4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include <lib/tdb_compat/tdb_compat.h>
57 map a tdb error code to a ldb error code
59 int ltdb_err_map(enum TDB_ERROR tdb_code)
67 return LDB_ERR_OPERATIONS_ERROR;
69 return LDB_ERR_PROTOCOL_ERROR;
76 case TDB_ERR_LOCK_TIMEOUT:
78 return LDB_ERR_TIME_LIMIT_EXCEEDED;
80 return LDB_ERR_ENTRY_ALREADY_EXISTS;
82 return LDB_ERR_NO_SUCH_OBJECT;
84 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
92 lock the database for read - use by ltdb_search and ltdb_sequence_number
94 int ltdb_lock_read(struct ldb_module *module)
96 void *data = ldb_module_get_private(module);
97 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
100 if (ltdb->in_transaction == 0 &&
101 ltdb->read_lock_count == 0) {
102 ret = tdb_lockall_read(ltdb->tdb);
105 ltdb->read_lock_count++;
111 unlock the database after a ltdb_lock_read()
113 int ltdb_unlock_read(struct ldb_module *module)
115 void *data = ldb_module_get_private(module);
116 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
117 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
118 tdb_unlockall_read(ltdb->tdb);
121 ltdb->read_lock_count--;
127 form a TDB_DATA for a record key
130 note that the key for a record can depend on whether the
131 dn refers to a case sensitive index record or not
133 TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
135 struct ldb_context *ldb = ldb_module_get_ctx(module);
137 char *key_str = NULL;
138 const char *dn_folded = NULL;
141 most DNs are case insensitive. The exception is index DNs for
142 case sensitive attributes
144 there are 3 cases dealt with in this code:
146 1) if the dn doesn't start with @ then uppercase the attribute
147 names and the attributes values of case insensitive attributes
148 2) if the dn starts with @ then leave it alone -
149 the indexing code handles the rest
152 dn_folded = ldb_dn_get_casefold(dn);
157 key_str = talloc_strdup(ldb, "DN=");
162 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
167 key.dptr = (uint8_t *)key_str;
168 key.dsize = strlen(key_str) + 1;
180 check special dn's have valid attributes
181 currently only @ATTRIBUTES is checked
183 static int ltdb_check_special_dn(struct ldb_module *module,
184 const struct ldb_message *msg)
186 struct ldb_context *ldb = ldb_module_get_ctx(module);
189 if (! ldb_dn_is_special(msg->dn) ||
190 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
194 /* we have @ATTRIBUTES, let's check attributes are fine */
195 /* should we check that we deny multivalued attributes ? */
196 for (i = 0; i < msg->num_elements; i++) {
197 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
199 for (j = 0; j < msg->elements[i].num_values; j++) {
200 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
201 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
202 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
212 we've made a modification to a dn - possibly reindex and
213 update sequence number
215 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
217 int ret = LDB_SUCCESS;
218 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
220 /* only allow modifies inside a transaction, otherwise the
222 if (ltdb->in_transaction == 0) {
223 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
224 return LDB_ERR_OPERATIONS_ERROR;
227 if (ldb_dn_is_special(dn) &&
228 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
229 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
230 ret = ltdb_reindex(module);
233 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
234 if (ret == LDB_SUCCESS &&
235 !(ldb_dn_is_special(dn) &&
236 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
237 ret = ltdb_increase_sequence_number(module);
240 /* If the modify was to @OPTIONS, reload the cache */
241 if (ret == LDB_SUCCESS &&
242 ldb_dn_is_special(dn) &&
243 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
244 ret = ltdb_cache_reload(module);
251 store a record into the db
253 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
255 void *data = ldb_module_get_private(module);
256 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
257 TDB_DATA tdb_key, tdb_data;
258 int ret = LDB_SUCCESS;
260 tdb_key = ltdb_key(module, msg->dn);
261 if (tdb_key.dptr == NULL) {
262 return LDB_ERR_OTHER;
265 ret = ltdb_pack_data(module, msg, &tdb_data);
267 talloc_free(tdb_key.dptr);
268 return LDB_ERR_OTHER;
271 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
