4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 TDB_DATA ltdb_guid_to_key(struct ldb_module *module,
225 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val)
230 const char *GUID_prefix = "GUID=";
231 const int GUID_prefix_len = strlen(GUID_prefix);
233 key.dptr = talloc_size(mem_ctx,
234 GUID_val->length+GUID_prefix_len);
236 if (key.dptr == NULL) {
242 memcpy(key.dptr, "GUID=", GUID_prefix_len);
243 memcpy(&key.dptr[GUID_prefix_len],
244 GUID_val->data, GUID_val->length);
246 key.dsize = talloc_get_size(key.dptr);
250 TDB_DATA ltdb_idx_to_key(struct ldb_module *module,
251 struct ltdb_private *ltdb,
253 const struct ldb_val *idx_val)
256 struct ldb_context *ldb = ldb_module_get_ctx(module);
259 if (ltdb->cache->GUID_index_attribute != NULL) {
260 return ltdb_guid_to_key(module, ltdb, mem_ctx, idx_val);
263 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
271 key = ltdb_key_dn(module, mem_ctx, dn);
283 form a TDB_DATA for a record key
284 caller frees mem_ctx, which may or may not have the key
287 note that the key for a record can depend on whether a
288 GUID index is in use, or the DN is used as the key
290 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
291 const struct ldb_message *msg)
293 void *data = ldb_module_get_private(module);
294 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
296 const struct ldb_val *guid_val;
298 if (ltdb->cache->GUID_index_attribute == NULL) {
299 return ltdb_key_dn(module, mem_ctx, msg->dn);
302 if (ldb_dn_is_special(msg->dn)) {
303 return ltdb_key_dn(module, mem_ctx, msg->dn);
306 guid_val = ldb_msg_find_ldb_val(msg,
307 ltdb->cache->GUID_index_attribute);
308 if (guid_val == NULL) {
315 return ltdb_guid_to_key(module, ltdb, mem_ctx, guid_val);
320 check special dn's have valid attributes
321 currently only @ATTRIBUTES is checked
323 static int ltdb_check_special_dn(struct ldb_module *module,
324 const struct ldb_message *msg)
326 struct ldb_context *ldb = ldb_module_get_ctx(module);
329 if (! ldb_dn_is_special(msg->dn) ||
330 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
334 /* we have @ATTRIBUTES, let's check attributes are fine */
335 /* should we check that we deny multivalued attributes ? */
336 for (i = 0; i < msg->num_elements; i++) {
337 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
339 for (j = 0; j < msg->elements[i].num_values; j++) {
340 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
341 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
342 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
352 we've made a modification to a dn - possibly reindex and
353 update sequence number
355 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
357 int ret = LDB_SUCCESS;
358 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
360 /* only allow modifies inside a transaction, otherwise the
362 if (ltdb->in_transaction == 0) {
363 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
364 return LDB_ERR_OPERATIONS_ERROR;
367 if (ldb_dn_is_special(dn) &&
368 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
369 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
371 if (ltdb->warn_reindex) {
372 ldb_debug(ldb_module_get_ctx(module),
373 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
374 tdb_name(ltdb->tdb), ldb_dn_get_linearized(dn));
376 ret = ltdb_reindex(module);
379 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
380 if (ret == LDB_SUCCESS &&
381 !(ldb_dn_is_special(dn) &&
382 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
383 ret = ltdb_increase_sequence_number(module);
386 /* If the modify was to @OPTIONS, reload the cache */
387 if (ret == LDB_SUCCESS &&
388 ldb_dn_is_special(dn) &&
389 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
390 ret = ltdb_cache_reload(module);
397 store a record into the db
399 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
401 void *data = ldb_module_get_private(module);
402 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
403 TDB_DATA tdb_key, tdb_data;
404 struct ldb_val ldb_data;
405 int ret = LDB_SUCCESS;
406 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
408 if (tdb_key_ctx == NULL) {
409 return ldb_module_oom(module);
412 if (ltdb->read_only) {
413 return LDB_ERR_UNWILLING_TO_PERFORM;
416 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
417 if (tdb_key.dptr == NULL) {
418 TALLOC_FREE(tdb_key_ctx);
419 return LDB_ERR_OTHER;
422 ret = ldb_pack_data(ldb_module_get_ctx(module),
425 TALLOC_FREE(tdb_key_ctx);
426 return LDB_ERR_OTHER;
429 tdb_data.dptr = ldb_data.data;
430 tdb_data.dsize = ldb_data.length;
432 ret = tdb_store(ltdb->tdb, tdb_key, tdb_data, flgs);
434 bool is_special = ldb_dn_is_special(msg->dn);
435 ret = ltdb_err_map(tdb_error(ltdb->tdb));
