#include "config.h"
static struct berval config_rdn = BER_BVC("cn=config");
-static struct berval access_rdn = BER_BVC("cn=access");
+static struct berval schema_rdn = BER_BVC("cn=schema");
+
+#define IFMT "{%d}"
#ifdef SLAPD_MODULES
typedef struct modpath_s {
struct berval mp_path;
BerVarray mp_loads;
} ModPaths;
+
+static ModPaths modpaths, *modlast = &modpaths, *modcur = &modpaths;
#endif
typedef struct ConfigFile {
struct ConfigFile *c_sibs;
struct ConfigFile *c_kids;
struct berval c_file;
-#ifdef SLAPD_MODULES
- ModPaths c_modpaths;
- ModPaths *c_modlast;
-#endif
+ AttributeType *c_at_head, *c_at_tail;
+ ContentRule *c_cr_head, *c_cr_tail;
+ ObjectClass *c_oc_head, *c_oc_tail;
+ OidMacro *c_om_head, *c_om_tail;
BerVarray c_dseFiles;
} ConfigFile;
+typedef struct CfOcInfo {
+ struct berval *co_name;
+ ConfigTable *co_table;
+ ConfigType co_type;
+} CfOcInfo;
+
typedef struct CfEntryInfo {
+ struct CfEntryInfo *ce_parent;
struct CfEntryInfo *ce_sibs;
struct CfEntryInfo *ce_kids;
Entry *ce_entry;
+ ConfigType ce_type;
BackendInfo *ce_bi;
BackendDB *ce_be;
} CfEntryInfo;
typedef struct {
ConfigFile *cb_config;
CfEntryInfo *cb_root;
+ BackendDB cb_db; /* underlying database */
+ int cb_got_ldif;
} CfBackInfo;
/* These do nothing in slapd, they're kept only to make them
static char *logfileName;
static BerVarray authz_rewrites;
+static struct berval cfdir;
+
+/* Private state */
static AttributeDescription *cfAd_backend, *cfAd_database, *cfAd_overlay,
*cfAd_include;
-static ObjectClass *cfOc_global, *cfOc_backend, *cfOc_database,
- *cfOc_include, *cfOc_overlay, *cfOc_access;
+static ObjectClass *cfOc_schema, *cfOc_global, *cfOc_backend, *cfOc_database,
+ *cfOc_include, *cfOc_overlay, *cfOc_module;
static ConfigFile cf_prv, *cfn = &cf_prv;
+static Avlnode *CfOcTree;
+
static int add_syncrepl LDAP_P(( Backend *, char **, int ));
static int parse_syncrepl_line LDAP_P(( char **, int, syncinfo_t *));
static void syncrepl_unparse LDAP_P (( syncinfo_t *, struct berval *));
+static int config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs,
+ int *renumber );
static ConfigDriver config_fname;
+static ConfigDriver config_cfdir;
static ConfigDriver config_generic;
static ConfigDriver config_search_base;
static ConfigDriver config_passwd_hash;
"DESC 'File for slapd configuration directives' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
+ { "", "", 0, 0, 0, ARG_MAGIC,
+ &config_cfdir, "( OLcfgAt:79 NAME 'olcConfigDir' "
+ "DESC 'Directory for slapd configuration backend' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "access", NULL, 0, 0, 0, ARG_MAY_DB|ARG_MAGIC|CFG_ACL,
&config_generic, "( OLcfgAt:1 NAME 'olcAccess' "
"DESC 'Access Control List' "
"DESC 'File for slapd command line options' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
- /* Use standard 'attributeTypes' attr */
{ "attribute", "attribute", 2, 0, 9, ARG_PAREN|ARG_MAGIC|CFG_ATTR,
- &config_generic, NULL, NULL, NULL },
+ &config_generic, "( OLcfgAt:4 NAME 'olcAttributeTypes' "
+ "DESC 'OpenLDAP attributeTypes' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
+ NULL, NULL },
{ "attributeoptions", NULL, 0, 0, 0, ARG_MAGIC|CFG_ATOPT,
&config_generic, "( OLcfgAt:5 NAME 'olcAttributeOptions' "
"EQUALITY caseIgnoreMatch "
&config_generic, "( OLcfgAt:9 NAME 'olcBackend' "
"DESC 'A type of backend' "
"EQUALITY caseIgnoreMatch "
- "SYNTAX OMsDirectoryString )", NULL, NULL },
- { "concurrency", "level", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_CONCUR,
+ "SYNTAX OMsDirectoryString X-ORDERED 'SIBLINGS' )", NULL, NULL },
+ { "concurrency", "level", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_CONCUR,
&config_generic, "( OLcfgAt:10 NAME 'olcConcurrency' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "conn_max_pending", "max", 2, 2, 0, ARG_LONG,
+ { "conn_max_pending", "max", 2, 2, 0, ARG_INT,
&slap_conn_max_pending, "( OLcfgAt:11 NAME 'olcConnMaxPending' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "conn_max_pending_auth", "max", 2, 2, 0, ARG_LONG,
+ { "conn_max_pending_auth", "max", 2, 2, 0, ARG_INT,
&slap_conn_max_pending_auth, "( OLcfgAt:12 NAME 'olcConnMaxPendingAuth' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "database", "type", 2, 2, 0, ARG_MAGIC|CFG_DATABASE,
&config_generic, "( OLcfgAt:13 NAME 'olcDatabase' "
"DESC 'The backend type for a database instance' "
- "SUP olcBackend )", NULL, NULL },
+ "SUP olcBackend X-ORDERED 'SIBLINGS' )", NULL, NULL },
{ "defaultSearchBase", "dn", 2, 2, 0, ARG_PRE_BI|ARG_PRE_DB|ARG_DN|ARG_MAGIC,
&config_search_base, "( OLcfgAt:14 NAME 'olcDefaultSearchBase' "
"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
&config_disallows, "( OLcfgAt:15 NAME 'olcDisallows' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )", NULL, NULL },
- /* use standard schema */
{ "ditcontentrule", NULL, 0, 0, 0, ARG_MAGIC|CFG_DIT,
- &config_generic, NULL, NULL, NULL },
+ &config_generic, "( OLcfgAt:16 NAME 'olcDitContentRules' "
+ "DESC 'OpenLDAP DIT content rules' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
+ NULL, NULL },
{ "gentlehup", "on|off", 2, 2, 0,
#ifdef SIGHUP
ARG_ON_OFF, &global_gentlehup,
{ "limits", "limits", 2, 0, 0, ARG_DB|ARG_MAGIC|CFG_LIMITS,
&config_generic, "( OLcfgAt:25 NAME 'olcLimits' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
- { "localSSF", "ssf", 2, 2, 0, ARG_LONG,
+ { "localSSF", "ssf", 2, 2, 0, ARG_INT,
&local_ssf, "( OLcfgAt:26 NAME 'olcLocalSSF' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "logfile", "file", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_LOGFILE,
#endif
"( OLcfgAt:31 NAME 'olcModulePath' "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
- /* use standard schema */
{ "objectclass", "objectclass", 2, 0, 0, ARG_PAREN|ARG_MAGIC|CFG_OC,
- &config_generic, NULL, NULL, NULL },
+ &config_generic, "( OLcfgAt:32 NAME 'olcObjectClasses' "
+ "DESC 'OpenLDAP object classes' "
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
+ NULL, NULL },
{ "objectidentifier", NULL, 0, 0, 0, ARG_MAGIC|CFG_OID,
&config_generic, "( OLcfgAt:33 NAME 'olcObjectIdentifier' "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
{ "overlay", "overlay", 2, 2, 0, ARG_MAGIC,
&config_overlay, "( OLcfgAt:34 NAME 'olcOverlay' "
- "SUP olcDatabase )", NULL, NULL },
+ "SUP olcDatabase X-ORDERED 'SIBLINGS' )", NULL, NULL },
{ "password-crypt-salt-format", "salt", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_SALT,
&config_generic, "( OLcfgAt:35 NAME 'olcPasswordCryptSaltFormat' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "rootDSE", "file", 2, 2, 0, ARG_MAGIC|CFG_ROOTDSE,
&config_generic, "( OLcfgAt:51 NAME 'olcRootDSE' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
- { "rootpw", "password", 2, 2, 0, ARG_STRING|ARG_DB|ARG_MAGIC,
+ { "rootpw", "password", 2, 2, 0, ARG_BERVAL|ARG_DB|ARG_MAGIC,
&config_rootpw, "( OLcfgAt:52 NAME 'olcRootPW' "
- "SYNTAX OMsOctetString SINGLE-VALUE )", NULL, NULL },
+ "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "sasl-authz-policy", NULL, 2, 2, 0, ARG_MAGIC|CFG_AZPOLICY,
&config_generic, NULL, NULL, NULL },
{ "sasl-host", "host", 2, 2, 0,
{ "sizelimit", "limit", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC|CFG_SIZE,
&config_sizelimit, "( OLcfgAt:60 NAME 'olcSizeLimit' "
"SYNTAX OMsInteger )", NULL, NULL },
- { "sockbuf_max_incoming", "max", 2, 2, 0, ARG_LONG,
+ { "sockbuf_max_incoming", "max", 2, 2, 0, ARG_BER_LEN_T,
&sockbuf_max_incoming, "( OLcfgAt:61 NAME 'olcSockbufMaxIncoming' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_LONG,
+ { "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_BER_LEN_T,
&sockbuf_max_incoming_auth, "( OLcfgAt:62 NAME 'olcSockbufMaxIncomingAuth' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "srvtab", "file", 2, 2, 0,
"( OLcfgAt:72 NAME 'olcTLSCipherSuite' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "TLSCRLCheck", NULL, 0, 0, 0,
-#ifdef HAVE_TLS
+#if defined(HAVE_TLS) && defined(HAVE_OPENSSL_CRL)
