4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 /* The caller is to provide a correctly sized key */
225 int ltdb_guid_to_key(struct ldb_module *module,
226 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val,
230 const char *GUID_prefix = LTDB_GUID_KEY_PREFIX;
231 const int GUID_prefix_len = sizeof(LTDB_GUID_KEY_PREFIX) - 1;
233 if (key->dsize != (GUID_val->length+GUID_prefix_len)) {
234 return LDB_ERR_OPERATIONS_ERROR;
237 memcpy(key->dptr, GUID_prefix, GUID_prefix_len);
238 memcpy(&key->dptr[GUID_prefix_len],
239 GUID_val->data, GUID_val->length);
244 * The caller is to provide a correctly sized key, used only in
245 * the GUID index mode
247 int ltdb_idx_to_key(struct ldb_module *module,
248 struct ltdb_private *ltdb,
250 const struct ldb_val *idx_val,
253 struct ldb_context *ldb = ldb_module_get_ctx(module);
256 if (ltdb->cache->GUID_index_attribute != NULL) {
257 return ltdb_guid_to_key(module, ltdb,
261 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
264 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
265 * to the caller, as this in an invalid index value
267 return LDB_ERR_OPERATIONS_ERROR;
270 *key = ltdb_key_dn(module, mem_ctx, dn);
273 return ldb_module_oom(module);
279 form a TDB_DATA for a record key
280 caller frees mem_ctx, which may or may not have the key
283 note that the key for a record can depend on whether a
284 GUID index is in use, or the DN is used as the key
286 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
287 const struct ldb_message *msg)
289 void *data = ldb_module_get_private(module);
290 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
292 const struct ldb_val *guid_val;
295 if (ltdb->cache->GUID_index_attribute == NULL) {
296 return ltdb_key_dn(module, mem_ctx, msg->dn);
299 if (ldb_dn_is_special(msg->dn)) {
300 return ltdb_key_dn(module, mem_ctx, msg->dn);
303 guid_val = ldb_msg_find_ldb_val(msg,
304 ltdb->cache->GUID_index_attribute);
305 if (guid_val == NULL) {
306 ldb_asprintf_errstring(ldb_module_get_ctx(module),
307 "Did not find GUID attribute %s "
308 "in %s, required for TDB record "
309 "key in " LTDB_IDXGUID " mode.",
310 ltdb->cache->GUID_index_attribute,
311 ldb_dn_get_linearized(msg->dn));
318 /* In this case, allocate with talloc */
319 key.dptr = talloc_size(mem_ctx, LTDB_GUID_KEY_SIZE);
320 if (key.dptr == NULL) {
326 key.dsize = talloc_get_size(key.dptr);
328 ret = ltdb_guid_to_key(module, ltdb, guid_val, &key);
330 if (ret != LDB_SUCCESS) {
340 check special dn's have valid attributes
341 currently only @ATTRIBUTES is checked
343 static int ltdb_check_special_dn(struct ldb_module *module,
344 const struct ldb_message *msg)
346 struct ldb_context *ldb = ldb_module_get_ctx(module);
349 if (! ldb_dn_is_special(msg->dn) ||
350 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
354 /* we have @ATTRIBUTES, let's check attributes are fine */
355 /* should we check that we deny multivalued attributes ? */
356 for (i = 0; i < msg->num_elements; i++) {
357 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
359 for (j = 0; j < msg->elements[i].num_values; j++) {
360 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
361 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
362 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
372 we've made a modification to a dn - possibly reindex and
373 update sequence number
375 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
377 int ret = LDB_SUCCESS;
378 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
380 /* only allow modifies inside a transaction, otherwise the
382 if (ltdb->in_transaction == 0) {
383 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
384 return LDB_ERR_OPERATIONS_ERROR;
387 if (ldb_dn_is_special(dn) &&
388 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
389 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
391 if (ltdb->warn_reindex) {
392 ldb_debug(ldb_module_get_ctx(module),
393 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
394 ltdb->kv_ops->name(ltdb), ldb_dn_get_linearized(dn));
396 ret = ltdb_reindex(module);
399 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
400 if (ret == LDB_SUCCESS &&
401 !(ldb_dn_is_special(dn) &&
402 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
403 ret = ltdb_increase_sequence_number(module);
406 /* If the modify was to @OPTIONS, reload the cache */
407 if (ret == LDB_SUCCESS &&
408 ldb_dn_is_special(dn) &&
409 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
410 ret = ltdb_cache_reload(module);
416 static int ltdb_tdb_store(struct ltdb_private *ltdb, TDB_DATA key, TDB_DATA data, int flags)
418 return tdb_store(ltdb->tdb, key, data, flags);
421 static int ltdb_error(struct ltdb_private *ltdb)
423 return ltdb_err_map(tdb_error(ltdb->tdb));
427 store a record into the db
429 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
431 void *data = ldb_module_get_private(module);
432 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
433 TDB_DATA tdb_key, tdb_data;
434 struct ldb_val ldb_data;
435 int ret = LDB_SUCCESS;
436 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
438 if (tdb_key_ctx == NULL) {
439 return ldb_module_oom(module);
442 if (ltdb->read_only) {
443 return LDB_ERR_UNWILLING_TO_PERFORM;
446 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
447 if (tdb_key.dptr == NULL) {
448 TALLOC_FREE(tdb_key_ctx);
449 return LDB_ERR_OTHER;
452 ret = ldb_pack_data(ldb_module_get_ctx(module),
455 TALLOC_FREE(tdb_key_ctx);
456 return LDB_ERR_OTHER;
459 tdb_data.dptr = ldb_data.data;
460 tdb_data.dsize = ldb_data.length;
462 ret = ltdb->kv_ops->store(ltdb, tdb_key, tdb_data, flgs);
464 bool is_special = ldb_dn_is_special(msg->dn);
465 ret = ltdb->kv_ops->error(ltdb);
468 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
469 * the GUID, so re-map
471 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
473 && ltdb->cache->GUID_index_attribute != NULL) {
474 ret = LDB_ERR_CONSTRAINT_VIOLATION;
480 TALLOC_FREE(tdb_key_ctx);
481 talloc_free(ldb_data.data);
488 check if a attribute is a single valued, for a given element
490 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
491 struct ldb_message_element *el)
493 if (!a) return false;
495 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
496 /* override from a ldb module, for example
497 used for the description field, which is
498 marked multi-valued in the schema but which
499 should not actually accept multiple
503 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
504 /* override from a ldb module, for example used for
505 deleted linked attribute entries */
509 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
515 static int ltdb_add_internal(struct ldb_module *module,
516 struct ltdb_private *ltdb,
517 const struct ldb_message *msg,
518 bool check_single_value)
520 struct ldb_context *ldb = ldb_module_get_ctx(module);
521 int ret = LDB_SUCCESS;
524 for (i=0;i<msg->num_elements;i++) {
525 struct ldb_message_element *el = &msg->elements[i];
526 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
528 if (el->num_values == 0) {
529 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
530 el->name, ldb_dn_get_linearized(msg->dn));
531 return LDB_ERR_CONSTRAINT_VIOLATION;
533 if (check_single_value &&
534 el->num_values > 1 &&
535 ldb_tdb_single_valued(a, el)) {
536 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
537 el->name, ldb_dn_get_linearized(msg->dn));
538 return LDB_ERR_CONSTRAINT_VIOLATION;
541 /* Do not check "@ATTRIBUTES" for duplicated values */
542 if (ldb_dn_is_special(msg->dn) &&
543 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
547 if (check_single_value &&
549 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
550 struct ldb_val *duplicate = NULL;
552 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
554 if (ret != LDB_SUCCESS) {
557 if (duplicate != NULL) {
558 ldb_asprintf_errstring(
560 "attribute '%s': value '%.*s' on '%s' "
561 "provided more than once in ADD object",
563 (int)duplicate->length,
565 ldb_dn_get_linearized(msg->dn));
566 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
571 ret = ltdb_store(module, msg, TDB_INSERT);
572 if (ret != LDB_SUCCESS) {
574 * Try really hard to get the right error code for
575 * a re-add situation, as this can matter!
577 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
579 struct ldb_dn *dn2 = NULL;
580 TALLOC_CTX *mem_ctx = talloc_new(module);
581 if (mem_ctx == NULL) {
582 return ldb_module_operr(module);
584 ret2 = ltdb_search_base(module, module,
586 TALLOC_FREE(mem_ctx);
587 if (ret2 == LDB_SUCCESS) {
588 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
591 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
592 ldb_asprintf_errstring(ldb,
593 "Entry %s already exists",
594 ldb_dn_get_linearized(msg->dn));
599 ret = ltdb_index_add_new(module, ltdb, msg);
600 if (ret != LDB_SUCCESS) {
602 * If we failed to index, delete the message again.
604 * This is particularly important for the GUID index
605 * case, which will only fail for a duplicate DN
608 * Note that the caller may not cancel the transation
609 * and this means the above add might really show up!
611 ltdb_delete_noindex(module, msg);
615 ret = ltdb_modified(module, msg->dn);
621 add a record to the database
623 static int ltdb_add(struct ltdb_context *ctx)
625 struct ldb_module *module = ctx->module;
626 struct ldb_request *req = ctx->req;
627 void *data = ldb_module_get_private(module);
628 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
629 int ret = LDB_SUCCESS;
631 ret = ltdb_check_special_dn(module, req->op.add.message);
632 if (ret != LDB_SUCCESS) {
636 ldb_request_set_state(req, LDB_ASYNC_PENDING);
638 if (ltdb_cache_load(module) != 0) {
639 return LDB_ERR_OPERATIONS_ERROR;
642 ret = ltdb_add_internal(module, ltdb,
643 req->op.add.message, true);
648 static int ltdb_tdb_delete(struct ltdb_private *ltdb, TDB_DATA tdb_key)
650 return tdb_delete(ltdb->tdb, tdb_key);
654 delete a record from the database, not updating indexes (used for deleting
657 int ltdb_delete_noindex(struct ldb_module *module,
658 const struct ldb_message *msg)
660 void *data = ldb_module_get_private(module);
661 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
664 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
666 if (tdb_key_ctx == NULL) {
667 return ldb_module_oom(module);
670 if (ltdb->read_only) {
671 return LDB_ERR_UNWILLING_TO_PERFORM;
674 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
676 TALLOC_FREE(tdb_key_ctx);
677 return LDB_ERR_OTHER;
680 ret = ltdb->kv_ops->delete(ltdb, tdb_key);
681 TALLOC_FREE(tdb_key_ctx);
684 ret = ltdb->kv_ops->error(ltdb);
690 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
692 struct ldb_message *msg;
693 int ret = LDB_SUCCESS;
695 msg = ldb_msg_new(module);
697 return LDB_ERR_OPERATIONS_ERROR;
700 /* in case any attribute of the message was indexed, we need
701 to fetch the old record */
702 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
703 if (ret != LDB_SUCCESS) {
704 /* not finding the old record is an error */
708 ret = ltdb_delete_noindex(module, msg);
709 if (ret != LDB_SUCCESS) {
713 /* remove any indexed attributes */
714 ret = ltdb_index_delete(module, msg);
715 if (ret != LDB_SUCCESS) {
719 ret = ltdb_modified(module, dn);
720 if (ret != LDB_SUCCESS) {
730 delete a record from the database
732 static int ltdb_delete(struct ltdb_context *ctx)
734 struct ldb_module *module = ctx->module;
735 struct ldb_request *req = ctx->req;
736 int ret = LDB_SUCCESS;
738 ldb_request_set_state(req, LDB_ASYNC_PENDING);
740 if (ltdb_cache_load(module) != 0) {
741 return LDB_ERR_OPERATIONS_ERROR;
744 ret = ltdb_delete_internal(module, req->op.del.dn);
750 find an element by attribute name. At the moment this does a linear search,
751 it should be re-coded to use a binary search once all places that modify
752 records guarantee sorted order
754 return the index of the first matching element if found, otherwise -1
756 static int find_element(const struct ldb_message *msg, const char *name)
759 for (i=0;i<msg->num_elements;i++) {
760 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
769 add an element to an existing record. Assumes a elements array that we
770 can call re-alloc on, and assumed that we can re-use the data pointers from
771 the passed in additional values. Use with care!
773 returns 0 on success, -1 on failure (and sets errno)
775 static int ltdb_msg_add_element(struct ldb_message *msg,
776 struct ldb_message_element *el)
778 struct ldb_message_element *e2;
781 if (el->num_values == 0) {
782 /* nothing to do here - we don't add empty elements */
786 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
787 msg->num_elements+1);
795 e2 = &msg->elements[msg->num_elements];
798 e2->flags = el->flags;
799 e2->values = talloc_array(msg->elements,
800 struct ldb_val, el->num_values);
805 for (i=0;i<el->num_values;i++) {
806 e2->values[i] = el->values[i];
808 e2->num_values = el->num_values;
816 delete all elements having a specified attribute name
818 static int msg_delete_attribute(struct ldb_module *module,
819 struct ltdb_private *ltdb,
820 struct ldb_message *msg, const char *name)
824 struct ldb_message_element *el;
825 bool is_special = ldb_dn_is_special(msg->dn);
828 && ltdb->cache->GUID_index_attribute != NULL
829 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
830 struct ldb_context *ldb = ldb_module_get_ctx(module);
831 ldb_asprintf_errstring(ldb, "Must not modify GUID "
832 "attribute %s (used as DB index)",
833 ltdb->cache->GUID_index_attribute);
834 return LDB_ERR_CONSTRAINT_VIOLATION;
837 el = ldb_msg_find_element(msg, name);
839 return LDB_ERR_NO_SUCH_ATTRIBUTE;
841 i = el - msg->elements;
843 ret = ltdb_index_del_element(module, ltdb, msg, el);
844 if (ret != LDB_SUCCESS) {
848 talloc_free(el->values);
849 if (msg->num_elements > (i+1)) {
850 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
853 msg->elements = talloc_realloc(msg, msg->elements,
854 struct ldb_message_element,
860 delete all elements matching an attribute name/value
862 return LDB Error on failure
864 static int msg_delete_element(struct ldb_module *module,
865 struct ltdb_private *ltdb,
866 struct ldb_message *msg,
868 const struct ldb_val *val)
870 struct ldb_context *ldb = ldb_module_get_ctx(module);
873 struct ldb_message_element *el;
874 const struct ldb_schema_attribute *a;
876 found = find_element(msg, name);
878 return LDB_ERR_NO_SUCH_ATTRIBUTE;
881 i = (unsigned int) found;
882 el = &(msg->elements[i]);
884 a = ldb_schema_attribute_by_name(ldb, el->name);
886 for (i=0;i<el->num_values;i++) {
888 if (a->syntax->operator_fn) {
889 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
890 &el->values[i], val, &matched);
891 if (ret != LDB_SUCCESS) return ret;
893 matched = (a->syntax->comparison_fn(ldb, ldb,
894 &el->values[i], val) == 0);
897 if (el->num_values == 1) {
898 return msg_delete_attribute(module,
902 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
903 if (ret != LDB_SUCCESS) {
907 if (i<el->num_values-1) {
908 memmove(&el->values[i], &el->values[i+1],
909 sizeof(el->values[i])*
910 (el->num_values-(i+1)));
914 /* per definition we find in a canonicalised message an
915 attribute value only once. So we are finished here */
921 return LDB_ERR_NO_SUCH_ATTRIBUTE;
926 modify a record - internal interface
928 yuck - this is O(n^2). Luckily n is usually small so we probably
929 get away with it, but if we ever have really large attribute lists
930 then we'll need to look at this again
932 'req' is optional, and is used to specify controls if supplied
934 int ltdb_modify_internal(struct ldb_module *module,
935 const struct ldb_message *msg,
936 struct ldb_request *req)
938 struct ldb_context *ldb = ldb_module_get_ctx(module);
939 void *data = ldb_module_get_private(module);
940 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
941 struct ldb_message *msg2;
943 int ret = LDB_SUCCESS, idx;
944 struct ldb_control *control_permissive = NULL;
945 TALLOC_CTX *mem_ctx = talloc_new(req);
947 if (mem_ctx == NULL) {
948 return ldb_module_oom(module);
952 control_permissive = ldb_request_get_control(req,
953 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
956 msg2 = ldb_msg_new(mem_ctx);
962 ret = ltdb_search_dn1(module, msg->dn,
964 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
965 if (ret != LDB_SUCCESS) {
969 for (i=0; i<msg->num_elements; i++) {
970 struct ldb_message_element *el = &msg->elements[i], *el2;
971 struct ldb_val *vals;
972 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
974 uint32_t options = 0;
975 if (control_permissive != NULL) {
976 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
979 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
980 case LDB_FLAG_MOD_ADD:
982 if (el->num_values == 0) {
983 ldb_asprintf_errstring(ldb,
984 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
985 el->name, ldb_dn_get_linearized(msg2->dn));
986 ret = LDB_ERR_CONSTRAINT_VIOLATION;
990 /* make a copy of the array so that a permissive
991 * control can remove duplicates without changing the
992 * original values, but do not copy data as we do not
993 * need to keep it around once the operation is
995 if (control_permissive) {
996 el = talloc(msg2, struct ldb_message_element);
1001 *el = msg->elements[i];
1002 el->values = talloc_array(el, struct ldb_val, el->num_values);
1003 if (el->values == NULL) {
1004 ret = LDB_ERR_OTHER;
1007 for (j = 0; j < el->num_values; j++) {
1008 el->values[j] = msg->elements[i].values[j];
1012 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1013 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1014 el->name, ldb_dn_get_linearized(msg2->dn));
1015 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1019 /* Checks if element already exists */
1020 idx = find_element(msg2, el->name);
1022 if (ltdb_msg_add_element(msg2, el) != 0) {
1023 ret = LDB_ERR_OTHER;
1026 ret = ltdb_index_add_element(module, ltdb,
1029 if (ret != LDB_SUCCESS) {
1033 j = (unsigned int) idx;
1034 el2 = &(msg2->elements[j]);
1036 /* We cannot add another value on a existing one
1037 if the attribute is single-valued */
1038 if (ldb_tdb_single_valued(a, el)) {
1039 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1040 el->name, ldb_dn_get_linearized(msg2->dn));
1041 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1045 /* Check that values don't exist yet on multi-
1046 valued attributes or aren't provided twice */
1048 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1049 struct ldb_val *duplicate = NULL;
1050 ret = ldb_msg_find_common_values(ldb,
1057 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1058 ldb_asprintf_errstring(ldb,
1059 "attribute '%s': value "
1060 "#%u on '%s' already "
1061 "exists", el->name, j,
1062 ldb_dn_get_linearized(msg2->dn));
1064 } else if (ret != LDB_SUCCESS) {
1068 ret = ldb_msg_find_duplicate_val(
1069 ldb, msg2, el, &duplicate, 0);
1070 if (ret != LDB_SUCCESS) {
1073 if (duplicate != NULL) {
1074 ldb_asprintf_errstring(
1076 "attribute '%s': value "
1078 "provided more than "
1081 (int)duplicate->length,
1083 ldb_dn_get_linearized(msg->dn));
1084 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1089 /* Now combine existing and new values to a new
1091 vals = talloc_realloc(msg2->elements,
1092 el2->values, struct ldb_val,
1093 el2->num_values + el->num_values);
1096 ret = LDB_ERR_OTHER;
1100 for (j=0; j<el->num_values; j++) {
1101 vals[el2->num_values + j] =
1102 ldb_val_dup(vals, &el->values[j]);
1106 el2->num_values += el->num_values;
1108 ret = ltdb_index_add_element(module, ltdb,
1110 if (ret != LDB_SUCCESS) {
1117 case LDB_FLAG_MOD_REPLACE:
1119 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1120 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1121 el->name, ldb_dn_get_linearized(msg2->dn));
1122 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1127 * We don't need to check this if we have been
1128 * pre-screened by the repl_meta_data module
1129 * in Samba, or someone else who can claim to
1130 * know what they are doing.
