4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb core API
30 * Description: core API routines interfacing to ldb backends
32 * Author: Andrew Tridgell
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
38 static int ldb_context_destructor(void *ptr
)
40 struct ldb_context
*ldb
= talloc_get_type(ptr
, struct ldb_context
);
42 if (ldb
->transaction_active
) {
43 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
44 "A transaction is still active in ldb context [%p] on %s",
45 ldb
, (const char *)ldb_get_opaque(ldb
, "ldb_url"));
52 this is used to catch debug messages from events
54 static void ldb_tevent_debug(void *context
, enum tevent_debug_level level
,
55 const char *fmt
, va_list ap
) PRINTF_ATTRIBUTE(3,0);
57 static void ldb_tevent_debug(void *context
, enum tevent_debug_level level
,
58 const char *fmt
, va_list ap
)
60 struct ldb_context
*ldb
= talloc_get_type(context
, struct ldb_context
);
61 enum ldb_debug_level ldb_level
= LDB_DEBUG_FATAL
;
65 case TEVENT_DEBUG_FATAL
:
66 ldb_level
= LDB_DEBUG_FATAL
;
68 case TEVENT_DEBUG_ERROR
:
69 ldb_level
= LDB_DEBUG_ERROR
;
71 case TEVENT_DEBUG_WARNING
:
72 ldb_level
= LDB_DEBUG_WARNING
;
74 case TEVENT_DEBUG_TRACE
:
75 ldb_level
= LDB_DEBUG_TRACE
;
79 vasprintf(&s
, fmt
, ap
);
81 ldb_debug(ldb
, ldb_level
, "tevent: %s", s
);
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
90 struct ldb_context
*ldb_init(TALLOC_CTX
*mem_ctx
, struct tevent_context
*ev_ctx
)
92 struct ldb_context
*ldb
;
95 ldb
= talloc_zero(mem_ctx
, struct ldb_context
);
96 /* FIXME: Hack a new event context so that CMD line utilities work
97 * until we have them all converted */
99 ev_ctx
= tevent_context_init(talloc_autofree_context());
100 tevent_set_debug(ev_ctx
, ldb_tevent_debug
, ldb
);
101 tevent_loop_allow_nesting(ev_ctx
);
104 ret
= ldb_setup_wellknown_attributes(ldb
);
105 if (ret
!= LDB_SUCCESS
) {
110 ldb_set_utf8_default(ldb
);
111 ldb_set_create_perms(ldb
, 0666);
112 ldb_set_modules_dir(ldb
, LDB_MODULESDIR
);
113 ldb_set_event_context(ldb
, ev_ctx
);
115 /* TODO: get timeout from options if available there */
116 ldb
->default_timeout
= 300; /* set default to 5 minutes */
118 talloc_set_destructor((TALLOC_CTX
*)ldb
, ldb_context_destructor
);
124 try to autodetect a basedn if none specified. This fixes one of my
125 pet hates about ldapsearch, which is that you have to get a long,
126 complex basedn right to make any use of it.
128 void ldb_set_default_dns(struct ldb_context
*ldb
)
132 struct ldb_result
*res
;
133 struct ldb_dn
*tmp_dn
=NULL
;
134 static const char *attrs
[] = {
135 "rootDomainNamingContext",
136 "configurationNamingContext",
137 "schemaNamingContext",
138 "defaultNamingContext",
142 tmp_ctx
= talloc_new(ldb
);
143 ret
= ldb_search(ldb
, tmp_ctx
, &res
, ldb_dn_new(tmp_ctx
, ldb
, NULL
),
144 LDB_SCOPE_BASE
, attrs
, "(objectClass=*)");
145 if (ret
!= LDB_SUCCESS
) {
146 talloc_free(tmp_ctx
);
150 if (res
->count
!= 1) {
151 talloc_free(tmp_ctx
);
155 if (!ldb_get_opaque(ldb
, "rootDomainNamingContext")) {
156 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
157 "rootDomainNamingContext");
158 ldb_set_opaque(ldb
, "rootDomainNamingContext", tmp_dn
);
161 if (!ldb_get_opaque(ldb
, "configurationNamingContext")) {
162 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
163 "configurationNamingContext");
164 ldb_set_opaque(ldb
, "configurationNamingContext", tmp_dn
);
167 if (!ldb_get_opaque(ldb
, "schemaNamingContext")) {
168 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
169 "schemaNamingContext");
170 ldb_set_opaque(ldb
, "schemaNamingContext", tmp_dn
);
173 if (!ldb_get_opaque(ldb
, "defaultNamingContext")) {
174 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
175 "defaultNamingContext");
176 ldb_set_opaque(ldb
, "defaultNamingContext", tmp_dn
);
179 talloc_free(tmp_ctx
);
182 struct ldb_dn
*ldb_get_root_basedn(struct ldb_context
*ldb
)
184 void *opaque
= ldb_get_opaque(ldb
, "rootDomainNamingContext");
185 return talloc_get_type(opaque
, struct ldb_dn
);
188 struct ldb_dn
*ldb_get_config_basedn(struct ldb_context
*ldb
)
190 void *opaque
= ldb_get_opaque(ldb
, "configurationNamingContext");
191 return talloc_get_type(opaque
, struct ldb_dn
);
194 struct ldb_dn
*ldb_get_schema_basedn(struct ldb_context
*ldb
)
196 void *opaque
= ldb_get_opaque(ldb
