search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ldb: Fix 1138330 Dereference null return value
[Samba.git] / lib / ldb / common / ldb.c
blobe5fa81977a7e87824466f23a027b44732d051a15
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
6
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
9 ** under the LGPL
10
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
15
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
20
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb core API
29 *
30 * Description: core API routines interfacing to ldb backends
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
37 #include "ldb.h"
38
39 static int ldb_context_destructor(void *ptr)
40 {
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 }
48
49 return 0;
50 }
51
52 /*
53 this is used to catch debug messages from events
54 */
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
60 {
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63
64 switch (level) {
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
67 break;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
70 break;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
73 break;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
76 break;
77 };
78
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
81 * want to show it */
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
83 }
84
85 /*
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
89 */
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 {
92 struct ldb_context *ldb;
93 int ret;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
95
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
98 }
99
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
102 return NULL;
103 }
104
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
106 if (ldb == NULL) {
107 return NULL;
108 }
109
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 if (ev_ctx == NULL) {
116 talloc_free(ldb);
117 return NULL;
118 }
119 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 tevent_loop_allow_nesting(ev_ctx);
121 }
122
123 ret = ldb_setup_wellknown_attributes(ldb);
124 if (ret != LDB_SUCCESS) {
125 talloc_free(ldb);
126 return NULL;
127 }
128
129 ldb_set_utf8_default(ldb);
130 ldb_set_create_perms(ldb, 0666);
131 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
132 ldb_set_event_context(ldb, ev_ctx);
133
134 /* TODO: get timeout from options if available there */
135 ldb->default_timeout = 300; /* set default to 5 minutes */
136
137 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
138
139 return ldb;
140 }
141
142 /*
143 try to autodetect a basedn if none specified. This fixes one of my
144 pet hates about ldapsearch, which is that you have to get a long,
145 complex basedn right to make any use of it.
146 */
147 void ldb_set_default_dns(struct ldb_context *ldb)
148 {
149 TALLOC_CTX *tmp_ctx;
150 int ret;
151 struct ldb_result *res;
152 struct ldb_dn *tmp_dn=NULL;
153 static const char *attrs[] = {
154 "rootDomainNamingContext",
155 "configurationNamingContext",
156 "schemaNamingContext",
157 "defaultNamingContext",
158 NULL
159 };
160
161 tmp_ctx = talloc_new(ldb);
162 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
163 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
164 if (ret != LDB_SUCCESS) {
165 talloc_free(tmp_ctx);
166 return;
167 }
168
169 if (res->count != 1) {
170 talloc_free(tmp_ctx);
171 return;
172 }
173
174 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
175 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
176 "rootDomainNamingContext");
177 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
178 }
179
180 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
181 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
182 "configurationNamingContext");
183 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
184 }
185
186 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
187 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
188 "schemaNamingContext");
189 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
190 }
191
192 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
193 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
194 "defaultNamingContext");
195 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
196 }
197
198 talloc_free(tmp_ctx);
199 }
200
201 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
202 {
203 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
204 return talloc_get_type(opaque, struct ldb_dn);
205 }
206
207 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
208 {
209 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
210 return talloc_get_type(opaque, struct ldb_dn);
211 }
212
213 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
214 {
215 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
216 return talloc_get_type(opaque, struct ldb_dn);
217 }
218
219 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
220 {
221 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
222 return talloc_get_type(opaque, struct ldb_dn);
223 }
224
225 /*
226 connect to a database. The URL can either be one of the following forms
227 ldb://path
228 ldapi://path
229
230 flags is made up of LDB_FLG_*
231
232 the options are passed uninterpreted to the backend, and are
233 backend specific
234 */
235 int ldb_connect(struct ldb_context *ldb, const char *url,
236 unsigned int flags, const char *options[])
237 {
238 int ret;
239 char *url2;
240 /* We seem to need to do this here, or else some utilities don't
241 * get ldb backends */
242
243 ldb->flags = flags;
244
245 url2 = talloc_strdup(ldb, url);
246 if (!url2) {
247 ldb_oom(ldb);
248 return LDB_ERR_OPERATIONS_ERROR;
249 }
250 ret = ldb_set_opaque(ldb, "ldb_url", url2);
251 if (ret != LDB_SUCCESS) {
252 return ret;
253 }
254
255 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
256 if (ret != LDB_SUCCESS) {
257 return ret;
258 }
259
260 if (ldb_load_modules(ldb, options) != LDB_SUCCESS) {
261 ldb_debug(ldb, LDB_DEBUG_FATAL,
262 "Unable to load modules for %s: %s",
263 url, ldb_errstring(ldb));
264 return LDB_ERR_OTHER;
265 }
266
267 /* set the default base dn */
268 ldb_set_default_dns(ldb);
269
270 return LDB_SUCCESS;
271 }
272
273 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
274 {
275 ldb_asprintf_errstring(ldb, "%s", err_string);
276 }
277
278 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
279 {
280 va_list ap;
281
282 if (ldb->err_string) {
283 talloc_free(ldb->err_string);
284 }
285
286 va_start(ap, format);
287 ldb->err_string = talloc_vasprintf(ldb, format, ap);
288 va_end(ap);
289
290 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
291 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
292 ldb->err_string);
293 }
294 }
295
296 void ldb_reset_err_string(struct ldb_context *ldb)
297 {
298 if (ldb->err_string) {
299 talloc_free(ldb->err_string);
300 ldb->err_string = NULL;
301 }
302 }
303
304
305
306 /*
307 set an ldb error based on file:line
308 */
309 int ldb_error_at(struct ldb_context *ldb, int ecode,
310 const char *reason, const char *file, int line)
311 {
312 if (reason == NULL) {
313 reason = ldb_strerror(ecode);
314 }
315 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
316 return ecode;
317 }
318
319
320 #define FIRST_OP_NOERR(ldb, op) do { \
321 module = ldb->modules; \
322 while (module && module->ops->op == NULL) module = module->next; \
323 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
324 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
325 module->ops->name); \
326 } \
327 } while (0)
328
329 #define FIRST_OP(ldb, op) do { \
330 FIRST_OP_NOERR(ldb, op); \
331 if (module == NULL) { \
332 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
333 return LDB_ERR_OPERATIONS_ERROR; \
334 } \
335 } while (0)
336
337
338 /*
339 start a transaction
340 */
341 int ldb_transaction_start(struct ldb_context *ldb)
342 {
343 struct ldb_module *module;
344 int status;
345
346 ldb_debug(ldb, LDB_DEBUG_TRACE,
347 "start ldb transaction (nesting: %d)",
348 ldb->transaction_active);
349
350 /* explicit transaction active, count nested requests */
351 if (ldb->transaction_active) {
352 ldb->transaction_active++;
353 return LDB_SUCCESS;
354 }
355
356 /* start a new transaction */
357 ldb->transaction_active++;
358 ldb->prepare_commit_done = false;
359
360 FIRST_OP(ldb, start_transaction);
361
362 ldb_reset_err_string(ldb);
363
364 status = module->ops->start_transaction(module);
365 if (status != LDB_SUCCESS) {
366 if (ldb->err_string == NULL) {
367 /* no error string was setup by the backend */
368 ldb_asprintf_errstring(ldb,
369 "ldb transaction start: %s (%d)",
370 ldb_strerror(status),
371 status);
372 }
373 }
374 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
375 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
376 ldb_errstring(module->ldb));
377 }
378 return status;
379 }
380
381 /*
382 prepare for transaction commit (first phase of two phase commit)
383 */
384 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
385 {
386 struct ldb_module *module;
387 int status;
388
389 if (ldb->prepare_commit_done) {
390 return LDB_SUCCESS;
391 }
392
393 /* commit only when all nested transactions are complete */
394 if (ldb->transaction_active > 1) {
395 return LDB_SUCCESS;
396 }
397
398 ldb->prepare_commit_done = true;
399
400 if (ldb->transaction_active < 0) {
401 ldb_debug(ldb, LDB_DEBUG_FATAL,
402 "prepare commit called but no ldb transactions are active!");
403 ldb->transaction_active = 0;
404 return LDB_ERR_OPERATIONS_ERROR;
405 }
406
407 /* call prepare transaction if available */
408 FIRST_OP_NOERR(ldb, prepare_commit);
409 if (module == NULL) {
410 return LDB_SUCCESS;
411 }
412
413 status = module->ops->prepare_commit(module);
414 if (status != LDB_SUCCESS) {
415 ldb->transaction_active--;
416 /* if a module fails the prepare then we need
417 to call the end transaction for everyone */
418 FIRST_OP(ldb, del_transaction);
419 module->ops->del_transaction(module);
420 if (ldb->err_string == NULL) {
421 /* no error string was setup by the backend */
422 ldb_asprintf_errstring(ldb,
423 "ldb transaction prepare commit: %s (%d)",
424 ldb_strerror(status),
425 status);
426 }
427 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
428 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
429 ldb_errstring(module->ldb));
430 }
431 }
432
433 return status;
434 }
435
436
437 /*
438 commit a transaction
439 */
440 int ldb_transaction_commit(struct ldb_context *ldb)
441 {
442 struct ldb_module *module;
443 int status;
444
445 status = ldb_transaction_prepare_commit(ldb);
446 if (status != LDB_SUCCESS) {
447 return status;
448 }
449
450 ldb->transaction_active--;
451
452 ldb_debug(ldb, LDB_DEBUG_TRACE,
453 "commit ldb transaction (nesting: %d)",
454 ldb->transaction_active);
455
456 /* commit only when all nested transactions are complete */
457 if (ldb->transaction_active > 0) {
458 return LDB_SUCCESS;
459 }
460
461 if (ldb->transaction_active < 0) {
462 ldb_debug(ldb, LDB_DEBUG_FATAL,
463 "commit called but no ldb transactions are active!");
464 ldb->transaction_active = 0;
465 return LDB_ERR_OPERATIONS_ERROR;
466 }
467
468 ldb_reset_err_string(ldb);
469
470 FIRST_OP(ldb, end_transaction);
471 status = module->ops->end_transaction(module);
472 if (status != LDB_SUCCESS) {
473 if (ldb->err_string == NULL) {
474 /* no error string was setup by the backend */
475 ldb_asprintf_errstring(ldb,
476 "ldb transaction commit: %s (%d)",
477 ldb_strerror(status),
478 status);
479 }
480 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
481 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
482 ldb_errstring(module->ldb));
483 }
484 /* cancel the transaction */
485 FIRST_OP(ldb, del_transaction);
486 module->ops->del_transaction(module);
487 }
488 return status;
489 }
490
491
492 /*
493 cancel a transaction
494 */
495 int ldb_transaction_cancel(struct ldb_context *ldb)
496 {
497 struct ldb_module *module;
498 int status;
499
500 ldb->transaction_active--;
501
502 ldb_debug(ldb, LDB_DEBUG_TRACE,
503 "cancel ldb transaction (nesting: %d)",
504 ldb->transaction_active);
505
506 /* really cancel only if all nested transactions are complete */
507 if (ldb->transaction_active > 0) {
508 return LDB_SUCCESS;
509 }
510
511 if (ldb->transaction_active < 0) {
512 ldb_debug(ldb, LDB_DEBUG_FATAL,
513 "cancel called but no ldb transactions are active!");
514 ldb->transaction_active = 0;
515 return LDB_ERR_OPERATIONS_ERROR;
516 }
517
518 FIRST_OP(ldb, del_transaction);
519
520 status = module->ops->del_transaction(module);
521 if (status != LDB_SUCCESS) {
522 if (ldb->err_string == NULL) {
523 /* no error string was setup by the backend */
524 ldb_asprintf_errstring(ldb,
525 "ldb transaction cancel: %s (%d)",
526 ldb_strerror(status),
527 status);
528 }
529 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
530 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
531 ldb_errstring(module->ldb));
532 }
533 }
534 return status;
535 }
536
537 /*
538 cancel a transaction with no error if no transaction is pending
539 used when we fork() to clear any parent transactions
540 */
541 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
542 {
543 if (ldb->transaction_active > 0) {
544 return ldb_transaction_cancel(ldb);
545 }
546 return LDB_SUCCESS;
547 }
548
549
550 /* autostarts a transaction if none active */
551 static int ldb_autotransaction_request(struct ldb_context *ldb,
552 struct ldb_request *req)
553 {
554 int ret;
555
556 ret = ldb_transaction_start(ldb);
557 if (ret != LDB_SUCCESS) {
558 return ret;
559 }
560
561 ret = ldb_request(ldb, req);
562 if (ret == LDB_SUCCESS) {
563 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
564 }
565
566 if (ret == LDB_SUCCESS) {
567 return ldb_transaction_commit(ldb);
568 }
569 ldb_transaction_cancel(ldb);
570
571 return ret;
572 }
573
574 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
575 {
576 struct tevent_context *ev;
577 int ret;
578
579 if (handle == NULL) {
580 return LDB_ERR_UNAVAILABLE;
581 }
582
583 if (handle->state == LDB_ASYNC_DONE) {
584 if ((handle->status != LDB_SUCCESS) &&
585 (handle->ldb->err_string == NULL)) {
586 /* if no error string was setup by the backend */
587 ldb_asprintf_errstring(handle->ldb, "ldb_wait: %s (%d)",
588 ldb_strerror(handle->status),
589 handle->status);
590 }
591 return handle->status;
592 }
593
594 ev = ldb_get_event_context(handle->ldb);
595 if (NULL == ev) {
596 return ldb_oom(handle->ldb);
597 }
598
599 switch (type) {
600 case LDB_WAIT_NONE:
601 ret = tevent_loop_once(ev);
602 if (ret != 0) {
603 return ldb_operr(handle->ldb);
604 }
605 if (handle->status != LDB_SUCCESS) {
606 if (handle->ldb->err_string == NULL) {
607 /*
608 * if no error string was setup by the backend
609 */
610 ldb_asprintf_errstring(handle->ldb,
611 "ldb_wait: %s (%d)",
612 ldb_strerror(handle->status),
613 handle->status);
614 }
615 return handle->status;
616 }
617 break;
618
619 case LDB_WAIT_ALL:
620 while (handle->state != LDB_ASYNC_DONE) {
621 ret = tevent_loop_once(ev);
622 if (ret != 0) {
623 return ldb_operr(handle->ldb);
624 }
625 if (handle->status != LDB_SUCCESS) {
626 if (handle->ldb->err_string == NULL) {
627 /*
628 * if no error string was setup by the
629 * backend
630 */
631 ldb_asprintf_errstring(handle->ldb,
632 "ldb_wait: %s (%d)",
633 ldb_strerror(handle->status),
634 handle->status);
635 }
636 return handle->status;
637 }
638 }
639 if (handle->status != LDB_SUCCESS) {
640 if (handle->ldb->err_string == NULL) {
641 /*
642 * if no error string was setup by the backend
643 */
644 ldb_asprintf_errstring(handle->ldb,
645 "ldb_wait: %s (%d)",
646 ldb_strerror(handle->status),
647 handle->status);
648 }
649 return handle->status;
650 }
651 break;
652 }
653
654 return LDB_SUCCESS;
655 }
656
657 /* set the specified timeout or, if timeout is 0 set the default timeout */
658 int ldb_set_timeout(struct ldb_context *ldb,
659 struct ldb_request *req,
660 int timeout)
661 {
662 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
663
664 if (timeout != 0) {
665 req->timeout = timeout;
666 } else {
667 req->timeout = ldb->default_timeout;
668 }
669 req->starttime = time(NULL);
670
671 return LDB_SUCCESS;
672 }
673
674 /* calculates the new timeout based on the previous starttime and timeout */
675 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
676 struct ldb_request *oldreq,
677 struct ldb_request *newreq)
678 {
679 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
680
681 if (oldreq == NULL) {
682 return ldb_set_timeout(ldb, newreq, 0);
683 }
684
685 newreq->starttime = oldreq->starttime;
686 newreq->timeout = oldreq->timeout;
687
688 return LDB_SUCCESS;
689 }
690
691
692 /*
693 set the permissions for new files to be passed to open() in
694 backends that use local files
695 */
696 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
697 {
698 ldb->create_perms = perms;
699 }
700
701 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
702 {
703 return ldb->create_perms;
704 }
705
706 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
707 {
708 ldb->ev_ctx = ev;
709 }
710
711 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
712 {
713 return ldb->ev_ctx;
714 }
715
716 void ldb_request_set_state(struct ldb_request *req, int state)
717 {
718 req->handle->state = state;
719 }
720
721 int ldb_request_get_status(struct ldb_request *req)
722 {
723 return req->handle->status;
724 }
725
726
727 /*
728 trace a ldb request
729 */
730 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
731 {
732 TALLOC_CTX *tmp_ctx = talloc_new(req);
733 unsigned int i;
734 struct ldb_ldif ldif;
735
736 switch (req->operation) {
737 case LDB_SEARCH:
738 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
739 ldb_debug_add(ldb, " dn: %s\n",
740 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
741 ldb_dn_get_linearized(req->op.search.base));
742 ldb_debug_add(ldb, " scope: %s\n",
743 req->op.search.scope==LDB_SCOPE_BASE?"base":
744 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
745 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
746 ldb_debug_add(ldb, " expr: %s\n",
747 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
748 if (req->op.search.attrs == NULL) {
749 ldb_debug_add(ldb, " attr: <ALL>\n");
750 } else {
751 for (i=0; req->op.search.attrs[i]; i++) {
752 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
753 }
754 }
755 break;
756 case LDB_DELETE:
757 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
758 ldb_debug_add(ldb, " dn: %s\n",
759 ldb_dn_get_linearized(req->op.del.dn));
760 break;
761 case LDB_RENAME:
762 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
763 ldb_debug_add(ldb, " olddn: %s\n",
764 ldb_dn_get_linearized(req->op.rename.olddn));
765 ldb_debug_add(ldb, " newdn: %s\n",
766 ldb_dn_get_linearized(req->op.rename.newdn));
767 break;
768 case LDB_EXTENDED:
769 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
770 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
771 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
772 break;
773 case LDB_ADD:
774 ldif.changetype = LDB_CHANGETYPE_ADD;
775 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
776
777 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
778
779 /*
780 * The choice to call
781 * ldb_ldif_write_redacted_trace_string() is CRITICAL
782 * for security. It ensures that we do not output
783 * passwords into debug logs
784 */
785
786 ldb_debug_add(req->handle->ldb, "%s\n",
787 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
788 break;
789 case LDB_MODIFY:
790 ldif.changetype = LDB_CHANGETYPE_MODIFY;
791 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
792
793 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
794
795 /*
796 * The choice to call
797 * ldb_ldif_write_redacted_trace_string() is CRITICAL
798 * for security. It ensures that we do not output
799 * passwords into debug logs
800 */
801
802 ldb_debug_add(req->handle->ldb, "%s\n",
803 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
804 break;
805 case LDB_REQ_REGISTER_CONTROL:
806 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
807 ldb_debug_add(req->handle->ldb, "%s\n",
808 req->op.reg_control.oid);
809 break;
810 case LDB_REQ_REGISTER_PARTITION:
811 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
812 ldb_debug_add(req->handle->ldb, "%s\n",
813 ldb_dn_get_linearized(req->op.reg_partition.dn));
814 break;
815 default:
816 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
817 req->operation);
818 break;
819 }
820
821 if (req->controls == NULL) {
822 ldb_debug_add(ldb, " control: <NONE>\n");
823 } else {
824 for (i=0; req->controls && req->controls[i]; i++) {
825 if (req->controls[i]->oid) {
826 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
827 req->controls[i]->oid,
828 req->controls[i]->critical,
829 req->controls[i]->data?"yes":"no");
830 }
831 }
832 }
833
834 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
835
836 talloc_free(tmp_ctx);
837 }
838
839 /*
840 check that the element flags don't have any internal bits set
841 */
842 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
843 const struct ldb_message *message)
844 {
845 unsigned i;
846 for (i=0; i<message->num_elements; i++) {
847 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
848 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
849 message->elements[i].flags, message->elements[i].name,
850 ldb_dn_get_linearized(message->dn));
851 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
852 }
853 }
854 return LDB_SUCCESS;
855 }
856
857
858 /*
859 start an ldb request
860 NOTE: the request must be a talloc context.
861 returns LDB_ERR_* on errors.
