2008-06-15 19:15:12 +04:00
/*
2005-06-17 06:47:26 +04:00
ldb database library - ildap backend
Copyright ( C ) Andrew Tridgell 2005
2008-06-15 19:15:12 +04:00
Copyright ( C ) Simo Sorce 2008
2005-06-17 06:47:26 +04:00
* * NOTE ! The following LGPL license applies to the ldb
* * library . This does NOT imply that all of Samba is released
* * under the LGPL
2008-06-15 19:15:12 +04:00
2005-06-17 06:47:26 +04:00
This library is free software ; you can redistribute it and / or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation ; either
2007-07-10 06:46:15 +04:00
version 3 of the License , or ( at your option ) any later version .
2005-06-17 06:47:26 +04:00
This library is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
Lesser General Public License for more details .
You should have received a copy of the GNU Lesser General Public
2007-07-10 07:42:26 +04:00
License along with this library ; if not , see < http : //www.gnu.org/licenses/>.
2005-06-17 06:47:26 +04:00
*/
/*
2006-02-28 07:37:47 +03:00
* Name : ldb_ildap
*
* Component : ldb ildap backend
*
* Description : This is a ldb backend for the internal ldap
* client library in Samba4 . By using this backend we are
* independent of a system ldap library
*
* Author : Andrew Tridgell
*
* Modifications :
*
2010-02-21 09:22:45 +03:00
* - description : make the module use asynchronous calls
2006-02-28 07:37:47 +03:00
* date : Feb 2006
* author : Simo Sorce
*/
2005-06-17 06:47:26 +04:00
# include "includes.h"
2009-01-30 02:39:30 +03:00
# include "ldb_module.h"
2010-06-15 22:52:01 +04:00
# include "util/dlinklist.h"
2006-01-10 19:48:32 +03:00
2010-05-21 11:39:15 +04:00
# include "libcli/ldap/libcli_ldap.h"
2005-06-17 06:47:26 +04:00
# include "libcli/ldap/ldap_client.h"
2005-11-05 14:13:22 +03:00
# include "auth/auth.h"
2006-11-07 03:48:36 +03:00
# include "auth/credentials/credentials.h"
2005-06-17 06:47:26 +04:00
struct ildb_private {
struct ldap_connection * ldap ;
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ;
2005-06-17 06:47:26 +04:00
} ;
2006-07-22 20:56:33 +04:00
struct ildb_context {
2008-09-12 02:34:56 +04:00
struct ldb_module * module ;
struct ldb_request * req ;
2006-12-12 20:37:41 +03:00
struct ildb_private * ildb ;
2008-09-12 02:34:56 +04:00
struct ldap_request * ireq ;
2010-01-29 20:05:51 +03:00
/* indicate we are already processing
* the ldap_request in ildb_callback ( ) */
bool in_ildb_callback ;
2008-09-12 02:34:56 +04:00
bool done ;
struct ildb_destructor_ctx * dc ;
2006-02-22 04:31:35 +03:00
} ;
2008-09-12 02:34:56 +04:00
static void ildb_request_done ( struct ildb_context * ctx ,
struct ldb_control * * ctrls , int error )
{
2009-01-30 02:39:30 +03:00
struct ldb_context * ldb ;
2008-09-12 02:34:56 +04:00
struct ldb_reply * ares ;
2009-01-30 02:39:30 +03:00
ldb = ldb_module_get_ctx ( ctx - > module ) ;
2008-09-12 02:34:56 +04:00
ctx - > done = true ;
if ( ctx - > req = = NULL ) {
/* if the req has been freed already just return */
return ;
}
ares = talloc_zero ( ctx - > req , struct ldb_reply ) ;
if ( ! ares ) {
2009-01-30 02:39:30 +03:00
ldb_oom ( ldb ) ;
2008-09-12 02:34:56 +04:00
ctx - > req - > callback ( ctx - > req , NULL ) ;
return ;
}
ares - > type = LDB_REPLY_DONE ;
ares - > controls = talloc_steal ( ares , ctrls ) ;
ares - > error = error ;
ctx - > req - > callback ( ctx - > req , ares ) ;
}
2008-12-29 22:24:57 +03:00
static void ildb_auto_done_callback ( struct tevent_context * ev ,
struct tevent_timer * te ,
2008-09-12 02:34:56 +04:00
struct timeval t ,
void * private_data )
{
struct ildb_context * ac ;
ac = talloc_get_type ( private_data , struct ildb_context ) ;
ildb_request_done ( ac , NULL , LDB_SUCCESS ) ;
}
2006-02-22 04:31:35 +03:00
/*
convert a ldb_message structure to a list of ldap_mod structures
ready for ildap_add ( ) or ildap_modify ( )
*/
static struct ldap_mod * * ildb_msg_to_mods ( void * mem_ctx , int * num_mods ,
2008-06-15 19:15:12 +04:00
const struct ldb_message * msg ,
int use_flags )
2006-02-22 04:31:35 +03:00
{
struct ldap_mod * * mods ;
unsigned int i ;
int n = 0 ;
/* allocate maximum number of elements needed */
mods = talloc_array ( mem_ctx , struct ldap_mod * , msg - > num_elements + 1 ) ;
