X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=95eac5c9a657f6adf87e4e18b7d9f145ddd5319b;hb=d1824b14ae78b128fb9ff6cf73d2ec4a0e756a90;hp=d1529f9d759fa0f606a06f518d69a4e5ffa54a0e;hpb=71511a05697269ac8a0a1f54d1fd4438894dc03f;p=openldap

diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index d1529f9d75..95eac5c9a6 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -58,33 +58,23 @@
 
 LDAP_BEGIN_DECL
 
-#ifdef LDAP_DEVEL
 #define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */
-#define SLAP_MULTI_CONN_ARRAY
 #ifdef LDAP_PVT_THREAD_POOL_SEM_LOAD_CONTROL
 #define SLAP_SEM_LOAD_CONTROL
-#endif /* LDAP_PVT_THREAD_POOL_SEM_LOAD_CONTROL */
+#endif
 
-#define SLAP_ACL_HONOR_DISCLOSE	/* partially implemented */
-#define SLAP_ACL_HONOR_MANAGE	/* not yet implemented */
-#define SLAP_OVERLAY_ACCESS
+#ifdef LDAP_DEVEL
+#define LDAP_COLLECTIVE_ATTRIBUTES
 #define LDAP_COMP_MATCH
-#define LDAP_DYNAMIC_OBJECTS
 #define LDAP_SYNC_TIMESTAMP
-#define LDAP_COLLECTIVE_ATTRIBUTES
-#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
+#endif
 
-#define SLAP_ORDERED_PRETTYNORM
-#define SLAP_AUTHZ_SYNTAX
+#define LDAP_DYNAMIC_OBJECTS
+#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
 
 #ifdef ENABLE_REWRITE
 #define SLAP_AUTH_REWRITE	1 /* use librewrite for sasl-regexp */
 #endif
-#endif
-
-#if defined(LDAP_SLAPI) && !defined(SLAP_OVERLAY_ACCESS)
-#define SLAP_OVERLAY_ACCESS
-#endif
 
 /*
  * SLAPD Memory allocation macros
@@ -1520,6 +1510,19 @@ typedef struct slap_bindconf {
 	struct berval sb_realm;
 	struct berval sb_authcId;
 	struct berval sb_authzId;
+#ifdef HAVE_TLS
+	void *sb_tls_ctx;
+	char *sb_tls_cert;
+	char *sb_tls_key;
+	char *sb_tls_cacert;
+	char *sb_tls_cacertdir;
+	char *sb_tls_reqcert;
+	char *sb_tls_cipher_suite;
+#ifdef HAVE_OPENSSL_CRL
+	char *sb_tls_crlcheck;
+#endif
+	int sb_tls_do_init;
+#endif
 } slap_bindconf;
 
 struct slap_replica_info {
@@ -1666,8 +1669,7 @@ struct slap_backend_db {
 
 /*
  * define to honor hasSubordinates operational attribute in search filters
- * (in previous use there was a flaw with back-bdb and back-ldbm; now it 
- * is fixed).
+ * (in previous use there was a flaw with back-bdb; now it is fixed).
  */
 #define		be_has_subordinates bd_info->bi_has_subordinates
 
@@ -1970,8 +1972,17 @@ typedef struct slap_rep {
 #define REP_ENTRY_MODIFIABLE	0x0001U
 #define REP_ENTRY_MUSTBEFREED	0x0002U
 #define REP_ENTRY_MUSTRELEASE	0x0004U
+#define	REP_ENTRY_MASK		(REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED|REP_ENTRY_MUSTRELEASE)
+
 #define REP_MATCHED_MUSTBEFREED	0x0010U
-#define REP_REF_MUSTBEFREED		0x0020U
+#define	REP_MATCHED_MASK	(REP_MATCHED_MUSTBEFREED)
+
+#define REP_REF_MUSTBEFREED	0x0020U
+#define REP_REF_MASK		(REP_REF_MUSTBEFREED)
+
+#define	REP_NO_ENTRYDN		0x1000U
+#define	REP_NO_SUBSCHEMA	0x2000U
+#define	REP_NO_OPERATIONALS	(REP_NO_ENTRYDN|REP_NO_SUBSCHEMA)
 } SlapReply;
 
 /* short hands for response members */
@@ -2006,7 +2017,6 @@ typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
 typedef int (BI_operational) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
 typedef int (BI_has_subordinates) LDAP_P(( struct slap_op *op,
 	Entry *e, int *hasSubs ));
-#ifdef SLAP_OVERLAY_ACCESS
 typedef int (BI_access_allowed) LDAP_P(( struct slap_op *op, Entry *e,
 	AttributeDescription *desc, struct berval *val, slap_access_t access,
 	AccessControlState *state, slap_mask_t *maskp ));
@@ -2016,7 +2026,6 @@ typedef int (BI_acl_group) LDAP_P(( struct slap_op *op, Entry *target,
 typedef int (BI_acl_attribute) LDAP_P(( struct slap_op *op, Entry *target,
 	struct berval *entry_ndn, AttributeDescription *entry_at,
 	BerVarray *vals, slap_access_t access ));
-#endif /* SLAP_OVERLAY_ACCESS */
 
 typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, struct slap_conn *c ));
 typedef BI_conn_func BI_connection_init;
@@ -2115,11 +2124,9 @@ struct slap_backend_info {
 	BI_entry_release_rw	*bi_entry_release_rw;
 
 	BI_has_subordinates	*bi_has_subordinates;
-#ifdef SLAP_OVERLAY_ACCESS
 	BI_access_allowed	*bi_access_allowed;
 	BI_acl_group		*bi_acl_group;
 	BI_acl_attribute	*bi_acl_attribute;
-#endif /* SLAP_OVERLAY_ACCESS */
 
 	BI_connection_init	*bi_connection_init;
 	BI_connection_destroy	*bi_connection_destroy;
@@ -2674,20 +2681,27 @@ typedef struct slap_conn {
 	SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
 } Connection;
 
-#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
+#ifdef LDAP_DEBUG
+#ifdef LDAP_SYSLOG
+#ifdef LOG_LOCAL4
+#define SLAP_DEFAULT_SYSLOG_USER	LOG_LOCAL4
+#endif /* LOG_LOCAL4 */
+
 #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )	\
 	Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
 #define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level))
-#elif defined(LDAP_DEBUG)
+#else /* !LDAP_SYSLOG */
 #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )	\
 	do { \
 		if ( ldap_debug & (level) ) \
 			fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
 	} while (0)
 #define StatslogTest( level ) (ldap_debug & (level))
-#else
+#endif /* !LDAP_SYSLOG */
+#else /* !LDAP_DEBUG */
+#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) ((void) 0)
 #define StatslogTest( level ) (0)
-#endif
+#endif /* !LDAP_DEBUG */
 
 /*
  * listener; need to access it from monitor backend