1132 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1133 struct ldb_val *duplicate = NULL;
1135 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1137 if (ret != LDB_SUCCESS) {
1140 if (duplicate != NULL) {
1141 ldb_asprintf_errstring(
1143 "attribute '%s': value '%.*s' "
1144 "on '%s' provided more than "
1147 (int)duplicate->length,
1149 ldb_dn_get_linearized(msg2->dn));
1150 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1155 /* Checks if element already exists */
1156 idx = find_element(msg2, el->name);
1158 j = (unsigned int) idx;
1159 el2 = &(msg2->elements[j]);
1161 /* we consider two elements to be
1162 * equal only if the order
1163 * matches. This allows dbcheck to
1164 * fix the ordering on attributes
1165 * where order matters, such as
1168 if (ldb_msg_element_equal_ordered(el, el2)) {
1172 /* Delete the attribute if it exists in the DB */
1173 if (msg_delete_attribute(module, ltdb,
1176 ret = LDB_ERR_OTHER;
1181 /* Recreate it with the new values */
1182 if (ltdb_msg_add_element(msg2, el) != 0) {
1183 ret = LDB_ERR_OTHER;
1187 ret = ltdb_index_add_element(module, ltdb,
1189 if (ret != LDB_SUCCESS) {
1195 case LDB_FLAG_MOD_DELETE:
1196 dn = ldb_dn_get_linearized(msg2->dn);
1198 ret = LDB_ERR_OTHER;
1202 if (msg->elements[i].num_values == 0) {
1203 /* Delete the whole attribute */
1204 ret = msg_delete_attribute(module,
1207 msg->elements[i].name);
1208 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1209 control_permissive) {
1212 ldb_asprintf_errstring(ldb,
1213 "attribute '%s': no such attribute for delete on '%s'",
1214 msg->elements[i].name, dn);
1216 if (ret != LDB_SUCCESS) {
1220 /* Delete specified values from an attribute */
1221 for (j=0; j < msg->elements[i].num_values; j++) {
1222 ret = msg_delete_element(module,
1225 msg->elements[i].name,
1226 &msg->elements[i].values[j]);
1227 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1228 control_permissive) {
1230 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1231 ldb_asprintf_errstring(ldb,
1232 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1233 msg->elements[i].name, dn);
1235 if (ret != LDB_SUCCESS) {
1242 ldb_asprintf_errstring(ldb,
1243 "attribute '%s': invalid modify flags on '%s': 0x%x",
1244 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1245 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1246 ret = LDB_ERR_PROTOCOL_ERROR;
1251 ret = ltdb_store(module, msg2, TDB_MODIFY);
1252 if (ret != LDB_SUCCESS) {
1256 ret = ltdb_modified(module, msg2->dn);
1257 if (ret != LDB_SUCCESS) {
1262 TALLOC_FREE(mem_ctx);
1269 static int ltdb_modify(struct ltdb_context *ctx)
1271 struct ldb_module *module = ctx->module;
1272 struct ldb_request *req = ctx->req;
1273 int ret = LDB_SUCCESS;
1275 ret = ltdb_check_special_dn(module, req->op.mod.message);
1276 if (ret != LDB_SUCCESS) {
1280 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1282 if (ltdb_cache_load(module) != 0) {
1283 return LDB_ERR_OPERATIONS_ERROR;
1286 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1294 static int ltdb_rename(struct ltdb_context *ctx)
1296 struct ldb_module *module = ctx->module;
1297 void *data = ldb_module_get_private(module);
1298 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1299 struct ldb_request *req = ctx->req;
1300 struct ldb_message *msg;
1301 int ret = LDB_SUCCESS;
1302 TDB_DATA tdb_key, tdb_key_old;
1303 struct ldb_dn *db_dn;
1305 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1307 if (ltdb_cache_load(ctx->module) != 0) {
1308 return LDB_ERR_OPERATIONS_ERROR;
1311 msg = ldb_msg_new(ctx);
1313 return LDB_ERR_OPERATIONS_ERROR;
1316 /* we need to fetch the old record to re-add under the new name */
1317 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1318 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1319 if (ret != LDB_SUCCESS) {
1320 /* not finding the old record is an error */
1324 /* We need to, before changing the DB, check if the new DN
1325 * exists, so we can return this error to the caller with an
1328 * Even in GUID index mode we use ltdb_key_dn() as we are
1329 * trying to figure out if this is just a case rename
1331 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1332 if (!tdb_key.dptr) {
1334 return LDB_ERR_OPERATIONS_ERROR;
1337 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1338 if (!tdb_key_old.dptr) {
1340 talloc_free(tdb_key.dptr);
1341 return LDB_ERR_OPERATIONS_ERROR;
1345 * Only declare a conflict if the new DN already exists,
1346 * and it isn't a case change on the old DN
