]> git.sur5r.net Git - openldap/blob - servers/slapd/backglue.c
Add register_certificate_map_function() native plugin API for registering
[openldap] / servers / slapd / backglue.c
1 /* backglue.c - backend glue routines */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4  *
5  * Copyright 2001-2004 The OpenLDAP Foundation.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted only as authorized by the OpenLDAP
10  * Public License.
11  *
12  * A copy of this license is available in the file LICENSE in the
13  * top-level directory of the distribution or, alternatively, at
14  * <http://www.OpenLDAP.org/license.html>.
15  */
16
17 /*
18  * Functions to glue a bunch of other backends into a single tree.
19  * All of the glued backends must share a common suffix. E.g., you
20  * can glue o=foo and ou=bar,o=foo but you can't glue o=foo and o=bar.
21  *
22  * This uses the backend structures and routines extensively, but is
23  * not an actual backend of its own. To use it you must add a "subordinate"
24  * keyword to the configuration of other backends. Subordinates will
25  * automatically be connected to their parent backend.
26  *
27  * The purpose of these functions is to allow you to split a single database
28  * into pieces (for load balancing purposes, whatever) but still be able
29  * to treat it as a single database after it's been split. As such, each
30  * of the glued backends should have identical rootdn and rootpw.
31  *
32  * If you need more elaborate configuration, you probably should be using
33  * back-meta instead.
34  *  -- Howard Chu
35  */
36
37 #include "portable.h"
38
39 #include <stdio.h>
40
41 #include <ac/string.h>
42 #include <ac/socket.h>
43
44 #define SLAPD_TOOLS
45 #include "slap.h"
46
47 typedef struct gluenode {
48         BackendDB *gn_be;
49         struct berval gn_pdn;
50 } gluenode;
51
52 typedef struct glueinfo {
53         BackendInfo gi_bi;
54         BackendDB gi_bd;
55         int gi_nodes;
56         gluenode gi_n[1];
57 } glueinfo;
58
59 static int glueMode;
60 static BackendDB *glueBack;
61
62 static slap_response glue_back_response;
63
64 /* Just like select_backend, but only for our backends */
65 static BackendDB *
66 glue_back_select (
67         BackendDB *be,
68         const char *dn
69 )
70 {
71         glueinfo *gi = (glueinfo *) be->bd_info;
72         struct berval bv;
73         int i;
74
75         bv.bv_len = strlen(dn);
76         bv.bv_val = (char *) dn;
77
78         for (i = 0; i<gi->gi_nodes; i++) {
79                 assert( gi->gi_n[i].gn_be->be_nsuffix );
80
81                 if (dnIsSuffix(&bv, &gi->gi_n[i].gn_be->be_nsuffix[0])) {
82                         return gi->gi_n[i].gn_be;
83                 }
84         }
85         return NULL;
86 }
87
88 /* This function will only be called in tool mode */
89 static int
90 glue_back_open (
91         BackendInfo *bi
92 )
93 {
94         int rc = 0;
95         static int glueOpened = 0;
96
97         if (glueOpened) return 0;
98
99         glueOpened = 1;
100
101         /* If we were invoked in tool mode, open all the underlying backends */
102         if (slapMode & SLAP_TOOL_MODE) {
103                 rc = backend_startup (NULL);
104         } /* other case is impossible */
105         return rc;
106 }
107
108 /* This function will only be called in tool mode */
109 static int
110 glue_back_close (
111         BackendInfo *bi
112 )
113 {
114         static int glueClosed = 0;
115         int rc = 0;
116
117         if (glueClosed) return 0;
118
119         glueClosed = 1;
120
121         if (slapMode & SLAP_TOOL_MODE) {
122                 rc = backend_shutdown (NULL);
123         }
124         return rc;
125 }
126
127 static int
128 glue_back_db_open (
129         BackendDB *be
130 )
131 {
