]> git.sur5r.net Git - openldap/blob - servers/slapd/back-ldap/init.c
projects / openldap / blob
? search:


42ef7877fd1d25221a4e1aaa2d9ca0daddc6fd22
[openldap] / servers / slapd / back-ldap / init.c
1 /* init.c - initialize ldap backend */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4  *
5  * Copyright 2003-2006 The OpenLDAP Foundation.
6  * Portions Copyright 1999-2003 Howard Chu.
7  * Portions Copyright 2000-2003 Pierangelo Masarati.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted only as authorized by the OpenLDAP
12  * Public License.
13  *
14  * A copy of this license is available in the file LICENSE in the
15  * top-level directory of the distribution or, alternatively, at
16  * <http://www.OpenLDAP.org/license.html>.
17  */
18 /* ACKNOWLEDGEMENTS:
19  * This work was initially developed by the Howard Chu for inclusion
20  * in OpenLDAP Software and subsequently enhanced by Pierangelo
21  * Masarati.
22  */
23
24 #include "portable.h"
25
26 #include <stdio.h>
27
28 #include <ac/string.h>
29 #include <ac/socket.h>
30
31 #include "slap.h"
32 #include "back-ldap.h"
33
34 int
35 ldap_back_open( BackendInfo     *bi )
36 {
37         bi->bi_controls = slap_known_controls;
38         return 0;
39 }
40
41 int
42 ldap_back_initialize( BackendInfo *bi )
43 {
44         bi->bi_flags =
45 #ifdef LDAP_DYNAMIC_OBJECTS
46                 /* this is set because all the support a proxy has to provide
47                  * is the capability to forward the refresh exop, and to
48                  * pass thru entries that contain the dynamicObject class
49                  * and the entryTtl attribute */
50                 SLAP_BFLAG_DYNAMIC |
51 #endif /* LDAP_DYNAMIC_OBJECTS */
52                 0;
53
54         bi->bi_open = ldap_back_open;
55         bi->bi_config = 0;
56         bi->bi_close = 0;
57         bi->bi_destroy = 0;
58
59         bi->bi_db_init = ldap_back_db_init;
60         bi->bi_db_config = config_generic_wrapper;
61         bi->bi_db_open = ldap_back_db_open;
62         bi->bi_db_close = 0;
63         bi->bi_db_destroy = ldap_back_db_destroy;
64
65         bi->bi_op_bind = ldap_back_bind;
66         bi->bi_op_unbind = 0;
67         bi->bi_op_search = ldap_back_search;
68         bi->bi_op_compare = ldap_back_compare;
69         bi->bi_op_modify = ldap_back_modify;
70         bi->bi_op_modrdn = ldap_back_modrdn;
71         bi->bi_op_add = ldap_back_add;
72         bi->bi_op_delete = ldap_back_delete;
73         bi->bi_op_abandon = 0;
74
75         bi->bi_extended = ldap_back_extended;
76
77         bi->bi_chk_referrals = 0;
78         bi->bi_entry_get_rw = ldap_back_entry_get;
79
80         bi->bi_connection_init = 0;
81         bi->bi_connection_destroy = ldap_back_conn_destroy;
82
83         if ( chain_initialize() ) {
84                 return -1;
85         }
86
87 #ifdef SLAP_DISTPROC
88         if ( distproc_initialize() ) {
89                 return -1;
90         }
91 #endif
92
93         return ldap_back_init_cf( bi );
94 }
95
96 int
97 ldap_back_db_init( Backend *be )
98 {
99         ldapinfo_t      *li;
100
101         li = (ldapinfo_t *)ch_calloc( 1, sizeof( ldapinfo_t ) );
102         if ( li == NULL ) {
103                 return -1;
104         }
105
106         li->li_rebind_f = ldap_back_default_rebind;
107         li->li_urllist_f = ldap_back_default_urllist;
108         li->li_urllist_p = li;
109         ldap_pvt_thread_mutex_init( &li->li_uri_mutex );
110
111         BER_BVZERO( &li->li_acl_authcID );
112         BER_BVZERO( &li->li_acl_authcDN );
113         BER_BVZERO( &li->li_acl_passwd );
114
115         li->li_acl_authmethod = LDAP_AUTH_NONE;
116         BER_BVZERO( &li->li_acl_sasl_mech );
117         li->li_acl.sb_tls = SB_TLS_DEFAULT;
118
119         li->li_idassert_mode = LDAP_BACK_IDASSERT_LEGACY;
120
121         BER_BVZERO( &li->li_idassert_authcID );
122         BER_BVZERO( &li->li_idassert_authcDN );
123         BER_BVZERO( &li->li_idassert_passwd );
124
125         BER_BVZERO( &li->li_idassert_authzID );
126
127         li->li_idassert_authmethod = LDAP_AUTH_NONE;
128         BER_BVZERO( &li->li_idassert_sasl_mech );
129         li->li_idassert_tls = SB_TLS_DEFAULT;
130
131         /* by default, use proxyAuthz control on each operation */
132         li->li_idassert_flags = LDAP_BACK_AUTH_PRESCRIPTIVE;
133
134         li->li_idassert_authz = NULL;
135
136         /* initialize flags */
137         li->li_flags = LDAP_BACK_F_CHASE_REFERRALS;
138
139         /* initialize version */
140         li->li_version = LDAP_VERSION3;
141
142         ldap_pvt_thread_mutex_init( &li->li_conninfo.lai_mutex );
143
144         be->be_private = li;
145         SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_NOLASTMOD;
146
147         be->be_cf_ocs = be->bd_info->bi_cf_ocs;
148
149         return 0;
150 }
151
152 int
153 ldap_back_db_open( BackendDB *be )
154 {
155         ldapinfo_t      *li = (ldapinfo_t *)be->be_private;
156
157         slap_bindconf   sb = { 0 };
158         int             rc;
159
160         Debug( LDAP_DEBUG_TRACE,
161                 "ldap_back_db_open: URI=%s\n",
162                 li->li_uri != NULL ? li->li_uri : "", 0, 0 );
163
164         /* by default, use proxyAuthz control on each operation */
165         switch ( li->li_idassert_mode ) {
166         case LDAP_BACK_IDASSERT_LEGACY:
167         case LDAP_BACK_IDASSERT_SELF:
168                 /* however, since admin connections are pooled and shared,
169                  * only static authzIDs can be native */
170                 li->li_idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
171                 break;
172
173         default:
174                 break;
175         }
176
177         ber_str2bv( li->li_uri, 0, 0, &sb.sb_uri );
178         sb.sb_version = li->li_version;
179         sb.sb_method = LDAP_AUTH_SIMPLE;
180         BER_BVSTR( &sb.sb_binddn, "" );
181
182         if ( LDAP_BACK_T_F_DISCOVER( li ) && !LDAP_BACK_T_F( li ) ) {
183                 int             rc;
184
185                 rc = slap_discover_feature( &sb,
186                                 slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
187                                 LDAP_FEATURE_ABSOLUTE_FILTERS );
188                 if ( rc == LDAP_COMPARE_TRUE ) {
189                         li->li_flags |= LDAP_BACK_F_T_F;
190                 }
191         }
192
193         if ( LDAP_BACK_CANCEL_DISCOVER( li ) && !LDAP_BACK_CANCEL( li ) ) {
194                 rc = slap_discover_feature( &sb,
195                                 slap_schema.si_ad_supportedExtension->ad_cname.bv_val,
196                                 LDAP_EXOP_CANCEL );
197                 if ( rc == LDAP_COMPARE_TRUE ) {
198                         li->li_flags |= LDAP_BACK_F_CANCEL_EXOP;
199                 }
200         }
201
202         li->li_flags |= LDAP_BACK_F_ISOPEN;
203
204         return 0;
205 }
206
207 void
208 ldap_back_conn_free( void *v_lc )
209 {
210         ldapconn_t      *lc = v_lc;
211
212         if ( lc->lc_ld != NULL ) {      
213                 ldap_unbind_ext( lc->lc_ld, NULL, NULL );
214         }
215         if ( !BER_BVISNULL( &lc->lc_bound_ndn ) ) {
216                 ch_free( lc->lc_bound_ndn.bv_val );
217         }
218         if ( !BER_BVISNULL( &lc->lc_cred ) ) {
219                 memset( lc->lc_cred.bv_val, 0, lc->lc_cred.bv_len );
220                 ch_free( lc->lc_cred.bv_val );
221         }
222         if ( !BER_BVISNULL( &lc->lc_local_ndn ) ) {
223                 ch_free( lc->lc_local_ndn.bv_val );
224         }
225         ch_free( lc );
226 }
227
228 int
229 ldap_back_db_destroy(
230     Backend     *be
231 )
232 {
233         if ( be->be_private ) {
234                 ldapinfo_t      *li = ( ldapinfo_t * )be->be_private;
235
236                 ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
237
238                 if ( li->li_uri != NULL ) {
239                         ch_free( li->li_uri );
240                         li->li_uri = NULL;
241
242                         assert( li->li_bvuri != NULL );
243                         ber_bvarray_free( li->li_bvuri );
244                         li->li_bvuri = NULL;
245                 }
246                 if ( !BER_BVISNULL( &li->li_acl_authcID ) ) {
247                         ch_free( li->li_acl_authcID.bv_val );
248                         BER_BVZERO( &li->li_acl_authcID );
249                 }
250                 if ( !BER_BVISNULL( &li->li_acl_authcDN ) ) {
251                         ch_free( li->li_acl_authcDN.bv_val );
252                         BER_BVZERO( &li->li_acl_authcDN );
253                 }
254                 if ( !BER_BVISNULL( &li->li_acl_passwd ) ) {
255                         ch_free( li->li_acl_passwd.bv_val );
256                         BER_BVZERO( &li->li_acl_passwd );
257                 }
258                 if ( !BER_BVISNULL( &li->li_acl_sasl_mech ) ) {
259                         ch_free( li->li_acl_sasl_mech.bv_val );
260                         BER_BVZERO( &li->li_acl_sasl_mech );
261                 }
262                 if ( !BER_BVISNULL( &li->li_acl_sasl_realm ) ) {
263                         ch_free( li->li_acl_sasl_realm.bv_val );
264                         BER_BVZERO( &li->li_acl_sasl_realm );
265                 }
266                 if ( !BER_BVISNULL( &li->li_idassert_authcID ) ) {
267                         ch_free( li->li_idassert_authcID.bv_val );
268                         BER_BVZERO( &li->li_idassert_authcID );
269                 }
270                 if ( !BER_BVISNULL( &li->li_idassert_authcDN ) ) {
271                         ch_free( li->li_idassert_authcDN.bv_val );
272                         BER_BVZERO( &li->li_idassert_authcDN );
273                 }
274                 if ( !BER_BVISNULL( &li->li_idassert_passwd ) ) {
275                         ch_free( li->li_idassert_passwd.bv_val );
276                         BER_BVZERO( &li->li_idassert_passwd );
277                 }
278                 if ( !BER_BVISNULL( &li->li_idassert_authzID ) ) {
279                         ch_free( li->li_idassert_authzID.bv_val );
280                         BER_BVZERO( &li->li_idassert_authzID );
281                 }
282                 if ( !BER_BVISNULL( &li->li_idassert_sasl_mech ) ) {
283                         ch_free( li->li_idassert_sasl_mech.bv_val );
284                         BER_BVZERO( &li->li_idassert_sasl_mech );
285                 }
286                 if ( !BER_BVISNULL( &li->li_idassert_sasl_realm ) ) {
287                         ch_free( li->li_idassert_sasl_realm.bv_val );
288                         BER_BVZERO( &li->li_idassert_sasl_realm );
289                 }
290                 if ( li->li_idassert_authz != NULL ) {
291                         ber_bvarray_free( li->li_idassert_authz );
292                         li->li_idassert_authz = NULL;
293                 }
294                 if ( li->li_conninfo.lai_tree ) {
295                         avl_free( li->li_conninfo.lai_tree, ldap_back_conn_free );
296                 }
297                 if ( LDAP_BACK_QUARANTINE( li ) ) {
298                         slap_retry_info_destroy( &li->li_quarantine );
299                         ldap_pvt_thread_mutex_destroy( &li->li_quarantine_mutex );
300                 }
301
302                 ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
303                 ldap_pvt_thread_mutex_destroy( &li->li_conninfo.lai_mutex );
304                 ldap_pvt_thread_mutex_destroy( &li->li_uri_mutex );
305         }
306
307         ch_free( be->be_private );
308
309         return 0;
310 }
311
312 #if SLAPD_LDAP == SLAPD_MOD_DYNAMIC
313
314 /* conditionally define the init_module() function */
315 SLAP_BACKEND_INIT_MODULE( ldap )
316
317 #endif /* SLAPD_LDAP == SLAPD_MOD_DYNAMIC */
318
Cloned from git://git.openldap.org/openldap.git