/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2005-2009 The OpenLDAP Foundation.
+ * Copyright 2005-2011 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#include <ac/ctype.h>
#include <ac/errno.h>
#include <sys/stat.h>
+#include <ac/unistd.h>
#include "slap.h"
static ConfigDriver config_overlay;
static ConfigDriver config_subordinate;
static ConfigDriver config_suffix;
+#ifdef LDAP_TCP_BUFFER
+static ConfigDriver config_tcp_buffer;
+#endif /* LDAP_TCP_BUFFER */
static ConfigDriver config_rootdn;
static ConfigDriver config_rootpw;
static ConfigDriver config_restrict;
static ConfigDriver config_loglevel;
static ConfigDriver config_updatedn;
static ConfigDriver config_updateref;
+static ConfigDriver config_extra_attrs;
static ConfigDriver config_include;
static ConfigDriver config_obsolete;
#ifdef HAVE_TLS
CFG_LASTMOD,
CFG_AZPOLICY,
CFG_AZREGEXP,
+ CFG_AZDUC,
+ CFG_AZDUC_IGNORE,
CFG_SASLSECP,
CFG_SSTR_IF_MAX,
CFG_SSTR_IF_MIN,
CFG_IX_INTLEN,
CFG_SYNTAX,
CFG_ACL_ADD,
+ CFG_SYNC_SUBENTRY,
+ CFG_LTHREADS,
CFG_LAST
};
* OLcfg{Bk|Db}{Oc|At}:3 -> back-ldap
* OLcfg{Bk|Db}{Oc|At}:4 -> back-monitor
* OLcfg{Bk|Db}{Oc|At}:5 -> back-relay
- * OLcfg{Bk|Db}{Oc|At}:6 -> back-sql
+ * OLcfg{Bk|Db}{Oc|At}:6 -> back-sql(/back-ndb)
* OLcfg{Bk|Db}{Oc|At}:7 -> back-sock
+ * OLcfg{Bk|Db}{Oc|At}:8 -> back-null
+ * OLcfg{Bk|Db}{Oc|At}:9 -> back-passwd
+ * OLcfg{Bk|Db}{Oc|At}:10 -> back-shell
+ * OLcfg{Bk|Db}{Oc|At}:11 -> back-perl
*/
/*
* OLcfgOv{Oc|At}:18 -> memberof
* OLcfgOv{Oc|At}:19 -> collect
* OLcfgOv{Oc|At}:20 -> retcode
+ * OLcfgOv{Oc|At}:21 -> sssvlv
*/
/* alphabetical ordering */
&config_generic, "( OLcfgGlAt:4 NAME 'olcAttributeTypes' "
"DESC 'OpenLDAP attributeTypes' "
"EQUALITY caseIgnoreMatch "
+ "SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "authid-rewrite", NULL, 2, 0, STRLENOF( "authid-rewrite" ),
&config_generic, "( OLcfgGlAt:16 NAME 'olcDitContentRules' "
"DESC 'OpenLDAP DIT content rules' "
"EQUALITY caseIgnoreMatch "
+ "SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
+ { "extra_attrs", "attrlist", 2, 2, 0, ARG_DB|ARG_MAGIC,
+ &config_extra_attrs, "( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
{ "gentlehup", "on|off", 2, 2, 0,
#ifdef SIGHUP
ARG_ON_OFF, &global_gentlehup,
{ "include", "file", 2, 2, 0, ARG_MAGIC,
&config_include, "( OLcfgGlAt:19 NAME 'olcInclude' "
"SUP labeledURI )", NULL, NULL },
- { "index_substr_if_minlen", "min", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MIN,
+ { "index_substr_if_minlen", "min", 2, 2, 0, ARG_UINT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MIN,
&config_generic, "( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "index_substr_if_maxlen", "max", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MAX,
+ { "index_substr_if_maxlen", "max", 2, 2, 0, ARG_UINT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MAX,
&config_generic, "( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "index_substr_any_len", "len", 2, 2, 0, ARG_INT|ARG_NONZERO,
&config_generic, "( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' "
"DESC 'OpenLDAP ldapSyntax' "
"EQUALITY caseIgnoreMatch "
+ "SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "limits", "limits", 2, 0, 0, ARG_DB|ARG_MAGIC|CFG_LIMITS,
&config_generic, "( OLcfgDbAt:0.5 NAME 'olcLimits' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
+ { "listener-threads", "count", 2, 0, 0,
+#ifdef NO_THREADS
+ ARG_IGNORED, NULL,
+#else
+ ARG_UINT|ARG_MAGIC|CFG_LTHREADS, &config_generic,
+#endif
+ "( OLcfgGlAt:93 NAME 'olcListenerThreads' "
+ "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "localSSF", "ssf", 2, 2, 0, ARG_INT,
&local_ssf, "( OLcfgGlAt:26 NAME 'olcLocalSSF' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
&config_generic, "( OLcfgGlAt:32 NAME 'olcObjectClasses' "
"DESC 'OpenLDAP object classes' "
"EQUALITY caseIgnoreMatch "
+ "SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "objectidentifier", "name> <oid", 3, 3, 0, ARG_MAGIC|CFG_OID,
&config_generic, "( OLcfgGlAt:33 NAME 'olcObjectIdentifier' "
"EQUALITY caseIgnoreMatch "
+ "SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
{ "overlay", "overlay", 2, 2, 0, ARG_MAGIC,
&config_overlay, "( OLcfgGlAt:34 NAME 'olcOverlay' "
#endif
"( OLcfgGlAt:89 NAME 'olcSaslAuxprops' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
+ { "sasl-auxprops-dontusecopy", NULL, 2, 0, 0,
+#if defined(HAVE_CYRUS_SASL) && defined(SLAP_AUXPROP_DONTUSECOPY)
+ ARG_MAGIC|CFG_AZDUC, &config_generic,
+#else
+ ARG_IGNORED, NULL,
+#endif
+ "( OLcfgGlAt:91 NAME 'olcSaslAuxpropsDontUseCopy' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
+ { "sasl-auxprops-dontusecopy-ignore", "true|FALSE", 2, 0, 0,
+#if defined(HAVE_CYRUS_SASL) && defined(SLAP_AUXPROP_DONTUSECOPY)
+ ARG_ON_OFF|CFG_AZDUC_IGNORE, &slap_dontUseCopy_ignore,
+#else
+ ARG_IGNORED, NULL,
+#endif
+ "( OLcfgGlAt:92 NAME 'olcSaslAuxpropsDontUseCopyIgnore' "
+ "EQUALITY booleanMatch "
+ "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
{ "sasl-host", "host", 2, 2, 0,
#ifdef HAVE_CYRUS_SASL
ARG_STRING|ARG_UNIQUE, &sasl_host,
&config_suffix, "( OLcfgDbAt:0.10 NAME 'olcSuffix' "
"EQUALITY distinguishedNameMatch "
"SYNTAX OMsDN )", NULL, NULL },
+ { "sync_use_subentry", NULL, 0, 0, 0, ARG_ON_OFF|ARG_DB|ARG_MAGIC|CFG_SYNC_SUBENTRY,
+ &config_generic, "( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' "
