4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 /* The caller is to provide a correctly sized key */
225 int ltdb_guid_to_key(struct ldb_module *module,
226 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val,
230 const char *GUID_prefix = LTDB_GUID_KEY_PREFIX;
231 const int GUID_prefix_len = sizeof(LTDB_GUID_KEY_PREFIX) - 1;
233 if (key->dsize != (GUID_val->length+GUID_prefix_len)) {
234 return LDB_ERR_OPERATIONS_ERROR;
237 memcpy(key->dptr, GUID_prefix, GUID_prefix_len);
238 memcpy(&key->dptr[GUID_prefix_len],
239 GUID_val->data, GUID_val->length);
244 * The caller is to provide a correctly sized key, used only in
245 * the GUID index mode
247 int ltdb_idx_to_key(struct ldb_module *module,
248 struct ltdb_private *ltdb,
250 const struct ldb_val *idx_val,
253 struct ldb_context *ldb = ldb_module_get_ctx(module);
256 if (ltdb->cache->GUID_index_attribute != NULL) {
257 return ltdb_guid_to_key(module, ltdb,
261 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
264 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
265 * to the caller, as this in an invalid index value
267 return LDB_ERR_OPERATIONS_ERROR;
270 *key = ltdb_key_dn(module, mem_ctx, dn);
273 return ldb_module_oom(module);
279 form a TDB_DATA for a record key
280 caller frees mem_ctx, which may or may not have the key
283 note that the key for a record can depend on whether a
284 GUID index is in use, or the DN is used as the key
286 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
287 const struct ldb_message *msg)
289 void *data = ldb_module_get_private(module);
290 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
292 const struct ldb_val *guid_val;
295 if (ltdb->cache->GUID_index_attribute == NULL) {
296 return ltdb_key_dn(module, mem_ctx, msg->dn);
299 if (ldb_dn_is_special(msg->dn)) {
300 return ltdb_key_dn(module, mem_ctx, msg->dn);
303 guid_val = ldb_msg_find_ldb_val(msg,
304 ltdb->cache->GUID_index_attribute);
305 if (guid_val == NULL) {
306 ldb_asprintf_errstring(ldb_module_get_ctx(module),
307 "Did not find GUID attribute %s "
308 "in %s, required for TDB record "
309 "key in " LTDB_IDXGUID " mode.",
310 ltdb->cache->GUID_index_attribute,
311 ldb_dn_get_linearized(msg->dn));
318 /* In this case, allocate with talloc */
319 key.dptr = talloc_size(mem_ctx, LTDB_GUID_KEY_SIZE);
320 if (key.dptr == NULL) {
326 key.dsize = talloc_get_size(key.dptr);
328 ret = ltdb_guid_to_key(module, ltdb, guid_val, &key);
330 if (ret != LDB_SUCCESS) {
340 check special dn's have valid attributes
341 currently only @ATTRIBUTES is checked
343 static int ltdb_check_special_dn(struct ldb_module *module,
344 const struct ldb_message *msg)
346 struct ldb_context *ldb = ldb_module_get_ctx(module);
349 if (! ldb_dn_is_special(msg->dn) ||
350 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
354 /* we have @ATTRIBUTES, let's check attributes are fine */
355 /* should we check that we deny multivalued attributes ? */
356 for (i = 0; i < msg->num_elements; i++) {
357 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
359 for (j = 0; j < msg->elements[i].num_values; j++) {
360 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
361 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
362 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
372 we've made a modification to a dn - possibly reindex and
373 update sequence number
375 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
377 int ret = LDB_SUCCESS;
378 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
380 /* only allow modifies inside a transaction, otherwise the
382 if (ltdb->in_transaction == 0) {
383 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
384 return LDB_ERR_OPERATIONS_ERROR;
387 if (ldb_dn_is_special(dn) &&
388 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
389 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
391 if (ltdb->warn_reindex) {
392 ldb_debug(ldb_module_get_ctx(module),
393 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
394 tdb_name(ltdb->tdb), ldb_dn_get_linearized(dn));
396 ret = ltdb_reindex(module);
399 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
400 if (ret == LDB_SUCCESS &&
401 !(ldb_dn_is_special(dn) &&
402 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
403 ret = ltdb_increase_sequence_number(module);
406 /* If the modify was to @OPTIONS, reload the cache */
407 if (ret == LDB_SUCCESS &&
408 ldb_dn_is_special(dn) &&
409 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
