4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
56 prevent memory errors on callbacks
59 struct ltdb_context *ctx;
63 map a tdb error code to a ldb error code
65 int ltdb_err_map(enum TDB_ERROR tdb_code)
73 return LDB_ERR_OPERATIONS_ERROR;
75 return LDB_ERR_PROTOCOL_ERROR;
79 case TDB_ERR_LOCK_TIMEOUT:
80 return LDB_ERR_TIME_LIMIT_EXCEEDED;
82 return LDB_ERR_ENTRY_ALREADY_EXISTS;
84 return LDB_ERR_NO_SUCH_OBJECT;
86 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
94 lock the database for read - use by ltdb_search and ltdb_sequence_number
96 int ltdb_lock_read(struct ldb_module *module)
98 void *data = ldb_module_get_private(module);
99 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
102 if (ltdb->in_transaction == 0 &&
103 ltdb->read_lock_count == 0) {
104 ret = tdb_lockall_read(ltdb->tdb);
107 ltdb->read_lock_count++;
113 unlock the database after a ltdb_lock_read()
115 int ltdb_unlock_read(struct ldb_module *module)
117 void *data = ldb_module_get_private(module);
118 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
119 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
120 tdb_unlockall_read(ltdb->tdb);
123 ltdb->read_lock_count--;
129 form a TDB_DATA for a record key
132 note that the key for a record can depend on whether the
133 dn refers to a case sensitive index record or not
135 TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
137 struct ldb_context *ldb = ldb_module_get_ctx(module);
139 char *key_str = NULL;
140 const char *dn_folded = NULL;
143 most DNs are case insensitive. The exception is index DNs for
144 case sensitive attributes
146 there are 3 cases dealt with in this code:
148 1) if the dn doesn't start with @ then uppercase the attribute
149 names and the attributes values of case insensitive attributes
150 2) if the dn starts with @ then leave it alone -
151 the indexing code handles the rest
154 dn_folded = ldb_dn_get_casefold(dn);
159 key_str = talloc_strdup(ldb, "DN=");
164 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
169 key.dptr = (uint8_t *)key_str;
170 key.dsize = strlen(key_str) + 1;
182 check special dn's have valid attributes
183 currently only @ATTRIBUTES is checked
185 static int ltdb_check_special_dn(struct ldb_module *module,
186 const struct ldb_message *msg)
188 struct ldb_context *ldb = ldb_module_get_ctx(module);
191 if (! ldb_dn_is_special(msg->dn) ||
192 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
196 /* we have @ATTRIBUTES, let's check attributes are fine */
197 /* should we check that we deny multivalued attributes ? */
198 for (i = 0; i < msg->num_elements; i++) {
199 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
201 for (j = 0; j < msg->elements[i].num_values; j++) {
202 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
203 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
204 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
214 we've made a modification to a dn - possibly reindex and
215 update sequence number
217 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
219 int ret = LDB_SUCCESS;
220 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
222 /* only allow modifies inside a transaction, otherwise the
224 if (ltdb->in_transaction == 0) {
225 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
226 return LDB_ERR_OPERATIONS_ERROR;
229 if (ldb_dn_is_special(dn) &&
230 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
231 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
232 ret = ltdb_reindex(module);
235 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
236 if (ret == LDB_SUCCESS &&
237 !(ldb_dn_is_special(dn) &&
238 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
239 ret = ltdb_increase_sequence_number(module);
242 /* If the modify was to @OPTIONS, reload the cache */
243 if (ret == LDB_SUCCESS &&
244 ldb_dn_is_special(dn) &&
245 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
246 ret = ltdb_cache_reload(module);
253 store a record into the db
255 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
257 void *data = ldb_module_get_private(module);
258 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
259 TDB_DATA tdb_key, tdb_data;
260 int ret = LDB_SUCCESS;
262 tdb_key = ltdb_key(module, msg->dn);
263 if (tdb_key.dptr == NULL) {
264 return LDB_ERR_OTHER;
267 ret = ltdb_pack_data(module, msg, &tdb_data);
269 talloc_free(tdb_key.dptr);
270 return LDB_ERR_OTHER;
273 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
275 ret = ltdb_err_map(tdb_error(ltdb->tdb));
280 talloc_free(tdb_key.dptr);
281 talloc_free(tdb_data.dptr);
288 check if a attribute is a single valued, for a given element
290 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
291 struct ldb_message_element *el)
293 if (!a) return false;
295 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
296 /* override from a ldb module, for example
297 used for the description field, which is
298 marked multi-valued in the schema but which
299 should not actually accept multiple
303 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
304 /* override from a ldb module, for example used for
305 deleted linked attribute entries */
309 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
315 static int ltdb_add_internal(struct ldb_module *module,
316 const struct ldb_message *msg,
317 bool check_single_value)
319 struct ldb_context *ldb = ldb_module_get_ctx(module);
320 int ret = LDB_SUCCESS;
323 for (i=0;i<msg->num_elements;i++) {
324 struct ldb_message_element *el = &msg->elements[i];
325 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
327 if (el->num_values == 0) {
328 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
329 el->name, ldb_dn_get_linearized(msg->dn));
330 return LDB_ERR_CONSTRAINT_VIOLATION;
332 if (check_single_value &&
333 el->num_values > 1 &&
334 ldb_tdb_single_valued(a, el)) {
335 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
336 el->name, ldb_dn_get_linearized(msg->dn));
337 return LDB_ERR_CONSTRAINT_VIOLATION;
341 ret = ltdb_store(module, msg, TDB_INSERT);
342 if (ret != LDB_SUCCESS) {
343 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
344 ldb_asprintf_errstring(ldb,
345 "Entry %s already exists",
346 ldb_dn_get_linearized(msg->dn));
351 ret = ltdb_index_add_new(module, msg);
352 if (ret != LDB_SUCCESS) {
356 ret = ltdb_modified(module, msg->dn);
362 add a record to the database
364 static int ltdb_add(struct ltdb_context *ctx)
366 struct ldb_module *module = ctx->module;
367 struct ldb_request *req = ctx->req;
368 int ret = LDB_SUCCESS;
370 ret = ltdb_check_special_dn(module, req->op.add.message);
371 if (ret != LDB_SUCCESS) {
375 ldb_request_set_state(req, LDB_ASYNC_PENDING);
377 if (ltdb_cache_load(module) != 0) {
378 return LDB_ERR_OPERATIONS_ERROR;
381 ret = ltdb_add_internal(module, req->op.add.message, true);
387 delete a record from the database, not updating indexes (used for deleting
390 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
392 void *data = ldb_module_get_private(module);
393 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
397 tdb_key = ltdb_key(module, dn);
399 return LDB_ERR_OTHER;
402 ret = tdb_delete(ltdb->tdb, tdb_key);
403 talloc_free(tdb_key.dptr);
406 ret = ltdb_err_map(tdb_error(ltdb->tdb));
412 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
414 struct ldb_message *msg;
415 int ret = LDB_SUCCESS;
417 msg = ldb_msg_new(module);
419 return LDB_ERR_OPERATIONS_ERROR;
422 /* in case any attribute of the message was indexed, we need
423 to fetch the old record */
424 ret = ltdb_search_dn1(module, dn, msg);
425 if (ret != LDB_SUCCESS) {
426 /* not finding the old record is an error */
430 ret = ltdb_delete_noindex(module, dn);
431 if (ret != LDB_SUCCESS) {
435 /* remove any indexed attributes */
436 ret = ltdb_index_delete(module, msg);
437 if (ret != LDB_SUCCESS) {
441 ret = ltdb_modified(module, dn);
442 if (ret != LDB_SUCCESS) {
452 delete a record from the database
454 static int ltdb_delete(struct ltdb_context *ctx)
456 struct ldb_module *module = ctx->module;
457 struct ldb_request *req = ctx->req;
458 int ret = LDB_SUCCESS;
460 ldb_request_set_state(req, LDB_ASYNC_PENDING);
462 if (ltdb_cache_load(module) != 0) {
463 return LDB_ERR_OPERATIONS_ERROR;
466 ret = ltdb_delete_internal(module, req->op.del.dn);
472 find an element by attribute name. At the moment this does a linear search,
473 it should be re-coded to use a binary search once all places that modify
474 records guarantee sorted order
476 return the index of the first matching element if found, otherwise -1
478 static int find_element(const struct ldb_message *msg, const char *name)
481 for (i=0;i<msg->num_elements;i++) {
482 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
491 add an element to an existing record. Assumes a elements array that we
492 can call re-alloc on, and assumed that we can re-use the data pointers from
493 the passed in additional values. Use with care!
