2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2004-2009
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 the stupidity of the unix fcntl locking design forces us to never
24 allow a database file to be opened twice in the same process. These
25 wrappers provide convenient access to a tdb or ldb, taking advantage
26 of talloc destructors to ensure that only a single open is done
30 #include "lib/events/events.h"
32 #include <ldb_errors.h>
33 #include "lib/ldb-samba/ldif_handlers.h"
35 #include "dsdb/samdb/samdb.h"
36 #include "param/param.h"
37 #include "../lib/util/dlinklist.h"
38 #include "lib/util/util_paths.h"
42 #define DBGC_CLASS DBGC_LDB
45 this is used to catch debug messages from ldb
47 static void ldb_wrap_debug(void *context, enum ldb_debug_level level,
48 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
50 static void ldb_wrap_debug(void *context, enum ldb_debug_level level,
51 const char *fmt, va_list ap)
61 case LDB_DEBUG_WARNING:
69 if (CHECK_DEBUGLVL(samba_level)) {
73 ret = vasprintf(&s, fmt, ap);
77 DEBUG(samba_level, ("ldb: %s\n", s));
84 connecting to a ldb can be a relatively expensive operation because
85 of the schema and partition loads. We keep a list of open ldb
86 contexts here, and try to re-use when possible.
88 This means callers of ldb_wrap_connect() must use talloc_unlink() or
89 the free of a parent to destroy the context
91 static struct ldb_wrap {
92 struct ldb_wrap *next, *prev;
93 struct ldb_wrap_context {
94 /* the context is what we use to tell if two ldb
95 * connections are exactly equivalent
97 pid_t pid; /* We want to re-open in a new PID due to
100 struct tevent_context *ev;
101 struct loadparm_context *lp_ctx;
102 struct auth_session_info *session_info;
103 struct cli_credentials *credentials;
106 struct ldb_context *ldb;
110 free a ldb_wrap structure
112 static int ldb_wrap_destructor(struct ldb_wrap *w)
114 DLIST_REMOVE(ldb_wrap_list, w);
119 * The casefolder for s4's LDB databases - Unicode-safe
121 char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n)
123 return strupper_talloc_n(mem_ctx, s, n);
127 struct ldb_context *samba_ldb_init(TALLOC_CTX *mem_ctx,
128 struct tevent_context *ev,
129 struct loadparm_context *lp_ctx,
130 struct auth_session_info *session_info,
131 struct cli_credentials *credentials)
133 struct ldb_context *ldb;
136 ldb = ldb_init(mem_ctx, ev);
141 ldb_set_modules_dir(ldb, modules_path(ldb, "ldb"));
143 ldb_set_debug(ldb, ldb_wrap_debug, NULL);
145 ldb_set_utf8_fns(ldb, NULL, wrap_casefold);
148 if (ldb_set_opaque(ldb, "sessionInfo", session_info)) {
155 if (ldb_set_opaque(ldb, "credentials", credentials)) {
161 if (ldb_set_opaque(ldb, "loadparm", lp_ctx)) {
166 /* This must be done before we load the schema, as these
167 * handlers for objectSid and objectGUID etc must take
168 * precedence over the 'binary attribute' declaration in the
170 ret = ldb_register_samba_handlers(ldb);
171 if (ret != LDB_SUCCESS) {
176 /* we usually want Samba databases to be private. If we later
177 find we need one public, we will need to add a parameter to
178 ldb_wrap_connect() */
179 ldb_set_create_perms(ldb, 0600);
184 struct ldb_context *ldb_wrap_find(const char *url,
185 struct tevent_context *ev,
186 struct loadparm_context *lp_ctx,
187 struct auth_session_info *session_info,
188 struct cli_credentials *credentials,
191 pid_t pid = getpid();
193 /* see if we can re-use an existing ldb */
194 for (w=ldb_wrap_list; w; w=w->next) {
195 if (w->context.pid == pid &&
