4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2005-2006
8 ** NOTE! The following LGPL license applies to the ldb
9 ** library. This does NOT imply that all of Samba is released
12 This library is free software; you can redistribute it and/or
13 modify it under the terms of the GNU Lesser General Public
14 License as published by the Free Software Foundation; either
15 version 2 of the License, or (at your option) any later version.
17 This library is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 Lesser General Public License for more details.
22 You should have received a copy of the GNU Lesser General Public
23 License along with this library; if not, write to the Free Software
24 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30 * Component: ldb header
32 * Description: defines for base ldb API
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 \file ldb.h Samba's ldb database
41 This header file provides the main API for ldb.
46 /*! \cond DOXYGEN_IGNORE */
51 major restrictions as compared to normal LDAP:
54 - each record must have a unique key field
55 - the key must be representable as a NULL terminated C string and may not
56 contain a comma or braces
58 major restrictions as compared to tdb:
60 - no explicit locking calls
61 UPDATE: we have transactions now, better than locking --SSS.
69 An individual lump of data in a result comes in this format. The
70 pointer will usually be to a UTF-8 string if the application is
71 sensible, but it can be to anything you like, including binary data
72 blobs of arbitrary size.
74 \note the data is null (0x00) terminated, but the length does not
75 include the terminator.
78 uint8_t *data; /*!< result data */
79 size_t length; /*!< length of data */
83 /*! \cond DOXYGEN_IGNORE */
84 #ifndef PRINTF_ATTRIBUTE
85 #define PRINTF_ATTRIBUTE(a,b)
89 /* opaque ldb_dn structures, see ldb_dn.c for internals */
90 struct ldb_dn_component;
94 There are a number of flags that are used with ldap_modify() in
95 ldb_message_element.flags fields. The LDA_FLAGS_MOD_ADD,
96 LDA_FLAGS_MOD_DELETE and LDA_FLAGS_MOD_REPLACE flags are used in
97 ldap_modify() calls to specify whether attributes are being added,
98 deleted or modified respectively.
100 #define LDB_FLAG_MOD_MASK 0x3
103 Flag value used in ldap_modify() to indicate that attributes are
106 \sa LDB_FLAG_MOD_MASK
108 #define LDB_FLAG_MOD_ADD 1
111 Flag value used in ldap_modify() to indicate that attributes are
114 \sa LDB_FLAG_MOD_MASK
116 #define LDB_FLAG_MOD_REPLACE 2
119 Flag value used in ldap_modify() to indicate that attributes are
122 \sa LDB_FLAG_MOD_MASK
124 #define LDB_FLAG_MOD_DELETE 3
127 OID for logic AND comaprison.
129 This is the well known object ID for a logical AND comparitor.
131 #define LDB_OID_COMPARATOR_AND "1.2.840.113556.1.4.803"
134 OID for logic OR comparison.
136 This is the well known object ID for a logical OR comparitor.
138 #define LDB_OID_COMPARATOR_OR "1.2.840.113556.1.4.804"
141 results are given back as arrays of ldb_message_element
143 struct ldb_message_element {
146 unsigned int num_values;
147 struct ldb_val *values;
152 a ldb_message represents all or part of a record. It can contain an arbitrary
157 unsigned int num_elements;
158 struct ldb_message_element *elements;
161 enum ldb_changetype {
162 LDB_CHANGETYPE_NONE=0,
164 LDB_CHANGETYPE_DELETE,
165 LDB_CHANGETYPE_MODIFY
171 This structure contains a LDIF record, as returned from ldif_read()
172 and equivalent functions.
175 enum ldb_changetype changetype; /*!< The type of change */
176 struct ldb_message *msg; /*!< The changes */
179 enum ldb_scope {LDB_SCOPE_DEFAULT=-1,
181 LDB_SCOPE_ONELEVEL=1,
182 LDB_SCOPE_SUBTREE=2};
186 /* debugging uses one of the following levels */
187 enum ldb_debug_level {LDB_DEBUG_FATAL, LDB_DEBUG_ERROR,
188 LDB_DEBUG_WARNING, LDB_DEBUG_TRACE};
191 the user can optionally supply a debug function. The function
192 is based on the vfprintf() style of interface, but with the addition
195 struct ldb_debug_ops {
196 void (*debug)(void *context, enum ldb_debug_level level,
197 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
202 The user can optionally supply a custom utf8 functions,
203 to handle comparisons and casefolding.
205 struct ldb_utf8_fns {
207 char *(*casefold)(void *context, void *mem_ctx, const char *s);
211 Flag value for database connection mode.
213 If LDB_FLG_RDONLY is used in ldb_connect, then the database will be
214 opened read-only, if possible.
216 #define LDB_FLG_RDONLY 1
219 Flag value for database connection mode.
221 If LDB_FLG_NOSYNC is used in ldb_connect, then the database will be
222 opened without synchronous operations, if possible.
224 #define LDB_FLG_NOSYNC 2
227 Flag value to specify autoreconnect mode.
229 If LDB_FLG_RECONNECT is used in ldb_connect, then the backend will
230 be opened in a way that makes it try to auto reconnect if the
231 connection is dropped (actually make sense only with ldap).
233 #define LDB_FLG_RECONNECT 4
236 structures for ldb_parse_tree handling code
238 enum ldb_parse_op { LDB_OP_AND=1, LDB_OP_OR=2, LDB_OP_NOT=3,
239 LDB_OP_EQUALITY=4, LDB_OP_SUBSTRING=5,
240 LDB_OP_GREATER=6, LDB_OP_LESS=7, LDB_OP_PRESENT=8,
241 LDB_OP_APPROX=9, LDB_OP_EXTENDED=10 };
243 struct ldb_parse_tree {
244 enum ldb_parse_op operation;
247 struct ldb_parse_tree *child;
251 struct ldb_val value;
255 int start_with_wildcard;
256 int end_with_wildcard;
257 struct ldb_val **chunks;
264 struct ldb_val value;
270 struct ldb_val value;
273 unsigned int num_elements;
274 struct ldb_parse_tree **elements;
279 struct ldb_parse_tree *ldb_parse_tree(void *mem_ctx, const char *s);
280 char *ldb_filter_from_tree(void *mem_ctx, struct ldb_parse_tree *tree);
285 This function encodes a binary blob using the encoding rules in RFC
286 2254 (Section 4). This function also escapes any non-printable
289 \param ctx the memory context to allocate the return string in.
