search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ctdb-daemon: Use ctdb_parse_node_address() in ctdbd
[samba4-gss.git] / lib / ldb / common / ldb.c
blob71a5c98a542be2f89ab81841b7d9dbaa4d28ab69
1 /*
2 ldb database library
3
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Simo Sorce 2005-2008
6
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
9 ** under the LGPL
10
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
15
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
20
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 /*
26 * Name: ldb
27 *
28 * Component: ldb core API
29 *
30 * Description: core API routines interfacing to ldb backends
31 *
32 * Author: Andrew Tridgell
33 */
34
35 #define TEVENT_DEPRECATED 1
36 #include "ldb_private.h"
37 #include "ldb.h"
38
39 static int ldb_context_destructor(void *ptr)
40 {
41 struct ldb_context *ldb = talloc_get_type(ptr, struct ldb_context);
42
43 if (ldb->transaction_active) {
44 ldb_debug(ldb, LDB_DEBUG_FATAL,
45 "A transaction is still active in ldb context [%p] on %s",
46 ldb, (const char *)ldb_get_opaque(ldb, "ldb_url"));
47 }
48
49 return 0;
50 }
51
52 /*
53 this is used to catch debug messages from events
54 */
55 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
56 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
57
58 static void ldb_tevent_debug(void *context, enum tevent_debug_level level,
59 const char *fmt, va_list ap)
60 {
61 struct ldb_context *ldb = talloc_get_type(context, struct ldb_context);
62 enum ldb_debug_level ldb_level = LDB_DEBUG_FATAL;
63
64 switch (level) {
65 case TEVENT_DEBUG_FATAL:
66 ldb_level = LDB_DEBUG_FATAL;
67 break;
68 case TEVENT_DEBUG_ERROR:
69 ldb_level = LDB_DEBUG_ERROR;
70 break;
71 case TEVENT_DEBUG_WARNING:
72 ldb_level = LDB_DEBUG_WARNING;
73 break;
74 case TEVENT_DEBUG_TRACE:
75 ldb_level = LDB_DEBUG_TRACE;
76 break;
77 };
78
79 /* There isn't a tevent: prefix here because to add it means
80 * actually printing the string, and most of the time we don't
81 * want to show it */
82 ldb_vdebug(ldb, ldb_level, fmt, ap);
83 }
84
85 /*
86 initialise a ldb context
87 The mem_ctx is required
88 The event_ctx is required
89 */
90 struct ldb_context *ldb_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx)
91 {
92 struct ldb_context *ldb;
93 int ret;
94 const char *modules_path = getenv("LDB_MODULES_PATH");
95
96 if (modules_path == NULL) {
97 modules_path = LDB_MODULESDIR;
98 }
99
100 ret = ldb_modules_load(modules_path, LDB_VERSION);
101 if (ret != LDB_SUCCESS) {
102 return NULL;
103 }
104
105 ldb = talloc_zero(mem_ctx, struct ldb_context);
106 if (ldb == NULL) {
107 return NULL;
108 }
109
110 /* A new event context so that callers who don't want ldb
111 * operating on their global event context can work without
112 * having to provide their own private one explicitly */
113 if (ev_ctx == NULL) {
114 ev_ctx = tevent_context_init(ldb);
115 if (ev_ctx == NULL) {
116 talloc_free(ldb);
117 return NULL;
118 }
119 tevent_set_debug(ev_ctx, ldb_tevent_debug, ldb);
120 tevent_set_max_debug_level(ev_ctx, TEVENT_DEBUG_TRACE);
121 tevent_loop_allow_nesting(ev_ctx);
122 }
123
124 ret = ldb_setup_wellknown_attributes(ldb);
125 if (ret != LDB_SUCCESS) {
126 talloc_free(ldb);
127 return NULL;
128 }
129
130 ldb_set_utf8_default(ldb);
131 ldb_set_create_perms(ldb, 0666);
132 ldb_set_modules_dir(ldb, LDB_MODULESDIR);
133 ldb_set_event_context(ldb, ev_ctx);
134 ret = ldb_register_extended_match_rules(ldb);
135 if (ret != LDB_SUCCESS) {
136 talloc_free(ldb);
137 return NULL;
138 }
139
140 /* TODO: get timeout from options if available there */
141 ldb->default_timeout = 300; /* set default to 5 minutes */
142
143 talloc_set_destructor((TALLOC_CTX *)ldb, ldb_context_destructor);
144
145 return ldb;
146 }
147
148 /*
149 try to autodetect a basedn if none specified. This fixes one of my
150 pet hates about ldapsearch, which is that you have to get a long,
151 complex basedn right to make any use of it.
152 */
153 void ldb_set_default_dns(struct ldb_context *ldb)
154 {
155 TALLOC_CTX *tmp_ctx;
156 int ret;
157 struct ldb_result *res;
158 struct ldb_dn *tmp_dn=NULL;
159 static const char *attrs[] = {
160 "rootDomainNamingContext",
161 "configurationNamingContext",
162 "schemaNamingContext",
163 "defaultNamingContext",
164 NULL
165 };
166
167 tmp_ctx = talloc_new(ldb);
168 ret = ldb_search(ldb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, ldb, NULL),
169 LDB_SCOPE_BASE, attrs, "(objectClass=*)");
170 if (ret != LDB_SUCCESS) {
171 talloc_free(tmp_ctx);
172 return;
173 }
174
175 if (res->count != 1) {
176 talloc_free(tmp_ctx);
177 return;
178 }
179
180 if (!ldb_get_opaque(ldb, "rootDomainNamingContext")) {
181 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
182 "rootDomainNamingContext");
183 ldb_set_opaque(ldb, "rootDomainNamingContext", tmp_dn);
184 }
185
186 if (!ldb_get_opaque(ldb, "configurationNamingContext")) {
187 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
188 "configurationNamingContext");
189 ldb_set_opaque(ldb, "configurationNamingContext", tmp_dn);
190 }
191
192 if (!ldb_get_opaque(ldb, "schemaNamingContext")) {
193 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
194 "schemaNamingContext");
195 ldb_set_opaque(ldb, "schemaNamingContext", tmp_dn);
196 }
197
198 if (!ldb_get_opaque(ldb, "defaultNamingContext")) {
199 tmp_dn = ldb_msg_find_attr_as_dn(ldb, ldb, res->msgs[0],
200 "defaultNamingContext");
201 ldb_set_opaque(ldb, "defaultNamingContext", tmp_dn);
202 }
203
204 talloc_free(tmp_ctx);
205 }
206
207 struct ldb_dn *ldb_get_root_basedn(struct ldb_context *ldb)
208 {
209 void *opaque = ldb_get_opaque(ldb, "rootDomainNamingContext");
210 return talloc_get_type(opaque, struct ldb_dn);
211 }
212
213 struct ldb_dn *ldb_get_config_basedn(struct ldb_context *ldb)
214 {
215 void *opaque = ldb_get_opaque(ldb, "configurationNamingContext");
216 return talloc_get_type(opaque, struct ldb_dn);
217 }
218
219 struct ldb_dn *ldb_get_schema_basedn(struct ldb_context *ldb)
220 {
221 void *opaque = ldb_get_opaque(ldb, "schemaNamingContext");
222 return talloc_get_type(opaque, struct ldb_dn);
223 }
224
225 struct ldb_dn *ldb_get_default_basedn(struct ldb_context *ldb)
226 {
227 void *opaque = ldb_get_opaque(ldb, "defaultNamingContext");
228 return talloc_get_type(opaque, struct ldb_dn);
229 }
230
231 /*
232 connect to a database. The URL can either be one of the following forms
233 ldb://path
234 ldapi://path
235
236 flags is made up of LDB_FLG_*
237
238 the options are passed uninterpreted to the backend, and are
239 backend specific
240 */
241 int ldb_connect(struct ldb_context *ldb, const char *url,
242 unsigned int flags, const char *options[])
243 {
244 int ret;
245 char *url2;
246
247 const char *existing_url = ldb_get_opaque(ldb, "ldb_url");
248 if (existing_url != NULL) {
249 ldb_asprintf_errstring(
250 ldb,
251 "This LDB has already connected to '%s', and "
252 "cannot also connect to '%s'",
253 existing_url, url);
254 return LDB_ERR_OPERATIONS_ERROR;
255 }
256
257 /* We seem to need to do this here, or else some utilities don't
258 * get ldb backends */
259
260 ldb->flags = flags;
261
262 url2 = talloc_strdup(ldb, url);
263 if (!url2) {
264 ldb_oom(ldb);
265 return LDB_ERR_OPERATIONS_ERROR;
266 }
267 ret = ldb_set_opaque(ldb, "ldb_url", url2);
268 if (ret != LDB_SUCCESS) {
269 return ret;
270 }
271
272 /*
273 * Take a copy of the options.
274 */
275 ldb->options = ldb_options_copy(ldb, options);
276 if (ldb->options == NULL && options != NULL) {
277 ldb_oom(ldb);
278 return LDB_ERR_OPERATIONS_ERROR;
279 }
280
281 ret = ldb_module_connect_backend(ldb, url, options, &ldb->modules);
282 if (ret != LDB_SUCCESS) {
283 return ret;
284 }
285
286 ret = ldb_load_modules(ldb, options);
287 if (ret != LDB_SUCCESS) {
288 ldb_debug(ldb, LDB_DEBUG_FATAL,
289 "Unable to load modules for %s: %s",
290 url, ldb_errstring(ldb));
291 return ret;
292 }
293
294 /* set the default base dn */
295 ldb_set_default_dns(ldb);
296
297 return LDB_SUCCESS;
298 }
299
300 void ldb_set_errstring(struct ldb_context *ldb, const char *err_string)
301 {
302 ldb_asprintf_errstring(ldb, "%s", err_string);
303 }
304
305 void ldb_asprintf_errstring(struct ldb_context *ldb, const char *format, ...)
306 {
307 va_list ap;
308 char *old_err_string = NULL;
309 if (ldb->err_string) {
310 old_err_string = ldb->err_string;
311 }
312
313 va_start(ap, format);
314 ldb->err_string = talloc_vasprintf(ldb, format, ap);
315 va_end(ap);
316
317 TALLOC_FREE(old_err_string);
318
319 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
320 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_asprintf/set_errstring: %s",
321 ldb->err_string);
322 }
323 }
324
325 void ldb_reset_err_string(struct ldb_context *ldb)
326 {
327 TALLOC_FREE(ldb->err_string);
328 }
329
330
331
332 /*
333 set an ldb error based on file:line
334 */
335 int ldb_error_at(struct ldb_context *ldb, int ecode,
336 const char *reason, const char *file, int line)
337 {
338 if (reason == NULL) {
339 reason = ldb_strerror(ecode);
340 }
341 ldb_asprintf_errstring(ldb, "%s at %s:%d", reason, file, line);
342 return ecode;
343 }
344
345
346 #define FIRST_OP_NOERR(ldb, op) do { \
347 next_module = ldb->modules; \
348 while (next_module && next_module->ops->op == NULL) { \
349 next_module = next_module->next; \
350 }; \
351 if ((ldb->flags & LDB_FLG_ENABLE_TRACING) && next_module) { \
352 ldb_debug(ldb, LDB_DEBUG_TRACE, "ldb_trace_request: (%s)->" #op, \
353 next_module->ops->name); \
354 } \
355 } while (0)
356
357 #define FIRST_OP(ldb, op) do { \
358 FIRST_OP_NOERR(ldb, op); \
359 if (next_module == NULL) { \
360 ldb_asprintf_errstring(ldb, "unable to find module or backend to handle operation: " #op); \
361 return LDB_ERR_OPERATIONS_ERROR; \
362 } \
363 } while (0)
364
365
366 /*
367 start a transaction
368 */
369 int ldb_transaction_start(struct ldb_context *ldb)
370 {
371 struct ldb_module *next_module;
372 int status;
373
374 ldb_debug(ldb, LDB_DEBUG_TRACE,
375 "start ldb transaction (nesting: %d)",
376 ldb->transaction_active);
377
378 /* explicit transaction active, count nested requests */
379 if (ldb->transaction_active) {
380 ldb->transaction_active++;
381 return LDB_SUCCESS;
382 }
383
384 /* start a new transaction */
385 ldb->transaction_active++;
386 ldb->prepare_commit_done = false;
387
388 FIRST_OP(ldb, start_transaction);
389
390 ldb_reset_err_string(ldb);
391
392 status = next_module->ops->start_transaction(next_module);
393 if (status != LDB_SUCCESS) {
394 if (ldb->err_string == NULL) {
395 /* no error string was setup by the backend */
396 ldb_asprintf_errstring(ldb,
397 "ldb transaction start: %s (%d)",
398 ldb_strerror(status),
399 status);
400 ldb->transaction_active--;
401 }
402 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
403 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction error: %s",
404 ldb_errstring(next_module->ldb));
405 }
406 } else {
407 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
408 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "start ldb transaction success");
409 }
410 }
411 return status;
412 }
413
414 /*
415 prepare for transaction commit (first phase of two phase commit)
416 */
417 int ldb_transaction_prepare_commit(struct ldb_context *ldb)
418 {
419 struct ldb_module *next_module;
420 int status;
421
422 if (ldb->prepare_commit_done) {
423 return LDB_SUCCESS;
424 }
425
426 /* commit only when all nested transactions are complete */
427 if (ldb->transaction_active > 1) {
428 return LDB_SUCCESS;
429 }
430
431 ldb->prepare_commit_done = true;
432
433 if (ldb->transaction_active < 0) {
434 ldb_debug(ldb, LDB_DEBUG_FATAL,
435 "prepare commit called but no ldb transactions are active!");
436 ldb->transaction_active = 0;
437 return LDB_ERR_OPERATIONS_ERROR;
438 }
439
440 /* call prepare transaction if available */
441 FIRST_OP_NOERR(ldb, prepare_commit);
442 if (next_module == NULL) {
443 return LDB_SUCCESS;
444 }
445
446 ldb_reset_err_string(ldb);
447
448 status = next_module->ops->prepare_commit(next_module);
449 if (status != LDB_SUCCESS) {
450 ldb->transaction_active--;
451 /* if a next_module fails the prepare then we need
452 to call the end transaction for everyone */
453 FIRST_OP(ldb, del_transaction);
454 next_module->ops->del_transaction(next_module);
455 if (ldb->err_string == NULL) {
456 /* no error string was setup by the backend */
457 ldb_asprintf_errstring(ldb,
458 "ldb transaction prepare commit: %s (%d)",
459 ldb_strerror(status),
460 status);
461 }
462 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
463 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "prepare commit transaction error: %s",
464 ldb_errstring(next_module->ldb));
465 }
466 }
467
468 return status;
469 }
470
471
472 /*
473 commit a transaction
474 */
475 int ldb_transaction_commit(struct ldb_context *ldb)
476 {
477 struct ldb_module *next_module;
478 int status;
479
480 status = ldb_transaction_prepare_commit(ldb);
481 if (status != LDB_SUCCESS) {
482 return status;
483 }
484
485 ldb->transaction_active--;
486
487 ldb_debug(ldb, LDB_DEBUG_TRACE,
488 "commit ldb transaction (nesting: %d)",
489 ldb->transaction_active);
490
491 /* commit only when all nested transactions are complete */
492 if (ldb->transaction_active > 0) {
493 return LDB_SUCCESS;
494 }
495
496 if (ldb->transaction_active < 0) {
497 ldb_debug(ldb, LDB_DEBUG_FATAL,
498 "commit called but no ldb transactions are active!");
499 ldb->transaction_active = 0;
500 return LDB_ERR_OPERATIONS_ERROR;
501 }
502
503 ldb_reset_err_string(ldb);
504
505 FIRST_OP(ldb, end_transaction);
506 status = next_module->ops->end_transaction(next_module);
507 if (status != LDB_SUCCESS) {
508 if (ldb->err_string == NULL) {
509 /* no error string was setup by the backend */
510 ldb_asprintf_errstring(ldb,
511 "ldb transaction commit: %s (%d)",
512 ldb_strerror(status),
513 status);
514 }
515 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
516 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "commit ldb transaction error: %s",
517 ldb_errstring(next_module->ldb));
518 }
519 }
520 return status;
521 }
522
523
524 /*
525 cancel a transaction
526 */
527 int ldb_transaction_cancel(struct ldb_context *ldb)
528 {
529 struct ldb_module *next_module;
530 int status;
531
532 ldb->transaction_active--;
533
534 ldb_debug(ldb, LDB_DEBUG_TRACE,
535 "cancel ldb transaction (nesting: %d)",
536 ldb->transaction_active);
537
538 /* really cancel only if all nested transactions are complete */
539 if (ldb->transaction_active > 0) {
540 return LDB_SUCCESS;
541 }
542
543 if (ldb->transaction_active < 0) {
544 ldb_debug(ldb, LDB_DEBUG_FATAL,
545 "cancel called but no ldb transactions are active!");
546 ldb->transaction_active = 0;
547 return LDB_ERR_OPERATIONS_ERROR;
548 }
549
550 FIRST_OP(ldb, del_transaction);
551
552 status = next_module->ops->del_transaction(next_module);
553 if (status != LDB_SUCCESS) {
554 if (ldb->err_string == NULL) {
555 /* no error string was setup by the backend */
556 ldb_asprintf_errstring(ldb,
557 "ldb transaction cancel: %s (%d)",
558 ldb_strerror(status),
559 status);
560 }
561 if ((next_module && next_module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
562 ldb_debug(next_module->ldb, LDB_DEBUG_TRACE, "cancel ldb transaction error: %s",
563 ldb_errstring(next_module->ldb));
564 }
565 }
566 return status;
567 }
568
569 /*
570 cancel a transaction with no error if no transaction is pending
571 used when we fork() to clear any parent transactions
572 */
573 int ldb_transaction_cancel_noerr(struct ldb_context *ldb)
574 {
575 if (ldb->transaction_active > 0) {
576 return ldb_transaction_cancel(ldb);
577 }
578 return LDB_SUCCESS;
579 }
580
581
582 /* autostarts a transaction if none active */
583 static int ldb_autotransaction_request(struct ldb_context *ldb,
584 struct ldb_request *req)
585 {
586 int ret;
587
588 ret = ldb_transaction_start(ldb);
589 if (ret != LDB_SUCCESS) {
590 return ret;
591 }
592
593 ret = ldb_request(ldb, req);
594 if (ret == LDB_SUCCESS) {
595 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
596 }
597
598 if (ret == LDB_SUCCESS) {
599 return ldb_transaction_commit(ldb);
600 }
601 ldb_transaction_cancel(ldb);
602
603 return ret;
604 }
605
606 int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
607 {
608 struct tevent_context *ev;
609 int ret;
610
611 if (handle == NULL) {
612 return LDB_ERR_UNAVAILABLE;
613 }
614
615 if (handle->state == LDB_ASYNC_DONE) {
616 if ((handle->status != LDB_SUCCESS) &&
617 (handle->ldb->err_string == NULL)) {
618 /* if no error string was setup by the backend */
619 ldb_asprintf_errstring(handle->ldb,
620 "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)",
621 handle->location,
622 ldb_strerror(handle->status),
623 handle->status);
624 }
625 return handle->status;
626 }
627
628 ev = ldb_handle_get_event_context(handle);
629 if (NULL == ev) {
630 return ldb_oom(handle->ldb);
631 }
632
633 switch (type) {
634 case LDB_WAIT_NONE:
635 ret = tevent_loop_once(ev);
636 if (ret != 0) {
637 return ldb_operr(handle->ldb);
638 }
639 if (handle->status == LDB_SUCCESS) {
640 return LDB_SUCCESS;
641 }
642 if (handle->ldb->err_string != NULL) {
643 return handle->status;
644 }
645 /*
646 * if no error string was setup by the backend
647 */
648 ldb_asprintf_errstring(handle->ldb,
649 "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)",
650 handle->location,
651 ldb_strerror(handle->status),
652 handle->status);
653 return handle->status;
654
655 case LDB_WAIT_ALL:
656 while (handle->state != LDB_ASYNC_DONE) {
657 ret = tevent_loop_once(ev);
658 if (ret != 0) {
659 return ldb_operr(handle->ldb);
660 }
661 if (handle->status != LDB_SUCCESS) {
662 if (handle->ldb->err_string != NULL) {
663 return handle->status;
664 }
665 /*
666 * if no error string was setup by the
667 * backend
668 */
669 ldb_asprintf_errstring(handle->ldb,
670 "ldb_wait from %s with "
671 "LDB_WAIT_ALL: %s (%d)",
672 handle->location,
673 ldb_strerror(handle->status),
674 handle->status);
675 return handle->status;
676 }
677 }
678 if (handle->status == LDB_SUCCESS) {
679 return LDB_SUCCESS;
680 }
681 if (handle->ldb->err_string != NULL) {
682 return handle->status;
683 }
684 /*
685 * if no error string was setup by the backend
686 */
687 ldb_asprintf_errstring(handle->ldb,
688 "ldb_wait from %s with LDB_WAIT_ALL,"
689 " LDB_ASYNC_DONE: %s (%d)",
690 handle->location,
691 ldb_strerror(handle->status),
692 handle->status);
693 return handle->status;
694 }
695
696 return LDB_SUCCESS;
697 }
698
699 /* set the specified timeout or, if timeout is 0 set the default timeout */
700 int ldb_set_timeout(struct ldb_context *ldb,
701 struct ldb_request *req,
702 int timeout)
703 {
704 if (req == NULL) return LDB_ERR_OPERATIONS_ERROR;
705
706 if (timeout != 0) {
707 req->timeout = timeout;
708 } else {
709 req->timeout = ldb->default_timeout;
710 }
711 req->starttime = time(NULL);
712
713 return LDB_SUCCESS;
714 }
715
716 /* calculates the new timeout based on the previous starttime and timeout */
717 int ldb_set_timeout_from_prev_req(struct ldb_context *ldb,
718 struct ldb_request *oldreq,
719 struct ldb_request *newreq)
720 {
721 if (newreq == NULL) return LDB_ERR_OPERATIONS_ERROR;
722
723 if (oldreq == NULL) {
724 return ldb_set_timeout(ldb, newreq, 0);
725 }
726
727 newreq->starttime = oldreq->starttime;
728 newreq->timeout = oldreq->timeout;
729
730 return LDB_SUCCESS;
731 }
732
733
734 struct ldb_handle *ldb_handle_new(TALLOC_CTX *mem_ctx, struct ldb_context *ldb)
735 {
736 struct ldb_handle *h;
737
738 h = talloc_zero(mem_ctx, struct ldb_handle);
739 if (h == NULL) {
740 ldb_set_errstring(ldb, "Out of Memory");
741 return NULL;
742 }
743
744 h->status = LDB_SUCCESS;
745 h->state = LDB_ASYNC_INIT;
746 h->ldb = ldb;
747 h->flags = 0;
748 h->location = NULL;
749 h->parent = NULL;
750
751 if (h->ldb->require_private_event_context == true) {
752 h->event_context = tevent_context_init(h);
753 if (h->event_context == NULL) {
754 ldb_set_errstring(ldb,
755 "Out of Memory allocating "
756 "event context for new handle");
757 return NULL;
758 }
759 tevent_set_debug(h->event_context, ldb_tevent_debug, ldb);
760 tevent_set_max_debug_level(h->event_context, TEVENT_DEBUG_TRACE);
761 tevent_loop_allow_nesting(h->event_context);
762 }
763
764 return h;
765 }
766
767 static struct ldb_handle *ldb_handle_new_child(TALLOC_CTX *mem_ctx,
768 struct ldb_request *parent_req)
769 {
770 struct ldb_handle *h;
771
772 h = talloc_zero(mem_ctx, struct ldb_handle);
773 if (h == NULL) {
774 ldb_set_errstring(parent_req->handle->ldb,
775 "Out of Memory");
776 return NULL;
777 }
778
779 h->status = LDB_SUCCESS;
780 h->state = LDB_ASYNC_INIT;
781 h->ldb = parent_req->handle->ldb;
782 h->parent = parent_req;
783 h->nesting = parent_req->handle->nesting + 1;
784 h->flags = parent_req->handle->flags;
785 h->custom_flags = parent_req->handle->custom_flags;
786 h->event_context = parent_req->handle->event_context;
787
788 return h;
789 }
790
791 /*
792 set the permissions for new files to be passed to open() in
793 backends that use local files
794 */
795 void ldb_set_create_perms(struct ldb_context *ldb, unsigned int perms)
796 {
797 ldb->create_perms = perms;
798 }
799
800 unsigned int ldb_get_create_perms(struct ldb_context *ldb)
801 {
802 return ldb->create_perms;
803 }
804
805 void ldb_set_event_context(struct ldb_context *ldb, struct tevent_context *ev)
806 {
807 ldb->ev_ctx = ev;
808 }
809
810 struct tevent_context * ldb_get_event_context(struct ldb_context *ldb)
811 {
812 return ldb->ev_ctx;
813 }
814
815 void ldb_request_set_state(struct ldb_request *req, int state)
816 {
817 req->handle->state = state;
818 }
819
820 int ldb_request_get_status(struct ldb_request *req)
821 {
822 return req->handle->status;
823 }
824
825 /*
826 * This function obtains the private event context for the handle,
827 * which may have been created to avoid nested event loops during
828 * ldb_tdb with the locks held
829 */
830 struct tevent_context *ldb_handle_get_event_context(struct ldb_handle *handle)
831 {
832 if (handle->event_context != NULL) {
833 return handle->event_context;
834 }
835 return ldb_get_event_context(handle->ldb);
836 }
837
838 /*
839 * This function forces a specific ldb handle to use the global event
840 * context. This allows a nested event loop to operate, so any open
841 * transaction also needs to be aborted.
842 *
843 * Any events on this event context will be lost
844 *
845 * This is used in Samba when sending an IRPC to another part of the
846 * same process instead of making a local DB modification.
