Fix bug #9147 - winbind can't fetch user or group info from AD via LDAP
[Samba/bb.git] / source4 / param / share_ldb.c
blobf4d02b295a3c0ca5633562713df119ba3fe0c960
1 /*
2 Unix SMB/CIFS implementation.
4 LDB based shares configuration
6 Copyright (C) Simo Sorce 2006
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "includes.h"
23 #include <ldb.h>
24 #include <ldb_errors.h>
25 #include "auth/auth.h"
26 #include "ldb_wrap.h"
27 #include "param/share.h"
28 #include "param/param.h"
30 NTSTATUS share_ldb_init(void);
32 static NTSTATUS sldb_init(TALLOC_CTX *mem_ctx, const struct share_ops *ops,
33 struct tevent_context *ev_ctx,
34 struct loadparm_context *lp_ctx,
35 struct share_context **ctx)
37 struct ldb_context *sdb;
39 *ctx = talloc(mem_ctx, struct share_context);
40 if (!*ctx) {
41 DEBUG(0, ("ERROR: Out of memory!\n"));
42 return NT_STATUS_NO_MEMORY;
45 sdb = ldb_wrap_connect(*ctx, ev_ctx, lp_ctx,
46 lpcfg_private_path(*ctx, lp_ctx, "share.ldb"),
47 system_session(lp_ctx),
48 NULL, 0);
50 if (!sdb) {
51 talloc_free(*ctx);
52 return NT_STATUS_UNSUCCESSFUL;
55 (*ctx)->ops = ops;
56 (*ctx)->priv_data = (void *)sdb;
58 return NT_STATUS_OK;
61 static const char *sldb_string_option(struct share_config *scfg, const char *opt_name, const char *defval)
63 struct ldb_message *msg;
64 struct ldb_message_element *el;
66 if (scfg == NULL) return defval;
68 msg = talloc_get_type(scfg->opaque, struct ldb_message);
70 if (strchr(opt_name, ':')) {
71 char *name, *p;
73 name = talloc_strdup(scfg, opt_name);
74 if (!name) {
75 return NULL;
77 p = strchr(name, ':');
78 *p = '-';
80 el = ldb_msg_find_element(msg, name);
81 } else {
82 el = ldb_msg_find_element(msg, opt_name);
85 if (el == NULL) {
86 return defval;
89 return (const char *)(el->values[0].data);
92 static int sldb_int_option(struct share_config *scfg, const char *opt_name, int defval)
94 const char *val;
95 int ret;
97 val = sldb_string_option(scfg, opt_name, NULL);
98 if (val == NULL) return defval;
100 errno = 0;
101 ret = (int)strtol(val, NULL, 10);
102 if (errno) return -1;
104 return ret;
107 static bool sldb_bool_option(struct share_config *scfg, const char *opt_name, bool defval)
109 const char *val;
111 val = sldb_string_option(scfg, opt_name, NULL);
112 if (val == NULL) return defval;
114 if (strcasecmp(val, "true") == 0) return true;
116 return false;
119 static const char **sldb_string_list_option(TALLOC_CTX *mem_ctx, struct share_config *scfg, const char *opt_name)
121 struct ldb_message *msg;
122 struct ldb_message_element *el;
123 const char **list;
124 int i;
126 if (scfg == NULL) return NULL;
128 msg = talloc_get_type(scfg->opaque, struct ldb_message);
130 if (strchr(opt_name, ':')) {
131 char *name, *p;
133 name = talloc_strdup(scfg, opt_name);
134 if (!name) {
135 return NULL;
137 p = strchr(name, ':');
138 *p = '-';
140 el = ldb_msg_find_element(msg, name);
141 } else {
142 el = ldb_msg_find_element(msg, opt_name);
145 if (el == NULL) {
146 return NULL;
