/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2003-2005 The OpenLDAP Foundation.
+ * Copyright 2003-2006 The OpenLDAP Foundation.
* Portions Copyright 2003 Pierangelo Masarati.
* All rights reserved.
*
#include "slap.h"
#include "rwm.h"
+static int
+rwm_db_destroy( BackendDB *be );
+
static int
rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie )
{
}
if ( olddn != op->o_req_dn.bv_val ) {
- ch_free( op->ora_e->e_name.bv_val );
- ch_free( op->ora_e->e_nname.bv_val );
-
- ber_dupbv( &op->ora_e->e_name, &op->o_req_dn );
- ber_dupbv( &op->ora_e->e_nname, &op->o_req_ndn );
+ ber_bvreplace( &op->ora_e->e_name, &op->o_req_dn );
+ ber_bvreplace( &op->ora_e->e_nname, &op->o_req_ndn );
}
/* Count number of attributes in entry */
}
}
- } else if ( !isupdate && (*ap)->a_desc->ad_type->sat_no_user_mod ) {
+ } else if ( !isupdate && !get_manageDIT( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
+ {
goto next_attr;
} else {
return -1;
} else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
- free( op->orc_ava->aa_value.bv_val );
- op->orc_ava->aa_value = mapped_vals[0];
+ ber_bvreplace_x( &op->orc_ava->aa_value, &mapped_vals[0], op->o_tmpmemctx );
}
mapped_at = op->orc_ava->aa_desc->ad_cname;
return -1;
}
- op->orc_ava->aa_value = mapped_vals[0];
+ if ( mapped_vals[ 0 ].bv_val != op->orc_ava->aa_value.bv_val ) {
+ /* NOTE: if we get here, rwm_dnattr_rewrite()
+ * already freed the old value, so now
+ * it's invalid */
+ ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
+ op->o_tmpmemctx );
+ ber_memfree_x( mapped_vals[ 0 ].bv_val, NULL );
+ }
}
op->orc_ava->aa_desc = ad;
}
{
is_oc = 1;
- } else if ( !isupdate && (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
+ } else if ( !isupdate && !get_manageDIT( op ) && (*mlp)->sml_desc->ad_type->sat_no_user_mod )
+ {
goto next_mod;
} else {
char *text = NULL;
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "searchDN" );
+ rc = rewrite_session_var_set( rwmap->rwm_rw, op->o_conn,
+ "searchFilter", op->ors_filterstr.bv_val );
+ if ( rc == LDAP_SUCCESS )
+ rc = rwm_op_dn_massage( op, rs, "searchDN" );
#else /* ! ENABLE_REWRITE */
rc = 1;
rc = rwm_op_dn_massage( op, rs, &rc );
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
- rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
+ rc = rwm_filter_map_rewrite( op, &dc, op->ors_filter, &fstr );
if ( rc != LDAP_SUCCESS ) {
text = "searchFilter/searchFilterAttrDN massage error";
goto error_return;
}
+static int
+rwm_exop_passwd( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ int rc;
+
+ struct berval id = BER_BVNULL,
+ pwold = BER_BVNULL,
+ pwnew = BER_BVNULL;
+
+ if ( !BER_BVISNULL( &op->o_req_ndn ) ) {
+ return LDAP_SUCCESS;
+ }
+
+ if ( !SLAP_ISGLOBALOVERLAY( op->o_bd ) ) {
+ rs->sr_err = LDAP_OTHER;
+ return rs->sr_err;
+ }
+
+ rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
+ &pwold, &pwnew, &rs->sr_text );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ return rs->sr_err;
+ }
+
+ if ( !BER_BVISNULL( &id ) ) {
+ rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
+ &op->o_req_ndn, op->o_tmpmemctx );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_text = "Invalid DN";
+ return rs->sr_err;
+ }
+
+ } else {
+ ber_dupbv_x( &op->o_req_dn, &op->o_dn, op->o_tmpmemctx );
+ ber_dupbv_x( &op->o_req_ndn, &op->o_ndn, op->o_tmpmemctx );
+ }
+
+#ifdef ENABLE_REWRITE
+ rc = rwm_op_dn_massage( op, rs, "extendedDN" );
+#else /* ! ENABLE_REWRITE */
+ rc = 1;
+ rc = rwm_op_dn_massage( op, rs, &rc );
+#endif /* ! ENABLE_REWRITE */
+ if ( rc != LDAP_SUCCESS ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, rc, "extendedDN massage error" );
+ return -1;
+ }
+
+ /* TODO: re-encode the request */
+
+ return SLAP_CB_CONTINUE;
+}
+
+static struct exop {
+ struct berval oid;
+ BI_op_extended *extended;
+} exop_table[] = {
+ { BER_BVC(LDAP_EXOP_MODIFY_PASSWD), rwm_exop_passwd },
+ { BER_BVNULL, NULL }
+};
+
static int
rwm_extended( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
+ int i;
+
+ for ( i = 0; exop_table[i].extended != NULL; i++ ) {
+ if ( bvmatch( &exop_table[i].oid, &op->oq_extended.rs_reqoid ) )
+ {
+ rc = exop_table[i].extended( op, rs );
+ switch ( rc ) {
+ case LDAP_SUCCESS:
+ break;
+
+ case SLAP_CB_CONTINUE:
+ case SLAPD_ABANDON:
+ return rc;
+
+ default:
+ send_ldap_result( op, rs );
+ return rc;
+ }
+ break;
+ }
+ }
+
#ifdef ENABLE_REWRITE
rc = rwm_op_dn_massage( op, rs, "extendedDN" );
#else /* ! ENABLE_REWRITE */
}
} else if ( !isupdate
+ && !get_manageDIT( op )
&& (*ap)->a_desc->ad_type->sat_no_user_mod
&& (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
{
* the value is replaced by
* ch_alloc'ed memory
*/
- ch_free( bv[0].bv_val );
- ber_dupbv( &bv[0], &mapped );
+ ber_bvreplace( &bv[0], &mapped );
}
}
goto fail;
}
+ flags &= ~REP_ENTRY_MUSTRELEASE;
flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
}
* to return, and remap them accordingly */
(void)rwm_attrs( op, rs, &e->e_attrs, 1 );
-#if 0
- if ( rs->sr_operational_attrs ) {
- (void)rwm_attrs( op, rs, &rs->sr_operational_attrs, 0 );
+ if ( rs->sr_flags & REP_ENTRY_MUSTRELEASE ) {
+ be_entry_release_rw( op, rs->sr_entry, 0 );
}
-#endif
rs->sr_entry = e;
rs->sr_flags = flags;
static int
rwm_rw_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
#ifdef ENABLE_REWRITE
slap_overinst *on = (slap_overinst *) be->bd_info;
static int
rwm_suffixmassage_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
static int
rwm_m_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
static int
rwm_db_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
} else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
-#if 0
/* TODO: not implemented yet */
} else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
+ fprintf( stderr,
+ "%s: line %d: \"discover\" not supported yet "
+ "in \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno );
+ return( 1 );
+#if 0
rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
#endif
static int
rwm_db_init(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldapmapping *mapping = NULL;
struct ldaprwmap *rwmap;
+#ifdef ENABLE_REWRITE
+ char *rargv[ 3 ];
+#endif /* ENABLE_REWRITE */
+ int rc = 0;
- rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
- memset(rwmap, 0, sizeof(struct ldaprwmap));
+ rwmap = (struct ldaprwmap *)ch_calloc( 1, sizeof( struct ldaprwmap ) );
#ifdef ENABLE_REWRITE
rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
if ( rwmap->rwm_rw == NULL ) {
- ch_free( rwmap );
- return -1;
+ rc = -1;
+ goto error_return;
}
- {
- char *rargv[3];
-
- /* this rewriteContext by default must be null;
- * rules can be added if required */
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "searchFilter";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
-
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "default";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
- }
-
+ /* this rewriteContext by default must be null;
+ * rules can be added if required */
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "searchFilter";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 1, 2, rargv );
+
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "default";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "<suffix massage>", 2, 2, rargv );
#endif /* ENABLE_REWRITE */
if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
rwm_map_init( &rwmap->rwm_at, &mapping ) != LDAP_SUCCESS )
{
- return 1;
+ rc = 1;
+ goto error_return;
}
+error_return:;
on->on_bi.bi_private = (void *)rwmap;
- return 0;
+ if ( rc ) {
+ (void)rwm_db_destroy( be );
+ }
+
+ return rc;
}
static int
rwm_db_destroy(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
int rc = 0;
(struct ldaprwmap *)on->on_bi.bi_private;
#ifdef ENABLE_REWRITE
- if (rwmap->rwm_rw) {
+ if ( rwmap->rwm_rw ) {
rewrite_info_delete( &rwmap->rwm_rw );
}
#else /* !ENABLE_REWRITE */
}
#endif /* !ENABLE_REWRITE */
- avl_free( rwmap->rwm_oc.remap, NULL );
+ avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
- avl_free( rwmap->rwm_at.remap, NULL );
+ avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_at.map, rwm_mapping_free );
+
+ ch_free( rwmap );
}
return rc;
static slap_overinst rwm = { { NULL } };
+#if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
+static
+#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
int
-rwm_init(void)
+rwm_initialize( void )
{
memset( &rwm, 0, sizeof( slap_overinst ) );
rwm.on_bi.bi_type = "rwm";
+ rwm.on_bi.bi_flags =
+ SLAPO_BFLAG_SINGLE |
+ 0;
rwm.on_bi.bi_db_init = rwm_db_init;
rwm.on_bi.bi_db_config = rwm_db_config;
int
init_module( int argc, char *argv[] )
{
- return rwm_init();
+ return rwm_initialize();
}
#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */