Line data Source code
1 : /*
2 : ldb database library
3 :
4 : Copyright (C) Andrew Tridgell 2004
5 : Copyright (C) Stefan Metzmacher 2004
6 : Copyright (C) Simo Sorce 2006-2008
7 : Copyright (C) Matthias Dieter Wallnöfer 2009-2010
8 :
9 : ** NOTE! The following LGPL license applies to the ldb
10 : ** library. This does NOT imply that all of Samba is released
11 : ** under the LGPL
12 :
13 : This library is free software; you can redistribute it and/or
14 : modify it under the terms of the GNU Lesser General Public
15 : License as published by the Free Software Foundation; either
16 : version 3 of the License, or (at your option) any later version.
17 :
18 : This library is distributed in the hope that it will be useful,
19 : but WITHOUT ANY WARRANTY; without even the implied warranty of
20 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 : Lesser General Public License for more details.
22 :
23 : You should have received a copy of the GNU Lesser General Public
24 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 : */
26 :
27 : /*
28 : * Name: ldb_kv
29 : *
30 : * Component: ldb key value backend
31 : *
32 : * Description: core functions for ldb key value backend
33 : *
34 : * Author: Andrew Tridgell
35 : * Author: Stefan Metzmacher
36 : *
37 : * Modifications:
38 : *
39 : * - description: make the module use asynchronous calls
40 : * date: Feb 2006
41 : * Author: Simo Sorce
42 : *
43 : * - description: make it possible to use event contexts
44 : * date: Jan 2008
45 : * Author: Simo Sorce
46 : *
47 : * - description: fix up memory leaks and small bugs
48 : * date: Oct 2009
49 : * Author: Matthias Dieter Wallnöfer
50 : */
51 :
52 : #include "ldb_kv.h"
53 : #include "ldb_private.h"
54 : #include "lib/util/attr.h"
55 :
56 : /*
57 : prevent memory errors on callbacks
58 : */
59 : struct ldb_kv_req_spy {
60 : struct ldb_kv_context *ctx;
61 : };
62 :
63 : /*
64 : * Determine if this key could hold a record. We allow the new GUID
65 : * index, the old DN index and a possible future ID=
66 : */
67 553554721 : bool ldb_kv_key_is_normal_record(struct ldb_val key)
68 : {
69 553554721 : if (key.length < 4) {
70 0 : return false;
71 : }
72 :
73 : /*
74 : * @ records are not normal records, we don't want to index
75 : * them nor search on them
76 : */
77 553554721 : if (key.length > 4 &&
78 553554721 : memcmp(key.data, "DN=@", 4) == 0) {
79 441052378 : return false;
80 : }
81 :
82 : /* All other DN= records are however */
83 110446634 : if (memcmp(key.data, "DN=", 3) == 0) {
84 320551 : return true;
85 : }
86 :
87 110064248 : if (memcmp(key.data, "ID=", 3) == 0) {
88 0 : return true;
89 : }
90 :
91 110064248 : if (key.length < sizeof(LDB_KV_GUID_KEY_PREFIX)) {
92 0 : return false;
93 : }
94 :
95 110064248 : if (memcmp(key.data, LDB_KV_GUID_KEY_PREFIX,
96 : sizeof(LDB_KV_GUID_KEY_PREFIX) - 1) == 0) {
97 110064248 : return true;
98 : }
99 :
100 0 : return false;
101 : }
102 :
103 : /*
104 : form a ldb_val for a record key
105 : caller frees
106 :
107 : note that the key for a record can depend on whether the
108 : dn refers to a case sensitive index record or not
109 : */
110 267194738 : struct ldb_val ldb_kv_key_dn(TALLOC_CTX *mem_ctx,
111 : struct ldb_dn *dn)
112 : {
113 10705836 : struct ldb_val key;
114 267194738 : char *key_str = NULL;
115 267194738 : const char *dn_folded = NULL;
116 :
117 : /*
118 : most DNs are case insensitive. The exception is index DNs for
119 : case sensitive attributes
120 :
121 : there are 3 cases dealt with in this code:
122 :
123 : 1) if the dn doesn't start with @ then uppercase the attribute
124 : names and the attributes values of case insensitive attributes
125 : 2) if the dn starts with @ then leave it alone -
126 : the indexing code handles the rest
127 : */
128 :
129 267194738 : dn_folded = ldb_dn_get_casefold(dn);
130 267194738 : if (!dn_folded) {
131 0 : goto failed;
132 : }
133 :
134 267194738 : key_str = talloc_strdup(mem_ctx, "DN=");
135 267194738 : if (!key_str) {
136 0 : goto failed;
137 : }
138 :
139 267194738 : key_str = talloc_strdup_append_buffer(key_str, dn_folded);
140 267194738 : if (!key_str) {
141 0 : goto failed;
142 : }
143 :
144 267194738 : key.data = (uint8_t *)key_str;
145 267194738 : key.length = strlen(key_str) + 1;
146 :
147 267194738 : return key;
148 :
149 0 : failed:
150 0 : errno = ENOMEM;
151 0 : key.data = NULL;
152 0 : key.length = 0;
153 0 : return key;
154 : }
155 :
156 : /* The caller is to provide a correctly sized key */
157 271874986 : int ldb_kv_guid_to_key(const struct ldb_val *GUID_val,
158 : struct ldb_val *key)
159 : {
160 271874986 : const char *GUID_prefix = LDB_KV_GUID_KEY_PREFIX;
161 271874986 : const int GUID_prefix_len = sizeof(LDB_KV_GUID_KEY_PREFIX) - 1;
162 :
163 271874986 : if (key->length != (GUID_val->length+GUID_prefix_len)) {
164 0 : return LDB_ERR_OPERATIONS_ERROR;
165 : }
166 :
167 271874986 : memcpy(key->data, GUID_prefix, GUID_prefix_len);
168 271874986 : memcpy(&key->data[GUID_prefix_len],
169 271874986 : GUID_val->data, GUID_val->length);
170 271874986 : return LDB_SUCCESS;
171 : }
172 :
173 : /*
174 : * The caller is to provide a correctly sized key, used only in
175 : * the GUID index mode
176 : */
177 143082899 : int ldb_kv_idx_to_key(struct ldb_module *module,
178 : struct ldb_kv_private *ldb_kv,
179 : TALLOC_CTX *mem_ctx,
180 : const struct ldb_val *idx_val,
181 : struct ldb_val *key)
182 : {
183 143082899 : struct ldb_context *ldb = ldb_module_get_ctx(module);
184 2623919 : struct ldb_dn *dn;
185 :
186 143082899 : if (ldb_kv->cache->GUID_index_attribute != NULL) {
187 142774300 : return ldb_kv_guid_to_key(idx_val, key);
188 : }
189 :
190 308599 : dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
191 308599 : if (dn == NULL) {
192 : /*
193 : * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
194 : * to the caller, as this in an invalid index value
195 : */
196 0 : return LDB_ERR_OPERATIONS_ERROR;
197 : }
198 : /* form the key */
199 308599 : *key = ldb_kv_key_dn(mem_ctx, dn);
200 308599 : TALLOC_FREE(dn);
201 308599 : if (!key->data) {
202 0 : return ldb_module_oom(module);
203 : }
204 219928 : return LDB_SUCCESS;
205 : }
206 :
207 : /*
208 : form a TDB_DATA for a record key
209 : caller frees mem_ctx, which may or may not have the key
210 : as a child.
211 :
212 : note that the key for a record can depend on whether a
213 : GUID index is in use, or the DN is used as the key
214 : */
215 21975789 : struct ldb_val ldb_kv_key_msg(struct ldb_module *module,
216 : TALLOC_CTX *mem_ctx,
217 : const struct ldb_message *msg)
218 : {
219 21975789 : void *data = ldb_module_get_private(module);
220 1900994 : struct ldb_kv_private *ldb_kv =
221 21975789 : talloc_get_type(data, struct ldb_kv_private);
222 1900994 : struct ldb_val key;
223 1900994 : const struct ldb_val *guid_val;
224 1900994 : int ret;
225 :
226 21975789 : if (ldb_kv->cache->GUID_index_attribute == NULL) {
227 391620 : return ldb_kv_key_dn(mem_ctx, msg->dn);
228 : }
229 :
230 21584169 : if (ldb_dn_is_special(msg->dn)) {
231 17351297 : return ldb_kv_key_dn(mem_ctx, msg->dn);
232 : }
233 :
234 348257 : guid_val =
235 4232872 : ldb_msg_find_ldb_val(msg, ldb_kv->cache->GUID_index_attribute);
236 4232872 : if (guid_val == NULL) {
237 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
238 : "Did not find GUID attribute %s "
239 : "in %s, required for TDB record "
240 : "key in " LDB_KV_IDXGUID " mode.",
241 0 : ldb_kv->cache->GUID_index_attribute,
242 0 : ldb_dn_get_linearized(msg->dn));
243 0 : errno = EINVAL;
244 0 : key.data = NULL;
245 0 : key.length = 0;
246 0 : return key;
247 : }
248 :
249 : /* In this case, allocate with talloc */
250 4232872 : key.data = talloc_size(mem_ctx, LDB_KV_GUID_KEY_SIZE);
251 4232872 : if (key.data == NULL) {
252 0 : errno = ENOMEM;
253 0 : key.data = NULL;
254 0 : key.length = 0;
255 0 : return key;
256 : }
257 4232872 : key.length = talloc_get_size(key.data);
258 :
259 4232872 : ret = ldb_kv_guid_to_key(guid_val, &key);
260 :
261 4232872 : if (ret != LDB_SUCCESS) {
262 0 : errno = EINVAL;
263 0 : key.data = NULL;
264 0 : key.length = 0;
265 0 : return key;
266 : }
267 4232872 : return key;
268 : }
269 :
270 : /*
271 : check special dn's have valid attributes
272 : currently only @ATTRIBUTES is checked
273 : */
274 2365135 : static int ldb_kv_check_special_dn(struct ldb_module *module,
275 : const struct ldb_message *msg)
276 : {
277 2365135 : struct ldb_context *ldb = ldb_module_get_ctx(module);
278 121181 : unsigned int i, j;
279 :
280 2368159 : if (! ldb_dn_is_special(msg->dn) ||
281 248279 : ! ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
282 2356660 : return LDB_SUCCESS;
283 : }
284 :
285 : /* we have @ATTRIBUTES, let's check attributes are fine */
286 : /* should we check that we deny multivalued attributes ? */
287 1852803 : for (i = 0; i < msg->num_elements; i++) {
288 1844329 : if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
289 :
290 3680676 : for (j = 0; j < msg->elements[i].num_values; j++) {
291 1839119 : if (ldb_kv_check_at_attributes_values(
292 1839119 : &msg->elements[i].values[j]) != 0) {
293 1 : ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
294 1 : return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
295 : }
296 : }
297 : }
298 :
299 7881 : return LDB_SUCCESS;
300 : }
301 :
302 : /*
303 : * Called after modifies and when starting a transaction. Checks target pack
304 : * format version and current pack format version, which are set by cache_load,
305 : * and repacks if necessary.
306 : */
307 1914050 : static int ldb_kv_maybe_repack(struct ldb_kv_private *ldb_kv) {
308 : /* Override option taken from ldb options */
309 1914050 : if (ldb_kv->pack_format_override != 0) {
310 6 : ldb_kv->target_pack_format_version =
311 0 : ldb_kv->pack_format_override;
312 : }
313 :
314 1914050 : if (ldb_kv->pack_format_version !=
315 1914050 : ldb_kv->target_pack_format_version) {
316 460 : int r;
317 3266 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
318 3266 : r = ldb_kv_repack(ldb_kv->module);
319 3266 : if (r != LDB_SUCCESS) {
320 0 : ldb_debug(ldb, LDB_DEBUG_ERROR,
321 : "Database repack failed.");
322 : }
323 3266 : return r;
324 : }
325 :
326 1893811 : return LDB_SUCCESS;
327 : }
328 :
329 : /*
330 : we've made a modification to a dn - possibly reindex and
331 : update sequence number
332 : */
333 5049886 : static int ldb_kv_modified(struct ldb_module *module, struct ldb_dn *dn)
334 : {
335 5049886 : int ret = LDB_SUCCESS;
336 5049886 : struct ldb_kv_private *ldb_kv = talloc_get_type(
337 : ldb_module_get_private(module), struct ldb_kv_private);
338 :
339 : /* only allow modifies inside a transaction, otherwise the
340 : * ldb is unsafe */
341 5049886 : if (ldb_kv->kv_ops->transaction_active(ldb_kv) == false) {
342 0 : ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
343 0 : return LDB_ERR_OPERATIONS_ERROR;
344 : }
345 :
346 7819599 : if (ldb_dn_is_special(dn) &&
347 5533629 : (ldb_dn_check_special(dn, LDB_KV_INDEXLIST) ||
348 2763916 : ldb_dn_check_special(dn, LDB_KV_ATTRIBUTES)) )
349 : {
350 12136 : if (ldb_kv->warn_reindex) {
351 0 : ldb_debug(ldb_module_get_ctx(module),
352 : LDB_DEBUG_ERROR,
353 : "Reindexing %s due to modification on %s",
354 0 : ldb_kv->kv_ops->name(ldb_kv),
355 : ldb_dn_get_linearized(dn));
356 : }
357 12136 : ret = ldb_kv_reindex(module);
358 : }
359 :
360 : /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
361 5051009 : if (ret == LDB_SUCCESS &&
362 7819571 : !(ldb_dn_is_special(dn) &&
363 2769699 : ldb_dn_check_special(dn, LDB_KV_BASEINFO)) ) {
364 2524936 : ret = ldb_kv_increase_sequence_number(module);
365 : }
366 :
367 : /* If the modify was to @OPTIONS, reload the cache */
368 10099758 : if (ret == LDB_SUCCESS &&
369 7819571 : ldb_dn_is_special(dn) &&
370 2769699 : (ldb_dn_check_special(dn, LDB_KV_OPTIONS)) ) {
371 2416 : ret = ldb_kv_cache_reload(module);
372 : }
373 :
374 5049886 : if (ret != LDB_SUCCESS) {
375 14 : ldb_kv->reindex_failed = true;
376 : }
377 :
378 4806676 : return ret;
379 : }
380 : /*
381 : store a record into the db
382 : */
383 19825648 : int ldb_kv_store(struct ldb_module *module,
384 : const struct ldb_message *msg,
385 : int flgs)
386 : {
387 19825648 : void *data = ldb_module_get_private(module);
388 1649829 : struct ldb_kv_private *ldb_kv =
389 19825648 : talloc_get_type(data, struct ldb_kv_private);
390 1649829 : struct ldb_val key;
391 1649829 : struct ldb_val ldb_data;
392 19825648 : int ret = LDB_SUCCESS;
393 19825648 : TALLOC_CTX *key_ctx = talloc_new(module);
394 :
395 19825648 : if (key_ctx == NULL) {
396 0 : return ldb_module_oom(module);
397 : }
398 :
399 19825648 : if (ldb_kv->read_only) {
400 0 : talloc_free(key_ctx);
401 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
402 : }
403 :
404 19825648 : key = ldb_kv_key_msg(module, key_ctx, msg);
405 19825648 : if (key.data == NULL) {
406 0 : TALLOC_FREE(key_ctx);
407 0 : return LDB_ERR_OTHER;
408 : }
409 :
410 19825648 : ret = ldb_pack_data(ldb_module_get_ctx(module),
411 : msg, &ldb_data,
412 : ldb_kv->pack_format_version);
413 19825648 : if (ret == -1) {
414 0 : TALLOC_FREE(key_ctx);
415 0 : return LDB_ERR_OTHER;
416 : }
417 :
418 19825648 : ret = ldb_kv->kv_ops->store(ldb_kv, key, ldb_data, flgs);
419 19825648 : if (ret != 0) {
420 2625 : bool is_special = ldb_dn_is_special(msg->dn);
421 2625 : ret = ldb_kv->kv_ops->error(ldb_kv);
422 :
423 : /*
424 : * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
425 : * the GUID, so re-map
426 : */
427 2625 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS && !is_special &&
428 41 : ldb_kv->cache->GUID_index_attribute != NULL) {
429 24 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
430 : }
431 2625 : goto done;
432 : }
433 :
434 19823023 : done:
435 19825648 : TALLOC_FREE(key_ctx);
436 19825648 : talloc_free(ldb_data.data);
437 :
438 19825648 : return ret;
439 : }
440 :
441 :
442 : /*
443 : check if a attribute is a single valued, for a given element
444 : */
445 1694358 : static bool ldb_kv_single_valued(const struct ldb_schema_attribute *a,
446 : struct ldb_message_element *el)
447 : {
448 1693459 : if (!a) return false;
449 1694358 : if (el != NULL) {
450 1694358 : if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
451 : /* override from a ldb module, for example
452 : used for the description field, which is
453 : marked multi-valued in the schema but which
454 : should not actually accept multiple
455 : values */
456 12 : return true;
457 : }
458 1694346 : if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
459 : /* override from a ldb module, for example used for
460 : deleted linked attribute entries */
461 58077 : return false;
462 : }
463 : }
464 1635537 : if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
465 75 : return true;
466 : }
467 1486617 : return false;
468 : }
469 :
470 : /*
471 : * Starts a sub transaction if they are supported by the backend
472 : * and the ldb connection has not been opened in batch mode.
473 : */
474 2457228 : static int ldb_kv_sub_transaction_start(struct ldb_kv_private *ldb_kv)
475 : {
476 2457228 : int ret = LDB_SUCCESS;
477 :
478 2457228 : if (ldb_kv->batch_mode) {
479 396037 : return ret;
480 : }
481 :
482 2061191 : ret = ldb_kv->kv_ops->begin_nested_write(ldb_kv);
483 2061191 : if (ret == LDB_SUCCESS) {
484 2061191 : ret = ldb_kv_index_sub_transaction_start(ldb_kv);
485 : }
486 1938480 : return ret;
487 : }
488 :
489 : /*
490 : * Commits a sub transaction if they are supported by the backend
491 : * and the ldb connection has not been opened in batch mode.
492 : */
493 2444023 : static int ldb_kv_sub_transaction_commit(struct ldb_kv_private *ldb_kv)
494 : {
495 2444023 : int ret = LDB_SUCCESS;
496 :
497 2444023 : if (ldb_kv->batch_mode) {
498 395755 : return ret;
499 : }
500 :
501 2048268 : ret = ldb_kv_index_sub_transaction_commit(ldb_kv);
502 2048268 : if (ret != LDB_SUCCESS) {
503 0 : return ret;
504 : }
505 2048268 : ret = ldb_kv->kv_ops->finish_nested_write(ldb_kv);
506 2048268 : return ret;
507 : }
508 :
509 : /*
510 : * Cancels a sub transaction if they are supported by the backend
511 : * and the ldb connection has not been opened in batch mode.
512 : */
513 13205 : static int ldb_kv_sub_transaction_cancel(struct ldb_kv_private *ldb_kv)
514 : {
515 13205 : int ret = LDB_SUCCESS;
516 :
517 13205 : if (ldb_kv->batch_mode) {
518 282 : return ret;
519 : }
520 :
521 12923 : ret = ldb_kv_index_sub_transaction_cancel(ldb_kv);
522 12923 : if (ret != LDB_SUCCESS) {
523 0 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
524 : /*
525 : * In the event of a failure we log the failure and continue
526 : * as we need to cancel the database transaction.
527 : */
528 0 : ldb_debug(ldb,
529 : LDB_DEBUG_ERROR,
530 : __location__": ldb_kv_index_sub_transaction_cancel "
531 : "failed: %s",
532 : ldb_errstring(ldb));
533 : }
534 12923 : ret = ldb_kv->kv_ops->abort_nested_write(ldb_kv);
535 12923 : return ret;
536 : }
537 :
538 1154930 : static int ldb_kv_add_internal(struct ldb_module *module,
539 : struct ldb_kv_private *ldb_kv,
540 : const struct ldb_message *msg,
541 : bool check_single_value)
542 : {
543 1154930 : struct ldb_context *ldb = ldb_module_get_ctx(module);
544 1154930 : int ret = LDB_SUCCESS;
545 89996 : unsigned int i;
546 1154930 : bool valid_dn = false;
547 :
548 : /* Check the new DN is reasonable */
549 1154930 : valid_dn = ldb_dn_validate(msg->dn);
550 1154930 : if (valid_dn == false) {
551 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
552 : "Invalid DN in ADD: %s",
553 0 : ldb_dn_get_linearized(msg->dn));
554 0 : return LDB_ERR_INVALID_DN_SYNTAX;
555 : }
556 :
557 23193303 : for (i=0;i<msg->num_elements;i++) {
558 22038379 : struct ldb_message_element *el = &msg->elements[i];
559 22038379 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
560 :
561 22038379 : if (el->num_values == 0) {
562 2 : ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
563 2 : el->name, ldb_dn_get_linearized(msg->dn));
564 2 : return LDB_ERR_CONSTRAINT_VIOLATION;
565 : }
566 23393049 : if (check_single_value && el->num_values > 1 &&
567 3266393 : ldb_kv_single_valued(a, el)) {
568 0 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
569 0 : el->name, ldb_dn_get_linearized(msg->dn));
570 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
571 : }
572 :
573 : /* Do not check "@ATTRIBUTES" for duplicated values */
574 23364786 : if (ldb_dn_is_special(msg->dn) &&
575 1326409 : ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
576 1294830 : continue;
577 : }
578 :
579 20743547 : if (check_single_value &&
580 19162747 : !(el->flags &
581 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
582 19155705 : struct ldb_val *duplicate = NULL;
583 :
584 19155705 : ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
585 : el, &duplicate, 0);
586 19155705 : if (ret != LDB_SUCCESS) {
587 4 : return ret;
588 : }
589 19155705 : if (duplicate != NULL) {
590 8 : ldb_asprintf_errstring(
591 : ldb,
592 : "attribute '%s': value '%.*s' on '%s' "
593 : "provided more than once in ADD object",
594 : el->name,
595 4 : (int)duplicate->length,
596 4 : duplicate->data,
597 4 : ldb_dn_get_linearized(msg->dn));
598 4 : return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
599 : }
600 : }
601 : }
602 :
603 1154924 : ret = ldb_kv_store(module, msg, TDB_INSERT);
604 1154924 : if (ret != LDB_SUCCESS) {
605 : /*
606 : * Try really hard to get the right error code for
607 : * a re-add situation, as this can matter!
