Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : handle removal of deleted objects
5 :
6 : Copyright (C) 2009 Andrew Tridgell
7 : Copyright (C) 2016 Andrew Bartlett
8 : Copyright (C) 2016 Catalyst.NET Ltd
9 :
10 : This program is free software; you can redistribute it and/or modify
11 : it under the terms of the GNU General Public License as published by
12 : the Free Software Foundation; either version 3 of the License, or
13 : (at your option) any later version.
14 :
15 : This program is distributed in the hope that it will be useful,
16 : but WITHOUT ANY WARRANTY; without even the implied warranty of
17 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 : GNU General Public License for more details.
19 :
20 : You should have received a copy of the GNU General Public License
21 : along with this program. If not, see <http://www.gnu.org/licenses/>.
22 :
23 : */
24 :
25 : #include "includes.h"
26 : #include <ldb_errors.h>
27 : #include "../lib/util/dlinklist.h"
28 : #include "librpc/gen_ndr/ndr_misc.h"
29 : #include "librpc/gen_ndr/ndr_drsuapi.h"
30 : #include "librpc/gen_ndr/ndr_drsblobs.h"
31 : #include "param/param.h"
32 : #include "lib/util/dlinklist.h"
33 : #include "ldb.h"
34 : #include "dsdb/kcc/garbage_collect_tombstones.h"
35 : #include "lib/ldb-samba/ldb_matching_rules.h"
36 : #include "lib/util/time.h"
37 :
38 233 : static NTSTATUS garbage_collect_tombstones_part(TALLOC_CTX *mem_ctx,
39 : struct ldb_context *samdb,
40 : struct dsdb_ldb_dn_list_node *part,
41 : char *filter,
42 : unsigned int *num_links_removed,
43 : unsigned int *num_objects_removed,
44 : struct dsdb_schema *schema,
45 : const char **attrs,
46 : char **error_string,
47 : NTTIME expunge_time_nttime)
48 : {
49 : int ret;
50 : struct ldb_dn *do_dn;
51 : struct ldb_result *res;
52 : unsigned int i, j, k;
53 : uint32_t flags;
54 233 : TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
55 233 : if (!tmp_ctx) {
56 0 : return NT_STATUS_NO_MEMORY;
57 : }
58 :
59 233 : ret = dsdb_get_deleted_objects_dn(samdb, tmp_ctx, part->dn, &do_dn);
60 233 : if (ret != LDB_SUCCESS) {
61 48 : TALLOC_FREE(tmp_ctx);
62 : /* some partitions have no Deleted Objects
63 : container */
64 48 : return NT_STATUS_OK;
65 : }
66 :
67 185 : DEBUG(1, ("Doing a full scan on %s and looking for deleted objects\n",
68 : ldb_dn_get_linearized(part->dn)));
69 :
70 185 : flags = DSDB_SEARCH_SHOW_RECYCLED |
71 : DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT |
72 : DSDB_SEARCH_REVEAL_INTERNALS;
73 185 : ret = dsdb_search(samdb, tmp_ctx, &res, part->dn, LDB_SCOPE_SUBTREE,
74 : attrs, flags, "%s", filter);
75 :
76 185 : if (ret != LDB_SUCCESS) {
77 0 : *error_string = talloc_asprintf(mem_ctx,
78 : "Failed to search for deleted "
79 : "objects in %s: %s",
80 : ldb_dn_get_linearized(do_dn),
81 : ldb_errstring(samdb));
82 0 : TALLOC_FREE(tmp_ctx);
83 0 : return NT_STATUS_INTERNAL_ERROR;
84 : }
85 :
86 200 : for (i=0; i<res->count; i++) {
87 15 : struct ldb_message *cleanup_msg = NULL;
88 15 : unsigned int num_modified = 0;
89 :
90 15 : bool isDeleted = ldb_msg_find_attr_as_bool(res->msgs[i],
91 : "isDeleted", false);
92 15 : if (isDeleted) {
93 13 : if (ldb_dn_compare(do_dn, res->msgs[i]->dn) == 0) {
94 : /* Skip the Deleted Object Container */
95 9 : continue;
96 : }
97 :
98 4 : ret = dsdb_delete(samdb, res->msgs[i]->dn,
99 : DSDB_SEARCH_SHOW_RECYCLED
100 : |DSDB_MODIFY_RELAX);
101 4 : if (ret != LDB_SUCCESS) {
102 0 : DEBUG(1,(__location__ ": Failed to remove "
103 : "deleted object %s\n",
104 : ldb_dn_get_linearized(res->
105 : msgs[i]->dn)));
106 : } else {
107 4 : DEBUG(4,("Removed deleted object %s\n",
108 : ldb_dn_get_linearized(res->
109 : msgs[i]->dn)));
110 4 : (*num_objects_removed)++;
111 : }
112 4 : continue;
113 : }
114 :
115 : /* This must have a linked attribute */
116 :
117 : /*
118 : * From MS-ADTS 3.1.1.1.9 DCs, usn Counters, and
119 : * the Originating Update Stamp
120 : *
121 : * "A link value r is deleted, but exists as a
122 : * tombstone, if r.stamp.timeDeleted ≠ 0. When
123 : * the current time minus r.stamp.timeDeleted
124 : * exceeds the tombstone lifetime, the link
125 : * value r is garbage-collected; that is,
126 : * removed from its containing forward link
127 : * attribute. "
128 : */
129 :
130 4 : for (j=0; j < res->msgs[i]->num_elements; j++) {
131 2 : struct ldb_message_element *element = NULL;
132 : /* TODO this is O(log n) per attribute with deleted values */
133 2 : const struct dsdb_attribute *attrib = NULL;
134 :
135 2 : element = &res->msgs[i]->elements[j];
136 2 : attrib = dsdb_attribute_by_lDAPDisplayName(schema,
137 : element->name);
138 :
139 : /* This avoids parsing isDeleted as a link */
140 4 : if (attrib == NULL ||
141 4 : attrib->linkID == 0 ||
142 2 : ((attrib->linkID & 1) == 1)) {
143 0 : continue;
144 : }
145 :
146 4 : for (k = 0; k < element->num_values; k++) {
147 2 : struct ldb_val *value = &element->values[k];
148 2 : uint64_t whenChanged = 0;
149 : NTSTATUS status;
150 : struct dsdb_dn *dn;
151 2 : struct ldb_message_element *cleanup_elem = NULL;
152 2 : char *guid_search_str = NULL;
153 2 : char *guid_buf_str = NULL;
154 : struct ldb_val cleanup_val;
155 : struct GUID_txt_buf buf_guid;
156 : struct GUID guid;
157 : const struct ldb_val *guid_blob;
158 :
159 2 : if (dsdb_dn_is_deleted_val(value) == false) {
160 0 : continue;
161 : }
162 :
163 4 : dn = dsdb_dn_parse(tmp_ctx, samdb,
164 2 : &element->values[k],
165 2 : attrib->syntax->ldap_oid);
166 2 : if (dn == NULL) {
167 0 : DEBUG(1, ("Failed to parse linked attribute blob of "
168 : "%s on %s while expunging expired links\n",
169 : element->name,
170 : ldb_dn_get_linearized(res->msgs[i]->dn)));
171 0 : continue;
172 : }
173 :
174 2 : status = dsdb_get_extended_dn_uint64(dn->dn,
175 : &whenChanged,
176 : "RMD_CHANGETIME");
177 2 : if (!NT_STATUS_IS_OK(status)) {
178 0 : DEBUG(1, ("Error: RMD_CHANGETIME is missing on a forward link.\n"));
179 0 : talloc_free(dn);
180 0 : continue;
181 : }
182 :
183 2 : if (whenChanged >= expunge_time_nttime) {
184 0 : talloc_free(dn);
185 0 : continue;
186 : }
187 :
188 2 : guid_blob = ldb_dn_get_extended_component(dn->dn, "GUID");
189 2 : status = GUID_from_ndr_blob(guid_blob, &guid);
190 2 : if (!NT_STATUS_IS_OK(status)) {
191 0 : DEBUG(1, ("Error: Invalid GUID on link target.\n"));
192 0 : talloc_free(dn);
193 0 : continue;
194 : }
195 :
196 2 : guid_buf_str = GUID_buf_string(&guid, &buf_guid);
197 2 : guid_search_str = talloc_asprintf(mem_ctx,
198 : "<GUID=%s>;%s",
199 : guid_buf_str,
200 : dsdb_dn_get_linearized(mem_ctx, dn));
201 2 : cleanup_val = data_blob_string_const(guid_search_str);
202 :
203 2 : talloc_free(dn);
204 :
205 2 : if (cleanup_msg == NULL) {
206 2 : cleanup_msg = ldb_msg_new(mem_ctx);
207 2 : if (cleanup_msg == NULL) {
208 0 : return NT_STATUS_NO_MEMORY;
209 : }
210 2 : cleanup_msg->dn = res->msgs[i]->dn;
211 : }
212 :
213 2 : ret = ldb_msg_add_value(cleanup_msg,
214 : element->name,
215 : &cleanup_val,
216 : &cleanup_elem);
217 2 : if (ret != LDB_SUCCESS) {
218 0 : return NT_STATUS_NO_MEMORY;
219 : }
220 2 : cleanup_elem->flags = LDB_FLAG_MOD_DELETE;
221 2 : num_modified++;
222 : }
223 : }
224 :
225 2 : if (num_modified > 0) {
226 2 : ret = dsdb_modify(samdb, cleanup_msg,
227 : DSDB_REPLMD_VANISH_LINKS);
228 2 : if (ret != LDB_SUCCESS) {
229 0 : DEBUG(1,(__location__ ": Failed to remove deleted object %s\n",
230 : ldb_dn_get_linearized(res->msgs[i]->dn)));
231 : } else {
232 2 : DEBUG(4,("Removed deleted object %s\n",
233 : ldb_dn_get_linearized(res->msgs[i]->dn)));
234 2 : *num_links_removed = *num_links_removed + num_modified;
235 : }
236 :
237 : }
238 : }
239 :
240 185 : TALLOC_FREE(tmp_ctx);
241 185 : return NT_STATUS_OK;
242 : }
243 :
244 : /*
245 : * Per MS-ADTS 3.1.1.5.5 Delete Operation
246 : *
247 : * "Tombstones are a type of deleted object distinguished from
248 : * existing-objects by the presence of the isDeleted attribute with the
249 : * value true."
