X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=07f3a14df24230dfff5c7a379d8f0b94ab3d045f;hb=b3c3d89140dadff2de0bf987d48b1dfe77035811;hp=da02058f8ce86548ad447edec5051019ee335243;hpb=03ee129fe59bc588d5ebcd86acc65000fd0a05ba;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index da02058f8c..07f3a14df2 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1998-2008 The OpenLDAP Foundation. + * Copyright 1998-2012 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -62,12 +62,16 @@ LDAP_BEGIN_DECL #define LDAP_COLLECTIVE_ATTRIBUTES #define LDAP_COMP_MATCH #define LDAP_SYNC_TIMESTAMP -#define SLAP_CONTROL_X_SORTEDRESULTS -#define SLAP_CONTROL_X_SESSION_TRACKING +#define SLAP_CONTROL_X_WHATFAILED +#define SLAP_CONFIG_DELETE +#ifndef SLAP_SCHEMA_EXPOSE +#define SLAP_SCHEMA_EXPOSE +#endif #endif #define LDAP_DYNAMIC_OBJECTS #define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE +#define SLAP_CONTROL_X_SESSION_TRACKING #define SLAP_DISTPROC #ifdef ENABLE_REWRITE @@ -106,12 +110,25 @@ LDAP_BEGIN_DECL # define SLAP_STRING_UNKNOWN "unknown" #endif /* ! TCP Wrappers */ -/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h! - * This is a value used internally by the backends. It is needed to allow - * adding values that already exist without getting an error as required by - * modrdn when the new rdn was already an attribute value itself. +/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h! */ +/* These values are used internally by the backends. */ +/* SLAP_MOD_SOFTADD allows adding values that already exist without getting + * an error as required by modrdn when the new rdn was already an attribute + * value itself. + */ +#define SLAP_MOD_SOFTADD 0x1000 +/* SLAP_MOD_SOFTDEL allows deleting values if they exist without getting + * an error otherwise. + */ +#define SLAP_MOD_SOFTDEL 0x1001 +/* SLAP_MOD_ADD_IF_NOT_PRESENT allows adding values unless the attribute + * is already present without getting an error. + */ +#define SLAP_MOD_ADD_IF_NOT_PRESENT 0x1002 +/* SLAP_MOD_DEL_IF_PRESENT allows deleting values if the attribute + * is present, without getting an error otherwise. + * The semantics can be obtained using SLAP_MOD_SOFTDEL with NULL values. */ -#define SLAP_MOD_SOFTADD 0x1000 #define MAXREMATCHES (100) @@ -125,10 +142,10 @@ LDAP_BEGIN_DECL #define SLAP_TEXT_BUFLEN (256) -/* psuedo error code indicating abandoned operation */ +/* pseudo error code indicating abandoned operation */ #define SLAPD_ABANDON (-1024) -/* psuedo error code indicating disconnect */ +/* pseudo error code indicating disconnect */ #define SLAPD_DISCONNECT (-1025) /* unknown config file directive */ @@ -299,6 +316,8 @@ enum { SLAP_SCHERR_SYN_NOT_FOUND, SLAP_SCHERR_SYN_DUP, SLAP_SCHERR_SYN_SUP_NOT_FOUND, + SLAP_SCHERR_SYN_SUBST_NOT_SPECIFIED, + SLAP_SCHERR_SYN_SUBST_NOT_FOUND, SLAP_SCHERR_NO_NAME, SLAP_SCHERR_NOT_SUPPORTED, SLAP_SCHERR_BAD_DESCR, @@ -409,11 +428,13 @@ struct Syntax { #define SLAP_SYNTAX_BLOB 0x0001U /* syntax treated as blob (audio) */ #define SLAP_SYNTAX_BINARY 0x0002U /* binary transfer