290 \param val the (potentially) binary data to be encoded
292 \return the encoded data as a null terminated string
294 \sa <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>.
296 char *ldb_binary_encode(void *ctx, struct ldb_val val);
301 This function encodes a string using the encoding rules in RFC 2254
302 (Section 4). This function also escapes any non-printable
305 \param mem_ctx the memory context to allocate the return string in.
306 \param string the string to be encoded
308 \return the encoded data as a null terminated string
310 \sa <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>.
312 char *ldb_binary_encode_string(void *mem_ctx, const char *string);
315 functions for controlling attribute handling
317 typedef int (*ldb_attr_handler_t)(struct ldb_context *, void *mem_ctx, const struct ldb_val *, struct ldb_val *);
318 typedef int (*ldb_attr_comparison_t)(struct ldb_context *, void *mem_ctx, const struct ldb_val *, const struct ldb_val *);
321 attribute handler structure
323 attr -> The attribute name
324 flags -> LDB_ATTR_FLAG_*
325 ldif_read_fn -> convert from ldif to binary format
326 ldif_write_fn -> convert from binary to ldif format
327 canonicalise_fn -> canonicalise a value, for use by indexing and dn construction
328 comparison_fn -> compare two values
331 struct ldb_schema_syntax {
333 ldb_attr_handler_t ldif_read_fn;
334 ldb_attr_handler_t ldif_write_fn;
335 ldb_attr_handler_t canonicalise_fn;
336 ldb_attr_comparison_t comparison_fn;
339 struct ldb_schema_attribute {
342 const struct ldb_schema_syntax *syntax;
345 const struct ldb_schema_attribute *ldb_schema_attribute_by_name(struct ldb_context *ldb,
349 The attribute is not returned by default
351 #define LDB_ATTR_FLAG_HIDDEN (1<<0)
353 /* the attribute handler name should be freed when released */
354 #define LDB_ATTR_FLAG_ALLOCATED (1<<1)
357 The attribute is constructed from other attributes
359 #define LDB_ATTR_FLAG_CONSTRUCTED (1<<1)
362 LDAP attribute syntax for a DN
364 This is the well-known LDAP attribute syntax for a DN.
366 See <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>, Section 4.3.2
368 #define LDB_SYNTAX_DN "1.3.6.1.4.1.1466.115.121.1.12"
371 LDAP attribute syntax for a Directory String
373 This is the well-known LDAP attribute syntax for a Directory String.
375 \sa <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>, Section 4.3.2
377 #define LDB_SYNTAX_DIRECTORY_STRING "1.3.6.1.4.1.1466.115.121.1.15"
380 LDAP attribute syntax for an integer
382 This is the well-known LDAP attribute syntax for an integer.
384 See <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>, Section 4.3.2
386 #define LDB_SYNTAX_INTEGER "1.3.6.1.4.1.1466.115.121.1.27"
389 LDAP attribute syntax for an octet string
391 This is the well-known LDAP attribute syntax for an octet string.
393 See <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>, Section 4.3.2
395 #define LDB_SYNTAX_OCTET_STRING "1.3.6.1.4.1.1466.115.121.1.40"
398 LDAP attribute syntax for UTC time.
400 This is the well-known LDAP attribute syntax for a UTC time.
402 See <a href="http://www.ietf.org/rfc/rfc2252.txt">RFC 2252</a>, Section 4.3.2
404 #define LDB_SYNTAX_UTC_TIME "1.3.6.1.4.1.1466.115.121.1.53"
406 #define LDB_SYNTAX_OBJECTCLASS "LDB_SYNTAX_OBJECTCLASS"
408 /* sorting helpers */
409 typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque);
412 OID for the paged results control. This control is included in the
413 searchRequest and searchResultDone messages as part of the controls
414 field of the LDAPMessage, as defined in Section 4.1.12 of
417 \sa <a href="http://www.ietf.org/rfc/rfc2696.txt">RFC 2696</a>.
419 #define LDB_CONTROL_PAGED_RESULTS_OID "1.2.840.113556.1.4.319"
422 OID for specifying the returned elements of the ntSecurityDescriptor
424 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_sd_flags_oid.asp">Microsoft documentation of this OID</a>
426 #define LDB_CONTROL_SD_FLAGS_OID "1.2.840.113556.1.4.801"
429 OID for specifying an advanced scope for the search (one partition)
431 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_domain_scope_oid.asp">Microsoft documentation of this OID</a>
433 #define LDB_CONTROL_DOMAIN_SCOPE_OID "1.2.840.113556.1.4.1339"
436 OID for specifying an advanced scope for a search
438 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_search_options_oid.asp">Microsoft documentation of this OID</a>
440 #define LDB_CONTROL_SEARCH_OPTIONS_OID "1.2.840.113556.1.4.1340"
445 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_notification_oid.asp">Microsoft documentation of this OID</a>
447 #define LDB_CONTROL_NOTIFICATION_OID "1.2.840.113556.1.4.528"
450 OID for getting deleted objects
452 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_show_deleted_oid.asp">Microsoft documentation of this OID</a>
454 #define LDB_CONTROL_SHOW_DELETED_OID "1.2.840.113556.1.4.417"
459 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_extended_dn_oid.asp">Microsoft documentation of this OID</a>
461 #define LDB_CONTROL_EXTENDED_DN_OID "1.2.840.113556.1.4.529"
464 OID for LDAP server sort result extension.
466 This control is included in the searchRequest message as part of
467 the controls field of the LDAPMessage, as defined in Section 4.1.12
468 of LDAP v3. The controlType is set to
469 "1.2.840.113556.1.4.473". The criticality MAY be either TRUE or
470 FALSE (where absent is also equivalent to FALSE) at the client's
473 \sa <a href="http://www.ietf.org/rfc/rfc2891.txt">RFC 2891</a>.