608 : */
609 2624 : if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
610 0 : int ret2;
611 24 : struct ldb_dn *dn2 = NULL;
612 24 : TALLOC_CTX *mem_ctx = talloc_new(module);
613 24 : if (mem_ctx == NULL) {
614 0 : return ldb_module_operr(module);
615 : }
616 0 : ret2 =
617 24 : ldb_kv_search_base(module, mem_ctx, msg->dn, &dn2);
618 24 : TALLOC_FREE(mem_ctx);
619 24 : if (ret2 == LDB_SUCCESS) {
620 8 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
621 : }
622 : }
623 2624 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
624 2607 : ldb_asprintf_errstring(ldb,
625 : "Entry %s already exists",
626 2607 : ldb_dn_get_linearized(msg->dn));
627 : }
628 2624 : return ret;
629 : }
630 :
631 1152300 : ret = ldb_kv_index_add_new(module, ldb_kv, msg);
632 1152300 : if (ret != LDB_SUCCESS) {
633 : /*
634 : * If we failed to index, delete the message again.
635 : *
636 : * This is particularly important for the GUID index
637 : * case, which will only fail for a duplicate DN
638 : * in the index add.
639 : *
640 : * Note that the caller may not cancel the transaction
641 : * and this means the above add might really show up!
642 : */
643 364 : ldb_kv_delete_noindex(module, msg);
644 364 : return ret;
645 : }
646 :
647 1151936 : ret = ldb_kv_modified(module, msg->dn);
648 :
649 : /*
650 : * To allow testing of the error recovery code in ldb_kv_add
651 : * cmocka tests can define CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
652 : * to inject failures at this point.
653 : */
654 : #ifdef CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
655 9 : CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
656 : #endif
657 :
658 1151927 : return ret;
659 : }
660 :
661 : /*
662 : add a record to the database
663 : */
664 1074023 : static int ldb_kv_add(struct ldb_kv_context *ctx)
665 : {
666 1074023 : struct ldb_module *module = ctx->module;
667 1074023 : struct ldb_request *req = ctx->req;
668 1074023 : void *data = ldb_module_get_private(module);
669 89809 : struct ldb_kv_private *ldb_kv =
670 1074023 : talloc_get_type(data, struct ldb_kv_private);
671 1074023 : int ret = LDB_SUCCESS;
672 :
673 1074023 : if (ldb_kv->max_key_length != 0 &&
674 349163 : ldb_kv->cache->GUID_index_attribute == NULL &&
675 1607 : !ldb_dn_is_special(req->op.add.message->dn)) {
676 1 : ldb_set_errstring(ldb_module_get_ctx(module),
677 : "Must operate ldb_mdb in GUID "
678 : "index mode, but " LDB_KV_IDXGUID " not set.");
679 1 : return LDB_ERR_UNWILLING_TO_PERFORM;
680 : }
681 :
682 1074022 : ret = ldb_kv_check_special_dn(module, req->op.add.message);
683 1074022 : if (ret != LDB_SUCCESS) {
684 0 : return ret;
685 : }
686 :
687 1074021 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
688 :
689 1074021 : if (ldb_kv_cache_load(module) != 0) {
690 0 : return LDB_ERR_OPERATIONS_ERROR;
691 : }
692 :
693 1074021 : ret = ldb_kv_sub_transaction_start(ldb_kv);
694 1074021 : if (ret != LDB_SUCCESS) {
695 0 : return ret;
696 : }
697 1074021 : ret = ldb_kv_add_internal(module, ldb_kv, req->op.add.message, true);
698 1074021 : if (ret != LDB_SUCCESS) {
699 3009 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
700 3009 : if (r != LDB_SUCCESS) {
701 0 : ldb_debug(
702 : ldb_module_get_ctx(module),
703 : LDB_DEBUG_FATAL,
704 : __location__
705 : ": Unable to roll back sub transaction");
706 : }
707 3009 : ldb_kv->operation_failed = true;
708 3009 : return ret;
709 : }
710 1071012 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
711 :
712 1071012 : return ret;
713 : }
714 :
715 : /*
716 : delete a record from the database, not updating indexes (used for deleting
717 : index records)
718 : */
719 925817 : int ldb_kv_delete_noindex(struct ldb_module *module,
720 : const struct ldb_message *msg)
721 : {
722 925817 : void *data = ldb_module_get_private(module);
723 118575 : struct ldb_kv_private *ldb_kv =
724 925817 : talloc_get_type(data, struct ldb_kv_private);
725 118575 : struct ldb_val key;
726 118575 : int ret;
727 925817 : TALLOC_CTX *tdb_key_ctx = talloc_new(module);
728 :
729 925817 : if (tdb_key_ctx == NULL) {
730 0 : return ldb_module_oom(module);
731 : }
732 :
733 925817 : if (ldb_kv->read_only) {
734 0 : talloc_free(tdb_key_ctx);
735 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
736 : }
737 :
738 925817 : key = ldb_kv_key_msg(module, tdb_key_ctx, msg);
739 925817 : if (!key.data) {
740 0 : TALLOC_FREE(tdb_key_ctx);
741 0 : return LDB_ERR_OTHER;
742 : }
743 :
744 925817 : ret = ldb_kv->kv_ops->delete(ldb_kv, key);
745 925817 : TALLOC_FREE(tdb_key_ctx);
746 :
747 925817 : if (ret != 0) {
748 96638 : ret = ldb_kv->kv_ops->error(ldb_kv);
749 : }
750 :
751 807242 : return ret;
752 : }
753 :
754 92094 : static int ldb_kv_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
755 : {
756 1531 : struct ldb_message *msg;
757 92094 : int ret = LDB_SUCCESS;
758 :
759 92094 : msg = ldb_msg_new(module);
760 92094 : if (msg == NULL) {
761 0 : return LDB_ERR_OPERATIONS_ERROR;
762 : }
763 :
764 : /* in case any attribute of the message was indexed, we need
765 : to fetch the old record */
766 92094 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
767 92094 : if (ret != LDB_SUCCESS) {
768 : /* not finding the old record is an error */
769 4762 : goto done;
770 : }
771 :
772 87332 : ret = ldb_kv_delete_noindex(module, msg);
773 87332 : if (ret != LDB_SUCCESS) {
774 0 : goto done;
775 : }
776 :
777 : /* remove any indexed attributes */
778 87332 : ret = ldb_kv_index_delete(module, msg);
779 87332 : if (ret != LDB_SUCCESS) {
780 0 : goto done;
781 : }
782 :
783 87332 : ret = ldb_kv_modified(module, dn);
784 87332 : if (ret != LDB_SUCCESS) {
785 0 : goto done;
786 : }
787 :
788 87332 : done:
789 92094 : talloc_free(msg);
790 : /*
791 : * To allow testing of the error recovery code in ldb_kv_delete
792 : * cmocka tests can define CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
793 : * to inject failures at this point.
794 : */
795 : #ifdef CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
796 5 : CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
797 : #endif
798 92089 : return ret;
799 : }
800 :
801 : /*
802 : delete a record from the database
803 : */
804 11185 : static int ldb_kv_delete(struct ldb_kv_context *ctx)
805 : {
806 11185 : struct ldb_module *module = ctx->module;
807 11185 : struct ldb_request *req = ctx->req;
808 11185 : void *data = ldb_module_get_private(module);
809 1342 : struct ldb_kv_private *ldb_kv =
810 11185 : talloc_get_type(data, struct ldb_kv_private);
811 11185 : int ret = LDB_SUCCESS;
812 :
813 11185 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
814 :
815 11185 : if (ldb_kv_cache_load(module) != 0) {
816 0 : return LDB_ERR_OPERATIONS_ERROR;
817 : }
818 :
819 11185 : ret = ldb_kv_sub_transaction_start(ldb_kv);
820 11185 : if (ret != LDB_SUCCESS) {
821 0 : return ret;
822 : }
823 11185 : ret = ldb_kv_delete_internal(module, req->op.del.dn);
824 11185 : if (ret != LDB_SUCCESS) {
825 4763 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
826 4763 : if (r != LDB_SUCCESS) {
827 0 : ldb_debug(
828 : ldb_module_get_ctx(module),
829 : LDB_DEBUG_FATAL,
830 : __location__
831 : ": Unable to roll back sub transaction");
832 : }
833 4763 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
834 1 : ldb_kv->operation_failed = true;
835 : }
836 4763 : return ret;
837 : }
838 6422 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
839 :
840 6422 : return ret;
841 : }
842 :
843 : /*
844 : find an element by attribute name. At the moment this does a linear search,
845 : it should be re-coded to use a binary search once all places that modify
846 : records guarantee sorted order
847 :
848 : return the index of the first matching element if found, otherwise -1
849 : */
850 9255611 : static int ldb_kv_find_element(const struct ldb_message *msg, const char *name)
851 : {
852 389786 : unsigned int i;
853 226491760 : for (i=0;i<msg->num_elements;i++) {
854 225858681 : if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
855 8622532 : return i;
856 : }
857 : }
858 623548 : return -1;
859 : }
860 :
861 :
862 : /*
863 : add an element to an existing record. Assumes a elements array that we
864 : can call re-alloc on, and assumes that we can reuse the data pointers from
865 : the passed in additional values. Use with care!