+ "DESC 'Store sync context in a subentry' "
+ "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
{ "syncrepl", NULL, 0, 0, 0, ARG_DB|ARG_MAGIC,
&syncrepl_config, "( OLcfgDbAt:0.11 NAME 'olcSyncrepl' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
+ { "tcp-buffer", "[listener=<listener>] [{read|write}=]size", 0, 0, 0,
+#ifndef LDAP_TCP_BUFFER
+ ARG_IGNORED, NULL,
+#else /* LDAP_TCP_BUFFER */
+ ARG_MAGIC, &config_tcp_buffer,
+#endif /* LDAP_TCP_BUFFER */
+ "( OLcfgGlAt:90 NAME 'olcTCPBuffer' "
+ "DESC 'Custom TCP buffer size' "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
{ "threads", "count", 2, 2, 0,
#ifdef NO_THREADS
ARG_IGNORED, NULL,
"olcPluginLogFile $ olcReadOnly $ olcReferral $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
"olcRootDSE $ "
- "olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
+ "olcSaslAuxprops $ olcSaslAuxpropsDontUseCopy $ olcSaslAuxpropsDontUseCopyIgnore $ "
+ "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSecurity $ olcServerID $ olcSizeLimit $ "
"olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ "
+ "olcTCPBuffer $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
"olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
"olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ "
"olcReplicaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ "
- "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncrepl $ "
+ "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ "
"olcTimeLimit $ olcUpdateDN $ olcUpdateRef $ olcMirrorMode $ "
- "olcMonitoring ) )",
+ "olcMonitoring $ olcExtraAttrs ) )",
Cft_Database, NULL, cfAddDatabase },
{ "( OLcfgGlOc:5 "
"NAME 'olcOverlayConfig' "
case CFG_TTHREADS:
c->value_int = slap_tool_thread_max;
break;
+ case CFG_LTHREADS:
+ c->value_uint = slapd_daemon_threads;
+ break;
case CFG_SALT:
if ( passwd_salt )
c->value_string = ch_strdup( passwd_salt );
if ( !c->rvalue_vals ) rc = 1;
break;
#ifdef HAVE_CYRUS_SASL
+#ifdef SLAP_AUXPROP_DONTUSECOPY
+ case CFG_AZDUC: {
+ static int duc_done = 0;
+
+ /* take the opportunity to initialize with known values */
+ if ( !duc_done ) {
+ struct berval duc[] = { BER_BVC("cmusaslsecretOTP"), BER_BVNULL };
+ int i;
+
+ for ( i = 0; !BER_BVISNULL( &duc[ i ] ); i++ ) {
+ const char *text = NULL;
+ AttributeDescription *ad = NULL;
+
+ if ( slap_bv2ad( &duc[ i ], &ad, &text ) == LDAP_SUCCESS ) {
+ int gotit = 0;
+ if ( slap_dontUseCopy_propnames ) {
+ int j;
+
+ for ( j = 0; !BER_BVISNULL( &slap_dontUseCopy_propnames[ j ] ); j++ ) {
+ if ( bvmatch( &slap_dontUseCopy_propnames[ j ], &ad->ad_cname ) ) {
+ gotit = 1;
+ }
+ }
+ }
+
+ if ( !gotit ) {
+ value_add_one( &slap_dontUseCopy_propnames, &ad->ad_cname );
+ }
+ }
+ }
+
+ duc_done = 1;
+ }
+
+ if ( slap_dontUseCopy_propnames != NULL ) {
+ ber_bvarray_dup_x( &c->rvalue_vals, slap_dontUseCopy_propnames, NULL );
+ } else {
+ rc = 1;
+ }
+ } break;
+#endif /* SLAP_AUXPROP_DONTUSECOPY */
case CFG_SASLSECP: {
struct berval bv = BER_BVNULL;
slap_sasl_secprops_unparse( &bv );
case CFG_LASTMOD:
c->value_int = (SLAP_NOLASTMOD(c->be) == 0);
break;
+ case CFG_SYNC_SUBENTRY:
+ c->value_int = (SLAP_SYNC_SUBENTRY(c->be) != 0);
+ break;
case CFG_MIRRORMODE:
if ( SLAP_SHADOW(c->be))
c->value_int = (SLAP_SINGLE_SHADOW(c->be) == 0);
c->value_int = (SLAP_DBMONITORING(c->be) != 0);
break;
case CFG_SSTR_IF_MAX:
- c->value_int = index_substr_if_maxlen;
+ c->value_uint = index_substr_if_maxlen;
break;
case CFG_SSTR_IF_MIN:
- c->value_int = index_substr_if_minlen;
+ c->value_uint = index_substr_if_minlen;
break;
case CFG_IX_INTLEN:
c->value_int = index_intlen;
case CFG_CONCUR:
case CFG_THREADS:
case CFG_TTHREADS:
+ case CFG_LTHREADS:
case CFG_RO:
case CFG_AZPOLICY:
case CFG_DEPTH:
case CFG_SSTR_IF_MAX:
case CFG_SSTR_IF_MIN:
case CFG_ACL_ADD:
+ case CFG_SYNC_SUBENTRY:
break;
/* no-ops, requires slapd restart */
snprintf(c->log, sizeof( c->log ), "change requires slapd restart");
break;
+#if defined(HAVE_CYRUS_SASL) && defined(SLAP_AUXPROP_DONTUSECOPY)
+ case CFG_AZDUC:
+ if ( c->valx < 0 ) {
+ if ( slap_dontUseCopy_propnames != NULL ) {
+ ber_bvarray_free( slap_dontUseCopy_propnames );
+ slap_dontUseCopy_propnames = NULL;
+ }
+
+ } else {
+ int i;
+
+ if ( slap_dontUseCopy_propnames == NULL ) {
+ rc = 1;
+ break;
+ }
+
+ for ( i = 0; !BER_BVISNULL( &slap_dontUseCopy_propnames[ i ] ) && i < c->valx; i++ );
+ if ( i < c->valx ) {
+ rc = 1;
+ break;
+ }
+ ber_memfree( slap_dontUseCopy_propnames[ i ].bv_val );
+ for ( ; !BER_BVISNULL( &slap_dontUseCopy_propnames[ i + 1 ] ); i++ ) {
+ slap_dontUseCopy_propnames[ i ] = slap_dontUseCopy_propnames[ i + 1 ];
+ }
+ BER_BVZERO( &slap_dontUseCopy_propnames[ i ] );
+ }
+ break;
+#endif /* SLAP_AUXPROP_DONTUSECOPY */
case CFG_SALT:
ch_free( passwd_salt );
passwd_salt = NULL;
slap_tool_thread_max = c->value_int; /* save for reference */
break;
+ case CFG_LTHREADS:
+ { int mask = 0;
+ /* use a power of two */
+ while (c->value_uint > 1) {
+ c->value_uint >>= 1;
+ mask <<= 1;
+ mask |= 1;
+ }
+ slapd_daemon_mask = mask;
+ slapd_daemon_threads = mask+1;
+ }
+ break;
+
case CFG_SALT:
if ( passwd_salt ) ch_free( passwd_salt );
passwd_salt = c->value_string;
break;
#ifdef HAVE_CYRUS_SASL
+#ifdef SLAP_AUXPROP_DONTUSECOPY
+ case CFG_AZDUC: {
+ int arg, cnt;
+
+ for ( arg = 1; arg < c->argc; arg++ ) {
+ int duplicate = 0, err;
+ AttributeDescription *ad = NULL;
+ const char *text = NULL;
+
+ err = slap_str2ad( c->argv[ arg ], &ad, &text );
+ if ( err != LDAP_SUCCESS ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s>: attr #%d (\"%s\") unknown (err=%d \"%s\"; ignored)",
+ c->argv[0], arg, c->argv[ arg ], err, text );
+ Debug(LDAP_DEBUG_ANY, "%s: %s\n",
+ c->log, c->cr_msg, 0 );
+
+ } else {
+ if ( slap_dontUseCopy_propnames != NULL ) {
+ for ( cnt = 0; !BER_BVISNULL( &slap_dontUseCopy_propnames[ cnt ] ); cnt++ ) {
+ if ( bvmatch( &slap_dontUseCopy_propnames[ cnt ], &ad->ad_cname ) ) {
+ duplicate = 1;
+ break;
+ }
+ }
+ }
+
+ if ( duplicate ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s>: attr #%d (\"%s\") already defined (ignored)",
+ c->argv[0], arg, ad->ad_cname.bv_val);
+ Debug(LDAP_DEBUG_ANY, "%s: %s\n",
+ c->log, c->cr_msg, 0 );
+ continue;
+ }
+
+ value_add_one( &slap_dontUseCopy_propnames, &ad->ad_cname );
+ }
+ }
+
+ } break;
+#endif /* SLAP_AUXPROP_DONTUSECOPY */
+
case CFG_SASLSECP:
{
char *txt = slap_sasl_secprops( c->argv[1] );
int i;
for (i=0, oc = cfn->c_oc_head; i<c->valx; i++) {
prev = oc;
- oc_next( &oc );
+ if ( !oc_next( &oc ))
+ break;
}
} else
/* If adding the first, and head exists, find its prev */
int i;
for (i=0, at = cfn->c_at_head; i<c->valx; i++) {
prev = at;
- at_next( &at );
+ if ( !at_next( &at ))
+ break;
}
} else
/* If adding the first, and head exists, find its prev */
int i;
for ( i = 0, syn = cfn->c_syn_head; i < c->valx; i++ ) {
prev = syn;
- syn_next( &syn );
+ if ( !syn_next( &syn ))
+ break;
}
} else
/* If adding the first, and head exists, find its prev */
ServerID *si, **sip;
LDAPURLDesc *lud;
int num;
- if ( lutil_atoi( &num, c->argv[1] ) ||
+ if (( lutil_atoi( &num, c->argv[1] ) &&
+ lutil_atoix( &num, c->argv[1], 16 )) ||
num < 0 || num > SLAP_SYNC_SID_MAX )
{
snprintf( c->cr_msg, sizeof( c->cr_msg ),
BER_BVZERO( &si->si_url );
slap_serverID = num;
Debug( LDAP_DEBUG_CONFIG,
- "%s: SID=%d\n",
+ "%s: SID=0x%03x\n",
c->log, slap_serverID, 0 );
}
si->si_next = NULL;
*sip = si;
if (( slapMode & SLAP_SERVER_MODE ) && c->argc > 2 ) {
- Listener **l = slapd_get_listeners();
- int i, isMe = 0;
-
- /* Try a straight compare with Listener strings */
- for ( i=0; l && l[i]; i++ ) {
- if ( !strcasecmp( c->argv[2], l[i]->sl_url.bv_val )) {
- isMe = 1;
- break;
- }
- }
-
- /* If hostname is empty, or is localhost, or matches
- * our hostname, this serverID refers to this host.
- * Compare it against listeners and ports.
- */
- if ( !isMe && ( !lud->lud_host || !lud->lud_host[0] ||
- !strncasecmp("localhost", lud->lud_host,
- STRLENOF("localhost")) ||
- !strcasecmp( global_host, lud->lud_host ))) {
-
- for ( i=0; l && l[i]; i++ ) {
- LDAPURLDesc *lu2;
- ldap_url_parse( l[i]->sl_url.bv_val, &lu2 );
- do {
- if ( strcasecmp( lud->lud_scheme,
- lu2->lud_scheme ))
- break;
- if ( lud->lud_port != lu2->lud_port )
- break;
- /* Listener on ANY address */
- if ( !lu2->lud_host || !lu2->lud_host[0] ) {
- isMe = 1;
- break;
- }
- /* URL on ANY address */
- if ( !lud->lud_host || !lud->lud_host[0] ) {
- isMe = 1;
- break;
- }
- /* Listener has specific host, must
- * match it
- */
- if ( !strcasecmp( lud->lud_host,
- lu2->lud_host )) {
- isMe = 1;
- break;
- }
- } while(0);
- ldap_free_urldesc( lu2 );
- if ( isMe ) {
- break;
- }
- }
- }
- if ( isMe ) {
+ Listener *l = config_check_my_url( c->argv[2], lud );
+ if ( l ) {
slap_serverID = si->si_num;
Debug( LDAP_DEBUG_CONFIG,
- "%s: SID=%d (listener=%s)\n",
+ "%s: SID=0x%03x (listener=%s)\n",
c->log, slap_serverID,
- l[i]->sl_url.bv_val );
+ l->sl_url.bv_val );
}
}
if ( c->argc > 2 )
break;
case CFG_MIRRORMODE:
- if(!SLAP_SHADOW(c->be)) {
+ if(c->value_int && !SLAP_SHADOW(c->be)) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> database is not a shadow",
c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s\n",
SLAP_DBFLAGS(c->be) &= ~SLAP_DBFLAG_HIDDEN;
break;
+ case CFG_SYNC_SUBENTRY:
+ if (c->value_int)
+ SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_SYNC_SUBENTRY;
+ else
+ SLAP_DBFLAGS(c->be) &= ~SLAP_DBFLAG_SYNC_SUBENTRY;
+ break;
+
case CFG_SSTR_IF_MAX:
- if (c->value_int < index_substr_if_minlen) {
+ if (c->value_uint < index_substr_if_minlen) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid value", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s (%d)\n",
c->log, c->cr_msg, c->value_int );
return(1);
}
- index_substr_if_maxlen = c->value_int;
+ index_substr_if_maxlen = c->value_uint;
break;
case CFG_SSTR_IF_MIN:
- if (c->value_int > index_substr_if_maxlen) {
+ if (c->value_uint > index_substr_if_maxlen) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid value", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s (%d)\n",
c->log, c->cr_msg, c->value_int );
return(1);
}
- index_substr_if_minlen = c->value_int;
+ index_substr_if_minlen = c->value_uint;
break;
#ifdef SLAPD_MODULES
case CFG_REWRITE: {
struct berval bv;
char *line;
-
+ int rc = 0;
+
+ if ( c->op == LDAP_MOD_ADD ) {
+ c->argv++;
+ c->argc--;
+ }
if(slap_sasl_rewrite_config(c->fname, c->lineno, c->argc, c->argv))
- return(1);
+ rc = 1;
+ if ( rc == 0 ) {
- if ( c->argc > 1 ) {
- char *s;
+ if ( c->argc > 1 ) {
+ char *s;
- /* quote all args but the first */
- line = ldap_charray2str( c->argv, "\" \"" );
- ber_str2bv( line, 0, 0, &bv );
- s = ber_bvchr( &bv, '"' );
