search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r3757: Some fixes for ldb_ldap
[Samba/gebeck_regimport.git] / source4 / lib / ldb / ldb_ldap / ldb_ldap.c
blob7fb6a0b3f7bb7cc748ec8b8d204ede42fe04aed3
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
8 ** under the LGPL
9
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 2 of the License, or (at your option) any later version.
14
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb ldap backend
29 *
30 * Description: core files for LDAP backend
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #include "includes.h"
36 #include "ldb/ldb_ldap/ldb_ldap.h"
37
38 #if 0
39 /*
40 we don't need this right now, but will once we add some backend
41 options
42 */
43
44 /*
45 find an option in an option list (a null terminated list of strings)
46
47 this assumes the list is short. If it ever gets long then we really
48 should do this in some smarter way
49 */
50 static const char *lldb_option_find(const struct lldb_private *lldb, const char *name)
51 {
52 int i;
53 size_t len = strlen(name);
54
55 if (!lldb->options) return NULL;
56
57 for (i=0;lldb->options[i];i++) {
58 if (strncmp(lldb->options[i], name, len) == 0 &&
59 lldb->options[i][len] == '=') {
60 return &lldb->options[i][len+1];
61 }
62 }
63
64 return NULL;
65 }
66 #endif
67
68 /*
69 close/free the connection
70 */
71 static int lldb_close(struct ldb_module *module)
72 {
73 int i, ret = 0;
74 struct ldb_context *ldb = module->ldb;
75 struct lldb_private *lldb = module->private_data;
76
77 if (ldap_unbind(lldb->ldap) != LDAP_SUCCESS) {
78 ret = -1;
79 }
80
81 ldb_set_alloc(ldb, NULL, NULL);
82
83 if (lldb->options) {
84 for (i=0;lldb->options[i];i++) {
85 ldb_free(ldb, lldb->options[i]);
86 }
87 ldb_free(ldb, lldb->options);
88 }
89 ldb_free(ldb, lldb);
90 free(ldb);
91
92 return ret;
93 }
94
95 /*
96 rename a record
97 */
98 static int lldb_rename(struct ldb_module *module, const char *olddn, const char *newdn)
99 {
100 struct ldb_context *ldb = module->ldb;
101 struct lldb_private *lldb = module->private_data;
102 int ret = 0;
103 char *newrdn, *p;
104 const char *parentdn = "";
105
106 /* ignore ltdb specials */
107 if (olddn[0] == '@' ||newdn[0] == '@') {
108 return 0;
109 }
110
111 newrdn = ldb_strdup(ldb, newdn);
112 if (!newrdn) {
113 return -1;
114 }
115
116 p = strchr(newrdn, ',');
117 if (p) {
118 *p++ = '\0';
119 parentdn = p;
120 }
121
122 lldb->last_rc = ldap_rename_s(lldb->ldap, olddn, newrdn, parentdn, 1, NULL, NULL);
123 ldb_free(ldb, newrdn);
124 if (lldb->last_rc != LDAP_SUCCESS) {
125 ret = -1;
126 }
127
128 return ret;
129 }
130
131 /*
132 delete a record
133 */
134 static int lldb_delete(struct ldb_module *module, const char *dn)
135 {
136 struct lldb_private *lldb = module->private_data;
137 int ret = 0;
138
139 /* ignore ltdb specials */
140 if (dn[0] == '@') {
141 return 0;
142 }
143
144 lldb->last_rc = ldap_delete_s(lldb->ldap, dn);
145 if (lldb->last_rc != LDAP_SUCCESS) {
146 ret = -1;
147 }
148
149 return ret;
150 }
151
152 /*
153 free a search message
154 */
155 static int lldb_msg_free(struct ldb_context *ldb, struct ldb_message *msg)
156 {
157 unsigned int i, j;
158 ldb_free(ldb, msg->dn);
159 for (i=0;i<msg->num_elements;i++) {
160 ldb_free(ldb, msg->elements[i].name);
161 for (j=0;j<msg->elements[i].num_values;j++) {
162 if (msg->elements[i].values[j].data) {
