4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb core API
30 * Description: core API routines interfacing to ldb backends
32 * Author: Andrew Tridgell
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
38 static int ldb_context_destructor(void *ptr)
40 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42 if (ldb->transaction_active) {
43 ldb_debug(ldb, LDB_DEBUG_FATAL,
44 "A transaction is still active in ldb context [%p] on %s",
45 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
52 this is used to catch debug messages from events
54 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
55 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
58 const char *fmt, va_list ap)
60 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
61 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
79 vasprintf(&s, fmt, ap);
81 ldb_debug(ldb, ldb_level, "tevent: %s", s);
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
92 struct ldb_context *ldb;
95 ldb = talloc_zero(mem_ctx, struct ldb_context);
96 /* FIXME: Hack a new event context so that CMD line utilities work
97 * until we have them all converted */
99 ev_ctx = tevent_context_init(talloc_autofree_context());
100 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
101 tevent_loop_allow_nesting(ev_ctx);
104 ret = ldb_setup_wellknown_attributes(ldb);
105 if (ret != LDB_SUCCESS) {
110 ldb_set_utf8_default(ldb);
111 ldb_set_create_perms(ldb, 0666);
112 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
113 ldb_set_event_context(ldb, ev_ctx);
115 /* TODO: get timeout from options if available there */
116 ldb->default_timeout = 300; /* set default to 5 minutes */
118 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
124 try to autodetect a basedn if none specified. This fixes one of my
125 pet hates about ldapsearch, which is that you have to get a long,
126 complex basedn right to make any use of it.
128 void ldb_set_default_dns(struct ldb_context *ldb)
132 struct ldb_result *res;
133 struct ldb_dn *tmp_dn=NULL;
134 static const char *attrs[] = {
135 "rootDomainNamingContext",
136 "configurationNamingContext",
137 "schemaNamingContext",
138 "defaultNamingContext",
142 tmp_ctx = talloc_new(ldb);
143 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
144 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
145 if (ret != LDB_SUCCESS) {
146 talloc_free(tmp_ctx);
150 if (res->count != 1) {
151 talloc_free(tmp_ctx);
155 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
156 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
157 "rootDomainNamingContext");
158 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
161 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
162 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
163 "configurationNamingContext");
164 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
167 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
168 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
169 "schemaNamingContext");
170 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
173 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
174 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
175 "defaultNamingContext");
176 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
179 talloc_free(tmp_ctx);
182 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
184 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
185 return talloc_get_type(opaque, struct ldb_dn);
188 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
190 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
191 return talloc_get_type(opaque, struct ldb_dn);
194 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
196 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
197 return talloc_get_type(opaque, struct ldb_dn);
200 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
202 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
203 return talloc_get_type(opaque, struct ldb_dn);
207 connect to a database. The URL can either be one of the following forms
211 flags is made up of LDB_FLG_*
213 the options are passed uninterpreted to the backend, and are
216 int ldb_connect(struct ldb_context *ldb, const char *url,
217 unsigned int flags, const char *options[])
221 /* We seem to need to do this here, or else some utilities don't
222 * get ldb backends */
226 url2 = talloc_strdup(ldb, url);
229 return LDB_ERR_OPERATIONS_ERROR;
231 ret = ldb_set_opaque(ldb, "ldb_url", url2);
232 if (ret != LDB_SUCCESS) {
236 ret = ldb_connect_backend(ldb, url, options, &ldb->modules);
237 if (ret != LDB_SUCCESS) {
241 if (ldb_load_modules(ldb, options) != LDB_SUCCESS) {
242 ldb_debug(ldb, LDB_DEBUG_FATAL,
243 "Unable to load modules for %s: %s",
244 url, ldb_errstring(ldb));
245 return LDB_ERR_OTHER;
248 /* set the default base dn */
249 ldb_set_default_dns(ldb);
254 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
256 if (ldb->err_string) {
257 talloc_free(ldb->err_string);
259 ldb->err_string = talloc_strdup(ldb, err_string);
260 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
261 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_set_errstring: %s", ldb->err_string);
265 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
268 char *old_string = NULL;
270 if (ldb->err_string) {
271 old_string = ldb->err_string;
274 va_start(ap, format);
275 ldb->err_string = talloc_vasprintf(ldb, format, ap);
277 talloc_free(old_string);
280 void ldb_reset_err_string(struct ldb_context *ldb)
282 if (ldb->err_string) {
283 talloc_free(ldb->err_string);
284 ldb->err_string = NULL;
291 set an ldb error based on file:line
293 int ldb_error_at(struct ldb_context *ldb, int ecode,
294 const char *reason, const char *file, int line)
296 if (reason == NULL) {
297 reason = ldb_strerror(ecode);
299 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
304 #define FIRST_OP_NOERR(ldb, op) do { \
305 module = ldb->modules; \
306 while (module && module->ops->op == NULL) module = module->next; \
307 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
308 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
309 module->ops->name); \
313 #define FIRST_OP(ldb, op) do { \
314 FIRST_OP_NOERR(ldb, op); \
315 if (module == NULL) { \
316 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
317 return LDB_ERR_OPERATIONS_ERROR; \
325 int ldb_transaction_start(struct ldb_context *ldb)
327 struct ldb_module *module;
330 ldb_debug(ldb, LDB_DEBUG_TRACE,
331 "start ldb transaction (nesting: %d)",
332 ldb->transaction_active);
334 /* explicit transaction active, count nested requests */
335 if (ldb->transaction_active) {
336 ldb->transaction_active++;
340 /* start a new transaction */
341 ldb->transaction_active++;
342 ldb->prepare_commit_done = false;
344 FIRST_OP(ldb, start_transaction);
346 ldb_reset_err_string(ldb);
348 status = module->ops->start_transaction(module);
349 if (status != LDB_SUCCESS) {
350 if (ldb->err_string == NULL) {
351 /* no error string was setup by the backend */
352 ldb_asprintf_errstring(ldb,
353 "ldb transaction start: %s (%d)",
354 ldb_strerror(status),
358 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
359 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
360 ldb_errstring(module->ldb));
366 prepare for transaction commit (first phase of two phase commit)
368 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
370 struct ldb_module *module;
373 if (ldb->prepare_commit_done) {
377 /* commit only when all nested transactions are complete */
378 if (ldb->transaction_active > 1) {
382 ldb->prepare_commit_done = true;
384 if (ldb->transaction_active < 0) {
385 ldb_debug(ldb, LDB_DEBUG_FATAL,
386 "prepare commit called but no ldb transactions are active!");
387 ldb->transaction_active = 0;
388 return LDB_ERR_OPERATIONS_ERROR;
391 /* call prepare transaction if available */
392 FIRST_OP_NOERR(ldb, prepare_commit);
393 if (module == NULL) {
397 status = module->ops->prepare_commit(module);
398 if (status != LDB_SUCCESS) {
399 /* if a module fails the prepare then we need
400 to call the end transaction for everyone */
401 FIRST_OP(ldb, del_transaction);
402 module->ops->del_transaction(module);
403 if (ldb->err_string == NULL) {
404 /* no error string was setup by the backend */
405 ldb_asprintf_errstring(ldb,
406 "ldb transaction prepare commit: %s (%d)",
407 ldb_strerror(status),
410 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
411 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
412 ldb_errstring(module->ldb));
423 int ldb_transaction_commit(struct ldb_context *ldb)
425 struct ldb_module *module;
428 status = ldb_transaction_prepare_commit(ldb);
429 if (status != LDB_SUCCESS) {
433 ldb->transaction_active--;
435 ldb_debug(ldb, LDB_DEBUG_TRACE,
436 "commit ldb transaction (nesting: %d)",
437 ldb->transaction_active);
439 /* commit only when all nested transactions are complete */
440 if (ldb->transaction_active > 0) {
444 if (ldb->transaction_active < 0) {
445 ldb_debug(ldb, LDB_DEBUG_FATAL,
446 "commit called but no ldb transactions are active!");
447 ldb->transaction_active = 0;
448 return LDB_ERR_OPERATIONS_ERROR;
451 ldb_reset_err_string(ldb);
453 FIRST_OP(ldb, end_transaction);
454 status = module->ops->end_transaction(module);
