2 ldb database library - ildap backend
4 Copyright (C) Andrew Tridgell 2005
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 2 of the License, or (at your option) any later version.
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 This is a ldb backend for the internal ldap client library in
27 Samba4. By using this backend we are independent of a system ldap
33 #include "ldb/include/ldb.h"
34 #include "ldb/include/ldb_private.h"
35 #include "libcli/ldap/ldap.h"
36 #include "libcli/ldap/ldap_client.h"
37 #include "lib/cmdline/popt_common.h"
40 struct ldap_connection *ldap;
42 struct ldb_message *rootDSE;
48 static int ildb_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
50 TALLOC_CTX *local_ctx;
51 struct ildb_private *ildb = module->private_data;
54 char *newrdn, *parentdn;
56 /* ignore ltdb specials */
57 if (ldb_dn_is_special(olddn) || ldb_dn_is_special(newdn)) {
61 local_ctx = talloc_named(ildb, 0, "ildb_rename local context");
62 if (local_ctx == NULL) {
66 old_dn = ldb_dn_linearize(local_ctx, olddn);
71 newrdn = talloc_asprintf(local_ctx, "%s=%s",
72 newdn->components[0].name,
73 ldb_dn_escape_value(ildb, newdn->components[0].value));
78 parentdn = ldb_dn_linearize(local_ctx, ldb_dn_get_parent(ildb, newdn));
79 if (parentdn == NULL) {
83 ildb->last_rc = ildap_rename(ildb->ldap, old_dn, newrdn, parentdn, True);
84 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
85 ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc)));
89 talloc_free(local_ctx);
93 talloc_free(local_ctx);
100 static int ildb_delete(struct ldb_module *module, const struct ldb_dn *dn)
102 struct ildb_private *ildb = module->private_data;
106 /* ignore ltdb specials */
107 if (ldb_dn_is_special(dn)) {
111 del_dn = ldb_dn_linearize(ildb, dn);
113 ildb->last_rc = ildap_delete(ildb->ldap, del_dn);
114 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
115 ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc)));
125 static void ildb_rootdse(struct ldb_module *module);
128 search for matching records
130 static int ildb_search(struct ldb_module *module, const struct ldb_dn *base,
131 enum ldb_scope scope, const char *expression,
132 const char * const *attrs, struct ldb_message ***res)
134 struct ildb_private *ildb = module->private_data;
136 struct ldap_message **ldapres, *msg;
139 if (scope == LDB_SCOPE_DEFAULT) {
140 scope = LDB_SCOPE_SUBTREE;
144 if (ildb->rootDSE == NULL) {
145 ildb_rootdse(module);
147 if (ildb->rootDSE != NULL) {
148 search_base = talloc_strdup(ildb,
149 ldb_msg_find_string(ildb->rootDSE,
150 "defaultNamingContext", ""));
152 search_base = talloc_strdup(ildb, "");
155 search_base = ldb_dn_linearize(ildb, base);
157 if (search_base == NULL) {
161 if (expression == NULL || expression[0] == '\0') {
162 expression = "objectClass=*";
165 ildb->last_rc = ildap_search(ildb->ldap, search_base, scope, expression, attrs,
167 talloc_free(search_base);
168 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
169 ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc)));
173 count = ildap_count_entries(ildb->ldap, ldapres);
174 if (count == -1 || count == 0) {
175 talloc_free(ldapres);
179 (*res) = talloc_array(ildb, struct ldb_message *, count+1);
181 talloc_free(ldapres);
187 /* loop over all messages */
188 for (i=0;i<count;i++) {
189 struct ldap_SearchResEntry *search;
192 search = &msg->r.SearchResultEntry;
194 (*res)[i] = talloc(*res, struct ldb_message);
200 (*res)[i]->dn = ldb_dn_explode((*res)[i], search->dn);
201 if ((*res)[i]->dn == NULL) {
204 (*res)[i]->num_elements = search->num_attributes;
205 (*res)[i]->elements = talloc_steal((*res)[i], search->attributes);
206 (*res)[i]->private_data = NULL;
209 talloc_free(ldapres);
214 if (*res) talloc_free(*res);
220 search for matching records using a ldb_parse_tree
222 static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
223 enum ldb_scope scope, struct ldb_parse_tree *tree,
224 const char * const *attrs, struct ldb_message ***res)
226 struct ildb_private *ildb = module->private_data;
230 expression = ldb_filter_from_tree(ildb, tree);
231 if (expression == NULL) {
234 ret = ildb_search(module, base, scope, expression, attrs, res);
235 talloc_free(expression);
241 convert a ldb_message structure to a list of ldap_mod structures
242 ready for ildap_add() or ildap_modify()
244 static struct ldap_mod **ildb_msg_to_mods(struct ldb_context *ldb,
245 const struct ldb_message *msg, int use_flags)
247 struct ldap_mod **mods;
251 /* allocate maximum number of elements needed */
252 mods = talloc_array(ldb, struct ldap_mod *, msg->num_elements+1);
259 for (i=0;i<msg->num_elements;i++) {
260 const struct ldb_message_element *el = &msg->elements[i];
262 mods[num_mods] = talloc(ldb, struct ldap_mod);
263 if (!mods[num_mods]) {
266 mods[num_mods+1] = NULL;
267 mods[num_mods]->type = 0;
268 mods[num_mods]->attrib = *el;
270 switch (el->flags & LDB_FLAG_MOD_MASK) {
271 case LDB_FLAG_MOD_ADD:
272 mods[num_mods]->type = LDAP_MODIFY_ADD;
274 case LDB_FLAG_MOD_DELETE:
275 mods[num_mods]->type = LDAP_MODIFY_DELETE;
277 case LDB_FLAG_MOD_REPLACE:
278 mods[num_mods]->type = LDAP_MODIFY_REPLACE;
296 static int ildb_add(struct ldb_module *module, const struct ldb_message *msg)
298 struct ldb_context *ldb = module->ldb;
299 struct ildb_private *ildb = module->private_data;
300 struct ldap_mod **mods;
304 /* ignore ltdb specials */
305 if (ldb_dn_is_special(msg->dn)) {
309 mods = ildb_msg_to_mods(ldb, msg, 0);
314 dn = ldb_dn_linearize(mods, msg->dn);
320 ildb->last_rc = ildap_add(ildb->ldap, dn, mods);
321 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
322 ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc)));
335 static int ildb_modify(struct ldb_module *module, const struct ldb_message *msg)
337 struct ldb_context *ldb = module->ldb;
338 struct ildb_private *ildb = module->private_data;
339 struct ldap_mod **mods;
343 /* ignore ltdb specials */
344 if (ldb_dn_is_special(msg->dn)) {
348 mods = ildb_msg_to_mods(ldb, msg, 1);
353 dn = ldb_dn_linearize(mods, msg->dn);
359 ildb->last_rc = ildap_modify(ildb->ldap, dn, mods);
360 if (!NT_STATUS_IS_OK(ildb->last_rc)) {
361 ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc)));
370 static int ildb_start_trans(struct ldb_module *module)
372 /* TODO implement a local locking mechanism here */
377 static int ildb_end_trans(struct ldb_module *module)
379 /* TODO implement a local transaction mechanism here */
384 static int ildb_del_trans(struct ldb_module *module)
386 /* TODO implement a local locking mechanism here */
391 static const struct ldb_module_ops ildb_ops = {
393 .search = ildb_search,
394 .search_bytree = ildb_search_bytree,
395 .add_record = ildb_add,
396 .modify_record = ildb_modify,
397 .delete_record = ildb_delete,
398 .rename_record = ildb_rename,
399 .start_transaction = ildb_start_trans,
400 .end_transaction = ildb_end_trans,
401 .del_transaction = ildb_del_trans
408 static void ildb_rootdse(struct ldb_module *module)
410 struct ildb_private *ildb = module->private_data;
411 struct ldb_message **res = NULL;
412 struct ldb_dn *empty_dn = ldb_dn_new(ildb);
414 ret = ildb_search(module, empty_dn, LDB_SCOPE_BASE, "dn=dc=rootDSE", NULL, &res);
416 ildb->rootDSE = talloc_steal(ildb, res[0]);
418 if (ret != -1) talloc_free(res);
419 talloc_free(empty_dn);
424 connect to the database
426 int ildb_connect(struct ldb_context *ldb, const char *url,
427 unsigned int flags, const char *options[])
429 struct ildb_private *ildb = NULL;
432 ildb = talloc(ldb, struct ildb_private);
438 ildb->rootDSE = NULL;
440 ildb->ldap = ldap_new_connection(ildb, ldb_get_opaque(ldb, "EventContext"));
446 status = ldap_connect(ildb->ldap, url);
447 if (!NT_STATUS_IS_OK(status)) {
448 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to connect to ldap URL '%s' - %s\n",
449 url, ldap_errstr(ildb->ldap, status));
453 ldb->modules = talloc(ldb, struct ldb_module);
458 ldb->modules->ldb = ldb;
459 ldb->modules->prev = ldb->modules->next = NULL;
460 ldb->modules->private_data = ildb;
461 ldb->modules->ops = &ildb_ops;
463 if (cmdline_credentials != NULL && cli_credentials_authentication_requested(cmdline_credentials)) {
464 status = ldap_bind_sasl(ildb->ldap, cmdline_credentials);
465 if (!NT_STATUS_IS_OK(status)) {
466 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
467 ldap_errstr(ildb->ldap, status));
476 ldb->modules->private_data = NULL;