1 /* syncrepl.c -- Replication Engine which uses the LDAP Sync protocol */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2005 The OpenLDAP Foundation.
6 * Portions Copyright 2003 by IBM Corporation.
7 * Portions Copyright 2003 by Howard Chu, Symas Corporation.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
23 #include <ac/string.h>
24 #include <ac/socket.h>
28 #include "lutil_ldap.h"
32 /* FIXME: for ldap_ld_free() */
34 #include "../../libraries/libldap/ldap-int.h"
36 static int syncuuid_cmp( const void *, const void * );
37 static void avl_ber_bvfree( void * );
38 static void syncrepl_del_nonpresent( Operation *, syncinfo_t *, BerVarray );
40 /* callback functions */
41 static int dn_callback( struct slap_op *, struct slap_rep * );
42 static int nonpresent_callback( struct slap_op *, struct slap_rep * );
43 static int null_callback( struct slap_op *, struct slap_rep * );
45 static AttributeDescription *sync_descs[4];
48 init_syncrepl(syncinfo_t *si)
51 char **attrs, **exattrs;
53 if ( !sync_descs[0] ) {
54 sync_descs[0] = slap_schema.si_ad_objectClass;
55 sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
56 sync_descs[2] = slap_schema.si_ad_entryCSN;
60 if ( si->si_allattrs && si->si_allopattrs )
63 attrs = anlist2attrs( si->si_anlist );
66 if ( si->si_allattrs ) {
69 if ( !is_at_operational( at_find( attrs[i] ))) {
70 for ( j = i; attrs[j] != NULL; j++ ) {
73 attrs[j] = attrs[j+1];
79 attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) );
80 attrs[i] = ch_strdup("*");
83 } else if ( si->si_allopattrs ) {
86 if ( is_at_operational( at_find( attrs[i] ))) {
87 for ( j = i; attrs[j] != NULL; j++ ) {
90 attrs[j] = attrs[j+1];
96 attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) );
97 attrs[i] = ch_strdup("+");
101 for ( i = 0; sync_descs[i] != NULL; i++ ) {
104 if ( !strcmp( attrs[j], sync_descs[i]->ad_cname.bv_val )) {
105 for ( k = j; attrs[k] != NULL; k++ ) {
108 attrs[k] = attrs[k+1];
116 for ( n = 0; attrs[ n ] != NULL; n++ ) /* empty */;
118 if ( si->si_allopattrs ) {
119 attrs = ( char ** ) ch_realloc( attrs, (n + 2)*sizeof( char * ));
121 attrs = ( char ** ) ch_realloc( attrs, (n + 4)*sizeof( char * ));
124 if ( attrs == NULL ) {
125 Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
129 if ( si->si_allopattrs ) {
130 attrs[n++] = ch_strdup( sync_descs[0]->ad_cname.bv_val );
132 for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
133 attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
141 if ( si->si_allattrs == si->si_allopattrs ) {
142 attrs = (char**) ch_malloc( 3 * sizeof(char*) );
143 attrs[i++] = ch_strdup( "*" );
144 attrs[i++] = ch_strdup( "+" );
145 } else if ( si->si_allattrs && !si->si_allopattrs ) {
146 for ( n = 0; sync_descs[ n ] != NULL; n++ ) ;
147 attrs = (char**) ch_malloc( (n+1)* sizeof(char*) );
148 attrs[i++] = ch_strdup( "*" );
149 for ( j = 1; sync_descs[ j ] != NULL; j++ ) {
150 attrs[i++] = ch_strdup ( sync_descs[j]->ad_cname.bv_val );
152 } else if ( !si->si_allattrs && si->si_allopattrs ) {
153 attrs = (char**) ch_malloc( 3 * sizeof(char*) );
154 attrs[i++] = ch_strdup( "+" );
155 attrs[i++] = ch_strdup( sync_descs[0]->ad_cname.bv_val );
160 si->si_attrs = attrs;
162 exattrs = anlist2attrs( si->si_exanlist );
165 for ( n = 0; exattrs[n] != NULL; n++ ) ;
167 for ( i = 0; sync_descs[i] != NULL; i++ ) {
169 while ( exattrs[j] != NULL ) {
170 if ( !strcmp( exattrs[j], sync_descs[i]->ad_cname.bv_val )) {
171 for ( k = j; exattrs[k] != NULL; k++ ) {
173 ch_free( exattrs[k] );
174 exattrs[k] = exattrs[k+1];
182 for ( i = 0; exattrs[i] != NULL; i++ ) {
183 for ( j = 0; si->si_anlist[j].an_name.bv_val; j++ ) {
185 if ( ( oc = si->si_anlist[j].an_oc ) ) {
187 while ( oc->soc_required[k] ) {
188 if ( !strcmp( exattrs[i],
189 oc->soc_required[k]->sat_cname.bv_val )) {
190 for ( l = i; exattrs[l]; l++ ) {
192 ch_free( exattrs[i] );
193 exattrs[l] = exattrs[l+1];
203 for ( i = 0; exattrs[i] != NULL; i++ ) ;
206 exattrs = (char **) ch_realloc( exattrs, (i + 1)*sizeof(char *));
209 si->si_exattrs = exattrs;
217 BerElementBuffer berbuf;
218 BerElement *ber = (BerElement *)&berbuf;
219 LDAPControl c[2], *ctrls[3];
220 struct timeval timeout;
224 /* setup LDAP SYNC control */
225 ber_init2( ber, NULL, LBER_USE_DER );
226 ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
228 if ( !BER_BVISNULL( &si->si_syncCookie.octet_str ) )
230 ber_printf( ber, "{eO}",
232 &si->si_syncCookie.octet_str );
234 ber_printf( ber, "{e}",
238 if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
243 c[0].ldctl_oid = LDAP_CONTROL_SYNC;
244 c[0].ldctl_iscritical = si->si_type < 0;
247 if ( !BER_BVISNULL( &si->si_bindconf.sb_authzId ) ) {
248 c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
249 c[1].ldctl_value = si->si_bindconf.sb_authzId;
250 c[1].ldctl_iscritical = 1;
257 timeout.tv_sec = si->si_tlimit;
260 rc = ldap_search_ext( si->si_ld, si->si_base.bv_val, si->si_scope,
261 si->si_filterstr.bv_val, si->si_attrs, si->si_attrsonly,
262 ctrls, NULL, si->si_tlimit > 0 ? &timeout : NULL,
263 si->si_slimit, &msgid );
274 int cmdline_cookie_found = 0;
276 struct sync_cookie *sc = NULL;
282 psub = &si->si_be->be_nsuffix[0];
284 /* Init connection to master */
285 rc = ldap_initialize( &si->si_ld, si->si_provideruri.bv_val );
286 if ( rc != LDAP_SUCCESS ) {
287 Debug( LDAP_DEBUG_ANY,
288 "do_syncrep1: ldap_initialize failed (%s)\n",
289 si->si_provideruri.bv_val, 0, 0 );
293 op->o_protocol = LDAP_VERSION3;
294 ldap_set_option( si->si_ld, LDAP_OPT_PROTOCOL_VERSION, &op->o_protocol );
298 if ( si->si_bindconf.sb_tls ) {
299 rc = ldap_start_tls_s( si->si_ld, NULL, NULL );
300 if( rc != LDAP_SUCCESS ) {
301 Debug( LDAP_DEBUG_ANY,
302 "%s: ldap_start_tls failed (%d)\n",
303 si->si_bindconf.sb_tls == SB_TLS_CRITICAL ? "Error" : "Warning",
305 if( si->si_bindconf.sb_tls == SB_TLS_CRITICAL ) goto done;
309 if ( si->si_bindconf.sb_method == LDAP_AUTH_SASL ) {
310 #ifdef HAVE_CYRUS_SASL
313 if ( si->si_bindconf.sb_secprops != NULL ) {
314 rc = ldap_set_option( si->si_ld,
315 LDAP_OPT_X_SASL_SECPROPS, si->si_bindconf.sb_secprops);
317 if( rc != LDAP_OPT_SUCCESS ) {
318 Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option "
319 "(%s,SECPROPS,\"%s\") failed!\n",
320 si->si_provideruri.bv_val, si->si_bindconf.sb_secprops, 0 );
325 defaults = lutil_sasl_defaults( si->si_ld, si->si_bindconf.sb_saslmech,
326 si->si_bindconf.sb_realm, si->si_bindconf.sb_authcId,
327 si->si_bindconf.sb_cred.bv_val, si->si_bindconf.sb_authzId.bv_val );
329 rc = ldap_sasl_interactive_bind_s( si->si_ld,
330 si->si_bindconf.sb_binddn.bv_val,
331 si->si_bindconf.sb_saslmech,
337 lutil_sasl_freedefs( defaults );
339 /* FIXME: different error behaviors according to
341 * 2) on err policy : exit, retry, backoff ...
343 if ( rc != LDAP_SUCCESS ) {
344 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
345 "ldap_sasl_interactive_bind_s failed (%d)\n",
348 /* FIXME (see above comment) */
349 /* if Kerberos credentials cache is not active, retry */
350 if ( strcmp( si->si_bindconf.sb_saslmech, "GSSAPI" ) == 0 &&
351 rc == LDAP_LOCAL_ERROR )
353 rc = LDAP_SERVER_DOWN;
358 #else /* HAVE_CYRUS_SASL */
359 /* Should never get here, we trapped this at config time */
361 fprintf( stderr, "not compiled with SASL support\n" );
366 } else if ( si->si_bindconf.sb_method == LDAP_AUTH_SIMPLE ) {
367 rc = ldap_sasl_bind_s( si->si_ld,
368 si->si_bindconf.sb_binddn.bv_val, LDAP_SASL_SIMPLE,
369 &si->si_bindconf.sb_cred, NULL, NULL, NULL );
370 if ( rc != LDAP_SUCCESS ) {
371 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
372 "ldap_sasl_bind_s failed (%d)\n", rc, 0, 0 );
377 /* Set SSF to strongest of TLS, SASL SSFs */
380 op->o_transport_ssf = 0;
382 if ( ldap_get_option( si->si_ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl )
383 == LDAP_SUCCESS && ssl != NULL )
385 op->o_tls_ssf = ldap_pvt_tls_get_strength( ssl );
387 #endif /* HAVE_TLS */
388 ldap_get_option( si->si_ld, LDAP_OPT_X_SASL_SSF, &op->o_sasl_ssf );
389 op->o_ssf = ( op->o_sasl_ssf > op->o_tls_ssf )
390 ? op->o_sasl_ssf : op->o_tls_ssf;
393 if ( BER_BVISNULL( &si->si_syncCookie.octet_str )) {
394 /* get contextCSN shadow replica from database */
395 BerVarray csn = NULL;
397 assert( si->si_rid < 1000 );
398 op->o_req_ndn = op->o_bd->be_nsuffix[0];
399 op->o_req_dn = op->o_req_ndn;
401 /* try to read stored contextCSN */
402 backend_attribute( op, NULL, &op->o_req_ndn,
403 slap_schema.si_ad_contextCSN, &csn, ACL_READ );
405 ch_free( si->si_syncCookie.ctxcsn.bv_val );
406 ber_dupbv( &si->si_syncCookie.ctxcsn, csn );
407 ber_bvarray_free_x( csn, op->o_tmpmemctx );
410 si->si_syncCookie.rid = si->si_rid;
412 LDAP_STAILQ_FOREACH( sc, &slap_sync_cookie, sc_next ) {
413 if ( si->si_rid == sc->rid ) {
414 cmdline_cookie_found = 1;
419 if ( cmdline_cookie_found ) {
420 /* cookie is supplied in the command line */
422 LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next );
424 if ( BER_BVISNULL( &sc->ctxcsn ) ) {
425 /* if cmdline cookie does not have ctxcsn */
426 /* component, set it to an initial value */
427 slap_init_sync_cookie_ctxcsn( sc );
429 slap_sync_cookie_free( &si->si_syncCookie, 0 );
430 slap_dup_sync_cookie( &si->si_syncCookie, sc );
431 slap_sync_cookie_free( sc, 1 );
434 slap_compose_sync_cookie( NULL, &si->si_syncCookie.octet_str,
435 &si->si_syncCookie.ctxcsn, si->si_syncCookie.rid );
438 rc = ldap_sync_search( si, op->o_tmpmemctx );
440 if( rc != LDAP_SUCCESS ) {
441 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
442 "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
448 ldap_unbind_ext( si->si_ld, NULL, NULL );
461 LDAPControl **rctrls = NULL;
464 BerElementBuffer berbuf;
465 BerElement *ber = (BerElement *)&berbuf;
467 LDAPMessage *res = NULL;
468 LDAPMessage *msg = NULL;
471 struct berval *retdata = NULL;
476 struct berval syncUUID = BER_BVNULL;
477 struct sync_cookie syncCookie = { 0 };
478 struct sync_cookie syncCookie_req = { 0 };
479 struct berval cookie = BER_BVNULL;
487 Modifications *modlist = NULL;
492 struct timeval *tout_p = NULL;
493 struct timeval tout = { 0, 0 };
495 int refreshDeletes = 0;
497 BerVarray syncUUIDs = NULL;
500 if ( slapd_shutdown ) {
505 ber_init2( ber, NULL, LBER_USE_DER );
506 ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
508 Debug( LDAP_DEBUG_TRACE, "=>do_syncrep2\n", 0, 0, 0 );
510 psub = &si->si_be->be_nsuffix[0];
512 slap_dup_sync_cookie( &syncCookie_req, &si->si_syncCookie );
514 if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) {
520 while (( rc = ldap_result( si->si_ld, LDAP_RES_ANY, LDAP_MSG_ONE,
521 tout_p, &res )) > 0 )
523 if ( slapd_shutdown ) {
527 for( msg = ldap_first_message( si->si_ld, res );
529 msg = ldap_next_message( si->si_ld, msg ) )
531 if ( slapd_shutdown ) {
535 switch( ldap_msgtype( msg ) ) {
536 case LDAP_RES_SEARCH_ENTRY:
537 ldap_get_entry_controls( si->si_ld, msg, &rctrls );
538 /* we can't work without the control */
540 Debug( LDAP_DEBUG_ANY, "do_syncrep2: "
541 "got search entry without "
542 "control\n", 0, 0, 0 );
547 ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
548 ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID );
549 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
550 ber_scanf( ber, /*"{"*/ "m}", &cookie );
551 if ( !BER_BVISNULL( &cookie ) ) {
552 ch_free( syncCookie.octet_str.bv_val );
553 ber_dupbv( &syncCookie.octet_str, &cookie );
555 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
557 slap_parse_sync_cookie( &syncCookie );
560 if ( syncrepl_message_to_entry( si, op, msg,
561 &modlist, &entry, syncstate ) == LDAP_SUCCESS ) {
562 rc_efree = syncrepl_entry( si, op, entry, &modlist,
563 syncstate, &syncUUID, &syncCookie_req, &syncCookie.ctxcsn );
564 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
566 syncrepl_updateCookie( si, op, psub, &syncCookie );
569 ldap_controls_free( rctrls );
571 slap_mods_free( modlist );
573 if ( rc_efree && entry ) {
579 case LDAP_RES_SEARCH_REFERENCE:
580 Debug( LDAP_DEBUG_ANY,
581 "do_syncrep2: reference received error\n", 0, 0, 0 );
584 case LDAP_RES_SEARCH_RESULT:
585 Debug( LDAP_DEBUG_SYNC,
586 "do_syncrep2: LDAP_RES_SEARCH_RESULT\n", 0, 0, 0 );
587 ldap_parse_result( si->si_ld, msg, &err, NULL, NULL, NULL,
591 ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
593 ber_scanf( ber, "{" /*"}"*/);
594 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
595 ber_scanf( ber, "m", &cookie );
596 if ( !BER_BVISNULL( &cookie ) ) {
597 ch_free( syncCookie.octet_str.bv_val );
598 ber_dupbv( &syncCookie.octet_str, &cookie);
600 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
602 slap_parse_sync_cookie( &syncCookie );
605 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES )
607 ber_scanf( ber, "b", &refreshDeletes );
609 ber_scanf( ber, /*"{"*/ "}" );
611 if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) {
613 } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) {
616 value_match( &match, slap_schema.si_ad_entryCSN,
617 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
618 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
619 &syncCookie_req.ctxcsn, &syncCookie.ctxcsn,
622 if ( !BER_BVISNULL( &syncCookie.octet_str ) &&
623 match < 0 && err == LDAP_SUCCESS )
625 syncrepl_updateCookie( si, op, psub, &syncCookie );
628 ldap_controls_free( rctrls );
630 if (si->si_type != LDAP_SYNC_REFRESH_AND_PERSIST) {
631 /* FIXME : different error behaviors according to
632 * 1) err code : LDAP_BUSY ...
633 * 2) on err policy : stop service, stop sync, retry
635 if ( refreshDeletes == 0 && match < 0 &&
636 err == LDAP_SUCCESS )
638 syncrepl_del_nonpresent( op, si, NULL );
640 avl_free( si->si_presentlist, avl_ber_bvfree );
641 si->si_presentlist = NULL;
648 case LDAP_RES_INTERMEDIATE:
649 rc = ldap_parse_intermediate( si->si_ld, msg,
650 &retoid, &retdata, NULL, 0 );
651 if ( !rc && !strcmp( retoid, LDAP_SYNC_INFO ) ) {
652 ber_init2( ber, retdata, LBER_USE_DER );
654 switch ( si_tag = ber_peek_tag( ber, &len )) {
656 case LDAP_TAG_SYNC_NEW_COOKIE:
657 Debug( LDAP_DEBUG_SYNC,
658 "do_syncrep2: %s - %s%s\n",
659 "LDAP_RES_INTERMEDIATE",
660 "NEW_COOKIE", "\n" );
661 ber_scanf( ber, "tm", &tag, &cookie );
663 case LDAP_TAG_SYNC_REFRESH_DELETE:
664 case LDAP_TAG_SYNC_REFRESH_PRESENT:
665 Debug( LDAP_DEBUG_SYNC,
666 "do_syncrep2: %s - %s%s\n",
667 "LDAP_RES_INTERMEDIATE",
668 si_tag == LDAP_TAG_SYNC_REFRESH_PRESENT ?
669 "REFRESH_PRESENT" : "REFRESH_DELETE",
671 if ( si_tag == LDAP_TAG_SYNC_REFRESH_DELETE ) {
672 si->si_refreshDelete = 1;
674 si->si_refreshPresent = 1;
676 ber_scanf( ber, "t{" /*"}"*/, &tag );
677 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE )
679 ber_scanf( ber, "m", &cookie );
680 if ( !BER_BVISNULL( &cookie ) ) {
681 ch_free( syncCookie.octet_str.bv_val );
682 ber_dupbv( &syncCookie.octet_str, &cookie );
684 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
686 slap_parse_sync_cookie( &syncCookie );
689 if ( ber_peek_tag( ber, &len ) ==
690 LDAP_TAG_REFRESHDONE )
692 ber_scanf( ber, "b", &refreshDone );
694 ber_scanf( ber, /*"{"*/ "}" );
696 case LDAP_TAG_SYNC_ID_SET:
697 Debug( LDAP_DEBUG_SYNC,
698 "do_syncrep2: %s - %s%s\n",
699 "LDAP_RES_INTERMEDIATE",
702 ber_scanf( ber, "t{" /*"}"*/, &tag );
703 if ( ber_peek_tag( ber, &len ) ==
704 LDAP_TAG_SYNC_COOKIE )
706 ber_scanf( ber, "m", &cookie );
707 if ( !BER_BVISNULL( &cookie ) ) {
708 ch_free( syncCookie.octet_str.bv_val );
709 ber_dupbv( &syncCookie.octet_str, &cookie );
711 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
713 slap_parse_sync_cookie( &syncCookie );
716 if ( ber_peek_tag( ber, &len ) ==
717 LDAP_TAG_REFRESHDELETES )
719 ber_scanf( ber, "b", &refreshDeletes );
721 ber_scanf( ber, "[W]", &syncUUIDs );
722 ber_scanf( ber, /*"{"*/ "}" );
723 if ( refreshDeletes ) {
724 syncrepl_del_nonpresent( op, si, syncUUIDs );
725 ber_bvarray_free_x( syncUUIDs, op->o_tmpmemctx );
727 for ( i = 0; !BER_BVISNULL( &syncUUIDs[i] ); i++ ) {
728 struct berval *syncuuid_bv;
729 syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] );
730 slap_sl_free( syncUUIDs[i].bv_val,op->o_tmpmemctx );
731 avl_insert( &si->si_presentlist,
732 (caddr_t) syncuuid_bv,
733 syncuuid_cmp, avl_dup_error );
735 slap_sl_free( syncUUIDs, op->o_tmpmemctx );
739 Debug( LDAP_DEBUG_ANY,
740 "do_syncrep2 : unknown syncinfo tag (%ld)\n",
741 (long) si_tag, 0, 0 );
742 ldap_memfree( retoid );
743 ber_bvfree( retdata );
747 if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) {
749 } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) {
752 value_match( &match, slap_schema.si_ad_entryCSN,
753 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
754 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
755 &syncCookie_req.ctxcsn,
756 &syncCookie.ctxcsn, &text );
759 if ( !BER_BVISNULL( &syncCookie.ctxcsn ) &&
762 syncrepl_updateCookie( si, op, psub, &syncCookie);
765 if ( si->si_refreshPresent == 1 ) {
767 syncrepl_del_nonpresent( op, si, NULL );
771 ldap_memfree( retoid );
772 ber_bvfree( retdata );
776 Debug( LDAP_DEBUG_ANY, "do_syncrep2 : "
777 "unknown intermediate response (%d)\n",
779 ldap_memfree( retoid );
780 ber_bvfree( retdata );
786 Debug( LDAP_DEBUG_ANY, "do_syncrep2 : "
787 "unknown message\n", 0, 0, 0 );
791 if ( !BER_BVISNULL( &syncCookie.octet_str )) {
792 slap_sync_cookie_free( &syncCookie_req, 0 );
793 slap_dup_sync_cookie( &syncCookie_req, &syncCookie );
794 slap_sync_cookie_free( &syncCookie, 0 );
804 ldap_get_option( si->si_ld, LDAP_OPT_ERROR_NUMBER, &rc );
805 errstr = ldap_err2string( rc );
807 Debug( LDAP_DEBUG_ANY,
808 "do_syncrep2 : %s\n", errstr, 0, 0 );
812 slap_sync_cookie_free( &syncCookie, 0 );
813 slap_sync_cookie_free( &syncCookie_req, 0 );
815 if ( res ) ldap_msgfree( res );
817 if ( rc && si->si_ld ) {
818 ldap_unbind_ext( si->si_ld, NULL, NULL );
830 struct re_s* rtask = arg;
831 syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
832 Connection conn = {0};
833 char opbuf[OPERATION_BUFFER_SIZE];
835 int rc = LDAP_SUCCESS;
842 Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 );
847 ldap_pvt_thread_mutex_lock( &si->si_mutex );
849 switch( abs( si->si_type )) {
850 case LDAP_SYNC_REFRESH_ONLY:
851 case LDAP_SYNC_REFRESH_AND_PERSIST:
854 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
858 if ( slapd_shutdown ) {
860 ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s );
861 connection_client_stop( s );
862 ldap_unbind_ext( si->si_ld, NULL, NULL );
865 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
869 op = (Operation *)opbuf;
870 connection_fake_init( &conn, op, ctx );
872 /* use global malloc for now */
873 op->o_tmpmemctx = NULL;
874 op->o_tmpmfuncs = &ch_mfuncs;
876 op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
877 op->o_bd = be = si->si_be;
878 op->o_dn = op->o_bd->be_rootdn;
879 op->o_ndn = op->o_bd->be_rootndn;
881 /* Establish session, do search */
884 si->si_refreshDelete = 0;
885 si->si_refreshPresent = 0;
886 rc = do_syncrep1( op, si );
889 /* Process results */
890 if ( rc == LDAP_SUCCESS ) {
891 ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s );
893 rc = do_syncrep2( op, si );
895 if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) {
896 /* If we succeeded, enable the connection for further listening.
897 * If we failed, tear down the connection and reschedule.
899 if ( rc == LDAP_SUCCESS ) {
901 rc = connection_client_setup( s, do_syncrepl, arg );
903 connection_client_enable( s );
905 } else if ( !first ) {
909 if ( rc == -2 ) rc = 0;
913 /* At this point, we have 4 cases:
914 * 1) for any hard failure, give up and remove this task
915 * 2) for ServerDown, reschedule this task to run
916 * 3) for Refresh and Success, reschedule to run
917 * 4) for Persist and Success, reschedule to defer
919 ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex );
921 if ( ldap_pvt_runqueue_isrunning( &slapd_rq, rtask )) {
922 ldap_pvt_runqueue_stoptask( &slapd_rq, rtask );
926 connection_client_stop( s );
929 if ( rc == LDAP_SUCCESS ) {
930 if ( si->si_type == LDAP_SYNC_REFRESH_ONLY ) {
933 rtask->interval.tv_sec = si->si_interval;
934 ldap_pvt_runqueue_resched( &slapd_rq, rtask, defer );
935 if ( si->si_retrynum ) {
936 for ( i = 0; si->si_retrynum_init[i] != -2; i++ ) {
937 si->si_retrynum[i] = si->si_retrynum_init[i];
939 si->si_retrynum[i] = -2;
942 for ( i = 0; si->si_retrynum && si->si_retrynum[i] <= 0; i++ ) {
943 if ( si->si_retrynum[i] == -1 || si->si_retrynum[i] == -2 )
947 if ( !si->si_retrynum || si->si_retrynum[i] == -2 ) {
948 ldap_pvt_runqueue_remove( &slapd_rq, rtask );
949 } else if ( si->si_retrynum[i] >= -1 ) {
950 if ( si->si_retrynum[i] > 0 )
951 si->si_retrynum[i]--;
952 rtask->interval.tv_sec = si->si_retryinterval[i];
953 ldap_pvt_runqueue_resched( &slapd_rq, rtask, 0 );
954 slap_wake_listener();
958 ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex );
959 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
965 syncrepl_message_to_entry(
969 Modifications **modlist,
975 BerElement *ber = NULL;
978 Modifications **modtail = modlist;
981 char txtbuf[SLAP_TEXT_BUFLEN];
982 size_t textlen = sizeof txtbuf;
984 struct berval bdn = {0, NULL}, dn, ndn;
989 if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) {
990 Debug( LDAP_DEBUG_ANY,
991 "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 );
995 op->o_tag = LDAP_REQ_ADD;
997 rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn );
999 if ( rc != LDAP_SUCCESS ) {
1000 Debug( LDAP_DEBUG_ANY,
1001 "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
1005 dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx );
1006 ber_dupbv( &op->o_req_dn, &dn );
1007 ber_dupbv( &op->o_req_ndn, &ndn );
1008 slap_sl_free( ndn.bv_val, op->o_tmpmemctx );
1009 slap_sl_free( dn.bv_val, op->o_tmpmemctx );
1011 if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) {
1014 return LDAP_SUCCESS;
1017 if ( entry == NULL ) {
1021 e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
1023 e->e_name = op->o_req_dn;
1024 e->e_nname = op->o_req_ndn;
1026 while ( ber_remaining( ber ) ) {
1027 if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) ==
1028 LBER_ERROR ) || BER_BVISNULL( &tmp.sml_type ) )
1033 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1035 mod->sml_op = LDAP_MOD_REPLACE;
1036 mod->sml_next = NULL;
1037 mod->sml_desc = NULL;
1038 mod->sml_type = tmp.sml_type;
1039 mod->sml_values = tmp.sml_values;
1040 mod->sml_nvalues = NULL;
1043 modtail = &mod->sml_next;
1046 if ( *modlist == NULL ) {
1047 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n",
1053 rc = slap_mods_check( *modlist, &text, txtbuf, textlen, NULL );
1055 if ( rc != LDAP_SUCCESS ) {
1056 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
1061 /* Strip out dynamically generated attrs */
1062 for ( modtail = modlist; *modtail ; ) {
1064 if ( mod->sml_desc->ad_type->sat_flags & SLAP_AT_DYNAMIC ) {
1065 *modtail = mod->sml_next;
1066 slap_mod_free( &mod->sml_mod, 0 );
1069 modtail = &mod->sml_next;
1073 /* Strip out attrs in exattrs list */
1074 for ( modtail = modlist; *modtail ; ) {
1076 if ( ldap_charray_inlist( si->si_exattrs,
1077 mod->sml_desc->ad_type->sat_cname.bv_val )) {
1078 *modtail = mod->sml_next;
1079 slap_mod_free( &mod->sml_mod, 0 );
1082 modtail = &mod->sml_next;
1086 rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
1087 if( rc != LDAP_SUCCESS ) {
1088 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods2entry (%s)\n",
1093 ber_free ( ber, 0 );
1094 if ( rc != LDAP_SUCCESS ) {
1104 static struct berval generic_filterstr = BER_BVC("(objectclass=*)");
1106 /* During a refresh, we may get an LDAP_SYNC_ADD for an already existing
1107 * entry if a previous refresh was interrupted before sending us a new
1108 * context state. We try to compare the new entry to the existing entry
1109 * and ignore the new entry if they are the same.
1111 * Also, we may get an update where the entryDN has changed, due to
1112 * a ModDn on the provider. We detect this as well, so we can issue
1113 * the corresponding operation locally.
1115 * In the case of a modify, we get a list of all the attributes
1116 * in the original entry. Rather than deleting the entry and re-adding it,
1117 * we issue a Modify request that deletes all the attributes and adds all
1118 * the new ones. This avoids the issue of trying to delete/add a non-leaf
1121 * We don't try to otherwise distinguish ModDN from Modify; in the case of
1122 * a ModDN we will issue both operations on the local database.
1124 typedef struct dninfo {
1128 int renamed; /* Was an existing entry renamed? */
1129 int wasChanged; /* are the attributes changed? */
1130 int attrs; /* how many attribute types are in the ads list */
1131 AttributeDescription **ads;
1139 Modifications** modlist,
1141 struct berval* syncUUID,
1142 struct sync_cookie* syncCookie_req,
1143 struct berval* syncCSN )
1145 Backend *be = op->o_bd;
1146 slap_callback cb = { NULL };
1147 struct berval *syncuuid_bv = NULL;
1148 struct berval syncUUID_strrep = BER_BVNULL;
1149 struct berval uuid_bv = BER_BVNULL;
1151 SlapReply rs_search = {REP_RESULT};
1152 SlapReply rs_delete = {REP_RESULT};
1153 SlapReply rs_add = {REP_RESULT};
1154 SlapReply rs_modify = {REP_RESULT};
1156 #ifdef LDAP_COMP_MATCH
1157 AttributeAssertion ava = { NULL, BER_BVNULL, NULL };
1159 AttributeAssertion ava = { NULL, BER_BVNULL };
1161 int rc = LDAP_SUCCESS;
1162 int ret = LDAP_SUCCESS;
1164 struct berval pdn = BER_BVNULL;
1168 switch( syncstate ) {
1169 case LDAP_SYNC_PRESENT:
1170 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1172 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_PRESENT)", 0 );
1175 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1177 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)", 0 );
1179 case LDAP_SYNC_DELETE:
1180 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1182 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_DELETE)", 0 );
1184 case LDAP_SYNC_MODIFY:
1185 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1187 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)", 0 );
1190 Debug( LDAP_DEBUG_ANY, "%s: %s\n",
1192 "LDAP_RES_SEARCH_ENTRY(UNKNOWN syncstate)", 0 );
1195 if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
1196 if ( !si->si_refreshPresent ) {
1197 syncuuid_bv = ber_dupbv( NULL, syncUUID );
1198 avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv,
1199 syncuuid_cmp, avl_dup_error );
1203 if ( syncstate == LDAP_SYNC_PRESENT ) {
1205 } else if ( syncstate != LDAP_SYNC_DELETE ) {
1206 if ( entry == NULL ) {
1211 f.f_choice = LDAP_FILTER_EQUALITY;
1213 ava.aa_desc = slap_schema.si_ad_entryUUID;
1214 (void)slap_uuidstr_from_normalized( &syncUUID_strrep, syncUUID, op->o_tmpmemctx );
1215 ava.aa_value = *syncUUID;
1216 op->ors_filter = &f;
1218 op->ors_filterstr.bv_len = STRLENOF( "(entryUUID=)" ) + syncUUID->bv_len;
1219 op->ors_filterstr.bv_val = (char *) slap_sl_malloc(
1220 op->ors_filterstr.bv_len + 1, op->o_tmpmemctx );
1221 AC_MEMCPY( op->ors_filterstr.bv_val, "(entryUUID=", STRLENOF( "(entryUUID=" ) );
1222 AC_MEMCPY( &op->ors_filterstr.bv_val[STRLENOF( "(entryUUID=" )],
1223 syncUUID->bv_val, syncUUID->bv_len );
1224 op->ors_filterstr.bv_val[op->ors_filterstr.bv_len - 1] = ')';
1225 op->ors_filterstr.bv_val[op->ors_filterstr.bv_len] = '\0';
1227 op->o_tag = LDAP_REQ_SEARCH;
1228 op->ors_scope = LDAP_SCOPE_SUBTREE;
1230 /* get the entry for this UUID */
1231 op->o_req_dn = si->si_base;
1232 op->o_req_ndn = si->si_base;
1234 op->o_time = slap_get_time();
1235 op->ors_tlimit = SLAP_NO_LIMIT;
1238 op->ors_attrs = slap_anlist_all_attributes;
1239 op->ors_attrsonly = 0;
1241 /* set callback function */
1242 op->o_callback = &cb;
1243 cb.sc_response = dn_callback;
1244 cb.sc_private = &dni;
1245 dni.new_entry = entry;
1247 if ( limits_check( op, &rs_search ) == 0 ) {
1248 rc = be->be_search( op, &rs_search );
1249 Debug( LDAP_DEBUG_SYNC,
1250 "syncrepl_entry: %s (%d)\n",
1251 "be_search", rc, 0 );
1254 if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
1255 slap_sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx );
1258 cb.sc_response = null_callback;
1261 if ( entry && !BER_BVISNULL( &entry->e_name ) ) {
1262 Debug( LDAP_DEBUG_SYNC,
1263 "syncrepl_entry: %s\n",
1264 entry->e_name.bv_val, 0, 0 );
1266 Debug( LDAP_DEBUG_SYNC,
1267 "syncrepl_entry: %s\n",
1268 dni.dn.bv_val ? dni.dn.bv_val : "(null)", 0, 0 );
1271 if ( syncstate != LDAP_SYNC_DELETE ) {
1272 Attribute *a = attr_find( entry->e_attrs, slap_schema.si_ad_entryUUID );
1275 /* add if missing */
1276 attr_merge_one( entry, slap_schema.si_ad_entryUUID,
1277 &syncUUID_strrep, syncUUID );
1279 } else if ( !bvmatch( &a->a_nvals[0], syncUUID ) ) {
1280 /* replace only if necessary */
1281 if ( a->a_nvals != a->a_vals ) {
1282 ber_memfree( a->a_nvals[0].bv_val );
1283 ber_dupbv( &a->a_nvals[0], syncUUID );
1285 ber_memfree( a->a_vals[0].bv_val );
1286 ber_dupbv( &a->a_vals[0], &syncUUID_strrep );
1290 switch ( syncstate ) {
1292 case LDAP_SYNC_MODIFY:
1294 if ( BER_BVISNULL( &dni.dn )) {
1296 op->o_req_dn = entry->e_name;
1297 op->o_req_ndn = entry->e_nname;
1298 op->o_tag = LDAP_REQ_ADD;
1301 rc = be->be_add( op, &rs_add );
1302 Debug( LDAP_DEBUG_SYNC,
1303 "syncrepl_entry: %s (%d)\n",
1305 switch ( rs_add.sr_err ) {
1307 be_entry_release_w( op, entry );
1312 /* we assume that LDAP_NO_SUCH_OBJECT is returned
1313 * only if the suffix entry is not present */
1314 case LDAP_NO_SUCH_OBJECT:
1315 syncrepl_add_glue( op, entry );
1319 /* if an entry was added via syncrepl_add_glue(),
1320 * it likely has no entryUUID, so the previous
1321 * be_search() doesn't find it. In this case,
1322 * give syncrepl a chance to modify it. Also
1323 * allow for entries that were recreated with the
1324 * same DN but a different entryUUID.
1326 case LDAP_ALREADY_EXISTS:
1328 Operation op2 = *op;
1329 SlapReply rs2 = { 0 };
1330 slap_callback cb2 = { 0 };
1332 op2.o_tag = LDAP_REQ_SEARCH;
1333 op2.o_req_dn = entry->e_name;
1334 op2.o_req_ndn = entry->e_nname;
1335 op2.ors_scope = LDAP_SCOPE_BASE;
1336 op2.ors_attrs = slap_anlist_all_attributes;
1337 op2.ors_attrsonly = 0;
1338 op2.ors_limit = NULL;
1340 op2.ors_tlimit = SLAP_NO_LIMIT;
1342 f.f_choice = LDAP_FILTER_PRESENT;
1343 f.f_desc = slap_schema.si_ad_objectClass;
1344 op2.ors_filter = &f;
1345 op2.ors_filterstr = generic_filterstr;
1347 op2.o_callback = &cb2;
1348 cb2.sc_response = dn_callback;
1349 cb2.sc_private = &dni;
1351 be->be_search( &op2, &rs2 );
1359 Debug( LDAP_DEBUG_ANY,
1360 "syncrepl_entry : be_add failed (%d)\n",
1361 rs_add.sr_err, 0, 0 );
1368 op->o_req_dn = dni.dn;
1369 op->o_req_ndn = dni.ndn;
1370 if ( dni.renamed ) {
1371 struct berval noldp, newp, nnewp;
1373 op->o_tag = LDAP_REQ_MODRDN;
1374 dnRdn( &entry->e_name, &op->orr_newrdn );
1375 dnRdn( &entry->e_nname, &op->orr_nnewrdn );
1377 dnParent( &dni.ndn, &noldp );
1378 dnParent( &entry->e_nname, &nnewp );
1379 if ( !dn_match( &noldp, &newp )) {
1380 dnParent( &entry->e_name, &newp );
1381 op->orr_newSup = &newp;
1382 op->orr_nnewSup = &nnewp;
1384 op->orr_deleteoldrdn = 0;
1385 rc = be->be_modrdn( op, &rs_modify );
1386 Debug( LDAP_DEBUG_SYNC,
1387 "syncrepl_entry: %s (%d)\n",
1388 "be_modrdn", rc, 0 );
1389 if ( rs_modify.sr_err == LDAP_SUCCESS ) {
1390 op->o_req_dn = entry->e_name;
1391 op->o_req_ndn = entry->e_nname;
1397 if ( dni.wasChanged ) {
1398 Modifications *mod, *modhead = NULL;
1399 Modifications *modtail = NULL;
1402 op->o_tag = LDAP_REQ_MODIFY;
1406 /* Delete all the old attrs */
1407 for ( i = 0; i < dni.attrs; i++ ) {
1408 mod = ch_malloc( sizeof( Modifications ) );
1409 mod->sml_op = LDAP_MOD_DELETE;
1410 mod->sml_desc = dni.ads[i];
1411 mod->sml_type = mod->sml_desc->ad_cname;
1412 mod->sml_values = NULL;
1413 mod->sml_nvalues = NULL;
1414 if ( !modhead ) modhead = mod;
1416 modtail->sml_next = mod;
1421 /* Append passed in list to ours */
1423 modtail->sml_next = *modlist;
1429 /* Find end of this list */
1430 for ( ; mod != NULL; mod = mod->sml_next ) {
1434 mod = (Modifications *)ch_calloc(1, sizeof(Modifications));
1435 mod->sml_op = LDAP_MOD_REPLACE;
1436 mod->sml_desc = slap_schema.si_ad_entryUUID;
1437 mod->sml_type = mod->sml_desc->ad_cname;
1438 ber_dupbv( &uuid_bv, &syncUUID_strrep );
1439 ber_bvarray_add( &mod->sml_values, &uuid_bv );
1440 ber_dupbv( &uuid_bv, syncUUID );
1441 ber_bvarray_add( &mod->sml_nvalues, &uuid_bv );
1442 modtail->sml_next = mod;
1444 op->o_tag = LDAP_REQ_MODIFY;
1445 op->orm_modlist = *modlist;
1447 rc = be->be_modify( op, &rs_modify );
1448 Debug( LDAP_DEBUG_SYNC,
1449 "syncrepl_entry: %s (%d)\n",
1450 "be_modify", rc, 0 );
1451 if ( rs_modify.sr_err != LDAP_SUCCESS ) {
1452 Debug( LDAP_DEBUG_ANY,
1453 "syncrepl_entry : be_modify failed (%d)\n",
1454 rs_modify.sr_err, 0, 0 );
1459 case LDAP_SYNC_DELETE :
1460 if ( !BER_BVISNULL( &dni.dn )) {
1461 op->o_req_dn = dni.dn;
1462 op->o_req_ndn = dni.ndn;
1463 op->o_tag = LDAP_REQ_DELETE;
1464 rc = be->be_delete( op, &rs_delete );
1465 Debug( LDAP_DEBUG_SYNC,
1466 "syncrepl_entry: %s (%d)\n",
1467 "be_delete", rc, 0 );
1469 while ( rs_delete.sr_err == LDAP_SUCCESS
1470 && op->o_delete_glue_parent ) {
1471 op->o_delete_glue_parent = 0;
1472 if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
1473 slap_callback cb = { NULL };
1474 cb.sc_response = slap_null_cb;
1475 dnParent( &op->o_req_ndn, &pdn );
1477 op->o_req_ndn = pdn;
1478 op->o_callback = &cb;
1479 op->o_bd->be_delete( op, &rs_delete );
1489 Debug( LDAP_DEBUG_ANY,
1490 "syncrepl_entry : unknown syncstate\n", 0, 0, 0 );
1496 if ( !BER_BVISNULL( &syncUUID_strrep ) ) {
1497 slap_sl_free( syncUUID_strrep.bv_val, op->o_tmpmemctx );
1498 BER_BVZERO( &syncUUID_strrep );
1501 op->o_tmpfree( dni.ads, op->o_tmpmemctx );
1503 if ( !BER_BVISNULL( &dni.ndn ) ) {
1504 op->o_tmpfree( dni.ndn.bv_val, op->o_tmpmemctx );
1506 if ( !BER_BVISNULL( &dni.dn ) ) {
1507 op->o_tmpfree( dni.dn.bv_val, op->o_tmpmemctx );
1512 static struct berval gcbva[] = {
1518 #define NP_DELETE_ONE 2
1521 syncrepl_del_nonpresent(
1526 Backend* be = op->o_bd;
1527 slap_callback cb = { NULL };
1528 SlapReply rs_search = {REP_RESULT};
1529 SlapReply rs_delete = {REP_RESULT};
1530 SlapReply rs_modify = {REP_RESULT};
1531 struct nonpresent_entry *np_list, *np_prev;
1533 AttributeName an[2];
1535 struct berval pdn = BER_BVNULL;
1537 op->o_req_dn = si->si_base;
1538 op->o_req_ndn = si->si_base;
1540 cb.sc_response = nonpresent_callback;
1543 op->o_callback = &cb;
1544 op->o_tag = LDAP_REQ_SEARCH;
1545 op->ors_scope = si->si_scope;
1546 op->ors_deref = LDAP_DEREF_NEVER;
1547 op->o_time = slap_get_time();
1548 op->ors_tlimit = SLAP_NO_LIMIT;
1553 #ifdef LDAP_COMP_MATCH
1554 AttributeAssertion eq = { NULL, BER_BVNULL, NULL };
1556 AttributeAssertion eq = { NULL, BER_BVNULL };
1560 op->ors_attrsonly = 1;
1561 op->ors_attrs = slap_anlist_no_attrs;
1562 op->ors_limit = NULL;
1563 op->ors_filter = &uf;
1566 uf.f_av_desc = slap_schema.si_ad_entryUUID;
1568 uf.f_choice = LDAP_FILTER_EQUALITY;
1569 si->si_refreshDelete |= NP_DELETE_ONE;
1571 for (i=0; uuids[i].bv_val; i++) {
1573 uf.f_av_value = uuids[i];
1574 rc = be->be_search( op, &rs_search );
1576 si->si_refreshDelete ^= NP_DELETE_ONE;
1578 memset( &an[0], 0, 2 * sizeof( AttributeName ) );
1579 an[0].an_name = slap_schema.si_ad_entryUUID->ad_cname;
1580 an[0].an_desc = slap_schema.si_ad_entryUUID;
1582 op->ors_slimit = SLAP_NO_LIMIT;
1583 op->ors_attrsonly = 0;
1584 op->ors_filter = str2filter_x( op, si->si_filterstr.bv_val );
1585 op->ors_filterstr = si->si_filterstr;
1586 op->o_nocaching = 1;
1588 if ( limits_check( op, &rs_search ) == 0 ) {
1589 rc = be->be_search( op, &rs_search );
1591 if ( op->ors_filter ) filter_free_x( op, op->ors_filter );
1594 op->o_nocaching = 0;
1596 if ( !LDAP_LIST_EMPTY( &si->si_nonpresentlist ) ) {
1598 slap_queue_csn( op, &si->si_syncCookie.ctxcsn );
1600 np_list = LDAP_LIST_FIRST( &si->si_nonpresentlist );
1601 while ( np_list != NULL ) {
1602 LDAP_LIST_REMOVE( np_list, npe_link );
1604 np_list = LDAP_LIST_NEXT( np_list, npe_link );
1605 op->o_tag = LDAP_REQ_DELETE;
1606 op->o_callback = &cb;
1607 cb.sc_response = null_callback;
1609 op->o_req_dn = *np_prev->npe_name;
1610 op->o_req_ndn = *np_prev->npe_nname;
1611 rc = op->o_bd->be_delete( op, &rs_delete );
1613 if ( rs_delete.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) {
1614 Modifications mod1, mod2;
1615 mod1.sml_op = LDAP_MOD_REPLACE;
1616 mod1.sml_desc = slap_schema.si_ad_objectClass;
1617 mod1.sml_type = mod1.sml_desc->ad_cname;
1618 mod1.sml_values = &gcbva[0];
1619 mod1.sml_nvalues = NULL;
1620 mod1.sml_next = &mod2;
1622 mod2.sml_op = LDAP_MOD_REPLACE;
1623 mod2.sml_desc = slap_schema.si_ad_structuralObjectClass;
1624 mod2.sml_type = mod2.sml_desc->ad_cname;
1625 mod2.sml_values = &gcbva[1];
1626 mod2.sml_nvalues = NULL;
1627 mod2.sml_next = NULL;
1629 op->o_tag = LDAP_REQ_MODIFY;
1630 op->orm_modlist = &mod1;
1632 rc = be->be_modify( op, &rs_modify );
1635 while ( rs_delete.sr_err == LDAP_SUCCESS &&
1636 op->o_delete_glue_parent ) {
1637 op->o_delete_glue_parent = 0;
1638 if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
1639 slap_callback cb = { NULL };
1640 cb.sc_response = slap_null_cb;
1641 dnParent( &op->o_req_ndn, &pdn );
1643 op->o_req_ndn = pdn;
1644 op->o_callback = &cb;
1645 /* give it a root privil ? */
1646 op->o_bd->be_delete( op, &rs_delete );
1652 op->o_delete_glue_parent = 0;
1654 ber_bvfree( np_prev->npe_name );
1655 ber_bvfree( np_prev->npe_nname );
1659 slap_graduate_commit_csn( op );
1670 Backend *be = op->o_bd;
1671 slap_callback cb = { NULL };
1676 struct berval dn = {0, NULL};
1677 struct berval ndn = {0, NULL};
1679 SlapReply rs_add = {REP_RESULT};
1682 op->o_tag = LDAP_REQ_ADD;
1683 op->o_callback = &cb;
1684 cb.sc_response = null_callback;
1685 cb.sc_private = NULL;
1690 /* count RDNs in suffix */
1691 if ( !BER_BVISEMPTY( &be->be_nsuffix[0] ) ) {
1692 for ( i = 0, ptr = be->be_nsuffix[0].bv_val; ptr; ptr = strchr( ptr, ',' ) ) {
1702 /* Start with BE suffix */
1703 for ( i = 0, ptr = NULL; i < suffrdns; i++ ) {
1704 comma = strrchr( dn.bv_val, ',' );
1705 if ( ptr ) *ptr = ',';
1706 if ( comma ) *comma = '\0';
1711 dn.bv_len -= ptr - dn.bv_val;
1714 /* the normalizedDNs are always the same length, no counting
1717 if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) {
1718 ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len;
1719 ndn.bv_len = be->be_nsuffix[0].bv_len;
1722 while ( ndn.bv_val > e->e_nname.bv_val ) {
1723 glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
1724 ber_dupbv( &glue->e_name, &dn );
1725 ber_dupbv( &glue->e_nname, &ndn );
1727 a = ch_calloc( 1, sizeof( Attribute ));
1728 a->a_desc = slap_schema.si_ad_objectClass;
1730 a->a_vals = ch_calloc( 3, sizeof( struct berval ));
1731 ber_dupbv( &a->a_vals[0], &gcbva[0] );
1732 ber_dupbv( &a->a_vals[1], &gcbva[1] );
1733 ber_dupbv( &a->a_vals[2], &gcbva[2] );
1735 a->a_nvals = a->a_vals;
1737 a->a_next = glue->e_attrs;
1740 a = ch_calloc( 1, sizeof( Attribute ));
1741 a->a_desc = slap_schema.si_ad_structuralObjectClass;
1743 a->a_vals = ch_calloc( 2, sizeof( struct berval ));
1744 ber_dupbv( &a->a_vals[0], &gcbva[1] );
1745 ber_dupbv( &a->a_vals[1], &gcbva[2] );
1747 a->a_nvals = a->a_vals;
1749 a->a_next = glue->e_attrs;
1752 op->o_req_dn = glue->e_name;
1753 op->o_req_ndn = glue->e_nname;
1755 rc = be->be_add ( op, &rs_add );
1756 if ( rs_add.sr_err == LDAP_SUCCESS ) {
1757 be_entry_release_w( op, glue );
1759 /* incl. ALREADY EXIST */
1763 /* Move to next child */
1764 for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--) {
1767 if ( ptr == e->e_name.bv_val ) break;
1769 dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val);
1770 for( ptr = ndn.bv_val-2;
1771 ptr > e->e_nname.bv_val && *ptr != ',';
1777 ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val);
1780 op->o_req_dn = e->e_name;
1781 op->o_req_ndn = e->e_nname;
1783 rc = be->be_add ( op, &rs_add );
1784 if ( rs_add.sr_err == LDAP_SUCCESS ) {
1785 be_entry_release_w( op, e );
1794 syncrepl_updateCookie(
1798 struct sync_cookie *syncCookie )
1800 Backend *be = op->o_bd;
1801 Modifications mod = {0};
1802 struct berval vals[2];
1806 slap_callback cb = { NULL };
1807 SlapReply rs_modify = {REP_RESULT};
1809 slap_sync_cookie_free( &si->si_syncCookie, 0 );
1810 slap_dup_sync_cookie( &si->si_syncCookie, syncCookie );
1812 mod.sml_op = LDAP_MOD_REPLACE;
1813 mod.sml_desc = slap_schema.si_ad_contextCSN;
1814 mod.sml_type = mod.sml_desc->ad_cname;
1815 mod.sml_values = vals;
1816 vals[0] = si->si_syncCookie.ctxcsn;
1817 vals[1].bv_val = NULL;
1820 slap_queue_csn( op, &si->si_syncCookie.ctxcsn );
1822 op->o_tag = LDAP_REQ_MODIFY;
1824 assert( si->si_rid < 1000 );
1826 cb.sc_response = null_callback;
1829 op->o_callback = &cb;
1830 op->o_req_dn = op->o_bd->be_suffix[0];
1831 op->o_req_ndn = op->o_bd->be_nsuffix[0];
1833 /* update contextCSN */
1834 op->o_msgid = SLAP_SYNC_UPDATE_MSGID;
1835 op->orm_modlist = &mod;
1836 rc = be->be_modify( op, &rs_modify );
1839 if ( rs_modify.sr_err != LDAP_SUCCESS ) {
1840 Debug( LDAP_DEBUG_ANY,
1841 "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 );
1844 slap_graduate_commit_csn( op );
1854 dninfo *dni = op->o_callback->sc_private;
1856 if ( rs->sr_type == REP_SEARCH ) {
1857 if ( !BER_BVISNULL( &dni->dn ) ) {
1858 Debug( LDAP_DEBUG_ANY,
1859 "dn_callback : consistency error - "
1860 "entryUUID is not unique\n", 0, 0, 0 );
1862 ber_dupbv_x( &dni->dn, &rs->sr_entry->e_name, op->o_tmpmemctx );
1863 ber_dupbv_x( &dni->ndn, &rs->sr_entry->e_nname, op->o_tmpmemctx );
1864 /* If there is a new entry, see if it differs from the old.
1865 * We compare the non-normalized values so that cosmetic changes
1866 * in the provider are always propagated.
1868 if ( dni->new_entry ) {
1869 Attribute *old, *new;
1872 /* Did the DN change? Note that we don't explicitly try to
1873 * discover if the deleteOldRdn argument applies here. It
1874 * would save an unnecessary Modify if we detected it, but
1875 * that's a fair amount of trouble to compare the two attr
1878 if ( !dn_match( &rs->sr_entry->e_name,
1879 &dni->new_entry->e_name ) )
1884 for ( i = 0, old = rs->sr_entry->e_attrs;
1886 i++, old = old->a_next )
1891 /* We assume that attributes are saved in the same order
1892 * in the remote and local databases. So if we walk through
1893 * the attributeDescriptions one by one they should match in
1894 * lock step. If not, we signal a change. Otherwise we test
1897 for ( old = rs->sr_entry->e_attrs, new = dni->new_entry->e_attrs;
1899 old = old->a_next, new = new->a_next )
1901 if ( old->a_desc != new->a_desc ) {
1902 dni->wasChanged = 1;
1905 for ( i = 0; ; i++ ) {
1907 nold = BER_BVISNULL( &old->a_vals[i] );
1908 nnew = BER_BVISNULL( &new->a_vals[i] );
1909 /* If both are empty, stop looking */
1910 if ( nold && nnew ) {
1913 /* If they are different, stop looking */
1914 if ( nold != nnew ) {
1915 dni->wasChanged = 1;
1918 if ( ber_bvcmp( &old->a_vals[i], &new->a_vals[i] )) {
1919 dni->wasChanged = 1;
1923 if ( dni->wasChanged ) break;
1925 if ( dni->wasChanged ) {
1926 dni->ads = op->o_tmpalloc( dni->attrs *
1927 sizeof(AttributeDescription *), op->o_tmpmemctx );
1929 for ( old = rs->sr_entry->e_attrs; old; old = old->a_next ) {
1930 dni->ads[i] = old->a_desc;
1936 } else if ( rs->sr_type == REP_RESULT ) {
1937 if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) {
1938 Debug( LDAP_DEBUG_ANY,
1939 "dn_callback : consistency error - "
1940 "entryUUID is not unique\n", 0, 0, 0 );
1944 return LDAP_SUCCESS;
1948 nonpresent_callback(
1952 syncinfo_t *si = op->o_callback->sc_private;
1955 struct berval* present_uuid = NULL;
1956 struct nonpresent_entry *np_entry;
1958 if ( rs->sr_type == REP_RESULT ) {
1959 count = avl_free( si->si_presentlist, avl_ber_bvfree );
1960 si->si_presentlist = NULL;
1962 } else if ( rs->sr_type == REP_SEARCH ) {
1963 if ( !(si->si_refreshDelete & NP_DELETE_ONE )) {
1964 a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID );
1966 if ( a == NULL ) return 0;
1968 present_uuid = avl_find( si->si_presentlist, &a->a_nvals[0],
1972 if ( present_uuid == NULL ) {
1973 np_entry = (struct nonpresent_entry *)
1974 ch_calloc( 1, sizeof( struct nonpresent_entry ));
1975 np_entry->npe_name = ber_dupbv( NULL, &rs->sr_entry->e_name );
1976 np_entry->npe_nname = ber_dupbv( NULL, &rs->sr_entry->e_nname );
1977 LDAP_LIST_INSERT_HEAD( &si->si_nonpresentlist, np_entry, npe_link );
1980 avl_delete( &si->si_presentlist,
1981 &a->a_nvals[0], syncuuid_cmp );
1982 ch_free( present_uuid->bv_val );
1983 ch_free( present_uuid );
1986 return LDAP_SUCCESS;
1994 if ( rs->sr_err != LDAP_SUCCESS &&
1995 rs->sr_err != LDAP_REFERRAL &&
1996 rs->sr_err != LDAP_ALREADY_EXISTS &&
1997 rs->sr_err != LDAP_NO_SUCH_OBJECT &&
1998 rs->sr_err != LDAP_NOT_ALLOWED_ON_NONLEAF )
2000 Debug( LDAP_DEBUG_ANY,
2001 "null_callback : error code 0x%x\n",
2004 return LDAP_SUCCESS;
2008 slap_uuidstr_from_normalized(
2009 struct berval* uuidstr,
2010 struct berval* normalized,
2014 unsigned char nibble;
2017 if ( normalized == NULL ) return NULL;
2018 if ( normalized->bv_len != 16 ) return NULL;
2023 new = (struct berval *)slap_sl_malloc( sizeof(struct berval), ctx );
2024 if ( new == NULL ) {
2031 if ( ( new->bv_val = slap_sl_malloc( new->bv_len + 1, ctx ) ) == NULL ) {
2032 if ( new != uuidstr ) {
2033 slap_sl_free( new, ctx );
2038 for ( i = 0; i < 16; i++ ) {
2039 if ( i == 4 || i == 6 || i == 8 || i == 10 ) {
2040 new->bv_val[(i<<1)+d] = '-';
2044 nibble = (normalized->bv_val[i] >> 4) & 0xF;
2045 if ( nibble < 10 ) {
2046 new->bv_val[(i<<1)+d] = nibble + '0';
2048 new->bv_val[(i<<1)+d] = nibble - 10 + 'a';
2051 nibble = (normalized->bv_val[i]) & 0xF;
2052 if ( nibble < 10 ) {
2053 new->bv_val[(i<<1)+d+1] = nibble + '0';
2055 new->bv_val[(i<<1)+d+1] = nibble - 10 + 'a';
2059 new->bv_val[new->bv_len] = '\0';
2064 syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 )
2066 const struct berval *uuid1 = v_uuid1;
2067 const struct berval *uuid2 = v_uuid2;
2068 int rc = uuid1->bv_len - uuid2->bv_len;
2069 if ( rc ) return rc;
2070 return ( memcmp( uuid1->bv_val, uuid2->bv_val, uuid1->bv_len ) );
2074 avl_ber_bvfree( void *v_bv )
2076 struct berval *bv = (struct berval *)v_bv;
2078 if( v_bv == NULL ) return;
2079 if ( !BER_BVISNULL( bv ) ) {
2080 ch_free( bv->bv_val );
2082 ch_free( (char *) bv );
2086 syncinfo_free( syncinfo_t *sie )
2088 ldap_pvt_thread_mutex_destroy( &sie->si_mutex );
2089 if ( !BER_BVISNULL( &sie->si_provideruri ) ) {
2090 ch_free( sie->si_provideruri.bv_val );
2093 bindconf_free( &sie->si_bindconf );
2095 if ( sie->si_filterstr.bv_val ) {
2096 ch_free( sie->si_filterstr.bv_val );
2098 if ( sie->si_base.bv_val ) {
2099 ch_free( sie->si_base.bv_val );
2101 if ( sie->si_attrs ) {
2103 while ( sie->si_attrs[i] != NULL ) {
2104 ch_free( sie->si_attrs[i] );
2107 ch_free( sie->si_attrs );
2109 if ( sie->si_exattrs ) {
2111 while ( sie->si_exattrs[i] != NULL ) {
2112 ch_free( sie->si_exattrs[i] );
2115 ch_free( sie->si_exattrs );
2117 if ( sie->si_anlist ) {
2119 while ( sie->si_anlist[i].an_name.bv_val != NULL ) {
2120 ch_free( sie->si_anlist[i].an_name.bv_val );
2123 ch_free( sie->si_anlist );
2125 if ( sie->si_exanlist ) {
2127 while ( sie->si_exanlist[i].an_name.bv_val != NULL ) {
2128 ch_free( sie->si_exanlist[i].an_name.bv_val );
2131 ch_free( sie->si_exanlist );
2133 if ( sie->si_retryinterval ) {
2134 ch_free( sie->si_retryinterval );
2136 if ( sie->si_retrynum ) {
2137 ch_free( sie->si_retrynum );
2139 if ( sie->si_retrynum_init ) {
2140 ch_free( sie->si_retrynum_init );
2142 slap_sync_cookie_free( &sie->si_syncCookie, 0 );
2143 if ( sie->si_presentlist ) {
2144 avl_free( sie->si_presentlist, avl_ber_bvfree );
2147 ldap_ld_free( sie->si_ld, 1, NULL, NULL );
2149 while ( !LDAP_LIST_EMPTY( &sie->si_nonpresentlist )) {
2150 struct nonpresent_entry* npe;
2151 npe = LDAP_LIST_FIRST( &sie->si_nonpresentlist );
2152 LDAP_LIST_REMOVE( npe, npe_link );
2153 if ( npe->npe_name ) {
2154 if ( npe->npe_name->bv_val ) {
2155 ch_free( npe->npe_name->bv_val );
2157 ch_free( npe->npe_name );
2159 if ( npe->npe_nname ) {
2160 if ( npe->npe_nname->bv_val ) {
2161 ch_free( npe->npe_nname->bv_val );
2163 ch_free( npe->npe_nname );
projects / openldap / blob