required (certificate) */ #define SLAP_SYNTAX_BER 0x0004U /* stored in BER encoding (certificate) */ -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_SYNTAX_HIDE 0x0000U /* publish everything */ #else #define SLAP_SYNTAX_HIDE 0x8000U /* hide (do not publish) */ #endif +#define SLAP_SYNTAX_HARDCODE 0x10000U /* This is hardcoded schema */ +#define SLAP_SYNTAX_DN 0x20000U /* Treat like a DN */ Syntax **ssyn_sups; @@ -430,7 +451,7 @@ struct Syntax { struct ComponentDesc* ssync_comp_syntax; #endif - LDAP_SLIST_ENTRY(Syntax) ssyn_next; + LDAP_STAILQ_ENTRY(Syntax) ssyn_next; }; #define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0) @@ -515,7 +536,7 @@ struct MatchingRule { slap_mask_t smr_usage; -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_MR_HIDE 0x0000U #else #define SLAP_MR_HIDE 0x8000U @@ -680,12 +701,13 @@ struct AttributeType { Syntax *sat_syntax; AttributeTypeSchemaCheckFN *sat_check; - char *sat_oidmacro; + char *sat_oidmacro; /* attribute OID */ + char *sat_soidmacro; /* syntax OID */ #define SLAP_AT_NONE 0x0000U #define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */ #define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */ -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_AT_HIDE 0x0000U /* publish everything */ #else #define SLAP_AT_HIDE 0x8000U /* hide attribute */ @@ -783,7 +805,7 @@ struct ObjectClass { #define SLAP_OC__MASK 0x00FF #define SLAP_OC__END 0x0100 #define SLAP_OC_OPERATIONAL 0x4000 -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_OC_HIDE 0x0000 #else #define SLAP_OC_HIDE 0x8000 @@ -828,6 +850,7 @@ struct AttributeDescription { #define SLAP_DESC_BINARY 0x01U #define SLAP_DESC_TAG_RANGE 0x80U #define SLAP_DESC_TEMPORARY 0x1000U + unsigned ad_index; }; /* flags to slap_*2undef_ad to register undefined (0, the default) @@ -837,10 +860,13 @@ struct AttributeDescription { #define SLAP_AD_PROXIED 0x01U #define SLAP_AD_NOINSERT 0x02U +#define SLAP_AN_OCEXCLUDE 0x01 +#define SLAP_AN_OCINITED 0x02 + struct AttributeName { struct berval an_name; AttributeDescription *an_desc; - int an_oc_exclude; + int an_flags; ObjectClass *an_oc; }; @@ -967,6 +993,8 @@ struct slap_internal_schema { MatchingRule *si_mr_integerMatch; MatchingRule *si_mr_integerFirstComponentMatch; MatchingRule *si_mr_objectIdentifierFirstComponentMatch; + MatchingRule *si_mr_caseIgnoreMatch; + MatchingRule *si_mr_caseIgnoreListMatch; /* Syntaxes */ Syntax *si_syn_directoryString; @@ -1272,7 +1300,9 @@ typedef enum slap_style_e { ACL_STYLE_SELF, ACL_STYLE_IP, ACL_STYLE_IPV6, - ACL_STYLE_PATH + ACL_STYLE_PATH, + + ACL_STYLE_NONE } slap_style_t; typedef struct AuthorizationInformation { @@ -1371,8 +1401,8 @@ typedef struct Access { #define ACL_PRIV_SET(m,p) do { (m) |= (p); } while(0) #define ACL_PRIV_CLR(m,p) do { (m) &= ~(p); } while(0) -#define ACL_INIT(m) ACL_PRIV_ASSIGN(m, ACL_PRIV_NONE) -#define ACL_INVALIDATE(m) ACL_PRIV_ASSIGN(m, ACL_PRIV_INVALID) +#define ACL_INIT(m) ACL_PRIV_ASSIGN((m), ACL_PRIV_NONE) +#define ACL_INVALIDATE(m) ACL_PRIV_ASSIGN((m), ACL_PRIV_INVALID) #define ACL_GRANT(m,a) ACL_PRIV_ISSET((m),ACL_ACCESS2PRIV(a)) @@ -1517,26 +1547,35 @@ typedef struct AccessControl { struct AccessControl *acl_next; } AccessControl; -typedef enum { - ACL_STATE_NOT_RECORDED = 0x0, - ACL_STATE_RECORDED_VD = 0x1, - ACL_STATE_RECORDED_NV = 0x2, - ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV ) -} slap_acl_state_t; - typedef struct AccessControlState { /* Access state */ - AccessControl *as_vi_acl; - AccessControl *as_vd_acl; - AttributeDescription *as_vd_ad; + /* The stored state is valid when requesting as_access access + * to the as_desc attributes. */ + AttributeDescription *as_desc; + slap_access_t as_access; - slap_acl_state_t as_recorded; + /* Value dependent acl where processing can restart */ + AccessControl *as_vd_acl; + int as_vd_acl_present; int as_vd_acl_count; + slap_mask_t as_vd_mask; + + /* The cached result after evaluating a value independent attr. + * Only valid when != -1 and as_vd_acl == NULL */ int as_result; + + /* True if started to process frontend ACLs */ + int as_fe_done; } AccessControlState; -#define ACL_STATE_INIT { NULL, NULL, NULL, \ - ACL_STATE_NOT_RECORDED, 0, 0 } +#define ACL_STATE_INIT { NULL, ACL_NONE, NULL, 0, 0, ACL_PRIV_NONE, -1, 0 } + +typedef struct AclRegexMatches { + int dn_count; + regmatch_t dn_data[MAXREMATCHES]; + int val_count; + regmatch_t val_data[MAXREMATCHES]; +} AclRegexMatches; /* * Backend-info @@ -1563,12 +1602,19 @@ LDAP_SLAPD_V (int) slapMode; #define SLAP_TOOL_READONLY 0x0400 #define SLAP_TOOL_QUICK 0x0800 #define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000 +#define SLAP_TOOL_VALUE_CHECK 0x2000 #define SB_TLS_DEFAULT (-1) #define SB_TLS_OFF 0 #define SB_TLS_ON 1 #define SB_TLS_CRITICAL 2 +typedef struct slap_keepalive { + int sk_idle; + int sk_probes; + int sk_interval; +} slap_keepalive; + typedef struct slap_bindconf { struct berval sb_uri; int sb_version; @@ -1583,6 +1629,7 @@ typedef struct slap_bindconf { struct berval sb_realm; struct berval sb_authcId; struct berval sb_authzId; + slap_keepalive sb_keepalive; #ifdef HAVE_TLS void *sb_tls_ctx; char *sb_tls_cert; @@ -1591,6 +1638,7 @@ typedef struct slap_bindconf { char *sb_tls_cacertdir; char *sb_tls_reqcert; char *sb_tls_cipher_suite; + char *sb_tls_protocol_min; #ifdef HAVE_OPENSSL_CRL char *sb_tls_crlcheck; #endif @@ -1611,6 +1659,14 @@ typedef struct slap_cf_aux_table { void *aux; } slap_cf_aux_table; +typedef int +slap_cf_aux_table_parse_x LDAP_P(( + struct berval *val, + void *bc, + slap_cf_aux_table *tab0, + const char *tabmsg, + int unparse )); + #define SLAP_LIMIT_TIME 1 #define SLAP_LIMIT_SIZE 2 @@ -1634,6 +1690,7 @@ struct slap_limits_set { struct slap_limits { unsigned lm_flags; /* type of pattern */ + /* Values must match lmpats[] in limits.c */ #define SLAP_LIMITS_UNDEFINED 0x0000U #define SLAP_LIMITS_EXACT 0x0001U #define SLAP_LIMITS_BASE SLAP_LIMITS_EXACT @@ -1646,8 +1703,10 @@ struct slap_limits { #define SLAP_LIMITS_ANY 0x0008U #define SLAP_LIMITS_MASK 0x000FU -#define SLAP_LIMITS_TYPE_DN 0x0000U +#define SLAP_LIMITS_TYPE_SELF 