- assert( s != NULL );
- /* move the trailing quote of argv[0] to the end */
- AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
- bv.bv_val[ bv.bv_len - 1 ] = '"';
+ /* quote all args but the first */
+ line = ldap_charray2str( c->argv, "\" \"" );
+ ber_str2bv( line, 0, 0, &bv );
+ s = ber_bvchr( &bv, '"' );
+ assert( s != NULL );
+ /* move the trailing quote of argv[0] to the end */
+ AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
+ bv.bv_val[ bv.bv_len - 1 ] = '"';
- } else {
- ber_str2bv( c->argv[ 0 ], 0, 1, &bv );
+ } else {
+ ber_str2bv( c->argv[ 0 ], 0, 1, &bv );
+ }
+
+ ber_bvarray_add( &authz_rewrites, &bv );
}
-
- ber_bvarray_add( &authz_rewrites, &bv );
+ if ( c->op == LDAP_MOD_ADD ) {
+ c->argv--;
+ c->argc++;
+ }
+ return rc;
}
- break;
#endif
rc = 1;
return rc;
} else if ( c->op == LDAP_MOD_DELETE ) {
- /* Reset to defaults */
- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
- lim->lms_s_hard = 0;
- lim->lms_s_unchecked = -1;
- lim->lms_s_pr = 0;
- lim->lms_s_pr_hide = 0;
- lim->lms_s_pr_total = 0;
- return 0;
+ /* Reset to defaults or values from frontend */
+ if ( c->be == frontendDB ) {
+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
+ lim->lms_s_hard = 0;
+ lim->lms_s_unchecked = -1;
+ lim->lms_s_pr = 0;
+ lim->lms_s_pr_hide = 0;
+ lim->lms_s_pr_total = 0;
+ } else {
+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft;
+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard;
+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked;
+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr;
+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide;
+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total;
+ }
+ goto ok;
}
for(i = 1; i < c->argc; i++) {
if(!strncasecmp(c->argv[i], "size", 4)) {
lim->lms_s_hard = 0;
}
}
+
+ok:
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
+ /* This is a modification to the global limits apply it to
+ * the other databases as needed */
+ AttributeDescription *ad=NULL;
+ const char *text = NULL;
+ CfEntryInfo *ce = c->ca_entry->e_private;
+
+ slap_str2ad(c->argv[0], &ad, &text);
+ /* if we got here... */
+ assert( ad != NULL );
+
+ if ( ce->ce_type == Cft_Global ){
+ ce = ce->ce_kids;
+ }
+ for (; ce; ce=ce->ce_sibs) {
+ Entry *dbe = ce->ce_entry;
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
+ && (!attr_find(dbe->e_attrs, ad)) ) {
+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft;
+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard;
+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked;
+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr;
+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide;
+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total;
+ }
+ }
+ }
return(0);
}
rc = 1;
return rc;
} else if ( c->op == LDAP_MOD_DELETE ) {
- /* Reset to defaults */
- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
- lim->lms_t_hard = 0;
- return 0;
+ /* Reset to defaults or values from frontend */
+ if ( c->be == frontendDB ) {
+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
+ lim->lms_t_hard = 0;
+ } else {
+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft;
+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard;
+ }
+ goto ok;
}
for(i = 1; i < c->argc; i++) {
if(!strncasecmp(c->argv[i], "time", 4)) {
lim->lms_t_hard = 0;
}
}
+
+ok:
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
+ /* This is a modification to the global limits apply it to
+ * the other databases as needed */
+ AttributeDescription *ad=NULL;
+ const char *text = NULL;
+ CfEntryInfo *ce = c->ca_entry->e_private;
+
+ slap_str2ad(c->argv[0], &ad, &text);
+ /* if we got here... */
+ assert( ad != NULL );
+
+ if ( ce->ce_type == Cft_Global ){
+ ce = ce->ce_kids;
+ }
+ for (; ce; ce=ce->ce_sibs) {
+ Entry *dbe = ce->ce_entry;
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
+ && (!attr_find(dbe->e_attrs, ad)) ) {
+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft;
+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard;
+ }
+ }
+ }
return(0);
}
config_subordinate(ConfigArgs *c)
{
int rc = 1;
- int advertise;
+ int advertise = 0;
switch( c->op ) {
case SLAP_CONFIG_EMIT:
break;
case LDAP_MOD_ADD:
case SLAP_CONFIG_ADD:
- advertise = ( c->argc == 2 && !strcasecmp( c->argv[1], "advertise" ));
+ if ( c->be->be_nsuffix == NULL ) {
+ /* log error */
+ snprintf( c->cr_msg, sizeof( c->cr_msg),
+ "subordinate configuration needs a suffix" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: %s.\n",
+ c->log, c->cr_msg, 0 );
+ rc = 1;
+ break;
+ }
+
+ if ( c->argc == 2 ) {
+ if ( strcasecmp( c->argv[1], "advertise" ) == 0 ) {
+ advertise = 1;
+
+ } else if ( strcasecmp( c->argv[1], "TRUE" ) != 0 ) {
+ /* log error */
+ snprintf( c->cr_msg, sizeof( c->cr_msg),
+ "subordinate must be \"TRUE\" or \"advertise\"" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: suffix \"%s\": %s.\n",
+ c->log, c->be->be_suffix[0].bv_val, c->cr_msg );
+ rc = 1;
+ break;
+ }
+ }
+
rc = glue_sub_add( c->be, advertise, CONFIG_ONLINE_ADD( c ));
break;
}
+
+ return rc;
+}
+
+/*
+ * [listener=<listener>] [{read|write}=]<size>
+ */
+
+#ifdef LDAP_TCP_BUFFER
+static BerVarray tcp_buffer;
+int tcp_buffer_num;
+
+#define SLAP_TCP_RMEM (0x1U)
+#define SLAP_TCP_WMEM (0x2U)
+
+static int
+tcp_buffer_parse( struct berval *val, int argc, char **argv,