862 */
863 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
864 {
865 struct ldb_module *module;
866 int ret;
867
868 if (req->callback == NULL) {
869 ldb_set_errstring(ldb, "Requests MUST define callbacks");
870 return LDB_ERR_UNWILLING_TO_PERFORM;
871 }
872
873 ldb_reset_err_string(ldb);
874
875 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
876 ldb_trace_request(ldb, req);
877 }
878
879 /* call the first module in the chain */
880 switch (req->operation) {
881 case LDB_SEARCH:
882 /* due to "ldb_build_search_req" base DN always != NULL */
883 if (!ldb_dn_validate(req->op.search.base)) {
884 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
885 ldb_dn_get_linearized(req->op.search.base));
886 return LDB_ERR_INVALID_DN_SYNTAX;
887 }
888 FIRST_OP(ldb, search);
889 ret = module->ops->search(module, req);
890 break;
891 case LDB_ADD:
892 if (!ldb_dn_validate(req->op.add.message->dn)) {
893 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
894 ldb_dn_get_linearized(req->op.add.message->dn));
895 return LDB_ERR_INVALID_DN_SYNTAX;
896 }
897 /*
898 * we have to normalize here, as so many places
899 * in modules and backends assume we don't have two
900 * elements with the same name
901 */
902 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
903 discard_const(&req->op.add.message));
904 if (ret != LDB_SUCCESS) {
905 ldb_oom(ldb);
906 return ret;
907 }
908 FIRST_OP(ldb, add);
909 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
910 if (ret != LDB_SUCCESS) {
911 /*
912 * "ldb_msg_check_element_flags" generates an error
913 * string
914 */
915 return ret;
916 }
917 ret = module->ops->add(module, req);
918 break;
919 case LDB_MODIFY:
920 if (!ldb_dn_validate(req->op.mod.message->dn)) {
921 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
922 ldb_dn_get_linearized(req->op.mod.message->dn));
923 return LDB_ERR_INVALID_DN_SYNTAX;
924 }
925 FIRST_OP(ldb, modify);
926 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
927 if (ret != LDB_SUCCESS) {
928 /*
929 * "ldb_msg_check_element_flags" generates an error
930 * string
931 */
932 return ret;
933 }
934 ret = module->ops->modify(module, req);
935 break;
936 case LDB_DELETE:
937 if (!ldb_dn_validate(req->op.del.dn)) {
938 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
939 ldb_dn_get_linearized(req->op.del.dn));
940 return LDB_ERR_INVALID_DN_SYNTAX;
941 }
942 FIRST_OP(ldb, del);
943 ret = module->ops->del(module, req);
944 break;
945 case LDB_RENAME:
946 if (!ldb_dn_validate(req->op.rename.olddn)) {
947 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
948 ldb_dn_get_linearized(req->op.rename.olddn));
949 return LDB_ERR_INVALID_DN_SYNTAX;
950 }
951 if (!ldb_dn_validate(req->op.rename.newdn)) {
952 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
953 ldb_dn_get_linearized(req->op.rename.newdn));
954 return LDB_ERR_INVALID_DN_SYNTAX;
955 }
956 FIRST_OP(ldb, rename);
957 ret = module->ops->rename(module, req);
958 break;
959 case LDB_EXTENDED:
960 FIRST_OP(ldb, extended);
961 ret = module->ops->extended(module, req);
962 break;
963 default:
964 FIRST_OP(ldb, request);
965 ret = module->ops->request(module, req);
966 break;
967 }
968
969 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
970 /* if no error string was setup by the backend */
971 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
972 ldb_strerror(ret), ret);
973 }
974
975 return ret;
976 }
977
978 int ldb_request_done(struct ldb_request *req, int status)
979 {
980 req->handle->state = LDB_ASYNC_DONE;
981 req->handle->status = status;
982 return status;
983 }
984
985 /*
986 search the database given a LDAP-like search expression
987
988 returns an LDB error code
989
990 Use talloc_free to free the ldb_message returned in 'res', if successful
991
992 */
993 int ldb_search_default_callback(struct ldb_request *req,
994 struct ldb_reply *ares)
995 {
996 struct ldb_result *res;
997 unsigned int n;
998
999 res = talloc_get_type(req->context, struct ldb_result);
1000
1001 if (!ares) {
1002 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1003 }
1004 if (ares->error != LDB_SUCCESS) {
1005 return ldb_request_done(req, ares->error);
1006 }
1007
1008 switch (ares->type) {
1009 case LDB_REPLY_ENTRY:
1010 res->msgs = talloc_realloc(res, res->msgs,
1011 struct ldb_message *, res->count + 2);
1012 if (! res->msgs) {
1013 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1014 }
1015
1016 res->msgs[res->count + 1] = NULL;
1017
1018 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1019 res->count++;
1020 break;
1021
1022 case LDB_REPLY_REFERRAL:
1023 if (res->refs) {
1024 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1025 } else {
1026 n = 0;
1027 }
1028
1029 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1030 if (! res->refs) {
1031 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1032 }
1033
1034 res->refs[n] = talloc_move(res->refs, &ares->referral);
1035 res->refs[n + 1] = NULL;
1036 break;
1037
1038 case LDB_REPLY_DONE:
1039 /* TODO: we should really support controls on entries
1040 * and referrals too! */
1041 res->controls = talloc_move(res, &ares->controls);
1042
1043 /* this is the last message, and means the request is done */
1044 /* we have to signal and eventual ldb_wait() waiting that the
1045 * async request operation was completed */
1046 talloc_free(ares);
1047 return ldb_request_done(req, LDB_SUCCESS);
1048 }
1049
1050 talloc_free(ares);
1051
1052 return LDB_SUCCESS;
1053 }
1054
1055 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1056 {
1057 struct ldb_result *res;
1058 unsigned int n;
1059 int ret;
1060
1061 res = talloc_get_type(req->context, struct ldb_result);
1062
1063 if (!ares) {
1064 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1065 }
1066
1067 if (ares->error != LDB_SUCCESS) {
1068 ret = ares->error;
1069 talloc_free(ares);
1070 return ldb_request_done(req, ret);
1071 }
1072
1073 switch (ares->type) {
1074 case LDB_REPLY_REFERRAL:
1075 if (res->refs) {
1076 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1077 } else {
1078 n = 0;
1079 }
1080
1081 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1082 if (! res->refs) {
1083 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1084 }
1085
1086 res->refs[n] = talloc_move(res->refs, &ares->referral);
1087 res->refs[n + 1] = NULL;
1088 break;
1089
1090 case LDB_REPLY_DONE:
1091 talloc_free(ares);
1092 return ldb_request_done(req, LDB_SUCCESS);
1093 default:
1094 talloc_free(ares);
1095 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1096 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1097 }
1098
1099 talloc_free(ares);
1100 return ldb_request_done(req, LDB_SUCCESS);
1101 }
1102
1103 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1104 {
1105 int ret;
1106
1107 if (!ares) {
1108 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1109 }
1110
1111 if (ares->error != LDB_SUCCESS) {
1112 ret = ares->error;
1113 talloc_free(ares);
1114 return ldb_request_done(req, ret);
1115 }
1116
1117 if (ares->type != LDB_REPLY_DONE) {
1118 talloc_free(ares);
1119 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1120 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1121 }
1122
1123 talloc_free(ares);
1124 return ldb_request_done(req, LDB_SUCCESS);
1125 }
1126
1127 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1128 struct ldb_context *ldb,
1129 TALLOC_CTX *mem_ctx,
1130 struct ldb_dn *base,
1131 enum ldb_scope scope,
1132 struct ldb_parse_tree *tree,
1133 const char * const *attrs,
1134 struct ldb_control **controls,
1135 void *context,
1136 ldb_request_callback_t callback,
1137 struct ldb_request *parent)
1138 {
1139 struct ldb_request *req;
1140
1141 *ret_req = NULL;
1142
1143 req = talloc(mem_ctx, struct ldb_request);
1144 if (req == NULL) {
1145 ldb_oom(ldb);
1146 return LDB_ERR_OPERATIONS_ERROR;
1147 }
1148
1149 req->operation = LDB_SEARCH;
1150 if (base == NULL) {
1151 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1152 } else {
1153 req->op.search.base = base;
1154 }
1155 req->op.search.scope = scope;
1156
1157 req->op.search.tree = tree;
1158 if (req->op.search.tree == NULL) {
1159 ldb_set_errstring(ldb, "'tree' can't be NULL");
1160 talloc_free(req);
1161 return LDB_ERR_OPERATIONS_ERROR;
1162 }
1163
1164 req->op.search.attrs = attrs;
1165 req->controls = controls;
1166 req->context = context;
1167 req->callback = callback;
1168
1169 ldb_set_timeout_from_prev_req(ldb, parent, req);
1170
1171 req->handle = ldb_handle_new(req, ldb);
1172 if (req->handle == NULL) {
1173 ldb_oom(ldb);
1174 return LDB_ERR_OPERATIONS_ERROR;
1175 }
1176
1177 if (parent) {
1178 req->handle->nesting++;
1179 req->handle->parent = parent;
1180 req->handle->flags = parent->handle->flags;
1181 req->handle->custom_flags = parent->handle->custom_flags;
1182 }
1183
1184 *ret_req = req;
1185 return LDB_SUCCESS;
1186 }
1187
1188 int ldb_build_search_req(struct ldb_request **ret_req,
1189 struct ldb_context *ldb,
1190 TALLOC_CTX *mem_ctx,
1191 struct ldb_dn *base,
1192 enum ldb_scope scope,
1193 const char *expression,
1194 const char * const *attrs,
1195 struct ldb_control **controls,
1196 void *context,
1197 ldb_request_callback_t callback,
1198 struct ldb_request *parent)
1199 {
1200 struct ldb_parse_tree *tree;
1201 int ret;
1202
1203 tree = ldb_parse_tree(mem_ctx, expression);
1204 if (tree == NULL) {
1205 ldb_set_errstring(ldb, "Unable to parse search expression");
1206 return LDB_ERR_OPERATIONS_ERROR;
1207 }
1208
1209 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1210 scope, tree, attrs, controls,
1211 context, callback, parent);
1212 if (ret == LDB_SUCCESS) {
1213 talloc_steal(*ret_req, tree);
1214 }
1215 return ret;
1216 }
1217
1218 int ldb_build_add_req(struct ldb_request **ret_req,
1219 struct ldb_context *ldb,
1220 TALLOC_CTX *mem_ctx,
1221 const struct ldb_message *message,
1222 struct ldb_control **controls,
1223 void *context,
1224 ldb_request_callback_t callback,
1225 struct ldb_request *parent)
1226 {
1227 struct ldb_request *req;
1228
1229 *ret_req = NULL;
1230
1231 req = talloc(mem_ctx, struct ldb_request);
1232 if (req == NULL) {
1233 ldb_set_errstring(ldb, "Out of Memory");
1234 return LDB_ERR_OPERATIONS_ERROR;
1235 }
1236
1237 req->operation = LDB_ADD;
1238 req->op.add.message = message;
1239 req->controls = controls;
1240 req->context = context;
1241 req->callback = callback;
1242
1243 ldb_set_timeout_from_prev_req(ldb, parent, req);
1244
1245 req->handle = ldb_handle_new(req, ldb);
1246 if (req->handle == NULL) {
1247 ldb_oom(ldb);
1248 return LDB_ERR_OPERATIONS_ERROR;
1249 }
1250
1251 if (parent) {
1252 req->handle->nesting++;
1253 req->handle->parent = parent;
1254 req->handle->flags = parent->handle->flags;
1255 req->handle->custom_flags = parent->handle->custom_flags;
1256 }
1257
1258 *ret_req = req;
1259
1260 return LDB_SUCCESS;
1261 }
1262
1263 int ldb_build_mod_req(struct ldb_request **ret_req,
1264 struct ldb_context *ldb,
1265 TALLOC_CTX *mem_ctx,
1266 const struct ldb_message *message,
1267 struct ldb_control **controls,
1268 void *context,
1269 ldb_request_callback_t callback,
1270 struct ldb_request *parent)
1271 {
1272 struct ldb_request *req;
1273
1274 *ret_req = NULL;
1275
1276 req = talloc(mem_ctx, struct ldb_request);
1277 if (req == NULL) {
1278 ldb_set_errstring(ldb, "Out of Memory");
1279 return LDB_ERR_OPERATIONS_ERROR;
1280 }
1281
1282 req->operation = LDB_MODIFY;
1283 req->op.mod.message = message;
1284 req->controls = controls;
1285 req->context = context;
1286 req->callback = callback;
1287
1288 ldb_set_timeout_from_prev_req(ldb, parent, req);
1289
1290 req->handle = ldb_handle_new(req, ldb);
1291 if (req->handle == NULL) {
1292 ldb_oom(ldb);
1293 return LDB_ERR_OPERATIONS_ERROR;
1294 }
1295
1296 if (parent) {
1297 req->handle->nesting++;
1298 req->handle->parent = parent;
1299 req->handle->flags = parent->handle->flags;
1300 req->handle->custom_flags = parent->handle->custom_flags;
1301 }
1302
1303 *ret_req = req;
1304
1305 return LDB_SUCCESS;
1306 }
1307
1308 int ldb_build_del_req(struct ldb_request **ret_req,
1309 struct ldb_context *ldb,
1310 TALLOC_CTX *mem_ctx,
1311 struct ldb_dn *dn,
1312 struct ldb_control **controls,
1313 void *context,
1314 ldb_request_callback_t callback,
1315 struct ldb_request *parent)
1316 {
1317 struct ldb_request *req;
1318
1319 *ret_req = NULL;
1320
1321 req = talloc(mem_ctx, struct ldb_request);
1322 if (req == NULL) {
1323 ldb_set_errstring(ldb, "Out of Memory");
1324 return LDB_ERR_OPERATIONS_ERROR;
1325 }
1326
1327 req->operation = LDB_DELETE;
1328 req->op.del.dn = dn;
1329 req->controls = controls;
1330 req->context = context;
1331 req->callback = callback;
1332
1333 ldb_set_timeout_from_prev_req(ldb, parent, req);
1334
1335 req->handle = ldb_handle_new(req, ldb);
1336 if (req->handle == NULL) {
1337 ldb_oom(ldb);
1338 return LDB_ERR_OPERATIONS_ERROR;
1339 }
1340
1341 if (parent) {
1342 req->handle->nesting++;
1343 req->handle->parent = parent;
1344 req->handle->flags = parent->handle->flags;
1345 req->handle->custom_flags = parent->handle->custom_flags;
1346 }
1347
1348 *ret_req = req;
1349
1350 return LDB_SUCCESS;
1351 }
1352
1353 int ldb_build_rename_req(struct ldb_request **ret_req,
1354 struct ldb_context *ldb,
1355 TALLOC_CTX *mem_ctx,
1356 struct ldb_dn *olddn,
1357 struct ldb_dn *newdn,
1358 struct ldb_control **controls,
1359 void *context,
1360 ldb_request_callback_t callback,
1361 struct ldb_request *parent)
1362 {
1363 struct ldb_request *req;
1364
1365 *ret_req = NULL;
1366
1367 req = talloc(mem_ctx, struct ldb_request);
1368 if (req == NULL) {
1369 ldb_set_errstring(ldb, "Out of Memory");
1370 return LDB_ERR_OPERATIONS_ERROR;
1371 }
1372
1373 req->operation = LDB_RENAME;
1374 req->op.rename.olddn = olddn;
1375 req->op.rename.newdn = newdn;
1376 req->controls = controls;
1377 req->context = context;
1378 req->callback = callback;
1379
1380 ldb_set_timeout_from_prev_req(ldb, parent, req);
1381
1382 req->handle = ldb_handle_new(req, ldb);
1383 if (req->handle == NULL) {
1384 ldb_oom(ldb);
1385 return LDB_ERR_OPERATIONS_ERROR;
1386 }
1387
1388 if (parent) {
1389 req->handle->nesting++;
1390 req->handle->parent = parent;
1391 req->handle->flags = parent->handle->flags;
1392 req->handle->custom_flags = parent->handle->custom_flags;
1393 }
1394
1395 *ret_req = req;
1396
1397 return LDB_SUCCESS;
1398 }
1399
1400 int ldb_extended_default_callback(struct ldb_request *req,
1401 struct ldb_reply *ares)
1402 {
1403 struct ldb_result *res;
1404
1405 res = talloc_get_type(req->context, struct ldb_result);
1406
1407 if (!ares) {
1408 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1409 }
1410 if (ares->error != LDB_SUCCESS) {
1411 return ldb_request_done(req, ares->error);
1412 }
1413
1414 if (ares->type == LDB_REPLY_DONE) {
1415
1416 /* TODO: we should really support controls on entries and referrals too! */
1417 res->extended = talloc_move(res, &ares->response);
1418 res->controls = talloc_move(res, &ares->controls);
1419
1420 talloc_free(ares);
1421 return ldb_request_done(req, LDB_SUCCESS);
1422 }
1423
1424 talloc_free(ares);
1425 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1426 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1427 }
1428
1429 int ldb_build_extended_req(struct ldb_request **ret_req,
1430 struct ldb_context *ldb,
1431 TALLOC_CTX *mem_ctx,
1432 const char *oid,
1433 void *data,
1434 struct ldb_control **controls,
1435 void *context,
1436 ldb_request_callback_t callback,
1437 struct ldb_request *parent)
1438 {
1439 struct ldb_request *req;
1440
1441 *ret_req = NULL;
1442
1443 req = talloc(mem_ctx, struct ldb_request);
1444 if (req == NULL) {
1445 ldb_set_errstring(ldb, "Out of Memory");
1446 return LDB_ERR_OPERATIONS_ERROR;
1447 }
1448
1449 req->operation = LDB_EXTENDED;
1450 req->op.extended.oid = oid;
1451 req->op.extended.data = data;
1452 req->controls = controls;
1453 req->context = context;
1454 req->callback = callback;
1455
1456 ldb_set_timeout_from_prev_req(ldb, parent, req);
1457
1458 req->handle = ldb_handle_new(req, ldb);
1459 if (req->handle == NULL) {
1460 ldb_oom(ldb);
1461 return LDB_ERR_OPERATIONS_ERROR;
1462 }
1463
1464 if (parent) {
1465 req->handle->nesting++;
1466 req->handle->parent = parent;
1467 req->handle->flags = parent->handle->flags;
1468 req->handle->custom_flags = parent->handle->custom_flags;
1469 }
1470
1471 *ret_req = req;
1472
1473 return LDB_SUCCESS;
1474 }
1475
1476 int ldb_extended(struct ldb_context *ldb,
1477 const char *oid,
1478 void *data,
1479 struct ldb_result **_res)
1480 {
1481 struct ldb_request *req;
1482 int ret;
1483 struct ldb_result *res;
1484
1485 *_res = NULL;
1486 req = NULL;
1487
1488 res = talloc_zero(ldb, struct ldb_result);
1489 if (!res) {
1490 return LDB_ERR_OPERATIONS_ERROR;
1491 }
1492
1493 ret = ldb_build_extended_req(&req, ldb, ldb,
1494 oid, data, NULL,
1495 res, ldb_extended_default_callback,
1496 NULL);
1497 ldb_req_set_location(req, "ldb_extended");
1498
1499 if (ret != LDB_SUCCESS) goto done;
1500
1501 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1502
1503 ret = ldb_request(ldb, req);
1504
1505 if (ret == LDB_SUCCESS) {
1506 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1507 }
1508
1509 done:
1510 if (ret != LDB_SUCCESS) {
1511 talloc_free(res);
1512 res = NULL;
1513 }
1514
1515 talloc_free(req);
1516
1517 *_res = res;
1518 return ret;
1519 }
1520
1521 /*
1522 note that ldb_search() will automatically replace a NULL 'base' value
1523 with the defaultNamingContext from the rootDSE if available.
1524 */
1525 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1526 struct ldb_result **result, struct ldb_dn *base,
1527 enum ldb_scope scope, const char * const *attrs,
1528 const char *exp_fmt, ...)
1529 {
1530 struct ldb_request *req;
1531 struct ldb_result *res;
1532 char *expression;
1533 va_list ap;
1534 int ret;
1535
1536 expression = NULL;
1537 *result = NULL;
1538 req = NULL;
1539
1540 res = talloc_zero(mem_ctx, struct ldb_result);
1541 if (!res) {
1542 return LDB_ERR_OPERATIONS_ERROR;
1543 }
1544
1545 if (exp_fmt) {
1546 va_start(ap, exp_fmt);
1547 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1548 va_end(ap);
1549
1550 if (!expression) {
1551 talloc_free(res);
1552 return LDB_ERR_OPERATIONS_ERROR;
1553 }
1554 }
1555
1556 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1557 base?base:ldb_get_default_basedn(ldb),
1558 scope,
1559 expression,
1560 attrs,
1561 NULL,
1562 res,
1563 ldb_search_default_callback,
1564 NULL);
1565 ldb_req_set_location(req, "ldb_search");
1566
1567 if (ret != LDB_SUCCESS) goto done;
1568
1569 ret = ldb_request(ldb, req);
1570
1571 if (ret == LDB_SUCCESS) {
1572 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1573 }
1574
1575 done:
1576 if (ret != LDB_SUCCESS) {
1577 talloc_free(res);
1578 res = NULL;
1579 }
1580
1581 talloc_free(expression);
1582 talloc_free(req);
1583
1584 *result = res;
1585 return ret;
1586 }
1587
1588 /*
1589 add a record to the database. Will fail if a record with the given class
1590 and key already exists
1591 */
1592 int ldb_add(struct ldb_context *ldb,
1593 const struct ldb_message *message)
1594 {
1595 struct ldb_request *req;
1596 int ret;
1597
1598 ret = ldb_msg_sanity_check(ldb, message);
1599 if (ret != LDB_SUCCESS) {
1600 return ret;
1601 }
1602
1603 ret = ldb_build_add_req(&req, ldb, ldb,
1604 message,
1605 NULL,
1606 NULL,
1607 ldb_op_default_callback,
1608 NULL);
1609 ldb_req_set_location(req, "ldb_add");
1610
1611 if (ret != LDB_SUCCESS) return ret;
1612
1613 /* do request and autostart a transaction */
1614 ret = ldb_autotransaction_request(ldb, req);
1615
1616 talloc_free(req);
1617 return ret;
1618 }
1619
1620 /*
1621 modify the specified attributes of a record
1622 */
1623 int ldb_modify(struct ldb_context *ldb,
1624 const struct ldb_message *message)
1625 {
1626 struct ldb_request *req;
1627 int ret;
1628
1629 ret = ldb_msg_sanity_check(ldb, message);
1630 if (ret != LDB_SUCCESS) {
1631 return ret;
1632 }
1633
1634 ret = ldb_build_mod_req(&req, ldb, ldb,
1635 message,
1636 NULL,
1637 NULL,
1638 ldb_op_default_callback,
1639 NULL);
1640 ldb_req_set_location(req, "ldb_modify");
1641
1642 if (ret != LDB_SUCCESS) return ret;
1643
1644 /* do request and autostart a transaction */
1645 ret = ldb_autotransaction_request(ldb, req);
1646
1647 talloc_free(req);
1648 return ret;
1649 }
1650
1651
1652 /*
1653 delete a record from the database
1654 */
1655 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1656 {
1657 struct ldb_request *req;
1658 int ret;
1659
1660 ret = ldb_build_del_req(&req, ldb, ldb,
1661 dn,
1662 NULL,
1663 NULL,
1664 ldb_op_default_callback,
1665 NULL);
1666 ldb_req_set_location(req, "ldb_delete");
1667
1668 if (ret != LDB_SUCCESS) return ret;
1669
1670 /* do request and autostart a transaction */
1671 ret = ldb_autotransaction_request(ldb, req);
1672
1673 talloc_free(req);
1674 return ret;
1675 }
1676
1677 /*
1678 rename a record in the database
1679 */
1680 int ldb_rename(struct ldb_context *ldb,
1681 struct ldb_dn *olddn, struct ldb_dn *newdn)
1682 {
1683 struct ldb_request *req;
1684 int ret;
1685
1686 ret = ldb_build_rename_req(&req, ldb, ldb,
1687 olddn,
1688 newdn,
1689 NULL,
1690 NULL,
1691 ldb_op_default_callback,
1692 NULL);
1693 ldb_req_set_location(req, "ldb_rename");
1694
1695 if (ret != LDB_SUCCESS) return ret;
1696
1697 /* do request and autostart a transaction */
1698 ret = ldb_autotransaction_request(ldb, req);
1699
1700 talloc_free(req);
1701 return ret;
1702 }
1703
1704
1705 /*
1706 return the global sequence number
1707 */
1708 int ldb_sequence_number(struct ldb_context *ldb,
1709 enum ldb_sequence_type type, uint64_t *seq_num)
1710 {
1711 struct ldb_seqnum_request *seq;
1712 struct ldb_seqnum_result *seqr;
1713 struct ldb_result *res;
1714 TALLOC_CTX *tmp_ctx;
1715 int ret;
1716
1717 *seq_num = 0;
1718
1719 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1720 if (tmp_ctx == NULL) {
1721 ldb_set_errstring(ldb, "Out of Memory");
1722 return LDB_ERR_OPERATIONS_ERROR;
1723 }
1724 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1725 if (seq == NULL) {
1726 ldb_set_errstring(ldb, "Out of Memory");
1727 ret = LDB_ERR_OPERATIONS_ERROR;
1728 goto done;
1729 }
1730 seq->type = type;
1731
1732 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1733 if (ret != LDB_SUCCESS) {
1734 goto done;
1735 }
1736 talloc_steal(tmp_ctx, res);
1737
1738 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1739 ldb_set_errstring(ldb, "Invalid OID in reply");
1740 ret = LDB_ERR_OPERATIONS_ERROR;
1741 goto done;
1742 }
1743 seqr = talloc_get_type(res->extended->data,
1744 struct ldb_seqnum_result);
1745 *seq_num = seqr->seq_num;
1746
1747 done:
1748 talloc_free(tmp_ctx);
1749 return ret;
1750 }
1751
1752 /*
1753 return extended error information
1754 */
1755 const char *ldb_errstring(struct ldb_context *ldb)
1756 {
1757 if (ldb->err_string) {
1758 return ldb->err_string;
1759 }
1760
1761 return NULL;
1762 }
1763
1764 /*
1765 return a string explaining what a ldb error constant meancs
1766 */
1767 const char *ldb_strerror(int ldb_err)
1768 {
1769 switch (ldb_err) {
1770 case LDB_SUCCESS:
1771 return "Success";
1772 case LDB_ERR_OPERATIONS_ERROR:
1773 return "Operations error";
1774 case LDB_ERR_PROTOCOL_ERROR:
1775 return "Protocol error";
1776 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1777 return "Time limit exceeded";
1778 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1779 return "Size limit exceeded";
1780 case LDB_ERR_COMPARE_FALSE:
1781 return "Compare false";
1782 case LDB_ERR_COMPARE_TRUE:
1783 return "Compare true";
