/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
LDAP_BEGIN_DECL
-#ifdef LDAP_DEVEL
#define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */
-#define SLAP_MULTI_CONN_ARRAY
#ifdef LDAP_PVT_THREAD_POOL_SEM_LOAD_CONTROL
#define SLAP_SEM_LOAD_CONTROL
-#endif /* LDAP_PVT_THREAD_POOL_SEM_LOAD_CONTROL */
+#endif
-#define SLAP_ACL_HONOR_DISCLOSE /* partially implemented */
-#define SLAP_ACL_HONOR_MANAGE /* not yet implemented */
-#define SLAP_OVERLAY_ACCESS
+#ifdef LDAP_DEVEL
+#define LDAP_COLLECTIVE_ATTRIBUTES
#define LDAP_COMP_MATCH
-#define LDAP_DYNAMIC_OBJECTS
#define LDAP_SYNC_TIMESTAMP
-#define LDAP_COLLECTIVE_ATTRIBUTES
-#define SLAPD_CONF_UNKNOWN_BAILOUT
-#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
+#define SLAP_SORTEDRESULTS
+#endif
-#define SLAP_ORDERED_PRETTYNORM
-#define SLAP_AUTHZ_SYNTAX
+#define LDAP_DYNAMIC_OBJECTS
+#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
+#define SLAP_DISTPROC
#ifdef ENABLE_REWRITE
#define SLAP_AUTH_REWRITE 1 /* use librewrite for sasl-regexp */
#endif
-#endif
-
-#if defined(LDAP_SLAPI) && !defined(SLAP_OVERLAY_ACCESS)
-#define SLAP_OVERLAY_ACCESS
-#endif
-
-/*
- * ITS#3705: bail out if unknown config directives appear in slapd.conf
- */
-#ifdef SLAPD_CONF_UNKNOWN_BAILOUT
-#define SLAPD_CONF_UNKNOWN_IGNORED ""
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_ANY
-#else /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
-#define SLAPD_CONF_UNKNOWN_IGNORED " (ignored)"
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_CONFIG
-#endif /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
/*
* SLAPD Memory allocation macros
* on normalized/pretty DN, such that ';' is never used
* as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c) ((c) == ',')
-#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
+#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
#define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"')
typedef struct slap_matching_rule {
LDAPMatchingRule smr_mrule;
MatchingRuleUse *smr_mru;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smr_str;
/*
* Note: the former
struct slap_matching_rule_use {
LDAPMatchingRuleUse smru_mruleuse;
MatchingRule *smru_mr;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smru_str;
LDAP_SLIST_ENTRY(slap_matching_rule_use) smru_next;
#define SLAP_AT_ORDERED 0x0003U /* value has order index */
#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_DELETED 0x20000U
slap_mask_t sat_flags;
#define SLAP_OC_HIDE 0x8000
#endif
#define SLAP_OC_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_OC_DELETED 0x20000U
/*
* DIT content rule
#define SLAP_DESC_NONE 0x00U
#define SLAP_DESC_BINARY 0x01U
#define SLAP_DESC_TAG_RANGE 0x80U
+#define SLAP_DESC_TEMPORARY 0x1000U
} AttributeDescription;
/* flags to slap_*2undef_ad to register undefined (0, the default)
#ifdef SLAPD_AUTHPASSWD
AttributeDescription *si_ad_authPassword;
AttributeDescription *si_ad_authPasswordSchemes;
-#endif
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- AttributeDescription *si_ad_krbName;
#endif
AttributeDescription *si_ad_description;
AttributeDescription *si_ad_seeAlso;
*/
typedef struct slap_filter {
ber_tag_t f_choice; /* values taken from ldap.h, plus: */
-#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
-#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
-#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
-#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
+#define SLAPD_FILTER_COMPUTED 0
+#define SLAPD_FILTER_MASK 0x7fff
