static int sample_modify(struct ldb_module *mod, struct ldb_request *req)
{
struct ldb_control *control;
/* check if there's a relax control */
control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID);
if (control != NULL) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
/* not found go on */
return ldb_next_request(mod, req);
}
int sample_add(struct ldb_module *mod, struct ldb_request *req)
{
struct ldb_control *control;
struct ldb_control *controls;
ldb_msg_add_fmt(req->op.add.message, "touchedBy", "sample");
/* check if there's a relax control */
control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID);
if (control == NULL) {
/* not found go on */
return ldb_next_request(mod, req);
} else {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
}
/* deny instancetype modification */
static int instancetype_mod(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
struct ldb_message_element *el;
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.mod.message->dn)) {
return ldb_next_request(module, req);
}
ldb_debug(ldb, LDB_DEBUG_TRACE, "instancetype_mod\n");
el = ldb_msg_find_element(req->op.mod.message, "instanceType");
if (el != NULL) {
/* Except to allow dbcheck to fix things, this must never be modified */
if (!ldb_request_get_control(req, DSDB_CONTROL_DBCHECK)) {
ldb_set_errstring(ldb, "instancetype: the 'instanceType' attribute can never be changed!");
return LDB_ERR_CONSTRAINT_VIOLATION;
}
}
return ldb_next_request(module, req);
}
static int sample_add(struct ldb_module *mod, struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(mod);
struct ldb_control *control = NULL;
struct ldb_message *msg = NULL;
struct ldb_request *down_req = NULL;
int ret;
/* check if there's a relax control */
control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID);
if (control != NULL) {
return LDB_ERR_UNWILLING_TO_PERFORM;
}
msg = ldb_msg_copy_shallow(req, req->op.add.message);
if (msg == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
}
ret = ldb_msg_add_fmt(msg, "touchedBy", "sample");
if (ret != LDB_SUCCESS) {
return ret;
}
ret = ldb_build_add_req(&down_req, ldb, req,
msg,
req->controls,
req, sample_add_callback,
req);
if (ret != LDB_SUCCESS) {
return ret;
}
talloc_steal(down_req, msg);
/* go on with the call chain */
return ldb_next_request(mod, down_req);
}
/*
modify a record - internal interface
yuck - this is O(n^2). Luckily n is usually small so we probably
get away with it, but if we ever have really large attribute lists
then we'll need to look at this again
'req' is optional, and is used to specify controls if supplied
*/
int ltdb_modify_internal(struct ldb_module *module,
const struct ldb_message *msg,
struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
void *data = ldb_module_get_private(module);
struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
TDB_DATA tdb_key, tdb_data;
struct ldb_val ldb_data;
struct ldb_message *msg2;
unsigned int i, j, k;
int ret = LDB_SUCCESS, idx;
struct ldb_control *control_permissive = NULL;
if (req) {
control_permissive = ldb_request_get_control(req,
LDB_CONTROL_PERMISSIVE_MODIFY_OID);
}
tdb_key = ltdb_key(module, msg->dn);
if (!tdb_key.dptr) {
return LDB_ERR_OTHER;
}
tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
if (!tdb_data.dptr) {
talloc_free(tdb_key.dptr);
return ltdb_err_map(tdb_error(ltdb->tdb));
}
msg2 = ldb_msg_new(tdb_key.dptr);
if (msg2 == NULL) {
free(tdb_data.dptr);
ret = LDB_ERR_OTHER;
goto done;
}
ldb_data.data = tdb_data.dptr;
ldb_data.length = tdb_data.dsize;
ret = ldb_unpack_data(ldb_module_get_ctx(module), &ldb_data, msg2);
free(tdb_data.dptr);
if (ret == -1) {
ret = LDB_ERR_OTHER;
goto done;
}
if (!msg2->dn) {
msg2->dn = msg->dn;
}
for (i=0; i<msg->num_elements; i++) {
struct ldb_message_element *el = &msg->elements[i], *el2;
struct ldb_val *vals;
const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
const char *dn;
switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
case LDB_FLAG_MOD_ADD:
if (el->num_values == 0) {
ldb_asprintf_errstring(ldb,
"attribute '%s': attribute on '%s' specified, but with 0 values (illegal)",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_CONSTRAINT_VIOLATION;
goto done;
}
/* make a copy of the array so that a permissive
* control can remove duplicates without changing the
* original values, but do not copy data as we do not
* need to keep it around once the operation is
* finished */
if (control_permissive) {
el = talloc(msg2, struct ldb_message_element);
if (!el) {
ret = LDB_ERR_OTHER;
goto done;
}
*el = msg->elements[i];
el->values = talloc_array(el, struct ldb_val, el->num_values);
if (el->values == NULL) {
ret = LDB_ERR_OTHER;
goto done;
}
for (j = 0; j < el->num_values; j++) {
el->values[j] = msg->elements[i].values[j];
}
}
if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
/* Checks if element already exists */
idx = find_element(msg2, el->name);
if (idx == -1) {
if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
ret = ltdb_index_add_element(module, msg2->dn,
el);
if (ret != LDB_SUCCESS) {
goto done;
}
} else {
j = (unsigned int) idx;
el2 = &(msg2->elements[j]);
/* We cannot add another value on a existing one
if the attribute is single-valued */
if (ldb_tdb_single_valued(a, el)) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
/* Check that values don't exist yet on multi-
valued attributes or aren't provided twice */
/* TODO: This is O(n^2) - replace with more efficient check */
for (j = 0; j < el->num_values; j++) {
if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
if (control_permissive) {
/* remove this one as if it was never added */
el->num_values--;
for (k = j; k < el->num_values; k++) {
el->values[k] = el->values[k + 1];
}
j--; /* rewind */
continue;
}
ldb_asprintf_errstring(ldb,
"attribute '%s': value #%u on '%s' already exists",
el->name, j, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
ldb_asprintf_errstring(ldb,
"attribute '%s': value #%u on '%s' provided more than once",
el->name, j, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
/* Now combine existing and new values to a new
attribute record */
vals = talloc_realloc(msg2->elements,
el2->values, struct ldb_val,
el2->num_values + el->num_values);
if (vals == NULL) {
ldb_oom(ldb);
ret = LDB_ERR_OTHER;
goto done;
}
for (j=0; j<el->num_values; j++) {
vals[el2->num_values + j] =
ldb_val_dup(vals, &el->values[j]);
}
el2->values = vals;
el2->num_values += el->num_values;
ret = ltdb_index_add_element(module, msg2->dn, el);
if (ret != LDB_SUCCESS) {
goto done;
}
}
break;
case LDB_FLAG_MOD_REPLACE:
if (el->num_values > 1 && ldb_tdb_single_valued(a, el)) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
/* TODO: This is O(n^2) - replace with more efficient check */
for (j=0; j<el->num_values; j++) {
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
ldb_asprintf_errstring(ldb,
"attribute '%s': value #%u on '%s' provided more than once",
el->name, j, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
/* Checks if element already exists */
idx = find_element(msg2, el->name);
if (idx != -1) {
j = (unsigned int) idx;
el2 = &(msg2->elements[j]);
/* we consider two elements to be
* equal only if the order
* matches. This allows dbcheck to
* fix the ordering on attributes
* where order matters, such as
* objectClass
*/
if (ldb_msg_element_equal_ordered(el, el2)) {
continue;
}
/* Delete the attribute if it exists in the DB */
if (msg_delete_attribute(module, ldb, msg2,
el->name) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
}
/* Recreate it with the new values */
if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
ret = ltdb_index_add_element(module, msg2->dn, el);
if (ret != LDB_SUCCESS) {
goto done;
}
break;
case LDB_FLAG_MOD_DELETE:
dn = ldb_dn_get_linearized(msg2->dn);
if (dn == NULL) {
ret = LDB_ERR_OTHER;
goto done;
}
if (msg->elements[i].num_values == 0) {
/* Delete the whole attribute */
ret = msg_delete_attribute(module, ldb, msg2,
msg->elements[i].name);
if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
control_permissive) {
ret = LDB_SUCCESS;
} else {
ldb_asprintf_errstring(ldb,
"attribute '%s': no such attribute for delete on '%s'",
msg->elements[i].name, dn);
}
if (ret != LDB_SUCCESS) {
goto done;
}
} else {
/* Delete specified values from an attribute */
for (j=0; j < msg->elements[i].num_values; j++) {
ret = msg_delete_element(module,
msg2,
msg->elements[i].name,
&msg->elements[i].values[j]);
if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE &&
control_permissive) {
ret = LDB_SUCCESS;
} else {
ldb_asprintf_errstring(ldb,
"attribute '%s': no matching attribute value while deleting attribute on '%s'",
msg->elements[i].name, dn);
}
if (ret != LDB_SUCCESS) {
goto done;
}
}
}
break;
default:
ldb_asprintf_errstring(ldb,
"attribute '%s': invalid modify flags on '%s': 0x%x",
msg->elements[i].name, ldb_dn_get_linearized(msg->dn),
msg->elements[i].flags & LDB_FLAG_MOD_MASK);
ret = LDB_ERR_PROTOCOL_ERROR;
goto done;
}
}
ret = ltdb_store(module, msg2, TDB_MODIFY);
if (ret != LDB_SUCCESS) {
goto done;
}
ret = ltdb_modified(module, msg2->dn);
if (ret != LDB_SUCCESS) {
goto done;
}
done:
talloc_free(tdb_key.dptr);
return ret;
}
static int ltdb_handle_request(struct ldb_module *module,
struct ldb_request *req)
{
struct ldb_control *control_permissive;
struct ldb_context *ldb;
struct tevent_context *ev;
struct ltdb_context *ac;
struct tevent_timer *te;
struct timeval tv;
unsigned int i;
ldb = ldb_module_get_ctx(module);
control_permissive = ldb_request_get_control(req,
LDB_CONTROL_PERMISSIVE_MODIFY_OID);
for (i = 0; req->controls && req->controls[i]; i++) {
if (req->controls[i]->critical &&
req->controls[i] != control_permissive) {
ldb_asprintf_errstring(ldb, "Unsupported critical extension %s",
req->controls[i]->oid);
return LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION;
}
}
if (req->starttime == 0 || req->timeout == 0) {
ldb_set_errstring(ldb, "Invalid timeout settings");
return LDB_ERR_TIME_LIMIT_EXCEEDED;
}
ev = ldb_get_event_context(ldb);
ac = talloc_zero(ldb, struct ltdb_context);
if (ac == NULL) {
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
ac->module = module;
ac->req = req;
tv.tv_sec = 0;
tv.tv_usec = 0;
te = tevent_add_timer(ev, ac, tv, ltdb_callback, ac);
if (NULL == te) {
talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
if (req->timeout > 0) {
tv.tv_sec = req->starttime + req->timeout;
tv.tv_usec = 0;
ac->timeout_event = tevent_add_timer(ev, ac, tv,
ltdb_timeout, ac);
if (NULL == ac->timeout_event) {
talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
}
/* set a spy so that we do not try to use the request context
* if it is freed before ltdb_callback fires */
ac->spy = talloc(req, struct ltdb_req_spy);
if (NULL == ac->spy) {
talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
ac->spy->ctx = ac;
talloc_set_destructor((TALLOC_CTX *)ac->spy, ltdb_request_destructor);
return LDB_SUCCESS;
}
static int subtree_delete(struct ldb_module *module, struct ldb_request *req)
{
static const char * const attrs[] = { NULL };
struct ldb_result *res = NULL;
uint32_t flags;
unsigned int i;
int ret;
if (ldb_dn_is_special(req->op.del.dn)) {
/* do not manipulate our control entries */
return ldb_next_request(module, req);
}
/* see if we have any children */
ret = dsdb_module_search(module, req, &res, req->op.del.dn,
LDB_SCOPE_ONELEVEL, attrs,
DSDB_FLAG_NEXT_MODULE,
req,
"(objectClass=*)");
if (ret != LDB_SUCCESS) {
talloc_free(res);
return ret;
}
if (res->count == 0) {
talloc_free(res);
return ldb_next_request(module, req);
}
if (ldb_request_get_control(req, LDB_CONTROL_TREE_DELETE_OID) == NULL) {
/* Do not add any DN outputs to this error string!
* Some MMC consoles (eg release 2000) have a strange
* bug and prevent subtree deletes afterwards. */
ldb_asprintf_errstring(ldb_module_get_ctx(module),
"subtree_delete: Unable to "
"delete a non-leaf node "
"(it has %u children)!",
res->count);
talloc_free(res);
return LDB_ERR_NOT_ALLOWED_ON_NON_LEAF;
}
/*
* First we sort the results from the leaf to the root
*/
LDB_TYPESAFE_QSORT(res->msgs, res->count, NULL,
subtree_delete_sort);
/*
* we need to start from the top since other LDB modules could
* enforce constraints (eg "objectclass" and "samldb" do so).
*
* We pass DSDB_FLAG_AS_SYSTEM as the acl module above us
* has already checked for SEC_ADS_DELETE_TREE.
*/
flags = DSDB_FLAG_TOP_MODULE |
DSDB_FLAG_AS_SYSTEM |
DSDB_FLAG_TRUSTED |
DSDB_TREE_DELETE;
if (ldb_request_get_control(req, LDB_CONTROL_RELAX_OID) != NULL) {
flags |= DSDB_MODIFY_RELAX;
}
for (i = 0; i < res->count; i++) {
ret = dsdb_module_del(module, res->msgs[i]->dn, flags, req);
if (ret != LDB_SUCCESS) {
return ret;
}
}
talloc_free(res);
return ldb_next_request(module, req);
}
/*
modify a record - internal interface
yuck - this is O(n^2). Luckily n is usually small so we probably
get away with it, but if we ever have really large attribute lists
then we'll need to look at this again
'req' is optional, and is used to specify controls if supplied
*/
int ltdb_modify_internal(struct ldb_module *module,
const struct ldb_message *msg,
struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
void *data = ldb_module_get_private(module);
struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
TDB_DATA tdb_key, tdb_data;
struct ldb_message *msg2;
unsigned i, j;
int ret = LDB_SUCCESS, idx;
tdb_key = ltdb_key(module, msg->dn);
if (!tdb_key.dptr) {
return LDB_ERR_OTHER;
}
tdb_data = tdb_fetch(ltdb->tdb, tdb_key);
if (!tdb_data.dptr) {
talloc_free(tdb_key.dptr);
return ltdb_err_map(tdb_error(ltdb->tdb));
}
msg2 = talloc(tdb_key.dptr, struct ldb_message);
if (msg2 == NULL) {
free(tdb_data.dptr);
ret = LDB_ERR_OTHER;
goto done;
}
ret = ltdb_unpack_data(module, &tdb_data, msg2);
free(tdb_data.dptr);
if (ret == -1) {
ret = LDB_ERR_OTHER;
goto done;
}
if (!msg2->dn) {
msg2->dn = msg->dn;
}
for (i=0; i<msg->num_elements; i++) {
struct ldb_message_element *el = &msg->elements[i], *el2;
struct ldb_val *vals;
const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
const char *dn;
if (ldb_attr_cmp(el->name, "distinguishedName") == 0) {
ldb_asprintf_errstring(ldb, "it is not permitted to perform a modify on 'distinguishedName' (use rename instead): %s",
ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_CONSTRAINT_VIOLATION;
goto done;
}
switch (msg->elements[i].flags & LDB_FLAG_MOD_MASK) {
case LDB_FLAG_MOD_ADD:
if (el->num_values == 0) {
ldb_asprintf_errstring(ldb, "attribute %s on %s specified, but with 0 values (illigal)",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_CONSTRAINT_VIOLATION;
goto done;
}
if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
if (el->num_values > 1) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
/* Checks if element already exists */
idx = find_element(msg2, el->name);
if (idx == -1) {
if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
ret = ltdb_index_add_element(module, msg2->dn, el);
if (ret != LDB_SUCCESS) {
goto done;
}
} else {
/* We cannot add another value on a existing one
if the attribute is single-valued */
if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
el2 = &(msg2->elements[idx]);
/* Check that values don't exist yet on multi-
valued attributes or aren't provided twice */
for (j=0; j<el->num_values; j++) {
if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
ldb_asprintf_errstring(ldb, "%s: value #%d already exists", el->name, j);
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
/* Now combine existing and new values to a new
attribute record */
vals = talloc_realloc(msg2->elements,
el2->values, struct ldb_val,
el2->num_values + el->num_values);
if (vals == NULL) {
ldb_oom(ldb);
ret = LDB_ERR_OTHER;
goto done;
}
for (j=0; j<el->num_values; j++) {
vals[el2->num_values + j] =
ldb_val_dup(vals, &el->values[j]);
}
el2->values = vals;
el2->num_values += el->num_values;
ret = ltdb_index_add_element(module, msg2->dn, el);
if (ret != LDB_SUCCESS) {
goto done;
}
}
break;
case LDB_FLAG_MOD_REPLACE:
if (a && a->flags & LDB_ATTR_FLAG_SINGLE_VALUE) {
/* the RELAX control overrides this
check for replace. This is needed as
DRS replication can produce multiple
values here for a single valued
attribute when the values are deleted
links
*/
if (el->num_values > 1 &&
(!req || !ldb_request_get_control(req, LDB_CONTROL_RELAX_OID))) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg2->dn));
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
/* TODO: This is O(n^2) - replace with more efficient check */
for (j=0; j<el->num_values; j++) {
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
ldb_asprintf_errstring(ldb, "%s: value #%d provided more than once", el->name, j);
ret = LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
goto done;
}
}
idx = find_element(msg2, el->name);
if (idx != -1) {
el2 = &(msg2->elements[idx]);
if (ldb_msg_element_compare(el, el2) == 0) {
/* we are replacing with the same values */
continue;
}
/* Delete the attribute if it exists in the DB */
if (msg_delete_attribute(module, ldb, msg2, el->name) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
}
/* Recreate it with the new values */
if (ltdb_msg_add_element(ldb, msg2, el) != 0) {
ret = LDB_ERR_OTHER;
goto done;
}
ret = ltdb_index_add_element(module, msg2->dn, el);
if (ret != LDB_SUCCESS) {
goto done;
}
break;
case LDB_FLAG_MOD_DELETE:
dn = ldb_dn_get_linearized(msg2->dn);
if (dn == NULL) {
ret = LDB_ERR_OTHER;
goto done;
}
if (msg->elements[i].num_values == 0) {
/* Delete the whole attribute */
if (msg_delete_attribute(module, ldb, msg2,
msg->elements[i].name) != 0) {
ldb_asprintf_errstring(ldb, "No such attribute: %s for delete on %s",
msg->elements[i].name, dn);
ret = LDB_ERR_NO_SUCH_ATTRIBUTE;
goto done;
}
} else {
/* Delete specified values from an attribute */
for (j=0; j < msg->elements[i].num_values; j++) {
if (msg_delete_element(module,
msg2,
msg->elements[i].name,
&msg->elements[i].values[j]) != 0) {
ldb_asprintf_errstring(ldb, "No matching attribute value when deleting attribute: %s on %s",
msg->elements[i].name, dn);
ret = LDB_ERR_NO_SUCH_ATTRIBUTE;
goto done;
}
}
}
break;
default:
ldb_asprintf_errstring(ldb,
"Invalid ldb_modify flags on %s: 0x%x",
msg->elements[i].name,
msg->elements[i].flags & LDB_FLAG_MOD_MASK);
ret = LDB_ERR_PROTOCOL_ERROR;
goto done;
}
}
ret = ltdb_store(module, msg2, TDB_MODIFY);
if (ret != LDB_SUCCESS) {
goto done;
}
ret = ltdb_modified(module, msg2->dn);
if (ret != LDB_SUCCESS) {
goto done;
}
done:
talloc_free(tdb_key.dptr);
return ret;
}
