#define PROTO_SLAP_H
#include <ldap_cdefs.h>
+#include "ldap_pvt.h"
LDAP_BEGIN_DECL
LDAP_SLAPD_F (int) access_allowed LDAP_P((
Backend *be, Connection *conn, Operation *op,
Entry *e, AttributeDescription *desc, struct berval *val,
- slap_access_t access ));
+ slap_access_t access,
+ AccessControlState *state ));
LDAP_SLAPD_F (int) acl_check_modlist LDAP_P((
Backend *be, Connection *conn, Operation *op,
Entry *e, Modifications *ml ));
AttributeDescription **ad,
const char **text ));
-LDAP_SLAPD_F (AttributeDescription *) ad_dup LDAP_P((
- AttributeDescription *desc ));
-
LDAP_SLAPD_F (void) ad_destroy LDAP_P(( AttributeDescription * ));
-#define ad_cmp(l,r) (((l)->ad_cname.bv_len == (r)->ad_cname.bv_len) \
- ? strcasecmp((l)->ad_cname.bv_val, (r)->ad_cname.bv_val ) : 1 )
+#define ad_cmp(l,r) (((l)->ad_cname.bv_len < (r)->ad_cname.bv_len) \
+ ? -1 : (((l)->ad_cname.bv_len > (r)->ad_cname.bv_len) \
+ ? 1 : strcasecmp((l)->ad_cname.bv_val, (r)->ad_cname.bv_val )))
LDAP_SLAPD_F (int) is_ad_subtype LDAP_P((
AttributeDescription *sub,
LDAP_SLAPD_F (int) attr_merge LDAP_P(( Entry *e,
AttributeDescription *desc,
BerVarray vals ));
+LDAP_SLAPD_F (int) attr_merge_one LDAP_P(( Entry *e,
+ AttributeDescription *desc,
+ struct berval *val ));
LDAP_SLAPD_F (Attribute *) attrs_find LDAP_P((
Attribute *a, AttributeDescription *desc ));
LDAP_SLAPD_F (Attribute *) attr_find LDAP_P((
int noSubordinates ));
LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be,
- const char *suffix ));
+ struct berval *suffix ));
LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be,
struct berval *ndn ));
LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be,
BackendDB *be,
Connection *conn,
Operation *op,
- const void *opdata,
+ struct berval *opdata,
const char **text ));
LDAP_SLAPD_F( int ) backend_check_referrals LDAP_P((
#endif
#endif
-/*
- * charray.c
- */
-LDAP_SLAPD_F (void) charray_add LDAP_P(( char ***a, const char *s ));
-LDAP_SLAPD_F (void) charray_add_n LDAP_P(( char ***a, const char *s, int l ));
-LDAP_SLAPD_F (void) charray_merge LDAP_P(( char ***a, char **s ));
-LDAP_SLAPD_F (void) charray_free LDAP_P(( char **array ));
-LDAP_SLAPD_F (int) charray_inlist LDAP_P(( char **a, const char *s ));
-LDAP_SLAPD_F (char **) charray_dup LDAP_P(( char **a ));
-LDAP_SLAPD_F (char **) str2charray LDAP_P(( const char *str, const char *brkstr ));
-LDAP_SLAPD_F (int) charray_strcmp LDAP_P(( const char **a1, const char **a2 ));
-LDAP_SLAPD_F (int) charray_strcasecmp LDAP_P(( const char **a1, const char **a2 ));
-
-LDAP_SLAPD_F (char *) slap_strcopy LDAP_P((
- char *dst, const char *src ));
-LDAP_SLAPD_F (char *) slap_strncopy LDAP_P((
- char *dst, const char *src, size_t n ));
-
/*
* controls.c
*/
/*
* config.c
*/
-LDAP_SLAPD_F (int) read_config LDAP_P(( const char *fname ));
+LDAP_SLAPD_F (int) read_config LDAP_P(( const char *fname, int depth ));
LDAP_SLAPD_F (void) config_destroy LDAP_P ((void));
/*
/*
* dn.c
*/
-#define dn_match(dn1, dn2) \
- (((dn1)->bv_len == (dn2)->bv_len) \
- && (strcmp((dn1)->bv_val, (dn2)->bv_val) == 0))
+
+#define dn_match(dn1, dn2) ( ber_bvcmp((dn1), (dn2)) == 0 )
+#define bvmatch(bv1, bv2) ( ((bv1)->bv_len == (bv2)->bv_len) && (memcmp((bv1)->bv_val, (bv2)->bv_val, (bv1)->bv_len) == 0) )
