4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb core API
30 * Description: core API routines interfacing to ldb backends
32 * Author: Andrew Tridgell
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
39 static int ldb_context_destructor(void *ptr)
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
53 this is used to catch debug messages from events
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
92 struct ldb_context *ldb;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 if (ev_ctx == NULL) {
119 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 tevent_loop_allow_nesting(ev_ctx);
123 ret = ldb_setup_wellknown_attributes(ldb);
124 if (ret != LDB_SUCCESS) {
129 ldb_set_utf8_default(ldb);
130 ldb_set_create_perms(ldb, 0666);
131 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
132 ldb_set_event_context(ldb, ev_ctx);
133 ret = ldb_register_extended_match_rules(ldb);
134 if (ret != LDB_SUCCESS) {
139 /* TODO: get timeout from options if available there */
140 ldb->default_timeout = 300; /* set default to 5 minutes */
142 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
148 try to autodetect a basedn if none specified. This fixes one of my
149 pet hates about ldapsearch, which is that you have to get a long,
150 complex basedn right to make any use of it.
152 void ldb_set_default_dns(struct ldb_context *ldb)
156 struct ldb_result *res;
157 struct ldb_dn *tmp_dn=NULL;
158 static const char *attrs[] = {
159 "rootDomainNamingContext",
160 "configurationNamingContext",
161 "schemaNamingContext",
162 "defaultNamingContext",
166 tmp_ctx = talloc_new(ldb);
167 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
168 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
169 if (ret != LDB_SUCCESS) {
170 talloc_free(tmp_ctx);
174 if (res->count != 1) {
175 talloc_free(tmp_ctx);
179 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
180 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
181 "rootDomainNamingContext");
182 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
185 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
186 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
187 "configurationNamingContext");
188 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
191 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
192 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
193 "schemaNamingContext");
194 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
197 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
198 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
199 "defaultNamingContext");
200 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
203 talloc_free(tmp_ctx);
206 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
208 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
209 return talloc_get_type(opaque, struct ldb_dn);
212 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
214 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
215 return talloc_get_type(opaque, struct ldb_dn);
218 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
220 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
221 return talloc_get_type(opaque, struct ldb_dn);
224 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
226 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
227 return talloc_get_type(opaque, struct ldb_dn);
231 connect to a database. The URL can either be one of the following forms
235 flags is made up of LDB_FLG_*
237 the options are passed uninterpreted to the backend, and are
240 int ldb_connect(struct ldb_context *ldb, const char *url,
241 unsigned int flags, const char *options[])
245 /* We seem to need to do this here, or else some utilities don't
246 * get ldb backends */
250 url2 = talloc_strdup(ldb, url);
253 return LDB_ERR_OPERATIONS_ERROR;
255 ret = ldb_set_opaque(ldb, "ldb_url", url2);
256 if (ret != LDB_SUCCESS) {
260 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
261 if (ret != LDB_SUCCESS) {
265 ret = ldb_load_modules(ldb, options);
266 if (ret != LDB_SUCCESS) {
267 ldb_debug(ldb, LDB_DEBUG_FATAL,
268 "Unable to load modules for %s: %s",
269 url, ldb_errstring(ldb));
273 /* set the default base dn */
274 ldb_set_default_dns(ldb);
279 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
281 ldb_asprintf_errstring(ldb, "%s", err_string);
284 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
287 char *old_err_string = NULL;
288 if (ldb->err_string) {
289 old_err_string = ldb->err_string;
292 va_start(ap, format);
293 ldb->err_string = talloc_vasprintf(ldb, format, ap);
296 TALLOC_FREE(old_err_string);
298 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
299 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
304 void ldb_reset_err_string(struct ldb_context *ldb)
306 if (ldb->err_string) {
307 talloc_free(ldb->err_string);
308 ldb->err_string = NULL;
315 set an ldb error based on file:line
317 int ldb_error_at(struct ldb_context *ldb, int ecode,
318 const char *reason, const char *file, int line)
320 if (reason == NULL) {
321 reason = ldb_strerror(ecode);
323 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
328 #define FIRST_OP_NOERR(ldb, op) do { \
329 module = ldb->modules; \
330 while (module && module->ops->op == NULL) module = module->next; \
