4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include <lib/tdb_compat/tdb_compat.h>
57 map a tdb error code to a ldb error code
59 int ltdb_err_map(enum TDB_ERROR tdb_code)
67 return LDB_ERR_OPERATIONS_ERROR;
69 return LDB_ERR_PROTOCOL_ERROR;
73 case TDB_ERR_LOCK_TIMEOUT:
74 return LDB_ERR_TIME_LIMIT_EXCEEDED;
76 return LDB_ERR_ENTRY_ALREADY_EXISTS;
78 return LDB_ERR_NO_SUCH_OBJECT;
80 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
88 lock the database for read - use by ltdb_search and ltdb_sequence_number
90 int ltdb_lock_read(struct ldb_module *module)
92 void *data = ldb_module_get_private(module);
93 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
96 if (ltdb->in_transaction == 0 &&
97 ltdb->read_lock_count == 0) {
98 ret = tdb_lockall_read(ltdb->tdb);
101 ltdb->read_lock_count++;
107 unlock the database after a ltdb_lock_read()
109 int ltdb_unlock_read(struct ldb_module *module)
111 void *data = ldb_module_get_private(module);
112 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
113 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
114 return tdb_unlockall_read(ltdb->tdb);
116 ltdb->read_lock_count--;
122 form a TDB_DATA for a record key
125 note that the key for a record can depend on whether the
126 dn refers to a case sensitive index record or not
128 struct TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
130 struct ldb_context *ldb = ldb_module_get_ctx(module);
132 char *key_str = NULL;
133 const char *dn_folded = NULL;
136 most DNs are case insensitive. The exception is index DNs for
137 case sensitive attributes
139 there are 3 cases dealt with in this code:
141 1) if the dn doesn't start with @ then uppercase the attribute
142 names and the attributes values of case insensitive attributes
143 2) if the dn starts with @ then leave it alone -
144 the indexing code handles the rest
147 dn_folded = ldb_dn_get_casefold(dn);
152 key_str = talloc_strdup(ldb, "DN=");
157 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
162 key.dptr = (uint8_t *)key_str;
163 key.dsize = strlen(key_str) + 1;
175 check special dn's have valid attributes
176 currently only @ATTRIBUTES is checked
178 static int ltdb_check_special_dn(struct ldb_module *module,
179 const struct ldb_message *msg)
181 struct ldb_context *ldb = ldb_module_get_ctx(module);
184 if (! ldb_dn_is_special(msg->dn) ||
185 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
189 /* we have @ATTRIBUTES, let's check attributes are fine */
190 /* should we check that we deny multivalued attributes ? */
191 for (i = 0; i < msg->num_elements; i++) {
192 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
194 for (j = 0; j < msg->elements[i].num_values; j++) {
195 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
196 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
197 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
207 we've made a modification to a dn - possibly reindex and
208 update sequence number
210 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
212 int ret = LDB_SUCCESS;
213 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
215 /* only allow modifies inside a transaction, otherwise the
217 if (ltdb->in_transaction == 0) {
218 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
219 return LDB_ERR_OPERATIONS_ERROR;
222 if (ldb_dn_is_special(dn) &&
223 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
224 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
225 ret = ltdb_reindex(module);
228 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
229 if (ret == LDB_SUCCESS &&
230 !(ldb_dn_is_special(dn) &&
231 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
232 ret = ltdb_increase_sequence_number(module);
235 /* If the modify was to @OPTIONS, reload the cache */
236 if (ret == LDB_SUCCESS &&
237 ldb_dn_is_special(dn) &&
238 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
239 ret = ltdb_cache_reload(module);
246 store a record into the db
248 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
250 void *data = ldb_module_get_private(module);
251 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
252 TDB_DATA tdb_key, tdb_data;
253 int ret = LDB_SUCCESS;
255 tdb_key = ltdb_key(module, msg->dn);
256 if (tdb_key.dptr == NULL) {
257 return LDB_ERR_OTHER;
260 ret = ltdb_pack_data(module, msg, &tdb_data);
262 talloc_free(tdb_key.dptr);
263 return LDB_ERR_OTHER;
266 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
268 ret = ltdb_err_map(tdb_error(ltdb->tdb));
273 talloc_free(tdb_key.dptr);
274 talloc_free(tdb_data.dptr);
281 check if a attribute is a single valued, for a given element
283 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
284 struct ldb_message_element *el)
286 if (!a) return false;
288 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
289 /* override from a ldb module, for example
290 used for the description field, which is
291 marked multi-valued in the schema but which
292 should not actually accept multiple
296 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
297 /* override from a ldb module, for example used for
298 deleted linked attribute entries */
302 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
308 static int ltdb_add_internal(struct ldb_module *module,
309 const struct ldb_message *msg)
311 struct ldb_context *ldb = ldb_module_get_ctx(module);
312 int ret = LDB_SUCCESS;
315 for (i=0;i<msg->num_elements;i++) {
316 struct ldb_message_element *el = &msg->elements[i];
317 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
319 if (el->num_values == 0) {
320 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
321 el->name, ldb_dn_get_linearized(msg->dn));
322 return LDB_ERR_CONSTRAINT_VIOLATION;
324 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
325 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
326 el->name, ldb_dn_get_linearized(msg->dn));
327 return LDB_ERR_CONSTRAINT_VIOLATION;
331 ret = ltdb_store(module, msg, TDB_INSERT);
332 if (ret != LDB_SUCCESS) {
333 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
334 ldb_asprintf_errstring(ldb,
335 "Entry %s already exists",
336 ldb_dn_get_linearized(msg->dn));
341 ret = ltdb_index_add_new(module, msg);
342 if (ret != LDB_SUCCESS) {
346 ret = ltdb_modified(module, msg->dn);
352 add a record to the database
354 static int ltdb_add(struct ltdb_context *ctx)
356 struct ldb_module *module = ctx->module;
357 struct ldb_request *req = ctx->req;
358 int ret = LDB_SUCCESS;
360 ret = ltdb_check_special_dn(module, req->op.add.message);
361 if (ret != LDB_SUCCESS) {
365 ldb_request_set_state(req, LDB_ASYNC_PENDING);
367 if (ltdb_cache_load(module) != 0) {
368 return LDB_ERR_OPERATIONS_ERROR;
371 ret = ltdb_add_internal(module, req->op.add.message);
377 delete a record from the database, not updating indexes (used for deleting
380 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
382 void *data = ldb_module_get_private(module);
383 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
387 tdb_key = ltdb_key(module, dn);
389 return LDB_ERR_OTHER;
392 ret = tdb_delete(ltdb->tdb, tdb_key);
393 talloc_free(tdb_key.dptr);
396 ret = ltdb_err_map(tdb_error(ltdb->tdb));
402 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
404 struct ldb_message *msg;
405 int ret = LDB_SUCCESS;
407 msg = ldb_msg_new(module);
409 return LDB_ERR_OPERATIONS_ERROR;
412 /* in case any attribute of the message was indexed, we need
413 to fetch the old record */
414 ret = ltdb_search_dn1(module, dn, msg);
415 if (ret != LDB_SUCCESS) {
416 /* not finding the old record is an error */
420 ret = ltdb_delete_noindex(module, dn);
421 if (ret != LDB_SUCCESS) {
425 /* remove any indexed attributes */
426 ret = ltdb_index_delete(module, msg);
427 if (ret != LDB_SUCCESS) {
431 ret = ltdb_modified(module, dn);
432 if (ret != LDB_SUCCESS) {
442 delete a record from the database
444 static int ltdb_delete(struct ltdb_context *ctx)
446 struct ldb_module *module = ctx->module;
447 struct ldb_request *req = ctx->req;
448 int ret = LDB_SUCCESS;
450 ldb_request_set_state(req, LDB_ASYNC_PENDING);
452 if (ltdb_cache_load(module) != 0) {
453 return LDB_ERR_OPERATIONS_ERROR;
456 ret = ltdb_delete_internal(module, req->op.del.dn);
462 find an element by attribute name. At the moment this does a linear search,
463 it should be re-coded to use a binary search once all places that modify
464 records guarantee sorted order
466 return the index of the first matching element if found, otherwise -1
468 static int find_element(const struct ldb_message *msg, const char *name)
471 for (i=0;i<msg->num_elements;i++) {
472 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
481 add an element to an existing record. Assumes a elements array that we
482 can call re-alloc on, and assumed that we can re-use the data pointers from
483 the passed in additional values. Use with care!
485 returns 0 on success, -1 on failure (and sets errno)
487 static int ltdb_msg_add_element(struct ldb_context *ldb,
488 struct ldb_message *msg,
489 struct ldb_message_element *el)
491 struct ldb_message_element *e2;
494 if (el->num_values == 0) {
495 /* nothing to do here - we don't add empty elements */
499 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
500 msg->num_elements+1);
508 e2 = &msg->elements[msg->num_elements];
511 e2->flags = el->flags;
512 e2->values = talloc_array(msg->elements,
513 struct ldb_val, el->num_values);
518 for (i=0;i<el->num_values;i++) {
519 e2->values[i] = el->values[i];
521 e2->num_values = el->num_values;
529 delete all elements having a specified attribute name
531 static int msg_delete_attribute(struct ldb_module *module,
532 struct ldb_context *ldb,
533 struct ldb_message *msg, const char *name)
537 struct ldb_message_element *el;
539 el = ldb_msg_find_element(msg, name);
541 return LDB_ERR_NO_SUCH_ATTRIBUTE;
543 i = el - msg->elements;
545 ret = ltdb_index_del_element(module, msg->dn, el);
546 if (ret != LDB_SUCCESS) {
550 talloc_free(el->values);
551 if (msg->num_elements > (i+1)) {
552 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
555 msg->elements = talloc_realloc(msg, msg->elements,
556 struct ldb_message_element,
562 delete all elements matching an attribute name/value
564 return LDB Error on failure
566 static int msg_delete_element(struct ldb_module *module,
567 struct ldb_message *msg,
569 const struct ldb_val *val)
571 struct ldb_context *ldb = ldb_module_get_ctx(module);
574 struct ldb_message_element *el;
575 const struct ldb_schema_attribute *a;
577 found = find_element(msg, name);
579 return LDB_ERR_NO_SUCH_ATTRIBUTE;
582 i = (unsigned int) found;
583 el = &(msg->elements[i]);
585 a = ldb_schema_attribute_by_name(ldb, el->name);
587 for (i=0;i<el->num_values;i++) {
589 if (a->syntax->operator_fn) {
590 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
591 &el->values[i], val, &matched);
592 if (ret != LDB_SUCCESS) return ret;
594 matched = (a->syntax->comparison_fn(ldb, ldb,
595 &el->values[i], val) == 0);
598 if (el->num_values == 1) {
599 return msg_delete_attribute(module, ldb, msg, name);
602 ret = ltdb_index_del_value(module, msg->dn, el, i);
603 if (ret != LDB_SUCCESS) {
607 if (i<el->num_values-1) {
608 memmove(&el->values[i], &el->values[i+1],
609 sizeof(el->values[i])*
610 (el->num_values-(i+1)));
614 /* per definition we find in a canonicalised message an
615 attribute value only once. So we are finished here */
621 return LDB_ERR_NO_SUCH_ATTRIBUTE;
626 modify a record - internal interface
628 yuck - this is O(n^2). Luckily n is usually small so we probably
629 get away with it, but if we ever have really large attribute lists
630 then we'll need to look at this again
632 'req' is optional, and is used to specify controls if supplied
634 int ltdb_modify_internal(struct ldb_module *module,
635 const struct ldb_message *msg,
636 struct ldb_request *req)
638 struct ldb_context *ldb = ldb_module_get_ctx(module);
639 void *data = ldb_module_get_private(module);
640 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
641 TDB_DATA tdb_key, tdb_data;
642 struct ldb_message *msg2;
643 unsigned int i, j, k;
644 int ret = LDB_SUCCESS, idx;
645 struct ldb_control *control_permissive = NULL;
648 control_permissive = ldb_request_get_control(req,
649 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
652 tdb_key = ltdb_key(module, msg->dn);
654 return LDB_ERR_OTHER;