410 ret = ltdb_cache_reload(module);
417 store a record into the db
419 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
421 void *data = ldb_module_get_private(module);
422 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
423 TDB_DATA tdb_key, tdb_data;
424 struct ldb_val ldb_data;
425 int ret = LDB_SUCCESS;
426 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
428 if (tdb_key_ctx == NULL) {
429 return ldb_module_oom(module);
432 if (ltdb->read_only) {
433 return LDB_ERR_UNWILLING_TO_PERFORM;
436 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
437 if (tdb_key.dptr == NULL) {
438 TALLOC_FREE(tdb_key_ctx);
439 return LDB_ERR_OTHER;
442 ret = ldb_pack_data(ldb_module_get_ctx(module),
445 TALLOC_FREE(tdb_key_ctx);
446 return LDB_ERR_OTHER;
449 tdb_data.dptr = ldb_data.data;
450 tdb_data.dsize = ldb_data.length;
452 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
454 bool is_special = ldb_dn_is_special(msg->dn);
455 ret = ltdb_err_map(tdb_error(ltdb->tdb));
458 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
459 * the GUID, so re-map
461 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
463 && ltdb->cache->GUID_index_attribute != NULL) {
464 ret = LDB_ERR_CONSTRAINT_VIOLATION;
470 TALLOC_FREE(tdb_key_ctx);
471 talloc_free(ldb_data.data);
478 check if a attribute is a single valued, for a given element
480 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
481 struct ldb_message_element *el)
483 if (!a) return false;
485 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
486 /* override from a ldb module, for example
487 used for the description field, which is
488 marked multi-valued in the schema but which
489 should not actually accept multiple
493 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
494 /* override from a ldb module, for example used for
495 deleted linked attribute entries */
499 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
505 static int ltdb_add_internal(struct ldb_module *module,
506 struct ltdb_private *ltdb,
507 const struct ldb_message *msg,
508 bool check_single_value)
510 struct ldb_context *ldb = ldb_module_get_ctx(module);
511 int ret = LDB_SUCCESS;
514 for (i=0;i<msg->num_elements;i++) {
515 struct ldb_message_element *el = &msg->elements[i];
516 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
518 if (el->num_values == 0) {
519 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
520 el->name, ldb_dn_get_linearized(msg->dn));
521 return LDB_ERR_CONSTRAINT_VIOLATION;
523 if (check_single_value &&
524 el->num_values > 1 &&
525 ldb_tdb_single_valued(a, el)) {
526 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
527 el->name, ldb_dn_get_linearized(msg->dn));
528 return LDB_ERR_CONSTRAINT_VIOLATION;
531 /* Do not check "@ATTRIBUTES" for duplicated values */
532 if (ldb_dn_is_special(msg->dn) &&
533 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
537 if (check_single_value &&
539 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
540 struct ldb_val *duplicate = NULL;
542 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
544 if (ret != LDB_SUCCESS) {
547 if (duplicate != NULL) {
548 ldb_asprintf_errstring(
550 "attribute '%s': value '%.*s' on '%s' "
551 "provided more than once in ADD object",
553 (int)duplicate->length,
555 ldb_dn_get_linearized(msg->dn));
556 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
561 ret = ltdb_store(module, msg, TDB_INSERT);
562 if (ret != LDB_SUCCESS) {
564 * Try really hard to get the right error code for
565 * a re-add situation, as this can matter!
567 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
569 struct ldb_dn *dn2 = NULL;
570 TALLOC_CTX *mem_ctx = talloc_new(module);
571 if (mem_ctx == NULL) {
572 return ldb_module_operr(module);
574 ret2 = ltdb_search_base(module, module,
576 TALLOC_FREE(mem_ctx);
577 if (ret2 == LDB_SUCCESS) {
578 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
581 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
582 ldb_asprintf_errstring(ldb,
583 "Entry %s already exists",
584 ldb_dn_get_linearized(msg->dn));
589 ret = ltdb_index_add_new(module, ltdb, msg);
590 if (ret != LDB_SUCCESS) {
592 * If we failed to index, delete the message again.
594 * This is particularly important for the GUID index
595 * case, which will only fail for a duplicate DN
598 * Note that the caller may not cancel the transation
599 * and this means the above add might really show up!
601 ltdb_delete_noindex(module, msg);
605 ret = ltdb_modified(module, msg->dn);
611 add a record to the database
613 static int ltdb_add(struct ltdb_context *ctx)
615 struct ldb_module *module = ctx->module;
616 struct ldb_request *req = ctx->req;
617 void *data = ldb_module_get_private(module);
618 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
619 int ret = LDB_SUCCESS;
621 ret = ltdb_check_special_dn(module, req->op.add.message);
622 if (ret != LDB_SUCCESS) {
626 ldb_request_set_state(req, LDB_ASYNC_PENDING);
628 if (ltdb_cache_load(module) != 0) {
629 return LDB_ERR_OPERATIONS_ERROR;
632 ret = ltdb_add_internal(module, ltdb,
633 req->op.add.message, true);
639 delete a record from the database, not updating indexes (used for deleting
642 int ltdb_delete_noindex(struct ldb_module *module,
643 const struct ldb_message *msg)
645 void *data = ldb_module_get_private(module);
646 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
649 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
651 if (tdb_key_ctx == NULL) {
652 return ldb_module_oom(module);
655 if (ltdb->read_only) {
656 return LDB_ERR_UNWILLING_TO_PERFORM;
659 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
661 TALLOC_FREE(tdb_key_ctx);
662 return LDB_ERR_OTHER;
665 ret = tdb_delete(ltdb->tdb, tdb_key);
666 TALLOC_FREE(tdb_key_ctx);
669 ret = ltdb_err_map(tdb_error(ltdb->tdb));
675 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
677 struct ldb_message *msg;
678 int ret = LDB_SUCCESS;
680 msg = ldb_msg_new(module);
682 return LDB_ERR_OPERATIONS_ERROR;
685 /* in case any attribute of the message was indexed, we need
686 to fetch the old record */
687 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
688 if (ret != LDB_SUCCESS) {
689 /* not finding the old record is an error */
693 ret = ltdb_delete_noindex(module, msg);
694 if (ret != LDB_SUCCESS) {
698 /* remove any indexed attributes */
699 ret = ltdb_index_delete(module, msg);
700 if (ret != LDB_SUCCESS) {
704 ret = ltdb_modified(module, dn);
705 if (ret != LDB_SUCCESS) {
715 delete a record from the database
717 static int ltdb_delete(struct ltdb_context *ctx)
719 struct ldb_module *module = ctx->module;
720 struct ldb_request *req = ctx->req;
721 int ret = LDB_SUCCESS;
723 ldb_request_set_state(req, LDB_ASYNC_PENDING);
725 if (ltdb_cache_load(module) != 0) {
726 return LDB_ERR_OPERATIONS_ERROR;
729 ret = ltdb_delete_internal(module, req->op.del.dn);
735 find an element by attribute name. At the moment this does a linear search,
736 it should be re-coded to use a binary search once all places that modify
737 records guarantee sorted order
739 return the index of the first matching element if found, otherwise -1
741 static int find_element(const struct ldb_message *msg, const char *name)
744 for (i=0;i<msg->num_elements;i++) {
745 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
754 add an element to an existing record. Assumes a elements array that we
755 can call re-alloc on, and assumed that we can re-use the data pointers from
756 the passed in additional values. Use with care!
758 returns 0 on success, -1 on failure (and sets errno)
760 static int ltdb_msg_add_element(struct ldb_message *msg,
761 struct ldb_message_element *el)
763 struct ldb_message_element *e2;
766 if (el->num_values == 0) {
767 /* nothing to do here - we don't add empty elements */
771 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
772 msg->num_elements+1);
780 e2 = &msg->elements[msg->num_elements];
783 e2->flags = el->flags;
784 e2->values = talloc_array(msg->elements,
785 struct ldb_val, el->num_values);
790 for (i=0;i<el->num_values;i++) {
791 e2->values[i] = el->values[i];
793 e2->num_values = el->num_values;
801 delete all elements having a specified attribute name
803 static int msg_delete_attribute(struct ldb_module *module,
804 struct ltdb_private *ltdb,
805 struct ldb_message *msg, const char *name)
809 struct ldb_message_element *el;
810 bool is_special = ldb_dn_is_special(msg->dn);
813 && ltdb->cache->GUID_index_attribute != NULL
814 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
815 struct ldb_context *ldb = ldb_module_get_ctx(module);
816 ldb_asprintf_errstring(ldb, "Must not modify GUID "
817 "attribute %s (used as DB index)",
818 ltdb->cache->GUID_index_attribute);
819 return LDB_ERR_CONSTRAINT_VIOLATION;
822 el = ldb_msg_find_element(msg, name);
824 return LDB_ERR_NO_SUCH_ATTRIBUTE;
826 i = el - msg->elements;
828 ret = ltdb_index_del_element(module, ltdb, msg, el);
829 if (ret != LDB_SUCCESS) {
833 talloc_free(el->values);
834 if (msg->num_elements > (i+1)) {
835 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
838 msg->elements = talloc_realloc(msg, msg->elements,
839 struct ldb_message_element,
845 delete all elements matching an attribute name/value
847 return LDB Error on failure
849 static int msg_delete_element(struct ldb_module *module,
850 struct ltdb_private *ltdb,
851 struct ldb_message *msg,
853 const struct ldb_val *val)
855 struct ldb_context *ldb = ldb_module_get_ctx(module);
858 struct ldb_message_element *el;
859 const struct ldb_schema_attribute *a;
861 found = find_element(msg, name);
863 return LDB_ERR_NO_SUCH_ATTRIBUTE;
866 i = (unsigned int) found;
867 el = &(msg->elements[i]);
869 a = ldb_schema_attribute_by_name(ldb, el->name);
871 for (i=0;i<el->num_values;i++) {
873 if (a->syntax->operator_fn) {
