/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2003-2005 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
BackendDB *be
)
{
- return over_db_func( be, db_close );
+ slap_overinfo *oi = be->bd_info->bi_private;
+ slap_overinst *on = oi->oi_list;
+ BackendInfo *bi_orig = be->bd_info;
+ int rc = 0;
+
+ for (; on && rc == 0; on=on->on_next) {
+ be->bd_info = &on->on_bi;
+ if ( be->bd_info->bi_db_close ) {
+ rc = be->bd_info->bi_db_close( be );
+ }
+ }
+
+ if ( oi->oi_orig->bi_db_close ) {
+ be->bd_info = oi->oi_orig;
+ rc = be->bd_info->bi_db_close( be );
+ }
+
+ be->bd_info = bi_orig;
+ return rc;
}
static int
int rc = SLAP_CB_CONTINUE;
BackendDB *be = op->o_bd, db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
op->o_bd = &db;
for (; on; on=on->on_next ) {
if ( on->on_response ) {
op_extended,
op_aux_operational,
op_aux_chk_referrals,
+ op_aux_chk_controls,
op_last
};
LDAP_UNWILLING_TO_PERFORM, /* bind */
LDAP_UNWILLING_TO_PERFORM, /* unbind */
LDAP_UNWILLING_TO_PERFORM, /* search */
- LDAP_UNWILLING_TO_PERFORM, /* compare */
+ SLAP_CB_CONTINUE, /* compare; pass to frontend */
LDAP_UNWILLING_TO_PERFORM, /* modify */
LDAP_UNWILLING_TO_PERFORM, /* modrdn */
LDAP_UNWILLING_TO_PERFORM, /* add */
LDAP_UNWILLING_TO_PERFORM, /* cancel */
LDAP_UNWILLING_TO_PERFORM, /* extended */
LDAP_SUCCESS, /* aux_operational */
- LDAP_SUCCESS /* aux_chk_referrals */
+ LDAP_SUCCESS, /* aux_chk_referrals */
+ SLAP_CB_CONTINUE /* aux_chk_controls; pass to frontend */
};
+#ifdef SLAP_OVERLAY_ACCESS
+static int
+over_access_allowed(
+ Operation *op,
+ Entry *e,
+ AttributeDescription *desc,
+ struct berval *val,
+ slap_access_t access,
+ AccessControlState *state,
+ slap_mask_t *maskp )
+{
+ slap_overinfo *oi;
+ slap_overinst *on;
+ BackendInfo *bi = op->o_bd->bd_info;
+ BackendDB *be = op->o_bd, db;
+ int rc = SLAP_CB_CONTINUE;
+
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( op->o_bd != NULL );
+
+ oi = op->o_bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ for ( ; on; on = on->on_next ) {
+ if ( on->on_bi.bi_access_allowed ) {
+ /* NOTE: do not copy the structure until required */
+ if ( !SLAP_ISOVERLAY( op->o_bd ) ) {
+ db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ op->o_bd = &db;
+ }
+
+ op->o_bd->bd_info = (BackendInfo *)on;
+ rc = on->on_bi.bi_access_allowed( op, e,
+ desc, val, access, state, maskp );
+ if ( rc != SLAP_CB_CONTINUE ) break;
+ }
+ }
+
+ if ( rc == SLAP_CB_CONTINUE ) {
+ BI_access_allowed *bi_access_allowed;
+
+ /* if the database structure was changed, o_bd points to a
+ * copy of the structure; put the original bd_info in place */
+ if ( SLAP_ISOVERLAY( op->o_bd ) ) {
+ op->o_bd->bd_info = oi->oi_orig;
+ }
+
+ if ( oi->oi_orig->bi_access_allowed ) {
+ bi_access_allowed = oi->oi_orig->bi_access_allowed;
+ } else {
+ bi_access_allowed = slap_access_allowed;
+ }
+
+ rc = bi_access_allowed( op, e,
+ desc, val, access, state, maskp );
+ }
+ /* should not fall thru this far without anything happening... */
+ if ( rc == SLAP_CB_CONTINUE ) {
+ /* access not allowed */
+ rc = 0;
+ }
+
+ op->o_bd = be;
+ op->o_bd->bd_info = bi;
+
+ return rc;
+}
+#endif /* SLAP_OVERLAY_ACCESS */
+
static int
over_op_func(
Operation *op,
enum op_which which
)
{
- slap_overinfo *oi = op->o_bd->bd_info->bi_private;
- slap_overinst *on = oi->oi_list;
+ slap_overinfo *oi;
+ slap_overinst *on;
BI_op_bind **func;
- BackendDB *be = op->o_bd, db = *op->o_bd;
+ BackendDB *be = op->o_bd, db;
slap_callback cb = {NULL, over_back_response, NULL, NULL};
int rc = SLAP_CB_CONTINUE;
- op->o_bd = &db;
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( op->o_bd != NULL );
+
+ oi = op->o_bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ if ( !SLAP_ISOVERLAY( op->o_bd )) {
+ db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ op->o_bd = &db;
+ }
cb.sc_next = op->o_callback;
cb.sc_private = oi;
op->o_callback = &cb;
for (; on; on=on->on_next ) {
func = &on->on_bi.bi_op_bind;
if ( func[which] ) {
- db.bd_info = (BackendInfo *)on;
+ op->o_bd->bd_info = (BackendInfo *)on;
rc = func[which]( op, rs );
if ( rc != SLAP_CB_CONTINUE ) break;
}
func = &oi->oi_orig->bi_op_bind;
if ( func[which] && rc == SLAP_CB_CONTINUE ) {
- db.bd_info = oi->oi_orig;
+ op->o_bd->bd_info = oi->oi_orig;
rc = func[which]( op, rs );
}
/* should not fall thru this far without anything happening... */
if ( rc == SLAP_CB_CONTINUE ) {
rc = op_rc[ which ];
}
+
+ /* The underlying backend didn't handle the request, make sure
+ * overlay cleanup is processed.
