2 Unix SMB/CIFS implementation.
3 LDAP server SIMPLE LDB implementation
4 Copyright (C) Stefan Metzmacher 2004
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 /* TODO: samdb_context is not a pulblic struct */
24 struct samdb_context {
25 struct ldb_context *ldb;
26 struct samdb_context **static_ptr;
30 #define ALLOC_CHECK(ptr) do {\
32 return NT_STATUS_NO_MEMORY;\
37 static const char *sldb_trim_dn(TALLOC_CTX *mem_ctx, const char *dn)
44 new_dn = talloc_strdup(mem_ctx, dn);
50 for (i=0; dn[i]; i++) {
57 if (before && dn[i] != ',' && s != -1) {
75 static NTSTATUS sldb_Search(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
76 struct ldap_SearchRequest *r)
79 struct ldap_Result *done;
80 struct ldap_SearchResEntry *ent;
81 struct ldapsrv_reply *ent_r, *done_r;
83 struct samdb_context *samdb;
84 struct ldb_message **res;
86 struct ldb_context *ldb;
87 enum ldb_scope scope = LDB_SCOPE_DEFAULT;
88 const char **attrs = NULL;
92 samdb = samdb_connect(call);
94 basedn = sldb_trim_dn(samdb, r->basedn);
96 DEBUG(10, ("sldb_Search: basedn: [%s]\n", basedn));
97 DEBUG(10, ("sldb_Search: filter: [%s]\n", r->filter));
100 case LDAP_SEARCH_SCOPE_BASE:
101 DEBUG(10,("sldb_Search: scope: [BASE]\n"));
102 scope = LDB_SCOPE_BASE;
104 case LDAP_SEARCH_SCOPE_SINGLE:
105 DEBUG(10,("sldb_Search: scope: [ONE]\n"));
106 scope = LDB_SCOPE_ONELEVEL;
108 case LDAP_SEARCH_SCOPE_SUB:
109 DEBUG(10,("sldb_Search: scope: [SUB]\n"));
110 scope = LDB_SCOPE_SUBTREE;
114 if (r->num_attributes >= 1) {
115 attrs = talloc_array_p(samdb, const char *, r->num_attributes+1);
118 for (i=0; i < r->num_attributes; i++) {
119 DEBUG(10,("sldb_Search: attrs: [%s]\n",r->attributes[i]));
120 attrs[i] = r->attributes[i];
125 ldb_set_alloc(ldb, talloc_ldb_alloc, samdb);
126 count = ldb_search(ldb, basedn, scope, r->filter, attrs, &res);
128 for (i=0; i < count; i++) {
129 ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry);
132 ent = &ent_r->msg.r.SearchResultEntry;
133 ent->dn = talloc_steal(ent_r, res[i]->dn);
134 ent->num_attributes = 0;
135 ent->attributes = NULL;
136 if (res[i]->num_elements == 0) {
139 ent->num_attributes = res[i]->num_elements;
140 ent->attributes = talloc_array_p(ent_r, struct ldap_attribute, ent->num_attributes);
141 ALLOC_CHECK(ent->attributes);
142 for (j=0; j < ent->num_attributes; j++) {
143 ent->attributes[j].name = talloc_steal(ent->attributes, res[i]->elements[j].name);
144 ent->attributes[j].num_values = 0;
145 ent->attributes[j].values = NULL;
146 if (r->attributesonly && (res[i]->elements[j].num_values == 0)) {
149 ent->attributes[j].num_values = res[i]->elements[j].num_values;
150 ent->attributes[j].values = talloc_array_p(ent->attributes,
151 DATA_BLOB, ent->attributes[j].num_values);
152 ALLOC_CHECK(ent->attributes[j].values);
153 for (y=0; y < ent->attributes[j].num_values; y++) {
154 ent->attributes[j].values[y].length = res[i]->elements[j].values[y].length;
155 ent->attributes[j].values[y].data = talloc_steal(ent->attributes[j].values,
156 res[i]->elements[j].values[y].data);
160 status = ldapsrv_queue_reply(call, ent_r);
161 if (!NT_STATUS_IS_OK(status)) {
166 done_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultDone);
170 DEBUG(10,("sldb_Search: results: [%d]\n",count));
173 } else if (count == 0) {
174 DEBUG(10,("sldb_Search: no results\n"));