, "schemaNamingContext");
197 return talloc_get_type(opaque
, struct ldb_dn
);
200 struct ldb_dn
*ldb_get_default_basedn(struct ldb_context
*ldb
)
202 void *opaque
= ldb_get_opaque(ldb
, "defaultNamingContext");
203 return talloc_get_type(opaque
, struct ldb_dn
);
207 connect to a database. The URL can either be one of the following forms
211 flags is made up of LDB_FLG_*
213 the options are passed uninterpreted to the backend, and are
216 int ldb_connect(struct ldb_context
*ldb
, const char *url
,
217 unsigned int flags
, const char *options
[])
221 /* We seem to need to do this here, or else some utilities don't
222 * get ldb backends */
226 url2
= talloc_strdup(ldb
, url
);
229 return LDB_ERR_OPERATIONS_ERROR
;
231 ret
= ldb_set_opaque(ldb
, "ldb_url", url2
);
232 if (ret
!= LDB_SUCCESS
) {
236 ret
= ldb_connect_backend(ldb
, url
, options
, &ldb
->modules
);
237 if (ret
!= LDB_SUCCESS
) {
241 if (ldb_load_modules(ldb
, options
) != LDB_SUCCESS
) {
242 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
243 "Unable to load modules for %s: %s",
244 url
, ldb_errstring(ldb
));
245 return LDB_ERR_OTHER
;
248 /* set the default base dn */
249 ldb_set_default_dns(ldb
);
254 void ldb_set_errstring(struct ldb_context
*ldb
, const char *err_string
)
256 if (ldb
->err_string
) {
257 talloc_free(ldb
->err_string
);
259 ldb
->err_string
= talloc_strdup(ldb
, err_string
);
260 if (ldb
->flags
& LDB_FLG_ENABLE_TRACING
) {
261 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "ldb_set_errstring: %s", ldb
->err_string
);
265 void ldb_asprintf_errstring(struct ldb_context
*ldb
, const char *format
, ...)
268 char *old_string
= NULL
;
270 if (ldb
->err_string
) {
271 old_string
= ldb
->err_string
;
274 va_start(ap
, format
);
275 ldb
->err_string
= talloc_vasprintf(ldb
, format
, ap
);
277 talloc_free(old_string
);
280 void ldb_reset_err_string(struct ldb_context
*ldb
)
282 if (ldb
->err_string
) {
283 talloc_free(ldb
->err_string
);
284 ldb
->err_string
= NULL
;
288 #define FIRST_OP_NOERR(ldb, op) do { \
289 module = ldb->modules; \
290 while (module && module->ops->op == NULL) module = module->next; \
291 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
292 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
293 module->ops->name); \
297 #define FIRST_OP(ldb, op) do { \
298 FIRST_OP_NOERR(ldb, op); \
299 if (module == NULL) { \
300 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
301 return LDB_ERR_OPERATIONS_ERROR; \
309 int ldb_transaction_start(struct ldb_context
*ldb
)
311 struct ldb_module
*module
;
314 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
315 "start ldb transaction (nesting: %d)",
316 ldb
->transaction_active
);
318 /* explicit transaction active, count nested requests */
319 if (ldb
->transaction_active
) {
320 ldb
->transaction_active
++;
324 /* start a new transaction */
325 ldb
->transaction_active
++;
326 ldb
->prepare_commit_done
= false;
328 FIRST_OP(ldb
, start_transaction
);
330 ldb_reset_err_string(ldb
);
332 status
= module
->ops
->start_transaction(module
);
333 if (status
!= LDB_SUCCESS
) {
334 if (ldb
->err_string
== NULL
) {
335 /* no error string was setup by the backend */
336 ldb_asprintf_errstring(ldb
,
337 "ldb transaction start: %s (%d)",
338 ldb_strerror(status
),
342 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
343 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "start ldb transaction error: %s",
344 ldb_errstring(module
->ldb
));
350 prepare for transaction commit (first phase of two phase commit)
352 int ldb_transaction_prepare_commit(struct ldb_context
*ldb
)
354 struct ldb_module
*module
;
357 if (ldb
->prepare_commit_done
) {
361 /* commit only when all nested transactions are complete */
362 if (ldb
->transaction_active
> 1) {
366 ldb
->prepare_commit_done
= true;
368 if (ldb
->transaction_active
< 0) {
369 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
370 "prepare commit called but no ldb transactions are active!");
371 ldb
->transaction_active
= 0;
372 return LDB_ERR_OPERATIONS_ERROR
;
375 /* call prepare transaction if available */
376 FIRST_OP_NOERR(ldb
, prepare_commit
);
377 if (module
== NULL
) {
381 status
= module
->ops
->prepare_commit(module
);
382 if (status
!= LDB_SUCCESS
) {
383 /* if a module fails the prepare then we need
384 to call the end transaction for everyone */