455 if (status != LDB_SUCCESS) {
456 if (ldb->err_string == NULL) {
457 /* no error string was setup by the backend */
458 ldb_asprintf_errstring(ldb,
459 "ldb transaction commit: %s (%d)",
460 ldb_strerror(status),
463 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
464 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
465 ldb_errstring(module->ldb));
467 /* cancel the transaction */
468 FIRST_OP(ldb, del_transaction);
469 module->ops->del_transaction(module);
478 int ldb_transaction_cancel(struct ldb_context *ldb)
480 struct ldb_module *module;
483 ldb->transaction_active--;
485 ldb_debug(ldb, LDB_DEBUG_TRACE,
486 "cancel ldb transaction (nesting: %d)",
487 ldb->transaction_active);
489 /* really cancel only if all nested transactions are complete */
490 if (ldb->transaction_active > 0) {
494 if (ldb->transaction_active < 0) {
495 ldb_debug(ldb, LDB_DEBUG_FATAL,
496 "cancel called but no ldb transactions are active!");
497 ldb->transaction_active = 0;
498 return LDB_ERR_OPERATIONS_ERROR;
501 FIRST_OP(ldb, del_transaction);
503 status = module->ops->del_transaction(module);
504 if (status != LDB_SUCCESS) {
505 if (ldb->err_string == NULL) {
506 /* no error string was setup by the backend */
507 ldb_asprintf_errstring(ldb,
508 "ldb transaction cancel: %s (%d)",
509 ldb_strerror(status),
512 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
513 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
514 ldb_errstring(module->ldb));
521 cancel a transaction with no error if no transaction is pending
522 used when we fork() to clear any parent transactions
524 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
526 if (ldb->transaction_active > 0) {
527 return ldb_transaction_cancel(ldb);
533 /* autostarts a transacion if none active */
534 static int ldb_autotransaction_request(struct ldb_context *ldb,
535 struct ldb_request *req)
539 ret = ldb_transaction_start(ldb);
540 if (ret != LDB_SUCCESS) {
544 ret = ldb_request(ldb, req);
545 if (ret == LDB_SUCCESS) {
546 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
549 if (ret == LDB_SUCCESS) {
550 return ldb_transaction_commit(ldb);
552 ldb_transaction_cancel(ldb);
554 if (ldb->err_string == NULL) {
555 /* no error string was setup by the backend */
556 ldb_asprintf_errstring(ldb, "%s (%d)", ldb_strerror(ret), ret);
562 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
564 struct tevent_context *ev;
568 return LDB_ERR_UNAVAILABLE;
571 if (handle->state == LDB_ASYNC_DONE) {
572 return handle->status;
575 ev = ldb_get_event_context(handle->ldb);
577 return LDB_ERR_OPERATIONS_ERROR;
582 ret = tevent_loop_once(ev);
584 return LDB_ERR_OPERATIONS_ERROR;
586 if (handle->state == LDB_ASYNC_DONE ||
587 handle->status != LDB_SUCCESS) {
588 return handle->status;
593 while (handle->state != LDB_ASYNC_DONE) {
594 ret = tevent_loop_once(ev);
596 return LDB_ERR_OPERATIONS_ERROR;
598 if (handle->status != LDB_SUCCESS) {
599 return handle->status;
602 return handle->status;
608 /* set the specified timeout or, if timeout is 0 set the default timeout */
609 int ldb_set_timeout(struct ldb_context *ldb,
610 struct ldb_request *req,
613 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
616 req->timeout = timeout;
618 req->timeout = ldb->default_timeout;
620 req->starttime = time(NULL);
625 /* calculates the new timeout based on the previous starttime and timeout */
626 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
627 struct ldb_request *oldreq,
628 struct ldb_request *newreq)
630 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
632 if (oldreq == NULL) {
633 return ldb_set_timeout(ldb, newreq, 0);
636 newreq->starttime = oldreq->starttime;
637 newreq->timeout = oldreq->timeout;
644 set the permissions for new files to be passed to open() in
645 backends that use local files
647 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
649 ldb->create_perms = perms;
652 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
654 return ldb->create_perms;
657 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
662 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
667 void ldb_request_set_state(struct ldb_request *req, int state)
669 req->handle->state = state;
672 int ldb_request_get_status(struct ldb_request *req)
674 return req->handle->status;
681 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
683 TALLOC_CTX *tmp_ctx = talloc_new(req);
686 switch (req->operation) {
688 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
689 ldb_debug_add(ldb, " dn: %s\n",
690 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
691 ldb_dn_get_linearized(req->op.search.base));
692 ldb_debug_add(ldb, " scope: %s\n",
693 req->op.search.scope==LDB_SCOPE_BASE?"base":
694 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
695 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
696 ldb_debug_add(ldb, " expr: %s\n",
697 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
698 if (req->op.search.attrs == NULL) {
699 ldb_debug_add(ldb, " attr: <ALL>\n");
701 for (i=0; req->op.search.attrs[i]; i++) {
702 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
707 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
708 ldb_debug_add(ldb, " dn: %s\n",
709 ldb_dn_get_linearized(req->op.del.dn));
712 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
713 ldb_debug_add(ldb, " olddn: %s\n",
714 ldb_dn_get_linearized(req->op.rename.olddn));
715 ldb_debug_add(ldb, " newdn: %s\n",
716 ldb_dn_get_linearized(req->op.rename.newdn));
719 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
720 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
721 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
724 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
725 ldb_debug_add(req->handle->ldb, "%s\n",
726 ldb_ldif_message_string(req->handle->ldb, tmp_ctx,
728 req->op.add.message));
731 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
732 ldb_debug_add(req->handle->ldb, "%s\n",
733 ldb_ldif_message_string(req->handle->ldb, tmp_ctx,
735 req->op.mod.message));
737 case LDB_REQ_REGISTER_CONTROL:
738 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
739 ldb_debug_add(req->handle->ldb, "%s\n",
740 req->op.reg_control.oid);
742 case LDB_REQ_REGISTER_PARTITION:
743 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
744 ldb_debug_add(req->handle->ldb, "%s\n",
745 ldb_dn_get_linearized(req->op.reg_partition.dn));
748 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
753 if (req->controls == NULL) {
754 ldb_debug_add(ldb, " control: <NONE>\n");
756 for (i=0; req->controls && req->controls[i]; i++) {
757 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
758 req->controls[i]->oid,
759 req->controls[i]->critical,
760 req->controls[i]->data?"yes":"no");
764 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
766 talloc_free(tmp_ctx);
772 NOTE: the request must be a talloc context.
773 returns LDB_ERR_* on errors.
775 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
777 struct ldb_module *module;
780 if (req->callback == NULL) {
781 ldb_set_errstring(ldb, "Requests MUST define callbacks");
782 return LDB_ERR_UNWILLING_TO_PERFORM;
785 ldb_reset_err_string(ldb);
787 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
788 ldb_trace_request(ldb, req);
791 /* call the first module in the chain */
792 switch (req->operation) {
794 FIRST_OP(ldb, search);
795 ret = module->ops->search(module, req);
799 * we have to normalize here, as so many places
800 * in modules and backends assume we don't have two
801 * elements with the same name
803 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
804 discard_const(&req->op.add.message));
805 if (ret != LDB_SUCCESS) {
807 return LDB_ERR_OPERATIONS_ERROR;
810 ret = module->ops->add(module, req);
813 FIRST_OP(ldb, modify);
814 ret = module->ops->modify(module, req);
818 ret = module->ops->del(module, req);
821 if (!ldb_dn_validate(req->op.rename.olddn)) {
822 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
823 ldb_dn_get_linearized(req->op.rename.olddn));
824 return LDB_ERR_INVALID_DN_SYNTAX;
826 if (!ldb_dn_validate(req->op.rename.newdn)) {
827 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
828 ldb_dn_get_linearized(req->op.rename.newdn));
829 return LDB_ERR_INVALID_DN_SYNTAX;
831 FIRST_OP(ldb, rename);
832 ret = module->ops->rename(module, req);
835 FIRST_OP(ldb, extended);
836 ret = module->ops->extended(module, req);
839 FIRST_OP(ldb, request);
840 ret = module->ops->request(module, req);
847 int ldb_request_done(struct ldb_request *req, int status)
849 req->handle->state = LDB_ASYNC_DONE;
850 req->handle->status = status;
855 search the database given a LDAP-like search expression
857 returns an LDB error code
859 Use talloc_free to free the ldb_message returned in 'res', if successful
862 int ldb_search_default_callback(struct ldb_request *req,
863 struct ldb_reply *ares)
865 struct ldb_result *res;
868 res = talloc_get_type(req->context, struct ldb_result);
871 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
873 if (ares->error != LDB_SUCCESS) {
874 return ldb_request_done(req, ares->error);
877 switch (ares->type) {
878 case LDB_REPLY_ENTRY:
879 res->msgs = talloc_realloc(res, res->msgs,
880 struct ldb_message *, res->count + 2);
882 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
885 res->msgs[res->count + 1] = NULL;
887 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
891 case LDB_REPLY_REFERRAL:
893 for (n = 0; res->refs[n]; n++) /*noop*/ ;
898 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
900 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
903 res->refs[n] = talloc_move(res->refs, &ares->referral);
904 res->refs[n + 1] = NULL;
908 /* TODO: we should really support controls on entries
909 * and referrals too! */
910 res->controls = talloc_move(res, &ares->controls);
912 /* this is the last message, and means the request is done */
913 /* we have to signal and eventual ldb_wait() waiting that the
914 * async request operation was completed */
916 return ldb_request_done(req, LDB_SUCCESS);
924 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
926 struct ldb_result *res;
930 res = talloc_get_type(req->context, struct ldb_result);
933 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
936 if (ares->error != LDB_SUCCESS) {
939 return ldb_request_done(req, ret);
942 switch (ares->type) {
943 case LDB_REPLY_REFERRAL:
945 for (n = 0; res->refs[n]; n++) /*noop*/ ;
950 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
952 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
955 res->refs[n] = talloc_move(res->refs, &ares->referral);
956 res->refs[n + 1] = NULL;
961 return ldb_request_done(req, LDB_SUCCESS);
964 ldb_set_errstring(req->handle->ldb, "Invalid reply type!");
965 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
969 return ldb_request_done(req, LDB_SUCCESS);
972 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
977 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
980 if (ares->error != LDB_SUCCESS) {
983 return ldb_request_done(req, ret);
986 if (ares->type != LDB_REPLY_DONE) {
988 ldb_set_errstring(req->handle->ldb, "Invalid reply type!");
989 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
993 return ldb_request_done(req, LDB_SUCCESS);
996 int ldb_build_search_req_ex(struct ldb_request **ret_req,
997 struct ldb_context *ldb,
1000 enum ldb_scope scope,
1001 struct ldb_parse_tree *tree,
1002 const char * const *attrs,
1003 struct ldb_control **controls,
1005 ldb_request_callback_t callback,
1006 struct ldb_request *parent)
1008 struct ldb_request *req;
1012 req = talloc(mem_ctx, struct ldb_request);
1015 return LDB_ERR_OPERATIONS_ERROR;
1018 req->operation = LDB_SEARCH;
1020 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1022 req->op.search.base = base;
1024 req->op.search.scope = scope;
1026 req->op.search.tree = tree;
1027 if (req->op.search.tree == NULL) {
1028 ldb_set_errstring(ldb, "'tree' can't be NULL");
1030 return LDB_ERR_OPERATIONS_ERROR;
1033 req->op.search.attrs = attrs;
1034 req->controls = controls;
1035 req->context = context;
1036 req->callback = callback;
1038 ldb_set_timeout_from_prev_req(ldb, parent, req);
1040 req->handle = ldb_handle_new(req, ldb);
1041 if (req->handle == NULL) {
1043 return LDB_ERR_OPERATIONS_ERROR;
1047 req->handle->nesting++;
1054 int ldb_build_search_req(struct ldb_request **ret_req,
1055 struct ldb_context *ldb,
1056 TALLOC_CTX *mem_ctx,
1057 struct ldb_dn *base,
1058 enum ldb_scope scope,
1059 const char *expression,
1060 const char * const *attrs,
1061 struct ldb_control **controls,
1063 ldb_request_callback_t callback,
1064 struct ldb_request *parent)
1066 struct ldb_parse_tree *tree;
1069 tree = ldb_parse_tree(mem_ctx, expression);
1071 ldb_set_errstring(ldb, "Unable to parse search expression");
1072 return LDB_ERR_OPERATIONS_ERROR;
1075 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1076 scope, tree, attrs, controls,
1077 context, callback, parent);
1078 if (ret == LDB_SUCCESS) {
1079 talloc_steal(*ret_req, tree);
1084 int ldb_build_add_req(struct ldb_request **ret_req,
1085 struct ldb_context *ldb,
1086 TALLOC_CTX *mem_ctx,
1087 const struct ldb_message *message,
1088 struct ldb_control **controls,
1090 ldb_request_callback_t callback,
1091 struct ldb_request *parent)
1093 struct ldb_request *req;
1097 req = talloc(mem_ctx, struct ldb_request);
1099 ldb_set_errstring(ldb, "Out of Memory");
1100 return LDB_ERR_OPERATIONS_ERROR;
1103 req->operation = LDB_ADD;
1104 req->op.add.message = message;
1105 req->controls = controls;
1106 req->context = context;
1107 req->callback = callback;
1109 ldb_set_timeout_from_prev_req(ldb, parent, req);
1111 req->handle = ldb_handle_new(req, ldb);
1112 if (req->handle == NULL) {
1114 return LDB_ERR_OPERATIONS_ERROR;
1118 req->handle->nesting++;
1126 int ldb_build_mod_req(struct ldb_request **ret_req,
1127 struct ldb_context *ldb,
1128 TALLOC_CTX *mem_ctx,
1129 const struct ldb_message *message,
1130 struct ldb_control **controls,
1132 ldb_request_callback_t callback,
1133 struct ldb_request *parent)
1135 struct ldb_request *req;
1139 req = talloc(mem_ctx, struct ldb_request);
1141 ldb_set_errstring(ldb, "Out of Memory");
1142 return LDB_ERR_OPERATIONS_ERROR;
1145 req->operation = LDB_MODIFY;
1146 req->op.mod.message = message;
1147 req->controls = controls;
1148 req->context = context;
1149 req->callback = callback;
1151 ldb_set_timeout_from_prev_req(ldb, parent, req);
1153 req->handle = ldb_handle_new(req, ldb);
1154 if (req->handle == NULL) {
1156 return LDB_ERR_OPERATIONS_ERROR;
1160 req->handle->nesting++;
1168 int ldb_build_del_req(struct ldb_request **ret_req,
1169 struct ldb_context *ldb,
1170 TALLOC_CTX *mem_ctx,
1172 struct ldb_control **controls,
1174 ldb_request_callback_t callback,
1175 struct ldb_request *parent)
1177 struct ldb_request *req;
1181 req = talloc(mem_ctx, struct ldb_request);
1183 ldb_set_errstring(ldb, "Out of Memory");
1184 return LDB_ERR_OPERATIONS_ERROR;
1187 req->operation = LDB_DELETE;
1188 req->op.del.dn = dn;
1189 req->controls = controls;
1190 req->context = context;
1191 req->callback = callback;
1193 ldb_set_timeout_from_prev_req(ldb, parent, req);
1195 req->handle = ldb_handle_new(req, ldb);
1196 if (req->handle == NULL) {
1198 return LDB_ERR_OPERATIONS_ERROR;
1202 req->handle->nesting++;
1210 int ldb_build_rename_req(struct ldb_request **ret_req,
1211 struct ldb_context *ldb,
1212 TALLOC_CTX *mem_ctx,
1213 struct ldb_dn *olddn,
1214 struct ldb_dn *newdn,
1215 struct ldb_control **controls,
1217 ldb_request_callback_t callback,
1218 struct ldb_request *parent)
1220 struct ldb_request *req;
1224 req = talloc(mem_ctx, struct ldb_request);
1226 ldb_set_errstring(ldb, "Out of Memory");
1227 return LDB_ERR_OPERATIONS_ERROR;
1230 req->operation = LDB_RENAME;
1231 req->op.rename.olddn = olddn;
1232 req->op.rename.newdn = newdn;
1233 req->controls = controls;
1234 req->context = context;
1235 req->callback = callback;
1237 ldb_set_timeout_from_prev_req(ldb, parent, req);
1239 req->handle = ldb_handle_new(req, ldb);
1240 if (req->handle == NULL) {
1242 return LDB_ERR_OPERATIONS_ERROR;
1246 req->handle->nesting++;
1254 int ldb_extended_default_callback(struct ldb_request *req,
1255 struct ldb_reply *ares)
1257 struct ldb_result *res;
1259 res = talloc_get_type(req->context, struct ldb_result);
1262 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1264 if (ares->error != LDB_SUCCESS) {
1265 return ldb_request_done(req, ares->error);
1268 if (ares->type == LDB_REPLY_DONE) {
1270 /* TODO: we should really support controls on entries and referrals too! */
1271 res->extended = talloc_move(res, &ares->response);
1272 res->controls = talloc_move(res, &ares->controls);
1275 return ldb_request_done(req, LDB_SUCCESS);
1279 ldb_set_errstring(req->handle->ldb, "Invalid reply type!");
1280 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1283 int ldb_build_extended_req(struct ldb_request **ret_req,
1284 struct ldb_context *ldb,
1285 TALLOC_CTX *mem_ctx,
1288 struct ldb_control **controls,
1290 ldb_request_callback_t callback,
1291 struct ldb_request *parent)
1293 struct ldb_request *req;
1297 req = talloc(mem_ctx, struct ldb_request);
1299 ldb_set_errstring(ldb, "Out of Memory");
1300 return LDB_ERR_OPERATIONS_ERROR;
1303 req->operation = LDB_EXTENDED;
1304 req->op.extended.oid = oid;
1305 req->op.extended.data = data;
1306 req->controls = controls;
1307 req->context = context;
1308 req->callback = callback;
1310 ldb_set_timeout_from_prev_req(ldb, parent, req);
1312 req->handle = ldb_handle_new(req, ldb);
1313 if (req->handle == NULL) {
1315 return LDB_ERR_OPERATIONS_ERROR;
1319 req->handle->nesting++;
1327 int ldb_extended(struct ldb_context *ldb,
1330 struct ldb_result **_res)
1332 struct ldb_request *req;
1334 struct ldb_result *res;
1338 res = talloc_zero(ldb, struct ldb_result);
1340 return LDB_ERR_OPERATIONS_ERROR;
1343 ret = ldb_build_extended_req(&req, ldb, ldb,
1345 res, ldb_extended_default_callback,
1347 if (ret != LDB_SUCCESS) goto done;
1349 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1351 ret = ldb_request(ldb, req);
1353 if (ret == LDB_SUCCESS) {
1354 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1360 if (ret != LDB_SUCCESS) {
1369 note that ldb_search() will automatically replace a NULL 'base' value
1370 with the defaultNamingContext from the rootDSE if available.
1372 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1373 struct ldb_result **result, struct ldb_dn *base,
1374 enum ldb_scope scope, const char * const *attrs,
1375 const char *exp_fmt, ...)
1377 struct ldb_request *req;
1378 struct ldb_result *res;
1387 res = talloc_zero(mem_ctx, struct ldb_result);
1389 return LDB_ERR_OPERATIONS_ERROR;
1393 va_start(ap, exp_fmt);
1394 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1399 return LDB_ERR_OPERATIONS_ERROR;
1403 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1404 base?base:ldb_get_default_basedn(ldb),
1410 ldb_search_default_callback,
1413 if (ret != LDB_SUCCESS) goto done;
1415 ret = ldb_request(ldb, req);
1417 if (ret == LDB_SUCCESS) {
1418 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1422 if (ret != LDB_SUCCESS) {
1427 talloc_free(expression);
1435 add a record to the database. Will fail if a record with the given class
1436 and key already exists
1438 int ldb_add(struct ldb_context *ldb,
1439 const struct ldb_message *message)
1441 struct ldb_request *req;
1444 ret = ldb_msg_sanity_check(ldb, message);
1445 if (ret != LDB_SUCCESS) {
1449 ret = ldb_build_add_req(&req, ldb, ldb,
1453 ldb_op_default_callback,
1456 if (ret != LDB_SUCCESS) return ret;
1458 /* do request and autostart a transaction */
1459 ret = ldb_autotransaction_request(ldb, req);
1466 modify the specified attributes of a record
1468 int ldb_modify(struct ldb_context *ldb,
1469 const struct ldb_message *message)
1471 struct ldb_request *req;
1474 ret = ldb_msg_sanity_check(ldb, message);
1475 if (ret != LDB_SUCCESS) {
1479 ret = ldb_build_mod_req(&req, ldb, ldb,
1483 ldb_op_default_callback,
1486 if (ret != LDB_SUCCESS) return ret;
1488 /* do request and autostart a transaction */
1489 ret = ldb_autotransaction_request(ldb, req);
1497 delete a record from the database
1499 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1501 struct ldb_request *req;
1504 ret = ldb_build_del_req(&req, ldb, ldb,
1508 ldb_op_default_callback,
1511 if (ret != LDB_SUCCESS) return ret;
1513 /* do request and autostart a transaction */
1514 ret = ldb_autotransaction_request(ldb, req);
1521 rename a record in the database
1523 int ldb_rename(struct ldb_context *ldb,
1524 struct ldb_dn *olddn, struct ldb_dn *newdn)
1526 struct ldb_request *req;
1529 ret = ldb_build_rename_req(&req, ldb, ldb,
1534 ldb_op_default_callback,
1537 if (ret != LDB_SUCCESS) return ret;
1539 /* do request and autostart a transaction */
1540 ret = ldb_autotransaction_request(ldb, req);
1548 return the global sequence number
1550 int ldb_sequence_number(struct ldb_context *ldb,
1551 enum ldb_sequence_type type, uint64_t *seq_num)
1553 struct ldb_seqnum_request *seq;
1554 struct ldb_seqnum_result *seqr;
1555 struct ldb_result *res;
1556 TALLOC_CTX *tmp_ctx;
1561 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1562 if (tmp_ctx == NULL) {
1563 ldb_set_errstring(ldb, "Out of Memory");
1564 return LDB_ERR_OPERATIONS_ERROR;
1566 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1568 ldb_set_errstring(ldb, "Out of Memory");
1569 ret = LDB_ERR_OPERATIONS_ERROR;
1574 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1575 if (ret != LDB_SUCCESS) {
1578 talloc_steal(tmp_ctx, res);
1580 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1581 ldb_set_errstring(ldb, "Invalid OID in reply");
1582 ret = LDB_ERR_OPERATIONS_ERROR;
1585 seqr = talloc_get_type(res->extended->data,
1586 struct ldb_seqnum_result);
1587 *seq_num = seqr->seq_num;
1590 talloc_free(tmp_ctx);
1595 return extended error information
1597 const char *ldb_errstring(struct ldb_context *ldb)
1599 if (ldb->err_string) {
1600 return ldb->err_string;
1607 return a string explaining what a ldb error constant meancs
1609 const char *ldb_strerror(int ldb_err)
1614 case LDB_ERR_OPERATIONS_ERROR:
1615 return "Operations error";
1616 case LDB_ERR_PROTOCOL_ERROR:
1617 return "Protocol error";
1618 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1619 return "Time limit exceeded";
1620 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1621 return "Size limit exceeded";
1622 case LDB_ERR_COMPARE_FALSE:
1623 return "Compare false";
1624 case LDB_ERR_COMPARE_TRUE:
1625 return "Compare true";
1626 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1627 return "Auth method not supported";
1628 case LDB_ERR_STRONG_AUTH_REQUIRED:
1629 return "Strong auth required";
1631 case LDB_ERR_REFERRAL:
1632 return "Referral error";
1633 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1634 return "Admin limit exceeded";
1635 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1636 return "Unsupported critical extension";
1637 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1638 return "Confidentiality required";
1639 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1640 return "SASL bind in progress";
1641 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1642 return "No such attribute";
1643 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1644 return "Undefined attribute type";
1645 case LDB_ERR_INAPPROPRIATE_MATCHING:
1646 return "Inappropriate matching";
1647 case LDB_ERR_CONSTRAINT_VIOLATION:
1648 return "Constraint violation";
1649 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1650 return "Attribute or value exists";
1651 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1652 return "Invalid attribute syntax";
1654 case LDB_ERR_NO_SUCH_OBJECT:
1655 return "No such object";
1656 case LDB_ERR_ALIAS_PROBLEM:
1657 return "Alias problem";
1658 case LDB_ERR_INVALID_DN_SYNTAX:
1659 return "Invalid DN syntax";
1661 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1662 return "Alias dereferencing problem";
1664 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1665 return "Inappropriate authentication";
1666 case LDB_ERR_INVALID_CREDENTIALS:
1667 return "Invalid credentials";
1668 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1669 return "insufficient access rights";
1672 case LDB_ERR_UNAVAILABLE:
1673 return "Unavailable";
1674 case LDB_ERR_UNWILLING_TO_PERFORM:
1675 return "Unwilling to perform";
1676 case LDB_ERR_LOOP_DETECT:
1677 return "Loop detect";
1679 case LDB_ERR_NAMING_VIOLATION:
1680 return "Naming violation";
1681 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1682 return "Object class violation";
1683 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1684 return "Not allowed on non-leaf";
1685 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1686 return "Not allowed on RDN";
1687 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1688 return "Entry already exists";
1689 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1690 return "Object class mods prohibited";
1691 /* 70 RESERVED FOR CLDAP */
1692 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1693 return "Affects multiple DSAs";
1699 return "Unknown error";
1703 set backend specific opaque parameters
1705 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1707 struct ldb_opaque *o;
1709 /* allow updating an existing value */
1710 for (o=ldb->opaque;o;o=o->next) {
1711 if (strcmp(o->name, name) == 0) {
1717 o = talloc(ldb, struct ldb_opaque);
1720 return LDB_ERR_OTHER;
1722 o->next = ldb->opaque;
1730 get a previously set opaque value
1732 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1734 struct ldb_opaque *o;
1735 for (o=ldb->opaque;o;o=o->next) {
1736 if (strcmp(o->name, name) == 0) {
1743 int ldb_global_init(void)
1745 /* Provided for compatibility with some older versions of ldb */
1749 /* return the ldb flags */
1750 unsigned int ldb_get_flags(struct ldb_context *ldb)
1755 /* set the ldb flags */
1756 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)