1 /* rwm.c - rewrite/remap operations */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2004 The OpenLDAP Foundation.
6 * Portions Copyright 2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
24 #include <ac/string.h>
30 rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie )
32 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
33 struct ldaprwmap *rwmap =
34 (struct ldaprwmap *)on->on_bi.bi_private;
36 struct berval dn = BER_BVNULL,
42 * Rewrite the bind dn if needed
48 dc.ctx = (char *)cookie;
50 dc.tofrom = ((int *)cookie)[0];
54 rc = rwm_dn_massage( &dc, &op->o_req_dn, &dn, &ndn );
55 if ( rc != LDAP_SUCCESS ) {
59 if ( dn.bv_val == op->o_req_dn.bv_val ) {
63 op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
64 op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
73 rwm_add( Operation *op, SlapReply *rs )
75 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
76 struct ldaprwmap *rwmap =
77 (struct ldaprwmap *)on->on_bi.bi_private;
82 Attribute **ap = NULL;
85 rc = rwm_op_dn_massage( op, rs, "addDn" );
88 rc = rwm_op_dn_massage( op, rs, &rc );
90 if ( rc != LDAP_SUCCESS ) {
91 op->o_bd->bd_info = (BackendInfo *)on->on_info;
92 send_ldap_error( op, rs, rc, "addDn massage error" );
96 /* Count number of attributes in entry */
97 isupdate = be_shadow_update( op );
98 for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
102 if ( !isupdate && (*ap)->a_desc->ad_type->sat_no_user_mod ) {
106 rwm_map( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
108 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
112 if ( (*ap)->a_desc->ad_type->sat_syntax
113 == slap_schema.si_syn_distinguishedName )
116 * FIXME: rewrite could fail; in this case
117 * the operation should give up, right?
119 #ifdef ENABLE_REWRITE
120 rc = rwm_dnattr_rewrite( op, rs, "addDn", (*ap)->a_vals, NULL );
123 rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals, NULL );
134 /* FIXME: leaking attribute/values? */
141 /* TODO: map attribute types, values of DN-valued attributes ... */
142 return SLAP_CB_CONTINUE;
146 rwm_bind( Operation *op, SlapReply *rs )
148 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
149 struct ldaprwmap *rwmap =
150 (struct ldaprwmap *)on->on_bi.bi_private;
153 #ifdef ENABLE_REWRITE
154 ( void )rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
155 ( void )rewrite_session_init( rwmap->rwm_rw, op->o_conn );
157 rc = rwm_op_dn_massage( op, rs, "bindDn" );
160 rc = rwm_op_dn_massage( op, rs, &rc );
162 if ( rc != LDAP_SUCCESS ) {
163 op->o_bd->bd_info = (BackendInfo *)on->on_info;
164 send_ldap_error( op, rs, rc, "bindDn massage error" );
168 return SLAP_CB_CONTINUE;
172 rwm_unbind( Operation *op, SlapReply *rs )
174 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
175 struct ldaprwmap *rwmap =
176 (struct ldaprwmap *)on->on_bi.bi_private;
178 #ifdef ENABLE_REWRITE
179 rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
182 return SLAP_CB_CONTINUE;
186 rwm_compare( Operation *op, SlapReply *rs )
188 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
189 struct ldaprwmap *rwmap =
190 (struct ldaprwmap *)on->on_bi.bi_private;
193 struct berval mapped_at = BER_BVNULL,
194 mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
196 #ifdef ENABLE_REWRITE
197 rc = rwm_op_dn_massage( op, rs, "compareDn" );
200 rc = rwm_op_dn_massage( op, rs, &rc );
202 if ( rc != LDAP_SUCCESS ) {
203 op->o_bd->bd_info = (BackendInfo *)on->on_info;
204 send_ldap_error( op, rs, rc, "compareDn massage error" );
208 /* if the attribute is an objectClass, try to remap its value */
