Line data Source code
1 : /*
2 : ldb database library
3 :
4 : Copyright (C) Andrew Tridgell 2004
5 : Copyright (C) Stefan Metzmacher 2004
6 : Copyright (C) Simo Sorce 2006-2008
7 : Copyright (C) Matthias Dieter Wallnöfer 2009-2010
8 :
9 : ** NOTE! The following LGPL license applies to the ldb
10 : ** library. This does NOT imply that all of Samba is released
11 : ** under the LGPL
12 :
13 : This library is free software; you can redistribute it and/or
14 : modify it under the terms of the GNU Lesser General Public
15 : License as published by the Free Software Foundation; either
16 : version 3 of the License, or (at your option) any later version.
17 :
18 : This library is distributed in the hope that it will be useful,
19 : but WITHOUT ANY WARRANTY; without even the implied warranty of
20 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 : Lesser General Public License for more details.
22 :
23 : You should have received a copy of the GNU Lesser General Public
24 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 : */
26 :
27 : /*
28 : * Name: ldb_kv
29 : *
30 : * Component: ldb key value backend
31 : *
32 : * Description: core functions for ldb key value backend
33 : *
34 : * Author: Andrew Tridgell
35 : * Author: Stefan Metzmacher
36 : *
37 : * Modifications:
38 : *
39 : * - description: make the module use asynchronous calls
40 : * date: Feb 2006
41 : * Author: Simo Sorce
42 : *
43 : * - description: make it possible to use event contexts
44 : * date: Jan 2008
45 : * Author: Simo Sorce
46 : *
47 : * - description: fix up memory leaks and small bugs
48 : * date: Oct 2009
49 : * Author: Matthias Dieter Wallnöfer
50 : */
51 :
52 : #include "ldb_kv.h"
53 : #include "ldb_private.h"
54 : #include "lib/util/attr.h"
55 :
56 : /*
57 : prevent memory errors on callbacks
58 : */
59 : struct ldb_kv_req_spy {
60 : struct ldb_kv_context *ctx;
61 : };
62 :
63 : /*
64 : * Determine if this key could hold a record. We allow the new GUID
65 : * index, the old DN index and a possible future ID=
66 : */
67 380206629 : bool ldb_kv_key_is_normal_record(struct ldb_val key)
68 : {
69 380206629 : if (key.length < 4) {
70 0 : return false;
71 : }
72 :
73 : /*
74 : * @ records are not normal records, we don't want to index
75 : * them nor search on them
76 : */
77 609885599 : if (key.length > 4 &&
78 380206629 : memcmp(key.data, "DN=@", 4) == 0) {
79 301419689 : return false;
80 : }
81 :
82 : /* All other DN= records are however */
83 78786940 : if (memcmp(key.data, "DN=", 3) == 0) {
84 281225 : return true;
85 : }
86 :
87 78505715 : if (memcmp(key.data, "ID=", 3) == 0) {
88 0 : return true;
89 : }
90 :
91 78505715 : if (key.length < sizeof(LDB_KV_GUID_KEY_PREFIX)) {
92 0 : return false;
93 : }
94 :
95 78505715 : if (memcmp(key.data, LDB_KV_GUID_KEY_PREFIX,
96 : sizeof(LDB_KV_GUID_KEY_PREFIX) - 1) == 0) {
97 78505715 : return true;
98 : }
99 :
100 0 : return false;
101 : }
102 :
103 : /*
104 : form a ldb_val for a record key
105 : caller frees
106 :
107 : note that the key for a record can depend on whether the
108 : dn refers to a case sensitive index record or not
109 : */
110 158586493 : struct ldb_val ldb_kv_key_dn(TALLOC_CTX *mem_ctx,
111 : struct ldb_dn *dn)
112 : {
113 : struct ldb_val key;
114 158586493 : char *key_str = NULL;
115 158586493 : const char *dn_folded = NULL;
116 :
117 : /*
118 : most DNs are case insensitive. The exception is index DNs for
119 : case sensitive attributes
120 :
121 : there are 3 cases dealt with in this code:
122 :
123 : 1) if the dn doesn't start with @ then uppercase the attribute
124 : names and the attributes values of case insensitive attributes
125 : 2) if the dn starts with @ then leave it alone -
126 : the indexing code handles the rest
127 : */
128 :
129 158586493 : dn_folded = ldb_dn_get_casefold(dn);
130 158586493 : if (!dn_folded) {
131 0 : goto failed;
132 : }
133 :
134 158586493 : key_str = talloc_strdup(mem_ctx, "DN=");
135 158586493 : if (!key_str) {
136 0 : goto failed;
137 : }
138 :
139 158586493 : key_str = talloc_strdup_append_buffer(key_str, dn_folded);
140 158586493 : if (!key_str) {
141 0 : goto failed;
142 : }
143 :
144 158586493 : key.data = (uint8_t *)key_str;
145 158586493 : key.length = strlen(key_str) + 1;
146 :
147 158586493 : return key;
148 :
149 0 : failed:
150 0 : errno = ENOMEM;
151 0 : key.data = NULL;
152 0 : key.length = 0;
153 0 : return key;
154 : }
155 :
156 : /* The caller is to provide a correctly sized key */
157 180451242 : int ldb_kv_guid_to_key(const struct ldb_val *GUID_val,
158 : struct ldb_val *key)
159 : {
160 180451242 : const char *GUID_prefix = LDB_KV_GUID_KEY_PREFIX;
161 180451242 : const int GUID_prefix_len = sizeof(LDB_KV_GUID_KEY_PREFIX) - 1;
162 :
163 180451242 : if (key->length != (GUID_val->length+GUID_prefix_len)) {
164 0 : return LDB_ERR_OPERATIONS_ERROR;
165 : }
166 :
167 180451242 : memcpy(key->data, GUID_prefix, GUID_prefix_len);
168 331918340 : memcpy(&key->data[GUID_prefix_len],
169 180451242 : GUID_val->data, GUID_val->length);
170 180451242 : return LDB_SUCCESS;
171 : }
172 :
173 : /*
174 : * The caller is to provide a correctly sized key, used only in
175 : * the GUID index mode
176 : */
177 96997971 : int ldb_kv_idx_to_key(struct ldb_module *module,
178 : struct ldb_kv_private *ldb_kv,
179 : TALLOC_CTX *mem_ctx,
180 : const struct ldb_val *idx_val,
181 : struct ldb_val *key)
182 : {
183 96997971 : struct ldb_context *ldb = ldb_module_get_ctx(module);
184 : struct ldb_dn *dn;
185 :
186 96997971 : if (ldb_kv->cache->GUID_index_attribute != NULL) {
187 96842945 : return ldb_kv_guid_to_key(idx_val, key);
188 : }
189 :
190 155026 : dn = ldb_dn_from_ldb_val(mem_ctx, ldb, idx_val);
191 155026 : if (dn == NULL) {
192 : /*
193 : * LDB_ERR_INVALID_DN_SYNTAX would just be confusing
194 : * to the caller, as this in an invalid index value
195 : */
196 0 : return LDB_ERR_OPERATIONS_ERROR;
197 : }
198 : /* form the key */
199 155026 : *key = ldb_kv_key_dn(mem_ctx, dn);
200 155026 : TALLOC_FREE(dn);
201 155026 : if (!key->data) {
202 0 : return ldb_module_oom(module);
203 : }
204 155026 : return LDB_SUCCESS;
205 : }
206 :
207 : /*
208 : form a TDB_DATA for a record key
209 : caller frees mem_ctx, which may or may not have the key
210 : as a child.
211 :
212 : note that the key for a record can depend on whether a
213 : GUID index is in use, or the DN is used as the key
214 : */
215 15462401 : struct ldb_val ldb_kv_key_msg(struct ldb_module *module,
216 : TALLOC_CTX *mem_ctx,
217 : const struct ldb_message *msg)
218 : {
219 15462401 : void *data = ldb_module_get_private(module);
220 13555649 : struct ldb_kv_private *ldb_kv =
221 1906752 : talloc_get_type(data, struct ldb_kv_private);
222 : struct ldb_val key;
223 : const struct ldb_val *guid_val;
224 : int ret;
225 :
226 15462401 : if (ldb_kv->cache->GUID_index_attribute == NULL) {
227 275775 : return ldb_kv_key_dn(mem_ctx, msg->dn);
228 : }
229 :
230 15186626 : if (ldb_dn_is_special(msg->dn)) {
231 12213468 : return ldb_kv_key_dn(mem_ctx, msg->dn);
232 : }
233 :
234 2647802 : guid_val =
235 2973158 : ldb_msg_find_ldb_val(msg, ldb_kv->cache->GUID_index_attribute);
236 2973158 : if (guid_val == NULL) {
237 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
238 : "Did not find GUID attribute %s "
239 : "in %s, required for TDB record "
240 : "key in " LDB_KV_IDXGUID " mode.",
241 0 : ldb_kv->cache->GUID_index_attribute,
242 0 : ldb_dn_get_linearized(msg->dn));
243 0 : errno = EINVAL;
244 0 : key.data = NULL;
245 0 : key.length = 0;
246 0 : return key;
247 : }
248 :
249 : /* In this case, allocate with talloc */
250 2973158 : key.data = talloc_size(mem_ctx, LDB_KV_GUID_KEY_SIZE);
251 2973158 : if (key.data == NULL) {
252 0 : errno = ENOMEM;
253 0 : key.data = NULL;
254 0 : key.length = 0;
255 0 : return key;
256 : }
257 2973158 : key.length = talloc_get_size(key.data);
258 :
259 2973158 : ret = ldb_kv_guid_to_key(guid_val, &key);
260 :
261 2973158 : if (ret != LDB_SUCCESS) {
262 0 : errno = EINVAL;
263 0 : key.data = NULL;
264 0 : key.length = 0;
265 0 : return key;
266 : }
267 2973158 : return key;
268 : }
269 :
270 : /*
271 : check special dn's have valid attributes
272 : currently only @ATTRIBUTES is checked
273 : */
274 1581285 : static int ldb_kv_check_special_dn(struct ldb_module *module,
275 : const struct ldb_message *msg)
276 : {
277 1581285 : struct ldb_context *ldb = ldb_module_get_ctx(module);
278 : unsigned int i, j;
279 :
280 1711948 : if (! ldb_dn_is_special(msg->dn) ||
281 172293 : ! ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
282 1574273 : return LDB_SUCCESS;
283 : }
284 :
285 : /* we have @ATTRIBUTES, let's check attributes are fine */
286 : /* should we check that we deny multivalued attributes ? */
287 1437437 : for (i = 0; i < msg->num_elements; i++) {
288 1430426 : if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
289 :
290 2855113 : for (j = 0; j < msg->elements[i].num_values; j++) {
291 1426848 : if (ldb_kv_check_at_attributes_values(
292 1426848 : &msg->elements[i].values[j]) != 0) {
293 1 : ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
294 1 : return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
295 : }
296 : }
297 : }
298 :
299 7011 : return LDB_SUCCESS;
300 : }
301 :
302 : /*
303 : * Called after modifies and when starting a transaction. Checks target pack
304 : * format version and current pack format version, which are set by cache_load,
305 : * and repacks if necessary.
