X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-meta%2Fconfig.c;h=62fcd5f071eeb5d7c33b0f436ae577d1cd473835;hb=52165180f7713b5fdebef933a9dca8842daa2e2a;hp=332b285d4bc532395d54e11224163d5925198f01;hpb=bd535be5cb4938356509fac5c2e81c6cdde9d96e;p=openldap
diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c
index 332b285d4b..62fcd5f071 100644
--- a/servers/slapd/back-meta/config.c
+++ b/servers/slapd/back-meta/config.c
@@ -1,67 +1,23 @@
-/*
- * Copyright 1998-2001 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software .
*
- * Copyright 2001, Pierangelo Masarati, All rights reserved.
+ * Copyright 1999-2005 The OpenLDAP Foundation.
+ * Portions Copyright 2001-2003 Pierangelo Masarati.
+ * Portions Copyright 1999-2003 Howard Chu.
+ * All rights reserved.
*
- * This work has been developed to fulfill the requirements
- * of SysNet s.n.c. and it has been donated
- * to the OpenLDAP Foundation in the hope that it may be useful
- * to the Open Source community, but WITHOUT ANY WARRANTY.
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author and SysNet s.n.c. are not responsible for the consequences
- * of use of this software, no matter how awful, even if they arise from
- * flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- * explicit claim or by omission. Since few users ever read sources,
- * credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- * misrepresented as being the original software. Since few users
- * ever read sources, credits should appear in the documentation.
- * SysNet s.n.c. cannot be responsible for the consequences of the
- * alterations.
- *
- * 4. This notice may not be removed or altered.
- *
- *
- * This software is based on the backend back-ldap, implemented
- * by Howard Chu , and modified by Mark Valence
- * , Pierangelo Masarati and other
- * contributors. The contribution of the original software to the present
- * implementation is acknowledged in this copyright statement.
- *
- * A special acknowledgement goes to Howard for the overall architecture
- * (and for borrowing large pieces of code), and to Mark, who implemented
- * from scratch the attribute/objectclass mapping.
- *
- * The original copyright statement follows.
- *
- * Copyright 1999, Howard Chu, All rights reserved.
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author is not responsible for the consequences of use of this
- * software, no matter how awful, even if they arise from flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- * explicit claim or by omission. Since few users ever read sources,
- * credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- * misrepresented as being the original software. Since few users
- * ever read sources, credits should appear in the
- * documentation.
- *
- * 4. This notice may not be removed or altered.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
*
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by the Howard Chu for inclusion
+ * in OpenLDAP Software and subsequently enhanced by Pierangelo
+ * Masarati.
*/
#include "portable.h"
@@ -72,36 +28,45 @@
#include
#include "slap.h"
+#include "lutil.h"
#include "../back-ldap/back-ldap.h"
+#undef ldap_debug /* silence a warning in ldap-int.h */
+#include "../../../libraries/libldap/ldap-int.h"
#include "back-meta.h"
-extern int
-suffix_massage_config(
- struct rewrite_info *info,
- int argc,
- char **argv
-);
-
-static struct metatarget *
-new_target( void )
+static int
+new_target(
+ metatarget_t *mt )
{
- struct metatarget *lt;
- struct ldapmapping *mapping;
+ struct ldapmapping *mapping;
+ char *rargv[ 3 ];
- lt = ch_calloc( sizeof( struct metatarget ), 1 );
- if ( lt == NULL ) {
- return NULL;
- }
+ memset( mt, 0, sizeof( metatarget_t ) );
- lt->rwinfo = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
- if ( lt->rwinfo == NULL ) {
- free( lt );
- return NULL;
+ mt->mt_rwmap.rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
+ if ( mt->mt_rwmap.rwm_rw == NULL ) {
+ return -1;
}
- ldap_back_map_init( <->at_map, &mapping );
