search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:utils: Fix 'Usage:' for 'net ads enctypes'
[samba4-gss.git] / lib / ldb / common / ldb_modules.c
blob08d251f9bdd62f41b3d15ef00fa953971c70fcad
1 /*
2 ldb database library
3
4 Copyright (C) Simo Sorce 2004-2008
5
6 ** NOTE! The following LGPL license applies to the ldb
7 ** library. This does NOT imply that all of Samba is released
8 ** under the LGPL
9
10 This library is free software; you can redistribute it and/or
11 modify it under the terms of the GNU Lesser General Public
12 License as published by the Free Software Foundation; either
13 version 3 of the License, or (at your option) any later version.
14
15 This library is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public
21 License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24 /*
25 * Name: ldb
26 *
27 * Component: ldb modules core
28 *
29 * Description: core modules routines
30 *
31 * Author: Simo Sorce
32 */
33
34 #include "ldb_private.h"
35 #include "dlinklist.h"
36 #include "system/dir.h"
37
38 static char *ldb_modules_strdup_no_spaces(TALLOC_CTX *mem_ctx, const char *string)
39 {
40 size_t i, len;
41 char *trimmed;
42
43 trimmed = talloc_strdup(mem_ctx, string);
44 if (!trimmed) {
45 return NULL;
46 }
47
48 len = strlen(trimmed);
49 for (i = 0; trimmed[i] != '\0'; i++) {
50 switch (trimmed[i]) {
51 case ' ':
52 case '\t':
53 case '\n':
54 memmove(&trimmed[i], &trimmed[i + 1], len -i -1);
55 break;
56 }
57 }
58
59 return trimmed;
60 }
61
62
63 /* modules are called in inverse order on the stack.
64 Lets place them as an admin would think the right order is.
65 Modules order is important */
66 const char **ldb_modules_list_from_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *string)
67 {
68 char **modules = NULL;
69 const char **m;
70 char *modstr, *p;
71 unsigned int i;
72
73 /* spaces not admitted */
74 modstr = ldb_modules_strdup_no_spaces(mem_ctx, string);
75 if ( ! modstr) {
76 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_strdup_no_spaces()");
77 return NULL;
78 }
79
80 modules = talloc_realloc(mem_ctx, modules, char *, 2);
81 if ( ! modules ) {
82 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
83 talloc_free(modstr);
84 return NULL;
85 }
86 talloc_steal(modules, modstr);
87
88 if (modstr[0] == '\0') {
89 modules[0] = NULL;
90 m = discard_const_p(const char *, modules);
91 return m;
92 }
93
94 i = 0;
95 /* The str*r*chr walks backwards: This is how we get the inverse order mentioned above */
96 while ((p = strrchr(modstr, ',')) != NULL) {
97 *p = '\0';
98 p++;
99 modules[i] = p;
100
101 i++;
102 modules = talloc_realloc(mem_ctx, modules, char *, i + 2);
103 if ( ! modules ) {
104 ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
105 return NULL;
106 }
107
108 }
109 modules[i] = modstr;
110
111 modules[i + 1] = NULL;
112
113 m = discard_const_p(const char *, modules);
114
115 return m;
116 }
117
118 static struct backends_list_entry {
119 struct ldb_backend_ops *ops;
120 struct backends_list_entry *prev, *next;
121 } *ldb_backends = NULL;
122
123 static struct ops_list_entry {
124 const struct ldb_module_ops *ops;
125 struct ops_list_entry *next;
126 } *registered_modules = NULL;
127
128 static struct backends_list_entry *ldb_find_backend(const char *url_prefix)
129 {
130 struct backends_list_entry *backend;
131
132 for (backend = ldb_backends; backend; backend = backend->next) {
133 if (strcmp(backend->ops->name, url_prefix) == 0) {
134 return backend;
135 }
136 }
137
138 return NULL;
139 }
140
141 /*
142 register a new ldb backend
143
144 if override is true, then override any existing backend for this prefix
145 */
146 int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn, bool override)
147 {
148 struct backends_list_entry *be;
149
150 be = ldb_find_backend(url_prefix);
151 if (be) {
152 if (!override) {
153 return LDB_SUCCESS;
154 }
155 } else {
156 be = talloc_zero(ldb_backends, struct backends_list_entry);
157 if (!be) {
158 return LDB_ERR_OPERATIONS_ERROR;
159 }
160 be->ops = talloc_zero(be, struct ldb_backend_ops);
161 if (!be->ops) {
162 talloc_free(be);
163 return LDB_ERR_OPERATIONS_ERROR;
164 }
165 DLIST_ADD_END(ldb_backends, be);
166 }
167
168 be->ops->name = url_prefix;
169 be->ops->connect_fn = connectfn;
170
171 return LDB_SUCCESS;
172 }
173
174 /*
175 Return the ldb module form of a database.
176 The URL looks something like this:
177 tdb://PATH
178 ldb://PATH
179 mdb://PATH
180 ldapi://PATH
181 PATH (unadorned PATH defaults to tdb://)
182
183 for a complete list of backends (including possibly unmaintained ones) grep
184 for calls to ldb_register_backend().
