int ldb_load_modules(struct ldb_context *ldb, const char *options[])
{
const char **modules = NULL;
int i;
int ret;
TALLOC_CTX *mem_ctx = talloc_new(ldb);
if (!mem_ctx) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* find out which modules we are requested to activate */
/* check if we have a custom module list passd as ldb option */
if (options) {
for (i = 0; options[i] != NULL; i++) {
if (strncmp(options[i], LDB_MODULE_PREFIX, LDB_MODULE_PREFIX_LEN) == 0) {
modules = ldb_modules_list_from_string(ldb, mem_ctx, &options[i][LDB_MODULE_PREFIX_LEN]);
}
}
}
/* if not overloaded by options and the backend is not ldap try to load the modules list from ldb */
if ((modules == NULL) && (strcmp("ldap", ldb->modules->ops->name) != 0)) {
const char * const attrs[] = { "@LIST" , NULL};
struct ldb_result *res = NULL;
struct ldb_dn *mods_dn;
mods_dn = ldb_dn_new(mem_ctx, ldb, "@MODULES");
if (mods_dn == NULL) {
talloc_free(mem_ctx);
return -1;
}
ret = ldb_search(ldb, mods_dn, LDB_SCOPE_BASE, "", attrs, &res);
talloc_steal(mods_dn, res);
if (ret == LDB_SUCCESS && (res->count == 0 || res->msgs[0]->num_elements == 0)) {
ldb_debug(ldb, LDB_DEBUG_TRACE, "no modules required by the db\n");
} else {
if (ret != LDB_SUCCESS) {
ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for modules, bailing out\n", ldb_errstring(ldb));
talloc_free(mem_ctx);
return -1;
}
if (res->count > 1) {
ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found (%d), bailing out\n", res->count);
talloc_free(mem_ctx);
return -1;
}
modules = ldb_modules_list_from_string(ldb, mem_ctx,
(const char *)res->msgs[0]->elements[0].values[0].data);
}
talloc_free(mods_dn);
}
if (modules != NULL) {
ret = ldb_load_modules_list(ldb, modules, ldb->modules, &ldb->modules);
talloc_free(modules);
if (ret != LDB_SUCCESS) {
return ret;
}
} else {
ldb_debug(ldb, LDB_DEBUG_TRACE, "No modules specified for this database\n");
}
return ldb_init_module_chain(ldb, ldb->modules);
}
static int samba_dsdb_init(struct ldb_module *module)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
int ret, len, i;
TALLOC_CTX *tmp_ctx = talloc_new(module);
struct ldb_result *res;
struct ldb_message *rootdse_msg, *partition_msg;
struct ldb_dn *samba_dsdb_dn;
struct ldb_module *backend_module, *module_chain;
const char **final_module_list, **reverse_module_list;
/*
Add modules to the list to activate them by default
beware often order is important
Some Known ordering constraints:
- rootdse must be first, as it makes redirects from "" -> cn=rootdse
- extended_dn_in must be before objectclass.c, as it resolves the DN
- objectclass must be before password_hash, because password_hash checks
that the objectclass is of type person (filled in by objectclass
module when expanding the objectclass list)
- partition must be last
- each partition has its own module list then
The list is presented here as a set of declarations to show the
stack visually - the code below then handles the creation of the list
based on the parameters loaded from the database.
*/
static const char *modules_list[] = {"resolve_oids",
"rootdse",
"lazy_commit",
"paged_results",
"ranged_results",
"anr",
"server_sort",
"asq",
"extended_dn_store",
"extended_dn_in",
"rdn_name",
"objectclass",
"descriptor",
"acl",
"samldb",
"password_hash",
"operational",
"kludge_acl",
"schema_load",
"instancetype",
NULL };
const char *objectguid_module;
/* if serverrole == "domain controller": */
const char *repl_meta_data = "repl_meta_data";
/* else: */
const char *objectguid = "objectguid";
const char **link_modules;
static const char *tdb_modules_list[] = {
"subtree_rename",
"subtree_delete",
"linked_attributes",
NULL};
const char *extended_dn_module;
const char *extended_dn_module_ldb = "extended_dn_out_ldb";
const char *extended_dn_module_fds = "extended_dn_out_fds";
const char *extended_dn_module_openldap = "extended_dn_out_openldap";
static const char *modules_list2[] = {"show_deleted",
"new_partition",
"partition",
NULL };
const char **backend_modules;
static const char *fedora_ds_backend_modules[] = {
"nsuniqueid", "paged_searches", NULL };
static const char *openldap_backend_modules[] = {
"entryuuid", "paged_searches", NULL };
static const char *samba_dsdb_attrs[] = { "backendType", "serverRole", NULL };
const char *backendType, *serverRole;
if (!tmp_ctx) {
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
samba_dsdb_dn = ldb_dn_new(tmp_ctx, ldb, "@SAMBA_DSDB");
if (!samba_dsdb_dn) {
talloc_free(tmp_ctx);
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
#define CHECK_LDB_RET(check_ret) \
do { \
if (check_ret != LDB_SUCCESS) { \
talloc_free(tmp_ctx); \
return check_ret; \
} \
} while (0)
ret = dsdb_module_search_dn(module, tmp_ctx, &res, samba_dsdb_dn, samba_dsdb_attrs, 0);
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
backendType = "ldb";
serverRole = "domain controller";
} else if (ret == LDB_SUCCESS) {
backendType = ldb_msg_find_attr_as_string(res->msgs[0], "backendType", "ldb");
serverRole = ldb_msg_find_attr_as_string(res->msgs[0], "serverRole", "domain controller");
} else {
talloc_free(tmp_ctx);
return ret;
}
backend_modules = NULL;
if (strcasecmp(backendType, "ldb") == 0) {
if (strcasecmp(serverRole, "dc") == 0 || strcasecmp(serverRole, "domain controller") == 0) {
objectguid_module = repl_meta_data;
} else {
objectguid_module = objectguid;
}
extended_dn_module = extended_dn_module_ldb;
link_modules = tdb_modules_list;
} else {
objectguid_module = NULL;
link_modules = NULL;
if (strcasecmp(backendType, "fedora-ds") == 0) {
backend_modules = fedora_ds_backend_modules;
extended_dn_module = extended_dn_module_fds;
} else if (strcasecmp(backendType, "openldap") == 0) {
backend_modules = openldap_backend_modules;
extended_dn_module = extended_dn_module_openldap;
}
}
#define CHECK_MODULE_LIST \
do { \
if (!final_module_list) { \
talloc_free(tmp_ctx); \
ldb_oom(ldb); \
return LDB_ERR_OPERATIONS_ERROR; \
} \
} while (0)
final_module_list = str_list_copy_const(tmp_ctx, modules_list);
CHECK_MODULE_LIST;
final_module_list = str_list_add_const(final_module_list, objectguid_module);
CHECK_MODULE_LIST;
final_module_list = str_list_append_const(final_module_list, link_modules);
CHECK_MODULE_LIST;
final_module_list = str_list_add_const(final_module_list, extended_dn_module);
CHECK_MODULE_LIST;
final_module_list = str_list_append_const(final_module_list, modules_list2);
CHECK_MODULE_LIST;
ret = read_at_rootdse_record(ldb, module, tmp_ctx, &rootdse_msg);
CHECK_LDB_RET(ret);
partition_msg = ldb_msg_new(tmp_ctx);
partition_msg->dn = ldb_dn_new(partition_msg, ldb, "@" DSDB_OPAQUE_PARTITION_MODULE_MSG_OPAQUE_NAME);
ret = prepare_modules_line(ldb, tmp_ctx,
rootdse_msg,
partition_msg, "defaultNamingContext",
"pdc_fsmo", backend_modules);
CHECK_LDB_RET(ret);
ret = prepare_modules_line(ldb, tmp_ctx,
rootdse_msg,
partition_msg, "configurationNamingContext",
"naming_fsmo", backend_modules);
CHECK_LDB_RET(ret);
ret = prepare_modules_line(ldb, tmp_ctx,
rootdse_msg,
partition_msg, "schemaNamingContext",
"schema_data", backend_modules);
CHECK_LDB_RET(ret);
ret = prepare_modules_line(ldb, tmp_ctx,
rootdse_msg,
partition_msg, NULL,
NULL, backend_modules);
CHECK_LDB_RET(ret);
ret = ldb_set_opaque(ldb, DSDB_OPAQUE_PARTITION_MODULE_MSG_OPAQUE_NAME, partition_msg);
CHECK_LDB_RET(ret);
talloc_steal(ldb, partition_msg);
/* Now prepare the module chain. Oddly, we must give it to ldb_load_modules_list in REVERSE */
for (len = 0; final_module_list[len]; len++) { /* noop */};
reverse_module_list = talloc_array(tmp_ctx, const char *, len+1);
if (!reverse_module_list) {
talloc_free(tmp_ctx);
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
for (i=0; i < len; i++) {
reverse_module_list[i] = final_module_list[(len - 1) - i];
}
reverse_module_list[i] = NULL;
/* The backend (at least until the partitions module
* reconfigures things) is the next module in the currently
* loaded chain */
backend_module = module->next;
ret = ldb_load_modules_list(ldb, reverse_module_list, backend_module, &module_chain);
CHECK_LDB_RET(ret);
talloc_free(tmp_ctx);
/* Set this as the 'next' module, so that we effectivly append it to module chain */
module->next = module_chain;
return ldb_next_init(module);
}
