1 /* refint.c - referential integrity module */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2004-2015 The OpenLDAP Foundation.
6 * Portions Copyright 2004 Symas Corporation.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Symas Corp. for inclusion in
19 * OpenLDAP Software. This work was sponsored by Hewlett-Packard.
24 /* This module maintains referential integrity for a set of
25 * DN-valued attributes by searching for all references to a given
26 * DN whenever the DN is changed or its entry is deleted, and making
27 * the appropriate update.
29 * Updates are performed using the database rootdn in a separate task
30 * to allow the original operation to complete immediately.
33 #ifdef SLAPD_OVER_REFINT
37 #include <ac/string.h>
38 #include <ac/socket.h>
44 static slap_overinst refint;
46 /* The DN to use in the ModifiersName for all refint updates */
47 static BerValue refint_dn = BER_BVC("cn=Referential Integrity Overlay");
48 static BerValue refint_ndn = BER_BVC("cn=referential integrity overlay");
50 typedef struct refint_attrs_s {
51 struct refint_attrs_s *next;
52 AttributeDescription *attr;
61 typedef struct dependents_s {
62 struct dependents_s *next;
63 BerValue dn; /* target dn */
68 typedef struct refint_q {
69 struct refint_q *next;
70 struct refint_data_s *rdata;
71 dependent_data *attrs; /* entries and attrs returned from callback */
80 typedef struct refint_data_s {
81 struct refint_attrs_s *attrs; /* list of known attrs */
82 BerValue dn; /* basedn in parent, */
83 BerValue nothing; /* the nothing value, if needed */
84 BerValue nnothing; /* normalized nothingness */
85 BerValue refint_dn; /* modifier's name */
86 BerValue refint_ndn; /* normalized modifier's name */
91 ldap_pvt_thread_mutex_t qmutex;
94 typedef struct refint_pre_s {
99 #define RUNQ_INTERVAL 36000 /* a long time */
101 static MatchingRule *mr_dnSubtreeMatch;
109 static ConfigDriver refint_cf_gen;
111 static ConfigTable refintcfg[] = {
112 { "refint_attributes", "attribute...", 2, 0, 0,
113 ARG_MAGIC|REFINT_ATTRS, refint_cf_gen,
114 "( OLcfgOvAt:11.1 NAME 'olcRefintAttribute' "
115 "DESC 'Attributes for referential integrity' "
116 "EQUALITY caseIgnoreMatch "
117 "SYNTAX OMsDirectoryString )", NULL, NULL },
118 { "refint_nothing", "string", 2, 2, 0,
119 ARG_DN|ARG_MAGIC|REFINT_NOTHING, refint_cf_gen,
120 "( OLcfgOvAt:11.2 NAME 'olcRefintNothing' "
121 "DESC 'Replacement DN to supply when needed' "
122 "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
123 { "refint_modifiersName", "DN", 2, 2, 0,
124 ARG_DN|ARG_MAGIC|REFINT_MODIFIERSNAME, refint_cf_gen,
125 "( OLcfgOvAt:11.3 NAME 'olcRefintModifiersName' "
126 "DESC 'The DN to use as modifiersName' "
127 "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
128 { NULL, NULL, 0, 0, 0, ARG_IGNORED }
131 static ConfigOCs refintocs[] = {
132 { "( OLcfgOvOc:11.1 "
133 "NAME 'olcRefintConfig' "
134 "DESC 'Referential integrity configuration' "
135 "SUP olcOverlayConfig "
136 "MAY ( olcRefintAttribute "
137 "$ olcRefintNothing "
138 "$ olcRefintModifiersName "
140 Cft_Overlay, refintcfg },
145 refint_cf_gen(ConfigArgs *c)
147 slap_overinst *on = (slap_overinst *)c->bi;