331 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
332 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
333 module->ops->name); \
337 #define FIRST_OP(ldb, op) do { \
338 FIRST_OP_NOERR(ldb, op); \
339 if (module == NULL) { \
340 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
341 return LDB_ERR_OPERATIONS_ERROR; \
349 int ldb_transaction_start(struct ldb_context *ldb)
351 struct ldb_module *module;
354 ldb_debug(ldb, LDB_DEBUG_TRACE,
355 "start ldb transaction (nesting: %d)",
356 ldb->transaction_active);
358 /* explicit transaction active, count nested requests */
359 if (ldb->transaction_active) {
360 ldb->transaction_active++;
364 /* start a new transaction */
365 ldb->transaction_active++;
366 ldb->prepare_commit_done = false;
368 FIRST_OP(ldb, start_transaction);
370 ldb_reset_err_string(ldb);
372 status = module->ops->start_transaction(module);
373 if (status != LDB_SUCCESS) {
374 if (ldb->err_string == NULL) {
375 /* no error string was setup by the backend */
376 ldb_asprintf_errstring(ldb,
377 "ldb transaction start: %s (%d)",
378 ldb_strerror(status),
381 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
382 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
383 ldb_errstring(module->ldb));
386 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
387 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction success");
394 prepare for transaction commit (first phase of two phase commit)
396 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
398 struct ldb_module *module;
401 if (ldb->prepare_commit_done) {
405 /* commit only when all nested transactions are complete */
406 if (ldb->transaction_active > 1) {
410 ldb->prepare_commit_done = true;
412 if (ldb->transaction_active < 0) {
413 ldb_debug(ldb, LDB_DEBUG_FATAL,
414 "prepare commit called but no ldb transactions are active!");
415 ldb->transaction_active = 0;
416 return LDB_ERR_OPERATIONS_ERROR;
419 /* call prepare transaction if available */
420 FIRST_OP_NOERR(ldb, prepare_commit);
421 if (module == NULL) {
425 status = module->ops->prepare_commit(module);
426 if (status != LDB_SUCCESS) {
427 ldb->transaction_active--;
428 /* if a module fails the prepare then we need
429 to call the end transaction for everyone */
430 FIRST_OP(ldb, del_transaction);
431 module->ops->del_transaction(module);
432 if (ldb->err_string == NULL) {
433 /* no error string was setup by the backend */
434 ldb_asprintf_errstring(ldb,
435 "ldb transaction prepare commit: %s (%d)",
436 ldb_strerror(status),
439 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
440 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
441 ldb_errstring(module->ldb));
452 int ldb_transaction_commit(struct ldb_context *ldb)
454 struct ldb_module *module;
457 status = ldb_transaction_prepare_commit(ldb);
458 if (status != LDB_SUCCESS) {
462 ldb->transaction_active--;
464 ldb_debug(ldb, LDB_DEBUG_TRACE,
465 "commit ldb transaction (nesting: %d)",
466 ldb->transaction_active);
468 /* commit only when all nested transactions are complete */
469 if (ldb->transaction_active > 0) {
473 if (ldb->transaction_active < 0) {
474 ldb_debug(ldb, LDB_DEBUG_FATAL,
475 "commit called but no ldb transactions are active!");
476 ldb->transaction_active = 0;
477 return LDB_ERR_OPERATIONS_ERROR;
480 ldb_reset_err_string(ldb);
482 FIRST_OP(ldb, end_transaction);
483 status = module->ops->end_transaction(module);
484 if (status != LDB_SUCCESS) {
485 if (ldb->err_string == NULL) {
486 /* no error string was setup by the backend */
487 ldb_asprintf_errstring(ldb,
488 "ldb transaction commit: %s (%d)",
489 ldb_strerror(status),
492 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
493 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
494 ldb_errstring(module->ldb));
496 /* cancel the transaction */
497 FIRST_OP(ldb, del_transaction);
498 module->ops->del_transaction(module);
507 int ldb_transaction_cancel(struct ldb_context *ldb)
509 struct ldb_module *module;
512 ldb->transaction_active--;
514 ldb_debug(ldb, LDB_DEBUG_TRACE,
515 "cancel ldb transaction (nesting: %d)",
516 ldb->transaction_active);
518 /* really cancel only if all nested transactions are complete */
519 if (ldb->transaction_active > 0) {
523 if (ldb->transaction_active < 0) {
524 ldb_debug(ldb, LDB_DEBUG_FATAL,
525 "cancel called but no ldb transactions are active!");
526 ldb->transaction_active = 0;
527 return LDB_ERR_OPERATIONS_ERROR;
530 FIRST_OP(ldb, del_transaction);
532 status = module->ops->del_transaction(module);
533 if (status != LDB_SUCCESS) {
534 if (ldb->err_string == NULL) {
535 /* no error string was setup by the backend */
536 ldb_asprintf_errstring(ldb,
537 "ldb transaction cancel: %s (%d)",
538 ldb_strerror(status),
541 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
542 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
543 ldb_errstring(module->ldb));
550 cancel a transaction with no error if no transaction is pending
551 used when we fork() to clear any parent transactions
553 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
555 if (ldb->transaction_active > 0) {
556 return ldb_transaction_cancel(ldb);
562 /* autostarts a transaction if none active */
563 static int ldb_autotransaction_request(struct ldb_context *ldb,
