/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2004 The OpenLDAP Foundation.
+ * Copyright 2004-2006 The OpenLDAP Foundation.
* Portions Copyright 2004 Symas Corporation.
* All rights reserved.
*
#include <ac/socket.h>
#include "slap.h"
+#include "config.h"
static slap_overinst refint;
BerValue nnothing; /* normalized nothingness */
} refint_data;
+enum {
+ REFINT_ATTRS = 1,
+ REFINT_NOTHING
+};
+
+static ConfigDriver refint_cf_gen;
+
+static ConfigTable refintcfg[] = {
+ { "refint_attributes", "attribute...", 2, 0, 0,
+ ARG_MAGIC|REFINT_ATTRS, refint_cf_gen,
+ "( OLcfgOvAt:11.1 NAME 'olcRefintAttribute' "
+ "DESC 'Attributes for referential integrity' "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
+ { "refint_nothing", "string", 2, 2, 0,
+ ARG_DN|ARG_MAGIC|REFINT_NOTHING, refint_cf_gen,
+ "( OLcfgOvAt:11.2 NAME 'olcRefintNothing' "
+ "DESC 'Replacement DN to supply when needed' "
+ "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
+ { NULL, NULL, 0, 0, 0, ARG_IGNORED }
+};
+
+static ConfigOCs refintocs[] = {
+ { "( OLcfgOvOc:11.1 "
+ "NAME 'olcRefintConfig' "
+ "DESC 'Referential integrity configuration' "
+ "SUP olcOverlayConfig "
+ "MAY ( olcRefintAttribute $ olcRefintNothing ) )",
+ Cft_Overlay, refintcfg },
+ { NULL, 0, NULL }
+};
+
+static int
+refint_cf_gen(ConfigArgs *c)
+{
+ slap_overinst *on = (slap_overinst *)c->bi;
+ refint_data *dd = (refint_data *)on->on_bi.bi_private;
+ refint_attrs *ip, *pip, **pipp = NULL;
+ AttributeDescription *ad;
+ const char *text;
+ int rc = ARG_BAD_CONF;
+ int i;
+
+ switch ( c->op ) {
+ case SLAP_CONFIG_EMIT:
+ switch ( c->type ) {
+ case REFINT_ATTRS:
+ ip = dd->attrs;
+ while ( ip ) {
+ value_add_one( &c->rvalue_vals,
+ &ip->attr->ad_cname );
+ ip = ip->next;
+ }
+ rc = 0;
+ break;
+ case REFINT_NOTHING:
+ if ( !BER_BVISEMPTY( &dd->nothing )) {
+ rc = value_add_one( &c->rvalue_vals,
+ &dd->nothing );
+ if ( rc ) return rc;
+ rc = value_add_one( &c->rvalue_nvals,
+ &dd->nnothing );
+ return rc;
+ }
+ rc = 0;
+ break;
+ default:
+ abort ();
+ }
+ break;
+ case LDAP_MOD_DELETE:
+ switch ( c->type ) {
+ case REFINT_ATTRS:
+ pipp = &dd->attrs;
+ if ( c->valx < 0 ) {
+ ip = *pipp;
+ *pipp = NULL;
+ while ( ip ) {
+ pip = ip;
+ ip = ip->next;
+ ch_free ( pip );
+ }
+ } else {
+ /* delete from linked list */
+ for ( i=0; i < c->valx; ++i ) {
+ pipp = &(*pipp)->next;
+ }
+ ip = *pipp;
+ *pipp = (*pipp)->next;
+
+ /* AttributeDescriptions are global so
+ * shouldn't be freed here... */
+ ch_free ( ip );
+ }
+ rc = 0;
+ break;
+ case REFINT_NOTHING:
+ if ( dd->nothing.bv_val )
+ ber_memfree ( dd->nothing.bv_val );
+ if ( dd->nnothing.bv_val )
+ ber_memfree ( dd->nnothing.bv_val );
+ dd->nothing.bv_len = 0;
+ dd->nnothing.bv_len = 0;
+ rc = 0;
+ break;
+ default:
+ abort ();
+ }
+ break;
+ case SLAP_CONFIG_ADD:
+ /* fallthrough to LDAP_MOD_ADD */
+ case LDAP_MOD_ADD:
+ switch ( c->type ) {
+ case REFINT_ATTRS:
+ rc = 0;
+ for ( i=1; i < c->argc; ++i ) {
+ ad = NULL;
+ if ( slap_str2ad ( c->argv[i], &ad, &text )
+ == LDAP_SUCCESS) {
+ ip = ch_malloc (
+ sizeof ( refint_attrs ) );
+ ip->attr = ad;
+ ip->next = dd->attrs;
+ dd->attrs = ip;
+ } else {
+ Debug ( LDAP_DEBUG_CONFIG,
+ "refint add: <%s>: %s\n",
+ c->argv[i], text, NULL );
+ strncpy ( c->msg,
+ text,
+ SLAP_TEXT_BUFLEN-1 );
+ c->msg[SLAP_TEXT_BUFLEN-1] = '\0';
+ rc = ARG_BAD_CONF;
+ }
+ }
+ break;
+ case REFINT_NOTHING:
+ if ( dd->nothing.bv_val )
+ ber_memfree ( dd->nothing.bv_val );
+ if ( dd->nnothing.bv_val )
+ ber_memfree ( dd->nnothing.bv_val );
+ dd->nothing = c->value_dn;
+ dd->nnothing = c->value_ndn;
+ rc = 0;
+ break;
+ default:
+ abort ();
+ }
+ break;
+ default:
+ abort ();
+ }
+
+ return rc;
+}
+
/*
** allocate new refint_data;
-** initialize, copy basedn;
** store in on_bi.bi_private;
**
*/
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
- refint_data *id = ch_malloc(sizeof(refint_data));
- refint_attrs *ip;
+ refint_data *id = ch_calloc(1,sizeof(refint_data));
+
id->message = "_init";
- id->attrs = NULL;
- id->newdn.bv_val = NULL;
- id->nothing.bv_val = NULL;
- id->nnothing.bv_val = NULL;
- ber_dupbv( &id->dn, &be->be_nsuffix[0] );
on->on_bi.bi_private = id;
return(0);
}
-
-/*
-** if command = attributes:
-** foreach argument:
-** convert to attribute;
-** add to configured attribute list;
-** elseif command = basedn:
-** set our basedn to argument;
-**
-*/
-
static int
-refint_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
+refint_db_destroy(
+ BackendDB *be
)
{
- slap_overinst *on = (slap_overinst *) be->bd_info;
- refint_data *id = on->on_bi.bi_private;
- refint_attrs *ip;
- const char *text;
- AttributeDescription *ad;
- BerValue dn;
- int i;
+ slap_overinst *on = (slap_overinst *)be->bd_info;
- if(!strcasecmp(*argv, "refint_attributes")) {
- for(i = 1; i < argc; i++) {
- for(ip = id->attrs; ip; ip = ip->next)
- if(!strcmp(argv[i], ip->attr->ad_cname.bv_val)) {
- Debug(LDAP_DEBUG_ANY,
- "%s: line %d: duplicate attribute <s>, ignored\n",
- fname, lineno, argv[i]);
- continue;
- }
- ad = NULL;
- if(slap_str2ad(argv[i], &ad, &text) != LDAP_SUCCESS) {
- Debug(LDAP_DEBUG_ANY,
- "%s: line %d: bad attribute <%s>, ignored\n",
- fname, lineno, text);
- continue; /* XXX */
- } else if(ad->ad_next) {
- Debug(LDAP_DEBUG_ANY,
- "%s: line %d: multiple attributes match <%s>, ignored\n",
- fname, lineno, argv[i]);
- continue;
- }
- ip = ch_malloc(sizeof(refint_attrs));
- ip->attr = ad;
- ip->next = id->attrs;
- id->attrs = ip;
- Debug(LDAP_DEBUG_ANY, "%s: line %d: new attribute <%s>\n",
- fname, lineno, argv[i]);
- }
- } else if(!strcasecmp(*argv, "refint_base")) {
- /* XXX only one basedn (yet) - need validate argument! */
- if(id->dn.bv_val) ch_free(id->dn.bv_val);
- ber_str2bv( argv[1], 0, 0, &dn );
- Debug(LDAP_DEBUG_ANY, "%s: line %d: new baseDN <%s>\n",
- fname, lineno, argv[1]);
- if(dnNormalize(0, NULL, NULL, &dn, &id->dn, NULL)) {
- Debug(LDAP_DEBUG_ANY, "%s: line %d: bad baseDN!\n", fname, lineno, 0);
- return(1);
- }
- } else if(!strcasecmp(*argv, "refint_nothing")) {
- if(id->nothing.bv_val) ch_free(id->nothing.bv_val);
- if(id->nnothing.bv_val) ch_free(id->nnothing.bv_val);
- ber_str2bv( argv[1], 0, 1, &id->nothing );
- if(dnNormalize(0, NULL, NULL, &id->nothing, &id->nnothing, NULL)) {
- Debug(LDAP_DEBUG_ANY, "%s: line %d: bad nothingDN!\n", fname, lineno, 0);
- return(1);
- }
- Debug(LDAP_DEBUG_ANY, "%s: line %d: new nothingDN<%s>\n",
- fname, lineno, argv[1]);
- } else {
- return(SLAP_CONF_UNKNOWN);
+ if ( on->on_bi.bi_private ) {
+ ch_free( on->on_bi.bi_private );
+ on->on_bi.bi_private = NULL;
}
-
- id->message = "_config";
return(0);
}
-
/*
-** nothing really happens here;
+** initialize, copy basedn if not already set
**
*/
slap_overinst *on = (slap_overinst *)be->bd_info;
refint_data *id = on->on_bi.bi_private;
id->message = "_open";
+
+ if ( BER_BVISNULL( &id->dn )) {
+ if ( BER_BVISNULL( &be->be_nsuffix[0] ))
+ return -1;
+ ber_dupbv( &id->dn, &be->be_nsuffix[0] );
+ }
return(0);
}
ch_free(id->nothing.bv_val);
ch_free(id->nnothing.bv_val);
- on->on_bi.bi_private = NULL; /* XXX */
-
- ch_free(id);
+ memset( id, 0, sizeof(*id));
return(0);
}
{
Attribute *a;
BerVarray b = NULL;
- refint_data *id, *dd = op->o_callback->sc_private;
+ refint_data *dd = op->o_callback->sc_private;
refint_attrs *ia, *da = dd->attrs;
- dependent_data *ip, *dp = NULL;
+ dependent_data *ip;
Modifications *mp, *ma;
int i;
ip->mm = NULL;
ma = NULL;
for(ia = da; ia; ia = ia->next) {
- if(a = attr_find(rs->sr_entry->e_attrs, ia->attr))
+ if ( (a = attr_find(rs->sr_entry->e_attrs, ia->attr) ) )
for(i = 0, b = a->a_nvals; b[i].bv_val; i++)
if(bvmatch(&dd->dn, &b[i])) {
if(!ip->dn.bv_val) ber_dupbv(&ip->dn, &rs->sr_entry->e_nname);
mp->sml_values[1].bv_val = mp->sml_nvalues[1].bv_val = NULL;
mp->sml_op = LDAP_MOD_ADD;
+ mp->sml_flags = 0;
ber_dupbv(&mp->sml_values[0], &dd->nothing);
ber_dupbv(&mp->sml_nvalues[0], &dd->nnothing);
mp->sml_next = ma;
mp->sml_values[1].bv_len = mp->sml_nvalues[1].bv_len = 0;
mp->sml_values[1].bv_val = mp->sml_nvalues[1].bv_val = NULL;
mp->sml_op = LDAP_MOD_DELETE;
+ mp->sml_flags = 0;
ber_dupbv(&mp->sml_values[0], &dd->dn);
ber_dupbv(&mp->sml_nvalues[0], &mp->sml_values[0]);
mp->sml_next = ma;
{
Attribute *a;
BerVarray b = NULL;
- refint_data *id, *dd = op->o_callback->sc_private;
+ refint_data *dd = op->o_callback->sc_private;
refint_attrs *ia, *da = dd->attrs;
- dependent_data *ip = NULL, *dp = NULL;
+ dependent_data *ip = NULL;
Modifications *mp;
- int i, j, fix;
+ int i, fix;
Debug(LDAP_DEBUG_TRACE, "refint_modrdn_cb <%s>\n",
rs->sr_entry ? rs->sr_entry->e_name.bv_val : "NOTHING", 0, 0);
*/
for(ia = da; ia; ia = ia->next) {
- if(a = attr_find(rs->sr_entry->e_attrs, ia->attr)) {
+ if((a = attr_find(rs->sr_entry->e_attrs, ia->attr))) {
for(fix = 0, i = 0, b = a->a_nvals; b[i].bv_val; i++)
if(bvmatch(&dd->dn, &b[i])) { fix++; break; }
if(fix) {
}
mp = ch_malloc(sizeof(Modifications));
mp->sml_op = LDAP_MOD_ADD;
+ mp->sml_flags = 0;
mp->sml_desc = ia->attr; /* XXX */
mp->sml_type = ia->attr->ad_cname;
mp->sml_values = ch_malloc(2 * sizeof(BerValue));
ip->mm = mp;
mp = ch_malloc(sizeof(Modifications));
mp->sml_op = LDAP_MOD_DELETE;
+ mp->sml_flags = 0;
mp->sml_desc = ia->attr; /* XXX */
mp->sml_type = ia->attr->ad_cname;
mp->sml_values = ch_malloc(2 * sizeof(BerValue));
refint_data dd = *id;
refint_attrs *ip;
dependent_data *dp;
- char *fstr, *key, *kp, **dnpp, **ndnpp, *cp;
- BerValue ndn, moddn, pdn;
- BerVarray b = NULL;
- int rc, ac, i, j, ksize;
+ BerValue pdn;
+ int rc, ac;
+ Filter ftop, *fptr;
id->message = "_refint_response";
for(ip = id->attrs, ac = 0; ip; ip = ip->next, ac++);
if(!ac) {
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "refint_response called without any attributes";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response called without any attributes\n", 0, 0, 0 );
return SLAP_CB_CONTINUE;
}
if(nop.o_bd) {
if (!nop.o_bd->be_search || !nop.o_bd->be_modify) {
- rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
- rs->sr_text = "backend missing search and/or modify";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: backend missing search and/or modify\n",
+ 0, 0, 0 );
return SLAP_CB_CONTINUE;
}
} else {
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "no known backend? this shouldn't be happening!";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: no backend for our baseDN %s??\n",
+ id->dn.bv_val, 0, 0 );
return SLAP_CB_CONTINUE;
}
}
/*
- ** calculate the search key size and allocate it;
** build a search filter for all configured attributes;
** populate our Operation;
** pass our data (attr list, dn) to backend via sc_private;
**
*/
- for(ksize = 16, ip = id->attrs; ip; ip = ip->next)
- ksize += ip->attr->ad_cname.bv_len + op->o_req_dn.bv_len + 3;
- kp = key = ch_malloc(ksize);
- if(--ac) kp += sprintf(key, "(|");
- for(ip = id->attrs; ip; ip = ip->next)
- kp += sprintf(kp, "(%s=%s)",
- ip->attr->ad_cname.bv_val, op->o_req_dn.bv_val);
- if(ac) *kp++ = ')';
- *kp = 0;
-
- nop.ors_filter = str2filter_x(&nop, key);
- ber_str2bv(key, 0, 0, &nop.ors_filterstr);
+ ftop.f_choice = LDAP_FILTER_OR;
+ ftop.f_next = NULL;
+ ftop.f_or = NULL;
+ nop.ors_filter = &ftop;
+ for(ip = id->attrs; ip; ip = ip->next) {
+ fptr = ch_malloc( sizeof(Filter) + sizeof(AttributeAssertion) );
+ fptr->f_choice = LDAP_FILTER_EQUALITY;
+ fptr->f_ava = (AttributeAssertion *)(fptr+1);
+ fptr->f_ava->aa_desc = ip->attr;
+ fptr->f_ava->aa_value = op->o_req_ndn;
+ fptr->f_next = ftop.f_or;
+ ftop.f_or = fptr;
+ }
+ filter2bv( nop.ors_filter, &nop.ors_filterstr );
/* callback gets the searched dn instead */
dd.dn = op->o_req_ndn;
nop.o_tag = LDAP_REQ_SEARCH;
nop.ors_scope = LDAP_SCOPE_SUBTREE;
nop.ors_deref = LDAP_DEREF_NEVER;
- nop.ors_slimit = -1;
- nop.ors_tlimit = -1;
+ nop.ors_limit = NULL;
+ nop.ors_slimit = SLAP_NO_LIMIT;
+ nop.ors_tlimit = SLAP_NO_LIMIT;
+
+ /* no attrs! */
+ nop.ors_attrs = slap_anlist_no_attrs;
+ nop.ors_attrsonly = 1;
+
nop.o_req_ndn = id->dn;
nop.o_req_dn = id->dn;
/* search */
rc = nop.o_bd->be_search(&nop, &nrs);
- filter_free_x(&nop, nop.ors_filter);
- ch_free(key);
+ ch_free( nop.ors_filterstr.bv_val );
+ while ( (fptr = ftop.f_or) != NULL ) {
+ ftop.f_or = fptr->f_next;
+ ch_free( fptr );
+ }
ch_free(dd.nnewdn.bv_val);
ch_free(dd.newdn.bv_val);
dd.newdn.bv_val = NULL;
dd.nnewdn.bv_val = NULL;
if(rc != LDAP_SUCCESS) {
- rs->sr_err = nrs.sr_err;
- rs->sr_text = "refint_response search failed";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: search failed: %d\n",
+ rc, 0, 0 );
goto done;
}
/* safety? paranoid just in case */
if(!cb.sc_private) {
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "whoa! refint_response callback wiped out sc_private?!";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: callback wiped out sc_private?!\n",
+ 0, 0, 0 );
goto done;
}
dd.message = "_dependent_modify";
/* See if the parent operation is going into the replog */
- cbo = NULL;
- for (cbp = op->o_callback->sc_next; cbp; cbo=cbp,cbp=cbp->sc_next) {
+ for (cbo=op->o_callback, cbp = cbo->sc_next; cbp; cbo=cbp,cbp=cbp->sc_next) {
if (cbp->sc_response == slap_replog_cb) {
/* Invoke replog now, arrange for our
* dependent mods to also be logged
*/
for(dp = dd.mods; dp; dp = dp->next) {
- Modifications **tail, *m;
-
- for(m = dp->mm; m && m->sml_next; m = m->sml_next);
- tail = &m->sml_next;
nop.o_req_dn = dp->dn;
nop.o_req_ndn = dp->dn;
nop.o_bd = select_backend(&dp->dn, 0, 1);
if(!nop.o_bd) {
- rs->sr_err = LDAP_OTHER;
- rs->sr_text = "this should never happen either!";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: no backend for DN %s!\n",
+ dp->dn.bv_val, 0, 0 );
goto done;
}
nrs.sr_type = REP_RESULT;
nop.orm_modlist = dp->mm; /* callback did all the work */
nop.o_dn = refint_dn;
nop.o_ndn = refint_dn;
- rs->sr_err = slap_mods_opattrs( &nop, nop.orm_modlist,
- tail, &rs->sr_text, NULL, 0 );
nop.o_dn = nop.o_bd->be_rootdn;
nop.o_ndn = nop.o_bd->be_rootndn;
if(rs->sr_err != LDAP_SUCCESS) goto done;
if((rc = nop.o_bd->be_modify(&nop, &nrs)) != LDAP_SUCCESS) {
- rs->sr_err = nrs.sr_err;
- rs->sr_text = "dependent modify failed";
+ Debug( LDAP_DEBUG_TRACE,
+ "refint_response: dependent modify failed: %d\n",
+ nrs.sr_err, 0, 0 );
goto done;
}
}
for(dp = dd.mods; dp; dp = dd.mods) {
dd.mods = dp->next;
ch_free(dp->dn.bv_val);
- slap_mods_free(dp->mm);
+ slap_mods_free(dp->mm, 1);
}
dd.mods = NULL;
** it expects to be called automagically during dynamic module initialization
*/
-int refint_init() {
+int refint_initialize() {
+ int rc;
/* statically declared just after the #includes at top */
refint.on_bi.bi_type = "refint";
refint.on_bi.bi_db_init = refint_db_init;
- refint.on_bi.bi_db_config = refint_config;
+ refint.on_bi.bi_db_destroy = refint_db_destroy;
refint.on_bi.bi_db_open = refint_open;
refint.on_bi.bi_db_close = refint_close;
refint.on_response = refint_response;
+ refint.on_bi.bi_cf_ocs = refintocs;
+ rc = config_register_schema ( refintcfg, refintocs );
+ if ( rc ) return rc;
+
return(overlay_register(&refint));
}
#if SLAPD_OVER_REFINT == SLAPD_MOD_DYNAMIC && defined(PIC)
int init_module(int argc, char *argv[]) {
- return refint_init();
+ return refint_initialize();
}
#endif