4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
56 map a tdb error code to a ldb error code
58 int ltdb_err_map(enum TDB_ERROR tdb_code)
66 return LDB_ERR_OPERATIONS_ERROR;
68 return LDB_ERR_PROTOCOL_ERROR;
72 case TDB_ERR_LOCK_TIMEOUT:
73 return LDB_ERR_TIME_LIMIT_EXCEEDED;
75 return LDB_ERR_ENTRY_ALREADY_EXISTS;
77 return LDB_ERR_NO_SUCH_OBJECT;
79 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
87 lock the database for read - use by ltdb_search and ltdb_sequence_number
89 int ltdb_lock_read(struct ldb_module *module)
91 void *data = ldb_module_get_private(module);
92 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
95 if (ltdb->in_transaction == 0 &&
96 ltdb->read_lock_count == 0) {
97 ret = tdb_lockall_read(ltdb->tdb);
100 ltdb->read_lock_count++;
106 unlock the database after a ltdb_lock_read()
108 int ltdb_unlock_read(struct ldb_module *module)
110 void *data = ldb_module_get_private(module);
111 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
112 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
113 return tdb_unlockall_read(ltdb->tdb);
115 ltdb->read_lock_count--;
121 form a TDB_DATA for a record key
124 note that the key for a record can depend on whether the
125 dn refers to a case sensitive index record or not
127 struct TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
129 struct ldb_context *ldb = ldb_module_get_ctx(module);
131 char *key_str = NULL;
132 const char *dn_folded = NULL;
135 most DNs are case insensitive. The exception is index DNs for
136 case sensitive attributes
138 there are 3 cases dealt with in this code:
140 1) if the dn doesn't start with @ then uppercase the attribute
141 names and the attributes values of case insensitive attributes
142 2) if the dn starts with @ then leave it alone -
143 the indexing code handles the rest
146 dn_folded = ldb_dn_get_casefold(dn);
151 key_str = talloc_strdup(ldb, "DN=");
156 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
161 key.dptr = (uint8_t *)key_str;
162 key.dsize = strlen(key_str) + 1;
174 check special dn's have valid attributes
175 currently only @ATTRIBUTES is checked
177 static int ltdb_check_special_dn(struct ldb_module *module,
178 const struct ldb_message *msg)
180 struct ldb_context *ldb = ldb_module_get_ctx(module);
183 if (! ldb_dn_is_special(msg->dn) ||
184 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
188 /* we have @ATTRIBUTES, let's check attributes are fine */
189 /* should we check that we deny multivalued attributes ? */
190 for (i = 0; i < msg->num_elements; i++) {
191 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
193 for (j = 0; j < msg->elements[i].num_values; j++) {
194 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
195 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
196 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
206 we've made a modification to a dn - possibly reindex and
207 update sequence number
209 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
211 int ret = LDB_SUCCESS;
212 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
214 /* only allow modifies inside a transaction, otherwise the
216 if (ltdb->in_transaction == 0) {
217 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
218 return LDB_ERR_OPERATIONS_ERROR;
221 if (ldb_dn_is_special(dn) &&
222 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
223 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
224 ret = ltdb_reindex(module);
227 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
228 if (ret == LDB_SUCCESS &&
229 !(ldb_dn_is_special(dn) &&
230 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
231 ret = ltdb_increase_sequence_number(module);
234 /* If the modify was to @OPTIONS, reload the cache */
235 if (ret == LDB_SUCCESS &&
236 ldb_dn_is_special(dn) &&
237 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
238 ret = ltdb_cache_reload(module);
245 store a record into the db
247 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
