2 Unix SMB/CIFS implementation.
3 LDAP server SIMPLE LDB implementation
4 Copyright (C) Stefan Metzmacher 2004
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 #include "ldap_parse.h"
24 /* TODO: samdb_context is not a pulblic struct */
25 struct samdb_context {
26 struct ldb_context *ldb;
27 struct samdb_context **static_ptr;
31 #define ALLOC_CHECK(ptr) do {\
33 return NT_STATUS_NO_MEMORY;\
38 static NTSTATUS sldb_Search(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
39 struct ldap_SearchRequest *r)
43 struct ldap_dn *basedn;
44 struct ldap_Result *done;
45 struct ldap_SearchResEntry *ent;
46 struct ldapsrv_reply *ent_r, *done_r;
48 struct samdb_context *samdb;
49 struct ldb_message **res;
51 enum ldb_scope scope = LDB_SCOPE_DEFAULT;
52 const char **attrs = NULL;
55 local_ctx = talloc_named(call, 0, "sldb_Search local memory context");
56 ALLOC_CHECK(local_ctx);
58 samdb = samdb_connect(local_ctx);
61 basedn = ldap_parse_dn(local_ctx, r->basedn);
64 DEBUG(10, ("sldb_Search: basedn: [%s]\n", basedn->dn));
65 DEBUG(10, ("sldb_Search: filter: [%s]\n", r->filter));
68 case LDAP_SEARCH_SCOPE_BASE:
69 DEBUG(10,("sldb_Search: scope: [BASE]\n"));
70 scope = LDB_SCOPE_BASE;
72 case LDAP_SEARCH_SCOPE_SINGLE:
73 DEBUG(10,("sldb_Search: scope: [ONE]\n"));
74 scope = LDB_SCOPE_ONELEVEL;
76 case LDAP_SEARCH_SCOPE_SUB:
77 DEBUG(10,("sldb_Search: scope: [SUB]\n"));
78 scope = LDB_SCOPE_SUBTREE;
82 if (r->num_attributes >= 1) {
83 attrs = talloc_array_p(samdb, const char *, r->num_attributes+1);
86 for (i=0; i < r->num_attributes; i++) {
87 DEBUG(10,("sldb_Search: attrs: [%s]\n",r->attributes[i]));
88 attrs[i] = r->attributes[i];
93 ldb_set_alloc(samdb->ldb, talloc_realloc_fn, samdb);
94 count = ldb_search(samdb->ldb, basedn->dn, scope, r->filter, attrs, &res);
96 for (i=0; i < count; i++) {
97 ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry);
100 ent = &ent_r->msg.r.SearchResultEntry;
101 ent->dn = talloc_steal(ent_r, res[i]->dn);
102 ent->num_attributes = 0;
103 ent->attributes = NULL;
104 if (res[i]->num_elements == 0) {
107 ent->num_attributes = res[i]->num_elements;
108 ent->attributes = talloc_array_p(ent_r, struct ldap_attribute, ent->num_attributes);
109 ALLOC_CHECK(ent->attributes);
110 for (j=0; j < ent->num_attributes; j++) {
111 ent->attributes[j].name = talloc_steal(ent->attributes, res[i]->elements[j].name);
112 ent->attributes[j].num_values = 0;
113 ent->attributes[j].values = NULL;
114 if (r->attributesonly && (res[i]->elements[j].num_values == 0)) {
117 ent->attributes[j].num_values = res[i]->elements[j].num_values;
118 ent->attributes[j].values = talloc_array_p(ent->attributes,
119 DATA_BLOB, ent->attributes[j].num_values);
120 ALLOC_CHECK(ent->attributes[j].values);
121 for (y=0; y < ent->attributes[j].num_values; y++) {
122 ent->attributes[j].values[y].length = res[i]->elements[j].values[y].length;
123 ent->attributes[j].values[y].data = talloc_steal(ent->attributes[j].values,
124 res[i]->elements[j].values[y].data);
128 status = ldapsrv_queue_reply(call, ent_r);
129 if (!NT_STATUS_IS_OK(status)) {
134 done_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultDone);
138 DEBUG(10,("sldb_Search: results: [%d]\n",count));
141 } else if (count == 0) {
142 DEBUG(10,("sldb_Search: no results\n"));
144 errstr = talloc_strdup(done_r, ldb_errstring(samdb->ldb));
145 } else if (count == -1) {
146 DEBUG(10,("sldb_Search: error\n"));
148 errstr = talloc_strdup(done_r, ldb_errstring(samdb->ldb));
151 done = &done_r->msg.r.SearchResultDone;
152 done->resultcode = result;
154 done->errormessage = errstr;
155 done->referral = NULL;
157 talloc_free(local_ctx);
159 return ldapsrv_queue_reply(call, done_r);
162 static NTSTATUS sldb_Add(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
163 struct ldap_AddRequest *r)
167 struct ldap_Result *add_result;
168 struct ldapsrv_reply *add_reply;
170 struct samdb_context *samdb;
171 struct ldb_message *msg;
172 int result = LDAP_SUCCESS;
173 const char *errstr = NULL;
176 local_ctx = talloc_named(call, 0, "sldb_Add local memory context");
177 ALLOC_CHECK(local_ctx);
179 samdb = samdb_connect(local_ctx);
182 ldn = ldap_parse_dn(local_ctx, r->dn);
184 return NT_STATUS_UNSUCCESSFUL;
187 DEBUG(10, ("sldb_add: dn: [%s]\n", ldn->dn));
189 msg = talloc_p(local_ctx, struct ldb_message);
193 msg->private_data = NULL;
194 msg->num_elements = 0;
195 msg->elements = NULL;
197 if (r->num_attributes > 0) {
198 msg->num_elements = r->num_attributes;
199 msg->elements = talloc_array_p(msg, struct ldb_message_element, msg->num_elements);
200 ALLOC_CHECK(msg->elements);
202 for (i=0; i < msg->num_elements; i++) {
203 msg->elements[i].name = discard_const_p(char, r->attributes[i].name);
204 msg->elements[i].flags = 0;
205 msg->elements[i].num_values = 0;
206 msg->elements[i].values = NULL;
208 if (r->attributes[i].num_values > 0) {
209 msg->elements[i].num_values = r->attributes[i].num_values;
210 msg->elements[i].values = talloc_array_p(msg, struct ldb_val, msg->elements[i].num_values);
211 ALLOC_CHECK(msg->elements[i].values);
213 for (j=0; j < msg->elements[i].num_values; j++) {
214 if (!(r->attributes[i].values[j].length > 0)) {
218 msg->elements[i].values[j].length = r->attributes[i].values[j].length;
219 msg->elements[i].values[j].data = r->attributes[i].values[j].data;
233 add_reply = ldapsrv_init_reply(call, LDAP_TAG_AddResponse);
234 ALLOC_CHECK(add_reply);
236 add_result = &add_reply->msg.r.AddResponse;
237 add_result->dn = talloc_steal(add_reply, ldn->dn);
239 if (result == LDAP_SUCCESS) {
240 ldb_set_alloc(samdb->ldb, talloc_realloc_fn, samdb);
241 ldb_ret = ldb_add(samdb->ldb, msg);
243 result = LDAP_SUCCESS;
246 /* currently we have no way to tell if there was an internal ldb error
247 * or if the object was not found, return the most probable error
250 errstr = talloc_strdup(add_reply, ldb_errstring(samdb->ldb));
253 errstr = talloc_strdup(add_reply, "invalid input data");
256 add_result->resultcode = result;
257 add_result->errormessage = errstr;
258 add_result->referral = NULL;
260 talloc_free(local_ctx);
262 return ldapsrv_queue_reply(call, add_reply);
265 static NTSTATUS sldb_Del(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
266 struct ldap_DelRequest *r)
270 struct ldap_Result *del_result;
271 struct ldapsrv_reply *del_reply;
273 struct samdb_context *samdb;
275 const char *errstr = NULL;
276 int result = LDAP_SUCCESS;
278 local_ctx = talloc_named(call, 0, "sldb_Del local memory context");
279 ALLOC_CHECK(local_ctx);
281 samdb = samdb_connect(local_ctx);
282 ldn = ldap_parse_dn(local_ctx, r->dn);
285 DEBUG(10, ("sldb_Del: dn: [%s]\n", ldn->dn));
287 ldb_set_alloc(samdb->ldb, talloc_realloc_fn, samdb);
288 ldb_ret = ldb_delete(samdb->ldb, ldn->dn);
290 del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
291 ALLOC_CHECK(del_reply);
293 del_result = &del_reply->msg.r.DelResponse;
294 del_result->dn = talloc_steal(del_reply, ldn->dn);
297 result = LDAP_SUCCESS;
300 /* currently we have no way to tell if there was an internal ldb error
301 * or if the object was not found, return the most probable error
303 result = LDAP_NO_SUCH_OBJECT;
304 errstr = talloc_strdup(del_reply, ldb_errstring(samdb->ldb));
307 del_result->resultcode = result;
308 del_result->errormessage = errstr;
309 del_result->referral = NULL;
311 talloc_free(local_ctx);
313 return ldapsrv_queue_reply(call, del_reply);
316 static NTSTATUS sldb_Modify(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
317 struct ldap_ModifyRequest *r)
321 struct ldap_Result *modify_result;
322 struct ldapsrv_reply *modify_reply;
324 struct samdb_context *samdb;
325 struct ldb_message *msg;
326 int result = LDAP_SUCCESS;
327 const char *errstr = NULL;
330 local_ctx = talloc_named(call, 0, "sldb_Modify local memory context");
331 ALLOC_CHECK(local_ctx);
333 samdb = samdb_connect(call);
336 ldn = ldap_parse_dn(local_ctx, r->dn);
339 DEBUG(10, ("sldb_modify: dn: [%s]\n", ldn->dn));
341 msg = talloc_p(local_ctx, struct ldb_message);
345 msg->private_data = NULL;
346 msg->num_elements = 0;
347 msg->elements = NULL;
349 if (r->num_mods > 0) {
350 msg->num_elements = r->num_mods;
351 msg->elements = talloc_array_p(msg, struct ldb_message_element, r->num_mods);
352 ALLOC_CHECK(msg->elements);
354 for (i=0; i < msg->num_elements; i++) {
355 msg->elements[i].name = discard_const_p(char, r->mods[i].attrib.name);
356 msg->elements[i].num_values = 0;
357 msg->elements[i].values = NULL;
359 switch (r->mods[i].type) {
363 case LDAP_MODIFY_ADD:
364 msg->elements[i].flags = LDB_FLAG_MOD_ADD;
366 case LDAP_MODIFY_DELETE:
367 msg->elements[i].flags = LDB_FLAG_MOD_DELETE;
369 case LDAP_MODIFY_REPLACE:
370 msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
374 if (r->mods[i].attrib.num_values > 0) {
375 msg->elements[i].num_values = r->mods[i].attrib.num_values;
376 msg->elements[i].values = talloc_array_p(msg, struct ldb_val, msg->elements[i].num_values);
377 ALLOC_CHECK(msg->elements[i].values);
379 for (j=0; j < msg->elements[i].num_values; j++) {
380 if (!(r->mods[i].attrib.values[j].length > 0)) {
384 msg->elements[i].values[j].length = r->mods[i].attrib.values[j].length;
385 msg->elements[i].values[j].data = r->mods[i].attrib.values[j].data;
388 /* TODO: test what we should do here
390 * LDAP_MODIFY_DELETE is ok to pass here
401 modify_reply = ldapsrv_init_reply(call, LDAP_TAG_ModifyResponse);
402 ALLOC_CHECK(modify_reply);
404 modify_result = &modify_reply->msg.r.AddResponse;
405 modify_result->dn = talloc_steal(modify_reply, ldn->dn);
407 if (result == LDAP_SUCCESS) {
408 ldb_set_alloc(samdb->ldb, talloc_realloc_fn, samdb);
409 ldb_ret = ldb_modify(samdb->ldb, msg);
411 result = LDAP_SUCCESS;
414 /* currently we have no way to tell if there was an internal ldb error
415 * or if the object was not found, return the most probable error
418 errstr = talloc_strdup(modify_reply, ldb_errstring(samdb->ldb));
421 errstr = talloc_strdup(modify_reply, "invalid input data");
424 modify_result->resultcode = result;
425 modify_result->errormessage = errstr;
426 modify_result->referral = NULL;
428 talloc_free(local_ctx);
430 return ldapsrv_queue_reply(call, modify_reply);
433 static NTSTATUS sldb_Compare(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
434 struct ldap_CompareRequest *r)
438 struct ldap_Result *compare;
439 struct ldapsrv_reply *compare_r;
441 struct samdb_context *samdb;
442 struct ldb_message **res;
443 struct ldb_context *ldb;
444 const char *attrs[1];
450 local_ctx = talloc_named(call, 0, "sldb_Compare local_memory_context");
451 ALLOC_CHECK(local_ctx);
453 samdb = samdb_connect(local_ctx);
456 ldn = ldap_parse_dn(local_ctx, r->dn);
459 DEBUG(10, ("sldb_Compare: dn: [%s]\n", ldn->dn));
460 filter = talloc_asprintf(local_ctx, "(%s=%*s)", r->attribute, r->value.length, r->value.data);
463 DEBUGADD(10, ("sldb_Compare: attribute: [%s]\n", filter));
467 ldb_set_alloc(samdb->ldb, talloc_realloc_fn, samdb);
468 count = ldb_search(samdb->ldb, dn, LDB_SCOPE_BASE, filter, attrs, &res);
470 compare_r = ldapsrv_init_reply(call, LDAP_TAG_CompareResponse);
471 ALLOC_CHECK(compare_r);
474 DEBUG(10,("sldb_Compare: matched\n"));
477 } else if (count == 0) {
479 errstr = talloc_strdup(compare_r, ldb_errstring(samdb->ldb));
480 DEBUG(10,("sldb_Compare: no results: %s\n", errstr));
481 } else if (count > 1) {
483 errstr = talloc_strdup(compare_r, "too many objects match");
484 DEBUG(10,("sldb_Compare: %d results: %s\n", count, errstr));
485 } else if (count == -1) {
487 errstr = talloc_strdup(compare_r, ldb_errstring(samdb->ldb));
488 DEBUG(10,("sldb_Compare: error: %s\n", errstr));
491 compare = &compare_r->msg.r.CompareResponse;
492 compare->resultcode = result;
494 compare->errormessage = errstr;
495 compare->referral = NULL;
497 talloc_free(local_ctx);
499 return ldapsrv_queue_reply(call, compare_r);
502 static const struct ldapsrv_partition_ops sldb_ops = {
503 .Search = sldb_Search,
506 .Modify = sldb_Modify,
507 .Compare = sldb_Compare
510 const struct ldapsrv_partition_ops *ldapsrv_get_sldb_partition_ops(void)