X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fextended.c;h=10461dcd7c1b199cb7267681c9a8048271a96375;hb=3bf9998d7885ef6bbc4690d4229e5cb5068a35de;hp=36c42e446ecfc61baa9f6526036eb8cda6ed6a4d;hpb=8c52d0e40160096d267b461d2285733432a14138;p=openldap diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c index 36c42e446e..10461dcd7c 100644 --- a/servers/slapd/extended.c +++ b/servers/slapd/extended.c @@ -1,7 +1,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1999-2005 The OpenLDAP Foundation. + * Copyright 1999-2008 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -39,9 +39,6 @@ #include "slap.h" #include "lber_pvt.h" -#define UNSUPPORTED_EXOP "unsupported extended operation" - - static struct extop_list { struct extop_list *next; struct berval oid; @@ -56,22 +53,18 @@ static SLAP_EXTOP_MAIN_FN whoami_extop; * just a way to get built-in extops onto the extop list without * having a separate init routine for each built-in extop. */ -const struct berval slap_EXOP_CANCEL = BER_BVC(LDAP_EXOP_X_CANCEL); -const struct berval slap_EXOP_WHOAMI = BER_BVC(LDAP_EXOP_X_WHO_AM_I); -const struct berval slap_EXOP_MODIFY_PASSWD = BER_BVC(LDAP_EXOP_MODIFY_PASSWD); -const struct berval slap_EXOP_START_TLS = BER_BVC(LDAP_EXOP_START_TLS); - static struct { const struct berval *oid; slap_mask_t flags; SLAP_EXTOP_MAIN_FN *ext_main; } builtin_extops[] = { - { &slap_EXOP_CANCEL, SLAP_EXOP_HIDE, cancel_extop }, +#ifdef LDAP_X_TXN + { &slap_EXOP_TXN_START, 0, txn_start_extop }, + { &slap_EXOP_TXN_END, 0, txn_end_extop }, +#endif + { &slap_EXOP_CANCEL, 0, cancel_extop }, { &slap_EXOP_WHOAMI, 0, whoami_extop }, { &slap_EXOP_MODIFY_PASSWD, SLAP_EXOP_WRITES, passwd_extop }, -#ifdef HAVE_TLS - { &slap_EXOP_START_TLS, 0, starttls_extop }, -#endif { NULL, 0, NULL } }; @@ -130,19 +123,20 @@ do_extended( ber_tag_t tag; ber_len_t len; - Debug( LDAP_DEBUG_TRACE, "do_extended\n", 0, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, "%s do_extended\n", + op->o_log_prefix, 0, 0 ); if( op->o_protocol < LDAP_VERSION3 ) { - Debug( LDAP_DEBUG_ANY, - "do_extended: protocol version (%d) too low\n", - op->o_protocol, 0 ,0 ); + Debug( LDAP_DEBUG_ANY, "%s do_extended: protocol version (%d) too low\n", + op->o_log_prefix, op->o_protocol, 0 ); send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "requires LDAPv3" ); rs->sr_err = SLAPD_DISCONNECT; goto done; } if ( ber_scanf( op->o_ber, "{m" /*}*/, &op->ore_reqoid ) == LBER_ERROR ) { - Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 ); + Debug( LDAP_DEBUG_ANY, "%s do_extended: ber_scanf failed\n", + op->o_log_prefix, 0, 0 ); send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); rs->sr_err = SLAPD_DISCONNECT; goto done; @@ -152,7 +146,8 @@ do_extended( if( ber_peek_tag( op->o_ber, &len ) == LDAP_TAG_EXOP_REQ_VALUE ) { if( ber_scanf( op->o_ber, "m", &reqdata ) == LBER_ERROR ) { - Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 ); + Debug( LDAP_DEBUG_ANY, "%s do_extended: ber_scanf failed\n", + op->o_log_prefix, 0, 0 ); send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" ); rs->sr_err = SLAPD_DISCONNECT; goto done; @@ -160,10 +155,14 @@ do_extended( } if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) { - Debug( LDAP_DEBUG_ANY, "do_extended: get_ctrls failed\n", 0, 0 ,0 ); + Debug( LDAP_DEBUG_ANY, "%s do_extended: get_ctrls failed\n", + op->o_log_prefix, 0, 0 ); return rs->sr_err; } + Statslog( LDAP_DEBUG_STATS, "%s EXT oid=%s\n", + op->o_log_prefix, op->ore_reqoid.bv_val, 0, 0, 0 ); + /* check for controls inappropriate for all extended operations */ if( get_manageDSAit( op ) == SLAP_CONTROL_CRITICAL ) { send_ldap_error( op, rs, @@ -180,6 +179,18 @@ do_extended( op->o_bd = frontendDB; rs->sr_err = frontendDB->be_extended( op, rs ); + /* clean up in case some overlay set them? */ + if ( !BER_BVISNULL( &op->o_req_ndn ) ) { + if ( !BER_BVISNULL( &op->o_req_dn ) + && op->o_req_ndn.bv_val != op->o_req_dn.bv_val ) + { + op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx ); + } + op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_req_dn ); + BER_BVZERO( &op->o_req_ndn ); + } + done: return rs->sr_err; } @@ -194,10 +205,10 @@ fe_extended( Operation *op, SlapReply *rs ) reqdata = *op->ore_reqdata; } - if( !