3 * Replication Engine which uses the LDAP Sync protocol
5 /* Copyright (c) 2003 by International Business Machines, Inc.
7 * International Business Machines, Inc. (hereinafter called IBM) grants
8 * permission under its copyrights to use, copy, modify, and distribute this
9 * Software with or without fee, provided that the above copyright notice and
10 * all paragraphs of this notice appear in all copies, and that the name of IBM
11 * not be used in connection with the marketing of any product incorporating
12 * the Software or modifications thereof, without specific, written prior
15 * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
16 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
17 * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
18 * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
19 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
20 * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
27 #include <ac/string.h>
28 #include <ac/socket.h>
34 #include "lutil_ldap.h"
39 syncrepl_del_nonpresent( LDAP *, Operation * );
41 /* callback functions */
42 static int cookie_callback( struct slap_op *, struct slap_rep * );
43 static int dn_callback( struct slap_op *, struct slap_rep * );
44 static int nonpresent_callback( struct slap_op *, struct slap_rep * );
45 static int null_callback( struct slap_op *, struct slap_rep * );
46 static int contextcsn_callback( Operation*, SlapReply* );
48 static AttributeDescription **sync_descs;
50 struct runqueue_s syncrepl_rq;
55 sync_descs = ch_malloc( 4 * sizeof( AttributeDescription * ));
56 sync_descs[0] = slap_schema.si_ad_objectClass;
57 sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
58 sync_descs[2] = slap_schema.si_ad_entryCSN;
75 BerElement *sync_ber = NULL;
76 struct berval *sync_bvalp = NULL;
80 struct timeval timeout;
82 /* setup LDAP SYNC control */
83 sync_ber = ber_alloc_t( LBER_USE_DER );
84 ber_set_option( sync_ber, LBER_OPT_BER_MEMCTX, NULL );
86 if ( si->syncCookie ) {
87 ber_printf( sync_ber, "{eO}", abs(si->type), si->syncCookie );
89 ber_printf( sync_ber, "{e}", abs(si->type) );
92 if ( ber_flatten( sync_ber, &sync_bvalp ) == LBER_ERROR ) {
93 ber_free( sync_ber, 1 );
96 ber_free( sync_ber, 1 );
98 ctrls = (LDAPControl**) sl_calloc( 3, sizeof(LDAPControl*), NULL );
100 c[0].ldctl_oid = LDAP_CONTROL_SYNC;
101 c[0].ldctl_value = (*sync_bvalp);
102 c[0].ldctl_iscritical = si->type < 0;
106 c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
107 c[1].ldctl_value.bv_val = si->authzId;
108 c[1].ldctl_value.bv_len = strlen( si->authzId );
109 c[1].ldctl_iscritical = 1;
117 err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls );
119 ber_bvfree( sync_bvalp );
122 if ( err != LDAP_OPT_SUCCESS )
123 fprintf( stderr, "Could not set controls : %d\n", err );
125 timeout.tv_sec = si->tlimit > 0 ? si->tlimit : 1;
127 rc = ldap_search_ext( ld, si->base, si->scope, si->filterstr,
128 si->attrs, si->attrsonly, sctrls, cctrls,
129 si->tlimit < 0 ? NULL : &timeout,
130 si->slimit, msgidp );
140 struct re_s* rtask = arg;
141 syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
142 Backend *be = si->be;
144 SlapReply rs = {REP_RESULT};
147 LDAPControl **sctrls = NULL;
148 LDAPControl **rctrls = NULL;
149 LDAPControl *rctrlp = NULL;
150 BerElement *sync_ber = NULL;
151 struct berval *sync_bvalp = NULL;
153 BerElement *ctrl_ber = NULL;
154 BerElement *res_ber = NULL;
157 LDAPMessage *res = NULL;
158 LDAPMessage *msg = NULL;
162 int nresponses, nreferences, nextended, npartial;
163 int nresponses_psearch;
165 int cancel_msgid = -1;
167 struct berval *retdata = NULL;
169 int sync_info_arrived = 0;
173 struct berval syncUUID = { 0, NULL };
174 struct berval syncCookie = { 0, NULL };
175 struct berval syncCookie_req = { 0, NULL };
180 int syncinfo_arrived = 0;
181 int cancel_response = 0;
184 AttributeDescription** descs = NULL;
196 struct berval base_bv = { 0, NULL };
197 struct berval pbase = { 0, NULL };
198 struct berval nbase = { 0, NULL };
199 struct berval sub_bv = { 0, NULL };
200 struct berval psubrdn = { 0, NULL };
201 struct berval nsubrdn = { 0, NULL };
202 struct berval psub = { 0, NULL };
203 struct berval nsub = { 0, NULL };
205 Modifications *modlist = NULL;
206 Modifications *ml, *mlnext;
207 char *def_filter_str = NULL;
