search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
LDB ASYNC: samba4 modules
[Samba/vfs_proxy.git] / source4 / dsdb / samdb / ldb_modules / anr.c
blob028df588d6bddb44fb874e773c156189a6e533c0
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007
5 Copyright (C) Simo Sorce <idra@samba.org> 2008
6 Copyright (C) Andrew Tridgell 2004
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 /*
23 * Name: ldb
24 *
25 * Component: ldb anr module
26 *
27 * Description: module to implement 'ambiguous name resolution'
28 *
29 * Author: Andrew Bartlett
30 */
31
32 #include "includes.h"
33 #include "ldb_includes.h"
34 #include "dsdb/samdb/samdb.h"
35
36 /**
37 * Make a and 'and' or 'or' tree from the two supplied elements
38 */
39 struct ldb_parse_tree *make_parse_list(struct ldb_module *module,
40 TALLOC_CTX *mem_ctx, enum ldb_parse_op op,
41 struct ldb_parse_tree *first_arm, struct ldb_parse_tree *second_arm)
42 {
43 struct ldb_parse_tree *list;
44
45 list = talloc(mem_ctx, struct ldb_parse_tree);
46 if (list == NULL){
47 ldb_oom(module->ldb);
48 return NULL;
49 }
50 list->operation = op;
51
52 list->u.list.num_elements = 2;
53 list->u.list.elements = talloc_array(list, struct ldb_parse_tree *, 2);
54 if (!list->u.list.elements) {
55 ldb_oom(module->ldb);
56 return NULL;
57 }
58 list->u.list.elements[0] = talloc_steal(list, first_arm);
59 list->u.list.elements[1] = talloc_steal(list, second_arm);
60 return list;
61 }
62
63 /**
64 * Make an equality or prefix match tree, from the attribute, operation and matching value supplied
65 */
66 struct ldb_parse_tree *make_match_tree(struct ldb_module *module,
67 TALLOC_CTX *mem_ctx, enum ldb_parse_op op,
68 const char *attr, const DATA_BLOB *match)
69 {
70 struct ldb_parse_tree *match_tree;
71
72 match_tree = talloc(mem_ctx, struct ldb_parse_tree);
73
74 /* Depending on what type of match was selected, fill in the right part of the union */
75
76 match_tree->operation = op;
77 switch (op) {
78 case LDB_OP_SUBSTRING:
79 match_tree->u.substring.attr = attr;
80
81 match_tree->u.substring.start_with_wildcard = 0;
82 match_tree->u.substring.end_with_wildcard = 1;
83 match_tree->u.substring.chunks = talloc_array(match_tree, struct ldb_val *, 2);
84
85 if (match_tree->u.substring.chunks == NULL){
86 ldb_oom(module->ldb);
87 return NULL;
88 }
89 match_tree->u.substring.chunks[0] = match;
90 match_tree->u.substring.chunks[1] = NULL;
91 break;
92 case LDB_OP_EQUALITY:
93 match_tree->u.equality.attr = attr;
94 match_tree->u.equality.value = *match;
95 break;
96 }
97 return match_tree;
98 }
99
100 struct anr_context {
101 bool found_anr;
102 struct ldb_module *module;
103 struct ldb_request *req;
104 };
105
106 /**
107 * Given the match for an 'ambigious name resolution' query, create a
108 * parse tree with an 'or' of all the anr attributes in the schema.
