1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source3/lib/util_tdb.c

1179 lines
30 KiB
C
Raw Normal View History

/*
Unix SMB/CIFS implementation.
tdb utility functions
Copyright (C) Andrew Tridgell 1992-1998
Copyright (C) Rafal Szczesniak 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#undef malloc
#undef realloc
#undef calloc
#undef strdup
/* these are little tdb utility functions that are meant to make
dealing with a tdb database a little less cumbersome in Samba */
static SIG_ATOMIC_T gotalarm;
/***************************************************************
Signal function to tell us we timed out.
****************************************************************/
static void gotalarm_sig(void)
{
gotalarm = 1;
}
/***************************************************************
Make a TDB_DATA and keep the const warning in one place
****************************************************************/
TDB_DATA make_tdb_data(const uint8 *dptr, size_t dsize)
{
TDB_DATA ret;
ret.dptr = CONST_DISCARD(uint8 *, dptr);
ret.dsize = dsize;
return ret;
}
TDB_DATA string_tdb_data(const char *string)
{
return make_tdb_data((const uint8 *)string, string ? strlen(string) : 0 );
}
TDB_DATA string_term_tdb_data(const char *string)
{
return make_tdb_data((const uint8 *)string, string ? strlen(string) + 1 : 0);
}
/****************************************************************************
Lock a chain with timeout (in seconds).
****************************************************************************/
static int tdb_chainlock_with_timeout_internal( TDB_CONTEXT *tdb, TDB_DATA key, unsigned int timeout, int rw_type)
{
/* Allow tdb_chainlock to be interrupted by an alarm. */
int ret;
gotalarm = 0;
if (timeout) {
CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
alarm(timeout);
}
if (rw_type == F_RDLCK)
ret = tdb_chainlock_read(tdb, key);
else
ret = tdb_chainlock(tdb, key);
if (timeout) {
alarm(0);
CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN);
if (gotalarm) {
DEBUG(0,("tdb_chainlock_with_timeout_internal: alarm (%u) timed out for key %s in tdb %s\n",
timeout, key.dptr, tdb_name(tdb)));
/* TODO: If we time out waiting for a lock, it might
* be nice to use F_GETLK to get the pid of the
* process currently holding the lock and print that
* as part of the debugging message. -- mbp */
return -1;
}
}
return ret;
}
/****************************************************************************
Write lock a chain. Return -1 if timeout or lock failed.
****************************************************************************/
int tdb_chainlock_with_timeout( TDB_CONTEXT *tdb, TDB_DATA key, unsigned int timeout)
{
return tdb_chainlock_with_timeout_internal(tdb, key, timeout, F_WRLCK);
}
/****************************************************************************
Lock a chain by string. Return -1 if timeout or lock failed.
****************************************************************************/
int tdb_lock_bystring(TDB_CONTEXT *tdb, const char *keyval)
{
TDB_DATA key = string_term_tdb_data(keyval);
return tdb_chainlock(tdb, key);
}
int tdb_lock_bystring_with_timeout(TDB_CONTEXT *tdb, const char *keyval,
int timeout)
{
TDB_DATA key = string_term_tdb_data(keyval);
return tdb_chainlock_with_timeout(tdb, key, timeout);
}
/****************************************************************************
Unlock a chain by string.
****************************************************************************/
void tdb_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval)
{
TDB_DATA key = string_term_tdb_data(keyval);
tdb_chainunlock(tdb, key);
}
/****************************************************************************
Read lock a chain by string. Return -1 if timeout or lock failed.
****************************************************************************/
int tdb_read_lock_bystring_with_timeout(TDB_CONTEXT *tdb, const char *keyval, unsigned int timeout)
{
TDB_DATA key = string_term_tdb_data(keyval);
return tdb_chainlock_with_timeout_internal(tdb, key, timeout, F_RDLCK);
}
/****************************************************************************
Read unlock a chain by string.
****************************************************************************/
void tdb_read_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval)
{
TDB_DATA key = string_term_tdb_data(keyval);
tdb_chainunlock_read(tdb, key);
}
/****************************************************************************
Fetch a int32 value by a arbitrary blob key, return -1 if not found.
