1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
6
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
9 ** under the LGPL
10
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
15
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
20
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb core API
29 *
30 * Description: core API routines interfacing to ldb backends
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
37 #include "ldb.h"
38
ldb_context_destructor(void * ptr)39 static int ldb_context_destructor(void *ptr)
40 {
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 }
48
49 return 0;
50 }
51
52 /*
53 this is used to catch debug messages from events
54 */
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57
ldb_tevent_debug(void * context,enum tevent_debug_level level,const char * fmt,va_list ap)58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
60 {
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63
64 switch (level) {
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
67 break;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
70 break;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
73 break;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
76 break;
77 };
78
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
81 * want to show it */
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
83 }
84
85 /*
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
89 */
ldb_init(TALLOC_CTX * mem_ctx,struct tevent_context * ev_ctx)90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 {
92 struct ldb_context *ldb;
93 int ret;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
95
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
98 }
99
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
102 return NULL;
103 }
104
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
106 if (ldb == NULL) {
107 return NULL;
108 }
109
110 /* A new event context so that callers who don't want ldb
111 * operating on their global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 if (ev_ctx == NULL) {
116 talloc_free(ldb);
117 return NULL;
118 }
119 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 tevent_loop_allow_nesting(ev_ctx);
121 }
122
123 ret = ldb_setup_wellknown_attributes(ldb);
124 if (ret != LDB_SUCCESS) {
125 talloc_free(ldb);
126 return NULL;
127 }
128
129 ldb_set_utf8_default(ldb);
130 ldb_set_create_perms(ldb, 0666);
131 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
132 ldb_set_event_context(ldb, ev_ctx);
133 ret = ldb_register_extended_match_rules(ldb);
134 if (ret != LDB_SUCCESS) {
135 talloc_free(ldb);
136 return NULL;
137 }
138
139 /* TODO: get timeout from options if available there */
140 ldb->default_timeout = 300; /* set default to 5 minutes */
141
142 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
143
144 return ldb;
145 }
146
147 /*
148 try to autodetect a basedn if none specified. This fixes one of my
149 pet hates about ldapsearch, which is that you have to get a long,
150 complex basedn right to make any use of it.
151 */
ldb_set_default_dns(struct ldb_context * ldb)152 void ldb_set_default_dns(struct ldb_context *ldb)
153 {
154 TALLOC_CTX *tmp_ctx;
155 int ret;
156 struct ldb_result *res;
157 struct ldb_dn *tmp_dn=NULL;
158 static const char *attrs[] = {
159 "rootDomainNamingContext",
160 "configurationNamingContext",
161 "schemaNamingContext",
162 "defaultNamingContext",
163 NULL
164 };
165
166 tmp_ctx = talloc_new(ldb);
167 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
168 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
169 if (ret != LDB_SUCCESS) {
170 talloc_free(tmp_ctx);
171 return;
172 }
173
174 if (res->count != 1) {
175 talloc_free(tmp_ctx);
176 return;
177 }
178
179 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
180 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
181 "rootDomainNamingContext");
182 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
183 }
184
185 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
186 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
187 "configurationNamingContext");
188 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
189 }
190
191 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
192 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
193 "schemaNamingContext");
194 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
195 }
196
197 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
198 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
199 "defaultNamingContext");
200 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
201 }
202
203 talloc_free(tmp_ctx);
204 }
205
ldb_get_root_basedn(struct ldb_context * ldb)206 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
207 {
208 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
209 return talloc_get_type(opaque, struct ldb_dn);
210 }
211
ldb_get_config_basedn(struct ldb_context * ldb)212 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
213 {
214 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
215 return talloc_get_type(opaque, struct ldb_dn);
216 }
217
ldb_get_schema_basedn(struct ldb_context * ldb)218 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
219 {
220 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
221 return talloc_get_type(opaque, struct ldb_dn);
222 }
223
ldb_get_default_basedn(struct ldb_context * ldb)224 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
225 {
226 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
227 return talloc_get_type(opaque, struct ldb_dn);
228 }
229
230 /*
231 connect to a database. The URL can either be one of the following forms
232 ldb://path
233 ldapi://path
234
235 flags is made up of LDB_FLG_*
236
237 the options are passed uninterpreted to the backend, and are
238 backend specific
239 */
ldb_connect(struct ldb_context * ldb,const char * url,unsigned int flags,const char * options[])240 int ldb_connect(struct ldb_context *ldb, const char *url,
241 unsigned int flags, const char *options[])
242 {
243 int ret;
244 char *url2;
245 /* We seem to need to do this here, or else some utilities don't
246 * get ldb backends */
247
248 ldb->flags = flags;
249
250 url2 = talloc_strdup(ldb, url);
251 if (!url2) {
252 ldb_oom(ldb);
253 return LDB_ERR_OPERATIONS_ERROR;
254 }
255 ret = ldb_set_opaque(ldb, "ldb_url", url2);
256 if (ret != LDB_SUCCESS) {
257 return ret;
258 }
259
260 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
261 if (ret != LDB_SUCCESS) {
262 return ret;
263 }
264
265 ret = ldb_load_modules(ldb, options);
266 if (ret != LDB_SUCCESS) {
267 ldb_debug(ldb, LDB_DEBUG_FATAL,
268 "Unable to load modules for %s: %s",
269 url, ldb_errstring(ldb));
270 return ret;
271 }
272
273 /* set the default base dn */
274 ldb_set_default_dns(ldb);
275
276 return LDB_SUCCESS;
277 }
278
ldb_set_errstring(struct ldb_context * ldb,const char * err_string)279 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
280 {
281 ldb_asprintf_errstring(ldb, "%s", err_string);
282 }
283
ldb_asprintf_errstring(struct ldb_context * ldb,const char * format,...)284 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
285 {
286 va_list ap;
287 char *old_err_string = NULL;
288 if (ldb->err_string) {
289 old_err_string = ldb->err_string;
290 }
291
292 va_start(ap, format);
293 ldb->err_string = talloc_vasprintf(ldb, format, ap);
294 va_end(ap);
295
296 TALLOC_FREE(old_err_string);
297
298 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
299 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
300 ldb->err_string);
301 }
302 }
303
ldb_reset_err_string(struct ldb_context * ldb)304 void ldb_reset_err_string(struct ldb_context *ldb)
305 {
306 if (ldb->err_string) {
307 talloc_free(ldb->err_string);
308 ldb->err_string = NULL;
309 }
310 }
311
312
313
314 /*
315 set an ldb error based on file:line
316 */
ldb_error_at(struct ldb_context * ldb,int ecode,const char * reason,const char * file,int line)317 int ldb_error_at(struct ldb_context *ldb, int ecode,
318 const char *reason, const char *file, int line)
319 {
320 if (reason == NULL) {
321 reason = ldb_strerror(ecode);
322 }
323 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
324 return ecode;
325 }
326
327
328 #define FIRST_OP_NOERR(ldb, op) do { \
329 next_module = ldb->modules; \
330 while (next_module && next_module->ops->op == NULL) { \
331 next_module = next_module->next; \
332 }; \
333 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && next_module) { \
334 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
335 next_module->ops->name); \
336 } \
337 } while (0)
338
339 #define FIRST_OP(ldb, op) do { \
340 FIRST_OP_NOERR(ldb, op); \
341 if (next_module == NULL) { \
342 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
343 return LDB_ERR_OPERATIONS_ERROR; \
344 } \
345 } while (0)
346
347
348 /*
349 start a transaction
350 */
ldb_transaction_start(struct ldb_context * ldb)351 int ldb_transaction_start(struct ldb_context *ldb)
352 {
353 struct ldb_module *next_module;
354 int status;
355
356 ldb_debug(ldb, LDB_DEBUG_TRACE,
357 "start ldb transaction (nesting: %d)",
