*/
#define SLAP_MOD_SOFTADD 0x1000
-#define ON (1)
-#define OFF (-1)
-#define UNDEFINED (0)
-
#define MAXREMATCHES (10)
#define SLAP_MAX_WORKER_THREADS (32)
+#define SLAP_SB_MAX_INCOMING_DEFAULT ((1<<18) - 1)
+#define SLAP_SB_MAX_INCOMING_AUTH ((1<<24) - 1)
+
#define SLAP_TEXT_BUFLEN (256)
/* psuedo error code indicating abandoned operation */
#define SLAPD_ROLE_CLASS "organizationalRole"
#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
-#define SLAPD_ACI_ATTR "OpenLDAPaci"
-
#define SLAPD_OCTETSTRING_SYNTAX "1.3.6.1.4.1.1466.115.121.1.40"
/* change this to "OpenLDAPset" */
#define SLAP_INDEX_DEFAULT SLAP_INDEX_EQUALITY
-#define IS_SLAP_INDEX(mask, type) (((mask) & (type)) == (type) )
+#define IS_SLAP_INDEX(mask, type) (((mask) & (type)) == (type))
#define SLAP_INDEX_SUBSTR_TYPE 0x0F00UL
#define SLAP_INDEX_FLAGS 0xF000UL
#define SLAP_INDEX_NOSUBTYPES 0x1000UL /* don't use index w/ subtypes */
#define SLAP_INDEX_NOLANG 0x2000UL /* don't use index w/ lang */
-#define SLAP_INDEX_AUTO_SUBTYPES 0x4000UL /* use mask with lang subtypes */
/*
* there is a single index for each attribute. these prefixes ensure
#define SLAP_INDEX_SUBSTR_INITIAL_PREFIX '^'
#define SLAP_INDEX_SUBSTR_FINAL_PREFIX '$'
#define SLAP_INDEX_CONT_PREFIX '.' /* prefix for continuation keys */
-#define SLAP_INDEX_UNKNOWN_PREFIX '?' /* prefix for unknown keys */
#define SLAP_SYNTAX_MATCHINGRULES_OID "1.3.6.1.4.1.1466.115.121.1.30"
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3"
struct slap_syntax *syntax, /* syntax of stored value */
struct slap_matching_rule *mr,
struct berval *prefix,
- BVarray values,
- BVarray *keys ));
+ BerVarray values,
+ BerVarray *keys ));
/* Filter index function */
typedef int slap_mr_filter_func LDAP_P((
struct slap_matching_rule *mr,
struct berval *prefix,
void * assertValue,
- BVarray *keys ));
+ BerVarray *keys ));
typedef struct slap_matching_rule {
LDAPMatchingRule smr_mrule;
- ber_len_t smr_oidlen;
+ ber_len_t smr_oidlen;
slap_mask_t smr_usage;
#define SLAP_MR_HIDE 0x8000U
MatchingRule *sat_approx;
MatchingRule *sat_ordering;
MatchingRule *sat_substr;
- Syntax *sat_syntax;
+ Syntax *sat_syntax;
+
AttributeTypeSchemaCheckFN *sat_check;
- struct slap_attr_desc *sat_ad;
+ slap_mask_t sat_flags;
+
struct slap_attribute_type *sat_next;
- ldap_pvt_thread_mutex_t sat_ad_mutex;
-#define sat_oid sat_atype.at_oid
-#define sat_names sat_atype.at_names
-#define sat_desc sat_atype.at_desc
+
+#define sat_oid sat_atype.at_oid
+#define sat_names sat_atype.at_names
+#define sat_desc sat_atype.at_desc
#define sat_obsolete sat_atype.at_obsolete
-#define sat_sup_oid sat_atype.at_sup_oid
+#define sat_sup_oid sat_atype.at_sup_oid
#define sat_equality_oid sat_atype.at_equality_oid
#define sat_ordering_oid sat_atype.at_ordering_oid
#define sat_substr_oid sat_atype.at_substr_oid
#define sat_single_value sat_atype.at_single_value
#define sat_collective sat_atype.at_collective
#define sat_no_user_mod sat_atype.at_no_user_mod
-#define sat_usage sat_atype.at_usage
+#define sat_usage sat_atype.at_usage
#define sat_extensions sat_atype.at_extensions
+
+ struct slap_attr_desc *sat_ad;
+ ldap_pvt_thread_mutex_t sat_ad_mutex;
