#include "lutil.h"
#include "lber_pvt.h"
-#ifdef LDAP_SLAPI
-#include "slapi/slapi.h"
-
-static void init_group_pblock( Operation *op, Entry *target,
- Entry *e, struct berval *op_ndn, AttributeDescription *group_at );
-static int call_group_preop_plugins( Operation *op );
-static void call_group_postop_plugins( Operation *op );
-#endif /* LDAP_SLAPI */
-
/*
* If a module is configured as dynamic, its header should not
* get included into slapd. While this is a general rule and does
}
for( bi=slap_binfo; bi->bi_type != NULL; bi++,nBackendInfo++ ) {
- assert( bi->bi_init );
+ assert( bi->bi_init != 0 );
rc = bi->bi_init( bi );
{
int rc = 0;
- assert( be );
+ assert( be != NULL );
be->be_pending_csn_list = (struct be_pcl *)
ch_calloc( 1, sizeof( struct be_pcl ));
int backend_shutdown( Backend *be )
{
- int i;
int rc = 0;
BackendInfo *bi;
return 0;
}
+void backend_destroy_one( BackendDB *bd, int dynamic )
+{
+ if ( dynamic ) {
+ LDAP_STAILQ_REMOVE(&backendDB, bd, slap_backend_db, be_next );
+ }
+
+ if ( bd->be_syncinfo ) {
+ syncinfo_free( bd->be_syncinfo );
+ }
+
+ if ( bd->be_pending_csn_list ) {
+ struct slap_csn_entry *csne;
+ csne = LDAP_TAILQ_FIRST( bd->be_pending_csn_list );
+ while ( csne ) {
+ struct slap_csn_entry *tmp_csne = csne;
+
+ LDAP_TAILQ_REMOVE( bd->be_pending_csn_list, csne, ce_csn_link );
+ ch_free( csne->ce_csn.bv_val );
+ csne = LDAP_TAILQ_NEXT( csne, ce_csn_link );
+ ch_free( tmp_csne );
+ }
+ ch_free( bd->be_pending_csn_list );
+ }
+
+ if ( bd->bd_info->bi_db_destroy ) {
+ bd->bd_info->bi_db_destroy( bd );
+ }
+ ber_bvarray_free( bd->be_suffix );
+ ber_bvarray_free( bd->be_nsuffix );
+ if ( !BER_BVISNULL( &bd->be_rootdn ) ) {
+ free( bd->be_rootdn.bv_val );
+ }
+ if ( !BER_BVISNULL( &bd->be_rootndn ) ) {
+ free( bd->be_rootndn.bv_val );
+ }
+ if ( !BER_BVISNULL( &bd->be_rootpw ) ) {
+ free( bd->be_rootpw.bv_val );
+ }
+ acl_destroy( bd->be_acl, frontendDB->be_acl );
+ if ( dynamic ) {
+ free( bd );
+ }
+}
+
int backend_destroy(void)
{
- int i;
BackendDB *bd;
BackendInfo *bi;
- struct slap_csn_entry *csne;
/* destroy each backend database */
while (( bd = LDAP_STAILQ_FIRST(&backendDB))) {
- LDAP_STAILQ_REMOVE_HEAD(&backendDB, be_next);
-
- if ( bd->be_syncinfo ) {
- syncinfo_free( bd->be_syncinfo );
- }
-
- if ( bd->be_pending_csn_list ) {
- csne = LDAP_TAILQ_FIRST( bd->be_pending_csn_list );
- while ( csne ) {
- struct slap_csn_entry *tmp_csne = csne;
-
- LDAP_TAILQ_REMOVE( bd->be_pending_csn_list, csne, ce_csn_link );
- ch_free( csne->ce_csn.bv_val );
- csne = LDAP_TAILQ_NEXT( csne, ce_csn_link );
- ch_free( tmp_csne );
- }
- }
-
- if ( bd->bd_info->bi_db_destroy ) {
- bd->bd_info->bi_db_destroy( bd );
- }
- ber_bvarray_free( bd->be_suffix );
- ber_bvarray_free( bd->be_nsuffix );
- if ( !BER_BVISNULL( &bd->be_rootdn ) ) {
- free( bd->be_rootdn.bv_val );
- }
- if ( !BER_BVISNULL( &bd->be_rootndn ) ) {
- free( bd->be_rootndn.bv_val );
- }
- if ( !BER_BVISNULL( &bd->be_rootpw ) ) {
- free( bd->be_rootpw.bv_val );
- }
- acl_destroy( bd->be_acl, frontendDB->be_acl );
- free( bd );
+ backend_destroy_one( bd, 1 );
}
/* destroy each backend type */
be_db_close( void )
{
BackendDB *be;
- int i;
LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
if ( be->bd_info->bi_db_close ) {
int manageDSAit,
int noSubs )
{
- int i, j;
+ int j;
ber_len_t len, dnlen = dn->bv_len;
Backend *be, *b2 = NULL;
int
backend_unbind( Operation *op, SlapReply *rs )
{
- int i = 0;
BackendDB *be;
LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
-#if defined( LDAP_SLAPI )
- if ( op->o_pb ) {
- int rc;
- if ( i == 0 ) slapi_int_pblock_set_operation( op->o_pb, op );
- slapi_pblock_set( op->o_pb, SLAPI_BACKEND, (void *)be );
- rc = slapi_int_call_plugins( be,
- SLAPI_PLUGIN_PRE_UNBIND_FN, (Slapi_PBlock *)op->o_pb );
- if ( rc < 0 ) {
- /*
- * A preoperation plugin failure will abort the
- * entire operation.
- */
- Debug(LDAP_DEBUG_TRACE,
- "do_bind: Unbind preoperation plugin failed\n",
- 0, 0, 0);
- return 0;
- }
- }
-#endif /* defined( LDAP_SLAPI ) */
-
if ( be->be_unbind ) {
op->o_bd = be;
be->be_unbind( op, rs );
}
-
-#if defined( LDAP_SLAPI )
- if ( op->o_pb != NULL && slapi_int_call_plugins( be,
- SLAPI_PLUGIN_POST_UNBIND_FN, (Slapi_PBlock *)op->o_pb ) < 0 )
- {
- Debug(LDAP_DEBUG_TRACE,
- "do_unbind: Unbind postoperation plugins failed\n",
- 0, 0, 0);
- }
-#endif /* defined( LDAP_SLAPI ) */
- i++;
}
return 0;
LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
if ( be->be_connection_init ) {
- be->be_connection_init( be, conn);
+ be->be_connection_init( be, conn );
}
}
}
int
-backend_group(
+fe_acl_group(
Operation *op,
Entry *target,
struct berval *gr_ndn,
GroupAssertion *g;
Backend *be = op->o_bd;
- if ( op->o_abandon ) return SLAPD_ABANDON;
-
op->o_bd = select_backend( gr_ndn, 0, 0 );
for ( g = op->o_groups; g; g = g->ga_next ) {
rc = be_entry_get_rw( op, gr_ndn, group_oc, group_at, 0, &e );
}
if ( e ) {
-#ifdef LDAP_SLAPI
- if ( op->o_pb != NULL ) {
- init_group_pblock( op, target, e, op_ndn, group_at );
-
- rc = call_group_preop_plugins( op );
- if ( rc == LDAP_SUCCESS ) {
- goto done;
- }
- }
-#endif /* LDAP_SLAPI */
-
a = attr_find( e->e_attrs, group_at );
if ( a ) {
/* If the attribute is a subtype of labeledURI, treat this as
rc = LDAP_NO_SUCH_OBJECT;
}
-#ifdef LDAP_SLAPI
- if ( op->o_pb ) call_group_postop_plugins( op );
-#endif /* LDAP_SLAPI */
-
if ( op->o_tag != LDAP_REQ_BIND && !op->o_do_not_cache ) {
g = op->o_tmpalloc( sizeof( GroupAssertion ) + gr_ndn->bv_len,
op->o_tmpmemctx );
return rc;
}
-#ifdef LDAP_SLAPI
-static int backend_compute_output_attr(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
+int
+backend_group(
+ Operation *op,
+ Entry *target,
+ struct berval *gr_ndn,
+ struct berval *op_ndn,
+ ObjectClass *group_oc,
+ AttributeDescription *group_at )
{
- BerVarray v;
- int rc;
- BerVarray *vals = (BerVarray *)c->cac_private;
- Operation *op = NULL;
- int i, j;
+ int rc;
+ BackendDB *be_orig;
- slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, &op );
- if ( op == NULL ) {
- return 1;
+ if ( op->o_abandon ) {
+ return SLAPD_ABANDON;
}
- if ( op->o_conn && access_allowed( op,
- e, a->a_desc, NULL, ACL_AUTH,
- &c->cac_acl_state ) == 0 ) {
- return 1;
- }
-
- for ( i = 0; !BER_BVISNULL( &a->a_vals[i] ); i++ ) ;
-
- v = op->o_tmpalloc( sizeof(struct berval) * (i+1),
- op->o_tmpmemctx );
- for ( i = 0, j = 0; !BER_BVISNULL( &a->a_vals[i] ); i++ ) {
- if ( op->o_conn && access_allowed( op,
- e, a->a_desc,
- &a->a_nvals[i],
- ACL_AUTH, &c->cac_acl_state ) == 0 ) {
- continue;
- }
- ber_dupbv_x( &v[j],
- &a->a_nvals[i], op->o_tmpmemctx );
- if ( !BER_BVISNULL( &v[j] ) ) {
- j++;
- }
- }
-
- if ( j == 0 ) {
- op->o_tmpfree( v, op->o_tmpmemctx );
- *vals = NULL;
- rc = 1;
- } else {
- BER_BVZERO( &v[j] );
- *vals = v;
- rc = 0;
- }
+ be_orig = op->o_bd;
+ op->o_bd = frontendDB;
+ rc = frontendDB->be_group( op, target, gr_ndn,
+ op_ndn, group_oc, group_at );
+ op->o_bd = be_orig;
return rc;
}
-#endif /* LDAP_SLAPI */
int
-backend_attribute(
+fe_acl_attribute(
Operation *op,
Entry *target,
struct berval *edn,
rc = LDAP_SUCCESS;
}
}
-#ifdef LDAP_SLAPI
- else if ( op->o_pb ) {
- /* try any computed attributes */
- computed_attr_context ctx;
-
- slapi_int_pblock_set_operation( op->o_pb, op );
-
- ctx.cac_pb = op->o_pb;
- ctx.cac_attrs = NULL;
- ctx.cac_userattrs = 0;
- ctx.cac_opattrs = 0;
- ctx.cac_acl_state = acl_state;
- ctx.cac_private = (void *)vals;
-
- rc = compute_evaluator( &ctx, entry_at->ad_cname.bv_val, e, backend_compute_output_attr );
- if ( rc == 1 ) {
- rc = LDAP_INSUFFICIENT_ACCESS;
-
- } else {
- rc = LDAP_SUCCESS;
- }
- }
-#endif /* LDAP_SLAPI */
freeit: if ( e != target ) {
be_entry_release_r( op, e );
}
return rc;
}
-#ifdef LDAP_SLAPI
-static int backend_compute_output_attr_access(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
+int
+backend_attribute(
+ Operation *op,
+ Entry *target,
+ struct berval *edn,
+ AttributeDescription *entry_at,
+ BerVarray *vals,
+ slap_access_t access )
{
- struct berval *nval = (struct berval *)c->cac_private;
- Operation *op = NULL;
+ int rc;
+ BackendDB *be_orig;
- slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, &op );
- if ( op == NULL ) {
- return 1;
- }
+ be_orig = op->o_bd;
+ op->o_bd = frontendDB;
+ rc = frontendDB->be_attribute( op, target, edn,
+ entry_at, vals, access );
+ op->o_bd = be_orig;
- return access_allowed( op, e, a->a_desc, nval, ACL_AUTH, NULL ) == 0;
+ return rc;
}
-#endif /* LDAP_SLAPI */
int
backend_access(
Backend *be = op->o_bd;
/* pedantic */
- assert( op );
- assert( op->o_conn );
- assert( edn );
+ assert( op != NULL );
+ assert( op->o_conn != NULL );
+ assert( edn != NULL );
assert( access > ACL_NONE );
op->o_bd = select_backend( edn, 0, 0 );
}
rc = LDAP_SUCCESS;
}
-#ifdef LDAP_SLAPI
- else if ( op->o_pb ) {
- /* try any computed attributes */
- computed_attr_context ctx;
-
- slapi_int_pblock_set_operation( op->o_pb, op );
-
- ctx.cac_pb = op->o_pb;
- ctx.cac_attrs = NULL;
- ctx.cac_userattrs = 0;
- ctx.cac_opattrs = 0;
- ctx.cac_private = (void *)nval;
-
- rc = compute_evaluator( &ctx, entry_at->ad_cname.bv_val, e, backend_compute_output_attr_access );
- if ( rc == 1 ) {
- rc = LDAP_INSUFFICIENT_ACCESS;
-
- } else {
- rc = LDAP_SUCCESS;
- }
- }
-#endif /* LDAP_SLAPI */
}
freeit: if ( e != target ) {
be_entry_release_r( op, e );
return rc;
}
-int backend_operational(
+int
+fe_aux_operational(
Operation *op,
SlapReply *rs )
{
- Attribute **ap;
- int rc = 0;
- BackendDB *be_orig;
+ Attribute **ap;
+ int rc = 0;
+ BackendDB *be_orig;
for ( ap = &rs->sr_operational_attrs; *ap; ap = &(*ap)->a_next )
/* just count them */ ;
ap = &(*ap)->a_next;
}
- /* Let the overlays have a chance at this */
- be_orig = op->o_bd;
- if ( SLAP_ISOVERLAY( be_orig ) )
- op->o_bd = select_backend( be_orig->be_nsuffix, 0, 0 );
-
- if ( ( SLAP_OPATTRS( rs->sr_attr_flags ) || rs->sr_attrs ) &&
- op->o_bd && op->o_bd->be_operational != NULL )
+ if ( op->o_bd != NULL && op->o_bd != frontendDB )
{
- rc = op->o_bd->be_operational( op, rs );
+ /* Let the overlays have a chance at this */
+ be_orig = op->o_bd;
+ if ( SLAP_ISOVERLAY( be_orig ) )
+ op->o_bd = select_backend( be_orig->be_nsuffix, 0, 0 );
+
+ if ( ( SLAP_OPATTRS( rs->sr_attr_flags ) || rs->sr_attrs ) &&
+ op->o_bd && op->o_bd->be_operational != NULL )
+ {
+ rc = op->o_bd->be_operational( op, rs );
+ }
+ op->o_bd = be_orig;
}
- op->o_bd = be_orig;
return rc;
}
-#ifdef LDAP_SLAPI
-static void init_group_pblock( Operation *op, Entry *target,
- Entry *e, struct berval *op_ndn, AttributeDescription *group_at )
-{
- slapi_int_pblock_set_operation( op->o_pb, op );
-
- slapi_pblock_set( op->o_pb,
- SLAPI_X_GROUP_ENTRY, (void *)e );
- slapi_pblock_set( op->o_pb,
- SLAPI_X_GROUP_OPERATION_DN, (void *)op_ndn->bv_val );
- slapi_pblock_set( op->o_pb,
- SLAPI_X_GROUP_ATTRIBUTE, (void *)group_at->ad_cname.bv_val );
- slapi_pblock_set( op->o_pb,
- SLAPI_X_GROUP_TARGET_ENTRY, (void *)target );
-}
-
-static int call_group_preop_plugins( Operation *op )
+int backend_operational( Operation *op, SlapReply *rs )
{
int rc;
+ BackendDB *be_orig;
- rc = slapi_int_call_plugins( op->o_bd,
- SLAPI_X_PLUGIN_PRE_GROUP_FN, op->o_pb );
- if ( rc < 0 ) {
- if (( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE,
- (void *)&rc ) != 0 ) || rc == LDAP_SUCCESS )
- {
- rc = LDAP_NO_SUCH_ATTRIBUTE;
- }
- } else {
- rc = LDAP_SUCCESS;
- }
+ /* Moved this into the frontend so global overlays are called */
- return rc;
-}
+ be_orig = op->o_bd;
+ op->o_bd = frontendDB;
+ rc = frontendDB->be_operational( op, rs );
+ op->o_bd = be_orig;
-static void call_group_postop_plugins( Operation *op )
-{
- (void) slapi_int_call_plugins( op->o_bd, SLAPI_X_PLUGIN_POST_GROUP_FN, op->o_pb );
+ return rc;
}
-#endif /* LDAP_SLAPI */