1348 if (tdb_key_old.dsize != tdb_key.dsize
1349 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1350 ret = ltdb_search_base(module, msg,
1351 req->op.rename.newdn,
1353 if (ret == LDB_SUCCESS) {
1354 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1355 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1360 /* finding the new record already in the DB is an error */
1362 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1363 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1364 "Entry %s already exists",
1365 ldb_dn_get_linearized(req->op.rename.newdn));
1367 if (ret != LDB_SUCCESS) {
1368 talloc_free(tdb_key_old.dptr);
1369 talloc_free(tdb_key.dptr);
1374 talloc_free(tdb_key_old.dptr);
1375 talloc_free(tdb_key.dptr);
1377 /* Always delete first then add, to avoid conflicts with
1378 * unique indexes. We rely on the transaction to make this
1381 ret = ltdb_delete_internal(module, msg->dn);
1382 if (ret != LDB_SUCCESS) {
1387 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1388 if (msg->dn == NULL) {
1390 return LDB_ERR_OPERATIONS_ERROR;
1393 /* We don't check single value as we can have more than 1 with
1394 * deleted attributes. We could go through all elements but that's
1395 * maybe not the most efficient way
1397 ret = ltdb_add_internal(module, ltdb, msg, false);
1404 static int ltdb_start_trans(struct ldb_module *module)
1406 void *data = ldb_module_get_private(module);
1407 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1409 /* Do not take out the transaction lock on a read-only DB */
1410 if (ltdb->read_only) {
1411 return LDB_ERR_UNWILLING_TO_PERFORM;
1414 if (tdb_transaction_start(ltdb->tdb) != 0) {
1415 return ltdb->kv_ops->error(ltdb);
1418 ltdb->in_transaction++;
1420 ltdb_index_transaction_start(module);
1425 static int ltdb_prepare_commit(struct ldb_module *module)
1428 void *data = ldb_module_get_private(module);
1429 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1431 if (ltdb->in_transaction != 1) {
1435 ret = ltdb_index_transaction_commit(module);
1436 if (ret != LDB_SUCCESS) {
1437 tdb_transaction_cancel(ltdb->tdb);
1438 ltdb->in_transaction--;
1442 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1443 ret = ltdb_err_map(tdb_error(ltdb->tdb));
1444 ltdb->in_transaction--;
1445 ldb_debug_set(ldb_module_get_ctx(module),
1448 "tdb_transaction_prepare_commit(): %s -> %s",
1449 tdb_errorstr(ltdb->tdb),
1454 ltdb->prepared_commit = true;
1459 static int ltdb_end_trans(struct ldb_module *module)
1462 void *data = ldb_module_get_private(module);
1463 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1465 if (!ltdb->prepared_commit) {
1466 ret = ltdb_prepare_commit(module);
1467 if (ret != LDB_SUCCESS) {
1472 ltdb->in_transaction--;
1473 ltdb->prepared_commit = false;
1475 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1476 ret = ltdb->kv_ops->error(ltdb);
1477 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1478 "Failure during tdb_transaction_commit(): %s -> %s",
1479 tdb_errorstr(ltdb->tdb),
1487 static int ltdb_del_trans(struct ldb_module *module)
1489 void *data = ldb_module_get_private(module);
1490 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1492 ltdb->in_transaction--;
1494 if (ltdb_index_transaction_cancel(module) != 0) {
1495 tdb_transaction_cancel(ltdb->tdb);
1496 return ltdb->kv_ops->error(ltdb);
1499 tdb_transaction_cancel(ltdb->tdb);
1504 return sequenceNumber from @BASEINFO
1506 static int ltdb_sequence_number(struct ltdb_context *ctx,
1507 struct ldb_extended **ext)
1509 struct ldb_context *ldb;
1510 struct ldb_module *module = ctx->module;
1511 struct ldb_request *req = ctx->req;
1512 TALLOC_CTX *tmp_ctx = NULL;
1513 struct ldb_seqnum_request *seq;
1514 struct ldb_seqnum_result *res;
1515 struct ldb_message *msg = NULL;
1518 int ret = LDB_SUCCESS;
1520 ldb = ldb_module_get_ctx(module);
1522 seq = talloc_get_type(req->op.extended.data,
1523 struct ldb_seqnum_request);
1525 return LDB_ERR_OPERATIONS_ERROR;
1528 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1530 if (ltdb_lock_read(module) != 0) {
1531 return LDB_ERR_OPERATIONS_ERROR;
1534 res = talloc_zero(req, struct ldb_seqnum_result);
1536 ret = LDB_ERR_OPERATIONS_ERROR;
1540 tmp_ctx = talloc_new(req);
1541 if (tmp_ctx == NULL) {
1542 ret = LDB_ERR_OPERATIONS_ERROR;
1546 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1548 ret = LDB_ERR_OPERATIONS_ERROR;
1552 msg = ldb_msg_new(tmp_ctx);
1554 ret = LDB_ERR_OPERATIONS_ERROR;
1558 ret = ltdb_search_dn1(module, dn, msg, 0);
