDirectorySearch_ExecuteSearch(ds, (WCHAR *)L"(objectClass=*)", NULL, ~0, &sh);
todo_wine
ok(hr == S_OK, "got %#x\n", hr);
if (hr != S_OK) goto fail;
hr = IDirectorySearch_GetNextRow(ds, sh);
ok(hr == S_OK, "got %#x\n", hr);
hr = IDirectorySearch_GetColumn(ds, sh, (WCHAR *)L"nTSecurityDescriptor", &col);
ok(hr == E_ADS_COLUMN_NOT_SET, "got %#x\n", hr);
hr = IDirectorySearch_CloseSearchHandle(ds, sh);
ok(hr == S_OK, "got %#x\n", hr);
IDirectorySearch_Release(ds);
fail:
IDirectoryObject_Release(dirobj);
}

View File

@ -362,6 +362,14 @@ typedef struct _ads_attr_info
DWORD dwNumValues;
} ADS_ATTR_INFO, *PADS_ATTR_INFO;
typedef enum
{
ADS_SECURITY_INFO_OWNER = 0x1,
ADS_SECURITY_INFO_GROUP = 0x2,
ADS_SECURITY_INFO_DACL = 0x4,
ADS_SECURITY_INFO_SACL = 0x8
} ADS_SECURITY_INFO_ENUM;
/*****************************************************************************
* IADsContainer interface
*/

View File

@ -104,6 +104,8 @@ typedef enum {
#define LDAP_SCOPE_ONELEVEL 0x01
#define LDAP_SCOPE_SUBTREE 0x02
#define LBER_USE_DER 0x01
typedef struct berelement
{
PCHAR opaque;