109 */
110
111 /**
112 * Callback function to do the heavy lifting for the parse tree walker
113 */
114 static int anr_replace_value(struct anr_context *ac,
115 TALLOC_CTX *mem_ctx,
116 const struct ldb_val *match,
117 struct ldb_parse_tree **ntree)
118 {
119 struct ldb_parse_tree *tree = NULL;
120 struct ldb_module *module = ac->module;
121 struct ldb_parse_tree *match_tree;
122 struct dsdb_attribute *cur;
123 const struct dsdb_schema *schema = dsdb_get_schema(module->ldb);
124 uint8_t *p;
125 enum ldb_parse_op op;
126
127 if (!schema) {
128 ldb_asprintf_errstring(module->ldb, "no schema with which to construct anr filter");
129 return LDB_ERR_OPERATIONS_ERROR;
130 }
131
132 ac->found_anr = true;
133
134 if (match->length > 1 && match->data[0] == '=') {
135 DATA_BLOB *match2 = talloc(mem_ctx, DATA_BLOB);
136 *match2 = data_blob_const(match->data+1, match->length - 1);
137 if (match2 == NULL){
138 ldb_oom(module->ldb);
139 return LDB_ERR_OPERATIONS_ERROR;
140 }
141 match = match2;
142 op = LDB_OP_EQUALITY;
143 } else {
144 op = LDB_OP_SUBSTRING;
145 }
146 for (cur = schema->attributes; cur; cur = cur->next) {
147 if (!(cur->searchFlags & SEARCH_FLAG_ANR)) continue;
148 match_tree = make_match_tree(module, mem_ctx, op, cur->lDAPDisplayName, match);
149
150 if (tree) {
151 /* Inject an 'or' with the current tree */
152 tree = make_parse_list(module, mem_ctx, LDB_OP_OR, tree, match_tree);
153 if (tree == NULL) {
154 ldb_oom(module->ldb);
155 return LDB_ERR_OPERATIONS_ERROR;
156 }
157 } else {
158 tree = match_tree;
159 }
160 }
161
162
163 /* If the search term has a space in it,
164 split it up at the first space. */
165
166 p = memchr(match->data, ' ', match->length);
167
168 if (p) {
169 struct ldb_parse_tree *first_split_filter, *second_split_filter, *split_filters, *match_tree_1, *match_tree_2;
170 DATA_BLOB *first_match = talloc(tree, DATA_BLOB);
171 DATA_BLOB *second_match = talloc(tree, DATA_BLOB);
172 if (!first_match || !second_match) {
173 ldb_oom(module->ldb);
174 return LDB_ERR_OPERATIONS_ERROR;
175 }
176 *first_match = data_blob_const(match->data, p-match->data);
177 *second_match = data_blob_const(p+1, match->length - (p-match->data) - 1);
178
179 /* Add (|(&(givenname=first)(sn=second))(&(givenname=second)(sn=first))) */
180
181 match_tree_1 = make_match_tree(module, mem_ctx, op, "givenName", first_match);
182 match_tree_2 = make_match_tree(module, mem_ctx, op, "sn", second_match);
183
184 first_split_filter = make_parse_list(module, ac, LDB_OP_AND, match_tree_1, match_tree_2);
185 if (first_split_filter == NULL){
186 ldb_oom(module->ldb);
187 return LDB_ERR_OPERATIONS_ERROR;
188 }
189
190 match_tree_1 = make_match_tree(module, mem_ctx, op, "sn", first_match);
191 match_tree_2 = make_match_tree(module, mem_ctx, op, "givenName", second_match);
192
193 second_split_filter = make_parse_list(module, ac, LDB_OP_AND, match_tree_1, match_tree_2);
194 if (second_split_filter == NULL){
195 ldb_oom(module->ldb);
196 return LDB_ERR_OPERATIONS_ERROR;
197 }
198
199 split_filters = make_parse_list(module, mem_ctx, LDB_OP_OR,
200 first_split_filter, second_split_filter);
201 if (split_filters == NULL) {
202 ldb_oom(module->ldb);
203 return LDB_ERR_OPERATIONS_ERROR;
204 }
205
206 if (tree) {
207 /* Inject an 'or' with the current tree */
208 tree = make_parse_list(module, mem_ctx, LDB_OP_OR, tree, split_filters);
209 } else {
210 tree = split_filters;
211 }
212 }
213 *ntree = tree;
214 return LDB_SUCCESS;
215 }
216
217 /*
218 replace any occurances of an attribute with a new, generated attribute tree