385 FIRST_OP(ldb
, del_transaction
);
386 module
->ops
->del_transaction(module
);
387 if (ldb
->err_string
== NULL
) {
388 /* no error string was setup by the backend */
389 ldb_asprintf_errstring(ldb
,
390 "ldb transaction prepare commit: %s (%d)",
391 ldb_strerror(status
),
394 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
395 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "prepare commit transaction error: %s",
396 ldb_errstring(module
->ldb
));
407 int ldb_transaction_commit(struct ldb_context
*ldb
)
409 struct ldb_module
*module
;
412 status
= ldb_transaction_prepare_commit(ldb
);
413 if (status
!= LDB_SUCCESS
) {
417 ldb
->transaction_active
--;
419 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
420 "commit ldb transaction (nesting: %d)",
421 ldb
->transaction_active
);
423 /* commit only when all nested transactions are complete */
424 if (ldb
->transaction_active
> 0) {
428 if (ldb
->transaction_active
< 0) {
429 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
430 "commit called but no ldb transactions are active!");
431 ldb
->transaction_active
= 0;
432 return LDB_ERR_OPERATIONS_ERROR
;
435 ldb_reset_err_string(ldb
);
437 FIRST_OP(ldb
, end_transaction
);
438 status
= module
->ops
->end_transaction(module
);
439 if (status
!= LDB_SUCCESS
) {
440 if (ldb
->err_string
== NULL
) {
441 /* no error string was setup by the backend */
442 ldb_asprintf_errstring(ldb
,
443 "ldb transaction commit: %s (%d)",
444 ldb_strerror(status
),
447 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
448 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "commit ldb transaction error: %s",
449 ldb_errstring(module
->ldb
));
451 /* cancel the transaction */
452 FIRST_OP(ldb
, del_transaction
);
453 module
->ops
->del_transaction(module
);
462 int ldb_transaction_cancel(struct ldb_context
*ldb
)
464 struct ldb_module
*module
;
467 ldb
->transaction_active
--;
469 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
470 "cancel ldb transaction (nesting: %d)",
471 ldb
->transaction_active
);
473 /* really cancel only if all nested transactions are complete */
474 if (ldb
->transaction_active
> 0) {
478 if (ldb
->transaction_active
< 0) {
479 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
480 "cancel called but no ldb transactions are active!");
481 ldb
->transaction_active
= 0;
482 return LDB_ERR_OPERATIONS_ERROR
;
485 FIRST_OP(ldb
, del_transaction
);
487 status
= module
->ops
->del_transaction(module
);
488 if (status
!= LDB_SUCCESS
) {
489 if (ldb
->err_string
== NULL
) {
490 /* no error string was setup by the backend */
491 ldb_asprintf_errstring(ldb
,
492 "ldb transaction cancel: %s (%d)",
493 ldb_strerror(status
),
496 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
497 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "cancel ldb transaction error: %s",
498 ldb_errstring(module
->ldb
));
505 cancel a transaction with no error if no transaction is pending
506 used when we fork() to clear any parent transactions
508 int ldb_transaction_cancel_noerr(struct ldb_context
*ldb
)
510 if (ldb
->transaction_active
> 0) {
511 return ldb_transaction_cancel(ldb
);
517 /* autostarts a transacion if none active */
518 static int ldb_autotransaction_request(struct ldb_context
*ldb
,
519 struct ldb_request
*req
)
523 ret
= ldb_transaction_start(ldb
);
524 if (ret
!= LDB_SUCCESS
) {
528 ret
= ldb_request(ldb
, req
);
529 if (ret
== LDB_SUCCESS
) {
530 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
533 if (ret
== LDB_SUCCESS
) {
534 return ldb_transaction_commit(ldb
);
536 ldb_transaction_cancel(ldb
);
538 if (ldb
->err_string
== NULL
) {
539 /* no error string was setup by the backend */
540 ldb_asprintf_errstring(ldb
, "%s (%d)", ldb_strerror(ret
), ret
);
546 int ldb_wait(struct ldb_handle
*handle
, enum ldb_wait_type type
)
548 struct tevent_context
*ev
;
552 return LDB_ERR_UNAVAILABLE
;
555 if (handle
->state
== LDB_ASYNC_DONE
) {
556 return handle
->status
;
559 ev
= ldb_get_event_context(handle
->ldb
);
561 return LDB_ERR_OPERATIONS_ERROR
;
566 ret
= tevent_loop_once(ev
);
568 return LDB_ERR_OPERATIONS_ERROR
;
570 if (handle
->state
== LDB_ASYNC_DONE
||
571 handle
->status
!= LDB_SUCCESS
) {
572 return handle
->status
;
577 while (handle
->state
!= LDB_ASYNC_DONE
) {
578 ret
= tevent_loop_once(ev
);
