/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2008 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#define LDAP_COLLECTIVE_ATTRIBUTES
#define LDAP_COMP_MATCH
#define LDAP_SYNC_TIMESTAMP
-#define SLAP_CONTROL_X_SORTEDRESULTS
#define SLAP_CONTROL_X_SESSION_TRACKING
#define SLAP_CONTROL_X_WHATFAILED
#define SLAP_CONFIG_DELETE
#define SLAP_AD_PROXIED 0x01U
#define SLAP_AD_NOINSERT 0x02U
+#define SLAP_AN_OCEXCLUDE 0x01
+#define SLAP_AN_OCINITED 0x02
+
struct AttributeName {
struct berval an_name;
AttributeDescription *an_desc;
- int an_oc_exclude;
+ int an_flags;
ObjectClass *an_oc;
};
struct AccessControl *acl_next;
} AccessControl;
-typedef enum {
- ACL_STATE_NOT_RECORDED = 0x0,
- ACL_STATE_RECORDED_VD = 0x1,
- ACL_STATE_RECORDED_NV = 0x2,
- ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV )
-} slap_acl_state_t;
-
typedef struct AccessControlState {
/* Access state */
- AccessControl *as_vi_acl;
- AccessControl *as_vd_acl;
- AttributeDescription *as_vd_ad;
+ /* The stored state is valid when requesting as_access access
+ * to the as_desc attributes. */
+ AttributeDescription *as_desc;
+ slap_access_t as_access;
- slap_acl_state_t as_recorded;
+ /* Value dependent acl where processing can restart */
+ AccessControl *as_vd_acl;
int as_vd_acl_count;
+ slap_mask_t as_vd_mask;
+
+ /* The cached result after evaluating a value independent attr.
+ * Only valid when != -1 and as_vd_acl == NULL */
int as_result;
+
+ /* True if started to process frontend ACLs */
int as_fe_done;
} AccessControlState;
-#define ACL_STATE_INIT { NULL, NULL, NULL, \
- ACL_STATE_NOT_RECORDED, 0, 0, 0 }
+#define ACL_STATE_INIT { NULL, ACL_NONE, NULL, 0, ACL_PRIV_NONE, -1, 0 }
typedef struct AclRegexMatches {
int dn_count;
char *sb_tls_cacertdir;
char *sb_tls_reqcert;
char *sb_tls_cipher_suite;
+ char *sb_tls_protocol_min;
#ifdef HAVE_OPENSSL_CRL
char *sb_tls_crlcheck;
#endif
BerVarray sr_ref;
LDAPControl **sr_ctrls;
union sr_u {
+ rep_search_s sru_search;
rep_sasl_s sru_sasl;
rep_extended_s sru_extended;
- rep_search_s sru_search;
} sr_un;
slap_mask_t sr_flags;
#define REP_ENTRY_MODIFIABLE 0x0001U
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
-#define SLAP_CB_FREEME 0x04000
#define SLAP_CB_BYPASS 0x08800
#define SLAP_CB_CONTINUE 0x08000
struct slap_csn_entry {
struct berval ce_csn;
+ int ce_sid;
unsigned long ce_opid;
unsigned long ce_connid;
#define SLAP_CSN_PENDING 1
#define send_ldap_intermediate( op, rs ) \
((op)->o_conn->c_send_ldap_intermediate)( op, rs )
-typedef struct slap_listener Listener;
+typedef struct Listener Listener;
/*
* represents a connection from an ldap client
BerElement *c_currentber; /* ber we're attempting to read */
int c_writers; /* number of writers waiting */
+ char c_writing; /* someone is writing */
char c_sasl_bind_in_progress; /* multi-op bind in progress */
char c_writewaiter; /* true if blocked on write */
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
+ lutil_debug( ldap_debug, (level), (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
#endif /* !LDAP_SYSLOG */
/*
* listener; need to access it from monitor backend
*/
-struct slap_listener {
+struct Listener {
struct berval sl_url;
struct berval sl_name;
mode_t sl_perms;
ber_socket_t sl_sd;
Sockaddr sl_sa;
#define sl_addr sl_sa.sa_in_addr
+#ifdef LDAP_DEVEL
+#define LDAP_TCP_BUFFER
+#endif
+#ifdef LDAP_TCP_BUFFER
+ int sl_tcp_rmem; /* custom TCP read buffer size */
+ int sl_tcp_wmem; /* custom TCP write buffer size */
+#endif
};
/*