4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context
*ctx
;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code
)
74 return LDB_ERR_OPERATIONS_ERROR
;
76 return LDB_ERR_PROTOCOL_ERROR
;
80 case TDB_ERR_LOCK_TIMEOUT
:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED
;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS
;
85 return LDB_ERR_NO_SUCH_OBJECT
;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS
;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 static int ltdb_lock_read(struct ldb_module
*module
)
99 void *data
= ldb_module_get_private(module
);
100 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
103 pid_t pid
= getpid();
105 if (ltdb
->pid
!= pid
) {
106 ldb_asprintf_errstring(
107 ldb_module_get_ctx(module
),
108 __location__
": Reusing ldb opend by pid %d in "
112 return LDB_ERR_PROTOCOL_ERROR
;
115 if (tdb_transaction_active(ltdb
->tdb
) == false &&
116 ltdb
->read_lock_count
== 0) {
117 tdb_ret
= tdb_lockall_read(ltdb
->tdb
);
120 ltdb
->read_lock_count
++;
123 ret
= ltdb_err_map(tdb_error(ltdb
->tdb
));
124 if (ret
== LDB_SUCCESS
) {
125 ret
= LDB_ERR_OPERATIONS_ERROR
;
127 ldb_debug_set(ldb_module_get_ctx(module
),
129 "Failure during ltdb_lock_read(): %s -> %s",
130 tdb_errorstr(ltdb
->tdb
),
136 unlock the database after a ltdb_lock_read()
138 static int ltdb_unlock_read(struct ldb_module
*module
)
140 void *data
= ldb_module_get_private(module
);
141 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
142 pid_t pid
= getpid();
144 if (ltdb
->pid
!= pid
) {
145 ldb_asprintf_errstring(
146 ldb_module_get_ctx(module
),
147 __location__
": Reusing ldb opend by pid %d in "
151 return LDB_ERR_PROTOCOL_ERROR
;
153 if (!tdb_transaction_active(ltdb
->tdb
) && ltdb
->read_lock_count
== 1) {
154 tdb_unlockall_read(ltdb
->tdb
);
155 ltdb
->read_lock_count
--;
158 ltdb
->read_lock_count
--;
164 * Determine if this key could hold a record. We allow the new GUID
165 * index, the old DN index and a possible future ID=
167 bool ltdb_key_is_record(TDB_DATA key
)
173 if (memcmp(key
.dptr
, "DN=", 3) == 0) {
177 if (memcmp(key
.dptr
, "ID=", 3) == 0) {
181 if (key
.dsize
< sizeof(LTDB_GUID_KEY_PREFIX
)) {
185 if (memcmp(key
.dptr
, LTDB_GUID_KEY_PREFIX
,
186 sizeof(LTDB_GUID_KEY_PREFIX
) - 1) == 0) {
194 form a TDB_DATA for a record key
197 note that the key for a record can depend on whether the
198 dn refers to a case sensitive index record or not
200 TDB_DATA
ltdb_key_dn(struct ldb_module
*module
, TALLOC_CTX
*mem_ctx
,
204 char *key_str
= NULL
;
205 const char *dn_folded
= NULL
;
208 most DNs are case insensitive. The exception is index DNs for
209 case sensitive attributes
211 there are 3 cases dealt with in this code:
213 1) if the dn doesn't start with @ then uppercase the attribute
214 names and the attributes values of case insensitive attributes
215 2) if the dn starts with @ then leave it alone -
216 the indexing code handles the rest
219 dn_folded
= ldb_dn_get_casefold(dn
);
224 key_str
= talloc_strdup(mem_ctx
, "DN=");
229 key_str
= talloc_strdup_append_buffer(key_str
, dn_folded
);
234 key
.dptr
= (uint8_t *)key_str
;
235 key
.dsize
= strlen(key_str
) + 1;
246 /* The caller is to provide a correctly sized key */
247 int ltdb_guid_to_key(struct ldb_module
*module
,
248 struct ltdb_private
*ltdb
,
249 const struct ldb_val
*GUID_val
,
252 const char *GUID_prefix
= LTDB_GUID_KEY_PREFIX
;
253 const int GUID_prefix_len
= sizeof(LTDB_GUID_KEY_PREFIX
) - 1;
255 if (key
->dsize
!= (GUID_val
->length
+GUID_prefix_len
)) {
256 return LDB_ERR_OPERATIONS_ERROR
;
259 memcpy(key
->dptr
, GUID_prefix
, GUID_prefix_len
);
260 memcpy(&key
->dptr
[GUID_prefix_len
],
261 GUID_val
->data
, GUID_val
->length
);
266 * The caller is to provide a correctly sized key, used only in
267 * the GUID index mode
269 int ltdb_idx_to_key(struct ldb_module
*module
,
270 struct ltdb_private
*ltdb
,
272 const struct ldb_val
*idx_val
,
275 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
278 if (ltdb
->cache
->GUID_index_attribute
!= NULL
) {
279 return ltdb_guid_to_key(module
, ltdb
,
283 dn
= ldb_dn_from_ldb_val(mem_ctx
, ldb
, idx_val
);
286 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
287 * to the caller, as this in an invalid index value
289 return LDB_ERR_OPERATIONS_ERROR
;
292 *key
= ltdb_key_dn(module
, mem_ctx
, dn
);
295 return ldb_module_oom(module
);
301 form a TDB_DATA for a record key
302 caller frees mem_ctx, which may or may not have the key
305 note that the key for a record can depend on whether a
306 GUID index is in use, or the DN is used as the key
308 TDB_DATA
ltdb_key_msg(struct ldb_module
*module
, TALLOC_CTX
*mem_ctx
,
309 const struct ldb_message
*msg
)
311 void *data
= ldb_module_get_private(module
);
312 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
314 const struct ldb_val
*guid_val
;
317 if (ltdb
->cache
->GUID_index_attribute
== NULL
) {
318 return ltdb_key_dn(module
, mem_ctx
, msg
->dn
);
321 if (ldb_dn_is_special(msg
->dn
)) {
322 return ltdb_key_dn(module
, mem_ctx
, msg
->dn
);
325 guid_val
= ldb_msg_find_ldb_val(msg
,
326 ltdb
->cache
->GUID_index_attribute
);
327 if (guid_val
== NULL
) {
328 ldb_asprintf_errstring(ldb_module_get_ctx(module
),
329 "Did not find GUID attribute %s "
330 "in %s, required for TDB record "
331 "key in " LTDB_IDXGUID
" mode.",
332 ltdb
->cache
->GUID_index_attribute
,
333 ldb_dn_get_linearized(msg
->dn
));
340 /* In this case, allocate with talloc */
341 key
.dptr
= talloc_size(mem_ctx
, LTDB_GUID_KEY_SIZE
);
342 if (key
.dptr
== NULL
) {
348 key
.dsize
= talloc_get_size(key
.dptr
);
350 ret
= ltdb_guid_to_key(module
, ltdb
, guid_val
, &key
);
352 if (ret
!= LDB_SUCCESS
) {
362 check special dn's have valid attributes
363 currently only @ATTRIBUTES is checked
365 static int ltdb_check_special_dn(struct ldb_module
*module
,
366 const struct ldb_message
*msg
)
368 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
371 if (! ldb_dn_is_special(msg
->dn
) ||
372 ! ldb_dn_check_special(msg
->dn
, LTDB_ATTRIBUTES
)) {
376 /* we have @ATTRIBUTES, let's check attributes are fine */
377 /* should we check that we deny multivalued attributes ? */
378 for (i
= 0; i
< msg
->num_elements
; i
++) {
379 if (ldb_attr_cmp(msg
->elements
[i
].name
, "distinguishedName") == 0) continue;
381 for (j
= 0; j
< msg
->elements
[i
].num_values
; j
++) {
382 if (ltdb_check_at_attributes_values(&msg
->elements
[i
].values
[j
]) != 0) {
383 ldb_set_errstring(ldb
, "Invalid attribute value in an @ATTRIBUTES entry");
384 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX
;
394 we've made a modification to a dn - possibly reindex and
395 update sequence number
397 static int ltdb_modified(struct ldb_module
*module
, struct ldb_dn
*dn
)
399 int ret
= LDB_SUCCESS
;
400 struct ltdb_private
*ltdb
= talloc_get_type(ldb_module_get_private(module
), struct ltdb_private
);
402 /* only allow modifies inside a transaction, otherwise the
404 if (ltdb
->kv_ops
->transaction_active(ltdb
) == false) {
405 ldb_set_errstring(ldb_module_get_ctx(module
), "ltdb modify without transaction");
406 return LDB_ERR_OPERATIONS_ERROR
;
409 if (ldb_dn_is_special(dn
) &&
410 (ldb_dn_check_special(dn
, LTDB_INDEXLIST
) ||
411 ldb_dn_check_special(dn
, LTDB_ATTRIBUTES
)) )
413 if (ltdb
->warn_reindex
) {
414 ldb_debug(ldb_module_get_ctx(module
),
415 LDB_DEBUG_ERROR
, "Reindexing %s due to modification on %s",
416 ltdb
->kv_ops
->name(ltdb
), ldb_dn_get_linearized(dn
));
418 ret
= ltdb_reindex(module
);
421 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
422 if (ret
== LDB_SUCCESS
&&
423 !(ldb_dn_is_special(dn
) &&
424 ldb_dn_check_special(dn
, LTDB_BASEINFO
)) ) {
425 ret
= ltdb_increase_sequence_number(module
);
428 /* If the modify was to @OPTIONS, reload the cache */
429 if (ret
== LDB_SUCCESS
&&
430 ldb_dn_is_special(dn
) &&
431 (ldb_dn_check_special(dn
, LTDB_OPTIONS
)) ) {
432 ret
= ltdb_cache_reload(module
);
435 if (ret
!= LDB_SUCCESS
) {
436 ltdb
->reindex_failed
= true;
442 static int ltdb_tdb_store(struct ltdb_private
*ltdb
, struct ldb_val ldb_key
,
443 struct ldb_val ldb_data
, int flags
)
446 .dptr
= ldb_key
.data
,
447 .dsize
= ldb_key
.length
450 .dptr
= ldb_data
.data
,
451 .dsize
= ldb_data
.length
453 bool transaction_active
= tdb_transaction_active(ltdb
->tdb
);
454 if (transaction_active
== false){
455 return LDB_ERR_PROTOCOL_ERROR
;
457 return tdb_store(ltdb
->tdb
, key
, data
, flags
);
460 static int ltdb_error(struct ltdb_private
*ltdb
)
462 return ltdb_err_map(tdb_error(ltdb
->tdb
));
465 static const char *ltdb_errorstr(struct ltdb_private
*ltdb
)
467 return tdb_errorstr(ltdb
->tdb
);
471 store a record into the db
473 int ltdb_store(struct ldb_module
*module
, const struct ldb_message
*msg
, int flgs
)
475 void *data
= ldb_module_get_private(module
);
476 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
478 struct ldb_val ldb_key
;
479 struct ldb_val ldb_data
;
480 int ret
= LDB_SUCCESS
;
481 TALLOC_CTX
*tdb_key_ctx
= talloc_new(module
);
483 if (tdb_key_ctx
== NULL
) {
484 return ldb_module_oom(module
);
487 if (ltdb
->read_only
) {
488 return LDB_ERR_UNWILLING_TO_PERFORM
;
491 tdb_key
= ltdb_key_msg(module
, tdb_key_ctx
, msg
);
492 if (tdb_key
.dptr
== NULL
) {
493 TALLOC_FREE(tdb_key_ctx
);
494 return LDB_ERR_OTHER
;
497 ret
= ldb_pack_data(ldb_module_get_ctx(module
),
500 TALLOC_FREE(tdb_key_ctx
);
501 return LDB_ERR_OTHER
;
504 ldb_key
.data
= tdb_key
.dptr
;
505 ldb_key
.length
= tdb_key
.dsize
;
507 ret
= ltdb
->kv_ops
->store(ltdb
, ldb_key
, ldb_data
, flgs
);
509 bool is_special
= ldb_dn_is_special(msg
->dn
);
510 ret
= ltdb
->kv_ops
->error(ltdb
);
513 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
514 * the GUID, so re-map
516 if (ret
== LDB_ERR_ENTRY_ALREADY_EXISTS
518 && ltdb
->cache
->GUID_index_attribute
!= NULL
) {
519 ret
= LDB_ERR_CONSTRAINT_VIOLATION
;
525 TALLOC_FREE(tdb_key_ctx
);
526 talloc_free(ldb_data
.data
);
533 check if a attribute is a single valued, for a given element
535 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute
*a
,
536 struct ldb_message_element
*el
)
538 if (!a
) return false;
540 if (el
->flags
& LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK
) {
541 /* override from a ldb module, for example
542 used for the description field, which is
543 marked multi-valued in the schema but which
544 should not actually accept multiple
548 if (el
->flags
& LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
) {
549 /* override from a ldb module, for example used for
550 deleted linked attribute entries */
554 if (a
->flags
& LDB_ATTR_FLAG_SINGLE_VALUE
) {
560 static int ltdb_add_internal(struct ldb_module
*module
,
561 struct ltdb_private
*ltdb
,
562 const struct ldb_message
*msg
,
563 bool check_single_value
)
565 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
566 int ret
= LDB_SUCCESS
;
569 for (i
=0;i
<msg
->num_elements
;i
++) {
570 struct ldb_message_element
*el
= &msg
->elements
[i
];
571 const struct ldb_schema_attribute
*a
= ldb_schema_attribute_by_name(ldb
, el
->name
);
573 if (el
->num_values
== 0) {
574 ldb_asprintf_errstring(ldb
, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
575 el
->name
, ldb_dn_get_linearized(msg
->dn
));
576 return LDB_ERR_CONSTRAINT_VIOLATION
;
578 if (check_single_value
&&
579 el
->num_values
> 1 &&
580 ldb_tdb_single_valued(a
, el
)) {
581 ldb_asprintf_errstring(ldb
, "SINGLE-VALUE attribute %s on %s specified more than once",
582 el
->name
, ldb_dn_get_linearized(msg
->dn
));
583 return LDB_ERR_CONSTRAINT_VIOLATION
;
586 /* Do not check "@ATTRIBUTES" for duplicated values */
587 if (ldb_dn_is_special(msg
->dn
) &&
588 ldb_dn_check_special(msg
->dn
, LTDB_ATTRIBUTES
)) {
592 if (check_single_value
&&
594 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
)) {
595 struct ldb_val
*duplicate
= NULL
;
597 ret
= ldb_msg_find_duplicate_val(ldb
, discard_const(msg
),
599 if (ret
!= LDB_SUCCESS
) {
602 if (duplicate
!= NULL
) {
603 ldb_asprintf_errstring(
605 "attribute '%s': value '%.*s' on '%s' "
606 "provided more than once in ADD object",
608 (int)duplicate
->length
,
610 ldb_dn_get_linearized(msg
->dn
));
611 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
616 ret
= ltdb_store(module
, msg
, TDB_INSERT
);
617 if (ret
!= LDB_SUCCESS
) {
619 * Try really hard to get the right error code for
620 * a re-add situation, as this can matter!
622 if (ret
== LDB_ERR_CONSTRAINT_VIOLATION
) {
624 struct ldb_dn
*dn2
= NULL
;
625 TALLOC_CTX
*mem_ctx
= talloc_new(module
);
626 if (mem_ctx
== NULL
) {
627 return ldb_module_operr(module
);
629 ret2
= ltdb_search_base(module
, mem_ctx
,
631 TALLOC_FREE(mem_ctx
);
632 if (ret2
== LDB_SUCCESS
) {
633 ret
= LDB_ERR_ENTRY_ALREADY_EXISTS
;
636 if (ret
== LDB_ERR_ENTRY_ALREADY_EXISTS
) {
637 ldb_asprintf_errstring(ldb
,
638 "Entry %s already exists",
639 ldb_dn_get_linearized(msg
->dn
));
644 ret
= ltdb_index_add_new(module
, ltdb
, msg
);
645 if (ret
!= LDB_SUCCESS
) {
647 * If we failed to index, delete the message again.
649 * This is particularly important for the GUID index
650 * case, which will only fail for a duplicate DN
653 * Note that the caller may not cancel the transation
654 * and this means the above add might really show up!