564 struct ldb_request *req)
568 ret = ldb_transaction_start(ldb);
569 if (ret != LDB_SUCCESS) {
573 ret = ldb_request(ldb, req);
574 if (ret == LDB_SUCCESS) {
575 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
578 if (ret == LDB_SUCCESS) {
579 return ldb_transaction_commit(ldb);
581 ldb_transaction_cancel(ldb);
586 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
588 struct tevent_context *ev;
591 if (handle == NULL) {
592 return LDB_ERR_UNAVAILABLE;
595 if (handle->state == LDB_ASYNC_DONE) {
596 if ((handle->status != LDB_SUCCESS) &&
597 (handle->ldb->err_string == NULL)) {
598 /* if no error string was setup by the backend */
599 ldb_asprintf_errstring(handle->ldb,
600 "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)",
602 ldb_strerror(handle->status),
605 return handle->status;
608 ev = ldb_handle_get_event_context(handle);
610 return ldb_oom(handle->ldb);
615 ret = tevent_loop_once(ev);
617 return ldb_operr(handle->ldb);
619 if (handle->status == LDB_SUCCESS) {
622 if (handle->ldb->err_string != NULL) {
623 return handle->status;
626 * if no error string was setup by the backend
628 ldb_asprintf_errstring(handle->ldb,
629 "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)",
631 ldb_strerror(handle->status),
633 return handle->status;
636 while (handle->state != LDB_ASYNC_DONE) {
637 ret = tevent_loop_once(ev);
639 return ldb_operr(handle->ldb);
641 if (handle->status != LDB_SUCCESS) {
642 if (handle->ldb->err_string != NULL) {
643 return handle->status;
646 * if no error string was setup by the
649 ldb_asprintf_errstring(handle->ldb,
650 "ldb_wait from %s with "
651 "LDB_WAIT_ALL: %s (%d)",
653 ldb_strerror(handle->status),
655 return handle->status;
658 if (handle->status == LDB_SUCCESS) {
661 if (handle->ldb->err_string != NULL) {
662 return handle->status;
665 * if no error string was setup by the backend
667 ldb_asprintf_errstring(handle->ldb,
668 "ldb_wait from %s with LDB_WAIT_ALL,"
669 " LDB_ASYNC_DONE: %s (%d)",
671 ldb_strerror(handle->status),
673 return handle->status;
679 /* set the specified timeout or, if timeout is 0 set the default timeout */
680 int ldb_set_timeout(struct ldb_context *ldb,
681 struct ldb_request *req,
684 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
687 req->timeout = timeout;
689 req->timeout = ldb->default_timeout;
691 req->starttime = time(NULL);
696 /* calculates the new timeout based on the previous starttime and timeout */
697 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
698 struct ldb_request *oldreq,
699 struct ldb_request *newreq)
701 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
703 if (oldreq == NULL) {
704 return ldb_set_timeout(ldb, newreq, 0);
707 newreq->starttime = oldreq->starttime;
708 newreq->timeout = oldreq->timeout;
714 struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
716 struct ldb_handle *h;
718 h = talloc_zero(mem_ctx, struct ldb_handle);
720 ldb_set_errstring(ldb, "Out of Memory");
724 h->status = LDB_SUCCESS;
725 h->state = LDB_ASYNC_INIT;
731 if (h->ldb->require_private_event_context == true) {
732 h->event_context = tevent_context_init(h);
733 if (h->event_context == NULL) {
734 ldb_set_errstring(ldb,
735 "Out of Memory allocating "
736 "event context for new handle");
739 tevent_set_debug(h->event_context, ldb_tevent_debug, ldb);
740 tevent_loop_allow_nesting(h->event_context);
746 static struct ldb_handle *ldb_handle_new_child(TALLOC_CTX *mem_ctx,
747 struct ldb_request *parent_req)
749 struct ldb_handle *h;
751 h = talloc_zero(mem_ctx, struct ldb_handle);
753 ldb_set_errstring(parent_req->handle->ldb,
758 h->status = LDB_SUCCESS;
759 h->state = LDB_ASYNC_INIT;
760 h->ldb = parent_req->handle->ldb;
761 h->parent = parent_req;
762 h->nesting = parent_req->handle->nesting + 1;
763 h->flags = parent_req->handle->flags;
764 h->custom_flags = parent_req->handle->custom_flags;
765 h->event_context = parent_req->handle->event_context;
771 set the permissions for new files to be passed to open() in
772 backends that use local files
774 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
776 ldb->create_perms = perms;
779 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
781 return ldb->create_perms;
784 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
789 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
794 void ldb_request_set_state(struct ldb_request *req, int state)
796 req->handle->state = state;
799 int ldb_request_get_status(struct ldb_request *req)
801 return req->handle->status;
805 * This function obtains the private event context for the handle,
806 * which may have been created to avoid nested event loops during
807 * ldb_tdb with the locks held
809 struct tevent_context *ldb_handle_get_event_context(struct ldb_handle *handle)
811 if (handle->event_context != NULL) {
812 return handle->event_context;
814 return ldb_get_event_context(handle->ldb);
818 * This function forces a specific ldb handle to use the global event
819 * context. This allows a nested event loop to operate, so any open
820 * transaction also needs to be aborted.
822 * Any events on this event context will be lost
824 * This is used in Samba when sending an IRPC to another part of the
825 * same process instead of making a local DB modification.
