X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foverlays%2Fauditlog.c;h=55aabd40af8909c858b6c49349154c1e946a0d83;hb=2317211a8f7b1a50862bd16c29d208b62fbb387b;hp=ab245794192b6f5110047f25041653debca3c91c;hpb=98936ee3c4d11e1dee4426c12ef49ba102623bba;p=openldap

diff --git a/servers/slapd/overlays/auditlog.c b/servers/slapd/overlays/auditlog.c
index ab24579419..55aabd40af 100644
--- a/servers/slapd/overlays/auditlog.c
+++ b/servers/slapd/overlays/auditlog.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2005 The OpenLDAP Foundation.
+ * Copyright 2005-2008 The OpenLDAP Foundation.
  * Portions copyright 2004-2005 Symas Corporation.
  * All rights reserved.
  *
@@ -29,6 +29,7 @@
 #include <ac/ctype.h>
 
 #include "slap.h"
+#include "config.h"
 #include "ldif.h"
 
 typedef struct auditlog_data {
@@ -36,7 +37,27 @@ typedef struct auditlog_data {
 	char *ad_logfile;
 } auditlog_data;
 
-int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
+static ConfigTable auditlogcfg[] = {
+	{ "auditlog", "filename", 2, 2, 0,
+	  ARG_STRING|ARG_OFFSET,
+	  (void *)offsetof(auditlog_data, ad_logfile),
+	  "( OLcfgOvAt:15.1 NAME 'olcAuditlogFile' "
+	  "DESC 'Filename for auditlogging' "
+	  "SYNTAX OMsDirectoryString )", NULL, NULL },
+	{ NULL, NULL, 0, 0, 0, ARG_IGNORED }
+};
+
+static ConfigOCs auditlogocs[] = {
+	{ "( OLcfgOvOc:15.1 "
+	  "NAME 'olcAuditlogConfig' "
+	  "DESC 'Auditlog configuration' "
+	  "SUP olcOverlayConfig "
+	  "MAY ( olcAuditlogFile ) )",
+	  Cft_Overlay, auditlogcfg },
+	{ NULL, 0, NULL }
+};
+
+static int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
 	char *s;
 	if((s = ldif_put(LDIF_PUT_VALUE, name, val, len)) == NULL)
 		return(-1);
@@ -45,20 +66,20 @@ int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
 	return(0);
 }
 
-int auditlog_response(Operation *op, SlapReply *rs) {
+static int auditlog_response(Operation *op, SlapReply *rs) {
 	slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
 	auditlog_data *ad = on->on_bi.bi_private;
 	FILE *f;
 	Attribute *a;
 	Modifications *m;
-	struct berval *b;
-	char *what, *subop, *suffix, *who = NULL;
+	struct berval *b, *who = NULL;
+	char *what, *suffix;
 	long stamp = slap_get_time();
 	int i;
 
 	if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
 
-	if ( !op->o_bd || !ad->ad_logfile ) return SLAP_CB_CONTINUE;
+	if ( !ad->ad_logfile ) return SLAP_CB_CONTINUE;
 
 /*
 ** add or modify: use modifiersName if present
@@ -71,15 +92,17 @@ int auditlog_response(Operation *op, SlapReply *rs) {
 			what = "add";
 			for(a = op->ora_e->e_attrs; a; a = a->a_next)
 				if( a->a_desc == slap_schema.si_ad_modifiersName ) {
-					who = a->a_vals[0].bv_val;
+					who = &a->a_vals[0];
 					break;
 				}
 			break;
 		case LDAP_REQ_MODIFY:
 			what = "modify";
 			for(m = op->orm_modlist; m; m = m->sml_next)
-				if( m->sml_desc == slap_schema.si_ad_modifiersName ) {
-					who = m->sml_values[0].bv_val;
+				if( m->sml_desc == slap_schema.si_ad_modifiersName &&
+					( m->sml_op == LDAP_MOD_ADD ||
+					m->sml_op == LDAP_MOD_REPLACE )) {
+					who = &m->sml_values[0];
 					break;
 				}
 			break;
@@ -94,7 +117,7 @@ int auditlog_response(Operation *op, SlapReply *rs) {
 ** note: this means requestor's dn when modifiersName is null
 */
 	if ( !who )
-		who = op->o_dn.bv_val;
+		who = &op->o_dn;
 
 	ldap_pvt_thread_mutex_lock(&ad->ad_mutex);
 	if((f = fopen(ad->ad_logfile, "a")) == NULL) {
@@ -102,14 +125,20 @@ int auditlog_response(Operation *op, SlapReply *rs) {
 		return SLAP_CB_CONTINUE;
 	}
 