209 if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass
210 || op->orc_ava->aa_desc == slap_schema.si_ad_structuralObjectClass )
212 rwm_map( &rwmap->rwm_oc, &op->orc_ava->aa_value,
213 &mapped_vals[0], RWM_MAP );
214 if ( BER_BVISNULL( &mapped_vals[0] ) || BER_BVISEMPTY( &mapped_vals[0] ) )
216 op->o_bd->bd_info = (BackendInfo *)on->on_info;
217 send_ldap_error( op, rs, LDAP_OTHER, "compare objectClass map error" );
220 } else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
221 free( op->orc_ava->aa_value.bv_val );
222 op->orc_ava->aa_value = mapped_vals[0];
224 mapped_at = op->orc_ava->aa_desc->ad_cname;
227 rwm_map( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
228 &mapped_at, RWM_MAP );
229 if ( BER_BVISNULL( &mapped_at ) || BER_BVISEMPTY( &mapped_at ) )
231 op->o_bd->bd_info = (BackendInfo *)on->on_info;
232 send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
235 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
237 mapped_vals[0] = op->orc_ava->aa_value;
239 #ifdef ENABLE_REWRITE
240 rc = rwm_dnattr_rewrite( op, rs, "compareAttrDN", mapped_vals, NULL );
243 rc = rwm_dnattr_rewrite( op, rs, &rc, mapped_vals, NULL );
246 if ( rc != LDAP_SUCCESS ) {
247 op->o_bd->bd_info = (BackendInfo *)on->on_info;
248 send_ldap_error( op, rs, rc, "compareAttrDN massage error" );
252 if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
253 free( op->orc_ava->aa_value.bv_val );
254 op->orc_ava->aa_value = mapped_vals[0];
259 return SLAP_CB_CONTINUE;
263 rwm_delete( Operation *op, SlapReply *rs )
265 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
268 #ifdef ENABLE_REWRITE
269 rc = rwm_op_dn_massage( op, rs, "deleteDn" );
272 rc = rwm_op_dn_massage( op, rs, &rc );
274 if ( rc != LDAP_SUCCESS ) {
275 op->o_bd->bd_info = (BackendInfo *)on->on_info;
276 send_ldap_error( op, rs, rc, "deleteDn massage error" );
280 return SLAP_CB_CONTINUE;
284 rwm_modify( Operation *op, SlapReply *rs )
286 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
287 struct ldaprwmap *rwmap =
288 (struct ldaprwmap *)on->on_bi.bi_private;
294 #ifdef ENABLE_REWRITE
295 rc = rwm_op_dn_massage( op, rs, "modifyDn" );
298 rc = rwm_op_dn_massage( op, rs, &rc );
300 if ( rc != LDAP_SUCCESS ) {
301 op->o_bd->bd_info = (BackendInfo *)on->on_info;
302 send_ldap_error( op, rs, rc, "modifyDn massage error" );
306 isupdate = be_shadow_update( op );
307 for ( mlp = &op->oq_modify.rs_modlist; *mlp; ) {
310 if ( !isupdate && (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
314 *mlp = (*mlp)->sml_next;
315 slap_mod_free( &ml->sml_mod, 0 );
321 if ( (*mlp)->sml_desc == slap_schema.si_ad_objectClass
322 || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass ) {
326 struct ldapmapping *m;
329 drop_missing = rwm_mapping( &rwmap->rwm_at, &(*mlp)->sml_desc->ad_cname, &m, RWM_MAP );
330 if ( drop_missing || ( m != NULL && BER_BVISNULL( &m->m_dst ) ) )
335 *mlp = (*mlp)->sml_next;
336 slap_mod_free( &ml->sml_mod, 0 );
343 /* use new attribute description */
344 assert( m->m_dst_ad );
345 (*mlp)->sml_desc = m->m_dst_ad;
349 if ( (*mlp)->sml_values != NULL ) {
353 for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[last] ); last++ )
357 for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[j] ); j++ ) {
358 struct berval mapped = BER_BVNULL;
360 rwm_map( &rwmap->rwm_oc,
361 &(*mlp)->sml_values[j],
363 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
364 /* FIXME: we allow to remove objectClasses as well;
365 * if the resulting entry is inconsistent, that's
366 * the relayed database's business...
