4 Copyright (C) Andrew Tridgell 2004
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 * Component: ldb search functions
29 * Description: functions to search ldb+tdb databases
31 * Author: Andrew Tridgell
35 #include <lib/tdb_compat/tdb_compat.h>
38 add one element to a message
40 static int msg_add_element(struct ldb_message *ret,
41 const struct ldb_message_element *el,
45 struct ldb_message_element *e2, *elnew;
47 if (check_duplicates && ldb_msg_find_element(ret, el->name)) {
48 /* its already there */
52 e2 = talloc_realloc(ret, ret->elements, struct ldb_message_element, ret->num_elements+1);
58 elnew = &e2[ret->num_elements];
60 elnew->name = talloc_strdup(ret->elements, el->name);
66 elnew->values = talloc_array(ret->elements, struct ldb_val, el->num_values);
74 for (i=0;i<el->num_values;i++) {
75 elnew->values[i] = ldb_val_dup(elnew->values, &el->values[i]);
76 if (elnew->values[i].length != el->values[i].length) {
81 elnew->num_values = el->num_values;
82 elnew->flags = el->flags;
90 add the special distinguishedName element
92 static int msg_add_distinguished_name(struct ldb_message *msg)
94 struct ldb_message_element el;
99 el.name = "distinguishedName";
103 val.data = (uint8_t *)ldb_dn_alloc_linearized(msg, msg->dn);
104 val.length = strlen((char *)val.data);
106 ret = msg_add_element(msg, &el, 1);
111 add all elements from one message into another
113 static int msg_add_all_elements(struct ldb_module *module, struct ldb_message *ret,
114 const struct ldb_message *msg)
116 struct ldb_context *ldb;
118 int check_duplicates = (ret->num_elements != 0);
120 ldb = ldb_module_get_ctx(module);
122 if (msg_add_distinguished_name(ret) != 0) {
126 for (i=0;i<msg->num_elements;i++) {
127 const struct ldb_schema_attribute *a;
128 a = ldb_schema_attribute_by_name(ldb, msg->elements[i].name);
129 if (a->flags & LDB_ATTR_FLAG_HIDDEN) {
132 if (msg_add_element(ret, &msg->elements[i],
133 check_duplicates) != 0) {
143 pull the specified list of attributes from a message
145 static struct ldb_message *ltdb_pull_attrs(struct ldb_module *module,
147 const struct ldb_message *msg,
148 const char * const *attrs)
150 struct ldb_message *ret;
153 ret = talloc(mem_ctx, struct ldb_message);
158 ret->dn = ldb_dn_copy(ret, msg->dn);
164 ret->num_elements = 0;
165 ret->elements = NULL;
168 if (msg_add_all_elements(module, ret, msg) != 0) {
175 for (i=0;attrs[i];i++) {
176 struct ldb_message_element *el;
178 if (strcmp(attrs[i], "*") == 0) {
179 if (msg_add_all_elements(module, ret, msg) != 0) {
186 if (ldb_attr_cmp(attrs[i], "distinguishedName") == 0) {
187 if (msg_add_distinguished_name(ret) != 0) {
193 el = ldb_msg_find_element(msg, attrs[i]);
197 if (msg_add_element(ret, el, 1) != 0) {
207 search the database for a single simple dn.
208 return LDB_ERR_NO_SUCH_OBJECT on record-not-found
209 and LDB_SUCCESS on success
211 static int ltdb_search_base(struct ldb_module *module, struct ldb_dn *dn)
213 void *data = ldb_module_get_private(module);
214 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
215 TDB_DATA tdb_key, tdb_data;
217 if (ldb_dn_is_null(dn)) {
218 return LDB_ERR_NO_SUCH_OBJECT;
222 tdb_key = ltdb_key(module, dn);
224 return LDB_ERR_OPERATIONS_ERROR;
227 tdb_data = tdb_fetch_compat(ltdb->tdb, tdb_key);
228 talloc_free(tdb_key.dptr);
229 if (!tdb_data.dptr) {
230 return LDB_ERR_NO_SUCH_OBJECT;
238 search the database for a single simple dn, returning all attributes
241 return LDB_ERR_NO_SUCH_OBJECT on record-not-found
242 and LDB_SUCCESS on success
244 int ltdb_search_dn1(struct ldb_module *module, struct ldb_dn *dn, struct ldb_message *msg)
246 void *data = ldb_module_get_private(module);
247 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
249 TDB_DATA tdb_key, tdb_data;
251 memset(msg, 0, sizeof(*msg));
254 tdb_key = ltdb_key(module, dn);
256 return LDB_ERR_OPERATIONS_ERROR;
259 tdb_data = tdb_fetch_compat(ltdb->tdb, tdb_key);
260 talloc_free(tdb_key.dptr);
261 if (!tdb_data.dptr) {
262 return LDB_ERR_NO_SUCH_OBJECT;
265 msg->num_elements = 0;
266 msg->elements = NULL;
268 ret = ltdb_unpack_data(module, &tdb_data, msg);
271 struct ldb_context *ldb = ldb_module_get_ctx(module);
272 ldb_debug(ldb, LDB_DEBUG_ERROR, "Invalid data for index %s\n",
273 ldb_dn_get_linearized(msg->dn));
274 return LDB_ERR_OPERATIONS_ERROR;
278 msg->dn = ldb_dn_copy(msg, dn);
281 return LDB_ERR_OPERATIONS_ERROR;
288 add a set of attributes from a record to a set of results
289 return 0 on success, -1 on failure
291 int ltdb_add_attr_results(struct ldb_module *module,
293 struct ldb_message *msg,
294 const char * const attrs[],
296 struct ldb_message ***res)
298 struct ldb_message *msg2;
299 struct ldb_message **res2;
301 /* pull the attributes that the user wants */
302 msg2 = ltdb_pull_attrs(module, mem_ctx, msg, attrs);
307 /* add to the results list */
308 res2 = talloc_realloc(mem_ctx, *res, struct ldb_message *, (*count)+2);
316 (*res)[*count] = talloc_move(*res, &msg2);
317 (*res)[(*count)+1] = NULL;
326 filter the specified list of attributes from a message
327 removing not requested attrs.
329 int ltdb_filter_attrs(struct ldb_message *msg, const char * const *attrs)
333 struct ldb_message_element *el2;
334 uint32_t num_elements;
337 /* check for special attrs */
338 for (i = 0; attrs[i]; i++) {
339 if (strcmp(attrs[i], "*") == 0) {
344 if (ldb_attr_cmp(attrs[i], "distinguishedName") == 0) {
345 if (msg_add_distinguished_name(msg) != 0) {
355 if (msg_add_distinguished_name(msg) != 0) {
361 el2 = talloc_array(msg, struct ldb_message_element, msg->num_elements);
367 for (i = 0; i < msg->num_elements; i++) {
371 for (j = 0; attrs[j]; j++) {
372 if (ldb_attr_cmp(msg->elements[i].name, attrs[j]) == 0) {
379 el2[num_elements] = msg->elements[i];
380 talloc_steal(el2, el2[num_elements].name);
381 talloc_steal(el2, el2[num_elements].values);
386 talloc_free(msg->elements);
387 msg->elements = talloc_realloc(msg, el2, struct ldb_message_element, msg->num_elements);
388 if (msg->elements == NULL) {
391 msg->num_elements = num_elements;
397 search function for a non-indexed search
399 static int search_func(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state)
401 struct ldb_context *ldb;
402 struct ltdb_context *ac;
403 struct ldb_message *msg;
407 ac = talloc_get_type(state, struct ltdb_context);
408 ldb = ldb_module_get_ctx(ac->module);
411 strncmp((char *)key.dptr, "DN=", 3) != 0) {
415 msg = ldb_msg_new(ac);
420 /* unpack the record */
421 ret = ltdb_unpack_data(ac->module, &data, msg);
428 msg->dn = ldb_dn_new(msg, ldb,
429 (char *)key.dptr + 3);
430 if (msg->dn == NULL) {
436 /* see if it matches the given expression */
437 ret = ldb_match_msg_error(ldb, msg,
438 ac->tree, ac->base, ac->scope, &matched);
439 if (ret != LDB_SUCCESS) {
448 /* filter the attributes that the user wants */
449 ret = ltdb_filter_attrs(msg, ac->attrs);
456 ret = ldb_module_send_entry(ac->req, msg, NULL);
457 if (ret != LDB_SUCCESS) {
458 ac->request_terminated = true;
459 /* the callback failed, abort the operation */
468 search the database with a LDAP-like expression.
469 this is the "full search" non-indexed variant
471 static int ltdb_search_full(struct ltdb_context *ctx)
473 void *data = ldb_module_get_private(ctx->module);
474 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
477 if (ltdb->in_transaction != 0) {
478 ret = tdb_traverse(ltdb->tdb, search_func, ctx);
480 ret = tdb_traverse_read(ltdb->tdb, search_func, ctx);
484 return LDB_ERR_OPERATIONS_ERROR;
491 search the database with a LDAP-like expression.
492 choses a search method
494 int ltdb_search(struct ltdb_context *ctx)
496 struct ldb_context *ldb;
497 struct ldb_module *module = ctx->module;
498 struct ldb_request *req = ctx->req;
499 void *data = ldb_module_get_private(module);
500 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
503 ldb = ldb_module_get_ctx(module);
505 ldb_request_set_state(req, LDB_ASYNC_PENDING);
507 if (ltdb_lock_read(module) != 0) {
508 return LDB_ERR_OPERATIONS_ERROR;
511 if (ltdb_cache_load(module) != 0) {
512 ltdb_unlock_read(module);
513 return LDB_ERR_OPERATIONS_ERROR;
516 if (req->op.search.tree == NULL) {
517 ltdb_unlock_read(module);
518 return LDB_ERR_OPERATIONS_ERROR;
521 if ((req->op.search.base == NULL) || (ldb_dn_is_null(req->op.search.base) == true)) {
523 /* Check what we should do with a NULL dn */
524 switch (req->op.search.scope) {
526 ldb_asprintf_errstring(ldb,
527 "NULL Base DN invalid for a base search");
528 ret = LDB_ERR_INVALID_DN_SYNTAX;
530 case LDB_SCOPE_ONELEVEL:
531 ldb_asprintf_errstring(ldb,
532 "NULL Base DN invalid for a one-level search");
533 ret = LDB_ERR_INVALID_DN_SYNTAX;
535 case LDB_SCOPE_SUBTREE:
537 /* We accept subtree searches from a NULL base DN, ie over the whole DB */
540 } else if (ldb_dn_is_valid(req->op.search.base) == false) {
542 /* We don't want invalid base DNs here */
543 ldb_asprintf_errstring(ldb,
544 "Invalid Base DN: %s",
545 ldb_dn_get_linearized(req->op.search.base));
546 ret = LDB_ERR_INVALID_DN_SYNTAX;
548 } else if (ltdb->check_base) {
549 /* This database has been marked as 'checkBaseOnSearch', so do a spot check of the base dn */
550 ret = ltdb_search_base(module, req->op.search.base);
552 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
553 ldb_asprintf_errstring(ldb,
554 "No such Base DN: %s",
555 ldb_dn_get_linearized(req->op.search.base));
559 /* If we are not checking the base DN life is easy */
563 ctx->tree = req->op.search.tree;
564 ctx->scope = req->op.search.scope;
565 ctx->base = req->op.search.base;
566 ctx->attrs = req->op.search.attrs;
568 if (ret == LDB_SUCCESS) {
569 uint32_t match_count = 0;
571 ret = ltdb_search_indexed(ctx, &match_count);
572 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
573 /* Not in the index, therefore OK! */
577 /* Check if we got just a normal error.
578 * In that case proceed to a full search unless we got a
580 if ( ! ctx->request_terminated && ret != LDB_SUCCESS) {
581 /* Not indexed, so we need to do a full scan */
582 if (ltdb->warn_unindexed) {
583 /* useful for debugging when slow performance
584 * is caused by unindexed searches */
585 char *expression = ldb_filter_from_tree(ctx, ctx->tree);
586 ldb_debug(ldb, LDB_DEBUG_WARNING, "ldb FULL SEARCH: %s SCOPE: %s DN: %s\n",
588 req->op.search.scope==LDB_SCOPE_BASE?"base":
589 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
590 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN",
591 ldb_dn_get_linearized(req->op.search.base));
593 talloc_free(expression);
595 if (match_count != 0) {
596 /* the indexing code gave an error
597 * after having returned at least one
598 * entry. This means the indexes are
599 * corrupt or a database record is
600 * corrupt. We cannot continue with a
601 * full search or we may return
604 ltdb_unlock_read(module);
605 return LDB_ERR_OPERATIONS_ERROR;
607 ret = ltdb_search_full(ctx);
608 if (ret != LDB_SUCCESS) {
609 ldb_set_errstring(ldb, "Indexed and full searches both failed!\n");
614 ltdb_unlock_read(module);
git.samba.org / samba.git / blob