827 void ldb_handle_use_global_event_context(struct ldb_handle *handle)
829 TALLOC_FREE(handle->event_context);
832 void ldb_set_require_private_event_context(struct ldb_context *ldb)
834 ldb->require_private_event_context = true;
840 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
842 TALLOC_CTX *tmp_ctx = talloc_new(req);
844 struct ldb_ldif ldif;
846 switch (req->operation) {
848 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
849 ldb_debug_add(ldb, " dn: %s\n",
850 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
851 ldb_dn_get_linearized(req->op.search.base));
852 ldb_debug_add(ldb, " scope: %s\n",
853 req->op.search.scope==LDB_SCOPE_BASE?"base":
854 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
855 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
856 ldb_debug_add(ldb, " expr: %s\n",
857 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
858 if (req->op.search.attrs == NULL) {
859 ldb_debug_add(ldb, " attr: <ALL>\n");
861 for (i=0; req->op.search.attrs[i]; i++) {
862 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
867 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
868 ldb_debug_add(ldb, " dn: %s\n",
869 ldb_dn_get_linearized(req->op.del.dn));
872 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
873 ldb_debug_add(ldb, " olddn: %s\n",
874 ldb_dn_get_linearized(req->op.rename.olddn));
875 ldb_debug_add(ldb, " newdn: %s\n",
876 ldb_dn_get_linearized(req->op.rename.newdn));
879 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
880 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
881 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
884 ldif.changetype = LDB_CHANGETYPE_ADD;
885 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
887 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
891 * ldb_ldif_write_redacted_trace_string() is CRITICAL
892 * for security. It ensures that we do not output
893 * passwords into debug logs
896 ldb_debug_add(req->handle->ldb, "%s\n",
897 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
900 ldif.changetype = LDB_CHANGETYPE_MODIFY;
901 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
903 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
907 * ldb_ldif_write_redacted_trace_string() is CRITICAL
908 * for security. It ensures that we do not output
909 * passwords into debug logs
912 ldb_debug_add(req->handle->ldb, "%s\n",
913 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
915 case LDB_REQ_REGISTER_CONTROL:
916 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
917 ldb_debug_add(req->handle->ldb, "%s\n",
918 req->op.reg_control.oid);
920 case LDB_REQ_REGISTER_PARTITION:
921 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
922 ldb_debug_add(req->handle->ldb, "%s\n",
923 ldb_dn_get_linearized(req->op.reg_partition.dn));
926 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
931 if (req->controls == NULL) {
932 ldb_debug_add(ldb, " control: <NONE>\n");
934 for (i=0; req->controls && req->controls[i]; i++) {
935 if (req->controls[i]->oid) {
936 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
937 req->controls[i]->oid,
938 req->controls[i]->critical,
939 req->controls[i]->data?"yes":"no");
944 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
946 talloc_free(tmp_ctx);
950 check that the element flags don't have any internal bits set
952 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
953 const struct ldb_message *message)
956 for (i=0; i<message->num_elements; i++) {
957 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
958 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
959 message->elements[i].flags, message->elements[i].name,
960 ldb_dn_get_linearized(message->dn));
961 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
970 NOTE: the request must be a talloc context.
971 returns LDB_ERR_* on errors.
973 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
975 struct ldb_module *module;
978 if (req->callback == NULL) {
979 ldb_set_errstring(ldb, "Requests MUST define callbacks");
980 return LDB_ERR_UNWILLING_TO_PERFORM;
983 ldb_reset_err_string(ldb);
985 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
986 ldb_trace_request(ldb, req);
989 /* call the first module in the chain */
990 switch (req->operation) {
992 /* due to "ldb_build_search_req" base DN always != NULL */
993 if (!ldb_dn_validate(req->op.search.base)) {
994 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
995 ldb_dn_get_linearized(req->op.search.base));
996 return LDB_ERR_INVALID_DN_SYNTAX;
998 FIRST_OP(ldb, search);
999 ret = module->ops->search(module, req);
1002 if (!ldb_dn_validate(req->op.add.message->dn)) {
1003 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
1004 ldb_dn_get_linearized(req->op.add.message->dn));
1005 return LDB_ERR_INVALID_DN_SYNTAX;
1008 * we have to normalize here, as so many places
1009 * in modules and backends assume we don't have two
1010 * elements with the same name
1012 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
1013 discard_const(&req->op.add.message));
1014 if (ret != LDB_SUCCESS) {
1019 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
1020 if (ret != LDB_SUCCESS) {
1022 * "ldb_msg_check_element_flags" generates an error
1027 ret = module->ops->add(module, req);
1030 if (!ldb_dn_validate(req->op.mod.message->dn)) {