306 : */
307 1347593 : static int ldb_kv_maybe_repack(struct ldb_kv_private *ldb_kv) {
308 : /* Override option taken from ldb options */
309 1347593 : if (ldb_kv->pack_format_override != 0) {
310 0 : ldb_kv->target_pack_format_version =
311 0 : ldb_kv->pack_format_override;
312 : }
313 :
314 2440347 : if (ldb_kv->pack_format_version !=
315 1347593 : ldb_kv->target_pack_format_version) {
316 : int r;
317 2664 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
318 2664 : r = ldb_kv_repack(ldb_kv->module);
319 2664 : if (r != LDB_SUCCESS) {
320 0 : ldb_debug(ldb, LDB_DEBUG_ERROR,
321 : "Database repack failed.");
322 : }
323 2664 : return r;
324 : }
325 :
326 1344929 : return LDB_SUCCESS;
327 : }
328 :
329 : /*
330 : we've made a modification to a dn - possibly reindex and
331 : update sequence number
332 : */
333 3387632 : static int ldb_kv_modified(struct ldb_module *module, struct ldb_dn *dn)
334 : {
335 3387632 : int ret = LDB_SUCCESS;
336 3387632 : struct ldb_kv_private *ldb_kv = talloc_get_type(
337 : ldb_module_get_private(module), struct ldb_kv_private);
338 :
339 : /* only allow modifies inside a transaction, otherwise the
340 : * ldb is unsafe */
341 3387632 : if (ldb_kv->kv_ops->transaction_active(ldb_kv) == false) {
342 0 : ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
343 0 : return LDB_ERR_OPERATIONS_ERROR;
344 : }
345 :
346 5250882 : if (ldb_dn_is_special(dn) &&
347 3721518 : (ldb_dn_check_special(dn, LDB_KV_INDEXLIST) ||
348 1858268 : ldb_dn_check_special(dn, LDB_KV_ATTRIBUTES)) )
349 : {
350 10085 : if (ldb_kv->warn_reindex) {
351 0 : ldb_debug(ldb_module_get_ctx(module),
352 : LDB_DEBUG_ERROR,
353 : "Reindexing %s due to modification on %s",
354 0 : ldb_kv->kv_ops->name(ldb_kv),
355 : ldb_dn_get_linearized(dn));
356 : }
357 10085 : ret = ldb_kv_reindex(module);
358 : }
359 :
360 : /* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
361 6301922 : if (ret == LDB_SUCCESS &&
362 5250862 : !(ldb_dn_is_special(dn) &&
363 1863240 : ldb_dn_check_special(dn, LDB_KV_BASEINFO)) ) {
364 1693811 : ret = ldb_kv_increase_sequence_number(module);
365 : }
366 :
367 : /* If the modify was to @OPTIONS, reload the cache */
368 6775254 : if (ret == LDB_SUCCESS &&
369 5250862 : ldb_dn_is_special(dn) &&
370 1863240 : (ldb_dn_check_special(dn, LDB_KV_OPTIONS)) ) {
371 1891 : ret = ldb_kv_cache_reload(module);
372 : }
373 :
374 3387632 : if (ret != LDB_SUCCESS) {
375 10 : ldb_kv->reindex_failed = true;
376 : }
377 :
378 3387632 : return ret;
379 : }
380 : /*
381 : store a record into the db
382 : */
383 13878620 : int ldb_kv_store(struct ldb_module *module,
384 : const struct ldb_message *msg,
385 : int flgs)
386 : {
387 13878620 : void *data = ldb_module_get_private(module);
388 12134573 : struct ldb_kv_private *ldb_kv =
389 1744047 : talloc_get_type(data, struct ldb_kv_private);
390 : struct ldb_val key;
391 : struct ldb_val ldb_data;
392 13878620 : int ret = LDB_SUCCESS;
393 13878620 : TALLOC_CTX *key_ctx = talloc_new(module);
394 :
395 13878620 : if (key_ctx == NULL) {
396 0 : return ldb_module_oom(module);
397 : }
398 :
399 13878620 : if (ldb_kv->read_only) {
400 0 : talloc_free(key_ctx);
401 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
402 : }
403 :
404 13878620 : key = ldb_kv_key_msg(module, key_ctx, msg);
405 13878620 : if (key.data == NULL) {
406 0 : TALLOC_FREE(key_ctx);
407 0 : return LDB_ERR_OTHER;
408 : }
409 :
410 13878620 : ret = ldb_pack_data(ldb_module_get_ctx(module),
411 : msg, &ldb_data,
412 : ldb_kv->pack_format_version);
413 13878620 : if (ret == -1) {
414 0 : TALLOC_FREE(key_ctx);
415 0 : return LDB_ERR_OTHER;
416 : }
417 :
418 13878620 : ret = ldb_kv->kv_ops->store(ldb_kv, key, ldb_data, flgs);
419 13878620 : if (ret != 0) {
420 2405 : bool is_special = ldb_dn_is_special(msg->dn);
421 2405 : ret = ldb_kv->kv_ops->error(ldb_kv);
422 :
423 : /*
424 : * LDB_ERR_ENTRY_ALREADY_EXISTS means the DN, not
425 : * the GUID, so re-map
426 : */
427 2444 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS && !is_special &&
428 39 : ldb_kv->cache->GUID_index_attribute != NULL) {
429 18 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
430 : }
431 2405 : goto done;
432 : }
433 :
434 26010788 : done:
435 13878620 : TALLOC_FREE(key_ctx);
436 13878620 : talloc_free(ldb_data.data);
437 :
438 13878620 : return ret;
439 : }
440 :
441 :
442 : /*
443 : check if a attribute is a single valued, for a given element
444 : */
445 1190954 : static bool ldb_kv_single_valued(const struct ldb_schema_attribute *a,
446 : struct ldb_message_element *el)
447 : {
448 1190954 : if (!a) return false;
449 1190954 : if (el != NULL) {
450 1190954 : if (el->flags & LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK) {
451 : /* override from a ldb module, for example
452 : used for the description field, which is
453 : marked multi-valued in the schema but which
454 : should not actually accept multiple
455 : values */
456 12 : return true;
457 : }
458 1190942 : if (el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK) {
459 : /* override from a ldb module, for example used for
460 : deleted linked attribute entries */
461 26582 : return false;
462 : }
463 : }
464 1164360 : if (a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
465 75 : return true;
466 : }
467 1164285 : return false;
468 : }
469 :
470 : /*
471 : * Starts a sub transaction if they are supported by the backend
472 : * and the ldb connection has not been opened in batch mode.
473 : */
474 1647881 : static int ldb_kv_sub_transaction_start(struct ldb_kv_private *ldb_kv)
475 : {
476 1647881 : int ret = LDB_SUCCESS;
477 :
478 1647881 : if (ldb_kv->batch_mode) {
479 301237 : return ret;
480 : }
481 :
482 1346644 : ret = ldb_kv->kv_ops->begin_nested_write(ldb_kv);
483 1346644 : if (ret == LDB_SUCCESS) {
484 1346644 : ret = ldb_kv_index_sub_transaction_start(ldb_kv);
485 : }
486 1346644 : return ret;
487 : }
488 :
489 : /*
490 : * Commits a sub transaction if they are supported by the backend
491 : * and the ldb connection has not been opened in batch mode.
492 : */
493 1637760 : static int ldb_kv_sub_transaction_commit(struct ldb_kv_private *ldb_kv)
494 : {
495 1637760 : int ret = LDB_SUCCESS;
496 :
497 1637760 : if (ldb_kv->batch_mode) {
498 300985 : return ret;
499 : }
500 :
501 1336775 : ret = ldb_kv_index_sub_transaction_commit(ldb_kv);
502 1336775 : if (ret != LDB_SUCCESS) {
503 0 : return ret;
504 : }
505 1336775 : ret = ldb_kv->kv_ops->finish_nested_write(ldb_kv);
506 1336775 : return ret;
507 : }
508 :
509 : /*
510 : * Cancels a sub transaction if they are supported by the backend
511 : * and the ldb connection has not been opened in batch mode.
512 : */
513 10121 : static int ldb_kv_sub_transaction_cancel(struct ldb_kv_private *ldb_kv)
514 : {
515 10121 : int ret = LDB_SUCCESS;
516 :
517 10121 : if (ldb_kv->batch_mode) {
518 252 : return ret;
519 : }
520 :
521 9869 : ret = ldb_kv_index_sub_transaction_cancel(ldb_kv);
522 9869 : if (ret != LDB_SUCCESS) {
523 0 : struct ldb_context *ldb = ldb_module_get_ctx(ldb_kv->module);
524 : /*
525 : * In the event of a failure we log the failure and continue
526 : * as we need to cancel the database transaction.
527 : */
528 0 : ldb_debug(ldb,
529 : LDB_DEBUG_ERROR,
530 : __location__": ldb_kv_index_sub_transaction_cancel "
531 : "failed: %s",
532 : ldb_errstring(ldb));
533 : }
534 9869 : ret = ldb_kv->kv_ops->abort_nested_write(ldb_kv);
535 9869 : return ret;
536 : }
537 :
538 813752 : static int ldb_kv_add_internal(struct ldb_module *module,
539 : struct ldb_kv_private *ldb_kv,
540 : const struct ldb_message *msg,
541 : bool check_single_value)
542 : {
543 813752 : struct ldb_context *ldb = ldb_module_get_ctx(module);
544 813752 : int ret = LDB_SUCCESS;
545 : unsigned int i;
546 813752 : bool valid_dn = false;
547 :
548 : /* Check the new DN is reasonable */
549 813752 : valid_dn = ldb_dn_validate(msg->dn);
550 813752 : if (valid_dn == false) {
551 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
552 : "Invalid DN in ADD: %s",
553 0 : ldb_dn_get_linearized(msg->dn));
554 0 : return LDB_ERR_INVALID_DN_SYNTAX;
555 : }
556 :
557 16268969 : for (i=0;i<msg->num_elements;i++) {
558 15455220 : struct ldb_message_element *el = &msg->elements[i];
559 15455220 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
560 :
561 15455220 : if (el->num_values == 0) {
562 2 : ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
563 0 : el->name, ldb_dn_get_linearized(msg->dn));
564 2 : return LDB_ERR_CONSTRAINT_VIOLATION;
565 : }
566 16509514 : if (check_single_value && el->num_values > 1 &&
567 1054296 : ldb_kv_single_valued(a, el)) {
568 0 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
569 0 : el->name, ldb_dn_get_linearized(msg->dn));
570 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
571 : }
572 :
573 : /* Do not check "@ATTRIBUTES" for duplicated values */
574 16458695 : if (ldb_dn_is_special(msg->dn) &&
575 1003477 : ldb_dn_check_special(msg->dn, LDB_KV_ATTRIBUTES)) {
576 979635 : continue;
577 : }
578 :
579 26442919 : if (check_single_value &&
580 13410113 : !(el->flags &
581 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
582 13407519 : struct ldb_val *duplicate = NULL;
583 :
584 13407519 : ret = ldb_msg_find_duplicate_val(ldb, discard_const(msg),
585 : el, &duplicate, 0);
586 13407519 : if (ret != LDB_SUCCESS) {
587 1 : return ret;
588 : }
589 13407519 : if (duplicate != NULL) {
590 3 : ldb_asprintf_errstring(
591 : ldb,
592 : "attribute '%s': value '%.*s' on '%s' "
593 : "provided more than once in ADD object",
594 : el->name,
595 1 : (int)duplicate->length,
596 1 : duplicate->data,
597 0 : ldb_dn_get_linearized(msg->dn));
598 1 : return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
599 : }
600 : }
601 : }
602 :
603 813749 : ret = ldb_kv_store(module, msg, TDB_INSERT);
604 813749 : if (ret != LDB_SUCCESS) {
605 : /*
606 : * Try really hard to get the right error code for
607 : * a re-add situation, as this can matter!
