4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2006
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 2 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, write to the Free Software
23 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 * Component: ldb core API
31 * Description: core API routines interfacing to ldb backends
33 * Author: Andrew Tridgell
37 #include "ldb/include/includes.h"
40 initialise a ldb context
41 The mem_ctx is optional
43 struct ldb_context *ldb_init(void *mem_ctx)
45 struct ldb_context *ldb = talloc_zero(mem_ctx, struct ldb_context);
48 ret = ldb_setup_wellknown_attributes(ldb);
54 ldb_set_utf8_default(ldb);
59 static struct ldb_backend {
61 ldb_connect_fn connect_fn;
62 struct ldb_backend *prev, *next;
63 } *ldb_backends = NULL;
65 register a new ldb backend
67 int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn)
69 struct ldb_backend *backend = talloc(talloc_autofree_context(), struct ldb_backend);
71 /* Maybe check for duplicity here later on? */
73 backend->name = talloc_strdup(backend, url_prefix);
74 backend->connect_fn = connectfn;
75 DLIST_ADD(ldb_backends, backend);
80 static ldb_connect_fn ldb_find_backend(const char *url)
82 struct ldb_backend *backend;
84 for (backend = ldb_backends; backend; backend = backend->next) {
85 if (strncmp(backend->name, url, strlen(backend->name)) == 0) {
86 return backend->connect_fn;
94 Return the ldb module form of a database. The URL can either be one of the following forms
98 flags is made up of LDB_FLG_*
100 the options are passed uninterpreted to the backend, and are
103 This allows modules to get at only the backend module, for example where a module
104 may wish to direct certain requests at a particular backend.
106 int ldb_connect_backend(struct ldb_context *ldb, const char *url, const char *options[],
107 struct ldb_module **backend_module)
113 if (strchr(url, ':') != NULL) {
114 backend = talloc_strndup(ldb, url, strchr(url, ':')-url);
117 backend = talloc_strdup(ldb, "tdb");
120 fn = ldb_find_backend(backend);
123 if (ldb_try_load_dso(ldb, backend) == 0) {
124 fn = ldb_find_backend(backend);
128 talloc_free(backend);
131 ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to find backend for '%s'\n", url);
132 return LDB_ERR_OTHER;
135 ret = fn(ldb, url, ldb->flags, options, backend_module);
137 if (ret != LDB_SUCCESS) {
138 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to connect to '%s'\n", url);
145 try to autodetect a basedn if none specified. This fixes one of my
146 pet hates about ldapsearch, which is that you have to get a long,
147 complex basedn right to make any use of it.
149 static const struct ldb_dn *ldb_set_default_basedn(struct ldb_context *ldb)
153 static const char *attrs[] = { "defaultNamingContext", NULL };
154 struct ldb_result *res;
155 struct ldb_dn *basedn=NULL;
157 basedn = ldb_get_opaque(ldb, "default_baseDN");
162 tmp_ctx = talloc_new(ldb);
163 ret = ldb_search(ldb, ldb_dn_new(tmp_ctx), LDB_SCOPE_BASE,
164 "(objectClass=*)", attrs, &res);
165 if (ret == LDB_SUCCESS && res->count == 1) {
166 basedn = ldb_msg_find_attr_as_dn(ldb, res->msgs[0], "defaultNamingContext");
169 ldb_set_opaque(ldb, "default_baseDN", basedn);
171 talloc_free(tmp_ctx);
175 const struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
177 return ldb_get_opaque(ldb, "default_baseDN");
181 connect to a database. The URL can either be one of the following forms
185 flags is made up of LDB_FLG_*
187 the options are passed uninterpreted to the backend, and are
190 int ldb_connect(struct ldb_context *ldb, const char *url, unsigned int flags, const char *options[])
196 ret = ldb_connect_backend(ldb, url, options, &ldb->modules);
197 if (ret != LDB_SUCCESS) {
201 if (ldb_load_modules(ldb, options) != LDB_SUCCESS) {
202 ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to load modules for '%s'\n", url);
203 return LDB_ERR_OTHER;
206 /* TODO: get timeout from options if available there */
207 ldb->default_timeout = 300; /* set default to 5 minutes */
209 /* set the default base dn */
210 ldb_set_default_basedn(ldb);
215 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
217 if (ldb->err_string) {
218 talloc_free(ldb->err_string);
220 ldb->err_string = talloc_strdup(ldb, err_string);
223 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
227 if (ldb->err_string) {
228 talloc_free(ldb->err_string);
231 va_start(ap, format);
232 ldb->err_string = talloc_vasprintf(ldb, format, ap);
236 void ldb_reset_err_string(struct ldb_context *ldb)
238 if (ldb->err_string) {
239 talloc_free(ldb->err_string);
240 ldb->err_string = NULL;
244 #define FIRST_OP(ldb, op) do { \
245 module = ldb->modules; \
246 while (module && module->ops->op == NULL) module = module->next; \
247 if (module == NULL) { \
248 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
249 return LDB_ERR_OPERATIONS_ERROR; \
256 static int ldb_transaction_start_internal(struct ldb_context *ldb)
258 struct ldb_module *module;
260 FIRST_OP(ldb, start_transaction);
262 ldb_reset_err_string(ldb);
264 status = module->ops->start_transaction(module);
265 if (status != LDB_SUCCESS) {
266 if (ldb->err_string == NULL) {
267 /* no error string was setup by the backend */
268 ldb_asprintf_errstring(ldb,
269 "ldb transaction start: %s (%d)",
270 ldb_strerror(status),
280 static int ldb_transaction_commit_internal(struct ldb_context *ldb)
282 struct ldb_module *module;
284 FIRST_OP(ldb, end_transaction);
286 ldb_reset_err_string(ldb);
288 status = module->ops->end_transaction(module);
289 if (status != LDB_SUCCESS) {
290 if (ldb->err_string == NULL) {
291 /* no error string was setup by the backend */
292 ldb_asprintf_errstring(ldb,
293 "ldb transaction commit: %s (%d)",
294 ldb_strerror(status),
304 static int ldb_transaction_cancel_internal(struct ldb_context *ldb)
306 struct ldb_module *module;
308 FIRST_OP(ldb, del_transaction);
310 status = module->ops->del_transaction(module);
311 if (status != LDB_SUCCESS) {
312 if (ldb->err_string == NULL) {
313 /* no error string was setup by the backend */
314 ldb_asprintf_errstring(ldb,
315 "ldb transaction cancel: %s (%d)",
316 ldb_strerror(status),
323 int ldb_transaction_start(struct ldb_context *ldb)
325 /* disable autotransactions */
326 ldb->transaction_active++;
328 return ldb_transaction_start_internal(ldb);
331 int ldb_transaction_commit(struct ldb_context *ldb)
333 /* renable autotransactions (when we reach 0) */
334 if (ldb->transaction_active > 0)
335 ldb->transaction_active--;
337 return ldb_transaction_commit_internal(ldb);
340 int ldb_transaction_cancel(struct ldb_context *ldb)
342 /* renable autotransactions (when we reach 0) */
343 if (ldb->transaction_active > 0)
344 ldb->transaction_active--;
346 return ldb_transaction_cancel_internal(ldb);
349 static int ldb_autotransaction_start(struct ldb_context *ldb)
351 /* explicit transaction active, ignore autotransaction request */
352 if (ldb->transaction_active)
355 return ldb_transaction_start_internal(ldb);
358 static int ldb_autotransaction_commit(struct ldb_context *ldb)
360 /* explicit transaction active, ignore autotransaction request */
361 if (ldb->transaction_active)
364 return ldb_transaction_commit_internal(ldb);
367 static int ldb_autotransaction_cancel(struct ldb_context *ldb)
369 /* explicit transaction active, ignore autotransaction request */
370 if (ldb->transaction_active)
373 return ldb_transaction_cancel_internal(ldb);
376 /* autostarts a transacion if none active */
377 static int ldb_autotransaction_request(struct ldb_context *ldb, struct ldb_request *req)
381 ret = ldb_autotransaction_start(ldb);
382 if (ret != LDB_SUCCESS) {
386 ret = ldb_request(ldb, req);
387 if (ret == LDB_SUCCESS) {
388 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
391 if (ret == LDB_SUCCESS) {
392 return ldb_autotransaction_commit(ldb);
394 ldb_autotransaction_cancel(ldb);
396 if (ldb->err_string == NULL) {
397 /* no error string was setup by the backend */
398 ldb_asprintf_errstring(ldb, "%s (%d)", ldb_strerror(ret), ret);
404 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
410 return handle->module->ops->wait(handle, type);
413 /* set the specified timeout or, if timeout is 0 set the default timeout */
414 /* timeout == -1 means no timeout */
415 int ldb_set_timeout(struct ldb_context *ldb, struct ldb_request *req, int timeout)
417 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
420 req->timeout = timeout;
422 req->timeout = ldb->default_timeout;
424 req->starttime = time(NULL);
429 /* calculates the new timeout based on the previous starttime and timeout */
430 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb, struct ldb_request *oldreq, struct ldb_request *newreq)
434 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
439 return ldb_set_timeout(ldb, newreq, 0);
441 if ((now - oldreq->starttime) > oldreq->timeout) {
442 return LDB_ERR_TIME_LIMIT_EXCEEDED;
444 newreq->starttime = oldreq->starttime;
445 newreq->timeout = oldreq->timeout - (now - oldreq->starttime);
452 NOTE: the request must be a talloc context.
453 returns LDB_ERR_* on errors.
455 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
457 struct ldb_module *module;
460 ldb_reset_err_string(ldb);
462 /* call the first module in the chain */
463 switch (req->operation) {
465 FIRST_OP(ldb, search);
466 ret = module->ops->search(module, req);
470 ret = module->ops->add(module, req);
473 FIRST_OP(ldb, modify);
474 ret = module->ops->modify(module, req);
478 ret = module->ops->del(module, req);
481 FIRST_OP(ldb, rename);
482 ret = module->ops->rename(module, req);
484 case LDB_SEQUENCE_NUMBER:
485 FIRST_OP(ldb, sequence_number);
486 ret = module->ops->sequence_number(module, req);
489 FIRST_OP(ldb, request);
490 ret = module->ops->request(module, req);
498 search the database given a LDAP-like search expression
500 returns an LDB error code
502 Use talloc_free to free the ldb_message returned in 'res', if successful
505 static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares)
507 struct ldb_result *res;
511 ldb_set_errstring(ldb, "NULL Context in callback");
512 return LDB_ERR_OPERATIONS_ERROR;
515 res = *((struct ldb_result **)context);
521 if (ares->type == LDB_REPLY_ENTRY) {
522 res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2);
527 res->msgs[res->count + 1] = NULL;
529 res->msgs[res->count] = talloc_steal(res->msgs, ares->message);
530 if (! res->msgs[res->count]) {
537 if (ares->type == LDB_REPLY_REFERRAL) {
539 for (n = 0; res->refs[n]; n++) /*noop*/ ;
544 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
549 res->refs[n] = talloc_steal(res->refs, ares->referral);
550 res->refs[n + 1] = NULL;
553 if (ares->controls) {
554 res->controls = talloc_steal(res, ares->controls);
555 if (! res->controls) {
566 *((struct ldb_result **)context) = NULL;
567 return LDB_ERR_OPERATIONS_ERROR;
571 note that ldb_search() will automatically replace a NULL 'base' value with the
572 defaultNamingContext from the rootDSE if available.
574 int ldb_search(struct ldb_context *ldb,
575 const struct ldb_dn *base,
576 enum ldb_scope scope,
577 const char *expression,
578 const char * const *attrs,
579 struct ldb_result **res)
581 struct ldb_request *req;
586 req = talloc(ldb, struct ldb_request);
588 ldb_set_errstring(ldb, "Out of Memory");
589 return LDB_ERR_OPERATIONS_ERROR;
593 base = ldb_get_default_basedn(ldb);
596 req->operation = LDB_SEARCH;
597 req->op.search.base = base;
598 req->op.search.scope = scope;
600 req->op.search.tree = ldb_parse_tree(req, expression);
601 if (req->op.search.tree == NULL) {
602 ldb_set_errstring(ldb, "Unable to parse search expression");
604 return LDB_ERR_OPERATIONS_ERROR;
607 *res = talloc_zero(ldb, struct ldb_result);
610 return LDB_ERR_OPERATIONS_ERROR;
613 req->op.search.attrs = attrs;
614 req->controls = NULL;
616 req->callback = ldb_search_callback;
617 ldb_set_timeout(ldb, req, 0); /* use default timeout */
619 ret = ldb_request(ldb, req);
621 if (ret == LDB_SUCCESS) {
622 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
625 if (ret != LDB_SUCCESS) {
636 add a record to the database. Will fail if a record with the given class and key
639 int ldb_add(struct ldb_context *ldb,
640 const struct ldb_message *message)
642 struct ldb_request *req;
645 ret = ldb_msg_sanity_check(ldb, message);
646 if (ret != LDB_SUCCESS) {
650 req = talloc(ldb, struct ldb_request);
652 ldb_set_errstring(ldb, "Out of Memory");
653 return LDB_ERR_OPERATIONS_ERROR;
656 req->operation = LDB_ADD;
657 req->op.add.message = message;
658 req->controls = NULL;
660 req->callback = NULL;
661 ldb_set_timeout(ldb, req, 0); /* use default timeout */
663 /* do request and autostart a transaction */
664 ret = ldb_autotransaction_request(ldb, req);
671 modify the specified attributes of a record
673 int ldb_modify(struct ldb_context *ldb,
674 const struct ldb_message *message)
676 struct ldb_request *req;
679 ret = ldb_msg_sanity_check(ldb, message);
680 if (ret != LDB_SUCCESS) return ret;
682 req = talloc(ldb, struct ldb_request);
684 ldb_set_errstring(ldb, "Out of Memory!");
685 return LDB_ERR_OPERATIONS_ERROR;
688 req->operation = LDB_MODIFY;
689 req->op.add.message = message;
690 req->controls = NULL;
692 req->callback = NULL;
693 ldb_set_timeout(ldb, req, 0); /* use default timeout */
695 /* do request and autostart a transaction */
696 ret = ldb_autotransaction_request(ldb, req);
704 delete a record from the database
706 int ldb_delete(struct ldb_context *ldb, const struct ldb_dn *dn)
708 struct ldb_request *req;
711 req = talloc(ldb, struct ldb_request);
713 ldb_set_errstring(ldb, "Out of Memory!");
714 return LDB_ERR_OPERATIONS_ERROR;
717 req->operation = LDB_DELETE;
719 req->controls = NULL;
721 req->callback = NULL;
722 ldb_set_timeout(ldb, req, 0); /* use default timeout */
724 /* do request and autostart a transaction */
725 ret = ldb_autotransaction_request(ldb, req);
732 rename a record in the database
734 int ldb_rename(struct ldb_context *ldb, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
736 struct ldb_request *req;
739 req = talloc(ldb, struct ldb_request);
741 ldb_set_errstring(ldb, "Out of Memory!");
742 return LDB_ERR_OPERATIONS_ERROR;
745 req->operation = LDB_RENAME;
746 req->op.rename.olddn = olddn;
747 req->op.rename.newdn = newdn;
748 req->controls = NULL;
750 req->callback = NULL;
751 ldb_set_timeout(ldb, req, 0); /* use default timeout */
753 /* do request and autostart a transaction */
754 ret = ldb_autotransaction_request(ldb, req);
762 return the global sequence number
764 int ldb_sequence_number(struct ldb_context *ldb, uint64_t *seq_num)
766 struct ldb_request *req;
769 req = talloc(ldb, struct ldb_request);
771 ldb_set_errstring(ldb, "Out of Memory");
772 return LDB_ERR_OPERATIONS_ERROR;
775 req->operation = LDB_SEQUENCE_NUMBER;
776 req->controls = NULL;
778 req->callback = NULL;