CFG_TLS_CRLCHECK|ARG_STRING|ARG_MAGIC, &config_tls_config,
#else
ARG_IGNORED, NULL,
{ "( OLcfgOc:1 "
"NAME 'olcConfig' "
"DESC 'OpenLDAP configuration object' "
- "ABSTRACT SUP top "
- "MAY ( cn $ olcConfigFile ) )", NULL },
- { "( OLcfgOc:3 "
+ "ABSTRACT SUP top )", Cft_Abstract, NULL },
+ { "( OLcfgOc:2 "
"NAME 'olcGlobal' "
"DESC 'OpenLDAP Global configuration options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcAllows $ olcArgsFile $ olcAttributeOptions $ "
- "olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ "
- "olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ "
- "olcDefaultSearchBase $ olcDisallows $ olcGentleHUP $ "
- "olcIdleTimeout $ olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
+ "MAY ( cn $ olcConfigFile $ olcConfigDir $ olcAllows $ olcArgsFile $ "
+ "olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ "
+ "olcAuthzPolicy $ olcAuthzRegexp $ olcConcurrency $ "
+ "olcConnMaxPending $ olcConnMaxPendingAuth $ olcDefaultSearchBase $ "
+ "olcDisallows $ olcDitContentRules $ olcGentleHUP $ olcIdleTimeout $ "
+ "olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
"olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ "
- "olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectIdentifier $ "
+ "olcLogLevel $ olcModulePath $ olcObjectClasses $ "
+ "olcObjectIdentifier $ "
"olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ "
"olcPlugin $ olcPluginLogFile $ olcReadOnly $ olcReferral $ "
"olcReplicaPidFile $ olcReplicaArgsFile $ olcReplicationInterval $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
- "olcRootDSE $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
+ "olcRootDSE $ olcRootPW $ "
+ "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSchemaCheck $ olcSchemaDN $ olcSecurity $ olcSizeLimit $ "
"olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
"olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
- "olcTLSRandFile $ olcTLSVerifyClient ) )", &cfOc_global },
+ "olcTLSRandFile $ olcTLSVerifyClient ) )", Cft_Global, &cfOc_global },
+ { "( OLcfgOc:3 "
+ "NAME 'olcSchemaConfig' "
+ "DESC 'OpenLDAP schema object' "
+ "SUP olcConfig STRUCTURAL "
+ "MAY ( cn $ olcObjectIdentifier $ olcAttributeTypes $ "
+ "olcObjectClasses $ olcDitContentRules ) )",
+ Cft_Schema, &cfOc_schema },
{ "( OLcfgOc:4 "
"NAME 'olcBackendConfig' "
"DESC 'OpenLDAP Backend-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcBackend ) )", &cfOc_backend },
+ "MUST olcBackend )", Cft_Backend, &cfOc_backend },
{ "( OLcfgOc:5 "
"NAME 'olcDatabaseConfig' "
"DESC 'OpenLDAP Database-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcDatabase $ olcAccess $ olcLastMod $ olcLimits $ "
+ "MUST olcDatabase "
+ "MAY ( olcSuffix $ olcAccess $ olcLastMod $ olcLimits $ "
"olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ "
- "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSuffix $ olcSyncrepl $ "
- "olcTimeLimit $ olcUpdateDN $ olcUpdateRef ) )", &cfOc_database },
+ "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncrepl $ "
+ "olcTimeLimit $ olcUpdateDN $ olcUpdateRef ) )",
+ Cft_Database, &cfOc_database },
{ "( OLcfgOc:6 "
- "NAME 'olcIncludeFile' "
- "DESC 'OpenLDAP configuration include file' "
- "SUP olcConfig STRUCTURAL "
- "MAY ( olcInclude $ olcModuleLoad $ olcModulePath $ olcRootDSE ) )",
- &cfOc_include },
- { "( OLcfgOc:7 "
"NAME 'olcOverlayConfig' "
"DESC 'OpenLDAP Overlay-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcOverlay ) )", &cfOc_overlay },
+ "MUST olcOverlay )", Cft_Overlay, &cfOc_overlay },
+ { "( OLcfgOc:7 "
+ "NAME 'olcIncludeFile' "
+ "DESC 'OpenLDAP configuration include file' "
+ "SUP olcConfig STRUCTURAL "
+ "MUST olcInclude "
+ "MAY ( cn $ olcRootDSE ) )",
+ Cft_Include, &cfOc_include },
+#ifdef SLAPD_MODULES
{ "( OLcfgOc:8 "
- "NAME 'olcACL' "
- "DESC 'OpenLDAP Access Control List' "
+ "NAME 'olcModuleList' "
+ "DESC 'OpenLDAP dynamic module info' "
"SUP olcConfig STRUCTURAL "
- "MUST ( olcAccess ) )", &cfOc_access },
- { NULL, NULL }
+ "MUST olcModuleLoad "
+ "MAY cn )", Cft_Module, &cfOc_module },
+#endif
+ { NULL, 0, NULL }
};
static int
char *p;
int i;
- if ( c->emit ) {
+ if ( c->op == SLAP_CONFIG_EMIT ) {
int rc = 0;
switch(c->type) {
case CFG_CONCUR:
int i;
for ( i=0; c->be->be_limits[i]; i++ ) {
- bv.bv_len = sprintf( buf, "{%d}", i );
+ bv.bv_len = sprintf( buf, IFMT, i );
bv.bv_val = buf+bv.bv_len;
limits_unparse( c->be->be_limits[i], &bv );
bv.bv_len += bv.bv_val - buf;
case CFG_DEPTH:
c->value_int = c->be->be_max_deref_depth;
break;
- case CFG_OID:
- oidm_unparse( &c->rvalue_vals );
+ case CFG_OID: {
+ ConfigFile *cf = c->private;
+ if ( !cf )
+ oidm_unparse( &c->rvalue_vals, NULL, NULL, 1 );
+ else if ( cf->c_om_head )
+ oidm_unparse( &c->rvalue_vals, cf->c_om_head,
+ cf->c_om_tail, 0 );
+ if ( !c->rvalue_vals )
+ rc = 1;
+ }
+ break;
+ case CFG_OC: {
+ ConfigFile *cf = c->private;
+ if ( !cf )
+ oc_unparse( &c->rvalue_vals, NULL, NULL, 1 );
+ else if ( cf->c_oc_head )
+ oc_unparse( &c->rvalue_vals, cf->c_oc_head,
+ cf->c_oc_tail, 0 );
if ( !c->rvalue_vals )
rc = 1;
+ }
+ break;
+ case CFG_ATTR: {
+ ConfigFile *cf = c->private;
+ if ( !cf )
+ at_unparse( &c->rvalue_vals, NULL, NULL, 1 );
+ else if ( cf->c_at_head )
+ at_unparse( &c->rvalue_vals, cf->c_at_head,
+ cf->c_at_tail, 0 );
+ if ( !c->rvalue_vals )
+ rc = 1;
+ }
+ break;
+ case CFG_DIT: {
+ ConfigFile *cf = c->private;
+ if ( !cf )
+ cr_unparse( &c->rvalue_vals, NULL, NULL, 1 );
+ else if ( cf->c_cr_head )
+ cr_unparse( &c->rvalue_vals, cf->c_cr_head,
+ cf->c_cr_tail, 0 );
+ if ( !c->rvalue_vals )
+ rc = 1;
+ }
break;
+
case CFG_CHECK:
c->value_int = global_schemacheck;
break;
char *src, *dst, ibuf[11];
struct berval bv, abv;
for (i=0, a=c->be->be_acl; a; i++,a=a->acl_next) {
- abv.bv_len = sprintf( ibuf, "{%x}", i );
+ abv.bv_len = sprintf( ibuf, IFMT, i );
acl_unparse( a, &bv );
abv.bv_val = ch_malloc( abv.bv_len + bv.bv_len + 1 );
AC_MEMCPY( abv.bv_val, ibuf, abv.bv_len );
c->value_string = ch_strdup( c->be->be_replogfile );
break;
case CFG_ROOTDSE: {
- ConfigFile *cf = (ConfigFile *)c->line;
+ ConfigFile *cf = c->private;
if ( cf->c_dseFiles ) {
value_add( &c->rvalue_vals, cf->c_dseFiles );
} else {
break;
#ifdef SLAPD_MODULES
case CFG_MODLOAD: {
- ConfigFile *cf = (ConfigFile *)c->line;
- ModPaths *mp;
- for (i=0, mp=&cf->c_modpaths; mp; mp=mp->mp_next, i++) {
- int j;
- if (!mp->mp_loads) continue;
- for (j=0; !BER_BVISNULL(&mp->mp_loads[j]); j++) {
+ ModPaths *mp = c->private;
+ if (mp->mp_loads) {
+ int i;
+ for (i=0; !BER_BVISNULL(&mp->mp_loads[i]); i++) {
struct berval bv;
bv.bv_val = c->log;
- bv.bv_len = sprintf( bv.bv_val, "{%d}{%d}%s", i, j,
- mp->mp_loads[j].bv_val );
+ bv.bv_len = sprintf( bv.bv_val, IFMT "%s", i,
+ mp->mp_loads[i].bv_val );
value_add_one( &c->rvalue_vals, &bv );
}
}
+
rc = c->rvalue_vals ? 0 : 1;
}
break;
case CFG_MODPATH: {
- ConfigFile *cf = (ConfigFile *)c->line;
ModPaths *mp;
- for (i=0, mp=&cf->c_modpaths; mp; mp=mp->mp_next, i++) {
+ for (i=0, mp=&modpaths; mp; mp=mp->mp_next, i++) {
struct berval bv;
if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads )
continue;
bv.bv_val = c->log;
- bv.bv_len = sprintf( bv.bv_val, "{%d}%s", i,
+ bv.bv_len = sprintf( bv.bv_val, IFMT "%s", i,
mp->mp_path.bv_val );
value_add_one( &c->rvalue_vals, &bv );
}
idx.bv_val = ibuf;
for ( i=0; !BER_BVISNULL( &authz_rewrites[i] ); i++ ) {
- idx.bv_len = sprintf( idx.bv_val, "{%d}", i );
+ idx.bv_len = sprintf( idx.bv_val, IFMT, i );
bv.bv_len = idx.bv_len + authz_rewrites[i].bv_len;
bv.bv_val = ch_malloc( bv.bv_len + 1 );
strcpy( bv.bv_val, idx.bv_val );
}
p = strchr(c->line,'(' /*')'*/);
+ if ( c->op == LDAP_MOD_DELETE ) {
+ int rc = 0;
+ switch(c->type) {
+ case CFG_BACKEND:
+ case CFG_DATABASE:
+ rc = 1;
+ break;
+ case CFG_CONCUR:
+ ldap_pvt_thread_set_concurrency(c);
+ break;
+
+ }
+ }
switch(c->type) {
case CFG_BACKEND:
if(!(c->bi = backend_info(c->argv[1]))) {
/* NOTE: config is always the first backend!
