4 Copyright (C) Andrew Bartlett 2005-2009
5 Copyright (C) Simo Sorce 2006-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb rdn name module
30 * Description: keep a consistent name attribute on objects manpulations
32 * Author: Andrew Bartlett
35 * - made the module async
39 #include "ldb_includes.h"
40 #include "ldb_module.h"
42 struct rename_context {
43 struct ldb_module *module;
44 struct ldb_request *req;
46 struct ldb_reply *ares;
49 static int rdn_name_add_callback(struct ldb_request *req,
50 struct ldb_reply *ares)
52 struct rename_context *ac;
54 ac = talloc_get_type(req->context, struct rename_context);
57 return ldb_module_done(ac->req, NULL, NULL,
58 LDB_ERR_OPERATIONS_ERROR);
61 if (ares->type == LDB_REPLY_REFERRAL) {
62 return ldb_module_send_referral(ac->req, ares->referral);
65 if (ares->error != LDB_SUCCESS) {
66 return ldb_module_done(ac->req, ares->controls,
67 ares->response, ares->error);
70 if (ares->type != LDB_REPLY_DONE) {
71 return ldb_module_done(ac->req, NULL, NULL,
72 LDB_ERR_OPERATIONS_ERROR);
75 return ldb_module_done(ac->req, ares->controls,
76 ares->response, LDB_SUCCESS);
79 static int rdn_name_add(struct ldb_module *module, struct ldb_request *req)
81 struct ldb_context *ldb;
82 struct ldb_request *down_req;
83 struct rename_context *ac;
84 struct ldb_message *msg;
85 struct ldb_message_element *attribute;
86 const struct ldb_schema_attribute *a;
88 struct ldb_val rdn_val;
92 ldb = ldb_module_get_ctx(module);
94 /* do not manipulate our control entries */
95 if (ldb_dn_is_special(req->op.add.message->dn)) {
96 return ldb_next_request(module, req);
99 ac = talloc_zero(req, struct rename_context);
101 return LDB_ERR_OPERATIONS_ERROR;
107 msg = ldb_msg_copy_shallow(req, req->op.add.message);
109 return LDB_ERR_OPERATIONS_ERROR;
112 rdn_name = ldb_dn_get_rdn_name(msg->dn);
113 if (rdn_name == NULL) {
114 return LDB_ERR_OPERATIONS_ERROR;
117 rdn_val = ldb_val_dup(msg, ldb_dn_get_rdn_val(msg->dn));
119 /* Perhaps someone above us tried to set this? */
120 if ((attribute = ldb_msg_find_element(msg, "name")) != NULL ) {
121 attribute->num_values = 0;
124 ret = ldb_msg_add_value(msg, "name", &rdn_val, NULL);
125 if (ret != LDB_SUCCESS) {
129 a = ldb_schema_attribute_by_name(ldb, rdn_name);
131 return LDB_ERR_OPERATIONS_ERROR;
134 attribute = ldb_msg_find_element(msg, rdn_name);
136 /* add entry with normalised RDN information if possible */
137 if (a->name != NULL) {
138 ret = ldb_msg_add_value(msg, a->name, &rdn_val, NULL);
140 ret = ldb_msg_add_value(msg, rdn_name, &rdn_val, NULL);
142 if (ret != LDB_SUCCESS) {
146 /* normalise attribute name if possible */
147 if (a->name != NULL) {
148 attribute->name = a->name;
150 /* normalise attribute value */
151 for (i = 0; i < attribute->num_values; i++) {
152 ret = a->syntax->comparison_fn(ldb, msg,
153 &rdn_val, &attribute->values[i]);
155 /* overwrite so it matches in case */
156 attribute->values[i] = rdn_val;
160 if (i == attribute->num_values) {
161 char *rdn_errstring = talloc_asprintf(ac,
162 "RDN mismatch on %s: %s (%.*s) should match one of:",
163 ldb_dn_get_linearized(msg->dn), rdn_name,
164 (int)rdn_val.length, (const char *)rdn_val.data);
165 for (i = 0; i < attribute->num_values; i++) {
166 rdn_errstring = talloc_asprintf_append(
167 rdn_errstring, " (%.*s)",
168 (int)attribute->values[i].length,
169 (const char *)attribute->values[i].data);
171 ldb_set_errstring(ldb, rdn_errstring);
172 /* Match AD's error here */
173 return LDB_ERR_INVALID_DN_SYNTAX;
177 ret = ldb_build_add_req(&down_req, ldb, req,
180 ac, rdn_name_add_callback,
182 if (ret != LDB_SUCCESS) {
186 talloc_steal(down_req, msg);
188 /* go on with the call chain */
189 return ldb_next_request(module, down_req);
192 static int rdn_modify_callback(struct ldb_request *req, struct ldb_reply *ares)
194 struct rename_context *ac;
196 ac = talloc_get_type(req->context, struct rename_context);
199 return ldb_module_done(ac->req, NULL, NULL,
200 LDB_ERR_OPERATIONS_ERROR);
203 if (ares->type == LDB_REPLY_REFERRAL) {
204 return ldb_module_send_referral(ac->req, ares->referral);
207 if (ares->error != LDB_SUCCESS) {
208 return ldb_module_done(ac->req, ares->controls,
209 ares->response, ares->error);
212 /* the only supported reply right now is a LDB_REPLY_DONE */
213 if (ares->type != LDB_REPLY_DONE) {
214 return ldb_module_done(ac->req, NULL, NULL,
215 LDB_ERR_OPERATIONS_ERROR);
218 /* send saved controls eventually */
219 return ldb_module_done(ac->req, ac->ares->controls,
220 ac->ares->response, LDB_SUCCESS);
223 static int rdn_rename_callback(struct ldb_request *req, struct ldb_reply *ares)
225 struct ldb_context *ldb;
226 struct rename_context *ac;
227 struct ldb_request *mod_req;
228 const char *rdn_name;
229 struct ldb_val rdn_val;
230 struct ldb_message *msg;
233 ac = talloc_get_type(req->context, struct rename_context);
234 ldb = ldb_module_get_ctx(ac->module);
240 if (ares->type == LDB_REPLY_REFERRAL) {
241 return ldb_module_send_referral(ac->req, ares->referral);
244 if (ares->error != LDB_SUCCESS) {
245 return ldb_module_done(ac->req, ares->controls,
246 ares->response, ares->error);
249 /* the only supported reply right now is a LDB_REPLY_DONE */
250 if (ares->type != LDB_REPLY_DONE) {
254 /* save reply for caller */
255 ac->ares = talloc_steal(ac, ares);
257 msg = ldb_msg_new(ac);
261 msg->dn = ldb_dn_copy(msg, ac->req->op.rename.newdn);
262 if (msg->dn == NULL) {
265 rdn_name = ldb_dn_get_rdn_name(ac->req->op.rename.newdn);
266 if (rdn_name == NULL) {
270 rdn_val = ldb_val_dup(msg, ldb_dn_get_rdn_val(ac->req->op.rename.newdn));
272 if (ldb_msg_add_empty(msg, rdn_name, LDB_FLAG_MOD_REPLACE, NULL) != 0) {
275 if (ldb_msg_add_value(msg, rdn_name, &rdn_val, NULL) != 0) {
278 if (ldb_msg_add_empty(msg, "name", LDB_FLAG_MOD_REPLACE, NULL) != 0) {
281 if (ldb_msg_add_value(msg, "name", &rdn_val, NULL) != 0) {
285 ret = ldb_build_mod_req(&mod_req, ldb,
287 ac, rdn_modify_callback,
289 if (ret != LDB_SUCCESS) {
290 return ldb_module_done(ac->req, NULL, NULL, ret);
292 talloc_steal(mod_req, msg);
294 /* go on with the call chain */
295 return ldb_next_request(ac->module, mod_req);
298 return ldb_module_done(ac->req, NULL, NULL,
299 LDB_ERR_OPERATIONS_ERROR);
302 static int rdn_name_rename(struct ldb_module *module, struct ldb_request *req)
304 struct ldb_context *ldb;
305 struct rename_context *ac;
306 struct ldb_request *down_req;
309 ldb = ldb_module_get_ctx(module);
311 /* do not manipulate our control entries */
312 if (ldb_dn_is_special(req->op.rename.newdn)) {
313 return ldb_next_request(module, req);
316 ac = talloc_zero(req, struct rename_context);
318 return LDB_ERR_OPERATIONS_ERROR;
324 ret = ldb_build_rename_req(&down_req,
327 req->op.rename.olddn,
328 req->op.rename.newdn,
334 if (ret != LDB_SUCCESS) {
338 /* rename first, modify "name" if rename is ok */
339 return ldb_next_request(module, down_req);
342 static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
344 struct ldb_context *ldb;
346 ldb = ldb_module_get_ctx(module);
348 /* do not manipulate our control entries */
349 if (ldb_dn_is_special(req->op.mod.message->dn)) {
350 return ldb_next_request(module, req);
353 if (ldb_msg_find_element(req->op.mod.message, "name")) {
354 ldb_asprintf_errstring(ldb, "Modify of 'name' on %s not permitted, must use 'rename' operation instead",
355 ldb_dn_get_linearized(req->op.mod.message->dn));
356 return LDB_ERR_NOT_ALLOWED_ON_RDN;
359 if (ldb_msg_find_element(req->op.mod.message, ldb_dn_get_rdn_name(req->op.mod.message->dn))) {
360 ldb_asprintf_errstring(ldb, "Modify of RDN '%s' on %s not permitted, must use 'rename' operation instead",
361 ldb_dn_get_rdn_name(req->op.mod.message->dn), ldb_dn_get_linearized(req->op.mod.message->dn));
362 return LDB_ERR_NOT_ALLOWED_ON_RDN;
365 /* All OK, they kept their fingers out of the special attributes */
366 return ldb_next_request(module, req);
369 const struct ldb_module_ops ldb_rdn_name_module_ops = {
372 .modify = rdn_name_modify,
373 .rename = rdn_name_rename