438 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
439 * the GUID, so re-map
441 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
443 && ltdb->cache->GUID_index_attribute != NULL) {
444 ret = LDB_ERR_CONSTRAINT_VIOLATION;
450 TALLOC_FREE(tdb_key_ctx);
451 talloc_free(ldb_data.data);
458 check if a attribute is a single valued, for a given element
460 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
461 struct ldb_message_element *el)
463 if (!a) return false;
465 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
466 /* override from a ldb module, for example
467 used for the description field, which is
468 marked multi-valued in the schema but which
469 should not actually accept multiple
473 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
474 /* override from a ldb module, for example used for
475 deleted linked attribute entries */
479 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
485 static int ltdb_add_internal(struct ldb_module *module,
486 struct ltdb_private *ltdb,
487 const struct ldb_message *msg,
488 bool check_single_value)
490 struct ldb_context *ldb = ldb_module_get_ctx(module);
491 int ret = LDB_SUCCESS;
494 for (i=0;i<msg->num_elements;i++) {
495 struct ldb_message_element *el = &msg->elements[i];
496 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
498 if (el->num_values == 0) {
499 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
500 el->name, ldb_dn_get_linearized(msg->dn));
501 return LDB_ERR_CONSTRAINT_VIOLATION;
503 if (check_single_value &&
504 el->num_values > 1 &&
505 ldb_tdb_single_valued(a, el)) {
506 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
507 el->name, ldb_dn_get_linearized(msg->dn));
508 return LDB_ERR_CONSTRAINT_VIOLATION;
511 /* Do not check "@ATTRIBUTES" for duplicated values */
512 if (ldb_dn_is_special(msg->dn) &&
513 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
517 if (check_single_value &&
519 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
520 struct ldb_val *duplicate = NULL;
522 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
524 if (ret != LDB_SUCCESS) {
527 if (duplicate != NULL) {
528 ldb_asprintf_errstring(
530 "attribute '%s': value '%.*s' on '%s' "
531 "provided more than once in ADD object",
533 (int)duplicate->length,
535 ldb_dn_get_linearized(msg->dn));
536 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
541 ret = ltdb_store(module, msg, TDB_INSERT);
542 if (ret != LDB_SUCCESS) {
544 * Try really hard to get the right error code for
545 * a re-add situation, as this can matter!
547 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
549 struct ldb_dn *dn2 = NULL;
550 TALLOC_CTX *mem_ctx = talloc_new(module);
551 if (mem_ctx == NULL) {
552 return ldb_module_operr(module);
554 ret2 = ltdb_search_base(module, module,
556 TALLOC_FREE(mem_ctx);
557 if (ret2 == LDB_SUCCESS) {
558 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
561 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
562 ldb_asprintf_errstring(ldb,
563 "Entry %s already exists",
564 ldb_dn_get_linearized(msg->dn));
569 ret = ltdb_index_add_new(module, ltdb, msg);
570 if (ret != LDB_SUCCESS) {
572 * If we failed to index, delete the message again.
574 * This is particularly important for the GUID index
575 * case, which will only fail for a duplicate DN
578 * Note that the caller may not cancel the transation
579 * and this means the above add might really show up!
581 ltdb_delete_noindex(module, msg);
585 ret = ltdb_modified(module, msg->dn);
591 add a record to the database
593 static int ltdb_add(struct ltdb_context *ctx)
595 struct ldb_module *module = ctx->module;
596 struct ldb_request *req = ctx->req;
597 void *data = ldb_module_get_private(module);
598 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
599 int ret = LDB_SUCCESS;
601 ret = ltdb_check_special_dn(module, req->op.add.message);
602 if (ret != LDB_SUCCESS) {
606 ldb_request_set_state(req, LDB_ASYNC_PENDING);
608 if (ltdb_cache_load(module) != 0) {
609 return LDB_ERR_OPERATIONS_ERROR;
612 ret = ltdb_add_internal(module, ltdb,
613 req->op.add.message, true);
619 delete a record from the database, not updating indexes (used for deleting
622 int ltdb_delete_noindex(struct ldb_module *module,
623 const struct ldb_message *msg)
625 void *data = ldb_module_get_private(module);
626 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
629 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
631 if (tdb_key_ctx == NULL) {
632 return ldb_module_oom(module);
635 if (ltdb->read_only) {
636 return LDB_ERR_UNWILLING_TO_PERFORM;
639 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
641 TALLOC_FREE(tdb_key_ctx);
642 return LDB_ERR_OTHER;
645 ret = tdb_delete(ltdb->tdb, tdb_key);
