2 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 * (C) Copyright IBM Corp. 1997,2002
7 * Redistribution and use in source and binary forms are permitted
8 * provided that this notice is preserved and that due credit is
9 * given to IBM Corporation. This software is provided ``as is''
10 * without express or implied warranty.
13 * Portions (C) Copyright PADL Software Pty Ltd.
14 * Redistribution and use in source and binary forms are permitted
15 * provided that this notice is preserved and that due credit is
16 * given to PADL Software Pty Ltd. This software is provided ``as is''
17 * without express or implied warranty.
21 #include "slapi_common.h"
23 #include <ac/string.h>
32 struct berval *ns_get_supported_extop( int );
35 #include <sys/systeminfo.h>
41 * server start time (should we use a struct timeval also in slapd?
43 static struct timeval base_time;
44 ldap_pvt_thread_mutex_t slapi_hn_mutex;
45 ldap_pvt_thread_mutex_t slapi_time_mutex;
48 * This function converts an array of pointers to berval objects to
49 * an array of berval objects.
54 struct berval **bvptr,
57 int rc = LDAP_SUCCESS;
61 if ( bvptr == NULL || *bvptr == NULL ) {
65 for ( i = 0; bvptr != NULL && bvptr[i] != NULL; i++ ) {
69 tmpberval = (BerVarray)slapi_ch_malloc( (i + 1)*sizeof(struct berval));
70 if ( tmpberval == NULL ) {
71 return LDAP_NO_MEMORY;
74 for ( i = 0; bvptr[i] != NULL; i++ ) {
75 tmpberval[i].bv_val = bvptr[i]->bv_val;
76 tmpberval[i].bv_len = bvptr[i]->bv_len;
79 if ( rc == LDAP_SUCCESS ) {
91 #if defined(LDAP_SLAPI)
92 Slapi_Entry *e = NULL;
95 pTmpS = slapi_ch_strdup( s );
96 if ( pTmpS != NULL ) {
97 e = str2entry( pTmpS );
98 slapi_ch_free( (void **)&pTmpS );
102 #else /* !defined(LDAP_SLAPI) */
104 #endif /* !defined(LDAP_SLAPI) */
112 #if defined(LDAP_SLAPI)
115 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
116 ret = entry2str( e, len );
117 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
120 #else /* !defined(LDAP_SLAPI) */
122 #endif /* !defined(LDAP_SLAPI) */
126 slapi_entry_get_dn( Slapi_Entry *e )
128 #if defined(LDAP_SLAPI)
129 return e->e_name.bv_val;
130 #else /* !defined(LDAP_SLAPI) */
132 #endif /* !defined(LDAP_SLAPI) */
136 slapi_x_entry_get_id( Slapi_Entry *e )
138 #if defined(LDAP_SLAPI)
142 #endif /* !defined(LDAP_SLAPI) */
150 #if defined(LDAP_SLAPI)
151 struct berval dn = { 0, NULL };
154 dn.bv_len = strlen( ldn );
156 dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
157 #endif /* defined(LDAP_SLAPI) */
161 slapi_entry_dup( Slapi_Entry *e )
163 #if defined(LDAP_SLAPI)
168 tmp = slapi_entry2str( e, &len );
170 return (Slapi_Entry *)NULL;
173 tmpEnt = (Slapi_Entry *)str2entry( tmp );
174 if ( tmpEnt == NULL ) {
175 slapi_ch_free( (void **)&tmp );
176 return (Slapi_Entry *)NULL;
180 slapi_ch_free( (void **)&tmp );
184 #else /* !defined(LDAP_SLAPI) */
186 #endif /* !defined(LDAP_SLAPI) */
190 slapi_entry_attr_delete(
194 #if defined(LDAP_SLAPI)
195 AttributeDescription *ad = NULL;
198 if ( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
199 return 1; /* LDAP_NO_SUCH_ATTRIBUTE */
202 if ( attr_delete( &e->e_attrs, ad ) == LDAP_SUCCESS ) {
203 return 0; /* attribute is deleted */
205 return -1; /* something went wrong */
207 #else /* !defined(LDAP_SLAPI) */
209 #endif /* !defined(LDAP_SLAPI) */
213 slapi_entry_alloc( void )
215 #if defined(LDAP_SLAPI)
216 return (Slapi_Entry *)slapi_ch_calloc( 1, sizeof(Slapi_Entry) );
217 #else /* !defined(LDAP_SLAPI) */
219 #endif /* !defined(LDAP_SLAPI) */
223 slapi_entry_free( Slapi_Entry *e )
225 #if defined(LDAP_SLAPI)
227 #endif /* defined(LDAP_SLAPI) */
231 slapi_entry_attr_merge(
234 struct berval **vals )
236 #if defined(LDAP_SLAPI)
237 AttributeDescription *ad = NULL;
242 rc = bvptr2obj( vals, &bv );
243 if ( rc != LDAP_SUCCESS ) {
247 rc = slap_str2ad( type, &ad, &text );
248 if ( rc != LDAP_SUCCESS ) {
252 rc = attr_merge( e, ad, bv );
256 #else /* !defined(LDAP_SLAPI) */
258 #endif /* !defined(LDAP_SLAPI) */
262 slapi_entry_attr_find(
267 #if defined(LDAP_SLAPI)
268 AttributeDescription *ad = NULL;
272 rc = slap_str2ad( type, &ad, &text );
273 if ( rc != LDAP_SUCCESS ) {
277 *attr = attr_find( e->e_attrs, ad );
278 if ( *attr == NULL ) {
283 #else /* !defined(LDAP_SLAPI) */
285 #endif /* !defined(LDAP_SLAPI) */
289 slapi_entry_attr_get_charptr( const Slapi_Entry *e, const char *type )
292 AttributeDescription *ad = NULL;
297 rc = slap_str2ad( type, &ad, &text );
298 if ( rc != LDAP_SUCCESS ) {
302 attr = attr_find( e->e_attrs, ad );
303 if ( attr == NULL ) {
307 if ( attr->a_vals != NULL && attr->a_vals[0].bv_val != NULL ) {
308 return slapi_ch_strdup( attr->a_vals[0].bv_val );
318 slapi_entry_attr_get_int( const Slapi_Entry *e, const char *type )
321 AttributeDescription *ad = NULL;
326 rc = slap_str2ad( type, &ad, &text );
327 if ( rc != LDAP_SUCCESS ) {
331 attr = attr_find( e->e_attrs, ad );
332 if ( attr == NULL ) {
336 return slapi_value_get_int( attr->a_vals );
343 slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type )
346 AttributeDescription *ad = NULL;
351 rc = slap_str2ad( type, &ad, &text );
352 if ( rc != LDAP_SUCCESS ) {
356 attr = attr_find( e->e_attrs, ad );
357 if ( attr == NULL ) {
361 return slapi_value_get_long( attr->a_vals );
368 slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type )
371 AttributeDescription *ad = NULL;
376 rc = slap_str2ad( type, &ad, &text );
377 if ( rc != LDAP_SUCCESS ) {
381 attr = attr_find( e->e_attrs, ad );
382 if ( attr == NULL ) {
386 return slapi_value_get_uint( attr->a_vals );
393 slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type )
396 AttributeDescription *ad = NULL;
401 rc = slap_str2ad( type, &ad, &text );
402 if ( rc != LDAP_SUCCESS ) {
406 attr = attr_find( e->e_attrs, ad );
407 if ( attr == NULL ) {
411 return slapi_value_get_ulong( attr->a_vals );
418 slapi_entry_attr_hasvalue( Slapi_Entry *e, const char *type, const char *value )
422 AttributeDescription *ad;
427 rc = slap_str2ad( type, &ad, &text );
428 if ( rc != LDAP_SUCCESS ) {
432 attr = attr_find( e->e_attrs, ad );
433 if ( attr == NULL ) {
437 bv.bv_val = (char *)value;
438 bv.bv_len = strlen( value );
440 return slapi_attr_value_find( attr, &bv );
447 slapi_entry_attr_merge_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
450 return slapi_entry_attr_merge( e, (char *)type, vals );
457 slapi_entry_attr_replace_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
460 AttributeDescription *ad;
465 rc = slap_str2ad( type, &ad, &text );
466 if ( rc != LDAP_SUCCESS ) {
470 attr_delete( &e->e_attrs, ad );
472 rc = bvptr2obj( vals, &bv );
473 if ( rc != LDAP_SUCCESS ) {
477 rc = attr_merge( e, ad, bv );
478 slapi_ch_free( (void **)&bv );
479 if ( rc != LDAP_SUCCESS ) {
486 #endif /* LDAP_SLAPI */
490 * FIXME -- The caller must free the allocated memory.
