2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2005 The OpenLDAP Foundation.
5 * Portions Copyright 2001-2003 Pierangelo Masarati.
6 * Portions Copyright 1999-2003 Howard Chu.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by the Howard Chu for inclusion
19 * in OpenLDAP Software and subsequently enhanced by Pierangelo
27 #include <ac/string.h>
28 #include <ac/socket.h>
32 #include "../back-ldap/back-ldap.h"
33 #undef ldap_debug /* silence a warning in ldap-int.h */
34 #include "../../../libraries/libldap/ldap-int.h"
35 #include "back-meta.h"
41 struct ldapmapping *mapping;
44 memset( mt, 0, sizeof( metatarget_t ) );
46 mt->mt_rwmap.rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
47 if ( mt->mt_rwmap.rwm_rw == NULL ) {
53 * the filter rewrite as a string must be disabled
54 * by default; it can be re-enabled by adding rules;
55 * this creates an empty rewriteContext
57 rargv[ 0 ] = "rewriteContext";
58 rargv[ 1 ] = "searchFilter";
60 rewrite_parse( mt->mt_rwmap.rwm_rw, "<suffix massage>", 1, 2, rargv );
62 rargv[ 0 ] = "rewriteContext";
63 rargv[ 1 ] = "default";
65 rewrite_parse( mt->mt_rwmap.rwm_rw, "<suffix massage>", 1, 2, rargv );
67 ldap_back_map_init( &mt->mt_rwmap.rwm_at, &mapping );
73 check_true_false( char *str )
75 if ( strcasecmp( str, "true" ) == 0 || strcasecmp( str, "yes" ) == 0 ) {
79 if ( strcasecmp( str, "false" ) == 0 || strcasecmp( str, "no" ) == 0 ) {
96 metainfo_t *mi = ( metainfo_t * )be->be_private;
100 "%s: line %d: meta backend info is null!\n",
105 /* URI of server to query */
106 if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
107 int i = mi->mi_ntargets;
110 #endif /* uncomment if uri MUST be a branch of suffix */
111 LDAPURLDesc *ludp, *tmpludp;
118 "%s: line %d: missing address"
119 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
124 if ( be->be_nsuffix == NULL ) {
126 "%s: line %d: the suffix must be defined before any target.\n",
133 mi->mi_targets = ( metatarget_t * )ch_realloc( mi->mi_targets,
134 sizeof( metatarget_t ) * mi->mi_ntargets );
135 if ( mi->mi_targets == NULL ) {
137 "%s: line %d: out of memory while storing server name"
138 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
143 if ( new_target( &mi->mi_targets[ i ] ) != 0 ) {
145 "%s: line %d: unable to init server"
146 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
151 mi->mi_targets[ i ].mt_nretries = mi->mi_nretries;
152 mi->mi_targets[ i ].mt_flags = mi->flags;
153 mi->mi_targets[ i ].mt_version = mi->mi_version;
155 for ( c = 0; c < META_OP_LAST; c++ ) {
156 mi->mi_targets[ i ].mt_timeout[ c ] = mi->mi_timeout[ c ];
162 if ( ldap_url_parselist_ext( &ludp, argv[ 1 ], "\t" ) != LDAP_SUCCESS ) {
164 "%s: line %d: unable to parse URI"
165 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
171 * uri MUST have the <dn> part!
173 if ( ludp->lud_dn == NULL ) {
175 "%s: line %d: missing <naming context> "
176 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
180 } else if ( ludp->lud_dn[ 0 ] == '\0' ) {
183 for ( j = 0; !BER_BVISNULL( &be->be_nsuffix[ j ] ); j++ ) {
184 if ( BER_BVISEMPTY( &be->be_nsuffix[ j ] ) ) {
189 if ( BER_BVISNULL( &be->be_nsuffix[ j ] ) ) {
191 "%s: line %d: missing <naming context> "
192 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
199 * copies and stores uri and suffix
201 ber_str2bv( ludp->lud_dn, 0, 0, &dn );
202 rc = dnPrettyNormal( NULL, &dn, &mi->mi_targets[ i ].mt_psuffix,
203 &mi->mi_targets[ i ].mt_nsuffix, NULL );
204 if( rc != LDAP_SUCCESS ) {
205 fprintf( stderr, "%s: line %d: "
206 "target '%s' DN is invalid\n",
207 fname, lineno, argv[ 1 ] );
211 ludp->lud_dn[ 0 ] = '\0';
213 switch ( ludp->lud_scope ) {
214 case LDAP_SCOPE_DEFAULT:
215 mi->mi_targets[ i ].mt_scope = LDAP_SCOPE_SUBTREE;
218 case LDAP_SCOPE_SUBTREE:
219 #ifdef LDAP_SCOPE_SUBORDINATE
220 case LDAP_SCOPE_SUBORDINATE:
221 #endif /* LDAP_SCOPE_SUBORDINATE */
222 mi->mi_targets[ i ].mt_scope = ludp->lud_scope;
226 fprintf( stderr, "%s: line %d: "
227 "invalid scope for target '%s'\n",
228 fname, lineno, argv[ 1 ] );
232 /* check all, to apply the scope check on the first one */
233 for ( tmpludp = ludp; tmpludp; tmpludp = tmpludp->lud_next ) {
234 if ( tmpludp->lud_dn != NULL && tmpludp->lud_dn[ 0 ] != '\0' ) {
235 fprintf( stderr, "%s: line %d: "
236 "multiple URIs must have "
244 mi->mi_targets[ i ].mt_uri = ldap_url_list2urls( ludp );
245 ldap_free_urllist( ludp );
246 if ( mi->mi_targets[ i ].mt_uri == NULL) {
247 fprintf( stderr, "%s: line %d: no memory?\n",
253 * uri MUST be a branch of suffix!
255 #if 0 /* too strict a constraint */
256 if ( select_backend( &mi->mi_targets[ i ].suffix, 0, 0 ) != be ) {
258 "%s: line %d: <naming context> of URI does not refer to current backend"
259 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
265 * uri MUST be a branch of a suffix!
267 if ( select_backend( &mi->mi_targets[ i ].mt_nsuffix, 0, 0 ) == NULL ) {
269 "%s: line %d: <naming context> of URI does not resolve to a backend"
270 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
276 /* default target directive */
277 } else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
278 int i = mi->mi_ntargets - 1;
283 "%s: line %d: \"default-target\" alone need be"
284 " inside a \"uri\" directive\n",
288 mi->mi_defaulttarget = i;
290 if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
293 "%s: line %d: \"default-target none\""
294 " should go before uri definitions\n",
297 mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
301 int n = strtol( argv[ 1 ], &next, 10 );
302 if ( n < 0 || n >= i - 1 ) {
304 "%s: line %d: illegal target number %d\n",
308 mi->mi_defaulttarget = n;
312 /* ttl of dn cache */
313 } else if ( strcasecmp( argv[ 0 ], "dncache-ttl" ) == 0 ) {
316 "%s: line %d: missing ttl in \"dncache-ttl <ttl>\" line\n",
321 if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
322 mi->mi_cache.ttl = META_DNCACHE_FOREVER;
323 } else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
324 mi->mi_cache.ttl = META_DNCACHE_DISABLED;
326 mi->mi_cache.ttl = atol( argv[ 1 ] );
329 /* network timeout when connecting to ldap servers */
330 } else if ( strcasecmp( argv[ 0 ], "network-timeout" ) == 0 ) {
333 "%s: line %d: missing network timeout in \"network-timeout <seconds>\" line\n",
337 mi->mi_network_timeout = atol(argv[ 1 ]);
339 /* name to use for meta_back_group */
340 } else if ( strcasecmp( argv[ 0 ], "acl-authcDN" ) == 0
341 || strcasecmp( argv[ 0 ], "binddn" ) == 0 )
343 int i = mi->mi_ntargets - 1;
348 "%s: line %d: need \"uri\" directive first\n",
355 "%s: line %d: missing name in \"binddn <name>\" line\n",
360 if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
361 fprintf( stderr, "%s: line %d: "
362 "\"binddn\" statement is deprecated; "
363 "use \"acl-authcDN\" instead\n",
365 /* FIXME: some day we'll need to throw an error */
368 dn.bv_val = argv[ 1 ];
369 dn.bv_len = strlen( argv[ 1 ] );
370 if ( dnNormalize( 0, NULL, NULL, &dn, &mi->mi_targets[ i ].mt_binddn,
371 NULL ) != LDAP_SUCCESS )
373 fprintf( stderr, "%s: line %d: "
374 "bind DN '%s' is invalid\n",
375 fname, lineno, argv[ 1 ] );
379 /* password to use for meta_back_group */
380 } else if ( strcasecmp( argv[ 0 ], "acl-passwd" ) == 0
381 || strcasecmp( argv[ 0 ], "bindpw" ) == 0 )
383 int i = mi->mi_ntargets - 1;
387 "%s: line %d: need \"uri\" directive first\n",
394 "%s: line %d: missing password in \"bindpw <password>\" line\n",
399 if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
400 fprintf( stderr, "%s: line %d: "
401 "\"bindpw\" statement is deprecated; "
402 "use \"acl-passwd\" instead\n",
404 /* FIXME: some day we'll need to throw an error */
407 ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_bindpw );
409 /* save bind creds for referral rebinds? */
410 } else if ( strcasecmp( argv[ 0 ], "rebind-as-user" ) == 0 ) {
413 "%s: line %d: \"rebind-as-user {NO|yes}\" takes 1 argument.\n",
420 "%s: line %d: deprecated use of \"rebind-as-user {FALSE|true}\" with no arguments.\n",
422 mi->flags |= LDAP_BACK_F_SAVECRED;
425 switch ( check_true_false( argv[ 1 ] ) ) {
427 mi->flags &= ~LDAP_BACK_F_SAVECRED;
431 mi->flags |= LDAP_BACK_F_SAVECRED;
436 "%s: line %d: \"rebind-as-user {FALSE|true}\" unknown argument \"%s\".\n",
437 fname, lineno, argv[ 1 ] );
442 } else if ( strcasecmp( argv[ 0 ], "chase-referrals" ) == 0 ) {
443 unsigned *flagsp = mi->mi_ntargets ?
444 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
449 "%s: line %d: \"chase-referrals {TRUE|false}\" needs 1 argument.\n",
454 /* this is the default; we add it because the default might change... */
455 switch ( check_true_false( argv[ 1 ] ) ) {
457 *flagsp |= LDAP_BACK_F_CHASE_REFERRALS;
461 *flagsp &= ~LDAP_BACK_F_CHASE_REFERRALS;
466 "%s: line %d: \"chase-referrals {TRUE|false}\": unknown argument \"%s\".\n",
467 fname, lineno, argv[ 1 ] );
471 } else if ( strcasecmp( argv[ 0 ], "tls" ) == 0 ) {
472 unsigned *flagsp = mi->mi_ntargets ?
473 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
478 "%s: line %d: \"tls <what>\" needs 1 argument.\n",
484 if ( strcasecmp( argv[ 1 ], "start" ) == 0 ) {
485 *flagsp |= ( LDAP_BACK_F_USE_TLS | LDAP_BACK_F_TLS_CRITICAL );
488 } else if ( strcasecmp( argv[ 1 ], "try-start" ) == 0 ) {
489 *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
490 *flagsp |= LDAP_BACK_F_USE_TLS;
492 /* propagate start tls */
493 } else if ( strcasecmp( argv[ 1 ], "propagate" ) == 0 ) {
494 *flagsp |= ( LDAP_BACK_F_PROPAGATE_TLS | LDAP_BACK_F_TLS_CRITICAL );
497 } else if ( strcasecmp( argv[ 1 ], "try-propagate" ) == 0 ) {
498 *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
499 *flagsp |= LDAP_BACK_F_PROPAGATE_TLS;
503 "%s: line %d: \"tls <what>\": unknown argument \"%s\".\n",
504 fname, lineno, argv[ 1 ] );
508 } else if ( strcasecmp( argv[ 0 ], "t-f-support" ) == 0 ) {
509 unsigned *flagsp = mi->mi_ntargets ?
510 &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
515 "%s: line %d: \"t-f-support {FALSE|true|discover}\" needs 1 argument.\n",
520 switch ( check_true_false( argv[ 1 ] ) ) {
522 *flagsp &= ~(LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER);
526 *flagsp |= LDAP_BACK_F_SUPPORT_T_F;
530 if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
531 *flagsp |= LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
535 "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
536 fname, lineno, argv[ 1 ] );
543 } else if ( strcasecmp( argv[ 0 ], "onerr" ) == 0 ) {
546 "%s: line %d: \"onerr {CONTINUE|stop}\" takes 1 argument\n",
551 if ( strcasecmp( argv[ 1 ], "continue" ) == 0 ) {
552 mi->flags &= ~META_BACK_F_ONERR_STOP;
554 } else if ( strcasecmp( argv[ 1 ], "stop" ) == 0 ) {
555 mi->flags |= META_BACK_F_ONERR_STOP;
559 "%s: line %d: \"onerr {CONTINUE|stop}\": invalid arg \"%s\".\n",
560 fname, lineno, argv[ 1 ] );
565 } else if ( strcasecmp( argv[ 0 ], "pseudoroot-bind-defer" ) == 0 ) {
568 "%s: line %d: \"pseudoroot-bind-defer {FALSE|true}\" takes 1 argument\n",
573 switch ( check_true_false( argv[ 1 ] ) ) {
575 mi->flags &= ~META_BACK_F_DEFER_ROOTDN_BIND;
579 mi->flags |= META_BACK_F_DEFER_ROOTDN_BIND;
584 "%s: line %d: \"pseudoroot-bind-defer {FALSE|true}\": invalid arg \"%s\".\n",
585 fname, lineno, argv[ 1 ] );
589 } else if ( strcasecmp( argv[ 0 ], "timeout" ) == 0 ) {
591 time_t *tv = mi->mi_ntargets ?
592 mi->mi_targets[ mi->mi_ntargets - 1 ].mt_timeout
598 "%s: line %d: \"timeout [{add|delete|modify|modrdn}=]<val> [...]\" takes at least 1 argument\n",
603 for ( c = 1; c < argc; c++ ) {
604 time_t *t = NULL, val;
606 sep = strchr( argv[ c ], '=' );
608 size_t len = sep - argv[ c ];
610 if ( strncasecmp( argv[ c ], "add", len ) == 0 ) {
611 t = &tv[ META_OP_ADD ];
612 } else if ( strncasecmp( argv[ c ], "delete", len ) == 0 ) {
613 t = &tv[ META_OP_DELETE ];
614 } else if ( strncasecmp( argv[ c ], "modify", len ) == 0 ) {
615 t = &tv[ META_OP_MODIFY ];
616 } else if ( strncasecmp( argv[ c ], "modrdn", len ) == 0 ) {
617 t = &tv[ META_OP_MODRDN ];
620 "%s: line %d: unknown operation \"%s\" for timeout #%d.\n",
621 fname, lineno, argv[ c ], c );
630 val = strtoul( sep, &next, 10 );
631 if ( next == sep || next[ 0 ] != '\0' ) {
633 "%s: line %d: unable to parse value \"%s\" for timeout.\n",
634 fname, lineno, sep );
644 for ( i = 0; i < META_OP_LAST; i++ ) {
650 /* name to use as pseudo-root dn */
651 } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
652 int i = mi->mi_ntargets - 1;
657 "%s: line %d: need \"uri\" directive first\n",
664 "%s: line %d: missing name in \"pseudorootdn <name>\" line\n",
669 dn.bv_val = argv[ 1 ];
670 dn.bv_len = strlen( argv[ 1 ] );
671 if ( dnNormalize( 0, NULL, NULL, &dn,
672 &mi->mi_targets[ i ].mt_pseudorootdn, NULL ) != LDAP_SUCCESS )
674 fprintf( stderr, "%s: line %d: "
675 "pseudoroot DN '%s' is invalid\n",
676 fname, lineno, argv[ 1 ] );
680 /* password to use as pseudo-root */
681 } else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
682 int i = mi->mi_ntargets - 1;
686 "%s: line %d: need \"uri\" directive first\n",
693 "%s: line %d: missing password in \"pseudorootpw <password>\" line\n",
697 ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_pseudorootpw );
700 } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
702 int i = mi->mi_ntargets - 1, rc;
703 struct berval dn, nvnc, pvnc, nrnc, prnc;
707 "%s: line %d: need \"uri\" directive first\n",
715 * suffixmassage <suffix> <massaged suffix>
717 * the <suffix> field must be defined as a valid suffix
718 * (or suffixAlias?) for the current database;
719 * the <massaged suffix> shouldn't have already been
720 * defined as a valid suffix or suffixAlias for the
725 "%s: line %d: syntax is \"suffixMassage <suffix> <massaged suffix>\"\n",
730 ber_str2bv( argv[ 1 ], 0, 0, &dn );
731 if ( dnPrettyNormal( NULL, &dn, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
732 fprintf( stderr, "%s: line %d: "
733 "suffix '%s' is invalid\n",
734 fname, lineno, argv[ 1 ] );
738 tmp_be = select_backend( &nvnc, 0, 0 );
739 if ( tmp_be != NULL && tmp_be != be ) {
741 "%s: line %d: suffix already in use by another backend in"
742 " \"suffixMassage <suffix> <massaged suffix>\"\n",
749 ber_str2bv( argv[ 2 ], 0, 0, &dn );
750 if ( dnPrettyNormal( NULL, &dn, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
751 fprintf( stderr, "%s: line %d: "
752 "massaged suffix '%s' is invalid\n",
753 fname, lineno, argv[ 2 ] );
760 tmp_be = select_backend( &nrnc, 0, 0 );
761 if ( tmp_be != NULL ) {
763 "%s: line %d: massaged suffix already in use by another backend in"
764 " \"suffixMassage <suffix> <massaged suffix>\"\n",
775 * The suffix massaging is emulated by means of the
776 * rewrite capabilities
777 * FIXME: no extra rewrite capabilities should be added
780 rc = suffix_massage_config( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
781 &pvnc, &nvnc, &prnc, &nrnc );
790 /* rewrite stuff ... */
791 } else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
792 int i = mi->mi_ntargets - 1;
795 fprintf( stderr, "%s: line %d: \"rewrite\" "
796 "statement outside target definition.\n",
801 return rewrite_parse( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
802 fname, lineno, argc, argv );
804 /* objectclass/attribute mapping */
805 } else if ( strcasecmp( argv[ 0 ], "map" ) == 0 ) {
806 int i = mi->mi_ntargets - 1;
810 "%s: line %d: need \"uri\" directive first\n",
815 return ldap_back_map_config( &mi->mi_targets[ i ].mt_rwmap.rwm_oc,
816 &mi->mi_targets[ i ].mt_rwmap.rwm_at,
817 fname, lineno, argc, argv );
819 } else if ( strcasecmp( argv[ 0 ], "nretries" ) == 0 ) {
820 int i = mi->mi_ntargets - 1;
821 int nretries = META_RETRY_UNDEFINED;
825 "%s: line %d: need value in \"nretries <value>\"\n",
830 if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
831 nretries = META_RETRY_FOREVER;
833 } else if ( strcasecmp( argv[ 1 ], "never" ) == 0 ) {
834 nretries = META_RETRY_NEVER;
839 nretries = strtol( argv[ 1 ], &next, 10 );
840 if ( next == argv[ 1 ] || next[ 0 ] != '\0' ) {
842 "%s: line %d: unable to parse value \"%s\" in \"nretries <value>\"\n",
843 fname, lineno, argv[ 1 ] );
849 mi->mi_nretries = nretries;
852 mi->mi_targets[ i ].mt_nretries = nretries;
857 return SLAP_CONF_UNKNOWN;
863 ldap_back_map_config(
864 struct ldapmap *oc_map,