358 ldb->transaction_active);
359
360 /* explicit transaction active, count nested requests */
361 if (ldb->transaction_active) {
362 ldb->transaction_active++;
363 return LDB_SUCCESS;
364 }
365
366 /* start a new transaction */
367 ldb->transaction_active++;
368 ldb->prepare_commit_done = false;
369
370 FIRST_OP(ldb, start_transaction);
371
372 ldb_reset_err_string(ldb);
373
374 status = next_module->ops->start_transaction(next_module);
375 if (status != LDB_SUCCESS) {
376 if (ldb->err_string == NULL) {
377 /* no error string was setup by the backend */
378 ldb_asprintf_errstring(ldb,
379 "ldb transaction start: %s (%d)",
380 ldb_strerror(status),
381 status);
382 ldb->transaction_active--;
383 }
384 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
385 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
386 ldb_errstring(next_module->ldb));
387 }
388 } else {
389 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
390 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction success");
391 }
392 }
393 return status;
394 }
395
396 /*
397 prepare for transaction commit (first phase of two phase commit)
398 */
ldb_transaction_prepare_commit(struct ldb_context * ldb)399 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
400 {
401 struct ldb_module *next_module;
402 int status;
403
404 if (ldb->prepare_commit_done) {
405 return LDB_SUCCESS;
406 }
407
408 /* commit only when all nested transactions are complete */
409 if (ldb->transaction_active > 1) {
410 return LDB_SUCCESS;
411 }
412
413 ldb->prepare_commit_done = true;
414
415 if (ldb->transaction_active < 0) {
416 ldb_debug(ldb, LDB_DEBUG_FATAL,
417 "prepare commit called but no ldb transactions are active!");
418 ldb->transaction_active = 0;
419 return LDB_ERR_OPERATIONS_ERROR;
420 }
421
422 /* call prepare transaction if available */
423 FIRST_OP_NOERR(ldb, prepare_commit);
424 if (next_module == NULL) {
425 return LDB_SUCCESS;
426 }
427
428 ldb_reset_err_string(ldb);
429
430 status = next_module->ops->prepare_commit(next_module);
431 if (status != LDB_SUCCESS) {
432 ldb->transaction_active--;
433 /* if a next_module fails the prepare then we need
434 to call the end transaction for everyone */
435 FIRST_OP(ldb, del_transaction);
436 next_module->ops->del_transaction(next_module);
437 if (ldb->err_string == NULL) {
438 /* no error string was setup by the backend */
439 ldb_asprintf_errstring(ldb,
440 "ldb transaction prepare commit: %s (%d)",
441 ldb_strerror(status),
442 status);
443 }
444 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
445 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
446 ldb_errstring(next_module->ldb));
447 }
448 }
449
450 return status;
451 }
452
453
454 /*
455 commit a transaction
456 */
ldb_transaction_commit(struct ldb_context * ldb)457 int ldb_transaction_commit(struct ldb_context *ldb)
458 {
459 struct ldb_module *next_module;
460 int status;
461
462 status = ldb_transaction_prepare_commit(ldb);
463 if (status != LDB_SUCCESS) {
464 return status;
465 }
466
467 ldb->transaction_active--;
468
469 ldb_debug(ldb, LDB_DEBUG_TRACE,
470 "commit ldb transaction (nesting: %d)",
471 ldb->transaction_active);
472
473 /* commit only when all nested transactions are complete */
474 if (ldb->transaction_active > 0) {
475 return LDB_SUCCESS;
476 }
477
478 if (ldb->transaction_active < 0) {
479 ldb_debug(ldb, LDB_DEBUG_FATAL,
480 "commit called but no ldb transactions are active!");
481 ldb->transaction_active = 0;
482 return LDB_ERR_OPERATIONS_ERROR;
483 }
484
485 ldb_reset_err_string(ldb);
486
487 FIRST_OP(ldb, end_transaction);
488 status = next_module->ops->end_transaction(next_module);
489 if (status != LDB_SUCCESS) {
490 if (ldb->err_string == NULL) {
491 /* no error string was setup by the backend */
492 ldb_asprintf_errstring(ldb,
493 "ldb transaction commit: %s (%d)",
494 ldb_strerror(status),
495 status);
496 }
497 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
498 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
499 ldb_errstring(next_module->ldb));
500 }
501 }
502 return status;
503 }
504
505
506 /*
507 cancel a transaction
508 */
ldb_transaction_cancel(struct ldb_context * ldb)509 int ldb_transaction_cancel(struct ldb_context *ldb)
510 {
511 struct ldb_module *next_module;
512 int status;
513
514 ldb->transaction_active--;
515
516 ldb_debug(ldb, LDB_DEBUG_TRACE,
517 "cancel ldb transaction (nesting: %d)",
518 ldb->transaction_active);
519
520 /* really cancel only if all nested transactions are complete */
521 if (ldb->transaction_active > 0) {
522 return LDB_SUCCESS;
523 }
524
525 if (ldb->transaction_active < 0) {
526 ldb_debug(ldb, LDB_DEBUG_FATAL,
527 "cancel called but no ldb transactions are active!");
528 ldb->transaction_active = 0;
529 return LDB_ERR_OPERATIONS_ERROR;
530 }
531
532 FIRST_OP(ldb, del_transaction);
533
534 status = next_module->ops->del_transaction(next_module);
535 if (status != LDB_SUCCESS) {
536 if (ldb->err_string == NULL) {
537 /* no error string was setup by the backend */
538 ldb_asprintf_errstring(ldb,
539 "ldb transaction cancel: %s (%d)",
540 ldb_strerror(status),
541 status);
542 }
543 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
544 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
545 ldb_errstring(next_module->ldb));
546 }
547 }
548 return status;
549 }
550
551 /*
552 cancel a transaction with no error if no transaction is pending
553 used when we fork() to clear any parent transactions
554 */
ldb_transaction_cancel_noerr(struct ldb_context * ldb)555 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
556 {
557 if (ldb->transaction_active > 0) {
558 return ldb_transaction_cancel(ldb);
559 }
560 return LDB_SUCCESS;
561 }
562
563
564 /* autostarts a transaction if none active */
ldb_autotransaction_request(struct ldb_context * ldb,struct ldb_request * req)565 static int ldb_autotransaction_request(struct ldb_context *ldb,
566 struct ldb_request *req)
567 {
568 int ret;
569
570 ret = ldb_transaction_start(ldb);
571 if (ret != LDB_SUCCESS) {
572 return ret;
573 }
574
575 ret = ldb_request(ldb, req);
576 if (ret == LDB_SUCCESS) {
577 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
578 }
579
580 if (ret == LDB_SUCCESS) {
581 return ldb_transaction_commit(ldb);
582 }
583 ldb_transaction_cancel(ldb);
584
585 return ret;
586 }
587
ldb_wait(struct ldb_handle * handle,enum ldb_wait_type type)588 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
589 {
590 struct tevent_context *ev;
591 int ret;
592
593 if (handle == NULL) {
594 return LDB_ERR_UNAVAILABLE;
595 }
596
597 if (handle->state == LDB_ASYNC_DONE) {
598 if ((handle->status != LDB_SUCCESS) &&
599 (handle->ldb->err_string == NULL)) {
600 /* if no error string was setup by the backend */
601 ldb_asprintf_errstring(handle->ldb,
602 "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)",
603 handle->location,
604 ldb_strerror(handle->status),
605 handle->status);
606 }
607 return handle->status;
608 }
609
610 ev = ldb_handle_get_event_context(handle);
611 if (NULL == ev) {
612 return ldb_oom(handle->ldb);
613 }
614
615 switch (type) {
616 case LDB_WAIT_NONE:
617 ret = tevent_loop_once(ev);
618 if (ret != 0) {
619 return ldb_operr(handle->ldb);
620 }
621 if (handle->status == LDB_SUCCESS) {
622 return LDB_SUCCESS;
623 }
624 if (handle->ldb->err_string != NULL) {
625 return handle->status;
626 }
627 /*
628 * if no error string was setup by the backend
629 */
630 ldb_asprintf_errstring(handle->ldb,
631 "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)",
632 handle->location,
633 ldb_strerror(handle->status),
634 handle->status);
635 return handle->status;
636
637 case LDB_WAIT_ALL:
638 while (handle->state != LDB_ASYNC_DONE) {
639 ret = tevent_loop_once(ev);
640 if (ret != 0) {
641 return ldb_operr(handle->ldb);
642 }
643 if (handle->status != LDB_SUCCESS) {
644 if (handle->ldb->err_string != NULL) {
645 return handle->status;
646 }
647 /*
648 * if no error string was setup by the
649 * backend
650 */
651 ldb_asprintf_errstring(handle->ldb,
652 "ldb_wait from %s with "
653 "LDB_WAIT_ALL: %s (%d)",
654 handle->location,
655 ldb_strerror(handle->status),
656 handle->status);
657 return handle->status;
658 }
659 }
660 if (handle->status == LDB_SUCCESS) {
661 return LDB_SUCCESS;
662 }
663 if (handle->ldb->err_string != NULL) {
664 return handle->status;
665 }
666 /*
667 * if no error string was setup by the backend
668 */
669 ldb_asprintf_errstring(handle->ldb,
670 "ldb_wait from %s with LDB_WAIT_ALL,"
671 " LDB_ASYNC_DONE: %s (%d)",
672 handle->location,
673 ldb_strerror(handle->status),
674 handle->status);
675 return handle->status;
676 }
677
678 return LDB_SUCCESS;
679 }
680
681 /* set the specified timeout or, if timeout is 0 set the default timeout */
ldb_set_timeout(struct ldb_context * ldb,struct ldb_request * req,int timeout)682 int ldb_set_timeout(struct ldb_context *ldb,
683 struct ldb_request *req,
684 int timeout)
685 {
686 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
687
688 if (timeout != 0) {
689 req->timeout = timeout;
690 } else {