495 returns 0 on success, -1 on failure (and sets errno)
497 static int ltdb_msg_add_element(struct ldb_context *ldb,
498 struct ldb_message *msg,
499 struct ldb_message_element *el)
501 struct ldb_message_element *e2;
504 if (el->num_values == 0) {
505 /* nothing to do here - we don't add empty elements */
509 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
510 msg->num_elements+1);
518 e2 = &msg->elements[msg->num_elements];
521 e2->flags = el->flags;
522 e2->values = talloc_array(msg->elements,
523 struct ldb_val, el->num_values);
528 for (i=0;i<el->num_values;i++) {
529 e2->values[i] = el->values[i];
531 e2->num_values = el->num_values;
539 delete all elements having a specified attribute name
541 static int msg_delete_attribute(struct ldb_module *module,
542 struct ldb_context *ldb,
543 struct ldb_message *msg, const char *name)
547 struct ldb_message_element *el;
549 el = ldb_msg_find_element(msg, name);
551 return LDB_ERR_NO_SUCH_ATTRIBUTE;
553 i = el - msg->elements;
555 ret = ltdb_index_del_element(module, msg->dn, el);
556 if (ret != LDB_SUCCESS) {
560 talloc_free(el->values);
561 if (msg->num_elements > (i+1)) {
562 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
565 msg->elements = talloc_realloc(msg, msg->elements,
566 struct ldb_message_element,
572 delete all elements matching an attribute name/value
574 return LDB Error on failure
576 static int msg_delete_element(struct ldb_module *module,
577 struct ldb_message *msg,
579 const struct ldb_val *val)
581 struct ldb_context *ldb = ldb_module_get_ctx(module);
584 struct ldb_message_element *el;
585 const struct ldb_schema_attribute *a;
587 found = find_element(msg, name);
589 return LDB_ERR_NO_SUCH_ATTRIBUTE;
592 i = (unsigned int) found;
593 el = &(msg->elements[i]);
595 a = ldb_schema_attribute_by_name(ldb, el->name);
597 for (i=0;i<el->num_values;i++) {
599 if (a->syntax->operator_fn) {
600 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
601 &el->values[i], val, &matched);
602 if (ret != LDB_SUCCESS) return ret;
604 matched = (a->syntax->comparison_fn(ldb, ldb,
605 &el->values[i], val) == 0);
608 if (el->num_values == 1) {
609 return msg_delete_attribute(module, ldb, msg, name);
612 ret = ltdb_index_del_value(module, msg->dn, el, i);
613 if (ret != LDB_SUCCESS) {
617 if (i<el->num_values-1) {
618 memmove(&el->values[i], &el->values[i+1],
619 sizeof(el->values[i])*
620 (el->num_values-(i+1)));
624 /* per definition we find in a canonicalised message an
625 attribute value only once. So we are finished here */
631 return LDB_ERR_NO_SUCH_ATTRIBUTE;
636 modify a record - internal interface
638 yuck - this is O(n^2). Luckily n is usually small so we probably
639 get away with it, but if we ever have really large attribute lists
640 then we'll need to look at this again
642 'req' is optional, and is used to specify controls if supplied
644 int ltdb_modify_internal(struct ldb_module *module,
645 const struct ldb_message *msg,
646 struct ldb_request *req)
648 struct ldb_context *ldb = ldb_module_get_ctx(module);
649 void *data = ldb_module_get_private(module);
650 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
651 TDB_DATA tdb_key, tdb_data;
652 struct ldb_message *msg2;
653 unsigned int i, j, k;
654 int ret = LDB_SUCCESS, idx;
655 struct ldb_control *control_permissive = NULL;
658 control_permissive = ldb_request_get_control(req,
659 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
662 tdb_key = ltdb_key(module, msg->dn);
664 return LDB_ERR_OTHER;
667 tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
668 if (!tdb_data.dptr) {
669 talloc_free(tdb_key.dptr);
670 return ltdb_err_map(tdb_error(ltdb->tdb));
673 msg2 = ldb_msg_new(tdb_key.dptr);
680 ret = ltdb_unpack_data(module, &tdb_data, msg2);
691 for (i=0; i<msg->num_elements; i++) {
692 struct ldb_message_element *el = &msg->elements[i], *el2;
693 struct ldb_val *vals;
694 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
697 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
698 case LDB_FLAG_MOD_ADD:
700 if (el->num_values == 0) {
701 ldb_asprintf_errstring(ldb,
702 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
703 el->name, ldb_dn_get_linearized(msg2->dn));
704 ret = LDB_ERR_CONSTRAINT_VIOLATION;
708 /* make a copy of the array so that a permissive
709 * control can remove duplicates without changing the
710 * original values, but do not copy data as we do not
711 * need to keep it around once the operation is
713 if (control_permissive) {
714 el = talloc(msg2, struct ldb_message_element);
719 *el = msg->elements[i];
720 el->values = talloc_array(el, struct ldb_val, el->num_values);
721 if (el->values == NULL) {
725 for (j = 0; j < el->num_values; j++) {
726 el->values[j] = msg->elements[i].values[j];
730 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
731 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
732 el->name, ldb_dn_get_linearized(msg2->dn));
733 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
737 /* Checks if element already exists */
738 idx = find_element(msg2, el->name);
740 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
744 ret = ltdb_index_add_element(module, msg2->dn,
746 if (ret != LDB_SUCCESS) {
750 j = (unsigned int) idx;
751 el2 = &(msg2->elements[j]);
753 /* We cannot add another value on a existing one
754 if the attribute is single-valued */
755 if (ldb_tdb_single_valued(a, el)) {
756 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
757 el->name, ldb_dn_get_linearized(msg2->dn));
758 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
762 /* Check that values don't exist yet on multi-
763 valued attributes or aren't provided twice */
764 for (j = 0; j < el->num_values; j++) {
765 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
766 if (control_permissive) {
767 /* remove this one as if it was never added */
769 for (k = j; k < el->num_values; k++) {
770 el->values[k] = el->values[k + 1];
777 ldb_asprintf_errstring(ldb,
778 "attribute '%s': value #%u on '%s' already exists",
779 el->name, j, ldb_dn_get_linearized(msg2->dn));
780 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
783 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
784 ldb_asprintf_errstring(ldb,
785 "attribute '%s': value #%u on '%s' provided more than once",
786 el->name, j, ldb_dn_get_linearized(msg2->dn));
787 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
792 /* Now combine existing and new values to a new
794 vals = talloc_realloc(msg2->elements,
795 el2->values, struct ldb_val,
796 el2->num_values + el->num_values);
803 for (j=0; j<el->num_values; j++) {
804 vals[el2->num_values + j] =
805 ldb_val_dup(vals, &el->values[j]);
809 el2->num_values += el->num_values;
811 ret = ltdb_index_add_element(module, msg2->dn, el);
812 if (ret != LDB_SUCCESS) {
819 case LDB_FLAG_MOD_REPLACE:
821 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
822 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
823 el->name, ldb_dn_get_linearized(msg2->dn));
824 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
828 /* TODO: This is O(n^2) - replace with more efficient check */
829 for (j=0; j<el->num_values; j++) {
830 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
831 ldb_asprintf_errstring(ldb,
832 "attribute '%s': value #%u on '%s' provided more than once",
833 el->name, j, ldb_dn_get_linearized(msg2->dn));
834 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
839 /* Checks if element already exists */
840 idx = find_element(msg2, el->name);
842 j = (unsigned int) idx;
843 el2 = &(msg2->elements[j]);
845 /* we consider two elements to be
846 * equal only if the order
847 * matches. This allows dbcheck to
848 * fix the ordering on attributes
849 * where order matters, such as
852 if (ldb_msg_element_equal_ordered(el, el2)) {
856 /* Delete the attribute if it exists in the DB */
857 if (msg_delete_attribute(module, ldb, msg2,
864 /* Recreate it with the new values */
865 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
870 ret = ltdb_index_add_element(module, msg2->dn, el);
871 if (ret != LDB_SUCCESS) {
877 case LDB_FLAG_MOD_DELETE:
878 dn = ldb_dn_get_linearized(msg2->dn);
884 if (msg->elements[i].num_values == 0) {
885 /* Delete the whole attribute */
886 ret = msg_delete_attribute(module, ldb, msg2,
887 msg->elements[i].name);
888 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
889 control_permissive) {
892 ldb_asprintf_errstring(ldb,
893 "attribute '%s': no such attribute for delete on '%s'",
894 msg->elements[i].name, dn);
896 if (ret != LDB_SUCCESS) {
900 /* Delete specified values from an attribute */
901 for (j=0; j < msg->elements[i].num_values; j++) {
902 ret = msg_delete_element(module,
904 msg->elements[i].name,
905 &msg->elements[i].values[j]);
906 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
907 control_permissive) {
910 ldb_asprintf_errstring(ldb,
911 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
912 msg->elements[i].name, dn);
914 if (ret != LDB_SUCCESS) {
921 ldb_asprintf_errstring(ldb,
922 "attribute '%s': invalid modify flags on '%s': 0x%x",
923 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
924 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
925 ret = LDB_ERR_PROTOCOL_ERROR;
930 ret = ltdb_store(module, msg2, TDB_MODIFY);
931 if (ret != LDB_SUCCESS) {
935 ret = ltdb_modified(module, msg2->dn);
936 if (ret != LDB_SUCCESS) {
941 talloc_free(tdb_key.dptr);
948 static int ltdb_modify(struct ltdb_context *ctx)
950 struct ldb_module *module = ctx->module;
951 struct ldb_request *req = ctx->req;
952 int ret = LDB_SUCCESS;
954 ret = ltdb_check_special_dn(module, req->op.mod.message);
955 if (ret != LDB_SUCCESS) {
959 ldb_request_set_state(req, LDB_ASYNC_PENDING);
961 if (ltdb_cache_load(module) != 0) {
962 return LDB_ERR_OPERATIONS_ERROR;
965 ret = ltdb_modify_internal(module, req->op.mod.message, req);
973 static int ltdb_rename(struct ltdb_context *ctx)
975 struct ldb_module *module = ctx->module;
976 void *data = ldb_module_get_private(module);
977 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
978 struct ldb_request *req = ctx->req;
979 struct ldb_message *msg;
980 int ret = LDB_SUCCESS;
981 TDB_DATA tdb_key, tdb_key_old;
983 ldb_request_set_state(req, LDB_ASYNC_PENDING);
985 if (ltdb_cache_load(ctx->module) != 0) {
986 return LDB_ERR_OPERATIONS_ERROR;
989 msg = ldb_msg_new(ctx);
991 return LDB_ERR_OPERATIONS_ERROR;
994 /* we need to fetch the old record to re-add under the new name */
995 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
996 if (ret != LDB_SUCCESS) {
997 /* not finding the old record is an error */
1001 /* We need to, before changing the DB, check if the new DN
1002 * exists, so we can return this error to the caller with an
1004 tdb_key = ltdb_key(module, req->op.rename.newdn);
1005 if (!tdb_key.dptr) {
1007 return LDB_ERR_OPERATIONS_ERROR;
1010 tdb_key_old = ltdb_key(module, req->op.rename.olddn);
1011 if (!tdb_key_old.dptr) {
1013 talloc_free(tdb_key.dptr);
1014 return LDB_ERR_OPERATIONS_ERROR;
1017 /* Only declare a conflict if the new DN already exists, and it isn't a case change on the old DN */
1018 if (tdb_key_old.dsize != tdb_key.dsize || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1019 if (tdb_exists(ltdb->tdb, tdb_key)) {