1031 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
1032 ldb_dn_get_linearized(req->op.mod.message->dn));
1033 return LDB_ERR_INVALID_DN_SYNTAX;
1035 FIRST_OP(ldb, modify);
1036 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
1037 if (ret != LDB_SUCCESS) {
1039 * "ldb_msg_check_element_flags" generates an error
1044 ret = module->ops->modify(module, req);
1047 if (!ldb_dn_validate(req->op.del.dn)) {
1048 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
1049 ldb_dn_get_linearized(req->op.del.dn));
1050 return LDB_ERR_INVALID_DN_SYNTAX;
1053 ret = module->ops->del(module, req);
1056 if (!ldb_dn_validate(req->op.rename.olddn)) {
1057 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
1058 ldb_dn_get_linearized(req->op.rename.olddn));
1059 return LDB_ERR_INVALID_DN_SYNTAX;
1061 if (!ldb_dn_validate(req->op.rename.newdn)) {
1062 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
1063 ldb_dn_get_linearized(req->op.rename.newdn));
1064 return LDB_ERR_INVALID_DN_SYNTAX;
1066 FIRST_OP(ldb, rename);
1067 ret = module->ops->rename(module, req);
1070 FIRST_OP(ldb, extended);
1071 ret = module->ops->extended(module, req);
1074 FIRST_OP(ldb, request);
1075 ret = module->ops->request(module, req);
1079 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1080 /* if no error string was setup by the backend */
1081 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
1082 ldb_strerror(ret), ret);
1088 int ldb_request_done(struct ldb_request *req, int status)
1090 req->handle->state = LDB_ASYNC_DONE;
1091 req->handle->status = status;
1096 search the database given a LDAP-like search expression
1098 returns an LDB error code
1100 Use talloc_free to free the ldb_message returned in 'res', if successful
1103 int ldb_search_default_callback(struct ldb_request *req,
1104 struct ldb_reply *ares)
1106 struct ldb_result *res;
1109 res = talloc_get_type(req->context, struct ldb_result);
1112 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1114 if (ares->error != LDB_SUCCESS) {
1115 return ldb_request_done(req, ares->error);
1118 switch (ares->type) {
1119 case LDB_REPLY_ENTRY:
1120 res->msgs = talloc_realloc(res, res->msgs,
1121 struct ldb_message *, res->count + 2);
1123 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1126 res->msgs[res->count + 1] = NULL;
1128 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1132 case LDB_REPLY_REFERRAL:
1134 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1139 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1141 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1144 res->refs[n] = talloc_move(res->refs, &ares->referral);
1145 res->refs[n + 1] = NULL;
1148 case LDB_REPLY_DONE:
1149 /* TODO: we should really support controls on entries
1150 * and referrals too! */
1151 res->controls = talloc_move(res, &ares->controls);
1153 /* this is the last message, and means the request is done */
1154 /* we have to signal and eventual ldb_wait() waiting that the
1155 * async request operation was completed */
1157 return ldb_request_done(req, LDB_SUCCESS);
1165 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1167 struct ldb_result *res;
1171 res = talloc_get_type(req->context, struct ldb_result);
1174 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1177 if (ares->error != LDB_SUCCESS) {
1180 return ldb_request_done(req, ret);
1183 switch (ares->type) {
1184 case LDB_REPLY_REFERRAL:
1186 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1191 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1193 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1196 res->refs[n] = talloc_move(res->refs, &ares->referral);
1197 res->refs[n + 1] = NULL;
1200 case LDB_REPLY_DONE:
1202 return ldb_request_done(req, LDB_SUCCESS);
1205 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1206 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1210 return ldb_request_done(req, LDB_SUCCESS);
1213 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1218 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1221 if (ares->error != LDB_SUCCESS) {
1224 return ldb_request_done(req, ret);
1227 if (ares->type != LDB_REPLY_DONE) {
1229 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1230 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1234 return ldb_request_done(req, LDB_SUCCESS);
1237 static struct ldb_request *ldb_build_req_common(TALLOC_CTX *mem_ctx,
1238 struct ldb_context *ldb,
1239 struct ldb_control **controls,
1241 ldb_request_callback_t callback,
1242 struct ldb_request *parent)
1244 struct ldb_request *req = NULL;
1246 req = talloc_zero(mem_ctx, struct ldb_request);
1250 req->controls = controls;
1251 req->context = context;
1252 req->callback = callback;
1254 ldb_set_timeout_from_prev_req(ldb, parent, req);
1256 if (parent != NULL) {
1257 req->handle = ldb_handle_new_child(req, parent);
1258 if (req->handle == NULL) {
1263 req->handle = ldb_handle_new(req, ldb);
1264 if (req->handle == NULL) {
1273 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1274 struct ldb_context *ldb,
1275 TALLOC_CTX *mem_ctx,
1276 struct ldb_dn *base,
1277 enum ldb_scope scope,
1278 struct ldb_parse_tree *tree,
1279 const char * const *attrs,
1280 struct ldb_control **controls,
1282 ldb_request_callback_t callback,
1283 struct ldb_request *parent)
1285 struct ldb_request *req;
1289 req = ldb_build_req_common(mem_ctx, ldb, controls,
1290 context, callback, parent);
1293 return LDB_ERR_OPERATIONS_ERROR;
1296 req->operation = LDB_SEARCH;
1298 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1300 req->op.search.base = base;
1302 req->op.search.scope = scope;
1304 req->op.search.tree = tree;
1305 if (req->op.search.tree == NULL) {
1306 ldb_set_errstring(ldb, "'tree' can't be NULL");
1308 return LDB_ERR_OPERATIONS_ERROR;
1311 req->op.search.attrs = attrs;
1316 int ldb_build_search_req(struct ldb_request **ret_req,
1317 struct ldb_context *ldb,
1318 TALLOC_CTX *mem_ctx,
1319 struct ldb_dn *base,
1320 enum ldb_scope scope,
1321 const char *expression,
1322 const char * const *attrs,
1323 struct ldb_control **controls,
1325 ldb_request_callback_t callback,
1326 struct ldb_request *parent)
1328 struct ldb_parse_tree *tree;
1331 tree = ldb_parse_tree(mem_ctx, expression);
1333 ldb_set_errstring(ldb, "Unable to parse search expression");
1334 return LDB_ERR_OPERATIONS_ERROR;
1337 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1338 scope, tree, attrs, controls,
1339 context, callback, parent);
1340 if (ret == LDB_SUCCESS) {
1341 talloc_steal(*ret_req, tree);
1346 int ldb_build_add_req(struct ldb_request **ret_req,
1347 struct ldb_context *ldb,
1348 TALLOC_CTX *mem_ctx,
1349 const struct ldb_message *message,
1350 struct ldb_control **controls,
1352 ldb_request_callback_t callback,
1353 struct ldb_request *parent)
1355 struct ldb_request *req;
1359 req = ldb_build_req_common(mem_ctx, ldb, controls,
1360 context, callback, parent);
1362 ldb_set_errstring(ldb, "Out of Memory");
1363 return LDB_ERR_OPERATIONS_ERROR;
1366 req->operation = LDB_ADD;
1367 req->op.add.message = message;
1372 int ldb_build_mod_req(struct ldb_request **ret_req,
1373 struct ldb_context *ldb,
1374 TALLOC_CTX *mem_ctx,
1375 const struct ldb_message *message,
1376 struct ldb_control **controls,
1378 ldb_request_callback_t callback,
1379 struct ldb_request *parent)
1381 struct ldb_request *req;
1385 req = ldb_build_req_common(mem_ctx, ldb, controls,
1386 context, callback, parent);
1388 ldb_set_errstring(ldb, "Out of Memory");
1389 return LDB_ERR_OPERATIONS_ERROR;
1392 req->operation = LDB_MODIFY;
1393 req->op.mod.message = message;
1399 int ldb_build_del_req(struct ldb_request **ret_req,
1400 struct ldb_context *ldb,
1401 TALLOC_CTX *mem_ctx,
1403 struct ldb_control **controls,
1405 ldb_request_callback_t callback,
1406 struct ldb_request *parent)
1408 struct ldb_request *req;
1412 req = ldb_build_req_common(mem_ctx, ldb, controls,
1413 context, callback, parent);
1415 ldb_set_errstring(ldb, "Out of Memory");
1416 return LDB_ERR_OPERATIONS_ERROR;
1419 req->operation = LDB_DELETE;
1420 req->op.del.dn = dn;
1425 int ldb_build_rename_req(struct ldb_request **ret_req,
1426 struct ldb_context *ldb,
1427 TALLOC_CTX *mem_ctx,
1428 struct ldb_dn *olddn,
1429 struct ldb_dn *newdn,
1430 struct ldb_control **controls,
1432 ldb_request_callback_t callback,
1433 struct ldb_request *parent)
1435 struct ldb_request *req;
1439 req = ldb_build_req_common(mem_ctx, ldb, controls,
1440 context, callback, parent);
1442 ldb_set_errstring(ldb, "Out of Memory");
1443 return LDB_ERR_OPERATIONS_ERROR;
1446 req->operation = LDB_RENAME;
1447 req->op.rename.olddn = olddn;
1448 req->op.rename.newdn = newdn;
1453 int ldb_extended_default_callback(struct ldb_request *req,
1454 struct ldb_reply *ares)
1456 struct ldb_result *res;
1458 res = talloc_get_type(req->context, struct ldb_result);
1461 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1463 if (ares->error != LDB_SUCCESS) {
1464 return ldb_request_done(req, ares->error);
1467 if (ares->type == LDB_REPLY_DONE) {
1469 /* TODO: we should really support controls on entries and referrals too! */
1470 res->extended = talloc_move(res, &ares->response);
1471 res->controls = talloc_move(res, &ares->controls);
1474 return ldb_request_done(req, LDB_SUCCESS);
1478 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1479 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1482 int ldb_build_extended_req(struct ldb_request **ret_req,
1483 struct ldb_context *ldb,
1484 TALLOC_CTX *mem_ctx,
1487 struct ldb_control **controls,
1489 ldb_request_callback_t callback,
1490 struct ldb_request *parent)
1492 struct ldb_request *req;
1496 req = ldb_build_req_common(mem_ctx, ldb, controls,
1497 context, callback, parent);
1499 ldb_set_errstring(ldb, "Out of Memory");
1500 return LDB_ERR_OPERATIONS_ERROR;
1503 req->operation = LDB_EXTENDED;
1504 req->op.extended.oid = oid;
1505 req->op.extended.data = data;
1510 int ldb_extended(struct ldb_context *ldb,
1513 struct ldb_result **_res)
1515 struct ldb_request *req;
1517 struct ldb_result *res;
1522 res = talloc_zero(ldb, struct ldb_result);
1524 return LDB_ERR_OPERATIONS_ERROR;
1527 ret = ldb_build_extended_req(&req, ldb, ldb,
1529 res, ldb_extended_default_callback,
1531 ldb_req_set_location(req, "ldb_extended");
1533 if (ret != LDB_SUCCESS) goto done;
1535 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1537 ret = ldb_request(ldb, req);
1539 if (ret == LDB_SUCCESS) {
1540 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1544 if (ret != LDB_SUCCESS) {
1556 note that ldb_search() will automatically replace a NULL 'base' value
1557 with the defaultNamingContext from the rootDSE if available.