691 req->timeout = ldb->default_timeout;
692 }
693 req->starttime = time(NULL);
694
695 return LDB_SUCCESS;
696 }
697
698 /* calculates the new timeout based on the previous starttime and timeout */
ldb_set_timeout_from_prev_req(struct ldb_context * ldb,struct ldb_request * oldreq,struct ldb_request * newreq)699 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
700 struct ldb_request *oldreq,
701 struct ldb_request *newreq)
702 {
703 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
704
705 if (oldreq == NULL) {
706 return ldb_set_timeout(ldb, newreq, 0);
707 }
708
709 newreq->starttime = oldreq->starttime;
710 newreq->timeout = oldreq->timeout;
711
712 return LDB_SUCCESS;
713 }
714
715
ldb_handle_new(TALLOC_CTX * mem_ctx,struct ldb_context * ldb)716 struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
717 {
718 struct ldb_handle *h;
719
720 h = talloc_zero(mem_ctx, struct ldb_handle);
721 if (h == NULL) {
722 ldb_set_errstring(ldb, "Out of Memory");
723 return NULL;
724 }
725
726 h->status = LDB_SUCCESS;
727 h->state = LDB_ASYNC_INIT;
728 h->ldb = ldb;
729 h->flags = 0;
730 h->location = NULL;
731 h->parent = NULL;
732
733 if (h->ldb->require_private_event_context == true) {
734 h->event_context = tevent_context_init(h);
735 if (h->event_context == NULL) {
736 ldb_set_errstring(ldb,
737 "Out of Memory allocating "
738 "event context for new handle");
739 return NULL;
740 }
741 tevent_set_debug(h->event_context, ldb_tevent_debug, ldb);
742 tevent_loop_allow_nesting(h->event_context);
743 }
744
745 return h;
746 }
747
ldb_handle_new_child(TALLOC_CTX * mem_ctx,struct ldb_request * parent_req)748 static struct ldb_handle *ldb_handle_new_child(TALLOC_CTX *mem_ctx,
749 struct ldb_request *parent_req)
750 {
751 struct ldb_handle *h;
752
753 h = talloc_zero(mem_ctx, struct ldb_handle);
754 if (h == NULL) {
755 ldb_set_errstring(parent_req->handle->ldb,
756 "Out of Memory");
757 return NULL;
758 }
759
760 h->status = LDB_SUCCESS;
761 h->state = LDB_ASYNC_INIT;
762 h->ldb = parent_req->handle->ldb;
763 h->parent = parent_req;
764 h->nesting = parent_req->handle->nesting + 1;
765 h->flags = parent_req->handle->flags;
766 h->custom_flags = parent_req->handle->custom_flags;
767 h->event_context = parent_req->handle->event_context;
768
769 return h;
770 }
771
772 /*
773 set the permissions for new files to be passed to open() in
774 backends that use local files
775 */
ldb_set_create_perms(struct ldb_context * ldb,unsigned int perms)776 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
777 {
778 ldb->create_perms = perms;
779 }
780
ldb_get_create_perms(struct ldb_context * ldb)781 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
782 {
783 return ldb->create_perms;
784 }
785
ldb_set_event_context(struct ldb_context * ldb,struct tevent_context * ev)786 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
787 {
788 ldb->ev_ctx = ev;
789 }
790
ldb_get_event_context(struct ldb_context * ldb)791 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
792 {
793 return ldb->ev_ctx;
794 }
795
ldb_request_set_state(struct ldb_request * req,int state)796 void ldb_request_set_state(struct ldb_request *req, int state)
797 {
798 req->handle->state = state;
799 }
800
ldb_request_get_status(struct ldb_request * req)801 int ldb_request_get_status(struct ldb_request *req)
802 {
803 return req->handle->status;
804 }
805
806 /*
807 * This function obtains the private event context for the handle,
808 * which may have been created to avoid nested event loops during
809 * ldb_tdb with the locks held
810 */
ldb_handle_get_event_context(struct ldb_handle * handle)811 struct tevent_context *ldb_handle_get_event_context(struct ldb_handle *handle)
812 {
813 if (handle->event_context != NULL) {
814 return handle->event_context;
815 }
816 return ldb_get_event_context(handle->ldb);
817 }
818
819 /*
820 * This function forces a specific ldb handle to use the global event
821 * context. This allows a nested event loop to operate, so any open
822 * transaction also needs to be aborted.
823 *
824 * Any events on this event context will be lost
825 *
826 * This is used in Samba when sending an IRPC to another part of the
827 * same process instead of making a local DB modification.
828 */
ldb_handle_use_global_event_context(struct ldb_handle * handle)829 void ldb_handle_use_global_event_context(struct ldb_handle *handle)
830 {
831 TALLOC_FREE(handle->event_context);
832 }
833
ldb_set_require_private_event_context(struct ldb_context * ldb)834 void ldb_set_require_private_event_context(struct ldb_context *ldb)
835 {
836 ldb->require_private_event_context = true;
837 }
838
839 /*
840 trace a ldb request
841 */
ldb_trace_request(struct ldb_context * ldb,struct ldb_request * req)842 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
843 {
844 TALLOC_CTX *tmp_ctx = talloc_new(req);
845 unsigned int i;
846 struct ldb_ldif ldif;
847
848 switch (req->operation) {
849 case LDB_SEARCH:
850 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
851 ldb_debug_add(ldb, " dn: %s\n",
852 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
853 ldb_dn_get_linearized(req->op.search.base));
854 ldb_debug_add(ldb, " scope: %s\n",
855 req->op.search.scope==LDB_SCOPE_BASE?"base":
856 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
857 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
858 ldb_debug_add(ldb, " expr: %s\n",
859 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
860 if (req->op.search.attrs == NULL) {
861 ldb_debug_add(ldb, " attr: <ALL>\n");
862 } else {
863 for (i=0; req->op.search.attrs[i]; i++) {
864 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
865 }
866 }
867 break;
868 case LDB_DELETE:
869 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
870 ldb_debug_add(ldb, " dn: %s\n",
871 ldb_dn_get_linearized(req->op.del.dn));
872 break;
873 case LDB_RENAME:
874 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
875 ldb_debug_add(ldb, " olddn: %s\n",
876 ldb_dn_get_linearized(req->op.rename.olddn));
877 ldb_debug_add(ldb, " newdn: %s\n",
878 ldb_dn_get_linearized(req->op.rename.newdn));
879 break;
880 case LDB_EXTENDED:
881 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
882 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
883 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
884 break;
885 case LDB_ADD:
886 ldif.changetype = LDB_CHANGETYPE_ADD;
887 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
888
889 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
890
891 /*
892 * The choice to call
893 * ldb_ldif_write_redacted_trace_string() is CRITICAL
894 * for security. It ensures that we do not output
895 * passwords into debug logs
896 */
897
898 ldb_debug_add(req->handle->ldb, "%s\n",
899 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
900 break;
901 case LDB_MODIFY:
902 ldif.changetype = LDB_CHANGETYPE_MODIFY;
903 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
904
905 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
906
907 /*
908 * The choice to call
909 * ldb_ldif_write_redacted_trace_string() is CRITICAL
910 * for security. It ensures that we do not output
911 * passwords into debug logs
912 */
913
914 ldb_debug_add(req->handle->ldb, "%s\n",
915 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
916 break;
917 case LDB_REQ_REGISTER_CONTROL:
918 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
919 ldb_debug_add(req->handle->ldb, "%s\n",
920 req->op.reg_control.oid);
921 break;
922 case LDB_REQ_REGISTER_PARTITION:
923 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
924 ldb_debug_add(req->handle->ldb, "%s\n",
925 ldb_dn_get_linearized(req->op.reg_partition.dn));
926 break;
927 default:
928 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
929 req->operation);
930 break;
931 }
932
933 if (req->controls == NULL) {
934 ldb_debug_add(ldb, " control: <NONE>\n");
935 } else {
936 for (i=0; req->controls && req->controls[i]; i++) {
937 if (req->controls[i]->oid) {
938 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
939 req->controls[i]->oid,
940 req->controls[i]->critical,
941 req->controls[i]->data?"yes":"no");
942 }
943 }
944 }
945
946 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
947
948 talloc_free(tmp_ctx);
949 }
950
951 /*
952 check that the element flags don't have any internal bits set
953 */
ldb_msg_check_element_flags(struct ldb_context * ldb,const struct ldb_message * message)954 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
955 const struct ldb_message *message)
956 {
957 unsigned i;
958 for (i=0; i<message->num_elements; i++) {
959 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
960 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
961 message->elements[i].flags, message->elements[i].name,
962 ldb_dn_get_linearized(message->dn));
963 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
964 }
965 }
966 return LDB_SUCCESS;
967 }
968
969 /*
970 * This context allows us to make the unlock be a talloc destructor
971 *
972 * This ensures that a request started, but not waited on, will still
973 * unlock.