+#define SLAPD_FILTER_UNDEFINED 0x8000
union f_un_u {
/* precomputed result */
ber_int_t f_un_result;
- /* DN */
- struct berval *f_un_dn;
-
/* present */
AttributeDescription *f_un_desc;
/* matching rule assertion */
MatchingRuleAssertion *f_un_mra;
-#define f_dn f_un.f_un_dn
#define f_desc f_un.f_un_desc
#define f_ava f_un.f_un_ava
#define f_av_desc f_un.f_un_ava->aa_desc
unsigned a_flags;
#define SLAP_ATTR_IXADD 0x1U
#define SLAP_ATTR_IXDEL 0x2U
+#define SLAP_ATTR_DONT_FREE_DATA 0x4U
+#define SLAP_ATTR_DONT_FREE_VALS 0x8U
} Attribute;
typedef unsigned long ID;
#define NOID ((ID)~0)
+typedef struct slap_entry_header {
+ struct berval bv;
+ char *data;
+ int nattrs;
+ int nvals;
+} EntryHeader;
+
/*
* represents an entry in core
*/
ACL_STYLE_USERS,
ACL_STYLE_SELF,
ACL_STYLE_IP,
+ ACL_STYLE_IPV6,
ACL_STYLE_PATH
} slap_style_t;
/* connection related stuff */
slap_style_t a_peername_style;
struct berval a_peername_pat;
+#ifdef LDAP_PF_INET6
+ union {
+ struct in6_addr ax6;
+ unsigned long ax;
+ } ax_peername_addr,
+ ax_peername_mask;
+#define a_peername_addr6 ax_peername_addr.ax6
+#define a_peername_addr ax_peername_addr.ax
+#define a_peername_mask6 ax_peername_mask.ax6
+#define a_peername_mask ax_peername_mask.ax
+/* apparently, only s6_addr is portable;
+ * define a portable address mask comparison */
+#define slap_addr6_mask(val, msk, asr) ( \
+ (((val)->s6_addr[0] & (msk)->s6_addr[0]) == (asr)->s6_addr[0]) \
+ && (((val)->s6_addr[1] & (msk)->s6_addr[1]) == (asr)->s6_addr[1]) \
+ && (((val)->s6_addr[2] & (msk)->s6_addr[2]) == (asr)->s6_addr[2]) \
+ && (((val)->s6_addr[3] & (msk)->s6_addr[3]) == (asr)->s6_addr[3]) \
+ && (((val)->s6_addr[4] & (msk)->s6_addr[4]) == (asr)->s6_addr[4]) \
+ && (((val)->s6_addr[5] & (msk)->s6_addr[5]) == (asr)->s6_addr[5]) \
+ && (((val)->s6_addr[6] & (msk)->s6_addr[6]) == (asr)->s6_addr[6]) \
+ && (((val)->s6_addr[7] & (msk)->s6_addr[7]) == (asr)->s6_addr[7]) \
+ && (((val)->s6_addr[8] & (msk)->s6_addr[8]) == (asr)->s6_addr[8]) \
+ && (((val)->s6_addr[9] & (msk)->s6_addr[9]) == (asr)->s6_addr[9]) \
+ && (((val)->s6_addr[10] & (msk)->s6_addr[10]) == (asr)->s6_addr[10]) \
+ && (((val)->s6_addr[11] & (msk)->s6_addr[11]) == (asr)->s6_addr[11]) \
+ && (((val)->s6_addr[12] & (msk)->s6_addr[12]) == (asr)->s6_addr[12]) \
+ && (((val)->s6_addr[13] & (msk)->s6_addr[13]) == (asr)->s6_addr[13]) \
+ && (((val)->s6_addr[14] & (msk)->s6_addr[14]) == (asr)->s6_addr[14]) \
+ && (((val)->s6_addr[15] & (msk)->s6_addr[15]) == (asr)->s6_addr[15]) \
+ )
+#else /* ! LDAP_PF_INET6 */
unsigned long a_peername_addr,
a_peername_mask;
+#endif /* ! LDAP_PF_INET6 */
int a_peername_port;
slap_style_t a_sockname_style;
} slap_acl_state_t;
typedef struct slap_acl_state {
- slap_acl_state_t as_recorded;
-
/* Access state */
- AccessControl *as_vd_acl;
AccessControl *as_vi_acl;
- slap_mask_t as_vd_acl_mask;
- regmatch_t as_vd_acl_matches[MAXREMATCHES];
- int as_vd_acl_count;
+ AccessControl *as_vd_acl;
+ AttributeDescription *as_vd_ad;
- Access *as_vd_access;
- int as_vd_access_count;
+ slap_acl_state_t as_recorded;
+ int as_vd_acl_count;
int as_result;
- AttributeDescription *as_vd_ad;
} AccessControlState;
-#define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \
- { { 0, 0 } }, 0, NULL, 0, 0, NULL }
+#define ACL_STATE_INIT { NULL, NULL, NULL, \
+ ACL_STATE_NOT_RECORDED, 0, 0 }
/*
* Backend-info
#define SLAP_TOOL_READMAIN 0x0200
#define SLAP_TOOL_READONLY 0x0400
#define SLAP_TOOL_QUICK 0x0800
+#define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000
#define SB_TLS_DEFAULT (-1)
#define SB_TLS_OFF 0
typedef struct slap_bindconf {
struct berval sb_uri;
+ int sb_version;
int sb_tls;
int sb_method;
struct berval sb_binddn;
struct berval sb_realm;
struct berval sb_authcId;
struct berval sb_authzId;
+#ifdef HAVE_TLS
+ void *sb_tls_ctx;
+ char *sb_tls_cert;
+ char *sb_tls_key;
+ char *sb_tls_cacert;
+ char *sb_tls_cacertdir;
+ char *sb_tls_reqcert;
+ char *sb_tls_cipher_suite;
+#ifdef HAVE_OPENSSL_CRL
+ char *sb_tls_crlcheck;
+#endif
+ int sb_tls_do_init;
+#endif
} slap_bindconf;
struct slap_replica_info {
int off;
char type;
char quote;
- slap_verbmasks *aux;
+ void *aux;
} slap_cf_aux_table;
#define SLAP_LIMIT_TIME 1
struct syncinfo_s;
#define SLAP_SYNC_RID_SIZE 3
+#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
#define SLAP_SYNCUUID_SET_SIZE 256
#define SLAP_SYNC_UPDATE_MSGID 1
struct sync_cookie {
- struct berval ctxcsn;
+ struct berval *ctxcsn;
struct berval octet_str;
- long rid;
+ int rid;
+ int numcsns;
+ int *sids;
LDAP_STAILQ_ENTRY(sync_cookie) sc_next;
};
/*
* define to honor hasSubordinates operational attribute in search filters
- * (in previous use there was a flaw with back-bdb and back-ldbm; now it
- * is fixed).
+ * (in previous use there was a flaw with back-bdb; now it is fixed).
*/
#define be_has_subordinates bd_info->bi_has_subordinates
/* Database flags */
#define SLAP_DBFLAG_NOLASTMOD 0x0001U
#define SLAP_DBFLAG_NO_SCHEMA_CHECK 0x0002U
+#define SLAP_DBFLAG_HIDDEN 0x0004U
#define SLAP_DBFLAG_GLUE_INSTANCE 0x0010U /* a glue backend */
#define SLAP_DBFLAG_GLUE_SUBORDINATE 0x0020U /* child of a glue hierarchy */
#define SLAP_DBFLAG_GLUE_LINKED 0x0040U /* child is connected to parent */
#define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */
#define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */
#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */
+#define SLAP_DBFLAG_MONITORING 0x0800U /* custom monitoring enabled */
#define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */
+#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */
slap_mask_t be_flags;
#define SLAP_DBFLAGS(be) ((be)->be_flags)
#define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD)
#define SLAP_LASTMOD(be) (!SLAP_NOLASTMOD(be))
+#define SLAP_DBHIDDEN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_HIDDEN)
#define SLAP_ISOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_OVERLAY)
#define SLAP_ISGLOBALOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_GLOBAL_OVERLAY)
+#define SLAP_DBMONITORING(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MONITORING)
#define SLAP_NO_SCHEMA_CHECK(be) \
(SLAP_DBFLAGS(be) & SLAP_DBFLAG_NO_SCHEMA_CHECK)
#define SLAP_GLUE_INSTANCE(be) \
#define SLAP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SHADOW)
#define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW)
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
+#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
+#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
| SLAP_RESTRICT_OP_BIND \
| SLAP_RESTRICT_OP_EXTENDED )
-#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
+#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
#define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */
#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */
#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */
+#define SLAP_ALLOW_PROXY_AUTHZ_ANON 0x0010U /* allow anonymous proxyAuthz */
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