- return lt;
+ /*
+ * the filter rewrite as a string must be disabled
+ * by default; it can be re-enabled by adding rules;
+ * this creates an empty rewriteContext
+ */
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "searchFilter";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( mt->mt_rwmap.rwm_rw, "", 1, 2, rargv );
+
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "default";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( mt->mt_rwmap.rwm_rw, "", 1, 2, rargv );
+
+ ldap_back_map_init( &mt->mt_rwmap.rwm_at, &mapping );
+
+ return 0;
}
int
@@ -113,9 +78,9 @@ meta_back_db_config(
char **argv
)
{
- struct metainfo *li = ( struct metainfo * )be->be_private;
+ metainfo_t *mi = ( metainfo_t * )be->be_private;
- if ( li == NULL ) {
+ if ( mi == NULL ) {
fprintf( stderr,
"%s: line %d: meta backend info is null!\n",
fname, lineno );
@@ -124,12 +89,11 @@ meta_back_db_config(
/* URI of server to query */
if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
- int i = li->ntargets;
+ int i = mi->mi_ntargets;
#if 0
int j;
#endif /* uncomment if uri MUST be a branch of suffix */
- LDAPURLDesc *ludp;
- char *last;
+ LDAPURLDesc *ludp, *tmpludp;
struct berval dn;
int rc;
@@ -141,11 +105,11 @@ meta_back_db_config(
return 1;
}
- ++li->ntargets;
+ ++mi->mi_ntargets;
- li->targets = ch_realloc( li->targets,
- sizeof( struct metatarget *)*li->ntargets );
- if ( li->targets == NULL ) {
+ mi->mi_targets = ( metatarget_t * )ch_realloc( mi->mi_targets,
+ sizeof( metatarget_t ) * mi->mi_ntargets );
+ if ( mi->mi_targets == NULL ) {
fprintf( stderr,
"%s: line %d: out of memory while storing server name"
" in \"uri ://[:port]/\" line\n",
@@ -153,7 +117,7 @@ meta_back_db_config(
return 1;
}
- if ( ( li->targets[ i ] = new_target() ) == NULL ) {
+ if ( new_target( &mi->mi_targets[ i ] ) != 0 ) {
fprintf( stderr,
"%s: line %d: unable to init server"
" in \"uri ://[:port]/\" line\n",
@@ -161,10 +125,14 @@ meta_back_db_config(
return 1;
}
+ mi->mi_targets[ i ].mt_nretries = mi->mi_nretries;
+ mi->mi_targets[ i ].mt_flags = mi->flags;
+ mi->mi_targets[ i ].mt_version = mi->mi_version;
+
/*
* uri MUST be legal!
*/
- if ( ldap_url_parse( argv[ 1 ], &ludp ) != LDAP_SUCCESS ) {
+ if ( ldap_url_parselist_ext( &ludp, argv[ 1 ], "\t" ) != LDAP_SUCCESS ) {
fprintf( stderr,
"%s: line %d: unable to parse URI"
" in \"uri ://[:port]/\" line\n",
@@ -189,8 +157,8 @@ meta_back_db_config(
dn.bv_val = ludp->lud_dn;
dn.bv_len = strlen( ludp->lud_dn );
- rc = dnPrettyNormal( NULL, &dn, &li->targets[ i ]->psuffix,
- &li->targets[ i ]->suffix );
+ rc = dnPrettyNormal( NULL, &dn, &mi->mi_targets[ i ].mt_psuffix,
+ &mi->mi_targets[ i ].mt_nsuffix, NULL );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"target '%s' DN is invalid\n",
@@ -198,16 +166,37 @@ meta_back_db_config(
return( 1 );
}
- li->targets[ i ]->uri = ch_strdup( argv[ 1 ] );
- last = strstr( li->targets[ i ]->uri, ludp->lud_dn );
- assert( last != NULL );
- last[ 0 ] = '\0';
+ ludp->lud_dn[ 0 ] = '\0';
+
+ /* check all, to apply the scope check on the first one */
+ for ( tmpludp = ludp; tmpludp; tmpludp = tmpludp->lud_next ) {
+ if ( tmpludp->lud_dn != NULL && tmpludp->lud_dn[ 0 ] != '\0' ) {
+ fprintf( stderr, "%s: line %d: "
+ "multiple URIs must have "
+ "no DN part\n",
+ fname, lineno );
+ return( 1 );
+
+ }
+
+ if ( tmpludp->lud_scope == LDAP_SCOPE_BASE ) {
+ tmpludp->lud_scope = LDAP_SCOPE_DEFAULT;
+ }
+ }
+
+ mi->mi_targets[ i ].mt_uri = ldap_url_list2urls( ludp );
+ ldap_free_urllist( ludp );
+ if ( mi->mi_targets[ i ].mt_uri == NULL) {
+ fprintf( stderr, "%s: line %d: no memory?\n",
+ fname, lineno );
+ return( 1 );
+ }
/*
* uri MUST be a branch of suffix!
*/
#if 0 /* too strict a constraint */
- if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) != be ) {
+ if ( select_backend( &mi->mi_targets[ i ].suffix, 0, 0 ) != be ) {
fprintf( stderr,
"%s: line %d: of URI does not refer to current backend"
" in \"uri ://[:port]/\" line\n",
@@ -218,7 +207,7 @@ meta_back_db_config(
/*
* uri MUST be a branch of a suffix!