372 *mlp = (*mlp)->sml_next;
373 slap_mod_free( &ml->sml_mod, 0 );
379 (*mlp)->sml_values[j] = (*mlp)->sml_values[last];
380 BER_BVZERO( &(*mlp)->sml_values[last] );
385 ch_free( (*mlp)->sml_values[j].bv_val );
386 ber_dupbv( &(*mlp)->sml_values[j], &mapped );
391 if ( (*mlp)->sml_desc->ad_type->sat_syntax ==
392 slap_schema.si_syn_distinguishedName )
394 #ifdef ENABLE_REWRITE
395 rc = rwm_dnattr_rewrite( op, rs, "modifyDn",
396 (*mlp)->sml_values, &(*mlp)->sml_nvalues );
399 rc = rwm_dnattr_rewrite( op, rs, &rc,
400 (*mlp)->sml_values, &(*mlp)->sml_nvalues );
404 if ( rc != LDAP_SUCCESS ) {
408 *mlp = (*mlp)->sml_next;
409 slap_mod_free( &ml->sml_mod, 0 );
417 mlp = &(*mlp)->sml_next;
420 /* TODO: rewrite attribute types, values of DN-valued attributes ... */
421 return SLAP_CB_CONTINUE;
425 rwm_modrdn( Operation *op, SlapReply *rs )
427 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
428 struct ldaprwmap *rwmap =
429 (struct ldaprwmap *)on->on_bi.bi_private;
433 if ( op->orr_newSup ) {
435 struct berval nnewSup = BER_BVNULL;
436 struct berval newSup = BER_BVNULL;
439 * Rewrite the new superior, if defined and required
442 #ifdef ENABLE_REWRITE
443 dc.conn = op->o_conn;
445 dc.ctx = "newSuperiorDN";
450 rc = rwm_dn_massage( &dc, op->orr_newSup, &newSup, &nnewSup );
451 if ( rc != LDAP_SUCCESS ) {
452 op->o_bd->bd_info = (BackendInfo *)on->on_info;
453 send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
457 if ( op->orr_newSup->bv_val != newSup.bv_val ) {
458 op->o_tmpfree( op->orr_newSup->bv_val, op->o_tmpmemctx );
459 op->o_tmpfree( op->orr_nnewSup->bv_val, op->o_tmpmemctx );
460 *op->orr_newSup = newSup;
461 *op->orr_nnewSup = nnewSup;
465 #ifdef ENABLE_REWRITE
466 rc = rwm_op_dn_massage( op, rs, "renameDn" );
469 rc = rwm_op_dn_massage( op, rs, &rc );
471 if ( rc != LDAP_SUCCESS ) {
472 op->o_bd->bd_info = (BackendInfo *)on->on_info;
473 send_ldap_error( op, rs, rc, "renameDn massage error" );
477 /* TODO: rewrite attribute types, values of DN-valued attributes ... */
478 return SLAP_CB_CONTINUE;
482 rwm_swap_attrs( Operation *op, SlapReply *rs )
484 slap_callback *cb = op->o_callback;
485 AttributeName *an = (AttributeName *)cb->sc_private;
489 return SLAP_CB_CONTINUE;
492 static int rwm_freeself( Operation *op, SlapReply *rs )
494 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_RESULT ) {
495 assert( op->o_callback );
497 op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
498 op->o_callback = NULL;
501 return SLAP_CB_CONTINUE;
505 rwm_search( Operation *op, SlapReply *rs )
507 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
508 struct ldaprwmap *rwmap =
509 (struct ldaprwmap *)on->on_bi.bi_private;
514 struct berval fstr = BER_BVNULL;
518 AttributeName *an = NULL;
522 #ifdef ENABLE_REWRITE
523 rc = rwm_op_dn_massage( op, rs, "searchDn" );
526 rc = rwm_op_dn_massage( op, rs, &rc );
528 if ( rc != LDAP_SUCCESS ) {
529 text = "searchDn massage error";
534 * Rewrite the bind dn if needed
537 #ifdef ENABLE_REWRITE
538 dc.conn = op->o_conn;
540 dc.ctx = "searchFilterAttrDN";
546 rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
547 if ( rc != LDAP_SUCCESS ) {
548 text = "searchFilter/searchFilterAttrDN massage error";
552 f = str2filter_x( op, fstr.bv_val );
555 text = "massaged filter parse error";
559 if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
560 ch_free( op->ors_filterstr.bv_val );
563 if( op->ors_filter ) {
564 filter_free_x( op, op->ors_filter );
568 op->ors_filterstr = fstr;
570 rc = rwm_map_attrnames( &rwmap->rwm_at, &rwmap->rwm_oc,
571 op->ors_attrs, &an, RWM_MAP );
572 if ( rc != LDAP_SUCCESS ) {
573 text = "attribute list mapping error";
577 cb = (slap_callback *) op->o_tmpcalloc( sizeof( slap_callback ),
578 1, op->o_tmpmemctx );
584 cb->sc_response = rwm_swap_attrs;
585 cb->sc_cleanup = rwm_freeself;
586 cb->sc_private = (void *)op->ors_attrs;
587 cb->sc_next = op->o_callback;
592 return SLAP_CB_CONTINUE;
600 filter_free_x( op, f );
603 if ( !BER_BVISNULL( &fstr ) ) {
604 ch_free( fstr.bv_val );
607 op->o_bd->bd_info = (BackendInfo *)on->on_info;
608 send_ldap_error( op, rs, rc, text );
615 rwm_extended( Operation *op, SlapReply *rs )
617 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
620 #ifdef ENABLE_REWRITE
621 rc = rwm_op_dn_massage( op, rs, "extendedDn" );
624 rc = rwm_op_dn_massage( op, rs, &rc );
626 if ( rc != LDAP_SUCCESS ) {
627 op->o_bd->bd_info = (BackendInfo *)on->on_info;
628 send_ldap_error( op, rs, rc, "extendedDn massage error" );
632 /* TODO: rewrite/map extended data ? ... */
637 rwm_matched( Operation *op, SlapReply *rs )
639 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
640 struct ldaprwmap *rwmap =
641 (struct ldaprwmap *)on->on_bi.bi_private;
643 struct berval dn, mdn;
647 if ( rs->sr_matched == NULL ) {
648 return SLAP_CB_CONTINUE;
652 #ifdef ENABLE_REWRITE
653 dc.conn = op->o_conn;
655 dc.ctx = "matchedDN";
660 ber_str2bv( rs->sr_matched, 0, 0, &dn );
661 rc = rwm_dn_massage( &dc, &dn, &mdn, NULL );
662 if ( rc != LDAP_SUCCESS ) {
664 rs->sr_text = "Rewrite error";
668 if ( mdn.bv_val != dn.bv_val ) {
669 if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
670 ch_free( (void *)rs->sr_matched );
673 rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
675 rs->sr_matched = mdn.bv_val;
678 return SLAP_CB_CONTINUE;
682 rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first )
684 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
685 struct ldaprwmap *rwmap =
686 (struct ldaprwmap *)on->on_bi.bi_private;
693 * Rewrite the dn of the result, if needed
696 #ifdef ENABLE_REWRITE
697 dc.conn = op->o_conn;
699 dc.ctx = "searchAttrDN";
705 /* FIXME: the entries are in the remote mapping form;
706 * so we need to select those attributes we are willing
707 * to return, and remap them accordingly */
709 /* FIXME: in principle, one could map an attribute
710 * on top of another, which already exists.
711 * As such, in the end there might exist more than
712 * one instance of an attribute.
