Line data Source code
1 : /*
2 : ldb database library
3 :
4 : Copyright (C) Andrew Tridgell 2004
5 : Copyright (C) Simo Sorce 2005-2008
6 :
7 : ** NOTE! The following LGPL license applies to the ldb
8 : ** library. This does NOT imply that all of Samba is released
9 : ** under the LGPL
10 :
11 : This library is free software; you can redistribute it and/or
12 : modify it under the terms of the GNU Lesser General Public
13 : License as published by the Free Software Foundation; either
14 : version 3 of the License, or (at your option) any later version.
15 :
16 : This library is distributed in the hope that it will be useful,
17 : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 : Lesser General Public License for more details.
20 :
21 : You should have received a copy of the GNU Lesser General Public
22 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 : */
24 :
25 : /*
26 : * Name: ldb
27 : *
28 : * Component: ldb core API
29 : *
30 : * Description: core API routines interfacing to ldb backends
31 : *
32 : * Author: Andrew Tridgell
33 : */
34 :
35 : #define TEVENT_DEPRECATED 1
36 : #include "ldb_private.h"
37 : #include "ldb.h"
38 :
39 707482 : static int ldb_context_destructor(void *ptr)
40 : {
41 707482 : struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42 :
43 707482 : if (ldb->transaction_active) {
44 30 : ldb_debug(ldb, LDB_DEBUG_FATAL,
45 : "A transaction is still active in ldb context [%p] on %s",
46 30 : ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 : }
48 :
49 707482 : return 0;
50 : }
51 :
52 : /*
53 : this is used to catch debug messages from events
54 : */
55 : static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 : const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57 :
58 1039049907 : static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 : const char *fmt, va_list ap)
60 : {
61 1039049907 : struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 1039049907 : enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63 :
64 1039049907 : switch (level) {
65 0 : case TEVENT_DEBUG_FATAL:
66 0 : ldb_level = LDB_DEBUG_FATAL;
67 0 : break;
68 0 : case TEVENT_DEBUG_ERROR:
69 0 : ldb_level = LDB_DEBUG_ERROR;
70 0 : break;
71 0 : case TEVENT_DEBUG_WARNING:
72 0 : ldb_level = LDB_DEBUG_WARNING;
73 0 : break;
74 1010333696 : case TEVENT_DEBUG_TRACE:
75 1010333696 : ldb_level = LDB_DEBUG_TRACE;
76 1010333696 : break;
77 28716211 : };
78 :
79 : /* There isn't a tevent: prefix here because to add it means
80 : * actually printing the string, and most of the time we don't
81 : * want to show it */
82 1039049907 : ldb_vdebug(ldb, ldb_level, fmt, ap);
83 1039049907 : }
84 :
85 : /*
86 : initialise a ldb context
87 : The mem_ctx is required
88 : The event_ctx is required
89 : */
90 746826 : struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 : {
92 15452 : struct ldb_context *ldb;
93 15452 : int ret;
94 746826 : const char *modules_path = getenv("LDB_MODULES_PATH");
95 :
96 746826 : if (modules_path == NULL) {
97 746826 : modules_path = LDB_MODULESDIR;
98 : }
99 :
100 746826 : ret = ldb_modules_load(modules_path, LDB_VERSION);
101 746826 : if (ret != LDB_SUCCESS) {
102 0 : return NULL;
103 : }
104 :
105 746826 : ldb = talloc_zero(mem_ctx, struct ldb_context);
106 746826 : if (ldb == NULL) {
107 0 : return NULL;
108 : }
109 :
110 : /* A new event context so that callers who don't want ldb
111 : * operating on their global event context can work without
112 : * having to provide their own private one explicitly */
113 746826 : if (ev_ctx == NULL) {
114 313888 : ev_ctx = tevent_context_init(ldb);
115 313888 : if (ev_ctx == NULL) {
116 0 : talloc_free(ldb);
117 0 : return NULL;
118 : }
119 313888 : tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 313888 : tevent_set_max_debug_level(ev_ctx, TEVENT_DEBUG_TRACE);
121 313888 : tevent_loop_allow_nesting(ev_ctx);
122 : }
123 :
124 746826 : ret = ldb_setup_wellknown_attributes(ldb);
125 746826 : if (ret != LDB_SUCCESS) {
126 0 : talloc_free(ldb);
127 0 : return NULL;
128 : }
129 :
130 746826 : ldb_set_utf8_default(ldb);
131 746826 : ldb_set_create_perms(ldb, 0666);
132 746826 : ldb_set_modules_dir(ldb, LDB_MODULESDIR);
133 746826 : ldb_set_event_context(ldb, ev_ctx);
134 746826 : ret = ldb_register_extended_match_rules(ldb);
135 746826 : if (ret != LDB_SUCCESS) {
136 0 : talloc_free(ldb);
137 0 : return NULL;
138 : }
139 :
140 : /* TODO: get timeout from options if available there */
141 746826 : ldb->default_timeout = 300; /* set default to 5 minutes */
142 :
143 746826 : talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
144 :
145 746826 : return ldb;
146 : }
147 :
148 : /*
149 : try to autodetect a basedn if none specified. This fixes one of my
150 : pet hates about ldapsearch, which is that you have to get a long,
151 : complex basedn right to make any use of it.
152 : */
153 1147606 : void ldb_set_default_dns(struct ldb_context *ldb)
154 : {
155 22186 : TALLOC_CTX *tmp_ctx;
156 22186 : int ret;
157 22186 : struct ldb_result *res;
158 1147606 : struct ldb_dn *tmp_dn=NULL;
159 22186 : static const char *attrs[] = {
160 : "rootDomainNamingContext",
161 : "configurationNamingContext",
162 : "schemaNamingContext",
163 : "defaultNamingContext",
164 : NULL
165 : };
166 :
167 1147606 : tmp_ctx = talloc_new(ldb);
168 1147606 : ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
169 : LDB_SCOPE_BASE, attrs, "(objectClass=*)");
170 1147606 : if (ret != LDB_SUCCESS) {
171 314280 : talloc_free(tmp_ctx);
172 322248 : return;
173 : }
174 :
175 833326 : if (res->count != 1) {
176 6 : talloc_free(tmp_ctx);
177 6 : return;
178 : }
179 :
180 833320 : if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
181 429764 : tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
182 : "rootDomainNamingContext");
183 429764 : ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
184 : }
185 :
186 833320 : if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
187 429764 : tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
188 : "configurationNamingContext");
189 429764 : ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
190 : }
191 :
192 833320 : if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
193 429764 : tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
194 : "schemaNamingContext");
195 429764 : ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
196 : }
197 :
198 833320 : if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
199 429764 : tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
200 : "defaultNamingContext");
201 429764 : ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
202 : }
203 :
204 833320 : talloc_free(tmp_ctx);
205 : }
206 :
207 1754536 : struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
208 : {
209 1754536 : void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
210 1754536 : return talloc_get_type(opaque, struct ldb_dn);
211 : }
212 :
213 5380315 : struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
214 : {
215 5380315 : void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
216 5380315 : return talloc_get_type(opaque, struct ldb_dn);
217 : }
218 :
219 4086302 : struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
220 : {
221 4086302 : void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
222 4086302 : return talloc_get_type(opaque, struct ldb_dn);
223 : }
224 :
225 7495749 : struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
226 : {
227 7495749 : void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
228 7495749 : return talloc_get_type(opaque, struct ldb_dn);
229 : }
230 :
231 : /*
232 : connect to a database. The URL can either be one of the following forms
233 : ldb://path
234 : ldapi://path
235 :
236 : flags is made up of LDB_FLG_*
237 :
238 : the options are passed uninterpreted to the backend, and are
239 : backend specific
240 : */
241 745842 : int ldb_connect(struct ldb_context *ldb, const char *url,
242 : unsigned int flags, const char *options[])
243 : {
244 15144 : int ret;
245 15144 : char *url2;
246 :
247 745842 : const char *existing_url = ldb_get_opaque(ldb, "ldb_url");
248 745842 : if (existing_url != NULL) {
249 8 : ldb_asprintf_errstring(
250 : ldb,
251 : "This LDB has already connected to '%s', and "
252 : "cannot also connect to '%s'",
253 : existing_url, url);
254 8 : return LDB_ERR_OPERATIONS_ERROR;
255 : }
256 :
257 : /* We seem to need to do this here, or else some utilities don't
258 : * get ldb backends */
259 :
260 745834 : ldb->flags = flags;
261 :
262 745834 : url2 = talloc_strdup(ldb, url);
263 745834 : if (!url2) {
264 0 : ldb_oom(ldb);
265 0 : return LDB_ERR_OPERATIONS_ERROR;
266 : }
267 745834 : ret = ldb_set_opaque(ldb, "ldb_url", url2);
268 745834 : if (ret != LDB_SUCCESS) {
269 0 : return ret;
270 : }
271 :
272 : /*
273 : * Take a copy of the options.