Output is int32 in native byte order.
****************************************************************************/
int32 tdb_fetch_int32_byblob(TDB_CONTEXT *tdb, TDB_DATA key)
{
TDB_DATA data;
int32 ret;
data = tdb_fetch(tdb, key);
if (!data.dptr || data.dsize != sizeof(int32)) {
SAFE_FREE(data.dptr);
return -1;
}
ret = IVAL(data.dptr,0);
SAFE_FREE(data.dptr);
return ret;
}
/****************************************************************************
Fetch a int32 value by string key, return -1 if not found.
Output is int32 in native byte order.
****************************************************************************/
int32 tdb_fetch_int32(TDB_CONTEXT *tdb, const char *keystr)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_fetch_int32_byblob(tdb, key);
}
/****************************************************************************
Store a int32 value by an arbitary blob key, return 0 on success, -1 on failure.
Input is int32 in native byte order. Output in tdb is in little-endian.
****************************************************************************/
int tdb_store_int32_byblob(TDB_CONTEXT *tdb, TDB_DATA key, int32 v)
{
TDB_DATA data;
int32 v_store;
SIVAL(&v_store,0,v);
data.dptr = (uint8 *)&v_store;
data.dsize = sizeof(int32);
return tdb_store(tdb, key, data, TDB_REPLACE);
}
/****************************************************************************
Store a int32 value by string key, return 0 on success, -1 on failure.
Input is int32 in native byte order. Output in tdb is in little-endian.
****************************************************************************/
int tdb_store_int32(TDB_CONTEXT *tdb, const char *keystr, int32 v)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_store_int32_byblob(tdb, key, v);
}
/****************************************************************************
Fetch a uint32 value by a arbitrary blob key, return -1 if not found.
Output is uint32 in native byte order.
****************************************************************************/
BOOL tdb_fetch_uint32_byblob(TDB_CONTEXT *tdb, TDB_DATA key, uint32 *value)
{
TDB_DATA data;
data = tdb_fetch(tdb, key);
if (!data.dptr || data.dsize != sizeof(uint32)) {
SAFE_FREE(data.dptr);
return False;
}
*value = IVAL(data.dptr,0);
SAFE_FREE(data.dptr);
return True;
}
/****************************************************************************
Fetch a uint32 value by string key, return -1 if not found.
Output is uint32 in native byte order.
****************************************************************************/
BOOL tdb_fetch_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32 *value)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_fetch_uint32_byblob(tdb, key, value);
}
/****************************************************************************
Store a uint32 value by an arbitary blob key, return 0 on success, -1 on failure.
Input is uint32 in native byte order. Output in tdb is in little-endian.
****************************************************************************/
BOOL tdb_store_uint32_byblob(TDB_CONTEXT *tdb, TDB_DATA key, uint32 value)
{
TDB_DATA data;
uint32 v_store;
BOOL ret = True;
SIVAL(&v_store, 0, value);
data.dptr = (uint8 *)&v_store;
data.dsize = sizeof(uint32);
if (tdb_store(tdb, key, data, TDB_REPLACE) == -1)
ret = False;
return ret;
}
/****************************************************************************
Store a uint32 value by string key, return 0 on success, -1 on failure.
Input is uint32 in native byte order. Output in tdb is in little-endian.
****************************************************************************/
BOOL tdb_store_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32 value)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_store_uint32_byblob(tdb, key, value);
}
/****************************************************************************
Store a buffer by a null terminated string key. Return 0 on success, -1
on failure.
****************************************************************************/
int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_store(tdb, key, data, flags);
}
int tdb_trans_store_bystring(TDB_CONTEXT *tdb, const char *keystr,
TDB_DATA data, int flags)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_trans_store(tdb, key, data, flags);
}
/****************************************************************************
Fetch a buffer using a null terminated string key. Don't forget to call
free() on the result dptr.
****************************************************************************/
TDB_DATA tdb_fetch_bystring(TDB_CONTEXT *tdb, const char *keystr)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_fetch(tdb, key);
}
/****************************************************************************
Delete an entry using a null terminated string key.