657 tdb_data = tdb_fetch_compat(ltdb->tdb, tdb_key);
658 if (!tdb_data.dptr) {
659 talloc_free(tdb_key.dptr);
660 return ltdb_err_map(tdb_error(ltdb->tdb));
663 msg2 = ldb_msg_new(tdb_key.dptr);
670 ret = ltdb_unpack_data(module, &tdb_data, msg2);
681 for (i=0; i<msg->num_elements; i++) {
682 struct ldb_message_element *el = &msg->elements[i], *el2;
683 struct ldb_val *vals;
684 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
687 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
688 case LDB_FLAG_MOD_ADD:
690 if (el->num_values == 0) {
691 ldb_asprintf_errstring(ldb,
692 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
693 el->name, ldb_dn_get_linearized(msg2->dn));
694 ret = LDB_ERR_CONSTRAINT_VIOLATION;
698 /* make a copy of the array so that a permissive
699 * control can remove duplicates without changing the
700 * original values, but do not copy data as we do not
701 * need to keep it around once the operation is
703 if (control_permissive) {
704 el = talloc(msg2, struct ldb_message_element);
709 *el = msg->elements[i];
710 el->values = talloc_array(el, struct ldb_val, el->num_values);
711 if (el->values == NULL) {
715 for (j = 0; j < el->num_values; j++) {
716 el->values[j] = msg->elements[i].values[j];
720 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
721 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
722 el->name, ldb_dn_get_linearized(msg2->dn));
723 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
727 /* Checks if element already exists */
728 idx = find_element(msg2, el->name);
730 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
734 ret = ltdb_index_add_element(module, msg2->dn,
736 if (ret != LDB_SUCCESS) {
740 j = (unsigned int) idx;
741 el2 = &(msg2->elements[j]);
743 /* We cannot add another value on a existing one
744 if the attribute is single-valued */
745 if (ldb_tdb_single_valued(a, el)) {
746 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
747 el->name, ldb_dn_get_linearized(msg2->dn));
748 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
752 /* Check that values don't exist yet on multi-
753 valued attributes or aren't provided twice */
754 for (j = 0; j < el->num_values; j++) {
755 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
756 if (control_permissive) {
757 /* remove this one as if it was never added */
759 for (k = j; k < el->num_values; k++) {
760 el->values[k] = el->values[k + 1];
767 ldb_asprintf_errstring(ldb,
768 "attribute '%s': value #%u on '%s' already exists",
769 el->name, j, ldb_dn_get_linearized(msg2->dn));
770 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
773 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
774 ldb_asprintf_errstring(ldb,
775 "attribute '%s': value #%u on '%s' provided more than once",
776 el->name, j, ldb_dn_get_linearized(msg2->dn));
777 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
782 /* Now combine existing and new values to a new
784 vals = talloc_realloc(msg2->elements,
785 el2->values, struct ldb_val,
786 el2->num_values + el->num_values);
793 for (j=0; j<el->num_values; j++) {
794 vals[el2->num_values + j] =
795 ldb_val_dup(vals, &el->values[j]);
799 el2->num_values += el->num_values;
801 ret = ltdb_index_add_element(module, msg2->dn, el);
802 if (ret != LDB_SUCCESS) {
809 case LDB_FLAG_MOD_REPLACE:
811 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
812 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
813 el->name, ldb_dn_get_linearized(msg2->dn));
814 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