274 : */
275 745834 : ldb->options = ldb_options_copy(ldb, options);
276 745834 : if (ldb->options == NULL && options != NULL) {
277 0 : ldb_oom(ldb);
278 0 : return LDB_ERR_OPERATIONS_ERROR;
279 : }
280 :
281 745834 : ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
282 745834 : if (ret != LDB_SUCCESS) {
283 1772 : return ret;
284 : }
285 :
286 744057 : ret = ldb_load_modules(ldb, options);
287 744057 : if (ret != LDB_SUCCESS) {
288 7 : ldb_debug(ldb, LDB_DEBUG_FATAL,
289 : "Unable to load modules for %s: %s",
290 : url, ldb_errstring(ldb));
291 7 : return ret;
292 : }
293 :
294 : /* set the default base dn */
295 744050 : ldb_set_default_dns(ldb);
296 :
297 744050 : return LDB_SUCCESS;
298 : }
299 :
300 1270687 : void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
301 : {
302 1270687 : ldb_asprintf_errstring(ldb, "%s", err_string);
303 1270687 : }
304 :
305 4831200 : void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
306 : {
307 486462 : va_list ap;
308 4831200 : char *old_err_string = NULL;
309 4831200 : if (ldb->err_string) {
310 303537 : old_err_string = ldb->err_string;
311 : }
312 :
313 4831200 : va_start(ap, format);
314 4831200 : ldb->err_string = talloc_vasprintf(ldb, format, ap);
315 4831200 : va_end(ap);
316 :
317 4831200 : TALLOC_FREE(old_err_string);
318 :
319 4831200 : if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
320 0 : ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
321 : ldb->err_string);
322 : }
323 4831200 : }
324 :
325 59204441 : void ldb_reset_err_string(struct ldb_context *ldb)
326 : {
327 59204441 : TALLOC_FREE(ldb->err_string);
328 59204441 : }
329 :
330 :
331 :
332 : /*
333 : set an ldb error based on file:line
334 : */
335 457991 : int ldb_error_at(struct ldb_context *ldb, int ecode,
336 : const char *reason, const char *file, int line)
337 : {
338 457991 : if (reason == NULL) {
339 0 : reason = ldb_strerror(ecode);
340 : }
341 457991 : ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
342 457991 : return ecode;
343 : }
344 :
345 :
346 : #define FIRST_OP_NOERR(ldb, op) do { \
347 : next_module = ldb->modules; \
348 : while (next_module && next_module->ops->op == NULL) { \
349 : next_module = next_module->next; \
350 : }; \
351 : if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && next_module) { \
352 : ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
353 : next_module->ops->name); \
354 : } \
355 : } while (0)
356 :
357 : #define FIRST_OP(ldb, op) do { \
358 : FIRST_OP_NOERR(ldb, op); \
359 : if (next_module == NULL) { \
360 : ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
361 : return LDB_ERR_OPERATIONS_ERROR; \
362 : } \
363 : } while (0)
364 :
365 :
366 : /*
367 : start a transaction
368 : */
369 1873364 : int ldb_transaction_start(struct ldb_context *ldb)
370 : {
371 128970 : struct ldb_module *next_module;
372 128970 : int status;
373 :
374 1873364 : ldb_debug(ldb, LDB_DEBUG_TRACE,
375 : "start ldb transaction (nesting: %d)",
376 : ldb->transaction_active);
377 :
378 : /* explicit transaction active, count nested requests */
379 1873364 : if (ldb->transaction_active) {
380 809453 : ldb->transaction_active++;
381 809453 : return LDB_SUCCESS;
382 : }
383 :
384 : /* start a new transaction */
385 1063911 : ldb->transaction_active++;
386 1063911 : ldb->prepare_commit_done = false;
387 :
388 2325365 : FIRST_OP(ldb, start_transaction);
389 :
390 1063911 : ldb_reset_err_string(ldb);
391 :
392 1063911 : status = next_module->ops->start_transaction(next_module);
393 1063911 : if (status != LDB_SUCCESS) {
394 35 : if (ldb->err_string == NULL) {
395 : /* no error string was setup by the backend */
396 32 : ldb_asprintf_errstring(ldb,
397 : "ldb transaction start: %s (%d)",
398 : ldb_strerror(status),
399 : status);
400 32 : ldb->transaction_active--;
401 : }
402 35 : if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
403 0 : ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
404 : ldb_errstring(next_module->ldb));
405 : }
406 : } else {
407 1063876 : if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
408 0 : ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction success");
409 : }
410 : }
411 1045173 : return status;
412 : }
413 :
414 : /*
415 : prepare for transaction commit (first phase of two phase commit)
416 : */
417 1738280 : int ldb_transaction_prepare_commit(struct ldb_context *ldb)
418 : {
419 126281 : struct ldb_module *next_module;
420 126281 : int status;
421 :
422 1738280 : if (ldb->prepare_commit_done) {
423 2658 : return LDB_SUCCESS;
424 : }
425 :
426 : /* commit only when all nested transactions are complete */
427 1735618 : if (ldb->transaction_active > 1) {
428 699790 : return LDB_SUCCESS;
429 : }
430 :
431 925686 : ldb->prepare_commit_done = true;
432 :
433 925686 : if (ldb->transaction_active < 0) {
434 0 : ldb_debug(ldb, LDB_DEBUG_FATAL,
435 : "prepare commit called but no ldb transactions are active!");
436 0 : ldb->transaction_active = 0;
437 0 : return LDB_ERR_OPERATIONS_ERROR;
438 : }
439 :
440 : /* call prepare transaction if available */
441 8283840 : FIRST_OP_NOERR(ldb, prepare_commit);
442 925686 : if (next_module == NULL) {
443 154051 : return LDB_SUCCESS;
444 : }
445 :
446 771419 : ldb_reset_err_string(ldb);
447 :
448 771419 : status = next_module->ops->prepare_commit(next_module);
449 771419 : if (status != LDB_SUCCESS) {
450 10 : ldb->transaction_active--;
451 : /* if a next_module fails the prepare then we need
452 : to call the end transaction for everyone */
453 12 : FIRST_OP(ldb, del_transaction);
454 10 : next_module->ops->del_transaction(next_module);
455 10 : if (ldb->err_string == NULL) {
456 : /* no error string was setup by the backend */
457 0 : ldb_asprintf_errstring(ldb,
458 : "ldb transaction prepare commit: %s (%d)",
459 : ldb_strerror(status),
460 : status);
461 : }
462 10 : if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
463 0 : ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
464 : ldb_errstring(next_module->ldb));
465 : }
466 : }
467 :
468 755500 : return status;
469 : }
470 :
471 :
472 : /*
473 : commit a transaction
474 : */
475 1734309 : int ldb_transaction_commit(struct ldb_context *ldb)
476 : {
477 126277 : struct ldb_module *next_module;
478 126277 : int status;
479 :
480 1734309 : status = ldb_transaction_prepare_commit(ldb);
481 1734309 : if (status != LDB_SUCCESS) {
482 7 : return status;
483 : }
484 :
485 1734299 : ldb->transaction_active--;
486 :
487 1734299 : ldb_debug(ldb, LDB_DEBUG_TRACE,
488 : "commit ldb transaction (nesting: %d)",
489 : ldb->transaction_active);
490 :
491 : /* commit only when all nested transactions are complete */
492 1734299 : if (ldb->transaction_active > 0) {
493 698485 : return LDB_SUCCESS;
494 : }
495 :
496 925672 : if (ldb->transaction_active < 0) {
497 0 : ldb_debug(ldb, LDB_DEBUG_FATAL,
498 : "commit called but no ldb transactions are active!");
499 0 : ldb->transaction_active = 0;
500 0 : return LDB_ERR_OPERATIONS_ERROR;
501 : }
502 :
503 925672 : ldb_reset_err_string(ldb);
504 :
505 2082248 : FIRST_OP(ldb, end_transaction);
506 925672 : status = next_module->ops->end_transaction(next_module);
507 925672 : if (status != LDB_SUCCESS) {
508 2 : if (ldb->err_string == NULL) {
509 : /* no error string was setup by the backend */
510 0 : ldb_asprintf_errstring(ldb,
511 : "ldb transaction commit: %s (%d)",
512 : ldb_strerror(status),
513 : status);
514 : }
515 2 : if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
516 0 : ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
517 : ldb_errstring(next_module->ldb));
518 : }
519 : }
520 909540 : return status;
521 : }
522 :
523 :
524 : /*
525 : cancel a transaction
526 : */
527 138990 : int ldb_transaction_cancel(struct ldb_context *ldb)
528 : {
529 2631 : struct ldb_module *next_module;
530 2631 : int status;
531 :
532 138990 : ldb->transaction_active--;
533 :
534 138990 : ldb_debug(ldb, LDB_DEBUG_TRACE,
535 : "cancel ldb transaction (nesting: %d)",
536 : ldb->transaction_active);
537 :
538 : /* really cancel only if all nested transactions are complete */
539 138990 : if (ldb->transaction_active > 0) {
540 736 : return LDB_SUCCESS;
541 : }
542 :
543 138164 : if (ldb->transaction_active < 0) {
544 0 : ldb_debug(ldb, LDB_DEBUG_FATAL,
545 : "cancel called but no ldb transactions are active!");
546 0 : ldb->transaction_active = 0;
547 0 : return LDB_ERR_OPERATIONS_ERROR;
548 : }
549 :
550 242996 : FIRST_OP(ldb, del_transaction);
551 :
552 138164 : status = next_module->ops->del_transaction(next_module);
553 138164 : if (status != LDB_SUCCESS) {
554 0 : if (ldb->err_string == NULL) {
555 : /* no error string was setup by the backend */
556 0 : ldb_asprintf_errstring(ldb,
557 : "ldb transaction cancel: %s (%d)",
558 : ldb_strerror(status),
559 : status);
560 : }
561 0 : if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
562 0 : ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
563 : ldb_errstring(next_module->ldb));
564 : }
565 : }
566 135623 : return status;
567 : }
568 :
569 : /*
570 : cancel a transaction with no error if no transaction is pending
571 : used when we fork() to clear any parent transactions
572 : */
573 0 : int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
574 : {
575 0 : if (ldb->transaction_active > 0) {
576 0 : return ldb_transaction_cancel(ldb);
577 : }
578 0 : return LDB_SUCCESS;
579 : }
580 :
581 :
582 : /* autostarts a transaction if none active */
583 398554 : static int ldb_autotransaction_request(struct ldb_context *ldb,
584 : struct ldb_request *req)
585 : {
586 18893 : int ret;
587 :
588 398554 : ret = ldb_transaction_start(ldb);
589 398554 : if (ret != LDB_SUCCESS) {
590 0 : return ret;
591 : }
592 :
593 398522 : ret = ldb_request(ldb, req);
594 398522 : if (ret == LDB_SUCCESS) {
595 398373 : ret = ldb_wait(req->handle, LDB_WAIT_ALL);
596 : }
597 :
598 398522 : if (ret == LDB_SUCCESS) {
599 353999 : return ldb_transaction_commit(ldb);
600 : }
601 44523 : ldb_transaction_cancel(ldb);
602 :
603 44523 : return ret;
604 : }
605 :
606 113709096 : int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
607 : {
608 3720907 : struct tevent_context *ev;
609 3720907 : int ret;
610 :
611 113709096 : if (handle == NULL) {
612 0 : return LDB_ERR_UNAVAILABLE;
613 : }
614 :
615 113709096 : if (handle->state == LDB_ASYNC_DONE) {
616 13966466 : if ((handle->status != LDB_SUCCESS) &&
617 1 : (handle->ldb->err_string == NULL)) {
618 : /* if no error string was setup by the backend */
619 0 : ldb_asprintf_errstring(handle->ldb,
620 : "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)",
621 : handle->location,
622 : ldb_strerror(handle->status),
623 : handle->status);
624 : }
625 13966466 : return handle->status;
626 : }
627 :
628 99742630 : ev = ldb_handle_get_event_context(handle);
629 99742630 : if (NULL == ev) {
630 0 : return ldb_oom(handle->ldb);
631 : }
632 :
633 99742630 : switch (type) {
634 3470857 : case LDB_WAIT_NONE:
635 3470857 : ret = tevent_loop_once(ev);
636 3470857 : if (ret != 0) {
637 0 : return ldb_operr(handle->ldb);
638 : }
639 3470857 : if (handle->status == LDB_SUCCESS) {
640 3469491 : return LDB_SUCCESS;
641 : }
642 1366 : if (handle->ldb->err_string != NULL) {
643 1357 : return handle->status;
644 : }
645 : /*
646 : * if no error string was setup by the backend
647 : */
648 9 : ldb_asprintf_errstring(handle->ldb,
649 : "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)",
650 : handle->location,
651 : ldb_strerror(handle->status),
652 : handle->status);
653 9 : return handle->status;
654 :
655 92878751 : case LDB_WAIT_ALL:
656 303587900 : while (handle->state != LDB_ASYNC_DONE) {
657 211216781 : ret = tevent_loop_once(ev);
658 211216762 : if (ret != 0) {
659 0 : return ldb_operr(handle->ldb);
660 : }
661 211216762 : if (handle->status != LDB_SUCCESS) {
662 3900635 : if (handle->ldb->err_string != NULL) {
663 3418247 : return handle->status;
664 : }
665 : /*
666 : * if no error string was setup by the
667 : * backend
668 : */
669 34090 : ldb_asprintf_errstring(handle->ldb,
670 : "ldb_wait from %s with "
671 : "LDB_WAIT_ALL: %s (%d)",
672 : handle->location,
673 : ldb_strerror(handle->status),
674 : handle->status);
675 34090 : return handle->status;
676 : }
677 : }
678 92371119 : if (handle->status == LDB_SUCCESS) {
679 89428733 : return LDB_SUCCESS;
680 : }
681 0 : if (handle->ldb->err_string != NULL) {
682 0 : return handle->status;
683 : }
684 : /*
685 : * if no error string was setup by the backend
686 : */
687 0 : ldb_asprintf_errstring(handle->ldb,
688 : "ldb_wait from %s with LDB_WAIT_ALL,"
689 : " LDB_ASYNC_DONE: %s (%d)",
690 : handle->location,
691 : ldb_strerror(handle->status),
692 : handle->status);
693 0 : return handle->status;
694 : }
695 :
696 0 : return LDB_SUCCESS;
697 : }
698 :
699 : /* set the specified timeout or, if timeout is 0 set the default timeout */
700 82895132 : int ldb_set_timeout(struct ldb_context *ldb,
701 : struct ldb_request *req,
702 : int timeout)
703 : {
704 82895132 : if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
705 :
706 82895132 : if (timeout != 0) {
707 341310 : req->timeout = timeout;
708 : } else {
709 82553822 : req->timeout = ldb->default_timeout;
710 : }
711 82895132 : req->starttime = time(NULL);
712 :
713 82895132 : return LDB_SUCCESS;
714 : }
715 :
716 : /* calculates the new timeout based on the previous starttime and timeout */
717 595059446 : int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
718 : struct ldb_request *oldreq,
719 : struct ldb_request *newreq)
720 : {
721 595059446 : if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
722 :
723 595059446 : if (oldreq == NULL) {
724 69616786 : return ldb_set_timeout(ldb, newreq, 0);
725 : }
726 :
727 525442660 : newreq->starttime = oldreq->starttime;
728 525442660 : newreq->timeout = oldreq->timeout;
729 :
730 525442660 : return LDB_SUCCESS;
731 : }
732 :
733 :
734 81086103 : struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
735 : {
736 3071408 : struct ldb_handle *h;
737 :
738 81086103 : h = talloc_zero(mem_ctx, struct ldb_handle);
739 81086103 : if (h == NULL) {
740 0 : ldb_set_errstring(ldb, "Out of Memory");
741 0 : return NULL;
742 : }
743 :
744 81086103 : h->status = LDB_SUCCESS;
745 81086103 : h->state = LDB_ASYNC_INIT;
746 81086103 : h->ldb = ldb;
747 81086103 : h->flags = 0;
748 81086103 : h->location = NULL;
749 81086103 : h->parent = NULL;
750 :
751 81086103 : if (h->ldb->require_private_event_context == true) {
752 80516485 : h->event_context = tevent_context_init(h);
753 80516485 : if (h->event_context == NULL) {
754 0 : ldb_set_errstring(ldb,
755 : "Out of Memory allocating "
756 : "event context for new handle");
757 0 : return NULL;
758 : }
759 80516485 : tevent_set_debug(h->event_context, ldb_tevent_debug, ldb);
760 80516485 : tevent_set_max_debug_level(h->event_context, TEVENT_DEBUG_TRACE);
761 80516485 : tevent_loop_allow_nesting(h->event_context);
762 : }
763 :
764 78014695 : return h;
765 : }
766 :
767 525442660 : static struct ldb_handle *ldb_handle_new_child(TALLOC_CTX *mem_ctx,
768 : struct ldb_request *parent_req)
769 : {
770 18319004 : struct ldb_handle *h;
771 :
772 525442660 : h = talloc_zero(mem_ctx, struct ldb_handle);
773 525442660 : if (h == NULL) {
774 0 : ldb_set_errstring(parent_req->handle->ldb,
775 : "Out of Memory");
776 0 : return NULL;
777 : }
778 :
779 525442660 : h->status = LDB_SUCCESS;
780 525442660 : h->state = LDB_ASYNC_INIT;
781 525442660 : h->ldb = parent_req->handle->ldb;
782 525442660 : h->parent = parent_req;
783 525442660 : h->nesting = parent_req->handle->nesting + 1;
784 525442660 : h->flags = parent_req->handle->flags;
785 525442660 : h->custom_flags = parent_req->handle->custom_flags;
786 525442660 : h->event_context = parent_req->handle->event_context;
787 :
788 525442660 : return h;
789 : }
790 :
791 : /*
792 : set the permissions for new files to be passed to open() in
793 : backends that use local files
794 : */
795 1485809 : void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
796 : {
797 1485809 : ldb->create_perms = perms;
798 1485809 : }
799 :
800 2154367 : unsigned int ldb_get_create_perms(struct ldb_context *ldb)
801 : {
802 2154367 : return ldb->create_perms;
803 : }
804 :
805 1775022 : void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
806 : {
807 1775022 : ldb->ev_ctx = ev;
808 1775022 : }
809 :
810 274414020 : struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
811 : {
812 274414020 : return ldb->ev_ctx;
813 : }
814 :
815 206509940 : void ldb_request_set_state(struct ldb_request *req, int state)
816 : {
817 206509940 : req->handle->state = state;
818 206509940 : }
819 :
820 205836155 : int ldb_request_get_status(struct ldb_request *req)
821 : {
822 205836155 : return req->handle->status;
823 : }
824 :
825 : /*
826 : * This function obtains the private event context for the handle,
827 : * which may have been created to avoid nested event loops during
828 : * ldb_tdb with the locks held
829 : */
830 305684097 : struct tevent_context *ldb_handle_get_event_context(struct ldb_handle *handle)
831 : {
832 305684097 : if (handle->event_context != NULL) {
833 292510171 : return handle->event_context;
834 : }
835 4038026 : return ldb_get_event_context(handle->ldb);
836 : }
837 :
838 : /*
839 : * This function forces a specific ldb handle to use the global event
840 : * context. This allows a nested event loop to operate, so any open
841 : * transaction also needs to be aborted.
842 : *
843 : * Any events on this event context will be lost
844 : *
845 : * This is used in Samba when sending an IRPC to another part of the
846 : * same process instead of making a local DB modification.
847 : */
848 59 : void ldb_handle_use_global_event_context(struct ldb_handle *handle)
849 : {
850 59 : TALLOC_FREE(handle->event_context);
851 59 : }
852 :
853 2669730 : void ldb_set_require_private_event_context(struct ldb_context *ldb)
854 : {
855 2669730 : ldb->require_private_event_context = true;
856 2669730 : }
857 :
858 : /*
859 : trace a ldb request
860 : */
861 0 : static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
862 : {
863 0 : TALLOC_CTX *tmp_ctx = talloc_new(req);
864 0 : unsigned int i;
865 0 : struct ldb_ldif ldif;
866 :
867 0 : switch (req->operation) {
868 0 : case LDB_SEARCH:
869 0 : ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
870 0 : ldb_debug_add(ldb, " dn: %s\n",
871 0 : ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
872 0 : ldb_dn_get_linearized(req->op.search.base));
873 0 : ldb_debug_add(ldb, " scope: %s\n",
874 0 : req->op.search.scope==LDB_SCOPE_BASE?"base":
875 0 : req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
876 0 : req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
877 0 : ldb_debug_add(ldb, " expr: %s\n",
878 0 : ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
879 0 : if (req->op.search.attrs == NULL) {
880 0 : ldb_debug_add(ldb, " attr: <ALL>\n");
881 : } else {
882 0 : for (i=0; req->op.search.attrs[i]; i++) {
883 0 : ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
884 : }
885 : }
886 0 : break;
887 0 : case LDB_DELETE:
888 0 : ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
889 0 : ldb_debug_add(ldb, " dn: %s\n",
890 : ldb_dn_get_linearized(req->op.del.dn));
891 0 : break;
892 0 : case LDB_RENAME:
893 0 : ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
894 0 : ldb_debug_add(ldb, " olddn: %s\n",
895 : ldb_dn_get_linearized(req->op.rename.olddn));
896 0 : ldb_debug_add(ldb, " newdn: %s\n",
897 : ldb_dn_get_linearized(req->op.rename.newdn));
898 0 : break;
899 0 : case LDB_EXTENDED:
900 0 : ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
901 0 : ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
902 0 : ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
903 0 : break;
904 0 : case LDB_ADD:
905 0 : ldif.changetype = LDB_CHANGETYPE_ADD;
906 0 : ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
907 :
908 0 : ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
909 :
910 : /*
911 : * The choice to call
912 : * ldb_ldif_write_redacted_trace_string() is CRITICAL
913 : * for security. It ensures that we do not output
914 : * passwords into debug logs
915 : */
916 :
917 0 : ldb_debug_add(req->handle->ldb, "%s\n",
918 0 : ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
919 0 : break;
920 0 : case LDB_MODIFY:
921 0 : ldif.changetype = LDB_CHANGETYPE_MODIFY;
922 0 : ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
923 :
924 0 : ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
925 :
926 : /*
927 : * The choice to call
928 : * ldb_ldif_write_redacted_trace_string() is CRITICAL
929 : * for security. It ensures that we do not output
930 : * passwords into debug logs
931 : */
932 :
933 0 : ldb_debug_add(req->handle->ldb, "%s\n",
934 0 : ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
935 0 : break;
936 0 : case LDB_REQ_REGISTER_CONTROL:
937 0 : ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
938 0 : ldb_debug_add(req->handle->ldb, "%s\n",
939 : req->op.reg_control.oid);
940 0 : break;
941 0 : case LDB_REQ_REGISTER_PARTITION:
942 0 : ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
943 0 : ldb_debug_add(req->handle->ldb, "%s\n",
944 : ldb_dn_get_linearized(req->op.reg_partition.dn));
945 0 : break;
946 0 : default:
947 0 : ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
948 0 : req->operation);
949 0 : break;
950 : }
951 :
952 0 : if (req->controls == NULL) {
953 0 : ldb_debug_add(ldb, " control: <NONE>\n");
954 : } else {
955 0 : for (i=0; req->controls && req->controls[i]; i++) {
956 0 : if (req->controls[i]->oid) {
957 0 : ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
958 0 : req->controls[i]->oid,
959 0 : req->controls[i]->critical,
960 0 : req->controls[i]->data?"yes":"no");
961 : }
962 : }
963 : }
964 :
965 0 : ldb_debug_end(ldb, LDB_DEBUG_TRACE);
966 :
967 0 : talloc_free(tmp_ctx);
968 0 : }
969 :
970 : /*
971 : check that the element flags don't have any internal bits set
972 : */
973 1476014 : static int ldb_msg_check_element_flags(struct ldb_context *ldb,
974 : const struct ldb_message *message)
975 : {
976 119178 : unsigned i;
977 8610618 : for (i=0; i<message->num_elements; i++) {
978 7134604 : if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
979 0 : ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
980 0 : message->elements[i].flags, message->elements[i].name,
981 0 : ldb_dn_get_linearized(message->dn));
982 0 : return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
983 : }
984 : }
985 1356836 : return LDB_SUCCESS;
986 : }
987 :
988 : /*
989 : * This context allows us to make the unlock be a talloc destructor
990 : *
991 : * This ensures that a request started, but not waited on, will still
992 : * unlock.
993 : */
994 : struct ldb_db_lock_context {
995 : struct ldb_request *req;
996 : struct ldb_context *ldb;
997 : };
998 :
999 : /*
1000 : * We have to have the unlock on a destructor so that we unlock the
1001 : * DB if a caller calls talloc_free(req). We trust that the ldb
1002 : * context has not already gone away.
1003 : */
1004 28874463 : static int ldb_db_lock_destructor(struct ldb_db_lock_context *lock_context)
1005 : {
1006 1298785 : int ret;
1007 1298785 : struct ldb_module *next_module;
1008 133536657 : FIRST_OP_NOERR(lock_context->ldb, read_unlock);
1009 28874463 : if (next_module != NULL) {
1010 28874463 : ret = next_module->ops->read_unlock(next_module);
1011 : } else {
1012 0 : ret = LDB_SUCCESS;
1013 : }
1014 :
1015 28874463 : if (ret != LDB_SUCCESS) {
1016 2 : ldb_debug(lock_context->ldb,
1017 : LDB_DEBUG_FATAL,
1018 : "Failed to unlock db: %s / %s",
1019 : ldb_errstring(lock_context->ldb),
1020 : ldb_strerror(ret));
1021 : }
1022 28874463 : return 0;
1023 : }
1024 :
1025 60292789 : static int ldb_lock_backend_callback(struct ldb_request *req,
1026 : struct ldb_reply *ares)
1027 : {
1028 2405578 : struct ldb_db_lock_context *lock_context;
1029 2405578 : int ret;
1030 :
1031 60292789 : if (req->context == NULL) {
1032 : /*
1033 : * The usual way to get here is to ignore the return codes
1034 : * and continuing processing after an error.
1035 : */
1036 0 : abort();
1037 : }
1038 60292789 : lock_context = talloc_get_type(req->context,
1039 : struct ldb_db_lock_context);
1040 :
1041 60292789 : if (!ares) {
1042 0 : return ldb_module_done(lock_context->req, NULL, NULL,
1043 : LDB_ERR_OPERATIONS_ERROR);
1044 : }
1045 60292789 : if (ares->error != LDB_SUCCESS || ares->type == LDB_REPLY_DONE) {
1046 28874418 : ret = ldb_module_done(lock_context->req, ares->controls,
1047 : ares->response, ares->error);
1048 : /*
1049 : * If this is a LDB_REPLY_DONE or an error, unlock the
1050 : * DB by calling the destructor on this context
1051 : */
1052 28874415 : TALLOC_FREE(req->context);
1053 28874415 : return ret;
1054 : }
1055 :
1056 : /* Otherwise pass on the callback */
1057 31418371 : switch (ares->type) {
1058 26608016 : case LDB_REPLY_ENTRY:
1059 26608016 : return ldb_module_send_entry(lock_context->req, ares->message,
1060 : ares->controls);
1061 :
1062 4810355 : case LDB_REPLY_REFERRAL:
1063 4810355 : return ldb_module_send_referral(lock_context->req,
1064 : ares->referral);
1065 0 : default:
1066 : /* Can't happen */
1067 0 : return LDB_ERR_OPERATIONS_ERROR;
1068 : }
1069 : }
1070 :
1071 : /*
1072 : * Do an ldb_search() with a lock held, but release it if the request
1073 : * is freed with talloc_free()
1074 : */
1075 29211967 : static int lock_search(struct ldb_module *lock_module, struct ldb_request *req)
1076 : {
1077 : /* Used in FIRST_OP_NOERR to find where to send the lock request */
1078 29211967 : struct ldb_module *next_module = NULL;
1079 29211967 : struct ldb_request *down_req = NULL;
1080 1299109 : struct ldb_db_lock_context *lock_context;
1081 29211967 : struct ldb_context *ldb = ldb_module_get_ctx(lock_module);
1082 1299109 : int ret;
1083 :
1084 29211967 : lock_context = talloc(req, struct ldb_db_lock_context);
1085 29211967 : if (lock_context == NULL) {
1086 0 : return ldb_oom(ldb);
1087 : }
1088 :
1089 29211967 : lock_context->ldb = ldb;
1090 29211967 : lock_context->req = req;
1091 :
1092 29211967 : ret = ldb_build_search_req_ex(&down_req, ldb, req,
1093 : req->op.search.base,
1094 : req->op.search.scope,
1095 : req->op.search.tree,
1096 : req->op.search.attrs,
1097 : req->controls,
1098 : lock_context,
1099 : ldb_lock_backend_callback,
1100 : req);
1101 29211967 : LDB_REQ_SET_LOCATION(down_req);
1102 29211967 : if (ret != LDB_SUCCESS) {
1103 0 : return ret;
1104 : }
1105 :
1106 : /* call DB lock */
1107 134281824 : FIRST_OP_NOERR(ldb, read_lock);
1108 29211967 : if (next_module != NULL) {
1109 28874485 : ret = next_module->ops->read_lock(next_module);
1110 : } else {
1111 337180 : ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1112 : }
1113 :
1114 29211665 : if (ret == LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION) {
1115 : /* We might be talking LDAP */
1116 337482 : ldb_reset_err_string(ldb);
1117 337482 : TALLOC_FREE(lock_context);
1118 :
1119 337482 : return ldb_next_request(lock_module, req);
1120 28874485 : } else if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1121 : /* if no error string was setup by the backend */
1122 0 : ldb_asprintf_errstring(ldb, "Failed to get DB lock: %s (%d)",
1123 : ldb_strerror(ret), ret);
1124 : } else {
1125 28874485 : talloc_set_destructor(lock_context, ldb_db_lock_destructor);
1126 : }
1127 :
1128 28874485 : if (ret != LDB_SUCCESS) {
1129 0 : return ret;
1130 : }
1131 :
1132 28874482 : return ldb_next_request(lock_module, down_req);
1133 : }
1134 :
1135 : /*
1136 : start an ldb request
1137 : NOTE: the request must be a talloc context.
