1 /* rwm.c - rewrite/remap operations */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2008 The OpenLDAP Foundation.
6 * Portions Copyright 2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
24 #include <ac/string.h>
31 typedef struct rwm_op_state {
37 AttributeName *mapped_attrs;
42 rwm_db_destroy( BackendDB *be, ConfigReply *cr );
44 typedef struct rwm_op_cb {
50 rwm_op_rollback( Operation *op, SlapReply *rs, rwm_op_state *ros )
52 if ( !BER_BVISNULL( &ros->ro_dn ) ) {
53 op->o_req_dn = ros->ro_dn;
55 if ( !BER_BVISNULL( &ros->ro_ndn ) ) {
56 op->o_req_ndn = ros->ro_ndn;
59 if ( !BER_BVISNULL( &ros->r_dn )
60 && ros->r_dn.bv_val != ros->ro_dn.bv_val )
62 assert( ros->r_dn.bv_val != ros->r_ndn.bv_val );
63 ch_free( ros->r_dn.bv_val );
64 BER_BVZERO( &ros->r_dn );
67 if ( !BER_BVISNULL( &ros->r_ndn )
68 && ros->r_ndn.bv_val != ros->ro_ndn.bv_val )
70 ch_free( ros->r_ndn.bv_val );
71 BER_BVZERO( &ros->r_ndn );
74 BER_BVZERO( &ros->ro_dn );
75 BER_BVZERO( &ros->ro_ndn );
77 switch( ros->r_tag ) {
78 case LDAP_REQ_COMPARE:
79 if ( op->orc_ava->aa_value.bv_val != ros->orc_ava->aa_value.bv_val )
80 op->o_tmpfree( op->orc_ava->aa_value.bv_val, op->o_tmpmemctx );
81 op->orc_ava = ros->orc_ava;
84 slap_mods_free( op->orm_modlist, 1 );
85 op->orm_modlist = ros->orm_modlist;
88 if ( op->orr_newSup != ros->orr_newSup ) {
89 ch_free( op->orr_newSup->bv_val );
90 ch_free( op->orr_nnewSup->bv_val );
91 op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
92 op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
93 op->orr_newSup = ros->orr_newSup;
94 op->orr_nnewSup = ros->orr_nnewSup;
98 ch_free( ros->mapped_attrs );
99 filter_free_x( op, op->ors_filter, 1 );
100 ch_free( op->ors_filterstr.bv_val );
101 op->ors_attrs = ros->ors_attrs;
102 op->ors_filter = ros->ors_filter;
103 op->ors_filterstr = ros->ors_filterstr;
105 case LDAP_REQ_EXTENDED:
106 if ( op->ore_reqdata != ros->ore_reqdata ) {
107 ber_bvfree( op->ore_reqdata );
108 op->ore_reqdata = ros->ore_reqdata;
112 if ( rs->sr_err == LDAP_SUCCESS ) {
114 ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
115 /* too late, c_mutex released */
116 fprintf( stderr, "*** DN: \"%s\" => \"%s\"\n",
117 op->o_conn->c_ndn.bv_val,
118 op->o_req_ndn.bv_val );
119 ber_bvreplace( &op->o_conn->c_ndn,
121 ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
130 rwm_op_cleanup( Operation *op, SlapReply *rs )
132 slap_callback *cb = op->o_callback;
133 rwm_op_state *ros = cb->sc_private;
135 if ( rs->sr_type == REP_RESULT || rs->sr_type == REP_EXTENDED ||
136 op->o_abandon || rs->sr_err == SLAPD_ABANDON )
138 rwm_op_rollback( op, rs, ros );
140 op->o_callback = op->o_callback->sc_next;
141 op->o_tmpfree( cb, op->o_tmpmemctx );
144 return SLAP_CB_CONTINUE;
148 rwm_callback_get( Operation *op, SlapReply *rs )
150 rwm_op_cb *roc = NULL;
152 roc = op->o_tmpalloc( sizeof( struct rwm_op_cb ), op->o_tmpmemctx );
153 roc->cb.sc_cleanup = rwm_op_cleanup;
154 roc->cb.sc_response = NULL;
155 roc->cb.sc_next = op->o_callback;
156 roc->cb.sc_private = &roc->ros;
157 roc->ros.r_tag = op->o_tag;
158 roc->ros.ro_dn = op->o_req_dn;
159 roc->ros.ro_ndn = op->o_req_ndn;
160 roc->ros.o_request = op->o_request;
161 BER_BVZERO( &roc->ros.r_dn );
162 BER_BVZERO( &roc->ros.r_ndn );
169 rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie,
172 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
173 struct ldaprwmap *rwmap =
174 (struct ldaprwmap *)on->on_bi.bi_private;
176 struct berval dn = BER_BVNULL,
182 * Rewrite the dn if needed
185 dc.conn = op->o_conn;
187 dc.ctx = (char *)cookie;
189 /* NOTE: in those cases where only the ndn is available,
190 * and the caller sets op->o_req_dn = op->o_req_ndn,
191 * only rewrite the op->o_req_ndn and use it as
192 * op->o_req_dn as well */
194 if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
196 rc = rwm_dn_massage_pretty_normalize( &dc, &op->o_req_dn, &dn, &ndn );
198 rc = rwm_dn_massage_normalize( &dc, &op->o_req_ndn, &ndn );
201 if ( rc != LDAP_SUCCESS ) {
205 if ( ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val && dn.bv_val == op->o_req_dn.bv_val )
206 || ndn.bv_val == op->o_req_ndn.bv_val )
211 if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
213 assert( BER_BVISNULL( &ros->r_dn ) );
219 assert( BER_BVISNULL( &ros->r_ndn ) );
226 rwm_op_add( Operation *op, SlapReply *rs )
228 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
229 struct ldaprwmap *rwmap =
230 (struct ldaprwmap *)on->on_bi.bi_private;
234 Attribute **ap = NULL;
235 char *olddn = op->o_req_dn.bv_val;
238 rwm_op_cb *roc = rwm_callback_get( op, rs );
240 rc = rwm_op_dn_massage( op, rs, "addDN", &roc->ros );
241 if ( rc != LDAP_SUCCESS ) {
242 op->o_bd->bd_info = (BackendInfo *)on->on_info;
243 send_ldap_error( op, rs, rc, "addDN massage error" );
247 if ( olddn != op->o_req_dn.bv_val ) {
248 ber_bvreplace( &op->ora_e->e_name, &op->o_req_dn );
249 ber_bvreplace( &op->ora_e->e_nname, &op->o_req_ndn );
252 /* Count number of attributes in entry */
253 isupdate = be_shadow_update( op );
254 for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
257 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass ||
258 (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
262 last = (*ap)->a_numvals - 1;
263 for ( j = 0; !BER_BVISNULL( &(*ap)->a_vals[ j ] ); j++ ) {
264 struct ldapmapping *mapping = NULL;
266 ( void )rwm_mapping( &rwmap->rwm_oc, &(*ap)->a_vals[ j ],
268 if ( mapping == NULL ) {
269 if ( rwmap->rwm_at.drop_missing ) {
270 /* FIXME: we allow to remove objectClasses as well;
271 * if the resulting entry is inconsistent, that's
272 * the relayed database's business...
