X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=f46d69e69d70492635a2e00d01b57ba2bf9a17a5;hb=fa1f4d3c38b332fc5faf6d84911df2618ce9af09;hp=c83c35b48414fd8fc5248691f050672c2a99c338;hpb=1c0f49dda306f8a860a3ec029bf770e3dd03f9bc;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index c83c35b484..f46d69e69d 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1998-2005 The OpenLDAP Foundation. + * Copyright 1998-2006 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -58,7 +58,6 @@ LDAP_BEGIN_DECL - #ifdef LDAP_DEVEL #define SLAP_LIGHTWEIGHT_DISPATCHER /* experimental slapd architecture */ #define SLAP_MULTI_CONN_ARRAY @@ -68,13 +67,11 @@ LDAP_BEGIN_DECL #define SLAP_ACL_HONOR_DISCLOSE /* partially implemented */ #define SLAP_ACL_HONOR_MANAGE /* not yet implemented */ -#define SLAP_DYNACL #define SLAP_OVERLAY_ACCESS #define LDAP_COMP_MATCH #define LDAP_DYNAMIC_OBJECTS #define LDAP_SYNC_TIMESTAMP #define LDAP_COLLECTIVE_ATTRIBUTES -#define SLAPD_CONF_UNKNOWN_BAILOUT #define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE #define SLAP_ORDERED_PRETTYNORM @@ -89,17 +86,6 @@ LDAP_BEGIN_DECL #define SLAP_OVERLAY_ACCESS #endif -/* - * ITS#3705: bail out if unknown config directives appear in slapd.conf - */ -#ifdef SLAPD_CONF_UNKNOWN_BAILOUT -#define SLAPD_CONF_UNKNOWN_IGNORED "" -#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_ANY -#else /* ! SLAPD_CONF_UNKNOWN_BAILOUT */ -#define SLAPD_CONF_UNKNOWN_IGNORED " (ignored)" -#define SLAPD_DEBUG_CONFIG_ERROR LDAP_DEBUG_CONFIG -#endif /* ! SLAPD_CONF_UNKNOWN_BAILOUT */ - /* * SLAPD Memory allocation macros * @@ -212,13 +198,6 @@ LDAP_BEGIN_DECL #define SLAPD_ROLE_ATTR "roleOccupant" #define SLAPD_ROLE_CLASS "organizationalRole" -#ifdef SLAPD_ACI_ENABLED -#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1" -#endif /* SLAPD_ACI_ENABLED */ - -/* change this to "OpenLDAPset" */ -#define SLAPD_ACI_SET_ATTR "template" - #define SLAPD_TOP_OID "2.5.6.0" LDAP_SLAPD_V (int) slap_debug; @@ -1215,7 +1194,7 @@ typedef enum slap_access_e { ACL_COMPARE, ACL_SEARCH, ACL_READ, - ACL_WRITE, + ACL_WRITE_, ACL_MANAGE, /* always leave at end of levels but not greater than ACL_LEVEL_MASK */ @@ -1230,8 +1209,10 @@ typedef enum slap_access_e { ACL_QUALIFIER_MASK = 0x0f00, /* write granularity */ - ACL_WADD = ACL_WRITE|ACL_QUALIFIER1, - ACL_WDEL = ACL_WRITE|ACL_QUALIFIER2 + ACL_WADD = ACL_WRITE_|ACL_QUALIFIER1, + ACL_WDEL = ACL_WRITE_|ACL_QUALIFIER2, + + ACL_WRITE = ACL_WADD|ACL_WDEL } slap_access_t; typedef enum slap_control_e { @@ -1439,16 +1420,6 @@ typedef struct slap_access { #ifdef SLAP_DYNACL slap_dynacl_t *a_dynacl; -#else /* ! SLAP_DYNACL */ -#ifdef SLAPD_ACI_ENABLED - /* NOTE: ACIs have been moved under the "dynacl" interface, - * which is currently built only when LDAP_DEVEL is defined. - * - * In any case, SLAPD_ACI_ENABLED, set by --enable-aci, - * is required to enable ACI support. - */ - AttributeDescription *a_aci_at; -#endif /* SLAPD_ACI_ENABLED */ #endif /* SLAP_DYNACL */ /* ACL Groups */ @@ -1479,12 +1450,15 @@ typedef struct slap_acl { struct slap_acl *acl_next; } AccessControl; +typedef enum { + ACL_STATE_NOT_RECORDED = 0x0, + ACL_STATE_RECORDED_VD = 0x1, + ACL_STATE_RECORDED_NV = 0x2, + ACL_STATE_RECORDED = ( ACL_STATE_RECORDED_VD | ACL_STATE_RECORDED_NV ) +} slap_acl_state_t; + typedef struct slap_acl_state { - unsigned as_recorded; -#define ACL_STATE_NOT_RECORDED 0x0 -#define ACL_STATE_RECORDED_VD 0x1 -#define ACL_STATE_RECORDED_NV 0x2 -#define ACL_STATE_RECORDED 0x3 + slap_acl_state_t as_recorded; /* Access