search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
join.py: Add Replica-Locations for DomainDNS and ForestDNS
[Samba.git] / lib / ldb / common / ldb.c
blob606725603a0599bd8afc92d28fe2d6f9d2603e0a
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
6
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
9 ** under the LGPL
10
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
15
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
20
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb core API
29 *
30 * Description: core API routines interfacing to ldb backends
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
37 #include "ldb.h"
38
39 static int ldb_context_destructor(void *ptr)
40 {
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 }
48
49 return 0;
50 }
51
52 /*
53 this is used to catch debug messages from events
54 */
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
60 {
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63
64 switch (level) {
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
67 break;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
70 break;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
73 break;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
76 break;
77 };
78
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
81 * want to show it */
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
83 }
84
85 /*
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
89 */
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 {
92 struct ldb_context *ldb;
93 int ret;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
95
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
98 }
99
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
102 return NULL;
103 }
104
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
106 if (ldb == NULL) {
107 return NULL;
108 }
109
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 if (ev_ctx == NULL) {
116 talloc_free(ldb);
117 return NULL;
118 }
119 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 tevent_loop_allow_nesting(ev_ctx);
121 }
122
123 ret = ldb_setup_wellknown_attributes(ldb);
124 if (ret != LDB_SUCCESS) {
125 talloc_free(ldb);
126 return NULL;
127 }
128
129 ldb_set_utf8_default(ldb);
130 ldb_set_create_perms(ldb, 0666);
131 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
132 ldb_set_event_context(ldb, ev_ctx);
133 ret = ldb_register_extended_match_rules(ldb);
134 if (ret != LDB_SUCCESS) {
135 talloc_free(ldb);
136 return NULL;
137 }
138
139 /* TODO: get timeout from options if available there */
140 ldb->default_timeout = 300; /* set default to 5 minutes */
141
142 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
143
144 return ldb;
145 }
146
147 /*
148 try to autodetect a basedn if none specified. This fixes one of my
149 pet hates about ldapsearch, which is that you have to get a long,
150 complex basedn right to make any use of it.
151 */
152 void ldb_set_default_dns(struct ldb_context *ldb)
153 {
154 TALLOC_CTX *tmp_ctx;
155 int ret;
156 struct ldb_result *res;
157 struct ldb_dn *tmp_dn=NULL;
158 static const char *attrs[] = {
159 "rootDomainNamingContext",
160 "configurationNamingContext",
161 "schemaNamingContext",
162 "defaultNamingContext",
163 NULL
164 };
165
166 tmp_ctx = talloc_new(ldb);
167 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
168 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
169 if (ret != LDB_SUCCESS) {
170 talloc_free(tmp_ctx);
171 return;
172 }
173
174 if (res->count != 1) {
175 talloc_free(tmp_ctx);
176 return;
177 }
178
179 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
180 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
181 "rootDomainNamingContext");
182 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
183 }
184
185 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
186 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
187 "configurationNamingContext");
188 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
189 }
190
191 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
192 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
193 "schemaNamingContext");
194 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
195 }
196
197 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
198 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
199 "defaultNamingContext");
200 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
201 }
202
203 talloc_free(tmp_ctx);
204 }
205
206 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
207 {
208 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
209 return talloc_get_type(opaque, struct ldb_dn);
210 }
211
212 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
213 {
214 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
215 return talloc_get_type(opaque, struct ldb_dn);
216 }
217
218 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
219 {
220 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
221 return talloc_get_type(opaque, struct ldb_dn);
222 }
223
224 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
225 {
226 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
227 return talloc_get_type(opaque, struct ldb_dn);
228 }
229
230 /*
231 connect to a database. The URL can either be one of the following forms
232 ldb://path
233 ldapi://path
234
235 flags is made up of LDB_FLG_*
236
237 the options are passed uninterpreted to the backend, and are
238 backend specific
239 */
240 int ldb_connect(struct ldb_context *ldb, const char *url,
241 unsigned int flags, const char *options[])
242 {
243 int ret;
244 char *url2;
245 /* We seem to need to do this here, or else some utilities don't
246 * get ldb backends */
247
248 ldb->flags = flags;
249
250 url2 = talloc_strdup(ldb, url);
251 if (!url2) {
252 ldb_oom(ldb);
253 return LDB_ERR_OPERATIONS_ERROR;
254 }
255 ret = ldb_set_opaque(ldb, "ldb_url", url2);
256 if (ret != LDB_SUCCESS) {
257 return ret;
258 }
259
260 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
261 if (ret != LDB_SUCCESS) {
262 return ret;
263 }
264
265 ret = ldb_load_modules(ldb, options);
266 if (ret != LDB_SUCCESS) {
267 ldb_debug(ldb, LDB_DEBUG_FATAL,
268 "Unable to load modules for %s: %s",
269 url, ldb_errstring(ldb));
270 return ret;
271 }
272
273 /* set the default base dn */
274 ldb_set_default_dns(ldb);
275
276 return LDB_SUCCESS;
277 }
278
279 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
280 {
281 ldb_asprintf_errstring(ldb, "%s", err_string);
282 }
283
284 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
285 {
286 va_list ap;
287 char *old_err_string = NULL;
288 if (ldb->err_string) {
289 old_err_string = ldb->err_string;
290 }
291
292 va_start(ap, format);
293 ldb->err_string = talloc_vasprintf(ldb, format, ap);
294 va_end(ap);
295
296 TALLOC_FREE(old_err_string);
297
298 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
299 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
300 ldb->err_string);
301 }
302 }
303
304 void ldb_reset_err_string(struct ldb_context *ldb)
305 {
306 if (ldb->err_string) {
307 talloc_free(ldb->err_string);
308 ldb->err_string = NULL;
309 }
310 }
311
312
313
314 /*
315 set an ldb error based on file:line
316 */
317 int ldb_error_at(struct ldb_context *ldb, int ecode,
318 const char *reason, const char *file, int line)
319 {
320 if (reason == NULL) {
321 reason = ldb_strerror(ecode);
322 }
323 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
324 return ecode;
325 }
326