176 errstr = talloc_strdup(done_r, ldb_errstring(ldb));
177 } else if (count == -1) {
178 DEBUG(10,("sldb_Search: error\n"));
180 errstr = talloc_strdup(done_r, ldb_errstring(ldb));
183 done = &done_r->msg.r.SearchResultDone;
184 done->resultcode = result;
186 done->errormessage = errstr;
187 done->referral = NULL;
191 return ldapsrv_queue_reply(call, done_r);
194 static NTSTATUS sldb_Add(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
195 struct ldap_AddRequest *r)
197 struct ldap_Result *add_result;
198 struct ldapsrv_reply *add_reply;
200 struct samdb_context *samdb;
201 struct ldb_context *ldb;
203 struct ldb_message *msg;
204 int result = LDAP_SUCCESS;
205 const char *errstr = NULL;
208 samdb = samdb_connect(call);
210 dn = sldb_trim_dn(samdb, r->dn);
212 DEBUG(10, ("sldb_add: dn: [%s]\n", dn));
214 msg = talloc_p(samdb, struct ldb_message);
217 msg->dn = discard_const_p(char, dn);
218 msg->private_data = NULL;
219 msg->num_elements = 0;
220 msg->elements = NULL;
222 if (r->num_attributes > 0) {
223 msg->num_elements = r->num_attributes;
224 msg->elements = talloc_array_p(msg, struct ldb_message_element, msg->num_elements);
225 ALLOC_CHECK(msg->elements);
227 for (i=0; i < msg->num_elements; i++) {
228 msg->elements[i].name = discard_const_p(char, r->attributes[i].name);
229 msg->elements[i].flags = 0;
230 msg->elements[i].num_values = 0;
231 msg->elements[i].values = NULL;
233 if (r->attributes[i].num_values > 0) {
234 msg->elements[i].num_values = r->attributes[i].num_values;
235 msg->elements[i].values = talloc_array_p(msg, struct ldb_val, msg->elements[i].num_values);
236 ALLOC_CHECK(msg->elements[i].values);
238 for (j=0; j < msg->elements[i].num_values; j++) {
239 if (!(r->attributes[i].values[j].length > 0)) {
243 msg->elements[i].values[j].length = r->attributes[i].values[j].length;
244 msg->elements[i].values[j].data = r->attributes[i].values[j].data;
258 add_reply = ldapsrv_init_reply(call, LDAP_TAG_AddResponse);
259 ALLOC_CHECK(add_reply);
261 add_result = &add_reply->msg.r.AddResponse;
262 add_result->dn = talloc_steal(add_reply, dn);
264 if (result == LDAP_SUCCESS) {
265 ldb_set_alloc(ldb, talloc_ldb_alloc, samdb);
266 ldb_ret = ldb_add(ldb, msg);
268 result = LDAP_SUCCESS;
271 /* currently we have no way to tell if there was an internal ldb error
272 * or if the object was not found, return the most probable error
275 errstr = talloc_strdup(add_reply, ldb_errstring(ldb));
278 errstr = talloc_strdup(add_reply,"invalid input data");
281 add_result->resultcode = result;
282 add_result->errormessage = errstr;
283 add_result->referral = NULL;
287 return ldapsrv_queue_reply(call, add_reply);
290 static NTSTATUS sldb_Del(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
291 struct ldap_DelRequest *r)
293 struct ldap_Result *del_result;
294 struct ldapsrv_reply *del_reply;
296 struct samdb_context *samdb;
297 struct ldb_context *ldb;
299 const char *errstr = NULL;
300 int result = LDAP_SUCCESS;
302 samdb = samdb_connect(call);
304 dn = sldb_trim_dn(samdb, r->dn);
306 DEBUG(10, ("sldb_Del: dn: [%s]\n", dn));
308 ldb_set_alloc(ldb, talloc_ldb_alloc, samdb);
309 ldb_ret = ldb_delete(ldb, dn);
311 errstr = ldb_errstring(ldb);
313 del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
314 ALLOC_CHECK(del_reply);
316 del_result = &del_reply->msg.r.DelResponse;