-#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */
#define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */
#define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */
typedef struct req_modify_s {
Modifications *rs_modlist;
int rs_increment; /* FIXME: temporary */
+ char rs_no_opattrs; /* don't att modify operational attrs */
} req_modify_s;
typedef struct req_modrdn_s {
+ Modifications *rs_modlist;
struct berval rs_newrdn;
struct berval rs_nnewrdn;
struct berval *rs_newSup;
struct berval *rs_nnewSup;
int rs_deleteoldrdn;
- Modifications *rs_modlist;
} req_modrdn_s;
typedef struct req_add_s {
- Entry *rs_e;
Modifications *rs_modlist; /* FIXME: temporary */
+ Entry *rs_e;
} req_add_s;
typedef struct req_abandon_s {
REP_EXTENDED,
REP_SEARCH,
REP_SEARCHREF,
- REP_INTERMEDIATE
+ REP_INTERMEDIATE,
+ REP_GLUE_RESULT
} slap_reply_t;
typedef struct rep_sasl_s {
#define REP_ENTRY_MODIFIABLE 0x0001U
#define REP_ENTRY_MUSTBEFREED 0x0002U
#define REP_ENTRY_MUSTRELEASE 0x0004U
+#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE)
+
#define REP_MATCHED_MUSTBEFREED 0x0010U
-#define REP_REF_MUSTBEFREED 0x0020U
+#define REP_MATCHED_MASK (REP_MATCHED_MUSTBEFREED)
+
+#define REP_REF_MUSTBEFREED 0x0020U
+#define REP_REF_MASK (REP_REF_MUSTBEFREED)
+
+#define REP_NO_ENTRYDN 0x1000U
+#define REP_NO_SUBSCHEMA 0x2000U
+#define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
} SlapReply;
/* short hands for response members */
typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op,
Entry *e, int *hasSubs ));
-#ifdef SLAP_OVERLAY_ACCESS
typedef int (BI_access_allowed) LDAP_P(( struct slap_op *op, Entry *e,
AttributeDescription *desc, struct berval *val, slap_access_t access,
AccessControlState *state, slap_mask_t *maskp ));
typedef int (BI_acl_attribute) LDAP_P(( struct slap_op *op, Entry *target,
struct berval *entry_ndn, AttributeDescription *entry_at,
BerVarray *vals, slap_access_t access ));
-#endif /* SLAP_OVERLAY_ACCESS */
typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, struct slap_conn *c ));
typedef BI_conn_func BI_connection_init;
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id ));
+typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id, AttributeDescription **adv ));
typedef int (BI_tool_sync) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_dn2id_get) LDAP_P(( BackendDB *be, struct berval *dn ));
typedef int (BI_tool_id2entry_get) LDAP_P(( BackendDB *be, ID id, Entry **e ));
BI_entry_release_rw *bi_entry_release_rw;
BI_has_subordinates *bi_has_subordinates;
-#ifdef SLAP_OVERLAY_ACCESS
BI_access_allowed *bi_access_allowed;
BI_acl_group *bi_acl_group;
BI_acl_attribute *bi_acl_attribute;
-#endif /* SLAP_OVERLAY_ACCESS */
BI_connection_init *bi_connection_init;
BI_connection_destroy *bi_connection_destroy;
#define SLAP_BFLAG_SUBENTRIES 0x4000U
#define SLAP_BFLAG_DYNAMIC 0x8000U
+/* overlay specific */
+#define SLAPO_BFLAG_SINGLE 0x01000000U
+#define SLAPO_BFLAG_DBONLY 0x02000000U
+#define SLAPO_BFLAG_GLOBONLY 0x04000000U
+#define SLAPO_BFLAG_MASK 0xFF000000U
+
#define SLAP_BFLAGS(be) ((be)->bd_info->bi_flags)
#define SLAP_MONITOR(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_MONITOR)
#define SLAP_CONFIG(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_CONFIG)
#define SLAP_NOLASTMODCMD(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_NOLASTMODCMD)
#define SLAP_LASTMODCMD(be) (!SLAP_NOLASTMODCMD(be))
+/* overlay specific */
+#define SLAPO_SINGLE(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_SINGLE)