163 ldb_free(ldb, msg->elements[i].values[j].data);
164 }
165 }
166 ldb_free(ldb, msg->elements[i].values);
167 }
168 if (msg->elements) ldb_free(ldb, msg->elements);
169 ldb_free(ldb, msg);
170 return 0;
171 }
172
173 /*
174 free a search result
175 */
176 static int lldb_search_free(struct ldb_module *module, struct ldb_message **res)
177 {
178 struct ldb_context *ldb = module->ldb;
179 int i;
180 for (i=0;res[i];i++) {
181 if (lldb_msg_free(ldb, res[i]) != 0) {
182 return -1;
183 }
184 }
185 ldb_free(ldb, res);
186 return 0;
187 }
188
189
190 /*
191 add a single set of ldap message values to a ldb_message
192 */
193 static int lldb_add_msg_attr(struct ldb_context *ldb,
194 struct ldb_message *msg,
195 const char *attr, struct berval **bval)
196 {
197 int count, i;
198 struct ldb_message_element *el;
199
200 count = ldap_count_values_len(bval);
201
202 if (count <= 0) {
203 return -1;
204 }
205
206 el = ldb_realloc_p(ldb, msg->elements, struct ldb_message_element,
207 msg->num_elements + 1);
208 if (!el) {
209 errno = ENOMEM;
210 return -1;
211 }
212
213 msg->elements = el;
214
215 el = &msg->elements[msg->num_elements];
216
217 el->name = ldb_strdup(ldb, attr);
218 if (!el->name) {
219 errno = ENOMEM;
220 return -1;
221 }
222 el->flags = 0;
223
224 el->num_values = 0;
225 el->values = ldb_malloc_array_p(ldb, struct ldb_val, count);
226 if (!el->values) {
227 errno = ENOMEM;
228 return -1;
229 }
230
231 for (i=0;i<count;i++) {
232 el->values[i].data = ldb_malloc(ldb, bval[i]->bv_len);
233 if (!el->values[i].data) {
234 return -1;
235 }
236 memcpy(el->values[i].data, bval[i]->bv_val, bval[i]->bv_len);
237 el->values[i].length = bval[i]->bv_len;
238 el->num_values++;
239 }
240
241 msg->num_elements++;
242
243 return 0;
244 }
245
246 /*
247 search for matching records
248 */
249 static int lldb_search(struct ldb_module *module, const char *base,
250 enum ldb_scope scope, const char *expression,
251 const char * const *attrs, struct ldb_message ***res)
252 {
253 struct ldb_context *ldb = module->ldb;
254 struct lldb_private *lldb = module->private_data;
255 int count, msg_count;
256 LDAPMessage *ldapres, *msg;
257
258 if (base == NULL) {
259 base = "";
260 }
261
262 lldb->last_rc = ldap_search_s(lldb->ldap, base, (int)scope,
263 expression,
264 discard_const_p(char *, attrs),
265 0, &ldapres);
266 if (lldb->last_rc != LDAP_SUCCESS) {
267 return -1;
268 }
269
270 count = ldap_count_entries(lldb->ldap, ldapres);
271 if (count == -1 || count == 0) {
272 ldap_msgfree(ldapres);
273 return count;
274 }
275
276 (*res) = ldb_malloc_array_p(ldb, struct ldb_message *, count+1);
277 if (! *res) {
278 ldap_msgfree(ldapres);
279 errno = ENOMEM;
280 return -1;
281 }
282
283 (*res)[0] = NULL;
284
285 msg_count = 0;
286
287 /* loop over all messages */
288 for (msg=ldap_first_entry(lldb->ldap, ldapres);
289 msg;
290 msg=ldap_next_entry(lldb->ldap, msg)) {
291 BerElement *berptr = NULL;
292 char *attr, *dn;
293
294 if (msg_count == count) {
295 /* hmm, got too many? */
296 ldb_debug(ldb, LDB_DEBUG_FATAL, "Fatal: ldap message count inconsistent\n");
297 break;
298 }
299
300 (*res)[msg_count] = ldb_malloc_p(ldb, struct ldb_message);
301 if (!(*res)[msg_count]) {
302 goto failed;
303 }
304 (*res)[msg_count+1] = NULL;
305
306 dn = ldap_get_dn(lldb->ldap, msg);
307 if (!dn) {
308 goto failed;
309 }
310
311 (*res)[msg_count]->dn = ldb_strdup(ldb, dn);
312 ldap_memfree(dn);
313 if (!(*res)[msg_count]->dn) {
314 goto failed;
315 }
316
317
318 (*res)[msg_count]->num_elements = 0;
319 (*res)[msg_count]->elements = NULL;
320 (*res)[msg_count]->private_data = NULL;
321
322 /* loop over all attributes */
323 for (attr=ldap_first_attribute(lldb->ldap, msg, &berptr);
324 attr;
325 attr=ldap_next_attribute(lldb->ldap, msg, berptr)) {
326 struct berval **bval;
327 bval = ldap_get_values_len(lldb->ldap, msg, attr);
328
329 if (bval) {
330 lldb_add_msg_attr(ldb, (*res)[msg_count], attr, bval);
331 ldap_value_free_len(bval);
332 }
333
334 ldap_memfree(attr);
335 }
336 if (berptr) ber_free(berptr, 0);
337
338 msg_count++;
339 }
340
341 ldap_msgfree(ldapres);
342
343 return msg_count;
344
345 failed:
346 if (*res) lldb_search_free(module, *res);
347 return -1;
348 }
349
350
351 /*
352 free a set of mods from lldb_msg_to_mods()
353 */
354 static void lldb_mods_free(struct ldb_context *ldb, LDAPMod **mods)
355 {
356 int i, j;
357
358 if (!mods) return;
359
360 for (i=0;mods[i];i++) {
361 if (mods[i]->mod_vals.modv_bvals) {
362 for (j=0;mods[i]->mod_vals.modv_bvals[j];j++) {
363 ldb_free(ldb, mods[i]->mod_vals.modv_bvals[j]);
364 }
365 ldb_free(ldb, mods[i]->mod_vals.modv_bvals);
366 }
367 ldb_free(ldb, mods[i]);
368 }
369 ldb_free(ldb, mods);
370 }
371
372
373 /*
374 convert a ldb_message structure to a list of LDAPMod structures
375 ready for ldap_add() or ldap_modify()
376 */
377 static LDAPMod **lldb_msg_to_mods(struct ldb_context *ldb,
378 const struct ldb_message *msg, int use_flags)
379 {
380 LDAPMod **mods;
381 unsigned int i, j;
382 int num_mods = 0;
383
384 /* allocate maximum number of elements needed */
385 mods = ldb_malloc_array_p(ldb, LDAPMod *, msg->num_elements+1);
386 if (!mods) {
387 errno = ENOMEM;
388 return NULL;
389 }
390 mods[0] = NULL;
391
392 for (i=0;i<msg->num_elements;i++) {
393 const struct ldb_message_element *el = &msg->elements[i];
394
395 mods[num_mods] = ldb_malloc_p(ldb, LDAPMod);
396 if (!mods[num_mods]) {
397 goto failed;
398 }
399 mods[num_mods+1] = NULL;
400 mods[num_mods]->mod_op = LDAP_MOD_BVALUES;
401 if (use_flags) {
402 switch (el->flags & LDB_FLAG_MOD_MASK) {
403 case LDB_FLAG_MOD_ADD:
404 mods[num_mods]->mod_op |= LDAP_MOD_ADD;
405 break;
406 case LDB_FLAG_MOD_DELETE:
407 mods[num_mods]->mod_op |= LDAP_MOD_DELETE;
408 break;
409 case LDB_FLAG_MOD_REPLACE:
410 mods[num_mods]->mod_op |= LDAP_MOD_REPLACE;
411 break;
412 }
413 }
414 mods[num_mods]->mod_type = el->name;
415 mods[num_mods]->mod_vals.modv_bvals = ldb_malloc_array_p(ldb,
416 struct berval *,
417 1+el->num_values);
418 if (!mods[num_mods]->mod_vals.modv_bvals) {
419 goto failed;
420 }
421
422 for (j=0;j<el->num_values;j++) {
423 mods[num_mods]->mod_vals.modv_bvals[j] = ldb_malloc_p(ldb, struct berval);
424 if (!mods[num_mods]->mod_vals.modv_bvals[j]) {
425 goto failed;
426 }
427 mods[num_mods]->mod_vals.modv_bvals[j]->bv_val = el->values[j].data;
428 mods[num_mods]->mod_vals.modv_bvals[j]->bv_len = el->values[j].length;
429 }
430 mods[num_mods]->mod_vals.modv_bvals[j] = NULL;
431 num_mods++;
432 }
433
434 return mods;
435
436 failed:
437 lldb_mods_free(ldb, mods);
438 return NULL;
439 }
440
441
442 /*
443 add a record
444 */
445 static int lldb_add(struct ldb_module *module, const struct ldb_message *msg)
446 {
447 struct ldb_context *ldb = module->ldb;