974 */
975 struct ldb_db_lock_context {
976 struct ldb_request *req;
977 struct ldb_context *ldb;
978 };
979
980 /*
981 * We have to have a the unlock on a destructor so that we unlock the
982 * DB if a caller calls talloc_free(req). We trust that the ldb
983 * context has not already gone away.
984 */
ldb_db_lock_destructor(struct ldb_db_lock_context * lock_context)985 static int ldb_db_lock_destructor(struct ldb_db_lock_context *lock_context)
986 {
987 int ret;
988 struct ldb_module *next_module;
989 FIRST_OP_NOERR(lock_context->ldb, read_unlock);
990 if (next_module != NULL) {
991 ret = next_module->ops->read_unlock(next_module);
992 } else {
993 ret = LDB_SUCCESS;
994 }
995
996 if (ret != LDB_SUCCESS) {
997 ldb_debug(lock_context->ldb,
998 LDB_DEBUG_FATAL,
999 "Failed to unlock db: %s / %s",
1000 ldb_errstring(lock_context->ldb),
1001 ldb_strerror(ret));
1002 }
1003 return 0;
1004 }
1005
ldb_lock_backend_callback(struct ldb_request * req,struct ldb_reply * ares)1006 static int ldb_lock_backend_callback(struct ldb_request *req,
1007 struct ldb_reply *ares)
1008 {
1009 struct ldb_db_lock_context *lock_context;
1010 int ret;
1011
1012 lock_context = talloc_get_type(req->context,
1013 struct ldb_db_lock_context);
1014
1015 if (!ares) {
1016 return ldb_module_done(lock_context->req, NULL, NULL,
1017 LDB_ERR_OPERATIONS_ERROR);
1018 }
1019 if (ares->error != LDB_SUCCESS || ares->type == LDB_REPLY_DONE) {
1020 ret = ldb_module_done(lock_context->req, ares->controls,
1021 ares->response, ares->error);
1022 /*
1023 * If this is a LDB_REPLY_DONE or an error, unlock the
1024 * DB by calling the destructor on this context
1025 */
1026 talloc_free(lock_context);
1027 return ret;
1028 }
1029
1030 /* Otherwise pass on the callback */
1031 switch (ares->type) {
1032 case LDB_REPLY_ENTRY:
1033 return ldb_module_send_entry(lock_context->req, ares->message,
1034 ares->controls);
1035
1036 case LDB_REPLY_REFERRAL:
1037 return ldb_module_send_referral(lock_context->req,
1038 ares->referral);
1039 default:
1040 /* Can't happen */
1041 return LDB_ERR_OPERATIONS_ERROR;
1042 }
1043 }
1044
1045 /*
1046 * Do an ldb_search() with a lock held, but release it if the request
1047 * is freed with talloc_free()
1048 */
lock_search(struct ldb_module * lock_module,struct ldb_request * req)1049 static int lock_search(struct ldb_module *lock_module, struct ldb_request *req)
1050 {
1051 /* Used in FIRST_OP_NOERR to find where to send the lock request */
1052 struct ldb_module *next_module = NULL;
1053 struct ldb_request *down_req = NULL;
1054 struct ldb_db_lock_context *lock_context;
1055 struct ldb_context *ldb = ldb_module_get_ctx(lock_module);
1056 int ret;
1057
1058 lock_context = talloc(req, struct ldb_db_lock_context);
1059 if (lock_context == NULL) {
1060 return ldb_oom(ldb);
1061 }
1062
1063 lock_context->ldb = ldb;
1064 lock_context->req = req;
1065
1066 ret = ldb_build_search_req_ex(&down_req, ldb, req,
1067 req->op.search.base,
1068 req->op.search.scope,
1069 req->op.search.tree,
1070 req->op.search.attrs,
1071 req->controls,
1072 lock_context,
1073 ldb_lock_backend_callback,
1074 req);
1075 LDB_REQ_SET_LOCATION(down_req);
1076 if (ret != LDB_SUCCESS) {
1077 return ret;
1078 }
1079
1080 /* call DB lock */
1081 FIRST_OP_NOERR(ldb, read_lock);
1082 if (next_module != NULL) {
1083 ret = next_module->ops->read_lock(next_module);
1084 } else {
1085 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1086 }
1087
1088 if (ret == LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION) {
1089 /* We might be talking LDAP */
1090 ldb_reset_err_string(ldb);
1091 ret = 0;
1092 TALLOC_FREE(lock_context);
1093
1094 return ldb_next_request(lock_module, req);
1095 } else if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1096 /* if no error string was setup by the backend */
1097 ldb_asprintf_errstring(ldb, "Failed to get DB lock: %s (%d)",
1098 ldb_strerror(ret), ret);
1099 } else {
1100 talloc_set_destructor(lock_context, ldb_db_lock_destructor);
1101 }
1102
1103 if (ret != LDB_SUCCESS) {
1104 return ret;
1105 }
1106
1107 return ldb_next_request(lock_module, down_req);
1108 }
1109
1110 /*
1111 start an ldb request
1112 NOTE: the request must be a talloc context.
1113 returns LDB_ERR_* on errors.
1114 */
ldb_request(struct ldb_context * ldb,struct ldb_request * req)1115 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
1116 {
1117 struct ldb_module *next_module;
1118 int ret;
1119
1120 if (req->callback == NULL) {
1121 ldb_set_errstring(ldb, "Requests MUST define callbacks");
1122 return LDB_ERR_UNWILLING_TO_PERFORM;
1123 }
1124
1125 ldb_reset_err_string(ldb);
1126
1127 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
1128 ldb_trace_request(ldb, req);
1129 }
1130
1131 /* call the first module in the chain */
1132 switch (req->operation) {
1133 case LDB_SEARCH:
1134 {
1135 /*
1136 * A fake module to allow ldb_next_request() to be
1137 * re-used and to keep the locking out of this function.
1138 */
1139 static const struct ldb_module_ops lock_module_ops = {
1140 .name = "lock_searches",
1141 .search = lock_search
1142 };
1143 struct ldb_module lock_module = {
1144 .ldb = ldb,
1145 .next = ldb->modules,
1146 .ops = &lock_module_ops
1147 };
1148 next_module = &lock_module;
1149
1150 /* due to "ldb_build_search_req" base DN always != NULL */
1151 if (!ldb_dn_validate(req->op.search.base)) {
1152 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
1153 ldb_dn_get_linearized(req->op.search.base));
1154 return LDB_ERR_INVALID_DN_SYNTAX;
1155 }
1156
1157 ret = next_module->ops->search(next_module, req);
1158 break;
1159 }
1160 case LDB_ADD:
1161 if (!ldb_dn_validate(req->op.add.message->dn)) {
1162 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
1163 ldb_dn_get_linearized(req->op.add.message->dn));
1164 return LDB_ERR_INVALID_DN_SYNTAX;
1165 }
1166 /*
1167 * we have to normalize here, as so many places
1168 * in modules and backends assume we don't have two
1169 * elements with the same name
1170 */
1171 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
1172 discard_const(&req->op.add.message));
1173 if (ret != LDB_SUCCESS) {
1174 ldb_oom(ldb);
1175 return ret;
1176 }
1177 FIRST_OP(ldb, add);
1178 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
1179 if (ret != LDB_SUCCESS) {
1180 /*
1181 * "ldb_msg_check_element_flags" generates an error
1182 * string
1183 */
1184 return ret;
1185 }
1186 ret = next_module->ops->add(next_module, req);
1187 break;
1188 case LDB_MODIFY:
1189 if (!ldb_dn_validate(req->op.mod.message->dn)) {
1190 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
1191 ldb_dn_get_linearized(req->op.mod.message->dn));
1192 return LDB_ERR_INVALID_DN_SYNTAX;
1193 }
1194 FIRST_OP(ldb, modify);
1195 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
1196 if (ret != LDB_SUCCESS) {
1197 /*
1198 * "ldb_msg_check_element_flags" generates an error
1199 * string
1200 */
1201 return ret;
1202 }
1203 ret = next_module->ops->modify(next_module, req);
1204 break;
1205 case LDB_DELETE:
1206 if (!ldb_dn_validate(req->op.del.dn)) {
1207 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
1208 ldb_dn_get_linearized(req->op.del.dn));
1209 return LDB_ERR_INVALID_DN_SYNTAX;
1210 }
1211 FIRST_OP(ldb, del);
1212 ret = next_module->ops->del(next_module, req);
1213 break;
1214 case LDB_RENAME:
1215 if (!ldb_dn_validate(req->op.rename.olddn)) {
1216 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
1217 ldb_dn_get_linearized(req->op.rename.olddn));
1218 return LDB_ERR_INVALID_DN_SYNTAX;
1219 }
1220 if (!ldb_dn_validate(req->op.rename.newdn)) {
1221 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
1222 ldb_dn_get_linearized(req->op.rename.newdn));
1223 return LDB_ERR_INVALID_DN_SYNTAX;
1224 }
1225 FIRST_OP(ldb, rename);
1226 ret = next_module->ops->rename(next_module, req);
1227 break;
1228 case LDB_EXTENDED:
1229 FIRST_OP(ldb, extended);
1230 ret = next_module->ops->extended(next_module, req);
1231 break;
1232 default:
1233 FIRST_OP(ldb, request);
1234 ret = next_module->ops->request(next_module, req);
1235 break;
1236 }
1237
1238 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1239 /* if no error string was setup by the backend */
1240 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
1241 ldb_strerror(ret), ret);
1242 }
1243
1244 return ret;
1245 }
1246
ldb_request_done(struct ldb_request * req,int status)1247 int ldb_request_done(struct ldb_request *req, int status)
1248 {
1249 req->handle->state = LDB_ASYNC_DONE;
1250 req->handle->status = status;
1251 return status;
1252 }
1253
1254 /*
1255 search the database given a LDAP-like search expression
1256
1257 returns an LDB error code
1258
1259 Use talloc_free to free the ldb_message returned in 'res', if successful
1260
1261 */
ldb_search_default_callback(struct ldb_request * req,struct ldb_reply * ares)1262 int ldb_search_default_callback(struct ldb_request *req,
1263 struct ldb_reply *ares)
1264 {
1265 struct ldb_result *res;
1266 unsigned int n;
1267
1268 res = talloc_get_type(req->context, struct ldb_result);
1269
1270 if (!ares) {
1271 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1272 }
1273 if (ares->error != LDB_SUCCESS) {
1274 return ldb_request_done(req, ares->error);
1275 }
1276
1277 switch (ares->type) {
1278 case LDB_REPLY_ENTRY:
1279 res->msgs = talloc_realloc(res, res->msgs,
1280 struct ldb_message *, res->count + 2);
1281 if (! res->msgs) {
1282 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1283 }
1284
1285 res->msgs[res->count + 1] = NULL;
1286
1287 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1288 res->count++;
1289 break;
1290
1291 case LDB_REPLY_REFERRAL:
1292 if (res->refs) {
1293 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1294 } else {
1295 n = 0;
1296 }
1297
1298 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1299 if (! res->refs) {
1300 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1301 }
1302
1303 res->refs[n] = talloc_move(res->refs, &ares->referral);
1304 res->refs[n + 1] = NULL;
1305 break;
1306
1307 case LDB_REPLY_DONE:
1308 /* TODO: we should really support controls on entries
1309 * and referrals too! */
1310 res->controls = talloc_move(res, &ares->controls);
1311
1312 /* this is the last message, and means the request is done */
1313 /* we have to signal and eventual ldb_wait() waiting that the
1314 * async request operation was completed */
1315 talloc_free(ares);
1316 return ldb_request_done(req, LDB_SUCCESS);
1317 }
1318
1319 talloc_free(ares);
1320
1321 return LDB_SUCCESS;
1322 }
1323
ldb_modify_default_callback(struct ldb_request * req,struct ldb_reply * ares)1324 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1325 {
1326 struct ldb_result *res;
1327 unsigned int n;
1328 int ret;
1329
1330 res = talloc_get_type(req->context, struct ldb_result);
1331
1332 if (!ares) {
1333 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1334 }
1335
1336 if (ares->error != LDB_SUCCESS) {
1337 ret = ares->error;
1338 talloc_free(ares);
1339 return ldb_request_done(req, ret);
1340 }
1341
1342 switch (ares->type) {
1343 case LDB_REPLY_REFERRAL:
1344 if (res->refs) {
1345 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1346 } else {
1347 n = 0;
1348 }
1349
1350 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1351 if (! res->refs) {
1352 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1353 }
1354
1355 res->refs[n] = talloc_move(res->refs, &ares->referral);
1356 res->refs[n + 1] = NULL;
1357 break;
1358
1359 case LDB_REPLY_DONE:
1360 talloc_free(ares);
1361 return ldb_request_done(req, LDB_SUCCESS);
1362 default:
1363 talloc_free(ares);
1364 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1365 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1366 }
1367
1368 talloc_free(ares);
1369 return ldb_request_done(req, LDB_SUCCESS);
1370 }
1371
ldb_op_default_callback(struct ldb_request * req,struct ldb_reply * ares)1372 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1373 {
1374 int ret;
1375
1376 if (!ares) {
1377 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1378 }
1379
1380 if (ares->error != LDB_SUCCESS) {
1381 ret = ares->error;
1382 talloc_free(ares);
1383 return ldb_request_done(req, ret);
1384 }
1385
1386 if (ares->type != LDB_REPLY_DONE) {
1387 talloc_free(ares);
1388 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1389 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1390 }
1391
1392 talloc_free(ares);
1393 return ldb_request_done(req, LDB_SUCCESS);
1394 }
1395
ldb_build_req_common(TALLOC_CTX * mem_ctx,struct ldb_context * ldb,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1396 static struct ldb_request *ldb_build_req_common(TALLOC_CTX *mem_ctx,
1397 struct ldb_context *ldb,
1398 struct ldb_control **controls,
1399 void *context,
1400 ldb_request_callback_t callback,
1401 struct ldb_request *parent)
1402 {
1403 struct ldb_request *req = NULL;
1404
1405 req = talloc_zero(mem_ctx, struct ldb_request);
1406 if (req == NULL) {
1407 return NULL;
1408 }
1409 req->controls = controls;
1410 req->context = context;
1411 req->callback = callback;
1412
1413 ldb_set_timeout_from_prev_req(ldb, parent, req);
1414
1415 if (parent != NULL) {
1416 req->handle = ldb_handle_new_child(req, parent);
1417 if (req->handle == NULL) {
1418 TALLOC_FREE(req);
1419 return NULL;
1420 }
1421 } else {
1422 req->handle = ldb_handle_new(req, ldb);
1423 if (req->handle == NULL) {
1424 TALLOC_FREE(req);
1425 return NULL;
1426 }
1427 }
1428
1429 return req;
1430 }
1431
ldb_build_search_req_ex(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,struct ldb_dn * base,enum ldb_scope scope,struct ldb_parse_tree * tree,const char * const * attrs,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1432 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1433 struct ldb_context *ldb,
