#include "ldap_queue.h"
LDAP_BEGIN_DECL
+
/*
* SLAPD Memory allocation macros
*
|| (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) )
#define DN_ESCAPE(c) ((c) == SLAP_ESCAPE_CHAR)
-#define DN_SEPARATOR(c) ((c) == ',' || (c) == ';')
+/* NOTE: for consistency, this macro must only operate
+ * on normalized/pretty DN, such that ';' is never used
+ * as RDN separator, and all occurrences of ';' must be escaped */
+#define DN_SEPARATOR(c) ((c) == ',')
#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
#define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"')
#define OID_CHAR(c) ( OID_LEADCHAR(c) || OID_SEPARATOR(c) )
#define ATTR_LEADCHAR(c) ( DESC_LEADCHAR(c) || OID_LEADCHAR(c) )
-#define ATTR_CHAR(c) ( DESC_CHAR((c)) || (c) == '.' )
+#define ATTR_CHAR(c) ( DESC_CHAR((c)) || OID_SEPARATOR(c) )
-#define AD_LEADCHAR(c) ( ATTR_CHAR(c) )
+#define AD_LEADCHAR(c) ( ATTR_LEADCHAR(c) )
#define AD_CHAR(c) ( ATTR_CHAR(c) || (c) == ';' )
#define SLAP_NUMERIC(c) ( ASCII_DIGIT(c) || ASCII_SPACE(c) )
| SLAP_INDEX_SUBSTR_ANY \
| SLAP_INDEX_SUBSTR_FINAL )
-#define SLAP_INDEX_SUBSTR_MINLEN 2
-#define SLAP_INDEX_SUBSTR_MAXLEN 4
-#define SLAP_INDEX_SUBSTR_STEP 2
+/* constants for initial/final substrings indices */
+#ifndef SLAP_INDEX_SUBSTR_IF_MINLEN
+# define SLAP_INDEX_SUBSTR_IF_MINLEN 2
+#endif
+#ifndef SLAP_INDEX_SUBSTR_IF_MAXLEN
+# define SLAP_INDEX_SUBSTR_IF_MAXLEN 4
+#endif
+
+/* constants for any substrings indices */
+#ifndef SLAP_INDEX_SUBSTR_ANY_LEN
+# define SLAP_INDEX_SUBSTR_ANY_LEN 4
+#endif
+#ifndef SLAP_INDEX_SUBSTR_ANY_STEP
+# define SLAP_INDEX_SUBSTR_ANY_STEP 2
+#endif
#define SLAP_INDEX_FLAGS 0xF000UL
#define SLAP_INDEX_NOSUBTYPES 0x1000UL /* don't use index w/ subtypes */
struct berval * out,
void *memctx));
+#ifdef LDAP_DEVEL
+#define LDAP_COMP_MATCH
+#endif
+
+#ifdef LDAP_COMP_MATCH
+typedef void* slap_component_transform_func LDAP_P((
+ struct berval * in ));
+struct ComponentDesc;
+#endif
+
typedef struct slap_syntax {
LDAPSyntax ssyn_syn;
#define ssyn_oid ssyn_syn.syn_oid
slap_syntax_transform_func *ssyn_ber2str;
slap_syntax_transform_func *ssyn_str2ber;
#endif
+#ifdef LDAP_COMP_MATCH
+ slap_component_transform_func *ssyn_attr2comp;
+ struct ComponentDesc* comp_syntax;
+#endif
LDAP_SLIST_ENTRY(slap_syntax) ssyn_next;
} Syntax;
#define SLAP_MR_ORDERING 0x0200U
#define SLAP_MR_SUBSTR 0x0400U
#define SLAP_MR_EXT 0x0800U /* implicitly extensible */
+#ifdef LDAP_COMP_MATCH
+#define SLAP_MR_COMPONENT 0x1000U
+#endif
#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U )
#else
#define SLAP_AT_HIDE 0x8000U /* hide attribute */
#endif
+#define SLAP_AT_DYNAMIC 0x0400U /* dynamically generated */
+
slap_mask_t sat_flags;
LDAP_SLIST_ENTRY(slap_attribute_type) sat_next;
AttributeDescription *si_ad_subtreeSpecification;
/* subschema subentry attribute descriptions */
- AttributeDescription *si_ad_ditStructureRules;
- AttributeDescription *si_ad_ditContentRules;
- AttributeDescription *si_ad_nameForms;
- AttributeDescription *si_ad_objectClasses;
AttributeDescription *si_ad_attributeTypes;
+ AttributeDescription *si_ad_ditContentRules;
+ AttributeDescription *si_ad_ditStructureRules;
AttributeDescription *si_ad_ldapSyntaxes;
AttributeDescription *si_ad_matchingRules;
AttributeDescription *si_ad_matchingRuleUse;
+ AttributeDescription *si_ad_nameForms;
+ AttributeDescription *si_ad_objectClasses;
/* Aliases & Referrals */
AttributeDescription *si_ad_aliasedObjectName;
Syntax *si_syn_distinguishedName;
Syntax *si_syn_integer;
Syntax *si_syn_octetString;
+
+ /* Schema Syntaxes */
+ Syntax *si_syn_attributeTypeDesc;
+ Syntax *si_syn_ditContentRuleDesc;
+ Syntax *si_syn_ditStructureRuleDesc;
+ Syntax *si_syn_ldapSyntaxDesc;
+ Syntax *si_syn_matchingRuleDesc;
+ Syntax *si_syn_matchingRuleUseDesc;
+ Syntax *si_syn_nameFormDesc;
+ Syntax *si_syn_objectClassDesc;
};
typedef struct slap_attr_assertion {
struct berval sa_final;
} SubstringsAssertion;
+#ifdef LDAP_COMP_MATCH
+struct slap_component_filter;
+#endif
+
typedef struct slap_mr_assertion {
MatchingRule *ma_rule; /* optional */
struct berval ma_rule_text; /* optional */
AttributeDescription *ma_desc; /* optional */
int ma_dnattrs; /* boolean */
struct berval ma_value; /* required */
+#ifdef LDAP_COMP_MATCH
+ struct slap_component_filter* cf;
+#endif
} MatchingRuleAssertion;
/*
unsigned a_flags;
#define SLAP_ATTR_IXADD 0x1U
#define SLAP_ATTR_IXDEL 0x2U
+#ifdef LDAP_COMP_MATCH
+ void* component_values;
+#endif
} Attribute;
LDAP_SLAPD_V (int) nBackendDB;
LDAP_SLAPD_V (BackendInfo *) backendInfo;
LDAP_SLAPD_V (BackendDB *) backendDB;
+LDAP_SLAPD_V (BackendDB *) frontendDB;
LDAP_SLAPD_V (int) slapMode;
#define SLAP_UNDEFINED_MODE 0x0000
int lms_s_pr_total;
};
+/* Note: this is different from LDAP_NO_LIMIT (0); slapd internal use only */
+#define SLAP_NO_LIMIT -1
+#define SLAP_MAX_LIMIT 2147483647
+
struct slap_limits {
unsigned lm_flags; /* type of pattern */
#define SLAP_LIMITS_UNDEFINED 0x0000U
char **si_attrs;
int si_type;
time_t si_interval;
+ time_t *si_retryinterval;
+ int *si_retrynum_init;
+ int *si_retrynum;
struct sync_cookie si_syncCookie;
int si_manageDSAit;
int si_slimit;
LDAP_STAILQ_ENTRY( syncinfo_s ) si_next;
} syncinfo_t;
+LDAP_TAILQ_HEAD( be_pcl, slap_csn_entry );
+
struct slap_backend_db {
BackendInfo *bd_info; /* pointer to shared backend info */
#define SLAP_RESTRICT_OP_MODIFY 0x0020U
#define SLAP_RESTRICT_OP_RENAME 0x0040U
#define SLAP_RESTRICT_OP_SEARCH 0x0080U
+#define SLAP_RESTRICT_OP_MASK 0x00FFU
+
+#define SLAP_RESTRICT_READONLY 0x80000000U
+
+#define SLAP_RESTRICT_EXOP_START_TLS 0x0100U
+#define SLAP_RESTRICT_EXOP_MODIFY_PASSWD 0x0200U
+#define SLAP_RESTRICT_EXOP_WHOAMI 0x0400U
+#define SLAP_RESTRICT_EXOP_CANCEL 0x0800U
+#define SLAP_RESTRICT_EXOP_MASK 0xFF00U
#define SLAP_RESTRICT_OP_READS \
( SLAP_RESTRICT_OP_COMPARE \
char *be_replogfile; /* replication log file (in master) */
struct berval be_update_ndn; /* allowed to make changes (in replicas) */
BerVarray be_update_refs; /* where to refer modifying clients to */
- LDAP_TAILQ_HEAD( be_pcl, slap_csn_entry ) be_pending_csn_list;
