4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asyncronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
56 map a tdb error code to a ldb error code
58 int ltdb_err_map(enum TDB_ERROR tdb_code)
66 return LDB_ERR_OPERATIONS_ERROR;
68 return LDB_ERR_PROTOCOL_ERROR;
72 case TDB_ERR_LOCK_TIMEOUT:
73 return LDB_ERR_TIME_LIMIT_EXCEEDED;
75 return LDB_ERR_ENTRY_ALREADY_EXISTS;
77 return LDB_ERR_NO_SUCH_OBJECT;
79 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
85 lock the database for read - use by ltdb_search and ltdb_sequence_number
87 int ltdb_lock_read(struct ldb_module *module)
89 void *data = ldb_module_get_private(module);
90 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
93 if (ltdb->in_transaction == 0 &&
94 ltdb->read_lock_count == 0) {
95 ret = tdb_lockall_read(ltdb->tdb);
98 ltdb->read_lock_count++;
104 unlock the database after a ltdb_lock_read()
106 int ltdb_unlock_read(struct ldb_module *module)
108 void *data = ldb_module_get_private(module);
109 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
110 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
111 return tdb_unlockall_read(ltdb->tdb);
113 ltdb->read_lock_count--;
119 form a TDB_DATA for a record key
122 note that the key for a record can depend on whether the
123 dn refers to a case sensitive index record or not
125 struct TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn)
127 struct ldb_context *ldb = ldb_module_get_ctx(module);
129 char *key_str = NULL;
130 const char *dn_folded = NULL;
133 most DNs are case insensitive. The exception is index DNs for
134 case sensitive attributes
136 there are 3 cases dealt with in this code:
138 1) if the dn doesn't start with @ then uppercase the attribute
139 names and the attributes values of case insensitive attributes
140 2) if the dn starts with @ then leave it alone -
141 the indexing code handles the rest
144 dn_folded = ldb_dn_get_casefold(dn);
149 key_str = talloc_strdup(ldb, "DN=");
154 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
159 key.dptr = (uint8_t *)key_str;
160 key.dsize = strlen(key_str) + 1;
172 check special dn's have valid attributes
173 currently only @ATTRIBUTES is checked
175 static int ltdb_check_special_dn(struct ldb_module *module,
176 const struct ldb_message *msg)
178 struct ldb_context *ldb = ldb_module_get_ctx(module);
181 if (! ldb_dn_is_special(msg->dn) ||
182 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
186 /* we have @ATTRIBUTES, let's check attributes are fine */
187 /* should we check that we deny multivalued attributes ? */
188 for (i = 0; i < msg->num_elements; i++) {
189 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
191 for (j = 0; j < msg->elements[i].num_values; j++) {
192 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
193 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
194 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
204 we've made a modification to a dn - possibly reindex and
205 update sequence number
207 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
209 int ret = LDB_SUCCESS;
210 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
212 /* only allow modifies inside a transaction, otherwise the
214 if (ltdb->in_transaction == 0) {
215 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
216 return LDB_ERR_OPERATIONS_ERROR;
219 if (ldb_dn_is_special(dn) &&
220 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
221 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
222 ret = ltdb_reindex(module);
225 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
226 if (ret == LDB_SUCCESS &&
227 !(ldb_dn_is_special(dn) &&
228 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
229 ret = ltdb_increase_sequence_number(module);
232 /* If the modify was to @OPTIONS, reload the cache */
233 if (ret == LDB_SUCCESS &&
234 ldb_dn_is_special(dn) &&
235 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
236 ret = ltdb_cache_reload(module);
243 store a record into the db
245 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
247 void *data = ldb_module_get_private(module);
248 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
249 TDB_DATA tdb_key, tdb_data;