874 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
875 &el->values[i], val, &matched);
876 if (ret != LDB_SUCCESS) return ret;
878 matched = (a->syntax->comparison_fn(ldb, ldb,
879 &el->values[i], val) == 0);
882 if (el->num_values == 1) {
883 return msg_delete_attribute(module,
887 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
888 if (ret != LDB_SUCCESS) {
892 if (i<el->num_values-1) {
893 memmove(&el->values[i], &el->values[i+1],
894 sizeof(el->values[i])*
895 (el->num_values-(i+1)));
899 /* per definition we find in a canonicalised message an
900 attribute value only once. So we are finished here */
906 return LDB_ERR_NO_SUCH_ATTRIBUTE;
911 modify a record - internal interface
913 yuck - this is O(n^2). Luckily n is usually small so we probably
914 get away with it, but if we ever have really large attribute lists
915 then we'll need to look at this again
917 'req' is optional, and is used to specify controls if supplied
919 int ltdb_modify_internal(struct ldb_module *module,
920 const struct ldb_message *msg,
921 struct ldb_request *req)
923 struct ldb_context *ldb = ldb_module_get_ctx(module);
924 void *data = ldb_module_get_private(module);
925 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
926 struct ldb_message *msg2;
928 int ret = LDB_SUCCESS, idx;
929 struct ldb_control *control_permissive = NULL;
930 TALLOC_CTX *mem_ctx = talloc_new(req);
932 if (mem_ctx == NULL) {
933 return ldb_module_oom(module);
937 control_permissive = ldb_request_get_control(req,
938 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
941 msg2 = ldb_msg_new(mem_ctx);
947 ret = ltdb_search_dn1(module, msg->dn,
949 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
950 if (ret != LDB_SUCCESS) {
954 for (i=0; i<msg->num_elements; i++) {
955 struct ldb_message_element *el = &msg->elements[i], *el2;
956 struct ldb_val *vals;
957 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
959 uint32_t options = 0;
960 if (control_permissive != NULL) {
961 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
964 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
965 case LDB_FLAG_MOD_ADD:
967 if (el->num_values == 0) {
968 ldb_asprintf_errstring(ldb,
969 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
970 el->name, ldb_dn_get_linearized(msg2->dn));
971 ret = LDB_ERR_CONSTRAINT_VIOLATION;
975 /* make a copy of the array so that a permissive
976 * control can remove duplicates without changing the
977 * original values, but do not copy data as we do not
978 * need to keep it around once the operation is
980 if (control_permissive) {
981 el = talloc(msg2, struct ldb_message_element);
986 *el = msg->elements[i];
987 el->values = talloc_array(el, struct ldb_val, el->num_values);
988 if (el->values == NULL) {
992 for (j = 0; j < el->num_values; j++) {
993 el->values[j] = msg->elements[i].values[j];
997 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
998 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
999 el->name, ldb_dn_get_linearized(msg2->dn));
1000 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1004 /* Checks if element already exists */
1005 idx = find_element(msg2, el->name);
1007 if (ltdb_msg_add_element(msg2, el) != 0) {
1008 ret = LDB_ERR_OTHER;
1011 ret = ltdb_index_add_element(module, ltdb,
1014 if (ret != LDB_SUCCESS) {
1018 j = (unsigned int) idx;
1019 el2 = &(msg2->elements[j]);
1021 /* We cannot add another value on a existing one
1022 if the attribute is single-valued */
1023 if (ldb_tdb_single_valued(a, el)) {
1024 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1025 el->name, ldb_dn_get_linearized(msg2->dn));
1026 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1030 /* Check that values don't exist yet on multi-
1031 valued attributes or aren't provided twice */
1033 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1034 struct ldb_val *duplicate = NULL;
1035 ret = ldb_msg_find_common_values(ldb,
1042 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1043 ldb_asprintf_errstring(ldb,
1044 "attribute '%s': value "
1045 "#%u on '%s' already "
1046 "exists", el->name, j,
1047 ldb_dn_get_linearized(msg2->dn));
1049 } else if (ret != LDB_SUCCESS) {
1053 ret = ldb_msg_find_duplicate_val(
1054 ldb, msg2, el, &duplicate, 0);
1055 if (ret != LDB_SUCCESS) {
1058 if (duplicate != NULL) {
1059 ldb_asprintf_errstring(
1061 "attribute '%s': value "
1063 "provided more than "
1066 (int)duplicate->length,
1068 ldb_dn_get_linearized(msg->dn));
1069 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1074 /* Now combine existing and new values to a new
1076 vals = talloc_realloc(msg2->elements,
1077 el2->values, struct ldb_val,
1078 el2->num_values + el->num_values);
1081 ret = LDB_ERR_OTHER;
1085 for (j=0; j<el->num_values; j++) {
1086 vals[el2->num_values + j] =
1087 ldb_val_dup(vals, &el->values[j]);
1091 el2->num_values += el->num_values;
1093 ret = ltdb_index_add_element(module, ltdb,
1095 if (ret != LDB_SUCCESS) {
1102 case LDB_FLAG_MOD_REPLACE:
1104 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1105 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1106 el->name, ldb_dn_get_linearized(msg2->dn));
1107 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1112 * We don't need to check this if we have been
1113 * pre-screened by the repl_meta_data module
1114 * in Samba, or someone else who can claim to
1115 * know what they are doing.
