1 /* ldif.c - the ldif backend */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2005-2007 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was originally developed by Eric Stokes for inclusion
18 * in OpenLDAP Software.
23 #include <ac/string.h>
24 #include <sys/types.h>
26 #include <ac/dirent.h>
29 #include <ac/unistd.h>
34 typedef struct enumCookie {
43 struct berval li_base_path;
44 enumCookie li_tool_cookie;
46 ldap_pvt_thread_rdwr_t li_rdwr;
50 #define mkdir(a,b) mkdir(a)
62 #define ENTRY_BUFF_INCREMENT 500
64 static ConfigTable ldifcfg[] = {
65 { "directory", "dir", 2, 2, 0, ARG_BERVAL|ARG_OFFSET,
66 (void *)offsetof(struct ldif_info, li_base_path),
67 "( OLcfgDbAt:0.1 NAME 'olcDbDirectory' "
68 "DESC 'Directory for database content' "
69 "EQUALITY caseIgnoreMatch "
70 "SYNTAX OMsDirectoryString )", NULL, NULL },
71 { NULL, NULL, 0, 0, 0, ARG_IGNORED,
72 NULL, NULL, NULL, NULL }
75 static ConfigOCs ldifocs[] = {
77 "NAME 'olcLdifConfig' "
78 "DESC 'LDIF backend configuration' "
79 "SUP olcDatabaseConfig "
80 "MUST ( olcDbDirectory ) )", Cft_Database, ldifcfg },
85 dn2path(struct berval * orig_dn, struct berval * suffixdn, struct berval * base_path,
88 char *ptr, *sep, *end;
92 assert( orig_dn != NULL );
93 assert( !BER_BVISNULL( orig_dn ) );
94 assert( suffixdn != NULL );
95 assert( !BER_BVISNULL( suffixdn ) );
96 assert( dnIsSuffix( orig_dn, suffixdn ) );
101 * use "\" + hexpair, so the escaped DN remains formally valid */
102 for ( ptr = dn.bv_val, end = &dn.bv_val[dn.bv_len]; ptr < end; ptr++ ) {
103 if ( ptr[0] == LDAP_DIRSEP[0] ) {
112 dn.bv_val = ch_malloc( dn.bv_len + 1 );
114 for ( ptr = orig_dn->bv_val, end = &orig_dn->bv_val[orig_dn->bv_len], p = dn.bv_val;
115 ptr < end; ptr++, p++)
117 static const char hex[] = "0123456789ABCDEF";
118 if ( ptr[0] == LDAP_DIRSEP[0] ) {
120 *p++ = hex[(LDAP_DIRSEP[0] & 0xF0U) >> 4];
121 *p = hex[LDAP_DIRSEP[0] & 0x0FU];
129 res->bv_len = dn.bv_len + base_path->bv_len + 1 + STRLENOF( LDIF );
130 res->bv_val = ch_malloc( res->bv_len + 1 );
131 ptr = lutil_strcopy( res->bv_val, base_path->bv_val );
132 *ptr++ = LDAP_DIRSEP[0];
133 ptr = lutil_strcopy( ptr, suffixdn->bv_val );
134 end = dn.bv_val + dn.bv_len - suffixdn->bv_len - 1;
135 while ( end > dn.bv_val ) {
136 for (sep = end-1; sep >= dn.bv_val && !DN_SEPARATOR( *sep ); sep--);
137 *ptr++ = LDAP_DIRSEP[0];
138 ptr = lutil_strncopy( ptr, sep+1, end-sep-1 );
146 while ( ptr = ber_bvchr( &bv, IX_DNL ) ) {
148 assert( ( ptr - bv.bv_val ) <= bv.bv_len );
149 bv.bv_len -= ( ptr - bv.bv_val );
151 ptr = ber_bvchr( &bv, IX_DNR );
155 assert( ( ptr - bv.bv_val ) <= bv.bv_len );
156 bv.bv_len -= ( ptr - bv.bv_val );
161 if ( dn.bv_val != orig_dn->bv_val ) {
162 ch_free( dn.bv_val );
166 static char * slurp_file(int fd) {
167 int read_chars_total = 0;
175 entry_size = st.st_size;
176 entry = ch_malloc( entry_size+1 );
180 read_chars = read(fd, (void *) entry_pos, entry_size - read_chars_total);
181 if(read_chars == -1) {
185 if(read_chars == 0) {
186 entry[read_chars_total] = '\0';
190 read_chars_total += read_chars;
191 entry_pos += read_chars;
198 * return number of bytes written, or -1 in case of error
199 * do not return numbers less than -1
201 static int spew_file(int fd, char * spew, int len) {
205 writeres = write(fd, spew, len);
218 spew_entry( Entry * e, struct berval * path, int dolock, int *save_errnop )
220 int rs, save_errno = 0;
224 char * entry_as_string;
225 char *tmpfname = NULL;
227 tmpfname = ch_malloc( path->bv_len + STRLENOF( "XXXXXX" ) + 1 );
228 AC_MEMCPY( tmpfname, path->bv_val, path->bv_len );
229 AC_MEMCPY( &tmpfname[ path->bv_len ], "XXXXXX", STRLENOF( "XXXXXX" ) + 1 );
231 openres = mkstemp( tmpfname );
232 if ( openres == -1 ) {
234 rs = LDAP_UNWILLING_TO_PERFORM;
235 Debug( LDAP_DEBUG_ANY, "could not create tmpfile \"%s\": %s\n",
236 tmpfname, STRERROR( save_errno ), 0 );
242 /* Only save the RDN onto disk */
243 dnRdn( &e->e_name, &rdn );
244 if ( rdn.bv_len != e->e_name.bv_len ) {
245 e->e_name.bv_val[rdn.bv_len] = '\0';
246 tmp = e->e_name.bv_len;
247 e->e_name.bv_len = rdn.bv_len;
253 ldap_pvt_thread_mutex_lock(&entry2str_mutex);
256 entry_as_string = entry2str(e, &entry_length);
257 if ( entry_as_string != NULL ) {
258 spew_res = spew_file( openres,
259 entry_as_string, entry_length );
260 if ( spew_res == -1 ) {
266 ldap_pvt_thread_mutex_unlock(&entry2str_mutex);
269 /* Restore full DN */
270 if ( rdn.bv_len != e->e_name.bv_len ) {
271 e->e_name.bv_val[e->e_name.bv_len] = ',';
272 e->e_name.bv_len = rdn.bv_len;
275 res = close( openres );
276 rs = LDAP_UNWILLING_TO_PERFORM;
278 if ( spew_res > -2 ) {
279 if ( res == -1 || spew_res == -1 ) {
280 if ( save_errno == 0 ) {
283 Debug( LDAP_DEBUG_ANY, "write error to tmpfile \"%s\": %s\n",
284 tmpfname, STRERROR( save_errno ), 0 );
287 res = rename( tmpfname, path->bv_val );
293 switch ( save_errno ) {
295 rs = LDAP_NO_SUCH_OBJECT;
305 if ( rs != LDAP_SUCCESS ) {
312 if ( rs != LDAP_SUCCESS && save_errnop != NULL ) {
313 *save_errnop = save_errno;
319 static Entry * get_entry_for_fd(int fd,
323 char * entry = (char *) slurp_file(fd);
324 Entry * ldentry = NULL;
326 /* error reading file */
331 ldentry = str2entry(entry);
334 rdn = ldentry->e_name;
335 build_new_dn( &ldentry->e_name, pdn, &rdn, NULL );
336 ch_free( rdn.bv_val );
337 rdn = ldentry->e_nname;
338 build_new_dn( &ldentry->e_nname, pndn, &rdn, NULL );
339 ch_free( rdn.bv_val );
353 static Entry * get_entry(Operation *op, struct berval *base_path) {
354 struct berval path, pdn, pndn;
357 dnParent(&op->o_req_dn, &pdn);
358 dnParent(&op->o_req_ndn, &pndn);
359 dn2path(&op->o_req_ndn, op->o_bd->be_nsuffix, base_path, &path);
360 fd = open(path.bv_val, O_RDONLY);
361 /* error opening file (mebbe should log error) */
362 if ( fd == -1 && ( errno != ENOENT || op->o_tag != LDAP_REQ_ADD ) ) {
363 Debug( LDAP_DEBUG_ANY, "failed to open file \"%s\": %s\n",
364 path.bv_val, STRERROR(errno), 0 );
367 if(path.bv_val != NULL)
368 SLAP_FREE(path.bv_val);
371 return get_entry_for_fd(fd, &pdn, &pndn);
377 static void fullpath(struct berval *base, struct berval *name, struct berval *res) {
379 res->bv_len = name->bv_len + base->bv_len + 1;
380 res->bv_val = ch_malloc( res->bv_len + 1 );
381 strcpy(res->bv_val, base->bv_val);
382 ptr = res->bv_val + base->bv_len;
383 *ptr++ = LDAP_DIRSEP[0];
384 strcpy(ptr, name->bv_val);
387 typedef struct bvlist {
396 static int r_enum_tree(enumCookie *ck, struct berval *path,
397 struct berval *pdn, struct berval *pndn)
400 int fd, rc = LDAP_SUCCESS;
402 fd = open( path->bv_val, O_RDONLY );
404 Debug( LDAP_DEBUG_TRACE,
405 "=> ldif_enum_tree: failed to open %s: %s\n",
406 path->bv_val, STRERROR(errno), 0 );
407 return LDAP_NO_SUCH_OBJECT;
410 e = get_entry_for_fd(fd, pdn, pndn);
412 Debug( LDAP_DEBUG_ANY,
413 "=> ldif_enum_tree: failed to read entry for %s\n",
414 path->bv_val, 0, 0 );
418 if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
419 ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
420 /* Send right away? */
423 * if it's a referral, add it to the list of referrals. only do
424 * this for non-base searches, and don't check the filter
425 * explicitly here since it's only a candidate anyway.
427 if ( !get_manageDSAit( ck->op )
428 && ck->op->ors_scope != LDAP_SCOPE_BASE
429 && is_entry_referral( e ) )
431 BerVarray erefs = get_entry_referrals( ck->op, e );
432 ck->rs->sr_ref = referral_rewrite( erefs,
434 ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
435 ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
437 ck->rs->sr_entry = e;
438 rc = send_search_reference( ck->op, ck->rs );
439 ber_bvarray_free( ck->rs->sr_ref );
440 ber_bvarray_free( erefs );
441 ck->rs->sr_ref = NULL;
442 ck->rs->sr_entry = NULL;
444 } else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
446 ck->rs->sr_entry = e;
447 ck->rs->sr_attrs = ck->op->ors_attrs;
448 ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
449 rc = send_search_entry(ck->op, ck->rs);
450 ck->rs->sr_entry = NULL;
456 /* Queueing up for tool mode */
457 if(ck->entries == NULL) {
458 ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
459 ck->elen = ENTRY_BUFF_INCREMENT;
461 if(ck->eind >= ck->elen) { /* grow entries if necessary */
462 ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
466 ck->entries[ck->eind++] = e;
473 if ( ck->op->ors_scope != LDAP_SCOPE_BASE ) {
475 bvlist *list = NULL, *ptr;
477 path->bv_len -= STRLENOF( LDIF );
478 path->bv_val[path->bv_len] = '\0';
480 dir_of_path = opendir(path->bv_val);
481 if(dir_of_path == NULL) { /* can't open directory */
482 if ( errno != ENOENT ) {
483 /* it shouldn't be treated as an error
484 * only if the directory doesn't exist */
486 Debug( LDAP_DEBUG_ANY,
487 "=> ldif_enum_tree: failed to opendir %s (%d)\n",
488 path->bv_val, errno, 0 );
494 struct berval fname, itmp;
498 dir = readdir(dir_of_path);
499 if(dir == NULL) break; /* end of the directory */
500 fname.bv_len = strlen( dir->d_name );
501 if ( fname.bv_len <= STRLENOF( LDIF ))
503 if ( strcmp( dir->d_name + (fname.bv_len - STRLENOF(LDIF)), LDIF))
505 fname.bv_val = dir->d_name;
507 bvl = ch_malloc( sizeof(bvlist) );
508 ber_dupbv( &bvl->bv, &fname );
509 BER_BVZERO( &bvl->num );
510 itmp.bv_val = ber_bvchr( &bvl->bv, IX_FSL );
514 itmp.bv_len = bvl->bv.bv_len
515 - ( itmp.bv_val - bvl->bv.bv_val );
516 ptr = ber_bvchr( &itmp, IX_FSR );
518 itmp.bv_len = ptr - itmp.bv_val;
519 ber_dupbv( &bvl->num, &itmp );
520 bvl->inum = strtol( itmp.bv_val, NULL, 0 );
521 itmp.bv_val[0] = '\0';
522 bvl->off = itmp.bv_val - bvl->bv.bv_val;
526 for (prev = &list; (ptr = *prev) != NULL; prev = &ptr->next) {
527 int cmp = strcmp( bvl->bv.bv_val, ptr->bv.bv_val );
528 if ( !cmp && bvl->num.bv_val )
529 cmp = bvl->inum - ptr->inum;
537 closedir(dir_of_path);
539 if (ck->op->ors_scope == LDAP_SCOPE_ONELEVEL)
540 ck->op->ors_scope = LDAP_SCOPE_BASE;
541 else if ( ck->op->ors_scope == LDAP_SCOPE_SUBORDINATE)
542 ck->op->ors_scope = LDAP_SCOPE_SUBTREE;
544 while ( ( ptr = list ) ) {
549 if ( rc == LDAP_SUCCESS ) {
550 if ( ptr->num.bv_val )
551 AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val,
553 fullpath( path, &ptr->bv, &fpath );
554 rc = r_enum_tree(ck, &fpath, &e->e_name, &e->e_nname );
557 if ( ptr->num.bv_val )
558 free( ptr->num.bv_val );
559 free(ptr->bv.bv_val);
564 if ( fd ) entry_free( e );
573 struct ldif_info *li = (struct ldif_info *) ck->op->o_bd->be_private;
575 struct berval pdn, pndn;
578 dnParent( &ck->op->o_req_dn, &pdn );
579 dnParent( &ck->op->o_req_ndn, &pndn );
580 dn2path( &ck->op->o_req_ndn, &ck->op->o_bd->be_nsuffix[0], &li->li_base_path, &path);
581 rc = r_enum_tree(ck, &path, &pdn, &pndn);
582 ch_free( path.bv_val );
586 /* Get the parent path plus the LDIF suffix */
587 static void get_parent_path(struct berval * dnpath, struct berval *res) {
588 int dnpathlen = dnpath->bv_len;
591 for(i = dnpathlen;i>0;i--) /* find the first path seperator */
592 if(dnpath->bv_val[i] == LDAP_DIRSEP[0])
595 res->bv_val = ch_malloc( res->bv_len + 1 + STRLENOF(LDIF) );
596 strncpy(res->bv_val, dnpath->bv_val, i);
597 strcpy(res->bv_val+i, LDIF);
598 res->bv_val[i] = '\0';
601 static int apply_modify_to_entry(Entry * entry,
602 Modifications * modlist,
606 char textbuf[SLAP_TEXT_BUFLEN];
607 int rc = modlist ? LDAP_UNWILLING_TO_PERFORM : LDAP_SUCCESS;
609 Modification *mods = NULL;
611 if (!acl_check_modlist(op, entry, modlist)) {
612 return LDAP_INSUFFICIENT_ACCESS;
615 for (; modlist != NULL; modlist = modlist->sml_next) {
616 mods = &modlist->sml_mod;
618 if ( mods->sm_desc == slap_schema.si_ad_objectClass ) {
621 switch (mods->sm_op) {
623 rc = modify_add_values(entry, mods,
624 get_permissiveModify(op),
625 &rs->sr_text, textbuf,
629 case LDAP_MOD_DELETE:
630 rc = modify_delete_values(entry, mods,
631 get_permissiveModify(op),
632 &rs->sr_text, textbuf,
636 case LDAP_MOD_REPLACE:
637 rc = modify_replace_values(entry, mods,
638 get_permissiveModify(op),
639 &rs->sr_text, textbuf,
643 case LDAP_MOD_INCREMENT:
644 rc = modify_increment_values( entry,
645 mods, get_permissiveModify(op),
646 &rs->sr_text, textbuf,
652 case SLAP_MOD_SOFTADD:
653 mods->sm_op = LDAP_MOD_ADD;
654 rc = modify_add_values(entry, mods,
655 get_permissiveModify(op),
656 &rs->sr_text, textbuf,
658 mods->sm_op = SLAP_MOD_SOFTADD;
659 if (rc == LDAP_TYPE_OR_VALUE_EXISTS) {
666 if(rc != LDAP_SUCCESS) break;
669 if(rc == LDAP_SUCCESS) {
671 entry->e_ocflags = 0;
673 /* check that the entry still obeys the schema */
674 rc = entry_schema_check( op, entry, NULL, 0, 0,
675 &rs->sr_text, textbuf, sizeof( textbuf ) );
682 ldif_back_referrals( Operation *op, SlapReply *rs )
684 struct ldif_info *li = NULL;
686 int rc = LDAP_SUCCESS;
689 if ( op->o_tag == LDAP_REQ_SEARCH ) {
690 /* let search take care of itself */
695 if ( get_manageDSAit( op ) ) {
696 /* let op take care of DSA management */
700 li = (struct ldif_info *)op->o_bd->be_private;
701 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
702 entry = get_entry( op, &li->li_base_path );
704 /* no object is found for them */
705 if ( entry == NULL ) {
706 struct berval odn = op->o_req_dn;
707 struct berval ondn = op->o_req_ndn;
709 struct berval pndn = op->o_req_ndn;
711 for ( ; entry == NULL; ) {
712 dnParent( &pndn, &pndn );
714 if ( !dnIsSuffix( &pndn, &op->o_bd->be_nsuffix[0] ) ) {
719 op->o_req_ndn = pndn;
721 entry = get_entry( op, &li->li_base_path );
724 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
727 op->o_req_ndn = ondn;
730 rs->sr_matched = NULL;
731 if ( entry != NULL ) {
732 Debug( LDAP_DEBUG_TRACE,
733 "ldif_back_referrals: tag=%lu target=\"%s\" matched=\"%s\"\n",
734 (unsigned long) op->o_tag, op->o_req_dn.bv_val, entry->e_name.bv_val );
736 if ( is_entry_referral( entry ) ) {
738 rs->sr_ref = get_entry_referrals( op, entry );
740 rs->sr_matched = ber_strdup_x(
741 entry->e_name.bv_val, op->o_tmpmemctx );
747 } else if ( default_referral != NULL ) {
749 rs->sr_ref = referral_rewrite( default_referral,
750 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
753 if ( rs->sr_ref != NULL ) {
755 rc = rs->sr_err = LDAP_REFERRAL;
756 send_ldap_result( op, rs );
757 ber_bvarray_free( rs->sr_ref );
760 } else if ( rc != LDAP_SUCCESS ) {
762 rs->sr_text = rs->sr_matched ? "bad referral object" : NULL;
763 send_ldap_result( op, rs );
766 if ( rs->sr_matched ) {
767 op->o_tmpfree( (char *)rs->sr_matched, op->o_tmpmemctx );
768 rs->sr_matched = NULL;
774 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
776 if ( is_entry_referral( entry ) ) {
777 /* entry is a referral */
778 BerVarray refs = get_entry_referrals( op, entry );
779 rs->sr_ref = referral_rewrite(
780 refs, &entry->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
782 Debug( LDAP_DEBUG_TRACE,
783 "ldif_back_referrals: tag=%lu target=\"%s\" matched=\"%s\"\n",
784 (unsigned long) op->o_tag, op->o_req_dn.bv_val, entry->e_name.bv_val );
786 rs->sr_matched = entry->e_name.bv_val;
787 if ( rs->sr_ref != NULL ) {
788 rc = rs->sr_err = LDAP_REFERRAL;
789 send_ldap_result( op, rs );
790 ber_bvarray_free( rs->sr_ref );
794 send_ldap_error( op, rs, LDAP_OTHER, "bad referral object" );
798 rs->sr_matched = NULL;
799 ber_bvarray_free( refs );
808 ldif_back_bind( Operation *op, SlapReply *rs )
810 struct ldif_info *li = NULL;
811 Attribute * a = NULL;
812 AttributeDescription *password = slap_schema.si_ad_userPassword;
814 Entry * entry = NULL;
816 switch ( be_rootdn_bind( op, rs ) ) {
817 case SLAP_CB_CONTINUE:
821 /* in case of success, front end will send result;
822 * otherwise, be_rootdn_bind() did */
826 li = (struct ldif_info *) op->o_bd->be_private;
827 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
828 entry = get_entry(op, &li->li_base_path);
830 /* no object is found for them */
832 rs->sr_err = return_val = LDAP_INVALID_CREDENTIALS;
836 /* they don't have userpassword */
837 if((a = attr_find(entry->e_attrs, password)) == NULL) {
838 rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
843 /* authentication actually failed */
844 if(slap_passwd_check(op, entry, a, &op->oq_bind.rb_cred,
845 &rs->sr_text) != 0) {
846 rs->sr_err = LDAP_INVALID_CREDENTIALS;
851 /* let the front-end send success */
856 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
858 send_ldap_result( op, rs );
864 static int ldif_back_search(Operation *op, SlapReply *rs)
866 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
867 enumCookie ck = { NULL, NULL, NULL, 0, 0 };
871 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
872 rs->sr_err = enum_tree( &ck );
873 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
874 send_ldap_result(op, rs);
879 static int ldif_back_add(Operation *op, SlapReply *rs) {
880 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
881 Entry * e = op->ora_e;
882 struct berval dn = e->e_nname;
883 struct berval leaf_path = BER_BVNULL;
886 char textbuf[SLAP_TEXT_BUFLEN];
888 Debug( LDAP_DEBUG_TRACE, "ldif_back_add: \"%s\"\n", dn.bv_val, 0, 0);
890 rs->sr_err = entry_schema_check(op, e, NULL, 0, 1,
891 &rs->sr_text, textbuf, sizeof( textbuf ) );
892 if ( rs->sr_err != LDAP_SUCCESS ) goto send_res;
894 rs->sr_err = slap_add_opattrs( op,
895 &rs->sr_text, textbuf, sizeof( textbuf ), 1 );
896 if ( rs->sr_err != LDAP_SUCCESS ) goto send_res;
898 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
900 dn2path(&dn, &op->o_bd->be_nsuffix[0], &li->li_base_path, &leaf_path);
902 if(leaf_path.bv_val != NULL) {
903 struct berval base = BER_BVNULL;
904 /* build path to container and ldif of container */
905 get_parent_path(&leaf_path, &base);
907 statres = stat(base.bv_val, &stats); /* check if container exists */
908 if(statres == -1 && errno == ENOENT) { /* container missing */
909 base.bv_val[base.bv_len] = '.';
910 statres = stat(base.bv_val, &stats); /* check for leaf node */
911 base.bv_val[base.bv_len] = '\0';
912 if(statres == -1 && errno == ENOENT) {
913 rs->sr_err = LDAP_NO_SUCH_OBJECT; /* parent doesn't exist */
914 rs->sr_text = "Parent does not exist";
916 else if(statres != -1) { /* create parent */
917 int mkdirres = mkdir(base.bv_val, 0750);
919 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
920 rs->sr_text = "Could not create parent folder";
921 Debug( LDAP_DEBUG_ANY, "could not create folder \"%s\": %s\n",
922 base.bv_val, STRERROR( errno ), 0 );
926 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
927 }/* container was possibly created, move on to add the entry */
928 if(rs->sr_err == LDAP_SUCCESS) {
929 statres = stat(leaf_path.bv_val, &stats);
930 if(statres == -1 && errno == ENOENT) {
931 rs->sr_err = spew_entry(e, &leaf_path, 1, NULL);
933 else if ( statres == -1 ) {
934 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
935 Debug( LDAP_DEBUG_ANY, "could not stat file \"%s\": %s\n",
936 leaf_path.bv_val, STRERROR( errno ), 0 );
938 else /* it already exists */
939 rs->sr_err = LDAP_ALREADY_EXISTS;
941 SLAP_FREE(base.bv_val);
942 SLAP_FREE(leaf_path.bv_val);
945 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
948 Debug( LDAP_DEBUG_TRACE,
949 "ldif_back_add: err: %d text: %s\n", rs->sr_err, rs->sr_text ?
950 rs->sr_text : "", 0);
951 send_ldap_result(op, rs);
952 slap_graduate_commit_csn( op );
956 static int ldif_back_modify(Operation *op, SlapReply *rs) {
957 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
958 Modifications * modlst = op->orm_modlist;
959 struct berval path = BER_BVNULL;
960 Entry * entry = NULL;
963 slap_mods_opattrs( op, &op->orm_modlist, 1 );
965 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
966 dn2path(&op->o_req_ndn, &op->o_bd->be_nsuffix[0], &li->li_base_path,
968 entry = get_entry(op, &li->li_base_path);
971 rs->sr_err = apply_modify_to_entry(entry, modlst, op, rs);
972 if(rs->sr_err == LDAP_SUCCESS) {
974 spew_res = spew_entry(entry, &path, 1, &save_errno);
976 Debug( LDAP_DEBUG_ANY,
977 "%s ldif_back_modify: could not output entry \"%s\": %s\n",
978 op->o_log_prefix, entry->e_name.bv_val, STRERROR( save_errno ) );
979 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
984 rs->sr_err = LDAP_NO_SUCH_OBJECT;
989 if(path.bv_val != NULL)
990 SLAP_FREE(path.bv_val);
992 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
993 send_ldap_result(op, rs);
994 slap_graduate_commit_csn( op );
998 static int ldif_back_delete(Operation *op, SlapReply *rs) {
999 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1000 struct berval path = BER_BVNULL;
1003 if ( BER_BVISEMPTY( &op->o_csn )) {
1005 char csnbuf[LDAP_LUTIL_CSNSTR_BUFSIZE];
1007 csn.bv_val = csnbuf;
1008 csn.bv_len = sizeof( csnbuf );
1009 slap_get_csn( op, &csn, 1 );
1012 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
1013 dn2path(&op->o_req_ndn, &op->o_bd->be_nsuffix[0], &li->li_base_path, &path);
1015 path.bv_val[path.bv_len - STRLENOF(LDIF)] = '\0';
1016 res = rmdir(path.bv_val);
1017 path.bv_val[path.bv_len - STRLENOF(LDIF)] = '.';
1018 rs->sr_err = LDAP_SUCCESS;
1022 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
1026 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1030 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
1035 res = unlink(path.bv_val);
1039 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1043 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
1049 SLAP_FREE(path.bv_val);
1050 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
1051 send_ldap_result(op, rs);
1052 slap_graduate_commit_csn( op );
1057 static int move_entry(Entry * entry, struct berval * ndn,
1058 struct berval * newndn, struct berval * suffixdn,
1059 struct berval * base_path) {
1063 struct berval newpath;
1065 dn2path(ndn, suffixdn, base_path, &path);
1066 dn2path(newndn, suffixdn, base_path, &newpath);
1068 if((entry == NULL || path.bv_val == NULL) || newpath.bv_val == NULL) {
1069 /* some object doesn't exist */
1070 res = LDAP_NO_SUCH_OBJECT;
1072 else { /* do the modrdn */
1073 exists_res = open(newpath.bv_val, O_RDONLY);
1074 if(exists_res == -1 && errno == ENOENT) {
1075 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
1076 res = spew_entry(entry, &newpath, 0, NULL);
1078 /* if this fails we should log something bad */
1079 res = unlink(path.bv_val);
1080 path.bv_val[path.bv_len - STRLENOF(".ldif")] = '\0';
1081 newpath.bv_val[newpath.bv_len - STRLENOF(".ldif")] = '\0';
1082 res = rename(path.bv_val, newpath.bv_val);
1087 res = LDAP_NO_SUCH_OBJECT;
1089 res = LDAP_UNWILLING_TO_PERFORM;
1090 unlink(newpath.bv_val); /* in case file was created */
1092 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
1094 else if(exists_res) {
1095 int close_res = close(exists_res);
1096 res = LDAP_ALREADY_EXISTS;
1097 if(close_res == -1) {
1098 /* log heinous error */
1102 res = LDAP_UNWILLING_TO_PERFORM;
1106 if(newpath.bv_val != NULL)
1107 SLAP_FREE(newpath.bv_val);
1108 if(path.bv_val != NULL)
1109 SLAP_FREE(path.bv_val);
1114 ldif_back_modrdn(Operation *op, SlapReply *rs)
1116 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1117 struct berval new_dn = BER_BVNULL, new_ndn = BER_BVNULL;
1119 Entry * entry = NULL;
1122 slap_mods_opattrs( op, &op->orr_modlist, 1 );
1124 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1125 entry = get_entry( op, &li->li_base_path );
1127 /* build the mods to the entry */
1128 if ( entry != NULL ) {
1129 /* build new dn, and new ndn for the entry */
1130 if ( op->oq_modrdn.rs_newSup != NULL ) {
1131 struct berval op_dn = op->o_req_dn,
1132 op_ndn = op->o_req_ndn;
1136 p_dn = *op->oq_modrdn.rs_newSup;
1137 op->o_req_dn = *op->oq_modrdn.rs_newSup;
1138 op->o_req_ndn = *op->oq_modrdn.rs_nnewSup;
1139 np = get_entry( op, &li->li_base_path );
1140 op->o_req_dn = op_dn;
1141 op->o_req_ndn = op_ndn;
1143 goto no_such_object;
1147 dnParent( &entry->e_name, &p_dn );
1149 build_new_dn( &new_dn, &p_dn, &op->oq_modrdn.rs_newrdn, NULL );
1150 dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn, NULL );
1151 ber_memfree_x( entry->e_name.bv_val, NULL );
1152 ber_memfree_x( entry->e_nname.bv_val, NULL );
1153 entry->e_name = new_dn;
1154 entry->e_nname = new_ndn;
1156 /* perform the modifications */
1157 res = apply_modify_to_entry( entry, op->orr_modlist, op, rs );
1158 if ( res == LDAP_SUCCESS ) {
1159 rs->sr_err = move_entry( entry, &op->o_req_ndn,
1161 &op->o_bd->be_nsuffix[0],
1162 &li->li_base_path );
1168 /* entry was null */
1169 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1172 if ( entry != NULL ) {
1173 entry_free( entry );
1176 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1177 send_ldap_result( op, rs );
1178 slap_graduate_commit_csn( op );
1182 /* return LDAP_SUCCESS IFF we can retrieve the specified entry.
1184 int ldif_back_entry_get(
1188 AttributeDescription *at,
1192 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1193 struct berval op_dn = op->o_req_dn, op_ndn = op->o_req_ndn;
1195 assert( ndn != NULL );
1196 assert( !BER_BVISNULL( ndn ) );
1198 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
1199 op->o_req_dn = *ndn;
1200 op->o_req_ndn = *ndn;
1201 *ent = get_entry( op, &li->li_base_path );
1202 op->o_req_dn = op_dn;
1203 op->o_req_ndn = op_ndn;
1204 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
1206 if ( *ent && oc && !is_entry_objectclass_or_sub( *ent, oc ) ) {
1211 return ( *ent == NULL ? 1 : 0 );
1214 static int ldif_tool_entry_open(BackendDB *be, int mode) {
1215 struct ldif_info *li = (struct ldif_info *) be->be_private;
1216 li->li_tool_current = 0;
1220 static int ldif_tool_entry_close(BackendDB * be) {
1221 struct ldif_info *li = (struct ldif_info *) be->be_private;
1223 SLAP_FREE(li->li_tool_cookie.entries);
1227 static ID ldif_tool_entry_next(BackendDB *be)
1229 struct ldif_info *li = (struct ldif_info *) be->be_private;
1230 if(li->li_tool_current >= li->li_tool_cookie.eind)
1233 return ++li->li_tool_current;
1237 ldif_tool_entry_first(BackendDB *be)
1239 struct ldif_info *li = (struct ldif_info *) be->be_private;
1241 if(li->li_tool_cookie.entries == NULL) {
1245 op.o_req_dn = *be->be_suffix;
1246 op.o_req_ndn = *be->be_nsuffix;
1247 op.ors_scope = LDAP_SCOPE_SUBTREE;
1248 li->li_tool_cookie.op = &op;
1249 (void)enum_tree( &li->li_tool_cookie );
1250 li->li_tool_cookie.op = NULL;
1252 return ldif_tool_entry_next( be );
1255 static Entry * ldif_tool_entry_get(BackendDB * be, ID id) {
1256 struct ldif_info *li = (struct ldif_info *) be->be_private;
1259 if(id > li->li_tool_cookie.eind || id < 1)
1262 e = li->li_tool_cookie.entries[id - 1];
1263 li->li_tool_cookie.entries[id - 1] = NULL;
1268 static ID ldif_tool_entry_put(BackendDB * be, Entry * e, struct berval *text) {
1269 struct ldif_info *li = (struct ldif_info *) be->be_private;
1270 struct berval dn = e->e_nname;
1271 struct berval leaf_path = BER_BVNULL;
1274 int res = LDAP_SUCCESS;
1276 dn2path(&dn, &be->be_nsuffix[0], &li->li_base_path, &leaf_path);
1278 if(leaf_path.bv_val != NULL) {
1279 struct berval base = BER_BVNULL;
1280 /* build path to container, and path to ldif of container */
1281 get_parent_path(&leaf_path, &base);
1283 statres = stat(base.bv_val, &stats); /* check if container exists */
1284 if(statres == -1 && errno == ENOENT) { /* container missing */
1285 base.bv_val[base.bv_len] = '.';
1286 statres = stat(base.bv_val, &stats); /* check for leaf node */
1287 base.bv_val[base.bv_len] = '\0';
1288 if(statres == -1 && errno == ENOENT) {
1289 res = LDAP_NO_SUCH_OBJECT; /* parent doesn't exist */
1291 else if(statres != -1) { /* create parent */
1292 int mkdirres = mkdir(base.bv_val, 0750);
1293 if(mkdirres == -1) {
1294 res = LDAP_UNWILLING_TO_PERFORM;
1298 res = LDAP_UNWILLING_TO_PERFORM;
1299 }/* container was possibly created, move on to add the entry */
1300 if(res == LDAP_SUCCESS) {
1301 statres = stat(leaf_path.bv_val, &stats);
1302 if(statres == -1 && errno == ENOENT) {
1303 res = spew_entry(e, &leaf_path, 0, NULL);
1305 else /* it already exists */
1306 res = LDAP_ALREADY_EXISTS;
1308 SLAP_FREE(base.bv_val);
1309 SLAP_FREE(leaf_path.bv_val);
1312 if(res == LDAP_SUCCESS) {
1320 ldif_back_db_init( BackendDB *be, ConfigReply *cr )
1322 struct ldif_info *li;
1324 li = ch_calloc( 1, sizeof(struct ldif_info) );
1325 be->be_private = li;
1326 be->be_cf_ocs = ldifocs;
1327 ldap_pvt_thread_rdwr_init(&li->li_rdwr);
1332 ldif_back_db_destroy( Backend *be, ConfigReply *cr )
1334 struct ldif_info *li = be->be_private;
1336 ch_free(li->li_base_path.bv_val);
1337 ldap_pvt_thread_rdwr_destroy(&li->li_rdwr);
1338 free( be->be_private );
1343 ldif_back_db_open( Backend *be, ConfigReply *cr)
1345 struct ldif_info *li = (struct ldif_info *) be->be_private;
1346 if( BER_BVISEMPTY(&li->li_base_path)) {/* missing base path */
1347 Debug( LDAP_DEBUG_ANY, "missing base path for back-ldif\n", 0, 0, 0);
1354 ldif_back_initialize(
1358 static char *controls[] = {
1359 LDAP_CONTROL_MANAGEDSAIT,
1365 SLAP_BFLAG_INCREMENT |
1366 SLAP_BFLAG_REFERRALS;
1368 bi->bi_controls = controls;
1375 bi->bi_db_init = ldif_back_db_init;
1376 bi->bi_db_config = config_generic_wrapper;
1377 bi->bi_db_open = ldif_back_db_open;
1378 bi->bi_db_close = 0;
1379 bi->bi_db_destroy = ldif_back_db_destroy;
1381 bi->bi_op_bind = ldif_back_bind;
1382 bi->bi_op_unbind = 0;
1383 bi->bi_op_search = ldif_back_search;
1384 bi->bi_op_compare = 0;
1385 bi->bi_op_modify = ldif_back_modify;
1386 bi->bi_op_modrdn = ldif_back_modrdn;
1387 bi->bi_op_add = ldif_back_add;
1388 bi->bi_op_delete = ldif_back_delete;
1389 bi->bi_op_abandon = 0;
1391 bi->bi_extended = 0;
1393 bi->bi_chk_referrals = ldif_back_referrals;
1395 bi->bi_connection_init = 0;
1396 bi->bi_connection_destroy = 0;
1398 bi->bi_entry_get_rw = ldif_back_entry_get;
1400 #if 0 /* NOTE: uncomment to completely disable access control */
1401 bi->bi_access_allowed = slap_access_always_allowed;
1404 bi->bi_tool_entry_open = ldif_tool_entry_open;
1405 bi->bi_tool_entry_close = ldif_tool_entry_close;
1406 bi->bi_tool_entry_first = ldif_tool_entry_first;
1407 bi->bi_tool_entry_next = ldif_tool_entry_next;
1408 bi->bi_tool_entry_get = ldif_tool_entry_get;
1409 bi->bi_tool_entry_put = ldif_tool_entry_put;
1410 bi->bi_tool_entry_reindex = 0;
1411 bi->bi_tool_sync = 0;
1413 bi->bi_tool_dn2id_get = 0;
1414 bi->bi_tool_entry_modify = 0;
1416 bi->bi_cf_ocs = ldifocs;
1418 rc = config_register_schema( ldifcfg, ldifocs );
1419 if ( rc ) return rc;