+ */
+ if ( rc == LDAP_UNWILLING_TO_PERFORM ) {
+ slap_callback *sc_next;
+ for ( ; op->o_callback && op->o_callback != cb.sc_next;
+ op->o_callback = sc_next ) {
+ sc_next = op->o_callback->sc_next;
+ if ( op->o_callback->sc_cleanup ) {
+ op->o_callback->sc_cleanup( op, rs );
+ }
+ }
+ }
op->o_bd = be;
op->o_callback = cb.sc_next;
return rc;
return over_op_func( op, rs, op_aux_chk_referrals );
}
+static int
+over_aux_chk_controls( Operation *op, SlapReply *rs )
+{
+ return over_op_func( op, rs, op_aux_chk_controls );
+}
+
+static int
+over_connection_destroy(
+ BackendDB *bd,
+ Connection *conn
+)
+{
+ slap_overinfo *oi;
+ slap_overinst *on;
+ BackendDB db;
+ int rc = SLAP_CB_CONTINUE;
+
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( bd != NULL );
+
+ oi = bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ if ( !SLAP_ISOVERLAY( bd )) {
+ db = *bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ bd = &db;
+ }
+
+ for (; on; on=on->on_next ) {
+ if ( on->on_bi.bi_connection_destroy ) {
+ bd->bd_info = (BackendInfo *)on;
+ rc = on->on_bi.bi_connection_destroy( bd, conn );
+ if ( rc != SLAP_CB_CONTINUE ) break;
+ }
+ }
+
+ if ( oi->oi_orig->bi_connection_destroy && rc == SLAP_CB_CONTINUE ) {
+ bd->bd_info = oi->oi_orig;
+ rc = oi->oi_orig->bi_connection_destroy( bd, conn );
+ }
+ /* should not fall thru this far without anything happening... */
+ if ( rc == SLAP_CB_CONTINUE ) {
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ }
+
+ return rc;
+}
+
int
overlay_register(
slap_overinst *on
return 0;
}
+int
+overlay_register_control( BackendDB *be, const char *oid )
+{
+ int rc = 0;
+ int gotit = 0;
+ int cid;
+
+ if ( slap_find_control_id( oid, &cid ) == LDAP_CONTROL_NOT_FOUND ) {
+ return -1;
+ }
+
+ if ( SLAP_DBFLAGS( be ) & SLAP_DBFLAG_GLOBAL_OVERLAY ) {
+ BackendDB *bd;
+
+ /* add to all backends... */
+ LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) {
+ if ( be == bd ) {
+ gotit = 1;
+ }
+
+ bd->be_ctrls[ cid ] = 1;
+ bd->be_ctrls[ SLAP_MAX_CIDS ] = 1;
+ }
+
+ }
+
+ if ( rc == 0 && !gotit ) {
+ be->be_ctrls[ cid ] = 1;
+ be->be_ctrls[ SLAP_MAX_CIDS ] = 1;
+ }
+
+ return rc;
+}
+
/* add an overlay to a particular backend. */
int
overlay_config( BackendDB *be, const char *ov )
oi->oi_orig = be->bd_info;
oi->oi_bi = *be->bd_info;
+ /* NOTE: the first time a global overlay is configured,
+ * frontendDB gets this flag; it is used later by overlays
+ * to determine if they're stacked on top of the frontendDB */
+ if ( oi->oi_orig == frontendDB->bd_info ) {
+ SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_GLOBAL_OVERLAY;
+ }
+
/* Save a pointer to ourself in bi_private.
- * This allows us to keep working in conjunction
- * with backglue...
*/
oi->oi_bi.bi_private = oi;
oi->oi_list = NULL;
*/
bi->bi_operational = over_aux_operational;
bi->bi_chk_referrals = over_aux_chk_referrals;
+ bi->bi_chk_controls = over_aux_chk_controls;
+
+#ifdef SLAP_OVERLAY_ACCESS
+ /* this has a specific arglist */
+ bi->bi_access_allowed = over_access_allowed;
+#endif /* SLAP_OVERLAY_ACCESS */
+
+ bi->bi_connection_destroy = over_connection_destroy;
be->bd_info = bi;
/* Any initialization needed? */
if ( on->on_bi.bi_db_init ) {
+ int rc;
be->bd_info = (BackendInfo *)on2;
- on2->on_bi.bi_db_init( be );
+ rc = on2->on_bi.bi_db_init( be );
be->bd_info = (BackendInfo *)oi;
+ if ( rc ) return rc;
}
return 0;