root/source3/lib/ldb/ldb_ildap/ldb_ildap.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. ildb_msg_to_mods
  2. ildb_map_error
  3. ildb_request_timeout
  4. ildb_callback
  5. init_ildb_handle
  6. ildb_request_send
  7. ildb_request_noop
  8. ildb_search
  9. ildb_add
  10. ildb_modify
  11. ildb_delete
  12. ildb_rename
  13. ildb_start_trans
  14. ildb_end_trans
  15. ildb_del_trans
  16. ildb_request
  17. ildb_wait
  18. ildb_connect
  19. ldb_ildap_init

   1 /* 
   2    ldb database library - ildap backend
   3 
   4    Copyright (C) Andrew Tridgell  2005
   5    Copyright (C) Simo Sorce       2006
   6 
   7      ** NOTE! The following LGPL license applies to the ldb
   8      ** library. This does NOT imply that all of Samba is released
   9      ** under the LGPL
  10    
  11    This library is free software; you can redistribute it and/or
  12    modify it under the terms of the GNU Lesser General Public
  13    License as published by the Free Software Foundation; either
  14    version 3 of the License, or (at your option) any later version.
  15 
  16    This library is distributed in the hope that it will be useful,
  17    but WITHOUT ANY WARRANTY; without even the implied warranty of
  18    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  19    Lesser General Public License for more details.
  20 
  21    You should have received a copy of the GNU Lesser General Public
  22    License along with this library; if not, see <http://www.gnu.org/licenses/>.
  23 */
  24 
  25 /*
  26  *  Name: ldb_ildap
  27  *
  28  *  Component: ldb ildap backend
  29  *
  30  *  Description: This is a ldb backend for the internal ldap
  31  *  client library in Samba4. By using this backend we are
  32  *  independent of a system ldap library
  33  *
  34  *  Author: Andrew Tridgell
  35  *
  36  *  Modifications:
  37  *
  38  *  - description: make the module use asyncronous calls
  39  *    date: Feb 2006
  40  *    author: Simo Sorce
  41  */
  42 
  43 
  44 #include "includes.h"
  45 #include "ldb/include/includes.h"
  46 
  47 #include "lib/events/events.h"
  48 #include "libcli/ldap/ldap.h"
  49 #include "libcli/ldap/ldap_client.h"
  50 #include "auth/auth.h"
  51 #include "auth/credentials/credentials.h"
  52 
  53 struct ildb_private {
  54         struct ldap_connection *ldap;
  55         struct ldb_context *ldb;
  56 };
  57 
  58 struct ildb_context {
  59         struct ldb_module *module;
  60         struct ldap_request *req;
  61         void *context;
  62         int (*callback)(struct ldb_context *, void *, struct ldb_reply *);
  63 };
  64 
  65 /*
  66   convert a ldb_message structure to a list of ldap_mod structures
  67   ready for ildap_add() or ildap_modify()
  68 */
  69 static struct ldap_mod **ildb_msg_to_mods(void *mem_ctx, int *num_mods,
     /* [<][>][^][v][top][bottom][index][help] */
  70                                           const struct ldb_message *msg, int use_flags)
  71 {
  72         struct ldap_mod **mods;
  73         unsigned int i;
  74         int n = 0;
  75 
  76         /* allocate maximum number of elements needed */
  77         mods = talloc_array(mem_ctx, struct ldap_mod *, msg->num_elements+1);
  78         if (!mods) {
  79                 errno = ENOMEM;
  80                 return NULL;
  81         }
  82         mods[0] = NULL;
  83 
  84         for (i = 0; i < msg->num_elements; i++) {
  85                 const struct ldb_message_element *el = &msg->elements[i];
  86 
  87                 mods[n] = talloc(mods, struct ldap_mod);
  88                 if (!mods[n]) {
  89                         goto failed;
  90                 }
  91                 mods[n + 1] = NULL;
  92                 mods[n]->type = 0;
  93                 mods[n]->attrib = *el;
  94                 if (use_flags) {
  95                         switch (el->flags & LDB_FLAG_MOD_MASK) {
  96                         case LDB_FLAG_MOD_ADD:
  97                                 mods[n]->type = LDAP_MODIFY_ADD;
  98                                 break;
  99                         case LDB_FLAG_MOD_DELETE:
 100                                 mods[n]->type = LDAP_MODIFY_DELETE;
 101                                 break;
 102                         case LDB_FLAG_MOD_REPLACE:
 103                                 mods[n]->type = LDAP_MODIFY_REPLACE;
 104                                 break;
 105                         }
 106                 }
 107                 n++;
 108         }
 109 
 110         *num_mods = n;
 111         return mods;
 112 
 113 failed:
 114         talloc_free(mods);
 115         return NULL;
 116 }
 117 
 118 
 119 /*
 120   map an ildap NTSTATUS to a ldb error code
 121 */
 122 static int ildb_map_error(struct ildb_private *ildb, NTSTATUS status)
     /* [<][>][^][v][top][bottom][index][help] */
 123 {
 124         if (NT_STATUS_IS_OK(status)) {
 125                 return LDB_SUCCESS;
 126         }
 127         ldb_set_errstring(ildb->ldb, ldap_errstr(ildb->ldap, status));
 128         if (NT_STATUS_IS_LDAP(status)) {
 129                 return NT_STATUS_LDAP_CODE(status);
 130         }
 131         return LDB_ERR_OPERATIONS_ERROR;
 132 }
 133 
 134 static void ildb_request_timeout(struct event_context *ev, struct timed_event *te,
     /* [<][>][^][v][top][bottom][index][help] */
 135                                  struct timeval t, void *private_data)
 136 {
 137         struct ldb_handle *handle = talloc_get_type(private_data, struct ldb_handle);
 138         struct ildb_context *ac = talloc_get_type(handle->private_data, struct ildb_context);
 139 
 140         if (ac->req->state == LDAP_REQUEST_PENDING) {
 141                 DLIST_REMOVE(ac->req->conn->pending, ac->req);
 142         }
 143 
 144         handle->status = LDB_ERR_TIME_LIMIT_EXCEEDED;
 145 
 146         return;
 147 }
 148 
 149 static void ildb_callback(struct ldap_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 150 {
 151         struct ldb_handle *handle = talloc_get_type(req->async.private_data, struct ldb_handle);
 152         struct ildb_context *ac = talloc_get_type(handle->private_data, struct ildb_context);
 153         struct ildb_private *ildb = talloc_get_type(ac->module->private_data, struct ildb_private);
 154         NTSTATUS status;
 155         int i;
 156 
 157         handle->status = LDB_SUCCESS;
 158 
 159         if (!NT_STATUS_IS_OK(req->status)) {
 160                 handle->status = ildb_map_error(ildb, req->status);
 161                 return;
 162         }
 163 
 164         if (req->num_replies < 1) {
 165                 handle->status = LDB_ERR_OPERATIONS_ERROR;
 166                 return;
 167         } 
 168                 
 169         switch (req->type) {
 170 
 171         case LDAP_TAG_ModifyRequest:
 172                 if (req->replies[0]->type != LDAP_TAG_ModifyResponse) {
 173                         handle->status = LDB_ERR_PROTOCOL_ERROR;
 174                         return;
 175                 }
 176                 status = ldap_check_response(req->conn, &req->replies[0]->r.GeneralResult);
 177                 handle->status = ildb_map_error(ildb, status);
 178                 if (ac->callback && handle->status == LDB_SUCCESS) {
 179                         /* FIXME: build a corresponding ares to pass on */
 180                         handle->status = ac->callback(ac->module->ldb, ac->context, NULL);
 181                 }
 182                 handle->state = LDB_ASYNC_DONE;
 183                 break;
 184 
 185         case LDAP_TAG_AddRequest:
 186                 if (req->replies[0]->type != LDAP_TAG_AddResponse) {
 187                         handle->status = LDB_ERR_PROTOCOL_ERROR;
 188                         return;
 189                 }
 190                 status = ldap_check_response(req->conn, &req->replies[0]->r.GeneralResult);
 191                 handle->status = ildb_map_error(ildb, status);
 192                 if (ac->callback && handle->status == LDB_SUCCESS) {
 193                         /* FIXME: build a corresponding ares to pass on */
 194                         handle->status = ac->callback(ac->module->ldb, ac->context, NULL);
 195                 }
 196                 handle->state = LDB_ASYNC_DONE;
 197                 break;
 198 
 199         case LDAP_TAG_DelRequest:
 200                 if (req->replies[0]->type != LDAP_TAG_DelResponse) {
 201                         handle->status = LDB_ERR_PROTOCOL_ERROR;
 202                         return;
 203                 }
 204                 status = ldap_check_response(req->conn, &req->replies[0]->r.GeneralResult);
 205                 handle->status = ildb_map_error(ildb, status);
 206                 if (ac->callback && handle->status == LDB_SUCCESS) {
 207                         /* FIXME: build a corresponding ares to pass on */
 208                         handle->status = ac->callback(ac->module->ldb, ac->context, NULL);
 209                 }
 210                 handle->state = LDB_ASYNC_DONE;
 211                 break;
 212 
 213         case LDAP_TAG_ModifyDNRequest:
 214                 if (req->replies[0]->type != LDAP_TAG_ModifyDNResponse) {
 215                         handle->status = LDB_ERR_PROTOCOL_ERROR;
 216                         return;
 217                 }
 218                 status = ldap_check_response(req->conn, &req->replies[0]->r.GeneralResult);
 219                 handle->status = ildb_map_error(ildb, status);
 220                 if (ac->callback && handle->status == LDB_SUCCESS) {
 221                         /* FIXME: build a corresponding ares to pass on */
 222                         handle->status = ac->callback(ac->module->ldb, ac->context, NULL);
 223                 }
 224                 handle->state = LDB_ASYNC_DONE;
 225                 break;
 226 
 227         case LDAP_TAG_SearchRequest:
 228                 /* loop over all messages */
 229                 for (i = 0; i < req->num_replies; i++) {
 230                         struct ldap_SearchResEntry *search;
 231                         struct ldb_reply *ares = NULL;
 232                         struct ldap_message *msg;
 233                         int ret;
 234 
 235                         ares = talloc_zero(ac, struct ldb_reply);
 236                         if (!ares) {
 237                                 handle->status = LDB_ERR_OPERATIONS_ERROR;
 238                                 return;
 239                         }
 240 
 241                         msg = req->replies[i];
 242                         switch (msg->type) {
 243 
 244                         case LDAP_TAG_SearchResultDone:
 245 
 246                                 status = ldap_check_response(req->conn, &msg->r.GeneralResult);
 247                                 if (!NT_STATUS_IS_OK(status)) {
 248                                         handle->status = ildb_map_error(ildb, status);
 249                                         return;
 250                                 }
 251                                 
 252                                 ares->controls = talloc_move(ares, &msg->controls);
 253                                 if (msg->r.SearchResultDone.resultcode) {
 254                                         if (msg->r.SearchResultDone.errormessage) {
 255                                                 ldb_set_errstring(ac->module->ldb, msg->r.SearchResultDone.errormessage);
 256                                         }
 257                                 }
 258 
 259                                 handle->status = msg->r.SearchResultDone.resultcode;
 260                                 handle->state = LDB_ASYNC_DONE;
 261                                 ares->type = LDB_REPLY_DONE;
 262                                 break;
 263 
 264                         case LDAP_TAG_SearchResultEntry:
 265 
 266 
 267                                 ares->message = ldb_msg_new(ares);
 268                                 if (!ares->message) {
 269                                         handle->status = LDB_ERR_OPERATIONS_ERROR;
 270                                         return;
 271                                 }
 272 
 273                                 search = &(msg->r.SearchResultEntry);
 274                 
 275                                 ares->message->dn = ldb_dn_explode_or_special(ares->message, search->dn);
 276                                 if (ares->message->dn == NULL) {
 277                                         handle->status = LDB_ERR_OPERATIONS_ERROR;
 278                                         return;
 279                                 }
 280                                 ares->message->num_elements = search->num_attributes;