state */ AccessControl *as_vd_acl; @@ -1502,14 +1476,6 @@ typedef struct slap_acl_state { #define ACL_STATE_INIT { ACL_STATE_NOT_RECORDED, NULL, NULL, 0UL, \ { { 0, 0 } }, 0, NULL, 0, 0, NULL } -#ifdef SLAPD_ACI_ENABLED -typedef enum slap_aci_scope_t { - SLAP_ACI_SCOPE_ENTRY = 0x1, - SLAP_ACI_SCOPE_CHILDREN = 0x2, - SLAP_ACI_SCOPE_SUBTREE = ( SLAP_ACI_SCOPE_ENTRY | SLAP_ACI_SCOPE_CHILDREN ) -} slap_aci_scope_t; -#endif /* SLAPD_ACI_ENABLED */ - /* * Backend-info * represents a backend @@ -1536,6 +1502,7 @@ LDAP_SLAPD_V (int) slapMode; #define SLAP_TOOL_READMAIN 0x0200 #define SLAP_TOOL_READONLY 0x0400 #define SLAP_TOOL_QUICK 0x0800 +#define SLAP_TOOL_NO_SCHEMA_CHECK 0x1000 #define SB_TLS_DEFAULT (-1) #define SB_TLS_OFF 0 @@ -1735,7 +1702,9 @@ struct slap_backend_db { #define SLAP_DBFLAG_GLUE_ADVERTISE 0x0080U /* advertise in rootDSE */ #define SLAP_DBFLAG_OVERLAY 0x0100U /* this db struct is an overlay */ #define SLAP_DBFLAG_GLOBAL_OVERLAY 0x0200U /* this db struct is a global overlay */ +#define SLAP_DBFLAG_DYNAMIC 0x0400U /* this db allows dynamicObjects */ #define SLAP_DBFLAG_SHADOW 0x8000U /* a shadow */ +#define SLAP_DBFLAG_SINGLE_SHADOW 0x4000U /* a single-master shadow */ #define SLAP_DBFLAG_SYNC_SHADOW 0x1000U /* a sync shadow */ #define SLAP_DBFLAG_SLURP_SHADOW 0x2000U /* a slurp shadow */ slap_mask_t be_flags; @@ -1757,6 +1726,8 @@ struct slap_backend_db { #define SLAP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SHADOW) #define SLAP_SYNC_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SYNC_SHADOW) #define SLAP_SLURP_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SLURP_SHADOW) +#define SLAP_SINGLE_SHADOW(be) (SLAP_DBFLAGS(be) & SLAP_DBFLAG_SINGLE_SHADOW) +#define SLAP_MULTIMASTER(be) (!SLAP_SINGLE_SHADOW(be)) slap_mask_t be_restrictops; /* restriction operations */ #define SLAP_RESTRICT_OP_ADD 0x0001U @@ -1791,11 +1762,12 @@ struct slap_backend_db { | SLAP_RESTRICT_OP_BIND \ | SLAP_RESTRICT_OP_EXTENDED ) -#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */ +#define SLAP_ALLOW_BIND_V2 0x0001U /* LDAPv2 bind */ #define SLAP_ALLOW_BIND_ANON_CRED 0x0002U /* cred should be empty */ #define SLAP_ALLOW_BIND_ANON_DN 0x0004U /* dn should be empty */ #define SLAP_ALLOW_UPDATE_ANON 0x0008U /* allow anonymous updates */ +#define SLAP_ALLOW_PROXY_AUTHZ_ANON 0x0010U /* allow anonymous proxyAuthz */ #define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */ #define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */ @@ -2179,6 +2151,12 @@ struct slap_backend_info { #define SLAP_BFLAG_SUBENTRIES 0x4000U #define SLAP_BFLAG_DYNAMIC 0x8000U +/* overlay specific */ +#define SLAPO_BFLAG_SINGLE 0x01000000U +#define SLAPO_BFLAG_DBONLY 0x02000000U +#define SLAPO_BFLAG_GLOBONLY 0x04000000U +#define SLAPO_BFLAG_MASK 0xFF000000U + #define SLAP_BFLAGS(be) ((be)->bd_info->bi_flags) #define SLAP_MONITOR(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_MONITOR) #define SLAP_CONFIG(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_CONFIG) @@ -2187,10 +2165,15 @@ struct slap_backend_info { #define SLAP_ALIASES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_ALIASES) #define SLAP_REFERRALS(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_REFERRALS) #define SLAP_SUBENTRIES(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_SUBENTRIES) -#define SLAP_DYNAMIC(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC) +#define SLAP_DYNAMIC(be) ((SLAP_BFLAGS(be) & SLAP_BFLAG_DYNAMIC) || (SLAP_DBFLAGS(be) & SLAP_DBFLAG_DYNAMIC)) #define