250 int ret = LDB_SUCCESS;
252 tdb_key = ltdb_key(module, msg->dn);
253 if (tdb_key.dptr == NULL) {
254 return LDB_ERR_OTHER;
257 ret = ltdb_pack_data(module, msg, &tdb_data);
259 talloc_free(tdb_key.dptr);
260 return LDB_ERR_OTHER;
263 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
265 ret = ltdb_err_map(tdb_error(ltdb->tdb));
270 talloc_free(tdb_key.dptr);
271 talloc_free(tdb_data.dptr);
277 static int ltdb_add_internal(struct ldb_module *module,
278 const struct ldb_message *msg)
280 struct ldb_context *ldb = ldb_module_get_ctx(module);
281 int ret = LDB_SUCCESS, i;
283 ret = ltdb_check_special_dn(module, msg);
284 if (ret != LDB_SUCCESS) {
288 if (ltdb_cache_load(module) != 0) {
289 return LDB_ERR_OPERATIONS_ERROR;
292 for (i=0;i<msg->num_elements;i++) {
293 struct ldb_message_element *el = &msg->elements[i];
294 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
296 if (el->num_values == 0) {
297 ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illegal)",
298 el->name, ldb_dn_get_linearized(msg->dn));
299 return LDB_ERR_CONSTRAINT_VIOLATION;
301 if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
302 if (el->num_values > 1) {
303 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
304 el->name, ldb_dn_get_linearized(msg->dn));
305 return LDB_ERR_CONSTRAINT_VIOLATION;
310 ret = ltdb_store(module, msg, TDB_INSERT);
311 if (ret != LDB_SUCCESS) {
312 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
313 ldb_asprintf_errstring(ldb,
314 "Entry %s already exists",
315 ldb_dn_get_linearized(msg->dn));
320 ret = ltdb_index_add_new(module, msg);
321 if (ret != LDB_SUCCESS) {
325 ret = ltdb_modified(module, msg->dn);
331 add a record to the database
333 static int ltdb_add(struct ltdb_context *ctx)
335 struct ldb_module *module = ctx->module;
336 struct ldb_request *req = ctx->req;
337 int ret = LDB_SUCCESS;
339 ldb_request_set_state(req, LDB_ASYNC_PENDING);
341 if (ltdb_cache_load(module) != 0) {
342 return LDB_ERR_OPERATIONS_ERROR;
345 ret = ltdb_add_internal(module, req->op.add.message);
351 delete a record from the database, not updating indexes (used for deleting
354 int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
356 void *data = ldb_module_get_private(module);
357 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
361 tdb_key = ltdb_key(module, dn);
363 return LDB_ERR_OTHER;
366 ret = tdb_delete(ltdb->tdb, tdb_key);
367 talloc_free(tdb_key.dptr);
370 ret = ltdb_err_map(tdb_error(ltdb->tdb));
376 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
378 struct ldb_message *msg;
379 int ret = LDB_SUCCESS;
381 msg = talloc(module, struct ldb_message);
383 return LDB_ERR_OPERATIONS_ERROR;
386 /* in case any attribute of the message was indexed, we need
387 to fetch the old record */
388 ret = ltdb_search_dn1(module, dn, msg);
389 if (ret != LDB_SUCCESS) {
390 /* not finding the old record is an error */
394 ret = ltdb_delete_noindex(module, dn);
395 if (ret != LDB_SUCCESS) {
399 /* remove any indexed attributes */
400 ret = ltdb_index_delete(module, msg);
401 if (ret != LDB_SUCCESS) {
405 ret = ltdb_modified(module, dn);
406 if (ret != LDB_SUCCESS) {
416 delete a record from the database
418 static int ltdb_delete(struct ltdb_context *ctx)
420 struct ldb_module *module = ctx->module;
421 struct ldb_request *req = ctx->req;
422 int ret = LDB_SUCCESS;
424 ldb_request_set_state(req, LDB_ASYNC_PENDING);
426 if (ltdb_cache_load(module) != 0) {
427 return LDB_ERR_OPERATIONS_ERROR;
430 ret = ltdb_delete_internal(module, req->op.del.dn);
436 find an element by attribute name. At the moment this does a linear search,
437 it should be re-coded to use a binary search once all places that modify
438 records guarantee sorted order
440 return the index of the first matching element if found, otherwise -1
442 static int find_element(const struct ldb_message *msg, const char *name)
445 for (i=0;i<msg->num_elements;i++) {
446 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
455 add an element to an existing record. Assumes a elements array that we
456 can call re-alloc on, and assumed that we can re-use the data pointers from
457 the passed in additional values. Use with care!
459 returns 0 on success, -1 on failure (and sets errno)
461 static int ltdb_msg_add_element(struct ldb_context *ldb,
462 struct ldb_message *msg,
463 struct ldb_message_element *el)
465 struct ldb_message_element *e2;
468 if (el->num_values == 0) {
469 /* nothing to do here - we don't add empty elements */
473 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
474 msg->num_elements+1);
482 e2 = &msg->elements[msg->num_elements];
485 e2->flags = el->flags;
486 e2->values = talloc_array(msg->elements,
487 struct ldb_val, el->num_values);
492 for (i=0;i<el->num_values;i++) {
493 e2->values[i] = el->values[i];
495 e2->num_values = el->num_values;
503 delete all elements having a specified attribute name
505 static int msg_delete_attribute(struct ldb_module *module,
506 struct ldb_context *ldb,
507 struct ldb_message *msg, const char *name)
511 struct ldb_message_element *el;
513 el = ldb_msg_find_element(msg, name);
515 return LDB_ERR_NO_SUCH_ATTRIBUTE;
517 i = el - msg->elements;
519 ret = ltdb_index_del_element(module, msg->dn, el);
520 if (ret != LDB_SUCCESS) {
524 talloc_free(el->values);
525 if (msg->num_elements > (i+1)) {
526 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
529 msg->elements = talloc_realloc(msg, msg->elements,
530 struct ldb_message_element,
536 delete all elements matching an attribute name/value
538 return LDB Error on failure
540 static int msg_delete_element(struct ldb_module *module,
541 struct ldb_message *msg,
543 const struct ldb_val *val)
545 struct ldb_context *ldb = ldb_module_get_ctx(module);
548 struct ldb_message_element *el;
549 const struct ldb_schema_attribute *a;
551 found = find_element(msg, name);
553 return LDB_ERR_NO_SUCH_ATTRIBUTE;
556 el = &msg->elements[found];
558 a = ldb_schema_attribute_by_name(ldb, el->name);
560 for (i=0;i<el->num_values;i++) {
561 if (a->syntax->comparison_fn(ldb, ldb,
562 &el->values[i], val) == 0) {
563 if (el->num_values == 1) {
564 return msg_delete_attribute(module, ldb, msg, name);
567 ret = ltdb_index_del_value(module, msg->dn, el, i);
568 if (ret != LDB_SUCCESS) {
572 if (i<el->num_values-1) {
573 memmove(&el->values[i], &el->values[i+1],
574 sizeof(el->values[i])*
575 (el->num_values-(i+1)));
579 /* per definition we find in a canonicalised message an
580 attribute value only once. So we are finished here */
586 return LDB_ERR_NO_SUCH_ATTRIBUTE;
591 modify a record - internal interface
593 yuck - this is O(n^2). Luckily n is usually small so we probably
594 get away with it, but if we ever have really large attribute lists
595 then we'll need to look at this again
597 'req' is optional, and is used to specify controls if supplied
599 int ltdb_modify_internal(struct ldb_module *module,
600 const struct ldb_message *msg,
601 struct ldb_request *req)
603 struct ldb_context *ldb = ldb_module_get_ctx(module);
604 void *data = ldb_module_get_private(module);
605 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
606 TDB_DATA tdb_key, tdb_data;
607 struct ldb_message *msg2;
609 int ret = LDB_SUCCESS, idx;
610 struct ldb_control *control_permissive = NULL;
613 control_permissive = ldb_request_get_control(req,
614 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
617 tdb_key = ltdb_key(module, msg->dn);
619 return LDB_ERR_OTHER;
622 tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
623 if (!tdb_data.dptr) {
624 talloc_free(tdb_key.dptr);
625 return ltdb_err_map(tdb_error(ltdb->tdb));
628 msg2 = talloc(tdb_key.dptr, struct ldb_message);
635 ret = ltdb_unpack_data(module, &tdb_data, msg2);
646 for (i=0; i<msg->num_elements; i++) {
647 struct ldb_message_element *el = &msg->elements[i], *el2;
648 struct ldb_val *vals;
649 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
652 if (ldb_attr_cmp(el->name, "distinguishedName") == 0) {
653 ldb_asprintf_errstring(ldb, "it is not permitted to perform a modify on 'distinguishedName' (use rename instead): %s",
654 ldb_dn_get_linearized(msg2->dn));
655 ret = LDB_ERR_CONSTRAINT_VIOLATION;
659 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
660 case LDB_FLAG_MOD_ADD:
662 if (el->num_values == 0) {
663 ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illigal)",
664 el->name, ldb_dn_get_linearized(msg2->dn));
665 ret = LDB_ERR_CONSTRAINT_VIOLATION;
669 /* make a copy of the array so that a permissive
670 * control can remove duplicates without changing the
671 * original values, but do not copy data as we do not
672 * need to keep it around once the operation is
674 if (control_permissive) {
675 el = talloc(msg2, struct ldb_message_element);
680 el->name = msg->elements[i].name;
681 el->num_values = msg->elements[i].num_values;
682 el->values = talloc_array(el, struct ldb_val, el->num_values);
683 if (el->values == NULL) {
687 for (j = 0; j < el->num_values; j++) {
688 el->values[j] = msg->elements[i].values[j];
692 if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
693 if (el->num_values > 1) {
694 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
695 el->name, ldb_dn_get_linearized(msg2->dn));
696 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
701 /* Checks if element already exists */
702 idx = find_element(msg2, el->name);
704 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
708 ret = ltdb_index_add_element(module, msg2->dn, el);
709 if (ret != LDB_SUCCESS) {
713 /* We cannot add another value on a existing one
714 if the attribute is single-valued */
715 if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
716 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
717 el->name, ldb_dn_get_linearized(msg2->dn));
718 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
722 el2 = &(msg2->elements[idx]);
724 /* Check that values don't exist yet on multi-
725 valued attributes or aren't provided twice */
726 for (j = 0; j < el->num_values; j++) {
727 if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
728 if (control_permissive) {
729 /* remove this one as if it was never added */
731 for (k = j; k < el->num_values; k++) {
732 el->values[k] = el->values[k + 1];
739 ldb_asprintf_errstring(ldb, "%s: value #%d already exists", el->name, j);
740 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
743 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
744 ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
745 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
750 /* Now combine existing and new values to a new
752 vals = talloc_realloc(msg2->elements,
753 el2->values, struct ldb_val,
754 el2->num_values + el->num_values);
761 for (j=0; j<el->num_values; j++) {
762 vals[el2->num_values + j] =
763 ldb_val_dup(vals, &el->values[j]);
767 el2->num_values += el->num_values;
769 ret = ltdb_index_add_element(module, msg2->dn, el);
770 if (ret != LDB_SUCCESS) {
777 case LDB_FLAG_MOD_REPLACE:
779 if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
780 /* the RELAX control overrides this
781 check for replace. This is needed as
782 DRS replication can produce multiple
783 values here for a single valued
784 attribute when the values are deleted
787 if (el->num_values > 1 &&
788 (!req || !ldb_request_get_control(req, LDB_CONTROL_RELAX_OID))) {
789 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
790 el->name, ldb_dn_get_linearized(msg2->dn));
791 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
796 /* TODO: This is O(n^2) - replace with more efficient check */
797 for (j=0; j<el->num_values; j++) {
798 if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
799 ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
800 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
805 idx = find_element(msg2, el->name);
807 el2 = &(msg2->elements[idx]);
808 if (ldb_msg_element_compare(el, el2) == 0) {
809 /* we are replacing with the same values */
813 /* Delete the attribute if it exists in the DB */
814 if (msg_delete_attribute(module, ldb, msg2, el->name) != 0) {
820 /* Recreate it with the new values */
821 if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
826 ret = ltdb_index_add_element(module, msg2->dn, el);
827 if (ret != LDB_SUCCESS) {
833 case LDB_FLAG_MOD_DELETE:
834 dn = ldb_dn_get_linearized(msg2->dn);
840 if (msg->elements[i].num_values == 0) {
841 /* Delete the whole attribute */
842 ret = msg_delete_attribute(module, ldb, msg2,
843 msg->elements[i].name);
844 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
845 control_permissive) {
848 ldb_asprintf_errstring(ldb, "No such attribute: %s for delete on %s",
849 msg->elements[i].name, dn);
851 if (ret != LDB_SUCCESS) {
855 /* Delete specified values from an attribute */
856 for (j=0; j < msg->elements[i].num_values; j++) {
857 ret = msg_delete_element(module,
859 msg->elements[i].name,
860 &msg->elements[i].values[j]);
861 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
862 control_permissive) {
865 ldb_asprintf_errstring(ldb, "No matching attribute value when deleting attribute: %s on %s",
866 msg->elements[i].name, dn);
868 if (ret != LDB_SUCCESS) {
875 ldb_asprintf_errstring(ldb,
876 "Invalid ldb_modify flags on %s: 0x%x",
877 msg->elements[i].name,
878 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
879 ret = LDB_ERR_PROTOCOL_ERROR;
884 ret = ltdb_store(module, msg2, TDB_MODIFY);
885 if (ret != LDB_SUCCESS) {
889 ret = ltdb_modified(module, msg2->dn);
890 if (ret != LDB_SUCCESS) {
895 talloc_free(tdb_key.dptr);
902 static int ltdb_modify(struct ltdb_context *ctx)
904 struct ldb_module *module = ctx->module;
905 struct ldb_request *req = ctx->req;
906 int ret = LDB_SUCCESS;
908 ret = ltdb_check_special_dn(module, req->op.mod.message);
909 if (ret != LDB_SUCCESS) {
913 ldb_request_set_state(req, LDB_ASYNC_PENDING);
915 if (ltdb_cache_load(module) != 0) {
916 return LDB_ERR_OPERATIONS_ERROR;
919 ret = ltdb_modify_internal(module, req->op.mod.message, req);
927 static int ltdb_rename(struct ltdb_context *ctx)
929 struct ldb_module *module = ctx->module;
930 struct ldb_request *req = ctx->req;
931 struct ldb_message *msg;
932 int ret = LDB_SUCCESS;
934 ldb_request_set_state(req, LDB_ASYNC_PENDING);
936 if (ltdb_cache_load(ctx->module) != 0) {
937 return LDB_ERR_OPERATIONS_ERROR;
940 msg = talloc(ctx, struct ldb_message);
942 return LDB_ERR_OPERATIONS_ERROR;
945 /* in case any attribute of the message was indexed, we need
946 to fetch the old record */
947 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg);
948 if (ret != LDB_SUCCESS) {
949 /* not finding the old record is an error */
953 /* Always delete first then add, to avoid conflicts with
954 * unique indexes. We rely on the transaction to make this
957 ret = ltdb_delete_internal(module, msg->dn);
958 if (ret != LDB_SUCCESS) {
962 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
963 if (msg->dn == NULL) {
964 return LDB_ERR_OPERATIONS_ERROR;
967 ret = ltdb_add_internal(module, msg);
972 static int ltdb_start_trans(struct ldb_module *module)
974 void *data = ldb_module_get_private(module);
975 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
977 if (tdb_transaction_start(ltdb->tdb) != 0) {
978 return ltdb_err_map(tdb_error(ltdb->tdb));
981 ltdb->in_transaction++;
983 ltdb_index_transaction_start(module);
988 static int ltdb_prepare_commit(struct ldb_module *module)
990 void *data = ldb_module_get_private(module);
991 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
993 if (ltdb->in_transaction != 1) {
997 if (ltdb_index_transaction_commit(module) != 0) {
998 tdb_transaction_cancel(ltdb->tdb);
999 ltdb->in_transaction--;
1000 return ltdb_err_map(tdb_error(ltdb->tdb));
1003 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1004 ltdb->in_transaction--;
1005 return ltdb_err_map(tdb_error(ltdb->tdb));
1008 ltdb->prepared_commit = true;
1013 static int ltdb_end_trans(struct ldb_module *module)
1015 void *data = ldb_module_get_private(module);
1016 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1018 if (!ltdb->prepared_commit) {
1019 int ret = ltdb_prepare_commit(module);
1020 if (ret != LDB_SUCCESS) {
1025 ltdb->in_transaction--;
1026 ltdb->prepared_commit = false;
1028 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1029 return ltdb_err_map(tdb_error(ltdb->tdb));
1035 static int ltdb_del_trans(struct ldb_module *module)
1037 void *data = ldb_module_get_private(module);
1038 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1040 ltdb->in_transaction--;
1042 if (ltdb_index_transaction_cancel(module) != 0) {
1043 tdb_transaction_cancel(ltdb->tdb);
1044 return ltdb_err_map(tdb_error(ltdb->tdb));
1047 if (tdb_transaction_cancel(ltdb->tdb) != 0) {
1048 return ltdb_err_map(tdb_error(ltdb->tdb));
1055 return sequenceNumber from @BASEINFO
1057 static int ltdb_sequence_number(struct ltdb_context *ctx,
1058 struct ldb_extended **ext)
1060 struct ldb_context *ldb;
1061 struct ldb_module *module = ctx->module;
1062 struct ldb_request *req = ctx->req;
1063 TALLOC_CTX *tmp_ctx;
1064 struct ldb_seqnum_request *seq;
1065 struct ldb_seqnum_result *res;
1066 struct ldb_message *msg = NULL;
1069 int ret = LDB_SUCCESS;
1071 ldb = ldb_module_get_ctx(module);
1073 seq = talloc_get_type(req->op.extended.data,
1074 struct ldb_seqnum_request);
1076 return LDB_ERR_OPERATIONS_ERROR;
1079 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1081 if (ltdb_lock_read(module) != 0) {
1082 return LDB_ERR_OPERATIONS_ERROR;
1085 res = talloc_zero(req, struct ldb_seqnum_result);
1087 ret = LDB_ERR_OPERATIONS_ERROR;
1090 tmp_ctx = talloc_new(req);
1091 if (tmp_ctx == NULL) {
1092 ret = LDB_ERR_OPERATIONS_ERROR;
1096 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1098 msg = talloc(tmp_ctx, struct ldb_message);
1100 ret = LDB_ERR_OPERATIONS_ERROR;
1104 ret = ltdb_search_dn1(module, dn, msg);
1105 if (ret != LDB_SUCCESS) {
1109 switch (seq->type) {
1110 case LDB_SEQ_HIGHEST_SEQ:
1111 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1114 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1117 case LDB_SEQ_HIGHEST_TIMESTAMP:
1118 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1120 res->seq_num = ldb_string_to_time(date);
1123 /* zero is as good as anything when we don't know */
