/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2006 The OpenLDAP Foundation.
+ * Copyright 1999-2008 The OpenLDAP Foundation.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* Portions Copyright 1999-2003 Howard Chu.
* All rights reserved.
( -1 - (long)(lc)->lc_conn ) : (lc)->lc_conn->c_connid )
#ifdef HAVE_TLS
#define LDAP_BACK_PCONN_ROOTDN_SET(lc, op) \
- ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? LDAP_BACK_PCONN_ROOTDN_TLS : LDAP_BACK_PCONN_ROOTDN))
+ ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? (void *) LDAP_BACK_PCONN_ROOTDN_TLS : (void *) LDAP_BACK_PCONN_ROOTDN))
#define LDAP_BACK_PCONN_ANON_SET(lc, op) \
- ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? LDAP_BACK_PCONN_ANON_TLS : LDAP_BACK_PCONN_ANON))
+ ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? (void *) LDAP_BACK_PCONN_ANON_TLS : (void *) LDAP_BACK_PCONN_ANON))
#define LDAP_BACK_PCONN_BIND_SET(lc, op) \
- ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? LDAP_BACK_PCONN_BIND_TLS : LDAP_BACK_PCONN_BIND))
+ ((lc)->lc_conn = (void *)((op)->o_conn->c_is_tls ? (void *) LDAP_BACK_PCONN_BIND_TLS : (void *) LDAP_BACK_PCONN_BIND))
#else /* ! HAVE_TLS */
#define LDAP_BACK_PCONN_ROOTDN_SET(lc, op) \
((lc)->lc_conn = (void *)LDAP_BACK_PCONN_ROOTDN)
#define LDAP_BACK_FCONN_ISTLS (0x00000008U)
#define LDAP_BACK_FCONN_BINDING (0x00000010U)
#define LDAP_BACK_FCONN_TAINTED (0x00000020U)
-#define LDAP_BACK_FCONN_ISIDASR (0x00000040U)
-#define LDAP_BACK_FCONN_CACHED (0x00000080U)
+#define LDAP_BACK_FCONN_ABANDON (0x00000040U)
+#define LDAP_BACK_FCONN_ISIDASR (0x00000080U)
+#define LDAP_BACK_FCONN_CACHED (0x00000100U)
#define LDAP_BACK_CONN_ISBOUND(lc) LDAP_BACK_CONN_ISSET((lc), LDAP_BACK_FCONN_ISBOUND)
#define LDAP_BACK_CONN_ISBOUND_SET(lc) LDAP_BACK_CONN_SET((lc), LDAP_BACK_FCONN_ISBOUND)
#define LDAP_BACK_CONN_TAINTED(lc) LDAP_BACK_CONN_ISSET((lc), LDAP_BACK_FCONN_TAINTED)
#define LDAP_BACK_CONN_TAINTED_SET(lc) LDAP_BACK_CONN_SET((lc), LDAP_BACK_FCONN_TAINTED)
#define LDAP_BACK_CONN_TAINTED_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), LDAP_BACK_FCONN_TAINTED)
+#define LDAP_BACK_CONN_ABANDON(lc) LDAP_BACK_CONN_ISSET((lc), LDAP_BACK_FCONN_ABANDON)
+#define LDAP_BACK_CONN_ABANDON_SET(lc) LDAP_BACK_CONN_SET((lc), LDAP_BACK_FCONN_ABANDON)
+#define LDAP_BACK_CONN_ABANDON_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), LDAP_BACK_FCONN_ABANDON)
#define LDAP_BACK_CONN_ISIDASSERT(lc) LDAP_BACK_CONN_ISSET((lc), LDAP_BACK_FCONN_ISIDASR)
#define LDAP_BACK_CONN_ISIDASSERT_SET(lc) LDAP_BACK_CONN_SET((lc), LDAP_BACK_FCONN_ISIDASR)
#define LDAP_BACK_CONN_ISIDASSERT_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), LDAP_BACK_FCONN_ISIDASR)
#define LDAP_BACK_CONN_CACHED_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), LDAP_BACK_FCONN_CACHED)
unsigned lc_refcnt;
- unsigned lc_binding;
unsigned lc_flags;
time_t lc_create_time;