185
186 the options are passed uninterpreted to the backend, and are
187 backend specific.
188
189 This allows modules to get at only the backend module, for example where a
190 module may wish to direct certain requests at a particular backend.
191 */
192 int ldb_module_connect_backend(struct ldb_context *ldb,
193 const char *url,
194 const char *options[],
195 struct ldb_module **backend_module)
196 {
197 int ret;
198 char *backend;
199 struct backends_list_entry *be;
200 char *colon = NULL;
201
202 colon = strchr(url, ':');
203 if (colon != NULL) {
204 backend = talloc_strndup(ldb, url, colon-url);
205 } else {
206 /* Default to tdb */
207 backend = talloc_strdup(ldb, "tdb");
208 }
209 if (backend == NULL) {
210 return ldb_oom(ldb);
211 }
212
213 be = ldb_find_backend(backend);
214
215 talloc_free(backend);
216
217 if (be == NULL) {
218 ldb_debug(ldb, LDB_DEBUG_FATAL,
219 "Unable to find backend for '%s' - do you need to set LDB_MODULES_PATH?", url);
220 return LDB_ERR_OTHER;
221 }
222
223 ret = be->ops->connect_fn(ldb, url, ldb->flags, options, backend_module);
224
225 if (ret != LDB_SUCCESS) {
226 ldb_debug(ldb, LDB_DEBUG_ERROR,
227 "Failed to connect to '%s' with backend '%s': %s", url, be->ops->name, ldb_errstring(ldb));
228 return ret;
229 }
230 return ret;
231 }
232
233 static struct ldb_hooks {
234 struct ldb_hooks *next, *prev;
235 ldb_hook_fn hook_fn;
236 } *ldb_hooks;
237
238 /*
239 register a ldb hook function
240 */
241 int ldb_register_hook(ldb_hook_fn hook_fn)
242 {
243 struct ldb_hooks *lc;
244 lc = talloc_zero(ldb_hooks, struct ldb_hooks);
245 if (lc == NULL) {
246 return LDB_ERR_OPERATIONS_ERROR;
247 }
248 lc->hook_fn = hook_fn;
249 DLIST_ADD_END(ldb_hooks, lc);
250 return LDB_SUCCESS;
251 }
252
253 /*
254 call ldb hooks of a given type
255 */
256 int ldb_modules_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
257 {
258 struct ldb_hooks *lc;
259 for (lc = ldb_hooks; lc; lc=lc->next) {
260 int ret = lc->hook_fn(ldb, t);
261 if (ret != LDB_SUCCESS) {
262 return ret;
263 }
264 }
265 return LDB_SUCCESS;
266 }
267
268
269 static const struct ldb_module_ops *ldb_find_module_ops(const char *name)
270 {
271 struct ops_list_entry *e;
272
273 for (e = registered_modules; e; e = e->next) {
274 if (strcmp(e->ops->name, name) == 0)
275 return e->ops;
276 }
277
278 return NULL;
279 }
280
281
282 int ldb_register_module(const struct ldb_module_ops *ops)
283 {
284 struct ops_list_entry *entry;
285
286 if (ldb_find_module_ops(ops->name) != NULL)
287 return LDB_ERR_ENTRY_ALREADY_EXISTS;
288
289 /*
290 * ldb modules are not (yet) unloaded and
291 * are only loaded once (the above check
292 * makes sure of this). Allocate off the NULL
293 * context. We never want this to be freed
294 * until process shutdown. If eventually we
295 * want to unload ldb modules we can add a
296 * deregister function that walks and
297 * frees the list.
