4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 * Component: ldb core API
30 * Description: core API routines interfacing to ldb backends
32 * Author: Andrew Tridgell
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
39 static int ldb_context_destructor(void *ptr)
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
53 this is used to catch debug messages from events
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
92 struct ldb_context *ldb;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
110 /* A new event context so that callers who don't want ldb
111 * operating on thier global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
116 tevent_loop_allow_nesting(ev_ctx);
119 ret = ldb_setup_wellknown_attributes(ldb);
120 if (ret != LDB_SUCCESS) {
125 ldb_set_utf8_default(ldb);
126 ldb_set_create_perms(ldb, 0666);
127 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
128 ldb_set_event_context(ldb, ev_ctx);
130 /* TODO: get timeout from options if available there */
131 ldb->default_timeout = 300; /* set default to 5 minutes */
133 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
139 try to autodetect a basedn if none specified. This fixes one of my
140 pet hates about ldapsearch, which is that you have to get a long,
141 complex basedn right to make any use of it.
143 void ldb_set_default_dns(struct ldb_context *ldb)
147 struct ldb_result *res;
148 struct ldb_dn *tmp_dn=NULL;
149 static const char *attrs[] = {
150 "rootDomainNamingContext",
151 "configurationNamingContext",
152 "schemaNamingContext",
153 "defaultNamingContext",
157 tmp_ctx = talloc_new(ldb);
158 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
159 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
160 if (ret != LDB_SUCCESS) {
161 talloc_free(tmp_ctx);
165 if (res->count != 1) {
166 talloc_free(tmp_ctx);
170 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
171 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
172 "rootDomainNamingContext");
173 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
176 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
177 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
178 "configurationNamingContext");
179 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
182 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
183 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
184 "schemaNamingContext");
185 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
188 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
189 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
190 "defaultNamingContext");
191 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
194 talloc_free(tmp_ctx);
197 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
199 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
200 return talloc_get_type(opaque, struct ldb_dn);
203 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
205 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
206 return talloc_get_type(opaque, struct ldb_dn);
209 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
211 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
212 return talloc_get_type(opaque, struct ldb_dn);
215 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
217 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
218 return talloc_get_type(opaque, struct ldb_dn);
222 connect to a database. The URL can either be one of the following forms
226 flags is made up of LDB_FLG_*
228 the options are passed uninterpreted to the backend, and are
231 int ldb_connect(struct ldb_context *ldb, const char *url,
232 unsigned int flags, const char *options[])
236 /* We seem to need to do this here, or else some utilities don't
237 * get ldb backends */
241 url2 = talloc_strdup(ldb, url);
244 return LDB_ERR_OPERATIONS_ERROR;
246 ret = ldb_set_opaque(ldb, "ldb_url", url2);
247 if (ret != LDB_SUCCESS) {
251 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
252 if (ret != LDB_SUCCESS) {
256 if (ldb_load_modules(ldb, options) != LDB_SUCCESS) {
257 ldb_debug(ldb, LDB_DEBUG_FATAL,
258 "Unable to load modules for %s: %s",
259 url, ldb_errstring(ldb));
260 return LDB_ERR_OTHER;
263 /* set the default base dn */
264 ldb_set_default_dns(ldb);
269 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
271 ldb_asprintf_errstring(ldb, "%s", err_string);
274 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
278 if (ldb->err_string) {
279 talloc_free(ldb->err_string);
282 va_start(ap, format);
283 ldb->err_string = talloc_vasprintf(ldb, format, ap);
286 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
287 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
292 void ldb_reset_err_string(struct ldb_context *ldb)
294 if (ldb->err_string) {
295 talloc_free(ldb->err_string);
296 ldb->err_string = NULL;
303 set an ldb error based on file:line
305 int ldb_error_at(struct ldb_context *ldb, int ecode,
306 const char *reason, const char *file, int line)
308 if (reason == NULL) {
309 reason = ldb_strerror(ecode);
311 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
316 #define FIRST_OP_NOERR(ldb, op) do { \
317 module = ldb->modules; \
318 while (module && module->ops->op == NULL) module = module->next; \
319 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && module) { \
320 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
321 module->ops->name); \
325 #define FIRST_OP(ldb, op) do { \
326 FIRST_OP_NOERR(ldb, op); \
327 if (module == NULL) { \
328 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
329 return LDB_ERR_OPERATIONS_ERROR; \
337 int ldb_transaction_start(struct ldb_context *ldb)
339 struct ldb_module *module;