448 struct lldb_private *lldb = module->private_data;
449 LDAPMod **mods;
450 int ret = 0;
451
452 /* ignore ltdb specials */
453 if (msg->dn[0] == '@') {
454 return 0;
455 }
456
457 mods = lldb_msg_to_mods(ldb, msg, 0);
458
459 lldb->last_rc = ldap_add_s(lldb->ldap, msg->dn, mods);
460 if (lldb->last_rc != LDAP_SUCCESS) {
461 ret = -1;
462 }
463
464 lldb_mods_free(ldb, mods);
465
466 return ret;
467 }
468
469
470 /*
471 modify a record
472 */
473 static int lldb_modify(struct ldb_module *module, const struct ldb_message *msg)
474 {
475 struct ldb_context *ldb = module->ldb;
476 struct lldb_private *lldb = module->private_data;
477 LDAPMod **mods;
478 int ret = 0;
479
480 /* ignore ltdb specials */
481 if (msg->dn[0] == '@') {
482 return 0;
483 }
484
485 mods = lldb_msg_to_mods(ldb, msg, 1);
486
487 lldb->last_rc = ldap_modify_s(lldb->ldap, msg->dn, mods);
488 if (lldb->last_rc != LDAP_SUCCESS) {
489 ret = -1;
490 }
491
492 lldb_mods_free(ldb, mods);
493
494 return ret;
495 }
496
497
498 /*
499 return extended error information
500 */
501 static const char *lldb_errstring(struct ldb_module *module)
502 {
503 struct lldb_private *lldb = module->private_data;
504 return ldap_err2string(lldb->last_rc);
505 }
506
507
508 static const struct ldb_module_ops lldb_ops = {
509 "ldap",
510 lldb_close,
511 lldb_search,
512 lldb_search_free,
513 lldb_add,
514 lldb_modify,
515 lldb_delete,
516 lldb_rename,
517 lldb_errstring
518 };
519
520
521 /*
522 connect to the database
523 */
524 struct ldb_context *lldb_connect(const char *url,
525 unsigned int flags,
526 const char *options[])
527 {
528 struct ldb_context *ldb = NULL;
529 struct lldb_private *lldb = NULL;
530 int i, version = 3;
531
532 ldb = calloc(1, sizeof(struct ldb_context));
533 if (!ldb) {
534 errno = ENOMEM;
535 goto failed;
536 }
537
538 lldb = ldb_malloc_p(ldb, struct lldb_private);
539 if (!lldb) {
540 ldb_free(ldb, ldb);
541 errno = ENOMEM;
542 goto failed;
543 }
544
545 lldb->ldap = NULL;
546 lldb->options = NULL;
547
548 lldb->last_rc = ldap_initialize(&lldb->ldap, url);
549 if (lldb->last_rc != LDAP_SUCCESS) {
550 goto failed;
551 }
552
553 lldb->last_rc = ldap_set_option(lldb->ldap, LDAP_OPT_PROTOCOL_VERSION, &version);
554 if (lldb->last_rc != LDAP_SUCCESS) {
555 goto failed;
556 }
557
558 ldb->modules = ldb_malloc_p(ldb, struct ldb_module);
559 if (!ldb->modules) {
560 ldb_free(ldb, ldb);
561 errno = ENOMEM;
562 goto failed;
563 }
564 ldb->modules->ldb = ldb;
565 ldb->modules->prev = ldb->modules->next = NULL;
566 ldb->modules->private_data = lldb;
567 ldb->modules->ops = &lldb_ops;
568
569 if (options) {
570 /* take a copy of the options array, so we don't have to rely
571 on the caller keeping it around (it might be dynamic) */
572 for (i=0;options[i];i++) ;
573
574 lldb->options = ldb_malloc_array_p(ldb, char *, i+1);
575 if (!lldb->options) {
576 goto failed;
577 }
578
579 for (i=0;options[i];i++) {
580 lldb->options[i+1] = NULL;
581 lldb->options[i] = ldb_strdup(ldb, options[i]);
582 if (!lldb->options[i]) {
583 goto failed;
584 }
585 }
586 }
587
588 return ldb;
589
590 failed:
591 if (lldb && lldb->options) {
592 for (i=0;lldb->options[i];i++) {
593 ldb_free(ldb, lldb->options[i]);
594 }
595 ldb_free(ldb, lldb->options);
596 }
597 if (lldb && lldb->ldap) {
598 ldap_unbind(lldb->ldap);
599 }
600 ldb_free(ldb, lldb);
601 if (ldb) free(ldb);
602 return NULL;
603 }
604
reg import