1 /* database.c - deals with database subsystem */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2001-2009 The OpenLDAP Foundation.
6 * Portions Copyright 2001-2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Pierangelo Masarati for inclusion
19 * in OpenLDAP Software.
25 #include <ac/string.h>
26 #include <ac/unistd.h>
29 #include "back-monitor.h"
31 #if defined(LDAP_SLAPI)
33 static int monitor_back_add_plugin( monitor_info_t *mi, Backend *be, Entry *e );
34 #endif /* defined(LDAP_SLAPI) */
37 monitor_subsys_database_modify(
42 static struct restricted_ops_t {
45 } restricted_ops[] = {
46 { BER_BVC( "add" ), SLAP_RESTRICT_OP_ADD },
47 { BER_BVC( "bind" ), SLAP_RESTRICT_OP_BIND },
48 { BER_BVC( "compare" ), SLAP_RESTRICT_OP_COMPARE },
49 { BER_BVC( "delete" ), SLAP_RESTRICT_OP_DELETE },
50 { BER_BVC( "extended" ), SLAP_RESTRICT_OP_EXTENDED },
51 { BER_BVC( "modify" ), SLAP_RESTRICT_OP_MODIFY },
52 { BER_BVC( "rename" ), SLAP_RESTRICT_OP_RENAME },
53 { BER_BVC( "search" ), SLAP_RESTRICT_OP_SEARCH },
55 }, restricted_exops[] = {
56 { BER_BVC( LDAP_EXOP_START_TLS ), SLAP_RESTRICT_EXOP_START_TLS },
57 { BER_BVC( LDAP_EXOP_MODIFY_PASSWD ), SLAP_RESTRICT_EXOP_MODIFY_PASSWD },
58 { BER_BVC( LDAP_EXOP_WHO_AM_I ), SLAP_RESTRICT_EXOP_WHOAMI },
59 { BER_BVC( LDAP_EXOP_CANCEL ), SLAP_RESTRICT_EXOP_CANCEL },
64 init_readOnly( monitor_info_t *mi, Entry *e, slap_mask_t restrictops )
66 struct berval *tf = ( ( restrictops & SLAP_RESTRICT_OP_MASK ) == SLAP_RESTRICT_OP_WRITES ) ?
67 (struct berval *)&slap_true_bv : (struct berval *)&slap_false_bv;
69 return attr_merge_one( e, mi->mi_ad_readOnly, tf, NULL );
73 init_restrictedOperation( monitor_info_t *mi, Entry *e, slap_mask_t restrictops )
77 for ( i = 0; restricted_ops[ i ].op.bv_val; i++ ) {
78 if ( restrictops & restricted_ops[ i ].tag ) {
79 rc = attr_merge_one( e, mi->mi_ad_restrictedOperation,
80 &restricted_ops[ i ].op,
81 &restricted_ops[ i ].op );
88 for ( i = 0; restricted_exops[ i ].op.bv_val; i++ ) {
89 if ( restrictops & restricted_exops[ i ].tag ) {
90 rc = attr_merge_one( e, mi->mi_ad_restrictedOperation,
91 &restricted_exops[ i ].op,
92 &restricted_exops[ i ].op );
103 monitor_subsys_database_init_one(
106 monitor_subsys_t *ms,
107 monitor_subsys_t *ms_backend,
108 monitor_subsys_t *ms_overlay,
113 char buf[ BACKMONITOR_BUFSIZE ];
115 slap_overinfo *oi = NULL;
116 BackendInfo *bi, *bi2;
119 char *rdnval = strchr( rdn->bv_val, '=' ) + 1;
124 if ( overlay_is_over( be ) ) {
125 oi = (slap_overinfo *)be->bd_info->bi_private;
129 /* Subordinates are not exposed as their own naming context */
130 if ( SLAP_GLUE_SUBORDINATE( be ) ) {
134 e = monitor_entry_stub( &ms->mss_dn, &ms->mss_ndn, rdn,
135 mi->mi_oc_monitoredObject, mi, NULL, NULL );
138 Debug( LDAP_DEBUG_ANY,
139 "monitor_subsys_database_init: "
140 "unable to create entry \"%s,%s\"\n",
141 rdn->bv_val, ms->mss_dn.bv_val, 0 );
145 ber_str2bv( bi->bi_type, 0, 0, &bv );
146 attr_merge_normalize_one( e, mi->mi_ad_monitoredInfo, &bv, NULL );
147 attr_merge_one( e, mi->mi_ad_monitorIsShadow,
