2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2005 The OpenLDAP Foundation.
5 * Portions Copyright 2001-2003 Pierangelo Masarati.
6 * Portions Copyright 1999-2003 Howard Chu.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by the Howard Chu for inclusion
19 * in OpenLDAP Software and subsequently enhanced by Pierangelo
27 #include <ac/string.h>
28 #include <ac/socket.h>
32 #include "../back-ldap/back-ldap.h"
33 #undef ldap_debug /* silence a warning in ldap-int.h */
34 #include "../../../libraries/libldap/ldap-int.h"
35 #include "back-meta.h"
41 struct ldapmapping *mapping;
44 memset( mt, 0, sizeof( metatarget_t ) );
46 mt->mt_rwmap.rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
47 if ( mt->mt_rwmap.rwm_rw == NULL ) {
53 * the filter rewrite as a string must be disabled
54 * by default; it can be re-enabled by adding rules;
55 * this creates an empty rewriteContext
57 rargv[ 0 ] = "rewriteContext";
58 rargv[ 1 ] = "searchFilter";
60 rewrite_parse( mt->mt_rwmap.rwm_rw, "<suffix massage>", 1, 2, rargv );
62 rargv[ 0 ] = "rewriteContext";
63 rargv[ 1 ] = "default";
65 rewrite_parse( mt->mt_rwmap.rwm_rw, "<suffix massage>", 1, 2, rargv );
67 ldap_back_map_init( &mt->mt_rwmap.rwm_at, &mapping );
81 metainfo_t *mi = ( metainfo_t * )be->be_private;
85 "%s: line %d: meta backend info is null!\n",
90 /* URI of server to query */
91 if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
92 int i = mi->mi_ntargets;
95 #endif /* uncomment if uri MUST be a branch of suffix */
96 LDAPURLDesc *ludp, *tmpludp;
102 "%s: line %d: missing address"
103 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
110 mi->mi_targets = ( metatarget_t * )ch_realloc( mi->mi_targets,
111 sizeof( metatarget_t ) * mi->mi_ntargets );
112 if ( mi->mi_targets == NULL ) {
114 "%s: line %d: out of memory while storing server name"
115 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
120 if ( new_target( &mi->mi_targets[ i ] ) != 0 ) {
122 "%s: line %d: unable to init server"
123 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
128 mi->mi_targets[ i ].mt_nretries = mi->mi_nretries;
129 mi->mi_targets[ i ].mt_flags = mi->flags;
130 mi->mi_targets[ i ].mt_version = mi->mi_version;
135 if ( ldap_url_parselist_ext( &ludp, argv[ 1 ], "\t" ) != LDAP_SUCCESS ) {
137 "%s: line %d: unable to parse URI"
138 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
144 * uri MUST have the <dn> part!
146 if ( ludp->lud_dn == NULL || ludp->lud_dn[ 0 ] == '\0' ) {
148 "%s: line %d: missing <naming context> "
149 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
155 * copies and stores uri and suffix
157 dn.bv_val = ludp->lud_dn;
158 dn.bv_len = strlen( ludp->lud_dn );
160 rc = dnPrettyNormal( NULL, &dn, &mi->mi_targets[ i ].mt_psuffix,
161 &mi->mi_targets[ i ].mt_nsuffix, NULL );
162 if( rc != LDAP_SUCCESS ) {
163 fprintf( stderr, "%s: line %d: "
164 "target '%s' DN is invalid\n",
165 fname, lineno, argv[ 1 ] );
169 ludp->lud_dn[ 0 ] = '\0';
171 /* check all, to apply the scope check on the first one */
172 for ( tmpludp = ludp; tmpludp; tmpludp = tmpludp->lud_next ) {
173 if ( tmpludp->lud_dn != NULL && tmpludp->lud_dn[ 0 ] != '\0' ) {
174 fprintf( stderr, "%s: line %d: "
175 "multiple URIs must have "
182 if ( tmpludp->lud_scope == LDAP_SCOPE_BASE ) {
183 tmpludp->lud_scope = LDAP_SCOPE_DEFAULT;
187 mi->mi_targets[ i ].mt_uri = ldap_url_list2urls( ludp );
188 ldap_free_urllist( ludp );
189 if ( mi->mi_targets[ i ].mt_uri == NULL) {
190 fprintf( stderr, "%s: line %d: no memory?\n",
196 * uri MUST be a branch of suffix!
198 #if 0 /* too strict a constraint */
199 if ( select_backend( &mi->mi_targets[ i ].suffix, 0, 0 ) != be ) {
201 "%s: line %d: <naming context> of URI does not refer to current backend"
202 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
208 * uri MUST be a branch of a suffix!
210 if ( select_backend( &mi->mi_targets[ i ].mt_nsuffix, 0, 0 ) == NULL ) {
212 "%s: line %d: <naming context> of URI does not resolve to a backend"
213 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
219 /* default target directive */
220 } else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
221 int i = mi->mi_ntargets - 1;
226 "%s: line %d: \"default-target\" alone need be"
227 " inside a \"uri\" directive\n",
231 mi->mi_defaulttarget = i;
233 if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
236 "%s: line %d: \"default-target none\""
237 " should go before uri definitions\n",
240 mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
244 int n = strtol( argv[ 1 ], &next, 10 );
245 if ( n < 0 || n >= i - 1 ) {
247 "%s: line %d: illegal target number %d\n",
251 mi->mi_defaulttarget = n;
255 /* ttl of dn cache */
256 } else if ( strcasecmp( argv[ 0 ], "dncache-ttl" ) == 0 ) {
259 "%s: line %d: missing ttl in \"dncache-ttl <ttl>\" line\n",
264 if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
265 mi->mi_cache.ttl = META_DNCACHE_FOREVER;
266 } else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
267 mi->mi_cache.ttl = META_DNCACHE_DISABLED;
269 mi->mi_cache.ttl = atol( argv[ 1 ] );
272 /* network timeout when connecting to ldap servers */
273 } else if ( strcasecmp( argv[ 0 ], "network-timeout" ) == 0 ) {
276 "%s: line %d: missing network timeout in \"network-timeout <seconds>\" line\n",
280 mi->mi_network_timeout = atol(argv[ 1 ]);
282 /* name to use for meta_back_group */
283 } else if ( strcasecmp( argv[ 0 ], "acl-authcDN" ) == 0
284 || strcasecmp( argv[ 0 ], "binddn" ) == 0 )
286 int i = mi->mi_ntargets - 1;
291 "%s: line %d: need \"uri\" directive first\n",
298 "%s: line %d: missing name in \"binddn <name>\" line\n",
303 if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
304 fprintf( stderr, "%s: line %d: "
305 "\"binddn\" statement is deprecated; "
306 "use \"acl-authcDN\" instead\n",
308 /* FIXME: some day we'll need to throw an error */
311 dn.bv_val = argv[ 1 ];
312 dn.bv_len = strlen( argv[ 1 ] );
313 if ( dnNormalize( 0, NULL, NULL, &dn, &mi->mi_targets[ i ].mt_binddn,
314 NULL ) != LDAP_SUCCESS )
316 fprintf( stderr, "%s: line %d: "
317 "bind DN '%s' is invalid\n",
318 fname, lineno, argv[ 1 ] );
322 /* password to use for meta_back_group */
323 } else if ( strcasecmp( argv[ 0 ], "acl-passwd" ) == 0
324 || strcasecmp( argv[ 0 ], "bindpw" ) == 0 )
326 int i = mi->mi_ntargets - 1;
330 "%s: line %d: need \"uri\" directive first\n",
337 "%s: line %d: missing password in \"bindpw <password>\" line\n",
342 if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
343 fprintf( stderr, "%s: line %d: "
344 "\"bindpw\" statement is deprecated; "
345 "use \"acl-passwd\" instead\n",
347 /* FIXME: some day we'll need to throw an error */
350 ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_bindpw );
352 /* save bind creds for referral rebinds? */
353 } else if ( strcasecmp( argv[ 0 ], "rebind-as-user" ) == 0 ) {
356 "%s: line %d: rebind-as-user takes no arguments\n",
361 mi->flags |= LDAP_BACK_F_SAVECRED;
363 } else if ( strcasecmp( argv[ 0 ], "chase-referrals" ) == 0 ) {
364 unsigned *flagsp = mi->mi_ntargets ?
365 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
370 "%s: line %d: \"chase-referrals\" needs 1 argument.\n",
375 /* this is the default; we add it because the default might change... */
376 if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
377 *flagsp |= LDAP_BACK_F_CHASE_REFERRALS;
379 } else if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
380 *flagsp &= ~LDAP_BACK_F_CHASE_REFERRALS;
384 "%s: line %d: \"chase-referrals {yes|no}\": unknown argument \"%s\".\n",
385 fname, lineno, argv[ 1 ] );
389 } else if ( strcasecmp( argv[ 0 ], "tls" ) == 0 ) {
390 unsigned *flagsp = mi->mi_ntargets ?
391 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
396 "%s: line %d: \"tls <what>\" needs 1 argument.\n",
402 if ( strcasecmp( argv[ 1 ], "start" ) == 0 ) {
403 *flagsp |= ( LDAP_BACK_F_USE_TLS | LDAP_BACK_F_TLS_CRITICAL );
406 } else if ( strcasecmp( argv[ 1 ], "try-start" ) == 0 ) {
407 *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
408 *flagsp |= LDAP_BACK_F_USE_TLS;
410 /* propagate start tls */
411 } else if ( strcasecmp( argv[ 1 ], "propagate" ) == 0 ) {
412 *flagsp |= ( LDAP_BACK_F_PROPAGATE_TLS | LDAP_BACK_F_TLS_CRITICAL );
415 } else if ( strcasecmp( argv[ 1 ], "try-propagate" ) == 0 ) {
416 *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
417 *flagsp |= LDAP_BACK_F_PROPAGATE_TLS;
421 "%s: line %d: \"tls <what>\": unknown argument \"%s\".\n",
422 fname, lineno, argv[ 1 ] );
426 } else if ( strcasecmp( argv[ 0 ], "t-f-support" ) == 0 ) {
427 unsigned *flagsp = mi->mi_ntargets ?
428 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
433 "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
438 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
439 *flagsp &= ~(LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER);
441 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
442 *flagsp |= LDAP_BACK_F_SUPPORT_T_F;
444 } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
445 *flagsp |= LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
449 "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
450 fname, lineno, argv[ 1 ] );
454 /* name to use as pseudo-root dn */
455 } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
456 int i = mi->mi_ntargets - 1;
461 "%s: line %d: need \"uri\" directive first\n",
468 "%s: line %d: missing name in \"pseudorootdn <name>\" line\n",
473 dn.bv_val = argv[ 1 ];
474 dn.bv_len = strlen( argv[ 1 ] );
475 if ( dnNormalize( 0, NULL, NULL, &dn,
476 &mi->mi_targets[ i ].mt_pseudorootdn, NULL ) != LDAP_SUCCESS )
478 fprintf( stderr, "%s: line %d: "
479 "pseudoroot DN '%s' is invalid\n",
480 fname, lineno, argv[ 1 ] );
484 /* password to use as pseudo-root */
485 } else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
486 int i = mi->mi_ntargets - 1;
490 "%s: line %d: need \"uri\" directive first\n",
497 "%s: line %d: missing password in \"pseudorootpw <password>\" line\n",
501 ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_pseudorootpw );
504 } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
506 int i = mi->mi_ntargets - 1;
507 struct berval dn, nvnc, pvnc, nrnc, prnc;
511 "%s: line %d: need \"uri\" directive first\n",
519 * suffixmassage <suffix> <massaged suffix>
521 * the <suffix> field must be defined as a valid suffix
522 * (or suffixAlias?) for the current database;
523 * the <massaged suffix> shouldn't have already been
524 * defined as a valid suffix or suffixAlias for the
529 "%s: line %d: syntax is \"suffixMassage <suffix> <massaged suffix>\"\n",
534 dn.bv_val = argv[ 1 ];
535 dn.bv_len = strlen( argv[ 1 ] );
536 if ( dnPrettyNormal( NULL, &dn, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
537 fprintf( stderr, "%s: line %d: "
538 "suffix '%s' is invalid\n",
539 fname, lineno, argv[ 1 ] );
543 tmp_be = select_backend( &nvnc, 0, 0 );
544 if ( tmp_be != NULL && tmp_be != be ) {
546 "%s: line %d: suffix already in use by another backend in"
547 " \"suffixMassage <suffix> <massaged suffix>\"\n",
554 dn.bv_val = argv[ 2 ];
555 dn.bv_len = strlen( argv[ 2 ] );
556 if ( dnPrettyNormal( NULL, &dn, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
557 fprintf( stderr, "%s: line %d: "
558 "massaged suffix '%s' is invalid\n",
559 fname, lineno, argv[ 2 ] );
566 tmp_be = select_backend( &nrnc, 0, 0 );
567 if ( tmp_be != NULL ) {
569 "%s: line %d: massaged suffix already in use by another backend in"
570 " \"suffixMassage <suffix> <massaged suffix>\"\n",
581 * The suffix massaging is emulated by means of the
582 * rewrite capabilities
583 * FIXME: no extra rewrite capabilities should be added
586 return suffix_massage_config( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
587 &pvnc, &nvnc, &prnc, &nrnc );
589 /* rewrite stuff ... */
590 } else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
591 int i = mi->mi_ntargets - 1;
594 fprintf( stderr, "%s: line %d: \"rewrite\" "
595 "statement outside target definition.\n",
600 return rewrite_parse( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
601 fname, lineno, argc, argv );
603 /* objectclass/attribute mapping */
604 } else if ( strcasecmp( argv[ 0 ], "map" ) == 0 ) {
605 int i = mi->mi_ntargets - 1;
609 "%s: line %d: need \"uri\" directive first\n",
614 return ldap_back_map_config( &mi->mi_targets[ i ].mt_rwmap.rwm_oc,
615 &mi->mi_targets[ i ].mt_rwmap.rwm_at,
616 fname, lineno, argc, argv );
618 } else if ( strcasecmp( argv[ 0 ], "nretries" ) == 0 ) {
619 int i = mi->mi_ntargets - 1;
620 int nretries = META_RETRY_UNDEFINED;
624 "%s: line %d: need value in \"nretries <value>\"\n",
629 if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
630 nretries = META_RETRY_FOREVER;
632 } else if ( strcasecmp( argv[ 1 ], "never" ) == 0 ) {
633 nretries = META_RETRY_NEVER;
638 nretries = strtol( argv[ 1 ], &next, 10 );
639 if ( next == argv[ 1 ] || next[ 0 ] != '\0' ) {
641 "%s: line %d: unable to parse value \"%s\" in \"nretries <value>\"\n",
642 fname, lineno, argv[ 1 ] );
648 mi->mi_nretries = nretries;
651 mi->mi_targets[ i ].mt_nretries = nretries;
656 return SLAP_CONF_UNKNOWN;
662 ldap_back_map_config(
663 struct ldapmap *oc_map,
664 struct ldapmap *at_map,
671 struct ldapmapping *mapping;
675 if ( argc < 3 || argc > 4 ) {
677 "%s: line %d: syntax is \"map {objectclass | attribute} [<local> | *] {<foreign> | *}\"\n",
682 if ( strcasecmp( argv[ 1 ], "objectclass" ) == 0 ) {
686 } else if ( strcasecmp( argv[ 1 ], "attribute" ) == 0 ) {
690 fprintf( stderr, "%s: line %d: syntax is "
691 "\"map {objectclass | attribute} [<local> | *] "
692 "{<foreign> | *}\"\n",
697 if ( strcmp( argv[ 2 ], "*" ) == 0 ) {
698 if ( argc < 4 || strcmp( argv[ 3 ], "*" ) == 0 ) {
699 map->drop_missing = ( argc < 4 );
702 src = dst = argv[ 3 ];
704 } else if ( argc < 4 ) {
710 dst = ( strcmp( argv[ 3 ], "*" ) == 0 ? src : argv[ 3 ] );
713 if ( ( map == at_map )
714 && ( strcasecmp( src, "objectclass" ) == 0
715 || strcasecmp( dst, "objectclass" ) == 0 ) )
718 "%s: line %d: objectclass attribute cannot be mapped\n",
722 mapping = (struct ldapmapping *)ch_calloc( 2,
723 sizeof(struct ldapmapping) );
724 if ( mapping == NULL ) {
726 "%s: line %d: out of memory\n",
730 ber_str2bv( src, 0, 1, &mapping->src );
731 ber_str2bv( dst, 0, 1, &mapping->dst );
732 mapping[ 1 ].src = mapping->dst;
733 mapping[ 1 ].dst = mapping->src;
739 if ( src[ 0 ] != '\0' ) {
740 if ( oc_bvfind( &mapping->src ) == NULL ) {
742 "%s: line %d: warning, source objectClass '%s' "
743 "should be defined in schema\n",
744 fname, lineno, src );
747 * FIXME: this should become an err
753 if ( oc_bvfind( &mapping->dst ) == NULL ) {
755 "%s: line %d: warning, destination objectClass '%s' "
756 "is not defined in schema\n",
757 fname, lineno, dst );
761 const char *text = NULL;
762 AttributeDescription *ad = NULL;
764 if ( src[ 0 ] != '\0' ) {
765 rc = slap_bv2ad( &mapping->src, &ad, &text );
766 if ( rc != LDAP_SUCCESS ) {
768 "%s: line %d: warning, source attributeType '%s' "
769 "should be defined in schema\n",
770 fname, lineno, src );
773 * FIXME: this should become an err
781 rc = slap_bv2ad( &mapping->dst, &ad, &text );
782 if ( rc != LDAP_SUCCESS ) {
784 "%s: line %d: warning, destination attributeType '%s' "
785 "is not defined in schema\n",
786 fname, lineno, dst );
790 if ( (src[ 0 ] != '\0' && avl_find( map->map, (caddr_t)mapping, mapping_cmp ) != NULL)
791 || avl_find( map->remap, (caddr_t)&mapping[ 1 ], mapping_cmp ) != NULL)
794 "%s: line %d: duplicate mapping found" SLAPD_CONF_UNKNOWN_IGNORED ".\n",
799 if ( src[ 0 ] != '\0' ) {
800 avl_insert( &map->map, (caddr_t)mapping,
801 mapping_cmp, mapping_dup );
803 avl_insert( &map->remap, (caddr_t)&mapping[ 1 ],
804 mapping_cmp, mapping_dup );
810 ch_free( mapping->src.bv_val );
811 ch_free( mapping->dst.bv_val );
819 #ifdef ENABLE_REWRITE
821 suffix_massage_regexize( const char *s )
828 ( r = strchr( p, ',' ) ) != NULL;
832 res = ch_calloc( sizeof( char ),
834 + STRLENOF( "(.+,)?" )
835 + STRLENOF( "[ ]?" ) * i + 1 );
837 ptr = lutil_strcopy( res, "(.+,)?" );
839 ( r = strchr( p, ',' ) ) != NULL;
841 ptr = lutil_strncopy( ptr, p, r - p + 1 );
842 ptr = lutil_strcopy( ptr, "[ ]?" );
844 if ( r[ 1 ] == ' ' ) {
848 lutil_strcopy( ptr, p );
854 suffix_massage_patternize( const char *s )
861 res = ch_calloc( sizeof( char ), len + STRLENOF( "%1" ) + 1 );
867 strcpy( &res[ STRLENOF( "%1" ) ], s );
873 suffix_massage_config(
874 struct rewrite_info *info,
884 rargv[ 0 ] = "rewriteEngine";
887 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
889 rargv[ 0 ] = "rewriteContext";
890 rargv[ 1 ] = "default";
892 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
894 rargv[ 0 ] = "rewriteRule";
895 rargv[ 1 ] = suffix_massage_regexize( pvnc->bv_val );
896 rargv[ 2 ] = suffix_massage_patternize( prnc->bv_val );
899 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
900 ch_free( rargv[ 1 ] );
901 ch_free( rargv[ 2 ] );
903 rargv[ 0 ] = "rewriteContext";
904 rargv[ 1 ] = "searchEntryDN";
906 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
908 rargv[ 0 ] = "rewriteRule";
909 rargv[ 1 ] = suffix_massage_regexize( prnc->bv_val );
910 rargv[ 2 ] = suffix_massage_patternize( pvnc->bv_val );
913 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
914 ch_free( rargv[ 1 ] );
915 ch_free( rargv[ 2 ] );
917 /* backward compatibility */
918 rargv[ 0 ] = "rewriteContext";
919 rargv[ 1 ] = "searchResult";
920 rargv[ 2 ] = "alias";
921 rargv[ 3 ] = "searchEntryDN";
923 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
925 rargv[ 0 ] = "rewriteContext";
926 rargv[ 1 ] = "matchedDN";
927 rargv[ 2 ] = "alias";
928 rargv[ 3 ] = "searchEntryDN";
930 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
932 rargv[ 0 ] = "rewriteContext";
933 rargv[ 1 ] = "searchAttrDN";
934 rargv[ 2 ] = "alias";
935 rargv[ 3 ] = "searchEntryDN";
937 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
939 /* NOTE: this corresponds to #undef'ining RWM_REFERRAL_REWRITE;
940 * see servers/slapd/overlays/rwm.h for details */
941 rargv[ 0 ] = "rewriteContext";
942 rargv[ 1 ] = "referralAttrDN";
944 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
946 rargv[ 0 ] = "rewriteContext";
947 rargv[ 1 ] = "referralDN";
949 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
953 #endif /* ENABLE_REWRITE */