1 /* rwm.c - rewrite/remap operations */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2008 The OpenLDAP Foundation.
6 * Portions Copyright 2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
24 #include <ac/string.h>
31 typedef struct rwm_op_state {
37 AttributeName *mapped_attrs;
41 typedef struct rwm_op_cb {
47 rwm_db_destroy( BackendDB *be, ConfigReply *cr );
50 rwm_send_entry( Operation *op, SlapReply *rs );
53 rwm_op_rollback( Operation *op, SlapReply *rs, rwm_op_state *ros )
55 if ( !BER_BVISNULL( &ros->ro_dn ) ) {
56 op->o_req_dn = ros->ro_dn;
58 if ( !BER_BVISNULL( &ros->ro_ndn ) ) {
59 op->o_req_ndn = ros->ro_ndn;
62 if ( !BER_BVISNULL( &ros->r_dn )
63 && ros->r_dn.bv_val != ros->ro_dn.bv_val )
65 assert( ros->r_dn.bv_val != ros->r_ndn.bv_val );
66 ch_free( ros->r_dn.bv_val );
67 BER_BVZERO( &ros->r_dn );
70 if ( !BER_BVISNULL( &ros->r_ndn )
71 && ros->r_ndn.bv_val != ros->ro_ndn.bv_val )
73 ch_free( ros->r_ndn.bv_val );
74 BER_BVZERO( &ros->r_ndn );
77 BER_BVZERO( &ros->ro_dn );
78 BER_BVZERO( &ros->ro_ndn );
80 switch( ros->r_tag ) {
81 case LDAP_REQ_COMPARE:
82 if ( op->orc_ava->aa_value.bv_val != ros->orc_ava->aa_value.bv_val )
83 op->o_tmpfree( op->orc_ava->aa_value.bv_val, op->o_tmpmemctx );
84 op->orc_ava = ros->orc_ava;
87 slap_mods_free( op->orm_modlist, 1 );
88 op->orm_modlist = ros->orm_modlist;
91 if ( op->orr_newSup != ros->orr_newSup ) {
92 ch_free( op->orr_newSup->bv_val );
93 ch_free( op->orr_nnewSup->bv_val );
94 op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
95 op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
96 op->orr_newSup = ros->orr_newSup;
97 op->orr_nnewSup = ros->orr_nnewSup;
100 case LDAP_REQ_SEARCH:
101 ch_free( ros->mapped_attrs );
102 filter_free_x( op, op->ors_filter, 1 );
103 ch_free( op->ors_filterstr.bv_val );
104 op->ors_attrs = ros->ors_attrs;
105 op->ors_filter = ros->ors_filter;
106 op->ors_filterstr = ros->ors_filterstr;
108 case LDAP_REQ_EXTENDED:
109 if ( op->ore_reqdata != ros->ore_reqdata ) {
110 ber_bvfree( op->ore_reqdata );
111 op->ore_reqdata = ros->ore_reqdata;
115 if ( rs->sr_err == LDAP_SUCCESS ) {
117 ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
118 /* too late, c_mutex released */
119 fprintf( stderr, "*** DN: \"%s\" => \"%s\"\n",
120 op->o_conn->c_ndn.bv_val,
121 op->o_req_ndn.bv_val );
122 ber_bvreplace( &op->o_conn->c_ndn,
124 ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
133 rwm_op_cleanup( Operation *op, SlapReply *rs )
135 slap_callback *cb = op->o_callback;
136 rwm_op_state *ros = cb->sc_private;
138 if ( rs->sr_type == REP_RESULT || rs->sr_type == REP_EXTENDED ||
139 op->o_abandon || rs->sr_err == SLAPD_ABANDON )
141 rwm_op_rollback( op, rs, ros );
143 op->o_callback = op->o_callback->sc_next;
144 op->o_tmpfree( cb, op->o_tmpmemctx );
147 return SLAP_CB_CONTINUE;
151 rwm_callback_get( Operation *op, SlapReply *rs )
153 rwm_op_cb *roc = NULL;
155 roc = op->o_tmpalloc( sizeof( struct rwm_op_cb ), op->o_tmpmemctx );
156 roc->cb.sc_cleanup = rwm_op_cleanup;
157 roc->cb.sc_response = NULL;
158 roc->cb.sc_next = op->o_callback;
159 roc->cb.sc_private = &roc->ros;
160 roc->ros.r_tag = op->o_tag;
161 roc->ros.ro_dn = op->o_req_dn;
162 roc->ros.ro_ndn = op->o_req_ndn;
163 roc->ros.o_request = op->o_request;
164 BER_BVZERO( &roc->ros.r_dn );
165 BER_BVZERO( &roc->ros.r_ndn );
172 rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie,
175 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
176 struct ldaprwmap *rwmap =
177 (struct ldaprwmap *)on->on_bi.bi_private;
179 struct berval dn = BER_BVNULL,
185 * Rewrite the dn if needed
188 dc.conn = op->o_conn;
190 dc.ctx = (char *)cookie;
192 /* NOTE: in those cases where only the ndn is available,
193 * and the caller sets op->o_req_dn = op->o_req_ndn,
194 * only rewrite the op->o_req_ndn and use it as
195 * op->o_req_dn as well */
197 if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
199 rc = rwm_dn_massage_pretty_normalize( &dc, &op->o_req_dn, &dn, &ndn );
201 rc = rwm_dn_massage_normalize( &dc, &op->o_req_ndn, &ndn );
204 if ( rc != LDAP_SUCCESS ) {
208 if ( ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val && dn.bv_val == op->o_req_dn.bv_val )
209 || ndn.bv_val == op->o_req_ndn.bv_val )
214 if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
216 assert( BER_BVISNULL( &ros->r_dn ) );
222 assert( BER_BVISNULL( &ros->r_ndn ) );
229 rwm_op_add( Operation *op, SlapReply *rs )
231 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
232 struct ldaprwmap *rwmap =
233 (struct ldaprwmap *)on->on_bi.bi_private;
237 Attribute **ap = NULL;
238 char *olddn = op->o_req_dn.bv_val;
241 rwm_op_cb *roc = rwm_callback_get( op, rs );
243 rc = rwm_op_dn_massage( op, rs, "addDN", &roc->ros );
244 if ( rc != LDAP_SUCCESS ) {
245 op->o_bd->bd_info = (BackendInfo *)on->on_info;
246 send_ldap_error( op, rs, rc, "addDN massage error" );
250 if ( olddn != op->o_req_dn.bv_val ) {
251 ber_bvreplace( &op->ora_e->e_name, &op->o_req_dn );
252 ber_bvreplace( &op->ora_e->e_nname, &op->o_req_ndn );
255 /* Count number of attributes in entry */
256 isupdate = be_shadow_update( op );
257 for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
260 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass ||
261 (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
265 last = (*ap)->a_numvals - 1;
266 for ( j = 0; !BER_BVISNULL( &(*ap)->a_vals[ j ] ); j++ ) {
267 struct ldapmapping *mapping = NULL;
269 ( void )rwm_mapping( &rwmap->rwm_oc, &(*ap)->a_vals[ j ],
271 if ( mapping == NULL ) {
272 if ( rwmap->rwm_at.drop_missing ) {
273 /* FIXME: we allow to remove objectClasses as well;
274 * if the resulting entry is inconsistent, that's
275 * the relayed database's business...
277 ch_free( (*ap)->a_vals[ j ].bv_val );
279 (*ap)->a_vals[ j ] = (*ap)->a_vals[ last ];
281 BER_BVZERO( &(*ap)->a_vals[ last ] );
288 ch_free( (*ap)->a_vals[ j ].bv_val );
289 ber_dupbv( &(*ap)->a_vals[ j ], &mapping->m_dst );
293 } else if ( !isupdate && !get_relax( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
298 struct ldapmapping *mapping = NULL;
300 ( void )rwm_mapping( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
302 if ( mapping == NULL ) {
303 if ( rwmap->rwm_at.drop_missing ) {
308 if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
309 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
312 * FIXME: rewrite could fail; in this case
313 * the operation should give up, right?
315 rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
317 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
322 } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
323 rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
325 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
326 if ( rc != LDAP_SUCCESS ) {
331 if ( mapping != NULL ) {
332 assert( mapping->m_dst_ad != NULL );
333 (*ap)->a_desc = mapping->m_dst_ad;
342 /* FIXME: leaking attribute/values? */
349 op->o_callback = &roc->cb;
351 return SLAP_CB_CONTINUE;
355 rwm_conn_init( BackendDB *be, Connection *conn )
357 slap_overinst *on = (slap_overinst *) be->bd_info;
358 struct ldaprwmap *rwmap =
359 (struct ldaprwmap *)on->on_bi.bi_private;
361 ( void )rewrite_session_init( rwmap->rwm_rw, conn );
363 return SLAP_CB_CONTINUE;
367 rwm_conn_destroy( BackendDB *be, Connection *conn )
369 slap_overinst *on = (slap_overinst *) be->bd_info;
370 struct ldaprwmap *rwmap =
371 (struct ldaprwmap *)on->on_bi.bi_private;
373 ( void )rewrite_session_delete( rwmap->rwm_rw, conn );
375 return SLAP_CB_CONTINUE;
379 rwm_op_bind( Operation *op, SlapReply *rs )
381 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
384 rwm_op_cb *roc = rwm_callback_get( op, rs );
386 rc = rwm_op_dn_massage( op, rs, "bindDN", &roc->ros );
387 if ( rc != LDAP_SUCCESS ) {
388 op->o_bd->bd_info = (BackendInfo *)on->on_info;
389 send_ldap_error( op, rs, rc, "bindDN massage error" );
393 overlay_callback_after_backover( op, &roc->cb, 1 );
395 return SLAP_CB_CONTINUE;
399 rwm_op_unbind( Operation *op, SlapReply *rs )
401 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
402 struct ldaprwmap *rwmap =
403 (struct ldaprwmap *)on->on_bi.bi_private;
405 rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
407 return SLAP_CB_CONTINUE;
411 rwm_op_compare( Operation *op, SlapReply *rs )
413 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
414 struct ldaprwmap *rwmap =
415 (struct ldaprwmap *)on->on_bi.bi_private;
418 struct berval mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
420 rwm_op_cb *roc = rwm_callback_get( op, rs );
422 rc = rwm_op_dn_massage( op, rs, "compareDN", &roc->ros );
423 if ( rc != LDAP_SUCCESS ) {
424 op->o_bd->bd_info = (BackendInfo *)on->on_info;
425 send_ldap_error( op, rs, rc, "compareDN massage error" );
429 /* if the attribute is an objectClass, try to remap its value */
430 if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass
431 || op->orc_ava->aa_desc == slap_schema.si_ad_structuralObjectClass )
433 rwm_map( &rwmap->rwm_oc, &op->orc_ava->aa_value,
434 &mapped_vals[0], RWM_MAP );
435 if ( BER_BVISNULL( &mapped_vals[0] ) || BER_BVISEMPTY( &mapped_vals[0] ) )
437 op->o_bd->bd_info = (BackendInfo *)on->on_info;
438 send_ldap_error( op, rs, LDAP_OTHER, "compare objectClass map error" );
441 } else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
442 ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
447 struct ldapmapping *mapping = NULL;
448 AttributeDescription *ad = op->orc_ava->aa_desc;
450 ( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
452 if ( mapping == NULL ) {
453 if ( rwmap->rwm_at.drop_missing ) {
454 op->o_bd->bd_info = (BackendInfo *)on->on_info;
455 send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
460 assert( mapping->m_dst_ad != NULL );
461 ad = mapping->m_dst_ad;
464 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
465 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
467 struct berval *mapped_valsp[2];
469 mapped_valsp[0] = &mapped_vals[0];
470 mapped_valsp[1] = &mapped_vals[1];
472 mapped_vals[0] = op->orc_ava->aa_value;
474 rc = rwm_dnattr_rewrite( op, rs, "compareAttrDN", NULL, mapped_valsp );
476 if ( rc != LDAP_SUCCESS ) {
477 op->o_bd->bd_info = (BackendInfo *)on->on_info;
478 send_ldap_error( op, rs, rc, "compareAttrDN massage error" );
482 if ( mapped_vals[ 0 ].bv_val != op->orc_ava->aa_value.bv_val ) {
483 /* NOTE: if we get here, rwm_dnattr_rewrite()
484 * already freed the old value, so now
486 ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
488 ber_memfree_x( mapped_vals[ 0 ].bv_val, NULL );
491 op->orc_ava->aa_desc = ad;
494 op->o_callback = &roc->cb;
496 return SLAP_CB_CONTINUE;
500 rwm_op_delete( Operation *op, SlapReply *rs )
502 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
505 rwm_op_cb *roc = rwm_callback_get( op, rs );
507 rc = rwm_op_dn_massage( op, rs, "deleteDN", &roc->ros );
508 if ( rc != LDAP_SUCCESS ) {
509 op->o_bd->bd_info = (BackendInfo *)on->on_info;
510 send_ldap_error( op, rs, rc, "deleteDN massage error" );
514 op->o_callback = &roc->cb;
516 return SLAP_CB_CONTINUE;
520 rwm_op_modify( Operation *op, SlapReply *rs )
522 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
523 struct ldaprwmap *rwmap =
524 (struct ldaprwmap *)on->on_bi.bi_private;
530 rwm_op_cb *roc = rwm_callback_get( op, rs );
532 rc = rwm_op_dn_massage( op, rs, "modifyDN", &roc->ros );
533 if ( rc != LDAP_SUCCESS ) {
534 op->o_bd->bd_info = (BackendInfo *)on->on_info;
535 send_ldap_error( op, rs, rc, "modifyDN massage error" );
539 isupdate = be_shadow_update( op );
540 for ( mlp = &op->orm_modlist; *mlp; ) {
542 Modifications *ml = *mlp;
543 struct ldapmapping *mapping = NULL;
545 /* ml points to a temporary mod until needs duplication */
546 if ( ml->sml_desc == slap_schema.si_ad_objectClass
547 || ml->sml_desc == slap_schema.si_ad_structuralObjectClass )
551 } else if ( !isupdate && !get_relax( op ) && ml->sml_desc->ad_type->sat_no_user_mod )
553 ml = ch_malloc( sizeof( Modifications ) );
555 if ( (*mlp)->sml_values ) {
556 ber_bvarray_dup_x( &ml->sml_values, (*mlp)->sml_values, NULL );
557 if ( (*mlp)->sml_nvalues ) {
558 ber_bvarray_dup_x( &ml->sml_nvalues, (*mlp)->sml_nvalues, NULL );
567 drop_missing = rwm_mapping( &rwmap->rwm_at,
568 &ml->sml_desc->ad_cname,
570 if ( drop_missing || ( mapping != NULL && BER_BVISNULL( &mapping->m_dst ) ) )
576 /* duplicate the modlist */
577 ml = ch_malloc( sizeof( Modifications ));
581 if ( ml->sml_values != NULL ) {
585 for ( num = 0; !BER_BVISNULL( &ml->sml_values[ num ] ); num++ )
588 bva = ch_malloc( (num+1) * sizeof( struct berval ));
589 for (i=0; i<num; i++)
590 ber_dupbv( &bva[i], &ml->sml_values[i] );
591 BER_BVZERO( &bva[i] );
592 ml->sml_values = bva;
594 if ( ml->sml_nvalues ) {
595 bva = ch_malloc( (num+1) * sizeof( struct berval ));
596 for (i=0; i<num; i++)
597 ber_dupbv( &bva[i], &ml->sml_nvalues[i] );
598 BER_BVZERO( &bva[i] );
599 ml->sml_nvalues = bva;
607 for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ ) {
608 struct ldapmapping *oc_mapping = NULL;
610 ( void )rwm_mapping( &rwmap->rwm_oc, &ml->sml_values[ j ],
611 &oc_mapping, RWM_MAP );
612 if ( oc_mapping == NULL ) {
613 if ( rwmap->rwm_at.drop_missing ) {
614 /* FIXME: we allow to remove objectClasses as well;
615 * if the resulting entry is inconsistent, that's
616 * the relayed database's business...