274 ch_free( (*ap)->a_vals[ j ].bv_val );
276 (*ap)->a_vals[ j ] = (*ap)->a_vals[ last ];
278 BER_BVZERO( &(*ap)->a_vals[ last ] );
285 ch_free( (*ap)->a_vals[ j ].bv_val );
286 ber_dupbv( &(*ap)->a_vals[ j ], &mapping->m_dst );
290 } else if ( !isupdate && !get_relax( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
295 struct ldapmapping *mapping = NULL;
297 ( void )rwm_mapping( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
299 if ( mapping == NULL ) {
300 if ( rwmap->rwm_at.drop_missing ) {
305 if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
306 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
309 * FIXME: rewrite could fail; in this case
310 * the operation should give up, right?
312 rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
314 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
319 } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
320 rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
322 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
323 if ( rc != LDAP_SUCCESS ) {
328 if ( mapping != NULL ) {
329 assert( mapping->m_dst_ad != NULL );
330 (*ap)->a_desc = mapping->m_dst_ad;
339 /* FIXME: leaking attribute/values? */
346 op->o_callback = &roc->cb;
348 return SLAP_CB_CONTINUE;
352 rwm_conn_init( BackendDB *be, Connection *conn )
354 slap_overinst *on = (slap_overinst *) be->bd_info;
355 struct ldaprwmap *rwmap =
356 (struct ldaprwmap *)on->on_bi.bi_private;
358 ( void )rewrite_session_init( rwmap->rwm_rw, conn );
360 return SLAP_CB_CONTINUE;
364 rwm_conn_destroy( BackendDB *be, Connection *conn )
366 slap_overinst *on = (slap_overinst *) be->bd_info;
367 struct ldaprwmap *rwmap =
368 (struct ldaprwmap *)on->on_bi.bi_private;
370 ( void )rewrite_session_delete( rwmap->rwm_rw, conn );
372 return SLAP_CB_CONTINUE;
376 rwm_op_bind( Operation *op, SlapReply *rs )
378 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
381 rwm_op_cb *roc = rwm_callback_get( op, rs );
383 rc = rwm_op_dn_massage( op, rs, "bindDN", &roc->ros );
384 if ( rc != LDAP_SUCCESS ) {
385 op->o_bd->bd_info = (BackendInfo *)on->on_info;
386 send_ldap_error( op, rs, rc, "bindDN massage error" );
390 overlay_callback_after_backover( op, &roc->cb, 1 );
392 return SLAP_CB_CONTINUE;
396 rwm_op_unbind( Operation *op, SlapReply *rs )
398 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
399 struct ldaprwmap *rwmap =
400 (struct ldaprwmap *)on->on_bi.bi_private;
402 rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
404 return SLAP_CB_CONTINUE;
408 rwm_op_compare( Operation *op, SlapReply *rs )
410 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
411 struct ldaprwmap *rwmap =
412 (struct ldaprwmap *)on->on_bi.bi_private;
415 struct berval mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
417 rwm_op_cb *roc = rwm_callback_get( op, rs );
419 rc = rwm_op_dn_massage( op, rs, "compareDN", &roc->ros );
420 if ( rc != LDAP_SUCCESS ) {
421 op->o_bd->bd_info = (BackendInfo *)on->on_info;
422 send_ldap_error( op, rs, rc, "compareDN massage error" );
426 /* if the attribute is an objectClass, try to remap its value */
427 if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass
428 || op->orc_ava->aa_desc == slap_schema.si_ad_structuralObjectClass )
430 rwm_map( &rwmap->rwm_oc, &op->orc_ava->aa_value,
431 &mapped_vals[0], RWM_MAP );
432 if ( BER_BVISNULL( &mapped_vals[0] ) || BER_BVISEMPTY( &mapped_vals[0] ) )
434 op->o_bd->bd_info = (BackendInfo *)on->on_info;
435 send_ldap_error( op, rs, LDAP_OTHER, "compare objectClass map error" );
438 } else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
439 ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
444 struct ldapmapping *mapping = NULL;
445 AttributeDescription *ad = op->orc_ava->aa_desc;
447 ( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
449 if ( mapping == NULL ) {
450 if ( rwmap->rwm_at.drop_missing ) {
451 op->o_bd->bd_info = (BackendInfo *)on->on_info;
452 send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
457 assert( mapping->m_dst_ad != NULL );
458 ad = mapping->m_dst_ad;
461 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
462 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
464 struct berval *mapped_valsp[2];
466 mapped_valsp[0] = &mapped_vals[0];
467 mapped_valsp[1] = &mapped_vals[1];
469 mapped_vals[0] = op->orc_ava->aa_value;
471 rc = rwm_dnattr_rewrite( op, rs, "compareAttrDN", NULL, mapped_valsp );
473 if ( rc != LDAP_SUCCESS ) {
474 op->o_bd->bd_info = (BackendInfo *)on->on_info;
475 send_ldap_error( op, rs, rc, "compareAttrDN massage error" );
479 if ( mapped_vals[ 0 ].bv_val != op->orc_ava->aa_value.bv_val ) {
480 /* NOTE: if we get here, rwm_dnattr_rewrite()
481 * already freed the old value, so now
483 ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
485 ber_memfree_x( mapped_vals[ 0 ].bv_val, NULL );
488 op->orc_ava->aa_desc = ad;
491 op->o_callback = &roc->cb;
493 return SLAP_CB_CONTINUE;
497 rwm_op_delete( Operation *op, SlapReply *rs )
499 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
502 rwm_op_cb *roc = rwm_callback_get( op, rs );
504 rc = rwm_op_dn_massage( op, rs, "deleteDN", &roc->ros );
505 if ( rc != LDAP_SUCCESS ) {
506 op->o_bd->bd_info = (BackendInfo *)on->on_info;
507 send_ldap_error( op, rs, rc, "deleteDN massage error" );
511 op->o_callback = &roc->cb;
513 return SLAP_CB_CONTINUE;
517 rwm_op_modify( Operation *op, SlapReply *rs )
519 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
520 struct ldaprwmap *rwmap =
521 (struct ldaprwmap *)on->on_bi.bi_private;
527 rwm_op_cb *roc = rwm_callback_get( op, rs );
529 rc = rwm_op_dn_massage( op, rs, "modifyDN", &roc->ros );
530 if ( rc != LDAP_SUCCESS ) {
531 op->o_bd->bd_info = (BackendInfo *)on->on_info;
532 send_ldap_error( op, rs, rc, "modifyDN massage error" );
536 isupdate = be_shadow_update( op );
537 for ( mlp = &op->orm_modlist; *mlp; ) {
539 Modifications *ml = *mlp;
540 struct ldapmapping *mapping = NULL;
542 /* ml points to a temporary mod until needs duplication */
543 if ( ml->sml_desc == slap_schema.si_ad_objectClass
544 || ml->sml_desc == slap_schema.si_ad_structuralObjectClass )
548 } else if ( !isupdate && !get_relax( op ) && ml->sml_desc->ad_type->sat_no_user_mod )
550 ml = ch_malloc( sizeof( Modifications ) );
552 if ( (*mlp)->sml_values ) {
553 ber_bvarray_dup_x( &ml->sml_values, (*mlp)->sml_values, NULL );
554 if ( (*mlp)->sml_nvalues ) {
555 ber_bvarray_dup_x( &ml->sml_nvalues, (*mlp)->sml_nvalues, NULL );
564 drop_missing = rwm_mapping( &rwmap->rwm_at,
565 &ml->sml_desc->ad_cname,
567 if ( drop_missing || ( mapping != NULL && BER_BVISNULL( &mapping->m_dst ) ) )
573 /* duplicate the modlist */
574 ml = ch_malloc( sizeof( Modifications ));
578 if ( ml->sml_values != NULL ) {
582 for ( num = 0; !BER_BVISNULL( &ml->sml_values[ num ] ); num++ )
585 bva = ch_malloc( (num+1) * sizeof( struct berval ));
586 for (i=0; i<num; i++)
587 ber_dupbv( &bva[i], &ml->sml_values[i] );
588 BER_BVZERO( &bva[i] );
589 ml->sml_values = bva;
591 if ( ml->sml_nvalues ) {
592 bva = ch_malloc( (num+1) * sizeof( struct berval ));
593 for (i=0; i<num; i++)
594 ber_dupbv( &bva[i], &ml->sml_nvalues[i] );
595 BER_BVZERO( &bva[i] );
596 ml->sml_nvalues = bva;
604 for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ ) {
605 struct ldapmapping *oc_mapping = NULL;
607 ( void )rwm_mapping( &rwmap->rwm_oc, &ml->sml_values[ j ],
608 &oc_mapping, RWM_MAP );
609 if ( oc_mapping == NULL ) {
610 if ( rwmap->rwm_at.drop_missing ) {
611 /* FIXME: we allow to remove objectClasses as well;
612 * if the resulting entry is inconsistent, that's
613 * the relayed database's business...
616 ch_free( ml->sml_values[ j ].bv_val );
617 ml->sml_values[ j ] = ml->sml_values[ last ];
619 BER_BVZERO( &ml->sml_values[ last ] );
625 ch_free( ml->sml_values[ j ].bv_val );
626 ber_dupbv( &ml->sml_values[ j ], &oc_mapping->m_dst );
631 if ( ml->sml_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
632 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
634 rc = rwm_dnattr_rewrite( op, rs, "modifyAttrDN",
636 ml->sml_nvalues ? &ml->sml_nvalues : NULL );
638 } else if ( ml->sml_desc == slap_schema.si_ad_ref ) {
639 rc = rwm_referral_rewrite( op, rs,
642 ml->sml_nvalues ? &ml->sml_nvalues : NULL );
643 if ( rc != LDAP_SUCCESS ) {
648 if ( rc != LDAP_SUCCESS ) {
655 if ( mapping != NULL ) {
656 /* use new attribute description */
657 assert( mapping->m_dst_ad != NULL );
658 ml->sml_desc = mapping->m_dst_ad;
666 *mlp = (*mlp)->sml_next;
667 slap_mod_free( &ml->sml_mod, 0 );
671 op->o_callback = &roc->cb;
673 return SLAP_CB_CONTINUE;
677 rwm_op_modrdn( Operation *op, SlapReply *rs )
679 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
680 struct ldaprwmap *rwmap =
681 (struct ldaprwmap *)on->on_bi.bi_private;
685 rwm_op_cb *roc = rwm_callback_get( op, rs );
687 if ( op->orr_newSup ) {
689 struct berval nnewSup = BER_BVNULL;
690 struct berval newSup = BER_BVNULL;
693 * Rewrite the new superior, if defined and required
696 dc.conn = op->o_conn;
698 dc.ctx = "newSuperiorDN";
699 newSup = *op->orr_newSup;
700 nnewSup = *op->orr_nnewSup;
701 rc = rwm_dn_massage_pretty_normalize( &dc, op->orr_newSup, &newSup, &nnewSup );
702 if ( rc != LDAP_SUCCESS ) {
703 op->o_bd->bd_info = (BackendInfo *)on->on_info;
704 send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
708 if ( op->orr_newSup->bv_val != newSup.bv_val ) {
709 op->orr_newSup = op->o_tmpalloc( sizeof( struct berval ),
711 op->orr_nnewSup = op->o_tmpalloc( sizeof( struct berval ),
713 *op->orr_newSup = newSup;
714 *op->orr_nnewSup = nnewSup;
719 * Rewrite the dn, if needed
721 rc = rwm_op_dn_massage( op, rs, "renameDN", &roc->ros );
722 if ( rc != LDAP_SUCCESS ) {
723 op->o_bd->bd_info = (BackendInfo *)on->on_info;
724 send_ldap_error( op, rs, rc, "renameDN massage error" );
725 if ( op->orr_newSup != roc->ros.orr_newSup ) {
726 ch_free( op->orr_newSup->bv_val );
727 ch_free( op->orr_nnewSup->bv_val );
728 op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
729 op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
730 op->orr_newSup = roc->ros.orr_newSup;
731 op->orr_nnewSup = roc->ros.orr_nnewSup;
736 /* TODO: rewrite newRDN, attribute types,
737 * values of DN-valued attributes ... */
739 op->o_callback = &roc->cb;
741 return SLAP_CB_CONTINUE;
746 rwm_swap_attrs( Operation *op, SlapReply *rs )
748 slap_callback *cb = op->o_callback;
749 rwm_op_state *ros = cb->sc_private;
751 rs->sr_attrs = ros->ors_attrs;
753 /* other overlays might have touched op->ors_attrs,
754 * so we restore the original version here, otherwise
755 * attribute-mapping might fail */
756 op->ors_attrs = ros->mapped_attrs;
758 return SLAP_CB_CONTINUE;
762 rwm_op_search( Operation *op, SlapReply *rs )
764 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
765 struct ldaprwmap *rwmap =
766 (struct ldaprwmap *)on->on_bi.bi_private;
771 struct berval fstr = BER_BVNULL;
774 AttributeName *an = NULL;
778 rwm_op_cb *roc = rwm_callback_get( op, rs );
780 rc = rewrite_session_var_set( rwmap->rwm_rw, op->o_conn,
781 "searchFilter", op->ors_filterstr.bv_val );
782 if ( rc == LDAP_SUCCESS )
783 rc = rwm_op_dn_massage( op, rs, "searchDN", &roc->ros );
784 if ( rc != LDAP_SUCCESS ) {
785 text = "searchDN massage error";
790 * Rewrite the dn if needed
793 dc.conn = op->o_conn;
795 dc.ctx = "searchFilterAttrDN";
797 rc = rwm_filter_map_rewrite( op, &dc, op->ors_filter, &fstr );
798 if ( rc != LDAP_SUCCESS ) {
799 text = "searchFilter/searchFilterAttrDN massage error";
803 f = str2filter_x( op, fstr.bv_val );
806 text = "massaged filter parse error";
811 op->ors_filterstr = fstr;
813 rc = rwm_map_attrnames( &rwmap->rwm_at, &rwmap->rwm_oc,
814 op->ors_attrs, &an, RWM_MAP );
815 if ( rc != LDAP_SUCCESS ) {
816 text = "attribute list mapping error";
821 /* store the mapped Attributes for later usage, in
822 * the case that other overlays change op->ors_attrs */
823 roc->ros.mapped_attrs = an;
824 roc->cb.sc_response = rwm_swap_attrs;
826 op->o_callback = &roc->cb;
828 return SLAP_CB_CONTINUE;
836 filter_free_x( op, f, 1 );
839 if ( !BER_BVISNULL( &fstr ) ) {
840 ch_free( fstr.bv_val );
843 rwm_op_rollback( op, rs, &roc->ros );
844 op->oq_search = roc->ros.oq_search;
845 op->o_tmpfree( roc, op->o_tmpmemctx );
847 op->o_bd->bd_info = (BackendInfo *)on->on_info;
848 send_ldap_error( op, rs, rc, text );
855 rwm_exop_passwd( Operation *op, SlapReply *rs )
857 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
861 struct berval id = BER_BVNULL,
864 BerElement *ber = NULL;
866 if ( !BER_BVISNULL( &op->o_req_ndn ) ) {
870 if ( !SLAP_ISGLOBALOVERLAY( op->o_bd ) ) {
871 rs->sr_err = LDAP_OTHER;
875 rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
876 &pwold, &pwnew, &rs->sr_text );
877 if ( rs->sr_err != LDAP_SUCCESS ) {
881 if ( !BER_BVISNULL( &id ) ) {
882 char idNul = id.bv_val[id.bv_len];
883 id.bv_val[id.bv_len] = '\0';
884 rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
885 &op->o_req_ndn, op->o_tmpmemctx );
886 id.bv_val[id.bv_len] = idNul;
887 if ( rs->sr_err != LDAP_SUCCESS ) {
888 rs->sr_text = "Invalid DN";
893 ber_dupbv_x( &op->o_req_dn, &op->o_dn, op->o_tmpmemctx );
894 ber_dupbv_x( &op->o_req_ndn, &op->o_ndn, op->o_tmpmemctx );
897 roc = rwm_callback_get( op, rs );
899 rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
900 if ( rc != LDAP_SUCCESS ) {
901 op->o_bd->bd_info = (BackendInfo *)on->on_info;
902 send_ldap_error( op, rs, rc, "extendedDN massage error" );
906 ber = ber_alloc_t( LBER_USE_DER );
908 rs->sr_err = LDAP_OTHER;
909 rs->sr_text = "No memory";
912 ber_printf( ber, "{" );
913 if ( !BER_BVISNULL( &id )) {
914 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID,
917 if ( !BER_BVISNULL( &pwold )) {
918 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &pwold );
920 if ( !BER_BVISNULL( &pwnew )) {
921 ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &pwnew );
923 ber_printf( ber, "N}" );
924 ber_flatten( ber, &op->ore_reqdata );
927 op->o_callback = &roc->cb;
929 return SLAP_CB_CONTINUE;
934 BI_op_extended *extended;
936 { BER_BVC(LDAP_EXOP_MODIFY_PASSWD), rwm_exop_passwd },
941 rwm_extended( Operation *op, SlapReply *rs )
943 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
949 for ( i = 0; exop_table[i].extended != NULL; i++ ) {
950 if ( bvmatch( &exop_table[i].oid, &op->oq_extended.rs_reqoid ) )
952 rc = exop_table[i].extended( op, rs );
957 case SLAP_CB_CONTINUE:
962 send_ldap_result( op, rs );
969 roc = rwm_callback_get( op, rs );
971 rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
972 if ( rc != LDAP_SUCCESS ) {
973 op->o_bd->bd_info = (BackendInfo *)on->on_info;
974 send_ldap_error( op, rs, rc, "extendedDN massage error" );
978 /* TODO: rewrite/map extended data ? ... */
979 op->o_callback = &roc->cb;
981 return SLAP_CB_CONTINUE;
985 rwm_matched( Operation *op, SlapReply *rs )
987 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
988 struct ldaprwmap *rwmap =
989 (struct ldaprwmap *)on->on_bi.bi_private;
991 struct berval dn, mdn;
995 if ( rs->sr_matched == NULL ) {
996 return SLAP_CB_CONTINUE;
1000 dc.conn = op->o_conn;
1002 dc.ctx = "matchedDN";
1003 ber_str2bv( rs->sr_matched, 0, 0, &dn );
1005 rc = rwm_dn_massage_pretty( &dc, &dn, &mdn );
1006 if ( rc != LDAP_SUCCESS ) {
1008 rs->sr_text = "Rewrite error";
1012 if ( mdn.bv_val != dn.bv_val ) {
1013 if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
1014 ch_free( (void *)rs->sr_matched );
1017 rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
1019 rs->sr_matched = mdn.bv_val;
1022 return SLAP_CB_CONTINUE;
1026 rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
1028 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1029 struct ldaprwmap *rwmap =
1030 (struct ldaprwmap *)on->on_bi.bi_private;
1036 int check_duplicate_attrs = 0;
1039 * Rewrite the dn attrs, if needed
1042 dc.conn = op->o_conn;
1045 /* FIXME: the entries are in the remote mapping form;
1046 * so we need to select those attributes we are willing
1047 * to return, and remap them accordingly */
1049 /* FIXME: in principle, one could map an attribute
1050 * on top of another, which already exists.
1051 * As such, in the end there might exist more than
1052 * one instance of an attribute.
1053 * We should at least check if this occurs, and issue
1054 * an error (because multiple instances of attrs in
1055 * response are not valid), or merge the values (what
1056 * about duplicate values?) */
1057 isupdate = be_shadow_update( op );
1058 for ( ap = a_first; *ap; ) {
1059 struct ldapmapping *mapping = NULL;
1064 if ( SLAP_OPATTRS( rs->sr_attr_flags ) && is_at_operational( (*ap)->a_desc->ad_type ) )
1069 if ( op->ors_attrs != NULL &&
1070 !SLAP_USERATTRS( rs->sr_attr_flags ) &&
1071 !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
1076 drop_missing = rwm_mapping( &rwmap->rwm_at,
1077 &(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
1078 if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
1082 if ( mapping != NULL ) {
1083 assert( mapping->m_dst_ad != NULL );
1085 /* try to normalize mapped Attributes if the original
1086 * AttributeType was not normalized */
1087 if ( (!(*ap)->a_desc->ad_type->sat_equality ||
1088 !(*ap)->a_desc->ad_type->sat_equality->smr_normalize) &&
1089 mapping->m_dst_ad->ad_type->sat_equality &&
1090 mapping->m_dst_ad->ad_type->sat_equality->smr_normalize )
1092 if ((rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS))
1096 last = (*ap)->a_numvals;
1099 (*ap)->a_nvals = ch_malloc( (last+1) * sizeof(struct berval) );
1101 for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[i]); i++ ) {
1104 * check that each value is valid per syntax
1105 * and pretty if appropriate
1107 rc = mapping->m_dst_ad->ad_type->sat_equality->smr_normalize(
1108 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
1109 mapping->m_dst_ad->ad_type->sat_syntax,
1110 mapping->m_dst_ad->ad_type->sat_equality,
1111 &(*ap)->a_vals[i], &(*ap)->a_nvals[i],
1114 if ( rc != LDAP_SUCCESS ) {
1115 BER_BVZERO( &(*ap)->a_nvals[i] );
1118 BER_BVZERO( &(*ap)->a_nvals[i] );
1122 assert( (*ap)->a_nvals == (*ap)->a_vals );
1123 (*ap)->a_nvals = NULL;
1124 ber_bvarray_dup_x( &(*ap)->a_nvals, (*ap)->a_vals, NULL );
1128 /* rewrite the attribute description */
1129 (*ap)->a_desc = mapping->m_dst_ad;
1131 /* will need to check for duplicate attrs */
1132 check_duplicate_attrs++;
1136 if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
1137 if ( stripEntryDN ) {
1138 /* will be generated by frontend */
1142 } else if ( !isupdate
1144 && (*ap)->a_desc->ad_type->sat_no_user_mod
1145 && (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
1150 if ( last == -1 ) { /* not yet counted */
1151 last = (*ap)->a_numvals;
1155 /* empty? leave it in place because of attrsonly and vlv */
1160 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass
1161 || (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
1165 for ( bv = (*ap)->a_vals; !BER_BVISNULL( bv ); bv++ ) {
1166 struct berval mapped;
1168 rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
1169 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
1171 ch_free( bv[0].bv_val );
1172 BER_BVZERO( &bv[0] );
1173 if ( &(*ap)->a_vals[last] > &bv[0] ) {
1174 bv[0] = (*ap)->a_vals[last];
1175 BER_BVZERO( &(*ap)->a_vals[last] );
1180 } else if ( mapped.bv_val != bv[0].bv_val ) {
1183 for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[ i ] ); i++ ) {
1184 if ( &(*ap)->a_vals[ i ] == bv ) {
1188 if ( ber_bvstrcasecmp( &mapped, &(*ap)->a_vals[ i ] ) == 0 ) {
1193 if ( !BER_BVISNULL( &(*ap)->a_vals[ i ] ) ) {
1198 * FIXME: after LBER_FREEing
1199 * the value is replaced by
1200 * ch_alloc'ed memory
1202 ber_bvreplace( &bv[0], &mapped );
1204 /* FIXME: will need to check
1205 * if the structuralObjectClass
1211 * It is necessary to try to rewrite attributes with
1212 * dn syntax because they might be used in ACLs as
1213 * members of groups; since ACLs are applied to the
1214 * rewritten stuff, no dn-based subject clause could
1215 * be used at the ldap backend side (see
1216 * http://www.OpenLDAP.org/faq/data/cache/452.html)
1217 * The problem can be overcome by moving the dn-based
1218 * ACLs to the target directory server, and letting
1219 * everything pass thru the ldap backend. */
1220 /* FIXME: handle distinguishedName-like syntaxes, like
1221 * nameAndOptionalUID */
1222 } else if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
1223 || ( mapping != NULL && mapping->m_src_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
1225 dc.ctx = "searchAttrDN";
1226 rc = rwm_dnattr_result_rewrite( &dc, (*ap)->a_vals );
1227 if ( rc != LDAP_SUCCESS ) {
1231 } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
1232 dc.ctx = "searchAttrDN";
1233 rc = rwm_referral_result_rewrite( &dc, (*ap)->a_vals );
1234 if ( rc != LDAP_SUCCESS ) {
1241 ap = &(*ap)->a_next;
1246 *ap = (*ap)->a_next;
1251 /* only check if some mapping occurred */
1252 if ( check_duplicate_attrs ) {
1253 for ( ap = a_first; *ap != NULL; ap = &(*ap)->a_next ) {
1256 for ( tap = &(*ap)->a_next; *tap != NULL; ) {
1257 if ( (*tap)->a_desc == (*ap)->a_desc ) {
1259 Modification mod = { 0 };
1260 const char *text = NULL;
1261 char textbuf[ SLAP_TEXT_BUFLEN ];
1262 Attribute *next = (*tap)->a_next;
1264 BER_BVSTR( &e.e_name, "" );
1265 BER_BVSTR( &e.e_nname, "" );
1267 mod.sm_op = LDAP_MOD_ADD;
1268 mod.sm_desc = (*ap)->a_desc;
1269 mod.sm_type = mod.sm_desc->ad_cname;
1270 mod.sm_numvals = (*tap)->a_numvals;
1271 mod.sm_values = (*tap)->a_vals;
1272 if ( (*tap)->a_nvals != (*tap)->a_vals ) {
1273 mod.sm_nvalues = (*tap)->a_nvals;
1276 (void)modify_add_values( &e, &mod,
1278 &text, textbuf, sizeof( textbuf ) );
1280 /* should not insert new attrs! */
1281 assert( e.e_attrs == *ap );
1287 tap = &(*tap)->a_next;
1297 rwm_send_entry( Operation *op, SlapReply *rs )
1299 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1300 struct ldaprwmap *rwmap =
1301 (struct ldaprwmap *)on->on_bi.bi_private;
1305 struct berval dn = BER_BVNULL,
1310 assert( rs->sr_entry != NULL );
1313 * Rewrite the dn of the result, if needed
1316 dc.conn = op->o_conn;
1318 dc.ctx = "searchEntryDN";
1321 flags = rs->sr_flags;
1322 if ( !( rs->sr_flags & REP_ENTRY_MODIFIABLE ) ) {
1323 /* FIXME: all we need to duplicate are:
1326 * - attributes that are requested
1327 * - no values if attrsonly is set
1332 rc = LDAP_NO_MEMORY;
1336 flags &= ~REP_ENTRY_MUSTRELEASE;
1337 flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
1341 * Note: this may fail if the target host(s) schema differs
1342 * from the one known to the meta, and a DN with unknown
1343 * attributes is returned.
1347 rc = rwm_dn_massage_pretty_normalize( &dc, &e->e_name, &dn, &ndn );
1348 if ( rc != LDAP_SUCCESS ) {
1353 if ( e->e_name.bv_val != dn.bv_val ) {
1354 ch_free( e->e_name.bv_val );
1355 ch_free( e->e_nname.bv_val );
1361 /* TODO: map entry attribute types, objectclasses
1362 * and dn-valued attribute values */
1364 /* FIXME: the entries are in the remote mapping form;
1365 * so we need to select those attributes we are willing
1366 * to return, and remap them accordingly */
1367 (void)rwm_attrs( op, rs, &e->e_attrs, 1 );
1369 if ( rs->sr_flags & REP_ENTRY_MUSTRELEASE ) {
1370 overlay_entry_release_ov( op, rs->sr_entry, 0, on );
1374 rs->sr_flags = flags;
1376 return SLAP_CB_CONTINUE;
1379 if ( e != NULL && e != rs->sr_entry ) {
1380 if ( e->e_name.bv_val == dn.bv_val ) {
1381 BER_BVZERO( &e->e_name );
1384 if ( e->e_nname.bv_val == ndn.bv_val ) {
1385 BER_BVZERO( &e->e_nname );
1391 if ( !BER_BVISNULL( &dn ) ) {
1392 ch_free( dn.bv_val );
1395 if ( !BER_BVISNULL( &ndn ) ) {
1396 ch_free( ndn.bv_val );
1403 rwm_operational( Operation *op, SlapReply *rs )
1405 /* FIXME: the entries are in the remote mapping form;
1406 * so we need to select those attributes we are willing
1407 * to return, and remap them accordingly */
1408 if ( rs->sr_operational_attrs ) {
1409 rwm_attrs( op, rs, &rs->sr_operational_attrs, 1 );
1412 return SLAP_CB_CONTINUE;
1416 /* don't use this; it cannot be reverted, and leaves op->o_req_dn
1417 * rewritten for subsequent operations; fine for plain suffixmassage,
1418 * but destroys everything else */
1420 rwm_chk_referrals( Operation *op, SlapReply *rs )
1422 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1425 rc = rwm_op_dn_massage( op, rs, "referralCheckDN" );
1426 if ( rc != LDAP_SUCCESS ) {
1427 op->o_bd->bd_info = (BackendInfo *)on->on_info;
1428 send_ldap_error( op, rs, rc, "referralCheckDN massage error" );
1432 return SLAP_CB_CONTINUE;
1444 slap_overinst *on = (slap_overinst *) be->bd_info;
1445 struct ldaprwmap *rwmap =
1446 (struct ldaprwmap *)on->on_bi.bi_private;
1448 return rewrite_parse( rwmap->rwm_rw,
1449 fname, lineno, argc, argv );
1455 rwm_suffixmassage_config(
1462 slap_overinst *on = (slap_overinst *) be->bd_info;
1463 struct ldaprwmap *rwmap =
1464 (struct ldaprwmap *)on->on_bi.bi_private;
1466 struct berval bvnc, nvnc, pvnc, brnc, nrnc, prnc;
1473 * suffixmassage [<suffix>] <massaged suffix>
1475 * the [<suffix>] field must be defined as a valid suffix
1476 * for the current database;
1477 * the <massaged suffix> shouldn't have already been
1478 * defined as a valid suffix for the current server
1481 if ( be->be_suffix == NULL ) {
1482 fprintf( stderr, "%s: line %d: "
1483 " \"suffixMassage [<suffix>]"
1484 " <massaged suffix>\" without "
1485 "<suffix> part requires database "
1486 "suffix be defined first.\n",
1490 bvnc = be->be_suffix[ 0 ];
1493 } else if ( argc == 3 ) {
1494 ber_str2bv( argv[ 1 ], 0, 0, &bvnc );
1498 fprintf( stderr, "%s: line %d: syntax is"
1499 " \"suffixMassage [<suffix>]"
1500 " <massaged suffix>\"\n",
1505 if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
1506 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1507 fname, lineno, bvnc.bv_val );
1511 ber_str2bv( argv[ massaged ], 0, 0, &brnc );
1512 if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
1513 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1514 fname, lineno, brnc.bv_val );
1515 free( nvnc.bv_val );
1516 free( pvnc.bv_val );
1521 * The suffix massaging is emulated
1522 * by means of the rewrite capabilities
1524 rc = rwm_suffix_massage_config( rwmap->rwm_rw,
1525 &pvnc, &nvnc, &prnc, &nrnc );
1526 free( nvnc.bv_val );
1527 free( pvnc.bv_val );
1528 free( nrnc.bv_val );
1529 free( prnc.bv_val );
1542 slap_overinst *on = (slap_overinst *) be->bd_info;
1543 struct ldaprwmap *rwmap =
1544 (struct ldaprwmap *)on->on_bi.bi_private;
1546 /* objectclass/attribute mapping */
1547 return rwm_map_config( &rwmap->rwm_oc,
1549 fname, lineno, argc, argv );
1553 rwm_response( Operation *op, SlapReply *rs )
1555 slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
1556 struct ldaprwmap *rwmap =
1557 (struct ldaprwmap *)on->on_bi.bi_private;
1561 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH ) {
1562 return rwm_send_entry( op, rs );
1565 switch( op->o_tag ) {
1566 case LDAP_REQ_SEARCH:
1569 case LDAP_REQ_DELETE:
1570 case LDAP_REQ_MODRDN:
1571 case LDAP_REQ_MODIFY:
1572 case LDAP_REQ_COMPARE:
1573 case LDAP_REQ_EXTENDED:
1578 * Rewrite the dn of the referrals, if needed
1581 dc.conn = op->o_conn;
1583 dc.ctx = "referralDN";
1584 rc = rwm_referral_result_rewrite( &dc, rs->sr_ref );
1585 if ( rc != LDAP_SUCCESS ) {
1590 rc = rwm_matched( op, rs );
1594 rc = SLAP_CB_CONTINUE;
1609 slap_overinst *on = (slap_overinst *) be->bd_info;
1610 struct ldaprwmap *rwmap =
1611 (struct ldaprwmap *)on->on_bi.bi_private;
1616 if ( strncasecmp( argv[ 0 ], "rwm-", STRLENOF( "rwm-" ) ) == 0 ) {
1618 argv[ 0 ] = &argv0[ STRLENOF( "rwm-" ) ];
1621 if ( strncasecmp( argv[0], "rewrite", STRLENOF("rewrite") ) == 0 ) {
1622 rc = rwm_rw_config( be, fname, lineno, argc, argv );
1624 } else if ( strcasecmp( argv[0], "map" ) == 0 ) {
1625 rc = rwm_m_config( be, fname, lineno, argc, argv );
1627 } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
1628 rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
1630 } else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
1633 "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
1638 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
1639 rwmap->rwm_flags &= ~(RWM_F_SUPPORT_T_F_MASK2);
1641 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
1642 rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
1644 /* TODO: not implemented yet */
1645 } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
1647 "%s: line %d: \"discover\" not supported yet "
1648 "in \"t-f-support {no|yes|discover}\".\n",
1652 rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
1657 "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
1658 fname, lineno, argv[ 1 ] );
1662 } else if ( strcasecmp( argv[0], "normalize-mapped-attrs" ) == 0 ) {
1665 "%s: line %d: \"normalize-mapped-attrs {no|yes}\" needs 1 argument.\n",
1670 if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
1671 rwmap->rwm_flags &= ~(RWM_F_NORMALIZE_MAPPED_ATTRS);
1673 } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
1674 rwmap->rwm_flags |= RWM_F_NORMALIZE_MAPPED_ATTRS;
1678 rc = SLAP_CONF_UNKNOWN;
1689 * dynamic configuration...
1695 RWM_CF_SUFFIXMASSAGE,
1700 RWM_CF_NORMALIZE_MAPPED,
1705 static slap_verbmasks t_f_mode[] = {
1706 { BER_BVC( "yes" ), RWM_F_SUPPORT_T_F },
1707 { BER_BVC( "discover" ), RWM_F_SUPPORT_T_F_DISCOVER },
1708 { BER_BVC( "no" ), RWM_F_NONE },
1712 static ConfigDriver rwm_cf_gen;
1714 static ConfigTable rwmcfg[] = {
1715 { "rwm-rewrite", "rewrite",
1716 2, 0, STRLENOF("rwm-rewrite"),
1717 ARG_MAGIC|ARG_QUOTE|RWM_CF_REWRITE, rwm_cf_gen,
1718 "( OLcfgOvAt:16.1 NAME 'olcRwmRewrite' "
1719 "DESC 'Rewrites strings' "
1720 "EQUALITY caseIgnoreMatch "
1721 "SYNTAX OMsDirectoryString "
1722 "X-ORDERED 'VALUES' )",
1725 { "rwm-suffixmassage", "[virtual]> <real",
1726 2, 3, 0, ARG_MAGIC|RWM_CF_SUFFIXMASSAGE, rwm_cf_gen,
1729 { "rwm-t-f-support", "true|false|discover",
1730 2, 2, 0, ARG_MAGIC|RWM_CF_T_F_SUPPORT, rwm_cf_gen,
1731 "( OLcfgOvAt:16.2 NAME 'olcRwmTFSupport' "
1732 "DESC 'Absolute filters support' "
1733 "SYNTAX OMsDirectoryString "
1737 { "rwm-map", "{objectClass|attribute}",
1738 2, 4, 0, ARG_MAGIC|RWM_CF_MAP, rwm_cf_gen,
1739 "( OLcfgOvAt:16.3 NAME 'olcRwmMap' "
1740 "DESC 'maps attributes/objectClasses' "
1741 "SYNTAX OMsDirectoryString "
1742 "X-ORDERED 'VALUES' )",
1745 { "rwm-normalize-mapped-attrs", "true|false",
1746 2, 2, 0, ARG_MAGIC|ARG_ON_OFF|RWM_CF_NORMALIZE_MAPPED, rwm_cf_gen,
1747 "( OLcfgOvAt:16.4 NAME 'olcRwmNormalizeMapped' "
1748 "DESC 'Normalize mapped attributes/objectClasses' "
1749 "SYNTAX OMsBoolean "
1753 { NULL, NULL, 0, 0, 0, ARG_IGNORED }
1756 static ConfigOCs rwmocs[] = {
1757 { "( OLcfgOvOc:16.1 "
1758 "NAME 'olcRwmConfig' "
1759 "DESC 'Rewrite/remap configuration' "
1760 "SUP olcOverlayConfig "
1763 "olcRwmTFSupport $ "
1765 "olcRwmNormalizeMapped "
1767 Cft_Overlay, rwmcfg, NULL, NULL },
1772 slap_rewrite_unparse( BerVarray in, BerVarray *out )
1775 BerVarray bva = NULL;
1776 char ibuf[32], *ptr;
1779 assert( in != NULL );
1781 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ )
1790 bva = ch_malloc( ( i + 1 ) * sizeof(struct berval) );
1791 BER_BVZERO( &bva[ 0 ] );
1793 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
1794 idx.bv_len = snprintf( idx.bv_val, sizeof( ibuf ), "{%d}", i );
1795 if ( idx.bv_len >= sizeof( ibuf ) ) {
1796 ber_bvarray_free( bva );
1800 bva[i].bv_len = idx.bv_len + in[i].bv_len;
1801 bva[i].bv_val = ch_malloc( bva[i].bv_len + 1 );
1802 ptr = lutil_strcopy( bva[i].bv_val, ibuf );
1803 ptr = lutil_strcopy( ptr, in[i].bv_val );
1805 BER_BVZERO( &bva[ i + 1 ] );
1812 rwm_cf_gen( ConfigArgs *c )
1814 slap_overinst *on = (slap_overinst *)c->bi;
1815 struct ldaprwmap *rwmap =
1816 (struct ldaprwmap *)on->on_bi.bi_private;
1825 if ( c->op == SLAP_CONFIG_EMIT ) {
1826 struct berval bv = BER_BVNULL;
1828 switch ( c->type ) {
1829 case RWM_CF_REWRITE:
1830 if ( rwmap->rwm_bva_rewrite == NULL ) {
1834 slap_rewrite_unparse( rwmap->rwm_bva_rewrite, &c->rvalue_vals );
1835 if ( !c->rvalue_vals ) {
1841 case RWM_CF_T_F_SUPPORT:
1842 enum_to_verb( t_f_mode, (rwmap->rwm_flags & RWM_F_SUPPORT_T_F_MASK2), &bv );
1843 if ( BER_BVISNULL( &bv ) ) {
1844 /* there's something wrong... */
1849 value_add_one( &c->rvalue_vals, &bv );
1854 if ( rwmap->rwm_bva_map == NULL ) {
1858 value_add( &c->rvalue_vals, rwmap->rwm_bva_map );
1862 case RWM_CF_NORMALIZE_MAPPED:
1863 c->value_int = ( rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS );
1873 } else if ( c->op == LDAP_MOD_DELETE ) {
1874 switch ( c->type ) {
1875 case RWM_CF_REWRITE:
1876 if ( c->valx >= 0 ) {
1877 /* single modification is not allowed */
1880 } else if ( rwmap->rwm_rw != NULL ) {
1881 rewrite_info_delete( &rwmap->rwm_rw );
1882 assert( rwmap->rwm_rw == NULL );
1884 ber_bvarray_free( rwmap->rwm_bva_rewrite );
1885 rwmap->rwm_bva_rewrite = NULL;
1889 case RWM_CF_T_F_SUPPORT:
1890 rwmap->rwm_flags &= ~RWM_F_SUPPORT_T_F_MASK2;
1894 if ( c->valx >= 0 ) {
1895 /* single modification is not allowed */
1899 avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
1900 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
1901 avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
1902 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
1904 rwmap->rwm_oc.remap = NULL;
1905 rwmap->rwm_oc.map = NULL;
1906 rwmap->rwm_at.remap = NULL;
1907 rwmap->rwm_at.map = NULL;
1909 ber_bvarray_free( rwmap->rwm_bva_map );
1910 rwmap->rwm_bva_map = NULL;
1914 case RWM_CF_NORMALIZE_MAPPED:
1915 rwmap->rwm_flags &= ~RWM_F_NORMALIZE_MAPPED_ATTRS;
1924 switch ( c->type ) {
1925 case RWM_CF_REWRITE:
1926 argv0 = c->argv[ 0 ];
1927 c->argv[ 0 ] += STRLENOF( "rwm-" );
1928 rc = rwm_rw_config( &db, c->fname, c->lineno, c->argc, c->argv );
1929 c->argv[ 0 ] = argv0;
1937 line = ldap_charray2str( c->argv, "\" \"" );
1938 if ( line != NULL ) {
1939 int len = strlen( c->argv[ 0 ] );
1941 ber_str2bv( line, 0, 0, &bv );
1942 AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
1943 bv.bv_len - ( len + 1 ) );
1944 bv.bv_val[ bv.bv_len - 1 ] = '"';
1945 ber_bvarray_add( &rwmap->rwm_bva_rewrite, &bv );
1950 case RWM_CF_SUFFIXMASSAGE:
1951 argv0 = c->argv[ 0 ];
1952 c->argv[ 0 ] += STRLENOF( "rwm-" );
1953 rc = rwm_suffixmassage_config( &db, c->fname, c->lineno, c->argc, c->argv );
1954 c->argv[ 0 ] = argv0;
1962 /* FIXME: not optimal; in fact, this keeps track
1963 * of the fact that a set of rules was added
1964 * using the rwm-suffixmassage shortcut, but the
1965 * rules are not clarified */
1967 line = ldap_charray2str( c->argv, "\" \"" );
1968 if ( line != NULL ) {
1969 int len = strlen( c->argv[ 0 ] );
1971 ber_str2bv( line, 0, 0, &bv );
1972 AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
1973 bv.bv_len - ( len + 1 ) );
1974 bv.bv_val[ bv.bv_len - 1 ] = '"';
1975 ber_bvarray_add( &rwmap->rwm_bva_rewrite, &bv );
1980 case RWM_CF_T_F_SUPPORT:
1981 rc = verb_to_mask( c->argv[ 1 ], t_f_mode );
1982 if ( BER_BVISNULL( &t_f_mode[ rc ].word ) ) {
1986 rwmap->rwm_flags &= ~RWM_F_SUPPORT_T_F_MASK2;
1987 rwmap->rwm_flags |= t_f_mode[ rc ].mask;
1992 argv0 = c->argv[ 0 ];
1993 c->argv[ 0 ] += STRLENOF( "rwm-" );
1994 rc = rwm_m_config( &db, c->fname, c->lineno, c->argc, c->argv );
1995 c->argv[ 0 ] = argv0;
2003 line = ldap_charray2str( &c->argv[ 1 ], " " );
2004 if ( line != NULL ) {
2005 ber_str2bv( line, 0, 0, &bv );
2006 ber_bvarray_add( &rwmap->rwm_bva_map, &bv );
2011 case RWM_CF_NORMALIZE_MAPPED:
2012 if ( c->value_int ) {
2013 rwmap->rwm_flags |= RWM_F_NORMALIZE_MAPPED_ATTRS;
2015 rwmap->rwm_flags &= ~RWM_F_NORMALIZE_MAPPED_ATTRS;
2032 slap_overinst *on = (slap_overinst *) be->bd_info;
2033 struct ldaprwmap *rwmap;
2037 rwmap = (struct ldaprwmap *)ch_calloc( 1, sizeof( struct ldaprwmap ) );
2039 rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
2040 if ( rwmap->rwm_rw == NULL ) {
2045 /* this rewriteContext by default must be null;
2046 * rules can be added if required */
2047 rargv[ 0 ] = "rewriteContext";
2048 rargv[ 1 ] = "searchFilter";
2050 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
2052 rargv[ 0 ] = "rewriteContext";
2053 rargv[ 1 ] = "default";
2055 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
2058 on->on_bi.bi_private = (void *)rwmap;
2061 (void)rwm_db_destroy( be, NULL );
2072 slap_overinst *on = (slap_overinst *) be->bd_info;
2075 if ( on->on_bi.bi_private ) {
2076 struct ldaprwmap *rwmap =
2077 (struct ldaprwmap *)on->on_bi.bi_private;
2079 if ( rwmap->rwm_rw ) {
2080 rewrite_info_delete( &rwmap->rwm_rw );
2081 ber_bvarray_free( rwmap->rwm_bva_rewrite );
2084 avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
2085 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
2086 avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
2087 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
2088 ber_bvarray_free( rwmap->rwm_bva_map );
2096 static slap_overinst rwm = { { NULL } };
2098 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
2100 #endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
2102 rwm_initialize( void )
2106 /* Make sure we don't exceed the bits reserved for userland */
2107 config_check_userland( RWM_CF_LAST );
2109 memset( &rwm, 0, sizeof( slap_overinst ) );
2111 rwm.on_bi.bi_type = "rwm";
2112 rwm.on_bi.bi_flags =
2113 SLAPO_BFLAG_SINGLE |
2116 rwm.on_bi.bi_db_init = rwm_db_init;
2117 rwm.on_bi.bi_db_config = rwm_db_config;
2118 rwm.on_bi.bi_db_destroy = rwm_db_destroy;
2120 rwm.on_bi.bi_op_bind = rwm_op_bind;
2121 rwm.on_bi.bi_op_search = rwm_op_search;
2122 rwm.on_bi.bi_op_compare = rwm_op_compare;
2123 rwm.on_bi.bi_op_modify = rwm_op_modify;
2124 rwm.on_bi.bi_op_modrdn = rwm_op_modrdn;
2125 rwm.on_bi.bi_op_add = rwm_op_add;
2126 rwm.on_bi.bi_op_delete = rwm_op_delete;
2127 rwm.on_bi.bi_op_unbind = rwm_op_unbind;
2128 rwm.on_bi.bi_extended = rwm_extended;
2130 rwm.on_bi.bi_operational = rwm_operational;
2131 rwm.on_bi.bi_chk_referrals = 0 /* rwm_chk_referrals */ ;
2133 rwm.on_bi.bi_connection_init = rwm_conn_init;
2134 rwm.on_bi.bi_connection_destroy = rwm_conn_destroy;
2136 rwm.on_response = rwm_response;
2138 rwm.on_bi.bi_cf_ocs = rwmocs;
2140 rc = config_register_schema( rwmcfg, rwmocs );
2145 return overlay_register( &rwm );
2148 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
2150 init_module( int argc, char *argv[] )
2152 return rwm_initialize();
2154 #endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
2156 #endif /* SLAPD_OVER_RWM */
projects / openldap / blob