327
328 #define FIRST_OP_NOERR(ldb, op) do { \
329 module = ldb->modules; \
330 while (module && module->ops->op == NULL) module = module->next; \
331 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
332 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
333 module->ops->name); \
334 } \
335 } while (0)
336
337 #define FIRST_OP(ldb, op) do { \
338 FIRST_OP_NOERR(ldb, op); \
339 if (module == NULL) { \
340 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
341 return LDB_ERR_OPERATIONS_ERROR; \
342 } \
343 } while (0)
344
345
346 /*
347 start a transaction
348 */
349 int ldb_transaction_start(struct ldb_context *ldb)
350 {
351 struct ldb_module *module;
352 int status;
353
354 ldb_debug(ldb, LDB_DEBUG_TRACE,
355 "start ldb transaction (nesting: %d)",
356 ldb->transaction_active);
357
358 /* explicit transaction active, count nested requests */
359 if (ldb->transaction_active) {
360 ldb->transaction_active++;
361 return LDB_SUCCESS;
362 }
363
364 /* start a new transaction */
365 ldb->transaction_active++;
366 ldb->prepare_commit_done = false;
367
368 FIRST_OP(ldb, start_transaction);
369
370 ldb_reset_err_string(ldb);
371
372 status = module->ops->start_transaction(module);
373 if (status != LDB_SUCCESS) {
374 if (ldb->err_string == NULL) {
375 /* no error string was setup by the backend */
376 ldb_asprintf_errstring(ldb,
377 "ldb transaction start: %s (%d)",
378 ldb_strerror(status),
379 status);
380 }
381 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
382 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
383 ldb_errstring(module->ldb));
384 }
385 } else {
386 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
387 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction success");
388 }
389 }
390 return status;
391 }
392
393 /*
394 prepare for transaction commit (first phase of two phase commit)
395 */
396 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
397 {
398 struct ldb_module *module;
399 int status;
400
401 if (ldb->prepare_commit_done) {
402 return LDB_SUCCESS;
403 }
404
405 /* commit only when all nested transactions are complete */
406 if (ldb->transaction_active > 1) {
407 return LDB_SUCCESS;
408 }
409
410 ldb->prepare_commit_done = true;
411
412 if (ldb->transaction_active < 0) {
413 ldb_debug(ldb, LDB_DEBUG_FATAL,
414 "prepare commit called but no ldb transactions are active!");
415 ldb->transaction_active = 0;
416 return LDB_ERR_OPERATIONS_ERROR;
417 }
418
419 /* call prepare transaction if available */
420 FIRST_OP_NOERR(ldb, prepare_commit);
421 if (module == NULL) {
422 return LDB_SUCCESS;
423 }
424
425 status = module->ops->prepare_commit(module);
426 if (status != LDB_SUCCESS) {
427 ldb->transaction_active--;
428 /* if a module fails the prepare then we need
429 to call the end transaction for everyone */
430 FIRST_OP(ldb, del_transaction);
431 module->ops->del_transaction(module);
432 if (ldb->err_string == NULL) {
433 /* no error string was setup by the backend */
434 ldb_asprintf_errstring(ldb,
435 "ldb transaction prepare commit: %s (%d)",
436 ldb_strerror(status),
437 status);
438 }
439 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
440 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
441 ldb_errstring(module->ldb));
442 }
443 }
444
445 return status;
446 }
447
448
449 /*
450 commit a transaction
451 */
452 int ldb_transaction_commit(struct ldb_context *ldb)
453 {
454 struct ldb_module *module;
455 int status;
456
457 status = ldb_transaction_prepare_commit(ldb);
458 if (status != LDB_SUCCESS) {
459 return status;
460 }
461
462 ldb->transaction_active--;
463
464 ldb_debug(ldb, LDB_DEBUG_TRACE,
465 "commit ldb transaction (nesting: %d)",
466 ldb->transaction_active);
467
468 /* commit only when all nested transactions are complete */
469 if (ldb->transaction_active > 0) {
470 return LDB_SUCCESS;
471 }
472
473 if (ldb->transaction_active < 0) {
474 ldb_debug(ldb, LDB_DEBUG_FATAL,
475 "commit called but no ldb transactions are active!");
476 ldb->transaction_active = 0;
477 return LDB_ERR_OPERATIONS_ERROR;
478 }
479
480 ldb_reset_err_string(ldb);
481
482 FIRST_OP(ldb, end_transaction);
483 status = module->ops->end_transaction(module);
484 if (status != LDB_SUCCESS) {
485 if (ldb->err_string == NULL) {
486 /* no error string was setup by the backend */
487 ldb_asprintf_errstring(ldb,
488 "ldb transaction commit: %s (%d)",
489 ldb_strerror(status),
490 status);
491 }
492 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
493 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
494 ldb_errstring(module->ldb));
495 }
496 /* cancel the transaction */
497 FIRST_OP(ldb, del_transaction);
498 module->ops->del_transaction(module);
499 }
500 return status;
501 }
502
503
504 /*
505 cancel a transaction
506 */
507 int ldb_transaction_cancel(struct ldb_context *ldb)
508 {
509 struct ldb_module *module;
510 int status;
511
512 ldb->transaction_active--;
513
514 ldb_debug(ldb, LDB_DEBUG_TRACE,
515 "cancel ldb transaction (nesting: %d)",
516 ldb->transaction_active);
517
518 /* really cancel only if all nested transactions are complete */
519 if (ldb->transaction_active > 0) {
520 return LDB_SUCCESS;
521 }
522
523 if (ldb->transaction_active < 0) {
524 ldb_debug(ldb, LDB_DEBUG_FATAL,
525 "cancel called but no ldb transactions are active!");
526 ldb->transaction_active = 0;
527 return LDB_ERR_OPERATIONS_ERROR;
528 }
529
530 FIRST_OP(ldb, del_transaction);
531
532 status = module->ops->del_transaction(module);
533 if (status != LDB_SUCCESS) {
534 if (ldb->err_string == NULL) {
535 /* no error string was setup by the backend */
536 ldb_asprintf_errstring(ldb,
537 "ldb transaction cancel: %s (%d)",
538 ldb_strerror(status),
539 status);
540 }
541 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
542 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
543 ldb_errstring(module->ldb));
544 }
545 }
546 return status;
547 }
548
549 /*
550 cancel a transaction with no error if no transaction is pending
551 used when we fork() to clear any parent transactions
552 */
553 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
554 {
555 if (ldb->transaction_active > 0) {
556 return ldb_transaction_cancel(ldb);
557 }
558 return LDB_SUCCESS;
559 }
560
561
562 /* autostarts a transaction if none active */
563 static int ldb_autotransaction_request(struct ldb_context *ldb,
564 struct ldb_request *req)
565 {
566 int ret;
567
568 ret = ldb_transaction_start(ldb);
569 if (ret != LDB_SUCCESS) {
570 return ret;
571 }
572
573 ret = ldb_request(ldb, req);
574 if (ret == LDB_SUCCESS) {
575 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
576 }
577
578 if (ret == LDB_SUCCESS) {
579 return ldb_transaction_commit(ldb);
580 }
581 ldb_transaction_cancel(ldb);
582
583 return ret;
584 }
585
586 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
587 {
588 struct tevent_context *ev;
589 int ret;
590
591 if (handle == NULL) {
592 return LDB_ERR_UNAVAILABLE;
593 }
594
595 if (handle->state == LDB_ASYNC_DONE) {
596 if ((handle->status != LDB_SUCCESS) &&
597 (handle->ldb->err_string == NULL)) {
598 /* if no error string was setup by the backend */
599 ldb_asprintf_errstring(handle->ldb,
600 "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)",
601 handle->location,
602 ldb_strerror(handle->status),
603 handle->status);
604 }
605 return handle->status;
606 }
607
608 ev = ldb_get_event_context(handle->ldb);
609 if (NULL == ev) {
610 return ldb_oom(handle->ldb);
611 }
612