865 struct ldapmap *at_map,
872 struct ldapmapping *mapping;
876 if ( argc < 3 || argc > 4 ) {
878 "%s: line %d: syntax is \"map {objectclass | attribute} [<local> | *] {<foreign> | *}\"\n",
883 if ( strcasecmp( argv[ 1 ], "objectclass" ) == 0 ) {
887 } else if ( strcasecmp( argv[ 1 ], "attribute" ) == 0 ) {
891 fprintf( stderr, "%s: line %d: syntax is "
892 "\"map {objectclass | attribute} [<local> | *] "
893 "{<foreign> | *}\"\n",
898 if ( strcmp( argv[ 2 ], "*" ) == 0 ) {
899 if ( argc < 4 || strcmp( argv[ 3 ], "*" ) == 0 ) {
900 map->drop_missing = ( argc < 4 );
903 src = dst = argv[ 3 ];
905 } else if ( argc < 4 ) {
911 dst = ( strcmp( argv[ 3 ], "*" ) == 0 ? src : argv[ 3 ] );
914 if ( ( map == at_map )
915 && ( strcasecmp( src, "objectclass" ) == 0
916 || strcasecmp( dst, "objectclass" ) == 0 ) )
919 "%s: line %d: objectclass attribute cannot be mapped\n",
923 mapping = (struct ldapmapping *)ch_calloc( 2,
924 sizeof(struct ldapmapping) );
925 if ( mapping == NULL ) {
927 "%s: line %d: out of memory\n",
931 ber_str2bv( src, 0, 1, &mapping->src );
932 ber_str2bv( dst, 0, 1, &mapping->dst );
933 mapping[ 1 ].src = mapping->dst;
934 mapping[ 1 ].dst = mapping->src;
940 if ( src[ 0 ] != '\0' ) {
941 if ( oc_bvfind( &mapping->src ) == NULL ) {
943 "%s: line %d: warning, source objectClass '%s' "
944 "should be defined in schema\n",
945 fname, lineno, src );
948 * FIXME: this should become an err
954 if ( oc_bvfind( &mapping->dst ) == NULL ) {
956 "%s: line %d: warning, destination objectClass '%s' "
957 "is not defined in schema\n",
958 fname, lineno, dst );
962 const char *text = NULL;
963 AttributeDescription *ad = NULL;
965 if ( src[ 0 ] != '\0' ) {
966 rc = slap_bv2ad( &mapping->src, &ad, &text );
967 if ( rc != LDAP_SUCCESS ) {
969 "%s: line %d: warning, source attributeType '%s' "
970 "should be defined in schema\n",
971 fname, lineno, src );
974 * FIXME: this should become an err
977 * we create a fake "proxied" ad
981 rc = slap_bv2undef_ad( &mapping->src,
982 &ad, &text, SLAP_AD_PROXIED );
983 if ( rc != LDAP_SUCCESS ) {
985 "%s: line %d: source attributeType '%s': %d (%s)\n",
987 rc, text ? text : "" );
995 rc = slap_bv2ad( &mapping->dst, &ad, &text );
996 if ( rc != LDAP_SUCCESS ) {
998 "%s: line %d: warning, destination attributeType '%s' "
999 "is not defined in schema\n",
1000 fname, lineno, dst );
1003 * we create a fake "proxied" ad
1007 rc = slap_bv2undef_ad( &mapping->dst,
1008 &ad, &text, SLAP_AD_PROXIED );
1009 if ( rc != LDAP_SUCCESS ) {
1011 "%s: line %d: source attributeType '%s': %d (%s)\n",
1013 rc, text ? text : "" );
1019 if ( (src[ 0 ] != '\0' && avl_find( map->map, (caddr_t)mapping, mapping_cmp ) != NULL)
1020 || avl_find( map->remap, (caddr_t)&mapping[ 1 ], mapping_cmp ) != NULL)
1023 "%s: line %d: duplicate mapping found" SLAPD_CONF_UNKNOWN_IGNORED ".\n",
1028 if ( src[ 0 ] != '\0' ) {
1029 avl_insert( &map->map, (caddr_t)mapping,
1030 mapping_cmp, mapping_dup );
1032 avl_insert( &map->remap, (caddr_t)&mapping[ 1 ],
1033 mapping_cmp, mapping_dup );
1039 ch_free( mapping->src.bv_val );
1040 ch_free( mapping->dst.bv_val );
1048 #ifdef ENABLE_REWRITE
1050 suffix_massage_regexize( const char *s )
1056 if ( s[ 0 ] == '\0' ) {
1057 return ch_strdup( "^(.+)$" );
1061 ( r = strchr( p, ',' ) ) != NULL;
1065 res = ch_calloc( sizeof( char ),
1067 + STRLENOF( "((.+),)?" )
1068 + STRLENOF( "[ ]?" ) * i
1069 + STRLENOF( "$" ) + 1 );
1071 ptr = lutil_strcopy( res, "((.+),)?" );
1073 ( r = strchr( p, ',' ) ) != NULL;
1075 ptr = lutil_strncopy( ptr, p, r - p + 1 );
1076 ptr = lutil_strcopy( ptr, "[ ]?" );
1078 if ( r[ 1 ] == ' ' ) {
1082 ptr = lutil_strcopy( ptr, p );
1091 suffix_massage_patternize( const char *s, const char *p )
1098 if ( s[ 0 ] == '\0' ) {
1102 res = ch_calloc( sizeof( char ), len + STRLENOF( "%1" ) + 1 );
1103 if ( res == NULL ) {
1107 ptr = lutil_strcopy( res, ( p[ 0 ] == '\0' ? "%2" : "%1" ) );
1108 if ( s[ 0 ] == '\0' ) {
1112 lutil_strcopy( ptr, p );
1118 suffix_massage_config(
1119 struct rewrite_info *info,
1120 struct berval *pvnc,
1121 struct berval *nvnc,
1122 struct berval *prnc,
1129 rargv[ 0 ] = "rewriteEngine";
1132 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
1134 rargv[ 0 ] = "rewriteContext";
1135 rargv[ 1 ] = "default";
1137 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
1139 rargv[ 0 ] = "rewriteRule";
1140 rargv[ 1 ] = suffix_massage_regexize( pvnc->bv_val );
1141 rargv[ 2 ] = suffix_massage_patternize( pvnc->bv_val, prnc->bv_val );
1144 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1145 ch_free( rargv[ 1 ] );
1146 ch_free( rargv[ 2 ] );
1148 if ( BER_BVISEMPTY( pvnc ) ) {
1149 rargv[ 0 ] = "rewriteRule";
1151 rargv[ 2 ] = prnc->bv_val;
1154 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1157 rargv[ 0 ] = "rewriteContext";
1158 rargv[ 1 ] = "searchEntryDN";
1160 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
1162 rargv[ 0 ] = "rewriteRule";
1163 rargv[ 1 ] = suffix_massage_regexize( prnc->bv_val );
1164 rargv[ 2 ] = suffix_massage_patternize( prnc->bv_val, pvnc->bv_val );
1167 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1168 ch_free( rargv[ 1 ] );
1169 ch_free( rargv[ 2 ] );
1171 if ( BER_BVISEMPTY( prnc ) ) {
1172 rargv[ 0 ] = "rewriteRule";
1174 rargv[ 2 ] = pvnc->bv_val;
1177 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1180 /* backward compatibility */
1181 rargv[ 0 ] = "rewriteContext";
1182 rargv[ 1 ] = "searchResult";
1183 rargv[ 2 ] = "alias";
1184 rargv[ 3 ] = "searchEntryDN";
1186 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1188 rargv[ 0 ] = "rewriteContext";
1189 rargv[ 1 ] = "matchedDN";
1190 rargv[ 2 ] = "alias";
1191 rargv[ 3 ] = "searchEntryDN";
1193 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1195 rargv[ 0 ] = "rewriteContext";
1196 rargv[ 1 ] = "searchAttrDN";
1197 rargv[ 2 ] = "alias";
1198 rargv[ 3 ] = "searchEntryDN";
1200 rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
1202 /* NOTE: this corresponds to #undef'ining RWM_REFERRAL_REWRITE;
1203 * see servers/slapd/overlays/rwm.h for details */
1204 rargv[ 0 ] = "rewriteContext";
1205 rargv[ 1 ] = "referralAttrDN";
1207 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
1209 rargv[ 0 ] = "rewriteContext";
1210 rargv[ 1 ] = "referralDN";
1212 rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
1216 #endif /* ENABLE_REWRITE */
projects / openldap / blob