2 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 * (C) Copyright IBM Corp. 1997,2002
7 * Redistribution and use in source and binary forms are permitted
8 * provided that this notice is preserved and that due credit is
9 * given to IBM Corporation. This software is provided ``as is''
10 * without express or implied warranty.
13 * Portions (C) Copyright PADL Software Pty Ltd.
14 * Redistribution and use in source and binary forms are permitted
15 * provided that this notice is preserved and that due credit is
16 * given to PADL Software Pty Ltd. This software is provided ``as is''
17 * without express or implied warranty.
21 #include "slapi_common.h"
23 #include <ac/string.h>
32 struct berval *ns_get_supported_extop( int );
35 #include <sys/systeminfo.h>
41 * server start time (should we use a struct timeval also in slapd?
43 static struct timeval base_time;
44 ldap_pvt_thread_mutex_t slapi_hn_mutex;
45 ldap_pvt_thread_mutex_t slapi_time_mutex;
48 * This function converts an array of pointers to berval objects to
49 * an array of berval objects.
54 struct berval **bvptr,
57 int rc = LDAP_SUCCESS;
61 if ( bvptr == NULL || *bvptr == NULL ) {
65 for ( i = 0; bvptr != NULL && bvptr[i] != NULL; i++ ) {
69 tmpberval = (BerVarray)slapi_ch_malloc( (i + 1)*sizeof(struct berval));
70 if ( tmpberval == NULL ) {
71 return LDAP_NO_MEMORY;
74 for ( i = 0; bvptr[i] != NULL; i++ ) {
75 tmpberval[i].bv_val = bvptr[i]->bv_val;
76 tmpberval[i].bv_len = bvptr[i]->bv_len;
79 if ( rc == LDAP_SUCCESS ) {
91 #if defined(LDAP_SLAPI)
92 Slapi_Entry *e = NULL;
95 pTmpS = slapi_ch_strdup( s );
96 if ( pTmpS != NULL ) {
97 e = str2entry( pTmpS );
98 slapi_ch_free( (void **)&pTmpS );
102 #else /* !defined(LDAP_SLAPI) */
104 #endif /* !defined(LDAP_SLAPI) */
112 #if defined(LDAP_SLAPI)
115 ldap_pvt_thread_mutex_lock( &entry2str_mutex );
116 ret = entry2str( e, len );
117 ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
120 #else /* !defined(LDAP_SLAPI) */
122 #endif /* !defined(LDAP_SLAPI) */
126 slapi_entry_get_dn( Slapi_Entry *e )
128 #if defined(LDAP_SLAPI)
129 return e->e_name.bv_val;
130 #else /* !defined(LDAP_SLAPI) */
132 #endif /* !defined(LDAP_SLAPI) */
136 slapi_x_entry_get_id( Slapi_Entry *e )
138 #if defined(LDAP_SLAPI)
142 #endif /* !defined(LDAP_SLAPI) */
150 #if defined(LDAP_SLAPI)
151 struct berval dn = { 0, NULL };
154 dn.bv_len = strlen( ldn );
156 dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
157 #endif /* defined(LDAP_SLAPI) */
161 slapi_entry_dup( Slapi_Entry *e )
163 #if defined(LDAP_SLAPI)
168 tmp = slapi_entry2str( e, &len );
170 return (Slapi_Entry *)NULL;
173 tmpEnt = (Slapi_Entry *)str2entry( tmp );
174 if ( tmpEnt == NULL ) {
175 slapi_ch_free( (void **)&tmp );
176 return (Slapi_Entry *)NULL;
180 slapi_ch_free( (void **)&tmp );
184 #else /* !defined(LDAP_SLAPI) */
186 #endif /* !defined(LDAP_SLAPI) */
190 slapi_entry_attr_delete(
194 #if defined(LDAP_SLAPI)
195 AttributeDescription *ad = NULL;
198 if ( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
199 return 1; /* LDAP_NO_SUCH_ATTRIBUTE */
202 if ( attr_delete( &e->e_attrs, ad ) == LDAP_SUCCESS ) {
203 return 0; /* attribute is deleted */
205 return -1; /* something went wrong */
207 #else /* !defined(LDAP_SLAPI) */
209 #endif /* !defined(LDAP_SLAPI) */
213 slapi_entry_alloc( void )
215 #if defined(LDAP_SLAPI)
216 return (Slapi_Entry *)slapi_ch_calloc( 1, sizeof(Slapi_Entry) );
217 #else /* !defined(LDAP_SLAPI) */
219 #endif /* !defined(LDAP_SLAPI) */
223 slapi_entry_free( Slapi_Entry *e )
225 #if defined(LDAP_SLAPI)
227 #endif /* defined(LDAP_SLAPI) */
231 slapi_entry_attr_merge(
234 struct berval **vals )
236 #if defined(LDAP_SLAPI)
237 AttributeDescription *ad = NULL;
242 rc = bvptr2obj( vals, &bv );
243 if ( rc != LDAP_SUCCESS ) {
247 rc = slap_str2ad( type, &ad, &text );
248 if ( rc != LDAP_SUCCESS ) {
252 rc = attr_merge( e, ad, bv );
256 #else /* !defined(LDAP_SLAPI) */
258 #endif /* !defined(LDAP_SLAPI) */
262 slapi_entry_attr_find(
267 #if defined(LDAP_SLAPI)
268 AttributeDescription *ad = NULL;
272 rc = slap_str2ad( type, &ad, &text );
273 if ( rc != LDAP_SUCCESS ) {
277 *attr = attr_find( e->e_attrs, ad );
278 if ( *attr == NULL ) {
283 #else /* !defined(LDAP_SLAPI) */
285 #endif /* !defined(LDAP_SLAPI) */
289 slapi_entry_attr_get_charptr( const Slapi_Entry *e, const char *type )
292 AttributeDescription *ad = NULL;
297 rc = slap_str2ad( type, &ad, &text );
298 if ( rc != LDAP_SUCCESS ) {
302 attr = attr_find( e->e_attrs, ad );
303 if ( attr == NULL ) {
307 if ( attr->a_vals != NULL && attr->a_vals[0].bv_val != NULL ) {
308 return slapi_ch_strdup( attr->a_vals[0].bv_val );
318 slapi_entry_attr_get_int( const Slapi_Entry *e, const char *type )
321 AttributeDescription *ad = NULL;
326 rc = slap_str2ad( type, &ad, &text );
327 if ( rc != LDAP_SUCCESS ) {
331 attr = attr_find( e->e_attrs, ad );
332 if ( attr == NULL ) {
336 return slapi_value_get_int( attr->a_vals );
343 slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type )
346 AttributeDescription *ad = NULL;
351 rc = slap_str2ad( type, &ad, &text );
352 if ( rc != LDAP_SUCCESS ) {
356 attr = attr_find( e->e_attrs, ad );
357 if ( attr == NULL ) {
361 return slapi_value_get_long( attr->a_vals );
368 slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type )
371 AttributeDescription *ad = NULL;
376 rc = slap_str2ad( type, &ad, &text );
377 if ( rc != LDAP_SUCCESS ) {
381 attr = attr_find( e->e_attrs, ad );
382 if ( attr == NULL ) {
386 return slapi_value_get_uint( attr->a_vals );
393 slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type )
396 AttributeDescription *ad = NULL;
401 rc = slap_str2ad( type, &ad, &text );
402 if ( rc != LDAP_SUCCESS ) {
406 attr = attr_find( e->e_attrs, ad );
407 if ( attr == NULL ) {
411 return slapi_value_get_ulong( attr->a_vals );
418 slapi_entry_attr_hasvalue( Slapi_Entry *e, const char *type, const char *value )
422 AttributeDescription *ad;
427 rc = slap_str2ad( type, &ad, &text );
428 if ( rc != LDAP_SUCCESS ) {
432 attr = attr_find( e->e_attrs, ad );
433 if ( attr == NULL ) {
437 bv.bv_val = (char *)value;
438 bv.bv_len = strlen( value );
440 return slapi_attr_value_find( attr, &bv );
447 slapi_entry_attr_merge_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
450 return slapi_entry_attr_merge( e, (char *)type, vals );
457 slapi_entry_attr_replace_sv( Slapi_Entry *e, const char *type, Slapi_Value **vals )
460 AttributeDescription *ad;
465 rc = slap_str2ad( type, &ad, &text );
466 if ( rc != LDAP_SUCCESS ) {
470 attr_delete( &e->e_attrs, ad );
472 rc = bvptr2obj( vals, &bv );
473 if ( rc != LDAP_SUCCESS ) {
477 rc = attr_merge( e, ad, bv );
478 slapi_ch_free( (void **)&bv );
479 if ( rc != LDAP_SUCCESS ) {
486 #endif /* LDAP_SLAPI */
490 * FIXME -- The caller must free the allocated memory.
