/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
LDAP_BEGIN_DECL
-#define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */
-#ifdef LDAP_PVT_THREAD_POOL_SEM_LOAD_CONTROL
-#define SLAP_SEM_LOAD_CONTROL
-#endif
-
#ifdef LDAP_DEVEL
#define LDAP_COLLECTIVE_ATTRIBUTES
#define LDAP_COMP_MATCH
#define LDAP_SYNC_TIMESTAMP
-#define SLAP_SORTEDRESULTS
+#define SLAP_CONTROL_X_SESSION_TRACKING
+#define SLAP_CONTROL_X_WHATFAILED
+#define SLAP_CONFIG_DELETE
#endif
-#define SLAP_RELAX
#define LDAP_DYNAMIC_OBJECTS
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
#define SLAP_DISTPROC
#define SERVICE_NAME OPENLDAP_PACKAGE "-slapd"
#define SLAPD_ANONYMOUS ""
+#ifdef HAVE_TCPD
+# include <tcpd.h>
+# define SLAP_STRING_UNKNOWN STRING_UNKNOWN
+#else /* ! TCP Wrappers */
+# define SLAP_STRING_UNKNOWN "unknown"
+#endif /* ! TCP Wrappers */
+
/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h!
* This is a value used internally by the backends. It is needed to allow
* adding values that already exist without getting an error as required by
* on normalized/pretty DN, such that ';' is never used
* as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c) ((c) == ',')
-#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
+#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
#define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"')
#define SLAP_INDEX_SUBSTR_ANY_LEN_DEFAULT 4
#define SLAP_INDEX_SUBSTR_ANY_STEP_DEFAULT 2
+/* default for ordered integer index keys */
+#define SLAP_INDEX_INTLEN_DEFAULT 4
+
#define SLAP_INDEX_FLAGS 0xF000UL
#define SLAP_INDEX_NOSUBTYPES 0x1000UL /* don't use index w/ subtypes */
#define SLAP_INDEX_NOTAGS 0x2000UL /* don't use index w/ tags */
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3"
#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37"
#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31"
-#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
+#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16"
/*
* represents schema information for a database
SLAP_SCHERR_MR_DUP,
SLAP_SCHERR_SYN_NOT_FOUND,
SLAP_SCHERR_SYN_DUP,
+ SLAP_SCHERR_SYN_SUP_NOT_FOUND,
+ SLAP_SCHERR_SYN_SUBST_NOT_SPECIFIED,
+ SLAP_SCHERR_SYN_SUBST_NOT_FOUND,
SLAP_SCHERR_NO_NAME,
SLAP_SCHERR_NOT_SUPPORTED,
SLAP_SCHERR_BAD_DESCR,
SLAP_SCHERR_LAST
};
-typedef union slap_sockaddr {
+/* forward declarations */
+typedef struct Syntax Syntax;
+typedef struct MatchingRule MatchingRule;
+typedef struct MatchingRuleUse MatchingRuleUse;
+typedef struct MatchingRuleAssertion MatchingRuleAssertion;
+typedef struct OidMacro OidMacro;
+typedef struct ObjectClass ObjectClass;
+typedef struct AttributeType AttributeType;
+typedef struct AttributeDescription AttributeDescription;
+typedef struct AttributeName AttributeName;
+typedef struct ContentRule ContentRule;
+
+typedef struct AttributeAssertion AttributeAssertion;
+typedef struct SubstringsAssertion SubstringsAssertion;
+typedef struct Filter Filter;
+typedef struct ValuesReturnFilter ValuesReturnFilter;
+typedef struct Attribute Attribute;
+#ifdef LDAP_COMP_MATCH
+typedef struct ComponentData ComponentData;
+typedef struct ComponentFilter ComponentFilter;
+#endif
+
+typedef struct Entry Entry;
+typedef struct Modification Modification;
+typedef struct Modifications Modifications;
+typedef struct LDAPModList LDAPModList;
+
+typedef struct BackendInfo BackendInfo; /* per backend type */
+typedef struct BackendDB BackendDB; /* per backend database */
+
+typedef struct Connection Connection;
+typedef struct Operation Operation;
+typedef struct SlapReply SlapReply;
+/* end of forward declarations */
+
+typedef union Sockaddr {
struct sockaddr sa_addr;
struct sockaddr_in sa_in_addr;
#ifdef LDAP_PF_INET6
extern int slap_inet4or6;
#endif
-typedef struct slap_oid_macro {
+struct OidMacro {
struct berval som_oid;
BerVarray som_names;
BerVarray som_subs;
#define SLAP_OM_HARDCODE 0x10000U /* This is hardcoded schema */
int som_flags;
- LDAP_STAILQ_ENTRY(slap_oid_macro) som_next;
-} OidMacro;
-
-/* forward declarations */
-struct slap_syntax;
-struct slap_matching_rule;
+ LDAP_STAILQ_ENTRY(OidMacro) som_next;
+};
typedef int slap_syntax_validate_func LDAP_P((
- struct slap_syntax *syntax,
+ Syntax *syntax,
struct berval * in));
typedef int slap_syntax_transform_func LDAP_P((
- struct slap_syntax *syntax,
+ Syntax *syntax,
struct berval * in,
struct berval * out,
void *memctx));
struct ComponentDesc;
#endif
-typedef struct slap_syntax {
+struct Syntax {
LDAPSyntax ssyn_syn;
#define ssyn_oid ssyn_syn.syn_oid
#define ssyn_desc ssyn_syn.syn_desc
#else
#define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */
#endif
+#define SLAP_SYNTAX_HARDCODE 0x10000U /* This is hardcoded schema */
+
+ Syntax **ssyn_sups;
slap_syntax_validate_func *ssyn_validate;
slap_syntax_transform_func *ssyn_pretty;
struct ComponentDesc* ssync_comp_syntax;
#endif
- LDAP_SLIST_ENTRY(slap_syntax) ssyn_next;
-} Syntax;
+ LDAP_STAILQ_ENTRY(Syntax) ssyn_next;
+};
#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
#define slap_syntax_is_blob(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
typedef struct slap_syntax_defs_rec {
char *sd_desc;
int sd_flags;
+ char **sd_sups;
slap_syntax_validate_func *sd_validate;
slap_syntax_transform_func *sd_pretty;
#ifdef SLAPD_BINARY_CONVERSION
/* Normalizer */
typedef int slap_mr_normalize_func LDAP_P((
slap_mask_t use,
- struct slap_syntax *syntax, /* NULL if in is asserted value */
- struct slap_matching_rule *mr,
- struct berval * in,
- struct berval * out,
+ Syntax *syntax, /* NULL if in is asserted value */
+ MatchingRule *mr,
+ struct berval *in,
+ struct berval *out,
void *memctx ));
/* Match (compare) function */
typedef int slap_mr_match_func LDAP_P((
int *match,
slap_mask_t use,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
- struct berval * value,
- void * assertValue ));
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
+ struct berval *value,
+ void *assertValue ));
/* Index generation function */
typedef int slap_mr_indexer_func LDAP_P((
slap_mask_t use,
slap_mask_t mask,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
struct berval *prefix,
BerVarray values,
BerVarray *keys,
typedef int slap_mr_filter_func LDAP_P((
slap_mask_t use,
slap_mask_t mask,
- struct slap_syntax *syntax, /* syntax of stored value */
- struct slap_matching_rule *mr,
+ Syntax *syntax, /* syntax of stored value */
+ MatchingRule *mr,
struct berval *prefix,
- void * assertValue,
+ void *assertValue,
BerVarray *keys,
void *memctx ));
-typedef struct slap_matching_rule_use MatchingRuleUse;
-
-typedef struct slap_matching_rule {
+struct MatchingRule {
LDAPMatchingRule smr_mrule;
MatchingRuleUse *smr_mru;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smr_str;
/*
* Note: the former
struct berval smr_bvoid;
#define smr_oidlen smr_bvoid.bv_len
- slap_mask_t smr_usage;
+ slap_mask_t smr_usage;
#ifdef LDAP_DEVEL
#define SLAP_MR_HIDE 0x0000U
#define SLAP_MR_HIDE 0x8000U
#endif
-#define SLAP_MR_MUTATION_NORMALIZER 0x4000U
+#define SLAP_MR_MUTATION_NORMALIZER 0x4000U
#define SLAP_MR_TYPE_MASK 0x0F00U
-#define SLAP_MR_SUBTYPE_MASK 0x00F0U
+#define SLAP_MR_SUBTYPE_MASK 0x00F0U
#define SLAP_MR_USAGE 0x000FU
#define SLAP_MR_NONE 0x0000U
#define SLAP_MR_EQUALITY 0x0100U
#define SLAP_MR_ORDERING 0x0200U
#define SLAP_MR_SUBSTR 0x0400U
-#define SLAP_MR_EXT 0x0800U /* implicitly extensible */
-#define SLAP_MR_ORDERED_INDEX 0x1000U
+#define SLAP_MR_EXT 0x0800U /* implicitly extensible */
+#define SLAP_MR_ORDERED_INDEX 0x1000U
#ifdef LDAP_COMP_MATCH
#define SLAP_MR_COMPONENT 0x2000U
#endif
#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U )
#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0010U )
-#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U )
+#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U )
#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0040U )
*/
#define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX 0x0001U
#define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX 0x0002U
-#define SLAP_MR_VALUE_OF_SYNTAX 0x0003U
+#define SLAP_MR_VALUE_OF_SYNTAX (SLAP_MR_VALUE_OF_ASSERTION_SYNTAX|SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX)
+#define SLAP_MR_DENORMALIZE (SLAP_MR_MUTATION_NORMALIZER)
#define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
#else
#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) (1)
#endif
+#define SLAP_MR_IS_DENORMALIZE( usage ) \
+ ((usage) & SLAP_MR_DENORMALIZE )
/* either or both the asserted value or attribute value
* may be provided in normalized form
#define SLAP_IS_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH( usage ) \
((usage) & SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH )
- Syntax *smr_syntax;
+ Syntax *smr_syntax;
slap_mr_convert_func *smr_convert;
slap_mr_normalize_func *smr_normalize;
- slap_mr_match_func *smr_match;
+ slap_mr_match_func *smr_match;
slap_mr_indexer_func *smr_indexer;
- slap_mr_filter_func *smr_filter;
+ slap_mr_filter_func *smr_filter;
/*
* null terminated array of syntaxes compatible with this syntax
* note: when MS_EXT is set, this MUST NOT contain the assertion
* syntax of the rule. When MS_EXT is not set, it MAY.
*/
- Syntax **smr_compat_syntaxes;
+ Syntax **smr_compat_syntaxes;
/*
* For equality rules, refers to an associated approximate rule.
* For non-equality rules, refers to an associated equality rule.
*/
- struct slap_matching_rule *smr_associated;
+ MatchingRule *smr_associated;
#define SLAP_MR_ASSOCIATED(mr,amr) \
(((mr) == (amr)) || ((mr)->smr_associated == (amr)))
- LDAP_SLIST_ENTRY(slap_matching_rule)smr_next;
+ LDAP_SLIST_ENTRY(MatchingRule) smr_next;
#define smr_oid smr_mrule.mr_oid
#define smr_names smr_mrule.mr_names
#define smr_obsolete smr_mrule.mr_obsolete
#define smr_syntax_oid smr_mrule.mr_syntax_oid
#define smr_extensions smr_mrule.mr_extensions
-} MatchingRule;
+};
-struct slap_matching_rule_use {
+struct MatchingRuleUse {
LDAPMatchingRuleUse smru_mruleuse;
MatchingRule *smru_mr;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smru_str;
- LDAP_SLIST_ENTRY(slap_matching_rule_use) smru_next;
+ LDAP_SLIST_ENTRY(MatchingRuleUse) smru_next;
#define smru_oid smru_mruleuse.mru_oid
#define smru_names smru_mruleuse.mru_names
char * mrd_associated;
} slap_mrule_defs_rec;
-struct slap_backend_db;
-struct slap_entry;
-struct slap_attr;
-
typedef int (AttributeTypeSchemaCheckFN)(
- struct slap_backend_db *be,
- struct slap_entry *e,
- struct slap_attr *attr,
+ BackendDB *be,
+ Entry *e,
+ Attribute *attr,
const char** text,
char *textbuf, size_t textlen );
-typedef struct slap_attribute_type {
+struct AttributeType {
LDAPAttributeType sat_atype;
struct berval sat_cname;
- struct slap_attribute_type *sat_sup;
- struct slap_attribute_type **sat_subtypes;
+ AttributeType *sat_sup;
+ AttributeType **sat_subtypes;
MatchingRule *sat_equality;
MatchingRule *sat_approx;
MatchingRule *sat_ordering;
MatchingRule *sat_substr;
- Syntax *sat_syntax;
+ Syntax *sat_syntax;
AttributeTypeSchemaCheckFN *sat_check;
- char *sat_oidmacro;
+ char *sat_oidmacro; /* attribute OID */
+ char *sat_soidmacro; /* syntax OID */
#define SLAP_AT_NONE 0x0000U
#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */
#define SLAP_AT_MANAGEABLE 0x0800U /* no-user-mod can be by-passed */
+/* Note: ORDERED values have an ordering specifically set by the
+ * user, denoted by the {x} ordering prefix on the values.
+ *
+ * SORTED values are simply sorted by memcmp. SORTED values can
+ * be efficiently located by binary search. ORDERED values have no
+ * such advantage. An attribute cannot have both properties.
+ */
#define SLAP_AT_ORDERED_VAL 0x0001U /* values are ordered */
#define SLAP_AT_ORDERED_SIB 0x0002U /* siblings are ordered */
#define SLAP_AT_ORDERED 0x0003U /* value has order index */
-#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_SORTED_VAL 0x0010U /* values should be sorted */
- slap_mask_t sat_flags;
+#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_DELETED 0x20000U
- LDAP_STAILQ_ENTRY(slap_attribute_type) sat_next;
+ slap_mask_t sat_flags;
+
+ LDAP_STAILQ_ENTRY(AttributeType) sat_next;
#define sat_oid sat_atype.at_oid
#define sat_names sat_atype.at_names
#define sat_desc sat_atype.at_desc
-#define sat_obsolete sat_atype.at_obsolete
+#define sat_obsolete sat_atype.at_obsolete
#define sat_sup_oid sat_atype.at_sup_oid
-#define sat_equality_oid sat_atype.at_equality_oid
-#define sat_ordering_oid sat_atype.at_ordering_oid
-#define sat_substr_oid sat_atype.at_substr_oid
-#define sat_syntax_oid sat_atype.at_syntax_oid
-#define sat_single_value sat_atype.at_single_value
-#define sat_collective sat_atype.at_collective
-#define sat_no_user_mod sat_atype.at_no_user_mod
+#define sat_equality_oid sat_atype.at_equality_oid
+#define sat_ordering_oid sat_atype.at_ordering_oid
+#define sat_substr_oid sat_atype.at_substr_oid
+#define sat_syntax_oid sat_atype.at_syntax_oid
+#define sat_single_value sat_atype.at_single_value
+#define sat_collective sat_atype.at_collective
+#define sat_no_user_mod sat_atype.at_no_user_mod
#define sat_usage sat_atype.at_usage
-#define sat_extensions sat_atype.at_extensions
+#define sat_extensions sat_atype.at_extensions
- struct slap_attr_desc *sat_ad;
+ AttributeDescription *sat_ad;
ldap_pvt_thread_mutex_t sat_ad_mutex;
-} AttributeType;
+};
#define is_at_operational(at) ((at)->sat_usage)
#define is_at_single_value(at) ((at)->sat_single_value)
#define is_at_obsolete(at) ((at)->sat_obsolete)
#define is_at_no_user_mod(at) ((at)->sat_no_user_mod)
-struct slap_object_class;
-
typedef int (ObjectClassSchemaCheckFN)(
- struct slap_backend_db *be,
- struct slap_entry *e,
- struct slap_object_class *oc,
+ BackendDB *be,
+ Entry *e,
+ ObjectClass *oc,
const char** text,
char *textbuf, size_t textlen );
-typedef struct slap_object_class {
+struct ObjectClass {
LDAPObjectClass soc_oclass;
struct berval soc_cname;
- struct slap_object_class **soc_sups;
- AttributeType **soc_required;
- AttributeType **soc_allowed;
+ ObjectClass **soc_sups;
+ AttributeType **soc_required;
+ AttributeType **soc_allowed;
ObjectClassSchemaCheckFN *soc_check;
- char *soc_oidmacro;
- slap_mask_t soc_flags;
+ char *soc_oidmacro;
+ slap_mask_t soc_flags;
#define soc_oid soc_oclass.oc_oid
#define soc_names soc_oclass.oc_names
#define soc_desc soc_oclass.oc_desc
-#define soc_obsolete soc_oclass.oc_obsolete
-#define soc_sup_oids soc_oclass.oc_sup_oids
+#define soc_obsolete soc_oclass.oc_obsolete
+#define soc_sup_oids soc_oclass.oc_sup_oids
#define soc_kind soc_oclass.oc_kind
-#define soc_at_oids_must soc_oclass.oc_at_oids_must
-#define soc_at_oids_may soc_oclass.oc_at_oids_may
-#define soc_extensions soc_oclass.oc_extensions
+#define soc_at_oids_must soc_oclass.oc_at_oids_must
+#define soc_at_oids_may soc_oclass.oc_at_oids_may
+#define soc_extensions soc_oclass.oc_extensions
- LDAP_STAILQ_ENTRY(slap_object_class) soc_next;
-} ObjectClass;
+ LDAP_STAILQ_ENTRY(ObjectClass) soc_next;
+};
#define SLAP_OCF_SET_FLAGS 0x1
#define SLAP_OCF_CHECK_SUP 0x2
#define SLAP_OC_HIDE 0x8000
#endif
#define SLAP_OC_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_OC_DELETED 0x20000U
/*
* DIT content rule
*/
-typedef struct slap_content_rule {
+struct ContentRule {
LDAPContentRule scr_crule;
- ObjectClass *scr_sclass;
- ObjectClass **scr_auxiliaries; /* optional */
+ ObjectClass *scr_sclass;
+ ObjectClass **scr_auxiliaries; /* optional */
AttributeType **scr_required; /* optional */
AttributeType **scr_allowed; /* optional */
AttributeType **scr_precluded; /* optional */
-#define scr_oid scr_crule.cr_oid
-#define scr_names scr_crule.cr_names
-#define scr_desc scr_crule.cr_desc
+#define scr_oid scr_crule.cr_oid
+#define scr_names scr_crule.cr_names
+#define scr_desc scr_crule.cr_desc
#define scr_obsolete scr_crule.cr_obsolete
#define scr_oc_oids_aux scr_crule.cr_oc_oids_aux
#define scr_at_oids_must scr_crule.cr_at_oids_must
#define scr_at_oids_may scr_crule.cr_at_oids_may
#define scr_at_oids_not scr_crule.cr_at_oids_not
- char *scr_oidmacro;
-#define SLAP_CR_HARDCODE 0x10000U
- int scr_flags;
+ char *scr_oidmacro;
+#define SLAP_CR_HARDCODE 0x10000U
+ int scr_flags;
- LDAP_STAILQ_ENTRY( slap_content_rule ) scr_next;
-} ContentRule;
+ LDAP_STAILQ_ENTRY( ContentRule ) scr_next;
+};
/* Represents a recognized attribute description ( type + options ). */
-typedef struct slap_attr_desc {
- struct slap_attr_desc *ad_next;
- AttributeType *ad_type; /* attribute type, must be specified */
- struct berval ad_cname; /* canonical name, must be specified */
- struct berval ad_tags; /* empty if no tagging options */
+struct AttributeDescription {
+ AttributeDescription *ad_next;
+ AttributeType *ad_type; /* attribute type, must be specified */
+ struct berval ad_cname; /* canonical name, must be specified */
+ struct berval ad_tags; /* empty if no tagging options */
unsigned ad_flags;
-#define SLAP_DESC_NONE 0x00U
-#define SLAP_DESC_BINARY 0x01U
-#define SLAP_DESC_TAG_RANGE 0x80U