613 switch (type) {
614 case LDB_WAIT_NONE:
615 ret = tevent_loop_once(ev);
616 if (ret != 0) {
617 return ldb_operr(handle->ldb);
618 }
619 if (handle->status == LDB_SUCCESS) {
620 return LDB_SUCCESS;
621 }
622 if (handle->ldb->err_string != NULL) {
623 return handle->status;
624 }
625 /*
626 * if no error string was setup by the backend
627 */
628 ldb_asprintf_errstring(handle->ldb,
629 "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)",
630 handle->location,
631 ldb_strerror(handle->status),
632 handle->status);
633 return handle->status;
634
635 case LDB_WAIT_ALL:
636 while (handle->state != LDB_ASYNC_DONE) {
637 ret = tevent_loop_once(ev);
638 if (ret != 0) {
639 return ldb_operr(handle->ldb);
640 }
641 if (handle->status != LDB_SUCCESS) {
642 if (handle->ldb->err_string != NULL) {
643 return handle->status;
644 }
645 /*
646 * if no error string was setup by the
647 * backend
648 */
649 ldb_asprintf_errstring(handle->ldb,
650 "ldb_wait from %s with "
651 "LDB_WAIT_ALL: %s (%d)",
652 handle->location,
653 ldb_strerror(handle->status),
654 handle->status);
655 return handle->status;
656 }
657 }
658 if (handle->status == LDB_SUCCESS) {
659 return LDB_SUCCESS;
660 }
661 if (handle->ldb->err_string != NULL) {
662 return handle->status;
663 }
664 /*
665 * if no error string was setup by the backend
666 */
667 ldb_asprintf_errstring(handle->ldb,
668 "ldb_wait from %s with LDB_WAIT_ALL,"
669 " LDB_ASYNC_DONE: %s (%d)",
670 handle->location,
671 ldb_strerror(handle->status),
672 handle->status);
673 return handle->status;
674 }
675
676 return LDB_SUCCESS;
677 }
678
679 /* set the specified timeout or, if timeout is 0 set the default timeout */
680 int ldb_set_timeout(struct ldb_context *ldb,
681 struct ldb_request *req,
682 int timeout)
683 {
684 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
685
686 if (timeout != 0) {
687 req->timeout = timeout;
688 } else {
689 req->timeout = ldb->default_timeout;
690 }
691 req->starttime = time(NULL);
692
693 return LDB_SUCCESS;
694 }
695
696 /* calculates the new timeout based on the previous starttime and timeout */
697 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
698 struct ldb_request *oldreq,
699 struct ldb_request *newreq)
700 {
701 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
702
703 if (oldreq == NULL) {
704 return ldb_set_timeout(ldb, newreq, 0);
705 }
706
707 newreq->starttime = oldreq->starttime;
708 newreq->timeout = oldreq->timeout;
709
710 return LDB_SUCCESS;
711 }
712
713
714 /*
715 set the permissions for new files to be passed to open() in
716 backends that use local files
717 */
718 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
719 {
720 ldb->create_perms = perms;
721 }
722
723 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
724 {
725 return ldb->create_perms;
726 }
727
728 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
729 {
730 ldb->ev_ctx = ev;
731 }
732
733 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
734 {
735 return ldb->ev_ctx;
736 }
737
738 void ldb_request_set_state(struct ldb_request *req, int state)
739 {
740 req->handle->state = state;
741 }
742
743 int ldb_request_get_status(struct ldb_request *req)
744 {
745 return req->handle->status;
746 }
747
748
749 /*
750 trace a ldb request
751 */
752 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
753 {
754 TALLOC_CTX *tmp_ctx = talloc_new(req);
755 unsigned int i;
756 struct ldb_ldif ldif;
757
758 switch (req->operation) {
759 case LDB_SEARCH:
760 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
761 ldb_debug_add(ldb, " dn: %s\n",
762 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
763 ldb_dn_get_linearized(req->op.search.base));
764 ldb_debug_add(ldb, " scope: %s\n",
765 req->op.search.scope==LDB_SCOPE_BASE?"base":
766 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
767 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
768 ldb_debug_add(ldb, " expr: %s\n",
769 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
770 if (req->op.search.attrs == NULL) {
771 ldb_debug_add(ldb, " attr: <ALL>\n");
772 } else {
773 for (i=0; req->op.search.attrs[i]; i++) {
774 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
775 }
776 }
777 break;
778 case LDB_DELETE:
779 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
780 ldb_debug_add(ldb, " dn: %s\n",
781 ldb_dn_get_linearized(req->op.del.dn));
782 break;
783 case LDB_RENAME:
784 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
785 ldb_debug_add(ldb, " olddn: %s\n",
786 ldb_dn_get_linearized(req->op.rename.olddn));
787 ldb_debug_add(ldb, " newdn: %s\n",
788 ldb_dn_get_linearized(req->op.rename.newdn));
789 break;
790 case LDB_EXTENDED:
791 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
792 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
793 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
794 break;
795 case LDB_ADD:
796 ldif.changetype = LDB_CHANGETYPE_ADD;
797 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
798
799 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
800
801 /*
802 * The choice to call
803 * ldb_ldif_write_redacted_trace_string() is CRITICAL
804 * for security. It ensures that we do not output
805 * passwords into debug logs
806 */
807
808 ldb_debug_add(req->handle->ldb, "%s\n",
809 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
810 break;
811 case LDB_MODIFY:
812 ldif.changetype = LDB_CHANGETYPE_MODIFY;
813 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
814
815 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
816
817 /*
818 * The choice to call
819 * ldb_ldif_write_redacted_trace_string() is CRITICAL
820 * for security. It ensures that we do not output
821 * passwords into debug logs
822 */
823
824 ldb_debug_add(req->handle->ldb, "%s\n",
825 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
826 break;
827 case LDB_REQ_REGISTER_CONTROL:
828 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
829 ldb_debug_add(req->handle->ldb, "%s\n",
830 req->op.reg_control.oid);
831 break;
832 case LDB_REQ_REGISTER_PARTITION:
833 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
834 ldb_debug_add(req->handle->ldb, "%s\n",
835 ldb_dn_get_linearized(req->op.reg_partition.dn));
836 break;
837 default:
838 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
839 req->operation);
840 break;
841 }
842
843 if (req->controls == NULL) {
844 ldb_debug_add(ldb, " control: <NONE>\n");
845 } else {
846 for (i=0; req->controls && req->controls[i]; i++) {
847 if (req->controls[i]->oid) {
848 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
849 req->controls[i]->oid,
850 req->controls[i]->critical,
851 req->controls[i]->data?"yes":"no");
852 }
853 }
854 }
855
856 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
857
858 talloc_free(tmp_ctx);
859 }
860
861 /*
862 check that the element flags don't have any internal bits set
863 */
864 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
865 const struct ldb_message *message)
866 {
867 unsigned i;
868 for (i=0; i<message->num_elements; i++) {
869 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
870 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
871 message->elements[i].flags, message->elements[i].name,
872 ldb_dn_get_linearized(message->dn));
873 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
874 }
875 }
876 return LDB_SUCCESS;
877 }
878
879
880 /*
881 start an ldb request
882 NOTE: the request must be a talloc context.
883 returns LDB_ERR_* on errors.
