From 3e2c696e45b24b0192ab7b1ddaf1dd4d79571609 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 24 Sep 2006 02:49:04 +0000 Subject: r18866: Jeremy and Volker have given the go-ahead on the group mapping ldb code. Yay! This first commit copies lib/ldb/ from Samba4. A huge congratulations should go to Simo on this - he has put an enormous amount of work into ldb, and it's great to see it go into the Samba3 tree. (This used to be commit bbedf2e34315f5c420a3a05dfe22b1d5cf79f042) --- source3/lib/ldb/common/ldb.c | 1075 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1075 insertions(+) create mode 100644 source3/lib/ldb/common/ldb.c (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c new file mode 100644 index 0000000000..760a311383 --- /dev/null +++ b/source3/lib/ldb/common/ldb.c @@ -0,0 +1,1075 @@ +/* + ldb database library + + Copyright (C) Andrew Tridgell 2004 + Copyright (C) Simo Sorce 2005-2006 + + ** NOTE! The following LGPL license applies to the ldb + ** library. This does NOT imply that all of Samba is released + ** under the LGPL + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +*/ + +/* + * Name: ldb + * + * Component: ldb core API + * + * Description: core API routines interfacing to ldb backends + * + * Author: Andrew Tridgell + */ + +#include "includes.h" +#include "ldb/include/includes.h" + +/* + initialise a ldb context + The mem_ctx is optional +*/ +struct ldb_context *ldb_init(void *mem_ctx) +{ + struct ldb_context *ldb = talloc_zero(mem_ctx, struct ldb_context); + int ret; + + ret = ldb_setup_wellknown_attributes(ldb); + if (ret != 0) { + talloc_free(ldb); + return NULL; + } + + ldb_set_utf8_default(ldb); + + return ldb; +} + +static struct ldb_backend { + const char *name; + ldb_connect_fn connect_fn; + struct ldb_backend *prev, *next; +} *ldb_backends = NULL; + + +static ldb_connect_fn ldb_find_backend(const char *url) +{ + struct ldb_backend *backend; + + for (backend = ldb_backends; backend; backend = backend->next) { + if (strncmp(backend->name, url, strlen(backend->name)) == 0) { + return backend->connect_fn; + } + } + + return NULL; +} + +/* + register a new ldb backend +*/ +int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn) +{ + struct ldb_backend *backend = talloc(talloc_autofree_context(), struct ldb_backend); + + if (ldb_find_backend(url_prefix)) { + return LDB_SUCCESS; + } + + /* Maybe check for duplicity here later on? */ + + backend->name = talloc_strdup(backend, url_prefix); + backend->connect_fn = connectfn; + DLIST_ADD(ldb_backends, backend); + + return LDB_SUCCESS; +} + +/* + Return the ldb module form of a database. The URL can either be one of the following forms + ldb://path + ldapi://path + + flags is made up of LDB_FLG_* + + the options are passed uninterpreted to the backend, and are + backend specific. + + This allows modules to get at only the backend module, for example where a module + may wish to direct certain requests at a particular backend. +*/ +int ldb_connect_backend(struct ldb_context *ldb, const char *url, const char *options[], + struct ldb_module **backend_module) +{ + int ret; + char *backend; + ldb_connect_fn fn; + + if (strchr(url, ':') != NULL) { + backend = talloc_strndup(ldb, url, strchr(url, ':')-url); + } else { + /* Default to tdb */ + backend = talloc_strdup(ldb, "tdb"); + } + + fn = ldb_find_backend(backend); + + if (fn == NULL) { + if (ldb_try_load_dso(ldb, backend) == 0) { + fn = ldb_find_backend(backend); + } + } + + talloc_free(backend); + + if (fn == NULL) { + ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to find backend for '%s'\n", url); + return LDB_ERR_OTHER; + } + + ret = fn(ldb, url, ldb->flags, options, backend_module); + + if (ret != LDB_SUCCESS) { + ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to connect to '%s'\n", url); + return ret; + } + return ret; +} + +/* + try to autodetect a basedn if none specified. This fixes one of my + pet hates about ldapsearch, which is that you have to get a long, + complex basedn right to make any use of it. +*/ +static const struct ldb_dn *ldb_set_default_basedn(struct ldb_context *ldb) +{ + TALLOC_CTX *tmp_ctx; + int ret; + static const char *attrs[] = { "defaultNamingContext", NULL }; + struct ldb_result *res; + struct ldb_dn *basedn=NULL; + + basedn = ldb_get_opaque(ldb, "default_baseDN"); + if (basedn) { + return basedn; + } + + tmp_ctx = talloc_new(ldb); + ret = ldb_search(ldb, ldb_dn_new(tmp_ctx), LDB_SCOPE_BASE, + "(objectClass=*)", attrs, &res); + if (ret == LDB_SUCCESS) { + if (res->count == 1) { + basedn = ldb_msg_find_attr_as_dn(ldb, res->msgs[0], "defaultNamingContext"); + ldb_set_opaque(ldb, "default_baseDN", basedn); + } + talloc_free(res); + } + + talloc_free(tmp_ctx); + return basedn; +} + +const struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb) +{ + return ldb_get_opaque(ldb, "default_baseDN"); +} + +/* + connect to a database. The URL can either be one of the following forms + ldb://path + ldapi://path + + flags is made up of LDB_FLG_* + + the options are passed uninterpreted to the backend, and are + backend specific +*/ +int ldb_connect(struct ldb_context *ldb, const char *url, unsigned int flags, const char *options[]) +{ + int ret; + + ldb->flags = flags; + + ret = ldb_connect_backend(ldb, url, options, &ldb->modules); + if (ret != LDB_SUCCESS) { + return ret; + } + + if (ldb_load_modules(ldb, options) != LDB_SUCCESS) { + ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to load modules for '%s'\n", url); + return LDB_ERR_OTHER; + } + + /* TODO: get timeout from options if available there */ + ldb->default_timeout = 300; /* set default to 5 minutes */ + + /* set the default base dn */ + ldb_set_default_basedn(ldb); + + return LDB_SUCCESS; +} + +void ldb_set_errstring(struct ldb_context *ldb, const char *err_string) +{ + if (ldb->err_string) { + talloc_free(ldb->err_string); + } + ldb->err_string = talloc_strdup(ldb, err_string); +} + +void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...) +{ + va_list ap; + + if (ldb->err_string) { + talloc_free(ldb->err_string); + } + + va_start(ap, format); + ldb->err_string = talloc_vasprintf(ldb, format, ap); + va_end(ap); +} + +void ldb_reset_err_string(struct ldb_context *ldb) +{ + if (ldb->err_string) { + talloc_free(ldb->err_string); + ldb->err_string = NULL; + } +} + +#define FIRST_OP(ldb, op) do { \ + module = ldb->modules; \ + while (module && module->ops->op == NULL) module = module->next; \ + if (module == NULL) { \ + ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \ + return LDB_ERR_OPERATIONS_ERROR; \ + } \ +} while (0) + +/* + start a transaction +*/ +static int ldb_transaction_start_internal(struct ldb_context *ldb) +{ + struct ldb_module *module; + int status; + FIRST_OP(ldb, start_transaction); + + ldb_reset_err_string(ldb); + + status = module->ops->start_transaction(module); + if (status != LDB_SUCCESS) { + if (ldb->err_string == NULL) { + /* no error string was setup by the backend */ + ldb_asprintf_errstring(ldb, + "ldb transaction start: %s (%d)", + ldb_strerror(status), + status); + } + } + return status; +} + +/* + commit a transaction +*/ +static int ldb_transaction_commit_internal(struct ldb_context *ldb) +{ + struct ldb_module *module; + int status; + FIRST_OP(ldb, end_transaction); + + ldb_reset_err_string(ldb); + + status = module->ops->end_transaction(module); + if (status != LDB_SUCCESS) { + if (ldb->err_string == NULL) { + /* no error string was setup by the backend */ + ldb_asprintf_errstring(ldb, + "ldb transaction commit: %s (%d)", + ldb_strerror(status), + status); + } + } + return status; +} + +/* + cancel a transaction +*/ +static int ldb_transaction_cancel_internal(struct ldb_context *ldb) +{ + struct ldb_module *module; + int status; + FIRST_OP(ldb, del_transaction); + + status = module->ops->del_transaction(module); + if (status != LDB_SUCCESS) { + if (ldb->err_string == NULL) { + /* no error string was setup by the backend */ + ldb_asprintf_errstring(ldb, + "ldb transaction cancel: %s (%d)", + ldb_strerror(status), + status); + } + } + return status; +} + +int ldb_transaction_start(struct ldb_context *ldb) +{ + /* disable autotransactions */ + ldb->transaction_active++; + + return ldb_transaction_start_internal(ldb); +} + +int ldb_transaction_commit(struct ldb_context *ldb) +{ + /* renable autotransactions (when we reach 0) */ + if (ldb->transaction_active > 0) + ldb->transaction_active--; + + return ldb_transaction_commit_internal(ldb); +} + +int ldb_transaction_cancel(struct ldb_context *ldb) +{ + /* renable autotransactions (when we reach 0) */ + if (ldb->transaction_active > 0) + ldb->transaction_active--; + + return ldb_transaction_cancel_internal(ldb); +} + +static int ldb_autotransaction_start(struct ldb_context *ldb) +{ + /* explicit transaction active, ignore autotransaction request */ + if (ldb->transaction_active) + return LDB_SUCCESS; + + return ldb_transaction_start_internal(ldb); +} + +static int ldb_autotransaction_commit(struct ldb_context *ldb) +{ + /* explicit transaction active, ignore autotransaction request */ + if (ldb->transaction_active) + return LDB_SUCCESS; + + return ldb_transaction_commit_internal(ldb); +} + +static int ldb_autotransaction_cancel(struct ldb_context *ldb) +{ + /* explicit transaction active, ignore autotransaction request */ + if (ldb->transaction_active) + return LDB_SUCCESS; + + return ldb_transaction_cancel_internal(ldb); +} + +/* autostarts a transacion if none active */ +static int ldb_autotransaction_request(struct ldb_context *ldb, struct ldb_request *req) +{ + int ret; + + ret = ldb_autotransaction_start(ldb); + if (ret != LDB_SUCCESS) { + return ret; + } + + ret = ldb_request(ldb, req); + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req->handle, LDB_WAIT_ALL); + } + + if (ret == LDB_SUCCESS) { + return ldb_autotransaction_commit(ldb); + } + ldb_autotransaction_cancel(ldb); + + if (ldb->err_string == NULL) { + /* no error string was setup by the backend */ + ldb_asprintf_errstring(ldb, "%s (%d)", ldb_strerror(ret), ret); + } + + return ret; +} + +int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) +{ + if (!handle) { + return LDB_SUCCESS; + } + + return handle->module->ops->wait(handle, type); +} + +/* set the specified timeout or, if timeout is 0 set the default timeout */ +/* timeout == -1 means no timeout */ +int ldb_set_timeout(struct ldb_context *ldb, struct ldb_request *req, int timeout) +{ + if (req == NULL) return LDB_ERR_OPERATIONS_ERROR; + + if (timeout != 0) { + req->timeout = timeout; + } else { + req->timeout = ldb->default_timeout; + } + req->starttime = time(NULL); + + return LDB_SUCCESS; +} + +/* calculates the new timeout based on the previous starttime and timeout */ +int ldb_set_timeout_from_prev_req(struct ldb_context *ldb, struct ldb_request *oldreq, struct ldb_request *newreq) +{ + time_t now; + + if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR; + + now = time(NULL); + + if (oldreq == NULL) + return ldb_set_timeout(ldb, newreq, 0); + + if ((now - oldreq->starttime) > oldreq->timeout) { + return LDB_ERR_TIME_LIMIT_EXCEEDED; + } + newreq->starttime = oldreq->starttime; + newreq->timeout = oldreq->timeout - (now - oldreq->starttime); + + return LDB_SUCCESS; +} + +/* + start an ldb request + NOTE: the request must be a talloc context. + returns LDB_ERR_* on errors. +*/ +int ldb_request(struct ldb_context *ldb, struct ldb_request *req) +{ + struct ldb_module *module; + int ret; + + ldb_reset_err_string(ldb); + + /* call the first module in the chain */ + switch (req->operation) { + case LDB_SEARCH: + FIRST_OP(ldb, search); + ret = module->ops->search(module, req); + break; + case LDB_ADD: + FIRST_OP(ldb, add); + ret = module->ops->add(module, req); + break; + case LDB_MODIFY: + FIRST_OP(ldb, modify); + ret = module->ops->modify(module, req); + break; + case LDB_DELETE: + FIRST_OP(ldb, del); + ret = module->ops->del(module, req); + break; + case LDB_RENAME: + FIRST_OP(ldb, rename); + ret = module->ops->rename(module, req); + break; + case LDB_SEQUENCE_NUMBER: + FIRST_OP(ldb, sequence_number); + ret = module->ops->sequence_number(module, req); + break; + default: + FIRST_OP(ldb, request); + ret = module->ops->request(module, req); + break; + } + + return ret; +} + +/* + search the database given a LDAP-like search expression + + returns an LDB error code + + Use talloc_free to free the ldb_message returned in 'res', if successful + +*/ +static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares) +{ + struct ldb_result *res; + int n; + + if (!context) { + ldb_set_errstring(ldb, "NULL Context in callback"); + return LDB_ERR_OPERATIONS_ERROR; + } + + res = *((struct ldb_result **)context); + + if (!res || !ares) { + goto error; + } + + if (ares->type == LDB_REPLY_ENTRY) { + res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); + if (! res->msgs) { + goto error; + } + + res->msgs[res->count + 1] = NULL; + + res->msgs[res->count] = talloc_move(res->msgs, &ares->message); + res->count++; + } + + if (ares->type == LDB_REPLY_REFERRAL) { + if (res->refs) { + for (n = 0; res->refs[n]; n++) /*noop*/ ; + } else { + n = 0; + } + + res->refs = talloc_realloc(res, res->refs, char *, n + 2); + if (! res->refs) { + goto error; + } + + res->refs[n] = talloc_move(res->refs, &ares->referral); + res->refs[n + 1] = NULL; + } + + talloc_steal(res, ares->controls); + talloc_free(ares); + return LDB_SUCCESS; + +error: + talloc_free(ares); + talloc_free(res); + *((struct ldb_result **)context) = NULL; + return LDB_ERR_OPERATIONS_ERROR; +} + +int ldb_build_search_req(struct ldb_request **ret_req, + struct ldb_context *ldb, + void *mem_ctx, + const struct ldb_dn *base, + enum ldb_scope scope, + const char *expression, + const char * const *attrs, + struct ldb_control **controls, + void *context, + ldb_request_callback_t callback) +{ + struct ldb_request *req; + + *ret_req = NULL; + + req = talloc(mem_ctx, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_SEARCH; + if (base == NULL) { + req->op.search.base = ldb_dn_new(req); + } else { + req->op.search.base = base; + } + req->op.search.scope = scope; + + req->op.search.tree = ldb_parse_tree(req, expression); + if (req->op.search.tree == NULL) { + ldb_set_errstring(ldb, "Unable to parse search expression"); + talloc_free(req); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->op.search.attrs = attrs; + req->controls = controls; + req->context = context; + req->callback = callback; + + *ret_req = req; + return LDB_SUCCESS; +} + +int ldb_build_add_req(struct ldb_request **ret_req, + struct ldb_context *ldb, + void *mem_ctx, + struct ldb_message *message, + struct ldb_control **controls, + void *context, + ldb_request_callback_t callback) +{ + struct ldb_request *req; + + *ret_req = NULL; + + req = talloc(mem_ctx, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_ADD; + req->op.add.message = message; + req->controls = controls; + req->context = context; + req->callback = callback; + + *ret_req = req; + + return LDB_SUCCESS; +} + +int ldb_build_mod_req(struct ldb_request **ret_req, + struct ldb_context *ldb, + void *mem_ctx, + struct ldb_message *message, + struct ldb_control **controls, + void *context, + ldb_request_callback_t callback) +{ + struct ldb_request *req; + + *ret_req = NULL; + + req = talloc(mem_ctx, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_MODIFY; + req->op.mod.message = message; + req->controls = controls; + req->context = context; + req->callback = callback; + + *ret_req = req; + + return LDB_SUCCESS; +} + +int ldb_build_del_req(struct ldb_request **ret_req, + struct ldb_context *ldb, + void *mem_ctx, + struct ldb_dn *dn, + struct ldb_control **controls, + void *context, + ldb_request_callback_t callback) +{ + struct ldb_request *req; + + *ret_req = NULL; + + req = talloc(mem_ctx, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_DELETE; + req->op.del.dn = dn; + req->controls = controls; + req->context = context; + req->callback = callback; + + *ret_req = req; + + return LDB_SUCCESS; +} + +int ldb_build_rename_req(struct ldb_request **ret_req, + struct ldb_context *ldb, + void *mem_ctx, + struct ldb_dn *olddn, + struct ldb_dn *newdn, + struct ldb_control **controls, + void *context, + ldb_request_callback_t callback) +{ + struct ldb_request *req; + + *ret_req = NULL; + + req = talloc(mem_ctx, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_RENAME; + req->op.rename.olddn = olddn; + req->op.rename.newdn = newdn; + req->controls = controls; + req->context = context; + req->callback = callback; + + *ret_req = req; + + return LDB_SUCCESS; +} + +/* + note that ldb_search() will automatically replace a NULL 'base' value with the + defaultNamingContext from the rootDSE if available. +*/ +int ldb_search(struct ldb_context *ldb, + const struct ldb_dn *base, + enum ldb_scope scope, + const char *expression, + const char * const *attrs, + struct ldb_result **res) +{ + struct ldb_request *req; + int ret; + + *res = talloc_zero(ldb, struct ldb_result); + if (! *res) { + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = ldb_build_search_req(&req, ldb, ldb, + base?base:ldb_get_default_basedn(ldb), + scope, + expression, + attrs, + NULL, + res, + ldb_search_callback); + + if (ret != LDB_SUCCESS) goto done; + + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + ret = ldb_request(ldb, req); + + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req->handle, LDB_WAIT_ALL); + } + + talloc_free(req); + +done: + if (ret != LDB_SUCCESS) { + talloc_free(*res); + *res = NULL; + } + + return ret; +} + +/* + add a record to the database. Will fail if a record with the given class and key + already exists +*/ +int ldb_add(struct ldb_context *ldb, + const struct ldb_message *message) +{ + struct ldb_request *req; + int ret; + + ret = ldb_msg_sanity_check(ldb, message); + if (ret != LDB_SUCCESS) { + return ret; + } + + ret = ldb_build_add_req(&req, ldb, ldb, + message, + NULL, + NULL, + NULL); + + if (ret != LDB_SUCCESS) return ret; + + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + /* do request and autostart a transaction */ + ret = ldb_autotransaction_request(ldb, req); + + talloc_free(req); + return ret; +} + +/* + modify the specified attributes of a record +*/ +int ldb_modify(struct ldb_context *ldb, + const struct ldb_message *message) +{ + struct ldb_request *req; + int ret; + + ret = ldb_msg_sanity_check(ldb, message); + if (ret != LDB_SUCCESS) return ret; + + ret = ldb_build_mod_req(&req, ldb, ldb, + message, + NULL, + NULL, + NULL); + + if (ret != LDB_SUCCESS) return ret; + + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + /* do request and autostart a transaction */ + ret = ldb_autotransaction_request(ldb, req); + + talloc_free(req); + return ret; +} + + +/* + delete a record from the database +*/ +int ldb_delete(struct ldb_context *ldb, const struct ldb_dn *dn) +{ + struct ldb_request *req; + int ret; + + ret = ldb_build_del_req(&req, ldb, ldb, + dn, + NULL, + NULL, + NULL); + + if (ret != LDB_SUCCESS) return ret; + + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + /* do request and autostart a transaction */ + ret = ldb_autotransaction_request(ldb, req); + + talloc_free(req); + return ret; +} + +/* + rename a record in the database +*/ +int ldb_rename(struct ldb_context *ldb, const struct ldb_dn *olddn, const struct ldb_dn *newdn) +{ + struct ldb_request *req; + int ret; + + ret = ldb_build_rename_req(&req, ldb, ldb, + olddn, + newdn, + NULL, + NULL, + NULL); + + if (ret != LDB_SUCCESS) return ret; + + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + /* do request and autostart a transaction */ + ret = ldb_autotransaction_request(ldb, req); + + talloc_free(req); + return ret; +} + + +/* + return the global sequence number +*/ +int ldb_sequence_number(struct ldb_context *ldb, enum ldb_sequence_type type, uint64_t *seq_num) +{ + struct ldb_request *req; + int ret; + + req = talloc(ldb, struct ldb_request); + if (req == NULL) { + ldb_set_errstring(ldb, "Out of Memory"); + return LDB_ERR_OPERATIONS_ERROR; + } + + req->operation = LDB_SEQUENCE_NUMBER; + req->controls = NULL; + req->context = NULL; + req->callback = NULL; + ldb_set_timeout(ldb, req, 0); /* use default timeout */ + + req->op.seq_num.type = type; + /* do request and autostart a transaction */ + ret = ldb_request(ldb, req); + + if (ret == LDB_SUCCESS) { + *seq_num = req->op.seq_num.seq_num; + } + + talloc_free(req); + return ret; +} + + + +/* + return extended error information +*/ +const char *ldb_errstring(struct ldb_context *ldb) +{ + if (ldb->err_string) { + return ldb->err_string; + } + + return NULL; +} + +/* + return a string explaining what a ldb error constant meancs +*/ +const char *ldb_strerror(int ldb_err) +{ + switch (ldb_err) { + case LDB_SUCCESS: + return "Success"; + case LDB_ERR_OPERATIONS_ERROR: + return "Operations error"; + case LDB_ERR_PROTOCOL_ERROR: + return "Protocol error"; + case LDB_ERR_TIME_LIMIT_EXCEEDED: + return "Time limit exceeded"; + case LDB_ERR_SIZE_LIMIT_EXCEEDED: + return "Size limit exceeded"; + case LDB_ERR_COMPARE_FALSE: + return "Compare false"; + case LDB_ERR_COMPARE_TRUE: + return "Compare true"; + case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED: + return "Auth method not supported"; + case LDB_ERR_STRONG_AUTH_REQUIRED: + return "Strong auth required"; +/* 9 RESERVED */ + case LDB_ERR_REFERRAL: + return "Referral error"; + case LDB_ERR_ADMIN_LIMIT_EXCEEDED: + return "Admin limit exceeded"; + case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION: + return "Unsupported critical extension"; + case LDB_ERR_CONFIDENTIALITY_REQUIRED: + return "Confidentiality required"; + case LDB_ERR_SASL_BIND_IN_PROGRESS: + return "SASL bind in progress"; + case LDB_ERR_NO_SUCH_ATTRIBUTE: + return "No such attribute"; + case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE: + return "Undefined attribute type"; + case LDB_ERR_INAPPROPRIATE_MATCHING: + return "Inappropriate matching"; + case LDB_ERR_CONSTRAINT_VIOLATION: + return "Constraint violation"; + case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS: + return "Attribute or value exists"; + case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX: + return "Invalid attribute syntax"; +/* 22-31 unused */ + case LDB_ERR_NO_SUCH_OBJECT: + return "No such object"; + case LDB_ERR_ALIAS_PROBLEM: + return "Alias problem"; + case LDB_ERR_INVALID_DN_SYNTAX: + return "Invalid DN syntax"; +/* 35 RESERVED */ + case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM: + return "Alias dereferencing problem"; +/* 37-47 unused */ + case LDB_ERR_INAPPROPRIATE_AUTHENTICATION: + return "Inappropriate authentication"; + case LDB_ERR_INVALID_CREDENTIALS: + return "Invalid credentials"; + case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS: + return "insufficient access rights"; + case LDB_ERR_BUSY: + return "Busy"; + case LDB_ERR_UNAVAILABLE: + return "Unavailable"; + case LDB_ERR_UNWILLING_TO_PERFORM: + return "Unwilling to perform"; + case LDB_ERR_LOOP_DETECT: + return "Loop detect"; +/* 55-63 unused */ + case LDB_ERR_NAMING_VIOLATION: + return "Naming violation"; + case LDB_ERR_OBJECT_CLASS_VIOLATION: + return "Object class violation"; + case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF: + return "Not allowed on non-leaf"; + case LDB_ERR_NOT_ALLOWED_ON_RDN: + return "Not allowed on RDN"; + case LDB_ERR_ENTRY_ALREADY_EXISTS: + return "Entry already exists"; + case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED: + return "Object class mods prohibited"; +/* 70 RESERVED FOR CLDAP */ + case LDB_ERR_AFFECTS_MULTIPLE_DSAS: + return "Affects multiple DSAs"; +/* 72-79 unused */ + case LDB_ERR_OTHER: + return "Other"; + } + + return "Unknown error"; +} + +/* + set backend specific opaque parameters +*/ +int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value) +{ + struct ldb_opaque *o; + + /* allow updating an existing value */ + for (o=ldb->opaque;o;o=o->next) { + if (strcmp(o->name, name) == 0) { + o->value = value; + return LDB_SUCCESS; + } + } + + o = talloc(ldb, struct ldb_opaque); + if (o == NULL) { + ldb_oom(ldb); + return LDB_ERR_OTHER; + } + o->next = ldb->opaque; + o->name = name; + o->value = value; + ldb->opaque = o; + return LDB_SUCCESS; +} + +/* + get a previously set opaque value +*/ +void *ldb_get_opaque(struct ldb_context *ldb, const char *name) +{ + struct ldb_opaque *o; + for (o=ldb->opaque;o;o=o->next) { + if (strcmp(o->name, name) == 0) { + return o->value; + } + } + return NULL; +} -- cgit From ba68916c9a243f032c78e6c229b236901d6f8a1e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 25 Sep 2006 04:55:07 +0000 Subject: r18889: Add some const. What's the policy here? Should I do this in Samba4 as well? Volker (This used to be commit fd020a1998db7660ab093c136207df4fb09720cb) --- source3/lib/ldb/common/ldb.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 760a311383..eca550f0f2 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -613,7 +613,7 @@ int ldb_build_search_req(struct ldb_request **ret_req, int ldb_build_add_req(struct ldb_request **ret_req, struct ldb_context *ldb, void *mem_ctx, - struct ldb_message *message, + const struct ldb_message *message, struct ldb_control **controls, void *context, ldb_request_callback_t callback) @@ -642,7 +642,7 @@ int ldb_build_add_req(struct ldb_request **ret_req, int ldb_build_mod_req(struct ldb_request **ret_req, struct ldb_context *ldb, void *mem_ctx, - struct ldb_message *message, + const struct ldb_message *message, struct ldb_control **controls, void *context, ldb_request_callback_t callback) @@ -671,7 +671,7 @@ int ldb_build_mod_req(struct ldb_request **ret_req, int ldb_build_del_req(struct ldb_request **ret_req, struct ldb_context *ldb, void *mem_ctx, - struct ldb_dn *dn, + const struct ldb_dn *dn, struct ldb_control **controls, void *context, ldb_request_callback_t callback) @@ -700,8 +700,8 @@ int ldb_build_del_req(struct ldb_request **ret_req, int ldb_build_rename_req(struct ldb_request **ret_req, struct ldb_context *ldb, void *mem_ctx, - struct ldb_dn *olddn, - struct ldb_dn *newdn, + const struct ldb_dn *olddn, + const struct ldb_dn *newdn, struct ldb_control **controls, void *context, ldb_request_callback_t callback) -- cgit From 0cc2cee8d5ccd95cd4cd10a060e2b3e703b6fba1 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 27 Sep 2006 03:34:50 +0000 Subject: r18939: don't rely on the umask being right in ldb creation. Both Samba3 and Samba4 smbd force the umask to 0, which meant we ended up with ldb being world writable. This isn't really an ideal fix, as it means ldb no longer honors umask (as it should do, like all good libraries). Unfortunately the 'proper' fix is too complex for now this also merges a tiny code style fix from s4 to s3 (This used to be commit dd8ec8725f168f4286bbfc00d69cd56089ba3543) --- source3/lib/ldb/common/ldb.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index eca550f0f2..00bf5e79ba 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -819,7 +819,9 @@ int ldb_modify(struct ldb_context *ldb, int ret; ret = ldb_msg_sanity_check(ldb, message); - if (ret != LDB_SUCCESS) return ret; + if (ret != LDB_SUCCESS) { + return ret; + } ret = ldb_build_mod_req(&req, ldb, ldb, message, -- cgit From fd1cf23567566b65cdeecdbc04f58f29e29edd79 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 6 Oct 2006 14:39:47 +0000 Subject: r19132: Fix some C++ warnings. Is there interest to have them in Samba4 as well? I have some problems resolving the last 3 ones in attrib_handlers.c. In line 251 the function ldb_dn_explode_casefold is called with mem_ctx as the first argument. Looking at ldb_dn_explode_casefold I see that the first argument it expects is a struct ldb_context. I could certainly add a cast to (struct ldb_context *) to that call, but I would assume that this is the wrong fix. Is it possible that attrib_handlers.c:251 and :254 should have ldb and not mem_ctx as the first argument? Can anybody from Samba4 clarify this for me and apply the correct fix? Thanks a lot. Volker (This used to be commit 26f2cb71ebf00b2c6f356da5f32384f7fa083521) --- source3/lib/ldb/common/ldb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 00bf5e79ba..b54febf208 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -160,7 +160,7 @@ static const struct ldb_dn *ldb_set_default_basedn(struct ldb_context *ldb) struct ldb_result *res; struct ldb_dn *basedn=NULL; - basedn = ldb_get_opaque(ldb, "default_baseDN"); + basedn = (struct ldb_dn *)ldb_get_opaque(ldb, "default_baseDN"); if (basedn) { return basedn; } @@ -182,7 +182,7 @@ static const struct ldb_dn *ldb_set_default_basedn(struct ldb_context *ldb) const struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb) { - return ldb_get_opaque(ldb, "default_baseDN"); + return (const struct ldb_dn *)ldb_get_opaque(ldb, "default_baseDN"); } /* -- cgit From 617c39ab5ffbefcd7d0536c72ffbb0c36ce04215 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 9 Oct 2006 07:05:08 +0000 Subject: r19182: merge from samba4: add ldb_set_create_perms() function to set the create_perms after ldb_init() and before ldb_connect() metze (This used to be commit dd9d469eef337954b6aee4c86ac0691f52812456) --- source3/lib/ldb/common/ldb.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index b54febf208..28d1c7235a 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -52,6 +52,7 @@ struct ldb_context *ldb_init(void *mem_ctx) } ldb_set_utf8_default(ldb); + ldb_set_create_perms(ldb, 0666); return ldb; } @@ -455,6 +456,16 @@ int ldb_set_timeout_from_prev_req(struct ldb_context *ldb, struct ldb_request *o return LDB_SUCCESS; } + +/* + set the permissions for new files to be passed to open() in + backends that use local files + */ +void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms) +{ + ldb->create_perms = perms; +} + /* start an ldb request NOTE: the request must be a talloc context. -- cgit From 7a390a0dabcdadb30196662b6cdec512bf81dcb4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 21 Oct 2006 00:10:19 +0000 Subject: r19430: merge recent ldb changes from Samba4. This includes memory leak fixes and significant speedups (This used to be commit bb5c205fef90aa8b89ba400fb9f2f37a111676a8) --- source3/lib/ldb/common/ldb.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 28d1c7235a..7648abf795 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -208,7 +208,8 @@ int ldb_connect(struct ldb_context *ldb, const char *url, unsigned int flags, co } if (ldb_load_modules(ldb, options) != LDB_SUCCESS) { - ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to load modules for '%s'\n", url); + ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to load modules for %s: %s\n", + url, ldb_errstring(ldb)); return LDB_ERR_OTHER; } @@ -536,8 +537,9 @@ static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ld if (!res || !ares) { goto error; } - - if (ares->type == LDB_REPLY_ENTRY) { + + switch (ares->type) { + case LDB_REPLY_ENTRY: res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); if (! res->msgs) { goto error; @@ -547,9 +549,8 @@ static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ld res->msgs[res->count] = talloc_move(res->msgs, &ares->message); res->count++; - } - - if (ares->type == LDB_REPLY_REFERRAL) { + break; + case LDB_REPLY_REFERRAL: if (res->refs) { for (n = 0; res->refs[n]; n++) /*noop*/ ; } else { @@ -563,8 +564,11 @@ static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ld res->refs[n] = talloc_move(res->refs, &ares->referral); res->refs[n + 1] = NULL; + case LDB_REPLY_DONE: + /* Should do something here to detect if this never + * happens */ + break; } - talloc_steal(res, ares->controls); talloc_free(ares); return LDB_SUCCESS; -- cgit From 866a3b6e40952193d5bcd812ec7079cf7434e600 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 15 Nov 2006 17:34:20 +0000 Subject: r19725: sync samba3's ldb with samba4 metze (This used to be commit 207643e9c9c75546f38a09f12ea0b574b08086c5) --- source3/lib/ldb/common/ldb.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 7648abf795..9e0ee6ebca 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -522,7 +522,7 @@ int ldb_request(struct ldb_context *ldb, struct ldb_request *req) Use talloc_free to free the ldb_message returned in 'res', if successful */ -static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares) +int ldb_search_default_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares) { struct ldb_result *res; int n; @@ -532,12 +532,13 @@ static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ld return LDB_ERR_OPERATIONS_ERROR; } - res = *((struct ldb_result **)context); + res = talloc_get_type(context, struct ldb_result); if (!res || !ares) { + ldb_set_errstring(ldb, "NULL res or ares in callback"); goto error; } - + switch (ares->type) { case LDB_REPLY_ENTRY: res->msgs = talloc_realloc(res, res->msgs, struct ldb_message *, res->count + 2); @@ -564,19 +565,17 @@ static int ldb_search_callback(struct ldb_context *ldb, void *context, struct ld