X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source4%2Flib%2Fldb%2Finclude%2Fldb.h;h=bcb852f2adee7cbcdc0d8421fbeab25e3f65710f;hb=7ce36261a7b17b8485924021971b44ef4314edca;hp=e2ec869872ab23fc771443300a16df62f8d60d21;hpb=5076c64d43c68a028ac944c336715b4cb277365f;p=kamenim%2Fsamba.git diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index e2ec869872..bcb852f2ad 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -46,18 +46,21 @@ #define _LDB_H_ 1 /*! \endcond */ +#include +#include +#include +#include "ldb_errors.h" + /* major restrictions as compared to normal LDAP: - - no async calls. - each record must have a unique key field - the key must be representable as a NULL terminated C string and may not contain a comma or braces major restrictions as compared to tdb: - - no explicit locking calls - UPDATE: we have transactions now, better than locking --SSS. + - no explicit locking calls, but we have transactions when using ldb_tdb */ @@ -91,8 +94,8 @@ struct ldb_dn; /** There are a number of flags that are used with ldap_modify() in - ldb_message_element.flags fields. The LDA_FLAGS_MOD_ADD, - LDA_FLAGS_MOD_DELETE and LDA_FLAGS_MOD_REPLACE flags are used in + ldb_message_element.flags fields. The LDB_FLAGS_MOD_ADD, + LDB_FLAGS_MOD_DELETE and LDB_FLAGS_MOD_REPLACE flags are used in ldap_modify() calls to specify whether attributes are being added, deleted or modified respectively. */ @@ -181,7 +184,7 @@ enum ldb_scope {LDB_SCOPE_DEFAULT=-1, LDB_SCOPE_SUBTREE=2}; struct ldb_context; -struct event_context; +struct tevent_context; /* debugging uses one of the following levels */ enum ldb_debug_level {LDB_DEBUG_FATAL, LDB_DEBUG_ERROR, @@ -237,6 +240,17 @@ struct ldb_utf8_fns { */ #define LDB_FLG_NOMMAP 8 +/** + Flag to tell ldif handlers not to force encoding of binary + structures in base64 +*/ +#define LDB_FLG_SHOW_BINARY 16 + +/** + Flags to enable ldb tracing +*/ +#define LDB_FLG_ENABLE_TRACING 32 + /* structures for ldb_parse_tree handling code */ @@ -372,6 +386,17 @@ const struct ldb_dn_extended_syntax *ldb_dn_extended_syntax_by_name(struct ldb_c */ #define LDB_ATTR_FLAG_FIXED (1<<2) +/* + when this is set, attempts to create two records which have the same + value for this attribute will return LDB_ERR_ENTRY_ALREADY_EXISTS + */ +#define LDB_ATTR_FLAG_UNIQUE_INDEX (1<<3) + +/* + when this is set, attempts to create two attribute values for this attribute on a single DN will return LDB_ERR_CONSTRAINT_VIOLATION + */ +#define LDB_ATTR_FLAG_SINGLE_VALUE (1<<4) + /** LDAP attribute syntax for a DN @@ -399,6 +424,15 @@ const struct ldb_dn_extended_syntax *ldb_dn_extended_syntax_by_name(struct ldb_c */ #define LDB_SYNTAX_INTEGER "1.3.6.1.4.1.1466.115.121.1.27" +/** + LDAP attribute syntax for a boolean + + This is the well-known LDAP attribute syntax for a boolean. + + See RFC 2252, Section 4.3.2 +*/ +#define LDB_SYNTAX_BOOLEAN "1.3.6.1.4.1.1466.115.121.1.7" + /** LDAP attribute syntax for an octet string @@ -422,6 +456,39 @@ const struct ldb_dn_extended_syntax *ldb_dn_extended_syntax_by_name(struct ldb_c /* sorting helpers */ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); +/* Individual controls */ + +/** + OID for getting and manipulating attributes from the ldb + without interception in the operational module. + It can be used to access attribute that used to be stored in the sam + and that are now calculated. +*/ +#define LDB_CONTROL_BYPASSOPERATIONAL_OID "1.3.6.1.4.1.7165.4.3.13" + +/** + OID for recalculate SD control. This control force the + dsdb code to recalculate the SD of the object as if the + object was just created. + +*/ +#define LDB_CONTROL_RECALCULATE_SD_OID "1.3.6.1.4.1.7165.4.3.5" + +/** + REVEAL_INTERNALS is used to reveal internal attributes and DN + components which are not normally shown to the user +*/ +#define LDB_CONTROL_REVEAL_INTERNALS "1.3.6.1.4.1.7165.4.3.6" + +/** + LDB_CONTROL_AS_SYSTEM is used to skip access checks on operations + that are performed by the system, but with a user's credentials, e.g. + updating prefix map +*/ +#define LDB_CONTROL_AS_SYSTEM_OID "1.3.6.1.4.1.7165.4.3.7" + +/* AD controls */ + /** OID for the paged results control. This