search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-dsdb/samldb: Skip 'sAMAccountType' and 'primaryGroupID' during Tombstone reanimate
[Samba.git] / lib / ldb / common / ldb_modules.c
blob91412a69aee8421ab61d947f4a4afc3b26080203
1 /*
2 ldb database library
3
4 Copyright (C) Simo Sorce 2004-2008
5
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
8 ** under the LGPL
9
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
14
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24 /*
25 * Name: ldb
26 *
27 * Component: ldb modules core
28 *
29 * Description: core modules routines
30 *
31 * Author: Simo Sorce
32 */
33
34 #include "ldb_private.h"
35 #include "dlinklist.h"
36 #include "system/dir.h"
37
38 static char *ldb_modules_strdup_no_spaces(TALLOC_CTX *mem_ctx, const char *string)
39 {
40 size_t i, len;
41 char *trimmed;
42
43 trimmed = talloc_strdup(mem_ctx, string);
44 if (!trimmed) {
45 return NULL;
46 }
47
48 len = strlen(trimmed);
49 for (i = 0; trimmed[i] != '\0'; i++) {
50 switch (trimmed[i]) {
51 case ' ':
52 case '\t':
53 case '\n':
54 memmove(&trimmed[i], &trimmed[i + 1], len -i -1);
55 break;
56 }
57 }
58
59 return trimmed;
60 }
61
62
63 /* modules are called in inverse order on the stack.
64 Lets place them as an admin would think the right order is.
65 Modules order is important */
66 const char **ldb_modules_list_from_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *string)
67 {
68 char **modules = NULL;
69 const char **m;
70 char *modstr, *p;
71 unsigned int i;
72
73 /* spaces not admitted */
74 modstr = ldb_modules_strdup_no_spaces(mem_ctx, string);
75 if ( ! modstr) {
76 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_strdup_no_spaces()");
77 return NULL;
78 }
79
80 modules = talloc_realloc(mem_ctx, modules, char *, 2);
81 if ( ! modules ) {
82 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
83 talloc_free(modstr);
84 return NULL;
85 }
86 talloc_steal(modules, modstr);
87
88 if (modstr[0] == '\0') {
89 modules[0] = NULL;
90 m = discard_const_p(const char *, modules);
91 return m;
92 }
93
94 i = 0;
95 /* The str*r*chr walks backwards: This is how we get the inverse order mentioned above */
96 while ((p = strrchr(modstr, ',')) != NULL) {
97 *p = '\0';
98 p++;
99 modules[i] = p;
100
101 i++;
102 modules = talloc_realloc(mem_ctx, modules, char *, i + 2);
103 if ( ! modules ) {
104 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
105 return NULL;
106 }
107
108 }
109 modules[i] = modstr;
110
111 modules[i + 1] = NULL;
112
113 m = discard_const_p(const char *, modules);
114
115 return m;
116 }
117
118 static struct backends_list_entry {
119 struct ldb_backend_ops *ops;
120 struct backends_list_entry *prev, *next;
121 } *ldb_backends = NULL;
122
123 static struct ops_list_entry {
124 const struct ldb_module_ops *ops;
125 struct ops_list_entry *next;
126 } *registered_modules = NULL;
127
128 static struct backends_list_entry *ldb_find_backend(const char *url_prefix)
129 {
130 struct backends_list_entry *backend;
131
132 for (backend = ldb_backends; backend; backend = backend->next) {
133 if (strcmp(backend->ops->name, url_prefix) == 0) {
134 return backend;
135 }
136 }
137
138 return NULL;
139 }
140
141 /*
142 register a new ldb backend
143
144 if override is true, then override any existing backend for this prefix
145 */
146 int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn, bool override)
147 {
148 struct backends_list_entry *be;
149
150 be = ldb_find_backend(url_prefix);
151 if (be) {
152 if (!override) {
153 return LDB_SUCCESS;
154 }
155 } else {
156 be = talloc_zero(ldb_backends, struct backends_list_entry);
157 if (!be) {
158 return LDB_ERR_OPERATIONS_ERROR;
159 }
160 be->ops = talloc_zero(be, struct ldb_backend_ops);
161 if (!be->ops) {
162 talloc_free(be);
163 return LDB_ERR_OPERATIONS_ERROR;
164 }
165 DLIST_ADD_END(ldb_backends, be, struct backends_list_entry);
166 }
167
168 be->ops->name = url_prefix;
169 be->ops->connect_fn = connectfn;
170
171 return LDB_SUCCESS;
172 }
173
174 /*
175 Return the ldb module form of a database.
176 The URL can either be one of the following forms
177 ldb://path
178 ldapi://path
179
180 flags is made up of LDB_FLG_*
181
182 the options are passed uninterpreted to the backend, and are
183 backend specific.