317 del_result->dn = talloc_steal(del_reply, dn);
320 result = LDAP_SUCCESS;
323 /* currently we have no way to tell if there was an internal ldb error
324 * or if the object was not found, return the most probable error
326 result = LDAP_NO_SUCH_OBJECT;
327 errstr = talloc_strdup(del_reply, ldb_errstring(ldb));
330 del_result->resultcode = result;
331 del_result->errormessage = errstr;
332 del_result->referral = NULL;
336 return ldapsrv_queue_reply(call, del_reply);
339 static NTSTATUS sldb_Modify(struct ldapsrv_partition *partition, struct ldapsrv_call *call,
340 struct ldap_ModifyRequest *r)
342 struct ldap_Result *modify_result;
343 struct ldapsrv_reply *modify_reply;
345 struct samdb_context *samdb;
346 struct ldb_context *ldb;
348 struct ldb_message *msg;
349 int result = LDAP_SUCCESS;
350 const char *errstr = NULL;
353 samdb = samdb_connect(call);
355 dn = sldb_trim_dn(samdb, r->dn);
357 DEBUG(10, ("sldb_modify: dn: [%s]\n", dn));
359 msg = talloc_p(samdb, struct ldb_message);
362 msg->dn = discard_const_p(char, dn);
363 msg->private_data = NULL;
364 msg->num_elements = 0;
365 msg->elements = NULL;
367 if (r->num_mods > 0) {
368 msg->num_elements = r->num_mods;
369 msg->elements = talloc_array_p(msg, struct ldb_message_element, r->num_mods);
370 ALLOC_CHECK(msg->elements);
372 for (i=0; i < msg->num_elements; i++) {
373 msg->elements[i].name = discard_const_p(char, r->mods[i].attrib.name);
374 msg->elements[i].num_values = 0;
375 msg->elements[i].values = NULL;
377 switch (r->mods[i].type) {
381 case LDAP_MODIFY_ADD:
382 msg->elements[i].flags = LDB_FLAG_MOD_ADD;
384 case LDAP_MODIFY_DELETE:
385 msg->elements[i].flags = LDB_FLAG_MOD_DELETE;
387 case LDAP_MODIFY_REPLACE:
388 msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
392 if (r->mods[i].attrib.num_values > 0) {
393 msg->elements[i].num_values = r->mods[i].attrib.num_values;
394 msg->elements[i].values = talloc_array_p(msg, struct ldb_val, msg->elements[i].num_values);
395 ALLOC_CHECK(msg->elements[i].values);
397 for (j=0; j < msg->elements[i].num_values; j++) {
398 if (!(r->mods[i].attrib.values[j].length > 0)) {
402 msg->elements[i].values[j].length = r->mods[i].attrib.values[j].length;
403 msg->elements[i].values[j].data = r->mods[i].attrib.values[j].data;
406 /* TODO: test what we should do here
408 * LDAP_MODIFY_DELETE is ok to pass here
419 modify_reply = ldapsrv_init_reply(call, LDAP_TAG_ModifyResponse);
420 ALLOC_CHECK(modify_reply);
422 modify_result = &modify_reply->msg.r.AddResponse;
423 modify_result->dn = talloc_steal(modify_reply, dn);
425 if (result == LDAP_SUCCESS) {
426 ldb_set_alloc(ldb, talloc_ldb_alloc, samdb);
427 ldb_ret = ldb_modify(ldb, msg);
429 result = LDAP_SUCCESS;
432 /* currently we have no way to tell if there was an internal ldb error
433 * or if the object was not found, return the most probable error
436 errstr = talloc_strdup(modify_reply, ldb_errstring(ldb));
439 errstr = talloc_strdup(modify_reply,"invalid input data");
442 modify_result->resultcode = result;
443 modify_result->errormessage = errstr;
444 modify_result->referral = NULL;
448 return ldapsrv_queue_reply(call, modify_reply);
451 static const struct ldapsrv_partition_ops sldb_ops = {
452 .Search = sldb_Search,
455 .Modify = sldb_Modify
458 const struct ldapsrv_partition_ops *ldapsrv_get_sldb_partition_ops(void)