884 */
885 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
886 {
887 struct ldb_module *module;
888 int ret;
889
890 if (req->callback == NULL) {
891 ldb_set_errstring(ldb, "Requests MUST define callbacks");
892 return LDB_ERR_UNWILLING_TO_PERFORM;
893 }
894
895 ldb_reset_err_string(ldb);
896
897 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
898 ldb_trace_request(ldb, req);
899 }
900
901 /* call the first module in the chain */
902 switch (req->operation) {
903 case LDB_SEARCH:
904 /* due to "ldb_build_search_req" base DN always != NULL */
905 if (!ldb_dn_validate(req->op.search.base)) {
906 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
907 ldb_dn_get_linearized(req->op.search.base));
908 return LDB_ERR_INVALID_DN_SYNTAX;
909 }
910 FIRST_OP(ldb, search);
911 ret = module->ops->search(module, req);
912 break;
913 case LDB_ADD:
914 if (!ldb_dn_validate(req->op.add.message->dn)) {
915 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
916 ldb_dn_get_linearized(req->op.add.message->dn));
917 return LDB_ERR_INVALID_DN_SYNTAX;
918 }
919 /*
920 * we have to normalize here, as so many places
921 * in modules and backends assume we don't have two
922 * elements with the same name
923 */
924 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
925 discard_const(&req->op.add.message));
926 if (ret != LDB_SUCCESS) {
927 ldb_oom(ldb);
928 return ret;
929 }
930 FIRST_OP(ldb, add);
931 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
932 if (ret != LDB_SUCCESS) {
933 /*
934 * "ldb_msg_check_element_flags" generates an error
935 * string
936 */
937 return ret;
938 }
939 ret = module->ops->add(module, req);
940 break;
941 case LDB_MODIFY:
942 if (!ldb_dn_validate(req->op.mod.message->dn)) {
943 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
944 ldb_dn_get_linearized(req->op.mod.message->dn));
945 return LDB_ERR_INVALID_DN_SYNTAX;
946 }
947 FIRST_OP(ldb, modify);
948 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
949 if (ret != LDB_SUCCESS) {
950 /*
951 * "ldb_msg_check_element_flags" generates an error
952 * string
953 */
954 return ret;
955 }
956 ret = module->ops->modify(module, req);
957 break;
958 case LDB_DELETE:
959 if (!ldb_dn_validate(req->op.del.dn)) {
960 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
961 ldb_dn_get_linearized(req->op.del.dn));
962 return LDB_ERR_INVALID_DN_SYNTAX;
963 }
964 FIRST_OP(ldb, del);
965 ret = module->ops->del(module, req);
966 break;
967 case LDB_RENAME:
968 if (!ldb_dn_validate(req->op.rename.olddn)) {
969 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
970 ldb_dn_get_linearized(req->op.rename.olddn));
971 return LDB_ERR_INVALID_DN_SYNTAX;
972 }
973 if (!ldb_dn_validate(req->op.rename.newdn)) {
974 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
975 ldb_dn_get_linearized(req->op.rename.newdn));
976 return LDB_ERR_INVALID_DN_SYNTAX;
977 }
978 FIRST_OP(ldb, rename);
979 ret = module->ops->rename(module, req);
980 break;
981 case LDB_EXTENDED:
982 FIRST_OP(ldb, extended);
983 ret = module->ops->extended(module, req);
984 break;
985 default:
986 FIRST_OP(ldb, request);
987 ret = module->ops->request(module, req);
988 break;
989 }
990
991 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
992 /* if no error string was setup by the backend */
993 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
994 ldb_strerror(ret), ret);
995 }
996
997 return ret;
998 }
999
1000 int ldb_request_done(struct ldb_request *req, int status)
1001 {
1002 req->handle->state = LDB_ASYNC_DONE;
1003 req->handle->status = status;
1004 return status;
1005 }
1006
1007 /*
1008 search the database given a LDAP-like search expression
1009
1010 returns an LDB error code
1011
1012 Use talloc_free to free the ldb_message returned in 'res', if successful
1013
1014 */
1015 int ldb_search_default_callback(struct ldb_request *req,
1016 struct ldb_reply *ares)
1017 {
1018 struct ldb_result *res;
1019 unsigned int n;
1020
1021 res = talloc_get_type(req->context, struct ldb_result);
1022
1023 if (!ares) {
1024 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1025 }
1026 if (ares->error != LDB_SUCCESS) {
1027 return ldb_request_done(req, ares->error);
1028 }
1029
1030 switch (ares->type) {
1031 case LDB_REPLY_ENTRY:
1032 res->msgs = talloc_realloc(res, res->msgs,
1033 struct ldb_message *, res->count + 2);
1034 if (! res->msgs) {
1035 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1036 }
1037
1038 res->msgs[res->count + 1] = NULL;
1039
1040 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1041 res->count++;
1042 break;
1043
1044 case LDB_REPLY_REFERRAL:
1045 if (res->refs) {
1046 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1047 } else {
1048 n = 0;
1049 }
1050
1051 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1052 if (! res->refs) {
1053 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1054 }
1055
1056 res->refs[n] = talloc_move(res->refs, &ares->referral);
1057 res->refs[n + 1] = NULL;
1058 break;
1059
1060 case LDB_REPLY_DONE:
1061 /* TODO: we should really support controls on entries
1062 * and referrals too! */
1063 res->controls = talloc_move(res, &ares->controls);
1064
1065 /* this is the last message, and means the request is done */
1066 /* we have to signal and eventual ldb_wait() waiting that the
1067 * async request operation was completed */
1068 talloc_free(ares);
1069 return ldb_request_done(req, LDB_SUCCESS);
1070 }
1071
1072 talloc_free(ares);
1073
1074 return LDB_SUCCESS;
1075 }
1076
1077 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1078 {
1079 struct ldb_result *res;
1080 unsigned int n;
1081 int ret;
1082
1083 res = talloc_get_type(req->context, struct ldb_result);
1084
1085 if (!ares) {
1086 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1087 }
1088
1089 if (ares->error != LDB_SUCCESS) {
1090 ret = ares->error;