213 LDAP_LOG ( OPERATION, DETAIL1, "do_syncrepl\n", 0, 0, 0 );
215 Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 );
221 if ( abs(si->type) != LDAP_SYNC_REFRESH_ONLY &&
222 abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) {
226 si->sync_mode = LDAP_SYNC_STATE_MODE;
228 /* Init connection to master */
230 rc = ldap_initialize( &ld, si->provideruri );
231 if ( rc != LDAP_SUCCESS ) {
233 LDAP_LOG( OPERATION, ERR, "do_syncrepl: "
234 "ldap_initialize failed (%s)\n",
235 si->provideruri, 0, 0 );
237 Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
238 "ldap_initialize failed (%s)\n",
239 si->provideruri, 0, 0 );
243 op.o_protocol = LDAP_VERSION3;
244 ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &op.o_protocol );
249 rc = ldap_start_tls_s( ld, NULL, NULL );
250 if( rc != LDAP_SUCCESS ) {
252 LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
253 "%s: ldap_start_tls failed (%d)\n",
254 si->tls == TLS_CRITICAL ? "Error" : "Warning",
257 Debug( LDAP_DEBUG_ANY,
258 "%s: ldap_start_tls failed (%d)\n",
259 si->tls == TLS_CRITICAL ? "Error" : "Warning",
262 if( si->tls == TLS_CRITICAL )
267 if ( si->bindmethod == LDAP_AUTH_SASL ) {
268 #ifdef HAVE_CYRUS_SASL
271 if ( si->secprops != NULL ) {
272 int err = ldap_set_option( ld,
273 LDAP_OPT_X_SASL_SECPROPS, si->secprops);
275 if( err != LDAP_OPT_SUCCESS ) {
277 LDAP_LOG ( OPERATION, ERR, "do_bind: Error: "
278 "ldap_set_option(%s,SECPROPS,\"%s\") failed!\n",
279 si->provideruri, si->secprops, 0 );
281 Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option "
282 "(%s,SECPROPS,\"%s\") failed!\n",
283 si->provideruri, si->secprops, NULL );
289 defaults = lutil_sasl_defaults( ld,
296 rc = ldap_sasl_interactive_bind_s( ld,
304 if ( rc != LDAP_SUCCESS ) {
306 LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
307 "ldap_sasl_interactive_bind_s failed (%d)\n",
310 Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
311 "ldap_sasl_interactive_bind_s failed (%d)\n",
316 #else /* HAVE_CYRUS_SASL */
317 fprintf( stderr, "not compiled with SASL support\n" );
321 rc = ldap_bind_s( ld, si->binddn, si->passwd, si->bindmethod );
322 if ( rc != LDAP_SUCCESS ) {
324 LDAP_LOG ( OPERATION, ERR, "do_syncrepl: "
325 "ldap_bind_s failed (%d)\n", rc, 0, 0 );
327 Debug( LDAP_DEBUG_ANY, "do_syncrepl: "
328 "ldap_bind_s failed (%d)\n", rc, 0, 0 );
334 /* set thread context in syncinfo */
337 /* set memory context */
338 #define SLAB_SIZE 1048576
340 memctx = sl_mem_create( memsiz, ctx );
341 op.o_tmpmemctx = memctx;
342 op.o_tmpmfuncs = &sl_mfuncs;
345 op.o_tag = LDAP_REQ_SEARCH;
346 op.o_dn = si->updatedn;
347 op.o_ndn = si->updatedn;
349 op.o_time = slap_get_time();
350 op.o_managedsait = 1;
351 op.o_threadctx = si->ctx;
354 op.o_connid = op.o_conn->c_connid;
355 op.ors_scope = LDAP_SCOPE_BASE;
356 op.ors_deref = LDAP_DEREF_NEVER;
359 op.ors_attrsonly = 0;
361 op.ors_filter = str2filter( def_filter_str = "(objectClass=*)" );
362 ber_str2bv( def_filter_str, strlen( def_filter_str ), 1,
366 conn.c_send_ldap_result = slap_send_ldap_result;
367 conn.c_send_search_entry = slap_send_search_entry;
368 conn.c_send_search_reference = slap_send_search_reference;
370 /* get syncrepl cookie of shadow replica from subentry */
371 ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
372 dnPrettyNormal( 0, &base_bv, &pbase, &nbase, op.o_tmpmemctx );
374 sprintf( substr, "cn=syncrepl%d", si->id );
375 ber_str2bv( substr, strlen(substr), 1, &sub_bv );
376 dnPrettyNormal( 0, &sub_bv, &psubrdn, &nsubrdn, op.o_tmpmemctx );
378 build_new_dn( &op.o_req_dn, &pbase, &psubrdn );
379 build_new_dn( &op.o_req_ndn, &nbase, &nsubrdn );
381 ch_free( base_bv.bv_val );
382 ch_free( pbase.bv_val );
383 ch_free( nbase.bv_val );
384 ch_free( sub_bv.bv_val );
385 ch_free( psubrdn.bv_val );
386 ch_free( nsubrdn.bv_val );
388 /* set callback function */
389 cb.sc_response = cookie_callback;
392 /* search subentry to retrieve cookie */
393 si->syncCookie = NULL;
394 be->be_search( &op, &rs );
396 ber_dupbv( &syncCookie_req, si->syncCookie );
398 ch_free( op.o_req_dn.bv_val );
399 ch_free( op.o_req_ndn.bv_val );
400 filter_free( op.ors_filter );
401 ch_free( op.ors_filterstr.bv_val );
403 psub = be->be_nsuffix[0];
405 /* Delete Attributes */
408 for ( i = 0; descs[i] != NULL; i++ ) {
409 for ( j = 0; si->attrs[j] != NULL; j++ ) {
410 if ( !strcmp( si->attrs[j], descs[i]->ad_cname.bv_val )) {
411 ch_free( si->attrs[j] );
412 for ( k = j; si->attrs[k] != NULL; k++ ) {
413 si->attrs[k] = si->attrs[k+1];
421 for ( n = 0; si->attrs[ n ] != NULL; n++ ) ;
425 for ( i = 0; descs[i] != NULL; i++ ) {
426 tmp = ( char ** ) ch_realloc( si->attrs,
427 ( n + 3 ) * sizeof( char * ));
430 LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 );
432 Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
436 si->attrs[ n++ ] = ch_strdup ( descs[i]->ad_cname.bv_val );
437 si->attrs[ n ] = NULL;
440 rc = ldap_sync_search( si, ld, NULL, NULL, &msgid );
441 if( rc != LDAP_SUCCESS ) {
442 fprintf( stderr, "syncrepl: ldap_search_ext: %s (%d)\n",
443 ldap_err2string( rc ), rc );
447 while (( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res )) > 0 ) {
449 for ( msg = ldap_first_message( ld, res );
451 msg = ldap_next_message( ld, msg ) )
453 syncCookie.bv_len = 0; syncCookie.bv_val = NULL;
454 switch( ldap_msgtype( msg ) ) {
455 case LDAP_RES_SEARCH_ENTRY:
456 entry = syncrepl_message_to_entry( si, ld, &op, msg,
457 &modlist, &syncstate, &syncUUID, &syncCookie );
458 rc_efree = syncrepl_entry( si, ld, &op, entry, modlist,
459 syncstate, &syncUUID, &syncCookie, !syncinfo_arrived );
460 if ( syncCookie.bv_len ) {
461 syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie );
465 for ( ml = modlist; ml != NULL; ml = mlnext ) {
466 mlnext = ml->sml_next;
471 case LDAP_RES_SEARCH_REFERENCE:
473 LDAP_LOG( OPERATION, ERR,
474 "do_syncrepl : reference received\n", 0, 0, 0 );
476 Debug( LDAP_DEBUG_ANY,
477 "do_syncrepl : reference received\n", 0, 0, 0 );
481 case LDAP_RES_SEARCH_RESULT:
482 ldap_parse_result( ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 );
485 ctrl_ber = ber_alloc_t( LBER_USE_DER );
486 ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op.o_tmpmemctx );
487 ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
488 ber_reset( ctrl_ber, 1 );
490 ber_scanf( ctrl_ber, "{" /*"}"*/);
491 if ( ber_peek_tag( ctrl_ber, &len )
492 == LDAP_SYNC_TAG_COOKIE ) {
493 ber_scanf( ctrl_ber, "o", &syncCookie );
496 value_match( &match, slap_schema.si_ad_entryCSN,
497 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
498 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
499 &syncCookie_req, &syncCookie, &text );
500 if (si->type == LDAP_SYNC_REFRESH_AND_PERSIST) {
501 if ( cancel_response ) {
502 if ( syncCookie.bv_len && match < 0) {
503 syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie );
506 ber_free( ctrl_ber, 1 );
511 ber_free( ctrl_ber, 1 );
515 if ( syncCookie.bv_len && match < 0 ) {
516 syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie);
518 if ( si->sync_mode == LDAP_SYNC_STATE_MODE && match < 0 ) {
519 syncrepl_del_nonpresent( ld, &op );
522 ber_free( ctrl_ber, 1 );
527 case LDAP_RES_INTERMEDIATE:
528 rc = ldap_parse_intermediate( ld, msg,
529 &retoid, &retdata, NULL, 0 );
530 if ( !rc && !strcmp( retoid, LDAP_SYNC_INFO ) ) {
531 sync_info_arrived = 1;
532 res_ber = ber_init( retdata );
533 ber_scanf( res_ber, "{e" /*"}"*/, &syncstate );
535 if ( ber_peek_tag( res_ber, &len )
536 == LDAP_SYNC_TAG_COOKIE ) {
537 ber_scanf( res_ber, /*"{"*/ "o}", &syncCookie );
539 if ( syncstate == LDAP_SYNC_NEW_COOKIE ) {
541 LDAP_LOG( OPERATION, ERR,
542 "do_syncrepl : cookie required\n", 0, 0, 0 );
544 Debug( LDAP_DEBUG_ANY,
545 "do_syncrepl : cookie required\n", 0, 0, 0 );
550 value_match( &match, slap_schema.si_ad_entryCSN,
551 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
552 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
553 &syncCookie_req, &syncCookie, &text );
555 if ( syncCookie.bv_len && match < 0 ) {
556 syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie);
559 if ( syncstate == LDAP_SYNC_STATE_MODE_DONE ) {
561 syncrepl_del_nonpresent( ld, &op );
563 si->sync_mode = LDAP_SYNC_LOG_MODE;
564 } else if ( syncstate == LDAP_SYNC_LOG_MODE_DONE ) {
565 si->sync_mode = LDAP_SYNC_PERSIST_MODE;
566 } else if ( syncstate == LDAP_SYNC_REFRESH_DONE ) {
567 si->sync_mode = LDAP_SYNC_PERSIST_MODE;
568 } else if ( syncstate != LDAP_SYNC_NEW_COOKIE ||
569 syncstate != LDAP_SYNC_LOG_MODE_DONE ) {
571 LDAP_LOG( OPERATION, ERR,
572 "do_syncrepl : unknown sync info\n", 0, 0, 0 );
574 Debug( LDAP_DEBUG_ANY,