818 /* TODO: This is O(n^2) - replace with more efficient check */
819 for (j=0; j<el->num_values; j++) {
820 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
821 ldb_asprintf_errstring(ldb,
822 "attribute '%s': value #%u on '%s' provided more than once",
823 el->name, j, ldb_dn_get_linearized(msg2->dn));
824 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
829 /* Checks if element already exists */
830 idx = find_element(msg2, el->name);
832 j = (unsigned int) idx;
833 el2 = &(msg2->elements[j]);
834 if (ldb_msg_element_compare(el, el2) == 0) {
835 /* we are replacing with the same values */
839 /* Delete the attribute if it exists in the DB */
840 if (msg_delete_attribute(module, ldb, msg2,
847 /* Recreate it with the new values */
848 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
853 ret = ltdb_index_add_element(module, msg2->dn, el);
854 if (ret != LDB_SUCCESS) {
860 case LDB_FLAG_MOD_DELETE:
861 dn = ldb_dn_get_linearized(msg2->dn);
867 if (msg->elements[i].num_values == 0) {
868 /* Delete the whole attribute */
869 ret = msg_delete_attribute(module, ldb, msg2,
870 msg->elements[i].name);
871 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
872 control_permissive) {
875 ldb_asprintf_errstring(ldb,
876 "attribute '%s': no such attribute for delete on '%s'",
877 msg->elements[i].name, dn);
879 if (ret != LDB_SUCCESS) {
883 /* Delete specified values from an attribute */
884 for (j=0; j < msg->elements[i].num_values; j++) {
885 ret = msg_delete_element(module,
887 msg->elements[i].name,
888 &msg->elements[i].values[j]);
889 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
890 control_permissive) {
893 ldb_asprintf_errstring(ldb,
894 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
895 msg->elements[i].name, dn);
897 if (ret != LDB_SUCCESS) {
904 ldb_asprintf_errstring(ldb,
905 "attribute '%s': invalid modify flags on '%s': 0x%x",
906 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
907 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
908 ret = LDB_ERR_PROTOCOL_ERROR;
913 ret = ltdb_store(module, msg2, TDB_MODIFY);
914 if (ret != LDB_SUCCESS) {
918 ret = ltdb_modified(module, msg2->dn);
919 if (ret != LDB_SUCCESS) {
924 talloc_free(tdb_key.dptr);
931 static int ltdb_modify(struct ltdb_context *ctx)
933 struct ldb_module *module = ctx->module;
934 struct ldb_request *req = ctx->req;
935 int ret = LDB_SUCCESS;
937 ret = ltdb_check_special_dn(module, req->op.mod.message);
938 if (ret != LDB_SUCCESS) {
942 ldb_request_set_state(req, LDB_ASYNC_PENDING);
944 if (ltdb_cache_load(module) != 0) {
945 return LDB_ERR_OPERATIONS_ERROR;
948 ret = ltdb_modify_internal(module, req->op.mod.message, req);
956 static int ltdb_rename(struct ltdb_context *ctx)
958 struct ldb_module *module = ctx->module;
959 struct ldb_request *req = ctx->req;
960 struct ldb_message *msg;
961 int ret = LDB_SUCCESS;
963 ldb_request_set_state(req, LDB_ASYNC_PENDING);
965 if (ltdb_cache_load(ctx->module) != 0) {
966 return LDB_ERR_OPERATIONS_ERROR;
969 msg = ldb_msg_new(ctx);
971 return LDB_ERR_OPERATIONS_ERROR;
974 /* in case any attribute of the message was indexed, we need
975 to fetch the old record */
976 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
977 if (ret != LDB_SUCCESS) {
978 /* not finding the old record is an error */
982 /* Always delete first then add, to avoid conflicts with
983 * unique indexes. We rely on the transaction to make this
986 ret = ltdb_delete_internal(module, msg->dn);
987 if (ret != LDB_SUCCESS) {
991 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
992 if (msg->dn == NULL) {
993 return LDB_ERR_OPERATIONS_ERROR;
996 ret = ltdb_add_internal(module, msg);
1001 static int ltdb_start_trans(struct ldb_module *module)
1003 void *data = ldb_module_get_private(module);
1004 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1006 if (tdb_transaction_start(ltdb->tdb) != 0) {
1007 return ltdb_err_map(tdb_error(ltdb->tdb));
1010 ltdb->in_transaction++;
1012 ltdb_index_transaction_start(module);
1017 static int ltdb_prepare_commit(struct ldb_module *module)
1019 void *data = ldb_module_get_private(module);
1020 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1022 if (ltdb->in_transaction != 1) {
1026 if (ltdb_index_transaction_commit(module) != 0) {
1027 tdb_transaction_cancel(ltdb->tdb);
1028 ltdb->in_transaction--;
1029 return ltdb_err_map(tdb_error(ltdb->tdb));
1032 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1033 ltdb->in_transaction--;
1034 return ltdb_err_map(tdb_error(ltdb->tdb));
1037 ltdb->prepared_commit = true;
1042 static int ltdb_end_trans(struct ldb_module *module)
1044 void *data = ldb_module_get_private(module);
1045 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1047 if (!ltdb->prepared_commit) {
1048 int ret = ltdb_prepare_commit(module);
1049 if (ret != LDB_SUCCESS) {
1054 ltdb->in_transaction--;
1055 ltdb->prepared_commit = false;
1057 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1058 return ltdb_err_map(tdb_error(ltdb->tdb));
1064 static int ltdb_del_trans(struct ldb_module *module)
1066 void *data = ldb_module_get_private(module);
1067 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1069 ltdb->in_transaction--;
1071 if (ltdb_index_transaction_cancel(module) != 0) {
1072 tdb_transaction_cancel(ltdb->tdb);
1073 return ltdb_err_map(tdb_error(ltdb->tdb));
1076 if (tdb_transaction_cancel(ltdb->tdb) != 0) {
1077 return ltdb_err_map(tdb_error(ltdb->tdb));
1084 return sequenceNumber from @BASEINFO
1086 static int ltdb_sequence_number(struct ltdb_context *ctx,
1087 struct ldb_extended **ext)
1089 struct ldb_context *ldb;
1090 struct ldb_module *module = ctx->module;
1091 struct ldb_request *req = ctx->req;
1092 TALLOC_CTX *tmp_ctx = NULL;
1093 struct ldb_seqnum_request *seq;
1094 struct ldb_seqnum_result *res;
1095 struct ldb_message *msg = NULL;
1098 int ret = LDB_SUCCESS;
1100 ldb = ldb_module_get_ctx(module);
1102 seq = talloc_get_type(req->op.extended.data,
1103 struct ldb_seqnum_request);
1105 return LDB_ERR_OPERATIONS_ERROR;
1108 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1110 if (ltdb_lock_read(module) != 0) {
1111 return LDB_ERR_OPERATIONS_ERROR;
1114 res = talloc_zero(req, struct ldb_seqnum_result);
1116 ret = LDB_ERR_OPERATIONS_ERROR;
1120 tmp_ctx = talloc_new(req);
1121 if (tmp_ctx == NULL) {
1122 ret = LDB_ERR_OPERATIONS_ERROR;
1126 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1128 ret = LDB_ERR_OPERATIONS_ERROR;
1132 msg = ldb_msg_new(tmp_ctx);
1134 ret = LDB_ERR_OPERATIONS_ERROR;
1138 ret = ltdb_search_dn1(module, dn, msg);
1139 if (ret != LDB_SUCCESS) {
1143 switch (seq->type) {
1144 case LDB_SEQ_HIGHEST_SEQ:
1145 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1148 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1151 case LDB_SEQ_HIGHEST_TIMESTAMP:
1152 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1154 res->seq_num = ldb_string_to_time(date);
1157 /* zero is as good as anything when we don't know */
1162 *ext = talloc_zero(req, struct ldb_extended);
1164 ret = LDB_ERR_OPERATIONS_ERROR;
1167 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1168 (*ext)->data = talloc_steal(*ext, res);
1171 talloc_free(tmp_ctx);
1172 ltdb_unlock_read(module);
1176 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1178 struct ldb_context *ldb;
1179 struct ldb_request *req;
1180 struct ldb_reply *ares;
1182 ldb = ldb_module_get_ctx(ctx->module);
1185 /* if we already returned an error just return */
1186 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1190 ares = talloc_zero(req, struct ldb_reply);
1193 req->callback(req, NULL);
1196 ares->type = LDB_REPLY_DONE;
1197 ares->error = error;
1199 req->callback(req, ares);
1202 static void ltdb_timeout(struct tevent_context *ev,
1203 struct tevent_timer *te,
1207 struct ltdb_context *ctx;
1208 ctx = talloc_get_type(private_data, struct ltdb_context);
1210 if (!ctx->request_terminated) {
1211 /* request is done now */
1212 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1215 if (!ctx->request_terminated) {
1216 /* neutralize the spy */
1217 ctx->spy->ctx = NULL;
1222 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1223 struct ldb_extended *ext,
1226 struct ldb_context *ldb;
1227 struct ldb_request *req;
1228 struct ldb_reply *ares;
1230 ldb = ldb_module_get_ctx(ctx->module);
1233 /* if we already returned an error just return */
1234 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1238 ares = talloc_zero(req, struct ldb_reply);
1241 req->callback(req, NULL);
1244 ares->type = LDB_REPLY_DONE;
1245 ares->response = ext;
1246 ares->error = error;
1248 req->callback(req, ares);
1251 static void ltdb_handle_extended(struct ltdb_context *ctx)
1253 struct ldb_extended *ext = NULL;
1256 if (strcmp(ctx->req->op.extended.oid,
1257 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1258 /* get sequence number */
1259 ret = ltdb_sequence_number(ctx, &ext);
1261 /* not recognized */
1262 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1265 ltdb_request_extended_done(ctx, ext, ret);
1268 static void ltdb_callback(struct tevent_context *ev,
1269 struct tevent_timer *te,
1273 struct ltdb_context *ctx;
1276 ctx = talloc_get_type(private_data, struct ltdb_context);
1278 if (ctx->request_terminated) {
1282 switch (ctx->req->operation) {
1284 ret = ltdb_search(ctx);
1287 ret = ltdb_add(ctx);
1290 ret = ltdb_modify(ctx);
1293 ret = ltdb_delete(ctx);
1296 ret = ltdb_rename(ctx);
1299 ltdb_handle_extended(ctx);
1302 /* no other op supported */
1303 ret = LDB_ERR_PROTOCOL_ERROR;
1306 if (!ctx->request_terminated) {
1307 /* request is done now */
1308 ltdb_request_done(ctx, ret);
1312 if (!ctx->request_terminated) {
1313 /* neutralize the spy */
1314 ctx->spy->ctx = NULL;
1319 static int ltdb_request_destructor(void *ptr)
1321 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1323 if (spy->ctx != NULL) {
1324 spy->ctx->request_terminated = true;
1330 static int ltdb_handle_request(struct ldb_module *module,
1331 struct ldb_request *req)
1333 struct ldb_control *control_permissive;
1334 struct ldb_context *ldb;
1335 struct tevent_context *ev;
1336 struct ltdb_context *ac;
1337 struct tevent_timer *te;
1341 ldb = ldb_module_get_ctx(module);
1343 control_permissive = ldb_request_get_control(req,
1344 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1346 for (i = 0; req->controls && req->controls[i]; i++) {
1347 if (req->controls[i]->critical &&
1348 req->controls[i] != control_permissive) {
1349 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1350 req->controls[i]->oid);