148 SLAP_SHADOW( be ) ? (struct berval *)&slap_true_bv :
149 (struct berval *)&slap_false_bv, NULL );
151 if ( SLAP_MONITOR( be ) ) {
152 attr_merge( e, slap_schema.si_ad_monitorContext,
153 be->be_suffix, be->be_nsuffix );
154 attr_merge( e_database, slap_schema.si_ad_monitorContext,
155 be->be_suffix, be->be_nsuffix );
158 if ( be->be_suffix == NULL ) {
159 Debug( LDAP_DEBUG_ANY,
160 "monitor_subsys_database_init: "
161 "missing suffix for %s\n",
164 attr_merge( e, slap_schema.si_ad_namingContexts,
165 be->be_suffix, NULL );
166 attr_merge( e_database, slap_schema.si_ad_namingContexts,
167 be->be_suffix, NULL );
171 (void)init_readOnly( mi, e, be->be_restrictops );
172 (void)init_restrictedOperation( mi, e, be->be_restrictops );
174 if ( SLAP_SHADOW( be ) && be->be_update_refs ) {
175 attr_merge_normalize( e, mi->mi_ad_monitorUpdateRef,
176 be->be_update_refs, NULL );
180 slap_overinst *on = oi->oi_list,
183 for ( ; on; on = on->on_next ) {
186 for ( on2 = on1; on2 != on; on2 = on2->on_next ) {
187 if ( on2->on_bi.bi_type == on->on_bi.bi_type ) {
196 ber_str2bv( on->on_bi.bi_type, 0, 0, &bv );
197 attr_merge_normalize_one( e, mi->mi_ad_monitorOverlay,
200 /* find the overlay number, j */
201 for ( on2 = overlay_next( NULL ), j = 0; on2; on2 = overlay_next( on2 ), j++ ) {
202 if ( on2->on_bi.bi_type == on->on_bi.bi_type ) {
206 assert( on2 != NULL );
208 snprintf( buf, sizeof( buf ),
210 j, ms_overlay->mss_dn.bv_val );
211 ber_str2bv( buf, 0, 0, &bv );
212 attr_merge_normalize_one( e,
213 slap_schema.si_ad_seeAlso,
219 LDAP_STAILQ_FOREACH( bi2, &backendInfo, bi_next ) {
221 if ( bi2->bi_type == bi->bi_type ) {
222 snprintf( buf, sizeof( buf ),
224 j, ms_backend->mss_dn.bv_val );
226 bv.bv_len = strlen( buf );
227 attr_merge_normalize_one( e,
228 slap_schema.si_ad_seeAlso,
233 /* we must find it! */
236 mp = monitor_entrypriv_create();
240 e->e_private = ( void * )mp;
242 mp->mp_flags = ms->mss_flags
245 if ( monitor_cache_add( mi, e ) ) {
246 Debug( LDAP_DEBUG_ANY,
247 "monitor_subsys_database_init: "
248 "unable to add entry \"%s,%s\"\n",
249 rdn->bv_val, ms->mss_dn.bv_val, 0 );
253 #if defined(LDAP_SLAPI)
254 monitor_back_add_plugin( mi, be, e );
255 #endif /* defined(LDAP_SLAPI) */
258 Entry **ep_overlay = &mp->mp_children;
259 monitor_entry_t *mp_overlay;
260 slap_overinst *on = oi->oi_list;
263 for ( o = 0; on; o++, on = on->on_next ) {
267 /* find the overlay number, j */
268 for ( on2 = overlay_next( NULL ), j = 0; on2; on2 = overlay_next( on2 ), j++ ) {
269 if ( on2->on_bi.bi_type == on->on_bi.bi_type ) {
273 assert( on2 != NULL );
275 bv.bv_len = snprintf( buf, sizeof( buf ), "cn=Overlay %d", o );
278 e_overlay = monitor_entry_stub( &e->e_name, &e->e_nname, &bv,
279 mi->mi_oc_monitoredObject, mi, NULL, NULL );
281 if ( e_overlay == NULL ) {
282 Debug( LDAP_DEBUG_ANY,
283 "monitor_subsys_database_init: "
284 "unable to create entry "
285 "\"cn=Overlay %d,%s,%s\"\n",
286 o, rdn->bv_val, ms->mss_dn.bv_val );
289 ber_str2bv( on->on_bi.bi_type, 0, 0, &bv );
290 attr_merge_normalize_one( e_overlay, mi->mi_ad_monitoredInfo, &bv, NULL );
292 bv.bv_len = snprintf( buf, sizeof( buf ), "cn=Overlay %d,%s",
293 j, ms_overlay->mss_dn.bv_val );
295 attr_merge_normalize_one( e_overlay, slap_schema.si_ad_seeAlso,
298 if ( SLAP_MONITOR( be ) ) {
299 attr_merge( e_overlay, slap_schema.si_ad_monitorContext,
300 be->be_suffix, be->be_nsuffix );
303 attr_merge( e_overlay, slap_schema.si_ad_namingContexts,
304 be->be_suffix, NULL );
307 mp_overlay = monitor_entrypriv_create();
308 if ( mp_overlay == NULL ) {
311 e_overlay->e_private = ( void * )mp_overlay;
312 mp_overlay->mp_info = ms;
313 mp_overlay->mp_flags = ms->mss_flags
316 if ( monitor_cache_add( mi, e_overlay ) ) {
317 Debug( LDAP_DEBUG_ANY,
318 "monitor_subsys_database_init: "
319 "unable to add entry "
320 "\"cn=Overlay %d,%s,%s\"\n",
321 o, rdn->bv_val, ms->mss_dn.bv_val );
325 *ep_overlay = e_overlay;
326 ep_overlay = &mp_overlay->mp_next;
337 monitor_back_register_database(
342 Entry *e_database, **ep;
345 monitor_subsys_t *ms_backend,
349 char buf[ BACKMONITOR_BUFSIZE ];
351 assert( be_monitor != NULL );
353 if ( !monitor_subsys_is_opened() ) {
354 return monitor_back_register_database_limbo( be, ndn );
357 mi = ( monitor_info_t * )be_monitor->be_private;
359 ms_backend = monitor_back_get_subsys( SLAPD_MONITOR_BACKEND_NAME );
360 if ( ms_backend == NULL ) {
361 Debug( LDAP_DEBUG_ANY,
362 "monitor_back_register_database: "
364 "\"" SLAPD_MONITOR_BACKEND_NAME "\" "
370 ms_database = monitor_back_get_subsys( SLAPD_MONITOR_DATABASE_NAME );
371 if ( ms_database == NULL ) {
372 Debug( LDAP_DEBUG_ANY,
373 "monitor_back_register_database: "
375 "\"" SLAPD_MONITOR_DATABASE_NAME "\" "
381 ms_overlay = monitor_back_get_subsys( SLAPD_MONITOR_OVERLAY_NAME );
382 if ( ms_overlay == NULL ) {
383 Debug( LDAP_DEBUG_ANY,
384 "monitor_back_register_database: "
386 "\"" SLAPD_MONITOR_OVERLAY_NAME "\" "
392 if ( monitor_cache_get( mi, &ms_database->mss_ndn, &e_database ) ) {
393 Debug( LDAP_DEBUG_ANY,
394 "monitor_subsys_database_init: "
395 "unable to get entry \"%s\"\n",
396 ms_database->mss_ndn.bv_val, 0, 0 );
400 mp = ( monitor_entry_t * )e_database->e_private;
401 for ( i = -1, ep = &mp->mp_children; *ep; i++ ) {
404 a = attr_find( (*ep)->e_attrs, slap_schema.si_ad_namingContexts );
408 /* FIXME: RFC 4512 defines namingContexts without an
409 * equality matching rule, making comparisons
410 * like this one tricky. We use a_vals and
411 * be_suffix instead for now.
413 for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) {
414 for ( k = 0; !BER_BVISNULL( &be->be_suffix[ k ] ); k++ ) {
415 if ( dn_match( &a->a_vals[ j ],
416 &be->be_suffix[ k ] ) ) {
424 mp = ( monitor_entry_t * )(*ep)->e_private;
426 assert( mp != NULL );
431 bv.bv_len = snprintf( buf, sizeof( buf ), "cn=Database %d", i );
432 if ( bv.bv_len >= sizeof( buf ) ) {
437 rc = monitor_subsys_database_init_one( mi, be,
438 ms_database, ms_backend, ms_overlay, &bv, e_database, &ep );
442 /* database_init_one advanced ep past where we want.
443 * But it stored the entry we want in mp->mp_next.
448 monitor_cache_release( mi, e_database );
449 if ( rc == 0 && ndn && ep && *ep ) {
450 *ndn = (*ep)->e_nname;
457 monitor_subsys_database_init(
459 monitor_subsys_t *ms )
462 Entry *e_database, **ep;
465 monitor_subsys_t *ms_backend,
469 assert( be != NULL );
471 ms->mss_modify = monitor_subsys_database_modify;
473 mi = ( monitor_info_t * )be->be_private;
475 ms_backend = monitor_back_get_subsys( SLAPD_MONITOR_BACKEND_NAME );
476 if ( ms_backend == NULL ) {
477 Debug( LDAP_DEBUG_ANY,
478 "monitor_subsys_database_init: "
480 "\"" SLAPD_MONITOR_BACKEND_NAME "\" "
486 ms_overlay = monitor_back_get_subsys( SLAPD_MONITOR_OVERLAY_NAME );
487 if ( ms_overlay == NULL ) {
488 Debug( LDAP_DEBUG_ANY,
489 "monitor_subsys_database_init: "
491 "\"" SLAPD_MONITOR_OVERLAY_NAME "\" "
497 if ( monitor_cache_get( mi, &ms->mss_ndn, &e_database ) ) {
498 Debug( LDAP_DEBUG_ANY,
499 "monitor_subsys_database_init: "
500 "unable to get entry \"%s\"\n",
501 ms->mss_ndn.bv_val, 0, 0 );
505 (void)init_readOnly( mi, e_database, frontendDB->be_restrictops );
506 (void)init_restrictedOperation( mi, e_database, frontendDB->be_restrictops );
508 mp = ( monitor_entry_t * )e_database->e_private;
509 mp->mp_children = NULL;
510 ep = &mp->mp_children;
512 BER_BVSTR( &bv, "cn=Frontend" );
513 rc = monitor_subsys_database_init_one( mi, frontendDB,
514 ms, ms_backend, ms_overlay, &bv, e_database, &ep );
520 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
521 char buf[ BACKMONITOR_BUFSIZE ];
524 bv.bv_len = snprintf( buf, sizeof( buf ), "cn=Database %d", ++i );
525 if ( bv.bv_len >= sizeof( buf ) ) {
529 rc = monitor_subsys_database_init_one( mi, be,
530 ms, ms_backend, ms_overlay, &bv, e_database, &ep );
536 monitor_cache_release( mi, e_database );
543 * cur: must not contain the tags corresponding to the values in v
544 * delta: will contain the tags corresponding to the values in v
547 value_mask( BerVarray v, slap_mask_t cur, slap_mask_t *delta )
549 for ( ; !BER_BVISNULL( v ); v++ ) {
550 struct restricted_ops_t *rops;
553 if ( OID_LEADCHAR( v->bv_val[ 0 ] ) ) {
554 rops = restricted_exops;
557 rops = restricted_ops;
560 for ( i = 0; !BER_BVISNULL( &rops[ i ].op ); i++ ) {
561 if ( ber_bvstrcasecmp( v, &rops[ i ].op ) != 0 ) {
565 if ( rops[ i ].tag & *delta ) {
569 if ( rops[ i ].tag & cur ) {
573 cur |= rops[ i ].tag;
574 *delta |= rops[ i ].tag;
579 if ( BER_BVISNULL( &rops[ i ].op ) ) {
580 return LDAP_INVALID_SYNTAX;
588 monitor_subsys_database_modify(
593 monitor_info_t *mi = (monitor_info_t *)op->o_bd->be_private;
595 Attribute *save_attrs, *a;
598 int ro_gotval = 1, i, n;
599 slap_mask_t rp_add = 0, rp_delete = 0, rp_cur;
602 i = sscanf( e->e_nname.bv_val, "cn=database %d,", &n );
604 return SLAP_CB_CONTINUE;
607 if ( n < 0 || n >= nBackendDB ) {
608 rs->sr_text = "invalid database index";
609 return ( rs->sr_err = LDAP_NO_SUCH_OBJECT );
612 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
618 /* do not allow some changes on back-monitor (needs work)... */
619 if ( SLAP_MONITOR( be ) ) {
620 rs->sr_text = "no modifications allowed to monitor database entry";
621 return ( rs->sr_err = LDAP_UNWILLING_TO_PERFORM );
624 rp_cur = be->be_restrictops;
626 save_attrs = e->e_attrs;
627 e->e_attrs = attrs_dup( e->e_attrs );
629 for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
630 Modification *mod = &ml->sml_mod;
632 if ( mod->sm_desc == mi->mi_ad_readOnly ) {
635 if ( mod->sm_values ) {
636 if ( !BER_BVISNULL( &mod->sm_values[ 1 ] ) ) {
637 rs->sr_text = "attempting to modify multiple values of single-valued attribute";
638 rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
642 if ( bvmatch( &slap_true_bv, mod->sm_values )) {
645 } else if ( bvmatch( &slap_false_bv, mod->sm_values )) {
650 rc = rs->sr_err = LDAP_INVALID_SYNTAX;
655 switch ( mod->sm_op ) {
656 case LDAP_MOD_DELETE:
657 if ( ro_gotval < 1 ) {
658 rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
663 if ( val == 0 && ( rp_cur & SLAP_RESTRICT_OP_WRITES ) == SLAP_RESTRICT_OP_WRITES ) {
664 rc = rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
668 if ( val == 1 && ( rp_cur & SLAP_RESTRICT_OP_WRITES ) != SLAP_RESTRICT_OP_WRITES ) {
669 rc = rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
675 case LDAP_MOD_REPLACE:
680 if ( ro_gotval > 0 ) {
681 rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
687 rp_add |= (~rp_cur) & SLAP_RESTRICT_OP_WRITES;
688 rp_cur |= SLAP_RESTRICT_OP_WRITES;
689 rp_delete &= ~SLAP_RESTRICT_OP_WRITES;
691 } else if ( val == 0 ) {
692 rp_delete |= rp_cur & SLAP_RESTRICT_OP_WRITES;
693 rp_cur &= ~SLAP_RESTRICT_OP_WRITES;
694 rp_add &= ~SLAP_RESTRICT_OP_WRITES;
699 rc = rs->sr_err = LDAP_OTHER;
703 } else if ( mod->sm_desc == mi->mi_ad_restrictedOperation ) {
704 slap_mask_t mask = 0;
706 switch ( mod->sm_op ) {
707 case LDAP_MOD_DELETE:
708 if ( mod->sm_values == NULL ) {
714 rc = value_mask( mod->sm_values, ~rp_cur, &mask );
715 if ( rc == LDAP_SUCCESS ) {
720 } else if ( rc == LDAP_OTHER ) {
721 rc = LDAP_NO_SUCH_ATTRIBUTE;
725 case LDAP_MOD_REPLACE:
732 rc = value_mask( mod->sm_values, rp_cur, &mask );
733 if ( rc == LDAP_SUCCESS ) {
738 } else if ( rc == LDAP_OTHER ) {
739 rc = rs->sr_err = LDAP_TYPE_OR_VALUE_EXISTS;
744 rc = rs->sr_err = LDAP_OTHER;
748 if ( rc != LDAP_SUCCESS ) {
752 } else if ( is_at_operational( mod->sm_desc->ad_type )) {
753 /* accept all operational attributes */
754 attr_delete( &e->e_attrs, mod->sm_desc );
755 rc = attr_merge( e, mod->sm_desc, mod->sm_values,
758 rc = rs->sr_err = LDAP_OTHER;
763 rc = rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
769 if ( ro_gotval < 1 ) {
770 rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
774 if ( ( rp_cur & SLAP_RESTRICT_OP_EXTENDED ) && ( rp_cur & SLAP_RESTRICT_EXOP_MASK ) ) {
775 rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
779 if ( rp_delete & rp_add ) {
780 rc = rs->sr_err = LDAP_OTHER;
784 /* check current value of readOnly */
785 if ( ( rp_cur & SLAP_RESTRICT_OP_WRITES ) == SLAP_RESTRICT_OP_WRITES ) {
786 tf = (struct berval *)&slap_true_bv;
789 tf = (struct berval *)&slap_false_bv;
792 a = attr_find( e->e_attrs, mi->mi_ad_readOnly );
798 if ( !bvmatch( &a->a_vals[ 0 ], tf ) ) {
799 attr_delete( &e->e_attrs, mi->mi_ad_readOnly );
800 rc = attr_merge_one( e, mi->mi_ad_readOnly, tf, tf );
803 if ( rc == LDAP_SUCCESS ) {
805 if ( rp_delete == be->be_restrictops ) {
806 attr_delete( &e->e_attrs, mi->mi_ad_restrictedOperation );
809 a = attr_find( e->e_attrs, mi->mi_ad_restrictedOperation );
811 rc = rs->sr_err = LDAP_OTHER;
815 for ( i = 0; !BER_BVISNULL( &restricted_ops[ i ].op ); i++ ) {
816 if ( rp_delete & restricted_ops[ i ].tag ) {
819 for ( j = 0; !BER_BVISNULL( &a->a_nvals[ j ] ); j++ ) {
822 if ( !bvmatch( &a->a_nvals[ j ], &restricted_ops[ i ].op ) ) {
826 ch_free( a->a_vals[ j ].bv_val );
827 ch_free( a->a_nvals[ j ].bv_val );
829 for ( k = j + 1; !BER_BVISNULL( &a->a_nvals[ k ] ); k++ ) {
830 a->a_vals[ k - 1 ] = a->a_vals[ k ];
831 a->a_nvals[ k - 1 ] = a->a_nvals[ k ];
834 BER_BVZERO( &a->a_vals[ k - 1 ] );
835 BER_BVZERO( &a->a_nvals[ k - 1 ] );
841 for ( i = 0; !BER_BVISNULL( &restricted_exops[ i ].op ); i++ ) {
842 if ( rp_delete & restricted_exops[ i ].tag ) {
845 for ( j = 0; !BER_BVISNULL( &a->a_nvals[ j ] ); j++ ) {
848 if ( !bvmatch( &a->a_nvals[ j ], &restricted_exops[ i ].op ) ) {
852 ch_free( a->a_vals[ j ].bv_val );
853 ch_free( a->a_nvals[ j ].bv_val );
855 for ( k = j + 1; !BER_BVISNULL( &a->a_nvals[ k ] ); k++ ) {
856 a->a_vals[ k - 1 ] = a->a_vals[ k ];
857 a->a_nvals[ k - 1 ] = a->a_nvals[ k ];
860 BER_BVZERO( &a->a_vals[ k - 1 ] );
861 BER_BVZERO( &a->a_nvals[ k - 1 ] );
867 if ( a->a_vals == NULL ) {
868 assert( a->a_numvals == 0 );
870 attr_delete( &e->e_attrs, mi->mi_ad_restrictedOperation );
876 for ( i = 0; !BER_BVISNULL( &restricted_ops[ i ].op ); i++ ) {
877 if ( rp_add & restricted_ops[ i ].tag ) {
878 attr_merge_one( e, mi->mi_ad_restrictedOperation,
879 &restricted_ops[ i ].op,
880 &restricted_ops[ i ].op );
884 for ( i = 0; !BER_BVISNULL( &restricted_exops[ i ].op ); i++ ) {
885 if ( rp_add & restricted_exops[ i ].tag ) {
886 attr_merge_one( e, mi->mi_ad_restrictedOperation,
887 &restricted_exops[ i ].op,
888 &restricted_exops[ i ].op );
894 be->be_restrictops = rp_cur;
897 if ( rc == LDAP_SUCCESS ) {
898 attrs_free( save_attrs );
899 rc = SLAP_CB_CONTINUE;
902 Attribute *tmp = e->e_attrs;
903 e->e_attrs = save_attrs;
909 #if defined(LDAP_SLAPI)
911 monitor_back_add_plugin( monitor_info_t *mi, Backend *be, Entry *e_database )
913 Slapi_PBlock *pCurrentPB;
914 int i, rc = LDAP_SUCCESS;
916 if ( slapi_int_pblock_get_first( be, &pCurrentPB ) != LDAP_SUCCESS ) {
918 * LDAP_OTHER is returned if no plugins are installed
926 Slapi_PluginDesc *srchdesc;
927 char buf[ BACKMONITOR_BUFSIZE ];
930 rc = slapi_pblock_get( pCurrentPB, SLAPI_PLUGIN_DESCRIPTION,
932 if ( rc != LDAP_SUCCESS ) {
936 snprintf( buf, sizeof(buf),
937 "plugin %d name: %s; "
943 srchdesc->spd_vendor,
944 srchdesc->spd_version,
945 srchdesc->spd_description );
947 snprintf( buf, sizeof(buf),
948 "plugin %d name: <no description available>", i );
951 ber_str2bv( buf, 0, 0, &bv );
952 attr_merge_normalize_one( e_database,
953 mi->mi_ad_monitoredInfo, &bv, NULL );
957 } while ( ( slapi_int_pblock_get_next( &pCurrentPB ) == LDAP_SUCCESS )
958 && ( pCurrentPB != NULL ) );
963 #endif /* defined(LDAP_SLAPI) */