1091 talloc_free(ares);
1092 return ldb_request_done(req, ret);
1093 }
1094
1095 switch (ares->type) {
1096 case LDB_REPLY_REFERRAL:
1097 if (res->refs) {
1098 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1099 } else {
1100 n = 0;
1101 }
1102
1103 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1104 if (! res->refs) {
1105 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1106 }
1107
1108 res->refs[n] = talloc_move(res->refs, &ares->referral);
1109 res->refs[n + 1] = NULL;
1110 break;
1111
1112 case LDB_REPLY_DONE:
1113 talloc_free(ares);
1114 return ldb_request_done(req, LDB_SUCCESS);
1115 default:
1116 talloc_free(ares);
1117 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1118 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1119 }
1120
1121 talloc_free(ares);
1122 return ldb_request_done(req, LDB_SUCCESS);
1123 }
1124
1125 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1126 {
1127 int ret;
1128
1129 if (!ares) {
1130 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1131 }
1132
1133 if (ares->error != LDB_SUCCESS) {
1134 ret = ares->error;
1135 talloc_free(ares);
1136 return ldb_request_done(req, ret);
1137 }
1138
1139 if (ares->type != LDB_REPLY_DONE) {
1140 talloc_free(ares);
1141 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1142 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1143 }
1144
1145 talloc_free(ares);
1146 return ldb_request_done(req, LDB_SUCCESS);
1147 }
1148
1149 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1150 struct ldb_context *ldb,
1151 TALLOC_CTX *mem_ctx,
1152 struct ldb_dn *base,
1153 enum ldb_scope scope,
1154 struct ldb_parse_tree *tree,
1155 const char * const *attrs,
1156 struct ldb_control **controls,
1157 void *context,
1158 ldb_request_callback_t callback,
1159 struct ldb_request *parent)
1160 {
1161 struct ldb_request *req;
1162
1163 *ret_req = NULL;
1164
1165 req = talloc(mem_ctx, struct ldb_request);
1166 if (req == NULL) {
1167 ldb_oom(ldb);
1168 return LDB_ERR_OPERATIONS_ERROR;
1169 }
1170
1171 req->operation = LDB_SEARCH;
1172 if (base == NULL) {
1173 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1174 } else {
1175 req->op.search.base = base;
1176 }
1177 req->op.search.scope = scope;
1178
1179 req->op.search.tree = tree;
1180 if (req->op.search.tree == NULL) {
1181 ldb_set_errstring(ldb, "'tree' can't be NULL");
1182 talloc_free(req);
1183 return LDB_ERR_OPERATIONS_ERROR;
1184 }
1185
1186 req->op.search.attrs = attrs;
1187 req->controls = controls;
1188 req->context = context;
1189 req->callback = callback;
1190
1191 ldb_set_timeout_from_prev_req(ldb, parent, req);
1192
1193 req->handle = ldb_handle_new(req, ldb);
1194 if (req->handle == NULL) {
1195 ldb_oom(ldb);
1196 return LDB_ERR_OPERATIONS_ERROR;
1197 }
1198
1199 if (parent) {
1200 req->handle->nesting++;
1201 req->handle->parent = parent;
1202 req->handle->flags = parent->handle->flags;
1203 req->handle->custom_flags = parent->handle->custom_flags;
1204 }
1205
1206 *ret_req = req;
1207 return LDB_SUCCESS;
1208 }
1209
1210 int ldb_build_search_req(struct ldb_request **ret_req,
1211 struct ldb_context *ldb,
1212 TALLOC_CTX *mem_ctx,
1213 struct ldb_dn *base,
1214 enum ldb_scope scope,
1215 const char *expression,
1216 const char * const *attrs,
1217 struct ldb_control **controls,
1218 void *context,
1219 ldb_request_callback_t callback,
1220 struct ldb_request *parent)
1221 {
1222 struct ldb_parse_tree *tree;
1223 int ret;
1224
1225 tree = ldb_parse_tree(mem_ctx, expression);
1226 if (tree == NULL) {
1227 ldb_set_errstring(ldb, "Unable to parse search expression");
1228 return LDB_ERR_OPERATIONS_ERROR;
1229 }
1230
1231 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1232 scope, tree, attrs, controls,
1233 context, callback, parent);
1234 if (ret == LDB_SUCCESS) {
1235 talloc_steal(*ret_req, tree);
1236 }
1237 return ret;
1238 }
1239
1240 int ldb_build_add_req(struct ldb_request **ret_req,
1241 struct ldb_context *ldb,
1242 TALLOC_CTX *mem_ctx,
1243 const struct ldb_message *message,
1244 struct ldb_control **controls,
1245 void *context,
1246 ldb_request_callback_t callback,
1247 struct ldb_request *parent)
1248 {
1249 struct ldb_request *req;
1250
1251 *ret_req = NULL;
1252
1253 req = talloc(mem_ctx, struct ldb_request);
1254 if (req == NULL) {
1255 ldb_set_errstring(ldb, "Out of Memory");
1256 return LDB_ERR_OPERATIONS_ERROR;
1257 }
1258
1259 req->operation = LDB_ADD;
1260 req->op.add.message = message;
1261 req->controls = controls;
1262 req->context = context;
1263 req->callback = callback;
1264
1265 ldb_set_timeout_from_prev_req(ldb, parent, req);
1266
1267 req->handle = ldb_handle_new(req, ldb);
1268 if (req->handle == NULL) {
1269 ldb_oom(ldb);
1270 return LDB_ERR_OPERATIONS_ERROR;
1271 }
1272
1273 if (parent) {
1274 req->handle->nesting++;
1275 req->handle->parent = parent;
1276 req->handle->flags = parent->handle->flags;
1277 req->handle->custom_flags = parent->handle->custom_flags;
1278 }
1279
1280 *ret_req = req;
1281
1282 return LDB_SUCCESS;
1283 }
1284
1285 int ldb_build_mod_req(struct ldb_request **ret_req,
1286 struct ldb_context *ldb,
1287 TALLOC_CTX *mem_ctx,
1288 const struct ldb_message *message,
1289 struct ldb_control **controls,
1290 void *context,
1291 ldb_request_callback_t callback,
1292 struct ldb_request *parent)
1293 {
1294 struct ldb_request *req;
1295
1296 *ret_req = NULL;
1297
1298 req = talloc(mem_ctx, struct ldb_request);
1299 if (req == NULL) {
1300 ldb_set_errstring(ldb, "Out of Memory");
1301 return LDB_ERR_OPERATIONS_ERROR;
1302 }
1303
1304 req->operation = LDB_MODIFY;
1305 req->op.mod.message = message;
1306 req->controls = controls;
1307 req->context = context;
1308 req->callback = callback;
1309
1310 ldb_set_timeout_from_prev_req(ldb, parent, req);
1311
1312 req->handle = ldb_handle_new(req, ldb);
1313 if (req->handle == NULL) {