656 ltdb_delete_noindex(module
, msg
);
660 ret
= ltdb_modified(module
, msg
->dn
);
666 add a record to the database
668 static int ltdb_add(struct ltdb_context
*ctx
)
670 struct ldb_module
*module
= ctx
->module
;
671 struct ldb_request
*req
= ctx
->req
;
672 void *data
= ldb_module_get_private(module
);
673 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
674 int ret
= LDB_SUCCESS
;
676 if (ltdb
->max_key_length
!= 0 &&
677 ltdb
->cache
->GUID_index_attribute
== NULL
&&
678 !ldb_dn_is_special(req
->op
.add
.message
->dn
))
680 ldb_set_errstring(ldb_module_get_ctx(module
),
681 "Must operate ldb_mdb in GUID "
682 "index mode, but " LTDB_IDXGUID
" not set.");
683 return LDB_ERR_UNWILLING_TO_PERFORM
;
686 ret
= ltdb_check_special_dn(module
, req
->op
.add
.message
);
687 if (ret
!= LDB_SUCCESS
) {
691 ldb_request_set_state(req
, LDB_ASYNC_PENDING
);
693 if (ltdb_cache_load(module
) != 0) {
694 return LDB_ERR_OPERATIONS_ERROR
;
697 ret
= ltdb_add_internal(module
, ltdb
,
698 req
->op
.add
.message
, true);
703 static int ltdb_tdb_delete(struct ltdb_private
*ltdb
, struct ldb_val ldb_key
)
706 .dptr
= ldb_key
.data
,
707 .dsize
= ldb_key
.length
709 bool transaction_active
= tdb_transaction_active(ltdb
->tdb
);
710 if (transaction_active
== false){
711 return LDB_ERR_PROTOCOL_ERROR
;
713 return tdb_delete(ltdb
->tdb
, tdb_key
);
717 delete a record from the database, not updating indexes (used for deleting
720 int ltdb_delete_noindex(struct ldb_module
*module
,
721 const struct ldb_message
*msg
)
723 void *data
= ldb_module_get_private(module
);
724 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
725 struct ldb_val ldb_key
;
728 TALLOC_CTX
*tdb_key_ctx
= talloc_new(module
);
730 if (tdb_key_ctx
== NULL
) {
731 return ldb_module_oom(module
);
734 if (ltdb
->read_only
) {
735 return LDB_ERR_UNWILLING_TO_PERFORM
;
738 tdb_key
= ltdb_key_msg(module
, tdb_key_ctx
, msg
);
740 TALLOC_FREE(tdb_key_ctx
);
741 return LDB_ERR_OTHER
;
744 ldb_key
.data
= tdb_key
.dptr
;
745 ldb_key
.length
= tdb_key
.dsize
;
747 ret
= ltdb
->kv_ops
->delete(ltdb
, ldb_key
);
748 TALLOC_FREE(tdb_key_ctx
);
751 ret
= ltdb
->kv_ops
->error(ltdb
);
757 static int ltdb_delete_internal(struct ldb_module
*module
, struct ldb_dn
*dn
)
759 struct ldb_message
*msg
;
760 int ret
= LDB_SUCCESS
;
762 msg
= ldb_msg_new(module
);
764 return LDB_ERR_OPERATIONS_ERROR
;
767 /* in case any attribute of the message was indexed, we need
768 to fetch the old record */
769 ret
= ltdb_search_dn1(module
, dn
, msg
, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC
);
770 if (ret
!= LDB_SUCCESS
) {
771 /* not finding the old record is an error */
775 ret
= ltdb_delete_noindex(module
, msg
);
776 if (ret
!= LDB_SUCCESS
) {
780 /* remove any indexed attributes */
781 ret
= ltdb_index_delete(module
, msg
);
782 if (ret
!= LDB_SUCCESS
) {
786 ret
= ltdb_modified(module
, dn
);
787 if (ret
!= LDB_SUCCESS
) {
797 delete a record from the database
799 static int ltdb_delete(struct ltdb_context
*ctx
)
801 struct ldb_module
*module
= ctx
->module
;
802 struct ldb_request
*req
= ctx
->req
;
803 int ret
= LDB_SUCCESS
;
805 ldb_request_set_state(req
, LDB_ASYNC_PENDING
);
807 if (ltdb_cache_load(module
) != 0) {
808 return LDB_ERR_OPERATIONS_ERROR
;
811 ret
= ltdb_delete_internal(module
, req
->op
.del
.dn
);
817 find an element by attribute name. At the moment this does a linear search,
818 it should be re-coded to use a binary search once all places that modify
819 records guarantee sorted order
821 return the index of the first matching element if found, otherwise -1
823 static int find_element(const struct ldb_message
*msg
, const char *name
)
826 for (i
=0;i
<msg
->num_elements
;i
++) {
827 if (ldb_attr_cmp(msg
->elements
[i
].name
, name
) == 0) {
836 add an element to an existing record. Assumes a elements array that we
837 can call re-alloc on, and assumed that we can re-use the data pointers from
838 the passed in additional values. Use with care!
840 returns 0 on success, -1 on failure (and sets errno)
842 static int ltdb_msg_add_element(struct ldb_message
*msg
,
843 struct ldb_message_element
*el
)
845 struct ldb_message_element
*e2
;
848 if (el
->num_values
== 0) {
849 /* nothing to do here - we don't add empty elements */
853 e2
= talloc_realloc(msg
, msg
->elements
, struct ldb_message_element
,
854 msg
->num_elements
+1);
862 e2
= &msg
->elements
[msg
->num_elements
];
865 e2
->flags
= el
->flags
;
866 e2
->values
= talloc_array(msg
->elements
,
867 struct ldb_val
, el
->num_values
);
872 for (i
=0;i
<el
->num_values
;i
++) {
873 e2
->values
[i
] = el
->values
[i
];
875 e2
->num_values
= el
->num_values
;
883 delete all elements having a specified attribute name
885 static int msg_delete_attribute(struct ldb_module
*module
,
886 struct ltdb_private
*ltdb
,
887 struct ldb_message
*msg
, const char *name
)
891 struct ldb_message_element
*el
;
892 bool is_special
= ldb_dn_is_special(msg
->dn
);
895 && ltdb
->cache
->GUID_index_attribute
!= NULL
896 && ldb_attr_cmp(name
, ltdb
->cache
->GUID_index_attribute
) == 0) {
897 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
898 ldb_asprintf_errstring(ldb
, "Must not modify GUID "
899 "attribute %s (used as DB index)",
900 ltdb
->cache
->GUID_index_attribute
);
901 return LDB_ERR_CONSTRAINT_VIOLATION
;
904 el
= ldb_msg_find_element(msg
, name
);
906 return LDB_ERR_NO_SUCH_ATTRIBUTE
;
908 i
= el
- msg
->elements
;
910 ret
= ltdb_index_del_element(module
, ltdb
, msg
, el
);
911 if (ret
!= LDB_SUCCESS
) {
915 talloc_free(el
->values
);
916 if (msg
->num_elements
> (i
+1)) {
917 memmove(el
, el
+1, sizeof(*el
) * (msg
->num_elements
- (i
+1)));
920 msg
->elements
= talloc_realloc(msg
, msg
->elements
,
921 struct ldb_message_element
,
927 delete all elements matching an attribute name/value
929 return LDB Error on failure
931 static int msg_delete_element(struct ldb_module
*module
,
932 struct ltdb_private
*ltdb
,
933 struct ldb_message
*msg
,
935 const struct ldb_val
*val
)
937 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
940 struct ldb_message_element
*el
;
941 const struct ldb_schema_attribute
*a
;
943 found