342 ldb_debug(ldb, LDB_DEBUG_TRACE,
343 "start ldb transaction (nesting: %d)",
344 ldb->transaction_active);
346 /* explicit transaction active, count nested requests */
347 if (ldb->transaction_active) {
348 ldb->transaction_active++;
352 /* start a new transaction */
353 ldb->transaction_active++;
354 ldb->prepare_commit_done = false;
356 FIRST_OP(ldb, start_transaction);
358 ldb_reset_err_string(ldb);
360 status = module->ops->start_transaction(module);
361 if (status != LDB_SUCCESS) {
362 if (ldb->err_string == NULL) {
363 /* no error string was setup by the backend */
364 ldb_asprintf_errstring(ldb,
365 "ldb transaction start: %s (%d)",
366 ldb_strerror(status),
370 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
371 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
372 ldb_errstring(module->ldb));
378 prepare for transaction commit (first phase of two phase commit)
380 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
382 struct ldb_module *module;
385 if (ldb->prepare_commit_done) {
389 /* commit only when all nested transactions are complete */
390 if (ldb->transaction_active > 1) {
394 ldb->prepare_commit_done = true;
396 if (ldb->transaction_active < 0) {
397 ldb_debug(ldb, LDB_DEBUG_FATAL,
398 "prepare commit called but no ldb transactions are active!");
399 ldb->transaction_active = 0;
400 return LDB_ERR_OPERATIONS_ERROR;
403 /* call prepare transaction if available */
404 FIRST_OP_NOERR(ldb, prepare_commit);
405 if (module == NULL) {
409 status = module->ops->prepare_commit(module);
410 if (status != LDB_SUCCESS) {
411 ldb->transaction_active--;
412 /* if a module fails the prepare then we need
413 to call the end transaction for everyone */
414 FIRST_OP(ldb, del_transaction);
415 module->ops->del_transaction(module);
416 if (ldb->err_string == NULL) {
417 /* no error string was setup by the backend */
418 ldb_asprintf_errstring(ldb,
419 "ldb transaction prepare commit: %s (%d)",
420 ldb_strerror(status),
423 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
424 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
425 ldb_errstring(module->ldb));
436 int ldb_transaction_commit(struct ldb_context *ldb)
438 struct ldb_module *module;
441 status = ldb_transaction_prepare_commit(ldb);
442 if (status != LDB_SUCCESS) {
446 ldb->transaction_active--;
448 ldb_debug(ldb, LDB_DEBUG_TRACE,
449 "commit ldb transaction (nesting: %d)",
450 ldb->transaction_active);
452 /* commit only when all nested transactions are complete */
453 if (ldb->transaction_active > 0) {
457 if (ldb->transaction_active < 0) {
458 ldb_debug(ldb, LDB_DEBUG_FATAL,
459 "commit called but no ldb transactions are active!");
460 ldb->transaction_active = 0;
461 return LDB_ERR_OPERATIONS_ERROR;
464 ldb_reset_err_string(ldb);
466 FIRST_OP(ldb, end_transaction);
467 status = module->ops->end_transaction(module);
468 if (status != LDB_SUCCESS) {
469 if (ldb->err_string == NULL) {
470 /* no error string was setup by the backend */
471 ldb_asprintf_errstring(ldb,
472 "ldb transaction commit: %s (%d)",
473 ldb_strerror(status),
476 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
477 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
478 ldb_errstring(module->ldb));
480 /* cancel the transaction */
481 FIRST_OP(ldb, del_transaction);
482 module->ops->del_transaction(module);
491 int ldb_transaction_cancel(struct ldb_context *ldb)
493 struct ldb_module *module;
496 ldb->transaction_active--;
498 ldb_debug(ldb, LDB_DEBUG_TRACE,
499 "cancel ldb transaction (nesting: %d)",
500 ldb->transaction_active);
502 /* really cancel only if all nested transactions are complete */
503 if (ldb->transaction_active > 0) {
507 if (ldb->transaction_active < 0) {
508 ldb_debug(ldb, LDB_DEBUG_FATAL,
509 "cancel called but no ldb transactions are active!");
510 ldb->transaction_active = 0;
511 return LDB_ERR_OPERATIONS_ERROR;
514 FIRST_OP(ldb, del_transaction);
516 status = module->ops->del_transaction(module);
517 if (status != LDB_SUCCESS) {
518 if (ldb->err_string == NULL) {
519 /* no error string was setup by the backend */
520 ldb_asprintf_errstring(ldb,
521 "ldb transaction cancel: %s (%d)",
522 ldb_strerror(status),
525 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
526 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
527 ldb_errstring(module->ldb));
534 cancel a transaction with no error if no transaction is pending
535 used when we fork() to clear any parent transactions
537 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
539 if (ldb->transaction_active > 0) {
540 return ldb_transaction_cancel(ldb);
546 /* autostarts a transaction if none active */
547 static int ldb_autotransaction_request(struct ldb_context *ldb,
548 struct ldb_request *req)
552 ret = ldb_transaction_start(ldb);
553 if (ret != LDB_SUCCESS) {
557 ret = ldb_request(ldb, req);
558 if (ret == LDB_SUCCESS) {
559 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
562 if (ret == LDB_SUCCESS) {
563 return ldb_transaction_commit(ldb);
565 ldb_transaction_cancel(ldb);
570 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
572 struct tevent_context *ev;
576 return ldb_error(handle->ldb, LDB_ERR_UNAVAILABLE, NULL);
579 if (handle->state == LDB_ASYNC_DONE) {
580 if ((handle->status != LDB_SUCCESS) &&
581 (handle->ldb->err_string == NULL)) {
582 /* if no error string was setup by the backend */
583 ldb_asprintf_errstring(handle->ldb, "ldb_wait: %s (%d)",
584 ldb_strerror(handle->status),
587 return handle->status;
590 ev = ldb_get_event_context(handle->ldb);
592 return ldb_oom(handle->ldb);
597 ret = tevent_loop_once(ev);
599 return ldb_operr(handle->ldb);
601 if (handle->status != LDB_SUCCESS) {