149 list = talloc_array(mem_ctx, const char *, el->num_values + 1);
150 if (!list) return NULL;
152 for (i = 0; i < el->num_values; i++) {
153 list[i] = (const char *)(el->values[i].data);
155 list[i] = NULL;
157 return list;
160 static NTSTATUS sldb_list_all(TALLOC_CTX *mem_ctx,
161 struct share_context *ctx,
162 int *count,
163 const char ***names)
165 int ret, i, j;
166 const char **n;
167 struct ldb_context *ldb;
168 struct ldb_result *res;
169 TALLOC_CTX *tmp_ctx;
171 tmp_ctx = talloc_new(mem_ctx);
172 if (!tmp_ctx) {
173 DEBUG(0,("ERROR: Out of memory!\n"));
174 return NT_STATUS_NO_MEMORY;
177 ldb = talloc_get_type(ctx->priv_data, struct ldb_context);
179 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, "CN=SHARES"),
180 LDB_SCOPE_SUBTREE, NULL, "(name=*)");
181 if (ret != LDB_SUCCESS) {
182 talloc_free(tmp_ctx);
183 return NT_STATUS_INTERNAL_DB_CORRUPTION;
186 n = talloc_array(mem_ctx, const char *, res->count);
187 if (!n) {
188 DEBUG(0,("ERROR: Out of memory!\n"));
189 talloc_free(tmp_ctx);
190 return NT_STATUS_NO_MEMORY;
193 for (i = 0, j = 0; i < res->count; i++) {
194 n[j] = talloc_strdup(n, ldb_msg_find_attr_as_string(res->msgs[i], "name", NULL));
195 if (!n[j]) {
196 DEBUG(0,("WARNING: Malformed share object in share database\n!"));
197 continue;
199 j++;
202 *names = n;
203 *count = j;
204 talloc_free(tmp_ctx);
206 return NT_STATUS_OK;
209 static NTSTATUS sldb_get_config(TALLOC_CTX *mem_ctx,
210 struct share_context *ctx,
211 const char *name,
212 struct share_config **scfg)
214 int ret;
215 struct share_config *s;
216 struct ldb_context *ldb;
217 struct ldb_result *res;
218 TALLOC_CTX *tmp_ctx;
220 tmp_ctx = talloc_new(mem_ctx);
221 if (!tmp_ctx) {
222 DEBUG(0,("ERROR: Out of memory!\n"));
223 return NT_STATUS_NO_MEMORY;
226 ldb = talloc_get_type(ctx->priv_data, struct ldb_context);
228 ret = ldb_search(ldb, tmp_ctx, &res,
229 ldb_dn_new(tmp_ctx, ldb, "CN=SHARES"), LDB_SCOPE_SUBTREE, NULL,
230 "(name=%s)", name);
231 if (ret != LDB_SUCCESS || res->count > 1) {
232 talloc_free(tmp_ctx);
233 return NT_STATUS_INTERNAL_DB_CORRUPTION;
234 } else if (res->count != 1) {
235 talloc_free(tmp_ctx);
236 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
239 s = talloc(tmp_ctx, struct share_config);
240 if (!s) {
241 DEBUG(0,("ERROR: Out of memory!\n"));
242 talloc_free(tmp_ctx);
243 return NT_STATUS_NO_MEMORY;
246 s->name = talloc_strdup(s, ldb_msg_find_attr_as_string(res->msgs[0], "name", NULL));
247 if (!s->name) {
248 DEBUG(0,("ERROR: Invalid share object!\n"));
249 talloc_free(tmp_ctx);
250 return NT_STATUS_UNSUCCESSFUL;
253 s->opaque = talloc_steal(s, res->msgs[0]);
254 if (!s->opaque) {
255 DEBUG(0,("ERROR: Invalid share object!\n"));
256 talloc_free(tmp_ctx);
257 return NT_STATUS_UNSUCCESSFUL;
260 s->ctx = ctx;
262 *scfg = talloc_steal(mem_ctx, s);
264 talloc_free(tmp_ctx);
265 return NT_STATUS_OK;
268 #define SHARE_ADD_STRING(name, value) do { \
269 err = ldb_msg_add_string(msg, name, value); \