1020 talloc_free(tdb_key_old.dptr);
1021 talloc_free(tdb_key.dptr);
1022 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1023 "Entry %s already exists",
1024 ldb_dn_get_linearized(msg->dn));
1025 /* finding the new record already in the DB is an error */
1027 return LDB_ERR_ENTRY_ALREADY_EXISTS;
1030 talloc_free(tdb_key_old.dptr);
1031 talloc_free(tdb_key.dptr);
1033 /* Always delete first then add, to avoid conflicts with
1034 * unique indexes. We rely on the transaction to make this
1037 ret = ltdb_delete_internal(module, msg->dn);
1038 if (ret != LDB_SUCCESS) {
1043 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1044 if (msg->dn == NULL) {
1046 return LDB_ERR_OPERATIONS_ERROR;
1049 /* We don't check single value as we can have more than 1 with
1050 * deleted attributes. We could go through all elements but that's
1051 * maybe not the most efficient way
1053 ret = ltdb_add_internal(module, msg, false);
1060 static int ltdb_start_trans(struct ldb_module *module)
1062 void *data = ldb_module_get_private(module);
1063 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1065 if (tdb_transaction_start(ltdb->tdb) != 0) {
1066 return ltdb_err_map(tdb_error(ltdb->tdb));
1069 ltdb->in_transaction++;
1071 ltdb_index_transaction_start(module);
1076 static int ltdb_prepare_commit(struct ldb_module *module)
1078 void *data = ldb_module_get_private(module);
1079 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1081 if (ltdb->in_transaction != 1) {
1085 if (ltdb_index_transaction_commit(module) != 0) {
1086 tdb_transaction_cancel(ltdb->tdb);
1087 ltdb->in_transaction--;
1088 return ltdb_err_map(tdb_error(ltdb->tdb));
1091 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1092 ltdb->in_transaction--;
1093 return ltdb_err_map(tdb_error(ltdb->tdb));
1096 ltdb->prepared_commit = true;
1101 static int ltdb_end_trans(struct ldb_module *module)
1103 void *data = ldb_module_get_private(module);
1104 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1106 if (!ltdb->prepared_commit) {
1107 int ret = ltdb_prepare_commit(module);
1108 if (ret != LDB_SUCCESS) {
1113 ltdb->in_transaction--;
1114 ltdb->prepared_commit = false;
1116 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1117 return ltdb_err_map(tdb_error(ltdb->tdb));
1123 static int ltdb_del_trans(struct ldb_module *module)
1125 void *data = ldb_module_get_private(module);
1126 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1128 ltdb->in_transaction--;
1130 if (ltdb_index_transaction_cancel(module) != 0) {
1131 tdb_transaction_cancel(ltdb->tdb);
1132 return ltdb_err_map(tdb_error(ltdb->tdb));
1135 tdb_transaction_cancel(ltdb->tdb);
1140 return sequenceNumber from @BASEINFO
1142 static int ltdb_sequence_number(struct ltdb_context *ctx,
1143 struct ldb_extended **ext)
1145 struct ldb_context *ldb;
1146 struct ldb_module *module = ctx->module;
1147 struct ldb_request *req = ctx->req;
1148 TALLOC_CTX *tmp_ctx = NULL;
1149 struct ldb_seqnum_request *seq;
1150 struct ldb_seqnum_result *res;
1151 struct ldb_message *msg = NULL;
1154 int ret = LDB_SUCCESS;
1156 ldb = ldb_module_get_ctx(module);
1158 seq = talloc_get_type(req->op.extended.data,
1159 struct ldb_seqnum_request);
1161 return LDB_ERR_OPERATIONS_ERROR;
1164 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1166 if (ltdb_lock_read(module) != 0) {
1167 return LDB_ERR_OPERATIONS_ERROR;
1170 res = talloc_zero(req, struct ldb_seqnum_result);
1172 ret = LDB_ERR_OPERATIONS_ERROR;
1176 tmp_ctx = talloc_new(req);
1177 if (tmp_ctx == NULL) {
1178 ret = LDB_ERR_OPERATIONS_ERROR;
1182 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1184 ret = LDB_ERR_OPERATIONS_ERROR;
1188 msg = ldb_msg_new(tmp_ctx);
1190 ret = LDB_ERR_OPERATIONS_ERROR;
1194 ret = ltdb_search_dn1(module, dn, msg);
1195 if (ret != LDB_SUCCESS) {
1199 switch (seq->type) {
1200 case LDB_SEQ_HIGHEST_SEQ:
1201 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1204 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1207 case LDB_SEQ_HIGHEST_TIMESTAMP:
1208 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1210 res->seq_num = ldb_string_to_time(date);
1213 /* zero is as good as anything when we don't know */
1218 *ext = talloc_zero(req, struct ldb_extended);
1220 ret = LDB_ERR_OPERATIONS_ERROR;
1223 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1224 (*ext)->data = talloc_steal(*ext, res);
1227 talloc_free(tmp_ctx);
1228 ltdb_unlock_read(module);
1232 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1234 struct ldb_context *ldb;
1235 struct ldb_request *req;
1236 struct ldb_reply *ares;
1238 ldb = ldb_module_get_ctx(ctx->module);
1241 /* if we already returned an error just return */
1242 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1246 ares = talloc_zero(req, struct ldb_reply);
1249 req->callback(req, NULL);
1252 ares->type = LDB_REPLY_DONE;
1253 ares->error = error;
1255 req->callback(req, ares);
1258 static void ltdb_timeout(struct tevent_context *ev,
1259 struct tevent_timer *te,
1263 struct ltdb_context *ctx;
1264 ctx = talloc_get_type(private_data, struct ltdb_context);
1266 if (!ctx->request_terminated) {
1267 /* request is done now */
1268 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1272 /* neutralize the spy */
1273 ctx->spy->ctx = NULL;
1279 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1280 struct ldb_extended *ext,
1283 struct ldb_context *ldb;
1284 struct ldb_request *req;
1285 struct ldb_reply *ares;
1287 ldb = ldb_module_get_ctx(ctx->module);
1290 /* if we already returned an error just return */
1291 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1295 ares = talloc_zero(req, struct ldb_reply);
1298 req->callback(req, NULL);
1301 ares->type = LDB_REPLY_DONE;
1302 ares->response = ext;
1303 ares->error = error;
1305 req->callback(req, ares);
1308 static void ltdb_handle_extended(struct ltdb_context *ctx)
1310 struct ldb_extended *ext = NULL;
1313 if (strcmp(ctx->req->op.extended.oid,
1314 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1315 /* get sequence number */
1316 ret = ltdb_sequence_number(ctx, &ext);
1318 /* not recognized */
1319 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1322 ltdb_request_extended_done(ctx, ext, ret);
1325 static void ltdb_callback(struct tevent_context *ev,
1326 struct tevent_timer *te,
1330 struct ltdb_context *ctx;
1333 ctx = talloc_get_type(private_data, struct ltdb_context);
1335 if (ctx->request_terminated) {
1339 switch (ctx->req->operation) {
1341 ret = ltdb_search(ctx);
1344 ret = ltdb_add(ctx);
1347 ret = ltdb_modify(ctx);
1350 ret = ltdb_delete(ctx);
1353 ret = ltdb_rename(ctx);
1356 ltdb_handle_extended(ctx);
1359 /* no other op supported */
1360 ret = LDB_ERR_PROTOCOL_ERROR;
1363 if (!ctx->request_terminated) {
1364 /* request is done now */
1365 ltdb_request_done(ctx, ret);
1370 /* neutralize the spy */
1371 ctx->spy->ctx = NULL;
1377 static int ltdb_request_destructor(void *ptr)
1379 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1381 if (spy->ctx != NULL) {
1382 spy->ctx->spy = NULL;
1383 spy->ctx->request_terminated = true;
1390 static int ltdb_handle_request(struct ldb_module *module,
1391 struct ldb_request *req)
1393 struct ldb_control *control_permissive;
1394 struct ldb_context *ldb;
1395 struct tevent_context *ev;
1396 struct ltdb_context *ac;
1397 struct tevent_timer *te;
1401 ldb = ldb_module_get_ctx(module);
1403 control_permissive = ldb_request_get_control(req,
1404 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1406 for (i = 0; req->controls && req->controls[i]; i++) {