866 :
867 : returns 0 on success, -1 on failure (and sets errno)
868 : */
869 4900996 : static int ldb_kv_msg_add_element(struct ldb_message *msg,
870 : struct ldb_message_element *el)
871 : {
872 191341 : struct ldb_message_element *e2;
873 191341 : unsigned int i;
874 :
875 4900996 : if (el->num_values == 0) {
876 : /* nothing to do here - we don't add empty elements */
877 132584 : return 0;
878 : }
879 :
880 4767872 : e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
881 : msg->num_elements+1);
882 4767872 : if (!e2) {
883 0 : errno = ENOMEM;
884 0 : return -1;
885 : }
886 :
887 4767872 : msg->elements = e2;
888 :
889 4767872 : e2 = &msg->elements[msg->num_elements];
890 :
891 4767872 : e2->name = el->name;
892 4767872 : e2->flags = el->flags;
893 4767872 : e2->values = talloc_array(msg->elements,
894 : struct ldb_val, el->num_values);
895 4767872 : if (!e2->values) {
896 0 : errno = ENOMEM;
897 0 : return -1;
898 : }
899 12621243 : for (i=0;i<el->num_values;i++) {
900 7853371 : e2->values[i] = el->values[i];
901 : }
902 4767872 : e2->num_values = el->num_values;
903 :
904 4767872 : ++msg->num_elements;
905 :
906 4767872 : return 0;
907 : }
908 :
909 : /*
910 : delete all elements having a specified attribute name
911 : */
912 4975063 : static int ldb_kv_msg_delete_attribute(struct ldb_module *module,
913 : struct ldb_kv_private *ldb_kv,
914 : struct ldb_message *msg,
915 : const char *name)
916 : {
917 186719 : int ret;
918 186719 : struct ldb_message_element *el;
919 4975063 : bool is_special = ldb_dn_is_special(msg->dn);
920 :
921 4975063 : if (!is_special && ldb_kv->cache->GUID_index_attribute != NULL &&
922 2140708 : ldb_attr_cmp(name, ldb_kv->cache->GUID_index_attribute) == 0) {
923 0 : struct ldb_context *ldb = ldb_module_get_ctx(module);
924 0 : ldb_asprintf_errstring(ldb,
925 : "Must not modify GUID "
926 : "attribute %s (used as DB index)",
927 0 : ldb_kv->cache->GUID_index_attribute);
928 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
929 : }
930 :
931 4975063 : el = ldb_msg_find_element(msg, name);
932 4975063 : if (el == NULL) {
933 249 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
934 : }
935 :
936 4974813 : ret = ldb_kv_index_del_element(module, ldb_kv, msg, el);
937 4974813 : if (ret != LDB_SUCCESS) {
938 0 : return ret;
939 : }
940 :
941 4974813 : talloc_free(el->values);
942 4974813 : ldb_msg_remove_element(msg, el);
943 4974813 : msg->elements = talloc_realloc(msg, msg->elements,
944 : struct ldb_message_element,
945 : msg->num_elements);
946 4974813 : return LDB_SUCCESS;
947 : }
948 :
949 : /*
950 : delete all elements matching an attribute name/value
951 :
952 : return LDB Error on failure
953 : */
954 189794 : static int ldb_kv_msg_delete_element(struct ldb_module *module,
955 : struct ldb_kv_private *ldb_kv,
956 : struct ldb_message *msg,
957 : const char *name,
958 : const struct ldb_val *val)
959 : {
960 189794 : struct ldb_context *ldb = ldb_module_get_ctx(module);
961 2966 : unsigned int i;
962 2966 : int found, ret;
963 2966 : struct ldb_message_element *el;
964 2966 : const struct ldb_schema_attribute *a;
965 :
966 189794 : found = ldb_kv_find_element(msg, name);
967 189794 : if (found == -1) {
968 881 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
969 : }
970 :
971 188886 : i = (unsigned int) found;
972 188886 : el = &(msg->elements[i]);
973 :
974 188886 : a = ldb_schema_attribute_by_name(ldb, el->name);
975 :
976 203263 : for (i=0;i<el->num_values;i++) {
977 3030 : bool matched;
978 200177 : if (a->syntax->operator_fn) {
979 201763 : ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
980 198817 : &el->values[i], val, &matched);
981 387556 : if (ret != LDB_SUCCESS) return ret;
982 : } else {
983 2720 : matched = (a->syntax->comparison_fn(ldb, ldb,
984 1360 : &el->values[i], val) == 0);
985 : }
986 200177 : if (matched) {
987 188739 : if (el->num_values == 1) {
988 166515 : return ldb_kv_msg_delete_attribute(
989 : module, ldb_kv, msg, name);
990 : }
991 :
992 255 : ret =
993 22224 : ldb_kv_index_del_value(module, ldb_kv, msg, el, i);
994 22224 : if (ret != LDB_SUCCESS) {
995 0 : return ret;
996 : }
997 :
998 22224 : ARRAY_DEL_ELEMENT(el->values, i, el->num_values);
999 22224 : el->num_values--;
1000 :
1001 : /* per definition we find in a canonicalised message an
1002 : attribute value only once. So we are finished here */
1003 22224 : return LDB_SUCCESS;
1004 : }
1005 : }
1006 :
1007 : /* Not found */
1008 147 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
1009 : }
1010 :
1011 : /*
1012 : modify a record - internal interface
1013 :
1014 : yuck - this is O(n^2). Luckily n is usually small so we probably
1015 : get away with it, but if we ever have really large attribute lists
1016 : then we'll need to look at this again
1017 :
1018 : 'req' is optional, and is used to specify controls if supplied
1019 : */
1020 3816049 : int ldb_kv_modify_internal(struct ldb_module *module,
1021 : const struct ldb_message *msg,
1022 : struct ldb_request *req)
1023 : {
1024 3816049 : struct ldb_context *ldb = ldb_module_get_ctx(module);
1025 3816049 : void *data = ldb_module_get_private(module);
1026 152977 : struct ldb_kv_private *ldb_kv =
1027 3816049 : talloc_get_type(data, struct ldb_kv_private);
1028 152977 : struct ldb_message *msg2;
1029 152977 : unsigned int i, j;
1030 3816049 : int ret = LDB_SUCCESS, idx;
1031 3816049 : struct ldb_control *control_permissive = NULL;
1032 3816049 : TALLOC_CTX *mem_ctx = talloc_new(req);
1033 :
1034 3816049 : if (mem_ctx == NULL) {
1035 0 : return ldb_module_oom(module);
1036 : }
1037 :
1038 3816049 : if (req) {
1039 1291113 : control_permissive = ldb_request_get_control(req,
1040 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1041 : }
1042 :
1043 3816049 : msg2 = ldb_msg_new(mem_ctx);
1044 3816049 : if (msg2 == NULL) {
1045 0 : ret = LDB_ERR_OTHER;
1046 0 : goto done;
1047 : }
1048 :
1049 3816049 : ret = ldb_kv_search_dn1(module, msg->dn, msg2, 0);
1050 3816049 : if (ret != LDB_SUCCESS) {
1051 4016 : goto done;
1052 : }
1053 :
1054 13605975 : for (i=0; i<msg->num_elements; i++) {
1055 9795357 : struct ldb_message_element *el = &msg->elements[i], *el2;
1056 391982 : struct ldb_val *vals;
1057 9795357 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
1058 391982 : const char *dn;
1059 9795357 : uint32_t options = 0;
1060 9795357 : if (control_permissive != NULL) {
1061 2630 : options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
1062 : }
1063 :
1064 9795357 : switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
1065 211764 : case LDB_FLAG_MOD_ADD:
1066 :
1067 211764 : if (el->num_values == 0) {
1068 5 : ldb_asprintf_errstring(ldb,
1069 : "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
1070 : el->name, ldb_dn_get_linearized(msg2->dn));
1071 5 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
1072 5 : goto done;
1073 : }
1074 :
1075 : /* make a copy of the array so that a permissive
1076 : * control can remove duplicates without changing the
1077 : * original values, but do not copy data as we do not
1078 : * need to keep it around once the operation is
1079 : * finished */
1080 211759 : if (control_permissive) {
1081 10 : el = talloc(msg2, struct ldb_message_element);
1082 10 : if (!el) {
1083 0 : ret = LDB_ERR_OTHER;
1084 0 : goto done;
1085 : }
1086 10 : *el = msg->elements[i];
1087 10 : el->values = talloc_array(el, struct ldb_val, el->num_values);
1088 10 : if (el->values == NULL) {
1089 0 : ret = LDB_ERR_OTHER;
1090 0 : goto done;
1091 : }
1092 41 : for (j = 0; j < el->num_values; j++) {
1093 31 : el->values[j] = msg->elements[i].values[j];
1094 : }
1095 : }
1096 :
1097 211759 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1098 9 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1099 : el->name, ldb_dn_get_linearized(msg2->dn));
1100 9 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1101 9 : goto done;
1102 : }
1103 :
1104 : /* Checks if element already exists */
1105 211750 : idx = ldb_kv_find_element(msg2, el->name);
1106 211750 : if (idx == -1) {
1107 183810 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1108 0 : ret = LDB_ERR_OTHER;
1109 0 : goto done;
1110 : }
1111 183810 : ret = ldb_kv_index_add_element(
1112 : module, ldb_kv, msg2, el);
1113 183810 : if (ret != LDB_SUCCESS) {
1114 0 : goto done;
1115 : }
1116 : } else {
1117 27940 : j = (unsigned int) idx;
1118 27940 : el2 = &(msg2->elements[j]);
1119 :
1120 : /* We cannot add another value on a existing one
1121 : if the attribute is single-valued */
1122 27940 : if (ldb_kv_single_valued(a, el)) {
1123 42 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1124 : el->name, ldb_dn_get_linearized(msg2->dn));
1125 42 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1126 42 : goto done;
1127 : }
1128 :
1129 : /* Check that values don't exist yet on multi-
1130 : valued attributes or aren't provided twice */
1131 27898 : if (!(el->flags &
1132 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1133 5113 : struct ldb_val *duplicate = NULL;
1134 5113 : ret = ldb_msg_find_common_values(ldb,
1135 : msg2,
1136 : el,
1137 : el2,
1138 : options);
1139 :
1140 5113 : if (ret ==
1141 : LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1142 17 : ldb_asprintf_errstring(ldb,
1143 : "attribute '%s': value "
1144 : "#%u on '%s' already "
1145 : "exists", el->name, j,
1146 : ldb_dn_get_linearized(msg2->dn));
1147 17 : goto done;
1148 5096 : } else if (ret != LDB_SUCCESS) {
1149 0 : goto done;
1150 : }
1151 :
1152 5096 : ret = ldb_msg_find_duplicate_val(
1153 : ldb, msg2, el, &duplicate, 0);
1154 5096 : if (ret != LDB_SUCCESS) {
1155 0 : goto done;
1156 : }
1157 5096 : if (duplicate != NULL) {
1158 0 : ldb_asprintf_errstring(
1159 : ldb,
1160 : "attribute '%s': value "
1161 : "'%.*s' on '%s' "
1162 : "provided more than "
1163 : "once in ADD",
1164 : el->name,
1165 0 : (int)duplicate->length,
1166 0 : duplicate->data,
1167 0 : ldb_dn_get_linearized(msg->dn));
1168 0 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1169 0 : goto done;
1170 : }
1171 : }
1172 :
1173 : /* Now combine existing and new values to a new
1174 : attribute record */
1175 27881 : vals = talloc_realloc(msg2->elements,
1176 : el2->values, struct ldb_val,
1177 : el2->num_values + el->num_values);
1178 27881 : if (vals == NULL) {
1179 0 : ldb_oom(ldb);
1180 0 : ret = LDB_ERR_OTHER;
1181 0 : goto done;
1182 : }
1183 :
1184 56809 : for (j=0; j<el->num_values; j++) {
1185 28928 : vals[el2->num_values + j] =
1186 28928 : ldb_val_dup(vals, &el->values[j]);
1187 : }
1188 :
1189 27881 : el2->values = vals;
1190 27881 : el2->num_values += el->num_values;
1191 :
1192 27881 : ret = ldb_kv_index_add_element(
1193 : module, ldb_kv, msg2, el);
1194 27881 : if (ret != LDB_SUCCESS) {
1195 0 : goto done;
1196 : }
1197 : }
1198 :
1199 206572 : break;
1200 :
1201 8854104 : case LDB_FLAG_MOD_REPLACE:
1202 :
1203 8854104 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1204 36 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1205 : el->name, ldb_dn_get_linearized(msg2->dn));
1206 36 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1207 36 : goto done;
1208 : }
1209 :
1210 : /*
1211 : * We don't need to check this if we have been
1212 : * pre-screened by the repl_meta_data module
1213 : * in Samba, or someone else who can claim to
1214 : * know what they are doing.
1215 : */
1216 8854068 : if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1217 8800041 : struct ldb_val *duplicate = NULL;
1218 :
1219 8800041 : ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1220 : &duplicate, 0);
1221 8800041 : if (ret != LDB_SUCCESS) {
1222 1 : goto done;
1223 : }
1224 8800041 : if (duplicate != NULL) {
1225 1 : ldb_asprintf_errstring(
1226 : ldb,
1227 : "attribute '%s': value '%.*s' "
1228 : "on '%s' provided more than "
1229 : "once in REPLACE",
1230 : el->name,
1231 1 : (int)duplicate->length,
1232 1 : duplicate->data,
1233 : ldb_dn_get_linearized(msg2->dn));
1234 1 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1235 1 : goto done;
1236 : }
1237 : }
1238 :
1239 : /* Checks if element already exists */
1240 8854067 : idx = ldb_kv_find_element(msg2, el->name);
1241 8854067 : if (idx != -1) {
1242 8405706 : j = (unsigned int) idx;
1243 8405706 : el2 = &(msg2->elements[j]);
1244 :
1245 : /* we consider two elements to be
1246 : * equal only if the order
1247 : * matches. This allows dbcheck to
1248 : * fix the ordering on attributes
1249 : * where order matters, such as
1250 : * objectClass
1251 : */
1252 8405706 : if (ldb_msg_element_equal_ordered(el, el2)) {
1253 4136881 : continue;
1254 : }
1255 :
1256 : /* Delete the attribute if it exists in the DB */
1257 4268825 : if (ldb_kv_msg_delete_attribute(
1258 : module, ldb_kv, msg2, el->name) != 0) {
1259 0 : ret = LDB_ERR_OTHER;
1260 0 : goto done;
1261 : }
1262 : }
1263 :
1264 : /* Recreate it with the new values */
1265 4717186 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1266 0 : ret = LDB_ERR_OTHER;
1267 0 : goto done;
1268 : }
1269 :
1270 187121 : ret =
1271 4717186 : ldb_kv_index_add_element(module, ldb_kv, msg2, el);
1272 4717186 : if (ret != LDB_SUCCESS) {
1273 0 : goto done;
1274 : }
1275 :
1276 4530065 : break;
1277 :
1278 729489 : case LDB_FLAG_MOD_DELETE:
1279 729489 : dn = ldb_dn_get_linearized(msg2->dn);
1280 729489 : if (dn == NULL) {
1281 0 : ret = LDB_ERR_OTHER;
1282 0 : goto done;
1283 : }
1284 :
1285 729489 : if (msg->elements[i].num_values == 0) {
1286 : /* Delete the whole attribute */
1287 539723 : ret = ldb_kv_msg_delete_attribute(
1288 : module,
1289 : ldb_kv,
1290 : msg2,
1291 537525 : msg->elements[i].name);
1292 539723 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1293 250 : if (control_permissive) {
1294 0 : ret = LDB_SUCCESS;
1295 : } else {
1296 250 : ldb_asprintf_errstring(ldb,
1297 : "attribute '%s': no such attribute for delete on '%s'",
1298 250 : msg->elements[i].name, dn);
1299 : }
1300 : }
1301 539723 : if (ret != LDB_SUCCESS) {
1302 250 : goto done;
1303 : }
1304 : } else {
1305 : /* Delete specified values from an attribute */
1306 378505 : for (j=0; j < msg->elements[i].num_values; j++) {
1307 192760 : ret = ldb_kv_msg_delete_element(
1308 : module,
1309 : ldb_kv,
1310 : msg2,
1311 186828 : msg->elements[i].name,
1312 189794 : &msg->elements[i].values[j]);
1313 189794 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1314 : control_permissive) {
1315 0 : ret = LDB_SUCCESS;
1316 189794 : } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1317 1055 : ldb_asprintf_errstring(ldb,
1318 : "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1319 1055 : msg->elements[i].name, dn);
1320 : }
1321 189794 : if (ret != LDB_SUCCESS) {
1322 1055 : goto done;
1323 : }
1324 : }
1325 : }
1326 723053 : break;
1327 0 : default:
1328 0 : ldb_asprintf_errstring(ldb,
1329 : "attribute '%s': invalid modify flags on '%s': 0x%x",
1330 0 : msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1331 0 : msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1332 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1333 0 : goto done;
1334 : }
1335 : }
1336 :
1337 3810618 : ret = ldb_kv_store(module, msg2, TDB_MODIFY);
1338 3810618 : if (ret != LDB_SUCCESS) {
1339 0 : goto done;
1340 : }
1341 :
1342 3810618 : ret = ldb_kv_modified(module, msg2->dn);
1343 3810618 : if (ret != LDB_SUCCESS) {
1344 0 : goto done;
1345 : }
1346 :
1347 3810618 : done:
1348 3816049 : TALLOC_FREE(mem_ctx);
1349 : /*
1350 : * To allow testing of the error recovery code in ldb_kv_modify
1351 : * cmocka tests can define CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1352 : * to inject failures at this point.
1353 : */
1354 : #ifdef CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1355 16 : CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1356 : #endif
1357 3816033 : return ret;
1358 : }
1359 :
1360 : /*
1361 : modify a record
1362 : */
1363 1291113 : static int ldb_kv_modify(struct ldb_kv_context *ctx)
1364 : {
1365 1291113 : struct ldb_module *module = ctx->module;
1366 1291113 : struct ldb_request *req = ctx->req;
1367 1291113 : void *data = ldb_module_get_private(module);
1368 31373 : struct ldb_kv_private *ldb_kv =
1369 1291113 : talloc_get_type(data, struct ldb_kv_private);
1370 1291113 : int ret = LDB_SUCCESS;
1371 :
1372 1291113 : ret = ldb_kv_check_special_dn(module, req->op.mod.message);
1373 1291113 : if (ret != LDB_SUCCESS) {
1374 0 : return ret;
1375 : }
1376 :
1377 1291113 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1378 :
1379 1291113 : if (ldb_kv_cache_load(module) != 0) {
1380 0 : return LDB_ERR_OPERATIONS_ERROR;
1381 : }
1382 :
1383 1291113 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1384 1291113 : if (ret != LDB_SUCCESS) {
1385 0 : return ret;
1386 : }
1387 1291113 : ret = ldb_kv_modify_internal(module, req->op.mod.message, req);
1388 1291113 : if (ret != LDB_SUCCESS) {
1389 5432 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1390 5432 : if (r != LDB_SUCCESS) {
1391 0 : ldb_debug(
1392 : ldb_module_get_ctx(module),
1393 : LDB_DEBUG_FATAL,
1394 : __location__
1395 : ": Unable to roll back sub transaction");
1396 : }
1397 5432 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
1398 1416 : ldb_kv->operation_failed = true;
1399 : }
1400 5432 : return ret;
1401 : }
1402 1285681 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1403 :
1404 :
1405 1285681 : return ret;
1406 : }
1407 :
1408 80909 : static int ldb_kv_rename_internal(struct ldb_module *module,
1409 : struct ldb_request *req,
1410 : struct ldb_message *msg)
1411 : {
1412 80909 : void *data = ldb_module_get_private(module);
1413 189 : struct ldb_kv_private *ldb_kv =
1414 80909 : talloc_get_type(data, struct ldb_kv_private);
1415 80909 : int ret = LDB_SUCCESS;
1416 :
1417 : /* Always delete first then add, to avoid conflicts with
1418 : * unique indexes. We rely on the transaction to make this
1419 : * atomic
1420 : */
1421 80909 : ret = ldb_kv_delete_internal(module, msg->dn);
1422 80909 : if (ret != LDB_SUCCESS) {
1423 0 : return ret;
1424 : }
1425 :
1426 80909 : msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1427 80909 : if (msg->dn == NULL) {
1428 0 : return LDB_ERR_OPERATIONS_ERROR;
1429 : }
1430 :
1431 : /* We don't check single value as we can have more than 1 with
1432 : * deleted attributes. We could go through all elements but that's
1433 : * maybe not the most efficient way
1434 : */
1435 80909 : ret = ldb_kv_add_internal(module, ldb_kv, msg, false);
1436 :
1437 : /*
1438 : * To allow testing of the error recovery code in ldb_kv_rename
1439 : * cmocka tests can define CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1440 : * to inject failures at this point.
1441 : */
1442 : #ifdef CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1443 1 : CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1444 : #endif
1445 80908 : return ret;
1446 : }
1447 :
1448 : /*
1449 : rename a record
1450 : */
1451 80998 : static int ldb_kv_rename(struct ldb_kv_context *ctx)
1452 : {
1453 80998 : struct ldb_module *module = ctx->module;
1454 80998 : void *data = ldb_module_get_private(module);
1455 199 : struct ldb_kv_private *ldb_kv =
1456 80998 : talloc_get_type(data, struct ldb_kv_private);
1457 80998 : struct ldb_request *req = ctx->req;
1458 199 : struct ldb_message *msg;
1459 80998 : int ret = LDB_SUCCESS;
1460 199 : struct ldb_val key, key_old;
1461 199 : struct ldb_dn *db_dn;
1462 80998 : bool valid_dn = false;
1463 :
1464 80998 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1465 :
1466 80998 : if (ldb_kv_cache_load(ctx->module) != 0) {
1467 0 : return LDB_ERR_OPERATIONS_ERROR;
1468 : }
1469 :
1470 80998 : msg = ldb_msg_new(ctx);
1471 80998 : if (msg == NULL) {
1472 0 : return LDB_ERR_OPERATIONS_ERROR;
1473 : }
1474 :
1475 : /* Check the new DN is reasonable */
1476 80998 : valid_dn = ldb_dn_validate(req->op.rename.newdn);
1477 80998 : if (valid_dn == false) {
1478 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1479 : "Invalid New DN: %s",
1480 : ldb_dn_get_linearized(req->op.rename.newdn));
1481 0 : return LDB_ERR_INVALID_DN_SYNTAX;
1482 : }
1483 :
1484 : /* we need to fetch the old record to re-add under the new name */
1485 80998 : ret = ldb_kv_search_dn1(module, req->op.rename.olddn, msg, 0);
1486 80998 : if (ret == LDB_ERR_INVALID_DN_SYNTAX) {
1487 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1488 : "Invalid Old DN: %s",
1489 : ldb_dn_get_linearized(req->op.rename.newdn));
1490 0 : return ret;
1491 80998 : } else if (ret != LDB_SUCCESS) {
1492 : /* not finding the old record is an error */
1493 32 : return ret;
1494 : }
1495 :
1496 : /* We need to, before changing the DB, check if the new DN
1497 : * exists, so we can return this error to the caller with an
1498 : * unmodified DB
1499 : *
1500 : * Even in GUID index mode we use ltdb_key_dn() as we are
1501 : * trying to figure out if this is just a case rename
1502 : */
1503 80963 : key = ldb_kv_key_dn(msg, req->op.rename.newdn);
1504 80963 : if (!key.data) {
1505 0 : talloc_free(msg);
1506 0 : return LDB_ERR_OPERATIONS_ERROR;
1507 : }
1508 :
1509 80963 : key_old = ldb_kv_key_dn(msg, req->op.rename.olddn);
1510 80963 : if (!key_old.data) {
1511 0 : talloc_free(msg);
1512 0 : talloc_free(key.data);
1513 0 : return LDB_ERR_OPERATIONS_ERROR;
1514 : }
1515 :
1516 : /*
1517 : * Only declare a conflict if the new DN already exists,
1518 : * and it isn't a case change on the old DN
1519 : */
1520 80963 : if (key_old.length != key.length
1521 314 : || memcmp(key.data, key_old.data, key.length) != 0) {
1522 80924 : ret = ldb_kv_search_base(
1523 : module, msg, req->op.rename.newdn, &db_dn);
1524 80924 : if (ret == LDB_SUCCESS) {
1525 47 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1526 80870 : } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1527 80689 : ret = LDB_SUCCESS;
1528 : }
1529 : }
1530 :
1531 : /* finding the new record already in the DB is an error */
1532 :
1533 80775 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1534 54 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1535 : "Entry %s already exists",
1536 : ldb_dn_get_linearized(req->op.rename.newdn));
1537 : }
1538 80963 : if (ret != LDB_SUCCESS) {
1539 54 : talloc_free(key_old.data);
1540 54 : talloc_free(key.data);
1541 54 : talloc_free(msg);
1542 54 : return ret;
1543 : }
1544 :
1545 80909 : talloc_free(key_old.data);
1546 80909 : talloc_free(key.data);
1547 :
1548 :
1549 80909 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1550 80909 : if (ret != LDB_SUCCESS) {
1551 0 : talloc_free(msg);
1552 0 : return ret;
1553 : }
1554 80909 : ret = ldb_kv_rename_internal(module, req, msg);
1555 80909 : if (ret != LDB_SUCCESS) {
1556 1 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1557 1 : if (r != LDB_SUCCESS) {
1558 0 : ldb_debug(
1559 : ldb_module_get_ctx(module),
1560 : LDB_DEBUG_FATAL,
1561 : __location__
1562 : ": Unable to roll back sub transaction");
1563 : }
1564 1 : talloc_free(msg);
1565 1 : ldb_kv->operation_failed = true;
1566 1 : return ret;
1567 : }
1568 80908 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1569 80908 : talloc_free(msg);
1570 :
1571 80908 : return ret;
1572 : }
1573 :
1574 2181272 : static int ldb_kv_start_trans(struct ldb_module *module)
1575 : {
1576 2181272 : void *data = ldb_module_get_private(module);
1577 18509 : struct ldb_kv_private *ldb_kv =
1578 2181272 : talloc_get_type(data, struct ldb_kv_private);
1579 :
1580 2181272 : pid_t pid = getpid();
1581 :
1582 2181272 : if (ldb_kv->pid != pid) {
1583 3 : ldb_asprintf_errstring(ldb_module_get_ctx(ldb_kv->module),
1584 : __location__
1585 : ": Reusing ldb opened by pid %d in "
1586 : "process %d\n",
1587 : ldb_kv->pid,
1588 : pid);
1589 3 : return LDB_ERR_PROTOCOL_ERROR;
1590 : }
1591 :
1592 : /* Do not take out the transaction lock on a read-only DB */
1593 2181269 : if (ldb_kv->read_only) {
1594 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
1595 : }
1596 :
1597 2181263 : if (ldb_kv->kv_ops->begin_write(ldb_kv) != 0) {
1598 0 : return ldb_kv->kv_ops->error(ldb_kv);
1599 : }
1600 :
1601 2181263 : ldb_kv_index_transaction_start(
1602 : module,
1603 : ldb_kv->index_transaction_cache_size);
1604 :
1605 2181263 : ldb_kv->reindex_failed = false;
1606 2181263 : ldb_kv->operation_failed = false;
1607 :
1608 2181263 : return LDB_SUCCESS;
1609 : }
1610 :
1611 : /*
1612 : * Forward declaration to allow prepare_commit to in fact abort the
1613 : * transaction
1614 : */
1615 : static int ldb_kv_del_trans(struct ldb_module *module);
1616 :
1617 1914059 : static int ldb_kv_prepare_commit(struct ldb_module *module)
1618 : {
1619 17436 : int ret;
1620 1914059 : void *data = ldb_module_get_private(module);
1621 17436 : struct ldb_kv_private *ldb_kv =
1622 1914059 : talloc_get_type(data, struct ldb_kv_private);
1623 1914059 : pid_t pid = getpid();
1624 :
1625 1914059 : if (ldb_kv->pid != pid) {
1626 3 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1627 : __location__
1628 : ": Reusing ldb opened by pid %d in "
1629 : "process %d\n",
1630 : ldb_kv->pid,
1631 : pid);
1632 3 : return LDB_ERR_PROTOCOL_ERROR;
1633 : }
1634 :
1635 1914056 : if (!ldb_kv->kv_ops->transaction_active(ldb_kv)) {
1636 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1637 : "ltdb_prepare_commit() called "
1638 : "without transaction active");
1639 0 : return LDB_ERR_OPERATIONS_ERROR;
1640 : }
1641 :
1642 : /*
1643 : * Check if the last re-index failed.
1644 : *
1645 : * This can happen if for example a duplicate value was marked
1646 : * unique. We must not write a partial re-index into the DB.
1647 : */
1648 1914056 : if (ldb_kv->reindex_failed) {
1649 : /*
1650 : * We must instead abort the transaction so we get the
1651 : * old values and old index back
1652 : */
1653 6 : ldb_kv_del_trans(module);
1654 6 : ldb_set_errstring(ldb_module_get_ctx(module),
1655 : "Failure during re-index, so "
1656 : "transaction must be aborted.");
1657 6 : return LDB_ERR_OPERATIONS_ERROR;
1658 : }
1659 :
1660 1914050 : ret = ldb_kv_index_transaction_commit(module);
1661 1914050 : if (ret != LDB_SUCCESS) {
1662 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1663 0 : return ret;
1664 : }
1665 :
1666 : /*
1667 : * If GUID indexing was toggled in this transaction, we repack at
1668 : * format version 2 if GUID indexing was enabled, or version 1 if
1669 : * it was disabled.
