2 ldb database library - ildap backend
4 Copyright (C) Andrew Tridgell 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 2 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 This is a ldb backend for the internal ldap client library in
27 Samba4. By using this backend we are independent of a system ldap
33 #include "ldb/include/ldb.h"
34 #include "ldb/include/ldb_private.h"
35 #include "libcli/ldap/ldap.h"
36 #include "libcli/ldap/ldap_client.h"
37 #include "lib/cmdline/popt_common.h"
40 struct ldap_connection *ldap;
42 struct ldb_message *rootDSE;
48 static int ildb_rename(struct ldb_module *module, const char *olddn, const char *newdn)
50 struct ildb_private *ildb = module->private_data;
53 const char *parentdn = "";
55 /* ignore ltdb specials */
56 if (olddn[0] == '@' ||newdn[0] == '@') {
60 newrdn = talloc_strdup(ildb, newdn);
65 p = strchr(newrdn, ',');
71 ildb->last_rc = ildap_rename(ildb->ldap, olddn, newrdn, parentdn, True);
72 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
84 static int ildb_delete(struct ldb_module *module, const char *dn)
86 struct ildb_private *ildb = module->private_data;
89 /* ignore ltdb specials */
94 ildb->last_rc = ildap_delete(ildb->ldap, dn);
95 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
103 static void ildb_rootdse(struct ldb_module *module);
106 search for matching records
108 static int ildb_search(struct ldb_module *module, const char *base,
109 enum ldb_scope scope, const char *expression,
110 const char * const *attrs, struct ldb_message ***res)
112 struct ildb_private *ildb = module->private_data;
114 struct ldap_message **ldapres, *msg;
116 if (scope == LDB_SCOPE_DEFAULT) {
117 scope = LDB_SCOPE_SUBTREE;
121 if (ildb->rootDSE == NULL) {
122 ildb_rootdse(module);
124 if (ildb->rootDSE != NULL) {
125 base = ldb_msg_find_string(ildb->rootDSE,
126 "defaultNamingContext", "");
132 if (expression == NULL || expression[0] == '\0') {
133 expression = "objectClass=*";
136 ildb->last_rc = ildap_search(ildb->ldap, base, scope, expression, attrs,
138 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
142 count = ildap_count_entries(ildb->ldap, ldapres);
143 if (count == -1 || count == 0) {
144 talloc_free(ldapres);
148 (*res) = talloc_array(ildb, struct ldb_message *, count+1);
150 talloc_free(ldapres);
156 /* loop over all messages */
157 for (i=0;i<count;i++) {
158 struct ldap_SearchResEntry *search;
161 search = &msg->r.SearchResultEntry;
163 (*res)[i] = talloc(*res, struct ldb_message);
169 (*res)[i]->dn = talloc_steal((*res)[i], search->dn);
170 (*res)[i]->num_elements = search->num_attributes;
171 (*res)[i]->elements = talloc_steal((*res)[i], search->attributes);
172 (*res)[i]->private_data = NULL;
175 talloc_free(ldapres);
180 if (*res) talloc_free(*res);
186 search for matching records using a ldb_parse_tree
188 static int ildb_search_bytree(struct ldb_module *module, const char *base,
189 enum ldb_scope scope, struct ldb_parse_tree *tree,
190 const char * const *attrs, struct ldb_message ***res)
192 struct ildb_private *ildb = module->private_data;
196 expression = ldb_filter_from_tree(ildb, tree);
197 if (expression == NULL) {
200 ret = ildb_search(module, base, scope, expression, attrs, res);
201 talloc_free(expression);
207 convert a ldb_message structure to a list of ldap_mod structures
208 ready for ildap_add() or ildap_modify()
210 static struct ldap_mod **ildb_msg_to_mods(struct ldb_context *ldb,
211 const struct ldb_message *msg, int use_flags)
213 struct ldap_mod **mods;
217 /* allocate maximum number of elements needed */
218 mods = talloc_array(ldb, struct ldap_mod *, msg->num_elements+1);
225 for (i=0;i<msg->num_elements;i++) {
