Line data Source code
1 : /*
2 : ldb database library
3 :
4 : Copyright (C) Andrew Tridgell 2004
5 : Copyright (C) Stefan Metzmacher 2004
6 : Copyright (C) Simo Sorce 2006-2008
7 : Copyright (C) Matthias Dieter Wallnöfer 2009-2010
8 :
9 : ** NOTE! The following LGPL license applies to the ldb
10 : ** library. This does NOT imply that all of Samba is released
11 : ** under the LGPL
12 :
13 : This library is free software; you can redistribute it and/or
14 : modify it under the terms of the GNU Lesser General Public
15 : License as published by the Free Software Foundation; either
16 : version 3 of the License, or (at your option) any later version.
17 :
18 : This library is distributed in the hope that it will be useful,
19 : but WITHOUT ANY WARRANTY; without even the implied warranty of
20 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 : Lesser General Public License for more details.
22 :
23 : You should have received a copy of the GNU Lesser General Public
24 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 : */
26 :
27 : /*
28 : * Name: ldb_kv
29 : *
30 : * Component: ldb key value backend
31 : *
32 : * Description: core functions for ldb key value backend
33 : *
34 : * Author: Andrew Tridgell
35 : * Author: Stefan Metzmacher
36 : *
37 : * Modifications:
38 : *
39 : * - description: make the module use asynchronous calls
40 : * date: Feb 2006
41 : * Author: Simo Sorce
42 : *
43 : * - description: make it possible to use event contexts
44 : * date: Jan 2008
45 : * Author: Simo Sorce
46 : *
47 : * - description: fix up memory leaks and small bugs
48 : * date: Oct 2009
49 : * Author: Matthias Dieter Wallnöfer
50 : */
51 :
52 : #include "ldb_kv.h"
53 : #include "ldb_private.h"
54 : #include "lib/util/attr.h"
55 :
56 : /*
57 : prevent memory errors on callbacks
58 : */
59 : struct ldb_kv_req_spy {
60 : struct ldb_kv_context *ctx;
61 : };
62 :
63 : /*
64 : * Determine if this key could hold a record. We allow the new GUID
65 : * index, the old DN index and a possible future ID=
66 : */
67 446013293 : bool ldb_kv_key_is_normal_record(struct ldb_val key)
68 : {
69 446013293 : if (key.length < 4) {
70 0 : return false;
71 : }
72 :
73 : /*
74 : * @ records are not normal records, we don't want to index
75 : * them nor search on them
76 : */
77 446013293 : if (key.length > 4 &&
78 446013293 : memcmp(key.data, "DN=@", 4) == 0) {
79 356575416 : return false;
80 : }
81 :
82 : /* All other DN= records are however */
83 89437877 : if (memcmp(key.data, "DN=", 3) == 0) {
84 371752 : return true;
85 : }
86 :
87 89066125 : if (memcmp(key.data, "ID=", 3) == 0) {
88 0 : return true;
89 : }
90 :
91 89066125 : if (key.length < sizeof(LDB_KV_GUID_KEY_PREFIX)) {
92 0 : return false;
93 : }
94 :
95 89066125 : if (memcmp(key.data, LDB_KV_GUID_KEY_PREFIX,
96 : sizeof(LDB_KV_GUID_KEY_PREFIX) - 1) == 0) {
97 89066125 : return true;
98 : }
99 :
100 0 : return false;
101 : }
102 :
103 : /*
104 : form a ldb_val for a record key
105 : caller frees
106 :
107 : note that the key for a record can depend on whether the
108 : dn refers to a case sensitive index record or not
109 : */
110 165522391 : struct ldb_val ldb_kv_key_dn(TALLOC_CTX *mem_ctx,
111 : struct ldb_dn *dn)
112 : {
113 : struct ldb_val key;
114 165522391 : char *key_str = NULL;
115 165522391 : const char *dn_folded = NULL;
116 :
117 : /*
118 : most DNs are case insensitive. The exception is index DNs for
119 : case sensitive attributes
120 :
121 : there are 3 cases dealt with in this code:
122 :
123 : 1) if the dn doesn't start with @ then uppercase the attribute
124 : names and the attributes values of case insensitive attributes
125 : 2) if the dn starts with @ then leave it alone -
126 : the indexing code handles the rest
127 : */
128 :
129 165522391 : dn_folded = ldb_dn_get_casefold(dn);
130 165522391 : if (!dn_folded) {
131 0 : goto failed;
132 : }
133 :
134 165522391 : key_str = talloc_strdup(mem_ctx, "DN=");
135 165522391 : if (!key_str) {
136 0 : goto failed;
137 : }
138 :
139 165522391 : key_str = talloc_strdup_append_buffer(key_str, dn_folded);
140 165522391 : if (!key_str) {
141 0 : goto failed;
142 : }
143 :
144 165522391 : key.data = (uint8_t *)key_str;
145 165522391 : key.length = strlen(key_str) + 1;
146 :
147 165522391 : return key;
148 :
149 0 : failed:
150 0 : errno = ENOMEM;
151 0 : key.data = NULL;
152 0 : key.length = 0;
153 0 : return key;
154 : }
155 :
156 : /* The caller is to provide a correctly sized key */
157 190500488 : int ldb_kv_guid_to_key(const struct ldb_val *GUID_val,
158 : struct ldb_val *key)
159 : {
160 190500488 : const char *GUID_prefix = LDB_KV_GUID_KEY_PREFIX;
161 190500488 : const int GUID_prefix_len = sizeof(LDB_KV_GUID_KEY_PREFIX) - 1;
162 :
163 190500488 : if (key->length != (GUID_val->length+GUID_prefix_len)) {
164 0 : return LDB_ERR_OPERATIONS_ERROR;
165 : }
166 :
167 190500488 : memcpy(key->data, GUID_prefix, GUID_prefix_len);
168 190500488 : memcpy(&key->data[GUID_prefix_len],
169 190500488 : GUID_val->data, GUID_val->length);
170 190500488 : return LDB_SUCCESS;
171 : }
172 :
173 : /*
174 : * The caller is to provide a correctly sized key, used only in
175 : * the GUID index mode
176 : */
177 103485565 : int ldb_kv_idx_to_key(struct ldb_module *module,
178 : struct ldb_kv_private *ldb_kv,
179 : TALLOC_CTX *mem_ctx,
180 : const struct ldb_val *idx_val,
181 : struct ldb_val *key)
182 : {
183 103485565 : struct ldb_context *ldb = ldb_module_get_ctx(module);
184 : struct ldb_dn *dn;
185 :
186 103485565 : if (ldb_kv->cache->GUID_index_attribute != NULL) {
187 103321141 : return ldb_kv_guid_to_key(idx_val, key);
188 : }
189 :
190 164424 : dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
191 164424 : if (dn == NULL) {
192 : /*
193 : * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
194 : * to the caller, as this in an invalid index value
195 : */
196 0 : return LDB_ERR_OPERATIONS_ERROR;
197 : }
198 : /* form the key */
199 164424 : *key = ldb_kv_key_dn(mem_ctx, dn);
200 164424 : TALLOC_FREE(dn);
201 164424 : if (!key->data) {
202 0 : return ldb_module_oom(module);
203 : }
204 164424 : return LDB_SUCCESS;
205 : }
206 :
207 : /*
208 : form a TDB_DATA for a record key
209 : caller frees mem_ctx, which may or may not have the key
210 : as a child.
211 :
212 : note that the key for a record can depend on whether a
213 : GUID index is in use, or the DN is used as the key
214 : */
215 15906652 : struct ldb_val ldb_kv_key_msg(struct ldb_module *module,
216 : TALLOC_CTX *mem_ctx,
217 : const struct ldb_message *msg)
218 : {
219 15906652 : void *data = ldb_module_get_private(module);
220 : struct ldb_kv_private *ldb_kv =
221 15906652 : talloc_get_type(data, struct ldb_kv_private);
222 : struct ldb_val key;
223 : const struct ldb_val *guid_val;
224 : int ret;
225 :
226 15906652 : if (ldb_kv->cache->GUID_index_attribute == NULL) {
227 383409 : return ldb_kv_key_dn(mem_ctx, msg->dn);
228 : }
229 :
230 15523243 : if (ldb_dn_is_special(msg->dn)) {
231 12566511 : return ldb_kv_key_dn(mem_ctx, msg->dn);
232 : }
233 :
234 : guid_val =
235 2956732 : ldb_msg_find_ldb_val(msg, ldb_kv->cache->GUID_index_attribute);
236 2956732 : if (guid_val == NULL) {
237 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
238 : "Did not find GUID attribute %s "
239 : "in %s, required for TDB record "
240 : "key in " LDB_KV_IDXGUID " mode.",
241 0 : ldb_kv->cache->GUID_index_attribute,
242 0 : ldb_dn_get_linearized(msg->dn));
243 0 : errno = EINVAL;
244 0 : key.data = NULL;
245 0 : key.length = 0;
246 0 : return key;
247 : }
248 :
249 : /* In this case, allocate with talloc */
250 2956732 : key.data = talloc_size(mem_ctx, LDB_KV_GUID_KEY_SIZE);
251 2956732 : if (key.data == NULL) {
252 0 : errno = ENOMEM;
253 0 : key.data = NULL;
254 0 : key.length = 0;
255 0 : return key;
256 : }
257 2956732 : key.length = talloc_get_size(key.data);
258 :
259 2956732 : ret = ldb_kv_guid_to_key(guid_val, &key);
260 :
261 2956732 : if (ret != LDB_SUCCESS) {
262 0 : errno = EINVAL;
263 0 : key.data = NULL;
264 0 : key.length = 0;
265 0 : return key;
266 : }
267 2956732 : return key;
268 : }
269 :
270 : /*
271 : check special dn's have valid attributes
272 : currently only @ATTRIBUTES is checked
273 : */
274 1592078 : static int ldb_kv_check_special_dn(struct ldb_module *module,
275 : const struct ldb_message *msg)
276 : {
277 1592078 : struct ldb_context *ldb = ldb_module_get_ctx(module);
278 : unsigned int i, j;
279 :
280 1592078 : if (! ldb_dn_is_special(msg->dn) ||
281 196144 : ! ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
282 1583908 : return LDB_SUCCESS;
283 : }
284 :
285 : /* we have @ATTRIBUTES, let's check attributes are fine */
286 : /* should we check that we deny multivalued attributes ? */
287 1447388 : for (i = 0; i < msg->num_elements; i++) {
288 1439219 : if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
289 :
290 2872679 : for (j = 0; j < msg->elements[i].num_values; j++) {
291 1435631 : if (ldb_kv_check_at_attributes_values(
292 1435631 : &msg->elements[i].values[j]) != 0) {
293 1 : ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
294 1 : return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
295 : }
296 : }
297 : }
298 :
299 8169 : return LDB_SUCCESS;
300 : }
301 :
302 : /*
303 : * Called after modifies and when starting a transaction. Checks target pack
304 : * format version and current pack format version, which are set by cache_load,
305 : * and repacks if necessary.
