4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2004
6 Copyright (C) Simo Sorce 2006-2008
7 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
9 ** NOTE! The following LGPL license applies to the ldb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
30 * Component: ldb tdb backend
32 * Description: core functions for tdb backend
34 * Author: Andrew Tridgell
35 * Author: Stefan Metzmacher
39 * - description: make the module use asynchronous calls
43 * - description: make it possible to use event contexts
47 * - description: fix up memory leaks and small bugs
49 * Author: Matthias Dieter Wallnöfer
53 #include "ldb_private.h"
57 prevent memory errors on callbacks
60 struct ltdb_context *ctx;
64 map a tdb error code to a ldb error code
66 int ltdb_err_map(enum TDB_ERROR tdb_code)
74 return LDB_ERR_OPERATIONS_ERROR;
76 return LDB_ERR_PROTOCOL_ERROR;
80 case TDB_ERR_LOCK_TIMEOUT:
81 return LDB_ERR_TIME_LIMIT_EXCEEDED;
83 return LDB_ERR_ENTRY_ALREADY_EXISTS;
85 return LDB_ERR_NO_SUCH_OBJECT;
87 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
95 lock the database for read - use by ltdb_search and ltdb_sequence_number
97 static int ltdb_lock_read(struct ldb_module *module)
99 void *data = ldb_module_get_private(module);
100 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
104 if (ltdb->in_transaction == 0 &&
105 ltdb->read_lock_count == 0) {
106 tdb_ret = tdb_lockall_read(ltdb->tdb);
109 ltdb->read_lock_count++;
112 ret = ltdb_err_map(tdb_error(ltdb->tdb));
113 if (ret == LDB_SUCCESS) {
114 ret = LDB_ERR_OPERATIONS_ERROR;
116 ldb_debug_set(ldb_module_get_ctx(module),
118 "Failure during ltdb_lock_read(): %s -> %s",
119 tdb_errorstr(ltdb->tdb),
125 unlock the database after a ltdb_lock_read()
127 static int ltdb_unlock_read(struct ldb_module *module)
129 void *data = ldb_module_get_private(module);
130 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
131 if (ltdb->in_transaction == 0 && ltdb->read_lock_count == 1) {
132 tdb_unlockall_read(ltdb->tdb);
133 ltdb->read_lock_count--;
136 ltdb->read_lock_count--;
142 * Determine if this key could hold a record. We allow the new GUID
143 * index, the old DN index and a possible future ID=
145 bool ltdb_key_is_record(TDB_DATA key)
151 if (memcmp(key.dptr, "DN=", 3) == 0) {
155 if (memcmp(key.dptr, "ID=", 3) == 0) {
159 if (key.dsize < sizeof(LTDB_GUID_KEY_PREFIX)) {
163 if (memcmp(key.dptr, LTDB_GUID_KEY_PREFIX,
164 sizeof(LTDB_GUID_KEY_PREFIX) - 1) == 0) {
172 form a TDB_DATA for a record key
175 note that the key for a record can depend on whether the
176 dn refers to a case sensitive index record or not
178 TDB_DATA ltdb_key_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx,
182 char *key_str = NULL;
183 const char *dn_folded = NULL;
186 most DNs are case insensitive. The exception is index DNs for
187 case sensitive attributes
189 there are 3 cases dealt with in this code:
191 1) if the dn doesn't start with @ then uppercase the attribute
192 names and the attributes values of case insensitive attributes
193 2) if the dn starts with @ then leave it alone -
194 the indexing code handles the rest
197 dn_folded = ldb_dn_get_casefold(dn);
202 key_str = talloc_strdup(mem_ctx, "DN=");
207 key_str = talloc_strdup_append_buffer(key_str, dn_folded);
212 key.dptr = (uint8_t *)key_str;
213 key.dsize = strlen(key_str) + 1;
224 /* The caller is to provide a correctly sized key */
225 int ltdb_guid_to_key(struct ldb_module *module,
226 struct ltdb_private *ltdb,
227 const struct ldb_val *GUID_val,
230 const char *GUID_prefix = LTDB_GUID_KEY_PREFIX;
231 const int GUID_prefix_len = sizeof(LTDB_GUID_KEY_PREFIX) - 1;
233 if (key->dsize != (GUID_val->length+GUID_prefix_len)) {
234 return LDB_ERR_OPERATIONS_ERROR;
237 memcpy(key->dptr, GUID_prefix, GUID_prefix_len);
238 memcpy(&key->dptr[GUID_prefix_len],
239 GUID_val->data, GUID_val->length);
244 * The caller is to provide a correctly sized key, used only in
245 * the GUID index mode
247 int ltdb_idx_to_key(struct ldb_module *module,
248 struct ltdb_private *ltdb,
250 const struct ldb_val *idx_val,
253 struct ldb_context *ldb = ldb_module_get_ctx(module);
256 if (ltdb->cache->GUID_index_attribute != NULL) {
257 return ltdb_guid_to_key(module, ltdb,
261 dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
264 * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
265 * to the caller, as this in an invalid index value
267 return LDB_ERR_OPERATIONS_ERROR;
270 *key = ltdb_key_dn(module, mem_ctx, dn);
273 return ldb_module_oom(module);
279 form a TDB_DATA for a record key
280 caller frees mem_ctx, which may or may not have the key
283 note that the key for a record can depend on whether a
284 GUID index is in use, or the DN is used as the key
286 TDB_DATA ltdb_key_msg(struct ldb_module *module, TALLOC_CTX *mem_ctx,
287 const struct ldb_message *msg)
289 void *data = ldb_module_get_private(module);
290 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
292 const struct ldb_val *guid_val;
295 if (ltdb->cache->GUID_index_attribute == NULL) {
296 return ltdb_key_dn(module, mem_ctx, msg->dn);
299 if (ldb_dn_is_special(msg->dn)) {
300 return ltdb_key_dn(module, mem_ctx, msg->dn);
303 guid_val = ldb_msg_find_ldb_val(msg,
304 ltdb->cache->GUID_index_attribute);
305 if (guid_val == NULL) {
306 ldb_asprintf_errstring(ldb_module_get_ctx(module),
307 "Did not find GUID attribute %s "
308 "in %s, required for TDB record "
309 "key in " LTDB_IDXGUID " mode.",
310 ltdb->cache->GUID_index_attribute,
311 ldb_dn_get_linearized(msg->dn));
318 /* In this case, allocate with talloc */
319 key.dptr = talloc_size(mem_ctx, LTDB_GUID_KEY_SIZE);
320 if (key.dptr == NULL) {
326 key.dsize = talloc_get_size(key.dptr);
328 ret = ltdb_guid_to_key(module, ltdb, guid_val, &key);
330 if (ret != LDB_SUCCESS) {
340 check special dn's have valid attributes
341 currently only @ATTRIBUTES is checked
343 static int ltdb_check_special_dn(struct ldb_module *module,
344 const struct ldb_message *msg)
346 struct ldb_context *ldb = ldb_module_get_ctx(module);
349 if (! ldb_dn_is_special(msg->dn) ||
350 ! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
354 /* we have @ATTRIBUTES, let's check attributes are fine */
355 /* should we check that we deny multivalued attributes ? */
356 for (i = 0; i < msg->num_elements; i++) {
357 if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
359 for (j = 0; j < msg->elements[i].num_values; j++) {
360 if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