132         glueinfo *gi = (glueinfo *) be->bd_info;
133         static int glueOpened = 0;
134         int rc = 0;
135
136         if (glueOpened) return 0;
137
138         glueOpened = 1;
139
140         gi->gi_bd.be_acl = be->be_acl;
141         gi->gi_bd.be_pending_csn_list = be->be_pending_csn_list;
142         gi->gi_bd.be_context_csn = be->be_context_csn;
143
144         if (gi->gi_bd.bd_info->bi_db_open)
145                 rc = gi->gi_bd.bd_info->bi_db_open(&gi->gi_bd);
146
147         return rc;
148 }
149
150 static int
151 glue_back_db_close (
152         BackendDB *be
153 )
154 {
155         glueinfo *gi = (glueinfo *) be->bd_info;
156         static int glueClosed = 0;
157
158         if (glueClosed) return 0;
159
160         glueClosed = 1;
161
162         /* Close the master */
163         if (gi->gi_bd.bd_info->bi_db_close)
164                 gi->gi_bd.bd_info->bi_db_close( &gi->gi_bd );
165
166         return 0;
167 }
168
169 static int
170 glue_back_db_destroy (
171         BackendDB *be
172 )
173 {
174         glueinfo *gi = (glueinfo *) be->bd_info;
175
176         if (gi->gi_bd.bd_info->bi_db_destroy)
177                 gi->gi_bd.bd_info->bi_db_destroy( &gi->gi_bd );
178         free (gi);
179         return 0;
180 }
181
182 typedef struct glue_state {
183         int err;
184         int slimit;
185         int matchlen;
186         char *matched;
187         int nrefs;
188         BerVarray refs;
189 } glue_state;
190
191 static int
192 glue_back_response ( Operation *op, SlapReply *rs )
193 {
194         glue_state *gs = op->o_callback->sc_private;
195
196         switch(rs->sr_type) {
197         case REP_SEARCH:
198                 if ( gs->slimit != SLAP_NO_LIMIT
199                                 && rs->sr_nentries >= gs->slimit )
200                 {
201                         rs->sr_err = gs->err = LDAP_SIZELIMIT_EXCEEDED;
202                         return -1;
203                 }
204                 /* fallthru */
205         case REP_SEARCHREF:
206                 return SLAP_CB_CONTINUE;
207
208         default:
209                 if (rs->sr_err == LDAP_SUCCESS ||
210                         rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ||
211                         rs->sr_err == LDAP_TIMELIMIT_EXCEEDED ||
212                         rs->sr_err == LDAP_ADMINLIMIT_EXCEEDED ||
213                         rs->sr_err == LDAP_NO_SUCH_OBJECT ||
214                         gs->err != LDAP_SUCCESS)
215                         gs->err = rs->sr_err;
216                 if (gs->err == LDAP_SUCCESS && gs->matched) {
217                         ch_free (gs->matched);
218                         gs->matched = NULL;
219                         gs->matchlen = 0;
220                 }
221                 if (gs->err != LDAP_SUCCESS && rs->sr_matched) {
222                         int len;
223                         len = strlen (rs->sr_matched);
224                         if (len > gs->matchlen) {
225                                 if (gs->matched)
226                                         ch_free (gs->matched);
227                                 gs->matched = ch_strdup (rs->sr_matched);
228                                 gs->matchlen = len;
229                         }
230                 }
231                 if (rs->sr_ref) {
232                         int i, j, k;
233                         BerVarray new;
234
235                         for (i=0; rs->sr_ref[i].bv_val; i++);
236
237                         j = gs->nrefs;
238                         if (!j) {
239                                 new = ch_malloc ((i+1)*sizeof(struct berval));
240                         } else {
241                                 new = ch_realloc(gs->refs,
242                                         (j+i+1)*sizeof(struct berval));
243                         }
244                         for (k=0; k<i; j++,k++) {
245                                 ber_dupbv( &new[j], &rs->sr_ref[k] );
246                         }
247                         new[j].bv_val = NULL;
248                         gs->nrefs = j;
249                         gs->refs = new;
250                 }
251         }
252         return 0;
253 }
254
255 static int
256 glue_back_search ( Operation *op, SlapReply *rs )
257 {
258         BackendDB *b0 = op->o_bd;
259         BackendDB *b1 = NULL;
260         glueinfo *gi = (glueinfo *) b0->bd_info;
261         int i;
262         long stoptime = 0;
263         glue_state gs = {0, 0, 0, NULL, 0, NULL};
264         slap_callback cb = { NULL, glue_back_response, NULL, NULL };
265         int scope0, slimit0, tlimit0;
266         struct berval dn, ndn;
267
268         cb.sc_private = &gs;
269
270         cb.sc_next = op->o_callback;
271
272         stoptime = slap_get_time () + op->ors_tlimit;
273
274         op->o_bd = glue_back_select (b0, op->o_req_ndn.bv_val);
275
276         switch (op->ors_scope) {
277         case LDAP_SCOPE_BASE:
278                 if (op->o_bd && op->o_bd->be_search) {
279                         rs->sr_err = op->o_bd->be_search( op, rs );
280                 } else {
281                         send_ldap_error(op, rs, LDAP_UNWILLING_TO_PERFORM,
282                                       "No search target found");
283                 }
284                 return rs->sr_err;
285
286         case LDAP_SCOPE_ONELEVEL:
287         case LDAP_SCOPE_SUBTREE:
288 #ifdef LDAP_SCOPE_SUBORDINATE
289         case LDAP_SCOPE_SUBORDINATE: /* FIXME */
290 #endif
291
292                 if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
293                         if (op->o_bd && op->o_bd->be_search) {
294                                 rs->sr_err = op->o_bd->be_search( op, rs );
295                         } else {
296                                 send_ldap_error(op, rs, LDAP_UNWILLING_TO_PERFORM,
297                                               "No search target found");
298                         }
299                         return rs->sr_err;
300                 }
301
302                 op->o_callback = &cb;
303                 rs->sr_err = gs.err = LDAP_UNWILLING_TO_PERFORM;
304                 scope0 = op->ors_scope;
305                 slimit0 = gs.slimit = op->ors_slimit;
306                 tlimit0 = op->ors_tlimit;
307                 dn = op->o_req_dn;
308                 ndn = op->o_req_ndn;
309                 b1 = op->o_bd;
310
311                 /*
312                  * Execute in reverse order, most general first 
313                  */
314                 for (i = gi->gi_nodes-1; i >= 0; i--) {
315                         if (!gi->gi_n[i].gn_be || !gi->gi_n[i].gn_be->be_search)
316                                 continue;
317                         if (!dnIsSuffix(&gi->gi_n[i].gn_be->be_nsuffix[0], &b1->be_nsuffix[0]))
318                                 continue;
319                         if (tlimit0 != SLAP_NO_LIMIT) {
320                                 op->ors_tlimit = stoptime - slap_get_time ();
321                                 if (op->ors_tlimit <= 0) {
322                                         rs->sr_err = gs.err = LDAP_TIMELIMIT_EXCEEDED;
323                                         break;
324                                 }
325                         }
326                         if (slimit0 != SLAP_NO_LIMIT) {
327                                 op->ors_slimit = slimit0 - rs->sr_nentries;
328                                 if (op->ors_slimit < 0) {
329                                         rs->sr_err = gs.err = LDAP_SIZELIMIT_EXCEEDED;
