CFG_HIDDEN,
CFG_MONITORING,
CFG_SERVERID,
+ CFG_SORTVALS,
CFG_LAST
};
{ "OLcfgBkAt", "OLcfgAt:1" },
{ "OLcfgDbAt", "OLcfgAt:2" },
{ "OLcfgOvAt", "OLcfgAt:3" },
+ { "OLcfgCtAt", "OLcfgAt:4" }, /* contrib modules */
{ "OLcfgOc", "OLcfg:4" },
{ "OLcfgGlOc", "OLcfgOc:0" },
{ "OLcfgBkOc", "OLcfgOc:1" },
{ "OLcfgDbOc", "OLcfgOc:2" },
{ "OLcfgOvOc", "OLcfgOc:3" },
+ { "OLcfgCtOc", "OLcfgOc:4" }, /* contrib modules */
/* Syntaxes. We should just start using the standard names and
* document that they are predefined and available for users
{ "OMsBoolean", "OMsyn:7" },
{ "OMsDN", "OMsyn:12" },
{ "OMsDirectoryString", "OMsyn:15" },
+ { "OMsIA5String", "OMsyn:26" },
{ "OMsInteger", "OMsyn:27" },
{ "OMsOID", "OMsyn:38" },
{ "OMsOctetString", "OMsyn:40" },
* OLcfg{Bk|Db}{Oc|At}:3 -> back-ldap
* OLcfg{Bk|Db}{Oc|At}:4 -> back-monitor
* OLcfg{Bk|Db}{Oc|At}:5 -> back-relay
+ * OLcfg{Bk|Db}{Oc|At}:6 -> back-sql
*/
/*
* OLcfgOv{Oc|At}:3 -> chain
* OLcfgOv{Oc|At}:4 -> accesslog
* OLcfgOv{Oc|At}:5 -> valsort
- * (FIXME: separate arc for contribware?)
- * OLcfgOv{Oc|At}:6 -> smbk5pwd
* OLcfgOv{Oc|At}:7 -> distproc
* OLcfgOv{Oc|At}:8 -> dynlist
* OLcfgOv{Oc|At}:9 -> dds
* OLcfgOv{Oc|At}:14 -> translucent
* OLcfgOv{Oc|At}:15 -> auditlog
* OLcfgOv{Oc|At}:16 -> rwm
+ * OLcfgOv{Oc|At}:17 -> dyngroup
+ * OLcfgOv{Oc|At}:18 -> memberof
+ * OLcfgOv{Oc|At}:19 -> collect
*/
/* alphabetical ordering */
&global_idletimeout, "( OLcfgGlAt:18 NAME 'olcIdleTimeout' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "include", "file", 2, 2, 0, ARG_MAGIC,
- &config_include, NULL, NULL, NULL },
+ &config_include, "( OLcfgGlAt:19 NAME 'olcInclude' "
+ "SUP labeledURI )", NULL, NULL },
{ "index_substr_if_minlen", "min", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MIN,
&config_generic, "( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_BER_LEN_T,
&sockbuf_max_incoming_auth, "( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
+ { "sortvals", "attr", 2, 0, 0, ARG_MAGIC|CFG_SORTVALS,
+ &config_generic, "( OLcfgGlAt:83 NAME 'olcSortVals' "
+ "DESC 'Attributes whose values will always be sorted' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
{ "subordinate", "[advertise]", 1, 2, 0, ARG_DB|ARG_MAGIC,
&config_subordinate, "( OLcfgDbAt:0.15 NAME 'olcSubordinate' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
};
/* Routines to check if a child can be added to this type */
-static ConfigLDAPadd cfAddSchema, cfAddDatabase,
+static ConfigLDAPadd cfAddSchema, cfAddInclude, cfAddDatabase,
cfAddBackend, cfAddModule, cfAddOverlay;
/* NOTE: be careful when defining array members
#define CFOC_BACKEND cf_ocs[3]
#define CFOC_DATABASE cf_ocs[4]
#define CFOC_OVERLAY cf_ocs[5]
-#define CFOC_FRONTEND cf_ocs[6]
+#define CFOC_INCLUDE cf_ocs[6]
+#define CFOC_FRONTEND cf_ocs[7]
#ifdef SLAPD_MODULES
-#define CFOC_MODULE cf_ocs[7]
+#define CFOC_MODULE cf_ocs[8]
#endif /* SLAPD_MODULES */
static ConfigOCs cf_ocs[] = {
"DESC 'OpenLDAP Overlay-specific options' "
"SUP olcConfig STRUCTURAL "
"MUST olcOverlay )", Cft_Overlay, NULL, cfAddOverlay },
+ { "( OLcfgGlOc:6 "
+ "NAME 'olcIncludeFile' "
+ "DESC 'OpenLDAP configuration include file' "
+ "SUP olcConfig STRUCTURAL "
+ "MUST olcInclude "
+ "MAY ( cn $ olcRootDSE ) )",
+ /* Used to be Cft_Include, that def has been removed */
+ Cft_Abstract, NULL, cfAddInclude },
/* This should be STRUCTURAL like all the other database classes, but
* that would mean inheriting all of the olcDatabaseConfig attributes,
* which causes them to be merged twice in config_build_entry.
"NAME 'olcFrontendConfig' "
"DESC 'OpenLDAP frontend configuration' "
"AUXILIARY "
- "MAY olcDefaultSearchBase $ olcPasswordHash )",
+ "MAY ( olcDefaultSearchBase $ olcPasswordHash $ olcSortVals ) )",
Cft_Database, NULL, NULL },
#ifdef SLAPD_MODULES
{ "( OLcfgGlOc:8 "
static ServerID *sid_list;
+typedef struct ADlist {
+ struct ADlist *al_next;
+ AttributeDescription *al_desc;
+} ADlist;
+
+static ADlist *sortVals;
+
static int
config_generic(ConfigArgs *c) {
int i;
struct berval bv;
for ( si = sid_list; si; si=si->si_next ) {
+ assert( si->si_num >= 0 && si->si_num <= SLAP_SYNC_SID_MAX );
if ( !BER_BVISEMPTY( &si->si_url )) {
bv.bv_len = si->si_url.bv_len + 6;
bv.bv_val = ch_malloc( bv.bv_len );
case CFG_SSTR_IF_MIN:
c->value_int = index_substr_if_minlen;
break;
+ case CFG_SORTVALS: {
+ ADlist *sv;
+ rc = 1;
+ for ( sv = sortVals; sv; sv = sv->al_next ) {
+ value_add_one( &c->rvalue_vals, &sv->al_desc->ad_cname );
+ rc = 0;
+ }
+ } break;
#ifdef SLAPD_MODULES
case CFG_MODLOAD: {
ModPaths *mp = c->private;
break;
case CFG_OC: {
- CfEntryInfo *ce = c->ca_entry->e_private;
- /* can't modify the hardcoded schema */
- if ( ce->ce_parent->ce_type == Cft_Global )
- return 1;
+ CfEntryInfo *ce;
+ /* Can be NULL when undoing a failed add */
+ if ( c->ca_entry ) {
+ ce = c->ca_entry->e_private;
+ /* can't modify the hardcoded schema */
+ if ( ce->ce_parent->ce_type == Cft_Global )
+ return 1;
+ }
}
cfn = c->private;
if ( c->valx < 0 ) {
break;
case CFG_ATTR: {
- CfEntryInfo *ce = c->ca_entry->e_private;
- /* can't modify the hardcoded schema */
- if ( ce->ce_parent->ce_type == Cft_Global )
- return 1;
+ CfEntryInfo *ce;
+ /* Can be NULL when undoing a failed add */
+ if ( c->ca_entry ) {
+ ce = c->ca_entry->e_private;
+ /* can't modify the hardcoded schema */
+ if ( ce->ce_parent->ce_type == Cft_Global )
+ return 1;
+ }
}
cfn = c->private;
if ( c->valx < 0 ) {
}
}
break;
+ case CFG_SORTVALS:
+ if ( c->valx < 0 ) {
+ ADlist *sv;
+ for ( sv = sortVals; sv; sv = sortVals ) {
+ sortVals = sv->al_next;
+ sv->al_desc->ad_type->sat_flags &= ~SLAP_AT_SORTED_VAL;
+ ch_free( sv );
+ }
+ } else {
+ ADlist *sv, **prev;
+ int i = 0;
+
+ for ( prev = &sortVals, sv = sortVals; i < c->valx; i++ ) {
+ prev = &sv->al_next;
+ sv = sv->al_next;
+ }
+ sv->al_desc->ad_type->sat_flags &= ~SLAP_AT_SORTED_VAL;
+ *prev = sv->al_next;
+ ch_free( sv );
+ }
+ break;
case CFG_LIMITS:
/* FIXME: there is no limits_free function */
return(1);
break;
+ case CFG_SORTVALS: {
+ ADlist *svnew = NULL, *svtail, *sv;
+
+ for ( i = 1; i < c->argc; i++ ) {
+ AttributeDescription *ad = NULL;
+ const char *text;
+ int rc;
+
+ rc = slap_str2ad( c->argv[i], &ad, &text );
+ if ( rc ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> unknown attribute type #%d",
+ c->argv[0], i );
+sortval_reject:
+ Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
+ c->log, c->cr_msg, c->argv[i] );
+ for ( sv = svnew; sv; sv = svnew ) {
+ svnew = sv->al_next;
+ ch_free( sv );
+ }
+ return 1;
+ }
+ if (( ad->ad_type->sat_flags & SLAP_AT_ORDERED ) ||
+ ad->ad_type->sat_single_value ) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> inappropriate attribute type #%d",
+ c->argv[0], i );
+ goto sortval_reject;
+ }
+ sv = ch_malloc( sizeof( ADlist ));
+ sv->al_desc = ad;
+ if ( !svnew ) {
+ svnew = sv;
+ } else {
+ svtail->al_next = sv;
+ }
+ svtail = sv;
+ }
+ sv->al_next = NULL;
+ for ( sv = svnew; sv; sv = sv->al_next )
+ sv->al_desc->ad_type->sat_flags |= SLAP_AT_SORTED_VAL;
+ for ( sv = sortVals; sv && sv->al_next; sv = sv->al_next );
+ if ( sv )
+ sv->al_next = svnew;
+ else
+ sortVals = svnew;
+ }
+ break;
+
case CFG_ACL:
/* Don't append to the global ACL if we're on a specific DB */
i = c->valx;
{
ServerID *si, **sip;
LDAPURLDesc *lud;
- int num = atoi( c->argv[1] );
- if ( num < 0 || num > SLAP_SYNC_SID_MAX ) {
+ int num;
+ if ( lutil_atoi( &num, c->argv[1] ) ||
+ num < 0 || num > SLAP_SYNC_SID_MAX )
+ {
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"<%s> illegal server ID", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
si = ch_malloc( sizeof(ServerID) );
BER_BVZERO( &si->si_url );
slap_serverID = num;
+ Debug( LDAP_DEBUG_CONFIG,
+ "%s: SID=%d\n",
+ c->log, slap_serverID, 0 );
}
si->si_next = NULL;
si->si_num = num;
ldap_free_urldesc( lu2 );
if ( isMe ) {
slap_serverID = si->si_num;
+ Debug( LDAP_DEBUG_CONFIG,
+ "%s: SID=%d (listener=%s)\n",
+ c->log, slap_serverID,
+ l[i]->sl_url.bv_val );
break;
}
}
return(0);
}
+/* For RE23 compatibility we allow this in the global entry
+ * but we now defer it to the frontend entry to allow modules
+ * to load new hash types.
+ */
static int
config_passwd_hash(ConfigArgs *c) {
int i;
if (c->op == SLAP_CONFIG_EMIT) {
struct berval bv;
+ /* Don't generate it in the global entry */
+ if ( c->table == Cft_Global )
+ return 1;
for (i=0; default_passwd_hash && default_passwd_hash[i]; i++) {
ber_str2bv(default_passwd_hash[i], 0, 0, &bv);
value_add_one(&c->rvalue_vals, &bv);
}
return i ? 0 : 1;
} else if ( c->op == LDAP_MOD_DELETE ) {
+ /* Deleting from global is a no-op, only the frontendDB entry matters */
+ if ( c->table == Cft_Global )
+ return 0;
if ( c->valx < 0 ) {
ldap_charray_free( default_passwd_hash );
default_passwd_hash = NULL;
}
return 0;
}
- if(default_passwd_hash) {
- Debug(LDAP_DEBUG_ANY, "%s: "
- "already set default password_hash\n",
- c->log, 0, 0);
- return(1);
- }
for(i = 1; i < c->argc; i++) {
if(!lutil_passwd_scheme(c->argv[i])) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> scheme not available", c->argv[0] );
} else {
ldap_charray_add(&default_passwd_hash, c->argv[i]);
}
- if(!default_passwd_hash) {
- snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> no valid hashes found", c->argv[0] );
- Debug(LDAP_DEBUG_ANY, "%s: %s\n",
- c->log, c->cr_msg, 0 );
- return(1);
- }
+ }
+ if(!default_passwd_hash) {
+ snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> no valid hashes found", c->argv[0] );
+ Debug(LDAP_DEBUG_ANY, "%s: %s\n",
+ c->log, c->cr_msg, 0 );
+ return(1);
}
return(0);
}
ConfigFile *cfsave = cfn;
ConfigFile *cf2 = NULL;
- /* No dynamic config for include files */
+ /* Leftover from RE23. No dynamic config for include files */
+ if ( c->op == SLAP_CONFIG_EMIT || c->op == LDAP_MOD_DELETE )
+ return 1;
+
cf = ch_calloc( 1, sizeof(ConfigFile));
if ( cfn->c_kids ) {
for (cf2=cfn->c_kids; cf2 && cf2->c_sibs; cf2=cf2->c_sibs) ;
static int
config_back_bind( Operation *op, SlapReply *rs )
{
- if ( op->orb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) {
+ if ( be_isroot_pw( op ) ) {
ber_dupbv( &op->orb_edn, be_root_dn( op->o_bd ));
/* frontend sends result */
return LDAP_SUCCESS;
return colst;
}
+static int
+cfAddInclude( CfEntryInfo *p, Entry *e, ConfigArgs *ca )
+{
+ /* Leftover from RE23. Never parse this entry */
+ return LDAP_COMPARE_TRUE;
