4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 static int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 static int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 /* The caller is to provide a correctly sized key */
225 int ltdb_guid_to_key(struct ldb_module *module,
226 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val,
230 const char *GUID_prefix = LTDB_GUID_KEY_PREFIX;
231 const int GUID_prefix_len = sizeof(LTDB_GUID_KEY_PREFIX) - 1;
233 if (key->dsize != (GUID_val->length+GUID_prefix_len)) {
234 return LDB_ERR_OPERATIONS_ERROR;
237 memcpy(key->dptr, GUID_prefix, GUID_prefix_len);
238 memcpy(&key->dptr[GUID_prefix_len],
239 GUID_val->data, GUID_val->length);
244 * The caller is to provide a correctly sized key, used only in
245 * the GUID index mode
247 int ltdb_idx_to_key(struct ldb_module *module,
248 struct ltdb_private *ltdb,
250 const struct ldb_val *idx_val,
253 struct ldb_context *ldb = ldb_module_get_ctx(module);
256 if (ltdb->cache->GUID_index_attribute != NULL) {
257 return ltdb_guid_to_key(module, ltdb,
261 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
264 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
265 * to the caller, as this in an invalid index value
267 return LDB_ERR_OPERATIONS_ERROR;
270 *key = ltdb_key_dn(module, mem_ctx, dn);
273 return ldb_module_oom(module);
279 form a TDB_DATA for a record key
280 caller frees mem_ctx, which may or may not have the key
283 note that the key for a record can depend on whether a
284 GUID index is in use, or the DN is used as the key
286 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
287 const struct ldb_message *msg)
289 void *data = ldb_module_get_private(module);
290 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
292 const struct ldb_val *guid_val;
295 if (ltdb->cache->GUID_index_attribute == NULL) {
296 return ltdb_key_dn(module, mem_ctx, msg->dn);
299 if (ldb_dn_is_special(msg->dn)) {
300 return ltdb_key_dn(module, mem_ctx, msg->dn);
303 guid_val = ldb_msg_find_ldb_val(msg,
304 ltdb->cache->GUID_index_attribute);
305 if (guid_val == NULL) {
306 ldb_asprintf_errstring(ldb_module_get_ctx(module),
307 "Did not find GUID attribute %s "
308 "in %s, required for TDB record "
309 "key in " LTDB_IDXGUID " mode.",
310 ltdb->cache->GUID_index_attribute,
311 ldb_dn_get_linearized(msg->dn));
318 /* In this case, allocate with talloc */
319 key.dptr = talloc_size(mem_ctx, LTDB_GUID_KEY_SIZE);
320 if (key.dptr == NULL) {
326 key.dsize = talloc_get_size(key.dptr);
328 ret = ltdb_guid_to_key(module, ltdb, guid_val, &key);
330 if (ret != LDB_SUCCESS) {
340 check special dn's have valid attributes
341 currently only @ATTRIBUTES is checked
343 static int ltdb_check_special_dn(struct ldb_module *module,
344 const struct ldb_message *msg)
346 struct ldb_context *ldb = ldb_module_get_ctx(module);
349 if (! ldb_dn_is_special(msg->dn) ||
350 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
354 /* we have @ATTRIBUTES, let's check attributes are fine */
355 /* should we check that we deny multivalued attributes ? */
356 for (i = 0; i < msg->num_elements; i++) {
357 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
359 for (j = 0; j < msg->elements[i].num_values; j++) {
360 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
361 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
362 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
372 we've made a modification to a dn - possibly reindex and
373 update sequence number
375 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
377 int ret = LDB_SUCCESS;
378 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
380 /* only allow modifies inside a transaction, otherwise the
382 if (ltdb->in_transaction == 0) {
383 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
384 return LDB_ERR_OPERATIONS_ERROR;
387 if (ldb_dn_is_special(dn) &&
388 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
389 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
391 if (ltdb->warn_reindex) {
392 ldb_debug(ldb_module_get_ctx(module),
393 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
394 ltdb->kv_ops->name(ltdb), ldb_dn_get_linearized(dn));
396 ret = ltdb_reindex(module);
399 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
400 if (ret == LDB_SUCCESS &&
401 !(ldb_dn_is_special(dn) &&
402 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
403 ret = ltdb_increase_sequence_number(module);
406 /* If the modify was to @OPTIONS, reload the cache */
407 if (ret == LDB_SUCCESS &&
408 ldb_dn_is_special(dn) &&
409 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
410 ret = ltdb_cache_reload(module);
416 static int ltdb_tdb_store(struct ltdb_private *ltdb, TDB_DATA key, TDB_DATA data, int flags)
418 return tdb_store(ltdb->tdb, key, data, flags);
421 static int ltdb_error(struct ltdb_private *ltdb)
423 return ltdb_err_map(tdb_error(ltdb->tdb));
426 static const char *ltdb_errorstr(struct ltdb_private *ltdb)
428 return tdb_errorstr(ltdb->tdb);
432 store a record into the db
434 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
436 void *data = ldb_module_get_private(module);
437 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
438 TDB_DATA tdb_key, tdb_data;
439 struct ldb_val ldb_data;
440 int ret = LDB_SUCCESS;
441 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
443 if (tdb_key_ctx == NULL) {
444 return ldb_module_oom(module);
447 if (ltdb->read_only) {
448 return LDB_ERR_UNWILLING_TO_PERFORM;
451 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
452 if (tdb_key.dptr == NULL) {
453 TALLOC_FREE(tdb_key_ctx);
454 return LDB_ERR_OTHER;
457 ret = ldb_pack_data(ldb_module_get_ctx(module),
460 TALLOC_FREE(tdb_key_ctx);
461 return LDB_ERR_OTHER;
464 tdb_data.dptr = ldb_data.data;
465 tdb_data.dsize = ldb_data.length;
467 ret = ltdb->kv_ops->store(ltdb, tdb_key, tdb_data, flgs);
469 bool is_special = ldb_dn_is_special(msg->dn);
470 ret = ltdb->kv_ops->error(ltdb);
473 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
474 * the GUID, so re-map
476 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
478 && ltdb->cache->GUID_index_attribute != NULL) {
479 ret = LDB_ERR_CONSTRAINT_VIOLATION;
485 TALLOC_FREE(tdb_key_ctx);
486 talloc_free(ldb_data.data);
493 check if a attribute is a single valued, for a given element
