/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
LDAP_BEGIN_DECL
+#define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */
#ifdef LDAP_DEVEL
-#define SLAP_ACL_HONOR_DISCLOSE /* partially implemented */
-#define SLAP_ACL_HONOR_MANAGE /* not yet implemented */
-#define SLAP_DYNACL
-#define SLAP_OVERLAY_ACCESS
+#define LDAP_COLLECTIVE_ATTRIBUTES
#define LDAP_COMP_MATCH
-#define LDAP_DYNAMIC_OBJECTS
#define LDAP_SYNC_TIMESTAMP
-#define LDAP_COLLECTIVE_ATTRIBUTES
-#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
-#define SLAPD_CONF_UNKNOWN_BAILOUT
+#define SLAP_SORTEDRESULTS
+#endif
-#define SLAP_ORDERED_PRETTYNORM
-#define SLAP_AUTHZ_SYNTAX
+#define LDAP_DYNAMIC_OBJECTS
+#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
+#define SLAP_DISTPROC
#ifdef ENABLE_REWRITE
#define SLAP_AUTH_REWRITE 1 /* use librewrite for sasl-regexp */
#endif
-#endif
-
-#if defined(LDAP_SLAPI) && !defined(SLAP_OVERLAY_ACCESS)
-#define SLAP_OVERLAY_ACCESS
-#endif
-
-/*
- * ITS#3705: bail out if unknown config directives appear in slapd.conf
- */
-#ifdef SLAPD_CONF_UNKNOWN_BAILOUT
-#define SLAPD_CONF_UNKNOWN_IGNORED ""
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_ANY
-#else /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
-#define SLAPD_CONF_UNKNOWN_IGNORED " (ignored)"
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_CONFIG
-#endif /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
/*
* SLAPD Memory allocation macros
* on normalized/pretty DN, such that ';' is never used
* as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c) ((c) == ',')
-#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
+#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
#define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"')
#define SLAPD_ROLE_ATTR "roleOccupant"
#define SLAPD_ROLE_CLASS "organizationalRole"
-#ifdef SLAPD_ACI_ENABLED
-#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
-#endif /* SLAPD_ACI_ENABLED */
-
-/* change this to "OpenLDAPset" */
-#define SLAPD_ACI_SET_ATTR "template"
-
#define SLAPD_TOP_OID "2.5.6.0"
LDAP_SLAPD_V (int) slap_debug;
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3"
#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37"
#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31"
-#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
+#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
/*
* represents schema information for a database
SLAP_SCHERR_MR_DUP,
SLAP_SCHERR_SYN_NOT_FOUND,
SLAP_SCHERR_SYN_DUP,
+ SLAP_SCHERR_SYN_SUP_NOT_FOUND,
SLAP_SCHERR_NO_NAME,
SLAP_SCHERR_NOT_SUPPORTED,
SLAP_SCHERR_BAD_DESCR,
SLAP_SCHERR_LAST
};
-typedef union slap_sockaddr {
+/* forward declarations */
+typedef struct Syntax Syntax;
+typedef struct MatchingRule MatchingRule;
+typedef struct MatchingRuleUse MatchingRuleUse;
+typedef struct MatchingRuleAssertion MatchingRuleAssertion;
+typedef struct OidMacro OidMacro;
+typedef struct ObjectClass ObjectClass;
+typedef struct AttributeType AttributeType;
+typedef struct AttributeDescription AttributeDescription;
+typedef struct AttributeName AttributeName;
+typedef struct ContentRule ContentRule;
+
+typedef struct AttributeAssertion AttributeAssertion;
+typedef struct SubstringsAssertion SubstringsAssertion;
+typedef struct Filter Filter;
+typedef struct ValuesReturnFilter ValuesReturnFilter;
+typedef struct Attribute Attribute;
+#ifdef LDAP_COMP_MATCH
+typedef struct ComponentData ComponentData;
+typedef struct ComponentFilter ComponentFilter;
+#endif
+
+typedef struct Entry Entry;
+typedef struct Modification Modification;
+typedef struct Modifications Modifications;
+typedef struct LDAPModList LDAPModList;
+
+typedef struct BackendInfo BackendInfo; /* per backend type */
+typedef struct BackendDB BackendDB; /* per backend database */
+
+typedef struct Connection Connection;
+typedef struct Operation Operation;
+typedef struct SlapReply SlapReply;
+/* end of forward declarations */
+
+typedef union Sockaddr {
struct sockaddr sa_addr;
struct sockaddr_in sa_in_addr;
#ifdef LDAP_PF_INET6
extern int slap_inet4or6;
#endif
-typedef struct slap_oid_macro {
+struct OidMacro {
struct berval som_oid;
BerVarray som_names;
BerVarray som_subs;
#define SLAP_OM_HARDCODE 0x10000U /* This is hardcoded schema */
int som_flags;
- LDAP_STAILQ_ENTRY(slap_oid_macro) som_next;
-} OidMacro;
-
-/* forward declarations */
-struct slap_syntax;
-struct slap_matching_rule;
+ LDAP_STAILQ_ENTRY(OidMacro) som_next;
+};
typedef int slap_syntax_validate_func LDAP_P((
- struct slap_syntax *syntax,
+ Syntax *syntax,
struct berval * in));
typedef int slap_syntax_transform_func LDAP_P((
- struct slap_syntax *syntax,
+ Syntax *syntax,
struct berval * in,
struct berval * out,
void *memctx));
struct ComponentDesc;
#endif
-typedef struct slap_syntax {
+struct Syntax {
LDAPSyntax ssyn_syn;
#define ssyn_oid ssyn_syn.syn_oid
#define ssyn_desc ssyn_syn.syn_desc
#define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */
#endif
+ Syntax **ssyn_sups;
+
slap_syntax_validate_func *ssyn_validate;
slap_syntax_transform_func *ssyn_pretty;
struct ComponentDesc* ssync_comp_syntax;
#endif
- LDAP_SLIST_ENTRY(slap_syntax) ssyn_next;
-} Syntax;
+ LDAP_SLIST_ENTRY(Syntax) ssyn_next;
+};
#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
#define slap_syntax_is_blob(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
typedef struct slap_syntax_defs_rec {
char *sd_desc;
int sd_flags;
+ char **sd_sups;
slap_syntax_validate_func *sd_validate;
slap_syntax_transform_func *sd_pretty;
#ifdef SLAPD_BINARY_CONVERSION
/* Normalizer */
typedef int slap_mr_normalize_func LDAP_P((
slap_mask_t use,
- struct slap_syntax *syntax, /* NULL if in is asserted value */
- struct slap_matching_rule *mr,
- struct berval * in,
- struct berval * out,
+ Syntax *syntax, /* NULL if in is asserted value */
+ MatchingRule *mr,
+ struct berval *in,
+ struct berval *out,
void *memctx ));
/* Match (compare) function */
typedef int slap_mr_match_func LDAP_P((
int *match,
slap_mask_t use,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
- struct berval * value,
- void * assertValue ));
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertValue ));
/* Index generation function */
typedef int slap_mr_indexer_func LDAP_P((
slap_mask_t use,
slap_mask_t mask,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
struct berval *prefix,
BerVarray values,
BerVarray *keys,
typedef int slap_mr_filter_func LDAP_P((
slap_mask_t use,
slap_mask_t mask,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
struct berval *prefix,
- void * assertValue,
+ void *assertValue,
BerVarray *keys,
void *memctx ));
-typedef struct slap_matching_rule_use MatchingRuleUse;
-
-typedef struct slap_matching_rule {
+struct MatchingRule {
LDAPMatchingRule smr_mrule;
MatchingRuleUse *smr_mru;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smr_str;
/*
* Note: the former
struct berval smr_bvoid;
#define smr_oidlen smr_bvoid.bv_len
- slap_mask_t smr_usage;
+ slap_mask_t smr_usage;
#ifdef LDAP_DEVEL
#define SLAP_MR_HIDE 0x0000U
#define SLAP_MR_HIDE 0x8000U
#endif
+#define SLAP_MR_MUTATION_NORMALIZER 0x4000U
+
#define SLAP_MR_TYPE_MASK 0x0F00U
-#define SLAP_MR_SUBTYPE_MASK 0x00F0U
+#define SLAP_MR_SUBTYPE_MASK 0x00F0U
#define SLAP_MR_USAGE 0x000FU
#define SLAP_MR_NONE 0x0000U
#define SLAP_MR_EQUALITY 0x0100U
#define SLAP_MR_ORDERING 0x0200U
#define SLAP_MR_SUBSTR 0x0400U
-#define SLAP_MR_EXT 0x0800U /* implicitly extensible */
-#define SLAP_MR_ORDERED_INDEX 0x1000U
+#define SLAP_MR_EXT 0x0800U /* implicitly extensible */
+#define SLAP_MR_ORDERED_INDEX 0x1000U
#ifdef LDAP_COMP_MATCH
#define SLAP_MR_COMPONENT 0x2000U
#endif
#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U )
#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0010U )
-#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U )
+#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U )
#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0040U )
*/
#define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX 0x0001U
#define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX 0x0002U
-#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
+#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
#define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
#define SLAP_IS_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH( usage ) \
((usage) & SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH )
- Syntax *smr_syntax;
+ Syntax *smr_syntax;
slap_mr_convert_func *smr_convert;
slap_mr_normalize_func *smr_normalize;
- slap_mr_match_func *smr_match;
+ slap_mr_match_func *smr_match;
slap_mr_indexer_func *smr_indexer;
- slap_mr_filter_func *smr_filter;
+ slap_mr_filter_func *smr_filter;
/*
* null terminated array of syntaxes compatible with this syntax
* note: when MS_EXT is set, this MUST NOT contain the assertion
* syntax of the rule. When MS_EXT is not set, it MAY.
*/
- Syntax **smr_compat_syntaxes;
+ Syntax **smr_compat_syntaxes;
/*
* For equality rules, refers to an associated approximate rule.
* For non-equality rules, refers to an associated equality rule.
*/
- struct slap_matching_rule *smr_associated;
+ MatchingRule *smr_associated;
#define SLAP_MR_ASSOCIATED(mr,amr) \
(((mr) == (amr)) || ((mr)->smr_associated == (amr)))
- LDAP_SLIST_ENTRY(slap_matching_rule)smr_next;
+ LDAP_SLIST_ENTRY(MatchingRule) smr_next;
#define smr_oid smr_mrule.mr_oid
#define smr_names smr_mrule.mr_names
#define smr_obsolete smr_mrule.mr_obsolete
#define smr_syntax_oid smr_mrule.mr_syntax_oid
#define smr_extensions smr_mrule.mr_extensions
-} MatchingRule;
+};
-struct slap_matching_rule_use {
+struct MatchingRuleUse {
LDAPMatchingRuleUse smru_mruleuse;
MatchingRule *smru_mr;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smru_str;
- LDAP_SLIST_ENTRY(slap_matching_rule_use) smru_next;
+ LDAP_SLIST_ENTRY(MatchingRuleUse) smru_next;
#define smru_oid smru_mruleuse.mru_oid
#define smru_names smru_mruleuse.mru_names
char * mrd_associated;
} slap_mrule_defs_rec;
-struct slap_backend_db;
-struct slap_entry;
-struct slap_attr;
-
typedef int (AttributeTypeSchemaCheckFN)(
- struct slap_backend_db *be,
- struct slap_entry *e,
- struct slap_attr *attr,
+ BackendDB *be,
+ Entry *e,
+ Attribute *attr,
const char** text,
char *textbuf, size_t textlen );
-typedef struct slap_attribute_type {
+struct AttributeType {
LDAPAttributeType sat_atype;
struct berval sat_cname;
- struct slap_attribute_type *sat_sup;
- struct slap_attribute_type **sat_subtypes;
+ AttributeType *sat_sup;
+ AttributeType **sat_subtypes;
MatchingRule *sat_equality;
MatchingRule *sat_approx;
MatchingRule *sat_ordering;
MatchingRule *sat_substr;
- Syntax *sat_syntax;
+ Syntax *sat_syntax;
AttributeTypeSchemaCheckFN *sat_check;
- char *sat_oidmacro;
+ char *sat_oidmacro;
#define SLAP_AT_NONE 0x0000U
#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */
#define SLAP_AT_ORDERED_SIB 0x0002U /* siblings are ordered */
#define SLAP_AT_ORDERED 0x0003U /* value has order index */
-#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_DELETED 0x20000U
- slap_mask_t sat_flags;
+ slap_mask_t sat_flags;
- LDAP_STAILQ_ENTRY(slap_attribute_type) sat_next;
+ LDAP_STAILQ_ENTRY(AttributeType) sat_next;
#define sat_oid sat_atype.at_oid
#define sat_names sat_atype.at_names
#define sat_desc sat_atype.at_desc
-#define sat_obsolete sat_atype.at_obsolete
+#define sat_obsolete sat_atype.at_obsolete
#define sat_sup_oid sat_atype.at_sup_oid
-#define sat_equality_oid sat_atype.at_equality_oid
-#define sat_ordering_oid sat_atype.at_ordering_oid
-#define sat_substr_oid sat_atype.at_substr_oid
-#define sat_syntax_oid sat_atype.at_syntax_oid
-#define sat_single_value sat_atype.at_single_value
-#define sat_collective sat_atype.at_collective
-#define sat_no_user_mod sat_atype.at_no_user_mod
+#define sat_equality_oid sat_atype.at_equality_oid
+#define sat_ordering_oid sat_atype.at_ordering_oid
+#define sat_substr_oid sat_atype.at_substr_oid
+#define sat_syntax_oid sat_atype.at_syntax_oid
+#define sat_single_value sat_atype.at_single_value
+#define sat_collective sat_atype.at_collective
+#define sat_no_user_mod sat_atype.at_no_user_mod
#define sat_usage sat_atype.at_usage
-#define sat_extensions sat_atype.at_extensions
+#define sat_extensions sat_atype.at_extensions
- struct slap_attr_desc *sat_ad;
+ AttributeDescription *sat_ad;
ldap_pvt_thread_mutex_t sat_ad_mutex;
-} AttributeType;
+};
#define is_at_operational(at) ((at)->sat_usage)
#define is_at_single_value(at) ((at)->sat_single_value)
#define is_at_obsolete(at) ((at)->sat_obsolete)
#define is_at_no_user_mod(at) ((at)->sat_no_user_mod)
-struct slap_object_class;
-
typedef int (ObjectClassSchemaCheckFN)(
- struct slap_backend_db *be,
- struct slap_entry *e,
- struct slap_object_class *oc,
+ BackendDB *be,
+ Entry *e,
+ ObjectClass *oc,
const char** text,
char *textbuf, size_t textlen );
-typedef struct slap_object_class {
+struct ObjectClass {
LDAPObjectClass soc_oclass;
struct berval soc_cname;
- struct slap_object_class **soc_sups;
- AttributeType **soc_required;
- AttributeType **soc_allowed;
+ ObjectClass **soc_sups;
+ AttributeType **soc_required;
+ AttributeType **soc_allowed;
ObjectClassSchemaCheckFN *soc_check;
- char *soc_oidmacro;
- slap_mask_t soc_flags;
+ char *soc_oidmacro;
+ slap_mask_t soc_flags;
#define soc_oid soc_oclass.oc_oid
#define soc_names soc_oclass.oc_names
#define soc_desc soc_oclass.oc_desc
-#define soc_obsolete soc_oclass.oc_obsolete
-#define soc_sup_oids soc_oclass.oc_sup_oids
+#define soc_obsolete soc_oclass.oc_obsolete
+#define soc_sup_oids soc_oclass.oc_sup_oids
#define soc_kind soc_oclass.oc_kind
-#define soc_at_oids_must soc_oclass.oc_at_oids_must
-#define soc_at_oids_may soc_oclass.oc_at_oids_may
-#define soc_extensions soc_oclass.oc_extensions
+#define soc_at_oids_must soc_oclass.oc_at_oids_must
+#define soc_at_oids_may soc_oclass.oc_at_oids_may
+#define soc_extensions soc_oclass.oc_extensions
- LDAP_STAILQ_ENTRY(slap_object_class) soc_next;
-} ObjectClass;
+ LDAP_STAILQ_ENTRY(ObjectClass) soc_next;
+};
#define SLAP_OCF_SET_FLAGS 0x1
#define SLAP_OCF_CHECK_SUP 0x2
#define SLAP_OC_HIDE 0x8000
#endif
#define SLAP_OC_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_OC_DELETED 0x20000U
/*
* DIT content rule
*/
-typedef struct slap_content_rule {
+struct ContentRule {
LDAPContentRule scr_crule;
- ObjectClass *scr_sclass;
- ObjectClass **scr_auxiliaries; /* optional */
+ ObjectClass *scr_sclass;
+ ObjectClass **scr_auxiliaries; /* optional */
AttributeType **scr_required; /* optional */
AttributeType **scr_allowed; /* optional */
AttributeType **scr_precluded; /* optional */
-#define scr_oid scr_crule.cr_oid
-#define scr_names scr_crule.cr_names
-#define scr_desc scr_crule.cr_desc
+#define scr_oid scr_crule.cr_oid
+#define scr_names scr_crule.cr_names
+#define scr_desc scr_crule.cr_desc
#define scr_obsolete scr_crule.cr_obsolete
#define scr_oc_oids_aux scr_crule.cr_oc_oids_aux
#define scr_at_oids_must scr_crule.cr_at_oids_must
#define scr_at_oids_may scr_crule.cr_at_oids_may
#define scr_at_oids_not scr_crule.cr_at_oids_not
- char *scr_oidmacro;
-#define SLAP_CR_HARDCODE 0x10000U
- int scr_flags;
+ char *scr_oidmacro;
+#define SLAP_CR_HARDCODE 0x10000U
+ int scr_flags;
- LDAP_STAILQ_ENTRY( slap_content_rule ) scr_next;
-} ContentRule;
+ LDAP_STAILQ_ENTRY( ContentRule ) scr_next;
+};
/* Represents a recognized attribute description ( type + options ). */
-typedef struct slap_attr_desc {
- struct slap_attr_desc *ad_next;
- AttributeType *ad_type; /* attribute type, must be specified */
- struct berval ad_cname; /* canonical name, must be specified */
- struct berval ad_tags; /* empty if no tagging options */
+struct AttributeDescription {
+ AttributeDescription *ad_next;
+ AttributeType *ad_type; /* attribute type, must be specified */
+ struct berval ad_cname; /* canonical name, must be specified */
+ struct berval ad_tags; /* empty if no tagging options */
unsigned ad_flags;
-#define SLAP_DESC_NONE 0x00U
-#define SLAP_DESC_BINARY 0x01U
-#define SLAP_DESC_TAG_RANGE 0x80U
-} AttributeDescription;
+#define SLAP_DESC_NONE 0x00U
+#define SLAP_DESC_BINARY 0x01U
+#define SLAP_DESC_TAG_RANGE 0x80U
+#define SLAP_DESC_TEMPORARY 0x1000U
+};
/* flags to slap_*2undef_ad to register undefined (0, the default)
* or proxied (SLAP_AD_PROXIED) AttributeDescriptions; the additional
* SLAP_AD_NOINSERT is to lookup without insert */
