2 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 * (C) Copyright IBM Corp. 1997,2002
7 * Redistribution and use in source and binary forms are permitted
8 * provided that this notice is preserved and that due credit is
9 * given to IBM Corporation. This software is provided ``as is''
10 * without express or implied warranty.
13 * Portions (C) Copyright PADL Software Pty Ltd.
14 * Redistribution and use in source and binary forms are permitted
15 * provided that this notice is preserved and that due credit is
16 * given to PADL Software Pty Ltd. This software is provided ``as is''
17 * without express or implied warranty.
21 #include "slapi_common.h"
23 #include <ac/string.h>
32 struct berval *ns_get_supported_extop( int );
35 #include <sys/systeminfo.h>
41 * server start time (should we use a struct timeval also in slapd?
43 static struct timeval base_time;
44 ldap_pvt_thread_mutex_t slapi_hn_mutex;
45 ldap_pvt_thread_mutex_t slapi_time_mutex;
48 * This function converts an array of pointers to berval objects to
49 * an array of berval objects.
54 struct berval **bvptr,
57 int rc = LDAP_SUCCESS;
61 if ( bvptr == NULL || *bvptr == NULL ) {
65 for ( i = 0; bvptr != NULL && bvptr[i] != NULL; i++ ) {
69 tmpberval = (BerVarray)slapi_ch_malloc( (i + 1)*sizeof(struct berval));
70 if ( tmpberval == NULL ) {
71 return LDAP_NO_MEMORY;
74 for ( i = 0; bvptr[i] != NULL; i++ ) {
75 tmpberval[i].bv_val = bvptr[i]->bv_val;
76 tmpberval[i].bv_len = bvptr[i]->bv_len;
79 if ( rc == LDAP_SUCCESS ) {
91 #if defined(LDAP_SLAPI)
92 Slapi_Entry *e = NULL;
95 pTmpS = slapi_ch_strdup( s );
96 if ( pTmpS != NULL ) {
97 e = str2entry( pTmpS );
98 slapi_ch_free( (void **)&pTmpS );
102 #else /* !defined(LDAP_SLAPI) */
104 #endif /* !defined(LDAP_SLAPI) */
112 #if defined(LDAP_SLAPI)
115 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
116 ret = entry2str( e, len );
117 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
120 #else /* !defined(LDAP_SLAPI) */
122 #endif /* !defined(LDAP_SLAPI) */
126 slapi_entry_get_dn( Slapi_Entry *e )
128 #if defined(LDAP_SLAPI)
129 return e->e_name.bv_val;
130 #else /* !defined(LDAP_SLAPI) */
132 #endif /* !defined(LDAP_SLAPI) */
136 slapi_x_entry_get_id( Slapi_Entry *e )
138 #if defined(LDAP_SLAPI)
142 #endif /* !defined(LDAP_SLAPI) */
150 #if defined(LDAP_SLAPI)
151 struct berval dn = { 0, NULL };
154 dn.bv_len = strlen( ldn );
156 dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
157 #endif /* defined(LDAP_SLAPI) */
161 slapi_entry_dup( Slapi_Entry *e )
163 #if defined(LDAP_SLAPI)
168 tmp = slapi_entry2str( e, &len );
170 return (Slapi_Entry *)NULL;
173 tmpEnt = (Slapi_Entry *)str2entry( tmp );
174 if ( tmpEnt == NULL ) {
175 slapi_ch_free( (void **)&tmp );
176 return (Slapi_Entry *)NULL;
180 slapi_ch_free( (void **)&tmp );
184 #else /* !defined(LDAP_SLAPI) */
186 #endif /* !defined(LDAP_SLAPI) */
190 slapi_entry_attr_delete(
194 #if defined(LDAP_SLAPI)
195 AttributeDescription *ad = NULL;
198 if ( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
199 return 1; /* LDAP_NO_SUCH_ATTRIBUTE */
202 if ( attr_delete( &e->e_attrs, ad ) == LDAP_SUCCESS ) {
203 return 0; /* attribute is deleted */
205 return -1; /* something went wrong */
207 #else /* !defined(LDAP_SLAPI) */
209 #endif /* !defined(LDAP_SLAPI) */
213 slapi_entry_alloc( void )
215 #if defined(LDAP_SLAPI)
216 return (Slapi_Entry *)slapi_ch_calloc( 1, sizeof(Slapi_Entry) );
217 #else /* !defined(LDAP_SLAPI) */
219 #endif /* !defined(LDAP_SLAPI) */
223 slapi_entry_free( Slapi_Entry *e )
225 #if defined(LDAP_SLAPI)
227 #endif /* defined(LDAP_SLAPI) */
231 slapi_entry_attr_merge(
234 struct berval **vals )
236 #if defined(LDAP_SLAPI)
237 AttributeDescription *ad = NULL;
242 rc = bvptr2obj( vals, &bv );
243 if ( rc != LDAP_SUCCESS ) {
247 rc = slap_str2ad( type, &ad, &text );
248 if ( rc != LDAP_SUCCESS ) {
252 rc = attr_merge( e, ad, bv );
256 #else /* !defined(LDAP_SLAPI) */
258 #endif /* !defined(LDAP_SLAPI) */
262 slapi_entry_attr_find(
267 #if defined(LDAP_SLAPI)
268 AttributeDescription *ad = NULL;
272 rc = slap_str2ad( type, &ad, &text );
273 if ( rc != LDAP_SUCCESS ) {
277 *attr = attr_find( e->e_attrs, ad );
278 if ( *attr == NULL ) {
283 #else /* !defined(LDAP_SLAPI) */
285 #endif /* !defined(LDAP_SLAPI) */
289 slapi_entry_attr_get_charptr( const Slapi_Entry *e, const char *type )
292 AttributeDescription *ad = NULL;
297 rc = slap_str2ad( type, &ad, &text );
298 if ( rc != LDAP_SUCCESS ) {
302 attr = attr_find( e->e_attrs, ad );
303 if ( attr == NULL ) {
307 if ( attr->a_vals != NULL && attr->a_vals[0].bv_val != NULL ) {
308 return slapi_ch_strdup( attr->a_vals[0].bv_val );
318 slapi_entry_attr_get_int( const Slapi_Entry *e, const char *type )
321 AttributeDescription *ad = NULL;
326 rc = slap_str2ad( type, &ad, &text );
327 if ( rc != LDAP_SUCCESS ) {
331 attr = attr_find( e->e_attrs, ad );
332 if ( attr == NULL ) {
336 return slapi_value_get_int( attr->a_vals );
343 slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type )
346 AttributeDescription *ad = NULL;
351 rc = slap_str2ad( type, &ad, &text );
352 if ( rc != LDAP_SUCCESS ) {
356 attr = attr_find( e->e_attrs, ad );
357 if ( attr == NULL ) {
361 return slapi_value_get_long( attr->a_vals );
368 slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type )
371 AttributeDescription *ad = NULL;
376 rc = slap_str2ad( type, &ad, &text );
377 if ( rc != LDAP_SUCCESS ) {
381 attr = attr_find( e->e_attrs, ad );
382 if ( attr == NULL ) {
386 return slapi_value_get_uint( attr->a_vals );
393 slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type )
396 AttributeDescription *ad = NULL;
401 rc = slap_str2ad( type, &ad, &text );
402 if ( rc != LDAP_SUCCESS ) {
406 attr = attr_find( e->e_attrs, ad );
407 if ( attr == NULL ) {
411 return slapi_value_get_ulong( attr->a_vals );
418 slapi_entry_attr_hasvalue( Slapi_Entry *e, const char *type, const char *value )
422 AttributeDescription *ad;
427 rc = slap_str2ad( type, &ad, &text );
428 if ( rc != LDAP_SUCCESS ) {
432 attr = attr_find( e->e_attrs, ad );
433 if ( attr == NULL ) {
437 bv.bv_val = (char *)value;
438 bv.bv_len = strlen( value );
440 return slapi_attr_value_find( attr, &bv );
447 slapi_entry_attr_merge_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
450 return slapi_entry_attr_merge( e, (char *)type, vals );
457 slapi_entry_attr_replace_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
460 AttributeDescription *ad;
465 rc = slap_str2ad( type, &ad, &text );
466 if ( rc != LDAP_SUCCESS ) {
470 attr_delete( &e->e_attrs, ad );
472 rc = bvptr2obj( vals, &bv );
473 if ( rc != LDAP_SUCCESS ) {
477 rc = attr_merge( e, ad, bv );
478 slapi_ch_free( (void **)&bv );
479 if ( rc != LDAP_SUCCESS ) {
486 #endif /* LDAP_SLAPI */
490 * FIXME -- The caller must free the allocated memory.
491 * In Netscape they do not have to.
494 slapi_attr_get_values(
496 struct berval ***vals )
498 #if defined(LDAP_SLAPI)
502 if ( attr == NULL ) {
506 for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
510 bv = (struct berval **)ch_malloc( (i + 1) * sizeof(struct berval *) );
511 for ( j = 0; j < i; j++ ) {
512 bv[j] = ber_dupbv( NULL, &attr->a_vals[j] );
516 *vals = (struct berval **)bv;
519 #else /* !defined(LDAP_SLAPI) */
521 #endif /* !defined(LDAP_SLAPI) */
525 slapi_dn_normalize( char *dn )
527 #if defined(LDAP_SLAPI)
531 assert( dn != NULL );
534 bdn.bv_len = strlen( dn );
536 dnNormalize2( NULL, &bdn, &ndn );
539 * FIXME: ain't it safe to set dn = ndn.bv_val ?
541 dn = ch_strdup( ndn.bv_val );
542 ch_free( ndn.bv_val );
545 #else /* !defined(LDAP_SLAPI) */
547 #endif /* !defined(LDAP_SLAPI) */
551 * FIXME: this function is dangerous and should be deprecated;
552 * DN normalization is a lot more than lower-casing, and BTW
553 * OpenLDAP's DN normalization for case insensitive attributes
554 * is already lower case
557 slapi_dn_normalize_case( char *dn )
559 #if defined(LDAP_SLAPI)
560 slapi_dn_normalize( dn );
561 ldap_pvt_str2lower( dn );
564 #else /* defined(LDAP_SLAPI) */
566 #endif /* defined(LDAP_SLAPI) */
574 #if defined(LDAP_SLAPI)
575 struct berval bdn, ndn;
576 struct berval bsuffix, nsuffix;
578 assert( dn != NULL );
579 assert( suffix != NULL );
582 bdn.bv_len = strlen( dn );
584 bsuffix.bv_val = suffix;
585 bsuffix.bv_len = strlen( suffix );
587 dnNormalize2( NULL, &bdn, &ndn );
588 dnNormalize2( NULL, &bsuffix, &nsuffix );
590 return dnIsSuffix( &ndn, &nsuffix );
591 #else /* !defined(LDAP_SLAPI) */
593 #endif /* !defined(LDAP_SLAPI) */
597 slapi_dn_ignore_case( char *dn )
599 #if defined(LDAP_SLAPI)
600 return slapi_dn_normalize_case( dn );
601 #else /* !defined(LDAP_SLAPI) */
603 #endif /* !defined(LDAP_SLAPI) */
607 slapi_ch_malloc( unsigned long size )
609 #if defined(LDAP_SLAPI)
610 return ch_malloc( size );
611 #else /* !defined(LDAP_SLAPI) */
613 #endif /* !defined(LDAP_SLAPI) */
617 slapi_ch_free( void **ptr )
619 #if defined(LDAP_SLAPI)
622 #endif /* defined(LDAP_SLAPI) */
626 slapi_ch_free_string( char **ptr )
628 #if defined(LDAP_SLAPI)
629 slapi_ch_free( (void **)ptr );
630 #endif /* defined(LDAP_SLAPI) */
634 slapi_ch_array_free( char **arrayp )
639 if ( arrayp != NULL ) {
640 for ( p = arrayp; *p != NULL; p++ ) {
641 slapi_ch_free( (void **)p );
643 slapi_ch_free( (void **)&arrayp );
649 slapi_ch_bvdup(const struct berval *v)
654 bv = (struct berval *) slapi_ch_malloc( sizeof(struct berval) );
655 bv->bv_len = v->bv_len;
656 bv->bv_val = slapi_ch_malloc( bv->bv_len );
657 AC_MEMCPY( bv->bv_val, v->bv_val, bv->bv_len );
666 slapi_ch_bvecdup(const struct berval **v)
676 for ( i = 0; v[i] != NULL; i++ )
679 rv = (struct berval **) slapi_ch_malloc( (i + 1) * sizeof(struct berval *) );
681 for ( i = 0; v[i] != NULL; i++ ) {
682 rv[i] = slapi_ch_bvdup( v[i] );
697 #if defined(LDAP_SLAPI)
698 return ch_calloc( nelem, size );
699 #else /* !defined(LDAP_SLAPI) */
701 #endif /* !defined(LDAP_SLAPI) */
709 #if defined(LDAP_SLAPI)
710 return ch_realloc( block, size );
711 #else /* !defined(LDAP_SLAPI) */
713 #endif /* !defined(LDAP_SLAPI) */
717 slapi_ch_strdup( char *s )
719 #if defined(LDAP_SLAPI)
720 return ch_strdup( (const char *)s );
721 #else /* !defined(LDAP_SLAPI) */
723 #endif /* !defined(LDAP_SLAPI) */
727 slapi_ch_stlen( char *s )
729 #if defined(LDAP_SLAPI)
730 return strlen( (const char *)s );
731 #else /* !defined(LDAP_SLAPI) */
733 #endif /* !defined(LDAP_SLAPI) */
737 slapi_control_present(
738 LDAPControl **controls,
743 #if defined(LDAP_SLAPI)
755 for ( i = 0; controls != NULL && controls[i] != NULL; i++ ) {
756 if ( strcmp( controls[i]->ldctl_oid, oid ) != 0 ) {
761 if ( controls[i]->ldctl_value.bv_len != 0 ) {
763 * FIXME: according to 6.1 specification,
764 * "The val output parameter is set
765 * to point into the controls array.
766 * A copy of the control value is
770 struct berval *pTmpBval;
772 pTmpBval = (struct berval *)slapi_ch_malloc( sizeof(struct berval));
773 if ( pTmpBval == NULL ) {
776 pTmpBval->bv_len = controls[i]->ldctl_value.bv_len;
777 pTmpBval->bv_val = controls[i]->ldctl_value.bv_val;
781 slapi_ch_free( (void **)&pTmpBval );
787 *val = &controls[i]->ldctl_value;
792 *iscritical = controls[i]->ldctl_iscritical;
799 #else /* !defined(LDAP_SLAPI) */
801 #endif /* !defined(LDAP_SLAPI) */
805 slapi_register_supported_control(
807 unsigned long controlops )
809 #if defined(LDAP_SLAPI)
810 /* FIXME -- can not add controls to openLDAP dynamically */
811 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_CONTROLS",
812 "can not add controls to openLDAP dynamically\n" );
813 #endif /* defined(LDAP_SLAPI) */
817 slapi_get_supported_controls(
819 unsigned long **ctrlopsp )
821 #if defined(LDAP_SLAPI)
825 unsigned long *masks = NULL;
827 for (n = 0; get_supported_ctrl( n ) != NULL; n++) {
839 oids = (char **)slapi_ch_malloc( (n + 1) * sizeof(char *) );
840 if ( oids == NULL ) {
845 masks = (unsigned long *)slapi_ch_malloc( n * sizeof(int) );
846 if ( masks == NULL ) {
851 for ( i = 0; i < n; i++ ) {
853 * FIXME: Netscape's specification says nothing about
854 * memory; should we copy the OIDs or return pointers
855 * to internal values? In OpenLDAP the latter is safe
856 * since we do not allow to register coltrols runtime
858 oids[ i ] = ch_strdup( get_supported_ctrl( i ) );
859 if ( oids[ i ] == NULL ) {
863 masks[ i ] = (unsigned long)get_supported_ctrl_mask( i );
871 if ( rc != LDAP_SUCCESS ) {
872 for ( i = 0; oids != NULL && oids[ i ] != NULL; i++ ) {
873 ch_free( oids[ i ] );
880 #else /* !defined(LDAP_SLAPI) */
882 #endif /* !defined(LDAP_SLAPI) */
886 slapi_register_supported_saslmechanism( char *mechanism )
888 #if defined(LDAP_SLAPI)
889 /* FIXME -- can not add saslmechanism to openLDAP dynamically */
890 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
891 "can not add saslmechanism to openLDAP dynamically\n" );
892 #endif /* defined(LDAP_SLAPI) */
896 slapi_get_supported_saslmechanisms( void )
898 #if defined(LDAP_SLAPI)
899 /* FIXME -- can not get the saslmechanism wihtout a connection. */
900 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
901 "can not get the saslmechanism "
902 "wihtout a connection\n" );
904 #else /* defined(LDAP_SLAPI) */
906 #endif /* defined(LDAP_SLAPI) */
910 slapi_get_supported_extended_ops( void )
912 #if defined(LDAP_SLAPI)
914 char **ppExtOpOID = NULL;
917 for ( i = 0; get_supported_extop( i ) != NULL; i++ ) {
921 for ( j = 0; ns_get_supported_extop( j ) != NULL; j++ ) {
926 if ( numExtOps == 0 ) {
930 ppExtOpOID = (char **)slapi_ch_malloc( (numExtOps + 1) * sizeof(char *) );
931 for ( k = 0; k < i; k++ ) {
934 bv = get_supported_extop( k );
935 assert( bv != NULL );
937 ppExtOpOID[ k ] = bv->bv_val;
940 for ( ; k < j; k++ ) {
943 bv = ns_get_supported_extop( k );
944 assert( bv != NULL );
946 ppExtOpOID[ i + k ] = bv->bv_val;
948 ppExtOpOID[ i + k ] = NULL;
951 #else /* !defined(LDAP_SLAPI) */
953 #endif /* !defined(LDAP_SLAPI) */
957 slapi_send_ldap_result(
963 struct berval **urls )
965 #if defined(LDAP_SLAPI)
970 struct berval *extValue = NULL;
973 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
974 slapi_pblock_get( pb, SLAPI_OPERATION, &op );
975 if ( err == LDAP_SASL_BIND_IN_PROGRESS ) {
976 slapi_pblock_get( pb, SLAPI_BIND_RET_SASLCREDS, &s );
977 rc = LDAP_SASL_BIND_IN_PROGRESS;
978 send_ldap_sasl( conn, op, rc, NULL, NULL, NULL, NULL, s );
982 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, &extOID );
983 if ( extOID != NULL ) {
984 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, &extValue );
985 slapi_send_ldap_extended_response( conn, op, err, extOID,
990 send_ldap_result( conn, op, err, matched, text, NULL, NULL );
991 #endif /* defined(LDAP_SLAPI) */
995 slapi_send_ldap_search_entry(
998 LDAPControl **ectrls,
1002 #if defined(LDAP_SLAPI)
1009 AttributeName *an = NULL;
1012 for ( i = 0; attrs[ i ] != NULL; i++ ) {
1017 an = (AttributeName *) ch_malloc( i * sizeof(AttributeName) );
1018 for ( i = 0; attrs[i] != NULL; i++ ) {
1019 an[i].an_name.bv_val = ch_strdup( attrs[i] );
1020 an[i].an_name.bv_len = strlen( attrs[i] );
1021 an[i].an_desc = NULL;
1022 if( slap_bv2ad( &an[i].an_name, &an[i].an_desc, &text ) != LDAP_SUCCESS)
1027 if ( ( rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) ||
1028 ( rc = slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&pConn) != 0 ) ||
1029 ( rc = slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp) != 0 ) ) {
1032 rc = send_search_entry( be, pConn, pOp, e, an, attrsonly, NULL );
1037 #else /* !defined(LDAP_SLAPI) */
1039 #endif /* !defined(LDAP_SLAPI) */
1044 slapi_str2filter( char *str )
1046 #if defined(LDAP_SLAPI)
1047 return str2filter( str );
1048 #else /* !defined(LDAP_SLAPI) */
1050 #endif /* !defined(LDAP_SLAPI) */
1058 #if defined(LDAP_SLAPI)
1060 #endif /* defined(LDAP_SLAPI) */
1064 slapi_filter_get_choice( Slapi_Filter *f )
1066 #if defined(LDAP_SLAPI)
1076 #else /* !defined(LDAP_SLAPI) */
1077 return -1; /* invalid filter type */
1078 #endif /* !defined(LDAP_SLAPI) */
1082 slapi_filter_get_ava(
1085 struct berval **bval )
1087 #if defined(LDAP_SLAPI)
1089 int rc = LDAP_SUCCESS;
1091 assert( type != NULL );
1092 assert( bval != NULL );
1097 ftype = f->f_choice;
1098 if ( ftype == LDAP_FILTER_EQUALITY
1099 || ftype == LDAP_FILTER_GE
1100 || ftype == LDAP_FILTER_LE
1101 || ftype == LDAP_FILTER_APPROX ) {
1102 *type = slapi_ch_strdup( f->f_un.f_un_ava->aa_desc->ad_cname.bv_val );
1103 if ( *type == NULL ) {
1104 rc = LDAP_NO_MEMORY;
1108 *bval = ber_dupbv( NULL, &f->f_un.f_un_ava->aa_value );
1109 if ( *bval == NULL ) {
1110 rc = LDAP_NO_MEMORY;
1113 } else { /* filter type not supported */
1118 if ( rc != LDAP_SUCCESS ) {
1131 #else /* !defined(LDAP_SLAPI) */
1133 #endif /* !defined(LDAP_SLAPI) */
1137 slapi_filter_list_first( Slapi_Filter *f )
1139 #if defined(LDAP_SLAPI)
1146 ftype = f->f_choice;
1147 if ( ftype == LDAP_FILTER_AND
1148 || ftype == LDAP_FILTER_OR
1149 || ftype == LDAP_FILTER_NOT ) {
1150 return (Slapi_Filter *)f->f_and;
1154 #else /* !defined(LDAP_SLAPI) */
1156 #endif /* !defined(LDAP_SLAPI) */
1160 slapi_filter_list_next(
1162 Slapi_Filter *fprev )
1164 #if defined(LDAP_SLAPI)
1171 ftype = f->f_choice;
1172 if ( ftype == LDAP_FILTER_AND
1173 || ftype == LDAP_FILTER_OR
1174 || ftype == LDAP_FILTER_NOT ) {
1175 if ( f->f_and == fprev ) {
1176 return f->f_and->f_next;
1181 #else /* !defined(LDAP_SLAPI) */
1183 #endif /* !defined(LDAP_SLAPI) */
1187 slapi_send_ldap_extended_response(
1192 struct berval *response )
1194 #if defined(LDAP_SLAPI)
1195 send_ldap_extended( conn,op, errornum, NULL, NULL, NULL,
1196 respName,response, NULL );
1197 return LDAP_SUCCESS;
1198 #else /* !defined(LDAP_SLAPI) */
1200 #endif /* !defined(LDAP_SLAPI) */
1205 struct berval **vals,
1208 #if defined(LDAP_SLAPI)
1210 * FIXME: what's the point?
1213 #else /* !defined(LDAP_SLAPI) */
1215 #endif /* !defined(LDAP_SLAPI) */
1219 slapi_get_hostname( void )
1221 #if defined(LDAP_SLAPI)
1225 * FIXME: I'd prefer a different check ...
1228 hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1230 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1231 "can't malloc memory for hostname\n" );
1234 } else if ( sysinfo( SI_HOSTNAME, hn, MAX_HOSTNAME ) < 0 ) {
1235 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1236 "can't get hostname\n" );
1237 slapi_ch_free( (void **)&hn );
1241 static int been_here = 0;
1242 static char *static_hn = NULL;
1244 ldap_pvt_thread_mutex_lock( &slapi_hn_mutex );
1246 static_hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1247 if ( static_hn == NULL) {
1248 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1249 "can't malloc memory for hostname\n" );
1251 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1256 if ( gethostname( static_hn, MAX_HOSTNAME ) != 0 ) {
1257 slapi_log_error( SLAPI_LOG_FATAL,
1259 "can't get hostname\n" );
1260 slapi_ch_free( (void **)&static_hn );
1262 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1271 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1273 hn = ch_strdup( static_hn );
1274 #endif /* !_SPARC */
1277 #else /* !defined(LDAP_SLAPI) */
1279 #endif /* !defined(LDAP_SLAPI) */
1283 * FIXME: this should go in an appropriate header ...
1285 extern int vLogError( int level, char *subsystem, char *fmt, va_list arglist );
1294 #if defined(LDAP_SLAPI)
1295 int rc = LDAP_SUCCESS;
1298 va_start( arglist, fmt );
1299 rc = vLogError( severity, subsystem, fmt, arglist );
1303 #else /* !defined(LDAP_SLAPI) */
1305 #endif /* !defined(LDAP_SLAPI) */
1310 slapi_timer_current_time( void )
1312 #if defined(LDAP_SLAPI)
1313 static int first_time = 1;
1314 #if !defined (_WIN32)
1318 ldap_pvt_thread_mutex_lock( &slapi_time_mutex );
1321 gettimeofday( &base_time, NULL );
1323 gettimeofday( &now, NULL );
1324 ret = ( now.tv_sec - base_time.tv_sec ) * 1000000 +
1325 (now.tv_usec - base_time.tv_usec);
1326 ldap_pvt_thread_mutex_unlock( &slapi_time_mutex );
1332 return (slap_get_time() - starttime) * 1000000;
1339 performance_counter_present = QueryPerformanceCounter( &base_time );
1340 QueryPerformanceFrequency( &performance_freq );
1343 if ( !performance_counter_present )
1346 QueryPerformanceCounter( &now );
1347 return (1000000*(now.QuadPart-base_time.QuadPart))/performance_freq.QuadPart;
1349 #else /* !defined(LDAP_SLAPI) */
1351 #endif /* !defined(LDAP_SLAPI) */
1358 slapi_timer_get_time( char *label )
1360 #if defined(LDAP_SLAPI)
1361 unsigned long start = slapi_timer_current_time();
1362 printf("%10ld %10ld usec %s\n", start, 0, label);
1364 #else /* !defined(LDAP_SLAPI) */
1366 #endif /* !defined(LDAP_SLAPI) */
1373 slapi_timer_elapsed_time(
1375 unsigned long start )
1377 #if defined(LDAP_SLAPI)
1378 unsigned long stop = slapi_timer_current_time();
1379 printf ("%10ld %10ld usec %s\n", stop, stop - start, label);
1380 #endif /* defined(LDAP_SLAPI) */
1384 slapi_free_search_results_internal( Slapi_PBlock *pb )
1386 #if defined(LDAP_SLAPI)
1387 Slapi_Entry **entries;
1388 int k = 0, nEnt = 0;
1390 slapi_pblock_get( pb, SLAPI_NENTRIES, &nEnt );
1391 slapi_pblock_get( pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries );
1396 if ( entries == NULL ) {
1400 for ( k = 0; k < nEnt; k++ ) {
1401 slapi_entry_free( entries[k] );
1404 slapi_ch_free( (void **)&entries );
1405 #endif /* defined(LDAP_SLAPI) */
1409 * Internal API to prime a Slapi_PBlock with a Backend.
1411 int slapi_x_backend_set_pb( Slapi_PBlock *pb, Backend *be )
1413 #if defined(LDAP_SLAPI)
1416 rc = slapi_pblock_set( pb, SLAPI_BACKEND, (void *)be );
1417 if ( rc != LDAP_SUCCESS )
1421 rc = slapi_pblock_set( pb, SLAPI_BE_TYPE, (void *)be->bd_info->bi_type );
1422 if ( rc != LDAP_SUCCESS )
1426 return LDAP_SUCCESS;
1429 #endif /* defined(LDAP_SLAPI) */
1432 #if defined(LDAP_SLAPI)
1434 * If oldStyle is TRUE, then a value suitable for setting to
1435 * the deprecated SLAPI_CONN_AUTHTYPE value is returned
1436 * (pointer to static storage).
1438 * If oldStyle is FALSE, then a value suitable for setting to
1439 * the new SLAPI_CONN_AUTHMETHOD will be returned, which is
1440 * a pointer to allocated memory and will include the SASL
1441 * mechanism (if any).
1443 static char *Authorization2AuthType( AuthorizationInformation *authz, int is_tls, int oldStyle )
1448 switch ( authz->sai_method ) {
1449 case LDAP_AUTH_SASL:
1451 authType = SLAPD_AUTH_SASL;
1453 len = sizeof(SLAPD_AUTH_SASL) + authz->sai_mech.bv_len;
1454 authType = slapi_ch_malloc( len );
1455 snprintf( authType, len, "%s%s", SLAPD_AUTH_SASL, authz->sai_mech.bv_val );
1458 case LDAP_AUTH_SIMPLE:
1459 authType = oldStyle ? SLAPD_AUTH_SIMPLE : slapi_ch_strdup( SLAPD_AUTH_SIMPLE );
1461 case LDAP_AUTH_NONE:
1462 authType = oldStyle ? SLAPD_AUTH_NONE : slapi_ch_strdup( SLAPD_AUTH_NONE );
1468 if ( is_tls && authType == NULL ) {
1469 authType = oldStyle ? SLAPD_AUTH_SSL : slapi_ch_strdup( SLAPD_AUTH_SSL );
1477 * Internal API to prime a Slapi_PBlock with a Connection.
1479 int slapi_x_connection_set_pb( Slapi_PBlock *pb, Connection *conn )
1481 #if defined(LDAP_SLAPI)
1485 rc = slapi_pblock_set( pb, SLAPI_CONNECTION, (void *)conn );
1486 if ( rc != LDAP_SUCCESS )
1489 if ( strncmp( conn->c_peer_name.bv_val, "IP=", 3 ) == 0 ) {
1490 rc = slapi_pblock_set( pb, SLAPI_CONN_CLIENTIP, (void *)&conn->c_peer_name.bv_val[3] );
1491 if ( rc != LDAP_SUCCESS )
1493 } else if ( strncmp( conn->c_peer_name.bv_val, "PATH=", 5 ) == 0 ) {
1494 rc = slapi_pblock_set( pb, SLAPI_X_CONN_CLIENTPATH, (void *)&conn->c_peer_name.bv_val[5] );
1495 if ( rc != LDAP_SUCCESS )
1499 if ( strncmp( conn->c_sock_name.bv_val, "IP=", 3 ) == 0 ) {
1500 rc = slapi_pblock_set( pb, SLAPI_CONN_SERVERIP, (void *)&conn->c_sock_name.bv_val[3] );
1501 if ( rc != LDAP_SUCCESS )
1503 } else if ( strncmp( conn->c_sock_name.bv_val, "PATH=", 5 ) == 0 ) {
1504 rc = slapi_pblock_set( pb, SLAPI_X_CONN_SERVERPATH, (void *)&conn->c_sock_name.bv_val[5] );
1505 if ( rc != LDAP_SUCCESS )
1509 #ifdef LDAP_CONNECTIONLESS
1510 rc = slapi_pblock_set( pb, SLAPI_X_CONN_IS_UDP, (void *)conn->c_is_udp );
1511 if ( rc != LDAP_SUCCESS )
1515 rc = slapi_pblock_set( pb, SLAPI_CONN_ID, (void *)conn->c_connid );
1516 if ( rc != LDAP_SUCCESS )
1519 /* Returns pointer to static string */
1520 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 1 );
1521 if ( connAuthType != NULL ) {
1522 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHTYPE, (void *)connAuthType);
1523 if ( rc != LDAP_SUCCESS )
1527 /* Returns pointer to allocated string */
1528 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 0 );
1529 if ( connAuthType != NULL ) {
1530 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHMETHOD, (void *)connAuthType);
1531 if ( rc != LDAP_SUCCESS )
1535 if ( conn->c_authz.sai_dn.bv_val != NULL ) {
1536 char *connDn = slapi_ch_strdup(conn->c_authz.sai_dn.bv_val);
1537 rc = slapi_pblock_set(pb, SLAPI_CONN_DN, (void *)connDn);
1538 if ( rc != LDAP_SUCCESS )
1545 #endif /* defined(LDAP_SLAPI) */
1549 * Internal API to prime a Slapi_PBlock with an Operation.
1551 int slapi_x_operation_set_pb( Slapi_PBlock *pb, Operation *op )
1553 #if defined(LDAP_SLAPI)
1560 if ( slapi_pblock_get(pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
1564 isRoot = be_isroot( be, &op->o_ndn );
1565 isUpdateDn = be_isupdate( be, &op->o_ndn );
1568 rc = slapi_pblock_set( pb, SLAPI_OPERATION, (void *)op );
1569 if ( rc != LDAP_SUCCESS )
1572 rc = slapi_pblock_set( pb, SLAPI_OPINITIATED_TIME, (void *)op->o_time );
1573 if ( rc != LDAP_SUCCESS )
1576 rc = slapi_pblock_set( pb, SLAPI_OPERATION_ID, (void *)op->o_opid );
1577 if ( rc != LDAP_SUCCESS )
1580 rc = slapi_pblock_set( pb, SLAPI_OPERATION_TYPE, (void *)op->o_tag );
1581 if ( rc != LDAP_SUCCESS )
1584 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, (void *)isRoot );
1585 if ( rc != LDAP_SUCCESS )
1588 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISUPDATEDN, (void *)isUpdateDn );
1589 if ( rc != LDAP_SUCCESS )
1592 rc = slapi_pblock_set( pb, SLAPI_REQCONTROLS, (void *)op->o_ctrls );
1593 if ( rc != LDAP_SUCCESS)
1596 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_DN, (void *)op->o_ndn.bv_val );
1597 if ( rc != LDAP_SUCCESS )
1600 rc = slapi_pblock_get( pb, SLAPI_CONN_AUTHMETHOD, (void *)&opAuthType );
1601 if ( rc == LDAP_SUCCESS && opAuthType != NULL ) {
1602 /* Not quite sure what the point of this is. */
1603 rc = slapi_pblock_set( pb, SLAPI_OPERATION_AUTHTYPE, (void *)opAuthType );
1604 if ( rc != LDAP_SUCCESS )
1608 return LDAP_SUCCESS;
1614 int slapi_is_connection_ssl( Slapi_PBlock *pb, int *isSSL )
1616 #if defined( LDAP_SLAPI )
1619 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
1620 *isSSL = conn->c_is_tls;
1622 return LDAP_SUCCESS;
1625 #endif /* defined(LDAP_SLAPI) */
1629 * DS 5.x compatability API follow
1632 int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags )
1634 #if defined( LDAP_SLAPI )
1638 return LDAP_PARAM_ERROR;
1640 at = attr->a_desc->ad_type;
1642 *flags = SLAPI_ATTR_FLAG_STD_ATTR;
1644 if ( is_at_single_value( at ) )
1645 *flags |= SLAPI_ATTR_FLAG_SINGLE;
1646 if ( is_at_operational( at ) )
1647 *flags |= SLAPI_ATTR_FLAG_OPATTR;
1648 if ( is_at_obsolete( at ) )
1649 *flags |= SLAPI_ATTR_FLAG_OBSOLETE;
1650 if ( is_at_collective( at ) )
1651 *flags |= SLAPI_ATTR_FLAG_COLLECTIVE;
1652 if ( is_at_no_user_mod( at ) )
1653 *flags |= SLAPI_ATTR_FLAG_NOUSERMOD;
1655 return LDAP_SUCCESS;
1658 #endif /* defined(LDAP_SLAPI) */
1661 int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag )
1663 #if defined( LDAP_SLAPI )
1664 unsigned long flags;
1666 if ( slapi_attr_get_flags( attr, &flags ) != 0 )
1668 return (flags & flag) ? 1 : 0;
1671 #endif /* defined(LDAP_SLAPI) */
1674 Slapi_Attr *slapi_attr_new( void )
1679 ad = (Attribute *)slapi_ch_calloc( 1, sizeof(*ad) );
1687 Slapi_Attr *slapi_attr_init( Slapi_Attr *a, const char *type )
1691 AttributeDescription *ad = NULL;
1693 if( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
1708 void slapi_attr_free( Slapi_Attr **a )
1716 Slapi_Attr *slapi_attr_dup( const Slapi_Attr *attr )
1719 return attr_dup( (Slapi_Attr *)attr );
1725 int slapi_attr_add_value( Slapi_Attr *a, const Slapi_Value *v )
1728 return value_add_one( &a->a_vals, (Slapi_Value *)v );
1734 int slapi_attr_type2plugin( const char *type, void **pi )
1741 int slapi_attr_get_type( const Slapi_Attr *attr, char **type )
1744 if ( attr == NULL ) {
1745 return LDAP_PARAM_ERROR;
1748 *type = attr->a_desc->ad_cname.bv_val;
1750 return LDAP_SUCCESS;
1756 int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp )
1759 if ( attr == NULL ) {
1760 return LDAP_PARAM_ERROR;
1762 *oidp = attr->a_desc->ad_type->sat_oid;
1764 return LDAP_SUCCESS;
1770 int slapi_attr_value_cmp( const Slapi_Attr *a, const struct berval *v1, const struct berval *v2 )
1778 mr = a->a_desc->ad_type->sat_equality;
1779 rc = value_match( &ret, a->a_desc, mr, SLAP_MR_ASSERTION_SYNTAX_MATCH,
1780 (struct berval *)v1, (void *)v2, &text );
1781 if ( rc != LDAP_SUCCESS )
1784 return ( ret == 0 ) ? 0 : -1;
1790 int slapi_attr_value_find( const Slapi_Attr *a, struct berval *v )
1800 mr = a->a_desc->ad_type->sat_equality;
1801 for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
1802 rc = value_match( &ret, a->a_desc, mr,
1803 SLAP_MR_ASSERTION_SYNTAX_MATCH, bv, v, &text );
1804 if ( rc != LDAP_SUCCESS ) {
1815 int slapi_attr_type_cmp( const char *t1, const char *t2, int opt )
1818 AttributeDescription *a1 = NULL;
1819 AttributeDescription *a2 = NULL;
1823 if ( slap_str2ad( t1, &a1, &text ) != LDAP_SUCCESS ) {
1827 if ( slap_str2ad( t2, &a2, &text ) != LDAP_SUCCESS ) {
1831 #define ad_base_cmp(l,r) (((l)->ad_type->sat_cname.bv_len < (r)->ad_type->sat_cname.bv_len) \
1832 ? -1 : (((l)->ad_type->sat_cname.bv_len > (r)->ad_type->sat_cname.bv_len) \
1833 ? 1 : strcasecmp((l)->ad_type->sat_cname.bv_val, (r)->ad_type->sat_cname.bv_val )))
1836 case SLAPI_TYPE_CMP_EXACT:
1837 ret = ad_cmp( a1, a2 );
1839 case SLAPI_TYPE_CMP_BASE:
1840 ret = ad_base_cmp( a1, a2 );
1842 case SLAPI_TYPE_CMP_SUBTYPE:
1843 ret = is_ad_subtype( a2, a2 );
1856 int slapi_attr_types_equivalent( const char *t1, const char *t2 )
1859 return slapi_attr_type_cmp( t1, t2, SLAPI_TYPE_CMP_EXACT );
1865 int slapi_attr_first_value( Slapi_Attr *a, Slapi_Value **v )
1868 return slapi_valueset_first_value( &a->a_vals, v );
1874 int slapi_attr_next_value( Slapi_Attr *a, int hint, Slapi_Value **v )
1877 return slapi_valueset_next_value( &a->a_vals, hint, v );
1883 int slapi_attr_get_numvalues( const Slapi_Attr *a, int *numValues )
1886 *numValues = slapi_valueset_count( &a->a_vals );
1894 int slapi_attr_get_valueset( const Slapi_Attr *a, Slapi_ValueSet **vs )
1897 *vs = &((Slapi_Attr *)a)->a_vals;
1905 int slapi_attr_get_bervals_copy( Slapi_Attr *a, struct berval ***vals )
1908 return slapi_attr_get_values( a, vals );
1914 char *slapi_attr_syntax_normalize( const char *s )
1917 AttributeDescription *ad = NULL;
1920 if ( slap_str2ad( s, &ad, &text ) != LDAP_SUCCESS ) {
1924 return ad->ad_cname.bv_val;
1930 Slapi_Value *slapi_value_new( void )
1935 bv = (struct berval *)slapi_ch_malloc( sizeof(*bv) );
1943 Slapi_Value *slapi_value_new_berval(const struct berval *bval)
1946 return ber_dupbv( NULL, (struct berval *)bval );
1952 Slapi_Value *slapi_value_new_value(const Slapi_Value *v)
1955 return slapi_value_new_berval( v );
1961 Slapi_Value *slapi_value_new_string(const char *s)
1966 bv.bv_val = (char *)s;
1967 bv.bv_len = strlen( s );
1969 return slapi_value_new_berval( &bv );
1975 Slapi_Value *slapi_value_init(Slapi_Value *val)
1987 Slapi_Value *slapi_value_init_berval(Slapi_Value *v, struct berval *bval)
1990 return ber_dupbv( v, bval );
1996 Slapi_Value *slapi_value_init_string(Slapi_Value *v, const char *s)
1999 v->bv_val = slapi_ch_strdup( (char *)s );
2000 v->bv_len = strlen( s );
2008 Slapi_Value *slapi_value_dup(const Slapi_Value *v)
2011 return slapi_value_new_value( v );
2017 void slapi_value_free(Slapi_Value **value)
2020 if ( value == NULL ) {
2024 if ( (*value) != NULL ) {
2025 slapi_ch_free( (void **)&(*value)->bv_val );
2026 slapi_ch_free( (void **)value );
2031 const struct berval *slapi_value_get_berval( const Slapi_Value *value )
2040 Slapi_Value *slapi_value_set_berval( Slapi_Value *value, const struct berval *bval )
2043 if ( value == NULL ) {
2046 if ( value->bv_val != NULL ) {
2047 slapi_ch_free( (void **)&value->bv_val );
2049 slapi_value_init_berval( value, (struct berval *)bval );
2057 Slapi_Value *slapi_value_set_value( Slapi_Value *value, const Slapi_Value *vfrom)
2060 if ( value == NULL ) {
2063 return slapi_value_set_berval( value, vfrom );
2069 Slapi_Value *slapi_value_set( Slapi_Value *value, void *val, unsigned long len)
2072 if ( value == NULL ) {
2075 if ( value->bv_val != NULL ) {
2076 slapi_ch_free( (void **)&value->bv_val );
2078 value->bv_val = slapi_ch_malloc( len );
2079 value->bv_len = len;
2080 AC_MEMCPY( value->bv_val, val, len );
2088 int slapi_value_set_string(Slapi_Value *value, const char *strVal)
2091 if ( value == NULL ) {
2094 slapi_value_set( value, (void *)strVal, strlen( strVal ) );
2101 int slapi_value_set_int(Slapi_Value *value, int intVal)
2106 snprintf( buf, sizeof( buf ), "%d", intVal );
2108 return slapi_value_set_string( value, buf );
2114 const char *slapi_value_get_string(const Slapi_Value *value)
2117 if ( value == NULL ) {
2120 return value->bv_val;
2127 static int checkBVString(const struct berval *bv)
2131 for ( i = 0; i < bv->bv_len; i++ ) {
2132 if ( bv->bv_val[i] == '\0' )
2135 if ( bv->bv_val[i] != '\0' )
2142 int slapi_value_get_int(const Slapi_Value *value)
2145 if ( value == NULL ) return 0;
2146 if ( value->bv_val == NULL ) return 0;
2147 if ( !checkBVString( value ) ) return 0;
2149 return (int)strtol( value->bv_val, NULL, 10 );
2155 unsigned int slapi_value_get_uint(const Slapi_Value *value)
2158 if ( value == NULL ) return 0;
2159 if ( value->bv_val == NULL ) return 0;
2160 if ( !checkBVString( value ) ) return 0;
2162 return (unsigned int)strtoul( value->bv_val, NULL, 10 );
2168 long slapi_value_get_long(const Slapi_Value *value)
2171 if ( value == NULL ) return 0;
2172 if ( value->bv_val == NULL ) return 0;
2173 if ( !checkBVString( value ) ) return 0;
2175 return strtol( value->bv_val, NULL, 10 );
2181 unsigned long slapi_value_get_ulong(const Slapi_Value *value)
2184 if ( value == NULL ) return 0;
2185 if ( value->bv_val == NULL ) return 0;
2186 if ( !checkBVString( value ) ) return 0;
2188 return strtoul( value->bv_val, NULL, 10 );
2194 size_t slapi_value_get_length(const Slapi_Value *value)
2197 if ( value == NULL )
2200 return (size_t) value->bv_len;
2206 int slapi_value_compare(const Slapi_Attr *a, const Slapi_Value *v1, const Slapi_Value *v2)
2209 return slapi_attr_value_cmp( a, v1, v2 );
2215 /* A ValueSet is a container for a BerVarray. */
2216 Slapi_ValueSet *slapi_valueset_new( void )
2221 vs = (Slapi_ValueSet *)slapi_ch_malloc( sizeof( *vs ) );
2230 void slapi_valueset_free(Slapi_ValueSet *vs)
2236 ber_bvarray_free( vp );
2237 slapi_ch_free( (void **)&vp );
2244 void slapi_valueset_init(Slapi_ValueSet *vs)
2247 if ( vs != NULL && *vs == NULL ) {
2248 *vs = (Slapi_ValueSet)slapi_ch_calloc( 1, sizeof(struct berval) );
2249 (*vs)->bv_val = NULL;
2255 void slapi_valueset_done(Slapi_ValueSet *vs)
2263 for ( vp = *vs; vp->bv_val != NULL; vp++ ) {
2265 slapi_ch_free( (void **)&vp->bv_val );
2267 /* but don't free *vs or vs */
2271 void slapi_valueset_add_value(Slapi_ValueSet *vs, const Slapi_Value *addval)
2276 ber_dupbv( &bv, (Slapi_Value *)addval );
2277 ber_bvarray_add( vs, &bv );
2281 int slapi_valueset_first_value( Slapi_ValueSet *vs, Slapi_Value **v )
2284 return slapi_valueset_next_value( vs, 0, v );
2290 int slapi_valueset_next_value( Slapi_ValueSet *vs, int index, Slapi_Value **v)
2301 for ( i = 0; vp[i].bv_val != NULL; i++ ) {
2312 int slapi_valueset_count( const Slapi_ValueSet *vs )
2323 for ( i = 0; vp[i].bv_val != NULL; i++ )
2333 void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2)
2338 for ( vp = *vs2; vp->bv_val != NULL; vp++ ) {
2339 slapi_valueset_add_value( vs1, vp );
2344 int slapi_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr,
2345 struct berval *val, int access )
2352 slap_access_t slap_access;
2353 AttributeDescription *ad = NULL;
2356 ret = slap_str2ad( attr, &ad, &text );
2357 if ( ret != LDAP_SUCCESS ) {
2361 switch ( access & SLAPI_ACL_ALL ) {
2362 case SLAPI_ACL_COMPARE:
2363 slap_access = ACL_COMPARE;
2365 case SLAPI_ACL_SEARCH:
2366 slap_access = ACL_SEARCH;
2368 case SLAPI_ACL_READ:
2369 slap_access = ACL_READ;
2371 case SLAPI_ACL_WRITE:
2372 case SLAPI_ACL_DELETE:
2374 case SLAPI_ACL_SELF:
2375 slap_access = ACL_WRITE;
2378 return LDAP_INSUFFICIENT_ACCESS;
2382 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2383 return LDAP_PARAM_ERROR;
2386 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2387 return LDAP_PARAM_ERROR;
2390 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2391 return LDAP_PARAM_ERROR;
2394 ret = access_allowed( be, conn, op, e, desc, val, slap_access, NULL );
2396 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2398 return LDAP_UNWILLING_TO_PERFORM;
2402 int slapi_acl_check_mods(Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf)
2410 Modifications *next;
2412 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2413 return LDAP_PARAM_ERROR;
2416 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2417 return LDAP_PARAM_ERROR;
2420 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2421 return LDAP_PARAM_ERROR;
2424 ml = slapi_x_ldapmods2modifications( mods );
2429 ret = acl_check_modlist( be, conn, op, e, ml );
2431 /* Careful when freeing the modlist because it has pointers into the mods array. */
2432 for ( ; ml != NULL; ml = next ) {
2433 next = ml->sml_next;
2435 /* just free the containing array */
2436 slapi_ch_free( (void **)&ml->sml_bvalues );
2437 slapi_ch_free( (void **)&ml );
2440 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2442 return LDAP_UNWILLING_TO_PERFORM;
2447 * Synthesise an LDAPMod array from a Modifications list to pass
2448 * to SLAPI. This synthesis is destructive and as such the
2449 * Modifications list may not be used after calling this
2452 * This function must also be called before slap_mods_check().
2454 LDAPMod **slapi_x_modifications2ldapmods(Modifications **pmodlist)
2457 Modifications *ml, *modlist;
2458 LDAPMod **mods, *modp;
2461 modlist = *pmodlist;
2463 for( i = 0, ml = modlist; ml != NULL; i++, ml = ml->sml_next )
2466 mods = (LDAPMod **)ch_malloc( (i + 1) * sizeof(LDAPMod *) );
2468 for( i = 0, ml = modlist; ml != NULL; ml = ml->sml_next ) {
2470 modp->mod_op = ml->sml_op | LDAP_MOD_BVALUES;
2472 /* Take ownership of original type. */
2473 modp->mod_type = ml->sml_type.bv_val;
2474 ml->sml_type.bv_val = NULL;
2476 if ( ml->sml_bvalues != NULL ) {
2477 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ )
2479 modp->mod_bvalues = (struct berval **)ch_malloc( (j + 1) *
2480 sizeof(struct berval *) );
2481 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ ) {
2482 /* Take ownership of original values. */
2483 modp->mod_bvalues[j] = (struct berval *)ch_malloc( sizeof(struct berval) );
2484 modp->mod_bvalues[j]->bv_len = ml->sml_bvalues[j].bv_len;
2485 modp->mod_bvalues[j]->bv_val = ml->sml_bvalues[j].bv_val;
2486 ml->sml_bvalues[j].bv_len = 0;
2487 ml->sml_bvalues[j].bv_val = NULL;
2489 modp->mod_bvalues[j] = NULL;
2491 modp->mod_bvalues = NULL;
2498 slap_mods_free( modlist );
2508 * Convert a potentially modified array of LDAPMods back to a
2509 * Modification list.
2511 * The returned Modification list contains pointers into the
2512 * LDAPMods array; the latter MUST be freed with
2513 * slapi_x_free_ldapmods() (see below).
2515 Modifications *slapi_x_ldapmods2modifications (LDAPMod **mods)
2518 Modifications *modlist, **modtail;
2523 for( modp = mods; *modp != NULL; modp++ ) {
2527 struct berval **bvp;
2529 mod = (Modifications *) ch_malloc( sizeof(Modifications) );
2530 mod->sml_op = (*modp)->mod_op & (~LDAP_MOD_BVALUES);
2531 mod->sml_type.bv_val = (*modp)->mod_type;
2532 mod->sml_type.bv_len = strlen( mod->sml_type.bv_val );
2533 mod->sml_desc = NULL;
2534 mod->sml_next = NULL;
2536 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2537 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ )
2540 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ )
2544 mod->sml_bvalues = (BerVarray) ch_malloc( (i + 1) * sizeof(struct berval) );
2546 /* NB: This implicitly trusts a plugin to return valid modifications. */
2547 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2548 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ ) {
2549 mod->sml_bvalues[i].bv_val = (*bvp)->bv_val;
2550 mod->sml_bvalues[i].bv_len = (*bvp)->bv_len;
2553 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ ) {
2554 mod->sml_bvalues[i].bv_val = *p;
2555 mod->sml_bvalues[i].bv_len = strlen( *p );
2558 mod->sml_bvalues[i].bv_val = NULL;
2561 modtail = &mod->sml_next;
2571 * This function only frees the parts of the mods array that
2572 * are not shared with the Modification list that was created
2573 * by slapi_x_ldapmods2modifications().
2576 void slapi_x_free_ldapmods (LDAPMod **mods)
2584 for ( i = 0; mods[i] != NULL; i++ ) {
2586 * Don't free values themselves; they're owned by the
2587 * Modification list. Do free the containing array.
2589 if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
2590 for ( j = 0; mods[i]->mod_bvalues[j] != NULL; j++ ) {
2591 ch_free( mods[i]->mod_bvalues[j] );
2593 ch_free( mods[i]->mod_bvalues );
2595 ch_free( mods[i]->mod_values );
2597 /* Don't free type, for same reasons. */
2601 #endif /* LDAP_SLAPI */
2605 * Sun ONE DS 5.x computed attribute support. Computed attributes
2606 * allow for dynamically generated operational attributes, a very
2607 * useful thing indeed.
2611 * Write the computed attribute to a BerElement. Complementary
2612 * functions need to be defined for anything that replaces
2613 * op->o_callback->sc_sendentry, if you wish to make computed
2614 * attributes available to it.
2616 int slapi_x_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
2620 Connection *conn = NULL;
2621 Operation *op = NULL;
2623 AttributeDescription *desc;
2639 rc = slapi_pblock_get( c->cac_pb, SLAPI_BACKEND, (void *)&be );
2641 be = NULL; /* no backend for root DSE */
2644 rc = slapi_pblock_get( c->cac_pb, SLAPI_CONNECTION, (void *)&conn );
2645 if ( rc != 0 || conn == NULL ) {
2649 rc = slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, (void *)&op );
2650 if ( rc != 0 || op == NULL ) {
2654 ber = (BerElement *)c->cac_private;
2657 if ( c->cac_attrs == NULL ) {
2658 /* All attrs request, skip operational attributes */
2659 if ( is_at_operational( desc->ad_type ) ) {
2663 /* Specific attrs requested */
2664 if ( is_at_operational( desc->ad_type ) ) {
2665 if ( !c->cac_opattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2669 if ( !c->cac_userattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2675 if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
2676 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2677 "acl: access to attribute %s not allowed\n",
2678 desc->ad_cname.bv_val );
2682 rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname );
2684 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2685 "ber_printf failed\n");
2689 if ( !c->cac_attrsonly ) {
2690 for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
2691 if ( !access_allowed( be, conn, op, e,
2692 desc, &a->a_vals[i], ACL_READ, &c->cac_acl_state)) {
2693 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2694 "slapi_x_compute_output_ber: conn %lu "
2695 "acl: access to %s, value %d not allowed\n",
2696 op->o_connid, desc->ad_cname.bv_val, i );
2700 if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
2701 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2702 "ber_printf failed\n");
2708 if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
2709 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2710 "ber_printf failed\n" );
2721 * For some reason Sun don't use the normal plugin mechanism
2722 * registration path to register an "evaluator" function (an
2723 * "evaluator" is responsible for adding computed attributes;
2724 * the nomenclature is somewhat confusing).
2726 * As such slapi_compute_add_evaluator() registers the
2727 * function directly.
2729 int slapi_compute_add_evaluator(slapi_compute_callback_t function)
2732 Slapi_PBlock *pPlugin = NULL;
2735 pPlugin = slapi_pblock_new();
2736 if ( pPlugin == NULL ) {
2737 rc = LDAP_NO_MEMORY;
2741 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2742 if ( rc != LDAP_SUCCESS ) {
2746 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (void *)function );
2747 if ( rc != LDAP_SUCCESS ) {
2751 rc = insertPlugin( NULL, pPlugin );
2758 if ( rc != LDAP_SUCCESS ) {
2759 if ( pPlugin != NULL ) {
2760 slapi_pblock_destroy( pPlugin );
2768 #endif /* LDAP_SLAPI */
2772 * See notes above regarding slapi_compute_add_evaluator().
2774 int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function)
2777 Slapi_PBlock *pPlugin = NULL;
2780 pPlugin = slapi_pblock_new();
2781 if ( pPlugin == NULL ) {
2782 rc = LDAP_NO_MEMORY;
2786 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2787 if ( rc != LDAP_SUCCESS ) {
2791 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, (void *)function );
2792 if ( rc != LDAP_SUCCESS ) {
2796 rc = insertPlugin( NULL, pPlugin );
2803 if ( rc != LDAP_SUCCESS ) {
2804 if ( pPlugin != NULL ) {
2805 slapi_pblock_destroy( pPlugin );
2813 #endif /* LDAP_SLAPI */
2817 * Call compute evaluators
2819 int compute_evaluator(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn)
2823 slapi_compute_callback_t *pGetPlugin, *tmpPlugin;
2825 rc = getAllPluginFuncs( NULL, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (SLAPI_FUNC **)&tmpPlugin );
2826 if ( rc != LDAP_SUCCESS || tmpPlugin == NULL ) {
2827 /* Nothing to do; front-end should ignore. */
2831 for ( pGetPlugin = tmpPlugin; *pGetPlugin != NULL; pGetPlugin++ ) {
2833 * -1: no attribute matched requested type
2834 * 0: one attribute matched
2835 * >0: error happened
2837 rc = (*pGetPlugin)( c, type, e, outputfn );
2843 slapi_ch_free( (void **)&tmpPlugin );
2848 #endif /* LDAP_SLAPI */
2851 int compute_rewrite_search_filter(Slapi_PBlock *pb)
2857 rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be );
2862 return doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb );
2865 #endif /* LDAP_SLAPI */
2869 * New API to provide the plugin with access to the search
2870 * pblock. Have informed Sun DS team.
2872 int slapi_x_compute_get_pblock(computed_attr_context *c, Slapi_PBlock **pb)
2878 if ( c->cac_pb == NULL )
2886 #endif /* LDAP_SLAPI */