575 "do_syncrepl : unknown sync info\n", 0, 0, 0 );
579 ldap_memfree( retoid );
580 ber_bvfree( retdata );
581 ber_free( res_ber, 1 );
585 LDAP_LOG( OPERATION, ERR,"do_syncrepl :"
586 " unknown intermediate "
587 "response\n", 0, 0, 0 );
589 Debug( LDAP_DEBUG_ANY, "do_syncrepl : "
590 "unknown intermediate response (%d)\n",
593 ldap_memfree( retoid );
594 ber_bvfree( retdata );
600 LDAP_LOG( OPERATION, ERR, "do_syncrepl : "
601 "unknown message\n", 0, 0, 0 );
603 Debug( LDAP_DEBUG_ANY, "do_syncrepl : "
604 "unknown message\n", 0, 0, 0 );
615 LDAP_LOG( OPERATION, ERR,
616 "do_syncrepl : unknown result\n", 0, 0, 0 );
618 Debug( LDAP_DEBUG_ANY,
619 "do_syncrepl : unknown result\n", 0, 0, 0 );
624 if ( syncCookie.bv_val )
625 ch_free( syncCookie.bv_val );
626 if ( syncCookie_req.bv_val )
627 ch_free( syncCookie_req.bv_val );
628 if ( syncUUID.bv_val )
629 ch_free( syncUUID.bv_val );
635 ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex );
636 ldap_pvt_runqueue_stoptask( &syncrepl_rq, rtask );
637 if ( si->type == LDAP_SYNC_REFRESH_ONLY ) {
638 ldap_pvt_runqueue_resched( &syncrepl_rq, rtask );
640 ldap_pvt_runqueue_remove( &syncrepl_rq, rtask );
642 ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex );
648 syncrepl_message_to_entry(
653 Modifications **modlist,
655 struct berval *syncUUID,
656 struct berval *syncCookie
660 BerElement *ber = NULL;
662 struct berval bv = {0, NULL};
665 Modifications **modtail = modlist;
666 Backend *be = op->o_bd;
669 char txtbuf[SLAP_TEXT_BUFLEN];
670 size_t textlen = sizeof txtbuf;
672 struct berval **bvals = NULL;
674 struct berval bdn = {0, NULL};
676 struct berval empty_bv = { 0, NULL };
682 LDAPControl** rctrls = NULL;
683 BerElement* ctrl_ber;
687 Modifications *ml = NULL;
688 AttributeDescription** descs;
693 if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) {
695 LDAP_LOG( OPERATION, ERR,
696 "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 );
698 Debug( LDAP_DEBUG_ANY,
699 "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 );
704 op->o_tag = LDAP_REQ_ADD;
706 rc = ldap_get_dn_ber( ld, msg, &ber, &bdn );
708 if ( rc != LDAP_SUCCESS ) {
710 LDAP_LOG( OPERATION, ERR,
711 "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
713 Debug( LDAP_DEBUG_ANY,
714 "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
719 e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
720 dnPrettyNormal( NULL, &bdn, &e->e_name, &e->e_nname, NULL );
724 while ( ber_remaining( ber ) ) {
725 tag = ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values );
727 if ( tag == LBER_ERROR ) break;
728 if ( tmp.sml_type.bv_val == NULL ) break;
730 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
732 mod->sml_op = LDAP_MOD_REPLACE;
733 mod->sml_next = NULL;
734 mod->sml_desc = NULL;
735 mod->sml_type = tmp.sml_type;
736 mod->sml_bvalues = tmp.sml_bvalues;
737 mod->sml_nvalues = NULL;
740 modtail = &mod->sml_next;
743 if ( ber_scanf( ber, "}") == LBER_ERROR ) {
745 LDAP_LOG( OPERATION, ERR,
746 "syncrepl_message_to_entry: ber_scanf failed\n", 0, 0, 0 );
748 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: ber_scanf failed\n",
755 tmpber = ldap_get_message_ber( msg );
756 ber = ber_dup( tmpber );
758 ber_scanf( ber, "{xx" );
760 rc = ldap_int_get_controls( ber, &rctrls );
762 if ( rc != LDAP_SUCCESS ) {
764 LDAP_LOG( OPERATION, ERR,
765 "syncrepl_message_to_entry : control get failed (%d)", rc, 0, 0 );
767 Debug( LDAP_DEBUG_ANY,
768 "syncrepl_message_to_entry : control get failed (%d)", rc, 0, 0 );
775 ctrl_ber = ber_alloc_t( LBER_USE_DER );
776 ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
777 ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 );
778 ber_reset( ctrl_ber, 1 );
779 ber_scanf( ctrl_ber, "{eo", syncstate, syncUUID );
780 if ( ber_peek_tag( ctrl_ber, &len ) == LDAP_SYNC_TAG_COOKIE ) {
781 ber_scanf( ctrl_ber, "o}", syncCookie );
783 ber_free( ctrl_ber, 1 );
786 LDAP_LOG( OPERATION, ERR,"syncrepl_message_to_entry : "
787 " rctrls absent\n", 0, 0, 0 );
789 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry :"
790 " rctrls absent\n", 0, 0, 0 );
794 if ( *syncstate == LDAP_SYNC_PRESENT ) {
797 } else if ( *syncstate == LDAP_SYNC_DELETE ) {
801 if ( *modlist == NULL ) {
803 LDAP_LOG( OPERATION, ERR,
804 "syncrepl_message_to_entry: no attributes\n", 0, 0, 0 );
806 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n",
812 while ( ml != NULL ) {
813 AttributeDescription *ad = NULL;
814 rc = slap_bv2ad( &ml->sml_type, &ml->sml_desc, &text );
816 if( rc != LDAP_SUCCESS ) {
826 rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL );
828 if ( rc != LDAP_SUCCESS ) {
830 LDAP_LOG( OPERATION, ERR,
831 "syncrepl_message_to_entry: mods check (%s)\n", text, 0, 0 );
833 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
839 rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
840 if( rc != LDAP_SUCCESS ) {
842 LDAP_LOG( OPERATION, ERR,
843 "syncrepl_message_to_entry: mods2entry (%s)\n", text, 0, 0 );
845 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods2entry (%s)\n",
858 syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 )
860 const struct berval *uuid1 = v_uuid1;
861 const struct berval *uuid2 = v_uuid2;
862 int rc = uuid1->bv_len - uuid2->bv_len;
864 return ( strcmp( uuid1->bv_val, uuid2->bv_val ) );
873 Modifications* modlist,
875 struct berval* syncUUID,
876 struct berval* syncCookie,
880 Backend *be = op->o_bd;
882 struct berval csn_bv = {0, NULL};
883 struct berval *syncuuid_bv = NULL;
884 char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ];
886 SlapReply rs = {REP_RESULT};
887 int rc = LDAP_SUCCESS;
889 struct berval base_bv = {0, NULL};
897 ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
898 syncuuid_bv = ber_dupbv( NULL, syncUUID );
899 avl_insert( &si->presentlist, (caddr_t) syncuuid_bv,
900 syncuuid_cmp, avl_dup_error );
903 if ( syncstate == LDAP_SYNC_PRESENT ) {
910 filterstr = (char *) sl_malloc( strlen("entryUUID=") + syncUUID->bv_len + 1,
912 strcpy( filterstr, "entryUUID=" );
913 strcat( filterstr, syncUUID->bv_val );
916 si->syncUUID = syncUUID;
917 si->syncUUID_ndn = NULL;
919 filter = str2filter( filterstr );
920 ber_str2bv( filterstr, strlen(filterstr), 1, &op->ors_filterstr );
921 ch_free( filterstr );
922 op->ors_filter = filter;
923 op->ors_scope = LDAP_SCOPE_SUBTREE;
925 /* get syncrepl cookie of shadow replica from subentry */
926 ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
927 dnPrettyNormal( 0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
928 ch_free( base_bv.bv_val );
930 /* set callback function */
931 op->o_callback = &cb;
932 cb.sc_response = dn_callback;
935 si->syncUUID_ndn = NULL;
937 rc = be->be_search( op, &rs );
939 ch_free( op->o_req_dn.bv_val );
940 ch_free( op->o_req_ndn.bv_val );
941 filter_free( op->ors_filter );
942 ch_free( op->ors_filterstr.bv_val );
944 cb.sc_response = null_callback;
947 if ( rc == LDAP_SUCCESS && si->syncUUID_ndn && si->sync_mode != LDAP_SYNC_LOG_MODE ) {
948 op->o_req_dn = *si->syncUUID_ndn;
949 op->o_req_ndn = *si->syncUUID_ndn;
950 op->o_tag = LDAP_REQ_DELETE;
951 rc = be->be_delete( op, &rs );
954 if ( si->syncUUID_ndn ) {
955 ber_bvfree( si->syncUUID_ndn );
958 switch ( syncstate ) {
960 case LDAP_SYNC_MODIFY :
962 if ( rc == LDAP_SUCCESS ||
963 rc == LDAP_REFERRAL ||
964 rc == LDAP_NO_SUCH_OBJECT ) {
966 attr_delete( &e->e_attrs, slap_schema.si_ad_entryUUID );
967 attr_merge_normalize_one( e, slap_schema.si_ad_entryUUID, syncUUID, op->o_tmpmemctx );
969 op->o_tag = LDAP_REQ_ADD;
971 op->o_req_dn = e->e_name;
972 op->o_req_ndn = e->e_nname;
973 rc = be->be_add( op, &rs );
975 if ( rc != LDAP_SUCCESS ) {
976 if ( rc == LDAP_ALREADY_EXISTS ) {
977 op->o_tag = LDAP_REQ_MODIFY;
978 op->orm_modlist = modlist;
979 op->o_req_dn = e->e_name;
980 op->o_req_ndn = e->e_nname;
981 rc = be->be_modify( op, &rs );
983 if ( rc != LDAP_SUCCESS ) {
985 LDAP_LOG( OPERATION, ERR,
986 "syncrepl_entry : be_modify failed (%d)\n",
989 Debug( LDAP_DEBUG_ANY,
990 "syncrepl_entry : be_modify failed (%d)\n",
996 } else if ( rc == LDAP_REFERRAL ||
997 rc == LDAP_NO_SUCH_OBJECT ) {
998 syncrepl_add_glue( si, ld, op, e,
1000 syncUUID, syncCookie);
1005 LDAP_LOG( OPERATION, ERR,
1006 "syncrepl_entry : be_add failed (%d)\n",
1009 Debug( LDAP_DEBUG_ANY,
1010 "syncrepl_entry : be_add failed (%d)\n",
1018 be_entry_release_w( op, e );
1023 LDAP_LOG( OPERATION, ERR,
1024 "syncrepl_entry : be_search failed (%d)\n", rc, 0, 0 );
1026 Debug( LDAP_DEBUG_ANY,
1027 "syncrepl_entry : be_search failed (%d)\n", rc, 0, 0 );
1033 case LDAP_SYNC_DELETE :
1034 if ( si->sync_mode == LDAP_SYNC_LOG_MODE ) {
