/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2008 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#define LDAP_SYNC_TIMESTAMP
#define SLAP_CONTROL_X_SORTEDRESULTS
#define SLAP_CONTROL_X_SESSION_TRACKING
+#define SLAP_CONTROL_X_WHATFAILED
+#define SLAP_CONFIG_DELETE
#endif
#define LDAP_DYNAMIC_OBJECTS
SLAP_SCHERR_SYN_NOT_FOUND,
SLAP_SCHERR_SYN_DUP,
SLAP_SCHERR_SYN_SUP_NOT_FOUND,
+ SLAP_SCHERR_SYN_SUBST_NOT_SPECIFIED,
+ SLAP_SCHERR_SYN_SUBST_NOT_FOUND,
SLAP_SCHERR_NO_NAME,
SLAP_SCHERR_NOT_SUPPORTED,
SLAP_SCHERR_BAD_DESCR,
#else
#define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */
#endif
+#define SLAP_SYNTAX_HARDCODE 0x10000U /* This is hardcoded schema */
Syntax **ssyn_sups;
struct ComponentDesc* ssync_comp_syntax;
#endif
- LDAP_SLIST_ENTRY(Syntax) ssyn_next;
+ LDAP_STAILQ_ENTRY(Syntax) ssyn_next;
};
#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
MatchingRule *si_mr_integerMatch;
MatchingRule *si_mr_integerFirstComponentMatch;
MatchingRule *si_mr_objectIdentifierFirstComponentMatch;
+ MatchingRule *si_mr_caseIgnoreMatch;
+ MatchingRule *si_mr_caseIgnoreListMatch;
/* Syntaxes */
Syntax *si_syn_directoryString;
slap_acl_state_t as_recorded;
int as_vd_acl_count;
int as_result;
+ int as_fe_done;
} AccessControlState;
#define ACL_STATE_INIT { NULL, NULL, NULL, \
- ACL_STATE_NOT_RECORDED, 0, 0 }
+ ACL_STATE_NOT_RECORDED, 0, 0, 0 }
+
+typedef struct AclRegexMatches {
+ int dn_count;
+ regmatch_t dn_data[MAXREMATCHES];
+ int val_count;
+ regmatch_t val_data[MAXREMATCHES];
+} AclRegexMatches;
/*
* Backend-info
char *sb_tls_cacertdir;
char *sb_tls_reqcert;
char *sb_tls_cipher_suite;
+ char *sb_tls_protocol_min;
#ifdef HAVE_OPENSSL_CRL
char *sb_tls_crlcheck;
#endif
struct slap_limits {
unsigned lm_flags; /* type of pattern */
+ /* Values must match lmpats[] in limits.c */
#define SLAP_LIMITS_UNDEFINED 0x0000U
#define SLAP_LIMITS_EXACT 0x0001U
#define SLAP_LIMITS_BASE SLAP_LIMITS_EXACT
#define SLAP_LIMITS_ANY 0x0008U
#define SLAP_LIMITS_MASK 0x000FU
-#define SLAP_LIMITS_TYPE_DN 0x0000U
+#define SLAP_LIMITS_TYPE_SELF 0x0000U
+#define SLAP_LIMITS_TYPE_DN SLAP_LIMITS_TYPE_SELF
#define SLAP_LIMITS_TYPE_GROUP 0x0010U
+#define SLAP_LIMITS_TYPE_THIS 0x0020U
#define SLAP_LIMITS_TYPE_MASK 0x00F0U
regex_t lm_regex; /* regex data for REGEX */
#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
#define SLAP_SYNCUUID_SET_SIZE 256
-#define SLAP_SYNC_UPDATE_MSGID 1
-
struct sync_cookie {
struct berval *ctxcsn;
struct berval octet_str;
#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */
+#define SLAP_DBFLAG_SHADOW_MASK (SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SINGLE_SHADOW|SLAP_DBFLAG_SYNC_SHADOW|SLAP_DBFLAG_SLURP_SHADOW)
+#define SLAP_DBFLAG_CLEAN 0x10000U /* was cleanly shutdown */
+#define SLAP_DBFLAG_ACL_ADD 0x20000U /* check attr ACLs on adds */
slap_mask_t be_flags;
#define SLAP_DBFLAGS(be) ((be)->be_flags)
#define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD)
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
+#define SLAP_DBCLEAN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_CLEAN)
+#define SLAP_DBACL_ADD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ACL_ADD)
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
#define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */
#define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */
+#define SLAP_DISALLOW_PROXY_AUTHZ_N_CRIT 0x0100U
+#define SLAP_DISALLOW_DONTUSECOPY_N_CRIT 0x0200U
+
#define SLAP_DISALLOW_AUX_WO_CR 0x4000U
slap_mask_t be_requires; /* pre-operation requirements */
BerVarray be_update_refs; /* where to refer modifying clients to */
struct be_pcl *be_pending_csn_list;
ldap_pvt_thread_mutex_t be_pcl_mutex;
- ldap_pvt_thread_mutex_t *be_pcl_mutexp;
struct syncinfo_s *be_syncinfo; /* For syncrepl */
void *be_pb; /* Netscape plugin */
#define REP_REF_MUSTBEFREED 0x0020U
#define REP_REF_MASK (REP_REF_MUSTBEFREED)
+#define REP_CTRLS_MUSTBEFREED 0x0040U
+#define REP_CTRLS_MASK (REP_CTRLS_MUSTBEFREED)
+
#define REP_NO_ENTRYDN 0x1000U
#define REP_NO_SUBSCHEMA 0x2000U
#define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
struct slap_csn_entry {
struct berval ce_csn;
+ int ce_sid;
unsigned long ce_opid;
unsigned long ce_connid;
#define SLAP_CSN_PENDING 1
int sc_sessionTracking;
#endif
int sc_valuesReturnFilter;
+#ifdef SLAP_CONTROL_X_WHATFAILED
+ int sc_whatFailed;
+#endif
};
/*
GroupAssertion *o_groups;
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ char o_dont_replicate;
slap_access_t o_acl_priv;
char o_nocaching;
#define get_sessionTracking(op) ((int)(op)->o_session_tracking)
#endif
+#ifdef SLAP_CONTROL_X_WHATFAILED
+#define o_whatFailed o_ctrlflag[slap_cids.sc_whatFailed]
+#define get_whatFailed(op) _SCM((op)->o_whatFailed)
+#endif
+
#define o_sync o_ctrlflag[slap_cids.sc_LDAPsync]
AuthorizationInformation o_authz;
LDAP_STAILQ_HEAD(c_o, Operation) c_ops; /* list of operations being processed */
LDAP_STAILQ_HEAD(c_po, Operation) c_pending_ops; /* list of pending operations */
- ldap_pvt_thread_mutex_t c_write_mutex; /* only one pdu written at a time */
- ldap_pvt_thread_cond_t c_write_cv; /* used to wait for sd write-ready*/
+ ldap_pvt_thread_mutex_t c_write1_mutex; /* only one pdu written at a time */
+ ldap_pvt_thread_cond_t c_write1_cv; /* only one pdu written at a time */
+ ldap_pvt_thread_mutex_t c_write2_mutex; /* used to wait for sd write-ready */
+ ldap_pvt_thread_cond_t c_write2_cv; /* used to wait for sd write-ready*/
BerElement *c_currentber; /* ber we're attempting to read */
+ int c_writers; /* number of writers waiting */
char c_sasl_bind_in_progress; /* multi-op bind in progress */
+ char c_writewaiter; /* true if blocked on write */
- char c_writewaiter; /* true if writer is waiting */
#define CONN_IS_TLS 1
#define CONN_IS_UDP 2
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
+ lutil_debug( ldap_debug, (level), (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
#endif /* !LDAP_SYSLOG */
projects / openldap / blobdiff