491 * In Netscape they do not have to.
494 slapi_attr_get_values(
496 struct berval ***vals )
498 #if defined(LDAP_SLAPI)
502 if ( attr == NULL ) {
506 for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
510 bv = (struct berval **)ch_malloc( (i + 1) * sizeof(struct berval *) );
511 for ( j = 0; j < i; j++ ) {
512 bv[j] = ber_dupbv( NULL, &attr->a_vals[j] );
516 *vals = (struct berval **)bv;
519 #else /* !defined(LDAP_SLAPI) */
521 #endif /* !defined(LDAP_SLAPI) */
525 slapi_dn_normalize( char *dn )
527 #if defined(LDAP_SLAPI)
531 assert( dn != NULL );
534 bdn.bv_len = strlen( dn );
536 dnNormalize2( NULL, &bdn, &ndn );
539 * FIXME: ain't it safe to set dn = ndn.bv_val ?
541 dn = ch_strdup( ndn.bv_val );
542 ch_free( ndn.bv_val );
545 #else /* !defined(LDAP_SLAPI) */
547 #endif /* !defined(LDAP_SLAPI) */
551 * FIXME: this function is dangerous and should be deprecated;
552 * DN normalization is a lot more than lower-casing, and BTW
553 * OpenLDAP's DN normalization for case insensitive attributes
554 * is already lower case
557 slapi_dn_normalize_case( char *dn )
559 #if defined(LDAP_SLAPI)
560 slapi_dn_normalize( dn );
561 ldap_pvt_str2lower( dn );
564 #else /* defined(LDAP_SLAPI) */
566 #endif /* defined(LDAP_SLAPI) */
574 #if defined(LDAP_SLAPI)
575 struct berval bdn, ndn;
576 struct berval bsuffix, nsuffix;
578 assert( dn != NULL );
579 assert( suffix != NULL );
582 bdn.bv_len = strlen( dn );
584 bsuffix.bv_val = suffix;
585 bsuffix.bv_len = strlen( suffix );
587 dnNormalize2( NULL, &bdn, &ndn );
588 dnNormalize2( NULL, &bsuffix, &nsuffix );
590 return dnIsSuffix( &ndn, &nsuffix );
591 #else /* !defined(LDAP_SLAPI) */
593 #endif /* !defined(LDAP_SLAPI) */
597 slapi_dn_ignore_case( char *dn )
599 #if defined(LDAP_SLAPI)
600 return slapi_dn_normalize_case( dn );
601 #else /* !defined(LDAP_SLAPI) */
603 #endif /* !defined(LDAP_SLAPI) */
607 slapi_ch_malloc( unsigned long size )
609 #if defined(LDAP_SLAPI)
610 return ch_malloc( size );
611 #else /* !defined(LDAP_SLAPI) */
613 #endif /* !defined(LDAP_SLAPI) */
617 slapi_ch_free( void **ptr )
619 #if defined(LDAP_SLAPI)
622 #endif /* defined(LDAP_SLAPI) */
626 slapi_ch_free_string( char **ptr )
628 #if defined(LDAP_SLAPI)
629 slapi_ch_free( (void **)ptr );
630 #endif /* defined(LDAP_SLAPI) */
634 slapi_ch_array_free( char **arrayp )
639 if ( arrayp != NULL ) {
640 for ( p = arrayp; *p != NULL; p++ ) {
641 slapi_ch_free( (void **)p );
643 slapi_ch_free( (void **)&arrayp );
649 slapi_ch_bvdup(const struct berval *v)
654 bv = (struct berval *) slapi_ch_malloc( sizeof(struct berval) );
655 bv->bv_len = v->bv_len;
656 bv->bv_val = slapi_ch_malloc( bv->bv_len );
657 AC_MEMCPY( bv->bv_val, v->bv_val, bv->bv_len );
666 slapi_ch_bvecdup(const struct berval **v)
676 for ( i = 0; v[i] != NULL; i++ )
679 rv = (struct berval **) slapi_ch_malloc( (i + 1) * sizeof(struct berval *) );
681 for ( i = 0; v[i] != NULL; i++ ) {
682 rv[i] = slapi_ch_bvdup( v[i] );
697 #if defined(LDAP_SLAPI)
698 return ch_calloc( nelem, size );
699 #else /* !defined(LDAP_SLAPI) */
701 #endif /* !defined(LDAP_SLAPI) */
709 #if defined(LDAP_SLAPI)
710 return ch_realloc( block, size );
711 #else /* !defined(LDAP_SLAPI) */
713 #endif /* !defined(LDAP_SLAPI) */
717 slapi_ch_strdup( char *s )
719 #if defined(LDAP_SLAPI)
720 return ch_strdup( (const char *)s );
721 #else /* !defined(LDAP_SLAPI) */
723 #endif /* !defined(LDAP_SLAPI) */
727 slapi_ch_stlen( char *s )
729 #if defined(LDAP_SLAPI)
730 return strlen( (const char *)s );
731 #else /* !defined(LDAP_SLAPI) */
733 #endif /* !defined(LDAP_SLAPI) */
737 slapi_control_present(
738 LDAPControl **controls,
743 #if defined(LDAP_SLAPI)
755 for ( i = 0; controls != NULL && controls[i] != NULL; i++ ) {
756 if ( strcmp( controls[i]->ldctl_oid, oid ) != 0 ) {
761 if ( controls[i]->ldctl_value.bv_len != 0 ) {
763 * FIXME: according to 6.1 specification,
764 * "The val output parameter is set
765 * to point into the controls array.
766 * A copy of the control value is
770 struct berval *pTmpBval;
772 pTmpBval = (struct berval *)slapi_ch_malloc( sizeof(struct berval));
773 if ( pTmpBval == NULL ) {
776 pTmpBval->bv_len = controls[i]->ldctl_value.bv_len;
777 pTmpBval->bv_val = controls[i]->ldctl_value.bv_val;
781 slapi_ch_free( (void **)&pTmpBval );
787 *val = &controls[i]->ldctl_value;
792 *iscritical = controls[i]->ldctl_iscritical;
799 #else /* !defined(LDAP_SLAPI) */
801 #endif /* !defined(LDAP_SLAPI) */
805 slapi_register_supported_control(
807 unsigned long controlops )
809 #if defined(LDAP_SLAPI)
810 /* FIXME -- can not add controls to openLDAP dynamically */
811 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_CONTROLS",
812 "can not add controls to openLDAP dynamically\n" );
813 #endif /* defined(LDAP_SLAPI) */
817 slapi_get_supported_controls(
819 unsigned long **ctrlopsp )
821 #if defined(LDAP_SLAPI)
825 unsigned long *masks = NULL;
827 for (n = 0; get_supported_ctrl( n ) != NULL; n++) {
839 oids = (char **)slapi_ch_malloc( (n + 1) * sizeof(char *) );
840 if ( oids == NULL ) {
845 masks = (unsigned long *)slapi_ch_malloc( n * sizeof(int) );
846 if ( masks == NULL ) {
851 for ( i = 0; i < n; i++ ) {
853 * FIXME: Netscape's specification says nothing about
854 * memory; should we copy the OIDs or return pointers
855 * to internal values? In OpenLDAP the latter is safe
856 * since we do not allow to register coltrols runtime
858 oids[ i ] = ch_strdup( get_supported_ctrl( i ) );
859 if ( oids[ i ] == NULL ) {
863 masks[ i ] = (unsigned long)get_supported_ctrl_mask( i );
871 if ( rc != LDAP_SUCCESS ) {
872 for ( i = 0; oids != NULL && oids[ i ] != NULL; i++ ) {
873 ch_free( oids[ i ] );
880 #else /* !defined(LDAP_SLAPI) */
882 #endif /* !defined(LDAP_SLAPI) */
886 slapi_register_supported_saslmechanism( char *mechanism )
888 #if defined(LDAP_SLAPI)
889 /* FIXME -- can not add saslmechanism to openLDAP dynamically */
890 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
891 "can not add saslmechanism to openLDAP dynamically\n" );
892 #endif /* defined(LDAP_SLAPI) */
896 slapi_get_supported_saslmechanisms( void )
898 #if defined(LDAP_SLAPI)
899 /* FIXME -- can not get the saslmechanism wihtout a connection. */
900 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
901 "can not get the saslmechanism "
902 "wihtout a connection\n" );
904 #else /* defined(LDAP_SLAPI) */
906 #endif /* defined(LDAP_SLAPI) */
910 slapi_get_supported_extended_ops( void )
912 #if defined(LDAP_SLAPI)
914 char **ppExtOpOID = NULL;
917 for ( i = 0; get_supported_extop( i ) != NULL; i++ ) {
921 for ( j = 0; ns_get_supported_extop( j ) != NULL; j++ ) {
926 if ( numExtOps == 0 ) {
930 ppExtOpOID = (char **)slapi_ch_malloc( (numExtOps + 1) * sizeof(char *) );
931 for ( k = 0; k < i; k++ ) {
934 bv = get_supported_extop( k );
935 assert( bv != NULL );
937 ppExtOpOID[ k ] = bv->bv_val;
940 for ( ; k < j; k++ ) {
943 bv = ns_get_supported_extop( k );
944 assert( bv != NULL );
946 ppExtOpOID[ i + k ] = bv->bv_val;
948 ppExtOpOID[ i + k ] = NULL;
951 #else /* !defined(LDAP_SLAPI) */
953 #endif /* !defined(LDAP_SLAPI) */
957 slapi_send_ldap_result(
963 struct berval **urls )
965 #if defined(LDAP_SLAPI)
970 struct berval *extValue = NULL;
973 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
974 slapi_pblock_get( pb, SLAPI_OPERATION, &op );
975 if ( err == LDAP_SASL_BIND_IN_PROGRESS ) {
976 slapi_pblock_get( pb, SLAPI_BIND_RET_SASLCREDS, &s );
977 rc = LDAP_SASL_BIND_IN_PROGRESS;
978 send_ldap_sasl( conn, op, rc, NULL, NULL, NULL, NULL, s );
982 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, &extOID );
983 if ( extOID != NULL ) {
984 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, &extValue );
985 slapi_send_ldap_extended_response( conn, op, err, extOID,
990 send_ldap_result( conn, op, err, matched, text, NULL, NULL );
991 #endif /* defined(LDAP_SLAPI) */
995 slapi_send_ldap_search_entry(
998 LDAPControl **ectrls,
1002 #if defined(LDAP_SLAPI)
1009 AttributeName *an = NULL;
1012 for ( i = 0; attrs[ i ] != NULL; i++ ) {
1017 an = (AttributeName *) ch_malloc( i * sizeof(AttributeName) );
1018 for ( i = 0; attrs[i] != NULL; i++ ) {
1019 an[i].an_name.bv_val = ch_strdup( attrs[i] );
1020 an[i].an_name.bv_len = strlen( attrs[i] );
1021 an[i].an_desc = NULL;
1022 if( slap_bv2ad( &an[i].an_name, &an[i].an_desc, &text ) != LDAP_SUCCESS)
1027 if ( ( rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) ||
1028 ( rc = slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&pConn) != 0 ) ||
1029 ( rc = slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp) != 0 ) ) {
1032 rc = send_search_entry( be, pConn, pOp, e, an, attrsonly, NULL );
1037 #else /* !defined(LDAP_SLAPI) */
1039 #endif /* !defined(LDAP_SLAPI) */
1044 slapi_str2filter( char *str )
1046 #if defined(LDAP_SLAPI)
1047 return str2filter( str );
1048 #else /* !defined(LDAP_SLAPI) */
1050 #endif /* !defined(LDAP_SLAPI) */
1058 #if defined(LDAP_SLAPI)
1060 #endif /* defined(LDAP_SLAPI) */
1064 slapi_filter_get_choice( Slapi_Filter *f )
1066 #if defined(LDAP_SLAPI)
1076 #else /* !defined(LDAP_SLAPI) */
1077 return -1; /* invalid filter type */
1078 #endif /* !defined(LDAP_SLAPI) */
1082 slapi_filter_get_ava(
1085 struct berval **bval )
1087 #if defined(LDAP_SLAPI)
1089 int rc = LDAP_SUCCESS;
1091 assert( type != NULL );
1092 assert( bval != NULL );
1097 ftype = f->f_choice;
1098 if ( ftype == LDAP_FILTER_EQUALITY
1099 || ftype == LDAP_FILTER_GE
1100 || ftype == LDAP_FILTER_LE
1101 || ftype == LDAP_FILTER_APPROX ) {
1103 * According to the SLAPI Reference Manual these are
1106 *type = f->f_un.f_un_ava->aa_desc->ad_cname.bv_val;
1107 *bval = &f->f_un.f_un_ava->aa_value;
1108 } else { /* filter type not supported */
1113 #else /* !defined(LDAP_SLAPI) */
1115 #endif /* !defined(LDAP_SLAPI) */
1119 slapi_filter_list_first( Slapi_Filter *f )
1121 #if defined(LDAP_SLAPI)
1128 ftype = f->f_choice;
1129 if ( ftype == LDAP_FILTER_AND
1130 || ftype == LDAP_FILTER_OR
1131 || ftype == LDAP_FILTER_NOT ) {
1132 return (Slapi_Filter *)f->f_and;
1136 #else /* !defined(LDAP_SLAPI) */
1138 #endif /* !defined(LDAP_SLAPI) */
1142 slapi_filter_list_next(
1144 Slapi_Filter *fprev )
1146 #if defined(LDAP_SLAPI)
1153 ftype = f->f_choice;
1154 if ( ftype == LDAP_FILTER_AND
1155 || ftype == LDAP_FILTER_OR
1156 || ftype == LDAP_FILTER_NOT ) {
1157 if ( f->f_and == fprev ) {
1158 return f->f_and->f_next;
1163 #else /* !defined(LDAP_SLAPI) */
1165 #endif /* !defined(LDAP_SLAPI) */
1169 slapi_send_ldap_extended_response(
1174 struct berval *response )
1176 #if defined(LDAP_SLAPI)
1177 send_ldap_extended( conn,op, errornum, NULL, NULL, NULL,
1178 respName,response, NULL );
1179 return LDAP_SUCCESS;
1180 #else /* !defined(LDAP_SLAPI) */
1182 #endif /* !defined(LDAP_SLAPI) */
1187 struct berval **vals,
1190 #if defined(LDAP_SLAPI)
1192 * FIXME: what's the point?