306 : */
307 1508001 : static int ldb_kv_maybe_repack(struct ldb_kv_private *ldb_kv) {
308 : /* Override option taken from ldb options */
309 1508001 : if (ldb_kv->pack_format_override != 0) {
310 0 : ldb_kv->target_pack_format_version =
311 0 : ldb_kv->pack_format_override;
312 : }
313 :
314 1508001 : if (ldb_kv->pack_format_version !=
315 1508001 : ldb_kv->target_pack_format_version) {
316 : int r;
317 3059 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
318 3059 : r = ldb_kv_repack(ldb_kv->module);
319 3059 : if (r != LDB_SUCCESS) {
320 0 : ldb_debug(ldb, LDB_DEBUG_ERROR,
321 : "Database repack failed.");
322 : }
323 3059 : return r;
324 : }
325 :
326 1504942 : return LDB_SUCCESS;
327 : }
328 :
329 : /*
330 : we've made a modification to a dn - possibly reindex and
331 : update sequence number
332 : */
333 3419848 : static int ldb_kv_modified(struct ldb_module *module, struct ldb_dn *dn)
334 : {
335 3419848 : int ret = LDB_SUCCESS;
336 3419848 : struct ldb_kv_private *ldb_kv = talloc_get_type(
337 : ldb_module_get_private(module), struct ldb_kv_private);
338 :
339 : /* only allow modifies inside a transaction, otherwise the
340 : * ldb is unsafe */
341 3419848 : if (ldb_kv->kv_ops->transaction_active(ldb_kv) == false) {
342 0 : ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
343 0 : return LDB_ERR_OPERATIONS_ERROR;
344 : }
345 :
346 5323041 : if (ldb_dn_is_special(dn) &&
347 3800344 : (ldb_dn_check_special(dn, LDB_KV_INDEXLIST) ||
348 1897151 : ldb_dn_check_special(dn, LDB_KV_ATTRIBUTES)) )
349 : {
350 12303 : if (ldb_kv->warn_reindex) {
351 0 : ldb_debug(ldb_module_get_ctx(module),
352 : LDB_DEBUG_ERROR,
353 : "Reindexing %s due to modification on %s",
354 0 : ldb_kv->kv_ops->name(ldb_kv),
355 : ldb_dn_get_linearized(dn));
356 : }
357 12303 : ret = ldb_kv_reindex(module);
358 : }
359 :
360 : /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
361 3419848 : if (ret == LDB_SUCCESS &&
362 5323013 : !(ldb_dn_is_special(dn) &&
363 1903179 : ldb_dn_check_special(dn, LDB_KV_BASEINFO)) ) {
364 1709917 : ret = ldb_kv_increase_sequence_number(module);
365 : }
366 :
367 : /* If the modify was to @OPTIONS, reload the cache */
368 6839682 : if (ret == LDB_SUCCESS &&
369 5323013 : ldb_dn_is_special(dn) &&
370 1903179 : (ldb_dn_check_special(dn, LDB_KV_OPTIONS)) ) {
371 2330 : ret = ldb_kv_cache_reload(module);
372 : }
373 :
374 3419848 : if (ret != LDB_SUCCESS) {
375 14 : ldb_kv->reindex_failed = true;
376 : }
377 :
378 3419848 : return ret;
379 : }
380 : /*
381 : store a record into the db
382 : */
383 14253141 : int ldb_kv_store(struct ldb_module *module,
384 : const struct ldb_message *msg,
385 : int flgs)
386 : {
387 14253141 : void *data = ldb_module_get_private(module);
388 : struct ldb_kv_private *ldb_kv =
389 14253141 : talloc_get_type(data, struct ldb_kv_private);
390 : struct ldb_val key;
391 : struct ldb_val ldb_data;
392 14253141 : int ret = LDB_SUCCESS;
393 14253141 : TALLOC_CTX *key_ctx = talloc_new(module);
394 :
395 14253141 : if (key_ctx == NULL) {
396 0 : return ldb_module_oom(module);
397 : }
398 :
399 14253141 : if (ldb_kv->read_only) {
400 0 : talloc_free(key_ctx);
401 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
402 : }
403 :
404 14253141 : key = ldb_kv_key_msg(module, key_ctx, msg);
405 14253141 : if (key.data == NULL) {
406 0 : TALLOC_FREE(key_ctx);
407 0 : return LDB_ERR_OTHER;
408 : }
409 :
410 14253141 : ret = ldb_pack_data(ldb_module_get_ctx(module),
411 : msg, &ldb_data,
412 : ldb_kv->pack_format_version);
413 14253141 : if (ret == -1) {
414 0 : TALLOC_FREE(key_ctx);
415 0 : return LDB_ERR_OTHER;
416 : }
417 :
418 14253141 : ret = ldb_kv->kv_ops->store(ldb_kv, key, ldb_data, flgs);
419 14253141 : if (ret != 0) {
420 2421 : bool is_special = ldb_dn_is_special(msg->dn);
421 2421 : ret = ldb_kv->kv_ops->error(ldb_kv);
422 :
423 : /*
424 : * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
425 : * the GUID, so re-map
426 : */
427 2421 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS && !is_special &&
428 52 : ldb_kv->cache->GUID_index_attribute != NULL) {
429 24 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
430 : }
431 2421 : goto done;
432 : }
433 :
434 14250720 : done:
435 14253141 : TALLOC_FREE(key_ctx);
436 14253141 : talloc_free(ldb_data.data);
437 :
438 14253141 : return ret;
439 : }
440 :
441 :
442 : /*
443 : check if a attribute is a single valued, for a given element
444 : */
445 1211405 : static bool ldb_kv_single_valued(const struct ldb_schema_attribute *a,
446 : struct ldb_message_element *el)
447 : {
448 1211405 : if (!a) return false;
449 1211405 : if (el != NULL) {
450 1211405 : if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
451 : /* override from a ldb module, for example
452 : used for the description field, which is
453 : marked multi-valued in the schema but which
454 : should not actually accept multiple
455 : values */
456 12 : return true;
457 : }
458 1211393 : if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
459 : /* override from a ldb module, for example used for
460 : deleted linked attribute entries */
461 27989 : return false;
462 : }
463 : }
464 1183404 : if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
465 75 : return true;
466 : }
467 1183329 : return false;
468 : }
469 :
470 : /*
471 : * Starts a sub transaction if they are supported by the backend
472 : * and the ldb connection has not been opened in batch mode.
473 : */
474 1661429 : static int ldb_kv_sub_transaction_start(struct ldb_kv_private *ldb_kv)
475 : {
476 1661429 : int ret = LDB_SUCCESS;
477 :
478 1661429 : if (ldb_kv->batch_mode) {
479 311344 : return ret;
480 : }
481 :
482 1350085 : ret = ldb_kv->kv_ops->begin_nested_write(ldb_kv);
483 1350085 : if (ret == LDB_SUCCESS) {
484 1350085 : ret = ldb_kv_index_sub_transaction_start(ldb_kv);
485 : }
486 1350085 : return ret;
487 : }
488 :
489 : /*
490 : * Commits a sub transaction if they are supported by the backend
491 : * and the ldb connection has not been opened in batch mode.
492 : */
493 1651187 : static int ldb_kv_sub_transaction_commit(struct ldb_kv_private *ldb_kv)
494 : {
495 1651187 : int ret = LDB_SUCCESS;
496 :
497 1651187 : if (ldb_kv->batch_mode) {
498 311081 : return ret;
499 : }
500 :
501 1340106 : ret = ldb_kv_index_sub_transaction_commit(ldb_kv);
502 1340106 : if (ret != LDB_SUCCESS) {
503 0 : return ret;
504 : }
505 1340106 : ret = ldb_kv->kv_ops->finish_nested_write(ldb_kv);
506 1340106 : return ret;
507 : }
508 :
509 : /*
510 : * Cancels a sub transaction if they are supported by the backend
511 : * and the ldb connection has not been opened in batch mode.
512 : */
513 10242 : static int ldb_kv_sub_transaction_cancel(struct ldb_kv_private *ldb_kv)
514 : {
515 10242 : int ret = LDB_SUCCESS;
516 :
517 10242 : if (ldb_kv->batch_mode) {
518 263 : return ret;
519 : }
520 :
521 9979 : ret = ldb_kv_index_sub_transaction_cancel(ldb_kv);
522 9979 : if (ret != LDB_SUCCESS) {
523 0 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
524 : /*
525 : * In the event of a failure we log the failure and continue
526 : * as we need to cancel the database transaction.
527 : */
528 0 : ldb_debug(ldb,
529 : LDB_DEBUG_ERROR,
530 : __location__": ldb_kv_index_sub_transaction_cancel "
531 : "failed: %s",
532 : ldb_errstring(ldb));
533 : }
534 9979 : ret = ldb_kv->kv_ops->abort_nested_write(ldb_kv);
535 9979 : return ret;
536 : }
537 :
538 872651 : static int ldb_kv_add_internal(struct ldb_module *module,
539 : struct ldb_kv_private *ldb_kv,
540 : const struct ldb_message *msg,
541 : bool check_single_value)
542 : {
543 872651 : struct ldb_context *ldb = ldb_module_get_ctx(module);
544 872651 : int ret = LDB_SUCCESS;
545 : unsigned int i;
546 872651 : bool valid_dn = false;
547 :
548 : /* Check the new DN is reasonable */
549 872651 : valid_dn = ldb_dn_validate(msg->dn);
550 872651 : if (valid_dn == false) {
551 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
552 : "Invalid DN in ADD: %s",
553 0 : ldb_dn_get_linearized(msg->dn));
554 0 : return LDB_ERR_INVALID_DN_SYNTAX;
555 : }
556 :
557 16875181 : for (i=0;i<msg->num_elements;i++) {
558 16002534 : struct ldb_message_element *el = &msg->elements[i];
559 16002534 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
560 :
561 16002534 : if (el->num_values == 0) {
562 2 : ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
563 2 : el->name, ldb_dn_get_linearized(msg->dn));
564 2 : return LDB_ERR_CONSTRAINT_VIOLATION;
565 : }
566 17075807 : if (check_single_value && el->num_values > 1 &&
567 1073275 : ldb_kv_single_valued(a, el)) {
568 0 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
569 0 : el->name, ldb_dn_get_linearized(msg->dn));
570 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
571 : }
572 :
573 : /* Do not check "@ATTRIBUTES" for duplicated values */
574 17017979 : if (ldb_dn_is_special(msg->dn) &&
575 1015447 : ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
576 988422 : continue;
577 : }
578 :
579 15014110 : if (check_single_value &&
580 13868776 : !(el->flags &
581 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
582 13866174 : struct ldb_val *duplicate = NULL;
583 :
584 13866174 : ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
585 : el, &duplicate, 0);
586 13866174 : if (ret != LDB_SUCCESS) {
587 2 : return ret;
588 : }
589 13866174 : if (duplicate != NULL) {
590 4 : ldb_asprintf_errstring(
591 : ldb,
592 : "attribute '%s': value '%.*s' on '%s' "
593 : "provided more than once in ADD object",
594 : el->name,
595 2 : (int)duplicate->length,
596 2 : duplicate->data,
597 2 : ldb_dn_get_linearized(msg->dn));
598 2 : return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
599 : }
600 : }
601 : }
602 :
603 872647 : ret = ldb_kv_store(module, msg, TDB_INSERT);
604 872647 : if (ret != LDB_SUCCESS) {
605 : /*
606 : * Try really hard to get the right error code for
607 : * a re-add situation, as this can matter!