148 refint_data *dd = (refint_data *)on->on_bi.bi_private;
149 refint_attrs *ip, *pip, **pipp = NULL;
150 AttributeDescription *ad;
152 int rc = ARG_BAD_CONF;
156 case SLAP_CONFIG_EMIT:
161 value_add_one( &c->rvalue_vals,
162 &ip->attr->ad_cname );
168 if ( !BER_BVISEMPTY( &dd->nothing )) {
169 rc = value_add_one( &c->rvalue_vals,
172 rc = value_add_one( &c->rvalue_nvals,
178 case REFINT_MODIFIERSNAME:
179 if ( !BER_BVISEMPTY( &dd->refint_dn )) {
180 rc = value_add_one( &c->rvalue_vals,
183 rc = value_add_one( &c->rvalue_nvals,
193 case LDAP_MOD_DELETE:
206 /* delete from linked list */
207 for ( i=0; i < c->valx; ++i ) {
208 pipp = &(*pipp)->next;
211 *pipp = (*pipp)->next;
213 /* AttributeDescriptions are global so
214 * shouldn't be freed here... */
220 ch_free( dd->nothing.bv_val );
221 ch_free( dd->nnothing.bv_val );
222 BER_BVZERO( &dd->nothing );
223 BER_BVZERO( &dd->nnothing );
226 case REFINT_MODIFIERSNAME:
227 ch_free( dd->refint_dn.bv_val );
228 ch_free( dd->refint_ndn.bv_val );
229 BER_BVZERO( &dd->refint_dn );
230 BER_BVZERO( &dd->refint_ndn );
237 case SLAP_CONFIG_ADD:
238 /* fallthrough to LDAP_MOD_ADD */
243 for ( i=1; i < c->argc; ++i ) {
245 if ( slap_str2ad ( c->argv[i], &ad, &text )
248 sizeof ( refint_attrs ) );
250 ip->next = dd->attrs;
253 snprintf( c->cr_msg, sizeof( c->cr_msg ),
254 "%s <%s>: %s", c->argv[0], c->argv[i], text );
255 Debug ( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE,
256 "%s: %s\n", c->log, c->cr_msg, 0 );
262 if ( !BER_BVISNULL( &c->value_ndn )) {
263 ch_free ( dd->nothing.bv_val );
264 ch_free ( dd->nnothing.bv_val );
265 dd->nothing = c->value_dn;
266 dd->nnothing = c->value_ndn;
272 case REFINT_MODIFIERSNAME:
273 if ( !BER_BVISNULL( &c->value_ndn )) {
274 ch_free( dd->refint_dn.bv_val );
275 ch_free( dd->refint_ndn.bv_val );
276 dd->refint_dn = c->value_dn;
277 dd->refint_ndn = c->value_ndn;
295 ** allocate new refint_data;
296 ** store in on_bi.bi_private;
306 slap_overinst *on = (slap_overinst *)be->bd_info;
307 refint_data *id = ch_calloc(1,sizeof(refint_data));
309 on->on_bi.bi_private = id;
310 ldap_pvt_thread_mutex_init( &id->qmutex );
320 slap_overinst *on = (slap_overinst *)be->bd_info;
322 if ( on->on_bi.bi_private ) {
323 refint_data *id = on->on_bi.bi_private;
324 refint_attrs *ii, *ij;
326 on->on_bi.bi_private = NULL;
327 ldap_pvt_thread_mutex_destroy( &id->qmutex );
329 for(ii = id->attrs; ii; ii = ij) {
334 ch_free( id->nothing.bv_val );
335 BER_BVZERO( &id->nothing );
336 ch_free( id->nnothing.bv_val );
337 BER_BVZERO( &id->nnothing );
345 ** initialize, copy basedn if not already set
355 slap_overinst *on = (slap_overinst *)be->bd_info;
356 refint_data *id = on->on_bi.bi_private;
358 if ( BER_BVISNULL( &id->dn )) {
359 if ( BER_BVISNULL( &be->be_nsuffix[0] ))
361 ber_dupbv( &id->dn, &be->be_nsuffix[0] );
363 if ( BER_BVISNULL( &id->refint_dn ) ) {
364 ber_dupbv( &id->refint_dn, &refint_dn );
365 ber_dupbv( &id->refint_ndn, &refint_ndn );
369 ** find the backend that matches our configured basedn;
370 ** make sure it exists and has search and modify methods;
374 if ( on->on_info->oi_origdb != frontendDB ) {
375 BackendDB *db = select_backend(&id->dn, 1);
378 if ( !db->be_search || !db->be_modify ) {
379 Debug( LDAP_DEBUG_CONFIG,
380 "refint_response: backend missing search and/or modify\n",
386 Debug( LDAP_DEBUG_CONFIG,
387 "refint_response: no backend for our baseDN %s??\n",
388 id->dn.bv_val, 0, 0 );
408 slap_overinst *on = (slap_overinst *) be->bd_info;
409 refint_data *id = on->on_bi.bi_private;
411 ch_free( id->dn.bv_val );
412 BER_BVZERO( &id->dn );
413 ch_free( id->refint_dn.bv_val );
414 BER_BVZERO( &id->refint_dn );
415 ch_free( id->refint_ndn.bv_val );
416 BER_BVZERO( &id->refint_ndn );
423 ** generates a list of Attributes from search results
434 refint_q *rq = op->o_callback->sc_private;
435 refint_data *dd = rq->rdata;
436 refint_attrs *ia, *da = dd->attrs, *na;
440 Debug(LDAP_DEBUG_TRACE, "refint_search_cb <%s>\n",
441 rs->sr_entry ? rs->sr_entry->e_name.bv_val : "NOTHING", 0, 0);
443 if (rs->sr_type != REP_SEARCH || !rs->sr_entry) return(0);
446 ** foreach configured attribute type:
447 ** if this attr exists in the search result,
448 ** and it has a value matching the target:
450 ** save/build DNs of any subordinate matches;
451 ** handle special case: found exact + subordinate match;
452 ** handle olcRefintNothing;
456 ip = op->o_tmpalloc(sizeof(dependent_data), op->o_tmpmemctx );
457 ber_dupbv_x( &ip->dn, &rs->sr_entry->e_name, op->o_tmpmemctx );
458 ber_dupbv_x( &ip->ndn, &rs->sr_entry->e_nname, op->o_tmpmemctx );
459 ip->next = rq->attrs;
462 for(ia = da; ia; ia = ia->next) {
463 if ( (a = attr_find(rs->sr_entry->e_attrs, ia->attr) ) ) {
464 int exact = -1, is_exact;
468 /* Are we doing subtree matching or simple equality? */
470 for(i = 0, b = a->a_nvals; b[i].bv_val; i++) {
471 if(dnIsSuffix(&b[i], &rq->oldndn)) {
472 is_exact = b[i].bv_len == rq->oldndn.bv_len;
474 /* Paranoia: skip buggy duplicate exact match,
475 * it would break ra_numvals
477 if ( is_exact && exact >= 0 )
480 /* first match? create structure */
482 na = op->o_tmpcalloc( 1,
483 sizeof( refint_attrs ),
485 na->next = ip->attrs;
493 /* Exact match: refint_repair will deduce the DNs */
497 /* Subordinate match */
498 struct berval newsub, newdn, olddn, oldndn;
501 ber_dupbv_x( &olddn, &a->a_vals[i], op->o_tmpmemctx );
502 ber_bvarray_add_x( &na->old_vals, &olddn, op->o_tmpmemctx );
504 ber_dupbv_x( &oldndn, &a->a_nvals[i], op->o_tmpmemctx );
505 ber_bvarray_add_x( &na->old_nvals, &oldndn, op->o_tmpmemctx );
507 if ( BER_BVISEMPTY( &rq->newdn ) )
510 /* Rename subordinate match: Build new DN */
511 newsub = a->a_vals[i];
512 newsub.bv_len -= rq->olddn.bv_len + 1;
513 build_new_dn( &newdn, &rq->newdn, &newsub, op->o_tmpmemctx );
514 ber_bvarray_add_x( &na->new_vals, &newdn, op->o_tmpmemctx );
516 newsub = a->a_nvals[i];
517 newsub.bv_len -= rq->oldndn.bv_len + 1;
518 build_new_dn( &newdn, &rq->newndn, &newsub, op->o_tmpmemctx );
519 ber_bvarray_add_x( &na->new_nvals, &newdn, op->o_tmpmemctx );
524 /* If we got both subordinate and exact match,
525 * refint_repair won't special-case the exact match */
526 if ( exact >= 0 && na->old_vals ) {
529 ber_dupbv_x( &dn, &a->a_vals[exact], op->o_tmpmemctx );
530 ber_bvarray_add_x( &na->old_vals, &dn, op->o_tmpmemctx );
531 ber_dupbv_x( &dn, &a->a_nvals[exact], op->o_tmpmemctx );
532 ber_bvarray_add_x( &na->old_nvals, &dn, op->o_tmpmemctx );
534 if ( !BER_BVISEMPTY( &rq->newdn ) ) {
535 ber_dupbv_x( &dn, &rq->newdn, op->o_tmpmemctx );
536 ber_bvarray_add_x( &na->new_vals, &dn, op->o_tmpmemctx );
537 ber_dupbv_x( &dn, &rq->newndn, op->o_tmpmemctx );
538 ber_bvarray_add_x( &na->new_nvals, &dn, op->o_tmpmemctx );
542 /* entry has no children, just equality matching */
543 is_exact = attr_valfind( a,
544 SLAP_MR_EQUALITY|SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH|
545 SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH, &rq->oldndn, &i, NULL );
546 if ( is_exact == LDAP_SUCCESS ) {
547 na = op->o_tmpcalloc( 1,
548 sizeof( refint_attrs ),
550 na->next = ip->attrs;
557 /* Deleting/replacing all values and a nothing DN is configured? */
558 if ( na && na->ra_numvals == a->a_numvals && !BER_BVISNULL(&dd->nothing) )
561 Debug( LDAP_DEBUG_TRACE, "refint_search_cb: %s: %s (#%d)\n",
562 a->a_desc->ad_cname.bv_val, rq->olddn.bv_val, i );
576 SlapReply rs = {REP_RESULT};
582 op->o_callback->sc_response = refint_search_cb;
583 op->o_req_dn = op->o_bd->be_suffix[ 0 ];
584 op->o_req_ndn = op->o_bd->be_nsuffix[ 0 ];
585 op->o_dn = op->o_bd->be_rootdn;
586 op->o_ndn = op->o_bd->be_rootndn;
587 cache = op->o_do_not_cache;
588 op->o_do_not_cache = 1;
591 rc = op->o_bd->be_search( op, &rs );
592 op->o_do_not_cache = cache;
594 if ( rc != LDAP_SUCCESS ) {
595 Debug( LDAP_DEBUG_TRACE,
596 "refint_repair: search failed: %d\n",
601 /* safety? paranoid just in case */
602 if ( op->o_callback->sc_private == NULL ) {
603 Debug( LDAP_DEBUG_TRACE,
604 "refint_repair: callback wiped out sc_private?!\n",
609 /* Set up the Modify requests */
610 op->o_callback->sc_response = &slap_null_cb;
613 * [our search callback builds a list of attrs]
615 * make sure its dn has a backend;
616 * build Modification* chain;
617 * call the backend modify function;
623 for ( dp = rq->attrs; dp; dp = dp->next ) {
624 SlapReply rs2 = {REP_RESULT};
628 if ( dp->attrs == NULL ) continue; /* TODO: Is this needed? */
630 op2.o_bd = select_backend( &dp->ndn, 1 );
632 Debug( LDAP_DEBUG_TRACE,
633 "refint_repair: no backend for DN %s!\n",
634 dp->dn.bv_val, 0, 0 );
637 op2.o_tag = LDAP_REQ_MODIFY;
638 op2.orm_modlist = NULL;
639 op2.o_req_dn = dp->dn;
640 op2.o_req_ndn = dp->ndn;
641 /* Internal ops, never replicate these */
642 op2.orm_no_opattrs = 1;
643 op2.o_dont_replicate = 1;
646 /* Set our ModifiersName */
647 if ( SLAP_LASTMOD( op->o_bd ) ) {
648 m = op2.o_tmpalloc( sizeof(Modifications) +
649 4*sizeof(BerValue), op2.o_tmpmemctx );
650 m->sml_next = op2.orm_modlist;
652 m->sml_op = LDAP_MOD_REPLACE;
653 m->sml_flags = SLAP_MOD_INTERNAL;
654 m->sml_desc = slap_schema.si_ad_modifiersName;
655 m->sml_type = m->sml_desc->ad_cname;
657 m->sml_values = (BerVarray)(m+1);
658 m->sml_nvalues = m->sml_values+2;
659 BER_BVZERO( &m->sml_values[1] );
660 BER_BVZERO( &m->sml_nvalues[1] );
661 m->sml_values[0] = id->refint_dn;
662 m->sml_nvalues[0] = id->refint_ndn;
665 for ( ra = dp->attrs; ra; ra = ra->next ) {
669 if ( ra->dont_empty || !BER_BVISEMPTY( &rq->newdn ) ) {
670 len = sizeof(Modifications);
672 if ( ra->new_vals == NULL ) {
673 len += 4*sizeof(BerValue);
676 m = op2.o_tmpalloc( len, op2.o_tmpmemctx );
677 m->sml_next = op2.orm_modlist;
679 m->sml_op = LDAP_MOD_ADD;
681 m->sml_desc = ra->attr;
682 m->sml_type = ra->attr->ad_cname;
683 if ( ra->new_vals == NULL ) {
684 m->sml_values = (BerVarray)(m+1);
685 m->sml_nvalues = m->sml_values+2;
686 BER_BVZERO( &m->sml_values[1] );
687 BER_BVZERO( &m->sml_nvalues[1] );
689 if ( BER_BVISEMPTY( &rq->newdn ) ) {
690 m->sml_values[0] = id->nothing;
691 m->sml_nvalues[0] = id->nnothing;
693 m->sml_values[0] = rq->newdn;
694 m->sml_nvalues[0] = rq->newndn;
697 m->sml_values = ra->new_vals;
698 m->sml_nvalues = ra->new_nvals;
699 m->sml_numvals = ra->ra_numvals;
704 len = sizeof(Modifications);
705 if ( ra->old_vals == NULL ) {
706 len += 4*sizeof(BerValue);
708 m = op2.o_tmpalloc( len, op2.o_tmpmemctx );
709 m->sml_next = op2.orm_modlist;
711 m->sml_op = LDAP_MOD_DELETE;
713 m->sml_desc = ra->attr;
714 m->sml_type = ra->attr->ad_cname;
715 if ( ra->old_vals == NULL ) {
717 m->sml_values = (BerVarray)(m+1);
718 m->sml_nvalues = m->sml_values+2;
719 m->sml_values[0] = rq->olddn;
720 m->sml_nvalues[0] = rq->oldndn;
721 BER_BVZERO( &m->sml_values[1] );
722 BER_BVZERO( &m->sml_nvalues[1] );
724 m->sml_values = ra->old_vals;
725 m->sml_nvalues = ra->old_nvals;
726 m->sml_numvals = ra->ra_numvals;
730 op2.o_dn = op2.o_bd->be_rootdn;
731 op2.o_ndn = op2.o_bd->be_rootndn;
732 rc = op2.o_bd->be_modify( &op2, &rs2 );
733 if ( rc != LDAP_SUCCESS ) {
734 Debug( LDAP_DEBUG_TRACE,
735 "refint_repair: dependent modify failed: %d\n",
739 while ( ( m = op2.orm_modlist ) ) {
740 op2.orm_modlist = m->sml_next;
741 op2.o_tmpfree( m, op2.o_tmpmemctx );
750 refint_qtask( void *ctx, void *arg )
752 struct re_s *rtask = arg;
753 refint_data *id = rtask->arg;
754 Connection conn = {0};
755 OperationBuffer opbuf;
757 slap_callback cb = { NULL, NULL, NULL, NULL };
761 int pausing = 0, rc = 0;
763 connection_fake_init( &conn, &opbuf, ctx );
767 ** build a search filter for all configured attributes;
768 ** populate our Operation;
769 ** pass our data (attr list, dn) to backend via sc_private;
770 ** call the backend search function;
771 ** nb: (|(one=thing)) is valid, but do smart formatting anyway;
772 ** nb: 16 is arbitrarily a dozen or so extra bytes;
776 ftop.f_choice = LDAP_FILTER_OR;
779 op->ors_filter = &ftop;
780 for(ip = id->attrs; ip; ip = ip->next) {
781 /* this filter can be either EQUALITY or EXT */
782 fptr = op->o_tmpcalloc( sizeof(Filter) + sizeof(MatchingRuleAssertion),
783 1, op->o_tmpmemctx );
784 fptr->f_mra = (MatchingRuleAssertion *)(fptr+1);
785 fptr->f_mr_rule = mr_dnSubtreeMatch;
786 fptr->f_mr_rule_text = mr_dnSubtreeMatch->smr_bvoid;
787 fptr->f_mr_desc = ip->attr;
788 fptr->f_mr_dnattrs = 0;
789 fptr->f_next = ftop.f_or;
794 dependent_data *dp, *dp_next;
795 refint_attrs *ra, *ra_next;
797 if ( ldap_pvt_thread_pool_pausing( &connection_pool ) > 0 ) {
803 ldap_pvt_thread_mutex_lock( &id->qmutex );
806 id->qhead = rq->next;
810 ldap_pvt_thread_mutex_unlock( &id->qmutex );
814 for (fptr = ftop.f_or; fptr; fptr = fptr->f_next ) {
815 fptr->f_mr_value = rq->oldndn;
816 /* Use (attr:dnSubtreeMatch:=value) to catch subtree rename
817 * and subtree delete where supported */
819 fptr->f_choice = LDAP_FILTER_EXT;
821 fptr->f_choice = LDAP_FILTER_EQUALITY;
824 filter2bv_x( op, op->ors_filter, &op->ors_filterstr );
826 /* callback gets the searched dn instead */
828 cb.sc_response = refint_search_cb;
829 op->o_callback = &cb;
830 op->o_tag = LDAP_REQ_SEARCH;
831 op->ors_scope = LDAP_SCOPE_SUBTREE;
832 op->ors_deref = LDAP_DEREF_NEVER;
833 op->ors_limit = NULL;
834 op->ors_slimit = SLAP_NO_LIMIT;
835 op->ors_tlimit = SLAP_NO_LIMIT;
838 op->ors_attrs = slap_anlist_no_attrs;
840 slap_op_time( &op->o_time, &op->o_tincr );
842 if ( rq->db != NULL ) {
844 rc = refint_repair( op, id, rq );
849 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
850 /* we may want to skip cn=config */
851 if ( be == LDAP_STAILQ_FIRST(&backendDB) ) {
855 if ( be->be_search && be->be_modify ) {
857 rc = refint_repair( op, id, rq );
862 for ( dp = rq->attrs; dp; dp = dp_next ) {
864 for ( ra = dp->attrs; ra; ra = ra_next ) {
866 ber_bvarray_free_x( ra->new_nvals, op->o_tmpmemctx );
867 ber_bvarray_free_x( ra->new_vals, op->o_tmpmemctx );
868 ber_bvarray_free_x( ra->old_nvals, op->o_tmpmemctx );
869 ber_bvarray_free_x( ra->old_vals, op->o_tmpmemctx );
870 op->o_tmpfree( ra, op->o_tmpmemctx );
872 op->o_tmpfree( dp->ndn.bv_val, op->o_tmpmemctx );
873 op->o_tmpfree( dp->dn.bv_val, op->o_tmpmemctx );
874 op->o_tmpfree( dp, op->o_tmpmemctx );
876 op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx );
877 if ( rc == LDAP_BUSY ) {
879 /* re-queue this op */
880 ldap_pvt_thread_mutex_lock( &id->qmutex );
881 rq->next = id->qhead;
885 ldap_pvt_thread_mutex_unlock( &id->qmutex );
889 if ( !BER_BVISNULL( &rq->newndn )) {
890 ch_free( rq->newndn.bv_val );
891 ch_free( rq->newdn.bv_val );
893 ch_free( rq->oldndn.bv_val );
894 ch_free( rq->olddn.bv_val );
899 for ( fptr = ftop.f_or; fptr; ) {
900 Filter *f_next = fptr->f_next;
901 op->o_tmpfree( fptr, op->o_tmpmemctx );
905 /* wait until we get explicitly scheduled again */
906 ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex );
907 ldap_pvt_runqueue_stoptask( &slapd_rq, id->qtask );
909 /* try to run again as soon as the pause is done */
910 id->qtask->interval.tv_sec = 0;
911 ldap_pvt_runqueue_resched( &slapd_rq, id->qtask, 0 );
912 id->qtask->interval.tv_sec = RUNQ_INTERVAL;
914 ldap_pvt_runqueue_resched( &slapd_rq,id->qtask, 1 );
916 ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex );
923 ** search for matching records and modify them
940 /* If the main op failed or is not a Delete or ModRdn, ignore it */
941 if (( op->o_tag != LDAP_REQ_DELETE && op->o_tag != LDAP_REQ_MODRDN ) ||
942 rs->sr_err != LDAP_SUCCESS )
943 return SLAP_CB_CONTINUE;
945 rp = op->o_callback->sc_private;
947 id = on->on_bi.bi_private;
949 rq = ch_calloc( 1, sizeof( refint_q ));
950 ber_dupbv( &rq->olddn, &op->o_req_dn );
951 ber_dupbv( &rq->oldndn, &op->o_req_ndn );
954 rq->do_sub = rp->do_sub;
956 if ( op->o_tag == LDAP_REQ_MODRDN ) {
957 if ( op->oq_modrdn.rs_newSup ) {
958 pdn = *op->oq_modrdn.rs_newSup;
960 dnParent( &op->o_req_dn, &pdn );
962 build_new_dn( &rq->newdn, &pdn, &op->orr_newrdn, NULL );
963 if ( op->oq_modrdn.rs_nnewSup ) {
964 pdn = *op->oq_modrdn.rs_nnewSup;
966 dnParent( &op->o_req_ndn, &pdn );
968 build_new_dn( &rq->newndn, &pdn, &op->orr_nnewrdn, NULL );
971 ldap_pvt_thread_mutex_lock( &id->qmutex );
973 id->qtail->next = rq;
978 ldap_pvt_thread_mutex_unlock( &id->qmutex );
981 ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex );
983 id->qtask = ldap_pvt_runqueue_insert( &slapd_rq, RUNQ_INTERVAL,
984 refint_qtask, id, "refint_qtask",
985 op->o_bd->be_suffix[0].bv_val );
988 if ( !ldap_pvt_runqueue_isrunning( &slapd_rq, id->qtask ) &&
989 !id->qtask->next_sched.tv_sec ) {
990 id->qtask->interval.tv_sec = 0;
991 ldap_pvt_runqueue_resched( &slapd_rq, id->qtask, 0 );
992 id->qtask->interval.tv_sec = RUNQ_INTERVAL;
996 ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex );
998 slap_wake_listener();
1000 return SLAP_CB_CONTINUE;
1003 /* Check if the target entry exists and has children.
1004 * Do nothing if target doesn't exist.
1012 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1013 refint_data *id = on->on_bi.bi_private;
1017 /* are any attrs configured? */
1019 return SLAP_CB_CONTINUE;
1021 rc = overlay_entry_get_ov( op, &op->o_req_ndn, NULL, NULL, 0, &e, on );
1022 if ( rc == LDAP_SUCCESS ) {
1023 slap_callback *sc = op->o_tmpcalloc( 1,
1024 sizeof(slap_callback)+sizeof(refint_pre), op->o_tmpmemctx );
1025 refint_pre *rp = (refint_pre *)(sc+1);
1027 rp->do_sub = 1; /* assume there are children */
1028 if ( op->o_bd->be_has_subordinates ) {
1030 rc = op->o_bd->be_has_subordinates( op, e, &has );
1031 /* there definitely are not children */
1032 if ( rc == LDAP_SUCCESS && has == LDAP_COMPARE_FALSE )
1035 overlay_entry_release_ov( op, e, 0, on );
1036 sc->sc_response = refint_response;
1037 sc->sc_private = rp;
1038 sc->sc_next = op->o_callback;
1039 op->o_callback = sc;
1041 return SLAP_CB_CONTINUE;
1045 ** init_module is last so the symbols resolve "for free" --
1046 ** it expects to be called automagically during dynamic module initialization
1049 int refint_initialize() {
1052 mr_dnSubtreeMatch = mr_find( "dnSubtreeMatch" );
1053 if ( mr_dnSubtreeMatch == NULL ) {
1054 Debug( LDAP_DEBUG_ANY, "refint_initialize: "
1055 "unable to find MatchingRule 'dnSubtreeMatch'.\n",
1060 /* statically declared just after the #includes at top */
1061 refint.on_bi.bi_type = "refint";
1062 refint.on_bi.bi_db_init = refint_db_init;
1063 refint.on_bi.bi_db_destroy = refint_db_destroy;
1064 refint.on_bi.bi_db_open = refint_open;
1065 refint.on_bi.bi_db_close = refint_close;
1066 refint.on_bi.bi_op_delete = refint_preop;
1067 refint.on_bi.bi_op_modrdn = refint_preop;
1069 refint.on_bi.bi_cf_ocs = refintocs;
1070 rc = config_register_schema ( refintcfg, refintocs );
1071 if ( rc ) return rc;
1073 return(overlay_register(&refint));
1076 #if SLAPD_OVER_REFINT == SLAPD_MOD_DYNAMIC && defined(PIC)
1077 int init_module(int argc, char *argv[]) {
1078 return refint_initialize();
1082 #endif /* SLAPD_OVER_REFINT */