580 return LDB_ERR_OPERATIONS_ERROR
;
582 if (handle
->status
!= LDB_SUCCESS
) {
583 return handle
->status
;
586 return handle
->status
;
592 /* set the specified timeout or, if timeout is 0 set the default timeout */
593 int ldb_set_timeout(struct ldb_context
*ldb
,
594 struct ldb_request
*req
,
597 if (req
== NULL
) return LDB_ERR_OPERATIONS_ERROR
;
600 req
->timeout
= timeout
;
602 req
->timeout
= ldb
->default_timeout
;
604 req
->starttime
= time(NULL
);
609 /* calculates the new timeout based on the previous starttime and timeout */
610 int ldb_set_timeout_from_prev_req(struct ldb_context
*ldb
,
611 struct ldb_request
*oldreq
,
612 struct ldb_request
*newreq
)
614 if (newreq
== NULL
) return LDB_ERR_OPERATIONS_ERROR
;
616 if (oldreq
== NULL
) {
617 return ldb_set_timeout(ldb
, newreq
, 0);
620 newreq
->starttime
= oldreq
->starttime
;
621 newreq
->timeout
= oldreq
->timeout
;
628 set the permissions for new files to be passed to open() in
629 backends that use local files
631 void ldb_set_create_perms(struct ldb_context
*ldb
, unsigned int perms
)
633 ldb
->create_perms
= perms
;
636 unsigned int ldb_get_create_perms(struct ldb_context
*ldb
)
638 return ldb
->create_perms
;
641 void ldb_set_event_context(struct ldb_context
*ldb
, struct tevent_context
*ev
)
646 struct tevent_context
* ldb_get_event_context(struct ldb_context
*ldb
)
651 void ldb_request_set_state(struct ldb_request
*req
, int state
)
653 req
->handle
->state
= state
;
656 int ldb_request_get_status(struct ldb_request
*req
)
658 return req
->handle
->status
;
665 static void ldb_trace_request(struct ldb_context
*ldb
, struct ldb_request
*req
)
667 TALLOC_CTX
*tmp_ctx
= talloc_new(req
);
670 switch (req
->operation
) {
672 ldb_debug_add(ldb
, "ldb_trace_request: SEARCH\n");
673 ldb_debug_add(ldb
, " dn: %s\n",
674 ldb_dn_is_null(req
->op
.search
.base
)?"<rootDSE>":
675 ldb_dn_get_linearized(req
->op
.search
.base
));
676 ldb_debug_add(ldb
, " scope: %s\n",
677 req
->op
.search
.scope
==LDB_SCOPE_BASE
?"base":
678 req
->op
.search
.scope
==LDB_SCOPE_ONELEVEL
?"one":
679 req
->op
.search
.scope
==LDB_SCOPE_SUBTREE
?"sub":"UNKNOWN");
680 ldb_debug_add(ldb
, " expr: %s\n",
681 ldb_filter_from_tree(tmp_ctx
, req
->op
.search
.tree
));
682 if (req
->op
.search
.attrs
== NULL
) {
683 ldb_debug_add(ldb
, " attr: <ALL>\n");
685 for (i
=0; req
->op
.search
.attrs
[i
]; i
++) {
686 ldb_debug_add(ldb
, " attr: %s\n", req
->op
.search
.attrs
[i
]);
691 ldb_debug_add(ldb
, "ldb_trace_request: DELETE\n");
692 ldb_debug_add(ldb
, " dn: %s\n",
693 ldb_dn_get_linearized(req
->op
.del
.dn
));
696 ldb_debug_add(ldb
, "ldb_trace_request: RENAME\n");
697 ldb_debug_add(ldb
, " olddn: %s\n",
698 ldb_dn_get_linearized(req
->op
.rename
.olddn
));
699 ldb_debug_add(ldb
, " newdn: %s\n",
700 ldb_dn_get_linearized(req
->op
.rename
.newdn
));
703 ldb_debug_add(ldb
, "ldb_trace_request: EXTENDED\n");
704 ldb_debug_add(ldb
, " oid: %s\n", req
->op
.extended
.oid
);
705 ldb_debug_add(ldb
, " data: %s\n", req
->op
.extended
.data
?"yes":"no");
708 ldb_debug_add(ldb
, "ldb_trace_request: ADD\n");
709 ldb_debug_add(req
->handle
->ldb
, "%s\n",
710 ldb_ldif_message_string(req
->handle
->ldb
, tmp_ctx
,
712 req
->op
.add
.message
));
715 ldb_debug_add(ldb
, "ldb_trace_request: MODIFY\n");
716 ldb_debug_add(req
->handle
->ldb
, "%s\n",
717 ldb_ldif_message_string(req
->handle
->ldb
, tmp_ctx
,
719 req
->op
.mod
.message
));
721 case LDB_REQ_REGISTER_CONTROL
:
722 ldb_debug_add(ldb
, "ldb_trace_request: REGISTER_CONTROL\n");
723 ldb_debug_add(req
->handle
->ldb
, "%s\n",
724 req
->op
.reg_control
.oid
);
726 case LDB_REQ_REGISTER_PARTITION
:
727 ldb_debug_add(ldb
, "ldb_trace_request: REGISTER_PARTITION\n");
728 ldb_debug_add(req
->handle
->ldb
, "%s\n",
729 ldb_dn_get_linearized(req
->op
.reg_partition
.dn
));
732 ldb_debug_add(ldb
, "ldb_trace_request: UNKNOWN(%u)\n",
737 if (req
->controls
== NULL
) {
738 ldb_debug_add(ldb
, " control: <NONE>\n");
740 for (i
=0; req
->controls
&& req
->controls
[i
]; i
++) {
741 ldb_debug_add(ldb
, " control: %s crit:%u data:%s\n",
742 req
->controls
[i
]->oid
,
743 req
->controls
[i
]->critical
,
744 req
->controls
[i
]->data
?"yes":"no");
748 ldb_debug_end(ldb
, LDB_DEBUG_TRACE
);
750 talloc_free(tmp_ctx
);
756 NOTE: the request must be a talloc context.
757 returns LDB_ERR_* on errors.