1128 *ext = talloc_zero(req, struct ldb_extended);
1130 ret = LDB_ERR_OPERATIONS_ERROR;
1133 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1134 (*ext)->data = talloc_steal(*ext, res);
1137 talloc_free(tmp_ctx);
1138 ltdb_unlock_read(module);
1142 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1144 struct ldb_context *ldb;
1145 struct ldb_request *req;
1146 struct ldb_reply *ares;
1148 ldb = ldb_module_get_ctx(ctx->module);
1151 /* if we already returned an error just return */
1152 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1156 ares = talloc_zero(req, struct ldb_reply);
1159 req->callback(req, NULL);
1162 ares->type = LDB_REPLY_DONE;
1163 ares->error = error;
1165 req->callback(req, ares);
1168 static void ltdb_timeout(struct tevent_context *ev,
1169 struct tevent_timer *te,
1173 struct ltdb_context *ctx;
1174 ctx = talloc_get_type(private_data, struct ltdb_context);
1176 if (!ctx->request_terminated) {
1177 /* request is done now */
1178 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1181 if (!ctx->request_terminated) {
1182 /* neutralize the spy */
1183 ctx->spy->ctx = NULL;
1188 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1189 struct ldb_extended *ext,
1192 struct ldb_context *ldb;
1193 struct ldb_request *req;
1194 struct ldb_reply *ares;
1196 ldb = ldb_module_get_ctx(ctx->module);
1199 /* if we already returned an error just return */
1200 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1204 ares = talloc_zero(req, struct ldb_reply);
1207 req->callback(req, NULL);
1210 ares->type = LDB_REPLY_DONE;
1211 ares->response = ext;
1212 ares->error = error;
1214 req->callback(req, ares);
1217 static void ltdb_handle_extended(struct ltdb_context *ctx)
1219 struct ldb_extended *ext = NULL;
1222 if (strcmp(ctx->req->op.extended.oid,
1223 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1224 /* get sequence number */
1225 ret = ltdb_sequence_number(ctx, &ext);
1227 /* not recognized */
1228 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1231 ltdb_request_extended_done(ctx, ext, ret);
1234 static void ltdb_callback(struct tevent_context *ev,
1235 struct tevent_timer *te,
1239 struct ltdb_context *ctx;
1242 ctx = talloc_get_type(private_data, struct ltdb_context);
1244 if (ctx->request_terminated) {
1248 switch (ctx->req->operation) {
1250 ret = ltdb_search(ctx);
1253 ret = ltdb_add(ctx);
1256 ret = ltdb_modify(ctx);
1259 ret = ltdb_delete(ctx);
1262 ret = ltdb_rename(ctx);
1265 ltdb_handle_extended(ctx);
1268 /* no other op supported */
1269 ret = LDB_ERR_UNWILLING_TO_PERFORM;
1272 if (!ctx->request_terminated) {
1273 /* request is done now */
1274 ltdb_request_done(ctx, ret);
1278 if (!ctx->request_terminated) {
1279 /* neutralize the spy */
1280 ctx->spy->ctx = NULL;
1285 static int ltdb_request_destructor(void *ptr)
1287 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1289 if (spy->ctx != NULL) {
1290 spy->ctx->request_terminated = true;
1296 static int ltdb_handle_request(struct ldb_module *module,
1297 struct ldb_request *req)
1299 struct ldb_control *control_permissive;
1300 struct ldb_context *ldb;
1301 struct tevent_context *ev;
1302 struct ltdb_context *ac;
1303 struct tevent_timer *te;
1307 ldb = ldb_module_get_ctx(module);
1309 control_permissive = ldb_request_get_control(req,
1310 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1312 for (i = 0; req->controls && req->controls[i]; i++) {
1313 if (req->controls[i]->critical &&
1314 req->controls[i] != control_permissive) {
1315 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1316 req->controls[i]->oid);
1317 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1321 if (req->starttime == 0 || req->timeout == 0) {
1322 ldb_set_errstring(ldb, "Invalid timeout settings");
1323 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1326 ev = ldb_get_event_context(ldb);
1328 ac = talloc_zero(ldb, struct ltdb_context);
1331 return LDB_ERR_OPERATIONS_ERROR;
1334 ac->module = module;
1339 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1342 return LDB_ERR_OPERATIONS_ERROR;
1345 tv.tv_sec = req->starttime + req->timeout;
1346 ac->timeout_event = tevent_add_timer(ev, ac, tv, ltdb_timeout, ac);
1347 if (NULL == ac->timeout_event) {
1349 return LDB_ERR_OPERATIONS_ERROR;
1352 /* set a spy so that we do not try to use the request context
1353 * if it is freed before ltdb_callback fires */
1354 ac->spy = talloc(req, struct ltdb_req_spy);
1355 if (NULL == ac->spy) {
1357 return LDB_ERR_OPERATIONS_ERROR;
1361 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1366 static int ltdb_init_rootdse(struct ldb_module *module)
1368 struct ldb_context *ldb;
1371 ldb = ldb_module_get_ctx(module);
1373 ret = ldb_mod_register_control(module,
1374 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1375 if (ret != LDB_SUCCESS) {
1376 ldb_debug(ldb, LDB_DEBUG_WARNING, "ldb_tdb: "
1377 "Unable to register control with rootdse!");
1380 /* there can be no module beyond the backend, just return */
1384 static const struct ldb_module_ops ltdb_ops = {
1386 .init_context = ltdb_init_rootdse,
1387 .search = ltdb_handle_request,
1388 .add = ltdb_handle_request,
1389 .modify = ltdb_handle_request,
1390 .del = ltdb_handle_request,
1391 .rename = ltdb_handle_request,
1392 .extended = ltdb_handle_request,
1393 .start_transaction = ltdb_start_trans,
1394 .end_transaction = ltdb_end_trans,
1395 .prepare_commit = ltdb_prepare_commit,
1396 .del_transaction = ltdb_del_trans,
1400 connect to the database
1402 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1403 unsigned int flags, const char *options[],
1404 struct ldb_module **_module)
1406 struct ldb_module *module;
1408 int tdb_flags, open_flags;
1409 struct ltdb_private *ltdb;
1412 if (strchr(url, ':')) {
1413 if (strncmp(url, "tdb://", 6) != 0) {
1414 ldb_debug(ldb, LDB_DEBUG_ERROR,
1415 "Invalid tdb URL '%s'", url);
1416 return LDB_ERR_OPERATIONS_ERROR;
1423 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1425 /* check for the 'nosync' option */
1426 if (flags & LDB_FLG_NOSYNC) {
1427 tdb_flags |= TDB_NOSYNC;
1430 /* and nommap option */
1431 if (flags & LDB_FLG_NOMMAP) {
1432 tdb_flags |= TDB_NOMMAP;
1435 if (flags & LDB_FLG_RDONLY) {
1436 open_flags = O_RDONLY;
1438 open_flags = O_CREAT | O_RDWR;
1441 ltdb = talloc_zero(ldb, struct ltdb_private);
1444 return LDB_ERR_OPERATIONS_ERROR;
1447 /* note that we use quite a large default hash size */
1448 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1449 tdb_flags, open_flags,
1450 ldb_get_create_perms(ldb), ldb);
1452 ldb_debug(ldb, LDB_DEBUG_ERROR,
1453 "Unable to open tdb '%s'", path);
1455 return LDB_ERR_OPERATIONS_ERROR;
1458 ltdb->sequence_number = 0;
1460 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1463 return LDB_ERR_OPERATIONS_ERROR;
1465 ldb_module_set_private(module, ltdb);
1466 talloc_steal(module, ltdb);
1468 if (ltdb_cache_load(module) != 0) {
1469 talloc_free(module);
1471 return LDB_ERR_OPERATIONS_ERROR;
1478 const struct ldb_backend_ops ldb_tdb_backend_ops = {
1480 .connect_fn = ltdb_connect,