+#define SLAPO_DBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DBONLY)
+#define SLAPO_GLOBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_GLOBONLY)
+
char **bi_controls; /* supported controls */
char bi_ctrls[SLAP_MAX_CIDS + 1];
unsigned int bi_nDB; /* number of databases of this type */
struct ConfigOCs *bi_cf_ocs;
char **bi_obsolete_names;
- void *bi_private; /* anything the backend type needs */
+ void *bi_extra; /* backend type-specific APIs */
+ void *bi_private; /* backend type-specific config data */
LDAP_STAILQ_ENTRY(slap_backend_info) bi_next ;
};
/* Should successive callbacks in a chain be processed? */
#define SLAP_CB_FREEME 0x04000
+#define SLAP_CB_BYPASS 0x08800
#define SLAP_CB_CONTINUE 0x08000
/*
int sc_assert;
int sc_domainScope;
int sc_dontUseCopy;
- int sc_manageDIT;
int sc_manageDSAit;
int sc_modifyIncrement;
int sc_noOp;
int sc_postRead;
int sc_preRead;
int sc_proxyAuthz;
+ int sc_relax;
int sc_searchOptions;
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SORTEDRESULTS
int sc_sortedResults;
#endif
int sc_subentries;
int sc_treeDelete;
+#ifdef LDAP_X_TXN
+ int sc_txnSpec;
+#endif
int sc_valuesReturnFilter;
};
#endif
} Opheader;
+typedef union slap_op_request {
+ req_add_s oq_add;
+ req_bind_s oq_bind;
+ req_compare_s oq_compare;
+ req_modify_s oq_modify;
+ req_modrdn_s oq_modrdn;
+ req_search_s oq_search;
+ req_abandon_s oq_abandon;
+ req_abandon_s oq_cancel;
+ req_extended_s oq_extended;
+ req_pwdexop_s oq_pwdexop;
+} OpRequest;
+
typedef struct slap_op {
Opheader *o_hdr;
struct berval o_req_dn; /* DN of target of request */
struct berval o_req_ndn;
- union o_req_u {
- req_add_s oq_add;
- req_bind_s oq_bind;
- req_compare_s oq_compare;
- req_modify_s oq_modify;
- req_modrdn_s oq_modrdn;
- req_search_s oq_search;
- req_abandon_s oq_abandon;
- req_abandon_s oq_cancel;
- req_extended_s oq_extended;
- req_pwdexop_s oq_pwdexop;
- } o_request;
+ OpRequest o_request;
/* short hands for union members */
#define oq_add o_request.oq_add
#define orn_msgid oq_abandon.rs_msgid
#define orm_modlist oq_modify.rs_modlist
#define orm_increment oq_modify.rs_increment
+#define orm_no_opattrs oq_modify.rs_no_opattrs
#define ore_reqoid oq_extended.rs_reqoid
#define ore_flags oq_extended.rs_flags
GroupAssertion *o_groups;
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ slap_access_t o_acl_priv;
char o_nocaching;
char o_delete_glue_parent;
char o_no_schema_check;
#define get_no_schema_check(op) ((op)->o_no_schema_check)
+ char o_no_subordinate_glue;
+#define get_no_subordinate_glue(op) ((op)->o_no_subordinate_glue)
#define SLAP_CONTROL_NONE 0
#define SLAP_CONTROL_IGNORED 1
#define SLAP_CONTROL_DATA2 0x40
#define SLAP_CONTROL_DATA3 0x80
-
#define _SCM(x) ((x) & SLAP_CONTROL_MASK)
char o_ctrlflag[SLAP_MAX_CIDS]; /* per-control flags */
#define o_dontUseCopy o_ctrlflag[slap_cids.sc_dontUseCopy]
#define get_dontUseCopy(op) _SCM((op)->o_dontUseCopy)
-#define o_managedit o_ctrlflag[slap_cids.sc_manageDIT]
-#define get_manageDIT(op) _SCM((op)->o_managedit)
+#define o_relax o_ctrlflag[slap_cids.sc_relax]
+#define get_relax(op) _SCM((op)->o_relax)
#define o_managedsait o_ctrlflag[slap_cids.sc_manageDSAit]
#define get_manageDSAit(op) _SCM((op)->o_managedsait)
#define o_pagedresults_state o_controls[slap_cids.sc_pagedResults]
#define get_pagedresults(op) ((int)(op)->o_pagedresults)
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SORTEDRESULTS
#define o_sortedresults o_ctrlflag[slap_cids.sc_sortedResults]
#endif
+#ifdef LDAP_X_TXN
+#define o_txnSpec o_ctrlflag[slap_cids.sc_txnSpec]
+#endif
+
#define o_sync o_ctrlflag[slap_cids.sc_LDAPsync]
AuthorizationInformation o_authz;
void *o_private; /* anything the backend needs */
- LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
-
+ LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
} Operation;
+
#define OPERATION_BUFFER_SIZE ( sizeof(Operation) + sizeof(Opheader) + \
SLAP_MAX_CIDS*sizeof(void *) )
void *c_sasl_extra; /* SASL session extra stuff */
struct slap_op *c_sasl_bindop; /* set to current op if it's a bind */
+#ifdef LDAP_X_TXN
+#define CONN_TXN_INACTIVE 0
+#define CONN_TXN_SPECIFY 1
+#define CONN_TXN_SETTLE -1
+ int c_txn;
+
+ Backend *c_txn_backend;
+ LDAP_STAILQ_HEAD(c_to, slap_op) c_txn_ops; /* list of operations in txn */
+#endif
+
PagedResultsState c_pagedresults_state; /* paged result state */
long c_n_ops_received; /* num of ops received (next op_id) */
long c_n_read; /* num of read calls */
long c_n_write; /* num of write calls */
- void *c_pb; /* Netscape plugin */
void *c_extensions; /* Netscape plugin */
/*
SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
} Connection;
-#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
-#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1) ); \
- } while (0)
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2) ); \
- } while (0)
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3) ); \
- } while (0)
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3), (arg4) ); \
- } while (0)
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3), (arg4), (arg5) ); \
- } while (0)
+#ifdef LDAP_DEBUG
+#ifdef LDAP_SYSLOG
+#ifdef LOG_LOCAL4
+#define SLAP_DEFAULT_SYSLOG_USER LOG_LOCAL4
+#endif /* LOG_LOCAL4 */
+
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
- Statslog3( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
+ Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
#define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level))
-#elif defined(LDAP_DEBUG)
-#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1) );\
- } while (0)
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\
- } while (0)
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
- } while (0)
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\
- } while (0)
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\
- } while (0)
+#else /* !LDAP_SYSLOG */
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
-#else
-#define Statslog1( level, severity, fmt, connid, opid, arg1 )
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 )
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 )
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 )
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 )
-#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )
+#endif /* !LDAP_SYSLOG */
+#else /* !LDAP_DEBUG */
+#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) ((void) 0)
#define StatslogTest( level ) (0)
-#endif
+#endif /* !LDAP_DEBUG */
/*
* listener; need to access it from monitor backend
/*
* Operation indices
*/
-enum {
+typedef enum {
SLAP_OP_BIND = 0,
SLAP_OP_UNBIND,
SLAP_OP_ADD,
SLAP_OP_ABANDON,
SLAP_OP_EXTENDED,
SLAP_OP_LAST
-};
+} slap_op_t;
typedef struct slap_counters_t {
ldap_pvt_thread_mutex_t sc_sent_mutex;
#define SLAP_CTRL_HIDE 0x80000000U
#endif
-#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for ManageDIT */
+#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for Relax */
#define SLAP_CTRL_GLOBAL 0x00800000U
#define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */