]> git.sur5r.net Git - openldap/blob - servers/slapd/overlays/rwm.c
projects / openldap / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Use "pcache" to invoke the overlay instead of "proxycache"
[openldap] / servers / slapd / overlays / rwm.c
1 /* rwm.c - rewrite/remap operations */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4  *
5  * Copyright 2003-2005 The OpenLDAP Foundation.
6  * Portions Copyright 2003 Pierangelo Masarati.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted only as authorized by the OpenLDAP
11  * Public License.
12  *
13  * A copy of this license is available in the file LICENSE in the
14  * top-level directory of the distribution or, alternatively, at
15  * <http://www.OpenLDAP.org/license.html>.
16  */
17
18 #include "portable.h"
19
20 #ifdef SLAPD_OVER_RWM
21
22 #include <stdio.h>
23
24 #include <ac/string.h>
25
26 #include "slap.h"
27 #include "rwm.h"
28
29 static int
30 rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie )
31 {
32         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
33         struct ldaprwmap        *rwmap = 
34                         (struct ldaprwmap *)on->on_bi.bi_private;
35
36         struct berval           dn = BER_BVNULL,
37                                 ndn = BER_BVNULL;
38         int                     rc = 0;
39         dncookie                dc;
40
41         /*
42          * Rewrite the dn if needed
43          */
44         dc.rwmap = rwmap;
45 #ifdef ENABLE_REWRITE
46         dc.conn = op->o_conn;
47         dc.rs = rs;
48         dc.ctx = (char *)cookie;
49 #else /* ! ENABLE_REWRITE */
50         dc.tofrom = ((int *)cookie)[0];
51         dc.normalized = 0;
52 #endif /* ! ENABLE_REWRITE */
53
54         /* NOTE: in those cases where only the ndn is available,
55          * and the caller sets op->o_req_dn = op->o_req_ndn,
56          * only rewrite the op->o_req_ndn and use it as 
57          * op->o_req_dn as well */
58         ndn = op->o_req_ndn;
59         if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
60                 dn = op->o_req_dn;
61                 rc = rwm_dn_massage_pretty_normalize( &dc, &op->o_req_dn, &dn, &ndn );
62         } else {
63                 rc = rwm_dn_massage_normalize( &dc, &op->o_req_ndn, &ndn );
64         }
65
66         if ( rc != LDAP_SUCCESS ) {
67                 return rc;
68         }
69
70         if ( ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val && dn.bv_val == op->o_req_dn.bv_val )
71                         || ndn.bv_val == op->o_req_ndn.bv_val )
72         {
73                 return LDAP_SUCCESS;
74         }
75
76         if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
77                 op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
78                 op->o_req_dn = dn;
79         } else {
80                 op->o_req_dn = ndn;
81         }
82         op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
83         op->o_req_ndn = ndn;
84
85         return LDAP_SUCCESS;
86 }
87
88 static int
89 rwm_op_add( Operation *op, SlapReply *rs )
90 {
91         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
92         struct ldaprwmap        *rwmap = 
93                         (struct ldaprwmap *)on->on_bi.bi_private;
94
95         int                     rc,
96                                 i;
97         Attribute               **ap = NULL;
98         char                    *olddn = op->o_req_dn.bv_val;
99         int                     isupdate;
100
101 #ifdef ENABLE_REWRITE
102         rc = rwm_op_dn_massage( op, rs, "addDN" );
103 #else /* ! ENABLE_REWRITE */
104         rc = 1;
105         rc = rwm_op_dn_massage( op, rs, &rc );
106 #endif /* ! ENABLE_REWRITE */
107         if ( rc != LDAP_SUCCESS ) {
108                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
109                 send_ldap_error( op, rs, rc, "addDN massage error" );
110                 return -1;
111         }
112
113         if ( olddn != op->o_req_dn.bv_val ) {
114                 ch_free( op->ora_e->e_name.bv_val );
115                 ch_free( op->ora_e->e_nname.bv_val );
116
117                 ber_dupbv( &op->ora_e->e_name, &op->o_req_dn );
118                 ber_dupbv( &op->ora_e->e_nname, &op->o_req_ndn );
119         }
120
121         /* Count number of attributes in entry */ 
122         isupdate = be_shadow_update( op );
123         for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
124                 Attribute       *a;
125
126                 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass ||
127                                 (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
128                 {
129                         int             j, last;
130
131                         for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[ last ] ); last++ )
132                                         /* count values */ ;
133                         last--;
134                         for ( j = 0; !BER_BVISNULL( &(*ap)->a_vals[ j ] ); j++ ) {
135                                 struct ldapmapping      *mapping = NULL;
136
137                                 ( void )rwm_mapping( &rwmap->rwm_oc, &(*ap)->a_vals[ j ],
138                                                 &mapping, RWM_MAP );
139                                 if ( mapping == NULL ) {
140                                         if ( rwmap->rwm_at.drop_missing ) {
141                                                 /* FIXME: we allow to remove objectClasses as well;
142                                                  * if the resulting entry is inconsistent, that's
143                                                  * the relayed database's business...
144                                                  */
145                                                 ch_free( (*ap)->a_vals[ j ].bv_val );
146                                                 if ( last > j ) {
147                                                         (*ap)->a_vals[ j ] = (*ap)->a_vals[ last ];
148                                                 }
149                                                 BER_BVZERO( &(*ap)->a_vals[ last ] );
150                                                 last--;
151                                                 j--;
152                                         }
153
154                                 } else {
155                                         ch_free( (*ap)->a_vals[ j ].bv_val );
156                                         ber_dupbv( &(*ap)->a_vals[ j ], &mapping->m_dst );
157                                 }
158                         }
159
160                 } else if ( !isupdate && (*ap)->a_desc->ad_type->sat_no_user_mod ) {
161                         goto next_attr;
162
163                 } else {
164                         struct ldapmapping      *mapping = NULL;
165
166                         ( void )rwm_mapping( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
167                                         &mapping, RWM_MAP );
168                         if ( mapping == NULL ) {
169                                 if ( rwmap->rwm_at.drop_missing ) {
170                                         goto cleanup_attr;
171                                 }
172                         }
173
174                         if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
175                                         || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
176                         {
177                                 /*
178                                  * FIXME: rewrite could fail; in this case
179                                  * the operation should give up, right?