1138 : returns LDB_ERR_* on errors.
1139 : */
1140 44278536 : int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
1141 : {
1142 1722778 : struct ldb_module *next_module;
1143 1722778 : int ret;
1144 :
1145 44278536 : if (req->callback == NULL) {
1146 0 : ldb_set_errstring(ldb, "Requests MUST define callbacks");
1147 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
1148 : }
1149 :
1150 44278536 : ldb_reset_err_string(ldb);
1151 :
1152 44278536 : if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
1153 0 : ldb_trace_request(ldb, req);
1154 : }
1155 :
1156 : /* call the first module in the chain */
1157 44278536 : switch (req->operation) {
1158 29212091 : case LDB_SEARCH:
1159 : {
1160 : /*
1161 : * A fake module to allow ldb_next_request() to be
1162 : * re-used and to keep the locking out of this function.
1163 : */
1164 1299109 : static const struct ldb_module_ops lock_module_ops = {
1165 : .name = "lock_searches",
1166 : .search = lock_search
1167 : };
1168 29212091 : struct ldb_module lock_module = {
1169 : .ldb = ldb,
1170 29212091 : .next = ldb->modules,
1171 : .ops = &lock_module_ops
1172 : };
1173 29212091 : next_module = &lock_module;
1174 :
1175 : /* due to "ldb_build_search_req" base DN always != NULL */
1176 29212091 : if (!ldb_dn_validate(req->op.search.base)) {
1177 124 : ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
1178 : ldb_dn_get_linearized(req->op.search.base));
1179 124 : return LDB_ERR_INVALID_DN_SYNTAX;
1180 : }
1181 :
1182 29211967 : ret = next_module->ops->search(next_module, req);
1183 29211967 : break;
1184 : }
1185 890849 : case LDB_ADD:
1186 890849 : if (!ldb_dn_validate(req->op.add.message->dn)) {
1187 18 : ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
1188 18 : ldb_dn_get_linearized(req->op.add.message->dn));
1189 18 : return LDB_ERR_INVALID_DN_SYNTAX;
1190 : }
1191 : /*
1192 : * we have to normalize here, as so many places
1193 : * in modules and backends assume we don't have two
1194 : * elements with the same name
1195 : */
1196 987449 : ret = ldb_msg_normalize(ldb, req, req->op.add.message,
1197 890831 : discard_const(&req->op.add.message));
1198 890831 : if (ret != LDB_SUCCESS) {
1199 0 : ldb_oom(ldb);
1200 0 : return ret;
1201 : }
1202 1494274 : FIRST_OP(ldb, add);
1203 890831 : ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
1204 890831 : if (ret != LDB_SUCCESS) {
1205 : /*
1206 : * "ldb_msg_check_element_flags" generates an error
1207 : * string
1208 : */
1209 0 : return ret;
1210 : }
1211 890831 : ret = next_module->ops->add(next_module, req);
1212 890831 : break;
1213 585183 : case LDB_MODIFY:
1214 585183 : if (!ldb_dn_validate(req->op.mod.message->dn)) {
1215 0 : ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
1216 0 : ldb_dn_get_linearized(req->op.mod.message->dn));
1217 0 : return LDB_ERR_INVALID_DN_SYNTAX;
1218 : }
1219 1036203 : FIRST_OP(ldb, modify);
1220 585183 : ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
1221 585183 : if (ret != LDB_SUCCESS) {
1222 : /*
1223 : * "ldb_msg_check_element_flags" generates an error
1224 : * string
1225 : */
1226 0 : return ret;
1227 : }
1228 585183 : ret = next_module->ops->modify(next_module, req);
1229 585183 : break;
1230 283039 : case LDB_DELETE:
1231 283039 : if (!ldb_dn_validate(req->op.del.dn)) {
1232 4 : ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
1233 : ldb_dn_get_linearized(req->op.del.dn));
1234 4 : return LDB_ERR_INVALID_DN_SYNTAX;
1235 : }
1236 594313 : FIRST_OP(ldb, del);
1237 283035 : ret = next_module->ops->del(next_module, req);
1238 283035 : break;
1239 2013 : case LDB_RENAME:
1240 2013 : if (!ldb_dn_validate(req->op.rename.olddn)) {
1241 20 : ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
1242 : ldb_dn_get_linearized(req->op.rename.olddn));
1243 20 : return LDB_ERR_INVALID_DN_SYNTAX;
1244 : }
1245 1993 : if (!ldb_dn_validate(req->op.rename.newdn)) {
1246 23 : ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
1247 : ldb_dn_get_linearized(req->op.rename.newdn));
1248 23 : return LDB_ERR_INVALID_DN_SYNTAX;
1249 : }
1250 4663 : FIRST_OP(ldb, rename);
1251 1970 : ret = next_module->ops->rename(next_module, req);
1252 1970 : break;
1253 1836044 : case LDB_EXTENDED:
1254 5573645 : FIRST_OP(ldb, extended);
1255 1836044 : ret = next_module->ops->extended(next_module, req);
1256 1836044 : break;
1257 11469317 : default:
1258 34777259 : FIRST_OP(ldb, request);
1259 11155166 : ret = next_module->ops->request(next_module, req);
1260 11155166 : break;
1261 : }
1262 :
1263 43964196 : if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1264 : /* if no error string was setup by the backend */
1265 2 : ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
1266 : ldb_strerror(ret), ret);
1267 : }
1268 :
1269 42249382 : return ret;
1270 : }
1271 :
1272 110248902 : int ldb_request_done(struct ldb_request *req, int status)
1273 : {
1274 110248902 : req->handle->state = LDB_ASYNC_DONE;
1275 110248902 : req->handle->status = status;
1276 110248902 : return status;
1277 : }
1278 :
1279 : /*
1280 : search the database given a LDAP-like search expression
1281 :
1282 : returns an LDB error code
1283 :
1284 : Use talloc_free to free the ldb_message returned in 'res', if successful
1285 :
1286 : */
1287 213787271 : int ldb_search_default_callback(struct ldb_request *req,
1288 : struct ldb_reply *ares)
1289 : {
1290 5267940 : struct ldb_result *res;
1291 5267940 : unsigned int n;
1292 :
1293 213787271 : res = talloc_get_type(req->context, struct ldb_result);
1294 :
1295 213787271 : if (!ares) {
1296 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1297 : }
1298 213787271 : if (ares->error != LDB_SUCCESS) {
1299 2044426 : return ldb_request_done(req, ares->error);
1300 : }
1301 :
1302 211742845 : switch (ares->type) {
1303 148485149 : case LDB_REPLY_ENTRY:
1304 148485149 : res->msgs = talloc_realloc(res, res->msgs,
1305 : struct ldb_message *, res->count + 2);
1306 148485149 : if (! res->msgs) {
1307 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1308 : }
1309 :
1310 148485149 : res->msgs[res->count + 1] = NULL;
1311 :
1312 148485149 : res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1313 148485149 : res->count++;
1314 148485149 : break;
1315 :
1316 5620582 : case LDB_REPLY_REFERRAL:
1317 5620582 : if (res->refs) {
1318 8705905 : for (n = 0; res->refs[n]; n++) /*noop*/ ;
1319 : } else {
1320 2084655 : n = 0;
1321 : }
1322 :
1323 5620582 : res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1324 5620582 : if (! res->refs) {
1325 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1326 : }
1327 :
1328 5620582 : res->refs[n] = talloc_move(res->refs, &ares->referral);
1329 5620582 : res->refs[n + 1] = NULL;
1330 5620582 : break;
1331 :
1332 57637114 : case LDB_REPLY_DONE:
1333 : /* TODO: we should really support controls on entries
1334 : * and referrals too! */
1335 57637114 : res->controls = talloc_move(res, &ares->controls);
1336 :
1337 : /* this is the last message, and means the request is done */
1338 : /* we have to signal and eventual ldb_wait() waiting that the
1339 : * async request operation was completed */
1340 57637114 : talloc_free(ares);
1341 57637114 : return ldb_request_done(req, LDB_SUCCESS);
1342 : }
1343 :
1344 154105731 : talloc_free(ares);
1345 :
1346 154105731 : return LDB_SUCCESS;
1347 : }
1348 :
1349 2536041 : int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1350 : {
1351 50176 : struct ldb_result *res;
1352 50176 : unsigned int n;
1353 50176 : int ret;
1354 :
1355 2536041 : res = talloc_get_type(req->context, struct ldb_result);
1356 :
1357 2536041 : if (!ares) {
1358 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1359 : }
1360 :
1361 2536041 : if (ares->error != LDB_SUCCESS) {
1362 47141 : ret = ares->error;
1363 47141 : talloc_free(ares);
1364 47141 : return ldb_request_done(req, ret);
1365 : }
1366 :
1367 2488900 : switch (ares->type) {
1368 9 : case LDB_REPLY_REFERRAL:
1369 9 : if (res->refs) {
1370 0 : for (n = 0; res->refs[n]; n++) /*noop*/ ;
1371 : } else {
1372 9 : n = 0;
1373 : }
1374 :
1375 9 : res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1376 9 : if (! res->refs) {
1377 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1378 : }
1379 :
1380 9 : res->refs[n] = talloc_move(res->refs, &ares->referral);
1381 9 : res->refs[n + 1] = NULL;
1382 9 : break;
1383 :
1384 2488891 : case LDB_REPLY_DONE:
1385 2488891 : talloc_free(ares);
1386 2488891 : return ldb_request_done(req, LDB_SUCCESS);
1387 0 : default:
1388 0 : talloc_free(ares);
1389 0 : ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1390 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1391 : }
1392 :
1393 9 : talloc_free(ares);
1394 9 : return ldb_request_done(req, LDB_SUCCESS);
1395 : }
1396 :
1397 12640053 : int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1398 : {
1399 319903 : int ret;
1400 :
1401 12640053 : if (!ares) {
1402 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1403 : }
1404 :
1405 12640053 : if (ares->error != LDB_SUCCESS) {
1406 93748 : ret = ares->error;
1407 93748 : talloc_free(ares);
1408 93748 : return ldb_request_done(req, ret);
1409 : }
1410 :
1411 12546305 : if (ares->type != LDB_REPLY_DONE) {
1412 364 : ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1413 364 : TALLOC_FREE(ares);
1414 364 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1415 : }
1416 :
1417 12545941 : talloc_free(ares);
1418 12545941 : return ldb_request_done(req, LDB_SUCCESS);
1419 : }
1420 :
1421 595059446 : static struct ldb_request *ldb_build_req_common(TALLOC_CTX *mem_ctx,
1422 : struct ldb_context *ldb,
1423 : struct ldb_control **controls,
1424 : void *context,
1425 : ldb_request_callback_t callback,
1426 : struct ldb_request *parent)
1427 : {
1428 595059446 : struct ldb_request *req = NULL;
1429 :
1430 595059446 : req = talloc_zero(mem_ctx, struct ldb_request);
1431 595059446 : if (req == NULL) {
1432 0 : return NULL;
1433 : }
1434 595059446 : req->controls = controls;
1435 595059446 : req->context = context;
1436 595059446 : req->callback = callback;
1437 :
1438 595059446 : ldb_set_timeout_from_prev_req(ldb, parent, req);
1439 :
1440 595059446 : if (parent != NULL) {
1441 525442660 : req->handle = ldb_handle_new_child(req, parent);
1442 525442660 : if (req->handle == NULL) {
1443 0 : TALLOC_FREE(req);
1444 0 : return NULL;
1445 : }
1446 : } else {
1447 69616786 : req->handle = ldb_handle_new(req, ldb);
1448 69616786 : if (req->handle == NULL) {
1449 0 : TALLOC_FREE(req);
1450 0 : return NULL;
1451 : }
1452 : }
1453 :
1454 573873096 : return req;
1455 : }
1456 :
1457 551195867 : int ldb_build_search_req_ex(struct ldb_request **ret_req,
1458 : struct ldb_context *ldb,
1459 : TALLOC_CTX *mem_ctx,
1460 : struct ldb_dn *base,
1461 : enum ldb_scope scope,
1462 : struct ldb_parse_tree *tree,
1463 : const char * const *attrs,
1464 : struct ldb_control **controls,
1465 : void *context,
1466 : ldb_request_callback_t callback,
1467 : struct ldb_request *parent)
1468 : {
1469 18902014 : struct ldb_request *req;
1470 :
1471 551195867 : *ret_req = NULL;
1472 :
1473 551195867 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1474 : context, callback, parent);
1475 551195867 : if (req == NULL) {
1476 0 : ldb_oom(ldb);
1477 0 : return LDB_ERR_OPERATIONS_ERROR;
1478 : }
1479 :
1480 551195867 : req->operation = LDB_SEARCH;
1481 551195867 : if (base == NULL) {
1482 26632520 : req->op.search.base = ldb_dn_new(req, ldb, NULL);
1483 26632520 : if (req->op.search.base == NULL) {
1484 0 : ldb_oom(ldb);
1485 0 : return LDB_ERR_OPERATIONS_ERROR;
1486 : }
1487 : } else {
1488 524563347 : req->op.search.base = base;
1489 : }
1490 551195867 : req->op.search.scope = scope;
1491 :
1492 551195867 : req->op.search.tree = tree;
1493 551195867 : if (req->op.search.tree == NULL) {
1494 0 : ldb_set_errstring(ldb, "'tree' can't be NULL");
1495 0 : talloc_free(req);
1496 0 : return LDB_ERR_OPERATIONS_ERROR;
1497 : }
1498 :
1499 551195867 : req->op.search.attrs = attrs;
1500 551195867 : *ret_req = req;
1501 551195867 : return LDB_SUCCESS;
1502 : }
1503 :
1504 70365028 : int ldb_build_search_req(struct ldb_request **ret_req,
1505 : struct ldb_context *ldb,
1506 : TALLOC_CTX *mem_ctx,
1507 : struct ldb_dn *base,
1508 : enum ldb_scope scope,
1509 : const char *expression,
1510 : const char * const *attrs,
1511 : struct ldb_control **controls,
1512 : void *context,
1513 : ldb_request_callback_t callback,
1514 : struct ldb_request *parent)
1515 : {
1516 2620969 : struct ldb_parse_tree *tree;
1517 2620969 : int ret;
1518 :
1519 70365028 : tree = ldb_parse_tree(mem_ctx, expression);
1520 70365028 : if (tree == NULL) {
1521 9 : ldb_set_errstring(ldb, "Unable to parse search expression");
1522 9 : return LDB_ERR_OPERATIONS_ERROR;
1523 : }
1524 :
1525 70365019 : ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1526 : scope, tree, attrs, controls,
1527 : context, callback, parent);
1528 70365019 : if (ret == LDB_SUCCESS) {
1529 70365019 : talloc_steal(*ret_req, tree);
1530 : }
1531 67744053 : return ret;
1532 : }
1533 :
1534 6811477 : int ldb_build_add_req(struct ldb_request **ret_req,
1535 : struct ldb_context *ldb,
1536 : TALLOC_CTX *mem_ctx,
1537 : const struct ldb_message *message,
1538 : struct ldb_control **controls,
1539 : void *context,
1540 : ldb_request_callback_t callback,
1541 : struct ldb_request *parent)
1542 : {
1543 815765 : struct ldb_request *req;
1544 :
1545 6811477 : *ret_req = NULL;
1546 :
1547 6811477 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1548 : context, callback, parent);
1549 6811477 : if (req == NULL) {
1550 0 : ldb_set_errstring(ldb, "Out of Memory");
1551 0 : return LDB_ERR_OPERATIONS_ERROR;
1552 : }
1553 :
1554 6811477 : req->operation = LDB_ADD;
1555 6811477 : req->op.add.message = message;
1556 6811477 : *ret_req = req;
1557 6811477 : return LDB_SUCCESS;
1558 : }
1559 :
1560 7140908 : int ldb_build_mod_req(struct ldb_request **ret_req,
1561 : struct ldb_context *ldb,
1562 : TALLOC_CTX *mem_ctx,
1563 : const struct ldb_message *message,
1564 : struct ldb_control **controls,
1565 : void *context,
1566 : ldb_request_callback_t callback,
1567 : struct ldb_request *parent)
1568 : {
1569 199227 : struct ldb_request *req;
1570 :
1571 7140908 : *ret_req = NULL;
1572 :
1573 7140908 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1574 : context, callback, parent);
1575 7140908 : if (req == NULL) {
1576 0 : ldb_set_errstring(ldb, "Out of Memory");
1577 0 : return LDB_ERR_OPERATIONS_ERROR;
1578 : }
1579 :
1580 7140908 : req->operation = LDB_MODIFY;
1581 7140908 : req->op.mod.message = message;
1582 :
1583 7140908 : *ret_req = req;
1584 7140908 : return LDB_SUCCESS;
1585 : }
1586 :
1587 599987 : int ldb_build_del_req(struct ldb_request **ret_req,
1588 : struct ldb_context *ldb,
1589 : TALLOC_CTX *mem_ctx,
1590 : struct ldb_dn *dn,
1591 : struct ldb_control **controls,
1592 : void *context,
1593 : ldb_request_callback_t callback,
1594 : struct ldb_request *parent)
1595 : {
1596 4562 : struct ldb_request *req;
1597 :
1598 599987 : *ret_req = NULL;
1599 :
1600 599987 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1601 : context, callback, parent);
1602 599987 : if (req == NULL) {
1603 0 : ldb_set_errstring(ldb, "Out of Memory");
1604 0 : return LDB_ERR_OPERATIONS_ERROR;
1605 : }
1606 :
1607 599987 : req->operation = LDB_DELETE;
1608 599987 : req->op.del.dn = dn;
1609 599987 : *ret_req = req;
1610 599987 : return LDB_SUCCESS;
1611 : }
1612 :
1613 345287 : int ldb_build_rename_req(struct ldb_request **ret_req,
1614 : struct ldb_context *ldb,
1615 : TALLOC_CTX *mem_ctx,
1616 : struct ldb_dn *olddn,
1617 : struct ldb_dn *newdn,
1618 : struct ldb_control **controls,
1619 : void *context,
1620 : ldb_request_callback_t callback,
1621 : struct ldb_request *parent)
1622 : {
1623 654 : struct ldb_request *req;
1624 :
1625 345287 : *ret_req = NULL;
1626 :
1627 345287 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1628 : context, callback, parent);
1629 345287 : if (req == NULL) {
1630 0 : ldb_set_errstring(ldb, "Out of Memory");
1631 0 : return LDB_ERR_OPERATIONS_ERROR;
1632 : }
1633 :
1634 345287 : req->operation = LDB_RENAME;
1635 345287 : req->op.rename.olddn = olddn;
1636 345287 : req->op.rename.newdn = newdn;
1637 345287 : *ret_req = req;
1638 345287 : return LDB_SUCCESS;
1639 : }
1640 :
1641 28961012 : int ldb_extended_default_callback(struct ldb_request *req,
1642 : struct ldb_reply *ares)
1643 : {
1644 1264020 : struct ldb_result *res;
1645 :
1646 28961012 : res = talloc_get_type(req->context, struct ldb_result);
1647 :
1648 28961012 : if (!ares) {
1649 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1650 : }
1651 28961012 : if (ares->error != LDB_SUCCESS) {
1652 388 : return ldb_request_done(req, ares->error);
1653 : }
1654 :
1655 28960624 : if (ares->type == LDB_REPLY_DONE) {
1656 :
1657 : /* TODO: we should really support controls on entries and referrals too! */
1658 28960624 : res->extended = talloc_move(res, &ares->response);
