4 Copyright (C) Simo Sorce 2004-2008
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb modules core
29 * Description: core modules routines
34 #include "ldb_private.h"
35 #include "dlinklist.h"
36 #include "system/dir.h"
38 static char *ldb_modules_strdup_no_spaces(TALLOC_CTX
*mem_ctx
, const char *string
)
43 trimmed
= talloc_strdup(mem_ctx
, string
);
48 len
= strlen(trimmed
);
49 for (i
= 0; trimmed
[i
] != '\0'; i
++) {
54 memmove(&trimmed
[i
], &trimmed
[i
+ 1], len
-i
-1);
63 /* modules are called in inverse order on the stack.
64 Lets place them as an admin would think the right order is.
65 Modules order is important */
66 const char **ldb_modules_list_from_string(struct ldb_context
*ldb
, TALLOC_CTX
*mem_ctx
, const char *string
)
68 char **modules
= NULL
;
73 /* spaces not admitted */
74 modstr
= ldb_modules_strdup_no_spaces(mem_ctx
, string
);
76 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "Out of Memory in ldb_modules_strdup_no_spaces()");
80 modules
= talloc_realloc(mem_ctx
, modules
, char *, 2);
82 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "Out of Memory in ldb_modules_list_from_string()");
86 talloc_steal(modules
, modstr
);
88 if (modstr
[0] == '\0') {
90 m
= discard_const_p(const char *, modules
);
95 /* The str*r*chr walks backwards: This is how we get the inverse order mentioned above */
96 while ((p
= strrchr(modstr
, ',')) != NULL
) {
102 modules
= talloc_realloc(mem_ctx
, modules
, char *, i
+ 2);
104 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "Out of Memory in ldb_modules_list_from_string()");
111 modules
[i
+ 1] = NULL
;
113 m
= discard_const_p(const char *, modules
);
118 static struct backends_list_entry
{
119 struct ldb_backend_ops
*ops
;
120 struct backends_list_entry
*prev
, *next
;
121 } *ldb_backends
= NULL
;
123 static struct ops_list_entry
{
124 const struct ldb_module_ops
*ops
;
125 struct ops_list_entry
*next
;
126 } *registered_modules
= NULL
;
128 static struct backends_list_entry
*ldb_find_backend(const char *url_prefix
)
130 struct backends_list_entry
*backend
;
132 for (backend
= ldb_backends
; backend
; backend
= backend
->next
) {
133 if (strcmp(backend
->ops
->name
, url_prefix
) == 0) {
142 register a new ldb backend
144 if override is true, then override any existing backend for this prefix
146 int ldb_register_backend(const char *url_prefix
, ldb_connect_fn connectfn
, bool override
)
148 struct backends_list_entry
*be
;
150 be
= ldb_find_backend(url_prefix
);
156 be
= talloc_zero(ldb_backends
, struct backends_list_entry
);
158 return LDB_ERR_OPERATIONS_ERROR
;
160 be
->ops
= talloc_zero(be
, struct ldb_backend_ops
);
163 return LDB_ERR_OPERATIONS_ERROR
;
165 DLIST_ADD_END(ldb_backends
, be
);
168 be
->ops
->name
= url_prefix
;
169 be
->ops
->connect_fn
= connectfn
;
175 Return the ldb module form of a database.
176 The URL can either be one of the following forms
180 flags is made up of LDB_FLG_*
182 the options are passed uninterpreted to the backend, and are
185 This allows modules to get at only the backend module, for example where a
186 module may wish to direct certain requests at a particular backend.
188 int ldb_module_connect_backend(struct ldb_context
*ldb
,
190 const char *options
[],
191 struct ldb_module
**backend_module
)
195 struct backends_list_entry
*be
;
197 if (strchr(url
, ':') != NULL
) {
198 backend
= talloc_strndup(ldb
, url
, strchr(url
, ':')-url
);
201 backend
= talloc_strdup(ldb
, "tdb");
203 if (backend
== NULL
) {
207 be
= ldb_find_backend(backend
);
209 talloc_free(backend
);
212 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
213 "Unable to find backend for '%s' - do you need to set LDB_MODULES_PATH?", url
);
214 return LDB_ERR_OTHER
;
217 ret
= be
->ops
->connect_fn(ldb
, url
, ldb
->flags
, options
, backend_module
);
219 if (ret
!= LDB_SUCCESS
) {
220 ldb_debug(ldb
, LDB_DEBUG_ERROR
,
221 "Failed to connect to '%s' with backend '%s': %s", url
, be
->ops
->name
, ldb_errstring(ldb
));
227 static struct ldb_hooks
{
228 struct ldb_hooks
*next
, *prev
;
233 register a ldb hook function
235 int ldb_register_hook(ldb_hook_fn hook_fn
)
237 struct ldb_hooks
*lc
;
238 lc
= talloc_zero(ldb_hooks
, struct ldb_hooks
);
240 return LDB_ERR_OPERATIONS_ERROR
;
242 lc
->hook_fn
= hook_fn
;
243 DLIST_ADD_END(ldb_hooks
, lc
);
248 call ldb hooks of a given type
250 int ldb_modules_hook(struct ldb_context
*ldb
, enum ldb_module_hook_type t
)
252 struct ldb_hooks
*lc
;
253 for (lc
= ldb_hooks
; lc
; lc
=lc
->next
) {
254 int ret
= lc
->hook_fn(ldb
, t
);
255 if (ret
!= LDB_SUCCESS
) {
263 static const struct ldb_module_ops
*ldb_find_module_ops(const char *name
)
265 struct ops_list_entry
*e
;
267 for (e
= registered_modules
; e
; e
= e
->next
) {
268 if (strcmp(e
->ops
->name
, name
) == 0)
276 int ldb_register_module(const struct ldb_module_ops
*ops
)
278 struct ops_list_entry
*entry
;
280 if (ldb_find_module_ops(ops
->name
) != NULL
)
281 return LDB_ERR_ENTRY_ALREADY_EXISTS
;
283 entry
= talloc(talloc_autofree_context(), struct ops_list_entry
);
285 return LDB_ERR_OPERATIONS_ERROR
;
289 entry
->next
= registered_modules
;
290 registered_modules
= entry
;
296 load a list of modules
298 int ldb_module_load_list(struct ldb_context
*ldb
, const char **module_list
,
299 struct ldb_module
*backend
, struct ldb_module
**out
)
301 struct ldb_module
*module
;
306 for (i
= 0; module_list
&& module_list
[i
] != NULL
; i
++) {
307 struct ldb_module
*current
;
308 const struct ldb_module_ops
*ops
;
310 if (strcmp(module_list
[i
], "") == 0) {
314 ops
= ldb_find_module_ops(module_list
[i
]);
317 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?",
319 return LDB_ERR_OPERATIONS_ERROR
;
322 current
= talloc_zero(ldb
, struct ldb_module
);
323 if (current
== NULL
) {
324 return LDB_ERR_OPERATIONS_ERROR
;
326 talloc_set_name(current
, "ldb_module: %s", module_list
[i
]);
331 DLIST_ADD(module
, current
);
338 initialise a chain of modules
340 int ldb_module_init_chain(struct ldb_context
*ldb
, struct ldb_module
*module
)
342 while (module
&& module
->ops
->init_context
== NULL
)
343 module
= module
->next
;
345 /* init is different in that it is not an error if modules
346 * do not require initialization */
349 int ret
= module
->ops
->init_context(module
);
350 if (ret
!= LDB_SUCCESS
) {
351 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "module %s initialization failed : %s",
352 module
->ops
->name
, ldb_strerror(ret
));
360 int ldb_load_modules(struct ldb_context
*ldb
, const char *options
[])
362 const char *modules_string
;
363 const char **modules
= NULL
;
365 TALLOC_CTX
*mem_ctx
= talloc_new(ldb
);
370 /* find out which modules we are requested to activate */
