#ifdef SLAPD_LDBM
#include "back-ldbm/external.h"
#endif
+#ifdef SLAPD_META
+#include "back-meta/external.h"
+#endif
+#ifdef SLAPD_MONITOR
+#include "back-monitor/external.h"
+#endif
#ifdef SLAPD_PASSWD
#include "back-passwd/external.h"
#endif
#if defined(SLAPD_LDBM) && !defined(SLAPD_LDBM_DYNAMIC)
{"ldbm", ldbm_back_initialize},
#endif
+#if defined(SLAPD_META) && !defined(SLAPD_META_DYNAMIC)
+ {"meta", meta_back_initialize},
+#endif
+#if defined(SLAPD_MONITOR) && !defined(SLAPD_MONITOR_DYNAMIC)
+ {"monitor", monitor_back_initialize},
+#endif
#if defined(SLAPD_PASSWD) && !defined(SLAPD_PASSWD_DYNAMIC)
{"passwd", passwd_back_initialize},
#endif
if((nBackendInfo != 0) || (backendInfo != NULL)) {
/* already initialized */
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
- "backend_init: backend already initialized\n" ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "backend_init: backend already initialized\n" ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_init: already initialized.\n", 0, 0, 0 );
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
- "backend_init: initialized for type \"%s\"\n",
- binfo[nBackendInfo].bi_type ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "backend_init: initialized for type \"%s\"\n",
+ binfo[nBackendInfo].bi_type ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_init: initialized for type \"%s\"\n",
- binfo[nBackendInfo].bi_type, 0, 0 );
+ binfo[nBackendInfo].bi_type, 0, 0 );
#endif
/* destroy those we've already inited */
for( nBackendInfo--;
#else
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
- "backend_init: failed\n" ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "backend_init: failed\n" ));
#else
- Debug( LDAP_DEBUG_ANY,
+ Debug( LDAP_DEBUG_ANY,
"backend_init: failed\n",
0, 0, 0 );
#endif
if( ! ( nBackendDB > 0 ) ) {
/* no databases */
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
- "backend_startup: %d databases to startup. \n",
- nBackendDB ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "backend_startup: %d databases to startup. \n",
+ nBackendDB ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_startup: %d databases to startup.\n",
if(be != NULL) {
/* startup a specific backend database */
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
- "backend_startup: starting \"%s\"\n",
- be->be_suffix[0] ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+ "backend_startup: starting \"%s\"\n",
+ be->be_suffix[0] ));
#else
Debug( LDAP_DEBUG_TRACE,
"backend_startup: starting \"%s\"\n",
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
- "backend_startup: bi_open failed!\n" ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
+ "backend_startup: bi_open failed!\n" ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_startup: bi_open failed!\n",
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
- "backend_startup: bi_db_open failed!\n" ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
+ "backend_startup: bi_db_open failed!\n" ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_startup: bi_db_open failed!\n",
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
- "backend_startup: bi_open %d failed!\n", i ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
+ "backend_startup: bi_open %d failed!\n", i ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_startup: bi_open %d failed!\n",
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
- "backend_startup: bi_db_open %d failed!\n", i ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_CRIT,
+ "backend_startup: bi_db_open %d failed!\n", i ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_startup: bi_db_open %d failed!\n",
if(rc != 0) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_NOTICE,
- "backend_shutdown: bi_close %s failed!\n",
- backendDB[i].be_type ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_NOTICE,
+ "backend_shutdown: bi_close %s failed!\n",
+ backendDB[i].be_type ));
#else
Debug( LDAP_DEBUG_ANY,
"backend_close: bi_close %s failed!\n",
be = &backends[nbackends++];
be->bd_info = bi;
- be->be_sizelimit = defsize;
- be->be_timelimit = deftime;
+ be->be_def_limit = deflimit;
be->be_dfltaccess = global_default_access;
be->be_restrictops = global_restrictops;
len = strlen( backends[i].be_nsuffix[j] );
if ( len > dnlen ) {
+ /* suffix is longer than DN */
continue;
}
- if ( strcmp( backends[i].be_nsuffix[j],
- dn + (dnlen - len) ) == 0 )
- {
+
+ if ( len && len < dnlen && !DN_SEPARATOR( dn[(dnlen-len)-1] ) ) {
+ /* make sure we have a separator */
+ continue;
+ }
+
+
+ if ( strcmp( backends[i].be_nsuffix[j], &dn[dnlen-len] ) == 0 ) {
if( be == NULL ) {
be = &backends[i];
Backend *be,
Connection *conn,
Operation *op,
- const char *extoid,
+ const void *opdata,
const char **text )
{
int rc;
return LDAP_OTHER;
}
- if (( extoid == NULL || strcmp( extoid, LDAP_EXOP_START_TLS ) ) ) {
+ if ( op->o_tag != LDAP_REQ_EXTENDED
+ || strcmp( (const char *) opdata, LDAP_EXOP_START_TLS ) )
+ {
/* these checks don't apply to StartTLS */
if( op->o_tag == LDAP_REQ_EXTENDED ) {
updateop++;
}
- if( op->o_ssf < ssf->sss_ssf ) {
- *text = "confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
- }
if( op->o_transport_ssf < ssf->sss_transport ) {
*text = "transport confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
+
if( op->o_tls_ssf < ssf->sss_tls ) {
*text = "TLS confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
- if( op->o_sasl_ssf < ssf->sss_sasl ) {
- *text = "SASL confidentiality required";
- return LDAP_CONFIDENTIALITY_REQUIRED;
- }
- if( updateop ) {
- if( op->o_ssf < ssf->sss_update_ssf ) {
- *text = "update confidentiality required";
+ if( op->o_tag != LDAP_REQ_BIND || opdata == NULL ) {
+ /* these checks don't apply to SASL bind */
+
+ if( op->o_sasl_ssf < ssf->sss_sasl ) {
+ *text = "SASL confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
+
+ if( op->o_ssf < ssf->sss_ssf ) {
+ *text = "confidentiality required";
+ return LDAP_CONFIDENTIALITY_REQUIRED;
+ }
+ }
+
+ if( updateop ) {
if( op->o_transport_ssf < ssf->sss_update_transport ) {
*text = "transport update confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
+
if( op->o_tls_ssf < ssf->sss_update_tls ) {
*text = "TLS update confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
+
if( op->o_sasl_ssf < ssf->sss_update_sasl ) {
*text = "SASL update confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
}
+
+ if( op->o_ssf < ssf->sss_update_ssf ) {
+ *text = "update confidentiality required";
+ return LDAP_CONFIDENTIALITY_REQUIRED;
+ }
+
+ if( op->o_ndn == NULL ) {
+ *text = "modifications require authentication";
+ return LDAP_OPERATIONS_ERROR;
+ }
}
}
- if (( extoid == NULL || strcmp( extoid, LDAP_EXOP_START_TLS ) )
- || op->o_tag == LDAP_REQ_BIND )
+ if ( op->o_tag != LDAP_REQ_BIND && ( op->o_tag != LDAP_REQ_EXTENDED ||
+ strcmp( (const char *) opdata, LDAP_EXOP_START_TLS ) ) )
{
- /* these checks don't apply to StartTLS or Bind */
+ /* these checks don't apply to Bind or StartTLS */
if( requires & SLAP_REQUIRE_STRONG ) {
/* should check mechanism */
#ifdef SLAPD_SCHEMA_DN
a = ch_malloc( sizeof( Attribute ) );
- a->a_desc = ad_dup( slap_schema.si_ad_subschemaSubentry );
+ a->a_desc = slap_schema.si_ad_subschemaSubentry;
/* Should be backend specific */
a->a_vals = ch_malloc( 2 * sizeof( struct berval * ) );
projects / openldap / blobdiff