273 ret = ltdb_err_map(tdb_error(ltdb->tdb));
278 talloc_free(tdb_key.dptr);
279 talloc_free(tdb_data.dptr);
286 check if a attribute is a single valued, for a given element
288 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
289 struct ldb_message_element *el)
291 if (!a) return false;
293 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
294 /* override from a ldb module, for example
295 used for the description field, which is
296 marked multi-valued in the schema but which
297 should not actually accept multiple
301 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
302 /* override from a ldb module, for example used for
303 deleted linked attribute entries */
307 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
313 static int ltdb_add_internal(struct ldb_module *module,
314 const struct ldb_message *msg)
316 struct ldb_context *ldb = ldb_module_get_ctx(module);
317 int ret = LDB_SUCCESS;
320 for (i=0;i<msg->num_elements;i++) {
321 struct ldb_message_element *el = &msg->elements[i];
322 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
324 if (el->num_values == 0) {
325 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
326 el->name, ldb_dn_get_linearized(msg->dn));
327 return LDB_ERR_CONSTRAINT_VIOLATION;
329 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
330 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
331 el->name, ldb_dn_get_linearized(msg->dn));
332 return LDB_ERR_CONSTRAINT_VIOLATION;
336 ret = ltdb_store(module, msg, TDB_INSERT);
337 if (ret != LDB_SUCCESS) {
338 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
339 ldb_asprintf_errstring(ldb,
340 "Entry %s already exists",
341 ldb_dn_get_linearized(msg->dn));
346 ret = ltdb_index_add_new(module, msg);
347 if (ret != LDB_SUCCESS) {
351 ret = ltdb_modified(module, msg->dn);
357 add a record to the database
359 static int ltdb_add(struct ltdb_context *ctx)
361 struct ldb_module *module = ctx->module;
362 struct ldb_request *req = ctx->req;
363 int ret = LDB_SUCCESS;
365 ret = ltdb_check_special_dn(module, req->op.add.message);
366 if (ret != LDB_SUCCESS) {
370 ldb_request_set_state(req, LDB_ASYNC_PENDING);
372 if (ltdb_cache_load(module) != 0) {
373 return LDB_ERR_OPERATIONS_ERROR;
376 ret = ltdb_add_internal(module, req->op.add.message);
382 delete a record from the database, not updating indexes (used for deleting
385 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
387 void *data = ldb_module_get_private(module);
388 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
392 tdb_key = ltdb_key(module, dn);
394 return LDB_ERR_OTHER;
397 ret = tdb_delete(ltdb->tdb, tdb_key);
398 talloc_free(tdb_key.dptr);
401 ret = ltdb_err_map(tdb_error(ltdb->tdb));
407 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
409 struct ldb_message *msg;
410 int ret = LDB_SUCCESS;
412 msg = ldb_msg_new(module);
414 return LDB_ERR_OPERATIONS_ERROR;
417 /* in case any attribute of the message was indexed, we need
418 to fetch the old record */
419 ret = ltdb_search_dn1(module, dn, msg);
420 if (ret != LDB_SUCCESS) {
421 /* not finding the old record is an error */
425 ret = ltdb_delete_noindex(module, dn);
426 if (ret != LDB_SUCCESS) {
430 /* remove any indexed attributes */
431 ret = ltdb_index_delete(module, msg);
432 if (ret != LDB_SUCCESS) {
436 ret = ltdb_modified(module, dn);
437 if (ret != LDB_SUCCESS) {
447 delete a record from the database
449 static int ltdb_delete(struct ltdb_context *ctx)
451 struct ldb_module *module = ctx->module;
452 struct ldb_request *req = ctx->req;
453 int ret = LDB_SUCCESS;
455 ldb_request_set_state(req, LDB_ASYNC_PENDING);
457 if (ltdb_cache_load(module) != 0) {
458 return LDB_ERR_OPERATIONS_ERROR;
461 ret = ltdb_delete_internal(module, req->op.del.dn);
467 find an element by attribute name. At the moment this does a linear search,
468 it should be re-coded to use a binary search once all places that modify
469 records guarantee sorted order
471 return the index of the first matching element if found, otherwise -1
473 static int find_element(const struct ldb_message *msg, const char *name)
476 for (i=0;i<msg->num_elements;i++) {
477 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
486 add an element to an existing record. Assumes a elements array that we
487 can call re-alloc on, and assumed that we can re-use the data pointers from
488 the passed in additional values. Use with care!