+ struct be_pcl *be_pending_csn_list;
ldap_pvt_thread_mutex_t be_pcl_mutex;
+ ldap_pvt_thread_mutex_t *be_pcl_mutexp;
struct berval be_context_csn;
- ldap_pvt_thread_mutex_t be_context_csn_mutex;
LDAP_STAILQ_HEAD( be_si, syncinfo_s ) be_syncinfo; /* For syncrepl */
char *be_realm;
struct berval rb_cred;
struct berval rb_edn;
slap_ssf_t rb_ssf;
+ struct berval rb_tmp_mech; /* FIXME: temporary */
} req_bind_s;
typedef struct req_search_s {
typedef struct req_modify_s {
Modifications *rs_modlist;
+ int rs_increment; /* FIXME: temporary */
} req_modify_s;
typedef struct req_modrdn_s {
typedef struct req_add_s {
Entry *rs_e;
+ Modifications *rs_modlist; /* FIXME: temporary */
} req_add_s;
typedef struct req_abandon_s {
typedef struct rep_search_s {
Entry *r_entry;
+ slap_mask_t r_attr_flags;
+#define SLAP_ATTRS_UNDEFINED (0x00U)
+#define SLAP_OPATTRS_NO (0x01U)
+#define SLAP_OPATTRS_YES (0x02U)
+#define SLAP_USERATTRS_NO (0x10U)
+#define SLAP_USERATTRS_YES (0x20U)
+#define SLAP_OPATTRS_MASK(f) ( (f) & (SLAP_OPATTRS_NO|SLAP_OPATTRS_YES) )
+#define SLAP_OPATTRS(f) ( ( (f) & SLAP_OPATTRS_YES ) == SLAP_OPATTRS_YES )
+#define SLAP_USERATTRS_MASK(f) ( (f) & (SLAP_USERATTRS_NO|SLAP_USERATTRS_YES) )
+#define SLAP_USERATTRS(f) ( ( (f) & SLAP_USERATTRS_YES ) == SLAP_USERATTRS_YES )
+ Attribute *r_operational_attrs;
AttributeName *r_attrs;
int r_nentries;
BerVarray r_v2ref;
/* short hands for response members */
#define sr_attrs sr_un.sru_search.r_attrs
#define sr_entry sr_un.sru_search.r_entry
+#define sr_operational_attrs sr_un.sru_search.r_operational_attrs
+#define sr_attr_flags sr_un.sru_search.r_attr_flags
#define sr_v2ref sr_un.sru_search.r_v2ref
#define sr_nentries sr_un.sru_search.r_nentries
#define sr_rspoid sr_un.sru_extended.r_rspoid
LDAP_P(( struct slap_op *op, Entry *e, int rw ));
typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
ObjectClass *oc, AttributeDescription *at, int rw, Entry **e ));
-typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs,
- int opattrs, Attribute **ap ));
+typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op,
Entry *e, int *hasSubs ));
BI_op_extended *bi_extended;
/* Auxilary Functions */
+ BI_operational *bi_operational;
BI_chk_referrals *bi_chk_referrals;
BI_entry_get_rw *bi_entry_get_rw;
BI_entry_release_rw *bi_entry_release_rw;
- BI_operational *bi_operational;
BI_has_subordinates *bi_has_subordinates;
BI_connection_init *bi_connection_init;
BI_connection_destroy *bi_connection_destroy;
/* hooks for slap tools */
- BI_tool_entry_open *bi_tool_entry_open;
- BI_tool_entry_close *bi_tool_entry_close;
- BI_tool_entry_first *bi_tool_entry_first;
- BI_tool_entry_next *bi_tool_entry_next;
- BI_tool_entry_get *bi_tool_entry_get;
- BI_tool_entry_put *bi_tool_entry_put;
+ BI_tool_entry_open *bi_tool_entry_open;
+ BI_tool_entry_close *bi_tool_entry_close;
+ BI_tool_entry_first *bi_tool_entry_first;
+ BI_tool_entry_next *bi_tool_entry_next;
+ BI_tool_entry_get *bi_tool_entry_get;
+ BI_tool_entry_put *bi_tool_entry_put;
BI_tool_entry_reindex *bi_tool_entry_reindex;