1434 TALLOC_CTX *mem_ctx,
1435 struct ldb_dn *base,
1436 enum ldb_scope scope,
1437 struct ldb_parse_tree *tree,
1438 const char * const *attrs,
1439 struct ldb_control **controls,
1440 void *context,
1441 ldb_request_callback_t callback,
1442 struct ldb_request *parent)
1443 {
1444 struct ldb_request *req;
1445
1446 *ret_req = NULL;
1447
1448 req = ldb_build_req_common(mem_ctx, ldb, controls,
1449 context, callback, parent);
1450 if (req == NULL) {
1451 ldb_oom(ldb);
1452 return LDB_ERR_OPERATIONS_ERROR;
1453 }
1454
1455 req->operation = LDB_SEARCH;
1456 if (base == NULL) {
1457 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1458 } else {
1459 req->op.search.base = base;
1460 }
1461 req->op.search.scope = scope;
1462
1463 req->op.search.tree = tree;
1464 if (req->op.search.tree == NULL) {
1465 ldb_set_errstring(ldb, "'tree' can't be NULL");
1466 talloc_free(req);
1467 return LDB_ERR_OPERATIONS_ERROR;
1468 }
1469
1470 req->op.search.attrs = attrs;
1471 *ret_req = req;
1472 return LDB_SUCCESS;
1473 }
1474
ldb_build_search_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,struct ldb_dn * base,enum ldb_scope scope,const char * expression,const char * const * attrs,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1475 int ldb_build_search_req(struct ldb_request **ret_req,
1476 struct ldb_context *ldb,
1477 TALLOC_CTX *mem_ctx,
1478 struct ldb_dn *base,
1479 enum ldb_scope scope,
1480 const char *expression,
1481 const char * const *attrs,
1482 struct ldb_control **controls,
1483 void *context,
1484 ldb_request_callback_t callback,
1485 struct ldb_request *parent)
1486 {
1487 struct ldb_parse_tree *tree;
1488 int ret;
1489
1490 tree = ldb_parse_tree(mem_ctx, expression);
1491 if (tree == NULL) {
1492 ldb_set_errstring(ldb, "Unable to parse search expression");
1493 return LDB_ERR_OPERATIONS_ERROR;
1494 }
1495
1496 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1497 scope, tree, attrs, controls,
1498 context, callback, parent);
1499 if (ret == LDB_SUCCESS) {
1500 talloc_steal(*ret_req, tree);
1501 }
1502 return ret;
1503 }
1504
ldb_build_add_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,const struct ldb_message * message,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1505 int ldb_build_add_req(struct ldb_request **ret_req,
1506 struct ldb_context *ldb,
1507 TALLOC_CTX *mem_ctx,
1508 const struct ldb_message *message,
1509 struct ldb_control **controls,
1510 void *context,
1511 ldb_request_callback_t callback,
1512 struct ldb_request *parent)
1513 {
1514 struct ldb_request *req;
1515
1516 *ret_req = NULL;
1517
1518 req = ldb_build_req_common(mem_ctx, ldb, controls,
1519 context, callback, parent);
1520 if (req == NULL) {
1521 ldb_set_errstring(ldb, "Out of Memory");
1522 return LDB_ERR_OPERATIONS_ERROR;
1523 }
1524
1525 req->operation = LDB_ADD;
1526 req->op.add.message = message;
1527 *ret_req = req;
1528 return LDB_SUCCESS;
1529 }
1530
ldb_build_mod_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,const struct ldb_message * message,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1531 int ldb_build_mod_req(struct ldb_request **ret_req,
1532 struct ldb_context *ldb,
1533 TALLOC_CTX *mem_ctx,
1534 const struct ldb_message *message,
1535 struct ldb_control **controls,
1536 void *context,
1537 ldb_request_callback_t callback,
1538 struct ldb_request *parent)
1539 {
1540 struct ldb_request *req;
1541
1542 *ret_req = NULL;
1543
1544 req = ldb_build_req_common(mem_ctx, ldb, controls,
1545 context, callback, parent);
1546 if (req == NULL) {
1547 ldb_set_errstring(ldb, "Out of Memory");
1548 return LDB_ERR_OPERATIONS_ERROR;
1549 }
1550
1551 req->operation = LDB_MODIFY;
1552 req->op.mod.message = message;
1553
1554 *ret_req = req;
1555 return LDB_SUCCESS;
1556 }
1557
ldb_build_del_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,struct ldb_dn * dn,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1558 int ldb_build_del_req(struct ldb_request **ret_req,
1559 struct ldb_context *ldb,
1560 TALLOC_CTX *mem_ctx,
1561 struct ldb_dn *dn,
1562 struct ldb_control **controls,
1563 void *context,
1564 ldb_request_callback_t callback,
1565 struct ldb_request *parent)
1566 {
1567 struct ldb_request *req;
1568
1569 *ret_req = NULL;
1570
1571 req = ldb_build_req_common(mem_ctx, ldb, controls,
1572 context, callback, parent);
1573 if (req == NULL) {
1574 ldb_set_errstring(ldb, "Out of Memory");
1575 return LDB_ERR_OPERATIONS_ERROR;
1576 }
1577
1578 req->operation = LDB_DELETE;
1579 req->op.del.dn = dn;
1580 *ret_req = req;
1581 return LDB_SUCCESS;
1582 }
1583
ldb_build_rename_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,struct ldb_dn * olddn,struct ldb_dn * newdn,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1584 int ldb_build_rename_req(struct ldb_request **ret_req,
1585 struct ldb_context *ldb,
1586 TALLOC_CTX *mem_ctx,
1587 struct ldb_dn *olddn,
1588 struct ldb_dn *newdn,
1589 struct ldb_control **controls,
1590 void *context,
1591 ldb_request_callback_t callback,
1592 struct ldb_request *parent)
1593 {
1594 struct ldb_request *req;
1595
1596 *ret_req = NULL;
1597
1598 req = ldb_build_req_common(mem_ctx, ldb, controls,
1599 context, callback, parent);
1600 if (req == NULL) {
1601 ldb_set_errstring(ldb, "Out of Memory");
1602 return LDB_ERR_OPERATIONS_ERROR;
1603 }
1604
1605 req->operation = LDB_RENAME;
1606 req->op.rename.olddn = olddn;
1607 req->op.rename.newdn = newdn;
1608 *ret_req = req;
1609 return LDB_SUCCESS;
1610 }
1611
ldb_extended_default_callback(struct ldb_request * req,struct ldb_reply * ares)1612 int ldb_extended_default_callback(struct ldb_request *req,
1613 struct ldb_reply *ares)
1614 {
1615 struct ldb_result *res;
1616
1617 res = talloc_get_type(req->context, struct ldb_result);
1618
1619 if (!ares) {
1620 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1621 }
1622 if (ares->error != LDB_SUCCESS) {
1623 return ldb_request_done(req, ares->error);
1624 }
1625
1626 if (ares->type == LDB_REPLY_DONE) {
1627
1628 /* TODO: we should really support controls on entries and referrals too! */
1629 res->extended = talloc_move(res, &ares->response);
1630 res->controls = talloc_move(res, &ares->controls);
1631
1632 talloc_free(ares);
1633 return ldb_request_done(req, LDB_SUCCESS);
1634 }
1635
1636 talloc_free(ares);
1637 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1638 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1639 }
1640
ldb_build_extended_req(struct ldb_request ** ret_req,struct ldb_context * ldb,TALLOC_CTX * mem_ctx,const char * oid,void * data,struct ldb_control ** controls,void * context,ldb_request_callback_t callback,struct ldb_request * parent)1641 int ldb_build_extended_req(struct ldb_request **ret_req,
1642 struct ldb_context *ldb,
1643 TALLOC_CTX *mem_ctx,
1644 const char *oid,
1645 void *data,
1646 struct ldb_control **controls,
1647 void *context,
1648 ldb_request_callback_t callback,
1649 struct ldb_request *parent)
1650 {
1651 struct ldb_request *req;
1652
1653 *ret_req = NULL;
1654
1655 req = ldb_build_req_common(mem_ctx, ldb, controls,
1656 context, callback, parent);
1657 if (req == NULL) {
1658 ldb_set_errstring(ldb, "Out of Memory");
1659 return LDB_ERR_OPERATIONS_ERROR;
1660 }
1661
1662 req->operation = LDB_EXTENDED;
1663 req->op.extended.oid = oid;
1664 req->op.extended.data = data;
1665 *ret_req = req;
1666 return LDB_SUCCESS;
1667 }
1668
ldb_extended(struct ldb_context * ldb,const char * oid,void * data,struct ldb_result ** _res)1669 int ldb_extended(struct ldb_context *ldb,
1670 const char *oid,
1671 void *data,
1672 struct ldb_result **_res)
1673 {
1674 struct ldb_request *req;
1675 int ret;
1676 struct ldb_result *res;
1677
1678 *_res = NULL;
1679 req = NULL;
1680
1681 res = talloc_zero(ldb, struct ldb_result);
1682 if (!res) {
1683 return LDB_ERR_OPERATIONS_ERROR;
1684 }
1685
1686 ret = ldb_build_extended_req(&req, ldb, ldb,
1687 oid, data, NULL,
1688 res, ldb_extended_default_callback,
1689 NULL);
1690 ldb_req_set_location(req, "ldb_extended");
1691
1692 if (ret != LDB_SUCCESS) goto done;
1693
1694 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1695
1696 ret = ldb_request(ldb, req);
1697
1698 if (ret == LDB_SUCCESS) {
1699 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1700 }
1701
1702 done:
1703 if (ret != LDB_SUCCESS) {
1704 talloc_free(res);
1705 res = NULL;
1706 }
1707
1708 talloc_free(req);
1709
1710 *_res = res;
1711 return ret;
1712 }
1713
1714 /*
1715 note that ldb_search() will automatically replace a NULL 'base' value
1716 with the defaultNamingContext from the rootDSE if available.