759 int ldb_request(struct ldb_context
*ldb
, struct ldb_request
*req
)
761 struct ldb_module
*module
;
764 if (req
->callback
== NULL
) {
765 ldb_set_errstring(ldb
, "Requests MUST define callbacks");
766 return LDB_ERR_UNWILLING_TO_PERFORM
;
769 ldb_reset_err_string(ldb
);
771 if (ldb
->flags
& LDB_FLG_ENABLE_TRACING
) {
772 ldb_trace_request(ldb
, req
);
775 /* call the first module in the chain */
776 switch (req
->operation
) {
778 FIRST_OP(ldb
, search
);
779 ret
= module
->ops
->search(module
, req
);
782 /* we have to canonicalise here, as so many places
783 * in modules and backends assume we don't have two
784 * elements with the same name */
785 req
->op
.add
.message
= ldb_msg_canonicalize(ldb
, req
->op
.add
.message
);
786 if (!req
->op
.add
.message
) {
788 return LDB_ERR_OPERATIONS_ERROR
;
790 talloc_steal(req
, req
->op
.add
.message
);
792 ret
= module
->ops
->add(module
, req
);
795 FIRST_OP(ldb
, modify
);
796 ret
= module
->ops
->modify(module
, req
);
800 ret
= module
->ops
->del(module
, req
);
803 if (!ldb_dn_validate(req
->op
.rename
.olddn
)) {
804 ldb_asprintf_errstring(ldb
, "ldb_rename: invalid olddn '%s'",
805 ldb_dn_get_linearized(req
->op
.rename
.olddn
));
806 return LDB_ERR_INVALID_DN_SYNTAX
;
808 if (!ldb_dn_validate(req
->op
.rename
.newdn
)) {
809 ldb_asprintf_errstring(ldb
, "ldb_rename: invalid newdn '%s'",
810 ldb_dn_get_linearized(req
->op
.rename
.newdn
));
811 return LDB_ERR_INVALID_DN_SYNTAX
;
813 FIRST_OP(ldb
, rename
);
814 ret
= module
->ops
->rename(module
, req
);
817 FIRST_OP(ldb
, extended
);
818 ret
= module
->ops
->extended(module
, req
);
821 FIRST_OP(ldb
, request
);
822 ret
= module
->ops
->request(module
, req
);
829 int ldb_request_done(struct ldb_request
*req
, int status
)
831 req
->handle
->state
= LDB_ASYNC_DONE
;
832 req
->handle
->status
= status
;
837 search the database given a LDAP-like search expression
839 returns an LDB error code
841 Use talloc_free to free the ldb_message returned in 'res', if successful
844 int ldb_search_default_callback(struct ldb_request
*req
,
845 struct ldb_reply
*ares
)
847 struct ldb_result
*res
;
850 res
= talloc_get_type(req
->context
, struct ldb_result
);
853 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
855 if (ares
->error
!= LDB_SUCCESS
) {
856 return ldb_request_done(req
, ares
->error
);
859 switch (ares
->type
) {
860 case LDB_REPLY_ENTRY
:
861 res
->msgs
= talloc_realloc(res
, res
->msgs
,
862 struct ldb_message
*, res
->count
+ 2);
864 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
867 res
->msgs
[res
->count
+ 1] = NULL
;
869 res
->msgs
[res
->count
] = talloc_move(res
->msgs
, &ares
->message
);
873 case LDB_REPLY_REFERRAL
:
875 for (n
= 0; res
->refs
[n
]; n
++) /*noop*/ ;
880 res
->refs
= talloc_realloc(res
, res
->refs
, char *, n
+ 2);
882 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
885 res
->refs
[n
] = talloc_move(res
->refs
, &ares
->referral
);
886 res
->refs
[n
+ 1] = NULL
;
890 /* TODO: we should really support controls on entries
891 * and referrals too! */
892 res
->controls
= talloc_move(res
, &ares
->controls
);
894 /* this is the last message, and means the request is done */
895 /* we have to signal and eventual ldb_wait() waiting that the
896 * async request operation was completed */
898 return ldb_request_done(req
, LDB_SUCCESS
);
906 int ldb_op_default_callback(struct ldb_request
*req
, struct ldb_reply
*ares
)
911 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
914 if (ares
->error
!= LDB_SUCCESS
) {
917 return ldb_request_done(req
, ret
);
920 if (ares
->type
!= LDB_REPLY_DONE
) {
922 ldb_set_errstring(req
->handle
->ldb
, "Invalid reply type!");
923 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
927 return ldb_request_done(req
, LDB_SUCCESS
);
930 int ldb_build_search_req_ex(struct ldb_request
**ret_req
,
931 struct ldb_context
*ldb
,
934 enum ldb_scope scope
,
935 struct ldb_parse_tree
*tree
,
936 const char * const *attrs
,
937 struct ldb_control
**controls
,
939 ldb_request_callback_t callback
,
940 struct ldb_request
*parent
)
942 struct ldb_request
*req
;
946 req
= talloc(mem_ctx
, struct ldb_request
);
949 return LDB_ERR_OPERATIONS_ERROR
;
952 req
->operation
= LDB_SEARCH
;
954 req
->op
.search
.base
= ldb_dn_new(req
, ldb
, NULL
);
956 req
->op
.search
.base
= base
;
958 req
->op
.search
.scope
= scope
;
960 req
->op
.search
.tree
= tree
;
961 if (req
->op
.search
.tree
== NULL
) {
962 ldb_set_errstring(ldb
, "'tree' can't be NULL");
964 return LDB_ERR_OPERATIONS_ERROR
;
967 req
->op
.search
.attrs
= attrs
;
968 req
->controls
= controls
;
969 req
->context
= context
;
970 req
->callback
= callback
;
972 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
974 req
->handle
= ldb_handle_new(req
, ldb
);
975 if (req
->handle
== NULL
) {
977 return LDB_ERR_OPERATIONS_ERROR
;
981 req
->handle
->nesting
++;
988 int ldb_build_search_req(struct ldb_request
**ret_req
,
989 struct ldb_context
*ldb
,
992 enum ldb_scope scope
,
993 const char *expression
,
994 const char * const *attrs
,
995 struct ldb_control
**controls
,
997 ldb_request_callback_t callback
,
998 struct ldb_request
*parent
)
1000 struct ldb_parse_tree
*tree
;
1003 tree
= ldb_parse_tree(mem_ctx
, expression
);
1005 ldb_set_errstring(ldb
, "Unable to parse search expression");
1006 return LDB_ERR_OPERATIONS_ERROR
;
1009 ret
= ldb_build_search_req_ex(ret_req
, ldb
, mem_ctx
, base
,
1010 scope
, tree
, attrs
, controls
,
1011 context
, callback
, parent
);
1012 if (ret