298 */
299 entry = talloc(NULL, struct ops_list_entry);
300 if (entry == NULL) {
301 return LDB_ERR_OPERATIONS_ERROR;
302 }
303
304 entry->ops = ops;
305 entry->next = registered_modules;
306 registered_modules = entry;
307
308 return LDB_SUCCESS;
309 }
310
311 /*
312 load a list of modules
313 */
314 int ldb_module_load_list(struct ldb_context *ldb, const char **module_list,
315 struct ldb_module *backend, struct ldb_module **out)
316 {
317 struct ldb_module *module;
318 unsigned int i;
319
320 module = backend;
321
322 for (i = 0; module_list && module_list[i] != NULL; i++) {
323 struct ldb_module *current;
324 const struct ldb_module_ops *ops;
325
326 if (strcmp(module_list[i], "") == 0) {
327 continue;
328 }
329
330 ops = ldb_find_module_ops(module_list[i]);
331
332 if (ops == NULL) {
333 ldb_debug(ldb, LDB_DEBUG_FATAL, "WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?",
334 module_list[i]);
335 return LDB_ERR_OPERATIONS_ERROR;
336 }
337
338 current = talloc_zero(ldb, struct ldb_module);
339 if (current == NULL) {
340 return LDB_ERR_OPERATIONS_ERROR;
341 }
342 talloc_set_name(current, "ldb_module: %s", module_list[i]);
343
344 current->ldb = ldb;
345 current->ops = ops;
346
347 DLIST_ADD(module, current);
348 }
349 *out = module;
350 return LDB_SUCCESS;
351 }
352
353 /*
354 initialise a chain of modules
355 */
356 int ldb_module_init_chain(struct ldb_context *ldb, struct ldb_module *module)
357 {
358 while (module && module->ops->init_context == NULL)
359 module = module->next;
360
361 /* init is different in that it is not an error if modules
362 * do not require initialization */
363
364 if (module) {
365 int ret = module->ops->init_context(module);
366 if (ret != LDB_SUCCESS) {
367 ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed : %s",
368 module->ops->name, ldb_strerror(ret));
369 return ret;
370 }
371 }
372
373 return LDB_SUCCESS;
374 }
375
376 int ldb_load_modules(struct ldb_context *ldb, const char *options[])
377 {
378 const char *modules_string;
379 const char **modules = NULL;
380 int ret;
381 TALLOC_CTX *mem_ctx = talloc_new(ldb);
382 if (!mem_ctx) {
383 return ldb_oom(ldb);
384 }
385
386 /* find out which modules we are requested to activate */
387
388 /* check if we have a custom module list passd as ldb option */
389 if (options) {
390 modules_string = ldb_options_find(ldb, options, "modules");
391 if (modules_string) {
392 modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
393 }
394 }
395
396 /* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
397 if ((modules == NULL) && (strcmp("ldap", ldb->modules->ops->name) != 0)) {
398 const char * const attrs[] = { "@LIST" , NULL};
399 struct ldb_result *res = NULL;
400 struct ldb_dn *mods_dn;
401
402 mods_dn = ldb_dn_new(mem_ctx, ldb, "@MODULES");
403 if (mods_dn == NULL) {
404 talloc_free(mem_ctx);
405 return ldb_oom(ldb);
406 }
407
408 ret = ldb_search(ldb, mods_dn, &res, mods_dn, LDB_SCOPE_BASE, attrs, "@LIST=*");
409
410 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
411 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
412 } else if (ret != LDB_SUCCESS) {
413 ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for modules, bailing out", ldb_errstring(ldb));
414 talloc_free(mem_ctx);
415 return ret;
416 } else {
417 const char *module_list;
418 if (res->count == 0) {
419 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
420 } else if (res->count > 1) {
421 ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found (%u), bailing out", res->count);
422 talloc_free(mem_ctx);
423 return LDB_ERR_OPERATIONS_ERROR;
424 } else {
425 module_list = ldb_msg_find_attr_as_string(res->msgs[0], "@LIST", NULL);
426 if (!module_list) {
427 ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
428 }
429 modules = ldb_modules_list_from_string(ldb, mem_ctx,
430 module_list);
431 }
432 }
433
434 talloc_free(mods_dn);
435 }
436
437 if (modules != NULL) {
438 ret = ldb_module_load_list(ldb, modules, ldb->modules, &ldb->modules);
439 if (ret != LDB_SUCCESS) {
440 talloc_free(mem_ctx);
441 return ret;
442 }
443 } else {
444 ldb_debug(ldb, LDB_DEBUG_TRACE, "No modules specified for this database");
445 }
446
447 ret = ldb_module_init_chain(ldb, ldb->modules);
448 talloc_free(mem_ctx);
449 return ret;
450 }
451
452 /*
453 by using this we allow ldb modules to only implement the functions they care about,
454 which makes writing a module simpler, and makes it more likely to keep working
455 when ldb is extended
456 */
457 #define FIND_OP_NOERR(module, op) do { \
458 module = module->next; \
459 while (module && module->ops->op == NULL) module = module->next; \
460 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) { \
461 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_trace_next_request: (%s)->" #op, \
462 module->ops->name); \
463 } \
464 } while (0)
465
466 #define FIND_OP(module, op) do { \
467 struct ldb_context *ldb = module->ldb; \
468 FIND_OP_NOERR(module, op); \
469 if (module == NULL) { \
470 ldb_asprintf_errstring(ldb, "Unable to find backend operation for " #op ); \
471 return LDB_ERR_OPERATIONS_ERROR; \
472 } \
473 } while (0)
474
475
476 struct ldb_module *ldb_module_new(TALLOC_CTX *memctx,
477 struct ldb_context *ldb,
478 const char *module_name,
479 const struct ldb_module_ops *ops)
480 {
481 struct ldb_module *module;
482
483 module = talloc(memctx, struct ldb_module);
484 if (!module) {
485 ldb_oom(ldb);
486 return NULL;
487 }
488 talloc_set_name_const(module, module_name);
489 module->ldb = ldb;
490 module->prev = module->next = NULL;
491 module->ops = ops;
492
493 return module;
494 }
495
496 const char * ldb_module_get_name(struct ldb_module *module)
497 {
498 return module->ops->name;
499 }
500
501 struct ldb_context *ldb_module_get_ctx(struct ldb_module *module)
502 {
503 return module->ldb;
504 }
505
506 const struct ldb_module_ops *ldb_module_get_ops(struct ldb_module *module)
507 {
508 return module->ops;
509 }
510
511 void *ldb_module_get_private(struct ldb_module *module)
512 {
513 return module->private_data;
514 }
515
516 void ldb_module_set_private(struct ldb_module *module, void *private_data)
517 {
518 module->private_data = private_data;
519 }
520
521 /*
522 helper functions to call the next module in chain
523 */
524
525 int ldb_next_request(struct ldb_module *module, struct ldb_request *request)
526 {
527 int ret;
528
529 if (request->callback == NULL) {
530 ldb_set_errstring(module->ldb, "Requests MUST define callbacks");
531 return LDB_ERR_UNWILLING_TO_PERFORM;
532 }
533
534 request->handle->nesting++;
535
536 switch (request->operation) {
537 case LDB_SEARCH:
538 FIND_OP(module, search);
539 ret = module->ops->search(module, request);
540 break;
541 case LDB_ADD:
542 FIND_OP(module, add);
543 ret = module->ops->add(module, request);
544 break;
545 case LDB_MODIFY:
546 FIND_OP(module, modify);
547 ret = module->ops->modify(module, request);
548 break;
549 case LDB_DELETE:
550 FIND_OP(module, del);
551 ret = module->ops->del(module, request);
552 break;
553 case LDB_RENAME:
554 FIND_OP(module, rename);
555 ret = module->ops->rename(module, request);
556 break;
557 case LDB_EXTENDED:
558 FIND_OP(module, extended);
559 ret = module->ops->extended(module, request);
560 break;
561 default:
562 FIND_OP(module, request);
563 ret = module->ops->request(module, request);
564 break;
565 }
566
567 request->handle->nesting--;
568
569 if (ret == LDB_SUCCESS) {
570 return ret;
571 }
572 if (!ldb_errstring(module->ldb)) {
573 const char *op;
574 switch (request->operation) {
575 case LDB_SEARCH:
576 op = "LDB_SEARCH";
577 break;
578 case LDB_ADD:
579 op = "LDB_ADD";
580 break;
581 case LDB_MODIFY:
582 op = "LDB_MODIFY";
583 break;
584 case LDB_DELETE:
585 op = "LDB_DELETE";
586 break;
587 case LDB_RENAME:
588 op = "LDB_RENAME";
589 break;
590 case LDB_EXTENDED:
591 op = "LDB_EXTENDED";
592 break;
593 default:
594 op = "request";
595 break;
596 }
597
598 /* Set a default error string, to place the blame somewhere */
599 ldb_asprintf_errstring(module->ldb, "error in module %s: %s during %s (%d)", module->ops->name, ldb_strerror(ret), op, ret);
600 }
601
602 if (!(request->handle->flags & LDB_HANDLE_FLAG_DONE_CALLED)) {
603 /* It is _extremely_ common that a module returns a
604 * failure without calling ldb_module_done(), but that
605 * guarantees we will end up hanging in
606 * ldb_wait(). This fixes it without having to rewrite
607 * all our modules, and leaves us one less sharp
608 * corner for module developers to cut themselves on
609 */
610 ret = ldb_module_done(request, NULL, NULL, ret);
611 }
612 return ret;
613 }
614
615 int ldb_next_init(struct ldb_module *module)
616 {
617 module = module->next;
618
619 return ldb_module_init_chain(module->ldb, module);
620 }
621
622 int ldb_next_start_trans(struct ldb_module *module)
623 {
624 int ret;
625 FIND_OP(module, start_transaction);
626 ret = module->ops->start_transaction(module);
627 if (ret == LDB_SUCCESS) {
628 return ret;
629 }
630 if (!ldb_errstring(module->ldb)) {
631 /* Set a default error string, to place the blame somewhere */
632 ldb_asprintf_errstring(module->ldb, "start_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
633 }
634 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