****************************************************************************/
int tdb_delete_bystring(TDB_CONTEXT *tdb, const char *keystr)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_delete(tdb, key);
}
/****************************************************************************
Atomic integer change. Returns old value. To create, set initial value in *oldval.
****************************************************************************/
int32 tdb_change_int32_atomic(TDB_CONTEXT *tdb, const char *keystr, int32 *oldval, int32 change_val)
{
int32 val;
int32 ret = -1;
if (tdb_lock_bystring(tdb, keystr) == -1)
return -1;
if ((val = tdb_fetch_int32(tdb, keystr)) == -1) {
/* The lookup failed */
if (tdb_error(tdb) != TDB_ERR_NOEXIST) {
/* but not because it didn't exist */
goto err_out;
}
/* Start with 'old' value */
val = *oldval;
} else {
/* It worked, set return value (oldval) to tdb data */
*oldval = val;
}
/* Increment value for storage and return next time */
val += change_val;
if (tdb_store_int32(tdb, keystr, val) == -1)
goto err_out;
ret = 0;
err_out:
tdb_unlock_bystring(tdb, keystr);
return ret;
}
/****************************************************************************
Atomic unsigned integer change. Returns old value. To create, set initial value in *oldval.
****************************************************************************/
BOOL tdb_change_uint32_atomic(TDB_CONTEXT *tdb, const char *keystr, uint32 *oldval, uint32 change_val)
{
uint32 val;
BOOL ret = False;
if (tdb_lock_bystring(tdb, keystr) == -1)
return False;
if (!tdb_fetch_uint32(tdb, keystr, &val)) {
/* It failed */
if (tdb_error(tdb) != TDB_ERR_NOEXIST) {
/* and not because it didn't exist */
goto err_out;
}
/* Start with 'old' value */
val = *oldval;
} else {
/* it worked, set return value (oldval) to tdb data */
*oldval = val;
}
/* get a new value to store */
val += change_val;
if (!tdb_store_uint32(tdb, keystr, val))
goto err_out;
ret = True;
err_out:
tdb_unlock_bystring(tdb, keystr);
return ret;
}
/****************************************************************************
Useful pair of routines for packing/unpacking data consisting of
integers and strings.
****************************************************************************/
size_t tdb_pack_va(uint8 *buf, int bufsize, const char *fmt, va_list ap)
{
uint8 bt;
uint16 w;
uint32 d;
int i;
void *p;
int len;
char *s;
char c;
uint8 *buf0 = buf;
const char *fmt0 = fmt;
int bufsize0 = bufsize;
while (*fmt) {
switch ((c = *fmt++)) {
case 'b': /* unsigned 8-bit integer */
len = 1;
bt = (uint8)va_arg(ap, int);
if (bufsize && bufsize >= len)
SSVAL(buf, 0, bt);
break;
case 'w': /* unsigned 16-bit integer */
len = 2;
w = (uint16)va_arg(ap, int);
if (bufsize && bufsize >= len)
SSVAL(buf, 0, w);
break;
case 'd': /* signed 32-bit integer (standard int in most systems) */
len = 4;
d = va_arg(ap, uint32);
if (bufsize && bufsize >= len)
SIVAL(buf, 0, d);
break;
case 'p': /* pointer */
len = 4;
p = va_arg(ap, void *);
d = p?1:0;
if (bufsize && bufsize >= len)
SIVAL(buf, 0, d);
break;
case 'P': /* null-terminated string */
s = va_arg(ap,char *);
w = strlen(s);
len = w + 1;
if (bufsize && bufsize >= len)
memcpy(buf, s, len);
break;
case 'f': /* null-terminated string */
s = va_arg(ap,char *);
w = strlen(s);
len = w + 1;
if (bufsize && bufsize >= len)
memcpy(buf, s, len);
break;
case 'B': /* fixed-length string */
i = va_arg(ap, int);
s = va_arg(ap, char *);
len = 4+i;
if (bufsize && bufsize >= len) {
SIVAL(buf, 0, i);
memcpy(buf+4, s, i);
}
break;
default:
DEBUG(0,("Unknown tdb_pack format %c in %s\n",
c, fmt));
len = 0;
break;
}
buf += len;
if (bufsize)
bufsize -= len;
if (bufsize < 0)
bufsize = 0;
}
DEBUG(18,("tdb_pack_va(%s, %d) -> %d\n",
fmt0, bufsize0, (int)PTR_DIFF(buf, buf0)));
return PTR_DIFF(buf, buf0);
}
size_t tdb_pack(uint8 *buf, int bufsize, const char *fmt, ...)