SLAP_NOLASTMODCMD(be) (SLAP_BFLAGS(be) & SLAP_BFLAG_NOLASTMODCMD) #define SLAP_LASTMODCMD(be) (!SLAP_NOLASTMODCMD(be)) +/* overlay specific */ +#define SLAPO_SINGLE(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_SINGLE) +#define SLAPO_DBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_DBONLY) +#define SLAPO_GLOBONLY(be) (SLAP_BFLAGS(be) & SLAPO_BFLAG_GLOBONLY) + char **bi_controls; /* supported controls */ char bi_ctrls[SLAP_MAX_CIDS + 1]; @@ -2655,7 +2638,6 @@ typedef struct slap_conn { long c_n_read; /* num of read calls */ long c_n_write; /* num of write calls */ - void *c_pb; /* Netscape plugin */ void *c_extensions; /* Netscape plugin */ /* @@ -2677,75 +2659,10 @@ typedef struct slap_conn { } Connection; #if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG) -#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1) );\ - if ( ldap_syslog & (level) ) \ - syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \ - (arg1) ); \ - } while (0) -#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\ - if ( ldap_syslog & (level) ) \ - syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \ - (arg1), (arg2) ); \ - } while (0) -#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\ - if ( ldap_syslog & (level) ) \ - syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \ - (arg1), (arg2), (arg3) ); \ - } while (0) -#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\ - if ( ldap_syslog & (level) ) \ - syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \ - (arg1), (arg2), (arg3), (arg4) ); \ - } while (0) -#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\ - if ( ldap_syslog & (level) ) \ - syslog( LDAP_LEVEL_MASK((severity)), (fmt), (connid), (opid), \ - (arg1), (arg2), (arg3), (arg4), (arg5) ); \ - } while (0) #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \ - Statslog3( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) ) + Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) ) #define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level)) #elif defined(LDAP_DEBUG) -#define Statslog1( level, severity, fmt, connid, opid, arg1 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1) );\ - } while (0) -#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2) );\ - } while (0) -#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\ - } while (0) -#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4) );\ - } while (0) -#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) \ - do { \ - if ( ldap_debug & (level) ) \ - fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3), (arg4), (arg5) );\ - } while (0) #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \ do { \ if ( ldap_debug & (level) ) \ @@ -2753,12 +2670,6 @@ typedef struct slap_conn { } while (0) #define StatslogTest( level ) (ldap_debug & (level)) #else -#define Statslog1( level, severity, fmt, connid, opid, arg1 ) -#define Statslog2( level, severity, fmt, connid, opid, arg1, arg2 ) -#define Statslog3( level, severity, fmt, connid, opid, arg1, arg2, arg3 ) -#define Statslog4( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4 ) -#define Statslog5( level, severity, fmt, connid, opid, arg1, arg2, arg3, arg4, arg5 ) -#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) #define StatslogTest( level ) (0) #endif @@ -2858,6 +2769,8 @@ typedef int (SLAP_CTRL_PARSE_FN) LDAP_P(( SlapReply *rs, LDAPControl *ctrl )); +typedef int (*SLAP_ENTRY_INFO_FN) LDAP_P(( void *arg, Entry *e )); + #define SLAP_SLAB_SIZE (1024*1024) #define SLAP_SLAB_STACK 1 #define SLAP_SLAB_SOBLOCK 64