713 * We should at least check if this occurs, and issue
714 * an error (because multiple instances of attrs in
715 * response are not valid), or merge the values (what
716 * about duplicate values?) */
717 for ( ap = a_first; *ap; ) {
718 struct ldapmapping *m;
722 if ( rs->sr_opattrs == SLAP_OPATTRS && is_at_operational( (*ap)->a_desc->ad_type ) )
726 } else if ( op->ors_attrs != NULL && !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
737 drop_missing = rwm_mapping( &rwmap->rwm_at,
738 &(*ap)->a_desc->ad_cname, &m, RWM_REMAP );
739 if ( drop_missing || ( m != NULL && BER_BVISEMPTY( &m->m_dst ) ) ) {
749 for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[last] ); last++ )
753 /* empty? for now, we leave it in place */
758 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass
759 || (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
763 for ( bv = (*ap)->a_vals; !BER_BVISNULL( bv ); bv++ ) {
764 struct berval mapped;
766 rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
767 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
768 ch_free( bv[0].bv_val );
769 BER_BVZERO( &bv[0] );
770 if ( &(*ap)->a_vals[last] > &bv[0] ) {
771 bv[0] = (*ap)->a_vals[last];
772 BER_BVZERO( &(*ap)->a_vals[last] );
777 } else if ( mapped.bv_val != bv[0].bv_val ) {
779 * FIXME: after LBER_FREEing
780 * the value is replaced by
783 free( bv[0].bv_val );
784 ber_dupbv( &bv[0], &mapped );
789 * It is necessary to try to rewrite attributes with
790 * dn syntax because they might be used in ACLs as
791 * members of groups; since ACLs are applied to the
792 * rewritten stuff, no dn-based subject clause could
793 * be used at the ldap backend side (see
794 * http://www.OpenLDAP.org/faq/data/cache/452.html)
795 * The problem can be overcome by moving the dn-based
796 * ACLs to the target directory server, and letting
797 * everything pass thru the ldap backend. */
798 /* FIXME: handle distinguishedName-like syntaxes, like
799 * nameAndOptionalUID */
800 } else if ( (*ap)->a_desc->ad_type->sat_syntax ==
801 slap_schema.si_syn_distinguishedName )
803 rc = rwm_dnattr_result_rewrite( &dc, (*ap)->a_vals );
804 if ( rc != LDAP_SUCCESS ) {
816 /* rewrite the attribute description */
817 assert( m->m_dst_ad );
818 (*ap)->a_desc = m->m_dst_ad;
829 rwm_send_entry( Operation *op, SlapReply *rs )
831 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
832 struct ldaprwmap *rwmap =
833 (struct ldaprwmap *)on->on_bi.bi_private;
837 struct berval dn = BER_BVNULL,
842 assert( rs->sr_entry );
845 * Rewrite the dn of the result, if needed
848 #ifdef ENABLE_REWRITE
849 dc.conn = op->o_conn;
851 dc.ctx = "searchResult";
858 flags = rs->sr_flags;
859 if ( !( rs->sr_flags & REP_ENTRY_MODIFIABLE ) ) {
860 /* FIXME: all we need to duplicate are:
863 * - attributes that are requested
864 * - no values if attrsonly is set
873 flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
877 * Note: this may fail if the target host(s) schema differs
878 * from the one known to the meta, and a DN with unknown
879 * attributes is returned.
881 rc = rwm_dn_massage( &dc, &e->e_name, &dn, &ndn );
882 if ( rc != LDAP_SUCCESS ) {
886 if ( e->e_name.bv_val != dn.bv_val ) {
887 free( e->e_name.bv_val );
888 free( e->e_nname.bv_val );
894 /* TODO: map entry attribute types, objectclasses
895 * and dn-valued attribute values */
897 /* FIXME: the entries are in the remote mapping form;
898 * so we need to select those attributes we are willing
899 * to return, and remap them accordingly */
900 rwm_attrs( op, rs, &e->e_attrs );
903 rs->sr_flags = flags;
905 return SLAP_CB_CONTINUE;
908 if ( !BER_BVISNULL( &dn ) ) {
909 ch_free( dn.bv_val );
912 if ( !BER_BVISNULL( &ndn ) ) {
913 ch_free( ndn.bv_val );
916 if ( e != NULL && e != rs->sr_entry ) {
924 rwm_operational( Operation *op, SlapReply *rs )
926 /* FIXME: the entries are in the remote mapping form;
927 * so we need to select those attributes we are willing
928 * to return, and remap them accordingly */
929 if ( rs->sr_operational_attrs ) {
930 rwm_attrs( op, rs, &rs->sr_operational_attrs );
933 return SLAP_CB_CONTINUE;
945 #ifdef ENABLE_REWRITE
946 slap_overinst *on = (slap_overinst *) be->bd_info;
947 struct ldaprwmap *rwmap =
948 (struct ldaprwmap *)on->on_bi.bi_private;
950 return rewrite_parse( rwmap->rwm_rw,
951 fname, lineno, argc, argv );
953 #else /* !ENABLE_REWRITE */
954 fprintf( stderr, "%s: line %d: rewrite capabilities "
955 "are not enabled\n", fname, lineno );
956 #endif /* !ENABLE_REWRITE */
962 rwm_suffixmassage_config(
970 slap_overinst *on = (slap_overinst *) be->bd_info;
971 struct ldaprwmap *rwmap =
972 (struct ldaprwmap *)on->on_bi.bi_private;
974 struct berval bvnc, nvnc, pvnc, brnc, nrnc, prnc;
975 #ifdef ENABLE_REWRITE
977 #endif /* ENABLE_REWRITE */
982 * suffixmassage <suffix> <massaged suffix>
984 * the <suffix> field must be defined as a valid suffix
985 * (or suffixAlias?) for the current database;
986 * the <massaged suffix> shouldn't have already been
987 * defined as a valid suffix or suffixAlias for the
991 fprintf( stderr, "%s: line %d: syntax is"
992 " \"suffixMassage <suffix>"
993 " <massaged suffix>\"\n",
998 ber_str2bv( argv[1], 0, 0, &bvnc );
999 if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
1000 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1001 fname, lineno, bvnc.bv_val );
1005 ber_str2bv( argv[2], 0, 0, &brnc );
1006 if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
1007 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
1008 fname, lineno, brnc.bv_val );
1009 free( nvnc.bv_val );
1010 free( pvnc.bv_val );
1014 #ifdef ENABLE_REWRITE
1016 * The suffix massaging is emulated
1017 * by means of the rewrite capabilities
1019 rc = rwm_suffix_massage_config( rwmap->rwm_rw,
1020 &pvnc, &nvnc, &prnc, &nrnc );
1021 free( nvnc.bv_val );
1022 free( pvnc.bv_val );
1023 free( nrnc.bv_val );
1024 free( prnc.bv_val );
1028 #else /* !ENABLE_REWRITE */
1029 ber_bvarray_add( &rwmap->rwm_suffix_massage, &pvnc );
1030 ber_bvarray_add( &rwmap->rwm_suffix_massage, &nvnc );
1032 ber_bvarray_add( &rwmap->rwm_suffix_massage, &prnc );
1033 ber_bvarray_add( &rwmap->rwm_suffix_massage, &nrnc );
1034 #endif /* !ENABLE_REWRITE */
1048 slap_overinst *on = (slap_overinst *) be->bd_info;
1049 struct ldaprwmap *rwmap =
1050 (struct ldaprwmap *)on->on_bi.bi_private;
1052 /* objectclass/attribute mapping */
1053 return rwm_map_config( &rwmap->rwm_oc,
1055 fname, lineno, argc, argv );
1059 rwm_response( Operation *op, SlapReply *rs )
1063 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH ) {
1064 return rwm_send_entry( op, rs );
1067 switch( op->o_tag ) {
1068 case LDAP_REQ_SEARCH:
1069 /* Note: the operation attrs are remapped */
1070 if ( op->ors_attrs != NULL && op->ors_attrs != rs->sr_attrs )
1072 ch_free( op->ors_attrs );
1073 op->ors_attrs = rs->sr_attrs;
1079 case LDAP_REQ_DELETE:
1080 case LDAP_REQ_MODRDN:
1081 case LDAP_REQ_MODIFY:
1082 case LDAP_REQ_COMPARE:
1083 case LDAP_REQ_EXTENDED:
1084 rc = rwm_matched( op, rs );
1088 rc = SLAP_CB_CONTINUE;
1107 if ( strncasecmp( argv[ 0 ], "rwm-", STRLENOF( "rwm-" ) ) == 0 ) {
1109 argv[ 0 ] = &argv0[ STRLENOF( "rwm-" ) ];
1112 if ( strncasecmp( argv[0], "rewrite", STRLENOF("rewrite") ) == 0 ) {
1113 rc = rwm_rw_config( be, fname, lineno, argc, argv );
1115 } else if ( strcasecmp( argv[0], "map" ) == 0 ) {
1116 rc = rwm_m_config( be, fname, lineno, argc, argv );
1118 } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
1119 rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
1122 rc = SLAP_CONF_UNKNOWN;
1137 slap_overinst *on = (slap_overinst *) be->bd_info;
1138 struct ldapmapping *mapping = NULL;
1139 struct ldaprwmap *rwmap;
1141 rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
1142 memset(rwmap, 0, sizeof(struct ldaprwmap));
1144 #ifdef ENABLE_REWRITE
1145 rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
1146 if ( rwmap->rwm_rw == NULL ) {
1154 /* this rewriteContext by default must be null;
1155 * rules can be added if required */
1156 rargv[ 0 ] = "rewriteContext";
1157 rargv[ 1 ] = "searchFilter";
1159 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
1161 rargv[ 0 ] = "rewriteContext";
1162 rargv[ 1 ] = "default";
1164 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
1167 #endif /* ENABLE_REWRITE */
1169 if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
1170 rwm_map_init( &rwmap->rwm_at, &mapping ) != LDAP_SUCCESS )
1175 on->on_bi.bi_private = (void *)rwmap;
1185 slap_overinst *on = (slap_overinst *) be->bd_info;
1188 if ( on->on_bi.bi_private ) {
1189 struct ldaprwmap *rwmap =
1190 (struct ldaprwmap *)on->on_bi.bi_private;
1192 #ifdef ENABLE_REWRITE
1193 if (rwmap->rwm_rw) {
1194 rewrite_info_delete( &rwmap->rwm_rw );
1196 #else /* !ENABLE_REWRITE */
1197 if ( rwmap->rwm_suffix_massage ) {
1198 ber_bvarray_free( rwmap->rwm_suffix_massage );
1200 #endif /* !ENABLE_REWRITE */
1202 avl_free( rwmap->rwm_oc.remap, NULL );
1203 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
1204 avl_free( rwmap->rwm_at.remap, NULL );
1205 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
1211 static slap_overinst rwm = { { NULL } };
1216 memset( &rwm, 0, sizeof(slap_overinst) );
1218 rwm.on_bi.bi_type = "rwm";
1219 rwm.on_bi.bi_db_init = rwm_over_init;
1220 rwm.on_bi.bi_db_config = rwm_config;
1221 rwm.on_bi.bi_db_destroy = rwm_destroy;
1223 rwm.on_bi.bi_op_bind = rwm_bind;
1224 rwm.on_bi.bi_op_search = rwm_search;
1225 rwm.on_bi.bi_op_compare = rwm_compare;
1226 rwm.on_bi.bi_op_modify = rwm_modify;
1227 rwm.on_bi.bi_op_modrdn = rwm_modrdn;
1228 rwm.on_bi.bi_op_add = rwm_add;
1229 rwm.on_bi.bi_op_delete = rwm_delete;
1230 rwm.on_bi.bi_op_unbind = rwm_unbind;
1231 rwm.on_bi.bi_extended = rwm_extended;
1232 rwm.on_bi.bi_operational = rwm_operational;
1234 rwm.on_response = rwm_response;
1236 return overlay_register( &rwm );
1239 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
1240 int init_module(int argc, char *argv[]) {
1245 #endif /* SLAPD_OVER_RWM */
projects / openldap / blob