1351 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1355 if (req->starttime == 0 || req->timeout == 0) {
1356 ldb_set_errstring(ldb, "Invalid timeout settings");
1357 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1360 ev = ldb_get_event_context(ldb);
1362 ac = talloc_zero(ldb, struct ltdb_context);
1365 return LDB_ERR_OPERATIONS_ERROR;
1368 ac->module = module;
1373 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1376 return LDB_ERR_OPERATIONS_ERROR;
1379 tv.tv_sec = req->starttime + req->timeout;
1380 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1381 if (NULL == ac->timeout_event) {
1383 return LDB_ERR_OPERATIONS_ERROR;
1386 /* set a spy so that we do not try to use the request context
1387 * if it is freed before ltdb_callback fires */
1388 ac->spy = talloc(req, struct ltdb_req_spy);
1389 if (NULL == ac->spy) {
1391 return LDB_ERR_OPERATIONS_ERROR;
1395 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1400 static int ltdb_init_rootdse(struct ldb_module *module)
1402 struct ldb_context *ldb;
1405 ldb = ldb_module_get_ctx(module);
1407 ret = ldb_mod_register_control(module,
1408 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1409 /* ignore errors on this - we expect it for non-sam databases */
1411 /* there can be no module beyond the backend, just return */
1415 static const struct ldb_module_ops ltdb_ops = {
1417 .init_context = ltdb_init_rootdse,
1418 .search = ltdb_handle_request,
1419 .add = ltdb_handle_request,
1420 .modify = ltdb_handle_request,
1421 .del = ltdb_handle_request,
1422 .rename = ltdb_handle_request,
1423 .extended = ltdb_handle_request,
1424 .start_transaction = ltdb_start_trans,
1425 .end_transaction = ltdb_end_trans,
1426 .prepare_commit = ltdb_prepare_commit,
1427 .del_transaction = ltdb_del_trans,
1431 connect to the database
1433 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1434 unsigned int flags, const char *options[],
1435 struct ldb_module **_module)
1437 struct ldb_module *module;
1439 int tdb_flags, open_flags;
1440 struct ltdb_private *ltdb;
1443 if (strchr(url, ':')) {
1444 if (strncmp(url, "tdb://", 6) != 0) {
1445 ldb_debug(ldb, LDB_DEBUG_ERROR,
1446 "Invalid tdb URL '%s'", url);
1447 return LDB_ERR_OPERATIONS_ERROR;
1454 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1456 /* check for the 'nosync' option */
1457 if (flags & LDB_FLG_NOSYNC) {
1458 tdb_flags |= TDB_NOSYNC;
1461 /* and nommap option */
1462 if (flags & LDB_FLG_NOMMAP) {
1463 tdb_flags |= TDB_NOMMAP;
1466 if (flags & LDB_FLG_RDONLY) {
1467 open_flags = O_RDONLY;
1469 open_flags = O_CREAT | O_RDWR;
1472 ltdb = talloc_zero(ldb, struct ltdb_private);
1475 return LDB_ERR_OPERATIONS_ERROR;
1478 /* note that we use quite a large default hash size */
1479 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1480 tdb_flags, open_flags,
1481 ldb_get_create_perms(ldb), ldb);
1483 ldb_debug(ldb, LDB_DEBUG_ERROR,
1484 "Unable to open tdb '%s'", path);
1486 return LDB_ERR_OPERATIONS_ERROR;
1489 if (getenv("LDB_WARN_UNINDEXED")) {
1490 ltdb->warn_unindexed = true;
1493 ltdb->sequence_number = 0;
1495 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1498 return LDB_ERR_OPERATIONS_ERROR;
1500 ldb_module_set_private(module, ltdb);
1501 talloc_steal(module, ltdb);
1503 if (ltdb_cache_load(module) != 0) {
1504 talloc_free(module);
1506 return LDB_ERR_OPERATIONS_ERROR;
1513 int ldb_tdb_init(const char *version)
1515 LDB_MODULE_CHECK_VERSION(version);
1516 return ldb_register_backend("tdb", ltdb_connect, false);