490 returns 0 on success, -1 on failure (and sets errno)
492 static int ltdb_msg_add_element(struct ldb_context *ldb,
493 struct ldb_message *msg,
494 struct ldb_message_element *el)
496 struct ldb_message_element *e2;
499 if (el->num_values == 0) {
500 /* nothing to do here - we don't add empty elements */
504 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
505 msg->num_elements+1);
513 e2 = &msg->elements[msg->num_elements];
516 e2->flags = el->flags;
517 e2->values = talloc_array(msg->elements,
518 struct ldb_val, el->num_values);
523 for (i=0;i<el->num_values;i++) {
524 e2->values[i] = el->values[i];
526 e2->num_values = el->num_values;
534 delete all elements having a specified attribute name
536 static int msg_delete_attribute(struct ldb_module *module,
537 struct ldb_context *ldb,
538 struct ldb_message *msg, const char *name)
542 struct ldb_message_element *el;
544 el = ldb_msg_find_element(msg, name);
546 return LDB_ERR_NO_SUCH_ATTRIBUTE;
548 i = el - msg->elements;
550 ret = ltdb_index_del_element(module, msg->dn, el);
551 if (ret != LDB_SUCCESS) {
555 talloc_free(el->values);
556 if (msg->num_elements > (i+1)) {
557 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
560 msg->elements = talloc_realloc(msg, msg->elements,
561 struct ldb_message_element,
567 delete all elements matching an attribute name/value
569 return LDB Error on failure
571 static int msg_delete_element(struct ldb_module *module,
572 struct ldb_message *msg,
574 const struct ldb_val *val)
576 struct ldb_context *ldb = ldb_module_get_ctx(module);
579 struct ldb_message_element *el;
580 const struct ldb_schema_attribute *a;
582 found = find_element(msg, name);
584 return LDB_ERR_NO_SUCH_ATTRIBUTE;
587 i = (unsigned int) found;
588 el = &(msg->elements[i]);
590 a = ldb_schema_attribute_by_name(ldb, el->name);
592 for (i=0;i<el->num_values;i++) {
594 if (a->syntax->operator_fn) {
595 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
596 &el->values[i], val, &matched);
597 if (ret != LDB_SUCCESS) return ret;
599 matched = (a->syntax->comparison_fn(ldb, ldb,
600 &el->values[i], val) == 0);
603 if (el->num_values == 1) {
604 return msg_delete_attribute(module, ldb, msg, name);
607 ret = ltdb_index_del_value(module, msg->dn, el, i);
608 if (ret != LDB_SUCCESS) {
612 if (i<el->num_values-1) {
613 memmove(&el->values[i], &el->values[i+1],
614 sizeof(el->values[i])*
615 (el->num_values-(i+1)));
619 /* per definition we find in a canonicalised message an
620 attribute value only once. So we are finished here */
626 return LDB_ERR_NO_SUCH_ATTRIBUTE;
631 modify a record - internal interface
633 yuck - this is O(n^2). Luckily n is usually small so we probably
634 get away with it, but if we ever have really large attribute lists
635 then we'll need to look at this again
637 'req' is optional, and is used to specify controls if supplied
639 int ltdb_modify_internal(struct ldb_module *module,
640 const struct ldb_message *msg,
641 struct ldb_request *req)
643 struct ldb_context *ldb = ldb_module_get_ctx(module);
644 void *data = ldb_module_get_private(module);
645 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
646 TDB_DATA tdb_key, tdb_data;
647 struct ldb_message *msg2;
648 unsigned int i, j, k;
649 int ret = LDB_SUCCESS, idx;
650 struct ldb_control *control_permissive = NULL;
653 control_permissive = ldb_request_get_control(req,
654 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
657 tdb_key = ltdb_key(module, msg->dn);
659 return LDB_ERR_OTHER;
662 tdb_data = tdb_fetch_compat(ltdb->tdb, tdb_key);
663 if (!tdb_data.dptr) {
664 talloc_free(tdb_key.dptr);
665 return ltdb_err_map(tdb_error(ltdb->tdb));
668 msg2 = ldb_msg_new(tdb_key.dptr);
675 ret = ltdb_unpack_data(module, &tdb_data, msg2);
686 for (i=0; i<msg->num_elements; i++) {
687 struct ldb_message_element *el = &msg->elements[i], *el2;
688 struct ldb_val *vals;
689 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
692 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
693 case LDB_FLAG_MOD_ADD:
695 if (el->num_values == 0) {
696 ldb_asprintf_errstring(ldb,
697 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
698 el->name, ldb_dn_get_linearized(msg2->dn));
699 ret = LDB_ERR_CONSTRAINT_VIOLATION;
703 /* make a copy of the array so that a permissive
704 * control can remove duplicates without changing the
705 * original values, but do not copy data as we do not
706 * need to keep it around once the operation is
708 if (control_permissive) {
709 el = talloc(msg2, struct ldb_message_element);
714 *el = msg->elements[i];
715 el->values = talloc_array(el, struct ldb_val, el->num_values);
716 if (el->values == NULL) {
720 for (j = 0; j < el->num_values; j++) {
721 el->values[j] = msg->elements[i].values[j];
725 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
726 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
727 el->name, ldb_dn_get_linearized(msg2->dn));
728 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
732 /* Checks if element already exists */
733 idx = find_element(msg2, el->name);
735 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
739 ret = ltdb_index_add_element(module, msg2->dn,
741 if (ret != LDB_SUCCESS) {
745 j = (unsigned int) idx;
746 el2 = &(msg2->elements[j]);
748 /* We cannot add another value on a existing one
749 if the attribute is single-valued */
750 if (ldb_tdb_single_valued(a, el)) {
751 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
752 el->name, ldb_dn_get_linearized(msg2->dn));
753 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
757 /* Check that values don't exist yet on multi-
758 valued attributes or aren't provided twice */
759 for (j = 0; j < el->num_values; j++) {
760 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
761 if (control_permissive) {
762 /* remove this one as if it was never added */
764 for (k = j; k < el->num_values; k++) {
765 el->values[k] = el->values[k + 1];
772 ldb_asprintf_errstring(ldb,
773 "attribute '%s': value #%u on '%s' already exists",
774 el->name, j, ldb_dn_get_linearized(msg2->dn));
775 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
778 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
779 ldb_asprintf_errstring(ldb,
780 "attribute '%s': value #%u on '%s' provided more than once",
781 el->name, j, ldb_dn_get_linearized(msg2->dn));
782 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
787 /* Now combine existing and new values to a new
789 vals = talloc_realloc(msg2->elements,
790 el2->values, struct ldb_val,
791 el2->num_values + el->num_values);
798 for (j=0; j<el->num_values; j++) {
799 vals[el2->num_values + j] =
800 ldb_val_dup(vals, &el->values[j]);
804 el2->num_values += el->num_values;
806 ret = ltdb_index_add_element(module, msg2->dn, el);
807 if (ret != LDB_SUCCESS) {
814 case LDB_FLAG_MOD_REPLACE:
816 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
817 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
818 el->name, ldb_dn_get_linearized(msg2->dn));
819 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
823 /* TODO: This is O(n^2) - replace with more efficient check */
824 for (j=0; j<el->num_values; j++) {
825 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
826 ldb_asprintf_errstring(ldb,
827 "attribute '%s': value #%u on '%s' provided more than once",
828 el->name, j, ldb_dn_get_linearized(msg2->dn));
829 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
834 /* Checks if element already exists */
835 idx = find_element(msg2, el->name);
837 j = (unsigned int) idx;
838 el2 = &(msg2->elements[j]);
839 if (ldb_msg_element_compare(el, el2) == 0) {
840 /* we are replacing with the same values */
844 /* Delete the attribute if it exists in the DB */
845 if (msg_delete_attribute(module, ldb, msg2,
852 /* Recreate it with the new values */
853 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
858 ret = ltdb_index_add_element(module, msg2->dn, el);
859 if (ret != LDB_SUCCESS) {
865 case LDB_FLAG_MOD_DELETE:
866 dn = ldb_dn_get_linearized(msg2->dn);
872 if (msg->elements[i].num_values == 0) {
873 /* Delete the whole attribute */
874 ret = msg_delete_attribute(module, ldb, msg2,
875 msg->elements[i].name);
876 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
877 control_permissive) {
880 ldb_asprintf_errstring(ldb,
881 "attribute '%s': no such attribute for delete on '%s'",
882 msg->elements[i].name, dn);
884 if (ret != LDB_SUCCESS) {
888 /* Delete specified values from an attribute */
889 for (j=0; j < msg->elements[i].num_values; j++) {
890 ret = msg_delete_element(module,
892 msg->elements[i].name,
893 &msg->elements[i].values[j]);
894 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
895 control_permissive) {
898 ldb_asprintf_errstring(ldb,
899 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
900 msg->elements[i].name, dn);
902 if (ret != LDB_SUCCESS) {
909 ldb_asprintf_errstring(ldb,
910 "attribute '%s': invalid modify flags on '%s': 0x%x",
911 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
912 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
913 ret = LDB_ERR_PROTOCOL_ERROR;
918 ret = ltdb_store(module, msg2, TDB_MODIFY);
919 if (ret != LDB_SUCCESS) {
923 ret = ltdb_modified(module, msg2->dn);
924 if (ret != LDB_SUCCESS) {
929 talloc_free(tdb_key.dptr);
936 static int ltdb_modify(struct ltdb_context *ctx)
938 struct ldb_module *module = ctx->module;
939 struct ldb_request *req = ctx->req;
940 int ret = LDB_SUCCESS;
942 ret = ltdb_check_special_dn(module, req->op.mod.message);
943 if (ret != LDB_SUCCESS) {
947 ldb_request_set_state(req, LDB_ASYNC_PENDING);
949 if (ltdb_cache_load(module) != 0) {
950 return LDB_ERR_OPERATIONS_ERROR;
953 ret = ltdb_modify_internal(module, req->op.mod.message, req);
961 static int ltdb_rename(struct ltdb_context *ctx)
963 struct ldb_module *module = ctx->module;
964 struct ldb_request *req = ctx->req;
965 struct ldb_message *msg;
966 int ret = LDB_SUCCESS;
968 ldb_request_set_state(req, LDB_ASYNC_PENDING);
970 if (ltdb_cache_load(ctx->module) != 0) {
971 return LDB_ERR_OPERATIONS_ERROR;
974 msg = ldb_msg_new(ctx);
976 return LDB_ERR_OPERATIONS_ERROR;
979 /* in case any attribute of the message was indexed, we need
980 to fetch the old record */
981 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
982 if (ret != LDB_SUCCESS) {
983 /* not finding the old record is an error */
987 /* Always delete first then add, to avoid conflicts with
988 * unique indexes. We rely on the transaction to make this
991 ret = ltdb_delete_internal(module, msg->dn);
992 if (ret != LDB_SUCCESS) {
996 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
997 if (msg->dn == NULL) {
998 return LDB_ERR_OPERATIONS_ERROR;
1001 ret = ltdb_add_internal(module, msg);
1006 static int ltdb_start_trans(struct ldb_module *module)
1008 void *data = ldb_module_get_private(module);
1009 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1011 if (tdb_transaction_start(ltdb->tdb) != 0) {
1012 return ltdb_err_map(tdb_error(ltdb->tdb));
1015 ltdb->in_transaction++;
1017 ltdb_index_transaction_start(module);
1022 static int ltdb_prepare_commit(struct ldb_module *module)
1024 void *data = ldb_module_get_private(module);
1025 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1027 if (ltdb->in_transaction != 1) {
1031 if (ltdb_index_transaction_commit(module) != 0) {
1032 tdb_transaction_cancel(ltdb->tdb);
1033 ltdb->in_transaction--;
1034 return ltdb_err_map(tdb_error(ltdb->tdb));
1037 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1038 ltdb->in_transaction--;
1039 return ltdb_err_map(tdb_error(ltdb->tdb));
1042 ltdb->prepared_commit = true;
1047 static int ltdb_end_trans(struct ldb_module *module)
1049 void *data = ldb_module_get_private(module);
1050 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1052 if (!ltdb->prepared_commit) {
1053 int ret = ltdb_prepare_commit(module);
1054 if (ret != LDB_SUCCESS) {
1059 ltdb->in_transaction--;
1060 ltdb->prepared_commit = false;
1062 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1063 return ltdb_err_map(tdb_error(ltdb->tdb));
1069 static int ltdb_del_trans(struct ldb_module *module)
1071 void *data = ldb_module_get_private(module);
1072 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1074 ltdb->in_transaction--;
1076 if (ltdb_index_transaction_cancel(module) != 0) {
1077 tdb_transaction_cancel(ltdb->tdb);
1078 return ltdb_err_map(tdb_error(ltdb->tdb));
1081 tdb_transaction_cancel(ltdb->tdb);
1086 return sequenceNumber from @BASEINFO
1088 static int ltdb_sequence_number(struct ltdb_context *ctx,
1089 struct ldb_extended **ext)
1091 struct ldb_context *ldb;
1092 struct ldb_module *module = ctx->module;
1093 struct ldb_request *req = ctx->req;
1094 TALLOC_CTX *tmp_ctx = NULL;
1095 struct ldb_seqnum_request *seq;
1096 struct ldb_seqnum_result *res;
1097 struct ldb_message *msg = NULL;
1100 int ret = LDB_SUCCESS;
1102 ldb = ldb_module_get_ctx(module);
1104 seq = talloc_get_type(req->op.extended.data,
1105 struct ldb_seqnum_request);
1107 return LDB_ERR_OPERATIONS_ERROR;
1110 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1112 if (ltdb_lock_read(module) != 0) {
1113 return LDB_ERR_OPERATIONS_ERROR;
1116 res = talloc_zero(req, struct ldb_seqnum_result);
1118 ret = LDB_ERR_OPERATIONS_ERROR;
1122 tmp_ctx = talloc_new(req);
1123 if (tmp_ctx == NULL) {
1124 ret = LDB_ERR_OPERATIONS_ERROR;
1128 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1130 ret = LDB_ERR_OPERATIONS_ERROR;
1134 msg = ldb_msg_new(tmp_ctx);
1136 ret = LDB_ERR_OPERATIONS_ERROR;
1140 ret = ltdb_search_dn1(module, dn, msg);
1141 if (ret != LDB_SUCCESS) {
1145 switch (seq->type) {
1146 case LDB_SEQ_HIGHEST_SEQ:
1147 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1150 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1153 case LDB_SEQ_HIGHEST_TIMESTAMP:
1154 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1156 res->seq_num = ldb_string_to_time(date);
1159 /* zero is as good as anything when we don't know */
1164 *ext = talloc_zero(req, struct ldb_extended);
1166 ret = LDB_ERR_OPERATIONS_ERROR;
1169 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1170 (*ext)->data = talloc_steal(*ext, res);
1173 talloc_free(tmp_ctx);
1174 ltdb_unlock_read(module);
1178 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1180 struct ldb_context *ldb;
1181 struct ldb_request *req;
1182 struct ldb_reply *ares;
1184 ldb = ldb_module_get_ctx(ctx->module);
1187 /* if we already returned an error just return */
1188 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1192 ares = talloc_zero(req, struct ldb_reply);
1195 req->callback(req, NULL);
1198 ares->type = LDB_REPLY_DONE;
1199 ares->error = error;
1201 req->callback(req, ares);
1204 static void ltdb_timeout(struct tevent_context *ev,
1205 struct tevent_timer *te,
1209 struct ltdb_context *ctx;
1210 ctx = talloc_get_type(private_data, struct ltdb_context);
1212 if (!ctx->request_terminated) {
1213 /* request is done now */
1214 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1217 if (!ctx->request_terminated) {
1218 /* neutralize the spy */
1219 ctx->spy->ctx = NULL;
1224 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1225 struct ldb_extended *ext,
1228 struct ldb_context *ldb;
1229 struct ldb_request *req;
1230 struct ldb_reply *ares;
1232 ldb = ldb_module_get_ctx(ctx->module);
1235 /* if we already returned an error just return */
1236 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1240 ares = talloc_zero(req, struct ldb_reply);
1243 req->callback(req, NULL);
1246 ares->type = LDB_REPLY_DONE;
1247 ares->response = ext;
1248 ares->error = error;
1250 req->callback(req, ares);
1253 static void ltdb_handle_extended(struct ltdb_context *ctx)
1255 struct ldb_extended *ext = NULL;
1258 if (strcmp(ctx->req->op.extended.oid,
1259 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1260 /* get sequence number */
1261 ret = ltdb_sequence_number(ctx, &ext);
1263 /* not recognized */
1264 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1267 ltdb_request_extended_done(ctx, ext, ret);
1270 static void ltdb_callback(struct tevent_context *ev,
1271 struct tevent_timer *te,
1275 struct ltdb_context *ctx;
1278 ctx = talloc_get_type(private_data, struct ltdb_context);
1280 if (ctx->request_terminated) {
1284 switch (ctx->req->operation) {
1286 ret = ltdb_search(ctx);
1289 ret = ltdb_add(ctx);
1292 ret = ltdb_modify(ctx);
1295 ret = ltdb_delete(ctx);
1298 ret = ltdb_rename(ctx);
1301 ltdb_handle_extended(ctx);
1304 /* no other op supported */
1305 ret = LDB_ERR_PROTOCOL_ERROR;
1308 if (!ctx->request_terminated) {
1309 /* request is done now */
1310 ltdb_request_done(ctx, ret);
1314 if (!ctx->request_terminated) {
1315 /* neutralize the spy */
1316 ctx->spy->ctx = NULL;
1321 static int ltdb_request_destructor(void *ptr)
1323 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1325 if (spy->ctx != NULL) {
1326 spy->ctx->request_terminated = true;
1332 static int ltdb_handle_request(struct ldb_module *module,
1333 struct ldb_request *req)
1335 struct ldb_control *control_permissive;
1336 struct ldb_context *ldb;
1337 struct tevent_context *ev;
1338 struct ltdb_context *ac;
1339 struct tevent_timer *te;
1343 ldb = ldb_module_get_ctx(module);
1345 control_permissive = ldb_request_get_control(req,
1346 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1348 for (i = 0; req->controls && req->controls[i]; i++) {
1349 if (req->controls[i]->critical &&
1350 req->controls[i] != control_permissive) {
1351 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1352 req->controls[i]->oid);
1353 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1357 if (req->starttime == 0 || req->timeout == 0) {
1358 ldb_set_errstring(ldb, "Invalid timeout settings");
1359 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1362 ev = ldb_get_event_context(ldb);
1364 ac = talloc_zero(ldb, struct ltdb_context);
1367 return LDB_ERR_OPERATIONS_ERROR;
1370 ac->module = module;
1375 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1378 return LDB_ERR_OPERATIONS_ERROR;
1381 tv.tv_sec = req->starttime + req->timeout;
1382 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1383 if (NULL == ac->timeout_event) {
1385 return LDB_ERR_OPERATIONS_ERROR;
1388 /* set a spy so that we do not try to use the request context
1389 * if it is freed before ltdb_callback fires */
1390 ac->spy = talloc(req, struct ltdb_req_spy);
1391 if (NULL == ac->spy) {
1393 return LDB_ERR_OPERATIONS_ERROR;
1397 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1402 static int ltdb_init_rootdse(struct ldb_module *module)
1404 struct ldb_context *ldb;
1407 ldb = ldb_module_get_ctx(module);
1409 ret = ldb_mod_register_control(module,
1410 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1411 /* ignore errors on this - we expect it for non-sam databases */
1413 /* there can be no module beyond the backend, just return */
1417 static const struct ldb_module_ops ltdb_ops = {
1419 .init_context = ltdb_init_rootdse,
1420 .search = ltdb_handle_request,
1421 .add = ltdb_handle_request,
1422 .modify = ltdb_handle_request,
1423 .del = ltdb_handle_request,
1424 .rename = ltdb_handle_request,
1425 .extended = ltdb_handle_request,
1426 .start_transaction = ltdb_start_trans,
1427 .end_transaction = ltdb_end_trans,
1428 .prepare_commit = ltdb_prepare_commit,
1429 .del_transaction = ltdb_del_trans,
1433 connect to the database
1435 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1436 unsigned int flags, const char *options[],
1437 struct ldb_module **_module)
1439 struct ldb_module *module;
1441 int tdb_flags, open_flags;
1442 struct ltdb_private *ltdb;
1445 if (strchr(url, ':')) {
1446 if (strncmp(url, "tdb://", 6) != 0) {
1447 ldb_debug(ldb, LDB_DEBUG_ERROR,
1448 "Invalid tdb URL '%s'", url);
1449 return LDB_ERR_OPERATIONS_ERROR;
1456 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1458 /* check for the 'nosync' option */
1459 if (flags & LDB_FLG_NOSYNC) {
1460 tdb_flags |= TDB_NOSYNC;
1463 /* and nommap option */
1464 if (flags & LDB_FLG_NOMMAP) {
1465 tdb_flags |= TDB_NOMMAP;
1468 if (flags & LDB_FLG_RDONLY) {
1469 open_flags = O_RDONLY;
1471 open_flags = O_CREAT | O_RDWR;
1474 ltdb = talloc_zero(ldb, struct ltdb_private);
1477 return LDB_ERR_OPERATIONS_ERROR;
1480 /* note that we use quite a large default hash size */
1481 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1482 tdb_flags, open_flags,
1483 ldb_get_create_perms(ldb), ldb);
1485 ldb_debug(ldb, LDB_DEBUG_ERROR,
1486 "Unable to open tdb '%s'", path);
1488 return LDB_ERR_OPERATIONS_ERROR;
1491 if (getenv("LDB_WARN_UNINDEXED")) {
1492 ltdb->warn_unindexed = true;
1495 ltdb->sequence_number = 0;
1497 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1500 return LDB_ERR_OPERATIONS_ERROR;
1502 ldb_module_set_private(module, ltdb);
1503 talloc_steal(module, ltdb);
1505 if (ltdb_cache_load(module) != 0) {
1506 talloc_free(module);
1508 return LDB_ERR_OPERATIONS_ERROR;
1515 int ldb_tdb_init(const char *version)
1517 LDB_MODULE_CHECK_VERSION(version);
1518 return ldb_register_backend("tdb", ltdb_connect, false);