249 void *data = ldb_module_get_private(module);
250 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
251 TDB_DATA tdb_key, tdb_data;
252 int ret = LDB_SUCCESS;
254 tdb_key = ltdb_key(module, msg->dn);
255 if (tdb_key.dptr == NULL) {
256 return LDB_ERR_OTHER;
259 ret = ltdb_pack_data(module, msg, &tdb_data);
261 talloc_free(tdb_key.dptr);
262 return LDB_ERR_OTHER;
265 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
267 ret = ltdb_err_map(tdb_error(ltdb->tdb));
272 talloc_free(tdb_key.dptr);
273 talloc_free(tdb_data.dptr);
279 static int ltdb_add_internal(struct ldb_module *module,
280 const struct ldb_message *msg)
282 struct ldb_context *ldb = ldb_module_get_ctx(module);
283 int ret = LDB_SUCCESS;
286 ret = ltdb_check_special_dn(module, msg);
287 if (ret != LDB_SUCCESS) {
291 if (ltdb_cache_load(module) != 0) {
292 return LDB_ERR_OPERATIONS_ERROR;
295 for (i=0;i<msg->num_elements;i++) {
296 struct ldb_message_element *el = &msg->elements[i];
298 if (el->num_values == 0) {
299 ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illegal)",
300 el->name, ldb_dn_get_linearized(msg->dn));
301 return LDB_ERR_CONSTRAINT_VIOLATION;
305 ret = ltdb_store(module, msg, TDB_INSERT);
306 if (ret != LDB_SUCCESS) {
307 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
308 ldb_asprintf_errstring(ldb,
309 "Entry %s already exists",
310 ldb_dn_get_linearized(msg->dn));
315 ret = ltdb_index_add_new(module, msg);
316 if (ret != LDB_SUCCESS) {
320 ret = ltdb_modified(module, msg->dn);
326 add a record to the database
328 static int ltdb_add(struct ltdb_context *ctx)
330 struct ldb_module *module = ctx->module;
331 struct ldb_request *req = ctx->req;
332 int ret = LDB_SUCCESS;
334 ldb_request_set_state(req, LDB_ASYNC_PENDING);
336 if (ltdb_cache_load(module) != 0) {
337 return LDB_ERR_OPERATIONS_ERROR;
340 ret = ltdb_add_internal(module, req->op.add.message);
346 delete a record from the database, not updating indexes (used for deleting
349 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
351 void *data = ldb_module_get_private(module);
352 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
356 tdb_key = ltdb_key(module, dn);
358 return LDB_ERR_OTHER;
361 ret = tdb_delete(ltdb->tdb, tdb_key);
362 talloc_free(tdb_key.dptr);
365 ret = ltdb_err_map(tdb_error(ltdb->tdb));
371 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
373 struct ldb_message *msg;
374 int ret = LDB_SUCCESS;
376 msg = talloc(module, struct ldb_message);
378 return LDB_ERR_OPERATIONS_ERROR;
381 /* in case any attribute of the message was indexed, we need
382 to fetch the old record */
383 ret = ltdb_search_dn1(module, dn, msg);
384 if (ret != LDB_SUCCESS) {
385 /* not finding the old record is an error */
389 ret = ltdb_delete_noindex(module, dn);
390 if (ret != LDB_SUCCESS) {
394 /* remove any indexed attributes */
395 ret = ltdb_index_delete(module, msg);
396 if (ret != LDB_SUCCESS) {
400 ret = ltdb_modified(module, dn);
401 if (ret != LDB_SUCCESS) {
411 delete a record from the database
413 static int ltdb_delete(struct ltdb_context *ctx)
415 struct ldb_module *module = ctx->module;
416 struct ldb_request *req = ctx->req;
417 int ret = LDB_SUCCESS;
419 ldb_request_set_state(req, LDB_ASYNC_PENDING);
421 if (ltdb_cache_load(module) != 0) {
422 return LDB_ERR_OPERATIONS_ERROR;
425 ret = ltdb_delete_internal(module, req->op.del.dn);
431 find an element by attribute name. At the moment this does a linear search,
432 it should be re-coded to use a binary search once all places that modify
433 records guarantee sorted order
435 return the index of the first matching element if found, otherwise -1
437 static int find_element(const struct ldb_message *msg, const char *name)
440 for (i=0;i<msg->num_elements;i++) {
441 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
450 add an element to an existing record. Assumes a elements array that we
451 can call re-alloc on, and assumed that we can re-use the data pointers from
452 the passed in additional values. Use with care!
454 returns 0 on success, -1 on failure (and sets errno)
456 static int ltdb_msg_add_element(struct ldb_context *ldb,
457 struct ldb_message *msg,
458 struct ldb_message_element *el)
460 struct ldb_message_element *e2;
463 if (el->num_values == 0) {
464 /* nothing to do here - we don't add empty elements */
468 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
469 msg->num_elements+1);
477 e2 = &msg->elements[msg->num_elements];
480 e2->flags = el->flags;
481 e2->values = talloc_array(msg->elements,
482 struct ldb_val, el->num_values);
487 for (i=0;i<el->num_values;i++) {
488 e2->values[i] = el->values[i];
490 e2->num_values = el->num_values;
498 delete all elements having a specified attribute name
500 static int msg_delete_attribute(struct ldb_module *module,
501 struct ldb_context *ldb,
502 struct ldb_message *msg, const char *name)
506 struct ldb_message_element *el;
508 el = ldb_msg_find_element(msg, name);
510 return LDB_ERR_NO_SUCH_ATTRIBUTE;
512 i = el - msg->elements;
514 ret = ltdb_index_del_element(module, msg->dn, el);
515 if (ret != LDB_SUCCESS) {
519 talloc_free(el->values);
520 if (msg->num_elements > (i+1)) {
521 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
524 msg->elements = talloc_realloc(msg, msg->elements,
525 struct ldb_message_element,
531 delete all elements matching an attribute name/value
533 return LDB Error on failure
535 static int msg_delete_element(struct ldb_module *module,
536 struct ldb_message *msg,
538 const struct ldb_val *val)
540 struct ldb_context *ldb = ldb_module_get_ctx(module);
543 struct ldb_message_element *el;
544 const struct ldb_schema_attribute *a;
546 found = find_element(msg, name);
548 return LDB_ERR_NO_SUCH_ATTRIBUTE;
551 el = &msg->elements[found];
553 a = ldb_schema_attribute_by_name(ldb, el->name);
555 for (i=0;i<el->num_values;i++) {
556 if (a->syntax->comparison_fn(ldb, ldb,
557 &el->values[i], val) == 0) {
558 if (el->num_values == 1) {
559 return msg_delete_attribute(module, ldb, msg, name);
562 ret = ltdb_index_del_value(module, msg->dn, el, i);
563 if (ret != LDB_SUCCESS) {
567 if (i<el->num_values-1) {
568 memmove(&el->values[i], &el->values[i+1],
569 sizeof(el->values[i])*
570 (el->num_values-(i+1)));
574 /* per definition we find in a canonicalised message an
575 attribute value only once. So we are finished here */
581 return LDB_ERR_NO_SUCH_ATTRIBUTE;
586 modify a record - internal interface
588 yuck - this is O(n^2). Luckily n is usually small so we probably
589 get away with it, but if we ever have really large attribute lists
590 then we'll need to look at this again
592 'req' is optional, and is used to specify controls if supplied
594 int ltdb_modify_internal(struct ldb_module *module,
595 const struct ldb_message *msg,
596 struct ldb_request *req)
598 struct ldb_context *ldb = ldb_module_get_ctx(module);
599 void *data = ldb_module_get_private(module);
600 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
601 TDB_DATA tdb_key, tdb_data;
602 struct ldb_message *msg2;
604 int ret = LDB_SUCCESS, idx;
605 struct ldb_control *control_permissive = NULL;
608 control_permissive = ldb_request_get_control(req,
609 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
612 tdb_key = ltdb_key(module, msg->dn);
614 return LDB_ERR_OTHER;
617 tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
618 if (!tdb_data.dptr) {
619 talloc_free(tdb_key.dptr);
620 return ltdb_err_map(tdb_error(ltdb->tdb));
623 msg2 = talloc(tdb_key.dptr, struct ldb_message);
630 ret = ltdb_unpack_data(module, &tdb_data, msg2);
641 for (i=0; i<msg->num_elements; i++) {
642 struct ldb_message_element *el = &msg->elements[i], *el2;
643 struct ldb_val *vals;
646 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
647 case LDB_FLAG_MOD_ADD:
649 if (el->num_values == 0) {
650 ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illigal)",
651 el->name, ldb_dn_get_linearized(msg2->dn));
