4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb core API
30 * Description: core API routines interfacing to ldb backends
32 * Author: Andrew Tridgell
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
39 static int ldb_context_destructor(void *ptr
)
41 struct ldb_context
*ldb
= talloc_get_type(ptr
, struct ldb_context
);
43 if (ldb
->transaction_active
) {
44 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb
, (const char *)ldb_get_opaque(ldb
, "ldb_url"));
53 this is used to catch debug messages from events
55 static void ldb_tevent_debug(void *context
, enum tevent_debug_level level
,
56 const char *fmt
, va_list ap
) PRINTF_ATTRIBUTE(3,0);
58 static void ldb_tevent_debug(void *context
, enum tevent_debug_level level
,
59 const char *fmt
, va_list ap
)
61 struct ldb_context
*ldb
= talloc_get_type(context
, struct ldb_context
);
62 enum ldb_debug_level ldb_level
= LDB_DEBUG_FATAL
;
65 case TEVENT_DEBUG_FATAL
:
66 ldb_level
= LDB_DEBUG_FATAL
;
68 case TEVENT_DEBUG_ERROR
:
69 ldb_level
= LDB_DEBUG_ERROR
;
71 case TEVENT_DEBUG_WARNING
:
72 ldb_level
= LDB_DEBUG_WARNING
;
74 case TEVENT_DEBUG_TRACE
:
75 ldb_level
= LDB_DEBUG_TRACE
;
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
82 ldb_vdebug(ldb
, ldb_level
, fmt
, ap
);
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
90 struct ldb_context
*ldb_init(TALLOC_CTX
*mem_ctx
, struct tevent_context
*ev_ctx
)
92 struct ldb_context
*ldb
;
94 const char *modules_path
= getenv("LDB_MODULES_PATH");
96 if (modules_path
== NULL
) {
97 modules_path
= LDB_MODULESDIR
;
100 ret
= ldb_modules_load(modules_path
, LDB_VERSION
);
101 if (ret
!= LDB_SUCCESS
) {
105 ldb
= talloc_zero(mem_ctx
, struct ldb_context
);
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx
== NULL
) {
114 ev_ctx
= tevent_context_init(ldb
);
115 if (ev_ctx
== NULL
) {
119 tevent_set_debug(ev_ctx
, ldb_tevent_debug
, ldb
);
120 tevent_loop_allow_nesting(ev_ctx
);
123 ret
= ldb_setup_wellknown_attributes(ldb
);
124 if (ret
!= LDB_SUCCESS
) {
129 ldb_set_utf8_default(ldb
);
130 ldb_set_create_perms(ldb
, 0666);
131 ldb_set_modules_dir(ldb
, LDB_MODULESDIR
);
132 ldb_set_event_context(ldb
, ev_ctx
);
134 /* TODO: get timeout from options if available there */
135 ldb
->default_timeout
= 300; /* set default to 5 minutes */
137 talloc_set_destructor((TALLOC_CTX
*)ldb
, ldb_context_destructor
);
143 try to autodetect a basedn if none specified. This fixes one of my
144 pet hates about ldapsearch, which is that you have to get a long,
145 complex basedn right to make any use of it.
147 void ldb_set_default_dns(struct ldb_context
*ldb
)
151 struct ldb_result
*res
;
152 struct ldb_dn
*tmp_dn
=NULL
;
153 static const char *attrs
[] = {
154 "rootDomainNamingContext",
155 "configurationNamingContext",
156 "schemaNamingContext",
157 "defaultNamingContext",
161 tmp_ctx
= talloc_new(ldb
);
162 ret
= ldb_search(ldb
, tmp_ctx
, &res
, ldb_dn_new(tmp_ctx
, ldb
, NULL
),
163 LDB_SCOPE_BASE
, attrs
, "(objectClass=*)");
164 if (ret
!= LDB_SUCCESS
) {
165 talloc_free(tmp_ctx
);
169 if (res
->count
!= 1) {
170 talloc_free(tmp_ctx
);
174 if (!ldb_get_opaque(ldb
, "rootDomainNamingContext")) {
175 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
176 "rootDomainNamingContext");
177 ldb_set_opaque(ldb
, "rootDomainNamingContext", tmp_dn
);
180 if (!ldb_get_opaque(ldb
, "configurationNamingContext")) {
181 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
182 "configurationNamingContext");
183 ldb_set_opaque(ldb
, "configurationNamingContext", tmp_dn
);
186 if (!ldb_get_opaque(ldb
, "schemaNamingContext")) {
187 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
188 "schemaNamingContext");
189 ldb_set_opaque(ldb
, "schemaNamingContext", tmp_dn
);
192 if (!ldb_get_opaque(ldb
, "defaultNamingContext")) {
193 tmp_dn
= ldb_msg_find_attr_as_dn(ldb
, ldb
, res
->msgs
[0],
194 "defaultNamingContext");
195 ldb_set_opaque(ldb
, "defaultNamingContext", tmp_dn
);
198 talloc_free(tmp_ctx
);
201 struct ldb_dn
*ldb_get_root_basedn(struct ldb_context
*ldb
)
203 void *opaque
= ldb_get_opaque(ldb
, "rootDomainNamingContext");
204 return talloc_get_type(opaque
, struct ldb_dn
);
207 struct ldb_dn
*ldb_get_config_basedn(struct ldb_context
*ldb
)
209 void *opaque
= ldb_get_opaque(ldb
, "configurationNamingContext");
210 return talloc_get_type(opaque
, struct ldb_dn
);
213 struct ldb_dn
*ldb_get_schema_basedn(struct ldb_context
*ldb
)
215 void *opaque
= ldb_get_opaque(ldb
, "schemaNamingContext");
216 return talloc_get_type(opaque
, struct ldb_dn
);
219 struct ldb_dn
*ldb_get_default_basedn(struct ldb_context
*ldb
)
221 void *opaque
= ldb_get_opaque(ldb
, "defaultNamingContext");
222 return talloc_get_type(opaque
, struct ldb_dn
);
226 connect to a database. The URL can either be one of the following forms
230 flags is made up of LDB_FLG_*
232 the options are passed uninterpreted to the backend, and are
235 int ldb_connect(struct ldb_context
*ldb
, const char *url
,
236 unsigned int flags
, const char *options
[])
240 /* We seem to need to do this here, or else some utilities don't
241 * get ldb backends */
245 url2
= talloc_strdup(ldb
, url
);
248 return LDB_ERR_OPERATIONS_ERROR
;
250 ret
= ldb_set_opaque(ldb
, "ldb_url", url2
);
251 if (ret
!= LDB_SUCCESS
) {
255 ret
= ldb_module_connect_backend(ldb
, url
, options
, &ldb
->modules
);
256 if (ret
!= LDB_SUCCESS
) {
260 if (ldb_load_modules(ldb
, options
) != LDB_SUCCESS
) {
261 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
262 "Unable to load modules for %s: %s",
263 url
, ldb_errstring(ldb
));
264 return LDB_ERR_OTHER
;
267 /* set the default base dn */
268 ldb_set_default_dns(ldb
);
273 void ldb_set_errstring(struct ldb_context
*ldb
, const char *err_string
)
275 ldb_asprintf_errstring(ldb
, "%s", err_string
);
278 void ldb_asprintf_errstring(struct ldb_context
*ldb
, const char *format
, ...)
