/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* Copyright 2015 RackTop Systems.
*/
#include <strings.h>
#include <syslog.h>
#include "nisdb_mt.h"
#include "db_headers.h"
#include "db_entry.h"
#include "db.h"
#include "db_dictionary.h"
#include "db_pickle.h"
#include "nis_db.h"
#include "nis_ldap.h"
#include "ldap_util.h"
#include "ldap_parse.h"
#include "ldap_glob.h"
#include "ldap_xdr.h"
#include "ldap_glob.h"
extern "C" {
/*
* (Imported from rpc.nisd/nis_xx_proc.c)
*
* 'tbl_prototype' is used to create a table that holds a directory.
*/
};
}
/*
* Free resources associated with a db_result structure
*/
void
{
int i;
if (dr == 0)
return;
/* Can't have valid objects */
return;
}
}
/* Return an empty db_result structure with its status field set to 's'. */
{
} else {
WARNING("nis_db::empty_result: cannot allocate space");
}
return (res);
}
static db_result*
{
}
return (res);
}
/*
* Given a FQ object name for a table or directory, return the (db *)
* corresponding to the object.
*/
db *
char *intName;
if (intName == 0)
return (0);
return (dbase);
}
extern "C" {
{
}
const char
{
switch (dbstat) {
case DB_SUCCESS:
str = "Success";
break;
case DB_NOTFOUND:
str = "Not Found";
break;
case DB_BADTABLE:
str = "Bad Table";
break;
case DB_BADQUERY:
str = "Bad Query";
break;
case DB_BADOBJECT:
str = "Bad Object";
break;
case DB_MEMORY_LIMIT:
str = "Memory limit exceeded";
break;
case DB_STORAGE_LIMIT:
str = "Database storage limit exceeded";
break;
case DB_INTERNAL_ERROR:
str = "Database internal error";
break;
case DB_SYNC_FAILED:
str = "Sync of log file failed";
break;
default:
str = "Unknown Error";
break;
}
return (str);
}
{
/*
* Use the "FreeDictionary" ptr for the backup
* dictionary.
*/
return (FALSE);
}
{
}
/*
* The tok and repl parameters will allow us to merge two dictionaries
* in different domains). If set to NULL, then the dictionary merge is
* done as normal (no name changing).
*/
{
/*
* It is assumed that InUseDictionary has already been initialized.
*/
if (dbstat != DB_SUCCESS)
return (dbstat);
/*
* Use the "FreeDictionary" ptr for the backup
* dictionary.
*/
return (DB_INTERNAL_ERROR);
}
{
if (dbstat != DB_SUCCESS) {
return (dbstat);
}
if (dbstat != DB_SUCCESS) {
return (dbstat);
}
if (dbstat != DB_SUCCESS) {
return (dbstat);
}
return (dbstat);
}
{
if (dbstat != DB_SUCCESS)
return (dbstat);
if (dbstat != DB_SUCCESS)
return (dbstat);
}
/*
* Initialize system (dictionary) using file 'filename'. If system cannot
* be read from file, it is initialized to be empty. Returns TRUE if
* initialization succeeds, FALSE otherwise.
* This function must be called before any other.
*/
{
}
/*
* Massage the dictionary file by replacing the specified token with the
* the replacement string. This function is needed to provide backwards
* compatibility for providing a transportable dictionary file. The idea
* is that rpc.nisd will call this function when it wants to change the
*
*/
{
}
/*
* Create new table using given table name and table descriptor.
* Returns DB_SUCCESS if successful; appropriate error code otherwise.
*/
{
}
/*
* Destroys table named by 'table_name.' Returns DB_SUCCESS if successful,
* error code otherwise. Note that currently, the removed table is no
* longer accessible from this interface and all files associated with it
* are removed from stable storage.
*/
{
}
/*
* Return a copy of the first entry in the specified table, that satisfies
* the given attributes. The returned structure 'db_result' contains the status,
* the copy of the object, and a 'db_next_desc' to be used for the 'next'
* operation.
*/
{
else {
if (numattrs != 0) {
return (set_result(safety,
DB_BADQUERY));
}
return (res);
}
}
/*
* Return a copy of the next entry in the specified table as specified by
* the 'next_desc'. The returned structure 'db_result' contains the status,
* a copy of the object, and a db_next_desc to be used for a subsequent
* 'next' operation.
*/
{
} else
}
/*
* Indicate to the system that you are no longer interested in the rest of the
* results identified by [next_desc]. After executing this operation, the
* [next_desc] is no longer valid (cannot be used as an argument for next).
*/
{
} else
}
/*
* Returns copies of entries that satisfy the given attributes from table.
* Returns the status and entries in a db_result structure.
* If no attributes are specified, DB_BADQUERY is returned.
*/
{
else {
if (numattrs != 0) {
return (set_result(safety,
DB_BADQUERY));
delete query;
} else {
}
return (res);
}
}
}
/*
* Input: A fully qualified object name (example: "x.y.z").
* Output: Returns the first level of the object name ("x").
* If 'tableP' is non-NULL, '*tableP' will contain
* the internal table name for "y.z".
*
* Both the return value and '*tableP' must be freed by the caller.
*/
char *
if (msg == 0)
if (name == 0)
return (0);
if (dir == 0) {
return (0);
}
*(dir++) = '\0';
if (tableP == 0)
return (name);
if (table == 0) {
return (0);
}
return (name);
}
{ \
if (statP != 0) \
return (obj); \
}
/*
* Given a fully qualified object name, retrive a copy of the object,
* using the NIS+ DB only (i.e., no LDAP). Avoids using nis_leaf_of()
* etc., since they aren't re-entrant.
*/
nis_object *o;
int lstat;
if (objName == 0)
RETSTAT(0, DB_BADQUERY);
/* The root dir is treated specially */
if (table == 0)
RETSTAT(0, DB_BADQUERY);
o = get_root_object();
if (o == 0)
RETSTAT(0, DB_NOTFOUND);
RETSTAT(o, DB_SUCCESS);
}
/* If not the root dir, find the directory where the entry lives */
RETSTAT(0, DB_MEMORY_LIMIT);
}
if (dbase != 0)
RETSTAT(0, DB_BADTABLE);
}
if (lstat != 0) {
RETSTAT(0, DB_LOCK_ERROR);
}
if (query == 0) {
RETSTAT(0, DB_BADQUERY);
}
/* Only want to look in the local DB */
mindex->setNoLDAPquery();
delete query;
if (lstat != 0) {
RETSTAT(0, DB_LOCK_ERROR);
}
if (res == 0)
RETSTAT(0, DB_MEMORY_LIMIT);
}
RETSTAT(0, DB_BADOBJECT);
}
if (o == 0) {
RETSTAT(0, DB_BADOBJECT);
}
RETSTAT(o, DB_SUCCESS);
}
/*
* Return the object specified by 't' or 'objName' from LDAP. Set
* the LDAP status in '*statP'.
*/
nis_object *o;
int stat;
if (t == 0) {
if (objName == 0) {
if (statP != 0)
return (0);
}
/* Look for mapping */
if (table == 0) {
if (statP != 0)
return (0);
}
&ldapMappingList, 0, 0);
if (t == 0) {
/* Not really an error; just not mapped */
*statP = LDAP_SUCCESS;
return (0);
}
}
o = 0;
stat = objFromLDAP(t, &o, 0, 0);
if (statP != 0)
return (o);
}
/*
* Look for the specified object, first locally, then in LDAP.
*/
nis_object *o;
if (o == 0) {
if (stat != DB_NOTFOUND)
"%s: DB error %d looking for \"%s\"",
if (o == 0) {
if (lstat != LDAP_SUCCESS &&
"%s: LDAP error looking for \"%s\": %s",
}
}
if (statP != 0)
if (lstatP != 0)
return (o);
}
/*
* Delete the specified object from the local DB.
*/
nis_object *o;
int xid;
if (objName == 0)
return (DB_SUCCESS);
/*
* Since in-structure locks can't completely protect
* during structure deletion, we just note that the
* object should be deleted, and leave that for a
* (slightly) later time in rpc.nisd, where we can
* protection.
*/
if (tsd == 0)
return (DB_INTERNAL_ERROR);
if (o == 0) {
if (stat == DB_NOTFOUND)
return (DB_SUCCESS);
else
return (stat);
}
/*
* In order to prevent a chicken-and-egg problem (if the
* object doesn't exist in LDAP, is that because we just
* haven't written it to LDAP yet, or because it's been
* removed), we only allow object deletion if we're the
* master for it.
*/
if (nod == 0) {
return (DB_MEMORY_LIMIT);
}
return (DB_MEMORY_LIMIT);
}
/* Check for a dup */
return (DB_SUCCESS);
}
}
/* Insert at start of list */
return (DB_SUCCESS);
}
/*
* Touch (i.e., update the expiration time for) the specified object.
*/
if (table == 0)
return (DB_BADQUERY);
if (touchRootDir() == 0)
return (DB_SUCCESS);
else
return (DB_INTERNAL_ERROR);
}
table = 0;
return (DB_MEMORY_LIMIT);
}
if (dbase != 0)
return (DB_BADTABLE);
}
if (query == 0) {
return (DB_BADQUERY);
}
delete query;
return (DB_SUCCESS);
}
/*
* Create a NIS_TABLE_OBJ.
*/
int i;
return (DB_BADTABLE);
/* Make sure there are searchable columns */
for (i = 0; i < t->ta_cols.ta_cols_len; i++) {
break;
}
if (i >= t->ta_cols.ta_cols_len) {
"%s: No searchable columns in \"%s\" (\"%s\")",
return (DB_BADTABLE);
}
tobj = *t;
/* Shift columns one step right */
}
}
/*
* Refresh (if necessary, create), the specified object in the local DB.
*/
char *objName;
__nis_buffer_t b = {0, 0};
if (o == 0)
/* Delete it */
return (dbDeleteObj(name));
/* We don't work on entry objects */
return (DB_BADOBJECT);
if (name != 0)
else {
}
return (stat);
}
/*
* If the object doesn't change, just touch it to update the
* expiration time.
*/
if (curObj != 0) {
if (sameNisPlusObj(o, curObj)) {
return (dbTouchObj(objName));
}
/* Otherwise, check that the name and type is the same */
return (DB_BADOBJECT);
}
/*
* If the object is a table, we can't allow the scheme
* to change.
*/
int i;
return (DB_BADOBJECT);
}
TA_SEARCHABLE) !=
TA_SEARCHABLE)) {
return (DB_BADOBJECT);
}
}
}
} else {
/*
* If we're creating a directory object, make a note
* so that we can add it to the serving list and create
* the disk file. Similarly, if creating a table, we
* also need to create the disk file.
*/
isDir = 1;
isTable = 1;
}
if (objTable == 0) {
if (curObj != 0)
return (DB_BADQUERY);
}
if (rstat == 1)
stat = DB_SUCCESS;
else
} else {
int lstat;
/* Find parent */
if (curObj != 0)
return (DB_MEMORY_LIMIT);
}
/*
* Calling vanilla find_table() here (which might go to
* LDAP and recurse back to ourselves) so that it should
* work to create a hierarchy of directories.
*/
if (dbase != 0)
if (curObj != 0)
return (DB_BADTABLE);
}
/* Construct suitable nis_attr and entry_object */
e = makePseudoEntryObj(o, &eo, 0);
if (e == 0) {
if (curObj != 0)
return (DB_INTERNAL_ERROR);
}
/* Only want to update the local DB */
if (lstat != 0) {
if (curObj != 0)
return (DB_LOCK_ERROR);
}
mindex->setNoLDAPquery();
if (lstat != 0) {
if (curObj != 0)
return (DB_LOCK_ERROR);
}
if (dbres == 0)
else
/*
* If successful so far, add the transaction.
*/
if (stat == DB_SUCCESS) {
/* Find the directory where this is added */
if (dirObj == 0) {
if (curObj != 0)
return (ds);
}
xid = beginTransaction();
if (xid == 0) {
if (curObj != 0)
return (DB_INTERNAL_ERROR);
}
if (st != 0) {
(void) abort_transaction(xid);
if (curObj != 0)
return (DB_INTERNAL_ERROR);
}
if (st != 0)
if (curObj != 0)
}
/*
* If it's a table or directory, create the DB file.
* If a directory, also add it to the serving list.
*/
if (isDir) {
} else {
}
}
}
return (stat);
}
/*
* Replace the object stored with the mapping 't'. Return TRUE if
* at least one object was replaced, FALSE otherwise.
*/
int assigned = 0;
/*
* The alternate mappings are usually mostly copies
* of the original, so we try to make sure that we
* don't free the same nis_object twice.
*/
for (x = t; x != 0; x = (__nis_table_mapping_t *)x->next) {
if (old == 0) {
if (x->obj != 0)
nis_destroy_object(x->obj);
} else {
nis_destroy_object(x->obj);
}
x->obj = n;
assigned++;
}
return (assigned > 0);
}
/*
* Set object type, column info, and obj for the specified
* mapping 't' from the object 'o'. Returns zero if 'o' was unused,
* and should be freed by the caller, larger than zero otherwise.
*/
int
int i;
if (t == 0 || o == 0)
return (0);
for (x = t; x != 0; x = (__nis_table_mapping_t *)x->next) {
if (x != t) {
}
if (x->objType == NIS_TABLE_OBJ) {
/*
* If we have rules, this mapping is for table entries,
* and we need the column names. Otherwise, remove the
* column names (if any).
*/
for (i = 0; i < x->numColumns; i++)
x->column = 0;
x->numColumns = 0;
}
}
ret = replaceMappingObj(t, o);
return (ret);
}
/*
* Retrieve the specified object (internal DB name) from LDAP, and
*/
if (!useLDAPrespository) {
if (ldapStat != 0)
*ldapStat = LDAP_SUCCESS;
return (DB_SUCCESS);
}
0, 0);
/* No mapping isn't a failure */
if (t == 0) {
if (ldapStat != 0)
*ldapStat = LDAP_SUCCESS;
return (DB_NOTFOUND);
}
if (ldapStat != 0)
if (lstat != LDAP_SUCCESS)
return (DB_NOTFOUND);
/*
* If the LDAP operation was successful, but 'obj' is NULL,
* there's no mapping for this object, and we're done.
*/
if (obj == 0)
return (DB_SUCCESS);
/* Update the mapping with object info */
if (doDestroy)
return (dstat);
}
/*
* Up- (fromLDAP==0) or down- (fromLDAP==1) load all LDAP mapped data.
* Returns an LDAP error status.
*/
int
/*
* If the 'cookie' and '*cookie' are non-NULL, start scanning
* the mappings from '*cookie'. When we return with an error,
* we set '*cookie' to point to the mapping being processed.
* This enables our caller to react appropriately, and retry
* if desired.
*
* The cookie is opaque to our caller, who's only allowed to
* initialize *cookie to NULL.
*/
if (cookie != 0) {
if (start == 0)
} else {
}
int nm;
if (fromLDAP) {
/* Are there any mappings for the object proper ? */
if (dstat != DB_SUCCESS) {
"%s: DB error %d creating \"%s\": %s",
if (cookie != 0)
*((__nis_table_mapping_t **)
cookie) = t;
if (dstatP != 0)
else if (stat == LDAP_SUCCESS)
return (stat);
}
}
/* Any mappings for table entries ? */
continue;
}
/*
* The object itself must exist in the local
* DB by now. Get the db_mindex and let
* db_mindex::queryLDAP() do the work; if
* the object isn't a table, queryLDAP()
* will do nothing and return success.
*/
if (dbase != 0)
"%s: No local DB entry for \"%s\" (%s:%s)",
if (cookie != 0)
*((__nis_table_mapping_t **)cookie) =
t;
if (dstatP != 0)
*dstatP = DB_BADTABLE;
return ((dstatP != 0) ?
}
mindex->setInitialLoad();
if (stat != LDAP_SUCCESS) {
"%s: LDAP error retrieving entries for %s:%s: %s",
if (cookie != 0)
*((__nis_table_mapping_t **)cookie) =
t;
if (dstatP != 0)
*dstatP = DB_SUCCESS;
return (stat);
}
} else {
int freeObjPath = 0;
/*
* Up-loading to LDAP, so the object must
* already exist in the local DB.
*/
if (obj == 0) {
if (dstat == DB_NOTFOUND)
"%s: No local DB object for \"%s\" (%s:%s); skipping up-load",
else
"%s: DB error %d for \"%s\" (%s:%s); skipping up-load",
continue;
}
/*
* If it's a table or directory, there will be
* a dictionary entry for the object itself.
* Otherwise, we need the dictionary entry for
* the parent directory.
*
* For a table, we need the db_mindex for both the
* table object itself, as well as for the parent
* directory (in order to store table entries).
* We start with the latter.
*/
ent = 0;
} else {
objPath = 0;
&objPath);
obj = 0;
continue;
}
freeObjPath = 1;
}
if (dbase != 0)
"%s: No local DB entry for \"%s\" (%s:%s); skipping up-load",
if (freeObjPath)
obj = 0;
continue;
}
/*
* Our next action(s) depend on the object type:
*
* directory Store dir object
*
* table Store table obj, as well
* as any entries in the
* table
*
* other Store object; we need to
* build a db_query specifying
* the first-level name of the
* object.
*
* storeLDAP() will just do nothing and return
* success if we try to, say, store a table object
* when only the table entries are mapped. Hence,
* we don't have to worry about those distinctions
* here.
*/
} else {
db_query *q;
if (q == 0) {
"%s: error creating db_query for \"%s\" in \"%s\"; skipping up-load",
if (freeObjPath)
obj = 0;
continue;
}
delete q;
}
if (freeObjPath)
if (stat != LDAP_SUCCESS) {
"%s: Error storing %s:%s to LDAP: %s",
obj = 0;
if (cookie != 0)
*((__nis_table_mapping_t **)
cookie) = t;
if (dstatP != 0)
*dstatP = DB_SUCCESS;
return (stat);
}
/* Any mappings for table entries ? */
obj = 0;
continue;
}
/*
* If it's a table, we also need to store the table
* entries.
*/
tbl = 0;
if (dbase != 0)
"%s: No local DB entry for \"%s\" (%s:%s); skipping entry up-load",
obj = 0;
continue;
}
if (stat != LDAP_SUCCESS) {
"%s: Error storing %s:%s entries to LDAP: %s",
obj = 0;
if (cookie != 0)
*((__nis_table_mapping_t **)
cookie) = t;
if (dstatP != 0)
*dstatP = DB_SUCCESS;
return (stat);
}
}
obj = 0;
}
}
if (dstatP != 0)
return (stat);
}
/*
* Object identified by given attribute name is added to specified table.
* If object already exists, it is replaced. If more than one object
* matches the given attribute name, DB_NOTUNIQUE is returned.
*/
static
{
} else if (skiplog) {
return (res);
} else {
db_query *
if (nosync)
else
delete query;
return (res);
}
}
{
}
{
}
{
}
/*
* Remove object identified by given attributes from specified table.
* If no attribute is supplied, all entries in table are removed.
* If attributes identify more than one object, all objects are removed.
*/
int nosync)
{
else {
if (num_attrs != 0) {
return (set_result(safety,
DB_BADQUERY));
if (nosync)
else
delete query;
} else {
if (nosync)
else
}
return (res);
}
}
{
}
{
}
/* Return a copy of the version of specified table. */
vers *
{
return (NULL);
if (v == NULL)
WARNING("nis_db::db_version: cannot allocate space");
return (v);
}
/* Return log entries since (later than) given version 'v' of table. */
{
return (NULL);
return (dbase->get_log_entries_since(v));
}
return (DB_BADTABLE);
}
/*
* Apply the given update specified in 'entry' to the specified table.
* Returns DB_SUCCESS if update was executed.
* Returns DB_NOTFOUND if update occurs too early to be applied.
*/
{
return (DB_BADTABLE);
return (DB_SUCCESS); /* got executed */
else
return (DB_NOTFOUND); /* not executed */
}
/*
* Checkpoint specified table (i.e. incorporate logged updates to main
* database file). If table_name is NULL, checkpoint all tables that
* needs it.
*/
{
}
/* Print names of tables in system. */
void
{
int i;
for (i = 0; i < answer->db_table_names_len; i++) {
delete answer->db_table_names_val[i];
}
delete answer->db_table_names_val;
delete answer;
}
}
/* Print statistics of specified table to stdout. */
{
return (DB_BADTABLE);
return (DB_SUCCESS);
}
/* Print statistics of indices of specified table to stdout. */
{
return (DB_BADTABLE);
return (DB_SUCCESS);
}
/* Print specified index of table to stdout. */
{
return (DB_BADTABLE);
return (DB_SUCCESS);
}
/* close open files */
{
}
/* Returns DB_SUCCESS if table exists; DB_BADTABLE if table does not exist. */
{
return (DB_BADTABLE);
return (DB_SUCCESS);
}
/*
* Returns DB_SUCCESS if table exists; DB_BADTABLE if table does not exist.
* If table already loaded, unload it.
*/
{
return (DB_BADTABLE);
// unload
}
return (DB_SUCCESS);
}
/*
* Put the specified table in deferred mode, which means that updates go
* to the original table, but reads are satisfied out of a copy (which we
* make here). Thus, "defer" refers to the table as seen by read requests,
* since for them, changes are deferred.
*/
return (stat);
}
/*
* Commit deferred changes for the specified table. I.e., make visible
* any updates made since the table was deferred.
*/
return (stat);
}
/*
* Rollback, i.e., return to the state before we entered deferred mode.
*/
return (stat);
}
return (DB_BADTABLE);
return (DB_BADQUERY);
return (DB_STORAGE_LIMIT);
stat = DB_SUCCESS;
else
return (stat);
}
/*
* During some rpc.nisd operations (such as when recovering the trans.log),
* we don't want to use the LDAP repository, so we provide a main switch.
* Note that we expect this to be used only when rpc.nisd is single-threaded,
* so there is no need for synchronization when reading or modifying the
* value of the main switch.
*/
void
__db_disallowLDAP(void) {
useLDAPrespository = 0;
}
void
__db_allowLDAP(void) {
useLDAPrespository = 1;
}
} /* extern "C" */