+ int *size, int *rw, Listener **l )
+{
+ int i, rc = LDAP_SUCCESS;
+ LDAPURLDesc *lud = NULL;
+ char *ptr;
+
+ if ( val != NULL && argv == NULL ) {
+ char *s = val->bv_val;
+
+ argv = ldap_str2charray( s, " \t" );
+ if ( argv == NULL ) {
+ return LDAP_OTHER;
+ }
+ }
+
+ i = 0;
+ if ( strncasecmp( argv[ i ], "listener=", STRLENOF( "listener=" ) )
+ == 0 )
+ {
+ char *url = argv[ i ] + STRLENOF( "listener=" );
+
+ if ( ldap_url_parse( url, &lud ) ) {
+ rc = LDAP_INVALID_SYNTAX;
+ goto done;
+ }
+
+ *l = config_check_my_url( url, lud );
+ if ( *l == NULL ) {
+ rc = LDAP_NO_SUCH_ATTRIBUTE;
+ goto done;
+ }
+
+ i++;
+ }
+
+ ptr = argv[ i ];
+ if ( strncasecmp( ptr, "read=", STRLENOF( "read=" ) ) == 0 ) {
+ *rw |= SLAP_TCP_RMEM;
+ ptr += STRLENOF( "read=" );
+
+ } else if ( strncasecmp( ptr, "write=", STRLENOF( "write=" ) ) == 0 ) {
+ *rw |= SLAP_TCP_WMEM;
+ ptr += STRLENOF( "write=" );
+
+ } else {
+ *rw |= ( SLAP_TCP_RMEM | SLAP_TCP_WMEM );
+ }
+
+ /* accept any base */
+ if ( lutil_atoix( size, ptr, 0 ) ) {
+ rc = LDAP_INVALID_SYNTAX;
+ goto done;
+ }
+
+done:;
+ if ( val != NULL && argv != NULL ) {
+ ldap_charray_free( argv );
+ }
+
+ if ( lud != NULL ) {
+ ldap_free_urldesc( lud );
+ }
+
+ return rc;
+}
+
+static int
+tcp_buffer_delete_one( struct berval *val )
+{
+ int rc = 0;
+ int size = -1, rw = 0;
+ Listener *l = NULL;
+
+ rc = tcp_buffer_parse( val, 0, NULL, &size, &rw, &l );
+ if ( rc != 0 ) {
+ return rc;
+ }
+
+ if ( l != NULL ) {
+ int i;
+ Listener **ll = slapd_get_listeners();
+
+ for ( i = 0; ll[ i ] != NULL; i++ ) {
+ if ( ll[ i ] == l ) break;
+ }
+
+ if ( ll[ i ] == NULL ) {
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
+
+ if ( rw & SLAP_TCP_RMEM ) l->sl_tcp_rmem = -1;
+ if ( rw & SLAP_TCP_WMEM ) l->sl_tcp_wmem = -1;
+
+ for ( i++ ; ll[ i ] != NULL && bvmatch( &l->sl_url, &ll[ i ]->sl_url ); i++ ) {
+ if ( rw & SLAP_TCP_RMEM ) ll[ i ]->sl_tcp_rmem = -1;
+ if ( rw & SLAP_TCP_WMEM ) ll[ i ]->sl_tcp_wmem = -1;
+ }
+
+ } else {
+ /* NOTE: this affects listeners without a specific setting,
+ * does not reset all listeners. If a listener without
+ * specific settings was assigned a buffer because of
+ * a global setting, it will not be reset. In any case,
+ * buffer changes will only take place at restart. */
+ if ( rw & SLAP_TCP_RMEM ) slapd_tcp_rmem = -1;
+ if ( rw & SLAP_TCP_WMEM ) slapd_tcp_wmem = -1;
+ }
+
return rc;
}
+static int
+tcp_buffer_delete( BerVarray vals )
+{
+ int i;
+
+ for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
+ tcp_buffer_delete_one( &vals[ i ] );
+ }
+
+ return 0;
+}
+
+static int
+tcp_buffer_unparse( int size, int rw, Listener *l, struct berval *val )
+{
+ char buf[sizeof("2147483648")], *ptr;
+
+ /* unparse for later use */
+ val->bv_len = snprintf( buf, sizeof( buf ), "%d", size );
+ if ( l != NULL ) {
+ val->bv_len += STRLENOF( "listener=" " " ) + l->sl_url.bv_len;
+ }
+
+ if ( rw != ( SLAP_TCP_RMEM | SLAP_TCP_WMEM ) ) {
+ if ( rw & SLAP_TCP_RMEM ) {
+ val->bv_len += STRLENOF( "read=" );
+ } else if ( rw & SLAP_TCP_WMEM ) {
+ val->bv_len += STRLENOF( "write=" );
+ }
+ }
+
+ val->bv_val = SLAP_MALLOC( val->bv_len + 1 );
+
+ ptr = val->bv_val;
+
+ if ( l != NULL ) {
+ ptr = lutil_strcopy( ptr, "listener=" );
+ ptr = lutil_strncopy( ptr, l->sl_url.bv_val, l->sl_url.bv_len );
+ *ptr++ = ' ';
+ }
+
+ if ( rw != ( SLAP_TCP_RMEM | SLAP_TCP_WMEM ) ) {
+ if ( rw & SLAP_TCP_RMEM ) {
+ ptr = lutil_strcopy( ptr, "read=" );
+ } else if ( rw & SLAP_TCP_WMEM ) {
+ ptr = lutil_strcopy( ptr, "write=" );
+ }
+ }
+
+ ptr = lutil_strcopy( ptr, buf );
+ *ptr = '\0';
+
+ assert( val->bv_val + val->bv_len == ptr );
+
+ return LDAP_SUCCESS;
+}
+
+static int
+tcp_buffer_add_one( int argc, char **argv )
+{
+ int rc = 0;
+ int size = -1, rw = 0;
+ Listener *l = NULL;
+
+ struct berval val;
+
+ /* parse */
+ rc = tcp_buffer_parse( NULL, argc, argv, &size, &rw, &l );
+ if ( rc != 0 ) {
+ return rc;
+ }
+
+ /* unparse for later use */
+ rc = tcp_buffer_unparse( size, rw, l, &val );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ /* use parsed values */
+ if ( l != NULL ) {
+ int i;
+ Listener **ll = slapd_get_listeners();
+
+ for ( i = 0; ll[ i ] != NULL; i++ ) {
+ if ( ll[ i ] == l ) break;
+ }
+
+ if ( ll[ i ] == NULL ) {
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
+
+ /* buffer only applies to TCP listeners;
+ * we do not do any check here, and delegate them
+ * to setsockopt(2) */
+ if ( rw & SLAP_TCP_RMEM ) l->sl_tcp_rmem = size;
+ if ( rw & SLAP_TCP_WMEM ) l->sl_tcp_wmem = size;
+
+ for ( i++ ; ll[ i ] != NULL && bvmatch( &l->sl_url, &ll[ i ]->sl_url ); i++ ) {
+ if ( rw & SLAP_TCP_RMEM ) ll[ i ]->sl_tcp_rmem = size;
+ if ( rw & SLAP_TCP_WMEM ) ll[ i ]->sl_tcp_wmem = size;
+ }
+
+ } else {
+ /* NOTE: this affects listeners without a specific setting,
+ * does not set all listeners */
+ if ( rw & SLAP_TCP_RMEM ) slapd_tcp_rmem = size;
+ if ( rw & SLAP_TCP_WMEM ) slapd_tcp_wmem = size;
+ }
+
+ tcp_buffer = SLAP_REALLOC( tcp_buffer, sizeof( struct berval ) * ( tcp_buffer_num + 2 ) );
+ /* append */
+ tcp_buffer[ tcp_buffer_num ] = val;
+
+ tcp_buffer_num++;
+ BER_BVZERO( &tcp_buffer[ tcp_buffer_num ] );
+
+ return rc;
+}
+
+static int
+config_tcp_buffer( ConfigArgs *c )
+{
+ if ( c->op == SLAP_CONFIG_EMIT ) {
+ if ( tcp_buffer == NULL || BER_BVISNULL( &tcp_buffer[ 0 ] ) ) {
+ return 1;
+ }
+ value_add( &c->rvalue_vals, tcp_buffer );
+ value_add( &c->rvalue_nvals, tcp_buffer );
+
+ } else if ( c->op == LDAP_MOD_DELETE ) {
+ if ( !c->line ) {
+ tcp_buffer_delete( tcp_buffer );
+ ber_bvarray_free( tcp_buffer );
+ tcp_buffer = NULL;
+ tcp_buffer_num = 0;
+
+ } else {
+ int rc = 0;
+ int size = -1, rw = 0;
+ Listener *l = NULL;
+
+ struct berval val = BER_BVNULL;
+
+ int i;
+
+ if ( tcp_buffer_num == 0 ) {
+ return 1;
+ }
+
+ /* parse */
+ rc = tcp_buffer_parse( NULL, c->argc - 1, &c->argv[ 1 ], &size, &rw, &l );
+ if ( rc != 0 ) {
+ return 1;
+ }
+
+ /* unparse for later use */
+ rc = tcp_buffer_unparse( size, rw, l, &val );
+ if ( rc != LDAP_SUCCESS ) {
+ return 1;
+ }
+
+ for ( i = 0; !BER_BVISNULL( &tcp_buffer[ i ] ); i++ ) {
+ if ( bvmatch( &tcp_buffer[ i ], &val ) ) {
+ break;
+ }
+ }
+
+ if ( BER_BVISNULL( &tcp_buffer[ i ] ) ) {
+ /* not found */
+ rc = 1;
+ goto done;
+ }
+
+ tcp_buffer_delete_one( &tcp_buffer[ i ] );
+ ber_memfree( tcp_buffer[ i ].bv_val );
+ for ( ; i < tcp_buffer_num; i++ ) {
+ tcp_buffer[ i ] = tcp_buffer[ i + 1 ];
+ }
+ tcp_buffer_num--;
+
+done:;
+ if ( !BER_BVISNULL( &val ) ) {
+ SLAP_FREE( val.bv_val );
+ }
+
+ }
+
+ } else {
+ int rc;
+
+ rc = tcp_buffer_add_one( c->argc - 1, &c->argv[ 1 ] );
+ if ( rc ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ),
+ "<%s> unable to add value #%d",
+ c->argv[0], tcp_buffer_num );
+ Debug( LDAP_DEBUG_ANY, "%s: %s\n",
+ c->log, c->cr_msg, 0 );
+ return 1;
+ }
+ }
+
+ return 0;
+}
+#endif /* LDAP_TCP_BUFFER */
+
static int
config_suffix(ConfigArgs *c)
{
return(0);
}
+static int
+config_extra_attrs(ConfigArgs *c)
+{
+ assert( c->be != NULL );
+
+ if ( c->op == SLAP_CONFIG_EMIT ) {
+ int i;
+
+ if ( c->be->be_extra_anlist == NULL ) {
+ return 1;
+ }
+
+ for ( i = 0; !BER_BVISNULL( &c->be->be_extra_anlist[i].an_name ); i++ ) {
+ value_add_one( &c->rvalue_vals, &c->be->be_extra_anlist[i].an_name );
+ }
+
+ } else if ( c->op == LDAP_MOD_DELETE ) {
+ if ( c->be->be_extra_anlist == NULL ) {
+ return 1;
+ }
+
+ if ( c->valx < 0 ) {
+ anlist_free( c->be->be_extra_anlist, 1, NULL );
+ c->be->be_extra_anlist = NULL;
+
+ } else {
+ int i;
+
+ for ( i = 0; i < c->valx && !BER_BVISNULL( &c->be->be_extra_anlist[i + 1].an_name ); i++ )
+ ;
+
+ if ( BER_BVISNULL( &c->be->be_extra_anlist[i].an_name ) ) {
+ return 1;
+ }
+
+ ch_free( c->be->be_extra_anlist[i].an_name.bv_val );
+
+ for ( ; !BER_BVISNULL( &c->be->be_extra_anlist[i].an_name ); i++ ) {
+ c->be->be_extra_anlist[i] = c->be->be_extra_anlist[i + 1];
+ }
+ }
+
+ } else {
+ c->be->be_extra_anlist = str2anlist( c->be->be_extra_anlist, c->argv[1], " ,\t" );
+ if ( c->be->be_extra_anlist == NULL ) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
static slap_verbmasks *loglevel_ops;
static int
loglevel_init( void )
{
slap_verbmasks lo[] = {
- { BER_BVC("Any"), -1 },
+ { BER_BVC("Any"), (slap_mask_t) LDAP_DEBUG_ANY },
{ BER_BVC("Trace"), LDAP_DEBUG_TRACE },
{ BER_BVC("Packets"), LDAP_DEBUG_PACKETS },
{ BER_BVC("Args"), LDAP_DEBUG_ARGS },
fprintf( out, "Installed log subsystems:\n\n" );
for ( i = 0; !BER_BVISNULL( &loglevel_ops[ i ].word ); i++ ) {
- fprintf( out, "\t%-30s (%lu)\n",
- loglevel_ops[ i ].word.bv_val,
- loglevel_ops[ i ].mask );
+ unsigned mask = loglevel_ops[ i ].mask & 0xffffffffUL;
+ fprintf( out,
+ (mask == ((slap_mask_t) -1 & 0xffffffffUL)
+ ? "\t%-30s (-1, 0xffffffff)\n" : "\t%-30s (%u, 0x%x)\n"),
+ loglevel_ops[ i ].word.bv_val, mask, mask );
}
fprintf( out, "\nNOTE: custom log subsystems may be later installed "
int level;
if ( isdigit((unsigned char)c->argv[i][0]) || c->argv[i][0] == '-' ) {
- if( lutil_atoi( &level, c->argv[i] ) != 0 ) {
+ if( lutil_atoix( &level, c->argv[i], 0 ) != 0 ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> unable to parse level", c->argv[0] );
Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->cr_msg, c->argv[i]);
}
int
-config_shadow( ConfigArgs *c, int flag )
+config_shadow( ConfigArgs *c, slap_mask_t flag )
{
char *notallowed = NULL;
if ( SLAP_SHADOW(c->be) ) {
/* if already shadow, only check consistency */
if ( ( SLAP_DBFLAGS(c->be) & flag ) != flag ) {
- Debug( LDAP_DEBUG_ANY, "%s: inconsistent shadow flag 0x%x.\n", c->log, flag, 0 );
+ Debug( LDAP_DEBUG_ANY, "%s: inconsistent shadow flag 0x%lx.\n",
+ c->log, flag, 0 );
return 1;
}
op->o_tag = LDAP_REQ_ADD;
if ( rc == LDAP_SUCCESS && sc.frontend ) {
+ rs_reinit( &rs, REP_RESULT );
op->ora_e = sc.frontend;
rc = op->o_bd->be_add( op, &rs );
}
if ( rc == LDAP_SUCCESS && sc.config ) {
+ rs_reinit( &rs, REP_RESULT );
op->ora_e = sc.config;
rc = op->o_bd->be_add( op, &rs );
}
return rc;
}
+/* Insert all superior classes of the given class */
static int
count_oc( ObjectClass *oc, ConfigOCs ***copp, int *nocs )
{
ConfigOCs co, *cop;
ObjectClass **sups;
+ for ( sups = oc->soc_sups; sups && *sups; sups++ ) {
+ if ( count_oc( *sups, copp, nocs ) ) {
+ return -1;
+ }
+ }
+
co.co_name = &oc->soc_cname;
cop = avl_find( CfOcTree, &co, CfOc_cmp );
if ( cop ) {
}
}
- for ( sups = oc->soc_sups; sups && *sups; sups++ ) {
- if ( count_oc( *sups, copp, nocs ) ) {
- return -1;
- }
- }
-
return 0;
}
+/* Find all superior classes of the given objectclasses,
+ * return list in order of most-subordinate first.
+ *
+ * Special / auxiliary / Cft_Misc classes always take precedence.
+ */
static ConfigOCs **
count_ocs( Attribute *oc_at, int *nocs )
{
- int i;
+ int i, j, misc = -1;
ConfigOCs **colst = NULL;
*nocs = 0;
- for ( i = 0; !BER_BVISNULL( &oc_at->a_nvals[i] ); i++ )
- /* count attrs */ ;
-
- for ( ; i--; ) {
+ for ( i = oc_at->a_numvals; i--; ) {
ObjectClass *oc = oc_bvfind( &oc_at->a_nvals[i] );
assert( oc != NULL );
}
}
+ /* invert order */
+ i = 0;
+ j = *nocs - 1;
+ while ( i < j ) {
+ ConfigOCs *tmp = colst[i];
+ colst[i] = colst[j];
+ colst[j] = tmp;
+ if (tmp->co_type == Cft_Misc)
+ misc = j;
+ i++; j--;
+ }
+ /* Move misc class to front of list */
+ if (misc > 0) {
+ ConfigOCs *tmp = colst[misc];
+ for (i=misc; i>0; i--)
+ colst[i] = colst[i-1];
+ colst[0] = tmp;
+ }
+
return colst;
}
ca->valx = -1;
ca->line = NULL;
+ ca->argc = 1;
if ( cfn->c_cr_head ) {
struct berval bv = BER_BVC("olcDitContentRules");
ad = NULL;
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" already exists\n",
log_prefix, e->e_name.bv_val, 0 );
+ /* global schema ignores all writes */
+ if ( ce->ce_type == Cft_Schema && ce->ce_parent->ce_type == Cft_Global )
+ return LDAP_COMPARE_TRUE;
return LDAP_ALREADY_EXISTS;
}
}
ok:
/* Newly added databases and overlays need to be started up */
if ( CONFIG_ONLINE_ADD( ca )) {
- if ( colst[0]->co_type == Cft_Database ) {
+ if ( coptr->co_type == Cft_Database ) {
rc = backend_startup_one( ca->be, &ca->reply );
- } else if ( colst[0]->co_type == Cft_Overlay ) {
+ } else if ( coptr->co_type == Cft_Overlay ) {
if ( ca->bi->bi_db_open ) {
BackendInfo *bi_orig = ca->be->bd_info;
ca->be->bd_info = ca->bi;
ce->ce_parent = last;
ce->ce_entry = entry_dup( e );
ce->ce_entry->e_private = ce;
- ce->ce_type = colst[0]->co_type;
+ ce->ce_type = coptr->co_type;
ce->ce_be = ca->be;
ce->ce_bi = ca->bi;
ce->ce_private = ca->ca_private;
done:
if ( rc ) {
- if ( (colst[0]->co_type == Cft_Database) && ca->be ) {
+ if ( (coptr->co_type == Cft_Database) && ca->be ) {
if ( ca->be != frontendDB )
backend_destroy_one( ca->be, 1 );
- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) {
+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) {
overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
- } else if ( colst[0]->co_type == Cft_Schema ) {
+ } else if ( coptr->co_type == Cft_Schema ) {
schema_destroy_one( ca, colst, nocs, last );
}
}
ldap_pvt_thread_pool_resume( &connection_pool );
out:;
- send_ldap_result( op, rs );
+ { int repl = op->o_dont_replicate;
+ if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
+ rs->sr_text = NULL; /* Set after config_add_internal */
+ rs->sr_err = LDAP_SUCCESS;
+ op->o_dont_replicate = 1;
+ }
+ send_ldap_result( op, rs );
+ op->o_dont_replicate = repl;
+ }
slap_graduate_commit_csn( op );
return rs->sr_err;
}
oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass );
if ( !oc_at ) return LDAP_OBJECT_CLASS_VIOLATION;
+ for (ml = op->orm_modlist; ml; ml=ml->sml_next) {
+ if (ml->sml_desc == slap_schema.si_ad_objectClass)
+ return rc;
+ }
+
colst = count_ocs( oc_at, &nocs );
/* make sure add/del flags are clear; should always be true */
ct = config_find_table( colst, nocs, ml->sml_desc, ca );
switch (ml->sml_op) {
case LDAP_MOD_DELETE:
- case LDAP_MOD_REPLACE: {
+ case LDAP_MOD_REPLACE:
+ case SLAP_MOD_SOFTDEL:
+ {
BerVarray vals = NULL, nvals = NULL;
int *idx = NULL;
if ( ct && ( ct->arg_type & ARG_NO_DELETE )) {
ml->sml_values = vals;
ml->sml_nvalues = nvals;
}
+ if ( rc == LDAP_NO_SUCH_ATTRIBUTE && ml->sml_op == SLAP_MOD_SOFTDEL )
+ {
+ rc = LDAP_SUCCESS;
+ }
+ /* FIXME: check rc before fallthru? */
if ( !vals )
break;
- }
+ }
/* FALLTHRU: LDAP_MOD_REPLACE && vals */
+ case SLAP_MOD_ADD_IF_NOT_PRESENT:
+ if ( ml->sml_op == SLAP_MOD_ADD_IF_NOT_PRESENT
+ && attr_find( e->e_attrs, ml->sml_desc ) )
+ {
+ rc = LDAP_SUCCESS;
+ break;
+ }
+
case LDAP_MOD_ADD:
case SLAP_MOD_SOFTADD: {
int mop = ml->sml_op;
}
ca->line = bv.bv_val;
ca->valx = d->idx[i];
+ config_parse_vals(ct, ca, d->idx[i] );
rc = config_del_vals( ct, ca );
if ( rc != LDAP_SUCCESS ) break;
if ( s )
} else {
ca->valx = -1;
ca->line = NULL;
+ ca->argc = 1;
rc = config_del_vals( ct, ca );
if ( rc ) rc = LDAP_OTHER;
if ( s )
a->a_flags &= ~(SLAP_ATTR_IXDEL|SLAP_ATTR_IXADD);
ca->valx = -1;
ca->line = NULL;
+ ca->argc = 1;
config_del_vals( ct, ca );
}
for ( i=0; !BER_BVISNULL( &s->a_vals[i] ); i++ ) {
ct = config_find_table( colst, nocs, a->a_desc, ca );
ca->valx = -1;
ca->line = NULL;
+ ca->argc = 1;
config_del_vals( ct, ca );
s = attr_find( save_attrs, a->a_desc );
if ( s ) {
out_noop:
if ( rc == LDAP_SUCCESS ) {
attrs_free( save_attrs );
+ rs->sr_text = NULL;
} else {
attrs_free( e->e_attrs );
e->e_attrs = save_attrs;
rdn = ce->ce_entry->e_nname;
ptr = strchr( rdn.bv_val, '=' );
rdn.bv_len = ptr - rdn.bv_val;
- slap_bv2ad( &rdn, &rad, &rs->sr_text );
+ rs->sr_err = slap_bv2ad( &rdn, &rad, &rs->sr_text );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ goto out;
+ }
/* Some basic validation... */
for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
rs->sr_matched = last->ce_entry->e_name.bv_val;
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else if ( ce->ce_kids ) {
- rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
} else if ( op->o_abandon ) {
rs->sr_err = SLAPD_ABANDON;
- } else if ( ce->ce_type == Cft_Overlay || ce->ce_type == Cft_Database ){
+ } else if ( ce->ce_type == Cft_Overlay ||
+ ce->ce_type == Cft_Database ||
+ ce->ce_type == Cft_Misc ){
char *iptr;
int count, ixold;
ldap_pvt_thread_pool_pause( &connection_pool );
if ( ce->ce_type == Cft_Overlay ){
- overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi );
- } else { /* Cft_Database*/
+ overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi, op );
+ } else if ( ce->ce_type == Cft_Misc ) {
+ /*
+ * only Cft_Misc objects that have a co_lddel handler set in
+ * the ConfigOCs struct can be deleted. This code also
+ * assumes that the entry can be only have one objectclass
+ * with co_type == Cft_Misc
+ */
+ ConfigOCs co, *coptr;
+ Attribute *oc_at;
+ int i;
+
+ oc_at = attr_find( ce->ce_entry->e_attrs,
+ slap_schema.si_ad_objectClass );
+ if ( !oc_at ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "objectclass not found";
+ ldap_pvt_thread_pool_resume( &connection_pool );
+ goto out;
+ }
+ for ( i=0; !BER_BVISNULL(&oc_at->a_nvals[i]); i++ ) {
+ co.co_name = &oc_at->a_nvals[i];
+ coptr = avl_find( CfOcTree, &co, CfOc_cmp );
+ if ( coptr == NULL || coptr->co_type != Cft_Misc ) {
+ continue;
+ }
+ if ( ! coptr->co_lddel || coptr->co_lddel( ce, op ) ){
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ if ( ! coptr->co_lddel ) {
+ rs->sr_text = "No delete handler found";
+ } else {
+ rs->sr_err = LDAP_OTHER;
+ /* FIXME: We should return a helpful error message
+ * here */
+ }
+ ldap_pvt_thread_pool_resume( &connection_pool );
+ goto out;
+ }
+ break;
+ }
+ } else if (ce->ce_type == Cft_Database ) {
if ( ce->ce_be == frontendDB || ce->ce_be == op->o_bd ){
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
rs->sr_text = "Cannot delete config or frontend database";
ldap_pvt_thread_pool_resume( &connection_pool );
goto out;
- }
+ }
if ( ce->ce_be->bd_info->bi_db_close ) {
ce->ce_be->bd_info->bi_db_close( ce->ce_be, NULL );
}
} else {
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
}
+out:
#else
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
#endif /* SLAP_CONFIG_DELETE */
-out:
send_ldap_result( op, rs );
return rs->sr_err;
}
return 0;
}
+/* currently (2010) does not access rs except possibly writing rs->sr_err */
+
Entry *
config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent,
ConfigArgs *c, struct berval *rdn, ConfigOCs *main, ConfigOCs *extra )
op->ora_modlist = NULL;
slap_add_opattrs( op, NULL, NULL, 0, 0 );
if ( !op->o_noop ) {
- op->o_bd->be_add( op, rs );
- if ( ( rs->sr_err != LDAP_SUCCESS )
- && (rs->sr_err != LDAP_ALREADY_EXISTS) ) {
+ SlapReply rs2 = {REP_RESULT};
+ op->o_bd->be_add( op, &rs2 );
+ rs->sr_err = rs2.sr_err;
+ rs_assert_done( &rs2 );
+ if ( ( rs2.sr_err != LDAP_SUCCESS )
+ && (rs2.sr_err != LDAP_ALREADY_EXISTS) ) {
goto fail;
}
}
bv.bv_len );
c->value_dn.bv_len += bv.bv_len;
c->value_dn.bv_val[c->value_dn.bv_len] ='\0';
- rdn = c->value_dn;
+ rdnNormalize( 0, NULL, NULL, &c->value_dn, &rdn, NULL );
c->ca_private = cf;
e = config_build_entry( op, rs, ceparent, c, &rdn,
&CFOC_SCHEMA, NULL );
+ ch_free( rdn.bv_val );
if ( !e ) {
return -1;
} else if ( e && cf->c_kids ) {
/* If we have no explicitly configured ACLs, don't just use
* the global ACLs. Explicitly deny access to everything.
*/
- if ( !be->be_acl ) {
- parse_acl(be, "config_back_db_open", 0, 6, (char **)defacl, 0 );
+ if ( !be->bd_self->be_acl ) {
+ parse_acl(be->bd_self, "config_back_db_open", 0, 6, (char **)defacl, 0 );
}
thrctx = ldap_pvt_thread_pool_context();
/* Create schema nodes for included schema... */
if ( cfb->cb_config->c_kids ) {
+ int rc;
c.depth = 0;
c.ca_private = cfb->cb_config->c_kids;
- if (config_build_schema_inc( &c, ce, op, &rs )) {
+ rc = config_build_schema_inc( &c, ce, op, &rs );
+ if ( rc ) {
return -1;
}
}
return -1;
}
ce = e->e_private;
- if ( be->be_cf_ocs && be->be_cf_ocs->co_cfadd )
+ if ( be->be_cf_ocs && be->be_cf_ocs->co_cfadd ) {
+ rs_reinit( &rs, REP_RESULT );
be->be_cf_ocs->co_cfadd( op, &rs, e, &c );
+ }
/* Iterate through overlays */
if ( oi ) {
slap_overinst *on;
if ( !oe ) {
return -1;
}
- if ( c.bi->bi_cf_ocs && c.bi->bi_cf_ocs->co_cfadd )
+ if ( c.bi->bi_cf_ocs && c.bi->bi_cf_ocs->co_cfadd ) {
+ rs_reinit( &rs, REP_RESULT );
c.bi->bi_cf_ocs->co_cfadd( op, &rs, oe, &c );
+ }
}
}
}
CfBackInfo *cfb = be->be_private;
BackendInfo *bi = cfb->cb_db.bd_info;
- if ( bi && bi->bi_tool_entry_first )
+ if ( bi && bi->bi_tool_entry_first ) {
return bi->bi_tool_entry_first( &cfb->cb_db );
- else
- return NOID;
+ }
+ if ( bi && bi->bi_tool_entry_first_x ) {
+ return bi->bi_tool_entry_first_x( &cfb->cb_db,
+ NULL, LDAP_SCOPE_DEFAULT, NULL );
+ }
+ return NOID;
+}
+
+static ID
+config_tool_entry_first_x(
+ BackendDB *be,
+ struct berval *base,
+ int scope,
+ Filter *f )
+{
+ CfBackInfo *cfb = be->be_private;
+ BackendInfo *bi = cfb->cb_db.bd_info;
+
+ if ( bi && bi->bi_tool_entry_first_x ) {
+ return bi->bi_tool_entry_first_x( &cfb->cb_db, base, scope, f );
+ }
+ return NOID;
}
static ID
Operation *op = NULL;
void *thrctx;
int isFrontend = 0;
+ int isFrontendChild = 0;
/* Create entry for frontend database if it does not exist already */
if ( !entry_put_got_frontend ) {
}
}
}
+
+ /* Child entries of the frontend database, e.g. slapo-chain's back-ldap
+ * instances, may appear before the config database entry in the ldif, skip
+ * auto-creation of olcDatabase={0}config in such a case */
+ if ( !entry_put_got_config &&
+ !strncmp( e->e_nname.bv_val, "olcDatabase", STRLENOF( "olcDatabase" ))) {
+ struct berval pdn;
+ dnParent( &e->e_nname, &pdn );
+ while ( pdn.bv_len ) {
+ if ( !strncmp( pdn.bv_val, "olcDatabase",
+ STRLENOF( "olcDatabase" ))) {
+ if ( !strncmp( pdn.bv_val +
+ STRLENOF( "olcDatabase" ), "={-1}frontend",
+ STRLENOF( "={-1}frontend" )) ||
+ !strncmp( pdn.bv_val +
+ STRLENOF( "olcDatabase" ), "=frontend",
+ STRLENOF( "=frontend" ))) {
+
+ isFrontendChild = 1;
+ break;
+ }
+ }
+ dnParent( &pdn, &pdn );
+ }
+ }
+
/* Create entry for config database if it does not exist already */
- if ( !entry_put_got_config && !isFrontend ) {
+ if ( !entry_put_got_config && !isFrontend && !isFrontendChild ) {
if ( !strncmp( e->e_nname.bv_val, "olcDatabase",
STRLENOF( "olcDatabase" ))) {
if ( strncmp( e->e_nname.bv_val +
bi->bi_tool_entry_open = config_tool_entry_open;
bi->bi_tool_entry_close = config_tool_entry_close;
bi->bi_tool_entry_first = config_tool_entry_first;
+ bi->bi_tool_entry_first_x = config_tool_entry_first_x;
bi->bi_tool_entry_next = config_tool_entry_next;
bi->bi_tool_entry_get = config_tool_entry_get;
bi->bi_tool_entry_put = config_tool_entry_put;
projects / openldap / blobdiff