-#define SLAP_AD_UNDEF 0x00U
-#define SLAP_AD_PROXIED 0x01U
-#define SLAP_AD_NOINSERT 0x02U
-
-typedef struct slap_attr_name {
- struct berval an_name;
- AttributeDescription *an_desc;
- int an_oc_exclude;
- ObjectClass *an_oc;
-} AttributeName;
+#define SLAP_AD_UNDEF 0x00U
+#define SLAP_AD_PROXIED 0x01U
+#define SLAP_AD_NOINSERT 0x02U
+
+struct AttributeName {
+ struct berval an_name;
+ AttributeDescription *an_desc;
+ int an_oc_exclude;
+ ObjectClass *an_oc;
+};
#define slap_ad_is_tagged(ad) ( (ad)->ad_tags.bv_len != 0 )
#define slap_ad_is_tag_range(ad) \
#ifdef SLAPD_AUTHPASSWD
AttributeDescription *si_ad_authPassword;
AttributeDescription *si_ad_authPasswordSchemes;
-#endif
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- AttributeDescription *si_ad_krbName;
#endif
AttributeDescription *si_ad_description;
AttributeDescription *si_ad_seeAlso;
Syntax *si_syn_objectClassDesc;
};
-typedef struct slap_attr_assertion {
+struct AttributeAssertion {
AttributeDescription *aa_desc;
- struct berval aa_value;
+ struct berval aa_value;
#ifdef LDAP_COMP_MATCH
- struct slap_component_filter *aa_cf;/* for attribute aliasing */
+ ComponentFilter *aa_cf; /* for attribute aliasing */
#endif
-} AttributeAssertion;
+};
-typedef struct slap_ss_assertion {
+struct SubstringsAssertion {
AttributeDescription *sa_desc;
struct berval sa_initial;
struct berval *sa_any;
struct berval sa_final;
-} SubstringsAssertion;
-
-#ifdef LDAP_COMP_MATCH
-struct slap_component_filter;
-#endif
+};
-typedef struct slap_mr_assertion {
+struct MatchingRuleAssertion {
MatchingRule *ma_rule; /* optional */
- struct berval ma_rule_text; /* optional */
+ struct berval ma_rule_text; /* optional */
AttributeDescription *ma_desc; /* optional */
- int ma_dnattrs; /* boolean */
+ int ma_dnattrs; /* boolean */
struct berval ma_value; /* required */
#ifdef LDAP_COMP_MATCH
- struct slap_component_filter* ma_cf; /* component filter */
+ ComponentFilter *ma_cf; /* component filter */
#endif
-} MatchingRuleAssertion;
+};
/*
* represents a search filter
*/
-typedef struct slap_filter {
+struct Filter {
ber_tag_t f_choice; /* values taken from ldap.h, plus: */
-#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
-#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
-#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
-#ifdef LDAP_SCOPE_SUBORDINATE
-#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
-#endif
+#define SLAPD_FILTER_COMPUTED 0
+#define SLAPD_FILTER_MASK 0x7fff
+#define SLAPD_FILTER_UNDEFINED 0x8000
union f_un_u {
/* precomputed result */
- ber_int_t f_un_result;
-
- /* DN */
- struct berval *f_un_dn;
+ ber_int_t f_un_result;
/* present */
- AttributeDescription *f_un_desc;
+ AttributeDescription *f_un_desc;
/* simple value assertion */
- AttributeAssertion *f_un_ava;
+ AttributeAssertion *f_un_ava;
/* substring assertion */
- SubstringsAssertion *f_un_ssa;
+ SubstringsAssertion *f_un_ssa;
/* matching rule assertion */
- MatchingRuleAssertion *f_un_mra;
+ MatchingRuleAssertion *f_un_mra;
-#define f_dn f_un.f_un_dn
#define f_desc f_un.f_un_desc
#define f_ava f_un.f_un_ava
#define f_av_desc f_un.f_un_ava->aa_desc
#define f_av_value f_un.f_un_ava->aa_value
#define f_sub f_un.f_un_ssa
#define f_sub_desc f_un.f_un_ssa->sa_desc
-#define f_sub_initial f_un.f_un_ssa->sa_initial
+#define f_sub_initial f_un.f_un_ssa->sa_initial
#define f_sub_any f_un.f_un_ssa->sa_any
#define f_sub_final f_un.f_un_ssa->sa_final
#define f_mra f_un.f_un_mra
#define f_mr_rule f_un.f_un_mra->ma_rule
-#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
+#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
#define f_mr_desc f_un.f_un_mra->ma_desc
#define f_mr_value f_un.f_un_mra->ma_value
-#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
+#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
/* and, or, not */
- struct slap_filter *f_un_complex;
+ Filter *f_un_complex;
} f_un;
#define f_result f_un.f_un_result
#define f_not f_un.f_un_complex
#define f_list f_un.f_un_complex
- struct slap_filter *f_next;
-} Filter;
+ Filter *f_next;
+};
/* compare routines can return undefined */
#define SLAPD_COMPARE_UNDEFINED ((ber_int_t) -1)
-typedef struct slap_valuesreturnfilter {
+struct ValuesReturnFilter {
ber_tag_t vrf_choice;
union vrf_un_u {
} vrf_un;
- struct slap_valuesreturnfilter *vrf_next;
-} ValuesReturnFilter;
-
-#ifdef LDAP_COMP_MATCH
-struct slap_component_syntax_info;
-typedef struct slap_component_data {
- void* cd_mem_op;/* nibble memory handler */
- struct slap_component_syntax_info** cd_tree;/* component tree */
-} ComponentData;
-#endif
+ ValuesReturnFilter *vrf_next;
+};
/*
* represents an attribute (description + values)
*/
-typedef struct slap_attr {
- AttributeDescription *a_desc;
- BerVarray a_vals; /* preserved values */
- BerVarray a_nvals; /* normalized values */
+struct Attribute {
+ AttributeDescription *a_desc;
+ BerVarray a_vals; /* preserved values */
+ BerVarray a_nvals; /* normalized values */
#ifdef LDAP_COMP_MATCH
- ComponentData *a_comp_data; /* component values */
+ ComponentData *a_comp_data; /* component values */
#endif
- struct slap_attr *a_next;
- unsigned a_flags;
-#define SLAP_ATTR_IXADD 0x1U
-#define SLAP_ATTR_IXDEL 0x2U
-} Attribute;
+ Attribute *a_next;
+ unsigned a_flags;
+#define SLAP_ATTR_IXADD 0x1U
+#define SLAP_ATTR_IXDEL 0x2U
+#define SLAP_ATTR_DONT_FREE_DATA 0x4U
+#define SLAP_ATTR_DONT_FREE_VALS 0x8U
+};
/*
typedef unsigned long ID;
#define NOID ((ID)~0)
+typedef struct EntryHeader {
+ struct berval bv;
+ char *data;
+ int nattrs;
+ int nvals;
+} EntryHeader;
+
/*
* represents an entry in core
*/
-typedef struct slap_entry {
+struct Entry {
/*
* The ID field should only be changed before entry is
* inserted into a cache. The ID value is backend
/* for use by the backend for any purpose */
void* e_private;
-} Entry;
+};
/*
* A list of LDAPMods
*/
-typedef struct slap_mod {
+struct Modification {
short sm_op;
short sm_flags;
/* Set for internal mods, will bypass ACL checks. Only needed when
struct berval sm_type;
BerVarray sm_values;
BerVarray sm_nvalues;
-} Modification;
+};
-typedef struct slap_mod_list {
- Modification sml_mod;
+struct Modifications {
+ Modification sml_mod;
#define sml_op sml_mod.sm_op
#define sml_flags sml_mod.sm_flags
#define sml_desc sml_mod.sm_desc
#define sml_type sml_mod.sm_type
#define sml_values sml_mod.sm_values
#define sml_nvalues sml_mod.sm_nvalues
- struct slap_mod_list *sml_next;
-} Modifications;
+ Modifications *sml_next;
+};
-typedef struct slap_ldap_modlist {
- LDAPMod ml_mod;
- struct slap_ldap_modlist *ml_next;
+struct LDAPModList {
+ LDAPMod ml_mod;
+ LDAPModList *ml_next;
#define ml_op ml_mod.mod_op
#define ml_type ml_mod.mod_type
#define ml_values ml_mod.mod_values
-} LDAPModList;
+};
/*
* represents an access control list
*/
-typedef enum slap_access_e {
+typedef enum slap_access_t {
ACL_INVALID_ACCESS = -1,
ACL_NONE = 0,
ACL_DISCLOSE,
ACL_COMPARE,
ACL_SEARCH,
ACL_READ,
- ACL_WRITE,
+ ACL_WRITE_,
ACL_MANAGE,
/* always leave at end of levels but not greater than ACL_LEVEL_MASK */
ACL_QUALIFIER_MASK = 0x0f00,
/* write granularity */
- ACL_WADD = ACL_WRITE|ACL_QUALIFIER1,
- ACL_WDEL = ACL_WRITE|ACL_QUALIFIER2
+ ACL_WADD = ACL_WRITE_|ACL_QUALIFIER1,
+ ACL_WDEL = ACL_WRITE_|ACL_QUALIFIER2,
+
+ ACL_WRITE = ACL_WADD|ACL_WDEL
} slap_access_t;
typedef enum slap_control_e {
ACL_STYLE_USERS,
ACL_STYLE_SELF,
ACL_STYLE_IP,
+ ACL_STYLE_IPV6,
ACL_STYLE_PATH
} slap_style_t;
-typedef struct slap_authz_info {
+typedef struct AuthorizationInformation {
ber_tag_t sai_method; /* LDAP_AUTH_* from <ldap.h> */
struct berval sai_mech; /* SASL Mechanism */
struct berval sai_dn; /* DN for reporting purposes */
slap_ssf_t sai_sasl_ssf; /* SASL SSF */
} AuthorizationInformation;
-
#ifdef SLAP_DYNACL
-struct slap_op;
/*
* "dynamic" ACL infrastructure (for ACIs and more)
typedef int (slap_dynacl_unparse) LDAP_P(( void *priv, struct berval *bv ));
typedef int (slap_dynacl_mask) LDAP_P((
void *priv,
- struct slap_op *op,
+ Operation *op,
Entry *e,
AttributeDescription *desc,
struct berval *val,
} slap_dn_access;
/* the "by" part */
-typedef struct slap_access {
+typedef struct Access {
slap_control_t a_type;
/* strip qualifiers */
/* connection related stuff */
slap_style_t a_peername_style;
struct berval a_peername_pat;
+#ifdef LDAP_PF_INET6
+ union {
+ struct in6_addr ax6;
+ unsigned long ax;
+ } ax_peername_addr,
+ ax_peername_mask;
+#define a_peername_addr6 ax_peername_addr.ax6
+#define a_peername_addr ax_peername_addr.ax
+#define a_peername_mask6 ax_peername_mask.ax6
+#define a_peername_mask ax_peername_mask.ax
+/* apparently, only s6_addr is portable;
+ * define a portable address mask comparison */
+#define slap_addr6_mask(val, msk, asr) ( \
+ (((val)->s6_addr[0] & (msk)->s6_addr[0]) == (asr)->s6_addr[0]) \
+ && (((val)->s6_addr[1] & (msk)->s6_addr[1]) == (asr)->s6_addr[1]) \
+ && (((val)->s6_addr[2] & (msk)->s6_addr[2]) == (asr)->s6_addr[2]) \
+ && (((val)->s6_addr[3] & (msk)->s6_addr[3]) == (asr)->s6_addr[3]) \
+ && (((val)->s6_addr[4] & (msk)->s6_addr[4]) == (asr)->s6_addr[4]) \
+ && (((val)->s6_addr[5] & (msk)->s6_addr[5]) == (asr)->s6_addr[5]) \
+ && (((val)->s6_addr[6] & (msk)->s6_addr[6]) == (asr)->s6_addr[6]) \
+ && (((val)->s6_addr[7] & (msk)->s6_addr[7]) == (asr)->s6_addr[7]) \
+ && (((val)->s6_addr[8] & (msk)->s6_addr[8]) == (asr)->s6_addr[8]) \
+ && (((val)->s6_addr[9] & (msk)->s6_addr[9]) == (asr)->s6_addr[9]) \
+ && (((val)->s6_addr[10] & (msk)->s6_addr[10]) == (asr)->s6_addr[10]) \
+ && (((val)->s6_addr[11] & (msk)->s6_addr[11]) == (asr)->s6_addr[11]) \
+ && (((val)->s6_addr[12] & (msk)->s6_addr[12]) == (asr)->s6_addr[12]) \
+ && (((val)->s6_addr[13] & (msk)->s6_addr[13]) == (asr)->s6_addr[13]) \
+ && (((val)->s6_addr[14] & (msk)->s6_addr[14]) == (asr)->s6_addr[14]) \
+ && (((val)->s6_addr[15] & (msk)->s6_addr[15]) == (asr)->s6_addr[15]) \
+ )
+#else /* ! LDAP_PF_INET6 */
unsigned long a_peername_addr,
a_peername_mask;
+#endif /* ! LDAP_PF_INET6 */
int a_peername_port;
slap_style_t a_sockname_style;
#ifdef SLAP_DYNACL
slap_dynacl_t *a_dynacl;
-#else /* ! SLAP_DYNACL */
-#ifdef SLAPD_ACI_ENABLED
- /* NOTE: ACIs have been moved under the "dynacl" interface,
- * which is currently built only when LDAP_DEVEL is defined.
- *
- * In any case, SLAPD_ACI_ENABLED, set by --enable-aci,
- * is required to enable ACI support.
- */
- AttributeDescription *a_aci_at;
-#endif /* SLAPD_ACI_ENABLED */
#endif /* SLAP_DYNACL */
/* ACL Groups */
slap_style_t a_group_style;
struct berval a_group_pat;
- ObjectClass *a_group_oc;
+ ObjectClass *a_group_oc;
AttributeDescription *a_group_at;
- struct slap_access *a_next;
+ struct Access *a_next;
} Access;
/* the "to" part */
-typedef struct slap_acl {
+typedef struct AccessControl {
/* "to" part: the entries this acl applies to */
Filter *acl_filter;
slap_style_t acl_dn_style;
/* "by" part: list of who has what access to the entries */
Access *acl_access;
- struct slap_acl *acl_next;
+ struct AccessControl *acl_next;
} AccessControl;
-typedef struct slap_acl_state {
- unsigned as_recorded;
-#define ACL_STATE_NOT_RECORDED 0x0
-#define ACL_STATE_RECORDED_VD 0x1
-#define ACL_STATE_RECORDED_NV 0x2
-#define ACL_STATE_RECORDED 0x3
+typedef enum {
+ ACL_STATE_NOT_RECORDED = 0x0,
+ ACL_STATE_RECORDED_VD = 0x1,
+ ACL_STATE_RECORDED_NV = 0x2,
+ ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV )
+} slap_acl_state_t;
+typedef struct AccessControlState {
/* Access state */
- AccessControl *as_vd_acl;
AccessControl *as_vi_acl;
- slap_mask_t as_vd_acl_mask;
- regmatch_t as_vd_acl_matches[MAXREMATCHES];
- int as_vd_acl_count;
+ AccessControl *as_vd_acl;
+ AttributeDescription *as_vd_ad;
- Access *as_vd_access;
- int as_vd_access_count;
+ slap_acl_state_t as_recorded;
+ int as_vd_acl_count;
int as_result;
- AttributeDescription *as_vd_ad;
} AccessControlState;
-#define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \
- { { 0, 0 } }, 0, NULL, 0, 0, NULL }
-
-#ifdef SLAPD_ACI_ENABLED
-typedef enum slap_aci_scope_t {
- SLAP_ACI_SCOPE_ENTRY = 0x1,
- SLAP_ACI_SCOPE_CHILDREN = 0x2,
- SLAP_ACI_SCOPE_SUBTREE = ( SLAP_ACI_SCOPE_ENTRY | SLAP_ACI_SCOPE_CHILDREN )
-} slap_aci_scope_t;
-#endif /* SLAPD_ACI_ENABLED */
-
-enum {
- ACI_BV_ENTRY,
- ACI_BV_CHILDREN,
- ACI_BV_ONELEVEL,
- ACI_BV_SUBTREE,
- ACI_BV_BR_ENTRY,
- ACI_BV_BR_ALL,
- ACI_BV_ACCESS_ID,
-#if 0
- ACI_BV_ANONYMOUS = BER_BVC("anonymous"),
-#endif
- ACI_BV_PUBLIC,
- ACI_BV_USERS,
- ACI_BV_SELF,
- ACI_BV_DNATTR,
- ACI_BV_GROUP,
- ACI_BV_ROLE,
- ACI_BV_SET,
- ACI_BV_SET_REF,
- ACI_BV_GRANT,
- ACI_BV_DENY,
-
- ACI_BV_IP_EQ,
-#ifdef LDAP_PF_LOCAL
- ACI_BV_PATH_EQ,
-#if 0
- ACI_BV_DIRSEP,
-#endif
-#endif /* LDAP_PF_LOCAL */
-
- ACI_BV_GROUP_CLASS,
- ACI_BV_GROUP_ATTR,
- ACI_BV_ROLE_CLASS,
- ACI_BV_ROLE_ATTR,
- ACI_BV_SET_ATTR,
-
- ACI_BV_LAST
-};
+#define ACL_STATE_INIT { NULL, NULL, NULL, \
+ ACL_STATE_NOT_RECORDED, 0, 0 }
/*
* Backend-info
* represents a backend
*/
-typedef struct slap_backend_info BackendInfo; /* per backend type */
-typedef struct slap_backend_db BackendDB; /* per backend database */
-typedef LDAP_STAILQ_HEAD(BeI, slap_backend_info) slap_bi_head;
-typedef LDAP_STAILQ_HEAD(BeDB, slap_backend_db) slap_be_head;
+typedef LDAP_STAILQ_HEAD(BeI, BackendInfo) slap_bi_head;
+typedef LDAP_STAILQ_HEAD(BeDB, BackendDB) slap_be_head;
LDAP_SLAPD_V (int) nBackendInfo;
LDAP_SLAPD_V (int) nBackendDB;
#define SLAP_TOOL_READMAIN 0x0200
#define SLAP_TOOL_READONLY 0x0400
#define SLAP_TOOL_QUICK 0x0800
+#define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000
#define SB_TLS_DEFAULT (-1)
#define SB_TLS_OFF 0
#define SB_TLS_CRITICAL 2
typedef struct slap_bindconf {
+ struct berval sb_uri;
+ int sb_version;
int sb_tls;
int sb_method;
+ int sb_timeout_api;
+ int sb_timeout_net;
struct berval sb_binddn;
struct berval sb_cred;
struct berval sb_saslmech;
struct berval sb_realm;
struct berval sb_authcId;
struct berval sb_authzId;
+#ifdef HAVE_TLS
+ void *sb_tls_ctx;
+ char *sb_tls_cert;
+ char *sb_tls_key;
+ char *sb_tls_cacert;
+ char *sb_tls_cacertdir;
+ char *sb_tls_reqcert;
+ char *sb_tls_cipher_suite;
+#ifdef HAVE_OPENSSL_CRL
+ char *sb_tls_crlcheck;
+#endif
+ int sb_tls_do_init;
+#endif
} slap_bindconf;
-struct slap_replica_info {
- const char *ri_uri; /* supersedes be_replica */
- const char *ri_host; /* points to host part of uri */
- BerVarray ri_nsuffix; /* array of suffixes this replica accepts */
- AttributeName *ri_attrs; /* attrs to replicate, NULL=all */
- int ri_exclude; /* 1 => exclude ri_attrs */
- slap_bindconf ri_bindconf; /* for back-config */
-};
-
typedef struct slap_verbmasks {
struct berval word;
const slap_mask_t mask;
} slap_verbmasks;
+typedef struct slap_cf_aux_table {
+ struct berval key;
+ int off;
+ char type;
+ char quote;
+ void *aux;
+} slap_cf_aux_table;
+
#define SLAP_LIMIT_TIME 1
#define SLAP_LIMIT_SIZE 2
struct syncinfo_s;
#define SLAP_SYNC_RID_SIZE 3
+#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
#define SLAP_SYNCUUID_SET_SIZE 256
