4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
56 prevent memory errors on callbacks
59 struct ltdb_context *ctx;
63 map a tdb error code to a ldb error code
65 int ltdb_err_map(enum TDB_ERROR tdb_code)
73 return LDB_ERR_OPERATIONS_ERROR;
75 return LDB_ERR_PROTOCOL_ERROR;
79 case TDB_ERR_LOCK_TIMEOUT:
80 return LDB_ERR_TIME_LIMIT_EXCEEDED;
82 return LDB_ERR_ENTRY_ALREADY_EXISTS;
84 return LDB_ERR_NO_SUCH_OBJECT;
86 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
94 lock the database for read - use by ltdb_search and ltdb_sequence_number
96 int ltdb_lock_read(struct ldb_module *module)
98 void *data = ldb_module_get_private(module);
99 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
102 if (ltdb->in_transaction == 0 &&
103 ltdb->read_lock_count == 0) {
104 ret = tdb_lockall_read(ltdb->tdb);
107 ltdb->read_lock_count++;
113 unlock the database after a ltdb_lock_read()
115 int ltdb_unlock_read(struct ldb_module *module)
117 void *data = ldb_module_get_private(module);
118 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
119 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
120 tdb_unlockall_read(ltdb->tdb);
123 ltdb->read_lock_count--;
129 form a TDB_DATA for a record key
132 note that the key for a record can depend on whether the
133 dn refers to a case sensitive index record or not
135 TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
137 struct ldb_context *ldb = ldb_module_get_ctx(module);
139 char *key_str = NULL;
140 const char *dn_folded = NULL;
143 most DNs are case insensitive. The exception is index DNs for
144 case sensitive attributes
146 there are 3 cases dealt with in this code:
148 1) if the dn doesn't start with @ then uppercase the attribute
149 names and the attributes values of case insensitive attributes
150 2) if the dn starts with @ then leave it alone -
151 the indexing code handles the rest
154 dn_folded = ldb_dn_get_casefold(dn);
159 key_str = talloc_strdup(ldb, "DN=");
164 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
169 key.dptr = (uint8_t *)key_str;
170 key.dsize = strlen(key_str) + 1;
182 check special dn's have valid attributes
183 currently only @ATTRIBUTES is checked
185 static int ltdb_check_special_dn(struct ldb_module *module,
186 const struct ldb_message *msg)
188 struct ldb_context *ldb = ldb_module_get_ctx(module);
191 if (! ldb_dn_is_special(msg->dn) ||
192 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
196 /* we have @ATTRIBUTES, let's check attributes are fine */
197 /* should we check that we deny multivalued attributes ? */
198 for (i = 0; i < msg->num_elements; i++) {
199 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
201 for (j = 0; j < msg->elements[i].num_values; j++) {
202 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
203 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
204 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
214 we've made a modification to a dn - possibly reindex and
215 update sequence number
217 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
219 int ret = LDB_SUCCESS;
220 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
222 /* only allow modifies inside a transaction, otherwise the
224 if (ltdb->in_transaction == 0) {
225 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
226 return LDB_ERR_OPERATIONS_ERROR;
229 if (ldb_dn_is_special(dn) &&
230 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
231 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
232 ret = ltdb_reindex(module);
235 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
236 if (ret == LDB_SUCCESS &&
237 !(ldb_dn_is_special(dn) &&
238 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
239 ret = ltdb_increase_sequence_number(module);
242 /* If the modify was to @OPTIONS, reload the cache */
243 if (ret == LDB_SUCCESS &&
244 ldb_dn_is_special(dn) &&
245 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
246 ret = ltdb_cache_reload(module);
253 store a record into the db
255 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
257 void *data = ldb_module_get_private(module);
258 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
259 TDB_DATA tdb_key, tdb_data;
260 int ret = LDB_SUCCESS;
262 tdb_key = ltdb_key(module, msg->dn);
263 if (tdb_key.dptr == NULL) {
264 return LDB_ERR_OTHER;
267 ret = ltdb_pack_data(module, msg, &tdb_data);
269 talloc_free(tdb_key.dptr);
270 return LDB_ERR_OTHER;
273 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
