/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
LDAP_BEGIN_DECL
-
#ifdef LDAP_DEVEL
#define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */
#define SLAP_MULTI_CONN_ARRAY
#define SLAP_ACL_HONOR_DISCLOSE /* partially implemented */
#define SLAP_ACL_HONOR_MANAGE /* not yet implemented */
-#define SLAP_DYNACL
#define SLAP_OVERLAY_ACCESS
#define LDAP_COMP_MATCH
#define LDAP_DYNAMIC_OBJECTS
#define LDAP_SYNC_TIMESTAMP
#define LDAP_COLLECTIVE_ATTRIBUTES
-#define SLAPD_CONF_UNKNOWN_BAILOUT
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
#define SLAP_ORDERED_PRETTYNORM
#define SLAP_OVERLAY_ACCESS
#endif
-/*
- * ITS#3705: bail out if unknown config directives appear in slapd.conf
- */
-#ifdef SLAPD_CONF_UNKNOWN_BAILOUT
-#define SLAPD_CONF_UNKNOWN_IGNORED ""
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_ANY
-#else /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
-#define SLAPD_CONF_UNKNOWN_IGNORED " (ignored)"
-#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_CONFIG
-#endif /* ! SLAPD_CONF_UNKNOWN_BAILOUT */
-
/*
* SLAPD Memory allocation macros
*
#define SLAPD_ROLE_ATTR "roleOccupant"
#define SLAPD_ROLE_CLASS "organizationalRole"
-#ifdef SLAPD_ACI_ENABLED
-#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
-#endif /* SLAPD_ACI_ENABLED */
-
-/* change this to "OpenLDAPset" */
-#define SLAPD_ACI_SET_ATTR "template"
-
#define SLAPD_TOP_OID "2.5.6.0"
LDAP_SLAPD_V (int) slap_debug;
ACL_COMPARE,
ACL_SEARCH,
ACL_READ,
- ACL_WRITE,
+ ACL_WRITE_,
ACL_MANAGE,
/* always leave at end of levels but not greater than ACL_LEVEL_MASK */
ACL_QUALIFIER_MASK = 0x0f00,
/* write granularity */
- ACL_WADD = ACL_WRITE|ACL_QUALIFIER1,
- ACL_WDEL = ACL_WRITE|ACL_QUALIFIER2
+ ACL_WADD = ACL_WRITE_|ACL_QUALIFIER1,
+ ACL_WDEL = ACL_WRITE_|ACL_QUALIFIER2,
+
+ ACL_WRITE = ACL_WADD|ACL_WDEL
} slap_access_t;
typedef enum slap_control_e {
#ifdef SLAP_DYNACL
slap_dynacl_t *a_dynacl;
-#else /* ! SLAP_DYNACL */
-#ifdef SLAPD_ACI_ENABLED
- /* NOTE: ACIs have been moved under the "dynacl" interface,
- * which is currently built only when LDAP_DEVEL is defined.
- *
- * In any case, SLAPD_ACI_ENABLED, set by --enable-aci,
- * is required to enable ACI support.
- */
- AttributeDescription *a_aci_at;
-#endif /* SLAPD_ACI_ENABLED */
#endif /* SLAP_DYNACL */
/* ACL Groups */
struct slap_acl *acl_next;
} AccessControl;
+typedef enum {
+ ACL_STATE_NOT_RECORDED = 0x0,
+ ACL_STATE_RECORDED_VD = 0x1,
+ ACL_STATE_RECORDED_NV = 0x2,
+ ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV )
+} slap_acl_state_t;
+
typedef struct slap_acl_state {
- unsigned as_recorded;
-#define ACL_STATE_NOT_RECORDED 0x0
-#define ACL_STATE_RECORDED_VD 0x1
-#define ACL_STATE_RECORDED_NV 0x2
-#define ACL_STATE_RECORDED 0x3
+ slap_acl_state_t as_recorded;
/* Access state */
AccessControl *as_vd_acl;
#define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \
{ { 0, 0 } }, 0, NULL, 0, 0, NULL }
-#ifdef SLAPD_ACI_ENABLED
-typedef enum slap_aci_scope_t {
- SLAP_ACI_SCOPE_ENTRY = 0x1,
- SLAP_ACI_SCOPE_CHILDREN = 0x2,
- SLAP_ACI_SCOPE_SUBTREE = ( SLAP_ACI_SCOPE_ENTRY | SLAP_ACI_SCOPE_CHILDREN )
-} slap_aci_scope_t;
-#endif /* SLAPD_ACI_ENABLED */
-
/*
* Backend-info
* represents a backend
#define SLAP_TOOL_READMAIN 0x0200
#define SLAP_TOOL_READONLY 0x0400
#define SLAP_TOOL_QUICK 0x0800
+#define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000
#define SB_TLS_DEFAULT (-1)
#define SB_TLS_OFF 0
#define SLAP_DBFLAG_GLUE_ADVERTISE 0x0080U /* advertise in rootDSE */
#define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */
#define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */
+#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */
#define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */
+#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */
slap_mask_t be_flags;
#define SLAP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SHADOW)
#define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW)
#define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW)
+#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW)
+#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be))
slap_mask_t be_restrictops; /* restriction operations */
#define SLAP_RESTRICT_OP_ADD 0x0001U
| SLAP_RESTRICT_OP_BIND \
| SLAP_RESTRICT_OP_EXTENDED )
-#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
+#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */
#define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */
#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */
#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */
+#define SLAP_ALLOW_PROXY_AUTHZ_ANON 0x0010U /* allow anonymous proxyAuthz */
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
#define SLAP_BFLAG_SUBENTRIES 0x4000U
#define SLAP_BFLAG_DYNAMIC 0x8000U
+/* overlay specific */
+#define SLAPO_BFLAG_SINGLE 0x01000000U
+#define SLAPO_BFLAG_DBONLY 0x02000000U
+#define SLAPO_BFLAG_GLOBONLY 0x04000000U
+#define SLAPO_BFLAG_MASK 0xFF000000U
+
#define SLAP_BFLAGS(be) ((be)->bd_info->bi_flags)
#define SLAP_MONITOR(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_MONITOR)
#define SLAP_CONFIG(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_CONFIG)
#define SLAP_ALIASES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_ALIASES)
#define SLAP_REFERRALS(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_REFERRALS)
#define SLAP_SUBENTRIES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_SUBENTRIES)
-#define SLAP_DYNAMIC(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC)
+#define SLAP_DYNAMIC(be) ((SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC) || (SLAP_DBFLAGS(be) & SLAP_DBFLAG_DYNAMIC))
#define SLAP_NOLASTMODCMD(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_NOLASTMODCMD)
#define SLAP_LASTMODCMD(be) (!SLAP_NOLASTMODCMD(be))
+/* overlay specific */
+#define SLAPO_SINGLE(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_SINGLE)
+#define SLAPO_DBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DBONLY)
+#define SLAPO_GLOBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_GLOBONLY)
+
char **bi_controls; /* supported controls */
char bi_ctrls[SLAP_MAX_CIDS + 1];
long c_n_read; /* num of read calls */
long c_n_write; /* num of write calls */
- void *c_pb; /* Netscape plugin */
void *c_extensions; /* Netscape plugin */
/*
} Connection;
#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
-#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1) ); \
- } while (0)
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2) ); \
- } while (0)
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3) ); \
- } while (0)
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3), (arg4) ); \
- } while (0)
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\
- if ( ldap_syslog & (level) ) \
- syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \
- (arg1), (arg2), (arg3), (arg4), (arg5) ); \
- } while (0)
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
- Statslog3( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
+ Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
#define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level))
#elif defined(LDAP_DEBUG)
-#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1) );\
- } while (0)
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\
- } while (0)
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
- } while (0)
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\
- } while (0)
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \
- do { \
- if ( ldap_debug & (level) ) \
- fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\
- } while (0)
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_debug & (level) ) \
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
#else
-#define Statslog1( level, severity, fmt, connid, opid, arg1 )
-#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 )
-#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 )
-#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 )
-#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 )
-#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )
#define StatslogTest( level ) (0)
#endif
SlapReply *rs,
LDAPControl *ctrl ));
+typedef int (*SLAP_ENTRY_INFO_FN) LDAP_P(( void *arg, Entry *e ));
+
#define SLAP_SLAB_SIZE (1024*1024)
#define SLAP_SLAB_STACK 1
#define SLAP_SLAB_SOBLOCK 64