1559 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1560 struct ldb_result **result, struct ldb_dn *base,
1561 enum ldb_scope scope, const char * const *attrs,
1562 const char *exp_fmt, ...)
1564 struct ldb_request *req;
1565 struct ldb_result *res;
1574 res = talloc_zero(mem_ctx, struct ldb_result);
1576 return LDB_ERR_OPERATIONS_ERROR;
1580 va_start(ap, exp_fmt);
1581 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1586 return LDB_ERR_OPERATIONS_ERROR;
1590 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1591 base?base:ldb_get_default_basedn(ldb),
1597 ldb_search_default_callback,
1599 ldb_req_set_location(req, "ldb_search");
1601 if (ret != LDB_SUCCESS) goto done;
1603 ret = ldb_request(ldb, req);
1605 if (ret == LDB_SUCCESS) {
1606 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1610 if (ret != LDB_SUCCESS) {
1615 talloc_free(expression);
1623 add a record to the database. Will fail if a record with the given class
1624 and key already exists
1626 int ldb_add(struct ldb_context *ldb,
1627 const struct ldb_message *message)
1629 struct ldb_request *req;
1632 ret = ldb_msg_sanity_check(ldb, message);
1633 if (ret != LDB_SUCCESS) {
1637 ret = ldb_build_add_req(&req, ldb, ldb,
1641 ldb_op_default_callback,
1643 ldb_req_set_location(req, "ldb_add");
1645 if (ret != LDB_SUCCESS) return ret;
1647 /* do request and autostart a transaction */
1648 ret = ldb_autotransaction_request(ldb, req);
1655 modify the specified attributes of a record
1657 int ldb_modify(struct ldb_context *ldb,
1658 const struct ldb_message *message)
1660 struct ldb_request *req;
1663 ret = ldb_msg_sanity_check(ldb, message);
1664 if (ret != LDB_SUCCESS) {
1668 ret = ldb_build_mod_req(&req, ldb, ldb,
1672 ldb_op_default_callback,
1674 ldb_req_set_location(req, "ldb_modify");
1676 if (ret != LDB_SUCCESS) return ret;
1678 /* do request and autostart a transaction */
1679 ret = ldb_autotransaction_request(ldb, req);
1687 delete a record from the database
1689 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1691 struct ldb_request *req;
1694 ret = ldb_build_del_req(&req, ldb, ldb,
1698 ldb_op_default_callback,
1700 ldb_req_set_location(req, "ldb_delete");
1702 if (ret != LDB_SUCCESS) return ret;
1704 /* do request and autostart a transaction */
1705 ret = ldb_autotransaction_request(ldb, req);
1712 rename a record in the database
1714 int ldb_rename(struct ldb_context *ldb,
1715 struct ldb_dn *olddn, struct ldb_dn *newdn)
1717 struct ldb_request *req;
1720 ret = ldb_build_rename_req(&req, ldb, ldb,
1725 ldb_op_default_callback,
1727 ldb_req_set_location(req, "ldb_rename");
1729 if (ret != LDB_SUCCESS) return ret;
1731 /* do request and autostart a transaction */
1732 ret = ldb_autotransaction_request(ldb, req);
1740 return the global sequence number
1742 int ldb_sequence_number(struct ldb_context *ldb,
1743 enum ldb_sequence_type type, uint64_t *seq_num)
1745 struct ldb_seqnum_request *seq;
1746 struct ldb_seqnum_result *seqr;
1747 struct ldb_result *res;
1748 TALLOC_CTX *tmp_ctx;
1753 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1754 if (tmp_ctx == NULL) {
1755 ldb_set_errstring(ldb, "Out of Memory");
1756 return LDB_ERR_OPERATIONS_ERROR;
1758 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1760 ldb_set_errstring(ldb, "Out of Memory");
1761 ret = LDB_ERR_OPERATIONS_ERROR;
1766 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1767 if (ret != LDB_SUCCESS) {
1770 talloc_steal(tmp_ctx, res);
1772 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1773 ldb_set_errstring(ldb, "Invalid OID in reply");
1774 ret = LDB_ERR_OPERATIONS_ERROR;
1777 seqr = talloc_get_type(res->extended->data,
1778 struct ldb_seqnum_result);
1779 *seq_num = seqr->seq_num;
1782 talloc_free(tmp_ctx);
1787 return extended error information
1789 const char *ldb_errstring(struct ldb_context *ldb)
1791 if (ldb->err_string) {
1792 return ldb->err_string;
1799 return a string explaining what a ldb error constant meancs
1801 const char *ldb_strerror(int ldb_err)
1806 case LDB_ERR_OPERATIONS_ERROR:
1807 return "Operations error";
1808 case LDB_ERR_PROTOCOL_ERROR:
1809 return "Protocol error";
1810 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1811 return "Time limit exceeded";
1812 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1813 return "Size limit exceeded";
1814 case LDB_ERR_COMPARE_FALSE:
1815 return "Compare false";
1816 case LDB_ERR_COMPARE_TRUE:
1817 return "Compare true";
1818 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1819 return "Auth method not supported";
1820 case LDB_ERR_STRONG_AUTH_REQUIRED:
1821 return "Strong auth required";
1823 case LDB_ERR_REFERRAL:
1824 return "Referral error";
1825 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1826 return "Admin limit exceeded";
1827 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1828 return "Unsupported critical extension";
1829 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1830 return "Confidentiality required";
1831 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1832 return "SASL bind in progress";
1833 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1834 return "No such attribute";
1835 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1836 return "Undefined attribute type";
1837 case LDB_ERR_INAPPROPRIATE_MATCHING:
1838 return "Inappropriate matching";
1839 case LDB_ERR_CONSTRAINT_VIOLATION:
1840 return "Constraint violation";
1841 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1842 return "Attribute or value exists";
1843 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1844 return "Invalid attribute syntax";
1846 case LDB_ERR_NO_SUCH_OBJECT:
1847 return "No such object";
1848 case LDB_ERR_ALIAS_PROBLEM:
1849 return "Alias problem";
1850 case LDB_ERR_INVALID_DN_SYNTAX:
1851 return "Invalid DN syntax";
1853 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1854 return "Alias dereferencing problem";
1856 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1857 return "Inappropriate authentication";
1858 case LDB_ERR_INVALID_CREDENTIALS:
1859 return "Invalid credentials";
1860 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1861 return "insufficient access rights";
1864 case LDB_ERR_UNAVAILABLE:
1865 return "Unavailable";
1866 case LDB_ERR_UNWILLING_TO_PERFORM:
1867 return "Unwilling to perform";
1868 case LDB_ERR_LOOP_DETECT:
1869 return "Loop detect";
1871 case LDB_ERR_NAMING_VIOLATION:
1872 return "Naming violation";
1873 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1874 return "Object class violation";
1875 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1876 return "Not allowed on non-leaf";
1877 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1878 return "Not allowed on RDN";
1879 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1880 return "Entry already exists";
1881 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1882 return "Object class mods prohibited";
1883 /* 70 RESERVED FOR CLDAP */
1884 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1885 return "Affects multiple DSAs";
1891 return "Unknown error";
1895 set backend specific opaque parameters
1897 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1899 struct ldb_opaque *o;
1901 /* allow updating an existing value */
1902 for (o=ldb->opaque;o;o=o->next) {
1903 if (strcmp(o->name, name) == 0) {
1909 o = talloc(ldb, struct ldb_opaque);
1912 return LDB_ERR_OTHER;
1914 o->next = ldb->opaque;
1922 get a previously set opaque value
1924 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1926 struct ldb_opaque *o;
1927 for (o=ldb->opaque;o;o=o->next) {
1928 if (strcmp(o->name, name) == 0) {
1935 int ldb_global_init(void)
1937 /* Provided for compatibility with some older versions of ldb */
1941 /* return the ldb flags */
1942 unsigned int ldb_get_flags(struct ldb_context *ldb)
1947 /* set the ldb flags */
1948 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
1955 set the location in a ldb request. Used for debugging
1957 void ldb_req_set_location(struct ldb_request *req, const char *location)
1959 if (req && req->handle) {
1960 req->handle->location = location;
1965 return the location set with dsdb_req_set_location
1967 const char *ldb_req_location(struct ldb_request *req)
1969 return req->handle->location;
1973 mark a request as untrusted. This tells the rootdse module to remove
1974 unregistered controls
1976 void ldb_req_mark_untrusted(struct ldb_request *req)
1978 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
1982 mark a request as trusted.
1984 void ldb_req_mark_trusted(struct ldb_request *req)
1986 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
1990 set custom flags. Those flags are set by applications using ldb,
1991 they are application dependent and the same bit can have different
1992 meaning in different application.
1994 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
1996 if (req != NULL && req->handle != NULL) {
1997 req->handle->custom_flags = flags;
2003 get custom flags. Those flags are set by applications using ldb,
2004 they are application dependent and the same bit can have different
2005 meaning in different application.
2007 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
2009 if (req != NULL && req->handle != NULL) {
2010 return req->handle->custom_flags;
2014 * 0 is not something any better or worse than
2015 * anything else as req or the handle is NULL
2022 * return true if a request is untrusted
2024 bool ldb_req_is_untrusted(struct ldb_request *req)
2026 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;