1117 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1118 struct ldb_val *duplicate = NULL;
1120 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1122 if (ret != LDB_SUCCESS) {
1125 if (duplicate != NULL) {
1126 ldb_asprintf_errstring(
1128 "attribute '%s': value '%.*s' "
1129 "on '%s' provided more than "
1132 (int)duplicate->length,
1134 ldb_dn_get_linearized(msg2->dn));
1135 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1140 /* Checks if element already exists */
1141 idx = find_element(msg2, el->name);
1143 j = (unsigned int) idx;
1144 el2 = &(msg2->elements[j]);
1146 /* we consider two elements to be
1147 * equal only if the order
1148 * matches. This allows dbcheck to
1149 * fix the ordering on attributes
1150 * where order matters, such as
1153 if (ldb_msg_element_equal_ordered(el, el2)) {
1157 /* Delete the attribute if it exists in the DB */
1158 if (msg_delete_attribute(module, ltdb,
1161 ret = LDB_ERR_OTHER;
1166 /* Recreate it with the new values */
1167 if (ltdb_msg_add_element(msg2, el) != 0) {
1168 ret = LDB_ERR_OTHER;
1172 ret = ltdb_index_add_element(module, ltdb,
1174 if (ret != LDB_SUCCESS) {
1180 case LDB_FLAG_MOD_DELETE:
1181 dn = ldb_dn_get_linearized(msg2->dn);
1183 ret = LDB_ERR_OTHER;
1187 if (msg->elements[i].num_values == 0) {
1188 /* Delete the whole attribute */
1189 ret = msg_delete_attribute(module,
1192 msg->elements[i].name);
1193 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1194 control_permissive) {
1197 ldb_asprintf_errstring(ldb,
1198 "attribute '%s': no such attribute for delete on '%s'",
1199 msg->elements[i].name, dn);
1201 if (ret != LDB_SUCCESS) {
1205 /* Delete specified values from an attribute */
1206 for (j=0; j < msg->elements[i].num_values; j++) {
1207 ret = msg_delete_element(module,
1210 msg->elements[i].name,
1211 &msg->elements[i].values[j]);
1212 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1213 control_permissive) {
1215 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1216 ldb_asprintf_errstring(ldb,
1217 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1218 msg->elements[i].name, dn);
1220 if (ret != LDB_SUCCESS) {
1227 ldb_asprintf_errstring(ldb,
1228 "attribute '%s': invalid modify flags on '%s': 0x%x",
1229 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1230 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1231 ret = LDB_ERR_PROTOCOL_ERROR;
1236 ret = ltdb_store(module, msg2, TDB_MODIFY);
1237 if (ret != LDB_SUCCESS) {
1241 ret = ltdb_modified(module, msg2->dn);
1242 if (ret != LDB_SUCCESS) {
1247 TALLOC_FREE(mem_ctx);
1254 static int ltdb_modify(struct ltdb_context *ctx)
1256 struct ldb_module *module = ctx->module;
1257 struct ldb_request *req = ctx->req;
1258 int ret = LDB_SUCCESS;
1260 ret = ltdb_check_special_dn(module, req->op.mod.message);
1261 if (ret != LDB_SUCCESS) {
1265 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1267 if (ltdb_cache_load(module) != 0) {
1268 return LDB_ERR_OPERATIONS_ERROR;
1271 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1279 static int ltdb_rename(struct ltdb_context *ctx)
1281 struct ldb_module *module = ctx->module;
1282 void *data = ldb_module_get_private(module);
1283 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1284 struct ldb_request *req = ctx->req;
1285 struct ldb_message *msg;
1286 int ret = LDB_SUCCESS;
1287 TDB_DATA tdb_key, tdb_key_old;
1288 struct ldb_dn *db_dn;
1290 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1292 if (ltdb_cache_load(ctx->module) != 0) {
1293 return LDB_ERR_OPERATIONS_ERROR;
1296 msg = ldb_msg_new(ctx);
1298 return LDB_ERR_OPERATIONS_ERROR;
1301 /* we need to fetch the old record to re-add under the new name */
1302 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1303 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1304 if (ret != LDB_SUCCESS) {
1305 /* not finding the old record is an error */
1309 /* We need to, before changing the DB, check if the new DN
1310 * exists, so we can return this error to the caller with an
1313 * Even in GUID index mode we use ltdb_key_dn() as we are
1314 * trying to figure out if this is just a case rename
1316 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1317 if (!tdb_key.dptr) {
1319 return LDB_ERR_OPERATIONS_ERROR;
1322 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1323 if (!tdb_key_old.dptr) {
1325 talloc_free(tdb_key.dptr);
1326 return LDB_ERR_OPERATIONS_ERROR;
1330 * Only declare a conflict if the new DN already exists,
1331 * and it isn't a case change on the old DN
1333 if (tdb_key_old.dsize != tdb_key.dsize
1334 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1335 ret = ltdb_search_base(module, msg,
1336 req->op.rename.newdn,
1338 if (ret == LDB_SUCCESS) {
1339 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1340 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1345 /* finding the new record already in the DB is an error */
1347 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1348 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1349 "Entry %s already exists",
1350 ldb_dn_get_linearized(req->op.rename.newdn));
1352 if (ret != LDB_SUCCESS) {
1353 talloc_free(tdb_key_old.dptr);
1354 talloc_free(tdb_key.dptr);
1359 talloc_free(tdb_key_old.dptr);
1360 talloc_free(tdb_key.dptr);
1362 /* Always delete first then add, to avoid conflicts with
1363 * unique indexes. We rely on the transaction to make this
1366 ret = ltdb_delete_internal(module, msg->dn);
1367 if (ret != LDB_SUCCESS) {
1372 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1373 if (msg->dn == NULL) {
1375 return LDB_ERR_OPERATIONS_ERROR;
1378 /* We don't check single value as we can have more than 1 with
1379 * deleted attributes. We could go through all elements but that's
1380 * maybe not the most efficient way
1382 ret = ltdb_add_internal(module, ltdb, msg, false);
1389 static int ltdb_start_trans(struct ldb_module *module)
1391 void *data = ldb_module_get_private(module);
1392 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1394 /* Do not take out the transaction lock on a read-only DB */
1395 if (ltdb->read_only) {
1396 return LDB_ERR_UNWILLING_TO_PERFORM;
1399 if (tdb_transaction_start(ltdb->tdb) != 0) {
1400 return ltdb_err_map(tdb_error(ltdb->tdb));
1403 ltdb->in_transaction++;
1405 ltdb_index_transaction_start(module);
1410 static int ltdb_prepare_commit(struct ldb_module *module)
1413 void *data = ldb_module_get_private(module);
1414 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1416 if (ltdb->in_transaction != 1) {
1420 ret = ltdb_index_transaction_commit(module);
1421 if (ret != LDB_SUCCESS) {
1422 tdb_transaction_cancel(ltdb->tdb);
1423 ltdb->in_transaction--;
1427 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1428 ret = ltdb_err_map(tdb_error(ltdb->tdb));
1429 ltdb->in_transaction--;
1430 ldb_debug_set(ldb_module_get_ctx(module),
1433 "tdb_transaction_prepare_commit(): %s -> %s",
1434 tdb_errorstr(ltdb->tdb),
1439 ltdb->prepared_commit = true;
1444 static int ltdb_end_trans(struct ldb_module *module)
1447 void *data = ldb_module_get_private(module);
1448 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1450 if (!ltdb->prepared_commit) {
1451 ret = ltdb_prepare_commit(module);
1452 if (ret != LDB_SUCCESS) {
1457 ltdb->in_transaction--;
1458 ltdb->prepared_commit = false;
1460 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1461 ret = ltdb_err_map(tdb_error(ltdb->tdb));
1462 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1463 "Failure during tdb_transaction_commit(): %s -> %s",
1464 tdb_errorstr(ltdb->tdb),
1472 static int ltdb_del_trans(struct ldb_module *module)
1474 void *data = ldb_module_get_private(module);
1475 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1477 ltdb->in_transaction--;
1479 if (ltdb_index_transaction_cancel(module) != 0) {
1480 tdb_transaction_cancel(ltdb->tdb);
1481 return ltdb_err_map(tdb_error(ltdb->tdb));
1484 tdb_transaction_cancel(ltdb->tdb);
1489 return sequenceNumber from @BASEINFO
1491 static int ltdb_sequence_number(struct ltdb_context *ctx,
1492 struct ldb_extended **ext)
1494 struct ldb_context *ldb;
1495 struct ldb_module *module = ctx->module;
1496 struct ldb_request *req = ctx->req;
1497 TALLOC_CTX *tmp_ctx = NULL;
1498 struct ldb_seqnum_request *seq;
1499 struct ldb_seqnum_result *res;
1500 struct ldb_message *msg = NULL;
1503 int ret = LDB_SUCCESS;
1505 ldb = ldb_module_get_ctx(module);
1507 seq = talloc_get_type(req->op.extended.data,
1508 struct ldb_seqnum_request);
1510 return LDB_ERR_OPERATIONS_ERROR;
1513 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1515 if (ltdb_lock_read(module) != 0) {
1516 return LDB_ERR_OPERATIONS_ERROR;
1519 res = talloc_zero(req, struct ldb_seqnum_result);
1521 ret = LDB_ERR_OPERATIONS_ERROR;
1525 tmp_ctx = talloc_new(req);
1526 if (tmp_ctx == NULL) {
1527 ret = LDB_ERR_OPERATIONS_ERROR;
1531 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1533 ret = LDB_ERR_OPERATIONS_ERROR;
1537 msg = ldb_msg_new(tmp_ctx);
1539 ret = LDB_ERR_OPERATIONS_ERROR;
1543 ret = ltdb_search_dn1(module, dn, msg, 0);
1544 if (ret != LDB_SUCCESS) {
1548 switch (seq->type) {
1549 case LDB_SEQ_HIGHEST_SEQ:
1550 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1553 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1556 case LDB_SEQ_HIGHEST_TIMESTAMP:
1557 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1559 res->seq_num = ldb_string_to_time(date);
1562 /* zero is as good as anything when we don't know */
1567 *ext = talloc_zero(req, struct ldb_extended);
1569 ret = LDB_ERR_OPERATIONS_ERROR;
1572 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1573 (*ext)->data = talloc_steal(*ext, res);
1576 talloc_free(tmp_ctx);
1577 ltdb_unlock_read(module);
1581 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1583 struct ldb_context *ldb;
1584 struct ldb_request *req;
1585 struct ldb_reply *ares;
1587 ldb = ldb_module_get_ctx(ctx->module);
1590 /* if we already returned an error just return */
1591 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1595 ares = talloc_zero(req, struct ldb_reply);
1598 req->callback(req, NULL);
1601 ares->type = LDB_REPLY_DONE;
1602 ares->error = error;
1604 req->callback(req, ares);
1607 static void ltdb_timeout(struct tevent_context *ev,
1608 struct tevent_timer *te,
1612 struct ltdb_context *ctx;
1613 ctx = talloc_get_type(private_data, struct ltdb_context);
1615 if (!ctx->request_terminated) {
1616 /* request is done now */
1617 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1621 /* neutralize the spy */
1622 ctx->spy->ctx = NULL;
1628 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1629 struct ldb_extended *ext,
1632 struct ldb_context *ldb;
1633 struct ldb_request *req;
1634 struct ldb_reply *ares;
1636 ldb = ldb_module_get_ctx(ctx->module);
1639 /* if we already returned an error just return */
1640 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1644 ares = talloc_zero(req, struct ldb_reply);
1647 req->callback(req, NULL);
1650 ares->type = LDB_REPLY_DONE;
1651 ares->response = ext;
1652 ares->error = error;
1654 req->callback(req, ares);
1657 static void ltdb_handle_extended(struct ltdb_context *ctx)
1659 struct ldb_extended *ext = NULL;
1662 if (strcmp(ctx->req->op.extended.oid,
1663 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1664 /* get sequence number */
1665 ret = ltdb_sequence_number(ctx, &ext);
1667 /* not recognized */
1668 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1671 ltdb_request_extended_done(ctx, ext, ret);
1674 static void ltdb_callback(struct tevent_context *ev,
1675 struct tevent_timer *te,
1679 struct ltdb_context *ctx;
1682 ctx = talloc_get_type(private_data, struct ltdb_context);
1684 if (ctx->request_terminated) {
1688 switch (ctx->req->operation) {
1690 ret = ltdb_search(ctx);
1693 ret = ltdb_add(ctx);
1696 ret = ltdb_modify(ctx);
1699 ret = ltdb_delete(ctx);
1702 ret = ltdb_rename(ctx);
1705 ltdb_handle_extended(ctx);
1708 /* no other op supported */
1709 ret = LDB_ERR_PROTOCOL_ERROR;
1712 if (!ctx->request_terminated) {
1713 /* request is done now */
1714 ltdb_request_done(ctx, ret);
1719 /* neutralize the spy */
1720 ctx->spy->ctx = NULL;
1726 static int ltdb_request_destructor(void *ptr)
1728 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1730 if (spy->ctx != NULL) {
1731 spy->ctx->spy = NULL;
1732 spy->ctx->request_terminated = true;
1739 static int ltdb_handle_request(struct ldb_module *module,
1740 struct ldb_request *req)
1742 struct ldb_control *control_permissive;
1743 struct ldb_context *ldb;
1744 struct tevent_context *ev;
1745 struct ltdb_context *ac;
1746 struct tevent_timer *te;
1750 ldb = ldb_module_get_ctx(module);
1752 control_permissive = ldb_request_get_control(req,
1753 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1755 for (i = 0; req->controls && req->controls[i]; i++) {
1756 if (req->controls[i]->critical &&
1757 req->controls[i] != control_permissive) {
1758 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1759 req->controls[i]->oid);
1760 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1764 if (req->starttime == 0 || req->timeout == 0) {