+
+LDAP_SLAPD_V( const struct berval ) slap_empty_bv;
LDAP_SLAPD_F (int) dnValidate LDAP_P((
Syntax *syntax,
struct berval * parent_dn,
struct berval * newrdn ));
-#define SLAP_DN_MIGRATION
-#ifdef SLAP_DN_MIGRATION
- /* These routines are deprecated!!! */
-LDAP_SLAPD_F (char *) dn_normalize LDAP_P(( char *dn ));
-LDAP_SLAPD_F (char *) dn_parent LDAP_P(( Backend *be, const char *dn ));
-#endif
+LDAP_SLAPD_F (void) dnParent LDAP_P(( struct berval *dn, struct berval *pdn ));
+
+LDAP_SLAPD_F (int) dnX509normalize LDAP_P(( void *x509_name, struct berval *out ));
+
+LDAP_SLAPD_F (int) dnX509peerNormalize LDAP_P(( void *ssl, struct berval *dn ));
+
+LDAP_SLAPD_F (int) dnPrettyNormalDN LDAP_P(( Syntax *syntax, struct berval *val, LDAPDN **dn, int flags ));
+#define dnPrettyDN(syntax, val, dn) \
+ dnPrettyNormalDN((syntax),(val),(dn), SLAP_LDAPDN_PRETTY)
+#define dnNormalDN(syntax, val, dn) \
+ dnPrettyNormalDN((syntax),(val),(dn), 0)
+
/*
* entry.c
typedef int (SLAP_EXTOP_GETOID_FN) LDAP_P((
int index, char *oid, int blen ));
-LDAP_SLAPD_F (int) load_extension LDAP_P((
- const void *module, const char *file_name));
-LDAP_SLAPD_F (char *) get_supported_extension LDAP_P((int index));
-
LDAP_SLAPD_F (int) load_extop LDAP_P((
const char *ext_oid,
SLAP_EXTOP_MAIN_FN *ext_main ));
LDAP_SLAPD_F (int) extops_kill LDAP_P(( void ));
-LDAP_SLAPD_F (char *) get_supported_extop LDAP_P((int index));
+LDAP_SLAPD_F (struct berval *) get_supported_extop LDAP_P((int index));
/*
* filter.c
Connection *conn,
BerElement *ber,
Filter **filt,
- struct berval *fstr,
const char **text ));
LDAP_SLAPD_F (void) filter_free LDAP_P(( Filter *f ));
-LDAP_SLAPD_F (void) filter_print LDAP_P(( Filter *f ));
+LDAP_SLAPD_F (void) filter2bv LDAP_P(( Filter *f, struct berval *bv ));
+
+LDAP_SLAPD_F (int) get_vrFilter LDAP_P(( Connection *conn, BerElement *ber,
+ ValuesReturnFilter **f,
+ const char **text ));
+
+LDAP_SLAPD_F (void) vrFilter_free LDAP_P(( ValuesReturnFilter *f ));
+LDAP_SLAPD_F (void) vrFilter2bv LDAP_P(( ValuesReturnFilter *f, struct berval *fstr ));
+
+/*
+ * define to honor hasSubordinates operational attribute in search filters
+ */
+#define SLAP_X_FILTER_HASSUBORDINATES
+
+#ifdef SLAP_X_FILTER_HASSUBORDINATES
+LDAP_SLAPD_F (int) filter_has_subordinates LDAP_P(( Filter *filter ));
+#endif /* SLAP_X_FILTER_HASSUBORDINATES */
/*
* filterentry.c
*/
+
+/*
+ * define to enable dn components match in extended filter matching
+ */
+#define SLAP_X_MRA_MATCH_DNATTRS
+
LDAP_SLAPD_F (int) test_filter LDAP_P((
Backend *be, Connection *conn, Operation *op,
Entry *e, Filter *f ));
/*
* index.c
*/
-LDAP_SLAPD_F (int) slap_index2prefix LDAP_P(( int indextype ));
LDAP_SLAPD_F (int) slap_str2index LDAP_P(( const char *str, slap_mask_t *idx ));
/*
LDAP_SLAPD_F (int) slap_shutdown LDAP_P(( Backend *be ));
LDAP_SLAPD_F (int) slap_destroy LDAP_P((void));
+LDAP_SLAPD_V (char *) slap_known_controls[];
+
/*
* kerberos.c
*/
LDAP_SLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp ));
/*
- * modify.c
- * should be relocated to separate file
+ * matchedValues.c
*/
-LDAP_SLAPD_F( void ) slap_mod_free( Modification *mod, int freeit );