(ext = find_extop(supp_ext_list, &op->ore_reqoid ))) - { - Debug( LDAP_DEBUG_ANY, "do_extended: unsupported operation \"%s\"\n", - op->ore_reqoid.bv_val, 0 ,0 ); + ext = find_extop(supp_ext_list, &op->ore_reqoid ); + if ( ext == NULL ) { + Debug( LDAP_DEBUG_ANY, "%s do_extended: unsupported operation \"%s\"\n", + op->o_log_prefix, op->ore_reqoid.bv_val, 0 ); send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "unsupported extended operation" ); goto done; @@ -209,6 +220,8 @@ fe_extended( Operation *op, SlapReply *rs ) op->ore_reqoid.bv_val, 0 ,0 ); { /* start of OpenLDAP extended operation */ + BackendDB *bd = op->o_bd; + rs->sr_err = (ext->ext_main)( op, rs ); if( rs->sr_err != SLAPD_ABANDON ) { @@ -223,7 +236,7 @@ fe_extended( Operation *op, SlapReply *rs ) } if ( op->o_bd == NULL ) - op->o_bd = frontendDB; + op->o_bd = bd; send_ldap_extended( op, rs ); if ( rs->sr_ref != default_referral ) { @@ -246,32 +259,67 @@ done:; } int -load_extop( - struct berval *ext_oid, +load_extop2( + const struct berval *ext_oid, slap_mask_t ext_flags, - SLAP_EXTOP_MAIN_FN *ext_main ) + SLAP_EXTOP_MAIN_FN *ext_main, + unsigned flags ) { - struct extop_list *ext; + struct berval oidm = BER_BVNULL; + struct extop_list *ext; + int insertme = 0; - if( ext_oid == NULL || ext_oid->bv_val == NULL || - ext_oid->bv_val[0] == '\0' || ext_oid->bv_len == 0 ) return -1; - if(!ext_main) return -1; + if ( !ext_main ) { + return -1; + } - ext = ch_calloc(1, sizeof(struct extop_list) + ext_oid->bv_len + 1); - if (ext == NULL) - return(-1); + if ( ext_oid == NULL || BER_BVISNULL( ext_oid ) || + BER_BVISEMPTY( ext_oid ) ) + { + return -1; + } - ext->flags = ext_flags; + if ( numericoidValidate( NULL, (struct berval *)ext_oid ) != + LDAP_SUCCESS ) + { + oidm.bv_val = oidm_find( ext_oid->bv_val ); + if ( oidm.bv_val == NULL ) { + return -1; + } + oidm.bv_len = strlen( oidm.bv_val ); + ext_oid = &oidm; + } + + for ( ext = supp_ext_list; ext; ext = ext->next ) { + if ( bvmatch( ext_oid, &ext->oid ) ) { + if ( flags == 1 ) { + break; + } + return -1; + } + } + + if ( flags == 0 || ext == NULL ) { + ext = ch_calloc( 1, sizeof(struct extop_list) + ext_oid->bv_len + 1 ); + if ( ext == NULL ) { + return(-1); + } + + ext->oid.bv_val = (char *)(ext + 1); + AC_MEMCPY( ext->oid.bv_val, ext_oid->bv_val, ext_oid->bv_len ); + ext->oid.bv_len = ext_oid->bv_len; + ext->oid.bv_val[ext->oid.bv_len] = '\0'; - ext->oid.bv_val = (char *)(ext + 1); - AC_MEMCPY( ext->oid.bv_val, ext_oid->bv_val, ext_oid->bv_len ); - ext->oid.bv_len = ext_oid->bv_len; - ext->oid.bv_val[ext->oid.bv_len] = '\0'; + insertme = 1; + } + ext->flags = ext_flags; ext->ext_main = ext_main; - ext->next = supp_ext_list; - supp_ext_list = ext; + if ( insertme ) { + ext->next = supp_ext_list; + supp_ext_list = ext; + } return(0); } @@ -281,10 +329,10 @@ extops_init (void) { int i; - for (i = 0; builtin_extops[i].oid != NULL; i++) { - load_extop((struct berval *)builtin_extops[i].oid, + for ( i = 0; builtin_extops[i].oid != NULL; i++ ) { + load_extop( (struct berval *)builtin_extops[i].oid, builtin_extops[i].flags, - builtin_extops[i].ext_main); + builtin_extops[i].ext_main ); } return(0); } @@ -315,6 +363,8 @@ find_extop( struct extop_list *list, struct berval *oid ) } +const struct berval slap_EXOP_WHOAMI = BER_BVC(LDAP_EXOP_WHO_AM_I); + static int whoami_extop ( Operation *op, @@ -328,9 +378,13 @@ whoami_extop ( return LDAP_PROTOCOL_ERROR; } + Statslog( LDAP_DEBUG_STATS, "%s WHOAMI\n", + op->o_log_prefix, 0, 0, 0, 0 ); + op->o_bd = op->o_conn->c_authz_backend; if( backend_check_restrictions( op, rs, - (struct berval *)&slap_EXOP_WHOAMI ) != LDAP_SUCCESS ) { + (struct berval *)&slap_EXOP_WHOAMI ) != LDAP_SUCCESS ) + { return rs->sr_err; }