1195 #else /* !defined(LDAP_SLAPI) */
1197 #endif /* !defined(LDAP_SLAPI) */
1201 slapi_get_hostname( void )
1203 #if defined(LDAP_SLAPI)
1207 * FIXME: I'd prefer a different check ...
1210 hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1212 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1213 "can't malloc memory for hostname\n" );
1216 } else if ( sysinfo( SI_HOSTNAME, hn, MAX_HOSTNAME ) < 0 ) {
1217 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1218 "can't get hostname\n" );
1219 slapi_ch_free( (void **)&hn );
1223 static int been_here = 0;
1224 static char *static_hn = NULL;
1226 ldap_pvt_thread_mutex_lock( &slapi_hn_mutex );
1228 static_hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1229 if ( static_hn == NULL) {
1230 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1231 "can't malloc memory for hostname\n" );
1233 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1238 if ( gethostname( static_hn, MAX_HOSTNAME ) != 0 ) {
1239 slapi_log_error( SLAPI_LOG_FATAL,
1241 "can't get hostname\n" );
1242 slapi_ch_free( (void **)&static_hn );
1244 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1253 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1255 hn = ch_strdup( static_hn );
1256 #endif /* !_SPARC */
1259 #else /* !defined(LDAP_SLAPI) */
1261 #endif /* !defined(LDAP_SLAPI) */
1265 * FIXME: this should go in an appropriate header ...
1267 extern int vLogError( int level, char *subsystem, char *fmt, va_list arglist );
1276 #if defined(LDAP_SLAPI)
1277 int rc = LDAP_SUCCESS;
1280 va_start( arglist, fmt );
1281 rc = vLogError( severity, subsystem, fmt, arglist );
1285 #else /* !defined(LDAP_SLAPI) */
1287 #endif /* !defined(LDAP_SLAPI) */
1292 slapi_timer_current_time( void )
1294 #if defined(LDAP_SLAPI)
1295 static int first_time = 1;
1296 #if !defined (_WIN32)
1300 ldap_pvt_thread_mutex_lock( &slapi_time_mutex );
1303 gettimeofday( &base_time, NULL );
1305 gettimeofday( &now, NULL );
1306 ret = ( now.tv_sec - base_time.tv_sec ) * 1000000 +
1307 (now.tv_usec - base_time.tv_usec);
1308 ldap_pvt_thread_mutex_unlock( &slapi_time_mutex );
1314 return (slap_get_time() - starttime) * 1000000;
1321 performance_counter_present = QueryPerformanceCounter( &base_time );
1322 QueryPerformanceFrequency( &performance_freq );
1325 if ( !performance_counter_present )
1328 QueryPerformanceCounter( &now );
1329 return (1000000*(now.QuadPart-base_time.QuadPart))/performance_freq.QuadPart;
1331 #else /* !defined(LDAP_SLAPI) */
1333 #endif /* !defined(LDAP_SLAPI) */
1340 slapi_timer_get_time( char *label )
1342 #if defined(LDAP_SLAPI)
1343 unsigned long start = slapi_timer_current_time();
1344 printf("%10ld %10ld usec %s\n", start, 0, label);
1346 #else /* !defined(LDAP_SLAPI) */
1348 #endif /* !defined(LDAP_SLAPI) */
1355 slapi_timer_elapsed_time(
1357 unsigned long start )
1359 #if defined(LDAP_SLAPI)
1360 unsigned long stop = slapi_timer_current_time();
1361 printf ("%10ld %10ld usec %s\n", stop, stop - start, label);
1362 #endif /* defined(LDAP_SLAPI) */
1366 slapi_free_search_results_internal( Slapi_PBlock *pb )
1368 #if defined(LDAP_SLAPI)
1369 Slapi_Entry **entries;
1370 int k = 0, nEnt = 0;
1372 slapi_pblock_get( pb, SLAPI_NENTRIES, &nEnt );
1373 slapi_pblock_get( pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries );
1378 if ( entries == NULL ) {
1382 for ( k = 0; k < nEnt; k++ ) {
1383 slapi_entry_free( entries[k] );
1386 slapi_ch_free( (void **)&entries );
1387 #endif /* defined(LDAP_SLAPI) */
1391 * Internal API to prime a Slapi_PBlock with a Backend.
1393 int slapi_x_backend_set_pb( Slapi_PBlock *pb, Backend *be )
1395 #if defined(LDAP_SLAPI)
1398 rc = slapi_pblock_set( pb, SLAPI_BACKEND, (void *)be );
1399 if ( rc != LDAP_SUCCESS )
1403 rc = slapi_pblock_set( pb, SLAPI_BE_TYPE, (void *)be->bd_info->bi_type );
1404 if ( rc != LDAP_SUCCESS )
1408 return LDAP_SUCCESS;
1411 #endif /* defined(LDAP_SLAPI) */
1414 #if defined(LDAP_SLAPI)
1416 * If oldStyle is TRUE, then a value suitable for setting to
1417 * the deprecated SLAPI_CONN_AUTHTYPE value is returned
1418 * (pointer to static storage).
1420 * If oldStyle is FALSE, then a value suitable for setting to
1421 * the new SLAPI_CONN_AUTHMETHOD will be returned, which is
1422 * a pointer to allocated memory and will include the SASL
1423 * mechanism (if any).
1425 static char *Authorization2AuthType( AuthorizationInformation *authz, int is_tls, int oldStyle )
1430 switch ( authz->sai_method ) {
1431 case LDAP_AUTH_SASL:
1433 authType = SLAPD_AUTH_SASL;
1435 len = sizeof(SLAPD_AUTH_SASL) + authz->sai_mech.bv_len;
1436 authType = slapi_ch_malloc( len );
1437 snprintf( authType, len, "%s%s", SLAPD_AUTH_SASL, authz->sai_mech.bv_val );
1440 case LDAP_AUTH_SIMPLE:
1441 authType = oldStyle ? SLAPD_AUTH_SIMPLE : slapi_ch_strdup( SLAPD_AUTH_SIMPLE );
1443 case LDAP_AUTH_NONE:
1444 authType = oldStyle ? SLAPD_AUTH_NONE : slapi_ch_strdup( SLAPD_AUTH_NONE );
1450 if ( is_tls && authType == NULL ) {
1451 authType = oldStyle ? SLAPD_AUTH_SSL : slapi_ch_strdup( SLAPD_AUTH_SSL );
1459 * Internal API to prime a Slapi_PBlock with a Connection.
1461 int slapi_x_connection_set_pb( Slapi_PBlock *pb, Connection *conn )
1463 #if defined(LDAP_SLAPI)
1467 rc = slapi_pblock_set( pb, SLAPI_CONNECTION, (void *)conn );
1468 if ( rc != LDAP_SUCCESS )
1471 if ( strncmp( conn->c_peer_name.bv_val, "IP=", 3 ) == 0 ) {
1472 rc = slapi_pblock_set( pb, SLAPI_CONN_CLIENTIP, (void *)&conn->c_peer_name.bv_val[3] );
1473 if ( rc != LDAP_SUCCESS )
1475 } else if ( strncmp( conn->c_peer_name.bv_val, "PATH=", 5 ) == 0 ) {
1476 rc = slapi_pblock_set( pb, SLAPI_X_CONN_CLIENTPATH, (void *)&conn->c_peer_name.bv_val[5] );
1477 if ( rc != LDAP_SUCCESS )
1481 if ( strncmp( conn->c_sock_name.bv_val, "IP=", 3 ) == 0 ) {
1482 rc = slapi_pblock_set( pb, SLAPI_CONN_SERVERIP, (void *)&conn->c_sock_name.bv_val[3] );
1483 if ( rc != LDAP_SUCCESS )
1485 } else if ( strncmp( conn->c_sock_name.bv_val, "PATH=", 5 ) == 0 ) {
1486 rc = slapi_pblock_set( pb, SLAPI_X_CONN_SERVERPATH, (void *)&conn->c_sock_name.bv_val[5] );
1487 if ( rc != LDAP_SUCCESS )
1491 #ifdef LDAP_CONNECTIONLESS
1492 rc = slapi_pblock_set( pb, SLAPI_X_CONN_IS_UDP, (void *)conn->c_is_udp );
1493 if ( rc != LDAP_SUCCESS )
1497 rc = slapi_pblock_set( pb, SLAPI_CONN_ID, (void *)conn->c_connid );
1498 if ( rc != LDAP_SUCCESS )
1501 /* Returns pointer to static string */
1502 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 1 );
1503 if ( connAuthType != NULL ) {
1504 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHTYPE, (void *)connAuthType);
1505 if ( rc != LDAP_SUCCESS )
1509 /* Returns pointer to allocated string */
1510 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 0 );
1511 if ( connAuthType != NULL ) {
1512 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHMETHOD, (void *)connAuthType);
1513 if ( rc != LDAP_SUCCESS )
1517 if ( conn->c_authz.sai_dn.bv_val != NULL ) {
1518 char *connDn = slapi_ch_strdup(conn->c_authz.sai_dn.bv_val);
1519 rc = slapi_pblock_set(pb, SLAPI_CONN_DN, (void *)connDn);
1520 if ( rc != LDAP_SUCCESS )
1527 #endif /* defined(LDAP_SLAPI) */
1531 * Internal API to prime a Slapi_PBlock with an Operation.
1533 int slapi_x_operation_set_pb( Slapi_PBlock *pb, Operation *op )
1535 #if defined(LDAP_SLAPI)
1542 if ( slapi_pblock_get(pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
1546 isRoot = be_isroot( be, &op->o_ndn );
1547 isUpdateDn = be_isupdate( be, &op->o_ndn );
1550 rc = slapi_pblock_set( pb, SLAPI_OPERATION, (void *)op );
1551 if ( rc != LDAP_SUCCESS )
1554 rc = slapi_pblock_set( pb, SLAPI_OPINITIATED_TIME, (void *)op->o_time );
1555 if ( rc != LDAP_SUCCESS )
1558 rc = slapi_pblock_set( pb, SLAPI_OPERATION_ID, (void *)op->o_opid );
1559 if ( rc != LDAP_SUCCESS )
1562 rc = slapi_pblock_set( pb, SLAPI_OPERATION_TYPE, (void *)op->o_tag );
1563 if ( rc != LDAP_SUCCESS )
1566 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, (void *)isRoot );
1567 if ( rc != LDAP_SUCCESS )
1570 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISUPDATEDN, (void *)isUpdateDn );
1571 if ( rc != LDAP_SUCCESS )
1574 rc = slapi_pblock_set( pb, SLAPI_REQCONTROLS, (void *)op->o_ctrls );
1575 if ( rc != LDAP_SUCCESS)
1578 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_DN, (void *)op->o_ndn.bv_val );
1579 if ( rc != LDAP_SUCCESS )
1582 rc = slapi_pblock_get( pb, SLAPI_CONN_AUTHMETHOD, (void *)&opAuthType );
1583 if ( rc == LDAP_SUCCESS && opAuthType != NULL ) {
1584 /* Not quite sure what the point of this is. */
1585 rc = slapi_pblock_set( pb, SLAPI_OPERATION_AUTHTYPE, (void *)opAuthType );
1586 if ( rc != LDAP_SUCCESS )
1590 return LDAP_SUCCESS;
1596 int slapi_is_connection_ssl( Slapi_PBlock *pb, int *isSSL )
1598 #if defined( LDAP_SLAPI )
1601 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
1602 *isSSL = conn->c_is_tls;
1604 return LDAP_SUCCESS;
1607 #endif /* defined(LDAP_SLAPI) */
1611 * DS 5.x compatability API follow
1614 int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags )
1616 #if defined( LDAP_SLAPI )
1620 return LDAP_PARAM_ERROR;
1622 at = attr->a_desc->ad_type;
1624 *flags = SLAPI_ATTR_FLAG_STD_ATTR;
1626 if ( is_at_single_value( at ) )
1627 *flags |= SLAPI_ATTR_FLAG_SINGLE;
1628 if ( is_at_operational( at ) )
1629 *flags |= SLAPI_ATTR_FLAG_OPATTR;
1630 if ( is_at_obsolete( at ) )
1631 *flags |= SLAPI_ATTR_FLAG_OBSOLETE;
1632 if ( is_at_collective( at ) )
1633 *flags |= SLAPI_ATTR_FLAG_COLLECTIVE;
1634 if ( is_at_no_user_mod( at ) )
1635 *flags |= SLAPI_ATTR_FLAG_NOUSERMOD;
1637 return LDAP_SUCCESS;
1640 #endif /* defined(LDAP_SLAPI) */
1643 int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag )
1645 #if defined( LDAP_SLAPI )
1646 unsigned long flags;
1648 if ( slapi_attr_get_flags( attr, &flags ) != 0 )
1650 return (flags & flag) ? 1 : 0;
1653 #endif /* defined(LDAP_SLAPI) */
1656 Slapi_Attr *slapi_attr_new( void )
1661 ad = (Attribute *)slapi_ch_calloc( 1, sizeof(*ad) );
1669 Slapi_Attr *slapi_attr_init( Slapi_Attr *a, const char *type )
1673 AttributeDescription *ad = NULL;
1675 if( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
1690 void slapi_attr_free( Slapi_Attr **a )
1698 Slapi_Attr *slapi_attr_dup( const Slapi_Attr *attr )
1701 return attr_dup( (Slapi_Attr *)attr );
1707 int slapi_attr_add_value( Slapi_Attr *a, const Slapi_Value *v )
1710 return value_add_one( &a->a_vals, (Slapi_Value *)v );
1716 int slapi_attr_type2plugin( const char *type, void **pi )
1723 int slapi_attr_get_type( const Slapi_Attr *attr, char **type )
1726 if ( attr == NULL ) {
1727 return LDAP_PARAM_ERROR;
1730 *type = attr->a_desc->ad_cname.bv_val;
1732 return LDAP_SUCCESS;
1738 int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp )
1741 if ( attr == NULL ) {
1742 return LDAP_PARAM_ERROR;
1744 *oidp = attr->a_desc->ad_type->sat_oid;
1746 return LDAP_SUCCESS;
1752 int slapi_attr_value_cmp( const Slapi_Attr *a, const struct berval *v1, const struct berval *v2 )
1760 mr = a->a_desc->ad_type->sat_equality;
1761 rc = value_match( &ret, a->a_desc, mr, SLAP_MR_ASSERTION_SYNTAX_MATCH,
1762 (struct berval *)v1, (void *)v2, &text );
1763 if ( rc != LDAP_SUCCESS )
1766 return ( ret == 0 ) ? 0 : -1;
1772 int slapi_attr_value_find( const Slapi_Attr *a, struct berval *v )
1782 mr = a->a_desc->ad_type->sat_equality;
1783 for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
1784 rc = value_match( &ret, a->a_desc, mr,
1785 SLAP_MR_ASSERTION_SYNTAX_MATCH, bv, v, &text );
1786 if ( rc != LDAP_SUCCESS ) {
1797 int slapi_attr_type_cmp( const char *t1, const char *t2, int opt )
1800 AttributeDescription *a1 = NULL;
1801 AttributeDescription *a2 = NULL;
1805 if ( slap_str2ad( t1, &a1, &text ) != LDAP_SUCCESS ) {
1809 if ( slap_str2ad( t2, &a2, &text ) != LDAP_SUCCESS ) {
1813 #define ad_base_cmp(l,r) (((l)->ad_type->sat_cname.bv_len < (r)->ad_type->sat_cname.bv_len) \
1814 ? -1 : (((l)->ad_type->sat_cname.bv_len > (r)->ad_type->sat_cname.bv_len) \
1815 ? 1 : strcasecmp((l)->ad_type->sat_cname.bv_val, (r)->ad_type->sat_cname.bv_val )))
1818 case SLAPI_TYPE_CMP_EXACT:
1819 ret = ad_cmp( a1, a2 );
1821 case SLAPI_TYPE_CMP_BASE:
1822 ret = ad_base_cmp( a1, a2 );
1824 case SLAPI_TYPE_CMP_SUBTYPE:
1825 ret = is_ad_subtype( a2, a2 );
1838 int slapi_attr_types_equivalent( const char *t1, const char *t2 )
1841 return slapi_attr_type_cmp( t1, t2, SLAPI_TYPE_CMP_EXACT );
1847 int slapi_attr_first_value( Slapi_Attr *a, Slapi_Value **v )
1850 return slapi_valueset_first_value( &a->a_vals, v );
1856 int slapi_attr_next_value( Slapi_Attr *a, int hint, Slapi_Value **v )
1859 return slapi_valueset_next_value( &a->a_vals, hint, v );
1865 int slapi_attr_get_numvalues( const Slapi_Attr *a, int *numValues )
1868 *numValues = slapi_valueset_count( &a->a_vals );
1876 int slapi_attr_get_valueset( const Slapi_Attr *a, Slapi_ValueSet **vs )
1879 *vs = &((Slapi_Attr *)a)->a_vals;
1887 int slapi_attr_get_bervals_copy( Slapi_Attr *a, struct berval ***vals )
1890 return slapi_attr_get_values( a, vals );
1896 char *slapi_attr_syntax_normalize( const char *s )
1899 AttributeDescription *ad = NULL;
1902 if ( slap_str2ad( s, &ad, &text ) != LDAP_SUCCESS ) {
1906 return ad->ad_cname.bv_val;
1912 Slapi_Value *slapi_value_new( void )
1917 bv = (struct berval *)slapi_ch_malloc( sizeof(*bv) );
1925 Slapi_Value *slapi_value_new_berval(const struct berval *bval)
1928 return ber_dupbv( NULL, (struct berval *)bval );
1934 Slapi_Value *slapi_value_new_value(const Slapi_Value *v)
1937 return slapi_value_new_berval( v );
1943 Slapi_Value *slapi_value_new_string(const char *s)
1948 bv.bv_val = (char *)s;
1949 bv.bv_len = strlen( s );
1951 return slapi_value_new_berval( &bv );
1957 Slapi_Value *slapi_value_init(Slapi_Value *val)
1969 Slapi_Value *slapi_value_init_berval(Slapi_Value *v, struct berval *bval)
1972 return ber_dupbv( v, bval );
1978 Slapi_Value *slapi_value_init_string(Slapi_Value *v, const char *s)
1981 v->bv_val = slapi_ch_strdup( (char *)s );
1982 v->bv_len = strlen( s );
1990 Slapi_Value *slapi_value_dup(const Slapi_Value *v)
1993 return slapi_value_new_value( v );
1999 void slapi_value_free(Slapi_Value **value)
2002 if ( value == NULL ) {
2006 if ( (*value) != NULL ) {
2007 slapi_ch_free( (void **)&(*value)->bv_val );
2008 slapi_ch_free( (void **)value );
2013 const struct berval *slapi_value_get_berval( const Slapi_Value *value )
2022 Slapi_Value *slapi_value_set_berval( Slapi_Value *value, const struct berval *bval )
2025 if ( value == NULL ) {
2028 if ( value->bv_val != NULL ) {
2029 slapi_ch_free( (void **)&value->bv_val );
2031 slapi_value_init_berval( value, (struct berval *)bval );
2039 Slapi_Value *slapi_value_set_value( Slapi_Value *value, const Slapi_Value *vfrom)
2042 if ( value == NULL ) {
2045 return slapi_value_set_berval( value, vfrom );
2051 Slapi_Value *slapi_value_set( Slapi_Value *value, void *val, unsigned long len)
2054 if ( value == NULL ) {
2057 if ( value->bv_val != NULL ) {
2058 slapi_ch_free( (void **)&value->bv_val );
2060 value->bv_val = slapi_ch_malloc( len );
2061 value->bv_len = len;
2062 AC_MEMCPY( value->bv_val, val, len );
2070 int slapi_value_set_string(Slapi_Value *value, const char *strVal)
2073 if ( value == NULL ) {
2076 slapi_value_set( value, (void *)strVal, strlen( strVal ) );
2083 int slapi_value_set_int(Slapi_Value *value, int intVal)
2088 snprintf( buf, sizeof( buf ), "%d", intVal );
2090 return slapi_value_set_string( value, buf );
2096 const char *slapi_value_get_string(const Slapi_Value *value)
2099 if ( value == NULL ) {
2102 return value->bv_val;
2109 static int checkBVString(const struct berval *bv)
2113 for ( i = 0; i < bv->bv_len; i++ ) {
2114 if ( bv->bv_val[i] == '\0' )
2117 if ( bv->bv_val[i] != '\0' )
2124 int slapi_value_get_int(const Slapi_Value *value)
2127 if ( value == NULL ) return 0;
2128 if ( value->bv_val == NULL ) return 0;
2129 if ( !checkBVString( value ) ) return 0;
2131 return (int)strtol( value->bv_val, NULL, 10 );
2137 unsigned int slapi_value_get_uint(const Slapi_Value *value)
2140 if ( value == NULL ) return 0;
2141 if ( value->bv_val == NULL ) return 0;
2142 if ( !checkBVString( value ) ) return 0;
2144 return (unsigned int)strtoul( value->bv_val, NULL, 10 );
2150 long slapi_value_get_long(const Slapi_Value *value)
2153 if ( value == NULL ) return 0;
2154 if ( value->bv_val == NULL ) return 0;
2155 if ( !checkBVString( value ) ) return 0;
2157 return strtol( value->bv_val, NULL, 10 );
2163 unsigned long slapi_value_get_ulong(const Slapi_Value *value)
2166 if ( value == NULL ) return 0;
2167 if ( value->bv_val == NULL ) return 0;
2168 if ( !checkBVString( value ) ) return 0;
2170 return strtoul( value->bv_val, NULL, 10 );
2176 size_t slapi_value_get_length(const Slapi_Value *value)
2179 if ( value == NULL )
2182 return (size_t) value->bv_len;
2188 int slapi_value_compare(const Slapi_Attr *a, const Slapi_Value *v1, const Slapi_Value *v2)
2191 return slapi_attr_value_cmp( a, v1, v2 );
2197 /* A ValueSet is a container for a BerVarray. */
2198 Slapi_ValueSet *slapi_valueset_new( void )
2203 vs = (Slapi_ValueSet *)slapi_ch_malloc( sizeof( *vs ) );
2212 void slapi_valueset_free(Slapi_ValueSet *vs)
2218 ber_bvarray_free( vp );
2219 slapi_ch_free( (void **)&vp );
2226 void slapi_valueset_init(Slapi_ValueSet *vs)
2229 if ( vs != NULL && *vs == NULL ) {
2230 *vs = (Slapi_ValueSet)slapi_ch_calloc( 1, sizeof(struct berval) );
2231 (*vs)->bv_val = NULL;
2237 void slapi_valueset_done(Slapi_ValueSet *vs)
2245 for ( vp = *vs; vp->bv_val != NULL; vp++ ) {
2247 slapi_ch_free( (void **)&vp->bv_val );
2249 /* but don't free *vs or vs */
2253 void slapi_valueset_add_value(Slapi_ValueSet *vs, const Slapi_Value *addval)
2258 ber_dupbv( &bv, (Slapi_Value *)addval );
2259 ber_bvarray_add( vs, &bv );
2263 int slapi_valueset_first_value( Slapi_ValueSet *vs, Slapi_Value **v )
2266 return slapi_valueset_next_value( vs, 0, v );
2272 int slapi_valueset_next_value( Slapi_ValueSet *vs, int index, Slapi_Value **v)
2283 for ( i = 0; vp[i].bv_val != NULL; i++ ) {
2294 int slapi_valueset_count( const Slapi_ValueSet *vs )
2305 for ( i = 0; vp[i].bv_val != NULL; i++ )
2315 void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2)
2320 for ( vp = *vs2; vp->bv_val != NULL; vp++ ) {
2321 slapi_valueset_add_value( vs1, vp );
2326 int slapi_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr,
2327 struct berval *val, int access )
2334 slap_access_t slap_access;
2335 AttributeDescription *ad = NULL;
2338 ret = slap_str2ad( attr, &ad, &text );
2339 if ( ret != LDAP_SUCCESS ) {
2343 switch ( access & SLAPI_ACL_ALL ) {
2344 case SLAPI_ACL_COMPARE:
2345 slap_access = ACL_COMPARE;
2347 case SLAPI_ACL_SEARCH:
2348 slap_access = ACL_SEARCH;
2350 case SLAPI_ACL_READ:
2351 slap_access = ACL_READ;
2353 case SLAPI_ACL_WRITE:
2354 case SLAPI_ACL_DELETE:
2356 case SLAPI_ACL_SELF:
2357 slap_access = ACL_WRITE;
2360 return LDAP_INSUFFICIENT_ACCESS;
2364 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2365 return LDAP_PARAM_ERROR;
2368 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2369 return LDAP_PARAM_ERROR;
2372 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2373 return LDAP_PARAM_ERROR;
2376 ret = access_allowed( be, conn, op, e, desc, val, slap_access, NULL );
2378 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2380 return LDAP_UNWILLING_TO_PERFORM;
2384 int slapi_acl_check_mods(Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf)
2392 Modifications *next;
2394 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2395 return LDAP_PARAM_ERROR;
2398 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2399 return LDAP_PARAM_ERROR;
2402 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2403 return LDAP_PARAM_ERROR;
2406 ml = slapi_x_ldapmods2modifications( mods );
2411 ret = acl_check_modlist( be, conn, op, e, ml );
2413 /* Careful when freeing the modlist because it has pointers into the mods array. */
2414 for ( ; ml != NULL; ml = next ) {
2415 next = ml->sml_next;
2417 /* just free the containing array */
2418 slapi_ch_free( (void **)&ml->sml_bvalues );
2419 slapi_ch_free( (void **)&ml );
2422 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2424 return LDAP_UNWILLING_TO_PERFORM;
2429 * Synthesise an LDAPMod array from a Modifications list to pass
2430 * to SLAPI. This synthesis is destructive and as such the
2431 * Modifications list may not be used after calling this
2434 * This function must also be called before slap_mods_check().
2436 LDAPMod **slapi_x_modifications2ldapmods(Modifications **pmodlist)
2439 Modifications *ml, *modlist;
2440 LDAPMod **mods, *modp;
2443 modlist = *pmodlist;
2445 for( i = 0, ml = modlist; ml != NULL; i++, ml = ml->sml_next )
2448 mods = (LDAPMod **)ch_malloc( (i + 1) * sizeof(LDAPMod *) );
2450 for( i = 0, ml = modlist; ml != NULL; ml = ml->sml_next ) {
2452 modp->mod_op = ml->sml_op | LDAP_MOD_BVALUES;
2454 /* Take ownership of original type. */
2455 modp->mod_type = ml->sml_type.bv_val;
2456 ml->sml_type.bv_val = NULL;
2458 if ( ml->sml_bvalues != NULL ) {
2459 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ )
2461 modp->mod_bvalues = (struct berval **)ch_malloc( (j + 1) *
2462 sizeof(struct berval *) );
2463 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ ) {
2464 /* Take ownership of original values. */
2465 modp->mod_bvalues[j] = (struct berval *)ch_malloc( sizeof(struct berval) );
2466 modp->mod_bvalues[j]->bv_len = ml->sml_bvalues[j].bv_len;
2467 modp->mod_bvalues[j]->bv_val = ml->sml_bvalues[j].bv_val;
2468 ml->sml_bvalues[j].bv_len = 0;
2469 ml->sml_bvalues[j].bv_val = NULL;
2471 modp->mod_bvalues[j] = NULL;
2473 modp->mod_bvalues = NULL;
2480 slap_mods_free( modlist );
2490 * Convert a potentially modified array of LDAPMods back to a
2491 * Modification list.
2493 * The returned Modification list contains pointers into the
2494 * LDAPMods array; the latter MUST be freed with
2495 * slapi_x_free_ldapmods() (see below).
2497 Modifications *slapi_x_ldapmods2modifications (LDAPMod **mods)
2500 Modifications *modlist, **modtail;
2505 for( modp = mods; *modp != NULL; modp++ ) {
2509 struct berval **bvp;
2511 mod = (Modifications *) ch_malloc( sizeof(Modifications) );
2512 mod->sml_op = (*modp)->mod_op & (~LDAP_MOD_BVALUES);
2513 mod->sml_type.bv_val = (*modp)->mod_type;
2514 mod->sml_type.bv_len = strlen( mod->sml_type.bv_val );
2515 mod->sml_desc = NULL;
2516 mod->sml_next = NULL;
2518 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2519 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ )
2522 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ )
2526 mod->sml_bvalues = (BerVarray) ch_malloc( (i + 1) * sizeof(struct berval) );
2528 /* NB: This implicitly trusts a plugin to return valid modifications. */
2529 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2530 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ ) {
2531 mod->sml_bvalues[i].bv_val = (*bvp)->bv_val;
2532 mod->sml_bvalues[i].bv_len = (*bvp)->bv_len;
2535 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ ) {
2536 mod->sml_bvalues[i].bv_val = *p;
2537 mod->sml_bvalues[i].bv_len = strlen( *p );
2540 mod->sml_bvalues[i].bv_val = NULL;
2543 modtail = &mod->sml_next;
2553 * This function only frees the parts of the mods array that
2554 * are not shared with the Modification list that was created
2555 * by slapi_x_ldapmods2modifications().
2558 void slapi_x_free_ldapmods (LDAPMod **mods)
2566 for ( i = 0; mods[i] != NULL; i++ ) {
2568 * Don't free values themselves; they're owned by the
2569 * Modification list. Do free the containing array.
2571 if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
2572 for ( j = 0; mods[i]->mod_bvalues[j] != NULL; j++ ) {
2573 ch_free( mods[i]->mod_bvalues[j] );
2575 ch_free( mods[i]->mod_bvalues );
2577 ch_free( mods[i]->mod_values );
2579 /* Don't free type, for same reasons. */
2583 #endif /* LDAP_SLAPI */
2587 * Sun ONE DS 5.x computed attribute support. Computed attributes
2588 * allow for dynamically generated operational attributes, a very
2589 * useful thing indeed.
2593 * Write the computed attribute to a BerElement. Complementary
2594 * functions need to be defined for anything that replaces
2595 * op->o_callback->sc_sendentry, if you wish to make computed
2596 * attributes available to it.
2598 int slapi_x_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
2602 Connection *conn = NULL;
2603 Operation *op = NULL;
2605 AttributeDescription *desc;
2621 rc = slapi_pblock_get( c->cac_pb, SLAPI_BACKEND, (void *)&be );
2623 be = NULL; /* no backend for root DSE */
2626 rc = slapi_pblock_get( c->cac_pb, SLAPI_CONNECTION, (void *)&conn );
2627 if ( rc != 0 || conn == NULL ) {
2631 rc = slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, (void *)&op );
2632 if ( rc != 0 || op == NULL ) {
2636 ber = (BerElement *)c->cac_private;
2639 if ( c->cac_attrs == NULL ) {
2640 /* All attrs request, skip operational attributes */
2641 if ( is_at_operational( desc->ad_type ) ) {
2645 /* Specific attrs requested */
2646 if ( is_at_operational( desc->ad_type ) ) {
2647 if ( !c->cac_opattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2651 if ( !c->cac_userattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2657 if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
2658 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2659 "acl: access to attribute %s not allowed\n",
2660 desc->ad_cname.bv_val );
2664 rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname );
2666 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2667 "ber_printf failed\n");
2671 if ( !c->cac_attrsonly ) {
2672 for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
2673 if ( !access_allowed( be, conn, op, e,
2674 desc, &a->a_vals[i], ACL_READ, &c->cac_acl_state)) {
2675 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2676 "slapi_x_compute_output_ber: conn %lu "
2677 "acl: access to %s, value %d not allowed\n",
2678 op->o_connid, desc->ad_cname.bv_val, i );
2682 if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
2683 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2684 "ber_printf failed\n");
2690 if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
2691 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2692 "ber_printf failed\n" );
2703 * For some reason Sun don't use the normal plugin mechanism
2704 * registration path to register an "evaluator" function (an
2705 * "evaluator" is responsible for adding computed attributes;
2706 * the nomenclature is somewhat confusing).
2708 * As such slapi_compute_add_evaluator() registers the
2709 * function directly.
2711 int slapi_compute_add_evaluator(slapi_compute_callback_t function)
2714 Slapi_PBlock *pPlugin = NULL;
2717 pPlugin = slapi_pblock_new();
2718 if ( pPlugin == NULL ) {
2719 rc = LDAP_NO_MEMORY;
2723 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2724 if ( rc != LDAP_SUCCESS ) {
2728 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (void *)function );
2729 if ( rc != LDAP_SUCCESS ) {
2733 rc = insertPlugin( NULL, pPlugin );
2740 if ( rc != LDAP_SUCCESS ) {
2741 if ( pPlugin != NULL ) {
2742 slapi_pblock_destroy( pPlugin );
2750 #endif /* LDAP_SLAPI */
2754 * See notes above regarding slapi_compute_add_evaluator().
2756 int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function)
2759 Slapi_PBlock *pPlugin = NULL;
2762 pPlugin = slapi_pblock_new();
2763 if ( pPlugin == NULL ) {
2764 rc = LDAP_NO_MEMORY;
2768 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2769 if ( rc != LDAP_SUCCESS ) {
2773 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, (void *)function );
2774 if ( rc != LDAP_SUCCESS ) {
2778 rc = insertPlugin( NULL, pPlugin );
2785 if ( rc != LDAP_SUCCESS ) {
2786 if ( pPlugin != NULL ) {
2787 slapi_pblock_destroy( pPlugin );
2795 #endif /* LDAP_SLAPI */
2799 * Call compute evaluators
2801 int compute_evaluator(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn)
2805 slapi_compute_callback_t *pGetPlugin, *tmpPlugin;
2807 rc = getAllPluginFuncs( NULL, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (SLAPI_FUNC **)&tmpPlugin );
2808 if ( rc != LDAP_SUCCESS || tmpPlugin == NULL ) {
2809 /* Nothing to do; front-end should ignore. */
2813 for ( pGetPlugin = tmpPlugin; *pGetPlugin != NULL; pGetPlugin++ ) {
2815 * -1: no attribute matched requested type
2816 * 0: one attribute matched
2817 * >0: error happened
2819 rc = (*pGetPlugin)( c, type, e, outputfn );
2825 slapi_ch_free( (void **)&tmpPlugin );
2830 #endif /* LDAP_SLAPI */
2833 int compute_rewrite_search_filter(Slapi_PBlock *pb)
2839 rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be );
2844 return doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb );
2847 #endif /* LDAP_SLAPI */
2851 * New API to provide the plugin with access to the search
2852 * pblock. Have informed Sun DS team.
2854 int slapi_x_compute_get_pblock(computed_attr_context *c, Slapi_PBlock **pb)
2860 if ( c->cac_pb == NULL )
2868 #endif /* LDAP_SLAPI */
projects / openldap / blob