646 TALLOC_FREE(tdb_key_ctx);
649 ret = ltdb_err_map(tdb_error(ltdb->tdb));
655 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
657 struct ldb_message *msg;
658 int ret = LDB_SUCCESS;
660 msg = ldb_msg_new(module);
662 return LDB_ERR_OPERATIONS_ERROR;
665 /* in case any attribute of the message was indexed, we need
666 to fetch the old record */
667 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
668 if (ret != LDB_SUCCESS) {
669 /* not finding the old record is an error */
673 ret = ltdb_delete_noindex(module, msg);
674 if (ret != LDB_SUCCESS) {
678 /* remove any indexed attributes */
679 ret = ltdb_index_delete(module, msg);
680 if (ret != LDB_SUCCESS) {
684 ret = ltdb_modified(module, dn);
685 if (ret != LDB_SUCCESS) {
695 delete a record from the database
697 static int ltdb_delete(struct ltdb_context *ctx)
699 struct ldb_module *module = ctx->module;
700 struct ldb_request *req = ctx->req;
701 int ret = LDB_SUCCESS;
703 ldb_request_set_state(req, LDB_ASYNC_PENDING);
705 if (ltdb_cache_load(module) != 0) {
706 return LDB_ERR_OPERATIONS_ERROR;
709 ret = ltdb_delete_internal(module, req->op.del.dn);
715 find an element by attribute name. At the moment this does a linear search,
716 it should be re-coded to use a binary search once all places that modify
717 records guarantee sorted order
719 return the index of the first matching element if found, otherwise -1
721 static int find_element(const struct ldb_message *msg, const char *name)
724 for (i=0;i<msg->num_elements;i++) {
725 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
734 add an element to an existing record. Assumes a elements array that we
735 can call re-alloc on, and assumed that we can re-use the data pointers from
736 the passed in additional values. Use with care!
738 returns 0 on success, -1 on failure (and sets errno)
740 static int ltdb_msg_add_element(struct ldb_message *msg,
741 struct ldb_message_element *el)
743 struct ldb_message_element *e2;
746 if (el->num_values == 0) {
747 /* nothing to do here - we don't add empty elements */
751 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
752 msg->num_elements+1);
760 e2 = &msg->elements[msg->num_elements];
763 e2->flags = el->flags;
764 e2->values = talloc_array(msg->elements,
765 struct ldb_val, el->num_values);
770 for (i=0;i<el->num_values;i++) {
771 e2->values[i] = el->values[i];
773 e2->num_values = el->num_values;
781 delete all elements having a specified attribute name
783 static int msg_delete_attribute(struct ldb_module *module,
784 struct ltdb_private *ltdb,
785 struct ldb_message *msg, const char *name)
789 struct ldb_message_element *el;
790 bool is_special = ldb_dn_is_special(msg->dn);
793 && ltdb->cache->GUID_index_attribute != NULL
794 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
795 struct ldb_context *ldb = ldb_module_get_ctx(module);
796 ldb_asprintf_errstring(ldb, "Must not modify GUID "
797 "attribute %s (used as DB index)",
798 ltdb->cache->GUID_index_attribute);
799 return LDB_ERR_CONSTRAINT_VIOLATION;
802 el = ldb_msg_find_element(msg, name);
804 return LDB_ERR_NO_SUCH_ATTRIBUTE;
806 i = el - msg->elements;
808 ret = ltdb_index_del_element(module, ltdb, msg, el);
809 if (ret != LDB_SUCCESS) {
813 talloc_free(el->values);
814 if (msg->num_elements > (i+1)) {
815 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
818 msg->elements = talloc_realloc(msg, msg->elements,
819 struct ldb_message_element,
825 delete all elements matching an attribute name/value
827 return LDB Error on failure
829 static int msg_delete_element(struct ldb_module *module,
830 struct ltdb_private *ltdb,
831 struct ldb_message *msg,
833 const struct ldb_val *val)
835 struct ldb_context *ldb = ldb_module_get_ctx(module);
838 struct ldb_message_element *el;
839 const struct ldb_schema_attribute *a;
841 found = find_element(msg, name);
843 return LDB_ERR_NO_SUCH_ATTRIBUTE;
846 i = (unsigned int) found;
847 el = &(msg->elements[i]);
849 a = ldb_schema_attribute_by_name(ldb, el->name);
851 for (i=0;i<el->num_values;i++) {
853 if (a->syntax->operator_fn) {
854 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
855 &el->values[i], val, &matched);
856 if (ret != LDB_SUCCESS) return ret;
858 matched = (a->syntax->comparison_fn(ldb, ldb,
859 &el->values[i], val) == 0);
862 if (el->num_values == 1) {
863 return msg_delete_attribute(module,
867 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
868 if (ret != LDB_SUCCESS) {
872 if (i<el->num_values-1) {
873 memmove(&el->values[i], &el->values[i+1],
874 sizeof(el->values[i])*
875 (el->num_values-(i+1)));
879 /* per definition we find in a canonicalised message an
880 attribute value only once. So we are finished here */