635 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_start_trans error: %s",
636 ldb_errstring(module->ldb));
637 }
638 return ret;
639 }
640
641 int ldb_next_end_trans(struct ldb_module *module)
642 {
643 int ret;
644 FIND_OP(module, end_transaction);
645 ret = module->ops->end_transaction(module);
646 if (ret == LDB_SUCCESS) {
647 return ret;
648 }
649 if (!ldb_errstring(module->ldb)) {
650 /* Set a default error string, to place the blame somewhere */
651 ldb_asprintf_errstring(module->ldb, "end_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
652 }
653 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
654 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_end_trans error: %s",
655 ldb_errstring(module->ldb));
656 }
657 return ret;
658 }
659
660 int ldb_next_read_lock(struct ldb_module *module)
661 {
662 int ret;
663 FIND_OP(module, read_lock);
664 ret = module->ops->read_lock(module);
665 if (ret == LDB_SUCCESS) {
666 return ret;
667 }
668 if (!ldb_errstring(module->ldb)) {
669 /* Set a default error string, to place the blame somewhere */
670 ldb_asprintf_errstring(module->ldb,
671 "read_lock error in module %s: %s (%d)",
672 module->ops->name, ldb_strerror(ret),
673 ret);
674 }
675 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
676 ldb_debug(module->ldb, LDB_DEBUG_TRACE,
677 "ldb_next_read_lock error: %s",
678 ldb_errstring(module->ldb));
679 }
680 return ret;
681 }
682
683 int ldb_next_read_unlock(struct ldb_module *module)
684 {
685 int ret;
686 FIND_OP(module, read_unlock);
687 ret = module->ops->read_unlock(module);
688 if (ret == LDB_SUCCESS) {
689 return ret;
690 }
691 if (!ldb_errstring(module->ldb)) {
692 /* Set a default error string, to place the blame somewhere */
693 ldb_asprintf_errstring(module->ldb,
694 "read_unlock error in module %s: %s (%d)",
695 module->ops->name, ldb_strerror(ret),
696 ret);
697 }
698 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
699 ldb_debug(module->ldb, LDB_DEBUG_TRACE,
700 "ldb_next_read_unlock error: %s",
701 ldb_errstring(module->ldb));
702 }
703 return ret;
704 }
705
706 int ldb_next_prepare_commit(struct ldb_module *module)
707 {
708 int ret;
709 FIND_OP_NOERR(module, prepare_commit);
710 if (module == NULL) {
711 /* we are allowed to have no prepare commit in
712 backends */
713 return LDB_SUCCESS;
714 }
715 ret = module->ops->prepare_commit(module);
716 if (ret == LDB_SUCCESS) {
717 return ret;
718 }
719 if (!ldb_errstring(module->ldb)) {
720 /* Set a default error string, to place the blame somewhere */
721 ldb_asprintf_errstring(module->ldb, "prepare_commit error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
722 }
723 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
724 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_prepare_commit error: %s",
725 ldb_errstring(module->ldb));
726 }
727 return ret;
728 }
729
730 int ldb_next_del_trans(struct ldb_module *module)
731 {
732 int ret;
733 FIND_OP(module, del_transaction);
734 ret = module->ops->del_transaction(module);
735 if (ret == LDB_SUCCESS) {
736 return ret;
737 }
738 if (!ldb_errstring(module->ldb)) {
739 /* Set a default error string, to place the blame somewhere */
740 ldb_asprintf_errstring(module->ldb, "del_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
741 }
742 if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
743 ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_del_trans error: %s",
744 ldb_errstring(module->ldb));
745 }
746 return ret;
747 }
748
749 /* calls the request callback to send an entry
750 *
751 * params:
752 * req: the original request passed to your module
753 * msg: reply message (must be a talloc pointer, and it will be stolen
754 * on the ldb_reply that is sent to the callback)
755 * ctrls: controls to send in the reply (must be a talloc pointer, and it will be stolen
756 * on the ldb_reply that is sent to the callback)
757 */
758
759 int ldb_module_send_entry(struct ldb_request *req,
760 struct ldb_message *msg,
761 struct ldb_control **ctrls)
762 {
763 struct ldb_reply *ares;
764
765 ares = talloc_zero(req, struct ldb_reply);
766 if (!ares) {
767 ldb_oom(req->handle->ldb);
768 req->callback(req, NULL);
769 return LDB_ERR_OPERATIONS_ERROR;
770 }
771 ares->type = LDB_REPLY_ENTRY;
772 ares->message = talloc_steal(ares, msg);
773 ares->controls = talloc_steal(ares, ctrls);
774 ares->error = LDB_SUCCESS;
775
776 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
777 req->handle->nesting == 0) {
778 char *s;
779 struct ldb_ldif ldif;
780
781 ldif.changetype = LDB_CHANGETYPE_NONE;
782 ldif.msg = discard_const_p(struct ldb_message, msg);
783
784 ldb_debug_add(req->handle->ldb, "ldb_trace_response: ENTRY\n");