} AttributeType;
#define is_at_operational(at) ((at)->sat_usage)
typedef struct slap_object_class {
LDAPObjectClass soc_oclass;
struct slap_object_class **soc_sups;
- AttributeType **soc_required;
- AttributeType **soc_allowed;
- ObjectClassSchemaCheckFN *sco_check;
- struct slap_object_class *soc_next;
-#define soc_oid soc_oclass.oc_oid
-#define soc_names soc_oclass.oc_names
-#define soc_desc soc_oclass.oc_desc
+ AttributeType **soc_required;
+ AttributeType **soc_allowed;
+ ObjectClassSchemaCheckFN *soc_check;
+ slap_mask_t soc_flags;
+#define soc_oid soc_oclass.oc_oid
+#define soc_names soc_oclass.oc_names
+#define soc_desc soc_oclass.oc_desc
#define soc_obsolete soc_oclass.oc_obsolete
#define soc_sup_oids soc_oclass.oc_sup_oids
-#define soc_kind soc_oclass.oc_kind
+#define soc_kind soc_oclass.oc_kind
#define soc_at_oids_must soc_oclass.oc_at_oids_must
#define soc_at_oids_may soc_oclass.oc_at_oids_may
#define soc_extensions soc_oclass.oc_extensions
+
+ struct slap_object_class *soc_next;
} ObjectClass;
+#define SLAP_OC_ALIAS 0x01
+#define SLAP_OC_REFERRAL 0x02
+#define SLAP_OC_SUBENTRY 0x04
+#define SLAP_OC_DYNAMICOBJECT 0x08
+#define SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY 0x10
+#define SLAP_OC__MASK 0x1F
+#define SLAP_OC__END 0x20
+
+#ifdef LDAP_EXTENDED_SCHEMA
+/*
+ * DIT content rule
+ */
+typedef struct slap_content_rule {
+ LDAPContentRule scr_crule;
+ ObjectClass *scr_sclass;
+ ObjectClass **scr_auxiliaries; /* optional */
+ AttributeType **scr_required; /* optional */
+ AttributeType **scr_allowed; /* optional */
+ AttributeType **scr_precluded; /* optional */
+#define scr_oid scr_crule.cr_oid
+#define scr_names scr_crule.cr_names
+#define scr_desc scr_crule.cr_desc
+#define scr_obsolete soc_oclass.cr_obsolete
+#define scr_cr_oids_aux soc_oclass.cr_oc_oids_aux
+#define scr_cr_oids_must soc_oclass.cr_at_oids_must
+#define scr_cr_oids_may soc_oclass.cr_at_oids_may
+#define scr_cr_oids_not soc_oclass.cr_at_oids_not
+} ContentRule;
+#endif
/*
* represents a recognized attribute description ( type + options )
struct berval ad_cname; /* canonical name, must be specified */
struct berval ad_lang; /* empty if no language tags */
unsigned ad_flags;
-#define SLAP_DESC_NONE 0x0U
-#define SLAP_DESC_BINARY 0x1U
+#define SLAP_DESC_NONE 0x00U
+#define SLAP_DESC_BINARY 0x01U
+#define SLAP_DESC_LANG_RANGE 0x80U
} AttributeDescription;
typedef struct slap_attr_name {
ObjectClass *an_oc;
} AttributeName;
-#define slap_ad_is_lang(ad) ( (ad)->ad_lang.bv_len != 0 )
-#define slap_ad_is_binary(ad) ( (int)((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 )
+#define slap_ad_is_lang(ad) ( (ad)->ad_lang.bv_len != 0 )
+#define slap_ad_is_lang_range(ad) \
+ ( ((ad)->ad_flags & SLAP_DESC_LANG_RANGE) ? 1 : 0 )
+#define slap_ad_is_binary(ad) \
+ ( ((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 )
/*
* pointers to schema elements used internally
ObjectClass *si_oc_rootdse;
ObjectClass *si_oc_subentry;
ObjectClass *si_oc_subschema;
- ObjectClass *si_oc_collectiveAttributes;
+ ObjectClass *si_oc_monitor;
+ ObjectClass *si_oc_collectiveAttributeSubentry;
ObjectClass *si_oc_dynamicObject;
/* objectClass attribute descriptions */