250 : *
251 : * "After a time period at least as large as a tombstone lifetime, the
252 : * tombstone is removed from the directory."
253 : *
254 : * The purpose of this routine is to remove such objects. It is
255 : * called from a timed event in the KCC, and from samba-tool domain
256 : * expunge tombstones.
257 : *
258 : * Additionally, linked attributes have similar properties.
259 : */
260 49 : NTSTATUS dsdb_garbage_collect_tombstones(TALLOC_CTX *mem_ctx,
261 : struct ldb_context *samdb,
262 : struct dsdb_ldb_dn_list_node *part,
263 : time_t current_time,
264 : uint32_t tombstoneLifetime,
265 : unsigned int *num_objects_removed,
266 : unsigned int *num_links_removed,
267 : char **error_string)
268 : {
269 49 : const char **attrs = NULL;
270 49 : char *filter = NULL;
271 : NTSTATUS status;
272 : unsigned int i;
273 : struct dsdb_attribute *next_attr;
274 : unsigned int num_link_attrs;
275 49 : struct dsdb_schema *schema = dsdb_get_schema(samdb, mem_ctx);
276 49 : unsigned long long expunge_time = current_time - tombstoneLifetime*60*60*24;
277 49 : char *expunge_time_string = ldb_timestring_utc(mem_ctx, expunge_time);
278 : NTTIME expunge_time_nttime;
279 49 : unix_to_nt_time(&expunge_time_nttime, expunge_time);
280 :
281 49 : *num_objects_removed = 0;
282 49 : *num_links_removed = 0;
283 49 : *error_string = NULL;
284 49 : num_link_attrs = 0;
285 :
286 : /*
287 : * This filter is a bit strange, but the idea is to filter for
288 : * objects that need to have tombstones expunged without
289 : * bringing a potentially large databse all into memory. To
290 : * do that, we could use callbacks, but instead we use a
291 : * custom match rule to triage the objects during the search,
292 : * and ideally avoid memory allocation for most of the
293 : * un-matched objects.
294 : *
295 : * The parameter to DSDB_MATCH_FOR_EXPUNGE is the NTTIME, we
296 : * return records with deleted links deleted before this time.
297 : *
298 : * We use a date comparison on whenChanged to avoid returning
299 : * all isDeleted records
300 : */
301 :
302 49 : filter = talloc_asprintf(mem_ctx, "(|");
303 69683 : for (next_attr = schema->attributes; next_attr != NULL; next_attr = next_attr->next) {
304 69634 : if (next_attr->linkID != 0 && ((next_attr->linkID & 1) == 0)) {
305 3288 : num_link_attrs++;
306 3288 : filter = talloc_asprintf_append(filter,
307 : "(%s:" DSDB_MATCH_FOR_EXPUNGE ":=%llu)",
308 : next_attr->lDAPDisplayName,
309 : (unsigned long long)expunge_time_nttime);
310 3288 : if (filter == NULL) {
311 0 : return NT_STATUS_NO_MEMORY;
312 : }
313 : }
314 : }
315 :
316 49 : attrs = talloc_array(mem_ctx, const char *, num_link_attrs + 2);
317 49 : i = 0;
318 69683 : for (next_attr = schema->attributes; next_attr != NULL; next_attr = next_attr->next) {
319 69634 : if (next_attr->linkID != 0 && ((next_attr->linkID & 1) == 0)) {
320 3288 : attrs[i++] = next_attr->lDAPDisplayName;
321 : }
322 : }
323 49 : attrs[i] = "isDeleted";
324 49 : attrs[i+1] = NULL;
325 :
326 49 : filter = talloc_asprintf_append(filter,
327 : "(&(isDeleted=TRUE)(whenChanged<=%s)))",
328 : expunge_time_string);
329 49 : if (filter == NULL) {
330 0 : return NT_STATUS_NO_MEMORY;
331 : }
332 :
333 282 : for (; part != NULL; part = part->next) {
334 233 : status = garbage_collect_tombstones_part(mem_ctx, samdb, part,
335 : filter,
336 : num_links_removed,
337 : num_objects_removed,
338 : schema, attrs,
339 : error_string,
340 : expunge_time_nttime);
341 233 : if (!NT_STATUS_IS_OK(status)) {
342 0 : return status;
343 : }
344 : }
345 :
346 49 : return NT_STATUS_OK;
347 : }
|