372 /* check if we have a custom module list passd as ldb option */
374 modules_string
= ldb_options_find(ldb
, options
, "modules");
375 if (modules_string
) {
376 modules
= ldb_modules_list_from_string(ldb
, mem_ctx
, modules_string
);
380 /* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
381 if ((modules
== NULL
) && (strcmp("ldap", ldb
->modules
->ops
->name
) != 0)) {
382 const char * const attrs
[] = { "@LIST" , NULL
};
383 struct ldb_result
*res
= NULL
;
384 struct ldb_dn
*mods_dn
;
386 mods_dn
= ldb_dn_new(mem_ctx
, ldb
, "@MODULES");
387 if (mods_dn
== NULL
) {
388 talloc_free(mem_ctx
);
392 ret
= ldb_search(ldb
, mods_dn
, &res
, mods_dn
, LDB_SCOPE_BASE
, attrs
, "@LIST=*");
394 if (ret
== LDB_ERR_NO_SUCH_OBJECT
) {
395 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "no modules required by the db");
396 } else if (ret
!= LDB_SUCCESS
) {
397 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "ldb error (%s) occurred searching for modules, bailing out", ldb_errstring(ldb
));
398 talloc_free(mem_ctx
);
401 const char *module_list
;
402 if (res
->count
== 0) {
403 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "no modules required by the db");
404 } else if (res
->count
> 1) {
405 ldb_debug(ldb
, LDB_DEBUG_FATAL
, "Too many records found (%u), bailing out", res
->count
);
406 talloc_free(mem_ctx
);
407 return LDB_ERR_OPERATIONS_ERROR
;
409 module_list
= ldb_msg_find_attr_as_string(res
->msgs
[0], "@LIST", NULL
);
411 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "no modules required by the db");
413 modules
= ldb_modules_list_from_string(ldb
, mem_ctx
,
418 talloc_free(mods_dn
);
421 if (modules
!= NULL
) {
422 ret
= ldb_module_load_list(ldb
, modules
, ldb
->modules
, &ldb
->modules
);
423 if (ret
!= LDB_SUCCESS
) {
424 talloc_free(mem_ctx
);
428 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "No modules specified for this database");
431 ret
= ldb_module_init_chain(ldb
, ldb
->modules
);
432 talloc_free(mem_ctx
);
437 by using this we allow ldb modules to only implement the functions they care about,
438 which makes writing a module simpler, and makes it more likely to keep working
441 #define FIND_OP_NOERR(module, op) do { \
442 module = module->next; \
443 while (module && module->ops->op == NULL) module = module->next; \
444 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) { \
445 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_trace_next_request: (%s)->" #op, \
446 module->ops->name); \
450 #define FIND_OP(module, op) do { \
451 struct ldb_context *ldb = module->ldb; \
452 FIND_OP_NOERR(module, op); \
453 if (module == NULL) { \
454 ldb_asprintf_errstring(ldb, "Unable to find backend operation for " #op ); \
455 return LDB_ERR_OPERATIONS_ERROR; \
460 struct ldb_module
*ldb_module_new(TALLOC_CTX
*memctx
,
461 struct ldb_context
*ldb
,
462 const char *module_name
,
463 const struct ldb_module_ops
*ops
)
465 struct ldb_module
*module
;
467 module
= talloc(memctx
, struct ldb_module
);
472 talloc_set_name_const(module
, module_name
);
474 module
->prev
= module
->next
= NULL
;
480 const char * ldb_module_get_name(struct ldb_module
*module
)
482 return module
->ops
->name
;
485 struct ldb_context
*ldb_module_get_ctx(struct ldb_module
*module
)
490 const struct ldb_module_ops
*ldb_module_get_ops(struct ldb_module
*module
)
495 void *ldb_module_get_private(struct ldb_module
*module
)
497 return module
->private_data
;
500 void ldb_module_set_private(struct ldb_module
*module
, void *private_data