*/
if ( !strcasecmp( c->argv[1], "config" )) {
- c->be = backendDB;
+ c->be = LDAP_STAILQ_FIRST(&backendDB);
+ } else if ( !strcasecmp( c->argv[1], "frontend" )) {
+ c->be = frontendDB;
} else if(!(c->be = backend_db_init(c->argv[1]))) {
Debug(LDAP_DEBUG_ANY, "%s: "
"database %s failed init!\n", c->log, c->argv[1], 0);
c->be->be_max_deref_depth = c->value_int;
break;
- case CFG_OID:
- if(parse_oidm(c->fname, c->lineno, c->argc, c->argv)) return(1);
+ case CFG_OID: {
+ OidMacro *om;
+
+ if(parse_oidm(c->fname, c->lineno, c->argc, c->argv, 1, &om))
+ return(1);
+ if (!cfn->c_om_head) cfn->c_om_head = om;
+ cfn->c_om_tail = om;
+ }
break;
- case CFG_OC:
- if(parse_oc(c->fname, c->lineno, p, c->argv)) return(1);
+ case CFG_OC: {
+ ObjectClass *oc;
+
+ if(parse_oc(c->fname, c->lineno, p, c->argv, &oc)) return(1);
+ if (!cfn->c_oc_head) cfn->c_oc_head = oc;
+ cfn->c_oc_tail = oc;
+ }
break;
- case CFG_DIT:
- if(parse_cr(c->fname, c->lineno, p, c->argv)) return(1);
+ case CFG_DIT: {
+ ContentRule *cr;
+
+ if(parse_cr(c->fname, c->lineno, p, c->argv, &cr)) return(1);
+ if (!cfn->c_cr_head) cfn->c_cr_head = cr;
+ cfn->c_cr_tail = cr;
+ }
break;
- case CFG_ATTR:
- if(parse_at(c->fname, c->lineno, p, c->argv)) return(1);
+ case CFG_ATTR: {
+ AttributeType *at;
+
+ if(parse_at(c->fname, c->lineno, p, c->argv, &at)) return(1);
+ if (!cfn->c_at_head) cfn->c_at_head = at;
+ cfn->c_at_tail = at;
+ }
break;
case CFG_ATOPT:
/* Record this load on the current path */
{
struct berval bv;
- ber_str2bv(c->line, 0, 1, &bv);
- ber_bvarray_add( &cfn->c_modlast->mp_loads, &bv );
+ char *ptr = c->line + STRLENOF("moduleload");
+ while (!isspace(*ptr)) ptr++;
+ while (isspace(*ptr)) ptr++;
+ ber_str2bv(ptr, 0, 1, &bv);
+ ber_bvarray_add( &modcur->mp_loads, &bv );
}
break;
{
ModPaths *mp;
- if (!cfn->c_modpaths.mp_loads) {
- mp = &cfn->c_modpaths;
+ if (!modpaths.mp_loads) {
+ mp = &modpaths;
} else {
mp = ch_malloc( sizeof( ModPaths ));
- cfn->c_modlast->mp_next = mp;
+ modlast->mp_next = mp;
}
ber_str2bv(c->argv[1], 0, 1, &mp->mp_path);
mp->mp_next = NULL;
mp->mp_loads = NULL;
- cfn->c_modlast = mp;
+ modlast = mp;
+ if ( c->op == SLAP_CONFIG_ADD )
+ modcur = mp;
}
break;
static int
config_fname(ConfigArgs *c) {
- if(c->emit && c->line) {
- ConfigFile *cf = (ConfigFile *)c->line;
- value_add_one( &c->rvalue_vals, &cf->c_file );
+ if(c->op == SLAP_CONFIG_EMIT) {
+ if (c->private) {
+ ConfigFile *cf = c->private;
+ value_add_one( &c->rvalue_vals, &cf->c_file );
+ return 0;
+ }
+ return 1;
+ }
+ return(0);
+}
+
+static int
+config_cfdir(ConfigArgs *c) {
+ if(c->op == SLAP_CONFIG_EMIT) {
+ value_add_one( &c->rvalue_vals, &cfdir );
return 0;
}
- return(1);
+ return(0);
}
static int
config_search_base(ConfigArgs *c) {
struct berval dn;
- if(c->emit) {
+ if(c->op == SLAP_CONFIG_EMIT) {
int rc = 1;
if (!BER_BVISEMPTY(&default_search_base)) {
value_add_one(&c->rvalue_vals, &default_search_base);
static int
config_passwd_hash(ConfigArgs *c) {
int i;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
struct berval bv;
for (i=0; default_passwd_hash && default_passwd_hash[i]; i++) {
ber_str2bv(default_passwd_hash[i], 0, 0, &bv);
static int
config_schema_dn(ConfigArgs *c) {
- struct berval dn;
- int rc;
- if ( c->emit ) {
- value_add_one(&c->rvalue_vals, &c->be->be_schemadn);
- value_add_one(&c->rvalue_nvals, &c->be->be_schemandn);
- return 0;
+ if ( c->op == SLAP_CONFIG_EMIT ) {
+ int rc = 1;
+ if ( !BER_BVISEMPTY( &c->be->be_schemadn )) {
+ value_add_one(&c->rvalue_vals, &c->be->be_schemadn);
+ value_add_one(&c->rvalue_nvals, &c->be->be_schemandn);
+ rc = 0;
+ }
+ return rc;
}
c->be->be_schemadn = c->value_dn;
c->be->be_schemandn = c->value_ndn;
int i, rc = 0;
char *next;
struct slap_limits_set *lim = &c->be->be_def_limit;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
char buf[8192];
struct berval bv;
bv.bv_val = buf;
int i, rc = 0;
char *next;
struct slap_limits_set *lim = &c->be->be_def_limit;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
char buf[8192];
struct berval bv;
bv.bv_val = buf;
static int
config_overlay(ConfigArgs *c) {
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return 1;
}
if(c->argv[1][0] == '-' && overlay_config(c->be, &c->argv[1][1])) {
Backend *tbe;
struct berval pdn, ndn;
int rc;
- if (c->emit) {
- if ( !BER_BVISNULL( &c->be->be_suffix[0] )) {
+
+ if (c->be == frontendDB || SLAP_MONITOR(c->be) ||
+ SLAP_CONFIG(c->be)) return 1;
+
+ if (c->op == SLAP_CONFIG_EMIT) {
+ if (!BER_BVISNULL( &c->be->be_suffix[0] )) {
value_add( &c->rvalue_vals, c->be->be_suffix );
value_add( &c->rvalue_nvals, c->be->be_nsuffix );
return 0;
static int
config_rootdn(ConfigArgs *c) {
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if ( !BER_BVISNULL( &c->be->be_rootdn )) {
value_add_one(&c->rvalue_vals, &c->be->be_rootdn);
value_add_one(&c->rvalue_nvals, &c->be->be_rootndn);
static int
config_rootpw(ConfigArgs *c) {
Backend *tbe;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if (!BER_BVISEMPTY(&c->be->be_rootpw)) {
- c->value_string=ch_strdup("*");
+ ber_dupbv( &c->value_bv, &c->be->be_rootpw);
return 0;
}
return 1;
c->log, 0, 0);
return(1);
}
- ber_str2bv(c->value_string, 0, 0, &c->be->be_rootpw);
+ c->be->be_rootpw = c->value_bv;
return(0);
}
{ BER_BVNULL, 0 }
};
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return mask_to_verbs( restrictable_ops, c->be->be_restrictops,
&c->rvalue_vals );
}
{ BER_BVC("update_anon"), SLAP_ALLOW_UPDATE_ANON },
{ BER_BVNULL, 0 }
};
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return mask_to_verbs( allowable_ops, global_allows, &c->rvalue_vals );
}
i = verbs_to_mask(c->argc, c->argv, allowable_ops, &allows);
{ BER_BVC("tls_authc"), SLAP_DISALLOW_TLS_AUTHC },
{ BER_BVNULL, 0 }
};
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return mask_to_verbs( disallowable_ops, global_disallows, &c->rvalue_vals );
}
i = verbs_to_mask(c->argc, c->argv, disallowable_ops, &disallows);
{ BER_BVC("strong"), SLAP_REQUIRE_STRONG },
{ BER_BVNULL, 0 }
};
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return mask_to_verbs( requires_ops, c->be->be_requires, &c->rvalue_vals );
}
i = verbs_to_mask(c->argc, c->argv, requires_ops, &requires);
{ BER_BVNULL, 0 }
};
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return mask_to_verbs( loglevel_ops, ldap_syslog, &c->rvalue_vals );
}
static int
config_syncrepl(ConfigArgs *c) {
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if ( c->be->be_syncinfo ) {
struct berval bv;
syncrepl_unparse( c->be->be_syncinfo, &bv );
static int
config_referral(ConfigArgs *c) {
struct berval vals[2];
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if ( default_referral ) {
value_add( &c->rvalue_vals, default_referral );
return 0;
slap_ssf_set_t *set = &c->be->be_ssf_set;
char *next;
int i, j;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
char numbuf[32];
struct berval bv;
slap_ssf_t *tgt;
struct berval bc = {0};
char numbuf[32];
- len = sprintf(numbuf, "{%d}", i );
+ len = sprintf(numbuf, IFMT, i );
len += strlen( ri->ri_uri ) + STRLENOF("uri=");
if ( ri->ri_nsuffix ) {
char *replicahost, *replicauri;
LDAPURLDesc *ludp;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if (c->be->be_replica) {
struct berval bv;
for (i=0;c->be->be_replica[i]; i++) {
config_updatedn(ConfigArgs *c) {
struct berval dn;
int rc;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if (!BER_BVISEMPTY(&c->be->be_update_ndn)) {
value_add_one(&c->rvalue_vals, &c->be->be_update_ndn);
value_add_one(&c->rvalue_nvals, &c->be->be_update_ndn);
static int
config_updateref(ConfigArgs *c) {
struct berval vals[2];
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
if ( c->be->be_update_refs ) {