785
786 /*
787 * The choice to call
788 * ldb_ldif_write_redacted_trace_string() is CRITICAL
789 * for security. It ensures that we do not output
790 * passwords into debug logs
791 */
792
793 s = ldb_ldif_write_redacted_trace_string(req->handle->ldb, msg, &ldif);
794 ldb_debug_add(req->handle->ldb, "%s\n", s);
795 talloc_free(s);
796 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
797 }
798
799 return req->callback(req, ares);
800 }
801
802 /* calls the request callback to send a referral
803 *
804 * params:
805 * req: the original request passed to your module
806 * ref: referral string (must be a talloc pointer, steal)
807 */
808
809 int ldb_module_send_referral(struct ldb_request *req,
810 char *ref)
811 {
812 struct ldb_reply *ares;
813
814 ares = talloc_zero(req, struct ldb_reply);
815 if (!ares) {
816 ldb_oom(req->handle->ldb);
817 req->callback(req, NULL);
818 return LDB_ERR_OPERATIONS_ERROR;
819 }
820 ares->type = LDB_REPLY_REFERRAL;
821 ares->referral = talloc_steal(ares, ref);
822 ares->error = LDB_SUCCESS;
823
824 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
825 req->handle->nesting == 0) {
826 ldb_debug_add(req->handle->ldb, "ldb_trace_response: REFERRAL\n");
827 ldb_debug_add(req->handle->ldb, "ref: %s\n", ref);
828 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
829 }
830
831 return req->callback(req, ares);
832 }
833
834 /* calls the original request callback
835 *
836 * params:
837 * req: the original request passed to your module
838 * ctrls: controls to send in the reply (must be a talloc pointer, steal)
839 * response: results for extended request (steal)
840 * error: LDB_SUCCESS for a successful return
841 * any other ldb error otherwise
842 */
843 int ldb_module_done(struct ldb_request *req,
844 struct ldb_control **ctrls,
845 struct ldb_extended *response,
846 int error)
847 {
848 struct ldb_reply *ares;
849
850 ares = talloc_zero(req, struct ldb_reply);
851 if (!ares) {
852 ldb_oom(req->handle->ldb);
853 req->callback(req, NULL);
854 return LDB_ERR_OPERATIONS_ERROR;
855 }
856 ares->type = LDB_REPLY_DONE;
857 ares->controls = talloc_steal(ares, ctrls);
858 ares->response = talloc_steal(ares, response);
859 ares->error = error;
860
861 req->handle->flags |= LDB_HANDLE_FLAG_DONE_CALLED;
862
863 if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
864 req->handle->nesting == 0) {
865 ldb_debug_add(req->handle->ldb, "ldb_trace_response: DONE\n");
866 ldb_debug_add(req->handle->ldb, "error: %d\n", error);
867 if (ldb_errstring(req->handle->ldb)) {
868 ldb_debug_add(req->handle->ldb, "msg: %s\n",
869 ldb_errstring(req->handle->ldb));
870 }
871 ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
872 }
873
874 return req->callback(req, ares);
875 }
876
877 /* to be used *only* in modules init functions.
878 * this function is synchronous and will register
879 * the requested OID in the rootdse module if present
880 * otherwise it will return an error */
881 int ldb_mod_register_control(struct ldb_module *module, const char *oid)
882 {
883 struct ldb_request *req;
884 int ret;
885
886 req = talloc_zero(module, struct ldb_request);
887 if (req == NULL) {
888 return LDB_ERR_OPERATIONS_ERROR;
889 }
890
891 req->operation = LDB_REQ_REGISTER_CONTROL;
892 req->op.reg_control.oid = oid;
893 req->callback = ldb_op_default_callback;
894
895 ldb_set_timeout(module->ldb, req, 0);
896
897 req->handle = ldb_handle_new(req, module->ldb);
898 if (req->handle == NULL) {
899 return LDB_ERR_OPERATIONS_ERROR;
900 }
901
902 ret = ldb_request(module->ldb, req);
903 if (ret == LDB_SUCCESS) {
904 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
905 }
906 talloc_free(req);
907
908 return ret;
909 }
910
911 static int ldb_modules_load_dir(const char *modules_dir, const char *version);
912
913
914 /*
915 load one module. A static list of loaded module inode numbers is
916 used to prevent a module being loaded twice
917
918 dlopen() is used on the module, and dlsym() is then used to look for
919 a ldb_init_module() function. If present, that function is called
920 with the ldb version number as an argument.
921
922 The ldb_init_module() function will typically call
923 ldb_register_module() and ldb_register_backend() to register a
924 module or backend, but it may also be used to register command line
925 handling functions, ldif handlers or any other local
926 modifications.
927
928 The ldb_init_module() function does not get a ldb_context passed in,
929 as modules will be used for multiple ldb context handles. The call
930 from the first ldb_init() is just a convenient way to ensure it is
931 called early enough.
