search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
winbindd: Avoid using deallocated memory
[Samba/wip.git] / lib / ldb / common / ldb_modules.c
bloba39b12df92ecf690f718c0a985b0291ee1d62b82
1 /*
2 ldb database library
3
4 Copyright (C) Simo Sorce 2004-2008
5
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
8 ** under the LGPL
9
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
14
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24 /*
25 * Name: ldb
26 *
27 * Component: ldb modules core
28 *
29 * Description: core modules routines
30 *
31 * Author: Simo Sorce
32 */
33
34 #include "ldb_private.h"
35 #include "dlinklist.h"
36 #include "system/dir.h"
37
38 static char *ldb_modules_strdup_no_spaces(TALLOC_CTX *mem_ctx, const char *string)
39 {
40 size_t i, len;
41 char *trimmed;
42
43 trimmed = talloc_strdup(mem_ctx, string);
44 if (!trimmed) {
45 return NULL;
46 }
47
48 len = strlen(trimmed);
49 for (i = 0; trimmed[i] != '\0'; i++) {
50 switch (trimmed[i]) {
51 case ' ':
52 case '\t':
53 case '\n':
54 memmove(&trimmed[i], &trimmed[i + 1], len -i -1);
55 break;
56 }
57 }
58
59 return trimmed;
60 }
61
62
63 /* modules are called in inverse order on the stack.
64 Lets place them as an admin would think the right order is.
65 Modules order is important */
66 const char **ldb_modules_list_from_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *string)
67 {
68 char **modules = NULL;
69 const char **m;
70 char *modstr, *p;
71 unsigned int i;
72
73 /* spaces not admitted */
74 modstr = ldb_modules_strdup_no_spaces(mem_ctx, string);
75 if ( ! modstr) {
76 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_strdup_no_spaces()");
77 return NULL;
78 }
79
80 modules = talloc_realloc(mem_ctx, modules, char *, 2);
81 if ( ! modules ) {
82 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
83 talloc_free(modstr);
84 return NULL;
85 }
86 talloc_steal(modules, modstr);
87
88 if (modstr[0] == '\0') {
89 modules[0] = NULL;
90 m = (const char **)modules;
91 return m;
92 }
93
94 i = 0;
95 /* The str*r*chr walks backwards: This is how we get the inverse order mentioned above */
96 while ((p = strrchr(modstr, ',')) != NULL) {
97 *p = '\0';
98 p++;
99 modules[i] = p;
100
101 i++;
102 modules = talloc_realloc(mem_ctx, modules, char *, i + 2);
103 if ( ! modules ) {
104 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
105 return NULL;
106 }
107
108 }
109 modules[i] = modstr;
110
111 modules[i + 1] = NULL;
112
113 m = (const char **)modules;
114
115 return m;
116 }
117
118 static struct backends_list_entry {
119 struct ldb_backend_ops *ops;
120 struct backends_list_entry *prev, *next;
121 } *ldb_backends = NULL;
122
123 static struct ops_list_entry {
124 const struct ldb_module_ops *ops;
125 struct ops_list_entry *next;
126 } *registered_modules = NULL;
127
128 static struct backends_list_entry *ldb_find_backend(const char *url_prefix)
129 {
130 struct backends_list_entry *backend;
131
132 for (backend = ldb_backends; backend; backend = backend->next) {
133 if (strcmp(backend->ops->name, url_prefix) == 0) {
134 return backend;
135 }
136 }
137
138 return NULL;
139 }
140
141 /*
142 register a new ldb backend
143
144 if override is true, then override any existing backend for this prefix
145 */
146 int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn, bool override)
147 {
148 struct backends_list_entry *be;
149
150 be = ldb_find_backend(url_prefix);
151 if (be) {
152 if (!override) {
153 return LDB_SUCCESS;
154 }
155 } else {
156 be = talloc_zero(ldb_backends, struct backends_list_entry);
157 if (!be) {
158 return LDB_ERR_OPERATIONS_ERROR;
159 }
160 be->ops = talloc_zero(be, struct ldb_backend_ops);
161 if (!be->ops) {
162 talloc_free(be);
163 return LDB_ERR_OPERATIONS_ERROR;
164 }
165 DLIST_ADD_END(ldb_backends, be, struct backends_list_entry);
166 }
167
168 be->ops->name = url_prefix;
169 be->ops->connect_fn = connectfn;
170
171 return LDB_SUCCESS;
172 }
173
174 /*
175 Return the ldb module form of a database.
176 The URL can either be one of the following forms
177 ldb://path
178 ldapi://path
179
180 flags is made up of LDB_FLG_*
181
182 the options are passed uninterpreted to the backend, and are
183 backend specific.
184
185 This allows modules to get at only the backend module, for example where a
186 module may wish to direct certain requests at a particular backend.
187 */
188 int ldb_module_connect_backend(struct ldb_context *ldb,
189 const char *url,
190 const char *options[],
191 struct ldb_module **backend_module)
192 {
193 int ret;
194 char *backend;
195 struct backends_list_entry *be;
196
197 if (strchr(url, ':') != NULL) {
198 backend = talloc_strndup(ldb, url, strchr(url, ':')-url);
199 } else {
200 /* Default to tdb */
201 backend = talloc_strdup(ldb, "tdb");
202 }
203 if (backend == NULL) {
204 return ldb_oom(ldb);
205 }
206
207 be = ldb_find_backend(backend);
208
209 talloc_free(backend);
210
211 if (be == NULL) {
212 ldb_debug(ldb, LDB_DEBUG_FATAL,
213 "Unable to find backend for '%s' - do you need to set LDB_MODULES_PATH?", url);
214 return LDB_ERR_OTHER;
215 }
216
217 ret = be->ops->connect_fn(ldb, url, ldb->flags, options, backend_module);
218
219 if (ret != LDB_SUCCESS) {
220 ldb_debug(ldb, LDB_DEBUG_ERROR,
221 "Failed to connect to '%s' with backend '%s': %s", url, be->ops->name, ldb_errstring(ldb));
222 return ret;
223 }
224 return ret;
225 }
226
227 static struct ldb_hooks {
228 struct ldb_hooks *next, *prev;
229 ldb_hook_fn hook_fn;
230 } *ldb_hooks;
231
232 /*
233 register a ldb hook function
234 */
235 int ldb_register_hook(ldb_hook_fn hook_fn)
236 {
237 struct ldb_hooks *lc;
238 lc = talloc_zero(ldb_hooks, struct ldb_hooks);
239 if (lc == NULL) {
240 return LDB_ERR_OPERATIONS_ERROR;
241 }
242 lc->hook_fn = hook_fn;
243 DLIST_ADD_END(ldb_hooks, lc, struct ldb_hooks);
244 return LDB_SUCCESS;
245 }
246
247 /*
248 call ldb hooks of a given type
249 */
250 int ldb_modules_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
251 {
252 struct ldb_hooks *lc;
253 for (lc = ldb_hooks; lc; lc=lc->next) {
254 int ret = lc->hook_fn(ldb, t);
255 if (ret != LDB_SUCCESS) {
256 return ret;
257 }
258 }
259 return LDB_SUCCESS;
260 }
261
262
263 static const struct ldb_module_ops *ldb_find_module_ops(const char *name)
264 {
265 struct ops_list_entry *e;
266
267 for (e = registered_modules; e; e = e->next) {
268 if (strcmp(e->ops->name, name) == 0)
269 return e->ops;
270 }
271
272 return NULL;
273 }
274
275
276 int ldb_register_module(const struct ldb_module_ops *ops)
277 {
278 struct ops_list_entry *entry;
279
280 if (ldb_find_module_ops(ops->name) != NULL)
281 return LDB_ERR_ENTRY_ALREADY_EXISTS;
282
283 entry = talloc(talloc_autofree_context(), struct ops_list_entry);
284 if (entry == NULL) {
285 return LDB_ERR_OPERATIONS_ERROR;
286 }
287
288 entry->ops = ops;
289 entry->next = registered_modules;
290 registered_modules = entry;
291
292 return LDB_SUCCESS;
293 }
294
295 /*
296 load a list of modules
297 */
298 int ldb_module_load_list(struct ldb_context *ldb, const char **module_list,
299 struct ldb_module *backend, struct ldb_module **out)
300 {
301 struct ldb_module *module;
302 unsigned int i;
303
304 module = backend;
305
306 for (i = 0; module_list && module_list[i] != NULL; i++) {
307 struct ldb_module *current;
308 const struct ldb_module_ops *ops;
309
310 if (strcmp(module_list[i], "") == 0) {
311 continue;
312 }
313
314 ops = ldb_find_module_ops(module_list[i]);
315
316 if (ops == NULL) {
317 ldb_debug(ldb, LDB_DEBUG_FATAL, "WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?",
318 module_list[i]);
319 return LDB_ERR_OPERATIONS_ERROR;
320 }
321
322 current = talloc_zero(ldb, struct ldb_module);
323 if (current == NULL) {
324 return LDB_ERR_OPERATIONS_ERROR;
325 }
326 talloc_set_name(current, "ldb_module: %s", module_list[i]);
327
328 current->ldb = ldb;
329 current->ops = ops;
330
331 DLIST_ADD(module, current);
332 }
333 *out = module;
334 return LDB_SUCCESS;
335 }
336
337 /*
338 initialise a chain of modules
339 */
340 int ldb_module_init_chain(struct ldb_context *ldb, struct ldb_module *module)
341 {
342 while (module && module->ops->init_context == NULL)
343 module = module->next;
344
345 /* init is different in that it is not an error if modules
346 * do not require initialization */
347
348 if (module) {
349 int ret = module->ops->init_context(module);
350 if (ret != LDB_SUCCESS) {
351 ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed : %s",
352 module->ops->name, ldb_strerror(ret));
353 return ret;
354 }
355 }
356
357 return LDB_SUCCESS;
358 }
359
360 int ldb_load_modules(struct ldb_context *ldb, const char *options[])
361 {
362 const char *modules_string;
363 const char **modules = NULL;
364 int ret;
365 TALLOC_CTX *mem_ctx = talloc_new(ldb);
366 if (!mem_ctx) {
367 return ldb_oom(ldb);
368 }
369
370 /* find out which modules we are requested to activate */
371
372 /* check if we have a custom module list passd as ldb option */
373 if (options) {
374 modules_string = ldb_options_find(ldb, options, "modules");
375 if (modules_string) {
376 modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
377 }
378 }
379
380 /* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
381 if ((modules == NULL) && (strcmp("ldap", ldb->modules->ops->name) != 0)) {
382 const char * const attrs[] = { "@LIST" , NULL};
383 struct ldb_result *res = NULL;
384 struct ldb_dn *mods_dn;
385
386 mods_dn = ldb_dn_new(mem_ctx, ldb, "@MODULES");
387 if (mods_dn == NULL) {
388 talloc_free(mem_ctx);
389 return ldb_oom(ldb);
390 }
391
392 ret = ldb_search(ldb, mods_dn, &res, mods_dn, LDB_SCOPE_BASE, attrs, "@LIST=*");
393
394 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
395 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
396 } else if (ret != LDB_SUCCESS) {
397 ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for modules, bailing out", ldb_errstring(ldb));
398 talloc_free(mem_ctx);
399 return ret;
400 } else {
401 const char *module_list;
402 if (res->count == 0) {
403 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
404 } else if (res->count > 1) {
405 ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found (%u), bailing out", res->count);
406 talloc_free(mem_ctx);
407 return LDB_ERR_OPERATIONS_ERROR;
408 } else {
409 module_list = ldb_msg_find_attr_as_string(res->msgs[0], "@LIST", NULL);
410 if (!module_list) {
411 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
412 }
413 modules = ldb_modules_list_from_string(ldb, mem_ctx,
414 module_list);
415 }
416 }
417
418 talloc_free(mods_dn);
419 }
420
421 if (modules != NULL) {
422 ret = ldb_module_load_list(ldb, modules, ldb->modules, &ldb->modules);
423 if (ret != LDB_SUCCESS) {
424 talloc_free(mem_ctx);
425 return ret;
426 }
427 } else {
428 ldb_debug(ldb, LDB_DEBUG_TRACE, "No modules specified for this database");
429 }
430
431 ret = ldb_module_init_chain(ldb, ldb->modules);
432 talloc_free(mem_ctx);
433 return ret;
434 }
435
436 /*
437 by using this we allow ldb modules to only implement the functions they care about,
438 which makes writing a module simpler, and makes it more likely to keep working
439 when ldb is extended
440 */
441 #define FIND_OP_NOERR(module, op) do { \
442 module = module->next; \
443 while (module && module->ops->op == NULL) module = module->next; \
444 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) { \
445 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_trace_next_request: (%s)->" #op, \
446 module->ops->name); \
447 } \
448 } while (0)
449
450 #define FIND_OP(module, op) do { \
451 struct ldb_context *ldb = module->ldb; \
452 FIND_OP_NOERR(module, op); \
453 if (module == NULL) { \
454 ldb_asprintf_errstring(ldb, "Unable to find backend operation for " #op ); \
455 return LDB_ERR_OPERATIONS_ERROR; \
456 } \
457 } while (0)
458
459
460 struct ldb_module *ldb_module_new(TALLOC_CTX *memctx,
461 struct ldb_context *ldb,
462 const char *module_name,
463 const struct ldb_module_ops *ops)
464 {
465 struct ldb_module *module;
466
467 module = talloc(memctx, struct ldb_module);
468 if (!module) {
469 ldb_oom(ldb);
470 return NULL;
471 }
472 talloc_set_name_const(module, module_name);
473 module->ldb = ldb;
474 module->prev = module->next = NULL;
475 module->ops = ops;
476
477 return module;
478 }
479
480 const char * ldb_module_get_name(struct ldb_module *module)
481 {
482 return module->ops->name;
483 }
484
485 struct ldb_context *ldb_module_get_ctx(struct ldb_module *module)
486 {
487 return module->ldb;
488 }
489
490 const struct ldb_module_ops *ldb_module_get_ops(struct ldb_module *module)
491 {
492 return module->ops;
493 }
494
495 void *ldb_module_get_private(struct ldb_module *module)
496 {
497 return module->private_data;
498 }
499
500 void ldb_module_set_private(struct ldb_module *module, void *private_data)
501 {
502 module->private_data = private_data;
503 }
504
505 /*
506 helper functions to call the next module in chain
507 */
508
509 int ldb_next_request(struct ldb_module *module, struct ldb_request *request)
510 {
511 int ret;
512
513 if (request->callback == NULL) {
514 ldb_set_errstring(module->ldb, "Requests MUST define callbacks");
515 return LDB_ERR_UNWILLING_TO_PERFORM;
516 }
517
518 request->handle->nesting++;
519
520 switch (request->operation) {
521 case LDB_SEARCH:
522 FIND_OP(module, search);
523 ret = module->ops->search(module, request);
524 break;
525 case LDB_ADD:
526 FIND_OP(module, add);
527 ret = module->ops->add(module, request);
528 break;
529 case LDB_MODIFY:
530 FIND_OP(module, modify);
531 ret = module->ops->modify(module, request);
532 break;
533 case LDB_DELETE:
534 FIND_OP(module, del);
535 ret = module->ops->del(module, request);
536 break;
537 case LDB_RENAME:
538 FIND_OP(module, rename);
539 ret = module->ops->rename(module, request);
540 break;
541 case LDB_EXTENDED:
542 FIND_OP(module, extended);
543 ret = module->ops->extended(module, request);
544 break;
545 default:
546 FIND_OP(module, request);
547 ret = module->ops->request(module, request);
548 break;
549 }
550
551 request->handle->nesting--;
552
553 if (ret == LDB_SUCCESS) {
554 return ret;
555 }
556 if (!ldb_errstring(module->ldb)) {
557 const char *op;
558 switch (request->operation) {
559 case LDB_SEARCH:
560 op = "LDB_SEARCH";
561 break;
562 case LDB_ADD:
563 op = "LDB_ADD";
564 break;
565 case LDB_MODIFY:
566 op = "LDB_MODIFY";
567 break;
568 case LDB_DELETE:
569 op = "LDB_DELETE";
570 break;
571 case LDB_RENAME:
572 op = "LDB_RENAME";
573 break;
574 case LDB_EXTENDED:
575 op = "LDB_EXTENDED";
576 break;
577 default:
578 op = "request";
579 break;
580 }
581
582 /* Set a default error string, to place the blame somewhere */
583 ldb_asprintf_errstring(module->ldb, "error in module %s: %s during %s (%d)", module->ops->name, ldb_strerror(ret), op, ret);
584 }
585
586 if (!(request->handle->flags & LDB_HANDLE_FLAG_DONE_CALLED)) {
587 /* It is _extremely_ common that a module returns a
588 * failure without calling ldb_module_done(), but that
589 * guarantees we will end up hanging in
590 * ldb_wait(). This fixes it without having to rewrite
591 * all our modules, and leaves us one less sharp
592 * corner for module developers to cut themselves on
593 */
594 ret = ldb_module_done(request, NULL, NULL, ret);
595 }
596 return ret;
597 }
598
599 int ldb_next_init(struct ldb_module *module)
600 {
601 module = module->next;
602
603 return ldb_module_init_chain(module->ldb, module);
604 }
605
606 int ldb_next_start_trans(struct ldb_module *module)
607 {
608 int ret;
609 FIND_OP(module, start_transaction);
610 ret = module->ops->start_transaction(module);
611 if (ret == LDB_SUCCESS) {
612 return ret;
613 }
614 if (!ldb_errstring(module->ldb)) {
615 /* Set a default error string, to place the blame somewhere */
616 ldb_asprintf_errstring(module->ldb, "start_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
617 }
618 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
619 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_start_trans error: %s",
620 ldb_errstring(module->ldb));
621 }
622 return ret;
623 }
624
625 int ldb_next_end_trans(struct ldb_module *module)
626 {
627 int ret;
628 FIND_OP(module, end_transaction);
629 ret = module->ops->end_transaction(module);
630 if (ret == LDB_SUCCESS) {
631 return ret;
632 }
633 if (!ldb_errstring(module->ldb)) {
634 /* Set a default error string, to place the blame somewhere */
635 ldb_asprintf_errstring(module->ldb, "end_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
636 }
637 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
638 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_end_trans error: %s",
639 ldb_errstring(module->ldb));
640 }
641 return ret;
642 }
643
644 int ldb_next_prepare_commit(struct ldb_module *module)
645 {
646 int ret;
647 FIND_OP_NOERR(module, prepare_commit);
648 if (module == NULL) {
649 /* we are allowed to have no prepare commit in
650 backends */
651 return LDB_SUCCESS;
652 }
653 ret = module->ops->prepare_commit(module);
654 if (ret == LDB_SUCCESS) {
655 return ret;
656 }
657 if (!ldb_errstring(module->ldb)) {
658 /* Set a default error string, to place the blame somewhere */
659 ldb_asprintf_errstring(module->ldb, "prepare_commit error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
660 }
661 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
662 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_prepare_commit error: %s",
663 ldb_errstring(module->ldb));
664 }
665 return ret;
666 }
667
668 int ldb_next_del_trans(struct ldb_module *module)
669 {
670 int ret;
671 FIND_OP(module, del_transaction);
672 ret = module->ops->del_transaction(module);
673 if (ret == LDB_SUCCESS) {
674 return ret;
675 }
676 if (!ldb_errstring(module->ldb)) {
677 /* Set a default error string, to place the blame somewhere */
678 ldb_asprintf_errstring(module->ldb, "del_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
679 }
680 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
681 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_del_trans error: %s",
682 ldb_errstring(module->ldb));
683 }
684 return ret;
685 }
686
687 struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
688 {
689 struct ldb_handle *h;
690
691 h = talloc_zero(mem_ctx, struct ldb_handle);
692 if (h == NULL) {
693 ldb_set_errstring(ldb, "Out of Memory");
694 return NULL;
695 }
696
697 h->status = LDB_SUCCESS;
698 h->state = LDB_ASYNC_INIT;
699 h->ldb = ldb;
700 h->flags = 0;
701 h->location = NULL;
702 h->parent = NULL;
703
704 return h;
705 }
706
707 /* calls the request callback to send an entry
708 *
709 * params:
710 * req: the original request passed to your module
711 * msg: reply message (must be a talloc pointer, and it will be stolen
712 * on the ldb_reply that is sent to the callback)
713 * ctrls: controls to send in the reply (must be a talloc pointer, and it will be stolen
714 * on the ldb_reply that is sent to the callback)
715 */
716
717 int ldb_module_send_entry(struct ldb_request *req,
718 struct ldb_message *msg,
719 struct ldb_control **ctrls)
720 {
721 struct ldb_reply *ares;
722
723 ares = talloc_zero(req, struct ldb_reply);
724 if (!ares) {
725 ldb_oom(req->handle->ldb);
726 req->callback(req, NULL);
727 return LDB_ERR_OPERATIONS_ERROR;
728 }
729 ares->type = LDB_REPLY_ENTRY;
730 ares->message = talloc_steal(ares, msg);
731 ares->controls = talloc_steal(ares, ctrls);
732 ares->error = LDB_SUCCESS;
733
734 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
735 req->handle->nesting == 0) {
736 char *s;
737 struct ldb_ldif ldif;
738
739 ldif.changetype = LDB_CHANGETYPE_NONE;
740 ldif.msg = discard_const_p(struct ldb_message, msg);
741
742 ldb_debug_add(req->handle->ldb, "ldb_trace_response: ENTRY\n");
743
744 /*
745 * The choice to call
746 * ldb_ldif_write_redacted_trace_string() is CRITICAL
747 * for security. It ensures that we do not output
748 * passwords into debug logs
749 */
750
751 s = ldb_ldif_write_redacted_trace_string(req->handle->ldb, msg, &ldif);
752 ldb_debug_add(req->handle->ldb, "%s\n", s);
753 talloc_free(s);
754 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
755 }
756
757 return req->callback(req, ares);
758 }
759
760 /* calls the request callback to send an referrals
761 *
762 * params:
763 * req: the original request passed to your module
