4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 static int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 static int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 /* The caller is to provide a correctly sized key */
225 int ltdb_guid_to_key(struct ldb_module *module,
226 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val,
230 const char *GUID_prefix = LTDB_GUID_KEY_PREFIX;
231 const int GUID_prefix_len = sizeof(LTDB_GUID_KEY_PREFIX) - 1;
233 if (key->dsize != (GUID_val->length+GUID_prefix_len)) {
234 return LDB_ERR_OPERATIONS_ERROR;
237 memcpy(key->dptr, GUID_prefix, GUID_prefix_len);
238 memcpy(&key->dptr[GUID_prefix_len],
239 GUID_val->data, GUID_val->length);
244 * The caller is to provide a correctly sized key, used only in
245 * the GUID index mode
247 int ltdb_idx_to_key(struct ldb_module *module,
248 struct ltdb_private *ltdb,
250 const struct ldb_val *idx_val,
253 struct ldb_context *ldb = ldb_module_get_ctx(module);
256 if (ltdb->cache->GUID_index_attribute != NULL) {
257 return ltdb_guid_to_key(module, ltdb,
261 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
264 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
265 * to the caller, as this in an invalid index value
267 return LDB_ERR_OPERATIONS_ERROR;
270 *key = ltdb_key_dn(module, mem_ctx, dn);
273 return ldb_module_oom(module);
279 form a TDB_DATA for a record key
280 caller frees mem_ctx, which may or may not have the key
283 note that the key for a record can depend on whether a
284 GUID index is in use, or the DN is used as the key
286 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
287 const struct ldb_message *msg)
289 void *data = ldb_module_get_private(module);
290 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
292 const struct ldb_val *guid_val;
295 if (ltdb->cache->GUID_index_attribute == NULL) {
296 return ltdb_key_dn(module, mem_ctx, msg->dn);
299 if (ldb_dn_is_special(msg->dn)) {
300 return ltdb_key_dn(module, mem_ctx, msg->dn);
303 guid_val = ldb_msg_find_ldb_val(msg,
304 ltdb->cache->GUID_index_attribute);
305 if (guid_val == NULL) {
306 ldb_asprintf_errstring(ldb_module_get_ctx(module),
307 "Did not find GUID attribute %s "
308 "in %s, required for TDB record "
309 "key in " LTDB_IDXGUID " mode.",
310 ltdb->cache->GUID_index_attribute,
311 ldb_dn_get_linearized(msg->dn));
318 /* In this case, allocate with talloc */
319 key.dptr = talloc_size(mem_ctx, LTDB_GUID_KEY_SIZE);
320 if (key.dptr == NULL) {
326 key.dsize = talloc_get_size(key.dptr);
328 ret = ltdb_guid_to_key(module, ltdb, guid_val, &key);
330 if (ret != LDB_SUCCESS) {
340 check special dn's have valid attributes
341 currently only @ATTRIBUTES is checked
343 static int ltdb_check_special_dn(struct ldb_module *module,
344 const struct ldb_message *msg)
346 struct ldb_context *ldb = ldb_module_get_ctx(module);
349 if (! ldb_dn_is_special(msg->dn) ||
350 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
354 /* we have @ATTRIBUTES, let's check attributes are fine */
355 /* should we check that we deny multivalued attributes ? */
356 for (i = 0; i < msg->num_elements; i++) {
357 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
359 for (j = 0; j < msg->elements[i].num_values; j++) {
360 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
361 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
362 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
372 we've made a modification to a dn - possibly reindex and
373 update sequence number
375 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
377 int ret = LDB_SUCCESS;
378 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
380 /* only allow modifies inside a transaction, otherwise the
382 if (ltdb->in_transaction == 0) {
383 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
384 return LDB_ERR_OPERATIONS_ERROR;
387 if (ldb_dn_is_special(dn) &&
388 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
389 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
391 if (ltdb->warn_reindex) {
392 ldb_debug(ldb_module_get_ctx(module),
393 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
394 ltdb->kv_ops->name(ltdb), ldb_dn_get_linearized(dn));
396 ret = ltdb_reindex(module);
399 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
400 if (ret == LDB_SUCCESS &&
401 !(ldb_dn_is_special(dn) &&
402 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
403 ret = ltdb_increase_sequence_number(module);
406 /* If the modify was to @OPTIONS, reload the cache */
407 if (ret == LDB_SUCCESS &&
408 ldb_dn_is_special(dn) &&
409 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
410 ret = ltdb_cache_reload(module);
416 static int ltdb_tdb_store(struct ltdb_private *ltdb, TDB_DATA key, TDB_DATA data, int flags)
418 return tdb_store(ltdb->tdb, key, data, flags);
421 static int ltdb_error(struct ltdb_private *ltdb)
423 return ltdb_err_map(tdb_error(ltdb->tdb));
426 static const char *ltdb_errorstr(struct ltdb_private *ltdb)
428 return tdb_errorstr(ltdb->tdb);
432 store a record into the db
434 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
436 void *data = ldb_module_get_private(module);
437 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
438 TDB_DATA tdb_key, tdb_data;
439 struct ldb_val ldb_data;
440 int ret = LDB_SUCCESS;
441 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
443 if (tdb_key_ctx == NULL) {
444 return ldb_module_oom(module);
447 if (ltdb->read_only) {
448 return LDB_ERR_UNWILLING_TO_PERFORM;
451 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
452 if (tdb_key.dptr == NULL) {
453 TALLOC_FREE(tdb_key_ctx);
454 return LDB_ERR_OTHER;
457 ret = ldb_pack_data(ldb_module_get_ctx(module),
460 TALLOC_FREE(tdb_key_ctx);
461 return LDB_ERR_OTHER;
464 tdb_data.dptr = ldb_data.data;
465 tdb_data.dsize = ldb_data.length;
467 ret = ltdb->kv_ops->store(ltdb, tdb_key, tdb_data, flgs);
469 bool is_special = ldb_dn_is_special(msg->dn);
470 ret = ltdb->kv_ops->error(ltdb);
473 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
474 * the GUID, so re-map
476 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
478 && ltdb->cache->GUID_index_attribute != NULL) {
479 ret = LDB_ERR_CONSTRAINT_VIOLATION;
485 TALLOC_FREE(tdb_key_ctx);
486 talloc_free(ldb_data.data);
493 check if a attribute is a single valued, for a given element
495 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
496 struct ldb_message_element *el)
498 if (!a) return false;
500 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
501 /* override from a ldb module, for example
502 used for the description field, which is
503 marked multi-valued in the schema but which
504 should not actually accept multiple
508 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
509 /* override from a ldb module, for example used for
510 deleted linked attribute entries */
514 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
520 static int ltdb_add_internal(struct ldb_module *module,
521 struct ltdb_private *ltdb,
522 const struct ldb_message *msg,
523 bool check_single_value)
525 struct ldb_context *ldb = ldb_module_get_ctx(module);
526 int ret = LDB_SUCCESS;
529 for (i=0;i<msg->num_elements;i++) {
530 struct ldb_message_element *el = &msg->elements[i];
531 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
533 if (el->num_values == 0) {
534 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
535 el->name, ldb_dn_get_linearized(msg->dn));
536 return LDB_ERR_CONSTRAINT_VIOLATION;
538 if (check_single_value &&
539 el->num_values > 1 &&
540 ldb_tdb_single_valued(a, el)) {
541 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
542 el->name, ldb_dn_get_linearized(msg->dn));
543 return LDB_ERR_CONSTRAINT_VIOLATION;
546 /* Do not check "@ATTRIBUTES" for duplicated values */
547 if (ldb_dn_is_special(msg->dn) &&
548 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
552 if (check_single_value &&
554 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
555 struct ldb_val *duplicate = NULL;
557 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
559 if (ret != LDB_SUCCESS) {
562 if (duplicate != NULL) {
563 ldb_asprintf_errstring(
565 "attribute '%s': value '%.*s' on '%s' "
566 "provided more than once in ADD object",
568 (int)duplicate->length,
570 ldb_dn_get_linearized(msg->dn));
571 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
576 ret = ltdb_store(module, msg, TDB_INSERT);
577 if (ret != LDB_SUCCESS) {
579 * Try really hard to get the right error code for
580 * a re-add situation, as this can matter!
582 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
584 struct ldb_dn *dn2 = NULL;
585 TALLOC_CTX *mem_ctx = talloc_new(module);
586 if (mem_ctx == NULL) {
587 return ldb_module_operr(module);
589 ret2 = ltdb_search_base(module, module,
591 TALLOC_FREE(mem_ctx);
592 if (ret2 == LDB_SUCCESS) {
593 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
596 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
597 ldb_asprintf_errstring(ldb,
598 "Entry %s already exists",
599 ldb_dn_get_linearized(msg->dn));
604 ret = ltdb_index_add_new(module, ltdb, msg);
605 if (ret != LDB_SUCCESS) {
607 * If we failed to index, delete the message again.
609 * This is particularly important for the GUID index
610 * case, which will only fail for a duplicate DN
613 * Note that the caller may not cancel the transation
614 * and this means the above add might really show up!