1559 if (ret != LDB_SUCCESS) {
1563 switch (seq->type) {
1564 case LDB_SEQ_HIGHEST_SEQ:
1565 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1568 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1571 case LDB_SEQ_HIGHEST_TIMESTAMP:
1572 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1574 res->seq_num = ldb_string_to_time(date);
1577 /* zero is as good as anything when we don't know */
1582 *ext = talloc_zero(req, struct ldb_extended);
1584 ret = LDB_ERR_OPERATIONS_ERROR;
1587 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1588 (*ext)->data = talloc_steal(*ext, res);
1591 talloc_free(tmp_ctx);
1592 ltdb_unlock_read(module);
1596 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1598 struct ldb_context *ldb;
1599 struct ldb_request *req;
1600 struct ldb_reply *ares;
1602 ldb = ldb_module_get_ctx(ctx->module);
1605 /* if we already returned an error just return */
1606 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1610 ares = talloc_zero(req, struct ldb_reply);
1613 req->callback(req, NULL);
1616 ares->type = LDB_REPLY_DONE;
1617 ares->error = error;
1619 req->callback(req, ares);
1622 static void ltdb_timeout(struct tevent_context *ev,
1623 struct tevent_timer *te,
1627 struct ltdb_context *ctx;
1628 ctx = talloc_get_type(private_data, struct ltdb_context);
1630 if (!ctx->request_terminated) {
1631 /* request is done now */
1632 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1636 /* neutralize the spy */
1637 ctx->spy->ctx = NULL;
1643 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1644 struct ldb_extended *ext,
1647 struct ldb_context *ldb;
1648 struct ldb_request *req;
1649 struct ldb_reply *ares;
1651 ldb = ldb_module_get_ctx(ctx->module);
1654 /* if we already returned an error just return */
1655 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1659 ares = talloc_zero(req, struct ldb_reply);
1662 req->callback(req, NULL);
1665 ares->type = LDB_REPLY_DONE;
1666 ares->response = ext;
1667 ares->error = error;
1669 req->callback(req, ares);
1672 static void ltdb_handle_extended(struct ltdb_context *ctx)
1674 struct ldb_extended *ext = NULL;
1677 if (strcmp(ctx->req->op.extended.oid,
1678 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1679 /* get sequence number */
1680 ret = ltdb_sequence_number(ctx, &ext);
1682 /* not recognized */
1683 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1686 ltdb_request_extended_done(ctx, ext, ret);
1689 static const char * ltdb_tdb_name(struct ltdb_private *ltdb)
1691 return tdb_name(ltdb->tdb);
1694 static const struct kv_db_ops key_value_ops = {
1695 .store = ltdb_tdb_store,
1696 .delete = ltdb_tdb_delete,
1697 .lock_read = ltdb_lock_read,
1698 .unlock_read = ltdb_unlock_read,
1699 .error = ltdb_error,
1700 .name = ltdb_tdb_name,
1703 static void ltdb_callback(struct tevent_context *ev,
1704 struct tevent_timer *te,
1708 struct ltdb_context *ctx;
1711 ctx = talloc_get_type(private_data, struct ltdb_context);
1713 if (ctx->request_terminated) {
1717 switch (ctx->req->operation) {
1719 ret = ltdb_search(ctx);
1722 ret = ltdb_add(ctx);
1725 ret = ltdb_modify(ctx);
1728 ret = ltdb_delete(ctx);
1731 ret = ltdb_rename(ctx);
1734 ltdb_handle_extended(ctx);
1737 /* no other op supported */
1738 ret = LDB_ERR_PROTOCOL_ERROR;
1741 if (!ctx->request_terminated) {
1742 /* request is done now */
1743 ltdb_request_done(ctx, ret);
1748 /* neutralize the spy */
1749 ctx->spy->ctx = NULL;
1755 static int ltdb_request_destructor(void *ptr)
1757 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1759 if (spy->ctx != NULL) {
1760 spy->ctx->spy = NULL;
1761 spy->ctx->request_terminated = true;
1768 static int ltdb_handle_request(struct ldb_module *module,
1769 struct ldb_request *req)
1771 struct ldb_control *control_permissive;
1772 struct ldb_context *ldb;
1773 struct tevent_context *ev;
1774 struct ltdb_context *ac;
1775 struct tevent_timer *te;
1779 ldb = ldb_module_get_ctx(module);
1781 control_permissive = ldb_request_get_control(req,
1782 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1784 for (i = 0; req->controls && req->controls[i]; i++) {
1785 if (req->controls[i]->critical &&
1786 req->controls[i] != control_permissive) {
1787 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1788 req->controls[i]->oid);
1789 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1793 if (req->starttime == 0 || req->timeout == 0) {
1794 ldb_set_errstring(ldb, "Invalid timeout settings");
1795 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1798 ev = ldb_handle_get_event_context(req->handle);
1800 ac = talloc_zero(ldb, struct ltdb_context);
1803 return LDB_ERR_OPERATIONS_ERROR;
1806 ac->module = module;
1811 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1814 return LDB_ERR_OPERATIONS_ERROR;
1817 if (req->timeout > 0) {
1818 tv.tv_sec = req->starttime + req->timeout;
1820 ac->timeout_event = tevent_add_timer(ev, ac, tv,
1822 if (NULL == ac->timeout_event) {
1824 return LDB_ERR_OPERATIONS_ERROR;
1828 /* set a spy so that we do not try to use the request context
1829 * if it is freed before ltdb_callback fires */
1830 ac->spy = talloc(req, struct ltdb_req_spy);
1831 if (NULL == ac->spy) {
1833 return LDB_ERR_OPERATIONS_ERROR;
1837 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1842 static int ltdb_init_rootdse(struct ldb_module *module)
1844 /* ignore errors on this - we expect it for non-sam databases */
1845 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1847 /* there can be no module beyond the backend, just return */
1851 static const struct ldb_module_ops ltdb_ops = {
1853 .init_context = ltdb_init_rootdse,
1854 .search = ltdb_handle_request,
1855 .add = ltdb_handle_request,
1856 .modify = ltdb_handle_request,
1857 .del = ltdb_handle_request,
1858 .rename = ltdb_handle_request,
1859 .extended = ltdb_handle_request,
1860 .start_transaction = ltdb_start_trans,
1861 .end_transaction = ltdb_end_trans,
1862 .prepare_commit = ltdb_prepare_commit,
1863 .del_transaction = ltdb_del_trans,
1864 .read_lock = ltdb_lock_read,
1865 .read_unlock = ltdb_unlock_read,
1869 connect to the database
1871 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1872 unsigned int flags, const char *options[],
1873 struct ldb_module **_module)
1875 struct ldb_module *module;
1877 int tdb_flags, open_flags;
1878 struct ltdb_private *ltdb;
1881 * We hold locks, so we must use a private event context
1882 * on each returned handle
1885 ldb_set_require_private_event_context(ldb);
1888 if (strchr(url, ':')) {
1889 if (strncmp(url, "tdb://", 6) != 0) {
1890 ldb_debug(ldb, LDB_DEBUG_ERROR,
1891 "Invalid tdb URL '%s'", url);
1892 return LDB_ERR_OPERATIONS_ERROR;
1899 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1901 /* check for the 'nosync' option */
1902 if (flags & LDB_FLG_NOSYNC) {
1903 tdb_flags |= TDB_NOSYNC;
1906 /* and nommap option */
1907 if (flags & LDB_FLG_NOMMAP) {
1908 tdb_flags |= TDB_NOMMAP;
1911 ltdb = talloc_zero(ldb, struct ltdb_private);
1914 return LDB_ERR_OPERATIONS_ERROR;
1917 if (flags & LDB_FLG_RDONLY) {
1919 * This is weird, but because we can only have one tdb
1920 * in this process, and the other one could be
1921 * read-write, we can't use the tdb readonly. Plus a
1922 * read only tdb prohibits the all-record lock.
1924 open_flags = O_RDWR;
1926 ltdb->read_only = true;
1928 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
1930 * This is used by ldbsearch to prevent creation of the database
1931 * if the name is wrong
1933 open_flags = O_RDWR;
1936 * This is the normal case
1938 open_flags = O_CREAT | O_RDWR;
1941 /* note that we use quite a large default hash size */
1942 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1943 tdb_flags, open_flags,
1944 ldb_get_create_perms(ldb), ldb);
1946 ldb_asprintf_errstring(ldb,
1947 "Unable to open tdb '%s': %s", path, strerror(errno));
1948 ldb_debug(ldb, LDB_DEBUG_ERROR,
1949 "Unable to open tdb '%s': %s", path, strerror(errno));
1951 if (errno == EACCES || errno == EPERM) {
1952 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
1954 return LDB_ERR_OPERATIONS_ERROR;
1957 if (getenv("LDB_WARN_UNINDEXED")) {
1958 ltdb->warn_unindexed = true;
1961 if (getenv("LDB_WARN_REINDEX")) {
1962 ltdb->warn_reindex = true;
1965 ltdb->sequence_number = 0;
1966 ltdb->kv_ops = &key_value_ops;
1968 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1972 return LDB_ERR_OPERATIONS_ERROR;
1974 ldb_module_set_private(module, ltdb);
1975 talloc_steal(module, ltdb);
1977 if (ltdb_cache_load(module) != 0) {
1978 ldb_asprintf_errstring(ldb,
1979 "Unable to load ltdb cache records of tdb '%s'", path);
1980 talloc_free(module);
1981 return LDB_ERR_OPERATIONS_ERROR;
1987 * Set the maximum key length
1990 const char *len_str =
1991 ldb_options_find(ldb, options,
1992 "max_key_len_for_self_test");
1993 if (len_str != NULL) {
1994 unsigned len = strtoul(len_str, NULL, 0);
1995 ltdb->max_key_length = len;
2001 int ldb_tdb_init(const char *version)
2003 LDB_MODULE_CHECK_VERSION(version);
2004 return ldb_register_backend("tdb", ltdb_connect, false);