1717 */
ldb_search(struct ldb_context * ldb,TALLOC_CTX * mem_ctx,struct ldb_result ** result,struct ldb_dn * base,enum ldb_scope scope,const char * const * attrs,const char * exp_fmt,...)1718 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1719 struct ldb_result **result, struct ldb_dn *base,
1720 enum ldb_scope scope, const char * const *attrs,
1721 const char *exp_fmt, ...)
1722 {
1723 struct ldb_request *req;
1724 struct ldb_result *res;
1725 char *expression;
1726 va_list ap;
1727 int ret;
1728
1729 expression = NULL;
1730 *result = NULL;
1731 req = NULL;
1732
1733 res = talloc_zero(mem_ctx, struct ldb_result);
1734 if (!res) {
1735 return LDB_ERR_OPERATIONS_ERROR;
1736 }
1737
1738 if (exp_fmt) {
1739 va_start(ap, exp_fmt);
1740 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1741 va_end(ap);
1742
1743 if (!expression) {
1744 talloc_free(res);
1745 return LDB_ERR_OPERATIONS_ERROR;
1746 }
1747 }
1748
1749 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1750 base?base:ldb_get_default_basedn(ldb),
1751 scope,
1752 expression,
1753 attrs,
1754 NULL,
1755 res,
1756 ldb_search_default_callback,
1757 NULL);
1758 ldb_req_set_location(req, "ldb_search");
1759
1760 if (ret != LDB_SUCCESS) goto done;
1761
1762 ret = ldb_request(ldb, req);
1763
1764 if (ret == LDB_SUCCESS) {
1765 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1766 }
1767
1768 done:
1769 if (ret != LDB_SUCCESS) {
1770 talloc_free(res);
1771 res = NULL;
1772 }
1773
1774 talloc_free(expression);
1775 talloc_free(req);
1776
1777 *result = res;
1778 return ret;
1779 }
1780
1781 /*
1782 add a record to the database. Will fail if a record with the given class
1783 and key already exists
1784 */
ldb_add(struct ldb_context * ldb,const struct ldb_message * message)1785 int ldb_add(struct ldb_context *ldb,
1786 const struct ldb_message *message)
1787 {
1788 struct ldb_request *req;
1789 int ret;
1790
1791 ret = ldb_msg_sanity_check(ldb, message);
1792 if (ret != LDB_SUCCESS) {
1793 return ret;
1794 }
1795
1796 ret = ldb_build_add_req(&req, ldb, ldb,
1797 message,
1798 NULL,
1799 NULL,
1800 ldb_op_default_callback,
1801 NULL);
1802 ldb_req_set_location(req, "ldb_add");
1803
1804 if (ret != LDB_SUCCESS) return ret;
1805
1806 /* do request and autostart a transaction */
1807 ret = ldb_autotransaction_request(ldb, req);
1808
1809 talloc_free(req);
1810 return ret;
1811 }
1812
1813 /*
1814 modify the specified attributes of a record
1815 */
ldb_modify(struct ldb_context * ldb,const struct ldb_message * message)1816 int ldb_modify(struct ldb_context *ldb,
1817 const struct ldb_message *message)
1818 {
1819 struct ldb_request *req;
1820 int ret;
1821
1822 ret = ldb_msg_sanity_check(ldb, message);
1823 if (ret != LDB_SUCCESS) {
1824 return ret;
1825 }
1826
1827 ret = ldb_build_mod_req(&req, ldb, ldb,
1828 message,
1829 NULL,
1830 NULL,
1831 ldb_op_default_callback,
1832 NULL);
1833 ldb_req_set_location(req, "ldb_modify");
1834
1835 if (ret != LDB_SUCCESS) return ret;
1836
1837 /* do request and autostart a transaction */
1838 ret = ldb_autotransaction_request(ldb, req);
1839
1840 talloc_free(req);
1841 return ret;
1842 }
1843
1844
1845 /*
1846 delete a record from the database
1847 */
ldb_delete(struct ldb_context * ldb,struct ldb_dn * dn)1848 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1849 {
1850 struct ldb_request *req;
1851 int ret;
1852
1853 ret = ldb_build_del_req(&req, ldb, ldb,
1854 dn,
1855 NULL,
1856 NULL,
1857 ldb_op_default_callback,
1858 NULL);
1859 ldb_req_set_location(req, "ldb_delete");
1860
1861 if (ret != LDB_SUCCESS) return ret;
1862
1863 /* do request and autostart a transaction */
1864 ret = ldb_autotransaction_request(ldb, req);
1865
1866 talloc_free(req);
1867 return ret;
1868 }
1869
1870 /*
1871 rename a record in the database
1872 */
ldb_rename(struct ldb_context * ldb,struct ldb_dn * olddn,struct ldb_dn * newdn)1873 int ldb_rename(struct ldb_context *ldb,
1874 struct ldb_dn *olddn, struct ldb_dn *newdn)
1875 {
1876 struct ldb_request *req;
1877 int ret;
1878
1879 ret = ldb_build_rename_req(&req, ldb, ldb,
1880 olddn,
1881 newdn,
1882 NULL,
1883 NULL,
1884 ldb_op_default_callback,
1885 NULL);
1886 ldb_req_set_location(req, "ldb_rename");
1887
1888 if (ret != LDB_SUCCESS) return ret;
1889
1890 /* do request and autostart a transaction */
1891 ret = ldb_autotransaction_request(ldb, req);
1892
1893 talloc_free(req);
1894 return ret;
1895 }
1896
1897
1898 /*
1899 return the global sequence number
1900 */
ldb_sequence_number(struct ldb_context * ldb,enum ldb_sequence_type type,uint64_t * seq_num)1901 int ldb_sequence_number(struct ldb_context *ldb,
1902 enum ldb_sequence_type type, uint64_t *seq_num)
1903 {
1904 struct ldb_seqnum_request *seq;
1905 struct ldb_seqnum_result *seqr;
1906 struct ldb_result *res;
1907 TALLOC_CTX *tmp_ctx;
1908 int ret;
1909
1910 *seq_num = 0;
1911
1912 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1913 if (tmp_ctx == NULL) {
1914 ldb_set_errstring(ldb, "Out of Memory");
1915 return LDB_ERR_OPERATIONS_ERROR;
1916 }
1917 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1918 if (seq == NULL) {
1919 ldb_set_errstring(ldb, "Out of Memory");
1920 ret = LDB_ERR_OPERATIONS_ERROR;
1921 goto done;
1922 }
1923 seq->type = type;
1924
1925 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1926 if (ret != LDB_SUCCESS) {
1927 goto done;
1928 }
1929 talloc_steal(tmp_ctx, res);
1930
1931 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1932 ldb_set_errstring(ldb, "Invalid OID in reply");
1933 ret = LDB_ERR_OPERATIONS_ERROR;
1934 goto done;
1935 }
1936 seqr = talloc_get_type(res->extended->data,
1937 struct ldb_seqnum_result);
1938 *seq_num = seqr->seq_num;
1939
1940 done:
1941 talloc_free(tmp_ctx);
1942 return ret;
1943 }
1944
1945 /*
1946 return extended error information
1947 */
ldb_errstring(struct ldb_context * ldb)1948 const char *ldb_errstring(struct ldb_context *ldb)
1949 {
1950 if (ldb->err_string) {
1951 return ldb->err_string;
1952 }
1953
1954 return NULL;
1955 }
1956
1957 /*
1958 return a string explaining what a ldb error constant meancs
1959 */
ldb_strerror(int ldb_err)1960 const char *ldb_strerror(int ldb_err)
1961 {
1962 switch (ldb_err) {
1963 case LDB_SUCCESS:
1964 return "Success";
1965 case LDB_ERR_OPERATIONS_ERROR:
1966 return "Operations error";
1967 case LDB_ERR_PROTOCOL_ERROR:
1968 return "Protocol error";
1969 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1970 return "Time limit exceeded";
1971 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1972 return "Size limit exceeded";
1973 case LDB_ERR_COMPARE_FALSE:
1974 return "Compare false";
1975 case LDB_ERR_COMPARE_TRUE:
1976 return "Compare true";