608 : */
609 2421 : if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
610 : int ret2;
611 24 : struct ldb_dn *dn2 = NULL;
612 24 : TALLOC_CTX *mem_ctx = talloc_new(module);
613 24 : if (mem_ctx == NULL) {
614 0 : return ldb_module_operr(module);
615 : }
616 : ret2 =
617 24 : ldb_kv_search_base(module, mem_ctx, msg->dn, &dn2);
618 24 : TALLOC_FREE(mem_ctx);
619 24 : if (ret2 == LDB_SUCCESS) {
620 8 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
621 : }
622 : }
623 2421 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
624 2405 : ldb_asprintf_errstring(ldb,
625 : "Entry %s already exists",
626 2405 : ldb_dn_get_linearized(msg->dn));
627 : }
628 2421 : return ret;
629 : }
630 :
631 870226 : ret = ldb_kv_index_add_new(module, ldb_kv, msg);
632 870226 : if (ret != LDB_SUCCESS) {
633 : /*
634 : * If we failed to index, delete the message again.
635 : *
636 : * This is particularly important for the GUID index
637 : * case, which will only fail for a duplicate DN
638 : * in the index add.
639 : *
640 : * Note that the caller may not cancel the transation
641 : * and this means the above add might really show up!
642 : */
643 277 : ldb_kv_delete_noindex(module, msg);
644 277 : return ret;
645 : }
646 :
647 869949 : ret = ldb_kv_modified(module, msg->dn);
648 :
649 : /*
650 : * To allow testing of the error recovery code in ldb_kv_add
651 : * cmocka tests can define CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
652 : * to inject failures at this point.
653 : */
654 : #ifdef CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
655 : CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
656 : #endif
657 :
658 869949 : return ret;
659 : }
660 :
661 : /*
662 : add a record to the database
663 : */
664 813922 : static int ldb_kv_add(struct ldb_kv_context *ctx)
665 : {
666 813922 : struct ldb_module *module = ctx->module;
667 813922 : struct ldb_request *req = ctx->req;
668 813922 : void *data = ldb_module_get_private(module);
669 : struct ldb_kv_private *ldb_kv =
670 813922 : talloc_get_type(data, struct ldb_kv_private);
671 813922 : int ret = LDB_SUCCESS;
672 :
673 813922 : if (ldb_kv->max_key_length != 0 &&
674 205202 : ldb_kv->cache->GUID_index_attribute == NULL &&
675 784 : !ldb_dn_is_special(req->op.add.message->dn)) {
676 0 : ldb_set_errstring(ldb_module_get_ctx(module),
677 : "Must operate ldb_mdb in GUID "
678 : "index mode, but " LDB_KV_IDXGUID " not set.");
679 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
680 : }
681 :
682 813922 : ret = ldb_kv_check_special_dn(module, req->op.add.message);
683 813922 : if (ret != LDB_SUCCESS) {
684 1 : return ret;
685 : }
686 :
687 813921 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
688 :
689 813921 : if (ldb_kv_cache_load(module) != 0) {
690 0 : return LDB_ERR_OPERATIONS_ERROR;
691 : }
692 :
693 813921 : ret = ldb_kv_sub_transaction_start(ldb_kv);
694 813921 : if (ret != LDB_SUCCESS) {
695 0 : return ret;
696 : }
697 813921 : ret = ldb_kv_add_internal(module, ldb_kv, req->op.add.message, true);
698 813921 : if (ret != LDB_SUCCESS) {
699 2716 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
700 2716 : if (r != LDB_SUCCESS) {
701 0 : ldb_debug(
702 : ldb_module_get_ctx(module),
703 : LDB_DEBUG_FATAL,
704 : __location__
705 : ": Unable to roll back sub transaction");
706 : }
707 2716 : ldb_kv->operation_failed = true;
708 2716 : return ret;
709 : }
710 811205 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
711 :
712 811205 : return ret;
713 : }
714 :
715 : /*
716 : delete a record from the database, not updating indexes (used for deleting
717 : index records)
718 : */
719 644310 : int ldb_kv_delete_noindex(struct ldb_module *module,
720 : const struct ldb_message *msg)
721 : {
722 644310 : void *data = ldb_module_get_private(module);
723 : struct ldb_kv_private *ldb_kv =
724 644310 : talloc_get_type(data, struct ldb_kv_private);
725 : struct ldb_val key;
726 : int ret;
727 644310 : TALLOC_CTX *tdb_key_ctx = talloc_new(module);
728 :
729 644310 : if (tdb_key_ctx == NULL) {
730 0 : return ldb_module_oom(module);
731 : }
732 :
733 644310 : if (ldb_kv->read_only) {
734 0 : talloc_free(tdb_key_ctx);
735 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
736 : }
737 :
738 644310 : key = ldb_kv_key_msg(module, tdb_key_ctx, msg);
739 644310 : if (!key.data) {
740 0 : TALLOC_FREE(tdb_key_ctx);
741 0 : return LDB_ERR_OTHER;
742 : }
743 :
744 644310 : ret = ldb_kv->kv_ops->delete(ldb_kv, key);
745 644310 : TALLOC_FREE(tdb_key_ctx);
746 :
747 644310 : if (ret != 0) {
748 69641 : ret = ldb_kv->kv_ops->error(ldb_kv);
749 : }
750 :
751 644310 : return ret;
752 : }
753 :
754 69352 : static int ldb_kv_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
755 : {
756 : struct ldb_message *msg;
757 69352 : int ret = LDB_SUCCESS;
758 :
759 69352 : msg = ldb_msg_new(module);
760 69352 : if (msg == NULL) {
761 0 : return LDB_ERR_OPERATIONS_ERROR;
762 : }
763 :
764 : /* in case any attribute of the message was indexed, we need
765 : to fetch the old record */
766 69352 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
767 69352 : if (ret != LDB_SUCCESS) {
768 : /* not finding the old record is an error */
769 4334 : goto done;
770 : }
771 :
772 65018 : ret = ldb_kv_delete_noindex(module, msg);
773 65018 : if (ret != LDB_SUCCESS) {
774 0 : goto done;
775 : }
776 :
777 : /* remove any indexed attributes */
778 65018 : ret = ldb_kv_index_delete(module, msg);
779 65018 : if (ret != LDB_SUCCESS) {
780 0 : goto done;
781 : }
782 :
783 65018 : ret = ldb_kv_modified(module, dn);
784 65018 : if (ret != LDB_SUCCESS) {
785 0 : goto done;
786 : }
787 :
788 65018 : done:
789 69352 : talloc_free(msg);
790 : /*
791 : * To allow testing of the error recovery code in ldb_kv_delete
792 : * cmocka tests can define CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
793 : * to inject failures at this point.
794 : */
795 : #ifdef CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
796 : CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
797 : #endif
798 69352 : return ret;
799 : }
800 :
801 : /*
802 : delete a record from the database
803 : */
804 10622 : static int ldb_kv_delete(struct ldb_kv_context *ctx)
805 : {
806 10622 : struct ldb_module *module = ctx->module;
807 10622 : struct ldb_request *req = ctx->req;
808 10622 : void *data = ldb_module_get_private(module);
809 : struct ldb_kv_private *ldb_kv =
810 10622 : talloc_get_type(data, struct ldb_kv_private);
811 10622 : int ret = LDB_SUCCESS;
812 :
813 10622 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
814 :
815 10622 : if (ldb_kv_cache_load(module) != 0) {
816 0 : return LDB_ERR_OPERATIONS_ERROR;
817 : }
818 :
819 10622 : ret = ldb_kv_sub_transaction_start(ldb_kv);
820 10622 : if (ret != LDB_SUCCESS) {
821 0 : return ret;
822 : }
823 10622 : ret = ldb_kv_delete_internal(module, req->op.del.dn);
824 10622 : if (ret != LDB_SUCCESS) {
825 4334 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
826 4334 : if (r != LDB_SUCCESS) {
827 0 : ldb_debug(
828 : ldb_module_get_ctx(module),
829 : LDB_DEBUG_FATAL,
830 : __location__
831 : ": Unable to roll back sub transaction");
832 : }
833 4334 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
834 0 : ldb_kv->operation_failed = true;
835 : }
836 4334 : return ret;
837 : }
838 6288 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
839 :
840 6288 : return ret;
841 : }
842 :
843 : /*
844 : find an element by attribute name. At the moment this does a linear search,
845 : it should be re-coded to use a binary search once all places that modify
846 : records guarantee sorted order
847 :
848 : return the index of the first matching element if found, otherwise -1
849 : */
850 6486486 : static int ldb_kv_find_element(const struct ldb_message *msg, const char *name)
851 : {
852 : unsigned int i;
853 177752174 : for (i=0;i<msg->num_elements;i++) {
854 177257193 : if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
855 5991505 : return i;
856 : }
857 : }
858 494981 : return -1;
859 : }
860 :
861 :
862 : /*
863 : add an element to an existing record. Assumes a elements array that we
864 : can call re-alloc on, and assumed that we can re-use the data pointers from
865 : the passed in additional values. Use with care!
866 :
867 : returns 0 on success, -1 on failure (and sets errno)
868 : */
869 3347576 : static int ldb_kv_msg_add_element(struct ldb_message *msg,
870 : struct ldb_message_element *el)
871 : {
872 : struct ldb_message_element *e2;
873 : unsigned int i;
874 :
875 3347576 : if (el->num_values == 0) {
876 : /* nothing to do here - we don't add empty elements */
877 114145 : return 0;
878 : }
879 :
880 3233431 : e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
881 : msg->num_elements+1);
882 3233431 : if (!e2) {
883 0 : errno = ENOMEM;
884 0 : return -1;
885 : }
886 :
887 3233431 : msg->elements = e2;
888 :
889 3233431 : e2 = &msg->elements[msg->num_elements];
890 :
891 3233431 : e2->name = el->name;
892 3233431 : e2->flags = el->flags;
893 3233431 : e2->values = talloc_array(msg->elements,
894 : struct ldb_val, el->num_values);
895 3233431 : if (!e2->values) {
896 0 : errno = ENOMEM;
897 0 : return -1;
898 : }
899 7129716 : for (i=0;i<el->num_values;i++) {
900 3896285 : e2->values[i] = el->values[i];
901 : }
902 3233431 : e2->num_values = el->num_values;
903 :
904 3233431 : ++msg->num_elements;
905 :
906 3233431 : return 0;
907 : }
908 :
909 : /*
910 : delete all elements having a specified attribute name
911 : */
912 3379350 : static int ldb_kv_msg_delete_attribute(struct ldb_module *module,
913 : struct ldb_kv_private *ldb_kv,
914 : struct ldb_message *msg,
915 : const char *name)
916 : {
917 : int ret;
918 : struct ldb_message_element *el;
919 3379350 : bool is_special = ldb_dn_is_special(msg->dn);
920 :
921 3379350 : if (!is_special && ldb_kv->cache->GUID_index_attribute != NULL &&
922 1428722 : ldb_attr_cmp(name, ldb_kv->cache->GUID_index_attribute) == 0) {
923 0 : struct ldb_context *ldb = ldb_module_get_ctx(module);
924 0 : ldb_asprintf_errstring(ldb,
925 : "Must not modify GUID "
926 : "attribute %s (used as DB index)",
927 0 : ldb_kv->cache->GUID_index_attribute);
928 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
929 : }
930 :
931 3379350 : el = ldb_msg_find_element(msg, name);
932 3379350 : if (el == NULL) {
933 11 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
934 : }
935 :
936 3379339 : ret = ldb_kv_index_del_element(module, ldb_kv, msg, el);
937 3379339 : if (ret != LDB_SUCCESS) {
938 0 : return ret;
939 : }
940 :
941 3379339 : talloc_free(el->values);
942 3379339 : ldb_msg_remove_element(msg, el);
943 3379339 : msg->elements = talloc_realloc(msg, msg->elements,
944 : struct ldb_message_element,
945 : msg->num_elements);
946 3379339 : return LDB_SUCCESS;
947 : }
948 :
949 : /*
950 : delete all elements matching an attribute name/value
951 :
952 : return LDB Error on failure
953 : */
954 146122 : static int ldb_kv_msg_delete_element(struct ldb_module *module,
955 : struct ldb_kv_private *ldb_kv,
956 : struct ldb_message *msg,
957 : const char *name,
958 : const struct ldb_val *val)
959 : {
960 146122 : struct ldb_context *ldb = ldb_module_get_ctx(module);
961 : unsigned int i;
962 : int found, ret;
963 : struct ldb_message_element *el;
964 : const struct ldb_schema_attribute *a;
965 :
966 146122 : found = ldb_kv_find_element(msg, name);
967 146122 : if (found == -1) {
968 323 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
969 : }
970 :
971 145799 : i = (unsigned int) found;
972 145799 : el = &(msg->elements[i]);
973 :
974 145799 : a = ldb_schema_attribute_by_name(ldb, el->name);
975 :
976 157627 : for (i=0;i<el->num_values;i++) {
977 : bool matched;
978 157482 : if (a->syntax->operator_fn) {
979 156452 : ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
980 156452 : &el->values[i], val, &matched);
981 302106 : if (ret != LDB_SUCCESS) return ret;
982 : } else {
983 2060 : matched = (a->syntax->comparison_fn(ldb, ldb,
984 1030 : &el->values[i], val) == 0);
985 : }
986 157482 : if (matched) {
987 145654 : if (el->num_values == 1) {
988 135230 : return ldb_kv_msg_delete_attribute(
989 : module, ldb_kv, msg, name);
990 : }
991 :
992 : ret =
993 10424 : ldb_kv_index_del_value(module, ldb_kv, msg, el, i);
994 10424 : if (ret != LDB_SUCCESS) {
995 0 : return ret;
996 : }
997 :
998 10424 : ARRAY_DEL_ELEMENT(el->values, i, el->num_values);
999 10424 : el->num_values--;
1000 :
1001 : /* per definition we find in a canonicalised message an
1002 : attribute value only once. So we are finished here */
1003 10424 : return LDB_SUCCESS;
1004 : }
1005 : }
1006 :
1007 : /* Not found */
1008 145 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
1009 : }
1010 :
1011 : /*
1012 : modify a record - internal interface
1013 :
1014 : yuck - this is O(n^2). Luckily n is usually small so we probably
1015 : get away with it, but if we ever have really large attribute lists
1016 : then we'll need to look at this again
1017 :
1018 : 'req' is optional, and is used to specify controls if supplied
1019 : */
1020 2488073 : int ldb_kv_modify_internal(struct ldb_module *module,
1021 : const struct ldb_message *msg,
1022 : struct ldb_request *req)
1023 : {
1024 2488073 : struct ldb_context *ldb = ldb_module_get_ctx(module);
1025 2488073 : void *data = ldb_module_get_private(module);
1026 : struct ldb_kv_private *ldb_kv =
1027 2488073 : talloc_get_type(data, struct ldb_kv_private);
1028 : struct ldb_message *msg2;
1029 : unsigned int i, j;
1030 2488073 : int ret = LDB_SUCCESS, idx;
1031 2488073 : struct ldb_control *control_permissive = NULL;
1032 2488073 : TALLOC_CTX *mem_ctx = talloc_new(req);
1033 :
1034 2488073 : if (mem_ctx == NULL) {
1035 0 : return ldb_module_oom(module);
1036 : }
1037 :
1038 2488073 : if (req) {
1039 778156 : control_permissive = ldb_request_get_control(req,
1040 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1041 : }
1042 :
1043 2488073 : msg2 = ldb_msg_new(mem_ctx);
1044 2488073 : if (msg2 == NULL) {
1045 0 : ret = LDB_ERR_OTHER;
1046 0 : goto done;
1047 : }
1048 :
1049 2488073 : ret = ldb_kv_search_dn1(module, msg->dn, msg2, 0);
1050 2488073 : if (ret != LDB_SUCCESS) {
1051 2595 : goto done;
1052 : }
1053 :
1054 9362619 : for (i=0; i<msg->num_elements; i++) {
1055 6877738 : struct ldb_message_element *el = &msg->elements[i], *el2;
1056 : struct ldb_val *vals;
1057 6877738 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
1058 : const char *dn;
1059 6877738 : uint32_t options = 0;
1060 6877738 : if (control_permissive != NULL) {
1061 1552 : options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
1062 : }
1063 :
1064 6877738 : switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
1065 158794 : case LDB_FLAG_MOD_ADD:
1066 :
1067 158794 : if (el->num_values == 0) {
1068 26 : ldb_asprintf_errstring(ldb,
1069 : "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
1070 : el->name, ldb_dn_get_linearized(msg2->dn));
1071 26 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
1072 26 : goto done;
1073 : }
1074 :
1075 : /* make a copy of the array so that a permissive
1076 : * control can remove duplicates without changing the
1077 : * original values, but do not copy data as we do not
1078 : * need to keep it around once the operation is
1079 : * finished */
1080 158768 : if (control_permissive) {
1081 6 : el = talloc(msg2, struct ldb_message_element);
1082 6 : if (!el) {
1083 0 : ret = LDB_ERR_OTHER;
1084 0 : goto done;
1085 : }
1086 6 : *el = msg->elements[i];
1087 6 : el->values = talloc_array(el, struct ldb_val, el->num_values);
1088 6 : if (el->values == NULL) {
1089 0 : ret = LDB_ERR_OTHER;
1090 0 : goto done;
1091 : }
1092 31 : for (j = 0; j < el->num_values; j++) {
1093 25 : el->values[j] = msg->elements[i].values[j];
1094 : }
1095 : }
1096 :
1097 158768 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1098 9 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1099 : el->name, ldb_dn_get_linearized(msg2->dn));
1100 9 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1101 9 : goto done;
1102 : }
1103 :
1104 : /* Checks if element already exists */
1105 158759 : idx = ldb_kv_find_element(msg2, el->name);
1106 158759 : if (idx == -1) {
1107 145543 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1108 0 : ret = LDB_ERR_OTHER;
1109 0 : goto done;
1110 : }
1111 145543 : ret = ldb_kv_index_add_element(
1112 : module, ldb_kv, msg2, el);
1113 145543 : if (ret != LDB_SUCCESS) {
1114 0 : goto done;
1115 : }
1116 : } else {
1117 13216 : j = (unsigned int) idx;
1118 13216 : el2 = &(msg2->elements[j]);
1119 :
1120 : /* We cannot add another value on a existing one
1121 : if the attribute is single-valued */
1122 13216 : if (ldb_kv_single_valued(a, el)) {
1123 42 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1124 : el->name, ldb_dn_get_linearized(msg2->dn));
1125 42 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1126 42 : goto done;
1127 : }
1128 :
1129 : /* Check that values don't exist yet on multi-
1130 : valued attributes or aren't provided twice */
1131 13174 : if (!(el->flags &
1132 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1133 3604 : struct ldb_val *duplicate = NULL;
1134 3604 : ret = ldb_msg_find_common_values(ldb,
1135 : msg2,
1136 : el,
1137 : el2,
1138 : options);
1139 :
1140 3604 : if (ret ==
1141 : LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1142 4 : ldb_asprintf_errstring(ldb,
1143 : "attribute '%s': value "
1144 : "#%u on '%s' already "
1145 : "exists", el->name, j,
1146 : ldb_dn_get_linearized(msg2->dn));
1147 4 : goto done;
1148 3600 : } else if (ret != LDB_SUCCESS) {
1149 0 : goto done;
1150 : }
1151 :
1152 3600 : ret = ldb_msg_find_duplicate_val(
1153 : ldb, msg2, el, &duplicate, 0);
1154 3600 : if (ret != LDB_SUCCESS) {
1155 0 : goto done;
1156 : }
1157 3600 : if (duplicate != NULL) {
1158 0 : ldb_asprintf_errstring(
1159 : ldb,
1160 : "attribute '%s': value "
1161 : "'%.*s' on '%s' "
1162 : "provided more than "
1163 : "once in ADD",
1164 : el->name,
1165 0 : (int)duplicate->length,
1166 0 : duplicate->data,
1167 0 : ldb_dn_get_linearized(msg->dn));
1168 0 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1169 0 : goto done;
1170 : }
1171 : }
1172 :
1173 : /* Now combine existing and new values to a new
1174 : attribute record */
1175 13170 : vals = talloc_realloc(msg2->elements,
1176 : el2->values, struct ldb_val,
1177 : el2->num_values + el->num_values);
1178 13170 : if (vals == NULL) {
1179 0 : ldb_oom(ldb);
1180 0 : ret = LDB_ERR_OTHER;
1181 0 : goto done;
1182 : }
1183 :
1184 27252 : for (j=0; j<el->num_values; j++) {
1185 14082 : vals[el2->num_values + j] =
1186 14082 : ldb_val_dup(vals, &el->values[j]);
1187 : }
1188 :
1189 13170 : el2->values = vals;
1190 13170 : el2->num_values += el->num_values;
1191 :
1192 13170 : ret = ldb_kv_index_add_element(
1193 : module, ldb_kv, msg2, el);
1194 13170 : if (ret != LDB_SUCCESS) {
1195 0 : goto done;
1196 : }
1197 : }
1198 :
1199 158713 : break;
1200 :
1201 6181642 : case LDB_FLAG_MOD_REPLACE:
1202 :
1203 6181642 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1204 36 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1205 : el->name, ldb_dn_get_linearized(msg2->dn));
1206 36 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1207 36 : goto done;
1208 : }
1209 :
1210 : /*
1211 : * We don't need to check this if we have been
1212 : * pre-screened by the repl_meta_data module
1213 : * in Samba, or someone else who can claim to
1214 : * know what they are doing.