184
185 This allows modules to get at only the backend module, for example where a
186 module may wish to direct certain requests at a particular backend.
187 */
188 int ldb_module_connect_backend(struct ldb_context *ldb,
189 const char *url,
190 const char *options[],
191 struct ldb_module **backend_module)
192 {
193 int ret;
194 char *backend;
195 struct backends_list_entry *be;
196
197 if (strchr(url, ':') != NULL) {
198 backend = talloc_strndup(ldb, url, strchr(url, ':')-url);
199 } else {
200 /* Default to tdb */
201 backend = talloc_strdup(ldb, "tdb");
202 }
203 if (backend == NULL) {
204 return ldb_oom(ldb);
205 }
206
207 be = ldb_find_backend(backend);
208
209 talloc_free(backend);
210
211 if (be == NULL) {
212 ldb_debug(ldb, LDB_DEBUG_FATAL,
213 "Unable to find backend for '%s' - do you need to set LDB_MODULES_PATH?", url);
214 return LDB_ERR_OTHER;
215 }
216
217 ret = be->ops->connect_fn(ldb, url, ldb->flags, options, backend_module);
218
219 if (ret != LDB_SUCCESS) {
220 ldb_debug(ldb, LDB_DEBUG_ERROR,
221 "Failed to connect to '%s' with backend '%s': %s", url, be->ops->name, ldb_errstring(ldb));
222 return ret;
223 }
224 return ret;
225 }
226
227 static struct ldb_hooks {
228 struct ldb_hooks *next, *prev;
229 ldb_hook_fn hook_fn;
230 } *ldb_hooks;
231
232 /*
233 register a ldb hook function
234 */
235 int ldb_register_hook(ldb_hook_fn hook_fn)
236 {
237 struct ldb_hooks *lc;
238 lc = talloc_zero(ldb_hooks, struct ldb_hooks);
239 if (lc == NULL) {
240 return LDB_ERR_OPERATIONS_ERROR;
241 }
242 lc->hook_fn = hook_fn;
243 DLIST_ADD_END(ldb_hooks, lc, struct ldb_hooks);
244 return LDB_SUCCESS;
245 }
246
247 /*
248 call ldb hooks of a given type
249 */
250 int ldb_modules_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
251 {
252 struct ldb_hooks *lc;
253 for (lc = ldb_hooks; lc; lc=lc->next) {
254 int ret = lc->hook_fn(ldb, t);
255 if (ret != LDB_SUCCESS) {
256 return ret;
257 }
258 }
259 return LDB_SUCCESS;
260 }
261
262
263 static const struct ldb_module_ops *ldb_find_module_ops(const char *name)
264 {
265 struct ops_list_entry *e;
266
267 for (e = registered_modules; e; e = e->next) {
268 if (strcmp(e->ops->name, name) == 0)
269 return e->ops;
270 }
271
272 return NULL;
273 }
274
275
276 int ldb_register_module(const struct ldb_module_ops *ops)
277 {
278 struct ops_list_entry *entry;
279
280 if (ldb_find_module_ops(ops->name) != NULL)
281 return LDB_ERR_ENTRY_ALREADY_EXISTS;
282
283 entry = talloc(talloc_autofree_context(), struct ops_list_entry);
284 if (entry == NULL) {
285 return LDB_ERR_OPERATIONS_ERROR;
286 }
287
288 entry->ops = ops;
289 entry->next = registered_modules;
290 registered_modules = entry;
291
292 return LDB_SUCCESS;
293 }
294
295 /*
296 load a list of modules
297 */
298 int ldb_module_load_list(struct ldb_context *ldb, const char **module_list,
299 struct ldb_module *backend, struct ldb_module **out)
300 {
301 struct ldb_module *module;
302 unsigned int i;
303
304 module = backend;
305
306 for (i = 0; module_list && module_list[i] != NULL; i++) {
307 struct ldb_module *current;
308 const struct ldb_module_ops *ops;
309
310 if (strcmp(module_list[i], "") == 0) {
311 continue;
312 }
313
314 ops = ldb_find_module_ops(module_list[i]);
315
316 if (ops == NULL) {
317 ldb_debug(ldb, LDB_DEBUG_FATAL, "WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?",
318 module_list[i]);
319 return LDB_ERR_OPERATIONS_ERROR;
320 }
321
322 current = talloc_zero(ldb, struct ldb_module);
323 if (current == NULL) {
324 return LDB_ERR_OPERATIONS_ERROR;
325 }
326 talloc_set_name(current, "ldb_module: %s", module_list[i]);
327
328 current->ldb = ldb;
329 current->ops = ops;
330
331 DLIST_ADD(module, current);
332 }
333 *out = module;
334 return LDB_SUCCESS;
335 }
336
337 /*
338 initialise a chain of modules
339 */
340 int ldb_module_init_chain(struct ldb_context *ldb, struct ldb_module *module)
341 {
342 while (module && module->ops->init_context == NULL)
343 module = module->next;
344
345 /* init is different in that it is not an error if modules