196 w->context.ev == ev &&
197 w->context.lp_ctx == lp_ctx &&
198 w->context.session_info == session_info &&
199 w->context.credentials == credentials &&
200 w->context.flags == flags &&
201 (w->context.url == url || strcmp(w->context.url, url) == 0))
208 int samba_ldb_connect(struct ldb_context *ldb, struct loadparm_context *lp_ctx,
209 const char *url, unsigned int flags)
212 char *real_url = NULL;
214 /* allow admins to force non-sync ldb for all databases */
215 if (lpcfg_parm_bool(lp_ctx, NULL, "ldb", "nosync", false)) {
216 flags |= LDB_FLG_NOSYNC;
220 flags |= LDB_FLG_ENABLE_TRACING;
223 real_url = lpcfg_private_path(ldb, lp_ctx, url);
224 if (real_url == NULL) {
225 return LDB_ERR_OPERATIONS_ERROR;
228 ret = ldb_connect(ldb, real_url, flags, NULL);
230 if (ret != LDB_SUCCESS) {
234 /* setup for leak detection */
235 ldb_set_opaque(ldb, "wrap_url", real_url);
240 bool ldb_wrap_add(const char *url, struct tevent_context *ev,
241 struct loadparm_context *lp_ctx,
242 struct auth_session_info *session_info,
243 struct cli_credentials *credentials,
245 struct ldb_context *ldb)
248 struct ldb_wrap_context c;
250 /* add to the list of open ldb contexts */
251 w = talloc(ldb, struct ldb_wrap);
260 c.session_info = session_info;
261 c.credentials = credentials;
265 w->context.url = talloc_strdup(w, url);
266 if (w->context.url == NULL) {
271 /* take a reference to the session_info, as it is
272 * possible for the ldb to live longer than the
273 * session_info. This happens when a DRS DsBind call
274 * reuses a handle, but the original connection is
275 * shutdown. The token for the new connection is still
276 * valid, so we need the session_info to remain valid for
279 if (talloc_reference(w, session_info) == NULL) {
286 DLIST_ADD(ldb_wrap_list, w);
288 talloc_set_destructor(w, ldb_wrap_destructor);
295 wrapped connection to a ldb database
296 to close just talloc_free() the returned ldb_context
298 TODO: We need an error_string parameter
300 struct ldb_context *ldb_wrap_connect(TALLOC_CTX *mem_ctx,
301 struct tevent_context *ev,
302 struct loadparm_context *lp_ctx,
304 struct auth_session_info *session_info,
305 struct cli_credentials *credentials,
308 struct ldb_context *ldb;
312 * Unlike samdb_connect_url() do not try and cache the LDB
313 * handle, get a new one each time. Only sam.ldb is
314 * punitively expensive to open and helpful caches like this
315 * cause challenges (such as if the value for 'private dir'
319 ldb = samba_ldb_init(mem_ctx, ev, lp_ctx, session_info, credentials);
324 ret = samba_ldb_connect(ldb, lp_ctx, url, flags);
325 if (ret != LDB_SUCCESS) {
330 DEBUG(3,("ldb_wrap open of %s\n", url));
336 call tdb_reopen_all() in case there is a TDB open so we are
337 not blocked from re-opening it inside ldb_tdb.
339 void ldb_wrap_fork_hook(void)
341 if (tdb_reopen_all(1) != 0) {
342 smb_panic("tdb_reopen_all failed\n");
346 char *ldb_relative_path(struct ldb_context *ldb,
350 const char *base_url =
351 (const char *)ldb_get_opaque(ldb, "ldb_url");
352 char *path, *p, *full_name;
356 if (strncmp("tdb://", base_url, 6) == 0) {
357 base_url = base_url+6;
358 } else if (strncmp("mdb://", base_url, 6) == 0) {
359 base_url = base_url+6;
360 } else if (strncmp("ldb://", base_url, 6) == 0) {
361 base_url = base_url+6;
363 path = talloc_strdup(mem_ctx, base_url);
367 if ( (p = strrchr(path, '/')) != NULL) {
369 full_name = talloc_asprintf(mem_ctx, "%s/%s", path, name);
371 full_name = talloc_asprintf(mem_ctx, "./%s", name);