602 if (handle->ldb->err_string == NULL) {
604 * if no error string was setup by the backend
606 ldb_asprintf_errstring(handle->ldb,
608 ldb_strerror(handle->status),
611 return handle->status;
616 while (handle->state != LDB_ASYNC_DONE) {
617 ret = tevent_loop_once(ev);
619 return ldb_operr(handle->ldb);
621 if (handle->status != LDB_SUCCESS) {
622 if (handle->ldb->err_string == NULL) {
624 * if no error string was setup by the
627 ldb_asprintf_errstring(handle->ldb,
629 ldb_strerror(handle->status),
632 return handle->status;
635 if (handle->status != LDB_SUCCESS) {
636 if (handle->ldb->err_string == NULL) {
638 * if no error string was setup by the backend
640 ldb_asprintf_errstring(handle->ldb,
642 ldb_strerror(handle->status),
645 return handle->status;
653 /* set the specified timeout or, if timeout is 0 set the default timeout */
654 int ldb_set_timeout(struct ldb_context *ldb,
655 struct ldb_request *req,
658 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
661 req->timeout = timeout;
663 req->timeout = ldb->default_timeout;
665 req->starttime = time(NULL);
670 /* calculates the new timeout based on the previous starttime and timeout */
671 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
672 struct ldb_request *oldreq,
673 struct ldb_request *newreq)
675 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
677 if (oldreq == NULL) {
678 return ldb_set_timeout(ldb, newreq, 0);
681 newreq->starttime = oldreq->starttime;
682 newreq->timeout = oldreq->timeout;
689 set the permissions for new files to be passed to open() in
690 backends that use local files
692 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
694 ldb->create_perms = perms;
697 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
699 return ldb->create_perms;
702 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
707 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
712 void ldb_request_set_state(struct ldb_request *req, int state)
714 req->handle->state = state;
717 int ldb_request_get_status(struct ldb_request *req)
719 return req->handle->status;
726 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
728 TALLOC_CTX *tmp_ctx = talloc_new(req);
730 struct ldb_ldif ldif;
732 switch (req->operation) {
734 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
735 ldb_debug_add(ldb, " dn: %s\n",
736 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
737 ldb_dn_get_linearized(req->op.search.base));
738 ldb_debug_add(ldb, " scope: %s\n",
739 req->op.search.scope==LDB_SCOPE_BASE?"base":
740 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
741 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
742 ldb_debug_add(ldb, " expr: %s\n",
743 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
744 if (req->op.search.attrs == NULL) {
745 ldb_debug_add(ldb, " attr: <ALL>\n");
747 for (i=0; req->op.search.attrs[i]; i++) {
748 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
753 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
754 ldb_debug_add(ldb, " dn: %s\n",
755 ldb_dn_get_linearized(req->op.del.dn));
758 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
759 ldb_debug_add(ldb, " olddn: %s\n",
760 ldb_dn_get_linearized(req->op.rename.olddn));
761 ldb_debug_add(ldb, " newdn: %s\n",
762 ldb_dn_get_linearized(req->op.rename.newdn));
765 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
766 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
767 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
770 ldif.changetype = LDB_CHANGETYPE_ADD;
771 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
773 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
777 * ldb_ldif_write_redacted_trace_string() is CRITICAL
778 * for security. It ensures that we do not output
779 * passwords into debug logs
782 ldb_debug_add(req->handle->ldb, "%s\n",
783 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
786 ldif.changetype = LDB_CHANGETYPE_MODIFY;
787 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
789 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
793 * ldb_ldif_write_redacted_trace_string() is CRITICAL
794 * for security. It ensures that we do not output
795 * passwords into debug logs
798 ldb_debug_add(req->handle->ldb, "%s\n",
799 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
801 case LDB_REQ_REGISTER_CONTROL:
802 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
803 ldb_debug_add(req->handle->ldb, "%s\n",
804 req->op.reg_control.oid);
806 case LDB_REQ_REGISTER_PARTITION:
807 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
808 ldb_debug_add(req->handle->ldb, "%s\n",
809 ldb_dn_get_linearized(req->op.reg_partition.dn));
812 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
817 if (req->controls == NULL) {
818 ldb_debug_add(ldb, " control: <NONE>\n");
820 for (i=0; req->controls && req->controls[i]; i++) {
821 if (req->controls[i]->oid) {
822 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
823 req->controls[i]->oid,
824 req->controls[i]->critical,
825 req->controls[i]->data?"yes":"no");
830 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
832 talloc_free(tmp_ctx);
836 check that the element flags don't have any internal bits set
838 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
839 const struct ldb_message *message)
842 for (i=0; i<message->num_elements; i++) {
843 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
844 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
845 message->elements[i].flags, message->elements[i].name,
846 ldb_dn_get_linearized(message->dn));
847 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
856 NOTE: the request must be a talloc context.
857 returns LDB_ERR_* on errors.
859 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
861 struct ldb_module *module;
864 if (req->callback == NULL) {
865 ldb_set_errstring(ldb, "Requests MUST define callbacks");
866 return LDB_ERR_UNWILLING_TO_PERFORM;
869 ldb_reset_err_string(ldb);
871 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
872 ldb_trace_request(ldb, req);
875 /* call the first module in the chain */
876 switch (req->operation) {
878 /* due to "ldb_build_search_req" base DN always != NULL */
879 if (!ldb_dn_validate(req->op.search.base)) {
880 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
881 ldb_dn_get_linearized(req->op.search.base));
882 return LDB_ERR_INVALID_DN_SYNTAX;
884 FIRST_OP(ldb, search);
885 ret = module->ops->search(module, req);
888 if (!ldb_dn_validate(req->op.add.message->dn)) {
889 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
890 ldb_dn_get_linearized(req->op.add.message->dn));
891 return LDB_ERR_INVALID_DN_SYNTAX;
894 * we have to normalize here, as so many places
895 * in modules and backends assume we don't have two
896 * elements with the same name
898 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
899 discard_const(&req->op.add.message));
900 if (ret != LDB_SUCCESS) {
905 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
906 if (ret != LDB_SUCCESS) {
908 * "ldb_msg_check_element_flags" generates an error
913 ret = module->ops->add(module, req);
916 if (!ldb_dn_validate(req->op.mod.message->dn)) {
917 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
918 ldb_dn_get_linearized(req->op.mod.message->dn));
919 return LDB_ERR_INVALID_DN_SYNTAX;
921 FIRST_OP(ldb, modify);
922 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
923 if (ret != LDB_SUCCESS) {
925 * "ldb_msg_check_element_flags" generates an error
930 ret = module->ops->modify(module, req);
933 if (!ldb_dn_validate(req->op.del.dn)) {
934 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
935 ldb_dn_get_linearized(req->op.del.dn));
936 return LDB_ERR_INVALID_DN_SYNTAX;
939 ret = module->ops->del(module, req);
942 if (!ldb_dn_validate(req->op.rename.olddn)) {
943 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
944 ldb_dn_get_linearized(req->op.rename.olddn));
945 return LDB_ERR_INVALID_DN_SYNTAX;
947 if (!ldb_dn_validate(req->op.rename.newdn)) {
948 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
949 ldb_dn_get_linearized(req->op.rename.newdn));
950 return LDB_ERR_INVALID_DN_SYNTAX;
952 FIRST_OP(ldb, rename);
953 ret = module->ops->rename(module, req);
956 FIRST_OP(ldb, extended);
957 ret = module->ops->extended(module, req);
960 FIRST_OP(ldb, request);
961 ret = module->ops->request(module, req);
965 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
966 /* if no error string was setup by the backend */
967 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
968 ldb_strerror(ret), ret);
974 int ldb_request_done(struct ldb_request *req, int status)
976 req->handle->state = LDB_ASYNC_DONE;
977 req->handle->status = status;
982 search the database given a LDAP-like search expression
984 returns an LDB error code
986 Use talloc_free to free the ldb_message returned in 'res', if successful
989 int ldb_search_default_callback(struct ldb_request *req,
990 struct ldb_reply *ares)
992 struct ldb_result *res;
995 res = talloc_get_type(req->context, struct ldb_result);
998 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1000 if (ares->error != LDB_SUCCESS) {
1001 return ldb_request_done(req, ares->error);
1004 switch (ares->type) {
1005 case LDB_REPLY_ENTRY:
1006 res->msgs = talloc_realloc(res, res->msgs,
1007 struct ldb_message *, res->count + 2);
1009 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1012 res->msgs[res->count + 1] = NULL;
1014 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1018 case LDB_REPLY_REFERRAL:
1020 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1025 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1027 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1030 res->refs[n] = talloc_move(res->refs, &ares->referral);
1031 res->refs[n + 1] = NULL;
1034 case LDB_REPLY_DONE:
1035 /* TODO: we should really support controls on entries
1036 * and referrals too! */
1037 res->controls = talloc_move(res, &ares->controls);
1039 /* this is the last message, and means the request is done */
1040 /* we have to signal and eventual ldb_wait() waiting that the
1041 * async request operation was completed */
1043 return ldb_request_done(req, LDB_SUCCESS);
1051 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1053 struct ldb_result *res;
1057 res = talloc_get_type(req->context, struct ldb_result);