{
va_list ap;
size_t result;
va_start(ap, fmt);
result = tdb_pack_va(buf, bufsize, fmt, ap);
va_end(ap);
return result;
}
BOOL tdb_pack_append(TALLOC_CTX *mem_ctx, uint8 **buf, size_t *len,
const char *fmt, ...)
{
va_list ap;
size_t len1, len2;
va_start(ap, fmt);
len1 = tdb_pack_va(NULL, 0, fmt, ap);
va_end(ap);
if (mem_ctx != NULL) {
*buf = TALLOC_REALLOC_ARRAY(mem_ctx, *buf, uint8,
(*len) + len1);
} else {
*buf = SMB_REALLOC_ARRAY(*buf, uint8, (*len) + len1);
}
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
if (*buf == NULL) {
return False;
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
}
va_start(ap, fmt);
len2 = tdb_pack_va((*buf)+(*len), len1, fmt, ap);
va_end(ap);
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
if (len1 != len2) {
return False;
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
}
*len += len2;
return True;
}
/****************************************************************************
Useful pair of routines for packing/unpacking data consisting of
integers and strings.
****************************************************************************/
int tdb_unpack(const uint8 *buf, int bufsize, const char *fmt, ...)
{
va_list ap;
uint8 *bt;
uint16 *w;
uint32 *d;
int len;
int *i;
void **p;
char *s, **b;
char c;
const uint8 *buf0 = buf;
const char *fmt0 = fmt;
int bufsize0 = bufsize;
va_start(ap, fmt);
while (*fmt) {
switch ((c=*fmt++)) {
case 'b':
len = 1;
bt = va_arg(ap, uint8 *);
if (bufsize < len)
goto no_space;
*bt = SVAL(buf, 0);
break;
case 'w':
len = 2;
w = va_arg(ap, uint16 *);
if (bufsize < len)
goto no_space;
*w = SVAL(buf, 0);
break;
case 'd':
len = 4;
d = va_arg(ap, uint32 *);
if (bufsize < len)
goto no_space;
*d = IVAL(buf, 0);
break;
case 'p':
len = 4;
p = va_arg(ap, void **);
if (bufsize < len)
goto no_space;
/*
* This isn't a real pointer - only a token (1 or 0)
* to mark the fact a pointer is present.
*/
*p = (void *)(IVAL(buf, 0) ? (void *)1 : NULL);
break;
case 'P':
s = va_arg(ap,char *);
len = strlen((const char *)buf) + 1;
if (bufsize < len || len > sizeof(pstring))
goto no_space;
memcpy(s, buf, len);
break;
case 'f':
s = va_arg(ap,char *);
len = strlen((const char *)buf) + 1;
if (bufsize < len || len > sizeof(fstring))
goto no_space;
memcpy(s, buf, len);
break;
case 'B':
i = va_arg(ap, int *);
b = va_arg(ap, char **);
len = 4;
if (bufsize < len)
goto no_space;
*i = IVAL(buf, 0);
if (! *i) {
*b = NULL;
break;
}
len += *i;
if (bufsize < len)
goto no_space;
*b = (char *)SMB_MALLOC(*i);
if (! *b)
goto no_space;
memcpy(*b, buf+4, *i);
break;
default:
DEBUG(0,("Unknown tdb_unpack format %c in %s\n",
c, fmt));
len = 0;
break;
}
buf += len;
bufsize -= len;
}
va_end(ap);
DEBUG(18,("tdb_unpack(%s, %d) -> %d\n",
fmt0, bufsize0, (int)PTR_DIFF(buf, buf0)));
return PTR_DIFF(buf, buf0);
no_space:
return -1;
}
/****************************************************************************
Log tdb messages via DEBUG().