*/
- if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) == NULL ) {
+ if ( select_backend( &mi->mi_targets[ i ].mt_nsuffix, 0, 0 ) == NULL ) {
fprintf( stderr,
"%s: line %d: of URI does not resolve to a backend"
" in \"uri ://[:port]/\" line\n",
@@ -227,36 +216,9 @@ meta_back_db_config(
}
#endif
-#if 0
- /*
- * uri MUST not be used by other URIs!
- *
- * FIXME: this limitation may be removed,
- * or worked out, at least, in some manner
- */
- for ( j = 0; j < i-1; j++ ) {
- if ( strcmp( li->targets[ i ]->suffix.bv_val,
- li->targets[ j ]->suffix.bv_val ) == 0 ) {
- fprintf( stderr,
- "%s: line %d: naming context \"%s\" already used"
- " in \"uri ://[:port]/\" line\n",
- fname, lineno, last+1 );
- return 1;
- }
- }
-#endif
-
- ldap_free_urldesc( ludp );
-
-#if 0
- fprintf(stderr, "%s: line %d: URI \"%s\", suffix \"%s\"\n",
- fname, lineno, li->targets[ i ]->uri,
- li->targets[ i ]->psuffix.bv_val );
-#endif
-
/* default target directive */
} else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
- int i = li->ntargets-1;
+ int i = mi->mi_ntargets - 1;
if ( argc == 1 ) {
if ( i < 0 ) {
@@ -266,7 +228,7 @@ meta_back_db_config(
fname, lineno );
return 1;
}
- li->defaulttarget = i;
+ mi->mi_defaulttarget = i;
} else {
if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
if ( i >= 0 ) {
@@ -275,16 +237,18 @@ meta_back_db_config(
" should go before uri definitions\n",
fname, lineno );
}
- li->defaulttarget = META_DEFAULT_TARGET_NONE;
+ mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
+
} else {
- int n = atoi( argv[ 1 ] );
- if ( n < 1 || n >= i ) {
+ char *next;
+ int n = strtol( argv[ 1 ], &next, 10 );
+ if ( n < 0 || n >= i - 1 ) {
fprintf( stderr,
"%s: line %d: illegal target number %d\n",
fname, lineno, n );
return 1;
}
- li->defaulttarget = n-1;
+ mi->mi_defaulttarget = n;
}
}
@@ -298,22 +262,35 @@ meta_back_db_config(
}
if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
- li->cache.ttl = META_DNCACHE_FOREVER;
+ mi->mi_cache.ttl = META_DNCACHE_FOREVER;
} else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
- li->cache.ttl = META_DNCACHE_DISABLED;
+ mi->mi_cache.ttl = META_DNCACHE_DISABLED;
} else {
- li->cache.ttl = atol( argv[ 1 ] );
+ mi->mi_cache.ttl = atol( argv[ 1 ] );
+ }
+
+ /* network timeout when connecting to ldap servers */
+ } else if ( strcasecmp( argv[ 0 ], "network-timeout" ) == 0 ) {
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing network timeout in \"network-timeout \" line\n",
+ fname, lineno );
+ return 1;
}
+ mi->mi_network_timeout = atol(argv[ 1 ]);
/* name to use for meta_back_group */
- } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
- int i = li->ntargets-1;
+ } else if ( strcasecmp( argv[ 0 ], "acl-authcDN" ) == 0
+ || strcasecmp( argv[ 0 ], "binddn" ) == 0 )
+ {
+ int i = mi->mi_ntargets - 1;
struct berval dn;
if ( i < 0 ) {
fprintf( stderr,
"%s: line %d: need \"uri\" directive first\n",
fname, lineno );
+ return 1;
}
if ( argc != 2 ) {
@@ -323,9 +300,19 @@ meta_back_db_config(
return 1;
}
+ if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
+ fprintf( stderr, "%s: line %d: "
+ "\"binddn\" statement is deprecated; "
+ "use \"acl-authcDN\" instead\n",
+ fname, lineno );
+ /* FIXME: some day we'll need to throw an error */
+ }
+
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( argv[ 1 ] );
- if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->binddn ) != LDAP_SUCCESS ) {
+ if ( dnNormalize( 0, NULL, NULL, &dn, &mi->mi_targets[ i ].mt_binddn,
+ NULL ) != LDAP_SUCCESS )
+ {
fprintf( stderr, "%s: line %d: "
"bind DN '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