475 #define LDB_CONTROL_SERVER_SORT_OID "1.2.840.113556.1.4.473"
478 OID for LDAP server sort result response extension.
480 This control is included in the searchResultDone message as part of
481 the controls field of the LDAPMessage, as defined in Section 4.1.12 of
484 \sa <a href="http://www.ietf.org/rfc/rfc2891.txt">RFC 2891</a>.
486 #define LDB_CONTROL_SORT_RESP_OID "1.2.840.113556.1.4.474"
489 OID for LDAP Attribute Scoped Query extension.
491 This control is included in SearchRequest or SearchResponse
492 messages as part of the controls field of the LDAPMessage.
494 #define LDB_CONTROL_ASQ_OID "1.2.840.113556.1.4.1504"
497 OID for LDAP Directory Sync extension.
499 This control is included in SearchRequest or SearchResponse
500 messages as part of the controls field of the LDAPMessage.
502 #define LDB_CONTROL_DIRSYNC_OID "1.2.840.113556.1.4.841"
506 OID for LDAP Virtual List View Request extension.
508 This control is included in SearchRequest messages
509 as part of the controls field of the LDAPMessage.
511 #define LDB_CONTROL_VLV_REQ_OID "2.16.840.1.113730.3.4.9"
514 OID for LDAP Virtual List View Response extension.
516 This control is included in SearchResponse messages
517 as part of the controls field of the LDAPMessage.
519 #define LDB_CONTROL_VLV_RESP_OID "2.16.840.1.113730.3.4.10"
522 OID to let modifies don't give an error when adding an existing
523 attribute with the same value or deleting an nonexisting one attribute
525 \sa <a href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_permissive_modify_oid.asp">Microsoft documentation of this OID</a>
527 #define LDB_CONTROL_PERMISSIVE_MODIFY_OID "1.2.840.113556.1.4.1413"
530 OID for LDAP Extended Operation START_TLS.
532 This Extended operation is used to start a new TLS
533 channel on top of a clear text channel.
535 #define LDB_EXTENDED_START_TLS_OID "1.3.6.1.4.1.1466.20037"
539 #define LDB_EXTENDED_DYNAMIC_OID "1.3.6.1.4.1.1466.101.119.1"
543 #define LDB_EXTENDED_FAST_BIND_OID "1.2.840.113556.1.4.1781"
545 struct ldb_sd_flags_control {
547 * request the owner 0x00000001
548 * request the group 0x00000002
549 * request the DACL 0x00000004
550 * request the SACL 0x00000008
552 unsigned secinfo_flags;
556 * DOMAIN_SCOPE 0x00000001
557 * this limits the search to one partition,
558 * and no referrals will be returned.
559 * (Note this doesn't limit the entries by there
560 * objectSid belonging to a domain! Builtin and Foreign Sids
561 * are still returned)
563 * PHANTOM_ROOT 0x00000002
564 * this search on the whole tree on a domain controller
565 * over multiple partitions without referrals.
566 * (This is the default behavior on the Global Catalog Port)
569 #define LDB_SEARCH_OPTION_DOMAIN_SCOPE 0x00000001
570 #define LDB_SEARCH_OPTION_PHANTOM_ROOT 0x00000002
572 struct ldb_search_options_control {
573 unsigned search_options;
576 struct ldb_paged_control {
582 struct ldb_extended_dn_control {
586 struct ldb_server_sort_control {
592 struct ldb_sort_resp_control {
597 struct ldb_asq_control {
599 char *source_attribute;
604 struct ldb_dirsync_control {
611 struct ldb_vlv_req_control {
629 struct ldb_vlv_resp_control {
643 enum ldb_request_type {
651 LDB_REQ_REGISTER_CONTROL,
652 LDB_REQ_REGISTER_PARTITION
655 enum ldb_reply_type {
673 struct ldb_extended {
675 void *data; /* NULL or a valid talloc pointer! talloc_get_type() will be used on it */
680 struct ldb_message **msgs;
682 struct ldb_extended *extended;
683 struct ldb_control **controls;
687 enum ldb_reply_type type;
688 struct ldb_message *message;
689 struct ldb_extended *response;
691 struct ldb_control **controls;
696 enum ldb_state state;
698 struct ldb_module *module;
703 enum ldb_scope scope;
704 const struct ldb_parse_tree *tree;
705 const char * const *attrs;
706 struct ldb_result *res;
710 const struct ldb_message *message;
714 const struct ldb_message *message;
722 struct ldb_dn *olddn;
723 struct ldb_dn *newdn;
726 struct ldb_register_control {
730 struct ldb_register_partition {
734 struct ldb_sequence_number {
735 enum ldb_sequence_type {
737 LDB_SEQ_HIGHEST_TIMESTAMP,
744 typedef int (*ldb_request_callback_t)(struct ldb_context *, void *, struct ldb_reply *);
747 enum ldb_request_type operation;
750 struct ldb_search search;
752 struct ldb_modify mod;
753 struct ldb_delete del;
754 struct ldb_rename rename;
755 struct ldb_extended extended;
756 struct ldb_sequence_number seq_num;
757 struct ldb_register_control reg_control;
758 struct ldb_register_partition reg_partition;
761 struct ldb_control **controls;
764 ldb_request_callback_t callback;
768 struct ldb_handle *handle;
771 int ldb_request(struct ldb_context *ldb, struct ldb_request *request);
773 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type);
775 int ldb_set_timeout(struct ldb_context *ldb, struct ldb_request *req, int timeout);
776 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb, struct ldb_request *oldreq, struct ldb_request *newreq);
777 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms);
780 Initialise ldbs' global information
782 This is required before any other LDB call
784 \return 0 if initialisation succeeded, -1 otherwise
786 int ldb_global_init(void);
789 Initialise an ldb context
791 This is required before any other LDB call.
793 \param mem_ctx pointer to a talloc memory context. Pass NULL if there is
794 no suitable context available.
