2 * Copyright 1998-2001 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
5 * Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
7 * This work has been developed to fulfill the requirements
8 * of SysNet s.n.c. <http:www.sys-net.it> and it has been donated
9 * to the OpenLDAP Foundation in the hope that it may be useful
10 * to the Open Source community, but WITHOUT ANY WARRANTY.
12 * Permission is granted to anyone to use this software for any purpose
13 * on any computer system, and to alter it and redistribute it, subject
14 * to the following restrictions:
16 * 1. The author and SysNet s.n.c. are not responsible for the consequences
17 * of use of this software, no matter how awful, even if they arise from
20 * 2. The origin of this software must not be misrepresented, either by
21 * explicit claim or by omission. Since few users ever read sources,
22 * credits should appear in the documentation.
24 * 3. Altered versions must be plainly marked as such, and must not be
25 * misrepresented as being the original software. Since few users
26 * ever read sources, credits should appear in the documentation.
27 * SysNet s.n.c. cannot be responsible for the consequences of the
30 * 4. This notice may not be removed or altered.
33 * This software is based on the backend back-ldap, implemented
34 * by Howard Chu <hyc@highlandsun.com>, and modified by Mark Valence
35 * <kurash@sassafras.com>, Pierangelo Masarati <ando@sys-net.it> and other
36 * contributors. The contribution of the original software to the present
37 * implementation is acknowledged in this copyright statement.
39 * A special acknowledgement goes to Howard for the overall architecture
40 * (and for borrowing large pieces of code), and to Mark, who implemented
41 * from scratch the attribute/objectclass mapping.
43 * The original copyright statement follows.
45 * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
47 * Permission is granted to anyone to use this software for any purpose
48 * on any computer system, and to alter it and redistribute it, subject
49 * to the following restrictions:
51 * 1. The author is not responsible for the consequences of use of this
52 * software, no matter how awful, even if they arise from flaws in it.
54 * 2. The origin of this software must not be misrepresented, either by
55 * explicit claim or by omission. Since few users ever read sources,
56 * credits should appear in the documentation.
58 * 3. Altered versions must be plainly marked as such, and must not be
59 * misrepresented as being the original software. Since few users
60 * ever read sources, credits should appear in the
63 * 4. This notice may not be removed or altered.
71 #include <ac/string.h>
72 #include <ac/socket.h>
75 #include "../back-ldap/back-ldap.h"
76 #include "back-meta.h"
79 suffix_massage_config(
80 struct rewrite_info *info,
85 static struct metatarget *
88 struct metatarget *lt;
89 struct ldapmapping *mapping;
91 lt = ch_calloc( sizeof( struct metatarget ), 1 );
96 lt->rwinfo = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
97 if ( lt->rwinfo == NULL ) {
102 mapping = ch_calloc( 2, sizeof( struct ldapmapping ) );
103 if ( mapping == NULL ) {
107 mapping->src = ch_strdup( "objectClass" );
108 mapping->dst = ch_strdup( "objectClass" );
109 mapping[ 1 ].src = mapping->src;
110 mapping[ 1 ].dst = mapping->dst;
112 avl_insert( <->at_map.map, ( caddr_t )mapping,
113 mapping_cmp, mapping_dup );
114 avl_insert( <->at_map.remap, ( caddr_t )&mapping[ 1 ],
115 mapping_cmp, mapping_dup );
129 struct metainfo *li = ( struct metainfo * )be->be_private;
133 "%s: line %d: meta backend info is null!\n",
138 /* URI of server to query */
139 if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
140 int i = li->ntargets;
143 #endif /* uncomment if uri MUST be a branch of suffix */
146 struct berval dn, *pdn = NULL, *ndn = NULL;
151 "%s: line %d: missing address"
152 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
159 li->targets = ch_realloc( li->targets,
160 sizeof( struct metatarget *)*li->ntargets );
161 if ( li->targets == NULL ) {
163 "%s: line %d: out of memory while storing server name"
164 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
169 if ( ( li->targets[ i ] = new_target() ) == NULL ) {
171 "%s: line %d: unable to init server"
172 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
180 if ( ldap_url_parse( argv[ 1 ], &ludp ) != LDAP_SUCCESS ) {
182 "%s: line %d: unable to parse URI"
183 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
189 * uri MUST have the <dn> part!
191 if ( ludp->lud_dn == NULL || ludp->lud_dn[ 0 ] == '\0' ) {
193 "%s: line %d: missing <naming context> "
194 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
200 * copies and stores uri and suffix
202 dn.bv_val = ludp->lud_dn;
203 dn.bv_len = strlen( ludp->lud_dn );
205 rc = dnPrettyNormal( NULL, &dn, &li->targets[ i ]->psuffix,
206 &li->targets[ i ]->suffix );
207 if( rc != LDAP_SUCCESS ) {
208 fprintf( stderr, "%s: line %d: "
209 "target '%s' DN is invalid\n",
210 fname, lineno, argv[ 1 ] );
214 li->targets[ i ]->uri = ch_strdup( argv[ 1 ] );
215 last = strstr( li->targets[ i ]->uri, ludp->lud_dn );
216 assert( last != NULL );
220 * uri MUST be a branch of suffix!
222 #if 0 /* too strict a constraint */
223 if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) != be ) {
225 "%s: line %d: <naming context> of URI does not refer to current backend"
226 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
232 * uri MUST be a branch of a suffix!
234 if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) == NULL ) {
236 "%s: line %d: <naming context> of URI does not resolve to a backend"
237 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
245 * uri MUST not be used by other URIs!
247 * FIXME: this limitation may be removed,
248 * or worked out, at least, in some manner
250 for ( j = 0; j < i-1; j++ ) {
251 if ( strcmp( li->targets[ i ]->suffix.bv_val,
252 li->targets[ j ]->suffix.bv_val ) == 0 ) {
254 "%s: line %d: naming context \"%s\" already used"
255 " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
256 fname, lineno, last+1 );
262 ldap_free_urldesc( ludp );
264 fprintf(stderr, "%s: line %d: URI \"%s\", suffix \"%s\"\n",
265 fname, lineno, li->targets[ i ]->uri,
266 li->targets[ i ]->psuffix.bv_val );
268 /* default target directive */
269 } else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
270 int i = li->ntargets-1;
275 "%s: line %d: \"default-target\" alone need be"
276 " inside a \"uri\" directive\n",
280 li->defaulttarget = i;
282 if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
285 "%s: line %d: \"default-target none\""
286 " should go before uri definitions\n",
289 li->defaulttarget = META_DEFAULT_TARGET_NONE;
291 int n = atoi( argv[ 1 ] );
292 if ( n < 1 || n >= i ) {
294 "%s: line %d: illegal target number %d\n",
298 li->defaulttarget = n-1;
302 /* ttl of dn cache */
303 } else if ( strcasecmp( argv[ 0 ], "dncache-ttl" ) == 0 ) {
306 "%s: line %d: missing ttl in \"dncache-ttl <ttl>\" line\n",
311 if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
312 li->cache.ttl = META_DNCACHE_FOREVER;
313 } else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
314 li->cache.ttl = META_DNCACHE_DISABLED;
316 li->cache.ttl = atol( argv[ 1 ] );
319 /* name to use for meta_back_group */
320 } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
321 int i = li->ntargets-1;
322 struct berval dn, *ndn = NULL;
326 "%s: line %d: need \"uri\" directive first\n",
332 "%s: line %d: missing name in \"binddn <name>\" line\n",
337 dn.bv_val = argv[ 1 ];
338 dn.bv_len = strlen( argv[ 1 ] );
339 if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->binddn ) != LDAP_SUCCESS ) {
340 fprintf( stderr, "%s: line %d: "
341 "bind DN '%s' is invalid\n",
342 fname, lineno, argv[ 1 ] );
346 /* password to use for meta_back_group */
347 } else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
348 int i = li->ntargets-1;
352 "%s: line %d: need \"uri\" directive first\n",
358 "%s: line %d: missing password in \"bindpw <password>\" line\n",
362 li->targets[ i ]->bindpw = ber_bvstrdup( argv[ 1 ] );
364 /* name to use as pseudo-root dn */
365 } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
366 int i = li->ntargets-1;
367 struct berval dn, *ndn = NULL;
371 "%s: line %d: need \"uri\" directive first\n",
377 "%s: line %d: missing name in \"pseudorootdn <name>\" line\n",
382 dn.bv_val = argv[ 1 ];
383 dn.bv_len = strlen( argv[ 1 ] );
384 if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->pseudorootdn ) != LDAP_SUCCESS ) {
385 fprintf( stderr, "%s: line %d: "
386 "pseudoroot DN '%s' is invalid\n",