616 ltdb_delete_noindex(module, msg);
620 ret = ltdb_modified(module, msg->dn);
626 add a record to the database
628 static int ltdb_add(struct ltdb_context *ctx)
630 struct ldb_module *module = ctx->module;
631 struct ldb_request *req = ctx->req;
632 void *data = ldb_module_get_private(module);
633 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
634 int ret = LDB_SUCCESS;
636 ret = ltdb_check_special_dn(module, req->op.add.message);
637 if (ret != LDB_SUCCESS) {
641 ldb_request_set_state(req, LDB_ASYNC_PENDING);
643 if (ltdb_cache_load(module) != 0) {
644 return LDB_ERR_OPERATIONS_ERROR;
647 ret = ltdb_add_internal(module, ltdb,
648 req->op.add.message, true);
653 static int ltdb_tdb_delete(struct ltdb_private *ltdb, TDB_DATA tdb_key)
655 return tdb_delete(ltdb->tdb, tdb_key);
659 delete a record from the database, not updating indexes (used for deleting
662 int ltdb_delete_noindex(struct ldb_module *module,
663 const struct ldb_message *msg)
665 void *data = ldb_module_get_private(module);
666 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
669 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
671 if (tdb_key_ctx == NULL) {
672 return ldb_module_oom(module);
675 if (ltdb->read_only) {
676 return LDB_ERR_UNWILLING_TO_PERFORM;
679 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
681 TALLOC_FREE(tdb_key_ctx);
682 return LDB_ERR_OTHER;
685 ret = ltdb->kv_ops->delete(ltdb, tdb_key);
686 TALLOC_FREE(tdb_key_ctx);
689 ret = ltdb->kv_ops->error(ltdb);
695 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
697 struct ldb_message *msg;
698 int ret = LDB_SUCCESS;
700 msg = ldb_msg_new(module);
702 return LDB_ERR_OPERATIONS_ERROR;
705 /* in case any attribute of the message was indexed, we need
706 to fetch the old record */
707 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
708 if (ret != LDB_SUCCESS) {
709 /* not finding the old record is an error */
713 ret = ltdb_delete_noindex(module, msg);
714 if (ret != LDB_SUCCESS) {
718 /* remove any indexed attributes */
719 ret = ltdb_index_delete(module, msg);
720 if (ret != LDB_SUCCESS) {
724 ret = ltdb_modified(module, dn);
725 if (ret != LDB_SUCCESS) {
735 delete a record from the database
737 static int ltdb_delete(struct ltdb_context *ctx)
739 struct ldb_module *module = ctx->module;
740 struct ldb_request *req = ctx->req;
741 int ret = LDB_SUCCESS;
743 ldb_request_set_state(req, LDB_ASYNC_PENDING);
745 if (ltdb_cache_load(module) != 0) {
746 return LDB_ERR_OPERATIONS_ERROR;
749 ret = ltdb_delete_internal(module, req->op.del.dn);
755 find an element by attribute name. At the moment this does a linear search,
756 it should be re-coded to use a binary search once all places that modify
757 records guarantee sorted order
759 return the index of the first matching element if found, otherwise -1
761 static int find_element(const struct ldb_message *msg, const char *name)
764 for (i=0;i<msg->num_elements;i++) {
765 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
774 add an element to an existing record. Assumes a elements array that we
775 can call re-alloc on, and assumed that we can re-use the data pointers from
776 the passed in additional values. Use with care!
778 returns 0 on success, -1 on failure (and sets errno)
780 static int ltdb_msg_add_element(struct ldb_message *msg,
781 struct ldb_message_element *el)
783 struct ldb_message_element *e2;
786 if (el->num_values == 0) {
787 /* nothing to do here - we don't add empty elements */
791 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
792 msg->num_elements+1);
800 e2 = &msg->elements[msg->num_elements];
803 e2->flags = el->flags;
804 e2->values = talloc_array(msg->elements,
805 struct ldb_val, el->num_values);
810 for (i=0;i<el->num_values;i++) {
811 e2->values[i] = el->values[i];
813 e2->num_values = el->num_values;
821 delete all elements having a specified attribute name
823 static int msg_delete_attribute(struct ldb_module *module,
824 struct ltdb_private *ltdb,
825 struct ldb_message *msg, const char *name)
829 struct ldb_message_element *el;
830 bool is_special = ldb_dn_is_special(msg->dn);
833 && ltdb->cache->GUID_index_attribute != NULL
834 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
835 struct ldb_context *ldb = ldb_module_get_ctx(module);
836 ldb_asprintf_errstring(ldb, "Must not modify GUID "
837 "attribute %s (used as DB index)",
838 ltdb->cache->GUID_index_attribute);
839 return LDB_ERR_CONSTRAINT_VIOLATION;
842 el = ldb_msg_find_element(msg, name);
844 return LDB_ERR_NO_SUCH_ATTRIBUTE;
846 i = el - msg->elements;
848 ret = ltdb_index_del_element(module, ltdb, msg, el);
849 if (ret != LDB_SUCCESS) {
853 talloc_free(el->values);
854 if (msg->num_elements > (i+1)) {
855 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
858 msg->elements = talloc_realloc(msg, msg->elements,
859 struct ldb_message_element,
865 delete all elements matching an attribute name/value
867 return LDB Error on failure
869 static int msg_delete_element(struct ldb_module *module,
870 struct ltdb_private *ltdb,
871 struct ldb_message *msg,
873 const struct ldb_val *val)
875 struct ldb_context *ldb = ldb_module_get_ctx(module);
878 struct ldb_message_element *el;
879 const struct ldb_schema_attribute *a;
881 found = find_element(msg, name);
883 return LDB_ERR_NO_SUCH_ATTRIBUTE;
886 i = (unsigned int) found;
887 el = &(msg->elements[i]);
889 a = ldb_schema_attribute_by_name(ldb, el->name);
891 for (i=0;i<el->num_values;i++) {
893 if (a->syntax->operator_fn) {
894 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
895 &el->values[i], val, &matched);
896 if (ret != LDB_SUCCESS) return ret;
898 matched = (a->syntax->comparison_fn(ldb, ldb,
899 &el->values[i], val) == 0);
902 if (el->num_values == 1) {
903 return msg_delete_attribute(module,
907 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
908 if (ret != LDB_SUCCESS) {
912 if (i<el->num_values-1) {
913 memmove(&el->values[i], &el->values[i+1],
914 sizeof(el->values[i])*
915 (el->num_values-(i+1)));
919 /* per definition we find in a canonicalised message an
920 attribute value only once. So we are finished here */
926 return LDB_ERR_NO_SUCH_ATTRIBUTE;
931 modify a record - internal interface
933 yuck - this is O(n^2). Luckily n is usually small so we probably
934 get away with it, but if we ever have really large attribute lists
935 then we'll need to look at this again
937 'req' is optional, and is used to specify controls if supplied
939 int ltdb_modify_internal(struct ldb_module *module,
940 const struct ldb_message *msg,
941 struct ldb_request *req)
943 struct ldb_context *ldb = ldb_module_get_ctx(module);
944 void *data = ldb_module_get_private(module);
945 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
946 struct ldb_message *msg2;
948 int ret = LDB_SUCCESS, idx;
949 struct ldb_control *control_permissive = NULL;
950 TALLOC_CTX *mem_ctx = talloc_new(req);
952 if (mem_ctx == NULL) {
953 return ldb_module_oom(module);
957 control_permissive = ldb_request_get_control(req,
958 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
961 msg2 = ldb_msg_new(mem_ctx);
967 ret = ltdb_search_dn1(module, msg->dn,
969 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
970 if (ret != LDB_SUCCESS) {
974 for (i=0; i<msg->num_elements; i++) {
975 struct ldb_message_element *el = &msg->elements[i], *el2;
976 struct ldb_val *vals;
977 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
979 uint32_t options = 0;
980 if (control_permissive != NULL) {
981 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
984 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
985 case LDB_FLAG_MOD_ADD:
987 if (el->num_values == 0) {
988 ldb_asprintf_errstring(ldb,
989 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
990 el->name, ldb_dn_get_linearized(msg2->dn));
991 ret = LDB_ERR_CONSTRAINT_VIOLATION;
995 /* make a copy of the array so that a permissive
996 * control can remove duplicates without changing the
997 * original values, but do not copy data as we do not
998 * need to keep it around once the operation is
1000 if (control_permissive) {
1001 el = talloc(msg2, struct ldb_message_element);
1003 ret = LDB_ERR_OTHER;
1006 *el = msg->elements[i];
1007 el->values = talloc_array(el, struct ldb_val, el->num_values);
1008 if (el->values == NULL) {
1009 ret = LDB_ERR_OTHER;
1012 for (j = 0; j < el->num_values; j++) {
1013 el->values[j] = msg->elements[i].values[j];
1017 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1018 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1019 el->name, ldb_dn_get_linearized(msg2->dn));
1020 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1024 /* Checks if element already exists */
1025 idx = find_element(msg2, el->name);
1027 if (ltdb_msg_add_element(msg2, el) != 0) {
1028 ret = LDB_ERR_OTHER;
1031 ret = ltdb_index_add_element(module, ltdb,
1034 if (ret != LDB_SUCCESS) {
1038 j = (unsigned int) idx;
1039 el2 = &(msg2->elements[j]);
1041 /* We cannot add another value on a existing one
1042 if the attribute is single-valued */
1043 if (ldb_tdb_single_valued(a, el)) {
1044 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1045 el->name, ldb_dn_get_linearized(msg2->dn));
1046 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1050 /* Check that values don't exist yet on multi-
1051 valued attributes or aren't provided twice */
1053 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1054 struct ldb_val *duplicate = NULL;
1055 ret = ldb_msg_find_common_values(ldb,
1062 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1063 ldb_asprintf_errstring(ldb,
1064 "attribute '%s': value "
1065 "#%u on '%s' already "
1066 "exists", el->name, j,
1067 ldb_dn_get_linearized(msg2->dn));
1069 } else if (ret != LDB_SUCCESS) {
1073 ret = ldb_msg_find_duplicate_val(
1074 ldb, msg2, el, &duplicate, 0);
1075 if (ret != LDB_SUCCESS) {
1078 if (duplicate != NULL) {
1079 ldb_asprintf_errstring(
1081 "attribute '%s': value "
1083 "provided more than "
1086 (int)duplicate->length,
1088 ldb_dn_get_linearized(msg->dn));
1089 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1094 /* Now combine existing and new values to a new
1096 vals = talloc_realloc(msg2->elements,
1097 el2->values, struct ldb_val,
1098 el2->num_values + el->num_values);
1101 ret = LDB_ERR_OTHER;
1105 for (j=0; j<el->num_values; j++) {
1106 vals[el2->num_values + j] =
1107 ldb_val_dup(vals, &el->values[j]);
1111 el2->num_values += el->num_values;
1113 ret = ltdb_index_add_element(module, ltdb,
1115 if (ret != LDB_SUCCESS) {
1122 case LDB_FLAG_MOD_REPLACE:
1124 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1125 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1126 el->name, ldb_dn_get_linearized(msg2->dn));
1127 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1132 * We don't need to check this if we have been
1133 * pre-screened by the repl_meta_data module
1134 * in Samba, or someone else who can claim to
1135 * know what they are doing.