)
502 module
->private_data
= private_data
;
506 helper functions to call the next module in chain
509 int ldb_next_request(struct ldb_module
*module
, struct ldb_request
*request
)
513 if (request
->callback
== NULL
) {
514 ldb_set_errstring(module
->ldb
, "Requests MUST define callbacks");
515 return LDB_ERR_UNWILLING_TO_PERFORM
;
518 request
->handle
->nesting
++;
520 switch (request
->operation
) {
522 FIND_OP(module
, search
);
523 ret
= module
->ops
->search(module
, request
);
526 FIND_OP(module
, add
);
527 ret
= module
->ops
->add(module
, request
);
530 FIND_OP(module
, modify
);
531 ret
= module
->ops
->modify(module
, request
);
534 FIND_OP(module
, del
);
535 ret
= module
->ops
->del(module
, request
);
538 FIND_OP(module
, rename
);
539 ret
= module
->ops
->rename(module
, request
);
542 FIND_OP(module
, extended
);
543 ret
= module
->ops
->extended(module
, request
);
546 FIND_OP(module
, request
);
547 ret
= module
->ops
->request(module
, request
);
551 request
->handle
->nesting
--;
553 if (ret
== LDB_SUCCESS
) {
556 if (!ldb_errstring(module
->ldb
)) {
558 switch (request
->operation
) {
582 /* Set a default error string, to place the blame somewhere */
583 ldb_asprintf_errstring(module
->ldb
, "error in module %s: %s during %s (%d)", module
->ops
->name
, ldb_strerror(ret
), op
, ret
);
586 if (!(request
->handle
->flags
& LDB_HANDLE_FLAG_DONE_CALLED
)) {
587 /* It is _extremely_ common that a module returns a
588 * failure without calling ldb_module_done(), but that
589 * guarantees we will end up hanging in
590 * ldb_wait(). This fixes it without having to rewrite
591 * all our modules, and leaves us one less sharp
592 * corner for module developers to cut themselves on
594 ret
= ldb_module_done(request
, NULL
, NULL
, ret
);
599 int ldb_next_init(struct ldb_module
*module
)
601 module
= module
->next
;
603 return ldb_module_init_chain(module
->ldb
, module
);
606 int ldb_next_start_trans(struct ldb_module
*module
)
609 FIND_OP(module
, start_transaction
);
610 ret
= module
->ops
->start_transaction(module
);
611 if (ret
== LDB_SUCCESS
) {
614 if (!ldb_errstring(module
->ldb
)) {
615 /* Set a default error string, to place the blame somewhere */
616 ldb_asprintf_errstring(module
->ldb
, "start_trans error in module %s: %s (%d)", module
->ops
->name
, ldb_strerror(ret
), ret
);
618 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
619 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "ldb_next_start_trans error: %s",
620 ldb_errstring(module
->ldb
));
625 int ldb_next_end_trans(struct ldb_module
*module
)
628 FIND_OP(module
, end_transaction
);
629 ret
= module
->ops
->end_transaction(module
);
630 if (ret
== LDB_SUCCESS
) {
633 if (!ldb_errstring(module
->ldb
)) {
634 /* Set a default error string, to place the blame somewhere */
635 ldb_asprintf_errstring(module
->ldb
, "end_trans error in module %s: %s (%d)", module
->ops
->name
, ldb_strerror(ret
), ret
);
637 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
638 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "ldb_next_end_trans error: %s",
639 ldb_errstring(module
->ldb
));
644 int ldb_next_read_lock(struct ldb_module
*module
)
647 FIND_OP(module
, read_lock
);
648 ret
= module
->ops
->read_lock(module
);
649 if (ret
== LDB_SUCCESS
) {
652 if (!ldb_errstring(module
->ldb
)) {
653 /* Set a default error string, to place the blame somewhere */
654 ldb_asprintf_errstring(module
->ldb
,
655 "read_lock error in module %s: %s (%d)",
656 module
->ops
->name
, ldb_strerror(ret