219 */
220 static int anr_replace_subtrees(struct anr_context *ac,
221 struct ldb_parse_tree *tree,
222 const char *attr,
223 struct ldb_parse_tree **ntree)
224 {
225 int ret;
226 int i;
227
228 switch (tree->operation) {
229 case LDB_OP_AND:
230 case LDB_OP_OR:
231 for (i=0;i<tree->u.list.num_elements;i++) {
232 ret = anr_replace_subtrees(ac, tree->u.list.elements[i],
233 attr, &tree->u.list.elements[i]);
234 if (ret != LDB_SUCCESS) {
235 return ret;
236 }
237 *ntree = tree;
238 }
239 break;
240 case LDB_OP_NOT:
241 ret = anr_replace_subtrees(ac, tree->u.isnot.child, attr, &tree->u.isnot.child);
242 if (ret != LDB_SUCCESS) {
243 return ret;
244 }
245 *ntree = tree;
246 break;
247 case LDB_OP_EQUALITY:
248 if (ldb_attr_cmp(tree->u.equality.attr, attr) == 0) {
249 ret = anr_replace_value(ac, tree, &tree->u.equality.value, ntree);
250 if (ret != LDB_SUCCESS) {
251 return ret;
252 }
253 }
254 break;
255 case LDB_OP_SUBSTRING:
256 if (ldb_attr_cmp(tree->u.substring.attr, attr) == 0) {
257 if (tree->u.substring.start_with_wildcard == 0 &&
258 tree->u.substring.end_with_wildcard == 1 &&
259 tree->u.substring.chunks[0] != NULL &&
260 tree->u.substring.chunks[1] == NULL) {
261 ret = anr_replace_value(ac, tree, tree->u.substring.chunks[0], ntree);
262 if (ret != LDB_SUCCESS) {
263 return ret;
264 }
265 }
266 }
267 break;
268 default:
269 break;
270 }
271
272 return LDB_SUCCESS;
273 }
274
275 static int anr_search_callback(struct ldb_request *req, struct ldb_reply *ares)
276 {
277 struct anr_context *ac;
278
279 ac = talloc_get_type(req->context, struct anr_context);
280
281 if (!ares) {
282 return ldb_module_done(ac->req, NULL, NULL,
283 LDB_ERR_OPERATIONS_ERROR);
284 }
285 if (ares->error != LDB_SUCCESS) {
286 return ldb_module_done(ac->req, ares->controls,
287 ares->response, ares->error);
288 }
289
290 switch (ares->type) {
291 case LDB_REPLY_ENTRY:
292 return ldb_module_send_entry(ac->req, ares->message);
293
294 case LDB_REPLY_REFERRAL:
295 return ldb_module_send_referral(ac->req, ares->referral);
296
297 case LDB_REPLY_DONE:
298 return ldb_module_done(ac->req, ares->controls,
299 ares->response, LDB_SUCCESS);
300
301 }
302 return LDB_SUCCESS;
303 }
304
305 /* search */
306 static int anr_search(struct ldb_module *module, struct ldb_request *req)
307 {
308 struct ldb_parse_tree *anr_tree;
309 struct ldb_request *down_req;
310 struct anr_context *ac;
311 int ret;
312
313 ac = talloc(req, struct anr_context);
314 if (!ac) {
315 ldb_oom(module->ldb);
316 return LDB_ERR_OPERATIONS_ERROR;
317 }
318
319 ac->module = module;
320 ac->req = req;
321 ac->found_anr = false;
322
323 #if 0
324 printf("oldanr : %s\n", ldb_filter_from_tree (0, req->op.search.tree));
325 #endif
326
327 ret = anr_replace_subtrees(ac, req->op.search.tree, "anr", &anr_tree);
328 if (ret != LDB_SUCCESS) {
329 return LDB_ERR_OPERATIONS_ERROR;
330 }
331
332 if (!ac->found_anr) {
333 talloc_free(ac);
334 return ldb_next_request(module, req);
335 }
336
337 ret = ldb_build_search_req_ex(&down_req,
338 module->ldb, ac,
339 req->op.search.base,
340 req->op.search.scope,
341 anr_tree,
342 req->op.search.attrs,
343 req->controls,
344 ac, anr_search_callback,
345 req);
346 if (ret != LDB_SUCCESS) {
347 return LDB_ERR_OPERATIONS_ERROR;
348 }
349 talloc_steal(down_req, anr_tree);
350
351 return ldb_next_request(module, down_req);
352 }
353
354 _PUBLIC_ const struct ldb_module_ops ldb_anr_module_ops = {
355 .name = "anr",
356 .search = anr_search
357 };
Proof-of-concept samba4 based caching proxy