-static int
-add_syncrepl(
- Backend *be,
- char **cargv,
- int cargc
-)
-{
- syncinfo_t *si;
- syncinfo_t *si_entry;
- int rc = 0;
- int duplicated_replica_id = 0;
-
- si = (syncinfo_t *) ch_calloc( 1, sizeof( syncinfo_t ) );
-
- if ( si == NULL ) {
- Debug( LDAP_DEBUG_ANY, "out of memory in add_syncrepl\n", 0, 0, 0 );
- return 1;
- }
-
- si->si_tls = SYNCINFO_TLS_OFF;
- if ( be->be_rootndn.bv_val ) {
- ber_dupbv( &si->si_updatedn, &be->be_rootndn );
- }
- si->si_bindmethod = LDAP_AUTH_SIMPLE;
- si->si_schemachecking = 0;
- ber_str2bv( "(objectclass=*)", STRLENOF("(objectclass=*)"), 1,
- &si->si_filterstr );
- si->si_base.bv_val = NULL;
- si->si_scope = LDAP_SCOPE_SUBTREE;
- si->si_attrsonly = 0;
- si->si_anlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName ));
- si->si_exanlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName ));
- si->si_attrs = NULL;
- si->si_allattrs = 0;
- si->si_allopattrs = 0;
- si->si_exattrs = NULL;
- si->si_type = LDAP_SYNC_REFRESH_ONLY;
- si->si_interval = 86400;
- si->si_retryinterval = NULL;
- si->si_retrynum_init = NULL;
- si->si_retrynum = NULL;
- si->si_syncCookie.ctxcsn = NULL;
- si->si_syncCookie.octet_str = NULL;
- si->si_syncCookie.sid = -1;
- si->si_manageDSAit = 0;
- si->si_tlimit = 0;
- si->si_slimit = 0;
- si->si_syncUUID_ndn.bv_val = NULL;
- si->si_syncUUID_ndn.bv_len = 0;
-
- si->si_presentlist = NULL;
- LDAP_LIST_INIT( &si->si_nonpresentlist );
-
- rc = parse_syncrepl_line( cargv, cargc, si );
-
- LDAP_STAILQ_FOREACH( si_entry, &be->be_syncinfo, si_next ) {
- if ( si->si_rid == si_entry->si_rid ) {
- Debug( LDAP_DEBUG_ANY,
- "add_syncrepl: duplicated replica id\n",0, 0, 0 );
- duplicated_replica_id = 1;
- break;
- }
- }
-
- if ( rc < 0 || duplicated_replica_id ) {
- Debug( LDAP_DEBUG_ANY, "failed to add syncinfo\n", 0, 0, 0 );
- return 1;
- } else {
- Debug( LDAP_DEBUG_CONFIG,
- "Config: ** successfully added syncrepl \"%s\"\n",
- si->si_provideruri == NULL ? "(null)" : si->si_provideruri, 0, 0 );
- if ( !si->si_schemachecking ) {
- SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
- }
- si->si_be = be;
- LDAP_STAILQ_INSERT_TAIL( &be->be_syncinfo, si, si_next );
- return 0;
- }
-}
-
-#define IDSTR "rid"
-#define PROVIDERSTR "provider"
-#define SUFFIXSTR "suffix"
-#define UPDATEDNSTR "updatedn"
-#define BINDMETHSTR "bindmethod"
-#define SIMPLESTR "simple"
-#define SASLSTR "sasl"
-#define BINDDNSTR "binddn"
-#define CREDSTR "credentials"
-#define OLDAUTHCSTR "bindprincipal"
-#define AUTHCSTR "authcID"
-#define AUTHZSTR "authzID"
-#define SRVTABSTR "srvtab"
-#define SASLMECHSTR "saslmech"
-#define REALMSTR "realm"
-#define SECPROPSSTR "secprops"
-#define STARTTLSSTR "starttls"
-#define CRITICALSTR "critical"
-
-#define SCHEMASTR "schemachecking"
-#define FILTERSTR "filter"
-#define SEARCHBASESTR "searchbase"
-#define SCOPESTR "scope"
-#define ATTRSSTR "attrs"
-#define EXATTRSSTR "exattrs"
-#define ATTRSONLYSTR "attrsonly"
-#define TYPESTR "type"
-#define INTERVALSTR "interval"
-#define LASTMODSTR "lastmod"
-#define LMREQSTR "req"
-#define LMGENSTR "gen"
-#define LMNOSTR "no"
-#define MANAGEDSAITSTR "manageDSAit"
-#define SLIMITSTR "sizelimit"
-#define TLIMITSTR "timelimit"
-
-#define RETRYSTR "retry"
-
-#define GOT_ID 0x0001
-#define GOT_PROVIDER 0x0002
-#define GOT_METHOD 0x0004
-#define GOT_ALL 0x0007
-
-static int
-parse_syncrepl_line(
- char **cargv,
- int cargc,
- syncinfo_t *si
-)
-{
- int gots = 0;
- int i, j;
- char *hp, *val;
- int nr_attr = 0;
-
- for ( i = 1; i < cargc; i++ ) {
