/* Modify the local record. */
static int map_modify_do_local(struct map_context *ac)
{
struct ldb_request *local_req;
struct ldb_context *ldb;
int ret;
ldb = ldb_module_get_ctx(ac->module);
if (ac->local_dn == NULL) {
/* No local record present, add it instead */
/* Add local 'IS_MAPPED' */
/* TODO: use GUIDs here instead */
if (ldb_msg_add_empty(ac->local_msg, IS_MAPPED,
LDB_FLAG_MOD_ADD, NULL) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
ret = ldb_msg_add_linearized_dn(ac->local_msg, IS_MAPPED,
ac->remote_req->op.mod.message->dn);
if (ret != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare the local operation */
ret = ldb_build_add_req(&local_req, ldb, ac,
ac->local_msg,
ac->req->controls,
ac,
map_op_local_callback,
ac->req);
LDB_REQ_SET_LOCATION(local_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
} else {
/* Prepare the local operation */
ret = ldb_build_mod_req(&local_req, ldb, ac,
ac->local_msg,
ac->req->controls,
ac,
map_op_local_callback,
ac->req);
LDB_REQ_SET_LOCATION(local_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
}
return ldb_next_request(ac->module, local_req);
}
/* Rename the local record. */
static int map_rename_do_local(struct map_context *ac)
{
struct ldb_request *local_req;
struct ldb_context *ldb;
int ret;
ldb = ldb_module_get_ctx(ac->module);
/* No local record, continue remotely */
if (ac->local_dn == NULL) {
/* Do the remote request. */
return ldb_next_remote_request(ac->module, ac->remote_req);
}
/* Prepare the local operation */
ret = ldb_build_rename_req(&local_req, ldb, ac,
ac->req->op.rename.olddn,
ac->req->op.rename.newdn,
ac->req->controls,
ac,
map_rename_local_callback,
ac->req);
LDB_REQ_SET_LOCATION(local_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
return ldb_next_request(ac->module, local_req);
}
/* Rename a record. */
int ldb_map_rename(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_request *search_req = NULL;
struct ldb_context *ldb;
struct map_context *ac;
int ret;
ldb = ldb_module_get_ctx(module);
/* Do not manipulate our control entries */
if (ldb_dn_is_special(req->op.rename.olddn)) {
return ldb_next_request(module, req);
}
/* No mapping requested (perhaps no DN mapping specified).
* Skip to next module */
if ((!ldb_dn_check_local(module, req->op.rename.olddn)) &&
(!ldb_dn_check_local(module, req->op.rename.newdn))) {
return ldb_next_request(module, req);
}
/* Rename into/out of the mapped partition requested, bail out */
if (!ldb_dn_check_local(module, req->op.rename.olddn) ||
!ldb_dn_check_local(module, req->op.rename.newdn)) {
return LDB_ERR_AFFECTS_MULTIPLE_DSAS;
}
/* Prepare context and handle */
ac = map_init_context(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare the remote operation */
ret = ldb_build_rename_req(&ac->remote_req, ldb, ac,
ldb_dn_map_local(module, ac, req->op.rename.olddn),
ldb_dn_map_local(module, ac, req->op.rename.newdn),
req->controls,
ac, map_op_remote_callback,
req);
LDB_REQ_SET_LOCATION(ac->remote_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* No local db, just run the remote request */
if (!map_check_local_db(ac->module)) {
/* Do the remote request. */
return ldb_next_remote_request(ac->module, ac->remote_req);
}
/* Prepare the search operation */
ret = map_search_self_req(&search_req, ac, req->op.rename.olddn);
if (ret != LDB_SUCCESS) {
map_oom(module);
return LDB_ERR_OPERATIONS_ERROR;
}
return ldb_next_request(module, search_req);
}
/* Add the local record. */
static int map_add_do_local(struct map_context *ac)
{
struct ldb_request *local_req;
struct ldb_context *ldb;
int ret;
ldb = ldb_module_get_ctx(ac->module);
/* Prepare the local operation */
ret = ldb_build_add_req(&local_req, ldb, ac,
ac->local_msg,
ac->req->controls,
ac,
map_op_local_callback,
ac->req);
LDB_REQ_SET_LOCATION(local_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
return ldb_next_request(ac->module, local_req);
}
/*
search for attrs on one DN, in the modules below
*/
int dsdb_module_search_dn(struct ldb_module *module,
TALLOC_CTX *mem_ctx,
struct ldb_result **_res,
struct ldb_dn *basedn,
const char * const *attrs,
uint32_t dsdb_flags,
struct ldb_request *parent)
{
int ret;
struct ldb_request *req;
TALLOC_CTX *tmp_ctx;
struct ldb_result *res;
tmp_ctx = talloc_new(mem_ctx);
res = talloc_zero(tmp_ctx, struct ldb_result);
if (!res) {
talloc_free(tmp_ctx);
return ldb_oom(ldb_module_get_ctx(module));
}
ret = ldb_build_search_req(&req, ldb_module_get_ctx(module), tmp_ctx,
basedn,
LDB_SCOPE_BASE,
NULL,
attrs,
NULL,
res,
ldb_search_default_callback,
parent);
LDB_REQ_SET_LOCATION(req);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
}
ret = dsdb_request_add_controls(req, dsdb_flags);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
}
if (dsdb_flags & DSDB_FLAG_TRUSTED) {
ldb_req_mark_trusted(req);
}
/* Run the new request */
if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) {
ret = ldb_next_request(module, req);
} else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) {
ret = ldb_request(ldb_module_get_ctx(module), req);
} else {
const struct ldb_module_ops *ops = ldb_module_get_ops(module);
SMB_ASSERT(dsdb_flags & DSDB_FLAG_OWN_MODULE);
ret = ops->search(module, req);
}
if (ret == LDB_SUCCESS) {
ret = ldb_wait(req->handle, LDB_WAIT_ALL);
}
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
}
if (res->count != 1) {
/* we may be reading a DB that does not have the 'check base on search' option... */
ret = LDB_ERR_NO_SUCH_OBJECT;
ldb_asprintf_errstring(ldb_module_get_ctx(module),
"dsdb_module_search_dn: did not find base dn %s (%d results)",
ldb_dn_get_linearized(basedn), res->count);
} else {
*_res = talloc_steal(mem_ctx, res);
}
talloc_free(tmp_ctx);
return ret;
}
int dsdb_module_search_tree(struct ldb_module *module,
TALLOC_CTX *mem_ctx,
struct ldb_result **_res,
struct ldb_dn *basedn,
enum ldb_scope scope,
struct ldb_parse_tree *tree,
const char * const *attrs,
int dsdb_flags,
struct ldb_request *parent)
{
int ret;
struct ldb_request *req;
TALLOC_CTX *tmp_ctx;
struct ldb_result *res;
tmp_ctx = talloc_new(mem_ctx);
/* cross-partitions searches with a basedn break multi-domain support */
SMB_ASSERT(basedn == NULL || (dsdb_flags & DSDB_SEARCH_SEARCH_ALL_PARTITIONS) == 0);
res = talloc_zero(tmp_ctx, struct ldb_result);
if (!res) {
talloc_free(tmp_ctx);
return ldb_oom(ldb_module_get_ctx(module));
}
ret = ldb_build_search_req_ex(&req, ldb_module_get_ctx(module), tmp_ctx,
basedn,
scope,
tree,
attrs,
NULL,
res,
ldb_search_default_callback,
parent);
LDB_REQ_SET_LOCATION(req);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
}
ret = dsdb_request_add_controls(req, dsdb_flags);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
}
if (dsdb_flags & DSDB_FLAG_TRUSTED) {
ldb_req_mark_trusted(req);
}
if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) {
ret = ldb_next_request(module, req);
} else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) {
ret = ldb_request(ldb_module_get_ctx(module), req);
} else {
const struct ldb_module_ops *ops = ldb_module_get_ops(module);
SMB_ASSERT(dsdb_flags & DSDB_FLAG_OWN_MODULE);
ret = ops->search(module, req);
}
if (ret == LDB_SUCCESS) {
ret = ldb_wait(req->handle, LDB_WAIT_ALL);
}
talloc_free(req);
if (ret == LDB_SUCCESS) {
*_res = talloc_steal(mem_ctx, res);
}
talloc_free(tmp_ctx);
return ret;
}
/* add_record: add instancetype attribute */
static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
struct ldb_request *down_req;
struct ldb_message *msg;
struct ldb_message_element *el;
uint32_t instanceType;
int ret;
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.add.message->dn)) {
return ldb_next_request(module, req);
}
ldb_debug(ldb, LDB_DEBUG_TRACE, "instancetype_add\n");
el = ldb_msg_find_element(req->op.add.message, "instanceType");
if (el != NULL) {
if (el->num_values != 1) {
ldb_set_errstring(ldb, "instancetype: the 'instanceType' attribute is single-valued!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
instanceType = ldb_msg_find_attr_as_uint(req->op.add.message,
"instanceType", 0);
if (!(instanceType & INSTANCE_TYPE_IS_NC_HEAD)) {
/*
* If we have no NC add operation (no TYPE_IS_NC_HEAD)
* then "instanceType" can only be "0" or "TYPE_WRITE".
*/
if ((instanceType != 0) &&
((instanceType & INSTANCE_TYPE_WRITE) == 0)) {
ldb_set_errstring(ldb, "instancetype: if TYPE_IS_NC_HEAD wasn't set, then only TYPE_WRITE or 0 are allowed!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
} else {
/*
* If we have a NC add operation then we need also the
* "TYPE_WRITE" flag in order to succeed,
* unless this NC is not instantiated
*/
if (!(instanceType & INSTANCE_TYPE_UNINSTANT) &&
!(instanceType & INSTANCE_TYPE_WRITE)) {
ldb_set_errstring(ldb, "instancetype: if TYPE_IS_NC_HEAD was set, then also TYPE_WRITE is requested!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
}
/* we did only tests, so proceed with the original request */
return ldb_next_request(module, req);
}
/* we have to copy the message as the caller might have it as a const */
msg = ldb_msg_copy_shallow(req, req->op.add.message);
if (msg == NULL) {
return ldb_oom(ldb);
}
/*
* TODO: calculate correct instance type
*/
instanceType = INSTANCE_TYPE_WRITE;
ret = samdb_msg_add_uint(ldb, msg, msg, "instanceType", instanceType);
if (ret != LDB_SUCCESS) {
return ret;
}
ret = ldb_build_add_req(&down_req, ldb, req,
msg,
req->controls,
req, dsdb_next_callback,
req);
LDB_REQ_SET_LOCATION(down_req);
if (ret != LDB_SUCCESS) {
return ret;
}
/* go on with the call chain */
return ldb_next_request(module, down_req);
}
/* Modify a record. */
int ldb_map_modify(struct ldb_module *module, struct ldb_request *req)
{
const struct ldb_message *msg = req->op.mod.message;
struct ldb_request *search_req = NULL;
struct ldb_message *remote_msg;
struct ldb_context *ldb;
struct map_context *ac;
int ret;
ldb = ldb_module_get_ctx(module);
/* Do not manipulate our control entries */
if (ldb_dn_is_special(msg->dn)) {
return ldb_next_request(module, req);
}
/* No mapping requested (perhaps no DN mapping specified), skip to next module */
if (!ldb_dn_check_local(module, msg->dn)) {
return ldb_next_request(module, req);
}
/* No mapping needed, skip to next module */
/* TODO: What if the remote part exists, the local doesn't,
* and this request wants to modify local data and thus
* add the local record? */
if (!ldb_msg_check_remote(module, msg)) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare context and handle */
ac = map_init_context(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare the local message */
ac->local_msg = ldb_msg_new(ac);
if (ac->local_msg == NULL) {
map_oom(module);
return LDB_ERR_OPERATIONS_ERROR;
}
ac->local_msg->dn = msg->dn;
/* Prepare the remote message */
remote_msg = ldb_msg_new(ac->remote_req);
if (remote_msg == NULL) {
map_oom(module);
return LDB_ERR_OPERATIONS_ERROR;
}
remote_msg->dn = ldb_dn_map_local(ac->module, remote_msg, msg->dn);
/* Split local from remote message */
ldb_msg_partition(module, req->operation, ac->local_msg, remote_msg, msg);
/* Prepare the remote operation */
ret = ldb_build_mod_req(&ac->remote_req, ldb,
ac, remote_msg,
req->controls,
ac, map_op_remote_callback,
req);
LDB_REQ_SET_LOCATION(ac->remote_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
if ((ac->local_msg->num_elements == 0) ||
( ! map_check_local_db(ac->module))) {
/* No local data or db, just run the remote request */
return ldb_next_remote_request(ac->module, ac->remote_req);
}
/* prepare the search operation */
ret = map_search_self_req(&search_req, ac, msg->dn);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
return ldb_next_request(module, search_req);
}
/* Add a record. */
int ldb_map_add(struct ldb_module *module, struct ldb_request *req)
{
const struct ldb_message *msg = req->op.add.message;
struct ldb_context *ldb;
struct map_context *ac;
struct ldb_message *remote_msg;
int ret;
ldb = ldb_module_get_ctx(module);
/* Do not manipulate our control entries */
if (ldb_dn_is_special(msg->dn)) {
return ldb_next_request(module, req);
}
/* No mapping requested (perhaps no DN mapping specified), skip to next module */
if (!ldb_dn_check_local(module, msg->dn)) {
return ldb_next_request(module, req);
}
/* No mapping needed, fail */
if (!ldb_msg_check_remote(module, msg)) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare context and handle */
ac = map_init_context(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare the local message */
ac->local_msg = ldb_msg_new(ac);
if (ac->local_msg == NULL) {
map_oom(module);
return LDB_ERR_OPERATIONS_ERROR;
}
ac->local_msg->dn = msg->dn;
/* Prepare the remote message */
remote_msg = ldb_msg_new(ac);
if (remote_msg == NULL) {
map_oom(module);
return LDB_ERR_OPERATIONS_ERROR;
}
remote_msg->dn = ldb_dn_map_local(ac->module, remote_msg, msg->dn);
/* Split local from remote message */
ldb_msg_partition(module, req->operation, ac->local_msg, remote_msg, msg);
/* Prepare the remote operation */
ret = ldb_build_add_req(&ac->remote_req, ldb,
ac, remote_msg,
req->controls,
ac, map_op_remote_callback,
req);
LDB_REQ_SET_LOCATION(ac->remote_req);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
if ((ac->local_msg->num_elements == 0) ||
( ! map_check_local_db(ac->module))) {
/* No local data or db, just run the remote request */
return ldb_next_remote_request(ac->module, ac->remote_req);
}
/* Store remote DN in 'IS_MAPPED' */
/* TODO: use GUIDs here instead */
ret = ldb_msg_add_linearized_dn(ac->local_msg, IS_MAPPED,
remote_msg->dn);
if (ret != LDB_SUCCESS) {
return LDB_ERR_OPERATIONS_ERROR;
}
return map_add_do_local(ac);
}
