/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#define SLAP_SORTEDRESULTS
#endif
-#define SLAP_RELAX
#define LDAP_DYNAMIC_OBJECTS
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
#define SLAP_DISTPROC
* on normalized/pretty DN, such that ';' is never used
* as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c) ((c) == ',')
-#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
+#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
#define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"')
typedef struct slap_matching_rule {
LDAPMatchingRule smr_mrule;
MatchingRuleUse *smr_mru;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smr_str;
/*
* Note: the former
struct slap_matching_rule_use {
LDAPMatchingRuleUse smru_mruleuse;
MatchingRule *smru_mr;
- /* RFC2252 string representation */
+ /* RFC 4512 string representation */
struct berval smru_str;
LDAP_SLIST_ENTRY(slap_matching_rule_use) smru_next;
#define SLAP_AT_ORDERED 0x0003U /* value has order index */
#define SLAP_AT_HARDCODE 0x10000U /* hardcoded schema */
+#define SLAP_AT_DELETED 0x20000U
slap_mask_t sat_flags;
#define SLAP_OC_HIDE 0x8000
#endif
#define SLAP_OC_HARDCODE 0x10000U /* This is hardcoded schema */
+#define SLAP_OC_DELETED 0x20000U
/*
* DIT content rule
#define SLAP_DESC_NONE 0x00U
#define SLAP_DESC_BINARY 0x01U
#define SLAP_DESC_TAG_RANGE 0x80U
+#define SLAP_DESC_TEMPORARY 0x1000U
} AttributeDescription;
/* flags to slap_*2undef_ad to register undefined (0, the default)
#ifdef SLAPD_AUTHPASSWD
AttributeDescription *si_ad_authPassword;
AttributeDescription *si_ad_authPasswordSchemes;
-#endif
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- AttributeDescription *si_ad_krbName;
#endif
AttributeDescription *si_ad_description;
AttributeDescription *si_ad_seeAlso;
*/
typedef struct slap_filter {
ber_tag_t f_choice; /* values taken from ldap.h, plus: */
-#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
-#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
-#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
-#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
+#define SLAPD_FILTER_COMPUTED 0
+#define SLAPD_FILTER_MASK 0x7fff
+#define SLAPD_FILTER_UNDEFINED 0x8000
union f_un_u {
/* precomputed result */
ber_int_t f_un_result;
- /* DN */
- struct berval *f_un_dn;
-
/* present */
AttributeDescription *f_un_desc;
/* matching rule assertion */
MatchingRuleAssertion *f_un_mra;
-#define f_dn f_un.f_un_dn
#define f_desc f_un.f_un_desc
#define f_ava f_un.f_un_ava
#define f_av_desc f_un.f_un_ava->aa_desc
unsigned a_flags;
#define SLAP_ATTR_IXADD 0x1U
#define SLAP_ATTR_IXDEL 0x2U
+#define SLAP_ATTR_DONT_FREE_DATA 0x4U
+#define SLAP_ATTR_DONT_FREE_VALS 0x8U
} Attribute;
typedef unsigned long ID;
#define NOID ((ID)~0)
+typedef struct slap_entry_header {
+ struct berval bv;
+ char *data;
+ int nattrs;
+ int nvals;
+} EntryHeader;
+
/*
* represents an entry in core
*/
ACL_STYLE_USERS,
ACL_STYLE_SELF,
ACL_STYLE_IP,
+ ACL_STYLE_IPV6,
ACL_STYLE_PATH
} slap_style_t;
/* connection related stuff */
slap_style_t a_peername_style;
struct berval a_peername_pat;
+#ifdef LDAP_PF_INET6
+ union {
+ struct in6_addr ax6;
+ unsigned long ax;
+ } ax_peername_addr,
+ ax_peername_mask;
+#define a_peername_addr6 ax_peername_addr.ax6
+#define a_peername_addr ax_peername_addr.ax
+#define a_peername_mask6 ax_peername_mask.ax6
+#define a_peername_mask ax_peername_mask.ax
+/* apparently, only s6_addr is portable;
+ * define a portable address mask comparison */
+#define slap_addr6_mask(val, msk, asr) ( \
+ (((val)->s6_addr[0] & (msk)->s6_addr[0]) == (asr)->s6_addr[0]) \
+ && (((val)->s6_addr[1] & (msk)->s6_addr[1]) == (asr)->s6_addr[1]) \