control is included in the searchRequest and searchResultDone messages as part of the controls @@ -460,6 +527,13 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); */ #define LDB_CONTROL_NOTIFICATION_OID "1.2.840.113556.1.4.528" +/** + OID for performing subtree deletes + + \sa Microsoft documentation of this OID +*/ +#define LDB_CONTROL_TREE_DELETE_OID "1.2.840.113556.1.4.805" + /** OID for getting deleted objects @@ -467,6 +541,20 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); */ #define LDB_CONTROL_SHOW_DELETED_OID "1.2.840.113556.1.4.417" +/** + OID for getting recycled objects + + \sa Microsoft documentation of this OID +*/ +#define LDB_CONTROL_SHOW_RECYCLED_OID "1.2.840.113556.1.4.2064" + +/** + OID for getting deactivated linked attributes + + \sa Microsoft documentation of this OID +*/ +#define LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID "1.2.840.113556.1.4.2065" + /** OID for extended DN @@ -540,21 +628,57 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); */ #define LDB_CONTROL_PERMISSIVE_MODIFY_OID "1.2.840.113556.1.4.1413" +/** + OID to allow the server to be more 'fast and loose' with the data being added. + + \sa + +*/ +#define LDB_CONTROL_SERVER_LAZY_COMMIT "1.2.840.113556.1.4.619" + +/** + OID for LDAP Extended Operation FAST_BIND + + This Extended operations is used to perform a fast bind. +*/ +#define LDB_EXTENDED_FAST_BIND_OID "1.2.840.113556.1.4.1781" + /** OID for LDAP Extended Operation START_TLS. - This Extended operation is used to start a new TLS - channel on top of a clear text channel. + This Extended operation is used to start a new TLS channel on top of a clear + text channel. */ #define LDB_EXTENDED_START_TLS_OID "1.3.6.1.4.1.1466.20037" /** + OID for LDAP Extended Operation DYNAMIC_REFRESH. + + This Extended operation is used to create and maintain objects which exist + only a specific time, e.g. when a certain client or a certain person is + logged in. Data refreshes have to be periodically sent in a specific + interval. Otherwise the entry is going to be removed. */ #define LDB_EXTENDED_DYNAMIC_OID "1.3.6.1.4.1.1466.101.119.1" +/* Other standardised controls */ + /** + OID for the allowing client to request temporary relaxed + enforcement of constraints of the x.500 model. + + \sa draft managedit. */ -#define LDB_EXTENDED_FAST_BIND_OID "1.2.840.113556.1.4.1781" +#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12" + +/* + OID for LDAP Extended Operation PASSWORD_CHANGE. + + This Extended operation is used to allow user password changes by the user + itself. +*/ +#define LDB_EXTENDED_PASSWORD_CHANGE_OID "1.3.6.1.4.1.4203.1.11.1" + struct ldb_sd_flags_control { /* @@ -598,8 +722,8 @@ struct ldb_extended_dn_control { }; struct ldb_server_sort_control { - char *attributeName; - char *orderingRule; + const char *attributeName; + const char *orderingRule; int reverse; }; @@ -695,6 +819,9 @@ enum ldb_sequence_type { LDB_SEQ_NEXT }; +#define LDB_SEQ_GLOBAL_SEQUENCE 0x01 +#define LDB_SEQ_TIMESTAMP_SEQUENCE 0x02 + struct ldb_seqnum_request { enum ldb_sequence_type type; }; @@ -795,9 +922,9 @@ int ldb_set_timeout(struct ldb_context *ldb, struct ldb_request *req, int timeou int ldb_set_timeout_from_prev_req(struct ldb_context *ldb, struct ldb_request *oldreq, struct ldb_request *newreq); void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms); void ldb_set_modules_dir(struct ldb_context *ldb, const char *path); -struct event_context; -void ldb_set_event_context(struct ldb_context *ldb, struct event_context *ev); -struct event_context * ldb_get_event_context(struct ldb_context *ldb); +struct tevent_context; +void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev); +struct tevent_context * ldb_get_event_context(struct ldb_context *ldb); /** Initialise ldbs' global information @@ -819,7 +946,7 @@ int ldb_global_init(void); \return pointer to ldb_context that should be free'd (using talloc_free()) at the end of the program. */ -struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx); +struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx); /** Connect to a database. @@ -912,6 +1039,7 @@ int ldb_search_default_callback(struct