-LDAP_SLAPD_F( void ) slap_mods_free( Modifications *mods );
-LDAP_SLAPD_F( void ) slap_modlist_free( LDAPModList *ml );
+LDAP_SLAPD_F (int) filter_matched_values(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Attribute *a,
+ char ***e_flags );
+/*
+ * modrdn.c
+ */
+LDAP_SLAPD_F (int) slap_modrdn2mods(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ LDAPRDN *oldrdn,
+ LDAPRDN *newrdn,
+ int deleteoldrdn,
+ Modifications **pmod );
+
+/*
+ * modify.c
+ */
LDAP_SLAPD_F( int ) slap_mods_check(
Modifications *ml,
int update,
const char **text,
char *textbuf, size_t textlen );
-LDAP_SLAPD_F( int ) slap_modlist2mods(
- LDAPModList *ml,
- int update,
- Modifications **mods,
- const char **text,
- char *textbuf, size_t textlen );
-
LDAP_SLAPD_F( int ) slap_mods_opattrs(
+ Backend *be,
Operation *op,
Modifications *mods,
Modifications **modlist,
const char **text,
char *textbuf, size_t textlen );
+/*
+ * mods.c
+ */
+LDAP_SLAPD_F( int ) modify_add_values( Entry *e,
+ Modification *mod,
+ const char **text, char *textbuf, size_t textlen );
+LDAP_SLAPD_F( int ) modify_delete_values( Entry *e,
+ Modification *mod,
+ const char **text, char *textbuf, size_t textlen );
+LDAP_SLAPD_F( int ) modify_replace_values( Entry *e,
+ Modification *mod,
+ const char **text, char *textbuf, size_t textlen );
+
+LDAP_SLAPD_F( void ) slap_mod_free( Modification *mod, int freeit );
+LDAP_SLAPD_F( void ) slap_mods_free( Modifications *mods );
+LDAP_SLAPD_F( void ) slap_modlist_free( LDAPModList *ml );
+
/*
* module.c
*/
LDAP_SLAPD_F (MatchingRule *) mr_bvfind LDAP_P((struct berval *mrname));
LDAP_SLAPD_F (MatchingRule *) mr_find LDAP_P((const char *mrname));
LDAP_SLAPD_F (int) mr_add LDAP_P(( LDAPMatchingRule *mr,
- unsigned usage,
- slap_mr_convert_func *convert,
- slap_mr_normalize_func *normalize,
- slap_mr_match_func *match,
- slap_mr_indexer_func *indexer,
- slap_mr_filter_func *filter,
+ slap_mrule_defs_rec *def,
MatchingRule * associated,
const char **err ));
LDAP_SLAPD_F (void) mr_destroy LDAP_P(( void ));
LDAP_SLAPD_F (int) register_matching_rule LDAP_P((
- const char * desc,
- unsigned usage,
- slap_mr_convert_func *convert,
- slap_mr_normalize_func *normalize,
- slap_mr_match_func *match,
- slap_mr_indexer_func *indexer,
- slap_mr_filter_func *filter,
- const char *associated ));
+ slap_mrule_defs_rec *def ));
LDAP_SLAPD_F (int) mr_schema_info( Entry *e );
+LDAP_SLAPD_F (int) mru_schema_info( Entry *e );
/*
* mra.c
/* oc.c */
LDAP_SLAPD_F (int) oc_add LDAP_P((
LDAPObjectClass *oc,
+ int user,
const char **err));
LDAP_SLAPD_F (void) oc_destroy LDAP_P(( void ));
LDAP_SLAPD_F (ObjectClass *) oc_bvfind LDAP_P((
struct berval *ocname));
LDAP_SLAPD_F (int) is_object_subclass LDAP_P((
- ObjectClass *sub,
- ObjectClass *sup ));
+ ObjectClass *sup,
+ ObjectClass *sub ));
LDAP_SLAPD_F (int) is_entry_objectclass LDAP_P((
- Entry *, ObjectClass *oc ));
+ Entry *, ObjectClass *oc, int set_flags ));
#define is_entry_alias(e) \
- is_entry_objectclass((e), slap_schema.si_oc_alias)
+ (((e)->e_ocflags & SLAP_OC__END) ? ((e)->e_ocflags & SLAP_OC_ALIAS) : \
+ is_entry_objectclass((e), slap_schema.si_oc_alias, 1))
#define is_entry_referral(e) \
- is_entry_objectclass((e), slap_schema.si_oc_referral)
+ (((e)->e_ocflags & SLAP_OC__END) ? ((e)->e_ocflags & SLAP_OC_REFERRAL) : \
+ is_entry_objectclass((e), slap_schema.si_oc_referral, 1))
#define is_entry_subentry(e) \
- is_entry_objectclass((e), slap_schema.si_oc_subentry)
-#define is_entry_collectiveAttributes(e) \
- is_entry_objectclass((e), slap_schema.si_oc_collectiveAttributes)
+ (((e)->e_ocflags & SLAP_OC__END) ? ((e)->e_ocflags & SLAP_OC_SUBENTRY) : \
+ is_entry_objectclass((e), slap_schema.si_oc_subentry, 1))
+#define is_entry_collectiveAttributeSubentry(e) \
+ (((e)->e_ocflags & SLAP_OC__END) ? ((e)->e_ocflags & SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY) : \
+ is_entry_objectclass((e), slap_schema.si_oc_collectiveAttributeSubentry, 1))
#define is_entry_dynamicObject(e) \
- is_entry_objectclass((e), slap_schema.si_oc_dynamicObject)
+ (((e)->e_ocflags & SLAP_OC__END) ? ((e)->e_ocflags & SLAP_OC_DYNAMICOBJECT) : \
+ is_entry_objectclass((e), slap_schema.si_oc_dynamicObject, 1))
LDAP_SLAPD_F (int) oc_schema_info( Entry *e );
/*
* operational.c
*/
-LDAP_SLAPD_F (Attribute *) slap_operational_subschemaSubentry( void );
+LDAP_SLAPD_F (Attribute *) slap_operational_subschemaSubentry( Backend *be );
LDAP_SLAPD_F (Attribute *) slap_operational_hasSubordinate( int has );
/*
const char *host ));
LDAP_SLAPD_F (int) add_replica_suffix LDAP_P(( Backend *be,
int nr, const char *suffix ));
+LDAP_SLAPD_F (int) add_replica_attrs LDAP_P(( Backend *be,
+ int nr, char *attrs, int exclude ));
LDAP_SLAPD_F (void) replog LDAP_P(( Backend *be, Operation *op,
struct berval *dn, struct berval *ndn, void *change ));
Connection *conn, Operation *op,
struct berval *dn, struct berval *ndn,
struct berval *cred,
- char **edn, slap_ssf_t *ssf ));
+ struct berval *edn, slap_ssf_t *ssf ));
+
+LDAP_SLAPD_F (int) slap_sasl_setpass(
+ Connection *conn,
+ Operation *op,
+ const char *reqoid,
+ struct berval *reqdata,
+ char **rspoid,
+ struct berval **rspdata,
+ LDAPControl *** rspctrls,
+ const char **text );
+
+LDAP_SLAPD_F (int) slap_sasl_config(
+ int cargc,
+ char **cargv,
+ char *line,
+ const char *fname,
+ int lineno );
+
/*
* saslauthz.c
*/
-LDAP_SLAPD_F (char *) slap_sasl2dn LDAP_P(( char *saslname ));
+LDAP_SLAPD_F (void) slap_sasl2dn LDAP_P((
+ Connection *conn,
+ struct berval *saslname,
+ struct berval *dn ));
LDAP_SLAPD_F (int) slap_sasl_authorized LDAP_P((
- char *authcid,
- char *authzid ));
+ Connection *conn,
+ struct berval *authcid,
+ struct berval *authzid ));
LDAP_SLAPD_F (int) slap_sasl_regexp_config LDAP_P((
const char *match, const char *replace ));
+LDAP_SLAPD_F (int) slap_sasl_setpolicy LDAP_P(( const char * ));
+LDAP_SLAPD_F (slap_response) slap_cb_null_response;
+LDAP_SLAPD_F (slap_sresult) slap_cb_null_sresult;
+
/*
* schema.c
LDAP_SLAPD_F (int) slap_schema_init LDAP_P((void));
LDAP_SLAPD_F (void) schema_destroy LDAP_P(( void ));
+LDAP_SLAPD_F( int ) octetStringIndexer(
+ slap_mask_t use,
+ slap_mask_t flags,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ BerVarray values,
+ BerVarray *keysp );
+
+LDAP_SLAPD_F( int ) octetStringFilter(
+ slap_mask_t use,
+ slap_mask_t flags,
+ Syntax *syntax,
+ MatchingRule *mr,
+ struct berval *prefix,
+ void * assertValue,
+ BerVarray *keysp );
+
/*
* schema_prep.c
*/
const char *synname ));
LDAP_SLAPD_F (Syntax *) syn_find_desc LDAP_P((
const char *syndesc, int *slen ));
-#ifdef SLAPD_BINARY_CONVERSION
LDAP_SLAPD_F (int) syn_add LDAP_P((
LDAPSyntax *syn,
- unsigned flags,
- slap_syntax_validate_func *validate,
- slap_syntax_transform_func *normalize,
- slap_syntax_transform_func *pretty,
- slap_syntax_transform_func *ber2str,
- slap_syntax_transform_func *str2ber,
+ slap_syntax_defs_rec *def,
const char **err ));
-#else
-LDAP_SLAPD_F (int) syn_add LDAP_P((
- LDAPSyntax *syn,
- unsigned flags,
- slap_syntax_validate_func *validate,
- slap_syntax_transform_func *normalize,
- slap_syntax_transform_func *pretty,
- const char **err ));
-#endif
LDAP_SLAPD_F (void) syn_destroy LDAP_P(( void ));
LDAP_SLAPD_F (int) register_syntax LDAP_P((
- const char *desc,
- unsigned flags,
- slap_syntax_validate_func *validate,
- slap_syntax_transform_func *normalize,
- slap_syntax_transform_func *pretty ));
+ slap_syntax_defs_rec *def ));
LDAP_SLAPD_F (int) syn_schema_info( Entry *e );
/*
* value.c
*/
+LDAP_SLAPD_F (int) value_validate LDAP_P((
+ MatchingRule *mr,
+ struct berval *in,
+ const char ** text ));
LDAP_SLAPD_F (int) value_normalize LDAP_P((
AttributeDescription *ad,
unsigned usage,
struct berval *in,
struct berval *out,
const char ** text ));
+LDAP_SLAPD_F (int) value_validate_normalize LDAP_P((
+ AttributeDescription *ad,
+ unsigned usage,
+ struct berval *in,
+ struct berval *out,
+ const char ** text ));
LDAP_SLAPD_F (int) value_match LDAP_P((
int *match,
AttributeDescription *ad,
LDAP_SLAPD_F (int) value_add LDAP_P((
BerVarray *vals,
BerVarray addvals ));
+LDAP_SLAPD_F (int) value_add_one LDAP_P((
+ BerVarray *vals,
+ struct berval *addval ));
/*
* Other...
LDAP_SLAPD_V (struct slap_limits_set) deflimit;
LDAP_SLAPD_V (slap_access_t) global_default_access;
+LDAP_SLAPD_V (int) global_gentlehup;
LDAP_SLAPD_V (int) global_idletimeout;
LDAP_SLAPD_V (int) global_schemacheck;
LDAP_SLAPD_V (char *) global_host;
LDAP_SLAPD_V (char *) global_realm;
-LDAP_SLAPD_V (int) sasl_external_x509dn_convert;
LDAP_SLAPD_V (char *) default_passwd_hash;
LDAP_SLAPD_V (int) lber_debug;
LDAP_SLAPD_V (int) ldap_syslog;
LDAP_SLAPD_V (struct berval) default_search_base;
LDAP_SLAPD_V (struct berval) default_search_nbase;
-LDAP_SLAPD_V (int) nSaslRegexp;
-LDAP_SLAPD_V (SaslRegexp_t*) SaslRegexp;
+#ifdef SLAPD_SCHEMA_DN
+LDAP_SLAPD_V (struct berval) global_schemadn;
+LDAP_SLAPD_V (struct berval) global_schemandn;
+#endif
LDAP_SLAPD_V (ldap_pvt_thread_mutex_t) num_sent_mutex;
LDAP_SLAPD_V (unsigned long) num_bytes_sent;
LDAP_SLAPD_V (ldap_pvt_thread_mutex_t) num_ops_mutex;
LDAP_SLAPD_V (unsigned long) num_ops_completed;
LDAP_SLAPD_V (unsigned long) num_ops_initiated;
+#ifdef SLAPD_MONITOR
+LDAP_SLAPD_V (unsigned long) num_ops_completed_[SLAP_OP_LAST];
+LDAP_SLAPD_V (unsigned long) num_ops_initiated_[SLAP_OP_LAST];
+#endif /* SLAPD_MONITOR */
LDAP_SLAPD_V (char *) slapd_pid_file;
LDAP_SLAPD_V (char *) slapd_args_file;
LDAP_SLAPD_V (ber_socket_t) dtblsize;
+LDAP_SLAPD_V (int) use_reverse_lookup;
+
+LDAP_SLAPD_V (struct berval) AllUser;
+LDAP_SLAPD_V (struct berval) AllOper;
+LDAP_SLAPD_V (struct berval) NoAttrs;
+
/*
* operations
*/