== LDB_SUCCESS
) {
1013 talloc_steal(*ret_req
, tree
);
1018 int ldb_build_add_req(struct ldb_request
**ret_req
,
1019 struct ldb_context
*ldb
,
1021 const struct ldb_message
*message
,
1022 struct ldb_control
**controls
,
1024 ldb_request_callback_t callback
,
1025 struct ldb_request
*parent
)
1027 struct ldb_request
*req
;
1031 req
= talloc(mem_ctx
, struct ldb_request
);
1033 ldb_set_errstring(ldb
, "Out of Memory");
1034 return LDB_ERR_OPERATIONS_ERROR
;
1037 req
->operation
= LDB_ADD
;
1038 req
->op
.add
.message
= message
;
1039 req
->controls
= controls
;
1040 req
->context
= context
;
1041 req
->callback
= callback
;
1043 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1045 req
->handle
= ldb_handle_new(req
, ldb
);
1046 if (req
->handle
== NULL
) {
1048 return LDB_ERR_OPERATIONS_ERROR
;
1052 req
->handle
->nesting
++;
1060 int ldb_build_mod_req(struct ldb_request
**ret_req
,
1061 struct ldb_context
*ldb
,
1063 const struct ldb_message
*message
,
1064 struct ldb_control
**controls
,
1066 ldb_request_callback_t callback
,
1067 struct ldb_request
*parent
)
1069 struct ldb_request
*req
;
1073 req
= talloc(mem_ctx
, struct ldb_request
);
1075 ldb_set_errstring(ldb
, "Out of Memory");
1076 return LDB_ERR_OPERATIONS_ERROR
;
1079 req
->operation
= LDB_MODIFY
;
1080 req
->op
.mod
.message
= message
;
1081 req
->controls
= controls
;
1082 req
->context
= context
;
1083 req
->callback
= callback
;
1085 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1087 req
->handle
= ldb_handle_new(req
, ldb
);
1088 if (req
->handle
== NULL
) {
1090 return LDB_ERR_OPERATIONS_ERROR
;
1094 req
->handle
->nesting
++;
1102 int ldb_build_del_req(struct ldb_request
**ret_req
,
1103 struct ldb_context
*ldb
,
1106 struct ldb_control
**controls
,
1108 ldb_request_callback_t callback
,
1109 struct ldb_request
*parent
)
1111 struct ldb_request
*req
;
1115 req
= talloc(mem_ctx
, struct ldb_request
);
1117 ldb_set_errstring(ldb
, "Out of Memory");
1118 return LDB_ERR_OPERATIONS_ERROR
;
1121 req
->operation
= LDB_DELETE
;
1122 req
->op
.del
.dn
= dn
;
1123 req
->controls
= controls
;
1124 req
->context
= context
;
1125 req
->callback
= callback
;
1127 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1129 req
->handle
= ldb_handle_new(req
, ldb
);
1130 if (req
->handle
== NULL
) {
1132 return LDB_ERR_OPERATIONS_ERROR
;
1136 req
->handle
->nesting
++;
1144 int ldb_build_rename_req(struct ldb_request
**ret_req
,
1145 struct ldb_context
*ldb
,
1147 struct ldb_dn
*olddn
,
1148 struct ldb_dn
*newdn
,
1149 struct ldb_control
**controls
,
1151 ldb_request_callback_t callback
,
1152 struct ldb_request
*parent
)
1154 struct ldb_request
*req
;
1158 req
= talloc(mem_ctx
, struct ldb_request
);
1160 ldb_set_errstring(ldb
, "Out of Memory");
1161 return LDB_ERR_OPERATIONS_ERROR
;
1164 req
->operation
= LDB_RENAME
;
1165 req
->op
.rename
.olddn
= olddn
;
1166 req
->op
.rename
.newdn
= newdn
;
1167 req
->controls
= controls
;
1168 req
->context
= context
;
1169 req
->callback
= callback
;
1171 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1173 req
->handle
= ldb_handle_new(req
, ldb
);
1174 if (req
->handle
== NULL
) {
1176 return LDB_ERR_OPERATIONS_ERROR
;
1180 req
->handle
->nesting
++;
1188 int ldb_extended_default_callback(struct ldb_request
*req
,
1189 struct ldb_reply
*ares
)
1191 struct ldb_result
*res
;
1193 res
= talloc_get_type(req
->context
, struct ldb_result
);
1196 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1198 if (ares
->error
!= LDB_SUCCESS
) {
1199 return ldb_request_done(req
, ares
->error
);
1202 if (ares
->type
== LDB_REPLY_DONE
) {
1204 /* TODO: we should really support controls on entries and referrals too! */
1205 res
->extended
= talloc_move(res
, &ares
->response
);
1206 res
->controls
= talloc_move(res
, &ares
->controls
);
1209 return ldb_request_done(req
, LDB_SUCCESS
);
1213 ldb_set_errstring(req
->handle
->ldb
, "Invalid reply type!");
1214 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1217 int ldb_build_extended_req(struct ldb_request
**ret_req
,
1218 struct ldb_context
*ldb
,
1222 struct ldb_control
**controls
,
1224 ldb_request_callback_t callback
,
1225 struct ldb_request
*parent
)
1227 struct ldb_request
*req
;
1231 req
= talloc(mem_ctx
, struct ldb_request
);
1233 ldb_set_errstring(ldb
, "Out of Memory");
1234 return LDB_ERR_OPERATIONS_ERROR
;
1237 req
->operation
= LDB_EXTENDED
;
1238 req
->op
.extended
.oid
= oid
;
1239 req
->op
.extended
.data
= data
;
1240 req
->controls
= controls
;
1241 req
->context
= context
;
1242 req
->callback
= callback
;
1244 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1246 req
->handle
= ldb_handle_new(req
, ldb
);
1247 if (req
->handle
== NULL
) {
1249 return LDB_ERR_OPERATIONS_ERROR
;
1253 req
->handle
->nesting
++;
1261 int ldb_extended(struct ldb_context
*ldb
,
1264 struct ldb_result
**_res
)
1266 struct ldb_request
*req
;
1268 struct ldb_result
*res
;
1272 res
= talloc_zero(ldb
, struct ldb_result
);
1274 return LDB_ERR_OPERATIONS_ERROR
;
1277 ret
= ldb_build_extended_req(&req
, ldb
, ldb
,
1279 res
, ldb_extended_default_callback
,
1281 if (ret
!= LDB_SUCCESS
) goto done
;
1283 ldb_set_timeout(ldb
, req
, 0); /* use default timeout */
1285 ret
= ldb_request(ldb
, req
);
1287 if (ret
== LDB_SUCCESS
) {
1288 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
1294 if (ret
!= LDB_SUCCESS
) {
1303 note that ldb_search() will automatically replace a NULL 'base' value
1304 with the defaultNamingContext from the rootDSE if available.