226 const struct ldb_message_element *el = &msg->elements[i];
228 mods[num_mods] = talloc(ldb, struct ldap_mod);
229 if (!mods[num_mods]) {
232 mods[num_mods+1] = NULL;
233 mods[num_mods]->type = 0;
234 mods[num_mods]->attrib = *el;
236 switch (el->flags & LDB_FLAG_MOD_MASK) {
237 case LDB_FLAG_MOD_ADD:
238 mods[num_mods]->type = LDAP_MODIFY_ADD;
240 case LDB_FLAG_MOD_DELETE:
241 mods[num_mods]->type = LDAP_MODIFY_DELETE;
243 case LDB_FLAG_MOD_REPLACE:
244 mods[num_mods]->type = LDAP_MODIFY_REPLACE;
262 static int ildb_add(struct ldb_module *module, const struct ldb_message *msg)
264 struct ldb_context *ldb = module->ldb;
265 struct ildb_private *ildb = module->private_data;
266 struct ldap_mod **mods;
269 /* ignore ltdb specials */
270 if (msg->dn[0] == '@') {
274 mods = ildb_msg_to_mods(ldb, msg, 0);
276 ildb->last_rc = ildap_add(ildb->ldap, msg->dn, mods);
277 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
290 static int ildb_modify(struct ldb_module *module, const struct ldb_message *msg)
292 struct ldb_context *ldb = module->ldb;
293 struct ildb_private *ildb = module->private_data;
294 struct ldap_mod **mods;
297 /* ignore ltdb specials */
298 if (msg->dn[0] == '@') {
302 mods = ildb_msg_to_mods(ldb, msg, 1);
304 ildb->last_rc = ildap_modify(ildb->ldap, msg->dn, mods);
305 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
314 static int ildb_lock(struct ldb_module *module, const char *lockname)
318 if (lockname == NULL) {
322 /* TODO implement a local locking mechanism here */
327 static int ildb_unlock(struct ldb_module *module, const char *lockname)
331 if (lockname == NULL) {
335 /* TODO implement a local unlocking mechanism here */
341 return extended error information
343 static const char *ildb_errstring(struct ldb_module *module)
345 struct ildb_private *ildb = talloc_get_type(module->private_data,
346 struct ildb_private);
348 return "ildap not connected";
350 return ldap_errstr(ildb->ldap, ildb->last_rc);
354 static const struct ldb_module_ops ildb_ops = {
356 .search = ildb_search,
357 .search_bytree = ildb_search_bytree,
358 .add_record = ildb_add,
359 .modify_record = ildb_modify,
360 .delete_record = ildb_delete,
361 .rename_record = ildb_rename,
362 .named_lock = ildb_lock,
363 .named_unlock = ildb_unlock,
364 .errstring = ildb_errstring
371 static void ildb_rootdse(struct ldb_module *module)
373 struct ildb_private *ildb = module->private_data;
374 struct ldb_message **res = NULL;
376 ret = ildb_search(module, "", LDB_SCOPE_BASE, "dn=dc=rootDSE", NULL, &res);
378 ildb->rootDSE = talloc_steal(ildb, res[0]);
385 connect to the database
387 int ildb_connect(struct ldb_context *ldb, const char *url,
388 unsigned int flags, const char *options[])
390 struct ildb_private *ildb = NULL;
393 ildb = talloc(ldb, struct ildb_private);
399 ildb->rootDSE = NULL;
401 ildb->ldap = ldap_new_connection(ildb, ldb_get_opaque(ldb, "EventContext"));
407 status = ldap_connect(ildb->ldap, url);
408 if (!NT_STATUS_IS_OK(status)) {
409 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to connect to ldap URL '%s' - %s\n",
410 url, ldap_errstr(ildb->ldap, status));
414 ldb->modules = talloc(ldb, struct ldb_module);
419 ldb->modules->ldb = ldb;
420 ldb->modules->prev = ldb->modules->next = NULL;
421 ldb->modules->private_data = ildb;
422 ldb->modules->ops = &ildb_ops;
424 if (cmdline_credentials != NULL &&
425 cmdline_credentials->username_obtained > CRED_GUESSED) {
426 status = ldap_bind_sasl(ildb->ldap, cmdline_credentials);
427 if (!NT_STATUS_IS_OK(status)) {
428 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
429 ldap_errstr(ildb->ldap, status));
438 ldb->modules->private_data = NULL;