-} AttributeDescription;
+#define SLAP_DESC_NONE 0x00U
+#define SLAP_DESC_BINARY 0x01U
+#define SLAP_DESC_TAG_RANGE 0x80U
+#define SLAP_DESC_TEMPORARY 0x1000U
+};
/* flags to slap_*2undef_ad to register undefined (0, the default)
* or proxied (SLAP_AD_PROXIED) AttributeDescriptions; the additional
* SLAP_AD_NOINSERT is to lookup without insert */
-#define SLAP_AD_UNDEF 0x00U
-#define SLAP_AD_PROXIED 0x01U
-#define SLAP_AD_NOINSERT 0x02U
-
-typedef struct slap_attr_name {
- struct berval an_name;
- AttributeDescription *an_desc;
- int an_oc_exclude;
- ObjectClass *an_oc;
-} AttributeName;
+#define SLAP_AD_UNDEF 0x00U
+#define SLAP_AD_PROXIED 0x01U
+#define SLAP_AD_NOINSERT 0x02U
+
+#define SLAP_AN_OCEXCLUDE 0x01
+#define SLAP_AN_OCINITED 0x02
+
+struct AttributeName {
+ struct berval an_name;
+ AttributeDescription *an_desc;
+ int an_flags;
+ ObjectClass *an_oc;
+};
#define slap_ad_is_tagged(ad) ( (ad)->ad_tags.bv_len != 0 )
#define slap_ad_is_tag_range(ad) \
#ifdef SLAPD_AUTHPASSWD
AttributeDescription *si_ad_authPassword;
AttributeDescription *si_ad_authPasswordSchemes;
-#endif
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- AttributeDescription *si_ad_krbName;
#endif
AttributeDescription *si_ad_description;
AttributeDescription *si_ad_seeAlso;
MatchingRule *si_mr_integerMatch;
MatchingRule *si_mr_integerFirstComponentMatch;
MatchingRule *si_mr_objectIdentifierFirstComponentMatch;
+ MatchingRule *si_mr_caseIgnoreMatch;
+ MatchingRule *si_mr_caseIgnoreListMatch;
/* Syntaxes */
Syntax *si_syn_directoryString;
Syntax *si_syn_objectClassDesc;
};
-typedef struct slap_attr_assertion {
+struct AttributeAssertion {
AttributeDescription *aa_desc;
- struct berval aa_value;
+ struct berval aa_value;
#ifdef LDAP_COMP_MATCH
- struct slap_component_filter *aa_cf;/* for attribute aliasing */
+ ComponentFilter *aa_cf; /* for attribute aliasing */
+#endif
+};
+#ifdef LDAP_COMP_MATCH
+#define ATTRIBUTEASSERTION_INIT { NULL, BER_BVNULL, NULL }
+#else
+#define ATTRIBUTEASSERTION_INIT { NULL, BER_BVNULL }
#endif
-} AttributeAssertion;
-typedef struct slap_ss_assertion {
+struct SubstringsAssertion {
AttributeDescription *sa_desc;
struct berval sa_initial;
struct berval *sa_any;
struct berval sa_final;
-} SubstringsAssertion;
-
-#ifdef LDAP_COMP_MATCH
-struct slap_component_filter;
-#endif
+};
-typedef struct slap_mr_assertion {
- MatchingRule *ma_rule; /* optional */
- struct berval ma_rule_text; /* optional */
+struct MatchingRuleAssertion {
AttributeDescription *ma_desc; /* optional */
- int ma_dnattrs; /* boolean */
struct berval ma_value; /* required */
+ MatchingRule *ma_rule; /* optional */
+ struct berval ma_rule_text; /* optional */
+ int ma_dnattrs; /* boolean */
#ifdef LDAP_COMP_MATCH
- struct slap_component_filter* ma_cf; /* component filter */
+ ComponentFilter *ma_cf; /* component filter */
#endif
-} MatchingRuleAssertion;
+};
/*
* represents a search filter
*/
-typedef struct slap_filter {
+struct Filter {
ber_tag_t f_choice; /* values taken from ldap.h, plus: */
-#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
-#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
-#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
-#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
+#define SLAPD_FILTER_COMPUTED 0
+#define SLAPD_FILTER_MASK 0x7fff
+#define SLAPD_FILTER_UNDEFINED 0x8000
union f_un_u {
/* precomputed result */
- ber_int_t f_un_result;
-
- /* DN */
- struct berval *f_un_dn;
+ ber_int_t f_un_result;
/* present */
- AttributeDescription *f_un_desc;
+ AttributeDescription *f_un_desc;
/* simple value assertion */
- AttributeAssertion *f_un_ava;
+ AttributeAssertion *f_un_ava;
/* substring assertion */
- SubstringsAssertion *f_un_ssa;
+ SubstringsAssertion *f_un_ssa;
/* matching rule assertion */
- MatchingRuleAssertion *f_un_mra;
+ MatchingRuleAssertion *f_un_mra;
-#define f_dn f_un.f_un_dn
#define f_desc f_un.f_un_desc
#define f_ava f_un.f_un_ava
#define f_av_desc f_un.f_un_ava->aa_desc
#define f_av_value f_un.f_un_ava->aa_value
#define f_sub f_un.f_un_ssa
#define f_sub_desc f_un.f_un_ssa->sa_desc
-#define f_sub_initial f_un.f_un_ssa->sa_initial
+#define f_sub_initial f_un.f_un_ssa->sa_initial
#define f_sub_any f_un.f_un_ssa->sa_any
#define f_sub_final f_un.f_un_ssa->sa_final
#define f_mra f_un.f_un_mra
#define f_mr_rule f_un.f_un_mra->ma_rule
-#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
+#define f_mr_rule_text f_un.f_un_mra->ma_rule_text
#define f_mr_desc f_un.f_un_mra->ma_desc
#define f_mr_value f_un.f_un_mra->ma_value
-#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
+#define f_mr_dnattrs f_un.f_un_mra->ma_dnattrs
/* and, or, not */
- struct slap_filter *f_un_complex;
+ Filter *f_un_complex;
} f_un;
#define f_result f_un.f_un_result
#define f_not f_un.f_un_complex
#define f_list f_un.f_un_complex
- struct slap_filter *f_next;
-} Filter;
+ Filter *f_next;
+};
/* compare routines can return undefined */
#define SLAPD_COMPARE_UNDEFINED ((ber_int_t) -1)
-typedef struct slap_valuesreturnfilter {
+struct ValuesReturnFilter {
ber_tag_t vrf_choice;
union vrf_un_u {
} vrf_un;
- struct slap_valuesreturnfilter *vrf_next;
-} ValuesReturnFilter;
-
-#ifdef LDAP_COMP_MATCH
-struct slap_component_syntax_info;
-typedef struct slap_component_data {
- void* cd_mem_op;/* nibble memory handler */
- struct slap_component_syntax_info** cd_tree;/* component tree */
-} ComponentData;
-#endif
+ ValuesReturnFilter *vrf_next;
+};
/*
* represents an attribute (description + values)
+ * desc, vals, nvals, numvals fields must align with Modification
*/
-typedef struct slap_attr {
- AttributeDescription *a_desc;
- BerVarray a_vals; /* preserved values */
- BerVarray a_nvals; /* normalized values */
-#ifdef LDAP_COMP_MATCH
- ComponentData *a_comp_data; /* component values */
-#endif
- struct slap_attr *a_next;
- unsigned a_flags;
-#define SLAP_ATTR_IXADD 0x1U
-#define SLAP_ATTR_IXDEL 0x2U
+struct Attribute {
+ AttributeDescription *a_desc;
+ BerVarray a_vals; /* preserved values */
+ BerVarray a_nvals; /* normalized values */
+ unsigned a_numvals; /* number of vals */
+ unsigned a_flags;
+#define SLAP_ATTR_IXADD 0x1U
+#define SLAP_ATTR_IXDEL 0x2U
#define SLAP_ATTR_DONT_FREE_DATA 0x4U
#define SLAP_ATTR_DONT_FREE_VALS 0x8U
-} Attribute;
+#define SLAP_ATTR_SORTED_VALS 0x10U /* values are sorted */
+
+/* These flags persist across an attr_dup() */
+#define SLAP_ATTR_PERSISTENT_FLAGS \
+ SLAP_ATTR_SORTED_VALS
+
+ Attribute *a_next;
+#ifdef LDAP_COMP_MATCH
+ ComponentData *a_comp_data; /* component values */
+#endif
+};
/*
typedef unsigned long ID;
#define NOID ((ID)~0)
+typedef struct EntryHeader {
+ struct berval bv;
+ char *data;
+ int nattrs;
+ int nvals;
+} EntryHeader;
+
/*
* represents an entry in core
*/
-typedef struct slap_entry {
+struct Entry {
/*
* The ID field should only be changed before entry is
* inserted into a cache. The ID value is backend
slap_mask_t e_ocflags;
struct berval e_bv; /* For entry_encode/entry_decode */
- struct berval *e_abv;
/* for use by the backend for any purpose */
void* e_private;
-} Entry;
+};
/*
* A list of LDAPMods
+ * desc, values, nvalues, numvals must align with Attribute
*/
-typedef struct slap_mod {
+struct Modification {
+ AttributeDescription *sm_desc;
+ BerVarray sm_values;
+ BerVarray sm_nvalues;
+ unsigned sm_numvals;
short sm_op;
short sm_flags;
/* Set for internal mods, will bypass ACL checks. Only needed when
*/
#define SLAP_MOD_INTERNAL 0x01
#define SLAP_MOD_MANAGING 0x02
-
- AttributeDescription *sm_desc;
struct berval sm_type;
- BerVarray sm_values;
- BerVarray sm_nvalues;
-} Modification;
+};
-typedef struct slap_mod_list {
- Modification sml_mod;
+struct Modifications {
+ Modification sml_mod;
#define sml_op sml_mod.sm_op
#define sml_flags sml_mod.sm_flags
#define sml_desc sml_mod.sm_desc
#define sml_type sml_mod.sm_type
#define sml_values sml_mod.sm_values
#define sml_nvalues sml_mod.sm_nvalues
- struct slap_mod_list *sml_next;
-} Modifications;
-
-typedef struct slap_ldap_modlist {
- LDAPMod ml_mod;
- struct slap_ldap_modlist *ml_next;
-#define ml_op ml_mod.mod_op
-#define ml_type ml_mod.mod_type
-#define ml_values ml_mod.mod_values
-} LDAPModList;
+#define sml_numvals sml_mod.sm_numvals
+ Modifications *sml_next;
+};
/*
* represents an access control list
*/
-typedef enum slap_access_e {
+typedef enum slap_access_t {
ACL_INVALID_ACCESS = -1,
ACL_NONE = 0,
ACL_DISCLOSE,
ACL_STYLE_USERS,
ACL_STYLE_SELF,
ACL_STYLE_IP,
+ ACL_STYLE_IPV6,
ACL_STYLE_PATH
} slap_style_t;
-typedef struct slap_authz_info {
+typedef struct AuthorizationInformation {
ber_tag_t sai_method; /* LDAP_AUTH_* from <ldap.h> */
struct berval sai_mech; /* SASL Mechanism */
struct berval sai_dn; /* DN for reporting purposes */
slap_ssf_t sai_sasl_ssf; /* SASL SSF */
} AuthorizationInformation;
-
#ifdef SLAP_DYNACL
-struct slap_op;
/*
* "dynamic" ACL infrastructure (for ACIs and more)
typedef int (slap_dynacl_unparse) LDAP_P(( void *priv, struct berval *bv ));
typedef int (slap_dynacl_mask) LDAP_P((
void *priv,
- struct slap_op *op,
+ Operation *op,
Entry *e,
AttributeDescription *desc,
struct berval *val,
} slap_dn_access;
/* the "by" part */
-typedef struct slap_access {
+typedef struct Access {
slap_control_t a_type;
/* strip qualifiers */
#define ACL_PRIV_SET(m,p) do { (m) |= (p); } while(0)
#define ACL_PRIV_CLR(m,p) do { (m) &= ~(p); } while(0)
-#define ACL_INIT(m) ACL_PRIV_ASSIGN(m, ACL_PRIV_NONE)
-#define ACL_INVALIDATE(m) ACL_PRIV_ASSIGN(m, ACL_PRIV_INVALID)
+#define ACL_INIT(m) ACL_PRIV_ASSIGN((m), ACL_PRIV_NONE)
+#define ACL_INVALIDATE(m) ACL_PRIV_ASSIGN((m), ACL_PRIV_INVALID)
#define ACL_GRANT(m,a) ACL_PRIV_ISSET((m),ACL_ACCESS2PRIV(a))
/* connection related stuff */
slap_style_t a_peername_style;
struct berval a_peername_pat;
+#ifdef LDAP_PF_INET6
+ union {
+ struct in6_addr ax6;
+ unsigned long ax;
+ } ax_peername_addr,
+ ax_peername_mask;
+#define a_peername_addr6 ax_peername_addr.ax6
+#define a_peername_addr ax_peername_addr.ax
+#define a_peername_mask6 ax_peername_mask.ax6
+#define a_peername_mask ax_peername_mask.ax
+/* apparently, only s6_addr is portable;
+ * define a portable address mask comparison */
+#define slap_addr6_mask(val, msk, asr) ( \
+ (((val)->s6_addr[0] & (msk)->s6_addr[0]) == (asr)->s6_addr[0]) \
+ && (((val)->s6_addr[1] & (msk)->s6_addr[1]) == (asr)->s6_addr[1]) \
+ && (((val)->s6_addr[2] & (msk)->s6_addr[2]) == (asr)->s6_addr[2]) \
+ && (((val)->s6_addr[3] & (msk)->s6_addr[3]) == (asr)->s6_addr[3]) \
+ && (((val)->s6_addr[4] & (msk)->s6_addr[4]) == (asr)->s6_addr[4]) \
+ && (((val)->s6_addr[5] & (msk)->s6_addr[5]) == (asr)->s6_addr[5]) \
+ && (((val)->s6_addr[6] & (msk)->s6_addr[6]) == (asr)->s6_addr[6]) \
+ && (((val)->s6_addr[7] & (msk)->s6_addr[7]) == (asr)->s6_addr[7]) \
+ && (((val)->s6_addr[8] & (msk)->s6_addr[8]) == (asr)->s6_addr[8]) \
+ && (((val)->s6_addr[9] & (msk)->s6_addr[9]) == (asr)->s6_addr[9]) \
+ && (((val)->s6_addr[10] & (msk)->s6_addr[10]) == (asr)->s6_addr[10]) \
+ && (((val)->s6_addr[11] & (msk)->s6_addr[11]) == (asr)->s6_addr[11]) \
+ && (((val)->s6_addr[12] & (msk)->s6_addr[12]) == (asr)->s6_addr[12]) \
+ && (((val)->s6_addr[13] & (msk)->s6_addr[13]) == (asr)->s6_addr[13]) \
+ && (((val)->s6_addr[14] & (msk)->s6_addr[14]) == (asr)->s6_addr[14]) \
+ && (((val)->s6_addr[15] & (msk)->s6_addr[15]) == (asr)->s6_addr[15]) \
+ )
+#else /* ! LDAP_PF_INET6 */
unsigned long a_peername_addr,
a_peername_mask;
+#endif /* ! LDAP_PF_INET6 */
int a_peername_port;
slap_style_t a_sockname_style;
/* ACL Groups */
slap_style_t a_group_style;
struct berval a_group_pat;
- ObjectClass *a_group_oc;
+ ObjectClass *a_group_oc;
AttributeDescription *a_group_at;
- struct slap_access *a_next;
+ struct Access *a_next;
} Access;
/* the "to" part */
-typedef struct slap_acl {
+typedef struct AccessControl {
/* "to" part: the entries this acl applies to */
Filter *acl_filter;
slap_style_t acl_dn_style;
/* "by" part: list of who has what access to the entries */
Access *acl_access;
- struct slap_acl *acl_next;
+ struct AccessControl *acl_next;
} AccessControl;
-typedef enum {
- ACL_STATE_NOT_RECORDED = 0x0,
- ACL_STATE_RECORDED_VD = 0x1,
- ACL_STATE_RECORDED_NV = 0x2,
- ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV )
-} slap_acl_state_t;
-
-typedef struct slap_acl_state {
+typedef struct AccessControlState {
/* Access state */
- AccessControl *as_vi_acl;
- AccessControl *as_vd_acl;
- AttributeDescription *as_vd_ad;
+ /* The stored state is valid when requesting as_access access
+ * to the as_desc attributes. */
+ AttributeDescription *as_desc;
+ slap_access_t as_access;
- slap_acl_state_t as_recorded;
+ /* Value dependent acl where processing can restart */
+ AccessControl *as_vd_acl;
int as_vd_acl_count;
+ slap_mask_t as_vd_mask;
+
+ /* The cached result after evaluating a value independent attr.
+ * Only valid when != -1 and as_vd_acl == NULL */
int as_result;
+
+ /* True if started to process frontend ACLs */
+ int as_fe_done;
} AccessControlState;
-#define ACL_STATE_INIT { NULL, NULL, NULL, \
- ACL_STATE_NOT_RECORDED, 0, 0 }
+#define ACL_STATE_INIT { NULL, ACL_NONE, NULL, 0, ACL_PRIV_NONE, -1, 0 }
+
+typedef struct AclRegexMatches {
+ int dn_count;
+ regmatch_t dn_data[MAXREMATCHES];
+ int val_count;
+ regmatch_t val_data[MAXREMATCHES];
+} AclRegexMatches;
/*
* Backend-info
* represents a backend
*/
-typedef struct slap_backend_info BackendInfo; /* per backend type */
-typedef struct slap_backend_db BackendDB; /* per backend database */
-typedef LDAP_STAILQ_HEAD(BeI, slap_backend_info) slap_bi_head;
-typedef LDAP_STAILQ_HEAD(BeDB, slap_backend_db) slap_be_head;
+typedef LDAP_STAILQ_HEAD(BeI, BackendInfo) slap_bi_head;
+typedef LDAP_STAILQ_HEAD(BeDB, BackendDB) slap_be_head;
LDAP_SLAPD_V (int) nBackendInfo;
LDAP_SLAPD_V (int) nBackendDB;
typedef struct slap_bindconf {
struct berval sb_uri;
+ int sb_version;
int sb_tls;
int sb_method;
+ int sb_timeout_api;
+ int sb_timeout_net;
struct berval sb_binddn;
struct berval sb_cred;
struct berval sb_saslmech;
char *sb_tls_cacertdir;
char *sb_tls_reqcert;
char *sb_tls_cipher_suite;
+ char *sb_tls_protocol_min;
#ifdef HAVE_OPENSSL_CRL
char *sb_tls_crlcheck;
#endif
#endif
} slap_bindconf;
-struct slap_replica_info {
- const char *ri_host; /* points to host part of uri */
- BerVarray ri_nsuffix; /* array of suffixes this replica accepts */
- AttributeName *ri_attrs; /* attrs to replicate, NULL=all */
- int ri_exclude; /* 1 => exclude ri_attrs */
- slap_bindconf ri_bindconf; /* for back-config */
-};
-
typedef struct slap_verbmasks {
struct berval word;
const slap_mask_t mask;
int off;
char type;
char quote;
- slap_verbmasks *aux;
+ void *aux;
} slap_cf_aux_table;
#define SLAP_LIMIT_TIME 1
struct slap_limits {
unsigned lm_flags; /* type of pattern */
+ /* Values must match lmpats[] in limits.c */
#define SLAP_LIMITS_UNDEFINED 0x0000U
#define SLAP_LIMITS_EXACT 0x0001U
#define SLAP_LIMITS_BASE SLAP_LIMITS_EXACT
#define SLAP_LIMITS_ANY 0x0008U
#define SLAP_LIMITS_MASK 0x000FU
-#define SLAP_LIMITS_TYPE_DN 0x0000U
+#define SLAP_LIMITS_TYPE_SELF 0x0000U
+#define SLAP_LIMITS_TYPE_DN SLAP_LIMITS_TYPE_SELF
#define SLAP_LIMITS_TYPE_GROUP 0x0010U
+#define SLAP_LIMITS_TYPE_THIS 0x0020U
#define SLAP_LIMITS_TYPE_MASK 0x00F0U
regex_t lm_regex; /* regex data for REGEX */
struct syncinfo_s;
-#define SLAP_SYNC_RID_SIZE 3
-#define SLAP_SYNCUUID_SET_SIZE 256
+/* fake conn connid constructed as SLAPD_SYNC_CONN_OFFSET - rid */
+#define SLAPD_SYNC_SYNCCONN_OFFSET (-1000)
+#define SLAPD_SYNC_IS_SYNCCONN(connid) ((connid) <= SLAPD_SYNC_SYNCCONN_OFFSET)
+#define SLAPD_SYNC_RID2SYNCCONN(rid) (SLAPD_SYNC_SYNCCONN_OFFSET - (rid))
-#define SLAP_SYNC_UPDATE_MSGID 1
+#define SLAP_SYNC_RID_MAX 999
+#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
+#define SLAP_SYNCUUID_SET_SIZE 256
struct sync_cookie {
- struct berval ctxcsn;
+ struct berval *ctxcsn;
struct berval octet_str;
- long rid;
+ int rid;
+ int sid;
+ int numcsns;
+ int *sids;
LDAP_STAILQ_ENTRY(sync_cookie) sc_next;
};
struct ConfigOCs; /* config.h */
-struct slap_backend_db {
+struct BackendDB {
BackendInfo *bd_info; /* pointer to shared backend info */
+ BackendDB *bd_self; /* pointer to this struct */
/* fields in this structure (and routines acting on this structure)
should be renamed from be_ to bd_ */
#define be_modrdn bd_info->bi_op_modrdn
#define be_search bd_info->bi_op_search
#define be_abandon bd_info->bi_op_abandon
-#define be_cancel bd_info->bi_op_cancel
#define be_extended bd_info->bi_extended
+#define be_cancel bd_info->bi_op_cancel
#define be_chk_referrals bd_info->bi_chk_referrals
#define be_chk_controls bd_info->bi_chk_controls
#define be_entry_put bd_info->bi_tool_entry_put
#define be_sync bd_info->bi_tool_sync
#define be_dn2id_get bd_info->bi_tool_dn2id_get
-#define be_id2entry_get bd_info->bi_tool_id2entry_get
#define be_entry_modify bd_info->bi_tool_entry_modify
#endif
#define SLAP_DBFLAG_NOLASTMOD 0x0001U
#define SLAP_DBFLAG_NO_SCHEMA_CHECK 0x0002U
#define SLAP_DBFLAG_HIDDEN 0x0004U
+#define SLAP_DBFLAG_ONE_SUFFIX 0x0008U
#define SLAP_DBFLAG_GLUE_INSTANCE 0x0010U /* a glue backend */
#define SLAP_DBFLAG_GLUE_SUBORDINATE 0x0020U /* child of a glue hierarchy */
#define SLAP_DBFLAG_GLUE_LINKED 0x0040U /* child is connected to parent */
#define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */
#define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */
#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */
+#define SLAP_DBFLAG_MONITORING 0x0800U /* custom monitoring enabled */
#define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */
#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */
+#define SLAP_DBFLAG_SHADOW_MASK (SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SINGLE_SHADOW|SLAP_DBFLAG_SYNC_SHADOW|SLAP_DBFLAG_SLURP_SHADOW)
+#define SLAP_DBFLAG_CLEAN 0x10000U /* was cleanly shutdown */
+#define SLAP_DBFLAG_ACL_ADD 0x20000U /* check attr ACLs on adds */
+#define SLAP_DBFLAG_SYNC_SUBENTRY 0x40000U /* use subentry for context */
slap_mask_t be_flags;
#define SLAP_DBFLAGS(be) ((be)->be_flags)
#define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD)
#define SLAP_LASTMOD(be) (!SLAP_NOLASTMOD(be))
#define SLAP_DBHIDDEN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_HIDDEN)
+#define SLAP_DB_ONE_SUFFIX(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ONE_SUFFIX)
#define SLAP_ISOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_OVERLAY)
#define SLAP_ISGLOBALOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_GLOBAL_OVERLAY)
+#define SLAP_DBMONITORING(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MONITORING)
#define SLAP_NO_SCHEMA_CHECK(be) \
(SLAP_DBFLAGS(be) & SLAP_DBFLAG_NO_SCHEMA_CHECK)
#define SLAP_GLUE_INSTANCE(be) \
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
+#define SLAP_DBCLEAN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_CLEAN)
+#define SLAP_DBACL_ADD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ACL_ADD)
+#define SLAP_SYNC_SUBENTRY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SUBENTRY)
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
-#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */
#define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */
#define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */
+#define SLAP_DISALLOW_PROXY_AUTHZ_N_CRIT 0x0100U
+#define SLAP_DISALLOW_DONTUSECOPY_N_CRIT 0x0200U
+
#define SLAP_DISALLOW_AUX_WO_CR 0x4000U
slap_mask_t be_requires; /* pre-operation requirements */
slap_access_t be_dfltaccess; /* access given if no acl matches */
/* Replica Information */
- struct slap_replica_info **be_replica; /* replicas of this backend (in master) */
- char *be_replogfile; /* replication log file (in master) */
- char *be_replica_argsfile; /* per-replog replica args file */
- char *be_replica_pidfile; /* per-replog replica pid file */
- int be_replicationinterval; /* per-replog replicationinterval */
struct berval be_update_ndn; /* allowed to make changes (in replicas) */
BerVarray be_update_refs; /* where to refer modifying clients to */
struct be_pcl *be_pending_csn_list;
ldap_pvt_thread_mutex_t be_pcl_mutex;
- ldap_pvt_thread_mutex_t *be_pcl_mutexp;
struct syncinfo_s *be_syncinfo; /* For syncrepl */
void *be_pb; /* Netscape plugin */
struct ConfigOCs *be_cf_ocs;
void *be_private; /* anything the backend database needs */
- LDAP_STAILQ_ENTRY(slap_backend_db) be_next;
+ LDAP_STAILQ_ENTRY(BackendDB) be_next;
};
-struct slap_conn;
-struct slap_op;
-
/* Backend function typedefs */
typedef int (BI_bi_func) LDAP_P((BackendInfo *bi));
typedef BI_bi_func BI_init;
const char *fname, int lineno,
int argc, char **argv));
-typedef int (BI_db_func) LDAP_P((Backend *bd));
+typedef struct config_reply_s ConfigReply; /* config.h */
+typedef int (BI_db_func) LDAP_P((Backend *bd, ConfigReply *cr));
typedef BI_db_func BI_db_init;
typedef BI_db_func BI_db_open;
typedef BI_db_func BI_db_close;
struct berval rb_cred;
struct berval rb_edn;
slap_ssf_t rb_ssf;
- struct berval rb_tmp_mech; /* FIXME: temporary */
+ struct berval rb_mech;
} req_bind_s;
typedef struct req_search_s {
AttributeAssertion *rs_ava;
} req_compare_s;
-typedef struct req_modify_s {
+typedef struct req_modifications_s {
Modifications *rs_modlist;
- int rs_increment; /* FIXME: temporary */
+ char rs_no_opattrs; /* don't att modify operational attrs */
+} req_modifications_s;
+
+typedef struct req_modify_s {
+ req_modifications_s rs_mods; /* NOTE: must be first in req_modify_s & req_modrdn_s */
+ int rs_increment;
} req_modify_s;
typedef struct req_modrdn_s {
+ req_modifications_s rs_mods; /* NOTE: must be first in req_modify_s & req_modrdn_s */
+ int rs_deleteoldrdn;
struct berval rs_newrdn;
struct berval rs_nnewrdn;
struct berval *rs_newSup;
struct berval *rs_nnewSup;
- int rs_deleteoldrdn;
- Modifications *rs_modlist;
} req_modrdn_s;
typedef struct req_add_s {
+ Modifications *rs_modlist;
Entry *rs_e;
- Modifications *rs_modlist; /* FIXME: temporary */
} req_add_s;
typedef struct req_abandon_s {
REP_EXTENDED,
REP_SEARCH,
REP_SEARCHREF,
- REP_INTERMEDIATE
+ REP_INTERMEDIATE,
+ REP_GLUE_RESULT
} slap_reply_t;
typedef struct rep_sasl_s {
BerVarray r_v2ref;
} rep_search_s;
-typedef struct slap_rep {
+struct SlapReply {
slap_reply_t sr_type;
ber_tag_t sr_tag;
ber_int_t sr_msgid;
BerVarray sr_ref;
LDAPControl **sr_ctrls;
union sr_u {
+ rep_search_s sru_search;
rep_sasl_s sru_sasl;
rep_extended_s sru_extended;
- rep_search_s sru_search;
} sr_un;
slap_mask_t sr_flags;
#define REP_ENTRY_MODIFIABLE 0x0001U
#define REP_REF_MUSTBEFREED 0x0020U
#define REP_REF_MASK (REP_REF_MUSTBEFREED)
+#define REP_CTRLS_MUSTBEFREED 0x0040U
+#define REP_CTRLS_MASK (REP_CTRLS_MUSTBEFREED)
+
#define REP_NO_ENTRYDN 0x1000U
#define REP_NO_SUBSCHEMA 0x2000U
#define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
-} SlapReply;
+};
/* short hands for response members */
#define sr_attrs sr_un.sru_search.r_attrs
#define sr_rspdata sr_un.sru_extended.r_rspdata
#define sr_sasldata sr_un.sru_sasl.r_sasldata
-typedef int (BI_op_func) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_func) LDAP_P(( Operation *op, SlapReply *rs ));
typedef BI_op_func BI_op_bind;
typedef BI_op_func BI_op_unbind;
typedef BI_op_func BI_op_search;
typedef BI_op_func BI_op_add;
typedef BI_op_func BI_op_delete;