619 ch_free( ml->sml_values[ j ].bv_val );
620 ml->sml_values[ j ] = ml->sml_values[ last ];
622 BER_BVZERO( &ml->sml_values[ last ] );
628 ch_free( ml->sml_values[ j ].bv_val );
629 ber_dupbv( &ml->sml_values[ j ], &oc_mapping->m_dst );
634 if ( ml->sml_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
635 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
637 rc = rwm_dnattr_rewrite( op, rs, "modifyAttrDN",
639 ml->sml_nvalues ? &ml->sml_nvalues : NULL );
641 } else if ( ml->sml_desc == slap_schema.si_ad_ref ) {
642 rc = rwm_referral_rewrite( op, rs,
645 ml->sml_nvalues ? &ml->sml_nvalues : NULL );
646 if ( rc != LDAP_SUCCESS ) {
651 if ( rc != LDAP_SUCCESS ) {
658 if ( mapping != NULL ) {
659 /* use new attribute description */
660 assert( mapping->m_dst_ad != NULL );
661 ml->sml_desc = mapping->m_dst_ad;
669 *mlp = (*mlp)->sml_next;
670 slap_mod_free( &ml->sml_mod, 0 );
674 op->o_callback = &roc->cb;
676 return SLAP_CB_CONTINUE;
680 rwm_op_modrdn( Operation *op, SlapReply *rs )
682 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
683 struct ldaprwmap *rwmap =
684 (struct ldaprwmap *)on->on_bi.bi_private;
688 rwm_op_cb *roc = rwm_callback_get( op, rs );
690 if ( op->orr_newSup ) {
692 struct berval nnewSup = BER_BVNULL;
693 struct berval newSup = BER_BVNULL;
696 * Rewrite the new superior, if defined and required
699 dc.conn = op->o_conn;
701 dc.ctx = "newSuperiorDN";
702 newSup = *op->orr_newSup;
703 nnewSup = *op->orr_nnewSup;
704 rc = rwm_dn_massage_pretty_normalize( &dc, op->orr_newSup, &newSup, &nnewSup );
705 if ( rc != LDAP_SUCCESS ) {
706 op->o_bd->bd_info = (BackendInfo *)on->on_info;
707 send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
711 if ( op->orr_newSup->bv_val != newSup.bv_val ) {
712 op->orr_newSup = op->o_tmpalloc( sizeof( struct berval ),
714 op->orr_nnewSup = op->o_tmpalloc( sizeof( struct berval ),
716 *op->orr_newSup = newSup;
717 *op->orr_nnewSup = nnewSup;
722 * Rewrite the dn, if needed
724 rc = rwm_op_dn_massage( op, rs, "renameDN", &roc->ros );
725 if ( rc != LDAP_SUCCESS ) {
726 op->o_bd->bd_info = (BackendInfo *)on->on_info;
727 send_ldap_error( op, rs, rc, "renameDN massage error" );
728 if ( op->orr_newSup != roc->ros.orr_newSup ) {
729 ch_free( op->orr_newSup->bv_val );
730 ch_free( op->orr_nnewSup->bv_val );
731 op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
732 op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
733 op->orr_newSup = roc->ros.orr_newSup;
734 op->orr_nnewSup = roc->ros.orr_nnewSup;
739 /* TODO: rewrite newRDN, attribute types,
740 * values of DN-valued attributes (hopefully not used in RDN)... */
742 op->o_callback = &roc->cb;
744 return SLAP_CB_CONTINUE;
749 rwm_swap_attrs( Operation *op, SlapReply *rs )
751 slap_callback *cb = op->o_callback;
752 rwm_op_state *ros = cb->sc_private;
754 rs->sr_attrs = ros->ors_attrs;
756 /* other overlays might have touched op->ors_attrs,
757 * so we restore the original version here, otherwise
758 * attribute-mapping might fail */
759 op->ors_attrs = ros->mapped_attrs;
761 return SLAP_CB_CONTINUE;
765 * NOTE: this implementation of get/release entry is probably far from
766 * optimal. The rationale consists in intercepting the request directed
767 * to the underlying database, in order to rewrite/remap the request,
768 * perform it using the modified data, duplicate the resulting entry
769 * and finally free it when release is called.
770 * This implies that subsequent overlays are not called, as the request
771 * is directly shunted to the underlying database.
774 rwm_entry_release_rw( Operation *op, Entry *e, int rw )
776 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
779 if ( ((BackendInfo *)on->on_info->oi_orig)->bi_entry_get_rw == NULL ) {
780 return SLAP_CB_CONTINUE;
783 /* just free entry if (probably) ours */
784 if ( e->e_private == NULL ) {
789 return SLAP_CB_CONTINUE;
793 rwm_entry_get_rw( Operation *op, struct berval *ndn,
794 ObjectClass *oc, AttributeDescription *at, int rw, Entry **ep )
796 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
797 struct ldaprwmap *rwmap =
798 (struct ldaprwmap *)on->on_bi.bi_private;
805 SlapReply rs = { REP_SEARCH };
807 rwm_op_state ros = { 0 };
809 if ( ((BackendInfo *)on->on_info->oi_orig)->bi_entry_get_rw == NULL ) {
810 return SLAP_CB_CONTINUE;
814 op2.o_tag = LDAP_REQ_SEARCH;
817 op2.o_req_ndn = *ndn;
818 rc = rwm_op_dn_massage( &op2, &rs, "searchDN", &ros );
819 if ( rc != LDAP_SUCCESS ) {
823 /* map attribute & objectClass */
833 op2.o_bd->bd_info = (BackendInfo *)on->on_info->oi_orig;
834 op2.ors_attrs = slap_anlist_all_attributes;
835 rc = op2.o_bd->bd_info->bi_entry_get_rw( &op2, &ros.r_ndn, oc, at, rw, ep );
836 if ( rc == LDAP_SUCCESS && *ep != NULL ) {
839 /* duplicate & release */
840 op2.o_bd->bd_info = (BackendInfo *)on;
841 rc = rwm_send_entry( &op2, &rs );
842 if ( rc == SLAP_CB_CONTINUE ) {
848 if ( ros.r_ndn.bv_val != ndn->bv_val ) {
849 op->o_tmpfree( ros.r_ndn.bv_val, op->o_tmpmemctx );
856 rwm_op_search( Operation *op, SlapReply *rs )
858 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
859 struct ldaprwmap *rwmap =
860 (struct ldaprwmap *)on->on_bi.bi_private;
865 struct berval fstr = BER_BVNULL;
868 AttributeName *an = NULL;
872 rwm_op_cb *roc = rwm_callback_get( op, rs );
874 rc = rewrite_session_var_set( rwmap->rwm_rw, op->o_conn,
875 "searchFilter", op->ors_filterstr.bv_val );
876 if ( rc == LDAP_SUCCESS )
877 rc = rwm_op_dn_massage( op, rs, "searchDN", &roc->ros );
878 if ( rc != LDAP_SUCCESS ) {
879 text = "searchDN massage error";
884 * Rewrite the dn if needed
887 dc.conn = op->o_conn;
889 dc.ctx = "searchFilterAttrDN";
891 rc = rwm_filter_map_rewrite( op, &dc, op->ors_filter, &fstr );
892 if ( rc != LDAP_SUCCESS ) {
893 text = "searchFilter/searchFilterAttrDN massage error";
897 f = str2filter_x( op, fstr.bv_val );
900 text = "massaged filter parse error";
905 op->ors_filterstr = fstr;
907 rc = rwm_map_attrnames( &rwmap->rwm_at, &rwmap->rwm_oc,
908 op->ors_attrs, &an, RWM_MAP );
909 if ( rc != LDAP_SUCCESS ) {
910 text = "attribute list mapping error";
915 /* store the mapped Attributes for later usage, in
916 * the case that other overlays change op->ors_attrs */
917 roc->ros.mapped_attrs = an;
918 roc->cb.sc_response = rwm_swap_attrs;
920 op->o_callback = &roc->cb;
922 return SLAP_CB_CONTINUE;
930 filter_free_x( op, f, 1 );
933 if ( !BER_BVISNULL( &fstr ) ) {
934 ch_free( fstr.bv_val );
937 rwm_op_rollback( op, rs, &roc->ros );
938 op->oq_search = roc->ros.oq_search;
939 op->o_tmpfree( roc, op->o_tmpmemctx );
941 op->o_bd->bd_info = (BackendInfo *)on->on_info;
942 send_ldap_error( op, rs, rc, text );
949 rwm_exop_passwd( Operation *op, SlapReply *rs )
951 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
955 struct berval id = BER_BVNULL,
958 BerElement *ber = NULL;
960 if ( !BER_BVISNULL( &op->o_req_ndn ) ) {
964 if ( !SLAP_ISGLOBALOVERLAY( op->o_bd ) ) {
965 rs->sr_err = LDAP_OTHER;
969 rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
970 &pwold, &pwnew, &rs->sr_text );
971 if ( rs->sr_err != LDAP_SUCCESS ) {
975 if ( !BER_BVISNULL( &id ) ) {
976 char idNul = id.bv_val[id.bv_len];
977 id.bv_val[id.bv_len] = '\0';
978 rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
979 &op->o_req_ndn, op->o_tmpmemctx );
980 id.bv_val[id.bv_len] = idNul;
981 if ( rs->sr_err != LDAP_SUCCESS ) {
982 rs->sr_text = "Invalid DN";
987 ber_dupbv_x( &op->o_req_dn, &op->o_dn, op->o_tmpmemctx );
988 ber_dupbv_x( &op->o_req_ndn, &op->o_ndn, op->o_tmpmemctx );
991 roc = rwm_callback_get( op, rs );
993 rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
994 if ( rc != LDAP_SUCCESS ) {
995 op->o_bd->bd_info = (BackendInfo *)on->on_info;
996 send_ldap_error( op, rs, rc, "extendedDN massage error" );
1000 ber = ber_alloc_t( LBER_USE_DER );
1002 rs->sr_err = LDAP_OTHER;
1003 rs->sr_text = "No memory";
1006 ber_printf( ber, "{" );
1007 if ( !BER_BVISNULL( &id )) {
1008 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID,
1011 if ( !BER_BVISNULL( &pwold )) {
1012 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &pwold );
1014 if ( !BER_BVISNULL( &pwnew )) {
1015 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &pwnew );
1017 ber_printf( ber, "N}" );
1018 ber_flatten( ber, &op->ore_reqdata );
1021 op->o_callback = &roc->cb;
1023 return SLAP_CB_CONTINUE;
1026 static struct exop {
1028 BI_op_extended *extended;
1030 { BER_BVC(LDAP_EXOP_MODIFY_PASSWD), rwm_exop_passwd },
1031 { BER_BVNULL, NULL }
1035 rwm_extended( Operation *op, SlapReply *rs )
1037 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1043 for ( i = 0; exop_table[i].extended != NULL; i++ ) {
1044 if ( bvmatch( &exop_table[i].oid, &op->oq_extended.rs_reqoid ) )
1046 rc = exop_table[i].extended( op, rs );
1051 case SLAP_CB_CONTINUE:
1056 send_ldap_result( op, rs );
1063 roc = rwm_callback_get( op, rs );
1065 rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
1066 if ( rc != LDAP_SUCCESS ) {
1067 op->o_bd->bd_info = (BackendInfo *)on->on_info;
1068 send_ldap_error( op, rs, rc, "extendedDN massage error" );
1072 /* TODO: rewrite/map extended data ? ... */
1073 op->o_callback = &roc->cb;
1075 return SLAP_CB_CONTINUE;
1079 rwm_matched( Operation *op, SlapReply *rs )
1081 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1082 struct ldaprwmap *rwmap =
1083 (struct ldaprwmap *)on->on_bi.bi_private;
1085 struct berval dn, mdn;
1089 if ( rs->sr_matched == NULL ) {
1090 return SLAP_CB_CONTINUE;
1094 dc.conn = op->o_conn;
1096 dc.ctx = "matchedDN";
1097 ber_str2bv( rs->sr_matched, 0, 0, &dn );
1099 rc = rwm_dn_massage_pretty( &dc, &dn, &mdn );
1100 if ( rc != LDAP_SUCCESS ) {
1102 rs->sr_text = "Rewrite error";
1106 if ( mdn.bv_val != dn.bv_val ) {
1107 if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
1108 ch_free( (void *)rs->sr_matched );
1111 rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
1113 rs->sr_matched = mdn.bv_val;
1116 return SLAP_CB_CONTINUE;
1120 rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
1122 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1123 struct ldaprwmap *rwmap =
1124 (struct ldaprwmap *)on->on_bi.bi_private;
1130 int check_duplicate_attrs = 0;
1133 * Rewrite the dn attrs, if needed
1136 dc.conn = op->o_conn;
1139 /* FIXME: the entries are in the remote mapping form;
1140 * so we need to select those attributes we are willing
1141 * to return, and remap them accordingly */
1143 /* FIXME: in principle, one could map an attribute
1144 * on top of another, which already exists.
1145 * As such, in the end there might exist more than
1146 * one instance of an attribute.
1147 * We should at least check if this occurs, and issue
1148 * an error (because multiple instances of attrs in
1149 * response are not valid), or merge the values (what
1150 * about duplicate values?) */
1151 isupdate = be_shadow_update( op );
1152 for ( ap = a_first; *ap; ) {
1153 struct ldapmapping *mapping = NULL;
1158 if ( SLAP_OPATTRS( rs->sr_attr_flags ) && is_at_operational( (*ap)->a_desc->ad_type ) )
1163 if ( op->ors_attrs != NULL &&
1164 !SLAP_USERATTRS( rs->sr_attr_flags ) &&
1165 !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
1170 drop_missing = rwm_mapping( &rwmap->rwm_at,
1171 &(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
1172 if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
1176 if ( mapping != NULL ) {
1177 assert( mapping->m_dst_ad != NULL );
1179 /* try to normalize mapped Attributes if the original
1180 * AttributeType was not normalized */
1181 if ( (!(*ap)->a_desc->ad_type->sat_equality ||
1182 !(*ap)->a_desc->ad_type->sat_equality->smr_normalize) &&
1183 mapping->m_dst_ad->ad_type->sat_equality &&
1184 mapping->m_dst_ad->ad_type->sat_equality->smr_normalize )
1186 if ((rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS))
1190 last = (*ap)->a_numvals;
1193 (*ap)->a_nvals = ch_malloc( (last+1) * sizeof(struct berval) );
1195 for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[i]); i++ ) {
1198 * check that each value is valid per syntax
1199 * and pretty if appropriate
1201 rc = mapping->m_dst_ad->ad_type->sat_equality->smr_normalize(
1202 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
1203 mapping->m_dst_ad->ad_type->sat_syntax,
1204 mapping->m_dst_ad->ad_type->sat_equality,
1205 &(*ap)->a_vals[i], &(*ap)->a_nvals[i],
1208 if ( rc != LDAP_SUCCESS ) {
1209 BER_BVZERO( &(*ap)->a_nvals[i] );
1212 BER_BVZERO( &(*ap)->a_nvals[i] );
1216 assert( (*ap)->a_nvals == (*ap)->a_vals );
1217 (*ap)->a_nvals = NULL;
1218 ber_bvarray_dup_x( &(*ap)->a_nvals, (*ap)->a_vals, NULL );
1222 /* rewrite the attribute description */
1223 (*ap)->a_desc = mapping->m_dst_ad;
1225 /* will need to check for duplicate attrs */
1226 check_duplicate_attrs++;
1230 if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
1231 if ( stripEntryDN ) {
1232 /* will be generated by frontend */
1236 } else if ( !isupdate
1238 && (*ap)->a_desc->ad_type->sat_no_user_mod
1239 && (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
1244 if ( last == -1 ) { /* not yet counted */
1245 last = (*ap)->a_numvals;
1249 /* empty? leave it in place because of attrsonly and vlv */
1254 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass
1255 || (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
1259 for ( bv = (*ap)->a_vals; !BER_BVISNULL( bv ); bv++ ) {
1260 struct berval mapped;
1262 rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
1263 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
1265 ch_free( bv[0].bv_val );
1266 BER_BVZERO( &bv[0] );
1267 if ( &(*ap)->a_vals[last] > &bv[0] ) {
1268 bv[0] = (*ap)->a_vals[last];
1269 BER_BVZERO( &(*ap)->a_vals[last] );
1274 } else if ( mapped.bv_val != bv[0].bv_val
1275 && ber_bvstrcasecmp( &mapped, &bv[0] ) != 0 )
1279 for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[ i ] ); i++ ) {
1280 if ( &(*ap)->a_vals[ i ] == bv ) {
1284 if ( ber_bvstrcasecmp( &mapped, &(*ap)->a_vals[ i ] ) == 0 ) {
1289 if ( !BER_BVISNULL( &(*ap)->a_vals[ i ] ) ) {
1294 * FIXME: after LBER_FREEing
1295 * the value is replaced by
1296 * ch_alloc'ed memory
1298 ber_bvreplace( &bv[0], &mapped );
1300 /* FIXME: will need to check
1301 * if the structuralObjectClass
1307 * It is necessary to try to rewrite attributes with
1308 * dn syntax because they might be used in ACLs as
1309 * members of groups; since ACLs are applied to the
1310 * rewritten stuff, no dn-based subject clause could
1311 * be used at the ldap backend side (see
1312 * http://www.OpenLDAP.org/faq/data/cache/452.html)
1313 * The problem can be overcome by moving the dn-based
1314 * ACLs to the target directory server, and letting
1315 * everything pass thru the ldap backend. */
1316 /* FIXME: handle distinguishedName-like syntaxes, like
1317 * nameAndOptionalUID */
1318 } else if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
1319 || ( mapping != NULL && mapping->m_src_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
1321 dc.ctx = "searchAttrDN";
1322 rc = rwm_dnattr_result_rewrite( &dc, (*ap)->a_vals, (*ap)->a_nvals );
1323 if ( rc != LDAP_SUCCESS ) {
1327 } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
1328 dc.ctx = "searchAttrDN";
1329 rc = rwm_referral_result_rewrite( &dc, (*ap)->a_vals );
1330 if ( rc != LDAP_SUCCESS ) {
1337 ap = &(*ap)->a_next;
1342 *ap = (*ap)->a_next;
1347 /* only check if some mapping occurred */
1348 if ( check_duplicate_attrs ) {
1349 for ( ap = a_first; *ap != NULL; ap = &(*ap)->a_next ) {
1352 for ( tap = &(*ap)->a_next; *tap != NULL; ) {
1353 if ( (*tap)->a_desc == (*ap)->a_desc ) {
1355 Modification mod = { 0 };
1356 const char *text = NULL;
1357 char textbuf[ SLAP_TEXT_BUFLEN ];
1358 Attribute *next = (*tap)->a_next;
1360 BER_BVSTR( &e.e_name, "" );
1361 BER_BVSTR( &e.e_nname, "" );
1363 mod.sm_op = LDAP_MOD_ADD;
1364 mod.sm_desc = (*ap)->a_desc;
1365 mod.sm_type = mod.sm_desc->ad_cname;
1366 mod.sm_numvals = (*tap)->a_numvals;
1367 mod.sm_values = (*tap)->a_vals;
1368 if ( (*tap)->a_nvals != (*tap)->a_vals ) {
1369 mod.sm_nvalues = (*tap)->a_nvals;
1372 (void)modify_add_values( &e, &mod,
1374 &text, textbuf, sizeof( textbuf ) );
1376 /* should not insert new attrs! */
1377 assert( e.e_attrs == *ap );
1383 tap = &(*tap)->a_next;
1393 rwm_send_entry( Operation *op, SlapReply *rs )
1395 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1396 struct ldaprwmap *rwmap =
1397 (struct ldaprwmap *)on->on_bi.bi_private;
1401 struct berval dn = BER_BVNULL,
1406 assert( rs->sr_entry != NULL );
1409 * Rewrite the dn of the result, if needed
1412 dc.conn = op->o_conn;
1414 dc.ctx = "searchEntryDN";
1417 flags = rs->sr_flags;
1418 if ( !( rs->sr_flags & REP_ENTRY_MODIFIABLE ) ) {
1419 /* FIXME: all we need to duplicate are:
1422 * - attributes that are requested
1423 * - no values if attrsonly is set
1428 rc = LDAP_NO_MEMORY;
1432 flags &= ~REP_ENTRY_MUSTRELEASE;
1433 flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
1437 * Note: this may fail if the target host(s) schema differs
1438 * from the one known to the meta, and a DN with unknown
1439 * attributes is returned.
1443 rc = rwm_dn_massage_pretty_normalize( &dc, &e->e_name, &dn, &ndn );
1444 if ( rc != LDAP_SUCCESS ) {
1449 if ( e->e_name.bv_val != dn.bv_val ) {
1450 ch_free( e->e_name.bv_val );
1451 ch_free( e->e_nname.bv_val );
1457 /* TODO: map entry attribute types, objectclasses
1458 * and dn-valued attribute values */
1460 /* FIXME: the entries are in the remote mapping form;
1461 * so we need to select those attributes we are willing
1462 * to return, and remap them accordingly */
1463 (void)rwm_attrs( op, rs, &e->e_attrs, 1 );
1465 if ( rs->sr_flags & REP_ENTRY_MUSTRELEASE ) {
1466 overlay_entry_release_ov( op, rs->sr_entry, 0, on );
1470 rs->sr_flags = flags;
1472 return SLAP_CB_CONTINUE;
1475 if ( e != NULL && e != rs->sr_entry ) {
1476 if ( e->e_name.bv_val == dn.bv_val ) {
1477 BER_BVZERO( &e->e_name );
1480 if ( e->e_nname.bv_val == ndn.bv_val ) {
1481 BER_BVZERO( &e->e_nname );
1487 if ( !BER_BVISNULL( &dn ) ) {
1488 ch_free( dn.bv_val );
1491 if ( !BER_BVISNULL( &ndn ) ) {
1492 ch_free( ndn.bv_val );
1499 rwm_operational( Operation *op, SlapReply *rs )
1501 /* FIXME: the entries are in the remote mapping form;
1502 * so we need to select those attributes we are willing
1503 * to return, and remap them accordingly */
1504 if ( rs->sr_operational_attrs ) {
1505 rwm_attrs( op, rs, &rs->sr_operational_attrs, 1 );
1508 return SLAP_CB_CONTINUE;
1512 /* don't use this; it cannot be reverted, and leaves op->o_req_dn
1513 * rewritten for subsequent operations; fine for plain suffixmassage,
1514 * but destroys everything else */
1516 rwm_chk_referrals( Operation *op, SlapReply *rs )
1518 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1521 rc = rwm_op_dn_massage( op, rs, "referralCheckDN" );
1522 if ( rc != LDAP_SUCCESS ) {
1523 op->o_bd->bd_info = (BackendInfo *)on->on_info;
1524 send_ldap_error( op, rs, rc, "referralCheckDN massage error" );
1528 return SLAP_CB_CONTINUE;
1540 slap_overinst *on = (slap_overinst *) be->bd_info;
1541 struct ldaprwmap *rwmap =
1542 (struct ldaprwmap *)on->on_bi.bi_private;
1544 return rewrite_parse( rwmap->rwm_rw,
1545 fname, lineno, argc, argv );
1551 rwm_suffixmassage_config(
1558 slap_overinst *on = (slap_overinst *) be->bd_info;
1559 struct ldaprwmap *rwmap =
1560 (struct ldaprwmap *)on->on_bi.bi_private;
1562 struct berval bvnc, nvnc, pvnc, brnc, nrnc, prnc;
1569 * suffixmassage [<suffix>] <massaged suffix>
1571 * the [<suffix>] field must be defined as a valid suffix
1572 * for the current database;
1573 * the <massaged suffix> shouldn't have already been
1574 * defined as a valid suffix for the current server
1577 if ( be->be_suffix == NULL ) {
1578 fprintf( stderr, "%s: line %d: "
1579 " \"suffixMassage [<suffix>]"
1580 " <massaged suffix>\" without "
1581 "<suffix> part requires database "
1582 "suffix be defined first.\n",
1586 bvnc = be->be_suffix[ 0 ];
1589 } else if ( argc == 3 ) {
1590 ber_str2bv( argv[ 1 ], 0, 0, &bvnc );
1594 fprintf( stderr, "%s: line %d: syntax is"
1595 " \"suffixMassage [<suffix>]"
1596 " <massaged suffix>\"\n",
1601 if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
1602 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1603 fname, lineno, bvnc.bv_val );
1607 ber_str2bv( argv[ massaged ], 0, 0, &brnc );
1608 if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
1609 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1610 fname, lineno, brnc.bv_val );
1611 free( nvnc.bv_val );
1612 free( pvnc.bv_val );
1617 * The suffix massaging is emulated
1618 * by means of the rewrite capabilities
1620 rc = rwm_suffix_massage_config( rwmap->rwm_rw,
1621 &pvnc, &nvnc, &prnc, &nrnc );
1622 free( nvnc.bv_val );
1623 free( pvnc.bv_val );
1624 free( nrnc.bv_val );
1625 free( prnc.bv_val );
1638 slap_overinst *on = (slap_overinst *) be->bd_info;
1639 struct ldaprwmap *rwmap =
1640 (struct ldaprwmap *)on->on_bi.bi_private;
1642 /* objectclass/attribute mapping */
1643 return rwm_map_config( &rwmap->rwm_oc,
1645 fname, lineno, argc, argv );
1649 rwm_response( Operation *op, SlapReply *rs )
1651 slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
1652 struct ldaprwmap *rwmap =
1653 (struct ldaprwmap *)on->on_bi.bi_private;
1657 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH ) {
1658 return rwm_send_entry( op, rs );
1661 switch( op->o_tag ) {
1662 case LDAP_REQ_SEARCH:
1665 case LDAP_REQ_DELETE:
1666 case LDAP_REQ_MODRDN:
1667 case LDAP_REQ_MODIFY:
1668 case LDAP_REQ_COMPARE:
1669 case LDAP_REQ_EXTENDED:
1674 * Rewrite the dn of the referrals, if needed
1677 dc.conn = op->o_conn;
1679 dc.ctx = "referralDN";
1680 rc = rwm_referral_result_rewrite( &dc, rs->sr_ref );
1681 if ( rc != LDAP_SUCCESS ) {
1686 rc = rwm_matched( op, rs );
1690 rc = SLAP_CB_CONTINUE;
1705 slap_overinst *on = (slap_overinst *) be->bd_info;
1706 struct ldaprwmap *rwmap =
1707 (struct ldaprwmap *)on->on_bi.bi_private;
1712 if ( strncasecmp( argv[ 0 ], "rwm-", STRLENOF( "rwm-" ) ) == 0 ) {
1714 argv[ 0 ] = &argv0[ STRLENOF( "rwm-" ) ];
1717 if ( strncasecmp( argv[0], "rewrite", STRLENOF("rewrite") ) == 0 ) {
1718 rc = rwm_rw_config( be, fname, lineno, argc, argv );
1720 } else if ( strcasecmp( argv[0], "map" ) == 0 ) {
1721 rc = rwm_m_config( be, fname, lineno, argc, argv );
1723 } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
1724 rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
1726 } else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
1729 "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
1734 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
1735 rwmap->rwm_flags &= ~(RWM_F_SUPPORT_T_F_MASK2);
1737 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
1738 rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
1740 /* TODO: not implemented yet */
1741 } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
1743 "%s: line %d: \"discover\" not supported yet "
1744 "in \"t-f-support {no|yes|discover}\".\n",
1748 rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
1753 "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
1754 fname, lineno, argv[ 1 ] );
1758 } else if ( strcasecmp( argv[0], "normalize-mapped-attrs" ) == 0 ) {
1761 "%s: line %d: \"normalize-mapped-attrs {no|yes}\" needs 1 argument.\n",
1766 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
1767 rwmap->rwm_flags &= ~(RWM_F_NORMALIZE_MAPPED_ATTRS);
1769 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
1770 rwmap->rwm_flags |= RWM_F_NORMALIZE_MAPPED_ATTRS;
1774 rc = SLAP_CONF_UNKNOWN;
1785 * dynamic configuration...
1791 RWM_CF_SUFFIXMASSAGE,
1796 RWM_CF_NORMALIZE_MAPPED,
1801 static slap_verbmasks t_f_mode[] = {
1802 { BER_BVC( "yes" ), RWM_F_SUPPORT_T_F },
1803 { BER_BVC( "discover" ), RWM_F_SUPPORT_T_F_DISCOVER },
1804 { BER_BVC( "no" ), RWM_F_NONE },
1808 static ConfigDriver rwm_cf_gen;
1810 static ConfigTable rwmcfg[] = {
1811 { "rwm-rewrite", "rewrite",
1812 2, 0, STRLENOF("rwm-rewrite"),
1813 ARG_MAGIC|ARG_QUOTE|RWM_CF_REWRITE, rwm_cf_gen,
1814 "( OLcfgOvAt:16.1 NAME 'olcRwmRewrite' "
1815 "DESC 'Rewrites strings' "
1816 "EQUALITY caseIgnoreMatch "
1817 "SYNTAX OMsDirectoryString "
1818 "X-ORDERED 'VALUES' )",
1821 { "rwm-suffixmassage", "[virtual]> <real",
1822 2, 3, 0, ARG_MAGIC|RWM_CF_SUFFIXMASSAGE, rwm_cf_gen,
1825 { "rwm-t-f-support", "true|false|discover",
1826 2, 2, 0, ARG_MAGIC|RWM_CF_T_F_SUPPORT, rwm_cf_gen,
1827 "( OLcfgOvAt:16.2 NAME 'olcRwmTFSupport' "
1828 "DESC 'Absolute filters support' "
1829 "SYNTAX OMsDirectoryString "
1833 { "rwm-map", "{objectClass|attribute}",
1834 2, 4, 0, ARG_MAGIC|RWM_CF_MAP, rwm_cf_gen,
1835 "( OLcfgOvAt:16.3 NAME 'olcRwmMap' "
1836 "DESC 'maps attributes/objectClasses' "
1837 "SYNTAX OMsDirectoryString "
1838 "X-ORDERED 'VALUES' )",
1841 { "rwm-normalize-mapped-attrs", "true|false",
1842 2, 2, 0, ARG_MAGIC|ARG_ON_OFF|RWM_CF_NORMALIZE_MAPPED, rwm_cf_gen,
1843 "( OLcfgOvAt:16.4 NAME 'olcRwmNormalizeMapped' "
1844 "DESC 'Normalize mapped attributes/objectClasses' "
1845 "SYNTAX OMsBoolean "
1849 { NULL, NULL, 0, 0, 0, ARG_IGNORED }
1852 static ConfigOCs rwmocs[] = {
1853 { "( OLcfgOvOc:16.1 "
1854 "NAME 'olcRwmConfig' "
1855 "DESC 'Rewrite/remap configuration' "
1856 "SUP olcOverlayConfig "
1859 "olcRwmTFSupport $ "
1861 "olcRwmNormalizeMapped "
1863 Cft_Overlay, rwmcfg, NULL, NULL },
1868 slap_rewrite_unparse( BerVarray in, BerVarray *out )
1871 BerVarray bva = NULL;
1872 char ibuf[32], *ptr;
1875 assert( in != NULL );
1877 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ )
1886 bva = ch_malloc( ( i + 1 ) * sizeof(struct berval) );
1887 BER_BVZERO( &bva[ 0 ] );
1889 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
1890 idx.bv_len = snprintf( idx.bv_val, sizeof( ibuf ), "{%d}", i );
1891 if ( idx.bv_len >= sizeof( ibuf ) ) {
1892 ber_bvarray_free( bva );
1896 bva[i].bv_len = idx.bv_len + in[i].bv_len;
1897 bva[i].bv_val = ch_malloc( bva[i].bv_len + 1 );
1898 ptr = lutil_strcopy( bva[i].bv_val, ibuf );
1899 ptr = lutil_strcopy( ptr, in[i].bv_val );
1901 BER_BVZERO( &bva[ i + 1 ] );
1908 rwm_cf_gen( ConfigArgs *c )
1910 slap_overinst *on = (slap_overinst *)c->bi;
1911 struct ldaprwmap *rwmap =
1912 (struct ldaprwmap *)on->on_bi.bi_private;
1921 if ( c->op == SLAP_CONFIG_EMIT ) {
1922 struct berval bv = BER_BVNULL;
1924 switch ( c->type ) {
1925 case RWM_CF_REWRITE:
1926 if ( rwmap->rwm_bva_rewrite == NULL ) {
1930 slap_rewrite_unparse( rwmap->rwm_bva_rewrite, &c->rvalue_vals );
1931 if ( !c->rvalue_vals ) {
1937 case RWM_CF_T_F_SUPPORT:
1938 enum_to_verb( t_f_mode, (rwmap->rwm_flags & RWM_F_SUPPORT_T_F_MASK2), &bv );
1939 if ( BER_BVISNULL( &bv ) ) {
1940 /* there's something wrong... */
1945 value_add_one( &c->rvalue_vals, &bv );
1950 if ( rwmap->rwm_bva_map == NULL ) {
1954 value_add( &c->rvalue_vals, rwmap->rwm_bva_map );
1958 case RWM_CF_NORMALIZE_MAPPED:
1959 c->value_int = ( rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS );
1969 } else if ( c->op == LDAP_MOD_DELETE ) {
1970 switch ( c->type ) {
1971 case RWM_CF_REWRITE:
1972 if ( c->valx >= 0 ) {
1973 /* single modification is not allowed */
1976 } else if ( rwmap->rwm_rw != NULL ) {
1977 rewrite_info_delete( &rwmap->rwm_rw );
1978 assert( rwmap->rwm_rw == NULL );
1980 ber_bvarray_free( rwmap->rwm_bva_rewrite );
1981 rwmap->rwm_bva_rewrite = NULL;
1985 case RWM_CF_T_F_SUPPORT:
1986 rwmap->rwm_flags &= ~RWM_F_SUPPORT_T_F_MASK2;
1990 if ( c->valx >= 0 ) {
1991 /* single modification is not allowed */
1995 avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
1996 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
1997 avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
1998 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
2000 rwmap->rwm_oc.remap = NULL;
2001 rwmap->rwm_oc.map = NULL;
2002 rwmap->rwm_at.remap = NULL;
2003 rwmap->rwm_at.map = NULL;
2005 ber_bvarray_free( rwmap->rwm_bva_map );
2006 rwmap->rwm_bva_map = NULL;
2010 case RWM_CF_NORMALIZE_MAPPED:
2011 rwmap->rwm_flags &= ~RWM_F_NORMALIZE_MAPPED_ATTRS;
2020 switch ( c->type ) {
2021 case RWM_CF_REWRITE:
2022 argv0 = c->argv[ 0 ];
2023 c->argv[ 0 ] += STRLENOF( "rwm-" );
2024 rc = rwm_rw_config( &db, c->fname, c->lineno, c->argc, c->argv );
2025 c->argv[ 0 ] = argv0;
2033 line = ldap_charray2str( c->argv, "\" \"" );
2034 if ( line != NULL ) {
2035 int len = strlen( c->argv[ 0 ] );
2037 ber_str2bv( line, 0, 0, &bv );
2038 AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
2039 bv.bv_len - ( len + 1 ) );
2040 bv.bv_val[ bv.bv_len - 1 ] = '"';
2041 ber_bvarray_add( &rwmap->rwm_bva_rewrite, &bv );
2046 case RWM_CF_SUFFIXMASSAGE:
2047 argv0 = c->argv[ 0 ];
2048 c->argv[ 0 ] += STRLENOF( "rwm-" );
2049 rc = rwm_suffixmassage_config( &db, c->fname, c->lineno, c->argc, c->argv );
2050 c->argv[ 0 ] = argv0;
2058 /* FIXME: not optimal; in fact, this keeps track
2059 * of the fact that a set of rules was added
2060 * using the rwm-suffixmassage shortcut, but the
2061 * rules are not clarified */
2063 line = ldap_charray2str( c->argv, "\" \"" );
2064 if ( line != NULL ) {
2065 int len = strlen( c->argv[ 0 ] );
2067 ber_str2bv( line, 0, 0, &bv );
2068 AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
2069 bv.bv_len - ( len + 1 ) );
2070 bv.bv_val[ bv.bv_len - 1 ] = '"';
2071 ber_bvarray_add( &rwmap->rwm_bva_rewrite, &bv );
2076 case RWM_CF_T_F_SUPPORT:
2077 rc = verb_to_mask( c->argv[ 1 ], t_f_mode );
2078 if ( BER_BVISNULL( &t_f_mode[ rc ].word ) ) {
2082 rwmap->rwm_flags &= ~RWM_F_SUPPORT_T_F_MASK2;
2083 rwmap->rwm_flags |= t_f_mode[ rc ].mask;
2088 argv0 = c->argv[ 0 ];
2089 c->argv[ 0 ] += STRLENOF( "rwm-" );
2090 rc = rwm_m_config( &db, c->fname, c->lineno, c->argc, c->argv );
2091 c->argv[ 0 ] = argv0;
2099 line = ldap_charray2str( &c->argv[ 1 ], " " );
2100 if ( line != NULL ) {
2101 ber_str2bv( line, 0, 0, &bv );
2102 ber_bvarray_add( &rwmap->rwm_bva_map, &bv );
2107 case RWM_CF_NORMALIZE_MAPPED:
2108 if ( c->value_int ) {
2109 rwmap->rwm_flags |= RWM_F_NORMALIZE_MAPPED_ATTRS;
2111 rwmap->rwm_flags &= ~RWM_F_NORMALIZE_MAPPED_ATTRS;
2128 slap_overinst *on = (slap_overinst *) be->bd_info;
2129 struct ldaprwmap *rwmap;
2133 rwmap = (struct ldaprwmap *)ch_calloc( 1, sizeof( struct ldaprwmap ) );
2135 rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
2136 if ( rwmap->rwm_rw == NULL ) {
2141 /* this rewriteContext by default must be null;
2142 * rules can be added if required */
2143 rargv[ 0 ] = "rewriteContext";
2144 rargv[ 1 ] = "searchFilter";
2146 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
2148 rargv[ 0 ] = "rewriteContext";
2149 rargv[ 1 ] = "default";
2151 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
2154 on->on_bi.bi_private = (void *)rwmap;
2157 (void)rwm_db_destroy( be, NULL );
2168 slap_overinst *on = (slap_overinst *) be->bd_info;
2171 if ( on->on_bi.bi_private ) {
2172 struct ldaprwmap *rwmap =
2173 (struct ldaprwmap *)on->on_bi.bi_private;
2175 if ( rwmap->rwm_rw ) {
2176 rewrite_info_delete( &rwmap->rwm_rw );
2177 ber_bvarray_free( rwmap->rwm_bva_rewrite );
2180 avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
2181 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
2182 avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
2183 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
2184 ber_bvarray_free( rwmap->rwm_bva_map );
2192 static slap_overinst rwm = { { NULL } };
2194 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
2196 #endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
2198 rwm_initialize( void )
2202 /* Make sure we don't exceed the bits reserved for userland */
2203 config_check_userland( RWM_CF_LAST );
2205 memset( &rwm, 0, sizeof( slap_overinst ) );
2207 rwm.on_bi.bi_type = "rwm";
2208 rwm.on_bi.bi_flags =
2209 SLAPO_BFLAG_SINGLE |
2212 rwm.on_bi.bi_db_init = rwm_db_init;
2213 rwm.on_bi.bi_db_config = rwm_db_config;
2214 rwm.on_bi.bi_db_destroy = rwm_db_destroy;
2216 rwm.on_bi.bi_op_bind = rwm_op_bind;
2217 rwm.on_bi.bi_op_search = rwm_op_search;
2218 rwm.on_bi.bi_op_compare = rwm_op_compare;
2219 rwm.on_bi.bi_op_modify = rwm_op_modify;
2220 rwm.on_bi.bi_op_modrdn = rwm_op_modrdn;
2221 rwm.on_bi.bi_op_add = rwm_op_add;
2222 rwm.on_bi.bi_op_delete = rwm_op_delete;
2223 rwm.on_bi.bi_op_unbind = rwm_op_unbind;
2224 rwm.on_bi.bi_extended = rwm_extended;
2226 rwm.on_bi.bi_entry_release_rw = rwm_entry_release_rw;
2227 rwm.on_bi.bi_entry_get_rw = rwm_entry_get_rw;
2230 rwm.on_bi.bi_operational = rwm_operational;
2231 rwm.on_bi.bi_chk_referrals = 0 /* rwm_chk_referrals */ ;
2233 rwm.on_bi.bi_connection_init = rwm_conn_init;
2234 rwm.on_bi.bi_connection_destroy = rwm_conn_destroy;
2236 rwm.on_response = rwm_response;
2238 rwm.on_bi.bi_cf_ocs = rwmocs;
2240 rc = config_register_schema( rwmcfg, rwmocs );
2245 return overlay_register( &rwm );
2248 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
2250 init_module( int argc, char *argv[] )
2252 return rwm_initialize();
2254 #endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
2256 #endif /* SLAPD_OVER_RWM */
projects / openldap / blob