1784 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1785 return "Auth method not supported";
1786 case LDB_ERR_STRONG_AUTH_REQUIRED:
1787 return "Strong auth required";
1788 /* 9 RESERVED */
1789 case LDB_ERR_REFERRAL:
1790 return "Referral error";
1791 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1792 return "Admin limit exceeded";
1793 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1794 return "Unsupported critical extension";
1795 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1796 return "Confidentiality required";
1797 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1798 return "SASL bind in progress";
1799 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1800 return "No such attribute";
1801 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1802 return "Undefined attribute type";
1803 case LDB_ERR_INAPPROPRIATE_MATCHING:
1804 return "Inappropriate matching";
1805 case LDB_ERR_CONSTRAINT_VIOLATION:
1806 return "Constraint violation";
1807 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1808 return "Attribute or value exists";
1809 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1810 return "Invalid attribute syntax";
1811 /* 22-31 unused */
1812 case LDB_ERR_NO_SUCH_OBJECT:
1813 return "No such object";
1814 case LDB_ERR_ALIAS_PROBLEM:
1815 return "Alias problem";
1816 case LDB_ERR_INVALID_DN_SYNTAX:
1817 return "Invalid DN syntax";
1818 /* 35 RESERVED */
1819 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1820 return "Alias dereferencing problem";
1821 /* 37-47 unused */
1822 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1823 return "Inappropriate authentication";
1824 case LDB_ERR_INVALID_CREDENTIALS:
1825 return "Invalid credentials";
1826 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1827 return "insufficient access rights";
1828 case LDB_ERR_BUSY:
1829 return "Busy";
1830 case LDB_ERR_UNAVAILABLE:
1831 return "Unavailable";
1832 case LDB_ERR_UNWILLING_TO_PERFORM:
1833 return "Unwilling to perform";
1834 case LDB_ERR_LOOP_DETECT:
1835 return "Loop detect";
1836 /* 55-63 unused */
1837 case LDB_ERR_NAMING_VIOLATION:
1838 return "Naming violation";
1839 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1840 return "Object class violation";
1841 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1842 return "Not allowed on non-leaf";
1843 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1844 return "Not allowed on RDN";
1845 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1846 return "Entry already exists";
1847 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1848 return "Object class mods prohibited";
1849 /* 70 RESERVED FOR CLDAP */
1850 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1851 return "Affects multiple DSAs";
1852 /* 72-79 unused */
1853 case LDB_ERR_OTHER:
1854 return "Other";
1855 }
1856
1857 return "Unknown error";
1858 }
1859
1860 /*
1861 set backend specific opaque parameters
1862 */
1863 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1864 {
1865 struct ldb_opaque *o;
1866
1867 /* allow updating an existing value */
1868 for (o=ldb->opaque;o;o=o->next) {
1869 if (strcmp(o->name, name) == 0) {
1870 o->value = value;
1871 return LDB_SUCCESS;
1872 }
1873 }
1874
1875 o = talloc(ldb, struct ldb_opaque);
1876 if (o == NULL) {
1877 ldb_oom(ldb);
1878 return LDB_ERR_OTHER;
1879 }
1880 o->next = ldb->opaque;
1881 o->name = name;
1882 o->value = value;
1883 ldb->opaque = o;
1884 return LDB_SUCCESS;
1885 }
1886
1887 /*
1888 get a previously set opaque value
1889 */
1890 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1891 {
1892 struct ldb_opaque *o;
1893 for (o=ldb->opaque;o;o=o->next) {
1894 if (strcmp(o->name, name) == 0) {
1895 return o->value;
1896 }
1897 }
1898 return NULL;
1899 }
1900
1901 int ldb_global_init(void)
1902 {
1903 /* Provided for compatibility with some older versions of ldb */
1904 return 0;
1905 }
1906
1907 /* return the ldb flags */
1908 unsigned int ldb_get_flags(struct ldb_context *ldb)
1909 {
1910 return ldb->flags;
1911 }
1912
1913 /* set the ldb flags */
1914 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
1915 {
1916 ldb->flags = flags;
1917 }
1918
1919
1920 /*
1921 set the location in a ldb request. Used for debugging
1922 */
1923 void ldb_req_set_location(struct ldb_request *req, const char *location)
1924 {
1925 if (req && req->handle) {
1926 req->handle->location = location;
1927 }
1928 }
1929
1930 /*
1931 return the location set with dsdb_req_set_location
1932 */
1933 const char *ldb_req_location(struct ldb_request *req)
1934 {
1935 return req->handle->location;
1936 }
1937
1938 /**
1939 mark a request as untrusted. This tells the rootdse module to remove
1940 unregistered controls
1941 */
1942 void ldb_req_mark_untrusted(struct ldb_request *req)
1943 {
1944 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
1945 }
1946
1947 /**
1948 mark a request as trusted.
1949 */
1950 void ldb_req_mark_trusted(struct ldb_request *req)
1951 {
1952 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
1953 }
1954
1955 /**
1956 set custom flags. Those flags are set by applications using ldb,
1957 they are application dependent and the same bit can have different
1958 meaning in different application.
1959 */
1960 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
1961 {
1962 if (req != NULL && req->handle != NULL) {
1963 req->handle->custom_flags = flags;
1964 }
1965 }
1966
1967
1968 /**
1969 get custom flags. Those flags are set by applications using ldb,
1970 they are application dependent and the same bit can have different
1971 meaning in different application.
1972 */
1973 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
1974 {
1975 if (req != NULL && req->handle != NULL) {
1976 return req->handle->custom_flags;
1977 }
1978
1979 /*
1980 * 0 is not something any better or worse than
1981 * anything else as req or the handle is NULL
1982 */
1983 return 0;
1984 }
1985
1986
1987 /**
1988 * return true if a request is untrusted
1989 */
1990 bool ldb_req_is_untrusted(struct ldb_request *req)
1991 {
1992 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
1993 }
Samba GIT mirror