= find_element(msg
, name
);
945 return LDB_ERR_NO_SUCH_ATTRIBUTE
;
948 i
= (unsigned int) found
;
949 el
= &(msg
->elements
[i
]);
951 a
= ldb_schema_attribute_by_name(ldb
, el
->name
);
953 for (i
=0;i
<el
->num_values
;i
++) {
955 if (a
->syntax
->operator_fn
) {
956 ret
= a
->syntax
->operator_fn(ldb
, LDB_OP_EQUALITY
, a
,
957 &el
->values
[i
], val
, &matched
);
958 if (ret
!= LDB_SUCCESS
) return ret
;
960 matched
= (a
->syntax
->comparison_fn(ldb
, ldb
,
961 &el
->values
[i
], val
) == 0);
964 if (el
->num_values
== 1) {
965 return msg_delete_attribute(module
,
969 ret
= ltdb_index_del_value(module
, ltdb
, msg
, el
, i
);
970 if (ret
!= LDB_SUCCESS
) {
974 if (i
<el
->num_values
-1) {
975 memmove(&el
->values
[i
], &el
->values
[i
+1],
976 sizeof(el
->values
[i
])*
977 (el
->num_values
-(i
+1)));
981 /* per definition we find in a canonicalised message an
982 attribute value only once. So we are finished here */
988 return LDB_ERR_NO_SUCH_ATTRIBUTE
;
992 modify a record - internal interface
994 yuck - this is O(n^2). Luckily n is usually small so we probably
995 get away with it, but if we ever have really large attribute lists
996 then we'll need to look at this again
998 'req' is optional, and is used to specify controls if supplied
1000 int ltdb_modify_internal(struct ldb_module
*module
,
1001 const struct ldb_message
*msg
,
1002 struct ldb_request
*req
)
1004 struct ldb_context
*ldb
= ldb_module_get_ctx(module
);
1005 void *data
= ldb_module_get_private(module
);
1006 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1007 struct ldb_message
*msg2
;
1009 int ret
= LDB_SUCCESS
, idx
;
1010 struct ldb_control
*control_permissive
= NULL
;
1011 TALLOC_CTX
*mem_ctx
= talloc_new(req
);
1013 if (mem_ctx
== NULL
) {
1014 return ldb_module_oom(module
);
1018 control_permissive
= ldb_request_get_control(req
,
1019 LDB_CONTROL_PERMISSIVE_MODIFY_OID
);
1022 msg2
= ldb_msg_new(mem_ctx
);
1024 ret
= LDB_ERR_OTHER
;
1028 ret
= ltdb_search_dn1(module
, msg
->dn
,
1030 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC
);
1031 if (ret
!= LDB_SUCCESS
) {
1035 for (i
=0; i
<msg
->num_elements
; i
++) {
1036 struct ldb_message_element
*el
= &msg
->elements
[i
], *el2
;
1037 struct ldb_val
*vals
;
1038 const struct ldb_schema_attribute
*a
= ldb_schema_attribute_by_name(ldb
, el
->name
);
1040 uint32_t options
= 0;
1041 if (control_permissive
!= NULL
) {
1042 options
|= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES
;
1045 switch (msg
->elements
[i
].flags
& LDB_FLAG_MOD_MASK
) {
1046 case LDB_FLAG_MOD_ADD
:
1048 if (el
->num_values
== 0) {
1049 ldb_asprintf_errstring(ldb
,
1050 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
1051 el
->name
, ldb_dn_get_linearized(msg2
->dn
));
1052 ret
= LDB_ERR_CONSTRAINT_VIOLATION
;
1056 /* make a copy of the array so that a permissive
1057 * control can remove duplicates without changing the
1058 * original values, but do not copy data as we do not
1059 * need to keep it around once the operation is
1061 if (control_permissive
) {
1062 el
= talloc(msg2
, struct ldb_message_element
);
1064 ret
= LDB_ERR_OTHER
;
1067 *el
= msg
->elements
[i
];
1068 el
->values
= talloc_array(el
, struct ldb_val
, el
->num_values
);
1069 if (el
->values
== NULL
) {
1070 ret
= LDB_ERR_OTHER
;
1073 for (j
= 0; j
< el
->num_values
; j
++) {
1074 el
->values
[j
] = msg
->elements
[i
].values
[j
];
1078 if (el
->num_values
> 1 && ldb_tdb_single_valued(a
, el
)) {
1079 ldb_asprintf_errstring(ldb
, "SINGLE-VALUE attribute %s on %s specified more than once",
1080 el
->name
, ldb_dn_get_linearized(msg2
->dn
));
1081 ret
= LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
1085 /* Checks if element already exists */
1086 idx
= find_element(msg2
, el
->name
);
1088 if (ltdb_msg_add_element(msg2
, el
) != 0) {
1089 ret
= LDB_ERR_OTHER
;
1092 ret
= ltdb_index_add_element(module
, ltdb
,
1095 if (ret
!= LDB_SUCCESS
) {
1099 j
= (unsigned int) idx
;
1100 el2
= &(msg2
->elements
[j
]);
1102 /* We cannot add another value on a existing one
1103 if the attribute is single-valued */
1104 if (ldb_tdb_single_valued(a
, el
)) {
1105 ldb_asprintf_errstring(ldb
, "SINGLE-VALUE attribute %s on %s specified more than once",
1106 el
->name
, ldb_dn_get_linearized(msg2
->dn
));
1107 ret
= LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
1111 /* Check that values don't exist yet on multi-
1112 valued attributes or aren't provided twice */
1114 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
)) {
1115 struct ldb_val
*duplicate
= NULL
;
1116 ret
= ldb_msg_find_common_values(ldb
,
1123 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
) {
1124 ldb_asprintf_errstring(ldb
,
1125 "attribute '%s': value "
1126 "#%u on '%s' already "
1127 "exists", el
->name
, j
,
1128 ldb_dn_get_linearized(msg2
->dn
));
1130 } else if (ret
!= LDB_SUCCESS
) {
1134 ret
= ldb_msg_find_duplicate_val(
1135 ldb
, msg2
, el
, &duplicate
, 0);
1136 if (ret
!= LDB_SUCCESS
) {
1139 if (duplicate
!= NULL
) {
1140 ldb_asprintf_errstring(
1142 "attribute '%s': value "
1144 "provided more than "
1147 (int)duplicate
->length
,
1149 ldb_dn_get_linearized(msg
->dn
));
1150 ret
= LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
1155 /* Now combine existing and new values to a new
1157 vals
= talloc_realloc(msg2
->elements
,
1158 el2
->values
, struct ldb_val
,
1159 el2
->num_values
+ el
->num_values
);
1162 ret
= LDB_ERR_OTHER
;
1166 for (j
=0; j
<el
->num_values
; j
++) {
1167 vals
[el2
->num_values
+ j
] =
1168 ldb_val_dup(vals
, &el
->values
[j
]);
1172 el2
->num_values
+= el
->num_values
;
1174 ret
= ltdb_index_add_element(module
, ltdb
,
1176 if (ret
!= LDB_SUCCESS
) {
1183 case LDB_FLAG_MOD_REPLACE
:
1185 if (el
->num_values
> 1 && ldb_tdb_single_valued(a
, el
)) {
1186 ldb_asprintf_errstring(ldb
, "SINGLE-VALUE attribute %s on %s specified more than once",
1187 el
->name
, ldb_dn_get_linearized(msg2
->dn
));
1188 ret
= LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
1193 * We don't need to check this if we have been
1194 * pre-screened by the repl_meta_data module
1195 * in Samba, or someone else who can claim to
1196 * know what they are doing.
