-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-/*
- * (C) Copyright IBM Corp. 1997,2002
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and that due credit is
- * given to IBM Corporation. This software is provided ``as is''
- * without express or implied warranty.
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2002-2004 The OpenLDAP Foundation.
+ * Portions Copyright 1997,2002-2003 IBM Corporation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
-/*
- * Portions (C) Copyright PADL Software Pty Ltd. 2003
- * Redistribution and use in source and binary forms are permitted
- * provided that this notice is preserved and that due credit is
- * given to PADL Software Pty Ltd. This software is provided ``as is''
- * without express or implied warranty.
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by IBM Corporation for use in
+ * IBM products and subsequently ported to OpenLDAP Software by
+ * Steve Omrani. Additional significant contributors include:
+ * Luke Howard
*/
#include "portable.h"
#include <ac/stdarg.h>
#include <ac/ctype.h>
#include <ac/unistd.h>
-#include <ldap_pvt.h>
#include <slap.h>
#include <slapi.h>
-#ifdef _SPARC
-#include <sys/systeminfo.h>
-#endif
-
#include <netdb.h>
/*
ldap_pvt_thread_mutex_t mutex;
};
+#ifdef LDAP_SLAPI
+static int checkBVString(const struct berval *bv)
+{
+ int i;
+
+ for ( i = 0; i < bv->bv_len; i++ ) {
+ if ( bv->bv_val[i] == '\0' )
+ return 0;
+ }
+ if ( bv->bv_val[i] != '\0' )
+ return 0;
+
+ return 1;
+}
+#endif /* LDAP_SLAPI */
+
/*
* This function converts an array of pointers to berval objects to
* an array of berval objects.
Slapi_Entry *
slapi_str2entry(
char *s,
- int check_dup )
+ int flags )
{
#ifdef LDAP_SLAPI
Slapi_Entry *e = NULL;
char *ldn )
{
#ifdef LDAP_SLAPI
- struct berval dn = { 0, NULL };
+ struct berval dn = BER_BVNULL;
dn.bv_val = ldn;
dn.bv_len = strlen( ldn );
- dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname );
+ dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname, NULL );
#endif /* LDAP_SLAPI */
}
slapi_entry_dup( Slapi_Entry *e )
{
#ifdef LDAP_SLAPI
- char *tmp = NULL;
- Slapi_Entry *tmpEnt;
- int len = 0;
-
- tmp = slapi_entry2str( e, &len );
- if ( tmp == NULL ) {
- return (Slapi_Entry *)NULL;
- }
-
- tmpEnt = (Slapi_Entry *)str2entry( tmp );
- if ( tmpEnt == NULL ) {
- slapi_ch_free( (void **)&tmp );
- return (Slapi_Entry *)NULL;
- }
-
- if (tmp != NULL) {
- slapi_ch_free( (void **)&tmp );
- }
-
- return tmpEnt;
+ return entry_dup( e );
#else /* LDAP_SLAPI */
return NULL;
#endif /* LDAP_SLAPI */
return -1;
}
- rc = attr_mergeit( e, ad, bv );
+ rc = attr_merge_normalize_one( e, ad, bv, NULL );
ch_free( bv );
return rc;
return NULL;
}
- if ( attr->a_vals != NULL && attr->a_vals[0].bv_val != NULL ) {
- return slapi_ch_strdup( attr->a_vals[0].bv_val );
+ if ( attr->a_vals != NULL && attr->a_vals[0].bv_len != 0 ) {
+ const char *p;
+
+ p = slapi_value_get_string( &attr->a_vals[0] );
+ if ( p != NULL ) {
+ return slapi_ch_strdup( (char *)p );
+ }
}
return NULL;
#endif
}
-int
+long
slapi_entry_attr_get_long( const Slapi_Entry *e, const char *type )
{
#ifdef LDAP_SLAPI
#endif
}
-int
+unsigned int
slapi_entry_attr_get_uint( const Slapi_Entry *e, const char *type )
{
#ifdef LDAP_SLAPI
#endif
}
-int
+unsigned long
slapi_entry_attr_get_ulong( const Slapi_Entry *e, const char *type )
{
#ifdef LDAP_SLAPI
if ( value != NULL ) {
bv.bv_val = (char *)value;
bv.bv_len = strlen(value);
- attr_mergeit_one( e, ad, &bv );
+ attr_merge_normalize_one( e, ad, &bv, NULL );
}
#endif /* LDAP_SLAPI */
}
#endif
}
+int
+slapi_entry_has_children(const Slapi_Entry *e)
+{
+#ifdef LDAP_SLAPI
+ Connection *pConn;
+ Operation *op;
+ int hasSubordinates = 0;
+
+ pConn = slapi_int_init_connection( NULL, LDAP_REQ_SEARCH );
+ if ( pConn == NULL ) {
+ return 0;
+ }
+
+ op = (Operation *)pConn->c_pending_ops.stqh_first;
+ op->o_bd = select_backend( (struct berval *)&e->e_nname, 0, 0 );
+ if ( op->o_bd == NULL ) {
+ return 0;
+ }
+
+ op->o_bd->be_has_subordinates( op, (Entry *)e, &hasSubordinates );
+
+ slapi_int_connection_destroy( &pConn );
+
+ return ( hasSubordinates == LDAP_COMPARE_TRUE );
+#else
+ return 0;
+#endif
+}
+
+/*
+ * Return approximate size of the entry rounded to the nearest
+ * 1K. Only the size of the attribute values are counted in the
+ * Sun implementation.
+ *
+ * http://docs.sun.com/source/816-6701-10/funcref.html#1017388
+ */
+size_t slapi_entry_size(Slapi_Entry *e)
+{
+#ifdef LDAP_SLAPI
+ size_t size;
+ Attribute *a;
+ int i;
+
+ for ( size = 0, a = e->e_attrs; a != NULL; a = a->a_next ) {
+ for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
+ size += a->a_vals[i].bv_len + 1;
+ }
+ }
+
+ size += 1023;
+ size -= (size % 1024);
+
+ return size;
+#else
+ return 0;
+#endif /* LDAP_SLAPI */
+}
+
/*
* Add values to entry.
*
if ( vals == NULL ) {
/* Apparently vals can be NULL
- * FIXME: sm_bvalues = NULL ? */
- mod.sm_bvalues = (BerVarray)ch_malloc( sizeof(struct berval) );
- mod.sm_bvalues->bv_val = NULL;
+ * FIXME: sm_values = NULL ? */
+ mod.sm_values = (BerVarray)ch_malloc( sizeof(struct berval) );
+ mod.sm_values->bv_val = NULL;
} else {
- rc = bvptr2obj( vals, &mod.sm_bvalues );
+ rc = bvptr2obj( vals, &mod.sm_values );
if ( rc != LDAP_SUCCESS ) {
return LDAP_CONSTRAINT_VIOLATION;
}
}
-#ifdef SLAP_NVALUES
mod.sm_nvalues = NULL;
-#endif
rc = modify_add_values( e, &mod, 0, &text, textbuf, sizeof(textbuf) );
- ch_free( mod.sm_bvalues );
+ ch_free( mod.sm_values );
return (rc == LDAP_SUCCESS) ? LDAP_SUCCESS : LDAP_CONSTRAINT_VIOLATION;
#else
return -1;
}
- return attr_mergeit( e, ad, *vs );
+ return attr_merge_normalize( e, ad, *vs, NULL );
#else
return -1;
#endif /* LDAP_SLAPI */
return attr_delete( &e->e_attrs, mod.sm_desc ) ? LDAP_OTHER : LDAP_SUCCESS;
}
- rc = bvptr2obj( vals, &mod.sm_bvalues );
+ rc = bvptr2obj( vals, &mod.sm_values );
if ( rc != LDAP_SUCCESS ) {
return LDAP_CONSTRAINT_VIOLATION;
}
-#if SLAP_NVALUES
mod.sm_nvalues = NULL;
-#endif
rc = modify_delete_values( e, &mod, 0, &text, textbuf, sizeof(textbuf) );
- ch_free( mod.sm_bvalues );
+ ch_free( mod.sm_values );
return rc;
#else
return -1;
}
- rc = attr_mergeit_one( e, ad, (Slapi_Value *)value );
+ rc = attr_merge_normalize_one( e, ad, (Slapi_Value *)value, NULL );
if ( rc != LDAP_SUCCESS ) {
return -1;
}
return -1;
}
- rc = attr_mergeit( e, ad, bv );
+ rc = attr_merge_normalize( e, ad, bv, NULL );
slapi_ch_free( (void **)&bv );
if ( rc != LDAP_SUCCESS ) {
return -1;
{
#ifdef LDAP_SLAPI
struct berval bdn;
- struct berval ndn;
+ struct berval pdn;
assert( dn != NULL );
bdn.bv_val = dn;
bdn.bv_len = strlen( dn );
- dnNormalize2( NULL, &bdn, &ndn );
+ if ( dnPretty( NULL, &bdn, &pdn, NULL ) != LDAP_SUCCESS ) {
+ return NULL;
+ }
- /*
- * FIXME: ain't it safe to set dn = ndn.bv_val ?
- */
- dn = ch_strdup( ndn.bv_val );
- ch_free( ndn.bv_val );
-
- return dn;
+ return pdn.bv_val;
#else /* LDAP_SLAPI */
return NULL;
#endif /* LDAP_SLAPI */
}
-/*
- * FIXME: this function is dangerous and should be deprecated;
- * DN normalization is a lot more than lower-casing, and BTW
- * OpenLDAP's DN normalization for case insensitive attributes
- * is already lower case
- */
char *
slapi_dn_normalize_case( char *dn )
{
#ifdef LDAP_SLAPI
- slapi_dn_normalize( dn );
- ldap_pvt_str2lower( dn );
+ struct berval bdn;
+ struct berval ndn;
+
+ assert( dn != NULL );
+
+ bdn.bv_val = dn;
+ bdn.bv_len = strlen( dn );
+
+ if ( dnNormalize( 0, NULL, NULL, &bdn, &ndn, NULL ) != LDAP_SUCCESS ) {
+ return NULL;
+ }
- return dn;
+ return ndn.bv_val;
#else /* LDAP_SLAPI */
return NULL;
#endif /* LDAP_SLAPI */
#ifdef LDAP_SLAPI
struct berval bdn, ndn;
struct berval bsuffix, nsuffix;
+ int rc;
assert( dn != NULL );
assert( suffix != NULL );
bsuffix.bv_val = suffix;
bsuffix.bv_len = strlen( suffix );
- dnNormalize2( NULL, &bdn, &ndn );
- dnNormalize2( NULL, &bsuffix, &nsuffix );
+ if ( dnNormalize( 0, NULL, NULL, &bdn, &ndn, NULL ) != LDAP_SUCCESS ) {
+ return 0;
+ }
+
+ if ( dnNormalize( 0, NULL, NULL, &bsuffix, &nsuffix, NULL )
+ != LDAP_SUCCESS )
+ {
+ slapi_ch_free( (void **)&ndn.bv_val );
+ return 0;
+ }
+
+ rc = dnIsSuffix( &ndn, &nsuffix );
- return dnIsSuffix( &ndn, &nsuffix );
+ slapi_ch_free( (void **)&ndn.bv_val );
+ slapi_ch_free( (void **)&nsuffix.bv_val );
+
+ return rc;
#else /* LDAP_SLAPI */
return 0;
#endif /* LDAP_SLAPI */
}
+int
+slapi_dn_isparent(
+ const char *parentdn,
+ const char *childdn )
+{
+#ifdef LDAP_SLAPI
+ struct berval assertedParentDN, normalizedAssertedParentDN;
+ struct berval childDN, normalizedChildDN;
+ struct berval normalizedParentDN;
+ int match;
+
+ assert( parentdn != NULL );
+ assert( childdn != NULL );
+
+ assertedParentDN.bv_val = (char *)parentdn;
+ assertedParentDN.bv_len = strlen( parentdn );
+
+ if ( dnNormalize( 0, NULL, NULL, &assertedParentDN,
+ &normalizedAssertedParentDN, NULL ) != LDAP_SUCCESS )
+ {
+ return 0;
+ }
+
+ childDN.bv_val = (char *)childdn;
+ childDN.bv_len = strlen( childdn );
+
+ if ( dnNormalize( 0, NULL, NULL, &childDN,
+ &normalizedChildDN, NULL ) != LDAP_SUCCESS )
+ {
+ slapi_ch_free( (void **)&normalizedAssertedParentDN.bv_val );
+ return 0;
+ }
+
+ dnParent( &normalizedChildDN, &normalizedParentDN );
+
+ if ( dnMatch( &match, 0, slap_schema.si_syn_distinguishedName, NULL,
+ &normalizedParentDN, (void *)&normalizedAssertedParentDN ) != LDAP_SUCCESS )
+ {
+ match = -1;
+ }
+
+ slapi_ch_free( (void **)&normalizedAssertedParentDN.bv_val );
+ slapi_ch_free( (void **)&normalizedChildDN.bv_val );
+
+ return ( match == 0 );
+#else
+ return 0;
+#endif /* LDAP_SLAPI */
+}
+
+/*
+ * Returns DN of the parent entry, or NULL if the DN is
+ * an empty string or NULL, or has no parent.
+ */
+char *
+slapi_dn_parent( const char *_dn )
+{
+#ifdef LDAP_SLAPI
+ struct berval dn, prettyDN;
+ struct berval parentDN;
+
+ if ( _dn == NULL ) {
+ return NULL;
+ }
+
+ dn.bv_val = (char *)_dn;
+ dn.bv_len = strlen( _dn );
+
+ if ( dn.bv_len == 0 ) {
+ return NULL;
+ }
+
+ if ( dnPretty( NULL, &dn, &prettyDN, NULL ) != LDAP_SUCCESS ) {
+ return NULL;
+ }
+
+ dnParent( &prettyDN, &parentDN ); /* in-place */
+
+ slapi_ch_free( (void **)&prettyDN.bv_val );
+
+ if ( parentDN.bv_len == 0 ) {
+ return NULL;
+ }
+
+ return slapi_ch_strdup( parentDN.bv_val );
+#else
+ return NULL;
+#endif /* LDAP_SLAPI */
+}
+
+/*
+ * Returns DN of the parent entry; or NULL if the DN is
+ * an empty string, if the DN has no parent, or if the
+ * DN is the suffix of the backend database
+ */
+char *slapi_dn_beparent( Slapi_PBlock *pb, const char *_dn )
+{
+#ifdef LDAP_SLAPI
+ Backend *be;
+ struct berval dn, prettyDN;
+ struct berval normalizedDN, parentDN;
+
+ if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void **)&be ) != 0 )
+ be = NULL;
+
+ dn.bv_val = (char *)_dn;
+ dn.bv_len = strlen( _dn );
+
+ if ( dnPrettyNormal( NULL, &dn, &prettyDN, &normalizedDN, NULL ) != LDAP_SUCCESS ) {
+ return NULL;
+ }
+
+ if ( be != NULL && be_issuffix( be, &normalizedDN ) ) {
+ slapi_ch_free( (void **)&prettyDN.bv_val );
+ slapi_ch_free( (void **)&normalizedDN.bv_val );
+ return NULL;
+ }
+
+ dnParent( &prettyDN, &parentDN );
+
+ slapi_ch_free( (void **)&prettyDN.bv_val );
+ slapi_ch_free( (void **)&normalizedDN.bv_val );
+
+ if ( parentDN.bv_len == 0 ) {
+ return NULL;
+ }
+
+ return slapi_ch_strdup( parentDN.bv_val );
+#else
+ return NULL;
+#endif /* LDAP_SLAPI */
+}
+
char *
slapi_dn_ignore_case( char *dn )
{
}
static int
-parseSlapiControl(
+slapi_int_parse_control(
Operation *op,
SlapReply *rs,
LDAPControl *ctrl )
slapiControlOp2SlapControlMask( controlops, &controlmask );
- register_supported_control( controloid, controlmask, NULL, parseSlapiControl );
+ register_supported_control( controloid, controlmask, NULL, slapi_int_parse_control, NULL );
#endif /* LDAP_SLAPI */
}
{
#ifdef LDAP_SLAPI
/* FIXME -- can not add saslmechanism to OpenLDAP dynamically */
- slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
+ slapi_log_error( SLAPI_LOG_FATAL, "slapi_register_supported_saslmechanism",
"OpenLDAP does not support dynamic registration of SASL mechanisms\n" );
#endif /* LDAP_SLAPI */
}
{
#ifdef LDAP_SLAPI
/* FIXME -- can not get the saslmechanism without a connection. */
- slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SASL",
+ slapi_log_error( SLAPI_LOG_FATAL, "slapi_get_supported_saslmechanisms",
"can not get the SASL mechanism list "
"without a connection\n" );
return NULL;
;
}
- for ( j = 0; ns_get_supported_extop( j ) != NULL; j++ ) {
+ for ( j = 0; slapi_int_get_supported_extop( j ) != NULL; j++ ) {
;
}
for ( ; k < j; k++ ) {
struct berval *bv;
- bv = ns_get_supported_extop( k );
+ bv = slapi_int_get_supported_extop( k );
assert( bv != NULL );
ppExtOpOID[ i + k ] = bv->bv_val;
AttributeName *an = NULL;
const char *text;
- for ( i = 0; attrs[ i ] != NULL; i++ ) {
- ; /* empty */
+ if ( attrs != NULL ) {
+ for ( i = 0; attrs[ i ] != NULL; i++ ) {
+ ; /* empty */
+ }
+ } else {
+ i = 0;
}
if ( i > 0 ) {
rs.sr_ref = NULL;
rs.sr_ctrls = ectrls;
rs.sr_attrs = an;
+ rs.sr_operational_attrs = NULL;
rs.sr_entry = e;
rs.sr_v2ref = NULL;
+ rs.sr_flags = 0;
if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp ) != 0 ) {
return LDAP_OTHER;
#endif /* LDAP_SLAPI */
}
+int
+slapi_send_ldap_search_reference(
+ Slapi_PBlock *pb,
+ Slapi_Entry *e,
+ struct berval **references,
+ LDAPControl **ectrls,
+ struct berval **v2refs
+ )
+{
+#ifdef LDAP_SLAPI
+ Operation *pOp;
+ SlapReply rs = { REP_SEARCHREF };
+ int rc;
+
+ rs.sr_err = LDAP_SUCCESS;
+ rs.sr_matched = NULL;
+ rs.sr_text = NULL;
+
+ rc = bvptr2obj( references, &rs.sr_ref );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ rs.sr_ctrls = ectrls;
+ rs.sr_attrs = NULL;
+ rs.sr_operational_attrs = NULL;
+ rs.sr_entry = e;
+
+ if ( v2refs != NULL ) {
+ rc = bvptr2obj( v2refs, &rs.sr_v2ref );
+ if ( rc != LDAP_SUCCESS ) {
+ slapi_ch_free( (void **)&rs.sr_ref );
+ return rc;
+ }
+ } else {
+ rs.sr_v2ref = NULL;
+ }
+
+ if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp ) != 0 ) {
+ return LDAP_OTHER;
+ }
+
+ rc = send_search_reference( pOp, &rs );
+
+ if ( rs.sr_ref != NULL )
+ slapi_ch_free( (void **)&rs.sr_ref );
+
+ if ( rs.sr_v2ref != NULL )
+ slapi_ch_free( (void **)&rs.sr_v2ref );
+
+ return rc;
+#else
+ return -1;
+#endif /* LDAP_SLAPI */
+}
Slapi_Filter *
slapi_str2filter( char *str )
f->f_mra->ma_desc = filter->f_mra->ma_desc;
f->f_mra->ma_dnattrs = filter->f_mra->ma_dnattrs;
ber_dupbv( &f->f_mra->ma_value, &filter->f_mra->ma_value );
+ break;
case LDAP_FILTER_SUBSTRINGS: {
int i;
f->f_sub = (SubstringsAssertion *)slapi_ch_malloc( sizeof(SubstringsAssertion) );
+ f->f_sub->sa_desc = filter->f_sub->sa_desc;
ber_dupbv( &f->f_sub_initial, &filter->f_sub_initial );
- for ( i = 0; filter->f_sub_any[i].bv_val != NULL; i++ )
- ;
- f->f_sub_any = (BerVarray)slapi_ch_malloc( (i + 1) * (sizeof(struct berval)) );
- for ( i = 0; filter->f_sub_any[i].bv_val != NULL; i++ ) {
- ber_dupbv( &f->f_sub_any[i], &filter->f_sub_any[i] );
+ if ( filter->f_sub_any != NULL ) {
+ for ( i = 0; filter->f_sub_any[i].bv_val != NULL; i++ )
+ ;
+ f->f_sub_any = (BerVarray)slapi_ch_malloc( (i + 1) * (sizeof(struct berval)) );
+ for ( i = 0; filter->f_sub_any[i].bv_val != NULL; i++ ) {
+ ber_dupbv( &f->f_sub_any[i], &filter->f_sub_any[i] );
+ }
+ f->f_sub_any[i].bv_val = NULL;
+ } else {
+ f->f_sub_any = NULL;
}
- f->f_sub_any[i].bv_val = NULL;
ber_dupbv( &f->f_sub_final, &filter->f_sub_final );
break;
}
if ( ftype == LDAP_FILTER_AND
|| ftype == LDAP_FILTER_OR
|| ftype == LDAP_FILTER_NOT ) {
- return (Slapi_Filter *)f->f_and;
+ return (Slapi_Filter *)f->f_list;
} else {
return NULL;
}
*/
*type = f->f_sub_desc->ad_cname.bv_val;
*initial = f->f_sub_initial.bv_val ? slapi_ch_strdup(f->f_sub_initial.bv_val) : NULL;
- for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ )
- ;
- *any = (char **)slapi_ch_malloc( (i + 1) * sizeof(char *) );
- for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ ) {
- (*any)[i] = slapi_ch_strdup(f->f_sub_any[i].bv_val);
+ if ( f->f_sub_any != NULL ) {
+ for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ )
+ ;
+ *any = (char **)slapi_ch_malloc( (i + 1) * sizeof(char *) );
+ for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ ) {
+ (*any)[i] = slapi_ch_strdup(f->f_sub_any[i].bv_val);
+ }
+ (*any)[i] = NULL;
+ } else {
+ *any = NULL;
}
- (*any)[i] = NULL;
*final = f->f_sub_final.bv_val ? slapi_ch_strdup(f->f_sub_final.bv_val) : NULL;
return 0;
}
Slapi_Filter *
-slapi_filter_join( int ftype, Slapi_Filter *f1, Slapi_Filter *f2)
+slapi_filter_join( int ftype, Slapi_Filter *f1, Slapi_Filter *f2 )
{
#ifdef LDAP_SLAPI
Slapi_Filter *f = NULL;
f = (Slapi_Filter *)slapi_ch_malloc( sizeof(*f) );
f->f_choice = ftype;
f->f_list = f1;
- f->f_next = f2;
+ f->f_list->f_next = f2;
+ f->f_next = NULL;
}
return f;
#endif /* LDAP_SLAPI */
}
+int
+slapi_x_filter_append( int ftype,
+ Slapi_Filter **pContainingFilter, /* NULL on first call */
+ Slapi_Filter **pNextFilter,
+ Slapi_Filter *filterToAppend )
+{
+#ifdef LDAP_SLAPI
+ if ( ftype == LDAP_FILTER_AND ||
+ ftype == LDAP_FILTER_OR ||
+ ftype == LDAP_FILTER_NOT )
+ {
+ if ( *pContainingFilter == NULL ) {
+ *pContainingFilter = (Slapi_Filter *)slapi_ch_malloc( sizeof(Slapi_Filter) );
+ (*pContainingFilter)->f_choice = ftype;
+ (*pContainingFilter)->f_list = filterToAppend;
+ (*pContainingFilter)->f_next = NULL;
+ } else {
+ if ( (*pContainingFilter)->f_choice != ftype ) {
+ /* Sanity check */
+ return -1;
+ }
+ (*pNextFilter)->f_next = filterToAppend;
+ }
+ *pNextFilter = filterToAppend;
+
+ return 0;
+ }
+#endif /* LDAP_SLAPI */
+ return -1;
+}
+
int
slapi_filter_test( Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Filter *f,
int verify_access )
{
#ifdef LDAP_SLAPI
- Backend *be = NULL;
- Connection *conn;
Operation *op;
int rc;
}
if ( verify_access ) {
- (void) slapi_pblock_get(pb, SLAPI_BACKEND, (void *)&be);
- rc = slapi_pblock_get(pb, SLAPI_CONNECTION, (void *)&conn);
- if ( rc != 0 ) {
- return LDAP_PARAM_ERROR;
- }
rc = slapi_pblock_get(pb, SLAPI_OPERATION, (void *)&op);
if ( rc != 0 ) {
return LDAP_PARAM_ERROR;
}
} else {
- conn = NULL;
op = NULL;
}
/*
{
#ifdef LDAP_SLAPI
char *hn = NULL;
-
- /*
- * FIXME: I'd prefer a different check ...
- */
-#if defined _SPARC
- hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
- if ( hn == NULL) {
- slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
- "can't malloc memory for hostname\n" );
- hn = NULL;
-
- } else if ( sysinfo( SI_HOSTNAME, hn, MAX_HOSTNAME ) < 0 ) {
- slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
- "can't get hostname\n" );
- slapi_ch_free( (void **)&hn );
- hn = NULL;
- }
-#else /* !_SPARC */
static int been_here = 0;
static char *static_hn = NULL;
if ( !been_here ) {
static_hn = (char *)slapi_ch_malloc( MAX_HOSTNAME );
if ( static_hn == NULL) {
- slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SYSINFO",
- "can't malloc memory for hostname\n" );
+ slapi_log_error( SLAPI_LOG_FATAL, "slapi_get_hostname",
+ "Cannot allocate memory for hostname\n" );
static_hn = NULL;
ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
} else {
if ( gethostname( static_hn, MAX_HOSTNAME ) != 0 ) {
slapi_log_error( SLAPI_LOG_FATAL,
- "SLAPI_SYSINFO",
+ "SLAPI",
"can't get hostname\n" );
slapi_ch_free( (void **)&static_hn );
static_hn = NULL;
ldap_pvt_thread_mutex_unlock( &slapi_hn_mutex );
hn = ch_strdup( static_hn );
-#endif /* !_SPARC */
return hn;
#else /* LDAP_SLAPI */
/*
* FIXME: this should go in an appropriate header ...