@@ -333,13 +320,16 @@ meta_back_db_config(
}
/* password to use for meta_back_group */
- } else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
- int i = li->ntargets-1;
+ } else if ( strcasecmp( argv[ 0 ], "acl-passwd" ) == 0
+ || strcasecmp( argv[ 0 ], "bindpw" ) == 0 )
+ {
+ int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
fprintf( stderr,
"%s: line %d: need \"uri\" directive first\n",
fname, lineno );
+ return 1;
}
if ( argc != 2 ) {
@@ -348,17 +338,170 @@ meta_back_db_config(
fname, lineno );
return 1;
}
- ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->bindpw );
+
+ if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
+ fprintf( stderr, "%s: line %d: "
+ "\"bindpw\" statement is deprecated; "
+ "use \"acl-passwd\" instead\n",
+ fname, lineno );
+ /* FIXME: some day we'll need to throw an error */
+ }
+
+ ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_bindpw );
+ /* save bind creds for referral rebinds? */
+ } else if ( strcasecmp( argv[ 0 ], "rebind-as-user" ) == 0 ) {
+ if ( argc > 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"rebind-as-user {NO|yes}\" takes 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ if ( argc == 1 ) {
+ fprintf( stderr,
+ "%s: line %d: deprecated use of \"rebind-as-user {NO|yes}\" with no arguments.\n",
+ fname, lineno );
+ mi->flags |= LDAP_BACK_F_SAVECRED;
+
+ } else {
+ if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ mi->flags &= ~LDAP_BACK_F_SAVECRED;
+
+ } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ mi->flags |= LDAP_BACK_F_SAVECRED;
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: \"rebind-as-user {NO|yes}\" unknown argument \"%s\".\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+ }
+
+ } else if ( strcasecmp( argv[ 0 ], "chase-referrals" ) == 0 ) {
+ unsigned *flagsp = mi->mi_ntargets ?
+ &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
+ : &mi->flags;
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"chase-referrals\" needs 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ /* this is the default; we add it because the default might change... */
+ if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ *flagsp |= LDAP_BACK_F_CHASE_REFERRALS;
+
+ } else if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ *flagsp &= ~LDAP_BACK_F_CHASE_REFERRALS;
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: \"chase-referrals {YES|no}\": unknown argument \"%s\".\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
+ } else if ( strcasecmp( argv[ 0 ], "tls" ) == 0 ) {
+ unsigned *flagsp = mi->mi_ntargets ?
+ &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
+ : &mi->flags;
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"tls \" needs 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ /* start */
+ if ( strcasecmp( argv[ 1 ], "start" ) == 0 ) {
+ *flagsp |= ( LDAP_BACK_F_USE_TLS | LDAP_BACK_F_TLS_CRITICAL );
+
+ /* try start tls */
+ } else if ( strcasecmp( argv[ 1 ], "try-start" ) == 0 ) {
+ *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
+ *flagsp |= LDAP_BACK_F_USE_TLS;
+
+ /* propagate start tls */
+ } else if ( strcasecmp( argv[ 1 ], "propagate" ) == 0 ) {
+ *flagsp |= ( LDAP_BACK_F_PROPAGATE_TLS | LDAP_BACK_F_TLS_CRITICAL );
+
+ /* try start tls */
+ } else if ( strcasecmp( argv[ 1 ], "try-propagate" ) == 0 ) {
+ *flagsp &= ~LDAP_BACK_F_TLS_CRITICAL;
+ *flagsp |= LDAP_BACK_F_PROPAGATE_TLS;
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: \"tls \": unknown argument \"%s\".\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
+ } else if ( strcasecmp( argv[ 0 ], "t-f-support" ) == 0 ) {
+ unsigned *flagsp = mi->mi_ntargets ?
+ &mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
+ : &mi->flags;
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"t-f-support {NO|yes|discover}\" needs 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ *flagsp &= ~(LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER);
+
+ } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ *flagsp |= LDAP_BACK_F_SUPPORT_T_F;
+
+ } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
+ *flagsp |= LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+
+ /* onerr? */
+ } else if ( strcasecmp( argv[ 0 ], "onerr" ) == 0 ) {
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"onerr {CONTINUE|stop}\" takes 1 argument\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ if ( strcasecmp( argv[ 1 ], "continue" ) == 0 ) {
+ mi->flags &= ~META_BACK_F_ONERR_STOP;
+
+ } else if ( strcasecmp( argv[ 1 ], "stop" ) == 0 ) {
+ mi->flags |= META_BACK_F_ONERR_STOP;
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: \"onerr {CONTINUE|stop}\": invalid arg \"%s\".\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+
/* name to use as pseudo-root dn */
} else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
- int i = li->ntargets-1;
+ int i = mi->mi_ntargets - 1;
struct berval dn;
if ( i < 0 ) {
fprintf( stderr,
"%s: line %d: need \"uri\" directive first\n",
fname, lineno );
+ return 1;
}
if ( argc != 2 ) {
@@ -370,7 +513,9 @@ meta_back_db_config(
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( argv[ 1 ] );
- if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->pseudorootdn ) != LDAP_SUCCESS ) {
+ if ( dnNormalize( 0, NULL, NULL, &dn,
+ &mi->mi_targets[ i ].mt_pseudorootdn, NULL ) != LDAP_SUCCESS )
+ {
fprintf( stderr, "%s: line %d: "
"pseudoroot DN '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
@@ -379,12 +524,13 @@ meta_back_db_config(
/* password to use as pseudo-root */
} else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
- int i = li->ntargets-1;
+ int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
fprintf( stderr,
"%s: line %d: need \"uri\" directive first\n",
fname, lineno );
+ return 1;
}
if ( argc != 2 ) {
@@ -393,13 +539,13 @@ meta_back_db_config(
fname, lineno );
return 1;
}
- ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->pseudorootpw );
+ ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_pseudorootpw );
/* dn massaging */
} else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
BackendDB *tmp_be;
- int i = li->ntargets-1;
- struct berval dn, ndn;
+ int i = mi->mi_ntargets - 1;
+ struct berval dn, nvnc, pvnc, nrnc, prnc;
if ( i < 0 ) {
fprintf( stderr,
@@ -428,41 +574,49 @@ meta_back_db_config(
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( argv[ 1 ] );
- if ( dnNormalize2( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+ if ( dnPrettyNormal( NULL, &dn, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"suffix '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
return 1;
}
- tmp_be = select_backend( &ndn, 0, 0 );
- free( ndn.bv_val );
+ tmp_be = select_backend( &nvnc, 0, 0 );
if ( tmp_be != NULL && tmp_be != be ) {
fprintf( stderr,
"%s: line %d: suffix already in use by another backend in"
" \"suffixMassage \"\n",
fname, lineno );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
return 1;
}
dn.bv_val = argv[ 2 ];
dn.bv_len = strlen( argv[ 2 ] );
- if ( dnNormalize2( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+ if ( dnPrettyNormal( NULL, &dn, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"massaged suffix '%s' is invalid\n",
fname, lineno, argv[ 2 ] );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
return 1;
}
-
- tmp_be = select_backend( &ndn, 0, 0 );
- free( ndn.bv_val );
+
+#if 0
+ tmp_be = select_backend( &nrnc, 0, 0 );
if ( tmp_be != NULL ) {
fprintf( stderr,
"%s: line %d: massaged suffix already in use by another backend in"
" \"suffixMassage \"\n",
fname, lineno );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
+ free( prnc.bv_val );
+ free( nrnc.bv_val );
return 1;
}
+#endif
/*
* The suffix massaging is emulated by means of the
@@ -470,124 +624,372 @@ meta_back_db_config(
* FIXME: no extra rewrite capabilities should be added
* to the database
*/
- return suffix_massage_config( li->targets[ i ]->rwinfo,
- argc, argv );
+ return suffix_massage_config( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
+ &pvnc, &nvnc, &prnc, &nrnc );
/* rewrite stuff ... */
} else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
- int i = li->ntargets-1;
+ int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
- fprintf( stderr,
- "%s: line %d: need \"uri\" directive first\n",
+ fprintf( stderr, "%s: line %d: \"rewrite\" "
+ "statement outside target definition.\n",
fname, lineno );
+ return 1;
}
- return rewrite_parse( li->targets[ i ]->rwinfo, fname, lineno,
- argc, argv );
+ return rewrite_parse( mi->mi_targets[ i ].mt_rwmap.rwm_rw,
+ fname, lineno, argc, argv );
/* objectclass/attribute mapping */
} else if ( strcasecmp( argv[ 0 ], "map" ) == 0 ) {
- struct ldapmap *map;
- struct ldapmapping *mapping;
- char *src, *dst;
- int i = li->ntargets-1;
+ int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
fprintf( stderr,
"%s: line %d: need \"uri\" directive first\n",
fname, lineno );
+ return 1;
}
-
- if ( argc < 3 || argc > 4 ) {
+ return ldap_back_map_config( &mi->mi_targets[ i ].mt_rwmap.rwm_oc,
+ &mi->mi_targets[ i ].mt_rwmap.rwm_at,
+ fname, lineno, argc, argv );
+
+ } else if ( strcasecmp( argv[ 0 ], "nretries" ) == 0 ) {
+ int i = mi->mi_ntargets - 1;
+ int nretries = META_RETRY_UNDEFINED;
+
+ if ( argc != 2 ) {
fprintf( stderr,
- "%s: line %d: syntax is \"map {objectclass | attribute} {