847 */
848 void ldb_handle_use_global_event_context(struct ldb_handle *handle)
849 {
850 TALLOC_FREE(handle->event_context);
851 }
852
853 void ldb_set_require_private_event_context(struct ldb_context *ldb)
854 {
855 ldb->require_private_event_context = true;
856 }
857
858 /*
859 trace a ldb request
860 */
861 static void ldb_trace_request(struct ldb_context *ldb, struct ldb_request *req)
862 {
863 TALLOC_CTX *tmp_ctx = talloc_new(req);
864 unsigned int i;
865 struct ldb_ldif ldif;
866
867 switch (req->operation) {
868 case LDB_SEARCH:
869 ldb_debug_add(ldb, "ldb_trace_request: SEARCH\n");
870 ldb_debug_add(ldb, " dn: %s\n",
871 ldb_dn_is_null(req->op.search.base)?"<rootDSE>":
872 ldb_dn_get_linearized(req->op.search.base));
873 ldb_debug_add(ldb, " scope: %s\n",
874 req->op.search.scope==LDB_SCOPE_BASE?"base":
875 req->op.search.scope==LDB_SCOPE_ONELEVEL?"one":
876 req->op.search.scope==LDB_SCOPE_SUBTREE?"sub":"UNKNOWN");
877 ldb_debug_add(ldb, " expr: %s\n",
878 ldb_filter_from_tree(tmp_ctx, req->op.search.tree));
879 if (req->op.search.attrs == NULL) {
880 ldb_debug_add(ldb, " attr: <ALL>\n");
881 } else {
882 for (i=0; req->op.search.attrs[i]; i++) {
883 ldb_debug_add(ldb, " attr: %s\n", req->op.search.attrs[i]);
884 }
885 }
886 break;
887 case LDB_DELETE:
888 ldb_debug_add(ldb, "ldb_trace_request: DELETE\n");
889 ldb_debug_add(ldb, " dn: %s\n",
890 ldb_dn_get_linearized(req->op.del.dn));
891 break;
892 case LDB_RENAME:
893 ldb_debug_add(ldb, "ldb_trace_request: RENAME\n");
894 ldb_debug_add(ldb, " olddn: %s\n",
895 ldb_dn_get_linearized(req->op.rename.olddn));
896 ldb_debug_add(ldb, " newdn: %s\n",
897 ldb_dn_get_linearized(req->op.rename.newdn));
898 break;
899 case LDB_EXTENDED:
900 ldb_debug_add(ldb, "ldb_trace_request: EXTENDED\n");
901 ldb_debug_add(ldb, " oid: %s\n", req->op.extended.oid);
902 ldb_debug_add(ldb, " data: %s\n", req->op.extended.data?"yes":"no");
903 break;
904 case LDB_ADD:
905 ldif.changetype = LDB_CHANGETYPE_ADD;
906 ldif.msg = discard_const_p(struct ldb_message, req->op.add.message);
907
908 ldb_debug_add(ldb, "ldb_trace_request: ADD\n");
909
910 /*
911 * The choice to call
912 * ldb_ldif_write_redacted_trace_string() is CRITICAL
913 * for security. It ensures that we do not output
914 * passwords into debug logs
915 */
916
917 ldb_debug_add(req->handle->ldb, "%s\n",
918 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
919 break;
920 case LDB_MODIFY:
921 ldif.changetype = LDB_CHANGETYPE_MODIFY;
922 ldif.msg = discard_const_p(struct ldb_message, req->op.mod.message);
923
924 ldb_debug_add(ldb, "ldb_trace_request: MODIFY\n");
925
926 /*
927 * The choice to call
928 * ldb_ldif_write_redacted_trace_string() is CRITICAL
929 * for security. It ensures that we do not output
930 * passwords into debug logs
931 */
932
933 ldb_debug_add(req->handle->ldb, "%s\n",
934 ldb_ldif_write_redacted_trace_string(req->handle->ldb, tmp_ctx, &ldif));
935 break;
936 case LDB_REQ_REGISTER_CONTROL:
937 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_CONTROL\n");
938 ldb_debug_add(req->handle->ldb, "%s\n",
939 req->op.reg_control.oid);
940 break;
941 case LDB_REQ_REGISTER_PARTITION:
942 ldb_debug_add(ldb, "ldb_trace_request: REGISTER_PARTITION\n");
943 ldb_debug_add(req->handle->ldb, "%s\n",
944 ldb_dn_get_linearized(req->op.reg_partition.dn));
945 break;
946 default:
947 ldb_debug_add(ldb, "ldb_trace_request: UNKNOWN(%u)\n",
948 req->operation);
949 break;
950 }
951
952 if (req->controls == NULL) {
953 ldb_debug_add(ldb, " control: <NONE>\n");
954 } else {
955 for (i=0; req->controls && req->controls[i]; i++) {
956 if (req->controls[i]->oid) {
957 ldb_debug_add(ldb, " control: %s crit:%u data:%s\n",
958 req->controls[i]->oid,
959 req->controls[i]->critical,
960 req->controls[i]->data?"yes":"no");
961 }
962 }
963 }
964
965 ldb_debug_end(ldb, LDB_DEBUG_TRACE);
966
967 talloc_free(tmp_ctx);
968 }
969
970 /*
971 check that the element flags don't have any internal bits set
972 */
973 static int ldb_msg_check_element_flags(struct ldb_context *ldb,
974 const struct ldb_message *message)
975 {
976 unsigned i;
977 for (i=0; i<message->num_elements; i++) {
978 if (message->elements[i].flags & LDB_FLAG_INTERNAL_MASK) {
979 ldb_asprintf_errstring(ldb, "Invalid element flags 0x%08x on element %s in %s\n",
980 message->elements[i].flags, message->elements[i].name,
981 ldb_dn_get_linearized(message->dn));
982 return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
983 }
984 }
985 return LDB_SUCCESS;
986 }
987
988 /*
989 * This context allows us to make the unlock be a talloc destructor
990 *
991 * This ensures that a request started, but not waited on, will still
992 * unlock.
993 */
994 struct ldb_db_lock_context {
995 struct ldb_request *req;
996 struct ldb_context *ldb;
997 };
998
999 /*
1000 * We have to have the unlock on a destructor so that we unlock the
1001 * DB if a caller calls talloc_free(req). We trust that the ldb
1002 * context has not already gone away.
1003 */
1004 static int ldb_db_lock_destructor(struct ldb_db_lock_context *lock_context)
1005 {
1006 int ret;
1007 struct ldb_module *next_module;
1008 FIRST_OP_NOERR(lock_context->ldb, read_unlock);
1009 if (next_module != NULL) {
1010 ret = next_module->ops->read_unlock(next_module);
1011 } else {
1012 ret = LDB_SUCCESS;
1013 }
1014
1015 if (ret != LDB_SUCCESS) {
1016 ldb_debug(lock_context->ldb,
1017 LDB_DEBUG_FATAL,
1018 "Failed to unlock db: %s / %s",
1019 ldb_errstring(lock_context->ldb),
1020 ldb_strerror(ret));
1021 }
1022 return 0;
1023 }
1024
1025 static int ldb_lock_backend_callback(struct ldb_request *req,
1026 struct ldb_reply *ares)
1027 {
1028 struct ldb_db_lock_context *lock_context;
1029 int ret;
1030
1031 if (req->context == NULL) {
1032 /*
1033 * The usual way to get here is to ignore the return codes
1034 * and continuing processing after an error.
1035 */
1036 abort();
1037 }
1038 lock_context = talloc_get_type(req->context,
1039 struct ldb_db_lock_context);
1040
1041 if (!ares) {
1042 return ldb_module_done(lock_context->req, NULL, NULL,
1043 LDB_ERR_OPERATIONS_ERROR);
1044 }
1045 if (ares->error != LDB_SUCCESS || ares->type == LDB_REPLY_DONE) {
1046 ret = ldb_module_done(lock_context->req, ares->controls,
1047 ares->response, ares->error);
1048 /*
1049 * If this is a LDB_REPLY_DONE or an error, unlock the
1050 * DB by calling the destructor on this context
1051 */
1052 TALLOC_FREE(req->context);
1053 return ret;
1054 }
1055
1056 /* Otherwise pass on the callback */
1057 switch (ares->type) {
1058 case LDB_REPLY_ENTRY:
1059 return ldb_module_send_entry(lock_context->req, ares->message,
1060 ares->controls);
1061
1062 case LDB_REPLY_REFERRAL:
1063 return ldb_module_send_referral(lock_context->req,
1064 ares->referral);
1065 default:
1066 /* Can't happen */
1067 return LDB_ERR_OPERATIONS_ERROR;
1068 }
1069 }
1070
1071 /*
1072 * Do an ldb_search() with a lock held, but release it if the request
1073 * is freed with talloc_free()
1074 */
1075 static int lock_search(struct ldb_module *lock_module, struct ldb_request *req)
1076 {
1077 /* Used in FIRST_OP_NOERR to find where to send the lock request */
1078 struct ldb_module *next_module = NULL;
1079 struct ldb_request *down_req = NULL;
1080 struct ldb_db_lock_context *lock_context;
1081 struct ldb_context *ldb = ldb_module_get_ctx(lock_module);
1082 int ret;
1083
1084 lock_context = talloc(req, struct ldb_db_lock_context);
1085 if (lock_context == NULL) {
1086 return ldb_oom(ldb);
1087 }
1088
1089 lock_context->ldb = ldb;
1090 lock_context->req = req;
1091
1092 ret = ldb_build_search_req_ex(&down_req, ldb, req,
1093 req->op.search.base,
1094 req->op.search.scope,
1095 req->op.search.tree,
1096 req->op.search.attrs,
1097 req->controls,
1098 lock_context,
1099 ldb_lock_backend_callback,
1100 req);
1101 LDB_REQ_SET_LOCATION(down_req);
1102 if (ret != LDB_SUCCESS) {
1103 return ret;
1104 }
1105
1106 /* call DB lock */
1107 FIRST_OP_NOERR(ldb, read_lock);
1108 if (next_module != NULL) {
1109 ret = next_module->ops->read_lock(next_module);
1110 } else {
1111 ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1112 }
1113
1114 if (ret == LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION) {
1115 /* We might be talking LDAP */
1116 ldb_reset_err_string(ldb);
1117 TALLOC_FREE(lock_context);
1118
1119 return ldb_next_request(lock_module, req);
1120 } else if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1121 /* if no error string was setup by the backend */
1122 ldb_asprintf_errstring(ldb, "Failed to get DB lock: %s (%d)",
1123 ldb_strerror(ret), ret);
1124 } else {
1125 talloc_set_destructor(lock_context, ldb_db_lock_destructor);
1126 }
1127
1128 if (ret != LDB_SUCCESS) {
1129 return ret;
1130 }
1131
1132 return ldb_next_request(lock_module, down_req);
1133 }
1134
1135 /*
1136 start an ldb request
1137 NOTE: the request must be a talloc context.
1138 returns LDB_ERR_* on errors.
1139 */
1140 int ldb_request(struct ldb_context *ldb, struct ldb_request *req)
1141 {
1142 struct ldb_module *next_module;
1143 int ret;
1144
1145 if (req->callback == NULL) {
1146 ldb_set_errstring(ldb, "Requests MUST define callbacks");
1147 return LDB_ERR_UNWILLING_TO_PERFORM;
1148 }
1149
1150 ldb_reset_err_string(ldb);
1151
1152 if (ldb->flags & LDB_FLG_ENABLE_TRACING) {
1153 ldb_trace_request(ldb, req);
1154 }
1155
1156 /* call the first module in the chain */
1157 switch (req->operation) {
1158 case LDB_SEARCH:
1159 {
1160 /*
1161 * A fake module to allow ldb_next_request() to be
1162 * re-used and to keep the locking out of this function.
1163 */
1164 static const struct ldb_module_ops lock_module_ops = {
1165 .name = "lock_searches",
1166 .search = lock_search
1167 };
1168 struct ldb_module lock_module = {
1169 .ldb = ldb,
1170 .next = ldb->modules,
1171 .ops = &lock_module_ops
1172 };
1173 next_module = &lock_module;
1174
1175 /* due to "ldb_build_search_req" base DN always != NULL */
1176 if (!ldb_dn_validate(req->op.search.base)) {
1177 ldb_asprintf_errstring(ldb, "ldb_search: invalid basedn '%s'",
1178 ldb_dn_get_linearized(req->op.search.base));
1179 return LDB_ERR_INVALID_DN_SYNTAX;
1180 }
1181
1182 ret = next_module->ops->search(next_module, req);
1183 break;
1184 }
1185 case LDB_ADD:
1186 if (!ldb_dn_validate(req->op.add.message->dn)) {
1187 ldb_asprintf_errstring(ldb, "ldb_add: invalid dn '%s'",
1188 ldb_dn_get_linearized(req->op.add.message->dn));
1189 return LDB_ERR_INVALID_DN_SYNTAX;
1190 }
1191 /*
1192 * we have to normalize here, as so many places
1193 * in modules and backends assume we don't have two
1194 * elements with the same name
1195 */
1196 ret = ldb_msg_normalize(ldb, req, req->op.add.message,
1197 discard_const(&req->op.add.message));
1198 if (ret != LDB_SUCCESS) {
1199 ldb_oom(ldb);
1200 return ret;
1201 }
1202 FIRST_OP(ldb, add);
1203 ret = ldb_msg_check_element_flags(ldb, req->op.add.message);
1204 if (ret != LDB_SUCCESS) {
1205 /*
1206 * "ldb_msg_check_element_flags" generates an error
1207 * string
1208 */
1209 return ret;
1210 }
1211 ret = next_module->ops->add(next_module, req);
1212 break;
1213 case LDB_MODIFY:
1214 if (!ldb_dn_validate(req->op.mod.message->dn)) {
1215 ldb_asprintf_errstring(ldb, "ldb_modify: invalid dn '%s'",
1216 ldb_dn_get_linearized(req->op.mod.message->dn));
1217 return LDB_ERR_INVALID_DN_SYNTAX;
1218 }
1219 FIRST_OP(ldb, modify);
1220 ret = ldb_msg_check_element_flags(ldb, req->op.mod.message);
1221 if (ret != LDB_SUCCESS) {
1222 /*
1223 * "ldb_msg_check_element_flags" generates an error
1224 * string
1225 */
1226 return ret;
1227 }
1228 ret = next_module->ops->modify(next_module, req);
1229 break;
1230 case LDB_DELETE:
1231 if (!ldb_dn_validate(req->op.del.dn)) {
1232 ldb_asprintf_errstring(ldb, "ldb_delete: invalid dn '%s'",
1233 ldb_dn_get_linearized(req->op.del.dn));
1234 return LDB_ERR_INVALID_DN_SYNTAX;
1235 }
1236 FIRST_OP(ldb, del);
1237 ret = next_module->ops->del(next_module, req);
1238 break;
1239 case LDB_RENAME:
1240 if (!ldb_dn_validate(req->op.rename.olddn)) {
1241 ldb_asprintf_errstring(ldb, "ldb_rename: invalid olddn '%s'",
1242 ldb_dn_get_linearized(req->op.rename.olddn));
1243 return LDB_ERR_INVALID_DN_SYNTAX;
1244 }
1245 if (!ldb_dn_validate(req->op.rename.newdn)) {
1246 ldb_asprintf_errstring(ldb, "ldb_rename: invalid newdn '%s'",
1247 ldb_dn_get_linearized(req->op.rename.newdn));
1248 return LDB_ERR_INVALID_DN_SYNTAX;
1249 }
1250 FIRST_OP(ldb, rename);
1251 ret = next_module->ops->rename(next_module, req);
1252 break;
1253 case LDB_EXTENDED:
1254 FIRST_OP(ldb, extended);
1255 ret = next_module->ops->extended(next_module, req);
1256 break;
1257 default:
1258 FIRST_OP(ldb, request);
1259 ret = next_module->ops->request(next_module, req);
1260 break;
1261 }
1262
1263 if ((ret != LDB_SUCCESS) && (ldb->err_string == NULL)) {
1264 /* if no error string was setup by the backend */
1265 ldb_asprintf_errstring(ldb, "ldb_request: %s (%d)",
1266 ldb_strerror(ret), ret);
1267 }
1268
1269 return ret;
1270 }
1271
1272 int ldb_request_done(struct ldb_request *req, int status)
1273 {
1274 req->handle->state = LDB_ASYNC_DONE;
1275 req->handle->status = status;
1276 return status;
1277 }
1278
1279 /*
1280 search the database given a LDAP-like search expression
1281
1282 returns an LDB error code
1283
1284 Use talloc_free to free the ldb_message returned in 'res', if successful
1285
1286 */
1287 int ldb_search_default_callback(struct ldb_request *req,
1288 struct ldb_reply *ares)
1289 {
1290 struct ldb_result *res;
1291 unsigned int n;
1292
1293 res = talloc_get_type(req->context, struct ldb_result);
1294
1295 if (!ares) {
1296 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1297 }
1298 if (ares->error != LDB_SUCCESS) {
1299 return ldb_request_done(req, ares->error);
1300 }
1301
1302 switch (ares->type) {
1303 case LDB_REPLY_ENTRY:
1304 res->msgs = talloc_realloc(res, res->msgs,
1305 struct ldb_message *, res->count + 2);
1306 if (! res->msgs) {
1307 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1308 }
1309
1310 res->msgs[res->count + 1] = NULL;
1311
1312 res->msgs[res->count] = talloc_move(res->msgs, &ares->message);
1313 res->count++;
1314 break;
1315
1316 case LDB_REPLY_REFERRAL:
1317 if (res->refs) {
1318 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1319 } else {
1320 n = 0;
1321 }
1322
1323 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1324 if (! res->refs) {
1325 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1326 }
1327
1328 res->refs[n] = talloc_move(res->refs, &ares->referral);
1329 res->refs[n + 1] = NULL;
1330 break;
1331
1332 case LDB_REPLY_DONE:
1333 /* TODO: we should really support controls on entries
1334 * and referrals too! */
1335 res->controls = talloc_move(res, &ares->controls);
1336
1337 /* this is the last message, and means the request is done */
1338 /* we have to signal and eventual ldb_wait() waiting that the
1339 * async request operation was completed */
1340 talloc_free(ares);
1341 return ldb_request_done(req, LDB_SUCCESS);
1342 }
1343
1344 talloc_free(ares);
1345
1346 return LDB_SUCCESS;
1347 }
1348
1349 int ldb_modify_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1350 {
1351 struct ldb_result *res;
1352 unsigned int n;
1353 int ret;
1354
1355 res = talloc_get_type(req->context, struct ldb_result);
1356
1357 if (!ares) {
1358 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1359 }
1360
1361 if (ares->error != LDB_SUCCESS) {
1362 ret = ares->error;
1363 talloc_free(ares);
1364 return ldb_request_done(req, ret);
1365 }
1366
1367 switch (ares->type) {
1368 case LDB_REPLY_REFERRAL:
1369 if (res->refs) {
1370 for (n = 0; res->refs[n]; n++) /*noop*/ ;
1371 } else {
1372 n = 0;
1373 }
1374
1375 res->refs = talloc_realloc(res, res->refs, char *, n + 2);
1376 if (! res->refs) {
1377 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1378 }
1379
1380 res->refs[n] = talloc_move(res->refs, &ares->referral);
1381 res->refs[n + 1] = NULL;
1382 break;
1383
1384 case LDB_REPLY_DONE:
1385 talloc_free(ares);
1386 return ldb_request_done(req, LDB_SUCCESS);
1387 default:
1388 talloc_free(ares);