1198 if (!(el
->flags
& LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
)) {
1199 struct ldb_val
*duplicate
= NULL
;
1201 ret
= ldb_msg_find_duplicate_val(ldb
, msg2
, el
,
1203 if (ret
!= LDB_SUCCESS
) {
1206 if (duplicate
!= NULL
) {
1207 ldb_asprintf_errstring(
1209 "attribute '%s': value '%.*s' "
1210 "on '%s' provided more than "
1213 (int)duplicate
->length
,
1215 ldb_dn_get_linearized(msg2
->dn
));
1216 ret
= LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
;
1221 /* Checks if element already exists */
1222 idx
= find_element(msg2
, el
->name
);
1224 j
= (unsigned int) idx
;
1225 el2
= &(msg2
->elements
[j
]);
1227 /* we consider two elements to be
1228 * equal only if the order
1229 * matches. This allows dbcheck to
1230 * fix the ordering on attributes
1231 * where order matters, such as
1234 if (ldb_msg_element_equal_ordered(el
, el2
)) {
1238 /* Delete the attribute if it exists in the DB */
1239 if (msg_delete_attribute(module
, ltdb
,
1242 ret
= LDB_ERR_OTHER
;
1247 /* Recreate it with the new values */
1248 if (ltdb_msg_add_element(msg2
, el
) != 0) {
1249 ret
= LDB_ERR_OTHER
;
1253 ret
= ltdb_index_add_element(module
, ltdb
,
1255 if (ret
!= LDB_SUCCESS
) {
1261 case LDB_FLAG_MOD_DELETE
:
1262 dn
= ldb_dn_get_linearized(msg2
->dn
);
1264 ret
= LDB_ERR_OTHER
;
1268 if (msg
->elements
[i
].num_values
== 0) {
1269 /* Delete the whole attribute */
1270 ret
= msg_delete_attribute(module
,
1273 msg
->elements
[i
].name
);
1274 if (ret
== LDB_ERR_NO_SUCH_ATTRIBUTE
&&
1275 control_permissive
) {
1278 ldb_asprintf_errstring(ldb
,
1279 "attribute '%s': no such attribute for delete on '%s'",
1280 msg
->elements
[i
].name
, dn
);
1282 if (ret
!= LDB_SUCCESS
) {
1286 /* Delete specified values from an attribute */
1287 for (j
=0; j
< msg
->elements
[i
].num_values
; j
++) {
1288 ret
= msg_delete_element(module
,
1291 msg
->elements
[i
].name
,
1292 &msg
->elements
[i
].values
[j
]);
1293 if (ret
== LDB_ERR_NO_SUCH_ATTRIBUTE
&&
1294 control_permissive
) {
1296 } else if (ret
== LDB_ERR_NO_SUCH_ATTRIBUTE
) {
1297 ldb_asprintf_errstring(ldb
,
1298 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1299 msg
->elements
[i
].name
, dn
);
1301 if (ret
!= LDB_SUCCESS
) {
1308 ldb_asprintf_errstring(ldb
,
1309 "attribute '%s': invalid modify flags on '%s': 0x%x",
1310 msg
->elements
[i
].name
, ldb_dn_get_linearized(msg
->dn
),
1311 msg
->elements
[i
].flags
& LDB_FLAG_MOD_MASK
);
1312 ret
= LDB_ERR_PROTOCOL_ERROR
;
1317 ret
= ltdb_store(module
, msg2
, TDB_MODIFY
);
1318 if (ret
!= LDB_SUCCESS
) {
1322 ret
= ltdb_modified(module
, msg2
->dn
);
1323 if (ret
!= LDB_SUCCESS
) {
1328 TALLOC_FREE(mem_ctx
);
1335 static int ltdb_modify(struct ltdb_context
*ctx
)
1337 struct ldb_module
*module
= ctx
->module
;
1338 struct ldb_request
*req
= ctx
->req
;
1339 int ret
= LDB_SUCCESS
;
1341 ret
= ltdb_check_special_dn(module
, req
->op
.mod
.message
);
1342 if (ret
!= LDB_SUCCESS
) {
1346 ldb_request_set_state(req
, LDB_ASYNC_PENDING
);
1348 if (ltdb_cache_load(module
) != 0) {
1349 return LDB_ERR_OPERATIONS_ERROR
;
1352 ret
= ltdb_modify_internal(module
, req
->op
.mod
.message
, req
);
1360 static int ltdb_rename(struct ltdb_context
*ctx
)
1362 struct ldb_module
*module
= ctx
->module
;
1363 void *data
= ldb_module_get_private(module
);
1364 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1365 struct ldb_request
*req
= ctx
->req
;
1366 struct ldb_message
*msg
;
1367 int ret
= LDB_SUCCESS
;
1368 TDB_DATA tdb_key
, tdb_key_old
;
1369 struct ldb_dn
*db_dn
;
1371 ldb_request_set_state(req
, LDB_ASYNC_PENDING
);
1373 if (ltdb_cache_load(ctx
->module
) != 0) {
1374 return LDB_ERR_OPERATIONS_ERROR
;
1377 msg
= ldb_msg_new(ctx
);
1379 return LDB_ERR_OPERATIONS_ERROR
;
1382 /* we need to fetch the old record to re-add under the new name */
1383 ret
= ltdb_search_dn1(module
, req
->op
.rename
.olddn
, msg
,
1384 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC
);
1385 if (ret
!= LDB_SUCCESS
) {
1386 /* not finding the old record is an error */
1390 /* We need to, before changing the DB, check if the new DN
1391 * exists, so we can return this error to the caller with an
1394 * Even in GUID index mode we use ltdb_key_dn() as we are
1395 * trying to figure out if this is just a case rename
1397 tdb_key
= ltdb_key_dn(module
, msg
, req
->op
.rename
.newdn
);
1398 if (!tdb_key
.dptr
) {
1400 return LDB_ERR_OPERATIONS_ERROR
;
1403 tdb_key_old
= ltdb_key_dn(module
, msg
, req
->op
.rename
.olddn
);
1404 if (!tdb_key_old
.dptr
) {
1406 talloc_free(tdb_key
.dptr
);
1407 return LDB_ERR_OPERATIONS_ERROR
;
1411 * Only declare a conflict if the new DN already exists,
1412 * and it isn't a case change on the old DN
1414 if (tdb_key_old
.dsize
!= tdb_key
.dsize
1415 || memcmp(tdb_key
.dptr
, tdb_key_old
.dptr
, tdb_key
.dsize
) != 0) {
1416 ret
= ltdb_search_base(module
, msg
,
1417 req
->op
.rename
.newdn
,
1419 if (ret
== LDB_SUCCESS
) {
1420 ret
= LDB_ERR_ENTRY_ALREADY_EXISTS
;
1421 } else if (ret
== LDB_ERR_NO_SUCH_OBJECT
) {
1426 /* finding the new record already in the DB is an error */
1428 if (ret
== LDB_ERR_ENTRY_ALREADY_EXISTS
) {
1429 ldb_asprintf_errstring(ldb_module_get_ctx(module
),
1430 "Entry %s already exists",
1431 ldb_dn_get_linearized(req
->op
.rename
.newdn
));
1433 if (ret
!= LDB_SUCCESS
) {
1434 talloc_free(tdb_key_old
.dptr
);
1435 talloc_free(tdb_key
.dptr
);
1440 talloc_free(tdb_key_old
.dptr
);
1441 talloc_free(tdb_key
.dptr
);
1443 /* Always delete first then add, to avoid conflicts with
1444 * unique indexes. We rely on the transaction to make this
1447 ret
= ltdb_delete_internal(module
, msg
->dn
);
1448 if (ret
!= LDB_SUCCESS
) {
1453 msg
->dn
= ldb_dn_copy(msg
, req
->op
.rename
.newdn
);
1454 if (msg
->dn
== NULL
) {
1456 return LDB_ERR_OPERATIONS_ERROR
;
1459 /* We don't check single value as we can have more than 1 with
1460 * deleted attributes. We could go through all elements but that's
1461 * maybe not the most efficient way
1463 ret
= ltdb_add_internal(module
, ltdb
, msg
, false);
1470 static int ltdb_tdb_transaction_start(struct ltdb_private
*ltdb
)
1472 pid_t pid
= getpid();
1474 if (ltdb
->pid
!= pid
) {
1475 ldb_asprintf_errstring(
1476 ldb_module_get_ctx(ltdb
->module
),
1477 __location__
": Reusing ldb opend by pid %d in "
1481 return LDB_ERR_PROTOCOL_ERROR
;
1484 return tdb_transaction_start(ltdb
->tdb
);
1487 static int ltdb_tdb_transaction_cancel(struct ltdb_private
*ltdb
)
1489 pid_t pid
= getpid();
1491 if (ltdb
->pid
!= pid
) {
1492 ldb_asprintf_errstring(
1493 ldb_module_get_ctx(ltdb
->module
),
1494 __location__
": Reusing ldb opend by pid %d in "
1498 return LDB_ERR_PROTOCOL_ERROR
;
1501 return tdb_transaction_cancel(ltdb
->tdb
);
1504 static int ltdb_tdb_transaction_prepare_commit(struct ltdb_private
*ltdb
)
1506 pid_t pid
= getpid();
1508 if (ltdb
->pid
!= pid
) {
1509 ldb_asprintf_errstring(
1510 ldb_module_get_ctx(ltdb
->module
),
1511 __location__
": Reusing ldb opend by pid %d in "
1515 return LDB_ERR_PROTOCOL_ERROR
;
1518 return tdb_transaction_prepare_commit(ltdb
->tdb
);
1521 static int ltdb_tdb_transaction_commit(struct ltdb_private
*ltdb
)
1523 pid_t pid
= getpid();
1525 if (ltdb
->pid
!= pid
) {
1526 ldb_asprintf_errstring(
1527 ldb_module_get_ctx(ltdb
->module
),
1528 __location__
": Reusing ldb opend by pid %d in "
1532 return LDB_ERR_PROTOCOL_ERROR
;
1535 return tdb_transaction_commit(ltdb
->tdb
);
1538 static int ltdb_start_trans(struct ldb_module
*module
)
1540 void *data
= ldb_module_get_private(module
);
1541 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1543 pid_t pid
= getpid();
1545 if (ltdb
->pid
!= pid
) {
1546 ldb_asprintf_errstring(
1547 ldb_module_get_ctx(ltdb
->module
),
1548 __location__
": Reusing ldb opend by pid %d in "
1552 return LDB_ERR_PROTOCOL_ERROR
;
1555 /* Do not take out the transaction lock on a read-only DB */
1556 if (ltdb
->read_only
) {
1557 return LDB_ERR_UNWILLING_TO_PERFORM
;
1560 if (ltdb
->kv_ops
->begin_write(ltdb
) != 0) {
1561 return ltdb
->kv_ops
->error(ltdb
);
1565 ltdb_index_transaction_start(module
);
1567 ltdb
->reindex_failed
= false;
1573 * Forward declaration to allow prepare_commit to in fact abort the
1576 static int ltdb_del_trans(struct ldb_module
*module
);
1578 static int ltdb_prepare_commit(struct ldb_module
*module
)
1581 void *data
= ldb_module_get_private(module
);
1582 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1583 pid_t pid
= getpid();
1585 if (ltdb
->pid
!= pid
) {
1586 ldb_asprintf_errstring(
1587 ldb_module_get_ctx(module
),
1588 __location__
": Reusing ldb opend by pid %d in "
1592 return LDB_ERR_PROTOCOL_ERROR
;
1595 if (!ltdb
->kv_ops
->transaction_active(ltdb
)) {
1596 ldb_set_errstring(ldb_module_get_ctx(module
),
1597 "ltdb_prepare_commit() called "
1598 "without transaction active");
1599 return LDB_ERR_OPERATIONS_ERROR
;
1603 * Check if the last re-index failed.
1605 * This can happen if for example a duplicate value was marked
1606 * unique. We must not write a partial re-index into the DB.
1608 if (ltdb
->reindex_failed
) {
1610 * We must instead abort the transaction so we get the
1611 * old values and old index back
1613 ltdb_del_trans(module
);
1614 ldb_set_errstring(ldb_module_get_ctx(module
),
1615 "Failure during re-index, so "
1616 "transaction must be aborted.");
1617 return LDB_ERR_OPERATIONS_ERROR
;
1620 ret
= ltdb_index_transaction_commit(module
);
1621 if (ret
!= LDB_SUCCESS
) {
1622 ltdb
->kv_ops
->abort_write(ltdb
);
1626 if (ltdb
->kv_ops
->prepare_write(ltdb
) != 0) {
1627 ret
= ltdb
->kv_ops
->error(ltdb
);
1628 ldb_debug_set(ldb_module_get_ctx(module
),
1631 "prepare_write): %s -> %s",
1632 ltdb
->kv_ops
->errorstr(ltdb
),
1637 ltdb
->prepared_commit
= true;
1642 static int ltdb_end_trans(struct ldb_module
*module
)
1645 void *data
= ldb_module_get_private(module
);
1646 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1648 if (!ltdb
->prepared_commit
) {
1649 ret
= ltdb_prepare_commit(module
);
1650 if (ret
!= LDB_SUCCESS
) {
1655 ltdb
->prepared_commit
= false;
1657 if (ltdb
->kv_ops
->finish_write(ltdb
) != 0) {
1658 ret
= ltdb
->kv_ops
->error(ltdb
);
1659 ldb_asprintf_errstring(ldb_module_get_ctx(module
),
1660 "Failure during tdb_transaction_commit(): %s -> %s",
1661 ltdb
->kv_ops
->errorstr(ltdb
),
1669 static int ltdb_del_trans(struct ldb_module
*module
)
1671 void *data
= ldb_module_get_private(module
);
1672 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1675 if (ltdb_index_transaction_cancel(module
) != 0) {
1676 ltdb
->kv_ops
->abort_write(ltdb
);
1677 return ltdb
->kv_ops
->error(ltdb
);
1680 ltdb
->kv_ops
->abort_write(ltdb
);
1685 return sequenceNumber from @BASEINFO
1687 static int ltdb_sequence_number(struct ltdb_context
*ctx
,
1688 struct ldb_extended
**ext
)
1690 struct ldb_context
*ldb
;
1691 struct ldb_module
*module
= ctx
->module
;
1692 struct ldb_request
*req
= ctx
->req
;
1693 void *data
= ldb_module_get_private(module
);
1694 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
1695 TALLOC_CTX
*tmp_ctx
= NULL
;
1696 struct ldb_seqnum_request
*seq
;
1697 struct ldb_seqnum_result
*res
;
1698 struct ldb_message
*msg
= NULL
;
1701 int ret
= LDB_SUCCESS
;
1703 ldb
= ldb_module_get_ctx(module
);
1705 seq
= talloc_get_type(req
->op
.extended
.data
,
1706 struct ldb_seqnum_request
);
1708 return LDB_ERR_OPERATIONS_ERROR
;
1711 ldb_request_set_state(req
, LDB_ASYNC_PENDING
);
1713 if (ltdb
->kv_ops
->lock_read(module
) != 0) {
1714 return LDB_ERR_OPERATIONS_ERROR
;
1717 res
= talloc_zero(req
, struct ldb_seqnum_result
);
1719 ret
= LDB_ERR_OPERATIONS_ERROR
;
1723 tmp_ctx
= talloc_new(req
);
1724 if (tmp_ctx
== NULL
) {
1725 ret
= LDB_ERR_OPERATIONS_ERROR
;
1729 dn
= ldb_dn_new(tmp_ctx
, ldb
, LTDB_BASEINFO
);
1731 ret
= LDB_ERR_OPERATIONS_ERROR
;
1735 msg
= ldb_msg_new(tmp_ctx
);
1737 ret
= LDB_ERR_OPERATIONS_ERROR
;
1741 ret
= ltdb_search_dn1(module
, dn
, msg
, 0);
1742 if (ret
!= LDB_SUCCESS
) {
1746 switch (seq
->type
) {
1747 case LDB_SEQ_HIGHEST_SEQ
:
1748 res
->seq_num
= ldb_msg_find_attr_as_uint64(msg
, LTDB_SEQUENCE_NUMBER
, 0);
1751 res
->seq_num
= ldb_msg_find_attr_as_uint64(msg
, LTDB_SEQUENCE_NUMBER
, 0);
1754 case LDB_SEQ_HIGHEST_TIMESTAMP
:
1755 date
= ldb_msg_find_attr_as_string(msg
, LTDB_MOD_TIMESTAMP
, NULL
);
1757 res
->seq_num
= ldb_string_to_time(date
);
1760 /* zero is as good as anything when we don't know */
1765 *ext
= talloc_zero(req
, struct ldb_extended
);
1767 ret
= LDB_ERR_OPERATIONS_ERROR
;
1770 (*ext
)->oid
= LDB_EXTENDED_SEQUENCE_NUMBER
;
1771 (*ext
)->data
= talloc_steal(*ext
, res
);
1774 talloc_free(tmp_ctx
);
1776 ltdb
->kv_ops
->unlock_read(module
);
1780 static void ltdb_request_done(struct ltdb_context
*ctx
, int error
)
1782 struct ldb_context
*ldb
;
1783 struct ldb_request
*req
;
1784 struct ldb_reply
*ares
;
1786 ldb
= ldb_module_get_ctx(ctx
->module
);
1789 /* if we already returned an error just return */
1790 if (ldb_request_get_status(req
) != LDB_SUCCESS
) {
1794 ares
= talloc_zero(req
, struct ldb_reply
);
1797 req
->callback(req
, NULL
);
1800 ares
->type
= LDB_REPLY_DONE
;
1801 ares
->error
= error
;
1803 req
->callback(req
, ares
);
1806 static void ltdb_timeout(struct tevent_context
*ev
,
1807 struct tevent_timer
*te
,
1811 struct ltdb_context
*ctx
;
1812 ctx
= talloc_get_type(private_data
, struct ltdb_context
);
1814 if (!ctx
->request_terminated
) {
1815 /* request is done now */
1816 ltdb_request_done(ctx
, LDB_ERR_TIME_LIMIT_EXCEEDED
);
1820 /* neutralize the spy */
1821 ctx
->spy
->ctx
= NULL
;
1827 static void ltdb_request_extended_done(struct ltdb_context
*ctx
,
1828 struct ldb_extended
*ext
,
1831 struct ldb_context
*ldb
;
1832 struct ldb_request
*req
;
1833 struct ldb_reply
*ares
;
1835 ldb
= ldb_module_get_ctx(ctx
->module
);
1838 /* if we already returned an error just return */
1839 if (ldb_request_get_status(req
) != LDB_SUCCESS
) {
1843 ares
= talloc_zero(req
, struct ldb_reply
);
1846 req
->callback(req
, NULL
);
1849 ares
->type
= LDB_REPLY_DONE
;
1850 ares
->response
= ext
;
1851 ares
->error
= error
;
1853 req
->callback(req
, ares
);
1856 static void ltdb_handle_extended(struct ltdb_context
*ctx
)
1858 struct ldb_extended
*ext
= NULL
;
1861 if (strcmp(ctx
->req
->op
.extended
.oid
,
1862 LDB_EXTENDED_SEQUENCE_NUMBER
) == 0) {
1863 /* get sequence number */
1864 ret
= ltdb_sequence_number(ctx
, &ext
);
1866 /* not recognized */
1867 ret
= LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION
;
1870 ltdb_request_extended_done(ctx
, ext
, ret
);
1874 ldb_kv_traverse_fn kv_traverse_fn
;
1876 struct ltdb_private
*ltdb
;
1877 int (*parser
)(struct ldb_val key
,
1878 struct ldb_val data
,
1879 void *private_data
);
1882 static int ldb_tdb_traverse_fn_wrapper(struct tdb_context
*tdb
, TDB_DATA tdb_key
, TDB_DATA tdb_data
, void *ctx
)
1884 struct kv_ctx
*kv_ctx
= ctx
;
1885 struct ldb_val key
= {
1886 .length
= tdb_key
.dsize
,
1887 .data
= tdb_key
.dptr
,
1889 struct ldb_val data
= {
1890 .length
= tdb_data
.dsize
,
1891 .data
= tdb_data
.dptr
,
1893 return kv_ctx
->kv_traverse_fn(kv_ctx
->ltdb
, key
, data
, kv_ctx
->ctx
);
1896 static int ltdb_tdb_traverse_fn(struct ltdb_private
*ltdb
, ldb_kv_traverse_fn fn
, void *ctx
)
1898 struct kv_ctx kv_ctx
= {
1899 .kv_traverse_fn
= fn
,
1903 if (tdb_transaction_active(ltdb
->tdb
)) {
1904 return tdb_traverse(ltdb
->tdb
, ldb_tdb_traverse_fn_wrapper
, &kv_ctx
);
1906 return tdb_traverse_read(ltdb
->tdb
, ldb_tdb_traverse_fn_wrapper
, &kv_ctx
);
1910 static int ltdb_tdb_update_in_iterate(struct ltdb_private
*ltdb
,
1911 struct ldb_val ldb_key
,
1912 struct ldb_val ldb_key2
,
1913 struct ldb_val ldb_data
, void *state
)
1916 struct ldb_context
*ldb
;
1917 struct ltdb_reindex_context
*ctx
= (struct ltdb_reindex_context
*)state
;
1918 struct ldb_module
*module
= ctx
->module
;
1920 .dptr
= ldb_key
.data
,
1921 .dsize
= ldb_key
.length
1924 .dptr
= ldb_key2
.data
,
1925 .dsize
= ldb_key2
.length
1928 .dptr
= ldb_data
.data
,
1929 .dsize
= ldb_data
.length
1932 ldb
= ldb_module_get_ctx(module
);
1934 tdb_ret
= tdb_delete(ltdb
->tdb
, key
);
1936 ldb_debug(ldb
, LDB_DEBUG_ERROR
,
1937 "Failed to delete %*.*s "
1938 "for rekey as %*.*s: %s",
1939 (int)key
.dsize
, (int)key
.dsize
,
1940 (const char *)key
.dptr
,
1941 (int)key2
.dsize
, (int)key2
.dsize
,
1942 (const char *)key
.dptr
,
1943 tdb_errorstr(ltdb
->tdb
));
1944 ctx
->error
= ltdb_err_map(tdb_error(ltdb
->tdb
));
1947 tdb_ret
= tdb_store(ltdb
->tdb
, key2
, data
, 0);
1949 ldb_debug(ldb
, LDB_DEBUG_ERROR
,
1950 "Failed to rekey %*.*s as %*.*s: %s",
1951 (int)key
.dsize
, (int)key
.dsize
,
1952 (const char *)key
.dptr
,
1953 (int)key2
.dsize
, (int)key2
.dsize
,
1954 (const char *)key
.dptr
,
1955 tdb_errorstr(ltdb
->tdb
));
1956 ctx
->error
= ltdb_err_map(tdb_error(ltdb
->tdb
));
1962 static int ltdb_tdb_parse_record_wrapper(TDB_DATA tdb_key
, TDB_DATA tdb_data
,
1965 struct kv_ctx
*kv_ctx
= ctx
;
1966 struct ldb_val key
= {
1967 .length
= tdb_key
.dsize
,
1968 .data
= tdb_key
.dptr
,
1970 struct ldb_val data
= {
1971 .length
= tdb_data
.dsize
,
1972 .data
= tdb_data
.dptr
,
1975 return kv_ctx
->parser(key
, data
, kv_ctx
->ctx
);
1978 static int ltdb_tdb_parse_record(struct ltdb_private
*ltdb
,
1979 struct ldb_val ldb_key
,
1980 int (*parser
)(struct ldb_val key
,
1981 struct ldb_val data
,
1982 void *private_data
),
1985 struct kv_ctx kv_ctx
= {
1991 .dptr
= ldb_key
.data
,
1992 .dsize
= ldb_key
.length
1996 if (tdb_transaction_active(ltdb
->tdb
) == false &&
1997 ltdb
->read_lock_count
== 0) {
1998 return LDB_ERR_PROTOCOL_ERROR
;
2001 ret
= tdb_parse_record(ltdb
->tdb
, key
, ltdb_tdb_parse_record_wrapper
,
2006 return ltdb_err_map(tdb_error(ltdb
->tdb
));
2009 static const char * ltdb_tdb_name(struct ltdb_private
*ltdb
)
2011 return tdb_name(ltdb
->tdb
);
2014 static bool ltdb_tdb_changed(struct ltdb_private
*ltdb
)
2016 int seq
= tdb_get_seqnum(ltdb
->tdb
);
2017 bool has_changed
= (seq
!= ltdb
->tdb_seqnum
);
2019 ltdb
->tdb_seqnum
= seq
;
2024 static bool ltdb_transaction_active(struct ltdb_private
*ltdb
)
2026 return tdb_transaction_active(ltdb
->tdb
);
2029 static const struct kv_db_ops key_value_ops
= {
2030 .store
= ltdb_tdb_store
,
2031 .delete = ltdb_tdb_delete
,
2032 .iterate
= ltdb_tdb_traverse_fn
,
2033 .update_in_iterate
= ltdb_tdb_update_in_iterate
,
2034 .fetch_and_parse
= ltdb_tdb_parse_record
,
2035 .lock_read
= ltdb_lock_read
,
2036 .unlock_read
= ltdb_unlock_read
,
2037 .begin_write
= ltdb_tdb_transaction_start
,
2038 .prepare_write
= ltdb_tdb_transaction_prepare_commit
,
2039 .finish_write
= ltdb_tdb_transaction_commit
,
2040 .abort_write
= ltdb_tdb_transaction_cancel
,
2041 .error
= ltdb_error
,
2042 .errorstr
= ltdb_errorstr
,
2043 .name
= ltdb_tdb_name
,
2044 .has_changed
= ltdb_tdb_changed
,
2045 .transaction_active
= ltdb_transaction_active
,
2048 static void ltdb_callback(struct tevent_context
*ev
,
2049 struct tevent_timer
*te
,
2053 struct ltdb_context
*ctx
;
2056 ctx
= talloc_get_type(private_data
, struct ltdb_context
);
2058 if (ctx
->request_terminated
) {
2062 switch (ctx
->req
->operation
) {
2064 ret
= ltdb_search(ctx
);
2067 ret
= ltdb_add(ctx
);
2070 ret
= ltdb_modify(ctx
);
2073 ret
= ltdb_delete(ctx
);
2076 ret
= ltdb_rename(ctx
);
2079 ltdb_handle_extended(ctx
);
2082 /* no other op supported */
2083 ret
= LDB_ERR_PROTOCOL_ERROR
;
2086 if (!ctx
->request_terminated
) {
2087 /* request is done now */
2088 ltdb_request_done(ctx
, ret
);
2093 /* neutralize the spy */
2094 ctx
->spy
->ctx
= NULL
;
2100 static int ltdb_request_destructor(void *ptr
)
2102 struct ltdb_req_spy
*spy
= talloc_get_type(ptr
, struct ltdb_req_spy
);
2104 if (spy
->ctx
!= NULL
) {
2105 spy
->ctx
->spy
= NULL
;
2106 spy
->ctx
->request_terminated
= true;
2113 static int ltdb_handle_request(struct ldb_module
*module
,
2114 struct ldb_request
*req
)
2116 struct ldb_control
*control_permissive
;
2117 struct ldb_context
*ldb
;
2118 struct tevent_context
*ev
;
2119 struct ltdb_context
*ac
;
2120 struct tevent_timer
*te
;
2124 ldb
= ldb_module_get_ctx(module
);
2126 control_permissive
= ldb_request_get_control(req
,
2127 LDB_CONTROL_PERMISSIVE_MODIFY_OID
);
2129 for (i
= 0; req
->controls
&& req
->controls
[i
]; i
++) {
2130 if (req
->controls
[i
]->critical
&&
2131 req
->controls
[i
] != control_permissive
) {
2132 ldb_asprintf_errstring(ldb
, "Unsupported critical extension %s",
2133 req
->controls
[i
]->oid
);
2134 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION
;
2138 if (req
->starttime
== 0 || req
->timeout
== 0) {
2139 ldb_set_errstring(ldb
, "Invalid timeout settings");
2140 return LDB_ERR_TIME_LIMIT_EXCEEDED
;
2143 ev
= ldb_handle_get_event_context(req
->handle
);
2145 ac
= talloc_zero(ldb
, struct ltdb_context
);
2148 return LDB_ERR_OPERATIONS_ERROR
;
2151 ac
->module
= module
;
2156 te
= tevent_add_timer(ev
, ac
, tv
, ltdb_callback
, ac
);
2159 return LDB_ERR_OPERATIONS_ERROR
;
2162 if (req
->timeout
> 0) {
2163 tv
.tv_sec
= req
->starttime
+ req
->timeout
;
2165 ac
->timeout_event
= tevent_add_timer(ev
, ac
, tv
,
2167 if (NULL
== ac
->timeout_event
) {
2169 return LDB_ERR_OPERATIONS_ERROR
;
2173 /* set a spy so that we do not try to use the request context
2174 * if it is freed before ltdb_callback fires */
2175 ac
->spy
= talloc(req
, struct ltdb_req_spy
);
2176 if (NULL
== ac
->spy
) {
2178 return LDB_ERR_OPERATIONS_ERROR
;
2182 talloc_set_destructor((TALLOC_CTX
*)ac
->spy
, ltdb_request_destructor
);
2187 static int ltdb_init_rootdse(struct ldb_module
*module
)
2189 /* ignore errors on this - we expect it for non-sam databases */
2190 ldb_mod_register_control(module
, LDB_CONTROL_PERMISSIVE_MODIFY_OID
);
2192 /* there can be no module beyond the backend, just return */
2197 static int generic_lock_read(struct ldb_module
*module
)
2199 void *data
= ldb_module_get_private(module
);
2200 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
2201 return ltdb
->kv_ops
->lock_read(module
);
2204 static int generic_unlock_read(struct ldb_module
*module
)
2206 void *data
= ldb_module_get_private(module
);
2207 struct ltdb_private
*ltdb
= talloc_get_type(data
, struct ltdb_private
);
2208 return ltdb
->kv_ops
->unlock_read(module
);
2211 static const struct ldb_module_ops ltdb_ops
= {
2213 .init_context
= ltdb_init_rootdse
,
2214 .search
= ltdb_handle_request
,
2215 .add
= ltdb_handle_request
,
2216 .modify
= ltdb_handle_request
,
2217 .del
= ltdb_handle_request
,
2218 .rename
= ltdb_handle_request
,
2219 .extended
= ltdb_handle_request
,
2220 .start_transaction
= ltdb_start_trans
,
2221 .end_transaction
= ltdb_end_trans
,
2222 .prepare_commit
= ltdb_prepare_commit
,
2223 .del_transaction
= ltdb_del_trans
,
2224 .read_lock
= generic_lock_read
,
2225 .read_unlock
= generic_unlock_read
,
2228 int init_store(struct ltdb_private
*ltdb
,
2230 struct ldb_context
*ldb
,
2231 const char *options
[],
2232 struct ldb_module
**_module
)
2234 if (getenv("LDB_WARN_UNINDEXED")) {
2235 ltdb
->warn_unindexed
= true;
2238 if (getenv("LDB_WARN_REINDEX")) {
2239 ltdb
->warn_reindex
= true;
2242 ltdb
->sequence_number
= 0;
2244 ltdb
->pid
= getpid();
2246 ltdb
->module
= ldb_module_new(ldb
, ldb
, name
, <db_ops
);
2247 if (!ltdb
->module
) {
2250 return LDB_ERR_OPERATIONS_ERROR
;
2252 ldb_module_set_private(ltdb
->module
, ltdb
);
2253 talloc_steal(ltdb
->module
, ltdb
);
2255 if (ltdb_cache_load(ltdb
->module
) != 0) {
2256 ldb_asprintf_errstring(ldb
, "Unable to load ltdb cache "
2257 "records for backend '%s'", name
);
2258 talloc_free(ltdb
->module
);
2259 return LDB_ERR_OPERATIONS_ERROR
;
2262 *_module
= ltdb
->module
;
2264 * Set or override the maximum key length
2266 * The ldb_mdb code will have set this to 511, but our tests
2267 * set this even smaller (to make the tests more practical).
2269 * This must only be used for the selftest as the length
2270 * becomes encoded in the index keys.
2273 const char *len_str
=
2274 ldb_options_find(ldb
, options
,
2275 "max_key_len_for_self_test");
2276 if (len_str
!= NULL
) {
2277 unsigned len
= strtoul(len_str
, NULL
, 0);
2278 ltdb
->max_key_length
= len
;
2283 * Override full DB scans
2285 * A full DB scan is expensive on a large database. This
2286 * option is for testing to show that the full DB scan is not
2290 const char *len_str
=
2291 ldb_options_find(ldb
, options
,
2292 "disable_full_db_scan_for_self_test");
2293 if (len_str
!= NULL
) {
2294 ltdb
->disable_full_db_scan
= true;
2302 connect to the database
2304 int ltdb_connect(struct ldb_context
*ldb
, const char *url
,
2305 unsigned int flags
, const char *options
[],
2306 struct ldb_module
**_module
)
2309 int tdb_flags
, open_flags
;
2310 struct ltdb_private
*ltdb
;
2313 * We hold locks, so we must use a private event context
2314 * on each returned handle
2316 ldb_set_require_private_event_context(ldb
);
2319 if (strchr(url
, ':')) {
2320 if (strncmp(url
, "tdb://", 6) != 0) {
2321 ldb_debug(ldb
, LDB_DEBUG_ERROR
,
2322 "Invalid tdb URL '%s'", url
);
2323 return LDB_ERR_OPERATIONS_ERROR
;
2330 tdb_flags
= TDB_DEFAULT
| TDB_SEQNUM
| TDB_DISALLOW_NESTING
;
2332 /* check for the 'nosync' option */
2333 if (flags
& LDB_FLG_NOSYNC
) {
2334 tdb_flags
|= TDB_NOSYNC
;
2337 /* and nommap option */
2338 if (flags
& LDB_FLG_NOMMAP
) {
2339 tdb_flags
|= TDB_NOMMAP
;
2342 ltdb
= talloc_zero(ldb
, struct ltdb_private
);
2345 return LDB_ERR_OPERATIONS_ERROR
;
2348 if (flags
& LDB_FLG_RDONLY
) {
2350 * This is weird, but because we can only have one tdb
2351 * in this process, and the other one could be
2352 * read-write, we can't use the tdb readonly. Plus a
2353 * read only tdb prohibits the all-record lock.
2355 open_flags
= O_RDWR
;
2357 ltdb
->read_only
= true;
2359 } else if (flags
& LDB_FLG_DONT_CREATE_DB
) {
2361 * This is used by ldbsearch to prevent creation of the database
2362 * if the name is wrong
2364 open_flags
= O_RDWR
;
2367 * This is the normal case
2369 open_flags
= O_CREAT
| O_RDWR
;
2372 ltdb
->kv_ops
= &key_value_ops
;
2375 /* note that we use quite a large default hash size */
2376 ltdb
->tdb
= ltdb_wrap_open(ltdb
, path
, 10000,
2377 tdb_flags
, open_flags
,
2378 ldb_get_create_perms(ldb
), ldb
);
2380 ldb_asprintf_errstring(ldb
,
2381 "Unable to open tdb '%s': %s", path
, strerror(errno
));
2382 ldb_debug(ldb
, LDB_DEBUG_ERROR
,
2383 "Unable to open tdb '%s': %s", path
, strerror(errno
));
2385 if (errno
== EACCES
|| errno
== EPERM
) {
2386 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS
;
2388 return LDB_ERR_OPERATIONS_ERROR
;
2391 return init_store(ltdb
, "ldb_tdb backend", ldb
, options
, _module
);