****************************************************************************/
static void tdb_log(TDB_CONTEXT *tdb, enum tdb_debug_level level, const char *format, ...)
{
va_list ap;
char *ptr = NULL;
va_start(ap, format);
vasprintf(&ptr, format, ap);
va_end(ap);
if (!ptr || !*ptr)
return;
DEBUG((int)level, ("tdb(%s): %s", tdb_name(tdb) ? tdb_name(tdb) : "unnamed", ptr));
SAFE_FREE(ptr);
}
/****************************************************************************
Like tdb_open() but also setup a logging function that redirects to
the samba DEBUG() system.
****************************************************************************/
This is another *BIG* change... Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-20 17:30:58 +03:00
TDB_CONTEXT *tdb_open_log(const char *name, int hash_size, int tdb_flags,
int open_flags, mode_t mode)
{
TDB_CONTEXT *tdb;
struct tdb_logging_context log_ctx;
if (!lp_use_mmap())
tdb_flags |= TDB_NOMMAP;
log_ctx.log_fn = tdb_log;
log_ctx.log_private = NULL;
tdb = tdb_open_ex(name, hash_size, tdb_flags,
open_flags, mode, &log_ctx, NULL);
if (!tdb)
return NULL;
return tdb;
}
/****************************************************************************
Allow tdb_delete to be used as a tdb_traversal_fn.
****************************************************************************/
int tdb_traverse_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state)
{
return tdb_delete(the_tdb, key);
}
/**
* Search across the whole tdb for keys that match the given pattern
* return the result as a list of keys
*
* @param tdb pointer to opened tdb file context
* @param pattern searching pattern used by fnmatch(3) functions
*
* @return list of keys found by looking up with given pattern
**/
TDB_LIST_NODE *tdb_search_keys(TDB_CONTEXT *tdb, const char* pattern)
{
TDB_DATA key, next;
TDB_LIST_NODE *list = NULL;
TDB_LIST_NODE *rec = NULL;
for (key = tdb_firstkey(tdb); key.dptr; key = next) {
/* duplicate key string to ensure null-termination */
char *key_str = SMB_STRNDUP((const char *)key.dptr, key.dsize);
if (!key_str) {
DEBUG(0, ("tdb_search_keys: strndup() failed!\n"));
smb_panic("strndup failed!\n");
}
DEBUG(18, ("checking %s for match to pattern %s\n", key_str, pattern));
next = tdb_nextkey(tdb, key);
/* do the pattern checking */
if (fnmatch(pattern, key_str, 0) == 0) {
rec = SMB_MALLOC_P(TDB_LIST_NODE);
ZERO_STRUCTP(rec);
rec->node_key = key;
DLIST_ADD_END(list, rec, TDB_LIST_NODE *);
DEBUG(18, ("checking %s matched pattern %s\n", key_str, pattern));
} else {
free(key.dptr);
}
/* free duplicated key string */
free(key_str);
}
return list;
}
/**
* Free the list returned by tdb_search_keys
*
* @param node list of results found by tdb_search_keys
**/
void tdb_search_list_free(TDB_LIST_NODE* node)
{
TDB_LIST_NODE *next_node;
while (node) {
next_node = node->next;
SAFE_FREE(node->node_key.dptr);
SAFE_FREE(node);
node = next_node;
};
}
/****************************************************************************
tdb_store, wrapped in a transaction. This way we make sure that a process
that dies within writing does not leave a corrupt tdb behind.