if ( ! mods ) {
errno = ENOMEM ;
return NULL ;
}
mods [ 0 ] = NULL ;
for ( i = 0 ; i < msg - > num_elements ; i + + ) {
const struct ldb_message_element * el = & msg - > elements [ i ] ;
mods [ n ] = talloc ( mods , struct ldap_mod ) ;
if ( ! mods [ n ] ) {
goto failed ;
}
mods [ n + 1 ] = NULL ;
mods [ n ] - > type = 0 ;
mods [ n ] - > attrib = * el ;
if ( use_flags ) {
switch ( el - > flags & LDB_FLAG_MOD_MASK ) {
case LDB_FLAG_MOD_ADD :
mods [ n ] - > type = LDAP_MODIFY_ADD ;
break ;
case LDB_FLAG_MOD_DELETE :
mods [ n ] - > type = LDAP_MODIFY_DELETE ;
break ;
case LDB_FLAG_MOD_REPLACE :
mods [ n ] - > type = LDAP_MODIFY_REPLACE ;
break ;
}
}
n + + ;
}
* num_mods = n ;
return mods ;
failed :
talloc_free ( mods ) ;
return NULL ;
}
2005-10-31 05:13:02 +03:00
/*
map an ildap NTSTATUS to a ldb error code
*/
2008-09-12 02:34:56 +04:00
static int ildb_map_error ( struct ldb_module * module , NTSTATUS status )
2005-10-31 05:13:02 +03:00
{
2009-01-30 02:39:30 +03:00
struct ildb_private * ildb ;
struct ldb_context * ldb ;
2009-02-13 13:38:21 +03:00
TALLOC_CTX * mem_ctx ;
2009-01-30 02:39:30 +03:00
ildb = talloc_get_type ( ldb_module_get_private ( module ) , struct ildb_private ) ;
ldb = ldb_module_get_ctx ( module ) ;
2008-09-12 02:34:56 +04:00
2005-10-31 05:13:02 +03:00
if ( NT_STATUS_IS_OK ( status ) ) {
return LDB_SUCCESS ;
}
2009-02-13 13:38:21 +03:00
mem_ctx = talloc_new ( ildb ) ;
2007-03-08 09:23:39 +03:00
if ( ! mem_ctx ) {
2009-01-30 02:39:30 +03:00
ldb_oom ( ldb ) ;
2007-03-08 09:23:39 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
}
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb ,
2008-06-15 19:15:12 +04:00
ldap_errstr ( ildb - > ldap , mem_ctx , status ) ) ;
2007-03-08 09:23:39 +03:00
talloc_free ( mem_ctx ) ;
2005-10-31 05:13:02 +03:00
if ( NT_STATUS_IS_LDAP ( status ) ) {
return NT_STATUS_LDAP_CODE ( status ) ;
}
return LDB_ERR_OPERATIONS_ERROR ;
}
2008-12-29 22:24:57 +03:00
static void ildb_request_timeout ( struct tevent_context * ev , struct tevent_timer * te ,
2006-02-22 04:31:35 +03:00
struct timeval t , void * private_data )
2005-06-17 06:47:26 +04:00
{
2008-09-12 02:34:56 +04:00
struct ildb_context * ac = talloc_get_type ( private_data , struct ildb_context ) ;
2008-06-15 19:15:12 +04:00
2008-09-12 02:34:56 +04:00
if ( ac - > ireq - > state = = LDAP_REQUEST_PENDING ) {
DLIST_REMOVE ( ac - > ireq - > conn - > pending , ac - > ireq ) ;
2005-06-17 06:47:26 +04:00
}
2008-09-12 02:34:56 +04:00
ildb_request_done ( ac , NULL , LDB_ERR_TIME_LIMIT_EXCEEDED ) ;
2006-02-22 04:31:35 +03:00
}
2005-08-18 19:02:01 +04:00
2006-05-30 03:46:43 +04:00
static void ildb_callback ( struct ldap_request * req )
2006-02-22 04:31:35 +03:00
{
2009-01-30 02:39:30 +03:00
struct ldb_context * ldb ;
2008-06-15 19:15:12 +04:00
struct ildb_context * ac ;
2006-02-22 04:31:35 +03:00
NTSTATUS status ;
2008-09-12 02:34:56 +04:00
struct ldap_SearchResEntry * search ;
struct ldap_message * msg ;
struct ldb_control * * controls ;
struct ldb_message * ldbmsg ;
char * referral ;
bool callback_failed ;
bool request_done ;
int ret ;
2006-02-22 04:31:35 +03:00
int i ;
2005-08-18 19:02:01 +04:00
2008-06-15 19:15:12 +04:00
ac = talloc_get_type ( req - > async . private_data , struct ildb_context ) ;
2009-01-30 02:39:30 +03:00
ldb = ldb_module_get_ctx ( ac - > module ) ;
2008-09-12 02:34:56 +04:00
callback_failed = false ;
request_done = false ;
controls = NULL ;
2006-02-22 04:31:35 +03:00
2010-01-29 20:05:51 +03:00
/* check if we are already processing this request */
if ( ac - > in_ildb_callback ) {
return ;
}
/* mark the request as being in process */
ac - > in_ildb_callback = true ;
2006-02-22 04:31:35 +03:00
if ( ! NT_STATUS_IS_OK ( req - > status ) ) {
2008-09-12 02:34:56 +04:00
ret = ildb_map_error ( ac - > module , req - > status ) ;
ildb_request_done ( ac , NULL , ret ) ;
2006-02-22 04:31:35 +03:00
return ;
2005-06-17 06:47:26 +04:00
}
2006-02-22 04:31:35 +03:00
if ( req - > num_replies < 1 ) {
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_OPERATIONS_ERROR ;
ildb_request_done ( ac , NULL , ret ) ;
2006-02-22 04:31:35 +03:00
return ;
2008-06-15 19:15:12 +04:00
}
2006-02-22 04:31:35 +03:00
switch ( req - > type ) {
2005-08-18 19:02:01 +04:00
2006-02-22 04:31:35 +03:00
case LDAP_TAG_ModifyRequest :
if ( req - > replies [ 0 ] - > type ! = LDAP_TAG_ModifyResponse ) {
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
2008-09-12 02:34:56 +04:00
status = ldap_check_response ( ac - > ireq - > conn , & req - > replies [ 0 ] - > r . GeneralResult ) ;
ret = ildb_map_error ( ac - > module , status ) ;
request_done = true ;
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_AddRequest :
if ( req - > replies [ 0 ] - > type ! = LDAP_TAG_AddResponse ) {
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
2006-02-22 04:31:35 +03:00
return ;
}
2008-09-12 02:34:56 +04:00
status = ldap_check_response ( ac - > ireq - > conn , & req - > replies [ 0 ] - > r . GeneralResult ) ;
ret = ildb_map_error ( ac - > module , status ) ;
request_done = true ;
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_DelRequest :
if ( req - > replies [ 0 ] - > type ! = LDAP_TAG_DelResponse ) {
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
2006-02-22 04:31:35 +03:00
return ;
}
2008-09-12 02:34:56 +04:00
status = ldap_check_response ( ac - > ireq - > conn , & req - > replies [ 0 ] - > r . GeneralResult ) ;
ret = ildb_map_error ( ac - > module , status ) ;
request_done = true ;
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_ModifyDNRequest :
if ( req - > replies [ 0 ] - > type ! = LDAP_TAG_ModifyDNResponse ) {
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
2006-02-22 04:31:35 +03:00
return ;
}
2008-09-12 02:34:56 +04:00
status = ldap_check_response ( ac - > ireq - > conn , & req - > replies [ 0 ] - > r . GeneralResult ) ;
ret = ildb_map_error ( ac - > module , status ) ;
request_done = true ;
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_SearchRequest :
/* loop over all messages */
for ( i = 0 ; i < req - > num_replies ; i + + ) {
msg = req - > replies [ i ] ;
switch ( msg - > type ) {
case LDAP_TAG_SearchResultDone :
2008-09-12 02:34:56 +04:00
status = ldap_check_response ( ac - > ireq - > conn , & msg - > r . GeneralResult ) ;
2006-02-22 04:31:35 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2008-09-12 02:34:56 +04:00
ret = ildb_map_error ( ac - > module , status ) ;
break ;
2006-02-22 04:31:35 +03:00
}
2008-06-15 19:15:12 +04:00
2008-09-12 02:34:56 +04:00
controls = talloc_steal ( ac , msg - > controls ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . SearchResultDone . resultcode ) {
if ( msg - > r . SearchResultDone . errormessage ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , msg - > r . SearchResultDone . errormessage ) ;
2006-02-22 04:31:35 +03:00
}
}
2008-09-12 02:34:56 +04:00
ret = msg - > r . SearchResultDone . resultcode ;
request_done = true ;
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_SearchResultEntry :
2008-09-12 02:34:56 +04:00
ldbmsg = ldb_msg_new ( ac ) ;
if ( ! ldbmsg ) {
ret = LDB_ERR_OPERATIONS_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
search = & ( msg - > r . SearchResultEntry ) ;
2008-06-15 19:15:12 +04:00
2009-01-30 02:39:30 +03:00
ldbmsg - > dn = ldb_dn_new ( ldbmsg , ldb , search - > dn ) ;
2008-09-12 02:34:56 +04:00
if ( ! ldb_dn_validate ( ldbmsg - > dn ) ) {
ret = LDB_ERR_OPERATIONS_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
2008-09-12 02:34:56 +04:00
ldbmsg - > num_elements = search - > num_attributes ;
ldbmsg - > elements = talloc_move ( ldbmsg , & search - > attributes ) ;
2006-02-22 04:31:35 +03:00
2008-12-16 10:59:05 +03:00
controls = talloc_steal ( ac , msg - > controls ) ;
ret = ldb_module_send_entry ( ac - > req , ldbmsg , controls ) ;
2008-09-12 02:34:56 +04:00
if ( ret ! = LDB_SUCCESS ) {
callback_failed = true ;
}
2010-01-25 13:22:39 +03:00
2006-02-22 04:31:35 +03:00
break ;
case LDAP_TAG_SearchResultReference :
2008-09-12 02:34:56 +04:00
referral = talloc_strdup ( ac , msg - > r . SearchResultReference . referral ) ;
2008-06-15 19:15:12 +04:00
2008-09-12 02:34:56 +04:00
ret = ldb_module_send_referral ( ac - > req , referral ) ;
if ( ret ! = LDB_SUCCESS ) {
callback_failed = true ;
}
2010-01-25 13:22:39 +03:00
2006-02-22 04:31:35 +03:00
break ;
default :
/* TAG not handled, fail ! */
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
2008-09-12 02:34:56 +04:00
if ( ret ! = LDB_SUCCESS ) {
break ;
2006-02-22 04:31:35 +03:00
}
}
talloc_free ( req - > replies ) ;
req - > replies = NULL ;
req - > num_replies = 0 ;
break ;
2008-06-15 19:15:12 +04:00
2006-02-22 04:31:35 +03:00
default :
2008-09-12 02:34:56 +04:00
ret = LDB_ERR_PROTOCOL_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
2005-06-17 06:47:26 +04:00
2008-09-12 02:34:56 +04:00
if ( ret ! = LDB_SUCCESS ) {
2005-06-17 06:47:26 +04:00
2008-09-12 02:34:56 +04:00
/* if the callback failed the caller will have freed the
* request . Just return and don ' t try to use it */
if ( ! callback_failed ) {
request_done = true ;
}
2005-06-17 06:47:26 +04:00
}
2006-02-22 04:31:35 +03:00
2010-03-03 03:33:31 +03:00
/* mark the request as not being in progress */
ac - > in_ildb_callback = false ;
2008-09-12 02:34:56 +04:00
if ( request_done ) {
ildb_request_done ( ac , controls , ret ) ;
2005-06-17 06:47:26 +04:00
}
2010-01-29 20:05:51 +03:00
2008-09-12 02:34:56 +04:00
return ;
2006-08-01 06:25:05 +04:00
}
2008-09-12 02:34:56 +04:00
static int ildb_request_send ( struct ildb_context * ac , struct ldap_message * msg )
2006-08-01 06:25:05 +04:00
{
2009-01-30 02:39:30 +03:00
struct ldb_context * ldb ;
2006-08-01 06:25:05 +04:00
struct ldap_request * req ;
2008-09-12 02:34:56 +04:00
if ( ! ac ) {
2008-06-15 19:15:12 +04:00
return LDB_ERR_OPERATIONS_ERROR ;
2006-08-01 06:25:05 +04:00
}
2009-01-30 02:39:30 +03:00
ldb = ldb_module_get_ctx ( ac - > module ) ;
2008-09-12 02:34:56 +04:00
req = ldap_request_send ( ac - > ildb - > ldap , msg ) ;
2006-02-22 04:31:35 +03:00
if ( req = = NULL ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " async send request failed " ) ;
2006-02-22 04:31:35 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
}
2010-09-28 02:03:44 +04:00
ac - > ireq = talloc_reparent ( ac - > ildb - > ldap , ac , req ) ;
2005-08-18 19:02:01 +04:00
2008-09-12 02:34:56 +04:00
if ( ! ac - > ireq - > conn ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " connection to remote LDAP server dropped? " ) ;
2006-07-29 05:22:22 +04:00
return LDB_ERR_OPERATIONS_ERROR ;
}
2006-02-22 04:31:35 +03:00
talloc_free ( req - > time_event ) ;
req - > time_event = NULL ;
2008-09-12 02:34:56 +04:00
if ( ac - > req - > timeout ) {
2009-01-21 11:16:45 +03:00
req - > time_event = tevent_add_timer ( ac - > ildb - > event_ctx , ac ,
timeval_current_ofs ( ac - > req - > timeout , 0 ) ,
ildb_request_timeout , ac ) ;
2006-02-22 04:31:35 +03:00
}
2006-08-01 06:25:05 +04:00
req - > async . fn = ildb_callback ;
2008-09-12 02:34:56 +04:00
req - > async . private_data = ac ;
2006-02-22 04:31:35 +03:00
return LDB_SUCCESS ;
2006-08-01 06:25:05 +04:00
}
2005-06-17 06:47:26 +04:00
/*
2006-02-22 04:31:35 +03:00
search for matching records using an asynchronous function
*/
2008-09-12 02:34:56 +04:00
static int ildb_search ( struct ildb_context * ac )
2005-06-17 06:47:26 +04:00
{
2009-01-30 02:39:30 +03:00
struct ldb_context * ldb ;
2008-09-12 02:34:56 +04:00
struct ldb_request * req = ac - > req ;
2006-02-22 04:31:35 +03:00
struct ldap_message * msg ;
int n ;
2005-06-17 06:47:26 +04:00
2009-01-30 02:39:30 +03:00
ldb = ldb_module_get_ctx ( ac - > module ) ;
2006-07-22 21:21:59 +04:00
if ( ! req - > callback | | ! req - > context ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Async interface called with NULL callback function or NULL context " ) ;
2006-02-22 04:31:35 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
2005-06-18 13:01:09 +04:00
}
2008-06-15 19:15:12 +04:00
2006-05-29 05:30:02 +04:00
if ( req - > op . search . tree = = NULL ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Invalid expression parse tree " ) ;
2006-02-22 04:31:35 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
}
2006-12-12 21:14:31 +03:00
msg = new_ldap_message ( req ) ;
2006-02-22 04:31:35 +03:00
if ( msg = = NULL ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Out of Memory " ) ;
2006-02-22 04:31:35 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
}
msg - > type = LDAP_TAG_SearchRequest ;
2006-05-29 05:30:02 +04:00
if ( req - > op . search . base = = NULL ) {
2006-08-25 10:45:47 +04:00
msg - > r . SearchRequest . basedn = talloc_strdup ( msg , " " ) ;
2005-08-18 19:02:01 +04:00
} else {
2008-12-16 10:25:44 +03:00
msg - > r . SearchRequest . basedn = ldb_dn_get_extended_linearized ( msg , req - > op . search . base , 0 ) ;
2005-08-18 19:02:01 +04:00
}
2006-02-22 04:31:35 +03:00
if ( msg - > r . SearchRequest . basedn = = NULL ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Unable to determine baseDN " ) ;
2006-02-22 04:31:35 +03:00
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
2005-10-04 09:41:05 +04:00
}
2006-02-22 04:31:35 +03:00
2006-05-29 05:30:02 +04:00
if ( req - > op . search . scope = = LDB_SCOPE_DEFAULT ) {
2006-02-22 04:31:35 +03:00
msg - > r . SearchRequest . scope = LDB_SCOPE_SUBTREE ;
} else {
2006-05-29 05:30:02 +04:00
msg - > r . SearchRequest . scope = req - > op . search . scope ;
2005-11-08 03:11:45 +03:00
}
2008-06-15 19:15:12 +04:00
2006-02-22 04:31:35 +03:00
msg - > r . SearchRequest . deref = LDAP_DEREFERENCE_NEVER ;
msg - > r . SearchRequest . timelimit = 0 ;
msg - > r . SearchRequest . sizelimit = 0 ;
msg - > r . SearchRequest . attributesonly = 0 ;
2006-05-30 23:09:34 +04:00
msg - > r . SearchRequest . tree = discard_const ( req - > op . search . tree ) ;
2008-06-15 19:15:12 +04:00
2006-05-29 05:30:02 +04:00
for ( n = 0 ; req - > op . search . attrs & & req - > op . search . attrs [ n ] ; n + + ) /* noop */ ;
2006-02-22 04:31:35 +03:00
msg - > r . SearchRequest . num_attributes = n ;
2009-02-13 13:38:21 +03:00
msg - > r . SearchRequest . attributes = req - > op . search . attrs ;
2006-05-29 05:30:02 +04:00
msg - > controls = req - > controls ;
2005-11-08 03:11:45 +03:00
2008-09-12 02:34:56 +04:00
return ildb_request_send ( ac , msg ) ;
2006-02-22 04:31:35 +03:00
}
/*
add a record
*/
2008-09-12 02:34:56 +04:00
static int ildb_add ( struct ildb_context * ac )
2006-02-22 04:31:35 +03:00
{
2008-09-12 02:34:56 +04:00
struct ldb_request * req = ac - > req ;
2006-02-22 04:31:35 +03:00
struct ldap_message * msg ;
struct ldap_mod * * mods ;
int i , n ;
2005-06-17 06:47:26 +04:00
2006-12-12 21:14:31 +03:00
msg = new_ldap_message ( req ) ;
2006-02-22 04:31:35 +03:00
if ( msg = = NULL ) {
return LDB_ERR_OPERATIONS_ERROR ;
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > type = LDAP_TAG_AddRequest ;
2006-01-06 07:01:23 +03:00
2008-12-16 10:25:44 +03:00
msg - > r . AddRequest . dn = ldb_dn_get_extended_linearized ( msg , req - > op . add . message - > dn , 0 ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . AddRequest . dn = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_INVALID_DN_SYNTAX ;
2006-01-06 07:01:23 +03:00
}
2006-05-29 05:30:02 +04:00
mods = ildb_msg_to_mods ( msg , & n , req - > op . add . message , 0 ) ;
2006-02-22 04:31:35 +03:00
if ( mods = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > r . AddRequest . num_attributes = n ;
msg - > r . AddRequest . attributes = talloc_array ( msg , struct ldb_message_element , n ) ;
if ( msg - > r . AddRequest . attributes = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
}
for ( i = 0 ; i < n ; i + + ) {
msg - > r . AddRequest . attributes [ i ] = mods [ i ] - > attrib ;
}
2009-11-18 19:47:29 +03:00
msg - > controls = req - > controls ;
2006-02-22 04:31:35 +03:00
2008-09-12 02:34:56 +04:00
return ildb_request_send ( ac , msg ) ;
2005-06-17 06:47:26 +04:00
}
/*
2006-02-22 04:31:35 +03:00
modify a record
2005-06-17 06:47:26 +04:00
*/
2008-09-12 02:34:56 +04:00
static int ildb_modify ( struct ildb_context * ac )
2005-06-17 06:47:26 +04:00
{
2008-09-12 02:34:56 +04:00
struct ldb_request * req = ac - > req ;
2006-02-22 04:31:35 +03:00
struct ldap_message * msg ;
2005-06-17 06:47:26 +04:00
struct ldap_mod * * mods ;
2006-02-22 04:31:35 +03:00
int i , n ;
2005-06-17 06:47:26 +04:00
2006-12-12 21:14:31 +03:00
msg = new_ldap_message ( req ) ;
2006-02-22 04:31:35 +03:00
if ( msg = = NULL ) {
return LDB_ERR_OPERATIONS_ERROR ;
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > type = LDAP_TAG_ModifyRequest ;
2008-12-16 10:25:44 +03:00
msg - > r . ModifyRequest . dn = ldb_dn_get_extended_linearized ( msg , req - > op . mod . message - > dn , 0 ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . ModifyRequest . dn = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_INVALID_DN_SYNTAX ;