typedef BI_op_func BI_op_abandon;
-typedef BI_op_func BI_op_cancel;
typedef BI_op_func BI_op_extended;
+typedef BI_op_func BI_op_cancel;
typedef BI_op_func BI_chk_referrals;
typedef BI_op_func BI_chk_controls;
typedef int (BI_entry_release_rw)
- LDAP_P(( struct slap_op *op, Entry *e, int rw ));
-typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
+ LDAP_P(( Operation *op, Entry *e, int rw ));
+typedef int (BI_entry_get_rw) LDAP_P(( Operation *op, struct berval *ndn,
ObjectClass *oc, AttributeDescription *at, int rw, Entry **e ));
-typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op,
+typedef int (BI_operational) LDAP_P(( Operation *op, SlapReply *rs ));
+typedef int (BI_has_subordinates) LDAP_P(( Operation *op,
Entry *e, int *hasSubs ));
-typedef int (BI_access_allowed) LDAP_P(( struct slap_op *op, Entry *e,
+typedef int (BI_access_allowed) LDAP_P(( Operation *op, Entry *e,
AttributeDescription *desc, struct berval *val, slap_access_t access,
AccessControlState *state, slap_mask_t *maskp ));
-typedef int (BI_acl_group) LDAP_P(( struct slap_op *op, Entry *target,
+typedef int (BI_acl_group) LDAP_P(( Operation *op, Entry *target,
struct berval *gr_ndn, struct berval *op_ndn,
ObjectClass *group_oc, AttributeDescription *group_at ));
-typedef int (BI_acl_attribute) LDAP_P(( struct slap_op *op, Entry *target,
+typedef int (BI_acl_attribute) LDAP_P(( Operation *op, Entry *target,
struct berval *entry_ndn, AttributeDescription *entry_at,
BerVarray *vals, slap_access_t access ));
-typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, struct slap_conn *c ));
+typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, Connection *c ));
typedef BI_conn_func BI_connection_init;
typedef BI_conn_func BI_connection_destroy;
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id ));
+typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id, AttributeDescription **adv ));
typedef int (BI_tool_sync) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_dn2id_get) LDAP_P(( BackendDB *be, struct berval *dn ));
-typedef int (BI_tool_id2entry_get) LDAP_P(( BackendDB *be, ID id, Entry **e ));
typedef ID (BI_tool_entry_modify) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-struct slap_backend_info {
+struct BackendInfo {
char *bi_type; /* type of backend */
/*
BI_op_add *bi_op_add;
BI_op_delete *bi_op_delete;
BI_op_abandon *bi_op_abandon;
- BI_op_cancel *bi_op_cancel;
/* Extended Operations Helper */
BI_op_extended *bi_extended;
+ BI_op_cancel *bi_op_cancel;
/* Auxilary Functions */
BI_operational *bi_operational;
BI_tool_entry_reindex *bi_tool_entry_reindex;
BI_tool_sync *bi_tool_sync;
BI_tool_dn2id_get *bi_tool_dn2id_get;
- BI_tool_id2entry_get *bi_tool_id2entry_get;
BI_tool_entry_modify *bi_tool_entry_modify;
#define SLAP_INDEX_ADD_OP 0x0001
unsigned int bi_nDB; /* number of databases of this type */
struct ConfigOCs *bi_cf_ocs;
char **bi_obsolete_names;
- void *bi_private; /* anything the backend type needs */
- LDAP_STAILQ_ENTRY(slap_backend_info) bi_next ;
+ void *bi_extra; /* backend type-specific APIs */
+ void *bi_private; /* backend type-specific config data */
+ LDAP_STAILQ_ENTRY(BackendInfo) bi_next ;
};
#define c_authtype c_authz.sai_method
#define c_authmech c_authz.sai_mech
#define c_dn c_authz.sai_dn
#define c_ndn c_authz.sai_ndn
-#define c_ssf c_authz.sai_ssf
+#define c_ssf c_authz.sai_ssf
#define c_transport_ssf c_authz.sai_transport_ssf
-#define c_tls_ssf c_authz.sai_tls_ssf
-#define c_sasl_ssf c_authz.sai_sasl_ssf
+#define c_tls_ssf c_authz.sai_tls_ssf
+#define c_sasl_ssf c_authz.sai_sasl_ssf
#define o_authtype o_authz.sai_method
#define o_authmech o_authz.sai_mech
#define o_dn o_authz.sai_dn
#define o_ndn o_authz.sai_ndn
-#define o_ssf o_authz.sai_ssf
+#define o_ssf o_authz.sai_ssf
#define o_transport_ssf o_authz.sai_transport_ssf
-#define o_tls_ssf o_authz.sai_tls_ssf
-#define o_sasl_ssf o_authz.sai_sasl_ssf
+#define o_tls_ssf o_authz.sai_tls_ssf
+#define o_sasl_ssf o_authz.sai_sasl_ssf
-typedef int (slap_response)( struct slap_op *, struct slap_rep * );
+typedef int (slap_response)( Operation *, SlapReply * );
typedef struct slap_callback {
struct slap_callback *sc_next;
op_add,
op_delete,
op_abandon,
- op_cancel,
op_extended,
+ op_cancel,
op_aux_operational,
op_aux_chk_referrals,
op_aux_chk_controls,
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
-#define SLAP_CB_FREEME 0x04000
+#define SLAP_CB_BYPASS 0x08800
#define SLAP_CB_CONTINUE 0x08000
/*
* Paged Results state
*/
typedef unsigned long PagedResultsCookie;
-typedef struct slap_paged_state {
+typedef struct PagedResultsState {
Backend *ps_be;
ber_int_t ps_size;
- PagedResultsCookie ps_cookie;
int ps_count;
+ PagedResultsCookie ps_cookie;
+ struct berval ps_cookieval;
} PagedResultsState;
struct slap_csn_entry {
struct berval ce_csn;
+ int ce_sid;
unsigned long ce_opid;
unsigned long ce_connid;
#define SLAP_CSN_PENDING 1
/*
* Caches the result of a backend_group check for ACL evaluation
*/
-typedef struct slap_gacl {
- struct slap_gacl *ga_next;
+typedef struct GroupAssertion {
+ struct GroupAssertion *ga_next;
Backend *ga_be;
ObjectClass *ga_oc;
AttributeDescription *ga_at;
int sc_proxyAuthz;
int sc_relax;
int sc_searchOptions;
-#ifdef SLAP_SORTEDRESULTS
+#ifdef SLAP_CONTROL_X_SORTEDRESULTS
int sc_sortedResults;
#endif
int sc_subentries;
+#ifdef SLAP_CONTROL_X_TREE_DELETE
int sc_treeDelete;
+#endif
#ifdef LDAP_X_TXN
int sc_txnSpec;
+#endif
+#ifdef SLAP_CONTROL_X_SESSION_TRACKING
+ int sc_sessionTracking;
#endif
int sc_valuesReturnFilter;
+#ifdef SLAP_CONTROL_X_WHATFAILED
+ int sc_whatFailed;
+#endif
};
+/*
+ * Operation indices
+ */
+typedef enum {
+ SLAP_OP_BIND = 0,
+ SLAP_OP_UNBIND,
+ SLAP_OP_SEARCH,
+ SLAP_OP_COMPARE,
+ SLAP_OP_MODIFY,
+ SLAP_OP_MODRDN,
+ SLAP_OP_ADD,
+ SLAP_OP_DELETE,
+ SLAP_OP_ABANDON,
+ SLAP_OP_EXTENDED,
+ SLAP_OP_LAST
+} slap_op_t;
+
+typedef struct slap_counters_t {
+ struct slap_counters_t *sc_next;
+ ldap_pvt_thread_mutex_t sc_mutex;
+ ldap_pvt_mp_t sc_bytes;
+ ldap_pvt_mp_t sc_pdu;
+ ldap_pvt_mp_t sc_entries;
+ ldap_pvt_mp_t sc_refs;
+
+ ldap_pvt_mp_t sc_ops_completed;
+ ldap_pvt_mp_t sc_ops_initiated;
+#ifdef SLAPD_MONITOR
+ ldap_pvt_mp_t sc_ops_completed_[SLAP_OP_LAST];
+ ldap_pvt_mp_t sc_ops_initiated_[SLAP_OP_LAST];
+#endif /* SLAPD_MONITOR */
+} slap_counters_t;
+
/*
* represents an operation pending from an ldap client
*/
-typedef struct slap_op_header {
- unsigned long oh_opid; /* id of this operation */
- unsigned long oh_connid; /* id of conn initiating this op */
- struct slap_conn *oh_conn; /* connection spawning this op */
+typedef struct Opheader {
+ unsigned long oh_opid; /* id of this operation */
+ unsigned long oh_connid; /* id of conn initiating this op */
+ Connection *oh_conn; /* connection spawning this op */
ber_int_t oh_msgid; /* msgid of the request */
ber_int_t oh_protocol; /* version of the LDAP protocol used by client */
void *oh_tmpmemctx; /* slab malloc context */
BerMemoryFunctions *oh_tmpmfuncs;
- char oh_log_prefix[sizeof("conn=18446744073709551615 op=18446744073709551615")];
+ slap_counters_t *oh_counters;
+
+ char oh_log_prefix[ /* sizeof("conn= op=") + 2*LDAP_PVT_INTTYPE_CHARS(unsigned long) */ SLAP_TEXT_BUFLEN ];
#ifdef LDAP_SLAPI
void *oh_extensions; /* NS-SLAPI plugin */
#endif
} Opheader;
-typedef struct slap_op {
+typedef union OpRequest {
+ req_add_s oq_add;
+ req_bind_s oq_bind;
+ req_compare_s oq_compare;
+ req_modify_s oq_modify;
+ req_modrdn_s oq_modrdn;
+ req_search_s oq_search;
+ req_abandon_s oq_abandon;
+ req_abandon_s oq_cancel;
+ req_extended_s oq_extended;
+ req_pwdexop_s oq_pwdexop;
+} OpRequest;
+
+/* This is only a header. Actual users should define their own
+ * structs with the oe_next / oe_key fields at the top and
+ * whatever else they need following.