*/
-extern int vLogError( int level, char *subsystem, char *fmt, va_list arglist );
+extern int slapi_int_log_error( int level, char *subsystem, char *fmt, va_list arglist );
int
slapi_log_error(
va_list arglist;
va_start( arglist, fmt );
- rc = vLogError( severity, subsystem, fmt, arglist );
+ rc = slapi_int_log_error( severity, subsystem, fmt, arglist );
va_end( arglist );
return rc;
/*
* Internal API to prime a Slapi_PBlock with a Backend.
*/
-static int initBackendPB( Slapi_PBlock *pb, Backend *be )
+static int slapi_int_pblock_set_backend( Slapi_PBlock *pb, Backend *be )
{
int rc;
/*
* Internal API to prime a Slapi_PBlock with a Connection.
*/
-static int initConnectionPB( Slapi_PBlock *pb, Connection *conn )
+static int slapi_int_pblock_set_connection( Slapi_PBlock *pb, Connection *conn )
{
char *connAuthType;
int rc;
return rc;
/* Returns pointer to static string */
- connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 1 );
+ connAuthType = Authorization2AuthType( &conn->c_authz,
+#ifdef HAVE_TLS
+ conn->c_is_tls,
+#else
+ 0,
+#endif
+ 1 );
if ( connAuthType != NULL ) {
rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHTYPE, (void *)connAuthType);
if ( rc != LDAP_SUCCESS )
}
/* Returns pointer to allocated string */
- connAuthType = Authorization2AuthType( &conn->c_authz, conn->c_is_tls, 0 );
+ connAuthType = Authorization2AuthType( &conn->c_authz,
+#ifdef HAVE_TLS
+ conn->c_is_tls,
+#else
+ 0,
+#endif
+ 0 );
if ( connAuthType != NULL ) {
rc = slapi_pblock_set(pb, SLAPI_CONN_AUTHMETHOD, (void *)connAuthType);
+ /* slapi_pblock_set dups this itself */
+ slapi_ch_free( (void **)&connAuthType );
if ( rc != LDAP_SUCCESS )
return rc;
}
if ( conn->c_authz.sai_dn.bv_val != NULL ) {
- char *connDn = slapi_ch_strdup(conn->c_authz.sai_dn.bv_val);
- rc = slapi_pblock_set(pb, SLAPI_CONN_DN, (void *)connDn);
+ /* slapi_pblock_set dups this itself */
+ rc = slapi_pblock_set(pb, SLAPI_CONN_DN, (void *)conn->c_authz.sai_dn.bv_val);
if ( rc != LDAP_SUCCESS )
return rc;
}
+ rc = slapi_pblock_set(pb, SLAPI_X_CONN_SSF, (void *)conn->c_ssf);
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+
+ rc = slapi_pblock_set(pb, SLAPI_X_CONN_SASL_CONTEXT,
+ ( conn->c_sasl_authctx != NULL ? conn->c_sasl_authctx :
+ conn->c_sasl_sockctx ) );
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+
return rc;
}
#endif /* LDAP_SLAPI */
/*
* Internal API to prime a Slapi_PBlock with an Operation.
*/
-int slapi_x_pblock_set_operation( Slapi_PBlock *pb, Operation *op )
+int slapi_int_pblock_set_operation( Slapi_PBlock *pb, Operation *op )
{
#ifdef LDAP_SLAPI
int isRoot = 0;
char *opAuthType;
if ( op->o_bd != NULL ) {
- isRoot = be_isroot( op->o_bd, &op->o_ndn );
- isUpdateDn = be_isupdate( op->o_bd, &op->o_ndn );
+ isRoot = be_isroot( op );
+ isUpdateDn = be_isupdate( op );
}
- rc = initBackendPB( pb, op->o_bd );
+ rc = slapi_int_pblock_set_backend( pb, op->o_bd );
if ( rc != LDAP_SUCCESS )
return rc;
- rc = initConnectionPB( pb, op->o_conn );
+ rc = slapi_int_pblock_set_connection( pb, op->o_conn );
if ( rc != LDAP_SUCCESS )
return rc;
Connection *conn;
slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
+#ifdef HAVE_TLS
*isSSL = conn->c_is_tls;
+#else
+ *isSSL = 0;
+#endif
return LDAP_SUCCESS;
#else
a->a_desc = ad;
a->a_vals = NULL;
-#ifdef SLAP_NVALUES
a->a_nvals = NULL;
-#endif
a->a_next = NULL;
a->a_flags = 0;
int slapi_attr_add_value( Slapi_Attr *a, const Slapi_Value *v )
{
#ifdef LDAP_SLAPI
-#ifdef SLAP_NVALUES
- /*
- * FIXME: here we may lose alignment between a_vals/a_nvals
- */
-#endif
- return value_add_one( &a->a_vals, (Slapi_Value *)v );
+ struct berval nval;
+ struct berval *nvalp;
+ int rc;
+ AttributeDescription *desc = a->a_desc;
+
+ if ( desc->ad_type->sat_equality &&
+ desc->ad_type->sat_equality->smr_normalize ) {
+ rc = (*desc->ad_type->sat_equality->smr_normalize)(
+ SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
+ desc->ad_type->sat_syntax,
+ desc->ad_type->sat_equality,
+ (Slapi_Value *)v, &nval, NULL );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+ nvalp = &nval;
+ } else {
+ nvalp = NULL;
+ }
+
+ rc = value_add_one( &a->a_vals, (Slapi_Value *)v );
+ if ( rc == 0 && nvalp != NULL ) {
+ rc = value_add_one( &a->a_nvals, nvalp );
+ } else {
+ a->a_nvals = a->a_vals;
+ }
+
+ if ( nvalp != NULL ) {
+ slapi_ch_free_string( &nval.bv_val );
+ }
+
+ return rc;
#else
return -1;
#endif
const char *text;
mr = a->a_desc->ad_type->sat_equality;
-#ifdef SLAP_NVALUES
rc = value_match( &ret, a->a_desc, mr,
SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
(struct berval *)v1, (void *)v2, &text );
-#else
- rc = value_match( &ret, a->a_desc, mr, SLAP_MR_ASSERTION_SYNTAX_MATCH,
- (struct berval *)v1, (void *)v2, &text );
-#endif
if ( rc != LDAP_SUCCESS )
return -1;
int rc;
int ret;
+ if ( a ->a_vals == NULL ) {
+ return -1;
+ }
mr = a->a_desc->ad_type->sat_equality;
for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
-#ifdef SLAP_NVALUES
rc = value_match( &ret, a->a_desc, mr,
SLAP_MR_VALUE_OF_ASSERTION_SYNTAX, bv, v, &text );
-#else
- rc = value_match( &ret, a->a_desc, mr,
- SLAP_MR_ASSERTION_SYNTAX_MATCH, bv, v, &text );
-#endif
if ( rc != LDAP_SUCCESS ) {
return -1;
}
return 0;
}
}
-#endif
+#endif /* LDAP_SLAPI */
return -1;
}
const char *slapi_value_get_string(const Slapi_Value *value)
{
#ifdef LDAP_SLAPI
- if ( value == NULL ) {
- return NULL;
- }
+ if ( value == NULL ) return NULL;
+ if ( value->bv_val == NULL ) return NULL;
+ if ( !checkBVString( value ) ) return NULL;
+
return value->bv_val;
#else
return NULL;
#endif
}
-#ifdef LDAP_SLAPI
-static int checkBVString(const struct berval *bv)
-{
- int i;
-
- for ( i = 0; i < bv->bv_len; i++ ) {
- if ( bv->bv_val[i] == '\0' )
- return 0;
- }
- if ( bv->bv_val[i] != '\0' )
- return 0;
-
- return 1;
-}
-#endif
-
int slapi_value_get_int(const Slapi_Value *value)
{
#ifdef LDAP_SLAPI
int slapi_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr,
struct berval *val, int access )
{
-#ifdef LDAPI_SLAPI
+#ifdef LDAP_SLAPI
Backend *be;
Connection *conn;
Operation *op;
int ret;
slap_access_t slap_access;
AttributeDescription *ad = NULL;
- char *text;
+ const char *text;
ret = slap_str2ad( attr, &ad, &text );
if ( ret != LDAP_SUCCESS ) {
return LDAP_PARAM_ERROR;
}
- ret = access_allowed( be, conn, op, e, desc, val, slap_access, NULL );
+ ret = access_allowed( op, e, ad, val, slap_access, NULL );
return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
#else
{
#ifdef LDAP_SLAPI
Operation *op;
- int ret;
- Modifications *ml;
- Modifications *next;
+ int rc = LDAP_SUCCESS;
+ Modifications *ml, *mp;
if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
return LDAP_PARAM_ERROR;
}
- ml = slapi_x_ldapmods2modifications( mods );
+ ml = slapi_int_ldapmods2modifications( mods );
if ( ml == NULL ) {
return LDAP_OTHER;
}
- ret = acl_check_modlist( op, e, ml );
+ for ( mp = ml; mp != NULL; mp = mp->sml_next ) {
+ rc = slap_bv2ad( &mp->sml_type, &mp->sml_desc, (const char **)errbuf );
+ if ( rc != LDAP_SUCCESS ) {
+ break;
+ }
+ }
+
+ if ( rc == LDAP_SUCCESS ) {
+ rc = acl_check_modlist( op, e, ml ) ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
+ }
/* Careful when freeing the modlist because it has pointers into the mods array. */
- for ( ; ml != NULL; ml = next ) {
- next = ml->sml_next;
+ for ( ; ml != NULL; ml = mp ) {
+ mp = ml->sml_next;
/* just free the containing array */
- slapi_ch_free( (void **)&ml->sml_bvalues );
+ slapi_ch_free( (void **)&ml->sml_values );
slapi_ch_free( (void **)&ml );
}
- return ret ? LDAP_SUCCESS : LDAP_INSUFFICIENT_ACCESS;
+ return rc;
#else
return LDAP_UNWILLING_TO_PERFORM;
#endif
*
* This function must also be called before slap_mods_check().
*/
-LDAPMod **slapi_x_modifications2ldapmods(Modifications **pmodlist)
+LDAPMod **slapi_int_modifications2ldapmods(Modifications **pmodlist)
{
#ifdef LDAP_SLAPI
Modifications *ml, *modlist;
modp->mod_type = ml->sml_type.bv_val;
ml->sml_type.bv_val = NULL;
- if ( ml->sml_bvalues != NULL ) {
- for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ )
+ if ( ml->sml_values != NULL ) {
+ for( j = 0; ml->sml_values[j].bv_val != NULL; j++ )
;
modp->mod_bvalues = (struct berval **)ch_malloc( (j + 1) *
sizeof(struct berval *) );
- for( j = 0; ml->sml_bvalues[j].bv_val != NULL; j++ ) {
+ for( j = 0; ml->sml_values[j].bv_val != NULL; j++ ) {
/* Take ownership of original values. */
modp->mod_bvalues[j] = (struct berval *)ch_malloc( sizeof(struct berval) );
- modp->mod_bvalues[j]->bv_len = ml->sml_bvalues[j].bv_len;
- modp->mod_bvalues[j]->bv_val = ml->sml_bvalues[j].bv_val;
- ml->sml_bvalues[j].bv_len = 0;
- ml->sml_bvalues[j].bv_val = NULL;
+ modp->mod_bvalues[j]->bv_len = ml->sml_values[j].bv_len;
+ modp->mod_bvalues[j]->bv_val = ml->sml_values[j].bv_val;
+ ml->sml_values[j].bv_len = 0;
+ ml->sml_values[j].bv_val = NULL;
}
modp->mod_bvalues[j] = NULL;
} else {
*
* The returned Modification list contains pointers into the
* LDAPMods array; the latter MUST be freed with
- * slapi_x_free_ldapmods() (see below).
+ * slapi_int_free_ldapmods() (see below).
*/
-Modifications *slapi_x_ldapmods2modifications (LDAPMod **mods)
+Modifications *slapi_int_ldapmods2modifications (LDAPMod **mods)
{
#ifdef LDAP_SLAPI
- Modifications *modlist, **modtail;
+ Modifications *modlist = NULL, **modtail;
LDAPMod **modp;
+ if ( mods == NULL ) {
+ return NULL;
+ }
+
modtail = &modlist;
for( modp = mods; *modp != NULL; modp++ ) {
}
if ( i == 0 ) {
- mod->sml_bvalues = NULL;
+ mod->sml_values = NULL;
} else {
- mod->sml_bvalues = (BerVarray) ch_malloc( (i + 1) * sizeof(struct berval) );
+ mod->sml_values = (BerVarray) ch_malloc( (i + 1) * sizeof(struct berval) );
/* NB: This implicitly trusts a plugin to return valid modifications. */
if ( (*modp)->mod_op & LDAP_MOD_BVALUES ) {
for( i = 0, bvp = (*modp)->mod_bvalues; bvp != NULL && *bvp != NULL; bvp++, i++ ) {
- mod->sml_bvalues[i].bv_val = (*bvp)->bv_val;
- mod->sml_bvalues[i].bv_len = (*bvp)->bv_len;
+ mod->sml_values[i].bv_val = (*bvp)->bv_val;
+ mod->sml_values[i].bv_len = (*bvp)->bv_len;
}
} else {
for( i = 0, p = (*modp)->mod_values; p != NULL && *p != NULL; p++, i++ ) {
- mod->sml_bvalues[i].bv_val = *p;
- mod->sml_bvalues[i].bv_len = strlen( *p );
+ mod->sml_values[i].bv_val = *p;
+ mod->sml_values[i].bv_len = strlen( *p );
}
}
- mod->sml_bvalues[i].bv_val = NULL;
+ mod->sml_values[i].bv_val = NULL;
+ mod->sml_values[i].bv_len = 0;
}
-#ifdef SLAP_NVALUES
mod->sml_nvalues = NULL;
-#endif
*modtail = mod;
modtail = &mod->sml_next;
/*
* This function only frees the parts of the mods array that
* are not shared with the Modification list that was created
- * by slapi_x_ldapmods2modifications().
+ * by slapi_int_ldapmods2modifications().
*
*/
-void slapi_x_free_ldapmods (LDAPMod **mods)
+void slapi_int_free_ldapmods (LDAPMod **mods)
{
#ifdef LDAP_SLAPI
int i, j;
* Modification list. Do free the containing array.
*/
if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
- for ( j = 0; mods[i]->mod_bvalues != NULL && mods[i]->mod_bvalues[j] != NULL; j++ ) {
- ch_free( mods[i]->mod_bvalues[j] );
+ for ( j = 0; mods[i]->mod_values != NULL && mods[i]->mod_values[j] != NULL; j++ ) {
+ ch_free( mods[i]->mod_values[j] );
}
- ch_free( mods[i]->mod_bvalues );
+ ch_free( mods[i]->mod_values );
} else {
ch_free( mods[i]->mod_values );
}
* op->o_callback->sc_sendentry, if you wish to make computed
* attributes available to it.
*/
-int slapi_x_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
+int slapi_int_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
{
#ifdef LDAP_SLAPI
Operation *op = NULL;
}
if ( !access_allowed( op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
- slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
+ slapi_log_error( SLAPI_LOG_ACL, "slapi_int_compute_output_ber",
"acl: access to attribute %s not allowed\n",
desc->ad_cname.bv_val );
return 0;
rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname );
if (rc == -1 ) {
- slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
+ slapi_log_error( SLAPI_LOG_BER, "slapi_int_compute_output_ber",
"ber_printf failed\n");
return 1;
}
- if ( !c->cac_attrsonly ) {
+ if ( !c->cac_attrsonly && a->a_vals != NULL ) {
for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
if ( !access_allowed( op, e,
desc, &a->a_vals[i], ACL_READ, &c->cac_acl_state)) {
- slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
- "slapi_x_compute_output_ber: conn %lu "
+ slapi_log_error( SLAPI_LOG_ACL, "slapi_int_compute_output_ber",
+ "conn %lu "
"acl: access to %s, value %d not allowed\n",
op->o_connid, desc->ad_cname.bv_val, i );
continue;
}
if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
- slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
+ slapi_log_error( SLAPI_LOG_BER, "slapi_int_compute_output_ber",
"ber_printf failed\n");
return 1;
}
}
if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
- slapi_log_error( SLAPI_LOG_BER, "SLAPI_COMPUTE",
+ slapi_log_error( SLAPI_LOG_BER, "slapi_int_compute_output_ber",
"ber_printf failed\n" );
return 1;
}
goto done;
}
- rc = insertPlugin( NULL, pPlugin );
+ rc = slapi_int_register_plugin( NULL, pPlugin );
if ( rc != 0 ) {
rc = LDAP_OTHER;
goto done;
goto done;
}
- rc = insertPlugin( NULL, pPlugin );
+ rc = slapi_int_register_plugin( NULL, pPlugin );
if ( rc != 0 ) {
rc = LDAP_OTHER;
goto done;
int rc = 0;
slapi_compute_callback_t *pGetPlugin, *tmpPlugin;
- rc = getAllPluginFuncs( NULL, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (SLAPI_FUNC **)&tmpPlugin );
+ rc = slapi_int_get_plugins( NULL, SLAPI_PLUGIN_COMPUTE_EVALUATOR_FN, (SLAPI_FUNC **)&tmpPlugin );
if ( rc != LDAP_SUCCESS || tmpPlugin == NULL ) {
/* Nothing to do; front-end should ignore. */
return 0;
return rc;
}
- return doPluginFNs( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb );
+ return slapi_int_call_plugins( be, SLAPI_PLUGIN_COMPUTE_SEARCH_REWRITER_FN, pb );
#else
return -1;
#endif /* LDAP_SLAPI */
#endif
}
+int slapi_int_access_allowed( Operation *op,
+ Entry *entry,
+ AttributeDescription *desc,
+ struct berval *val,
+ slap_access_t access,
+ AccessControlState *state )
+{
+#ifdef LDAP_SLAPI
+ int rc, slap_access = 0;
+ slapi_acl_callback_t *pGetPlugin, *tmpPlugin;
+
+ if ( op->o_pb == NULL ) {
+ /* internal operation */
+ return 1;
+ }
+
+ switch ( access ) {
+ case ACL_WRITE:
+ slap_access |= SLAPI_ACL_ADD | SLAPI_ACL_DELETE | SLAPI_ACL_WRITE;
+ break;
+ case ACL_READ:
+ slap_access |= SLAPI_ACL_READ;
+ break;
+ case ACL_SEARCH:
+ slap_access |= SLAPI_ACL_SEARCH;
+ break;
+ case ACL_COMPARE:
+ slap_access = ACL_COMPARE;
+ break;
+ default:
+ break;
+ }
+
+ rc = slapi_int_get_plugins( op->o_bd, SLAPI_PLUGIN_ACL_ALLOW_ACCESS, (SLAPI_FUNC **)&tmpPlugin );
+ if ( rc != LDAP_SUCCESS || tmpPlugin == NULL ) {
+ /* nothing to do; allowed access */
+ return 1;
+ }
+
+ slapi_int_pblock_set_operation( op->o_pb, op );
+
+ rc = 1; /* default allow policy */
+
+ for ( pGetPlugin = tmpPlugin; *pGetPlugin != NULL; pGetPlugin++ ) {
+ /*
+ * 0 access denied
+ * 1 access granted
+ */
+ rc = (*pGetPlugin)( op->o_pb, entry, desc->ad_cname.bv_val,
+ val, slap_access, (void *)state );
+ if ( rc == 0 ) {
+ break;
+ }
+ }
+
+ slapi_ch_free( (void **)&tmpPlugin );
+
+ return rc;
+#else
+ return 1;
+#endif /* LDAP_SLAPI */
+}
+
+/*
+ * There is no documentation for this.
+ */
+int slapi_rdn2typeval( char *rdn, char **type, struct berval *bv )
+{
+#ifdef LDAP_SLAPI
+ LDAPRDN lrdn;
+ LDAPAVA *ava;
+ int rc;
+ char *p;
+
+ *type = NULL;
+
+ bv->bv_len = 0;
+ bv->bv_val = NULL;
+
+ rc = ldap_str2rdn( rdn, &lrdn, &p, LDAP_DN_FORMAT_LDAPV3 );
+ if ( rc != LDAP_SUCCESS ) {
+ return -1;
+ }
+
+ if ( lrdn[1] != NULL ) {
+ return -1; /* not single valued */
+ }
+
+ ava = lrdn[0];
+
+ *type = slapi_ch_strdup( ava->la_attr.bv_val );
+ ber_dupbv( bv, &ava->la_value );
+
+ ldap_rdnfree(lrdn);
+
+ return 0;
+#else
+ return -1;
+#endif /* LDAP_SLAPI */
+}
+
+char *slapi_dn_plus_rdn( const char *dn, const char *rdn )
+{
+#ifdef LDAP_SLAPI
+ struct berval new_dn, parent_dn, newrdn;
+
+ new_dn.bv_val = NULL;
+
+ parent_dn.bv_val = (char *)dn;
+ parent_dn.bv_len = strlen( dn );
+
+ newrdn.bv_val = (char *)rdn;
+ newrdn.bv_len = strlen( rdn );
+
+ build_new_dn( &new_dn, &parent_dn, &newrdn, NULL );
+
+ return new_dn.bv_val;
+#else
+ return NULL;
+#endif /* LDAP_SLAPI */
+}
+
+int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e )
+{
+#ifdef LDAP_SLAPI
+ Backend *be;
+ const char *text;
+ char textbuf[SLAP_TEXT_BUFLEN] = { '\0' };
+ size_t textlen = sizeof textbuf;
+ int rc;
+
+ if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void **)&be ) != 0 )
+ return -1;
+
+ rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen );
+
+ return ( rc == LDAP_SUCCESS ) ? 0 : 1;
+#else
+ return -1;
+#endif /* LDAP_SLAPI */
+}
+
+int slapi_entry_rdn_values_present( const Slapi_Entry *e )
+{
+#ifdef LDAP_SLAPI
+ LDAPDN dn;
+ int rc;
+ int i = 0, match = 0;
+
+ rc = ldap_bv2dn( &((Entry *)e)->e_name, &dn, LDAP_DN_FORMAT_LDAPV3 );
+ if ( rc != LDAP_SUCCESS ) {
+ return 0;
+ }
+
+ if ( dn[0] != NULL ) {
+ LDAPRDN rdn = dn[0];
+
+ for ( i = 0; rdn[i] != NULL; i++ ) {
+ LDAPAVA *ava = &rdn[0][i];
+ Slapi_Attr *a = NULL;
+
+ if ( slapi_entry_attr_find( (Slapi_Entry *)e, ava->la_attr.bv_val, &a ) == 0 &&
+ slapi_attr_value_find( a, &ava->la_value ) == 0 )
+ match++;
+ }
+ }
+
+ ldap_dnfree( dn );
+
+ return ( i == match );
+#else
+ return 0;
+#endif /* LDAP_SLAPI */
+}
+
+int slapi_entry_add_rdn_values( Slapi_Entry *e )
+{
+#ifdef LDAP_SLAPI
+ LDAPDN dn;
+ int i, rc;
+
+ rc = ldap_bv2dn( &e->e_name, &dn, LDAP_DN_FORMAT_LDAPV3 );
+ if ( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if ( dn[0] != NULL ) {
+ LDAPRDN rdn = dn[0];
+ struct berval *vals[2];
+
+ for ( i = 0; rdn[i] != NULL; i++ ) {
+ LDAPAVA *ava = &rdn[0][i];
+ Slapi_Attr *a = NULL;
+
+ if ( slapi_entry_attr_find( e, ava->la_attr.bv_val, &a ) == 0 &&
+ slapi_attr_value_find( a, &ava->la_value ) == 0 )
+ continue;
+
+ vals[0] = &ava->la_value;
+ vals[1] = NULL;
+
+ slapi_entry_attr_merge( e, ava->la_attr.bv_val, vals );
+ }
+ }
+
+ ldap_dnfree( dn );
+
+ return LDAP_SUCCESS;
+#else
+ return LDAP_OTHER;
+#endif /* LDAP_SLAPI */
+}
+
+const char *slapi_entry_get_uniqueid( const Slapi_Entry *e )
+{
+#ifdef LDAP_SLAPI
+ Attribute *attr;
+ const char *uniqueid;
+
+ attr = attr_find( e->e_attrs, slap_schema.si_ad_entryUUID );
+ if ( attr == NULL ) {
+ return NULL;
+ }
+
+ if ( attr->a_vals != NULL && attr->a_vals[0].bv_len != 0 ) {
+ return slapi_value_get_string( &attr->a_vals[0] );
+ }
+#endif /* LDAP_SLAPI */
+
+ return NULL;
+}
+
+void slapi_entry_set_uniqueid( Slapi_Entry *e, char *uniqueid )
+{
+#ifdef LDAP_SLAPI
+ struct berval bv;
+
+ attr_delete ( &e->e_attrs, slap_schema.si_ad_entryUUID );
+
+ bv.bv_val = uniqueid;
+ bv.bv_len = strlen( uniqueid );
+ attr_merge_normalize_one( e, slap_schema.si_ad_entryUUID, &bv, NULL );
+#endif /* LDAP_SLAPI */
+}
+
+LDAP *slapi_ldap_init( char *ldaphost, int ldapport, int secure, int shared )
+{
+#ifdef LDAP_SLAPI
+ LDAP *ld;
+ char *url;
+ size_t size;
+ int rc;
+
+ size = sizeof("ldap:///");
+ if ( secure )
+ size++;
+ size += strlen( ldaphost );
+ if ( ldapport != 0 )
+ size += 32;
+
+ url = slapi_ch_malloc( size );
+
+ if ( ldapport != 0 ) {
+ sprintf( url, "ldap%s://%s:%d/", ( secure ? "s" : "" ), ldaphost, ldapport );
+ } else {
+ sprintf( url, "ldap%s://%s/", ( secure ? "s" : "" ), ldaphost );
+ }
+
+ rc = ldap_initialize( &ld, url );
+
+ slapi_ch_free_string( &url );
+
+ return ( rc == LDAP_SUCCESS ) ? ld : NULL;
+#else
+ return NULL;
+#endif /* LDAP_SLAPI */
+}
+
+void slapi_ldap_unbind( LDAP *ld )
+{
+#ifdef LDAP_SLAPI
+ ldap_unbind( ld );
+#endif /* LDAP_SLAPI */
+}
+
projects / openldap / blobdiff