1659 28960624 : res->controls = talloc_move(res, &ares->controls);
1660 :
1661 28960624 : talloc_free(ares);
1662 28960624 : return ldb_request_done(req, LDB_SUCCESS);
1663 : }
1664 :
1665 0 : talloc_free(ares);
1666 0 : ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1667 0 : return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1668 : }
1669 :
1670 28965920 : int ldb_build_extended_req(struct ldb_request **ret_req,
1671 : struct ldb_context *ldb,
1672 : TALLOC_CTX *mem_ctx,
1673 : const char *oid,
1674 : void *data,
1675 : struct ldb_control **controls,
1676 : void *context,
1677 : ldb_request_callback_t callback,
1678 : struct ldb_request *parent)
1679 : {
1680 1264128 : struct ldb_request *req;
1681 :
1682 28965920 : *ret_req = NULL;
1683 :
1684 28965920 : req = ldb_build_req_common(mem_ctx, ldb, controls,
1685 : context, callback, parent);
1686 28965920 : if (req == NULL) {
1687 0 : ldb_set_errstring(ldb, "Out of Memory");
1688 0 : return LDB_ERR_OPERATIONS_ERROR;
1689 : }
1690 :
1691 28965920 : req->operation = LDB_EXTENDED;
1692 28965920 : req->op.extended.oid = oid;
1693 28965920 : req->op.extended.data = data;
1694 28965920 : *ret_req = req;
1695 28965920 : return LDB_SUCCESS;
1696 : }
1697 :
1698 1463749 : int ldb_extended(struct ldb_context *ldb,
1699 : const char *oid,
1700 : void *data,
1701 : struct ldb_result **_res)
1702 : {
1703 95593 : struct ldb_request *req;
1704 95593 : int ret;
1705 95593 : struct ldb_result *res;
1706 :
1707 1463749 : *_res = NULL;
1708 1463749 : req = NULL;
1709 :
1710 1463749 : res = talloc_zero(ldb, struct ldb_result);
1711 1463749 : if (!res) {
1712 0 : return LDB_ERR_OPERATIONS_ERROR;
1713 : }
1714 :
1715 1463749 : ret = ldb_build_extended_req(&req, ldb, ldb,
1716 : oid, data, NULL,
1717 : res, ldb_extended_default_callback,
1718 : NULL);
1719 1463749 : ldb_req_set_location(req, "ldb_extended");
1720 :
1721 1463749 : if (ret != LDB_SUCCESS) goto done;
1722 :
1723 1463749 : ldb_set_timeout(ldb, req, 0); /* use default timeout */
1724 :
1725 1463749 : ret = ldb_request(ldb, req);
1726 :
1727 1463749 : if (ret == LDB_SUCCESS) {
1728 1463743 : ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1729 : }
1730 :
1731 6 : done:
1732 1463749 : if (ret != LDB_SUCCESS) {
1733 388 : talloc_free(res);
1734 388 : res = NULL;
1735 : }
1736 :
1737 1463749 : talloc_free(req);
1738 :
1739 1463749 : *_res = res;
1740 1463749 : return ret;
1741 : }
1742 :
1743 : /*
1744 : note that ldb_search() will automatically replace a NULL 'base' value
1745 : with the defaultNamingContext from the rootDSE if available.
1746 : */
1747 7377878 : int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1748 : struct ldb_result **result, struct ldb_dn *base,
1749 : enum ldb_scope scope, const char * const *attrs,
1750 : const char *exp_fmt, ...)
1751 : {
1752 236740 : struct ldb_request *req;
1753 236740 : struct ldb_result *res;
1754 236740 : char *expression;
1755 236740 : va_list ap;
1756 236740 : int ret;
1757 :
1758 7377878 : expression = NULL;
1759 7377878 : *result = NULL;
1760 7377878 : req = NULL;
1761 :
1762 7377878 : res = talloc_zero(mem_ctx, struct ldb_result);
1763 7377878 : if (!res) {
1764 0 : return LDB_ERR_OPERATIONS_ERROR;
1765 : }
1766 :
1767 7377878 : if (exp_fmt) {
1768 4692601 : va_start(ap, exp_fmt);
1769 4692601 : expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1770 4692601 : va_end(ap);
1771 :
1772 4692601 : if (!expression) {
1773 0 : talloc_free(res);
1774 0 : return LDB_ERR_OPERATIONS_ERROR;
1775 : }
1776 : }
1777 :
1778 8942745 : ret = ldb_build_search_req(&req, ldb, mem_ctx,
1779 1564867 : base?base:ldb_get_default_basedn(ldb),
1780 : scope,
1781 : expression,
1782 : attrs,
1783 : NULL,
1784 : res,
1785 : ldb_search_default_callback,
1786 : NULL);
1787 7377878 : ldb_req_set_location(req, "ldb_search");
1788 :
1789 7377878 : if (ret != LDB_SUCCESS) goto done;
1790 :
1791 7377878 : ret = ldb_request(ldb, req);
1792 :
1793 7377878 : if (ret == LDB_SUCCESS) {
1794 7376898 : ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1795 : }
1796 :
1797 980 : done:
1798 7377878 : if (ret != LDB_SUCCESS) {
1799 316536 : talloc_free(res);
1800 316536 : res = NULL;
1801 : }
1802 :
1803 7377878 : talloc_free(expression);
1804 7377878 : talloc_free(req);
1805 :
1806 7377878 : *result = res;
1807 7377878 : return ret;
1808 : }
1809 :
1810 : /*
1811 : add a record to the database. Will fail if a record with the given class
1812 : and key already exists
1813 : */
1814 151033 : int ldb_add(struct ldb_context *ldb,
1815 : const struct ldb_message *message)
1816 : {
1817 9793 : struct ldb_request *req;
1818 9793 : int ret;
1819 :
1820 151033 : ret = ldb_msg_sanity_check(ldb, message);
1821 151033 : if (ret != LDB_SUCCESS) {
1822 0 : return ret;
1823 : }
1824 :
1825 151033 : ret = ldb_build_add_req(&req, ldb, ldb,
1826 : message,
1827 : NULL,
1828 : NULL,
1829 : ldb_op_default_callback,
1830 : NULL);
1831 151033 : ldb_req_set_location(req, "ldb_add");
1832 :
1833 151033 : if (ret != LDB_SUCCESS) return ret;
1834 :
1835 : /* do request and autostart a transaction */
1836 151033 : ret = ldb_autotransaction_request(ldb, req);
1837 :
1838 151033 : talloc_free(req);
1839 151033 : return ret;
1840 : }
1841 :
1842 : /*
1843 : modify the specified attributes of a record
1844 : */
1845 162336 : int ldb_modify(struct ldb_context *ldb,
1846 : const struct ldb_message *message)
1847 : {
1848 5252 : struct ldb_request *req;
1849 5252 : int ret;
1850 :
1851 162336 : ret = ldb_msg_sanity_check(ldb, message);
1852 162336 : if (ret != LDB_SUCCESS) {
1853 0 : return ret;
1854 : }
1855 :
1856 162336 : ret = ldb_build_mod_req(&req, ldb, ldb,
1857 : message,
1858 : NULL,
1859 : NULL,
1860 : ldb_op_default_callback,
1861 : NULL);
1862 162336 : ldb_req_set_location(req, "ldb_modify");
1863 :
1864 162336 : if (ret != LDB_SUCCESS) return ret;
1865 :
1866 : /* do request and autostart a transaction */
1867 162336 : ret = ldb_autotransaction_request(ldb, req);
1868 :
1869 162336 : talloc_free(req);
1870 162336 : return ret;
1871 : }
1872 :
1873 :
1874 : /*
1875 : delete a record from the database
1876 : */
1877 85040 : int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1878 : {
1879 3714 : struct ldb_request *req;
1880 3714 : int ret;
1881 :
1882 85040 : ret = ldb_build_del_req(&req, ldb, ldb,
1883 : dn,
1884 : NULL,
1885 : NULL,
1886 : ldb_op_default_callback,
1887 : NULL);
1888 85040 : ldb_req_set_location(req, "ldb_delete");
1889 :
1890 85040 : if (ret != LDB_SUCCESS) return ret;
1891 :
1892 : /* do request and autostart a transaction */
1893 85040 : ret = ldb_autotransaction_request(ldb, req);
1894 :
1895 85040 : talloc_free(req);
1896 85040 : return ret;
1897 : }
1898 :
1899 : /*
1900 : rename a record in the database
1901 : */
1902 145 : int ldb_rename(struct ldb_context *ldb,
1903 : struct ldb_dn *olddn, struct ldb_dn *newdn)
1904 : {
1905 134 : struct ldb_request *req;
1906 134 : int ret;
1907 :
1908 145 : ret = ldb_build_rename_req(&req, ldb, ldb,
1909 : olddn,
1910 : newdn,
1911 : NULL,
1912 : NULL,
1913 : ldb_op_default_callback,
1914 : NULL);
1915 145 : ldb_req_set_location(req, "ldb_rename");
1916 :
1917 145 : if (ret != LDB_SUCCESS) return ret;
1918 :
1919 : /* do request and autostart a transaction */
1920 145 : ret = ldb_autotransaction_request(ldb, req);
1921 :
1922 145 : talloc_free(req);
1923 145 : return ret;
1924 : }
1925 :
1926 :
1927 : /*
1928 : return the global sequence number
1929 : */
1930 1457902 : int ldb_sequence_number(struct ldb_context *ldb,
1931 : enum ldb_sequence_type type, uint64_t *seq_num)
1932 : {
1933 95593 : struct ldb_seqnum_request *seq;
1934 95593 : struct ldb_seqnum_result *seqr;
1935 95593 : struct ldb_result *res;
1936 95593 : TALLOC_CTX *tmp_ctx;
1937 95593 : int ret;
1938 :
1939 1457902 : *seq_num = 0;
1940 :
1941 1457902 : tmp_ctx = talloc_zero(ldb, struct ldb_request);
1942 1457902 : if (tmp_ctx == NULL) {
1943 0 : ldb_set_errstring(ldb, "Out of Memory");
1944 0 : return LDB_ERR_OPERATIONS_ERROR;
1945 : }
1946 1457902 : seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1947 1457902 : if (seq == NULL) {
1948 0 : ldb_set_errstring(ldb, "Out of Memory");
1949 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1950 0 : goto done;
1951 : }
1952 1457902 : seq->type = type;
1953 :
1954 1457902 : ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1955 1457902 : if (ret != LDB_SUCCESS) {
1956 315 : goto done;
1957 : }
1958 1457587 : talloc_steal(tmp_ctx, res);
1959 :
1960 1457587 : if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1961 0 : ldb_set_errstring(ldb, "Invalid OID in reply");
1962 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1963 0 : goto done;
1964 : }
1965 1457587 : seqr = talloc_get_type(res->extended->data,
1966 : struct ldb_seqnum_result);
1967 1457587 : *seq_num = seqr->seq_num;
1968 :
1969 1457902 : done:
1970 1457902 : talloc_free(tmp_ctx);
1971 1457902 : return ret;
1972 : }
1973 :
1974 : /*
1975 : return extended error information
1976 : */
1977 494983 : const char *ldb_errstring(struct ldb_context *ldb)
1978 : {
1979 494983 : return ldb->err_string;
1980 : }
1981 :
1982 : /*
1983 : return a string explaining what a ldb error constant means
1984 : */
1985 778634 : const char *ldb_strerror(int ldb_err)
1986 : {
1987 778634 : switch (ldb_err) {
1988 708698 : case LDB_SUCCESS:
1989 708698 : return "Success";
1990 221 : case LDB_ERR_OPERATIONS_ERROR:
1991 221 : return "Operations error";
1992 5 : case LDB_ERR_PROTOCOL_ERROR:
1993 5 : return "Protocol error";
1994 9 : case LDB_ERR_TIME_LIMIT_EXCEEDED:
1995 9 : return "Time limit exceeded";
1996 0 : case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1997 0 : return "Size limit exceeded";
1998 0 : case LDB_ERR_COMPARE_FALSE:
1999 0 : return "Compare false";
2000 0 : case LDB_ERR_COMPARE_TRUE:
2001 0 : return "Compare true";
2002 0 : case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
2003 0 : return "Auth method not supported";
2004 0 : case LDB_ERR_STRONG_AUTH_REQUIRED:
2005 0 : return "Strong auth required";
2006 : /* 9 RESERVED */
2007 8 : case LDB_ERR_REFERRAL:
2008 8 : return "Referral error";
2009 0 : case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
2010 0 : return "Admin limit exceeded";
2011 10 : case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
2012 10 : return "Unsupported critical extension";
2013 0 : case LDB_ERR_CONFIDENTIALITY_REQUIRED:
2014 0 : return "Confidentiality required";
2015 0 : case LDB_ERR_SASL_BIND_IN_PROGRESS:
2016 0 : return "SASL bind in progress";
2017 577 : case LDB_ERR_NO_SUCH_ATTRIBUTE:
2018 577 : return "No such attribute";
2019 2 : case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
2020 2 : return "Undefined attribute type";
2021 0 : case LDB_ERR_INAPPROPRIATE_MATCHING:
2022 0 : return "Inappropriate matching";
2023 4008 : case LDB_ERR_CONSTRAINT_VIOLATION:
2024 4008 : return "Constraint violation";
2025 131 : case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
2026 131 : return "Attribute or value exists";
2027 67 : case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
2028 67 : return "Invalid attribute syntax";
2029 : /* 22-31 unused */
2030 51098 : case LDB_ERR_NO_SUCH_OBJECT:
2031 51098 : return "No such object";
2032 0 : case LDB_ERR_ALIAS_PROBLEM:
2033 0 : return "Alias problem";
2034 188 : case LDB_ERR_INVALID_DN_SYNTAX:
2035 188 : return "Invalid DN syntax";
2036 : /* 35 RESERVED */
2037 0 : case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
2038 0 : return "Alias dereferencing problem";
2039 : /* 37-47 unused */
2040 0 : case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
2041 0 : return "Inappropriate authentication";
2042 0 : case LDB_ERR_INVALID_CREDENTIALS:
2043 0 : return "Invalid credentials";
2044 1833 : case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
2045 1833 : return "insufficient access rights";
2046 0 : case LDB_ERR_BUSY:
2047 0 : return "Busy";
2048 0 : case LDB_ERR_UNAVAILABLE:
2049 0 : return "Unavailable";
2050 538 : case LDB_ERR_UNWILLING_TO_PERFORM:
2051 538 : return "Unwilling to perform";
2052 0 : case LDB_ERR_LOOP_DETECT:
2053 0 : return "Loop detect";
2054 : /* 55-63 unused */
2055 5 : case LDB_ERR_NAMING_VIOLATION:
2056 5 : return "Naming violation";
2057 421 : case LDB_ERR_OBJECT_CLASS_VIOLATION:
2058 421 : return "Object class violation";
2059 26 : case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
2060 26 : return "Not allowed on non-leaf";
2061 2 : case LDB_ERR_NOT_ALLOWED_ON_RDN:
2062 2 : return "Not allowed on RDN";
2063 290 : case LDB_ERR_ENTRY_ALREADY_EXISTS:
2064 290 : return "Entry already exists";
2065 0 : case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
2066 0 : return "Object class mods prohibited";
2067 : /* 70 RESERVED FOR CLDAP */
2068 4 : case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
2069 4 : return "Affects multiple DSAs";
2070 : /* 72-79 unused */
2071 97 : case LDB_ERR_OTHER:
2072 97 : return "Other";
2073 : }
2074 :
2075 0 : return "Unknown error";
2076 : }
2077 :
2078 : /*
2079 : set backend specific opaque parameters
2080 : */
2081 443828442 : int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
2082 : {
2083 22211139 : struct ldb_opaque *o;
2084 :
2085 : /* allow updating an existing value */
2086 3931089576 : for (o=ldb->opaque;o;o=o->next) {
2087 3920449275 : if (strcmp(o->name, name) == 0) {
2088 433188141 : o->value = value;
2089 433188141 : return LDB_SUCCESS;
2090 : }
2091 : }
2092 :
2093 10640301 : o = talloc(ldb, struct ldb_opaque);
2094 10640301 : if (o == NULL) {
2095 0 : ldb_oom(ldb);
2096 0 : return LDB_ERR_OTHER;
2097 : }
2098 10640301 : o->next = ldb->opaque;
2099 10640301 : o->name = name;
2100 10640301 : o->value = value;
2101 10640301 : ldb->opaque = o;
2102 10640301 : return LDB_SUCCESS;
2103 : }
2104 :
2105 : /*
2106 : get a previously set opaque value
2107 : */
2108 1184810337 : void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
2109 : {
2110 63023195 : struct ldb_opaque *o;
2111 17435705639 : for (o=ldb->opaque;o;o=o->next) {
2112 17217013547 : if (strcmp(o->name, name) == 0) {
2113 966118245 : return o->value;
2114 : }
2115 : }
2116 207167323 : return NULL;
2117 : }
2118 :
2119 0 : int ldb_global_init(void)
2120 : {
2121 : /* Provided for compatibility with some older versions of ldb */
2122 0 : return 0;
2123 : }
2124 :
2125 : /* return the ldb flags */
2126 88042 : unsigned int ldb_get_flags(struct ldb_context *ldb)
2127 : {
2128 88042 : return ldb->flags;
2129 : }
2130 :
2131 : /* set the ldb flags */
2132 54685 : void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
2133 : {
2134 54685 : ldb->flags = flags;
2135 54685 : }
2136 :
2137 :
2138 : /*
2139 : set the location in a ldb request. Used for debugging
2140 : */
2141 569387832 : void ldb_req_set_location(struct ldb_request *req, const char *location)
2142 : {
2143 569387832 : if (req && req->handle) {
2144 569387832 : req->handle->location = location;
2145 : }
2146 569387832 : }
2147 :
2148 : /*
2149 : return the location set with dsdb_req_set_location
2150 : */
2151 0 : const char *ldb_req_location(struct ldb_request *req)
2152 : {
2153 0 : return req->handle->location;
2154 : }
2155 :
2156 : /**
2157 : mark a request as untrusted. This tells the rootdse module to remove
2158 : unregistered controls
2159 : */
2160 572035 : void ldb_req_mark_untrusted(struct ldb_request *req)
2161 : {
2162 572035 : req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
2163 572035 : }
2164 :
2165 : /**
2166 : mark a request as trusted.
2167 : */
2168 1474241 : void ldb_req_mark_trusted(struct ldb_request *req)
2169 : {
2170 1474241 : req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
2171 1474241 : }
2172 :
2173 : /**
2174 : set custom flags. Those flags are set by applications using ldb,
2175 : they are application dependent and the same bit can have different
2176 : meaning in different application.
2177 : */
2178 0 : void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
2179 : {
2180 0 : if (req != NULL && req->handle != NULL) {
2181 0 : req->handle->custom_flags = flags;
2182 : }
2183 0 : }
2184 :
2185 :
2186 : /**
2187 : get custom flags. Those flags are set by applications using ldb,
2188 : they are application dependent and the same bit can have different
2189 : meaning in different application.
2190 : */
2191 0 : uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
2192 : {
2193 0 : if (req != NULL && req->handle != NULL) {
2194 0 : return req->handle->custom_flags;
2195 : }
2196 :
2197 : /*
2198 : * 0 is not something any better or worse than
2199 : * anything else as req or the handle is NULL
2200 : */
2201 0 : return 0;
2202 : }
2203 :
2204 :
2205 : /**
2206 : * return true if a request is untrusted
2207 : */
2208 100972488 : bool ldb_req_is_untrusted(struct ldb_request *req)
2209 : {
2210 100972488 : return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
2211 : }
|