270 if (err != LDB_SUCCESS) { \
271 DEBUG(2,("ERROR: unable to add string share option %s to ldb msg\n", name)); \
272 ret = NT_STATUS_UNSUCCESSFUL; \
273 goto done; \
274 } } while(0)
276 #define SHARE_ADD_INT(name, value) do { \
277 err = ldb_msg_add_fmt(msg, name, "%d", value); \
278 if (err != LDB_SUCCESS) { \
279 DEBUG(2,("ERROR: unable to add integer share option %s to ldb msg\n", name)); \
280 ret = NT_STATUS_UNSUCCESSFUL; \
281 goto done; \
282 } } while(0)
284 #define SHARE_ADD_BLOB(name, value) do { \
285 err = ldb_msg_add_value(msg, name, value, NULL); \
286 if (err != LDB_SUCCESS) { \
287 DEBUG(2,("ERROR: unable to add blob share option %s to ldb msg\n", name)); \
288 ret = NT_STATUS_UNSUCCESSFUL; \
289 goto done; \
290 } } while(0)
292 static NTSTATUS sldb_create(struct share_context *ctx, const char *name, struct share_info *info, int count)
294 struct ldb_context *ldb;
295 struct ldb_message *msg;
296 TALLOC_CTX *tmp_ctx;
297 NTSTATUS ret;
298 int err, i, j;
300 for (i = 0, j = 0; i < count && j != 0x03; i++) {
301 if (strcasecmp(info[i].name, SHARE_TYPE) == 0) j |= 0x02;
302 if (strcasecmp(info[i].name, SHARE_PATH) == 0) j |= 0x01;
303 if (strcasecmp(info[i].name, SHARE_NAME) == 0) {
304 if (strcasecmp(name, (char *)info[i].value) != 0) {
305 return NT_STATUS_INVALID_PARAMETER;
309 if (!name || j != 0x03) {
310 return NT_STATUS_INVALID_PARAMETER;
313 tmp_ctx = talloc_new(NULL);
314 if (!tmp_ctx) {
315 DEBUG(0,("ERROR: Out of memory!\n"));
316 return NT_STATUS_NO_MEMORY;
319 ldb = talloc_get_type(ctx->priv_data, struct ldb_context);
321 msg = ldb_msg_new(tmp_ctx);
322 if (!msg) {
323 DEBUG(0,("ERROR: Out of memory!\n"));
324 ret = NT_STATUS_NO_MEMORY;
325 goto done;
328 /* TODO: escape info->name */
329 msg->dn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s,CN=SHARES", name);
330 if (!msg->dn) {
331 DEBUG(0,("ERROR: Out of memory!\n"));
332 ret = NT_STATUS_NO_MEMORY;
333 goto done;
336 SHARE_ADD_STRING("objectClass", "top");
337 SHARE_ADD_STRING("objectClass", "share");
338 SHARE_ADD_STRING("cn", name);
339 SHARE_ADD_STRING(SHARE_NAME, name);
341 for (i = 0; i < count; i++) {
342 if (strcasecmp(info[i].name, SHARE_NAME) == 0) continue;
344 switch (info[i].type) {
345 case SHARE_INFO_STRING:
346 SHARE_ADD_STRING(info[i].name, (char *)info[i].value);
347 break;
348 case SHARE_INFO_INT:
349 SHARE_ADD_INT(info[i].name, *((int *)info[i].value));
350 break;
351 case SHARE_INFO_BLOB:
352 SHARE_ADD_BLOB(info[i].name, (DATA_BLOB *)info[i].value);
353 break;
354 default:
355 DEBUG(2,("ERROR: Invalid share info type for %s\n", info[i].name));
356 ret = NT_STATUS_INVALID_PARAMETER;
357 goto done;
361 /* TODO: Security Descriptor */
363 SHARE_ADD_STRING(SHARE_AVAILABLE, "true");
364 SHARE_ADD_STRING(SHARE_BROWSEABLE, "true");
365 SHARE_ADD_STRING(SHARE_READONLY, "false");
366 SHARE_ADD_STRING(SHARE_NTVFS_HANDLER, "unixuid");
367 SHARE_ADD_STRING(SHARE_NTVFS_HANDLER, "posix");
369 err = ldb_add(ldb, msg);
370 if (err != LDB_SUCCESS) {
371 DEBUG(2,("ERROR: unable to add share %s to share.ldb\n"
372 " err=%d [%s]\n", name, err, ldb_errstring(ldb)));
373 if (err == LDB_ERR_NO_SUCH_OBJECT) {
374 ret = NT_STATUS_OBJECT_NAME_NOT_FOUND;
375 } else if (err == LDB_ERR_ENTRY_ALREADY_EXISTS) {
376 ret = NT_STATUS_OBJECT_NAME_COLLISION;
377 } else {
378 ret = NT_STATUS_UNSUCCESSFUL;
380 goto done;
383 ret = NT_STATUS_OK;
384 done:
385 talloc_free(tmp_ctx);
386 return ret;
389 #define SHARE_MOD_STRING(name, value) do { \
390 err = ldb_msg_add_empty(msg, name, LDB_FLAG_MOD_REPLACE, NULL); \
391 if (err != LDB_SUCCESS) { \
392 DEBUG(2,("ERROR: unable to add string share option %s to ldb msg\n", name)); \
393 ret = NT_STATUS_UNSUCCESSFUL; \
394 goto done; \
396 err = ldb_msg_add_string(msg, name, value); \
397 if (err != LDB_SUCCESS) { \
398 DEBUG(2,("ERROR: unable to add string share option %s to ldb msg\n", name)); \
399 ret = NT_STATUS_UNSUCCESSFUL; \
400 goto done; \
401 } } while(0)
403 #define SHARE_MOD_INT(name, value) do { \
404 err = ldb_msg_add_empty(msg, name, LDB_FLAG_MOD_REPLACE, NULL); \
405 if (err != LDB_SUCCESS) { \
406 DEBUG(2,("ERROR: unable to add string share option %s to ldb msg\n", name)); \
407 ret = NT_STATUS_UNSUCCESSFUL; \
408 goto done; \
410 err = ldb_msg_add_fmt(msg, name, "%d", value); \
411 if (err != LDB_SUCCESS) { \
412 DEBUG(2,("ERROR: unable to add integer share option %s to ldb msg\n", name)); \
413 ret = NT_STATUS_UNSUCCESSFUL; \
414 goto done; \
415 } } while(0)
417 #define SHARE_MOD_BLOB(name, value) do { \
418 err = ldb_msg_add_empty(msg, name, LDB_FLAG_MOD_REPLACE, NULL); \
419 if (err != LDB_SUCCESS) { \
420 DEBUG(2,("ERROR: unable to add string share option %s to ldb msg\n", name)); \
421 ret = NT_STATUS_UNSUCCESSFUL; \
422 goto done; \
424 err = ldb_msg_add_value(msg, name, value, NULL); \
425 if (err != LDB_SUCCESS) { \
426 DEBUG(2,("ERROR: unable to add blob share option %s to ldb msg\n", name)); \
427 ret = NT_STATUS_UNSUCCESSFUL; \
428 goto done; \
429 } } while(0)
431 static NTSTATUS sldb_set(struct share_context *ctx, const char *name, struct share_info *info, int count)
433 struct ldb_context *ldb;
434 struct ldb_message *msg;
435 TALLOC_CTX *tmp_ctx;
436 NTSTATUS ret;
437 bool do_rename = false;
438 char *newname;
439 int err, i;
441 if (!name) {
442 return NT_STATUS_INVALID_PARAMETER;
445 tmp_ctx = talloc_new(NULL);
446 if (!tmp_ctx) {
447 DEBUG(0,("ERROR: Out of memory!\n"));
448 return NT_STATUS_NO_MEMORY;
451 ldb = talloc_get_type(ctx->priv_data, struct ldb_context);
453 msg = ldb_msg_new(tmp_ctx);
454 if (!msg) {
455 DEBUG(0,("ERROR: Out of memory!\n"));
456 ret = NT_STATUS_NO_MEMORY;
457 goto done;
460 /* TODO: escape name */
461 msg->dn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s,CN=SHARES", name);
462 if (!msg->dn) {
463 DEBUG(0,("ERROR: Out of memory!\n"));
464 ret = NT_STATUS_NO_MEMORY;
465 goto done;
468 for (i = 0; i < count; i++) {
469 if (strcasecmp(info[i].name, SHARE_NAME) == 0) {
470 if (strcasecmp(name, (char *)info[i].value) != 0) {
471 do_rename = true;
472 newname = (char *)info[i].value;
473 SHARE_MOD_STRING("cn", (char *)info[i].value);
477 switch (info[i].type) {
478 case SHARE_INFO_STRING:
479 SHARE_MOD_STRING(info[i].name, (char *)info[i].value);
480 break;
481 case SHARE_INFO_INT:
482 SHARE_MOD_INT(info[i].name, *((int *)info[i].value));
483 break;
484 case SHARE_INFO_BLOB:
485 SHARE_MOD_BLOB(info[i].name, (DATA_BLOB *)info[i].value);
486 break;
487 default:
488 DEBUG(2,("ERROR: Invalid share info type for %s\n", info[i].name));
489 ret = NT_STATUS_INVALID_PARAMETER;
490 goto done;
494 if (do_rename) {
495 struct ldb_dn *olddn, *newdn;
497 olddn = msg->dn;
499 /* TODO: escape newname */
500 newdn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s,CN=SHARES", newname);
501 if (!newdn) {
502 DEBUG(0,("ERROR: Out of memory!\n"));
503 ret = NT_STATUS_NO_MEMORY;
504 goto done;
507 err = ldb_rename(ldb, olddn, newdn);
508 if (err != LDB_SUCCESS) {
509 DEBUG(2,("ERROR: unable to rename share %s (to %s)\n"
510 " err=%d [%s]\n", name, newname, err, ldb_errstring(ldb)));
511 if (err == LDB_ERR_NO_SUCH_OBJECT) {
512 ret = NT_STATUS_OBJECT_NAME_COLLISION;
513 } else {
514 ret = NT_STATUS_UNSUCCESSFUL;
516 goto done;
519 msg->dn = newdn;
522 err = ldb_modify(ldb, msg);
523 if (err != LDB_SUCCESS) {
524 DEBUG(2,("ERROR: unable to add share %s to share.ldb\n"
525 " err=%d [%s]\n", name, err, ldb_errstring(ldb)));
526 if (err == LDB_ERR_NO_SUCH_OBJECT) {
527 ret = NT_STATUS_OBJECT_NAME_COLLISION;
528 } else {
529 ret = NT_STATUS_UNSUCCESSFUL;
531 goto done;
534 ret = NT_STATUS_OK;
535 done:
536 talloc_free(tmp_ctx);
537 return ret;
540 static NTSTATUS sldb_remove(struct share_context *ctx, const char *name)
542 struct ldb_context *ldb;
543 struct ldb_dn *dn;
544 TALLOC_CTX *tmp_ctx;
545 NTSTATUS ret;
546 int err;
548 tmp_ctx = talloc_new(NULL);
549 if (!tmp_ctx) {
550 DEBUG(0,("ERROR: Out of memory!\n"));
551 return NT_STATUS_NO_MEMORY;
554 ldb = talloc_get_type(ctx->priv_data, struct ldb_context);
556 dn = ldb_dn_new_fmt(tmp_ctx, ldb, "CN=%s,CN=SHARES", name);
557 if (!dn) {
558 DEBUG(0,("ERROR: Out of memory!\n"));
559 ret = NT_STATUS_NO_MEMORY;
560 goto done;
563 err = ldb_delete(ldb, dn);
564 if (err != LDB_SUCCESS) {
565 DEBUG(2,("ERROR: unable to remove share %s from share.ldb\n"
566 " err=%d [%s]\n", name, err, ldb_errstring(ldb)));
567 ret = NT_STATUS_UNSUCCESSFUL;
568 goto done;
571 ret = NT_STATUS_OK;
572 done:
573 talloc_free(tmp_ctx);
574 return ret;
577 static const struct share_ops ops = {
578 .name = "ldb",
579 .init = sldb_init,
580 .string_option = sldb_string_option,
581 .int_option = sldb_int_option,
582 .bool_option = sldb_bool_option,
583 .string_list_option = sldb_string_list_option,
584 .list_all = sldb_list_all,
585 .get_config = sldb_get_config,
586 .create = sldb_create,
587 .set = sldb_set,
588 .remove = sldb_remove
591 NTSTATUS share_ldb_init(void)
593 return share_register(&ops);