Line data Source code
1 : /*
2 : ldb database library
3 :
4 : Copyright (C) Simo Sorce 2004-2008
5 :
6 : ** NOTE! The following LGPL license applies to the ldb
7 : ** library. This does NOT imply that all of Samba is released
8 : ** under the LGPL
9 :
10 : This library is free software; you can redistribute it and/or
11 : modify it under the terms of the GNU Lesser General Public
12 : License as published by the Free Software Foundation; either
13 : version 3 of the License, or (at your option) any later version.
14 :
15 : This library is distributed in the hope that it will be useful,
16 : but WITHOUT ANY WARRANTY; without even the implied warranty of
17 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 : Lesser General Public License for more details.
19 :
20 : You should have received a copy of the GNU Lesser General Public
21 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
22 : */
23 :
24 : /*
25 : * Name: ldb
26 : *
27 : * Component: ldb modules core
28 : *
29 : * Description: core modules routines
30 : *
31 : * Author: Simo Sorce
32 : */
33 :
34 : #include "ldb_private.h"
35 : #include "dlinklist.h"
36 : #include "system/dir.h"
37 :
38 1368141 : static char *ldb_modules_strdup_no_spaces(TALLOC_CTX *mem_ctx, const char *string)
39 : {
40 24290 : size_t i, len;
41 24290 : char *trimmed;
42 :
43 1368141 : trimmed = talloc_strdup(mem_ctx, string);
44 1368141 : if (!trimmed) {
45 0 : return NULL;
46 : }
47 :
48 1368141 : len = strlen(trimmed);
49 11828010 : for (i = 0; trimmed[i] != '\0'; i++) {
50 10459869 : switch (trimmed[i]) {
51 0 : case ' ':
52 : case '\t':
53 : case '\n':
54 188834 : memmove(&trimmed[i], &trimmed[i + 1], len -i -1);
55 0 : break;
56 : }
57 : }
58 :
59 1343851 : return trimmed;
60 : }
61 :
62 :
63 : /* modules are called in inverse order on the stack.
64 : Lets place them as an admin would think the right order is.
65 : Modules order is important */
66 1368141 : const char **ldb_modules_list_from_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const char *string)
67 : {
68 1368141 : char **modules = NULL;
69 24290 : const char **m;
70 24290 : char *modstr, *p;
71 24290 : unsigned int i;
72 :
73 : /* spaces not admitted */
74 1368141 : modstr = ldb_modules_strdup_no_spaces(mem_ctx, string);
75 1368141 : if ( ! modstr) {
76 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_strdup_no_spaces()");
77 0 : return NULL;
78 : }
79 :
80 1368141 : modules = talloc_realloc(mem_ctx, modules, char *, 2);
81 1368141 : if ( ! modules ) {
82 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
83 0 : talloc_free(modstr);
84 0 : return NULL;
85 : }
86 1368141 : talloc_steal(modules, modstr);
87 :
88 1368141 : if (modstr[0] == '\0') {
89 408181 : modules[0] = NULL;
90 408181 : m = discard_const_p(const char *, modules);
91 408181 : return m;
92 : }
93 :
94 942887 : i = 0;
95 : /* The str*r*chr walks backwards: This is how we get the inverse order mentioned above */
96 962011 : while ((p = strrchr(modstr, ',')) != NULL) {
97 2051 : *p = '\0';
98 2051 : p++;
99 2051 : modules[i] = p;
100 :
101 2051 : i++;
102 2051 : modules = talloc_realloc(mem_ctx, modules, char *, i + 2);
103 2051 : if ( ! modules ) {
104 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "Out of Memory in ldb_modules_list_from_string()");
105 0 : return NULL;
106 : }
107 :
108 : }
109 959960 : modules[i] = modstr;
110 :
111 959960 : modules[i + 1] = NULL;
112 :
113 959960 : m = discard_const_p(const char *, modules);
114 :
115 959960 : return m;
116 : }
117 :
118 : static struct backends_list_entry {
119 : struct ldb_backend_ops *ops;
120 : struct backends_list_entry *prev, *next;
121 : } *ldb_backends = NULL;
122 :
123 : static struct ops_list_entry {
124 : const struct ldb_module_ops *ops;
125 : struct ops_list_entry *next;
126 : } *registered_modules = NULL;
127 :
128 3010245 : static struct backends_list_entry *ldb_find_backend(const char *url_prefix)
129 : {
130 61915 : struct backends_list_entry *backend;
131 :
132 16539515 : for (backend = ldb_backends; backend; backend = backend->next) {
133 16344968 : if (strcmp(backend->ops->name, url_prefix) == 0) {
134 2815698 : return backend;
135 : }
136 : }
137 :
138 186207 : return NULL;
139 : }
140 :
141 : /*
142 : register a new ldb backend
143 :
144 : if override is true, then override any existing backend for this prefix
145 : */
146 291774 : int ldb_register_backend(const char *url_prefix, ldb_connect_fn connectfn, bool override)
147 : {
148 12510 : struct backends_list_entry *be;
149 :
150 291774 : be = ldb_find_backend(url_prefix);
151 291774 : if (be) {
152 97227 : if (!override) {
153 93057 : return LDB_SUCCESS;
154 : }
155 : } else {
156 194547 : be = talloc_zero(ldb_backends, struct backends_list_entry);
157 194547 : if (!be) {
158 0 : return LDB_ERR_OPERATIONS_ERROR;
159 : }
160 194547 : be->ops = talloc_zero(be, struct ldb_backend_ops);
161 194547 : if (!be->ops) {
162 0 : talloc_free(be);
163 0 : return LDB_ERR_OPERATIONS_ERROR;
164 : }
165 194547 : DLIST_ADD_END(ldb_backends, be);
166 : }
167 :
168 194547 : be->ops->name = url_prefix;
169 194547 : be->ops->connect_fn = connectfn;
170 :
171 194547 : return LDB_SUCCESS;
172 : }
173 :
174 : /*
175 : Return the ldb module form of a database.
176 : The URL looks something like this:
177 : tdb://PATH
178 : ldb://PATH
179 : mdb://PATH
180 : ldapi://PATH
181 : PATH (unadorned PATH defaults to tdb://)
182 :
183 : for a complete list of backends (including possibly unmaintained ones) grep
184 : for calls to ldb_register_backend().
185 :
186 : the options are passed uninterpreted to the backend, and are
187 : backend specific.
188 :
189 : This allows modules to get at only the backend module, for example where a
190 : module may wish to direct certain requests at a particular backend.
191 : */
192 2718471 : int ldb_module_connect_backend(struct ldb_context *ldb,
193 : const char *url,
194 : const char *options[],
195 : struct ldb_module **backend_module)
196 : {
197 49405 : int ret;
198 49405 : char *backend;
199 49405 : struct backends_list_entry *be;
200 2718471 : char *colon = NULL;
201 :
202 2718471 : colon = strchr(url, ':');
203 2718471 : if (colon != NULL) {
204 2002499 : backend = talloc_strndup(ldb, url, colon-url);
205 : } else {
206 : /* Default to tdb */
207 715972 : backend = talloc_strdup(ldb, "tdb");
208 : }
209 2718471 : if (backend == NULL) {
210 0 : return ldb_oom(ldb);
211 : }
212 :
213 2718471 : be = ldb_find_backend(backend);
214 :
215 2718471 : talloc_free(backend);
216 :
217 2718471 : if (be == NULL) {
218 0 : ldb_debug(ldb, LDB_DEBUG_FATAL,
219 : "Unable to find backend for '%s' - do you need to set LDB_MODULES_PATH?", url);
220 0 : return LDB_ERR_OTHER;
221 : }
222 :
223 2718471 : ret = be->ops->connect_fn(ldb, url, ldb->flags, options, backend_module);
224 :
225 2718471 : if (ret != LDB_SUCCESS) {
226 1629 : ldb_debug(ldb, LDB_DEBUG_ERROR,
227 1629 : "Failed to connect to '%s' with backend '%s': %s", url, be->ops->name, ldb_errstring(ldb));
228 1629 : return ret;
229 : }
230 2667442 : return ret;
231 : }
232 :
233 : static struct ldb_hooks {
234 : struct ldb_hooks *next, *prev;
235 : ldb_hook_fn hook_fn;
236 : } *ldb_hooks;
237 :
238 : /*
239 : register a ldb hook function
240 : */
241 32433 : int ldb_register_hook(ldb_hook_fn hook_fn)
242 : {
243 1390 : struct ldb_hooks *lc;
244 32433 : lc = talloc_zero(ldb_hooks, struct ldb_hooks);
245 32433 : if (lc == NULL) {
246 0 : return LDB_ERR_OPERATIONS_ERROR;
247 : }
248 32433 : lc->hook_fn = hook_fn;
249 32433 : DLIST_ADD_END(ldb_hooks, lc);
250 31043 : return LDB_SUCCESS;
251 : }
252 :
253 : /*
254 : call ldb hooks of a given type
255 : */
256 4626 : int ldb_modules_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
257 : {
258 633 : struct ldb_hooks *lc;
259 9252 : for (lc = ldb_hooks; lc; lc=lc->next) {
260 4626 : int ret = lc->hook_fn(ldb, t);
261 4626 : if (ret != LDB_SUCCESS) {
262 0 : return ret;
263 : }
264 : }
265 3993 : return LDB_SUCCESS;
266 : }
267 :
268 :
269 18683511 : static const struct ldb_module_ops *ldb_find_module_ops(const char *name)
270 : {
271 366461 : struct ops_list_entry *e;
272 :
273 548069312 : for (e = registered_modules; e; e = e->next) {
274 546320362 : if (strcmp(e->ops->name, name) == 0)
275 16934561 : return e->ops;
276 : }
277 :
278 1673874 : return NULL;
279 : }
280 :
281 :
282 1749030 : int ldb_register_module(const struct ldb_module_ops *ops)
283 : {
284 75156 : struct ops_list_entry *entry;
285 :
286 1749030 : if (ldb_find_module_ops(ops->name) != NULL)
287 0 : return LDB_ERR_ENTRY_ALREADY_EXISTS;
288 :
289 : /*
290 : * ldb modules are not (yet) unloaded and
291 : * are only loaded once (the above check
292 : * makes sure of this). Allocate off the NULL
293 : * context. We never want this to be freed
294 : * until process shutdown. If eventually we
295 : * want to unload ldb modules we can add a
296 : * deregister function that walks and
297 : * frees the list.
298 : */
299 1748950 : entry = talloc(NULL, struct ops_list_entry);
300 1748950 : if (entry == NULL) {
301 0 : return LDB_ERR_OPERATIONS_ERROR;
302 : }
303 :
304 1748950 : entry->ops = ops;
305 1748950 : entry->next = registered_modules;
306 1748950 : registered_modules = entry;
307 :
308 1748950 : return LDB_SUCCESS;
309 : }
310 :
311 : /*
312 : load a list of modules
313 : */
314 3061142 : int ldb_module_load_list(struct ldb_context *ldb, const char **module_list,
315 : struct ldb_module *backend, struct ldb_module **out)
316 : {
317 54042 : struct ldb_module *module;
318 54042 : unsigned int i;
319 :
320 3061142 : module = backend;
321 :
322 19995623 : for (i = 0; module_list && module_list[i] != NULL; i++) {
323 291305 : struct ldb_module *current;
324 291305 : const struct ldb_module_ops *ops;
325 :
326 16934481 : if (strcmp(module_list[i], "") == 0) {
327 0 : continue;
328 : }
329 :
330 16934481 : ops = ldb_find_module_ops(module_list[i]);
331 :
332 16934481 : if (ops == NULL) {
333 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?",
334 0 : module_list[i]);
335 0 : return LDB_ERR_OPERATIONS_ERROR;
336 : }
337 :
338 16934481 : current = talloc_zero(ldb, struct ldb_module);
339 16934481 : if (current == NULL) {
340 0 : return LDB_ERR_OPERATIONS_ERROR;
341 : }
342 16934481 : talloc_set_name(current, "ldb_module: %s", module_list[i]);
343 :
344 16934481 : current->ldb = ldb;
345 16934481 : current->ops = ops;
346 :
347 16934481 : DLIST_ADD(module, current);
348 : }
349 3061142 : *out = module;
350 3061142 : return LDB_SUCCESS;
351 : }
352 :
353 : /*
354 : initialise a chain of modules
355 : */
356 13687324 : int ldb_module_init_chain(struct ldb_context *ldb, struct ldb_module *module)
357 : {
358 19677333 : while (module && module->ops->init_context == NULL)
359 5990009 : module = module->next;
360 :
361 : /* init is different in that it is not an error if modules
362 : * do not require initialization */
363 :
364 13687324 : if (module) {
365 13661196 : int ret = module->ops->init_context(module);
366 13661196 : if (ret != LDB_SUCCESS) {
367 7 : ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed : %s",
368 7 : module->ops->name, ldb_strerror(ret));
369 7 : return ret;
370 : }
371 : }
372 :
373 13449331 : return LDB_SUCCESS;
374 : }
375 :
376 754209 : int ldb_load_modules(struct ldb_context *ldb, const char *options[])
377 : {
378 14959 : const char *modules_string;
379 754209 : const char **modules = NULL;
380 14959 : int ret;
381 754209 : TALLOC_CTX *mem_ctx = talloc_new(ldb);
382 754209 : if (!mem_ctx) {
383 0 : return ldb_oom(ldb);
384 : }
385 :
386 : /* find out which modules we are requested to activate */
387 :
388 : /* check if we have a custom module list passd as ldb option */
389 754209 : if (options) {
390 5859 : modules_string = ldb_options_find(ldb, options, "modules");
391 5859 : if (modules_string) {
392 5499 : modules = ldb_modules_list_from_string(ldb, mem_ctx, modules_string);
393 : }
394 : }
395 :
396 : /* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
397 754209 : if ((modules == NULL) && (strcmp("ldap", ldb->modules->ops->name) != 0)) {
398 724574 : const char * const attrs[] = { "@LIST" , NULL};
399 724574 : struct ldb_result *res = NULL;
400 14610 : struct ldb_dn *mods_dn;
401 :
402 724574 : mods_dn = ldb_dn_new(mem_ctx, ldb, "@MODULES");
403 724574 : if (mods_dn == NULL) {
404 0 : talloc_free(mem_ctx);
405 0 : return ldb_oom(ldb);
406 : }
407 :
408 724574 : ret = ldb_search(ldb, mods_dn, &res, mods_dn, LDB_SCOPE_BASE, attrs, "@LIST=*");
409 :
410 724574 : if (ret == LDB_ERR_NO_SUCH_OBJECT) {
411 43 : ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
412 724531 : } else if (ret != LDB_SUCCESS) {
413 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for modules, bailing out", ldb_errstring(ldb));
414 0 : talloc_free(mem_ctx);
415 0 : return ret;
416 : } else {
417 14598 : const char *module_list;
418 724531 : if (res->count == 0) {
419 177611 : ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
420 546920 : } else if (res->count > 1) {
421 0 : ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found (%u), bailing out", res->count);
422 0 : talloc_free(mem_ctx);
423 0 : return LDB_ERR_OPERATIONS_ERROR;
424 : } else {
425 546920 : module_list = ldb_msg_find_attr_as_string(res->msgs[0], "@LIST", NULL);
426 546920 : if (!module_list) {
427 0 : ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db");
428 : }
429 546920 : modules = ldb_modules_list_from_string(ldb, mem_ctx,
430 : module_list);
431 : }
432 : }
433 :
434 724574 : talloc_free(mods_dn);
435 : }
436 :
437 754209 : if (modules != NULL) {
438 552419 : ret = ldb_module_load_list(ldb, modules, ldb->modules, &ldb->modules);
439 552419 : if (ret != LDB_SUCCESS) {
440 0 : talloc_free(mem_ctx);
441 0 : return ret;
442 : }
443 : } else {
444 201790 : ldb_debug(ldb, LDB_DEBUG_TRACE, "No modules specified for this database");
445 : }
446 :
447 754209 : ret = ldb_module_init_chain(ldb, ldb->modules);
448 754209 : talloc_free(mem_ctx);
449 754209 : return ret;
450 : }
451 :
452 : /*
453 : by using this we allow ldb modules to only implement the functions they care about,
454 : which makes writing a module simpler, and makes it more likely to keep working
455 : when ldb is extended
456 : */
457 : #define FIND_OP_NOERR(module, op) do { \
458 : module = module->next; \
459 : while (module && module->ops->op == NULL) module = module->next; \
460 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) { \
461 : ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_trace_next_request: (%s)->" #op, \
462 : module->ops->name); \
463 : } \
464 : } while (0)
465 :
466 : #define FIND_OP(module, op) do { \
467 : struct ldb_context *ldb = module->ldb; \
468 : FIND_OP_NOERR(module, op); \
469 : if (module == NULL) { \
470 : ldb_asprintf_errstring(ldb, "Unable to find backend operation for " #op ); \
471 : return LDB_ERR_OPERATIONS_ERROR; \
472 : } \
473 : } while (0)
474 :
475 :
476 4680158 : struct ldb_module *ldb_module_new(TALLOC_CTX *memctx,
477 : struct ldb_context *ldb,
478 : const char *module_name,
479 : const struct ldb_module_ops *ops)
480 : {
481 83910 : struct ldb_module *module;
482 :
483 4680158 : module = talloc(memctx, struct ldb_module);
484 4680158 : if (!module) {
485 0 : ldb_oom(ldb);
486 0 : return NULL;
487 : }
488 4680158 : talloc_set_name_const(module, module_name);
489 4680158 : module->ldb = ldb;
490 4680158 : module->prev = module->next = NULL;
491 4680158 : module->ops = ops;
492 :
493 4680158 : return module;
494 : }
495 :
496 0 : const char * ldb_module_get_name(struct ldb_module *module)
497 : {
498 0 : return module->ops->name;
499 : }
500 :
501 5675451983 : struct ldb_context *ldb_module_get_ctx(struct ldb_module *module)
502 : {
503 5675451983 : return module->ldb;
504 : }
505 :
506 387971 : const struct ldb_module_ops *ldb_module_get_ops(struct ldb_module *module)
507 : {
508 387971 : return module->ops;
509 : }
510 :
511 3665268771 : void *ldb_module_get_private(struct ldb_module *module)
512 : {
513 3665268771 : return module->private_data;
514 : }
515 :
516 11519517 : void ldb_module_set_private(struct ldb_module *module, void *private_data)
517 : {
518 11519517 : module->private_data = private_data;
519 11519517 : }
520 :
521 : /*
522 : helper functions to call the next module in chain
523 : */
524 :
525 1145805998 : int ldb_next_request(struct ldb_module *module, struct ldb_request *request)
526 : {
527 43915191 : int ret;
528 :
529 1145805998 : if (request->callback == NULL) {
530 0 : ldb_set_errstring(module->ldb, "Requests MUST define callbacks");
531 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
532 : }
533 :
534 1145805998 : request->handle->nesting++;
535 :
536 1145805998 : switch (request->operation) {
537 1068795874 : case LDB_SEARCH:
538 1992708506 : FIND_OP(module, search);
539 1068794897 : ret = module->ops->search(module, request);
540 1068794897 : break;
541 15591869 : case LDB_ADD:
542 26841032 : FIND_OP(module, add);
543 15591869 : ret = module->ops->add(module, request);
544 15591869 : break;
545 19799466 : case LDB_MODIFY:
546 32851373 : FIND_OP(module, modify);
547 19799466 : ret = module->ops->modify(module, request);
548 19799466 : break;
549 1002084 : case LDB_DELETE:
550 3153907 : FIND_OP(module, del);
551 1002084 : ret = module->ops->del(module, request);
552 1002084 : break;
553 562783 : case LDB_RENAME:
554 1357169 : FIND_OP(module, rename);
555 562783 : ret = module->ops->rename(module, request);
556 562783 : break;
557 40053922 : case LDB_EXTENDED:
558 84664890 : FIND_OP(module, extended);
559 40053922 : ret = module->ops->extended(module, request);
560 40053922 : break;
561 0 : default:
562 0 : FIND_OP(module, request);
563 0 : ret = module->ops->request(module, request);
564 0 : break;
565 : }
566 :
567 1145805021 : request->handle->nesting--;
568 :
569 1145805021 : if (ret == LDB_SUCCESS) {
570 1101803255 : return ret;
571 : }
572 86830 : if (!ldb_errstring(module->ldb)) {
573 0 : const char *op;
574 595 : switch (request->operation) {
575 13 : case LDB_SEARCH:
576 13 : op = "LDB_SEARCH";
577 13 : break;
578 78 : case LDB_ADD:
579 78 : op = "LDB_ADD";
580 78 : break;
581 477 : case LDB_MODIFY:
582 477 : op = "LDB_MODIFY";
583 477 : break;
584 18 : case LDB_DELETE:
585 18 : op = "LDB_DELETE";
586 18 : break;
587 9 : case LDB_RENAME:
588 9 : op = "LDB_RENAME";
589 9 : break;
590 0 : case LDB_EXTENDED:
591 0 : op = "LDB_EXTENDED";
592 0 : break;
593 0 : default:
594 0 : op = "request";
595 0 : break;
596 : }
597 :
598 : /* Set a default error string, to place the blame somewhere */
599 595 : ldb_asprintf_errstring(module->ldb, "error in module %s: %s during %s (%d)", module->ops->name, ldb_strerror(ret), op, ret);
600 : }
601 :
602 86830 : if (!(request->handle->flags & LDB_HANDLE_FLAG_DONE_CALLED)) {
603 : /* It is _extremely_ common that a module returns a
604 : * failure without calling ldb_module_done(), but that
605 : * guarantees we will end up hanging in
606 : * ldb_wait(). This fixes it without having to rewrite
607 : * all our modules, and leaves us one less sharp
608 : * corner for module developers to cut themselves on
609 : */
610 4052 : ret = ldb_module_done(request, NULL, NULL, ret);
611 : }
612 86628 : return ret;
613 : }
614 :
615 10970482 : int ldb_next_init(struct ldb_module *module)
616 : {
617 10970482 : module = module->next;
618 :
619 10970482 : return ldb_module_init_chain(module->ldb, module);
620 : }
621 :
622 6639436 : int ldb_next_start_trans(struct ldb_module *module)
623 : {
624 28845 : int ret;
625 22131614 : FIND_OP(module, start_transaction);
626 6639436 : ret = module->ops->start_transaction(module);
627 6639436 : if (ret == LDB_SUCCESS) {
628 6610591 : return ret;
629 : }
630 0 : if (!ldb_errstring(module->ldb)) {
631 : /* Set a default error string, to place the blame somewhere */
632 0 : ldb_asprintf_errstring(module->ldb, "start_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
633 : }
634 0 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
635 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_start_trans error: %s",
636 : ldb_errstring(module->ldb));
637 : }
638 0 : return ret;
639 : }
640 :
641 5114983 : int ldb_next_end_trans(struct ldb_module *module)
642 : {
643 24311 : int ret;
644 20150770 : FIND_OP(module, end_transaction);
645 5114983 : ret = module->ops->end_transaction(module);
646 5114983 : if (ret == LDB_SUCCESS) {
647 5090672 : return ret;
648 : }
649 0 : if (!ldb_errstring(module->ldb)) {
650 : /* Set a default error string, to place the blame somewhere */
651 0 : ldb_asprintf_errstring(module->ldb, "end_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
652 : }
653 0 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
654 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_end_trans error: %s",
655 : ldb_errstring(module->ldb));
656 : }
657 0 : return ret;
658 : }
659 :
660 174912060 : int ldb_next_read_lock(struct ldb_module *module)
661 : {
662 7312057 : int ret;
663 1064684469 : FIND_OP(module, read_lock);
664 174912060 : ret = module->ops->read_lock(module);
665 174912060 : if (ret == LDB_SUCCESS) {
666 167600003 : return ret;
667 : }
668 0 : if (!ldb_errstring(module->ldb)) {
669 : /* Set a default error string, to place the blame somewhere */
670 0 : ldb_asprintf_errstring(module->ldb,
671 : "read_lock error in module %s: %s (%d)",
672 0 : module->ops->name, ldb_strerror(ret),
673 : ret);
674 : }
675 0 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
676 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE,
677 : "ldb_next_read_lock error: %s",
678 : ldb_errstring(module->ldb));
679 : }
680 0 : return ret;
681 : }
682 :
683 174912060 : int ldb_next_read_unlock(struct ldb_module *module)
684 : {
685 7312057 : int ret;
686 1064684469 : FIND_OP(module, read_unlock);
687 174912060 : ret = module->ops->read_unlock(module);
688 174912060 : if (ret == LDB_SUCCESS) {
689 167600003 : return ret;
690 : }
691 0 : if (!ldb_errstring(module->ldb)) {
692 : /* Set a default error string, to place the blame somewhere */
693 0 : ldb_asprintf_errstring(module->ldb,
694 : "read_unlock error in module %s: %s (%d)",
695 0 : module->ops->name, ldb_strerror(ret),
696 : ret);
697 : }
698 0 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
699 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE,
700 : "ldb_next_read_unlock error: %s",
701 : ldb_errstring(module->ldb));
702 : }
703 0 : return ret;
704 : }
705 :
706 4686653 : int ldb_next_prepare_commit(struct ldb_module *module)
707 : {
708 22056 : int ret;
709 14111227 : FIND_OP_NOERR(module, prepare_commit);
710 4686653 : if (module == NULL) {
711 : /* we are allowed to have no prepare commit in
712 : backends */
713 0 : return LDB_SUCCESS;
714 : }
715 4686653 : ret = module->ops->prepare_commit(module);
716 4686653 : if (ret == LDB_SUCCESS) {
717 4664595 : return ret;
718 : }
719 2 : if (!ldb_errstring(module->ldb)) {
720 : /* Set a default error string, to place the blame somewhere */
721 0 : ldb_asprintf_errstring(module->ldb, "prepare_commit error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
722 : }
723 2 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
724 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_prepare_commit error: %s",
725 : ldb_errstring(module->ldb));
726 : }
727 2 : return ret;
728 : }
729 :
730 589542 : int ldb_next_del_trans(struct ldb_module *module)
731 : {
732 52 : int ret;
733 1980793 : FIND_OP(module, del_transaction);
734 589542 : ret = module->ops->del_transaction(module);
735 589542 : if (ret == LDB_SUCCESS) {
736 589490 : return ret;
737 : }
738 0 : if (!ldb_errstring(module->ldb)) {
739 : /* Set a default error string, to place the blame somewhere */
740 0 : ldb_asprintf_errstring(module->ldb, "del_trans error in module %s: %s (%d)", module->ops->name, ldb_strerror(ret), ret);
741 : }
742 0 : if ((module && module->ldb->flags & LDB_FLG_ENABLE_TRACING)) {
743 0 : ldb_debug(module->ldb, LDB_DEBUG_TRACE, "ldb_next_del_trans error: %s",
744 : ldb_errstring(module->ldb));
745 : }
746 0 : return ret;
747 : }
748 :
749 : /* calls the request callback to send an entry
750 : *
751 : * params:
752 : * req: the original request passed to your module
753 : * msg: reply message (must be a talloc pointer, and it will be stolen
754 : * on the ldb_reply that is sent to the callback)
755 : * ctrls: controls to send in the reply (must be a talloc pointer, and it will be stolen
756 : * on the ldb_reply that is sent to the callback)
757 : */
758 :
759 1017349684 : int ldb_module_send_entry(struct ldb_request *req,
760 : struct ldb_message *msg,
761 : struct ldb_control **ctrls)
762 : {
763 28023026 : struct ldb_reply *ares;
764 :
765 1017349684 : ares = talloc_zero(req, struct ldb_reply);
766 1017349684 : if (!ares) {
767 0 : ldb_oom(req->handle->ldb);
768 0 : req->callback(req, NULL);
769 0 : return LDB_ERR_OPERATIONS_ERROR;
770 : }
771 1017349684 : ares->type = LDB_REPLY_ENTRY;
772 1017349684 : ares->message = talloc_steal(ares, msg);
773 1017349684 : ares->controls = talloc_steal(ares, ctrls);
774 1017349684 : ares->error = LDB_SUCCESS;
775 :
776 1017349684 : if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
777 0 : req->handle->nesting == 0) {
778 0 : char *s;
779 0 : struct ldb_ldif ldif;
780 :
781 0 : ldif.changetype = LDB_CHANGETYPE_NONE;
782 0 : ldif.msg = discard_const_p(struct ldb_message, msg);
783 :
784 0 : ldb_debug_add(req->handle->ldb, "ldb_trace_response: ENTRY\n");
785 :
786 : /*
787 : * The choice to call
788 : * ldb_ldif_write_redacted_trace_string() is CRITICAL
789 : * for security. It ensures that we do not output
790 : * passwords into debug logs
791 : */
792 :
793 0 : s = ldb_ldif_write_redacted_trace_string(req->handle->ldb, msg, &ldif);
794 0 : ldb_debug_add(req->handle->ldb, "%s\n", s);
795 0 : talloc_free(s);
796 0 : ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
797 : }
798 :
799 1017349684 : return req->callback(req, ares);
800 : }
801 :
802 : /* calls the request callback to send a referral
803 : *
804 : * params:
805 : * req: the original request passed to your module
806 : * ref: referral string (must be a talloc pointer, steal)
807 : */
808 :
809 38967381 : int ldb_module_send_referral(struct ldb_request *req,
810 : char *ref)
811 : {
812 868197 : struct ldb_reply *ares;
813 :
814 38967381 : ares = talloc_zero(req, struct ldb_reply);
815 38967381 : if (!ares) {
816 0 : ldb_oom(req->handle->ldb);
817 0 : req->callback(req, NULL);
818 0 : return LDB_ERR_OPERATIONS_ERROR;
819 : }
820 38967381 : ares->type = LDB_REPLY_REFERRAL;
821 38967381 : ares->referral = talloc_steal(ares, ref);
822 38967381 : ares->error = LDB_SUCCESS;
823 :
824 38967381 : if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
825 0 : req->handle->nesting == 0) {
826 0 : ldb_debug_add(req->handle->ldb, "ldb_trace_response: REFERRAL\n");
827 0 : ldb_debug_add(req->handle->ldb, "ref: %s\n", ref);
828 0 : ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
829 : }
830 :
831 38967381 : return req->callback(req, ares);
832 : }
833 :
834 : /* calls the original request callback
835 : *
836 : * params:
837 : * req: the original request passed to your module
838 : * ctrls: controls to send in the reply (must be a talloc pointer, steal)
839 : * response: results for extended request (steal)
840 : * error: LDB_SUCCESS for a successful return
841 : * any other ldb error otherwise
842 : */
843 397265103 : int ldb_module_done(struct ldb_request *req,
844 : struct ldb_control **ctrls,
845 : struct ldb_extended *response,
846 : int error)
847 : {
848 15605889 : struct ldb_reply *ares;
849 :
850 397265103 : ares = talloc_zero(req, struct ldb_reply);
851 397265103 : if (!ares) {
852 0 : ldb_oom(req->handle->ldb);
853 0 : req->callback(req, NULL);
854 0 : return LDB_ERR_OPERATIONS_ERROR;
855 : }
856 397265103 : ares->type = LDB_REPLY_DONE;
857 397265103 : ares->controls = talloc_steal(ares, ctrls);
858 397265103 : ares->response = talloc_steal(ares, response);
859 397265103 : ares->error = error;
860 :
861 397265103 : req->handle->flags |= LDB_HANDLE_FLAG_DONE_CALLED;
862 :
863 397265103 : if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
864 0 : req->handle->nesting == 0) {
865 0 : ldb_debug_add(req->handle->ldb, "ldb_trace_response: DONE\n");
866 0 : ldb_debug_add(req->handle->ldb, "error: %d\n", error);
867 0 : if (ldb_errstring(req->handle->ldb)) {
868 0 : ldb_debug_add(req->handle->ldb, "msg: %s\n",
869 0 : ldb_errstring(req->handle->ldb));
870 : }
871 0 : ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);
872 : }
873 :
874 397265103 : return req->callback(req, ares);
875 : }
876 :
877 : /* to be used *only* in modules init functions.
878 : * this function is synchronous and will register
879 : * the requested OID in the rootdse module if present
880 : * otherwise it will return an error */
881 9586470 : int ldb_mod_register_control(struct ldb_module *module, const char *oid)
882 : {
883 167227 : struct ldb_request *req;
884 167227 : int ret;
885 :
886 9586470 : req = talloc_zero(module, struct ldb_request);
887 9586470 : if (req == NULL) {
888 0 : return LDB_ERR_OPERATIONS_ERROR;
889 : }
890 :
891 9586470 : req->operation = LDB_REQ_REGISTER_CONTROL;
892 9586470 : req->op.reg_control.oid = oid;
893 9586470 : req->callback = ldb_op_default_callback;
894 :
895 9586470 : ldb_set_timeout(module->ldb, req, 0);
896 :
897 9586470 : req->handle = ldb_handle_new(req, module->ldb);
898 9586470 : if (req->handle == NULL) {
899 0 : return LDB_ERR_OPERATIONS_ERROR;
900 : }
901 :
902 9586470 : ret = ldb_request(module->ldb, req);
903 9586470 : if (ret == LDB_SUCCESS) {
904 9264753 : ret = ldb_wait(req->handle, LDB_WAIT_ALL);
905 : }
906 9586470 : talloc_free(req);
907 :
908 9586470 : return ret;
909 : }
910 :
911 : static int ldb_modules_load_dir(const char *modules_dir, const char *version);
912 :
913 :
914 : /*
915 : load one module. A static list of loaded module inode numbers is
916 : used to prevent a module being loaded twice
917 :
918 : dlopen() is used on the module, and dlsym() is then used to look for
919 : a ldb_init_module() function. If present, that function is called
920 : with the ldb version number as an argument.
921 :
922 : The ldb_init_module() function will typically call
923 : ldb_register_module() and ldb_register_backend() to register a
924 : module or backend, but it may also be used to register command line
925 : handling functions, ldif handlers or any other local
926 : modifications.
927 :
928 : The ldb_init_module() function does not get a ldb_context passed in,
929 : as modules will be used for multiple ldb context handles. The call
930 : from the first ldb_init() is just a convenient way to ensure it is
931 : called early enough.
932 : */
933 88439222 : static int ldb_modules_load_path(const char *path, const char *version)
934 : {
935 1700245 : void *handle;
936 1700245 : int (*init_fn)(const char *);
937 1700245 : int ret;
938 1700245 : struct stat st;
939 1700245 : static struct loaded {
940 : struct loaded *next, *prev;
941 : ino_t st_ino;
942 : dev_t st_dev;
943 : } *loaded;
944 1700245 : struct loaded *le;
945 1700245 : int dlopen_flags;
946 :
947 : #ifdef RTLD_DEEPBIND
948 88439222 : bool deepbind_enabled = (getenv("LDB_MODULES_DISABLE_DEEPBIND") == NULL);
949 : #endif
950 :
951 88439222 : ret = stat(path, &st);
952 88439222 : if (ret != 0) {
953 0 : fprintf(stderr, "ldb: unable to stat module %s : %s\n", path, strerror(errno));
954 0 : return LDB_ERR_UNAVAILABLE;
955 : }
956 :
957 2631185495 : for (le=loaded; le; le=le->next) {
958 2629306751 : if (le->st_ino == st.st_ino &&
959 86560478 : le->st_dev == st.st_dev) {
960 : /* its already loaded */
961 84940853 : return LDB_SUCCESS;
962 : }
963 : }
964 :
965 1878744 : le = talloc(loaded, struct loaded);
966 1878744 : if (le == NULL) {
967 0 : fprintf(stderr, "ldb: unable to allocated loaded entry\n");
968 0 : return LDB_ERR_UNAVAILABLE;
969 : }
970 :
971 1878744 : le->st_ino = st.st_ino;
972 1878744 : le->st_dev = st.st_dev;
973 :
974 1878744 : DLIST_ADD_END(loaded, le);
975 :
976 : /* if it is a directory, recurse */
977 1878744 : if (S_ISDIR(st.st_mode)) {
978 32433 : return ldb_modules_load_dir(path, version);
979 : }
980 :
981 1846311 : dlopen_flags = RTLD_NOW;
982 : #ifdef RTLD_DEEPBIND
983 : /*
984 : * use deepbind if possible, to avoid issues with different
985 : * system library variants, for example ldb modules may be linked
986 : * against Heimdal while the application may use MIT kerberos.
987 : *
988 : * See the dlopen manpage for details.
989 : *
990 : * One typical user is the bind_dlz module of Samba,
991 : * but symbol versioning might be enough...
992 : *
993 : * We need a way to disable this in order to allow the
994 : * ldb_*ldap modules to work with a preloaded socket wrapper.
995 : *
996 : * So in future we may remove this completely
997 : * or at least invert the default behavior.
998 : */
999 1846311 : if (deepbind_enabled) {
1000 0 : dlopen_flags |= RTLD_DEEPBIND;
1001 : }
1002 : #endif
1003 :
1004 1846311 : handle = dlopen(path, dlopen_flags);
1005 1846311 : if (handle == NULL) {
1006 0 : fprintf(stderr, "ldb: unable to dlopen %s : %s\n", path, dlerror());
1007 0 : return LDB_SUCCESS;
1008 : }
1009 :
1010 1846311 : init_fn = dlsym(handle, "ldb_init_module");
1011 1846311 : if (init_fn == NULL) {
1012 : /* ignore it, it could be an old-style
1013 : * module. Once we've converted all modules we
1014 : * could consider this an error */
1015 0 : dlclose(handle);
1016 0 : return LDB_SUCCESS;
1017 : }
1018 :
1019 1846311 : ret = init_fn(version);
1020 1846311 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1021 : /* the module is already registered - ignore this, as
1022 : * it can happen if LDB_MODULES_PATH points at both
1023 : * the build and install directory
1024 : */
1025 0 : ret = LDB_SUCCESS;
1026 : }
1027 1767081 : return ret;
1028 : }
1029 :
1030 411928427 : static int qsort_string(const char **s1, const char **s2)
1031 : {
1032 411928427 : return strcmp(*s1, *s2);
1033 : }
1034 :
1035 :
1036 : /*
1037 : load all modules from the given ldb modules directory. This is run once
1038 : during the first ldb_init() call.
1039 :
1040 : Modules are loaded in alphabetical order to ensure that any module
1041 : load ordering dependencies are reproducible. Modules should avoid
1042 : relying on load order
1043 : */
1044 1538432 : static int ldb_modules_load_dir(const char *modules_dir, const char *version)
1045 : {
1046 29561 : DIR *dir;
1047 29561 : struct dirent *de;
1048 1538432 : const char **modlist = NULL;
1049 1538432 : TALLOC_CTX *tmp_ctx = talloc_new(NULL);
1050 1538432 : unsigned i, num_modules = 0;
1051 :
1052 1538432 : dir = opendir(modules_dir);
1053 1538432 : if (dir == NULL) {
1054 0 : if (errno == ENOENT) {
1055 0 : talloc_free(tmp_ctx);
1056 : /* we don't have any modules */
1057 0 : return LDB_SUCCESS;
1058 : }
1059 0 : talloc_free(tmp_ctx);
1060 0 : fprintf(stderr, "ldb: unable to open modules directory '%s' - %s\n",
1061 0 : modules_dir, strerror(errno));
1062 0 : return LDB_ERR_UNAVAILABLE;
1063 : }
1064 :
1065 :
1066 92297694 : while ((de = readdir(dir))) {
1067 90759262 : if (ISDOT(de->d_name) || ISDOTDOT(de->d_name))
1068 3076864 : continue;
1069 :
1070 87682398 : modlist = talloc_realloc(tmp_ctx, modlist, const char *, num_modules+1);
1071 87682398 : if (modlist == NULL) {
1072 0 : talloc_free(tmp_ctx);
1073 0 : closedir(dir);
1074 0 : fprintf(stderr, "ldb: unable to allocate modules list\n");
1075 0 : return LDB_ERR_UNAVAILABLE;
1076 : }
1077 87682398 : modlist[num_modules] = talloc_asprintf(modlist, "%s/%s", modules_dir, de->d_name);
1078 87682398 : if (modlist[num_modules] == NULL) {
1079 0 : talloc_free(tmp_ctx);
1080 0 : closedir(dir);
1081 0 : fprintf(stderr, "ldb: unable to allocate module list entry\n");
1082 0 : return LDB_ERR_UNAVAILABLE;
1083 : }
1084 85997421 : num_modules++;
1085 : }
1086 :
1087 1538432 : closedir(dir);
1088 :
1089 : /* sort the directory, so we get consistent load ordering */
1090 1538432 : TYPESAFE_QSORT(modlist, num_modules, qsort_string);
1091 :
1092 89220830 : for (i=0; i<num_modules; i++) {
1093 87682398 : int ret = ldb_modules_load_path(modlist[i], version);
1094 87682398 : if (ret != LDB_SUCCESS) {
1095 0 : fprintf(stderr, "ldb: failed to initialise module %s : %s\n",
1096 0 : modlist[i], ldb_strerror(ret));
1097 0 : talloc_free(tmp_ctx);
1098 0 : return ret;
1099 : }
1100 : }
1101 :
1102 1538432 : talloc_free(tmp_ctx);
1103 :
1104 1538432 : return LDB_SUCCESS;
1105 : }
1106 :
1107 : /*
1108 : load any additional modules from the given directory
1109 : */
1110 1505999 : void ldb_set_modules_dir(struct ldb_context *ldb, const char *path)
1111 : {
1112 1505999 : int ret = ldb_modules_load_dir(path, LDB_VERSION);
1113 1505999 : if (ret != LDB_SUCCESS) {
1114 0 : ldb_asprintf_errstring(ldb, "Failed to load modules from: %s\n", path);
1115 : }
1116 1505999 : }
1117 :
1118 :
1119 : /*
1120 : load all modules static (builtin) modules
1121 : */
1122 756824 : static int ldb_modules_load_static(const char *version)
1123 : {
1124 15268 : static bool initialised;
1125 : #define _MODULE_PROTO(init) extern int init(const char *);
1126 15268 : STATIC_ldb_MODULES_PROTO;
1127 756824 : const ldb_module_init_fn static_init_functions[] = { STATIC_ldb_MODULES };
1128 15268 : unsigned i;
1129 :
1130 756824 : if (initialised) {
1131 710513 : return LDB_SUCCESS;
1132 : }
1133 32433 : initialised = true;
1134 :
1135 32433 : for (i=0; static_init_functions[i]; i++) {
1136 0 : int ret = static_init_functions[i](version);
1137 0 : if (ret != LDB_SUCCESS) {
1138 0 : return ret;
1139 : }
1140 : }
1141 31043 : return LDB_SUCCESS;
1142 : }
1143 :
1144 : /*
1145 : load all modules from the given ldb modules path, colon
1146 : separated.
1147 :
1148 : modules are loaded recursively for all subdirectories in the paths
1149 : */
1150 756824 : int ldb_modules_load(const char *modules_path, const char *version)
1151 : {
1152 756824 : char *tok, *path, *tok_ptr=NULL;
1153 15268 : int ret;
1154 :
1155 756824 : ret = ldb_modules_load_static(version);
1156 756824 : if (ret != LDB_SUCCESS) {
1157 0 : return ret;
1158 : }
1159 :
1160 756824 : path = talloc_strdup(NULL, modules_path);
1161 756824 : if (path == NULL) {
1162 0 : fprintf(stderr, "ldb: failed to allocate modules_path\n");
1163 0 : return LDB_ERR_UNAVAILABLE;
1164 : }
1165 :
1166 756824 : for (tok=strtok_r(path, ":", &tok_ptr);
1167 1513648 : tok;
1168 756824 : tok=strtok_r(NULL, ":", &tok_ptr)) {
1169 756824 : ret = ldb_modules_load_path(tok, version);
1170 756824 : if (ret != LDB_SUCCESS) {
1171 0 : talloc_free(path);
1172 0 : return ret;
1173 : }
1174 : }
1175 756824 : talloc_free(path);
1176 :
1177 756824 : return LDB_SUCCESS;
1178 : }
1179 :
1180 :
1181 : /*
1182 : return a string representation of the calling chain for the given
1183 : ldb request
1184 : */
1185 0 : char *ldb_module_call_chain(struct ldb_request *req, TALLOC_CTX *mem_ctx)
1186 : {
1187 0 : char *ret;
1188 0 : unsigned int i = 0;
1189 :
1190 0 : ret = talloc_strdup(mem_ctx, "");
1191 0 : if (ret == NULL) {
1192 0 : return NULL;
1193 : }
1194 :
1195 0 : while (req && req->handle) {
1196 0 : talloc_asprintf_addbuf(&ret, "req[%u] %p : %s\n",
1197 : i++, req, ldb_req_location(req));
1198 0 : req = req->handle->parent;
1199 : }
1200 0 : return ret;
1201 : }
1202 :
1203 :
1204 : /*
1205 : return the next module in the chain
1206 : */
1207 546090 : struct ldb_module *ldb_module_next(struct ldb_module *module)
1208 : {
1209 546090 : return module->next;
1210 : }
1211 :
1212 : /*
1213 : set the next module in the module chain
1214 : */
1215 2508755 : void ldb_module_set_next(struct ldb_module *module, struct ldb_module *next)
1216 : {
1217 2508755 : module->next = next;
1218 2508755 : }
1219 :
1220 :
1221 : /*
1222 : get the popt_options pointer in the ldb structure. This allows a ldb
1223 : module to change the command line parsing
1224 : */
1225 3082 : struct poptOption **ldb_module_popt_options(struct ldb_context *ldb)
1226 : {
1227 3082 : return &ldb->popt_options;
1228 : }
1229 :
1230 :
1231 : /*
1232 : return the current ldb flags LDB_FLG_*
1233 : */
1234 349578302 : uint32_t ldb_module_flags(struct ldb_context *ldb)
1235 : {
1236 349578302 : return ldb->flags;
1237 : }
|