+ && (((val)->s6_addr[2] & (msk)->s6_addr[2]) == (asr)->s6_addr[2]) \
+ && (((val)->s6_addr[3] & (msk)->s6_addr[3]) == (asr)->s6_addr[3]) \
+ && (((val)->s6_addr[4] & (msk)->s6_addr[4]) == (asr)->s6_addr[4]) \
+ && (((val)->s6_addr[5] & (msk)->s6_addr[5]) == (asr)->s6_addr[5]) \
+ && (((val)->s6_addr[6] & (msk)->s6_addr[6]) == (asr)->s6_addr[6]) \
+ && (((val)->s6_addr[7] & (msk)->s6_addr[7]) == (asr)->s6_addr[7]) \
+ && (((val)->s6_addr[8] & (msk)->s6_addr[8]) == (asr)->s6_addr[8]) \
+ && (((val)->s6_addr[9] & (msk)->s6_addr[9]) == (asr)->s6_addr[9]) \
+ && (((val)->s6_addr[10] & (msk)->s6_addr[10]) == (asr)->s6_addr[10]) \
+ && (((val)->s6_addr[11] & (msk)->s6_addr[11]) == (asr)->s6_addr[11]) \
+ && (((val)->s6_addr[12] & (msk)->s6_addr[12]) == (asr)->s6_addr[12]) \
+ && (((val)->s6_addr[13] & (msk)->s6_addr[13]) == (asr)->s6_addr[13]) \
+ && (((val)->s6_addr[14] & (msk)->s6_addr[14]) == (asr)->s6_addr[14]) \
+ && (((val)->s6_addr[15] & (msk)->s6_addr[15]) == (asr)->s6_addr[15]) \
+ )
+#else /* ! LDAP_PF_INET6 */
unsigned long a_peername_addr,
a_peername_mask;
+#endif /* ! LDAP_PF_INET6 */
int a_peername_port;
slap_style_t a_sockname_style;
typedef struct slap_bindconf {
struct berval sb_uri;
+ int sb_version;
int sb_tls;
int sb_method;
+ int sb_timeout_api;
+ int sb_timeout_net;
struct berval sb_binddn;
struct berval sb_cred;
struct berval sb_saslmech;
int off;
char type;
char quote;
- slap_verbmasks *aux;
+ void *aux;
} slap_cf_aux_table;
#define SLAP_LIMIT_TIME 1
struct syncinfo_s;
#define SLAP_SYNC_RID_SIZE 3
+#define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */
#define SLAP_SYNCUUID_SET_SIZE 256
#define SLAP_SYNC_UPDATE_MSGID 1
struct sync_cookie {
- struct berval ctxcsn;
+ struct berval *ctxcsn;
struct berval octet_str;
- long rid;
+ int rid;
+ int sid;
+ int numcsns;
+ int *sids;
LDAP_STAILQ_ENTRY(sync_cookie) sc_next;
};
#define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */
#define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */
#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */
+#define SLAP_DBFLAG_MONITORING 0x0800U /* custom monitoring enabled */
#define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */
#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */
#define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */
#define SLAP_DBHIDDEN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_HIDDEN)
#define SLAP_ISOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_OVERLAY)
#define SLAP_ISGLOBALOVERLAY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_GLOBAL_OVERLAY)
+#define SLAP_DBMONITORING(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MONITORING)
#define SLAP_NO_SCHEMA_CHECK(be) \
(SLAP_DBFLAGS(be) & SLAP_DBFLAG_NO_SCHEMA_CHECK)
#define SLAP_GLUE_INSTANCE(be) \
#define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */
#define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */
-#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */
#define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */
#define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */
typedef struct req_modify_s {
Modifications *rs_modlist;
int rs_increment; /* FIXME: temporary */
+ char rs_no_opattrs; /* don't att modify operational attrs */
} req_modify_s;
typedef struct req_modrdn_s {
+ Modifications *rs_modlist;
struct berval rs_newrdn;
struct berval rs_nnewrdn;
struct berval *rs_newSup;
struct berval *rs_nnewSup;
int rs_deleteoldrdn;
- Modifications *rs_modlist;
} req_modrdn_s;
typedef struct req_add_s {
- Entry *rs_e;
Modifications *rs_modlist; /* FIXME: temporary */
+ Entry *rs_e;
} req_add_s;
typedef struct req_abandon_s {
REP_EXTENDED,
REP_SEARCH,
REP_SEARCHREF,
- REP_INTERMEDIATE
+ REP_INTERMEDIATE,
+ REP_GLUE_RESULT
} slap_reply_t;
typedef struct rep_sasl_s {
typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id ));
typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e,
struct berval *text ));
-typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id ));
+typedef int (BI_tool_entry_reindex) LDAP_P(( BackendDB *be, ID id, AttributeDescription **adv ));
typedef int (BI_tool_sync) LDAP_P(( BackendDB *be ));
typedef ID (BI_tool_dn2id_get) LDAP_P(( BackendDB *be, struct berval *dn ));
typedef int (BI_tool_id2entry_get) LDAP_P(( BackendDB *be, ID id, Entry **e ));
unsigned int bi_nDB; /* number of databases of this type */
struct ConfigOCs *bi_cf_ocs;
char **bi_obsolete_names;
- void *bi_private; /* anything the backend type needs */
+ void *bi_extra; /* backend type-specific APIs */
+ void *bi_private; /* backend type-specific config data */
LDAP_STAILQ_ENTRY(slap_backend_info) bi_next ;
};
/* Should successive callbacks in a chain be processed? */
#define SLAP_CB_FREEME 0x04000
+#define SLAP_CB_BYPASS 0x08800
#define SLAP_CB_CONTINUE 0x08000
/*
int sc_assert;
int sc_domainScope;
int sc_dontUseCopy;
- int sc_manageDIT;
int sc_manageDSAit;
int sc_modifyIncrement;
int sc_noOp;
int sc_postRead;
int sc_preRead;
int sc_proxyAuthz;
+ int sc_relax;
int sc_searchOptions;
#ifdef SLAP_SORTEDRESULTS
int sc_sortedResults;
#endif
} Opheader;
+typedef union slap_op_request {
+ req_add_s oq_add;
+ req_bind_s oq_bind;
+ req_compare_s oq_compare;
+ req_modify_s oq_modify;
+ req_modrdn_s oq_modrdn;
+ req_search_s oq_search;
+ req_abandon_s oq_abandon;
+ req_abandon_s oq_cancel;
+ req_extended_s oq_extended;
+ req_pwdexop_s oq_pwdexop;
+} OpRequest;
+
typedef struct slap_op {
Opheader *o_hdr;
struct berval o_req_dn; /* DN of target of request */
struct berval o_req_ndn;
- union o_req_u {
- req_add_s oq_add;
- req_bind_s oq_bind;
- req_compare_s oq_compare;
- req_modify_s oq_modify;
- req_modrdn_s oq_modrdn;
- req_search_s oq_search;
- req_abandon_s oq_abandon;
- req_abandon_s oq_cancel;
- req_extended_s oq_extended;
- req_pwdexop_s oq_pwdexop;
- } o_request;
+ OpRequest o_request;
/* short hands for union members */
#define oq_add o_request.oq_add
#define orn_msgid oq_abandon.rs_msgid
#define orm_modlist oq_modify.rs_modlist
#define orm_increment oq_modify.rs_increment
+#define orm_no_opattrs oq_modify.rs_no_opattrs
#define ore_reqoid oq_extended.rs_reqoid
#define ore_flags oq_extended.rs_flags
GroupAssertion *o_groups;
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ slap_access_t o_acl_priv;
char o_nocaching;
char o_delete_glue_parent;
#define o_dontUseCopy o_ctrlflag[slap_cids.sc_dontUseCopy]
#define get_dontUseCopy(op) _SCM((op)->o_dontUseCopy)
-#define o_managedit o_ctrlflag[slap_cids.sc_manageDIT]
-#define get_manageDIT(op) _SCM((op)->o_managedit)
+#define o_relax o_ctrlflag[slap_cids.sc_relax]
+#define get_relax(op) _SCM((op)->o_relax)
#define o_managedsait o_ctrlflag[slap_cids.sc_manageDSAit]
#define get_manageDSAit(op) _SCM((op)->o_managedsait)
/*
* Operation indices
*/
-enum {
+typedef enum {
SLAP_OP_BIND = 0,
SLAP_OP_UNBIND,
SLAP_OP_ADD,
SLAP_OP_ABANDON,
SLAP_OP_EXTENDED,
SLAP_OP_LAST
-};
+} slap_op_t;
typedef struct slap_counters_t {
ldap_pvt_thread_mutex_t sc_sent_mutex;
#define SLAP_CTRL_HIDE 0x80000000U
#endif
-#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for ManageDIT */
+#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for Relax */
#define SLAP_CTRL_GLOBAL 0x00800000U
#define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */
projects / openldap / blobdiff