time_t lc_time;
LDAP_URLLIST_PROC *li_urllist_f;
void *li_urllist_p;
- slap_bindconf li_acl;
-#define li_acl_authcID li_acl.sb_authcId
-#define li_acl_authcDN li_acl.sb_binddn
-#define li_acl_passwd li_acl.sb_cred
-#define li_acl_authzID li_acl.sb_authzId
+ /* we only care about the TLS options here */
+ slap_bindconf li_tls;
+
+ slap_bindconf li_acl;
+#define li_acl_authcID li_acl.sb_authcId
+#define li_acl_authcDN li_acl.sb_binddn
+#define li_acl_passwd li_acl.sb_cred
+#define li_acl_authzID li_acl.sb_authzId
#define li_acl_authmethod li_acl.sb_method
#define li_acl_sasl_mech li_acl.sb_saslmech
#define li_acl_sasl_realm li_acl.sb_realm
-#define li_acl_secprops li_acl.sb_secprops
+#define li_acl_secprops li_acl.sb_secprops
/* ID assert stuff */
- slap_idassert_t li_idassert;
+ slap_idassert_t li_idassert;
/* end of ID assert stuff */
- int li_nretries;
+ int li_nretries;
#define LDAP_BACK_RETRY_UNDEFINED (-2)
#define LDAP_BACK_RETRY_FOREVER (-1)
#define LDAP_BACK_RETRY_NEVER (0)
#define LDAP_BACK_RETRY_DEFAULT (3)
- unsigned li_flags;
+ unsigned li_flags;
/* 0xFFF00000U are reserved for back-meta */
#define LDAP_BACK_F_USE_TLS (0x00000002U)
#define LDAP_BACK_F_PROPAGATE_TLS (0x00000004U)
#define LDAP_BACK_F_TLS_CRITICAL (0x00000008U)
+#define LDAP_BACK_F_TLS_LDAPS (0x00000010U)
+
#define LDAP_BACK_F_TLS_USE_MASK (LDAP_BACK_F_USE_TLS|LDAP_BACK_F_TLS_CRITICAL)
#define LDAP_BACK_F_TLS_PROPAGATE_MASK (LDAP_BACK_F_PROPAGATE_TLS|LDAP_BACK_F_TLS_CRITICAL)
-#define LDAP_BACK_F_TLS_MASK (LDAP_BACK_F_TLS_USE_MASK|LDAP_BACK_F_TLS_PROPAGATE_MASK)
-#define LDAP_BACK_F_CHASE_REFERRALS (0x00000010U)
-#define LDAP_BACK_F_PROXY_WHOAMI (0x00000020U)
+#define LDAP_BACK_F_TLS_MASK (LDAP_BACK_F_TLS_USE_MASK|LDAP_BACK_F_TLS_PROPAGATE_MASK|LDAP_BACK_F_TLS_LDAPS)
+#define LDAP_BACK_F_CHASE_REFERRALS (0x00000020U)
+#define LDAP_BACK_F_PROXY_WHOAMI (0x00000040U)
-#define LDAP_BACK_F_T_F (0x00000040U)
-#define LDAP_BACK_F_T_F_DISCOVER (0x00000080U)
+#define LDAP_BACK_F_T_F (0x00000080U)
+#define LDAP_BACK_F_T_F_DISCOVER (0x00000100U)
#define LDAP_BACK_F_T_F_MASK (LDAP_BACK_F_T_F)
#define LDAP_BACK_F_T_F_MASK2 (LDAP_BACK_F_T_F_MASK|LDAP_BACK_F_T_F_DISCOVER)
-#define LDAP_BACK_F_MONITOR (0x00000100U)
-#define LDAP_BACK_F_SINGLECONN (0x00000200U)
-#define LDAP_BACK_F_USE_TEMPORARIES (0x00000400U)
+#define LDAP_BACK_F_MONITOR (0x00000200U)
+#define LDAP_BACK_F_SINGLECONN (0x00000400U)
+#define LDAP_BACK_F_USE_TEMPORARIES (0x00000800U)
-#define LDAP_BACK_F_ISOPEN (0x00000800U)
+#define LDAP_BACK_F_ISOPEN (0x00001000U)
#define LDAP_BACK_F_CANCEL_ABANDON (0x00000000U)
-#define LDAP_BACK_F_CANCEL_IGNORE (0x00001000U)
-#define LDAP_BACK_F_CANCEL_EXOP (0x00002000U)
-#define LDAP_BACK_F_CANCEL_EXOP_DISCOVER (0x00004000U)
+#define LDAP_BACK_F_CANCEL_IGNORE (0x00002000U)
+#define LDAP_BACK_F_CANCEL_EXOP (0x00004000U)
+#define LDAP_BACK_F_CANCEL_EXOP_DISCOVER (0x00008000U)