275 ret = ltdb_err_map(tdb_error(ltdb->tdb));
280 talloc_free(tdb_key.dptr);
281 talloc_free(tdb_data.dptr);
288 check if a attribute is a single valued, for a given element
290 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
291 struct ldb_message_element *el)
293 if (!a) return false;
295 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
296 /* override from a ldb module, for example
297 used for the description field, which is
298 marked multi-valued in the schema but which
299 should not actually accept multiple
303 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
304 /* override from a ldb module, for example used for
305 deleted linked attribute entries */
309 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
315 static int ltdb_add_internal(struct ldb_module *module,
316 const struct ldb_message *msg,
317 bool check_single_value)
319 struct ldb_context *ldb = ldb_module_get_ctx(module);
320 int ret = LDB_SUCCESS;
323 for (i=0;i<msg->num_elements;i++) {
324 struct ldb_message_element *el = &msg->elements[i];
325 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
327 if (el->num_values == 0) {
328 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
329 el->name, ldb_dn_get_linearized(msg->dn));
330 return LDB_ERR_CONSTRAINT_VIOLATION;
332 if (check_single_value &&
333 el->num_values > 1 &&
334 ldb_tdb_single_valued(a, el)) {
335 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
336 el->name, ldb_dn_get_linearized(msg->dn));
337 return LDB_ERR_CONSTRAINT_VIOLATION;
341 ret = ltdb_store(module, msg, TDB_INSERT);
342 if (ret != LDB_SUCCESS) {
343 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
344 ldb_asprintf_errstring(ldb,
345 "Entry %s already exists",
346 ldb_dn_get_linearized(msg->dn));
351 ret = ltdb_index_add_new(module, msg);
352 if (ret != LDB_SUCCESS) {
356 ret = ltdb_modified(module, msg->dn);
362 add a record to the database
364 static int ltdb_add(struct ltdb_context *ctx)
366 struct ldb_module *module = ctx->module;
367 struct ldb_request *req = ctx->req;
368 int ret = LDB_SUCCESS;
370 ret = ltdb_check_special_dn(module, req->op.add.message);
371 if (ret != LDB_SUCCESS) {
375 ldb_request_set_state(req, LDB_ASYNC_PENDING);
377 if (ltdb_cache_load(module) != 0) {
378 return LDB_ERR_OPERATIONS_ERROR;
381 ret = ltdb_add_internal(module, req->op.add.message, true);
387 delete a record from the database, not updating indexes (used for deleting
390 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
392 void *data = ldb_module_get_private(module);
393 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
397 tdb_key = ltdb_key(module, dn);
399 return LDB_ERR_OTHER;
402 ret = tdb_delete(ltdb->tdb, tdb_key);
403 talloc_free(tdb_key.dptr);
406 ret = ltdb_err_map(tdb_error(ltdb->tdb));
412 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
414 struct ldb_message *msg;
415 int ret = LDB_SUCCESS;
417 msg = ldb_msg_new(module);
419 return LDB_ERR_OPERATIONS_ERROR;
422 /* in case any attribute of the message was indexed, we need
423 to fetch the old record */
424 ret = ltdb_search_dn1(module, dn, msg);
425 if (ret != LDB_SUCCESS) {
426 /* not finding the old record is an error */
430 ret = ltdb_delete_noindex(module, dn);
431 if (ret != LDB_SUCCESS) {
435 /* remove any indexed attributes */
436 ret = ltdb_index_delete(module, msg);
437 if (ret != LDB_SUCCESS) {
441 ret = ltdb_modified(module, dn);
442 if (ret != LDB_SUCCESS) {
452 delete a record from the database
454 static int ltdb_delete(struct ltdb_context *ctx)
456 struct ldb_module *module = ctx->module;
457 struct ldb_request *req = ctx->req;
458 int ret = LDB_SUCCESS;
460 ldb_request_set_state(req, LDB_ASYNC_PENDING);
462 if (ltdb_cache_load(module) != 0) {
463 return LDB_ERR_OPERATIONS_ERROR;
466 ret = ltdb_delete_internal(module, req->op.del.dn);
472 find an element by attribute name. At the moment this does a linear search,
473 it should be re-coded to use a binary search once all places that modify
474 records guarantee sorted order
476 return the index of the first matching element if found, otherwise -1
478 static int find_element(const struct ldb_message *msg, const char *name)
481 for (i=0;i<msg->num_elements;i++) {
482 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
491 add an element to an existing record. Assumes a elements array that we
492 can call re-alloc on, and assumed that we can re-use the data pointers from
493 the passed in additional values. Use with care!
495 returns 0 on success, -1 on failure (and sets errno)
497 static int ltdb_msg_add_element(struct ldb_context *ldb,
498 struct ldb_message *msg,
499 struct ldb_message_element *el)
501 struct ldb_message_element *e2;
504 if (el->num_values == 0) {
505 /* nothing to do here - we don't add empty elements */
509 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
510 msg->num_elements+1);
518 e2 = &msg->elements[msg->num_elements];
521 e2->flags = el->flags;
522 e2->values = talloc_array(msg->elements,
523 struct ldb_val, el->num_values);
528 for (i=0;i<el->num_values;i++) {
529 e2->values[i] = el->values[i];
531 e2->num_values = el->num_values;
539 delete all elements having a specified attribute name
541 static int msg_delete_attribute(struct ldb_module *module,
542 struct ldb_context *ldb,
543 struct ldb_message *msg, const char *name)
547 struct ldb_message_element *el;
549 el = ldb_msg_find_element(msg, name);
551 return LDB_ERR_NO_SUCH_ATTRIBUTE;
553 i = el - msg->elements;
555 ret = ltdb_index_del_element(module, msg->dn, el);
556 if (ret != LDB_SUCCESS) {
560 talloc_free(el->values);
561 if (msg->num_elements > (i+1)) {
562 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
565 msg->elements = talloc_realloc(msg, msg->elements,
566 struct ldb_message_element,
572 delete all elements matching an attribute name/value
574 return LDB Error on failure
576 static int msg_delete_element(struct ldb_module *module,
577 struct ldb_message *msg,
579 const struct ldb_val *val)
581 struct ldb_context *ldb = ldb_module_get_ctx(module);
584 struct ldb_message_element *el;
585 const struct ldb_schema_attribute *a;
587 found = find_element(msg, name);
589 return LDB_ERR_NO_SUCH_ATTRIBUTE;
592 i = (unsigned int) found;
593 el = &(msg->elements[i]);
595 a = ldb_schema_attribute_by_name(ldb, el->name);
597 for (i=0;i<el->num_values;i++) {
599 if (a->syntax->operator_fn) {
600 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
601 &el->values[i], val, &matched);
602 if (ret != LDB_SUCCESS) return ret;
604 matched = (a->syntax->comparison_fn(ldb, ldb,
605 &el->values[i], val) == 0);
608 if (el->num_values == 1) {
609 return msg_delete_attribute(module, ldb, msg, name);
612 ret = ltdb_index_del_value(module, msg->dn, el, i);
613 if (ret != LDB_SUCCESS) {
617 if (i<el->num_values-1) {
618 memmove(&el->values[i], &el->values[i+1],
619 sizeof(el->values[i])*
620 (el->num_values-(i+1)));
624 /* per definition we find in a canonicalised message an
625 attribute value only once. So we are finished here */
631 return LDB_ERR_NO_SUCH_ATTRIBUTE;
636 modify a record - internal interface
638 yuck - this is O(n^2). Luckily n is usually small so we probably
639 get away with it, but if we ever have really large attribute lists
640 then we'll need to look at this again
642 'req' is optional, and is used to specify controls if supplied
644 int ltdb_modify_internal(struct ldb_module *module,
645 const struct ldb_message *msg,
646 struct ldb_request *req)
648 struct ldb_context *ldb = ldb_module_get_ctx(module);
649 void *data = ldb_module_get_private(module);
650 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
651 TDB_DATA tdb_key, tdb_data;
652 struct ldb_message *msg2;
653 unsigned int i, j, k;
654 int ret = LDB_SUCCESS, idx;
655 struct ldb_control *control_permissive = NULL;
658 control_permissive = ldb_request_get_control(req,
659 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
662 tdb_key = ltdb_key(module, msg->dn);
664 return LDB_ERR_OTHER;
667 tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
668 if (!tdb_data.dptr) {
669 talloc_free(tdb_key.dptr);
670 return ltdb_err_map(tdb_error(ltdb->tdb));
673 msg2 = ldb_msg_new(tdb_key.dptr);
680 ret = ltdb_unpack_data(module, &tdb_data, msg2);
691 for (i=0; i<msg->num_elements; i++) {
692 struct ldb_message_element *el = &msg->elements[i], *el2;
693 struct ldb_val *vals;
694 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
697 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
698 case LDB_FLAG_MOD_ADD:
700 if (el->num_values == 0) {
701 ldb_asprintf_errstring(ldb,
702 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
703 el->name, ldb_dn_get_linearized(msg2->dn));
704 ret = LDB_ERR_CONSTRAINT_VIOLATION;
708 /* make a copy of the array so that a permissive
709 * control can remove duplicates without changing the
710 * original values, but do not copy data as we do not
711 * need to keep it around once the operation is
713 if (control_permissive) {
714 el = talloc(msg2, struct ldb_message_element);
719 *el = msg->elements[i];
720 el->values = talloc_array(el, struct ldb_val, el->num_values);
721 if (el->values == NULL) {
725 for (j = 0; j < el->num_values; j++) {
726 el->values[j] = msg->elements[i].values[j];
730 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
731 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
732 el->name, ldb_dn_get_linearized(msg2->dn));
733 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
737 /* Checks if element already exists */
738 idx = find_element(msg2, el->name);
740 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
744 ret = ltdb_index_add_element(module, msg2->dn,
746 if (ret != LDB_SUCCESS) {
750 j = (unsigned int) idx;
751 el2 = &(msg2->elements[j]);
753 /* We cannot add another value on a existing one
754 if the attribute is single-valued */
755 if (ldb_tdb_single_valued(a, el)) {
756 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
757 el->name, ldb_dn_get_linearized(msg2->dn));
758 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
762 /* Check that values don't exist yet on multi-
763 valued attributes or aren't provided twice */
764 for (j = 0; j < el->num_values; j++) {
765 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
766 if (control_permissive) {
767 /* remove this one as if it was never added */
769 for (k = j; k < el->num_values; k++) {
770 el->values[k] = el->values[k + 1];
777 ldb_asprintf_errstring(ldb,
778 "attribute '%s': value #%u on '%s' already exists",
779 el->name, j, ldb_dn_get_linearized(msg2->dn));
780 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
783 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
784 ldb_asprintf_errstring(ldb,
785 "attribute '%s': value #%u on '%s' provided more than once",
786 el->name, j, ldb_dn_get_linearized(msg2->dn));
787 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
792 /* Now combine existing and new values to a new
794 vals = talloc_realloc(msg2->elements,
795 el2->values, struct ldb_val,
796 el2->num_values + el->num_values);
803 for (j=0; j<el->num_values; j++) {
804 vals[el2->num_values + j] =
805 ldb_val_dup(vals, &el->values[j]);
809 el2->num_values += el->num_values;
811 ret = ltdb_index_add_element(module, msg2->dn, el);
812 if (ret != LDB_SUCCESS) {
819 case LDB_FLAG_MOD_REPLACE:
821 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
822 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
823 el->name, ldb_dn_get_linearized(msg2->dn));
824 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
828 /* TODO: This is O(n^2) - replace with more efficient check */
829 for (j=0; j<el->num_values; j++) {