res->refs[n] = talloc_move(res->refs, &ares->referral); res->refs[n + 1] = NULL; + case LDB_REPLY_EXTENDED: case LDB_REPLY_DONE: - /* Should do something here to detect if this never - * happens */ + /* TODO: we should really support controls on entries and referrals too! */ + res->controls = talloc_move(res, &ares->controls); break; } - talloc_steal(res, ares->controls); talloc_free(ares); return LDB_SUCCESS; error: talloc_free(ares); - talloc_free(res); - *((struct ldb_result **)context) = NULL; return LDB_ERR_OPERATIONS_ERROR; } @@ -752,16 +751,19 @@ int ldb_search(struct ldb_context *ldb, enum ldb_scope scope, const char *expression, const char * const *attrs, - struct ldb_result **res) + struct ldb_result **_res) { struct ldb_request *req; int ret; + struct ldb_result *res; + + *_res = NULL; - *res = talloc_zero(ldb, struct ldb_result); - if (! *res) { + res = talloc_zero(ldb, struct ldb_result); + if (!res) { return LDB_ERR_OPERATIONS_ERROR; } - + ret = ldb_build_search_req(&req, ldb, ldb, base?base:ldb_get_default_basedn(ldb), scope, @@ -769,7 +771,7 @@ int ldb_search(struct ldb_context *ldb, attrs, NULL, res, - ldb_search_callback); + ldb_search_default_callback); if (ret != LDB_SUCCESS) goto done; @@ -785,10 +787,10 @@ int ldb_search(struct ldb_context *ldb, done: if (ret != LDB_SUCCESS) { - talloc_free(*res); - *res = NULL; + talloc_free(res); } + *_res = res; return ret; } -- cgit From 1710dd1fe248ff82613e50ebb97be079e4f31bf4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 5 Dec 2006 06:25:12 +0000 Subject: r20036: Merge ldb_search_exp_fmt -- Thanks simo (This used to be commit fa6fa1268b33334d17869d0f096cf7600e88f993) --- source3/lib/ldb/common/ldb.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 9e0ee6ebca..512ad84efa 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -794,6 +794,45 @@ done: return ret; } +/* + a useful search function where you can easily define the expression and that + takes a memory context where results are allocated +*/ + +int ldb_search_exp_fmt(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_result **result, + struct ldb_dn *base, enum ldb_scope scope, const char * const *attrs, + const char *exp_fmt, ...) +{ + struct ldb_result *res; + char *expression; + va_list ap; + int ret; + + res = NULL; + *result = NULL; + + va_start(ap, exp_fmt); + expression = talloc_vasprintf(mem_ctx, exp_fmt, ap); + va_end(ap); + + if ( ! expression) { + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = ldb_search(ldb, base, scope, expression, attrs, &res); + + if (ret == LDB_SUCCESS) { + talloc_steal(mem_ctx, res); + *result = res; + } else { + talloc_free(res); + } + + talloc_free(expression); + + return ret; +} + /* add a record to the database. Will fail if a record with the given class and key already exists -- cgit From 2c09988e46d4e917b1c53c9bda3f81a48bba4952 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 01:44:42 +0000 Subject: r23790: LGPLv3+ conversion for our LGPLv2+ library code (This used to be commit 1b78cace504f60c0f525765fbf59d9cc6506cd4d) --- source3/lib/ldb/common/ldb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 512ad84efa..8a1003886a 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -11,7 +11,7 @@ This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. + version 3 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of -- cgit From 9fa1c63578733077c0aaaeeb2fc97c3b191089cc Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 03:42:26 +0000 Subject: r23798: updated old Temple Place FSF addresses to new URL (This used to be commit c676a971142d7176fd5dbf21405fca14515a0a76) --- source3/lib/ldb/common/ldb.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 8a1003886a..e469c49399 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -19,8 +19,7 @@ Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + License along with this library; if not, see . */ /* -- cgit From dee5f093570a6586f4cf6d9dec4b002c33160862 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Wed, 27 Aug 2008 13:23:20 +0200 Subject: ldb: Fix permissions of new ldg files. This one fixes together with 2eaf4ed62 bug #5715 and CVE-2008-3789. Thanks to Steve Langasek for reporting! Karolin (cherry picked from commit b666d0a4b597218f5f5020bf36d80d84dcbf7259) (This used to be commit 73f54df7fedc8f0db022f902100fd5eb1b629fb2) --- source3/lib/ldb/common/ldb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/ldb/common/ldb.c') diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index e469c49399..743711b967 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -51,7 +51,7 @@ struct ldb_context *ldb_init(void *mem_ctx) } ldb_set_utf8_default(ldb); - ldb_set_create_perms(ldb, 0666); + ldb_set_create_perms(ldb, 0600); return ldb; } -- cgit