Only return requested attrs in sssvlv response

[openldap] / servers / slapd / overlays / auditlog.c

diff --git a/servers/slapd/overlays/auditlog.c b/servers/slapd/overlays/auditlog.c
index 41da39cbc8510498efdc2c22a65cc02c15faaff4..97342f1e105b3b5c819ef5a8d3652f20e14b928a 100644 (file)
--- a/servers/slapd/overlays/auditlog.c
+++ b/servers/slapd/overlays/auditlog.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2005 The OpenLDAP Foundation.
+ * Copyright 2005-2011 The OpenLDAP Foundation.
  * Portions copyright 2004-2005 Symas Corporation.
  * All rights reserved.
  *
@@ -29,6 +29,7 @@
 #include <ac/ctype.h>
 
 #include "slap.h"
+#include "config.h"
 #include "ldif.h"
 
 typedef struct auditlog_data {
@@ -36,7 +37,27 @@ typedef struct auditlog_data {
        char *ad_logfile;
 } auditlog_data;
 
-int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
+static ConfigTable auditlogcfg[] = {
+       { "auditlog", "filename", 2, 2, 0,
+         ARG_STRING|ARG_OFFSET,
+         (void *)offsetof(auditlog_data, ad_logfile),
+         "( OLcfgOvAt:15.1 NAME 'olcAuditlogFile' "
+         "DESC 'Filename for auditlogging' "
+         "SYNTAX OMsDirectoryString )", NULL, NULL },
+       { NULL, NULL, 0, 0, 0, ARG_IGNORED }
+};
+
+static ConfigOCs auditlogocs[] = {
+       { "( OLcfgOvOc:15.1 "
+         "NAME 'olcAuditlogConfig' "
+         "DESC 'Auditlog configuration' "
+         "SUP olcOverlayConfig "
+         "MAY ( olcAuditlogFile ) )",
+         Cft_Overlay, auditlogcfg },
+       { NULL, 0, NULL }
+};
+
+static int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
        char *s;
        if((s = ldif_put(LDIF_PUT_VALUE, name, val, len)) == NULL)
                return(-1);
@@ -45,20 +66,20 @@ int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
        return(0);
 }
 
-int auditlog_response(Operation *op, SlapReply *rs) {
+static int auditlog_response(Operation *op, SlapReply *rs) {
        slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
        auditlog_data *ad = on->on_bi.bi_private;
        FILE *f;
        Attribute *a;
        Modifications *m;
-       struct berval *b;
-       char *what, *subop, *suffix, *who = NULL;
-       long stamp = slap_get_time();
+       struct berval *b, *who = NULL, peername;
+       char *what, *whatm, *suffix;
+       time_t stamp;
        int i;
 
        if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
 
-       if ( !op->o_bd || !ad->ad_logfile ) return SLAP_CB_CONTINUE;
+       if ( !ad->ad_logfile ) return SLAP_CB_CONTINUE;
 
 /*
 ** add or modify: use modifiersName if present
@@ -71,15 +92,17 @@ int auditlog_response(Operation *op, SlapReply *rs) {
                        what = "add";
                        for(a = op->ora_e->e_attrs; a; a = a->a_next)
                                if( a->a_desc == slap_schema.si_ad_modifiersName ) {
-                                       who = a->a_vals[0].bv_val;
+                                       who = &a->a_vals[0];
                                        break;
                                }
                        break;
                case LDAP_REQ_MODIFY:
                        what = "modify";
                        for(m = op->orm_modlist; m; m = m->sml_next)
-                               if( m->sml_desc == slap_schema.si_ad_modifiersName ) {
-                                       who = m->sml_values[0].bv_val;
+                               if( m->sml_desc == slap_schema.si_ad_modifiersName &&
+                                       ( m->sml_op == LDAP_MOD_ADD ||
+                                       m->sml_op == LDAP_MOD_REPLACE )) {
+                                       who = &m->sml_values[0];
                                        break;
                                }
                        break;
@@ -94,22 +117,31 @@ int auditlog_response(Operation *op, SlapReply *rs) {
 ** note: this means requestor's dn when modifiersName is null
 */
        if ( !who )
-               who = op->o_dn.bv_val;
+               who = &op->o_dn;
 
+       peername = op->o_conn->c_peer_name;
        ldap_pvt_thread_mutex_lock(&ad->ad_mutex);
        if((f = fopen(ad->ad_logfile, "a")) == NULL) {
                ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
                return SLAP_CB_CONTINUE;
        }
 
-       fprintf(f, "# %s %ld %s%s%s\ndn: %s\nchangetype: %s\n",
-               what, stamp, suffix, who ? " " : "", who ? who : "",
+       stamp = slap_get_time();
+       fprintf(f, "# %s %ld %s%s%s %s conn=%ld\n",
+               what, (long)stamp, suffix, who ? " " : "", who ? who->bv_val : "",
+               peername.bv_val ? peername.bv_val: "", op->o_conn->c_connid);
+
+       if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) &&
+               (!who || !dn_match( who, &op->o_conn->c_dn )))
+               fprintf(f, "# realdn: %s\n", op->o_conn->c_dn.bv_val );
+
+       fprintf(f, "dn: %s\nchangetype: %s\n",
                op->o_req_dn.bv_val, what);
 
        switch(op->o_tag) {
          case LDAP_REQ_ADD:
                for(a = op->ora_e->e_attrs; a; a = a->a_next)
-                   if(b = a->a_vals)
+                 if((b = a->a_vals) != NULL)
                        for(i = 0; b[i].bv_val; i++)
                                fprint_ldif(f, a->a_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
                break;
@@ -117,16 +149,17 @@ int auditlog_response(Operation *op, SlapReply *rs) {
          case LDAP_REQ_MODIFY:
                for(m = op->orm_modlist; m; m = m->sml_next) {
                        switch(m->sml_op & LDAP_MOD_OP) {
-                               case LDAP_MOD_ADD:       what = "add";          break;
-                               case LDAP_MOD_REPLACE:   what = "replace";      break;
-                               case LDAP_MOD_DELETE:    what = "delete";       break;
-                               case LDAP_MOD_INCREMENT: what = "increment";    break;
+                               case LDAP_MOD_ADD:       whatm = "add";         break;
+                               case LDAP_MOD_REPLACE:   whatm = "replace";     break;
+                               case LDAP_MOD_DELETE:    whatm = "delete";      break;
+                               case LDAP_MOD_INCREMENT: whatm = "increment";   break;
                                default:
                                        fprintf(f, "# MOD_TYPE_UNKNOWN:%02x\n", m->sml_op & LDAP_MOD_OP);
                                        continue;
                        }
-                       fprintf(f, "%s: %s\n", what, m->sml_desc->ad_cname.bv_val);
-                       if(b = m->sml_values) for(i = 0; b[i].bv_val; i++)
+                       fprintf(f, "%s: %s\n", whatm, m->sml_desc->ad_cname.bv_val);
+                       if((b = m->sml_values) != NULL)
+                         for(i = 0; b[i].bv_val; i++)
                                fprint_ldif(f, m->sml_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
                        fprintf(f, "-\n");
                }
@@ -143,7 +176,7 @@ int auditlog_response(Operation *op, SlapReply *rs) {
                break;
        }
 
-       fprintf(f, "# end %s %ld\n\n", what, stamp);
+       fprintf(f, "# end %s %ld\n\n", what, (long)stamp);
 
        fclose(f);
        ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
@@ -154,11 +187,12 @@ static slap_overinst auditlog;
 
 static int
 auditlog_db_init(
-       BackendDB *be
+       BackendDB *be,
+       ConfigReply *cr
 )
 {
        slap_overinst *on = (slap_overinst *)be->bd_info;
-       auditlog_data *ad = ch_malloc(sizeof(auditlog_data));
+       auditlog_data *ad = ch_calloc(1, sizeof(auditlog_data));
 
        on->on_bi.bi_private = ad;
        ldap_pvt_thread_mutex_init( &ad->ad_mutex );
@@ -167,7 +201,8 @@ auditlog_db_init(
 
 static int
 auditlog_db_close(
-       BackendDB *be
+       BackendDB *be,
+       ConfigReply *cr
 )
 {
        slap_overinst *on = (slap_overinst *)be->bd_info;
@@ -175,11 +210,13 @@ auditlog_db_close(
 
        free( ad->ad_logfile );
        ad->ad_logfile = NULL;
+       return 0;
 }
 
 static int
 auditlog_db_destroy(
-       BackendDB *be
+       BackendDB *be,
+       ConfigReply *cr
 )
 {
        slap_overinst *on = (slap_overinst *)be->bd_info;
@@ -187,49 +224,30 @@ auditlog_db_destroy(
 
        ldap_pvt_thread_mutex_destroy( &ad->ad_mutex );
        free( ad );
+       return 0;
 }
 
-static int
-auditlog_config(
-       BackendDB       *be,
-       const char      *fname,
-       int             lineno,
-       int             argc,
-       char    **argv
-)
-{
-       slap_overinst *on = (slap_overinst *) be->bd_info;
-       auditlog_data *ad = on->on_bi.bi_private;
-
-       /* history log file */
-       if ( strcasecmp( argv[0], "auditlog" ) == 0 ) {
-               if ( argc < 2 ) {
-                       Debug( LDAP_DEBUG_ANY,
-           "%s: line %d: missing filename in \"auditlog <filename>\" line\n",
-                           fname, lineno, 0 );
-                               return( 1 );
-               }
-               ad->ad_logfile = ch_strdup( argv[1] );
-               return 0;
-       }
-       return SLAP_CONF_UNKNOWN;
-}
-
-int auditlog_init() {
+int auditlog_initialize() {
+       int rc;
 
        auditlog.on_bi.bi_type = "auditlog";
        auditlog.on_bi.bi_db_init = auditlog_db_init;
-       auditlog.on_bi.bi_db_config = auditlog_config;
        auditlog.on_bi.bi_db_close = auditlog_db_close;
        auditlog.on_bi.bi_db_destroy = auditlog_db_destroy;
        auditlog.on_response = auditlog_response;
 
+       auditlog.on_bi.bi_cf_ocs = auditlogocs;
+       rc = config_register_schema( auditlogcfg, auditlogocs );
+       if ( rc ) return rc;
+
        return overlay_register(&auditlog);
 }
 
 #if SLAPD_OVER_AUDITLOG == SLAPD_MOD_DYNAMIC && defined(PIC)
-int init_module( int argc, char *argv[]) {
-       return auditlog_init();
+int
+init_module( int argc, char *argv[] )
+{
+       return auditlog_initialize();
 }
 #endif