]> git.sur5r.net Git - openldap/blob - servers/slapd/root_dse.c
now I remember why I introduced the 'has_ldapinfo_dn_ru' flag
[openldap] / servers / slapd / root_dse.c
1 /* root_dse.c - Provides the Root DSA-Specific Entry */
2 /* $OpenLDAP$ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4  *
5  * Copyright 1999-2004 The OpenLDAP Foundation.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted only as authorized by the OpenLDAP
10  * Public License.
11  *
12  * A copy of this license is available in the file LICENSE in the
13  * top-level directory of the distribution or, alternatively, at
14  * <http://www.OpenLDAP.org/license.html>.
15  */
16
17 #include "portable.h"
18
19 #include <stdio.h>
20
21 #include <ac/string.h>
22
23 #include "slap.h"
24 #include <ldif.h>
25 #include "lber_pvt.h"
26
27 #ifdef LDAP_SLAPI
28 #include "slapi/slapi.h"
29 #endif
30
31 static struct berval supportedFeatures[] = {
32         BER_BVC(LDAP_FEATURE_ALL_OP_ATTRS),                     /* All Op Attrs (+) */
33         BER_BVC(LDAP_FEATURE_OBJECTCLASS_ATTRS),        /* OCs in Attrs List (@class) */
34         BER_BVC(LDAP_FEATURE_ABSOLUTE_FILTERS),         /* (&) and (|) search filters */
35         BER_BVC(LDAP_FEATURE_LANGUAGE_TAG_OPTIONS), /* Language Tag Options */
36         BER_BVC(LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS),/* Language Range Options */
37
38 #ifdef LDAP_DEVEL
39         BER_BVC(LDAP_FEATURE_SUBORDINATE_SCOPE),        /* "children" search scope */
40         BER_BVC(LDAP_FEATURE_MODIFY_INCREMENT),         /* Modify/increment */
41 #endif
42         {0,NULL}
43 };
44
45 static Entry    *usr_attr = NULL;
46
47 int
48 root_dse_info(
49         Connection *conn,
50         Entry **entry,
51         const char **text )
52 {
53         Entry           *e;
54         struct berval vals[2], *bv;
55         struct berval nvals[2];
56         int             i, j;
57         char ** supportedSASLMechanisms;
58
59         AttributeDescription *ad_structuralObjectClass
60                 = slap_schema.si_ad_structuralObjectClass;
61         AttributeDescription *ad_objectClass
62                 = slap_schema.si_ad_objectClass;
63         AttributeDescription *ad_namingContexts
64                 = slap_schema.si_ad_namingContexts;
65         AttributeDescription *ad_supportedExtension
66                 = slap_schema.si_ad_supportedExtension;
67         AttributeDescription *ad_supportedLDAPVersion
68                 = slap_schema.si_ad_supportedLDAPVersion;
69         AttributeDescription *ad_supportedSASLMechanisms
70                 = slap_schema.si_ad_supportedSASLMechanisms;
71         AttributeDescription *ad_supportedFeatures
72                 = slap_schema.si_ad_supportedFeatures;
73         AttributeDescription *ad_monitorContext
74                 = slap_schema.si_ad_monitorContext;
75         AttributeDescription *ad_ref
76                 = slap_schema.si_ad_ref;
77
78         vals[1].bv_val = NULL;
79         nvals[1].bv_val = NULL;
80
81         e = (Entry *) SLAP_CALLOC( 1, sizeof(Entry) );
82
83         if( e == NULL ) {
84 #ifdef NEW_LOGGING
85                 LDAP_LOG( OPERATION, ERR,
86                         "root_dse_info: SLAP_CALLOC failed", 0, 0, 0 );
87 #else
88                 Debug( LDAP_DEBUG_ANY,
89                         "root_dse_info: SLAP_CALLOC failed", 0, 0, 0 );
90 #endif
91                 return LDAP_OTHER;
92         }
93
94         e->e_attrs = NULL;
95         e->e_name.bv_val = ch_strdup( LDAP_ROOT_DSE );
96         e->e_name.bv_len = sizeof( LDAP_ROOT_DSE )-1;
97         e->e_nname.bv_val = ch_strdup( LDAP_ROOT_DSE );
98         e->e_nname.bv_len = sizeof( LDAP_ROOT_DSE )-1;
99
100         /* the DN is an empty string so no pretty/normalization is needed */
101         assert( !e->e_name.bv_len );
102         assert( !e->e_nname.bv_len );
103
104         e->e_private = NULL;
105
106         vals[0].bv_val = "top";
107         vals[0].bv_len = sizeof("top")-1;
108         if( attr_merge( e, ad_objectClass, vals, NULL ) ) {
109                 return LDAP_OTHER;
110         }
111
112         vals[0].bv_val = "OpenLDAProotDSE";
113         vals[0].bv_len = sizeof("OpenLDAProotDSE")-1;
114         if( attr_merge( e, ad_objectClass, vals, NULL ) ) {
115                 return LDAP_OTHER;
116         }
117         if( attr_merge( e, ad_structuralObjectClass, vals, NULL ) ) {
118                 return LDAP_OTHER;
119         }
120
121         for ( i = 0; i < nbackends; i++ ) {
122                 if ( backends[i].be_suffix == NULL
123                                 || backends[i].be_nsuffix == NULL ) {
124                         /* no suffix! */
125                         continue;
126                 }
127                 if ( backends[i].be_flags & SLAP_BFLAG_MONITOR ) {
128                         vals[0] = backends[i].be_suffix[0];
129                         nvals[0] = backends[i].be_nsuffix[0];
130                         if( attr_merge( e, ad_monitorContext, vals, nvals ) ) {
131                                 return LDAP_OTHER;
132                         }
133                         continue;
134                 }
135                 if ( SLAP_GLUE_SUBORDINATE( &backends[i] ) ) {
136                         continue;
137                 }
138                 for ( j = 0; backends[i].be_suffix[j].bv_val != NULL; j++ ) {
139                         vals[0] = backends[i].be_suffix[j];
140                         nvals[0] = backends[i].be_nsuffix[0];
141                         if( attr_merge( e, ad_namingContexts, vals, nvals ) ) {
142                                 return LDAP_OTHER;
143                         }
144                 }
145         }
146
147         /* altServer unsupported */
148
149         /* supportedControl */
150         if ( controls_root_dse_info( e ) != 0 ) {
151                 return LDAP_OTHER;
152         }
153
154         /* supportedExtension */
155         if ( exop_root_dse_info( e ) != 0 ) {
156                 return LDAP_OTHER;
157         }
158
159 #ifdef LDAP_SLAPI
160         /* netscape supportedExtension */
161         for ( i = 0; (bv = slapi_int_get_supported_extop(i)) != NULL; i++ ) {
162                 vals[0] = *bv;
163                 if( attr_merge( e, ad_supportedExtension, vals, NULL )) {
164                         return LDAP_OTHER;
165                 }
166         }
167 #endif /* LDAP_SLAPI */
168
169         /* supportedFeatures */
170         if( attr_merge( e, ad_supportedFeatures, supportedFeatures, NULL ) ) {
171                 return LDAP_OTHER;
172         }
173
174         /* supportedLDAPVersion */
175         for ( i=LDAP_VERSION_MIN; i<=LDAP_VERSION_MAX; i++ ) {
176                 char buf[BUFSIZ];
177                 if (!( global_allows & SLAP_ALLOW_BIND_V2 ) &&
178                         ( i < LDAP_VERSION3 ) )
179                 {
180                         /* version 2 and lower are disallowed */
181                         continue;
182                 }
183                 snprintf(buf, sizeof buf, "%d", i);
184                 vals[0].bv_val = buf;
185                 vals[0].bv_len = strlen( vals[0].bv_val );
186                 if( attr_merge( e, ad_supportedLDAPVersion, vals, NULL ) ) {
187                         return LDAP_OTHER;
188                 }
189         }
190
191         /* supportedSASLMechanism */
192         supportedSASLMechanisms = slap_sasl_mechs( conn );
193
194         if( supportedSASLMechanisms != NULL ) {
195                 for ( i=0; supportedSASLMechanisms[i] != NULL; i++ ) {
196                         vals[0].bv_val = supportedSASLMechanisms[i];
197                         vals[0].bv_len = strlen( vals[0].bv_val );
198                         if( attr_merge( e, ad_supportedSASLMechanisms, vals, NULL ) ) {
199                                 return LDAP_OTHER;
200                         }
201                 }
202                 ldap_charray_free( supportedSASLMechanisms );
203         }
204
205         if ( default_referral != NULL ) {
206                 if( attr_merge( e, ad_ref, default_referral, NULL /* FIXME */ ) ) {
207                         return LDAP_OTHER;
208                 }
209         }
210
211         if( usr_attr != NULL) {
212                 Attribute *a;
213                 for( a = usr_attr->e_attrs; a != NULL; a = a->a_next ) {
214                         if( attr_merge( e, a->a_desc, a->a_vals,
215                                 (a->a_nvals == a->a_vals) ? NULL : a->a_nvals ) )
216                         {
217                                 return LDAP_OTHER;
218                         }
219                 }
220         }
221
222         *entry = e;
223         return LDAP_SUCCESS;
224 }
225
226 /*
227  * Read the entries specified in fname and merge the attributes
228  * to the user defined rootDSE. Note thaat if we find any errors
229  * what so ever, we will discard the entire entries, print an
230  * error message and return.
231  */
232 int read_root_dse_file( const char *fname )
233 {
234         FILE    *fp;
235         int rc = 0, lineno = 0, lmax = 0;
236         char    *buf = NULL;
237
238         if ( (fp = fopen( fname, "r" )) == NULL ) {
239                 Debug( LDAP_DEBUG_ANY,
240                         "could not open rootdse attr file \"%s\" - absolute path?\n",
241                         fname, 0, 0 );
242                 perror( fname );
243                 return EXIT_FAILURE;
244         }
245
246         usr_attr = (Entry *) SLAP_CALLOC( 1, sizeof(Entry) );
247         if( usr_attr == NULL ) {
248 #ifdef NEW_LOGGING
249                 LDAP_LOG( OPERATION, ERR,
250                         "read_root_dse_file: SLAP_CALLOC failed", 0, 0, 0 );
251 #else
252                 Debug( LDAP_DEBUG_ANY,
253                         "read_root_dse_file: SLAP_CALLOC failed", 0, 0, 0 );
254 #endif
255                 fclose( fp );
256                 return LDAP_OTHER;
257         }
258         usr_attr->e_attrs = NULL;
259
260         while( ldif_read_record( fp, &lineno, &buf, &lmax ) ) {
261                 Entry *e = str2entry( buf );
262                 Attribute *a;
263
264                 if( e == NULL ) {
265                         fprintf( stderr, "root_dse: could not parse entry (line=%d)\n",
266                                 lineno );
267                         rc = EXIT_FAILURE;
268                         break;
269                 }
270
271                 /* make sure the DN is the empty DN */
272                 if( e->e_nname.bv_len ) {
273                         fprintf( stderr,
274                                 "root_dse: invalid rootDSE - dn=\"%s\" (line=%d)\n",
275                                 e->e_dn, lineno );
276                         entry_free( e );
277                         rc = EXIT_FAILURE;
278                         break;
279                 }
280
281                 /*
282                  * we found a valid entry, so walk thru all the attributes in the
283                  * entry, and add each attribute type and description to the
284                  * usr_attr entry
285                  */
286
287                 for(a = e->e_attrs; a != NULL; a = a->a_next) {
288                         if( attr_merge( usr_attr, a->a_desc, a->a_vals,
289                                 (a->a_nvals == a->a_vals) ? NULL : a->a_nvals ) )
290                         {
291                                 rc = LDAP_OTHER;
292                                 break;
293                         }
294                 }
295
296                 entry_free( e );
297                 if (rc) break;
298         }
299
300         if (rc) {
301                 entry_free( usr_attr );
302                 usr_attr = NULL;
303         }
304
305         ch_free( buf );
306
307         fclose( fp );
308
309         Debug(LDAP_DEBUG_CONFIG, "rootDSE file %s read.\n", fname, 0, 0);
310         return rc;
311 }