1765 ldb_set_errstring(ldb, "Invalid timeout settings");
1766 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1769 ev = ldb_handle_get_event_context(req->handle);
1771 ac = talloc_zero(ldb, struct ltdb_context);
1774 return LDB_ERR_OPERATIONS_ERROR;
1777 ac->module = module;
1782 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1785 return LDB_ERR_OPERATIONS_ERROR;
1788 if (req->timeout > 0) {
1789 tv.tv_sec = req->starttime + req->timeout;
1791 ac->timeout_event = tevent_add_timer(ev, ac, tv,
1793 if (NULL == ac->timeout_event) {
1795 return LDB_ERR_OPERATIONS_ERROR;
1799 /* set a spy so that we do not try to use the request context
1800 * if it is freed before ltdb_callback fires */
1801 ac->spy = talloc(req, struct ltdb_req_spy);
1802 if (NULL == ac->spy) {
1804 return LDB_ERR_OPERATIONS_ERROR;
1808 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1813 static int ltdb_init_rootdse(struct ldb_module *module)
1815 /* ignore errors on this - we expect it for non-sam databases */
1816 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1818 /* there can be no module beyond the backend, just return */
1822 static const struct ldb_module_ops ltdb_ops = {
1824 .init_context = ltdb_init_rootdse,
1825 .search = ltdb_handle_request,
1826 .add = ltdb_handle_request,
1827 .modify = ltdb_handle_request,
1828 .del = ltdb_handle_request,
1829 .rename = ltdb_handle_request,
1830 .extended = ltdb_handle_request,
1831 .start_transaction = ltdb_start_trans,
1832 .end_transaction = ltdb_end_trans,
1833 .prepare_commit = ltdb_prepare_commit,
1834 .del_transaction = ltdb_del_trans,
1835 .read_lock = ltdb_lock_read,
1836 .read_unlock = ltdb_unlock_read,
1840 connect to the database
1842 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1843 unsigned int flags, const char *options[],
1844 struct ldb_module **_module)
1846 struct ldb_module *module;
1848 int tdb_flags, open_flags;
1849 struct ltdb_private *ltdb;
1852 * We hold locks, so we must use a private event context
1853 * on each returned handle
1856 ldb_set_require_private_event_context(ldb);
1859 if (strchr(url, ':')) {
1860 if (strncmp(url, "tdb://", 6) != 0) {
1861 ldb_debug(ldb, LDB_DEBUG_ERROR,
1862 "Invalid tdb URL '%s'", url);
1863 return LDB_ERR_OPERATIONS_ERROR;
1870 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1872 /* check for the 'nosync' option */
1873 if (flags & LDB_FLG_NOSYNC) {
1874 tdb_flags |= TDB_NOSYNC;
1877 /* and nommap option */
1878 if (flags & LDB_FLG_NOMMAP) {
1879 tdb_flags |= TDB_NOMMAP;
1882 ltdb = talloc_zero(ldb, struct ltdb_private);
1885 return LDB_ERR_OPERATIONS_ERROR;
1888 if (flags & LDB_FLG_RDONLY) {
1890 * This is weird, but because we can only have one tdb
1891 * in this process, and the other one could be
1892 * read-write, we can't use the tdb readonly. Plus a
1893 * read only tdb prohibits the all-record lock.
1895 open_flags = O_RDWR;
1897 ltdb->read_only = true;
1899 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
1901 * This is used by ldbsearch to prevent creation of the database
1902 * if the name is wrong
1904 open_flags = O_RDWR;
1907 * This is the normal case
1909 open_flags = O_CREAT | O_RDWR;
1912 /* note that we use quite a large default hash size */
1913 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1914 tdb_flags, open_flags,
1915 ldb_get_create_perms(ldb), ldb);
1917 ldb_asprintf_errstring(ldb,
1918 "Unable to open tdb '%s': %s", path, strerror(errno));
1919 ldb_debug(ldb, LDB_DEBUG_ERROR,
1920 "Unable to open tdb '%s': %s", path, strerror(errno));
1922 if (errno == EACCES || errno == EPERM) {
1923 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
1925 return LDB_ERR_OPERATIONS_ERROR;
1928 if (getenv("LDB_WARN_UNINDEXED")) {
1929 ltdb->warn_unindexed = true;
1932 if (getenv("LDB_WARN_REINDEX")) {
1933 ltdb->warn_reindex = true;
1936 ltdb->sequence_number = 0;
1938 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1942 return LDB_ERR_OPERATIONS_ERROR;
1944 ldb_module_set_private(module, ltdb);
1945 talloc_steal(module, ltdb);
1947 if (ltdb_cache_load(module) != 0) {
1948 ldb_asprintf_errstring(ldb,
1949 "Unable to load ltdb cache records of tdb '%s'", path);
1950 talloc_free(module);
1951 return LDB_ERR_OPERATIONS_ERROR;
1958 int ldb_tdb_init(const char *version)
1960 LDB_MODULE_CHECK_VERSION(version);
1961 return ldb_register_backend("tdb", ltdb_connect, false);