1407 if (req->controls[i]->critical &&
1408 req->controls[i] != control_permissive) {
1409 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1410 req->controls[i]->oid);
1411 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1415 if (req->starttime == 0 || req->timeout == 0) {
1416 ldb_set_errstring(ldb, "Invalid timeout settings");
1417 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1420 ev = ldb_get_event_context(ldb);
1422 ac = talloc_zero(ldb, struct ltdb_context);
1425 return LDB_ERR_OPERATIONS_ERROR;
1428 ac->module = module;
1433 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1436 return LDB_ERR_OPERATIONS_ERROR;
1439 tv.tv_sec = req->starttime + req->timeout;
1440 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1441 if (NULL == ac->timeout_event) {
1443 return LDB_ERR_OPERATIONS_ERROR;
1446 /* set a spy so that we do not try to use the request context
1447 * if it is freed before ltdb_callback fires */
1448 ac->spy = talloc(req, struct ltdb_req_spy);
1449 if (NULL == ac->spy) {
1451 return LDB_ERR_OPERATIONS_ERROR;
1455 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1460 static int ltdb_init_rootdse(struct ldb_module *module)
1462 /* ignore errors on this - we expect it for non-sam databases */
1463 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1465 /* there can be no module beyond the backend, just return */
1469 static const struct ldb_module_ops ltdb_ops = {
1471 .init_context = ltdb_init_rootdse,
1472 .search = ltdb_handle_request,
1473 .add = ltdb_handle_request,
1474 .modify = ltdb_handle_request,
1475 .del = ltdb_handle_request,
1476 .rename = ltdb_handle_request,
1477 .extended = ltdb_handle_request,
1478 .start_transaction = ltdb_start_trans,
1479 .end_transaction = ltdb_end_trans,
1480 .prepare_commit = ltdb_prepare_commit,
1481 .del_transaction = ltdb_del_trans,
1485 connect to the database
1487 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1488 unsigned int flags, const char *options[],
1489 struct ldb_module **_module)
1491 struct ldb_module *module;
1493 int tdb_flags, open_flags;
1494 struct ltdb_private *ltdb;
1497 if (strchr(url, ':')) {
1498 if (strncmp(url, "tdb://", 6) != 0) {
1499 ldb_debug(ldb, LDB_DEBUG_ERROR,
1500 "Invalid tdb URL '%s'", url);
1501 return LDB_ERR_OPERATIONS_ERROR;
1508 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1510 /* check for the 'nosync' option */
1511 if (flags & LDB_FLG_NOSYNC) {
1512 tdb_flags |= TDB_NOSYNC;
1515 /* and nommap option */
1516 if (flags & LDB_FLG_NOMMAP) {
1517 tdb_flags |= TDB_NOMMAP;
1520 if (flags & LDB_FLG_RDONLY) {
1521 open_flags = O_RDONLY;
1523 open_flags = O_CREAT | O_RDWR;
1526 ltdb = talloc_zero(ldb, struct ltdb_private);
1529 return LDB_ERR_OPERATIONS_ERROR;
1532 /* note that we use quite a large default hash size */
1533 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1534 tdb_flags, open_flags,
1535 ldb_get_create_perms(ldb), ldb);
1537 ldb_asprintf_errstring(ldb,
1538 "Unable to open tdb '%s'", path);
1539 ldb_debug(ldb, LDB_DEBUG_ERROR,
1540 "Unable to open tdb '%s'", path);
1542 return LDB_ERR_OPERATIONS_ERROR;
1545 if (getenv("LDB_WARN_UNINDEXED")) {
1546 ltdb->warn_unindexed = true;
1549 ltdb->sequence_number = 0;
1551 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1555 return LDB_ERR_OPERATIONS_ERROR;
1557 ldb_module_set_private(module, ltdb);
1558 talloc_steal(module, ltdb);
1560 if (ltdb_cache_load(module) != 0) {
1561 ldb_asprintf_errstring(ldb,
1562 "Unable to load ltdb cache records of tdb '%s'", path);
1563 talloc_free(module);
1564 return LDB_ERR_OPERATIONS_ERROR;
1571 int ldb_tdb_init(const char *version)
1573 LDB_MODULE_CHECK_VERSION(version);
1574 return ldb_register_backend("tdb", ltdb_connect, false);