- if ( !strncasecmp( cargv[ i ], IDSTR, sizeof( IDSTR ) - 1 )) {
- int tmp;
- /* '\0' string terminator accounts for '=' */
- val = cargv[ i ] + sizeof( IDSTR );
- tmp= atoi( val );
- if ( tmp >= 1000 || tmp < 0 ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "syncrepl id %d is out of range [0..999]\n", tmp );
- return -1;
- }
- si->si_rid = tmp;
- gots |= GOT_ID;
- } else if ( !strncasecmp( cargv[ i ], PROVIDERSTR,
- sizeof( PROVIDERSTR ) - 1 )) {
- val = cargv[ i ] + sizeof( PROVIDERSTR );
- si->si_provideruri = ch_strdup( val );
- si->si_provideruri_bv = (BerVarray)
- ch_calloc( 2, sizeof( struct berval ));
- ber_str2bv( si->si_provideruri, strlen( si->si_provideruri ),
- 1, &si->si_provideruri_bv[0] );
- si->si_provideruri_bv[1].bv_len = 0;
- si->si_provideruri_bv[1].bv_val = NULL;
- gots |= GOT_PROVIDER;
- } else if ( !strncasecmp( cargv[ i ], STARTTLSSTR,
- sizeof(STARTTLSSTR) - 1 ) )
- {
- val = cargv[ i ] + sizeof( STARTTLSSTR );
- if( !strcasecmp( val, CRITICALSTR ) ) {
- si->si_tls = SYNCINFO_TLS_CRITICAL;
- } else {
- si->si_tls = SYNCINFO_TLS_ON;
- }
- } else if ( !strncasecmp( cargv[ i ],
- UPDATEDNSTR, sizeof( UPDATEDNSTR ) - 1 ) )
- {
- struct berval updatedn = {0, NULL};
- val = cargv[ i ] + sizeof( UPDATEDNSTR );
- ber_str2bv( val, 0, 0, &updatedn );
- ch_free( si->si_updatedn.bv_val );
- dnNormalize( 0, NULL, NULL, &updatedn, &si->si_updatedn, NULL );
- } else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
- sizeof( BINDMETHSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( BINDMETHSTR );
- if ( !strcasecmp( val, SIMPLESTR )) {
- si->si_bindmethod = LDAP_AUTH_SIMPLE;
- gots |= GOT_METHOD;
- } else if ( !strcasecmp( val, SASLSTR )) {
-#ifdef HAVE_CYRUS_SASL
- si->si_bindmethod = LDAP_AUTH_SASL;
- gots |= GOT_METHOD;
-#else /* HAVE_CYRUS_SASL */
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "not compiled with SASL support\n" );
- return 1;
-#endif /* HAVE_CYRUS_SASL */
- } else {
- si->si_bindmethod = -1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- BINDDNSTR, sizeof( BINDDNSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( BINDDNSTR );
- si->si_binddn = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- CREDSTR, sizeof( CREDSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( CREDSTR );
- si->si_passwd = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- SASLMECHSTR, sizeof( SASLMECHSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( SASLMECHSTR );
- si->si_saslmech = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- SECPROPSSTR, sizeof( SECPROPSSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( SECPROPSSTR );
- si->si_secprops = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- REALMSTR, sizeof( REALMSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( REALMSTR );
- si->si_realm = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- AUTHCSTR, sizeof( AUTHCSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( AUTHCSTR );
- if ( si->si_authcId )
- ch_free( si->si_authcId );
- si->si_authcId = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- OLDAUTHCSTR, sizeof( OLDAUTHCSTR ) - 1 ) ) {
- /* Old authcID is provided for some backwards compatibility */
- val = cargv[ i ] + sizeof( OLDAUTHCSTR );
- if ( si->si_authcId )
- ch_free( si->si_authcId );
- si->si_authcId = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- AUTHZSTR, sizeof( AUTHZSTR ) - 1 ) ) {
- val = cargv[ i ] + sizeof( AUTHZSTR );
- si->si_authzId = ch_strdup( val );
- } else if ( !strncasecmp( cargv[ i ],
- SCHEMASTR, sizeof( SCHEMASTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( SCHEMASTR );
- if ( !strncasecmp( val, "on", STRLENOF( "on" ) )) {
- si->si_schemachecking = 1;
- } else if ( !strncasecmp( val, "off", STRLENOF( "off" ) ) ) {
- si->si_schemachecking = 0;
- } else {
- si->si_schemachecking = 1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- FILTERSTR, sizeof( FILTERSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( FILTERSTR );
- ber_str2bv( val, 0, 1, &si->si_filterstr );
- } else if ( !strncasecmp( cargv[ i ],
- SEARCHBASESTR, sizeof( SEARCHBASESTR ) - 1 ) )
- {
- struct berval bv;
- val = cargv[ i ] + sizeof( SEARCHBASESTR );
- if ( si->si_base.bv_val ) {
- ch_free( si->si_base.bv_val );
- }
- ber_str2bv( val, 0, 0, &bv );
- if ( dnNormalize( 0, NULL, NULL, &bv, &si->si_base, NULL )) {
- fprintf( stderr, "Invalid base DN \"%s\"\n", val );
- return 1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- SCOPESTR, sizeof( SCOPESTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( SCOPESTR );
- if ( !strncasecmp( val, "base", STRLENOF( "base" ) )) {
- si->si_scope = LDAP_SCOPE_BASE;
- } else if ( !strncasecmp( val, "one", STRLENOF( "one" ) )) {
- si->si_scope = LDAP_SCOPE_ONELEVEL;
-#ifdef LDAP_SCOPE_SUBORDINATE
- } else if ( !strcasecmp( val, "subordinate" ) ||
- !strcasecmp( val, "children" ))
- {
- si->si_scope = LDAP_SCOPE_SUBORDINATE;
-#endif
- } else if ( !strncasecmp( val, "sub", STRLENOF( "sub" ) )) {
- si->si_scope = LDAP_SCOPE_SUBTREE;
- } else {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown scope \"%s\"\n", val);
- return 1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- ATTRSONLYSTR, sizeof( ATTRSONLYSTR ) - 1 ) )
- {
- si->si_attrsonly = 1;
- } else if ( !strncasecmp( cargv[ i ],
- ATTRSSTR, sizeof( ATTRSSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( ATTRSSTR );
- if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) {
- char *attr_fname;
- attr_fname = ch_strdup( val + STRLENOF(":include:") );
- si->si_anlist = file2anlist(
- si->si_anlist, attr_fname, " ,\t" );
- if ( si->si_anlist == NULL ) {
- ch_free( attr_fname );
- return -1;
- }
- ch_free( attr_fname );
- } else {
- char *str, *s, *next;
- char delimstr[] = " ,\t";
- str = ch_strdup( val );
- for ( s = ldap_pvt_strtok( str, delimstr, &next );
- s != NULL;
- s = ldap_pvt_strtok( NULL, delimstr, &next )) {
- if ( strlen(s) == 1 && *s == '*' ) {
- si->si_allattrs = 1;
- *(val + ( s - str )) = delimstr[0];
- }
- if ( strlen(s) == 1 && *s == '+' ) {
- si->si_allopattrs = 1;
- *(val + ( s - str )) = delimstr[0];
- }
- }
- ch_free( str );
- si->si_anlist = str2anlist( si->si_anlist, val, " ,\t" );
- if ( si->si_anlist == NULL ) {
- return -1;
- }
- }
- } else if ( !strncasecmp( cargv[ i ],
- EXATTRSSTR, sizeof( EXATTRSSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( EXATTRSSTR );
- if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) {
- char *attr_fname;
- attr_fname = ch_strdup( val + STRLENOF(":include:") );
- si->si_exanlist = file2anlist(
- si->si_exanlist, attr_fname, " ,\t" );
- if ( si->si_exanlist == NULL ) {
- ch_free( attr_fname );
- return -1;
- }
- ch_free( attr_fname );
- } else {
- int j;
- si->si_exanlist = str2anlist( si->si_exanlist, val, " ,\t" );
- if ( si->si_exanlist == NULL ) {
- return -1;
- }
- }
- } else if ( !strncasecmp( cargv[ i ],
- TYPESTR, sizeof( TYPESTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( TYPESTR );
- if ( !strncasecmp( val, "refreshOnly", STRLENOF("refreshOnly") )) {
- si->si_type = LDAP_SYNC_REFRESH_ONLY;