ldb_request *req, struct ldb_reply *ares) */ int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares); +int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares); /** Helper function to build a search request @@ -1232,11 +1360,21 @@ int ldb_extended(struct ldb_context *ldb, void *data,/* NULL or a valid talloc pointer! talloc_get_type() will be used on it */ struct ldb_result **res); +/** + Obtain current/next database sequence number +*/ +int ldb_sequence_number(struct ldb_context *ldb, enum ldb_sequence_type type, uint64_t *seq_num); + /** start a transaction */ int ldb_transaction_start(struct ldb_context *ldb); +/** + first phase of two phase commit + */ +int ldb_transaction_prepare_commit(struct ldb_context *ldb); + /** commit a transaction */ @@ -1247,6 +1385,12 @@ int ldb_transaction_commit(struct ldb_context *ldb); */ int ldb_transaction_cancel(struct ldb_context *ldb); +/* + cancel a transaction with no error if no transaction is pending + used when we fork() to clear any parent transactions +*/ +int ldb_transaction_cancel_noerr(struct ldb_context *ldb); + /** return extended error information from the last call @@ -1409,6 +1553,32 @@ struct ldb_ldif *ldb_ldif_read_string(struct ldb_context *ldb, const char **s); */ int ldb_ldif_write_file(struct ldb_context *ldb, FILE *f, const struct ldb_ldif *msg); +/** + Write an LDIF message to a string + + \param ldb the ldb context (from ldb_init()) + \param mem_ctx the talloc context on which to attach the string) + \param msg the message to write out + + \return the string containing the LDIF, or NULL on error + + \sa ldb_ldif_read_string for the reader equivalent to this function. +*/ +char * ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, + const struct ldb_ldif *msg); + + +/* + Produce a string form of an ldb message + + convenient function to turn a ldb_message into a string. Useful for + debugging + */ +char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, + enum ldb_changetype changetype, + const struct ldb_message *msg); + + /** Base64 encode a buffer @@ -1466,7 +1636,7 @@ char *ldb_dn_alloc_linearized(TALLOC_CTX *mem_ctx, struct ldb_dn *dn); char *ldb_dn_get_extended_linearized(void *mem_ctx, struct ldb_dn *dn, int mode); const struct ldb_val *ldb_dn_get_extended_component(struct ldb_dn *dn, const char *name); int ldb_dn_set_extended_component(struct ldb_dn *dn, const char *name, const struct ldb_val *val); - +void ldb_dn_extended_filter(struct ldb_dn *dn, const char * const *accept); void ldb_dn_remove_extended_components(struct ldb_dn *dn); bool ldb_dn_has_extended(struct ldb_dn *dn); @@ -1542,6 +1712,7 @@ bool ldb_dn_is_valid(struct ldb_dn *dn); bool ldb_dn_is_special(struct ldb_dn *dn); bool ldb_dn_check_special(struct ldb_dn *dn, const char *check); bool ldb_dn_is_null(struct ldb_dn *dn); +int ldb_dn_update_components(struct ldb_dn *dn, const struct ldb_dn *ref_dn); /** @@ -1625,6 +1796,8 @@ int ldb_msg_add_steal_string(struct ldb_message *msg, const char *attr_name, char *str); int ldb_msg_add_string(struct ldb_message *msg, const char *attr_name, const char *str); +int ldb_msg_add_linearized_dn(struct ldb_message *msg, const char *attr_name, + struct ldb_dn *dn); int ldb_msg_add_fmt(struct ldb_message *msg, const char *attr_name, const char *fmt, ...) PRINTF_ATTRIBUTE(3,4); @@ -1633,6 +1806,8 @@ int ldb_msg_add_fmt(struct ldb_message *msg, */ int ldb_msg_element_compare(struct ldb_message_element *el1, struct ldb_message_element *el2); +int ldb_msg_element_compare_name(struct ldb_message_element *el1, + struct ldb_message_element *el2); /** Find elements in a message. @@ -1679,11 +1854,43 @@ struct ldb_message *ldb_msg_copy(TALLOC_CTX *mem_ctx, struct ldb_message *ldb_msg_canonicalize(struct ldb_context *ldb, const struct ldb_message *msg); +int ldb_msg_canonicalize_ex(struct ldb_context *ldb, + const struct ldb_message *msg, + TALLOC_CTX *mem_ctx, + struct ldb_message **_msg_out); + struct ldb_message *ldb_msg_diff(struct ldb_context *ldb, struct ldb_message *msg1, struct ldb_message *msg2); +/** + * return a ldb_message representing the differences between msg1 and msg2. + * If you then