346 * do not require initialization */
347
348 if (module) {
349 int ret = module->ops->init_context(module);
350 if (ret != LDB_SUCCESS) {
351 ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed : %s",
352 module->ops->name, ldb_strerror(ret));
353 return ret;
354 }
355 }
356
357 return LDB_SUCCESS;
358 }
359
360 int ldb_load_modules(struct ldb_context *ldb, const char *options[])
361 {
362 const char *modules_string;
363 const char **modules = NULL;
364 int ret;
365 TALLOC_CTX *mem_ctx = talloc_new(ldb);
366 if (!mem_ctx) {
367 return ldb_oom(ldb);
368 }
369
370 /* find out which modules we are requested to activate */
371
372 /* check if we have a custom module list passd as ldb option */
373 if (options) {
374 modules_string = ldb_options_find(ldb, options, "modules");
375 if (modules_string) {
376 modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
377 }
378 }
379
380 /* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
381 if ((modules == NULL) && (strcmp("ldap", ldb->modules->ops->name) != 0)) {
382 const char * const attrs[] = { "@LIST" , NULL};
383 struct ldb_result *res = NULL;
384 struct ldb_dn *mods_dn;
385
386 mods_dn = ldb_dn_new(mem_ctx, ldb, "@MODULES");
387 if (mods_dn == NULL) {
388 talloc_free(mem_ctx);
389 return ldb_oom(ldb);
390 }
391
392 ret = ldb_search(ldb, mods_dn, &res, mods_dn, LDB_SCOPE_BASE, attrs, "@LIST=*");
393
394 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
395 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
396 } else if (ret != LDB_SUCCESS) {
397 ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for modules, bailing out", ldb_errstring(ldb));
398 talloc_free(mem_ctx);
399 return ret;
400 } else {
401 const char *module_list;
402 if (res->count == 0) {
403 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
404 } else if (res->count > 1) {
405 ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found (%u), bailing out", res->count);
406 talloc_free(mem_ctx);
407 return LDB_ERR_OPERATIONS_ERROR;
408 } else {
409 module_list = ldb_msg_find_attr_as_string(res->msgs[0], "@LIST", NULL);
410 if (!module_list) {
411 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
412 }
413 modules = ldb_modules_list_from_string(ldb, mem_ctx,
414 module_list);
415 }
416 }
417
418 talloc_free(mods_dn);
419 }
420
421 if (modules != NULL) {
422 ret = ldb_module_load_list(ldb, modules, ldb->modules, &ldb->modules);
423 if (ret != LDB_SUCCESS) {
424 talloc_free(mem_ctx);
425 return ret;
426 }
427 } else {
428 ldb_debug(ldb, LDB_DEBUG_TRACE, "No modules specified for this database");
429 }
430
431 ret = ldb_module_init_chain(ldb, ldb->modules);
432 talloc_free(mem_ctx);
433 return ret;
434 }
435
436 /*
437 by using this we allow ldb modules to only implement the functions they care about,
438 which makes writing a module simpler, and makes it more likely to keep working
439 when ldb is extended
440 */
441 #define FIND_OP_NOERR(module, op) do { \
442 module = module->next; \
443 while (module && module->ops->op == NULL) module = module->next; \
444 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) { \
445 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_trace_next_request: (%s)->" #op, \
446 module->ops->name); \
447 } \
448 } while (0)
449
450 #define FIND_OP(module, op) do { \
451 struct ldb_context *ldb = module->ldb; \
452 FIND_OP_NOERR(module, op); \
453 if (module == NULL) { \
454 ldb_asprintf_errstring(ldb, "Unable to find backend operation for " #op ); \
455 return LDB_ERR_OPERATIONS_ERROR; \
456 } \
457 } while (0)
458
459
460 struct ldb_module *ldb_module_new(TALLOC_CTX *memctx,
461 struct ldb_context *ldb,
462 const char *module_name,
463 const struct ldb_module_ops *ops)
464 {
465 struct ldb_module *module;
466
467 module = talloc(memctx, struct ldb_module);
468 if (!module) {
469 ldb_oom(ldb);
470 return NULL;
471 }
472 talloc_set_name_const(module, module_name);
473 module->ldb = ldb;
474 module->prev = module->next = NULL;
475 module->ops = ops;
476
477 return module;