value_add( &c->rvalue_vals, c->be->be_update_refs );
return 0;
ConfigFile *cf;
ConfigFile *cfsave = cfn;
ConfigFile *cf2 = NULL;
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
+ if (c->private) {
+ ConfigFile *cf = c->private;
+ value_add_one( &c->rvalue_vals, &cf->c_file );
+ return 0;
+ }
return 1;
}
cf = ch_calloc( 1, sizeof(ConfigFile));
-#ifdef SLAPD_MODULES
- cf->c_modlast = &cf->c_modpaths;
-#endif
if ( cfn->c_kids ) {
for (cf2=cfn->c_kids; cf2 && cf2->c_sibs; cf2=cf2->c_sibs) ;
cf2->c_sibs = cf;
cfn->c_kids = cf;
}
cfn = cf;
+ ber_str2bv( c->argv[1], 0, 1, &cf->c_file );
rc = read_config_file(c->argv[1], c->depth + 1, c);
c->lineno = savelineno - 1;
cfn = cfsave;
if ( rc ) {
if ( cf2 ) cf2->c_sibs = NULL;
else cfn->c_kids = NULL;
+ ch_free( cf->c_file.bv_val );
ch_free( cf );
- } else {
- ber_str2bv( c->argv[1], 0, 1, &cf->c_file );
}
return(rc);
}
config_tls_option(ConfigArgs *c) {
int flag;
switch(c->type) {
- case CFG_TLS_RAND: flag = LDAP_OPT_X_TLS_RANDOM_FILE; break;
+ case CFG_TLS_RAND: flag = LDAP_OPT_X_TLS_RANDOM_FILE; break;
case CFG_TLS_CIPHER: flag = LDAP_OPT_X_TLS_CIPHER_SUITE; break;
case CFG_TLS_CERT_FILE: flag = LDAP_OPT_X_TLS_CERTFILE; break;
case CFG_TLS_CERT_KEY: flag = LDAP_OPT_X_TLS_KEYFILE; break;
case CFG_TLS_CA_PATH: flag = LDAP_OPT_X_TLS_CACERTDIR; break;
case CFG_TLS_CA_FILE: flag = LDAP_OPT_X_TLS_CACERTFILE; break;
default: Debug(LDAP_DEBUG_ANY, "%s: "
- "unknown tls_option <%x>\n",
+ "unknown tls_option <0x%x>\n",
c->log, c->type, 0);
}
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
return ldap_pvt_tls_get_option( NULL, flag, &c->value_string );
}
ch_free(c->value_string);
{ BER_BVNULL, 0 }
}, *keys;
switch(c->type) {
-#ifdef HAVE_OPENSSL_CRL
- case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys;
- break;
-#endif
- case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys;
- break;
- default: Debug(LDAP_DEBUG_ANY, "%s: "
- "unknown tls_option <%x>\n",
- c->log, c->type, 0);
+ case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys; break;
+ case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys; break;
+ default:
+ Debug(LDAP_DEBUG_ANY, "%s: "
+ "unknown tls_option <0x%x>\n",
+ c->log, c->type, 0);
}
- if (c->emit) {
+ if (c->op == SLAP_CONFIG_EMIT) {
ldap_pvt_tls_get_option( NULL, flag, &c->value_int );
for (i=0; !BER_BVISNULL(&keys[i].word); i++) {
if (keys[i].mask == c->value_int) {
ber_dupbv( bv, &bc );
}
-
-int
-read_config(const char *fname, int depth) {
-
- if ( !backend_db_init( "config" ))
- return 1;
-
- ber_str2bv( fname, 0, 1, &cf_prv.c_file );
- return read_config_file(fname, depth, NULL);
-}
-
-static int
-config_back_bind( Operation *op, SlapReply *rs )
-{
- if ( op->orb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) {
- ber_dupbv( &op->orb_edn, be_root_dn( op->o_bd ));
- /* frontend sends result */
- return LDAP_SUCCESS;
- }
-
- rs->sr_err = LDAP_INVALID_CREDENTIALS;
- send_ldap_result( op, rs );
-
- return rs->sr_err;
-}
-
static CfEntryInfo *
config_find_base( CfEntryInfo *root, struct berval *dn, CfEntryInfo **last )
{
struct berval cdn;
char *c;
+ if ( !root ) {
+ *last = NULL;
+ return NULL;
+ }
+
if ( dn_match( &root->ce_entry->e_nname, dn ))
return root;
while(root) {
*last = root;
for (--c;c>dn->bv_val && *c != ',';c--);
- if ( *c == ',' )
- c++;
cdn.bv_val = c;
- cdn.bv_len = dn->bv_len - (c-dn->bv_val);
+ if ( *c == ',' )
+ cdn.bv_val++;
+ cdn.bv_len = dn->bv_len - (cdn.bv_val - dn->bv_val);
root = root->ce_kids;
return root;
}
+static int
+config_ldif_resp( Operation *op, SlapReply *rs )
+{
+ if ( rs->sr_type == REP_SEARCH ) {
+ CfBackInfo *cfb = op->o_callback->sc_private;
+
+ cfb->cb_got_ldif = 1;
+ rs->sr_err = config_add_internal( cfb, rs->sr_entry, NULL, NULL );
+ }
+ return rs->sr_err;
+}
+
+/* Configure and read the underlying back-ldif store */
+static int
+config_setup_ldif( BackendDB *be, const char *dir ) {
+ CfBackInfo *cfb = be->be_private;
+ ConfigArgs c = {0};
+ ConfigTable *ct;
+ char *argv[3];
+ int rc;
+ slap_callback cb = { NULL, config_ldif_resp, NULL, NULL };
+ Connection conn = {0};
+ char opbuf[OPERATION_BUFFER_SIZE];
+ Operation *op;
+ SlapReply rs = {REP_RESULT};
+ Filter filter = { LDAP_FILTER_PRESENT };
+ struct berval filterstr = BER_BVC("(objectclass=*)");
+
+ cfb->cb_db.bd_info = backend_info( "ldif" );
+ if ( !cfb->cb_db.bd_info )
+ return 0; /* FIXME: eventually this will be a fatal error */
+
+ if ( cfb->cb_db.bd_info->bi_db_init( &cfb->cb_db )) return 1;
+
+ /* Mark that back-ldif type is in use */
+ cfb->cb_db.bd_info->bi_nDB++;
+
+ cfb->cb_db.be_suffix = be->be_suffix;
+ cfb->cb_db.be_nsuffix = be->be_nsuffix;
+ cfb->cb_db.be_rootdn = be->be_rootdn;
+ cfb->cb_db.be_rootndn = be->be_rootndn;
+
+ ber_str2bv( dir, 0, 1, &cfdir );
+
+ c.be = &cfb->cb_db;
+ c.fname = "slapd";
+ c.argc = 2;
+ argv[0] = "directory";
+ argv[1] = (char *)dir;
+ argv[2] = NULL;
+ c.argv = argv;
+
+ ct = config_find_keyword( c.be->be_cf_table, &c );
+ if ( !ct )
+ return 1;
+
+ if ( config_add_vals( ct, &c ))
+ return 1;
+
+ if ( backend_startup_one( &cfb->cb_db ))
+ return 1;
+
+ op = (Operation *)opbuf;
+ connection_fake_init( &conn, op, cfb );
+
+ filter.f_desc = slap_schema.si_ad_objectClass;
+
+ op->o_tag = LDAP_REQ_SEARCH;
+
+ op->ors_filter = &filter;
+ op->ors_filterstr = filterstr;
+ op->ors_scope = LDAP_SCOPE_SUBTREE;
+
+ op->o_dn = be->be_rootdn;
+ op->o_ndn = be->be_rootndn;
+
+ op->o_req_dn = be->be_suffix[0];
+ op->o_req_ndn = be->be_nsuffix[0];
+
+ op->ors_tlimit = SLAP_NO_LIMIT;
+ op->ors_slimit = SLAP_NO_LIMIT;
+
+ op->ors_attrs = slap_anlist_all_attributes;
+ op->ors_attrsonly = 0;
+
+ op->o_callback = &cb;
+ cb.sc_private = cfb;
+
+ op->o_bd = &cfb->cb_db;
+ op->o_bd->be_search( op, &rs );
+
+ return 0;
+}
+
+static int
+CfOcInfo_cmp( const void *c1, const void *c2 ) {
+ const CfOcInfo *co1 = c1;
+ const CfOcInfo *co2 = c2;
+
+ return ber_bvcmp( co1->co_name, co2->co_name );
+}
+
+int
+config_register_schema(ConfigTable *ct, ConfigOCs *ocs) {
+ int i;
+ CfOcInfo *co;
+
+ i = init_config_attrs( ct );
+ if ( i ) return i;
+
+ /* set up the objectclasses */
+ i = init_config_ocs( ocs );
+ if ( i ) return i;
+
+ for (i=0; ocs[i].def; i++) {
+ if ( ocs[i].oc ) {
+ co = ch_malloc( sizeof(CfOcInfo) );
+ co->co_name = &(*ocs[i].oc)->soc_cname;
+ co->co_table = ct;
+ co->co_type = ocs[i].cft;
+ avl_insert( &CfOcTree, co, CfOcInfo_cmp, avl_dup_error );
+ }
+ }
+ return 0;
+}
+
+int
+read_config(const char *fname, const char *dir) {
+ BackendDB *be;
+ CfBackInfo *cfb;
+
+ /* Setup the config backend */
+ be = backend_db_init( "config" );
+ if ( !be )
+ return 1;
+
+ cfb = be->be_private;
+
+ /* Setup the underlying back-ldif backend */
+ if ( config_setup_ldif( be, dir ))
+ return 1;
+
+#ifdef SLAP_USE_CONFDIR
+ /* If we read the config from back-ldif, nothing to do here */
+ if ( cfb->cb_got_ldif )
+ return 0;
+#endif
+ ber_str2bv( fname, 0, 1, &cf_prv.c_file );
+
+ return read_config_file(fname, 0, NULL);
+}
+
+static int
+config_back_bind( Operation *op, SlapReply *rs )
+{
+ if ( op->orb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) {
+ ber_dupbv( &op->orb_edn, be_root_dn( op->o_bd ));
+ /* frontend sends result */
+ return LDAP_SUCCESS;
+ }
+
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
+
+ return rs->sr_err;
+}
+
static int
config_send( Operation *op, SlapReply *rs, CfEntryInfo *ce, int depth )
{
return rc;
}
+static ConfigTable *
+config_find_table( CfOcInfo *co, AttributeDescription *ad )
+{
+ int i;
+
+ for (i=0; co->co_table[i].name; i++)
+ if ( co->co_table[i].ad == ad )
+ return &co->co_table[i];
+ return NULL;
+}
+
+/* Sort the values in an X-ORDERED VALUES attribute.
+ * If the values have no index, leave them in their given order.
+ * If the values have indexes, sort them.
+ * If some are indexed and some are not, return Error.
+ *
+ * FIXME: This function probably belongs in the frontend somewhere,
+ * like slap_mods_check.
+ */
+static int
+sort_vals( Attribute *a )
+{
+ int i;
+ int index = 0, noindex = 0;
+
+ /* count attrs, look for index */
+ for (i=0; a->a_vals[i].bv_val; i++) {
+ if ( a->a_vals[i].bv_val[0] == '{' ) {
+ char *ptr;
+ index = 1;
+ ptr = strchr( a->a_vals[i].bv_val, '}' );
+ if ( !ptr || !ptr[1] )
+ return LDAP_INVALID_SYNTAX;
+ if ( noindex )
+ return LDAP_INVALID_SYNTAX;
+ } else {
+ noindex = 1;
+ if ( index )
+ return LDAP_INVALID_SYNTAX;
+ }
+ }
+
+ if ( index ) {
+ int vals = i, *indexes, j, idx;
+ struct berval tmp, ntmp;
+ char *ptr;
+
+#if 0
+ /* Strip index from normalized values */
+ if ( !a->a_nvals || a->a_vals == a->a_nvals ) {
+ a->a_nvals = ch_malloc( (vals+1)*sizeof(struct berval));
+ BER_BVZERO(a->a_nvals+vals);
+ for ( i=0; i<vals; i++ ) {
+ ptr = strchr(a->a_vals[i].bv_val, '}') + 1;
+ a->a_nvals[i].bv_len = a->a_vals[i].bv_len -
+ (ptr - a->a_vals[i].bv_val);
+ a->a_nvals[i].bv_val = ch_malloc( a->a_nvals[i].bv_len + 1);
+ strcpy(a->a_nvals[i].bv_val, ptr );
+ }
+ } else {
+ for ( i=0; i<vals; i++ ) {
+ ptr = strchr(a->a_nvals[i].bv_val, '}') + 1;
+ a->a_nvals[i].bv_len -= ptr - a->a_nvals[i].bv_val;
+ strcpy(a->a_nvals[i].bv_val, ptr);
+ }
+ }
+#endif
+
+ indexes = ch_malloc( vals * sizeof(int) );
+ for ( i=0; i<vals; i++)
+ indexes[i] = atoi(a->a_vals[i].bv_val+1);
+
+ /* Insertion sort */
+ for ( i=1; i<vals; i++ ) {
+ idx = indexes[i];
+ tmp = a->a_vals[i];
+ ntmp = a->a_nvals[i];
+ j = i;
+ while ((j > 0) && (indexes[j-1] > idx)) {
+ indexes[j] = indexes[j-1];
+ a->a_vals[j] = a->a_vals[j-1];
+ a->a_nvals[j] = a->a_nvals[j-1];
+ j--;
+ }
+ indexes[j] = idx;
+ a->a_vals[j] = tmp;
+ a->a_nvals[j] = ntmp;
+ }
+ }
+ return 0;
+}
+
+static int
+check_attr( ConfigTable *ct, ConfigArgs *ca, Attribute *a )
+{
+ int i, rc = 0, sort = 0;
+
+ if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED ) {
+ sort = 1;
+ rc = sort_vals( a );
+ if ( rc )
+ return rc;
+ }
+ for ( i=0; a->a_nvals[i].bv_val; i++ ) {
+ ca->line = a->a_nvals[i].bv_val;
+ if ( sort ) ca->line = strchr( ca->line, '}' ) + 1;
+ rc = config_parse_vals( ct, ca, i );
+ if ( rc )
+ break;
+ }
+ return rc;
+}
+
+static int
+check_name_index( CfEntryInfo *parent, ConfigType ce_type, Entry *e,
+ SlapReply *rs, int *renum )
+{
+ CfEntryInfo *ce;
+ int index = -1, gotindex = 0, nsibs;
+ int renumber = 0, tailindex = 0;
+ char *ptr1, *ptr2;
+ struct berval rdn;
+
+ if ( renum ) *renum = 0;
+
+ /* These entries don't get indexed/renumbered */
+ if ( ce_type == Cft_Global ) return 0;
+ if ( ce_type == Cft_Schema && parent->ce_type == Cft_Global ) return 0;
+
+ if ( ce_type == Cft_Include || ce_type == Cft_Module )
+ tailindex = 1;
+
+ /* See if the rdn has an index already */
+ dnRdn( &e->e_name, &rdn );
+ ptr1 = strchr( e->e_name.bv_val, '{' );
+ if ( ptr1 && ptr1 - e->e_name.bv_val < rdn.bv_len ) {
+ ptr2 = strchr( ptr1, '}' );
+ if (!ptr2 || ptr2 - e->e_name.bv_val > rdn.bv_len)
+ return LDAP_NAMING_VIOLATION;
+ if ( ptr2-ptr1 == 1)
+ return LDAP_NAMING_VIOLATION;
+ gotindex = 1;
+ index = atoi(ptr1+1);
+ if ( index < 0 )
+ return LDAP_NAMING_VIOLATION;
+ }
+
+ /* count related kids */
+ for (nsibs=0, ce=parent->ce_kids; ce; ce=ce->ce_sibs) {
+ if ( ce->ce_type == ce_type ) nsibs++;
+ }
+
+ if ( index != nsibs ) {
+ if ( gotindex ) {
+ if ( index < nsibs ) {
+ if ( tailindex ) return LDAP_NAMING_VIOLATION;
+ /* Siblings need to be renumbered */
+ renumber = 1;
+ }
+ }
+ if ( !renumber ) {
+ struct berval ival, newrdn, nnewrdn;
+ struct berval rtype, rval;
+ Attribute *a;
+ AttributeDescription *ad = NULL;
+ char ibuf[32];
+ const char *text;
+
+ rval.bv_val = strchr(rdn.bv_val, '=' ) + 1;
+ rval.bv_len = rdn.bv_len - (rval.bv_val - rdn.bv_val);
+ rtype.bv_val = rdn.bv_val;
+ rtype.bv_len = rval.bv_val - rtype.bv_val - 1;
+
+ /* Find attr */
+ slap_bv2ad( &rtype, &ad, &text );
+ a = attr_find( e->e_attrs, ad );
+ if (!a ) return LDAP_NAMING_VIOLATION;
+
+ ival.bv_val = ibuf;
+ ival.bv_len = sprintf( ibuf, IFMT, nsibs );
+
+ newrdn.bv_len = rdn.bv_len + ival.bv_len;
+ newrdn.bv_val = ch_malloc( newrdn.bv_len+1 );
+
+ if ( tailindex ) {
+ ptr1 = lutil_strncopy( newrdn.bv_val, rdn.bv_val, rdn.bv_len );
+ ptr1 = lutil_strcopy( ptr1, ival.bv_val );
+ } else {
+ int xlen;
+ if ( !gotindex ) {
+ ptr2 = rval.bv_val;
+ xlen = rval.bv_len;
+ } else {
+ xlen = rdn.bv_len - (ptr2 - rdn.bv_val);
+ }
+ ptr1 = lutil_strncopy( newrdn.bv_val, rtype.bv_val,
+ rtype.bv_len );
+ *ptr1++ = '=';
+ ptr1 = lutil_strcopy( ptr1, ival.bv_val );
+ ptr1 = lutil_strncopy( ptr1, ptr2, xlen );
+ *ptr1 = '\0';
+ }
+
+ /* Do the equivalent of ModRDN */
+ /* Replace DN / NDN */
+ newrdn.bv_len = ptr1 - newrdn.bv_val;
+ rdnNormalize( 0, NULL, NULL, &newrdn, &nnewrdn, NULL );
+ free( e->e_name.bv_val );
+ build_new_dn( &e->e_name, &parent->ce_entry->e_name,
+ &newrdn, NULL );
+ free( e->e_nname.bv_val );
+ build_new_dn( &e->e_nname, &parent->ce_entry->e_nname,
+ &nnewrdn, NULL );
+
+ /* Replace attr */
+ free( a->a_vals[0].bv_val );
+ ptr1 = strchr( newrdn.bv_val, '=' ) + 1;
+ a->a_vals[0].bv_len = newrdn.bv_len - (ptr1 - newrdn.bv_val);
+ a->a_vals[0].bv_val = ch_malloc( a->a_vals[0].bv_len + 1 );
+ strcpy( a->a_vals[0].bv_val, ptr1 );
+
+ if ( a->a_nvals != a->a_vals ) {
+ free( a->a_nvals[0].bv_val );
+ ptr1 = strchr( nnewrdn.bv_val, '=' ) + 1;
+ a->a_nvals[0].bv_len = nnewrdn.bv_len - (ptr1 - nnewrdn.bv_val);
+ a->a_nvals[0].bv_val = ch_malloc( a->a_nvals[0].bv_len + 1 );
+ strcpy( a->a_nvals[0].bv_val, ptr1 );
+ }
+ free( nnewrdn.bv_val );
+ free( newrdn.bv_val );
+ }
+ }
+ if ( renum ) *renum = renumber;
+ return 0;
+}
+
+/* Parse an LDAP entry into config directives */
+static int
+config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
+{
+ CfEntryInfo *ce, *last;
+ CfOcInfo co, *coptr, **colst = NULL;
+ Attribute *a, *oc_at, *type_attr;
+ AttributeDescription *type_ad = NULL;
+ int i, j, nocs, rc;
+ ConfigArgs ca = {0};
+ struct berval pdn;
+ Entry *xe = NULL;
+ ConfigTable *ct, *type_ct = NULL;
+
+ /* Make sure parent exists and entry does not */
+ ce = config_find_base( cfb->cb_root, &e->e_nname, &last );
+ if ( ce )
+ return LDAP_ALREADY_EXISTS;
+
+ dnParent( &e->e_nname, &pdn );
+
+ /* If last is NULL, the new entry is the root/suffix entry,
+ * otherwise last should be the parent.
+ */
+ if ( last && !dn_match( &last->ce_entry->e_nname, &pdn )) {
+ if ( rs )
+ rs->sr_matched = last->ce_entry->e_name.bv_val;
+ return LDAP_NO_SUCH_OBJECT;
+ }
+
+ oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass );
+ if ( !oc_at ) return LDAP_OBJECT_CLASS_VIOLATION;
+
+ /* count the objectclasses */
+ for ( i=0; oc_at->a_nvals[i].bv_val; i++ );
+ nocs = i;
+ colst = (CfOcInfo **)ch_malloc( nocs * sizeof(CfOcInfo *));
+
+ for ( i=0, j=0; i<nocs; i++) {
+ co.co_name = &oc_at->a_nvals[i];
+ coptr = avl_find( CfOcTree, &co, CfOcInfo_cmp );
+
+ /* ignore non-config objectclasses. probably should be
+ * an error, general data doesn't belong here.
+ */
+ if ( !coptr ) continue;
+
+ /* Ignore the root objectclass, it has no implementation.
+ */
+ if ( coptr->co_type == Cft_Abstract ) continue;
+ colst[j++] = coptr;
+ }
+ nocs = j;
+
+ /* Only the root can be Cft_Global, everything else must
+ * have a parent. Only limited nesting arrangements are allowed.
+ */
+ switch( colst[0]->co_type ) {
+ case Cft_Global:
+ if ( last ) {
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto leave;
+ }
+ break;
+ case Cft_Schema:
+ case Cft_Backend:
+ case Cft_Database:
+ case Cft_Include:
+ if ( !last || ( last->ce_type != Cft_Global &&
+ last->ce_type != colst[0]->co_type )) {
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto leave;
+ }
+ break;
+ case Cft_Overlay:
+ if ( !last || ( last->ce_type != Cft_Global &&
+ last->ce_type != Cft_Database &&
+ last->ce_type != colst[0]->co_type )) {
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto leave;
+ }
+ break;
+#ifdef SLAPD_MODULES
+ case Cft_Module:
+ if ( !last || last->ce_type != Cft_Global ) {
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto leave;
+ }
+#endif
+ break;
+ }
+
+ /* Parse all the values and check for simple syntax errors before
+ * performing any set actions.
+ */
+ switch (colst[0]->co_type) {
+ case Cft_Schema:
+ /* The cn=schema entry is all hardcoded, so never reparse it */
+ if (last->ce_type == Cft_Global )
+ goto ok;
+ /* FALLTHRU */
+ case Cft_Global:
+ ca.be = LDAP_STAILQ_FIRST(&backendDB);
+ break;
+
+ case Cft_Backend:
+ if ( last->ce_type == Cft_Backend )
+ ca.bi = last->ce_bi;
+ else
+ type_ad = cfAd_backend;
+ break;
+ case Cft_Database:
+ if ( last->ce_type == Cft_Database ) {
+ ca.be = last->ce_be;
+ } else {
+ type_ad = cfAd_database;
+ /* dummy, just to get past check_attr */
+ ca.be = frontendDB;
+ }
+ break;
+
+ case Cft_Overlay:
+ ca.be = last->ce_be;
+ type_ad = cfAd_overlay;
+ break;
+
+ case Cft_Include:
+ if ( !rs ) /* ignored */
+ break;
+ type_ad = cfAd_include;
+ break;
+#ifdef SLAPD_MODULES
+ case Cft_Module: {
+ ModPaths *mp;
+ char *ptr;
+ ptr = strchr( e->e_name.bv_val, '{' );
+ if ( !ptr ) {
+ rc = LDAP_NAMING_VIOLATION;
+ goto leave;
+ }
+ j = atoi(ptr+1);
+ for (i=0, mp=&modpaths; mp && i<j; mp=mp->mp_next);
+ /* There is no corresponding modpath for this load? */
+ if ( i != j ) {
+ rc = LDAP_NAMING_VIOLATION;
+ goto leave;
+ }
+ module_path( mp->mp_path.bv_val );
+ ca.private = mp;
+ }
+ break;
+#endif
+ }
+
+ /* If doing an LDAPadd, check for indexed names and any necessary
+ * renaming/renumbering. Entries that don't need indexed names are
+ * ignored. Entries that need an indexed name and arrive without one
+ * are assigned to the end. Entries that arrive with an index may
+ * cause the following entries to be renumbered/bumped down.
+ *
+ * Note that "pseudo-indexed" entries (cn=Include{xx}, cn=Module{xx})
+ * don't allow Adding an entry with an index that's already in use.
+ * This is flagged as an error (LDAP_ALREADY_EXISTS) up above.
+ *
+ * These entries can have auto-assigned indexes (appended to the end)
+ * but only the other types support auto-renumbering of siblings.
+ */
+ rc = check_name_index( last, colst[0]->co_type, e, rs, renum );
+ if ( rc )
+ goto leave;
+
+ init_config_argv( &ca );
+ if ( type_ad ) {
+ type_attr = attr_find( e->e_attrs, type_ad );
+ if ( !type_attr ) {
+ rc = LDAP_OBJECT_CLASS_VIOLATION;
+ goto leave;
+ }
+ for ( i=0; i<nocs; i++ ) {
+ type_ct = config_find_table( colst[i], type_ad );
+ if ( type_ct ) break;
+ }
+ if ( !type_ct ) {
+ rc = LDAP_OBJECT_CLASS_VIOLATION;
+ goto leave;
+ }
+ rc = check_attr( type_ct, &ca, type_attr );
+ if ( rc ) goto leave;
+ }
+ for ( a=e->e_attrs; a; a=a->a_next ) {
+ if ( a == type_attr || a == oc_at ) continue;
+ ct = NULL;
+ for ( i=0; i<nocs; i++ ) {
+ ct = config_find_table( colst[i], a->a_desc );
+ if ( ct ) break;
+ }
+ if ( !ct ) continue; /* user data? */
+ rc = check_attr( ct, &ca, a );
+ if ( rc ) goto leave;
+ }
+
+ /* Basic syntax checks are OK. Do the actual settings. */
+ if ( type_ct ) {
+ ca.line = type_attr->a_vals[0].bv_val;
+ if ( type_ad->ad_type->sat_flags & SLAP_AT_ORDERED )
+ ca.line = strchr( ca.line, '}' ) + 1;
+ rc = config_parse_add( type_ct, &ca, 0 );
+ if ( rc ) {
+ rc = LDAP_OTHER;
+ goto leave;
+ }
+ }
+ for ( a=e->e_attrs; a; a=a->a_next ) {
+ if ( a == type_attr || a == oc_at ) continue;
+ ct = NULL;
+ for ( i=0; i<nocs; i++ ) {
+ ct = config_find_table( colst[i], a->a_desc );
+ if ( ct ) break;
+ }
+ if ( !ct ) continue; /* user data? */
+ for (i=0; a->a_vals[i].bv_val; i++) {
+ ca.line = a->a_vals[i].bv_val;
+ if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED )
+ ca.line = strchr( ca.line, '}' ) + 1;
+ rc = config_parse_add( ct, &ca, i );
+ if ( rc ) {
+ rc = LDAP_OTHER;
+ goto leave;
+ }
+ }
+ }
+ok:
+ ce = ch_calloc( 1, sizeof(CfEntryInfo) );
+ ce->ce_parent = last;
+ ce->ce_entry = entry_dup( e );
+ ce->ce_entry->e_private = ce;
+ ce->ce_type = colst[0]->co_type;
+ if ( !last ) {
+ cfb->cb_root = ce;
+ } else if ( last->ce_kids ) {
+ CfEntryInfo *c2;
+
+ for (c2=last->ce_kids; c2 && c2->ce_sibs; c2 = c2->ce_sibs);
+
+ c2->ce_sibs = ce;
+ } else {
+ last->ce_kids = ce;
+ }
+
+leave:
+ ch_free( ca.argv );
+ if ( colst ) ch_free( colst );
+ return rc;
+}
+
+/* Parse an LDAP entry into config directives, then store in underlying
+ * database.
+ */
+static int
+config_back_add( Operation *op, SlapReply *rs )
+{
+ CfBackInfo *cfb;
+ CfEntryInfo *ce, *last;
+ int renumber;
+
+ if ( !be_isroot( op ) ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ send_ldap_result( op, rs );
+ }
+
+ cfb = (CfBackInfo *)op->o_bd->be_private;
+
+ ldap_pvt_thread_pool_pause( &connection_pool );
+
+ /* Strategy:
+ * 1) check for existence of entry
+ * 2) check for sibling renumbering
+ * 3) perform internal add
+ * 4) store entry in underlying database
+ * 5) perform any necessary renumbering
+ */
+ rs->sr_err = config_add_internal( cfb, op->ora_e, rs, &renumber );
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ BackendDB *be = op->o_bd;
+ slap_callback sc = { NULL, slap_null_cb, NULL, NULL };
+ op->o_bd = &cfb->cb_db;
+ sc.sc_next = op->o_callback;
+ op->o_callback = ≻
+ op->o_bd->be_add( op, rs );
+ op->o_bd = be;
+ op->o_callback = sc.sc_next;
+ }
+ if ( renumber ) {
+ }
+
+ ldap_pvt_thread_pool_resume( &connection_pool );
+
+out:
+ send_ldap_result( op, rs );
+ return rs->sr_err;
+}
+
+/* Modify rules:
+ * for single-valued attributes, should just use REPLACE.
+ * any received DELETE/ADD on a single-valued attr will
+ * be checked (if a DEL value is provided) and then
+ * rewritten as a REPLACE.
+ * any DELETE received without a corresponding ADD will be
+ * rejected with LDAP_CONSTRAINT_VIOLATION.
+ */
static int
config_back_modify( Operation *op, SlapReply *rs )
{
goto out;
}
ldap_pvt_thread_pool_pause( &connection_pool );
+
+ /* Strategy:
+ * 1) perform the Modify on the cached Entry.
+ * 2) verify that the Entry still satisfies the schema.
+ * 3) perform the individual config operations.
+ * 4) store Modified entry in underlying LDIF backend.
+ */
+ ldap_pvt_thread_pool_resume( &connection_pool );
+out:
+ send_ldap_result( op, rs );
+ return rs->sr_err;
+}
+
+static int
+config_back_modrdn( Operation *op, SlapReply *rs )
+{
+ CfBackInfo *cfb;
+ CfEntryInfo *ce, *last;
+
+ if ( !be_isroot( op ) ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ send_ldap_result( op, rs );
+ }
+
+ cfb = (CfBackInfo *)op->o_bd->be_private;
+
+ ce = config_find_base( cfb->cb_root, &op->o_req_ndn, &last );
+ if ( !ce ) {
+ if ( last )
+ rs->sr_matched = last->ce_entry->e_name.bv_val;
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ goto out;
+ }
+
+ /* We don't allow moving objects to new parents.
+ * Generally we only allow reordering a set of ordered entries.
+ */
+ if ( op->orr_newSup ) {
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ goto out;
+ }
+ ldap_pvt_thread_pool_pause( &connection_pool );
+
ldap_pvt_thread_pool_resume( &connection_pool );
out:
send_ldap_result( op, rs );
}
static Entry *
-config_alloc_entry( struct berval *pdn, struct berval *rdn )
+config_alloc_entry( CfEntryInfo *parent, struct berval *rdn )
{
Entry *e = ch_calloc( 1, sizeof(Entry) );
CfEntryInfo *ce = ch_calloc( 1, sizeof(CfEntryInfo) );
+ struct berval pdn;
+
e->e_private = ce;
ce->ce_entry = e;
- build_new_dn( &e->e_name, pdn, rdn, NULL );
+ ce->ce_parent = parent;
+ if ( parent ) {
+ pdn = parent->ce_entry->e_nname;
+ } else {
+ BER_BVZERO( &pdn );
+ }
+
+ build_new_dn( &e->e_name, &pdn, rdn, NULL );
ber_dupbv( &e->e_nname, &e->e_name );
return e;
}
int rc, i;
char *ptr;
const char *text;
+ char textbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof(textbuf);
AttributeType **at;
+ Attribute *oc_at;
BER_BVZERO( &vals[1] );
if ((*at)->sat_ad == ad || (*at)->sat_ad == slap_schema.si_ad_cn )
continue;
for (i=0;ct[i].name;i++) {
- if (ct[i].ad == (*at)->sat_ad)
+ if (ct[i].ad == (*at)->sat_ad) {
+ rc = config_get_vals(&ct[i], c);
+ if (rc == LDAP_SUCCESS) {
+ attr_merge(e, ct[i].ad, c->rvalue_vals, c->rvalue_nvals);
+ ber_bvarray_free( c->rvalue_nvals );
+ ber_bvarray_free( c->rvalue_vals );
+ }
break;
- }
- rc = config_get_vals(&ct[i], c);
- if (rc == LDAP_SUCCESS) {
- attr_merge(e, ct[i].ad, c->rvalue_vals, c->rvalue_nvals);
- ber_bvarray_free( c->rvalue_nvals );
- ber_bvarray_free( c->rvalue_vals );
+ }
}
}
if ((*at)->sat_ad == ad || (*at)->sat_ad == slap_schema.si_ad_cn )
continue;
for (i=0;ct[i].name;i++) {
- if (ct[i].ad == (*at)->sat_ad)
+ if (ct[i].ad == (*at)->sat_ad) {
+ rc = config_get_vals(&ct[i], c);
+ if (rc == LDAP_SUCCESS) {
+ attr_merge(e, ct[i].ad, c->rvalue_vals, c->rvalue_nvals);
+ ber_bvarray_free( c->rvalue_nvals );
+ ber_bvarray_free( c->rvalue_vals );
+ }
break;
- }
- rc = config_get_vals(&ct[i], c);
- if (rc == LDAP_SUCCESS) {
- attr_merge(e, ct[i].ad, c->rvalue_vals, c->rvalue_nvals);
- ber_bvarray_free( c->rvalue_nvals );
- ber_bvarray_free( c->rvalue_vals );
+ }
}
}
}
}
}
+ oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass );
+ rc = structural_class(oc_at->a_vals, vals, NULL, &text, textbuf, textlen);
+ BER_BVZERO( &vals[1] );
+ attr_merge(e, slap_schema.si_ad_structuralObjectClass, vals, NULL );
return 0;
}
+static void
+config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent,
+ Operation *op, SlapReply *rs )
+{
+ Entry *e;
+ ConfigFile *cf = c->private;
+ CfEntryInfo *ce, *ceprev;
+ char *ptr;
+ struct berval bv;
+
+ if ( ceparent->ce_kids ) {
+ for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs;
+ ceprev = ceprev->ce_sibs );
+ }
+
+ for (; cf; cf=cf->c_sibs, c->depth++) {
+ c->value_dn.bv_val = c->log;
+ bv.bv_val = strrchr(cf->c_file.bv_val, LDAP_DIRSEP[0]);
+ if ( !bv.bv_val ) {
+ bv = cf->c_file;
+ } else {
+ bv.bv_val++;
+ bv.bv_len = cf->c_file.bv_len - (bv.bv_val - cf->c_file.bv_val);
+ }
+ ptr = strchr( bv.bv_val, '.' );
+ if ( ptr )
+ bv.bv_len = ptr - bv.bv_val;
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=" IFMT, c->depth);
+ strncpy( c->value_dn.bv_val + c->value_dn.bv_len, bv.bv_val,
+ bv.bv_len );
+ c->value_dn.bv_len += bv.bv_len;
+ c->value_dn.bv_val[c->value_dn.bv_len] ='\0';
+
+ e = config_alloc_entry( ceparent, &c->value_dn );
+ c->private = cf;
+ config_build_entry( c, e, cfOc_schema, &c->value_dn,
+ c->bi->bi_cf_table, NO_TABLE );
+ ce = e->e_private;
+ ce->ce_type = Cft_Schema;
+ op->ora_e = e;
+ op->o_bd->be_add( op, rs );
+ ce->ce_bi = c->bi;
+ if ( !ceparent->ce_kids ) {
+ ceparent->ce_kids = ce;
+ } else {
+ ceprev->ce_sibs = ce;
+ }
+ ceprev = ce;
+ if ( cf->c_kids ) {
+ c->private = cf->c_kids;
+ config_build_schema_inc( c, ceparent, op, rs );
+ }
+ }
+}
+
static CfEntryInfo *
-config_build_includes( ConfigArgs *c, Entry *parent )
+config_build_includes( ConfigArgs *c, CfEntryInfo *ceparent,
+ Operation *op, SlapReply *rs )
{
Entry *e;
int i;
- ConfigFile *cf = (ConfigFile *)c->line;
- CfEntryInfo *ce, *ceparent, *ceprev;
+ ConfigFile *cf = c->private;
+ CfEntryInfo *ce, *ceprev;
- ceparent = parent->e_private;
+ if ( ceparent->ce_kids ) {
+ for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs;
+ ceprev = ceprev->ce_sibs );
+ }
for (i=0; cf; cf=cf->c_sibs, i++) {
c->value_dn.bv_val = c->log;
- c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include{%d}", i);
- e = config_alloc_entry( &parent->e_nname, &c->value_dn );
- c->line = (char *)cf;
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include" IFMT, i);
+ e = config_alloc_entry( ceparent, &c->value_dn );
+ c->private = cf;
config_build_entry( c, e, cfOc_include, &c->value_dn,
c->bi->bi_cf_table, NO_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, rs );
ce = e->e_private;
+ ce->ce_type = Cft_Include;
+ ce->ce_bi = c->bi;
if ( !ceparent->ce_kids ) {
ceparent->ce_kids = ce;
} else {
}
ceprev = ce;
if ( cf->c_kids ) {
- c->line = (char *)cf->c_kids;
- config_build_includes( c, e );
+ c->private = cf->c_kids;
+ config_build_includes( c, ce, op, rs );
}
}
return ce;
}
+#ifdef SLAPD_MODULES
+
+static CfEntryInfo *
+config_build_modules( ConfigArgs *c, CfEntryInfo *ceparent,
+ Operation *op, SlapReply *rs )
+{
+ Entry *e;
+ int i;
+ CfEntryInfo *ce, *ceprev;
+ ModPaths *mp;
+
+ if ( ceparent->ce_kids ) {
+ for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs;
+ ceprev = ceprev->ce_sibs );
+ }
+
+ for (i=0, mp=&modpaths; mp; mp=mp->mp_next, i++) {
+ if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads )
+ continue;
+ c->value_dn.bv_val = c->log;
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=module" IFMT, i);
+ e = config_alloc_entry( ceparent, &c->value_dn );
+ ce = e->e_private;
+ ce->ce_type = Cft_Include;
+ c->private = mp;
+ config_build_entry( c, e, cfOc_module, &c->value_dn,
+ c->bi->bi_cf_table, NO_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, rs );
+ ce->ce_bi = c->bi;
+ if ( !ceparent->ce_kids ) {
+ ceparent->ce_kids = ce;
+ } else {
+ ceprev->ce_sibs = ce;
+ }
+ ceprev = ce;
+ }
+ return ce;
+}
+#endif
+
static int
config_back_db_open( BackendDB *be )
{
BackendDB *bptr;
ConfigArgs c;
ConfigTable *ct;
+ Connection conn = {0};
+ char opbuf[OPERATION_BUFFER_SIZE];
+ Operation *op;
+ slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
+ SlapReply rs = {REP_RESULT};
+
+ /* If we read the config from back-ldif, nothing to do here */
+ if ( cfb->cb_got_ldif )
+ return 0;
+
+ op = (Operation *)opbuf;
+ connection_fake_init( &conn, op, cfb );
+
+ op->o_dn = be->be_rootdn;
+ op->o_ndn = be->be_rootndn;
+
+ op->o_tag = LDAP_REQ_ADD;
+ op->o_callback = &cb;
+ op->o_bd = &cfb->cb_db;
/* create root of tree */
rdn = config_rdn;
e = config_alloc_entry( NULL, &rdn );
ce = e->e_private;
+ ce->ce_type = Cft_Global;
cfb->cb_root = ce;
c.be = be;
c.bi = be->bd_info;
- c.line = (char *)cfb->cb_config;
+ c.private = cfb->cb_config;
ct = c.bi->bi_cf_table;
config_build_entry( &c, e, cfOc_global, &rdn, ct, NO_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, &rs );
+ ce->ce_bi = c.bi;
parent = e;
ceparent = ce;
- /* Create includeFile nodes... */
+ /* Create schema nodes... cn=schema will contain the hardcoded core
+ * schema, read-only. Child objects will contain runtime loaded schema
+ * files.
+ */
+ rdn = schema_rdn;
+ e = config_alloc_entry( ceparent, &rdn );
+ ce = e->e_private;
+ ce->ce_type = Cft_Schema;
+ c.private = NULL;
+ config_build_entry( &c, e, cfOc_schema, &rdn, ct, NO_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, &rs );
+ if ( !ceparent->ce_kids ) {
+ ceparent->ce_kids = ce;
+ } else {
+ ceprev->ce_sibs = ce;
+ }
+ ceprev = ce;
+
+ /* Create includeFile nodes and schema nodes for included schema... */
if ( cfb->cb_config->c_kids ) {
- c.line = (char *)cfb->cb_config->c_kids;
- ceprev = config_build_includes( &c, parent );
+ c.depth = 0;
+ c.private = cfb->cb_config->c_kids;
+ config_build_schema_inc( &c, ce, op, &rs );
+ c.private = cfb->cb_config->c_kids;
+ ceprev = config_build_includes( &c, ceparent, op, &rs );
+ }
+
+#ifdef SLAPD_MODULES
+ /* Create Module nodes... */
+ if ( modpaths.mp_loads ) {
+ ceprev = config_build_modules( &c, ceparent, op, &rs );
}
+#endif
/* Create backend nodes. Skip if they don't provide a cf_table.
* There usually aren't any of these.
*/
c.line = 0;
- bi = backendInfo;
- for (i=0; i<nBackendInfo; i++, bi++) {
+ LDAP_STAILQ_FOREACH( bi, &backendInfo, bi_next) {
if (!bi->bi_cf_table) continue;
if (!bi->bi_private) continue;
rdn.bv_val = c.log;
rdn.bv_len = sprintf(rdn.bv_val, "%s=%s", cfAd_backend->ad_cname.bv_val, bi->bi_type);
- e = config_alloc_entry( &parent->e_nname, &rdn );
+ e = config_alloc_entry( ceparent, &rdn );
ce = e->e_private;
+ ce->ce_type = Cft_Backend;
ce->ce_bi = bi;
c.bi = bi;
config_build_entry( &c, e, cfOc_backend, &rdn, ct, BI_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, &rs );
if ( !ceparent->ce_kids ) {
ceparent->ce_kids = ce;
} else {
}
/* Create database nodes... */
- for (i=0; i<nBackendDB; i++) {
+ i = -1;
+ LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
slap_overinfo *oi = NULL;
+ i++;
if ( i == 0 ) {
bptr = frontendDB;
} else {
- bptr = &backendDB[i];
+ bptr = be;
}
if ( overlay_is_over( bptr )) {
oi = bptr->bd_info->bi_private;
bi = bptr->bd_info;
}
rdn.bv_val = c.log;
- rdn.bv_len = sprintf(rdn.bv_val, "%s={%0x}%s", cfAd_database->ad_cname.bv_val,
+ rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s", cfAd_database->ad_cname.bv_val,
i, bi->bi_type);
- e = config_alloc_entry( &parent->e_nname, &rdn );
+ e = config_alloc_entry( ceparent, &rdn );
ce = e->e_private;
c.be = bptr;
c.bi = bi;
+ ce->ce_type = Cft_Database;
ce->ce_be = c.be;
ce->ce_bi = c.bi;
config_build_entry( &c, e, cfOc_database, &rdn, ct, BE_TABLE );
+ op->ora_e = e;
+ op->o_bd->be_add( op, &rs );
if ( !ceparent->ce_kids ) {
ceparent->ce_kids = ce;
} else {
for (j=0,on=oi->oi_list; on; j++,on=on->on_next) {
rdn.bv_val = c.log;
- rdn.bv_len = sprintf(rdn.bv_val, "%s={%0x}%s",
+ rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s",
cfAd_overlay->ad_cname.bv_val, j, on->on_bi.bi_type );
- oe = config_alloc_entry( &e->e_nname, &rdn );
+ oe = config_alloc_entry( opar, &rdn );
ce = oe->e_private;
c.be = bptr;
c.bi = &on->on_bi;
+ ce->ce_type = Cft_Overlay;
ce->ce_be = c.be;
ce->ce_bi = c.bi;
config_build_entry( &c, oe, cfOc_overlay, &rdn, ct, BI_TABLE );
+ op->ora_e = oe;
+ op->o_bd->be_add( op, &rs );
if ( !opar->ce_kids ) {
opar->ce_kids = ce;
} else {
oprev = ce;
}
}
-#if 0
- /* Set up ACLs */
- if ( bptr->be_acl ) {
- Entry *ae;
- CfEntryInfo *opar = ce;
-
- ae = config_alloc_entry( &e->e_nname, &access_rdn );
- ce = ae->e_private;
- c.be = bptr;
- c.bi = bi;
- ce->ce_be = c.be;
- ce->ce_bi = c.bi;
- config_build_entry( &c, ae, cfOc_access, &access_rdn, ct,
- NO_TABLE );
- if ( opar->ce_kids ) {
- ce->ce_sibs = opar->ce_kids;
- }
- opar->ce_kids = ce;
- }
-#endif
}
return 0;
static struct {
char *name;
AttributeDescription **desc;
- AttributeDescription *sub;
} ads[] = {
- { "attribute", NULL, NULL },
- { "backend", &cfAd_backend, NULL },
- { "database", &cfAd_database, NULL },
- { "ditcontentrule", NULL, NULL },
- { "include", &cfAd_include, NULL },
- { "objectclass", NULL, NULL },
- { "overlay", &cfAd_overlay, NULL },
- { NULL, NULL, NULL }
+ { "backend", &cfAd_backend },
+ { "database", &cfAd_database },
+ { "include", &cfAd_include },
+ { "overlay", &cfAd_overlay },
+ { NULL, NULL }
};
+/* Notes:
+ * add / delete: all types that may be added or deleted must use an
+ * X-ORDERED attributeType for their RDN. Adding and deleting entries
+ * should automatically renumber the index of any siblings as needed,
+ * so that no gaps in the numbering sequence exist after the add/delete
+ * is completed.
+ * What can be added:
+ * schema objects
+ * backend objects for backend-specific config directives
+ * database objects
+ * overlay objects
+ *
+ * delete: probably no support this time around.
+ *
+ * modrdn: generally not done. Will be invoked automatically by add/
+ * delete to update numbering sequence. Perform as an explicit operation
+ * so that the renumbering effect may be replicated. Subtree rename must
+ * be supported, since renumbering a database will affect all its child
+ * overlays.
+ *
+ * modify: must be fully supported.
+ */
+
int
config_back_initialize( BackendInfo *bi )
{
ConfigTable *ct = config_back_cf_table;
char *argv[4];
int i;
+ static char *controls[] = {
+ LDAP_CONTROL_MANAGEDSAIT,
+ NULL
+ };
+
+ bi->bi_controls = controls;
bi->bi_open = 0;
bi->bi_close = 0;
bi->bi_op_search = config_back_search;
bi->bi_op_compare = 0;
bi->bi_op_modify = config_back_modify;
- bi->bi_op_modrdn = 0;
- bi->bi_op_add = 0;
+ bi->bi_op_modrdn = config_back_modrdn;
+ bi->bi_op_add = config_back_add;
bi->bi_op_delete = 0;
bi->bi_op_abandon = 0;
for (i=0; OidMacros[i].name; i++ ) {
argv[1] = OidMacros[i].name;
argv[2] = OidMacros[i].oid;
- parse_oidm( "slapd", i, 3, argv );
+ parse_oidm( "slapd", i, 3, argv, 0, NULL );
}
- i = init_config_attrs( ct );
+ bi->bi_cf_table = ct;
+
+ i = config_register_schema( ct, cf_ocs );
if ( i ) return i;
/* set up the notable AttributeDescriptions */
- ads[0].sub = slap_schema.si_ad_attributeTypes;
- ads[3].sub = slap_schema.si_ad_ditContentRules;
- ads[5].sub = slap_schema.si_ad_objectClasses;
-
- bi->bi_cf_table = ct;
-
i = 0;
for (;ct->name;ct++) {
if (strcmp(ct->name, ads[i].name)) continue;
- if (ads[i].sub) {
- ct->ad = ads[i].sub;
- } else {
- *ads[i].desc = ct->ad;
- }
+ *ads[i].desc = ct->ad;
i++;
if (!ads[i].name) break;
}
- /* set up the objectclasses */
- i = init_config_ocs( cf_ocs );
-
- return i;
+ return 0;
}