),
659 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
660 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
,
661 "ldb_next_read_lock error: %s",
662 ldb_errstring(module
->ldb
));
667 int ldb_next_read_unlock(struct ldb_module
*module
)
670 FIND_OP(module
, read_unlock
);
671 ret
= module
->ops
->read_unlock(module
);
672 if (ret
== LDB_SUCCESS
) {
675 if (!ldb_errstring(module
->ldb
)) {
676 /* Set a default error string, to place the blame somewhere */
677 ldb_asprintf_errstring(module
->ldb
,
678 "read_unlock error in module %s: %s (%d)",
679 module
->ops
->name
, ldb_strerror(ret
),
682 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
683 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
,
684 "ldb_next_read_unlock error: %s",
685 ldb_errstring(module
->ldb
));
690 int ldb_next_prepare_commit(struct ldb_module
*module
)
693 FIND_OP_NOERR(module
, prepare_commit
);
694 if (module
== NULL
) {
695 /* we are allowed to have no prepare commit in
699 ret
= module
->ops
->prepare_commit(module
);
700 if (ret
== LDB_SUCCESS
) {
703 if (!ldb_errstring(module
->ldb
)) {
704 /* Set a default error string, to place the blame somewhere */
705 ldb_asprintf_errstring(module
->ldb
, "prepare_commit error in module %s: %s (%d)", module
->ops
->name
, ldb_strerror(ret
), ret
);
707 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
708 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "ldb_next_prepare_commit error: %s",
709 ldb_errstring(module
->ldb
));
714 int ldb_next_del_trans(struct ldb_module
*module
)
717 FIND_OP(module
, del_transaction
);
718 ret
= module
->ops
->del_transaction(module
);
719 if (ret
== LDB_SUCCESS
) {
722 if (!ldb_errstring(module
->ldb
)) {
723 /* Set a default error string, to place the blame somewhere */
724 ldb_asprintf_errstring(module
->ldb
, "del_trans error in module %s: %s (%d)", module
->ops
->name
, ldb_strerror(ret
), ret
);
726 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
727 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "ldb_next_del_trans error: %s",
728 ldb_errstring(module
->ldb
));
733 /* calls the request callback to send an entry
736 * req: the original request passed to your module
737 * msg: reply message (must be a talloc pointer, and it will be stolen
738 * on the ldb_reply that is sent to the callback)
739 * ctrls: controls to send in the reply (must be a talloc pointer, and it will be stolen
740 * on the ldb_reply that is sent to the callback)
743 int ldb_module_send_entry(struct ldb_request
*req
,
744 struct ldb_message
*msg
,
745 struct ldb_control
**ctrls
)
747 struct ldb_reply
*ares
;
749 ares
= talloc_zero(req
, struct ldb_reply
);
751 ldb_oom(req
->handle
->ldb
);
752 req
->callback(req
, NULL
);
753 return LDB_ERR_OPERATIONS_ERROR
;
755 ares
->type
= LDB_REPLY_ENTRY
;
756 ares
->message
= talloc_steal(ares
, msg
);
757 ares
->controls
= talloc_steal(ares
, ctrls
);
758 ares
->error
= LDB_SUCCESS
;
760 if ((req
->handle
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
) &&
761 req
->handle
->nesting
== 0) {
763 struct ldb_ldif ldif
;
765 ldif
.changetype
= LDB_CHANGETYPE_NONE
;
766 ldif
.msg
= discard_const_p(struct ldb_message
, msg
);
768 ldb_debug_add(req
->handle
->ldb
, "ldb_trace_response: ENTRY\n");
772 * ldb_ldif_write_redacted_trace_string() is CRITICAL
773 * for security. It ensures that we do not output
774 * passwords into debug logs
777 s
= ldb_ldif_write_redacted_trace_string(req
->handle
->ldb
, msg
, &ldif
);
778 ldb_debug_add(req
->handle
->ldb