****************************************************************************/
int tdb_trans_store(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf,
int flag)
{
int res;
if ((res = tdb_transaction_start(tdb)) != 0) {
DEBUG(5, ("tdb_transaction_start failed\n"));
return res;
}
if ((res = tdb_store(tdb, key, dbuf, flag)) != 0) {
DEBUG(10, ("tdb_store failed\n"));
if (tdb_transaction_cancel(tdb) != 0) {
smb_panic("Cancelling transaction failed");
}
return res;
}
if ((res = tdb_transaction_commit(tdb)) != 0) {
DEBUG(5, ("tdb_transaction_commit failed\n"));
}
return res;
}
/****************************************************************************
tdb_delete, wrapped in a transaction. This way we make sure that a process
that dies within deleting does not leave a corrupt tdb behind.
****************************************************************************/
int tdb_trans_delete(struct tdb_context *tdb, TDB_DATA key)
{
int res;
if ((res = tdb_transaction_start(tdb)) != 0) {
DEBUG(5, ("tdb_transaction_start failed\n"));
return res;
}
if ((res = tdb_delete(tdb, key)) != 0) {
DEBUG(10, ("tdb_delete failed\n"));
if (tdb_transaction_cancel(tdb) != 0) {
smb_panic("Cancelling transaction failed");
}
return res;
}
if ((res = tdb_transaction_commit(tdb)) != 0) {
DEBUG(5, ("tdb_transaction_commit failed\n"));
}
return res;
}
/*
Log tdb messages via DEBUG().
*/
static void tdb_wrap_log(TDB_CONTEXT *tdb, enum tdb_debug_level level,
const char *format, ...) PRINTF_ATTRIBUTE(3,4);
static void tdb_wrap_log(TDB_CONTEXT *tdb, enum tdb_debug_level level,
const char *format, ...)
{
va_list ap;
char *ptr = NULL;
int debuglevel = 0;
va_start(ap, format);
vasprintf(&ptr, format, ap);
va_end(ap);
switch (level) {
case TDB_DEBUG_FATAL:
debug_level = 0;
break;
case TDB_DEBUG_ERROR:
debuglevel = 1;
break;
case TDB_DEBUG_WARNING:
debuglevel = 2;
break;
case TDB_DEBUG_TRACE:
debuglevel = 5;
break;
default:
debuglevel = 0;
}
if (ptr != NULL) {
const char *name = tdb_name(tdb);
DEBUG(debuglevel, ("tdb(%s): %s", name ? name : "unnamed", ptr));
free(ptr);
}
}
static struct tdb_wrap *tdb_list;
/* destroy the last connection to a tdb */
static int tdb_wrap_destructor(struct tdb_wrap *w)
{
tdb_close(w->tdb);
DLIST_REMOVE(tdb_list, w);
return 0;
}
/*
wrapped connection to a tdb database
to close just talloc_free() the tdb_wrap pointer
*/
struct tdb_wrap *tdb_wrap_open(TALLOC_CTX *mem_ctx,
const char *name, int hash_size, int tdb_flags,
int open_flags, mode_t mode)
{
struct tdb_wrap *w;
struct tdb_logging_context log_ctx;
log_ctx.log_fn = tdb_wrap_log;
if (!lp_use_mmap())
tdb_flags |= TDB_NOMMAP;
for (w=tdb_list;w;w=w->next) {
if (strcmp(name, w->name) == 0) {
/*
* Yes, talloc_reference is exactly what we want
* here. Otherwise we would have to implement our own
* reference counting.
*/
return talloc_reference(mem_ctx, w);
}
}
w = talloc(mem_ctx, struct tdb_wrap);
if (w == NULL) {
return NULL;
}
if (!(w->name = talloc_strdup(w, name))) {
talloc_free(w);
return NULL;
}
w->tdb = tdb_open_ex(name, hash_size, tdb_flags,
open_flags, mode, &log_ctx, NULL);
if (w->tdb == NULL) {
talloc_free(w);
return NULL;
}
talloc_set_destructor(w, tdb_wrap_destructor);
DLIST_ADD(tdb_list, w);
return w;
}
NTSTATUS map_nt_error_from_tdb(enum TDB_ERROR err)
{
struct { enum TDB_ERROR err; NTSTATUS status; } map[] =
{ { TDB_SUCCESS, NT_STATUS_OK },
{ TDB_ERR_CORRUPT, NT_STATUS_INTERNAL_DB_CORRUPTION },
{ TDB_ERR_IO, NT_STATUS_UNEXPECTED_IO_ERROR },
{ TDB_ERR_OOM, NT_STATUS_NO_MEMORY },
{ TDB_ERR_EXISTS, NT_STATUS_OBJECT_NAME_COLLISION },
/*
* TDB_ERR_LOCK is very broad, we could for example
* distinguish between fcntl locks and invalid lock
* sequences. So NT_STATUS_FILE_LOCK_CONFLICT is a
* compromise.
*/
{ TDB_ERR_LOCK, NT_STATUS_FILE_LOCK_CONFLICT },
/*
* The next two ones in the enum are not actually used
*/
{ TDB_ERR_NOLOCK, NT_STATUS_FILE_LOCK_CONFLICT },
{ TDB_ERR_LOCK_TIMEOUT, NT_STATUS_FILE_LOCK_CONFLICT },
{ TDB_ERR_NOEXIST, NT_STATUS_NOT_FOUND },
{ TDB_ERR_EINVAL, NT_STATUS_INVALID_PARAMETER },
{ TDB_ERR_RDONLY, NT_STATUS_ACCESS_DENIED }
};
int i;
for (i=0; i < sizeof(map) / sizeof(map[0]); i++) {
if (err == map[i].err) {
return map[i].status;
}
}
return NT_STATUS_INTERNAL_ERROR;
}
/*********************************************************************
* the following is a generic validation mechanism for tdbs.
*********************************************************************/
/*
* internal validation function, executed by the child.
*/
static int tdb_validate_child(const char *tdb_path,
tdb_validate_data_func validate_fn,
int pfd)
{
int ret = -1;
int tfd = -1;
int num_entries = 0;
TDB_CONTEXT *tdb = NULL;
struct tdb_validation_status v_status;
v_status.tdb_error = False;
v_status.bad_freelist = False;
v_status.bad_entry = False;
v_status.unknown_key = False;
v_status.success = True;
tdb = tdb_open_log(tdb_path, 0, TDB_DEFAULT, O_RDONLY, 0);
if (!tdb) {
v_status.tdb_error = True;
v_status.success = False;
goto out;
}
tfd = tdb_fd(tdb);
/* Check the cache freelist is good. */
if (tdb_validate_freelist(tdb, &num_entries) == -1) {
DEBUG(0,("tdb_validate_child: bad freelist in cache %s\n",
tdb_path));
v_status.bad_freelist = True;
v_status.success = False;
goto out;
}
DEBUG(10,("tdb_validate_child: cache %s freelist has %d entries\n",
tdb_path, num_entries));
/* Now traverse the cache to validate it. */
num_entries = tdb_traverse(tdb, validate_fn, (void *)&v_status);
if (num_entries == -1 || !(v_status.success)) {
DEBUG(0,("tdb_validate_child: cache %s traverse failed\n",
tdb_path));
if (!(v_status.success)) {
if (v_status.bad_entry) {
DEBUGADD(0, (" -> bad entry found\n"));
}
if (v_status.unknown_key) {
DEBUGADD(0, (" -> unknown key encountered\n"));
}
}
goto out;
}
DEBUG(10,("tdb_validate_child: cache %s is good "
"with %d entries\n", tdb_path, num_entries));
ret = 0; /* Cache is good. */
out:
if (tdb) {
if (ret == 0) {
tdb_close(tdb);
}
else if (tfd != -1) {
close(tfd);
}
}
DEBUG(10, ("tdb_validate_child: writing status to pipe\n"));
write (pfd, (const char *)&v_status, sizeof(v_status));
close(pfd);
return ret;
}
int tdb_validate(const char *tdb_path, tdb_validate_data_func validate_fn)
{
pid_t child_pid = -1;
int child_status = 0;
int wait_pid = 0;
int ret = -1;
int pipe_fds[2];
struct tdb_validation_status v_status;
int bytes_read = 0;
/* fork and let the child do the validation.
* benefit: no need to twist signal handlers and panic functions.
* just let the child panic. we catch the signal.
* communicate the extended status struct over a pipe. */
if (pipe(pipe_fds) != 0) {
DEBUG(0, ("tdb_validate: unable to create pipe, "
"error %s", strerror(errno)));
smb_panic("winbind_validate_cache: unable to create pipe.");
}
DEBUG(10, ("tdb_validate: forking to let child do validation.\n"));
child_pid = sys_fork();
if (child_pid == 0) {
DEBUG(10, ("tdb_validate (validation child): created\n"));
close(pipe_fds[0]); /* close reading fd */
DEBUG(10, ("tdb_validate (validation child): "
"calling tdb_validate_child\n"));
exit(tdb_validate_child(tdb_path, validate_fn, pipe_fds[1]));
}
else if (child_pid < 0) {
smb_panic("tdb_validate: fork for validation failed.");
}
/* parent */
DEBUG(10, ("tdb_validate: fork succeeded, child PID = %d\n",
child_pid));
close(pipe_fds[1]); /* close writing fd */
v_status.success = True;
v_status.bad_entry = False;
v_status.unknown_key = False;
DEBUG(10, ("tdb_validate: reading from pipe.\n"));
bytes_read = read(pipe_fds[0], (void *)&v_status, sizeof(v_status));
close(pipe_fds[0]);
if (bytes_read != sizeof(v_status)) {
DEBUG(10, ("tdb_validate: read %d bytes from pipe "
"but expected %d", bytes_read, (int)sizeof(v_status)));
DEBUGADD(10, (" -> assuming child crashed\n"));
v_status.success = False;
}
else {
DEBUG(10, ("tdb_validate: read status from child\n"));
DEBUGADD(10, (" * tdb error: %s\n", v_status.tdb_error ? "yes" : "no"));
DEBUGADD(10, (" * bad freelist: %s\n", v_status.bad_freelist ? "yes" : "no"));
DEBUGADD(10, (" * bad entry: %s\n", v_status.bad_entry ? "yes" : "no"));
DEBUGADD(10, (" * unknown key: %s\n", v_status.unknown_key ? "yes" : "no"));
DEBUGADD(10, (" => overall success: %s\n", v_status.success ? "yes" : "no"));
}
if (!v_status.success) {
DEBUG(10, ("tdb_validate: validation not successful.\n"));
DEBUGADD(10, ("removing tdb %s.\n", tdb_path));
unlink(tdb_path);
}
DEBUG(10, ("tdb_validate: waiting for child to finish...\n"));
while ((wait_pid = sys_waitpid(child_pid, &child_status, 0)) < 0) {
if (errno == EINTR) {
DEBUG(10, ("tdb_validate: got signal during "
"waitpid, retrying\n"));
errno = 0;
continue;
}
DEBUG(0, ("tdb_validate: waitpid failed with "
"errno %s\n", strerror(errno)));
smb_panic("tdb_validate: waitpid failed.");
}
if (wait_pid != child_pid) {
DEBUG(0, ("tdb_validate: waitpid returned pid %d, "
"but %d was expexted\n", wait_pid, child_pid));
smb_panic("tdb_validate: waitpid returned "
"unexpected PID.");
}
DEBUG(10, ("tdb_validate: validating child returned.\n"));
if (WIFEXITED(child_status)) {
DEBUG(10, ("tdb_validate: child exited, code %d.\n",
WEXITSTATUS(child_status)));
ret = WEXITSTATUS(child_status);
}
if (WIFSIGNALED(child_status)) {
DEBUG(10, ("tdb_validate: child terminated "
"by signal %d\n", WTERMSIG(child_status)));
#ifdef WCOREDUMP
if (WCOREDUMP(child_status)) {
DEBUGADD(10, ("core dumped\n"));
}
#endif
ret = WTERMSIG(child_status);
}
if (WIFSTOPPED(child_status)) {
DEBUG(10, ("tdb_validate: child was stopped "
"by signal %d\n",
WSTOPSIG(child_status)));
ret = WSTOPSIG(child_status);
}
return ret;
}