X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=bb611b8fc88e4b46b510aaba2365aee8b2739620;hb=8558b8808e7e8deba617908eed99a8213f1bc405;hp=c965f984d330fd9f1a44ced96dccf3d8eb24f505;hpb=5c4a924f811d830d55057ffb442ed1405ce7477f;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index c965f984d3..bb611b8fc8 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -34,6 +35,8 @@ #include "ldap_pvt_thread.h" #include "ldap_queue.h" +#define SLAP_EXTENDED_SCHEMA 1 + LDAP_BEGIN_DECL /* * SLAPD Memory allocation macros @@ -163,6 +166,7 @@ typedef struct slap_ssf_set { slap_ssf_t sss_update_transport; slap_ssf_t sss_update_tls; slap_ssf_t sss_update_sasl; + slap_ssf_t sss_simple_bind; } slap_ssf_set_t; /* @@ -210,36 +214,50 @@ typedef struct slap_ssf_set { #define SLAP_INDEX_SUBSTR_FINAL_PREFIX '$' #define SLAP_INDEX_CONT_PREFIX '.' /* prefix for continuation keys */ -#define SLAP_SYNTAX_MATCHINGRULES_OID "1.3.6.1.4.1.1466.115.121.1.30" -#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3" -#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37" +#define SLAP_SYNTAX_MATCHINGRULES_OID "1.3.6.1.4.1.1466.115.121.1.30" +#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3" +#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37" +#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31" +#define SLAP_SYNTAX_CONTENTRULE_OID "1.3.6.1.4.1.1466.115.121.1.16" + +#ifdef LDAP_CLIENT_UPDATE +#define LCUP_COOKIE_OID "1.3.6.1.4.1.4203.666.10.1" +#endif /* LDAP_CLIENT_UPDATE */ /* * represents schema information for a database */ -#define SLAP_SCHERR_OUTOFMEM 1 -#define SLAP_SCHERR_CLASS_NOT_FOUND 2 -#define SLAP_SCHERR_CLASS_BAD_USAGE 3 -#define SLAP_SCHERR_ATTR_NOT_FOUND 4 -#define SLAP_SCHERR_ATTR_BAD_USAGE 5 -#define SLAP_SCHERR_DUP_CLASS 6 -#define SLAP_SCHERR_DUP_ATTR 7 -#define SLAP_SCHERR_DUP_SYNTAX 8 -#define SLAP_SCHERR_DUP_RULE 9 -#define SLAP_SCHERR_NO_NAME 10 -#define SLAP_SCHERR_ATTR_INCOMPLETE 11 -#define SLAP_SCHERR_MR_NOT_FOUND 12 -#define SLAP_SCHERR_SYN_NOT_FOUND 13 -#define SLAP_SCHERR_MR_INCOMPLETE 14 -#define SLAP_SCHERR_NOT_SUPPORTED 15 -#define SLAP_SCHERR_BAD_DESCR 16 -#define SLAP_SCHERR_OIDM 17 -#define SLAP_SCHERR_LAST SLAP_SCHERR_OIDM +#define SLAP_SCHERR_OUTOFMEM 1 +#define SLAP_SCHERR_CLASS_NOT_FOUND 2 +#define SLAP_SCHERR_CLASS_BAD_USAGE 3 +#define SLAP_SCHERR_CLASS_BAD_SUP 4 +#define SLAP_SCHERR_CLASS_DUP 5 +#define SLAP_SCHERR_ATTR_NOT_FOUND 6 +#define SLAP_SCHERR_ATTR_BAD_MR 7 +#define SLAP_SCHERR_ATTR_BAD_USAGE 8 +#define SLAP_SCHERR_ATTR_BAD_SUP 9 +#define SLAP_SCHERR_ATTR_INCOMPLETE 10 +#define SLAP_SCHERR_ATTR_DUP 11 +#define SLAP_SCHERR_MR_NOT_FOUND 12 +#define SLAP_SCHERR_MR_INCOMPLETE 13 +#define SLAP_SCHERR_MR_DUP 14 +#define SLAP_SCHERR_SYN_NOT_FOUND 15 +#define SLAP_SCHERR_SYN_DUP 16 +#define SLAP_SCHERR_NO_NAME 17 +#define SLAP_SCHERR_NOT_SUPPORTED 18 +#define SLAP_SCHERR_BAD_DESCR 19 +#define SLAP_SCHERR_OIDM 20 +#define SLAP_SCHERR_CR_DUP 21 +#define SLAP_SCHERR_CR_BAD_STRUCT 22 +#define SLAP_SCHERR_CR_BAD_AUX 23 +#define SLAP_SCHERR_CR_BAD_AT 24 +#define SLAP_SCHERR_LAST SLAP_SCHERR_CR_BAD_AT typedef union slap_sockaddr { struct sockaddr sa_addr; struct sockaddr_in sa_in_addr; #ifdef LDAP_PF_INET6 + struct sockaddr_storage sa_storage; struct sockaddr_in6 sa_in6_addr; #endif #ifdef LDAP_PF_LOCAL @@ -247,6 +265,10 @@ typedef union slap_sockaddr { #endif } Sockaddr; +#ifdef LDAP_PF_INET6 +extern int slap_inet4or6; +#endif + typedef struct slap_oid_macro { struct berval som_oid; char **som_names; @@ -271,7 +293,16 @@ typedef struct slap_syntax { #define ssyn_oid ssyn_syn.syn_oid #define ssyn_desc ssyn_syn.syn_desc #define ssyn_extensions ssyn_syn.syn_extensions + /* + * Note: the former ber_len_t ssyn_oidlen; + * has been replaced by a struct berval that uses the value + * provided by ssyn_syn.syn_oid; a macro that expands to + * the bv_len field of the berval is provided for backward + * compatibility. CAUTION: NEVER FREE THE BERVAL + */ + struct berval ssyn_bvoid; +#define ssyn_oidlen ssyn_bvoid.bv_len unsigned int ssyn_flags; @@ -300,6 +331,18 @@ typedef struct slap_syntax { #define slap_syntax_is_ber(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BER) #define slap_syntax_is_hidden(s) slap_syntax_is_flag((s),SLAP_SYNTAX_HIDE) +typedef struct slap_syntax_defs_rec { + char *sd_desc; + int sd_flags; + slap_syntax_validate_func *sd_validate; + slap_syntax_transform_func *sd_normalize; + slap_syntax_transform_func *sd_pretty; +#ifdef SLAPD_BINARY_CONVERSION + slap_syntax_transform_func *sd_ber2str; + slap_syntax_transform_func *sd_str2ber; +#endif +} slap_syntax_defs_rec; + /* X -> Y Converter */ typedef int slap_mr_convert_func LDAP_P(( struct berval * in, @@ -342,9 +385,24 @@ typedef int slap_mr_filter_func LDAP_P(( void * assertValue, BerVarray *keys )); +typedef struct slap_matching_rule_use MatchingRuleUse; + typedef struct slap_matching_rule { LDAPMatchingRule smr_mrule; - ber_len_t smr_oidlen; + MatchingRuleUse *smr_mru; + /* RFC2252 string representation */ + struct berval smr_str; + /* + * Note: the former + ber_len_t smr_oidlen; + * has been replaced by a struct berval that uses the value + * provided by smr_mrule.mr_oid; a macro that expands to + * the bv_len field of the berval is provided for backward + * compatibility. CAUTION: NEVER FREE THE BERVAL + */ + struct berval smr_bvoid; +#define smr_oidlen smr_bvoid.bv_len + slap_mask_t smr_usage; #define SLAP_MR_HIDE 0x8000U @@ -357,7 +415,7 @@ typedef struct slap_matching_rule { #define SLAP_MR_EQUALITY 0x0100U #define SLAP_MR_ORDERING 0x0200U #define SLAP_MR_SUBSTR 0x0400U -#define SLAP_MR_EXT 0x0800U +#define SLAP_MR_EXT 0x0800U /* implicitly extensible */ #define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U ) #define SLAP_MR_DN_FOLD 0x0008U @@ -396,6 +454,13 @@ typedef struct slap_matching_rule { slap_mr_indexer_func *smr_indexer; slap_mr_filter_func *smr_filter; + /* + * null terminated list of syntaxes compatible with this syntax + * note: when MS_EXT is set, this MUST NOT contain the assertion + * syntax of the rule. When MS_EXT is not set, it MAY. + */ + Syntax **smr_compat_syntaxes; + struct slap_matching_rule *smr_associated; struct slap_matching_rule *smr_next; @@ -407,6 +472,36 @@ typedef struct slap_matching_rule { #define smr_extensions smr_mrule.mr_extensions } MatchingRule; +struct slap_matching_rule_use { + LDAPMatchingRuleUse smru_mruleuse; + MatchingRule *smru_mr; + /* RFC2252 string representation */ + struct berval smru_str; + + struct slap_matching_rule_use *smru_next; + +#define smru_oid smru_mruleuse.mru_oid +#define smru_names smru_mruleuse.mru_names +#define smru_desc smru_mruleuse.mru_desc +#define smru_obsolete smru_mruleuse.mru_obsolete +#define smru_applies_oids smru_mruleuse.mru_applies_oids + +#define smru_usage smru_mr->smr_usage +} /* MatchingRuleUse */ ; + +typedef struct slap_mrule_defs_rec { + char * mrd_desc; + slap_mask_t mrd_usage; + char ** mrd_compat_syntaxes; + slap_mr_convert_func * mrd_convert; + slap_mr_normalize_func * mrd_normalize; + slap_mr_match_func * mrd_match; + slap_mr_indexer_func * mrd_indexer; + slap_mr_filter_func * mrd_filter; + + char * mrd_associated; +} slap_mrule_defs_rec; + struct slap_backend_db; struct slap_entry; struct slap_attr; @@ -430,6 +525,11 @@ typedef struct slap_attribute_type { Syntax *sat_syntax; AttributeTypeSchemaCheckFN *sat_check; + +#define SLAP_AT_NONE 0x0000U +#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */ +#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */ +#define SLAP_AT_HIDE 0x8000U /* hide attribute */ slap_mask_t sat_flags; struct slap_attribute_type *sat_next; @@ -469,7 +569,8 @@ typedef int (ObjectClassSchemaCheckFN)( char *textbuf, size_t textlen ); typedef struct slap_object_class { - LDAPObjectClass soc_oclass; + LDAPObjectClass soc_oclass; + struct berval soc_cname; struct slap_object_class **soc_sups; AttributeType **soc_required; AttributeType **soc_allowed; @@ -488,15 +589,16 @@ typedef struct slap_object_class { struct slap_object_class *soc_next; } ObjectClass; -#define SLAP_OC_ALIAS 0x01 -#define SLAP_OC_REFERRAL 0x02 -#define SLAP_OC_SUBENTRY 0x04 -#define SLAP_OC_DYNAMICOBJECT 0x08 -#define SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY 0x10 -#define SLAP_OC__MASK 0x1F -#define SLAP_OC__END 0x20 +#define SLAP_OC_ALIAS 0x0001 +#define SLAP_OC_REFERRAL 0x0002 +#define SLAP_OC_SUBENTRY 0x0004 +#define SLAP_OC_DYNAMICOBJECT 0x0008 +#define SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY 0x0010 +#define SLAP_OC__MASK 0x001F +#define SLAP_OC__END 0x0020 +#define SLAP_OC_OPERATIONAL 0x4000 +#define SLAP_OC_HIDE 0x8000 -#ifdef LDAP_EXTENDED_SCHEMA /* * DIT content rule */ @@ -507,16 +609,17 @@ typedef struct slap_content_rule { AttributeType **scr_required; /* optional */ AttributeType **scr_allowed; /* optional */ AttributeType **scr_precluded; /* optional */ -#define scr_oid scr_crule.cr_oid -#define scr_names scr_crule.cr_names -#define scr_desc scr_crule.cr_desc -#define scr_obsolete soc_oclass.cr_obsolete -#define scr_cr_oids_aux soc_oclass.cr_oc_oids_aux -#define scr_cr_oids_must soc_oclass.cr_at_oids_must -#define scr_cr_oids_may soc_oclass.cr_at_oids_may -#define scr_cr_oids_not soc_oclass.cr_at_oids_not +#define scr_oid scr_crule.cr_oid +#define scr_names scr_crule.cr_names +#define scr_desc scr_crule.cr_desc +#define scr_obsolete scr_crule.cr_obsolete +#define scr_oc_oids_aux scr_crule.cr_oc_oids_aux +#define scr_at_oids_must scr_crule.cr_at_oids_must +#define scr_at_oids_may scr_crule.cr_at_oids_may +#define scr_at_oids_not scr_crule.cr_at_oids_not + + struct slap_content_rule *scr_next; } ContentRule; -#endif /* * represents a recognized attribute description ( type + options ) @@ -584,6 +687,7 @@ struct slap_internal_schema { AttributeDescription *si_ad_supportedLDAPVersion; AttributeDescription *si_ad_supportedSASLMechanisms; AttributeDescription *si_ad_supportedFeatures; + AttributeDescription *si_ad_monitorContext; AttributeDescription *si_ad_vendorName; AttributeDescription *si_ad_vendorVersion; @@ -608,6 +712,8 @@ struct slap_internal_schema { /* Access Control Internals */ AttributeDescription *si_ad_entry; AttributeDescription *si_ad_children; + AttributeDescription *si_ad_saslAuthzTo; + AttributeDescription *si_ad_saslAuthzFrom; #ifdef SLAPD_ACI_ENABLED AttributeDescription *si_ad_aci; #endif @@ -722,6 +828,32 @@ typedef struct slap_filter { /* compare routines can return undefined */ #define SLAPD_COMPARE_UNDEFINED ((ber_int_t) -1) +typedef struct slap_valuesreturnfilter { + ber_tag_t f_choice; + + union vrf_un_u { + /* precomputed result */ + ber_int_t f_un_result; + + /* DN */ + char *f_un_dn; + + /* present */ + AttributeDescription *f_un_desc; + + /* simple value assertion */ + AttributeAssertion *f_un_ava; + + /* substring assertion */ + SubstringsAssertion *f_un_ssa; + + /* matching rule assertion */ + MatchingRuleAssertion *f_un_mra; + } f_un; + + struct slap_valuesreturnfilter *f_next; +} ValuesReturnFilter; + /* * represents an attribute (description + values) */ @@ -1007,7 +1139,7 @@ LDAP_SLAPD_V (int) slapMode; struct slap_replica_info { char *ri_host; /* supersedes be_replica */ - struct berval **ri_nsuffix; /* array of suffixes this replica accepts */ + BerVarray ri_nsuffix; /* array of suffixes this replica accepts */ AttributeName *ri_attrs; /* attrs to replicate, NULL=all */ int ri_exclude; /* 1 => exclude ri_attrs */ }; @@ -1034,6 +1166,7 @@ struct slap_limits { #define SLAP_LIMITS_REGEX 0x0005 #define SLAP_LIMITS_ANONYMOUS 0x0006 #define SLAP_LIMITS_USERS 0x0007 +#define SLAP_LIMITS_ANY 0x0008 regex_t lm_dn_regex; /* regex data for REGEX */ /* @@ -1118,7 +1251,7 @@ struct slap_backend_db { #define SLAP_RESTRICT_OP_SEARCH 0x0080U #define SLAP_RESTRICT_OP_READS \ - ( SLAP_RESTRICT_OP_COMPARE \ + ( SLAP_RESTRICT_OP_COMPARE \ | SLAP_RESTRICT_OP_SEARCH ) #define SLAP_RESTRICT_OP_WRITES \ ( SLAP_RESTRICT_OP_ADD \ @@ -1128,15 +1261,21 @@ struct slap_backend_db { #define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */ #define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */ -#define SLAP_ALLOW_BIND_ANON_DN 0x0003U /* dn should be empty */ +#define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */ + +#define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */ #define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */ #define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */ -#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */ +#define SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED \ + 0x0004U /* unprotected simple auth */ +#define SLAP_DISALLOW_BIND_KRBV4 0x0008U /* Kerberos V4 authentication */ #define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */ #define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */ +#define SLAP_DISALLOW_AUX_WO_CR 0x4000U + slap_mask_t be_requires; /* pre-operation requirements */ #define SLAP_REQUIRE_BIND 0x0001U /* bind before op */ #define SLAP_REQUIRE_LDAP_V3 0x0002U /* LDAPv3 before op */ @@ -1148,13 +1287,15 @@ struct slap_backend_db { slap_ssf_set_t be_ssf_set; /* these should be renamed from be_ to bd_ */ - struct berval **be_suffix; /* the DN suffixes of data in this backend */ - struct berval **be_nsuffix; /* the normalized DN suffixes in this backend */ - struct berval **be_suffixAlias; /* pairs of DN suffix aliases and deref values */ + BerVarray be_suffix; /* the DN suffixes of data in this backend */ + BerVarray be_nsuffix; /* the normalized DN suffixes in this backend */ + BerVarray be_suffixAlias; /* pairs of DN suffix aliases and deref values */ + struct berval be_schemadn; /* per-backend subschema subentry DN */ + struct berval be_schemandn; /* normalized