search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ldb: fix a typo in the comment for ldb_req_is_untrusted()
[Samba/gebeck_regimport.git] / lib / ldb / common / ldb.c
blob7a997f78243ef9466a903b70c893006a6c3e7682
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
6
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
9 ** under the LGPL
10
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
15
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
20
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb core API
29 *
30 * Description: core API routines interfacing to ldb backends
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
37 #include "ldb.h"
38
39 static int ldb_context_destructor(void *ptr)
40 {
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 }
48
49 return 0;
50 }
51
52 /*
53 this is used to catch debug messages from events
54 */
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
60 {
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63
64 switch (level) {
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
67 break;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
70 break;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
73 break;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
76 break;
77 };
78
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
81 * want to show it */
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
83 }
84
85 /*
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
89 */
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 {
92 struct ldb_context *ldb;
93 int ret;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
95
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
98 }
99
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
102 return NULL;
103 }
104
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
106 if (ldb == NULL) {
107 return NULL;
108 }
109
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
116 tevent_loop_allow_nesting(ev_ctx);
117 }
118
119 ret = ldb_setup_wellknown_attributes(ldb);
120 if (ret != LDB_SUCCESS) {
121 talloc_free(ldb);
122 return NULL;
123 }
124
125 ldb_set_utf8_default(ldb);
126 ldb_set_create_perms(ldb, 0666);
127 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
128 ldb_set_event_context(ldb, ev_ctx);
129
130 /* TODO: get timeout from options if available there */
131 ldb->default_timeout = 300; /* set default to 5 minutes */
132
133 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
134
135 return ldb;
136 }
137
138 /*
139 try to autodetect a basedn if none specified. This fixes one of my
140 pet hates about ldapsearch, which is that you have to get a long,
141 complex basedn right to make any use of it.
142 */
143 void ldb_set_default_dns(struct ldb_context *ldb)
144 {
145 TALLOC_CTX *tmp_ctx;
146 int ret;
147 struct ldb_result *res;
148 struct ldb_dn *tmp_dn=NULL;
149 static const char *attrs[] = {
150 "rootDomainNamingContext",
151 "configurationNamingContext",
152 "schemaNamingContext",
153 "defaultNamingContext",
154 NULL
155 };
156
157 tmp_ctx = talloc_new(ldb);
158 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
159 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
160 if (ret != LDB_SUCCESS) {
161 talloc_free(tmp_ctx);
162 return;
163 }
164
165 if (res->count != 1) {
166 talloc_free(tmp_ctx);
167 return;
168 }
169
170 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
171 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
172 "rootDomainNamingContext");
173 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
174 }
175
176 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
177 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
178 "configurationNamingContext");
179 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
180 }
181
182 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
183 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
184 "schemaNamingContext");
185 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
186 }
187
188 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
189 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
190 "defaultNamingContext");
191 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
192 }
193
194 talloc_free(tmp_ctx);
195 }
196
197 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
198 {
199 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
200 return talloc_get_type(opaque, struct ldb_dn);
201 }
202
203 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
204 {
205 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
206 return talloc_get_type(opaque, struct ldb_dn);
207 }
208
209 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
210 {
211 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
212 return talloc_get_type(opaque, struct ldb_dn);
213 }
214
215 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
216 {
217 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
218 return talloc_get_type(opaque, struct ldb_dn);
219 }
220
221 /*
222 connect to a database. The URL can either be one of the following forms
223 ldb://path
224 ldapi://path
225
226 flags is made up of LDB_FLG_*
227
228 the options are passed uninterpreted to the backend, and are
229 backend specific
230 */
231 int ldb_connect(struct ldb_context *ldb, const char *url,
232 unsigned int flags, const char *options[])
233 {
234 int ret;
235 char *url2;
236 /* We seem to need to do this here, or else some utilities don't
237 * get ldb backends */
238
239 ldb->flags = flags;
240
241 url2 = talloc_strdup(ldb, url);
242 if (!url2) {
243 ldb_oom(ldb);
244 return LDB_ERR_OPERATIONS_ERROR;
245 }
246 ret = ldb_set_opaque(ldb, "ldb_url", url2);
247 if (ret != LDB_SUCCESS) {
248 return ret;
249 }
250
251 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
252 if (ret != LDB_SUCCESS) {
253 return ret;
254 }
255
256 if (ldb_load_modules(ldb, options) != LDB_SUCCESS) {
257 ldb_debug(ldb, LDB_DEBUG_FATAL,
258 "Unable to load modules for %s: %s",
259 url, ldb_errstring(ldb));
260 return LDB_ERR_OTHER;
261 }
262
263 /* set the default base dn */
264 ldb_set_default_dns(ldb);
265
266 return LDB_SUCCESS;
267 }
268
269 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
270 {
271 ldb_asprintf_errstring(ldb, "%s", err_string);
272 }
273
274 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
275 {
276 va_list ap;
277
278 if (ldb->err_string) {
279 talloc_free(ldb->err_string);
280 }
281
282 va_start(ap, format);
283 ldb->err_string = talloc_vasprintf(ldb, format, ap);
284 va_end(ap);
285
286 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
287 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
288 ldb->err_string);
289 }
290 }
291
292 void ldb_reset_err_string(struct ldb_context *ldb)
293 {
294 if (ldb->err_string) {
295 talloc_free(ldb->err_string);
296 ldb->err_string = NULL;
297 }
298 }
299
300
301
302 /*
303 set an ldb error based on file:line
304 */
305 int ldb_error_at(struct ldb_context *ldb, int ecode,
306 const char *reason, const char *file, int line)
307 {
308 if (reason == NULL) {
309 reason = ldb_strerror(ecode);
310 }
311 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
312 return ecode;
313 }
314
315
316 #define FIRST_OP_NOERR(ldb, op) do { \
317 module = ldb->modules; \
318 while (module && module->ops->op == NULL) module = module->next; \
319 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
320 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
321 module->ops->name); \
322 } \
323 } while (0)
324
325 #define FIRST_OP(ldb, op) do { \
326 FIRST_OP_NOERR(ldb, op); \
327 if (module == NULL) { \
328 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
329 return LDB_ERR_OPERATIONS_ERROR; \
330 } \
331 } while (0)
332
333
334 /*
335 start a transaction
336 */
337 int ldb_transaction_start(struct ldb_context *ldb)
338 {
339 struct ldb_module *module;
340 int status;
341
342 ldb_debug(ldb, LDB_DEBUG_TRACE,
343 "start ldb transaction (nesting: %d)",
344 ldb->transaction_active);
345
346 /* explicit transaction active, count nested requests */
347 if (ldb->transaction_active) {
348 ldb->transaction_active++;
349 return LDB_SUCCESS;
350 }
351
352 /* start a new transaction */
353 ldb->transaction_active++;
354 ldb->prepare_commit_done = false;
355
356 FIRST_OP(ldb, start_transaction);
357
358 ldb_reset_err_string(ldb);
359
360 status = module->ops->start_transaction(module);
361 if (status != LDB_SUCCESS) {
362 if (ldb->err_string == NULL) {
363 /* no error string was setup by the backend */
364 ldb_asprintf_errstring(ldb,
365 "ldb transaction start: %s (%d)",
366 ldb_strerror(status),
367 status);
368 }
369 }
370 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
371 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
372 ldb_errstring(module->ldb));
373 }
374 return status;
375 }
376
377 /*
378 prepare for transaction commit (first phase of two phase commit)
379 */
380 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
381 {
382 struct ldb_module *module;
383 int status;
384
385 if (ldb->prepare_commit_done) {
386 return LDB_SUCCESS;
387 }
388
389 /* commit only when all nested transactions are complete */
390 if (ldb->transaction_active > 1) {
391 return LDB_SUCCESS;
392 }
393
394 ldb->prepare_commit_done = true;
395
396 if (ldb->transaction_active < 0) {
397 ldb_debug(ldb, LDB_DEBUG_FATAL,
398 "prepare commit called but no ldb transactions are active!");
399 ldb->transaction_active = 0;
400 return LDB_ERR_OPERATIONS_ERROR;
401 }
402
403 /* call prepare transaction if available */
404 FIRST_OP_NOERR(ldb, prepare_commit);
405 if (module == NULL) {
406 return LDB_SUCCESS;
407 }
408
409 status = module->ops->prepare_commit(module);
410 if (status != LDB_SUCCESS) {
411 /* if a module fails the prepare then we need
412 to call the end transaction for everyone */
413 FIRST_OP(ldb, del_transaction);
414 module->ops->del_transaction(module);
415 if (ldb->err_string == NULL) {
416 /* no error string was setup by the backend */
417 ldb_asprintf_errstring(ldb,
418 "ldb transaction prepare commit: %s (%d)",
419 ldb_strerror(status),
420 status);
421 }
422 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
423 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
424 ldb_errstring(module->ldb));
425 }
426 }
427
428 return status;
429 }
430
431
432 /*
433 commit a transaction
434 */
435 int ldb_transaction_commit(struct ldb_context *ldb)
436 {
437 struct ldb_module *module;
438 int status;
439
440 status = ldb_transaction_prepare_commit(ldb);
441 if (status != LDB_SUCCESS) {
442 return status;
443 }
444
445 ldb->transaction_active--;
446
447 ldb_debug(ldb, LDB_DEBUG_TRACE,
448 "commit ldb transaction (nesting: %d)",
449 ldb->transaction_active);
450
451 /* commit only when all nested transactions are complete */
452 if (ldb->transaction_active > 0) {
453 return LDB_SUCCESS;
454 }
455
456 if (ldb->transaction_active < 0) {
457 ldb_debug(ldb, LDB_DEBUG_FATAL,
458 "commit called but no ldb transactions are active!");
459 ldb->transaction_active = 0;
460 return LDB_ERR_OPERATIONS_ERROR;
461 }
462
463 ldb_reset_err_string(ldb);
464
465 FIRST_OP(ldb, end_transaction);
466 status = module->ops->end_transaction(module);
467 if (status != LDB_SUCCESS) {
468 if (ldb->err_string == NULL) {
469 /* no error string was setup by the backend */
470 ldb_asprintf_errstring(ldb,
471 "ldb transaction commit: %s (%d)",
472 ldb_strerror(status),
473 status);
474 }
475 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
476 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
477 ldb_errstring(module->ldb));
478 }
479 /* cancel the transaction */
480 FIRST_OP(ldb, del_transaction);
481 module->ops->del_transaction(module);
482 }
483 return status;
484 }
485
486
487 /*
488 cancel a transaction
489 */
490 int ldb_transaction_cancel(struct ldb_context *ldb)
491 {
492 struct ldb_module *module;
493 int status;
494
495 ldb->transaction_active--;
496
497 ldb_debug(ldb, LDB_DEBUG_TRACE,
498 "cancel ldb transaction (nesting: %d)",
499 ldb->transaction_active);
500
501 /* really cancel only if all nested transactions are complete */
502 if (ldb->transaction_active > 0) {
503 return LDB_SUCCESS;
504 }
505
506 if (ldb->transaction_active < 0) {
507 ldb_debug(ldb, LDB_DEBUG_FATAL,
508 "cancel called but no ldb transactions are active!");
509 ldb->transaction_active = 0;
510 return LDB_ERR_OPERATIONS_ERROR;
511 }
512
513 FIRST_OP(ldb, del_transaction);
514
515 status = module->ops->del_transaction(module);
516 if (status != LDB_SUCCESS) {
517 if (ldb->err_string == NULL) {
518 /* no error string was setup by the backend */
519 ldb_asprintf_errstring(ldb,
520 "ldb transaction cancel: %s (%d)",
521 ldb_strerror(status),
522 status);
523 }
524 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
525 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
526 ldb_errstring(module->ldb));
527 }
528 }
529 return status;
530 }
531
532 /*
533 cancel a transaction with no error if no transaction is pending
534 used when we fork() to clear any parent transactions
535 */
536 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
537 {
538 if (ldb->transaction_active > 0) {
539 return ldb_transaction_cancel(ldb);
540 }
541 return LDB_SUCCESS;
542 }
543
544
545 /* autostarts a transaction if none active */
546 static int ldb_autotransaction_request(struct ldb_context *ldb,
547 struct ldb_request *req)
548 {
549 int ret;
550
551 ret = ldb_transaction_start(ldb);
552 if (ret != LDB_SUCCESS) {
553 return ret;
554 }
555
556 ret = ldb_request(ldb, req);
557 if (ret == LDB_SUCCESS) {
558 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
559 }
560
561 if (ret == LDB_SUCCESS) {
562 return ldb_transaction_commit(ldb);
563 }
564 ldb_transaction_cancel(ldb);
565
566 return ret;
567 }
568
569 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
570 {
571 struct tevent_context *ev;
572 int ret;
573
574 if (!handle) {
575 return ldb_error(handle->ldb, LDB_ERR_UNAVAILABLE, NULL);
576 }
577
578 if (handle->state == LDB_ASYNC_DONE) {
579 if ((handle->status != LDB_SUCCESS) &&
580 (handle->ldb->err_string == NULL)) {
581 /* if no error string was setup by the backend */
582 ldb_asprintf_errstring(handle->ldb, "ldb_wait: %s (%d)",
583 ldb_strerror(handle->status),
584 handle->status);
585 }
586 return handle->status;
587 }
588
589 ev = ldb_get_event_context(handle->ldb);
590 if (NULL == ev) {
591 return ldb_oom(handle->ldb);
592 }
593
594 switch (type) {
595 case LDB_WAIT_NONE:
596 ret = tevent_loop_once(ev);
597 if (ret != 0) {
598 return ldb_operr(handle->ldb);
599 }
600 if (handle->status != LDB_SUCCESS) {
601 if (handle->ldb->err_string == NULL) {
602 /*
603 * if no error string was setup by the backend
604 */
605 ldb_asprintf_errstring(handle->ldb,
606 "ldb_wait: %s (%d)",
607 ldb_strerror(handle->status),
608 handle->status);
609 }
610 return handle->status;
611 }
612 break;
613
614 case LDB_WAIT_ALL:
615 while (handle->state != LDB_ASYNC_DONE) {
616 ret = tevent_loop_once(ev);
617 if (ret != 0) {
618 return ldb_operr(handle->ldb);
619 }
620 if (handle->status != LDB_SUCCESS) {
621 if (handle->ldb->err_string == NULL) {
622 /*
623 * if no error string was setup by the
624 * backend
625 */
626 ldb_asprintf_errstring(handle->ldb,
627 "ldb_wait: %s (%d)",
628 ldb_strerror(handle->status),
629 handle->status);
630 }
631 return handle->status;
632 }
633 }
634 if (handle->status != LDB_SUCCESS) {
635 if (handle->ldb->err_string == NULL) {
636 /*
637 * if no error string was setup by the backend
638 */
639 ldb_asprintf_errstring(handle->ldb,
640 "ldb_wait: %s (%d)",
641 ldb_strerror(handle->status),
642 handle->status);
643 }
644 return handle->status;
645 }
646 break;
647 }
648
649 return LDB_SUCCESS;
650 }
651
652 /* set the specified timeout or, if timeout is 0 set the default timeout */
653 int ldb_set_timeout(struct ldb_context *ldb,
654 struct ldb_request *req,
655 int timeout)
656 {
657 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
658
659 if (timeout != 0) {
660 req->timeout = timeout;
661 } else {
662 req->timeout = ldb->default_timeout;
663 }
664 req->starttime = time(NULL);
665
666 return LDB_SUCCESS;
667 }
668
669 /* calculates the new timeout based on the previous starttime and timeout */
670 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
671 struct ldb_request *oldreq,
672 struct ldb_request *newreq)
673 {
674 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
675
676 if (oldreq == NULL) {
677 return ldb_set_timeout(ldb, newreq, 0);
678 }
679
680 newreq->starttime = oldreq->starttime;
681 newreq->timeout = oldreq->timeout;
682
683 return LDB_SUCCESS;
684 }
685
686
687 /*
688 set the permissions for new files to be passed to open() in
689 backends that use local files
690 */
691 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
692 {
693 ldb->create_perms = perms;
694 }
695
696 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
697 {
698 return ldb->create_perms;
699 }
700
701 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
702 {
703 ldb->ev_ctx = ev;
704 }
705
706 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
707 {
708 return ldb->ev_ctx;
709 }
710
711 void ldb_request_set_state(struct ldb_request *req, int state)
712 {
713 req->handle->state = state;
714 }
715
716 int ldb_request_get_status(struct ldb_request *req)
717 {
718 return req->handle->status;
719 }
720
721
722 /*
723 trace a ldb request
724 */
725 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
726 {
727 TALLOC_CTX *tmp_ctx = talloc_new(req);
728 unsigned int i;
729 struct ldb_ldif ldif;
730
731 switch (req->operation) {
732 case LDB_SEARCH:
733 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
734 ldb_debug_add(ldb, " dn: %s\n",
735 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
736 ldb_dn_get_linearized(req->op.search.base));
737 ldb_debug_add(ldb, " scope: %s\n",
738 req->op.search.scope==LDB_SCOPE_BASE?"base":
739 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
740 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
741 ldb_debug_add(ldb, " expr: %s\n",
742 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
743 if (req->op.search.attrs == NULL) {
744 ldb_debug_add(ldb, " attr: <ALL>\n");
745 } else {
746 for (i=0; req->op.search.attrs[i]; i++) {
747 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
748 }
749 }
750 break;
751 case LDB_DELETE:
752 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
753 ldb_debug_add(ldb, " dn: %s\n",
754 ldb_dn_get_linearized(req->op.del.dn));
755 break;
756 case LDB_RENAME:
757 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
758 ldb_debug_add(ldb, " olddn: %s\n",
759 ldb_dn_get_linearized(req->op.rename.olddn));
760 ldb_debug_add(ldb, " newdn: %s\n",
761 ldb_dn_get_linearized(req->op.rename.newdn));
762 break;
763 case LDB_EXTENDED:
764 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
765 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
766 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
767 break;
768 case LDB_ADD:
769 ldif.changetype = LDB_CHANGETYPE_ADD;
770 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
771
772 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
773
774 /*
775 * The choice to call
776 * ldb_ldif_write_redacted_trace_string() is CRITICAL
777 * for security. It ensures that we do not output
778 * passwords into debug logs
779 */
780
781 ldb_debug_add(req->handle->ldb, "%s\n",
782 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
783 break;
784 case LDB_MODIFY:
785 ldif.changetype = LDB_CHANGETYPE_MODIFY;
786 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
787
788 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
789
790 /*
791 * The choice to call
792 * ldb_ldif_write_redacted_trace_string() is CRITICAL
793 * for security. It ensures that we do not output
794 * passwords into debug logs
795 */
796
797 ldb_debug_add(req->handle->ldb, "%s\n",
798 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
799 break;
800 case LDB_REQ_REGISTER_CONTROL:
801 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
802 ldb_debug_add(req->handle->ldb, "%s\n",
803 req->op.reg_control.oid);
804 break;
805 case LDB_REQ_REGISTER_PARTITION:
806 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
807 ldb_debug_add(req->handle->ldb, "%s\n",
808 ldb_dn_get_linearized(req->op.reg_partition.dn));
809 break;
810 default:
811 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
812 req->operation);
813 break;
814 }
815
816 if (req->controls == NULL) {
817 ldb_debug_add(ldb, " control: <NONE>\n");
818 } else {
819 for (i=0; req->controls && req->controls[i]; i++) {
820 if (req->controls[i]->oid) {
821 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
822 req->controls[i]->oid,
823 req->controls[i]->critical,
824 req->controls[i]->data?"yes":"no");
825 }
826 }
827 }
828
829 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
830
831 talloc_free(tmp_ctx);
832 }
833
834 /*
835 check that the element flags don't have any internal bits set
836 */
837 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
838 const struct ldb_message *message)
839 {
840 unsigned i;
841 for (i=0; i<message->num_elements; i++) {
842 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
843 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
844 message->elements[i].flags, message->elements[i].name,
845 ldb_dn_get_linearized(message->dn));
846 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
847 }
848 }
849 return LDB_SUCCESS;
850 }
851
852
853 /*
854 start an ldb request
855 NOTE: the request must be a talloc context.
856 returns LDB_ERR_* on errors.
857 */
858 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
859 {
860 struct ldb_module *module;
861 int ret;
862
863 if (req->callback == NULL) {
864 ldb_set_errstring(ldb, "Requests MUST define callbacks");
865 return LDB_ERR_UNWILLING_TO_PERFORM;
866 }
867
868 ldb_reset_err_string(ldb);
869
870 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
871 ldb_trace_request(ldb, req);
872 }
873
874 /* call the first module in the chain */
875 switch (req->operation) {
876 case LDB_SEARCH:
877 /* due to "ldb_build_search_req" base DN always != NULL */
878 if (!ldb_dn_validate(req->op.search.base)) {
879 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
880 ldb_dn_get_linearized(req->op.search.base));
881 return LDB_ERR_INVALID_DN_SYNTAX;
882 }
883 FIRST_OP(ldb, search);
884 ret = module->ops->search(module, req);
885 break;
886 case LDB_ADD:
887 if (!ldb_dn_validate(req->op.add.message->dn)) {
888 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
889 ldb_dn_get_linearized(req->op.add.message->dn));
890 return LDB_ERR_INVALID_DN_SYNTAX;
891 }
892 /*
893 * we have to normalize here, as so many places
894 * in modules and backends assume we don't have two
895 * elements with the same name
896 */
897 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
898 discard_const(&req->op.add.message));
899 if (ret != LDB_SUCCESS) {
900 ldb_oom(ldb);
901 return ret;
902 }
903 FIRST_OP(ldb, add);
904 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
905 if (ret != LDB_SUCCESS) {
906 /*
907 * "ldb_msg_check_element_flags" generates an error
908 * string
909 */
910 return ret;
911 }
912 ret = module->ops->add(module, req);
913 break;
914 case LDB_MODIFY:
915 if (!ldb_dn_validate(req->op.mod.message->dn)) {
916 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
917 ldb_dn_get_linearized(req->op.mod.message->dn));
918 return LDB_ERR_INVALID_DN_SYNTAX;
919 }
920 FIRST_OP(ldb, modify);
921 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
922 if (ret != LDB_SUCCESS) {
923 /*
924 * "ldb_msg_check_element_flags" generates an error
925 * string
926 */
927 return ret;
928 }
929 ret = module->ops->modify(module, req);
930 break;
931 case LDB_DELETE:
932 if (!ldb_dn_validate(req->op.del.dn)) {
933 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
934 ldb_dn_get_linearized(req->op.del.dn));
935 return LDB_ERR_INVALID_DN_SYNTAX;
936 }
937 FIRST_OP(ldb, del);
938 ret = module->ops->del(module, req);
939 break;
940 case LDB_RENAME:
941 if (!ldb_dn_validate(req->op.rename.olddn)) {
942 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
943 ldb_dn_get_linearized(req->op.rename.olddn));
944 return LDB_ERR_INVALID_DN_SYNTAX;
945 }
946 if (!ldb_dn_validate(req->op.rename.newdn)) {
947 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
948 ldb_dn_get_linearized(req->op.rename.newdn));
949 return LDB_ERR_INVALID_DN_SYNTAX;
950 }
951 FIRST_OP(ldb, rename);
952 ret = module->ops->rename(module, req);
953 break;
954 case LDB_EXTENDED:
955 FIRST_OP(ldb, extended);
956 ret = module->ops->extended(module, req);
957 break;
958 default:
959 FIRST_OP(ldb, request);
960 ret = module->ops->request(module, req);
961 break;
962 }
963
964 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
965 /* if no error string was setup by the backend */
966 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
967 ldb_strerror(ret), ret);
968 }
969
970 return ret;
971 }
972
973 int ldb_request_done(struct ldb_request *req, int status)
974 {
975 req->handle->state = LDB_ASYNC_DONE;
976 req->handle->status = status;
977 return status;
978 }
979
980 /*
981 search the database given a LDAP-like search expression
982
983 returns an LDB error code
984
985 Use talloc_free to free the ldb_message returned in 'res', if successful
986
987 */
988 int ldb_search_default_callback(struct ldb_request *req,
989 struct ldb_reply *ares)
990 {
991 struct ldb_result *res;
992 unsigned int n;
993
994 res = talloc_get_type(req->context, struct ldb_result);
995
996 if (!ares) {
997 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
998 }
999 if (ares->error != LDB_SUCCESS) {
1000 return ldb_request_done(req, ares->error);
1001 }
1002
1003 switch (ares->type) {
1004 case LDB_REPLY_ENTRY:
1005 res->msgs = talloc_realloc(res, res->msgs,
1006 struct ldb_message *, res->count + 2);
1007 if (! res->msgs) {
1008 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1009 }
1010
1011 res->msgs[res->count + 1] = NULL;
1012
1013 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1014 res->count++;
1015 break;
1016
1017 case LDB_REPLY_REFERRAL:
1018 if (res->refs) {
1019 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1020 } else {
1021 n = 0;
1022 }
1023
1024 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1025 if (! res->refs) {
1026 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1027 }
1028
1029 res->refs[n] = talloc_move(res->refs, &ares->referral);
1030 res->refs[n + 1] = NULL;
1031 break;
1032
1033 case LDB_REPLY_DONE:
1034 /* TODO: we should really support controls on entries
1035 * and referrals too! */
1036 res->controls = talloc_move(res, &ares->controls);
1037
1038 /* this is the last message, and means the request is done */
1039 /* we have to signal and eventual ldb_wait() waiting that the
1040 * async request operation was completed */
1041 talloc_free(ares);
1042 return ldb_request_done(req, LDB_SUCCESS);
1043 }
1044
1045 talloc_free(ares);
1046
1047 return LDB_SUCCESS;
1048 }
1049
1050 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1051 {
1052 struct ldb_result *res;
1053 unsigned int n;
1054 int ret;
1055
1056 res = talloc_get_type(req->context, struct ldb_result);
1057
1058 if (!ares) {
1059 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1060 }
1061
1062 if (ares->error != LDB_SUCCESS) {
1063 ret = ares->error;
1064 talloc_free(ares);
1065 return ldb_request_done(req, ret);
1066 }
1067
1068 switch (ares->type) {
1069 case LDB_REPLY_REFERRAL:
1070 if (res->refs) {
1071 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1072 } else {
1073 n = 0;
1074 }
1075
1076 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1077 if (! res->refs) {
1078 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1079 }
1080
1081 res->refs[n] = talloc_move(res->refs, &ares->referral);
1082 res->refs[n + 1] = NULL;
1083 break;
1084
1085 case LDB_REPLY_DONE:
1086 talloc_free(ares);
1087 return ldb_request_done(req, LDB_SUCCESS);
1088 default:
1089 talloc_free(ares);
1090 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1091 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1092 }
1093
1094 talloc_free(ares);
1095 return ldb_request_done(req, LDB_SUCCESS);
1096 }
1097
1098 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1099 {
1100 int ret;
1101
1102 if (!ares) {
1103 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1104 }
1105
1106 if (ares->error != LDB_SUCCESS) {
1107 ret = ares->error;
1108 talloc_free(ares);
1109 return ldb_request_done(req, ret);
1110 }
1111
1112 if (ares->type != LDB_REPLY_DONE) {
1113 talloc_free(ares);
1114 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1115 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1116 }
1117
1118 talloc_free(ares);
1119 return ldb_request_done(req, LDB_SUCCESS);
1120 }
1121
1122 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1123 struct ldb_context *ldb,
1124 TALLOC_CTX *mem_ctx,
1125 struct ldb_dn *base,
1126 enum ldb_scope scope,
1127 struct ldb_parse_tree *tree,
1128 const char * const *attrs,
1129 struct ldb_control **controls,
1130 void *context,
1131 ldb_request_callback_t callback,
1132 struct ldb_request *parent)
1133 {
1134 struct ldb_request *req;
1135
1136 *ret_req = NULL;
1137
1138 req = talloc(mem_ctx, struct ldb_request);
1139 if (req == NULL) {
1140 ldb_oom(ldb);
1141 return LDB_ERR_OPERATIONS_ERROR;
1142 }
1143
1144 req->operation = LDB_SEARCH;
1145 if (base == NULL) {
1146 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1147 } else {
1148 req->op.search.base = base;
1149 }
1150 req->op.search.scope = scope;
1151
1152 req->op.search.tree = tree;
1153 if (req->op.search.tree == NULL) {
1154 ldb_set_errstring(ldb, "'tree' can't be NULL");
1155 talloc_free(req);
1156 return LDB_ERR_OPERATIONS_ERROR;
1157 }
1158
1159 req->op.search.attrs = attrs;
1160 req->controls = controls;
1161 req->context = context;
1162 req->callback = callback;
1163
1164 ldb_set_timeout_from_prev_req(ldb, parent, req);
1165
1166 req->handle = ldb_handle_new(req, ldb);
1167 if (req->handle == NULL) {
1168 ldb_oom(ldb);
1169 return LDB_ERR_OPERATIONS_ERROR;
1170 }
1171
1172 if (parent) {
1173 req->handle->nesting++;
1174 req->handle->parent = parent;
1175 req->handle->flags = parent->handle->flags;
1176 req->handle->custom_flags = parent->handle->custom_flags;
1177 }
1178
1179 *ret_req = req;
1180 return LDB_SUCCESS;
1181 }
1182
1183 int ldb_build_search_req(struct ldb_request **ret_req,
1184 struct ldb_context *ldb,
1185 TALLOC_CTX *mem_ctx,
1186 struct ldb_dn *base,
1187 enum ldb_scope scope,
1188 const char *expression,
1189 const char * const *attrs,
1190 struct ldb_control **controls,
1191 void *context,
1192 ldb_request_callback_t callback,
1193 struct ldb_request *parent)
1194 {
1195 struct ldb_parse_tree *tree;
1196 int ret;
1197
1198 tree = ldb_parse_tree(mem_ctx, expression);
1199 if (tree == NULL) {
1200 ldb_set_errstring(ldb, "Unable to parse search expression");
1201 return LDB_ERR_OPERATIONS_ERROR;
1202 }
1203
1204 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1205 scope, tree, attrs, controls,
1206 context, callback, parent);
1207 if (ret == LDB_SUCCESS) {
1208 talloc_steal(*ret_req, tree);
1209 }
1210 return ret;
1211 }
1212
1213 int ldb_build_add_req(struct ldb_request **ret_req,
1214 struct ldb_context *ldb,
1215 TALLOC_CTX *mem_ctx,
1216 const struct ldb_message *message,
1217 struct ldb_control **controls,
1218 void *context,
1219 ldb_request_callback_t callback,
1220 struct ldb_request *parent)
1221 {
1222 struct ldb_request *req;
1223
1224 *ret_req = NULL;
1225
1226 req = talloc(mem_ctx, struct ldb_request);
1227 if (req == NULL) {
1228 ldb_set_errstring(ldb, "Out of Memory");
1229 return LDB_ERR_OPERATIONS_ERROR;
1230 }
1231
1232 req->operation = LDB_ADD;
1233 req->op.add.message = message;
1234 req->controls = controls;
1235 req->context = context;
1236 req->callback = callback;
1237
1238 ldb_set_timeout_from_prev_req(ldb, parent, req);
1239
1240 req->handle = ldb_handle_new(req, ldb);
1241 if (req->handle == NULL) {
1242 ldb_oom(ldb);
1243 return LDB_ERR_OPERATIONS_ERROR;
1244 }
1245
1246 if (parent) {
1247 req->handle->nesting++;
1248 req->handle->parent = parent;
1249 req->handle->flags = parent->handle->flags;
1250 req->handle->custom_flags = parent->handle->custom_flags;
1251 }
1252
1253 *ret_req = req;
1254
1255 return LDB_SUCCESS;
1256 }
1257
1258 int ldb_build_mod_req(struct ldb_request **ret_req,
1259 struct ldb_context *ldb,
1260 TALLOC_CTX *mem_ctx,
1261 const struct ldb_message *message,
1262 struct ldb_control **controls,
1263 void *context,
1264 ldb_request_callback_t callback,
1265 struct ldb_request *parent)
1266 {
1267 struct ldb_request *req;
1268
1269 *ret_req = NULL;
1270
1271 req = talloc(mem_ctx, struct ldb_request);
1272 if (req == NULL) {
1273 ldb_set_errstring(ldb, "Out of Memory");
1274 return LDB_ERR_OPERATIONS_ERROR;
1275 }
1276
1277 req->operation = LDB_MODIFY;
1278 req->op.mod.message = message;
1279 req->controls = controls;
1280 req->context = context;
1281 req->callback = callback;
1282
1283 ldb_set_timeout_from_prev_req(ldb, parent, req);
1284
1285 req->handle = ldb_handle_new(req, ldb);
1286 if (req->handle == NULL) {
1287 ldb_oom(ldb);
1288 return LDB_ERR_OPERATIONS_ERROR;
1289 }
1290
1291 if (parent) {
1292 req->handle->nesting++;
1293 req->handle->parent = parent;
1294 req->handle->flags = parent->handle->flags;
1295 req->handle->custom_flags = parent->handle->custom_flags;
1296 }
1297
1298 *ret_req = req;
1299
1300 return LDB_SUCCESS;
1301 }
1302
1303 int ldb_build_del_req(struct ldb_request **ret_req,
1304 struct ldb_context *ldb,
1305 TALLOC_CTX *mem_ctx,
1306 struct ldb_dn *dn,
1307 struct ldb_control **controls,
1308 void *context,
1309 ldb_request_callback_t callback,
1310 struct ldb_request *parent)
1311 {
1312 struct ldb_request *req;
1313
1314 *ret_req = NULL;
1315
1316 req = talloc(mem_ctx, struct ldb_request);
1317 if (req == NULL) {
1318 ldb_set_errstring(ldb, "Out of Memory");
1319 return LDB_ERR_OPERATIONS_ERROR;
1320 }
1321
1322 req->operation = LDB_DELETE;
1323 req->op.del.dn = dn;
1324 req->controls = controls;
1325 req->context = context;
1326 req->callback = callback;
1327
1328 ldb_set_timeout_from_prev_req(ldb, parent, req);
1329
1330 req->handle = ldb_handle_new(req, ldb);
1331 if (req->handle == NULL) {
1332 ldb_oom(ldb);
1333 return LDB_ERR_OPERATIONS_ERROR;
1334 }
1335
1336 if (parent) {
1337 req->handle->nesting++;
1338 req->handle->parent = parent;
1339 req->handle->flags = parent->handle->flags;
1340 req->handle->custom_flags = parent->handle->custom_flags;
1341 }
1342
1343 *ret_req = req;
1344
1345 return LDB_SUCCESS;
1346 }
1347
1348 int ldb_build_rename_req(struct ldb_request **ret_req,
1349 struct ldb_context *ldb,
1350 TALLOC_CTX *mem_ctx,
1351 struct ldb_dn *olddn,
1352 struct ldb_dn *newdn,
1353 struct ldb_control **controls,
1354 void *context,
1355 ldb_request_callback_t callback,
1356 struct ldb_request *parent)
1357 {
1358 struct ldb_request *req;
1359
1360 *ret_req = NULL;
1361
1362 req = talloc(mem_ctx, struct ldb_request);
1363 if (req == NULL) {
1364 ldb_set_errstring(ldb, "Out of Memory");
1365 return LDB_ERR_OPERATIONS_ERROR;
1366 }
1367
1368 req->operation = LDB_RENAME;
1369 req->op.rename.olddn = olddn;
1370 req->op.rename.newdn = newdn;
1371 req->controls = controls;
1372 req->context = context;
1373 req->callback = callback;
1374
1375 ldb_set_timeout_from_prev_req(ldb, parent, req);
1376
1377 req->handle = ldb_handle_new(req, ldb);
1378 if (req->handle == NULL) {
1379 ldb_oom(ldb);
1380 return LDB_ERR_OPERATIONS_ERROR;
1381 }
1382
1383 if (parent) {
1384 req->handle->nesting++;
1385 req->handle->parent = parent;
1386 req->handle->flags = parent->handle->flags;
1387 req->handle->custom_flags = parent->handle->custom_flags;
1388 }
1389
1390 *ret_req = req;
1391
1392 return LDB_SUCCESS;
1393 }
1394
1395 int ldb_extended_default_callback(struct ldb_request *req,
1396 struct ldb_reply *ares)
1397 {
1398 struct ldb_result *res;
1399
1400 res = talloc_get_type(req->context, struct ldb_result);
1401
1402 if (!ares) {
1403 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1404 }
1405 if (ares->error != LDB_SUCCESS) {
1406 return ldb_request_done(req, ares->error);
1407 }
1408
1409 if (ares->type == LDB_REPLY_DONE) {
1410
1411 /* TODO: we should really support controls on entries and referrals too! */
1412 res->extended = talloc_move(res, &ares->response);
1413 res->controls = talloc_move(res, &ares->controls);
1414
1415 talloc_free(ares);
1416 return ldb_request_done(req, LDB_SUCCESS);
1417 }
1418
1419 talloc_free(ares);
1420 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1421 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1422 }
1423
1424 int ldb_build_extended_req(struct ldb_request **ret_req,
1425 struct ldb_context *ldb,
1426 TALLOC_CTX *mem_ctx,
1427 const char *oid,
1428 void *data,
1429 struct ldb_control **controls,
1430 void *context,
1431 ldb_request_callback_t callback,
1432 struct ldb_request *parent)
1433 {
1434 struct ldb_request *req;
1435
1436 *ret_req = NULL;
1437
1438 req = talloc(mem_ctx, struct ldb_request);
1439 if (req == NULL) {
1440 ldb_set_errstring(ldb, "Out of Memory");
1441 return LDB_ERR_OPERATIONS_ERROR;
1442 }
1443
1444 req->operation = LDB_EXTENDED;
1445 req->op.extended.oid = oid;
1446 req->op.extended.data = data;
1447 req->controls = controls;
1448 req->context = context;
1449 req->callback = callback;
1450
1451 ldb_set_timeout_from_prev_req(ldb, parent, req);
1452
1453 req->handle = ldb_handle_new(req, ldb);
1454 if (req->handle == NULL) {
1455 ldb_oom(ldb);
1456 return LDB_ERR_OPERATIONS_ERROR;
1457 }
1458
1459 if (parent) {
1460 req->handle->nesting++;
1461 req->handle->parent = parent;
1462 req->handle->flags = parent->handle->flags;
1463 req->handle->custom_flags = parent->handle->custom_flags;
1464 }
1465
1466 *ret_req = req;
1467
1468 return LDB_SUCCESS;
1469 }
1470
1471 int ldb_extended(struct ldb_context *ldb,
1472 const char *oid,
1473 void *data,
1474 struct ldb_result **_res)
1475 {
1476 struct ldb_request *req;
1477 int ret;
1478 struct ldb_result *res;
1479
1480 *_res = NULL;
1481 req = NULL;
1482
1483 res = talloc_zero(ldb, struct ldb_result);
1484 if (!res) {
1485 return LDB_ERR_OPERATIONS_ERROR;
1486 }
1487
1488 ret = ldb_build_extended_req(&req, ldb, ldb,
1489 oid, data, NULL,
1490 res, ldb_extended_default_callback,
1491 NULL);
1492 ldb_req_set_location(req, "ldb_extended");
1493
1494 if (ret != LDB_SUCCESS) goto done;
1495
1496 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1497
1498 ret = ldb_request(ldb, req);
1499
1500 if (ret == LDB_SUCCESS) {
1501 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1502 }
1503
1504 done:
1505 if (ret != LDB_SUCCESS) {
1506 talloc_free(res);
1507 res = NULL;
1508 }
1509
1510 talloc_free(req);
1511
1512 *_res = res;
1513 return ret;
1514 }
1515
1516 /*
1517 note that ldb_search() will automatically replace a NULL 'base' value
1518 with the defaultNamingContext from the rootDSE if available.
1519 */
1520 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1521 struct ldb_result **result, struct ldb_dn *base,
1522 enum ldb_scope scope, const char * const *attrs,
1523 const char *exp_fmt, ...)
1524 {
1525 struct ldb_request *req;
1526 struct ldb_result *res;
1527 char *expression;
1528 va_list ap;
1529 int ret;
1530
1531 expression = NULL;
1532 *result = NULL;
1533 req = NULL;
1534
1535 res = talloc_zero(mem_ctx, struct ldb_result);
1536 if (!res) {
1537 return LDB_ERR_OPERATIONS_ERROR;
1538 }
1539
1540 if (exp_fmt) {
1541 va_start(ap, exp_fmt);
1542 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1543 va_end(ap);
1544
1545 if (!expression) {
1546 talloc_free(res);
1547 return LDB_ERR_OPERATIONS_ERROR;
1548 }
1549 }
1550
1551 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1552 base?base:ldb_get_default_basedn(ldb),
1553 scope,
1554 expression,
1555 attrs,
1556 NULL,
1557 res,
1558 ldb_search_default_callback,
1559 NULL);
1560 ldb_req_set_location(req, "ldb_search");
1561
1562 if (ret != LDB_SUCCESS) goto done;
1563
1564 ret = ldb_request(ldb, req);
1565
1566 if (ret == LDB_SUCCESS) {
1567 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1568 }
1569
1570 done:
1571 if (ret != LDB_SUCCESS) {
1572 talloc_free(res);
1573 res = NULL;
1574 }
1575
1576 talloc_free(expression);
1577 talloc_free(req);
1578
1579 *result = res;
1580 return ret;
1581 }
1582
1583 /*
1584 add a record to the database. Will fail if a record with the given class
1585 and key already exists
1586 */
1587 int ldb_add(struct ldb_context *ldb,
1588 const struct ldb_message *message)
1589 {
1590 struct ldb_request *req;
1591 int ret;
1592
1593 ret = ldb_msg_sanity_check(ldb, message);
1594 if (ret != LDB_SUCCESS) {
1595 return ret;
1596 }
1597
1598 ret = ldb_build_add_req(&req, ldb, ldb,
1599 message,
1600 NULL,
1601 NULL,
1602 ldb_op_default_callback,
1603 NULL);
1604 ldb_req_set_location(req, "ldb_add");
1605
1606 if (ret != LDB_SUCCESS) return ret;
1607
1608 /* do request and autostart a transaction */
1609 ret = ldb_autotransaction_request(ldb, req);
1610
1611 talloc_free(req);
1612 return ret;
1613 }
1614
1615 /*
1616 modify the specified attributes of a record
1617 */
1618 int ldb_modify(struct ldb_context *ldb,
1619 const struct ldb_message *message)
1620 {
1621 struct ldb_request *req;
1622 int ret;
1623
1624 ret = ldb_msg_sanity_check(ldb, message);
1625 if (ret != LDB_SUCCESS) {
1626 return ret;
1627 }
1628
1629 ret = ldb_build_mod_req(&req, ldb, ldb,
1630 message,
1631 NULL,
1632 NULL,
1633 ldb_op_default_callback,
1634 NULL);
1635 ldb_req_set_location(req, "ldb_modify");
1636
1637 if (ret != LDB_SUCCESS) return ret;
1638
1639 /* do request and autostart a transaction */
1640 ret = ldb_autotransaction_request(ldb, req);
1641
1642 talloc_free(req);
1643 return ret;
1644 }
1645
1646
1647 /*
1648 delete a record from the database
1649 */
1650 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1651 {
1652 struct ldb_request *req;
1653 int ret;
1654
1655 ret = ldb_build_del_req(&req, ldb, ldb,
1656 dn,
1657 NULL,
1658 NULL,
1659 ldb_op_default_callback,
1660 NULL);
1661 ldb_req_set_location(req, "ldb_delete");
1662
1663 if (ret != LDB_SUCCESS) return ret;
1664
1665 /* do request and autostart a transaction */
1666 ret = ldb_autotransaction_request(ldb, req);
1667
1668 talloc_free(req);
1669 return ret;
1670 }
1671
1672 /*
1673 rename a record in the database
1674 */
1675 int ldb_rename(struct ldb_context *ldb,
1676 struct ldb_dn *olddn, struct ldb_dn *newdn)
1677 {
1678 struct ldb_request *req;
1679 int ret;
1680
1681 ret = ldb_build_rename_req(&req, ldb, ldb,
1682 olddn,
1683 newdn,
1684 NULL,
1685 NULL,
1686 ldb_op_default_callback,
1687 NULL);
1688 ldb_req_set_location(req, "ldb_rename");
1689
1690 if (ret != LDB_SUCCESS) return ret;
1691
1692 /* do request and autostart a transaction */
1693 ret = ldb_autotransaction_request(ldb, req);
1694
1695 talloc_free(req);
1696 return ret;
1697 }
1698
1699
1700 /*
1701 return the global sequence number
1702 */
1703 int ldb_sequence_number(struct ldb_context *ldb,
1704 enum ldb_sequence_type type, uint64_t *seq_num)
1705 {
1706 struct ldb_seqnum_request *seq;
1707 struct ldb_seqnum_result *seqr;
1708 struct ldb_result *res;
1709 TALLOC_CTX *tmp_ctx;
1710 int ret;
1711
1712 *seq_num = 0;
1713
1714 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1715 if (tmp_ctx == NULL) {
1716 ldb_set_errstring(ldb, "Out of Memory");
1717 return LDB_ERR_OPERATIONS_ERROR;
1718 }
1719 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1720 if (seq == NULL) {
1721 ldb_set_errstring(ldb, "Out of Memory");
1722 ret = LDB_ERR_OPERATIONS_ERROR;
1723 goto done;
1724 }
1725 seq->type = type;
1726
1727 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1728 if (ret != LDB_SUCCESS) {
1729 goto done;
1730 }
1731 talloc_steal(tmp_ctx, res);
1732
1733 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1734 ldb_set_errstring(ldb, "Invalid OID in reply");
1735 ret = LDB_ERR_OPERATIONS_ERROR;
1736 goto done;
1737 }
1738 seqr = talloc_get_type(res->extended->data,
1739 struct ldb_seqnum_result);
1740 *seq_num = seqr->seq_num;
1741
1742 done:
1743 talloc_free(tmp_ctx);
1744 return ret;
1745 }
1746
1747 /*
1748 return extended error information
1749 */
1750 const char *ldb_errstring(struct ldb_context *ldb)
1751 {
1752 if (ldb->err_string) {
1753 return ldb->err_string;
1754 }
1755
1756 return NULL;
1757 }
1758
1759 /*
1760 return a string explaining what a ldb error constant meancs
1761 */
1762 const char *ldb_strerror(int ldb_err)
1763 {
1764 switch (ldb_err) {
1765 case LDB_SUCCESS:
1766 return "Success";
1767 case LDB_ERR_OPERATIONS_ERROR:
1768 return "Operations error";
1769 case LDB_ERR_PROTOCOL_ERROR:
1770 return "Protocol error";
1771 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1772 return "Time limit exceeded";
1773 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1774 return "Size limit exceeded";
1775 case LDB_ERR_COMPARE_FALSE:
1776 return "Compare false";
1777 case LDB_ERR_COMPARE_TRUE:
1778 return "Compare true";
1779 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1780 return "Auth method not supported";
1781 case LDB_ERR_STRONG_AUTH_REQUIRED:
1782 return "Strong auth required";
1783 /* 9 RESERVED */
1784 case LDB_ERR_REFERRAL:
1785 return "Referral error";
1786 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1787 return "Admin limit exceeded";
1788 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1789 return "Unsupported critical extension";
1790 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1791 return "Confidentiality required";
1792 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1793 return "SASL bind in progress";
1794 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1795 return "No such attribute";
1796 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1797 return "Undefined attribute type";
1798 case LDB_ERR_INAPPROPRIATE_MATCHING:
1799 return "Inappropriate matching";
1800 case LDB_ERR_CONSTRAINT_VIOLATION:
1801 return "Constraint violation";
1802 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1803 return "Attribute or value exists";
1804 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1805 return "Invalid attribute syntax";
1806 /* 22-31 unused */
1807 case LDB_ERR_NO_SUCH_OBJECT:
1808 return "No such object";
1809 case LDB_ERR_ALIAS_PROBLEM:
1810 return "Alias problem";
1811 case LDB_ERR_INVALID_DN_SYNTAX:
1812 return "Invalid DN syntax";
1813 /* 35 RESERVED */
1814 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1815 return "Alias dereferencing problem";
1816 /* 37-47 unused */
1817 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1818 return "Inappropriate authentication";
1819 case LDB_ERR_INVALID_CREDENTIALS:
1820 return "Invalid credentials";
1821 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1822 return "insufficient access rights";
1823 case LDB_ERR_BUSY:
1824 return "Busy";
1825 case LDB_ERR_UNAVAILABLE:
1826 return "Unavailable";
1827 case LDB_ERR_UNWILLING_TO_PERFORM:
1828 return "Unwilling to perform";
1829 case LDB_ERR_LOOP_DETECT:
1830 return "Loop detect";
1831 /* 55-63 unused */
1832 case LDB_ERR_NAMING_VIOLATION:
1833 return "Naming violation";
1834 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1835 return "Object class violation";
1836 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1837 return "Not allowed on non-leaf";
1838 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1839 return "Not allowed on RDN";
1840 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1841 return "Entry already exists";
1842 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1843 return "Object class mods prohibited";
1844 /* 70 RESERVED FOR CLDAP */
1845 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1846 return "Affects multiple DSAs";
1847 /* 72-79 unused */
1848 case LDB_ERR_OTHER:
1849 return "Other";
1850 }
1851
1852 return "Unknown error";
1853 }
1854
1855 /*
1856 set backend specific opaque parameters
1857 */
1858 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1859 {
1860 struct ldb_opaque *o;
1861
1862 /* allow updating an existing value */
1863 for (o=ldb->opaque;o;o=o->next) {
1864 if (strcmp(o->name, name) == 0) {
1865 o->value = value;
1866 return LDB_SUCCESS;
1867 }
1868 }
1869
1870 o = talloc(ldb, struct ldb_opaque);
1871 if (o == NULL) {
1872 ldb_oom(ldb);
1873 return LDB_ERR_OTHER;
1874 }
1875 o->next = ldb->opaque;
1876 o->name = name;
1877 o->value = value;
1878 ldb->opaque = o;
1879 return LDB_SUCCESS;
1880 }
1881
1882 /*
1883 get a previously set opaque value
1884 */
1885 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1886 {
1887 struct ldb_opaque *o;
1888 for (o=ldb->opaque;o;o=o->next) {
1889 if (strcmp(o->name, name) == 0) {
1890 return o->value;
1891 }
1892 }
1893 return NULL;
1894 }
1895
1896 int ldb_global_init(void)
1897 {
1898 /* Provided for compatibility with some older versions of ldb */
1899 return 0;
1900 }
1901
1902 /* return the ldb flags */
1903 unsigned int ldb_get_flags(struct ldb_context *ldb)
1904 {
1905 return ldb->flags;
1906 }
1907
1908 /* set the ldb flags */
1909 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
1910 {
1911 ldb->flags = flags;
1912 }
1913
1914
1915 /*
1916 set the location in a ldb request. Used for debugging
1917 */
1918 void ldb_req_set_location(struct ldb_request *req, const char *location)
1919 {
1920 if (req && req->handle) {
1921 req->handle->location = location;
1922 }
1923 }
1924
1925 /*
1926 return the location set with dsdb_req_set_location
1927 */
1928 const char *ldb_req_location(struct ldb_request *req)
1929 {
1930 return req->handle->location;
1931 }
1932
1933 /**
1934 mark a request as untrusted. This tells the rootdse module to remove
1935 unregistered controls
1936 */
1937 void ldb_req_mark_untrusted(struct ldb_request *req)
1938 {
1939 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
1940 }
1941
1942 /**
1943 mark a request as trusted.
1944 */
1945 void ldb_req_mark_trusted(struct ldb_request *req)
1946 {
1947 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
1948 }
1949
1950 /**
1951 set custom flags. Those flags are set by applications using ldb,
1952 they are application dependent and the same bit can have different
1953 meaning in different application.
1954 */
1955 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
1956 {
1957 if (req != NULL && req->handle != NULL) {
1958 req->handle->custom_flags = flags;
1959 }
1960 }
1961
1962
1963 /**
1964 get custom flags. Those flags are set by applications using ldb,
1965 they are application dependent and the same bit can have different
1966 meaning in different application.
1967 */
1968 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
1969 {
1970 if (req != NULL && req->handle != NULL) {
1971 return req->handle->custom_flags;
1972 }
1973
1974 /*
1975 * 0 is not something any better or worse than
1976 * anything else as req or the handle is NULL
1977 */
1978 return 0;
1979 }
1980
1981
1982 /**
1983 * return true if a request is untrusted
1984 */
1985 bool ldb_req_is_untrusted(struct ldb_request *req)
1986 {
1987 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
1988 }
reg import