1314 ldb_oom(ldb);
1315 return LDB_ERR_OPERATIONS_ERROR;
1316 }
1317
1318 if (parent) {
1319 req->handle->nesting++;
1320 req->handle->parent = parent;
1321 req->handle->flags = parent->handle->flags;
1322 req->handle->custom_flags = parent->handle->custom_flags;
1323 }
1324
1325 *ret_req = req;
1326
1327 return LDB_SUCCESS;
1328 }
1329
1330 int ldb_build_del_req(struct ldb_request **ret_req,
1331 struct ldb_context *ldb,
1332 TALLOC_CTX *mem_ctx,
1333 struct ldb_dn *dn,
1334 struct ldb_control **controls,
1335 void *context,
1336 ldb_request_callback_t callback,
1337 struct ldb_request *parent)
1338 {
1339 struct ldb_request *req;
1340
1341 *ret_req = NULL;
1342
1343 req = talloc(mem_ctx, struct ldb_request);
1344 if (req == NULL) {
1345 ldb_set_errstring(ldb, "Out of Memory");
1346 return LDB_ERR_OPERATIONS_ERROR;
1347 }
1348
1349 req->operation = LDB_DELETE;
1350 req->op.del.dn = dn;
1351 req->controls = controls;
1352 req->context = context;
1353 req->callback = callback;
1354
1355 ldb_set_timeout_from_prev_req(ldb, parent, req);
1356
1357 req->handle = ldb_handle_new(req, ldb);
1358 if (req->handle == NULL) {
1359 ldb_oom(ldb);
1360 return LDB_ERR_OPERATIONS_ERROR;
1361 }
1362
1363 if (parent) {
1364 req->handle->nesting++;
1365 req->handle->parent = parent;
1366 req->handle->flags = parent->handle->flags;
1367 req->handle->custom_flags = parent->handle->custom_flags;
1368 }
1369
1370 *ret_req = req;
1371
1372 return LDB_SUCCESS;
1373 }
1374
1375 int ldb_build_rename_req(struct ldb_request **ret_req,
1376 struct ldb_context *ldb,
1377 TALLOC_CTX *mem_ctx,
1378 struct ldb_dn *olddn,
1379 struct ldb_dn *newdn,
1380 struct ldb_control **controls,
1381 void *context,
1382 ldb_request_callback_t callback,
1383 struct ldb_request *parent)
1384 {
1385 struct ldb_request *req;
1386
1387 *ret_req = NULL;
1388
1389 req = talloc(mem_ctx, struct ldb_request);
1390 if (req == NULL) {
1391 ldb_set_errstring(ldb, "Out of Memory");
1392 return LDB_ERR_OPERATIONS_ERROR;
1393 }
1394
1395 req->operation = LDB_RENAME;
1396 req->op.rename.olddn = olddn;
1397 req->op.rename.newdn = newdn;
1398 req->controls = controls;
1399 req->context = context;
1400 req->callback = callback;
1401
1402 ldb_set_timeout_from_prev_req(ldb, parent, req);
1403
1404 req->handle = ldb_handle_new(req, ldb);
1405 if (req->handle == NULL) {
1406 ldb_oom(ldb);
1407 return LDB_ERR_OPERATIONS_ERROR;
1408 }
1409
1410 if (parent) {
1411 req->handle->nesting++;
1412 req->handle->parent = parent;
1413 req->handle->flags = parent->handle->flags;
1414 req->handle->custom_flags = parent->handle->custom_flags;
1415 }
1416
1417 *ret_req = req;
1418
1419 return LDB_SUCCESS;
1420 }
1421
1422 int ldb_extended_default_callback(struct ldb_request *req,
1423 struct ldb_reply *ares)
1424 {
1425 struct ldb_result *res;
1426
1427 res = talloc_get_type(req->context, struct ldb_result);
1428
1429 if (!ares) {
1430 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1431 }
1432 if (ares->error != LDB_SUCCESS) {
1433 return ldb_request_done(req, ares->error);
1434 }
1435
1436 if (ares->type == LDB_REPLY_DONE) {
1437
1438 /* TODO: we should really support controls on entries and referrals too! */
1439 res->extended = talloc_move(res, &ares->response);
1440 res->controls = talloc_move(res, &ares->controls);
1441
1442 talloc_free(ares);
1443 return ldb_request_done(req, LDB_SUCCESS);
1444 }
1445
1446 talloc_free(ares);
1447 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1448 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1449 }
1450
1451 int ldb_build_extended_req(struct ldb_request **ret_req,
1452 struct ldb_context *ldb,
1453 TALLOC_CTX *mem_ctx,
1454 const char *oid,
1455 void *data,
1456 struct ldb_control **controls,
1457 void *context,
1458 ldb_request_callback_t callback,
1459 struct ldb_request *parent)
1460 {
1461 struct ldb_request *req;
1462
1463 *ret_req = NULL;
1464
1465 req = talloc(mem_ctx, struct ldb_request);
1466 if (req == NULL) {
1467 ldb_set_errstring(ldb, "Out of Memory");
1468 return LDB_ERR_OPERATIONS_ERROR;
1469 }
1470
1471 req->operation = LDB_EXTENDED;
1472 req->op.extended.oid = oid;
1473 req->op.extended.data = data;
1474 req->controls = controls;
1475 req->context = context;
1476 req->callback = callback;
1477
1478 ldb_set_timeout_from_prev_req(ldb, parent, req);
1479
1480 req->handle = ldb_handle_new(req, ldb);
1481 if (req->handle == NULL) {
1482 ldb_oom(ldb);
1483 return LDB_ERR_OPERATIONS_ERROR;
1484 }
1485
1486 if (parent) {
1487 req->handle->nesting++;
1488 req->handle->parent = parent;
1489 req->handle->flags = parent->handle->flags;
1490 req->handle->custom_flags = parent->handle->custom_flags;
1491 }
1492
1493 *ret_req = req;
1494
1495 return LDB_SUCCESS;
1496 }
1497
1498 int ldb_extended(struct ldb_context *ldb,
1499 const char *oid,
1500 void *data,
1501 struct ldb_result **_res)
1502 {
1503 struct ldb_request *req;
1504 int ret;
1505 struct ldb_result *res;
1506
1507 *_res = NULL;
1508 req = NULL;
1509
1510 res = talloc_zero(ldb, struct ldb_result);
1511 if (!res) {
1512 return LDB_ERR_OPERATIONS_ERROR;
1513 }
1514
1515 ret = ldb_build_extended_req(&req, ldb, ldb,
1516 oid, data, NULL,
1517 res, ldb_extended_default_callback,
1518 NULL);
1519 ldb_req_set_location(req, "ldb_extended");
1520
1521 if (ret != LDB_SUCCESS) goto done;
1522
1523 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1524
1525 ret = ldb_request(ldb, req);
1526
1527 if (ret == LDB_SUCCESS) {
1528 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1529 }
1530
1531 done:
1532 if (ret != LDB_SUCCESS) {
1533 talloc_free(res);
1534 res = NULL;
1535 }
1536
1537 talloc_free(req);
1538
1539 *_res = res;
1540 return ret;
1541 }
1542
1543 /*
1544 note that ldb_search() will automatically replace a NULL 'base' value
1545 with the defaultNamingContext from the rootDSE if available.