subschema DN */ struct berval be_rootdn; /* the magic "root" name (DN) for this db */ struct berval be_rootndn; /* the magic "root" normalized name (DN) for this db */ struct berval be_rootpw; /* the magic "root" password for this db */ - unsigned int be_max_deref_depth; /* limit for depth of an alias deref */ + unsigned int be_max_deref_depth; /* limit for depth of an alias deref */ #define be_sizelimit be_def_limit.lms_s_soft #define be_timelimit be_def_limit.lms_t_soft struct slap_limits_set be_def_limit; /* default limits */ @@ -1227,13 +1368,13 @@ typedef int (BI_op_abandon) LDAP_P((BackendDB *bd, ber_int_t msgid)); typedef int (BI_op_extended) LDAP_P(( - BackendDB *be, - struct slap_conn *conn, - struct slap_op *op, + BackendDB *be, + struct slap_conn *conn, + struct slap_op *op, const char *reqoid, - struct berval * reqdata, + struct berval * reqdata, char **rspoid, - struct berval ** rspdata, + struct berval ** rspdata, LDAPControl *** rspctrls, const char ** text, BerVarray *refs )); @@ -1428,12 +1569,46 @@ typedef struct slap_paged_state { ID ps_id; } PagedResultsState; + +#ifdef LDAP_CLIENT_UPDATE +#define LCUP_PSEARCH_BY_ADD 0x01 +#define LCUP_PSEARCH_BY_DELETE 0x02 +#define LCUP_PSEARCH_BY_PREMODIFY 0x03 +#define LCUP_PSEARCH_BY_MODIFY 0x04 +#define LCUP_PSEARCH_BY_SCOPEOUT 0x05 + +struct lcup_search_spec { + struct slap_op *op; + struct berval *base; + struct berval *nbase; + int scope; + int deref; + int slimit; + int tlimit; + Filter *filter; + struct berval *filterstr; + AttributeName *attrs; + int attrsonly; + struct lcup_entry *elist; + ldap_pvt_thread_mutex_t elist_mutex; + int entry_count; + LDAP_LIST_ENTRY(lcup_search_spec) link; +}; + +struct psid_entry { + struct lcup_search_spec* ps; + LDAP_LIST_ENTRY(psid_entry) link; +}; +#endif /* LDAP_CLIENT_UPDATE */ + + /* * represents an operation pending from an ldap client */ typedef struct slap_op { unsigned long o_opid; /* id of this operation */ unsigned long o_connid; /* id of conn initiating this op */ + struct slap_conn *o_conn; /* connection spawning this op */ ber_int_t o_msgid; /* msgid of the request */ ber_int_t o_protocol; /* version of the LDAP protocol used by client */ @@ -1442,8 +1617,9 @@ typedef struct slap_op { ldap_pvt_thread_t o_tid; /* thread handling this op */ - ldap_pvt_thread_mutex_t o_abandonmutex; /* protects o_abandon */ - char o_abandon; /* abandon flag */ + volatile sig_atomic_t o_abandon; /* abandon flag */ + + char o_do_not_cache; /* don't cache from this op */ #define SLAP_NO_CONTROL 0 #define SLAP_NONCRITICAL_CONTROL 1 @@ -1452,11 +1628,26 @@ typedef struct slap_op { char o_noop; char o_subentries; char o_subentries_visibility; + char o_valuesreturnfilter; char o_pagedresults; ber_int_t o_pagedresults_size; PagedResultsState o_pagedresults_state; +#ifdef LDAP_CLIENT_UPDATE + char o_clientupdate; + char o_clientupdate_type; +#define SLAP_LCUP_NONE (0x0) +#define SLAP_LCUP_SYNC (0x1) +#define SLAP_LCUP_PERSIST (0x2) +#define SLAP_LCUP_SYNC_AND_PERSIST (0x3) + ber_int_t o_clientupdate_interval; + struct berval o_clientupdate_state; + LDAP_LIST_HEAD(lss, lcup_search_spec) psearch_spec; + LDAP_LIST_HEAD(pe, psid_entry) premodify_list; + LDAP_LIST_ENTRY(slap_op) link; +#endif /* LDAP_CLIENT_UPDATE */ + #ifdef LDAP_CONNECTIONLESS Sockaddr o_peeraddr; /* UDP peer address */ #endif @@ -1466,9 +1657,11 @@ typedef struct slap_op { slap_callback *o_callback; /* callback