830 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
831 ldb_asprintf_errstring(ldb,
832 "attribute '%s': value #%u on '%s' provided more than once",
833 el->name, j, ldb_dn_get_linearized(msg2->dn));
834 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
839 /* Checks if element already exists */
840 idx = find_element(msg2, el->name);
842 j = (unsigned int) idx;
843 el2 = &(msg2->elements[j]);
845 /* we consider two elements to be
846 * equal only if the order
847 * matches. This allows dbcheck to
848 * fix the ordering on attributes
849 * where order matters, such as
852 if (ldb_msg_element_equal_ordered(el, el2)) {
856 /* Delete the attribute if it exists in the DB */
857 if (msg_delete_attribute(module, ldb, msg2,
864 /* Recreate it with the new values */
865 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
870 ret = ltdb_index_add_element(module, msg2->dn, el);
871 if (ret != LDB_SUCCESS) {
877 case LDB_FLAG_MOD_DELETE:
878 dn = ldb_dn_get_linearized(msg2->dn);
884 if (msg->elements[i].num_values == 0) {
885 /* Delete the whole attribute */
886 ret = msg_delete_attribute(module, ldb, msg2,
887 msg->elements[i].name);
888 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
889 control_permissive) {
892 ldb_asprintf_errstring(ldb,
893 "attribute '%s': no such attribute for delete on '%s'",
894 msg->elements[i].name, dn);
896 if (ret != LDB_SUCCESS) {
900 /* Delete specified values from an attribute */
901 for (j=0; j < msg->elements[i].num_values; j++) {
902 ret = msg_delete_element(module,
904 msg->elements[i].name,
905 &msg->elements[i].values[j]);
906 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
907 control_permissive) {
910 ldb_asprintf_errstring(ldb,
911 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
912 msg->elements[i].name, dn);
914 if (ret != LDB_SUCCESS) {
921 ldb_asprintf_errstring(ldb,
922 "attribute '%s': invalid modify flags on '%s': 0x%x",
923 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
924 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
925 ret = LDB_ERR_PROTOCOL_ERROR;
930 ret = ltdb_store(module, msg2, TDB_MODIFY);
931 if (ret != LDB_SUCCESS) {
935 ret = ltdb_modified(module, msg2->dn);
936 if (ret != LDB_SUCCESS) {
941 talloc_free(tdb_key.dptr);
948 static int ltdb_modify(struct ltdb_context *ctx)
950 struct ldb_module *module = ctx->module;
951 struct ldb_request *req = ctx->req;
952 int ret = LDB_SUCCESS;
954 ret = ltdb_check_special_dn(module, req->op.mod.message);
955 if (ret != LDB_SUCCESS) {
959 ldb_request_set_state(req, LDB_ASYNC_PENDING);
961 if (ltdb_cache_load(module) != 0) {
962 return LDB_ERR_OPERATIONS_ERROR;
965 ret = ltdb_modify_internal(module, req->op.mod.message, req);
973 static int ltdb_rename(struct ltdb_context *ctx)
975 struct ldb_module *module = ctx->module;
976 struct ldb_request *req = ctx->req;
977 struct ldb_message *msg;
978 int ret = LDB_SUCCESS;
980 ldb_request_set_state(req, LDB_ASYNC_PENDING);
982 if (ltdb_cache_load(ctx->module) != 0) {
983 return LDB_ERR_OPERATIONS_ERROR;
986 msg = ldb_msg_new(ctx);
988 return LDB_ERR_OPERATIONS_ERROR;
991 /* in case any attribute of the message was indexed, we need
992 to fetch the old record */
993 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
994 if (ret != LDB_SUCCESS) {
995 /* not finding the old record is an error */
999 /* Always delete first then add, to avoid conflicts with
1000 * unique indexes. We rely on the transaction to make this
1003 ret = ltdb_delete_internal(module, msg->dn);
1004 if (ret != LDB_SUCCESS) {