- } else if ( !strncasecmp( val, "refreshAndPersist",
- STRLENOF("refreshAndPersist") ))
- {
- si->si_type = LDAP_SYNC_REFRESH_AND_PERSIST;
- si->si_interval = 60;
- } else {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown sync type \"%s\"\n", val);
- return 1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- INTERVALSTR, sizeof( INTERVALSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( INTERVALSTR );
- if ( si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ) {
- si->si_interval = 0;
- } else {
- char *hstr;
- char *mstr;
- char *dstr;
- char *sstr;
- int dd, hh, mm, ss;
- dstr = val;
- hstr = strchr( dstr, ':' );
- if ( hstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
- return 1;
- }
- *hstr++ = '\0';
- mstr = strchr( hstr, ':' );
- if ( mstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
- return 1;
- }
- *mstr++ = '\0';
- sstr = strchr( mstr, ':' );
- if ( sstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
- return 1;
- }
- *sstr++ = '\0';
-
- dd = atoi( dstr );
- hh = atoi( hstr );
- mm = atoi( mstr );
- ss = atoi( sstr );
- if (( hh > 24 ) || ( hh < 0 ) ||
- ( mm > 60 ) || ( mm < 0 ) ||
- ( ss > 60 ) || ( ss < 0 ) || ( dd < 0 )) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
- return 1;
- }
- si->si_interval = (( dd * 24 + hh ) * 60 + mm ) * 60 + ss;
- }
- if ( si->si_interval < 0 ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%ld\"\n",
- (long) si->si_interval);
- return 1;
- }
- } else if ( !strncasecmp( cargv[ i ],
- RETRYSTR, sizeof( RETRYSTR ) - 1 ) )
- {
- char *str;
- char **retry_list;
- int j, k, n;
-
- val = cargv[ i ] + sizeof( RETRYSTR );
- retry_list = (char **) ch_calloc( 1, sizeof( char * ));
- retry_list[0] = NULL;
-
- slap_str2clist( &retry_list, val, " ,\t" );
-
- for ( k = 0; retry_list && retry_list[k]; k++ ) ;
- n = k / 2;
- if ( k % 2 ) {
- fprintf( stderr,
- "Error: incomplete syncrepl retry list\n" );
- for ( k = 0; retry_list && retry_list[k]; k++ ) {
- ch_free( retry_list[k] );
- }
- ch_free( retry_list );
- exit( EXIT_FAILURE );
- }
- si->si_retryinterval = (time_t *) ch_calloc( n + 1, sizeof( time_t ));
- si->si_retrynum = (int *) ch_calloc( n + 1, sizeof( int ));
- si->si_retrynum_init = (int *) ch_calloc( n + 1, sizeof( int ));
- for ( j = 0; j < n; j++ ) {
- si->si_retryinterval[j] = atoi( retry_list[j*2] );
- if ( *retry_list[j*2+1] == '+' ) {
- si->si_retrynum_init[j] = -1;
- si->si_retrynum[j] = -1;
- j++;
- break;
- } else {
- si->si_retrynum_init[j] = atoi( retry_list[j*2+1] );
- si->si_retrynum[j] = atoi( retry_list[j*2+1] );
- }
- }
- si->si_retrynum_init[j] = -2;
- si->si_retrynum[j] = -2;
- si->si_retryinterval[j] = 0;
-
- for ( k = 0; retry_list && retry_list[k]; k++ ) {
- ch_free( retry_list[k] );
- }
- ch_free( retry_list );
- } else if ( !strncasecmp( cargv[ i ],
- MANAGEDSAITSTR, sizeof( MANAGEDSAITSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( MANAGEDSAITSTR );
- si->si_manageDSAit = atoi( val );
- } else if ( !strncasecmp( cargv[ i ],
- SLIMITSTR, sizeof( SLIMITSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( SLIMITSTR );
- si->si_slimit = atoi( val );
- } else if ( !strncasecmp( cargv[ i ],
- TLIMITSTR, sizeof( TLIMITSTR ) - 1 ) )
- {
- val = cargv[ i ] + sizeof( TLIMITSTR );
- si->si_tlimit = atoi( val );
- } else {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown keyword \"%s\"\n", cargv[ i ] );
- }
- }
-
- if ( gots != GOT_ALL ) {
- fprintf( stderr,
- "Error: Malformed \"syncrepl\" line in slapd config file" );
- return -1;
- }
-
- return 0;
-}
-