1 /* ldif.c - the ldif backend */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2005-2011 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was originally developed by Eric Stokes for inclusion
18 * in OpenLDAP Software.
23 #include <ac/string.h>
24 #include <sys/types.h>
26 #include <ac/dirent.h>
29 #include <ac/unistd.h>
35 Entry **entries; /* collected by bi_tool_entry_first() */
36 ID elen; /* length of entries[] array */
37 ID ecount; /* number of entries */
38 ID ecurrent; /* bi_tool_entry_next() position */
39 # define ENTRY_BUFF_INCREMENT 500 /* initial entries[] length */
40 struct berval *tl_base;
45 /* Per-database data */
47 struct berval li_base_path; /* database directory */
48 struct ldif_tool li_tool; /* for slap tools */
50 * Read-only LDAP requests readlock li_rdwr for filesystem input.
51 * Update requests first lock li_modop_mutex for filesystem I/O,
52 * and then writelock li_rdwr as well for filesystem output.
53 * This allows update requests to do callbacks that acquire
54 * read locks, e.g. access controls that inspect entries.
55 * (An alternative would be recursive read/write locks.)
57 ldap_pvt_thread_mutex_t li_modop_mutex; /* serialize update requests */
58 ldap_pvt_thread_rdwr_t li_rdwr; /* no other I/O when writing */
62 #define mkdir(a,b) mkdir(a)
63 #define move_file(from, to) (!MoveFileEx(from, to, MOVEFILE_REPLACE_EXISTING))
65 #define move_file(from, to) rename(from, to)
67 #define move_dir(from, to) rename(from, to)
71 #define LDIF_FILETYPE_SEP '.' /* LDIF[0] */
74 * Unsafe/translated characters in the filesystem.
76 * LDIF_UNSAFE_CHAR(c) returns true if the character c is not to be used
77 * in relative filenames, except it should accept '\\', '{' and '}' even
78 * if unsafe. The value should be a constant expression.
80 * If '\\' is unsafe, #define LDIF_ESCAPE_CHAR as a safe character.
81 * If '{' and '}' are unsafe, #define IX_FSL/IX_FSR as safe characters.
82 * (Not digits, '-' or '+'. IX_FSL == IX_FSR is allowed.)
84 * Characters are escaped as LDIF_ESCAPE_CHAR followed by two hex digits,
85 * except '\\' is replaced with LDIF_ESCAPE_CHAR and {} with IX_FS[LR].
86 * Also some LDIF special chars are hex-escaped.
88 * Thus an LDIF filename is a valid normalized RDN (or suffix DN)
89 * followed by ".ldif", except with '\\' replaced with LDIF_ESCAPE_CHAR.
95 * Unix/MacOSX version. ':' vs '/' can cause confusion on MacOSX so we
96 * escape both. We escape them on Unix so both OS variants get the same
99 #define LDIF_ESCAPE_CHAR '\\'
100 #define LDIF_UNSAFE_CHAR(c) ((c) == '/' || (c) == ':')
104 /* Windows version - Microsoft's list of unsafe characters, except '\\' */
105 #define LDIF_ESCAPE_CHAR '^' /* Not '\\' (unsafe on Windows) */
106 #define LDIF_UNSAFE_CHAR(c) \
107 ((c) == '/' || (c) == ':' || \
108 (c) == '<' || (c) == '>' || (c) == '"' || \
109 (c) == '|' || (c) == '?' || (c) == '*')
114 * Left and Right "{num}" prefix to ordered RDNs ("olcDatabase={1}bdb").
115 * IX_DN* are for LDAP RDNs, IX_FS* for their .ldif filenames.
120 #define IX_FSL IX_DNL
121 #define IX_FSR IX_DNR
125 * Test for unsafe chars, as well as chars handled specially by back-ldif:
126 * - If the escape char is not '\\', it must itself be escaped. Otherwise
127 * '\\' and the escape char would map to the same character.
128 * - Escape the '.' in ".ldif", so the directory for an RDN that actually
129 * ends with ".ldif" can not conflict with a file of the same name. And
130 * since some OSes/programs choke on multiple '.'s, escape all of them.
131 * - If '{' and '}' are translated to some other characters, those
132 * characters must in turn be escaped when they occur in an RDN.
134 #ifndef LDIF_NEED_ESCAPE
135 #define LDIF_NEED_ESCAPE(c) \
136 ((LDIF_UNSAFE_CHAR(c)) || \
137 LDIF_MAYBE_UNSAFE(c, LDIF_ESCAPE_CHAR) || \
138 LDIF_MAYBE_UNSAFE(c, LDIF_FILETYPE_SEP) || \
139 LDIF_MAYBE_UNSAFE(c, IX_FSL) || \
140 (IX_FSR != IX_FSL && LDIF_MAYBE_UNSAFE(c, IX_FSR)))
143 * Helper macro for LDIF_NEED_ESCAPE(): Treat character x as unsafe if
144 * back-ldif does not already treat is specially.
146 #define LDIF_MAYBE_UNSAFE(c, x) \
147 (!(LDIF_UNSAFE_CHAR(x) || (x) == '\\' || (x) == IX_DNL || (x) == IX_DNR) \
150 /* Collect other "safe char" tests here, until someone needs a fix. */
152 eq_unsafe = LDIF_UNSAFE_CHAR('='),
153 safe_filenames = STRLENOF("" LDAP_DIRSEP "") == 1 && !(
154 LDIF_UNSAFE_CHAR('-') || /* for "{-1}frontend" in bconfig.c */
155 LDIF_UNSAFE_CHAR(LDIF_ESCAPE_CHAR) ||
156 LDIF_UNSAFE_CHAR(IX_FSL) || LDIF_UNSAFE_CHAR(IX_FSR))
158 /* Sanity check: Try to force a compilation error if !safe_filenames */
160 int assert_safe_filenames : safe_filenames ? 2 : -2;
161 } assert_safe_filenames[safe_filenames ? 2 : -2];
164 static ConfigTable ldifcfg[] = {
165 { "directory", "dir", 2, 2, 0, ARG_BERVAL|ARG_OFFSET,
166 (void *)offsetof(struct ldif_info, li_base_path),
167 "( OLcfgDbAt:0.1 NAME 'olcDbDirectory' "
168 "DESC 'Directory for database content' "
169 "EQUALITY caseIgnoreMatch "
170 "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
171 { NULL, NULL, 0, 0, 0, ARG_IGNORED,
172 NULL, NULL, NULL, NULL }
175 static ConfigOCs ldifocs[] = {
177 "NAME 'olcLdifConfig' "
178 "DESC 'LDIF backend configuration' "
179 "SUP olcDatabaseConfig "
180 "MUST ( olcDbDirectory ) )", Cft_Database, ldifcfg },
186 * Handle file/directory names.
189 /* Set *res = LDIF filename path for the normalized DN */
191 ndn2path( Operation *op, struct berval *dn, struct berval *res, int empty_ok )
193 BackendDB *be = op->o_bd;
194 struct ldif_info *li = (struct ldif_info *) be->be_private;
195 struct berval *suffixdn = &be->be_nsuffix[0];
196 const char *start, *end, *next, *p;
199 static const char hex[] = "0123456789ABCDEF";
201 assert( dn != NULL );
202 assert( !BER_BVISNULL( dn ) );
203 assert( suffixdn != NULL );
204 assert( !BER_BVISNULL( suffixdn ) );
205 assert( dnIsSuffix( dn, suffixdn ) );
207 if ( dn->bv_len == 0 && !empty_ok ) {
208 return LDAP_UNWILLING_TO_PERFORM;
212 end = start + dn->bv_len;
214 /* Room for dir, dirsep, dn, LDIF, "\hexpair"-escaping of unsafe chars */
215 len = li->li_base_path.bv_len + dn->bv_len + (1 + STRLENOF( LDIF ));
216 for ( p = start; p < end; ) {
218 if ( LDIF_NEED_ESCAPE( ch ) )
221 res->bv_val = ch_malloc( len + 1 );
223 ptr = lutil_strcopy( res->bv_val, li->li_base_path.bv_val );
224 for ( next = end - suffixdn->bv_len; end > start; end = next ) {
225 /* Set p = start of DN component, next = &',' or start of DN */
226 while ( (p = next) > start ) {
228 if ( DN_SEPARATOR( *next ) )
231 /* Append <dirsep> <p..end-1: RDN or database-suffix> */
232 for ( *ptr++ = LDAP_DIRSEP[0]; p < end; *ptr++ = ch ) {
234 if ( LDIF_ESCAPE_CHAR != '\\' && ch == '\\' ) {
235 ch = LDIF_ESCAPE_CHAR;
236 } else if ( IX_FSL != IX_DNL && ch == IX_DNL ) {
238 } else if ( IX_FSR != IX_DNR && ch == IX_DNR ) {
240 } else if ( LDIF_NEED_ESCAPE( ch ) ) {
241 *ptr++ = LDIF_ESCAPE_CHAR;
242 *ptr++ = hex[(ch & 0xFFU) >> 4];
243 ch = hex[ch & 0x0FU];
247 ptr = lutil_strcopy( ptr, LDIF );
248 res->bv_len = ptr - res->bv_val;
250 assert( res->bv_len <= len );
256 * *dest = dupbv(<dir + LDAP_DIRSEP>), plus room for <more>-sized filename.
257 * Return pointer past the dirname.
260 fullpath_alloc( struct berval *dest, const struct berval *dir, ber_len_t more )
262 char *s = SLAP_MALLOC( dir->bv_len + more + 2 );
267 Debug( LDAP_DEBUG_ANY, "back-ldif: out of memory\n", 0, 0, 0 );
269 s = lutil_strcopy( dest->bv_val, dir->bv_val );
270 *s++ = LDAP_DIRSEP[0];
272 dest->bv_len = s - dest->bv_val;
278 * Append filename to fullpath_alloc() dirname or replace previous filename.
279 * dir_end = fullpath_alloc() return value.
281 #define FILL_PATH(fpath, dir_end, filename) \
282 ((fpath)->bv_len = lutil_strcopy(dir_end, filename) - (fpath)->bv_val)
285 /* .ldif entry filename length <-> subtree dirname length. */
286 #define ldif2dir_len(bv) ((bv).bv_len -= STRLENOF(LDIF))
287 #define dir2ldif_len(bv) ((bv).bv_len += STRLENOF(LDIF))
288 /* .ldif entry filename <-> subtree dirname, both with dirname length. */
289 #define ldif2dir_name(bv) ((bv).bv_val[(bv).bv_len] = '\0')
290 #define dir2ldif_name(bv) ((bv).bv_val[(bv).bv_len] = LDIF_FILETYPE_SEP)
292 /* Get the parent directory path, plus the LDIF suffix overwritten by a \0. */
294 get_parent_path( struct berval *dnpath, struct berval *res )
296 ber_len_t i = dnpath->bv_len;
298 while ( i > 0 && dnpath->bv_val[ --i ] != LDAP_DIRSEP[0] ) ;
302 res->bv_val = SLAP_MALLOC( i + 1 + STRLENOF(LDIF) );
303 if ( res->bv_val == NULL )
305 AC_MEMCPY( res->bv_val, dnpath->bv_val, i );
308 strcpy( res->bv_val + i, LDIF );
309 res->bv_val[i] = '\0';
313 /* Make temporary filename pattern for mkstemp() based on dnpath. */
315 ldif_tempname( const struct berval *dnpath )
317 static const char suffix[] = ".XXXXXX";
318 ber_len_t len = dnpath->bv_len - STRLENOF( LDIF );
319 char *name = SLAP_MALLOC( len + sizeof( suffix ) );
321 if ( name != NULL ) {
322 AC_MEMCPY( name, dnpath->bv_val, len );
323 strcpy( name + len, suffix );
329 * Read a file, or stat() it if datap == NULL. Allocate and fill *datap.
330 * Return LDAP_SUCCESS, LDAP_NO_SUCH_OBJECT (no such file), or another error.
333 ldif_read_file( const char *path, char **datap )
336 int res = -1; /* 0:success, <0:error, >0:file too big/growing. */
338 char *data = NULL, *ptr;
340 if ( datap == NULL ) {
341 res = stat( path, &st );
344 fd = open( path, O_RDONLY );
346 if ( fstat( fd, &st ) == 0 ) {
347 if ( st.st_size > INT_MAX - 2 ) {
350 len = st.st_size + 1; /* +1 detects file size > st.st_size */
351 *datap = data = ptr = SLAP_MALLOC( len + 1 );
353 while ( len && (res = read( fd, ptr, len )) ) {
357 } else if ( errno != EINTR ) {
365 if ( close( fd ) < 0 )
371 Debug( LDAP_DEBUG_TRACE, "ldif_read_file: %s: \"%s\"\n",
372 datap ? "read entry file" : "entry file exists", path, 0 );
375 if ( res < 0 && errno == ENOENT ) {
376 Debug( LDAP_DEBUG_TRACE, "ldif_read_file: "
377 "no entry file \"%s\"\n", path, 0, 0 );
378 rc = LDAP_NO_SUCH_OBJECT;
380 const char *msg = res < 0 ? STRERROR( errno ) : "bad stat() size";
381 Debug( LDAP_DEBUG_ANY, "ldif_read_file: %s for \"%s\"\n",
392 * return nonnegative for success or -1 for error
393 * do not return numbers less than -1
396 spew_file( int fd, const char *spew, int len, int *save_errno )
399 #define HEADER "# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n"
401 writeres = write(fd, HEADER, sizeof(HEADER));
403 writeres = write(fd, spew, len);
406 if (*save_errno != EINTR)
417 /* Write an entry LDIF file. Create parentdir first if non-NULL. */
422 const struct berval *path,
423 const char *parentdir,
426 int rc = LDAP_OTHER, res, save_errno = 0;
427 int fd, entry_length;
428 char *entry_as_string, *tmpfname;
431 return SLAPD_ABANDON;
433 if ( parentdir != NULL && mkdir( parentdir, 0750 ) < 0 ) {
435 Debug( LDAP_DEBUG_ANY, "ldif_write_entry: %s \"%s\": %s\n",
436 "cannot create parent directory",
437 parentdir, STRERROR( save_errno ) );
438 *text = "internal error (cannot create parent directory)";
442 tmpfname = ldif_tempname( path );
443 fd = tmpfname == NULL ? -1 : mkstemp( tmpfname );
446 Debug( LDAP_DEBUG_ANY, "ldif_write_entry: %s for \"%s\": %s\n",
447 "cannot create file", e->e_dn, STRERROR( save_errno ) );
448 *text = "internal error (cannot create file)";
451 ber_len_t dn_len = e->e_name.bv_len;
454 /* Only save the RDN onto disk */
455 dnRdn( &e->e_name, &rdn );
456 if ( rdn.bv_len != dn_len ) {
457 e->e_name.bv_val[rdn.bv_len] = '\0';
458 e->e_name.bv_len = rdn.bv_len;
462 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
463 entry_as_string = entry2str( e, &entry_length );
464 if ( entry_as_string != NULL )
465 res = spew_file( fd, entry_as_string, entry_length, &save_errno );
466 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
468 /* Restore full DN */
469 if ( rdn.bv_len != dn_len ) {
470 e->e_name.bv_val[rdn.bv_len] = ',';
471 e->e_name.bv_len = dn_len;
474 if ( close( fd ) < 0 && res >= 0 ) {
480 if ( move_file( tmpfname, path->bv_val ) == 0 ) {
481 Debug( LDAP_DEBUG_TRACE, "ldif_write_entry: "
482 "wrote entry \"%s\"\n", e->e_name.bv_val, 0, 0 );
486 Debug( LDAP_DEBUG_ANY, "ldif_write_entry: "
487 "could not put entry file for \"%s\" in place: %s\n",
488 e->e_name.bv_val, STRERROR( save_errno ), 0 );
489 *text = "internal error (could not put entry file in place)";
491 } else if ( res == -1 ) {
492 Debug( LDAP_DEBUG_ANY, "ldif_write_entry: %s \"%s\": %s\n",
493 "write error to", tmpfname, STRERROR( save_errno ) );
494 *text = "internal error (write error to entry file)";
497 if ( rc != LDAP_SUCCESS ) {
503 SLAP_FREE( tmpfname );
508 * Read the entry at path, or if entryp==NULL just see if it exists.
509 * pdn and pndn are the parent's DN and normalized DN, or both NULL.
510 * Return an LDAP result code.
523 char *entry_as_string;
526 /* TODO: Does slapd prevent Abandon of Bind as per rfc4511?
527 * If so we need not check for LDAP_REQ_BIND here.
529 if ( op->o_abandon && op->o_tag != LDAP_REQ_BIND )
530 return SLAPD_ABANDON;
532 rc = ldif_read_file( path, entryp ? &entry_as_string : NULL );
536 if ( entryp == NULL )
538 *entryp = entry = str2entry( entry_as_string );
539 SLAP_FREE( entry_as_string );
540 if ( entry == NULL ) {
543 *text = "internal error (cannot parse some entry file)";
546 if ( pdn == NULL || BER_BVISEMPTY( pdn ) )
548 /* Append parent DN to DN from LDIF file */
550 build_new_dn( &entry->e_name, pdn, &rdn, NULL );
551 SLAP_FREE( rdn.bv_val );
552 rdn = entry->e_nname;
553 build_new_dn( &entry->e_nname, pndn, &rdn, NULL );
554 SLAP_FREE( rdn.bv_val );
560 ? "internal error (cannot read some entry file)"
561 : "internal error (cannot stat some entry file)";
569 * Read the operation's entry, or if entryp==NULL just see if it exists.
570 * Return an LDAP result code. May set *text to a message on failure.
571 * If pathp is non-NULL, set it to the entry filename on success.
577 struct berval *pathp,
581 struct berval path, pdn, pndn;
583 dnParent( &op->o_req_dn, &pdn );
584 dnParent( &op->o_req_ndn, &pndn );
585 rc = ndn2path( op, &op->o_req_ndn, &path, 0 );
586 if ( rc != LDAP_SUCCESS ) {
590 rc = ldif_read_entry( op, path.bv_val, &pdn, &pndn, entryp, text );
592 if ( rc == LDAP_SUCCESS && pathp != NULL ) {
595 SLAP_FREE( path.bv_val );
603 * RDN-named directory entry, with special handling of "attr={num}val" RDNs.
604 * For sorting, filename "attr=val.ldif" is truncated to "attr="val\0ldif",
605 * and filename "attr={num}val.ldif" to "attr={\0um}val.ldif".
606 * Does not sort escaped chars correctly, would need to un-escape them.
608 typedef struct bvlist {
610 char *trunc; /* filename was truncated here */
611 int inum; /* num from "attr={num}" in filename, or INT_MIN */
612 char savech; /* original char at *trunc */
613 /* BVL_NAME(&bvlist) is the filename, allocated after the struct: */
614 # define BVL_NAME(bvl) ((char *) ((bvl) + 1))
615 # define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen) + 1)
619 ldif_send_entry( Operation *op, SlapReply *rs, Entry *e, int scope )
621 int rc = LDAP_SUCCESS;
623 if ( scope == LDAP_SCOPE_BASE || scope == LDAP_SCOPE_SUBTREE ) {
625 /* Save the entry for tool mode */
626 struct ldif_tool *tl =
627 &((struct ldif_info *) op->o_bd->be_private)->li_tool;
629 if ( tl->ecount >= tl->elen ) {
630 /* Allocate/grow entries */
631 ID elen = tl->elen ? tl->elen * 2 : ENTRY_BUFF_INCREMENT;
632 Entry **entries = (Entry **) SLAP_REALLOC( tl->entries,
633 sizeof(Entry *) * elen );
634 if ( entries == NULL ) {
635 Debug( LDAP_DEBUG_ANY,
636 "ldif_send_entry: out of memory\n", 0, 0, 0 );
641 tl->entries = entries;
643 tl->entries[tl->ecount++] = e;
647 else if ( !get_manageDSAit( op ) && is_entry_referral( e ) ) {
648 /* Send a continuation reference.
649 * (ldif_back_referrals() handles baseobject referrals.)
650 * Don't check the filter since it's only a candidate.
652 BerVarray refs = get_entry_referrals( op, e );
653 rs->sr_ref = referral_rewrite( refs, &e->e_name, NULL, scope );
655 rc = send_search_reference( op, rs );
656 ber_bvarray_free( rs->sr_ref );
657 ber_bvarray_free( refs );
662 else if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE ) {
664 rs->sr_attrs = op->ors_attrs;
665 /* Could set REP_ENTRY_MUSTBEFREED too for efficiency,
666 * but refraining lets us test unFREEable MODIFIABLE
667 * entries. Like entries built on the stack.
669 rs->sr_flags = REP_ENTRY_MODIFIABLE;
670 rc = send_search_entry( op, rs );
681 /* Read LDIF directory <path> into <listp>. Set *fname_maxlenp. */
686 const struct berval *path,
688 ber_len_t *fname_maxlenp )
690 int rc = LDAP_SUCCESS;
696 dir_of_path = opendir( path->bv_val );
697 if ( dir_of_path == NULL ) {
698 int save_errno = errno;
699 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
700 int is_rootDSE = (path->bv_len == li->li_base_path.bv_len);
702 /* Absent directory is OK (leaf entry), except the database dir */
703 if ( is_rootDSE || save_errno != ENOENT ) {
704 Debug( LDAP_DEBUG_ANY,
705 "=> ldif_search_entry: failed to opendir \"%s\": %s\n",
706 path->bv_val, STRERROR( save_errno ), 0 );
710 save_errno != ENOENT ? "internal error (bad directory)"
711 : !is_rootDSE ? "internal error (missing directory)"
712 : "internal error (database directory does not exist)";
720 while ( (dir = readdir( dir_of_path )) != NULL ) {
723 char *trunc, *idxp, *endp, *endp2;
725 fname_len = strlen( dir->d_name );
726 if ( fname_len < STRLENOF( "x=" LDIF )) /* min filename size */
728 if ( strcmp( dir->d_name + fname_len - STRLENOF(LDIF), LDIF ))
731 if ( *fname_maxlenp < fname_len )
732 *fname_maxlenp = fname_len;
734 bvl = SLAP_MALLOC( BVL_SIZE( fname_len ) );
740 strcpy( BVL_NAME( bvl ), dir->d_name );
742 /* Make it sortable by ("attr=val" or <preceding {num}, num>) */
743 trunc = BVL_NAME( bvl ) + fname_len - STRLENOF( LDIF );
744 if ( (idxp = strchr( BVL_NAME( bvl ) + 2, IX_FSL )) != NULL &&
745 (endp = strchr( ++idxp, IX_FSR )) != NULL && endp > idxp &&
746 (eq_unsafe || idxp[-2] == '=' || endp + 1 == trunc) )
748 /* attr={n}val or bconfig.c's "pseudo-indexed" attr=val{n} */
749 bvl->inum = strtol( idxp, &endp2, 10 );
750 if ( endp2 == endp ) {
758 bvl->savech = *trunc;
762 for ( prev = listp; (ptr = *prev) != NULL; prev = &ptr->next ) {
763 int cmp = strcmp( BVL_NAME( bvl ), BVL_NAME( ptr ));
764 if ( cmp < 0 || (cmp == 0 && bvl->inum < ptr->inum) )
771 if ( closedir( dir_of_path ) < 0 ) {
775 rs->sr_text = "internal error (bad directory)";
777 if ( rc != LDAP_SUCCESS ) {
778 Debug( LDAP_DEBUG_ANY, "ldif_search_entry: %s \"%s\": %s\n",
779 "error reading directory", path->bv_val,
780 STRERROR( save_errno ) );
788 * Send an entry, recursively search its children, and free or save it.
789 * Return an LDAP result code. Parameters:
790 * op, rs operation and reply. rs == NULL for slap tools.
791 * e entry to search, or NULL for rootDSE.
792 * scope scope for the part of the search from this entry.
793 * path LDIF filename -- bv_len and non-directory part are overwritten.
801 struct berval *path )
803 int rc = LDAP_SUCCESS;
804 struct berval dn = BER_BVC( "" ), ndn = BER_BVC( "" );
806 if ( scope != LDAP_SCOPE_BASE && e != NULL ) {
807 /* Copy DN/NDN since we send the entry with REP_ENTRY_MODIFIABLE,
808 * which bconfig.c seems to need. (TODO: see config_rename_one.)
810 if ( ber_dupbv( &dn, &e->e_name ) == NULL ||
811 ber_dupbv( &ndn, &e->e_nname ) == NULL )
813 Debug( LDAP_DEBUG_ANY,
814 "ldif_search_entry: out of memory\n", 0, 0, 0 );
820 /* Send the entry if appropriate, and free or save it */
822 rc = ldif_send_entry( op, rs, e, scope );
824 /* Search the children */
825 if ( scope != LDAP_SCOPE_BASE && rc == LDAP_SUCCESS ) {
827 struct berval fpath; /* becomes child pathname */
828 char *dir_end; /* will point past dirname in fpath */
830 ldif2dir_len( *path );
831 ldif2dir_name( *path );
832 rc = ldif_readdir( op, rs, path, &list, &fpath.bv_len );
834 if ( list != NULL ) {
835 const char **text = rs == NULL ? NULL : &rs->sr_text;
837 if ( scope == LDAP_SCOPE_ONELEVEL )
838 scope = LDAP_SCOPE_BASE;
839 else if ( scope == LDAP_SCOPE_SUBORDINATE )
840 scope = LDAP_SCOPE_SUBTREE;
842 /* Allocate fpath and fill in directory part */
843 dir_end = fullpath_alloc( &fpath, path, fpath.bv_len );
844 if ( dir_end == NULL )
850 if ( rc == LDAP_SUCCESS ) {
851 *ptr->trunc = ptr->savech;
852 FILL_PATH( &fpath, dir_end, BVL_NAME( ptr ));
854 rc = ldif_read_entry( op, fpath.bv_val, &dn, &ndn,
858 rc = ldif_search_entry( op, rs, e, scope, &fpath );
860 case LDAP_NO_SUCH_OBJECT:
861 /* Only the search baseDN may produce noSuchObject. */
864 rs->sr_text = "internal error "
865 "(did someone just remove an entry file?)";
866 Debug( LDAP_DEBUG_ANY, "ldif_search_entry: "
867 "file listed in parent directory does not exist: "
868 "\"%s\"\n", fpath.bv_val, 0, 0 );
875 } while ( list != NULL );
877 if ( !BER_BVISNULL( &fpath ) )
878 SLAP_FREE( fpath.bv_val );
883 if ( !BER_BVISEMPTY( &dn ) )
884 ber_memfree( dn.bv_val );
885 if ( !BER_BVISEMPTY( &ndn ) )
886 ber_memfree( ndn.bv_val );
891 search_tree( Operation *op, SlapReply *rs )
893 int rc = LDAP_SUCCESS;
896 struct berval pdn, pndn;
898 (void) ndn2path( op, &op->o_req_ndn, &path, 1 );
899 if ( !BER_BVISEMPTY( &op->o_req_ndn ) ) {
900 /* Read baseObject */
901 dnParent( &op->o_req_dn, &pdn );
902 dnParent( &op->o_req_ndn, &pndn );
903 rc = ldif_read_entry( op, path.bv_val, &pdn, &pndn, &e,
904 rs == NULL ? NULL : &rs->sr_text );
906 if ( rc == LDAP_SUCCESS )
907 rc = ldif_search_entry( op, rs, e, op->ors_scope, &path );
909 ch_free( path.bv_val );
915 * Prepare to create or rename an entry:
916 * Check that the entry does not already exist.
917 * Check that the parent entry exists and can have subordinates,
918 * unless need_dir is NULL or adding the suffix entry.
920 * Return an LDAP result code. May set *text to a message on failure.
921 * If success, set *dnpath to LDIF entry path and *need_dir to
922 * (directory must be created ? dirname : NULL).
928 struct berval *dnpath,
932 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
933 struct berval *ndn = &e->e_nname;
934 struct berval ppath = BER_BVNULL;
936 Entry *parent = NULL;
940 return SLAPD_ABANDON;
942 rc = ndn2path( op, ndn, dnpath, 0 );
943 if ( rc != LDAP_SUCCESS ) {
947 if ( stat( dnpath->bv_val, &st ) == 0 ) { /* entry .ldif file */
948 rc = LDAP_ALREADY_EXISTS;
950 } else if ( errno != ENOENT ) {
951 Debug( LDAP_DEBUG_ANY,
952 "ldif_prepare_create: cannot stat \"%s\": %s\n",
953 dnpath->bv_val, STRERROR( errno ), 0 );
955 *text = "internal error (cannot check entry file)";
957 } else if ( need_dir != NULL ) {
959 rc = get_parent_path( dnpath, &ppath );
960 /* If parent dir exists, so does parent .ldif:
961 * The directory gets created after and removed before the .ldif.
962 * Except with the database directory, which has no matching entry.
964 if ( rc == LDAP_SUCCESS && stat( ppath.bv_val, &st ) < 0 ) {
965 rc = errno == ENOENT && ppath.bv_len > li->li_base_path.bv_len
966 ? LDAP_NO_SUCH_OBJECT : LDAP_OTHER;
969 case LDAP_NO_SUCH_OBJECT:
970 /* No parent dir, check parent .ldif */
971 dir2ldif_name( ppath );
972 rc = ldif_read_entry( op, ppath.bv_val, NULL, NULL,
973 (op->o_tag != LDAP_REQ_ADD || get_manageDSAit( op )
978 /* Check that parent is not a referral, unless
979 * ldif_back_referrals() already checked.
981 if ( parent != NULL ) {
982 int is_ref = is_entry_referral( parent );
983 entry_free( parent );
985 rc = LDAP_AFFECTS_MULTIPLE_DSAS;
986 *text = op->o_tag == LDAP_REQ_MODDN
987 ? "newSuperior is a referral object"
988 : "parent is a referral object";
992 /* Must create parent directory. */
993 ldif2dir_name( ppath );
994 *need_dir = ppath.bv_val;
996 case LDAP_NO_SUCH_OBJECT:
997 *text = op->o_tag == LDAP_REQ_MODDN
998 ? "newSuperior object does not exist"
999 : "parent does not exist";
1004 Debug( LDAP_DEBUG_ANY,
1005 "ldif_prepare_create: cannot stat \"%s\" parent dir: %s\n",
1006 ndn->bv_val, STRERROR( errno ), 0 );
1007 *text = "internal error (cannot stat parent dir)";
1010 if ( *need_dir == NULL && ppath.bv_val != NULL )
1011 SLAP_FREE( ppath.bv_val );
1014 if ( rc != LDAP_SUCCESS ) {
1015 SLAP_FREE( dnpath->bv_val );
1016 BER_BVZERO( dnpath );
1022 apply_modify_to_entry(
1024 Modifications *modlist,
1029 int rc = modlist ? LDAP_UNWILLING_TO_PERFORM : LDAP_SUCCESS;
1033 if (!acl_check_modlist(op, entry, modlist)) {
1034 return LDAP_INSUFFICIENT_ACCESS;
1037 for (; modlist != NULL; modlist = modlist->sml_next) {
1038 mods = &modlist->sml_mod;
1040 if ( mods->sm_desc == slap_schema.si_ad_objectClass ) {
1043 switch (mods->sm_op) {
1045 rc = modify_add_values(entry, mods,
1046 get_permissiveModify(op),
1047 &rs->sr_text, textbuf,
1051 case LDAP_MOD_DELETE:
1052 rc = modify_delete_values(entry, mods,
1053 get_permissiveModify(op),
1054 &rs->sr_text, textbuf,
1058 case LDAP_MOD_REPLACE:
1059 rc = modify_replace_values(entry, mods,
1060 get_permissiveModify(op),
1061 &rs->sr_text, textbuf,
1065 case LDAP_MOD_INCREMENT:
1066 rc = modify_increment_values( entry,
1067 mods, get_permissiveModify(op),
1068 &rs->sr_text, textbuf,
1072 case SLAP_MOD_SOFTADD:
1073 mods->sm_op = LDAP_MOD_ADD;
1074 rc = modify_add_values(entry, mods,
1075 get_permissiveModify(op),
1076 &rs->sr_text, textbuf,
1078 mods->sm_op = SLAP_MOD_SOFTADD;
1079 if (rc == LDAP_TYPE_OR_VALUE_EXISTS) {
1084 if(rc != LDAP_SUCCESS) break;
1087 if ( rc == LDAP_SUCCESS ) {
1088 rs->sr_text = NULL; /* Needed at least with SLAP_MOD_SOFTADD */
1090 entry->e_ocflags = 0;
1092 /* check that the entry still obeys the schema */
1093 rc = entry_schema_check( op, entry, NULL, 0, 0, NULL,
1094 &rs->sr_text, textbuf, SLAP_TEXT_BUFLEN );
1102 ldif_back_referrals( Operation *op, SlapReply *rs )
1104 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1105 struct berval path, dn = op->o_req_dn, ndn = op->o_req_ndn;
1106 ber_len_t min_dnlen;
1107 Entry *entry = NULL, **entryp;
1111 min_dnlen = op->o_bd->be_nsuffix[0].bv_len;
1112 if ( min_dnlen == 0 ) {
1113 /* Catch root DSE (empty DN), it is not a referral */
1116 if ( ndn2path( op, &ndn, &path, 0 ) != LDAP_SUCCESS ) {
1117 return LDAP_SUCCESS; /* Root DSE again */
1120 entryp = get_manageDSAit( op ) ? NULL : &entry;
1121 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
1124 dnParent( &dn, &dn );
1125 dnParent( &ndn, &ndn );
1126 rc = ldif_read_entry( op, path.bv_val, &dn, &ndn,
1127 entryp, &rs->sr_text );
1128 if ( rc != LDAP_NO_SUCH_OBJECT )
1132 if ( ndn.bv_len < min_dnlen )
1134 (void) get_parent_path( &path, NULL );
1135 dir2ldif_name( path );
1139 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
1140 SLAP_FREE( path.bv_val );
1142 if ( entry != NULL ) {
1143 if ( is_entry_referral( entry ) ) {
1144 Debug( LDAP_DEBUG_TRACE,
1145 "ldif_back_referrals: tag=%lu target=\"%s\" matched=\"%s\"\n",
1146 (unsigned long) op->o_tag, op->o_req_dn.bv_val, entry->e_dn );
1148 ref = get_entry_referrals( op, entry );
1149 rs->sr_ref = referral_rewrite( ref, &entry->e_name, &op->o_req_dn,
1150 op->o_tag == LDAP_REQ_SEARCH ?
1151 op->ors_scope : LDAP_SCOPE_DEFAULT );
1152 ber_bvarray_free( ref );
1154 if ( rs->sr_ref != NULL ) {
1156 rc = rs->sr_err = LDAP_REFERRAL;
1157 rs->sr_matched = entry->e_dn;
1158 send_ldap_result( op, rs );
1159 ber_bvarray_free( rs->sr_ref );
1163 rs->sr_text = "bad referral object";
1165 rs->sr_matched = NULL;
1168 entry_free( entry );
1175 /* LDAP operations */
1178 ldif_back_bind( Operation *op, SlapReply *rs )
1180 struct ldif_info *li;
1182 AttributeDescription *password = slap_schema.si_ad_userPassword;
1184 Entry *entry = NULL;
1186 switch ( be_rootdn_bind( op, rs ) ) {
1187 case SLAP_CB_CONTINUE:
1191 /* in case of success, front end will send result;
1192 * otherwise, be_rootdn_bind() did */
1196 li = (struct ldif_info *) op->o_bd->be_private;
1197 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
1198 return_val = get_entry(op, &entry, NULL, NULL);
1200 /* no object is found for them */
1201 if(return_val != LDAP_SUCCESS) {
1202 rs->sr_err = return_val = LDAP_INVALID_CREDENTIALS;
1206 /* they don't have userpassword */
1207 if((a = attr_find(entry->e_attrs, password)) == NULL) {
1208 rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
1213 /* authentication actually failed */
1214 if(slap_passwd_check(op, entry, a, &op->oq_bind.rb_cred,
1215 &rs->sr_text) != 0) {
1216 rs->sr_err = LDAP_INVALID_CREDENTIALS;
1221 /* let the front-end send success */
1222 return_val = LDAP_SUCCESS;
1225 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
1226 if(return_val != LDAP_SUCCESS)
1227 send_ldap_result( op, rs );
1234 ldif_back_search( Operation *op, SlapReply *rs )
1236 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1238 ldap_pvt_thread_rdwr_rlock(&li->li_rdwr);
1239 rs->sr_err = search_tree( op, rs );
1240 ldap_pvt_thread_rdwr_runlock(&li->li_rdwr);
1241 send_ldap_result(op, rs);
1247 ldif_back_add( Operation *op, SlapReply *rs )
1249 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1250 Entry * e = op->ora_e;
1253 char textbuf[SLAP_TEXT_BUFLEN];
1256 Debug( LDAP_DEBUG_TRACE, "ldif_back_add: \"%s\"\n", e->e_dn, 0, 0 );
1258 rc = entry_schema_check( op, e, NULL, 0, 1, NULL,
1259 &rs->sr_text, textbuf, sizeof( textbuf ) );
1260 if ( rc != LDAP_SUCCESS )
1263 rc = slap_add_opattrs( op, &rs->sr_text, textbuf, sizeof( textbuf ), 1 );
1264 if ( rc != LDAP_SUCCESS )
1267 ldap_pvt_thread_mutex_lock( &li->li_modop_mutex );
1269 rc = ldif_prepare_create( op, e, &path, &parentdir, &rs->sr_text );
1270 if ( rc == LDAP_SUCCESS ) {
1271 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1272 rc = ldif_write_entry( op, e, &path, parentdir, &rs->sr_text );
1273 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1275 SLAP_FREE( path.bv_val );
1276 if ( parentdir != NULL )
1277 SLAP_FREE( parentdir );
1280 ldap_pvt_thread_mutex_unlock( &li->li_modop_mutex );
1284 Debug( LDAP_DEBUG_TRACE, "ldif_back_add: err: %d text: %s\n",
1285 rc, rs->sr_text ? rs->sr_text : "", 0 );
1286 send_ldap_result( op, rs );
1287 slap_graduate_commit_csn( op );
1288 rs->sr_text = NULL; /* remove possible pointer to textbuf */
1293 ldif_back_modify( Operation *op, SlapReply *rs )
1295 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1296 Modifications * modlst = op->orm_modlist;
1299 char textbuf[SLAP_TEXT_BUFLEN];
1302 slap_mods_opattrs( op, &op->orm_modlist, 1 );
1304 ldap_pvt_thread_mutex_lock( &li->li_modop_mutex );
1306 rc = get_entry( op, &entry, &path, &rs->sr_text );
1307 if ( rc == LDAP_SUCCESS ) {
1308 rc = apply_modify_to_entry( entry, modlst, op, rs, textbuf );
1309 if ( rc == LDAP_SUCCESS ) {
1310 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1311 rc = ldif_write_entry( op, entry, &path, NULL, &rs->sr_text );
1312 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1315 entry_free( entry );
1316 SLAP_FREE( path.bv_val );
1319 ldap_pvt_thread_mutex_unlock( &li->li_modop_mutex );
1322 send_ldap_result( op, rs );
1323 slap_graduate_commit_csn( op );
1324 rs->sr_text = NULL; /* remove possible pointer to textbuf */
1329 ldif_back_delete( Operation *op, SlapReply *rs )
1331 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1333 int rc = LDAP_SUCCESS;
1335 if ( BER_BVISEMPTY( &op->o_csn )) {
1337 char csnbuf[LDAP_PVT_CSNSTR_BUFSIZE];
1339 csn.bv_val = csnbuf;
1340 csn.bv_len = sizeof( csnbuf );
1341 slap_get_csn( op, &csn, 1 );
1344 ldap_pvt_thread_mutex_lock( &li->li_modop_mutex );
1345 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1346 if ( op->o_abandon ) {
1351 rc = ndn2path( op, &op->o_req_ndn, &path, 0 );
1352 if ( rc != LDAP_SUCCESS ) {
1356 ldif2dir_len( path );
1357 ldif2dir_name( path );
1358 if ( rmdir( path.bv_val ) < 0 ) {
1361 rc = LDAP_NOT_ALLOWED_ON_NONLEAF;
1364 /* is leaf, go on */
1368 rs->sr_text = "internal error (cannot delete subtree directory)";
1373 if ( rc == LDAP_SUCCESS ) {
1374 dir2ldif_name( path );
1375 if ( unlink( path.bv_val ) < 0 ) {
1376 rc = LDAP_NO_SUCH_OBJECT;
1377 if ( errno != ENOENT ) {
1379 rs->sr_text = "internal error (cannot delete entry file)";
1384 if ( rc == LDAP_OTHER ) {
1385 Debug( LDAP_DEBUG_ANY, "ldif_back_delete: %s \"%s\": %s\n",
1386 "cannot delete", path.bv_val, STRERROR( errno ) );
1389 SLAP_FREE( path.bv_val );
1391 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1392 ldap_pvt_thread_mutex_unlock( &li->li_modop_mutex );
1394 send_ldap_result( op, rs );
1395 slap_graduate_commit_csn( op );
1405 struct berval *oldpath,
1408 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1409 struct berval newpath;
1410 char *parentdir = NULL, *trash;
1417 rc = ldif_prepare_create( op, entry, &newpath,
1418 op->orr_newSup ? &parentdir : NULL, text );
1421 if ( rc == LDAP_SUCCESS ) {
1422 ldap_pvt_thread_rdwr_wlock( &li->li_rdwr );
1424 rc = ldif_write_entry( op, entry, &newpath, parentdir, text );
1425 if ( rc == LDAP_SUCCESS && !same_ndn ) {
1426 trash = oldpath->bv_val; /* will be .ldif file to delete */
1427 ldif2dir_len( newpath );
1428 ldif2dir_len( *oldpath );
1429 /* Move subdir before deleting old entry,
1430 * so .ldif always exists if subdir does.
1432 ldif2dir_name( newpath );
1433 ldif2dir_name( *oldpath );
1434 rename_res = move_dir( oldpath->bv_val, newpath.bv_val );
1435 if ( rename_res != 0 && errno != ENOENT ) {
1437 *text = "internal error (cannot move this subtree)";
1438 trash = newpath.bv_val;
1441 /* Delete old entry, or if error undo change */
1443 dir2ldif_name( newpath );
1444 dir2ldif_name( *oldpath );
1445 if ( unlink( trash ) == 0 )
1447 if ( rc == LDAP_SUCCESS ) {
1448 /* Prepare to undo change and return failure */
1450 *text = "internal error (cannot move this entry)";
1451 trash = newpath.bv_val;
1452 if ( rename_res != 0 )
1454 /* First move subdirectory back */
1455 ldif2dir_name( newpath );
1456 ldif2dir_name( *oldpath );
1457 if ( move_dir( newpath.bv_val, oldpath->bv_val ) == 0 )
1460 *text = "added new but couldn't delete old entry!";
1464 if ( rc != LDAP_SUCCESS ) {
1466 snprintf( s, sizeof s, "%s (%s)", *text, STRERROR( errno ));
1467 Debug( LDAP_DEBUG_ANY,
1468 "ldif_move_entry: %s: \"%s\" -> \"%s\"\n",
1469 s, op->o_req_dn.bv_val, entry->e_dn );
1473 ldap_pvt_thread_rdwr_wunlock( &li->li_rdwr );
1475 SLAP_FREE( newpath.bv_val );
1476 if ( parentdir != NULL )
1477 SLAP_FREE( parentdir );
1484 ldif_back_modrdn( Operation *op, SlapReply *rs )
1486 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1487 struct berval new_dn = BER_BVNULL, new_ndn = BER_BVNULL;
1488 struct berval p_dn, old_path;
1490 char textbuf[SLAP_TEXT_BUFLEN];
1493 slap_mods_opattrs( op, &op->orr_modlist, 1 );
1495 ldap_pvt_thread_mutex_lock( &li->li_modop_mutex );
1497 rc = get_entry( op, &entry, &old_path, &rs->sr_text );
1498 if ( rc == LDAP_SUCCESS ) {
1499 /* build new dn, and new ndn for the entry */
1500 if ( op->oq_modrdn.rs_newSup != NULL ) {
1501 p_dn = *op->oq_modrdn.rs_newSup;
1503 dnParent( &entry->e_name, &p_dn );
1505 build_new_dn( &new_dn, &p_dn, &op->oq_modrdn.rs_newrdn, NULL );
1506 dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn, NULL );
1507 same_ndn = !ber_bvcmp( &entry->e_nname, &new_ndn );
1508 ber_memfree_x( entry->e_name.bv_val, NULL );
1509 ber_memfree_x( entry->e_nname.bv_val, NULL );
1510 entry->e_name = new_dn;
1511 entry->e_nname = new_ndn;
1513 /* perform the modifications */
1514 rc = apply_modify_to_entry( entry, op->orr_modlist, op, rs, textbuf );
1515 if ( rc == LDAP_SUCCESS )
1516 rc = ldif_move_entry( op, entry, same_ndn, &old_path,
1519 entry_free( entry );
1520 SLAP_FREE( old_path.bv_val );
1523 ldap_pvt_thread_mutex_unlock( &li->li_modop_mutex );
1525 send_ldap_result( op, rs );
1526 slap_graduate_commit_csn( op );
1527 rs->sr_text = NULL; /* remove possible pointer to textbuf */
1532 /* Return LDAP_SUCCESS IFF we retrieve the specified entry. */
1534 ldif_back_entry_get(
1538 AttributeDescription *at,
1542 struct ldif_info *li = (struct ldif_info *) op->o_bd->be_private;
1543 struct berval op_dn = op->o_req_dn, op_ndn = op->o_req_ndn;
1546 assert( ndn != NULL );
1547 assert( !BER_BVISNULL( ndn ) );
1549 ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
1550 op->o_req_dn = *ndn;
1551 op->o_req_ndn = *ndn;
1552 rc = get_entry( op, e, NULL, NULL );
1553 op->o_req_dn = op_dn;
1554 op->o_req_ndn = op_ndn;
1555 ldap_pvt_thread_rdwr_runlock( &li->li_rdwr );
1557 if ( rc == LDAP_SUCCESS && oc && !is_entry_objectclass_or_sub( *e, oc ) ) {
1558 rc = LDAP_NO_SUCH_ATTRIBUTE;
1570 ldif_tool_entry_open( BackendDB *be, int mode )
1572 struct ldif_tool *tl = &((struct ldif_info *) be->be_private)->li_tool;
1579 ldif_tool_entry_close( BackendDB *be )
1581 struct ldif_tool *tl = &((struct ldif_info *) be->be_private)->li_tool;
1582 Entry **entries = tl->entries;
1585 for ( i = tl->ecount; i--; )
1587 entry_free( entries[i] );
1588 SLAP_FREE( entries );
1590 tl->ecount = tl->elen = 0;
1595 ldif_tool_entry_next( BackendDB *be )
1597 struct ldif_tool *tl = &((struct ldif_info *) be->be_private)->li_tool;
1600 Entry *e = tl->entries[ tl->ecurrent ];
1602 if ( tl->ecurrent >= tl->ecount ) {
1608 if ( tl->tl_base && !dnIsSuffixScope( &e->e_nname, tl->tl_base, tl->tl_scope ) ) {
1612 if ( tl->tl_filter && test_filter( NULL, e, tl->tl_filter ) != LDAP_COMPARE_TRUE ) {
1619 return tl->ecurrent;
1623 ldif_tool_entry_first_x( BackendDB *be, struct berval *base, int scope, Filter *f )
1625 struct ldif_tool *tl = &((struct ldif_info *) be->be_private)->li_tool;
1628 tl->tl_scope = scope;
1631 if ( tl->entries == NULL ) {
1635 op.o_req_dn = *be->be_suffix;
1636 op.o_req_ndn = *be->be_nsuffix;
1637 op.ors_scope = LDAP_SCOPE_SUBTREE;
1638 if ( search_tree( &op, NULL ) != LDAP_SUCCESS ) {
1639 tl->ecurrent = tl->ecount; /* fail ldif_tool_entry_next() */
1640 return 0; /* fail ldif_tool_entry_get() */
1643 return ldif_tool_entry_next( be );
1647 ldif_tool_entry_get( BackendDB *be, ID id )
1649 struct ldif_tool *tl = &((struct ldif_info *) be->be_private)->li_tool;
1653 if ( id < tl->ecount ) {
1654 e = tl->entries[id];
1655 tl->entries[id] = NULL;
1661 ldif_tool_entry_put( BackendDB *be, Entry *e, struct berval *text )
1664 const char *errmsg = NULL;
1670 rc = ldif_prepare_create( &op, e, &path, &parentdir, &errmsg );
1671 if ( rc == LDAP_SUCCESS ) {
1672 rc = ldif_write_entry( &op, e, &path, parentdir, &errmsg );
1674 SLAP_FREE( path.bv_val );
1675 if ( parentdir != NULL )
1676 SLAP_FREE( parentdir );
1677 if ( rc == LDAP_SUCCESS )
1681 if ( errmsg == NULL && rc != LDAP_OTHER )
1682 errmsg = ldap_err2string( rc );
1683 if ( errmsg != NULL )
1684 snprintf( text->bv_val, text->bv_len, "%s", errmsg );
1692 ldif_back_db_init( BackendDB *be, ConfigReply *cr )
1694 struct ldif_info *li;
1696 li = ch_calloc( 1, sizeof(struct ldif_info) );
1697 be->be_private = li;
1698 be->be_cf_ocs = ldifocs;
1699 ldap_pvt_thread_mutex_init( &li->li_modop_mutex );
1700 ldap_pvt_thread_rdwr_init( &li->li_rdwr );
1701 SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_ONE_SUFFIX;
1706 ldif_back_db_destroy( Backend *be, ConfigReply *cr )
1708 struct ldif_info *li = be->be_private;
1710 ch_free( li->li_base_path.bv_val );
1711 ldap_pvt_thread_rdwr_destroy( &li->li_rdwr );
1712 ldap_pvt_thread_mutex_destroy( &li->li_modop_mutex );
1713 free( be->be_private );
1718 ldif_back_db_open( Backend *be, ConfigReply *cr )
1720 struct ldif_info *li = (struct ldif_info *) be->be_private;
1721 if( BER_BVISEMPTY(&li->li_base_path)) {/* missing base path */
1722 Debug( LDAP_DEBUG_ANY, "missing base path for back-ldif\n", 0, 0, 0);
1729 ldif_back_initialize( BackendInfo *bi )
1731 static char *controls[] = {
1732 LDAP_CONTROL_MANAGEDSAIT,
1738 SLAP_BFLAG_INCREMENT |
1739 SLAP_BFLAG_REFERRALS;
1741 bi->bi_controls = controls;
1748 bi->bi_db_init = ldif_back_db_init;
1749 bi->bi_db_config = config_generic_wrapper;
1750 bi->bi_db_open = ldif_back_db_open;
1751 bi->bi_db_close = 0;
1752 bi->bi_db_destroy = ldif_back_db_destroy;
1754 bi->bi_op_bind = ldif_back_bind;
1755 bi->bi_op_unbind = 0;
1756 bi->bi_op_search = ldif_back_search;
1757 bi->bi_op_compare = 0;
1758 bi->bi_op_modify = ldif_back_modify;
1759 bi->bi_op_modrdn = ldif_back_modrdn;
1760 bi->bi_op_add = ldif_back_add;
1761 bi->bi_op_delete = ldif_back_delete;
1762 bi->bi_op_abandon = 0;
1764 bi->bi_extended = 0;
1766 bi->bi_chk_referrals = ldif_back_referrals;
1768 bi->bi_connection_init = 0;
1769 bi->bi_connection_destroy = 0;
1771 bi->bi_entry_get_rw = ldif_back_entry_get;
1773 #if 0 /* NOTE: uncomment to completely disable access control */
1774 bi->bi_access_allowed = slap_access_always_allowed;
1777 bi->bi_tool_entry_open = ldif_tool_entry_open;
1778 bi->bi_tool_entry_close = ldif_tool_entry_close;
1779 bi->bi_tool_entry_first = backend_tool_entry_first;
1780 bi->bi_tool_entry_first_x = ldif_tool_entry_first_x;
1781 bi->bi_tool_entry_next = ldif_tool_entry_next;
1782 bi->bi_tool_entry_get = ldif_tool_entry_get;
1783 bi->bi_tool_entry_put = ldif_tool_entry_put;
1784 bi->bi_tool_entry_reindex = 0;
1785 bi->bi_tool_sync = 0;
1787 bi->bi_tool_dn2id_get = 0;
1788 bi->bi_tool_entry_modify = 0;
1790 bi->bi_cf_ocs = ldifocs;
1792 rc = config_register_schema( ldifcfg, ldifocs );
1793 if ( rc ) return rc;