1977 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1978 return "Auth method not supported";
1979 case LDB_ERR_STRONG_AUTH_REQUIRED:
1980 return "Strong auth required";
1981 /* 9 RESERVED */
1982 case LDB_ERR_REFERRAL:
1983 return "Referral error";
1984 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1985 return "Admin limit exceeded";
1986 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1987 return "Unsupported critical extension";
1988 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1989 return "Confidentiality required";
1990 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1991 return "SASL bind in progress";
1992 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1993 return "No such attribute";
1994 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1995 return "Undefined attribute type";
1996 case LDB_ERR_INAPPROPRIATE_MATCHING:
1997 return "Inappropriate matching";
1998 case LDB_ERR_CONSTRAINT_VIOLATION:
1999 return "Constraint violation";
2000 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
2001 return "Attribute or value exists";
2002 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
2003 return "Invalid attribute syntax";
2004 /* 22-31 unused */
2005 case LDB_ERR_NO_SUCH_OBJECT:
2006 return "No such object";
2007 case LDB_ERR_ALIAS_PROBLEM:
2008 return "Alias problem";
2009 case LDB_ERR_INVALID_DN_SYNTAX:
2010 return "Invalid DN syntax";
2011 /* 35 RESERVED */
2012 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
2013 return "Alias dereferencing problem";
2014 /* 37-47 unused */
2015 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
2016 return "Inappropriate authentication";
2017 case LDB_ERR_INVALID_CREDENTIALS:
2018 return "Invalid credentials";
2019 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
2020 return "insufficient access rights";
2021 case LDB_ERR_BUSY:
2022 return "Busy";
2023 case LDB_ERR_UNAVAILABLE:
2024 return "Unavailable";
2025 case LDB_ERR_UNWILLING_TO_PERFORM:
2026 return "Unwilling to perform";
2027 case LDB_ERR_LOOP_DETECT:
2028 return "Loop detect";
2029 /* 55-63 unused */
2030 case LDB_ERR_NAMING_VIOLATION:
2031 return "Naming violation";
2032 case LDB_ERR_OBJECT_CLASS_VIOLATION:
2033 return "Object class violation";
2034 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
2035 return "Not allowed on non-leaf";
2036 case LDB_ERR_NOT_ALLOWED_ON_RDN:
2037 return "Not allowed on RDN";
2038 case LDB_ERR_ENTRY_ALREADY_EXISTS:
2039 return "Entry already exists";
2040 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
2041 return "Object class mods prohibited";
2042 /* 70 RESERVED FOR CLDAP */
2043 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
2044 return "Affects multiple DSAs";
2045 /* 72-79 unused */
2046 case LDB_ERR_OTHER:
2047 return "Other";
2048 }
2049
2050 return "Unknown error";
2051 }
2052
2053 /*
2054 set backend specific opaque parameters
2055 */
ldb_set_opaque(struct ldb_context * ldb,const char * name,void * value)2056 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
2057 {
2058 struct ldb_opaque *o;
2059
2060 /* allow updating an existing value */
2061 for (o=ldb->opaque;o;o=o->next) {
2062 if (strcmp(o->name, name) == 0) {
2063 o->value = value;
2064 return LDB_SUCCESS;
2065 }
2066 }
2067
2068 o = talloc(ldb, struct ldb_opaque);
2069 if (o == NULL) {
2070 ldb_oom(ldb);
2071 return LDB_ERR_OTHER;
2072 }
2073 o->next = ldb->opaque;
2074 o->name = name;
2075 o->value = value;
2076 ldb->opaque = o;
2077 return LDB_SUCCESS;
2078 }
2079
2080 /*
2081 get a previously set opaque value
2082 */
ldb_get_opaque(struct ldb_context * ldb,const char * name)2083 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
2084 {
2085 struct ldb_opaque *o;
2086 for (o=ldb->opaque;o;o=o->next) {
2087 if (strcmp(o->name, name) == 0) {
2088 return o->value;
2089 }
2090 }
2091 return NULL;
2092 }
2093
ldb_global_init(void)2094 int ldb_global_init(void)
2095 {
2096 /* Provided for compatibility with some older versions of ldb */
2097 return 0;
2098 }
2099
2100 /* return the ldb flags */
ldb_get_flags(struct ldb_context * ldb)2101 unsigned int ldb_get_flags(struct ldb_context *ldb)
2102 {
2103 return ldb->flags;
2104 }
2105
2106 /* set the ldb flags */
ldb_set_flags(struct ldb_context * ldb,unsigned flags)2107 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
2108 {
2109 ldb->flags = flags;
2110 }
2111
2112
2113 /*
2114 set the location in a ldb request. Used for debugging
2115 */
ldb_req_set_location(struct ldb_request * req,const char * location)2116 void ldb_req_set_location(struct ldb_request *req, const char *location)
2117 {
2118 if (req && req->handle) {
2119 req->handle->location = location;
2120 }
2121 }
2122
2123 /*
2124 return the location set with dsdb_req_set_location
2125 */
ldb_req_location(struct ldb_request * req)2126 const char *ldb_req_location(struct ldb_request *req)
2127 {
2128 return req->handle->location;
2129 }
2130
2131 /**
2132 mark a request as untrusted. This tells the rootdse module to remove
2133 unregistered controls
2134 */
ldb_req_mark_untrusted(struct ldb_request * req)2135 void ldb_req_mark_untrusted(struct ldb_request *req)
2136 {
2137 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
2138 }
2139
2140 /**
2141 mark a request as trusted.
2142 */
ldb_req_mark_trusted(struct ldb_request * req)2143 void ldb_req_mark_trusted(struct ldb_request *req)
2144 {
2145 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
2146 }
2147
2148 /**
2149 set custom flags. Those flags are set by applications using ldb,
2150 they are application dependent and the same bit can have different
2151 meaning in different application.
2152 */
ldb_req_set_custom_flags(struct ldb_request * req,uint32_t flags)2153 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
2154 {
2155 if (req != NULL && req->handle != NULL) {
2156 req->handle->custom_flags = flags;
2157 }
2158 }
2159
2160
2161 /**
2162 get custom flags. Those flags are set by applications using ldb,
2163 they are application dependent and the same bit can have different
2164 meaning in different application.
2165 */
ldb_req_get_custom_flags(struct ldb_request * req)2166 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
2167 {
2168 if (req != NULL && req->handle != NULL) {
2169 return req->handle->custom_flags;
2170 }
2171
2172 /*
2173 * 0 is not something any better or worse than
2174 * anything else as req or the handle is NULL
2175 */
2176 return 0;
2177 }
2178
2179
2180 /**
2181 * return true if a request is untrusted
2182 */
ldb_req_is_untrusted(struct ldb_request * req)2183 bool ldb_req_is_untrusted(struct ldb_request *req)
2184 {
2185 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
2186 }
2187