608 : */
609 2404 : if (ret == LDB_ERR_CONSTRAINT_VIOLATION) {
610 : int ret2;
611 18 : struct ldb_dn *dn2 = NULL;
612 18 : TALLOC_CTX *mem_ctx = talloc_new(module);
613 18 : if (mem_ctx == NULL) {
614 0 : return ldb_module_operr(module);
615 : }
616 18 : ret2 =
617 18 : ldb_kv_search_base(module, mem_ctx, msg->dn, &dn2);
618 18 : TALLOC_FREE(mem_ctx);
619 18 : if (ret2 == LDB_SUCCESS) {
620 6 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
621 : }
622 : }
623 2404 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
624 2392 : ldb_asprintf_errstring(ldb,
625 : "Entry %s already exists",
626 713 : ldb_dn_get_linearized(msg->dn));
627 : }
628 2404 : return ret;
629 : }
630 :
631 811345 : ret = ldb_kv_index_add_new(module, ldb_kv, msg);
632 811345 : if (ret != LDB_SUCCESS) {
633 : /*
634 : * If we failed to index, delete the message again.
635 : *
636 : * This is particularly important for the GUID index
637 : * case, which will only fail for a duplicate DN
638 : * in the index add.
639 : *
640 : * Note that the caller may not cancel the transation
641 : * and this means the above add might really show up!
642 : */
643 262 : ldb_kv_delete_noindex(module, msg);
644 262 : return ret;
645 : }
646 :
647 811083 : ret = ldb_kv_modified(module, msg->dn);
648 :
649 : /*
650 : * To allow testing of the error recovery code in ldb_kv_add
651 : * cmocka tests can define CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
652 : * to inject failures at this point.
653 : */
654 : #ifdef CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
655 : CMOCKA_UNIT_TEST_ADD_INTERNAL_FAIL
656 : #endif
657 :
658 811083 : return ret;
659 : }
660 :
661 : /*
662 : add a record to the database
663 : */
664 757702 : static int ldb_kv_add(struct ldb_kv_context *ctx)
665 : {
666 757702 : struct ldb_module *module = ctx->module;
667 757702 : struct ldb_request *req = ctx->req;
668 757702 : void *data = ldb_module_get_private(module);
669 684438 : struct ldb_kv_private *ldb_kv =
670 73264 : talloc_get_type(data, struct ldb_kv_private);
671 757702 : int ret = LDB_SUCCESS;
672 :
673 939435 : if (ldb_kv->max_key_length != 0 &&
674 197131 : ldb_kv->cache->GUID_index_attribute == NULL &&
675 734 : !ldb_dn_is_special(req->op.add.message->dn)) {
676 0 : ldb_set_errstring(ldb_module_get_ctx(module),
677 : "Must operate ldb_mdb in GUID "
678 : "index mode, but " LDB_KV_IDXGUID " not set.");
679 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
680 : }
681 :
682 757702 : ret = ldb_kv_check_special_dn(module, req->op.add.message);
683 757702 : if (ret != LDB_SUCCESS) {
684 1 : return ret;
685 : }
686 :
687 757701 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
688 :
689 757701 : if (ldb_kv_cache_load(module) != 0) {
690 0 : return LDB_ERR_OPERATIONS_ERROR;
691 : }
692 :
693 757701 : ret = ldb_kv_sub_transaction_start(ldb_kv);
694 757701 : if (ret != LDB_SUCCESS) {
695 0 : return ret;
696 : }
697 757701 : ret = ldb_kv_add_internal(module, ldb_kv, req->op.add.message, true);
698 757701 : if (ret != LDB_SUCCESS) {
699 2679 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
700 2679 : if (r != LDB_SUCCESS) {
701 0 : ldb_debug(
702 : ldb_module_get_ctx(module),
703 : LDB_DEBUG_FATAL,
704 : __location__
705 : ": Unable to roll back sub transaction");
706 : }
707 2679 : ldb_kv->operation_failed = true;
708 2679 : return ret;
709 : }
710 755022 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
711 :
712 755022 : return ret;
713 : }
714 :
715 : /*
716 : delete a record from the database, not updating indexes (used for deleting
717 : index records)
718 : */
719 610010 : int ldb_kv_delete_noindex(struct ldb_module *module,
720 : const struct ldb_message *msg)
721 : {
722 610010 : void *data = ldb_module_get_private(module);
723 523362 : struct ldb_kv_private *ldb_kv =
724 86648 : talloc_get_type(data, struct ldb_kv_private);
725 : struct ldb_val key;
726 : int ret;
727 610010 : TALLOC_CTX *tdb_key_ctx = talloc_new(module);
728 :
729 610010 : if (tdb_key_ctx == NULL) {
730 0 : return ldb_module_oom(module);
731 : }
732 :
733 610010 : if (ldb_kv->read_only) {
734 0 : talloc_free(tdb_key_ctx);
735 0 : return LDB_ERR_UNWILLING_TO_PERFORM;
736 : }
737 :
738 610010 : key = ldb_kv_key_msg(module, tdb_key_ctx, msg);
739 610010 : if (!key.data) {
740 0 : TALLOC_FREE(tdb_key_ctx);
741 0 : return LDB_ERR_OTHER;
742 : }
743 :
744 610010 : ret = ldb_kv->kv_ops->delete(ldb_kv, key);
745 610010 : TALLOC_FREE(tdb_key_ctx);
746 :
747 610010 : if (ret != 0) {
748 69564 : ret = ldb_kv->kv_ops->error(ldb_kv);
749 : }
750 :
751 610010 : return ret;
752 : }
753 :
754 66597 : static int ldb_kv_delete_internal(struct ldb_module *module, struct ldb_dn *dn)
755 : {
756 : struct ldb_message *msg;
757 66597 : int ret = LDB_SUCCESS;
758 :
759 66597 : msg = ldb_msg_new(module);
760 66597 : if (msg == NULL) {
761 0 : return LDB_ERR_OPERATIONS_ERROR;
762 : }
763 :
764 : /* in case any attribute of the message was indexed, we need
765 : to fetch the old record */
766 66597 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
767 66597 : if (ret != LDB_SUCCESS) {
768 : /* not finding the old record is an error */
769 4290 : goto done;
770 : }
771 :
772 62307 : ret = ldb_kv_delete_noindex(module, msg);
773 62307 : if (ret != LDB_SUCCESS) {
774 0 : goto done;
775 : }
776 :
777 : /* remove any indexed attributes */
778 62307 : ret = ldb_kv_index_delete(module, msg);
779 62307 : if (ret != LDB_SUCCESS) {
780 0 : goto done;
781 : }
782 :
783 62307 : ret = ldb_kv_modified(module, dn);
784 62307 : if (ret != LDB_SUCCESS) {
785 0 : goto done;
786 : }
787 :
788 117172 : done:
789 66597 : talloc_free(msg);
790 : /*
791 : * To allow testing of the error recovery code in ldb_kv_delete
792 : * cmocka tests can define CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
793 : * to inject failures at this point.
794 : */
795 : #ifdef CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
796 : CMOCKA_UNIT_TEST_DELETE_INTERNAL_FAIL
797 : #endif
798 66597 : return ret;
799 : }
800 :
801 : /*
802 : delete a record from the database
803 : */
804 10546 : static int ldb_kv_delete(struct ldb_kv_context *ctx)
805 : {
806 10546 : struct ldb_module *module = ctx->module;
807 10546 : struct ldb_request *req = ctx->req;
808 10546 : void *data = ldb_module_get_private(module);
809 7917 : struct ldb_kv_private *ldb_kv =
810 2629 : talloc_get_type(data, struct ldb_kv_private);
811 10546 : int ret = LDB_SUCCESS;
812 :
813 10546 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
814 :
815 10546 : if (ldb_kv_cache_load(module) != 0) {
816 0 : return LDB_ERR_OPERATIONS_ERROR;
817 : }
818 :
819 10546 : ret = ldb_kv_sub_transaction_start(ldb_kv);
820 10546 : if (ret != LDB_SUCCESS) {
821 0 : return ret;
822 : }
823 10546 : ret = ldb_kv_delete_internal(module, req->op.del.dn);
824 10546 : if (ret != LDB_SUCCESS) {
825 4290 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
826 4290 : if (r != LDB_SUCCESS) {
827 0 : ldb_debug(
828 : ldb_module_get_ctx(module),
829 : LDB_DEBUG_FATAL,
830 : __location__
831 : ": Unable to roll back sub transaction");
832 : }
833 4290 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
834 0 : ldb_kv->operation_failed = true;
835 : }
836 4290 : return ret;
837 : }
838 6256 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
839 :
840 6256 : return ret;
841 : }
842 :
843 : /*
844 : find an element by attribute name. At the moment this does a linear search,
845 : it should be re-coded to use a binary search once all places that modify
846 : records guarantee sorted order
847 :
848 : return the index of the first matching element if found, otherwise -1
849 : */
850 6413976 : static int ldb_kv_find_element(const struct ldb_message *msg, const char *name)
851 : {
852 : unsigned int i;
853 178161659 : for (i=0;i<msg->num_elements;i++) {
854 177695368 : if (ldb_attr_cmp(msg->elements[i].name, name) == 0) {
855 5947685 : return i;
856 : }
857 : }
858 466291 : return -1;
859 : }
860 :
861 :
862 : /*
863 : add an element to an existing record. Assumes a elements array that we
864 : can call re-alloc on, and assumed that we can re-use the data pointers from
865 : the passed in additional values. Use with care!
866 :
867 : returns 0 on success, -1 on failure (and sets errno)
868 : */
869 3327619 : static int ldb_kv_msg_add_element(struct ldb_message *msg,
870 : struct ldb_message_element *el)
871 : {
872 : struct ldb_message_element *e2;
873 : unsigned int i;
874 :
875 3327619 : if (el->num_values == 0) {
876 : /* nothing to do here - we don't add empty elements */
877 110593 : return 0;
878 : }
879 :
880 3217026 : e2 = talloc_realloc(msg, msg->elements, struct ldb_message_element,
881 : msg->num_elements+1);
882 3217026 : if (!e2) {
883 0 : errno = ENOMEM;
884 0 : return -1;
885 : }
886 :
887 3217026 : msg->elements = e2;
888 :
889 3217026 : e2 = &msg->elements[msg->num_elements];
890 :
891 3217026 : e2->name = el->name;
892 3217026 : e2->flags = el->flags;
893 3217026 : e2->values = talloc_array(msg->elements,
894 : struct ldb_val, el->num_values);
895 3217026 : if (!e2->values) {
896 0 : errno = ENOMEM;
897 0 : return -1;
898 : }
899 7092650 : for (i=0;i<el->num_values;i++) {
900 3875624 : e2->values[i] = el->values[i];
901 : }
902 3217026 : e2->num_values = el->num_values;
903 :
904 3217026 : ++msg->num_elements;
905 :
906 3217026 : return 0;
907 : }
908 :
909 : /*
910 : delete all elements having a specified attribute name
911 : */
912 3339823 : static int ldb_kv_msg_delete_attribute(struct ldb_module *module,
913 : struct ldb_kv_private *ldb_kv,
914 : struct ldb_message *msg,
915 : const char *name)
916 : {
917 : int ret;
918 : struct ldb_message_element *el;
919 3339823 : bool is_special = ldb_dn_is_special(msg->dn);
920 :
921 4512162 : if (!is_special && ldb_kv->cache->GUID_index_attribute != NULL &&
922 1427644 : ldb_attr_cmp(name, ldb_kv->cache->GUID_index_attribute) == 0) {
923 0 : struct ldb_context *ldb = ldb_module_get_ctx(module);
924 0 : ldb_asprintf_errstring(ldb,
925 : "Must not modify GUID "
926 : "attribute %s (used as DB index)",
927 0 : ldb_kv->cache->GUID_index_attribute);
928 0 : return LDB_ERR_CONSTRAINT_VIOLATION;
929 : }
930 :
931 3339823 : el = ldb_msg_find_element(msg, name);
932 3339823 : if (el == NULL) {
933 8 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
934 : }
935 :
936 3339815 : ret = ldb_kv_index_del_element(module, ldb_kv, msg, el);
937 3339815 : if (ret != LDB_SUCCESS) {
938 0 : return ret;
939 : }
940 :
941 3339815 : talloc_free(el->values);
942 3339815 : ldb_msg_remove_element(msg, el);
943 3339815 : msg->elements = talloc_realloc(msg, msg->elements,
944 : struct ldb_message_element,
945 : msg->num_elements);
946 3339815 : return LDB_SUCCESS;
947 : }
948 :
949 : /*
950 : delete all elements matching an attribute name/value
951 :
952 : return LDB Error on failure
953 : */
954 140159 : static int ldb_kv_msg_delete_element(struct ldb_module *module,
955 : struct ldb_kv_private *ldb_kv,
956 : struct ldb_message *msg,
957 : const char *name,
958 : const struct ldb_val *val)
959 : {
960 140159 : struct ldb_context *ldb = ldb_module_get_ctx(module);
961 : unsigned int i;
962 : int found, ret;
963 : struct ldb_message_element *el;
964 : const struct ldb_schema_attribute *a;
965 :
966 140159 : found = ldb_kv_find_element(msg, name);
967 140159 : if (found == -1) {
968 302 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
969 : }
970 :
971 139857 : i = (unsigned int) found;
972 139857 : el = &(msg->elements[i]);
973 :
974 139857 : a = ldb_schema_attribute_by_name(ldb, el->name);
975 :
976 282518 : for (i=0;i<el->num_values;i++) {
977 : bool matched;
978 150351 : if (a->syntax->operator_fn) {
979 280097 : ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
980 149214 : &el->values[i], val, &matched);
981 288926 : if (ret != LDB_SUCCESS) return ret;
982 : } else {
983 3304 : matched = (a->syntax->comparison_fn(ldb, ldb,
984 2167 : &el->values[i], val) == 0);
985 : }
986 150351 : if (matched) {
987 139712 : if (el->num_values == 1) {
988 129479 : return ldb_kv_msg_delete_attribute(
989 : module, ldb_kv, msg, name);
990 : }
991 :
992 7909 : ret =
993 2324 : ldb_kv_index_del_value(module, ldb_kv, msg, el, i);
994 10233 : if (ret != LDB_SUCCESS) {
995 0 : return ret;
996 : }
997 :
998 10233 : ARRAY_DEL_ELEMENT(el->values, i, el->num_values);
999 10233 : el->num_values--;
1000 :
1001 : /* per definition we find in a canonicalised message an
1002 : attribute value only once. So we are finished here */
1003 10233 : return LDB_SUCCESS;
1004 : }
1005 : }
1006 :
1007 : /* Not found */
1008 145 : return LDB_ERR_NO_SUCH_ATTRIBUTE;
1009 : }
1010 :
1011 : /*
1012 : modify a record - internal interface
1013 :
1014 : yuck - this is O(n^2). Luckily n is usually small so we probably
1015 : get away with it, but if we ever have really large attribute lists
1016 : then we'll need to look at this again
1017 :
1018 : 'req' is optional, and is used to specify controls if supplied
1019 : */
1020 2517394 : int ldb_kv_modify_internal(struct ldb_module *module,
1021 : const struct ldb_message *msg,
1022 : struct ldb_request *req)
1023 : {
1024 2517394 : struct ldb_context *ldb = ldb_module_get_ctx(module);
1025 2517394 : void *data = ldb_module_get_private(module);
1026 2136190 : struct ldb_kv_private *ldb_kv =
1027 381204 : talloc_get_type(data, struct ldb_kv_private);
1028 : struct ldb_message *msg2;
1029 : unsigned int i, j;
1030 2517394 : int ret = LDB_SUCCESS, idx;
1031 2517394 : struct ldb_control *control_permissive = NULL;
1032 2517394 : TALLOC_CTX *mem_ctx = talloc_new(req);
1033 :
1034 2517394 : if (mem_ctx == NULL) {
1035 0 : return ldb_module_oom(module);
1036 : }
1037 :
1038 2517394 : if (req) {
1039 823583 : control_permissive = ldb_request_get_control(req,
1040 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
1041 : }
1042 :
1043 2517394 : msg2 = ldb_msg_new(mem_ctx);
1044 2517394 : if (msg2 == NULL) {
1045 0 : ret = LDB_ERR_OTHER;
1046 0 : goto done;
1047 : }
1048 :
1049 2517394 : ret = ldb_kv_search_dn1(module, msg->dn, msg2, 0);
1050 2517394 : if (ret != LDB_SUCCESS) {
1051 2579 : goto done;
1052 : }
1053 :
1054 9276982 : for (i=0; i<msg->num_elements; i++) {
1055 6762740 : struct ldb_message_element *el = &msg->elements[i], *el2;
1056 : struct ldb_val *vals;
1057 6762740 : const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
1058 : const char *dn;
1059 6762740 : uint32_t options = 0;
1060 6762740 : if (control_permissive != NULL) {
1061 1552 : options |= LDB_MSG_FIND_COMMON_REMOVE_DUPLICATES;
1062 : }
1063 :
1064 6762740 : switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
1065 152742 : case LDB_FLAG_MOD_ADD:
1066 :
1067 152742 : if (el->num_values == 0) {
1068 26 : ldb_asprintf_errstring(ldb,
1069 : "attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
1070 : el->name, ldb_dn_get_linearized(msg2->dn));
1071 26 : ret = LDB_ERR_CONSTRAINT_VIOLATION;
1072 26 : goto done;
1073 : }
1074 :
1075 : /* make a copy of the array so that a permissive
1076 : * control can remove duplicates without changing the
1077 : * original values, but do not copy data as we do not
1078 : * need to keep it around once the operation is
1079 : * finished */
1080 152716 : if (control_permissive) {
1081 6 : el = talloc(msg2, struct ldb_message_element);
1082 6 : if (!el) {
1083 0 : ret = LDB_ERR_OTHER;
1084 0 : goto done;
1085 : }
1086 6 : *el = msg->elements[i];
1087 6 : el->values = talloc_array(el, struct ldb_val, el->num_values);
1088 6 : if (el->values == NULL) {
1089 0 : ret = LDB_ERR_OTHER;
1090 0 : goto done;
1091 : }
1092 31 : for (j = 0; j < el->num_values; j++) {
1093 25 : el->values[j] = msg->elements[i].values[j];
1094 : }
1095 : }
1096 :
1097 152716 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1098 9 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1099 : el->name, ldb_dn_get_linearized(msg2->dn));
1100 9 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1101 9 : goto done;
1102 : }
1103 :
1104 : /* Checks if element already exists */
1105 152707 : idx = ldb_kv_find_element(msg2, el->name);
1106 152707 : if (idx == -1) {
1107 139737 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1108 0 : ret = LDB_ERR_OTHER;
1109 0 : goto done;
1110 : }
1111 139737 : ret = ldb_kv_index_add_element(
1112 : module, ldb_kv, msg2, el);
1113 139737 : if (ret != LDB_SUCCESS) {
1114 0 : goto done;
1115 : }
1116 : } else {
1117 12970 : j = (unsigned int) idx;
1118 12970 : el2 = &(msg2->elements[j]);
1119 :
1120 : /* We cannot add another value on a existing one
1121 : if the attribute is single-valued */
1122 12970 : if (ldb_kv_single_valued(a, el)) {
1123 42 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1124 : el->name, ldb_dn_get_linearized(msg2->dn));
1125 42 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1126 42 : goto done;
1127 : }
1128 :
1129 : /* Check that values don't exist yet on multi-
1130 : valued attributes or aren't provided twice */
1131 12928 : if (!(el->flags &
1132 : LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1133 3417 : struct ldb_val *duplicate = NULL;
1134 3417 : ret = ldb_msg_find_common_values(ldb,
1135 : msg2,
1136 : el,
1137 : el2,
1138 : options);
1139 :
1140 3417 : if (ret ==
1141 : LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
1142 4 : ldb_asprintf_errstring(ldb,
1143 : "attribute '%s': value "
1144 : "#%u on '%s' already "
1145 : "exists", el->name, j,
1146 : ldb_dn_get_linearized(msg2->dn));
1147 4 : goto done;
1148 3413 : } else if (ret != LDB_SUCCESS) {
1149 0 : goto done;
1150 : }
1151 :
1152 3413 : ret = ldb_msg_find_duplicate_val(
1153 : ldb, msg2, el, &duplicate, 0);
1154 3413 : if (ret != LDB_SUCCESS) {
1155 0 : goto done;
1156 : }
1157 3413 : if (duplicate != NULL) {
1158 0 : ldb_asprintf_errstring(
1159 : ldb,
1160 : "attribute '%s': value "
1161 : "'%.*s' on '%s' "
1162 : "provided more than "
1163 : "once in ADD",
1164 : el->name,
1165 0 : (int)duplicate->length,
1166 0 : duplicate->data,
1167 0 : ldb_dn_get_linearized(msg->dn));
1168 0 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1169 0 : goto done;
1170 : }
1171 : }
1172 :
1173 : /* Now combine existing and new values to a new
1174 : attribute record */
1175 12924 : vals = talloc_realloc(msg2->elements,
1176 : el2->values, struct ldb_val,
1177 : el2->num_values + el->num_values);
1178 12924 : if (vals == NULL) {
1179 0 : ldb_oom(ldb);
1180 0 : ret = LDB_ERR_OTHER;
1181 0 : goto done;
1182 : }
1183 :
1184 26739 : for (j=0; j<el->num_values; j++) {
1185 13815 : vals[el2->num_values + j] =
1186 13815 : ldb_val_dup(vals, &el->values[j]);
1187 : }
1188 :
1189 12924 : el2->values = vals;
1190 12924 : el2->num_values += el->num_values;
1191 :
1192 12924 : ret = ldb_kv_index_add_element(
1193 : module, ldb_kv, msg2, el);
1194 12924 : if (ret != LDB_SUCCESS) {
1195 0 : goto done;
1196 : }
1197 : }
1198 :
1199 152661 : break;
1200 :
1201 6121147 : case LDB_FLAG_MOD_REPLACE:
1202 :
1203 6121147 : if (el->num_values > 1 && ldb_kv_single_valued(a, el)) {
1204 36 : ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
1205 : el->name, ldb_dn_get_linearized(msg2->dn));
1206 36 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1207 36 : goto done;
1208 : }
1209 :
1210 : /*
1211 : * We don't need to check this if we have been
1212 : * pre-screened by the repl_meta_data module
1213 : * in Samba, or someone else who can claim to
1214 : * know what they are doing.
1215 : */
1216 6121111 : if (!(el->flags & LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK)) {
1217 6091593 : struct ldb_val *duplicate = NULL;
1218 :
1219 6091593 : ret = ldb_msg_find_duplicate_val(ldb, msg2, el,
1220 : &duplicate, 0);
1221 6091593 : if (ret != LDB_SUCCESS) {
1222 1 : goto done;
1223 : }
1224 6091593 : if (duplicate != NULL) {
1225 3 : ldb_asprintf_errstring(
1226 : ldb,
1227 : "attribute '%s': value '%.*s' "
1228 : "on '%s' provided more than "
1229 : "once in REPLACE",
1230 : el->name,
1231 1 : (int)duplicate->length,
1232 1 : duplicate->data,
1233 : ldb_dn_get_linearized(msg2->dn));
1234 1 : ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
1235 1 : goto done;
1236 : }
1237 : }
1238 :
1239 : /* Checks if element already exists */
1240 6121110 : idx = ldb_kv_find_element(msg2, el->name);
1241 6121110 : if (idx != -1) {
1242 5794858 : j = (unsigned int) idx;
1243 5794858 : el2 = &(msg2->elements[j]);
1244 :
1245 : /* we consider two elements to be
1246 : * equal only if the order
1247 : * matches. This allows dbcheck to
1248 : * fix the ordering on attributes
1249 : * where order matters, such as
1250 : * objectClass
1251 : */
1252 5794858 : if (ldb_msg_element_equal_ordered(el, el2)) {
1253 2933228 : continue;
1254 : }
1255 :
1256 : /* Delete the attribute if it exists in the DB */
1257 2861630 : if (ldb_kv_msg_delete_attribute(
1258 : module, ldb_kv, msg2, el->name) != 0) {
1259 0 : ret = LDB_ERR_OTHER;
1260 0 : goto done;
1261 : }
1262 : }
1263 :
1264 : /* Recreate it with the new values */
1265 3187882 : if (ldb_kv_msg_add_element(msg2, el) != 0) {
1266 0 : ret = LDB_ERR_OTHER;
1267 0 : goto done;
1268 : }
1269 :
1270 2679747 : ret =
1271 508135 : ldb_kv_index_add_element(module, ldb_kv, msg2, el);
1272 3187882 : if (ret != LDB_SUCCESS) {
1273 0 : goto done;
1274 : }
1275 :
1276 3187882 : break;
1277 :
1278 488851 : case LDB_FLAG_MOD_DELETE:
1279 488851 : dn = ldb_dn_get_linearized(msg2->dn);
1280 488851 : if (dn == NULL) {
1281 0 : ret = LDB_ERR_OTHER;
1282 0 : goto done;
1283 : }
1284 :
1285 488851 : if (msg->elements[i].num_values == 0) {
1286 : /* Delete the whole attribute */
1287 348714 : ret = ldb_kv_msg_delete_attribute(
1288 : module,
1289 : ldb_kv,
1290 : msg2,
1291 348714 : msg->elements[i].name);
1292 348714 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1293 : control_permissive) {
1294 0 : ret = LDB_SUCCESS;
1295 : } else {
1296 348714 : ldb_asprintf_errstring(ldb,
1297 : "attribute '%s': no such attribute for delete on '%s'",
1298 348714 : msg->elements[i].name, dn);
1299 : }
1300 348714 : if (ret != LDB_SUCCESS) {
1301 8 : goto done;
1302 : }
1303 : } else {
1304 : /* Delete specified values from an attribute */
1305 279849 : for (j=0; j < msg->elements[i].num_values; j++) {
1306 140159 : ret = ldb_kv_msg_delete_element(
1307 : module,
1308 : ldb_kv,
1309 : msg2,
1310 140159 : msg->elements[i].name,
1311 140159 : &msg->elements[i].values[j]);
1312 140159 : if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
1313 : control_permissive) {
1314 0 : ret = LDB_SUCCESS;
1315 140159 : } else if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
1316 447 : ldb_asprintf_errstring(ldb,
1317 : "attribute '%s': no matching attribute value while deleting attribute on '%s'",
1318 447 : msg->elements[i].name, dn);
1319 : }
1320 140159 : if (ret != LDB_SUCCESS) {
1321 447 : goto done;
1322 : }
1323 : }
1324 : }
1325 488396 : break;
1326 0 : default:
1327 0 : ldb_asprintf_errstring(ldb,
1328 : "attribute '%s': invalid modify flags on '%s': 0x%x",
1329 0 : msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
1330 0 : msg->elements[i].flags & LDB_FLAG_MOD_MASK);
1331 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1332 0 : goto done;
1333 : }
1334 : }
1335 :
1336 2514242 : ret = ldb_kv_store(module, msg2, TDB_MODIFY);
1337 2514242 : if (ret != LDB_SUCCESS) {
1338 0 : goto done;
1339 : }
1340 :
1341 2514242 : ret = ldb_kv_modified(module, msg2->dn);
1342 2514242 : if (ret != LDB_SUCCESS) {
1343 0 : goto done;
1344 : }
1345 :
1346 4650432 : done:
1347 2517394 : TALLOC_FREE(mem_ctx);
1348 : /*
1349 : * To allow testing of the error recovery code in ldb_kv_modify
1350 : * cmocka tests can define CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1351 : * to inject failures at this point.
1352 : */
1353 : #ifdef CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1354 : CMOCKA_UNIT_TEST_MODIFY_INTERNAL_FAIL
1355 : #endif
1356 2517394 : return ret;
1357 : }
1358 :
1359 : /*
1360 : modify a record
1361 : */
1362 823583 : static int ldb_kv_modify(struct ldb_kv_context *ctx)
1363 : {
1364 823583 : struct ldb_module *module = ctx->module;
1365 823583 : struct ldb_request *req = ctx->req;
1366 823583 : void *data = ldb_module_get_private(module);
1367 679045 : struct ldb_kv_private *ldb_kv =
1368 144538 : talloc_get_type(data, struct ldb_kv_private);
1369 823583 : int ret = LDB_SUCCESS;
1370 :
1371 823583 : ret = ldb_kv_check_special_dn(module, req->op.mod.message);
1372 823583 : if (ret != LDB_SUCCESS) {
1373 0 : return ret;
1374 : }
1375 :
1376 823583 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1377 :
1378 823583 : if (ldb_kv_cache_load(module) != 0) {
1379 0 : return LDB_ERR_OPERATIONS_ERROR;
1380 : }
1381 :
1382 823583 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1383 823583 : if (ret != LDB_SUCCESS) {
1384 0 : return ret;
1385 : }
1386 823583 : ret = ldb_kv_modify_internal(module, req->op.mod.message, req);
1387 823583 : if (ret != LDB_SUCCESS) {
1388 3152 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1389 3152 : if (r != LDB_SUCCESS) {
1390 0 : ldb_debug(
1391 : ldb_module_get_ctx(module),
1392 : LDB_DEBUG_FATAL,
1393 : __location__
1394 : ": Unable to roll back sub transaction");
1395 : }
1396 3152 : if (ret != LDB_ERR_NO_SUCH_OBJECT) {
1397 573 : ldb_kv->operation_failed = true;
1398 : }
1399 3152 : return ret;
1400 : }
1401 820431 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1402 :
1403 :
1404 820431 : return ret;
1405 : }
1406 :
1407 56051 : static int ldb_kv_rename_internal(struct ldb_module *module,
1408 : struct ldb_request *req,
1409 : struct ldb_message *msg)
1410 : {
1411 56051 : void *data = ldb_module_get_private(module);
1412 46948 : struct ldb_kv_private *ldb_kv =
1413 9103 : talloc_get_type(data, struct ldb_kv_private);
1414 56051 : int ret = LDB_SUCCESS;
1415 :
1416 : /* Always delete first then add, to avoid conflicts with
1417 : * unique indexes. We rely on the transaction to make this
1418 : * atomic
1419 : */
1420 56051 : ret = ldb_kv_delete_internal(module, msg->dn);
1421 56051 : if (ret != LDB_SUCCESS) {
1422 0 : return ret;
1423 : }
1424 :
1425 56051 : msg->dn = ldb_dn_copy(msg, req->op.rename.newdn);
1426 56051 : if (msg->dn == NULL) {
1427 0 : return LDB_ERR_OPERATIONS_ERROR;
1428 : }
1429 :
1430 : /* We don't check single value as we can have more than 1 with
1431 : * deleted attributes. We could go through all elements but that's
1432 : * maybe not the most efficient way
1433 : */
1434 56051 : ret = ldb_kv_add_internal(module, ldb_kv, msg, false);
1435 :
1436 : /*
1437 : * To allow testing of the error recovery code in ldb_kv_rename
1438 : * cmocka tests can define CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1439 : * to inject failures at this point.
1440 : */
1441 : #ifdef CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1442 : CMOCKA_UNIT_TEST_RENAME_INTERNAL_FAIL
1443 : #endif
1444 56051 : return ret;
1445 : }
1446 :
1447 : /*
1448 : rename a record
1449 : */
1450 56139 : static int ldb_kv_rename(struct ldb_kv_context *ctx)
1451 : {
1452 56139 : struct ldb_module *module = ctx->module;
1453 56139 : void *data = ldb_module_get_private(module);
1454 47036 : struct ldb_kv_private *ldb_kv =
1455 9103 : talloc_get_type(data, struct ldb_kv_private);
1456 56139 : struct ldb_request *req = ctx->req;
1457 : struct ldb_message *msg;
1458 56139 : int ret = LDB_SUCCESS;
1459 : struct ldb_val key, key_old;
1460 : struct ldb_dn *db_dn;
1461 56139 : bool valid_dn = false;
1462 :
1463 56139 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1464 :
1465 56139 : if (ldb_kv_cache_load(ctx->module) != 0) {
1466 0 : return LDB_ERR_OPERATIONS_ERROR;
1467 : }
1468 :
1469 56139 : msg = ldb_msg_new(ctx);
1470 56139 : if (msg == NULL) {
1471 0 : return LDB_ERR_OPERATIONS_ERROR;
1472 : }
1473 :
1474 : /* Check the new DN is reasonable */
1475 56139 : valid_dn = ldb_dn_validate(req->op.rename.newdn);
1476 56139 : if (valid_dn == false) {
1477 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1478 : "Invalid New DN: %s",
1479 : ldb_dn_get_linearized(req->op.rename.newdn));
1480 0 : return LDB_ERR_INVALID_DN_SYNTAX;
1481 : }
1482 :
1483 : /* we need to fetch the old record to re-add under the new name */
1484 56139 : ret = ldb_kv_search_dn1(module, req->op.rename.olddn, msg, 0);
1485 56139 : if (ret == LDB_ERR_INVALID_DN_SYNTAX) {
1486 0 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1487 : "Invalid Old DN: %s",
1488 : ldb_dn_get_linearized(req->op.rename.newdn));
1489 0 : return ret;
1490 56139 : } else if (ret != LDB_SUCCESS) {
1491 : /* not finding the old record is an error */
1492 36 : return ret;
1493 : }
1494 :
1495 : /* We need to, before changing the DB, check if the new DN
1496 : * exists, so we can return this error to the caller with an
1497 : * unmodified DB
1498 : *
1499 : * Even in GUID index mode we use ltdb_key_dn() as we are
1500 : * trying to figure out if this is just a case rename
1501 : */
1502 56103 : key = ldb_kv_key_dn(msg, req->op.rename.newdn);
1503 56103 : if (!key.data) {
1504 0 : talloc_free(msg);
1505 0 : return LDB_ERR_OPERATIONS_ERROR;
1506 : }
1507 :
1508 56103 : key_old = ldb_kv_key_dn(msg, req->op.rename.olddn);
1509 56103 : if (!key_old.data) {
1510 0 : talloc_free(msg);
1511 0 : talloc_free(key.data);
1512 0 : return LDB_ERR_OPERATIONS_ERROR;
1513 : }
1514 :
1515 : /*
1516 : * Only declare a conflict if the new DN already exists,
1517 : * and it isn't a case change on the old DN
1518 : */
1519 56103 : if (key_old.length != key.length
1520 306 : || memcmp(key.data, key_old.data, key.length) != 0) {
1521 56060 : ret = ldb_kv_search_base(
1522 : module, msg, req->op.rename.newdn, &db_dn);
1523 56060 : if (ret == LDB_SUCCESS) {
1524 52 : ret = LDB_ERR_ENTRY_ALREADY_EXISTS;
1525 56008 : } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
1526 56008 : ret = LDB_SUCCESS;
1527 : }
1528 : }
1529 :
1530 : /* finding the new record already in the DB is an error */
1531 :
1532 56103 : if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
1533 52 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1534 : "Entry %s already exists",
1535 : ldb_dn_get_linearized(req->op.rename.newdn));
1536 : }
1537 56103 : if (ret != LDB_SUCCESS) {
1538 52 : talloc_free(key_old.data);
1539 52 : talloc_free(key.data);
1540 52 : talloc_free(msg);
1541 52 : return ret;
1542 : }
1543 :
1544 56051 : talloc_free(key_old.data);
1545 56051 : talloc_free(key.data);
1546 :
1547 :
1548 56051 : ret = ldb_kv_sub_transaction_start(ldb_kv);
1549 56051 : if (ret != LDB_SUCCESS) {
1550 0 : talloc_free(msg);
1551 0 : return ret;
1552 : }
1553 56051 : ret = ldb_kv_rename_internal(module, req, msg);
1554 56051 : if (ret != LDB_SUCCESS) {
1555 0 : int r = ldb_kv_sub_transaction_cancel(ldb_kv);
1556 0 : if (r != LDB_SUCCESS) {
1557 0 : ldb_debug(
1558 : ldb_module_get_ctx(module),
1559 : LDB_DEBUG_FATAL,
1560 : __location__
1561 : ": Unable to roll back sub transaction");
1562 : }
1563 0 : talloc_free(msg);
1564 0 : ldb_kv->operation_failed = true;
1565 0 : return ret;
1566 : }
1567 56051 : ret = ldb_kv_sub_transaction_commit(ldb_kv);
1568 56051 : talloc_free(msg);
1569 :
1570 56051 : return ret;
1571 : }
1572 :
1573 1536382 : static int ldb_kv_start_trans(struct ldb_module *module)
1574 : {
1575 1536382 : void *data = ldb_module_get_private(module);
1576 1216414 : struct ldb_kv_private *ldb_kv =
1577 319968 : talloc_get_type(data, struct ldb_kv_private);
1578 :
1579 1536382 : pid_t pid = getpid();
1580 :
1581 1536382 : if (ldb_kv->pid != pid) {
1582 2 : ldb_asprintf_errstring(ldb_module_get_ctx(ldb_kv->module),
1583 : __location__
1584 : ": Reusing ldb opend by pid %d in "
1585 : "process %d\n",
1586 : ldb_kv->pid,
1587 : pid);
1588 2 : return LDB_ERR_PROTOCOL_ERROR;
1589 : }
1590 :
1591 : /* Do not take out the transaction lock on a read-only DB */
1592 1536380 : if (ldb_kv->read_only) {
1593 20 : return LDB_ERR_UNWILLING_TO_PERFORM;
1594 : }
1595 :
1596 1536360 : if (ldb_kv->kv_ops->begin_write(ldb_kv) != 0) {
1597 0 : return ldb_kv->kv_ops->error(ldb_kv);
1598 : }
1599 :
1600 1536360 : ldb_kv_index_transaction_start(
1601 : module,
1602 : ldb_kv->index_transaction_cache_size);
1603 :
1604 1536360 : ldb_kv->reindex_failed = false;
1605 1536360 : ldb_kv->operation_failed = false;
1606 :
1607 1536360 : return LDB_SUCCESS;
1608 : }
1609 :
1610 : /*
1611 : * Forward declaration to allow prepare_commit to in fact abort the
1612 : * transaction
1613 : */
1614 : static int ldb_kv_del_trans(struct ldb_module *module);
1615 :
1616 1347600 : static int ldb_kv_prepare_commit(struct ldb_module *module)
1617 : {
1618 : int ret;
1619 1347600 : void *data = ldb_module_get_private(module);
1620 1092761 : struct ldb_kv_private *ldb_kv =
1621 254839 : talloc_get_type(data, struct ldb_kv_private);
1622 1347600 : pid_t pid = getpid();
1623 :
1624 1347600 : if (ldb_kv->pid != pid) {
1625 2 : ldb_asprintf_errstring(ldb_module_get_ctx(module),
1626 : __location__
1627 : ": Reusing ldb opend by pid %d in "
1628 : "process %d\n",
1629 : ldb_kv->pid,
1630 : pid);
1631 2 : return LDB_ERR_PROTOCOL_ERROR;
1632 : }
1633 :
1634 1347598 : if (!ldb_kv->kv_ops->transaction_active(ldb_kv)) {
1635 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1636 : "ltdb_prepare_commit() called "
1637 : "without transaction active");
1638 0 : return LDB_ERR_OPERATIONS_ERROR;
1639 : }
1640 :
1641 : /*
1642 : * Check if the last re-index failed.
1643 : *
1644 : * This can happen if for example a duplicate value was marked
1645 : * unique. We must not write a partial re-index into the DB.
1646 : */
1647 1347598 : if (ldb_kv->reindex_failed) {
1648 : /*
1649 : * We must instead abort the transaction so we get the
1650 : * old values and old index back
1651 : */
1652 5 : ldb_kv_del_trans(module);
1653 5 : ldb_set_errstring(ldb_module_get_ctx(module),
1654 : "Failure during re-index, so "
1655 : "transaction must be aborted.");
1656 5 : return LDB_ERR_OPERATIONS_ERROR;
1657 : }
1658 :
1659 1347593 : ret = ldb_kv_index_transaction_commit(module);
1660 1347593 : if (ret != LDB_SUCCESS) {
1661 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1662 0 : return ret;
1663 : }
1664 :
1665 : /*
1666 : * If GUID indexing was toggled in this transaction, we repack at
1667 : * format version 2 if GUID indexing was enabled, or version 1 if
1668 : * it was disabled.
1669 : */
1670 1347593 : ret = ldb_kv_maybe_repack(ldb_kv);
1671 1347593 : if (ret != LDB_SUCCESS) {
1672 0 : ldb_kv_del_trans(module);
1673 0 : ldb_set_errstring(ldb_module_get_ctx(module),
1674 : "Failure during re-pack, so "
1675 : "transaction must be aborted.");
1676 0 : return ret;
1677 : }
1678 :
1679 1347593 : if (ldb_kv->kv_ops->prepare_write(ldb_kv) != 0) {
1680 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1681 0 : ldb_debug_set(ldb_module_get_ctx(module),
1682 : LDB_DEBUG_FATAL,
1683 : "Failure during "
1684 : "prepare_write): %s -> %s",
1685 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1686 : ldb_strerror(ret));
1687 0 : return ret;
1688 : }
1689 :
1690 1347593 : ldb_kv->prepared_commit = true;
1691 :
1692 1347593 : return LDB_SUCCESS;
1693 : }
1694 :
1695 1347579 : static int ldb_kv_end_trans(struct ldb_module *module)
1696 : {
1697 : int ret;
1698 1347579 : void *data = ldb_module_get_private(module);
1699 1092740 : struct ldb_kv_private *ldb_kv =
1700 254839 : talloc_get_type(data, struct ldb_kv_private);
1701 :
1702 : /*
1703 : * If in batch mode and there has been an operation failure
1704 : * rollback the transaction rather than committing it to avoid
1705 : * any possible corruption
1706 : */
1707 1347579 : if (ldb_kv->batch_mode && ldb_kv->operation_failed) {
1708 2 : ret = ldb_kv_del_trans( module);
1709 2 : if (ret != LDB_SUCCESS) {
1710 0 : ldb_debug_set(ldb_module_get_ctx(module),
1711 : LDB_DEBUG_FATAL,
1712 : "An operation failed during a batch mode "
1713 : "transaction. The transaction could not"
1714 : "be rolled back, ldb_kv_del_trans "
1715 : "returned (%s, %s)",
1716 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1717 : ldb_strerror(ret));
1718 : } else {
1719 2 : ldb_debug_set(ldb_module_get_ctx(module),
1720 : LDB_DEBUG_FATAL,
1721 : "An operation failed during a batch mode "
1722 : "transaction, the transaction was "
1723 : "rolled back");
1724 : }
1725 2 : return LDB_ERR_OPERATIONS_ERROR;
1726 : }
1727 :
1728 1347577 : if (!ldb_kv->prepared_commit) {
1729 1620 : ret = ldb_kv_prepare_commit(module);
1730 1620 : if (ret != LDB_SUCCESS) {
1731 0 : return ret;
1732 : }
1733 : }
1734 :
1735 1347577 : ldb_kv->prepared_commit = false;
1736 :
1737 1347577 : if (ldb_kv->kv_ops->finish_write(ldb_kv) != 0) {
1738 0 : ret = ldb_kv->kv_ops->error(ldb_kv);
1739 0 : ldb_asprintf_errstring(
1740 : ldb_module_get_ctx(module),
1741 : "Failure during tdb_transaction_commit(): %s -> %s",
1742 0 : ldb_kv->kv_ops->errorstr(ldb_kv),
1743 : ldb_strerror(ret));
1744 0 : return ret;
1745 : }
1746 :
1747 1347577 : return LDB_SUCCESS;
1748 : }
1749 :
1750 188766 : static int ldb_kv_del_trans(struct ldb_module *module)
1751 : {
1752 188766 : void *data = ldb_module_get_private(module);
1753 123637 : struct ldb_kv_private *ldb_kv =
1754 65129 : talloc_get_type(data, struct ldb_kv_private);
1755 :
1756 188766 : if (ldb_kv_index_transaction_cancel(module) != 0) {
1757 0 : ldb_kv->kv_ops->abort_write(ldb_kv);
1758 0 : return ldb_kv->kv_ops->error(ldb_kv);
1759 : }
1760 :
1761 188766 : ldb_kv->kv_ops->abort_write(ldb_kv);
1762 188766 : return LDB_SUCCESS;
1763 : }
1764 :
1765 : /*
1766 : return sequenceNumber from @BASEINFO
1767 : */
1768 11645723 : static int ldb_kv_sequence_number(struct ldb_kv_context *ctx,
1769 : struct ldb_extended **ext)
1770 : {
1771 : struct ldb_context *ldb;
1772 11645723 : struct ldb_module *module = ctx->module;
1773 11645723 : struct ldb_request *req = ctx->req;
1774 11645723 : void *data = ldb_module_get_private(module);
1775 10381415 : struct ldb_kv_private *ldb_kv =
1776 1264308 : talloc_get_type(data, struct ldb_kv_private);
1777 11645723 : TALLOC_CTX *tmp_ctx = NULL;
1778 : struct ldb_seqnum_request *seq;
1779 : struct ldb_seqnum_result *res;
1780 11645723 : struct ldb_message *msg = NULL;
1781 : struct ldb_dn *dn;
1782 : const char *date;
1783 11645723 : int ret = LDB_SUCCESS;
1784 :
1785 11645723 : ldb = ldb_module_get_ctx(module);
1786 :
1787 11645723 : seq = talloc_get_type(req->op.extended.data,
1788 : struct ldb_seqnum_request);
1789 11645723 : if (seq == NULL) {
1790 0 : return LDB_ERR_OPERATIONS_ERROR;
1791 : }
1792 :
1793 11645723 : ldb_request_set_state(req, LDB_ASYNC_PENDING);
1794 :
1795 11645723 : if (ldb_kv->kv_ops->lock_read(module) != 0) {
1796 0 : return LDB_ERR_OPERATIONS_ERROR;
1797 : }
1798 :
1799 11645723 : res = talloc_zero(req, struct ldb_seqnum_result);
1800 11645723 : if (res == NULL) {
1801 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1802 0 : goto done;
1803 : }
1804 :
1805 11645723 : tmp_ctx = talloc_new(req);
1806 11645723 : if (tmp_ctx == NULL) {
1807 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1808 0 : goto done;
1809 : }
1810 :
1811 11645723 : dn = ldb_dn_new(tmp_ctx, ldb, LDB_KV_BASEINFO);
1812 11645723 : if (dn == NULL) {
1813 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1814 0 : goto done;
1815 : }
1816 :
1817 11645723 : msg = ldb_msg_new(tmp_ctx);
1818 11645723 : if (msg == NULL) {
1819 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1820 0 : goto done;
1821 : }
1822 :
1823 11645723 : ret = ldb_kv_search_dn1(module, dn, msg, 0);
1824 11645723 : if (ret != LDB_SUCCESS) {
1825 0 : goto done;
1826 : }
1827 :
1828 11645723 : switch (seq->type) {
1829 11642428 : case LDB_SEQ_HIGHEST_SEQ:
1830 11642428 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1831 11642428 : break;
1832 3295 : case LDB_SEQ_NEXT:
1833 3295 : res->seq_num = ldb_msg_find_attr_as_uint64(msg, LDB_KV_SEQUENCE_NUMBER, 0);
1834 3295 : res->seq_num++;
1835 3295 : break;
1836 0 : case LDB_SEQ_HIGHEST_TIMESTAMP:
1837 0 : date = ldb_msg_find_attr_as_string(msg, LDB_KV_MOD_TIMESTAMP, NULL);
1838 0 : if (date) {
1839 0 : res->seq_num = ldb_string_to_time(date);
1840 : } else {
1841 0 : res->seq_num = 0;
1842 : /* zero is as good as anything when we don't know */
1843 : }
1844 0 : break;
1845 : }
1846 :
1847 11645723 : *ext = talloc_zero(req, struct ldb_extended);
1848 11645723 : if (*ext == NULL) {
1849 0 : ret = LDB_ERR_OPERATIONS_ERROR;
1850 0 : goto done;
1851 : }
1852 11645723 : (*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
1853 11645723 : (*ext)->data = talloc_steal(*ext, res);
1854 :
1855 11645723 : done:
1856 11645723 : talloc_free(tmp_ctx);
1857 :
1858 11645723 : ldb_kv->kv_ops->unlock_read(module);
1859 11645723 : return ret;
1860 : }
1861 :
1862 84723572 : static void ldb_kv_request_done(struct ldb_kv_context *ctx, int error)
1863 : {
1864 : struct ldb_context *ldb;
1865 : struct ldb_request *req;
1866 : struct ldb_reply *ares;
1867 :
1868 84723572 : ldb = ldb_module_get_ctx(ctx->module);
1869 84723572 : req = ctx->req;
1870 :
1871 : /* if we already returned an error just return */
1872 84723572 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1873 0 : return;
1874 : }
1875 :
1876 84723572 : ares = talloc_zero(req, struct ldb_reply);
1877 84723572 : if (!ares) {
1878 0 : ldb_oom(ldb);
1879 0 : req->callback(req, NULL);
1880 0 : return;
1881 : }
1882 84723572 : ares->type = LDB_REPLY_DONE;
1883 84723572 : ares->error = error;
1884 :
1885 84723572 : req->callback(req, ares);
1886 : }
1887 :
1888 0 : static void ldb_kv_timeout(_UNUSED_ struct tevent_context *ev,
1889 : _UNUSED_ struct tevent_timer *te,
1890 : _UNUSED_ struct timeval t,
1891 : void *private_data)
1892 : {
1893 : struct ldb_kv_context *ctx;
1894 0 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1895 :
1896 0 : if (!ctx->request_terminated) {
1897 : /* request is done now */
1898 0 : ldb_kv_request_done(ctx, LDB_ERR_TIME_LIMIT_EXCEEDED);
1899 : }
1900 :
1901 0 : if (ctx->spy) {
1902 : /* neutralize the spy */
1903 0 : ctx->spy->ctx = NULL;
1904 0 : ctx->spy = NULL;
1905 : }
1906 0 : talloc_free(ctx);
1907 0 : }
1908 :
1909 11645723 : static void ldb_kv_request_extended_done(struct ldb_kv_context *ctx,
1910 : struct ldb_extended *ext,
1911 : int error)
1912 : {
1913 : struct ldb_context *ldb;
1914 : struct ldb_request *req;
1915 : struct ldb_reply *ares;
1916 :
1917 11645723 : ldb = ldb_module_get_ctx(ctx->module);
1918 11645723 : req = ctx->req;
1919 :
1920 : /* if we already returned an error just return */
1921 11645723 : if (ldb_request_get_status(req) != LDB_SUCCESS) {
1922 0 : return;
1923 : }
1924 :
1925 11645723 : ares = talloc_zero(req, struct ldb_reply);
1926 11645723 : if (!ares) {
1927 0 : ldb_oom(ldb);
1928 0 : req->callback(req, NULL);
1929 0 : return;
1930 : }
1931 11645723 : ares->type = LDB_REPLY_DONE;
1932 11645723 : ares->response = ext;
1933 11645723 : ares->error = error;
1934 :
1935 11645723 : req->callback(req, ares);
1936 : }
1937 :
1938 11645723 : static void ldb_kv_handle_extended(struct ldb_kv_context *ctx)
1939 : {
1940 11645723 : struct ldb_extended *ext = NULL;
1941 : int ret;
1942 :
1943 11645723 : if (strcmp(ctx->req->op.extended.oid,
1944 : LDB_EXTENDED_SEQUENCE_NUMBER) == 0) {
1945 : /* get sequence number */
1946 11645723 : ret = ldb_kv_sequence_number(ctx, &ext);
1947 : } else {
1948 : /* not recognized */
1949 0 : ret = LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
1950 : }
1951 :
1952 11645723 : ldb_kv_request_extended_done(ctx, ext, ret);
1953 11645723 : }
1954 :
1955 96406595 : static void ldb_kv_callback(struct tevent_context *ev,
1956 : struct tevent_timer *te,
1957 : struct timeval t,
1958 : void *private_data)
1959 : {
1960 : struct ldb_kv_context *ctx;
1961 : int ret;
1962 :
1963 96406595 : ctx = talloc_get_type(private_data, struct ldb_kv_context);
1964 :
1965 96406595 : if (ctx->request_terminated) {
1966 0 : goto done;
1967 : }
1968 :
1969 96406595 : switch (ctx->req->operation) {
1970 83112902 : case LDB_SEARCH:
1971 83112902 : ret = ldb_kv_search(ctx);
1972 83112892 : break;
1973 757702 : case LDB_ADD:
1974 757702 : ret = ldb_kv_add(ctx);
1975 757702 : break;
1976 823583 : case LDB_MODIFY:
1977 823583 : ret = ldb_kv_modify(ctx);
1978 823583 : break;
1979 10546 : case LDB_DELETE:
1980 10546 : ret = ldb_kv_delete(ctx);
1981 10546 : break;
1982 56139 : case LDB_RENAME:
1983 56139 : ret = ldb_kv_rename(ctx);
1984 56139 : break;
1985 11645723 : case LDB_EXTENDED:
1986 11645723 : ldb_kv_handle_extended(ctx);
1987 11645723 : goto done;
1988 0 : default:
1989 : /* no other op supported */
1990 0 : ret = LDB_ERR_PROTOCOL_ERROR;
1991 : }
1992 :
1993 84760862 : if (!ctx->request_terminated) {
1994 : /* request is done now */
1995 84723572 : ldb_kv_request_done(ctx, ret);
1996 : }
1997 :
1998 83416617 : done:
1999 96406583 : if (ctx->spy) {
2000 : /* neutralize the spy */
2001 96392163 : ctx->spy->ctx = NULL;
2002 96392163 : ctx->spy = NULL;
2003 : }
2004 96406583 : talloc_free(ctx);
2005 96406583 : }
2006 :
2007 96406603 : static int ldb_kv_request_destructor(void *ptr)
2008 : {
2009 83379347 : struct ldb_kv_req_spy *spy =
2010 13027256 : talloc_get_type(ptr, struct ldb_kv_req_spy);
2011 :
2012 96406603 : if (spy->ctx != NULL) {
2013 14440 : spy->ctx->spy = NULL;
2014 14440 : spy->ctx->request_terminated = true;
2015 14440 : spy->ctx = NULL;
2016 : }
2017 :
2018 96406603 : return 0;
2019 : }
2020 :
2021 96406660 : static int ldb_kv_handle_request(struct ldb_module *module,
2022 : struct ldb_request *req)
2023 : {
2024 : struct ldb_control *control_permissive;
2025 : struct ldb_context *ldb;
2026 : struct tevent_context *ev;
2027 : struct ldb_kv_context *ac;
2028 : struct tevent_timer *te;
2029 : struct timeval tv;
2030 : unsigned int i;
2031 :
2032 96406660 : ldb = ldb_module_get_ctx(module);
2033 :
2034 96406660 : control_permissive = ldb_request_get_control(req,
2035 : LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2036 :
2037 342857338 : for (i = 0; req->controls && req->controls[i]; i++) {
2038 246450764 : if (req->controls[i]->critical &&
2039 43 : req->controls[i] != control_permissive) {
2040 43 : ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
2041 43 : req->controls[i]->oid);
2042 43 : return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
2043 : }
2044 : }
2045 :
2046 96406617 : if (req->starttime == 0 || req->timeout == 0) {
2047 0 : ldb_set_errstring(ldb, "Invalid timeout settings");
2048 0 : return LDB_ERR_TIME_LIMIT_EXCEEDED;
2049 : }
2050 :
2051 96406617 : ev = ldb_handle_get_event_context(req->handle);
2052 :
2053 96406617 : ac = talloc_zero(ldb, struct ldb_kv_context);
2054 96406617 : if (ac == NULL) {
2055 0 : ldb_oom(ldb);
2056 0 : return LDB_ERR_OPERATIONS_ERROR;
2057 : }
2058 :
2059 96406617 : ac->module = module;
2060 96406617 : ac->req = req;
2061 :
2062 96406617 : tv.tv_sec = 0;
2063 96406617 : tv.tv_usec = 0;
2064 96406617 : te = tevent_add_timer(ev, ac, tv, ldb_kv_callback, ac);
2065 96406617 : if (NULL == te) {
2066 0 : talloc_free(ac);
2067 0 : return LDB_ERR_OPERATIONS_ERROR;
2068 : }
2069 :
2070 96406617 : if (req->timeout > 0) {
2071 96406617 : tv.tv_sec = req->starttime + req->timeout;
2072 96406617 : tv.tv_usec = 0;
2073 96406617 : ac->timeout_event =
2074 96406617 : tevent_add_timer(ev, ac, tv, ldb_kv_timeout, ac);
2075 96406617 : if (NULL == ac->timeout_event) {
2076 0 : talloc_free(ac);
2077 0 : return LDB_ERR_OPERATIONS_ERROR;
2078 : }
2079 : }
2080 :
2081 96406617 : ac->timeout_timeval = tv;
2082 :
2083 : /* set a spy so that we do not try to use the request context
2084 : * if it is freed before ltdb_callback fires */
2085 96406617 : ac->spy = talloc(req, struct ldb_kv_req_spy);
2086 96406617 : if (NULL == ac->spy) {
2087 0 : talloc_free(ac);
2088 0 : return LDB_ERR_OPERATIONS_ERROR;
2089 : }
2090 96406617 : ac->spy->ctx = ac;
2091 :
2092 96406617 : talloc_set_destructor((TALLOC_CTX *)ac->spy, ldb_kv_request_destructor);
2093 :
2094 96406617 : return LDB_SUCCESS;
2095 : }
2096 :
2097 707061 : static int ldb_kv_init_rootdse(struct ldb_module *module)
2098 : {
2099 : /* ignore errors on this - we expect it for non-sam databases */
2100 707061 : ldb_mod_register_control(module, LDB_CONTROL_PERMISSIVE_MODIFY_OID);
2101 :
2102 : /* there can be no module beyond the backend, just return */
2103 707061 : return LDB_SUCCESS;
2104 : }
2105 :
2106 64442068 : static int ldb_kv_lock_read(struct ldb_module *module)
2107 : {
2108 64442068 : void *data = ldb_module_get_private(module);
2109 58144014 : struct ldb_kv_private *ldb_kv =
2110 6298054 : talloc_get_type(data, struct ldb_kv_private);
2111 64442068 : return ldb_kv->kv_ops->lock_read(module);
2112 : }
2113 :
2114 64442054 : static int ldb_kv_unlock_read(struct ldb_module *module)
2115 : {
2116 64442054 : void *data = ldb_module_get_private(module);
2117 58144000 : struct ldb_kv_private *ldb_kv =
2118 6298054 : talloc_get_type(data, struct ldb_kv_private);
2119 64442054 : return ldb_kv->kv_ops->unlock_read(module);
2120 : }
2121 :
2122 : static const struct ldb_module_ops ldb_kv_ops = {
2123 : .name = "tdb",
2124 : .init_context = ldb_kv_init_rootdse,
2125 : .search = ldb_kv_handle_request,
2126 : .add = ldb_kv_handle_request,
2127 : .modify = ldb_kv_handle_request,
2128 : .del = ldb_kv_handle_request,
2129 : .rename = ldb_kv_handle_request,
2130 : .extended = ldb_kv_handle_request,
2131 : .start_transaction = ldb_kv_start_trans,
2132 : .end_transaction = ldb_kv_end_trans,
2133 : .prepare_commit = ldb_kv_prepare_commit,
2134 : .del_transaction = ldb_kv_del_trans,
2135 : .read_lock = ldb_kv_lock_read,
2136 : .read_unlock = ldb_kv_unlock_read,
2137 : };
2138 :
2139 707186 : int ldb_kv_init_store(struct ldb_kv_private *ldb_kv,
2140 : const char *name,
2141 : struct ldb_context *ldb,
2142 : const char *options[],
2143 : struct ldb_module **_module)
2144 : {
2145 707186 : if (getenv("LDB_WARN_UNINDEXED")) {
2146 0 : ldb_kv->warn_unindexed = true;
2147 : }
2148 :
2149 707186 : if (getenv("LDB_WARN_REINDEX")) {
2150 0 : ldb_kv->warn_reindex = true;
2151 : }
2152 :
2153 707186 : ldb_kv->sequence_number = 0;
2154 :
2155 707186 : ldb_kv->pid = getpid();
2156 :
2157 707186 : ldb_kv->pack_format_override = 0;
2158 :
2159 707186 : ldb_kv->module = ldb_module_new(ldb, ldb, name, &ldb_kv_ops);
2160 707186 : if (!ldb_kv->module) {
2161 0 : ldb_oom(ldb);
2162 0 : talloc_free(ldb_kv);
2163 0 : return LDB_ERR_OPERATIONS_ERROR;
2164 : }
2165 707186 : ldb_module_set_private(ldb_kv->module, ldb_kv);
2166 707186 : talloc_steal(ldb_kv->module, ldb_kv);
2167 :
2168 707186 : if (ldb_kv_cache_load(ldb_kv->module) != 0) {
2169 0 : ldb_asprintf_errstring(ldb, "Unable to load ltdb cache "
2170 : "records for backend '%s'", name);
2171 0 : talloc_free(ldb_kv->module);
2172 0 : return LDB_ERR_OPERATIONS_ERROR;
2173 : }
2174 :
2175 707186 : *_module = ldb_kv->module;
2176 : /*
2177 : * Set or override the maximum key length
2178 : *
2179 : * The ldb_mdb code will have set this to 511, but our tests
2180 : * set this even smaller (to make the tests more practical).
2181 : *
2182 : * This must only be used for the selftest as the length
2183 : * becomes encoded in the index keys.
2184 : */
2185 : {
2186 539972 : const char *len_str =
2187 167214 : ldb_options_find(ldb, options,
2188 : "max_key_len_for_self_test");
2189 707186 : if (len_str != NULL) {
2190 16 : unsigned len = strtoul(len_str, NULL, 0);
2191 16 : ldb_kv->max_key_length = len;
2192 : }
2193 : }
2194 :
2195 : /*
2196 : * Usually the presence of GUID indexing determines the pack format
2197 : * we use but in certain circumstances such as downgrading an
2198 : * MDB-backed database, we want to override the target pack format.
2199 : *
2200 : * We set/get opaques here because in the Samba partitions module,
2201 : * 'options' are not passed correctly so sub-databases can't see
2202 : * the options they need.
2203 : */
2204 : {
2205 539972 : const char *pack_format_override =
2206 167214 : ldb_options_find(ldb, options, "pack_format_override");
2207 707186 : if (pack_format_override != NULL) {
2208 : int ret;
2209 0 : ldb_kv->pack_format_override =
2210 0 : strtoul(pack_format_override, NULL, 0);
2211 0 : ret = ldb_set_opaque(ldb,
2212 : "pack_format_override",
2213 0 : (void *)(intptr_t)ldb_kv->pack_format_override);
2214 0 : if (ret != LDB_SUCCESS) {
2215 0 : talloc_free(ldb_kv->module);
2216 0 : return ldb_module_operr(ldb_kv->module);
2217 : }
2218 : } else {
2219 : /*
2220 : * NULL -> 0 is fine, otherwise we get back
2221 : * the number we needed
2222 : */
2223 : ldb_kv->pack_format_override
2224 707186 : = (intptr_t)ldb_get_opaque(ldb,
2225 : "pack_format_override");
2226 : }
2227 : }
2228 :
2229 : /*
2230 : * Override full DB scans
2231 : *
2232 : * A full DB scan is expensive on a large database. This
2233 : * option is for testing to show that the full DB scan is not
2234 : * triggered.
2235 : */
2236 : {
2237 539972 : const char *len_str =
2238 167214 : ldb_options_find(ldb, options,
2239 : "disable_full_db_scan_for_self_test");
2240 707186 : if (len_str != NULL) {
2241 394 : ldb_kv->disable_full_db_scan = true;
2242 : }
2243 : }
2244 :
2245 : /*
2246 : * Set the size of the transaction index cache.
2247 : * If the ldb option "transaction_index_cache_size" is set use that
2248 : * otherwise use DEFAULT_INDEX_CACHE_SIZE
2249 : */
2250 707186 : ldb_kv->index_transaction_cache_size = DEFAULT_INDEX_CACHE_SIZE;
2251 : {
2252 707186 : const char *size = ldb_options_find(
2253 : ldb,
2254 : options,
2255 : "transaction_index_cache_size");
2256 707186 : if (size != NULL) {
2257 305 : size_t cache_size = 0;
2258 305 : errno = 0;
2259 :
2260 305 : cache_size = strtoul( size, NULL, 0);
2261 305 : if (cache_size == 0 || errno == ERANGE) {
2262 2 : ldb_debug(
2263 : ldb,
2264 : LDB_DEBUG_WARNING,
2265 : "Invalid transaction_index_cache_size "
2266 : "value [%s], using default(%d)\n",
2267 : size,
2268 : DEFAULT_INDEX_CACHE_SIZE);
2269 : } else {
2270 303 : ldb_kv->index_transaction_cache_size =
2271 : cache_size;
2272 : }
2273 : }
2274 : }
2275 : /*
2276 : * Set batch mode operation.
2277 : * This disables the nested sub transactions, and increases the
2278 : * chance of index corruption. If using this mode the transaction
2279 : * commit will be aborted if any operation fails.
2280 : */
2281 : {
2282 707186 : const char *batch_mode = ldb_options_find(
2283 : ldb, options, "batch_mode");
2284 707186 : if (batch_mode != NULL) {
2285 304 : ldb_kv->batch_mode = true;
2286 : }
2287 : }
2288 :
2289 707186 : return LDB_SUCCESS;
2290 : }
|
