/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2003-2005 The OpenLDAP Foundation.
+ * Copyright 2003-2006 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
static slap_overinst *overlays;
-enum db_which { db_open = 0, db_close, db_destroy };
+enum db_which {
+ db_open = 0,
+ db_close,
+ db_destroy,
+ db_last
+};
static int
over_db_func(
ca.fname = fname;
ca.lineno = lineno;
ca.be = be;
+ snprintf( ca.log, sizeof( ca.log ), "%s: line %d",
+ ca.fname, ca.lineno );
+
for (; on; on=on->on_next) {
rc = SLAP_CONF_UNKNOWN;
if (on->on_bi.bi_cf_ocs) {
ct = config_find_keyword( on->on_bi.bi_cf_ocs->co_table, &ca );
if ( ct ) {
rc = config_add_vals( ct, &ca );
+ if ( rc != SLAP_CONF_UNKNOWN )
+ break;
}
}
if (on->on_bi.bi_db_config && rc == SLAP_CONF_UNKNOWN) {
{
slap_overinfo *oi;
slap_overinst *on;
- BackendInfo *bi = op->o_bd->bd_info;
+ BackendInfo *bi;
BackendDB *be = op->o_bd, db;
int rc = SLAP_CB_CONTINUE;
* when global overlays are used... */
assert( op->o_bd != NULL );
- oi = op->o_bd->bd_info->bi_private;
+ bi = op->o_bd->bd_info;
+ /* Were we invoked on the frontend? */
+ if ( !bi->bi_access_allowed ) {
+ oi = frontendDB->bd_info->bi_private;
+ } else {
+ oi = op->o_bd->bd_info->bi_private;
+ }
on = oi->oi_list;
for ( ; on; on = on->on_next ) {
return rc;
}
-#endif /* SLAP_OVERLAY_ACCESS */
-enum op_which {
- op_bind = 0,
- op_unbind,
- op_search,
- op_compare,
- op_modify,
- op_modrdn,
- op_add,
- op_delete,
- op_abandon,
- op_cancel,
- op_extended,
- op_aux_operational,
- op_aux_chk_referrals,
- op_aux_chk_controls,
- op_last
-};
+static int
+over_acl_group(
+ Operation *op,
+ Entry *e,
+ struct berval *gr_ndn,
+ struct berval *op_ndn,
+ ObjectClass *group_oc,
+ AttributeDescription *group_at )
+{
+ slap_overinfo *oi;
+ slap_overinst *on;
+ BackendInfo *bi = op->o_bd->bd_info;
+ BackendDB *be = op->o_bd, db;
+ int rc = SLAP_CB_CONTINUE;
+
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( op->o_bd != NULL );
+
+ oi = op->o_bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ for ( ; on; on = on->on_next ) {
+ if ( on->on_bi.bi_acl_group ) {
+ /* NOTE: do not copy the structure until required */
+ if ( !SLAP_ISOVERLAY( op->o_bd ) ) {
+ db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ op->o_bd = &db;
+ }
+
+ op->o_bd->bd_info = (BackendInfo *)on;
+ rc = on->on_bi.bi_acl_group( op, e,
+ gr_ndn, op_ndn, group_oc, group_at );
+ if ( rc != SLAP_CB_CONTINUE ) break;
+ }
+ }
+
+ if ( rc == SLAP_CB_CONTINUE ) {
+ BI_acl_group *bi_acl_group;
+
+ /* if the database structure was changed, o_bd points to a
+ * copy of the structure; put the original bd_info in place */
+ if ( SLAP_ISOVERLAY( op->o_bd ) ) {
+ op->o_bd->bd_info = oi->oi_orig;
+ }
+
+ if ( oi->oi_orig->bi_acl_group ) {
+ bi_acl_group = oi->oi_orig->bi_acl_group;
+ } else {
+ bi_acl_group = backend_group;
+ }
+
+ rc = bi_acl_group( op, e,
+ gr_ndn, op_ndn, group_oc, group_at );
+ }
+ /* should not fall thru this far without anything happening... */
+ if ( rc == SLAP_CB_CONTINUE ) {
+ /* access not allowed */
+ rc = 0;
+ }
+
+ op->o_bd = be;
+ op->o_bd->bd_info = bi;
+
+ return rc;
+}
+
+static int
+over_acl_attribute(
+ Operation *op,
+ Entry *target,
+ struct berval *entry_ndn,
+ AttributeDescription *entry_at,
+ BerVarray *vals,
+ slap_access_t access )
+{
+ slap_overinfo *oi;
+ slap_overinst *on;
+ BackendInfo *bi = op->o_bd->bd_info;
+ BackendDB *be = op->o_bd, db;
+ int rc = SLAP_CB_CONTINUE;
+
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( op->o_bd != NULL );
+
+ oi = op->o_bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ for ( ; on; on = on->on_next ) {
+ if ( on->on_bi.bi_acl_attribute ) {
+ /* NOTE: do not copy the structure until required */
+ if ( !SLAP_ISOVERLAY( op->o_bd ) ) {
+ db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ op->o_bd = &db;
+ }
+
+ op->o_bd->bd_info = (BackendInfo *)on;
+ rc = on->on_bi.bi_acl_attribute( op, target,
+ entry_ndn, entry_at, vals, access );
+ if ( rc != SLAP_CB_CONTINUE ) break;
+ }
+ }
+
+ if ( rc == SLAP_CB_CONTINUE ) {
+ BI_acl_attribute *bi_acl_attribute;
+
+ /* if the database structure was changed, o_bd points to a
+ * copy of the structure; put the original bd_info in place */
+ if ( SLAP_ISOVERLAY( op->o_bd ) ) {
+ op->o_bd->bd_info = oi->oi_orig;
+ }
+
+ if ( oi->oi_orig->bi_acl_attribute ) {
+ bi_acl_attribute = oi->oi_orig->bi_acl_attribute;
+ } else {
+ bi_acl_attribute = backend_attribute;
+ }
+
+ rc = bi_acl_attribute( op, target,
+ entry_ndn, entry_at, vals, access );
+ }
+ /* should not fall thru this far without anything happening... */
+ if ( rc == SLAP_CB_CONTINUE ) {
+ /* access not allowed */
+ rc = 0;
+ }
+
+ op->o_bd = be;
+ op->o_bd->bd_info = bi;
+
+ return rc;
+}
+#endif /* SLAP_OVERLAY_ACCESS */
/*
* default return code in case of missing backend function
* and overlay stack returning SLAP_CB_CONTINUE
*/
-static int op_rc[] = {
+static int op_rc[ op_last ] = {
LDAP_UNWILLING_TO_PERFORM, /* bind */
LDAP_UNWILLING_TO_PERFORM, /* unbind */
LDAP_UNWILLING_TO_PERFORM, /* search */
SLAP_CB_CONTINUE /* aux_chk_controls; pass to frontend */
};
-static int
-over_op_func(
+int overlay_op_walk(
Operation *op,
SlapReply *rs,
- enum op_which which
+ slap_operation_t which,
+ slap_overinfo *oi,
+ slap_overinst *on
)
{
- slap_overinfo *oi;
- slap_overinst *on;
BI_op_bind **func;
- BackendDB *be = op->o_bd, db;
- slap_callback cb = {NULL, over_back_response, NULL, NULL};
int rc = SLAP_CB_CONTINUE;
- /* FIXME: used to happen for instance during abandon
- * when global overlays are used... */
- assert( op->o_bd != NULL );
-
- oi = op->o_bd->bd_info->bi_private;
- on = oi->oi_list;
-
- if ( !SLAP_ISOVERLAY( op->o_bd )) {
- db = *op->o_bd;
- db.be_flags |= SLAP_DBFLAG_OVERLAY;
- op->o_bd = &db;
- }
- cb.sc_next = op->o_callback;
- cb.sc_private = oi;
- op->o_callback = &cb;
-
for (; on; on=on->on_next ) {
func = &on->on_bi.bi_op_bind;
if ( func[which] ) {
*/
if ( rc == LDAP_UNWILLING_TO_PERFORM ) {
slap_callback *sc_next;
- for ( ; op->o_callback && op->o_callback != cb.sc_next;
- op->o_callback = sc_next ) {
+ for ( ; op->o_callback && op->o_callback->sc_response !=
+ over_back_response; op->o_callback = sc_next ) {
sc_next = op->o_callback->sc_next;
if ( op->o_callback->sc_cleanup ) {
op->o_callback->sc_cleanup( op, rs );
}
}
}
+ return rc;
+}
+
+static int
+over_op_func(
+ Operation *op,
+ SlapReply *rs,
+ slap_operation_t which
+)
+{
+ slap_overinfo *oi;
+ slap_overinst *on;
+ BackendDB *be = op->o_bd, db;
+ slap_callback cb = {NULL, over_back_response, NULL, NULL};
+ int rc = SLAP_CB_CONTINUE;
+
+ /* FIXME: used to happen for instance during abandon
+ * when global overlays are used... */
+ assert( op->o_bd != NULL );
+
+ oi = op->o_bd->bd_info->bi_private;
+ on = oi->oi_list;
+
+ if ( !SLAP_ISOVERLAY( op->o_bd )) {
+ db = *op->o_bd;
+ db.be_flags |= SLAP_DBFLAG_OVERLAY;
+ op->o_bd = &db;
+ }
+ cb.sc_next = op->o_callback;
+ cb.sc_private = oi;
+ op->o_callback = &cb;
+
+ rc = overlay_op_walk( op, rs, which, oi, on );
+
op->o_bd = be;
op->o_callback = cb.sc_next;
return rc;
enum conn_which {
conn_init = 0,
- conn_destroy
+ conn_destroy,
+ conn_last
};
static int
slap_overinst *on
)
{
+ slap_overinst *tmp;
+
+ /* FIXME: check for duplicates? */
+ for ( tmp = overlays; tmp != NULL; tmp = tmp->on_next ) {
+ if ( strcmp( on->on_bi.bi_type, tmp->on_bi.bi_type ) == 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "overlay_register(\"%s\"): "
+ "name already in use.\n",
+ on->on_bi.bi_type, 0, 0 );
+ return -1;
+ }
+
+ if ( on->on_bi.bi_obsolete_names != NULL ) {
+ int i;
+
+ for ( i = 0; on->on_bi.bi_obsolete_names[ i ] != NULL; i++ ) {
+ if ( strcmp( on->on_bi.bi_obsolete_names[ i ], tmp->on_bi.bi_type ) == 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "overlay_register(\"%s\"): "
+ "obsolete name \"%s\" already in use "
+ "by overlay \"%s\".\n",
+ on->on_bi.bi_type,
+ on->on_bi.bi_obsolete_names[ i ],
+ tmp->on_bi.bi_type );
+ return -1;
+ }
+ }
+ }
+
+ if ( tmp->on_bi.bi_obsolete_names != NULL ) {
+ int i;
+
+ for ( i = 0; tmp->on_bi.bi_obsolete_names[ i ] != NULL; i++ ) {
+ int j;
+
+ if ( strcmp( on->on_bi.bi_type, tmp->on_bi.bi_obsolete_names[ i ] ) == 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "overlay_register(\"%s\"): "
+ "name already in use "
+ "as obsolete by overlay \"%s\".\n",
+ on->on_bi.bi_type,
+ tmp->on_bi.bi_obsolete_names[ i ], 0 );
+ return -1;
+ }
+
+ if ( on->on_bi.bi_obsolete_names != NULL ) {
+ for ( j = 0; on->on_bi.bi_obsolete_names[ j ] != NULL; j++ ) {
+ if ( strcmp( on->on_bi.bi_obsolete_names[ j ], tmp->on_bi.bi_obsolete_names[ i ] ) == 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "overlay_register(\"%s\"): "
+ "obsolete name \"%s\" already in use "
+ "as obsolete by overlay \"%s\".\n",
+ on->on_bi.bi_type,
+ on->on_bi.bi_obsolete_names[ j ],
+ tmp->on_bi.bi_type );
+ return -1;
+ }
+ }
+ }
+ }
+ }
+ }
+
on->on_next = overlays;
overlays = on;
return 0;
/*
* iterator on registered overlays; overlay_next( NULL ) returns the first
- * overlay; * subsequent calls with the previously returned value allow to
- * iterate * over the entire list; returns NULL when no more overlays are
+ * overlay; subsequent calls with the previously returned value allow to
+ * iterate over the entire list; returns NULL when no more overlays are
* registered.
*/
for ( ; on; on = on->on_next ) {
if ( strcmp( on->on_bi.bi_type, over_type ) == 0 ) {
- break;
+ goto foundit;
+ }
+
+ if ( on->on_bi.bi_obsolete_names != NULL ) {
+ int i;
+
+ for ( i = 0; on->on_bi.bi_obsolete_names[ i ] != NULL; i++ ) {
+ if ( strcmp( on->on_bi.bi_obsolete_names[ i ], over_type ) == 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "overlay_find(\"%s\"): "
+ "obsolete name for \"%s\".\n",
+ on->on_bi.bi_obsolete_names[ i ],
+ on->on_bi.bi_type, 0 );
+ goto foundit;
+ }
+ }
}
}
+foundit:;
return on;
}
int
overlay_register_control( BackendDB *be, const char *oid )
{
- int rc = 0;
int gotit = 0;
int cid;
return -1;
}
- if ( SLAP_DBFLAGS( be ) & SLAP_DBFLAG_GLOBAL_OVERLAY ) {
+ if ( SLAP_ISGLOBALOVERLAY( be ) ) {
BackendDB *bd;
/* add to all backends... */
}
- if ( rc == 0 && !gotit ) {
+ if ( !gotit ) {
be->be_ctrls[ cid ] = 1;
be->be_ctrls[ SLAP_MAX_CIDS ] = 1;
}
- return rc;
+ return 0;
}
void
oi = ch_malloc( sizeof( slap_overinfo ) );
oi->oi_orig = be->bd_info;
oi->oi_bi = *be->bd_info;
+ oi->oi_origdb = be;
/* NOTE: the first time a global overlay is configured,
* frontendDB gets this flag; it is used later by overlays
bi->bi_chk_controls = over_aux_chk_controls;
#ifdef SLAP_OVERLAY_ACCESS
- /* this has a specific arglist */
+ /* these have specific arglists */
bi->bi_access_allowed = over_access_allowed;
+ bi->bi_acl_group = over_acl_group;
+ bi->bi_acl_attribute = over_acl_attribute;
#endif /* SLAP_OVERLAY_ACCESS */
bi->bi_connection_init = over_connection_init;
projects / openldap / blobdiff