330                                         break;
331                                 }
332                         }
333                         rs->sr_err = 0;
334                         /*
335                          * check for abandon 
336                          */
337                         if (op->o_abandon) {
338                                 goto end_of_loop;
339                         }
340                         op->o_bd = gi->gi_n[i].gn_be;
341
342                         assert( op->o_bd->be_suffix );
343                         assert( op->o_bd->be_nsuffix );
344                         
345                         if (scope0 == LDAP_SCOPE_ONELEVEL && 
346                                 dn_match(&gi->gi_n[i].gn_pdn, &ndn))
347                         {
348                                 op->ors_scope = LDAP_SCOPE_BASE;
349                                 op->o_req_dn = op->o_bd->be_suffix[0];
350                                 op->o_req_ndn = op->o_bd->be_nsuffix[0];
351                                 rs->sr_err = op->o_bd->be_search(op, rs);
352
353                         } else if (scope0 == LDAP_SCOPE_SUBTREE &&
354                                 dn_match(&op->o_bd->be_nsuffix[0], &ndn))
355                         {
356                                 rs->sr_err = op->o_bd->be_search( op, rs );
357
358                         } else if (scope0 == LDAP_SCOPE_SUBTREE &&
359                                 dnIsSuffix(&op->o_bd->be_nsuffix[0], &ndn))
360                         {
361                                 op->o_req_dn = op->o_bd->be_suffix[0];
362                                 op->o_req_ndn = op->o_bd->be_nsuffix[0];
363                                 rs->sr_err = op->o_bd->be_search( op, rs );
364                                 if ( rs->sr_err == LDAP_NO_SUCH_OBJECT ) {
365                                         gs.err = LDAP_SUCCESS;
366                                 }
367
368                         } else if (dnIsSuffix(&ndn, &op->o_bd->be_nsuffix[0])) {
369                                 rs->sr_err = op->o_bd->be_search( op, rs );
370                         }
371
372                         switch ( gs.err ) {
373
374                         /*
375                          * Add errors that should result in dropping
376                          * the search
377                          */
378                         case LDAP_SIZELIMIT_EXCEEDED:
379                         case LDAP_TIMELIMIT_EXCEEDED:
380                         case LDAP_ADMINLIMIT_EXCEEDED:
381                         case LDAP_NO_SUCH_OBJECT:
382                                 goto end_of_loop;
383                         
384                         default:
385                                 break;
386                         }
387                 }
388 end_of_loop:;
389                 op->ors_scope = scope0;
390                 op->ors_slimit = slimit0;
391                 op->ors_tlimit = tlimit0;
392                 op->o_req_dn = dn;
393                 op->o_req_ndn = ndn;
394
395                 break;
396         }
397         if ( !op->o_abandon ) {
398                 op->o_callback = cb.sc_next;
399                 rs->sr_err = gs.err;
400                 rs->sr_matched = gs.matched;
401                 rs->sr_ref = gs.refs;
402
403                 send_ldap_result( op, rs );
404         }
405
406         op->o_bd = b0;
407         if (gs.matched)
408                 free (gs.matched);
409         if (gs.refs)
410                 ber_bvarray_free(gs.refs);
411         return rs->sr_err;
412 }
413
414
415 static int
416 glue_tool_entry_open (
417         BackendDB *b0,
418         int mode
419 )
420 {
421         /* We don't know which backend to talk to yet, so just
422          * remember the mode and move on...
423          */
424
425         glueMode = mode;
426         glueBack = NULL;
427
428         return 0;
429 }
430
431 static int
432 glue_tool_entry_close (
433         BackendDB *b0
434 )
435 {
436         int rc = 0;
437
438         if (glueBack) {
439                 if (!glueBack->be_entry_close)
440                         return 0;
441                 rc = glueBack->be_entry_close (glueBack);
442         }
443         return rc;
444 }
445
446 static ID
447 glue_tool_entry_first (
448         BackendDB *b0
449 )
450 {
451         glueinfo *gi = (glueinfo *) b0->bd_info;
452         int i;
453
454         /* If we're starting from scratch, start at the most general */
455         if (!glueBack) {
456                 for (i = gi->gi_nodes-1; i >= 0; i--) {
457                         if (gi->gi_n[i].gn_be->be_entry_open &&
458                             gi->gi_n[i].gn_be->be_entry_first) {
459                                 glueBack = gi->gi_n[i].gn_be;
460                                 break;
461                         }
462                 }
463
464         }
465         if (!glueBack || !glueBack->be_entry_open || !glueBack->be_entry_first ||
466                 glueBack->be_entry_open (glueBack, glueMode) != 0)
467                 return NOID;
468
469         return glueBack->be_entry_first (glueBack);
470 }
471
472 static ID
473 glue_tool_entry_next (
474         BackendDB *b0
475 )
476 {
477         glueinfo *gi = (glueinfo *) b0->bd_info;
478         int i;
479         ID rc;
480
481         if (!glueBack || !glueBack->be_entry_next)
482                 return NOID;
483
484         rc = glueBack->be_entry_next (glueBack);
485
486         /* If we ran out of entries in one database, move on to the next */
487         while (rc == NOID) {
488                 if ( glueBack && glueBack->be_entry_close )
489                         glueBack->be_entry_close (glueBack);
490                 for (i=0; i<gi->gi_nodes; i++) {
491                         if (gi->gi_n[i].gn_be == glueBack)
492                                 break;
493                 }
494                 if (i == 0) {
495                         glueBack = NULL;
496                         break;
497                 } else {
498                         glueBack = gi->gi_n[i-1].gn_be;
499                         rc = glue_tool_entry_first (b0);
500                 }
501         }
502         return rc;
503 }
504
505 static Entry *
506 glue_tool_entry_get (
507         BackendDB *b0,
508         ID id
509 )
510 {
511         if (!glueBack || !glueBack->be_entry_get)
512                 return NULL;
513
514         return glueBack->be_entry_get (glueBack, id);
515 }
516
517 static ID
518 glue_tool_entry_put (
519         BackendDB *b0,
520         Entry *e,
521         struct berval *text
522 )
523 {
524         BackendDB *be;
525         int rc;
526
527         be = glue_back_select (b0, e->e_ndn);
528         if (!be->be_entry_put)
529                 return NOID;
530
531         if (!glueBack) {
532                 rc = be->be_entry_open (be, glueMode);
533                 if (rc != 0)
534                         return NOID;
535         } else if (be != glueBack) {
536                 /* If this entry belongs in a different branch than the
537                  * previous one, close the current database and open the
538                  * new one.
539                  */
540                 glueBack->be_entry_close (glueBack);
541                 rc = be->be_entry_open (be, glueMode);
542                 if (rc != 0)
543                         return NOID;
544         }
545         glueBack = be;
546         return be->be_entry_put (be, e, text);
547 }
548
549 static int
550 glue_tool_entry_reindex (
551         BackendDB *b0,
552         ID id
553 )
554 {
555         if (!glueBack || !glueBack->be_entry_reindex)
556                 return -1;
557
558         return glueBack->be_entry_reindex (glueBack, id);
559 }
560
561 static int
562 glue_tool_sync (
563         BackendDB *b0
564 )
565 {
566         glueinfo *gi = (glueinfo *) b0->bd_info;
567         int i;
568
569         /* just sync everyone */
570         for (i = 0; i<gi->gi_nodes; i++)
571                 if (gi->gi_n[i].gn_be->be_sync)
572                         gi->gi_n[i].gn_be->be_sync (gi->gi_n[i].gn_be);
573         return 0;
574 }
575
576 int
577 glue_sub_init( )
578 {
579         int i, j;
580         int cont = num_subordinates;
581         BackendDB *b1, *be;
582         BackendInfo *bi = NULL;
583         glueinfo *gi;
584
585         /* While there are subordinate backends, search backwards through the
586          * backends and connect them to their superior.
587          */
588         for (i = nBackendDB - 1, b1=&backendDB[i]; cont && i>=0; b1--,i--) {
589                 if (SLAP_GLUE_SUBORDINATE ( b1 ) ) {
590                         /* The last database cannot be a subordinate of noone */
591                         if (i == nBackendDB - 1) {
592                                 SLAP_DBFLAGS(b1) ^= SLAP_DBFLAG_GLUE_SUBORDINATE;
593                         }
594                         continue;
595                 }
596                 gi = NULL;
597                 for (j = i-1, be=&backendDB[j]; j>=0; be--,j--) {
598                         if ( ! SLAP_GLUE_SUBORDINATE( be ) ) {
599                                 continue;
600                         }
601                         /* We will only link it once */
602                         if ( SLAP_GLUE_LINKED( be ) ) {
603                                 continue;
604                         }
605                         assert( be->be_nsuffix );
606                         assert( b1->be_nsuffix );
607                         if (!dnIsSuffix(&be->be_nsuffix[0], &b1->be_nsuffix[0])) {
608                                 continue;
609                         }
610                         cont--;
611                         SLAP_DBFLAGS(be) |= SLAP_DBFLAG_GLUE_LINKED;
612                         if (gi == NULL) {
613                                 /* We create a copy of the superior's be
614                                  * structure, pointing to all of its original
615                                  * information. Then we replace elements of
616                                  * the superior's info with our own. The copy
617                                  * is used whenever we have operations to pass
618                                  * down to the real database.
619                                  */
620                                 SLAP_DBFLAGS(b1) |= SLAP_DBFLAG_GLUE_INSTANCE;
621                                 gi = (glueinfo *)ch_malloc(sizeof(glueinfo));
622                                 gi->gi_nodes = 0;
623                                 gi->gi_bd = *b1;
624                                 gi->gi_bi = *b1->bd_info;
625                                 bi = (BackendInfo *)gi;
626                                 bi->bi_open = glue_back_open;
627                                 bi->bi_close = glue_back_close;
628                                 bi->bi_db_open = glue_back_db_open;
629                                 bi->bi_db_close = glue_back_db_close;
630                                 bi->bi_db_destroy = glue_back_db_destroy;
631
632                                 bi->bi_op_search = glue_back_search;
633
634                                 /*
635                                  * hooks for slap tools
636                                  */
637                                 bi->bi_tool_entry_open = glue_tool_entry_open;
638                                 bi->bi_tool_entry_close = glue_tool_entry_close;
639                                 bi->bi_tool_entry_first = glue_tool_entry_first;
640                                 bi->bi_tool_entry_next = glue_tool_entry_next;
641                                 bi->bi_tool_entry_get = glue_tool_entry_get;
642                                 bi->bi_tool_entry_put = glue_tool_entry_put;
643                                 bi->bi_tool_entry_reindex = glue_tool_entry_reindex;
644                                 bi->bi_tool_sync = glue_tool_sync;
645                                 /* FIXME : will support later */
646                                 bi->bi_tool_dn2id_get = 0;
647                                 bi->bi_tool_id2entry_get = 0;
648                                 bi->bi_tool_entry_modify = 0;
649                         } else {
650                                 gi = (glueinfo *)ch_realloc(gi,
651                                         sizeof(glueinfo) +
652                                         gi->gi_nodes * sizeof(gluenode));
653                         }
654                         gi->gi_n[gi->gi_nodes].gn_be = be;
655                         dnParent( &be->be_nsuffix[0], &gi->gi_n[gi->gi_nodes].gn_pdn ); 
656                         gi->gi_nodes++;
657                 }
658                 if (gi) {
659                         /* One more node for the master */
660                         gi = (glueinfo *)ch_realloc(gi,
661                                 sizeof(glueinfo) + gi->gi_nodes * sizeof(gluenode));
662                         gi->gi_n[gi->gi_nodes].gn_be = &gi->gi_bd;
663                         dnParent( &b1->be_nsuffix[0], &gi->gi_n[gi->gi_nodes].gn_pdn );
664                         gi->gi_nodes++;
665                         b1->bd_info = (BackendInfo *)gi;
666                 }
667         }
668         /* If there are any unresolved subordinates left, something is wrong */
669         return cont;
670 }