652 ret = LDB_ERR_CONSTRAINT_VIOLATION;
656 /* make a copy of the array so that a permissive
657 * control can remove duplicates without changing the
658 * original values, but do not copy data as we do not
659 * need to keep it around once the operation is
661 if (control_permissive) {
662 el = talloc(msg2, struct ldb_message_element);
667 el->name = msg->elements[i].name;
668 el->num_values = msg->elements[i].num_values;
669 el->values = talloc_array(el, struct ldb_val, el->num_values);
670 if (el->values == NULL) {
674 for (j = 0; j < el->num_values; j++) {
675 el->values[j] = msg->elements[i].values[j];
679 /* Checks if element already exists */
680 idx = find_element(msg2, el->name);
682 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
686 ret = ltdb_index_add_element(module, msg2->dn, el);
687 if (ret != LDB_SUCCESS) {
691 el2 = &(msg2->elements[idx]);
693 /* Check that values don't exist yet on multi-
694 valued attributes or aren't provided twice */
695 for (j = 0; j < el->num_values; j++) {
696 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
697 if (control_permissive) {
698 /* remove this one as if it was never added */
700 for (k = j; k < el->num_values; k++) {
701 el->values[k] = el->values[k + 1];
708 ldb_asprintf_errstring(ldb, "%s: value #%d already exists", el->name, j);
709 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
712 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
713 ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
714 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
719 /* Now combine existing and new values to a new
721 vals = talloc_realloc(msg2->elements,
722 el2->values, struct ldb_val,
723 el2->num_values + el->num_values);
730 for (j=0; j<el->num_values; j++) {
731 vals[el2->num_values + j] =
732 ldb_val_dup(vals, &el->values[j]);
736 el2->num_values += el->num_values;
738 ret = ltdb_index_add_element(module, msg2->dn, el);
739 if (ret != LDB_SUCCESS) {
746 case LDB_FLAG_MOD_REPLACE:
748 /* TODO: This is O(n^2) - replace with more efficient check */
749 for (j=0; j<el->num_values; j++) {
750 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
751 ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
752 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
757 idx = find_element(msg2, el->name);
759 el2 = &(msg2->elements[idx]);
760 if (ldb_msg_element_compare(el, el2) == 0) {
761 /* we are replacing with the same values */
765 /* Delete the attribute if it exists in the DB */
766 if (msg_delete_attribute(module, ldb, msg2, el->name) != 0) {
772 /* Recreate it with the new values */
773 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
778 ret = ltdb_index_add_element(module, msg2->dn, el);
779 if (ret != LDB_SUCCESS) {
785 case LDB_FLAG_MOD_DELETE:
786 dn = ldb_dn_get_linearized(msg2->dn);
792 if (msg->elements[i].num_values == 0) {
793 /* Delete the whole attribute */
794 ret = msg_delete_attribute(module, ldb, msg2,
795 msg->elements[i].name);
796 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
797 control_permissive) {
800 ldb_asprintf_errstring(ldb, "No such attribute: %s for delete on %s",
801 msg->elements[i].name, dn);
803 if (ret != LDB_SUCCESS) {
807 /* Delete specified values from an attribute */
808 for (j=0; j < msg->elements[i].num_values; j++) {
809 ret = msg_delete_element(module,
811 msg->elements[i].name,
812 &msg->elements[i].values[j]);
813 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
814 control_permissive) {
817 ldb_asprintf_errstring(ldb, "No matching attribute value when deleting attribute: %s on %s",
818 msg->elements[i].name, dn);
820 if (ret != LDB_SUCCESS) {
827 ldb_asprintf_errstring(ldb,
828 "Invalid ldb_modify flags on %s: 0x%x",
829 msg->elements[i].name,
830 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
831 ret = LDB_ERR_PROTOCOL_ERROR;
836 ret = ltdb_store(module, msg2, TDB_MODIFY);
837 if (ret != LDB_SUCCESS) {
841 ret = ltdb_modified(module, msg2->dn);
842 if (ret != LDB_SUCCESS) {
847 talloc_free(tdb_key.dptr);
854 static int ltdb_modify(struct ltdb_context *ctx)
856 struct ldb_module *module = ctx->module;
857 struct ldb_request *req = ctx->req;
858 int ret = LDB_SUCCESS;
860 ret = ltdb_check_special_dn(module, req->op.mod.message);
861 if (ret != LDB_SUCCESS) {
865 ldb_request_set_state(req, LDB_ASYNC_PENDING);
867 if (ltdb_cache_load(module) != 0) {
868 return LDB_ERR_OPERATIONS_ERROR;
871 ret = ltdb_modify_internal(module, req->op.mod.message, req);
879 static int ltdb_rename(struct ltdb_context *ctx)
881 struct ldb_module *module = ctx->module;
882 struct ldb_request *req = ctx->req;
883 struct ldb_message *msg;
884 int ret = LDB_SUCCESS;
886 ldb_request_set_state(req, LDB_ASYNC_PENDING);
888 if (ltdb_cache_load(ctx->module) != 0) {
889 return LDB_ERR_OPERATIONS_ERROR;
892 msg = talloc(ctx, struct ldb_message);
894 return LDB_ERR_OPERATIONS_ERROR;
897 /* in case any attribute of the message was indexed, we need
898 to fetch the old record */
899 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
900 if (ret != LDB_SUCCESS) {
901 /* not finding the old record is an error */
905 /* Always delete first then add, to avoid conflicts with
906 * unique indexes. We rely on the transaction to make this
909 ret = ltdb_delete_internal(module, msg->dn);
910 if (ret != LDB_SUCCESS) {
914 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
915 if (msg->dn == NULL) {
916 return LDB_ERR_OPERATIONS_ERROR;
919 ret = ltdb_add_internal(module, msg);
924 static int ltdb_start_trans(struct ldb_module *module)
926 void *data = ldb_module_get_private(module);
927 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
929 if (tdb_transaction_start(ltdb->tdb) != 0) {
930 return ltdb_err_map(tdb_error(ltdb->tdb));
933 ltdb->in_transaction++;
935 ltdb_index_transaction_start(module);
940 static int ltdb_prepare_commit(struct ldb_module *module)
942 void *data = ldb_module_get_private(module);
943 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
945 if (ltdb->in_transaction != 1) {
949 if (ltdb_index_transaction_commit(module) != 0) {
950 tdb_transaction_cancel(ltdb->tdb);
951 ltdb->in_transaction--;
952 return ltdb_err_map(tdb_error(ltdb->tdb));
955 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
956 ltdb->in_transaction--;
957 return ltdb_err_map(tdb_error(ltdb->tdb));
960 ltdb->prepared_commit = true;
965 static int ltdb_end_trans(struct ldb_module *module)
967 void *data = ldb_module_get_private(module);
968 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
970 if (!ltdb->prepared_commit) {
971 int ret = ltdb_prepare_commit(module);
972 if (ret != LDB_SUCCESS) {
977 ltdb->in_transaction--;
978 ltdb->prepared_commit = false;
980 if (tdb_transaction_commit(ltdb->tdb) != 0) {
981 return ltdb_err_map(tdb_error(ltdb->tdb));
987 static int ltdb_del_trans(struct ldb_module *module)
989 void *data = ldb_module_get_private(module);
990 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
992 ltdb->in_transaction--;
994 if (ltdb_index_transaction_cancel(module) != 0) {
995 tdb_transaction_cancel(ltdb->tdb);
996 return ltdb_err_map(tdb_error(ltdb->tdb));
999 if (tdb_transaction_cancel(ltdb->tdb) != 0) {
1000 return ltdb_err_map(tdb_error(ltdb->tdb));
1007 return sequenceNumber from @BASEINFO
1009 static int ltdb_sequence_number(struct ltdb_context *ctx,
1010 struct ldb_extended **ext)
1012 struct ldb_context *ldb;
1013 struct ldb_module *module = ctx->module;
1014 struct ldb_request *req = ctx->req;
1015 TALLOC_CTX *tmp_ctx;
1016 struct ldb_seqnum_request *seq;
1017 struct ldb_seqnum_result *res;
1018 struct ldb_message *msg = NULL;
1021 int ret = LDB_SUCCESS;
1023 ldb = ldb_module_get_ctx(module);
1025 seq = talloc_get_type(req->op.extended.data,
1026 struct ldb_seqnum_request);
1028 return LDB_ERR_OPERATIONS_ERROR;
1031 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1033 if (ltdb_lock_read(module) != 0) {