#define LDAP_BACK_F_CANCEL_MASK (LDAP_BACK_F_CANCEL_IGNORE|LDAP_BACK_F_CANCEL_EXOP)
#define LDAP_BACK_F_CANCEL_MASK2 (LDAP_BACK_F_CANCEL_MASK|LDAP_BACK_F_CANCEL_EXOP_DISCOVER)
+#define LDAP_BACK_F_QUARANTINE (0x00010000U)
+
+#ifdef SLAP_CONTROL_X_SESSION_TRACKING
+#define LDAP_BACK_F_ST_REQUEST (0x00020000U)
+#define LDAP_BACK_F_ST_RESPONSE (0x00040000U)
+#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+
#define LDAP_BACK_ISSET_F(ff,f) ( ( (ff) & (f) ) == (f) )
#define LDAP_BACK_ISMASK_F(ff,m,f) ( ( (ff) & (m) ) == (f) )
#define LDAP_BACK_CANCEL(li) LDAP_BACK_ISMASK( (li), LDAP_BACK_F_CANCEL_MASK, LDAP_BACK_F_CANCEL_EXOP )
#define LDAP_BACK_CANCEL_DISCOVER(li) LDAP_BACK_ISMASK( (li), LDAP_BACK_F_CANCEL_MASK2, LDAP_BACK_F_CANCEL_EXOP_DISCOVER )
- int li_version;
+#define LDAP_BACK_QUARANTINE(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_QUARANTINE )
- /* cached connections;
- * special conns are in tailq rather than in tree */
- ldap_avl_info_t li_conninfo;
+#ifdef SLAP_CONTROL_X_SESSION_TRACKING
+#define LDAP_BACK_ST_REQUEST(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ST_REQUEST)
+#define LDAP_BACK_ST_RESPONSE(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ST_RESPONSE)
+#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
- ldap_monitor_info_t li_monitor_info;
+ int li_version;
+ /* cached connections;
+ * special conns are in tailq rather than in tree */
+ ldap_avl_info_t li_conninfo;
struct {
int lic_num;
LDAP_TAILQ_HEAD(lc_conn_priv_q, ldapconn_t) lic_priv;
- } li_conn_priv[ LDAP_BACK_PCONN_LAST ];
- int li_conn_priv_max;
+ } li_conn_priv[ LDAP_BACK_PCONN_LAST ];
+ int li_conn_priv_max;
#define LDAP_BACK_CONN_PRIV_MIN (1)
#define LDAP_BACK_CONN_PRIV_MAX (256)
/* must be between LDAP_BACK_CONN_PRIV_MIN
* and LDAP_BACK_CONN_PRIV_MAX ! */
#define LDAP_BACK_CONN_PRIV_DEFAULT (16)
+ ldap_monitor_info_t li_monitor_info;
+
sig_atomic_t li_isquarantined;
#define LDAP_BACK_FQ_NO (0)
#define LDAP_BACK_FQ_YES (1)
#define LDAP_BACK_FQ_RETRYING (2)
slap_retry_info_t li_quarantine;
-#define LDAP_BACK_QUARANTINE(li) ( (li)->li_quarantine.ri_num != NULL )
ldap_pvt_thread_mutex_t li_quarantine_mutex;
ldap_back_quarantine_f li_quarantine_f;
void *li_quarantine_p;
- time_t li_network_timeout;
- time_t li_conn_ttl;
- time_t li_idle_timeout;
- time_t li_timeout[ SLAP_OP_LAST ];
+ time_t li_network_timeout;
+ time_t li_conn_ttl;
+ time_t li_idle_timeout;
+ time_t li_timeout[ SLAP_OP_LAST ];
} ldapinfo_t;
typedef enum ldap_back_send_t {
#define LDAP_BACK_PRINT_CONNTREE 0
#endif /* !LDAP_BACK_PRINT_CONNTREE */
+typedef struct ldap_extra_t {
+ int (*proxy_authz_ctrl)( Operation *op, SlapReply *rs, struct berval *bound_ndn,
+ int version, slap_idassert_t *si, LDAPControl *ctrl );
+ int (*controls_free)( Operation *op, SlapReply *rs, LDAPControl ***pctrls );
+} ldap_extra_t;
+
LDAP_END_DECL
#include "proto-ldap.h"
projects / openldap / blobdiff