pointers */ LDAPControl **o_ctrls; /* controls */ + void *o_threadctx; /* thread pool thread context */ void *o_private; /* anything the backend needs */ LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */ + ValuesReturnFilter *vrFilter; /* Structure represents ValuesReturnFilter */ } Operation; #define get_manageDSAit(op) ((int)(op)->o_managedsait) @@ -1488,6 +1681,8 @@ typedef struct slap_gacl { char ga_ndn[1]; } GroupAssertion; +typedef struct slap_listener Listener; + /* * represents a connection from an ldap client */ @@ -1503,15 +1698,16 @@ typedef struct slap_conn { time_t c_activitytime; /* when the connection was last used */ unsigned long c_connid; /* id of this connection for stats*/ - struct berval c_listener_url; /* listener URL */ struct berval c_peer_domain; /* DNS name of client */ struct berval c_peer_name; /* peer name (trans=addr:port) */ - struct berval c_sock_name; /* sock name (trans=addr:port) */ + Listener *c_listener; +#define c_listener_url c_listener->sl_url /* listener URL */ +#define c_sock_name c_listener->sl_name /* sock name (trans=addr:port) */ /* only can be changed by binding thread */ int c_sasl_bind_in_progress; /* multi-op bind in progress */ struct berval c_sasl_bind_mech; /* mech in progress */ - struct berval c_cdn; + struct berval c_sasl_dn; /* temporary storage */ /* authorization backend */ Backend *c_authz_backend; @@ -1540,6 +1736,7 @@ typedef struct slap_conn { int c_sasl_layers; /* true if we need to install SASL i/o handlers */ void *c_sasl_context; /* SASL session context */ void *c_sasl_extra; /* SASL session extra stuff */ + struct slap_op *c_sasl_bindop; /* set to current op if it's a bind */ PagedResultsState c_pagedresults_state; /* paged result state */ @@ -1560,31 +1757,19 @@ typedef struct slap_conn { fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\ if ( ldap_syslog & (level) ) \ syslog( ldap_syslog_level, (fmt), (connid), (opid), (arg1), \ - (arg2), (arg3) ); \ + (arg2), (arg3) ); \ } while (0) #else #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) #endif - -#define SASLREGEX_REPLACE 10 -#define SASL_AUTHZ_SOURCE_ATTR "saslAuthzTo" -#define SASL_AUTHZ_DEST_ATTR "saslAuthzFrom" - -typedef struct sasl_regexp { - char *sr_match; /* regexp match pattern */ - char *sr_replace; /* regexp replace pattern */ - regex_t sr_workspace; /* workspace for regexp engine */ - regmatch_t sr_strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */ - int sr_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */ -} SaslRegexp_t; - /* * listener; need to access it from monitor backend */ -typedef struct slap_listener { - char* sl_url; - char* sl_name; +struct slap_listener { + struct berval sl_url; + struct berval sl_name; + mode_t sl_perms; #ifdef HAVE_TLS int sl_is_tls; #endif @@ -1594,7 +1779,7 @@ typedef struct slap_listener { ber_socket_t sl_sd; Sockaddr sl_sa; #define sl_addr sl_sa.sa_in_addr -} Listener; +}; #ifdef SLAPD_MONITOR /* @@ -1615,6 +1800,22 @@ enum { }; #endif /* SLAPD_MONITOR */ +/* + * Better know these all around slapd + */ +#define SLAP_LDAPDN_PRETTY 0x1 +#define SLAP_LDAPDN_MAXLEN 8192 + +/* + * Macros for LCUP + */ +#ifdef LDAP_CLIENT_UPDATE +#define SLAP_LCUP_STATE_UPDATE_TRUE 1 +#define SLAP_LCUP_STATE_UPDATE_FALSE 0 +#define SLAP_LCUP_ENTRY_DELETED_TRUE 1 +#define SLAP_LCUP_ENTRY_DELETED_FALSE 0 +#endif /* LDAP_CLIENT_UPDATE */ + LDAP_END_DECL #include "proto-slap.h"