]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/ad.c
reject registrations when back-monitor is not configured
[openldap] / servers / slapd / ad.c
index 38bda68141f8f6e4ec0ee1ee4a4158ebf6945500..2b32e533c78812a9e425f7a2316a152c67852815 100644 (file)
@@ -178,7 +178,7 @@ int slap_bv2ad(
        desc.ad_cname = *bv;
        name = bv->bv_val;
        options = strchr( name, ';' );
-       if ( options != NULL && ( options - name ) < bv->bv_len ) {
+       if ( options != NULL && (unsigned) ( options - name ) < bv->bv_len ) {
                /* don't go past the end of the berval! */
                desc.ad_cname.bv_len = options - name;
        } else {
@@ -250,7 +250,7 @@ int slap_bv2ad(
 
                                rc = strncasecmp( opt, tags[i].bv_val,
                                        (unsigned) optlen < tags[i].bv_len
-                                               ? optlen : tags[i].bv_len );
+                                               ? (unsigned) optlen : tags[i].bv_len );
 
                                if( rc == 0 && (unsigned)optlen == tags[i].bv_len ) {
                                        /* duplicate (ignore) */
@@ -388,7 +388,7 @@ done:;
                                        if( lp != desc.ad_tags.bv_val ) {
                                                *cp++ = ';';
                                                j = (lp
-                                                    ? lp - desc.ad_tags.bv_val - 1
+                                                    ? (unsigned) (lp - desc.ad_tags.bv_val - 1)
                                                     : strlen( desc.ad_tags.bv_val ));
                                                cp = lutil_strncopy(cp, desc.ad_tags.bv_val, j);
                                        }
@@ -664,15 +664,12 @@ int ad_inlist(
                        }
 
                } else {
-                       /* short-circuit this search next time around */
-                       if (!slap_schema.si_at_undefined->sat_ad) {
-                               const char *text;
-                               slap_bv2undef_ad(&attrs->an_name,
-                                       &attrs->an_desc, &text);
-                       } else {
-                               attrs->an_desc =
-                                       slap_schema.si_at_undefined->sat_ad;
-                       }
+                       const char      *text;
+
+                       /* give it a chance of being retrieved by a proxy... */
+                       (void)slap_bv2undef_ad( &attrs->an_name,
+                               &attrs->an_desc, &text,
+                               SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
                }
        }
 
@@ -683,21 +680,24 @@ int ad_inlist(
 int slap_str2undef_ad(
        const char *str,
        AttributeDescription **ad,
-       const char **text )
+       const char **text,
+       unsigned flags )
 {
        struct berval bv;
        bv.bv_val = (char *) str;
        bv.bv_len = strlen( str );
 
-       return slap_bv2undef_ad( &bv, ad, text );
+       return slap_bv2undef_ad( &bv, ad, text, flags );
 }
 
 int slap_bv2undef_ad(
        struct berval *bv,
        AttributeDescription **ad,
-       const char **text )
+       const char **text,
+       unsigned flags )
 {
        AttributeDescription *desc;
+       AttributeType *at;
 
        assert( ad != NULL );
 
@@ -712,23 +712,33 @@ int slap_bv2undef_ad(
                return LDAP_UNDEFINED_TYPE;
        }
 
-       for( desc = slap_schema.si_at_undefined->sat_ad; desc;
-               desc=desc->ad_next ) 
-       {
+       /* use the appropriate type */
+       if ( flags & SLAP_AD_PROXIED ) {
+               at = slap_schema.si_at_proxied;
+
+       } else {
+               at = slap_schema.si_at_undefined;
+       }
+
+       for( desc = at->sat_ad; desc; desc=desc->ad_next ) {
                if( desc->ad_cname.bv_len == bv->bv_len &&
-                   !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ))
+                   !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ) )
                {
                        break;
                }
        }
-       
+
        if( !desc ) {
+               if ( flags & SLAP_AD_NOINSERT ) {
+                       *text = NULL;
+                       return LDAP_UNDEFINED_TYPE;
+               }
+       
                desc = ch_malloc(sizeof(AttributeDescription) + 1 +
                        bv->bv_len);
                
                desc->ad_flags = SLAP_DESC_NONE;
-               desc->ad_tags.bv_val = NULL;
-               desc->ad_tags.bv_len = 0;
+               BER_BVZERO( &desc->ad_tags );
 
                desc->ad_cname.bv_len = bv->bv_len;
                desc->ad_cname.bv_val = (char *)(desc+1);
@@ -737,9 +747,17 @@ int slap_bv2undef_ad(
                /* canonical to upper case */
                ldap_pvt_str2upper( desc->ad_cname.bv_val );
 
-               desc->ad_type = slap_schema.si_at_undefined;
+               /* shouldn't we protect this for concurrency? */
+               desc->ad_type = at;
+               ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
                desc->ad_next = desc->ad_type->sat_ad;
                desc->ad_type->sat_ad = desc;
+               ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
+
+               Debug( LDAP_DEBUG_ANY,
+                       "%s attributeDescription \"%s\" inserted.\n",
+                       ( flags & SLAP_AD_PROXIED ) ? "PROXIED" : "UNKNOWN",
+                       desc->ad_cname.bv_val, 0 );
        }
 
        if( !*ad ) {
@@ -751,6 +769,56 @@ int slap_bv2undef_ad(
        return LDAP_SUCCESS;
 }
 
+static int
+undef_remove(
+       AttributeType   *at,
+       char            *name )
+{
+       AttributeDescription    **u_ad;
+
+       for ( u_ad = &at->sat_ad; *u_ad; ) {
+               struct berval   bv;
+
+               ber_str2bv( name, 0, 0, &bv );
+
+               /* remove iff undef == name or undef == name;tag */
+               if ( (*u_ad)->ad_cname.bv_len >= bv.bv_len
+                       && strncasecmp( (*u_ad)->ad_cname.bv_val, bv.bv_val, bv.bv_len ) == 0
+                       && ( (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == '\0'
+                               || (*u_ad)->ad_cname.bv_val[ bv.bv_len ] == ';' ) )
+               {
+                       AttributeDescription    *tmp = *u_ad;
+
+                       *u_ad = (*u_ad)->ad_next;
+
+                       ch_free( tmp );
+
+               } else {
+                       u_ad = &(*u_ad)->ad_next;
+               }
+       }
+
+       return 0;
+}
+
+int
+slap_ad_undef_remove(
+       char *name )
+{
+       int     rc;
+
+       ldap_pvt_thread_mutex_lock( &ad_undef_mutex );
+
+       rc = undef_remove( slap_schema.si_at_undefined, name );
+       if ( rc == 0 ) {
+               rc = undef_remove( slap_schema.si_at_proxied, name );
+       }
+
+       ldap_pvt_thread_mutex_unlock( &ad_undef_mutex );
+
+       return rc;
+}
+
 int
 an_find(
     AttributeName *a,