1 /* ldif.c - the ldif backend */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2005-2008 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was originally developed by Eric Stokes for inclusion
18 * in OpenLDAP Software.
23 #include <ac/string.h>
24 #include <sys/types.h>
26 #include <ac/dirent.h>
29 #include <ac/unistd.h>
34 typedef struct enumCookie {
43 struct berval li_base_path;
44 enumCookie li_tool_cookie;
46 ldap_pvt_thread_rdwr_t li_rdwr;
50 #define mkdir(a,b) mkdir(a)
62 #define ENTRY_BUFF_INCREMENT 500
64 static ConfigTable ldifcfg[] = {
65 { "directory", "dir", 2, 2, 0, ARG_BERVAL|ARG_OFFSET,
66 (void *)offsetof(struct ldif_info, li_base_path),
67 "( OLcfgDbAt:0.1 NAME 'olcDbDirectory' "
68 "DESC 'Directory for database content' "
69 "EQUALITY caseIgnoreMatch "
70 "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
71 { NULL, NULL, 0, 0, 0, ARG_IGNORED,
72 NULL, NULL, NULL, NULL }
75 static ConfigOCs ldifocs[] = {
77 "NAME 'olcLdifConfig' "
78 "DESC 'LDIF backend configuration' "
79 "SUP olcDatabaseConfig "
80 "MUST ( olcDbDirectory ) )", Cft_Database, ldifcfg },
85 /* Set *res = LDIF filename path for the normalized DN */
87 dn2path( BackendDB *be, struct berval *orig_dn, struct berval *res )
89 struct ldif_info *li = (struct ldif_info *) be->be_private;
90 struct berval *suffixdn = &be->be_nsuffix[0];
91 char *ptr, *sep, *end;
95 assert( orig_dn != NULL );
96 assert( !BER_BVISNULL( orig_dn ) );
97 assert( suffixdn != NULL );
98 assert( !BER_BVISNULL( suffixdn ) );
99 assert( dnIsSuffix( orig_dn, suffixdn ) );
104 * use "\" + hexpair, so the escaped DN remains formally valid */
105 for ( ptr = dn.bv_val, end = &dn.bv_val[dn.bv_len]; ptr < end; ptr++ ) {
106 if ( ptr[0] == LDAP_DIRSEP[0] ) {
115 dn.bv_val = ch_malloc( dn.bv_len + 1 );
117 for ( ptr = orig_dn->bv_val, end = &orig_dn->bv_val[orig_dn->bv_len], p = dn.bv_val;
118 ptr < end; ptr++, p++)
120 static const char hex[] = "0123456789ABCDEF";
121 if ( ptr[0] == LDAP_DIRSEP[0] ) {
123 *p++ = hex[(LDAP_DIRSEP[0] & 0xF0U) >> 4];
124 *p = hex[LDAP_DIRSEP[0] & 0x0FU];
132 res->bv_len = dn.bv_len + li->li_base_path.bv_len + 1 + STRLENOF( LDIF );
133 res->bv_val = ch_malloc( res->bv_len + 1 );
134 ptr = lutil_strcopy( res->bv_val, li->li_base_path.bv_val );
135 end = dn.bv_val + dn.bv_len;
136 if ( !BER_BVISEMPTY( suffixdn ) ) {
137 *ptr++ = LDAP_DIRSEP[0];
138 ptr = lutil_strcopy( ptr, suffixdn->bv_val );
139 end -= suffixdn->bv_len + 1;
141 } else if ( BER_BVISEMPTY( &dn ) ) {
142 *ptr++ = LDAP_DIRSEP[0];
144 while ( end > dn.bv_val ) {
145 for (sep = end-1; sep >= dn.bv_val && !DN_SEPARATOR( *sep ); sep--);
146 *ptr++ = LDAP_DIRSEP[0];
147 ptr = lutil_strncopy( ptr, sep+1, end-sep-1 );
155 while ( ptr = ber_bvchr( &bv, IX_DNL ) ) {
157 assert( ( ptr - bv.bv_val ) <= bv.bv_len );
158 bv.bv_len -= ( ptr - bv.bv_val );
160 ptr = ber_bvchr( &bv, IX_DNR );
164 assert( ( ptr - bv.bv_val ) <= bv.bv_len );
165 bv.bv_len -= ( ptr - bv.bv_val );
170 if ( dn.bv_val != orig_dn->bv_val ) {
171 ch_free( dn.bv_val );
174 assert( strlen( res->bv_val ) == res->bv_len );
177 static char * slurp_file(int fd) {
178 int read_chars_total = 0;
186 entry_size = st.st_size;
187 entry = ch_malloc( entry_size+1 );
191 read_chars = read(fd, (void *) entry_pos, entry_size - read_chars_total);
192 if(read_chars == -1) {
196 if(read_chars == 0) {
197 entry[read_chars_total] = '\0';
201 read_chars_total += read_chars;
202 entry_pos += read_chars;
209 * return nonnegative for success or -1 for error
210 * do not return numbers less than -1
212 static int spew_file(int fd, char * spew, int len) {
216 writeres = write(fd, spew, len);
229 spew_entry( Entry * e, struct berval * path, int dolock, int *save_errnop )
231 int rs, save_errno = 0;
235 char * entry_as_string;
236 char *tmpfname = NULL;