 281                                 ares->message->elements = talloc_move(ares->message,
 282                                                                       &search->attributes);
 283 
 284                                 handle->status = LDB_SUCCESS;
 285                                 handle->state = LDB_ASYNC_PENDING;
 286                                 ares->type = LDB_REPLY_ENTRY;
 287                                 break;
 288 
 289                         case LDAP_TAG_SearchResultReference:
 290 
 291                                 ares->referral = talloc_strdup(ares, msg->r.SearchResultReference.referral);
 292                                 
 293                                 handle->status = LDB_SUCCESS;
 294                                 handle->state = LDB_ASYNC_PENDING;
 295                                 ares->type = LDB_REPLY_REFERRAL;
 296                                 break;
 297 
 298                         default:
 299                                 /* TAG not handled, fail ! */
 300                                 handle->status = LDB_ERR_PROTOCOL_ERROR;
 301                                 return;
 302                         }
 303 
 304                         ret = ac->callback(ac->module->ldb, ac->context, ares);
 305                         if (ret) {
 306                                 handle->status = ret;
 307                         }
 308                 }
 309 
 310                 talloc_free(req->replies);
 311                 req->replies = NULL;
 312                 req->num_replies = 0;
 313 
 314                 break;
 315                 
 316         default:
 317                 handle->status = LDB_ERR_PROTOCOL_ERROR;
 318                 return;
 319         }
 320 }
 321 
 322 static struct ldb_handle *init_ildb_handle(struct ldb_module *module, 
     /* [<][>][^][v][top][bottom][index][help] */
 323                                            void *context,
 324                                            int (*callback)(struct ldb_context *, void *, struct ldb_reply *))
 325 {
 326         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 327         struct ildb_context *ildb_ac;
 328         struct ldb_handle *h;
 329 
 330         h = talloc_zero(ildb->ldap, struct ldb_handle);
 331         if (h == NULL) {
 332                 ldb_set_errstring(module->ldb, "Out of Memory");
 333                 return NULL;
 334         }
 335 
 336         h->module = module;
 337 
 338         ildb_ac = talloc(h, struct ildb_context);
 339         if (ildb_ac == NULL) {
 340                 ldb_set_errstring(module->ldb, "Out of Memory");
 341                 talloc_free(h);
 342                 return NULL;
 343         }
 344 
 345         h->private_data = (void *)ildb_ac;
 346 
 347         h->state = LDB_ASYNC_INIT;
 348         h->status = LDB_SUCCESS;
 349 
 350         ildb_ac->module = module;
 351         ildb_ac->context = context;
 352         ildb_ac->callback = callback;
 353 
 354         return h;
 355 }
 356 
 357 static int ildb_request_send(struct ldb_module *module, struct ldap_message *msg,
     /* [<][>][^][v][top][bottom][index][help] */
 358                              void *context,
 359                              int (*callback)(struct ldb_context *, void *, struct ldb_reply *),
 360                              int timeout,
 361                              struct ldb_handle **handle)
 362 {
 363         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 364         struct ldb_handle *h = init_ildb_handle(module, context, callback);
 365         struct ildb_context *ildb_ac;
 366         struct ldap_request *req;
 367 
 368         if (!h) {
 369                 return LDB_ERR_OPERATIONS_ERROR;                
 370         }
 371 
 372         ildb_ac = talloc_get_type(h->private_data, struct ildb_context);
 373 
 374         req = ldap_request_send(ildb->ldap, msg);
 375         if (req == NULL) {
 376                 ldb_set_errstring(module->ldb, "async send request failed");
 377                 return LDB_ERR_OPERATIONS_ERROR;
 378         }
 379 
 380         if (!req->conn) {
 381                 ldb_set_errstring(module->ldb, "connection to remote LDAP server dropped?");
 382                 return LDB_ERR_OPERATIONS_ERROR;
 383         }
 384 
 385         talloc_free(req->time_event);
 386         req->time_event = NULL;
 387         if (timeout) {
 388                 req->time_event = event_add_timed(req->conn->event.event_ctx, h, 
 389                                                   timeval_current_ofs(timeout, 0),
 390                                                   ildb_request_timeout, h);
 391         }
 392 
 393         req->async.fn = ildb_callback;
 394         req->async.private_data = (void *)h;
 395         ildb_ac->req = talloc_move(ildb_ac, &req);
 396 
 397         *handle = h;
 398         return LDB_SUCCESS;
 399 }
 400 
 401 static int ildb_request_noop(struct ldb_module *module, struct ldb_request *req) 
     /* [<][>][^][v][top][bottom][index][help] */
 402 {
 403         struct ldb_handle *h = init_ildb_handle(module, req->context, req->callback);
 404         struct ildb_context *ildb_ac;
 405         int ret = LDB_SUCCESS;
 406 
 407         if (!h) {
 408                 return LDB_ERR_OPERATIONS_ERROR;                
 409         }
 410 
 411         ildb_ac = talloc_get_type(h->private_data, struct ildb_context);
 412         
 413         req->handle = h;
 414 
 415         if (ildb_ac->callback) {
 416                 ret = ildb_ac->callback(module->ldb, ildb_ac->context, NULL);
 417         }
 418         req->handle->state = LDB_ASYNC_DONE;
 419         return ret;
 420 }
 421 
 422 /*
 423   search for matching records using an asynchronous function
 424  */
 425 static int ildb_search(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 426 {
 427         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 428         struct ldap_message *msg;
 429         int n;
 430 
 431         req->handle = NULL;
 432 
 433         if (!req->callback || !req->context) {
 434                 ldb_set_errstring(module->ldb, "Async interface called with NULL callback function or NULL context");
 435                 return LDB_ERR_OPERATIONS_ERROR;
 436         }
 437         
 438         if (req->op.search.tree == NULL) {
 439                 ldb_set_errstring(module->ldb, "Invalid expression parse tree");
 440                 return LDB_ERR_OPERATIONS_ERROR;
 441         }
 442 
 443         msg = new_ldap_message(ildb);
 444         if (msg == NULL) {
 445                 ldb_set_errstring(module->ldb, "Out of Memory");
 446                 return LDB_ERR_OPERATIONS_ERROR;
 447         }
 448 
 449         msg->type = LDAP_TAG_SearchRequest;
 450 
 451         if (req->op.search.base == NULL) {
 452                 msg->r.SearchRequest.basedn = talloc_strdup(msg, "");
 453         } else {
 454                 msg->r.SearchRequest.basedn  = ldb_dn_linearize(msg, req->op.search.base);
 455         }
 456         if (msg->r.SearchRequest.basedn == NULL) {
 457                 ldb_set_errstring(module->ldb, "Unable to determine baseDN");
 458                 talloc_free(msg);
 459                 return LDB_ERR_OPERATIONS_ERROR;
 460         }
 461 
 462         if (req->op.search.scope == LDB_SCOPE_DEFAULT) {
 463                 msg->r.SearchRequest.scope = LDB_SCOPE_SUBTREE;
 464         } else {
 465                 msg->r.SearchRequest.scope = req->op.search.scope;
 466         }
 467         
 468         msg->r.SearchRequest.deref  = LDAP_DEREFERENCE_NEVER;
 469         msg->r.SearchRequest.timelimit = 0;
 470         msg->r.SearchRequest.sizelimit = 0;
 471         msg->r.SearchRequest.attributesonly = 0;
 472         msg->r.SearchRequest.tree = discard_const_p(struct ldb_parse_tree, req->op.search.tree);
 473         
 474         for (n = 0; req->op.search.attrs && req->op.search.attrs[n]; n++) /* noop */ ;
 475         msg->r.SearchRequest.num_attributes = n;
 476         msg->r.SearchRequest.attributes = discard_const_p(char *, req->op.search.attrs), 
 477 
 478         msg->controls = req->controls;
 479 
 480         return ildb_request_send(module, msg, req->context, req->callback, req->timeout, &(req->handle));
 481 }
 482 
 483 /*
 484   add a record
 485 */
 486 static int ildb_add(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 487 {
 488         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 489         struct ldap_message *msg;
 490         struct ldap_mod **mods;
 491         int i,n;
 492 
 493         req->handle = NULL;
 494 
 495         /* ignore ltdb specials */
 496         if (ldb_dn_is_special(req->op.add.message->dn)) {
 497                 return ildb_request_noop(module, req);
 498         }
 499 
 500         msg = new_ldap_message(ildb->ldap);
 501         if (msg == NULL) {
 502                 return LDB_ERR_OPERATIONS_ERROR;
 503         }
 504 
 505         msg->type = LDAP_TAG_AddRequest;
 506 
 507         msg->r.AddRequest.dn = ldb_dn_linearize(msg, req->op.add.message->dn);
 508         if (msg->r.AddRequest.dn == NULL) {
 509                 talloc_free(msg);
 510                 return LDB_ERR_INVALID_DN_SYNTAX;
 511         }
 512 
 513         mods = ildb_msg_to_mods(msg, &n, req->op.add.message, 0);
 514         if (mods == NULL) {
 515                 talloc_free(msg);
 516                 return LDB_ERR_OPERATIONS_ERROR;
 517         }
 518 
 519         msg->r.AddRequest.num_attributes = n;
 520         msg->r.AddRequest.attributes = talloc_array(msg, struct ldb_message_element, n);
 521         if (msg->r.AddRequest.attributes == NULL) {
 522                 talloc_free(msg);
 523                 return LDB_ERR_OPERATIONS_ERROR;
 524         }
 525 
 526         for (i = 0; i < n; i++) {
 527                 msg->r.AddRequest.attributes[i] = mods[i]->attrib;
 528         }
 529 
 530         return ildb_request_send(module, msg, req->context, req->callback, req->timeout, &(req->handle));
 531 }
 532 
 533 /*
 534   modify a record
 535 */
 536 static int ildb_modify(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 537 {
 538         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 539         struct ldap_message *msg;
 540         struct ldap_mod **mods;
 541         int i,n;
 542 
 543         req->handle = NULL;
 544 
 545         /* ignore ltdb specials */
 546         if (ldb_dn_is_special(req->op.mod.message->dn)) {
 547                 return ildb_request_noop(module, req);
 548         }
 549 
 550         msg = new_ldap_message(ildb->ldap);
 551         if (msg == NULL) {
 552                 return LDB_ERR_OPERATIONS_ERROR;
 553         }
 554 
 555         msg->type = LDAP_TAG_ModifyRequest;
 556 
 557         msg->r.ModifyRequest.dn = ldb_dn_linearize(msg, req->op.mod.message->dn);
 558         if (msg->r.ModifyRequest.dn == NULL) {
 559                 talloc_free(msg);
 560                 return LDB_ERR_INVALID_DN_SYNTAX;
 561         }
 562 
 563         mods = ildb_msg_to_mods(msg, &n, req->op.mod.message, 1);
 564         if (mods == NULL) {
 565                 talloc_free(msg);
 566                 return LDB_ERR_OPERATIONS_ERROR;
 567         }
 568 
 569         msg->r.ModifyRequest.num_mods = n;
 570         msg->r.ModifyRequest.mods = talloc_array(msg, struct ldap_mod, n);
 571         if (msg->r.ModifyRequest.mods == NULL) {
 572                 talloc_free(msg);
 573                 return LDB_ERR_OPERATIONS_ERROR;
 574         }
 575 
 576         for (i = 0; i < n; i++) {
 577                 msg->r.ModifyRequest.mods[i] = *mods[i];
 578         }
 579 
 580         return ildb_request_send(module, msg, req->context, req->callback, req->timeout, &(req->handle));
 581 }
 582 
 583 /*
 584   delete a record
 585 */
 586 static int ildb_delete(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 587 {
 588         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 589         struct ldap_message *msg;
 590 
 591         req->handle = NULL;
 592 
 593         /* ignore ltdb specials */
 594         if (ldb_dn_is_special(req->op.del.dn)) {
 595                 return ildb_request_noop(module, req);
 596         }
 597 
 598         msg = new_ldap_message(ildb->ldap);
 599         if (msg == NULL) {
 600                 return LDB_ERR_OPERATIONS_ERROR;
 601         }
 602 
 603         msg->type = LDAP_TAG_DelRequest;
 604         
 605         msg->r.DelRequest.dn = ldb_dn_linearize(msg, req->op.del.dn);
 606         if (msg->r.DelRequest.dn == NULL) {
 607                 talloc_free(msg);
 608                 return LDB_ERR_INVALID_DN_SYNTAX;
 609         }
 610 
 611         return ildb_request_send(module, msg, req->context, req->callback, req->timeout, &(req->handle));
 612 }
 613 
 614 /*
 615   rename a record
 616 */
 617 static int ildb_rename(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 618 {
 619         struct ildb_private *ildb = talloc_get_type(module->private_data, struct ildb_private);
 620         struct ldap_message *msg;
 621 
 622         req->handle = NULL;
 623 
 624         /* ignore ltdb specials */
 625         if (ldb_dn_is_special(req->op.rename.olddn) || ldb_dn_is_special(req->op.rename.newdn)) {
 626                 return ildb_request_noop(module, req);
 627         }
 628 
 629         msg = new_ldap_message(ildb->ldap);
 630         if (msg == NULL) {
 631                 return LDB_ERR_OPERATIONS_ERROR;
 632         }
 633 
 634         msg->type = LDAP_TAG_ModifyDNRequest;
 635         msg->r.ModifyDNRequest.dn = ldb_dn_linearize(msg, req->op.rename.olddn);
 636         if (msg->r.ModifyDNRequest.dn == NULL) {
 637                 talloc_free(msg);
 638                 return LDB_ERR_INVALID_DN_SYNTAX;
 639         }
 640 
 641         msg->r.ModifyDNRequest.newrdn = 
 642                 talloc_asprintf(msg, "%s=%s",
 643                                 ldb_dn_get_rdn_name(req->op.rename.newdn),
 644                                 ldb_dn_escape_value(msg, *ldb_dn_get_rdn_val(req->op.rename.newdn)));
 645         if (msg->r.ModifyDNRequest.newrdn == NULL) {
 646                 talloc_free(msg);
 647                 return LDB_ERR_OPERATIONS_ERROR;
 648         }
 649 
 650         msg->r.ModifyDNRequest.newsuperior =
 651                 ldb_dn_linearize(msg,
 652                                  ldb_dn_get_parent(msg, req->op.rename.newdn));
 653         if (msg->r.ModifyDNRequest.newsuperior == NULL) {
 654                 talloc_free(msg);
 655                 return LDB_ERR_INVALID_DN_SYNTAX;
 656         }
 657 
 658         msg->r.ModifyDNRequest.deleteolddn = True;
 659 
 660         return ildb_request_send(module, msg, req->context, req->callback, req->timeout, &(req->handle));
 661 }
 662 
 663 static int ildb_start_trans(struct ldb_module *module)
     /* [<][>][^][v][top][bottom][index][help] */
 664 {
 665         /* TODO implement a local locking mechanism here */
 666 
 667         return LDB_SUCCESS;
 668 }
 669 
 670 static int ildb_end_trans(struct ldb_module *module)
     /* [<][>][^][v][top][bottom][index][help] */
 671 {
 672         /* TODO implement a local transaction mechanism here */
 673 
 674         return LDB_SUCCESS;
 675 }
 676 
 677 static int ildb_del_trans(struct ldb_module *module)
     /* [<][>][^][v][top][bottom][index][help] */
 678 {
 679         /* TODO implement a local locking mechanism here */
 680 
 681         return LDB_SUCCESS;
 682 }
 683 
 684 static int ildb_request(struct ldb_module *module, struct ldb_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 685 {
 686         return LDB_ERR_OPERATIONS_ERROR;
 687 }
 688 
 689 static int ildb_wait(struct ldb_handle *handle, enum ldb_wait_type type)
     /* [<][>][^][v][top][bottom][index][help] */
 690 {
 691         struct ildb_context *ac = talloc_get_type(handle->private_data, struct ildb_context);
 692 
 693         if (handle->state == LDB_ASYNC_DONE) {
 694                 return handle->status;
 695         }
 696 
 697         if (!ac) {
 698                 return LDB_ERR_OPERATIONS_ERROR;
 699         }
 700 
 701         handle->state = LDB_ASYNC_INIT;
 702 
 703         switch(type) {
 704         case LDB_WAIT_NONE:
 705                 if (event_loop_once(ac->req->conn->event.event_ctx) != 0) {
 706                         return LDB_ERR_OTHER;
 707                 }
 708                 break;
 709         case LDB_WAIT_ALL:
 710                 while (handle->status == LDB_SUCCESS && handle->state != LDB_ASYNC_DONE) {
 711                         if (event_loop_once(ac->req->conn->event.event_ctx) != 0) {
 712                                 return LDB_ERR_OTHER;
 713                         }
 714                 }
 715                 break;
 716         default:
 717                 return LDB_ERR_OPERATIONS_ERROR;
 718         }
 719         
 720         return handle->status;
 721 }
 722 
 723 static const struct ldb_module_ops ildb_ops = {
 724         .name              = "ldap",
 725         .search            = ildb_search,
 726         .add               = ildb_add,
 727         .modify            = ildb_modify,
 728         .del               = ildb_delete,
 729         .rename            = ildb_rename,
 730         .request           = ildb_request,
 731         .start_transaction = ildb_start_trans,
 732         .end_transaction   = ildb_end_trans,
 733         .del_transaction   = ildb_del_trans,
 734         .wait              = ildb_wait
 735 };
 736 
 737 /*
 738   connect to the database
 739 */
 740 static int ildb_connect(struct ldb_context *ldb, const char *url, 
     /* [<][>][^][v][top][bottom][index][help] */
 741                         unsigned int flags, const char *options[],
 742                         struct ldb_module **module)
 743 {
 744         struct ildb_private *ildb = NULL;
 745         NTSTATUS status;
 746         struct cli_credentials *creds;
 747 
 748         ildb = talloc(ldb, struct ildb_private);
 749         if (!ildb) {
 750                 ldb_oom(ldb);
 751                 goto failed;
 752         }
 753 
 754         ildb->ldb     = ldb;
 755 
 756         ildb->ldap = ldap4_new_connection(ildb, ldb_get_opaque(ldb, "EventContext"));
 757         if (!ildb->ldap) {
 758                 ldb_oom(ldb);
 759                 goto failed;
 760         }
 761 
 762         if (flags & LDB_FLG_RECONNECT) {
 763                 ldap_set_reconn_params(ildb->ldap, 10);
 764         }
 765 
 766         status = ldap_connect(ildb->ldap, url);
 767         if (!NT_STATUS_IS_OK(status)) {
 768                 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to connect to ldap URL '%s' - %s\n",
 769                           url, ldap_errstr(ildb->ldap, status));
 770                 goto failed;
 771         }
 772 
 773 
 774         *module = talloc(ldb, struct ldb_module);
 775         if (!module) {
 776                 ldb_oom(ldb);
 777                 talloc_free(ildb);
 778                 return -1;
 779         }
 780         talloc_set_name_const(*module, "ldb_ildap backend");
 781         (*module)->ldb = ldb;
 782         (*module)->prev = (*module)->next = NULL;
 783         (*module)->private_data = ildb;
 784         (*module)->ops = &ildb_ops;
 785 
 786         /* caller can optionally setup credentials using the opaque token 'credentials' */
 787         creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials);
 788         if (creds == NULL) {
 789                 struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
 790                 if (session_info) {
 791                         creds = session_info->credentials;
 792                 }
 793         }
 794 
 795         if (creds != NULL && cli_credentials_authentication_requested(creds)) {
 796                 const char *bind_dn = cli_credentials_get_bind_dn(creds);
 797                 if (bind_dn) {
 798                         const char *password = cli_credentials_get_password(creds);
 799                         status = ldap_bind_simple(ildb->ldap, bind_dn, password);
 800                         if (!NT_STATUS_IS_OK(status)) {
 801                                 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
 802                                           ldap_errstr(ildb->ldap, status));
 803                                 goto failed;
 804                         }
 805                 } else {
 806                         status = ldap_bind_sasl(ildb->ldap, creds);
 807                         if (!NT_STATUS_IS_OK(status)) {
 808                                 ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n",
 809                                           ldap_errstr(ildb->ldap, status));
 810                                 goto failed;
 811                         }
 812                 }
 813         }
 814 
 815         return 0;
 816 
 817 failed:
 818         talloc_free(ildb);
 819         return -1;
 820 }
 821 
 822 int ldb_ildap_init(void)
     /* [<][>][^][v][top][bottom][index][help] */
 823 {
 824         return ldb_register_backend("ldap", ildb_connect) + 
 825                    ldb_register_backend("ldapi", ildb_connect) + 
 826                    ldb_register_backend("ldaps", ildb_connect);
 827 }

/* [<][>][^][v][top][bottom][index][help] */