use this in a ldb_modify() call it can be used to save edits to a message + * + * Result message is constructed as follows: + * - LDB_FLAG_MOD_ADD - elements found only in msg2 + * - LDB_FLAG_MOD_REPLACE - elements in msg2 that have different value in msg1 + * Value for msg2 element is used + * - LDB_FLAG_MOD_DELETE - elements found only in msg2 + * + * @return LDB_SUCCESS or LDB_ERR_OPERATIONS_ERROR + */ +int ldb_msg_diff_ex(struct ldb_context *ldb, + struct ldb_message *msg1, + struct ldb_message *msg2, + TALLOC_CTX *mem_ctx, + struct ldb_message **_msg_out); + +/** + Tries to find a certain string attribute in a message + + \param msg the message to check + \param name attribute name + \param value attribute value + + \return 1 on match and 0 otherwise. +*/ int ldb_msg_check_string_attribute(const struct ldb_message *msg, const char *name, const char *value); @@ -1746,14 +1953,22 @@ const char **ldb_attr_list_copy(TALLOC_CTX *mem_ctx, const char * const *attrs); const char **ldb_attr_list_copy_add(TALLOC_CTX *mem_ctx, const char * const *attrs, const char *new_attr); int ldb_attr_in_list(const char * const *attrs, const char *attr); +int ldb_msg_rename_attr(struct ldb_message *msg, const char *attr, const char *replace); +int ldb_msg_copy_attr(struct ldb_message *msg, const char *attr, const char *replace); +void ldb_msg_remove_attr(struct ldb_message *msg, const char *attr); +void ldb_msg_remove_element(struct ldb_message *msg, struct ldb_message_element *el); + void ldb_parse_tree_attr_replace(struct ldb_parse_tree *tree, const char *attr, const char *replace); -int ldb_msg_rename_attr(struct ldb_message *msg, const char *attr, const char *replace); -int ldb_msg_copy_attr(struct ldb_message *msg, const char *attr, const char *replace); -void ldb_msg_remove_attr(struct ldb_message *msg, const char *attr); +/* + shallow copy a tree - copying only the elements array so that the caller + can safely add new elements without changing the message +*/ +struct ldb_parse_tree *ldb_parse_tree_copy_shallow(TALLOC_CTX *mem_ctx, + const struct ldb_parse_tree *ot); /** Convert a time structure to a string @@ -1781,6 +1996,12 @@ char *ldb_timestring(TALLOC_CTX *mem_ctx, time_t t); */ time_t ldb_string_to_time(const char *s); +/** + convert a LDAP GeneralizedTime string in ldb_val format to a + time_t. +*/ +int ldb_val_to_time(const struct ldb_val *v, time_t *t); + /** Convert a time structure to a string @@ -1810,6 +2031,35 @@ time_t ldb_string_utc_to_time(const char *s); void ldb_qsort (void *const pbase, size_t total_elems, size_t size, void *opaque, ldb_qsort_cmp_fn_t cmp); +#ifndef discard_const +#define discard_const(ptr) ((void *)((uintptr_t)(ptr))) +#endif + +/* + a wrapper around ldb_qsort() that ensures the comparison function is + type safe. This will produce a compilation warning if the types + don't match + */ +#define LDB_TYPESAFE_QSORT(base, numel, opaque, comparison) \ +do { \ + if (numel > 1) { \ + ldb_qsort(base, numel, sizeof((base)[0]), discard_const(opaque), (ldb_qsort_cmp_fn_t)comparison); \ + comparison(&((base)[0]), &((base)[1]), opaque); \ + } \ +} while (0) + +/* allow ldb to also call TYPESAFE_QSORT() */ +#ifndef TYPESAFE_QSORT +#define TYPESAFE_QSORT(base, numel, comparison) \ +do { \ + if (numel > 1) { \ + qsort(base, numel, sizeof((base)[0]), (int (*)(const void *, const void *))comparison); \ + comparison(&((base)[0]), &((base)[1])); \ + } \ +} while (0) +#endif + + /** Convert an array of string represention of a control into an array of ldb_control structures @@ -1822,4 +2072,20 @@ void ldb_qsort (void *const pbase, size_t total_elems, size_t size, void *opaque */ struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char **control_strings); +/** + return the ldb flags +*/ +unsigned int ldb_get_flags(struct ldb_context *ldb); + +/* set the ldb flags */ +void ldb_set_flags(struct ldb_context *ldb, unsigned flags); + + +struct ldb_dn *ldb_dn_binary_from_ldb_val(void *mem_ctx, + struct ldb_context *ldb, + const struct ldb_val *strdn); + +int ldb_dn_get_binary(struct ldb_dn *dn, struct ldb_val *val); +int ldb_dn_set_binary(struct ldb_dn *dn, struct ldb_val *val); + #endif