282 if (ldb
->err_string
) {
283 talloc_free(ldb
->err_string
);
286 va_start(ap
, format
);
287 ldb
->err_string
= talloc_vasprintf(ldb
, format
, ap
);
290 if (ldb
->flags
& LDB_FLG_ENABLE_TRACING
) {
291 ldb_debug(ldb
, LDB_DEBUG_TRACE
, "ldb_asprintf/set_errstring: %s",
296 void ldb_reset_err_string(struct ldb_context
*ldb
)
298 if (ldb
->err_string
) {
299 talloc_free(ldb
->err_string
);
300 ldb
->err_string
= NULL
;
307 set an ldb error based on file:line
309 int ldb_error_at(struct ldb_context
*ldb
, int ecode
,
310 const char *reason
, const char *file
, int line
)
312 if (reason
== NULL
) {
313 reason
= ldb_strerror(ecode
);
315 ldb_asprintf_errstring(ldb
, "%s at %s:%d", reason
, file
, line
);
320 #define FIRST_OP_NOERR(ldb, op) do { \
321 module = ldb->modules; \
322 while (module && module->ops->op == NULL) module = module->next; \
323 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
324 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
325 module->ops->name); \
329 #define FIRST_OP(ldb, op) do { \
330 FIRST_OP_NOERR(ldb, op); \
331 if (module == NULL) { \
332 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
333 return LDB_ERR_OPERATIONS_ERROR; \
341 int ldb_transaction_start(struct ldb_context
*ldb
)
343 struct ldb_module
*module
;
346 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
347 "start ldb transaction (nesting: %d)",
348 ldb
->transaction_active
);
350 /* explicit transaction active, count nested requests */
351 if (ldb
->transaction_active
) {
352 ldb
->transaction_active
++;
356 /* start a new transaction */
357 ldb
->transaction_active
++;
358 ldb
->prepare_commit_done
= false;
360 FIRST_OP(ldb
, start_transaction
);
362 ldb_reset_err_string(ldb
);
364 status
= module
->ops
->start_transaction(module
);
365 if (status
!= LDB_SUCCESS
) {
366 if (ldb
->err_string
== NULL
) {
367 /* no error string was setup by the backend */
368 ldb_asprintf_errstring(ldb
,
369 "ldb transaction start: %s (%d)",
370 ldb_strerror(status
),
374 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
375 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "start ldb transaction error: %s",
376 ldb_errstring(module
->ldb
));
382 prepare for transaction commit (first phase of two phase commit)
384 int ldb_transaction_prepare_commit(struct ldb_context
*ldb
)
386 struct ldb_module
*module
;
389 if (ldb
->prepare_commit_done
) {
393 /* commit only when all nested transactions are complete */
394 if (ldb
->transaction_active
> 1) {
398 ldb
->prepare_commit_done
= true;
400 if (ldb
->transaction_active
< 0) {
401 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
402 "prepare commit called but no ldb transactions are active!");
403 ldb
->transaction_active
= 0;
404 return LDB_ERR_OPERATIONS_ERROR
;
407 /* call prepare transaction if available */
408 FIRST_OP_NOERR(ldb
, prepare_commit
);
409 if (module
== NULL
) {
413 status
= module
->ops
->prepare_commit(module
);
414 if (status
!= LDB_SUCCESS
) {
415 ldb
->transaction_active
--;
416 /* if a module fails the prepare then we need
417 to call the end transaction for everyone */
418 FIRST_OP(ldb
, del_transaction
);
419 module
->ops
->del_transaction(module
);
420 if (ldb
->err_string
== NULL
) {
421 /* no error string was setup by the backend */
422 ldb_asprintf_errstring(ldb
,
423 "ldb transaction prepare commit: %s (%d)",
424 ldb_strerror(status
),
427 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
428 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "prepare commit transaction error: %s",
429 ldb_errstring(module
->ldb
));
440 int ldb_transaction_commit(struct ldb_context
*ldb
)
442 struct ldb_module
*module
;
445 status
= ldb_transaction_prepare_commit(ldb
);
446 if (status
!= LDB_SUCCESS
) {
450 ldb
->transaction_active
--;
452 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
453 "commit ldb transaction (nesting: %d)",
454 ldb
->transaction_active
);
456 /* commit only when all nested transactions are complete */
457 if (ldb
->transaction_active
> 0) {
461 if (ldb
->transaction_active
< 0) {
462 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
463 "commit called but no ldb transactions are active!");
464 ldb
->transaction_active
= 0;
465 return LDB_ERR_OPERATIONS_ERROR
;
468 ldb_reset_err_string(ldb
);
470 FIRST_OP(ldb
, end_transaction
);
471 status
= module
->ops
->end_transaction(module
);
472 if (status
!= LDB_SUCCESS
) {
473 if (ldb
->err_string
== NULL
) {
474 /* no error string was setup by the backend */
475 ldb_asprintf_errstring(ldb
,
476 "ldb transaction commit: %s (%d)",
477 ldb_strerror(status
),
480 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
481 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "commit ldb transaction error: %s",
482 ldb_errstring(module
->ldb
));
484 /* cancel the transaction */
485 FIRST_OP(ldb
, del_transaction
);
486 module
->ops
->del_transaction(module
);
495 int ldb_transaction_cancel(struct ldb_context
*ldb
)
497 struct ldb_module
*module
;
500 ldb
->transaction_active
--;
502 ldb_debug(ldb
, LDB_DEBUG_TRACE
,
503 "cancel ldb transaction (nesting: %d)",
504 ldb
->transaction_active
);
506 /* really cancel only if all nested transactions are complete */
507 if (ldb
->transaction_active
> 0) {
511 if (ldb
->transaction_active
< 0) {
512 ldb_debug(ldb
, LDB_DEBUG_FATAL
,
513 "cancel called but no ldb transactions are active!");
514 ldb
->transaction_active
= 0;
515 return LDB_ERR_OPERATIONS_ERROR
;
518 FIRST_OP(ldb
, del_transaction
);
520 status
= module
->ops
->del_transaction(module
);
521 if (status
!= LDB_SUCCESS
) {
522 if (ldb
->err_string
== NULL
) {