1034 return LDB_ERR_OPERATIONS_ERROR;
1037 res = talloc_zero(req, struct ldb_seqnum_result);
1039 ret = LDB_ERR_OPERATIONS_ERROR;
1042 tmp_ctx = talloc_new(req);
1043 if (tmp_ctx == NULL) {
1044 ret = LDB_ERR_OPERATIONS_ERROR;
1048 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1050 msg = talloc(tmp_ctx, struct ldb_message);
1052 ret = LDB_ERR_OPERATIONS_ERROR;
1056 ret = ltdb_search_dn1(module, dn, msg);
1057 if (ret != LDB_SUCCESS) {
1061 switch (seq->type) {
1062 case LDB_SEQ_HIGHEST_SEQ:
1063 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1066 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1069 case LDB_SEQ_HIGHEST_TIMESTAMP:
1070 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1072 res->seq_num = ldb_string_to_time(date);
1075 /* zero is as good as anything when we don't know */
1080 *ext = talloc_zero(req, struct ldb_extended);
1082 ret = LDB_ERR_OPERATIONS_ERROR;
1085 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1086 (*ext)->data = talloc_steal(*ext, res);
1089 talloc_free(tmp_ctx);
1090 ltdb_unlock_read(module);
1094 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1096 struct ldb_context *ldb;
1097 struct ldb_request *req;
1098 struct ldb_reply *ares;
1100 ldb = ldb_module_get_ctx(ctx->module);
1103 /* if we already returned an error just return */
1104 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1108 ares = talloc_zero(req, struct ldb_reply);
1111 req->callback(req, NULL);
1114 ares->type = LDB_REPLY_DONE;
1115 ares->error = error;
1117 req->callback(req, ares);
1120 static void ltdb_timeout(struct tevent_context *ev,
1121 struct tevent_timer *te,
1125 struct ltdb_context *ctx;
1126 ctx = talloc_get_type(private_data, struct ltdb_context);
1128 if (!ctx->request_terminated) {
1129 /* request is done now */
1130 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1133 if (!ctx->request_terminated) {
1134 /* neutralize the spy */
1135 ctx->spy->ctx = NULL;
1140 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1141 struct ldb_extended *ext,
1144 struct ldb_context *ldb;
1145 struct ldb_request *req;
1146 struct ldb_reply *ares;
1148 ldb = ldb_module_get_ctx(ctx->module);
1151 /* if we already returned an error just return */
1152 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1156 ares = talloc_zero(req, struct ldb_reply);
1159 req->callback(req, NULL);
1162 ares->type = LDB_REPLY_DONE;
1163 ares->response = ext;
1164 ares->error = error;
1166 req->callback(req, ares);
1169 static void ltdb_handle_extended(struct ltdb_context *ctx)
1171 struct ldb_extended *ext = NULL;
1174 if (strcmp(ctx->req->op.extended.oid,
1175 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1176 /* get sequence number */
1177 ret = ltdb_sequence_number(ctx, &ext);
1179 /* not recognized */
1180 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1183 ltdb_request_extended_done(ctx, ext, ret);
1186 static void ltdb_callback(struct tevent_context *ev,
1187 struct tevent_timer *te,
1191 struct ltdb_context *ctx;
1194 ctx = talloc_get_type(private_data, struct ltdb_context);
1196 if (ctx->request_terminated) {
1200 switch (ctx->req->operation) {
1202 ret = ltdb_search(ctx);
1205 ret = ltdb_add(ctx);
1208 ret = ltdb_modify(ctx);
1211 ret = ltdb_delete(ctx);
1214 ret = ltdb_rename(ctx);
1217 ltdb_handle_extended(ctx);
1220 /* no other op supported */
1221 ret = LDB_ERR_UNWILLING_TO_PERFORM;
1224 if (!ctx->request_terminated) {
1225 /* request is done now */
1226 ltdb_request_done(ctx, ret);
1230 if (!ctx->request_terminated) {
1231 /* neutralize the spy */
1232 ctx->spy->ctx = NULL;
1237 static int ltdb_request_destructor(void *ptr)
1239 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1241 if (spy->ctx != NULL) {
1242 spy->ctx->request_terminated = true;
1248 static int ltdb_handle_request(struct ldb_module *module,
1249 struct ldb_request *req)
1251 struct ldb_control *control_permissive;
1252 struct ldb_context *ldb;
1253 struct tevent_context *ev;
1254 struct ltdb_context *ac;
1255 struct tevent_timer *te;
1259 ldb = ldb_module_get_ctx(module);
1261 control_permissive = ldb_request_get_control(req,
1262 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1264 for (i = 0; req->controls && req->controls[i]; i++) {
1265 if (req->controls[i]->critical &&
1266 req->controls[i] != control_permissive) {
1267 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1268 req->controls[i]->oid);
1269 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1273 if (req->starttime == 0 || req->timeout == 0) {
1274 ldb_set_errstring(ldb, "Invalid timeout settings");
1275 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1278 ev = ldb_get_event_context(ldb);
1280 ac = talloc_zero(ldb, struct ltdb_context);
1283 return LDB_ERR_OPERATIONS_ERROR;
1286 ac->module = module;
1291 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1294 return LDB_ERR_OPERATIONS_ERROR;
1297 tv.tv_sec = req->starttime + req->timeout;
1298 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1299 if (NULL == ac->timeout_event) {
1301 return LDB_ERR_OPERATIONS_ERROR;
1304 /* set a spy so that we do not try to use the request context
1305 * if it is freed before ltdb_callback fires */
1306 ac->spy = talloc(req, struct ltdb_req_spy);
1307 if (NULL == ac->spy) {
1309 return LDB_ERR_OPERATIONS_ERROR;
1313 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1318 static int ltdb_init_rootdse(struct ldb_module *module)
1320 struct ldb_context *ldb;
1323 ldb = ldb_module_get_ctx(module);
1325 ret = ldb_mod_register_control(module,
1326 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1327 /* ignore errors on this - we expect it for non-sam databases */
1329 /* there can be no module beyond the backend, just return */
1333 static const struct ldb_module_ops ltdb_ops = {
1335 .init_context = ltdb_init_rootdse,
1336 .search = ltdb_handle_request,
1337 .add = ltdb_handle_request,
1338 .modify = ltdb_handle_request,
1339 .del = ltdb_handle_request,
1340 .rename = ltdb_handle_request,
1341 .extended = ltdb_handle_request,
1342 .start_transaction = ltdb_start_trans,
1343 .end_transaction = ltdb_end_trans,
1344 .prepare_commit = ltdb_prepare_commit,
1345 .del_transaction = ltdb_del_trans,
1349 connect to the database
1351 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1352 unsigned int flags, const char *options[],
1353 struct ldb_module **_module)
1355 struct ldb_module *module;
1357 int tdb_flags, open_flags;
1358 struct ltdb_private *ltdb;
1361 if (strchr(url, ':')) {
1362 if (strncmp(url, "tdb://", 6) != 0) {
1363 ldb_debug(ldb, LDB_DEBUG_ERROR,
1364 "Invalid tdb URL '%s'", url);
1365 return LDB_ERR_OPERATIONS_ERROR;
1372 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1374 /* check for the 'nosync' option */
1375 if (flags & LDB_FLG_NOSYNC) {
1376 tdb_flags |= TDB_NOSYNC;
1379 /* and nommap option */
1380 if (flags & LDB_FLG_NOMMAP) {
1381 tdb_flags |= TDB_NOMMAP;
1384 if (flags & LDB_FLG_RDONLY) {
1385 open_flags = O_RDONLY;
1387 open_flags = O_CREAT | O_RDWR;
1390 ltdb = talloc_zero(ldb, struct ltdb_private);
1393 return LDB_ERR_OPERATIONS_ERROR;
1396 /* note that we use quite a large default hash size */
1397 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1398 tdb_flags, open_flags,
1399 ldb_get_create_perms(ldb), ldb);
1401 ldb_debug(ldb, LDB_DEBUG_ERROR,
1402 "Unable to open tdb '%s'", path);
1404 return LDB_ERR_OPERATIONS_ERROR;
1407 ltdb->sequence_number = 0;
1409 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1412 return LDB_ERR_OPERATIONS_ERROR;
1414 ldb_module_set_private(module, ltdb);
1415 talloc_steal(module, ltdb);
1417 if (ltdb_cache_load(module) != 0) {
1418 talloc_free(module);
1420 return LDB_ERR_OPERATIONS_ERROR;
1427 _PRIVATE_ const struct ldb_backend_ops ldb_tdb_backend_ops = {
1429 .connect_fn = ltdb_connect,