764 * ref: referral string (must be a talloc pointer, steal)
765 */
766
767 int ldb_module_send_referral(struct ldb_request *req,
768 char *ref)
769 {
770 struct ldb_reply *ares;
771
772 ares = talloc_zero(req, struct ldb_reply);
773 if (!ares) {
774 ldb_oom(req->handle->ldb);
775 req->callback(req, NULL);
776 return LDB_ERR_OPERATIONS_ERROR;
777 }
778 ares->type = LDB_REPLY_REFERRAL;
779 ares->referral = talloc_steal(ares, ref);
780 ares->error = LDB_SUCCESS;
781
782 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
783 req->handle->nesting == 0) {
784 ldb_debug_add(req->handle->ldb, "ldb_trace_response: REFERRAL\n");
785 ldb_debug_add(req->handle->ldb, "ref: %s\n", ref);
786 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
787 }
788
789 return req->callback(req, ares);
790 }
791
792 /* calls the original request callback
793 *
794 * params:
795 * req: the original request passed to your module
796 * ctrls: controls to send in the reply (must be a talloc pointer, steal)
797 * response: results for extended request (steal)
798 * error: LDB_SUCCESS for a successful return
799 * any other ldb error otherwise
800 */
801 int ldb_module_done(struct ldb_request *req,
802 struct ldb_control **ctrls,
803 struct ldb_extended *response,
804 int error)
805 {
806 struct ldb_reply *ares;
807
808 ares = talloc_zero(req, struct ldb_reply);
809 if (!ares) {
810 ldb_oom(req->handle->ldb);
811 req->callback(req, NULL);
812 return LDB_ERR_OPERATIONS_ERROR;
813 }
814 ares->type = LDB_REPLY_DONE;
815 ares->controls = talloc_steal(ares, ctrls);
816 ares->response = talloc_steal(ares, response);
817 ares->error = error;
818
819 req->handle->flags |= LDB_HANDLE_FLAG_DONE_CALLED;
820
821 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
822 req->handle->nesting == 0) {
823 ldb_debug_add(req->handle->ldb, "ldb_trace_response: DONE\n");
824 ldb_debug_add(req->handle->ldb, "error: %d\n", error);
825 if (ldb_errstring(req->handle->ldb)) {
826 ldb_debug_add(req->handle->ldb, "msg: %s\n",
827 ldb_errstring(req->handle->ldb));
828 }
829 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
830 }
831
832 return req->callback(req, ares);
833 }
834
835 /* to be used *only* in modules init functions.
836 * this function is synchronous and will register
837 * the requested OID in the rootdse module if present
838 * otherwise it will return an error */
839 int ldb_mod_register_control(struct ldb_module *module, const char *oid)
840 {
841 struct ldb_request *req;
842 int ret;
843
844 req = talloc_zero(module, struct ldb_request);
845 if (req == NULL) {
846 return LDB_ERR_OPERATIONS_ERROR;
847 }
848
849 req->operation = LDB_REQ_REGISTER_CONTROL;
850 req->op.reg_control.oid = oid;
851 req->callback = ldb_op_default_callback;
852
853 ldb_set_timeout(module->ldb, req, 0);
854
855 req->handle = ldb_handle_new(req, module->ldb);
856 if (req->handle == NULL) {
857 return LDB_ERR_OPERATIONS_ERROR;
858 }
859
860 ret = ldb_request(module->ldb, req);
861 if (ret == LDB_SUCCESS) {
862 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
863 }
864 talloc_free(req);
865
866 return ret;
867 }
868
869 static int ldb_modules_load_dir(const char *modules_dir, const char *version);
870
871
872 /*
873 load one module. A static list of loaded module inode numbers is
874 used to prevent a module being loaded twice
875
876 dlopen() is used on the module, and dlsym() is then used to look for
877 a ldb_init_module() function. If present, that function is called
878 with the ldb version number as an argument.
879
880 The ldb_init_module() function will typically call
881 ldb_register_module() and ldb_register_backend() to register a
882 module or backend, but it may also be used to register command line
883 handling functions, ldif handlers or any other local
884 modififications.
885
886 The ldb_init_module() function does not get a ldb_context passed in,
887 as modules will be used for multiple ldb context handles. The call
888 from the first ldb_init() is just a convenient way to ensure it is
889 called early enough.