495 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
496 struct ldb_message_element *el)
498 if (!a) return false;
500 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
501 /* override from a ldb module, for example
502 used for the description field, which is
503 marked multi-valued in the schema but which
504 should not actually accept multiple
508 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
509 /* override from a ldb module, for example used for
510 deleted linked attribute entries */
514 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
520 static int ltdb_add_internal(struct ldb_module *module,
521 struct ltdb_private *ltdb,
522 const struct ldb_message *msg,
523 bool check_single_value)
525 struct ldb_context *ldb = ldb_module_get_ctx(module);
526 int ret = LDB_SUCCESS;
529 for (i=0;i<msg->num_elements;i++) {
530 struct ldb_message_element *el = &msg->elements[i];
531 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
533 if (el->num_values == 0) {
534 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
535 el->name, ldb_dn_get_linearized(msg->dn));
536 return LDB_ERR_CONSTRAINT_VIOLATION;
538 if (check_single_value &&
539 el->num_values > 1 &&
540 ldb_tdb_single_valued(a, el)) {
541 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
542 el->name, ldb_dn_get_linearized(msg->dn));
543 return LDB_ERR_CONSTRAINT_VIOLATION;
546 /* Do not check "@ATTRIBUTES" for duplicated values */
547 if (ldb_dn_is_special(msg->dn) &&
548 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
552 if (check_single_value &&
554 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
555 struct ldb_val *duplicate = NULL;
557 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
559 if (ret != LDB_SUCCESS) {
562 if (duplicate != NULL) {
563 ldb_asprintf_errstring(
565 "attribute '%s': value '%.*s' on '%s' "
566 "provided more than once in ADD object",
568 (int)duplicate->length,
570 ldb_dn_get_linearized(msg->dn));
571 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
576 ret = ltdb_store(module, msg, TDB_INSERT);
577 if (ret != LDB_SUCCESS) {
579 * Try really hard to get the right error code for
580 * a re-add situation, as this can matter!
582 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
584 struct ldb_dn *dn2 = NULL;
585 TALLOC_CTX *mem_ctx = talloc_new(module);
586 if (mem_ctx == NULL) {
587 return ldb_module_operr(module);
589 ret2 = ltdb_search_base(module, module,
591 TALLOC_FREE(mem_ctx);
592 if (ret2 == LDB_SUCCESS) {
593 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
596 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
597 ldb_asprintf_errstring(ldb,
598 "Entry %s already exists",
599 ldb_dn_get_linearized(msg->dn));
604 ret = ltdb_index_add_new(module, ltdb, msg);
605 if (ret != LDB_SUCCESS) {
607 * If we failed to index, delete the message again.
609 * This is particularly important for the GUID index
610 * case, which will only fail for a duplicate DN
613 * Note that the caller may not cancel the transation
614 * and this means the above add might really show up!
616 ltdb_delete_noindex(module, msg);
620 ret = ltdb_modified(module, msg->dn);
626 add a record to the database
628 static int ltdb_add(struct ltdb_context *ctx)
630 struct ldb_module *module = ctx->module;
631 struct ldb_request *req = ctx->req;
632 void *data = ldb_module_get_private(module);
633 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
634 int ret = LDB_SUCCESS;
636 ret = ltdb_check_special_dn(module, req->op.add.message);
637 if (ret != LDB_SUCCESS) {
641 ldb_request_set_state(req, LDB_ASYNC_PENDING);
643 if (ltdb_cache_load(module) != 0) {
644 return LDB_ERR_OPERATIONS_ERROR;
647 ret = ltdb_add_internal(module, ltdb,
648 req->op.add.message, true);
653 static int ltdb_tdb_delete(struct ltdb_private *ltdb, TDB_DATA tdb_key)
655 return tdb_delete(ltdb->tdb, tdb_key);
659 delete a record from the database, not updating indexes (used for deleting
662 int ltdb_delete_noindex(struct ldb_module *module,
663 const struct ldb_message *msg)
665 void *data = ldb_module_get_private(module);
666 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
669 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
671 if (tdb_key_ctx == NULL) {
672 return ldb_module_oom(module);
675 if (ltdb->read_only) {
676 return LDB_ERR_UNWILLING_TO_PERFORM;
679 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
681 TALLOC_FREE(tdb_key_ctx);
682 return LDB_ERR_OTHER;
685 ret = ltdb->kv_ops->delete(ltdb, tdb_key);
686 TALLOC_FREE(tdb_key_ctx);
689 ret = ltdb->kv_ops->error(ltdb);
695 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
697 struct ldb_message *msg;
698 int ret = LDB_SUCCESS;
700 msg = ldb_msg_new(module);
702 return LDB_ERR_OPERATIONS_ERROR;
705 /* in case any attribute of the message was indexed, we need
706 to fetch the old record */
707 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
708 if (ret != LDB_SUCCESS) {
709 /* not finding the old record is an error */
713 ret = ltdb_delete_noindex(module, msg);
714 if (ret != LDB_SUCCESS) {
718 /* remove any indexed attributes */
719 ret = ltdb_index_delete(module, msg);
720 if (ret != LDB_SUCCESS) {
724 ret = ltdb_modified(module, dn);
725 if (ret != LDB_SUCCESS) {
735 delete a record from the database
737 static int ltdb_delete(struct ltdb_context *ctx)
739 struct ldb_module *module = ctx->module;
740 struct ldb_request *req = ctx->req;
741 int ret = LDB_SUCCESS;
743 ldb_request_set_state(req, LDB_ASYNC_PENDING);
745 if (ltdb_cache_load(module) != 0) {
746 return LDB_ERR_OPERATIONS_ERROR;
749 ret = ltdb_delete_internal(module, req->op.del.dn);
755 find an element by attribute name. At the moment this does a linear search,
756 it should be re-coded to use a binary search once all places that modify
757 records guarantee sorted order
759 return the index of the first matching element if found, otherwise -1
761 static int find_element(const struct ldb_message *msg, const char *name)
764 for (i=0;i<msg->num_elements;i++) {
765 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
774 add an element to an existing record. Assumes a elements array that we
775 can call re-alloc on, and assumed that we can re-use the data pointers from
776 the passed in additional values. Use with care!