796 \return pointer to ldb_context that should be free'd (using talloc_free())
797 at the end of the program.
799 struct ldb_context *ldb_init(void *mem_ctx);
802 Connect to a database.
804 This is typically called soon after ldb_init(), and is required prior to
805 any search or database modification operations.
807 The URL can be one of the following forms:
813 \param ldb the context associated with the database (from ldb_init())
814 \param url the URL of the database to connect to, as noted above
815 \param flags a combination of LDB_FLG_* to modify the connection behaviour
816 \param options backend specific options - passed uninterpreted to the backend
818 \return result code (LDB_SUCCESS on success, or a failure code)
820 \note It is an error to connect to a database that does not exist in readonly mode
821 (that is, with LDB_FLG_RDONLY). However in read-write mode, the database will be
822 created if it does not exist.
824 int ldb_connect(struct ldb_context *ldb, const char *url, unsigned int flags, const char *options[]);
827 return an automatic basedn from the rootDomainNamingContext of the rootDSE
828 This value have been set in an opaque pointer at connection time
830 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb);
833 return an automatic basedn from the configurationNamingContext of the rootDSE
834 This value have been set in an opaque pointer at connection time
836 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb);
839 return an automatic basedn from the schemaNamingContext of the rootDSE
840 This value have been set in an opaque pointer at connection time
842 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb);
845 return an automatic baseDN from the defaultNamingContext of the rootDSE
846 This value have been set in an opaque pointer at connection time
848 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb);
851 The default async search callback function
853 \param ldb the context associated with the database (from ldb_init())
854 \param context the callback context (struct ldb_result *)
855 \param ares a single reply from the async core
857 \return result code (LDB_SUCCESS on success, or a failure code)
859 \note this function expects the context to always be an struct ldb_result pointer
860 AND a talloc context, this function will steal on the context each message
861 from the ares reply passed on by the async core so that in the end all the
862 messages will be in the context (ldb_result) memory tree.
863 Freeing the passed context (ldb_result tree) will free all the resources
864 (the request need to be freed separately and the result doe not depend on the
865 request that can be freed as sson as the search request is finished)
868 int ldb_search_default_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares);
871 Helper function to build a search request
873 \param ret_req the request structure is returned here (talloced on mem_ctx)
874 \param ldb the context associated with the database (from ldb_init())
875 \param mem_ctx a talloc emmory context (used as parent of ret_req)
876 \param base the Base Distinguished Name for the query (use ldb_dn_new() for an empty one)
877 \param scope the search scope for the query
878 \param expression the search expression to use for this query
879 \param attrs the search attributes for the query (pass NULL if none required)
880 \param controls an array of controls
881 \param context the callback function context
882 \param the callback function to handle the async replies
884 \return result code (LDB_SUCCESS on success, or a failure code)
887 int ldb_build_search_req(struct ldb_request **ret_req,
888 struct ldb_context *ldb,
891 enum ldb_scope scope,
892 const char *expression,
893 const char * const *attrs,
894 struct ldb_control **controls,
896 ldb_request_callback_t callback);
899 Helper function to build an add request
901 \param ret_req the request structure is returned here (talloced on mem_ctx)
902 \param ldb the context associated with the database (from ldb_init())
903 \param mem_ctx a talloc emmory context (used as parent of ret_req)
904 \param message contains the entry to be added
905 \param controls an array of controls
906 \param context the callback function context
907 \param the callback function to handle the async replies
909 \return result code (LDB_SUCCESS on success, or a failure code)
912 int ldb_build_add_req(struct ldb_request **ret_req,
913 struct ldb_context *ldb,
915 const struct ldb_message *message,
916 struct ldb_control **controls,
918 ldb_request_callback_t callback);
921 Helper function to build a modify request
923 \param ret_req the request structure is returned here (talloced on mem_ctx)
924 \param ldb the context associated with the database (from ldb_init())
925 \param mem_ctx a talloc emmory context (used as parent of ret_req)
926 \param message contains the entry to be modified
927 \param controls an array of controls
928 \param context the callback function context
929 \param the callback function to handle the async replies
931 \return result code (LDB_SUCCESS on success, or a failure code)
934 int ldb_build_mod_req(struct ldb_request **ret_req,
935 struct ldb_context *ldb,
937 const struct ldb_message *message,
938 struct ldb_control **controls,
940 ldb_request_callback_t callback);
943 Helper function to build a delete request
945 \param ret_req the request structure is returned here (talloced on mem_ctx)
946 \param ldb the context associated with the database (from ldb_init())
947 \param mem_ctx a talloc emmory context (used as parent of ret_req)
948 \param dn the DN to be deleted
949 \param controls an array of controls
950 \param context the callback function context
951 \param the callback function to handle the async replies
953 \return result code (LDB_SUCCESS on success, or a failure code)
956 int ldb_build_del_req(struct ldb_request **ret_req,
957 struct ldb_context *ldb,
960 struct ldb_control **controls,
962 ldb_request_callback_t callback);
965 Helper function to build a rename request
967 \param ret_req the request structure is returned here (talloced on mem_ctx)
968 \param ldb the context associated with the database (from ldb_init())
969 \param mem_ctx a talloc emmory context (used as parent of ret_req)
970 \param olddn the old DN
971 \param newdn the new DN
972 \param controls an array of controls
973 \param context the callback function context