1670 : */
1671 1914050 : ret = ldb_kv_maybe_repack(ldb_kv);
1672 1914050 : if (ret != LDB_SUCCESS) {
1673 0 : ldb_kv_del_trans(module);
1674 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1675 : "Failure during re-pack, so "
1676 : "transaction must be aborted.");
1677 0 : return ret;
1678 : }
1679 :
1680 1914050 : if (ldb_kv->kv_ops->prepare_write(ldb_kv) != 0) {
1681 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1682 0 : ldb_debug_set(ldb_module_get_ctx(module),
1683 : LDB_DEBUG_FATAL,
1684 : "Failure during "
1685 : "prepare_write): %s -> %s",
1686 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1687 : ldb_strerror(ret));
1688 0 : return ret;
1689 : }
1690 :
1691 1914050 : ldb_kv->prepared_commit = true;
1692 :
1693 1914050 : return LDB_SUCCESS;
1694 : }
1695 :
1696 1914036 : static int ldb_kv_end_trans(struct ldb_module *module)
1697 : {
1698 17433 : int ret;
1699 1914036 : void *data = ldb_module_get_private(module);
1700 17433 : struct ldb_kv_private *ldb_kv =
1701 1914036 : talloc_get_type(data, struct ldb_kv_private);
1702 :
1703 : /*
1704 : * If in batch mode and there has been an operation failure
1705 : * rollback the transaction rather than committing it to avoid
1706 : * any possible corruption
1707 : */
1708 1914036 : if (ldb_kv->batch_mode && ldb_kv->operation_failed) {
1709 2 : ret = ldb_kv_del_trans( module);
1710 2 : if (ret != LDB_SUCCESS) {
1711 0 : ldb_debug_set(ldb_module_get_ctx(module),
1712 : LDB_DEBUG_FATAL,
1713 : "An operation failed during a batch mode "
1714 : "transaction. The transaction could not"
1715 : "be rolled back, ldb_kv_del_trans "
1716 : "returned (%s, %s)",
1717 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1718 : ldb_strerror(ret));
1719 : } else {
1720 2 : ldb_debug_set(ldb_module_get_ctx(module),
1721 : LDB_DEBUG_FATAL,
1722 : "An operation failed during a batch mode "
1723 : "transaction, the transaction was "
1724 : "rolled back");
1725 : }
1726 2 : return LDB_ERR_OPERATIONS_ERROR;
1727 : }
1728 :
1729 1914034 : if (!ldb_kv->prepared_commit) {
1730 2611 : ret = ldb_kv_prepare_commit(module);
1731 2611 : if (ret != LDB_SUCCESS) {
1732 0 : return ret;
1733 : }
1734 : }
1735 :
1736 1914034 : ldb_kv->prepared_commit = false;
1737 :
1738 1914034 : if (ldb_kv->kv_ops->finish_write(ldb_kv) != 0) {
1739 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1740 0 : ldb_asprintf_errstring(
1741 : ldb_module_get_ctx(module),
1742 : "Failure during tdb_transaction_commit(): %s -> %s",
1743 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1744 : ldb_strerror(ret));
1745 0 : return ret;
1746 : }
1747 :
1748 1896601 : return LDB_SUCCESS;
1749 : }
1750 :
1751 267219 : static int ldb_kv_del_trans(struct ldb_module *module)
1752 : {
1753 267219 : void *data = ldb_module_get_private(module);
1754 1057 : struct ldb_kv_private *ldb_kv =
1755 267219 : talloc_get_type(data, struct ldb_kv_private);
1756 :
1757 267219 : if (ldb_kv_index_transaction_cancel(module) != 0) {
1758 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1759 0 : return ldb_kv->kv_ops->error(ldb_kv);
1760 : }
1761 :
1762 267219 : ldb_kv->kv_ops->abort_write(ldb_kv);
1763 267219 : return LDB_SUCCESS;
1764 : }
1765 :
1766 : /*
1767 : return sequenceNumber from @BASEINFO
1768 : */
1769 19382821 : static int ldb_kv_sequence_number(struct ldb_kv_context *ctx,
1770 : struct ldb_extended **ext)
1771 : {
1772 1123906 : struct ldb_context *ldb;
1773 19382821 : struct ldb_module *module = ctx->module;
1774 19382821 : struct ldb_request *req = ctx->req;
1775 19382821 : void *data = ldb_module_get_private(module);
1776 1123906 : struct ldb_kv_private *ldb_kv =
1777 19382821 : talloc_get_type(data, struct ldb_kv_private);
1778 19382821 : TALLOC_CTX *tmp_ctx = NULL;
1779 1123906 : struct ldb_seqnum_request *seq;
1780 1123906 : struct ldb_seqnum_result *res;
1781 19382821 : struct ldb_message *msg = NULL;
1782 1123906 : struct ldb_dn *dn;
1783 1123906 : const char *date;
1784 19382821 : int ret = LDB_SUCCESS;
1785 :
1786 19382821 : ldb = ldb_module_get_ctx(module);
1787 :
1788 19382821 : seq = talloc_get_type(req->op.extended.data,
1789 : struct ldb_seqnum_request);
1790 19382821 : if (seq == NULL) {
1791 0 : return LDB_ERR_OPERATIONS_ERROR;
1792 : }
1793 :
1794 19382821 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1795 :
1796 19382821 : if (ldb_kv->kv_ops->lock_read(module) != 0) {
1797 0 : return LDB_ERR_OPERATIONS_ERROR;
1798 : }
1799 :
1800 19382821 : res = talloc_zero(req, struct ldb_seqnum_result);
1801 19382821 : if (res == NULL) {
1802 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1803 0 : goto done;
1804 : }
1805 :
1806 19382821 : tmp_ctx = talloc_new(req);
1807 19382821 : if (tmp_ctx == NULL) {
1808 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1809 0 : goto done;
1810 : }
1811 :
1812 19382821 : dn = ldb_dn_new(tmp_ctx, ldb, LDB_KV_BASEINFO);
1813 19382821 : if (dn == NULL) {
1814 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1815 0 : goto done;
1816 : }
1817 :
1818 19382821 : msg = ldb_msg_new(tmp_ctx);
1819 19382821 : if (msg == NULL) {
1820 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1821 0 : goto done;
1822 : }
1823 :
1824 19382821 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
1825 19382821 : if (ret != LDB_SUCCESS) {
1826 0 : goto done;
1827 : }
1828 :
1829 19382821 : switch (seq->type) {
1830 19379302 : case LDB_SEQ_HIGHEST_SEQ:
1831 19379302 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1832 19379302 : break;
1833 3519 : case LDB_SEQ_NEXT:
1834 3519 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1835 3519 : res->seq_num++;
1836 3519 : break;
1837 0 : case LDB_SEQ_HIGHEST_TIMESTAMP:
1838 0 : date = ldb_msg_find_attr_as_string(msg, LDB_KV_MOD_TIMESTAMP, NULL);
1839 0 : if (date) {
1840 0 : res->seq_num = ldb_string_to_time(date);
1841 : } else {
1842 0 : res->seq_num = 0;
1843 : /* zero is as good as anything when we don't know */
1844 : }
1845 0 : break;
1846 : }
1847 :
1848 19382821 : *ext = talloc_zero(req, struct ldb_extended);
1849 19382821 : if (*ext == NULL) {
1850 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1851 0 : goto done;
1852 : }
1853 19382821 : (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1854 19382821 : (*ext)->data = talloc_steal(*ext, res);
1855 :
1856 19382821 : done:
1857 19382821 : talloc_free(tmp_ctx);
1858 :
1859 19382821 : ldb_kv->kv_ops->unlock_read(module);
1860 19382821 : return ret;
1861 : }
1862 :
1863 132197509 : static void ldb_kv_request_done(struct ldb_kv_context *ctx, int error)
1864 : {
1865 4396036 : struct ldb_context *ldb;
1866 4396036 : struct ldb_request *req;
1867 4396036 : struct ldb_reply *ares;
1868 :
1869 132197509 : ldb = ldb_module_get_ctx(ctx->module);
1870 132197509 : req = ctx->req;
1871 :
1872 : /* if we already returned an error just return */
1873 132197509 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1874 0 : return;
1875 : }
1876 :
1877 132197509 : ares = talloc_zero(req, struct ldb_reply);
1878 132197509 : if (!ares) {
1879 0 : ldb_oom(ldb);
1880 0 : req->callback(req, NULL);
1881 0 : return;
1882 : }
1883 132197509 : ares->type = LDB_REPLY_DONE;
1884 132197509 : ares->error = error;
1885 :
1886 132197509 : req->callback(req, ares);
1887 : }
1888 :
1889 0 : static void ldb_kv_timeout(_UNUSED_ struct tevent_context *ev,
1890 : _UNUSED_ struct tevent_timer *te,
1891 : _UNUSED_ struct timeval t,
1892 : void *private_data)
1893 : {
1894 0 : struct ldb_kv_context *ctx;
1895 0 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1896 :
1897 0 : if (!ctx->request_terminated) {
1898 : /* request is done now */
1899 0 : ldb_kv_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1900 : }
1901 :
1902 0 : if (ctx->spy) {
1903 : /* neutralize the spy */
1904 0 : ctx->spy->ctx = NULL;
1905 0 : ctx->spy = NULL;
1906 : }
1907 0 : talloc_free(ctx);
1908 0 : }
1909 :
1910 19382821 : static void ldb_kv_request_extended_done(struct ldb_kv_context *ctx,
1911 : struct ldb_extended *ext,
1912 : int error)
1913 : {
1914 1123906 : struct ldb_context *ldb;
1915 1123906 : struct ldb_request *req;
1916 1123906 : struct ldb_reply *ares;
1917 :
1918 19382821 : ldb = ldb_module_get_ctx(ctx->module);
1919 19382821 : req = ctx->req;
1920 :
1921 : /* if we already returned an error just return */
1922 19382821 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1923 0 : return;
1924 : }
1925 :
1926 19382821 : ares = talloc_zero(req, struct ldb_reply);
1927 19382821 : if (!ares) {
1928 0 : ldb_oom(ldb);
1929 0 : req->callback(req, NULL);
1930 0 : return;
1931 : }
1932 19382821 : ares->type = LDB_REPLY_DONE;
1933 19382821 : ares->response = ext;
1934 19382821 : ares->error = error;
1935 :
1936 19382821 : req->callback(req, ares);
1937 : }
1938 :
1939 19382821 : static void ldb_kv_handle_extended(struct ldb_kv_context *ctx)
1940 : {
1941 19382821 : struct ldb_extended *ext = NULL;
1942 1123906 : int ret;
1943 :
1944 19382821 : if (strcmp(ctx->req->op.extended.oid,
1945 : LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1946 : /* get sequence number */
1947 19382821 : ret = ldb_kv_sequence_number(ctx, &ext);
1948 : } else {
1949 : /* not recognized */
1950 0 : ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1951 : }
1952 :
1953 19382821 : ldb_kv_request_extended_done(ctx, ext, ret);
1954 19382821 : }
1955 :
1956 151634121 : static void ldb_kv_callback(struct tevent_context *ev,
1957 : struct tevent_timer *te,
1958 : struct timeval t,
1959 : void *private_data)
1960 : {
1961 5521373 : struct ldb_kv_context *ctx;
1962 5521373 : int ret;
1963 :
1964 151634121 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1965 :
1966 151634121 : if (ctx->request_terminated) {
1967 0 : goto done;
1968 : }
1969 :
1970 151634121 : switch (ctx->req->operation) {
1971 129793991 : case LDB_SEARCH:
1972 129793991 : ret = ldb_kv_search(ctx);
1973 129793991 : break;
1974 1074019 : case LDB_ADD:
1975 1074019 : ret = ldb_kv_add(ctx);
1976 1074019 : break;
1977 1291112 : case LDB_MODIFY:
1978 1291112 : ret = ldb_kv_modify(ctx);
1979 1291112 : break;
1980 11181 : case LDB_DELETE:
1981 11181 : ret = ldb_kv_delete(ctx);
1982 11181 : break;
1983 80997 : case LDB_RENAME:
1984 80997 : ret = ldb_kv_rename(ctx);
1985 80997 : break;
1986 19382821 : case LDB_EXTENDED:
1987 19382821 : ldb_kv_handle_extended(ctx);
1988 19382821 : goto done;
1989 0 : default:
1990 : /* no other op supported */
1991 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1992 : }
1993 :
1994 132251300 : if (!ctx->request_terminated) {
1995 : /* request is done now */
1996 132197509 : ldb_kv_request_done(ctx, ret);
1997 : }
1998 :
1999 53791 : done:
2000 151634121 : if (ctx->spy) {
2001 : /* neutralize the spy */
2002 151602035 : ctx->spy->ctx = NULL;
2003 151602035 : ctx->spy = NULL;
2004 : }
2005 151634121 : talloc_free(ctx);
2006 151634121 : }
2007 :
2008 151634143 : static int ldb_kv_request_destructor(void *ptr)
2009 : {
2010 5521376 : struct ldb_kv_req_spy *spy =
2011 151634143 : talloc_get_type(ptr, struct ldb_kv_req_spy);
2012 :
2013 151634143 : if (spy->ctx != NULL) {
2014 32108 : spy->ctx->spy = NULL;
2015 32108 : spy->ctx->request_terminated = true;
2016 32108 : spy->ctx = NULL;
2017 : }
2018 :
2019 151634143 : return 0;
2020 : }
2021 :
2022 151634229 : static int ldb_kv_handle_request(struct ldb_module *module,
2023 : struct ldb_request *req)
2024 : {
2025 5521399 : struct ldb_control *control_permissive;
2026 5521399 : struct ldb_context *ldb;
2027 5521399 : struct tevent_context *ev;
2028 5521399 : struct ldb_kv_context *ac;
2029 5521399 : struct tevent_timer *te;
2030 5521399 : struct timeval tv;
2031 5521399 : unsigned int i;
2032 :
2033 151634229 : ldb = ldb_module_get_ctx(module);
2034 :
2035 151634229 : control_permissive = ldb_request_get_control(req,
2036 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2037 :
2038 540639023 : for (i = 0; req->controls && req->controls[i]; i++) {
2039 383483481 : if (req->controls[i]->critical &&
2040 63 : req->controls[i] != control_permissive) {
2041 86 : ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
2042 63 : req->controls[i]->oid);
2043 86 : return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
2044 : }
2045 : }
2046 :
2047 151634143 : if (req->starttime == 0 || req->timeout == 0) {
2048 0 : ldb_set_errstring(ldb, "Invalid timeout settings");
2049 0 : return LDB_ERR_TIME_LIMIT_EXCEEDED;
2050 : }
2051 :
2052 151634143 : ev = ldb_handle_get_event_context(req->handle);
2053 :
2054 151634143 : ac = talloc_zero(ldb, struct ldb_kv_context);
2055 151634143 : if (ac == NULL) {
2056 0 : ldb_oom(ldb);
2057 0 : return LDB_ERR_OPERATIONS_ERROR;
2058 : }
2059 :
2060 151634143 : ac->module = module;
2061 151634143 : ac->req = req;
2062 :
2063 151634143 : tv.tv_sec = 0;
2064 151634143 : tv.tv_usec = 0;
2065 151634143 : te = tevent_add_timer(ev, ac, tv, ldb_kv_callback, ac);
2066 151634143 : if (NULL == te) {
2067 0 : talloc_free(ac);
2068 0 : return LDB_ERR_OPERATIONS_ERROR;
2069 : }
2070 :
2071 151634143 : if (req->timeout > 0) {
2072 151634143 : tv.tv_sec = req->starttime + req->timeout;
2073 151634143 : tv.tv_usec = 0;
2074 157155519 : ac->timeout_event =
2075 151634143 : tevent_add_timer(ev, ac, tv, ldb_kv_timeout, ac);
2076 151634143 : if (NULL == ac->timeout_event) {
2077 0 : talloc_free(ac);
2078 0 : return LDB_ERR_OPERATIONS_ERROR;
2079 : }
2080 : }
2081 :
2082 151634143 : ac->timeout_timeval = tv;
2083 :
2084 : /* set a spy so that we do not try to use the request context
2085 : * if it is freed before ltdb_callback fires */
2086 151634143 : ac->spy = talloc(req, struct ldb_kv_req_spy);
2087 151634143 : if (NULL == ac->spy) {
2088 0 : talloc_free(ac);
2089 0 : return LDB_ERR_OPERATIONS_ERROR;
2090 : }
2091 151634143 : ac->spy->ctx = ac;
2092 :
2093 151634143 : talloc_set_destructor((TALLOC_CTX *)ac->spy, ldb_kv_request_destructor);
2094 :
2095 151634143 : return LDB_SUCCESS;
2096 : }
2097 :
2098 1191959 : static int ldb_kv_init_rootdse(struct ldb_module *module)
2099 : {
2100 : /* ignore errors on this - we expect it for non-sam databases */
2101 1191959 : ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2102 :
2103 : /* there can be no module beyond the backend, just return */
2104 1191959 : return LDB_SUCCESS;
2105 : }
2106 :
2107 107191638 : static int ldb_kv_lock_read(struct ldb_module *module)
2108 : {
2109 107191638 : void *data = ldb_module_get_private(module);
2110 6079923 : struct ldb_kv_private *ldb_kv =
2111 107191638 : talloc_get_type(data, struct ldb_kv_private);
2112 107191638 : return ldb_kv->kv_ops->lock_read(module);
2113 : }
2114 :
2115 107191638 : static int ldb_kv_unlock_read(struct ldb_module *module)
2116 : {
2117 107191638 : void *data = ldb_module_get_private(module);
2118 6079923 : struct ldb_kv_private *ldb_kv =
2119 107191638 : talloc_get_type(data, struct ldb_kv_private);
2120 107191638 : return ldb_kv->kv_ops->unlock_read(module);
2121 : }
2122 :
2123 : static const struct ldb_module_ops ldb_kv_ops = {
2124 : .name = "tdb",
2125 : .init_context = ldb_kv_init_rootdse,
2126 : .search = ldb_kv_handle_request,
2127 : .add = ldb_kv_handle_request,
2128 : .modify = ldb_kv_handle_request,
2129 : .del = ldb_kv_handle_request,
2130 : .rename = ldb_kv_handle_request,
2131 : .extended = ldb_kv_handle_request,
2132 : .start_transaction = ldb_kv_start_trans,
2133 : .end_transaction = ldb_kv_end_trans,
2134 : .prepare_commit = ldb_kv_prepare_commit,
2135 : .del_transaction = ldb_kv_del_trans,
2136 : .read_lock = ldb_kv_lock_read,
2137 : .read_unlock = ldb_kv_unlock_read,
2138 : };
2139 :
2140 1192109 : int ldb_kv_init_store(struct ldb_kv_private *ldb_kv,
2141 : const char *name,
2142 : struct ldb_context *ldb,
2143 : const char *options[],
2144 : struct ldb_module **_module)
2145 : {
2146 1192109 : if (getenv("LDB_WARN_UNINDEXED")) {
2147 0 : ldb_kv->warn_unindexed = true;
2148 : }
2149 :
2150 1192109 : if (getenv("LDB_WARN_REINDEX")) {
2151 0 : ldb_kv->warn_reindex = true;
2152 : }
2153 :
2154 1192109 : ldb_kv->sequence_number = 0;
2155 :
2156 1192109 : ldb_kv->pid = getpid();
2157 :
2158 1192109 : ldb_kv->pack_format_override = 0;
2159 :
2160 1192109 : ldb_kv->module = ldb_module_new(ldb, ldb, name, &ldb_kv_ops);
2161 1192109 : if (!ldb_kv->module) {
2162 0 : ldb_oom(ldb);
2163 0 : talloc_free(ldb_kv);
2164 0 : return LDB_ERR_OPERATIONS_ERROR;
2165 : }
2166 1192109 : ldb_module_set_private(ldb_kv->module, ldb_kv);
2167 1192109 : talloc_steal(ldb_kv->module, ldb_kv);
2168 :
2169 1192109 : if (ldb_kv_cache_load(ldb_kv->module) != 0) {
2170 0 : ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
2171 : "records for backend '%s'", name);
2172 0 : talloc_free(ldb_kv->module);
2173 0 : return LDB_ERR_OPERATIONS_ERROR;
2174 : }
2175 :
2176 1192109 : *_module = ldb_kv->module;
2177 : /*
2178 : * Set or override the maximum key length
2179 : *
2180 : * The ldb_mdb code will have set this to 511, but our tests
2181 : * set this even smaller (to make the tests more practical).
2182 : *
2183 : * This must only be used for the selftest as the length
2184 : * becomes encoded in the index keys.
2185 : */
2186 : {
2187 41411 : const char *len_str =
2188 1192109 : ldb_options_find(ldb, options,
2189 : "max_key_len_for_self_test");
2190 1192109 : if (len_str != NULL) {
2191 64 : unsigned len = strtoul(len_str, NULL, 0);
2192 64 : ldb_kv->max_key_length = len;
2193 : }
2194 : }
2195 :
2196 : /*
2197 : * Usually the presence of GUID indexing determines the pack format
2198 : * we use but in certain circumstances such as downgrading an
2199 : * MDB-backed database, we want to override the target pack format.
2200 : *
2201 : * We set/get opaques here because in the Samba partitions module,
2202 : * 'options' are not passed correctly so sub-databases can't see
2203 : * the options they need.
2204 : */
2205 : {
2206 41411 : const char *pack_format_override =
2207 1192109 : ldb_options_find(ldb, options, "pack_format_override");
2208 1192109 : if (pack_format_override != NULL) {
2209 6 : int ret;
2210 12 : ldb_kv->pack_format_override =
2211 6 : strtoul(pack_format_override, NULL, 0);
2212 12 : ret = ldb_set_opaque(ldb,
2213 : "pack_format_override",
2214 6 : (void *)(intptr_t)ldb_kv->pack_format_override);
2215 6 : if (ret != LDB_SUCCESS) {
2216 0 : talloc_free(ldb_kv->module);
2217 0 : return ldb_module_operr(ldb_kv->module);
2218 : }
2219 : } else {
2220 : /*
2221 : * NULL -> 0 is fine, otherwise we get back
2222 : * the number we needed
2223 : */
2224 41405 : ldb_kv->pack_format_override
2225 1192103 : = (intptr_t)ldb_get_opaque(ldb,
2226 : "pack_format_override");
2227 : }
2228 : }
2229 :
2230 : /*
2231 : * Override full DB scans
2232 : *
2233 : * A full DB scan is expensive on a large database. This
2234 : * option is for testing to show that the full DB scan is not
2235 : * triggered.
2236 : */
2237 : {
2238 41411 : const char *len_str =
2239 1192109 : ldb_options_find(ldb, options,
2240 : "disable_full_db_scan_for_self_test");
2241 1192109 : if (len_str != NULL) {
2242 408 : ldb_kv->disable_full_db_scan = true;
2243 : }
2244 : }
2245 :
2246 : /*
2247 : * Set the size of the transaction index cache.
2248 : * If the ldb option "transaction_index_cache_size" is set use that
2249 : * otherwise use DEFAULT_INDEX_CACHE_SIZE
2250 : */
2251 1192109 : ldb_kv->index_transaction_cache_size = DEFAULT_INDEX_CACHE_SIZE;
2252 : {
2253 1192109 : const char *size = ldb_options_find(
2254 : ldb,
2255 : options,
2256 : "transaction_index_cache_size");
2257 1192109 : if (size != NULL) {
2258 341 : size_t cache_size = 0;
2259 341 : errno = 0;
2260 :
2261 341 : cache_size = strtoul( size, NULL, 0);
2262 341 : if (cache_size == 0 || errno == ERANGE) {
2263 2 : ldb_debug(
2264 : ldb,
2265 : LDB_DEBUG_WARNING,
2266 : "Invalid transaction_index_cache_size "
2267 : "value [%s], using default(%d)\n",
2268 : size,
2269 : DEFAULT_INDEX_CACHE_SIZE);
2270 : } else {
2271 339 : ldb_kv->index_transaction_cache_size =
2272 : cache_size;
2273 : }
2274 : }
2275 : }
2276 : /*
2277 : * Set batch mode operation.
2278 : * This disables the nested sub transactions, and increases the
2279 : * chance of index corruption. If using this mode the transaction
2280 : * commit will be aborted if any operation fails.
2281 : */
2282 : {
2283 1192109 : const char *batch_mode = ldb_options_find(
2284 : ldb, options, "batch_mode");
2285 1192109 : if (batch_mode != NULL) {
2286 340 : ldb_kv->batch_mode = true;
2287 : }
2288 : }
2289 :
2290 1150698 : return LDB_SUCCESS;
2291 : }
|