361 ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
362 return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
372 we've made a modification to a dn - possibly reindex and
373 update sequence number
375 static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
377 int ret = LDB_SUCCESS;
378 struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
380 /* only allow modifies inside a transaction, otherwise the
382 if (ltdb->in_transaction == 0) {
383 ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
384 return LDB_ERR_OPERATIONS_ERROR;
387 if (ldb_dn_is_special(dn) &&
388 (ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
389 ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) )
391 if (ltdb->warn_reindex) {
392 ldb_debug(ldb_module_get_ctx(module),
393 LDB_DEBUG_ERROR, "Reindexing %s due to modification on %s",
394 ltdb->kv_ops->name(ltdb), ldb_dn_get_linearized(dn));
396 ret = ltdb_reindex(module);
399 /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
400 if (ret == LDB_SUCCESS &&
401 !(ldb_dn_is_special(dn) &&
402 ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
403 ret = ltdb_increase_sequence_number(module);
406 /* If the modify was to @OPTIONS, reload the cache */
407 if (ret == LDB_SUCCESS &&
408 ldb_dn_is_special(dn) &&
409 (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
410 ret = ltdb_cache_reload(module);
413 if (ret != LDB_SUCCESS) {
414 ltdb->reindex_failed = true;
420 static int ltdb_tdb_store(struct ltdb_private *ltdb, struct ldb_val ldb_key,
421 struct ldb_val ldb_data, int flags)
424 .dptr = ldb_key.data,
425 .dsize = ldb_key.length
428 .dptr = ldb_data.data,
429 .dsize = ldb_data.length
431 bool transaction_active = tdb_transaction_active(ltdb->tdb);
432 if (transaction_active == false){
433 return LDB_ERR_PROTOCOL_ERROR;
435 return tdb_store(ltdb->tdb, key, data, flags);
438 static int ltdb_error(struct ltdb_private *ltdb)
440 return ltdb_err_map(tdb_error(ltdb->tdb));
443 static const char *ltdb_errorstr(struct ltdb_private *ltdb)
445 return tdb_errorstr(ltdb->tdb);
449 store a record into the db
451 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs)
453 void *data = ldb_module_get_private(module);
454 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
456 struct ldb_val ldb_key;
457 struct ldb_val ldb_data;
458 int ret = LDB_SUCCESS;
459 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
461 if (tdb_key_ctx == NULL) {
462 return ldb_module_oom(module);
465 if (ltdb->read_only) {
466 return LDB_ERR_UNWILLING_TO_PERFORM;
469 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
470 if (tdb_key.dptr == NULL) {
471 TALLOC_FREE(tdb_key_ctx);
472 return LDB_ERR_OTHER;
475 ret = ldb_pack_data(ldb_module_get_ctx(module),
478 TALLOC_FREE(tdb_key_ctx);
479 return LDB_ERR_OTHER;
482 ldb_key.data = tdb_key.dptr;
483 ldb_key.length = tdb_key.dsize;
485 ret = ltdb->kv_ops->store(ltdb, ldb_key, ldb_data, flgs);
487 bool is_special = ldb_dn_is_special(msg->dn);
488 ret = ltdb->kv_ops->error(ltdb);
491 * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
492 * the GUID, so re-map
494 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS
496 && ltdb->cache->GUID_index_attribute != NULL) {
497 ret = LDB_ERR_CONSTRAINT_VIOLATION;
503 TALLOC_FREE(tdb_key_ctx);
504 talloc_free(ldb_data.data);
511 check if a attribute is a single valued, for a given element
513 static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a,
514 struct ldb_message_element *el)
516 if (!a) return false;
518 if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
519 /* override from a ldb module, for example
520 used for the description field, which is
521 marked multi-valued in the schema but which
522 should not actually accept multiple
526 if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
527 /* override from a ldb module, for example used for
528 deleted linked attribute entries */
532 if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
538 static int ltdb_add_internal(struct ldb_module *module,
539 struct ltdb_private *ltdb,
540 const struct ldb_message *msg,
541 bool check_single_value)
543 struct ldb_context *ldb = ldb_module_get_ctx(module);
544 int ret = LDB_SUCCESS;
547 for (i=0;i<msg->num_elements;i++) {
548 struct ldb_message_element *el = &msg->elements[i];
549 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
551 if (el->num_values == 0) {
552 ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
553 el->name, ldb_dn_get_linearized(msg->dn));
554 return LDB_ERR_CONSTRAINT_VIOLATION;
556 if (check_single_value &&
557 el->num_values > 1 &&
558 ldb_tdb_single_valued(a, el)) {
559 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
560 el->name, ldb_dn_get_linearized(msg->dn));
561 return LDB_ERR_CONSTRAINT_VIOLATION;
564 /* Do not check "@ATTRIBUTES" for duplicated values */
565 if (ldb_dn_is_special(msg->dn) &&
566 ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
570 if (check_single_value &&
572 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
573 struct ldb_val *duplicate = NULL;
575 ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
577 if (ret != LDB_SUCCESS) {
580 if (duplicate != NULL) {
581 ldb_asprintf_errstring(
583 "attribute '%s': value '%.*s' on '%s' "
584 "provided more than once in ADD object",
586 (int)duplicate->length,
588 ldb_dn_get_linearized(msg->dn));
589 return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
594 ret = ltdb_store(module, msg, TDB_INSERT);
595 if (ret != LDB_SUCCESS) {
597 * Try really hard to get the right error code for
598 * a re-add situation, as this can matter!
600 if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
602 struct ldb_dn *dn2 = NULL;
603 TALLOC_CTX *mem_ctx = talloc_new(module);
604 if (mem_ctx == NULL) {
605 return ldb_module_operr(module);
607 ret2 = ltdb_search_base(module, module,
609 TALLOC_FREE(mem_ctx);
610 if (ret2 == LDB_SUCCESS) {
611 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
614 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
615 ldb_asprintf_errstring(ldb,
616 "Entry %s already exists",
617 ldb_dn_get_linearized(msg->dn));
622 ret = ltdb_index_add_new(module, ltdb, msg);
623 if (ret != LDB_SUCCESS) {
625 * If we failed to index, delete the message again.
627 * This is particularly important for the GUID index
628 * case, which will only fail for a duplicate DN
631 * Note that the caller may not cancel the transation
632 * and this means the above add might really show up!
634 ltdb_delete_noindex(module, msg);
638 ret = ltdb_modified(module, msg->dn);
644 add a record to the database
646 static int ltdb_add(struct ltdb_context *ctx)
648 struct ldb_module *module = ctx->module;
649 struct ldb_request *req = ctx->req;
650 void *data = ldb_module_get_private(module);
651 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
652 int ret = LDB_SUCCESS;
654 if (ltdb->max_key_length != 0 &&
655 ltdb->cache->GUID_index_attribute == NULL &&
656 !ldb_dn_is_special(req->op.add.message->dn))
658 ldb_set_errstring(ldb_module_get_ctx(module),
659 "Must operate ldb_mdb in GUID "
660 "index mode, but " LTDB_IDXGUID " not set.");
661 return LDB_ERR_UNWILLING_TO_PERFORM;
664 ret = ltdb_check_special_dn(module, req->op.add.message);
665 if (ret != LDB_SUCCESS) {
669 ldb_request_set_state(req, LDB_ASYNC_PENDING);
671 if (ltdb_cache_load(module) != 0) {
672 return LDB_ERR_OPERATIONS_ERROR;
675 ret = ltdb_add_internal(module, ltdb,
676 req->op.add.message, true);
681 static int ltdb_tdb_delete(struct ltdb_private *ltdb, struct ldb_val ldb_key)
684 .dptr = ldb_key.data,
685 .dsize = ldb_key.length
687 bool transaction_active = tdb_transaction_active(ltdb->tdb);
688 if (transaction_active == false){
689 return LDB_ERR_PROTOCOL_ERROR;
691 return tdb_delete(ltdb->tdb, tdb_key);
695 delete a record from the database, not updating indexes (used for deleting
698 int ltdb_delete_noindex(struct ldb_module *module,
699 const struct ldb_message *msg)
701 void *data = ldb_module_get_private(module);
702 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
703 struct ldb_val ldb_key;
706 TALLOC_CTX *tdb_key_ctx = talloc_new(module);
708 if (tdb_key_ctx == NULL) {
709 return ldb_module_oom(module);
712 if (ltdb->read_only) {
713 return LDB_ERR_UNWILLING_TO_PERFORM;
716 tdb_key = ltdb_key_msg(module, tdb_key_ctx, msg);
718 TALLOC_FREE(tdb_key_ctx);
719 return LDB_ERR_OTHER;
722 ldb_key.data = tdb_key.dptr;
723 ldb_key.length = tdb_key.dsize;
725 ret = ltdb->kv_ops->delete(ltdb, ldb_key);
726 TALLOC_FREE(tdb_key_ctx);
729 ret = ltdb->kv_ops->error(ltdb);
735 static int ltdb_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
737 struct ldb_message *msg;
738 int ret = LDB_SUCCESS;
740 msg = ldb_msg_new(module);
742 return LDB_ERR_OPERATIONS_ERROR;
745 /* in case any attribute of the message was indexed, we need
746 to fetch the old record */
747 ret = ltdb_search_dn1(module, dn, msg, LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
748 if (ret != LDB_SUCCESS) {
749 /* not finding the old record is an error */
753 ret = ltdb_delete_noindex(module, msg);
754 if (ret != LDB_SUCCESS) {
758 /* remove any indexed attributes */
759 ret = ltdb_index_delete(module, msg);
760 if (ret != LDB_SUCCESS) {
764 ret = ltdb_modified(module, dn);
765 if (ret != LDB_SUCCESS) {
775 delete a record from the database
777 static int ltdb_delete(struct ltdb_context *ctx)
779 struct ldb_module *module = ctx->module;
780 struct ldb_request *req = ctx->req;
781 int ret = LDB_SUCCESS;
783 ldb_request_set_state(req, LDB_ASYNC_PENDING);
785 if (ltdb_cache_load(module) != 0) {
786 return LDB_ERR_OPERATIONS_ERROR;
789 ret = ltdb_delete_internal(module, req->op.del.dn);
795 find an element by attribute name. At the moment this does a linear search,
796 it should be re-coded to use a binary search once all places that modify
797 records guarantee sorted order
799 return the index of the first matching element if found, otherwise -1
801 static int find_element(const struct ldb_message *msg, const char *name)
804 for (i=0;i<msg->num_elements;i++) {
805 if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
814 add an element to an existing record. Assumes a elements array that we
815 can call re-alloc on, and assumed that we can re-use the data pointers from
816 the passed in additional values. Use with care!
818 returns 0 on success, -1 on failure (and sets errno)
820 static int ltdb_msg_add_element(struct ldb_message *msg,
821 struct ldb_message_element *el)
823 struct ldb_message_element *e2;
826 if (el->num_values == 0) {
827 /* nothing to do here - we don't add empty elements */
831 e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
832 msg->num_elements+1);
840 e2 = &msg->elements[msg->num_elements];
843 e2->flags = el->flags;
844 e2->values = talloc_array(msg->elements,
845 struct ldb_val, el->num_values);
850 for (i=0;i<el->num_values;i++) {
851 e2->values[i] = el->values[i];
853 e2->num_values = el->num_values;
861 delete all elements having a specified attribute name
863 static int msg_delete_attribute(struct ldb_module *module,
864 struct ltdb_private *ltdb,
865 struct ldb_message *msg, const char *name)
869 struct ldb_message_element *el;
870 bool is_special = ldb_dn_is_special(msg->dn);
873 && ltdb->cache->GUID_index_attribute != NULL
874 && ldb_attr_cmp(name, ltdb->cache->GUID_index_attribute) == 0) {
875 struct ldb_context *ldb = ldb_module_get_ctx(module);
876 ldb_asprintf_errstring(ldb, "Must not modify GUID "
877 "attribute %s (used as DB index)",
878 ltdb->cache->GUID_index_attribute);
879 return LDB_ERR_CONSTRAINT_VIOLATION;
882 el = ldb_msg_find_element(msg, name);
884 return LDB_ERR_NO_SUCH_ATTRIBUTE;
886 i = el - msg->elements;
888 ret = ltdb_index_del_element(module, ltdb, msg, el);
889 if (ret != LDB_SUCCESS) {
893 talloc_free(el->values);
894 if (msg->num_elements > (i+1)) {
895 memmove(el, el+1, sizeof(*el) * (msg->num_elements - (i+1)));
898 msg->elements = talloc_realloc(msg, msg->elements,
899 struct ldb_message_element,
905 delete all elements matching an attribute name/value
907 return LDB Error on failure
909 static int msg_delete_element(struct ldb_module *module,
910 struct ltdb_private *ltdb,
911 struct ldb_message *msg,
913 const struct ldb_val *val)
915 struct ldb_context *ldb = ldb_module_get_ctx(module);
918 struct ldb_message_element *el;
919 const struct ldb_schema_attribute *a;
921 found = find_element(msg, name);
923 return LDB_ERR_NO_SUCH_ATTRIBUTE;
926 i = (unsigned int) found;
927 el = &(msg->elements[i]);
929 a = ldb_schema_attribute_by_name(ldb, el->name);
931 for (i=0;i<el->num_values;i++) {
933 if (a->syntax->operator_fn) {
934 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
935 &el->values[i], val, &matched);
936 if (ret != LDB_SUCCESS) return ret;
938 matched = (a->syntax->comparison_fn(ldb, ldb,
939 &el->values[i], val) == 0);
942 if (el->num_values == 1) {
943 return msg_delete_attribute(module,
947 ret = ltdb_index_del_value(module, ltdb, msg, el, i);
948 if (ret != LDB_SUCCESS) {
952 if (i<el->num_values-1) {
953 memmove(&el->values[i], &el->values[i+1],
954 sizeof(el->values[i])*
955 (el->num_values-(i+1)));
959 /* per definition we find in a canonicalised message an
960 attribute value only once. So we are finished here */
966 return LDB_ERR_NO_SUCH_ATTRIBUTE;
970 modify a record - internal interface
972 yuck - this is O(n^2). Luckily n is usually small so we probably
973 get away with it, but if we ever have really large attribute lists
974 then we'll need to look at this again
976 'req' is optional, and is used to specify controls if supplied
978 int ltdb_modify_internal(struct ldb_module *module,
979 const struct ldb_message *msg,
980 struct ldb_request *req)
982 struct ldb_context *ldb = ldb_module_get_ctx(module);
983 void *data = ldb_module_get_private(module);
984 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
985 struct ldb_message *msg2;
987 int ret = LDB_SUCCESS, idx;
988 struct ldb_control *control_permissive = NULL;
989 TALLOC_CTX *mem_ctx = talloc_new(req);
991 if (mem_ctx == NULL) {
992 return ldb_module_oom(module);
996 control_permissive = ldb_request_get_control(req,
997 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1000 msg2 = ldb_msg_new(mem_ctx);
1002 ret = LDB_ERR_OTHER;
1006 ret = ltdb_search_dn1(module, msg->dn,
1008 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1009 if (ret != LDB_SUCCESS) {
1013 for (i=0; i<msg->num_elements; i++) {
1014 struct ldb_message_element *el = &msg->elements[i], *el2;
1015 struct ldb_val *vals;
1016 const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
1018 uint32_t options = 0;
1019 if (control_permissive != NULL) {
1020 options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
1023 switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
1024 case LDB_FLAG_MOD_ADD:
1026 if (el->num_values == 0) {
1027 ldb_asprintf_errstring(ldb,
1028 "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
1029 el->name, ldb_dn_get_linearized(msg2->dn));
1030 ret = LDB_ERR_CONSTRAINT_VIOLATION;
1034 /* make a copy of the array so that a permissive
1035 * control can remove duplicates without changing the
1036 * original values, but do not copy data as we do not
1037 * need to keep it around once the operation is
1039 if (control_permissive) {
1040 el = talloc(msg2, struct ldb_message_element);
1042 ret = LDB_ERR_OTHER;
1045 *el = msg->elements[i];
1046 el->values = talloc_array(el, struct ldb_val, el->num_values);
1047 if (el->values == NULL) {
1048 ret = LDB_ERR_OTHER;
1051 for (j = 0; j < el->num_values; j++) {
1052 el->values[j] = msg->elements[i].values[j];
1056 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1057 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1058 el->name, ldb_dn_get_linearized(msg2->dn));
1059 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1063 /* Checks if element already exists */
1064 idx = find_element(msg2, el->name);
1066 if (ltdb_msg_add_element(msg2, el) != 0) {
1067 ret = LDB_ERR_OTHER;
1070 ret = ltdb_index_add_element(module, ltdb,
1073 if (ret != LDB_SUCCESS) {
1077 j = (unsigned int) idx;
1078 el2 = &(msg2->elements[j]);
1080 /* We cannot add another value on a existing one
1081 if the attribute is single-valued */
1082 if (ldb_tdb_single_valued(a, el)) {
1083 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1084 el->name, ldb_dn_get_linearized(msg2->dn));
1085 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1089 /* Check that values don't exist yet on multi-
1090 valued attributes or aren't provided twice */
1092 LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1093 struct ldb_val *duplicate = NULL;
1094 ret = ldb_msg_find_common_values(ldb,
1101 LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1102 ldb_asprintf_errstring(ldb,
1103 "attribute '%s': value "
1104 "#%u on '%s' already "
1105 "exists", el->name, j,
1106 ldb_dn_get_linearized(msg2->dn));
1108 } else if (ret != LDB_SUCCESS) {
1112 ret = ldb_msg_find_duplicate_val(
1113 ldb, msg2, el, &duplicate, 0);
1114 if (ret != LDB_SUCCESS) {
1117 if (duplicate != NULL) {
1118 ldb_asprintf_errstring(
1120 "attribute '%s': value "
1122 "provided more than "
1125 (int)duplicate->length,
1127 ldb_dn_get_linearized(msg->dn));
1128 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1133 /* Now combine existing and new values to a new
1135 vals = talloc_realloc(msg2->elements,
1136 el2->values, struct ldb_val,
1137 el2->num_values + el->num_values);
1140 ret = LDB_ERR_OTHER;
1144 for (j=0; j<el->num_values; j++) {
1145 vals[el2->num_values + j] =
1146 ldb_val_dup(vals, &el->values[j]);
1150 el2->num_values += el->num_values;
1152 ret = ltdb_index_add_element(module, ltdb,
1154 if (ret != LDB_SUCCESS) {
1161 case LDB_FLAG_MOD_REPLACE:
1163 if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
1164 ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1165 el->name, ldb_dn_get_linearized(msg2->dn));
1166 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1171 * We don't need to check this if we have been
1172 * pre-screened by the repl_meta_data module
1173 * in Samba, or someone else who can claim to
1174 * know what they are doing.
1176 if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1177 struct ldb_val *duplicate = NULL;
1179 ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1181 if (ret != LDB_SUCCESS) {
1184 if (duplicate != NULL) {
1185 ldb_asprintf_errstring(
1187 "attribute '%s': value '%.*s' "
1188 "on '%s' provided more than "
1191 (int)duplicate->length,
1193 ldb_dn_get_linearized(msg2->dn));
1194 ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1199 /* Checks if element already exists */
1200 idx = find_element(msg2, el->name);
1202 j = (unsigned int) idx;
1203 el2 = &(msg2->elements[j]);
1205 /* we consider two elements to be
1206 * equal only if the order
1207 * matches. This allows dbcheck to
1208 * fix the ordering on attributes
1209 * where order matters, such as
1212 if (ldb_msg_element_equal_ordered(el, el2)) {
1216 /* Delete the attribute if it exists in the DB */
1217 if (msg_delete_attribute(module, ltdb,
1220 ret = LDB_ERR_OTHER;
1225 /* Recreate it with the new values */
1226 if (ltdb_msg_add_element(msg2, el) != 0) {
1227 ret = LDB_ERR_OTHER;
1231 ret = ltdb_index_add_element(module, ltdb,
1233 if (ret != LDB_SUCCESS) {
1239 case LDB_FLAG_MOD_DELETE:
1240 dn = ldb_dn_get_linearized(msg2->dn);
1242 ret = LDB_ERR_OTHER;
1246 if (msg->elements[i].num_values == 0) {
1247 /* Delete the whole attribute */
1248 ret = msg_delete_attribute(module,
1251 msg->elements[i].name);
1252 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1253 control_permissive) {
1256 ldb_asprintf_errstring(ldb,
1257 "attribute '%s': no such attribute for delete on '%s'",
1258 msg->elements[i].name, dn);
1260 if (ret != LDB_SUCCESS) {
1264 /* Delete specified values from an attribute */
1265 for (j=0; j < msg->elements[i].num_values; j++) {
1266 ret = msg_delete_element(module,
1269 msg->elements[i].name,
1270 &msg->elements[i].values[j]);
1271 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1272 control_permissive) {
1274 } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1275 ldb_asprintf_errstring(ldb,
1276 "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1277 msg->elements[i].name, dn);
1279 if (ret != LDB_SUCCESS) {
1286 ldb_asprintf_errstring(ldb,
1287 "attribute '%s': invalid modify flags on '%s': 0x%x",
1288 msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1289 msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1290 ret = LDB_ERR_PROTOCOL_ERROR;
1295 ret = ltdb_store(module, msg2, TDB_MODIFY);
1296 if (ret != LDB_SUCCESS) {
1300 ret = ltdb_modified(module, msg2->dn);
1301 if (ret != LDB_SUCCESS) {
1306 TALLOC_FREE(mem_ctx);
1313 static int ltdb_modify(struct ltdb_context *ctx)
1315 struct ldb_module *module = ctx->module;
1316 struct ldb_request *req = ctx->req;
1317 int ret = LDB_SUCCESS;
1319 ret = ltdb_check_special_dn(module, req->op.mod.message);
1320 if (ret != LDB_SUCCESS) {
1324 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1326 if (ltdb_cache_load(module) != 0) {
1327 return LDB_ERR_OPERATIONS_ERROR;
1330 ret = ltdb_modify_internal(module, req->op.mod.message, req);
1338 static int ltdb_rename(struct ltdb_context *ctx)
1340 struct ldb_module *module = ctx->module;
1341 void *data = ldb_module_get_private(module);
1342 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1343 struct ldb_request *req = ctx->req;
1344 struct ldb_message *msg;
1345 int ret = LDB_SUCCESS;
1346 TDB_DATA tdb_key, tdb_key_old;
1347 struct ldb_dn *db_dn;
1349 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1351 if (ltdb_cache_load(ctx->module) != 0) {
1352 return LDB_ERR_OPERATIONS_ERROR;
1355 msg = ldb_msg_new(ctx);
1357 return LDB_ERR_OPERATIONS_ERROR;
1360 /* we need to fetch the old record to re-add under the new name */
1361 ret = ltdb_search_dn1(module, req->op.rename.olddn, msg,
1362 LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC);
1363 if (ret != LDB_SUCCESS) {
1364 /* not finding the old record is an error */
1368 /* We need to, before changing the DB, check if the new DN
1369 * exists, so we can return this error to the caller with an
1372 * Even in GUID index mode we use ltdb_key_dn() as we are
1373 * trying to figure out if this is just a case rename
1375 tdb_key = ltdb_key_dn(module, msg, req->op.rename.newdn);
1376 if (!tdb_key.dptr) {
1378 return LDB_ERR_OPERATIONS_ERROR;
1381 tdb_key_old = ltdb_key_dn(module, msg, req->op.rename.olddn);
1382 if (!tdb_key_old.dptr) {
1384 talloc_free(tdb_key.dptr);
1385 return LDB_ERR_OPERATIONS_ERROR;
1389 * Only declare a conflict if the new DN already exists,
1390 * and it isn't a case change on the old DN
1392 if (tdb_key_old.dsize != tdb_key.dsize
1393 || memcmp(tdb_key.dptr, tdb_key_old.dptr, tdb_key.dsize) != 0) {
1394 ret = ltdb_search_base(module, msg,
1395 req->op.rename.newdn,
1397 if (ret == LDB_SUCCESS) {
1398 ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1399 } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1404 /* finding the new record already in the DB is an error */
1406 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1407 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1408 "Entry %s already exists",
1409 ldb_dn_get_linearized(req->op.rename.newdn));
1411 if (ret != LDB_SUCCESS) {
1412 talloc_free(tdb_key_old.dptr);
1413 talloc_free(tdb_key.dptr);
1418 talloc_free(tdb_key_old.dptr);
1419 talloc_free(tdb_key.dptr);
1421 /* Always delete first then add, to avoid conflicts with
1422 * unique indexes. We rely on the transaction to make this
1425 ret = ltdb_delete_internal(module, msg->dn);
1426 if (ret != LDB_SUCCESS) {
1431 msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1432 if (msg->dn == NULL) {
1434 return LDB_ERR_OPERATIONS_ERROR;
1437 /* We don't check single value as we can have more than 1 with
1438 * deleted attributes. We could go through all elements but that's
1439 * maybe not the most efficient way
1441 ret = ltdb_add_internal(module, ltdb, msg, false);
1448 static int ltdb_tdb_transaction_start(struct ltdb_private *ltdb)
1450 return tdb_transaction_start(ltdb->tdb);
1453 static int ltdb_tdb_transaction_cancel(struct ltdb_private *ltdb)
1455 return tdb_transaction_cancel(ltdb->tdb);
1458 static int ltdb_tdb_transaction_prepare_commit(struct ltdb_private *ltdb)
1460 return tdb_transaction_prepare_commit(ltdb->tdb);
1463 static int ltdb_tdb_transaction_commit(struct ltdb_private *ltdb)
1465 return tdb_transaction_commit(ltdb->tdb);
1468 static int ltdb_start_trans(struct ldb_module *module)
1470 void *data = ldb_module_get_private(module);
1471 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1473 /* Do not take out the transaction lock on a read-only DB */
1474 if (ltdb->read_only) {
1475 return LDB_ERR_UNWILLING_TO_PERFORM;
1478 if (ltdb->kv_ops->begin_write(ltdb) != 0) {
1479 return ltdb->kv_ops->error(ltdb);
1482 ltdb->in_transaction++;
1484 ltdb_index_transaction_start(module);
1486 ltdb->reindex_failed = false;
1492 * Forward declaration to allow prepare_commit to in fact abort the
1495 static int ltdb_del_trans(struct ldb_module *module);
1497 static int ltdb_prepare_commit(struct ldb_module *module)
1500 void *data = ldb_module_get_private(module);
1501 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1503 if (ltdb->in_transaction != 1) {
1508 * Check if the last re-index failed.
1510 * This can happen if for example a duplicate value was marked
1511 * unique. We must not write a partial re-index into the DB.
1513 if (ltdb->reindex_failed) {
1515 * We must instead abort the transaction so we get the
1516 * old values and old index back
1518 ltdb_del_trans(module);
1519 ldb_set_errstring(ldb_module_get_ctx(module),
1520 "Failure during re-index, so "
1521 "transaction must be aborted.");
1522 return LDB_ERR_OPERATIONS_ERROR;
1525 ret = ltdb_index_transaction_commit(module);
1526 if (ret != LDB_SUCCESS) {
1527 ltdb->kv_ops->abort_write(ltdb);
1528 ltdb->in_transaction--;
1532 if (ltdb->kv_ops->prepare_write(ltdb) != 0) {
1533 ret = ltdb->kv_ops->error(ltdb);
1534 ltdb->in_transaction--;
1535 ldb_debug_set(ldb_module_get_ctx(module),
1538 "prepare_write): %s -> %s",
1539 ltdb->kv_ops->errorstr(ltdb),
1544 ltdb->prepared_commit = true;
1549 static int ltdb_end_trans(struct ldb_module *module)
1552 void *data = ldb_module_get_private(module);
1553 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1555 if (!ltdb->prepared_commit) {
1556 ret = ltdb_prepare_commit(module);
1557 if (ret != LDB_SUCCESS) {
1562 ltdb->in_transaction--;
1563 ltdb->prepared_commit = false;
1565 if (ltdb->kv_ops->finish_write(ltdb) != 0) {
1566 ret = ltdb->kv_ops->error(ltdb);
1567 ldb_asprintf_errstring(ldb_module_get_ctx(module),
1568 "Failure during tdb_transaction_commit(): %s -> %s",
1569 ltdb->kv_ops->errorstr(ltdb),
1577 static int ltdb_del_trans(struct ldb_module *module)
1579 void *data = ldb_module_get_private(module);
1580 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1582 ltdb->in_transaction--;
1584 if (ltdb_index_transaction_cancel(module) != 0) {
1585 ltdb->kv_ops->abort_write(ltdb);
1586 return ltdb->kv_ops->error(ltdb);
1589 ltdb->kv_ops->abort_write(ltdb);
1594 return sequenceNumber from @BASEINFO
1596 static int ltdb_sequence_number(struct ltdb_context *ctx,
1597 struct ldb_extended **ext)
1599 struct ldb_context *ldb;
1600 struct ldb_module *module = ctx->module;
1601 struct ldb_request *req = ctx->req;
1602 void *data = ldb_module_get_private(module);
1603 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
1604 TALLOC_CTX *tmp_ctx = NULL;
1605 struct ldb_seqnum_request *seq;
1606 struct ldb_seqnum_result *res;
1607 struct ldb_message *msg = NULL;
1610 int ret = LDB_SUCCESS;
1612 ldb = ldb_module_get_ctx(module);
1614 seq = talloc_get_type(req->op.extended.data,
1615 struct ldb_seqnum_request);
1617 return LDB_ERR_OPERATIONS_ERROR;
1620 ldb_request_set_state(req, LDB_ASYNC_PENDING);
1622 if (ltdb->kv_ops->lock_read(module) != 0) {
1623 return LDB_ERR_OPERATIONS_ERROR;
1626 res = talloc_zero(req, struct ldb_seqnum_result);
1628 ret = LDB_ERR_OPERATIONS_ERROR;
1632 tmp_ctx = talloc_new(req);
1633 if (tmp_ctx == NULL) {
1634 ret = LDB_ERR_OPERATIONS_ERROR;
1638 dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
1640 ret = LDB_ERR_OPERATIONS_ERROR;
1644 msg = ldb_msg_new(tmp_ctx);
1646 ret = LDB_ERR_OPERATIONS_ERROR;
1650 ret = ltdb_search_dn1(module, dn, msg, 0);
1651 if (ret != LDB_SUCCESS) {
1655 switch (seq->type) {
1656 case LDB_SEQ_HIGHEST_SEQ:
1657 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1660 res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
1663 case LDB_SEQ_HIGHEST_TIMESTAMP:
1664 date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
1666 res->seq_num = ldb_string_to_time(date);
1669 /* zero is as good as anything when we don't know */
1674 *ext = talloc_zero(req, struct ldb_extended);
1676 ret = LDB_ERR_OPERATIONS_ERROR;
1679 (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1680 (*ext)->data = talloc_steal(*ext, res);
1683 talloc_free(tmp_ctx);
1685 ltdb->kv_ops->unlock_read(module);
1689 static void ltdb_request_done(struct ltdb_context *ctx, int error)
1691 struct ldb_context *ldb;
1692 struct ldb_request *req;
1693 struct ldb_reply *ares;
1695 ldb = ldb_module_get_ctx(ctx->module);
1698 /* if we already returned an error just return */
1699 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1703 ares = talloc_zero(req, struct ldb_reply);
1706 req->callback(req, NULL);
1709 ares->type = LDB_REPLY_DONE;
1710 ares->error = error;
1712 req->callback(req, ares);
1715 static void ltdb_timeout(struct tevent_context *ev,
1716 struct tevent_timer *te,
1720 struct ltdb_context *ctx;
1721 ctx = talloc_get_type(private_data, struct ltdb_context);
1723 if (!ctx->request_terminated) {
1724 /* request is done now */
1725 ltdb_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1729 /* neutralize the spy */
1730 ctx->spy->ctx = NULL;
1736 static void ltdb_request_extended_done(struct ltdb_context *ctx,
1737 struct ldb_extended *ext,
1740 struct ldb_context *ldb;
1741 struct ldb_request *req;
1742 struct ldb_reply *ares;
1744 ldb = ldb_module_get_ctx(ctx->module);
1747 /* if we already returned an error just return */
1748 if (ldb_request_get_status(req) != LDB_SUCCESS) {
1752 ares = talloc_zero(req, struct ldb_reply);
1755 req->callback(req, NULL);
1758 ares->type = LDB_REPLY_DONE;
1759 ares->response = ext;
1760 ares->error = error;
1762 req->callback(req, ares);
1765 static void ltdb_handle_extended(struct ltdb_context *ctx)
1767 struct ldb_extended *ext = NULL;
1770 if (strcmp(ctx->req->op.extended.oid,
1771 LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1772 /* get sequence number */
1773 ret = ltdb_sequence_number(ctx, &ext);
1775 /* not recognized */
1776 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1779 ltdb_request_extended_done(ctx, ext, ret);
1783 ldb_kv_traverse_fn kv_traverse_fn;
1785 struct ltdb_private *ltdb;
1786 int (*parser)(struct ldb_val key,
1787 struct ldb_val data,
1788 void *private_data);
1791 static int ldb_tdb_traverse_fn_wrapper(struct tdb_context *tdb, TDB_DATA tdb_key, TDB_DATA tdb_data, void *ctx)
1793 struct kv_ctx *kv_ctx = ctx;
1794 struct ldb_val key = {
1795 .length = tdb_key.dsize,
1796 .data = tdb_key.dptr,
1798 struct ldb_val data = {
1799 .length = tdb_data.dsize,
1800 .data = tdb_data.dptr,
1802 return kv_ctx->kv_traverse_fn(kv_ctx->ltdb, key, data, kv_ctx->ctx);
1805 static int ltdb_tdb_traverse_fn(struct ltdb_private *ltdb, ldb_kv_traverse_fn fn, void *ctx)
1807 struct kv_ctx kv_ctx = {
1808 .kv_traverse_fn = fn,
1812 if (ltdb->in_transaction != 0) {
1813 return tdb_traverse(ltdb->tdb, ldb_tdb_traverse_fn_wrapper, &kv_ctx);
1815 return tdb_traverse_read(ltdb->tdb, ldb_tdb_traverse_fn_wrapper, &kv_ctx);
1819 static int ltdb_tdb_update_in_iterate(struct ltdb_private *ltdb,
1820 struct ldb_val ldb_key,
1821 struct ldb_val ldb_key2,
1822 struct ldb_val ldb_data, void *state)
1825 struct ldb_context *ldb;
1826 struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state;
1827 struct ldb_module *module = ctx->module;
1829 .dptr = ldb_key.data,
1830 .dsize = ldb_key.length
1833 .dptr = ldb_key2.data,
1834 .dsize = ldb_key2.length
1837 .dptr = ldb_data.data,
1838 .dsize = ldb_data.length
1841 ldb = ldb_module_get_ctx(module);
1843 tdb_ret = tdb_delete(ltdb->tdb, key);
1845 ldb_debug(ldb, LDB_DEBUG_ERROR,
1846 "Failed to delete %*.*s "
1847 "for rekey as %*.*s: %s",
1848 (int)key.dsize, (int)key.dsize,
1849 (const char *)key.dptr,
1850 (int)key2.dsize, (int)key2.dsize,
1851 (const char *)key.dptr,
1852 tdb_errorstr(ltdb->tdb));
1853 ctx->error = ltdb_err_map(tdb_error(ltdb->tdb));
1856 tdb_ret = tdb_store(ltdb->tdb, key2, data, 0);
1858 ldb_debug(ldb, LDB_DEBUG_ERROR,
1859 "Failed to rekey %*.*s as %*.*s: %s",
1860 (int)key.dsize, (int)key.dsize,
1861 (const char *)key.dptr,
1862 (int)key2.dsize, (int)key2.dsize,
1863 (const char *)key.dptr,
1864 tdb_errorstr(ltdb->tdb));
1865 ctx->error = ltdb_err_map(tdb_error(ltdb->tdb));
1871 static int ltdb_tdb_parse_record_wrapper(TDB_DATA tdb_key, TDB_DATA tdb_data,
1874 struct kv_ctx *kv_ctx = ctx;
1875 struct ldb_val key = {
1876 .length = tdb_key.dsize,
1877 .data = tdb_key.dptr,
1879 struct ldb_val data = {
1880 .length = tdb_data.dsize,
1881 .data = tdb_data.dptr,
1884 return kv_ctx->parser(key, data, kv_ctx->ctx);
1887 static int ltdb_tdb_parse_record(struct ltdb_private *ltdb,
1888 struct ldb_val ldb_key,
1889 int (*parser)(struct ldb_val key,
1890 struct ldb_val data,
1891 void *private_data),
1894 struct kv_ctx kv_ctx = {
1900 .dptr = ldb_key.data,
1901 .dsize = ldb_key.length
1905 ret = tdb_parse_record(ltdb->tdb, key, ltdb_tdb_parse_record_wrapper,
1910 return ltdb_err_map(tdb_error(ltdb->tdb));
1913 static const char * ltdb_tdb_name(struct ltdb_private *ltdb)
1915 return tdb_name(ltdb->tdb);
1918 static bool ltdb_tdb_changed(struct ltdb_private *ltdb)
1920 int seq = tdb_get_seqnum(ltdb->tdb);
1921 bool has_changed = (seq != ltdb->tdb_seqnum);
1923 ltdb->tdb_seqnum = seq;
1928 static const struct kv_db_ops key_value_ops = {
1929 .store = ltdb_tdb_store,
1930 .delete = ltdb_tdb_delete,
1931 .iterate = ltdb_tdb_traverse_fn,
1932 .update_in_iterate = ltdb_tdb_update_in_iterate,
1933 .fetch_and_parse = ltdb_tdb_parse_record,
1934 .lock_read = ltdb_lock_read,
1935 .unlock_read = ltdb_unlock_read,
1936 .begin_write = ltdb_tdb_transaction_start,
1937 .prepare_write = ltdb_tdb_transaction_prepare_commit,
1938 .finish_write = ltdb_tdb_transaction_commit,
1939 .abort_write = ltdb_tdb_transaction_cancel,
1940 .error = ltdb_error,
1941 .errorstr = ltdb_errorstr,
1942 .name = ltdb_tdb_name,
1943 .has_changed = ltdb_tdb_changed,
1946 static void ltdb_callback(struct tevent_context *ev,
1947 struct tevent_timer *te,
1951 struct ltdb_context *ctx;
1954 ctx = talloc_get_type(private_data, struct ltdb_context);
1956 if (ctx->request_terminated) {
1960 switch (ctx->req->operation) {
1962 ret = ltdb_search(ctx);
1965 ret = ltdb_add(ctx);
1968 ret = ltdb_modify(ctx);
1971 ret = ltdb_delete(ctx);
1974 ret = ltdb_rename(ctx);
1977 ltdb_handle_extended(ctx);
1980 /* no other op supported */
1981 ret = LDB_ERR_PROTOCOL_ERROR;
1984 if (!ctx->request_terminated) {
1985 /* request is done now */
1986 ltdb_request_done(ctx, ret);
1991 /* neutralize the spy */
1992 ctx->spy->ctx = NULL;
1998 static int ltdb_request_destructor(void *ptr)
2000 struct ltdb_req_spy *spy = talloc_get_type(ptr, struct ltdb_req_spy);
2002 if (spy->ctx != NULL) {
2003 spy->ctx->spy = NULL;
2004 spy->ctx->request_terminated = true;
2011 static int ltdb_handle_request(struct ldb_module *module,
2012 struct ldb_request *req)
2014 struct ldb_control *control_permissive;
2015 struct ldb_context *ldb;
2016 struct tevent_context *ev;
2017 struct ltdb_context *ac;
2018 struct tevent_timer *te;
2022 ldb = ldb_module_get_ctx(module);
2024 control_permissive = ldb_request_get_control(req,
2025 LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2027 for (i = 0; req->controls && req->controls[i]; i++) {
2028 if (req->controls[i]->critical &&
2029 req->controls[i] != control_permissive) {
2030 ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
2031 req->controls[i]->oid);
2032 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
2036 if (req->starttime == 0 || req->timeout == 0) {
2037 ldb_set_errstring(ldb, "Invalid timeout settings");
2038 return LDB_ERR_TIME_LIMIT_EXCEEDED;
2041 ev = ldb_handle_get_event_context(req->handle);
2043 ac = talloc_zero(ldb, struct ltdb_context);
2046 return LDB_ERR_OPERATIONS_ERROR;
2049 ac->module = module;
2054 te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
2057 return LDB_ERR_OPERATIONS_ERROR;
2060 if (req->timeout > 0) {
2061 tv.tv_sec = req->starttime + req->timeout;
2063 ac->timeout_event = tevent_add_timer(ev, ac, tv,
2065 if (NULL == ac->timeout_event) {
2067 return LDB_ERR_OPERATIONS_ERROR;
2071 /* set a spy so that we do not try to use the request context
2072 * if it is freed before ltdb_callback fires */
2073 ac->spy = talloc(req, struct ltdb_req_spy);
2074 if (NULL == ac->spy) {
2076 return LDB_ERR_OPERATIONS_ERROR;
2080 talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
2085 static int ltdb_init_rootdse(struct ldb_module *module)
2087 /* ignore errors on this - we expect it for non-sam databases */
2088 ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2090 /* there can be no module beyond the backend, just return */
2095 static int generic_lock_read(struct ldb_module *module)
2097 void *data = ldb_module_get_private(module);
2098 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
2099 return ltdb->kv_ops->lock_read(module);
2102 static int generic_unlock_read(struct ldb_module *module)
2104 void *data = ldb_module_get_private(module);
2105 struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
2106 return ltdb->kv_ops->unlock_read(module);
2109 static const struct ldb_module_ops ltdb_ops = {
2111 .init_context = ltdb_init_rootdse,
2112 .search = ltdb_handle_request,
2113 .add = ltdb_handle_request,
2114 .modify = ltdb_handle_request,
2115 .del = ltdb_handle_request,
2116 .rename = ltdb_handle_request,
2117 .extended = ltdb_handle_request,
2118 .start_transaction = ltdb_start_trans,
2119 .end_transaction = ltdb_end_trans,
2120 .prepare_commit = ltdb_prepare_commit,
2121 .del_transaction = ltdb_del_trans,
2122 .read_lock = generic_lock_read,
2123 .read_unlock = generic_unlock_read,
2126 int init_store(struct ltdb_private *ltdb,
2128 struct ldb_context *ldb,
2129 const char *options[],
2130 struct ldb_module **_module)
2132 struct ldb_module *module;
2134 if (getenv("LDB_WARN_UNINDEXED")) {
2135 ltdb->warn_unindexed = true;
2138 if (getenv("LDB_WARN_REINDEX")) {
2139 ltdb->warn_reindex = true;
2142 ltdb->sequence_number = 0;
2144 module = ldb_module_new(ldb, ldb, name, <db_ops);
2148 return LDB_ERR_OPERATIONS_ERROR;
2150 ldb_module_set_private(module, ltdb);
2151 talloc_steal(module, ltdb);
2153 if (ltdb_cache_load(module) != 0) {
2154 ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
2155 "records for backend '%s'", name);
2156 talloc_free(module);
2157 return LDB_ERR_OPERATIONS_ERROR;
2162 * Set or override the maximum key length
2164 * The ldb_mdb code will have set this to 511, but our tests
2165 * set this even smaller (to make the tests more practical).
2167 * This must only be used for the selftest as the length
2168 * becomes encoded in the index keys.
2171 const char *len_str =
2172 ldb_options_find(ldb, options,
2173 "max_key_len_for_self_test");
2174 if (len_str != NULL) {
2175 unsigned len = strtoul(len_str, NULL, 0);
2176 ltdb->max_key_length = len;
2184 connect to the database
2186 int ltdb_connect(struct ldb_context *ldb, const char *url,
2187 unsigned int flags, const char *options[],
2188 struct ldb_module **_module)
2191 int tdb_flags, open_flags;
2192 struct ltdb_private *ltdb;
2195 * We hold locks, so we must use a private event context
2196 * on each returned handle
2198 ldb_set_require_private_event_context(ldb);
2201 if (strchr(url, ':')) {
2202 if (strncmp(url, "tdb://", 6) != 0) {
2203 ldb_debug(ldb, LDB_DEBUG_ERROR,
2204 "Invalid tdb URL '%s'", url);
2205 return LDB_ERR_OPERATIONS_ERROR;
2212 tdb_flags = TDB_DEFAULT | TDB_SEQNUM;
2214 /* check for the 'nosync' option */
2215 if (flags & LDB_FLG_NOSYNC) {
2216 tdb_flags |= TDB_NOSYNC;
2219 /* and nommap option */
2220 if (flags & LDB_FLG_NOMMAP) {
2221 tdb_flags |= TDB_NOMMAP;
2224 ltdb = talloc_zero(ldb, struct ltdb_private);
2227 return LDB_ERR_OPERATIONS_ERROR;
2230 if (flags & LDB_FLG_RDONLY) {
2232 * This is weird, but because we can only have one tdb
2233 * in this process, and the other one could be
2234 * read-write, we can't use the tdb readonly. Plus a
2235 * read only tdb prohibits the all-record lock.
2237 open_flags = O_RDWR;
2239 ltdb->read_only = true;
2241 } else if (flags & LDB_FLG_DONT_CREATE_DB) {
2243 * This is used by ldbsearch to prevent creation of the database
2244 * if the name is wrong
2246 open_flags = O_RDWR;
2249 * This is the normal case
2251 open_flags = O_CREAT | O_RDWR;
2254 ltdb->kv_ops = &key_value_ops;
2256 /* note that we use quite a large default hash size */
2257 ltdb->tdb = ltdb_wrap_open(ltdb, path, 10000,
2258 tdb_flags, open_flags,
2259 ldb_get_create_perms(ldb), ldb);
2261 ldb_asprintf_errstring(ldb,
2262 "Unable to open tdb '%s': %s", path, strerror(errno));
2263 ldb_debug(ldb, LDB_DEBUG_ERROR,
2264 "Unable to open tdb '%s': %s", path, strerror(errno));
2266 if (errno == EACCES || errno == EPERM) {
2267 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
2269 return LDB_ERR_OPERATIONS_ERROR;
2272 return init_store(ltdb, "ldb_tdb backend", ldb, options, _module);