974 \param the callback function to handle the async replies
976 \return result code (LDB_SUCCESS on success, or a failure code)
979 int ldb_build_rename_req(struct ldb_request **ret_req,
980 struct ldb_context *ldb,
982 struct ldb_dn *olddn,
983 struct ldb_dn *newdn,
984 struct ldb_control **controls,
986 ldb_request_callback_t callback);
989 Add a ldb_control to a ldb_request
991 \param req the request struct where to add the control
992 \param oid the object identifier of the control as string
993 \param ciritical whether the control should be critical or not
994 \param data a talloc pointer to the control specific data
996 \return result code (LDB_SUCCESS on success, or a failure code)
998 int ldb_request_add_control(struct ldb_request *req, const char *oid, bool critical, void *data);
1001 check if a control with the specified "oid" exist and return it
1002 \param req the request struct where to add the control
1003 \param oid the object identifier of the control as string
1005 \return the control, NULL if not found
1007 struct ldb_control *ldb_request_get_control(struct ldb_request *req, const char *oid);
1012 This function searches the database, and returns
1013 records that match an LDAP-like search expression
1015 \param ldb the context associated with the database (from ldb_init())
1016 \param base the Base Distinguished Name for the query (use ldb_dn_new() for an empty one)
1017 \param scope the search scope for the query
1018 \param expression the search expression to use for this query
1019 \param attrs the search attributes for the query (pass NULL if none required)
1020 \param res the return result
1022 \return result code (LDB_SUCCESS on success, or a failure code)
1024 \note use talloc_free() to free the ldb_result returned
1026 int ldb_search(struct ldb_context *ldb,
1027 struct ldb_dn *base,
1028 enum ldb_scope scope,
1029 const char *expression,
1030 const char * const *attrs, struct ldb_result **res);
1033 * a useful search function where you can easily define the expression and
1034 * that takes a memory context where results are allocated
1037 int ldb_search_exp_fmt(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1038 struct ldb_result **result, struct ldb_dn *base,
1039 enum ldb_scope scope, const char * const *attrs,
1040 const char *exp_fmt, ...) PRINTF_ATTRIBUTE(7,8);
1043 like ldb_search() but takes a parse tree
1045 int ldb_search_bytree(struct ldb_context *ldb,
1046 struct ldb_dn *base,
1047 enum ldb_scope scope,
1048 struct ldb_parse_tree *tree,
1049 const char * const *attrs, struct ldb_result **res);
1052 Add a record to the database.
1054 This function adds a record to the database. This function will fail
1055 if a record with the specified class and key already exists in the
1058 \param ldb the context associated with the database (from
1060 \param message the message containing the record to add.
1062 \return result code (LDB_SUCCESS if the record was added, otherwise
1065 int ldb_add(struct ldb_context *ldb,
1066 const struct ldb_message *message);
1069 Modify the specified attributes of a record
1071 This function modifies a record that is in the database.
1073 \param ldb the context associated with the database (from
1075 \param message the message containing the changes required.
1077 \return result code (LDB_SUCCESS if the record was modified as
1078 requested, otherwise a failure code)
1080 int ldb_modify(struct ldb_context *ldb,
1081 const struct ldb_message *message);
1084 Rename a record in the database
1086 This function renames a record in the database.
1088 \param ldb the context associated with the database (from
1090 \param olddn the DN for the record to be renamed.
1091 \param newdn the new DN
1093 \return result code (LDB_SUCCESS if the record was renamed as
1094 requested, otherwise a failure code)
1096 int ldb_rename(struct ldb_context *ldb, struct ldb_dn *olddn, struct ldb_dn *newdn);
1099 Delete a record from the database
1101 This function deletes a record from the database.
1103 \param ldb the context associated with the database (from
1105 \param dn the DN for the record to be deleted.
1107 \return result code (LDB_SUCCESS if the record was deleted,
1108 otherwise a failure code)
1110 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn);
1113 The default async extended operation callback function
1115 \param ldb the context associated with the database (from ldb_init())
1116 \param context the callback context (struct ldb_result *)
1117 \param ares a single reply from the async core
1119 \return result code (LDB_SUCCESS on success, or a failure code)
1121 \note this function expects the context to always be an struct ldb_result pointer
1122 AND a talloc context, this function will steal on the context each message
1123 from the ares reply passed on by the async core so that in the end all the
1124 messages will be in the context (ldb_result) memory tree.
1125 Freeing the passed context (ldb_result tree) will free all the resources
1126 (the request need to be freed separately and the result doe not depend on the
1127 request that can be freed as sson as the search request is finished)
1129 int ldb_extended_default_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares);
1132 Helper function to build a extended request
1134 \param ret_req the request structure is returned here (talloced on mem_ctx)
1135 \param ldb the context associated with the database (from ldb_init())
1136 \param mem_ctx a talloc emmory context (used as parent of ret_req)
1137 \param oid the OID of the extended operation.
1138 \param data a void pointer a the extended operation specific parameters,
1139 it needs to be NULL or a valid talloc pointer! talloc_get_type() will be used on it
1140 \param controls an array of controls
1141 \param context the callback function context
1142 \param the callback function to handle the async replies
1144 \return result code (LDB_SUCCESS on success, or a failure code)
1146 int ldb_build_extended_req(struct ldb_request **ret_req,
1147 struct ldb_context *ldb,
1150 void *data,/* NULL or a valid talloc pointer! talloc_get_type() will be used on it */
1151 struct ldb_control **controls,
1153 ldb_request_callback_t callback);
1156 call an extended operation
1158 This function deletes a record from the database.
1160 \param ldb the context associated with the database (from ldb_init())
1161 \param oid the OID of the extended operation.
1162 \param data a void pointer a the extended operation specific parameters,
1163 it needs to be NULL or a valid talloc pointer! talloc_get_type() will be used on it
1164 \param res the result of the extended operation
1166 \return result code (LDB_SUCCESS if the extended operation returned fine,
1167 otherwise a failure code)
1169 int ldb_extended(struct ldb_context *ldb,
1171 void *data,/* NULL or a valid talloc pointer! talloc_get_type() will be used on it */
1172 struct ldb_result **res);
1177 int ldb_transaction_start(struct ldb_context *ldb);
1180 commit a transaction
1182 int ldb_transaction_commit(struct ldb_context *ldb);
1185 cancel a transaction
1187 int ldb_transaction_cancel(struct ldb_context *ldb);
1191 return extended error information from the last call
1193 const char *ldb_errstring(struct ldb_context *ldb);
1196 return a string explaining what a ldb error constant meancs
1198 const char *ldb_strerror(int ldb_err);
1201 setup the default utf8 functions
1202 FIXME: these functions do not yet handle utf8
1204 void ldb_set_utf8_default(struct ldb_context *ldb);
1209 \param ldb the ldb context
1210 \param mem_ctx the memory context to allocate the result string
1212 \param s the string that is to be folded
1213 \return a copy of the string, converted to upper case
1215 \note The default function is not yet UTF8 aware. Provide your own
1216 set of functions through ldb_set_utf8_fns()
1218 char *ldb_casefold(struct ldb_context *ldb, void *mem_ctx, const char *s);
1221 Check the attribute name is valid according to rfc2251
1222 \param s tthe string to check
1224 \return 1 if the name is ok
1226 int ldb_valid_attr_name(const char *s);
1229 ldif manipulation functions
1232 Write an LDIF message
1234 This function writes an LDIF message using a caller supplied write
1237 \param ldb the ldb context (from ldb_init())
1238 \param fprintf_fn a function pointer for the write function. This must take
1239 a private data pointer, followed by a format string, and then a variable argument
1241 \param private_data pointer that will be provided back to the write
1242 function. This is useful for maintaining state or context.
1243 \param ldif the message to write out
1245 \return the total number of bytes written, or an error code as returned
1246 from the write function.
1248 \sa ldb_ldif_write_file for a more convenient way to write to a
1251 \sa ldb_ldif_read for the reader equivalent to this function.
1253 int ldb_ldif_write(struct ldb_context *ldb,
1254 int (*fprintf_fn)(void *, const char *, ...) PRINTF_ATTRIBUTE(2,3),
1256 const struct ldb_ldif *ldif);
1259 Clean up an LDIF message
1261 This function cleans up a LDIF message read using ldb_ldif_read()
1262 or related functions (such as ldb_ldif_read_string() and
1263 ldb_ldif_read_file().
1265 \param ldb the ldb context (from ldb_init())
1266 \param msg the message to clean up and free
1269 void ldb_ldif_read_free(struct ldb_context *ldb, struct ldb_ldif *msg);
1272 Read an LDIF message
1274 This function creates an LDIF message using a caller supplied read
1277 \param ldb the ldb context (from ldb_init())
1278 \param fgetc_fn a function pointer for the read function. This must
1279 take a private data pointer, and must return a pointer to an
1280 integer corresponding to the next byte read (or EOF if there is no
1281 more data to be read).
1282 \param private_data pointer that will be provided back to the read
1283 function. This is udeful for maintaining state or context.
1285 \return the LDIF message that has been read in
1287 \note You must free the LDIF message when no longer required, using
1288 ldb_ldif_read_free().
1290 \sa ldb_ldif_read_file for a more convenient way to read from a
1293 \sa ldb_ldif_read_string for a more convenient way to read from a
1294 string (char array).
1296 \sa ldb_ldif_write for the writer equivalent to this function.
1298 struct ldb_ldif *ldb_ldif_read(struct ldb_context *ldb,
1299 int (*fgetc_fn)(void *), void *private_data);
1302 Read an LDIF message from a file
1304 This function reads the next LDIF message from the contents of a
1305 file stream. If you want to get all of the LDIF messages, you will
1306 need to repeatedly call this function, until it returns NULL.
1308 \param ldb the ldb context (from ldb_init())
1309 \param f the file stream to read from (typically from fdopen())
1311 \sa ldb_ldif_read_string for an equivalent function that will read
1312 from a string (char array).
1314 \sa ldb_ldif_write_file for the writer equivalent to this function.
1317 struct ldb_ldif *ldb_ldif_read_file(struct ldb_context *ldb, FILE *f);
1320 Read an LDIF message from a string
1322 This function reads the next LDIF message from the contents of a char
1323 array. If you want to get all of the LDIF messages, you will need
1324 to repeatedly call this function, until it returns NULL.
1326 \param ldb the ldb context (from ldb_init())
1327 \param s pointer to the char array to read from
1329 \sa ldb_ldif_read_file for an equivalent function that will read
1332 \sa ldb_ldif_write for a more general (arbitrary read function)
1333 version of this function.
1335 struct ldb_ldif *ldb_ldif_read_string(struct ldb_context *ldb, const char **s);
1338 Write an LDIF message to a file
1340 \param ldb the ldb context (from ldb_init())
1341 \param f the file stream to write to (typically from fdopen())
1342 \param msg the message to write out
1344 \return the total number of bytes written, or a negative error code
1346 \sa ldb_ldif_read_file for the reader equivalent to this function.
1348 int ldb_ldif_write_file(struct ldb_context *ldb, FILE *f, const struct ldb_ldif *msg);
1351 Base64 encode a buffer
1353 \param mem_ctx the memory context that the result is allocated
1355 \param buf pointer to the array that is to be encoded
1356 \param len the number of elements in the array to be encoded
1358 \return pointer to an array containing the encoded data
1360 \note The caller is responsible for freeing the result
1362 char *ldb_base64_encode(void *mem_ctx, const char *buf, int len);
1365 Base64 decode a buffer
1367 This function decodes a base64 encoded string in place.
1369 \param s the string to decode.
1371 \return the length of the returned (decoded) string.
1373 \note the string is null terminated, but the null terminator is not
1374 included in the length.
1376 int ldb_base64_decode(char *s);
1378 /* The following definitions come from lib/ldb/common/ldb_dn.c */
1380 struct ldb_dn *ldb_dn_new(void *mem_ctx, struct ldb_context *ldb, const char *dn);
1381 struct ldb_dn *ldb_dn_new_fmt(void *mem_ctx, struct ldb_context *ldb, const char *new_fmt, ...) PRINTF_ATTRIBUTE(3,4);
1382 bool ldb_dn_validate(struct ldb_dn *dn);
1384 char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value);
1385 const char *ldb_dn_get_linearized(struct ldb_dn *dn);
1386 const char *ldb_dn_get_casefold(struct ldb_dn *dn);
1387 char *ldb_dn_alloc_linearized(void *mem_ctx, struct ldb_dn *dn);
1388 char *ldb_dn_alloc_casefold(void *mem_ctx, struct ldb_dn *dn);
1390 int ldb_dn_compare_base(struct ldb_dn *base, struct ldb_dn *dn);
1391 int ldb_dn_compare(struct ldb_dn *edn0, struct ldb_dn *edn1);
1393 bool ldb_dn_add_base(struct ldb_dn *dn, struct ldb_dn *base);
1394 bool ldb_dn_add_base_fmt(struct ldb_dn *dn, const char *base_fmt, ...) PRINTF_ATTRIBUTE(2,3);
1395 bool ldb_dn_add_child(struct ldb_dn *dn, struct ldb_dn *child);
1396 bool ldb_dn_add_child_fmt(struct ldb_dn *dn, const char *child_fmt, ...) PRINTF_ATTRIBUTE(2,3);
1397 bool ldb_dn_remove_base_components(struct ldb_dn *dn, unsigned int num);
1398 bool ldb_dn_remove_child_components(struct ldb_dn *dn, unsigned int num);
1400 struct ldb_dn *ldb_dn_copy(void *mem_ctx, struct ldb_dn *dn);
1401 struct ldb_dn *ldb_dn_get_parent(void *mem_ctx, struct ldb_dn *dn);
1402 char *ldb_dn_canonical_string(void *mem_ctx, struct ldb_dn *dn);
1403 char *ldb_dn_canonical_ex_string(void *mem_ctx, struct ldb_dn *dn);
1404 int ldb_dn_get_comp_num(struct ldb_dn *dn);
1405 const char *ldb_dn_get_component_name(struct ldb_dn *dn, unsigned int num);
1406 const struct ldb_val *ldb_dn_get_component_val(struct ldb_dn *dn, unsigned int num);
1407 const char *ldb_dn_get_rdn_name(struct ldb_dn *dn);
1408 const struct ldb_val *ldb_dn_get_rdn_val(struct ldb_dn *dn);
1409 int ldb_dn_set_component(struct ldb_dn *dn, int num, const char *name, const struct ldb_val val);
1411 bool ldb_dn_is_valid(struct ldb_dn *dn);
1412 bool ldb_dn_is_special(struct ldb_dn *dn);
1413 bool ldb_dn_check_special(struct ldb_dn *dn, const char *check);
1414 bool ldb_dn_is_null(struct ldb_dn *dn);
1417 /* useful functions for ldb_message structure manipulation */
1418 int ldb_dn_cmp(struct ldb_context *ldb, const char *dn1, const char *dn2);
1421 Compare two attributes
1423 This function compares to attribute names. Note that this is a
1424 case-insensitive comparison.
1426 \param attr1 the first attribute name to compare
1427 \param attr2 the second attribute name to compare
1429 \return 0 if the attribute names are the same, or only differ in
1430 case; non-zero if there are any differences
1432 attribute names are restricted by rfc2251 so using
1433 strcasecmp and toupper here is ok.
1436 #define ldb_attr_cmp(a, b) strcasecmp(a, b)
1437 char *ldb_attr_casefold(void *mem_ctx, const char *s);
1438 int ldb_attr_dn(const char *attr);
1441 Create an empty message
1443 \param mem_ctx the memory context to create in. You can pass NULL
1444 to get the top level context, however the ldb context (from
1445 ldb_init()) may be a better choice
1447 struct ldb_message *ldb_msg_new(void *mem_ctx);
1450 Find an element within an message
1452 struct ldb_message_element *ldb_msg_find_element(const struct ldb_message *msg,
1453 const char *attr_name);
1456 Compare two ldb_val values
1458 \param v1 first ldb_val structure to be tested
1459 \param v2 second ldb_val structure to be tested
1461 \return 1 for a match, 0 if there is any difference
1463 int ldb_val_equal_exact(const struct ldb_val *v1, const struct ldb_val *v2);
1466 find a value within an ldb_message_element
1468 \param el the element to search
1469 \param val the value to search for
1471 \note This search is case sensitive
1473 struct ldb_val *ldb_msg_find_val(const struct ldb_message_element *el,
1474 struct ldb_val *val);
1477 add a new empty element to a ldb_message
1479 int ldb_msg_add_empty(struct ldb_message *msg,
1480 const char *attr_name,
1482 struct ldb_message_element **return_el);
1485 add a element to a ldb_message
1487 int ldb_msg_add(struct ldb_message *msg,
1488 const struct ldb_message_element *el,
1490 int ldb_msg_add_value(struct ldb_message *msg,
1491 const char *attr_name,
1492 const struct ldb_val *val,
1493 struct ldb_message_element **return_el);
1494 int ldb_msg_add_steal_value(struct ldb_message *msg,
1495 const char *attr_name,
1496 struct ldb_val *val);
1497 int ldb_msg_add_steal_string(struct ldb_message *msg,
1498 const char *attr_name, char *str);
1499 int ldb_msg_add_string(struct ldb_message *msg,
1500 const char *attr_name, const char *str);
1501 int ldb_msg_add_fmt(struct ldb_message *msg,
1502 const char *attr_name, const char *fmt, ...) PRINTF_ATTRIBUTE(3,4);
1505 compare two message elements - return 0 on match
1507 int ldb_msg_element_compare(struct ldb_message_element *el1,
1508 struct ldb_message_element *el2);
1511 Find elements in a message.
1513 This function finds elements and converts to a specific type, with
1514 a give default value if not found. Assumes that elements are
1517 const struct ldb_val *ldb_msg_find_ldb_val(const struct ldb_message *msg, const char *attr_name);
1518 int ldb_msg_find_attr_as_int(const struct ldb_message *msg,
1519 const char *attr_name,
1521 unsigned int ldb_msg_find_attr_as_uint(const struct ldb_message *msg,
1522 const char *attr_name,
1523 unsigned int default_value);
1524 int64_t ldb_msg_find_attr_as_int64(const struct ldb_message *msg,
1525 const char *attr_name,
1526 int64_t default_value);
1527 uint64_t ldb_msg_find_attr_as_uint64(const struct ldb_message *msg,
1528 const char *attr_name,
1529 uint64_t default_value);
1530 double ldb_msg_find_attr_as_double(const struct ldb_message *msg,
1531 const char *attr_name,
1532 double default_value);
1533 int ldb_msg_find_attr_as_bool(const struct ldb_message *msg,
1534 const char *attr_name,
1536 const char *ldb_msg_find_attr_as_string(const struct ldb_message *msg,
1537 const char *attr_name,
1538 const char *default_value);
1540 struct ldb_dn *ldb_msg_find_attr_as_dn(struct ldb_context *ldb,
1542 const struct ldb_message *msg,
1543 const char *attr_name);
1545 void ldb_msg_sort_elements(struct ldb_message *msg);
1547 struct ldb_message *ldb_msg_copy_shallow(void *mem_ctx,
1548 const struct ldb_message *msg);
1549 struct ldb_message *ldb_msg_copy(void *mem_ctx,
1550 const struct ldb_message *msg);
1552 struct ldb_message *ldb_msg_canonicalize(struct ldb_context *ldb,
1553 const struct ldb_message *msg);
1556 struct ldb_message *ldb_msg_diff(struct ldb_context *ldb,
1557 struct ldb_message *msg1,
1558 struct ldb_message *msg2);
1560 int ldb_msg_check_string_attribute(const struct ldb_message *msg,
1565 Integrity check an ldb_message
1567 This function performs basic sanity / integrity checks on an
1570 \param msg the message to check
1572 \return LDB_SUCCESS if the message is OK, or a non-zero error code
1573 (one of LDB_ERR_INVALID_DN_SYNTAX, LDB_ERR_ENTRY_ALREADY_EXISTS or
1574 LDB_ERR_INVALID_ATTRIBUTE_SYNTAX) if there is a problem with a
1577 int ldb_msg_sanity_check(struct ldb_context *ldb,
1578 const struct ldb_message *msg);
1581 Duplicate an ldb_val structure
1583 This function copies an ldb value structure.
1585 \param mem_ctx the memory context that the duplicated value will be
1587 \param v the ldb_val to be duplicated.
1589 \return the duplicated ldb_val structure.
1591 struct ldb_val ldb_val_dup(void *mem_ctx, const struct ldb_val *v);
1594 this allows the user to set a debug function for error reporting
1596 int ldb_set_debug(struct ldb_context *ldb,
1597 void (*debug)(void *context, enum ldb_debug_level level,
1598 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0),
1602 this allows the user to set custom utf8 function for error reporting
1604 void ldb_set_utf8_fns(struct ldb_context *ldb,
1606 char *(*casefold)(void *, void *, const char *));
1609 this sets up debug to print messages on stderr
1611 int ldb_set_debug_stderr(struct ldb_context *ldb);
1613 /* control backend specific opaque values */
1614 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value);
1615 void *ldb_get_opaque(struct ldb_context *ldb, const char *name);
1617 const char **ldb_attr_list_copy(void *mem_ctx, const char * const *attrs);
1618 const char **ldb_attr_list_copy_add(void *mem_ctx, const char * const *attrs, const char *new_attr);
1619 int ldb_attr_in_list(const char * const *attrs, const char *attr);
1622 void ldb_parse_tree_attr_replace(struct ldb_parse_tree *tree,
1624 const char *replace);
1626 int ldb_msg_rename_attr(struct ldb_message *msg, const char *attr, const char *replace);
1627 int ldb_msg_copy_attr(struct ldb_message *msg, const char *attr, const char *replace);
1628 void ldb_msg_remove_attr(struct ldb_message *msg, const char *attr);
1631 Convert a time structure to a string
1633 This function converts a time_t structure to an LDAP formatted
1634 GeneralizedTime string.
1636 \param mem_ctx the memory context to allocate the return string in
1637 \param t the time structure to convert
1639 \return the formatted string, or NULL if the time structure could
1642 char *ldb_timestring(void *mem_ctx, time_t t);
1645 Convert a string to a time structure
1647 This function converts an LDAP formatted GeneralizedTime string
1648 to a time_t structure.
1650 \param s the string to convert
1652 \return the time structure, or 0 if the string cannot be converted
1654 time_t ldb_string_to_time(const char *s);
1657 Convert a time structure to a string
1659 This function converts a time_t structure to an LDAP formatted
1662 \param mem_ctx the memory context to allocate the return string in
1663 \param t the time structure to convert
1665 \return the formatted string, or NULL if the time structure could
1668 char *ldb_timestring_utc(void *mem_ctx, time_t t);
1671 Convert a string to a time structure
1673 This function converts an LDAP formatted UTCTime string
1674 to a time_t structure.
1676 \param s the string to convert
1678 \return the time structure, or 0 if the string cannot be converted
1680 time_t ldb_string_utc_to_time(const char *s);
1683 void ldb_qsort (void *const pbase, size_t total_elems, size_t size, void *opaque, ldb_qsort_cmp_fn_t cmp);
1687 Convert an array of string represention of a control into an array of ldb_control structures
1689 \param ldb LDB context
1690 \param mem_ctx TALLOC context to return result on, and to allocate error_string on
1691 \param control_strings Array of string-formatted controls
1693 \return array of ldb_control elements
1695 struct ldb_control **ldb_parse_control_strings(struct ldb_context *ldb, void *mem_ctx, const char **control_strings);