1546 */
1547 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1548 struct ldb_result **result, struct ldb_dn *base,
1549 enum ldb_scope scope, const char * const *attrs,
1550 const char *exp_fmt, ...)
1551 {
1552 struct ldb_request *req;
1553 struct ldb_result *res;
1554 char *expression;
1555 va_list ap;
1556 int ret;
1557
1558 expression = NULL;
1559 *result = NULL;
1560 req = NULL;
1561
1562 res = talloc_zero(mem_ctx, struct ldb_result);
1563 if (!res) {
1564 return LDB_ERR_OPERATIONS_ERROR;
1565 }
1566
1567 if (exp_fmt) {
1568 va_start(ap, exp_fmt);
1569 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1570 va_end(ap);
1571
1572 if (!expression) {
1573 talloc_free(res);
1574 return LDB_ERR_OPERATIONS_ERROR;
1575 }
1576 }
1577
1578 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1579 base?base:ldb_get_default_basedn(ldb),
1580 scope,
1581 expression,
1582 attrs,
1583 NULL,
1584 res,
1585 ldb_search_default_callback,
1586 NULL);
1587 ldb_req_set_location(req, "ldb_search");
1588
1589 if (ret != LDB_SUCCESS) goto done;
1590
1591 ret = ldb_request(ldb, req);
1592
1593 if (ret == LDB_SUCCESS) {
1594 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1595 }
1596
1597 done:
1598 if (ret != LDB_SUCCESS) {
1599 talloc_free(res);
1600 res = NULL;
1601 }
1602
1603 talloc_free(expression);
1604 talloc_free(req);
1605
1606 *result = res;
1607 return ret;
1608 }
1609
1610 /*
1611 add a record to the database. Will fail if a record with the given class
1612 and key already exists
1613 */
1614 int ldb_add(struct ldb_context *ldb,
1615 const struct ldb_message *message)
1616 {
1617 struct ldb_request *req;
1618 int ret;
1619
1620 ret = ldb_msg_sanity_check(ldb, message);
1621 if (ret != LDB_SUCCESS) {
1622 return ret;
1623 }
1624
1625 ret = ldb_build_add_req(&req, ldb, ldb,
1626 message,
1627 NULL,
1628 NULL,
1629 ldb_op_default_callback,
1630 NULL);
1631 ldb_req_set_location(req, "ldb_add");
1632
1633 if (ret != LDB_SUCCESS) return ret;
1634
1635 /* do request and autostart a transaction */
1636 ret = ldb_autotransaction_request(ldb, req);
1637
1638 talloc_free(req);
1639 return ret;
1640 }
1641
1642 /*
1643 modify the specified attributes of a record
1644 */
1645 int ldb_modify(struct ldb_context *ldb,
1646 const struct ldb_message *message)
1647 {
1648 struct ldb_request *req;
1649 int ret;
1650
1651 ret = ldb_msg_sanity_check(ldb, message);
1652 if (ret != LDB_SUCCESS) {
1653 return ret;
1654 }
1655
1656 ret = ldb_build_mod_req(&req, ldb, ldb,
1657 message,
1658 NULL,
1659 NULL,
1660 ldb_op_default_callback,
1661 NULL);
1662 ldb_req_set_location(req, "ldb_modify");
1663
1664 if (ret != LDB_SUCCESS) return ret;
1665
1666 /* do request and autostart a transaction */
1667 ret = ldb_autotransaction_request(ldb, req);
1668
1669 talloc_free(req);
1670 return ret;
1671 }
1672
1673
1674 /*
1675 delete a record from the database
1676 */
1677 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1678 {
1679 struct ldb_request *req;
1680 int ret;
1681
1682 ret = ldb_build_del_req(&req, ldb, ldb,
1683 dn,
1684 NULL,
1685 NULL,
1686 ldb_op_default_callback,
1687 NULL);
1688 ldb_req_set_location(req, "ldb_delete");
1689
1690 if (ret != LDB_SUCCESS) return ret;
1691
1692 /* do request and autostart a transaction */
1693 ret = ldb_autotransaction_request(ldb, req);
1694
1695 talloc_free(req);
1696 return ret;
1697 }
1698
1699 /*
1700 rename a record in the database
1701 */
1702 int ldb_rename(struct ldb_context *ldb,
1703 struct ldb_dn *olddn, struct ldb_dn *newdn)
1704 {
1705 struct ldb_request *req;
1706 int ret;
1707
1708 ret = ldb_build_rename_req(&req, ldb, ldb,
1709 olddn,
1710 newdn,
1711 NULL,
1712 NULL,
1713 ldb_op_default_callback,
1714 NULL);
1715 ldb_req_set_location(req, "ldb_rename");
1716
1717 if (ret != LDB_SUCCESS) return ret;
1718
1719 /* do request and autostart a transaction */
1720 ret = ldb_autotransaction_request(ldb, req);
1721
1722 talloc_free(req);
1723 return ret;
1724 }
1725
1726
1727 /*
1728 return the global sequence number
1729 */
1730 int ldb_sequence_number(struct ldb_context *ldb,
1731 enum ldb_sequence_type type, uint64_t *seq_num)
1732 {
1733 struct ldb_seqnum_request *seq;
1734 struct ldb_seqnum_result *seqr;
1735 struct ldb_result *res;
1736 TALLOC_CTX *tmp_ctx;
1737 int ret;
1738
1739 *seq_num = 0;
1740
1741 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1742 if (tmp_ctx == NULL) {
1743 ldb_set_errstring(ldb, "Out of Memory");
1744 return LDB_ERR_OPERATIONS_ERROR;
1745 }
1746 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1747 if (seq == NULL) {
1748 ldb_set_errstring(ldb, "Out of Memory");
1749 ret = LDB_ERR_OPERATIONS_ERROR;
1750 goto done;
1751 }
1752 seq->type = type;
1753
1754 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1755 if (ret != LDB_SUCCESS) {
1756 goto done;
1757 }
1758 talloc_steal(tmp_ctx, res);
1759
1760 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1761 ldb_set_errstring(ldb, "Invalid OID in reply");
1762 ret = LDB_ERR_OPERATIONS_ERROR;
1763 goto done;
1764 }
1765 seqr = talloc_get_type(res->extended->data,
1766 struct ldb_seqnum_result);
1767 *seq_num = seqr->seq_num;
1768
1769 done:
1770 talloc_free(tmp_ctx);
1771 return ret;
1772 }
1773
1774 /*
1775 return extended error information
1776 */
1777 const char *ldb_errstring(struct ldb_context *ldb)
1778 {
1779 if (ldb->err_string) {
1780 return ldb->err_string;
1781 }
1782
1783 return NULL;
1784 }
1785
1786 /*
1787 return a string explaining what a ldb error constant meancs
1788 */
1789 const char *ldb_strerror(int ldb_err)
1790 {
1791 switch (ldb_err) {
1792 case LDB_SUCCESS:
1793 return "Success";
1794 case LDB_ERR_OPERATIONS_ERROR:
1795 return "Operations error";
1796 case LDB_ERR_PROTOCOL_ERROR:
1797 return "Protocol error";
1798 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1799 return "Time limit exceeded";
1800 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1801 return "Size limit exceeded";
1802 case LDB_ERR_COMPARE_FALSE:
1803 return "Compare false";
1804 case LDB_ERR_COMPARE_TRUE:
1805 return "Compare true";