1215 : */
1216 6181606 : if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1217 6150696 : struct ldb_val *duplicate = NULL;
1218 :
1219 6150696 : ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1220 : &duplicate, 0);
1221 6150696 : if (ret != LDB_SUCCESS) {
1222 1 : goto done;
1223 : }
1224 6150696 : if (duplicate != NULL) {
1225 1 : ldb_asprintf_errstring(
1226 : ldb,
1227 : "attribute '%s': value '%.*s' "
1228 : "on '%s' provided more than "
1229 : "once in REPLACE",
1230 : el->name,
1231 1 : (int)duplicate->length,
1232 1 : duplicate->data,
1233 : ldb_dn_get_linearized(msg2->dn));
1234 1 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1235 1 : goto done;
1236 : }
1237 : }
1238 :
1239 : /* Checks if element already exists */
1240 6181605 : idx = ldb_kv_find_element(msg2, el->name);
1241 6181605 : if (idx != -1) {
1242 5832490 : j = (unsigned int) idx;
1243 5832490 : el2 = &(msg2->elements[j]);
1244 :
1245 : /* we consider two elements to be
1246 : * equal only if the order
1247 : * matches. This allows dbcheck to
1248 : * fix the ordering on attributes
1249 : * where order matters, such as
1250 : * objectClass
1251 : */
1252 5832490 : if (ldb_msg_element_equal_ordered(el, el2)) {
1253 2979572 : continue;
1254 : }
1255 :
1256 : /* Delete the attribute if it exists in the DB */
1257 2852918 : if (ldb_kv_msg_delete_attribute(
1258 : module, ldb_kv, msg2, el->name) != 0) {
1259 0 : ret = LDB_ERR_OTHER;
1260 0 : goto done;
1261 : }
1262 : }
1263 :
1264 : /* Recreate it with the new values */
1265 3202033 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1266 0 : ret = LDB_ERR_OTHER;
1267 0 : goto done;
1268 : }
1269 :
1270 : ret =
1271 3202033 : ldb_kv_index_add_element(module, ldb_kv, msg2, el);
1272 3202033 : if (ret != LDB_SUCCESS) {
1273 0 : goto done;
1274 : }
1275 :
1276 3202033 : break;
1277 :
1278 537302 : case LDB_FLAG_MOD_DELETE:
1279 537302 : dn = ldb_dn_get_linearized(msg2->dn);
1280 537302 : if (dn == NULL) {
1281 0 : ret = LDB_ERR_OTHER;
1282 0 : goto done;
1283 : }
1284 :
1285 537302 : if (msg->elements[i].num_values == 0) {
1286 : /* Delete the whole attribute */
1287 391202 : ret = ldb_kv_msg_delete_attribute(
1288 : module,
1289 : ldb_kv,
1290 : msg2,
1291 391202 : msg->elements[i].name);
1292 391202 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1293 : control_permissive) {
1294 0 : ret = LDB_SUCCESS;
1295 : } else {
1296 391202 : ldb_asprintf_errstring(ldb,
1297 : "attribute '%s': no such attribute for delete on '%s'",
1298 391202 : msg->elements[i].name, dn);
1299 : }
1300 391202 : if (ret != LDB_SUCCESS) {
1301 11 : goto done;
1302 : }
1303 : } else {
1304 : /* Delete specified values from an attribute */
1305 291754 : for (j=0; j < msg->elements[i].num_values; j++) {
1306 146122 : ret = ldb_kv_msg_delete_element(
1307 : module,
1308 : ldb_kv,
1309 : msg2,
1310 146122 : msg->elements[i].name,
1311 146122 : &msg->elements[i].values[j]);
1312 146122 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1313 : control_permissive) {
1314 0 : ret = LDB_SUCCESS;
1315 146122 : } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1316 468 : ldb_asprintf_errstring(ldb,
1317 : "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1318 468 : msg->elements[i].name, dn);
1319 : }
1320 146122 : if (ret != LDB_SUCCESS) {
1321 468 : goto done;
1322 : }
1323 : }
1324 : }
1325 536823 : break;
1326 0 : default:
1327 0 : ldb_asprintf_errstring(ldb,
1328 : "attribute '%s': invalid modify flags on '%s': 0x%x",
1329 0 : msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1330 0 : msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1331 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1332 0 : goto done;
1333 : }
1334 : }
1335 :
1336 2484881 : ret = ldb_kv_store(module, msg2, TDB_MODIFY);
1337 2484881 : if (ret != LDB_SUCCESS) {
1338 0 : goto done;
1339 : }
1340 :
1341 2484881 : ret = ldb_kv_modified(module, msg2->dn);
1342 2484881 : if (ret != LDB_SUCCESS) {
1343 0 : goto done;
1344 : }
1345 :
1346 2484881 : done:
1347 2488073 : TALLOC_FREE(mem_ctx);
1348 : /*
1349 : * To allow testing of the error recovery code in ldb_kv_modify
1350 : * cmocka tests can define CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1351 : * to inject failures at this point.
1352 : */
1353 : #ifdef CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1354 : CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1355 : #endif
1356 2488073 : return ret;
1357 : }
1358 :
1359 : /*
1360 : modify a record
1361 : */
1362 778156 : static int ldb_kv_modify(struct ldb_kv_context *ctx)
1363 : {
1364 778156 : struct ldb_module *module = ctx->module;
1365 778156 : struct ldb_request *req = ctx->req;
1366 778156 : void *data = ldb_module_get_private(module);
1367 : struct ldb_kv_private *ldb_kv =
1368 778156 : talloc_get_type(data, struct ldb_kv_private);
1369 778156 : int ret = LDB_SUCCESS;
1370 :
1371 778156 : ret = ldb_kv_check_special_dn(module, req->op.mod.message);
1372 778156 : if (ret != LDB_SUCCESS) {
1373 0 : return ret;
1374 : }
1375 :
1376 778156 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1377 :
1378 778156 : if (ldb_kv_cache_load(module) != 0) {
1379 0 : return LDB_ERR_OPERATIONS_ERROR;
1380 : }
1381 :
1382 778156 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1383 778156 : if (ret != LDB_SUCCESS) {
1384 0 : return ret;
1385 : }
1386 778156 : ret = ldb_kv_modify_internal(module, req->op.mod.message, req);
1387 778156 : if (ret != LDB_SUCCESS) {
1388 3192 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1389 3192 : if (r != LDB_SUCCESS) {
1390 0 : ldb_debug(
1391 : ldb_module_get_ctx(module),
1392 : LDB_DEBUG_FATAL,
1393 : __location__
1394 : ": Unable to roll back sub transaction");
1395 : }
1396 3192 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
1397 597 : ldb_kv->operation_failed = true;
1398 : }
1399 3192 : return ret;
1400 : }
1401 774964 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1402 :
1403 :
1404 774964 : return ret;
1405 : }
1406 :
1407 58730 : static int ldb_kv_rename_internal(struct ldb_module *module,
1408 : struct ldb_request *req,
1409 : struct ldb_message *msg)
1410 : {
1411 58730 : void *data = ldb_module_get_private(module);
1412 : struct ldb_kv_private *ldb_kv =
1413 58730 : talloc_get_type(data, struct ldb_kv_private);
1414 58730 : int ret = LDB_SUCCESS;
1415 :
1416 : /* Always delete first then add, to avoid conflicts with
1417 : * unique indexes. We rely on the transaction to make this
1418 : * atomic
1419 : */
1420 58730 : ret = ldb_kv_delete_internal(module, msg->dn);
1421 58730 : if (ret != LDB_SUCCESS) {
1422 0 : return ret;
1423 : }
1424 :
1425 58730 : msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1426 58730 : if (msg->dn == NULL) {
1427 0 : return LDB_ERR_OPERATIONS_ERROR;
1428 : }
1429 :
1430 : /* We don't check single value as we can have more than 1 with
1431 : * deleted attributes. We could go through all elements but that's
1432 : * maybe not the most efficient way
1433 : */
1434 58730 : ret = ldb_kv_add_internal(module, ldb_kv, msg, false);
1435 :
1436 : /*
1437 : * To allow testing of the error recovery code in ldb_kv_rename
1438 : * cmocka tests can define CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1439 : * to inject failures at this point.
1440 : */
1441 : #ifdef CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1442 : CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1443 : #endif
1444 58730 : return ret;
1445 : }
1446 :
1447 : /*
1448 : rename a record
1449 : */
1450 58839 : static int ldb_kv_rename(struct ldb_kv_context *ctx)
1451 : {
1452 58839 : struct ldb_module *module = ctx->module;
1453 58839 : void *data = ldb_module_get_private(module);
1454 : struct ldb_kv_private *ldb_kv =
1455 58839 : talloc_get_type(data, struct ldb_kv_private);
1456 58839 : struct ldb_request *req = ctx->req;
1457 : struct ldb_message *msg;
1458 58839 : int ret = LDB_SUCCESS;
1459 : struct ldb_val key, key_old;
1460 : struct ldb_dn *db_dn;
1461 58839 : bool valid_dn = false;
1462 :
1463 58839 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1464 :
1465 58839 : if (ldb_kv_cache_load(ctx->module) != 0) {
1466 0 : return LDB_ERR_OPERATIONS_ERROR;
1467 : }
1468 :
1469 58839 : msg = ldb_msg_new(ctx);
1470 58839 : if (msg == NULL) {
1471 0 : return LDB_ERR_OPERATIONS_ERROR;
1472 : }
1473 :
1474 : /* Check the new DN is reasonable */
1475 58839 : valid_dn = ldb_dn_validate(req->op.rename.newdn);
1476 58839 : if (valid_dn == false) {
1477 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1478 : "Invalid New DN: %s",
1479 : ldb_dn_get_linearized(req->op.rename.newdn));
1480 0 : return LDB_ERR_INVALID_DN_SYNTAX;
1481 : }
1482 :
1483 : /* we need to fetch the old record to re-add under the new name */
1484 58839 : ret = ldb_kv_search_dn1(module, req->op.rename.olddn, msg, 0);
1485 58839 : if (ret == LDB_ERR_INVALID_DN_SYNTAX) {
1486 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1487 : "Invalid Old DN: %s",
1488 : ldb_dn_get_linearized(req->op.rename.newdn));
1489 0 : return ret;
1490 58839 : } else if (ret != LDB_SUCCESS) {
1491 : /* not finding the old record is an error */
1492 46 : return ret;
1493 : }
1494 :
1495 : /* We need to, before changing the DB, check if the new DN
1496 : * exists, so we can return this error to the caller with an
1497 : * unmodified DB
1498 : *
1499 : * Even in GUID index mode we use ltdb_key_dn() as we are
1500 : * trying to figure out if this is just a case rename
1501 : */
1502 58793 : key = ldb_kv_key_dn(msg, req->op.rename.newdn);
1503 58793 : if (!key.data) {
1504 0 : talloc_free(msg);
1505 0 : return LDB_ERR_OPERATIONS_ERROR;
1506 : }
1507 :
1508 58793 : key_old = ldb_kv_key_dn(msg, req->op.rename.olddn);
1509 58793 : if (!key_old.data) {
1510 0 : talloc_free(msg);
1511 0 : talloc_free(key.data);
1512 0 : return LDB_ERR_OPERATIONS_ERROR;
1513 : }
1514 :
1515 : /*
1516 : * Only declare a conflict if the new DN already exists,
1517 : * and it isn't a case change on the old DN
1518 : */
1519 58793 : if (key_old.length != key.length
1520 317 : || memcmp(key.data, key_old.data, key.length) != 0) {
1521 58750 : ret = ldb_kv_search_base(
1522 : module, msg, req->op.rename.newdn, &db_dn);
1523 58750 : if (ret == LDB_SUCCESS) {
1524 63 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1525 58687 : } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1526 58687 : ret = LDB_SUCCESS;
1527 : }
1528 : }
1529 :
1530 : /* finding the new record already in the DB is an error */
1531 :
1532 58793 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1533 63 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1534 : "Entry %s already exists",
1535 : ldb_dn_get_linearized(req->op.rename.newdn));
1536 : }
1537 58793 : if (ret != LDB_SUCCESS) {
1538 63 : talloc_free(key_old.data);
1539 63 : talloc_free(key.data);
1540 63 : talloc_free(msg);
1541 63 : return ret;
1542 : }
1543 :
1544 58730 : talloc_free(key_old.data);
1545 58730 : talloc_free(key.data);
1546 :
1547 :
1548 58730 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1549 58730 : if (ret != LDB_SUCCESS) {
1550 0 : talloc_free(msg);
1551 0 : return ret;
1552 : }
1553 58730 : ret = ldb_kv_rename_internal(module, req, msg);
1554 58730 : if (ret != LDB_SUCCESS) {
1555 0 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1556 0 : if (r != LDB_SUCCESS) {
1557 0 : ldb_debug(
1558 : ldb_module_get_ctx(module),
1559 : LDB_DEBUG_FATAL,
1560 : __location__
1561 : ": Unable to roll back sub transaction");
1562 : }
1563 0 : talloc_free(msg);
1564 0 : ldb_kv->operation_failed = true;
1565 0 : return ret;
1566 : }
1567 58730 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1568 58730 : talloc_free(msg);
1569 :
1570 58730 : return ret;
1571 : }
1572 :
1573 1734122 : static int ldb_kv_start_trans(struct ldb_module *module)
1574 : {
1575 1734122 : void *data = ldb_module_get_private(module);
1576 : struct ldb_kv_private *ldb_kv =
1577 1734122 : talloc_get_type(data, struct ldb_kv_private);
1578 :
1579 1734122 : pid_t pid = getpid();
1580 :
1581 1734122 : if (ldb_kv->pid != pid) {
1582 2 : ldb_asprintf_errstring(ldb_module_get_ctx(ldb_kv->module),
1583 : __location__
1584 : ": Reusing ldb opend by pid %d in "
1585 : "process %d\n",
1586 : ldb_kv->pid,
1587 : pid);
1588 2 : return LDB_ERR_PROTOCOL_ERROR;
1589 : }
1590 :
1591 : /* Do not take out the transaction lock on a read-only DB */
1592 1734120 : if (ldb_kv->read_only) {
1593 20 : return LDB_ERR_UNWILLING_TO_PERFORM;
1594 : }
1595 :
1596 1734100 : if (ldb_kv->kv_ops->begin_write(ldb_kv) != 0) {
1597 0 : return ldb_kv->kv_ops->error(ldb_kv);
1598 : }
1599 :
1600 1734100 : ldb_kv_index_transaction_start(
1601 : module,
1602 : ldb_kv->index_transaction_cache_size);
1603 :
1604 1734100 : ldb_kv->reindex_failed = false;
1605 1734100 : ldb_kv->operation_failed = false;
1606 :
1607 1734100 : return LDB_SUCCESS;
1608 : }
1609 :
1610 : /*
1611 : * Forward declaration to allow prepare_commit to in fact abort the
1612 : * transaction
1613 : */
1614 : static int ldb_kv_del_trans(struct ldb_module *module);
1615 :
1616 1508010 : static int ldb_kv_prepare_commit(struct ldb_module *module)
1617 : {
1618 : int ret;
1619 1508010 : void *data = ldb_module_get_private(module);
1620 : struct ldb_kv_private *ldb_kv =
1621 1508010 : talloc_get_type(data, struct ldb_kv_private);
1622 1508010 : pid_t pid = getpid();
1623 :
1624 1508010 : if (ldb_kv->pid != pid) {
1625 2 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1626 : __location__
1627 : ": Reusing ldb opend by pid %d in "
1628 : "process %d\n",
1629 : ldb_kv->pid,
1630 : pid);
1631 2 : return LDB_ERR_PROTOCOL_ERROR;
1632 : }
1633 :
1634 1508008 : if (!ldb_kv->kv_ops->transaction_active(ldb_kv)) {
1635 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1636 : "ltdb_prepare_commit() called "
1637 : "without transaction active");
1638 0 : return LDB_ERR_OPERATIONS_ERROR;
1639 : }
1640 :
1641 : /*
1642 : * Check if the last re-index failed.
1643 : *
1644 : * This can happen if for example a duplicate value was marked
1645 : * unique. We must not write a partial re-index into the DB.
1646 : */
1647 1508008 : if (ldb_kv->reindex_failed) {
1648 : /*
1649 : * We must instead abort the transaction so we get the
1650 : * old values and old index back
1651 : */
1652 7 : ldb_kv_del_trans(module);
1653 7 : ldb_set_errstring(ldb_module_get_ctx(module),
1654 : "Failure during re-index, so "
1655 : "transaction must be aborted.");
1656 7 : return LDB_ERR_OPERATIONS_ERROR;
1657 : }
1658 :
1659 1508001 : ret = ldb_kv_index_transaction_commit(module);
1660 1508001 : if (ret != LDB_SUCCESS) {
1661 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1662 0 : return ret;
1663 : }
1664 :
1665 : /*
1666 : * If GUID indexing was toggled in this transaction, we repack at
1667 : * format version 2 if GUID indexing was enabled, or version 1 if
1668 : * it was disabled.
1669 : */
1670 1508001 : ret = ldb_kv_maybe_repack(ldb_kv);
1671 1508001 : if (ret != LDB_SUCCESS) {
1672 0 : ldb_kv_del_trans(module);
1673 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1674 : "Failure during re-pack, so "
1675 : "transaction must be aborted.");
1676 0 : return ret;
1677 : }
1678 :
1679 1508001 : if (ldb_kv->kv_ops->prepare_write(ldb_kv) != 0) {
1680 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1681 0 : ldb_debug_set(ldb_module_get_ctx(module),
1682 : LDB_DEBUG_FATAL,
1683 : "Failure during "
1684 : "prepare_write): %s -> %s",
1685 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1686 : ldb_strerror(ret));
1687 0 : return ret;
1688 : }
1689 :
1690 1508001 : ldb_kv->prepared_commit = true;
1691 :
1692 1508001 : return LDB_SUCCESS;
1693 : }
1694 :
1695 1507987 : static int ldb_kv_end_trans(struct ldb_module *module)
1696 : {
1697 : int ret;
1698 1507987 : void *data = ldb_module_get_private(module);
1699 : struct ldb_kv_private *ldb_kv =
1700 1507987 : talloc_get_type(data, struct ldb_kv_private);
1701 :
1702 : /*
1703 : * If in batch mode and there has been an operation failure
1704 : * rollback the transaction rather than committing it to avoid
1705 : * any possible corruption
1706 : */
1707 1507987 : if (ldb_kv->batch_mode && ldb_kv->operation_failed) {
1708 3 : ret = ldb_kv_del_trans( module);
1709 3 : if (ret != LDB_SUCCESS) {
1710 0 : ldb_debug_set(ldb_module_get_ctx(module),
1711 : LDB_DEBUG_FATAL,
1712 : "An operation failed during a batch mode "
1713 : "transaction. The transaction could not"
1714 : "be rolled back, ldb_kv_del_trans "
1715 : "returned (%s, %s)",
1716 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1717 : ldb_strerror(ret));
1718 : } else {
1719 3 : ldb_debug_set(ldb_module_get_ctx(module),
1720 : LDB_DEBUG_FATAL,
1721 : "An operation failed during a batch mode "
1722 : "transaction, the transaction was "
1723 : "rolled back");
1724 : }
1725 3 : return LDB_ERR_OPERATIONS_ERROR;
1726 : }
1727 :
1728 1507984 : if (!ldb_kv->prepared_commit) {
1729 1620 : ret = ldb_kv_prepare_commit(module);
1730 1620 : if (ret != LDB_SUCCESS) {
1731 0 : return ret;
1732 : }
1733 : }
1734 :
1735 1507984 : ldb_kv->prepared_commit = false;
1736 :
1737 1507984 : if (ldb_kv->kv_ops->finish_write(ldb_kv) != 0) {
1738 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1739 0 : ldb_asprintf_errstring(
1740 : ldb_module_get_ctx(module),
1741 : "Failure during tdb_transaction_commit(): %s -> %s",
1742 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1743 : ldb_strerror(ret));
1744 0 : return ret;
1745 : }
1746 :
1747 1507984 : return LDB_SUCCESS;
1748 : }
1749 :
1750 226101 : static int ldb_kv_del_trans(struct ldb_module *module)
1751 : {
1752 226101 : void *data = ldb_module_get_private(module);
1753 : struct ldb_kv_private *ldb_kv =
1754 226101 : talloc_get_type(data, struct ldb_kv_private);
1755 :
1756 226101 : if (ldb_kv_index_transaction_cancel(module) != 0) {
1757 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1758 0 : return ldb_kv->kv_ops->error(ldb_kv);
1759 : }
1760 :
1761 226101 : ldb_kv->kv_ops->abort_write(ldb_kv);
1762 226101 : return LDB_SUCCESS;
1763 : }
1764 :
1765 : /*
1766 : return sequenceNumber from @BASEINFO
1767 : */
1768 12071713 : static int ldb_kv_sequence_number(struct ldb_kv_context *ctx,
1769 : struct ldb_extended **ext)
1770 : {
1771 : struct ldb_context *ldb;
1772 12071713 : struct ldb_module *module = ctx->module;
1773 12071713 : struct ldb_request *req = ctx->req;
1774 12071713 : void *data = ldb_module_get_private(module);
1775 : struct ldb_kv_private *ldb_kv =
1776 12071713 : talloc_get_type(data, struct ldb_kv_private);
1777 12071713 : TALLOC_CTX *tmp_ctx = NULL;
1778 : struct ldb_seqnum_request *seq;
1779 : struct ldb_seqnum_result *res;
1780 12071713 : struct ldb_message *msg = NULL;
1781 : struct ldb_dn *dn;
1782 : const char *date;
1783 12071713 : int ret = LDB_SUCCESS;
1784 :
1785 12071713 : ldb = ldb_module_get_ctx(module);
1786 :
1787 12071713 : seq = talloc_get_type(req->op.extended.data,
1788 : struct ldb_seqnum_request);
1789 12071713 : if (seq == NULL) {
1790 0 : return LDB_ERR_OPERATIONS_ERROR;
1791 : }
1792 :
1793 12071713 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1794 :
1795 12071713 : if (ldb_kv->kv_ops->lock_read(module) != 0) {
1796 0 : return LDB_ERR_OPERATIONS_ERROR;
1797 : }
1798 :
1799 12071713 : res = talloc_zero(req, struct ldb_seqnum_result);
1800 12071713 : if (res == NULL) {
1801 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1802 0 : goto done;
1803 : }
1804 :
1805 12071713 : tmp_ctx = talloc_new(req);
1806 12071713 : if (tmp_ctx == NULL) {
1807 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1808 0 : goto done;
1809 : }
1810 :
1811 12071713 : dn = ldb_dn_new(tmp_ctx, ldb, LDB_KV_BASEINFO);
1812 12071713 : if (dn == NULL) {
1813 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1814 0 : goto done;
1815 : }
1816 :
1817 12071713 : msg = ldb_msg_new(tmp_ctx);
1818 12071713 : if (msg == NULL) {
1819 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1820 0 : goto done;
1821 : }
1822 :
1823 12071713 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
1824 12071713 : if (ret != LDB_SUCCESS) {
1825 0 : goto done;
1826 : }
1827 :
1828 12071713 : switch (seq->type) {
1829 12068412 : case LDB_SEQ_HIGHEST_SEQ:
1830 12068412 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1831 12068412 : break;
1832 3301 : case LDB_SEQ_NEXT:
1833 3301 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1834 3301 : res->seq_num++;
1835 3301 : break;
1836 0 : case LDB_SEQ_HIGHEST_TIMESTAMP:
1837 0 : date = ldb_msg_find_attr_as_string(msg, LDB_KV_MOD_TIMESTAMP, NULL);
1838 0 : if (date) {
1839 0 : res->seq_num = ldb_string_to_time(date);
1840 : } else {
1841 0 : res->seq_num = 0;
1842 : /* zero is as good as anything when we don't know */
1843 : }
1844 0 : break;
1845 : }
1846 :
1847 12071713 : *ext = talloc_zero(req, struct ldb_extended);
1848 12071713 : if (*ext == NULL) {
1849 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1850 0 : goto done;
1851 : }
1852 12071713 : (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1853 12071713 : (*ext)->data = talloc_steal(*ext, res);
1854 :
1855 12071713 : done:
1856 12071713 : talloc_free(tmp_ctx);
1857 :
1858 12071713 : ldb_kv->kv_ops->unlock_read(module);
1859 12071713 : return ret;
1860 : }
1861 :
1862 89033356 : static void ldb_kv_request_done(struct ldb_kv_context *ctx, int error)
1863 : {
1864 : struct ldb_context *ldb;
1865 : struct ldb_request *req;
1866 : struct ldb_reply *ares;
1867 :
1868 89033356 : ldb = ldb_module_get_ctx(ctx->module);
1869 89033356 : req = ctx->req;
1870 :
1871 : /* if we already returned an error just return */
1872 89033356 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1873 0 : return;
1874 : }
1875 :
1876 89033356 : ares = talloc_zero(req, struct ldb_reply);
1877 89033356 : if (!ares) {
1878 0 : ldb_oom(ldb);
1879 0 : req->callback(req, NULL);
1880 0 : return;
1881 : }
1882 89033356 : ares->type = LDB_REPLY_DONE;
1883 89033356 : ares->error = error;
1884 :
1885 89033356 : req->callback(req, ares);
1886 : }
1887 :
1888 0 : static void ldb_kv_timeout(_UNUSED_ struct tevent_context *ev,
1889 : _UNUSED_ struct tevent_timer *te,
1890 : _UNUSED_ struct timeval t,
1891 : void *private_data)
1892 : {
1893 : struct ldb_kv_context *ctx;
1894 0 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1895 :
1896 0 : if (!ctx->request_terminated) {
1897 : /* request is done now */
1898 0 : ldb_kv_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1899 : }
1900 :
1901 0 : if (ctx->spy) {
1902 : /* neutralize the spy */
1903 0 : ctx->spy->ctx = NULL;
1904 0 : ctx->spy = NULL;
1905 : }
1906 0 : talloc_free(ctx);
1907 0 : }
1908 :
1909 12071713 : static void ldb_kv_request_extended_done(struct ldb_kv_context *ctx,
1910 : struct ldb_extended *ext,
1911 : int error)
1912 : {
1913 : struct ldb_context *ldb;
1914 : struct ldb_request *req;
1915 : struct ldb_reply *ares;
1916 :
1917 12071713 : ldb = ldb_module_get_ctx(ctx->module);
1918 12071713 : req = ctx->req;
1919 :
1920 : /* if we already returned an error just return */
1921 12071713 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1922 0 : return;
1923 : }
1924 :
1925 12071713 : ares = talloc_zero(req, struct ldb_reply);
1926 12071713 : if (!ares) {
1927 0 : ldb_oom(ldb);
1928 0 : req->callback(req, NULL);
1929 0 : return;
1930 : }
1931 12071713 : ares->type = LDB_REPLY_DONE;
1932 12071713 : ares->response = ext;
1933 12071713 : ares->error = error;
1934 :
1935 12071713 : req->callback(req, ares);
1936 : }
1937 :
1938 12071713 : static void ldb_kv_handle_extended(struct ldb_kv_context *ctx)
1939 : {
1940 12071713 : struct ldb_extended *ext = NULL;
1941 : int ret;
1942 :
1943 12071713 : if (strcmp(ctx->req->op.extended.oid,
1944 : LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1945 : /* get sequence number */
1946 12071713 : ret = ldb_kv_sequence_number(ctx, &ext);
1947 : } else {
1948 : /* not recognized */
1949 0 : ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1950 : }
1951 :
1952 12071713 : ldb_kv_request_extended_done(ctx, ext, ret);
1953 12071713 : }
1954 :
1955 101144536 : static void ldb_kv_callback(struct tevent_context *ev,
1956 : struct tevent_timer *te,
1957 : struct timeval t,
1958 : void *private_data)
1959 : {
1960 : struct ldb_kv_context *ctx;
1961 : int ret;
1962 :
1963 101144536 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1964 :
1965 101144536 : if (ctx->request_terminated) {
1966 0 : goto done;
1967 : }
1968 :
1969 101144536 : switch (ctx->req->operation) {
1970 87411284 : case LDB_SEARCH:
1971 87411284 : ret = ldb_kv_search(ctx);
1972 87411274 : break;
1973 813922 : case LDB_ADD:
1974 813922 : ret = ldb_kv_add(ctx);
1975 813922 : break;
1976 778156 : case LDB_MODIFY:
1977 778156 : ret = ldb_kv_modify(ctx);
1978 778156 : break;
1979 10622 : case LDB_DELETE:
1980 10622 : ret = ldb_kv_delete(ctx);
1981 10622 : break;
1982 58839 : case LDB_RENAME:
1983 58839 : ret = ldb_kv_rename(ctx);
1984 58839 : break;
1985 12071713 : case LDB_EXTENDED:
1986 12071713 : ldb_kv_handle_extended(ctx);
1987 12071713 : goto done;
1988 0 : default:
1989 : /* no other op supported */
1990 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1991 : }
1992 :
1993 89072813 : if (!ctx->request_terminated) {
1994 : /* request is done now */
1995 89033356 : ldb_kv_request_done(ctx, ret);
1996 : }
1997 :
1998 39457 : done:
1999 101144524 : if (ctx->spy) {
2000 : /* neutralize the spy */
2001 101130078 : ctx->spy->ctx = NULL;
2002 101130078 : ctx->spy = NULL;
2003 : }
2004 101144524 : talloc_free(ctx);
2005 101144524 : }
2006 :
2007 101144546 : static int ldb_kv_request_destructor(void *ptr)
2008 : {
2009 : struct ldb_kv_req_spy *spy =
2010 101144546 : talloc_get_type(ptr, struct ldb_kv_req_spy);
2011 :
2012 101144546 : if (spy->ctx != NULL) {
2013 14468 : spy->ctx->spy = NULL;
2014 14468 : spy->ctx->request_terminated = true;
2015 14468 : spy->ctx = NULL;
2016 : }
2017 :
2018 101144546 : return 0;
2019 : }
2020 :
2021 101144623 : static int ldb_kv_handle_request(struct ldb_module *module,
2022 : struct ldb_request *req)
2023 : {
2024 : struct ldb_control *control_permissive;
2025 : struct ldb_context *ldb;
2026 : struct tevent_context *ev;
2027 : struct ldb_kv_context *ac;
2028 : struct tevent_timer *te;
2029 : struct timeval tv;
2030 : unsigned int i;
2031 :
2032 101144623 : ldb = ldb_module_get_ctx(module);
2033 :
2034 101144623 : control_permissive = ldb_request_get_control(req,
2035 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2036 :
2037 357677508 : for (i = 0; req->controls && req->controls[i]; i++) {
2038 256532948 : if (req->controls[i]->critical &&
2039 63 : req->controls[i] != control_permissive) {
2040 63 : ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
2041 63 : req->controls[i]->oid);
2042 63 : return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
2043 : }
2044 : }
2045 :
2046 101144560 : if (req->starttime == 0 || req->timeout == 0) {
2047 0 : ldb_set_errstring(ldb, "Invalid timeout settings");
2048 0 : return LDB_ERR_TIME_LIMIT_EXCEEDED;
2049 : }
2050 :
2051 101144560 : ev = ldb_handle_get_event_context(req->handle);
2052 :
2053 101144560 : ac = talloc_zero(ldb, struct ldb_kv_context);
2054 101144560 : if (ac == NULL) {
2055 0 : ldb_oom(ldb);
2056 0 : return LDB_ERR_OPERATIONS_ERROR;
2057 : }
2058 :
2059 101144560 : ac->module = module;
2060 101144560 : ac->req = req;
2061 :
2062 101144560 : tv.tv_sec = 0;
2063 101144560 : tv.tv_usec = 0;
2064 101144560 : te = tevent_add_timer(ev, ac, tv, ldb_kv_callback, ac);
2065 101144560 : if (NULL == te) {
2066 0 : talloc_free(ac);
2067 0 : return LDB_ERR_OPERATIONS_ERROR;
2068 : }
2069 :
2070 101144560 : if (req->timeout > 0) {
2071 101144560 : tv.tv_sec = req->starttime + req->timeout;
2072 101144560 : tv.tv_usec = 0;
2073 101144560 : ac->timeout_event =
2074 101144560 : tevent_add_timer(ev, ac, tv, ldb_kv_timeout, ac);
2075 101144560 : if (NULL == ac->timeout_event) {
2076 0 : talloc_free(ac);
2077 0 : return LDB_ERR_OPERATIONS_ERROR;
2078 : }
2079 : }
2080 :
2081 101144560 : ac->timeout_timeval = tv;
2082 :
2083 : /* set a spy so that we do not try to use the request context
2084 : * if it is freed before ltdb_callback fires */
2085 101144560 : ac->spy = talloc(req, struct ldb_kv_req_spy);
2086 101144560 : if (NULL == ac->spy) {
2087 0 : talloc_free(ac);
2088 0 : return LDB_ERR_OPERATIONS_ERROR;
2089 : }
2090 101144560 : ac->spy->ctx = ac;
2091 :
2092 101144560 : talloc_set_destructor((TALLOC_CTX *)ac->spy, ldb_kv_request_destructor);
2093 :
2094 101144560 : return LDB_SUCCESS;
2095 : }
2096 :
2097 765729 : static int ldb_kv_init_rootdse(struct ldb_module *module)
2098 : {
2099 : /* ignore errors on this - we expect it for non-sam databases */
2100 765729 : ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2101 :
2102 : /* there can be no module beyond the backend, just return */
2103 765729 : return LDB_SUCCESS;
2104 : }
2105 :
2106 66238170 : static int ldb_kv_lock_read(struct ldb_module *module)
2107 : {
2108 66238170 : void *data = ldb_module_get_private(module);
2109 : struct ldb_kv_private *ldb_kv =
2110 66238170 : talloc_get_type(data, struct ldb_kv_private);
2111 66238170 : return ldb_kv->kv_ops->lock_read(module);
2112 : }
2113 :
2114 66238156 : static int ldb_kv_unlock_read(struct ldb_module *module)
2115 : {
2116 66238156 : void *data = ldb_module_get_private(module);
2117 : struct ldb_kv_private *ldb_kv =
2118 66238156 : talloc_get_type(data, struct ldb_kv_private);
2119 66238156 : return ldb_kv->kv_ops->unlock_read(module);
2120 : }
2121 :
2122 : static const struct ldb_module_ops ldb_kv_ops = {
2123 : .name = "tdb",
2124 : .init_context = ldb_kv_init_rootdse,
2125 : .search = ldb_kv_handle_request,
2126 : .add = ldb_kv_handle_request,
2127 : .modify = ldb_kv_handle_request,
2128 : .del = ldb_kv_handle_request,
2129 : .rename = ldb_kv_handle_request,
2130 : .extended = ldb_kv_handle_request,
2131 : .start_transaction = ldb_kv_start_trans,
2132 : .end_transaction = ldb_kv_end_trans,
2133 : .prepare_commit = ldb_kv_prepare_commit,
2134 : .del_transaction = ldb_kv_del_trans,
2135 : .read_lock = ldb_kv_lock_read,
2136 : .read_unlock = ldb_kv_unlock_read,
2137 : };
2138 :
2139 765858 : int ldb_kv_init_store(struct ldb_kv_private *ldb_kv,
2140 : const char *name,
2141 : struct ldb_context *ldb,
2142 : const char *options[],
2143 : struct ldb_module **_module)
2144 : {
2145 765858 : if (getenv("LDB_WARN_UNINDEXED")) {
2146 0 : ldb_kv->warn_unindexed = true;
2147 : }
2148 :
2149 765858 : if (getenv("LDB_WARN_REINDEX")) {
2150 0 : ldb_kv->warn_reindex = true;
2151 : }
2152 :
2153 765858 : ldb_kv->sequence_number = 0;
2154 :
2155 765858 : ldb_kv->pid = getpid();
2156 :
2157 765858 : ldb_kv->pack_format_override = 0;
2158 :
2159 765858 : ldb_kv->module = ldb_module_new(ldb, ldb, name, &ldb_kv_ops);
2160 765858 : if (!ldb_kv->module) {
2161 0 : ldb_oom(ldb);
2162 0 : talloc_free(ldb_kv);
2163 0 : return LDB_ERR_OPERATIONS_ERROR;
2164 : }
2165 765858 : ldb_module_set_private(ldb_kv->module, ldb_kv);
2166 765858 : talloc_steal(ldb_kv->module, ldb_kv);
2167 :
2168 765858 : if (ldb_kv_cache_load(ldb_kv->module) != 0) {
2169 0 : ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
2170 : "records for backend '%s'", name);
2171 0 : talloc_free(ldb_kv->module);
2172 0 : return LDB_ERR_OPERATIONS_ERROR;
2173 : }
2174 :
2175 765858 : *_module = ldb_kv->module;
2176 : /*
2177 : * Set or override the maximum key length
2178 : *
2179 : * The ldb_mdb code will have set this to 511, but our tests
2180 : * set this even smaller (to make the tests more practical).
2181 : *
2182 : * This must only be used for the selftest as the length
2183 : * becomes encoded in the index keys.
2184 : */
2185 : {
2186 : const char *len_str =
2187 765858 : ldb_options_find(ldb, options,
2188 : "max_key_len_for_self_test");
2189 765858 : if (len_str != NULL) {
2190 32 : unsigned len = strtoul(len_str, NULL, 0);
2191 32 : ldb_kv->max_key_length = len;
2192 : }
2193 : }
2194 :
2195 : /*
2196 : * Usually the presence of GUID indexing determines the pack format
2197 : * we use but in certain circumstances such as downgrading an
2198 : * MDB-backed database, we want to override the target pack format.
2199 : *
2200 : * We set/get opaques here because in the Samba partitions module,
2201 : * 'options' are not passed correctly so sub-databases can't see
2202 : * the options they need.
2203 : */
2204 : {
2205 : const char *pack_format_override =
2206 765858 : ldb_options_find(ldb, options, "pack_format_override");
2207 765858 : if (pack_format_override != NULL) {
2208 : int ret;
2209 0 : ldb_kv->pack_format_override =
2210 0 : strtoul(pack_format_override, NULL, 0);
2211 0 : ret = ldb_set_opaque(ldb,
2212 : "pack_format_override",
2213 0 : (void *)(intptr_t)ldb_kv->pack_format_override);
2214 0 : if (ret != LDB_SUCCESS) {
2215 0 : talloc_free(ldb_kv->module);
2216 0 : return ldb_module_operr(ldb_kv->module);
2217 : }
2218 : } else {
2219 : /*
2220 : * NULL -> 0 is fine, otherwise we get back
2221 : * the number we needed
2222 : */
2223 : ldb_kv->pack_format_override
2224 765858 : = (intptr_t)ldb_get_opaque(ldb,
2225 : "pack_format_override");
2226 : }
2227 : }
2228 :
2229 : /*
2230 : * Override full DB scans
2231 : *
2232 : * A full DB scan is expensive on a large database. This
2233 : * option is for testing to show that the full DB scan is not
2234 : * triggered.
2235 : */
2236 : {
2237 : const char *len_str =
2238 765858 : ldb_options_find(ldb, options,
2239 : "disable_full_db_scan_for_self_test");
2240 765858 : if (len_str != NULL) {
2241 600 : ldb_kv->disable_full_db_scan = true;
2242 : }
2243 : }
2244 :
2245 : /*
2246 : * Set the size of the transaction index cache.
2247 : * If the ldb option "transaction_index_cache_size" is set use that
2248 : * otherwise use DEFAULT_INDEX_CACHE_SIZE
2249 : */
2250 765858 : ldb_kv->index_transaction_cache_size = DEFAULT_INDEX_CACHE_SIZE;
2251 : {
2252 765858 : const char *size = ldb_options_find(
2253 : ldb,
2254 : options,
2255 : "transaction_index_cache_size");
2256 765858 : if (size != NULL) {
2257 317 : size_t cache_size = 0;
2258 317 : errno = 0;
2259 :
2260 317 : cache_size = strtoul( size, NULL, 0);
2261 317 : if (cache_size == 0 || errno == ERANGE) {
2262 2 : ldb_debug(
2263 : ldb,
2264 : LDB_DEBUG_WARNING,
2265 : "Invalid transaction_index_cache_size "
2266 : "value [%s], using default(%d)\n",
2267 : size,
2268 : DEFAULT_INDEX_CACHE_SIZE);
2269 : } else {
2270 315 : ldb_kv->index_transaction_cache_size =
2271 : cache_size;
2272 : }
2273 : }
2274 : }
2275 : /*
2276 : * Set batch mode operation.
2277 : * This disables the nested sub transactions, and increases the
2278 : * chance of index corruption. If using this mode the transaction
2279 : * commit will be aborted if any operation fails.
2280 : */
2281 : {
2282 765858 : const char *batch_mode = ldb_options_find(
2283 : ldb, options, "batch_mode");
2284 765858 : if (batch_mode != NULL) {
2285 317 : ldb_kv->batch_mode = true;
2286 : }
2287 : }
2288 :
2289 765858 : return LDB_SUCCESS;
2290 : }
|