0x0000U +#define SLAP_LIMITS_TYPE_DN SLAP_LIMITS_TYPE_SELF #define SLAP_LIMITS_TYPE_GROUP 0x0010U +#define SLAP_LIMITS_TYPE_THIS 0x0020U #define SLAP_LIMITS_TYPE_MASK 0x00F0U regex_t lm_regex; /* regex data for REGEX */ @@ -1681,17 +1740,22 @@ struct syncinfo_s; #define SLAP_SYNC_RID_MAX 999 #define SLAP_SYNC_SID_MAX 4095 /* based on liblutil/csn.c field width */ -#define SLAP_SYNCUUID_SET_SIZE 256 -#define SLAP_SYNC_UPDATE_MSGID 1 +/* fake conn connid constructed as rid; real connids start + * at SLAPD_SYNC_CONN_OFFSET */ +#define SLAPD_SYNC_SYNCCONN_OFFSET (SLAP_SYNC_RID_MAX + 1) +#define SLAPD_SYNC_IS_SYNCCONN(connid) ((connid) < SLAPD_SYNC_SYNCCONN_OFFSET) +#define SLAPD_SYNC_RID2SYNCCONN(rid) (rid) + +#define SLAP_SYNCUUID_SET_SIZE 256 struct sync_cookie { - struct berval *ctxcsn; - struct berval octet_str; + BerVarray ctxcsn; + int *sids; + int numcsns; int rid; + struct berval octet_str; int sid; - int numcsns; - int *sids; LDAP_STAILQ_ENTRY(sync_cookie) sc_next; }; @@ -1750,6 +1814,7 @@ struct BackendDB { #define be_entry_open bd_info->bi_tool_entry_open #define be_entry_close bd_info->bi_tool_entry_close #define be_entry_first bd_info->bi_tool_entry_first +#define be_entry_first_x bd_info->bi_tool_entry_first_x #define be_entry_next bd_info->bi_tool_entry_next #define be_entry_reindex bd_info->bi_tool_entry_reindex #define be_entry_get bd_info->bi_tool_entry_get @@ -1781,6 +1846,11 @@ struct BackendDB { #define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */ #define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */ #define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */ +#define SLAP_DBFLAG_SHADOW_MASK (SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SINGLE_SHADOW|SLAP_DBFLAG_SYNC_SHADOW|SLAP_DBFLAG_SLURP_SHADOW) +#define SLAP_DBFLAG_CLEAN 0x10000U /* was cleanly shutdown */ +#define SLAP_DBFLAG_ACL_ADD 0x20000U /* check attr ACLs on adds */ +#define SLAP_DBFLAG_SYNC_SUBENTRY 0x40000U /* use subentry for context */ +#define SLAP_DBFLAG_MULTI_SHADOW 0x80000U /* uses mirrorMode/multi-master */ slap_mask_t be_flags; #define SLAP_DBFLAGS(be) ((be)->be_flags) #define SLAP_NOLASTMOD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_NOLASTMOD) @@ -1804,7 +1874,10 @@ struct BackendDB { #define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW) #define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW) #define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW) -#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be)) +#define SLAP_MULTIMASTER(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_MULTI_SHADOW) +#define SLAP_DBCLEAN(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_CLEAN) +#define SLAP_DBACL_ADD(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_ACL_ADD) +#define SLAP_SYNC_SUBENTRY(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SUBENTRY) slap_mask_t be_restrictops; /* restriction operations */ #define SLAP_RESTRICT_OP_ADD 0x0001U @@ -1852,6 +1925,9 @@ struct BackendDB { #define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */ #define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */ +#define SLAP_DISALLOW_PROXY_AUTHZ_N_CRIT 0x0100U +#define SLAP_DISALLOW_DONTUSECOPY_N_CRIT 0x0200U + #define SLAP_DISALLOW_AUX_WO_CR 0x4000U slap_mask_t be_requires; /* pre-operation requirements */ @@ -1878,13 +1954,13 @@ struct BackendDB { struct slap_limits **be_limits; /* regex-based size and time limits */ AccessControl *be_acl; /* access control list for this backend */ slap_access_t be_dfltaccess; /* access given if no acl matches */ + AttributeName *be_extra_anlist; /* attributes that need to be added to search requests (ITS#6513) */ /* Replica Information */ struct berval be_update_ndn; /* allowed to make changes (in replicas) */ BerVarray be_update_refs; /* where to refer modifying clients to */ struct be_pcl *be_pending_csn_list; ldap_pvt_thread_mutex_t be_pcl_mutex; - ldap_pvt_thread_mutex_t *be_pcl_mutexp; struct syncinfo_s *be_syncinfo; /* For syncrepl */ void *be_pb; /* Netscape plugin */ @@ -1967,7 +2043,7 @@ typedef struct req_abandon_s { ber_int_t rs_msgid; } req_abandon_s; -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_EXOP_HIDE 0x0000 #else #define SLAP_EXOP_HIDE 0x8000 @@ -2037,24 +2113,28 @@ struct SlapReply { BerVarray sr_ref; LDAPControl **sr_ctrls; union sr_u { + rep_search_s sru_search; rep_sasl_s sru_sasl; rep_extended_s sru_extended; - rep_search_s sru_search; } sr_un; slap_mask_t sr_flags; -#define REP_ENTRY_MODIFIABLE 0x0001U -#define REP_ENTRY_MUSTBEFREED 0x0002U -#define REP_ENTRY_MUSTRELEASE 0x0004U -#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE) +#define REP_ENTRY_MODIFIABLE ((slap_mask_t) 0x0001U) +#define REP_ENTRY_MUSTBEFREED ((slap_mask_t) 0x0002U) +#define REP_ENTRY_MUSTRELEASE ((slap_mask_t) 0x0004U) +#define REP_ENTRY_MASK (REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTFLUSH) +#define REP_ENTRY_MUSTFLUSH (REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE) -#define REP_MATCHED_MUSTBEFREED 0x0010U +#define REP_MATCHED_MUSTBEFREED ((slap_mask_t) 0x0010U) #define REP_MATCHED_MASK (REP_MATCHED_MUSTBEFREED) -#define REP_REF_MUSTBEFREED 0x0020U +#define REP_REF_MUSTBEFREED ((slap_mask_t) 0x0020U) #define REP_REF_MASK (REP_REF_MUSTBEFREED) -#define REP_NO_ENTRYDN 0x1000U -#define REP_NO_SUBSCHEMA 0x2000U +#define REP_CTRLS_MUSTBEFREED ((slap_mask_t) 0x0040U) +#define REP_CTRLS_MASK (REP_CTRLS_MUSTBEFREED) + +#define REP_NO_ENTRYDN ((slap_mask_t) 0x1000U) +#define REP_NO_SUBSCHEMA ((slap_mask_t) 0x2000U) #define REP_NO_OPERATIONALS (REP_NO_ENTRYDN|REP_NO_SUBSCHEMA) }; @@ -2107,6 +2187,7 @@ typedef BI_conn_func BI_connection_destroy; typedef int (BI_tool_entry_open) LDAP_P(( BackendDB *be, int mode )); typedef int (BI_tool_entry_close) LDAP_P(( BackendDB *be )); typedef ID (BI_tool_entry_first) LDAP_P(( BackendDB *be )); +typedef ID (BI_tool_entry_first_x) LDAP_P(( BackendDB *be, struct berval *base, int scope, Filter *f )); typedef ID (BI_tool_entry_next) LDAP_P(( BackendDB *be )); typedef Entry* (BI_tool_entry_get) LDAP_P(( BackendDB *be, ID id )); typedef ID (BI_tool_entry_put) LDAP_P(( BackendDB *be, Entry *e, @@ -2206,7 +2287,8 @@ struct BackendInfo { /* hooks for slap tools */ BI_tool_entry_open *bi_tool_entry_open; BI_tool_entry_close *bi_tool_entry_close; - BI_tool_entry_first *bi_tool_entry_first; + BI_tool_entry_first *bi_tool_entry_first; /* deprecated */ + BI_tool_entry_first_x *bi_tool_entry_first_x; BI_tool_entry_next *bi_tool_entry_next; BI_tool_entry_get *bi_tool_entry_get; BI_tool_entry_put *bi_tool_entry_put; @@ -2325,7 +2407,6 @@ typedef struct slap_overinfo { } slap_overinfo; /* Should successive callbacks in a chain be processed? */ -#define SLAP_CB_FREEME 0x04000 #define SLAP_CB_BYPASS 0x08800 #define SLAP_CB_CONTINUE 0x08000 @@ -2343,6 +2424,7 @@ typedef struct PagedResultsState { struct slap_csn_entry { struct berval ce_csn; + int ce_sid; unsigned long ce_opid; unsigned long ce_connid; #define SLAP_CSN_PENDING 1 @@ -2393,6 +2475,9 @@ struct slap_control_ids { int sc_sessionTracking; #endif int sc_valuesReturnFilter; +#ifdef SLAP_CONTROL_X_WHATFAILED + int sc_whatFailed; +#endif }; /* @@ -2573,6 +2658,7 @@ struct Operation { GroupAssertion *o_groups; char o_do_not_cache; /* don't cache groups from this op */ char o_is_auth_check; /* authorization in progress */ + char o_dont_replicate; slap_access_t o_acl_priv; char o_nocaching; @@ -2662,6 +2748,11 @@ struct Operation { #define get_sessionTracking(op) ((int)(op)->o_session_tracking) #endif +#ifdef SLAP_CONTROL_X_WHATFAILED +#define o_whatFailed o_ctrlflag[slap_cids.sc_whatFailed] +#define get_whatFailed(op) _SCM((op)->o_whatFailed) +#endif + #define o_sync o_ctrlflag[slap_cids.sc_LDAPsync] AuthorizationInformation o_authz; @@ -2687,7 +2778,7 @@ typedef struct OperationBuffer { #define send_ldap_error( op, rs, err, text ) do { \ (rs)->sr_err = err; (rs)->sr_text = text; \ - (op->o_conn->c_send_ldap_result)( op, rs ); \ + ((op)->o_conn->c_send_ldap_result)( op, rs ); \ } while (0) #define send_ldap_discon( op, rs, err, text ) do { \ (rs)->sr_err = err; (rs)->sr_text = text; \ @@ -2716,14 +2807,31 @@ typedef void (SEND_LDAP_INTERMEDIATE)( #define send_ldap_intermediate( op, rs ) \ ((op)->o_conn->c_send_ldap_intermediate)( op, rs ) -typedef struct slap_listener Listener; +typedef struct Listener Listener; /* * represents a connection from an ldap client */ +/* structure state (protected by connections_mutex) */ +enum sc_struct_state { + SLAP_C_UNINITIALIZED = 0, /* MUST BE ZERO (0) */ + SLAP_C_UNUSED, + SLAP_C_USED, + SLAP_C_PENDING +}; + +/* connection state (protected by c_mutex ) */ +enum sc_conn_state { + SLAP_C_INVALID = 0, /* MUST BE ZERO (0) */ + SLAP_C_INACTIVE, /* zero threads */ + SLAP_C_CLOSING, /* closing */ + SLAP_C_ACTIVE, /* one or more threads */ + SLAP_C_BINDING, /* binding */ + SLAP_C_CLIENT /* outbound client conn */ +}; struct Connection { - int c_struct_state; /* structure management state */ - int c_conn_state; /* connection state */ + enum sc_struct_state c_struct_state; /* structure management state */ + enum sc_conn_state c_conn_state; /* connection state */ int c_conn_idx; /* slot in connections array */ ber_socket_t c_sd; const char *c_close_reason; /* why connection is closing */ @@ -2765,14 +2873,18 @@ struct Connection { LDAP_STAILQ_HEAD(c_o, Operation) c_ops; /* list of operations being processed */ LDAP_STAILQ_HEAD(c_po, Operation) c_pending_ops; /* list of pending operations */ - ldap_pvt_thread_mutex_t c_write_mutex; /* only one pdu written at a time */ - ldap_pvt_thread_cond_t c_write_cv; /* used to wait for sd write-ready*/ + ldap_pvt_thread_mutex_t c_write1_mutex; /* only one pdu written at a time */ + ldap_pvt_thread_cond_t c_write1_cv; /* only one pdu written at a time */ + ldap_pvt_thread_mutex_t c_write2_mutex; /* used to wait for sd write-ready */ + ldap_pvt_thread_cond_t c_write2_cv; /* used to wait for sd write-ready*/ BerElement *c_currentber; /* ber we're attempting to read */ + int c_writers; /* number of writers waiting */ + char c_writing; /* someone is writing */ char c_sasl_bind_in_progress; /* multi-op bind in progress */ + char c_writewaiter; /* true if blocked on write */ - char c_writewaiter; /* true if writer is waiting */ #define CONN_IS_TLS 1 #define CONN_IS_UDP 2 @@ -2847,7 +2959,7 @@ struct Connection { #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \ do { \ if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\ + lutil_debug( ldap_debug, (level), (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\ } while (0) #define StatslogTest( level ) (ldap_debug & (level)) #endif /* !LDAP_SYSLOG */ @@ -2859,7 +2971,7 @@ struct Connection { /* * listener; need to access it from monitor backend */ -struct slap_listener { +struct Listener { struct berval sl_url; struct berval sl_name; mode_t sl_perms; @@ -2874,6 +2986,13 @@ struct slap_listener { ber_socket_t sl_sd; Sockaddr sl_sa; #define sl_addr sl_sa.sa_in_addr +#ifdef LDAP_DEVEL +#define LDAP_TCP_BUFFER +#endif +#ifdef LDAP_TCP_BUFFER + int sl_tcp_rmem; /* custom TCP read buffer size */ + int sl_tcp_wmem; /* custom TCP write buffer size */ +#endif }; /* @@ -2885,7 +3004,7 @@ struct slap_listener { /* number of response controls supported */ #define SLAP_MAX_RESPONSE_CONTROLS 6 -#ifdef LDAP_DEVEL +#ifdef SLAP_SCHEMA_EXPOSE #define SLAP_CTRL_HIDE 0x00000000U #else #define SLAP_CTRL_HIDE 0x80000000U @@ -2921,7 +3040,6 @@ typedef int (*SLAP_ENTRY_INFO_FN) LDAP_P(( void *arg, Entry *e )); #define SLAP_SLAB_SIZE (1024*1024) #define SLAP_SLAB_STACK 1 -#define SLAP_SLAB_SOBLOCK 64 #define SLAP_ZONE_ALLOC 1 #undef SLAP_ZONE_ALLOC @@ -3151,25 +3269,6 @@ struct ComponentSyntaxInfo { #endif /* LDAP_COMP_MATCH */ -/* slab heap data structures */ - -struct slab_object { - void *so_ptr; - int so_blockhead; - LDAP_LIST_ENTRY(slab_object) so_link; -}; - -struct slab_heap { - void *sh_base; - void *sh_last; - void *sh_end; - int sh_stack; - int sh_maxorder; - unsigned char **sh_map; - LDAP_LIST_HEAD( sh_freelist, slab_object ) *sh_free; - LDAP_LIST_HEAD( sh_so, slab_object ) sh_sopool; -}; - #ifdef SLAP_ZONE_ALLOC #define SLAP_ZONE_SIZE 0x80000 /* 512KB */ #define SLAP_ZONE_SHIFT 19