1389 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1390 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1391 }
1392
1393 talloc_free(ares);
1394 return ldb_request_done(req, LDB_SUCCESS);
1395 }
1396
1397 int ldb_op_default_callback(struct ldb_request *req, struct ldb_reply *ares)
1398 {
1399 int ret;
1400
1401 if (!ares) {
1402 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1403 }
1404
1405 if (ares->error != LDB_SUCCESS) {
1406 ret = ares->error;
1407 talloc_free(ares);
1408 return ldb_request_done(req, ret);
1409 }
1410
1411 if (ares->type != LDB_REPLY_DONE) {
1412 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1413 TALLOC_FREE(ares);
1414 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1415 }
1416
1417 talloc_free(ares);
1418 return ldb_request_done(req, LDB_SUCCESS);
1419 }
1420
1421 static struct ldb_request *ldb_build_req_common(TALLOC_CTX *mem_ctx,
1422 struct ldb_context *ldb,
1423 struct ldb_control **controls,
1424 void *context,
1425 ldb_request_callback_t callback,
1426 struct ldb_request *parent)
1427 {
1428 struct ldb_request *req = NULL;
1429
1430 req = talloc_zero(mem_ctx, struct ldb_request);
1431 if (req == NULL) {
1432 return NULL;
1433 }
1434 req->controls = controls;
1435 req->context = context;
1436 req->callback = callback;
1437
1438 ldb_set_timeout_from_prev_req(ldb, parent, req);
1439
1440 if (parent != NULL) {
1441 req->handle = ldb_handle_new_child(req, parent);
1442 if (req->handle == NULL) {
1443 TALLOC_FREE(req);
1444 return NULL;
1445 }
1446 } else {
1447 req->handle = ldb_handle_new(req, ldb);
1448 if (req->handle == NULL) {
1449 TALLOC_FREE(req);
1450 return NULL;
1451 }
1452 }
1453
1454 return req;
1455 }
1456
1457 int ldb_build_search_req_ex(struct ldb_request **ret_req,
1458 struct ldb_context *ldb,
1459 TALLOC_CTX *mem_ctx,
1460 struct ldb_dn *base,
1461 enum ldb_scope scope,
1462 struct ldb_parse_tree *tree,
1463 const char * const *attrs,
1464 struct ldb_control **controls,
1465 void *context,
1466 ldb_request_callback_t callback,
1467 struct ldb_request *parent)
1468 {
1469 struct ldb_request *req;
1470
1471 *ret_req = NULL;
1472
1473 req = ldb_build_req_common(mem_ctx, ldb, controls,
1474 context, callback, parent);
1475 if (req == NULL) {
1476 ldb_oom(ldb);
1477 return LDB_ERR_OPERATIONS_ERROR;
1478 }
1479
1480 req->operation = LDB_SEARCH;
1481 if (base == NULL) {
1482 req->op.search.base = ldb_dn_new(req, ldb, NULL);
1483 if (req->op.search.base == NULL) {
1484 ldb_oom(ldb);
1485 return LDB_ERR_OPERATIONS_ERROR;
1486 }
1487 } else {
1488 req->op.search.base = base;
1489 }
1490 req->op.search.scope = scope;
1491
1492 req->op.search.tree = tree;
1493 if (req->op.search.tree == NULL) {
1494 ldb_set_errstring(ldb, "'tree' can't be NULL");
1495 talloc_free(req);
1496 return LDB_ERR_OPERATIONS_ERROR;
1497 }
1498
1499 req->op.search.attrs = attrs;
1500 *ret_req = req;
1501 return LDB_SUCCESS;
1502 }
1503
1504 int ldb_build_search_req(struct ldb_request **ret_req,
1505 struct ldb_context *ldb,
1506 TALLOC_CTX *mem_ctx,
1507 struct ldb_dn *base,
1508 enum ldb_scope scope,
1509 const char *expression,
1510 const char * const *attrs,
1511 struct ldb_control **controls,
1512 void *context,
1513 ldb_request_callback_t callback,
1514 struct ldb_request *parent)
1515 {
1516 struct ldb_parse_tree *tree;
1517 int ret;
1518
1519 tree = ldb_parse_tree(mem_ctx, expression);
1520 if (tree == NULL) {
1521 ldb_set_errstring(ldb, "Unable to parse search expression");
1522 return LDB_ERR_OPERATIONS_ERROR;
1523 }
1524
1525 ret = ldb_build_search_req_ex(ret_req, ldb, mem_ctx, base,
1526 scope, tree, attrs, controls,
1527 context, callback, parent);
1528 if (ret == LDB_SUCCESS) {
1529 talloc_steal(*ret_req, tree);
1530 }
1531 return ret;
1532 }
1533
1534 int ldb_build_add_req(struct ldb_request **ret_req,
1535 struct ldb_context *ldb,
1536 TALLOC_CTX *mem_ctx,
1537 const struct ldb_message *message,
1538 struct ldb_control **controls,
1539 void *context,
1540 ldb_request_callback_t callback,
1541 struct ldb_request *parent)
1542 {
1543 struct ldb_request *req;
1544
1545 *ret_req = NULL;
1546
1547 req = ldb_build_req_common(mem_ctx, ldb, controls,
1548 context, callback, parent);
1549 if (req == NULL) {
1550 ldb_set_errstring(ldb, "Out of Memory");
1551 return LDB_ERR_OPERATIONS_ERROR;
1552 }
1553
1554 req->operation = LDB_ADD;
1555 req->op.add.message = message;
1556 *ret_req = req;
1557 return LDB_SUCCESS;
1558 }
1559
1560 int ldb_build_mod_req(struct ldb_request **ret_req,
1561 struct ldb_context *ldb,
1562 TALLOC_CTX *mem_ctx,
1563 const struct ldb_message *message,
1564 struct ldb_control **controls,
1565 void *context,
1566 ldb_request_callback_t callback,
1567 struct ldb_request *parent)
1568 {
1569 struct ldb_request *req;
1570
1571 *ret_req = NULL;
1572
1573 req = ldb_build_req_common(mem_ctx, ldb, controls,
1574 context, callback, parent);
1575 if (req == NULL) {
1576 ldb_set_errstring(ldb, "Out of Memory");
1577 return LDB_ERR_OPERATIONS_ERROR;
1578 }
1579
1580 req->operation = LDB_MODIFY;
1581 req->op.mod.message = message;
1582
1583 *ret_req = req;
1584 return LDB_SUCCESS;
1585 }
1586
1587 int ldb_build_del_req(struct ldb_request **ret_req,
1588 struct ldb_context *ldb,
1589 TALLOC_CTX *mem_ctx,
1590 struct ldb_dn *dn,
1591 struct ldb_control **controls,
1592 void *context,
1593 ldb_request_callback_t callback,
1594 struct ldb_request *parent)
1595 {
1596 struct ldb_request *req;
1597
1598 *ret_req = NULL;
1599
1600 req = ldb_build_req_common(mem_ctx, ldb, controls,
1601 context, callback, parent);
1602 if (req == NULL) {
1603 ldb_set_errstring(ldb, "Out of Memory");
1604 return LDB_ERR_OPERATIONS_ERROR;
1605 }
1606
1607 req->operation = LDB_DELETE;
1608 req->op.del.dn = dn;
1609 *ret_req = req;
1610 return LDB_SUCCESS;
1611 }
1612
1613 int ldb_build_rename_req(struct ldb_request **ret_req,
1614 struct ldb_context *ldb,
1615 TALLOC_CTX *mem_ctx,
1616 struct ldb_dn *olddn,
1617 struct ldb_dn *newdn,
1618 struct ldb_control **controls,
1619 void *context,
1620 ldb_request_callback_t callback,
1621 struct ldb_request *parent)
1622 {
1623 struct ldb_request *req;
1624
1625 *ret_req = NULL;
1626
1627 req = ldb_build_req_common(mem_ctx, ldb, controls,
1628 context, callback, parent);
1629 if (req == NULL) {
1630 ldb_set_errstring(ldb, "Out of Memory");
1631 return LDB_ERR_OPERATIONS_ERROR;
1632 }
1633
1634 req->operation = LDB_RENAME;
1635 req->op.rename.olddn = olddn;
1636 req->op.rename.newdn = newdn;
1637 *ret_req = req;
1638 return LDB_SUCCESS;
1639 }
1640
1641 int ldb_extended_default_callback(struct ldb_request *req,
1642 struct ldb_reply *ares)
1643 {
1644 struct ldb_result *res;
1645
1646 res = talloc_get_type(req->context, struct ldb_result);
1647
1648 if (!ares) {
1649 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1650 }
1651 if (ares->error != LDB_SUCCESS) {
1652 return ldb_request_done(req, ares->error);
1653 }
1654
1655 if (ares->type == LDB_REPLY_DONE) {
1656
1657 /* TODO: we should really support controls on entries and referrals too! */
1658 res->extended = talloc_move(res, &ares->response);
1659 res->controls = talloc_move(res, &ares->controls);