1137 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1138 struct ldb_val *duplicate = NULL;
1140 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1142 if (ret != LDB_SUCCESS) {
1145 if (duplicate != NULL) {
1146 ldb_asprintf_errstring(
1148 "attribute '%s': value '%.*s' "
1149 "on '%s' provided more than "
1152 (int)duplicate->length,
1154 ldb_dn_get_linearized(msg2->dn));
1155 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1160 /* Checks if element already exists */
1161 idx = find_element(msg2, el->name);
1163 j = (unsigned int) idx;
1164 el2 = &(msg2->elements[j]);
1166 /* we consider two elements to be
1167 * equal only if the order
1168 * matches. This allows dbcheck to
1169 * fix the ordering on attributes
1170 * where order matters, such as
1173 if (ldb_msg_element_equal_ordered(el, el2)) {
1177 /* Delete the attribute if it exists in the DB */
1178 if (msg_delete_attribute(module, ltdb,
1181 ret = LDB_ERR_OTHER;
1186 /* Recreate it with the new values */
1187 if (ltdb_msg_add_element(msg2, el) != 0) {
1188 ret = LDB_ERR_OTHER;
1192 ret = ltdb_index_add_element(module, ltdb,
1194 if (ret != LDB_SUCCESS) {
1200 case LDB_FLAG_MOD_DELETE:
1201 dn = ldb_dn_get_linearized(msg2->dn);
1203 ret = LDB_ERR_OTHER;
1207 if (msg->elements[i].num_values == 0) {
1208 /* Delete the whole attribute */
1209 ret = msg_delete_attribute(module,
1212 msg->elements[i].name);
1213 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1214 control_permissive) {
1217 ldb_asprintf_errstring(ldb,
1218 "attribute '%s': no such attribute for delete on '%s'",
1219 msg->elements[i].name, dn);
1221 if (ret != LDB_SUCCESS) {
1225 /* Delete specified values from an attribute */
1226 for (j=0; j < msg->elements[i].num_values; j++) {
1227 ret = msg_delete_element(module,
1230 msg->elements[i].name,
1231 &msg->elements[i].values[j]);
1232 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1233 control_permissive) {
1235 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1236 ldb_asprintf_errstring(ldb,
1237 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1238 msg->elements[i].name, dn);
1240 if (ret != LDB_SUCCESS) {
1247 ldb_asprintf_errstring(ldb,
1248 "attribute '%s': invalid modify flags on '%s': 0x%x",
1249 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1250 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1251 ret = LDB_ERR_PROTOCOL_ERROR;
1256 ret = ltdb_store(module, msg2, TDB_MODIFY);
1257 if (ret != LDB_SUCCESS) {
1261 ret = ltdb_modified(module, msg2->dn);
1262 if (ret != LDB_SUCCESS) {
1267 TALLOC_FREE(mem_ctx);
1274 static int ltdb_modify(struct ltdb_context *ctx)
1276 struct ldb_module *module = ctx->module;
1277 struct ldb_request *req = ctx->req;
1278 int ret = LDB_SUCCESS;
1280 ret = ltdb_check_special_dn(module, req->op.mod.message);
1281 if (ret != LDB_SUCCESS) {
1285 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1287 if (ltdb_cache_load(module) != 0) {
1288 return LDB_ERR_OPERATIONS_ERROR;
1291 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1299 static int ltdb_rename(struct ltdb_context *ctx)
1301 struct ldb_module *module = ctx->module;
1302 void *data = ldb_module_get_private(module);
1303 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1304 struct ldb_request *req = ctx->req;
1305 struct ldb_message *msg;
1306 int ret = LDB_SUCCESS;
1307 TDB_DATA tdb_key, tdb_key_old;
1308 struct ldb_dn *db_dn;
1310 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1312 if (ltdb_cache_load(ctx->module) != 0) {
1313 return LDB_ERR_OPERATIONS_ERROR;
1316 msg = ldb_msg_new(ctx);
1318 return LDB_ERR_OPERATIONS_ERROR;
1321 /* we need to fetch the old record to re-add under the new name */
1322 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1323 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1324 if (ret != LDB_SUCCESS) {
1325 /* not finding the old record is an error */
1329 /* We need to, before changing the DB, check if the new DN
1330 * exists, so we can return this error to the caller with an
1333 * Even in GUID index mode we use ltdb_key_dn() as we are
1334 * trying to figure out if this is just a case rename
1336 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1337 if (!tdb_key.dptr) {
1339 return LDB_ERR_OPERATIONS_ERROR;
1342 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1343 if (!tdb_key_old.dptr) {
1345 talloc_free(tdb_key.dptr);
1346 return LDB_ERR_OPERATIONS_ERROR;
1350 * Only declare a conflict if the new DN already exists,
1351 * and it isn't a case change on the old DN
1353 if (tdb_key_old.dsize != tdb_key.dsize
1354 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1355 ret = ltdb_search_base(module, msg,
1356 req->op.rename.newdn,
1358 if (ret == LDB_SUCCESS) {
1359 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1360 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1365 /* finding the new record already in the DB is an error */
1367 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1368 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1369 "Entry %s already exists",
1370 ldb_dn_get_linearized(req->op.rename.newdn));
1372 if (ret != LDB_SUCCESS) {
1373 talloc_free(tdb_key_old.dptr);
1374 talloc_free(tdb_key.dptr);
1379 talloc_free(tdb_key_old.dptr);
1380 talloc_free(tdb_key.dptr);
1382 /* Always delete first then add, to avoid conflicts with
1383 * unique indexes. We rely on the transaction to make this
1386 ret = ltdb_delete_internal(module, msg->dn);
1387 if (ret != LDB_SUCCESS) {
1392 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1393 if (msg->dn == NULL) {
1395 return LDB_ERR_OPERATIONS_ERROR;
1398 /* We don't check single value as we can have more than 1 with
1399 * deleted attributes. We could go through all elements but that's
1400 * maybe not the most efficient way
1402 ret = ltdb_add_internal(module, ltdb, msg, false);
1409 static int ltdb_tdb_transaction_start(struct ltdb_private *ltdb)
1411 return tdb_transaction_start(ltdb->tdb);
1414 static int ltdb_tdb_transaction_cancel(struct ltdb_private *ltdb)
1416 return tdb_transaction_cancel(ltdb->tdb);
1419 static int ltdb_tdb_transaction_prepare_commit(struct ltdb_private *ltdb)
1421 return tdb_transaction_prepare_commit(ltdb->tdb);
1424 static int ltdb_tdb_transaction_commit(struct ltdb_private *ltdb)
1426 return tdb_transaction_commit(ltdb->tdb);
1429 static int ltdb_start_trans(struct ldb_module *module)
1431 void *data = ldb_module_get_private(module);
1432 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1434 /* Do not take out the transaction lock on a read-only DB */
1435 if (ltdb->read_only) {
1436 return LDB_ERR_UNWILLING_TO_PERFORM;
1439 if (ltdb->kv_ops->begin_write(ltdb) != 0) {
1440 return ltdb->kv_ops->error(ltdb);
1443 ltdb->in_transaction++;
1445 ltdb_index_transaction_start(module);
1450 static int ltdb_prepare_commit(struct ldb_module *module)
1453 void *data = ldb_module_get_private(module);
1454 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1456 if (ltdb->in_transaction != 1) {
1460 ret = ltdb_index_transaction_commit(module);
1461 if (ret != LDB_SUCCESS) {
1462 ltdb->kv_ops->abort_write(ltdb);
1463 ltdb->in_transaction--;
1467 if (ltdb->kv_ops->prepare_write(ltdb) != 0) {
1468 ret = ltdb->kv_ops->error(ltdb);
1469 ltdb->in_transaction--;
1470 ldb_debug_set(ldb_module_get_ctx(module),
1473 "prepare_write): %s -> %s",
1474 ltdb->kv_ops->errorstr(ltdb),
1479 ltdb->prepared_commit = true;
1484 static int ltdb_end_trans(struct ldb_module *module)
1487 void *data = ldb_module_get_private(module);
1488 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1490 if (!ltdb->prepared_commit) {
1491 ret = ltdb_prepare_commit(module);
1492 if (ret != LDB_SUCCESS) {
1497 ltdb->in_transaction--;
1498 ltdb->prepared_commit = false;
1500 if (ltdb->kv_ops->finish_write(ltdb) != 0) {
1501 ret = ltdb->kv_ops->error(ltdb);
1502 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1503 "Failure during tdb_transaction_commit(): %s -> %s",
1504 ltdb->kv_ops->errorstr(ltdb),
1512 static int ltdb_del_trans(struct ldb_module *module)
1514 void *data = ldb_module_get_private(module);
1515 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1517 ltdb->in_transaction--;
1519 if (ltdb_index_transaction_cancel(module) != 0) {
1520 ltdb->kv_ops->abort_write(ltdb);
1521 return ltdb->kv_ops->error(ltdb);
1524 ltdb->kv_ops->abort_write(ltdb);
1529 return sequenceNumber from @BASEINFO
1531 static int ltdb_sequence_number(struct ltdb_context *ctx,
1532 struct ldb_extended **ext)
1534 struct ldb_context *ldb;
1535 struct ldb_module *module = ctx->module;
1536 struct ldb_request *req = ctx->req;
1537 void *data = ldb_module_get_private(module);
1538 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1539 TALLOC_CTX *tmp_ctx = NULL;
1540 struct ldb_seqnum_request *seq;
1541 struct ldb_seqnum_result *res;
1542 struct ldb_message *msg = NULL;
1545 int ret = LDB_SUCCESS;
1547 ldb = ldb_module_get_ctx(module);
1549 seq = talloc_get_type(req->op.extended.data,
1550 struct ldb_seqnum_request);
1552 return LDB_ERR_OPERATIONS_ERROR;
1555 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1557 if (ltdb->kv_ops->lock_read(module) != 0) {
1558 return LDB_ERR_OPERATIONS_ERROR;
1561 res = talloc_zero(req, struct ldb_seqnum_result);
1563 ret = LDB_ERR_OPERATIONS_ERROR;
1567 tmp_ctx = talloc_new(req);
1568 if (tmp_ctx == NULL) {
1569 ret = LDB_ERR_OPERATIONS_ERROR;
1573 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1575 ret = LDB_ERR_OPERATIONS_ERROR;
1579 msg = ldb_msg_new(tmp_ctx);
1581 ret = LDB_ERR_OPERATIONS_ERROR;
1585 ret = ltdb_search_dn1(module, dn, msg, 0);
1586 if (ret != LDB_SUCCESS) {
1590 switch (seq->type) {
1591 case LDB_SEQ_HIGHEST_SEQ:
1592 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1595 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1598 case LDB_SEQ_HIGHEST_TIMESTAMP:
1599 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1601 res->seq_num = ldb_string_to_time(date);
1604 /* zero is as good as anything when we don't know */
1609 *ext = talloc_zero(req, struct ldb_extended);
1611 ret = LDB_ERR_OPERATIONS_ERROR;
1614 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1615 (*ext)->data = talloc_steal(*ext, res);
1618 talloc_free(tmp_ctx);
1620 ltdb->kv_ops->unlock_read(module);
1624 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1626 struct ldb_context *ldb;
1627 struct ldb_request *req;
1628 struct ldb_reply *ares;
1630 ldb = ldb_module_get_ctx(ctx->module);
1633 /* if we already returned an error just return */
1634 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1638 ares = talloc_zero(req, struct ldb_reply);
1641 req->callback(req, NULL);
1644 ares->type = LDB_REPLY_DONE;
1645 ares->error = error;
1647 req->callback(req, ares);
1650 static void ltdb_timeout(struct tevent_context *ev,
1651 struct tevent_timer *te,
1655 struct ltdb_context *ctx;
1656 ctx = talloc_get_type(private_data, struct ltdb_context);
1658 if (!ctx->request_terminated) {
1659 /* request is done now */
1660 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1664 /* neutralize the spy */
1665 ctx->spy->ctx = NULL;
1671 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1672 struct ldb_extended *ext,
1675 struct ldb_context *ldb;
1676 struct ldb_request *req;
1677 struct ldb_reply *ares;
1679 ldb = ldb_module_get_ctx(ctx->module);
1682 /* if we already returned an error just return */
1683 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1687 ares = talloc_zero(req, struct ldb_reply);
1690 req->callback(req, NULL);
1693 ares->type = LDB_REPLY_DONE;
1694 ares->response = ext;
1695 ares->error = error;
1697 req->callback(req, ares);
1700 static void ltdb_handle_extended(struct ltdb_context *ctx)
1702 struct ldb_extended *ext = NULL;
1705 if (strcmp(ctx->req->op.extended.oid,
1706 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1707 /* get sequence number */
1708 ret = ltdb_sequence_number(ctx, &ext);
1710 /* not recognized */
1711 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1714 ltdb_request_extended_done(ctx, ext, ret);
1717 static const char * ltdb_tdb_name(struct ltdb_private *ltdb)
1719 return tdb_name(ltdb->tdb);
1722 static bool ltdb_tdb_changed(struct ltdb_private *ltdb)
1724 bool ret = (tdb_get_seqnum(ltdb->tdb) != ltdb->tdb_seqnum);
1726 ltdb->tdb_seqnum = tdb_get_seqnum(ltdb->tdb);
1731 static const struct kv_db_ops key_value_ops = {
1732 .store = ltdb_tdb_store,
1733 .delete = ltdb_tdb_delete,
1734 .lock_read = ltdb_lock_read,
1735 .unlock_read = ltdb_unlock_read,
1736 .begin_write = ltdb_tdb_transaction_start,
1737 .prepare_write = ltdb_tdb_transaction_prepare_commit,
1738 .finish_write = ltdb_tdb_transaction_commit,
1739 .abort_write = ltdb_tdb_transaction_cancel,
1740 .error = ltdb_error,
1741 .errorstr = ltdb_errorstr,
1742 .name = ltdb_tdb_name,
1743 .has_changed = ltdb_tdb_changed,
1746 static void ltdb_callback(struct tevent_context *ev,
1747 struct tevent_timer *te,
1751 struct ltdb_context *ctx;
1754 ctx = talloc_get_type(private_data, struct ltdb_context);
1756 if (ctx->request_terminated) {
1760 switch (ctx->req->operation) {
1762 ret = ltdb_search(ctx);
1765 ret = ltdb_add(ctx);
1768 ret = ltdb_modify(ctx);
1771 ret = ltdb_delete(ctx);
1774 ret = ltdb_rename(ctx);
1777 ltdb_handle_extended(ctx);
1780 /* no other op supported */
1781 ret = LDB_ERR_PROTOCOL_ERROR;
1784 if (!ctx->request_terminated) {
1785 /* request is done now */
1786 ltdb_request_done(ctx, ret);
1791 /* neutralize the spy */
1792 ctx->spy->ctx = NULL;
1798 static int ltdb_request_destructor(void *ptr)
1800 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1802 if (spy->ctx != NULL) {
1803 spy->ctx->spy = NULL;
1804 spy->ctx->request_terminated = true;
1811 static int ltdb_handle_request(struct ldb_module *module,
1812 struct ldb_request *req)
1814 struct ldb_control *control_permissive;
1815 struct ldb_context *ldb;
1816 struct tevent_context *ev;
1817 struct ltdb_context *ac;
1818 struct tevent_timer *te;
1822 ldb = ldb_module_get_ctx(module);
1824 control_permissive = ldb_request_get_control(req,
1825 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1827 for (i = 0; req->controls && req->controls[i]; i++) {
1828 if (req->controls[i]->critical &&
1829 req->controls[i] != control_permissive) {
1830 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1831 req->controls[i]->oid);
1832 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1836 if (req->starttime == 0 || req->timeout == 0) {
1837 ldb_set_errstring(ldb, "Invalid timeout settings");
1838 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1841 ev = ldb_handle_get_event_context(req->handle);
1843 ac = talloc_zero(ldb, struct ltdb_context);
1846 return LDB_ERR_OPERATIONS_ERROR;
1849 ac->module = module;
1854 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1857 return LDB_ERR_OPERATIONS_ERROR;
1860 if (req->timeout > 0) {
1861 tv.tv_sec = req->starttime + req->timeout;
1863 ac->timeout_event = tevent_add_timer(ev, ac, tv,
1865 if (NULL == ac->timeout_event) {
1867 return LDB_ERR_OPERATIONS_ERROR;
1871 /* set a spy so that we do not try to use the request context
1872 * if it is freed before ltdb_callback fires */
1873 ac->spy = talloc(req, struct ltdb_req_spy);
1874 if (NULL == ac->spy) {
1876 return LDB_ERR_OPERATIONS_ERROR;
1880 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1885 static int ltdb_init_rootdse(struct ldb_module *module)
1887 /* ignore errors on this - we expect it for non-sam databases */
1888 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1890 /* there can be no module beyond the backend, just return */
1895 static int generic_lock_read(struct ldb_module *module)
1897 void *data = ldb_module_get_private(module);
1898 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1899 return ltdb->kv_ops->lock_read(module);
1902 static int generic_unlock_read(struct ldb_module *module)
1904 void *data = ldb_module_get_private(module);
1905 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1906 return ltdb->kv_ops->unlock_read(module);
1909 static const struct ldb_module_ops ltdb_ops = {
1911 .init_context = ltdb_init_rootdse,
1912 .search = ltdb_handle_request,
1913 .add = ltdb_handle_request,
1914 .modify = ltdb_handle_request,
1915 .del = ltdb_handle_request,
1916 .rename = ltdb_handle_request,
1917 .extended = ltdb_handle_request,
1918 .start_transaction = ltdb_start_trans,
1919 .end_transaction = ltdb_end_trans,
1920 .prepare_commit = ltdb_prepare_commit,
1921 .del_transaction = ltdb_del_trans,
1922 .read_lock = generic_lock_read,
1923 .read_unlock = generic_unlock_read,
1926 int init_store(struct ltdb_private *ltdb,
1928 struct ldb_context *ldb,
1929 const char *options[],
1930 struct ldb_module **_module)
1932 struct ldb_module *module;
1934 if (getenv("LDB_WARN_UNINDEXED")) {
1935 ltdb->warn_unindexed = true;
1938 if (getenv("LDB_WARN_REINDEX")) {
1939 ltdb->warn_reindex = true;
1942 ltdb->sequence_number = 0;
1944 module = ldb_module_new(ldb, ldb, name, <db_ops);
1948 return LDB_ERR_OPERATIONS_ERROR;
1950 ldb_module_set_private(module, ltdb);
1951 talloc_steal(module, ltdb);
1953 if (ltdb_cache_load(module) != 0) {
1954 ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
1955 "records for backend '%s'", name);
1956 talloc_free(module);
1957 return LDB_ERR_OPERATIONS_ERROR;
1962 * Set the maximum key length
1965 const char *len_str =
1966 ldb_options_find(ldb, options,
1967 "max_key_len_for_self_test");
1968 if (len_str != NULL) {
1969 unsigned len = strtoul(len_str, NULL, 0);
1970 ltdb->max_key_length = len;
1978 connect to the database
1980 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1981 unsigned int flags, const char *options[],
1982 struct ldb_module **_module)
1985 int tdb_flags, open_flags;
1986 struct ltdb_private *ltdb;
1989 * We hold locks, so we must use a private event context
1990 * on each returned handle
1992 ldb_set_require_private_event_context(ldb);
1995 if (strchr(url, ':')) {
1996 if (strncmp(url, "tdb://", 6) != 0) {
1997 ldb_debug(ldb, LDB_DEBUG_ERROR,
1998 "Invalid tdb URL '%s'", url);
1999 return LDB_ERR_OPERATIONS_ERROR;
2006 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
2008 /* check for the 'nosync' option */
2009 if (flags & LDB_FLG_NOSYNC) {
2010 tdb_flags |= TDB_NOSYNC;
2013 /* and nommap option */
2014 if (flags & LDB_FLG_NOMMAP) {
2015 tdb_flags |= TDB_NOMMAP;
2018 ltdb = talloc_zero(ldb, struct ltdb_private);
2021 return LDB_ERR_OPERATIONS_ERROR;
2024 if (flags & LDB_FLG_RDONLY) {
2026 * This is weird, but because we can only have one tdb
2027 * in this process, and the other one could be
2028 * read-write, we can't use the tdb readonly. Plus a
2029 * read only tdb prohibits the all-record lock.
2031 open_flags = O_RDWR;
2033 ltdb->read_only = true;
2035 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
2037 * This is used by ldbsearch to prevent creation of the database
2038 * if the name is wrong
2040 open_flags = O_RDWR;
2043 * This is the normal case
2045 open_flags = O_CREAT | O_RDWR;
2048 ltdb->kv_ops = &key_value_ops;
2050 /* note that we use quite a large default hash size */
2051 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
2052 tdb_flags, open_flags,
2053 ldb_get_create_perms(ldb), ldb);
2055 ldb_asprintf_errstring(ldb,
2056 "Unable to open tdb '%s': %s", path, strerror(errno));
2057 ldb_debug(ldb, LDB_DEBUG_ERROR,
2058 "Unable to open tdb '%s': %s", path, strerror(errno));
2060 if (errno == EACCES || errno == EPERM) {
2061 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
2063 return LDB_ERR_OPERATIONS_ERROR;
2066 return init_store(ltdb, "ldb_tdb backend", ldb, options, _module);
2069 int ldb_tdb_init(const char *version)
2071 LDB_MODULE_CHECK_VERSION(version);
2072 return ldb_register_backend("tdb", ltdb_connect, false);