1 /* op.c - relay backend operations */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2004-2009 The OpenLDAP Foundation.
6 * Portions Copyright 2004 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Pierangelo Masarati for inclusion
19 * in OpenLDAP Software.
27 #include "back-relay.h"
29 #define RB_ERR_MASK (0x0000FFFFU)
30 #define RB_ERR (0x10000000U)
31 #define RB_UNSUPPORTED_FLAG (0x20000000U)
32 #define RB_REFERRAL (0x40000000U)
33 #define RB_SEND (0x80000000U)
34 #define RB_UNSUPPORTED (LDAP_UNWILLING_TO_PERFORM|RB_ERR|RB_UNSUPPORTED_FLAG)
35 #define RB_UNSUPPORTED_SEND (RB_UNSUPPORTED|RB_SEND)
36 #define RB_REFERRAL_SEND (RB_REFERRAL|RB_SEND)
37 #define RB_ERR_SEND (RB_ERR|RB_SEND)
38 #define RB_ERR_REFERRAL_SEND (RB_ERR|RB_REFERRAL|RB_SEND)
41 relay_back_swap_bd( Operation *op, SlapReply *rs )
43 slap_callback *cb = op->o_callback;
44 BackendDB *be = op->o_bd;
46 op->o_bd = cb->sc_private;
49 return SLAP_CB_CONTINUE;
52 #define relay_back_add_cb( cb, op ) \
54 (cb)->sc_next = (op)->o_callback; \
55 (cb)->sc_response = relay_back_swap_bd; \
56 (cb)->sc_cleanup = relay_back_swap_bd; \
57 (cb)->sc_private = (op)->o_bd; \
58 (op)->o_callback = (cb); \
62 * selects the backend if not enforced at config;
63 * in case of failure, behaves based on err:
64 * -1 don't send result
65 * LDAP_SUCCESS don't send result; may send referral if dosend
66 * any valid error send as error result if dosend
69 relay_back_select_backend( Operation *op, SlapReply *rs, slap_mask_t fail_mode )
71 relay_back_info *ri = (relay_back_info *)op->o_bd->be_private;
72 BackendDB *bd = ri->ri_bd;
73 int rc = ( fail_mode & RB_ERR_MASK );
75 if ( bd == NULL && !BER_BVISNULL( &op->o_req_ndn ) ) {
76 bd = select_backend( &op->o_req_ndn, 1 );
80 if ( bd->be_private != op->o_bd->be_private ) {
84 Debug( LDAP_DEBUG_ANY,
85 "%s: back-relay for DN=\"%s\" would call self.\n",
86 op->o_log_prefix, op->o_req_dn.bv_val, 0 );
88 } else if ( ( fail_mode & RB_REFERRAL_SEND ) == RB_REFERRAL_SEND
89 && !BER_BVISNULL( &op->o_req_ndn )
92 rs->sr_err = LDAP_REFERRAL;
94 /* if we set sr_err to LDAP_REFERRAL,
95 * we must provide one */
96 rs->sr_ref = referral_rewrite(
101 rs->sr_ref = default_referral;
104 send_ldap_result( op, rs );
106 if ( rs->sr_ref != default_referral ) {
107 ber_bvarray_free( rs->sr_ref );
113 if ( fail_mode & RB_ERR ) {
115 if ( fail_mode & RB_SEND ) {
116 send_ldap_result( op, rs );
129 slap_mask_t fail_mode )
131 int rc = ( fail_mode & RB_ERR_MASK );
134 BackendDB *be = op->o_bd;
137 relay_back_add_cb( &cb, op );
143 if ( op->o_callback == &cb ) {
144 op->o_callback = op->o_callback->sc_next;
147 } else if ( fail_mode & RB_ERR ) {
149 if ( fail_mode & RB_UNSUPPORTED_FLAG ) {
150 rs->sr_text = "operation not supported within naming context";
153 if ( fail_mode & RB_SEND ) {
154 send_ldap_result( op, rs );
162 relay_back_op_bind( Operation *op, SlapReply *rs )
166 /* allow rootdn as a means to auth without the need to actually
167 * contact the proxied DSA */
168 switch ( be_rootdn_bind( op, rs ) ) {
169 case SLAP_CB_CONTINUE:
176 bd = relay_back_select_backend( op, rs,
177 ( LDAP_INVALID_CREDENTIALS | RB_ERR_SEND ) );
182 return relay_back_op( op, rs, bd, bd->be_bind,
183 ( LDAP_INVALID_CREDENTIALS | RB_ERR_SEND ) );
187 relay_back_op_unbind( Operation *op, SlapReply *rs )
191 bd = relay_back_select_backend( op, rs, 0 );
193 (void)relay_back_op( op, rs, bd, bd->be_unbind, 0 );
200 relay_back_op_search( Operation *op, SlapReply *rs )
204 bd = relay_back_select_backend( op, rs,
205 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
210 return relay_back_op( op, rs, bd, bd->be_search,
211 RB_UNSUPPORTED_SEND );
215 relay_back_op_compare( Operation *op, SlapReply *rs )
219 bd = relay_back_select_backend( op, rs,
220 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
225 return relay_back_op( op, rs, bd, bd->be_compare,
226 ( SLAP_CB_CONTINUE | RB_ERR ) );
230 relay_back_op_modify( Operation *op, SlapReply *rs )
234 bd = relay_back_select_backend( op, rs,
235 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
240 return relay_back_op( op, rs, bd, bd->be_modify,
241 RB_UNSUPPORTED_SEND );
245 relay_back_op_modrdn( Operation *op, SlapReply *rs )
249 bd = relay_back_select_backend( op, rs,
250 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
255 return relay_back_op( op, rs, bd, bd->be_modrdn,
256 RB_UNSUPPORTED_SEND );
260 relay_back_op_add( Operation *op, SlapReply *rs )
264 bd = relay_back_select_backend( op, rs,
265 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
270 return relay_back_op( op, rs, bd, bd->be_add,
271 RB_UNSUPPORTED_SEND );
275 relay_back_op_delete( Operation *op, SlapReply *rs )
279 bd = relay_back_select_backend( op, rs,
280 ( LDAP_NO_SUCH_OBJECT | RB_ERR_REFERRAL_SEND ) );
285 return relay_back_op( op, rs, bd, bd->be_delete,
286 RB_UNSUPPORTED_SEND );
289 #if 0 /* Should not exist - see ITS#6133 */
291 relay_back_op_abandon( Operation *op, SlapReply *rs )
295 bd = relay_back_select_backend( op, rs, 0 );
300 return relay_back_op( op, rs, bd, bd->be_abandon, 0 );
304 relay_back_op_cancel( Operation *op, SlapReply *rs )
309 bd = relay_back_select_backend( op, rs,
310 ( LDAP_CANNOT_CANCEL | RB_ERR ) );
312 if ( op->o_cancel == SLAP_CANCEL_REQ ) {
313 op->o_cancel = LDAP_CANNOT_CANCEL;
318 rc = relay_back_op( op, rs, bd, bd->be_cancel,
319 ( LDAP_CANNOT_CANCEL | RB_ERR ) );
320 if ( rc == LDAP_CANNOT_CANCEL && op->o_cancel == SLAP_CANCEL_REQ )
322 op->o_cancel = LDAP_CANNOT_CANCEL;
330 relay_back_op_extended( Operation *op, SlapReply *rs )
334 bd = relay_back_select_backend( op, rs,
335 ( LDAP_NO_SUCH_OBJECT | RB_ERR | RB_REFERRAL ) );
340 return relay_back_op( op, rs, bd, bd->be_extended,
345 relay_back_entry_release_rw( Operation *op, Entry *e, int rw )
347 relay_back_info *ri = (relay_back_info *)op->o_bd->be_private;
353 bd = select_backend( &op->o_req_ndn, 1 );
359 if ( bd->be_release ) {
360 BackendDB *be = op->o_bd;
363 rc = bd->be_release( op, e, rw );
372 relay_back_entry_get_rw( Operation *op, struct berval *ndn,
373 ObjectClass *oc, AttributeDescription *at, int rw, Entry **e )
375 relay_back_info *ri = (relay_back_info *)op->o_bd->be_private;
381 bd = select_backend( &op->o_req_ndn, 1 );
387 if ( bd->be_fetch ) {
388 BackendDB *be = op->o_bd;
391 rc = bd->be_fetch( op, ndn, oc, at, rw, e );
401 * NOTE: even the existence of this function is questionable: we cannot
402 * pass the bi_chk_referrals() call thru the rwm overlay because there
403 * is no way to rewrite the req_dn back; but then relay_back_chk_referrals()
404 * is passing the target database a DN that likely does not belong to its
405 * naming context... mmmh.
408 relay_back_chk_referrals( Operation *op, SlapReply *rs )
412 /* FIXME: Can send success on failure. Should send referral or nothing. */
413 bd = relay_back_select_backend( op, rs,
414 ( LDAP_SUCCESS | RB_ERR_REFERRAL_SEND ) );
415 /* FIXME: this test only works if there are no overlays, so
416 * it is nearly useless; if made stricter, no nested back-relays
417 * can be instantiated... too bad. */
418 if ( bd == NULL || bd == op->o_bd ) {
422 /* no nested back-relays... */
423 if ( overlay_is_over( bd ) ) {
424 slap_overinfo *oi = (slap_overinfo *)bd->bd_info->bi_private;
426 if ( oi->oi_orig == op->o_bd->bd_info ) {
431 return relay_back_op( op, rs, bd, bd->be_chk_referrals, LDAP_SUCCESS );
436 relay_back_operational( Operation *op, SlapReply *rs )
440 bd = relay_back_select_backend( op, rs, LDAP_SUCCESS );
441 /* FIXME: this test only works if there are no overlays, so
442 * it is nearly useless; if made stricter, no nested back-relays
443 * can be instantiated... too bad. */
444 if ( bd == NULL || bd == op->o_bd ) {
448 return relay_back_op( op, rs, bd, bd->be_operational, LDAP_SUCCESS );
452 relay_back_has_subordinates( Operation *op, Entry *e, int *hasSubs )
454 SlapReply rs = { 0 };
458 bd = relay_back_select_backend( op, &rs, LDAP_OTHER );
459 /* FIXME: this test only works if there are no overlays, so
460 * it is nearly useless; if made stricter, no nested back-relays
461 * can be instantiated... too bad. */
462 if ( bd == NULL || bd == op->o_bd ) {
466 if ( bd->be_has_subordinates ) {
467 BackendDB *be = op->o_bd;
470 rc = bd->be_has_subordinates( op, e, hasSubs );
477 #if 0 /* Should not exist - see ITS#6133 */
479 relay_back_connection_init( BackendDB *bd, Connection *c )
481 relay_back_info *ri = (relay_back_info *)bd->be_private;
488 if ( bd->be_connection_init ) {
489 return bd->be_connection_init( bd, c );
496 relay_back_connection_destroy( BackendDB *bd, Connection *c )
498 relay_back_info *ri = (relay_back_info *)bd->be_private;
505 if ( bd->be_connection_destroy ) {
506 return bd->be_connection_destroy( bd, c );
515 * FIXME: must implement tools as well