1008 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1009 if (msg->dn == NULL) {
1010 return LDB_ERR_OPERATIONS_ERROR;
1013 /* We don't check single value as we can have more than 1 with
1014 * deleted attributes. We could go through all elements but that's
1015 * maybe not the most efficient way
1017 ret = ltdb_add_internal(module, msg, false);
1022 static int ltdb_start_trans(struct ldb_module *module)
1024 void *data = ldb_module_get_private(module);
1025 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1027 if (tdb_transaction_start(ltdb->tdb) != 0) {
1028 return ltdb_err_map(tdb_error(ltdb->tdb));
1031 ltdb->in_transaction++;
1033 ltdb_index_transaction_start(module);
1038 static int ltdb_prepare_commit(struct ldb_module *module)
1040 void *data = ldb_module_get_private(module);
1041 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1043 if (ltdb->in_transaction != 1) {
1047 if (ltdb_index_transaction_commit(module) != 0) {
1048 tdb_transaction_cancel(ltdb->tdb);
1049 ltdb->in_transaction--;
1050 return ltdb_err_map(tdb_error(ltdb->tdb));
1053 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1054 ltdb->in_transaction--;
1055 return ltdb_err_map(tdb_error(ltdb->tdb));
1058 ltdb->prepared_commit = true;
1063 static int ltdb_end_trans(struct ldb_module *module)
1065 void *data = ldb_module_get_private(module);
1066 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1068 if (!ltdb->prepared_commit) {
1069 int ret = ltdb_prepare_commit(module);
1070 if (ret != LDB_SUCCESS) {
1075 ltdb->in_transaction--;
1076 ltdb->prepared_commit = false;
1078 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1079 return ltdb_err_map(tdb_error(ltdb->tdb));
1085 static int ltdb_del_trans(struct ldb_module *module)
1087 void *data = ldb_module_get_private(module);
1088 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1090 ltdb->in_transaction--;
1092 if (ltdb_index_transaction_cancel(module) != 0) {
1093 tdb_transaction_cancel(ltdb->tdb);
1094 return ltdb_err_map(tdb_error(ltdb->tdb));
1097 tdb_transaction_cancel(ltdb->tdb);
1102 return sequenceNumber from @BASEINFO
1104 static int ltdb_sequence_number(struct ltdb_context *ctx,
1105 struct ldb_extended **ext)
1107 struct ldb_context *ldb;
1108 struct ldb_module *module = ctx->module;
1109 struct ldb_request *req = ctx->req;
1110 TALLOC_CTX *tmp_ctx = NULL;
1111 struct ldb_seqnum_request *seq;
1112 struct ldb_seqnum_result *res;
1113 struct ldb_message *msg = NULL;
1116 int ret = LDB_SUCCESS;
1118 ldb = ldb_module_get_ctx(module);
1120 seq = talloc_get_type(req->op.extended.data,
1121 struct ldb_seqnum_request);
1123 return LDB_ERR_OPERATIONS_ERROR;
1126 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1128 if (ltdb_lock_read(module) != 0) {
1129 return LDB_ERR_OPERATIONS_ERROR;
1132 res = talloc_zero(req, struct ldb_seqnum_result);
1134 ret = LDB_ERR_OPERATIONS_ERROR;
1138 tmp_ctx = talloc_new(req);
1139 if (tmp_ctx == NULL) {
1140 ret = LDB_ERR_OPERATIONS_ERROR;
1144 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1146 ret = LDB_ERR_OPERATIONS_ERROR;
1150 msg = ldb_msg_new(tmp_ctx);
1152 ret = LDB_ERR_OPERATIONS_ERROR;
1156 ret = ltdb_search_dn1(module, dn, msg);
1157 if (ret != LDB_SUCCESS) {
1161 switch (seq->type) {
1162 case LDB_SEQ_HIGHEST_SEQ:
1163 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1166 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1169 case LDB_SEQ_HIGHEST_TIMESTAMP:
1170 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1172 res->seq_num = ldb_string_to_time(date);
1175 /* zero is as good as anything when we don't know */
1180 *ext = talloc_zero(req, struct ldb_extended);
1182 ret = LDB_ERR_OPERATIONS_ERROR;
1185 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1186 (*ext)->data = talloc_steal(*ext, res);
1189 talloc_free(tmp_ctx);
1190 ltdb_unlock_read(module);
1194 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1196 struct ldb_context *ldb;
1197 struct ldb_request *req;
1198 struct ldb_reply *ares;
1200 ldb = ldb_module_get_ctx(ctx->module);
1203 /* if we already returned an error just return */
1204 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1208 ares = talloc_zero(req, struct ldb_reply);
1211 req->callback(req, NULL);
1214 ares->type = LDB_REPLY_DONE;
1215 ares->error = error;
1217 req->callback(req, ares);
1220 static void ltdb_timeout(struct tevent_context *ev,
1221 struct tevent_timer *te,
1225 struct ltdb_context *ctx;
1226 ctx = talloc_get_type(private_data, struct ltdb_context);
1228 if (!ctx->request_terminated) {
1229 /* request is done now */
1230 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1234 /* neutralize the spy */
1235 ctx->spy->ctx = NULL;
1241 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1242 struct ldb_extended *ext,
1245 struct ldb_context *ldb;
1246 struct ldb_request *req;
1247 struct ldb_reply *ares;
1249 ldb = ldb_module_get_ctx(ctx->module);
1252 /* if we already returned an error just return */
1253 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1257 ares = talloc_zero(req, struct ldb_reply);
1260 req->callback(req, NULL);
1263 ares->type = LDB_REPLY_DONE;
1264 ares->response = ext;
1265 ares->error = error;
1267 req->callback(req, ares);
1270 static void ltdb_handle_extended(struct ltdb_context *ctx)
1272 struct ldb_extended *ext = NULL;
1275 if (strcmp(ctx->req->op.extended.oid,
1276 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1277 /* get sequence number */
1278 ret = ltdb_sequence_number(ctx, &ext);
1280 /* not recognized */
1281 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1284 ltdb_request_extended_done(ctx, ext, ret);
1287 static void ltdb_callback(struct tevent_context *ev,
1288 struct tevent_timer *te,
1292 struct ltdb_context *ctx;
1295 ctx = talloc_get_type(private_data, struct ltdb_context);
1297 if (ctx->request_terminated) {
1301 switch (ctx->req->operation) {
1303 ret = ltdb_search(ctx);
1306 ret = ltdb_add(ctx);
1309 ret = ltdb_modify(ctx);
1312 ret = ltdb_delete(ctx);
1315 ret = ltdb_rename(ctx);
1318 ltdb_handle_extended(ctx);
1321 /* no other op supported */
1322 ret = LDB_ERR_PROTOCOL_ERROR;
1325 if (!ctx->request_terminated) {
1326 /* request is done now */
1327 ltdb_request_done(ctx, ret);
1332 /* neutralize the spy */
1333 ctx->spy->ctx = NULL;
1339 static int ltdb_request_destructor(void *ptr)
1341 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1343 if (spy->ctx != NULL) {
1344 spy->ctx->spy = NULL;
1345 spy->ctx->request_terminated = true;
1352 static int ltdb_handle_request(struct ldb_module *module,
1353 struct ldb_request *req)
1355 struct ldb_control *control_permissive;
1356 struct ldb_context *ldb;
1357 struct tevent_context *ev;
1358 struct ltdb_context *ac;
1359 struct tevent_timer *te;
1363 ldb = ldb_module_get_ctx(module);
1365 control_permissive = ldb_request_get_control(req,
1366 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1368 for (i = 0; req->controls && req->controls[i]; i++) {
1369 if (req->controls[i]->critical &&
1370 req->controls[i] != control_permissive) {
1371 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1372 req->controls[i]->oid);