180                                  */
181 #ifdef ENABLE_REWRITE
182                                 rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
183                                                 (*ap)->a_vals,
184                                                 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
185 #else /* ! ENABLE_REWRITE */
186                                 rc = 1;
187                                 rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
188                                                 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
189 #endif /* ! ENABLE_REWRITE */
190                                 if ( rc ) {
191                                         goto cleanup_attr;
192                                 }
193
194                         } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
195 #ifdef ENABLE_REWRITE
196                                 rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
197                                                 (*ap)->a_vals,
198                                                 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
199 #else /* ! ENABLE_REWRITE */
200                                 rc = 1;
201                                 rc = rwm_referral_rewrite( op, rs, &rc, (*ap)->a_vals,
202                                                 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
203 #endif /* ! ENABLE_REWRITE */
204                                 if ( rc != LDAP_SUCCESS ) {
205                                         goto cleanup_attr;
206                                 }
207                         }
208                 
209                         if ( mapping != NULL ) {
210                                 assert( mapping->m_dst_ad );
211                                 (*ap)->a_desc = mapping->m_dst_ad;
212                         }
213                 }
214
215 next_attr:;
216                 ap = &(*ap)->a_next;
217                 continue;
218
219 cleanup_attr:;
220                 /* FIXME: leaking attribute/values? */
221                 a = *ap;
222
223                 *ap = (*ap)->a_next;
224                 attr_free( a );
225         }
226
227         /* TODO: map attribute types, values of DN-valued attributes ... */
228         return SLAP_CB_CONTINUE;
229 }
230
231 static int
232 rwm_op_bind( Operation *op, SlapReply *rs )
233 {
234         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
235         struct ldaprwmap        *rwmap = 
236                         (struct ldaprwmap *)on->on_bi.bi_private;
237         int                     rc;
238
239 #ifdef ENABLE_REWRITE
240         ( void )rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
241         ( void )rewrite_session_init( rwmap->rwm_rw, op->o_conn );
242
243         rc = rwm_op_dn_massage( op, rs, "bindDN" );
244 #else /* ! ENABLE_REWRITE */
245         rc = 1;
246         rc = rwm_op_dn_massage( op, rs, &rc );
247 #endif /* ! ENABLE_REWRITE */
248         if ( rc != LDAP_SUCCESS ) {
249                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
250                 send_ldap_error( op, rs, rc, "bindDN massage error" );
251                 return -1;
252         }
253
254         return SLAP_CB_CONTINUE;
255 }
256
257 static int
258 rwm_op_unbind( Operation *op, SlapReply *rs )
259 {
260         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
261         struct ldaprwmap        *rwmap = 
262                         (struct ldaprwmap *)on->on_bi.bi_private;
263
264 #ifdef ENABLE_REWRITE
265         rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
266 #endif /* ENABLE_REWRITE */
267
268         return SLAP_CB_CONTINUE;
269 }
270
271 static int
272 rwm_op_compare( Operation *op, SlapReply *rs )
273 {
274         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
275         struct ldaprwmap        *rwmap = 
276                         (struct ldaprwmap *)on->on_bi.bi_private;
277
278         int                     rc;
279         struct berval           mapped_at = BER_BVNULL,
280                                 mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
281
282 #ifdef ENABLE_REWRITE
283         rc = rwm_op_dn_massage( op, rs, "compareDN" );
284 #else /* ! ENABLE_REWRITE */
285         rc = 1;
286         rc = rwm_op_dn_massage( op, rs, &rc );
287 #endif /* ! ENABLE_REWRITE */
288         if ( rc != LDAP_SUCCESS ) {
289                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
290                 send_ldap_error( op, rs, rc, "compareDN massage error" );
291                 return -1;
292         }
293
294         /* if the attribute is an objectClass, try to remap its value */
295         if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass
296                         || op->orc_ava->aa_desc == slap_schema.si_ad_structuralObjectClass )
297         {
298                 rwm_map( &rwmap->rwm_oc, &op->orc_ava->aa_value,
299                                 &mapped_vals[0], RWM_MAP );
300                 if ( BER_BVISNULL( &mapped_vals[0] ) || BER_BVISEMPTY( &mapped_vals[0] ) )
301                 {
302                         op->o_bd->bd_info = (BackendInfo *)on->on_info;
303                         send_ldap_error( op, rs, LDAP_OTHER, "compare objectClass map error" );
304                         return -1;
305
306                 } else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
307                         free( op->orc_ava->aa_value.bv_val );
308                         op->orc_ava->aa_value = mapped_vals[0];
309                 }
310                 mapped_at = op->orc_ava->aa_desc->ad_cname;
311
312         } else {
313                 struct ldapmapping      *mapping = NULL;
314                 AttributeDescription    *ad = op->orc_ava->aa_desc;
315
316                 ( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
317                                 &mapping, RWM_MAP );
318                 if ( mapping == NULL ) {
319                         if ( rwmap->rwm_at.drop_missing ) {
320                                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
321                                 send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
322                                 return -1;
323                         }
324
325                 } else {
326                         assert( mapping->m_dst_ad );
327                         ad = mapping->m_dst_ad;
328                 }
329
330                 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
331                                 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
332                 {
333                         struct berval   *mapped_valsp[2];
334                         
335                         mapped_valsp[0] = &mapped_vals[0];
336                         mapped_valsp[1] = &mapped_vals[1];
337
338                         mapped_vals[0] = op->orc_ava->aa_value;
339
340 #ifdef ENABLE_REWRITE
341                         rc = rwm_dnattr_rewrite( op, rs, "compareAttrDN", NULL, mapped_valsp );
342 #else /* ! ENABLE_REWRITE */
343                         rc = 1;
344                         rc = rwm_dnattr_rewrite( op, rs, &rc, NULL, mapped_valsp );
345 #endif /* ! ENABLE_REWRITE */
346
347                         if ( rc != LDAP_SUCCESS ) {
348                                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
349                                 send_ldap_error( op, rs, rc, "compareAttrDN massage error" );
350                                 return -1;
351                         }
352
353                         op->orc_ava->aa_value = mapped_vals[0];
354                 }
355                 op->orc_ava->aa_desc = ad;
356         }
357
358         return SLAP_CB_CONTINUE;
359 }
360
361 static int
362 rwm_op_delete( Operation *op, SlapReply *rs )
363 {
364         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
365         int                     rc;
366
367 #ifdef ENABLE_REWRITE
368         rc = rwm_op_dn_massage( op, rs, "deleteDN" );
369 #else /* ! ENABLE_REWRITE */
370         rc = 1;
371         rc = rwm_op_dn_massage( op, rs, &rc );
372 #endif /* ! ENABLE_REWRITE */
373         if ( rc != LDAP_SUCCESS ) {
374                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
375                 send_ldap_error( op, rs, rc, "deleteDN massage error" );
376                 return -1;
377         }
378
379         return SLAP_CB_CONTINUE;
380 }
381
382 static int
383 rwm_op_modify( Operation *op, SlapReply *rs )
384 {
385         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
386         struct ldaprwmap        *rwmap = 
387                         (struct ldaprwmap *)on->on_bi.bi_private;
388
389         int                     isupdate;
390         Modifications           **mlp;
391         int                     rc;
392
393 #ifdef ENABLE_REWRITE
394         rc = rwm_op_dn_massage( op, rs, "modifyDN" );
395 #else /* ! ENABLE_REWRITE */
396         rc = 1;
397         rc = rwm_op_dn_massage( op, rs, &rc );
398 #endif /* ! ENABLE_REWRITE */
399         if ( rc != LDAP_SUCCESS ) {
400                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
401                 send_ldap_error( op, rs, rc, "modifyDN massage error" );
402                 return -1;
403         }
404
405         isupdate = be_shadow_update( op );
406         for ( mlp = &op->oq_modify.rs_modlist; *mlp; ) {
407                 int                     is_oc = 0;
408                 Modifications           *ml;
409                 struct ldapmapping      *mapping = NULL;
410
411                 if ( (*mlp)->sml_desc == slap_schema.si_ad_objectClass 
412                                 || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass )
413                 {
414                         is_oc = 1;
415
416                 } else if ( !isupdate && (*mlp)->sml_desc->ad_type->sat_no_user_mod  ) {
417                         goto next_mod;
418
419                 } else {
420                         int                     drop_missing;
421
422                         drop_missing = rwm_mapping( &rwmap->rwm_at,
423                                         &(*mlp)->sml_desc->ad_cname,
424                                         &mapping, RWM_MAP );
425                         if ( drop_missing || ( mapping != NULL && BER_BVISNULL( &mapping->m_dst ) ) )
426                         {
427                                 goto cleanup_mod;
428                         }
429                 }
430
431                 if ( (*mlp)->sml_values != NULL ) {
432                         if ( is_oc ) {
433                                 int     last, j;
434
435                                 for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[ last ] ); last++ )
436                                         /* count values */ ;
437                                 last--;
438
439                                 for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[ j ] ); j++ ) {
440                                         struct ldapmapping      *oc_mapping = NULL;
441                 
442                                         ( void )rwm_mapping( &rwmap->rwm_oc, &(*mlp)->sml_values[ j ],
443                                                         &oc_mapping, RWM_MAP );
444                                         if ( oc_mapping == NULL ) {
445                                                 if ( rwmap->rwm_at.drop_missing ) {
446                                                         /* FIXME: we allow to remove objectClasses as well;
447                                                          * if the resulting entry is inconsistent, that's
448                                                          * the relayed database's business...
449                                                          */
450                                                         ch_free( (*mlp)->sml_values[ j ].bv_val );
451                                                         if ( last > j ) {
452                                                                 (*mlp)->sml_values[ j ] = (*mlp)->sml_values[ last ];
453                                                         }
454                                                         BER_BVZERO( &(*mlp)->sml_values[ last ] );
455                                                         last--;
456                                                         j--;
457                                                 }
458         
459                                         } else {
460                                                 ch_free( (*mlp)->sml_values[ j ].bv_val );
461                                                 ber_dupbv( &(*mlp)->sml_values[ j ], &oc_mapping->m_dst );
462                                         }
463                                 }
464
465                         } else {
466                                 if ( (*mlp)->sml_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
467                                                 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
468                                 {
469 #ifdef ENABLE_REWRITE
470                                         rc = rwm_dnattr_rewrite( op, rs, "modifyAttrDN",
471                                                         (*mlp)->sml_values,
472                                                         (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
473 #else /* ! ENABLE_REWRITE */
474                                         rc = 1;
475                                         rc = rwm_dnattr_rewrite( op, rs, &rc, 
476                                                         (*mlp)->sml_values,
477                                                         (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
478 #endif /* ! ENABLE_REWRITE */
479
480                                 } else if ( (*mlp)->sml_desc == slap_schema.si_ad_ref ) {
481 #ifdef ENABLE_REWRITE
482                                         rc = rwm_referral_rewrite( op, rs,
483                                                         "referralAttrDN",
484                                                         (*mlp)->sml_values,
485                                                         (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
486 #else /* ! ENABLE_REWRITE */
487                                         rc = 1;
488                                         rc = rwm_referral_rewrite( op, rs, &rc,
489                                                         (*mlp)->sml_values,
490                                                         (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
491 #endif /* ! ENABLE_REWRITE */
492                                         if ( rc != LDAP_SUCCESS ) {
493                                                 goto cleanup_mod;
494                                         }
495                                 }
496
497                                 if ( rc != LDAP_SUCCESS ) {
498                                         goto cleanup_mod;
499                                 }
500                         }
501                 }
502
503 next_mod:;
504                 if ( mapping != NULL ) {
505                         /* use new attribute description */
506                         assert( mapping->m_dst_ad );
507                         (*mlp)->sml_desc = mapping->m_dst_ad;
508                 }
509
510                 mlp = &(*mlp)->sml_next;
511                 continue;
512
513 cleanup_mod:;
514                 ml = *mlp;
515                 *mlp = (*mlp)->sml_next;
516                 slap_mod_free( &ml->sml_mod, 0 );
517                 free( ml );
518         }
519
520         return SLAP_CB_CONTINUE;
521 }
522
523 static int
524 rwm_op_modrdn( Operation *op, SlapReply *rs )
525 {
526         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
527         struct ldaprwmap        *rwmap = 
528                         (struct ldaprwmap *)on->on_bi.bi_private;
529         
530         int                     rc;
531
532         if ( op->orr_newSup ) {
533                 dncookie        dc;
534                 struct berval   nnewSup = BER_BVNULL;
535                 struct berval   newSup = BER_BVNULL;
536
537                 /*
538                  * Rewrite the new superior, if defined and required
539                  */
540                 dc.rwmap = rwmap;
541 #ifdef ENABLE_REWRITE
542                 dc.conn = op->o_conn;
543                 dc.rs = rs;
544                 dc.ctx = "newSuperiorDN";
545 #else /* ! ENABLE_REWRITE */
546                 dc.tofrom = 0;
547                 dc.normalized = 0;
548 #endif /* ! ENABLE_REWRITE */
549                 newSup = *op->orr_newSup;
550                 nnewSup = *op->orr_nnewSup;
551                 rc = rwm_dn_massage_pretty_normalize( &dc, op->orr_newSup, &newSup, &nnewSup );
552                 if ( rc != LDAP_SUCCESS ) {
553                         op->o_bd->bd_info = (BackendInfo *)on->on_info;
554                         send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
555                         return -1;
556                 }
557
558                 if ( op->orr_newSup->bv_val != newSup.bv_val ) {
559                         op->o_tmpfree( op->orr_newSup->bv_val, op->o_tmpmemctx );
560                         op->o_tmpfree( op->orr_nnewSup->bv_val, op->o_tmpmemctx );
561                         *op->orr_newSup = newSup;
562                         *op->orr_nnewSup = nnewSup;
563                 }
564         }
565
566         /*
567          * Rewrite the dn, if needed
568          */
569 #ifdef ENABLE_REWRITE
570         rc = rwm_op_dn_massage( op, rs, "renameDN" );
571 #else /* ! ENABLE_REWRITE */
572         rc = 1;
573         rc = rwm_op_dn_massage( op, rs, &rc );
574 #endif /* ! ENABLE_REWRITE */
575         if ( rc != LDAP_SUCCESS ) {
576                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
577                 send_ldap_error( op, rs, rc, "renameDN massage error" );
578                 return -1;
579         }
580
581         /* TODO: rewrite newRDN, attribute types, 
582          * values of DN-valued attributes ... */
583         return SLAP_CB_CONTINUE;
584 }
585
586 static int
587 rwm_swap_attrs( Operation *op, SlapReply *rs )
588 {
589         slap_callback   *cb = op->o_callback;
590         AttributeName   *an = (AttributeName *)cb->sc_private;
591
592         rs->sr_attrs = an;
593         
594         return SLAP_CB_CONTINUE;
595 }
596
597 static int rwm_freeself( Operation *op, SlapReply *rs )
598 {
599         if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_RESULT ) {
600                 assert( op->o_callback );
601
602                 op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
603                 op->o_callback = NULL;
604         }
605
606         return SLAP_CB_CONTINUE;
607 }
608
609 static int
610 rwm_op_search( Operation *op, SlapReply *rs )
611 {
612         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
613         struct ldaprwmap        *rwmap = 
614                         (struct ldaprwmap *)on->on_bi.bi_private;
615
616         int                     rc;
617         dncookie                dc;
618
619         struct berval           fstr = BER_BVNULL;
620         Filter                  *f = NULL;
621
622         slap_callback           *cb;
623         AttributeName           *an = NULL;
624
625         char                    *text = NULL;
626
627 #ifdef ENABLE_REWRITE
628         rc = rwm_op_dn_massage( op, rs, "searchDN" );
629 #else /* ! ENABLE_REWRITE */
630         rc = 1;
631         rc = rwm_op_dn_massage( op, rs, &rc );
632 #endif /* ! ENABLE_REWRITE */
633         if ( rc != LDAP_SUCCESS ) {
634                 text = "searchDN massage error";
635                 goto error_return;
636         }
637
638         /*
639          * Rewrite the dn if needed
640          */
641         dc.rwmap = rwmap;
642 #ifdef ENABLE_REWRITE
643         dc.conn = op->o_conn;
644         dc.rs = rs;
645         dc.ctx = "searchFilterAttrDN";
646 #else /* ! ENABLE_REWRITE */
647         dc.tofrom = 0;
648         dc.normalized = 0;
649 #endif /* ! ENABLE_REWRITE */
650
651         rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
652         if ( rc != LDAP_SUCCESS ) {
653                 text = "searchFilter/searchFilterAttrDN massage error";
654                 goto error_return;
655         }
656
657         f = str2filter_x( op, fstr.bv_val );
658
659         if ( f == NULL ) {
660                 text = "massaged filter parse error";
661                 goto error_return;
662         }
663
664         if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
665                 ch_free( op->ors_filterstr.bv_val );
666         }
667
668         if( op->ors_filter ) {
669                 filter_free_x( op, op->ors_filter );
670         }
671
672         op->ors_filter = f;
673         op->ors_filterstr = fstr;
674
675         rc = rwm_map_attrnames( &rwmap->rwm_at, &rwmap->rwm_oc,
676                         op->ors_attrs, &an, RWM_MAP );
677         if ( rc != LDAP_SUCCESS ) {
678                 text = "attribute list mapping error";
679                 goto error_return;
680         }
681
682         cb = (slap_callback *) op->o_tmpcalloc( sizeof( slap_callback ),
683                         1, op->o_tmpmemctx );
684         if ( cb == NULL ) {
685                 rc = LDAP_NO_MEMORY;
686                 goto error_return;
687         }
688
689         cb->sc_response = rwm_swap_attrs;
690         cb->sc_cleanup = rwm_freeself;
691         cb->sc_private = (void *)op->ors_attrs;
692         cb->sc_next = op->o_callback;
693
694         op->o_callback = cb;
695         op->ors_attrs = an;
696
697         return SLAP_CB_CONTINUE;
698
699 error_return:;
700         if ( an != NULL ) {
701                 ch_free( an );
702         }
703
704         if ( f != NULL ) {
705                 filter_free_x( op, f );
706         }
707
708         if ( !BER_BVISNULL( &fstr ) ) {
709                 ch_free( fstr.bv_val );
710         }
711
712         op->o_bd->bd_info = (BackendInfo *)on->on_info;
713         send_ldap_error( op, rs, rc, text );
714
715         return -1;
716
717 }
718
719 static int
720 rwm_extended( Operation *op, SlapReply *rs )
721 {
722         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
723         int                     rc;
724
725 #ifdef ENABLE_REWRITE
726         rc = rwm_op_dn_massage( op, rs, "extendedDN" );
727 #else /* ! ENABLE_REWRITE */
728         rc = 1;
729         rc = rwm_op_dn_massage( op, rs, &rc );
730 #endif /* ! ENABLE_REWRITE */
731         if ( rc != LDAP_SUCCESS ) {
732                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
733                 send_ldap_error( op, rs, rc, "extendedDN massage error" );
734                 return -1;
735         }
736
737         /* TODO: rewrite/map extended data ? ... */
738         return SLAP_CB_CONTINUE;
739 }
740
741 static int
742 rwm_matched( Operation *op, SlapReply *rs )
743 {
744         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
745         struct ldaprwmap        *rwmap = 
746                         (struct ldaprwmap *)on->on_bi.bi_private;
747
748         struct berval           dn, mdn;
749         dncookie                dc;
750         int                     rc;
751
752         if ( rs->sr_matched == NULL ) {
753                 return SLAP_CB_CONTINUE;
754         }
755
756         dc.rwmap = rwmap;
757 #ifdef ENABLE_REWRITE
758         dc.conn = op->o_conn;
759         dc.rs = rs;
760         dc.ctx = "matchedDN";
761 #else /* ! ENABLE_REWRITE */
762         dc.tofrom = 0;
763         dc.normalized = 0;
764 #endif /* ! ENABLE_REWRITE */
765         ber_str2bv( rs->sr_matched, 0, 0, &dn );
766         mdn = dn;
767         rc = rwm_dn_massage_pretty( &dc, &dn, &mdn );
768         if ( rc != LDAP_SUCCESS ) {
769                 rs->sr_err = rc;
770                 rs->sr_text = "Rewrite error";
771                 return 1;
772         }
773
774         if ( mdn.bv_val != dn.bv_val ) {
775                 if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
776                         ch_free( (void *)rs->sr_matched );
777
778                 } else {
779                         rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
780                 }
781                 rs->sr_matched = mdn.bv_val;
782         }
783         
784         return SLAP_CB_CONTINUE;
785 }
786
787 static int
788 rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
789 {
790         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
791         struct ldaprwmap        *rwmap = 
792                         (struct ldaprwmap *)on->on_bi.bi_private;
793
794         dncookie                dc;
795         int                     rc;
796         Attribute               **ap;
797         int                     isupdate;
798
799         /*
800          * Rewrite the dn attrs, if needed
801          */
802         dc.rwmap = rwmap;
803 #ifdef ENABLE_REWRITE
804         dc.conn = op->o_conn;
805         dc.rs = NULL; 
806 #else /* ! ENABLE_REWRITE */
807         dc.tofrom = 0;
808         dc.normalized = 0;
809 #endif /* ! ENABLE_REWRITE */
810
811         /* FIXME: the entries are in the remote mapping form;
812          * so we need to select those attributes we are willing
813          * to return, and remap them accordingly */
814
815         /* FIXME: in principle, one could map an attribute
816          * on top of another, which already exists.
817          * As such, in the end there might exist more than
818          * one instance of an attribute.
819          * We should at least check if this occurs, and issue
820          * an error (because multiple instances of attrs in 
821          * response are not valid), or merge the values (what
822          * about duplicate values?) */
823         isupdate = be_shadow_update( op );
824         for ( ap = a_first; *ap; ) {
825                 struct ldapmapping      *mapping = NULL;
826                 int                     drop_missing;
827                 int                     last;
828                 Attribute               *a;
829
830                 if ( SLAP_OPATTRS( rs->sr_attr_flags ) && is_at_operational( (*ap)->a_desc->ad_type ) )
831                 {
832                         /* go on */ ;
833                         
834                 } else {
835                         if ( op->ors_attrs != NULL && 
836                                         !SLAP_USERATTRS( rs->sr_attr_flags ) &&
837                                         !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
838                         {
839                                 goto cleanup_attr;
840                         }
841
842                         drop_missing = rwm_mapping( &rwmap->rwm_at,
843                                         &(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
844                         if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
845                         {
846                                 goto cleanup_attr;
847                         }
848
849                         if ( mapping != NULL ) {
850                                 (*ap)->a_desc = mapping->m_dst_ad;
851                         }
852                 }
853
854                 if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
855                         if ( stripEntryDN ) {
856                                 /* will be generated by frontend */
857                                 goto cleanup_attr;
858                         }
859                         
860                 } else if ( !isupdate
861                         && (*ap)->a_desc->ad_type->sat_no_user_mod 
862                         && (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
863                 {
864                         goto next_attr;
865                 }
866
867                 for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[last] ); last++ )
868                         /* just count */ ;
869
870                 if ( last == 0 ) {
871                         /* empty? leave it in place because of attrsonly and vlv */
872                         goto next_attr;
873                 }
874                 last--;
875
876                 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass
877                                 || (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
878                 {
879                         struct berval   *bv;
880                         
881                         for ( bv = (*ap)->a_vals; !BER_BVISNULL( bv ); bv++ ) {
882                                 struct berval   mapped;
883
884                                 rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
885                                 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
886                                         ch_free( bv[0].bv_val );
887                                         BER_BVZERO( &bv[0] );
888                                         if ( &(*ap)->a_vals[last] > &bv[0] ) {
889                                                 bv[0] = (*ap)->a_vals[last];
890                                                 BER_BVZERO( &(*ap)->a_vals[last] );
891                                         }
892                                         last--;
893                                         bv--;
894
895                                 } else if ( mapped.bv_val != bv[0].bv_val ) {
896                                         /*
897                                          * FIXME: after LBER_FREEing
898                                          * the value is replaced by
899                                          * ch_alloc'ed memory
900                                          */
901                                         ch_free( bv[0].bv_val );
902                                         ber_dupbv( &bv[0], &mapped );
903                                 }
904                         }
905
906                 /*
907                  * It is necessary to try to rewrite attributes with
908                  * dn syntax because they might be used in ACLs as
909                  * members of groups; since ACLs are applied to the
910                  * rewritten stuff, no dn-based subject clause could
911                  * be used at the ldap backend side (see
912                  * http://www.OpenLDAP.org/faq/data/cache/452.html)
913                  * The problem can be overcome by moving the dn-based
914                  * ACLs to the target directory server, and letting
915                  * everything pass thru the ldap backend. */
916                 /* FIXME: handle distinguishedName-like syntaxes, like
917                  * nameAndOptionalUID */
918                 } else if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
919                                 || ( mapping != NULL && mapping->m_src_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
920                 {
921 #ifdef ENABLE_REWRITE
922                         dc.ctx = "searchAttrDN";
923 #endif /* ENABLE_REWRITE */
924                         rc = rwm_dnattr_result_rewrite( &dc, (*ap)->a_vals );
925                         if ( rc != LDAP_SUCCESS ) {
926                                 goto cleanup_attr;
927                         }
928
929                 } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
930 #ifdef ENABLE_REWRITE
931                         dc.ctx = "searchAttrDN";
932 #endif /* ENABLE_REWRITE */
933                         rc = rwm_referral_result_rewrite( &dc, (*ap)->a_vals );
934                         if ( rc != LDAP_SUCCESS ) {
935                                 goto cleanup_attr;
936                         }
937                 }
938
939                 if ( mapping != NULL ) {
940                         /* rewrite the attribute description */
941                         assert( mapping->m_dst_ad );
942                         (*ap)->a_desc = mapping->m_dst_ad;
943                 }
944
945 next_attr:;
946                 ap = &(*ap)->a_next;
947                 continue;
948
949 cleanup_attr:;
950                 a = *ap;
951                 *ap = (*ap)->a_next;
952
953                 attr_free( a );
954         }
955
956         return 0;
957 }
958
959 static int
960 rwm_send_entry( Operation *op, SlapReply *rs )
961 {
962         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
963         struct ldaprwmap        *rwmap = 
964                         (struct ldaprwmap *)on->on_bi.bi_private;
965
966         Entry                   *e = NULL;
967         int                     flags;
968         struct berval           dn = BER_BVNULL,
969                                 ndn = BER_BVNULL;
970         dncookie                dc;
971         int                     rc;
972
973         assert( rs->sr_entry );
974
975         /*
976          * Rewrite the dn of the result, if needed
977          */
978         dc.rwmap = rwmap;
979 #ifdef ENABLE_REWRITE
980         dc.conn = op->o_conn;
981         dc.rs = NULL; 
982         dc.ctx = "searchEntryDN";
983 #else /* ! ENABLE_REWRITE */
984         dc.tofrom = 0;
985         dc.normalized = 0;
986 #endif /* ! ENABLE_REWRITE */
987
988         e = rs->sr_entry;
989         flags = rs->sr_flags;
990         if ( !( rs->sr_flags & REP_ENTRY_MODIFIABLE ) ) {
991                 /* FIXME: all we need to duplicate are:
992                  * - dn
993                  * - ndn
994                  * - attributes that are requested
995                  * - no values if attrsonly is set
996                  */
997
998                 e = entry_dup( e );
999                 if ( e == NULL ) {
1000                         rc = LDAP_NO_MEMORY;
1001                         goto fail;
1002                 }
1003
1004                 flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
1005         }
1006
1007         /*
1008          * Note: this may fail if the target host(s) schema differs
1009          * from the one known to the meta, and a DN with unknown
1010          * attributes is returned.
1011          */
1012         dn = e->e_name;
1013         ndn = e->e_nname;
1014         rc = rwm_dn_massage_pretty_normalize( &dc, &e->e_name, &dn, &ndn );
1015         if ( rc != LDAP_SUCCESS ) {
1016                 rc = 1;
1017                 goto fail;
1018         }
1019
1020         if ( e->e_name.bv_val != dn.bv_val ) {
1021                 ch_free( e->e_name.bv_val );
1022                 ch_free( e->e_nname.bv_val );
1023
1024                 e->e_name = dn;
1025                 e->e_nname = ndn;
1026         }
1027
1028         /* TODO: map entry attribute types, objectclasses 
1029          * and dn-valued attribute values */
1030
1031         /* FIXME: the entries are in the remote mapping form;
1032          * so we need to select those attributes we are willing
1033          * to return, and remap them accordingly */
1034         (void)rwm_attrs( op, rs, &e->e_attrs, 1 );
1035
1036 #if 0
1037         if ( rs->sr_operational_attrs ) {
1038                 (void)rwm_attrs( op, rs, &rs->sr_operational_attrs, 0 );
1039         }
1040 #endif
1041
1042         rs->sr_entry = e;
1043         rs->sr_flags = flags;
1044
1045         return SLAP_CB_CONTINUE;
1046
1047 fail:;
1048         if ( e != NULL && e != rs->sr_entry ) {
1049                 if ( e->e_name.bv_val == dn.bv_val ) {
1050                         BER_BVZERO( &e->e_name );
1051                 }
1052
1053                 if ( e->e_nname.bv_val == ndn.bv_val ) {
1054                         BER_BVZERO( &e->e_nname );
1055                 }
1056
1057                 entry_free( e );
1058         }
1059
1060         if ( !BER_BVISNULL( &dn ) ) {
1061                 ch_free( dn.bv_val );
1062         }
1063
1064         if ( !BER_BVISNULL( &ndn ) ) {
1065                 ch_free( ndn.bv_val );
1066         }
1067
1068         return rc;
1069 }
1070
1071 static int
1072 rwm_operational( Operation *op, SlapReply *rs )
1073 {
1074         /* FIXME: the entries are in the remote mapping form;
1075          * so we need to select those attributes we are willing
1076          * to return, and remap them accordingly */
1077         if ( rs->sr_operational_attrs ) {
1078                 rwm_attrs( op, rs, &rs->sr_operational_attrs, 1 );
1079         }
1080
1081         return SLAP_CB_CONTINUE;
1082 }
1083
1084 #if 0
1085 /* don't use this; it cannot be reverted, and leaves op->o_req_dn
1086  * rewritten for subsequent operations; fine for plain suffixmassage,
1087  * but destroys everything else */
1088 static int
1089 rwm_chk_referrals( Operation *op, SlapReply *rs )
1090 {
1091         slap_overinst           *on = (slap_overinst *) op->o_bd->bd_info;
1092         int                     rc;
1093
1094 #ifdef ENABLE_REWRITE
1095         rc = rwm_op_dn_massage( op, rs, "referralCheckDN" );
1096 #else /* ! ENABLE_REWRITE */
1097         rc = 1;
1098         rc = rwm_op_dn_massage( op, rs, &rc );
1099 #endif /* ! ENABLE_REWRITE */
1100         if ( rc != LDAP_SUCCESS ) {
1101                 op->o_bd->bd_info = (BackendInfo *)on->on_info;
1102                 send_ldap_error( op, rs, rc, "referralCheckDN massage error" );
1103                 return -1;
1104         }
1105
1106         return SLAP_CB_CONTINUE;
1107 }
1108 #endif
1109
1110 static int
1111 rwm_rw_config(
1112     BackendDB   *be,
1113     const char  *fname,
1114     int         lineno,
1115     int         argc,
1116     char        **argv
1117 )
1118 {
1119 #ifdef ENABLE_REWRITE
1120         slap_overinst           *on = (slap_overinst *) be->bd_info;
1121         struct ldaprwmap        *rwmap = 
1122                         (struct ldaprwmap *)on->on_bi.bi_private;
1123
1124         return rewrite_parse( rwmap->rwm_rw,
1125                                 fname, lineno, argc, argv );
1126
1127 #else /* !ENABLE_REWRITE */
1128         fprintf( stderr, "%s: line %d: rewrite capabilities "
1129                         "are not enabled\n", fname, lineno );
1130 #endif /* !ENABLE_REWRITE */
1131                 
1132         return 0;
1133 }
1134
1135 static int
1136 rwm_suffixmassage_config(
1137     BackendDB   *be,
1138     const char  *fname,
1139     int         lineno,
1140     int         argc,
1141     char        **argv
1142 )
1143 {
1144         slap_overinst           *on = (slap_overinst *) be->bd_info;
1145         struct ldaprwmap        *rwmap = 
1146                         (struct ldaprwmap *)on->on_bi.bi_private;
1147
1148         struct berval           bvnc, nvnc, pvnc, brnc, nrnc, prnc;
1149         int                     massaged;
1150 #ifdef ENABLE_REWRITE
1151         int                     rc;
1152 #endif /* ENABLE_REWRITE */
1153                 
1154         /*
1155          * syntax:
1156          * 
1157          *      suffixmassage [<suffix>] <massaged suffix>
1158          *
1159          * the [<suffix>] field must be defined as a valid suffix
1160          * for the current database;
1161          * the <massaged suffix> shouldn't have already been
1162          * defined as a valid suffix for the current server
1163          */
1164         if ( argc == 2 ) {
1165                 if ( be->be_suffix == NULL ) {
1166                         fprintf( stderr, "%s: line %d: "
1167                                        " \"suffixMassage [<suffix>]"
1168                                        " <massaged suffix>\" without "
1169                                        "<suffix> part requires database "
1170                                        "suffix be defined first.\n",
1171                                 fname, lineno );
1172                         return 1;
1173                 }
1174                 bvnc = be->be_suffix[ 0 ];
1175                 massaged = 1;
1176
1177         } else if ( argc == 3 ) {
1178                 ber_str2bv( argv[ 1 ], 0, 0, &bvnc );
1179                 massaged = 2;
1180
1181         } else  {
1182                 fprintf( stderr, "%s: line %d: syntax is"
1183                                " \"suffixMassage [<suffix>]"
1184                                " <massaged suffix>\"\n",
1185                         fname, lineno );
1186                 return 1;
1187         }
1188
1189         if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
1190                 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1191                         fname, lineno, bvnc.bv_val );
1192                 return 1;
1193         }
1194
1195         ber_str2bv( argv[ massaged ], 0, 0, &brnc );
1196         if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
1197                 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1198                                 fname, lineno, brnc.bv_val );
1199                 free( nvnc.bv_val );
1200                 free( pvnc.bv_val );
1201                 return 1;
1202         }
1203
1204 #ifdef ENABLE_REWRITE
1205         /*
1206          * The suffix massaging is emulated 
1207          * by means of the rewrite capabilities
1208          */
1209         rc = rwm_suffix_massage_config( rwmap->rwm_rw,
1210                         &pvnc, &nvnc, &prnc, &nrnc );
1211         free( nvnc.bv_val );
1212         free( pvnc.bv_val );
1213         free( nrnc.bv_val );
1214         free( prnc.bv_val );
1215
1216         return( rc );
1217
1218 #else /* !ENABLE_REWRITE */
1219         ber_bvarray_add( &rwmap->rwm_suffix_massage, &pvnc );
1220         ber_bvarray_add( &rwmap->rwm_suffix_massage, &nvnc );
1221                 
1222         ber_bvarray_add( &rwmap->rwm_suffix_massage, &prnc );
1223         ber_bvarray_add( &rwmap->rwm_suffix_massage, &nrnc );
1224 #endif /* !ENABLE_REWRITE */
1225
1226         return 0;
1227 }
1228
1229 static int
1230 rwm_m_config(
1231     BackendDB   *be,
1232     const char  *fname,
1233     int         lineno,
1234     int         argc,
1235     char        **argv
1236 )
1237 {
1238         slap_overinst           *on = (slap_overinst *) be->bd_info;
1239         struct ldaprwmap        *rwmap = 
1240                         (struct ldaprwmap *)on->on_bi.bi_private;
1241
1242         /* objectclass/attribute mapping */
1243         return rwm_map_config( &rwmap->rwm_oc,
1244                         &rwmap->rwm_at,
1245                         fname, lineno, argc, argv );
1246 }
1247
1248 static int
1249 rwm_response( Operation *op, SlapReply *rs )
1250 {
1251         slap_overinst           *on = (slap_overinst *)op->o_bd->bd_info;
1252         struct ldaprwmap        *rwmap = 
1253                         (struct ldaprwmap *)on->on_bi.bi_private;
1254
1255         int             rc;
1256
1257         if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH ) {
1258                 return rwm_send_entry( op, rs );
1259         }
1260
1261         switch( op->o_tag ) {
1262         case LDAP_REQ_SEARCH:
1263                 /* Note: the operation attrs are remapped */
1264                 if ( rs->sr_type == REP_RESULT
1265                                 && op->ors_attrs != NULL
1266                                 && op->ors_attrs != rs->sr_attrs )
1267                 {
1268                         ch_free( op->ors_attrs );
1269                         op->ors_attrs = rs->sr_attrs;
1270                 }
1271                 /* fall thru */
1272
1273         case LDAP_REQ_BIND:
1274         case LDAP_REQ_ADD:
1275         case LDAP_REQ_DELETE:
1276         case LDAP_REQ_MODRDN:
1277         case LDAP_REQ_MODIFY:
1278         case LDAP_REQ_COMPARE:
1279         case LDAP_REQ_EXTENDED:
1280                 if ( rs->sr_ref ) {
1281                         dncookie                dc;
1282
1283                         /*
1284                          * Rewrite the dn of the referrals, if needed
1285                          */
1286                         dc.rwmap = rwmap;
1287 #ifdef ENABLE_REWRITE
1288                         dc.conn = op->o_conn;
1289                         dc.rs = NULL; 
1290                         dc.ctx = "referralDN";
1291 #else /* ! ENABLE_REWRITE */
1292                         dc.tofrom = 0;
1293                         dc.normalized = 0;
1294 #endif /* ! ENABLE_REWRITE */
1295                         rc = rwm_referral_result_rewrite( &dc, rs->sr_ref );
1296                         if ( rc != LDAP_SUCCESS ) {
1297                                 rc = 1;
1298                                 break;
1299                         }
1300                 }
1301                 rc = rwm_matched( op, rs );
1302                 break;
1303
1304         default:
1305                 rc = SLAP_CB_CONTINUE;
1306                 break;
1307         }
1308
1309         return rc;
1310 }
1311
1312 static int
1313 rwm_db_config(
1314     BackendDB   *be,
1315     const char  *fname,
1316     int         lineno,
1317     int         argc,
1318     char        **argv
1319 )
1320 {
1321         slap_overinst           *on = (slap_overinst *) be->bd_info;
1322         struct ldaprwmap        *rwmap = 
1323                         (struct ldaprwmap *)on->on_bi.bi_private;
1324
1325         int             rc = 0;
1326         char            *argv0 = NULL;
1327
1328         if ( strncasecmp( argv[ 0 ], "rwm-", STRLENOF( "rwm-" ) ) == 0 ) {
1329                 argv0 = argv[ 0 ];
1330                 argv[ 0 ] = &argv0[ STRLENOF( "rwm-" ) ];
1331         }
1332
1333         if ( strncasecmp( argv[0], "rewrite", STRLENOF("rewrite") ) == 0 ) {
1334                 rc = rwm_rw_config( be, fname, lineno, argc, argv );
1335
1336         } else if ( strcasecmp( argv[0], "map" ) == 0 ) {
1337                 rc = rwm_m_config( be, fname, lineno, argc, argv );
1338
1339         } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
1340                 rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
1341
1342         } else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
1343                 if ( argc != 2 ) {
1344                         fprintf( stderr,
1345                 "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
1346                                         fname, lineno );
1347                         return( 1 );
1348                 }
1349
1350                 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
1351                         rwmap->rwm_flags &= ~(RWM_F_SUPPORT_T_F|RWM_F_SUPPORT_T_F_DISCOVER);
1352
1353                 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
1354                         rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
1355
1356 #if 0
1357                 /* TODO: not implemented yet */
1358                 } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
1359                         rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
1360 #endif
1361
1362                 } else {
1363                         fprintf( stderr,
1364         "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
1365                                 fname, lineno, argv[ 1 ] );
1366                         return 1;
1367                 }
1368
1369         } else {
1370                 rc = SLAP_CONF_UNKNOWN;
1371         }
1372
1373         if ( argv0 ) {
1374                 argv[ 0 ] = argv0;
1375         }
1376
1377         return rc;
1378 }
1379
1380 static int
1381 rwm_db_init(
1382         BackendDB *be
1383 )
1384 {
1385         slap_overinst           *on = (slap_overinst *) be->bd_info;
1386         struct ldapmapping      *mapping = NULL;
1387         struct ldaprwmap        *rwmap;
1388
1389         rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
1390         memset(rwmap, 0, sizeof(struct ldaprwmap));
1391
1392 #ifdef ENABLE_REWRITE
1393         rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
1394         if ( rwmap->rwm_rw == NULL ) {
1395                 ch_free( rwmap );
1396                 return -1;
1397         }
1398
1399         {
1400                 char    *rargv[3];
1401
1402                 /* this rewriteContext by default must be null;
1403                  * rules can be added if required */
1404                 rargv[ 0 ] = "rewriteContext";
1405                 rargv[ 1 ] = "searchFilter";
1406                 rargv[ 2 ] = NULL;
1407                 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
1408
1409                 rargv[ 0 ] = "rewriteContext";
1410                 rargv[ 1 ] = "default";
1411                 rargv[ 2 ] = NULL;
1412                 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
1413         }
1414         
1415 #endif /* ENABLE_REWRITE */
1416
1417         if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
1418                         rwm_map_init( &rwmap->rwm_at, &mapping ) != LDAP_SUCCESS )
1419         {
1420                 return 1;
1421         }
1422
1423         on->on_bi.bi_private = (void *)rwmap;
1424
1425         return 0;
1426 }
1427
1428 static int
1429 rwm_db_destroy(
1430         BackendDB *be
1431 )
1432 {
1433         slap_overinst   *on = (slap_overinst *) be->bd_info;
1434         int             rc = 0;
1435
1436         if ( on->on_bi.bi_private ) {
1437                 struct ldaprwmap        *rwmap = 
1438                         (struct ldaprwmap *)on->on_bi.bi_private;
1439
1440 #ifdef ENABLE_REWRITE
1441                 if (rwmap->rwm_rw) {
1442                         rewrite_info_delete( &rwmap->rwm_rw );
1443                 }
1444 #else /* !ENABLE_REWRITE */
1445                 if ( rwmap->rwm_suffix_massage ) {
1446                         ber_bvarray_free( rwmap->rwm_suffix_massage );
1447                 }
1448 #endif /* !ENABLE_REWRITE */
1449
1450                 avl_free( rwmap->rwm_oc.remap, NULL );
1451                 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
1452                 avl_free( rwmap->rwm_at.remap, NULL );
1453                 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
1454         }
1455
1456         return rc;
1457 }
1458
1459 static slap_overinst rwm = { { NULL } };
1460
1461 int
1462 rwm_init(void)
1463 {
1464         memset( &rwm, 0, sizeof( slap_overinst ) );
1465
1466         rwm.on_bi.bi_type = "rwm";
1467
1468         rwm.on_bi.bi_db_init = rwm_db_init;
1469         rwm.on_bi.bi_db_config = rwm_db_config;
1470         rwm.on_bi.bi_db_destroy = rwm_db_destroy;
1471
1472         rwm.on_bi.bi_op_bind = rwm_op_bind;
1473         rwm.on_bi.bi_op_search = rwm_op_search;
1474         rwm.on_bi.bi_op_compare = rwm_op_compare;
1475         rwm.on_bi.bi_op_modify = rwm_op_modify;
1476         rwm.on_bi.bi_op_modrdn = rwm_op_modrdn;
1477         rwm.on_bi.bi_op_add = rwm_op_add;
1478         rwm.on_bi.bi_op_delete = rwm_op_delete;
1479         rwm.on_bi.bi_op_unbind = rwm_op_unbind;
1480         rwm.on_bi.bi_extended = rwm_extended;
1481
1482         rwm.on_bi.bi_operational = rwm_operational;
1483         rwm.on_bi.bi_chk_referrals = 0 /* rwm_chk_referrals */ ;
1484
1485         rwm.on_response = rwm_response;
1486
1487         return overlay_register( &rwm );
1488 }
1489
1490 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
1491 int
1492 init_module( int argc, char *argv[] )
1493 {
1494         return rwm_init();
1495 }
1496 #endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
1497
1498 #endif /* SLAPD_OVER_RWM */
Cloned from git://git.openldap.org/openldap.git