1035 op->o_req_dn = *si->syncUUID_ndn;
1036 op->o_req_ndn = *si->syncUUID_ndn;
1037 op->o_tag = LDAP_REQ_DELETE;
1038 rc = be->be_delete( op, &rs );
1040 /* Already deleted otherwise */
1045 LDAP_LOG( OPERATION, ERR,
1046 "syncrepl_entry : unknown syncstate\n", 0, 0, 0 );
1048 Debug( LDAP_DEBUG_ANY,
1049 "syncrepl_entry : unknown syncstate\n", 0, 0, 0 );
1056 syncrepl_del_nonpresent(
1061 Backend* be = op->o_bd;
1062 syncinfo_t *si = op->o_si;
1064 struct berval base_bv = {0, NULL};
1066 SlapReply rs = {REP_RESULT};
1067 struct berval filterstr_bv = {0, NULL};
1068 struct nonpresent_entry *np_list, *np_prev;
1070 ber_str2bv( si->base, strlen(si->base), 1, &base_bv );
1071 dnPrettyNormal(0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
1072 ch_free( base_bv.bv_val );
1074 filter = str2filter( si->filterstr );
1076 cb.sc_response = nonpresent_callback;
1079 op->o_callback = &cb;
1080 op->o_tag = LDAP_REQ_SEARCH;
1081 op->ors_scope = si->scope;
1082 op->ors_deref = LDAP_DEREF_NEVER;
1085 op->ors_attrsonly = 0;
1086 op->ors_attrs = NULL;
1087 op->ors_filter = filter;
1088 ber_str2bv( si->filterstr, strlen( si->filterstr ), 1, &op->ors_filterstr );
1090 be->be_search( op, &rs );
1092 if ( !LDAP_LIST_EMPTY( &si->nonpresentlist ) ) {
1093 np_list = LDAP_LIST_FIRST( &si->nonpresentlist );
1094 while ( np_list != NULL ) {
1095 LDAP_LIST_REMOVE( np_list, np_link );
1097 np_list = LDAP_LIST_NEXT( np_list, np_link );
1098 op->o_tag = LDAP_REQ_DELETE;
1099 op->o_callback = &cb;
1100 cb.sc_response = null_callback;
1102 op->o_req_dn = *np_prev->dn;
1103 op->o_req_ndn = *np_prev->ndn;
1104 op->o_bd->be_delete( op, &rs );
1105 ber_bvfree( np_prev->dn );
1106 ber_bvfree( np_prev->ndn );
1107 op->o_req_dn.bv_val = NULL;
1108 op->o_req_ndn.bv_val = NULL;
1113 if ( op->o_req_dn.bv_val )
1114 ch_free( op->o_req_dn.bv_val );
1115 if ( op->o_req_ndn.bv_val )
1116 ch_free( op->o_req_ndn.bv_val );
1117 filter_free( op->ors_filter );
1118 ch_free( op->ors_filterstr.bv_val );
1130 Modifications* modlist,
1132 struct berval* syncUUID,
1133 struct berval* syncCookie
1136 Backend *be = op->o_bd;
1137 struct berval uuid_bv = {0, NULL};
1141 char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
1144 struct berval dn = {0, NULL};
1145 struct berval pdn = {0, NULL};
1146 struct berval ndn = {0, NULL};
1147 struct berval rdn = {0, NULL};
1149 SlapReply rs = {REP_RESULT};
1150 Connection *conn = op->o_conn;
1153 op->o_tag = LDAP_REQ_ADD;
1154 op->o_callback = &cb;
1155 cb.sc_response = null_callback;
1158 ber_dupbv( &dn, &e->e_nname );
1159 ber_dupbv( &pdn, &e->e_nname );
1162 while ( !be_issuffix ( be, &pdn )) {
1163 dnParent( &dn, &pdn );
1164 dn.bv_val = pdn.bv_val;
1165 dn.bv_len = pdn.bv_len;
1170 for ( i = 0; i <= levels; i++ ) {
1171 glue = (Entry*) ch_calloc( 1, sizeof(Entry) );
1172 ber_dupbv( &dn, &e->e_nname );
1176 for ( k = 0; k < j; k++ ) {
1177 dnParent( &dn, &pdn );
1178 dn.bv_val = pdn.bv_val;
1179 dn.bv_len = pdn.bv_len;
1182 dnPrettyNormal( 0, &dn, &pdn, &ndn, op->o_tmpmemctx );
1183 ber_dupbv( &glue->e_name, &pdn );
1184 ber_dupbv( &glue->e_nname, &ndn );
1186 ch_free( pdn.bv_val );
1187 ch_free( ndn.bv_val );
1189 a = ch_calloc( 1, sizeof( Attribute ));
1190 a->a_desc = slap_schema.si_ad_objectClass;
1192 a->a_vals = ch_calloc( 3, sizeof( struct berval ));
1193 ber_str2bv( "top", strlen("top"), 1, &a->a_vals[0] );
1194 ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[1] );
1195 a->a_vals[2].bv_len = 0;
1196 a->a_vals[2].bv_val = NULL;
1198 a->a_nvals = ch_calloc( 3, sizeof( struct berval ));
1199 ber_str2bv( "top", strlen("top"), 1, &a->a_nvals[0] );
1200 ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[1] );
1201 a->a_nvals[2].bv_len = 0;
1202 a->a_nvals[2].bv_val = NULL;
1204 a->a_next = glue->e_attrs;
1207 a = ch_calloc( 1, sizeof( Attribute ));
1208 a->a_desc = slap_schema.si_ad_structuralObjectClass;
1210 a->a_vals = ch_calloc( 2, sizeof( struct berval ));
1211 ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[0] );
1212 a->a_vals[1].bv_len = 0;
1213 a->a_vals[1].bv_val = NULL;
1215 a->a_nvals = ch_calloc( 2, sizeof( struct berval ));
1216 ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[0] );
1217 a->a_nvals[1].bv_len = 0;
1218 a->a_nvals[1].bv_val = NULL;
1220 a->a_next = glue->e_attrs;