+}
+
static int
cfAddSchema( CfEntryInfo *p, Entry *e, ConfigArgs *ca )
{
int i, ibase = -1, nocs, rc = 0;
struct berval pdn;
ConfigTable *ct;
- char *ptr;
+ char *ptr, *log_prefix = op ? op->o_log_prefix : "";
memset( ca, 0, sizeof(ConfigArgs));
{
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" already exists\n",
- op->o_log_prefix, e->e_name.bv_val, 0 );
+ log_prefix, e->e_name.bv_val, 0 );
return LDAP_ALREADY_EXISTS;
}
}
}
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" not child of DN=\"%s\"\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val,
+ log_prefix, e->e_name.bv_val,
last->ce_entry->e_name.bv_val );
return LDAP_NO_SUCH_OBJECT;
}
{
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no write access to \"children\" of parent\n",
- op->o_log_prefix, e->e_name.bv_val, 0 );
+ log_prefix, e->e_name.bv_val, 0 );
return LDAP_INSUFFICIENT_ACCESS;
}
}
if ( !oc_at ) {
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no objectClass\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val, 0 );
+ log_prefix, e->e_name.bv_val, 0 );
return LDAP_OBJECT_CLASS_VIOLATION;
}
if ( rc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no structural objectClass (%s)\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val, text );
+ log_prefix, e->e_name.bv_val, text );
return rc;
}
attr_merge_one( e, slap_schema.si_ad_structuralObjectClass, &soc->soc_cname, NULL );
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no structural objectClass; "
"unable to merge computed class %s\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val,
+ log_prefix, e->e_name.bv_val,
soc->soc_cname.bv_val );
return LDAP_OBJECT_CLASS_VIOLATION;
}
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no structural objectClass; "
"computed objectClass %s merged\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val,
+ log_prefix, e->e_name.bv_val,
soc->soc_cname.bv_val );
}
if ( coptr == NULL ) {
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no structural objectClass in configuration table\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val, 0 );
+ log_prefix, e->e_name.bv_val, 0 );
return LDAP_OBJECT_CLASS_VIOLATION;
}
if ( rc == LDAP_CONSTRAINT_VIOLATION ) {
Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
"DN=\"%s\" no structural objectClass add function\n",
- op ? op->o_log_prefix : "", e->e_name.bv_val, 0 );
+ log_prefix, e->e_name.bv_val, 0 );
return LDAP_OBJECT_CLASS_VIOLATION;
}
}
*/
if ( ct && ml->sml_values ) {
delrec *d;
- for (i=0; ml->sml_values[i].bv_val; i++);
+ i = ml->sml_numvals;
d = ch_malloc( sizeof(delrec) + (i - 1)* sizeof(int));
d->nidx = i;
d->next = NULL;
if ( ct->arg_type & ARG_NO_INSERT ) {
Attribute *a = attr_find( e->e_attrs, ml->sml_desc );
if ( a ) {
- for (i = 0; a->a_vals[i].bv_val; i++ );
- navals = i;
+ navals = a->a_numvals;
}
}
for ( i=0; !BER_BVISNULL( &ml->sml_values[i] ); i++ ) {
ber_bvarray_free( a->a_vals );
a->a_vals = NULL;
a->a_nvals = NULL;
+ a->a_numvals = 0;
}
oidm_unparse( &bv, NULL, NULL, 1 );
attr_merge_normalize( e, cfAd_om, bv, NULL );
ber_bvarray_free( a->a_vals );
a->a_vals = NULL;
a->a_nvals = NULL;
+ a->a_numvals = 0;
}
at_unparse( &bv, NULL, NULL, 1 );
attr_merge_normalize( e, cfAd_attr, bv, NULL );
ber_bvarray_free( a->a_vals );
a->a_vals = NULL;
a->a_nvals = NULL;
+ a->a_numvals = 0;
}
oc_unparse( &bv, NULL, NULL, 1 );
attr_merge_normalize( e, cfAd_oc, bv, NULL );