, "%s\n", s
);
780 ldb_debug_end(req
->handle
->ldb
, LDB_DEBUG_TRACE
);
783 return req
->callback(req
, ares
);
786 /* calls the request callback to send an referrals
789 * req: the original request passed to your module
790 * ref: referral string (must be a talloc pointer, steal)
793 int ldb_module_send_referral(struct ldb_request
*req
,
796 struct ldb_reply
*ares
;
798 ares
= talloc_zero(req
, struct ldb_reply
);
800 ldb_oom(req
->handle
->ldb
);
801 req
->callback(req
, NULL
);
802 return LDB_ERR_OPERATIONS_ERROR
;
804 ares
->type
= LDB_REPLY_REFERRAL
;
805 ares
->referral
= talloc_steal(ares
, ref
);
806 ares
->error
= LDB_SUCCESS
;
808 if ((req
->handle
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
) &&
809 req
->handle
->nesting
== 0) {
810 ldb_debug_add(req
->handle
->ldb
, "ldb_trace_response: REFERRAL\n");
811 ldb_debug_add(req
->handle
->ldb
, "ref: %s\n", ref
);
812 ldb_debug_end(req
->handle
->ldb
, LDB_DEBUG_TRACE
);
815 return req
->callback(req
, ares
);
818 /* calls the original request callback
821 * req: the original request passed to your module
822 * ctrls: controls to send in the reply (must be a talloc pointer, steal)
823 * response: results for extended request (steal)
824 * error: LDB_SUCCESS for a successful return
825 * any other ldb error otherwise
827 int ldb_module_done(struct ldb_request
*req
,
828 struct ldb_control
**ctrls
,
829 struct ldb_extended
*response
,
832 struct ldb_reply
*ares
;
834 ares
= talloc_zero(req
, struct ldb_reply
);
836 ldb_oom(req
->handle
->ldb
);
837 req
->callback(req
, NULL
);
838 return LDB_ERR_OPERATIONS_ERROR
;
840 ares
->type
= LDB_REPLY_DONE
;
841 ares
->controls
= talloc_steal(ares
, ctrls
);
842 ares
->response
= talloc_steal(ares
, response
);
845 req
->handle
->flags
|= LDB_HANDLE_FLAG_DONE_CALLED
;
847 if ((req
->handle
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
) &&
848 req
->handle
->nesting
== 0) {
849 ldb_debug_add(req
->handle
->ldb
, "ldb_trace_response: DONE\n");
850 ldb_debug_add(req
->handle
->ldb
, "error: %d\n", error
);
851 if (ldb_errstring(req
->handle
->ldb
)) {
852 ldb_debug_add(req
->handle
->ldb
, "msg: %s\n",
853 ldb_errstring(req
->handle
->ldb
));
855 ldb_debug_end(req
->handle
->ldb
, LDB_DEBUG_TRACE
);
858 return req
->callback(req
, ares
);
861 /* to be used *only* in modules init functions.
862 * this function is synchronous and will register
863 * the requested OID in the rootdse module if present
864 * otherwise it will return an error */
865 int ldb_mod_register_control(struct ldb_module
*module
, const char *oid
)
867 struct ldb_request
*req
;
870 req
= talloc_zero(module
, struct ldb_request
);
872 return LDB_ERR_OPERATIONS_ERROR
;
875 req
->operation
= LDB_REQ_REGISTER_CONTROL
;
876 req
->op
.reg_control
.oid
= oid
;
877 req
->callback
= ldb_op_default_callback
;
879 ldb_set_timeout(module
->ldb
, req
, 0);
881 req
->handle
= ldb_handle_new(req
, module
->ldb
);
882 if (req
->handle
== NULL
) {
883 return LDB_ERR_OPERATIONS_ERROR
;
886 ret
= ldb_request(module
->ldb
, req
);
887 if (ret
== LDB_SUCCESS
) {
888 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
895 static int ldb_modules_load_dir(const char *modules_dir
, const char *version
);
899 load one module. A static list of loaded module inode numbers is
900 used to prevent a module being loaded twice
902 dlopen() is used on the module, and dlsym() is then used to look for
903 a ldb_init_module() function. If present, that function is called
904 with the ldb version number as an argument.
906 The ldb_init_module() function will typically call
907 ldb_register_module() and ldb_register_backend() to register a
908 module or backend, but it may also be used to register command line
909 handling functions, ldif handlers or any other local
912 The ldb_init_module() function does not get a ldb_context passed in,
913 as modules will be used for multiple ldb context handles. The call
914 from the first ldb_init() is just a convenient way to ensure it is
917 static int ldb_modules_load_path(const char *path
, const char *version
)
920 int (*init_fn
)(const char *);
923 static struct loaded
{
924 struct loaded
*next
, *prev
;
932 bool deepbind_enabled
= (getenv("LDB_MODULES_DISABLE_DEEPBIND") == NULL
);
935 ret
= stat(path
, &st
);
937 fprintf(stderr
, "ldb: unable to stat module %s : %s\n", path
, strerror(errno
));
938 return LDB_ERR_UNAVAILABLE
;
941 for (le
=loaded
; le
; le
=le
->next
) {
942 if (le
->st_ino
== st
.st_ino
&&
943 le
->st_dev
== st
.st_dev
) {
944 /* its already loaded */
949 le
= talloc(loaded
, struct loaded
);
951 fprintf(stderr
, "ldb: unable to allocated loaded entry\n");
952 return LDB_ERR_UNAVAILABLE
;
955 le
->st_ino
= st
.st_ino
;
956 le
->st_dev
= st
.st_dev
;
958 DLIST_ADD_END(loaded
, le
);
960 /* if it is a directory, recurse */
961 if (S_ISDIR(st
.st_mode
)) {
962 return ldb_modules_load_dir(path
, version
);
965 dlopen_flags
= RTLD_NOW
;
968 * use deepbind if possible, to avoid issues with different
969 * system library variants, for example ldb modules may be linked
970 * against Heimdal while the application may use MIT kerberos.
972 * See the dlopen manpage for details.
974 * One typical user is the bind_dlz module of Samba,
975 * but symbol versioning might be enough...
977 * We need a way to disable this in order to allow the
978 * ldb_*ldap modules to work with a preloaded socket wrapper.
980 * So in future we may remove this completely
981 * or at least invert the default behavior.
983 if (deepbind_enabled
) {
984 dlopen_flags
|= RTLD_DEEPBIND
;
988 handle
= dlopen(path
, dlopen_flags
);
989 if (handle
== NULL
) {
990 fprintf(stderr
, "ldb: unable to dlopen %s : %s\n", path
, dlerror());
994 init_fn
= dlsym(handle
, "ldb_init_module");
995 if (init_fn
== NULL
) {
996 /* ignore it, it could be an old-style
997 * module. Once we've converted all modules we
998 * could consider this an error */
1003 ret
= init_fn(version
);
1004 if (ret
== LDB_ERR_ENTRY_ALREADY_EXISTS
) {
1005 /* the module is already registered - ignore this, as
1006 * it can happen if LDB_MODULES_PATH points at both
1007 * the build and install directory
1014 static int qsort_string(const char **s1
, const char **s2
)
1016 return strcmp(*s1
, *s2
);
1021 load all modules from the given ldb modules directory. This is run once
1022 during the first ldb_init() call.
1024 Modules are loaded in alphabetical order to ensure that any module
1025 load ordering dependencies are reproducible. Modules should avoid
1026 relying on load order
1028 static int ldb_modules_load_dir(const char *modules_dir
, const char *version
)
1032 const char **modlist
= NULL
;
1033 TALLOC_CTX
*tmp_ctx
= talloc_new(NULL
);
1034 unsigned i
, num_modules
= 0;
1036 dir
= opendir(modules_dir
);
1038 if (errno
== ENOENT
) {
1039 talloc_free(tmp_ctx
);
1040 /* we don't have any modules */
1043 talloc_free(tmp_ctx
);
1044 fprintf(stderr
, "ldb: unable to open modules directory '%s' - %s\n",
1045 modules_dir
, strerror(errno
));
1046 return LDB_ERR_UNAVAILABLE
;
1050 while ((de
= readdir(dir
))) {
1051 if (ISDOT(de
->d_name
) || ISDOTDOT(de
->d_name
))
1054 modlist
= talloc_realloc(tmp_ctx
, modlist
, const char *, num_modules
+1);
1055 if (modlist
== NULL
) {
1056 talloc_free(tmp_ctx
);
1058 fprintf(stderr
, "ldb: unable to allocate modules list\n");
1059 return LDB_ERR_UNAVAILABLE
;
1061 modlist
[num_modules
] = talloc_asprintf(modlist
, "%s/%s", modules_dir
, de
->d_name
);
1062 if (modlist
[num_modules
] == NULL
) {
1063 talloc_free(tmp_ctx
);
1065 fprintf(stderr
, "ldb: unable to allocate module list entry\n");
1066 return LDB_ERR_UNAVAILABLE
;
1073 /* sort the directory, so we get consistent load ordering */
1074 TYPESAFE_QSORT(modlist
, num_modules
, qsort_string
);
1076 for (i
=0; i
<num_modules
; i
++) {
1077 int ret
= ldb_modules_load_path(modlist
[i
], version
);
1078 if (ret
!= LDB_SUCCESS
) {
1079 fprintf(stderr
, "ldb: failed to initialise module %s : %s\n",
1080 modlist
[i
], ldb_strerror(ret
));
1081 talloc_free(tmp_ctx
);
1086 talloc_free(tmp_ctx
);
1092 load any additional modules from the given directory
1094 void ldb_set_modules_dir(struct ldb_context
*ldb
, const char *path
)
1096 int ret
= ldb_modules_load_path(path
, LDB_VERSION
);
1097 if (ret
!= LDB_SUCCESS
) {
1098 ldb_asprintf_errstring(ldb
, "Failed to load modules from: %s\n", path
);
1104 load all modules static (builtin) modules
1106 static int ldb_modules_load_static(const char *version
)
1108 static bool initialised
;
1109 #define _MODULE_PROTO(init) extern int init(const char *);
1110 STATIC_ldb_MODULES_PROTO
;
1111 const ldb_module_init_fn static_init_functions
[] = { STATIC_ldb_MODULES
};
1119 for (i
=0; static_init_functions
[i
]; i
++) {
1120 int ret
= static_init_functions
[i
](version
);
1121 if (ret
!= LDB_SUCCESS
) {
1129 load all modules from the given ldb modules path, colon
1132 modules are loaded recursively for all subdirectories in the paths
1134 int ldb_modules_load(const char *modules_path
, const char *version
)
1136 char *tok
, *path
, *tok_ptr
=NULL
;
1139 ret
= ldb_modules_load_static(version
);
1140 if (ret
!= LDB_SUCCESS
) {
1144 path
= talloc_strdup(NULL
, modules_path
);
1146 fprintf(stderr
, "ldb: failed to allocate modules_path\n");
1147 return LDB_ERR_UNAVAILABLE
;
1150 for (tok
=strtok_r(path
, ":", &tok_ptr
);
1152 tok
=strtok_r(NULL
, ":", &tok_ptr
)) {
1153 ret
= ldb_modules_load_path(tok
, version
);
1154 if (ret
!= LDB_SUCCESS
) {
1166 return a string representation of the calling chain for the given
1169 char *ldb_module_call_chain(struct ldb_request
*req
, TALLOC_CTX
*mem_ctx
)
1174 ret
= talloc_strdup(mem_ctx
, "");
1179 while (req
&& req
->handle
) {
1180 char *s
= talloc_asprintf_append_buffer(ret
, "req[%u] %p : %s\n",
1181 i
++, req
, ldb_req_location(req
));
1187 req
= req
->handle
->parent
;
1194 return the next module in the chain
1196 struct ldb_module
*ldb_module_next(struct ldb_module
*module
)
1198 return module
->next
;
1202 set the next module in the module chain
1204 void ldb_module_set_next(struct ldb_module
*module
, struct ldb_module
*next
)
1206 module
->next
= next
;
1211 get the popt_options pointer in the ldb structure. This allows a ldb
1212 module to change the command line parsing
1214 struct poptOption
**ldb_module_popt_options(struct ldb_context
*ldb
)
1216 return &ldb
->popt_options
;
1221 return the current ldb flags LDB_FLG_*
1223 uint32_t ldb_module_flags(struct ldb_context
*ldb
)