890 */
891 static int ldb_modules_load_path(const char *path, const char *version)
892 {
893 void *handle;
894 int (*init_fn)(const char *);
895 int ret;
896 struct stat st;
897 static struct loaded {
898 struct loaded *next, *prev;
899 ino_t st_ino;
900 dev_t st_dev;
901 } *loaded;
902 struct loaded *le;
903 int dlopen_flags;
904
905 ret = stat(path, &st);
906 if (ret != 0) {
907 fprintf(stderr, "ldb: unable to stat module %s : %s\n", path, strerror(errno));
908 return LDB_ERR_UNAVAILABLE;
909 }
910
911 for (le=loaded; le; le=le->next) {
912 if (le->st_ino == st.st_ino &&
913 le->st_dev == st.st_dev) {
914 /* its already loaded */
915 return LDB_SUCCESS;
916 }
917 }
918
919 le = talloc(loaded, struct loaded);
920 if (le == NULL) {
921 fprintf(stderr, "ldb: unable to allocated loaded entry\n");
922 return LDB_ERR_UNAVAILABLE;
923 }
924
925 le->st_ino = st.st_ino;
926 le->st_dev = st.st_dev;
927
928 DLIST_ADD_END(loaded, le, struct loaded);
929
930 /* if it is a directory, recurse */
931 if (S_ISDIR(st.st_mode)) {
932 return ldb_modules_load_dir(path, version);
933 }
934
935 dlopen_flags = RTLD_NOW;
936 #ifdef RTLD_DEEPBIND
937 /* use deepbind if possible, to avoid issues with different
938 system library varients, for example ldb modules may be linked
939 against Heimdal while the application may use MIT kerberos
940
941 See the dlopen manpage for details
942 */
943 dlopen_flags |= RTLD_DEEPBIND;
944 #endif
945
946 handle = dlopen(path, dlopen_flags);
947 if (handle == NULL) {
948 fprintf(stderr, "ldb: unable to dlopen %s : %s\n", path, dlerror());
949 return LDB_SUCCESS;
950 }
951
952 init_fn = dlsym(handle, "ldb_init_module");
953 if (init_fn == NULL) {
954 /* ignore it, it could be an old-style
955 * module. Once we've converted all modules we
956 * could consider this an error */
957 dlclose(handle);
958 return LDB_SUCCESS;
959 }
960
961 ret = init_fn(version);
962 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
963 /* the module is already registered - ignore this, as
964 * it can happen if LDB_MODULES_PATH points at both
965 * the build and install directory
966 */
967 ret = LDB_SUCCESS;
968 }
969 return ret;
970 }
971
972 static int qsort_string(const char **s1, const char **s2)
973 {
974 return strcmp(*s1, *s2);
975 }
976
977
978 /*
979 load all modules from the given ldb modules directory. This is run once
980 during the first ldb_init() call.
981
982 Modules are loaded in alphabetical order to ensure that any module
983 load ordering dependencies are reproducible. Modules should avoid
984 relying on load order
985 */
986 static int ldb_modules_load_dir(const char *modules_dir, const char *version)
987 {
988 DIR *dir;
989 struct dirent *de;
990 const char **modlist = NULL;
991 TALLOC_CTX *tmp_ctx = talloc_new(NULL);
992 unsigned i, num_modules = 0;
993
994 dir = opendir(modules_dir);
995 if (dir == NULL) {
996 if (errno == ENOENT) {
997 talloc_free(tmp_ctx);
998 /* we don't have any modules */
999 return LDB_SUCCESS;
1000 }
1001 talloc_free(tmp_ctx);
1002 fprintf(stderr, "ldb: unable to open modules directory '%s' - %s\n",
1003 modules_dir, strerror(errno));
1004 return LDB_ERR_UNAVAILABLE;
1005 }
1006
1007
1008 while ((de = readdir(dir))) {
1009 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name))
1010 continue;
1011
1012 modlist = talloc_realloc(tmp_ctx, modlist, const char *, num_modules+1);
1013 if (modlist == NULL) {
1014 talloc_free(tmp_ctx);
1015 closedir(dir);
1016 fprintf(stderr, "ldb: unable to allocate modules list\n");
1017 return LDB_ERR_UNAVAILABLE;
1018 }
1019 modlist[num_modules] = talloc_asprintf(modlist, "%s/%s", modules_dir, de->d_name);
1020 if (modlist[num_modules] == NULL) {
1021 talloc_free(tmp_ctx);
1022 closedir(dir);
1023 fprintf(stderr, "ldb: unable to allocate module list entry\n");
1024 return LDB_ERR_UNAVAILABLE;
1025 }
1026 num_modules++;
1027 }
1028
1029 closedir(dir);
1030
1031 /* sort the directory, so we get consistent load ordering */
1032 TYPESAFE_QSORT(modlist, num_modules, qsort_string);
1033
1034 for (i=0; i<num_modules; i++) {
1035 int ret = ldb_modules_load_path(modlist[i], version);
1036 if (ret != LDB_SUCCESS) {
1037 fprintf(stderr, "ldb: failed to initialise module %s : %s\n",
1038 modlist[i], ldb_strerror(ret));
1039 talloc_free(tmp_ctx);
1040 return ret;
1041 }
1042 }
1043
1044 talloc_free(tmp_ctx);
1045
1046 return LDB_SUCCESS;
1047 }
1048
1049 /*
1050 load any additional modules from the given directory
1051 */
1052 void ldb_set_modules_dir(struct ldb_context *ldb, const char *path)
1053 {
1054 int ret = ldb_modules_load_path(path, LDB_VERSION);
1055 if (ret != LDB_SUCCESS) {
1056 ldb_asprintf_errstring(ldb, "Failed to load modules from: %s\n", path);
1057 }
1058 }
1059
1060
1061 /*
1062 load all modules static (builtin) modules
1063 */
1064 static int ldb_modules_load_static(const char *version)
1065 {
1066 static bool initialised;
1067 #define _MODULE_PROTO(init) extern int init(const char *);
1068 STATIC_ldb_MODULES_PROTO;
1069 const ldb_module_init_fn static_init_functions[] = { STATIC_ldb_MODULES };
1070 unsigned i;
1071
1072 if (initialised) {
1073 return LDB_SUCCESS;
1074 }
1075 initialised = true;
1076
1077 for (i=0; static_init_functions[i]; i++) {
1078 int ret = static_init_functions[i](version);
1079 if (ret != LDB_SUCCESS) {
1080 return ret;
1081 }
1082 }
1083 return LDB_SUCCESS;
1084 }
1085
1086 /*
1087 load all modules from the given ldb modules path, colon
1088 separated.
1089
1090 modules are loaded recursively for all subdirectories in the paths
1091 */
1092 int ldb_modules_load(const char *modules_path, const char *version)
1093 {
1094 char *tok, *path, *tok_ptr=NULL;
1095 int ret;
1096
1097 ret = ldb_modules_load_static(version);
1098 if (ret != LDB_SUCCESS) {
1099 return ret;
1100 }
1101
1102 path = talloc_strdup(NULL, modules_path);
1103 if (path == NULL) {
1104 fprintf(stderr, "ldb: failed to allocate modules_path\n");
1105 return LDB_ERR_UNAVAILABLE;
1106 }
1107
1108 for (tok=strtok_r(path, ":", &tok_ptr);
1109 tok;
1110 tok=strtok_r(NULL, ":", &tok_ptr)) {
1111 ret = ldb_modules_load_path(tok, version);
1112 if (ret != LDB_SUCCESS) {
1113 talloc_free(path);
1114 return ret;
1115 }
1116 }
1117 talloc_free(path);
1118
1119 return LDB_SUCCESS;
1120 }
1121
1122
1123 /*
1124 return a string representation of the calling chain for the given
1125 ldb request
1126 */
1127 char *ldb_module_call_chain(struct ldb_request *req, TALLOC_CTX *mem_ctx)
1128 {
1129 char *ret;
1130 unsigned int i = 0;
1131
1132 ret = talloc_strdup(mem_ctx, "");
1133 if (ret == NULL) {
1134 return NULL;
1135 }
1136
1137 while (req && req->handle) {
1138 char *s = talloc_asprintf_append_buffer(ret, "req[%u] %p : %s\n",
1139 i++, req, ldb_req_location(req));
1140 if (s == NULL) {
1141 talloc_free(ret);
1142 return NULL;
1143 }
1144 ret = s;
1145 req = req->handle->parent;
1146 }
1147 return ret;
1148 }
1149
1150
1151 /*
1152 return the next module in the chain
1153 */
1154 struct ldb_module *ldb_module_next(struct ldb_module *module)
1155 {
1156 return module->next;
1157 }
1158
1159 /*
1160 set the next module in the module chain
1161 */
1162 void ldb_module_set_next(struct ldb_module *module, struct ldb_module *next)
1163 {
1164 module->next = next;
1165 }
1166
1167
1168 /*
1169 get the popt_options pointer in the ldb structure. This allows a ldb
1170 module to change the command line parsing
1171 */
1172 struct poptOption **ldb_module_popt_options(struct ldb_context *ldb)
1173 {
1174 return &ldb->popt_options;
1175 }
1176
1177
1178 /*
1179 return the current ldb flags LDB_FLG_*
1180 */
1181 uint32_t ldb_module_flags(struct ldb_context *ldb)
1182 {
1183 return ldb->flags;
1184 }
Anubhav's Work In Progress branches