1373 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1377 if (req->starttime == 0 || req->timeout == 0) {
1378 ldb_set_errstring(ldb, "Invalid timeout settings");
1379 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1382 ev = ldb_get_event_context(ldb);
1384 ac = talloc_zero(ldb, struct ltdb_context);
1387 return LDB_ERR_OPERATIONS_ERROR;
1390 ac->module = module;
1395 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1398 return LDB_ERR_OPERATIONS_ERROR;
1401 tv.tv_sec = req->starttime + req->timeout;
1402 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1403 if (NULL == ac->timeout_event) {
1405 return LDB_ERR_OPERATIONS_ERROR;
1408 /* set a spy so that we do not try to use the request context
1409 * if it is freed before ltdb_callback fires */
1410 ac->spy = talloc(req, struct ltdb_req_spy);
1411 if (NULL == ac->spy) {
1413 return LDB_ERR_OPERATIONS_ERROR;
1417 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1422 static int ltdb_init_rootdse(struct ldb_module *module)
1424 /* ignore errors on this - we expect it for non-sam databases */
1425 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1427 /* there can be no module beyond the backend, just return */
1431 static const struct ldb_module_ops ltdb_ops = {
1433 .init_context = ltdb_init_rootdse,
1434 .search = ltdb_handle_request,
1435 .add = ltdb_handle_request,
1436 .modify = ltdb_handle_request,
1437 .del = ltdb_handle_request,
1438 .rename = ltdb_handle_request,
1439 .extended = ltdb_handle_request,
1440 .start_transaction = ltdb_start_trans,
1441 .end_transaction = ltdb_end_trans,
1442 .prepare_commit = ltdb_prepare_commit,
1443 .del_transaction = ltdb_del_trans,
1447 connect to the database
1449 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1450 unsigned int flags, const char *options[],
1451 struct ldb_module **_module)
1453 struct ldb_module *module;
1455 int tdb_flags, open_flags;
1456 struct ltdb_private *ltdb;
1459 if (strchr(url, ':')) {
1460 if (strncmp(url, "tdb://", 6) != 0) {
1461 ldb_debug(ldb, LDB_DEBUG_ERROR,
1462 "Invalid tdb URL '%s'", url);
1463 return LDB_ERR_OPERATIONS_ERROR;
1470 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1472 /* check for the 'nosync' option */
1473 if (flags & LDB_FLG_NOSYNC) {
1474 tdb_flags |= TDB_NOSYNC;
1477 /* and nommap option */
1478 if (flags & LDB_FLG_NOMMAP) {
1479 tdb_flags |= TDB_NOMMAP;
1482 if (flags & LDB_FLG_RDONLY) {
1483 open_flags = O_RDONLY;
1485 open_flags = O_CREAT | O_RDWR;
1488 ltdb = talloc_zero(ldb, struct ltdb_private);
1491 return LDB_ERR_OPERATIONS_ERROR;
1494 /* note that we use quite a large default hash size */
1495 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1496 tdb_flags, open_flags,
1497 ldb_get_create_perms(ldb), ldb);
1499 ldb_asprintf_errstring(ldb,
1500 "Unable to open tdb '%s'", path);
1501 ldb_debug(ldb, LDB_DEBUG_ERROR,
1502 "Unable to open tdb '%s'", path);
1504 return LDB_ERR_OPERATIONS_ERROR;
1507 if (getenv("LDB_WARN_UNINDEXED")) {
1508 ltdb->warn_unindexed = true;
1511 ltdb->sequence_number = 0;
1513 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1517 return LDB_ERR_OPERATIONS_ERROR;
1519 ldb_module_set_private(module, ltdb);
1520 talloc_steal(module, ltdb);
1522 if (ltdb_cache_load(module) != 0) {
1523 ldb_asprintf_errstring(ldb,
1524 "Unable to load ltdb cache records of tdb '%s'", path);
1525 talloc_free(module);
1526 return LDB_ERR_OPERATIONS_ERROR;
1533 int ldb_tdb_init(const char *version)
1535 LDB_MODULE_CHECK_VERSION(version);
1536 return ldb_register_backend("tdb", ltdb_connect, false);