932 */
933 static int ldb_modules_load_path(const char *path, const char *version)
934 {
935 void *handle;
936 int (*init_fn)(const char *);
937 int ret;
938 struct stat st;
939 static struct loaded {
940 struct loaded *next, *prev;
941 ino_t st_ino;
942 dev_t st_dev;
943 } *loaded;
944 struct loaded *le;
945 int dlopen_flags;
946
947 #ifdef RTLD_DEEPBIND
948 bool deepbind_enabled = (getenv("LDB_MODULES_ENABLE_DEEPBIND") != NULL);
949 #endif
950
951 ret = stat(path, &st);
952 if (ret != 0) {
953 fprintf(stderr, "ldb: unable to stat module %s : %s\n", path, strerror(errno));
954 return LDB_ERR_UNAVAILABLE;
955 }
956
957 for (le=loaded; le; le=le->next) {
958 if (le->st_ino == st.st_ino &&
959 le->st_dev == st.st_dev) {
960 /* its already loaded */
961 return LDB_SUCCESS;
962 }
963 }
964
965 le = talloc(loaded, struct loaded);
966 if (le == NULL) {
967 fprintf(stderr, "ldb: unable to allocated loaded entry\n");
968 return LDB_ERR_UNAVAILABLE;
969 }
970
971 le->st_ino = st.st_ino;
972 le->st_dev = st.st_dev;
973
974 DLIST_ADD_END(loaded, le);
975
976 /* if it is a directory, recurse */
977 if (S_ISDIR(st.st_mode)) {
978 return ldb_modules_load_dir(path, version);
979 }
980
981 dlopen_flags = RTLD_NOW;
982 #ifdef RTLD_DEEPBIND
983 /*
984 * On systems where e.g. different kerberos libraries are used, like a
985 * mix of Heimdal and MIT Kerberos, LDB_MODULES_ENABLE_DEEPBIND should
986 * be set to avoid issues.
987 *
988 * By default Linux distributions only have one Kerberos library.
989 */
990 if (deepbind_enabled) {
991 dlopen_flags |= RTLD_DEEPBIND;
992 }
993 #endif
994
995 handle = dlopen(path, dlopen_flags);
996 if (handle == NULL) {
997 fprintf(stderr, "ldb: unable to dlopen %s : %s\n", path, dlerror());
998 return LDB_SUCCESS;
999 }
1000
1001 init_fn = dlsym(handle, "ldb_init_module");
1002 if (init_fn == NULL) {
1003 /* ignore it, it could be an old-style
1004 * module. Once we've converted all modules we
1005 * could consider this an error */
1006 dlclose(handle);
1007 return LDB_SUCCESS;
1008 }
1009
1010 ret = init_fn(version);
1011 if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1012 /* the module is already registered - ignore this, as
1013 * it can happen if LDB_MODULES_PATH points at both
1014 * the build and install directory
1015 */
1016 ret = LDB_SUCCESS;
1017 }
1018 return ret;
1019 }
1020
1021 static int qsort_string(const char **s1, const char **s2)
1022 {
1023 return strcmp(*s1, *s2);
1024 }
1025
1026
1027 /*
1028 load all modules from the given ldb modules directory. This is run once
1029 during the first ldb_init() call.
1030
1031 Modules are loaded in alphabetical order to ensure that any module
1032 load ordering dependencies are reproducible. Modules should avoid
1033 relying on load order
1034 */
1035 static int ldb_modules_load_dir(const char *modules_dir, const char *version)
1036 {
1037 DIR *dir;
1038 struct dirent *de;
1039 const char **modlist = NULL;
1040 TALLOC_CTX *tmp_ctx = talloc_new(NULL);
1041 unsigned i, num_modules = 0;
1042
1043 dir = opendir(modules_dir);
1044 if (dir == NULL) {
1045 if (errno == ENOENT) {
1046 talloc_free(tmp_ctx);
1047 /* we don't have any modules */
1048 return LDB_SUCCESS;
1049 }
1050 talloc_free(tmp_ctx);
1051 fprintf(stderr, "ldb: unable to open modules directory '%s' - %s\n",
1052 modules_dir, strerror(errno));
1053 return LDB_ERR_UNAVAILABLE;
1054 }
1055
1056
1057 while ((de = readdir(dir))) {
1058 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name))
1059 continue;
1060
1061 modlist = talloc_realloc(tmp_ctx, modlist, const char *, num_modules+1);
1062 if (modlist == NULL) {
1063 talloc_free(tmp_ctx);
1064 closedir(dir);
1065 fprintf(stderr, "ldb: unable to allocate modules list\n");
1066 return LDB_ERR_UNAVAILABLE;
1067 }
1068 modlist[num_modules] = talloc_asprintf(modlist, "%s/%s", modules_dir, de->d_name);
1069 if (modlist[num_modules] == NULL) {
1070 talloc_free(tmp_ctx);
1071 closedir(dir);
1072 fprintf(stderr, "ldb: unable to allocate module list entry\n");
1073 return LDB_ERR_UNAVAILABLE;
1074 }
1075 num_modules++;
1076 }
1077
1078 closedir(dir);
1079
1080 /* sort the directory, so we get consistent load ordering */
1081 TYPESAFE_QSORT(modlist, num_modules, qsort_string);
1082
1083 for (i=0; i<num_modules; i++) {
1084 int ret = ldb_modules_load_path(modlist[i], version);
1085 if (ret != LDB_SUCCESS) {
1086 fprintf(stderr, "ldb: failed to initialise module %s : %s\n",
1087 modlist[i], ldb_strerror(ret));
1088 talloc_free(tmp_ctx);
1089 return ret;
1090 }
1091 }
1092
1093 talloc_free(tmp_ctx);
1094
1095 return LDB_SUCCESS;
1096 }
1097
1098 /*
1099 load any additional modules from the given directory
1100 */
1101 void ldb_set_modules_dir(struct ldb_context *ldb, const char *path)
1102 {
1103 int ret = ldb_modules_load_dir(path, LDB_VERSION);
1104 if (ret != LDB_SUCCESS) {
1105 ldb_asprintf_errstring(ldb, "Failed to load modules from: %s\n", path);
1106 }
1107 }
1108
1109
1110 /*
1111 load all modules static (builtin) modules
1112 */
1113 static int ldb_modules_load_static(const char *version)
1114 {
1115 static bool initialised;
1116 #define _MODULE_PROTO(init) extern int init(const char *);
1117 STATIC_ldb_MODULES_PROTO;
1118 const ldb_module_init_fn static_init_functions[] = { STATIC_ldb_MODULES };
1119 unsigned i;
1120
1121 if (initialised) {
1122 return LDB_SUCCESS;
1123 }
1124 initialised = true;
1125
1126 for (i=0; static_init_functions[i]; i++) {
1127 int ret = static_init_functions[i](version);
1128 if (ret != LDB_SUCCESS) {
1129 return ret;
1130 }
1131 }
1132 return LDB_SUCCESS;
1133 }
1134
1135 /*
1136 load all modules from the given ldb modules path, colon
1137 separated.
1138
1139 modules are loaded recursively for all subdirectories in the paths
1140 */
1141 int ldb_modules_load(const char *modules_path, const char *version)
1142 {
1143 char *tok, *path, *tok_ptr=NULL;
1144 int ret;
1145
1146 ret = ldb_modules_load_static(version);
1147 if (ret != LDB_SUCCESS) {
1148 return ret;
1149 }
1150
1151 path = talloc_strdup(NULL, modules_path);
1152 if (path == NULL) {
1153 fprintf(stderr, "ldb: failed to allocate modules_path\n");
1154 return LDB_ERR_UNAVAILABLE;
1155 }
1156
1157 for (tok=strtok_r(path, ":", &tok_ptr);
1158 tok;
1159 tok=strtok_r(NULL, ":", &tok_ptr)) {
1160 ret = ldb_modules_load_path(tok, version);
1161 if (ret != LDB_SUCCESS) {
1162 talloc_free(path);
1163 return ret;
1164 }
1165 }
1166 talloc_free(path);
1167
1168 return LDB_SUCCESS;
1169 }
1170
1171
1172 /*
1173 return a string representation of the calling chain for the given
1174 ldb request
1175 */
1176 char *ldb_module_call_chain(struct ldb_request *req, TALLOC_CTX *mem_ctx)
1177 {
1178 char *ret;
1179 unsigned int i = 0;
1180
1181 ret = talloc_strdup(mem_ctx, "");
1182 if (ret == NULL) {
1183 return NULL;
1184 }
1185
1186 while (req && req->handle) {
1187 talloc_asprintf_addbuf(&ret, "req[%u] %p : %s\n",
1188 i++, req, ldb_req_location(req));
1189 req = req->handle->parent;
1190 }
1191 return ret;
1192 }
1193
1194
1195 /*
1196 return the next module in the chain
1197 */
1198 struct ldb_module *ldb_module_next(struct ldb_module *module)
1199 {
1200 return module->next;
1201 }
1202
1203 /*
1204 set the next module in the module chain
1205 */
1206 void ldb_module_set_next(struct ldb_module *module, struct ldb_module *next)
1207 {
1208 module->next = next;
1209 }
1210
1211
1212 /*
1213 get the popt_options pointer in the ldb structure. This allows a ldb
1214 module to change the command line parsing
1215 */
1216 struct poptOption **ldb_module_popt_options(struct ldb_context *ldb)
1217 {
1218 return &ldb->popt_options;
1219 }
1220
1221
1222 /*
1223 return the current ldb flags LDB_FLG_*
1224 */
1225 uint32_t ldb_module_flags(struct ldb_context *ldb)
1226 {
1227 return ldb->flags;
1228 }
GSS-enabled samba4