387 fname, lineno, argv[ 1 ] );
391 /* password to use as pseudo-root */
392 } else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
393 int i = li->ntargets-1;
397 "%s: line %d: need \"uri\" directive first\n",
403 "%s: line %d: missing password in \"pseudorootpw <password>\" line\n",
407 li->targets[ i ]->pseudorootpw = ber_bvstrdup( argv[ 1 ] );
410 } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
412 int i = li->ntargets-1;
413 struct berval dn, ndn;
417 "%s: line %d: need \"uri\" directive first\n",
425 * suffixmassage <suffix> <massaged suffix>
427 * the <suffix> field must be defined as a valid suffix
428 * (or suffixAlias?) for the current database;
429 * the <massaged suffix> shouldn't have already been
430 * defined as a valid suffix or suffixAlias for the
435 "%s: line %d: syntax is \"suffixMassage <suffix> <massaged suffix>\"\n",
440 dn.bv_val = argv[ 1 ];
441 dn.bv_len = strlen( argv[ 1 ] );
442 if ( dnNormalize2( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
443 fprintf( stderr, "%s: line %d: "
444 "suffix '%s' is invalid\n",
445 fname, lineno, argv[ 1 ] );
449 tmp_be = select_backend( &ndn, 0, 0 );
451 if ( tmp_be != NULL && tmp_be != be ) {
453 "%s: line %d: suffix already in use by another backend in"
454 " \"suffixMassage <suffix> <massaged suffix>\"\n",
459 dn.bv_val = argv[ 2 ];
460 dn.bv_len = strlen( argv[ 2 ] );
461 if ( dnNormalize2( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
462 fprintf( stderr, "%s: line %d: "
463 "massaged suffix '%s' is invalid\n",
464 fname, lineno, argv[ 2 ] );
468 tmp_be = select_backend( &ndn, 0, 0 );
470 if ( tmp_be != NULL ) {
472 "%s: line %d: massaged suffix already in use by another backend in"
473 " \"suffixMassage <suffix> <massaged suffix>\"\n",
479 * The suffix massaging is emulated by means of the
480 * rewrite capabilities
481 * FIXME: no extra rewrite capabilities should be added
484 return suffix_massage_config( li->targets[ i ]->rwinfo,
487 /* rewrite stuff ... */
488 } else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
489 int i = li->ntargets-1;
493 "%s: line %d: need \"uri\" directive first\n",
497 return rewrite_parse( li->targets[ i ]->rwinfo, fname, lineno,
500 /* objectclass/attribute mapping */
501 } else if ( strcasecmp( argv[ 0 ], "map" ) == 0 ) {
503 struct ldapmapping *mapping;
505 int i = li->ntargets-1;
509 "%s: line %d: need \"uri\" directive first\n",
514 if ( argc < 3 || argc > 4 ) {
516 "%s: line %d: syntax is \"map {objectclass | attribute} {<source> | *} [<dest> | *]\"\n",
521 if ( strcasecmp( argv[ 1 ], "objectClass" ) == 0 ) {
522 map = &li->targets[ i ]->oc_map;
523 } else if ( strcasecmp( argv[ 1 ], "attribute" ) == 0 ) {
524 map = &li->targets[ i ]->at_map;
527 "%s: line %d: syntax is \"map {objectclass | attribute} {<source> | *} [<dest> | *]\"\n",
532 if ( strcasecmp( argv[ 2 ], "*" ) != 0 ) {
536 } else if ( strcasecmp( argv[ 3 ], "*" ) == 0 ) {
543 map->drop_missing = 1;
546 if ( strcasecmp( argv[ 3 ], "*" ) == 0 ) {
547 map->drop_missing = 0;
555 if ( ( map == &li->targets[ i ]->at_map )
556 && ( strcasecmp( src, "objectclass" ) == 0
557 || strcasecmp( dst, "objectclass" ) == 0 ) ) {
559 "%s: line %d: objectclass attribute cannot be mapped\n",
563 mapping = ch_calloc( 2, sizeof( struct ldapmapping ) );
564 if ( mapping == NULL ) {
566 "%s: line %d: out of memory\n",
570 mapping->src = ch_strdup( src );
571 mapping->dst = ch_strdup( dst );
573 mapping[ 1 ].src = mapping->dst;
574 mapping[ 1 ].dst = mapping->src;
576 mapping[ 1 ].src = mapping->src;
577 mapping[ 1 ].dst = mapping->dst;
580 if ( avl_find( map->map, ( caddr_t )mapping,
581 mapping_cmp ) != NULL
582 || avl_find( map->remap, ( caddr_t )&mapping[ 1 ],
583 mapping_cmp ) != NULL) {
585 "%s: line %d: duplicate mapping found (ignored)\n",
590 avl_insert( &map->map, ( caddr_t )mapping,
591 mapping_cmp, mapping_dup );
592 avl_insert( &map->remap, ( caddr_t )&mapping[ 1 ],
593 mapping_cmp, mapping_dup );
598 "%s: line %d: unknown directive \"%s\" in meta database definition"
600 fname, lineno, argv[0] );
projects / openldap / blob