778 returns 0 on success, -1 on failure (and sets errno)
780 static int ltdb_msg_add_element(struct ldb_message *msg,
781 struct ldb_message_element *el)
783 struct ldb_message_element *e2;
786 if (el->num_values == 0) {
787 /* nothing to do here - we don't add empty elements */
791 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
792 msg->num_elements+1);
800 e2 = &msg->elements[msg->num_elements];
803 e2->flags = el->flags;
804 e2->values = talloc_array(msg->elements,
805 struct ldb_val, el->num_values);
810 for (i=0;i<el->num_values;i++) {
811 e2->values[i] = el->values[i];
813 e2->num_values = el->num_values;
821 delete all elements having a specified attribute name
823 static int msg_delete_attribute(struct ldb_module *module,
824 struct ltdb_private *ltdb,
825 struct ldb_message *msg, const char *name)
829 struct ldb_message_element *el;
830 bool is_special = ldb_dn_is_special(msg->dn);
833 && ltdb->cache->GUID_index_attribute != NULL
834 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
835 struct ldb_context *ldb = ldb_module_get_ctx(module);
836 ldb_asprintf_errstring(ldb, "Must not modify GUID "
837 "attribute %s (used as DB index)",
838 ltdb->cache->GUID_index_attribute);
839 return LDB_ERR_CONSTRAINT_VIOLATION;
842 el = ldb_msg_find_element(msg, name);
844 return LDB_ERR_NO_SUCH_ATTRIBUTE;
846 i = el - msg->elements;
848 ret = ltdb_index_del_element(module, ltdb, msg, el);
849 if (ret != LDB_SUCCESS) {
853 talloc_free(el->values);
854 if (msg->num_elements > (i+1)) {
855 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
858 msg->elements = talloc_realloc(msg, msg->elements,
859 struct ldb_message_element,
865 delete all elements matching an attribute name/value
867 return LDB Error on failure
869 static int msg_delete_element(struct ldb_module *module,
870 struct ltdb_private *ltdb,
871 struct ldb_message *msg,
873 const struct ldb_val *val)
875 struct ldb_context *ldb = ldb_module_get_ctx(module);
878 struct ldb_message_element *el;
879 const struct ldb_schema_attribute *a;
881 found = find_element(msg, name);
883 return LDB_ERR_NO_SUCH_ATTRIBUTE;
886 i = (unsigned int) found;
887 el = &(msg->elements[i]);
889 a = ldb_schema_attribute_by_name(ldb, el->name);
891 for (i=0;i<el->num_values;i++) {
893 if (a->syntax->operator_fn) {
894 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
895 &el->values[i], val, &matched);
896 if (ret != LDB_SUCCESS) return ret;
898 matched = (a->syntax->comparison_fn(ldb, ldb,
899 &el->values[i], val) == 0);
902 if (el->num_values == 1) {
903 return msg_delete_attribute(module,
907 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
908 if (ret != LDB_SUCCESS) {
912 if (i<el->num_values-1) {
913 memmove(&el->values[i], &el->values[i+1],
914 sizeof(el->values[i])*
915 (el->num_values-(i+1)));
919 /* per definition we find in a canonicalised message an
920 attribute value only once. So we are finished here */
926 return LDB_ERR_NO_SUCH_ATTRIBUTE;
930 modify a record - internal interface
932 yuck - this is O(n^2). Luckily n is usually small so we probably
933 get away with it, but if we ever have really large attribute lists
934 then we'll need to look at this again
936 'req' is optional, and is used to specify controls if supplied
938 int ltdb_modify_internal(struct ldb_module *module,
939 const struct ldb_message *msg,
940 struct ldb_request *req)
942 struct ldb_context *ldb = ldb_module_get_ctx(module);
943 void *data = ldb_module_get_private(module);
944 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
945 struct ldb_message *msg2;
947 int ret = LDB_SUCCESS, idx;
948 struct ldb_control *control_permissive = NULL;
949 TALLOC_CTX *mem_ctx = talloc_new(req);
951 if (mem_ctx == NULL) {
952 return ldb_module_oom(module);
956 control_permissive = ldb_request_get_control(req,
957 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
960 msg2 = ldb_msg_new(mem_ctx);
966 ret = ltdb_search_dn1(module, msg->dn,
968 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
969 if (ret != LDB_SUCCESS) {
973 for (i=0; i<msg->num_elements; i++) {
974 struct ldb_message_element *el = &msg->elements[i], *el2;
975 struct ldb_val *vals;
976 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
978 uint32_t options = 0;
979 if (control_permissive != NULL) {
980 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
983 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
984 case LDB_FLAG_MOD_ADD:
986 if (el->num_values == 0) {
987 ldb_asprintf_errstring(ldb,
988 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
989 el->name, ldb_dn_get_linearized(msg2->dn));
990 ret = LDB_ERR_CONSTRAINT_VIOLATION;
994 /* make a copy of the array so that a permissive
995 * control can remove duplicates without changing the
996 * original values, but do not copy data as we do not
997 * need to keep it around once the operation is
999 if (control_permissive) {
1000 el = talloc(msg2, struct ldb_message_element);