1060 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1063 if (ares->error != LDB_SUCCESS) {
1066 return ldb_request_done(req, ret);
1069 switch (ares->type) {
1070 case LDB_REPLY_REFERRAL:
1072 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1077 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1079 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1082 res->refs[n] = talloc_move(res->refs, &ares->referral);
1083 res->refs[n + 1] = NULL;
1086 case LDB_REPLY_DONE:
1088 return ldb_request_done(req, LDB_SUCCESS);
1091 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1092 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1096 return ldb_request_done(req, LDB_SUCCESS);
1099 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1104 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1107 if (ares->error != LDB_SUCCESS) {
1110 return ldb_request_done(req, ret);
1113 if (ares->type != LDB_REPLY_DONE) {
1115 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1116 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1120 return ldb_request_done(req, LDB_SUCCESS);
1123 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1124 struct ldb_context *ldb,
1125 TALLOC_CTX *mem_ctx,
1126 struct ldb_dn *base,
1127 enum ldb_scope scope,
1128 struct ldb_parse_tree *tree,
1129 const char * const *attrs,
1130 struct ldb_control **controls,
1132 ldb_request_callback_t callback,
1133 struct ldb_request *parent)
1135 struct ldb_request *req;
1139 req = talloc(mem_ctx, struct ldb_request);
1142 return LDB_ERR_OPERATIONS_ERROR;
1145 req->operation = LDB_SEARCH;
1147 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1149 req->op.search.base = base;
1151 req->op.search.scope = scope;
1153 req->op.search.tree = tree;
1154 if (req->op.search.tree == NULL) {
1155 ldb_set_errstring(ldb, "'tree' can't be NULL");
1157 return LDB_ERR_OPERATIONS_ERROR;
1160 req->op.search.attrs = attrs;
1161 req->controls = controls;
1162 req->context = context;
1163 req->callback = callback;
1165 ldb_set_timeout_from_prev_req(ldb, parent, req);
1167 req->handle = ldb_handle_new(req, ldb);
1168 if (req->handle == NULL) {
1170 return LDB_ERR_OPERATIONS_ERROR;
1174 req->handle->nesting++;
1175 req->handle->parent = parent;
1176 req->handle->flags = parent->handle->flags;
1177 req->handle->custom_flags = parent->handle->custom_flags;
1184 int ldb_build_search_req(struct ldb_request **ret_req,
1185 struct ldb_context *ldb,
1186 TALLOC_CTX *mem_ctx,
1187 struct ldb_dn *base,
1188 enum ldb_scope scope,
1189 const char *expression,
1190 const char * const *attrs,
1191 struct ldb_control **controls,
1193 ldb_request_callback_t callback,
1194 struct ldb_request *parent)
1196 struct ldb_parse_tree *tree;
1199 tree = ldb_parse_tree(mem_ctx, expression);
1201 ldb_set_errstring(ldb, "Unable to parse search expression");
1202 return LDB_ERR_OPERATIONS_ERROR;
1205 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1206 scope, tree, attrs, controls,
1207 context, callback, parent);
1208 if (ret == LDB_SUCCESS) {
1209 talloc_steal(*ret_req, tree);
1214 int ldb_build_add_req(struct ldb_request **ret_req,
1215 struct ldb_context *ldb,
1216 TALLOC_CTX *mem_ctx,
1217 const struct ldb_message *message,
1218 struct ldb_control **controls,
1220 ldb_request_callback_t callback,
1221 struct ldb_request *parent)
1223 struct ldb_request *req;
1227 req = talloc(mem_ctx, struct ldb_request);
1229 ldb_set_errstring(ldb, "Out of Memory");
1230 return LDB_ERR_OPERATIONS_ERROR;
1233 req->operation = LDB_ADD;
1234 req->op.add.message = message;
1235 req->controls = controls;
1236 req->context = context;
1237 req->callback = callback;
1239 ldb_set_timeout_from_prev_req(ldb, parent, req);
1241 req->handle = ldb_handle_new(req, ldb);
1242 if (req->handle == NULL) {
1244 return LDB_ERR_OPERATIONS_ERROR;
1248 req->handle->nesting++;
1249 req->handle->parent = parent;
1250 req->handle->flags = parent->handle->flags;
1251 req->handle->custom_flags = parent->handle->custom_flags;
1259 int ldb_build_mod_req(struct ldb_request **ret_req,
1260 struct ldb_context *ldb,
1261 TALLOC_CTX *mem_ctx,
1262 const struct ldb_message *message,
1263 struct ldb_control **controls,
1265 ldb_request_callback_t callback,
1266 struct ldb_request *parent)
1268 struct ldb_request *req;
1272 req = talloc(mem_ctx, struct ldb_request);
1274 ldb_set_errstring(ldb, "Out of Memory");
1275 return LDB_ERR_OPERATIONS_ERROR;
1278 req->operation = LDB_MODIFY;
1279 req->op.mod.message = message;
1280 req->controls = controls;
1281 req->context = context;
1282 req->callback = callback;