478 }
479
480 const char * ldb_module_get_name(struct ldb_module *module)
481 {
482 return module->ops->name;
483 }
484
485 struct ldb_context *ldb_module_get_ctx(struct ldb_module *module)
486 {
487 return module->ldb;
488 }
489
490 const struct ldb_module_ops *ldb_module_get_ops(struct ldb_module *module)
491 {
492 return module->ops;
493 }
494
495 void *ldb_module_get_private(struct ldb_module *module)
496 {
497 return module->private_data;
498 }
499
500 void ldb_module_set_private(struct ldb_module *module, void *private_data)
501 {
502 module->private_data = private_data;
503 }
504
505 /*
506 helper functions to call the next module in chain
507 */
508
509 int ldb_next_request(struct ldb_module *module, struct ldb_request *request)
510 {
511 int ret;
512
513 if (request->callback == NULL) {
514 ldb_set_errstring(module->ldb, "Requests MUST define callbacks");
515 return LDB_ERR_UNWILLING_TO_PERFORM;
516 }
517
518 request->handle->nesting++;
519
520 switch (request->operation) {
521 case LDB_SEARCH:
522 FIND_OP(module, search);
523 ret = module->ops->search(module, request);
524 break;
525 case LDB_ADD:
526 FIND_OP(module, add);
527 ret = module->ops->add(module, request);
528 break;
529 case LDB_MODIFY:
530 FIND_OP(module, modify);
531 ret = module->ops->modify(module, request);
532 break;
533 case LDB_DELETE:
534 FIND_OP(module, del);
535 ret = module->ops->del(module, request);
536 break;
537 case LDB_RENAME:
538 FIND_OP(module, rename);
539 ret = module->ops->rename(module, request);
540 break;
541 case LDB_EXTENDED:
542 FIND_OP(module, extended);
543 ret = module->ops->extended(module, request);
544 break;
545 default:
546 FIND_OP(module, request);
547 ret = module->ops->request(module, request);
548 break;
549 }
550
551 request->handle->nesting--;
552
553 if (ret == LDB_SUCCESS) {
554 return ret;
555 }
556 if (!ldb_errstring(module->ldb)) {
557 const char *op;
558 switch (request->operation) {
559 case LDB_SEARCH:
560 op = "LDB_SEARCH";
561 break;
562 case LDB_ADD:
563 op = "LDB_ADD";
564 break;
565 case LDB_MODIFY:
566 op = "LDB_MODIFY";
567 break;
568 case LDB_DELETE:
569 op = "LDB_DELETE";
570 break;
571 case LDB_RENAME:
572 op = "LDB_RENAME";
573 break;
574 case LDB_EXTENDED:
575 op = "LDB_EXTENDED";
576 break;
577 default:
578 op = "request";
579 break;
580 }
581
582 /* Set a default error string, to place the blame somewhere */
583 ldb_asprintf_errstring(module->ldb, "error in module %s: %s during %s (%d)", module->ops->name, ldb_strerror(ret), op, ret);
584 }
585
586 if (!(request->handle->flags & LDB_HANDLE_FLAG_DONE_CALLED)) {
587 /* It is _extremely_ common that a module returns a
588 * failure without calling ldb_module_done(), but that
589 * guarantees we will end up hanging in
590 * ldb_wait(). This fixes it without having to rewrite
591 * all our modules, and leaves us one less sharp
592 * corner for module developers to cut themselves on
593 */
594 ret = ldb_module_done(request, NULL, NULL, ret);
595 }
596 return ret;
597 }
598
599 int ldb_next_init(struct ldb_module *module)
600 {
601 module = module->next;
602
603 return ldb_module_init_chain(module->ldb, module);
604 }
605
606 int ldb_next_start_trans(struct ldb_module *module)
607 {
608 int ret;
609 FIND_OP(module, start_transaction);
610 ret = module->ops->start_transaction(module);
611 if (ret == LDB_SUCCESS) {
612 return ret;
613 }
614 if (!ldb_errstring(module->ldb)) {
615 /* Set a default error string, to place the blame somewhere */
616 ldb_asprintf_errstring(module->ldb, "start_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
617 }
618 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
619 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_start_trans error: %s",
620 ldb_errstring(module->ldb));
621 }
622 return ret;
623 }
624
625 int ldb_next_end_trans(struct ldb_module *module)
626 {
627 int ret;
628 FIND_OP(module, end_transaction);
629 ret = module->ops->end_transaction(module);
630 if (ret == LDB_SUCCESS) {
631 return ret;
632 }
633 if (!ldb_errstring(module->ldb)) {
634 /* Set a default error string, to place the blame somewhere */
635 ldb_asprintf_errstring(module->ldb, "end_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
636 }
637 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
638 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_end_trans error: %s",
639 ldb_errstring(module->ldb));
640 }
641 return ret;
642 }
643
644 int ldb_next_prepare_commit(struct ldb_module *module)
645 {
646 int ret;
647 FIND_OP_NOERR(module, prepare_commit);
648 if (module == NULL) {
649 /* we are allowed to have no prepare commit in
650 backends */
651 return LDB_SUCCESS;
652 }
653 ret = module->ops->prepare_commit(module);
654 if (ret == LDB_SUCCESS) {
655 return ret;
656 }
657 if (!ldb_errstring(module->ldb)) {
658 /* Set a default error string, to place the blame somewhere */
659 ldb_asprintf_errstring(module->ldb, "prepare_commit error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
660 }
661 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
662 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_prepare_commit error: %s",
663 ldb_errstring(module->ldb));
664 }
665 return ret;
666 }
667
668 int ldb_next_del_trans(struct ldb_module *module)
669 {
670 int ret;
671 FIND_OP(module, del_transaction);
672 ret = module->ops->del_transaction(module);
673 if (ret == LDB_SUCCESS) {
674 return ret;
675 }
676 if (!ldb_errstring(module->ldb)) {
677 /* Set a default error string, to place the blame somewhere */
678 ldb_asprintf_errstring(module->ldb, "del_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
679 }
680 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
681 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_del_trans error: %s",
682 ldb_errstring(module->ldb));
683 }
684 return ret;
685 }
686
687 struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
688 {
689 struct ldb_handle *h;
690
691 h = talloc_zero(mem_ctx, struct ldb_handle);
692 if (h == NULL) {
693 ldb_set_errstring(ldb, "Out of Memory");
694 return NULL;
695 }
696
697 h->status = LDB_SUCCESS;
698 h->state = LDB_ASYNC_INIT;
699 h->ldb = ldb;
700 h->flags = 0;
701 h->location = NULL;
702 h->parent = NULL;
703
704 return h;
705 }
706
707 /* calls the request callback to send an entry
708 *
709 * params:
710 * req: the original request passed to your module
711 * msg: reply message (must be a talloc pointer, and it will be stolen
712 * on the ldb_reply that is sent to the callback)
713 * ctrls: controls to send in the reply (must be a talloc pointer, and it will be stolen
714 * on the ldb_reply that is sent to the callback)
715 */
716
717 int ldb_module_send_entry(struct ldb_request *req,
718 struct ldb_message *msg,
719 struct ldb_control **ctrls)
720 {
721 struct ldb_reply *ares;
722
723 ares = talloc_zero(req, struct ldb_reply);
724 if (!ares) {
725 ldb_oom(req->handle->ldb);
726 req->callback(req, NULL);
727 return LDB_ERR_OPERATIONS_ERROR;
728 }
729 ares->type = LDB_REPLY_ENTRY;
730 ares->message = talloc_steal(ares, msg);
731 ares->controls = talloc_steal(ares, ctrls);
732 ares->error = LDB_SUCCESS;
733
734 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
735 req->handle->nesting == 0) {
736 char *s;
737 struct ldb_ldif ldif;
738
739 ldif.changetype = LDB_CHANGETYPE_NONE;
740 ldif.msg = discard_const_p(struct ldb_message, msg);
741
742 ldb_debug_add(req->handle->ldb, "ldb_trace_response: ENTRY\n");
743
744 /*
745 * The choice to call
746 * ldb_ldif_write_redacted_trace_string() is CRITICAL
747 * for security. It ensures that we do not output
748 * passwords into debug logs
749 */
750
751 s = ldb_ldif_write_redacted_trace_string(req->handle->ldb, msg, &ldif);
752 ldb_debug_add(req->handle->ldb, "%s\n", s);
753 talloc_free(s);
754 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
755 }
756
757 return req->callback(req, ares);
758 }
759
760 /* calls the request callback to send an referrals
761 *
762 * params:
763 * req: the original request passed to your module
764 * ref: referral string (must be a talloc pointer, steal)
765 */
766
767 int ldb_module_send_referral(struct ldb_request *req,
768 char *ref)
769 {
770 struct ldb_reply *ares;
771
772 ares = talloc_zero(req, struct ldb_reply);
773 if (!ares) {
774 ldb_oom(req->handle->ldb);
775 req->callback(req, NULL);
776 return LDB_ERR_OPERATIONS_ERROR;
777 }
778 ares->type = LDB_REPLY_REFERRAL;
779 ares->referral = talloc_steal(ares, ref);
780 ares->error = LDB_SUCCESS;
781
782 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
783 req->handle->nesting == 0) {
784 ldb_debug_add(req->handle->ldb, "ldb_trace_response: REFERRAL\n");
785 ldb_debug_add(req->handle->ldb, "ref: %s\n", ref);
786 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
787 }
788
789 return req->callback(req, ares);
790 }
791
792 /* calls the original request callback
793 *
794 * params:
795 * req: the original request passed to your module
796 * ctrls: controls to send in the reply (must be a talloc pointer, steal)
797 * response: results for extended request (steal)
798 * error: LDB_SUCCESS for a successful return
799 * any other ldb error otherwise
800 */
801 int ldb_module_done(struct ldb_request *req,
802 struct ldb_control **ctrls,
803 struct ldb_extended *response,
804 int error)
805 {
806 struct ldb_reply *ares;
807
808 ares = talloc_zero(req, struct ldb_reply);
809 if (!ares) {
810 ldb_oom(req->handle->ldb);
811 req->callback(req, NULL);
812 return LDB_ERR_OPERATIONS_ERROR;
813 }
814 ares->type = LDB_REPLY_DONE;
815 ares->controls = talloc_steal(ares, ctrls);
816 ares->response = talloc_steal(ares, response);
817 ares->error = error;
818
819 req->handle->flags |= LDB_HANDLE_FLAG_DONE_CALLED;
820
821 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
822 req->handle->nesting == 0) {
823 ldb_debug_add(req->handle->ldb, "ldb_trace_response: DONE\n");
824 ldb_debug_add(req->handle->ldb, "error: %d\n", error);
825 if (ldb_errstring(req->handle->ldb)) {
826 ldb_debug_add(req->handle->ldb, "msg: %s\n",
827 ldb_errstring(req->handle->ldb));
828 }
829 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
830 }
831
832 return req->callback(req, ares);
833 }
834
835 /* to be used *only* in modules init functions.
836 * this function is synchronous and will register
837 * the requested OID in the rootdse module if present
838 * otherwise it will return an error */
839 int ldb_mod_register_control(struct ldb_module *module, const char *oid)
840 {
841 struct ldb_request *req;
842 int ret;
843
844 req = talloc_zero(module, struct ldb_request);
845 if (req == NULL) {
846 return LDB_ERR_OPERATIONS_ERROR;
847 }
848
849 req->operation = LDB_REQ_REGISTER_CONTROL;
850 req->op.reg_control.oid = oid;
851 req->callback = ldb_op_default_callback;
852
853 ldb_set_timeout(module->ldb, req, 0);
854
855 req->handle = ldb_handle_new(req, module->ldb);
856 if (req->handle == NULL) {
857 return LDB_ERR_OPERATIONS_ERROR;
858 }
859
860 ret = ldb_request(module->ldb, req);
861 if (ret == LDB_SUCCESS) {
862 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
863 }
864 talloc_free(req);
865
866 return ret;
867 }
868
869 static int ldb_modules_load_dir(const char *modules_dir, const char *version);
870
871
872 /*
873 load one module. A static list of loaded module inode numbers is
874 used to prevent a module being loaded twice
875
876 dlopen() is used on the module, and dlsym() is then used to look for
877 a ldb_init_module() function. If present, that function is called
878 with the ldb version number as an argument.
879
880 The ldb_init_module() function will typically call
881 ldb_register_module() and ldb_register_backend() to register a
882 module or backend, but it may also be used to register command line
883 handling functions, ldif handlers or any other local
884 modififications.
885
886 The ldb_init_module() function does not get a ldb_context passed in,
887 as modules will be used for multiple ldb context handles. The call
888 from the first ldb_init() is just a convenient way to ensure it is
889 called early enough.