1002 ret = LDB_ERR_OTHER;
1005 *el = msg->elements[i];
1006 el->values = talloc_array(el, struct ldb_val, el->num_values);
1007 if (el->values == NULL) {
1008 ret = LDB_ERR_OTHER;
1011 for (j = 0; j < el->num_values; j++) {
1012 el->values[j] = msg->elements[i].values[j];
1016 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1017 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1018 el->name, ldb_dn_get_linearized(msg2->dn));
1019 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1023 /* Checks if element already exists */
1024 idx = find_element(msg2, el->name);
1026 if (ltdb_msg_add_element(msg2, el) != 0) {
1027 ret = LDB_ERR_OTHER;
1030 ret = ltdb_index_add_element(module, ltdb,
1033 if (ret != LDB_SUCCESS) {
1037 j = (unsigned int) idx;
1038 el2 = &(msg2->elements[j]);
1040 /* We cannot add another value on a existing one
1041 if the attribute is single-valued */
1042 if (ldb_tdb_single_valued(a, el)) {
1043 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1044 el->name, ldb_dn_get_linearized(msg2->dn));
1045 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1049 /* Check that values don't exist yet on multi-
1050 valued attributes or aren't provided twice */
1052 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1053 struct ldb_val *duplicate = NULL;
1054 ret = ldb_msg_find_common_values(ldb,
1061 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1062 ldb_asprintf_errstring(ldb,
1063 "attribute '%s': value "
1064 "#%u on '%s' already "
1065 "exists", el->name, j,
1066 ldb_dn_get_linearized(msg2->dn));
1068 } else if (ret != LDB_SUCCESS) {
1072 ret = ldb_msg_find_duplicate_val(
1073 ldb, msg2, el, &duplicate, 0);
1074 if (ret != LDB_SUCCESS) {
1077 if (duplicate != NULL) {
1078 ldb_asprintf_errstring(
1080 "attribute '%s': value "
1082 "provided more than "
1085 (int)duplicate->length,
1087 ldb_dn_get_linearized(msg->dn));
1088 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1093 /* Now combine existing and new values to a new
1095 vals = talloc_realloc(msg2->elements,
1096 el2->values, struct ldb_val,
1097 el2->num_values + el->num_values);
1100 ret = LDB_ERR_OTHER;
1104 for (j=0; j<el->num_values; j++) {
1105 vals[el2->num_values + j] =
1106 ldb_val_dup(vals, &el->values[j]);
1110 el2->num_values += el->num_values;
1112 ret = ltdb_index_add_element(module, ltdb,
1114 if (ret != LDB_SUCCESS) {
1121 case LDB_FLAG_MOD_REPLACE:
1123 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1124 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1125 el->name, ldb_dn_get_linearized(msg2->dn));
1126 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1131 * We don't need to check this if we have been
1132 * pre-screened by the repl_meta_data module
1133 * in Samba, or someone else who can claim to
1134 * know what they are doing.
1136 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1137 struct ldb_val *duplicate = NULL;
1139 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1141 if (ret != LDB_SUCCESS) {
1144 if (duplicate != NULL) {
1145 ldb_asprintf_errstring(
1147 "attribute '%s': value '%.*s' "
1148 "on '%s' provided more than "
1151 (int)duplicate->length,
1153 ldb_dn_get_linearized(msg2->dn));
1154 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1159 /* Checks if element already exists */
1160 idx = find_element(msg2, el->name);
1162 j = (unsigned int) idx;
1163 el2 = &(msg2->elements[j]);
1165 /* we consider two elements to be
1166 * equal only if the order
1167 * matches. This allows dbcheck to
1168 * fix the ordering on attributes
1169 * where order matters, such as
1172 if (ldb_msg_element_equal_ordered(el, el2)) {
1176 /* Delete the attribute if it exists in the DB */
1177 if (msg_delete_attribute(module, ltdb,
1180 ret = LDB_ERR_OTHER;
1185 /* Recreate it with the new values */
1186 if (ltdb_msg_add_element(msg2, el) != 0) {
1187 ret = LDB_ERR_OTHER;
1191 ret = ltdb_index_add_element(module, ltdb,
1193 if (ret != LDB_SUCCESS) {
1199 case LDB_FLAG_MOD_DELETE:
1200 dn = ldb_dn_get_linearized(msg2->dn);
1202 ret = LDB_ERR_OTHER;
1206 if (msg->elements[i].num_values == 0) {
1207 /* Delete the whole attribute */
1208 ret = msg_delete_attribute(module,
1211 msg->elements[i].name);
1212 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1213 control_permissive) {
1216 ldb_asprintf_errstring(ldb,
1217 "attribute '%s': no such attribute for delete on '%s'",
1218 msg->elements[i].name, dn);
1220 if (ret != LDB_SUCCESS) {
1224 /* Delete specified values from an attribute */
1225 for (j=0; j < msg->elements[i].num_values; j++) {
1226 ret = msg_delete_element(module,
1229 msg->elements[i].name,
1230 &msg->elements[i].values[j]);
1231 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1232 control_permissive) {
1234 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1235 ldb_asprintf_errstring(ldb,
1236 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1237 msg->elements[i].name, dn);
1239 if (ret != LDB_SUCCESS) {
1246 ldb_asprintf_errstring(ldb,
1247 "attribute '%s': invalid modify flags on '%s': 0x%x",
1248 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1249 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1250 ret = LDB_ERR_PROTOCOL_ERROR;
1255 ret = ltdb_store(module, msg2, TDB_MODIFY);
1256 if (ret != LDB_SUCCESS) {
1260 ret = ltdb_modified(module, msg2->dn);
1261 if (ret != LDB_SUCCESS) {
1266 TALLOC_FREE(mem_ctx);
1273 static int ltdb_modify(struct ltdb_context *ctx)
1275 struct ldb_module *module = ctx->module;
1276 struct ldb_request *req = ctx->req;
1277 int ret = LDB_SUCCESS;
1279 ret = ltdb_check_special_dn(module, req->op.mod.message);
1280 if (ret != LDB_SUCCESS) {
1284 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1286 if (ltdb_cache_load(module) != 0) {
1287 return LDB_ERR_OPERATIONS_ERROR;
1290 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1298 static int ltdb_rename(struct ltdb_context *ctx)
1300 struct ldb_module *module = ctx->module;
1301 void *data = ldb_module_get_private(module);
1302 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1303 struct ldb_request *req = ctx->req;
1304 struct ldb_message *msg;
1305 int ret = LDB_SUCCESS;
1306 TDB_DATA tdb_key, tdb_key_old;
1307 struct ldb_dn *db_dn;
1309 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1311 if (ltdb_cache_load(ctx->module) != 0) {
1312 return LDB_ERR_OPERATIONS_ERROR;
1315 msg = ldb_msg_new(ctx);
1317 return LDB_ERR_OPERATIONS_ERROR;
1320 /* we need to fetch the old record to re-add under the new name */
1321 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1322 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1323 if (ret != LDB_SUCCESS) {
1324 /* not finding the old record is an error */
1328 /* We need to, before changing the DB, check if the new DN
1329 * exists, so we can return this error to the caller with an
1332 * Even in GUID index mode we use ltdb_key_dn() as we are
1333 * trying to figure out if this is just a case rename
1335 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1336 if (!tdb_key.dptr) {
1338 return LDB_ERR_OPERATIONS_ERROR;
1341 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1342 if (!tdb_key_old.dptr) {
1344 talloc_free(tdb_key.dptr);
1345 return LDB_ERR_OPERATIONS_ERROR;
1349 * Only declare a conflict if the new DN already exists,
1350 * and it isn't a case change on the old DN
1352 if (tdb_key_old.dsize != tdb_key.dsize
1353 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1354 ret = ltdb_search_base(module, msg,
1355 req->op.rename.newdn,
1357 if (ret == LDB_SUCCESS) {
1358 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1359 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1364 /* finding the new record already in the DB is an error */
1366 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1367 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1368 "Entry %s already exists",
1369 ldb_dn_get_linearized(req->op.rename.newdn));
1371 if (ret != LDB_SUCCESS) {
1372 talloc_free(tdb_key_old.dptr);
1373 talloc_free(tdb_key.dptr);
1378 talloc_free(tdb_key_old.dptr);
1379 talloc_free(tdb_key.dptr);
1381 /* Always delete first then add, to avoid conflicts with
1382 * unique indexes. We rely on the transaction to make this
1385 ret = ltdb_delete_internal(module, msg->dn);
1386 if (ret != LDB_SUCCESS) {
1391 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1392 if (msg->dn == NULL) {
1394 return LDB_ERR_OPERATIONS_ERROR;
1397 /* We don't check single value as we can have more than 1 with
1398 * deleted attributes. We could go through all elements but that's
1399 * maybe not the most efficient way
1401 ret = ltdb_add_internal(module, ltdb, msg, false);
1408 static int ltdb_tdb_transaction_start(struct ltdb_private *ltdb)
1410 return tdb_transaction_start(ltdb->tdb);
1413 static int ltdb_tdb_transaction_cancel(struct ltdb_private *ltdb)
1415 return tdb_transaction_cancel(ltdb->tdb);
1418 static int ltdb_tdb_transaction_prepare_commit(struct ltdb_private *ltdb)
1420 return tdb_transaction_prepare_commit(ltdb->tdb);
1423 static int ltdb_tdb_transaction_commit(struct ltdb_private *ltdb)
1425 return tdb_transaction_commit(ltdb->tdb);
1428 static int ltdb_start_trans(struct ldb_module *module)
1430 void *data = ldb_module_get_private(module);
1431 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1433 /* Do not take out the transaction lock on a read-only DB */
1434 if (ltdb->read_only) {
1435 return LDB_ERR_UNWILLING_TO_PERFORM;
1438 if (ltdb->kv_ops->begin_write(ltdb) != 0) {
1439 return ltdb->kv_ops->error(ltdb);
1442 ltdb->in_transaction++;
1444 ltdb_index_transaction_start(module);
1449 static int ltdb_prepare_commit(struct ldb_module *module)
1452 void *data = ldb_module_get_private(module);
1453 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1455 if (ltdb->in_transaction != 1) {
1459 ret = ltdb_index_transaction_commit(module);
1460 if (ret != LDB_SUCCESS) {
1461 ltdb->kv_ops->abort_write(ltdb);
1462 ltdb->in_transaction--;
1466 if (ltdb->kv_ops->prepare_write(ltdb) != 0) {
1467 ret = ltdb->kv_ops->error(ltdb);
1468 ltdb->in_transaction--;
1469 ldb_debug_set(ldb_module_get_ctx(module),
1472 "prepare_write): %s -> %s",
1473 ltdb->kv_ops->errorstr(ltdb),
1478 ltdb->prepared_commit = true;
1483 static int ltdb_end_trans(struct ldb_module *module)
1486 void *data = ldb_module_get_private(module);
1487 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1489 if (!ltdb->prepared_commit) {
1490 ret = ltdb_prepare_commit(module);
1491 if (ret != LDB_SUCCESS) {
1496 ltdb->in_transaction--;
1497 ltdb->prepared_commit = false;
1499 if (ltdb->kv_ops->finish_write(ltdb) != 0) {
1500 ret = ltdb->kv_ops->error(ltdb);
1501 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1502 "Failure during tdb_transaction_commit(): %s -> %s",
1503 ltdb->kv_ops->errorstr(ltdb),
1511 static int ltdb_del_trans(struct ldb_module *module)
1513 void *data = ldb_module_get_private(module);
1514 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1516 ltdb->in_transaction--;
1518 if (ltdb_index_transaction_cancel(module) != 0) {
1519 ltdb->kv_ops->abort_write(ltdb);
1520 return ltdb->kv_ops->error(ltdb);
1523 ltdb->kv_ops->abort_write(ltdb);
1528 return sequenceNumber from @BASEINFO
1530 static int ltdb_sequence_number(struct ltdb_context *ctx,
1531 struct ldb_extended **ext)
1533 struct ldb_context *ldb;
1534 struct ldb_module *module = ctx->module;
1535 struct ldb_request *req = ctx->req;
1536 void *data = ldb_module_get_private(module);
1537 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1538 TALLOC_CTX *tmp_ctx = NULL;
1539 struct ldb_seqnum_request *seq;
1540 struct ldb_seqnum_result *res;
1541 struct ldb_message *msg = NULL;
1544 int ret = LDB_SUCCESS;
1546 ldb = ldb_module_get_ctx(module);
1548 seq = talloc_get_type(req->op.extended.data,
1549 struct ldb_seqnum_request);
1551 return LDB_ERR_OPERATIONS_ERROR;
1554 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1556 if (ltdb->kv_ops->lock_read(module) != 0) {
1557 return LDB_ERR_OPERATIONS_ERROR;
1560 res = talloc_zero(req, struct ldb_seqnum_result);
1562 ret = LDB_ERR_OPERATIONS_ERROR;
1566 tmp_ctx = talloc_new(req);
1567 if (tmp_ctx == NULL) {
1568 ret = LDB_ERR_OPERATIONS_ERROR;
1572 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1574 ret = LDB_ERR_OPERATIONS_ERROR;
1578 msg = ldb_msg_new(tmp_ctx);
1580 ret = LDB_ERR_OPERATIONS_ERROR;
1584 ret = ltdb_search_dn1(module, dn, msg, 0);
1585 if (ret != LDB_SUCCESS) {
1589 switch (seq->type) {
1590 case LDB_SEQ_HIGHEST_SEQ:
1591 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1594 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1597 case LDB_SEQ_HIGHEST_TIMESTAMP:
1598 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1600 res->seq_num = ldb_string_to_time(date);
1603 /* zero is as good as anything when we don't know */
1608 *ext = talloc_zero(req, struct ldb_extended);
1610 ret = LDB_ERR_OPERATIONS_ERROR;
1613 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1614 (*ext)->data = talloc_steal(*ext, res);
1617 talloc_free(tmp_ctx);
1619 ltdb->kv_ops->unlock_read(module);
1623 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1625 struct ldb_context *ldb;
1626 struct ldb_request *req;
1627 struct ldb_reply *ares;
1629 ldb = ldb_module_get_ctx(ctx->module);
1632 /* if we already returned an error just return */
1633 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1637 ares = talloc_zero(req, struct ldb_reply);
1640 req->callback(req, NULL);
1643 ares->type = LDB_REPLY_DONE;
1644 ares->error = error;
1646 req->callback(req, ares);
1649 static void ltdb_timeout(struct tevent_context *ev,
1650 struct tevent_timer *te,
1654 struct ltdb_context *ctx;
1655 ctx = talloc_get_type(private_data, struct ltdb_context);
1657 if (!ctx->request_terminated) {
1658 /* request is done now */
1659 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1663 /* neutralize the spy */
1664 ctx->spy->ctx = NULL;
1670 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1671 struct ldb_extended *ext,
1674 struct ldb_context *ldb;
1675 struct ldb_request *req;
1676 struct ldb_reply *ares;
1678 ldb = ldb_module_get_ctx(ctx->module);
1681 /* if we already returned an error just return */
1682 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1686 ares = talloc_zero(req, struct ldb_reply);
1689 req->callback(req, NULL);
1692 ares->type = LDB_REPLY_DONE;
1693 ares->response = ext;
1694 ares->error = error;
1696 req->callback(req, ares);
1699 static void ltdb_handle_extended(struct ltdb_context *ctx)
1701 struct ldb_extended *ext = NULL;
1704 if (strcmp(ctx->req->op.extended.oid,
1705 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1706 /* get sequence number */
1707 ret = ltdb_sequence_number(ctx, &ext);
1709 /* not recognized */
1710 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1713 ltdb_request_extended_done(ctx, ext, ret);
1717 ldb_kv_traverse_fn kv_traverse_fn;
1719 struct ltdb_private *ltdb;
1722 static int ldb_tdb_traverse_fn_wrapper(struct tdb_context *tdb, TDB_DATA tdb_key, TDB_DATA tdb_data, void *ctx)
1724 struct kv_ctx *kv_ctx = ctx;
1725 struct ldb_val key = {
1726 .length = tdb_key.dsize,
1727 .data = tdb_key.dptr,
1729 struct ldb_val data = {
1730 .length = tdb_data.dsize,
1731 .data = tdb_data.dptr,
1733 return kv_ctx->kv_traverse_fn(kv_ctx->ltdb, key, data, kv_ctx->ctx);
1736 static int ltdb_tdb_traverse_fn(struct ltdb_private *ltdb, ldb_kv_traverse_fn fn, void *ctx)
1738 struct kv_ctx kv_ctx = {
1739 .kv_traverse_fn = fn,
1743 if (ltdb->in_transaction != 0) {
1744 return tdb_traverse(ltdb->tdb, ldb_tdb_traverse_fn_wrapper, &kv_ctx);
1746 return tdb_traverse_read(ltdb->tdb, ldb_tdb_traverse_fn_wrapper, &kv_ctx);
1750 static int ltdb_tdb_update_in_iterate(struct ltdb_private *ltdb, TDB_DATA key, TDB_DATA key2, TDB_DATA data, void *state)
1753 struct ldb_context *ldb;
1754 struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state;
1755 struct ldb_module *module = ctx->module;
1757 ldb = ldb_module_get_ctx(module);
1759 tdb_ret = tdb_delete(ltdb->tdb, key);
1761 ldb_debug(ldb, LDB_DEBUG_ERROR,
1762 "Failed to delete %*.*s "
1763 "for rekey as %*.*s: %s",
1764 (int)key.dsize, (int)key.dsize,
1765 (const char *)key.dptr,
1766 (int)key2.dsize, (int)key2.dsize,
1767 (const char *)key.dptr,
1768 tdb_errorstr(ltdb->tdb));
1769 ctx->error = ltdb_err_map(tdb_error(ltdb->tdb));
1772 tdb_ret = tdb_store(ltdb->tdb, key2, data, 0);
1774 ldb_debug(ldb, LDB_DEBUG_ERROR,
1775 "Failed to rekey %*.*s as %*.*s: %s",
1776 (int)key.dsize, (int)key.dsize,
1777 (const char *)key.dptr,
1778 (int)key2.dsize, (int)key2.dsize,
1779 (const char *)key.dptr,
1780 tdb_errorstr(ltdb->tdb));
1781 ctx->error = ltdb_err_map(tdb_error(ltdb->tdb));
1787 static int ltdb_tdb_parse_record(struct ltdb_private *ltdb, TDB_DATA key,
1788 int (*parser)(TDB_DATA key, TDB_DATA data,
1789 void *private_data),
1792 return tdb_parse_record(ltdb->tdb, key, parser, ctx);
1795 static const char * ltdb_tdb_name(struct ltdb_private *ltdb)
1797 return tdb_name(ltdb->tdb);
1800 static bool ltdb_tdb_changed(struct ltdb_private *ltdb)
1802 bool ret = (tdb_get_seqnum(ltdb->tdb) != ltdb->tdb_seqnum);
1804 ltdb->tdb_seqnum = tdb_get_seqnum(ltdb->tdb);
1809 static const struct kv_db_ops key_value_ops = {
1810 .store = ltdb_tdb_store,
1811 .delete = ltdb_tdb_delete,
1812 .iterate = ltdb_tdb_traverse_fn,
1813 .update_in_iterate = ltdb_tdb_update_in_iterate,
1814 .fetch_and_parse = ltdb_tdb_parse_record,
1815 .lock_read = ltdb_lock_read,
1816 .unlock_read = ltdb_unlock_read,
1817 .begin_write = ltdb_tdb_transaction_start,
1818 .prepare_write = ltdb_tdb_transaction_prepare_commit,
1819 .finish_write = ltdb_tdb_transaction_commit,
1820 .abort_write = ltdb_tdb_transaction_cancel,
1821 .error = ltdb_error,
1822 .errorstr = ltdb_errorstr,
1823 .name = ltdb_tdb_name,
1824 .has_changed = ltdb_tdb_changed,
1827 static void ltdb_callback(struct tevent_context *ev,
1828 struct tevent_timer *te,
1832 struct ltdb_context *ctx;
1835 ctx = talloc_get_type(private_data, struct ltdb_context);
1837 if (ctx->request_terminated) {
1841 switch (ctx->req->operation) {
1843 ret = ltdb_search(ctx);
1846 ret = ltdb_add(ctx);
1849 ret = ltdb_modify(ctx);
1852 ret = ltdb_delete(ctx);
1855 ret = ltdb_rename(ctx);
1858 ltdb_handle_extended(ctx);
1861 /* no other op supported */
1862 ret = LDB_ERR_PROTOCOL_ERROR;
1865 if (!ctx->request_terminated) {
1866 /* request is done now */
1867 ltdb_request_done(ctx, ret);
1872 /* neutralize the spy */
1873 ctx->spy->ctx = NULL;
1879 static int ltdb_request_destructor(void *ptr)
1881 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1883 if (spy->ctx != NULL) {
1884 spy->ctx->spy = NULL;
1885 spy->ctx->request_terminated = true;
1892 static int ltdb_handle_request(struct ldb_module *module,
1893 struct ldb_request *req)
1895 struct ldb_control *control_permissive;
1896 struct ldb_context *ldb;
1897 struct tevent_context *ev;
1898 struct ltdb_context *ac;
1899 struct tevent_timer *te;
1903 ldb = ldb_module_get_ctx(module);
1905 control_permissive = ldb_request_get_control(req,
1906 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1908 for (i = 0; req->controls && req->controls[i]; i++) {
1909 if (req->controls[i]->critical &&
1910 req->controls[i] != control_permissive) {
1911 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1912 req->controls[i]->oid);
1913 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1917 if (req->starttime == 0 || req->timeout == 0) {
1918 ldb_set_errstring(ldb, "Invalid timeout settings");
1919 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1922 ev = ldb_handle_get_event_context(req->handle);
1924 ac = talloc_zero(ldb, struct ltdb_context);
1927 return LDB_ERR_OPERATIONS_ERROR;
1930 ac->module = module;
1935 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1938 return LDB_ERR_OPERATIONS_ERROR;
1941 if (req->timeout > 0) {
1942 tv.tv_sec = req->starttime + req->timeout;
1944 ac->timeout_event = tevent_add_timer(ev, ac, tv,
1946 if (NULL == ac->timeout_event) {
1948 return LDB_ERR_OPERATIONS_ERROR;
1952 /* set a spy so that we do not try to use the request context
1953 * if it is freed before ltdb_callback fires */
1954 ac->spy = talloc(req, struct ltdb_req_spy);
1955 if (NULL == ac->spy) {
1957 return LDB_ERR_OPERATIONS_ERROR;
1961 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1966 static int ltdb_init_rootdse(struct ldb_module *module)
1968 /* ignore errors on this - we expect it for non-sam databases */
1969 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1971 /* there can be no module beyond the backend, just return */
1976 static int generic_lock_read(struct ldb_module *module)
1978 void *data = ldb_module_get_private(module);
1979 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1980 return ltdb->kv_ops->lock_read(module);
1983 static int generic_unlock_read(struct ldb_module *module)
1985 void *data = ldb_module_get_private(module);
1986 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1987 return ltdb->kv_ops->unlock_read(module);
1990 static const struct ldb_module_ops ltdb_ops = {
1992 .init_context = ltdb_init_rootdse,
1993 .search = ltdb_handle_request,
1994 .add = ltdb_handle_request,
1995 .modify = ltdb_handle_request,
1996 .del = ltdb_handle_request,
1997 .rename = ltdb_handle_request,
1998 .extended = ltdb_handle_request,
1999 .start_transaction = ltdb_start_trans,
2000 .end_transaction = ltdb_end_trans,
2001 .prepare_commit = ltdb_prepare_commit,
2002 .del_transaction = ltdb_del_trans,
2003 .read_lock = generic_lock_read,
2004 .read_unlock = generic_unlock_read,
2007 int init_store(struct ltdb_private *ltdb,
2009 struct ldb_context *ldb,
2010 const char *options[],
2011 struct ldb_module **_module)
2013 struct ldb_module *module;
2015 if (getenv("LDB_WARN_UNINDEXED")) {
2016 ltdb->warn_unindexed = true;
2019 if (getenv("LDB_WARN_REINDEX")) {
2020 ltdb->warn_reindex = true;
2023 ltdb->sequence_number = 0;
2025 module = ldb_module_new(ldb, ldb, name, <db_ops);
2029 return LDB_ERR_OPERATIONS_ERROR;
2031 ldb_module_set_private(module, ltdb);
2032 talloc_steal(module, ltdb);
2034 if (ltdb_cache_load(module) != 0) {
2035 ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
2036 "records for backend '%s'", name);
2037 talloc_free(module);
2038 return LDB_ERR_OPERATIONS_ERROR;
2043 * Set the maximum key length
2046 const char *len_str =
2047 ldb_options_find(ldb, options,
2048 "max_key_len_for_self_test");
2049 if (len_str != NULL) {
2050 unsigned len = strtoul(len_str, NULL, 0);
2051 ltdb->max_key_length = len;
2059 connect to the database
2061 int ltdb_connect(struct ldb_context *ldb, const char *url,
2062 unsigned int flags, const char *options[],
2063 struct ldb_module **_module)
2066 int tdb_flags, open_flags;
2067 struct ltdb_private *ltdb;
2070 * We hold locks, so we must use a private event context
2071 * on each returned handle
2073 ldb_set_require_private_event_context(ldb);
2076 if (strchr(url, ':')) {
2077 if (strncmp(url, "tdb://", 6) != 0) {
2078 ldb_debug(ldb, LDB_DEBUG_ERROR,
2079 "Invalid tdb URL '%s'", url);
2080 return LDB_ERR_OPERATIONS_ERROR;
2087 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
2089 /* check for the 'nosync' option */
2090 if (flags & LDB_FLG_NOSYNC) {
2091 tdb_flags |= TDB_NOSYNC;
2094 /* and nommap option */
2095 if (flags & LDB_FLG_NOMMAP) {
2096 tdb_flags |= TDB_NOMMAP;
2099 ltdb = talloc_zero(ldb, struct ltdb_private);
2102 return LDB_ERR_OPERATIONS_ERROR;
2105 if (flags & LDB_FLG_RDONLY) {
2107 * This is weird, but because we can only have one tdb
2108 * in this process, and the other one could be
2109 * read-write, we can't use the tdb readonly. Plus a
2110 * read only tdb prohibits the all-record lock.
2112 open_flags = O_RDWR;
2114 ltdb->read_only = true;
2116 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
2118 * This is used by ldbsearch to prevent creation of the database
2119 * if the name is wrong
2121 open_flags = O_RDWR;
2124 * This is the normal case
2126 open_flags = O_CREAT | O_RDWR;
2129 ltdb->kv_ops = &key_value_ops;
2131 /* note that we use quite a large default hash size */
2132 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
2133 tdb_flags, open_flags,
2134 ldb_get_create_perms(ldb), ldb);
2136 ldb_asprintf_errstring(ldb,
2137 "Unable to open tdb '%s': %s", path, strerror(errno));
2138 ldb_debug(ldb, LDB_DEBUG_ERROR,
2139 "Unable to open tdb '%s': %s", path, strerror(errno));
2141 if (errno == EACCES || errno == EPERM) {
2142 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
2144 return LDB_ERR_OPERATIONS_ERROR;
2147 return init_store(ltdb, "ldb_tdb backend", ldb, options, _module);