1806 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1807 return "Auth method not supported";
1808 case LDB_ERR_STRONG_AUTH_REQUIRED:
1809 return "Strong auth required";
1810 /* 9 RESERVED */
1811 case LDB_ERR_REFERRAL:
1812 return "Referral error";
1813 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1814 return "Admin limit exceeded";
1815 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1816 return "Unsupported critical extension";
1817 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1818 return "Confidentiality required";
1819 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1820 return "SASL bind in progress";
1821 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1822 return "No such attribute";
1823 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1824 return "Undefined attribute type";
1825 case LDB_ERR_INAPPROPRIATE_MATCHING:
1826 return "Inappropriate matching";
1827 case LDB_ERR_CONSTRAINT_VIOLATION:
1828 return "Constraint violation";
1829 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1830 return "Attribute or value exists";
1831 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1832 return "Invalid attribute syntax";
1833 /* 22-31 unused */
1834 case LDB_ERR_NO_SUCH_OBJECT:
1835 return "No such object";
1836 case LDB_ERR_ALIAS_PROBLEM:
1837 return "Alias problem";
1838 case LDB_ERR_INVALID_DN_SYNTAX:
1839 return "Invalid DN syntax";
1840 /* 35 RESERVED */
1841 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1842 return "Alias dereferencing problem";
1843 /* 37-47 unused */
1844 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1845 return "Inappropriate authentication";
1846 case LDB_ERR_INVALID_CREDENTIALS:
1847 return "Invalid credentials";
1848 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1849 return "insufficient access rights";
1850 case LDB_ERR_BUSY:
1851 return "Busy";
1852 case LDB_ERR_UNAVAILABLE:
1853 return "Unavailable";
1854 case LDB_ERR_UNWILLING_TO_PERFORM:
1855 return "Unwilling to perform";
1856 case LDB_ERR_LOOP_DETECT:
1857 return "Loop detect";
1858 /* 55-63 unused */
1859 case LDB_ERR_NAMING_VIOLATION:
1860 return "Naming violation";
1861 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1862 return "Object class violation";
1863 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1864 return "Not allowed on non-leaf";
1865 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1866 return "Not allowed on RDN";
1867 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1868 return "Entry already exists";
1869 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1870 return "Object class mods prohibited";
1871 /* 70 RESERVED FOR CLDAP */
1872 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1873 return "Affects multiple DSAs";
1874 /* 72-79 unused */
1875 case LDB_ERR_OTHER:
1876 return "Other";
1877 }
1878
1879 return "Unknown error";
1880 }
1881
1882 /*
1883 set backend specific opaque parameters
1884 */
1885 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1886 {
1887 struct ldb_opaque *o;
1888
1889 /* allow updating an existing value */
1890 for (o=ldb->opaque;o;o=o->next) {
1891 if (strcmp(o->name, name) == 0) {
1892 o->value = value;
1893 return LDB_SUCCESS;
1894 }
1895 }
1896
1897 o = talloc(ldb, struct ldb_opaque);
1898 if (o == NULL) {
1899 ldb_oom(ldb);
1900 return LDB_ERR_OTHER;
1901 }
1902 o->next = ldb->opaque;
1903 o->name = name;
1904 o->value = value;
1905 ldb->opaque = o;
1906 return LDB_SUCCESS;
1907 }
1908
1909 /*
1910 get a previously set opaque value
1911 */
1912 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1913 {
1914 struct ldb_opaque *o;
1915 for (o=ldb->opaque;o;o=o->next) {
1916 if (strcmp(o->name, name) == 0) {
1917 return o->value;
1918 }
1919 }
1920 return NULL;
1921 }
1922
1923 int ldb_global_init(void)
1924 {
1925 /* Provided for compatibility with some older versions of ldb */
1926 return 0;
1927 }
1928
1929 /* return the ldb flags */
1930 unsigned int ldb_get_flags(struct ldb_context *ldb)
1931 {
1932 return ldb->flags;
1933 }
1934
1935 /* set the ldb flags */
1936 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
1937 {
1938 ldb->flags = flags;
1939 }
1940
1941
1942 /*
1943 set the location in a ldb request. Used for debugging
1944 */
1945 void ldb_req_set_location(struct ldb_request *req, const char *location)
1946 {
1947 if (req && req->handle) {
1948 req->handle->location = location;
1949 }
1950 }
1951
1952 /*
1953 return the location set with dsdb_req_set_location
1954 */
1955 const char *ldb_req_location(struct ldb_request *req)
1956 {
1957 return req->handle->location;
1958 }
1959
1960 /**
1961 mark a request as untrusted. This tells the rootdse module to remove
1962 unregistered controls
1963 */
1964 void ldb_req_mark_untrusted(struct ldb_request *req)
1965 {
1966 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
1967 }
1968
1969 /**
1970 mark a request as trusted.
1971 */
1972 void ldb_req_mark_trusted(struct ldb_request *req)
1973 {
1974 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
1975 }
1976
1977 /**
1978 set custom flags. Those flags are set by applications using ldb,
1979 they are application dependent and the same bit can have different
1980 meaning in different application.
1981 */
1982 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
1983 {
1984 if (req != NULL && req->handle != NULL) {
1985 req->handle->custom_flags = flags;
1986 }
1987 }
1988
1989
1990 /**
1991 get custom flags. Those flags are set by applications using ldb,
1992 they are application dependent and the same bit can have different
1993 meaning in different application.
1994 */
1995 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
1996 {
1997 if (req != NULL && req->handle != NULL) {
1998 return req->handle->custom_flags;
1999 }
2000
2001 /*
2002 * 0 is not something any better or worse than
2003 * anything else as req or the handle is NULL
2004 */
2005 return 0;
2006 }
2007
2008
2009 /**
2010 * return true if a request is untrusted
2011 */
2012 bool ldb_req_is_untrusted(struct ldb_request *req)
2013 {
2014 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
2015 }
Samba GIT mirror