890 */
891 static int ldb_modules_load_path(const char *path, const char *version)
892 {
893 void *handle;
894 int (*init_fn)(const char *);
895 int ret;
896 struct stat st;
897 static struct loaded {
898 struct loaded *next, *prev;
899 ino_t st_ino;
900 dev_t st_dev;
901 } *loaded;
902 struct loaded *le;
903 int dlopen_flags;
904 bool deepbind_enabled = (getenv("LDB_MODULES_DISABLE_DEEPBIND") == NULL);
905
906 ret = stat(path, &st);
907 if (ret != 0) {
908 fprintf(stderr, "ldb: unable to stat module %s : %s\n", path, strerror(errno));
909 return LDB_ERR_UNAVAILABLE;
910 }
911
912 for (le=loaded; le; le=le->next) {
913 if (le->st_ino == st.st_ino &&
914 le->st_dev == st.st_dev) {
915 /* its already loaded */
916 return LDB_SUCCESS;
917 }
918 }
919
920 le = talloc(loaded, struct loaded);
921 if (le == NULL) {
922 fprintf(stderr, "ldb: unable to allocated loaded entry\n");
923 return LDB_ERR_UNAVAILABLE;
924 }
925
926 le->st_ino = st.st_ino;
927 le->st_dev = st.st_dev;
928
929 DLIST_ADD_END(loaded, le, struct loaded);
930
931 /* if it is a directory, recurse */
932 if (S_ISDIR(st.st_mode)) {
933 return ldb_modules_load_dir(path, version);
934 }
935
936 dlopen_flags = RTLD_NOW;
937 #ifdef RTLD_DEEPBIND
938 /*
939 * use deepbind if possible, to avoid issues with different
940 * system library varients, for example ldb modules may be linked
941 * against Heimdal while the application may use MIT kerberos.
942 *
943 * See the dlopen manpage for details.
944 *
945 * One typical user is the bind_dlz module of Samba,
946 * but symbol versioniong might be enough...
947 *
948 * We need a way to disable this in order to allow the
949 * ldb_*ldap modules to work with a preloaded socket wrapper.
950 *
951 * So in future we may remove this completely
952 * or at least invert the default behavior.
953 */
954 if (deepbind_enabled) {
955 dlopen_flags |= RTLD_DEEPBIND;
956 }
957 #endif
958
959 handle = dlopen(path, dlopen_flags);
960 if (handle == NULL) {
961 fprintf(stderr, "ldb: unable to dlopen %s : %s\n", path, dlerror());
962 return LDB_SUCCESS;
963 }
964
965 init_fn = dlsym(handle, "ldb_init_module");
966 if (init_fn == NULL) {
967 /* ignore it, it could be an old-style
968 * module. Once we've converted all modules we
969 * could consider this an error */
970 dlclose(handle);
971 return LDB_SUCCESS;
972 }
973
974 ret = init_fn(version);
975 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
976 /* the module is already registered - ignore this, as
977 * it can happen if LDB_MODULES_PATH points at both
978 * the build and install directory
979 */
980 ret = LDB_SUCCESS;
981 }
982 return ret;
983 }
984
985 static int qsort_string(const char **s1, const char **s2)
986 {
987 return strcmp(*s1, *s2);
988 }
989
990
991 /*
992 load all modules from the given ldb modules directory. This is run once
993 during the first ldb_init() call.
994
995 Modules are loaded in alphabetical order to ensure that any module
996 load ordering dependencies are reproducible. Modules should avoid
997 relying on load order
998 */
999 static int ldb_modules_load_dir(const char *modules_dir, const char *version)
1000 {
1001 DIR *dir;
1002 struct dirent *de;
1003 const char **modlist = NULL;
1004 TALLOC_CTX *tmp_ctx = talloc_new(NULL);
1005 unsigned i, num_modules = 0;
1006
1007 dir = opendir(modules_dir);
1008 if (dir == NULL) {
1009 if (errno == ENOENT) {
1010 talloc_free(tmp_ctx);
1011 /* we don't have any modules */
1012 return LDB_SUCCESS;
1013 }
1014 talloc_free(tmp_ctx);
1015 fprintf(stderr, "ldb: unable to open modules directory '%s' - %s\n",
1016 modules_dir, strerror(errno));
1017 return LDB_ERR_UNAVAILABLE;
1018 }
1019
1020
1021 while ((de = readdir(dir))) {
1022 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name))
1023 continue;
1024
1025 modlist = talloc_realloc(tmp_ctx, modlist, const char *, num_modules+1);
1026 if (modlist == NULL) {
1027 talloc_free(tmp_ctx);
1028 closedir(dir);
1029 fprintf(stderr, "ldb: unable to allocate modules list\n");
1030 return LDB_ERR_UNAVAILABLE;
1031 }
1032 modlist[num_modules] = talloc_asprintf(modlist, "%s/%s", modules_dir, de->d_name);