-	fprintf(f, "# %s %ld %s%s%s\ndn: %s\nchangetype: %s\n",
-		what, stamp, suffix, who ? " " : "", who ? who : "",
+	fprintf(f, "# %s %ld %s%s%s\n",
+		what, stamp, suffix, who ? " " : "", who ? who->bv_val : "");
+
+	if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) &&
+		(!who || !dn_match( who, &op->o_conn->c_dn )))
+		fprintf(f, "# realdn: %s\n", op->o_conn->c_dn.bv_val );
+
+	fprintf(f, "dn: %s\nchangetype: %s\n",
 		op->o_req_dn.bv_val, what);
 
 	switch(op->o_tag) {
 	  case LDAP_REQ_ADD:
 		for(a = op->ora_e->e_attrs; a; a = a->a_next)
-		    if(b = a->a_vals)
+		  if((b = a->a_vals) != NULL)
 			for(i = 0; b[i].bv_val; i++)
 				fprint_ldif(f, a->a_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
 		break;
@@ -126,7 +155,8 @@ int auditlog_response(Operation *op, SlapReply *rs) {
 					continue;
 			}
 			fprintf(f, "%s: %s\n", what, m->sml_desc->ad_cname.bv_val);
-			if(b = m->sml_values) for(i = 0; b[i].bv_val; i++)
+			if((b = m->sml_values) != NULL)
+			  for(i = 0; b[i].bv_val; i++)
 				fprint_ldif(f, m->sml_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
 			fprintf(f, "-\n");
 		}
@@ -154,11 +184,12 @@ static slap_overinst auditlog;
 
 static int
 auditlog_db_init(
-	BackendDB *be
+	BackendDB *be,
+	ConfigReply *cr
 )
 {
 	slap_overinst *on = (slap_overinst *)be->bd_info;
-	auditlog_data *ad = ch_malloc(sizeof(auditlog_data));
+	auditlog_data *ad = ch_calloc(1, sizeof(auditlog_data));
 
 	on->on_bi.bi_private = ad;
 	ldap_pvt_thread_mutex_init( &ad->ad_mutex );
@@ -167,7 +198,8 @@ auditlog_db_init(
 
 static int
 auditlog_db_close(
-	BackendDB *be
+	BackendDB *be,
+	ConfigReply *cr
 )
 {
 	slap_overinst *on = (slap_overinst *)be->bd_info;
@@ -175,11 +207,13 @@ auditlog_db_close(
 
 	free( ad->ad_logfile );
 	ad->ad_logfile = NULL;
+	return 0;
 }
 
 static int
 auditlog_db_destroy(
-	BackendDB *be
+	BackendDB *be,
+	ConfigReply *cr
 )
 {
 	slap_overinst *on = (slap_overinst *)be->bd_info;
@@ -187,43 +221,22 @@ auditlog_db_destroy(
 
 	ldap_pvt_thread_mutex_destroy( &ad->ad_mutex );
 	free( ad );
-}
-
-static int
-auditlog_config(
-	BackendDB	*be,
-	const char	*fname,
-	int		lineno,
-	int		argc,
-	char	**argv
-)
-{
-	slap_overinst *on = (slap_overinst *) be->bd_info;
-	auditlog_data *ad = on->on_bi.bi_private;
-
-	/* history log file */
-	if ( strcasecmp( argv[0], "auditlog" ) == 0 ) {
-		if ( argc < 2 ) {
-			Debug( LDAP_DEBUG_ANY,
-	    "%s: line %d: missing filename in \"auditlog <filename>\" line\n",
-			    fname, lineno, 0 );
-				return( 1 );
-		}
-		ad->ad_logfile = ch_strdup( argv[1] );
-		return 0;
-	}
-	return SLAP_CONF_UNKNOWN;
+	return 0;
 }
 
 int auditlog_initialize() {
+	int rc;
 
 	auditlog.on_bi.bi_type = "auditlog";
 	auditlog.on_bi.bi_db_init = auditlog_db_init;
-	auditlog.on_bi.bi_db_config = auditlog_config;
 	auditlog.on_bi.bi_db_close = auditlog_db_close;
 	auditlog.on_bi.bi_db_destroy = auditlog_db_destroy;
 	auditlog.on_response = auditlog_response;
 
+	auditlog.on_bi.bi_cf_ocs = auditlogocs;
+	rc = config_register_schema( auditlogcfg, auditlogocs );
+	if ( rc ) return rc;
+
 	return overlay_register(&auditlog);
 }