1660
1661 talloc_free(ares);
1662 return ldb_request_done(req, LDB_SUCCESS);
1663 }
1664
1665 talloc_free(ares);
1666 ldb_asprintf_errstring(req->handle->ldb, "Invalid LDB reply type %d", ares->type);
1667 return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR);
1668 }
1669
1670 int ldb_build_extended_req(struct ldb_request **ret_req,
1671 struct ldb_context *ldb,
1672 TALLOC_CTX *mem_ctx,
1673 const char *oid,
1674 void *data,
1675 struct ldb_control **controls,
1676 void *context,
1677 ldb_request_callback_t callback,
1678 struct ldb_request *parent)
1679 {
1680 struct ldb_request *req;
1681
1682 *ret_req = NULL;
1683
1684 req = ldb_build_req_common(mem_ctx, ldb, controls,
1685 context, callback, parent);
1686 if (req == NULL) {
1687 ldb_set_errstring(ldb, "Out of Memory");
1688 return LDB_ERR_OPERATIONS_ERROR;
1689 }
1690
1691 req->operation = LDB_EXTENDED;
1692 req->op.extended.oid = oid;
1693 req->op.extended.data = data;
1694 *ret_req = req;
1695 return LDB_SUCCESS;
1696 }
1697
1698 int ldb_extended(struct ldb_context *ldb,
1699 const char *oid,
1700 void *data,
1701 struct ldb_result **_res)
1702 {
1703 struct ldb_request *req;
1704 int ret;
1705 struct ldb_result *res;
1706
1707 *_res = NULL;
1708 req = NULL;
1709
1710 res = talloc_zero(ldb, struct ldb_result);
1711 if (!res) {
1712 return LDB_ERR_OPERATIONS_ERROR;
1713 }
1714
1715 ret = ldb_build_extended_req(&req, ldb, ldb,
1716 oid, data, NULL,
1717 res, ldb_extended_default_callback,
1718 NULL);
1719 ldb_req_set_location(req, "ldb_extended");
1720
1721 if (ret != LDB_SUCCESS) goto done;
1722
1723 ldb_set_timeout(ldb, req, 0); /* use default timeout */
1724
1725 ret = ldb_request(ldb, req);
1726
1727 if (ret == LDB_SUCCESS) {
1728 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1729 }
1730
1731 done:
1732 if (ret != LDB_SUCCESS) {
1733 talloc_free(res);
1734 res = NULL;
1735 }
1736
1737 talloc_free(req);
1738
1739 *_res = res;
1740 return ret;
1741 }
1742
1743 /*
1744 note that ldb_search() will automatically replace a NULL 'base' value
1745 with the defaultNamingContext from the rootDSE if available.
1746 */
1747 int ldb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
1748 struct ldb_result **result, struct ldb_dn *base,
1749 enum ldb_scope scope, const char * const *attrs,
1750 const char *exp_fmt, ...)
1751 {
1752 struct ldb_request *req;
1753 struct ldb_result *res;
1754 char *expression;
1755 va_list ap;
1756 int ret;
1757
1758 expression = NULL;
1759 *result = NULL;
1760 req = NULL;
1761
1762 res = talloc_zero(mem_ctx, struct ldb_result);
1763 if (!res) {
1764 return LDB_ERR_OPERATIONS_ERROR;
1765 }
1766
1767 if (exp_fmt) {
1768 va_start(ap, exp_fmt);
1769 expression = talloc_vasprintf(mem_ctx, exp_fmt, ap);
1770 va_end(ap);
1771
1772 if (!expression) {
1773 talloc_free(res);
1774 return LDB_ERR_OPERATIONS_ERROR;
1775 }
1776 }
1777
1778 ret = ldb_build_search_req(&req, ldb, mem_ctx,
1779 base?base:ldb_get_default_basedn(ldb),
1780 scope,
1781 expression,
1782 attrs,
1783 NULL,
1784 res,
1785 ldb_search_default_callback,
1786 NULL);
1787 ldb_req_set_location(req, "ldb_search");
1788
1789 if (ret != LDB_SUCCESS) goto done;
1790
1791 ret = ldb_request(ldb, req);
1792
1793 if (ret == LDB_SUCCESS) {
1794 ret = ldb_wait(req->handle, LDB_WAIT_ALL);
1795 }
1796
1797 done:
1798 if (ret != LDB_SUCCESS) {
1799 talloc_free(res);
1800 res = NULL;
1801 }
1802
1803 talloc_free(expression);
1804 talloc_free(req);
1805
1806 *result = res;
1807 return ret;
1808 }
1809
1810 /*
1811 add a record to the database. Will fail if a record with the given class
1812 and key already exists
1813 */
1814 int ldb_add(struct ldb_context *ldb,
1815 const struct ldb_message *message)
1816 {
1817 struct ldb_request *req;
1818 int ret;
1819
1820 ret = ldb_msg_sanity_check(ldb, message);
1821 if (ret != LDB_SUCCESS) {
1822 return ret;
1823 }
1824
1825 ret = ldb_build_add_req(&req, ldb, ldb,
1826 message,
1827 NULL,
1828 NULL,
1829 ldb_op_default_callback,
1830 NULL);
1831 ldb_req_set_location(req, "ldb_add");
1832
1833 if (ret != LDB_SUCCESS) return ret;
1834
1835 /* do request and autostart a transaction */
1836 ret = ldb_autotransaction_request(ldb, req);
1837
1838 talloc_free(req);
1839 return ret;
1840 }
1841
1842 /*
1843 modify the specified attributes of a record
1844 */
1845 int ldb_modify(struct ldb_context *ldb,
1846 const struct ldb_message *message)
1847 {
1848 struct ldb_request *req;
1849 int ret;
1850
1851 ret = ldb_msg_sanity_check(ldb, message);
1852 if (ret != LDB_SUCCESS) {
1853 return ret;
1854 }
1855
1856 ret = ldb_build_mod_req(&req, ldb, ldb,
1857 message,
1858 NULL,
1859 NULL,
1860 ldb_op_default_callback,
1861 NULL);
1862 ldb_req_set_location(req, "ldb_modify");
1863
1864 if (ret != LDB_SUCCESS) return ret;
1865
1866 /* do request and autostart a transaction */
1867 ret = ldb_autotransaction_request(ldb, req);
1868
1869 talloc_free(req);
1870 return ret;
1871 }
1872
1873
1874 /*
1875 delete a record from the database
1876 */
1877 int ldb_delete(struct ldb_context *ldb, struct ldb_dn *dn)
1878 {
1879 struct ldb_request *req;
1880 int ret;
1881
1882 ret = ldb_build_del_req(&req, ldb, ldb,
1883 dn,
1884 NULL,
1885 NULL,
1886 ldb_op_default_callback,
1887 NULL);
1888 ldb_req_set_location(req, "ldb_delete");
1889
1890 if (ret != LDB_SUCCESS) return ret;
1891
1892 /* do request and autostart a transaction */
1893 ret = ldb_autotransaction_request(ldb, req);
1894
1895 talloc_free(req);
1896 return ret;
1897 }
1898
1899 /*
1900 rename a record in the database
1901 */
1902 int ldb_rename(struct ldb_context *ldb,
1903 struct ldb_dn *olddn, struct ldb_dn *newdn)
1904 {
1905 struct ldb_request *req;
1906 int ret;
1907
1908 ret = ldb_build_rename_req(&req, ldb, ldb,
1909 olddn,
1910 newdn,
1911 NULL,
1912 NULL,
1913 ldb_op_default_callback,
1914 NULL);
1915 ldb_req_set_location(req, "ldb_rename");
1916
1917 if (ret != LDB_SUCCESS) return ret;
1918
1919 /* do request and autostart a transaction */
1920 ret = ldb_autotransaction_request(ldb, req);
1921
1922 talloc_free(req);
1923 return ret;
1924 }
1925
1926
1927 /*
1928 return the global sequence number
1929 */
1930 int ldb_sequence_number(struct ldb_context *ldb,
1931 enum ldb_sequence_type type, uint64_t *seq_num)
1932 {
1933 struct ldb_seqnum_request *seq;
1934 struct ldb_seqnum_result *seqr;
1935 struct ldb_result *res;
1936 TALLOC_CTX *tmp_ctx;
1937 int ret;
1938
1939 *seq_num = 0;
1940
1941 tmp_ctx = talloc_zero(ldb, struct ldb_request);
1942 if (tmp_ctx == NULL) {
1943 ldb_set_errstring(ldb, "Out of Memory");
1944 return LDB_ERR_OPERATIONS_ERROR;
1945 }
1946 seq = talloc_zero(tmp_ctx, struct ldb_seqnum_request);
1947 if (seq == NULL) {
1948 ldb_set_errstring(ldb, "Out of Memory");
1949 ret = LDB_ERR_OPERATIONS_ERROR;
1950 goto done;
1951 }
1952 seq->type = type;
1953
1954 ret = ldb_extended(ldb, LDB_EXTENDED_SEQUENCE_NUMBER, seq, &res);
1955 if (ret != LDB_SUCCESS) {
1956 goto done;
1957 }
1958 talloc_steal(tmp_ctx, res);
1959
1960 if (strcmp(LDB_EXTENDED_SEQUENCE_NUMBER, res->extended->oid) != 0) {
1961 ldb_set_errstring(ldb, "Invalid OID in reply");
1962 ret = LDB_ERR_OPERATIONS_ERROR;
1963 goto done;
1964 }
1965 seqr = talloc_get_type(res->extended->data,
1966 struct ldb_seqnum_result);
1967 *seq_num = seqr->seq_num;
1968
1969 done:
1970 talloc_free(tmp_ctx);
1971 return ret;
1972 }
1973
1974 /*
1975 return extended error information
1976 */
1977 const char *ldb_errstring(struct ldb_context *ldb)
1978 {
1979 return ldb->err_string;
1980 }
1981
1982 /*
1983 return a string explaining what a ldb error constant means
1984 */
1985 const char *ldb_strerror(int ldb_err)
1986 {
1987 switch (ldb_err) {
1988 case LDB_SUCCESS:
1989 return "Success";
1990 case LDB_ERR_OPERATIONS_ERROR:
1991 return "Operations error";
1992 case LDB_ERR_PROTOCOL_ERROR:
1993 return "Protocol error";
1994 case LDB_ERR_TIME_LIMIT_EXCEEDED:
1995 return "Time limit exceeded";
1996 case LDB_ERR_SIZE_LIMIT_EXCEEDED:
1997 return "Size limit exceeded";
1998 case LDB_ERR_COMPARE_FALSE:
1999 return "Compare false";
2000 case LDB_ERR_COMPARE_TRUE:
2001 return "Compare true";
2002 case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
2003 return "Auth method not supported";
2004 case LDB_ERR_STRONG_AUTH_REQUIRED:
2005 return "Strong auth required";
2006 /* 9 RESERVED */
2007 case LDB_ERR_REFERRAL:
2008 return "Referral error";
2009 case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
2010 return "Admin limit exceeded";
2011 case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
2012 return "Unsupported critical extension";
2013 case LDB_ERR_CONFIDENTIALITY_REQUIRED:
2014 return "Confidentiality required";
2015 case LDB_ERR_SASL_BIND_IN_PROGRESS:
2016 return "SASL bind in progress";
2017 case LDB_ERR_NO_SUCH_ATTRIBUTE:
2018 return "No such attribute";
2019 case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
2020 return "Undefined attribute type";
2021 case LDB_ERR_INAPPROPRIATE_MATCHING:
2022 return "Inappropriate matching";
2023 case LDB_ERR_CONSTRAINT_VIOLATION:
2024 return "Constraint violation";
2025 case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
2026 return "Attribute or value exists";
2027 case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
2028 return "Invalid attribute syntax";
2029 /* 22-31 unused */
2030 case LDB_ERR_NO_SUCH_OBJECT:
2031 return "No such object";
2032 case LDB_ERR_ALIAS_PROBLEM:
2033 return "Alias problem";
2034 case LDB_ERR_INVALID_DN_SYNTAX:
2035 return "Invalid DN syntax";
2036 /* 35 RESERVED */
2037 case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
2038 return "Alias dereferencing problem";
2039 /* 37-47 unused */
2040 case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
2041 return "Inappropriate authentication";
2042 case LDB_ERR_INVALID_CREDENTIALS:
2043 return "Invalid credentials";
2044 case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
2045 return "insufficient access rights";
2046 case LDB_ERR_BUSY:
2047 return "Busy";
2048 case LDB_ERR_UNAVAILABLE:
2049 return "Unavailable";
2050 case LDB_ERR_UNWILLING_TO_PERFORM:
2051 return "Unwilling to perform";
2052 case LDB_ERR_LOOP_DETECT:
2053 return "Loop detect";
2054 /* 55-63 unused */
2055 case LDB_ERR_NAMING_VIOLATION:
2056 return "Naming violation";
2057 case LDB_ERR_OBJECT_CLASS_VIOLATION:
2058 return "Object class violation";
2059 case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
2060 return "Not allowed on non-leaf";
2061 case LDB_ERR_NOT_ALLOWED_ON_RDN:
2062 return "Not allowed on RDN";
2063 case LDB_ERR_ENTRY_ALREADY_EXISTS:
2064 return "Entry already exists";
2065 case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
2066 return "Object class mods prohibited";
2067 /* 70 RESERVED FOR CLDAP */
2068 case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
2069 return "Affects multiple DSAs";
2070 /* 72-79 unused */
2071 case LDB_ERR_OTHER:
2072 return "Other";
2073 }
2074
2075 return "Unknown error";
2076 }
2077
2078 /*
2079 set backend specific opaque parameters
2080 */
2081 int ldb_set_opaque(struct ldb_context *ldb, const char *name, void *value)
2082 {
2083 struct ldb_opaque *o;
2084
2085 /* allow updating an existing value */
2086 for (o=ldb->opaque;o;o=o->next) {
2087 if (strcmp(o->name, name) == 0) {
2088 o->value = value;
2089 return LDB_SUCCESS;
2090 }
2091 }
2092
2093 o = talloc(ldb, struct ldb_opaque);
2094 if (o == NULL) {
2095 ldb_oom(ldb);
2096 return LDB_ERR_OTHER;
2097 }
2098 o->next = ldb->opaque;
2099 o->name = name;
2100 o->value = value;
2101 ldb->opaque = o;
2102 return LDB_SUCCESS;
2103 }
2104
2105 /*
2106 get a previously set opaque value
2107 */
2108 void *ldb_get_opaque(struct ldb_context *ldb, const char *name)
2109 {
2110 struct ldb_opaque *o;
2111 for (o=ldb->opaque;o;o=o->next) {
2112 if (strcmp(o->name, name) == 0) {
2113 return o->value;
2114 }
2115 }
2116 return NULL;
2117 }
2118
2119 int ldb_global_init(void)
2120 {
2121 /* Provided for compatibility with some older versions of ldb */
2122 return 0;
2123 }
2124
2125 /* return the ldb flags */
2126 unsigned int ldb_get_flags(struct ldb_context *ldb)
2127 {
2128 return ldb->flags;
2129 }
2130
2131 /* set the ldb flags */
2132 void ldb_set_flags(struct ldb_context *ldb, unsigned flags)
2133 {
2134 ldb->flags = flags;
2135 }
2136
2137
2138 /*
2139 set the location in a ldb request. Used for debugging
2140 */
2141 void ldb_req_set_location(struct ldb_request *req, const char *location)
2142 {
2143 if (req && req->handle) {
2144 req->handle->location = location;
2145 }
2146 }
2147
2148 /*
2149 return the location set with dsdb_req_set_location
2150 */
2151 const char *ldb_req_location(struct ldb_request *req)
2152 {
2153 return req->handle->location;
2154 }
2155
2156 /**
2157 mark a request as untrusted. This tells the rootdse module to remove
2158 unregistered controls
2159 */
2160 void ldb_req_mark_untrusted(struct ldb_request *req)
2161 {
2162 req->handle->flags |= LDB_HANDLE_FLAG_UNTRUSTED;
2163 }
2164
2165 /**
2166 mark a request as trusted.
2167 */
2168 void ldb_req_mark_trusted(struct ldb_request *req)
2169 {
2170 req->handle->flags &= ~LDB_HANDLE_FLAG_UNTRUSTED;
2171 }
2172
2173 /**
2174 set custom flags. Those flags are set by applications using ldb,
2175 they are application dependent and the same bit can have different
2176 meaning in different application.
2177 */
2178 void ldb_req_set_custom_flags(struct ldb_request *req, uint32_t flags)
2179 {
2180 if (req != NULL && req->handle != NULL) {
2181 req->handle->custom_flags = flags;
2182 }
2183 }
2184
2185
2186 /**
2187 get custom flags. Those flags are set by applications using ldb,
2188 they are application dependent and the same bit can have different
2189 meaning in different application.
2190 */
2191 uint32_t ldb_req_get_custom_flags(struct ldb_request *req)
2192 {
2193 if (req != NULL && req->handle != NULL) {
2194 return req->handle->custom_flags;
2195 }
2196
2197 /*
2198 * 0 is not something any better or worse than
2199 * anything else as req or the handle is NULL
2200 */
2201 return 0;
2202 }
2203
2204
2205 /**
2206 * return true if a request is untrusted
2207 */
2208 bool ldb_req_is_untrusted(struct ldb_request *req)
2209 {
2210 return (req->handle->flags & LDB_HANDLE_FLAG_UNTRUSTED) != 0;
2211 }
GSS-enabled samba4