- BI_tool_sync *bi_tool_sync;
- BI_tool_dn2id_get *bi_tool_dn2id_get;
+ BI_tool_sync *bi_tool_sync;
+ BI_tool_dn2id_get *bi_tool_dn2id_get;
BI_tool_id2entry_get *bi_tool_id2entry_get;
BI_tool_entry_modify *bi_tool_entry_modify;
slap_mask_t bi_flags; /* backend flags */
#define SLAP_BFLAG_MONITOR 0x0001U /* a monitor backend */
+#define SLAP_BFLAG_NOLASTMODCMD 0x0010U
#define SLAP_BFLAG_INCREMENT 0x0100U
#define SLAP_BFLAG_ALIASES 0x1000U
#define SLAP_BFLAG_REFERRALS 0x2000U
#define SLAP_REFERRALS(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_REFERRALS)
#define SLAP_SUBENTRIES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_SUBENTRIES)
#define SLAP_DYNAMIC(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC)
+#define SLAP_NOLASTMODCMD(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_NOLASTMODCMD)
+#define SLAP_LASTMODCMD(be) (!SLAP_NOLASTMODCMD(be))
char **bi_controls; /* supported controls */
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
+#define SLAP_CB_FREEME 0x4000
#define SLAP_CB_CONTINUE 0x8000
/*
#define orb_cred oq_bind.rb_cred
#define orb_edn oq_bind.rb_edn
#define orb_ssf oq_bind.rb_ssf
+#define orb_tmp_mech oq_bind.rb_tmp_mech
#define ors_scope oq_search.rs_scope
#define ors_deref oq_search.rs_deref
#define orc_ava oq_compare.rs_ava
#define ora_e oq_add.rs_e
+#define ora_modlist oq_add.rs_modlist
#define orn_msgid oq_abandon.rs_msgid
#define orm_modlist oq_modify.rs_modlist
+#define orm_increment oq_modify.rs_increment
#define ore_reqoid oq_extended.rs_reqoid
#define ore_reqdata oq_extended.rs_reqdata
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+#define SLAP_IGNORED_CONTROL -1
#define SLAP_NO_CONTROL 0
#define SLAP_NONCRITICAL_CONTROL 1
#define SLAP_CRITICAL_CONTROL 2
#if defined(LDAP_DEVEL) && defined(ENABLE_REWRITE)
/* use librewrite for sasl-regexp */
-#define SLAP_SASL_REWRITE 1
+#define SLAP_AUTH_REWRITE 1
#endif /* LDAP_DEVEL && ENABLE_REWRITE */
+#ifdef LDAP_COMP_MATCH
+/*
+ * Extensible Filter Definition
+ *
+ * MatchingRuleAssertion := SEQUENCE {
+ * matchingRule [1] MatchingRuleId OPTIONAL,
+ * type [2] AttributeDescription OPTIONAL,
+ * matchValue [3] AssertionValue,
+ * dnAttributes [4] BOOLEAN DEFAULT FALSE }
+ *
+ * Following ComponentFilter is contained in matchValue
+ *
+ * ComponentAssertion ::= SEQUENCE {
+ * component ComponentReference (SIZE(1..MAX)) OPTIONAL
+ * useDefaultValues BOOLEAN DEFAULT TRUE,
+ * rule MATCHING-RULE.&id,
+ * value MATCHING-RULE.&AssertionType }
+ *
+ * ComponentFilter ::= CHOICE {
+ * item [0] ComponentAssertion,
+ * and [1] SEQUENCE OF ComponentFilter,
+ * or [2] SEQUENCE OF ComponentFilter,
+ * not [3] ComponentFilter }
+ */
+
+#define LDAP_COMPREF_IDENTIFIER ((ber_tag_t) 0x80U)
+#define LDAP_COMPREF_FROM_BEGINNING ((ber_tag_t) 0x81U)
+#define LDAP_COMPREF_COUNT ((ber_tag_t) 0x82U)
+#define LDAP_COMPREF_FROM_END ((ber_tag_t) 0x83U)
+#define LDAP_COMPREF_CONTENT ((ber_tag_t) 0x84U)
+#define LDAP_COMPREF_SELECT ((ber_tag_t) 0x85U)
+#define LDAP_COMPREF_ALL ((ber_tag_t) 0x86U)
+#define LDAP_COMPREF_DEFINED ((ber_tag_t) 0x87U)
+#define LDAP_COMPREF_UNDEFINED ((ber_tag_t) 0x88U)
+
+#define LDAP_COMP_FILTER_AND ((ber_tag_t) 0xa0U)
+#define LDAP_COMP_FILTER_OR ((ber_tag_t) 0xa1U)
+#define LDAP_COMP_FILTER_NOT ((ber_tag_t) 0xa2U)
+#define LDAP_COMP_FILTER_ITEM ((ber_tag_t) 0xa3U)
+#define LDAP_COMP_FILTER_UNDEFINED ((ber_tag_t) 0xa4U)
+
+typedef struct slap_component_id{
+ int ci_type;
+ struct slap_component_id *ci_next;
+
+ union comp_id_value{
+ BerValue ci_identifier;
+ ber_int_t ci_from_beginning;
+ ber_int_t ci_count;
+ ber_int_t ci_from_end;
+ BerValue ci_select_value;
+ char ci_all;
+ } ci_val;
+} ComponentId;
+
+typedef struct slap_component_reference {
+ ComponentId *cr_list;
+ ComponentId *cr_curr;
+ struct berval cr_string;
+ int cr_len;
+} ComponentReference;
+
+typedef struct slap_component_assertion {
+ ComponentReference *ca_comp_ref;
+ ber_int_t ca_use_def;
+ MatchingRule *ca_ma_rule;
+ struct berval ca_ma_value;
+ struct slap_component_filter *ca_cf;
+ MatchingRuleAssertion *ca_mra;
+} ComponentAssertion;
+
+typedef struct slap_component_filter {
+ ber_tag_t cf_choice;
+ union cf_un_u {
+ ber_int_t cf_un_result;
+ ComponentAssertion *cf_un_ca;
+ struct slap_component_filter *cf_un_complex;
+ } cf_un;
+
+#define cf_ca cf_un.cf_un_ca
+#define cf_result cf_un.cf_un_result
+#define cf_and cf_un.cf_un_complex
+#define cf_or cf_un.cf_un_complex
+#define cf_not cf_un.cf_un_complex
+
+ struct slap_component_filter *cf_next;
+} ComponentFilter;
+
+typedef struct slap_component_assertion_value {
+ char* cav_buf;
+ char* cav_ptr;
+ char* cav_end;
+} ComponentAssertionValue;
+
+#include "asn.h"
+
+typedef int encoder_func LDAP_P((
+ void* b,
+ void* comp));
+
+struct slap_component_syntax_info;
+
+typedef int decoder_func LDAP_P((
+ void* b,
+ struct slap_component_syntax_info** comp_syn_info,
+ unsigned int* len,
+ int mode));
+
+typedef void* extract_component_from_tag_func LDAP_P((
+ int *tag));
+
+typedef void* extract_component_from_id_func LDAP_P((
+ ComponentReference* cr,
+ void* comp ));
+
+typedef int allcomponent_matching_func LDAP_P((
+ char* oid,
+ void* component1,
+ void* component2 ));
+
+typedef struct slap_component_desc{
+ int cd_tag;
+ ComponentId* cd_identifier;
+ encoder_func *cd_encoder;
+ decoder_func *cd_decoder;
+ extract_component_from_tag_func* cd_extract_t;
+ extract_component_from_id_func* cd_extract_i;
+ AsnType cd_type;
+ AsnTypeId cd_type_id;
+ allcomponent_matching_func* cd_all_match;
+} ComponentDesc;
+
+typedef struct slap_component_syntax_info {
+ Syntax* csi_syntax;
+ ComponentDesc* csi_comp_desc;
+} ComponentSyntaxInfo;
+
+typedef struct asntype_to_matchingrule {
+ AsnTypeId atmr_typeId;
+ char* atmr_mr_name;
+ MatchingRule *atmr_mr;
+} AsnTypetoMatchingRule;
+
+typedef struct asntype_to_matchingrule_table {
+ char* atmr_oid;
+ struct asntype_to_matchingrule atmr_table[ASNTYPE_END];
+ struct asntype_to_matchingrule_table* atmr_table_next;
+} AsnTypetoMatchingRuleTable;
+
+#endif
LDAP_END_DECL
#include "proto-slap.h"