491 * In Netscape they do not have to.
494 slapi_attr_get_values(
496 struct berval ***vals )
498 #if defined(LDAP_SLAPI)
502 if ( attr == NULL ) {
506 for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
510 bv = (struct berval **)ch_malloc( (i + 1) * sizeof(struct berval *) );
511 for ( j = 0; j < i; j++ ) {
512 bv[j] = (struct berval *)ch_malloc( sizeof(struct berval) );
513 bv[j]->bv_val = ch_strdup( attr->a_vals[j].bv_val );
514 bv[j]->bv_len = attr->a_vals[j].bv_len;
518 *vals = (struct berval **)bv;
521 #else /* !defined(LDAP_SLAPI) */
523 #endif /* !defined(LDAP_SLAPI) */
527 slapi_dn_normalize( char *dn )
529 #if defined(LDAP_SLAPI)
533 assert( dn != NULL );
536 bdn.bv_len = strlen( dn );
538 dnNormalize2( NULL, &bdn, &ndn );
541 * FIXME: ain't it safe to set dn = ndn.bv_val ?
543 dn = ch_strdup( ndn.bv_val );
544 ch_free( ndn.bv_val );
547 #else /* !defined(LDAP_SLAPI) */
549 #endif /* !defined(LDAP_SLAPI) */
553 * FIXME: this function is dangerous and should be deprecated;
554 * DN normalization is a lot more than lower-casing, and BTW
555 * OpenLDAP's DN normalization for case insensitive attributes
556 * is already lower case
559 slapi_dn_normalize_case( char *dn )
561 #if defined(LDAP_SLAPI)
562 slapi_dn_normalize( dn );
563 ldap_pvt_str2lower( dn );
566 #else /* defined(LDAP_SLAPI) */
568 #endif /* defined(LDAP_SLAPI) */
576 #if defined(LDAP_SLAPI)
577 struct berval bdn, ndn;
578 struct berval bsuffix, nsuffix;
580 assert( dn != NULL );
581 assert( suffix != NULL );
584 bdn.bv_len = strlen( dn );
586 bsuffix.bv_val = suffix;
587 bsuffix.bv_len = strlen( suffix );
589 dnNormalize2( NULL, &bdn, &ndn );
590 dnNormalize2( NULL, &bsuffix, &nsuffix );
592 return dnIsSuffix( &ndn, &nsuffix );
593 #else /* !defined(LDAP_SLAPI) */
595 #endif /* !defined(LDAP_SLAPI) */
599 slapi_dn_ignore_case( char *dn )
601 #if defined(LDAP_SLAPI)
602 return slapi_dn_normalize_case( dn );
603 #else /* !defined(LDAP_SLAPI) */
605 #endif /* !defined(LDAP_SLAPI) */
609 slapi_ch_malloc( unsigned long size )
611 #if defined(LDAP_SLAPI)
612 return ch_malloc( size );
613 #else /* !defined(LDAP_SLAPI) */
615 #endif /* !defined(LDAP_SLAPI) */
619 slapi_ch_free( void **ptr )
621 #if defined(LDAP_SLAPI)
624 #endif /* defined(LDAP_SLAPI) */
628 slapi_ch_free_string( char **ptr )
630 #if defined(LDAP_SLAPI)
631 slapi_ch_free( (void **)ptr );
632 #endif /* defined(LDAP_SLAPI) */
636 slapi_ch_array_free( char **arrayp )
641 if ( arrayp != NULL ) {
642 for ( p = arrayp; *p != NULL; p++ ) {
643 slapi_ch_free( (void **)p );
645 slapi_ch_free( (void **)&arrayp );
651 slapi_ch_bvdup(const struct berval *v)
656 bv = (struct berval *) slapi_ch_malloc( sizeof(struct berval) );
657 bv->bv_len = v->bv_len;
658 bv->bv_val = slapi_ch_malloc( bv->bv_len );
659 AC_MEMCPY( bv->bv_val, v->bv_val, bv->bv_len );
668 slapi_ch_bvecdup(const struct berval **v)
678 for ( i = 0; v[i] != NULL; i++ )
681 rv = (struct berval **) slapi_ch_malloc( (i + 1) * sizeof(struct berval *) );
683 for ( i = 0; v[i] != NULL; i++ ) {
684 rv[i] = slapi_ch_bvdup( v[i] );
699 #if defined(LDAP_SLAPI)
700 return ch_calloc( nelem, size );
701 #else /* !defined(LDAP_SLAPI) */
703 #endif /* !defined(LDAP_SLAPI) */
711 #if defined(LDAP_SLAPI)
712 return ch_realloc( block, size );
713 #else /* !defined(LDAP_SLAPI) */
715 #endif /* !defined(LDAP_SLAPI) */
719 slapi_ch_strdup( char *s )
721 #if defined(LDAP_SLAPI)
722 return ch_strdup( (const char *)s );
723 #else /* !defined(LDAP_SLAPI) */
725 #endif /* !defined(LDAP_SLAPI) */
729 slapi_ch_stlen( char *s )
731 #if defined(LDAP_SLAPI)
732 return strlen( (const char *)s );
733 #else /* !defined(LDAP_SLAPI) */
735 #endif /* !defined(LDAP_SLAPI) */
739 slapi_control_present(
740 LDAPControl **controls,
745 #if defined(LDAP_SLAPI)
757 for ( i = 0; controls != NULL && controls[i] != NULL; i++ ) {
758 if ( strcmp( controls[i]->ldctl_oid, oid ) != 0 ) {
763 if ( controls[i]->ldctl_value.bv_len != 0 ) {
765 * FIXME: according to 6.1 specification,
766 * "The val output parameter is set
767 * to point into the controls array.
768 * A copy of the control value is
772 struct berval *pTmpBval;
774 pTmpBval = (struct berval *)slapi_ch_malloc( sizeof(struct berval));
775 if ( pTmpBval == NULL ) {
778 pTmpBval->bv_len = controls[i]->ldctl_value.bv_len;
779 pTmpBval->bv_val = controls[i]->ldctl_value.bv_val;
783 slapi_ch_free( (void **)&pTmpBval );
789 *val = &controls[i]->ldctl_value;
794 *iscritical = controls[i]->ldctl_iscritical;
801 #else /* !defined(LDAP_SLAPI) */
803 #endif /* !defined(LDAP_SLAPI) */
807 slapi_register_supported_control(
809 unsigned long controlops )
811 #if defined(LDAP_SLAPI)
812 /* FIXME -- can not add controls to openLDAP dynamically */
813 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_CONTROLS",
814 "can not add controls to openLDAP dynamically\n" );
815 #endif /* defined(LDAP_SLAPI) */
819 slapi_get_supported_controls(
821 unsigned long **ctrlopsp )
823 #if defined(LDAP_SLAPI)
827 unsigned long *masks = NULL;
829 for (n = 0; get_supported_ctrl( n ) != NULL; n++) {
841 oids = (char **)slapi_ch_malloc( (n + 1) * sizeof(char *) );
842 if ( oids == NULL ) {
847 masks = (unsigned long *)slapi_ch_malloc( n * sizeof(int) );
848 if ( masks == NULL ) {
853 for ( i = 0; i < n; i++ ) {
855 * FIXME: Netscape's specification says nothing about
856 * memory; should we copy the OIDs or return pointers
857 * to internal values? In OpenLDAP the latter is safe
858 * since we do not allow to register coltrols runtime
860 oids[ i ] = ch_strdup( get_supported_ctrl( i ) );
861 if ( oids[ i ] == NULL ) {
865 masks[ i ] = (unsigned long)get_supported_ctrl_mask( i );
873 if ( rc != LDAP_SUCCESS ) {
874 for ( i = 0; oids != NULL && oids[ i ] != NULL; i++ ) {
875 ch_free( oids[ i ] );
882 #else /* !defined(LDAP_SLAPI) */
884 #endif /* !defined(LDAP_SLAPI) */
888 slapi_register_supported_saslmechanism( char *mechanism )
890 #if defined(LDAP_SLAPI)
891 /* FIXME -- can not add saslmechanism to openLDAP dynamically */
892 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
893 "can not add saslmechanism to openLDAP dynamically\n" );
894 #endif /* defined(LDAP_SLAPI) */
898 slapi_get_supported_saslmechanisms( void )
900 #if defined(LDAP_SLAPI)
901 /* FIXME -- can not get the saslmechanism wihtout a connection. */
902 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
903 "can not get the saslmechanism "
904 "wihtout a connection\n" );
906 #else /* defined(LDAP_SLAPI) */
908 #endif /* defined(LDAP_SLAPI) */
912 slapi_get_supported_extended_ops( void )
914 #if defined(LDAP_SLAPI)
916 char **ppExtOpOID = NULL;
919 for ( i = 0; get_supported_extop( i ) != NULL; i++ ) {
923 for ( j = 0; ns_get_supported_extop( j ) != NULL; j++ ) {
928 if ( numExtOps == 0 ) {
932 ppExtOpOID = (char **)slapi_ch_malloc( (numExtOps + 1) * sizeof(char *) );
933 for ( k = 0; k < i; k++ ) {
936 bv = get_supported_extop( k );
937 assert( bv != NULL );
939 ppExtOpOID[ k ] = bv->bv_val;
942 for ( ; k < j; k++ ) {
945 bv = ns_get_supported_extop( k );
946 assert( bv != NULL );
948 ppExtOpOID[ i + k ] = bv->bv_val;
950 ppExtOpOID[ i + k ] = NULL;
953 #else /* !defined(LDAP_SLAPI) */
955 #endif /* !defined(LDAP_SLAPI) */
959 slapi_send_ldap_result(
965 struct berval **urls )
967 #if defined(LDAP_SLAPI)
972 struct berval *extValue = NULL;
975 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
976 slapi_pblock_get( pb, SLAPI_OPERATION, &op );
977 if ( err == LDAP_SASL_BIND_IN_PROGRESS ) {
978 slapi_pblock_get( pb, SLAPI_BIND_RET_SASLCREDS, &s );
979 rc = LDAP_SASL_BIND_IN_PROGRESS;
980 send_ldap_sasl( conn, op, rc, NULL, NULL, NULL, NULL, s );
984 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, &extOID );
985 if ( extOID != NULL ) {
986 slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, &extValue );
987 slapi_send_ldap_extended_response( conn, op, err, extOID,
992 send_ldap_result( conn, op, err, matched, text, NULL, NULL );
993 #endif /* defined(LDAP_SLAPI) */
997 slapi_send_ldap_search_entry(
1000 LDAPControl **ectrls,
1004 #if defined(LDAP_SLAPI)
1011 AttributeName *an = NULL;
1014 for ( i = 0; attrs[ i ] != NULL; i++ ) {
1019 an = (AttributeName *) ch_malloc( i * sizeof(AttributeName) );
1020 for ( i = 0; attrs[i] != NULL; i++ ) {
1021 an[i].an_name.bv_val = ch_strdup( attrs[i] );
1022 an[i].an_name.bv_len = strlen( attrs[i] );
1023 an[i].an_desc = NULL;
1024 if( slap_bv2ad( &an[i].an_name, &an[i].an_desc, &text ) != LDAP_SUCCESS)
1029 if ( ( rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) ||
1030 ( rc = slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&pConn) != 0 ) ||
1031 ( rc = slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp) != 0 ) ) {
1034 rc = send_search_entry( be, pConn, pOp, e, an, attrsonly, NULL );
1039 #else /* !defined(LDAP_SLAPI) */
1041 #endif /* !defined(LDAP_SLAPI) */
1046 slapi_str2filter( char *str )
1048 #if defined(LDAP_SLAPI)
1049 return str2filter( str );
1050 #else /* !defined(LDAP_SLAPI) */
1052 #endif /* !defined(LDAP_SLAPI) */
1060 #if defined(LDAP_SLAPI)
1062 #endif /* defined(LDAP_SLAPI) */
1066 slapi_filter_get_choice( Slapi_Filter *f )
1068 #if defined(LDAP_SLAPI)
1078 #else /* !defined(LDAP_SLAPI) */
1079 return -1; /* invalid filter type */
1080 #endif /* !defined(LDAP_SLAPI) */
1084 slapi_filter_get_ava(
1087 struct berval **bval )
1089 #if defined(LDAP_SLAPI)
1091 int rc = LDAP_SUCCESS;
1093 assert( type != NULL );
1094 assert( bval != NULL );
1099 ftype = f->f_choice;
1100 if ( ftype == LDAP_FILTER_EQUALITY
1101 || ftype == LDAP_FILTER_GE
1102 || ftype == LDAP_FILTER_LE
1103 || ftype == LDAP_FILTER_APPROX ) {
1104 *type = slapi_ch_strdup( f->f_un.f_un_ava->aa_desc->ad_cname.bv_val );
1105 if ( *type == NULL ) {
1106 rc = LDAP_NO_MEMORY;
1110 *bval = (struct berval *)slapi_ch_malloc( sizeof(struct berval) );
1111 if ( *bval == NULL ) {
1112 rc = LDAP_NO_MEMORY;
1116 (*bval)->bv_len = f->f_un.f_un_ava->aa_value.bv_len;
1117 (*bval)->bv_val = slapi_ch_strdup( f->f_un.f_un_ava->aa_value.bv_val );
1118 if ( (*bval)->bv_val == NULL ) {
1119 rc = LDAP_NO_MEMORY;
1122 } else { /* filter type not supported */
1127 if ( rc != LDAP_SUCCESS ) {
1140 #else /* !defined(LDAP_SLAPI) */
1142 #endif /* !defined(LDAP_SLAPI) */
1146 slapi_filter_list_first( Slapi_Filter *f )
1148 #if defined(LDAP_SLAPI)
1155 ftype = f->f_choice;
1156 if ( ftype == LDAP_FILTER_AND
1157 || ftype == LDAP_FILTER_OR
1158 || ftype == LDAP_FILTER_NOT ) {
1159 return (Slapi_Filter *)f->f_and;
1163 #else /* !defined(LDAP_SLAPI) */
1165 #endif /* !defined(LDAP_SLAPI) */
1169 slapi_filter_list_next(
1171 Slapi_Filter *fprev )
1173 #if defined(LDAP_SLAPI)
1180 ftype = f->f_choice;
1181 if ( ftype == LDAP_FILTER_AND
1182 || ftype == LDAP_FILTER_OR
1183 || ftype == LDAP_FILTER_NOT ) {
1184 if ( f->f_and == fprev ) {
1185 return f->f_and->f_next;
1190 #else /* !defined(LDAP_SLAPI) */
1192 #endif /* !defined(LDAP_SLAPI) */
1196 slapi_send_ldap_extended_response(
1201 struct berval *response )
1203 #if defined(LDAP_SLAPI)
1204 send_ldap_extended( conn,op, errornum, NULL, NULL, NULL,
1205 respName,response, NULL );
1206 return LDAP_SUCCESS;
1207 #else /* !defined(LDAP_SLAPI) */
1209 #endif /* !defined(LDAP_SLAPI) */
1214 struct berval **vals,
1217 #if defined(LDAP_SLAPI)
1219 * FIXME: what's the point?
1222 #else /* !defined(LDAP_SLAPI) */
1224 #endif /* !defined(LDAP_SLAPI) */
1228 slapi_get_hostname( void )
1230 #if defined(LDAP_SLAPI)
1234 * FIXME: I'd prefer a different check ...
1237 hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1239 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1240 "can't malloc memory for hostname\n" );
1243 } else if ( sysinfo( SI_HOSTNAME, hn, MAX_HOSTNAME ) < 0 ) {
1244 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1245 "can't get hostname\n" );
1246 slapi_ch_free( (void **)&hn );
1250 static int been_here = 0;
1251 static char *static_hn = NULL;
1253 ldap_pvt_thread_mutex_lock( &slapi_hn_mutex );
1255 static_hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
1256 if ( static_hn == NULL) {
1257 slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
1258 "can't malloc memory for hostname\n" );
1260 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1265 if ( gethostname( static_hn, MAX_HOSTNAME ) != 0 ) {
1266 slapi_log_error( SLAPI_LOG_FATAL,
1268 "can't get hostname\n" );
1269 slapi_ch_free( (void **)&static_hn );
1271 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1280 ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
1282 hn = ch_strdup( static_hn );
1283 #endif /* !_SPARC */
1286 #else /* !defined(LDAP_SLAPI) */
1288 #endif /* !defined(LDAP_SLAPI) */
1292 * FIXME: this should go in an appropriate header ...
1294 extern int vLogError( int level, char *subsystem, char *fmt, va_list arglist );
1303 #if defined(LDAP_SLAPI)
1304 int rc = LDAP_SUCCESS;
1307 va_start( arglist, fmt );
1308 rc = vLogError( severity, subsystem, fmt, arglist );
1312 #else /* !defined(LDAP_SLAPI) */
1314 #endif /* !defined(LDAP_SLAPI) */
1319 slapi_timer_current_time( void )
1321 #if defined(LDAP_SLAPI)
1322 static int first_time = 1;
1323 #if !defined (_WIN32)
1327 ldap_pvt_thread_mutex_lock( &slapi_time_mutex );
1330 gettimeofday( &base_time, NULL );
1332 gettimeofday( &now, NULL );
1333 ret = ( now.tv_sec - base_time.tv_sec ) * 1000000 +
1334 (now.tv_usec - base_time.tv_usec);
1335 ldap_pvt_thread_mutex_unlock( &slapi_time_mutex );
1341 return (slap_get_time() - starttime) * 1000000;
1348 performance_counter_present = QueryPerformanceCounter( &base_time );
1349 QueryPerformanceFrequency( &performance_freq );
1352 if ( !performance_counter_present )
1355 QueryPerformanceCounter( &now );
1356 return (1000000*(now.QuadPart-base_time.QuadPart))/performance_freq.QuadPart;
1358 #else /* !defined(LDAP_SLAPI) */
1360 #endif /* !defined(LDAP_SLAPI) */
1367 slapi_timer_get_time( char *label )
1369 #if defined(LDAP_SLAPI)
1370 unsigned long start = slapi_timer_current_time();
1371 printf("%10ld %10ld usec %s\n", start, 0, label);
1373 #else /* !defined(LDAP_SLAPI) */
1375 #endif /* !defined(LDAP_SLAPI) */
1382 slapi_timer_elapsed_time(
1384 unsigned long start )
1386 #if defined(LDAP_SLAPI)
1387 unsigned long stop = slapi_timer_current_time();
1388 printf ("%10ld %10ld usec %s\n", stop, stop - start, label);
1389 #endif /* defined(LDAP_SLAPI) */
1393 slapi_free_search_results_internal( Slapi_PBlock *pb )
1395 #if defined(LDAP_SLAPI)
1396 Slapi_Entry **entries;
1397 int k = 0, nEnt = 0;
1399 slapi_pblock_get( pb, SLAPI_NENTRIES, &nEnt );
1400 slapi_pblock_get( pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries );
1405 if ( entries == NULL ) {
1409 for ( k = 0; k < nEnt; k++ ) {
1410 slapi_entry_free( entries[k] );
1413 slapi_ch_free( (void **)&entries );
1414 #endif /* defined(LDAP_SLAPI) */
1418 * Internal API to prime a Slapi_PBlock with a Backend.
1420 int slapi_x_backend_set_pb( Slapi_PBlock *pb, Backend *be )
1422 #if defined(LDAP_SLAPI)
1425 rc = slapi_pblock_set( pb, SLAPI_BACKEND, (void *)be );
1426 if ( rc != LDAP_SUCCESS )
1430 rc = slapi_pblock_set( pb, SLAPI_BE_TYPE, (void *)be->bd_info->bi_type );
1431 if ( rc != LDAP_SUCCESS )
1435 return LDAP_SUCCESS;
1438 #endif /* defined(LDAP_SLAPI) */
1441 #if defined(LDAP_SLAPI)
1443 * If oldStyle is TRUE, then a value suitable for setting to
1444 * the deprecated SLAPI_CONN_AUTHTYPE value is returned
1445 * (pointer to static storage).
1447 * If oldStyle is FALSE, then a value suitable for setting to
1448 * the new SLAPI_CONN_AUTHMETHOD will be returned, which is
1449 * a pointer to allocated memory and will include the SASL
1450 * mechanism (if any).
1452 static char *Authorization2AuthType( AuthorizationInformation *authz, int is_tls, int oldStyle )
1457 switch ( authz->sai_method ) {
1458 case LDAP_AUTH_SASL:
1460 authType = SLAPD_AUTH_SASL;
1462 len = sizeof(SLAPD_AUTH_SASL) + authz->sai_mech.bv_len;
1463 authType = slapi_ch_malloc( len );
1464 snprintf( authType, len, "%s%s", SLAPD_AUTH_SASL, authz->sai_mech.bv_val );
1467 case LDAP_AUTH_SIMPLE:
1468 authType = oldStyle ? SLAPD_AUTH_SIMPLE : slapi_ch_strdup( SLAPD_AUTH_SIMPLE );
1470 case LDAP_AUTH_NONE:
1471 authType = oldStyle ? SLAPD_AUTH_NONE : slapi_ch_strdup( SLAPD_AUTH_NONE );
1477 if ( is_tls && authType == NULL ) {
1478 authType = oldStyle ? SLAPD_AUTH_SSL : slapi_ch_strdup( SLAPD_AUTH_SSL );
1486 * Internal API to prime a Slapi_PBlock with a Connection.
1488 int slapi_x_connection_set_pb( Slapi_PBlock *pb, Connection *conn )
1490 #if defined(LDAP_SLAPI)
1494 rc = slapi_pblock_set( pb, SLAPI_CONNECTION, (void *)conn );
1495 if ( rc != LDAP_SUCCESS )
1498 if ( strncmp( conn->c_peer_name.bv_val, "IP=", 3 ) == 0 ) {
1499 rc = slapi_pblock_set( pb, SLAPI_CONN_CLIENTIP, (void *)&conn->c_peer_name.bv_val[3] );
1500 if ( rc != LDAP_SUCCESS )
1504 if ( strncmp( conn->c_sock_name.bv_val, "IP=", 3 ) == 0 ) {
1505 rc = slapi_pblock_set( pb, SLAPI_CONN_SERVERIP, (void *)&conn->c_sock_name.bv_val[3] );
1506 if ( rc != LDAP_SUCCESS )
1510 rc = slapi_pblock_set( pb, SLAPI_CONN_ID, (void *)conn->c_connid );
1511 if ( rc != LDAP_SUCCESS )
1514 /* Returns pointer to static string */
1515 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 1 );
1516 if ( connAuthType != NULL ) {
1517 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHTYPE, (void *)connAuthType);
1518 if ( rc != LDAP_SUCCESS )
1522 /* Returns pointer to allocated string */
1523 connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 0 );
1524 if ( connAuthType != NULL ) {
1525 rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHMETHOD, (void *)connAuthType);
1526 if ( rc != LDAP_SUCCESS )
1530 if ( conn->c_authz.sai_dn.bv_val != NULL ) {
1531 char *connDn = slapi_ch_strdup(conn->c_authz.sai_dn.bv_val);
1532 rc = slapi_pblock_set(pb, SLAPI_CONN_DN, (void *)connDn);
1533 if ( rc != LDAP_SUCCESS )
1540 #endif /* defined(LDAP_SLAPI) */
1544 * Internal API to prime a Slapi_PBlock with an Operation.
1546 int slapi_x_operation_set_pb( Slapi_PBlock *pb, Operation *op )
1548 #if defined(LDAP_SLAPI)
1555 if ( slapi_pblock_get(pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
1559 isRoot = be_isroot( be, &op->o_ndn );
1560 isUpdateDn = be_isupdate( be, &op->o_ndn );
1563 rc = slapi_pblock_set( pb, SLAPI_OPERATION, (void *)op );
1564 if ( rc != LDAP_SUCCESS )
1567 rc = slapi_pblock_set( pb, SLAPI_OPINITIATED_TIME, (void *)op->o_time );
1568 if ( rc != LDAP_SUCCESS )
1571 rc = slapi_pblock_set( pb, SLAPI_OPERATION_ID, (void *)op->o_opid );
1572 if ( rc != LDAP_SUCCESS )
1575 rc = slapi_pblock_set( pb, SLAPI_OPERATION_TYPE, (void *)op->o_tag );
1576 if ( rc != LDAP_SUCCESS )
1579 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, (void *)isRoot );
1580 if ( rc != LDAP_SUCCESS )
1583 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_ISUPDATEDN, (void *)isUpdateDn );
1584 if ( rc != LDAP_SUCCESS )
1587 rc = slapi_pblock_set( pb, SLAPI_REQCONTROLS, (void *)op->o_ctrls );
1588 if ( rc != LDAP_SUCCESS)
1591 rc = slapi_pblock_set( pb, SLAPI_REQUESTOR_DN, (void *)op->o_ndn.bv_val );
1592 if ( rc != LDAP_SUCCESS )
1595 rc = slapi_pblock_get( pb, SLAPI_CONN_AUTHMETHOD, (void *)&opAuthType );
1596 if ( rc == LDAP_SUCCESS && opAuthType != NULL ) {
1597 /* Not quite sure what the point of this is. */
1598 rc = slapi_pblock_set( pb, SLAPI_OPERATION_AUTHTYPE, (void *)opAuthType );
1599 if ( rc != LDAP_SUCCESS )
1603 return LDAP_SUCCESS;
1609 int slapi_is_connection_ssl( Slapi_PBlock *pb, int *isSSL )
1611 #if defined( LDAP_SLAPI )
1614 slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
1615 *isSSL = conn->c_is_tls;
1617 return LDAP_SUCCESS;
1620 #endif /* defined(LDAP_SLAPI) */
1624 * DS 5.x compatability API follow
1627 int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags )
1629 #if defined( LDAP_SLAPI )
1633 return LDAP_PARAM_ERROR;
1635 at = attr->a_desc->ad_type;
1637 *flags = SLAPI_ATTR_FLAG_STD_ATTR;
1639 if ( is_at_single_value( at ) )
1640 *flags |= SLAPI_ATTR_FLAG_SINGLE;
1641 if ( is_at_operational( at ) )
1642 *flags |= SLAPI_ATTR_FLAG_OPATTR;
1643 if ( is_at_obsolete( at ) )
1644 *flags |= SLAPI_ATTR_FLAG_OBSOLETE;
1645 if ( is_at_collective( at ) )
1646 *flags |= SLAPI_ATTR_FLAG_COLLECTIVE;
1647 if ( is_at_no_user_mod( at ) )
1648 *flags |= SLAPI_ATTR_FLAG_NOUSERMOD;
1650 return LDAP_SUCCESS;
1653 #endif /* defined(LDAP_SLAPI) */
1656 int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag )
1658 #if defined( LDAP_SLAPI )
1659 unsigned long flags;
1661 if ( slapi_attr_get_flags( attr, &flags ) != 0 )
1663 return (flags & flag) ? 1 : 0;
1666 #endif /* defined(LDAP_SLAPI) */
1669 Slapi_Attr *slapi_attr_new( void )
1674 ad = (Attribute *)slapi_ch_calloc( 1, sizeof(*ad) );
1682 Slapi_Attr *slapi_attr_init( Slapi_Attr *a, const char *type )
1686 AttributeDescription *ad = NULL;
1688 if( slap_str2ad( type, &ad, &text ) != LDAP_SUCCESS ) {
1703 void slapi_attr_free( Slapi_Attr **a )
1711 Slapi_Attr *slapi_attr_dup( const Slapi_Attr *attr )
1714 return attr_dup( (Slapi_Attr *)attr );
1720 int slapi_attr_add_value( Slapi_Attr *a, const Slapi_Value *v )
1723 return value_add_one( &a->a_vals, (Slapi_Value *)v );
1729 int slapi_attr_type2plugin( const char *type, void **pi )
1736 int slapi_attr_get_type( const Slapi_Attr *attr, char **type )
1739 if ( attr == NULL ) {
1740 return LDAP_PARAM_ERROR;
1743 *type = attr->a_desc->ad_cname.bv_val;
1745 return LDAP_SUCCESS;
1751 int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp )
1754 if ( attr == NULL ) {
1755 return LDAP_PARAM_ERROR;
1757 *oidp = attr->a_desc->ad_type->sat_oid;
1759 return LDAP_SUCCESS;
1765 int slapi_attr_value_cmp( const Slapi_Attr *a, const struct berval *v1, const struct berval *v2 )
1773 mr = a->a_desc->ad_type->sat_equality;
1774 rc = value_match( &ret, a->a_desc, mr, SLAP_MR_ASSERTION_SYNTAX_MATCH,
1775 (struct berval *)v1, (void *)v2, &text );
1776 if ( rc != LDAP_SUCCESS )
1779 return ( ret == 0 ) ? 0 : -1;
1785 int slapi_attr_value_find( const Slapi_Attr *a, struct berval *v )
1795 mr = a->a_desc->ad_type->sat_equality;
1796 for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
1797 rc = value_match( &ret, a->a_desc, mr,
1798 SLAP_MR_ASSERTION_SYNTAX_MATCH, bv, v, &text );
1799 if ( rc != LDAP_SUCCESS ) {
1810 int slapi_attr_type_cmp( const char *t1, const char *t2, int opt )
1813 AttributeDescription *a1 = NULL;
1814 AttributeDescription *a2 = NULL;
1818 if ( slap_str2ad( t1, &a1, &text ) != LDAP_SUCCESS ) {
1822 if ( slap_str2ad( t2, &a2, &text ) != LDAP_SUCCESS ) {
1826 #define ad_base_cmp(l,r) (((l)->ad_type->sat_cname.bv_len < (r)->ad_type->sat_cname.bv_len) \
1827 ? -1 : (((l)->ad_type->sat_cname.bv_len > (r)->ad_type->sat_cname.bv_len) \
1828 ? 1 : strcasecmp((l)->ad_type->sat_cname.bv_val, (r)->ad_type->sat_cname.bv_val )))
1831 case SLAPI_TYPE_CMP_EXACT:
1832 ret = ad_cmp( a1, a2 );
1834 case SLAPI_TYPE_CMP_BASE:
1835 ret = ad_base_cmp( a1, a2 );
1837 case SLAPI_TYPE_CMP_SUBTYPE:
1838 ret = is_ad_subtype( a2, a2 );
1851 int slapi_attr_types_equivalent( const char *t1, const char *t2 )
1854 return slapi_attr_type_cmp( t1, t2, SLAPI_TYPE_CMP_EXACT );
1860 int slapi_attr_first_value( Slapi_Attr *a, Slapi_Value **v )
1863 return slapi_valueset_first_value( &a->a_vals, v );
1869 int slapi_attr_next_value( Slapi_Attr *a, int hint, Slapi_Value **v )
1872 return slapi_valueset_next_value( &a->a_vals, hint, v );
1878 int slapi_attr_get_numvalues( const Slapi_Attr *a, int *numValues )
1881 *numValues = slapi_valueset_count( &a->a_vals );
1889 int slapi_attr_get_valueset( const Slapi_Attr *a, Slapi_ValueSet **vs )
1892 *vs = &((Slapi_Attr *)a)->a_vals;
1900 int slapi_attr_get_bervals_copy( Slapi_Attr *a, struct berval ***vals )
1903 return slapi_attr_get_values( a, vals );
1909 char *slapi_attr_syntax_normalize( const char *s )
1912 AttributeDescription *ad = NULL;
1915 if ( slap_str2ad( s, &ad, &text ) != LDAP_SUCCESS ) {
1919 return ad->ad_cname.bv_val;
1925 Slapi_Value *slapi_value_new( void )
1930 bv = (struct berval *)slapi_ch_malloc( sizeof(*bv) );
1938 Slapi_Value *slapi_value_new_berval(const struct berval *bval)
1941 return ber_dupbv( NULL, (struct berval *)bval );
1947 Slapi_Value *slapi_value_new_value(const Slapi_Value *v)
1950 return slapi_value_new_berval( v );
1956 Slapi_Value *slapi_value_new_string(const char *s)
1961 bv.bv_val = (char *)s;
1962 bv.bv_len = strlen( s );
1964 return slapi_value_new_berval( &bv );
1970 Slapi_Value *slapi_value_init(Slapi_Value *val)
1982 Slapi_Value *slapi_value_init_berval(Slapi_Value *v, struct berval *bval)
1985 return ber_dupbv( v, bval );
1991 Slapi_Value *slapi_value_init_string(Slapi_Value *v, const char *s)
1994 v->bv_val = slapi_ch_strdup( (char *)s );
1995 v->bv_len = strlen( s );
2003 Slapi_Value *slapi_value_dup(const Slapi_Value *v)
2006 return slapi_value_new_value( v );
2012 void slapi_value_free(Slapi_Value **value)
2015 if ( value == NULL ) {
2019 if ( (*value) != NULL ) {
2020 slapi_ch_free( (void **)&(*value)->bv_val );
2021 slapi_ch_free( (void **)value );
2026 const struct berval *slapi_value_get_berval( const Slapi_Value *value )
2035 Slapi_Value *slapi_value_set_berval( Slapi_Value *value, const struct berval *bval )
2038 if ( value == NULL ) {
2041 if ( value->bv_val != NULL ) {
2042 slapi_ch_free( (void **)&value->bv_val );
2044 slapi_value_init_berval( value, (struct berval *)bval );
2052 Slapi_Value *slapi_value_set_value( Slapi_Value *value, const Slapi_Value *vfrom)
2055 if ( value == NULL ) {
2058 return slapi_value_set_berval( value, vfrom );
2064 Slapi_Value *slapi_value_set( Slapi_Value *value, void *val, unsigned long len)
2067 if ( value == NULL ) {
2070 if ( value->bv_val != NULL ) {
2071 slapi_ch_free( (void **)&value->bv_val );
2073 value->bv_val = slapi_ch_malloc( len );
2074 value->bv_len = len;
2075 AC_MEMCPY( value->bv_val, val, len );
2083 int slapi_value_set_string(Slapi_Value *value, const char *strVal)
2086 if ( value == NULL ) {
2089 slapi_value_set( value, (void *)strVal, strlen( strVal ) );
2096 int slapi_value_set_int(Slapi_Value *value, int intVal)
2101 snprintf( buf, sizeof( buf ), "%d", intVal );
2103 return slapi_value_set_string( value, buf );
2109 const char *slapi_value_get_string(const Slapi_Value *value)
2112 if ( value == NULL ) {
2115 return value->bv_val;
2122 static int checkBVString(const struct berval *bv)
2126 for ( i = 0; i < bv->bv_len; i++ ) {
2127 if ( bv->bv_val[i] == '\0' )
2130 if ( bv->bv_val[i] != '\0' )
2137 int slapi_value_get_int(const Slapi_Value *value)
2140 if ( value == NULL ) return 0;
2141 if ( value->bv_val == NULL ) return 0;
2142 if ( !checkBVString( value ) ) return 0;
2144 return (int)strtol( value->bv_val, NULL, 10 );
2150 unsigned int slapi_value_get_uint(const Slapi_Value *value)
2153 if ( value == NULL ) return 0;
2154 if ( value->bv_val == NULL ) return 0;
2155 if ( !checkBVString( value ) ) return 0;
2157 return (unsigned int)strtoul( value->bv_val, NULL, 10 );
2163 long slapi_value_get_long(const Slapi_Value *value)
2166 if ( value == NULL ) return 0;
2167 if ( value->bv_val == NULL ) return 0;
2168 if ( !checkBVString( value ) ) return 0;
2170 return strtol( value->bv_val, NULL, 10 );
2176 unsigned long slapi_value_get_ulong(const Slapi_Value *value)
2179 if ( value == NULL ) return 0;
2180 if ( value->bv_val == NULL ) return 0;
2181 if ( !checkBVString( value ) ) return 0;
2183 return strtoul( value->bv_val, NULL, 10 );
2189 size_t slapi_value_get_length(const Slapi_Value *value)
2192 if ( value == NULL )
2195 return (size_t) value->bv_len;
2201 int slapi_value_compare(const Slapi_Attr *a, const Slapi_Value *v1, const Slapi_Value *v2)
2204 return slapi_attr_value_cmp( a, v1, v2 );
2210 /* A ValueSet is a container for a BerVarray. */
2211 Slapi_ValueSet *slapi_valueset_new( void )
2216 vs = (Slapi_ValueSet *)slapi_ch_malloc( sizeof( *vs ) );
2225 void slapi_valueset_free(Slapi_ValueSet *vs)
2231 ber_bvarray_free( vp );
2232 slapi_ch_free( (void **)&vp );
2239 void slapi_valueset_init(Slapi_ValueSet *vs)
2242 if ( vs != NULL && *vs == NULL ) {
2243 *vs = (Slapi_ValueSet)slapi_ch_calloc( 1, sizeof(struct berval) );
2244 (*vs)->bv_val = NULL;
2250 void slapi_valueset_done(Slapi_ValueSet *vs)
2258 for ( vp = *vs; vp->bv_val != NULL; vp++ ) {
2260 slapi_ch_free( (void **)&vp->bv_val );
2262 /* but don't free *vs or vs */
2266 void slapi_valueset_add_value(Slapi_ValueSet *vs, const Slapi_Value *addval)
2271 ber_dupbv( &bv, (Slapi_Value *)addval );
2272 ber_bvarray_add( vs, &bv );
2276 int slapi_valueset_first_value( Slapi_ValueSet *vs, Slapi_Value **v )
2279 return slapi_valueset_next_value( vs, 0, v );
2285 int slapi_valueset_next_value( Slapi_ValueSet *vs, int index, Slapi_Value **v)
2296 for ( i = 0; vp[i].bv_val != NULL; i++ ) {
2307 int slapi_valueset_count( const Slapi_ValueSet *vs )
2318 for ( i = 0; vp[i].bv_val != NULL; i++ )
2328 void slapi_valueset_set_valueset(Slapi_ValueSet *vs1, const Slapi_ValueSet *vs2)
2333 for ( vp = *vs2; vp->bv_val != NULL; vp++ ) {
2334 slapi_valueset_add_value( vs1, vp );
2339 int slapi_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr,
2340 struct berval *val, int access )
2347 slap_access_t slap_access;
2348 AttributeDescription *ad = NULL;
2351 ret = slap_str2ad( attr, &ad, &text );
2352 if ( ret != LDAP_SUCCESS ) {
2356 switch ( access & SLAPI_ACL_ALL ) {
2357 case SLAPI_ACL_COMPARE:
2358 slap_access = ACL_COMPARE;
2360 case SLAPI_ACL_SEARCH:
2361 slap_access = ACL_SEARCH;
2363 case SLAPI_ACL_READ:
2364 slap_access = ACL_READ;
2366 case SLAPI_ACL_WRITE:
2367 case SLAPI_ACL_DELETE:
2369 case SLAPI_ACL_SELF:
2370 slap_access = ACL_WRITE;
2373 return LDAP_INSUFFICIENT_ACCESS;
2377 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2378 return LDAP_PARAM_ERROR;
2381 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2382 return LDAP_PARAM_ERROR;
2385 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2386 return LDAP_PARAM_ERROR;
2389 ret = access_allowed( be, conn, op, e, desc, val, slap_access, NULL );
2391 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2393 return LDAP_UNWILLING_TO_PERFORM;
2397 int slapi_acl_check_mods(Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf)
2405 Modifications *next;
2407 if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
2408 return LDAP_PARAM_ERROR;
2411 if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
2412 return LDAP_PARAM_ERROR;
2415 if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
2416 return LDAP_PARAM_ERROR;
2419 ml = slapi_x_ldapmods2modifications( mods );
2424 ret = acl_check_modlist( be, conn, op, e, ml );
2426 /* Careful when freeing the modlist because it has pointers into the mods array. */
2427 for ( ; ml != NULL; ml = next ) {
2428 next = ml->sml_next;
2430 /* just free the containing array */
2431 slapi_ch_free( (void **)&ml->sml_bvalues );
2432 slapi_ch_free( (void **)&ml );
2435 return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
2437 return LDAP_UNWILLING_TO_PERFORM;
2442 * Synthesise an LDAPMod array from a Modifications list to pass
2443 * to SLAPI. This synthesis is destructive and as such the
2444 * Modifications list may not be used after calling this
2447 * This function must also be called before slap_mods_check().
2449 LDAPMod **slapi_x_modifications2ldapmods(Modifications **pmodlist)
2452 Modifications *ml, *modlist;
2453 LDAPMod **mods, *modp;
2456 modlist = *pmodlist;
2458 for( i = 0, ml = modlist; ml != NULL; i++, ml = ml->sml_next )
2461 mods = (LDAPMod **)ch_malloc( (i + 1) * sizeof(LDAPMod *) );
2463 for( i = 0, ml = modlist; ml != NULL; ml = ml->sml_next ) {
2465 modp->mod_op = ml->sml_op | LDAP_MOD_BVALUES;
2467 /* Take ownership of original type. */
2468 modp->mod_type = ml->sml_type.bv_val;
2469 ml->sml_type.bv_val = NULL;
2471 if ( ml->sml_bvalues != NULL ) {
2472 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ )
2474 modp->mod_bvalues = (struct berval **)ch_malloc( (j + 1) *
2475 sizeof(struct berval *) );
2476 for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ ) {
2477 /* Take ownership of original values. */
2478 modp->mod_bvalues[j] = (struct berval *)ch_malloc( sizeof(struct berval) );
2479 modp->mod_bvalues[j]->bv_len = ml->sml_bvalues[j].bv_len;
2480 modp->mod_bvalues[j]->bv_val = ml->sml_bvalues[j].bv_val;
2481 ml->sml_bvalues[j].bv_len = 0;
2482 ml->sml_bvalues[j].bv_val = NULL;
2484 modp->mod_bvalues[j] = NULL;
2486 modp->mod_bvalues = NULL;
2493 slap_mods_free( modlist );
2503 * Convert a potentially modified array of LDAPMods back to a
2504 * Modification list.
2506 * The returned Modification list contains pointers into the
2507 * LDAPMods array; the latter MUST be freed with
2508 * slapi_x_free_ldapmods() (see below).
2510 Modifications *slapi_x_ldapmods2modifications (LDAPMod **mods)
2513 Modifications *modlist, **modtail;
2518 for( modp = mods; *modp != NULL; modp++ ) {
2522 struct berval **bvp;
2524 mod = (Modifications *) ch_malloc( sizeof(Modifications) );
2525 mod->sml_op = (*modp)->mod_op & (~LDAP_MOD_BVALUES);
2526 mod->sml_type.bv_val = (*modp)->mod_type;
2527 mod->sml_type.bv_len = strlen( mod->sml_type.bv_val );
2528 mod->sml_desc = NULL;
2529 mod->sml_next = NULL;
2531 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2532 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ )
2535 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ )
2539 mod->sml_bvalues = (BerVarray) ch_malloc( (i + 1) * sizeof(struct berval) );
2541 /* NB: This implicitly trusts a plugin to return valid modifications. */
2542 if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
2543 for( i = 0, bvp = (*modp)->mod_bvalues; *bvp != NULL; bvp++, i++ ) {
2544 mod->sml_bvalues[i].bv_val = (*bvp)->bv_val;
2545 mod->sml_bvalues[i].bv_len = (*bvp)->bv_len;
2548 for( i = 0, p = (*modp)->mod_values; *p != NULL; p++, i++ ) {
2549 mod->sml_bvalues[i].bv_val = *p;
2550 mod->sml_bvalues[i].bv_len = strlen( *p );
2553 mod->sml_bvalues[i].bv_val = NULL;
2556 modtail = &mod->sml_next;
2566 * This function only frees the parts of the mods array that
2567 * are not shared with the Modification list that was created
2568 * by slapi_x_ldapmods2modifications().
2571 void slapi_x_free_ldapmods (LDAPMod **mods)
2579 for ( i = 0; mods[i] != NULL; i++ ) {
2581 * Don't free values themselves; they're owned by the
2582 * Modification list. Do free the containing array.
2584 if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
2585 for ( j = 0; mods[i]->mod_bvalues[j] != NULL; j++ ) {
2586 ch_free( mods[i]->mod_bvalues[j] );
2588 ch_free( mods[i]->mod_bvalues );
2590 ch_free( mods[i]->mod_values );
2592 /* Don't free type, for same reasons. */
2596 #endif /* LDAP_SLAPI */
2600 * Sun ONE DS 5.x computed attribute support. Computed attributes
2601 * allow for dynamically generated operational attributes, a very
2602 * useful thing indeed.
2606 * Write the computed attribute to a BerElement. Complementary
2607 * functions need to be defined for anything that replaces
2608 * op->o_callback->sc_sendentry, if you wish to make computed
2609 * attributes available to it.
2611 int slapi_x_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
2615 Connection *conn = NULL;
2616 Operation *op = NULL;
2618 AttributeDescription *desc;
2634 rc = slapi_pblock_get( c->cac_pb, SLAPI_BACKEND, (void *)&be );
2636 be = NULL; /* no backend for root DSE */
2639 rc = slapi_pblock_get( c->cac_pb, SLAPI_CONNECTION, (void *)&conn );
2640 if ( rc != 0 || conn == NULL ) {
2644 rc = slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, (void *)&op );
2645 if ( rc != 0 || op == NULL ) {
2649 ber = (BerElement *)c->cac_private;
2652 if ( c->cac_attrs == NULL ) {
2653 /* All attrs request, skip operational attributes */
2654 if ( is_at_operational( desc->ad_type ) ) {
2658 /* Specific attrs requested */
2659 if ( is_at_operational( desc->ad_type ) ) {
2660 if ( !c->cac_opattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2664 if ( !c->cac_userattrs && !ad_inlist( desc, c->cac_attrs ) ) {
2670 if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
2671 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2672 "acl: access to attribute %s not allowed\n",
2673 desc->ad_cname.bv_val );
2677 rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname );
2679 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2680 "ber_printf failed\n");
2684 if ( !c->cac_attrsonly ) {
2685 for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
2686 if ( !access_allowed( be, conn, op, e,
2687 desc, &a->a_vals[i], ACL_READ, &c->cac_acl_state)) {
2688 slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
2689 "slapi_x_compute_output_ber: conn %lu "
2690 "acl: access to %s, value %d not allowed\n",
2691 op->o_connid, desc->ad_cname.bv_val, i );
2695 if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
2696 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2697 "ber_printf failed\n");
2703 if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
2704 slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
2705 "ber_printf failed\n" );
2716 * For some reason Sun don't use the normal plugin mechanism
2717 * registration path to register an "evaluator" function (an
2718 * "evaluator" is responsible for adding computed attributes;
2719 * the nomenclature is somewhat confusing).
2721 * As such slapi_compute_add_evaluator() registers the
2722 * function directly.
2724 int slapi_compute_add_evaluator(slapi_compute_callback_t function)
2727 Slapi_PBlock *pPlugin = NULL;
2730 pPlugin = slapi_pblock_new();
2731 if ( pPlugin == NULL ) {
2732 rc = LDAP_NO_MEMORY;
2736 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2737 if ( rc != LDAP_SUCCESS ) {
2741 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (void *)function );
2742 if ( rc != LDAP_SUCCESS ) {
2746 rc = insertPlugin( NULL, pPlugin );
2753 if ( rc != LDAP_SUCCESS ) {
2754 if ( pPlugin != NULL ) {
2755 slapi_pblock_destroy( pPlugin );
2763 #endif /* LDAP_SLAPI */
2767 * See notes above regarding slapi_compute_add_evaluator().
2769 int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function)
2772 Slapi_PBlock *pPlugin = NULL;
2775 pPlugin = slapi_pblock_new();
2776 if ( pPlugin == NULL ) {
2777 rc = LDAP_NO_MEMORY;
2781 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_TYPE, (void *)SLAPI_PLUGIN_OBJECT );
2782 if ( rc != LDAP_SUCCESS ) {
2786 rc = slapi_pblock_set( pPlugin, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, (void *)function );
2787 if ( rc != LDAP_SUCCESS ) {
2791 rc = insertPlugin( NULL, pPlugin );
2798 if ( rc != LDAP_SUCCESS ) {
2799 if ( pPlugin != NULL ) {
2800 slapi_pblock_destroy( pPlugin );
2808 #endif /* LDAP_SLAPI */
2812 * Call compute evaluators
2814 int compute_evaluator(computed_attr_context *c, char *type, Slapi_Entry *e, slapi_compute_output_t outputfn)
2818 slapi_compute_callback_t *pGetPlugin, *tmpPlugin;
2820 rc = getAllPluginFuncs( NULL, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (SLAPI_FUNC **)&tmpPlugin );
2821 if ( rc != LDAP_SUCCESS || tmpPlugin == NULL ) {
2822 /* Nothing to do; front-end should ignore. */
2826 for ( pGetPlugin = tmpPlugin; *pGetPlugin != NULL; pGetPlugin++ ) {
2828 * -1: no attribute matched requested type
2829 * 0: one attribute matched
2830 * >0: error happened
2832 rc = (*pGetPlugin)( c, type, e, outputfn );
2838 slapi_ch_free( (void **)&tmpPlugin );
2843 #endif /* LDAP_SLAPI */
2846 int compute_rewrite_search_filter(Slapi_PBlock *pb)
2852 rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be );
2857 return doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb );
2860 #endif /* LDAP_SLAPI */
2864 * New API to provide the plugin with access to the search
2865 * pblock. Have informed Sun DS team.
2867 int slapi_x_compute_get_pblock(computed_attr_context *c, Slapi_PBlock **pb)
2873 if ( c->cac_pb == NULL )
2881 #endif /* LDAP_SLAPI */