-#define SLAP_SYNC_UPDATE_MSGID 2
+#define SLAP_SYNC_UPDATE_MSGID 1
struct sync_cookie {
- struct berval ctxcsn;
+ struct berval *ctxcsn;
struct berval octet_str;
- long rid;
+ int rid;
+ int sid;
+ int numcsns;
+ int *sids;
LDAP_STAILQ_ENTRY(sync_cookie) sc_next;
};
struct ConfigOCs; /* config.h */
-struct slap_backend_db {
+struct BackendDB {
BackendInfo *bd_info; /* pointer to shared backend info */
/* fields in this structure (and routines acting on this structure)
/*
* define to honor hasSubordinates operational attribute in search filters
- * (in previous use there was a flaw with back-bdb and back-ldbm; now it
- * is fixed).
+ * (in previous use there was a flaw with back-bdb; now it is fixed).
*/
#define be_has_subordinates bd_info->bi_has_subordinates
/* Database flags */
#define SLAP_DBFLAG_NOLASTMOD 0x0001U
#define SLAP_DBFLAG_NO_SCHEMA_CHECK 0x0002U
+#define SLAP_DBFLAG_HIDDEN 0x0004U
#define SLAP_DBFLAG_GLUE_INSTANCE 0x0010U /* a glue backend */
#define SLAP_DBFLAG_GLUE_SUBORDINATE 0x0020U /* child of a glue hierarchy */
#define SLAP_DBFLAG_GLUE_LINKED 0x0040U /* child is connected to parent */
#define SLAP_DBFLAG_GLUE_ADVERTISE 0x0080U /* advertise in rootDSE */
#define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */
#define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */
+#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */
+#define SLAP_DBFLAG_MONITORING 0x0800U /* custom monitoring enabled */
#define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */
+#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */
slap_mask_t be_flags;
#define SLAP_DBFLAGS(be) ((be)->be_flags)
#define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD)
#define SLAP_LASTMOD(be) (!SLAP_NOLASTMOD(be))
+#define SLAP_DBHIDDEN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_HIDDEN)
#define SLAP_ISOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_OVERLAY)
+#define SLAP_ISGLOBALOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_GLOBAL_OVERLAY)
+#define SLAP_DBMONITORING(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MONITORING)
#define SLAP_NO_SCHEMA_CHECK(be) \
(SLAP_DBFLAGS(be) & SLAP_DBFLAG_NO_SCHEMA_CHECK)
#define SLAP_GLUE_INSTANCE(be) \
#define SLAP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SHADOW)
#define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW)
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
+#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
+#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
| SLAP_RESTRICT_OP_DELETE \
| SLAP_RESTRICT_OP_MODIFY \
| SLAP_RESTRICT_OP_RENAME )
+#define SLAP_RESTRICT_OP_ALL \
+ ( SLAP_RESTRICT_OP_READS \
+ | SLAP_RESTRICT_OP_WRITES \
+ | SLAP_RESTRICT_OP_BIND \
+ | SLAP_RESTRICT_OP_EXTENDED )
-#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
+#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
#define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */
#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */
#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */
+#define SLAP_ALLOW_PROXY_AUTHZ_ANON 0x0010U /* allow anonymous proxyAuthz */
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
-#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */
#define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */
#define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */
slap_access_t be_dfltaccess; /* access given if no acl matches */
/* Replica Information */
- struct slap_replica_info **be_replica; /* replicas of this backend (in master) */
- char *be_replogfile; /* replication log file (in master) */
struct berval be_update_ndn; /* allowed to make changes (in replicas) */
BerVarray be_update_refs; /* where to refer modifying clients to */
struct be_pcl *be_pending_csn_list;
struct ConfigOCs *be_cf_ocs;
void *be_private; /* anything the backend database needs */
- LDAP_STAILQ_ENTRY(slap_backend_db) be_next;
+ LDAP_STAILQ_ENTRY(BackendDB) be_next;
};
-struct slap_conn;
-struct slap_op;
-
/* Backend function typedefs */
-typedef int (BI_init) LDAP_P((BackendInfo *bi));
+typedef int (BI_bi_func) LDAP_P((BackendInfo *bi));
+typedef BI_bi_func BI_init;
+typedef BI_bi_func BI_open;
+typedef BI_bi_func BI_close;
+typedef BI_bi_func BI_destroy;
typedef int (BI_config) LDAP_P((BackendInfo *bi,
const char *fname, int lineno,
int argc, char **argv));
-typedef int (BI_open) LDAP_P((BackendInfo *bi));
-typedef int (BI_close) LDAP_P((BackendInfo *bi));
-typedef int (BI_destroy) LDAP_P((BackendInfo *bi));
-typedef int (BI_db_init) LDAP_P((Backend *bd));
+typedef int (BI_db_func) LDAP_P((Backend *bd));
+typedef BI_db_func BI_db_init;
+typedef BI_db_func BI_db_open;
+typedef BI_db_func BI_db_close;
+typedef BI_db_func BI_db_destroy;
typedef int (BI_db_config) LDAP_P((Backend *bd,
const char *fname, int lineno,
int argc, char **argv));
-typedef int (BI_db_open) LDAP_P((Backend *bd));
-typedef int (BI_db_close) LDAP_P((Backend *bd));
-typedef int (BI_db_destroy) LDAP_P((Backend *bd));
typedef struct req_bind_s {
int rb_method;
typedef struct req_modify_s {
Modifications *rs_modlist;
int rs_increment; /* FIXME: temporary */
+ char rs_no_opattrs; /* don't att modify operational attrs */
} req_modify_s;
typedef struct req_modrdn_s {
+ Modifications *rs_modlist;
struct berval rs_newrdn;
struct berval rs_nnewrdn;
struct berval *rs_newSup;
} req_modrdn_s;
typedef struct req_add_s {
- Entry *rs_e;
Modifications *rs_modlist; /* FIXME: temporary */
+ Entry *rs_e;
} req_add_s;
typedef struct req_abandon_s {
} req_extended_s;
typedef struct req_pwdexop_s {
- struct berval rs_reqoid;
- int rs_flags;
- struct berval *rs_reqdata;
+ struct req_extended_s rs_extended;
struct berval rs_old;
struct berval rs_new;
Modifications *rs_mods;
REP_EXTENDED,
REP_SEARCH,
REP_SEARCHREF,
- REP_INTERMEDIATE
+ REP_INTERMEDIATE,
+ REP_GLUE_RESULT
} slap_reply_t;
typedef struct rep_sasl_s {
BerVarray r_v2ref;
} rep_search_s;
-typedef struct slap_rep {
+struct SlapReply {
slap_reply_t sr_type;
ber_tag_t sr_tag;
ber_int_t sr_msgid;
#define REP_ENTRY_MODIFIABLE 0x0001U
#define REP_ENTRY_MUSTBEFREED 0x0002U
#define REP_ENTRY_MUSTRELEASE 0x0004U
+#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE)
+
#define REP_MATCHED_MUSTBEFREED 0x0010U
-#define REP_REF_MUSTBEFREED 0x0020U
-} SlapReply;
+#define REP_MATCHED_MASK (REP_MATCHED_MUSTBEFREED)
+
+#define REP_REF_MUSTBEFREED 0x0020U
+#define REP_REF_MASK (REP_REF_MUSTBEFREED)
+
+#define REP_NO_ENTRYDN 0x1000U
+#define REP_NO_SUBSCHEMA 0x2000U
+#define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
+};
/* short hands for response members */
#define sr_attrs sr_un.sru_search.r_attrs
#define sr_rspdata sr_un.sru_extended.r_rspdata
#define sr_sasldata sr_un.sru_sasl.r_sasldata
-typedef int (BI_op_bind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_unbind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_search) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_compare) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_modify) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_modrdn) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_add) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_delete) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_abandon) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_cancel) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_extended) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_chk_referrals) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_chk_controls) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_func) LDAP_P(( Operation *op, SlapReply *rs ));