1284 ldb_set_timeout_from_prev_req(ldb, parent, req);
1286 req->handle = ldb_handle_new(req, ldb);
1287 if (req->handle == NULL) {
1289 return LDB_ERR_OPERATIONS_ERROR;
1293 req->handle->nesting++;
1294 req->handle->parent = parent;
1295 req->handle->flags = parent->handle->flags;
1296 req->handle->custom_flags = parent->handle->custom_flags;
1304 int ldb_build_del_req(struct ldb_request **ret_req,
1305 struct ldb_context *ldb,
1306 TALLOC_CTX *mem_ctx,
1308 struct ldb_control **controls,
1310 ldb_request_callback_t callback,
1311 struct ldb_request *parent)
1313 struct ldb_request *req;
1317 req = talloc(mem_ctx, struct ldb_request);
1319 ldb_set_errstring(ldb, "Out of Memory");
1320 return LDB_ERR_OPERATIONS_ERROR;
1323 req->operation = LDB_DELETE;
1324 req->op.del.dn = dn;
1325 req->controls = controls;
1326 req->context = context;
1327 req->callback = callback;
1329 ldb_set_timeout_from_prev_req(ldb, parent, req);
1331 req->handle = ldb_handle_new(req, ldb);
1332 if (req->handle == NULL) {
1334 return LDB_ERR_OPERATIONS_ERROR;
1338 req->handle->nesting++;
1339 req->handle->parent = parent;
1340 req->handle->flags = parent->handle->flags;
1341 req->handle->custom_flags = parent->handle->custom_flags;
1349 int ldb_build_rename_req(struct ldb_request **ret_req,
1350 struct ldb_context *ldb,
1351 TALLOC_CTX *mem_ctx,
1352 struct ldb_dn *olddn,
1353 struct ldb_dn *newdn,
1354 struct ldb_control **controls,
1356 ldb_request_callback_t callback,
1357 struct ldb_request *parent)
1359 struct ldb_request *req;
1363 req = talloc(mem_ctx, struct ldb_request);
1365 ldb_set_errstring(ldb, "Out of Memory");
1366 return LDB_ERR_OPERATIONS_ERROR;
1369 req->operation = LDB_RENAME;
1370 req->op.rename.olddn = olddn;
1371 req->op.rename.newdn = newdn;
1372 req->controls = controls;
1373 req->context = context;
1374 req->callback = callback;
1376 ldb_set_timeout_from_prev_req(ldb, parent, req);
1378 req->handle = ldb_handle_new(req, ldb);
1379 if (req->handle == NULL) {
1381 return LDB_ERR_OPERATIONS_ERROR;
1385 req->handle->nesting++;
1386 req->handle->parent = parent;
1387 req->handle->flags = parent->handle->flags;
1388 req->handle->custom_flags = parent->handle->custom_flags;
1396 int ldb_extended_default_callback(struct ldb_request *req,
1397 struct ldb_reply *ares)
1399 struct ldb_result *res;
1401 res = talloc_get_type(req->context, struct ldb_result);
1404 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1406 if (ares->error != LDB_SUCCESS) {
1407 return ldb_request_done(req, ares->error);
1410 if (ares->type == LDB_REPLY_DONE) {
1412 /* TODO: we should really support controls on entries and referrals too! */
1413 res->extended = talloc_move(res, &ares->response);
1414 res->controls = talloc_move(res, &ares->controls);
1417 return ldb_request_done(req, LDB_SUCCESS);
1421 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1422 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1425 int ldb_build_extended_req(struct ldb_request **ret_req,
1426 struct ldb_context *ldb,
1427 TALLOC_CTX *mem_ctx,
1430 struct ldb_control **controls,
1432 ldb_request_callback_t callback,
1433 struct ldb_request *parent)
1435 struct ldb_request *req;
1439 req = talloc(mem_ctx, struct ldb_request);
1441 ldb_set_errstring(ldb, "Out of Memory");
1442 return LDB_ERR_OPERATIONS_ERROR;
1445 req->operation = LDB_EXTENDED;
1446 req->op.extended.oid = oid;
1447 req->op.extended.data = data;
1448 req->controls = controls;
1449 req->context = context;
1450 req->callback = callback;
1452 ldb_set_timeout_from_prev_req(ldb, parent, req);
1454 req->handle = ldb_handle_new(req, ldb);
1455 if (req->handle == NULL) {
1457 return LDB_ERR_OPERATIONS_ERROR;
1461 req->handle->nesting++;
1462 req->handle->parent = parent;
1463 req->handle->flags = parent->handle->flags;
1464 req->handle->custom_flags = parent->handle->custom_flags;
1472 int ldb_extended(struct ldb_context *ldb,
1475 struct ldb_result **_res)
1477 struct ldb_request *req;
1479 struct ldb_result *res;
1484 res = talloc_zero(ldb, struct ldb_result);
1486 return LDB_ERR_OPERATIONS_ERROR;
1489 ret = ldb_build_extended_req(&req, ldb, ldb,
1491 res, ldb_extended_default_callback,
1493 ldb_req_set_location(req, "ldb_extended");
1495 if (ret != LDB_SUCCESS) goto done;
1497 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1499 ret = ldb_request(ldb, req);
1501 if (ret == LDB_SUCCESS) {
1502 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1506 if (ret != LDB_SUCCESS) {
1518 note that ldb_search() will automatically replace a NULL 'base' value
1519 with the defaultNamingContext from the rootDSE if available.