1033 if (modlist[num_modules] == NULL) {
1034 talloc_free(tmp_ctx);
1035 closedir(dir);
1036 fprintf(stderr, "ldb: unable to allocate module list entry\n");
1037 return LDB_ERR_UNAVAILABLE;
1038 }
1039 num_modules++;
1040 }
1041
1042 closedir(dir);
1043
1044 /* sort the directory, so we get consistent load ordering */
1045 TYPESAFE_QSORT(modlist, num_modules, qsort_string);
1046
1047 for (i=0; i<num_modules; i++) {
1048 int ret = ldb_modules_load_path(modlist[i], version);
1049 if (ret != LDB_SUCCESS) {
1050 fprintf(stderr, "ldb: failed to initialise module %s : %s\n",
1051 modlist[i], ldb_strerror(ret));
1052 talloc_free(tmp_ctx);
1053 return ret;
1054 }
1055 }
1056
1057 talloc_free(tmp_ctx);
1058
1059 return LDB_SUCCESS;
1060 }
1061
1062 /*
1063 load any additional modules from the given directory
1064 */
1065 void ldb_set_modules_dir(struct ldb_context *ldb, const char *path)
1066 {
1067 int ret = ldb_modules_load_path(path, LDB_VERSION);
1068 if (ret != LDB_SUCCESS) {
1069 ldb_asprintf_errstring(ldb, "Failed to load modules from: %s\n", path);
1070 }
1071 }
1072
1073
1074 /*
1075 load all modules static (builtin) modules
1076 */
1077 static int ldb_modules_load_static(const char *version)
1078 {
1079 static bool initialised;
1080 #define _MODULE_PROTO(init) extern int init(const char *);
1081 STATIC_ldb_MODULES_PROTO;
1082 const ldb_module_init_fn static_init_functions[] = { STATIC_ldb_MODULES };
1083 unsigned i;
1084
1085 if (initialised) {
1086 return LDB_SUCCESS;
1087 }
1088 initialised = true;
1089
1090 for (i=0; static_init_functions[i]; i++) {
1091 int ret = static_init_functions[i](version);
1092 if (ret != LDB_SUCCESS) {
1093 return ret;
1094 }
1095 }
1096 return LDB_SUCCESS;
1097 }
1098
1099 /*
1100 load all modules from the given ldb modules path, colon
1101 separated.
1102
1103 modules are loaded recursively for all subdirectories in the paths
1104 */
1105 int ldb_modules_load(const char *modules_path, const char *version)
1106 {
1107 char *tok, *path, *tok_ptr=NULL;
1108 int ret;
1109
1110 ret = ldb_modules_load_static(version);
1111 if (ret != LDB_SUCCESS) {
1112 return ret;
1113 }
1114
1115 path = talloc_strdup(NULL, modules_path);
1116 if (path == NULL) {
1117 fprintf(stderr, "ldb: failed to allocate modules_path\n");
1118 return LDB_ERR_UNAVAILABLE;
1119 }
1120
1121 for (tok=strtok_r(path, ":", &tok_ptr);
1122 tok;
1123 tok=strtok_r(NULL, ":", &tok_ptr)) {
1124 ret = ldb_modules_load_path(tok, version);
1125 if (ret != LDB_SUCCESS) {
1126 talloc_free(path);
1127 return ret;
1128 }
1129 }
1130 talloc_free(path);
1131
1132 return LDB_SUCCESS;
1133 }
1134
1135
1136 /*
1137 return a string representation of the calling chain for the given
1138 ldb request
1139 */
1140 char *ldb_module_call_chain(struct ldb_request *req, TALLOC_CTX *mem_ctx)
1141 {
1142 char *ret;
1143 unsigned int i = 0;
1144
1145 ret = talloc_strdup(mem_ctx, "");
1146 if (ret == NULL) {
1147 return NULL;
1148 }
1149
1150 while (req && req->handle) {
1151 char *s = talloc_asprintf_append_buffer(ret, "req[%u] %p : %s\n",
1152 i++, req, ldb_req_location(req));
1153 if (s == NULL) {
1154 talloc_free(ret);
1155 return NULL;
1156 }
1157 ret = s;
1158 req = req->handle->parent;
1159 }
1160 return ret;
1161 }
1162
1163
1164 /*
1165 return the next module in the chain
1166 */
1167 struct ldb_module *ldb_module_next(struct ldb_module *module)
1168 {
1169 return module->next;
1170 }
1171
1172 /*
1173 set the next module in the module chain
1174 */
1175 void ldb_module_set_next(struct ldb_module *module, struct ldb_module *next)
1176 {
1177 module->next = next;
1178 }
1179
1180
1181 /*
1182 get the popt_options pointer in the ldb structure. This allows a ldb
1183 module to change the command line parsing
1184 */
1185 struct poptOption **ldb_module_popt_options(struct ldb_context *ldb)
1186 {
1187 return &ldb->popt_options;
1188 }
1189
1190
1191 /*
1192 return the current ldb flags LDB_FLG_*
1193 */
1194 uint32_t ldb_module_flags(struct ldb_context *ldb)
1195 {
1196 return ldb->flags;
1197 }
Samba GIT mirror