779 ldb_set_timeout(ldb, req, 0); /* use default timeout */
781 /* do request and autostart a transaction */
782 ret = ldb_request(ldb, req);
784 if (ret == LDB_SUCCESS) {
785 *seq_num = req->op.seq_num.seq_num;
795 return extended error information
797 const char *ldb_errstring(struct ldb_context *ldb)
799 if (ldb->err_string) {
800 return ldb->err_string;
807 return a string explaining what a ldb error constant meancs
809 const char *ldb_strerror(int ldb_err)
814 case LDB_ERR_OPERATIONS_ERROR:
815 return "Operations error";
816 case LDB_ERR_PROTOCOL_ERROR:
817 return "Protocol error";
818 case LDB_ERR_TIME_LIMIT_EXCEEDED:
819 return "Time limit exceeded";
820 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
821 return "Size limit exceeded";
822 case LDB_ERR_COMPARE_FALSE:
823 return "Compare false";
824 case LDB_ERR_COMPARE_TRUE:
825 return "Compare true";
826 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
827 return "Auth method not supported";
828 case LDB_ERR_STRONG_AUTH_REQUIRED:
829 return "Strong auth required";
831 case LDB_ERR_REFERRAL:
832 return "Referral error";
833 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
834 return "Admin limit exceeded";
835 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
836 return "Unsupported critical extension";
837 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
838 return "Confidentiality required";
839 case LDB_ERR_SASL_BIND_IN_PROGRESS:
840 return "SASL bind in progress";
841 case LDB_ERR_NO_SUCH_ATTRIBUTE:
842 return "No such attribute";
843 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
844 return "Undefined attribute type";
845 case LDB_ERR_INAPPROPRIATE_MATCHING:
846 return "Inappropriate matching";
847 case LDB_ERR_CONSTRAINT_VIOLATION:
848 return "Constraint violation";
849 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
850 return "Attribute or value exists";
851 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
852 return "Invalid attribute syntax";
854 case LDB_ERR_NO_SUCH_OBJECT:
855 return "No such object";
856 case LDB_ERR_ALIAS_PROBLEM:
857 return "Alias problem";
858 case LDB_ERR_INVALID_DN_SYNTAX:
859 return "Invalid DN syntax";
861 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
862 return "Alias dereferencing problem";
864 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
865 return "Inappropriate authentication";
866 case LDB_ERR_INVALID_CREDENTIALS:
867 return "Invalid credentials";
868 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
869 return "insufficient access rights";
872 case LDB_ERR_UNAVAILABLE:
873 return "Unavailable";
874 case LDB_ERR_UNWILLING_TO_PERFORM:
875 return "Unwilling to perform";
876 case LDB_ERR_LOOP_DETECT:
877 return "Loop detect";
879 case LDB_ERR_NAMING_VIOLATION:
880 return "Naming violation";
881 case LDB_ERR_OBJECT_CLASS_VIOLATION:
882 return "Object class violation";
883 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
884 return "Not allowed on non-leaf";
885 case LDB_ERR_NOT_ALLOWED_ON_RDN:
886 return "Not allowed on RDN";
887 case LDB_ERR_ENTRY_ALREADY_EXISTS:
888 return "Entry already exists";
889 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
890 return "Object class mods prohibited";
891 /* 70 RESERVED FOR CLDAP */
892 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
893 return "Affects multiple DSAs";
899 return "Unknown error";
903 set backend specific opaque parameters
905 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
907 struct ldb_opaque *o;
909 /* allow updating an existing value */
910 for (o=ldb->opaque;o;o=o->next) {
911 if (strcmp(o->name, name) == 0) {
917 o = talloc(ldb, struct ldb_opaque);
920 return LDB_ERR_OTHER;
922 o->next = ldb->opaque;
930 get a previously set opaque value
932 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
934 struct ldb_opaque *o;
935 for (o=ldb->opaque;o;o=o->next) {
936 if (strcmp(o->name, name) == 0) {