1521 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1522 struct ldb_result **result, struct ldb_dn *base,
1523 enum ldb_scope scope, const char * const *attrs,
1524 const char *exp_fmt, ...)
1526 struct ldb_request *req;
1527 struct ldb_result *res;
1536 res = talloc_zero(mem_ctx, struct ldb_result);
1538 return LDB_ERR_OPERATIONS_ERROR;
1542 va_start(ap, exp_fmt);
1543 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1548 return LDB_ERR_OPERATIONS_ERROR;
1552 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1553 base?base:ldb_get_default_basedn(ldb),
1559 ldb_search_default_callback,
1561 ldb_req_set_location(req, "ldb_search");
1563 if (ret != LDB_SUCCESS) goto done;
1565 ret = ldb_request(ldb, req);
1567 if (ret == LDB_SUCCESS) {
1568 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1572 if (ret != LDB_SUCCESS) {
1577 talloc_free(expression);
1585 add a record to the database. Will fail if a record with the given class
1586 and key already exists
1588 int ldb_add(struct ldb_context *ldb,
1589 const struct ldb_message *message)
1591 struct ldb_request *req;
1594 ret = ldb_msg_sanity_check(ldb, message);
1595 if (ret != LDB_SUCCESS) {
1599 ret = ldb_build_add_req(&req, ldb, ldb,
1603 ldb_op_default_callback,
1605 ldb_req_set_location(req, "ldb_add");
1607 if (ret != LDB_SUCCESS) return ret;
1609 /* do request and autostart a transaction */
1610 ret = ldb_autotransaction_request(ldb, req);
1617 modify the specified attributes of a record
1619 int ldb_modify(struct ldb_context *ldb,
1620 const struct ldb_message *message)
1622 struct ldb_request *req;
1625 ret = ldb_msg_sanity_check(ldb, message);
1626 if (ret != LDB_SUCCESS) {
1630 ret = ldb_build_mod_req(&req, ldb, ldb,
1634 ldb_op_default_callback,
1636 ldb_req_set_location(req, "ldb_modify");
1638 if (ret != LDB_SUCCESS) return ret;
1640 /* do request and autostart a transaction */
1641 ret = ldb_autotransaction_request(ldb, req);
1649 delete a record from the database
1651 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1653 struct ldb_request *req;
1656 ret = ldb_build_del_req(&req, ldb, ldb,
1660 ldb_op_default_callback,
1662 ldb_req_set_location(req, "ldb_delete");
1664 if (ret != LDB_SUCCESS) return ret;
1666 /* do request and autostart a transaction */
1667 ret = ldb_autotransaction_request(ldb, req);
1674 rename a record in the database
1676 int ldb_rename(struct ldb_context *ldb,
1677 struct ldb_dn *olddn, struct ldb_dn *newdn)
1679 struct ldb_request *req;
1682 ret = ldb_build_rename_req(&req, ldb, ldb,
1687 ldb_op_default_callback,
1689 ldb_req_set_location(req, "ldb_rename");
1691 if (ret != LDB_SUCCESS) return ret;
1693 /* do request and autostart a transaction */
1694 ret = ldb_autotransaction_request(ldb, req);
1702 return the global sequence number
1704 int ldb_sequence_number(struct ldb_context *ldb,
1705 enum ldb_sequence_type type, uint64_t *seq_num)
1707 struct ldb_seqnum_request *seq;
1708 struct ldb_seqnum_result *seqr;
1709 struct ldb_result *res;
1710 TALLOC_CTX *tmp_ctx;
1715 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1716 if (tmp_ctx == NULL) {
1717 ldb_set_errstring(ldb, "Out of Memory");
1718 return LDB_ERR_OPERATIONS_ERROR;
1720 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1722 ldb_set_errstring(ldb, "Out of Memory");
1723 ret = LDB_ERR_OPERATIONS_ERROR;
1728 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1729 if (ret != LDB_SUCCESS) {
1732 talloc_steal(tmp_ctx, res);
1734 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1735 ldb_set_errstring(ldb, "Invalid OID in reply");
1736 ret = LDB_ERR_OPERATIONS_ERROR;
1739 seqr = talloc_get_type(res->extended->data,
1740 struct ldb_seqnum_result);
1741 *seq_num = seqr->seq_num;
1744 talloc_free(tmp_ctx);
1749 return extended error information
1751 const char *ldb_errstring(struct ldb_context *ldb)
1753 if (ldb->err_string) {
1754 return ldb->err_string;
1761 return a string explaining what a ldb error constant meancs
1763 const char *ldb_strerror(int ldb_err)
1768 case LDB_ERR_OPERATIONS_ERROR:
1769 return "Operations error";
1770 case LDB_ERR_PROTOCOL_ERROR:
1771 return "Protocol error";
1772 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1773 return "Time limit exceeded";
1774 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1775 return "Size limit exceeded";
1776 case LDB_ERR_COMPARE_FALSE:
1777 return "Compare false";
1778 case LDB_ERR_COMPARE_TRUE:
1779 return "Compare true";
1780 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
1781 return "Auth method not supported";
1782 case LDB_ERR_STRONG_AUTH_REQUIRED:
1783 return "Strong auth required";
1785 case LDB_ERR_REFERRAL:
1786 return "Referral error";
1787 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
1788 return "Admin limit exceeded";
1789 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
1790 return "Unsupported critical extension";
1791 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
1792 return "Confidentiality required";
1793 case LDB_ERR_SASL_BIND_IN_PROGRESS:
1794 return "SASL bind in progress";
1795 case LDB_ERR_NO_SUCH_ATTRIBUTE:
1796 return "No such attribute";
1797 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
1798 return "Undefined attribute type";
1799 case LDB_ERR_INAPPROPRIATE_MATCHING:
1800 return "Inappropriate matching";
1801 case LDB_ERR_CONSTRAINT_VIOLATION:
1802 return "Constraint violation";
1803 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
1804 return "Attribute or value exists";
1805 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
1806 return "Invalid attribute syntax";
1808 case LDB_ERR_NO_SUCH_OBJECT:
1809 return "No such object";
1810 case LDB_ERR_ALIAS_PROBLEM:
1811 return "Alias problem";
1812 case LDB_ERR_INVALID_DN_SYNTAX:
1813 return "Invalid DN syntax";
1815 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
1816 return "Alias dereferencing problem";
1818 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
1819 return "Inappropriate authentication";
1820 case LDB_ERR_INVALID_CREDENTIALS:
1821 return "Invalid credentials";
1822 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
1823 return "insufficient access rights";
1826 case LDB_ERR_UNAVAILABLE:
1827 return "Unavailable";
1828 case LDB_ERR_UNWILLING_TO_PERFORM:
1829 return "Unwilling to perform";
1830 case LDB_ERR_LOOP_DETECT:
1831 return "Loop detect";
1833 case LDB_ERR_NAMING_VIOLATION:
1834 return "Naming violation";
1835 case LDB_ERR_OBJECT_CLASS_VIOLATION:
1836 return "Object class violation";
1837 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
1838 return "Not allowed on non-leaf";
1839 case LDB_ERR_NOT_ALLOWED_ON_RDN:
1840 return "Not allowed on RDN";
1841 case LDB_ERR_ENTRY_ALREADY_EXISTS:
1842 return "Entry already exists";
1843 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
1844 return "Object class mods prohibited";
1845 /* 70 RESERVED FOR CLDAP */
1846 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
1847 return "Affects multiple DSAs";
1853 return "Unknown error";
1857 set backend specific opaque parameters
1859 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
1861 struct ldb_opaque *o;
1863 /* allow updating an existing value */
1864 for (o=ldb->opaque;o;o=o->next) {
1865 if (strcmp(o->name, name) == 0) {
1871 o = talloc(ldb, struct ldb_opaque);
1874 return LDB_ERR_OTHER;
1876 o->next = ldb->opaque;
1884 get a previously set opaque value
1886 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
1888 struct ldb_opaque *o;
1889 for (o=ldb->opaque;o;o=o->next) {
1890 if (strcmp(o->name, name) == 0) {
1897 int ldb_global_init(void)
1899 /* Provided for compatibility with some older versions of ldb */
1903 /* return the ldb flags */
1904 unsigned int ldb_get_flags(struct ldb_context *ldb)
1909 /* set the ldb flags */
1910 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
1917 set the location in a ldb request. Used for debugging
1919 void ldb_req_set_location(struct ldb_request *req, const char *location)
1921 if (req && req->handle) {
1922 req->handle->location = location;
1927 return the location set with dsdb_req_set_location
1929 const char *ldb_req_location(struct ldb_request *req)
1931 return req->handle->location;
1935 mark a request as untrusted. This tells the rootdse module to remove
1936 unregistered controls
1938 void ldb_req_mark_untrusted(struct ldb_request *req)
1940 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
1944 mark a request as trusted.
1946 void ldb_req_mark_trusted(struct ldb_request *req)
1948 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
1952 set custom flags. Those flags are set by applications using ldb,
1953 they are application dependent and the same bit can have different
1954 meaning in different application.
1956 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
1958 if (req != NULL && req->handle != NULL) {
1959 req->handle->custom_flags = flags;
1965 get custom flags. Those flags are set by applications using ldb,
1966 they are application dependent and the same bit can have different
1967 meaning in different application.
1969 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
1971 if (req != NULL && req->handle != NULL) {
1972 return req->handle->custom_flags;
1976 * 0 is not something any better or worse than
1977 * anything else as req or the handle is NULL
1984 * return true if a request is untrusted
1986 bool ldb_req_is_untrusted(struct ldb_request *req)
1988 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;