source4/dsdb/repl/drepl_notify.c

   1 /*
   2    Unix SMB/CIFS mplementation.
   3
   4    DSDB replication service periodic notification handling
   5
   6    Copyright (C) Andrew Tridgell 2009
   7    based on drepl_periodic
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21
  22 */
  23
  24 #include "includes.h"
  25 #include "lib/events/events.h"
  26 #include "dsdb/samdb/samdb.h"
  27 #include "auth/auth.h"
  28 #include "smbd/service.h"
  29 #include "lib/messaging/irpc.h"
  30 #include "dsdb/repl/drepl_service.h"
  31 #include "lib/ldb/include/ldb_errors.h"
  32 #include "../lib/util/dlinklist.h"
  33 #include "librpc/gen_ndr/ndr_misc.h"
  34 #include "librpc/gen_ndr/ndr_drsuapi.h"
  35 #include "librpc/gen_ndr/ndr_drsblobs.h"
  36 #include "libcli/composite/composite.h"
  37 #include "../lib/util/tevent_ntstatus.h"
  38
  39
  40 struct dreplsrv_op_notify_state {
  41         struct dreplsrv_notify_operation *op;
  42 };
  43
  44 static void dreplsrv_op_notify_connect_done(struct tevent_req *subreq);
  45
  46 /*
  47   start the ReplicaSync async call
  48  */
  49 static struct tevent_req *dreplsrv_op_notify_send(TALLOC_CTX *mem_ctx,
  50                                                   struct tevent_context *ev,
  51                                                   struct dreplsrv_notify_operation *op)
  52 {
  53         struct tevent_req *req;
  54         struct dreplsrv_op_notify_state *state;
  55         struct tevent_req *subreq;
  56
  57         req = tevent_req_create(mem_ctx, &state,
  58                                 struct dreplsrv_op_notify_state);
  59         if (req == NULL) {
  60                 return NULL;
  61         }
  62         state->op = op;
  63
  64         subreq = dreplsrv_out_drsuapi_send(state,
  65                                            ev,
  66                                            op->source_dsa->conn);
  67         if (tevent_req_nomem(subreq, req)) {
  68                 return tevent_req_post(req, ev);
  69         }
  70         tevent_req_set_callback(subreq, dreplsrv_op_notify_connect_done, req);
  71
  72         return req;
  73 }
  74
  75 static void dreplsrv_op_notify_replica_sync_trigger(struct tevent_req *req);
  76
  77 static void dreplsrv_op_notify_connect_done(struct tevent_req *subreq)
  78 {
  79         struct tevent_req *req = tevent_req_callback_data(subreq,
  80                                                           struct tevent_req);
  81         NTSTATUS status;
  82
  83         status = dreplsrv_out_drsuapi_recv(subreq);
  84         TALLOC_FREE(subreq);
  85         if (tevent_req_nterror(req, status)) {
  86                 return;
  87         }
  88
  89         dreplsrv_op_notify_replica_sync_trigger(req);
  90 }
  91
  92 static void dreplsrv_op_notify_replica_sync_done(struct rpc_request *rreq);
  93
  94 static void dreplsrv_op_notify_replica_sync_trigger(struct tevent_req *req)
  95 {
  96         struct dreplsrv_op_notify_state *state =
  97                 tevent_req_data(req,
  98                 struct dreplsrv_op_notify_state);
  99         struct dreplsrv_partition *partition = state->op->source_dsa->partition;
 100         struct dreplsrv_drsuapi_connection *drsuapi = state->op->source_dsa->conn->drsuapi;
 101         struct rpc_request *rreq;
 102         struct drsuapi_DsReplicaSync *r;
 103
 104         r = talloc_zero(state, struct drsuapi_DsReplicaSync);
 105         if (tevent_req_nomem(r, req)) {
 106                 return;
 107         }
 108         r->in.bind_handle       = &drsuapi->bind_handle;
 109         r->in.level = 1;
 110         r->in.req.req1.naming_context = &partition->nc;
 111         r->in.req.req1.source_dsa_guid = state->op->service->ntds_guid;
 112         r->in.req.req1.options =
 113                 DRSUAPI_DRS_ASYNC_OP |
 114                 DRSUAPI_DRS_UPDATE_NOTIFICATION |
 115                 DRSUAPI_DRS_WRIT_REP;
 116
 117         if (state->op->is_urgent) {
 118                 r->in.req.req1.options |= DRSUAPI_DRS_SYNC_URGENT;
 119         }
 120
 121         rreq = dcerpc_drsuapi_DsReplicaSync_send(drsuapi->pipe, r, r);
 122         if (tevent_req_nomem(rreq, req)) {
 123                 return;
 124         }
 125         composite_continue_rpc(NULL, rreq, dreplsrv_op_notify_replica_sync_done, req);
 126 }
 127
 128 static void dreplsrv_op_notify_replica_sync_done(struct rpc_request *rreq)
 129 {
 130         struct tevent_req *req = talloc_get_type(rreq->async.private_data,
 131                                                  struct tevent_req);
 132         struct drsuapi_DsReplicaSync *r = talloc_get_type(rreq->ndr.struct_ptr,
 133                                                           struct drsuapi_DsReplicaSync);
 134         NTSTATUS status;
 135
 136         status = dcerpc_ndr_request_recv(rreq);
 137         if (tevent_req_nterror(req, status)) {
 138                 return;
 139         }
 140
 141         if (!W_ERROR_IS_OK(r->out.result)) {
 142                 status = werror_to_ntstatus(r->out.result);
 143                 tevent_req_nterror(req, status);
 144                 return;
 145         }
 146
 147         tevent_req_done(req);
 148 }
 149
 150 static NTSTATUS dreplsrv_op_notify_recv(struct tevent_req *req)
 151 {
 152         return tevent_req_simple_recv_ntstatus(req);
 153 }
 154
 155 static void dreplsrv_notify_del_repsTo(struct dreplsrv_notify_operation *op)
 156 {
 157         uint32_t count;
 158         struct repsFromToBlob *reps;
 159         WERROR werr;
 160         struct dreplsrv_service *s = op->service;
 161         int i;
 162
 163         werr = dsdb_loadreps(s->samdb, op, op->source_dsa->partition->dn, "repsTo", &reps, &count);
 164         if (!W_ERROR_IS_OK(werr)) {
 165                 DEBUG(0,(__location__ ": Failed to load repsTo for %s\n",
 166                          ldb_dn_get_linearized(op->source_dsa->partition->dn)));
 167                 return;
 168         }
 169
 170         for (i=0; i<count; i++) {
 171                 if (GUID_compare(&reps[i].ctr.ctr1.source_dsa_obj_guid,
 172                                  &op->source_dsa->repsFrom1->source_dsa_obj_guid) == 0) {
 173                         memmove(&reps[i], &reps[i+1],
 174                                 sizeof(reps[i])*(count-(i+1)));
 175                         count--;
 176                 }
 177         }
 178
 179         werr = dsdb_savereps(s->samdb, op, op->source_dsa->partition->dn, "repsTo", reps, count);
 180         if (!W_ERROR_IS_OK(werr)) {
 181                 DEBUG(0,(__location__ ": Failed to save repsTo for %s\n",
 182                          ldb_dn_get_linearized(op->source_dsa->partition->dn)));
 183                 return;
 184         }
 185 }
 186
 187 /*
 188   called when a notify operation has completed
 189  */
 190 static void dreplsrv_notify_op_callback(struct tevent_req *subreq)
 191 {
 192         struct dreplsrv_notify_operation *op =
 193                 tevent_req_callback_data(subreq,
 194                 struct dreplsrv_notify_operation);
 195         NTSTATUS status;
 196         struct dreplsrv_service *s = op->service;
 197
 198         status = dreplsrv_op_notify_recv(subreq);
 199         TALLOC_FREE(subreq);
 200         if (!NT_STATUS_IS_OK(status)) {
 201                 DEBUG(0,("dreplsrv_notify: Failed to send DsReplicaSync to %s for %s - %s\n",
 202                          op->source_dsa->repsFrom1->other_info->dns_name,
 203                          ldb_dn_get_linearized(op->source_dsa->partition->dn),
 204                          nt_errstr(status)));
 205         } else {
 206                 DEBUG(2,("dreplsrv_notify: DsReplicaSync OK for %s\n",
 207                          op->source_dsa->repsFrom1->other_info->dns_name));
 208                 op->source_dsa->notify_uSN = op->uSN;
 209                 /* delete the repsTo for this replication partner in the
 210                    partition, as we have successfully told him to sync */
 211                 dreplsrv_notify_del_repsTo(op);
 212         }
 213
 214         talloc_free(op);
 215         s->ops.n_current = NULL;
 216         dreplsrv_notify_run_ops(s);
 217 }
 218
 219 /*
 220   run any pending replica sync calls
 221  */
 222 void dreplsrv_notify_run_ops(struct dreplsrv_service *s)
 223 {
 224         struct dreplsrv_notify_operation *op;
 225         struct tevent_req *subreq;
 226
 227         if (s->ops.n_current || s->ops.current) {
 228                 /* if there's still one running, we're done */
 229                 return;
 230         }
 231
 232         if (!s->ops.notifies) {
 233                 /* if there're no pending operations, we're done */
 234                 return;
 235         }
 236
 237         op = s->ops.notifies;
 238         s->ops.n_current = op;
 239         DLIST_REMOVE(s->ops.notifies, op);
 240
 241         subreq = dreplsrv_op_notify_send(op, s->task->event_ctx, op);
 242         if (!subreq) {
 243                 DEBUG(0,("dreplsrv_notify_run_ops: dreplsrv_op_notify_send[%s][%s] - no memory\n",
 244                          op->source_dsa->repsFrom1->other_info->dns_name,
 245                          ldb_dn_get_linearized(op->source_dsa->partition->dn)));
 246                 return;
 247         }
 248         tevent_req_set_callback(subreq, dreplsrv_notify_op_callback, op);
 249 }
 250
 251
 252 /*
 253   find a source_dsa for a given guid
 254  */
 255 static struct dreplsrv_partition_source_dsa *dreplsrv_find_source_dsa(struct dreplsrv_partition *p,
 256                                                                       struct GUID *guid)
 257 {
 258         struct dreplsrv_partition_source_dsa *s;
 259
 260         for (s=p->sources; s; s=s->next) {
 261                 if (GUID_compare(&s->repsFrom1->source_dsa_obj_guid, guid) == 0) {
 262                         return s;
 263                 }
 264         }
 265         return NULL;
 266 }
 267
 268
 269 /*
 270   schedule a replicaSync message
 271  */
 272 static WERROR dreplsrv_schedule_notify_sync(struct dreplsrv_service *service,
 273                                             struct dreplsrv_partition *p,
 274                                             struct repsFromToBlob *reps,
 275                                             TALLOC_CTX *mem_ctx,
 276                                             uint64_t uSN,
 277                                             bool is_urgent)
 278 {
 279         struct dreplsrv_notify_operation *op;
 280         struct dreplsrv_partition_source_dsa *s;
 281
 282         s = dreplsrv_find_source_dsa(p, &reps->ctr.ctr1.source_dsa_obj_guid);
 283         if (s == NULL) {
 284                 DEBUG(0,(__location__ ": Unable to find source_dsa for %s\n",
 285                          GUID_string(mem_ctx, &reps->ctr.ctr1.source_dsa_obj_guid)));
 286                 return WERR_DS_UNAVAILABLE;
 287         }
 288
 289         op = talloc_zero(mem_ctx, struct dreplsrv_notify_operation);
 290         W_ERROR_HAVE_NO_MEMORY(op);
 291
 292         op->service     = service;
 293         op->source_dsa  = s;
 294         op->uSN         = uSN;
 295         op->is_urgent   = is_urgent;
 296
 297         DLIST_ADD_END(service->ops.notifies, op, struct dreplsrv_notify_operation *);
 298         talloc_steal(service, op);
 299         return WERR_OK;
 300 }
 301
 302 /*
 303   see if a partition has a hugher uSN than what is in the repsTo and
 304   if so then send a DsReplicaSync
 305  */
 306 static WERROR dreplsrv_notify_check(struct dreplsrv_service *s,
 307                                     struct dreplsrv_partition *p,
 308                                     TALLOC_CTX *mem_ctx)
 309 {
 310         uint32_t count=0;
 311         struct repsFromToBlob *reps;
 312         WERROR werr;
 313         uint64_t uSNHighest;
 314         uint64_t uSNUrgent;
 315         int ret, i;
 316
 317         werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsTo", &reps, &count);
 318         if (count == 0) {
 319                 werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsFrom", &reps, &count);
 320         }
 321         if (!W_ERROR_IS_OK(werr)) {
 322                 DEBUG(0,(__location__ ": Failed to load repsTo for %s\n",
 323                          ldb_dn_get_linearized(p->dn)));
 324                 return werr;
 325         }
 326
 327         /* loads the partition uSNHighest and uSNUrgent */
 328         ret = dsdb_load_partition_usn(s->samdb, p->dn, &uSNHighest, &uSNUrgent);
 329         if (ret != LDB_SUCCESS || uSNHighest == 0) {
 330                 /* nothing to do */
 331                 return WERR_OK;
 332         }
 333
 334         /* see if any of our partners need some of our objects */
 335         for (i=0; i<count; i++) {
 336                 struct dreplsrv_partition_source_dsa *sdsa;
 337                 sdsa = dreplsrv_find_source_dsa(p, &reps[i].ctr.ctr1.source_dsa_obj_guid);
 338                 if (sdsa == NULL) continue;
 339                 if (sdsa->notify_uSN < uSNHighest) {
 340                         /* we need to tell this partner to replicate
 341                            with us */
 342
 343                         /* check if urgent replication is needed */
 344                         if (sdsa->notify_uSN < uSNUrgent) {
 345                                 werr = dreplsrv_schedule_notify_sync(s, p, &reps[i], mem_ctx,
 346                                                                         uSNHighest, true);
 347                         } else {
 348                                 werr = dreplsrv_schedule_notify_sync(s, p, &reps[i], mem_ctx,
 349                                                                         uSNHighest, false);
 350                         }
 351
 352                         if (!W_ERROR_IS_OK(werr)) {
 353                                 DEBUG(0,(__location__ ": Failed to setup notify to %s for %s\n",
 354                                          reps[i].ctr.ctr1.other_info->dns_name,
 355                                          ldb_dn_get_linearized(p->dn)));
 356                                 return werr;
 357                         }
 358                 }
 359         }
 360
 361         return WERR_OK;
 362 }
 363
 364 /*
 365   see if any of the partitions have changed, and if so then send a
 366   DsReplicaSync to all the replica partners in the repsTo object
 367  */
 368 static WERROR dreplsrv_notify_check_all(struct dreplsrv_service *s, TALLOC_CTX *mem_ctx)
 369 {
 370         WERROR status;
 371         struct dreplsrv_partition *p;
 372
 373         for (p = s->partitions; p; p = p->next) {
 374                 status = dreplsrv_notify_check(s, p, mem_ctx);
 375                 W_ERROR_NOT_OK_RETURN(status);
 376         }
 377
 378         return WERR_OK;
 379 }
 380
 381 static void dreplsrv_notify_run(struct dreplsrv_service *service);
 382
 383 static void dreplsrv_notify_handler_te(struct tevent_context *ev, struct tevent_timer *te,
 384                                        struct timeval t, void *ptr)
 385 {
 386         struct dreplsrv_service *service = talloc_get_type(ptr, struct dreplsrv_service);
 387         WERROR status;
 388
 389         service->notify.te = NULL;
 390
 391         dreplsrv_notify_run(service);
 392
 393         status = dreplsrv_notify_schedule(service, service->notify.interval);
 394         if (!W_ERROR_IS_OK(status)) {
 395                 task_server_terminate(service->task, win_errstr(status), false);
 396                 return;
 397         }
 398 }
 399
 400 WERROR dreplsrv_notify_schedule(struct dreplsrv_service *service, uint32_t next_interval)
 401 {
 402         TALLOC_CTX *tmp_mem;
 403         struct tevent_timer *new_te;
 404         struct timeval next_time;
 405
 406         /* prevent looping */
 407         if (next_interval == 0) next_interval = 1;
 408
 409         next_time = timeval_current_ofs(next_interval, 50);
 410
 411         if (service->notify.te) {
 412                 /*
 413                  * if the timestamp of the new event is higher,
 414                  * as current next we don't need to reschedule
 415                  */
 416                 if (timeval_compare(&next_time, &service->notify.next_event) > 0) {
 417                         return WERR_OK;
 418                 }
 419         }
 420
 421         /* reset the next scheduled timestamp */
 422         service->notify.next_event = next_time;
 423
 424         new_te = event_add_timed(service->task->event_ctx, service,
 425                                  service->notify.next_event,
 426                                  dreplsrv_notify_handler_te, service);
 427         W_ERROR_HAVE_NO_MEMORY(new_te);
 428
 429         tmp_mem = talloc_new(service);
 430         DEBUG(4,("dreplsrv_notify_schedule(%u) %sscheduled for: %s\n",
 431                 next_interval,
 432                 (service->notify.te?"re":""),
 433                 nt_time_string(tmp_mem, timeval_to_nttime(&next_time))));
 434         talloc_free(tmp_mem);
 435
 436         talloc_free(service->notify.te);
 437         service->notify.te = new_te;
 438
 439         return WERR_OK;
 440 }
 441
 442 static void dreplsrv_notify_run(struct dreplsrv_service *service)
 443 {
 444         TALLOC_CTX *mem_ctx;
 445
 446         mem_ctx = talloc_new(service);
 447         dreplsrv_notify_check_all(service, mem_ctx);
 448         talloc_free(mem_ctx);
 449
 450         dreplsrv_run_pending_ops(service);
 451         dreplsrv_notify_run_ops(service);
 452 }