1 /* rwm.c - rewrite/remap operations */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2004 The OpenLDAP Foundation.
6 * Portions Copyright 2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
24 #include <ac/string.h>
30 rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie )
32 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
33 struct ldaprwmap *rwmap =
34 (struct ldaprwmap *)on->on_bi.bi_private;
36 struct berval dn = BER_BVNULL,
42 * Rewrite the bind dn if needed
48 dc.ctx = (char *)cookie;
50 dc.tofrom = ((int *)cookie)[0];
54 rc = rwm_dn_massage( &dc, &op->o_req_dn, &dn, &ndn );
55 if ( rc != LDAP_SUCCESS ) {
59 if ( dn.bv_val == op->o_req_dn.bv_val ) {
63 op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
64 op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
73 rwm_add( Operation *op, SlapReply *rs )
75 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
76 struct ldaprwmap *rwmap =
77 (struct ldaprwmap *)on->on_bi.bi_private;
81 Attribute **ap = NULL;
82 char *olddn = op->o_req_dn.bv_val;
85 rc = rwm_op_dn_massage( op, rs, "addDN" );
88 rc = rwm_op_dn_massage( op, rs, &rc );
90 if ( rc != LDAP_SUCCESS ) {
91 op->o_bd->bd_info = (BackendInfo *)on->on_info;
92 send_ldap_error( op, rs, rc, "addDN massage error" );
96 if ( olddn != op->o_req_dn.bv_val ) {
97 ber_memfree( op->ora_e->e_name.bv_val );
98 ber_memfree( op->ora_e->e_nname.bv_val );
100 ber_dupbv( &op->ora_e->e_name, &op->o_req_dn );
101 ber_dupbv( &op->ora_e->e_nname, &op->o_req_ndn );
104 /* Count number of attributes in entry */
105 for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
106 struct berval mapped;
109 if ( (*ap)->a_desc->ad_type->sat_no_user_mod ) {
113 rwm_map( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
115 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
119 if ( (*ap)->a_desc->ad_type->sat_syntax
120 == slap_schema.si_syn_distinguishedName )
123 * FIXME: rewrite could fail; in this case
124 * the operation should give up, right?
126 #ifdef ENABLE_REWRITE
127 rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
129 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
132 rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
133 (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
145 /* FIXME: leaking attribute/values? */
152 /* TODO: map attribute types, values of DN-valued attributes ... */
153 return SLAP_CB_CONTINUE;
157 rwm_bind( Operation *op, SlapReply *rs )
159 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
160 struct ldaprwmap *rwmap =
161 (struct ldaprwmap *)on->on_bi.bi_private;
164 #ifdef ENABLE_REWRITE
165 ( void )rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
166 ( void )rewrite_session_init( rwmap->rwm_rw, op->o_conn );
168 rc = rwm_op_dn_massage( op, rs, "bindDN" );
171 rc = rwm_op_dn_massage( op, rs, &rc );
173 if ( rc != LDAP_SUCCESS ) {
174 op->o_bd->bd_info = (BackendInfo *)on->on_info;
175 send_ldap_error( op, rs, rc, "bindDN massage error" );
179 return SLAP_CB_CONTINUE;
183 rwm_unbind( Operation *op, SlapReply *rs )
185 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
186 struct ldaprwmap *rwmap =
187 (struct ldaprwmap *)on->on_bi.bi_private;
189 #ifdef ENABLE_REWRITE
190 rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
193 return SLAP_CB_CONTINUE;
197 rwm_compare( Operation *op, SlapReply *rs )
199 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
200 struct ldaprwmap *rwmap =
201 (struct ldaprwmap *)on->on_bi.bi_private;
204 struct berval mapped_at = BER_BVNULL,
205 mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
207 #ifdef ENABLE_REWRITE
208 rc = rwm_op_dn_massage( op, rs, "compareDN" );
211 rc = rwm_op_dn_massage( op, rs, &rc );
213 if ( rc != LDAP_SUCCESS ) {
214 op->o_bd->bd_info = (BackendInfo *)on->on_info;
215 send_ldap_error( op, rs, rc, "compareDN massage error" );
219 /* if the attribute is an objectClass, try to remap its value */
220 if ( op->orc_ava->aa_desc == slap_schema.si_ad_objectClass
221 || op->orc_ava->aa_desc == slap_schema.si_ad_structuralObjectClass )
223 rwm_map( &rwmap->rwm_oc, &op->orc_ava->aa_value,
224 &mapped_vals[0], RWM_MAP );
225 if ( BER_BVISNULL( &mapped_vals[0] ) || BER_BVISEMPTY( &mapped_vals[0] ) )
227 op->o_bd->bd_info = (BackendInfo *)on->on_info;
228 send_ldap_error( op, rs, LDAP_OTHER, "compare objectClass map error" );
231 } else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
232 free( op->orc_ava->aa_value.bv_val );
233 op->orc_ava->aa_value = mapped_vals[0];
235 mapped_at = op->orc_ava->aa_desc->ad_cname;
238 rwm_map( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
239 &mapped_at, RWM_MAP );
240 if ( BER_BVISNULL( &mapped_at ) || BER_BVISEMPTY( &mapped_at ) )
242 op->o_bd->bd_info = (BackendInfo *)on->on_info;
243 send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
246 if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
248 mapped_vals[0] = op->orc_ava->aa_value;
250 #ifdef ENABLE_REWRITE
251 rc = rwm_dnattr_rewrite( op, rs, "compareAttrDN", mapped_vals, NULL );
254 rc = rwm_dnattr_rewrite( op, rs, &rc, mapped_vals, NULL );
257 if ( rc != LDAP_SUCCESS ) {
258 op->o_bd->bd_info = (BackendInfo *)on->on_info;
259 send_ldap_error( op, rs, rc, "compareAttrDN massage error" );
263 if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
264 free( op->orc_ava->aa_value.bv_val );
265 op->orc_ava->aa_value = mapped_vals[0];
270 return SLAP_CB_CONTINUE;
274 rwm_delete( Operation *op, SlapReply *rs )
276 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
279 #ifdef ENABLE_REWRITE
280 rc = rwm_op_dn_massage( op, rs, "deleteDN" );
283 rc = rwm_op_dn_massage( op, rs, &rc );
285 if ( rc != LDAP_SUCCESS ) {
286 op->o_bd->bd_info = (BackendInfo *)on->on_info;
287 send_ldap_error( op, rs, rc, "deleteDN massage error" );
291 return SLAP_CB_CONTINUE;
295 rwm_modify( Operation *op, SlapReply *rs )
297 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
298 struct ldaprwmap *rwmap =
299 (struct ldaprwmap *)on->on_bi.bi_private;
304 #ifdef ENABLE_REWRITE
305 rc = rwm_op_dn_massage( op, rs, "modifyDN" );
308 rc = rwm_op_dn_massage( op, rs, &rc );
310 if ( rc != LDAP_SUCCESS ) {
311 op->o_bd->bd_info = (BackendInfo *)on->on_info;
312 send_ldap_error( op, rs, rc, "modifyDN massage error" );
316 for ( mlp = &op->oq_modify.rs_modlist; *mlp; ) {
320 if ( (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
324 if ( (*mlp)->sml_desc == slap_schema.si_ad_objectClass
325 || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass ) {
329 struct ldapmapping *m;
332 drop_missing = rwm_mapping( &rwmap->rwm_at, &(*mlp)->sml_desc->ad_cname, &m, RWM_MAP );
333 if ( drop_missing || ( m != NULL && BER_BVISNULL( &m->m_dst ) ) )
339 /* use new attribute description */
340 assert( m->m_dst_ad );
341 (*mlp)->sml_desc = m->m_dst_ad;
345 if ( (*mlp)->sml_values != NULL ) {
349 for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[last] ); last++ )
353 for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[j] ); j++ ) {
354 struct berval mapped = BER_BVNULL;
356 rwm_map( &rwmap->rwm_oc,
357 &(*mlp)->sml_values[j],
359 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
360 /* FIXME: we allow to remove objectClasses as well;
361 * if the resulting entry is inconsistent, that's
362 * the relayed database's business...
368 (*mlp)->sml_values[j] = (*mlp)->sml_values[last];
369 BER_BVZERO( &(*mlp)->sml_values[last] );
374 ch_free( (*mlp)->sml_values[j].bv_val );
375 ber_dupbv( &(*mlp)->sml_values[j], &mapped );
380 if ( (*mlp)->sml_desc->ad_type->sat_syntax ==
381 slap_schema.si_syn_distinguishedName )
383 #ifdef ENABLE_REWRITE
384 rc = rwm_dnattr_rewrite( op, rs, "modifyDN",
386 (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
389 rc = rwm_dnattr_rewrite( op, rs, &rc,
391 (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
395 if ( rc != LDAP_SUCCESS ) {
402 mlp = &(*mlp)->sml_next;
407 *mlp = (*mlp)->sml_next;
408 slap_mod_free( &ml->sml_mod, 0 );
412 /* TODO: rewrite attribute types, values of DN-valued attributes ... */
413 return SLAP_CB_CONTINUE;
417 rwm_modrdn( Operation *op, SlapReply *rs )
419 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
420 struct ldaprwmap *rwmap =
421 (struct ldaprwmap *)on->on_bi.bi_private;
425 if ( op->orr_newSup ) {
427 struct berval nnewSup = BER_BVNULL;
428 struct berval newSup = BER_BVNULL;
431 * Rewrite the new superior, if defined and required
434 #ifdef ENABLE_REWRITE
435 dc.conn = op->o_conn;
437 dc.ctx = "newSuperiorDN";
442 rc = rwm_dn_massage( &dc, op->orr_newSup, &newSup, &nnewSup );
443 if ( rc != LDAP_SUCCESS ) {
444 op->o_bd->bd_info = (BackendInfo *)on->on_info;
445 send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
449 if ( op->orr_newSup->bv_val != newSup.bv_val ) {
450 op->o_tmpfree( op->orr_newSup->bv_val, op->o_tmpmemctx );
451 op->o_tmpfree( op->orr_nnewSup->bv_val, op->o_tmpmemctx );
452 *op->orr_newSup = newSup;
453 *op->orr_nnewSup = nnewSup;
457 #ifdef ENABLE_REWRITE
458 rc = rwm_op_dn_massage( op, rs, "renameDN" );
461 rc = rwm_op_dn_massage( op, rs, &rc );
463 if ( rc != LDAP_SUCCESS ) {
464 op->o_bd->bd_info = (BackendInfo *)on->on_info;
465 send_ldap_error( op, rs, rc, "renameDN massage error" );
469 /* TODO: rewrite attribute types, values of DN-valued attributes ... */
470 return SLAP_CB_CONTINUE;
474 rwm_swap_attrs( Operation *op, SlapReply *rs )
476 slap_callback *cb = op->o_callback;
477 AttributeName *an = (AttributeName *)cb->sc_private;
481 return SLAP_CB_CONTINUE;
484 static int rwm_freeself( Operation *op, SlapReply *rs )
486 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_RESULT ) {
487 assert( op->o_callback );
489 op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
490 op->o_callback = NULL;
493 return SLAP_CB_CONTINUE;
497 rwm_search( Operation *op, SlapReply *rs )
499 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
500 struct ldaprwmap *rwmap =
501 (struct ldaprwmap *)on->on_bi.bi_private;
506 struct berval fstr = BER_BVNULL;
510 AttributeName *an = NULL;
514 #ifdef ENABLE_REWRITE
515 rc = rwm_op_dn_massage( op, rs, "searchDN" );
518 rc = rwm_op_dn_massage( op, rs, &rc );
520 if ( rc != LDAP_SUCCESS ) {
521 text = "searchDN massage error";
526 * Rewrite the bind dn if needed
529 #ifdef ENABLE_REWRITE
530 dc.conn = op->o_conn;
532 dc.ctx = "searchFilterAttrDN";
538 rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
539 if ( rc != LDAP_SUCCESS ) {
540 text = "searchFilter/searchFilterAttrDN massage error";
544 f = str2filter_x( op, fstr.bv_val );
547 text = "massaged filter parse error";
551 if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
552 ch_free( op->ors_filterstr.bv_val );
555 if( op->ors_filter ) {
556 filter_free_x( op, op->ors_filter );
560 op->ors_filterstr = fstr;
562 rc = rwm_map_attrnames( &rwmap->rwm_at, &rwmap->rwm_oc,
563 op->ors_attrs, &an, RWM_MAP );
564 if ( rc != LDAP_SUCCESS ) {
565 text = "attribute list mapping error";
569 cb = (slap_callback *) op->o_tmpcalloc( sizeof( slap_callback ),
570 1, op->o_tmpmemctx );
576 cb->sc_response = rwm_swap_attrs;
577 cb->sc_cleanup = rwm_freeself;
578 cb->sc_private = (void *)op->ors_attrs;
579 cb->sc_next = op->o_callback;
584 return SLAP_CB_CONTINUE;
592 filter_free_x( op, f );
595 if ( !BER_BVISNULL( &fstr ) ) {
596 ch_free( fstr.bv_val );
599 op->o_bd->bd_info = (BackendInfo *)on->on_info;
600 send_ldap_error( op, rs, rc, text );
607 rwm_extended( Operation *op, SlapReply *rs )
609 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
612 #ifdef ENABLE_REWRITE
613 rc = rwm_op_dn_massage( op, rs, "extendedDN" );
616 rc = rwm_op_dn_massage( op, rs, &rc );
618 if ( rc != LDAP_SUCCESS ) {
619 op->o_bd->bd_info = (BackendInfo *)on->on_info;
620 send_ldap_error( op, rs, rc, "extendedDN massage error" );
624 /* TODO: rewrite/map extended data ? ... */
625 return SLAP_CB_CONTINUE;
629 rwm_matched( Operation *op, SlapReply *rs )
631 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
632 struct ldaprwmap *rwmap =
633 (struct ldaprwmap *)on->on_bi.bi_private;
635 struct berval dn, mdn;
639 if ( rs->sr_matched == NULL ) {
640 return SLAP_CB_CONTINUE;
644 #ifdef ENABLE_REWRITE
645 dc.conn = op->o_conn;
647 dc.ctx = "matchedDN";
652 ber_str2bv( rs->sr_matched, 0, 0, &dn );
653 rc = rwm_dn_massage( &dc, &dn, &mdn, NULL );
654 if ( rc != LDAP_SUCCESS ) {
656 rs->sr_text = "Rewrite error";
660 if ( mdn.bv_val != dn.bv_val ) {
661 if ( rs->sr_flags & REP_MATCHED_MUSTBEFREED ) {
662 ch_free( (void *)rs->sr_matched );
665 rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
667 rs->sr_matched = mdn.bv_val;
670 return SLAP_CB_CONTINUE;
674 rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first )
676 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
677 struct ldaprwmap *rwmap =
678 (struct ldaprwmap *)on->on_bi.bi_private;
685 * Rewrite the dn of the result, if needed
688 #ifdef ENABLE_REWRITE
689 dc.conn = op->o_conn;
691 dc.ctx = "searchAttrDN";
697 /* FIXME: the entries are in the remote mapping form;
698 * so we need to select those attributes we are willing
699 * to return, and remap them accordingly */
701 /* FIXME: in principle, one could map an attribute
702 * on top of another, which already exists.
703 * As such, in the end there might exist more than
704 * one instance of an attribute.
705 * We should at least check if this occurs, and issue
706 * an error (because multiple instances of attrs in
707 * response are not valid), or merge the values (what
708 * about duplicate values?) */
709 for ( ap = a_first; *ap; ) {
710 struct ldapmapping *m;
715 if ( rs->sr_opattrs == SLAP_OPATTRS && is_at_operational( (*ap)->a_desc->ad_type ) )
719 } else if ( op->ors_attrs != NULL && !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
724 if ( (*ap)->a_desc->ad_type->sat_no_user_mod ) {
728 drop_missing = rwm_mapping( &rwmap->rwm_at,
729 &(*ap)->a_desc->ad_cname, &m, RWM_REMAP );
730 if ( drop_missing || ( m != NULL && BER_BVISEMPTY( &m->m_dst ) ) ) {
734 for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[last] ); last++ )
738 /* empty? for now, we leave it in place */
743 if ( (*ap)->a_desc == slap_schema.si_ad_objectClass
744 || (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
748 for ( bv = (*ap)->a_vals; !BER_BVISNULL( bv ); bv++ ) {
749 struct berval mapped;
751 rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
752 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
753 ch_free( bv[0].bv_val );
754 BER_BVZERO( &bv[0] );
755 if ( &(*ap)->a_vals[last] > &bv[0] ) {
756 bv[0] = (*ap)->a_vals[last];
757 BER_BVZERO( &(*ap)->a_vals[last] );
762 } else if ( mapped.bv_val != bv[0].bv_val ) {
764 * FIXME: after LBER_FREEing
765 * the value is replaced by
768 free( bv[0].bv_val );
769 ber_dupbv( &bv[0], &mapped );
774 * It is necessary to try to rewrite attributes with
775 * dn syntax because they might be used in ACLs as
776 * members of groups; since ACLs are applied to the
777 * rewritten stuff, no dn-based subject clause could
778 * be used at the ldap backend side (see
779 * http://www.OpenLDAP.org/faq/data/cache/452.html)
780 * The problem can be overcome by moving the dn-based
781 * ACLs to the target directory server, and letting
782 * everything pass thru the ldap backend. */
783 /* FIXME: handle distinguishedName-like syntaxes, like
784 * nameAndOptionalUID */
785 } else if ( (*ap)->a_desc->ad_type->sat_syntax ==
786 slap_schema.si_syn_distinguishedName )
788 rc = rwm_dnattr_result_rewrite( &dc, (*ap)->a_vals );
789 if ( rc != LDAP_SUCCESS ) {
795 /* rewrite the attribute description */
796 assert( m->m_dst_ad );
797 (*ap)->a_desc = m->m_dst_ad;
815 rwm_send_entry( Operation *op, SlapReply *rs )
817 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
818 struct ldaprwmap *rwmap =
819 (struct ldaprwmap *)on->on_bi.bi_private;
823 struct berval dn = BER_BVNULL,
828 assert( rs->sr_entry );
831 * Rewrite the dn of the result, if needed
834 #ifdef ENABLE_REWRITE
835 dc.conn = op->o_conn;
837 dc.ctx = "searchEntryDN";
844 flags = rs->sr_flags;
845 if ( !( rs->sr_flags & REP_ENTRY_MODIFIABLE ) ) {
846 /* FIXME: all we need to duplicate are:
849 * - attributes that are requested
850 * - no values if attrsonly is set
859 flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
863 * Note: this may fail if the target host(s) schema differs
864 * from the one known to the meta, and a DN with unknown
865 * attributes is returned.
867 rc = rwm_dn_massage( &dc, &e->e_name, &dn, &ndn );
868 if ( rc != LDAP_SUCCESS ) {
872 if ( e->e_name.bv_val != dn.bv_val ) {
873 free( e->e_name.bv_val );
874 free( e->e_nname.bv_val );
880 /* TODO: map entry attribute types, objectclasses
881 * and dn-valued attribute values */
883 /* FIXME: the entries are in the remote mapping form;
884 * so we need to select those attributes we are willing
885 * to return, and remap them accordingly */
886 rwm_attrs( op, rs, &e->e_attrs );
889 rs->sr_flags = flags;
891 return SLAP_CB_CONTINUE;
894 if ( !BER_BVISNULL( &dn ) ) {
895 ch_free( dn.bv_val );
898 if ( !BER_BVISNULL( &ndn ) ) {
899 ch_free( ndn.bv_val );
902 if ( e != NULL && e != rs->sr_entry ) {
910 rwm_operational( Operation *op, SlapReply *rs )
912 /* FIXME: the entries are in the remote mapping form;
913 * so we need to select those attributes we are willing
914 * to return, and remap them accordingly */
915 if ( rs->sr_operational_attrs ) {
916 rwm_attrs( op, rs, &rs->sr_operational_attrs );
919 return SLAP_CB_CONTINUE;
931 #ifdef ENABLE_REWRITE
932 slap_overinst *on = (slap_overinst *) be->bd_info;
933 struct ldaprwmap *rwmap =
934 (struct ldaprwmap *)on->on_bi.bi_private;
936 return rewrite_parse( rwmap->rwm_rw,
937 fname, lineno, argc, argv );
939 #else /* !ENABLE_REWRITE */
940 fprintf( stderr, "%s: line %d: rewrite capabilities "
941 "are not enabled\n", fname, lineno );
942 #endif /* !ENABLE_REWRITE */
948 rwm_suffixmassage_config(
956 slap_overinst *on = (slap_overinst *) be->bd_info;
957 struct ldaprwmap *rwmap =
958 (struct ldaprwmap *)on->on_bi.bi_private;
960 struct berval bvnc, nvnc, pvnc, brnc, nrnc, prnc;
961 #ifdef ENABLE_REWRITE
963 #endif /* ENABLE_REWRITE */
968 * suffixmassage <suffix> <massaged suffix>
970 * the <suffix> field must be defined as a valid suffix
971 * (or suffixAlias?) for the current database;
972 * the <massaged suffix> shouldn't have already been
973 * defined as a valid suffix or suffixAlias for the
977 fprintf( stderr, "%s: line %d: syntax is"
978 " \"suffixMassage <suffix>"
979 " <massaged suffix>\"\n",
984 ber_str2bv( argv[1], 0, 0, &bvnc );
985 if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
986 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
987 fname, lineno, bvnc.bv_val );
991 ber_str2bv( argv[2], 0, 0, &brnc );
992 if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
993 fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
994 fname, lineno, brnc.bv_val );
1000 #ifdef ENABLE_REWRITE
1002 * The suffix massaging is emulated
1003 * by means of the rewrite capabilities
1005 rc = rwm_suffix_massage_config( rwmap->rwm_rw,
1006 &pvnc, &nvnc, &prnc, &nrnc );
1007 free( nvnc.bv_val );
1008 free( pvnc.bv_val );
1009 free( nrnc.bv_val );
1010 free( prnc.bv_val );
1014 #else /* !ENABLE_REWRITE */
1015 ber_bvarray_add( &rwmap->rwm_suffix_massage, &pvnc );
1016 ber_bvarray_add( &rwmap->rwm_suffix_massage, &nvnc );
1018 ber_bvarray_add( &rwmap->rwm_suffix_massage, &prnc );
1019 ber_bvarray_add( &rwmap->rwm_suffix_massage, &nrnc );
1020 #endif /* !ENABLE_REWRITE */
1034 slap_overinst *on = (slap_overinst *) be->bd_info;
1035 struct ldaprwmap *rwmap =
1036 (struct ldaprwmap *)on->on_bi.bi_private;
1038 /* objectclass/attribute mapping */
1039 return rwm_map_config( &rwmap->rwm_oc,
1041 fname, lineno, argc, argv );
1045 rwm_response( Operation *op, SlapReply *rs )
1049 if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH ) {
1050 return rwm_send_entry( op, rs );
1053 switch( op->o_tag ) {
1054 case LDAP_REQ_SEARCH:
1055 /* Note: the operation attrs are remapped */
1056 if ( op->ors_attrs != NULL && op->ors_attrs != rs->sr_attrs )
1058 ch_free( op->ors_attrs );
1059 op->ors_attrs = rs->sr_attrs;
1065 case LDAP_REQ_DELETE:
1066 case LDAP_REQ_MODRDN:
1067 case LDAP_REQ_MODIFY:
1068 case LDAP_REQ_COMPARE:
1069 case LDAP_REQ_EXTENDED:
1070 rc = rwm_matched( op, rs );
1074 rc = SLAP_CB_CONTINUE;
1093 if ( strncasecmp( argv[ 0 ], "rwm-", STRLENOF( "rwm-" ) ) == 0 ) {
1095 argv[ 0 ] = &argv0[ STRLENOF( "rwm-" ) ];
1098 if ( strncasecmp( argv[0], "rewrite", STRLENOF("rewrite") ) == 0 ) {
1099 rc = rwm_rw_config( be, fname, lineno, argc, argv );
1101 } else if ( strcasecmp( argv[0], "map" ) == 0 ) {
1102 rc = rwm_m_config( be, fname, lineno, argc, argv );
1104 } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
1105 rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
1108 rc = SLAP_CONF_UNKNOWN;
1123 slap_overinst *on = (slap_overinst *) be->bd_info;
1124 struct ldapmapping *mapping = NULL;
1125 struct ldaprwmap *rwmap;
1127 rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
1128 memset(rwmap, 0, sizeof(struct ldaprwmap));
1130 #ifdef ENABLE_REWRITE
1131 rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
1132 if ( rwmap->rwm_rw == NULL ) {
1140 /* this rewriteContext by default must be null;
1141 * rules can be added if required */
1142 rargv[ 0 ] = "rewriteContext";
1143 rargv[ 1 ] = "searchFilter";
1145 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
1147 rargv[ 0 ] = "rewriteContext";
1148 rargv[ 1 ] = "default";
1150 rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
1153 #endif /* ENABLE_REWRITE */
1155 if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
1156 rwm_map_init( &rwmap->rwm_at, &mapping ) != LDAP_SUCCESS )
1161 on->on_bi.bi_private = (void *)rwmap;
1171 slap_overinst *on = (slap_overinst *) be->bd_info;
1174 if ( on->on_bi.bi_private ) {
1175 struct ldaprwmap *rwmap =
1176 (struct ldaprwmap *)on->on_bi.bi_private;
1178 #ifdef ENABLE_REWRITE
1179 if (rwmap->rwm_rw) {
1180 rewrite_info_delete( &rwmap->rwm_rw );
1182 #else /* !ENABLE_REWRITE */
1183 if ( rwmap->rwm_suffix_massage ) {
1184 ber_bvarray_free( rwmap->rwm_suffix_massage );
1186 #endif /* !ENABLE_REWRITE */
1188 avl_free( rwmap->rwm_oc.remap, NULL );
1189 avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
1190 avl_free( rwmap->rwm_at.remap, NULL );
1191 avl_free( rwmap->rwm_at.map, rwm_mapping_free );
1197 static slap_overinst rwm = { { NULL } };
1202 memset( &rwm, 0, sizeof(slap_overinst) );
1204 rwm.on_bi.bi_type = "rwm";
1205 rwm.on_bi.bi_db_init = rwm_over_init;
1206 rwm.on_bi.bi_db_config = rwm_config;
1207 rwm.on_bi.bi_db_destroy = rwm_destroy;
1209 rwm.on_bi.bi_op_bind = rwm_bind;
1210 rwm.on_bi.bi_op_search = rwm_search;
1211 rwm.on_bi.bi_op_compare = rwm_compare;
1212 rwm.on_bi.bi_op_modify = rwm_modify;
1213 rwm.on_bi.bi_op_modrdn = rwm_modrdn;
1214 rwm.on_bi.bi_op_add = rwm_add;
1215 rwm.on_bi.bi_op_delete = rwm_delete;
1216 rwm.on_bi.bi_op_unbind = rwm_unbind;
1217 rwm.on_bi.bi_extended = rwm_extended;
1218 rwm.on_bi.bi_operational = rwm_operational;
1220 rwm.on_response = rwm_response;
1222 return overlay_register( &rwm );
1225 #if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
1226 int init_module(int argc, char *argv[]) {
1231 #endif /* SLAPD_OVER_RWM */