psub = &si->si_be->be_nsuffix[0];
- /* Init connection to master */
- rc = ldap_initialize( &si->si_ld, si->si_bindconf.sb_uri.bv_val );
+ rc = slap_client_connect( &si->si_ld, &si->si_bindconf, LDAP_VERSION3 );
if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "do_syncrep1: ldap_initialize failed (%s)\n",
- si->si_bindconf.sb_uri.bv_val, 0, 0 );
- return rc;
- }
-
- op->o_protocol = LDAP_VERSION3;
- ldap_set_option( si->si_ld, LDAP_OPT_PROTOCOL_VERSION,
- (const void *)&op->o_protocol );
-
-#ifdef HAVE_TLS
- if ( si->si_bindconf.sb_tls_do_init ) {
- rc = bindconf_tls_set( &si->si_bindconf, si->si_ld );
- } else if ( si->si_bindconf.sb_tls_ctx ) {
- rc = ldap_set_option( si->si_ld, LDAP_OPT_X_TLS_CTX,
- si->si_bindconf.sb_tls_ctx );
- }
- if ( rc ) {
- Debug( LDAP_DEBUG_ANY,
- "do_syncrep1: TLS context initialization failed\n", 0, 0, 0 );
- return rc;
- }
-#endif
-
- /* Bind to master */
-
- if ( si->si_bindconf.sb_tls ) {
- rc = ldap_start_tls_s( si->si_ld, NULL, NULL );
- if( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: ldap_start_tls failed (%d)\n",
- si->si_bindconf.sb_tls == SB_TLS_CRITICAL ? "Error" : "Warning",
- rc, 0 );
- if( si->si_bindconf.sb_tls == SB_TLS_CRITICAL ) goto done;
- }
- }
-
- if ( si->si_bindconf.sb_method == LDAP_AUTH_SASL ) {
-#ifdef HAVE_CYRUS_SASL
- void *defaults;
-
- if ( si->si_bindconf.sb_secprops != NULL ) {
- rc = ldap_set_option( si->si_ld,
- LDAP_OPT_X_SASL_SECPROPS, si->si_bindconf.sb_secprops);
-
- if( rc != LDAP_OPT_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option "
- "(%s,SECPROPS,\"%s\") failed!\n",
- si->si_bindconf.sb_uri.bv_val, si->si_bindconf.sb_secprops, 0 );
- goto done;
- }
- }
-
- defaults = lutil_sasl_defaults( si->si_ld,
- si->si_bindconf.sb_saslmech.bv_val,
- si->si_bindconf.sb_realm.bv_val,
- si->si_bindconf.sb_authcId.bv_val,
- si->si_bindconf.sb_cred.bv_val,
- si->si_bindconf.sb_authzId.bv_val );
-
- rc = ldap_sasl_interactive_bind_s( si->si_ld,
- si->si_bindconf.sb_binddn.bv_val,
- si->si_bindconf.sb_saslmech.bv_val,
- NULL, NULL,
- LDAP_SASL_QUIET,
- lutil_sasl_interact,
- defaults );
-
- lutil_sasl_freedefs( defaults );
-
- /* FIXME: different error behaviors according to
- * 1) return code
- * 2) on err policy : exit, retry, backoff ...
- */
- if ( rc != LDAP_SUCCESS ) {
- static struct berval bv_GSSAPI = BER_BVC( "GSSAPI" );
-
- Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
- "ldap_sasl_interactive_bind_s failed (%d)\n",
- rc, 0, 0 );
-
- /* FIXME (see above comment) */
- /* if Kerberos credentials cache is not active, retry */
- if ( ber_bvcmp( &si->si_bindconf.sb_saslmech, &bv_GSSAPI ) == 0 &&
- rc == LDAP_LOCAL_ERROR )
- {
- rc = LDAP_SERVER_DOWN;
- }
-
- goto done;
- }
-#else /* HAVE_CYRUS_SASL */
- /* Should never get here, we trapped this at config time */
- assert(0);
- Debug( LDAP_DEBUG_SYNC, "not compiled with SASL support\n", 0, 0, 0 );
- rc = LDAP_OTHER;
goto done;
-#endif
-
- } else if ( si->si_bindconf.sb_method == LDAP_AUTH_SIMPLE ) {
- rc = ldap_sasl_bind_s( si->si_ld,
- si->si_bindconf.sb_binddn.bv_val, LDAP_SASL_SIMPLE,
- &si->si_bindconf.sb_cred, NULL, NULL, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
- "ldap_sasl_bind_s failed (%d)\n", rc, 0, 0 );
- goto done;
- }
}
+ op->o_protocol = LDAP_VERSION3;
/* Set SSF to strongest of TLS, SASL SSFs */
op->o_sasl_ssf = 0;
&syncCookie_req.ctxcsn, &syncCookie.ctxcsn,
&text );
}
- if ( !BER_BVISNULL( &syncCookie.ctxcsn ) &&
- match < 0 && err == LDAP_SUCCESS )
- {
- rc = syncrepl_updateCookie( si, op, psub, &syncCookie );
- }
if ( rctrls ) {
ldap_controls_free( rctrls );
}
if ( refreshDeletes == 0 && match < 0 &&
err == LDAP_SUCCESS )
{
- syncrepl_del_nonpresent( op, si, NULL, NULL );
+ syncrepl_del_nonpresent( op, si, NULL, &syncCookie.ctxcsn );
} else {
avl_free( si->si_presentlist, avl_ber_bvfree );
si->si_presentlist = NULL;
}
}
+ if ( !BER_BVISNULL( &syncCookie.ctxcsn ) &&
+ match < 0 && err == LDAP_SUCCESS )
+ {
+ rc = syncrepl_updateCookie( si, op, psub, &syncCookie );
+ }
if ( err == LDAP_SUCCESS
&& si->si_logstate == SYNCLOG_FALLBACK ) {
si->si_logstate = SYNCLOG_LOGGING;
}
slap_sl_free( syncUUIDs, op->o_tmpmemctx );
}
+ slap_sync_cookie_free( &syncCookie, 0 );
break;
default:
Debug( LDAP_DEBUG_ANY,
&syncCookie.ctxcsn, &text );
}
- if ( !BER_BVISNULL( &syncCookie.ctxcsn ) &&
- match < 0 )
- {
- rc = syncrepl_updateCookie( si, op, psub, &syncCookie);
- }
+ if ( match < 0 ) {
+ if ( si->si_refreshPresent == 1 ) {
+ syncrepl_del_nonpresent( op, si, NULL, &syncCookie.ctxcsn );
+ }
- if ( si->si_refreshPresent == 1 ) {
- if ( match < 0 ) {
- syncrepl_del_nonpresent( op, si, NULL, NULL );
+ if ( !BER_BVISNULL( &syncCookie.ctxcsn ))
+ {
+ rc = syncrepl_updateCookie( si, op, psub, &syncCookie);
}
}
}
if ( op->o_tag == LDAP_REQ_ADD ) {
- op->ora_e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
+ op->ora_e = entry_alloc();
op->ora_e->e_name = op->o_req_dn;
op->ora_e->e_nname = op->o_req_ndn;
rc = slap_mods2entry( modlist, &op->ora_e, 1, 0, &text, txtbuf, textlen);
return -1;
}
- e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
+ e = entry_alloc();
e->e_name = op->o_req_dn;
e->e_nname = op->o_req_ndn;
ber_memfree( a->a_vals[0].bv_val );
ber_dupbv( &a->a_vals[0], &syncUUID_strrep );
}
+ /* Don't save the contextCSN on the inooming context entry,
+ * we'll write it when syncrepl_updateCookie eventually
+ * gets called. (ITS#4622)
+ */
+ if ( syncstate == LDAP_SYNC_ADD && dn_match( &entry->e_nname,
+ &be->be_nsuffix[0] )) {
+ Attribute **ap;
+ for ( ap = &entry->e_attrs; *ap; ap=&(*ap)->a_next ) {
+ a = *ap;
+ if ( a->a_desc == slap_schema.si_ad_contextCSN ) {
+ *ap = a->a_next;
+ attr_free( a );
+ break;
+ }
+ }
+ }
}
slap_op_time( &op->o_time, &op->o_tincr );
}
while ( ndn.bv_val > e->e_nname.bv_val ) {
- glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
+ glue = entry_alloc();
ber_dupbv( &glue->e_name, &dn );
ber_dupbv( &glue->e_nname, &ndn );
- a = ch_calloc( 1, sizeof( Attribute ));
- a->a_desc = slap_schema.si_ad_objectClass;
+ a = attr_alloc( slap_schema.si_ad_objectClass );
a->a_vals = ch_calloc( 3, sizeof( struct berval ));
ber_dupbv( &a->a_vals[0], &gcbva[0] );
a->a_next = glue->e_attrs;
glue->e_attrs = a;
- a = ch_calloc( 1, sizeof( Attribute ));
- a->a_desc = slap_schema.si_ad_structuralObjectClass;
+ a = attr_alloc( slap_schema.si_ad_structuralObjectClass );
a->a_vals = ch_calloc( 2, sizeof( struct berval ));
ber_dupbv( &a->a_vals[0], &gcbva[1] );