AttributeDescription *si_ad_modifyTimestamp;
AttributeDescription *si_ad_hasSubordinates;
AttributeDescription *si_ad_subschemaSubentry;
- AttributeDescription *si_ad_collectiveSubentry;
+ AttributeDescription *si_ad_collectiveSubentries;
AttributeDescription *si_ad_collectiveExclusions;
AttributeDescription *si_ad_entryUUID;
AttributeDescription *si_ad_entryCSN;
#define f_sub_final f_un.f_un_ssa->sa_final
#define f_mra f_un.f_un_mra
#define f_mr_rule f_un.f_un_mra->ma_rule
-#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
+#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
#define f_mr_desc f_un.f_un_mra->ma_desc
#define f_mr_value f_un.f_un_mra->ma_value
#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
*/
typedef struct slap_attr {
AttributeDescription *a_desc;
- BVarray a_vals;
+ BerVarray a_vals;
struct slap_attr *a_next;
+ unsigned a_flags;
+#define SLAP_ATTR_IXADD 0x1U
+#define SLAP_ATTR_IXDEL 0x2U
} Attribute;
Attribute *e_attrs; /* list of attributes + values */
+ slap_mask_t e_ocflags;
+
+ struct berval e_bv; /* For entry_encode/entry_decode */
+
/* for use by the backend for any purpose */
void* e_private;
} Entry;
int sm_op;
AttributeDescription *sm_desc;
struct berval sm_type;
- BVarray sm_bvalues;
+ BerVarray sm_bvalues;
} Modification;
typedef struct slap_mod_list {
typedef struct slap_authz_info {
ber_tag_t sai_method; /* LDAP_AUTH_* from <ldap.h> */
- char * sai_mech; /* SASL Mechanism */
+ struct berval sai_mech; /* SASL Mechanism */
struct berval sai_dn; /* DN for reporting purposes */
struct berval sai_ndn; /* Normalized DN */
int a_dn_self;
slap_style_t a_peername_style;
- char *a_peername_pat;
+ struct berval a_peername_pat;
slap_style_t a_sockname_style;
- char *a_sockname_pat;
+ struct berval a_sockname_pat;
slap_style_t a_domain_style;
- char *a_domain_pat;
+ struct berval a_domain_pat;
slap_style_t a_sockurl_style;
- char *a_sockurl_pat;
+ struct berval a_sockurl_pat;
slap_style_t a_set_style;
struct berval a_set_pat;
#define SLAP_BFLAG_REFERRALS 0x0200U
#define SLAP_BFLAG_SUBENTRIES 0x0400U
#define SLAP_BFLAG_MONITOR 0x1000U
+#define SLAP_BFLAG_DYNAMIC 0x2000U
slap_mask_t be_flags;
#define SLAP_LASTMOD(be) (!((be)->be_flags & SLAP_BFLAG_NOLASTMOD))
#define SLAP_ALIASES(be) ((be)->be_flags & SLAP_BFLAG_ALIASES)
#define SLAP_REFERRALS(be) ((be)->be_flags & SLAP_BFLAG_REFERRALS)
#define SLAP_SUBENTRIES(be) ((be)->be_flags & SLAP_BFLAG_SUBENTRIES)
#define SLAP_MONITOR(be) ((be)->be_flags & SLAP_BFLAG_MONITOR)
+#define SLAP_DYNAMIC(be) ((be)->be_flags & SLAP_BFLAG_DYNAMIC)
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
struct slap_replica_info **be_replica; /* replicas of this backend (in master) */
char *be_replogfile; /* replication log file (in master) */
struct berval be_update_ndn; /* allowed to make changes (in replicas) */
- BVarray be_update_refs; /* where to refer modifying clients to */
+ BerVarray be_update_refs; /* where to refer modifying clients to */
char *be_realm;
void *be_private; /* anything the backend database needs */
struct berval ** rspdata,
LDAPControl *** rspctrls,
const char ** text,
- BVarray *refs ));
+ BerVarray *refs ));
typedef int (BI_entry_release_rw) LDAP_P((BackendDB *bd,
struct slap_conn *c, struct slap_op *o,
struct slap_conn *c, struct slap_op *o,
Entry *e, struct berval *edn,
AttributeDescription *entry_at,
- BVarray *vals ));
+ BerVarray *vals ));
typedef int (BI_operational) LDAP_P((Backend *bd,
struct slap_conn *c, struct slap_op *o,
typedef ID (BI_tool_entry_first) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_entry_next) LDAP_P(( BackendDB *be ));
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
-typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e ));
+typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
+ struct berval *text ));
typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id ));
typedef int (BI_tool_sync) LDAP_P(( BackendDB *be ));
#define o_tls_ssf o_authz.sai_tls_ssf
#define o_sasl_ssf o_authz.sai_sasl_ssf
-struct slap_op;
-struct slap_conn;
-
typedef void (slap_response)( struct slap_conn *, struct slap_op *,
ber_tag_t, ber_int_t, ber_int_t, const char *, const char *,
- BVarray, const char *, struct berval *,
+ BerVarray, const char *, struct berval *,
struct berval *, LDAPControl ** );
typedef void (slap_sresult)( struct slap_conn *, struct slap_op *,
- ber_int_t, const char *, const char *, BVarray,
+ ber_int_t, const char *, const char *, BerVarray,
LDAPControl **, int nentries);
+typedef int (slap_sendentry)( BackendDB *, struct slap_conn *,
+ struct slap_op *, Entry *, AttributeName *, int, LDAPControl **);
+
+typedef struct slap_callback {
+ slap_response *sc_response;
+ slap_sresult *sc_sresult;
+ slap_sendentry *sc_sendentry;
+ void *sc_private;
+} slap_callback;
+
/*
* represents an operation pending from an ldap client
*/
typedef struct slap_op {
ber_int_t o_opid; /* id of this operation */
ber_int_t o_msgid; /* msgid of the request */
-#ifdef LDAP_CONNECTIONLESS
- Sockaddr o_peeraddr; /* UDP peer address */
-#endif
-
- ldap_pvt_thread_t o_tid; /* thread handling this op */
-
- BerElement *o_ber; /* ber of the request */
-
+ ber_int_t o_protocol; /* version of the LDAP protocol used by client */
ber_tag_t o_tag; /* tag of the request */
time_t o_time; /* time op was initiated */
-
- AuthorizationInformation o_authz;
-
- ber_int_t o_protocol; /* version of the LDAP protocol used by client */
-
- LDAPControl **o_ctrls; /* controls */
-
unsigned long o_connid; /* id of conn initiating this op */
-
- ldap_pvt_thread_mutex_t o_abandonmutex; /* protects o_abandon */
- int o_abandon; /* abandon flag */
- slap_response *o_response; /* callback function */
- slap_sresult *o_sresult; /* search result callback */
-
- LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
- void *o_private; /* anything the backend needs */
- void *o_glue; /* for the glue backend */
+ ldap_pvt_thread_t o_tid; /* thread handling this op */
#define SLAP_NO_CONTROL 0
#define SLAP_NONCRITICAL_CONTROL 1
#define SLAP_CRITICAL_CONTROL 2
-
char o_managedsait;
char o_subentries;
char o_subentries_visibility;
+ char o_noop;
+
+ char o_abandon; /* abandon flag */
+ ldap_pvt_thread_mutex_t o_abandonmutex; /* protects o_abandon */
+
+#ifdef LDAP_CONNECTIONLESS
+ Sockaddr o_peeraddr; /* UDP peer address */
+#endif
+ AuthorizationInformation o_authz;
+
+ BerElement *o_ber; /* ber of the request */
+ slap_callback *o_callback; /* callback pointers */
+ LDAPControl **o_ctrls; /* controls */
+
+ void *o_private; /* anything the backend needs */
+
+ LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
} Operation;
#define get_manageDSAit(op) ((int)(op)->o_managedsait)
* Caches the result of a backend_group check for ACL evaluation
*/
typedef struct slap_gacl {
- struct slap_gacl *next;
- Backend *be;
- ObjectClass *oc;
- AttributeDescription *at;
- int res;
- ber_len_t len;
- char ndn[1];
+ struct slap_gacl *ga_next;
+ Backend *ga_be;
+ ObjectClass *ga_oc;
+ AttributeDescription *ga_at;
+ int ga_res;
+ ber_len_t ga_len;
+ char ga_ndn[1];
} GroupAssertion;
/*
time_t c_activitytime; /* when the connection was last used */
unsigned long c_connid; /* id of this connection for stats*/
- char *c_listener_url; /* listener URL */
- char *c_peer_domain; /* DNS name of client */
- char *c_peer_name; /* peer name (trans=addr:port) */
- char *c_sock_name; /* sock name (trans=addr:port) */
+ struct berval c_listener_url; /* listener URL */
+ struct berval c_peer_domain; /* DNS name of client */
+ struct berval c_peer_name; /* peer name (trans=addr:port) */
+ struct berval c_sock_name; /* sock name (trans=addr:port) */
/* only can be changed by binding thread */
int c_sasl_bind_in_progress; /* multi-op bind in progress */
- char *c_sasl_bind_mech; /* mech in progress */
+ struct berval c_sasl_bind_mech; /* mech in progress */
struct berval c_cdn;
/* authentication backend */
void *c_sasl_context; /* SASL session context */
void *c_sasl_extra; /* SASL session extra stuff */
- long c_n_ops_received; /* num of ops received (next op_id) */
+ long c_n_ops_received; /* num of ops received (next op_id) */
long c_n_ops_executing; /* num of ops currently executing */
- long c_n_ops_pending; /* num of ops pending execution */
+ long c_n_ops_pending; /* num of ops pending execution */
long c_n_ops_completed; /* num of ops completed */
long c_n_get; /* num of get calls */
#define SASL_AUTHZ_DEST_ATTR "saslAuthzFrom"
typedef struct sasl_regexp {
- char *match; /* regexp match pattern */
- char *replace; /* regexp replace pattern */
- regex_t workspace; /* workspace for regexp engine */
- regmatch_t strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */
- int offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */
+ char *sr_match; /* regexp match pattern */
+ char *sr_replace; /* regexp replace pattern */
+ regex_t sr_workspace; /* workspace for regexp engine */
+ regmatch_t sr_strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */
+ int sr_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */
} SaslRegexp_t;
-/* Flags for telling slap_sasl_getdn() what type of identity is being passed */
-#define FLAG_GETDN_FINAL 1
-#define FLAG_GETDN_AUTHCID 2
-#define FLAG_GETDN_AUTHZID 4
-
/*
* listener; need to access it from monitor backend
*/
#ifdef LDAP_CONNECTIONLESS
int sl_is_udp; /* UDP listener is also data port */
#endif
- ber_socket_t sl_sd;
+ ber_socket_t sl_sd;
Sockaddr sl_sa;
#define sl_addr sl_sa.sa_in_addr
} Listener;