+typedef BI_op_func BI_op_bind;
+typedef BI_op_func BI_op_unbind;
+typedef BI_op_func BI_op_search;
+typedef BI_op_func BI_op_compare;
+typedef BI_op_func BI_op_modify;
+typedef BI_op_func BI_op_modrdn;
+typedef BI_op_func BI_op_add;
+typedef BI_op_func BI_op_delete;
+typedef BI_op_func BI_op_abandon;
+typedef BI_op_func BI_op_cancel;
+typedef BI_op_func BI_op_extended;
+typedef BI_op_func BI_chk_referrals;
+typedef BI_op_func BI_chk_controls;
typedef int (BI_entry_release_rw)
- LDAP_P(( struct slap_op *op, Entry *e, int rw ));
-typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
+ LDAP_P(( Operation *op, Entry *e, int rw ));
+typedef int (BI_entry_get_rw) LDAP_P(( Operation *op, struct berval *ndn,
ObjectClass *oc, AttributeDescription *at, int rw, Entry **e ));
-typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op,
+typedef int (BI_operational) LDAP_P(( Operation *op, SlapReply *rs ));
+typedef int (BI_has_subordinates) LDAP_P(( Operation *op,
Entry *e, int *hasSubs ));
-#ifdef SLAP_OVERLAY_ACCESS
-typedef int (BI_access_allowed) LDAP_P(( struct slap_op *op, Entry *e,
+typedef int (BI_access_allowed) LDAP_P(( Operation *op, Entry *e,
AttributeDescription *desc, struct berval *val, slap_access_t access,
AccessControlState *state, slap_mask_t *maskp ));
-typedef int (BI_acl_group) LDAP_P(( struct slap_op *op, Entry *target,
+typedef int (BI_acl_group) LDAP_P(( Operation *op, Entry *target,
struct berval *gr_ndn, struct berval *op_ndn,
ObjectClass *group_oc, AttributeDescription *group_at ));
-typedef int (BI_acl_attribute) LDAP_P(( struct slap_op *op, Entry *target,
+typedef int (BI_acl_attribute) LDAP_P(( Operation *op, Entry *target,
struct berval *entry_ndn, AttributeDescription *entry_at,
BerVarray *vals, slap_access_t access ));
-#endif /* SLAP_OVERLAY_ACCESS */
-typedef int (BI_connection_init) LDAP_P(( BackendDB *bd,
- struct slap_conn *c ));
-typedef int (BI_connection_destroy) LDAP_P(( BackendDB *bd,
- struct slap_conn *c ));
+typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, Connection *c ));
+typedef BI_conn_func BI_connection_init;
+typedef BI_conn_func BI_connection_destroy;
typedef int (BI_tool_entry_open) LDAP_P(( BackendDB *be, int mode ));
typedef int (BI_tool_entry_close) LDAP_P(( BackendDB *be ));
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id ));
+typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id, AttributeDescription **adv ));
typedef int (BI_tool_sync) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_dn2id_get) LDAP_P(( BackendDB *be, struct berval *dn ));
typedef int (BI_tool_id2entry_get) LDAP_P(( BackendDB *be, ID id, Entry **e ));
typedef ID (BI_tool_entry_modify) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-struct slap_backend_info {
+struct BackendInfo {
char *bi_type; /* type of backend */
/*
BI_entry_release_rw *bi_entry_release_rw;
BI_has_subordinates *bi_has_subordinates;
-#ifdef SLAP_OVERLAY_ACCESS
BI_access_allowed *bi_access_allowed;
BI_acl_group *bi_acl_group;
BI_acl_attribute *bi_acl_attribute;
-#endif /* SLAP_OVERLAY_ACCESS */
BI_connection_init *bi_connection_init;
BI_connection_destroy *bi_connection_destroy;
#define SLAP_BFLAG_SUBENTRIES 0x4000U
#define SLAP_BFLAG_DYNAMIC 0x8000U
+/* overlay specific */
+#define SLAPO_BFLAG_SINGLE 0x01000000U
+#define SLAPO_BFLAG_DBONLY 0x02000000U
+#define SLAPO_BFLAG_GLOBONLY 0x04000000U
+#define SLAPO_BFLAG_MASK 0xFF000000U
+
#define SLAP_BFLAGS(be) ((be)->bd_info->bi_flags)
#define SLAP_MONITOR(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_MONITOR)
#define SLAP_CONFIG(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_CONFIG)
#define SLAP_ALIASES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_ALIASES)
#define SLAP_REFERRALS(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_REFERRALS)
#define SLAP_SUBENTRIES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_SUBENTRIES)
-#define SLAP_DYNAMIC(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC)
+#define SLAP_DYNAMIC(be) ((SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC) || (SLAP_DBFLAGS(be) & SLAP_DBFLAG_DYNAMIC))
#define SLAP_NOLASTMODCMD(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_NOLASTMODCMD)
#define SLAP_LASTMODCMD(be) (!SLAP_NOLASTMODCMD(be))
+/* overlay specific */
+#define SLAPO_SINGLE(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_SINGLE)
+#define SLAPO_DBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DBONLY)
+#define SLAPO_GLOBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_GLOBONLY)
+
char **bi_controls; /* supported controls */
char bi_ctrls[SLAP_MAX_CIDS + 1];
unsigned int bi_nDB; /* number of databases of this type */
struct ConfigOCs *bi_cf_ocs;
- void *bi_private; /* anything the backend type needs */
- LDAP_STAILQ_ENTRY(slap_backend_info) bi_next ;
+ char **bi_obsolete_names;
+ void *bi_extra; /* backend type-specific APIs */
+ void *bi_private; /* backend type-specific config data */
+ LDAP_STAILQ_ENTRY(BackendInfo) bi_next ;
};
#define c_authtype c_authz.sai_method
#define c_authmech c_authz.sai_mech
#define c_dn c_authz.sai_dn
#define c_ndn c_authz.sai_ndn
-#define c_ssf c_authz.sai_ssf
+#define c_ssf c_authz.sai_ssf
#define c_transport_ssf c_authz.sai_transport_ssf
-#define c_tls_ssf c_authz.sai_tls_ssf
-#define c_sasl_ssf c_authz.sai_sasl_ssf
+#define c_tls_ssf c_authz.sai_tls_ssf
+#define c_sasl_ssf c_authz.sai_sasl_ssf
#define o_authtype o_authz.sai_method
#define o_authmech o_authz.sai_mech
#define o_dn o_authz.sai_dn
#define o_ndn o_authz.sai_ndn
-#define o_ssf o_authz.sai_ssf
+#define o_ssf o_authz.sai_ssf
#define o_transport_ssf o_authz.sai_transport_ssf
-#define o_tls_ssf o_authz.sai_tls_ssf
-#define o_sasl_ssf o_authz.sai_sasl_ssf
+#define o_tls_ssf o_authz.sai_tls_ssf
+#define o_sasl_ssf o_authz.sai_sasl_ssf
-typedef int (slap_response)( struct slap_op *, struct slap_rep * );
+typedef int (slap_response)( Operation *, SlapReply * );
typedef struct slap_callback {
struct slap_callback *sc_next;
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
-#define SLAP_CB_FREEME 0x4000
-#define SLAP_CB_CONTINUE 0x8000
+#define SLAP_CB_FREEME 0x04000
+#define SLAP_CB_BYPASS 0x08800
+#define SLAP_CB_CONTINUE 0x08000
/*
* Paged Results state
*/
typedef unsigned long PagedResultsCookie;
-typedef struct slap_paged_state {
+typedef struct PagedResultsState {
Backend *ps_be;
ber_int_t ps_size;
PagedResultsCookie ps_cookie;
/*
* Caches the result of a backend_group check for ACL evaluation
*/
-typedef struct slap_gacl {
- struct slap_gacl *ga_next;
+typedef struct GroupAssertion {
+ struct GroupAssertion *ga_next;
Backend *ga_be;
ObjectClass *ga_oc;
AttributeDescription *ga_at;
} GroupAssertion;
struct slap_control_ids {
+ int sc_LDAPsync;
int sc_assert;
- int sc_preRead;
- int sc_postRead;
- int sc_proxyAuthz;
- int sc_manageDIT;
+ int sc_domainScope;
+ int sc_dontUseCopy;
int sc_manageDSAit;
int sc_modifyIncrement;
int sc_noOp;
int sc_pagedResults;
-#ifdef LDAP_DEVEL
- int sc_sortedResults;
-#endif
- int sc_valuesReturnFilter;
int sc_permissiveModify;
- int sc_domainScope;
- int sc_treeDelete;
+ int sc_postRead;
+ int sc_preRead;
+ int sc_proxyAuthz;
+ int sc_relax;
int sc_searchOptions;
+#ifdef SLAP_SORTEDRESULTS
+ int sc_sortedResults;
+#endif
int sc_subentries;
- int sc_LDAPsync;
+ int sc_treeDelete;
+#ifdef LDAP_X_TXN
+ int sc_txnSpec;
+#endif
+ int sc_valuesReturnFilter;
};
/*
* represents an operation pending from an ldap client
*/
-typedef struct slap_op_header {
- unsigned long oh_opid; /* id of this operation */
- unsigned long oh_connid; /* id of conn initiating this op */
- struct slap_conn *oh_conn; /* connection spawning this op */
+typedef struct Opheader {
+ unsigned long oh_opid; /* id of this operation */
+ unsigned long oh_connid; /* id of conn initiating this op */
+ Connection *oh_conn; /* connection spawning this op */
ber_int_t oh_msgid; /* msgid of the request */
ber_int_t oh_protocol; /* version of the LDAP protocol used by client */
#endif
} Opheader;
-typedef struct slap_op {
+typedef union OpRequest {
+ req_add_s oq_add;
+ req_bind_s oq_bind;
+ req_compare_s oq_compare;
+ req_modify_s oq_modify;
+ req_modrdn_s oq_modrdn;
+ req_search_s oq_search;
+ req_abandon_s oq_abandon;
+ req_abandon_s oq_cancel;
+ req_extended_s oq_extended;
+ req_pwdexop_s oq_pwdexop;
+} OpRequest;
+
+struct Operation {
Opheader *o_hdr;
#define o_opid o_hdr->oh_opid
struct berval o_req_dn; /* DN of target of request */
struct berval o_req_ndn;
- union o_req_u {
- req_add_s oq_add;
- req_bind_s oq_bind;
- req_compare_s oq_compare;
- req_modify_s oq_modify;
- req_modrdn_s oq_modrdn;
- req_search_s oq_search;
- req_abandon_s oq_abandon;
- req_abandon_s oq_cancel;
- req_extended_s oq_extended;
- req_pwdexop_s oq_pwdexop;
- } o_request;
+ OpRequest o_request;
/* short hands for union members */
#define oq_add o_request.oq_add
#define orr_newSup oq_modrdn.rs_newSup
#define orr_nnewSup oq_modrdn.rs_nnewSup
#define orr_deleteoldrdn oq_modrdn.rs_deleteoldrdn
+#define orr_modlist oq_modrdn.rs_modlist
#define orc_ava oq_compare.rs_ava
#define ora_e oq_add.rs_e
#define orn_msgid oq_abandon.rs_msgid
#define orm_modlist oq_modify.rs_modlist
#define orm_increment oq_modify.rs_increment
+#define orm_no_opattrs oq_modify.rs_no_opattrs
#define ore_reqoid oq_extended.rs_reqoid
#define ore_flags oq_extended.rs_flags
GroupAssertion *o_groups;
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ slap_access_t o_acl_priv;
char o_nocaching;
char o_delete_glue_parent;
char o_no_schema_check;
#define get_no_schema_check(op) ((op)->o_no_schema_check)
+ char o_no_subordinate_glue;
+#define get_no_subordinate_glue(op) ((op)->o_no_subordinate_glue)
#define SLAP_CONTROL_NONE 0
#define SLAP_CONTROL_IGNORED 1
#define SLAP_CONTROL_DATA2 0x40
#define SLAP_CONTROL_DATA3 0x80
-
#define _SCM(x) ((x) & SLAP_CONTROL_MASK)
char o_ctrlflag[SLAP_MAX_CIDS]; /* per-control flags */
void **o_controls; /* per-control state */
-#define o_managedit o_ctrlflag[slap_cids.sc_manageDIT]
-#define get_manageDIT(op) _SCM((op)->o_managedit)
+#define o_dontUseCopy o_ctrlflag[slap_cids.sc_dontUseCopy]
+#define get_dontUseCopy(op) _SCM((op)->o_dontUseCopy)
+
+#define o_relax o_ctrlflag[slap_cids.sc_relax]
+#define get_relax(op) _SCM((op)->o_relax)
#define o_managedsait o_ctrlflag[slap_cids.sc_manageDSAit]
#define get_manageDSAit(op) _SCM((op)->o_managedsait)
#define o_valuesreturnfilter o_ctrlflag[slap_cids.sc_valuesReturnFilter]
#define o_vrFilter o_controls[slap_cids.sc_valuesReturnFilter]
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
#define o_permissive_modify o_ctrlflag[slap_cids.sc_permissiveModify]
#define get_permissiveModify(op) ((int)(op)->o_permissive_modify)
-#else
-#define get_permissiveModify(op) (0)
-#endif
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
#define o_domain_scope o_ctrlflag[slap_cids.sc_domainScope]
#define get_domainScope(op) ((int)(op)->o_domain_scope)
-#else
-#define get_domainScope(op) (0)
-#endif
-#ifdef SLAP_CONTROL_X_TREE_DELETE
#define o_tree_delete o_ctrlflag[slap_cids.sc_treeDelete]
#define get_treeDelete(op) ((int)(op)->o_tree_delete)
-#else
-#define get_treeDelete(op) (0)
-#endif
#define o_preread o_ctrlflag[slap_cids.sc_preRead]
#define o_postread o_ctrlflag[slap_cids.sc_postRead]
#define o_pagedresults_state o_controls[slap_cids.sc_pagedResults]
#define get_pagedresults(op) ((int)(op)->o_pagedresults)
-#ifdef LDAP_DEVEL
+#ifdef SLAP_SORTEDRESULTS
#define o_sortedresults o_ctrlflag[slap_cids.sc_sortedResults]
#endif
+#ifdef LDAP_X_TXN
+#define o_txnSpec o_ctrlflag[slap_cids.sc_txnSpec]
+#endif
+
#define o_sync o_ctrlflag[slap_cids.sc_LDAPsync]
AuthorizationInformation o_authz;
BerElement *o_res_ber; /* ber of the CLDAP reply or readback control */
slap_callback *o_callback; /* callback pointers */
LDAPControl **o_ctrls; /* controls */
+ struct berval o_csn;
void *o_private; /* anything the backend needs */
- LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
+ LDAP_STAILQ_ENTRY(Operation) o_next; /* next operation in list */
+};
-} Operation;
-#define OPERATION_BUFFER_SIZE (sizeof(Operation)+sizeof(Opheader)+SLAP_MAX_CIDS*sizeof(void *))
+typedef struct OperationBuffer {
+ Operation ob_op;
+ Opheader ob_hdr;
+ void *ob_controls[SLAP_MAX_CIDS];
+} OperationBuffer;
#define send_ldap_error( op, rs, err, text ) do { \
(rs)->sr_err = err; (rs)->sr_text = text; \
} while (0)
typedef void (SEND_LDAP_RESULT)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef int (SEND_SEARCH_ENTRY)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef int (SEND_SEARCH_REFERENCE)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef void (SEND_LDAP_EXTENDED)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef void (SEND_LDAP_INTERMEDIATE)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
#define send_ldap_result( op, rs ) \
((op)->o_conn->c_send_ldap_result)( op, rs )
/*
* represents a connection from an ldap client
*/
-typedef struct slap_conn {
+struct Connection {
int c_struct_state; /* structure management state */
int c_conn_state; /* connection state */
int c_conn_idx; /* slot in connections array */
ber_int_t c_protocol; /* version of the LDAP protocol used by client */
- LDAP_STAILQ_HEAD(c_o, slap_op) c_ops; /* list of operations being processed */
- LDAP_STAILQ_HEAD(c_po, slap_op) c_pending_ops; /* list of pending operations */
+ LDAP_STAILQ_HEAD(c_o, Operation) c_ops; /* list of operations being processed */
+ LDAP_STAILQ_HEAD(c_po, Operation) c_pending_ops; /* list of pending operations */
ldap_pvt_thread_mutex_t c_write_mutex; /* only one pdu written at a time */
ldap_pvt_thread_cond_t c_write_cv; /* used to wait for sd write-ready*/
#define CONN_IS_TLS 1
#define CONN_IS_UDP 2
-#define CONN_IS_CLIENT 3
+#define CONN_IS_CLIENT 4
+#define CONN_IS_IPC 8
#ifdef LDAP_CONNECTIONLESS
int c_is_udp; /* true if this is (C)LDAP over UDP */
void *c_sasl_authctx; /* SASL authentication context */
void *c_sasl_sockctx; /* SASL security layer context */
void *c_sasl_extra; /* SASL session extra stuff */
- struct slap_op *c_sasl_bindop; /* set to current op if it's a bind */
+ Operation *c_sasl_bindop; /* set to current op if it's a bind */
+
+#ifdef LDAP_X_TXN
+#define CONN_TXN_INACTIVE 0
+#define CONN_TXN_SPECIFY 1
+#define CONN_TXN_SETTLE -1
+ int c_txn;
+
+ Backend *c_txn_backend;
+ LDAP_STAILQ_HEAD(c_to, Operation) c_txn_ops; /* list of operations in txn */
+#endif
PagedResultsState c_pagedresults_state; /* paged result state */
long c_n_read; /* num of read calls */
long c_n_write; /* num of write calls */
- void *c_pb; /* Netscape plugin */
void *c_extensions; /* Netscape plugin */
/*
SEND_SEARCH_ENTRY *c_send_search_entry;
SEND_SEARCH_REFERENCE *c_send_search_reference;
SEND_LDAP_EXTENDED *c_send_ldap_extended;
-#ifdef LDAP_RES_INTERMEDIATE
SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
-#endif
+};
-} Connection;
+#ifdef LDAP_DEBUG
+#ifdef LDAP_SYSLOG
+#ifdef LOG_LOCAL4
+#define SLAP_DEFAULT_SYSLOG_USER LOG_LOCAL4
+#endif /* LOG_LOCAL4 */
-#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
- if ( ldap_syslog & (level) ) \
- syslog( ldap_syslog_level, (fmt), (connid), (opid), (arg1), \
- (arg2), (arg3) ); \
- } while (0)
+ Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
#define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level))
-#elif defined(LDAP_DEBUG)
+#else /* !LDAP_SYSLOG */
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
-#else
-#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )
+#endif /* !LDAP_SYSLOG */
+#else /* !LDAP_DEBUG */
+#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) ((void) 0)
#define StatslogTest( level ) (0)
-#endif
+#endif /* !LDAP_DEBUG */
/*
* listener; need to access it from monitor backend
#ifdef LDAP_CONNECTIONLESS
int sl_is_udp; /* UDP listener is also data port */
#endif
- int sl_is_mute; /* Listening is temporarily disabled */
+ int sl_mute; /* Listener is temporarily disabled due to emfile */
+#ifdef SLAP_LIGHTWEIGHT_DISPATCHER
+ int sl_busy; /* Listener is busy (accept thread activated) */
+#endif
ber_socket_t sl_sd;
Sockaddr sl_sa;
#define sl_addr sl_sa.sa_in_addr
/*
* Operation indices
*/
-enum {
+typedef enum {
SLAP_OP_BIND = 0,
SLAP_OP_UNBIND,
SLAP_OP_ADD,
SLAP_OP_ABANDON,
SLAP_OP_EXTENDED,
SLAP_OP_LAST
-};
+} slap_op_t;
typedef struct slap_counters_t {
ldap_pvt_thread_mutex_t sc_sent_mutex;
#define SLAP_CTRL_HIDE 0x80000000U
#endif
-#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for ManageDIT */
+#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for Relax */
#define SLAP_CTRL_GLOBAL 0x00800000U
#define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */
SlapReply *rs,
LDAPControl *ctrl ));
+typedef int (*SLAP_ENTRY_INFO_FN) LDAP_P(( void *arg, Entry *e ));
+
#define SLAP_SLAB_SIZE (1024*1024)
#define SLAP_SLAB_STACK 1
#define SLAP_SLAB_SOBLOCK 64
#define LDAP_COMP_FILTER_ITEM ((ber_tag_t) 0xa3U)
#define LDAP_COMP_FILTER_UNDEFINED ((ber_tag_t) 0xa4U)
-typedef struct slap_component_id {
- int ci_type;
- struct slap_component_id *ci_next;
+typedef struct ComponentId ComponentId;
+typedef struct ComponentReference ComponentReference;
+typedef struct ComponentAssertion ComponentAssertion;
+typedef struct ComponentAssertionValue ComponentAssertionValue;
+typedef struct ComponentSyntaxInfo ComponentSyntaxInfo;
+typedef struct ComponentDesc ComponentDesc;
+
+struct ComponentData {
+ void *cd_mem_op; /* nibble memory handler */
+ ComponentSyntaxInfo** cd_tree; /* component tree */
+};
+
+struct ComponentId {
+ int ci_type;
+ ComponentId *ci_next;
union comp_id_value{
BerValue ci_identifier;
BerValue ci_select_value;
char ci_all;
} ci_val;
-} ComponentId;
+};
-typedef struct slap_component_reference {
+struct ComponentReference {
ComponentId *cr_list;
ComponentId *cr_curr;
struct berval cr_string;
slap_mask_t cr_indexmask;
AttributeDescription* cr_ad;
BerVarray cr_nvals;
- struct slap_component_reference* cr_next;
-} ComponentReference;
+ ComponentReference* cr_next;
+};
-typedef struct slap_component_assertion {
+struct ComponentAssertion {
ComponentReference *ca_comp_ref;
ber_int_t ca_use_def;
MatchingRule *ca_ma_rule;
struct berval ca_ma_value;
ComponentData ca_comp_data; /* componentized assertion */
- struct slap_component_filter *ca_cf;
+ ComponentFilter *ca_cf;
MatchingRuleAssertion *ca_mra;
-} ComponentAssertion;
+};
-typedef struct slap_component_filter {
- ber_tag_t cf_choice;
+struct ComponentFilter {
+ ber_tag_t cf_choice;
union cf_un_u {
- ber_int_t cf_un_result;
- ComponentAssertion *cf_un_ca;
- struct slap_component_filter *cf_un_complex;
+ ber_int_t cf_un_result;
+ ComponentAssertion *cf_un_ca;
+ ComponentFilter *cf_un_complex;
} cf_un;
#define cf_ca cf_un.cf_un_ca
#define cf_not cf_un.cf_un_complex
#define cf_any cf_un.cf_un_complex
- struct slap_component_filter *cf_next;
-} ComponentFilter;
+ ComponentFilter *cf_next;
+};
-typedef struct slap_component_assertion_value {
+struct ComponentAssertionValue {
char* cav_buf;
char* cav_ptr;
char* cav_end;
-} ComponentAssertionValue;
+};
typedef int encoder_func LDAP_P((
void* b,
void* comp));
-struct slap_component_syntax_info;
-
typedef int gser_decoder_func LDAP_P((
void* mem_op,
void* b,
- struct slap_component_syntax_info** comp_syn_info,
+ ComponentSyntaxInfo** comp_syn_info,
int* len,
int mode));
void* b,
int tag,
int elmtLen,
- struct slap_component_syntax_info* comp_syn_info,
+ ComponentSyntaxInfo* comp_syn_info,
int* len,
int mode));
typedef int ber_tag_decoder_func LDAP_P((
void* mem_op,
void* b,
- struct slap_component_syntax_info* comp_syn_info,
+ ComponentSyntaxInfo* comp_syn_info,
int* len,
int mode));
typedef void free_nibble_func LDAP_P ((
void* nm ));
-struct slap_component_syntax_info;
typedef void convert_assert_to_comp_func LDAP_P ((
void *mem_op,
- struct slap_component_syntax_info* csi_attr,
+ ComponentSyntaxInfo* csi_attr,
struct berval* bv,
- struct slap_component_syntax_info** csi,
+ ComponentSyntaxInfo** csi,
int* len,
int mode ));
typedef int convert_asn_to_ldap_func LDAP_P ((
- struct slap_component_syntax_info* csi,
+ ComponentSyntaxInfo* csi,
struct berval *bv ));
typedef void free_component_func LDAP_P ((
typedef int test_component_func LDAP_P ((
void* attr_mem_op,
void* assert_mem_op,
- struct slap_component_syntax_info* csi,
- struct slap_component_assertion* ca));
+ ComponentSyntaxInfo* csi,
+ ComponentAssertion* ca));
typedef void* test_membership_func LDAP_P ((
void* in ));
typedef void* get_component_info_func LDAP_P ((
int in ));
-struct slap_component_syntax_info;
-
typedef int component_encoder_func LDAP_P ((
void* mem_op,
- struct slap_component_syntax_info* csi,
+ ComponentSyntaxInfo* csi,
struct berval* nvals ));
typedef int allcomponent_matching_func LDAP_P((
char* oid,
- struct slap_component_syntax_info* comp1,
- struct slap_component_syntax_info* comp));
+ ComponentSyntaxInfo* comp1,
+ ComponentSyntaxInfo* comp));
-typedef struct slap_component_desc {
+struct ComponentDesc {
/* Don't change the order of following four fields */
- int cd_tag;
- AttributeType *cd_comp_type;
- struct berval cd_ad_type;/* ad_type, ad_cname */
- struct berval cd_ad_cname;/* ad_type, ad_cname */
- unsigned cd_flags; /*ad_flags*/
- int cd_type;
- int cd_type_id;
- encoder_func *cd_ldap_encoder;
- encoder_func *cd_gser_encoder;
- encoder_func *cd_ber_encoder;
- gser_decoder_func *cd_gser_decoder;
- ber_decoder_func *cd_ber_decoder;
- comp_free_func *cd_free;
+ int cd_tag;
+ AttributeType *cd_comp_type;
+ struct berval cd_ad_type; /* ad_type, ad_cname */
+ struct berval cd_ad_cname; /* ad_type, ad_cname */
+ unsigned cd_flags; /* ad_flags */
+ int cd_type;
+ int cd_type_id;
+ encoder_func *cd_ldap_encoder;
+ encoder_func *cd_gser_encoder;
+ encoder_func *cd_ber_encoder;
+ gser_decoder_func *cd_gser_decoder;
+ ber_decoder_func *cd_ber_decoder;
+ comp_free_func *cd_free;
extract_component_from_id_func* cd_extract_i;
allcomponent_matching_func *cd_all_match;
-} ComponentDesc;
+};
-typedef struct slap_component_syntax_info {
- Syntax* csi_syntax;
- ComponentDesc* csi_comp_desc;
-} ComponentSyntaxInfo;
+struct ComponentSyntaxInfo {
+ Syntax *csi_syntax;
+ ComponentDesc *csi_comp_desc;
+};
-#endif
+#endif /* LDAP_COMP_MATCH */
/* slab heap data structures */
return 0; \
}
+typedef int (OV_init)(void);
+typedef struct slap_oinit_t {
+ const char *ov_type;
+ OV_init *ov_init;
+} OverlayInit;
+
LDAP_END_DECL
#include "proto-slap.h"