2005-06-17 06:47:26 +04:00
}
2006-05-29 05:30:02 +04:00
mods = ildb_msg_to_mods ( msg , & n , req - > op . mod . message , 1 ) ;
2006-02-22 04:31:35 +03:00
if ( mods = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > r . ModifyRequest . num_mods = n ;
msg - > r . ModifyRequest . mods = talloc_array ( msg , struct ldap_mod , n ) ;
if ( msg - > r . ModifyRequest . mods = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
}
for ( i = 0 ; i < n ; i + + ) {
msg - > r . ModifyRequest . mods [ i ] = * mods [ i ] ;
}
2009-11-18 19:47:29 +03:00
msg - > controls = req - > controls ;
2008-09-12 02:34:56 +04:00
return ildb_request_send ( ac , msg ) ;
2005-06-17 06:47:26 +04:00
}
/*
2006-02-22 04:31:35 +03:00
delete a record
2005-06-17 06:47:26 +04:00
*/
2008-09-12 02:34:56 +04:00
static int ildb_delete ( struct ildb_context * ac )
2005-06-17 06:47:26 +04:00
{
2008-09-12 02:34:56 +04:00
struct ldb_request * req = ac - > req ;
2006-02-22 04:31:35 +03:00
struct ldap_message * msg ;
2006-12-12 21:14:31 +03:00
msg = new_ldap_message ( req ) ;
2006-02-22 04:31:35 +03:00
if ( msg = = NULL ) {
2005-10-31 05:13:02 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
2005-08-18 19:02:01 +04:00
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > type = LDAP_TAG_DelRequest ;
2008-06-15 19:15:12 +04:00
2008-12-16 10:25:44 +03:00
msg - > r . DelRequest . dn = ldb_dn_get_extended_linearized ( msg , req - > op . del . dn , 0 ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . DelRequest . dn = = NULL ) {
talloc_free ( msg ) ;
2005-10-31 05:13:02 +03:00
return LDB_ERR_INVALID_DN_SYNTAX ;
2005-08-18 19:02:01 +04:00
}
2009-11-18 19:47:29 +03:00
msg - > controls = req - > controls ;
2005-08-18 19:02:01 +04:00
2008-09-12 02:34:56 +04:00
return ildb_request_send ( ac , msg ) ;
2006-02-22 04:31:35 +03:00
}
2005-06-17 06:47:26 +04:00
/*
2006-02-22 04:31:35 +03:00
rename a record
2005-06-17 06:47:26 +04:00
*/
2008-09-12 02:34:56 +04:00
static int ildb_rename ( struct ildb_context * ac )
2005-06-17 06:47:26 +04:00
{
2008-09-12 02:34:56 +04:00
struct ldb_request * req = ac - > req ;
2006-02-22 04:31:35 +03:00
struct ldap_message * msg ;
2009-10-02 23:26:12 +04:00
const char * rdn_name ;
const struct ldb_val * rdn_val ;
2006-02-22 04:31:35 +03:00
2006-12-12 21:14:31 +03:00
msg = new_ldap_message ( req ) ;
2006-02-22 04:31:35 +03:00
if ( msg = = NULL ) {
2005-10-31 05:13:02 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
2005-08-18 19:02:01 +04:00
}
2006-02-22 04:31:35 +03:00
msg - > type = LDAP_TAG_ModifyDNRequest ;
2008-12-16 10:25:44 +03:00
msg - > r . ModifyDNRequest . dn = ldb_dn_get_extended_linearized ( msg , req - > op . rename . olddn , 0 ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . ModifyDNRequest . dn = = NULL ) {
talloc_free ( msg ) ;
2005-10-31 05:13:02 +03:00
return LDB_ERR_INVALID_DN_SYNTAX ;
2005-08-18 19:02:01 +04:00
}
2005-06-17 06:47:26 +04:00
2009-10-02 23:26:12 +04:00
rdn_name = ldb_dn_get_rdn_name ( req - > op . rename . newdn ) ;
rdn_val = ldb_dn_get_rdn_val ( req - > op . rename . newdn ) ;
if ( ( rdn_name ! = NULL ) & & ( rdn_val ! = NULL ) ) {
msg - > r . ModifyDNRequest . newrdn =
talloc_asprintf ( msg , " %s=%s " , rdn_name ,
ldb_dn_escape_value ( msg , * rdn_val ) ) ;
} else {
msg - > r . ModifyDNRequest . newrdn = talloc_strdup ( msg , " " ) ;
}
2006-02-22 04:31:35 +03:00
if ( msg - > r . ModifyDNRequest . newrdn = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_OPERATIONS_ERROR ;
}
2005-06-17 06:47:26 +04:00
2006-02-22 04:31:35 +03:00
msg - > r . ModifyDNRequest . newsuperior =
2006-11-22 05:05:19 +03:00
ldb_dn_alloc_linearized ( msg , ldb_dn_get_parent ( msg , req - > op . rename . newdn ) ) ;
2006-02-22 04:31:35 +03:00
if ( msg - > r . ModifyDNRequest . newsuperior = = NULL ) {
talloc_free ( msg ) ;
return LDB_ERR_INVALID_DN_SYNTAX ;
}
2007-10-05 22:03:01 +04:00
msg - > r . ModifyDNRequest . deleteolddn = true ;
2009-11-18 19:47:29 +03:00
msg - > controls = req - > controls ;
2006-02-22 04:31:35 +03:00
2008-09-12 02:34:56 +04:00
return ildb_request_send ( ac , msg ) ;
2006-02-22 04:31:35 +03:00
}
2005-09-17 23:25:50 +04:00
static int ildb_start_trans ( struct ldb_module * module )
2005-06-17 06:47:26 +04:00
{
/* TODO implement a local locking mechanism here */
2006-05-30 03:46:43 +04:00
return LDB_SUCCESS ;
2005-06-17 06:47:26 +04:00
}
2005-09-24 19:42:15 +04:00
static int ildb_end_trans ( struct ldb_module * module )
2005-06-17 06:47:26 +04:00
{
2005-09-17 23:25:50 +04:00
/* TODO implement a local transaction mechanism here */
2005-06-17 06:47:26 +04:00
2006-05-30 03:46:43 +04:00
return LDB_SUCCESS ;
2005-09-24 19:42:15 +04:00
}
static int ildb_del_trans ( struct ldb_module * module )
{
/* TODO implement a local locking mechanism here */
2006-05-30 03:46:43 +04:00
return LDB_SUCCESS ;
2005-06-17 06:47:26 +04:00
}
2008-09-12 02:34:56 +04:00
static bool ildb_dn_is_special ( struct ldb_request * req )
2005-11-08 03:11:45 +03:00
{
2008-09-12 02:34:56 +04:00
struct ldb_dn * dn = NULL ;
switch ( req - > operation ) {
case LDB_ADD :
dn = req - > op . add . message - > dn ;
break ;
case LDB_MODIFY :
dn = req - > op . mod . message - > dn ;
break ;
case LDB_DELETE :
dn = req - > op . del . dn ;
break ;
case LDB_RENAME :
dn = req - > op . rename . olddn ;
break ;
default :
break ;
}
if ( dn & & ldb_dn_is_special ( dn ) ) {
return true ;
}
return false ;
2005-11-08 03:11:45 +03:00
}
2008-09-12 02:34:56 +04:00
static int ildb_handle_request ( struct ldb_module * module , struct ldb_request * req )
2005-06-18 13:48:17 +04:00
{
2009-01-30 02:39:30 +03:00
struct ldb_context * ldb ;
2008-09-12 02:34:56 +04:00
struct ildb_private * ildb ;
struct ildb_context * ac ;
2008-12-29 22:24:57 +03:00
struct tevent_timer * te ;
2008-09-12 02:34:56 +04:00
int ret ;
2009-01-30 02:39:30 +03:00
ildb = talloc_get_type ( ldb_module_get_private ( module ) , struct ildb_private ) ;
ldb = ldb_module_get_ctx ( module ) ;
2006-02-22 04:31:35 +03:00
2008-09-12 02:34:56 +04:00
if ( req - > starttime = = 0 | | req - > timeout = = 0 ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Invalid timeout settings " ) ;
2008-09-12 02:34:56 +04:00
return LDB_ERR_TIME_LIMIT_EXCEEDED ;
2006-03-10 18:27:16 +03:00
}
2008-09-12 02:34:56 +04:00
ac = talloc_zero ( req , struct ildb_context ) ;
if ( ac = = NULL ) {
2009-01-30 02:39:30 +03:00
ldb_set_errstring ( ldb , " Out of Memory " ) ;
2006-02-22 04:31:35 +03:00
return LDB_ERR_OPERATIONS_ERROR ;
2005-06-18 13:48:17 +04:00
}
2008-09-12 02:34:56 +04:00
ac - > module = module ;
ac - > req = req ;
ac - > ildb = ildb ;
if ( ildb_dn_is_special ( req ) ) {
2006-02-28 07:37:47 +03:00
2009-01-21 11:16:45 +03:00
te = tevent_add_timer ( ac - > ildb - > event_ctx ,
ac , timeval_zero ( ) ,
ildb_auto_done_callback , ac ) ;
2008-09-12 02:34:56 +04:00
if ( NULL = = te ) {
return LDB_ERR_OPERATIONS_ERROR ;
2006-02-22 04:31:35 +03:00
}
2008-09-12 02:34:56 +04:00
return LDB_SUCCESS ;
}
switch ( ac - > req - > operation ) {
case LDB_SEARCH :
ret = ildb_search ( ac ) ;
2006-02-22 04:31:35 +03:00
break ;
2008-09-12 02:34:56 +04:00
case LDB_ADD :
ret = ildb_add ( ac ) ;
break ;
case LDB_MODIFY :
ret = ildb_modify ( ac ) ;
break ;
case LDB_DELETE :
ret = ildb_delete ( ac ) ;
break ;
case LDB_RENAME :
ret = ildb_rename ( ac ) ;
2006-02-22 04:31:35 +03:00
break ;
default :
2008-09-12 02:34:56 +04:00
/* no other op supported */
ret = LDB_ERR_OPERATIONS_ERROR ;
break ;
2006-02-22 04:31:35 +03:00
}
2008-06-15 19:15:12 +04:00
2008-09-12 02:34:56 +04:00
return ret ;
2006-02-22 04:31:35 +03:00
}
2005-06-18 13:48:17 +04:00
2006-02-28 07:37:47 +03:00
static const struct ldb_module_ops ildb_ops = {
. name = " ldap " ,
2008-09-12 02:34:56 +04:00
. search = ildb_handle_request ,
. add = ildb_handle_request ,
. modify = ildb_handle_request ,
. del = ildb_handle_request ,
. rename = ildb_handle_request ,
/* .request = ildb_handle_request, */
2006-02-28 07:37:47 +03:00
. start_transaction = ildb_start_trans ,
. end_transaction = ildb_end_trans ,
. del_transaction = ildb_del_trans ,
} ;
2005-06-17 06:47:26 +04:00
/*
connect to the database
*/
2008-06-15 19:15:12 +04:00
static int ildb_connect ( struct ldb_context * ldb , const char * url ,
2006-06-08 01:03:38 +04:00
unsigned int flags , const char * options [ ] ,
2006-12-12 19:56:53 +03:00
struct ldb_module * * _module )
2005-06-17 06:47:26 +04:00
{
2006-12-12 19:56:53 +03:00
struct ldb_module * module ;
struct ildb_private * ildb ;
2005-06-17 06:47:26 +04:00
NTSTATUS status ;
2005-10-01 03:46:41 +04:00
struct cli_credentials * creds ;
2009-02-13 13:38:21 +03:00
struct loadparm_context * lp_ctx ;
2005-06-17 06:47:26 +04:00
2009-01-30 02:39:30 +03:00
module = ldb_module_new ( ldb , ldb , " ldb_ildap backend " , & ildb_ops ) ;
2009-10-23 19:23:44 +04:00
if ( ! module ) return LDB_ERR_OPERATIONS_ERROR ;
2006-12-12 19:56:53 +03:00
ildb = talloc ( module , struct ildb_private ) ;
2005-06-17 06:47:26 +04:00
if ( ! ildb ) {
2005-06-18 11:42:21 +04:00
ldb_oom ( ldb ) ;
2005-06-17 06:47:26 +04:00
goto failed ;
}
2009-01-30 02:39:30 +03:00
ldb_module_set_private ( module , ildb ) ;
2008-04-22 01:58:23 +04:00
2008-09-12 02:34:56 +04:00
ildb - > event_ctx = ldb_get_event_context ( ldb ) ;
2009-02-13 13:38:21 +03:00
lp_ctx = talloc_get_type ( ldb_get_opaque ( ldb , " loadparm " ) ,
struct loadparm_context ) ;
2008-04-22 01:58:23 +04:00
2009-02-13 13:38:21 +03:00
ildb - > ldap = ldap4_new_connection ( ildb , lp_ctx ,
2008-09-12 02:34:56 +04:00
ildb - > event_ctx ) ;
2005-06-17 06:47:26 +04:00
if ( ! ildb - > ldap ) {
2005-06-18 11:42:21 +04:00
ldb_oom ( ldb ) ;
2005-06-17 06:47:26 +04:00
goto failed ;
}
2006-07-29 05:22:22 +04:00
if ( flags & LDB_FLG_RECONNECT ) {
2006-04-25 16:34:58 +04:00
ldap_set_reconn_params ( ildb - > ldap , 10 ) ;
}
2005-06-17 06:47:26 +04:00
status = ldap_connect ( ildb - > ldap , url ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-07-11 00:44:27 +04:00
ldb_debug ( ldb , LDB_DEBUG_ERROR , " Failed to connect to ldap URL '%s' - %s " ,
2007-03-08 09:23:39 +03:00
url , ldap_errstr ( ildb - > ldap , module , status ) ) ;
2005-06-17 06:47:26 +04:00
goto failed ;
}
2005-10-01 03:46:41 +04:00
/* caller can optionally setup credentials using the opaque token 'credentials' */
2005-11-05 14:13:22 +03:00
creds = talloc_get_type ( ldb_get_opaque ( ldb , " credentials " ) , struct cli_credentials ) ;
2005-10-01 03:46:41 +04:00
if ( creds = = NULL ) {
2005-11-05 14:13:22 +03:00
struct auth_session_info * session_info = talloc_get_type ( ldb_get_opaque ( ldb , " sessionInfo " ) , struct auth_session_info ) ;
2005-12-14 10:22:25 +03:00
if ( session_info ) {
2005-11-05 14:13:22 +03:00
creds = session_info - > credentials ;
}
2005-10-01 03:46:41 +04:00
}
if ( creds ! = NULL & & cli_credentials_authentication_requested ( creds ) ) {
2005-12-18 08:01:15 +03:00
const char * bind_dn = cli_credentials_get_bind_dn ( creds ) ;
if ( bind_dn ) {
const char * password = cli_credentials_get_password ( creds ) ;
status = ldap_bind_simple ( ildb - > ldap , bind_dn , password ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-07-11 00:44:27 +04:00
ldb_debug ( ldb , LDB_DEBUG_ERROR , " Failed to bind - %s " ,
2007-03-08 09:23:39 +03:00
ldap_errstr ( ildb - > ldap , module , status ) ) ;
2005-12-18 08:01:15 +03:00
goto failed ;
}
} else {
2009-02-13 13:38:21 +03:00
status = ldap_bind_sasl ( ildb - > ldap , creds , lp_ctx ) ;
2005-12-18 08:01:15 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-07-11 00:44:27 +04:00
ldb_debug ( ldb , LDB_DEBUG_ERROR , " Failed to bind - %s " ,
2007-03-08 09:23:39 +03:00
ldap_errstr ( ildb - > ldap , module , status ) ) ;
2005-12-18 08:01:15 +03:00
goto failed ;
}
2005-06-18 13:01:09 +04:00
}
}
2006-12-12 19:56:53 +03:00
* _module = module ;
2009-10-23 19:23:44 +04:00
return LDB_SUCCESS ;
2005-06-17 06:47:26 +04:00
failed :
2006-12-12 19:56:53 +03:00
talloc_free ( module ) ;
2009-10-23 19:23:44 +04:00
return LDB_ERR_OPERATIONS_ERROR ;
2005-06-17 06:47:26 +04:00
}
2008-02-20 06:33:43 +03:00
_PUBLIC_ const struct ldb_backend_ops ldb_ldap_backend_ops = {
2008-02-20 04:57:07 +03:00
. name = " ldap " ,
. connect_fn = ildb_connect
} ;
2008-02-29 03:06:05 +03:00
_PUBLIC_ const struct ldb_backend_ops ldb_ldapi_backend_ops = {
. name = " ldapi " ,
2008-02-20 04:57:07 +03:00
. connect_fn = ildb_connect
} ;
2008-02-20 06:33:43 +03:00
_PUBLIC_ const struct ldb_backend_ops ldb_ldaps_backend_ops = {
2008-02-20 04:57:07 +03:00
. name = " ldaps " ,
. connect_fn = ildb_connect
} ;