238 tmpfname = ch_malloc( path->bv_len + STRLENOF( "XXXXXX" ) + 1 );
239 AC_MEMCPY( tmpfname, path->bv_val, path->bv_len );
240 AC_MEMCPY( &tmpfname[ path->bv_len ], "XXXXXX", STRLENOF( "XXXXXX" ) + 1 );
242 openres = mkstemp( tmpfname );
243 if ( openres == -1 ) {
245 rs = LDAP_UNWILLING_TO_PERFORM;
246 Debug( LDAP_DEBUG_ANY, "could not create tmpfile \"%s\": %s\n",
247 tmpfname, STRERROR( save_errno ), 0 );
253 /* Only save the RDN onto disk */
254 dnRdn( &e->e_name, &rdn );
255 if ( rdn.bv_len != e->e_name.bv_len ) {
256 e->e_name.bv_val[rdn.bv_len] = '\0';
257 tmp = e->e_name.bv_len;
258 e->e_name.bv_len = rdn.bv_len;
264 ldap_pvt_thread_mutex_lock(&entry2str_mutex);
267 entry_as_string = entry2str(e, &entry_length);
268 if ( entry_as_string != NULL ) {
269 spew_res = spew_file( openres,
270 entry_as_string, entry_length );
271 if ( spew_res == -1 ) {
277 ldap_pvt_thread_mutex_unlock(&entry2str_mutex);
280 /* Restore full DN */
281 if ( rdn.bv_len != e->e_name.bv_len ) {
282 e->e_name.bv_val[e->e_name.bv_len] = ',';
283 e->e_name.bv_len = rdn.bv_len;
286 res = close( openres );
287 rs = LDAP_UNWILLING_TO_PERFORM;
289 if ( spew_res > -2 ) {
290 if ( res == -1 || spew_res == -1 ) {
291 if ( save_errno == 0 ) {
294 Debug( LDAP_DEBUG_ANY, "write error to tmpfile \"%s\": %s\n",
295 tmpfname, STRERROR( save_errno ), 0 );
298 res = rename( tmpfname, path->bv_val );
304 switch ( save_errno ) {
306 rs = LDAP_NO_SUCH_OBJECT;
316 if ( rs != LDAP_SUCCESS ) {
323 if ( rs != LDAP_SUCCESS && save_errnop != NULL ) {
324 *save_errnop = save_errno;
330 static Entry * get_entry_for_fd(int fd,
334 char * entry = (char *) slurp_file(fd);
335 Entry * ldentry = NULL;
337 /* error reading file */
342 ldentry = str2entry(entry);
345 rdn = ldentry->e_name;
346 build_new_dn( &ldentry->e_name, pdn, &rdn, NULL );
347 ch_free( rdn.bv_val );
348 rdn = ldentry->e_nname;
349 build_new_dn( &ldentry->e_nname, pndn, &rdn, NULL );
350 ch_free( rdn.bv_val );
368 struct berval *pathp )
371 struct berval path, pdn, pndn;
374 dnParent(&op->o_req_dn, &pdn);
375 dnParent(&op->o_req_ndn, &pndn);
376 dn2path( op->o_bd, &op->o_req_ndn, &path );
377 fd = open(path.bv_val, O_RDONLY);
378 /* error opening file (mebbe should log error) */
379 if ( fd == -1 && ( errno != ENOENT || op->o_tag != LDAP_REQ_ADD ) ) {
380 Debug( LDAP_DEBUG_ANY, "failed to open file \"%s\": %s\n",
381 path.bv_val, STRERROR(errno), 0 );
383 *entryp = fd < 0 ? NULL : get_entry_for_fd( fd, &pdn, &pndn );
384 rc = *entryp ? LDAP_SUCCESS : LDAP_NO_SUCH_OBJECT;
386 if ( rc == LDAP_SUCCESS && pathp != NULL ) {
389 SLAP_FREE(path.bv_val);
394 static void fullpath(struct berval *base, struct berval *name, struct berval *res) {
396 res->bv_len = name->bv_len + base->bv_len + 1;
397 res->bv_val = ch_malloc( res->bv_len + 1 );
398 strcpy(res->bv_val, base->bv_val);
399 ptr = res->bv_val + base->bv_len;
400 *ptr++ = LDAP_DIRSEP[0];
401 strcpy(ptr, name->bv_val);
404 typedef struct bvlist {
413 static int r_enum_tree(enumCookie *ck, struct berval *path, int base,
414 struct berval *pdn, struct berval *pndn)
417 int fd = 0, rc = LDAP_SUCCESS;
420 fd = open( path->bv_val, O_RDONLY );
422 Debug( LDAP_DEBUG_TRACE,
423 "=> ldif_enum_tree: failed to open %s: %s\n",
424 path->bv_val, STRERROR(errno), 0 );
425 return LDAP_NO_SUCH_OBJECT;
428 e = get_entry_for_fd(fd, pdn, pndn);
430 Debug( LDAP_DEBUG_ANY,
431 "=> ldif_enum_tree: failed to read entry for %s\n",
432 path->bv_val, 0, 0 );
436 if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
437 ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
438 /* Send right away? */
441 * if it's a referral, add it to the list of referrals. only do
442 * this for non-base searches, and don't check the filter
443 * explicitly here since it's only a candidate anyway.
445 if ( !get_manageDSAit( ck->op )
446 && ck->op->ors_scope != LDAP_SCOPE_BASE
447 && is_entry_referral( e ) )
449 BerVarray erefs = get_entry_referrals( ck->op, e );
450 ck->rs->sr_ref = referral_rewrite( erefs,
452 ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
453 ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
455 ck->rs->sr_entry = e;
456 rc = send_search_reference( ck->op, ck->rs );
457 ber_bvarray_free( ck->rs->sr_ref );
458 ber_bvarray_free( erefs );
459 ck->rs->sr_ref = NULL;
460 ck->rs->sr_entry = NULL;
462 } else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
464 ck->rs->sr_entry = e;
465 ck->rs->sr_attrs = ck->op->ors_attrs;
466 ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
467 rc = send_search_entry(ck->op, ck->rs);
468 ck->rs->sr_entry = NULL;
474 /* Queueing up for tool mode */
475 if(ck->entries == NULL) {
476 ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
477 ck->elen = ENTRY_BUFF_INCREMENT;
479 if(ck->eind >= ck->elen) { /* grow entries if necessary */
480 ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
484 ck->entries[ck->eind++] = e;
492 if ( ck->op->ors_scope != LDAP_SCOPE_BASE ) {
494 bvlist *list = NULL, *ptr;
496 path->bv_len -= STRLENOF( LDIF );
497 path->bv_val[path->bv_len] = '\0';
499 dir_of_path = opendir(path->bv_val);
500 if(dir_of_path == NULL) { /* can't open directory */
501 if ( errno != ENOENT ) {
502 /* it shouldn't be treated as an error
503 * only if the directory doesn't exist */
505 Debug( LDAP_DEBUG_ANY,
506 "=> ldif_enum_tree: failed to opendir %s (%d)\n",
507 path->bv_val, errno, 0 );
513 struct berval fname, itmp;
517 dir = readdir(dir_of_path);
518 if(dir == NULL) break; /* end of the directory */
519 fname.bv_len = strlen( dir->d_name );
520 if ( fname.bv_len <= STRLENOF( LDIF ))
522 if ( strcmp( dir->d_name + (fname.bv_len - STRLENOF(LDIF)), LDIF))
524 fname.bv_val = dir->d_name;
526 bvl = ch_malloc( sizeof(bvlist) );
527 ber_dupbv( &bvl->bv, &fname );
528 BER_BVZERO( &bvl->num );
529 itmp.bv_val = ber_bvchr( &bvl->bv, IX_FSL );
533 itmp.bv_len = bvl->bv.bv_len
534 - ( itmp.bv_val - bvl->bv.bv_val );
535 ptr = ber_bvchr( &itmp, IX_FSR );
537 itmp.bv_len = ptr - itmp.bv_val;
538 ber_dupbv( &bvl->num, &itmp );
539 bvl->inum = strtol( itmp.bv_val, NULL, 0 );
540 itmp.bv_val[0] = '\0';
541 bvl->off = itmp.bv_val - bvl->bv.bv_val;
545 for (prev = &list; (ptr = *prev) != NULL; prev = &ptr->next) {
546 int cmp = strcmp( bvl->bv.bv_val, ptr->bv.bv_val );
547 if ( !cmp && bvl->num.bv_val )
548 cmp = bvl->inum - ptr->inum;
556 closedir(dir_of_path);
558 if (ck->op->ors_scope == LDAP_SCOPE_ONELEVEL)
559 ck->op->ors_scope = LDAP_SCOPE_BASE;
560 else if ( ck->op->ors_scope == LDAP_SCOPE_SUBORDINATE)
561 ck->op->ors_scope = LDAP_SCOPE_SUBTREE;
563 while ( ( ptr = list ) ) {
568 if ( rc == LDAP_SUCCESS ) {
569 if ( ptr->num.bv_val )
570 AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val,
572 fullpath( path, &ptr->bv, &fpath );
573 rc = r_enum_tree(ck, &fpath, 0,
574 e != NULL ? &e->e_name : pdn,
575 e != NULL ? &e->e_nname : pndn );
578 if ( ptr->num.bv_val )
579 free( ptr->num.bv_val );
580 free(ptr->bv.bv_val);
585 if ( fd ) entry_free( e );
595 struct berval pdn, pndn;
598 dnParent( &ck->op->o_req_dn, &pdn );
599 dnParent( &ck->op->o_req_ndn, &pndn );
600 dn2path( ck->op->o_bd, &ck->op->o_req_ndn, &path );
601 rc = r_enum_tree(ck, &path, BER_BVISEMPTY( &ck->op->o_req_ndn ) ? 1 : 0, &pdn, &pndn);
602 ch_free( path.bv_val );
607 /* Get the parent directory path, plus the LDIF suffix overwritten by a \0 */
609 get_parent_path( struct berval *dnpath, struct berval *res )
611 int dnpathlen = dnpath->bv_len;
614 for(i = dnpathlen;i>0;i--) /* find the first path seperator */
615 if(dnpath->bv_val[i] == LDAP_DIRSEP[0])
618 res->bv_val = ch_malloc( res->bv_len + 1 + STRLENOF(LDIF) );
619 strncpy(res->bv_val, dnpath->bv_val, i);
620 strcpy(res->bv_val+i, LDIF);
621 res->bv_val[i] = '\0';
624 static int apply_modify_to_entry(Entry * entry,
625 Modifications * modlist,
629 char textbuf[SLAP_TEXT_BUFLEN];
630 int rc = modlist ? LDAP_UNWILLING_TO_PERFORM : LDAP_SUCCESS;
634 if (!acl_check_modlist(op, entry, modlist)) {
635 return LDAP_INSUFFICIENT_ACCESS;
638 for (; modlist != NULL; modlist = modlist->sml_next) {
639 mods = &modlist->sml_mod;
641 if ( mods->sm_desc == slap_schema.si_ad_objectClass ) {
644 switch (mods->sm_op) {
646 rc = modify_add_values(entry, mods,
647 get_permissiveModify(op),
648 &rs->sr_text, textbuf,
652 case LDAP_MOD_DELETE:
653 rc = modify_delete_values(entry, mods,
654 get_permissiveModify(op),
655 &rs->sr_text, textbuf,
659 case LDAP_MOD_REPLACE:
660 rc = modify_replace_values(entry, mods,
661 get_permissiveModify(op),
662 &rs->sr_text, textbuf,
666 case LDAP_MOD_INCREMENT:
667 rc = modify_increment_values( entry,
668 mods, get_permissiveModify(op),
669 &rs->sr_text, textbuf,
673 case SLAP_MOD_SOFTADD:
674 mods->sm_op = LDAP_MOD_ADD;
675 rc = modify_add_values(entry, mods,
676 get_permissiveModify(op),
677 &rs->sr_text, textbuf,
679 mods->sm_op = SLAP_MOD_SOFTADD;
680 if (rc == LDAP_TYPE_OR_VALUE_EXISTS) {
685 if(rc != LDAP_SUCCESS) break;
688 if(rc == LDAP_SUCCESS) {
690 entry->e_ocflags = 0;
692 /* check that the entry still obeys the schema */
693 rc = entry_schema_check( op, entry, NULL, 0, 0,
694 &rs->sr_text, textbuf, sizeof( textbuf ) );
701 ldif_back_referrals( Operation *op, SlapReply *rs )
703 struct ldif_info *li = NULL;
705 int rc = LDAP_SUCCESS;
708 if ( op->o_tag == LDAP_REQ_SEARCH ) {
709 /* let search take care of itself */
714 if ( get_manageDSAit( op ) ) {
715 /* let op take care of DSA management */
719 if ( BER_BVISEMPTY( &op->o_req_ndn ) ) {
720 /* the empty DN cannot be a referral */
724 li = (struct ldif_info *)op->o_bd->be_private;
725 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
726 get_entry( op, &entry, NULL );
728 /* no object is found for them */
729 if ( entry == NULL ) {
730 struct berval odn = op->o_req_dn;
731 struct berval ondn = op->o_req_ndn;
732 struct berval pndn = ondn;
733 ber_len_t min_dnlen = op->o_bd->be_nsuffix[0].bv_len;
735 if ( min_dnlen == 0 )
736 min_dnlen = 1; /* catch empty DN */
738 for ( ; entry == NULL; ) {
739 dnParent( &pndn, &pndn );
740 if ( pndn.bv_len < min_dnlen ) {
745 op->o_req_ndn = pndn;
747 get_entry( op, &entry, NULL );
750 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
753 op->o_req_ndn = ondn;
756 rs->sr_matched = NULL;
757 if ( entry != NULL ) {
758 Debug( LDAP_DEBUG_TRACE,
759 "ldif_back_referrals: tag=%lu target=\"%s\" matched=\"%s\"\n",
760 (unsigned long) op->o_tag, op->o_req_dn.bv_val, entry->e_name.bv_val );
762 if ( is_entry_referral( entry ) ) {
764 rs->sr_ref = get_entry_referrals( op, entry );
766 rs->sr_matched = ber_strdup_x(
767 entry->e_name.bv_val, op->o_tmpmemctx );
773 } else if ( default_referral != NULL ) {
775 rs->sr_ref = referral_rewrite( default_referral,
776 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
779 if ( rs->sr_ref != NULL ) {
781 rc = rs->sr_err = LDAP_REFERRAL;
782 send_ldap_result( op, rs );
783 ber_bvarray_free( rs->sr_ref );
786 } else if ( rc != LDAP_SUCCESS ) {
787 rs->sr_text = rs->sr_matched ? "bad referral object" : NULL;
790 if ( rs->sr_matched ) {
791 op->o_tmpfree( (char *)rs->sr_matched, op->o_tmpmemctx );
792 rs->sr_matched = NULL;
798 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
800 if ( is_entry_referral( entry ) ) {
801 /* entry is a referral */
802 BerVarray refs = get_entry_referrals( op, entry );
803 rs->sr_ref = referral_rewrite(
804 refs, &entry->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
806 Debug( LDAP_DEBUG_TRACE,
807 "ldif_back_referrals: tag=%lu target=\"%s\" matched=\"%s\"\n",
808 (unsigned long) op->o_tag, op->o_req_dn.bv_val, entry->e_name.bv_val );
810 rs->sr_matched = entry->e_name.bv_val;
811 if ( rs->sr_ref != NULL ) {
812 rc = rs->sr_err = LDAP_REFERRAL;
813 send_ldap_result( op, rs );
814 ber_bvarray_free( rs->sr_ref );
819 rs->sr_text = "bad referral object";
822 rs->sr_matched = NULL;
823 ber_bvarray_free( refs );
832 /* LDAP operations */
835 ldif_back_bind( Operation *op, SlapReply *rs )
837 struct ldif_info *li;
839 AttributeDescription *password = slap_schema.si_ad_userPassword;
843 switch ( be_rootdn_bind( op, rs ) ) {
844 case SLAP_CB_CONTINUE:
848 /* in case of success, front end will send result;
849 * otherwise, be_rootdn_bind() did */
853 li = (struct ldif_info *) op->o_bd->be_private;
854 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
855 return_val = get_entry(op, &entry, NULL);
857 /* no object is found for them */
858 if(return_val != LDAP_SUCCESS) {
859 rs->sr_err = return_val = LDAP_INVALID_CREDENTIALS;
863 /* they don't have userpassword */
864 if((a = attr_find(entry->e_attrs, password)) == NULL) {
865 rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
870 /* authentication actually failed */
871 if(slap_passwd_check(op, entry, a, &op->oq_bind.rb_cred,
872 &rs->sr_text) != 0) {
873 rs->sr_err = LDAP_INVALID_CREDENTIALS;
878 /* let the front-end send success */
883 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
885 send_ldap_result( op, rs );
891 static int ldif_back_search(Operation *op, SlapReply *rs)
893 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
894 enumCookie ck = { NULL, NULL, NULL, 0, 0 };
898 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
899 rs->sr_err = enum_tree( &ck );
900 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
901 send_ldap_result(op, rs);
906 static int ldif_back_add(Operation *op, SlapReply *rs) {
907 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
908 Entry * e = op->ora_e;
909 struct berval dn = e->e_nname;
910 struct berval leaf_path = BER_BVNULL;
913 char textbuf[SLAP_TEXT_BUFLEN];
915 Debug( LDAP_DEBUG_TRACE, "ldif_back_add: \"%s\"\n", dn.bv_val, 0, 0);
917 rs->sr_err = entry_schema_check(op, e, NULL, 0, 1,
918 &rs->sr_text, textbuf, sizeof( textbuf ) );
919 if ( rs->sr_err != LDAP_SUCCESS ) goto send_res;
921 rs->sr_err = slap_add_opattrs( op,
922 &rs->sr_text, textbuf, sizeof( textbuf ), 1 );
923 if ( rs->sr_err != LDAP_SUCCESS ) goto send_res;
925 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
927 dn2path( op->o_bd, &dn, &leaf_path );
929 if(leaf_path.bv_val != NULL) {
930 struct berval base = BER_BVNULL;
931 /* build path to container and ldif of container */
932 get_parent_path(&leaf_path, &base);
934 statres = stat(base.bv_val, &stats); /* check if container exists */
935 if(statres == -1 && errno == ENOENT) { /* container missing */
936 base.bv_val[base.bv_len] = '.';
937 statres = stat(base.bv_val, &stats); /* check for leaf node */
938 base.bv_val[base.bv_len] = '\0';
939 if(statres == -1 && errno == ENOENT) {
940 rs->sr_err = LDAP_NO_SUCH_OBJECT; /* parent doesn't exist */
941 rs->sr_text = "Parent does not exist";
943 else if(statres != -1) { /* create parent */
944 int mkdirres = mkdir(base.bv_val, 0750);
946 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
947 rs->sr_text = "Could not create parent folder";
948 Debug( LDAP_DEBUG_ANY, "could not create folder \"%s\": %s\n",
949 base.bv_val, STRERROR( errno ), 0 );
953 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
954 }/* container was possibly created, move on to add the entry */
955 if(rs->sr_err == LDAP_SUCCESS) {
956 statres = stat(leaf_path.bv_val, &stats);
957 if(statres == -1 && errno == ENOENT) {
958 rs->sr_err = spew_entry(e, &leaf_path, 1, NULL);
960 else if ( statres == -1 ) {
961 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
962 Debug( LDAP_DEBUG_ANY, "could not stat file \"%s\": %s\n",
963 leaf_path.bv_val, STRERROR( errno ), 0 );
965 else /* it already exists */
966 rs->sr_err = LDAP_ALREADY_EXISTS;
968 SLAP_FREE(base.bv_val);
969 SLAP_FREE(leaf_path.bv_val);
972 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
975 Debug( LDAP_DEBUG_TRACE,
976 "ldif_back_add: err: %d text: %s\n", rs->sr_err, rs->sr_text ?
977 rs->sr_text : "", 0);
978 send_ldap_result(op, rs);
979 slap_graduate_commit_csn( op );
983 static int ldif_back_modify(Operation *op, SlapReply *rs) {
984 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
985 Modifications * modlst = op->orm_modlist;
990 slap_mods_opattrs( op, &op->orm_modlist, 1 );
992 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
994 rs->sr_err = get_entry( op, &entry, &path );
996 rs->sr_err = apply_modify_to_entry(entry, modlst, op, rs);
997 if(rs->sr_err == LDAP_SUCCESS) {
999 spew_res = spew_entry(entry, &path, 1, &save_errno);
1000 if(spew_res == -1) {
1001 Debug( LDAP_DEBUG_ANY,
1002 "%s ldif_back_modify: could not output entry \"%s\": %s\n",
1003 op->o_log_prefix, entry->e_name.bv_val, STRERROR( save_errno ) );
1004 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
1008 entry_free( entry );
1009 SLAP_FREE( path.bv_val );
1013 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
1014 send_ldap_result(op, rs);
1015 slap_graduate_commit_csn( op );
1019 static int ldif_back_delete(Operation *op, SlapReply *rs) {
1020 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1024 if ( BER_BVISEMPTY( &op->o_csn )) {
1026 char csnbuf[LDAP_LUTIL_CSNSTR_BUFSIZE];
1028 csn.bv_val = csnbuf;
1029 csn.bv_len = sizeof( csnbuf );
1030 slap_get_csn( op, &csn, 1 );
1033 ldap_pvt_thread_rdwr_wlock(&li->li_rdwr);
1035 dn2path( op->o_bd, &op->o_req_ndn, &path );
1036 path.bv_val[path.bv_len - STRLENOF(LDIF)] = '\0';
1037 res = rmdir(path.bv_val);
1038 path.bv_val[path.bv_len - STRLENOF(LDIF)] = '.';
1039 rs->sr_err = LDAP_SUCCESS;
1043 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
1047 /* is leaf, go on */
1052 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
1058 res = unlink(path.bv_val);
1062 rs->sr_err = LDAP_NO_SUCH_OBJECT;
1066 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
1072 SLAP_FREE(path.bv_val);
1073 ldap_pvt_thread_rdwr_wunlock(&li->li_rdwr);
1074 send_ldap_result(op, rs);
1075 slap_graduate_commit_csn( op );
1084 struct berval *oldpath )
1088 struct berval newpath;
1090 dn2path( op->o_bd, &entry->e_nname, &newpath );
1092 if((entry == NULL || oldpath->bv_val == NULL) || newpath.bv_val == NULL) {
1093 /* some object doesn't exist */
1094 res = LDAP_NO_SUCH_OBJECT;
1096 else { /* do the modrdn */
1097 exists_res = open(newpath.bv_val, O_RDONLY);
1098 if(exists_res == -1 && errno == ENOENT) {
1099 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
1100 res = spew_entry(entry, &newpath, 0, NULL);
1102 /* if this fails we should log something bad */
1103 res = unlink( oldpath->bv_val );
1104 oldpath->bv_val[oldpath->bv_len - STRLENOF(".ldif")] = '\0';
1105 newpath.bv_val[newpath.bv_len - STRLENOF(".ldif")] = '\0';
1106 res = rename( oldpath->bv_val, newpath.bv_val );
1111 res = LDAP_NO_SUCH_OBJECT;
1113 res = LDAP_UNWILLING_TO_PERFORM;
1114 unlink(newpath.bv_val); /* in case file was created */
1116 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
1118 else if(exists_res) {
1119 int close_res = close(exists_res);
1120 res = LDAP_ALREADY_EXISTS;
1121 if(close_res == -1) {
1122 /* log heinous error */
1126 res = LDAP_UNWILLING_TO_PERFORM;
1130 if(newpath.bv_val != NULL)
1131 SLAP_FREE(newpath.bv_val);
1136 ldif_back_modrdn(Operation *op, SlapReply *rs)
1138 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1139 struct berval new_dn = BER_BVNULL, new_ndn = BER_BVNULL;
1140 struct berval p_dn, old_path;
1144 slap_mods_opattrs( op, &op->orr_modlist, 1 );
1146 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1148 rc = get_entry( op, &entry, &old_path );
1149 if ( rc == LDAP_SUCCESS ) {
1150 /* build new dn, and new ndn for the entry */
1151 if ( op->oq_modrdn.rs_newSup != NULL ) {
1152 struct berval op_dn = op->o_req_dn,
1153 op_ndn = op->o_req_ndn;
1157 p_dn = *op->oq_modrdn.rs_newSup;
1158 op->o_req_dn = *op->oq_modrdn.rs_newSup;
1159 op->o_req_ndn = *op->oq_modrdn.rs_nnewSup;
1160 rc = get_entry( op, &np, NULL );
1161 op->o_req_dn = op_dn;
1162 op->o_req_ndn = op_ndn;
1163 if ( rc != LDAP_SUCCESS ) {
1164 goto no_such_object;
1168 dnParent( &entry->e_name, &p_dn );
1170 build_new_dn( &new_dn, &p_dn, &op->oq_modrdn.rs_newrdn, NULL );
1171 dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn, NULL );
1172 ber_memfree_x( entry->e_name.bv_val, NULL );
1173 ber_memfree_x( entry->e_nname.bv_val, NULL );
1174 entry->e_name = new_dn;
1175 entry->e_nname = new_ndn;
1177 /* perform the modifications */
1178 rc = apply_modify_to_entry( entry, op->orr_modlist, op, rs );
1179 if ( rc == LDAP_SUCCESS )
1180 rc = ldif_move_entry( op, entry, &old_path );
1183 entry_free( entry );
1184 SLAP_FREE( old_path.bv_val );
1188 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1190 send_ldap_result( op, rs );
1191 slap_graduate_commit_csn( op );
1196 /* Return LDAP_SUCCESS IFF we retrieve the specified entry. */
1198 ldif_back_entry_get(
1202 AttributeDescription *at,
1206 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1207 struct berval op_dn = op->o_req_dn, op_ndn = op->o_req_ndn;
1210 assert( ndn != NULL );
1211 assert( !BER_BVISNULL( ndn ) );
1213 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
1214 op->o_req_dn = *ndn;
1215 op->o_req_ndn = *ndn;
1216 rc = get_entry( op, e, NULL );
1217 op->o_req_dn = op_dn;
1218 op->o_req_ndn = op_ndn;
1219 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
1221 if ( rc == LDAP_SUCCESS && oc && !is_entry_objectclass_or_sub( *e, oc ) ) {
1222 rc = LDAP_NO_SUCH_ATTRIBUTE;
1233 static int ldif_tool_entry_open(BackendDB *be, int mode) {
1234 struct ldif_info *li = (struct ldif_info *) be->be_private;
1235 li->li_tool_current = 0;
1239 static int ldif_tool_entry_close(BackendDB * be) {
1240 struct ldif_info *li = (struct ldif_info *) be->be_private;
1242 SLAP_FREE(li->li_tool_cookie.entries);
1246 static ID ldif_tool_entry_next(BackendDB *be)
1248 struct ldif_info *li = (struct ldif_info *) be->be_private;
1249 if(li->li_tool_current >= li->li_tool_cookie.eind)
1252 return ++li->li_tool_current;
1256 ldif_tool_entry_first(BackendDB *be)
1258 struct ldif_info *li = (struct ldif_info *) be->be_private;
1260 if(li->li_tool_cookie.entries == NULL) {
1264 op.o_req_dn = *be->be_suffix;
1265 op.o_req_ndn = *be->be_nsuffix;
1266 op.ors_scope = LDAP_SCOPE_SUBTREE;
1267 li->li_tool_cookie.op = &op;
1268 (void)enum_tree( &li->li_tool_cookie );
1269 li->li_tool_cookie.op = NULL;
1271 return ldif_tool_entry_next( be );
1274 static Entry * ldif_tool_entry_get(BackendDB * be, ID id) {
1275 struct ldif_info *li = (struct ldif_info *) be->be_private;
1278 if(id > li->li_tool_cookie.eind || id < 1)
1281 e = li->li_tool_cookie.entries[id - 1];
1282 li->li_tool_cookie.entries[id - 1] = NULL;
1287 static ID ldif_tool_entry_put(BackendDB * be, Entry * e, struct berval *text) {
1288 struct berval leaf_path = BER_BVNULL;
1291 int res = LDAP_SUCCESS;
1293 dn2path( be, &e->e_nname, &leaf_path );
1295 if(leaf_path.bv_val != NULL) {
1296 struct berval base = BER_BVNULL;
1297 /* build path to container, and path to ldif of container */
1298 get_parent_path(&leaf_path, &base);
1300 statres = stat(base.bv_val, &stats); /* check if container exists */
1301 if(statres == -1 && errno == ENOENT) { /* container missing */
1302 base.bv_val[base.bv_len] = '.';
1303 statres = stat(base.bv_val, &stats); /* check for leaf node */
1304 base.bv_val[base.bv_len] = '\0';
1305 if(statres == -1 && errno == ENOENT) {
1306 res = LDAP_NO_SUCH_OBJECT; /* parent doesn't exist */
1308 else if(statres != -1) { /* create parent */
1309 int mkdirres = mkdir(base.bv_val, 0750);
1310 if(mkdirres == -1) {
1311 res = LDAP_UNWILLING_TO_PERFORM;
1315 res = LDAP_UNWILLING_TO_PERFORM;
1316 }/* container was possibly created, move on to add the entry */
1317 if(res == LDAP_SUCCESS) {
1318 statres = stat(leaf_path.bv_val, &stats);
1319 if(statres == -1 && errno == ENOENT) {
1320 res = spew_entry(e, &leaf_path, 0, NULL);
1322 else /* it already exists */
1323 res = LDAP_ALREADY_EXISTS;
1325 SLAP_FREE(base.bv_val);
1326 SLAP_FREE(leaf_path.bv_val);
1329 if(res == LDAP_SUCCESS) {
1340 ldif_back_db_init( BackendDB *be, ConfigReply *cr )
1342 struct ldif_info *li;
1344 li = ch_calloc( 1, sizeof(struct ldif_info) );
1345 be->be_private = li;
1346 be->be_cf_ocs = ldifocs;
1347 ldap_pvt_thread_rdwr_init(&li->li_rdwr);
1348 SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_ONE_SUFFIX;
1353 ldif_back_db_destroy( Backend *be, ConfigReply *cr )
1355 struct ldif_info *li = be->be_private;
1357 ch_free(li->li_base_path.bv_val);
1358 ldap_pvt_thread_rdwr_destroy(&li->li_rdwr);
1359 free( be->be_private );
1364 ldif_back_db_open( Backend *be, ConfigReply *cr)
1366 struct ldif_info *li = (struct ldif_info *) be->be_private;
1367 if( BER_BVISEMPTY(&li->li_base_path)) {/* missing base path */
1368 Debug( LDAP_DEBUG_ANY, "missing base path for back-ldif\n", 0, 0, 0);
1375 ldif_back_initialize(
1379 static char *controls[] = {
1380 LDAP_CONTROL_MANAGEDSAIT,
1386 SLAP_BFLAG_INCREMENT |
1387 SLAP_BFLAG_REFERRALS;
1389 bi->bi_controls = controls;
1396 bi->bi_db_init = ldif_back_db_init;
1397 bi->bi_db_config = config_generic_wrapper;
1398 bi->bi_db_open = ldif_back_db_open;
1399 bi->bi_db_close = 0;
1400 bi->bi_db_destroy = ldif_back_db_destroy;
1402 bi->bi_op_bind = ldif_back_bind;
1403 bi->bi_op_unbind = 0;
1404 bi->bi_op_search = ldif_back_search;
1405 bi->bi_op_compare = 0;
1406 bi->bi_op_modify = ldif_back_modify;
1407 bi->bi_op_modrdn = ldif_back_modrdn;
1408 bi->bi_op_add = ldif_back_add;
1409 bi->bi_op_delete = ldif_back_delete;
1410 bi->bi_op_abandon = 0;
1412 bi->bi_extended = 0;
1414 bi->bi_chk_referrals = ldif_back_referrals;
1416 bi->bi_connection_init = 0;
1417 bi->bi_connection_destroy = 0;
1419 bi->bi_entry_get_rw = ldif_back_entry_get;
1421 #if 0 /* NOTE: uncomment to completely disable access control */
1422 bi->bi_access_allowed = slap_access_always_allowed;
1425 bi->bi_tool_entry_open = ldif_tool_entry_open;
1426 bi->bi_tool_entry_close = ldif_tool_entry_close;
1427 bi->bi_tool_entry_first = ldif_tool_entry_first;
1428 bi->bi_tool_entry_next = ldif_tool_entry_next;
1429 bi->bi_tool_entry_get = ldif_tool_entry_get;
1430 bi->bi_tool_entry_put = ldif_tool_entry_put;
1431 bi->bi_tool_entry_reindex = 0;
1432 bi->bi_tool_sync = 0;
1434 bi->bi_tool_dn2id_get = 0;
1435 bi->bi_tool_entry_modify = 0;
1437 bi->bi_cf_ocs = ldifocs;
1439 rc = config_register_schema( ldifcfg, ldifocs );
1440 if ( rc ) return rc;