523 /* no error string was setup by the backend */
524 ldb_asprintf_errstring(ldb
,
525 "ldb transaction cancel: %s (%d)",
526 ldb_strerror(status
),
529 if ((module
&& module
->ldb
->flags
& LDB_FLG_ENABLE_TRACING
)) {
530 ldb_debug(module
->ldb
, LDB_DEBUG_TRACE
, "cancel ldb transaction error: %s",
531 ldb_errstring(module
->ldb
));
538 cancel a transaction with no error if no transaction is pending
539 used when we fork() to clear any parent transactions
541 int ldb_transaction_cancel_noerr(struct ldb_context
*ldb
)
543 if (ldb
->transaction_active
> 0) {
544 return ldb_transaction_cancel(ldb
);
550 /* autostarts a transaction if none active */
551 static int ldb_autotransaction_request(struct ldb_context
*ldb
,
552 struct ldb_request
*req
)
556 ret
= ldb_transaction_start(ldb
);
557 if (ret
!= LDB_SUCCESS
) {
561 ret
= ldb_request(ldb
, req
);
562 if (ret
== LDB_SUCCESS
) {
563 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
566 if (ret
== LDB_SUCCESS
) {
567 return ldb_transaction_commit(ldb
);
569 ldb_transaction_cancel(ldb
);
574 int ldb_wait(struct ldb_handle
*handle
, enum ldb_wait_type type
)
576 struct tevent_context
*ev
;
579 if (handle
== NULL
) {
580 return LDB_ERR_UNAVAILABLE
;
583 if (handle
->state
== LDB_ASYNC_DONE
) {
584 if ((handle
->status
!= LDB_SUCCESS
) &&
585 (handle
->ldb
->err_string
== NULL
)) {
586 /* if no error string was setup by the backend */
587 ldb_asprintf_errstring(handle
->ldb
, "ldb_wait: %s (%d)",
588 ldb_strerror(handle
->status
),
591 return handle
->status
;
594 ev
= ldb_get_event_context(handle
->ldb
);
596 return ldb_oom(handle
->ldb
);
601 ret
= tevent_loop_once(ev
);
603 return ldb_operr(handle
->ldb
);
605 if (handle
->status
!= LDB_SUCCESS
) {
606 if (handle
->ldb
->err_string
== NULL
) {
608 * if no error string was setup by the backend
610 ldb_asprintf_errstring(handle
->ldb
,
612 ldb_strerror(handle
->status
),
615 return handle
->status
;
620 while (handle
->state
!= LDB_ASYNC_DONE
) {
621 ret
= tevent_loop_once(ev
);
623 return ldb_operr(handle
->ldb
);
625 if (handle
->status
!= LDB_SUCCESS
) {
626 if (handle
->ldb
->err_string
== NULL
) {
628 * if no error string was setup by the
631 ldb_asprintf_errstring(handle
->ldb
,
633 ldb_strerror(handle
->status
),
636 return handle
->status
;
639 if (handle
->status
!= LDB_SUCCESS
) {
640 if (handle
->ldb
->err_string
== NULL
) {
642 * if no error string was setup by the backend
644 ldb_asprintf_errstring(handle
->ldb
,
646 ldb_strerror(handle
->status
),
649 return handle
->status
;
657 /* set the specified timeout or, if timeout is 0 set the default timeout */
658 int ldb_set_timeout(struct ldb_context
*ldb
,
659 struct ldb_request
*req
,
662 if (req
== NULL
) return LDB_ERR_OPERATIONS_ERROR
;
665 req
->timeout
= timeout
;
667 req
->timeout
= ldb
->default_timeout
;
669 req
->starttime
= time(NULL
);
674 /* calculates the new timeout based on the previous starttime and timeout */
675 int ldb_set_timeout_from_prev_req(struct ldb_context
*ldb
,
676 struct ldb_request
*oldreq
,
677 struct ldb_request
*newreq
)
679 if (newreq
== NULL
) return LDB_ERR_OPERATIONS_ERROR
;
681 if (oldreq
== NULL
) {
682 return ldb_set_timeout(ldb
, newreq
, 0);
685 newreq
->starttime
= oldreq
->starttime
;
686 newreq
->timeout
= oldreq
->timeout
;
693 set the permissions for new files to be passed to open() in
694 backends that use local files
696 void ldb_set_create_perms(struct ldb_context
*ldb
, unsigned int perms
)
698 ldb
->create_perms
= perms
;
701 unsigned int ldb_get_create_perms(struct ldb_context
*ldb
)
703 return ldb
->create_perms
;
706 void ldb_set_event_context(struct ldb_context
*ldb
, struct tevent_context
*ev
)
711 struct tevent_context
* ldb_get_event_context(struct ldb_context
*ldb
)
716 void ldb_request_set_state(struct ldb_request
*req
, int state
)
718 req
->handle
->state
= state
;
721 int ldb_request_get_status(struct ldb_request
*req
)
723 return req
->handle
->status
;
730 static void ldb_trace_request(struct ldb_context
*ldb
, struct ldb_request
*req
)
732 TALLOC_CTX
*tmp_ctx
= talloc_new(req
);
734 struct ldb_ldif ldif
;
736 switch (req
->operation
) {
738 ldb_debug_add(ldb
, "ldb_trace_request: SEARCH\n");
739 ldb_debug_add(ldb
, " dn: %s\n",
740 ldb_dn_is_null(req
->op
.search
.base
)?"<rootDSE>":
741 ldb_dn_get_linearized(req
->op
.search
.base
));
742 ldb_debug_add(ldb
, " scope: %s\n",
743 req
->op
.search
.scope
==LDB_SCOPE_BASE
?"base":
744 req
->op
.search
.scope
==LDB_SCOPE_ONELEVEL
?"one":
745 req
->op
.search
.scope
==LDB_SCOPE_SUBTREE
?"sub":"UNKNOWN");
746 ldb_debug_add(ldb
, " expr: %s\n",
747 ldb_filter_from_tree(tmp_ctx
, req
->op
.search
.tree
));
748 if (req
->op
.search
.attrs
== NULL
) {
749 ldb_debug_add(ldb
, " attr: <ALL>\n");
751 for (i
=0; req
->op
.search
.attrs
[i
]; i
++) {
752 ldb_debug_add(ldb
, " attr: %s\n", req
->op
.search
.attrs
[i
]);
757 ldb_debug_add(ldb
, "ldb_trace_request: DELETE\n");
758 ldb_debug_add(ldb
, " dn: %s\n",
759 ldb_dn_get_linearized(req
->op
.del
.dn
));
762 ldb_debug_add(ldb
, "ldb_trace_request: RENAME\n");
763 ldb_debug_add(ldb
, " olddn: %s\n",
764 ldb_dn_get_linearized(req
->op
.rename
.olddn
));
765 ldb_debug_add(ldb
, " newdn: %s\n",
766 ldb_dn_get_linearized(req
->op
.rename
.newdn
));
769 ldb_debug_add(ldb
, "ldb_trace_request: EXTENDED\n");
770 ldb_debug_add(ldb
, " oid: %s\n", req
->op
.extended
.oid
);
771 ldb_debug_add(ldb
, " data: %s\n", req
->op
.extended
.data
?"yes":"no");
774 ldif
.changetype
= LDB_CHANGETYPE_ADD
;
775 ldif
.msg
= discard_const_p(struct ldb_message
, req
->op
.add
.message
);
777 ldb_debug_add(ldb
, "ldb_trace_request: ADD\n");
781 * ldb_ldif_write_redacted_trace_string() is CRITICAL
782 * for security. It ensures that we do not output
783 * passwords into debug logs
786 ldb_debug_add(req
->handle
->ldb
, "%s\n",
787 ldb_ldif_write_redacted_trace_string(req
->handle
->ldb
, tmp_ctx
, &ldif
));
790 ldif
.changetype
= LDB_CHANGETYPE_MODIFY
;
791 ldif
.msg
= discard_const_p(struct ldb_message
, req
->op
.mod
.message
);
793 ldb_debug_add(ldb
, "ldb_trace_request: MODIFY\n");
797 * ldb_ldif_write_redacted_trace_string() is CRITICAL
798 * for security. It ensures that we do not output
799 * passwords into debug logs
802 ldb_debug_add(req
->handle
->ldb
, "%s\n",
803 ldb_ldif_write_redacted_trace_string(req
->handle
->ldb
, tmp_ctx
, &ldif
));
805 case LDB_REQ_REGISTER_CONTROL
:
806 ldb_debug_add(ldb
, "ldb_trace_request: REGISTER_CONTROL\n");
807 ldb_debug_add(req
->handle
->ldb
, "%s\n",
808 req
->op
.reg_control
.oid
);
810 case LDB_REQ_REGISTER_PARTITION
:
811 ldb_debug_add(ldb
, "ldb_trace_request: REGISTER_PARTITION\n");
812 ldb_debug_add(req
->handle
->ldb
, "%s\n",
813 ldb_dn_get_linearized(req
->op
.reg_partition
.dn
));
816 ldb_debug_add(ldb
, "ldb_trace_request: UNKNOWN(%u)\n",
821 if (req
->controls
== NULL
) {
822 ldb_debug_add(ldb
, " control: <NONE>\n");
824 for (i
=0; req
->controls
&& req
->controls
[i
]; i
++) {
825 if (req
->controls
[i
]->oid
) {
826 ldb_debug_add(ldb
, " control: %s crit:%u data:%s\n",
827 req
->controls
[i
]->oid
,
828 req
->controls
[i
]->critical
,
829 req
->controls
[i
]->data
?"yes":"no");
834 ldb_debug_end(ldb
, LDB_DEBUG_TRACE
);
836 talloc_free(tmp_ctx
);
840 check that the element flags don't have any internal bits set
842 static int ldb_msg_check_element_flags(struct ldb_context
*ldb
,
843 const struct ldb_message
*message
)
846 for (i
=0; i
<message
->num_elements
; i
++) {
847 if (message
->elements
[i
].flags
& LDB_FLAG_INTERNAL_MASK
) {
848 ldb_asprintf_errstring(ldb
, "Invalid element flags 0x%08x on element %s in %s\n",
849 message
->elements
[i
].flags
, message
->elements
[i
].name
,
850 ldb_dn_get_linearized(message
->dn
));
851 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION
;
860 NOTE: the request must be a talloc context.
861 returns LDB_ERR_* on errors.
863 int ldb_request(struct ldb_context
*ldb
, struct ldb_request
*req
)
865 struct ldb_module
*module
;
868 if (req
->callback
== NULL
) {
869 ldb_set_errstring(ldb
, "Requests MUST define callbacks");
870 return LDB_ERR_UNWILLING_TO_PERFORM
;
873 ldb_reset_err_string(ldb
);
875 if (ldb
->flags
& LDB_FLG_ENABLE_TRACING
) {
876 ldb_trace_request(ldb
, req
);
879 /* call the first module in the chain */
880 switch (req
->operation
) {
882 /* due to "ldb_build_search_req" base DN always != NULL */
883 if (!ldb_dn_validate(req
->op
.search
.base
)) {
884 ldb_asprintf_errstring(ldb
, "ldb_search: invalid basedn '%s'",
885 ldb_dn_get_linearized(req
->op
.search
.base
));
886 return LDB_ERR_INVALID_DN_SYNTAX
;
888 FIRST_OP(ldb
, search
);
889 ret
= module
->ops
->search(module
, req
);
892 if (!ldb_dn_validate(req
->op
.add
.message
->dn
)) {
893 ldb_asprintf_errstring(ldb
, "ldb_add: invalid dn '%s'",
894 ldb_dn_get_linearized(req
->op
.add
.message
->dn
));
895 return LDB_ERR_INVALID_DN_SYNTAX
;
898 * we have to normalize here, as so many places
899 * in modules and backends assume we don't have two
900 * elements with the same name
902 ret
= ldb_msg_normalize(ldb
, req
, req
->op
.add
.message
,
903 discard_const(&req
->op
.add
.message
));
904 if (ret
!= LDB_SUCCESS
) {
909 ret
= ldb_msg_check_element_flags(ldb
, req
->op
.add
.message
);
910 if (ret
!= LDB_SUCCESS
) {
912 * "ldb_msg_check_element_flags" generates an error
917 ret
= module
->ops
->add(module
, req
);
920 if (!ldb_dn_validate(req
->op
.mod
.message
->dn
)) {
921 ldb_asprintf_errstring(ldb
, "ldb_modify: invalid dn '%s'",
922 ldb_dn_get_linearized(req
->op
.mod
.message
->dn
));
923 return LDB_ERR_INVALID_DN_SYNTAX
;
925 FIRST_OP(ldb
, modify
);
926 ret
= ldb_msg_check_element_flags(ldb
, req
->op
.mod
.message
);
927 if (ret
!= LDB_SUCCESS
) {
929 * "ldb_msg_check_element_flags" generates an error
934 ret
= module
->ops
->modify(module
, req
);
937 if (!ldb_dn_validate(req
->op
.del
.dn
)) {
938 ldb_asprintf_errstring(ldb
, "ldb_delete: invalid dn '%s'",
939 ldb_dn_get_linearized(req
->op
.del
.dn
));
940 return LDB_ERR_INVALID_DN_SYNTAX
;
943 ret
= module
->ops
->del(module
, req
);
946 if (!ldb_dn_validate(req
->op
.rename
.olddn
)) {
947 ldb_asprintf_errstring(ldb
, "ldb_rename: invalid olddn '%s'",
948 ldb_dn_get_linearized(req
->op
.rename
.olddn
));
949 return LDB_ERR_INVALID_DN_SYNTAX
;
951 if (!ldb_dn_validate(req
->op
.rename
.newdn
)) {
952 ldb_asprintf_errstring(ldb
, "ldb_rename: invalid newdn '%s'",
953 ldb_dn_get_linearized(req
->op
.rename
.newdn
));
954 return LDB_ERR_INVALID_DN_SYNTAX
;
956 FIRST_OP(ldb
, rename
);
957 ret
= module
->ops
->rename(module
, req
);
960 FIRST_OP(ldb
, extended
);
961 ret
= module
->ops
->extended(module
, req
);
964 FIRST_OP(ldb
, request
);
965 ret
= module
->ops
->request(module
, req
);
969 if ((ret
!= LDB_SUCCESS
) && (ldb
->err_string
== NULL
)) {
970 /* if no error string was setup by the backend */
971 ldb_asprintf_errstring(ldb
, "ldb_request: %s (%d)",
972 ldb_strerror(ret
), ret
);
978 int ldb_request_done(struct ldb_request
*req
, int status
)
980 req
->handle
->state
= LDB_ASYNC_DONE
;
981 req
->handle
->status
= status
;
986 search the database given a LDAP-like search expression
988 returns an LDB error code
990 Use talloc_free to free the ldb_message returned in 'res', if successful
993 int ldb_search_default_callback(struct ldb_request
*req
,
994 struct ldb_reply
*ares
)
996 struct ldb_result
*res
;
999 res
= talloc_get_type(req
->context
, struct ldb_result
);
1002 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1004 if (ares
->error
!= LDB_SUCCESS
) {
1005 return ldb_request_done(req
, ares
->error
);
1008 switch (ares
->type
) {
1009 case LDB_REPLY_ENTRY
:
1010 res
->msgs
= talloc_realloc(res
, res
->msgs
,
1011 struct ldb_message
*, res
->count
+ 2);
1013 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1016 res
->msgs
[res
->count
+ 1] = NULL
;
1018 res
->msgs
[res
->count
] = talloc_move(res
->msgs
, &ares
->message
);
1022 case LDB_REPLY_REFERRAL
:
1024 for (n
= 0; res
->refs
[n
]; n
++) /*noop*/ ;
1029 res
->refs
= talloc_realloc(res
, res
->refs
, char *, n
+ 2);
1031 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1034 res
->refs
[n
] = talloc_move(res
->refs
, &ares
->referral
);
1035 res
->refs
[n
+ 1] = NULL
;
1038 case LDB_REPLY_DONE
:
1039 /* TODO: we should really support controls on entries
1040 * and referrals too! */
1041 res
->controls
= talloc_move(res
, &ares
->controls
);
1043 /* this is the last message, and means the request is done */
1044 /* we have to signal and eventual ldb_wait() waiting that the
1045 * async request operation was completed */
1047 return ldb_request_done(req
, LDB_SUCCESS
);
1055 int ldb_modify_default_callback(struct ldb_request
*req
, struct ldb_reply
*ares
)
1057 struct ldb_result
*res
;
1061 res
= talloc_get_type(req
->context
, struct ldb_result
);
1064 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1067 if (ares
->error
!= LDB_SUCCESS
) {
1070 return ldb_request_done(req
, ret
);
1073 switch (ares
->type
) {
1074 case LDB_REPLY_REFERRAL
:
1076 for (n
= 0; res
->refs
[n
]; n
++) /*noop*/ ;
1081 res
->refs
= talloc_realloc(res
, res
->refs
, char *, n
+ 2);
1083 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1086 res
->refs
[n
] = talloc_move(res
->refs
, &ares
->referral
);
1087 res
->refs
[n
+ 1] = NULL
;
1090 case LDB_REPLY_DONE
:
1092 return ldb_request_done(req
, LDB_SUCCESS
);
1095 ldb_asprintf_errstring(req
->handle
->ldb
, "Invalid LDB reply type %d", ares
->type
);
1096 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1100 return ldb_request_done(req
, LDB_SUCCESS
);
1103 int ldb_op_default_callback(struct ldb_request
*req
, struct ldb_reply
*ares
)
1108 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1111 if (ares
->error
!= LDB_SUCCESS
) {
1114 return ldb_request_done(req
, ret
);
1117 if (ares
->type
!= LDB_REPLY_DONE
) {
1119 ldb_asprintf_errstring(req
->handle
->ldb
, "Invalid LDB reply type %d", ares
->type
);
1120 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1124 return ldb_request_done(req
, LDB_SUCCESS
);
1127 int ldb_build_search_req_ex(struct ldb_request
**ret_req
,
1128 struct ldb_context
*ldb
,
1129 TALLOC_CTX
*mem_ctx
,
1130 struct ldb_dn
*base
,
1131 enum ldb_scope scope
,
1132 struct ldb_parse_tree
*tree
,
1133 const char * const *attrs
,
1134 struct ldb_control
**controls
,
1136 ldb_request_callback_t callback
,
1137 struct ldb_request
*parent
)
1139 struct ldb_request
*req
;
1143 req
= talloc(mem_ctx
, struct ldb_request
);
1146 return LDB_ERR_OPERATIONS_ERROR
;
1149 req
->operation
= LDB_SEARCH
;
1151 req
->op
.search
.base
= ldb_dn_new(req
, ldb
, NULL
);
1153 req
->op
.search
.base
= base
;
1155 req
->op
.search
.scope
= scope
;
1157 req
->op
.search
.tree
= tree
;
1158 if (req
->op
.search
.tree
== NULL
) {
1159 ldb_set_errstring(ldb
, "'tree' can't be NULL");
1161 return LDB_ERR_OPERATIONS_ERROR
;
1164 req
->op
.search
.attrs
= attrs
;
1165 req
->controls
= controls
;
1166 req
->context
= context
;
1167 req
->callback
= callback
;
1169 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1171 req
->handle
= ldb_handle_new(req
, ldb
);
1172 if (req
->handle
== NULL
) {
1174 return LDB_ERR_OPERATIONS_ERROR
;
1178 req
->handle
->nesting
++;
1179 req
->handle
->parent
= parent
;
1180 req
->handle
->flags
= parent
->handle
->flags
;
1181 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1188 int ldb_build_search_req(struct ldb_request
**ret_req
,
1189 struct ldb_context
*ldb
,
1190 TALLOC_CTX
*mem_ctx
,
1191 struct ldb_dn
*base
,
1192 enum ldb_scope scope
,
1193 const char *expression
,
1194 const char * const *attrs
,
1195 struct ldb_control
**controls
,
1197 ldb_request_callback_t callback
,
1198 struct ldb_request
*parent
)
1200 struct ldb_parse_tree
*tree
;
1203 tree
= ldb_parse_tree(mem_ctx
, expression
);
1205 ldb_set_errstring(ldb
, "Unable to parse search expression");
1206 return LDB_ERR_OPERATIONS_ERROR
;
1209 ret
= ldb_build_search_req_ex(ret_req
, ldb
, mem_ctx
, base
,
1210 scope
, tree
, attrs
, controls
,
1211 context
, callback
, parent
);
1212 if (ret
== LDB_SUCCESS
) {
1213 talloc_steal(*ret_req
, tree
);
1218 int ldb_build_add_req(struct ldb_request
**ret_req
,
1219 struct ldb_context
*ldb
,
1220 TALLOC_CTX
*mem_ctx
,
1221 const struct ldb_message
*message
,
1222 struct ldb_control
**controls
,
1224 ldb_request_callback_t callback
,
1225 struct ldb_request
*parent
)
1227 struct ldb_request
*req
;
1231 req
= talloc(mem_ctx
, struct ldb_request
);
1233 ldb_set_errstring(ldb
, "Out of Memory");
1234 return LDB_ERR_OPERATIONS_ERROR
;
1237 req
->operation
= LDB_ADD
;
1238 req
->op
.add
.message
= message
;
1239 req
->controls
= controls
;
1240 req
->context
= context
;
1241 req
->callback
= callback
;
1243 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1245 req
->handle
= ldb_handle_new(req
, ldb
);
1246 if (req
->handle
== NULL
) {
1248 return LDB_ERR_OPERATIONS_ERROR
;
1252 req
->handle
->nesting
++;
1253 req
->handle
->parent
= parent
;
1254 req
->handle
->flags
= parent
->handle
->flags
;
1255 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1263 int ldb_build_mod_req(struct ldb_request
**ret_req
,
1264 struct ldb_context
*ldb
,
1265 TALLOC_CTX
*mem_ctx
,
1266 const struct ldb_message
*message
,
1267 struct ldb_control
**controls
,
1269 ldb_request_callback_t callback
,
1270 struct ldb_request
*parent
)
1272 struct ldb_request
*req
;
1276 req
= talloc(mem_ctx
, struct ldb_request
);
1278 ldb_set_errstring(ldb
, "Out of Memory");
1279 return LDB_ERR_OPERATIONS_ERROR
;
1282 req
->operation
= LDB_MODIFY
;
1283 req
->op
.mod
.message
= message
;
1284 req
->controls
= controls
;
1285 req
->context
= context
;
1286 req
->callback
= callback
;
1288 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1290 req
->handle
= ldb_handle_new(req
, ldb
);
1291 if (req
->handle
== NULL
) {
1293 return LDB_ERR_OPERATIONS_ERROR
;
1297 req
->handle
->nesting
++;
1298 req
->handle
->parent
= parent
;
1299 req
->handle
->flags
= parent
->handle
->flags
;
1300 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1308 int ldb_build_del_req(struct ldb_request
**ret_req
,
1309 struct ldb_context
*ldb
,
1310 TALLOC_CTX
*mem_ctx
,
1312 struct ldb_control
**controls
,
1314 ldb_request_callback_t callback
,
1315 struct ldb_request
*parent
)
1317 struct ldb_request
*req
;
1321 req
= talloc(mem_ctx
, struct ldb_request
);
1323 ldb_set_errstring(ldb
, "Out of Memory");
1324 return LDB_ERR_OPERATIONS_ERROR
;
1327 req
->operation
= LDB_DELETE
;
1328 req
->op
.del
.dn
= dn
;
1329 req
->controls
= controls
;
1330 req
->context
= context
;
1331 req
->callback
= callback
;
1333 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1335 req
->handle
= ldb_handle_new(req
, ldb
);
1336 if (req
->handle
== NULL
) {
1338 return LDB_ERR_OPERATIONS_ERROR
;
1342 req
->handle
->nesting
++;
1343 req
->handle
->parent
= parent
;
1344 req
->handle
->flags
= parent
->handle
->flags
;
1345 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1353 int ldb_build_rename_req(struct ldb_request
**ret_req
,
1354 struct ldb_context
*ldb
,
1355 TALLOC_CTX
*mem_ctx
,
1356 struct ldb_dn
*olddn
,
1357 struct ldb_dn
*newdn
,
1358 struct ldb_control
**controls
,
1360 ldb_request_callback_t callback
,
1361 struct ldb_request
*parent
)
1363 struct ldb_request
*req
;
1367 req
= talloc(mem_ctx
, struct ldb_request
);
1369 ldb_set_errstring(ldb
, "Out of Memory");
1370 return LDB_ERR_OPERATIONS_ERROR
;
1373 req
->operation
= LDB_RENAME
;
1374 req
->op
.rename
.olddn
= olddn
;
1375 req
->op
.rename
.newdn
= newdn
;
1376 req
->controls
= controls
;
1377 req
->context
= context
;
1378 req
->callback
= callback
;
1380 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1382 req
->handle
= ldb_handle_new(req
, ldb
);
1383 if (req
->handle
== NULL
) {
1385 return LDB_ERR_OPERATIONS_ERROR
;
1389 req
->handle
->nesting
++;
1390 req
->handle
->parent
= parent
;
1391 req
->handle
->flags
= parent
->handle
->flags
;
1392 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1400 int ldb_extended_default_callback(struct ldb_request
*req
,
1401 struct ldb_reply
*ares
)
1403 struct ldb_result
*res
;
1405 res
= talloc_get_type(req
->context
, struct ldb_result
);
1408 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1410 if (ares
->error
!= LDB_SUCCESS
) {
1411 return ldb_request_done(req
, ares
->error
);
1414 if (ares
->type
== LDB_REPLY_DONE
) {
1416 /* TODO: we should really support controls on entries and referrals too! */
1417 res
->extended
= talloc_move(res
, &ares
->response
);
1418 res
->controls
= talloc_move(res
, &ares
->controls
);
1421 return ldb_request_done(req
, LDB_SUCCESS
);
1425 ldb_asprintf_errstring(req
->handle
->ldb
, "Invalid LDB reply type %d", ares
->type
);
1426 return ldb_request_done(req
, LDB_ERR_OPERATIONS_ERROR
);
1429 int ldb_build_extended_req(struct ldb_request
**ret_req
,
1430 struct ldb_context
*ldb
,
1431 TALLOC_CTX
*mem_ctx
,
1434 struct ldb_control
**controls
,
1436 ldb_request_callback_t callback
,
1437 struct ldb_request
*parent
)
1439 struct ldb_request
*req
;
1443 req
= talloc(mem_ctx
, struct ldb_request
);
1445 ldb_set_errstring(ldb
, "Out of Memory");
1446 return LDB_ERR_OPERATIONS_ERROR
;
1449 req
->operation
= LDB_EXTENDED
;
1450 req
->op
.extended
.oid
= oid
;
1451 req
->op
.extended
.data
= data
;
1452 req
->controls
= controls
;
1453 req
->context
= context
;
1454 req
->callback
= callback
;
1456 ldb_set_timeout_from_prev_req(ldb
, parent
, req
);
1458 req
->handle
= ldb_handle_new(req
, ldb
);
1459 if (req
->handle
== NULL
) {
1461 return LDB_ERR_OPERATIONS_ERROR
;
1465 req
->handle
->nesting
++;
1466 req
->handle
->parent
= parent
;
1467 req
->handle
->flags
= parent
->handle
->flags
;
1468 req
->handle
->custom_flags
= parent
->handle
->custom_flags
;
1476 int ldb_extended(struct ldb_context
*ldb
,
1479 struct ldb_result
**_res
)
1481 struct ldb_request
*req
;
1483 struct ldb_result
*res
;
1488 res
= talloc_zero(ldb
, struct ldb_result
);
1490 return LDB_ERR_OPERATIONS_ERROR
;
1493 ret
= ldb_build_extended_req(&req
, ldb
, ldb
,
1495 res
, ldb_extended_default_callback
,
1497 ldb_req_set_location(req
, "ldb_extended");
1499 if (ret
!= LDB_SUCCESS
) goto done
;
1501 ldb_set_timeout(ldb
, req
, 0); /* use default timeout */
1503 ret
= ldb_request(ldb
, req
);
1505 if (ret
== LDB_SUCCESS
) {
1506 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
1510 if (ret
!= LDB_SUCCESS
) {
1522 note that ldb_search() will automatically replace a NULL 'base' value
1523 with the defaultNamingContext from the rootDSE if available.
1525 int ldb_search(struct ldb_context
*ldb
, TALLOC_CTX
*mem_ctx
,
1526 struct ldb_result
**result
, struct ldb_dn
*base
,
1527 enum ldb_scope scope
, const char * const *attrs
,
1528 const char *exp_fmt
, ...)
1530 struct ldb_request
*req
;
1531 struct ldb_result
*res
;
1540 res
= talloc_zero(mem_ctx
, struct ldb_result
);
1542 return LDB_ERR_OPERATIONS_ERROR
;
1546 va_start(ap
, exp_fmt
);
1547 expression
= talloc_vasprintf(mem_ctx
, exp_fmt
, ap
);
1552 return LDB_ERR_OPERATIONS_ERROR
;
1556 ret
= ldb_build_search_req(&req
, ldb
, mem_ctx
,
1557 base
?base
:ldb_get_default_basedn(ldb
),
1563 ldb_search_default_callback
,
1565 ldb_req_set_location(req
, "ldb_search");
1567 if (ret
!= LDB_SUCCESS
) goto done
;
1569 ret
= ldb_request(ldb
, req
);
1571 if (ret
== LDB_SUCCESS
) {
1572 ret
= ldb_wait(req
->handle
, LDB_WAIT_ALL
);
1576 if (ret
!= LDB_SUCCESS
) {
1581 talloc_free(expression
);
1589 add a record to the database. Will fail if a record with the given class
1590 and key already exists
1592 int ldb_add(struct ldb_context
*ldb
,
1593 const struct ldb_message
*message
)
1595 struct ldb_request
*req
;
1598 ret
= ldb_msg_sanity_check(ldb
, message
);
1599 if (ret
!= LDB_SUCCESS
) {
1603 ret
= ldb_build_add_req(&req
, ldb
, ldb
,
1607 ldb_op_default_callback
,
1609 ldb_req_set_location(req
, "ldb_add");
1611 if (ret
!= LDB_SUCCESS
) return ret
;
1613 /* do request and autostart a transaction */
1614 ret
= ldb_autotransaction_request(ldb
, req
);
1621 modify the specified attributes of a record
1623 int ldb_modify(struct ldb_context
*ldb
,
1624 const struct ldb_message
*message
)
1626 struct ldb_request
*req
;
1629 ret
= ldb_msg_sanity_check(ldb
, message
);
1630 if (ret
!= LDB_SUCCESS
) {
1634 ret
= ldb_build_mod_req(&req
, ldb
, ldb
,
1638 ldb_op_default_callback
,
1640 ldb_req_set_location(req
, "ldb_modify");
1642 if (ret
!= LDB_SUCCESS
) return ret
;
1644 /* do request and autostart a transaction */
1645 ret
= ldb_autotransaction_request(ldb
, req
);
1653 delete a record from the database
1655 int ldb_delete(struct ldb_context
*ldb
, struct ldb_dn
*dn
)
1657 struct ldb_request
*req
;
1660 ret
= ldb_build_del_req(&req
, ldb
, ldb
,
1664 ldb_op_default_callback
,
1666 ldb_req_set_location(req
, "ldb_delete");
1668 if (ret
!= LDB_SUCCESS
) return ret
;
1670 /* do request and autostart a transaction */
1671 ret
= ldb_autotransaction_request(ldb
, req
);
1678 rename a record in the database
1680 int ldb_rename(struct ldb_context
*ldb
,
1681 struct ldb_dn
*olddn
, struct ldb_dn
*newdn
)
1683 struct ldb_request
*req
;
1686 ret
= ldb_build_rename_req(&req
, ldb
, ldb
,
1691 ldb_op_default_callback
,
1693 ldb_req_set_location(req
, "ldb_rename");
1695 if (ret
!= LDB_SUCCESS
) return ret
;
1697 /* do request and autostart a transaction */
1698 ret
= ldb_autotransaction_request(ldb
, req
);
1706 return the global sequence number
1708 int ldb_sequence_number(struct ldb_context
*ldb
,
1709 enum ldb_sequence_type type
, uint64_t *seq_num
)
1711 struct ldb_seqnum_request
*seq
;
1712 struct ldb_seqnum_result
*seqr
;
1713 struct ldb_result
*res
;
1714 TALLOC_CTX
*tmp_ctx
;
1719 tmp_ctx
= talloc_zero(ldb
, struct ldb_request
);
1720 if (tmp_ctx
== NULL
) {
1721 ldb_set_errstring(ldb
, "Out of Memory");
1722 return LDB_ERR_OPERATIONS_ERROR
;
1724 seq
= talloc_zero(tmp_ctx
, struct ldb_seqnum_request
);
1726 ldb_set_errstring(ldb
, "Out of Memory");
1727 ret
= LDB_ERR_OPERATIONS_ERROR
;
1732 ret
= ldb_extended(ldb
, LDB_EXTENDED_SEQUENCE_NUMBER
, seq
, &res
);
1733 if (ret
!= LDB_SUCCESS
) {
1736 talloc_steal(tmp_ctx
, res
);
1738 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER
, res
->extended
->oid
) != 0) {
1739 ldb_set_errstring(ldb
, "Invalid OID in reply");
1740 ret
= LDB_ERR_OPERATIONS_ERROR
;
1743 seqr
= talloc_get_type(res
->extended
->data
,
1744 struct ldb_seqnum_result
);
1745 *seq_num
= seqr
->seq_num
;
1748 talloc_free(tmp_ctx
);
1753 return extended error information
1755 const char *ldb_errstring(struct ldb_context
*ldb
)
1757 if (ldb
->err_string
) {
1758 return ldb
->err_string
;
1765 return a string explaining what a ldb error constant meancs
1767 const char *ldb_strerror(int ldb_err
)
1772 case LDB_ERR_OPERATIONS_ERROR
:
1773 return "Operations error";
1774 case LDB_ERR_PROTOCOL_ERROR
:
1775 return "Protocol error";
1776 case LDB_ERR_TIME_LIMIT_EXCEEDED
:
1777 return "Time limit exceeded";
1778 case LDB_ERR_SIZE_LIMIT_EXCEEDED
:
1779 return "Size limit exceeded";
1780 case LDB_ERR_COMPARE_FALSE
:
1781 return "Compare false";
1782 case LDB_ERR_COMPARE_TRUE
:
1783 return "Compare true";
1784 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED
:
1785 return "Auth method not supported";
1786 case LDB_ERR_STRONG_AUTH_REQUIRED
:
1787 return "Strong auth required";
1789 case LDB_ERR_REFERRAL
:
1790 return "Referral error";
1791 case LDB_ERR_ADMIN_LIMIT_EXCEEDED
:
1792 return "Admin limit exceeded";
1793 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION
:
1794 return "Unsupported critical extension";
1795 case LDB_ERR_CONFIDENTIALITY_REQUIRED
:
1796 return "Confidentiality required";
1797 case LDB_ERR_SASL_BIND_IN_PROGRESS
:
1798 return "SASL bind in progress";
1799 case LDB_ERR_NO_SUCH_ATTRIBUTE
:
1800 return "No such attribute";
1801 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE
:
1802 return "Undefined attribute type";
1803 case LDB_ERR_INAPPROPRIATE_MATCHING
:
1804 return "Inappropriate matching";
1805 case LDB_ERR_CONSTRAINT_VIOLATION
:
1806 return "Constraint violation";
1807 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
:
1808 return "Attribute or value exists";
1809 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX
:
1810 return "Invalid attribute syntax";
1812 case LDB_ERR_NO_SUCH_OBJECT
:
1813 return "No such object";
1814 case LDB_ERR_ALIAS_PROBLEM
:
1815 return "Alias problem";
1816 case LDB_ERR_INVALID_DN_SYNTAX
:
1817 return "Invalid DN syntax";
1819 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM
:
1820 return "Alias dereferencing problem";
1822 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION
:
1823 return "Inappropriate authentication";
1824 case LDB_ERR_INVALID_CREDENTIALS
:
1825 return "Invalid credentials";
1826 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS
:
1827 return "insufficient access rights";
1830 case LDB_ERR_UNAVAILABLE
:
1831 return "Unavailable";
1832 case LDB_ERR_UNWILLING_TO_PERFORM
:
1833 return "Unwilling to perform";
1834 case LDB_ERR_LOOP_DETECT
:
1835 return "Loop detect";
1837 case LDB_ERR_NAMING_VIOLATION
:
1838 return "Naming violation";
1839 case LDB_ERR_OBJECT_CLASS_VIOLATION
:
1840 return "Object class violation";
1841 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF
:
1842 return "Not allowed on non-leaf";
1843 case LDB_ERR_NOT_ALLOWED_ON_RDN
:
1844 return "Not allowed on RDN";
1845 case LDB_ERR_ENTRY_ALREADY_EXISTS
:
1846 return "Entry already exists";
1847 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED
:
1848 return "Object class mods prohibited";
1849 /* 70 RESERVED FOR CLDAP */
1850 case LDB_ERR_AFFECTS_MULTIPLE_DSAS
:
1851 return "Affects multiple DSAs";
1857 return "Unknown error";
1861 set backend specific opaque parameters
1863 int ldb_set_opaque(struct ldb_context
*ldb
, const char *name
, void *value
)
1865 struct ldb_opaque
*o
;
1867 /* allow updating an existing value */
1868 for (o
=ldb
->opaque
;o
;o
=o
->next
) {
1869 if (strcmp(o
->name
, name
) == 0) {
1875 o
= talloc(ldb
, struct ldb_opaque
);
1878 return LDB_ERR_OTHER
;
1880 o
->next
= ldb
->opaque
;
1888 get a previously set opaque value
1890 void *ldb_get_opaque(struct ldb_context
*ldb
, const char *name
)
1892 struct ldb_opaque
*o
;
1893 for (o
=ldb
->opaque
;o
;o
=o
->next
) {
1894 if (strcmp(o
->name
, name
) == 0) {
1901 int ldb_global_init(void)
1903 /* Provided for compatibility with some older versions of ldb */
1907 /* return the ldb flags */
1908 unsigned int ldb_get_flags(struct ldb_context
*ldb
)
1913 /* set the ldb flags */
1914 void ldb_set_flags(struct ldb_context
*ldb
, unsigned flags
)
1921 set the location in a ldb request. Used for debugging
1923 void ldb_req_set_location(struct ldb_request
*req
, const char *location
)
1925 if (req
&& req
->handle
) {
1926 req
->handle
->location
= location
;
1931 return the location set with dsdb_req_set_location
1933 const char *ldb_req_location(struct ldb_request
*req
)
1935 return req
->handle
->location
;
1939 mark a request as untrusted. This tells the rootdse module to remove
1940 unregistered controls
1942 void ldb_req_mark_untrusted(struct ldb_request
*req
)
1944 req
->handle
->flags
|= LDB_HANDLE_FLAG_UNTRUSTED
;
1948 mark a request as trusted.
1950 void ldb_req_mark_trusted(struct ldb_request
*req
)
1952 req
->handle
->flags
&= ~LDB_HANDLE_FLAG_UNTRUSTED
;
1956 set custom flags. Those flags are set by applications using ldb,
1957 they are application dependent and the same bit can have different
1958 meaning in different application.
1960 void ldb_req_set_custom_flags(struct ldb_request
*req
, uint32_t flags
)
1962 if (req
!= NULL
&& req
->handle
!= NULL
) {
1963 req
->handle
->custom_flags
= flags
;
1969 get custom flags. Those flags are set by applications using ldb,
1970 they are application dependent and the same bit can have different
1971 meaning in different application.
1973 uint32_t ldb_req_get_custom_flags(struct ldb_request
*req
)
1975 if (req
!= NULL
&& req
->handle
!= NULL
) {
1976 return req
->handle
->custom_flags
;
1980 * 0 is not something any better or worse than
1981 * anything else as req or the handle is NULL
1988 * return true if a request is untrusted
1990 bool ldb_req_is_untrusted(struct ldb_request
*req
)
1992 return (req
->handle
->flags
& LDB_HANDLE_FLAG_UNTRUSTED
) != 0;