1 /* unique.c - attribute uniqueness module */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2004-2006 The OpenLDAP Foundation.
6 * Portions Copyright 2004 Symas Corporation.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Symas Corp. for inclusion in
19 * OpenLDAP Software. This work was sponsored by Hewlett-Packard.
24 #ifdef SLAPD_OVER_UNIQUE
28 #include <ac/string.h>
29 #include <ac/socket.h>
33 static slap_overinst unique;
35 typedef struct unique_attrs_s {
36 struct unique_attrs_s *next; /* list of attrs */
37 AttributeDescription *attr;
40 typedef struct unique_data_s {
41 const char *message; /* breadcrumbs */
42 struct unique_attrs_s *attrs; /* list of known attrs */
43 struct unique_attrs_s *ignore; /* list of ignored attrs */
44 BerValue dn; /* base of "unique tree" */
45 char strict; /* null considered unique too */
48 typedef struct unique_counter_s {
54 ** allocate new unique_data;
55 ** initialize, copy basedn;
56 ** store in on_bi.bi_private;
60 static int unique_db_init(
64 slap_overinst *on = (slap_overinst *)be->bd_info;
65 unique_data *ud = ch_malloc(sizeof(unique_data));
67 /* Debug(LDAP_DEBUG_TRACE, "==> unique_init\n", 0, 0, 0); */
69 ud->message = "_init";
74 /* default to the base of our configured database */
75 ber_dupbv(&ud->dn, &be->be_nsuffix[0]);
76 on->on_bi.bi_private = ud;
83 ** if command = attributes:
85 ** convert to attribute;
86 ** add to configured attribute list;
87 ** elseif command = base:
88 ** set our basedn to argument;
89 ** else complain about invalid directive;
93 static int unique_config(
101 slap_overinst *on = (slap_overinst *) be->bd_info;
102 unique_data *ud = on->on_bi.bi_private;
105 AttributeDescription *ad;
108 ud->message = "_config";
109 Debug(LDAP_DEBUG_TRACE, "==> unique_config\n", 0, 0, 0);
111 if(!strcasecmp(*argv, "unique_attributes") ||
112 !strcasecmp(*argv, "unique_ignore")) {
113 for(i = 1; i < argc; i++) {
114 for(up = ud->attrs; up; up = up->next)
115 if(!strcmp(argv[i], up->attr->ad_cname.bv_val)) {
116 Debug(LDAP_DEBUG_ANY,
117 "%s: line %d: duplicate attribute <%s>, ignored\n",
118 fname, lineno, argv[i]);
122 if(slap_str2ad(argv[i], &ad, &text) != LDAP_SUCCESS) {
123 Debug(LDAP_DEBUG_ANY,
124 "%s: line %d: bad attribute <%s>, ignored\n",
125 fname, lineno, text);
127 } else if(ad->ad_next) {
128 Debug(LDAP_DEBUG_ANY,
129 "%s: line %d: multiple attributes match <%s>, ignored\n",
130 fname, lineno, argv[i]);
133 up = ch_malloc(sizeof(unique_attrs));
135 if(!strcasecmp(*argv, "unique_ignore")) {
136 up->next = ud->ignore;
139 up->next = ud->attrs;
142 Debug(LDAP_DEBUG_CONFIG, "%s: line %d: new attribute <%s>\n",
143 fname, lineno, argv[i]);
145 } else if(!strcasecmp(*argv, "unique_strict")) {
147 } else if(!strcasecmp(*argv, "unique_base")) {
149 ber_str2bv( argv[1], 0, 0, &bv );
150 ch_free(ud->dn.bv_val);
151 dnNormalize(0, NULL, NULL, &bv, &ud->dn, NULL);
152 Debug(LDAP_DEBUG_CONFIG, "%s: line %d: new base dn <%s>\n",
153 fname, lineno, argv[1]);
155 return(SLAP_CONF_UNKNOWN);
163 ** mostly, just print the init message;
172 slap_overinst *on = (slap_overinst *)be->bd_info;
173 unique_data *ud = on->on_bi.bi_private;
174 ud->message = "_open";
176 Debug(LDAP_DEBUG_TRACE, "unique_open: overlay initialized\n", 0, 0, 0);
183 ** foreach configured attribute:
186 ** (do not) free ud->message;
187 ** reset on_bi.bi_private;
188 ** free our config data;
197 slap_overinst *on = (slap_overinst *) be->bd_info;
198 unique_data *ud = on->on_bi.bi_private;
199 unique_attrs *ii, *ij;
200 ud->message = "_close";
202 Debug(LDAP_DEBUG_TRACE, "==> unique_close\n", 0, 0, 0);
204 for(ii = ud->attrs; ii; ii = ij) {
209 for(ii = ud->ignore; ii; ii = ij) {
214 ch_free(ud->dn.bv_val);
216 on->on_bi.bi_private = NULL; /* XXX */
226 ** if this is a REP_SEARCH, count++;
230 static int count_attr_cb(
237 /* because you never know */
238 if(!op || !rs) return(0);
240 /* Only search entries are interesting */
241 if(rs->sr_type != REP_SEARCH) return(0);
243 uc = op->o_callback->sc_private;
245 /* Ignore the current entry */
246 if ( dn_match( uc->ndn, &rs->sr_entry->e_nname )) return(0);
248 Debug(LDAP_DEBUG_TRACE, "==> count_attr_cb <%s>\n",
249 rs->sr_entry ? rs->sr_entry->e_name.bv_val : "UNKNOWN_DN", 0, 0);
256 static int count_filter_len(
258 AttributeDescription *ad,
266 while ( !is_at_operational( ad->ad_type ) ) {
268 for ( up = ud->ignore; up; up = up->next ) {
269 if (ad == up->attr ) {
278 for ( up = ud->attrs; up; up = up->next ) {
279 if ( ad == up->attr ) {
287 if ( b && b[0].bv_val ) {
288 for (i = 0; b[i].bv_val; i++ ) {
289 /* note: make room for filter escaping... */
290 ks += ( 3 * b[i].bv_len ) + ad->ad_cname.bv_len + STRLENOF( "(=)" );
292 } else if ( ud->strict ) {
293 ks += ad->ad_cname.bv_len + STRLENOF( "(=*)" ); /* (attr=*) */
300 static char *build_filter(
302 AttributeDescription *ad,
311 while ( !is_at_operational( ad->ad_type ) ) {
313 for ( up = ud->ignore; up; up = up->next ) {
314 if ( ad == up->attr ) {
323 for ( up = ud->attrs; up; up = up->next ) {
324 if ( ad == up->attr ) {
332 if ( b && b[0].bv_val ) {
333 for ( i = 0; b[i].bv_val; i++ ) {
336 ldap_bv2escaped_filter_value_x( &b[i], &bv, 1, ctx );
337 kp += sprintf( kp, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val );
338 if ( bv.bv_val != b[i].bv_val ) {
339 ber_memfree_x( bv.bv_val, ctx );
342 } else if ( ud->strict ) {
343 kp += sprintf( kp, "(%s=*)", ad->ad_cname.bv_val );
350 static int unique_search(
357 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
358 unique_data *ud = on->on_bi.bi_private;
359 SlapReply nrs = { REP_RESULT };
360 slap_callback cb = { NULL, NULL, NULL, NULL }; /* XXX */
361 unique_counter uq = { NULL, 0 };
364 nop->ors_filter = str2filter_x(nop, key);
365 ber_str2bv(key, 0, 0, &nop->ors_filterstr);
367 cb.sc_response = (slap_response*)count_attr_cb;
369 nop->o_callback = &cb;
370 nop->o_tag = LDAP_REQ_SEARCH;
371 nop->ors_scope = LDAP_SCOPE_SUBTREE;
372 nop->ors_deref = LDAP_DEREF_NEVER;
373 nop->ors_limit = NULL;
374 nop->ors_slimit = SLAP_NO_LIMIT;
375 nop->ors_tlimit = SLAP_NO_LIMIT;
376 nop->ors_attrs = slap_anlist_no_attrs;
377 nop->ors_attrsonly = 1;
379 uq.ndn = &op->o_req_ndn;
381 nop->o_req_ndn = ud->dn;
382 nop->o_ndn = op->o_bd->be_rootndn;
384 nop->o_bd = on->on_info->oi_origdb;
385 rc = nop->o_bd->be_search(nop, &nrs);
386 filter_free_x(nop, nop->ors_filter);
387 op->o_tmpfree( key, op->o_tmpmemctx );
389 if(rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT) {
390 op->o_bd->bd_info = (BackendInfo *) on->on_info;
391 send_ldap_error(op, rs, rc, "unique_search failed");
395 Debug(LDAP_DEBUG_TRACE, "=> unique_search found %d records\n", uq.count, 0, 0);
398 op->o_bd->bd_info = (BackendInfo *) on->on_info;
399 send_ldap_error(op, rs, LDAP_CONSTRAINT_VIOLATION,
400 "some attributes not unique");
404 return(SLAP_CB_CONTINUE);
407 #define ALLOC_EXTRA 16 /* extra slop */
409 static int unique_add(
414 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
415 unique_data *ud = on->on_bi.bi_private;
422 Debug(LDAP_DEBUG_TRACE, "==> unique_add <%s>\n", op->o_req_dn.bv_val, 0, 0);
424 if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ))
425 return SLAP_CB_CONTINUE;
428 ** count everything first;
429 ** allocate some memory;
430 ** write the search key;
434 if(!(a = op->ora_e->e_attrs)) {
435 op->o_bd->bd_info = (BackendInfo *) on->on_info;
436 send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
437 "unique_add() got null op.ora_e.e_attrs");
439 } else for(; a; a = a->a_next) {
440 ks = count_filter_len(ud, a->a_desc, a->a_vals, ks);
444 return SLAP_CB_CONTINUE;
447 key = op->o_tmpalloc(ks, op->o_tmpmemctx);
449 kp = key + sprintf(key, "(|");
451 for(a = op->ora_e->e_attrs; a; a = a->a_next) {
452 kp = build_filter(ud, a->a_desc, a->a_vals, kp, op->o_tmpmemctx);
457 Debug(LDAP_DEBUG_TRACE, "=> unique_add %s\n", key, 0, 0);
459 return unique_search(op, &nop, rs, key);
463 static int unique_modify(
468 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
469 unique_data *ud = on->on_bi.bi_private;
476 Debug(LDAP_DEBUG_TRACE, "==> unique_modify <%s>\n", op->o_req_dn.bv_val, 0, 0);
478 if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ))
479 return SLAP_CB_CONTINUE;
482 ** count everything first;
483 ** allocate some memory;
484 ** write the search key;
488 if(!(m = op->orm_modlist)) {
489 op->o_bd->bd_info = (BackendInfo *) on->on_info;
490 send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
491 "unique_modify() got null op.orm_modlist");
493 } else for(; m; m = m->sml_next) {
494 if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
495 ks = count_filter_len(ud, m->sml_desc, m->sml_values, ks);
499 return SLAP_CB_CONTINUE;
502 key = op->o_tmpalloc(ks, op->o_tmpmemctx);
504 kp = key + sprintf(key, "(|");
506 for(m = op->orm_modlist; m; m = m->sml_next) {
507 if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
508 kp = build_filter(ud, m->sml_desc, m->sml_values, kp, op->o_tmpmemctx);
513 Debug(LDAP_DEBUG_TRACE, "=> unique_modify %s\n", key, 0, 0);
515 return unique_search(op, &nop, rs, key);
519 static int unique_modrdn(
524 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
525 unique_data *ud = on->on_bi.bi_private;
533 Debug(LDAP_DEBUG_TRACE, "==> unique_modrdn <%s> <%s>\n",
534 op->o_req_dn.bv_val, op->orr_newrdn.bv_val, 0);
536 if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ) &&
537 (!op->orr_nnewSup || !dnIsSuffix( op->orr_nnewSup, &ud->dn )))
538 return SLAP_CB_CONTINUE;
540 if(ldap_bv2rdn_x(&op->oq_modrdn.rs_newrdn, &newrdn,
541 (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx )) {
542 op->o_bd->bd_info = (BackendInfo *) on->on_info;
543 send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
544 "unknown type(s) used in RDN");
547 for(i = 0; newrdn[i]; i++) {
548 AttributeDescription *ad = NULL;
549 if ( slap_bv2ad( &newrdn[i]->la_attr, &ad, &rs->sr_text )) {
550 ldap_rdnfree_x( newrdn, op->o_tmpmemctx );
551 rs->sr_err = LDAP_INVALID_SYNTAX;
552 send_ldap_result( op, rs );
555 newrdn[i]->la_private = ad;
561 for(i = 0; newrdn[i]; i++) {
562 bv[0] = newrdn[i]->la_value;
563 ks = count_filter_len(ud, newrdn[i]->la_private, bv, ks);
567 return SLAP_CB_CONTINUE;
570 key = op->o_tmpalloc(ks, op->o_tmpmemctx);
571 kp = key + sprintf(key, "(|");
573 for(i = 0; newrdn[i]; i++) {
574 bv[0] = newrdn[i]->la_value;
575 kp = build_filter(ud, newrdn[i]->la_private, bv, kp, op->o_tmpmemctx);
580 Debug(LDAP_DEBUG_TRACE, "=> unique_modrdn %s\n", key, 0, 0);
582 return unique_search(op, &nop, rs, key);
586 ** init_module is last so the symbols resolve "for free" --
587 ** it expects to be called automagically during dynamic module initialization
590 int unique_initialize() {
592 /* statically declared just after the #includes at top */
593 unique.on_bi.bi_type = "unique";
594 unique.on_bi.bi_db_init = unique_db_init;
595 unique.on_bi.bi_db_config = unique_config;
596 unique.on_bi.bi_db_open = unique_open;
597 unique.on_bi.bi_db_close = unique_close;
598 unique.on_bi.bi_op_add = unique_add;
599 unique.on_bi.bi_op_modify = unique_modify;
600 unique.on_bi.bi_op_modrdn = unique_modrdn;
601 unique.on_bi.bi_op_delete = NULL;
603 return(overlay_register(&unique));
606 #if SLAPD_OVER_UNIQUE == SLAPD_MOD_DYNAMIC && defined(PIC)
607 int init_module(int argc, char *argv[]) {
608 return unique_initialize();
612 #endif /* SLAPD_OVER_UNIQUE */