1306 int ldb_search(struct ldb_context
*ldb
, TALLOC_CTX
*mem_ctx
,
1307 struct ldb_result
**result
, struct ldb_dn
*base
,
1308 enum ldb_scope scope
, const char * const *attrs
,
1309 const char *exp_fmt
, ...)
1311 struct ldb_request
*req
;
1312 struct ldb_result
*res
;
1321 res
= talloc_zero(mem_ctx
, struct ldb_result
);
1323 return LDB_ERR_OPERATIONS_ERROR
;
1327 va_start(ap
, exp_fmt
);
1328 expression
= talloc_vasprintf(mem_ctx
, exp_fmt
, ap
);
1333 return LDB_ERR_OPERATIONS_ERROR
;
1337 ret
= ldb_build_search_req(&req
, ldb
, mem_ctx
,
1338 base
?base
:ldb_get_default_basedn(ldb
),
1344 ldb_search_default_callback
,
1347 if (ret
!= LDB_SUCCESS
) goto done
;
1349 ret
= ldb_request(ldb
, req
);
1351 if (ret
== LDB_SUCCESS
) {
1352 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
1356 if (ret
!= LDB_SUCCESS
) {
1361 talloc_free(expression
);
1369 add a record to the database. Will fail if a record with the given class
1370 and key already exists
1372 int ldb_add(struct ldb_context
*ldb
,
1373 const struct ldb_message
*message
)
1375 struct ldb_request
*req
;
1378 ret
= ldb_msg_sanity_check(ldb
, message
);
1379 if (ret
!= LDB_SUCCESS
) {
1383 ret
= ldb_build_add_req(&req
, ldb
, ldb
,
1387 ldb_op_default_callback
,
1390 if (ret
!= LDB_SUCCESS
) return ret
;
1392 /* do request and autostart a transaction */
1393 ret
= ldb_autotransaction_request(ldb
, req
);
1400 modify the specified attributes of a record
1402 int ldb_modify(struct ldb_context
*ldb
,
1403 const struct ldb_message
*message
)
1405 struct ldb_request
*req
;
1408 ret
= ldb_msg_sanity_check(ldb
, message
);
1409 if (ret
!= LDB_SUCCESS
) {
1413 ret
= ldb_build_mod_req(&req
, ldb
, ldb
,
1417 ldb_op_default_callback
,
1420 if (ret
!= LDB_SUCCESS
) return ret
;
1422 /* do request and autostart a transaction */
1423 ret
= ldb_autotransaction_request(ldb
, req
);
1431 delete a record from the database
1433 int ldb_delete(struct ldb_context
*ldb
, struct ldb_dn
*dn
)
1435 struct ldb_request
*req
;
1438 ret
= ldb_build_del_req(&req
, ldb
, ldb
,
1442 ldb_op_default_callback
,
1445 if (ret
!= LDB_SUCCESS
) return ret
;
1447 /* do request and autostart a transaction */
1448 ret
= ldb_autotransaction_request(ldb
, req
);
1455 rename a record in the database
1457 int ldb_rename(struct ldb_context
*ldb
,
1458 struct ldb_dn
*olddn
, struct ldb_dn
*newdn
)
1460 struct ldb_request
*req
;
1463 ret
= ldb_build_rename_req(&req
, ldb
, ldb
,
1468 ldb_op_default_callback
,
1471 if (ret
!= LDB_SUCCESS
) return ret
;
1473 /* do request and autostart a transaction */
1474 ret
= ldb_autotransaction_request(ldb
, req
);
1482 return the global sequence number
1484 int ldb_sequence_number(struct ldb_context
*ldb
,
1485 enum ldb_sequence_type type
, uint64_t *seq_num
)
1487 struct ldb_seqnum_request
*seq
;
1488 struct ldb_seqnum_result
*seqr
;
1489 struct ldb_result
*res
;
1490 TALLOC_CTX
*tmp_ctx
;
1495 tmp_ctx
= talloc_zero(ldb
, struct ldb_request
);
1496 if (tmp_ctx
== NULL
) {
1497 ldb_set_errstring(ldb
, "Out of Memory");
1498 return LDB_ERR_OPERATIONS_ERROR
;
1500 seq
= talloc_zero(tmp_ctx
, struct ldb_seqnum_request
);
1502 ldb_set_errstring(ldb
, "Out of Memory");
1503 ret
= LDB_ERR_OPERATIONS_ERROR
;
1508 ret
= ldb_extended(ldb
, LDB_EXTENDED_SEQUENCE_NUMBER
, seq
, &res
);
1509 if (ret
!= LDB_SUCCESS
) {
1512 talloc_steal(tmp_ctx
, res
);
1514 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER
, res
->extended
->oid
) != 0) {
1515 ldb_set_errstring(ldb
, "Invalid OID in reply");
1516 ret
= LDB_ERR_OPERATIONS_ERROR
;
1519 seqr
= talloc_get_type(res
->extended
->data
,
1520 struct ldb_seqnum_result
);
1521 *seq_num
= seqr
->seq_num
;
1524 talloc_free(tmp_ctx
);
1529 return extended error information
1531 const char *ldb_errstring(struct ldb_context
*ldb
)
1533 if (ldb
->err_string
) {
1534 return ldb
->err_string
;
1541 return a string explaining what a ldb error constant meancs