+ */
+typedef struct OpExtra {
+ LDAP_SLIST_ENTRY(OpExtra) oe_next;
+ void *oe_key;
+} OpExtra;
+
+typedef struct OpExtraDB {
+ OpExtra oe;
+ BackendDB *oe_db;
+} OpExtraDB;
+
+struct Operation {
Opheader *o_hdr;
#define o_opid o_hdr->oh_opid
#define o_threadctx o_hdr->oh_threadctx
#define o_tmpmemctx o_hdr->oh_tmpmemctx
#define o_tmpmfuncs o_hdr->oh_tmpmfuncs
+#define o_counters o_hdr->oh_counters
#define o_tmpalloc o_tmpmfuncs->bmf_malloc
#define o_tmpcalloc o_tmpmfuncs->bmf_calloc
struct berval o_req_dn; /* DN of target of request */
struct berval o_req_ndn;
- union o_req_u {
- req_add_s oq_add;
- req_bind_s oq_bind;
- req_compare_s oq_compare;
- req_modify_s oq_modify;
- req_modrdn_s oq_modrdn;
- req_search_s oq_search;
- req_abandon_s oq_abandon;
- req_abandon_s oq_cancel;
- req_extended_s oq_extended;
- req_pwdexop_s oq_pwdexop;
- } o_request;
+ OpRequest o_request;
/* short hands for union members */
#define oq_add o_request.oq_add
#define orb_cred oq_bind.rb_cred
#define orb_edn oq_bind.rb_edn
#define orb_ssf oq_bind.rb_ssf
-#define orb_tmp_mech oq_bind.rb_tmp_mech
+#define orb_mech oq_bind.rb_mech
#define ors_scope oq_search.rs_scope
#define ors_deref oq_search.rs_deref
#define ors_filter oq_search.rs_filter
#define ors_filterstr oq_search.rs_filterstr
+#define orr_modlist oq_modrdn.rs_mods.rs_modlist
+#define orr_no_opattrs oq_modrdn.rs_mods.rs_no_opattrs
+#define orr_deleteoldrdn oq_modrdn.rs_deleteoldrdn
#define orr_newrdn oq_modrdn.rs_newrdn
#define orr_nnewrdn oq_modrdn.rs_nnewrdn
#define orr_newSup oq_modrdn.rs_newSup
#define orr_nnewSup oq_modrdn.rs_nnewSup
-#define orr_deleteoldrdn oq_modrdn.rs_deleteoldrdn
-#define orr_modlist oq_modrdn.rs_modlist
#define orc_ava oq_compare.rs_ava
+
#define ora_e oq_add.rs_e
#define ora_modlist oq_add.rs_modlist
+
#define orn_msgid oq_abandon.rs_msgid
-#define orm_modlist oq_modify.rs_modlist
+
+#define orm_modlist oq_modify.rs_mods.rs_modlist
+#define orm_no_opattrs oq_modify.rs_mods.rs_no_opattrs
#define orm_increment oq_modify.rs_increment
#define ore_reqoid oq_extended.rs_reqoid
GroupAssertion *o_groups;
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ char o_dont_replicate;
+ slap_access_t o_acl_priv;
char o_nocaching;
char o_delete_glue_parent;
#define o_domain_scope o_ctrlflag[slap_cids.sc_domainScope]
#define get_domainScope(op) ((int)(op)->o_domain_scope)
+#ifdef SLAP_CONTROL_X_TREE_DELETE
#define o_tree_delete o_ctrlflag[slap_cids.sc_treeDelete]
#define get_treeDelete(op) ((int)(op)->o_tree_delete)
+#endif
#define o_preread o_ctrlflag[slap_cids.sc_preRead]
#define o_postread o_ctrlflag[slap_cids.sc_postRead]
#define o_pagedresults_state o_controls[slap_cids.sc_pagedResults]
#define get_pagedresults(op) ((int)(op)->o_pagedresults)
-#ifdef SLAP_SORTEDRESULTS
+#ifdef SLAP_CONTROL_X_SORTEDRESULTS
#define o_sortedresults o_ctrlflag[slap_cids.sc_sortedResults]
#endif
#define o_txnSpec o_ctrlflag[slap_cids.sc_txnSpec]
#endif
+#ifdef SLAP_CONTROL_X_SESSION_TRACKING
+#define o_session_tracking o_ctrlflag[slap_cids.sc_sessionTracking]
+#define o_tracked_sessions o_controls[slap_cids.sc_sessionTracking]
+#define get_sessionTracking(op) ((int)(op)->o_session_tracking)
+#endif
+
+#ifdef SLAP_CONTROL_X_WHATFAILED
+#define o_whatFailed o_ctrlflag[slap_cids.sc_whatFailed]
+#define get_whatFailed(op) _SCM((op)->o_whatFailed)
+#endif
+
#define o_sync o_ctrlflag[slap_cids.sc_LDAPsync]
AuthorizationInformation o_authz;
LDAPControl **o_ctrls; /* controls */
struct berval o_csn;
+ /* DEPRECATE o_private - use o_extra instead */
void *o_private; /* anything the backend needs */
+ LDAP_SLIST_HEAD(o_e, OpExtra) o_extra; /* anything the backend needs */
- LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
-} Operation;
-
-#define OPERATION_BUFFER_SIZE ( sizeof(Operation) + sizeof(Opheader) + \
- SLAP_MAX_CIDS*sizeof(void *) )
+ LDAP_STAILQ_ENTRY(Operation) o_next; /* next operation in list */
+};
-typedef LBER_ALIGNED_BUFFER(operation_buffer_u,OPERATION_BUFFER_SIZE)
- OperationBuffer;
+typedef struct OperationBuffer {
+ Operation ob_op;
+ Opheader ob_hdr;
+ void *ob_controls[SLAP_MAX_CIDS];
+} OperationBuffer;
#define send_ldap_error( op, rs, err, text ) do { \
(rs)->sr_err = err; (rs)->sr_text = text; \
- (op->o_conn->c_send_ldap_result)( op, rs ); \
+ ((op)->o_conn->c_send_ldap_result)( op, rs ); \
} while (0)
#define send_ldap_discon( op, rs, err, text ) do { \
(rs)->sr_err = err; (rs)->sr_text = text; \
} while (0)
typedef void (SEND_LDAP_RESULT)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef int (SEND_SEARCH_ENTRY)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef int (SEND_SEARCH_REFERENCE)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef void (SEND_LDAP_EXTENDED)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
typedef void (SEND_LDAP_INTERMEDIATE)(
- struct slap_op *op, struct slap_rep *rs);
+ Operation *op, SlapReply *rs);
#define send_ldap_result( op, rs ) \
((op)->o_conn->c_send_ldap_result)( op, rs )
#define send_ldap_intermediate( op, rs ) \
((op)->o_conn->c_send_ldap_intermediate)( op, rs )
-typedef struct slap_listener Listener;
+typedef struct Listener Listener;
/*
* represents a connection from an ldap client
*/
-typedef struct slap_conn {
- int c_struct_state; /* structure management state */
- int c_conn_state; /* connection state */
+/* structure state (protected by connections_mutex) */
+enum sc_struct_state {
+ SLAP_C_UNINITIALIZED = 0, /* MUST BE ZERO (0) */
+ SLAP_C_UNUSED,
+ SLAP_C_USED,
+ SLAP_C_PENDING
+};
+
+/* connection state (protected by c_mutex ) */
+enum sc_conn_state {
+ SLAP_C_INVALID = 0, /* MUST BE ZERO (0) */
+ SLAP_C_INACTIVE, /* zero threads */
+ SLAP_C_CLOSING, /* closing */
+ SLAP_C_ACTIVE, /* one or more threads */
+ SLAP_C_BINDING, /* binding */
+ SLAP_C_CLIENT /* outbound client conn */
+};
+struct Connection {
+ enum sc_struct_state c_struct_state; /* structure management state */
+ enum sc_conn_state c_conn_state; /* connection state */
int c_conn_idx; /* slot in connections array */
+ ber_socket_t c_sd;
const char *c_close_reason; /* why connection is closing */
ldap_pvt_thread_mutex_t c_mutex; /* protect the connection */
#define c_sock_name c_listener->sl_name /* sock name (trans=addr:port) */
/* only can be changed by binding thread */
- int c_sasl_bind_in_progress; /* multi-op bind in progress */
struct berval c_sasl_bind_mech; /* mech in progress */
struct berval c_sasl_dn; /* temporary storage */
struct berval c_sasl_authz_dn; /* SASL proxy authz */
ber_int_t c_protocol; /* version of the LDAP protocol used by client */
- LDAP_STAILQ_HEAD(c_o, slap_op) c_ops; /* list of operations being processed */
- LDAP_STAILQ_HEAD(c_po, slap_op) c_pending_ops; /* list of pending operations */
+ LDAP_STAILQ_HEAD(c_o, Operation) c_ops; /* list of operations being processed */
+ LDAP_STAILQ_HEAD(c_po, Operation) c_pending_ops; /* list of pending operations */
- ldap_pvt_thread_mutex_t c_write_mutex; /* only one pdu written at a time */
- ldap_pvt_thread_cond_t c_write_cv; /* used to wait for sd write-ready*/
+ ldap_pvt_thread_mutex_t c_write1_mutex; /* only one pdu written at a time */
+ ldap_pvt_thread_cond_t c_write1_cv; /* only one pdu written at a time */
+ ldap_pvt_thread_mutex_t c_write2_mutex; /* used to wait for sd write-ready */
+ ldap_pvt_thread_cond_t c_write2_cv; /* used to wait for sd write-ready*/
BerElement *c_currentber; /* ber we're attempting to read */
- int c_writewaiter; /* true if writer is waiting */
+ int c_writers; /* number of writers waiting */
+ char c_writing; /* someone is writing */
+
+ char c_sasl_bind_in_progress; /* multi-op bind in progress */
+ char c_writewaiter; /* true if blocked on write */
+
#define CONN_IS_TLS 1
#define CONN_IS_UDP 2
-#define CONN_IS_CLIENT 3
+#define CONN_IS_CLIENT 4
+#define CONN_IS_IPC 8
#ifdef LDAP_CONNECTIONLESS
- int c_is_udp; /* true if this is (C)LDAP over UDP */
+ char c_is_udp; /* true if this is (C)LDAP over UDP */
#endif
#ifdef HAVE_TLS
- int c_is_tls; /* true if this LDAP over raw TLS */
- int c_needs_tls_accept; /* true if SSL_accept should be called */
+ char c_is_tls; /* true if this LDAP over raw TLS */
+ char c_needs_tls_accept; /* true if SSL_accept should be called */
#endif
- int c_sasl_layers; /* true if we need to install SASL i/o handlers */
- int c_sasl_done; /* SASL completed once */
+ char c_sasl_layers; /* true if we need to install SASL i/o handlers */
+ char c_sasl_done; /* SASL completed once */
void *c_sasl_authctx; /* SASL authentication context */
void *c_sasl_sockctx; /* SASL security layer context */
void *c_sasl_extra; /* SASL session extra stuff */
- struct slap_op *c_sasl_bindop; /* set to current op if it's a bind */
+ Operation *c_sasl_bindop; /* set to current op if it's a bind */
#ifdef LDAP_X_TXN
#define CONN_TXN_INACTIVE 0
int c_txn;
Backend *c_txn_backend;
- LDAP_STAILQ_HEAD(c_to, slap_op) c_txn_ops; /* list of operations in txn */
+ LDAP_STAILQ_HEAD(c_to, Operation) c_txn_ops; /* list of operations in txn */
#endif
PagedResultsState c_pagedresults_state; /* paged result state */
SEND_SEARCH_REFERENCE *c_send_search_reference;
SEND_LDAP_EXTENDED *c_send_ldap_extended;
SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
-} Connection;
+};
#ifdef LDAP_DEBUG
#ifdef LDAP_SYSLOG
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
+ lutil_debug( ldap_debug, (level), (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
#endif /* !LDAP_SYSLOG */
/*
* listener; need to access it from monitor backend
*/
-struct slap_listener {
+struct Listener {
struct berval sl_url;
struct berval sl_name;
mode_t sl_perms;
int sl_is_udp; /* UDP listener is also data port */
#endif
int sl_mute; /* Listener is temporarily disabled due to emfile */
-#ifdef SLAP_LIGHTWEIGHT_DISPATCHER
int sl_busy; /* Listener is busy (accept thread activated) */
-#endif
ber_socket_t sl_sd;
Sockaddr sl_sa;
#define sl_addr sl_sa.sa_in_addr
+#ifdef LDAP_DEVEL
+#define LDAP_TCP_BUFFER
+#endif
+#ifdef LDAP_TCP_BUFFER
+ int sl_tcp_rmem; /* custom TCP read buffer size */
+ int sl_tcp_wmem; /* custom TCP write buffer size */
+#endif
};
-/*
- * Operation indices
- */
-typedef enum {
- SLAP_OP_BIND = 0,
- SLAP_OP_UNBIND,
- SLAP_OP_ADD,
- SLAP_OP_DELETE,
- SLAP_OP_MODRDN,
- SLAP_OP_MODIFY,
- SLAP_OP_COMPARE,
- SLAP_OP_SEARCH,
- SLAP_OP_ABANDON,
- SLAP_OP_EXTENDED,
- SLAP_OP_LAST
-} slap_op_t;
-
-typedef struct slap_counters_t {
- ldap_pvt_thread_mutex_t sc_sent_mutex;
- ldap_pvt_mp_t sc_bytes;
- ldap_pvt_mp_t sc_pdu;
- ldap_pvt_mp_t sc_entries;
- ldap_pvt_mp_t sc_refs;
-
- ldap_pvt_thread_mutex_t sc_ops_mutex;
- ldap_pvt_mp_t sc_ops_completed;
- ldap_pvt_mp_t sc_ops_initiated;
-#ifdef SLAPD_MONITOR
- ldap_pvt_mp_t sc_ops_completed_[SLAP_OP_LAST];
- ldap_pvt_mp_t sc_ops_initiated_[SLAP_OP_LAST];
-#endif /* SLAPD_MONITOR */
-} slap_counters_t;
-
/*
* Better know these all around slapd
*/
#define LDAP_COMP_FILTER_ITEM ((ber_tag_t) 0xa3U)
#define LDAP_COMP_FILTER_UNDEFINED ((ber_tag_t) 0xa4U)
-typedef struct slap_component_id {
- int ci_type;
- struct slap_component_id *ci_next;
+typedef struct ComponentId ComponentId;
+typedef struct ComponentReference ComponentReference;
+typedef struct ComponentAssertion ComponentAssertion;
+typedef struct ComponentAssertionValue ComponentAssertionValue;
+typedef struct ComponentSyntaxInfo ComponentSyntaxInfo;
+typedef struct ComponentDesc ComponentDesc;
+
+struct ComponentData {
+ void *cd_mem_op; /* nibble memory handler */
+ ComponentSyntaxInfo** cd_tree; /* component tree */
+};
+
+struct ComponentId {
+ int ci_type;
+ ComponentId *ci_next;
union comp_id_value{
BerValue ci_identifier;
BerValue ci_select_value;
char ci_all;
} ci_val;
-} ComponentId;
+};
-typedef struct slap_component_reference {
+struct ComponentReference {
ComponentId *cr_list;
ComponentId *cr_curr;
struct berval cr_string;
slap_mask_t cr_indexmask;
AttributeDescription* cr_ad;
BerVarray cr_nvals;
- struct slap_component_reference* cr_next;
-} ComponentReference;
+ ComponentReference* cr_next;
+};
-typedef struct slap_component_assertion {
+struct ComponentAssertion {
ComponentReference *ca_comp_ref;
ber_int_t ca_use_def;
MatchingRule *ca_ma_rule;
struct berval ca_ma_value;
ComponentData ca_comp_data; /* componentized assertion */
- struct slap_component_filter *ca_cf;
+ ComponentFilter *ca_cf;
MatchingRuleAssertion *ca_mra;
-} ComponentAssertion;
+};
-typedef struct slap_component_filter {
- ber_tag_t cf_choice;
+struct ComponentFilter {
+ ber_tag_t cf_choice;
union cf_un_u {
- ber_int_t cf_un_result;
- ComponentAssertion *cf_un_ca;
- struct slap_component_filter *cf_un_complex;
+ ber_int_t cf_un_result;
+ ComponentAssertion *cf_un_ca;
+ ComponentFilter *cf_un_complex;
} cf_un;
#define cf_ca cf_un.cf_un_ca
#define cf_not cf_un.cf_un_complex
#define cf_any cf_un.cf_un_complex
- struct slap_component_filter *cf_next;
-} ComponentFilter;
+ ComponentFilter *cf_next;
+};
-typedef struct slap_component_assertion_value {
+struct ComponentAssertionValue {
char* cav_buf;
char* cav_ptr;
char* cav_end;
-} ComponentAssertionValue;
+};
typedef int encoder_func LDAP_P((
void* b,
void* comp));
-struct slap_component_syntax_info;
-
typedef int gser_decoder_func LDAP_P((
void* mem_op,
void* b,
- struct slap_component_syntax_info** comp_syn_info,
+ ComponentSyntaxInfo** comp_syn_info,
int* len,
int mode));
void* b,
int tag,
int elmtLen,
- struct slap_component_syntax_info* comp_syn_info,
+ ComponentSyntaxInfo* comp_syn_info,
int* len,
int mode));
typedef int ber_tag_decoder_func LDAP_P((
void* mem_op,
void* b,
- struct slap_component_syntax_info* comp_syn_info,
+ ComponentSyntaxInfo* comp_syn_info,
int* len,
int mode));
typedef void free_nibble_func LDAP_P ((
void* nm ));
-struct slap_component_syntax_info;
typedef void convert_assert_to_comp_func LDAP_P ((
void *mem_op,
- struct slap_component_syntax_info* csi_attr,
+ ComponentSyntaxInfo* csi_attr,
struct berval* bv,
- struct slap_component_syntax_info** csi,
+ ComponentSyntaxInfo** csi,
int* len,
int mode ));
typedef int convert_asn_to_ldap_func LDAP_P ((
- struct slap_component_syntax_info* csi,
+ ComponentSyntaxInfo* csi,
struct berval *bv ));
typedef void free_component_func LDAP_P ((
typedef int test_component_func LDAP_P ((
void* attr_mem_op,
void* assert_mem_op,
- struct slap_component_syntax_info* csi,
- struct slap_component_assertion* ca));
+ ComponentSyntaxInfo* csi,
+ ComponentAssertion* ca));
typedef void* test_membership_func LDAP_P ((
void* in ));
typedef void* get_component_info_func LDAP_P ((
int in ));
-struct slap_component_syntax_info;
-
typedef int component_encoder_func LDAP_P ((
void* mem_op,
- struct slap_component_syntax_info* csi,
+ ComponentSyntaxInfo* csi,
struct berval* nvals ));
typedef int allcomponent_matching_func LDAP_P((
char* oid,
- struct slap_component_syntax_info* comp1,
- struct slap_component_syntax_info* comp));
+ ComponentSyntaxInfo* comp1,
+ ComponentSyntaxInfo* comp));
-typedef struct slap_component_desc {
+struct ComponentDesc {
/* Don't change the order of following four fields */
- int cd_tag;
- AttributeType *cd_comp_type;
- struct berval cd_ad_type;/* ad_type, ad_cname */
- struct berval cd_ad_cname;/* ad_type, ad_cname */
- unsigned cd_flags; /*ad_flags*/
- int cd_type;
- int cd_type_id;
- encoder_func *cd_ldap_encoder;
- encoder_func *cd_gser_encoder;
- encoder_func *cd_ber_encoder;
- gser_decoder_func *cd_gser_decoder;
- ber_decoder_func *cd_ber_decoder;
- comp_free_func *cd_free;
+ int cd_tag;
+ AttributeType *cd_comp_type;
+ struct berval cd_ad_type; /* ad_type, ad_cname */
+ struct berval cd_ad_cname; /* ad_type, ad_cname */
+ unsigned cd_flags; /* ad_flags */
+ int cd_type;
+ int cd_type_id;
+ encoder_func *cd_ldap_encoder;
+ encoder_func *cd_gser_encoder;
+ encoder_func *cd_ber_encoder;
+ gser_decoder_func *cd_gser_decoder;
+ ber_decoder_func *cd_ber_decoder;
+ comp_free_func *cd_free;
extract_component_from_id_func* cd_extract_i;
allcomponent_matching_func *cd_all_match;
-} ComponentDesc;
+};
-typedef struct slap_component_syntax_info {
- Syntax* csi_syntax;
- ComponentDesc* csi_comp_desc;
-} ComponentSyntaxInfo;
+struct ComponentSyntaxInfo {
+ Syntax *csi_syntax;
+ ComponentDesc *csi_comp_desc;
+};
-#endif
+#endif /* LDAP_COMP_MATCH */
/* slab heap data structures */
projects / openldap / blobdiff