886 return LDB_ERR_NO_SUCH_ATTRIBUTE;
891 modify a record - internal interface
893 yuck - this is O(n^2). Luckily n is usually small so we probably
894 get away with it, but if we ever have really large attribute lists
895 then we'll need to look at this again
897 'req' is optional, and is used to specify controls if supplied
899 int ltdb_modify_internal(struct ldb_module *module,
900 const struct ldb_message *msg,
901 struct ldb_request *req)
903 struct ldb_context *ldb = ldb_module_get_ctx(module);
904 void *data = ldb_module_get_private(module);
905 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
906 struct ldb_message *msg2;
908 int ret = LDB_SUCCESS, idx;
909 struct ldb_control *control_permissive = NULL;
910 TALLOC_CTX *mem_ctx = talloc_new(req);
912 if (mem_ctx == NULL) {
913 return ldb_module_oom(module);
917 control_permissive = ldb_request_get_control(req,
918 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
921 msg2 = ldb_msg_new(mem_ctx);
927 ret = ltdb_search_dn1(module, msg->dn,
929 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
930 if (ret != LDB_SUCCESS) {
934 for (i=0; i<msg->num_elements; i++) {
935 struct ldb_message_element *el = &msg->elements[i], *el2;
936 struct ldb_val *vals;
937 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
939 uint32_t options = 0;
940 if (control_permissive != NULL) {
941 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
944 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
945 case LDB_FLAG_MOD_ADD:
947 if (el->num_values == 0) {
948 ldb_asprintf_errstring(ldb,
949 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
950 el->name, ldb_dn_get_linearized(msg2->dn));
951 ret = LDB_ERR_CONSTRAINT_VIOLATION;
955 /* make a copy of the array so that a permissive
956 * control can remove duplicates without changing the
957 * original values, but do not copy data as we do not
958 * need to keep it around once the operation is
960 if (control_permissive) {
961 el = talloc(msg2, struct ldb_message_element);
966 *el = msg->elements[i];
967 el->values = talloc_array(el, struct ldb_val, el->num_values);
968 if (el->values == NULL) {
972 for (j = 0; j < el->num_values; j++) {
973 el->values[j] = msg->elements[i].values[j];
977 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
978 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
979 el->name, ldb_dn_get_linearized(msg2->dn));
980 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
984 /* Checks if element already exists */
985 idx = find_element(msg2, el->name);
987 if (ltdb_msg_add_element(msg2, el) != 0) {
991 ret = ltdb_index_add_element(module, ltdb,
994 if (ret != LDB_SUCCESS) {
998 j = (unsigned int) idx;
999 el2 = &(msg2->elements[j]);
1001 /* We cannot add another value on a existing one
1002 if the attribute is single-valued */
1003 if (ldb_tdb_single_valued(a, el)) {
1004 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1005 el->name, ldb_dn_get_linearized(msg2->dn));
1006 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1010 /* Check that values don't exist yet on multi-
1011 valued attributes or aren't provided twice */
1013 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1014 struct ldb_val *duplicate = NULL;
1015 ret = ldb_msg_find_common_values(ldb,
1022 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1023 ldb_asprintf_errstring(ldb,
1024 "attribute '%s': value "
1025 "#%u on '%s' already "
1026 "exists", el->name, j,
1027 ldb_dn_get_linearized(msg2->dn));
1029 } else if (ret != LDB_SUCCESS) {
1033 ret = ldb_msg_find_duplicate_val(
1034 ldb, msg2, el, &duplicate, 0);
1035 if (ret != LDB_SUCCESS) {
1038 if (duplicate != NULL) {
1039 ldb_asprintf_errstring(
1041 "attribute '%s': value "
1043 "provided more than "
1046 (int)duplicate->length,
1048 ldb_dn_get_linearized(msg->dn));
1049 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1054 /* Now combine existing and new values to a new
1056 vals = talloc_realloc(msg2->elements,
1057 el2->values, struct ldb_val,
1058 el2->num_values + el->num_values);
1061 ret = LDB_ERR_OTHER;
1065 for (j=0; j<el->num_values; j++) {
1066 vals[el2->num_values + j] =
1067 ldb_val_dup(vals, &el->values[j]);
1071 el2->num_values += el->num_values;
1073 ret = ltdb_index_add_element(module, ltdb,
1075 if (ret != LDB_SUCCESS) {
1082 case LDB_FLAG_MOD_REPLACE:
1084 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1085 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1086 el->name, ldb_dn_get_linearized(msg2->dn));
1087 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1092 * We don't need to check this if we have been
1093 * pre-screened by the repl_meta_data module
1094 * in Samba, or someone else who can claim to
1095 * know what they are doing.
1097 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1098 struct ldb_val *duplicate = NULL;
1100 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1102 if (ret != LDB_SUCCESS) {
1105 if (duplicate != NULL) {
1106 ldb_asprintf_errstring(
1108 "attribute '%s': value '%.*s' "
1109 "on '%s' provided more than "
1112 (int)duplicate->length,
1114 ldb_dn_get_linearized(msg2->dn));
1115 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1120 /* Checks if element already exists */
1121 idx = find_element(msg2, el->name);
1123 j = (unsigned int) idx;
1124 el2 = &(msg2->elements[j]);
1126 /* we consider two elements to be
1127 * equal only if the order
1128 * matches. This allows dbcheck to
1129 * fix the ordering on attributes
1130 * where order matters, such as
1133 if (ldb_msg_element_equal_ordered(el, el2)) {
1137 /* Delete the attribute if it exists in the DB */
1138 if (msg_delete_attribute(module, ltdb,
1141 ret = LDB_ERR_OTHER;
1146 /* Recreate it with the new values */
1147 if (ltdb_msg_add_element(msg2, el) != 0) {
1148 ret = LDB_ERR_OTHER;
1152 ret = ltdb_index_add_element(module, ltdb,
1154 if (ret != LDB_SUCCESS) {
1160 case LDB_FLAG_MOD_DELETE:
1161 dn = ldb_dn_get_linearized(msg2->dn);
1163 ret = LDB_ERR_OTHER;
1167 if (msg->elements[i].num_values == 0) {
1168 /* Delete the whole attribute */
1169 ret = msg_delete_attribute(module,
1172 msg->elements[i].name);
1173 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1174 control_permissive) {
1177 ldb_asprintf_errstring(ldb,
1178 "attribute '%s': no such attribute for delete on '%s'",
1179 msg->elements[i].name, dn);
1181 if (ret != LDB_SUCCESS) {
1185 /* Delete specified values from an attribute */
1186 for (j=0; j < msg->elements[i].num_values; j++) {
1187 ret = msg_delete_element(module,
1190 msg->elements[i].name,
1191 &msg->elements[i].values[j]);
1192 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1193 control_permissive) {
1195 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1196 ldb_asprintf_errstring(ldb,
1197 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1198 msg->elements[i].name, dn);
1200 if (ret != LDB_SUCCESS) {
1207 ldb_asprintf_errstring(ldb,
1208 "attribute '%s': invalid modify flags on '%s': 0x%x",
1209 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1210 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1211 ret = LDB_ERR_PROTOCOL_ERROR;
1216 ret = ltdb_store(module, msg2, TDB_MODIFY);
1217 if (ret != LDB_SUCCESS) {
1221 ret = ltdb_modified(module, msg2->dn);
1222 if (ret != LDB_SUCCESS) {
1227 TALLOC_FREE(mem_ctx);
1234 static int ltdb_modify(struct ltdb_context *ctx)
1236 struct ldb_module *module = ctx->module;
1237 struct ldb_request *req = ctx->req;
1238 int ret = LDB_SUCCESS;
1240 ret = ltdb_check_special_dn(module, req->op.mod.message);
1241 if (ret != LDB_SUCCESS) {
1245 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1247 if (ltdb_cache_load(module) != 0) {
1248 return LDB_ERR_OPERATIONS_ERROR;
1251 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1259 static int ltdb_rename(struct ltdb_context *ctx)
1261 struct ldb_module *module = ctx->module;
1262 void *data = ldb_module_get_private(module);
1263 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1264 struct ldb_request *req = ctx->req;
1265 struct ldb_message *msg;
1266 int ret = LDB_SUCCESS;
1267 TDB_DATA tdb_key, tdb_key_old;
1269 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1271 if (ltdb_cache_load(ctx->module) != 0) {
1272 return LDB_ERR_OPERATIONS_ERROR;
1275 msg = ldb_msg_new(ctx);
1277 return LDB_ERR_OPERATIONS_ERROR;
1280 /* we need to fetch the old record to re-add under the new name */
1281 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1282 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1283 if (ret != LDB_SUCCESS) {
1284 /* not finding the old record is an error */
1288 /* We need to, before changing the DB, check if the new DN
1289 * exists, so we can return this error to the caller with an
1292 * Even in GUID index mode we use ltdb_key_dn() as we are
1293 * trying to figure out if this is just a case rename
1295 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1296 if (!tdb_key.dptr) {
1298 return LDB_ERR_OPERATIONS_ERROR;
1301 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1302 if (!tdb_key_old.dptr) {
1304 talloc_free(tdb_key.dptr);
1305 return LDB_ERR_OPERATIONS_ERROR;
1309 * Only declare a conflict if the new DN already exists,
1310 * and it isn't a case change on the old DN
1312 if (tdb_key_old.dsize != tdb_key.dsize
1313 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1314 ret = ltdb_search_base(module,
1315 req->op.rename.newdn);
1316 if (ret == LDB_SUCCESS) {
1317 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1318 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1323 /* finding the new record already in the DB is an error */
1325 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1326 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1327 "Entry %s already exists",
1328 ldb_dn_get_linearized(req->op.rename.newdn));
1330 if (ret != LDB_SUCCESS) {
1331 talloc_free(tdb_key_old.dptr);
1332 talloc_free(tdb_key.dptr);
1337 talloc_free(tdb_key_old.dptr);
1338 talloc_free(tdb_key.dptr);
1340 /* Always delete first then add, to avoid conflicts with
1341 * unique indexes. We rely on the transaction to make this
1344 ret = ltdb_delete_internal(module, msg->dn);
1345 if (ret != LDB_SUCCESS) {
1350 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1351 if (msg->dn == NULL) {
1353 return LDB_ERR_OPERATIONS_ERROR;
1356 /* We don't check single value as we can have more than 1 with
1357 * deleted attributes. We could go through all elements but that's
1358 * maybe not the most efficient way
1360 ret = ltdb_add_internal(module, ltdb, msg, false);
1367 static int ltdb_start_trans(struct ldb_module *module)
1369 void *data = ldb_module_get_private(module);
1370 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1372 /* Do not take out the transaction lock on a read-only DB */
1373 if (ltdb->read_only) {
1374 return LDB_ERR_UNWILLING_TO_PERFORM;
1377 if (tdb_transaction_start(ltdb->tdb) != 0) {
1378 return ltdb_err_map(tdb_error(ltdb->tdb));
1381 ltdb->in_transaction++;
1383 ltdb_index_transaction_start(module);
1388 static int ltdb_prepare_commit(struct ldb_module *module)
1391 void *data = ldb_module_get_private(module);
1392 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1394 if (ltdb->in_transaction != 1) {
1398 ret = ltdb_index_transaction_commit(module);
1399 if (ret != LDB_SUCCESS) {
1400 tdb_transaction_cancel(ltdb->tdb);
1401 ltdb->in_transaction--;
1405 if (tdb_transaction_prepare_commit(ltdb->tdb) != 0) {
1406 ret = ltdb_err_map(tdb_error(ltdb->tdb));
1407 ltdb->in_transaction--;
1408 ldb_debug_set(ldb_module_get_ctx(module),
1411 "tdb_transaction_prepare_commit(): %s -> %s",
1412 tdb_errorstr(ltdb->tdb),
1417 ltdb->prepared_commit = true;
1422 static int ltdb_end_trans(struct ldb_module *module)
1425 void *data = ldb_module_get_private(module);
1426 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1428 if (!ltdb->prepared_commit) {
1429 ret = ltdb_prepare_commit(module);
1430 if (ret != LDB_SUCCESS) {
1435 ltdb->in_transaction--;
1436 ltdb->prepared_commit = false;
1438 if (tdb_transaction_commit(ltdb->tdb) != 0) {
1439 ret = ltdb_err_map(tdb_error(ltdb->tdb));
1440 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1441 "Failure during tdb_transaction_commit(): %s -> %s",
1442 tdb_errorstr(ltdb->tdb),
1450 static int ltdb_del_trans(struct ldb_module *module)
1452 void *data = ldb_module_get_private(module);
1453 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1455 ltdb->in_transaction--;
1457 if (ltdb_index_transaction_cancel(module) != 0) {
1458 tdb_transaction_cancel(ltdb->tdb);
1459 return ltdb_err_map(tdb_error(ltdb->tdb));
1462 tdb_transaction_cancel(ltdb->tdb);
1467 return sequenceNumber from @BASEINFO
1469 static int ltdb_sequence_number(struct ltdb_context *ctx,
1470 struct ldb_extended **ext)
1472 struct ldb_context *ldb;
1473 struct ldb_module *module = ctx->module;
1474 struct ldb_request *req = ctx->req;
1475 TALLOC_CTX *tmp_ctx = NULL;
1476 struct ldb_seqnum_request *seq;
1477 struct ldb_seqnum_result *res;
1478 struct ldb_message *msg = NULL;
1481 int ret = LDB_SUCCESS;
1483 ldb = ldb_module_get_ctx(module);
1485 seq = talloc_get_type(req->op.extended.data,
1486 struct ldb_seqnum_request);
1488 return LDB_ERR_OPERATIONS_ERROR;
1491 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1493 if (ltdb_lock_read(module) != 0) {
1494 return LDB_ERR_OPERATIONS_ERROR;
1497 res = talloc_zero(req, struct ldb_seqnum_result);
1499 ret = LDB_ERR_OPERATIONS_ERROR;
1503 tmp_ctx = talloc_new(req);
1504 if (tmp_ctx == NULL) {
1505 ret = LDB_ERR_OPERATIONS_ERROR;
1509 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1511 ret = LDB_ERR_OPERATIONS_ERROR;
1515 msg = ldb_msg_new(tmp_ctx);
1517 ret = LDB_ERR_OPERATIONS_ERROR;
1521 ret = ltdb_search_dn1(module, dn, msg, 0);
1522 if (ret != LDB_SUCCESS) {
1526 switch (seq->type) {
1527 case LDB_SEQ_HIGHEST_SEQ:
1528 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1531 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1534 case LDB_SEQ_HIGHEST_TIMESTAMP:
1535 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1537 res->seq_num = ldb_string_to_time(date);
1540 /* zero is as good as anything when we don't know */
1545 *ext = talloc_zero(req, struct ldb_extended);
1547 ret = LDB_ERR_OPERATIONS_ERROR;
1550 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1551 (*ext)->data = talloc_steal(*ext, res);
1554 talloc_free(tmp_ctx);
1555 ltdb_unlock_read(module);
1559 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1561 struct ldb_context *ldb;
1562 struct ldb_request *req;
1563 struct ldb_reply *ares;
1565 ldb = ldb_module_get_ctx(ctx->module);
1568 /* if we already returned an error just return */
1569 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1573 ares = talloc_zero(req, struct ldb_reply);
1576 req->callback(req, NULL);
1579 ares->type = LDB_REPLY_DONE;
1580 ares->error = error;
1582 req->callback(req, ares);
1585 static void ltdb_timeout(struct tevent_context *ev,
1586 struct tevent_timer *te,
1590 struct ltdb_context *ctx;
1591 ctx = talloc_get_type(private_data, struct ltdb_context);
1593 if (!ctx->request_terminated) {
1594 /* request is done now */
1595 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1599 /* neutralize the spy */
1600 ctx->spy->ctx = NULL;
1606 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1607 struct ldb_extended *ext,
1610 struct ldb_context *ldb;
1611 struct ldb_request *req;
1612 struct ldb_reply *ares;
1614 ldb = ldb_module_get_ctx(ctx->module);
1617 /* if we already returned an error just return */
1618 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1622 ares = talloc_zero(req, struct ldb_reply);
1625 req->callback(req, NULL);
1628 ares->type = LDB_REPLY_DONE;
1629 ares->response = ext;
1630 ares->error = error;
1632 req->callback(req, ares);
1635 static void ltdb_handle_extended(struct ltdb_context *ctx)
1637 struct ldb_extended *ext = NULL;
1640 if (strcmp(ctx->req->op.extended.oid,
1641 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1642 /* get sequence number */
1643 ret = ltdb_sequence_number(ctx, &ext);
1645 /* not recognized */
1646 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1649 ltdb_request_extended_done(ctx, ext, ret);
1652 static void ltdb_callback(struct tevent_context *ev,
1653 struct tevent_timer *te,
1657 struct ltdb_context *ctx;
1660 ctx = talloc_get_type(private_data, struct ltdb_context);
1662 if (ctx->request_terminated) {
1666 switch (ctx->req->operation) {
1668 ret = ltdb_search(ctx);
1671 ret = ltdb_add(ctx);
1674 ret = ltdb_modify(ctx);
1677 ret = ltdb_delete(ctx);
1680 ret = ltdb_rename(ctx);
1683 ltdb_handle_extended(ctx);
1686 /* no other op supported */
1687 ret = LDB_ERR_PROTOCOL_ERROR;
1690 if (!ctx->request_terminated) {
1691 /* request is done now */
1692 ltdb_request_done(ctx, ret);
1697 /* neutralize the spy */
1698 ctx->spy->ctx = NULL;
1704 static int ltdb_request_destructor(void *ptr)
1706 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
1708 if (spy->ctx != NULL) {
1709 spy->ctx->spy = NULL;
1710 spy->ctx->request_terminated = true;
1717 static int ltdb_handle_request(struct ldb_module *module,
1718 struct ldb_request *req)
1720 struct ldb_control *control_permissive;
1721 struct ldb_context *ldb;
1722 struct tevent_context *ev;
1723 struct ltdb_context *ac;
1724 struct tevent_timer *te;
1728 ldb = ldb_module_get_ctx(module);
1730 control_permissive = ldb_request_get_control(req,
1731 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1733 for (i = 0; req->controls && req->controls[i]; i++) {
1734 if (req->controls[i]->critical &&
1735 req->controls[i] != control_permissive) {
1736 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
1737 req->controls[i]->oid);
1738 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1742 if (req->starttime == 0 || req->timeout == 0) {
1743 ldb_set_errstring(ldb, "Invalid timeout settings");
1744 return LDB_ERR_TIME_LIMIT_EXCEEDED;
1747 ev = ldb_handle_get_event_context(req->handle);
1749 ac = talloc_zero(ldb, struct ltdb_context);
1752 return LDB_ERR_OPERATIONS_ERROR;
1755 ac->module = module;
1760 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
1763 return LDB_ERR_OPERATIONS_ERROR;
1766 if (req->timeout > 0) {
1767 tv.tv_sec = req->starttime + req->timeout;
1769 ac->timeout_event = tevent_add_timer(ev, ac, tv,
1771 if (NULL == ac->timeout_event) {
1773 return LDB_ERR_OPERATIONS_ERROR;
1777 /* set a spy so that we do not try to use the request context
1778 * if it is freed before ltdb_callback fires */
1779 ac->spy = talloc(req, struct ltdb_req_spy);
1780 if (NULL == ac->spy) {
1782 return LDB_ERR_OPERATIONS_ERROR;
1786 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
1791 static int ltdb_init_rootdse(struct ldb_module *module)
1793 /* ignore errors on this - we expect it for non-sam databases */
1794 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1796 /* there can be no module beyond the backend, just return */
1800 static const struct ldb_module_ops ltdb_ops = {
1802 .init_context = ltdb_init_rootdse,
1803 .search = ltdb_handle_request,
1804 .add = ltdb_handle_request,
1805 .modify = ltdb_handle_request,
1806 .del = ltdb_handle_request,
1807 .rename = ltdb_handle_request,
1808 .extended = ltdb_handle_request,
1809 .start_transaction = ltdb_start_trans,
1810 .end_transaction = ltdb_end_trans,
1811 .prepare_commit = ltdb_prepare_commit,
1812 .del_transaction = ltdb_del_trans,
1813 .read_lock = ltdb_lock_read,
1814 .read_unlock = ltdb_unlock_read,
1818 connect to the database
1820 static int ltdb_connect(struct ldb_context *ldb, const char *url,
1821 unsigned int flags, const char *options[],
1822 struct ldb_module **_module)
1824 struct ldb_module *module;
1826 int tdb_flags, open_flags;
1827 struct ltdb_private *ltdb;
1830 * We hold locks, so we must use a private event context
1831 * on each returned handle
1834 ldb_set_require_private_event_context(ldb);
1837 if (strchr(url, ':')) {
1838 if (strncmp(url, "tdb://", 6) != 0) {
1839 ldb_debug(ldb, LDB_DEBUG_ERROR,
1840 "Invalid tdb URL '%s'", url);
1841 return LDB_ERR_OPERATIONS_ERROR;
1848 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
1850 /* check for the 'nosync' option */
1851 if (flags & LDB_FLG_NOSYNC) {
1852 tdb_flags |= TDB_NOSYNC;
1855 /* and nommap option */
1856 if (flags & LDB_FLG_NOMMAP) {
1857 tdb_flags |= TDB_NOMMAP;
1860 ltdb = talloc_zero(ldb, struct ltdb_private);
1863 return LDB_ERR_OPERATIONS_ERROR;
1866 if (flags & LDB_FLG_RDONLY) {
1868 * This is weird, but because we can only have one tdb
1869 * in this process, and the other one could be
1870 * read-write, we can't use the tdb readonly. Plus a
1871 * read only tdb prohibits the all-record lock.
1873 open_flags = O_RDWR;
1875 ltdb->read_only = true;
1877 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
1879 * This is used by ldbsearch to prevent creation of the database
1880 * if the name is wrong
1882 open_flags = O_RDWR;
1885 * This is the normal case
1887 open_flags = O_CREAT | O_RDWR;
1890 /* note that we use quite a large default hash size */
1891 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
1892 tdb_flags, open_flags,
1893 ldb_get_create_perms(ldb), ldb);
1895 ldb_asprintf_errstring(ldb,
1896 "Unable to open tdb '%s': %s", path, strerror(errno));
1897 ldb_debug(ldb, LDB_DEBUG_ERROR,
1898 "Unable to open tdb '%s': %s", path, strerror(errno));
1900 if (errno == EACCES || errno == EPERM) {
1901 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
1903 return LDB_ERR_OPERATIONS_ERROR;
1906 if (getenv("LDB_WARN_UNINDEXED")) {
1907 ltdb->warn_unindexed = true;
1910 if (getenv("LDB_WARN_REINDEX")) {
1911 ltdb->warn_reindex = true;
1914 ltdb->sequence_number = 0;
1916 module = ldb_module_new(ldb, ldb, "ldb_tdb backend", <db_ops);
1920 return LDB_ERR_OPERATIONS_ERROR;
1922 ldb_module_set_private(module, ltdb);
1923 talloc_steal(module, ltdb);
1925 if (ltdb_cache_load(module) != 0) {
1926 ldb_asprintf_errstring(ldb,
1927 "Unable to load ltdb cache records of tdb '%s'", path);
1928 talloc_free(module);
1929 return LDB_ERR_OPERATIONS_ERROR;
1936 int ldb_tdb_init(const char *version)
1938 LDB_MODULE_CHECK_VERSION(version);
1939 return ldb_register_backend("tdb", ltdb_connect, false);
git.samba.org / metze / samba / wip.git / blob