1543 const char *ldb_strerror(int ldb_err
)
1548 case LDB_ERR_OPERATIONS_ERROR
:
1549 return "Operations error";
1550 case LDB_ERR_PROTOCOL_ERROR
:
1551 return "Protocol error";
1552 case LDB_ERR_TIME_LIMIT_EXCEEDED
:
1553 return "Time limit exceeded";
1554 case LDB_ERR_SIZE_LIMIT_EXCEEDED
:
1555 return "Size limit exceeded";
1556 case LDB_ERR_COMPARE_FALSE
:
1557 return "Compare false";
1558 case LDB_ERR_COMPARE_TRUE
:
1559 return "Compare true";
1560 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED
:
1561 return "Auth method not supported";
1562 case LDB_ERR_STRONG_AUTH_REQUIRED
:
1563 return "Strong auth required";
1565 case LDB_ERR_REFERRAL
:
1566 return "Referral error";
1567 case LDB_ERR_ADMIN_LIMIT_EXCEEDED
:
1568 return "Admin limit exceeded";
1569 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION
:
1570 return "Unsupported critical extension";
1571 case LDB_ERR_CONFIDENTIALITY_REQUIRED
:
1572 return "Confidentiality required";
1573 case LDB_ERR_SASL_BIND_IN_PROGRESS
:
1574 return "SASL bind in progress";
1575 case LDB_ERR_NO_SUCH_ATTRIBUTE
:
1576 return "No such attribute";
1577 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE
:
1578 return "Undefined attribute type";
1579 case LDB_ERR_INAPPROPRIATE_MATCHING
:
1580 return "Inappropriate matching";
1581 case LDB_ERR_CONSTRAINT_VIOLATION
:
1582 return "Constraint violation";
1583 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
:
1584 return "Attribute or value exists";
1585 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX
:
1586 return "Invalid attribute syntax";
1588 case LDB_ERR_NO_SUCH_OBJECT
:
1589 return "No such object";
1590 case LDB_ERR_ALIAS_PROBLEM
:
1591 return "Alias problem";
1592 case LDB_ERR_INVALID_DN_SYNTAX
:
1593 return "Invalid DN syntax";
1595 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM
:
1596 return "Alias dereferencing problem";
1598 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION
:
1599 return "Inappropriate authentication";
1600 case LDB_ERR_INVALID_CREDENTIALS
:
1601 return "Invalid credentials";
1602 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS
:
1603 return "insufficient access rights";
1606 case LDB_ERR_UNAVAILABLE
:
1607 return "Unavailable";
1608 case LDB_ERR_UNWILLING_TO_PERFORM
:
1609 return "Unwilling to perform";
1610 case LDB_ERR_LOOP_DETECT
:
1611 return "Loop detect";
1613 case LDB_ERR_NAMING_VIOLATION
:
1614 return "Naming violation";
1615 case LDB_ERR_OBJECT_CLASS_VIOLATION
:
1616 return "Object class violation";
1617 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF
:
1618 return "Not allowed on non-leaf";
1619 case LDB_ERR_NOT_ALLOWED_ON_RDN
:
1620 return "Not allowed on RDN";
1621 case LDB_ERR_ENTRY_ALREADY_EXISTS
:
1622 return "Entry already exists";
1623 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED
:
1624 return "Object class mods prohibited";
1625 /* 70 RESERVED FOR CLDAP */
1626 case LDB_ERR_AFFECTS_MULTIPLE_DSAS
:
1627 return "Affects multiple DSAs";
1633 return "Unknown error";
1637 set backend specific opaque parameters
1639 int ldb_set_opaque(struct ldb_context
*ldb
, const char *name
, void *value
)
1641 struct ldb_opaque
*o
;
1643 /* allow updating an existing value */
1644 for (o
=ldb
->opaque
;o
;o
=o
->next
) {
1645 if (strcmp(o
->name
, name
) == 0) {
1651 o
= talloc(ldb
, struct ldb_opaque
);
1654 return LDB_ERR_OTHER
;
1656 o
->next
= ldb
->opaque
;
1664 get a previously set opaque value
1666 void *ldb_get_opaque(struct ldb_context
*ldb
, const char *name
)
1668 struct ldb_opaque
*o
;
1669 for (o
=ldb
->opaque
;o
;o
=o
->next
) {
1670 if (strcmp(o
->name
, name
) == 0) {
1677 int ldb_global_init(void)
1679 /* Provided for compatibility with some older versions of ldb */
1683 /* return the ldb flags */
1684 unsigned int ldb_get_flags(struct ldb_context
*ldb
)
1689 /* set the ldb flags */
1690 void ldb_set_flags(struct ldb_context
*ldb
, unsigned flags
)