AttributeTypeSchemaCheckFN *sat_check;
char *sat_oidmacro;
-#define SLAP_AT_NONE 0x0000U
-#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */
-#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */
+#define SLAP_AT_NONE 0x0000U
+#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */
+#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */
#ifdef LDAP_DEVEL
-#define SLAP_AT_HIDE 0x0000U /* publish everything */
+#define SLAP_AT_HIDE 0x0000U /* publish everything */
#else
-#define SLAP_AT_HIDE 0x8000U /* hide attribute */
+#define SLAP_AT_HIDE 0x8000U /* hide attribute */
#endif
-#define SLAP_AT_DYNAMIC 0x0400U /* dynamically generated */
+#define SLAP_AT_DYNAMIC 0x0400U /* dynamically generated */
+
+#define SLAP_AT_MANAGEABLE 0x0800U /* no-user-mod can be by-passed */
#define SLAP_AT_ORDERED_VAL 0x0001U /* values are ordered */
#define SLAP_AT_ORDERED_SIB 0x0002U /* siblings are ordered */
-#define SLAP_AT_ORDERED 0x0003U /* value has order index */
-#define SLAP_AT_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_AT_ORDERED 0x0003U /* value has order index */
+
+#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
slap_mask_t sat_flags;
* A list of LDAPMods
*/
typedef struct slap_mod {
- int sm_op;
+ short sm_op;
+ short sm_flags;
+/* Set for internal mods, will bypass ACL checks. Only needed when
+ * running as non-root user, for user modifiable attributes.
+ */
+#define SLAP_MOD_INTERNAL 0x01
+
AttributeDescription *sm_desc;
struct berval sm_type;
BerVarray sm_values;
typedef struct slap_mod_list {
Modification sml_mod;
#define sml_op sml_mod.sm_op
+#define sml_flags sml_mod.sm_flags
#define sml_desc sml_mod.sm_desc
#define sml_type sml_mod.sm_type
#define sml_values sml_mod.sm_values
ACL_WRITE,
ACL_MANAGE,
+ /* always leave at end of levels but not greater than ACL_LEVEL_MASK */
+ ACL_LAST,
+
/* ACL level mask and modifiers */
ACL_LEVEL_MASK = 0x000f,
ACL_QUALIFIER1 = 0x0100,
#define ACL_PRIV_MANAGE ACL_ACCESS2PRIV( ACL_MANAGE )
/* NOTE: always use the highest level; current: 0x00ffUL */
-#define ACL_PRIV_MASK ((ACL_PRIV_MANAGE - 1) | ACL_QUALIFIER_MASK)
+#define ACL_PRIV_MASK ((ACL_ACCESS2PRIV(ACL_LAST) - 1) | ACL_QUALIFIER_MASK)
/* priv flags */
#define ACL_PRIV_LEVEL 0x1000UL
#define SLAP_TOOL_READONLY 0x0400
#define SLAP_TOOL_QUICK 0x0800
+#define SB_TLS_DEFAULT (-1)
#define SB_TLS_OFF 0
#define SB_TLS_ON 1
-#define SB_TLS_CRITICAL 2
+#define SB_TLS_CRITICAL 2
typedef struct slap_bindconf {
int sb_tls;
typedef struct slap_verbmasks {
struct berval word;
- const int mask;
+ const slap_mask_t mask;
} slap_verbmasks;
#define SLAP_LIMIT_TIME 1
ber_tag_t o_tag; /* tag of the request */
time_t o_time; /* time op was initiated */
+ int o_tincr; /* counter for multiple ops with same o_time */
BackendDB *o_bd; /* backend DB processing this op */
struct berval o_req_dn; /* DN of target of request */
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ char o_nocaching;
+ char o_delete_glue_parent;
+
#define SLAP_CONTROL_NONE 0
#define SLAP_CONTROL_IGNORED 1
#define SLAP_CONTROL_NONCRITICAL 2
LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
- int o_nocaching;
- int o_delete_glue_parent;
-
} Operation;
#define OPERATION_BUFFER_SIZE (sizeof(Operation)+sizeof(Opheader)+SLAP_MAX_CIDS*sizeof(void *))
#define SLAP_CTRL_HIDE 0x80000000U
#endif
+#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for ManageDIT */
+
#define SLAP_CTRL_GLOBAL 0x00800000U
#define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */