/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Copyright 1998-2013 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
LDAP_BEGIN_DECL
-#ifdef LDAP_DEVEL
#define LDAP_COLLECTIVE_ATTRIBUTES
#define LDAP_COMP_MATCH
#define LDAP_SYNC_TIMESTAMP
-#define SLAP_CONTROL_X_SESSION_TRACKING
#define SLAP_CONTROL_X_WHATFAILED
#define SLAP_CONFIG_DELETE
+#define SLAP_AUXPROP_DONTUSECOPY
+#ifndef SLAP_SCHEMA_EXPOSE
+#define SLAP_SCHEMA_EXPOSE
#endif
#define LDAP_DYNAMIC_OBJECTS
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
+#define SLAP_CONTROL_X_SESSION_TRACKING
#define SLAP_DISTPROC
#ifdef ENABLE_REWRITE
# define SLAP_STRING_UNKNOWN "unknown"
#endif /* ! TCP Wrappers */
-/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h!
- * This is a value used internally by the backends. It is needed to allow
- * adding values that already exist without getting an error as required by
- * modrdn when the new rdn was already an attribute value itself.
+/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h! */
+/* These values are used internally by the backends. */
+/* SLAP_MOD_SOFTADD allows adding values that already exist without getting
+ * an error as required by modrdn when the new rdn was already an attribute
+ * value itself.
+ */
+#define SLAP_MOD_SOFTADD 0x1000
+/* SLAP_MOD_SOFTDEL allows deleting values if they exist without getting
+ * an error otherwise.
+ */
+#define SLAP_MOD_SOFTDEL 0x1001
+/* SLAP_MOD_ADD_IF_NOT_PRESENT allows adding values unless the attribute
+ * is already present without getting an error.
+ */
+#define SLAP_MOD_ADD_IF_NOT_PRESENT 0x1002
+/* SLAP_MOD_DEL_IF_PRESENT allows deleting values if the attribute
+ * is present, without getting an error otherwise.
+ * The semantics can be obtained using SLAP_MOD_SOFTDEL with NULL values.
*/
-#define SLAP_MOD_SOFTADD 0x1000
#define MAXREMATCHES (100)
#define SLAP_TEXT_BUFLEN (256)
-/* psuedo error code indicating abandoned operation */
+/* pseudo error code indicating abandoned operation */
#define SLAPD_ABANDON (-1024)
-/* psuedo error code indicating disconnect */
+/* pseudo error code indicating disconnect */
#define SLAPD_DISCONNECT (-1025)
/* unknown config file directive */
#define SLAP_SYNTAX_BLOB 0x0001U /* syntax treated as blob (audio) */
#define SLAP_SYNTAX_BINARY 0x0002U /* binary transfer required (certificate) */
#define SLAP_SYNTAX_BER 0x0004U /* stored in BER encoding (certificate) */
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_SYNTAX_HIDE 0x0000U /* publish everything */
#else
#define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */
#endif
#define SLAP_SYNTAX_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_SYNTAX_DN 0x20000U /* Treat like a DN */
Syntax **ssyn_sups;
slap_mask_t smr_usage;
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_MR_HIDE 0x0000U
#else
#define SLAP_MR_HIDE 0x8000U
#define SLAP_AT_NONE 0x0000U
#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */
#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_AT_HIDE 0x0000U /* publish everything */
#else
#define SLAP_AT_HIDE 0x8000U /* hide attribute */
#define SLAP_OC__MASK 0x00FF
#define SLAP_OC__END 0x0100
#define SLAP_OC_OPERATIONAL 0x4000
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_OC_HIDE 0x0000
#else
#define SLAP_OC_HIDE 0x8000
#define SLAP_DESC_BINARY 0x01U
#define SLAP_DESC_TAG_RANGE 0x80U
#define SLAP_DESC_TEMPORARY 0x1000U
+ unsigned ad_index;
};
/* flags to slap_*2undef_ad to register undefined (0, the default)
ACL_STYLE_SELF,
ACL_STYLE_IP,
ACL_STYLE_IPV6,
- ACL_STYLE_PATH
+ ACL_STYLE_PATH,
+
+ ACL_STYLE_NONE
} slap_style_t;
typedef struct AuthorizationInformation {
/* Value dependent acl where processing can restart */
AccessControl *as_vd_acl;
+ int as_vd_acl_present;
int as_vd_acl_count;
slap_mask_t as_vd_mask;
/* True if started to process frontend ACLs */
int as_fe_done;
} AccessControlState;
-#define ACL_STATE_INIT { NULL, ACL_NONE, NULL, 0, ACL_PRIV_NONE, -1, 0 }
+#define ACL_STATE_INIT { NULL, ACL_NONE, NULL, 0, 0, ACL_PRIV_NONE, -1, 0 }
typedef struct AclRegexMatches {
int dn_count;
#define SLAP_TOOL_READONLY 0x0400
#define SLAP_TOOL_QUICK 0x0800
#define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000
+#define SLAP_TOOL_VALUE_CHECK 0x2000
+
+#define SLAP_SERVER_RUNNING 0x8000
#define SB_TLS_DEFAULT (-1)
#define SB_TLS_OFF 0
#define SB_TLS_ON 1
#define SB_TLS_CRITICAL 2
+typedef struct slap_keepalive {
+ int sk_idle;
+ int sk_probes;
+ int sk_interval;
+} slap_keepalive;
+
typedef struct slap_bindconf {
struct berval sb_uri;
int sb_version;
struct berval sb_realm;
struct berval sb_authcId;
struct berval sb_authzId;
+ slap_keepalive sb_keepalive;
#ifdef HAVE_TLS
void *sb_tls_ctx;
char *sb_tls_cert;
void *aux;
} slap_cf_aux_table;
+typedef int
+slap_cf_aux_table_parse_x LDAP_P((
+ struct berval *val,
+ void *bc,
+ slap_cf_aux_table *tab0,
+ const char *tabmsg,
+ int unparse ));
+
#define SLAP_LIMIT_TIME 1
#define SLAP_LIMIT_SIZE 2
#define SLAP_SYNC_RID_MAX 999
#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
+
+/* fake conn connid constructed as rid; real connids start
+ * at SLAPD_SYNC_CONN_OFFSET */
+#define SLAPD_SYNC_SYNCCONN_OFFSET (SLAP_SYNC_RID_MAX + 1)
+#define SLAPD_SYNC_IS_SYNCCONN(connid) ((connid) < SLAPD_SYNC_SYNCCONN_OFFSET)
+#define SLAPD_SYNC_RID2SYNCCONN(rid) (rid)
+
#define SLAP_SYNCUUID_SET_SIZE 256
struct sync_cookie {
- struct berval *ctxcsn;
- struct berval octet_str;
+ BerVarray ctxcsn;
+ int *sids;
+ int numcsns;
int rid;
+ struct berval octet_str;
int sid;
- int numcsns;
- int *sids;
LDAP_STAILQ_ENTRY(sync_cookie) sc_next;
};
#define be_entry_open bd_info->bi_tool_entry_open
#define be_entry_close bd_info->bi_tool_entry_close
#define be_entry_first bd_info->bi_tool_entry_first
+#define be_entry_first_x bd_info->bi_tool_entry_first_x
#define be_entry_next bd_info->bi_tool_entry_next
#define be_entry_reindex bd_info->bi_tool_entry_reindex
#define be_entry_get bd_info->bi_tool_entry_get
#define SLAP_DBFLAG_CLEAN 0x10000U /* was cleanly shutdown */
#define SLAP_DBFLAG_ACL_ADD 0x20000U /* check attr ACLs on adds */
#define SLAP_DBFLAG_SYNC_SUBENTRY 0x40000U /* use subentry for context */
+#define SLAP_DBFLAG_MULTI_SHADOW 0x80000U /* uses mirrorMode/multi-master */
+#define SLAP_DBFLAG_DISABLED 0x100000U
slap_mask_t be_flags;
#define SLAP_DBFLAGS(be) ((be)->be_flags)
#define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD)
#define SLAP_LASTMOD(be) (!SLAP_NOLASTMOD(be))
#define SLAP_DBHIDDEN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_HIDDEN)
+#define SLAP_DBDISABLED(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_DISABLED)
#define SLAP_DB_ONE_SUFFIX(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ONE_SUFFIX)
#define SLAP_ISOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_OVERLAY)
#define SLAP_ISGLOBALOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_GLOBAL_OVERLAY)
#define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW)
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
-#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
+#define SLAP_MULTIMASTER(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MULTI_SHADOW)
#define SLAP_DBCLEAN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_CLEAN)
#define SLAP_DBACL_ADD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ACL_ADD)
#define SLAP_SYNC_SUBENTRY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SUBENTRY)
struct slap_limits **be_limits; /* regex-based size and time limits */
AccessControl *be_acl; /* access control list for this backend */
slap_access_t be_dfltaccess; /* access given if no acl matches */
+ AttributeName *be_extra_anlist; /* attributes that need to be added to search requests (ITS#6513) */
/* Replica Information */
struct berval be_update_ndn; /* allowed to make changes (in replicas) */
ber_int_t rs_msgid;
} req_abandon_s;
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_EXOP_HIDE 0x0000
#else
#define SLAP_EXOP_HIDE 0x8000
rep_extended_s sru_extended;
} sr_un;
slap_mask_t sr_flags;
-#define REP_ENTRY_MODIFIABLE 0x0001U
-#define REP_ENTRY_MUSTBEFREED 0x0002U
-#define REP_ENTRY_MUSTRELEASE 0x0004U
-#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE)
+#define REP_ENTRY_MODIFIABLE ((slap_mask_t) 0x0001U)
+#define REP_ENTRY_MUSTBEFREED ((slap_mask_t) 0x0002U)
+#define REP_ENTRY_MUSTRELEASE ((slap_mask_t) 0x0004U)
+#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTFLUSH)
+#define REP_ENTRY_MUSTFLUSH (REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE)
-#define REP_MATCHED_MUSTBEFREED 0x0010U
+#define REP_MATCHED_MUSTBEFREED ((slap_mask_t) 0x0010U)
#define REP_MATCHED_MASK (REP_MATCHED_MUSTBEFREED)
-#define REP_REF_MUSTBEFREED 0x0020U
+#define REP_REF_MUSTBEFREED ((slap_mask_t) 0x0020U)
#define REP_REF_MASK (REP_REF_MUSTBEFREED)
-#define REP_CTRLS_MUSTBEFREED 0x0040U
+#define REP_CTRLS_MUSTBEFREED ((slap_mask_t) 0x0040U)
#define REP_CTRLS_MASK (REP_CTRLS_MUSTBEFREED)
-#define REP_NO_ENTRYDN 0x1000U
-#define REP_NO_SUBSCHEMA 0x2000U
+#define REP_NO_ENTRYDN ((slap_mask_t) 0x1000U)
+#define REP_NO_SUBSCHEMA ((slap_mask_t) 0x2000U)
#define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
};
typedef int (BI_tool_entry_open) LDAP_P(( BackendDB *be, int mode ));
typedef int (BI_tool_entry_close) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_entry_first) LDAP_P(( BackendDB *be ));
+typedef ID (BI_tool_entry_first_x) LDAP_P(( BackendDB *be, struct berval *base, int scope, Filter *f ));
typedef ID (BI_tool_entry_next) LDAP_P(( BackendDB *be ));
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
/* hooks for slap tools */
BI_tool_entry_open *bi_tool_entry_open;
BI_tool_entry_close *bi_tool_entry_close;
- BI_tool_entry_first *bi_tool_entry_first;
+ BI_tool_entry_first *bi_tool_entry_first; /* deprecated */
+ BI_tool_entry_first_x *bi_tool_entry_first_x;
BI_tool_entry_next *bi_tool_entry_next;
BI_tool_entry_get *bi_tool_entry_get;
BI_tool_entry_put *bi_tool_entry_put;
#define SLAPO_BFLAG_SINGLE 0x01000000U
#define SLAPO_BFLAG_DBONLY 0x02000000U
#define SLAPO_BFLAG_GLOBONLY 0x04000000U
+#define SLAPO_BFLAG_DISABLED 0x08000000U
#define SLAPO_BFLAG_MASK 0xFF000000U
#define SLAP_BFLAGS(be) ((be)->bd_info->bi_flags)
#define SLAPO_SINGLE(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_SINGLE)
#define SLAPO_DBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DBONLY)
#define SLAPO_GLOBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_GLOBONLY)
+#define SLAPO_DISABLED(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DISABLED)
char **bi_controls; /* supported controls */
char bi_ctrls[SLAP_MAX_CIDS + 1];
void *c_sasl_authctx; /* SASL authentication context */
void *c_sasl_sockctx; /* SASL security layer context */
void *c_sasl_extra; /* SASL session extra stuff */
+ void *c_sasl_cbind; /* SASL channel binding */
Operation *c_sasl_bindop; /* set to current op if it's a bind */
#ifdef LDAP_X_TXN
ber_socket_t sl_sd;
Sockaddr sl_sa;
#define sl_addr sl_sa.sa_in_addr
-#ifdef LDAP_DEVEL
#define LDAP_TCP_BUFFER
-#endif
#ifdef LDAP_TCP_BUFFER
int sl_tcp_rmem; /* custom TCP read buffer size */
int sl_tcp_wmem; /* custom TCP write buffer size */
/* number of response controls supported */
#define SLAP_MAX_RESPONSE_CONTROLS 6
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SCHEMA_EXPOSE
#define SLAP_CTRL_HIDE 0x00000000U
#else
#define SLAP_CTRL_HIDE 0x80000000U
#define SLAP_SLAB_SIZE (1024*1024)
#define SLAP_SLAB_STACK 1
-#define SLAP_SLAB_SOBLOCK 64
#define SLAP_ZONE_ALLOC 1
#undef SLAP_ZONE_ALLOC
#endif /* LDAP_COMP_MATCH */
-/* slab heap data structures */
-
-struct slab_object {
- void *so_ptr;
- int so_blockhead;
- LDAP_LIST_ENTRY(slab_object) so_link;
-};
-
-struct slab_heap {
- void *sh_base;
- void *sh_last;
- void *sh_end;
- int sh_stack;
- int sh_maxorder;
- unsigned char **sh_map;
- LDAP_LIST_HEAD( sh_freelist, slab_object ) *sh_free;
- LDAP_LIST_HEAD( sh_so, slab_object ) sh_sopool;
-};
-
#ifdef SLAP_ZONE_ALLOC
#define SLAP_ZONE_SIZE 0x80000 /* 512KB */
#define SLAP_ZONE_SHIFT 19