1223 if ( !strcmp( e->e_nname.bv_val, glue->e_nname.bv_val )) {
1224 op->o_req_dn = e->e_name;
1225 op->o_req_ndn = e->e_nname;
1227 rc = be->be_add ( op, &rs );
1228 if ( rc == LDAP_SUCCESS )
1229 be_entry_release_w( op, e );
1234 op->o_req_dn = glue->e_name;
1235 op->o_req_ndn = glue->e_nname;
1237 rc = be->be_add ( op, &rs );
1238 if ( rc == LDAP_SUCCESS ) {
1239 be_entry_release_w( op, glue );
1241 /* incl. ALREADY EXIST */
1251 syncrepl_updateCookie(
1256 struct berval *syncCookie
1259 Backend *be = op->o_bd;
1261 Modifications *mlnext;
1263 Modifications *modlist;
1264 Modifications **modtail = &modlist;
1266 struct berval* ocbva = NULL;
1267 struct berval* cnbva = NULL;
1268 struct berval* ssbva = NULL;
1269 struct berval* scbva = NULL;
1274 char txtbuf[SLAP_TEXT_BUFLEN];
1275 size_t textlen = sizeof txtbuf;
1280 struct berval sub_bv = { 0, NULL };
1281 struct berval psubrdn = { 0, NULL };
1284 SlapReply rs = {REP_RESULT};
1286 ocbva = ( struct berval * ) ch_calloc( 4, sizeof( struct berval ));
1287 cnbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval ));
1288 ssbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval ));
1289 scbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval ));
1291 /* update in memory cookie */
1292 if ( si->syncCookie != NULL ) {
1293 ber_bvfree( si->syncCookie );
1295 si->syncCookie = ber_dupbv( NULL, syncCookie );
1296 ber_str2bv( "top", strlen("top"), 1, &ocbva[0] );
1297 ber_str2bv( "subentry", strlen("subentry"), 1, &ocbva[1] );
1298 ber_str2bv( "syncConsumerSubentry",
1299 strlen("syncConsumerSubentry"), 1, &ocbva[2] );
1300 ocbva[3].bv_len = 0;
1301 ocbva[3].bv_val = NULL;
1303 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1304 mod->sml_op = LDAP_MOD_REPLACE;
1305 mod->sml_next = NULL;
1306 mod->sml_desc = NULL;
1307 ber_str2bv( "objectClass", strlen("objectClass"), 1, &mod->sml_type );
1308 mod->sml_bvalues = ocbva;
1309 mod->sml_nvalues = NULL;
1311 modtail = &mod->sml_next;
1313 sprintf( substr, "syncrepl%d", si->id );
1314 sprintf( rdnstr, "cn=%s", substr );
1315 ber_str2bv( substr, strlen( substr ), 1, &cnbva[0] );
1316 ber_str2bv( rdnstr, strlen( rdnstr ), 1, &psubrdn );
1317 cnbva[1].bv_len = 0;
1318 cnbva[1].bv_val = NULL;
1319 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1320 mod->sml_op = LDAP_MOD_REPLACE;
1321 mod->sml_next = NULL;
1322 mod->sml_desc = NULL;
1323 ber_str2bv( "cn", strlen("cn"), 1, &mod->sml_type );
1324 mod->sml_bvalues = cnbva;
1325 mod->sml_nvalues = NULL;
1327 modtail = &mod->sml_next;
1329 ber_dupbv( &scbva[0], si->syncCookie );
1330 scbva[1].bv_len = 0;
1331 scbva[1].bv_val = NULL;
1332 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1333 mod->sml_op = LDAP_MOD_REPLACE;
1334 mod->sml_next = NULL;
1335 mod->sml_desc = NULL;
1336 ber_str2bv( "syncreplCookie", strlen("syncreplCookie"),
1337 1, &mod->sml_type );
1338 mod->sml_bvalues = scbva;
1339 mod->sml_nvalues = NULL;
1341 modtail = &mod->sml_next;
1343 ber_str2bv( "{}", strlen("{}"), 1, &ssbva[0] );
1344 ssbva[1].bv_len = 0;
1345 ssbva[1].bv_val = NULL;
1346 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1347 mod->sml_op = LDAP_MOD_REPLACE;
1348 mod->sml_next = NULL;
1349 mod->sml_desc = NULL;
1350 ber_str2bv( "subtreeSpecification",
1351 strlen("subtreeSpecification"), 1, &mod->sml_type );
1352 mod->sml_bvalues = ssbva;
1353 mod->sml_nvalues = NULL;
1355 modtail = &mod->sml_next;
1357 rc = slap_mods_check( modlist, 1, &text, txtbuf, textlen, NULL );
1359 if ( rc != LDAP_SUCCESS ) {
1361 LDAP_LOG( OPERATION, ERR,
1362 "syncrepl_updateCookie: mods check (%s)\n", text, 0, 0 );
1364 Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods check (%s)\n",
1369 op->o_tag = LDAP_REQ_ADD;
1370 rc = slap_mods_opattrs( op, modlist, modtail,
1371 &text,txtbuf, textlen );
1373 for ( ml = modlist; ml != NULL; ml = mlnext ) {
1374 mlnext = ml->sml_next;
1375 ml->sml_op = LDAP_MOD_REPLACE;
1378 if( rc != LDAP_SUCCESS ) {
1380 LDAP_LOG( OPERATION, ERR,
1381 "syncrepl_updateCookie: mods opattrs (%s)\n", text, 0, 0 );
1383 Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods opattrs (%s)\n",
1388 e = ( Entry * ) ch_calloc( 1, sizeof( Entry ));
1390 build_new_dn( &sub_bv, pdn, &psubrdn );
1391 dnPrettyNormal( NULL, &sub_bv, &e->e_name, &e->e_nname, NULL );
1392 ch_free( sub_bv.bv_val );
