static struct berval config_rdn = BER_BVC("cn=config");
static struct berval schema_rdn = BER_BVC("cn=schema");
+#define IFMT "{%d}"
+
#ifdef SLAPD_MODULES
typedef struct modpath_s {
struct modpath_s *mp_next;
typedef struct {
ConfigFile *cb_config;
CfEntryInfo *cb_root;
- BackendDB *cb_be; /* config backend */
BackendDB cb_db; /* underlying database */
int cb_got_ldif;
} CfBackInfo;
static int add_syncrepl LDAP_P(( Backend *, char **, int ));
static int parse_syncrepl_line LDAP_P(( char **, int, syncinfo_t *));
static void syncrepl_unparse LDAP_P (( syncinfo_t *, struct berval *));
-static int config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs );
+static int config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs,
+ int *renumber );
static ConfigDriver config_fname;
static ConfigDriver config_cfdir;
{ "attribute", "attribute", 2, 0, 9, ARG_PAREN|ARG_MAGIC|CFG_ATTR,
&config_generic, "( OLcfgAt:4 NAME 'olcAttributeTypes' "
"DESC 'OpenLDAP attributeTypes' "
- "EQUALITY objectIdentifierFirstComponentMatch "
- "SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 X-ORDERED 'VALUES' )",
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "attributeoptions", NULL, 0, 0, 0, ARG_MAGIC|CFG_ATOPT,
&config_generic, "( OLcfgAt:5 NAME 'olcAttributeOptions' "
&config_generic, "( OLcfgAt:9 NAME 'olcBackend' "
"DESC 'A type of backend' "
"EQUALITY caseIgnoreMatch "
- "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
+ "SYNTAX OMsDirectoryString X-ORDERED 'SIBLINGS' )", NULL, NULL },
{ "concurrency", "level", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_CONCUR,
&config_generic, "( OLcfgAt:10 NAME 'olcConcurrency' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ "database", "type", 2, 2, 0, ARG_MAGIC|CFG_DATABASE,
&config_generic, "( OLcfgAt:13 NAME 'olcDatabase' "
"DESC 'The backend type for a database instance' "
- "SUP olcBackend X-ORDERED 'VALUES' )", NULL, NULL },
+ "SUP olcBackend X-ORDERED 'SIBLINGS' )", NULL, NULL },
{ "defaultSearchBase", "dn", 2, 2, 0, ARG_PRE_BI|ARG_PRE_DB|ARG_DN|ARG_MAGIC,
&config_search_base, "( OLcfgAt:14 NAME 'olcDefaultSearchBase' "
"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
{ "ditcontentrule", NULL, 0, 0, 0, ARG_MAGIC|CFG_DIT,
&config_generic, "( OLcfgAt:16 NAME 'olcDitContentRules' "
"DESC 'OpenLDAP DIT content rules' "
- "EQUALITY objectIdentifierFirstComponentMatch "
- "SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 X-ORDERED 'VALUES' )",
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "gentlehup", "on|off", 2, 2, 0,
#ifdef SIGHUP
{ "objectclass", "objectclass", 2, 0, 0, ARG_PAREN|ARG_MAGIC|CFG_OC,
&config_generic, "( OLcfgAt:32 NAME 'olcObjectClasses' "
"DESC 'OpenLDAP object classes' "
- "EQUALITY objectIdentifierFirstComponentMatch "
- "SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 X-ORDERED 'VALUES' )",
+ "EQUALITY caseIgnoreMatch "
+ "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
NULL, NULL },
{ "objectidentifier", NULL, 0, 0, 0, ARG_MAGIC|CFG_OID,
&config_generic, "( OLcfgAt:33 NAME 'olcObjectIdentifier' "
"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
{ "overlay", "overlay", 2, 2, 0, ARG_MAGIC,
&config_overlay, "( OLcfgAt:34 NAME 'olcOverlay' "
- "SUP olcDatabase X-ORDERED 'VALUES' )", NULL, NULL },
+ "SUP olcDatabase X-ORDERED 'SIBLINGS' )", NULL, NULL },
{ "password-crypt-salt-format", "salt", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_SALT,
&config_generic, "( OLcfgAt:35 NAME 'olcPasswordCryptSaltFormat' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "rootpw", "password", 2, 2, 0, ARG_BERVAL|ARG_DB|ARG_MAGIC,
&config_rootpw, "( OLcfgAt:52 NAME 'olcRootPW' "
- "SYNTAX OMsOctetString SINGLE-VALUE )", NULL, NULL },
+ "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "sasl-authz-policy", NULL, 2, 2, 0, ARG_MAGIC|CFG_AZPOLICY,
&config_generic, NULL, NULL, NULL },
{ "sasl-host", "host", 2, 2, 0,
"( OLcfgAt:72 NAME 'olcTLSCipherSuite' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "TLSCRLCheck", NULL, 0, 0, 0,
-#ifdef HAVE_TLS
+#if defined(HAVE_TLS) && defined(HAVE_OPENSSL_CRL)
CFG_TLS_CRLCHECK|ARG_STRING|ARG_MAGIC, &config_tls_config,
#else
ARG_IGNORED, NULL,
{ "( OLcfgOc:1 "
"NAME 'olcConfig' "
"DESC 'OpenLDAP configuration object' "
- "ABSTRACT SUP top "
- "MAY ( cn $ olcConfigFile ) )", Cft_Abstract, NULL },
+ "ABSTRACT SUP top )", Cft_Abstract, NULL },
{ "( OLcfgOc:2 "
"NAME 'olcGlobal' "
"DESC 'OpenLDAP Global configuration options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcConfigDir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ "
- "olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ "
- "olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ "
- "olcDefaultSearchBase $ olcDisallows $ olcGentleHUP $ "
- "olcIdleTimeout $ olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
+ "MAY ( cn $ olcConfigFile $ olcConfigDir $ olcAllows $ olcArgsFile $ "
+ "olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ "
+ "olcAuthzPolicy $ olcAuthzRegexp $ olcConcurrency $ "
+ "olcConnMaxPending $ olcConnMaxPendingAuth $ olcDefaultSearchBase $ "
+ "olcDisallows $ olcDitContentRules $ olcGentleHUP $ olcIdleTimeout $ "
+ "olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
"olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ "
- "olcLogLevel $ olcModulePath $ olcObjectIdentifier $ "
+ "olcLogLevel $ olcModulePath $ olcObjectClasses $ "
+ "olcObjectIdentifier $ "
"olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ "
"olcPlugin $ olcPluginLogFile $ olcReadOnly $ olcReferral $ "
"olcReplicaPidFile $ olcReplicaArgsFile $ olcReplicationInterval $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
- "olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
+ "olcRootDSE $ olcRootPW $ "
+ "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSchemaCheck $ olcSchemaDN $ olcSecurity $ olcSizeLimit $ "
"olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"NAME 'olcSchemaConfig' "
"DESC 'OpenLDAP schema object' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
- "olcDitContentRules ) )", Cft_Schema, &cfOc_schema },
+ "MAY ( cn $ olcObjectIdentifier $ olcAttributeTypes $ "
+ "olcObjectClasses $ olcDitContentRules ) )",
+ Cft_Schema, &cfOc_schema },
{ "( OLcfgOc:4 "
"NAME 'olcBackendConfig' "
"DESC 'OpenLDAP Backend-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcBackend ) )", Cft_Backend, &cfOc_backend },
+ "MUST olcBackend )", Cft_Backend, &cfOc_backend },
{ "( OLcfgOc:5 "
"NAME 'olcDatabaseConfig' "
"DESC 'OpenLDAP Database-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcDatabase $ olcAccess $ olcLastMod $ olcLimits $ "
+ "MUST olcDatabase "
+ "MAY ( olcSuffix $ olcAccess $ olcLastMod $ olcLimits $ "
"olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ "
- "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSuffix $ olcSyncrepl $ "
+ "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncrepl $ "
"olcTimeLimit $ olcUpdateDN $ olcUpdateRef ) )",
Cft_Database, &cfOc_database },
{ "( OLcfgOc:6 "
"NAME 'olcOverlayConfig' "
"DESC 'OpenLDAP Overlay-specific options' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcOverlay ) )", Cft_Overlay, &cfOc_overlay },
+ "MUST olcOverlay )", Cft_Overlay, &cfOc_overlay },
{ "( OLcfgOc:7 "
"NAME 'olcIncludeFile' "
"DESC 'OpenLDAP configuration include file' "
"SUP olcConfig STRUCTURAL "
- "MAY ( olcInclude $ olcRootDSE ) )",
+ "MUST olcInclude "
+ "MAY ( cn $ olcRootDSE ) )",
Cft_Include, &cfOc_include },
#ifdef SLAPD_MODULES
{ "( OLcfgOc:8 "
"NAME 'olcModuleList' "
"DESC 'OpenLDAP dynamic module info' "
"SUP olcConfig STRUCTURAL "
- "MUST olcModuleLoad )",
- Cft_Module, &cfOc_module },
+ "MUST olcModuleLoad "
+ "MAY cn )", Cft_Module, &cfOc_module },
#endif
{ NULL, 0, NULL }
};
int i;
for ( i=0; c->be->be_limits[i]; i++ ) {
- bv.bv_len = sprintf( buf, "{%d}", i );
+ bv.bv_len = sprintf( buf, IFMT, i );
bv.bv_val = buf+bv.bv_len;
limits_unparse( c->be->be_limits[i], &bv );
bv.bv_len += bv.bv_val - buf;
char *src, *dst, ibuf[11];
struct berval bv, abv;
for (i=0, a=c->be->be_acl; a; i++,a=a->acl_next) {
- abv.bv_len = sprintf( ibuf, "{%x}", i );
+ abv.bv_len = sprintf( ibuf, IFMT, i );
acl_unparse( a, &bv );
abv.bv_val = ch_malloc( abv.bv_len + bv.bv_len + 1 );
AC_MEMCPY( abv.bv_val, ibuf, abv.bv_len );
for (i=0; !BER_BVISNULL(&mp->mp_loads[i]); i++) {
struct berval bv;
bv.bv_val = c->log;
- bv.bv_len = sprintf( bv.bv_val, "{%d}%s", i,
+ bv.bv_len = sprintf( bv.bv_val, IFMT "%s", i,
mp->mp_loads[i].bv_val );
value_add_one( &c->rvalue_vals, &bv );
}
if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads )
continue;
bv.bv_val = c->log;
- bv.bv_len = sprintf( bv.bv_val, "{%d}%s", i,
+ bv.bv_len = sprintf( bv.bv_val, IFMT "%s", i,
mp->mp_path.bv_val );
value_add_one( &c->rvalue_vals, &bv );
}
idx.bv_val = ibuf;
for ( i=0; !BER_BVISNULL( &authz_rewrites[i] ); i++ ) {
- idx.bv_len = sprintf( idx.bv_val, "{%d}", i );
+ idx.bv_len = sprintf( idx.bv_val, IFMT, i );
bv.bv_len = idx.bv_len + authz_rewrites[i].bv_len;
bv.bv_val = ch_malloc( bv.bv_len + 1 );
strcpy( bv.bv_val, idx.bv_val );
}
p = strchr(c->line,'(' /*')'*/);
+ if ( c->op == LDAP_MOD_DELETE ) {
+ int rc = 0;
+ switch(c->type) {
+ case CFG_BACKEND:
+ case CFG_DATABASE:
+ rc = 1;
+ break;
+ case CFG_CONCUR:
+ ldap_pvt_thread_set_concurrency(c);
+ break;
+
+ }
+ }
switch(c->type) {
case CFG_BACKEND:
if(!(c->bi = backend_info(c->argv[1]))) {
/* NOTE: config is always the first backend!
*/
if ( !strcasecmp( c->argv[1], "config" )) {
- c->be = backendDB;
+ c->be = LDAP_STAILQ_FIRST(&backendDB);
} else if ( !strcasecmp( c->argv[1], "frontend" )) {
c->be = frontendDB;
} else if(!(c->be = backend_db_init(c->argv[1]))) {
/* Record this load on the current path */
{
struct berval bv;
- ber_str2bv(c->line, 0, 1, &bv);
+ char *ptr = c->line + STRLENOF("moduleload");
+ while (!isspace(*ptr)) ptr++;
+ while (isspace(*ptr)) ptr++;
+ ber_str2bv(ptr, 0, 1, &bv);
ber_bvarray_add( &modcur->mp_loads, &bv );
}
break;
struct berval pdn, ndn;
int rc;
- if (c->be == frontendDB) return 1;
+ if (c->be == frontendDB || SLAP_MONITOR(c->be) ||
+ SLAP_CONFIG(c->be)) return 1;
if (c->op == SLAP_CONFIG_EMIT) {
if (!BER_BVISNULL( &c->be->be_suffix[0] )) {
struct berval bc = {0};
char numbuf[32];
- len = sprintf(numbuf, "{%d}", i );
+ len = sprintf(numbuf, IFMT, i );
len += strlen( ri->ri_uri ) + STRLENOF("uri=");
if ( ri->ri_nsuffix ) {
ConfigFile *cfsave = cfn;
ConfigFile *cf2 = NULL;
if (c->op == SLAP_CONFIG_EMIT) {
+ if (c->private) {
+ ConfigFile *cf = c->private;
+ value_add_one( &c->rvalue_vals, &cf->c_file );
+ return 0;
+ }
return 1;
}
cf = ch_calloc( 1, sizeof(ConfigFile));
config_tls_option(ConfigArgs *c) {
int flag;
switch(c->type) {
- case CFG_TLS_RAND: flag = LDAP_OPT_X_TLS_RANDOM_FILE; break;
+ case CFG_TLS_RAND: flag = LDAP_OPT_X_TLS_RANDOM_FILE; break;
case CFG_TLS_CIPHER: flag = LDAP_OPT_X_TLS_CIPHER_SUITE; break;
case CFG_TLS_CERT_FILE: flag = LDAP_OPT_X_TLS_CERTFILE; break;
case CFG_TLS_CERT_KEY: flag = LDAP_OPT_X_TLS_KEYFILE; break;
case CFG_TLS_CA_PATH: flag = LDAP_OPT_X_TLS_CACERTDIR; break;
case CFG_TLS_CA_FILE: flag = LDAP_OPT_X_TLS_CACERTFILE; break;
default: Debug(LDAP_DEBUG_ANY, "%s: "
- "unknown tls_option <%x>\n",
+ "unknown tls_option <0x%x>\n",
c->log, c->type, 0);
}
if (c->op == SLAP_CONFIG_EMIT) {
{ BER_BVNULL, 0 }
}, *keys;
switch(c->type) {
-#ifdef HAVE_OPENSSL_CRL
- case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys;
- break;
-#endif
- case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys;
- break;
- default: Debug(LDAP_DEBUG_ANY, "%s: "
- "unknown tls_option <%x>\n",
- c->log, c->type, 0);
+ case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys; break;
+ case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys; break;
+ default:
+ Debug(LDAP_DEBUG_ANY, "%s: "
+ "unknown tls_option <0x%x>\n",
+ c->log, c->type, 0);
}
if (c->op == SLAP_CONFIG_EMIT) {
ldap_pvt_tls_get_option( NULL, flag, &c->value_int );
while(root) {
*last = root;
for (--c;c>dn->bv_val && *c != ',';c--);
- if ( *c == ',' )
- c++;
cdn.bv_val = c;
- cdn.bv_len = dn->bv_len - (c-dn->bv_val);
+ if ( *c == ',' )
+ cdn.bv_val++;
+ cdn.bv_len = dn->bv_len - (cdn.bv_val - dn->bv_val);
root = root->ce_kids;
CfBackInfo *cfb = op->o_callback->sc_private;
cfb->cb_got_ldif = 1;
- rs->sr_err = config_add_internal( cfb, rs->sr_entry, NULL );
+ rs->sr_err = config_add_internal( cfb, rs->sr_entry, NULL, NULL );
}
return rs->sr_err;
}
if ( !be )
return 1;
+ cfb = be->be_private;
+
/* Setup the underlying back-ldif backend */
if ( config_setup_ldif( be, dir ))
return 1;
-#if 0 /* not yet
+#ifdef SLAP_USE_CONFDIR
/* If we read the config from back-ldif, nothing to do here */
- cfb = be->be_private;
if ( cfb->cb_got_ldif )
return 0;
#endif
return NULL;
}
-/* Sort the values in an X-ORDERED attribute.
+/* Sort the values in an X-ORDERED VALUES attribute.
* If the values have no index, leave them in their given order.
- * If the values have indexes, sort them and then strip the index.
+ * If the values have indexes, sort them.
* If some are indexed and some are not, return Error.
*
* FIXME: This function probably belongs in the frontend somewhere,
struct berval tmp, ntmp;
char *ptr;
+#if 0
/* Strip index from normalized values */
if ( !a->a_nvals || a->a_vals == a->a_nvals ) {
a->a_nvals = ch_malloc( (vals+1)*sizeof(struct berval));
+ BER_BVZERO(a->a_nvals+vals);
for ( i=0; i<vals; i++ ) {
ptr = strchr(a->a_vals[i].bv_val, '}') + 1;
a->a_nvals[i].bv_len = a->a_vals[i].bv_len -
strcpy(a->a_nvals[i].bv_val, ptr);
}
}
+#endif
indexes = ch_malloc( vals * sizeof(int) );
for ( i=0; i<vals; i++)
static int
check_attr( ConfigTable *ct, ConfigArgs *ca, Attribute *a )
{
- int i, rc = 0;
+ int i, rc = 0, sort = 0;
if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED ) {
+ sort = 1;
rc = sort_vals( a );
if ( rc )
return rc;
}
for ( i=0; a->a_nvals[i].bv_val; i++ ) {
ca->line = a->a_nvals[i].bv_val;
+ if ( sort ) ca->line = strchr( ca->line, '}' ) + 1;
rc = config_parse_vals( ct, ca, i );
if ( rc )
break;
return rc;
}
+static int
+check_name_index( CfEntryInfo *parent, ConfigType ce_type, Entry *e,
+ SlapReply *rs, int *renum )
+{
+ CfEntryInfo *ce;
+ int index = -1, gotindex = 0, nsibs;
+ int renumber = 0, tailindex = 0;
+ char *ptr1, *ptr2;
+ struct berval rdn;
+
+ if ( renum ) *renum = 0;
+
+ /* These entries don't get indexed/renumbered */
+ if ( ce_type == Cft_Global ) return 0;
+ if ( ce_type == Cft_Schema && parent->ce_type == Cft_Global ) return 0;
+
+ if ( ce_type == Cft_Include || ce_type == Cft_Module )
+ tailindex = 1;
+
+ /* See if the rdn has an index already */
+ dnRdn( &e->e_name, &rdn );
+ ptr1 = strchr( e->e_name.bv_val, '{' );
+ if ( ptr1 && ptr1 - e->e_name.bv_val < rdn.bv_len ) {
+ ptr2 = strchr( ptr1, '}' );
+ if (!ptr2 || ptr2 - e->e_name.bv_val > rdn.bv_len)
+ return LDAP_NAMING_VIOLATION;
+ if ( ptr2-ptr1 == 1)
+ return LDAP_NAMING_VIOLATION;
+ gotindex = 1;
+ index = atoi(ptr1+1);
+ if ( index < 0 )
+ return LDAP_NAMING_VIOLATION;
+ }
+
+ /* count related kids */
+ for (nsibs=0, ce=parent->ce_kids; ce; ce=ce->ce_sibs) {
+ if ( ce->ce_type == ce_type ) nsibs++;
+ }
+
+ if ( index != nsibs ) {
+ if ( gotindex ) {
+ if ( index < nsibs ) {
+ if ( tailindex ) return LDAP_NAMING_VIOLATION;
+ /* Siblings need to be renumbered */
+ renumber = 1;
+ }
+ }
+ if ( !renumber ) {
+ struct berval ival, newrdn, nnewrdn;
+ struct berval rtype, rval;
+ Attribute *a;
+ AttributeDescription *ad = NULL;
+ char ibuf[32];
+ const char *text;
+
+ rval.bv_val = strchr(rdn.bv_val, '=' ) + 1;
+ rval.bv_len = rdn.bv_len - (rval.bv_val - rdn.bv_val);
+ rtype.bv_val = rdn.bv_val;
+ rtype.bv_len = rval.bv_val - rtype.bv_val - 1;
+
+ /* Find attr */
+ slap_bv2ad( &rtype, &ad, &text );
+ a = attr_find( e->e_attrs, ad );
+ if (!a ) return LDAP_NAMING_VIOLATION;
+
+ ival.bv_val = ibuf;
+ ival.bv_len = sprintf( ibuf, IFMT, nsibs );
+
+ newrdn.bv_len = rdn.bv_len + ival.bv_len;
+ newrdn.bv_val = ch_malloc( newrdn.bv_len+1 );
+
+ if ( tailindex ) {
+ ptr1 = lutil_strncopy( newrdn.bv_val, rdn.bv_val, rdn.bv_len );
+ ptr1 = lutil_strcopy( ptr1, ival.bv_val );
+ } else {
+ int xlen;
+ if ( !gotindex ) {
+ ptr2 = rval.bv_val;
+ xlen = rval.bv_len;
+ } else {
+ xlen = rdn.bv_len - (ptr2 - rdn.bv_val);
+ }
+ ptr1 = lutil_strncopy( newrdn.bv_val, rtype.bv_val,
+ rtype.bv_len );
+ *ptr1++ = '=';
+ ptr1 = lutil_strcopy( ptr1, ival.bv_val );
+ ptr1 = lutil_strncopy( ptr1, ptr2, xlen );
+ *ptr1 = '\0';
+ }
+
+ /* Do the equivalent of ModRDN */
+ /* Replace DN / NDN */
+ newrdn.bv_len = ptr1 - newrdn.bv_val;
+ rdnNormalize( 0, NULL, NULL, &newrdn, &nnewrdn, NULL );
+ free( e->e_name.bv_val );
+ build_new_dn( &e->e_name, &parent->ce_entry->e_name,
+ &newrdn, NULL );
+ free( e->e_nname.bv_val );
+ build_new_dn( &e->e_nname, &parent->ce_entry->e_nname,
+ &nnewrdn, NULL );
+
+ /* Replace attr */
+ free( a->a_vals[0].bv_val );
+ ptr1 = strchr( newrdn.bv_val, '=' ) + 1;
+ a->a_vals[0].bv_len = newrdn.bv_len - (ptr1 - newrdn.bv_val);
+ a->a_vals[0].bv_val = ch_malloc( a->a_vals[0].bv_len + 1 );
+ strcpy( a->a_vals[0].bv_val, ptr1 );
+
+ if ( a->a_nvals != a->a_vals ) {
+ free( a->a_nvals[0].bv_val );
+ ptr1 = strchr( nnewrdn.bv_val, '=' ) + 1;
+ a->a_nvals[0].bv_len = nnewrdn.bv_len - (ptr1 - nnewrdn.bv_val);
+ a->a_nvals[0].bv_val = ch_malloc( a->a_nvals[0].bv_len + 1 );
+ strcpy( a->a_nvals[0].bv_val, ptr1 );
+ }
+ free( nnewrdn.bv_val );
+ free( newrdn.bv_val );
+ }
+ }
+ if ( renum ) *renum = renumber;
+ return 0;
+}
+
/* Parse an LDAP entry into config directives */
static int
-config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs )
+config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
{
CfEntryInfo *ce, *last;
CfOcInfo co, *coptr, **colst = NULL;
rc = LDAP_CONSTRAINT_VIOLATION;
goto leave;
}
+ break;
#ifdef SLAPD_MODULES
case Cft_Module:
if ( !last || last->ce_type != Cft_Global ) {
goto ok;
/* FALLTHRU */
case Cft_Global:
- ca.be = cfb->cb_be;
+ ca.be = LDAP_STAILQ_FIRST(&backendDB);
break;
case Cft_Backend:
case Cft_Overlay:
ca.be = last->ce_be;
type_ad = cfAd_overlay;
+ break;
case Cft_Include:
if ( !rs ) /* ignored */
break;
type_ad = cfAd_include;
+ break;
#ifdef SLAPD_MODULES
case Cft_Module: {
ModPaths *mp;
break;
#endif
}
+
+ /* If doing an LDAPadd, check for indexed names and any necessary
+ * renaming/renumbering. Entries that don't need indexed names are
+ * ignored. Entries that need an indexed name and arrive without one
+ * are assigned to the end. Entries that arrive with an index may
+ * cause the following entries to be renumbered/bumped down.
+ *
+ * Note that "pseudo-indexed" entries (cn=Include{xx}, cn=Module{xx})
+ * don't allow Adding an entry with an index that's already in use.
+ * This is flagged as an error (LDAP_ALREADY_EXISTS) up above.
+ *
+ * These entries can have auto-assigned indexes (appended to the end)
+ * but only the other types support auto-renumbering of siblings.
+ */
+ rc = check_name_index( last, colst[0]->co_type, e, rs, renum );
+ if ( rc )
+ goto leave;
+
init_config_argv( &ca );
if ( type_ad ) {
type_attr = attr_find( e->e_attrs, type_ad );
/* Basic syntax checks are OK. Do the actual settings. */
if ( type_ct ) {
- ca.line = type_attr->a_nvals[0].bv_val;
+ ca.line = type_attr->a_vals[0].bv_val;
+ if ( type_ad->ad_type->sat_flags & SLAP_AT_ORDERED )
+ ca.line = strchr( ca.line, '}' ) + 1;
rc = config_parse_add( type_ct, &ca, 0 );
- if ( rc ) goto leave;
+ if ( rc ) {
+ rc = LDAP_OTHER;
+ goto leave;
+ }
}
for ( a=e->e_attrs; a; a=a->a_next ) {
if ( a == type_attr || a == oc_at ) continue;
if ( ct ) break;
}
if ( !ct ) continue; /* user data? */
- for (i=0; a->a_nvals[i].bv_val; i++) {
- ca.line = a->a_nvals[i].bv_val;
+ for (i=0; a->a_vals[i].bv_val; i++) {
+ ca.line = a->a_vals[i].bv_val;
+ if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED )
+ ca.line = strchr( ca.line, '}' ) + 1;
rc = config_parse_add( ct, &ca, i );
- if ( rc ) goto leave;
+ if ( rc ) {
+ rc = LDAP_OTHER;
+ goto leave;
+ }
}
}
ok:
CfEntryInfo *c2;
for (c2=last->ce_kids; c2 && c2->ce_sibs; c2 = c2->ce_sibs);
+
c2->ce_sibs = ce;
} else {
last->ce_kids = ce;
{
CfBackInfo *cfb;
CfEntryInfo *ce, *last;
+ int renumber;
if ( !be_isroot( op ) ) {
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
/* Strategy:
* 1) check for existence of entry
- * 2) perform internal add
- * 3) store entry in underlying database
+ * 2) check for sibling renumbering
+ * 3) perform internal add
+ * 4) store entry in underlying database
+ * 5) perform any necessary renumbering
*/
+ rs->sr_err = config_add_internal( cfb, op->ora_e, rs, &renumber );
+ if ( rs->sr_err == LDAP_SUCCESS ) {
+ BackendDB *be = op->o_bd;
+ slap_callback sc = { NULL, slap_null_cb, NULL, NULL };
+ op->o_bd = &cfb->cb_db;
+ sc.sc_next = op->o_callback;
+ op->o_callback = ≻
+ op->o_bd->be_add( op, rs );
+ op->o_bd = be;
+ op->o_callback = sc.sc_next;
+ }
+ if ( renumber ) {
+ }
ldap_pvt_thread_pool_resume( &connection_pool );
return rs->sr_err;
}
+/* Modify rules:
+ * for single-valued attributes, should just use REPLACE.
+ * any received DELETE/ADD on a single-valued attr will
+ * be checked (if a DEL value is provided) and then
+ * rewritten as a REPLACE.
+ * any DELETE received without a corresponding ADD will be
+ * rejected with LDAP_CONSTRAINT_VIOLATION.
+ */
static int
config_back_modify( Operation *op, SlapReply *rs )
{
return rs->sr_err;
}
+static int
+config_back_modrdn( Operation *op, SlapReply *rs )
+{
+ CfBackInfo *cfb;
+ CfEntryInfo *ce, *last;
+
+ if ( !be_isroot( op ) ) {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ send_ldap_result( op, rs );
+ }
+
+ cfb = (CfBackInfo *)op->o_bd->be_private;
+
+ ce = config_find_base( cfb->cb_root, &op->o_req_ndn, &last );
+ if ( !ce ) {
+ if ( last )
+ rs->sr_matched = last->ce_entry->e_name.bv_val;
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ goto out;
+ }
+
+ /* We don't allow moving objects to new parents.
+ * Generally we only allow reordering a set of ordered entries.
+ */
+ if ( op->orr_newSup ) {
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ goto out;
+ }
+ ldap_pvt_thread_pool_pause( &connection_pool );
+
+ ldap_pvt_thread_pool_resume( &connection_pool );
+out:
+ send_ldap_result( op, rs );
+ return rs->sr_err;
+}
+
static int
config_back_search( Operation *op, SlapReply *rs )
{
return 0;
}
+static void
+config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent,
+ Operation *op, SlapReply *rs )
+{
+ Entry *e;
+ ConfigFile *cf = c->private;
+ CfEntryInfo *ce, *ceprev;
+ char *ptr;
+ struct berval bv;
+
+ if ( ceparent->ce_kids ) {
+ for ( ceprev = ceparent->ce_kids; ceprev->ce_sibs;
+ ceprev = ceprev->ce_sibs );
+ }
+
+ for (; cf; cf=cf->c_sibs, c->depth++) {
+ c->value_dn.bv_val = c->log;
+ bv.bv_val = strrchr(cf->c_file.bv_val, LDAP_DIRSEP[0]);
+ if ( !bv.bv_val ) {
+ bv = cf->c_file;
+ } else {
+ bv.bv_val++;
+ bv.bv_len = cf->c_file.bv_len - (bv.bv_val - cf->c_file.bv_val);
+ }
+ ptr = strchr( bv.bv_val, '.' );
+ if ( ptr )
+ bv.bv_len = ptr - bv.bv_val;
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=" IFMT, c->depth);
+ strncpy( c->value_dn.bv_val + c->value_dn.bv_len, bv.bv_val,
+ bv.bv_len );
+ c->value_dn.bv_len += bv.bv_len;
+ c->value_dn.bv_val[c->value_dn.bv_len] ='\0';
+
+ e = config_alloc_entry( ceparent, &c->value_dn );
+ c->private = cf;
+ config_build_entry( c, e, cfOc_schema, &c->value_dn,
+ c->bi->bi_cf_table, NO_TABLE );
+ ce = e->e_private;
+ ce->ce_type = Cft_Schema;
+ op->ora_e = e;
+ op->o_bd->be_add( op, rs );
+ ce->ce_bi = c->bi;
+ if ( !ceparent->ce_kids ) {
+ ceparent->ce_kids = ce;
+ } else {
+ ceprev->ce_sibs = ce;
+ }
+ ceprev = ce;
+ if ( cf->c_kids ) {
+ c->private = cf->c_kids;
+ config_build_schema_inc( c, ceparent, op, rs );
+ }
+ }
+}
+
static CfEntryInfo *
config_build_includes( ConfigArgs *c, CfEntryInfo *ceparent,
Operation *op, SlapReply *rs )
for (i=0; cf; cf=cf->c_sibs, i++) {
c->value_dn.bv_val = c->log;
- c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include{%02d}", i);
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include" IFMT, i);
e = config_alloc_entry( ceparent, &c->value_dn );
c->private = cf;
config_build_entry( c, e, cfOc_include, &c->value_dn,
if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads )
continue;
c->value_dn.bv_val = c->log;
- c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=module{%02d}", i);
+ c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=module" IFMT, i);
e = config_alloc_entry( ceparent, &c->value_dn );
ce = e->e_private;
ce->ce_type = Cft_Include;
/* Create schema nodes... cn=schema will contain the hardcoded core
* schema, read-only. Child objects will contain runtime loaded schema
- * files. FIXME
+ * files.
*/
rdn = schema_rdn;
e = config_alloc_entry( ceparent, &rdn );
}
ceprev = ce;
- /* Create includeFile nodes... */
+ /* Create includeFile nodes and schema nodes for included schema... */
if ( cfb->cb_config->c_kids ) {
+ c.depth = 0;
+ c.private = cfb->cb_config->c_kids;
+ config_build_schema_inc( &c, ce, op, &rs );
c.private = cfb->cb_config->c_kids;
ceprev = config_build_includes( &c, ceparent, op, &rs );
}
#ifdef SLAPD_MODULES
/* Create Module nodes... */
if ( modpaths.mp_loads ) {
- ceprev = config_build_includes( &c, ceparent, op, &rs );
+ ceprev = config_build_modules( &c, ceparent, op, &rs );
}
#endif
*/
c.line = 0;
- bi = backendInfo;
- for (i=0; i<nBackendInfo; i++, bi++) {
+ LDAP_STAILQ_FOREACH( bi, &backendInfo, bi_next) {
if (!bi->bi_cf_table) continue;
if (!bi->bi_private) continue;
}
/* Create database nodes... */
- for (i=0; i<nBackendDB; i++) {
+ i = -1;
+ LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
slap_overinfo *oi = NULL;
+ i++;
if ( i == 0 ) {
bptr = frontendDB;
} else {
- bptr = &backendDB[i];
+ bptr = be;
}
if ( overlay_is_over( bptr )) {
oi = bptr->bd_info->bi_private;
bi = bptr->bd_info;
}
rdn.bv_val = c.log;
- rdn.bv_len = sprintf(rdn.bv_val, "%s={%0x}%s", cfAd_database->ad_cname.bv_val,
+ rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s", cfAd_database->ad_cname.bv_val,
i, bi->bi_type);
e = config_alloc_entry( ceparent, &rdn );
ce = e->e_private;
for (j=0,on=oi->oi_list; on; j++,on=on->on_next) {
rdn.bv_val = c.log;
- rdn.bv_len = sprintf(rdn.bv_val, "%s={%0x}%s",
+ rdn.bv_len = sprintf(rdn.bv_val, "%s=" IFMT "%s",
cfAd_overlay->ad_cname.bv_val, j, on->on_bi.bi_type );
oe = config_alloc_entry( opar, &rdn );
ce = oe->e_private;
cfb = ch_calloc( 1, sizeof(CfBackInfo));
cfb->cb_config = &cf_prv;
- cfb->cb_be = be;
be->be_private = cfb;
ber_dupbv( &be->be_rootdn, &config_rdn );
{ "database", &cfAd_database },
{ "include", &cfAd_include },
{ "overlay", &cfAd_overlay },
- { NULL, NULL, NULL }
+ { NULL, NULL }
};
/* Notes:
ConfigTable *ct = config_back_cf_table;
char *argv[4];
int i;
+ static char *controls[] = {
+ LDAP_CONTROL_MANAGEDSAIT,
+ NULL
+ };
+
+ bi->bi_controls = controls;
bi->bi_open = 0;
bi->bi_close = 0;
bi->bi_op_search = config_back_search;
bi->bi_op_compare = 0;
bi->bi_op_modify = config_back_modify;
- bi->bi_op_modrdn = 0;
- bi->bi_op_add = 0;
+ bi->bi_op_modrdn = config_back_modrdn;
+ bi->bi_op_add = config_back_add;
bi->bi_op_delete = 0;
bi->bi_op_abandon = 0;