1393 ch_free( psubrdn.bv_val );
1397 rc = slap_mods2entry( modlist, &e, 1, 1, &text, txtbuf, textlen );
1399 if( rc != LDAP_SUCCESS ) {
1401 LDAP_LOG( OPERATION, ERR,
1402 "syncrepl_updateCookie: mods2entry (%s)\n", text, 0, 0 );
1404 Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods2entry (%s)\n",
1409 cb.sc_response = null_callback;
1412 op->o_callback = &cb;
1413 op->o_req_dn = e->e_name;
1414 op->o_req_ndn = e->e_nname;
1416 /* update persistent cookie */
1417 update_cookie_retry:
1418 op->o_tag = LDAP_REQ_MODIFY;
1419 op->orm_modlist = modlist;
1420 rc = be->be_modify( op, &rs );
1422 if ( rc != LDAP_SUCCESS ) {
1423 if ( rc == LDAP_REFERRAL ||
1424 rc == LDAP_NO_SUCH_OBJECT ) {
1425 op->o_tag = LDAP_REQ_ADD;
1427 rc = be->be_add( op, &rs );
1428 if ( rc != LDAP_SUCCESS ) {
1429 if ( rc == LDAP_ALREADY_EXISTS ) {
1430 goto update_cookie_retry;
1431 } else if ( rc == LDAP_REFERRAL ||
1432 rc == LDAP_NO_SUCH_OBJECT ) {
1434 LDAP_LOG( OPERATION, ERR,
1435 "cookie will be non-persistent\n",
1438 Debug( LDAP_DEBUG_ANY,
1439 "cookie will be non-persistent\n",
1444 LDAP_LOG( OPERATION, ERR,
1445 "be_add failed (%d)\n",
1448 Debug( LDAP_DEBUG_ANY,
1449 "be_add failed (%d)\n",
1454 be_entry_release_w( op, e );
1459 LDAP_LOG( OPERATION, ERR,
1460 "be_modify failed (%d)\n", rc, 0, 0 );
1462 Debug( LDAP_DEBUG_ANY,
1463 "be_modify failed (%d)\n", rc, 0, 0 );
1473 for ( ml = modlist; ml != NULL; ml = mlnext ) {
1474 mlnext = ml->sml_next;
1482 avl_ber_bvfree( void *bv )
1487 if ( ((struct berval *)bv)->bv_val != NULL ) {
1488 ber_memfree ( ((struct berval *)bv)->bv_val );
1490 ber_memfree ( (char *) bv );
1499 syncinfo_t *si = op->o_callback->sc_private;
1502 if ( rs->sr_type != REP_SEARCH ) return LDAP_SUCCESS;
1504 a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_syncreplCookie );
1507 si->syncCookie = NULL;
1509 si->syncCookie = ber_dupbv( NULL, &a->a_vals[0] );
1511 return LDAP_SUCCESS;
1520 syncinfo_t *si = op->o_callback->sc_private;
1522 if ( rs->sr_type == REP_SEARCH ) {
1523 if ( si->syncUUID_ndn != NULL ) {
1525 LDAP_LOG( OPERATION, ERR,
1526 "dn_callback : multiple entries match dn\n", 0, 0, 0 );
1528 Debug( LDAP_DEBUG_ANY,
1529 "dn_callback : multiple entries match dn\n", 0, 0, 0 );
1532 if ( rs->sr_entry == NULL ) {
1533 si->syncUUID_ndn = NULL;
1535 si->syncUUID_ndn = ber_dupbv( NULL, &rs->sr_entry->e_nname );
1540 return LDAP_SUCCESS;
1544 nonpresent_callback(
1549 syncinfo_t *si = op->o_callback->sc_private;
1552 struct berval* present_uuid = NULL;
1554 SlapReply rs_cb = {REP_RESULT};
1555 struct nonpresent_entry *np_entry;
1557 if ( rs->sr_type == REP_RESULT ) {
1558 count = avl_free( si->presentlist, avl_ber_bvfree );
1559 si->presentlist = NULL;
1560 return LDAP_SUCCESS;
1561 } else if ( rs->sr_type == REP_SEARCH ) {
1562 a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID );
1567 present_uuid = avl_find( si->presentlist, &a->a_vals[0], syncuuid_cmp );
1569 if ( present_uuid == NULL ) {
1570 np_entry = (struct nonpresent_entry *)
1571 ch_calloc( 1, sizeof( struct nonpresent_entry ));
1572 np_entry->dn = ber_dupbv( NULL, &rs->sr_entry->e_name );
1573 np_entry->ndn = ber_dupbv( NULL, &rs->sr_entry->e_nname );
1574 LDAP_LIST_INSERT_HEAD( &si->nonpresentlist, np_entry, np_link );
1576 avl_delete( &si->presentlist,
1577 &a->a_vals[0], syncuuid_cmp );
1579 return LDAP_SUCCESS;
1581 return LDAP_SUCCESS;
1592 syncinfo_t *si = op->o_callback->sc_private;
1594 if ( rs->sr_err != LDAP_SUCCESS &&
1595 rs->sr_err != LDAP_REFERRAL &&
1596 rs->sr_err != LDAP_ALREADY_EXISTS &&
1597 rs->sr_err != LDAP_NO_SUCH_OBJECT ) {
1599 LDAP_LOG( OPERATION, ERR,
1600 "null_callback : error code 0x%x\n",
1603 Debug( LDAP_DEBUG_ANY,
1604 "null_callback : error code 0x%x\n",
1608 return LDAP_SUCCESS;
1613 str2clist( char ***out, char *in, const char *brkstr )
1622 /* find last element in list */
1623 for (i = 0; *out && *out[i]; i++);
1625 /* protect the input string from strtok */
1626 str = ch_strdup( in );
1628 /* Count words in string */
1630 for ( s = str; *s; s++ ) {
1631 if ( strchr( brkstr, *s ) != NULL ) {
1636 *out = ch_realloc( *out, ( i + j + 1 ) * sizeof( char * ) );
1638 for ( s = ldap_pvt_strtok( str, brkstr, &lasts );
1640 s = ldap_pvt_strtok( NULL, brkstr, &lasts ) )
1642 *new = ch_strdup( s );