X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsyncrepl.c;h=914b0a0b996acdce4b24a1fe01f992b633341910;hb=7f14d39a9d3f43bf95cabc23e4c695df1acd2c97;hp=5986615852a1e09a9d3c0a04e229ebc1f678f220;hpb=37db80eadb3d51f98b60eaa85d6a4f0a256a4f54;p=openldap diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c index 5986615852..914b0a0b99 100644 --- a/servers/slapd/syncrepl.c +++ b/servers/slapd/syncrepl.c @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 2003-2004 The OpenLDAP Foundation. + * Copyright 2003-2007 The OpenLDAP Foundation. * Portions Copyright 2003 by IBM Corporation. * Portions Copyright 2003 by Howard Chu, Symas Corporation. * All rights reserved. @@ -23,22 +23,91 @@ #include #include -#include "ldap_pvt.h" #include "lutil.h" #include "slap.h" #include "lutil_ldap.h" +#include "config.h" + #include "ldap_rq.h" -#define SYNCREPL_STR "syncreplxxx" -#define CN_STR "cn=" +struct nonpresent_entry { + struct berval *npe_name; + struct berval *npe_nname; + LDAP_LIST_ENTRY(nonpresent_entry) npe_link; +}; -static const struct berval slap_syncrepl_bvc = BER_BVC(SYNCREPL_STR); -static const struct berval slap_syncrepl_cn_bvc = BER_BVC(CN_STR SYNCREPL_STR); +#define SYNCDATA_DEFAULT 0 /* entries are plain LDAP entries */ +#define SYNCDATA_ACCESSLOG 1 /* entries are accesslog format */ +#define SYNCDATA_CHANGELOG 2 /* entries are changelog format */ + +#define SYNCLOG_LOGGING 0 /* doing a log-based update */ +#define SYNCLOG_FALLBACK 1 /* doing a full refresh */ + +#define RETRYNUM_FOREVER (-1) /* retry forever */ +#define RETRYNUM_TAIL (-2) /* end of retrynum array */ +#define RETRYNUM_VALID(n) ((n) >= RETRYNUM_FOREVER) /* valid retrynum */ +#define RETRYNUM_FINITE(n) ((n) > RETRYNUM_FOREVER) /* not forever */ + +typedef struct syncinfo_s { + struct slap_backend_db *si_be; + struct re_s *si_re; + int si_rid; + slap_bindconf si_bindconf; + struct berval si_base; + struct berval si_logbase; + struct berval si_filterstr; + struct berval si_logfilterstr; + int si_scope; + int si_attrsonly; + char *si_anfile; + AttributeName *si_anlist; + AttributeName *si_exanlist; + char **si_attrs; + char **si_exattrs; + int si_allattrs; + int si_allopattrs; + int si_schemachecking; + int si_type; /* the active type */ + int si_ctype; /* the configured type */ + time_t si_interval; + time_t *si_retryinterval; + int *si_retrynum_init; + int *si_retrynum; + struct sync_cookie si_syncCookie; + int si_manageDSAit; + int si_slimit; + int si_tlimit; + int si_refreshDelete; + int si_refreshPresent; + int si_refreshDone; + int si_syncdata; + int si_logstate; + int si_conn_setup; + Avlnode *si_presentlist; + LDAP *si_ld; + LDAP_LIST_HEAD(np, nonpresent_entry) si_nonpresentlist; + ldap_pvt_thread_mutex_t si_mutex; +} syncinfo_t; static int syncuuid_cmp( const void *, const void * ); static void avl_ber_bvfree( void * ); -static void syncrepl_del_nonpresent( Operation *, syncinfo_t * ); +static void syncrepl_del_nonpresent( Operation *, syncinfo_t *, BerVarray, struct berval * ); +static int syncrepl_message_to_op( + syncinfo_t *, Operation *, LDAPMessage * ); +static int syncrepl_message_to_entry( + syncinfo_t *, Operation *, LDAPMessage *, + Modifications **, Entry **, int ); +static int syncrepl_entry( + syncinfo_t *, Operation*, Entry*, + Modifications**,int, struct berval*, + struct sync_cookie *, + struct berval * ); +static void syncrepl_updateCookie( + syncinfo_t *, Operation *, struct berval *, + struct sync_cookie * ); +static struct berval * slap_uuidstr_from_normalized( + struct berval *, struct berval *, void * ); /* callback functions */ static int dn_callback( struct slap_op *, struct slap_rep * ); @@ -47,13 +116,11 @@ static int null_callback( struct slap_op *, struct slap_rep * ); static AttributeDescription *sync_descs[4]; -struct runqueue_s syncrepl_rq; - -void +static void init_syncrepl(syncinfo_t *si) { - int i, j, k, n; - char **tmp; + int i, j, k, l, n; + char **attrs, **exattrs; if ( !sync_descs[0] ) { sync_descs[0] = slap_schema.si_ad_objectClass; @@ -62,56 +129,183 @@ init_syncrepl(syncinfo_t *si) sync_descs[3] = NULL; } - for ( n = 0; si->si_attrs[ n ] != NULL; n++ ) /* empty */; + if ( si->si_allattrs && si->si_allopattrs ) + attrs = NULL; + else + attrs = anlist2attrs( si->si_anlist ); + + if ( attrs ) { + if ( si->si_allattrs ) { + i = 0; + while ( attrs[i] ) { + if ( !is_at_operational( at_find( attrs[i] ))) { + for ( j = i; attrs[j] != NULL; j++ ) { + if ( j == i ) + ch_free( attrs[i] ); + attrs[j] = attrs[j+1]; + } + } else { + i++; + } + } + attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) ); + attrs[i] = ch_strdup("*"); + attrs[i + 1] = NULL; + + } else if ( si->si_allopattrs ) { + i = 0; + while ( attrs[i] ) { + if ( is_at_operational( at_find( attrs[i] ))) { + for ( j = i; attrs[j] != NULL; j++ ) { + if ( j == i ) + ch_free( attrs[i] ); + attrs[j] = attrs[j+1]; + } + } else { + i++; + } + } + attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) ); + attrs[i] = ch_strdup("+"); + attrs[i + 1] = NULL; + } - if ( n ) { - /* Delete Attributes */ for ( i = 0; sync_descs[i] != NULL; i++ ) { - for ( j = 0; si->si_attrs[j] != NULL; j++ ) { - if ( strcmp( si->si_attrs[j], sync_descs[i]->ad_cname.bv_val ) - == 0 ) - { - ch_free( si->si_attrs[j] ); - for ( k = j; si->si_attrs[k] != NULL; k++ ) { - si->si_attrs[k] = si->si_attrs[k+1]; + j = 0; + while ( attrs[j] ) { + if ( !strcmp( attrs[j], sync_descs[i]->ad_cname.bv_val )) { + for ( k = j; attrs[k] != NULL; k++ ) { + if ( k == j ) + ch_free( attrs[k] ); + attrs[k] = attrs[k+1]; } + } else { + j++; } } } - for ( n = 0; si->si_attrs[ n ] != NULL; n++ ) /* empty */; - tmp = ( char ** ) ch_realloc( si->si_attrs, (n + 4)*sizeof( char * )); - if ( tmp == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 ); -#else - Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); -#endif + + for ( n = 0; attrs[ n ] != NULL; n++ ) /* empty */; + + if ( si->si_allopattrs ) { + attrs = ( char ** ) ch_realloc( attrs, (n + 2)*sizeof( char * )); + } else { + attrs = ( char ** ) ch_realloc( attrs, (n + 4)*sizeof( char * )); + } + + if ( attrs == NULL ) { + Debug( LDAP_DEBUG_ANY, "out of memory\n", 0, 0, 0 ); } /* Add Attributes */ - for ( i = 0; sync_descs[ i ] != NULL; i++ ) { - tmp[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val ); - tmp[ n ] = NULL; + if ( si->si_allopattrs ) { + attrs[n++] = ch_strdup( sync_descs[0]->ad_cname.bv_val ); + } else { + for ( i = 0; sync_descs[ i ] != NULL; i++ ) { + attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val ); + } } + attrs[ n ] = NULL; } else { - tmp = ( char ** ) ch_realloc( si->si_attrs, 3 * sizeof( char * )); - if ( tmp == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 ); -#else - Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); -#endif + + i = 0; + if ( si->si_allattrs == si->si_allopattrs ) { + attrs = (char**) ch_malloc( 3 * sizeof(char*) ); + attrs[i++] = ch_strdup( "*" ); + attrs[i++] = ch_strdup( "+" ); + } else if ( si->si_allattrs && !si->si_allopattrs ) { + for ( n = 0; sync_descs[ n ] != NULL; n++ ) ; + attrs = (char**) ch_malloc( (n+1)* sizeof(char*) ); + attrs[i++] = ch_strdup( "*" ); + for ( j = 1; sync_descs[ j ] != NULL; j++ ) { + attrs[i++] = ch_strdup ( sync_descs[j]->ad_cname.bv_val ); + } + } else if ( !si->si_allattrs && si->si_allopattrs ) { + attrs = (char**) ch_malloc( 3 * sizeof(char*) ); + attrs[i++] = ch_strdup( "+" ); + attrs[i++] = ch_strdup( sync_descs[0]->ad_cname.bv_val ); } - tmp[ n++ ] = ch_strdup( "*" ); - tmp[ n++ ] = ch_strdup( "+" ); - tmp[ n ] = NULL; + attrs[i] = NULL; } - si->si_attrs = tmp; + si->si_attrs = attrs; + + exattrs = anlist2attrs( si->si_exanlist ); + + if ( exattrs ) { + for ( n = 0; exattrs[n] != NULL; n++ ) ; + + for ( i = 0; sync_descs[i] != NULL; i++ ) { + j = 0; + while ( exattrs[j] != NULL ) { + if ( !strcmp( exattrs[j], sync_descs[i]->ad_cname.bv_val )) { + ch_free( exattrs[j] ); + for ( k = j; exattrs[k] != NULL; k++ ) { + exattrs[k] = exattrs[k+1]; + } + } else { + j++; + } + } + } + + for ( i = 0; exattrs[i] != NULL; i++ ) { + for ( j = 0; si->si_anlist[j].an_name.bv_val; j++ ) { + ObjectClass *oc; + if ( ( oc = si->si_anlist[j].an_oc ) ) { + k = 0; + while ( oc->soc_required[k] ) { + if ( !strcmp( exattrs[i], + oc->soc_required[k]->sat_cname.bv_val )) { + ch_free( exattrs[i] ); + for ( l = i; exattrs[l]; l++ ) { + exattrs[l] = exattrs[l+1]; + } + } else { + k++; + } + } + } + } + } + + for ( i = 0; exattrs[i] != NULL; i++ ) ; + + if ( i != n ) + exattrs = (char **) ch_realloc( exattrs, (i + 1)*sizeof(char *)); + } + si->si_exattrs = exattrs; } +typedef struct logschema { + struct berval ls_dn; + struct berval ls_req; + struct berval ls_mod; + struct berval ls_newRdn; + struct berval ls_delRdn; + struct berval ls_newSup; +} logschema; + +static logschema changelog_sc = { + BER_BVC("targetDN"), + BER_BVC("changeType"), + BER_BVC("changes"), + BER_BVC("newRDN"), + BER_BVC("deleteOldRDN"), + BER_BVC("newSuperior") +}; + +static logschema accesslog_sc = { + BER_BVC("reqDN"), + BER_BVC("reqType"), + BER_BVC("reqMod"), + BER_BVC("reqNewRDN"), + BER_BVC("reqDeleteOldRDN"), + BER_BVC("reqNewSuperior") +}; + static int ldap_sync_search( syncinfo_t *si, @@ -123,20 +317,66 @@ ldap_sync_search( struct timeval timeout; ber_int_t msgid; int rc; + int rhint; + char *base; + char **attrs, *lattrs[8]; + char *filter; + int attrsonly; + int scope; /* setup LDAP SYNC control */ ber_init2( ber, NULL, LBER_USE_DER ); ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx ); - if ( si->si_syncCookie.octet_str && - si->si_syncCookie.octet_str[0].bv_val ) + /* If we're using a log but we have no state, then fallback to + * normal mode for a full refresh. + */ + if ( si->si_syncdata && BER_BVISEMPTY( &si->si_syncCookie.ctxcsn )) + si->si_logstate = SYNCLOG_FALLBACK; + + /* Use the log parameters if we're in log mode */ + if ( si->si_syncdata && si->si_logstate == SYNCLOG_LOGGING ) { + logschema *ls; + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + ls = &accesslog_sc; + else + ls = &changelog_sc; + lattrs[0] = ls->ls_dn.bv_val; + lattrs[1] = ls->ls_req.bv_val; + lattrs[2] = ls->ls_mod.bv_val; + lattrs[3] = ls->ls_newRdn.bv_val; + lattrs[4] = ls->ls_delRdn.bv_val; + lattrs[5] = ls->ls_newSup.bv_val; + lattrs[6] = slap_schema.si_ad_entryCSN->ad_cname.bv_val; + lattrs[7] = NULL; + + rhint = 0; + base = si->si_logbase.bv_val; + filter = si->si_logfilterstr.bv_val; + attrs = lattrs; + attrsonly = 0; + scope = LDAP_SCOPE_SUBTREE; + } else { + rhint = 1; + base = si->si_base.bv_val; + filter = si->si_filterstr.bv_val; + attrs = si->si_attrs; + attrsonly = si->si_attrsonly; + scope = si->si_scope; + } + if ( si->si_syncdata && si->si_logstate == SYNCLOG_FALLBACK ) { + si->si_type = LDAP_SYNC_REFRESH_ONLY; + } else { + si->si_type = si->si_ctype; + } + + if ( !BER_BVISNULL( &si->si_syncCookie.octet_str ) ) { - ber_printf( ber, "{eO}", - abs(si->si_type), - &si->si_syncCookie.octet_str[0] ); + ber_printf( ber, "{eOb}", + abs(si->si_type), &si->si_syncCookie.octet_str, rhint ); } else { - ber_printf( ber, "{e}", - abs(si->si_type) ); + ber_printf( ber, "{eb}", + abs(si->si_type), rhint ); } if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) { @@ -148,9 +388,9 @@ ldap_sync_search( c[0].ldctl_iscritical = si->si_type < 0; ctrls[0] = &c[0]; - if ( si->si_authzId ) { + if ( !BER_BVISNULL( &si->si_bindconf.sb_authzId ) ) { c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ; - ber_str2bv( si->si_authzId, 0, 0, &c[1].ldctl_value ); + c[1].ldctl_value = si->si_bindconf.sb_authzId; c[1].ldctl_iscritical = 1; ctrls[1] = &c[1]; ctrls[2] = NULL; @@ -161,8 +401,7 @@ ldap_sync_search( timeout.tv_sec = si->si_tlimit; timeout.tv_usec = 0; - rc = ldap_search_ext( si->si_ld, si->si_base.bv_val, si->si_scope, - si->si_filterstr.bv_val, si->si_attrs, si->si_attrsonly, + rc = ldap_search_ext( si->si_ld, base, scope, filter, attrs, attrsonly, ctrls, NULL, si->si_tlimit > 0 ? &timeout : NULL, si->si_slimit, &msgid ); ber_free_buf( ber ); @@ -177,10 +416,7 @@ do_syncrep1( int rc; int cmdline_cookie_found = 0; - char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)]; - struct berval syncrepl_cn_bv; struct sync_cookie *sc = NULL; - struct sync_cookie syncCookie = { NULL, -1, NULL }; struct berval *psub; #ifdef HAVE_TLS void *ssl; @@ -189,17 +425,11 @@ do_syncrep1( psub = &si->si_be->be_nsuffix[0]; /* Init connection to master */ - rc = ldap_initialize( &si->si_ld, si->si_provideruri ); + rc = ldap_initialize( &si->si_ld, si->si_bindconf.sb_uri.bv_val ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrep1: ldap_initialize failed (%s)\n", - si->si_provideruri, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "do_syncrep1: ldap_initialize failed (%s)\n", - si->si_provideruri, 0, 0 ); -#endif + "do_syncrep1: rid %03d ldap_initialize failed (%s)\n", + si->si_rid, si->si_bindconf.sb_uri.bv_val, 0 ); return rc; } @@ -208,52 +438,43 @@ do_syncrep1( /* Bind to master */ - if ( si->si_tls ) { + if ( si->si_bindconf.sb_tls ) { rc = ldap_start_tls_s( si->si_ld, NULL, NULL ); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrep1: " - "%s: ldap_start_tls failed (%d)\n", - si->si_tls == SYNCINFO_TLS_CRITICAL ? "Error" : "Warning", - rc, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "%s: ldap_start_tls failed (%d)\n", - si->si_tls == SYNCINFO_TLS_CRITICAL ? "Error" : "Warning", - rc, 0 ); -#endif - if( si->si_tls == SYNCINFO_TLS_CRITICAL ) goto done; + "%s: rid %03d ldap_start_tls failed (%d)\n", + si->si_bindconf.sb_tls == SB_TLS_CRITICAL ? "Error" : "Warning", + si->si_rid, rc ); + if( si->si_bindconf.sb_tls == SB_TLS_CRITICAL ) goto done; } } - if ( si->si_bindmethod == LDAP_AUTH_SASL ) { + if ( si->si_bindconf.sb_method == LDAP_AUTH_SASL ) { #ifdef HAVE_CYRUS_SASL void *defaults; - if ( si->si_secprops != NULL ) { + if ( si->si_bindconf.sb_secprops != NULL ) { rc = ldap_set_option( si->si_ld, - LDAP_OPT_X_SASL_SECPROPS, si->si_secprops); + LDAP_OPT_X_SASL_SECPROPS, si->si_bindconf.sb_secprops); if( rc != LDAP_OPT_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_bind: Error: " - "ldap_set_option(%s,SECPROPS,\"%s\") failed!\n", - si->si_provideruri, si->si_secprops, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option " + Debug( LDAP_DEBUG_ANY, "Error: rid %03d ldap_set_option " "(%s,SECPROPS,\"%s\") failed!\n", - si->si_provideruri, si->si_secprops, 0 ); -#endif + si->si_rid, si->si_bindconf.sb_uri.bv_val, si->si_bindconf.sb_secprops ); goto done; } } - defaults = lutil_sasl_defaults( si->si_ld, si->si_saslmech, - si->si_realm, si->si_authcId, si->si_passwd, si->si_authzId ); + defaults = lutil_sasl_defaults( si->si_ld, + si->si_bindconf.sb_saslmech.bv_val, + si->si_bindconf.sb_realm.bv_val, + si->si_bindconf.sb_authcId.bv_val, + si->si_bindconf.sb_cred.bv_val, + si->si_bindconf.sb_authzId.bv_val ); rc = ldap_sasl_interactive_bind_s( si->si_ld, - si->si_binddn, - si->si_saslmech, + si->si_bindconf.sb_binddn.bv_val, + si->si_bindconf.sb_saslmech.bv_val, NULL, NULL, LDAP_SASL_QUIET, lutil_sasl_interact, @@ -266,19 +487,15 @@ do_syncrep1( * 2) on err policy : exit, retry, backoff ... */ if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrep1: " - "ldap_sasl_interactive_bind_s failed (%d)\n", - rc, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrep1: " + static struct berval bv_GSSAPI = BER_BVC( "GSSAPI" ); + + Debug( LDAP_DEBUG_ANY, "do_syncrep1: rid %03d " "ldap_sasl_interactive_bind_s failed (%d)\n", - rc, 0, 0 ); -#endif + si->si_rid, rc, 0 ); /* FIXME (see above comment) */ /* if Kerberos credentials cache is not active, retry */ - if ( strcmp( si->si_saslmech, "GSSAPI" ) == 0 && + if ( ber_bvcmp( &si->si_bindconf.sb_saslmech, &bv_GSSAPI ) == 0 && rc == LDAP_LOCAL_ERROR ) { rc = LDAP_SERVER_DOWN; @@ -289,22 +506,18 @@ do_syncrep1( #else /* HAVE_CYRUS_SASL */ /* Should never get here, we trapped this at config time */ assert(0); - fprintf( stderr, "not compiled with SASL support\n" ); + Debug( LDAP_DEBUG_SYNC, "not compiled with SASL support\n", 0, 0, 0 ); rc = LDAP_OTHER; goto done; #endif - } else { - rc = ldap_bind_s( si->si_ld, - si->si_binddn, si->si_passwd, si->si_bindmethod ); + } else if ( si->si_bindconf.sb_method == LDAP_AUTH_SIMPLE ) { + rc = ldap_sasl_bind_s( si->si_ld, + si->si_bindconf.sb_binddn.bv_val, LDAP_SASL_SIMPLE, + &si->si_bindconf.sb_cred, NULL, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrep1: " - "ldap_bind_s failed (%d)\n", rc, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrep1: " - "ldap_bind_s failed (%d)\n", rc, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "do_syncrep1: rid %03d " + "ldap_sasl_bind_s failed (%d)\n", si->si_rid, rc, 0 ); goto done; } } @@ -312,122 +525,80 @@ do_syncrep1( /* Set SSF to strongest of TLS, SASL SSFs */ op->o_sasl_ssf = 0; op->o_tls_ssf = 0; + op->o_transport_ssf = 0; #ifdef HAVE_TLS - if ( ldap_get_option( si->si_ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl ) == LDAP_SUCCESS && - ssl != NULL ) { + if ( ldap_get_option( si->si_ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl ) + == LDAP_SUCCESS && ssl != NULL ) + { op->o_tls_ssf = ldap_pvt_tls_get_strength( ssl ); } #endif /* HAVE_TLS */ ldap_get_option( si->si_ld, LDAP_OPT_X_SASL_SSF, &op->o_sasl_ssf ); - op->o_transport_ssf = op->o_ssf = ( op->o_sasl_ssf > op->o_tls_ssf ) ? - op->o_sasl_ssf : op->o_tls_ssf; + op->o_ssf = ( op->o_sasl_ssf > op->o_tls_ssf ) + ? op->o_sasl_ssf : op->o_tls_ssf; - /* get syncrepl cookie of shadow replica from subentry */ - assert( si->si_rid < 1000 ); - syncrepl_cn_bv.bv_val = syncrepl_cbuf; - syncrepl_cn_bv.bv_len = snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf), - CN_STR "syncrepl%ld", si->si_rid ); - build_new_dn( &op->o_req_ndn, psub, &syncrepl_cn_bv, op->o_tmpmemctx ); - op->o_req_dn = op->o_req_ndn; - - LDAP_STAILQ_FOREACH( sc, &slap_sync_cookie, sc_next ) { - if ( si->si_rid == sc->rid ) { - cmdline_cookie_found = 1; - break; - } - } - if ( cmdline_cookie_found ) { - /* cookie is supplied in the command line */ - BerVarray cookie = NULL; - struct berval cookie_bv; + if ( BER_BVISNULL( &si->si_syncCookie.octet_str )) { + /* get contextCSN shadow replica from database */ + BerVarray csn = NULL; - LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next ); - slap_sync_cookie_free( &si->si_syncCookie, 0 ); + assert( si->si_rid < 1000 ); + op->o_req_ndn = op->o_bd->be_nsuffix[0]; + op->o_req_dn = op->o_req_ndn; - /* read stored cookie if it exists */ + /* try to read stored contextCSN */ backend_attribute( op, NULL, &op->o_req_ndn, - slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ ); + slap_schema.si_ad_contextCSN, &csn, ACL_READ ); + if ( csn ) { + ch_free( si->si_syncCookie.ctxcsn.bv_val ); + ber_dupbv( &si->si_syncCookie.ctxcsn, csn ); + ber_bvarray_free_x( csn, op->o_tmpmemctx ); + } + + si->si_syncCookie.rid = si->si_rid; + + LDAP_STAILQ_FOREACH( sc, &slap_sync_cookie, sc_next ) { + if ( si->si_rid == sc->rid ) { + cmdline_cookie_found = 1; + break; + } + } + + if ( cmdline_cookie_found ) { + /* cookie is supplied in the command line */ - if ( !cookie ) { - /* no stored cookie */ - if ( sc->ctxcsn == NULL || - sc->ctxcsn->bv_val == NULL ) { + LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next ); + + /* ctxcsn wasn't parsed yet, do it now */ + slap_parse_sync_cookie( sc, op->o_tmpmemctx ); + if ( BER_BVISNULL( &sc->ctxcsn ) ) { /* if cmdline cookie does not have ctxcsn */ /* component, set it to an initial value */ slap_init_sync_cookie_ctxcsn( sc ); } + slap_sync_cookie_free( &si->si_syncCookie, 0 ); slap_dup_sync_cookie( &si->si_syncCookie, sc ); slap_sync_cookie_free( sc, 1 ); - sc = NULL; - - } else { - /* stored cookie */ - struct berval newcookie = BER_BVNULL; - ber_dupbv( &cookie_bv, &cookie[0] ); - ber_bvarray_add( &si->si_syncCookie.octet_str, &cookie_bv ); - slap_parse_sync_cookie( &si->si_syncCookie ); - ber_bvarray_free( si->si_syncCookie.octet_str ); - si->si_syncCookie.octet_str = NULL; - ber_bvarray_free_x( cookie, op->o_tmpmemctx ); - if ( sc->sid != -1 ) { - /* command line cookie wins */ - si->si_syncCookie.sid = sc->sid; - } - if ( sc->ctxcsn != NULL ) { - /* command line cookie wins */ - if ( si->si_syncCookie.ctxcsn ) { - ber_bvarray_free( si->si_syncCookie.ctxcsn ); - si->si_syncCookie.ctxcsn = NULL; - } - ber_dupbv( &cookie_bv, &sc->ctxcsn[0] ); - ber_bvarray_add( &si->si_syncCookie.ctxcsn, &cookie_bv ); - } - if ( sc->rid != -1 ) { - /* command line cookie wins */ - si->si_syncCookie.rid = sc->rid; - } - slap_sync_cookie_free( sc, 1 ); - sc = NULL; - slap_compose_sync_cookie( NULL, &newcookie, - &si->si_syncCookie.ctxcsn[0], - si->si_syncCookie.sid, si->si_syncCookie.rid ); - ber_bvarray_add( &si->si_syncCookie.octet_str, &newcookie ); } - } else { - /* no command line cookie is specified */ - if ( si->si_syncCookie.octet_str == NULL ) { - BerVarray cookie = NULL; - struct berval cookie_bv; - /* try to read stored cookie */ - backend_attribute( op, NULL, &op->o_req_ndn, - slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ ); - if ( cookie ) { - ber_dupbv( &cookie_bv, &cookie[0] ); - ber_bvarray_add( &si->si_syncCookie.octet_str, &cookie_bv ); - slap_parse_sync_cookie( &si->si_syncCookie ); - ber_bvarray_free_x( cookie, op->o_tmpmemctx ); - } - } + slap_compose_sync_cookie( NULL, &si->si_syncCookie.octet_str, + &si->si_syncCookie.ctxcsn, si->si_syncCookie.rid ); } + si->si_refreshDone = 0; + rc = ldap_sync_search( si, op->o_tmpmemctx ); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrep1: " - "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrep1: " - "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "do_syncrep1: rid %03d " + "ldap_search_ext: %s (%d)\n", + si->si_rid, ldap_err2string( rc ), rc ); } done: if ( rc ) { if ( si->si_ld ) { - ldap_unbind( si->si_ld ); + ldap_unbind_ext( si->si_ld, NULL, NULL ); si->si_ld = NULL; } } @@ -456,15 +627,13 @@ do_syncrep2( int syncstate; struct berval syncUUID = BER_BVNULL; - struct sync_cookie syncCookie = { NULL, -1, NULL }; - struct sync_cookie syncCookie_req = { NULL, -1, NULL }; + struct sync_cookie syncCookie = { BER_BVNULL }; + struct sync_cookie syncCookie_req = { BER_BVNULL }; struct berval cookie = BER_BVNULL; int rc, err, i; ber_len_t len; - int rc_efree = 1; - struct berval *psub; Modifications *modlist = NULL; @@ -475,7 +644,6 @@ do_syncrep2( struct timeval tout = { 0, 0 }; int refreshDeletes = 0; - int refreshDone = 1; BerVarray syncUUIDs = NULL; ber_tag_t si_tag; @@ -487,11 +655,7 @@ do_syncrep2( ber_init2( ber, NULL, LBER_USE_DER ); ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx ); -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, DETAIL1, "do_syncrep2\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "=>do_syncrep2\n", 0, 0, 0 ); -#endif + Debug( LDAP_DEBUG_TRACE, "=>do_syncrep2 rid %03d\n", si->si_rid, 0, 0 ); psub = &si->si_be->be_nsuffix[0]; @@ -514,61 +678,93 @@ do_syncrep2( msg != NULL; msg = ldap_next_message( si->si_ld, msg ) ) { + if ( slapd_shutdown ) { + rc = -2; + goto done; + } switch( ldap_msgtype( msg ) ) { case LDAP_RES_SEARCH_ENTRY: ldap_get_entry_controls( si->si_ld, msg, &rctrls ); /* we can't work without the control */ if ( !rctrls ) { + Debug( LDAP_DEBUG_ANY, "do_syncrep2: rid %03d" + "got search entry without " + "control\n", si->si_rid, 0, 0 ); rc = -1; goto done; } rctrlp = *rctrls; ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID ); + /* FIXME: what if syncUUID is NULL or empty? + * (happens with back-sql...) */ + if ( BER_BVISEMPTY( &syncUUID ) ) { + Debug( LDAP_DEBUG_ANY, "do_syncrep2: rid %03d " + "got empty syncUUID\n", si->si_rid, 0, 0 ); + ldap_controls_free( rctrls ); + rc = -1; + goto done; + } if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, /*"{"*/ "m}", &cookie ); - if ( cookie.bv_val ) { - struct berval tmp_bv; - ber_dupbv( &tmp_bv, &cookie ); - ber_bvarray_add( &syncCookie.octet_str, &tmp_bv ); + if ( !BER_BVISNULL( &cookie ) ) { + ch_free( syncCookie.octet_str.bv_val ); + ber_dupbv( &syncCookie.octet_str, &cookie ); } - if ( syncCookie.octet_str && - syncCookie.octet_str[0].bv_val ) - slap_parse_sync_cookie( &syncCookie ); - } - if ( syncrepl_message_to_entry( si, op, msg, - &modlist, &entry, syncstate ) == LDAP_SUCCESS ) { - rc_efree = syncrepl_entry( si, op, entry, modlist, - syncstate, &syncUUID, &syncCookie_req ); - if ( syncCookie.octet_str && - syncCookie.octet_str[0].bv_val ) + if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { + slap_parse_sync_cookie( &syncCookie, NULL ); + } + } + rc = 0; + if ( si->si_syncdata && si->si_logstate == SYNCLOG_LOGGING ) { + modlist = NULL; + if (( rc = syncrepl_message_to_op( si, op, msg )) == LDAP_SUCCESS && + !BER_BVISNULL( &syncCookie.ctxcsn ) ) { + syncrepl_updateCookie( si, op, psub, &syncCookie ); + } + } else if (( rc = syncrepl_message_to_entry( si, op, msg, + &modlist, &entry, syncstate )) == LDAP_SUCCESS ) { + if (( rc = syncrepl_entry( si, op, entry, &modlist, + syncstate, &syncUUID, &syncCookie_req, + &syncCookie.ctxcsn )) == LDAP_SUCCESS && + !BER_BVISNULL( &syncCookie.ctxcsn ) ) { syncrepl_updateCookie( si, op, psub, &syncCookie ); } } ldap_controls_free( rctrls ); if ( modlist ) { - slap_mods_free( modlist ); - } - if ( rc_efree && entry ) { - entry_free( entry ); - entry = NULL; + slap_mods_free( modlist, 1 ); } + if ( rc ) + goto done; break; case LDAP_RES_SEARCH_REFERENCE: -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrep2 : reference received\n", 0, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "do_syncrep2 : reference received\n", 0, 0, 0 ); -#endif + "do_syncrep2: rid %03d reference received error\n", + si->si_rid, 0, 0 ); break; case LDAP_RES_SEARCH_RESULT: + Debug( LDAP_DEBUG_SYNC, + "do_syncrep2: rid %03d LDAP_RES_SEARCH_RESULT\n", + si->si_rid, 0, 0 ); ldap_parse_result( si->si_ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 ); +#ifdef LDAP_X_SYNC_REFRESH_REQUIRED + if ( err == LDAP_X_SYNC_REFRESH_REQUIRED ) { + /* map old result code to registered code */ + err = LDAP_SYNC_REFRESH_REQUIRED; + } +#endif + if ( err == LDAP_SYNC_REFRESH_REQUIRED ) { + if ( si->si_logstate == SYNCLOG_LOGGING ) { + si->si_logstate = SYNCLOG_FALLBACK; + } + rc = err; + goto done; + } if ( rctrls ) { rctrlp = *rctrls; ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); @@ -576,15 +772,13 @@ do_syncrep2( ber_scanf( ber, "{" /*"}"*/); if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, "m", &cookie ); - if ( cookie.bv_val ) { - struct berval tmp_bv; - ber_dupbv( &tmp_bv, &cookie ); - ber_bvarray_add( &syncCookie.octet_str, &tmp_bv); + if ( !BER_BVISNULL( &cookie ) ) { + ch_free( syncCookie.octet_str.bv_val ); + ber_dupbv( &syncCookie.octet_str, &cookie); } - if ( syncCookie.octet_str && - syncCookie.octet_str[0].bv_val ) + if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES ) @@ -593,22 +787,17 @@ do_syncrep2( } ber_scanf( ber, /*"{"*/ "}" ); } - if ( syncCookie_req.ctxcsn == NULL ) { + if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) { match = -1; - } else if ( syncCookie.ctxcsn == NULL ) { + } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) { match = 1; } else { value_match( &match, slap_schema.si_ad_entryCSN, slap_schema.si_ad_entryCSN->ad_type->sat_ordering, SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &syncCookie_req.ctxcsn[0], &syncCookie.ctxcsn[0], + &syncCookie_req.ctxcsn, &syncCookie.ctxcsn, &text ); } - if ( syncCookie.octet_str && syncCookie.octet_str->bv_val && - match < 0 && err == LDAP_SUCCESS ) - { - syncrepl_updateCookie( si, op, psub, &syncCookie ); - } if ( rctrls ) { ldap_controls_free( rctrls ); } @@ -620,13 +809,24 @@ do_syncrep2( if ( refreshDeletes == 0 && match < 0 && err == LDAP_SUCCESS ) { - syncrepl_del_nonpresent( op, si ); + syncrepl_del_nonpresent( op, si, NULL, &syncCookie.ctxcsn ); } else { avl_free( si->si_presentlist, avl_ber_bvfree ); si->si_presentlist = NULL; } } - rc = -2; + if ( !BER_BVISNULL( &syncCookie.ctxcsn ) && + match < 0 && err == LDAP_SUCCESS ) + { + syncrepl_updateCookie( si, op, psub, &syncCookie ); + } + if ( err == LDAP_SUCCESS + && si->si_logstate == SYNCLOG_FALLBACK ) { + si->si_logstate = SYNCLOG_LOGGING; + rc = LDAP_SYNC_REFRESH_REQUIRED; + } else { + rc = -2; + } goto done; break; @@ -634,58 +834,73 @@ do_syncrep2( rc = ldap_parse_intermediate( si->si_ld, msg, &retoid, &retdata, NULL, 0 ); if ( !rc && !strcmp( retoid, LDAP_SYNC_INFO ) ) { - int si_refreshDelete = 0; - int si_refreshPresent = 0; ber_init2( ber, retdata, LBER_USE_DER ); switch ( si_tag = ber_peek_tag( ber, &len )) { ber_tag_t tag; case LDAP_TAG_SYNC_NEW_COOKIE: + Debug( LDAP_DEBUG_SYNC, + "do_syncrep2: rid %03d %s - %s\n", + si->si_rid, + "LDAP_RES_INTERMEDIATE", + "NEW_COOKIE" ); ber_scanf( ber, "tm", &tag, &cookie ); break; case LDAP_TAG_SYNC_REFRESH_DELETE: - si_refreshDelete = 1; case LDAP_TAG_SYNC_REFRESH_PRESENT: - si_refreshPresent = 1; + Debug( LDAP_DEBUG_SYNC, + "do_syncrep2: rid %03d %s - %s\n", + si->si_rid, + "LDAP_RES_INTERMEDIATE", + si_tag == LDAP_TAG_SYNC_REFRESH_PRESENT ? + "REFRESH_PRESENT" : "REFRESH_DELETE" ); + if ( si_tag == LDAP_TAG_SYNC_REFRESH_DELETE ) { + si->si_refreshDelete = 1; + } else { + si->si_refreshPresent = 1; + } ber_scanf( ber, "t{" /*"}"*/, &tag ); if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, "m", &cookie ); - if ( cookie.bv_val ) { - struct berval tmp_bv; - ber_dupbv( &tmp_bv, &cookie ); - ber_bvarray_add( &syncCookie.octet_str, - &tmp_bv); + if ( !BER_BVISNULL( &cookie ) ) { + ch_free( syncCookie.octet_str.bv_val ); + ber_dupbv( &syncCookie.octet_str, &cookie ); } - if ( syncCookie.octet_str && - syncCookie.octet_str[0].bv_val ) + if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } + /* Defaults to TRUE */ if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDONE ) { - ber_scanf( ber, "b", &refreshDone ); + ber_scanf( ber, "b", &si->si_refreshDone ); + } else + { + si->si_refreshDone = 1; } ber_scanf( ber, /*"{"*/ "}" ); break; case LDAP_TAG_SYNC_ID_SET: + Debug( LDAP_DEBUG_SYNC, + "do_syncrep2: rid %03d %s - %s\n", + si->si_rid, + "LDAP_RES_INTERMEDIATE", + "SYNC_ID_SET" ); ber_scanf( ber, "t{" /*"}"*/, &tag ); if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, "m", &cookie ); - if ( cookie.bv_val ) { - struct berval tmp_bv; - ber_dupbv( &tmp_bv, &cookie ); - ber_bvarray_add( &syncCookie.octet_str, - &tmp_bv ); + if ( !BER_BVISNULL( &cookie ) ) { + ch_free( syncCookie.octet_str.bv_val ); + ber_dupbv( &syncCookie.octet_str, &cookie ); } - if ( syncCookie.octet_str && - syncCookie.octet_str[0].bv_val ) + if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } if ( ber_peek_tag( ber, &len ) == @@ -695,51 +910,51 @@ do_syncrep2( } ber_scanf( ber, "[W]", &syncUUIDs ); ber_scanf( ber, /*"{"*/ "}" ); - for ( i = 0; syncUUIDs[i].bv_val; i++ ) { - struct berval *syncuuid_bv; - syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] ); - avl_insert( &si->si_presentlist, - (caddr_t) syncuuid_bv, - syncuuid_cmp, avl_dup_error ); + if ( refreshDeletes ) { + syncrepl_del_nonpresent( op, si, syncUUIDs, + &syncCookie.ctxcsn ); + ber_bvarray_free_x( syncUUIDs, op->o_tmpmemctx ); + } else { + for ( i = 0; !BER_BVISNULL( &syncUUIDs[i] ); i++ ) { + struct berval *syncuuid_bv; + syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] ); + slap_sl_free( syncUUIDs[i].bv_val,op->o_tmpmemctx ); + avl_insert( &si->si_presentlist, + (caddr_t) syncuuid_bv, + syncuuid_cmp, avl_dup_error ); + } + slap_sl_free( syncUUIDs, op->o_tmpmemctx ); } - ber_memfree_x( syncUUIDs, op->o_tmpmemctx ); + slap_sync_cookie_free( &syncCookie, 0 ); break; default: -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrep2 : unknown syncinfo tag (%ld)\n", - (long) si_tag, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "do_syncrep2 : unknown syncinfo tag (%ld)\n", - (long) si_tag, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, + "do_syncrep2: rid %03d unknown syncinfo tag (%ld)\n", + si->si_rid, (long) si_tag, 0 ); ldap_memfree( retoid ); ber_bvfree( retdata ); continue; } - if ( syncCookie_req.ctxcsn == NULL ) { + if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) { match = -1; - } else if ( syncCookie.ctxcsn == NULL ) { + } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) { match = 1; } else { value_match( &match, slap_schema.si_ad_entryCSN, slap_schema.si_ad_entryCSN->ad_type->sat_ordering, SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &syncCookie_req.ctxcsn[0], - &syncCookie.ctxcsn[0], &text ); - } - - if ( syncCookie.ctxcsn && syncCookie.ctxcsn[0].bv_val && - match < 0 ) - { - syncrepl_updateCookie( si, op, psub, &syncCookie); + &syncCookie_req.ctxcsn, + &syncCookie.ctxcsn, &text ); } - if ( si_refreshPresent == 1 ) { - if ( match < 0 ) { - syncrepl_del_nonpresent( op, si ); + if ( match < 0 ) { + if ( si->si_refreshPresent == 1 ) { + syncrepl_del_nonpresent( op, si, NULL, &syncCookie.ctxcsn ); + } + if ( !BER_BVISNULL( &syncCookie.ctxcsn )) + { + syncrepl_updateCookie( si, op, psub, &syncCookie); } } @@ -748,15 +963,9 @@ do_syncrep2( break; } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "do_syncrep2 :" - " unknown intermediate " - "response\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrep2 : " + Debug( LDAP_DEBUG_ANY, "do_syncrep2: rid %03d " "unknown intermediate response (%d)\n", - rc, 0, 0 ); -#endif + si->si_rid, rc, 0 ); ldap_memfree( retoid ); ber_bvfree( retdata ); break; @@ -764,17 +973,12 @@ do_syncrep2( break; default: -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "do_syncrep2 : " - "unknown message\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrep2 : " - "unknown message\n", 0, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "do_syncrep2: rid %03d " + "unknown message\n", si->si_rid, 0, 0 ); break; } - if ( syncCookie.octet_str ) { + if ( !BER_BVISNULL( &syncCookie.octet_str )) { slap_sync_cookie_free( &syncCookie_req, 0 ); slap_dup_sync_cookie( &syncCookie_req, &syncCookie ); slap_sync_cookie_free( &syncCookie, 0 ); @@ -790,13 +994,8 @@ do_syncrep2( ldap_get_option( si->si_ld, LDAP_OPT_ERROR_NUMBER, &rc ); errstr = ldap_err2string( rc ); -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrep2 : %s\n", errstr, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "do_syncrep2 : %s\n", errstr, 0, 0 ); -#endif + "do_syncrep2: rid %03d %s\n", si->si_rid, errstr, 0 ); } done: @@ -805,15 +1004,21 @@ done: if ( res ) ldap_msgfree( res ); - if ( rc && si->si_ld ) { - ldap_unbind( si->si_ld ); + if ( rc && rc != LDAP_SYNC_REFRESH_REQUIRED && si->si_ld ) { + if ( si->si_conn_setup ) { + ber_socket_t s; + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + si->si_conn_setup = 0; + } + ldap_unbind_ext( si->si_ld, NULL, NULL ); si->si_ld = NULL; } return rc; } -void * +static void * do_syncrepl( void *ctx, void *arg ) @@ -821,76 +1026,87 @@ do_syncrepl( struct re_s* rtask = arg; syncinfo_t *si = ( syncinfo_t * ) rtask->arg; Connection conn = {0}; - Operation op = {0}; + OperationBuffer opbuf; + Operation *op; int rc = LDAP_SUCCESS; - int first = 0; int dostop = 0; ber_socket_t s; - int i, defer = 1; + int i, defer = 1, fail = 0; + Backend *be; -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, DETAIL1, "do_syncrepl\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 ); -#endif + Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl rid %03d\n", si->si_rid, 0, 0 ); if ( si == NULL ) return NULL; + ldap_pvt_thread_mutex_lock( &si->si_mutex ); + switch( abs( si->si_type )) { case LDAP_SYNC_REFRESH_ONLY: case LDAP_SYNC_REFRESH_AND_PERSIST: break; default: + ldap_pvt_thread_mutex_unlock( &si->si_mutex ); return NULL; } - if ( slapd_shutdown && si->si_ld ) { - ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); - connection_client_stop( s ); - ldap_unbind( si->si_ld ); - si->si_ld = NULL; + if ( slapd_shutdown ) { + if ( si->si_ld ) { + if ( si->si_conn_setup ) { + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + si->si_conn_setup = 0; + } + ldap_unbind_ext( si->si_ld, NULL, NULL ); + si->si_ld = NULL; + } + ldap_pvt_thread_mutex_unlock( &si->si_mutex ); return NULL; } - connection_fake_init( &conn, &op, ctx ); + op = (Operation *) &opbuf; + connection_fake_init( &conn, op, ctx ); - op.o_dn = si->si_updatedn; - op.o_ndn = si->si_updatedn; - op.o_managedsait = 1; - op.o_bd = si->si_be; + /* use global malloc for now */ + op->o_tmpmemctx = NULL; + op->o_tmpmfuncs = &ch_mfuncs; - op.o_sync_state.ctxcsn = NULL; - op.o_sync_state.sid = -1; - op.o_sync_state.octet_str = NULL; - op.o_sync_slog_size = -1; - LDAP_STAILQ_FIRST( &op.o_sync_slog_list ) = NULL; - op.o_sync_slog_list.stqh_last = &LDAP_STAILQ_FIRST(&op.o_sync_slog_list); + op->o_managedsait = SLAP_CONTROL_NONCRITICAL; + op->o_bd = be = si->si_be; + op->o_dn = op->o_bd->be_rootdn; + op->o_ndn = op->o_bd->be_rootndn; /* Establish session, do search */ if ( !si->si_ld ) { - first = 1; - rc = do_syncrep1( &op, si ); + si->si_refreshDelete = 0; + si->si_refreshPresent = 0; + rc = do_syncrep1( op, si ); } +reload: /* Process results */ if ( rc == LDAP_SUCCESS ) { ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); - rc = do_syncrep2( &op, si ); + rc = do_syncrep2( op, si ); + if ( rc == LDAP_SYNC_REFRESH_REQUIRED ) { + rc = ldap_sync_search( si, op->o_tmpmemctx ); + goto reload; + } if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) { /* If we succeeded, enable the connection for further listening. * If we failed, tear down the connection and reschedule. */ if ( rc == LDAP_SUCCESS ) { - if ( first ) { - rc = connection_client_setup( s, do_syncrepl, - arg ); - } else { + if ( si->si_conn_setup ) { connection_client_enable( s ); + } else { + rc = connection_client_setup( s, do_syncrepl, arg ); + if ( rc == 0 ) + si->si_conn_setup = 1; } - } else if ( !first ) { + } else if ( si->si_conn_setup ) { dostop = 1; } } else { @@ -904,10 +1120,10 @@ do_syncrepl( * 3) for Refresh and Success, reschedule to run * 4) for Persist and Success, reschedule to defer */ - ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex ); + ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); - if ( ldap_pvt_runqueue_isrunning( &syncrepl_rq, rtask )) { - ldap_pvt_runqueue_stoptask( &syncrepl_rq, rtask ); + if ( ldap_pvt_runqueue_isrunning( &slapd_rq, rtask )) { + ldap_pvt_runqueue_stoptask( &slapd_rq, rtask ); } if ( dostop ) { @@ -919,145 +1135,431 @@ do_syncrepl( defer = 0; } rtask->interval.tv_sec = si->si_interval; - ldap_pvt_runqueue_resched( &syncrepl_rq, rtask, defer ); + ldap_pvt_runqueue_resched( &slapd_rq, rtask, defer ); if ( si->si_retrynum ) { - for ( i = 0; si->si_retrynum_init[i] != -2; i++ ) { + for ( i = 0; si->si_retrynum_init[i] != RETRYNUM_TAIL; i++ ) { si->si_retrynum[i] = si->si_retrynum_init[i]; } - si->si_retrynum[i] = -2; + si->si_retrynum[i] = RETRYNUM_TAIL; } } else { for ( i = 0; si->si_retrynum && si->si_retrynum[i] <= 0; i++ ) { - if ( si->si_retrynum[i] == -1 || si->si_retrynum[i] == -2 ) + if ( si->si_retrynum[i] == RETRYNUM_FOREVER || si->si_retrynum[i] == RETRYNUM_TAIL ) break; } - if ( !si->si_retrynum || si->si_retrynum[i] == -2 ) { - ldap_pvt_runqueue_remove( &syncrepl_rq, rtask ); - } else if ( si->si_retrynum[i] >= -1 ) { + if ( !si->si_retrynum || si->si_retrynum[i] == RETRYNUM_TAIL ) { + ldap_pvt_runqueue_remove( &slapd_rq, rtask ); + fail = RETRYNUM_TAIL; + } else if ( RETRYNUM_VALID( si->si_retrynum[i] ) ) { if ( si->si_retrynum[i] > 0 ) si->si_retrynum[i]--; + fail = si->si_retrynum[i]; rtask->interval.tv_sec = si->si_retryinterval[i]; - ldap_pvt_runqueue_resched( &syncrepl_rq, rtask, 0 ); + ldap_pvt_runqueue_resched( &slapd_rq, rtask, 0 ); slap_wake_listener(); } } - - ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex ); + + ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); + ldap_pvt_thread_mutex_unlock( &si->si_mutex ); + + if ( rc ) { + if ( fail == RETRYNUM_TAIL ) { + Debug( LDAP_DEBUG_ANY, + "do_syncrepl: rid %03d quitting\n", + si->si_rid, 0, 0 ); + } else if ( fail > 0 ) { + Debug( LDAP_DEBUG_ANY, + "do_syncrepl: rid %03d retrying (%d retries left)\n", + si->si_rid, fail, 0 ); + } else { + Debug( LDAP_DEBUG_ANY, + "do_syncrepl: rid %03d retrying\n", + si->si_rid, 0, 0 ); + } + } return NULL; } -int -syncrepl_message_to_entry( +static slap_verbmasks modops[] = { + { BER_BVC("add"), LDAP_REQ_ADD }, + { BER_BVC("delete"), LDAP_REQ_DELETE }, + { BER_BVC("modify"), LDAP_REQ_MODIFY }, + { BER_BVC("modrdn"), LDAP_REQ_MODRDN}, + { BER_BVNULL, 0 } +}; + +static Modifications * +syncrepl_accesslog_mods( + syncinfo_t *si, + struct berval *vals +) +{ + char *colon; + const char *text; + AttributeDescription *ad; + struct berval bv, bv2; + short op; + Modifications *mod = NULL, *modlist = NULL, **modtail; + int i; + + modtail = &modlist; + + for (i=0; !BER_BVISNULL( &vals[i] ); i++) { + ad = NULL; + bv = vals[i]; + + colon = ber_bvchr( &bv, ':' ); + if ( !colon ) + continue; /* invalid */ + bv.bv_len = colon - bv.bv_val; + if ( slap_bv2ad( &bv, &ad, &text )) { + /* Invalid */ + continue; + } + /* Ignore dynamically generated attrs */ + if ( ad->ad_type->sat_flags & SLAP_AT_DYNAMIC ) + continue; + /* Ignore excluded attrs */ + if ( ldap_charray_inlist( si->si_exattrs, + ad->ad_type->sat_cname.bv_val )) + continue; + + switch(colon[1]) { + case '+': op = LDAP_MOD_ADD; break; + case '-': op = LDAP_MOD_DELETE; break; + case '=': op = LDAP_MOD_REPLACE; break; + case '#': op = LDAP_MOD_INCREMENT; break; + default: continue; + } + + if ( !mod || ad != mod->sml_desc || op != mod->sml_op ) { + mod = (Modifications *) ch_malloc( sizeof( Modifications )); + mod->sml_flags = 0; + mod->sml_op = op; + mod->sml_next = NULL; + mod->sml_desc = ad; + mod->sml_type = ad->ad_cname; + mod->sml_values = NULL; + mod->sml_nvalues = NULL; + + *modtail = mod; + modtail = &mod->sml_next; + } + if ( colon[2] == ' ' ) { + bv.bv_val = colon + 3; + bv.bv_len = vals[i].bv_len - ( bv.bv_val - vals[i].bv_val ); + ber_dupbv( &bv2, &bv ); + ber_bvarray_add( &mod->sml_values, &bv2 ); + } + } + return modlist; +} + +static Modifications * +syncrepl_changelog_mods( + syncinfo_t *si, + struct berval *vals +) +{ + return NULL; /* FIXME */ +} + +static int +syncrepl_message_to_op( syncinfo_t *si, Operation *op, - LDAPMessage *msg, - Modifications **modlist, - Entry **entry, - int syncstate + LDAPMessage *msg ) { - Entry *e = NULL; BerElement *ber = NULL; - Modifications tmp; - Modifications *mod; - Modifications **modtail = modlist; + Modifications *modlist = NULL; + logschema *ls; + SlapReply rs = { REP_RESULT }; + slap_callback cb = { NULL, null_callback, NULL, NULL }; const char *text; char txtbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof txtbuf; - struct berval bdn = {0, NULL}, dn, ndn; - int rc; - - *modlist = NULL; + struct berval bdn, dn = BER_BVNULL, ndn; + struct berval bv, *bvals = NULL; + struct berval rdn = BER_BVNULL, sup = BER_BVNULL, + prdn = BER_BVNULL, nrdn = BER_BVNULL, + psup = BER_BVNULL, nsup = BER_BVNULL; + int rc, deleteOldRdn = 0, freeReqDn = 0; if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_op: rid %03d " + "Message type should be entry (%d)", + si->si_rid, ldap_msgtype( msg ), 0 ); return -1; } - op->o_tag = LDAP_REQ_ADD; + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + ls = &accesslog_sc; + else + ls = &changelog_sc; rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 ); -#endif + "syncrepl_message_to_op: rid %03d dn get failed (%d)", + si->si_rid, rc, 0 ); return rc; } - dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx ); - ber_dupbv( &op->o_req_dn, &dn ); - ber_dupbv( &op->o_req_ndn, &ndn ); - slap_sl_free( ndn.bv_val, op->o_tmpmemctx ); - slap_sl_free( dn.bv_val, op->o_tmpmemctx ); + op->o_tag = LBER_DEFAULT; - if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) { - return LDAP_SUCCESS; + while (( rc = ldap_get_attribute_ber( si->si_ld, msg, ber, &bv, &bvals )) + == LDAP_SUCCESS ) { + if ( bv.bv_val == NULL ) + break; + + if ( !ber_bvstrcasecmp( &bv, &ls->ls_dn )) { + bdn = bvals[0]; + dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx ); + ber_dupbv( &op->o_req_dn, &dn ); + ber_dupbv( &op->o_req_ndn, &ndn ); + slap_sl_free( ndn.bv_val, op->o_tmpmemctx ); + slap_sl_free( dn.bv_val, op->o_tmpmemctx ); + freeReqDn = 1; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_req )) { + int i = verb_to_mask( bvals[0].bv_val, modops ); + if ( i < 0 ) { + Debug( LDAP_DEBUG_ANY, + "syncrepl_message_to_op: rid %03d unknown op %s", + si->si_rid, bvals[0].bv_val, 0 ); + ch_free( bvals ); + rc = -1; + goto done; + } + op->o_tag = modops[i].mask; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_mod )) { + /* Parse attribute into modlist */ + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + modlist = syncrepl_accesslog_mods( si, bvals ); + else + modlist = syncrepl_changelog_mods( si, bvals ); + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_newRdn )) { + rdn = bvals[0]; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_delRdn )) { + if ( !ber_bvstrcasecmp( &slap_true_bv, bvals )) + deleteOldRdn = 1; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_newSup )) { + sup = bvals[0]; + } else if ( !ber_bvstrcasecmp( &bv, + &slap_schema.si_ad_entryCSN->ad_cname )) { + slap_queue_csn( op, bvals ); + } + ch_free( bvals ); } - if ( entry == NULL ) { - return -1; + /* If we didn't get a mod type or a target DN, bail out */ + if ( op->o_tag == LBER_DEFAULT || BER_BVISNULL( &dn )) { + rc = -1; + goto done; } - e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); - *entry = e; - e->e_name = op->o_req_dn; - e->e_nname = op->o_req_ndn; + op->o_callback = &cb; + slap_op_time( &op->o_time, &op->o_tincr ); - while ( ber_remaining( ber ) ) { - if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) == - LBER_ERROR ) || ( tmp.sml_type.bv_val == NULL )) - { - break; - } + switch( op->o_tag ) { + case LDAP_REQ_ADD: + case LDAP_REQ_MODIFY: + /* If we didn't get required data, bail */ + if ( !modlist ) goto done; - mod = (Modifications *) ch_malloc( sizeof( Modifications )); + rc = slap_mods_check( modlist, &text, txtbuf, textlen, NULL ); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_next = NULL; - mod->sml_desc = NULL; - mod->sml_type = tmp.sml_type; - mod->sml_values = tmp.sml_values; - mod->sml_nvalues = NULL; + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_op: rid %03d " + "mods check (%s)\n", + si->si_rid, text, 0 ); + goto done; + } - *modtail = mod; - modtail = &mod->sml_next; - } + if ( op->o_tag == LDAP_REQ_ADD ) { + op->ora_e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); + op->ora_e->e_name = op->o_req_dn; + op->ora_e->e_nname = op->o_req_ndn; + freeReqDn = 0; + rc = slap_mods2entry( modlist, &op->ora_e, 1, 0, &text, txtbuf, textlen); + if( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_op: rid %03d " + "mods2entry (%s)\n", + si->si_rid, text, 0 ); + } else { + rc = op->o_bd->be_add( op, &rs ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: rid %03d be_add %s (%d)\n", + si->si_rid, op->o_req_dn.bv_val, rc ); + } + be_entry_release_w( op, op->ora_e ); + } else { + op->orm_modlist = modlist; + rc = op->o_bd->be_modify( op, &rs ); + modlist = op->orm_modlist; + Debug( rc ? LDAP_DEBUG_ANY : LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: rid %03d be_modify %s (%d)\n", + si->si_rid, op->o_req_dn.bv_val, rc ); + } + break; + case LDAP_REQ_MODRDN: + if ( BER_BVISNULL( &rdn )) goto done; + + if ( rdnPretty( NULL, &rdn, &prdn, NULL )) + goto done; + if ( rdnNormalize( 0, NULL, NULL, &rdn, &nrdn, NULL )) + goto done; + if ( !BER_BVISNULL( &sup )) { + if ( dnPrettyNormal( NULL, &sup, &psup, &nsup, NULL )) + goto done; + op->orr_newSup = &psup; + op->orr_nnewSup = ⊅ + } else { + op->orr_newSup = NULL; + op->orr_nnewSup = NULL; + } + op->orr_newrdn = prdn; + op->orr_nnewrdn = nrdn; + op->orr_deleteoldrdn = deleteOldRdn; + rc = op->o_bd->be_modrdn( op, &rs ); + Debug( rc ? LDAP_DEBUG_ANY : LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: rid %03d be_modrdn %s (%d)\n", + si->si_rid, op->o_req_dn.bv_val, rc ); + break; + case LDAP_REQ_DELETE: + rc = op->o_bd->be_delete( op, &rs ); + Debug( rc ? LDAP_DEBUG_ANY : LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: rid %03d be_delete %s (%d)\n", + si->si_rid, op->o_req_dn.bv_val, rc ); + break; + } +done: + slap_graduate_commit_csn( op ); + op->o_tmpfree( op->o_csn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_csn ); + if ( modlist ) + slap_mods_free( modlist, op->o_tag != LDAP_REQ_ADD ); + if ( !BER_BVISNULL( &rdn )) { + if ( !BER_BVISNULL( &nsup )) + ch_free( nsup.bv_val ); + if ( !BER_BVISNULL( &psup )) + ch_free( psup.bv_val ); + if ( !BER_BVISNULL( &nrdn )) + ch_free( nrdn.bv_val ); + if ( !BER_BVISNULL( &prdn )) + ch_free( prdn.bv_val ); + } + if ( freeReqDn ) { + ch_free( op->o_req_ndn.bv_val ); + ch_free( op->o_req_dn.bv_val ); + } + ber_free ( ber, 0 ); + return rc; +} + +static int +syncrepl_message_to_entry( + syncinfo_t *si, + Operation *op, + LDAPMessage *msg, + Modifications **modlist, + Entry **entry, + int syncstate +) +{ + Entry *e = NULL; + BerElement *ber = NULL; + Modifications tmp; + Modifications *mod; + Modifications **modtail = modlist; + + const char *text; + char txtbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof txtbuf; + + struct berval bdn = BER_BVNULL, dn, ndn; + int rc; + + *modlist = NULL; + + if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: rid %03d " + "Message type should be entry (%d)", + si->si_rid, ldap_msgtype( msg ), 0 ); + return -1; + } + + op->o_tag = LDAP_REQ_ADD; + + rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn ); + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "syncrepl_message_to_entry: rid %03d dn get failed (%d)", + si->si_rid, rc, 0 ); + return rc; + } + + dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx ); + ber_dupbv( &op->o_req_dn, &dn ); + ber_dupbv( &op->o_req_ndn, &ndn ); + slap_sl_free( ndn.bv_val, op->o_tmpmemctx ); + slap_sl_free( dn.bv_val, op->o_tmpmemctx ); + + if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) { + /* NOTE: this could be done even before decoding the DN, + * although encoding errors wouldn't be detected */ + rc = LDAP_SUCCESS; + goto done; + } + + if ( entry == NULL ) { + rc = -1; + goto done; + } + + e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); + e->e_name = op->o_req_dn; + e->e_nname = op->o_req_ndn; + + while ( ber_remaining( ber ) ) { + if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) == + LBER_ERROR ) || BER_BVISNULL( &tmp.sml_type ) ) + { + break; + } + + mod = (Modifications *) ch_malloc( sizeof( Modifications )); + + mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_flags = 0; + mod->sml_next = NULL; + mod->sml_desc = NULL; + mod->sml_type = tmp.sml_type; + mod->sml_values = tmp.sml_values; + mod->sml_nvalues = NULL; + + *modtail = mod; + modtail = &mod->sml_next; + } if ( *modlist == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: no attributes\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n", - 0, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: rid %03d no attributes\n", + si->si_rid, 0, 0 ); + rc = -1; + goto done; } - rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL ); + rc = slap_mods_check( *modlist, &text, txtbuf, textlen, NULL ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: mods check (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n", - text, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: rid %03d mods check (%s)\n", + si->si_rid, text, 0 ); goto done; } @@ -1067,7 +1569,20 @@ syncrepl_message_to_entry( if ( mod->sml_desc->ad_type->sat_flags & SLAP_AT_DYNAMIC ) { *modtail = mod->sml_next; slap_mod_free( &mod->sml_mod, 0 ); - free( mod ); + ch_free( mod ); + } else { + modtail = &mod->sml_next; + } + } + + /* Strip out attrs in exattrs list */ + for ( modtail = modlist; *modtail ; ) { + mod = *modtail; + if ( ldap_charray_inlist( si->si_exattrs, + mod->sml_desc->ad_type->sat_cname.bv_val )) { + *modtail = mod->sml_next; + slap_mod_free( &mod->sml_mod, 0 ); + ch_free( mod ); } else { modtail = &mod->sml_next; } @@ -1075,37 +1590,66 @@ syncrepl_message_to_entry( rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: mods2entry (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods2entry (%s)\n", - text, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: rid %03d mods2entry (%s)\n", + si->si_rid, text, 0 ); } done: - ber_free ( ber, 0 ); + ber_free( ber, 0 ); if ( rc != LDAP_SUCCESS ) { - entry_free( e ); - e = NULL; + if ( e ) { + entry_free( e ); + e = NULL; + } } + *entry = e; return rc; } -int +static struct berval generic_filterstr = BER_BVC("(objectclass=*)"); + +/* During a refresh, we may get an LDAP_SYNC_ADD for an already existing + * entry if a previous refresh was interrupted before sending us a new + * context state. We try to compare the new entry to the existing entry + * and ignore the new entry if they are the same. + * + * Also, we may get an update where the entryDN has changed, due to + * a ModDn on the provider. We detect this as well, so we can issue + * the corresponding operation locally. + * + * In the case of a modify, we get a list of all the attributes + * in the original entry. Rather than deleting the entry and re-adding it, + * we issue a Modify request that deletes all the attributes and adds all + * the new ones. This avoids the issue of trying to delete/add a non-leaf + * entry. + * + * We don't try to otherwise distinguish ModDN from Modify; in the case of + * a ModDN we will issue both operations on the local database. + */ +typedef struct dninfo { + Entry *new_entry; + struct berval dn; + struct berval ndn; + int renamed; /* Was an existing entry renamed? */ + int wasChanged; /* are the attributes changed? */ + int attrs; /* how many attribute types are in the ads list */ + AttributeDescription **ads; +} dninfo; + +static int syncrepl_entry( syncinfo_t* si, Operation *op, - Entry* e, - Modifications* modlist, + Entry* entry, + Modifications** modlist, int syncstate, struct berval* syncUUID, - struct sync_cookie* syncCookie_req ) + struct sync_cookie* syncCookie_req, + struct berval* syncCSN ) { Backend *be = op->o_bd; - slap_callback cb = { NULL }; + slap_callback cb = { NULL, NULL, NULL, NULL }; struct berval *syncuuid_bv = NULL; struct berval syncUUID_strrep = BER_BVNULL; struct berval uuid_bv = BER_BVNULL; @@ -1115,47 +1659,81 @@ syncrepl_entry( SlapReply rs_add = {REP_RESULT}; SlapReply rs_modify = {REP_RESULT}; Filter f = {0}; - AttributeAssertion ava = {0}; +#ifdef LDAP_COMP_MATCH + AttributeAssertion ava = { NULL, BER_BVNULL, NULL }; +#else + AttributeAssertion ava = { NULL, BER_BVNULL }; +#endif int rc = LDAP_SUCCESS; - int ret = LDAP_SUCCESS; - const char *text; struct berval pdn = BER_BVNULL; - struct berval org_req_dn = BER_BVNULL; - struct berval org_req_ndn = BER_BVNULL; - struct berval org_dn = BER_BVNULL; - struct berval org_ndn = BER_BVNULL; - int org_managedsait; + dninfo dni = {0}; + int retry = 1; + + switch( syncstate ) { + case LDAP_SYNC_PRESENT: + Debug( LDAP_DEBUG_SYNC, "syncrepl_entry: rid %03d %s\n", + si->si_rid, + "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_PRESENT)", 0 ); + break; + case LDAP_SYNC_ADD: + Debug( LDAP_DEBUG_SYNC, "syncrepl_entry: rid %03d %s\n", + si->si_rid, + "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)", 0 ); + break; + case LDAP_SYNC_DELETE: + Debug( LDAP_DEBUG_SYNC, "syncrepl_entry: rid %03d %s\n", + si->si_rid, + "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_DELETE)", 0 ); + break; + case LDAP_SYNC_MODIFY: + Debug( LDAP_DEBUG_SYNC, "syncrepl_entry: rid %03d %s\n", + si->si_rid, + "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)", 0 ); + break; + default: + Debug( LDAP_DEBUG_ANY, "syncrepl_entry: rid %03d %s\n", + si->si_rid, + "LDAP_RES_SEARCH_ENTRY(UNKNOWN syncstate)", 0 ); + } if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) { - syncuuid_bv = ber_dupbv( NULL, syncUUID ); - avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv, - syncuuid_cmp, avl_dup_error ); + if ( !si->si_refreshPresent && !si->si_refreshDone ) { + syncuuid_bv = ber_dupbv( NULL, syncUUID ); + avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv, + syncuuid_cmp, avl_dup_error ); + } } if ( syncstate == LDAP_SYNC_PRESENT ) { - return e ? 1 : 0; + return 0; + } else if ( syncstate != LDAP_SYNC_DELETE ) { + if ( entry == NULL ) { + return 0; + } } f.f_choice = LDAP_FILTER_EQUALITY; f.f_ava = &ava; ava.aa_desc = slap_schema.si_ad_entryUUID; - slap_uuidstr_from_normalized( &syncUUID_strrep, syncUUID, op->o_tmpmemctx ); + (void)slap_uuidstr_from_normalized( &syncUUID_strrep, syncUUID, op->o_tmpmemctx ); ava.aa_value = *syncUUID; op->ors_filter = &f; - op->ors_filterstr.bv_len = (sizeof("entryUUID=")-1) + syncUUID->bv_len; + op->ors_filterstr.bv_len = STRLENOF( "(entryUUID=)" ) + syncUUID_strrep.bv_len; op->ors_filterstr.bv_val = (char *) slap_sl_malloc( op->ors_filterstr.bv_len + 1, op->o_tmpmemctx ); - AC_MEMCPY( op->ors_filterstr.bv_val, "entryUUID=", sizeof("entryUUID=")-1 ); - AC_MEMCPY( &op->ors_filterstr.bv_val[sizeof("entryUUID=")-1], - syncUUID->bv_val, syncUUID->bv_len ); + AC_MEMCPY( op->ors_filterstr.bv_val, "(entryUUID=", STRLENOF( "(entryUUID=" ) ); + AC_MEMCPY( &op->ors_filterstr.bv_val[STRLENOF( "(entryUUID=" )], + syncUUID_strrep.bv_val, syncUUID_strrep.bv_len ); + op->ors_filterstr.bv_val[op->ors_filterstr.bv_len - 1] = ')'; op->ors_filterstr.bv_val[op->ors_filterstr.bv_len] = '\0'; op->o_tag = LDAP_REQ_SEARCH; op->ors_scope = LDAP_SCOPE_SUBTREE; + op->ors_deref = LDAP_DEREF_NEVER; - /* get syncrepl cookie of shadow replica from subentry */ + /* get the entry for this UUID */ op->o_req_dn = si->si_base; op->o_req_ndn = si->si_base; @@ -1163,201 +1741,308 @@ syncrepl_entry( op->ors_tlimit = SLAP_NO_LIMIT; op->ors_slimit = 1; - op->ors_attrs = slap_anlist_no_attrs; - op->ors_attrsonly = 1; + op->ors_attrs = slap_anlist_all_attributes; + op->ors_attrsonly = 0; /* set callback function */ op->o_callback = &cb; cb.sc_response = dn_callback; - cb.sc_private = si; - - si->si_syncUUID_ndn.bv_val = NULL; + cb.sc_private = &dni; + dni.new_entry = entry; if ( limits_check( op, &rs_search ) == 0 ) { rc = be->be_search( op, &rs_search ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d be_search (%d)\n", + si->si_rid, rc, 0 ); } - if ( op->ors_filterstr.bv_val ) { + if ( !BER_BVISNULL( &op->ors_filterstr ) ) { slap_sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx ); } cb.sc_response = null_callback; cb.sc_private = si; - if ( rs_search.sr_err == LDAP_SUCCESS && si->si_syncUUID_ndn.bv_val ) { - char *subseq_ptr; + if ( entry && !BER_BVISNULL( &entry->e_name ) ) { + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d %s\n", + si->si_rid, entry->e_name.bv_val, 0 ); + } else { + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d %s\n", + si->si_rid, dni.dn.bv_val ? dni.dn.bv_val : "(null)", 0 ); + } + + if ( syncstate != LDAP_SYNC_DELETE ) { + Attribute *a = attr_find( entry->e_attrs, slap_schema.si_ad_entryUUID ); - if ( syncstate != LDAP_SYNC_DELETE ) { - op->o_no_psearch = 1; - } + if ( a == NULL ) { + /* add if missing */ + attr_merge_one( entry, slap_schema.si_ad_entryUUID, + &syncUUID_strrep, syncUUID ); - ber_dupbv( &op->o_sync_csn, syncCookie_req->ctxcsn ); - if ( op->o_sync_csn.bv_val ) { - subseq_ptr = strstr( op->o_sync_csn.bv_val, "#0000" ); - subseq_ptr += 4; - *subseq_ptr = '1'; + } else if ( !bvmatch( &a->a_nvals[0], syncUUID ) ) { + /* replace only if necessary */ + if ( a->a_nvals != a->a_vals ) { + ber_memfree( a->a_nvals[0].bv_val ); + ber_dupbv( &a->a_nvals[0], syncUUID ); + } + ber_memfree( a->a_vals[0].bv_val ); + ber_dupbv( &a->a_vals[0], &syncUUID_strrep ); } - - op->o_req_dn = si->si_syncUUID_ndn; - op->o_req_ndn = si->si_syncUUID_ndn; - op->o_tag = LDAP_REQ_DELETE; - rc = be->be_delete( op, &rs_delete ); - - org_req_dn = op->o_req_dn; - org_req_ndn = op->o_req_ndn; - org_dn = op->o_dn; - org_ndn = op->o_ndn; - org_managedsait = get_manageDSAit( op ); - op->o_dn = op->o_bd->be_rootdn; - op->o_ndn = op->o_bd->be_rootndn; - op->o_managedsait = 1; - - while ( rs_delete.sr_err == LDAP_SUCCESS && op->o_delete_glue_parent ) { - op->o_delete_glue_parent = 0; - if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) { - slap_callback cb = { NULL }; - cb.sc_response = slap_null_cb; - dnParent( &op->o_req_ndn, &pdn ); - op->o_req_dn = pdn; - op->o_req_ndn = pdn; - op->o_callback = &cb; - op->o_bd->be_delete( op, &rs_delete ); - } else { - break; - } + /* Don't save the contextCSN on the inooming context entry, + * we'll write it when syncrepl_updateCookie eventually + * gets called. (ITS#4622) + */ + if ( syncstate == LDAP_SYNC_ADD && dn_match( &entry->e_nname, + &be->be_nsuffix[0] )) { + Attribute **ap; + for ( ap = &entry->e_attrs; *ap; ap=&(*ap)->a_next ) { + a = *ap; + if ( a->a_desc == slap_schema.si_ad_contextCSN ) { + *ap = a->a_next; + attr_free( a ); + break; + } + } } - - op->o_managedsait = org_managedsait; - op->o_dn = org_dn; - op->o_ndn = org_ndn; - op->o_req_dn = org_req_dn; - op->o_req_ndn = org_req_ndn; - op->o_delete_glue_parent = 0; - - op->o_no_psearch = 0; } + slap_op_time( &op->o_time, &op->o_tincr ); switch ( syncstate ) { case LDAP_SYNC_ADD: case LDAP_SYNC_MODIFY: - if ( rs_search.sr_err == LDAP_SUCCESS || - rs_search.sr_err == LDAP_REFERRAL || - rs_search.sr_err == LDAP_NO_SUCH_OBJECT || - rs_search.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) { - attr_delete( &e->e_attrs, slap_schema.si_ad_entryUUID ); - attr_merge_one( e, slap_schema.si_ad_entryUUID, - &syncUUID_strrep, syncUUID ); + Attribute *a = attr_find( entry->e_attrs, slap_schema.si_ad_entryCSN ); + if ( a ) + op->o_csn = a->a_vals[0]; + } +retry_add:; + if ( BER_BVISNULL( &dni.dn )) { + op->o_req_dn = entry->e_name; + op->o_req_ndn = entry->e_nname; op->o_tag = LDAP_REQ_ADD; - op->ora_e = e; - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; + op->ora_e = entry; rc = be->be_add( op, &rs_add ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d be_add (%d)\n", + si->si_rid, rc, 0 ); + switch ( rs_add.sr_err ) { + case LDAP_SUCCESS: + be_entry_release_w( op, entry ); + entry = NULL; + break; + + case LDAP_REFERRAL: + /* we assume that LDAP_NO_SUCH_OBJECT is returned + * only if the suffix entry is not present */ + case LDAP_NO_SUCH_OBJECT: + rc = syncrepl_add_glue( op, entry ); + entry = NULL; + break; + + /* if an entry was added via syncrepl_add_glue(), + * it likely has no entryUUID, so the previous + * be_search() doesn't find it. In this case, + * give syncrepl a chance to modify it. Also + * allow for entries that were recreated with the + * same DN but a different entryUUID. + */ + case LDAP_ALREADY_EXISTS: + if ( retry ) { + Operation op2 = *op; + SlapReply rs2 = { 0 }; + slap_callback cb2 = { 0 }; + + op2.o_tag = LDAP_REQ_SEARCH; + op2.o_req_dn = entry->e_name; + op2.o_req_ndn = entry->e_nname; + op2.ors_scope = LDAP_SCOPE_BASE; + op2.ors_deref = LDAP_DEREF_NEVER; + op2.ors_attrs = slap_anlist_all_attributes; + op2.ors_attrsonly = 0; + op2.ors_limit = NULL; + op2.ors_slimit = 1; + op2.ors_tlimit = SLAP_NO_LIMIT; + + f.f_choice = LDAP_FILTER_PRESENT; + f.f_desc = slap_schema.si_ad_objectClass; + op2.ors_filter = &f; + op2.ors_filterstr = generic_filterstr; + + op2.o_callback = &cb2; + cb2.sc_response = dn_callback; + cb2.sc_private = &dni; + + rc = be->be_search( &op2, &rs2 ); + if ( rc ) goto done; + + retry = 0; + slap_op_time( &op->o_time, &op->o_tincr ); + goto retry_add; + } + /* FALLTHRU */ - if ( rs_add.sr_err != LDAP_SUCCESS ) { - if ( rs_add.sr_err == LDAP_ALREADY_EXISTS && - rs_search.sr_err != LDAP_NO_SUCH_OBJECT ) { - Modifications *mod; - Modifications *modtail = modlist; + default: + Debug( LDAP_DEBUG_ANY, + "syncrepl_entry: rid %03d be_add failed (%d)\n", + si->si_rid, rs_add.sr_err, 0 ); + break; + } + goto done; + } + /* FALLTHRU */ + op->o_req_dn = dni.dn; + op->o_req_ndn = dni.ndn; + if ( dni.renamed ) { + struct berval noldp, newp, nnewp; + + op->o_tag = LDAP_REQ_MODRDN; + dnRdn( &entry->e_name, &op->orr_newrdn ); + dnRdn( &entry->e_nname, &op->orr_nnewrdn ); + + dnParent( &dni.ndn, &noldp ); + dnParent( &entry->e_nname, &nnewp ); + if ( !dn_match( &noldp, &nnewp )) { + dnParent( &entry->e_name, &newp ); + op->orr_newSup = &newp; + op->orr_nnewSup = &nnewp; + } else { + op->orr_newSup = NULL; + op->orr_nnewSup = NULL; + } + op->orr_deleteoldrdn = 0; + rc = be->be_modrdn( op, &rs_modify ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d be_modrdn (%d)\n", + si->si_rid, rc, 0 ); + if ( rs_modify.sr_err == LDAP_SUCCESS ) { + op->o_req_dn = entry->e_name; + op->o_req_ndn = entry->e_nname; + } else { + goto done; + } + if ( dni.wasChanged ) + slap_op_time( &op->o_time, &op->o_tincr ); + } + if ( dni.wasChanged ) { + Modifications *mod, *modhead = NULL; + Modifications *modtail = NULL; + int i; - assert( modlist ); + op->o_tag = LDAP_REQ_MODIFY; - for ( mod = modlist; mod != NULL; mod = mod->sml_next ) { - modtail = mod; - } + assert( *modlist != NULL ); - mod = (Modifications *)ch_calloc(1, sizeof(Modifications)); - ber_dupbv( &uuid_bv, syncUUID ); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_entryUUID; - mod->sml_type = mod->sml_desc->ad_cname; - ber_bvarray_add( &mod->sml_values, &uuid_bv ); + /* Delete all the old attrs */ + for ( i = 0; i < dni.attrs; i++ ) { + mod = ch_malloc( sizeof( Modifications ) ); + mod->sml_op = LDAP_MOD_DELETE; + mod->sml_flags = 0; + mod->sml_desc = dni.ads[i]; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = NULL; + mod->sml_nvalues = NULL; + if ( !modhead ) modhead = mod; + if ( modtail ) { modtail->sml_next = mod; - - op->o_tag = LDAP_REQ_MODIFY; - op->orm_modlist = modlist; - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; - - rc = be->be_modify( op, &rs_modify ); - if ( rs_modify.sr_err != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_modify failed (%d)\n", - rs_modify.sr_err, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "syncrepl_entry : be_modify failed (%d)\n", - rs_modify.sr_err, 0, 0 ); -#endif - } - ret = 1; - goto done; - } else if ( rs_modify.sr_err == LDAP_REFERRAL || - rs_modify.sr_err == LDAP_NO_SUCH_OBJECT ) { - syncrepl_add_glue( op, e ); - ret = 0; - goto done; - } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_add failed (%d)\n", - rs_add.sr_err, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "syncrepl_entry : be_add failed (%d)\n", - rs_add.sr_err, 0, 0 ); -#endif - ret = 1; - goto done; } + modtail = mod; + } + + /* Append passed in list to ours */ + if ( modtail ) { + modtail->sml_next = *modlist; + *modlist = modhead; } else { - be_entry_release_w( op, e ); - ret = 0; - goto done; + mod = *modlist; } - } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_search failed (%d)\n", - rs_search.sr_err, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "syncrepl_entry : be_search failed (%d)\n", - rs_search.sr_err, 0, 0 ); -#endif - ret = 1; - goto done; - } + /* Find end of this list */ + for ( ; mod != NULL; mod = mod->sml_next ) { + modtail = mod; + } + + mod = (Modifications *)ch_calloc(1, sizeof(Modifications)); + mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_flags = 0; + mod->sml_desc = slap_schema.si_ad_entryUUID; + mod->sml_type = mod->sml_desc->ad_cname; + ber_dupbv( &uuid_bv, &syncUUID_strrep ); + ber_bvarray_add( &mod->sml_values, &uuid_bv ); + ber_dupbv( &uuid_bv, syncUUID ); + ber_bvarray_add( &mod->sml_nvalues, &uuid_bv ); + modtail->sml_next = mod; + + op->o_tag = LDAP_REQ_MODIFY; + op->orm_modlist = *modlist; + + rc = be->be_modify( op, &rs_modify ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d be_modify (%d)\n", + si->si_rid, rc, 0 ); + if ( rs_modify.sr_err != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "syncrepl_entry: rid %03d be_modify failed (%d)\n", + si->si_rid, rs_modify.sr_err, 0 ); + } + } + goto done; case LDAP_SYNC_DELETE : - /* Already deleted */ - ret = 0; + if ( !BER_BVISNULL( &dni.dn )) { + op->o_req_dn = dni.dn; + op->o_req_ndn = dni.ndn; + op->o_tag = LDAP_REQ_DELETE; + rc = be->be_delete( op, &rs_delete ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_entry: rid %03d be_delete (%d)\n", + si->si_rid, rc, 0 ); + + while ( rs_delete.sr_err == LDAP_SUCCESS + && op->o_delete_glue_parent ) { + op->o_delete_glue_parent = 0; + if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) { + slap_callback cb = { NULL }; + cb.sc_response = slap_null_cb; + dnParent( &op->o_req_ndn, &pdn ); + op->o_req_dn = pdn; + op->o_req_ndn = pdn; + op->o_callback = &cb; + op->o_bd->be_delete( op, &rs_delete ); + } else { + break; + } + } + } goto done; default : -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : unknown syncstate\n", 0, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "syncrepl_entry : unknown syncstate\n", 0, 0, 0 ); -#endif - ret = 1; + "syncrepl_entry: rid %03d unknown syncstate\n", si->si_rid, 0, 0 ); goto done; } done : - - if ( syncUUID_strrep.bv_val ) { - ber_memfree_x( syncUUID_strrep.bv_val, op->o_tmpmemctx ); + if ( !BER_BVISNULL( &syncUUID_strrep ) ) { + slap_sl_free( syncUUID_strrep.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &syncUUID_strrep ); + } + if ( dni.ads ) { + op->o_tmpfree( dni.ads, op->o_tmpmemctx ); + } + if ( !BER_BVISNULL( &dni.ndn ) ) { + op->o_tmpfree( dni.ndn.bv_val, op->o_tmpmemctx ); } - if ( si->si_syncUUID_ndn.bv_val ) { - ber_memfree_x( si->si_syncUUID_ndn.bv_val, op->o_tmpmemctx ); + if ( !BER_BVISNULL( &dni.dn ) ) { + op->o_tmpfree( dni.dn.bv_val, op->o_tmpmemctx ); } - return ret; + if ( entry ) + entry_free( entry ); + BER_BVZERO( &op->o_csn ); + return rc; } static struct berval gcbva[] = { @@ -1366,10 +2051,14 @@ static struct berval gcbva[] = { BER_BVNULL }; +#define NP_DELETE_ONE 2 + static void syncrepl_del_nonpresent( Operation *op, - syncinfo_t *si ) + syncinfo_t *si, + BerVarray uuids, + struct berval *cookiecsn ) { Backend* be = op->o_bd; slap_callback cb = { NULL }; @@ -1378,20 +2067,10 @@ syncrepl_del_nonpresent( SlapReply rs_modify = {REP_RESULT}; struct nonpresent_entry *np_list, *np_prev; int rc; - Modifications *ml; - Modifications *mlnext; - Modifications *mod; - Modifications *modlist = NULL; - Modifications **modtail = &modlist; - Attribute *attr; AttributeName an[2]; struct berval pdn = BER_BVNULL; - struct berval org_req_dn = BER_BVNULL; - struct berval org_req_ndn = BER_BVNULL; - struct berval org_dn = BER_BVNULL; - struct berval org_ndn = BER_BVNULL; - int org_managedsait; + struct berval csn; op->o_req_dn = si->si_base; op->o_req_ndn = si->si_base; @@ -1405,30 +2084,64 @@ syncrepl_del_nonpresent( op->ors_deref = LDAP_DEREF_NEVER; op->o_time = slap_get_time(); op->ors_tlimit = SLAP_NO_LIMIT; - op->ors_slimit = SLAP_NO_LIMIT; - memset( &an[0], 0, 2 * sizeof( AttributeName ) ); - an[0].an_name = slap_schema.si_ad_entryUUID->ad_cname; - an[0].an_desc = slap_schema.si_ad_entryUUID; - op->ors_attrs = an; - op->ors_attrsonly = 0; - op->ors_filter = str2filter_x( op, si->si_filterstr.bv_val ); - op->ors_filterstr = si->si_filterstr; - - op->o_nocaching = 1; - op->o_managedsait = 0; - - if ( limits_check( op, &rs_search ) == 0 ) { - rc = be->be_search( op, &rs_search ); + if ( uuids ) { + Filter uf; +#ifdef LDAP_COMP_MATCH + AttributeAssertion eq = { NULL, BER_BVNULL, NULL }; +#else + AttributeAssertion eq = { NULL, BER_BVNULL }; +#endif + int i; + + op->ors_attrsonly = 1; + op->ors_attrs = slap_anlist_no_attrs; + op->ors_limit = NULL; + op->ors_filter = &uf; + + uf.f_ava = &eq; + uf.f_av_desc = slap_schema.si_ad_entryUUID; + uf.f_next = NULL; + uf.f_choice = LDAP_FILTER_EQUALITY; + si->si_refreshDelete |= NP_DELETE_ONE; + + for (i=0; uuids[i].bv_val; i++) { + op->ors_slimit = 1; + uf.f_av_value = uuids[i]; + filter2bv_x( op, op->ors_filter, &op->ors_filterstr ); + rc = be->be_search( op, &rs_search ); + op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx ); + } + si->si_refreshDelete ^= NP_DELETE_ONE; + } else { + memset( &an[0], 0, 2 * sizeof( AttributeName ) ); + an[0].an_name = slap_schema.si_ad_entryUUID->ad_cname; + an[0].an_desc = slap_schema.si_ad_entryUUID; + op->ors_attrs = an; + op->ors_slimit = SLAP_NO_LIMIT; + op->ors_attrsonly = 0; + op->ors_filter = str2filter_x( op, si->si_filterstr.bv_val ); + op->ors_filterstr = si->si_filterstr; + op->o_nocaching = 1; + + if ( limits_check( op, &rs_search ) == 0 ) { + rc = be->be_search( op, &rs_search ); + } + if ( op->ors_filter ) filter_free_x( op, op->ors_filter ); } - op->o_managedsait = 1; op->o_nocaching = 0; - if ( op->ors_filter ) filter_free_x( op, op->ors_filter ); - if ( !LDAP_LIST_EMPTY( &si->si_nonpresentlist ) ) { + + if ( cookiecsn && !BER_BVISNULL( cookiecsn )) + csn = *cookiecsn; + else + csn = si->si_syncCookie.ctxcsn; + + slap_queue_csn( op, &csn ); + np_list = LDAP_LIST_FIRST( &si->si_nonpresentlist ); while ( np_list != NULL ) { LDAP_LIST_REMOVE( np_list, npe_link ); @@ -1441,44 +2154,35 @@ syncrepl_del_nonpresent( op->o_req_dn = *np_prev->npe_name; op->o_req_ndn = *np_prev->npe_nname; rc = op->o_bd->be_delete( op, &rs_delete ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_del_nonpresent: rid %03d be_delete %s (%d)\n", + si->si_rid, op->o_req_dn.bv_val, rc ); if ( rs_delete.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) { - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_objectClass; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = &gcbva[0]; - *modtail = mod; - modtail = &mod->sml_next; - - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_structuralObjectClass; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = &gcbva[1]; - *modtail = mod; - modtail = &mod->sml_next; + Modifications mod1, mod2; + mod1.sml_op = LDAP_MOD_REPLACE; + mod1.sml_flags = 0; + mod1.sml_desc = slap_schema.si_ad_objectClass; + mod1.sml_type = mod1.sml_desc->ad_cname; + mod1.sml_values = &gcbva[0]; + mod1.sml_nvalues = NULL; + mod1.sml_next = &mod2; + + mod2.sml_op = LDAP_MOD_REPLACE; + mod2.sml_flags = 0; + mod2.sml_desc = slap_schema.si_ad_structuralObjectClass; + mod2.sml_type = mod2.sml_desc->ad_cname; + mod2.sml_values = &gcbva[1]; + mod2.sml_nvalues = NULL; + mod2.sml_next = NULL; op->o_tag = LDAP_REQ_MODIFY; - op->orm_modlist = modlist; + op->orm_modlist = &mod1; rc = be->be_modify( op, &rs_modify ); - - for ( ml = modlist; ml != NULL; ml = mlnext ) { - mlnext = ml->sml_next; - free( ml ); - } + if ( mod2.sml_next ) slap_mods_free( mod2.sml_next, 1 ); } - org_req_dn = op->o_req_dn; - org_req_ndn = op->o_req_ndn; - org_dn = op->o_dn; - org_ndn = op->o_ndn; - org_managedsait = get_manageDSAit( op ); - op->o_dn = op->o_bd->be_rootdn; - op->o_ndn = op->o_bd->be_rootndn; - op->o_managedsait = 1; - while ( rs_delete.sr_err == LDAP_SUCCESS && op->o_delete_glue_parent ) { op->o_delete_glue_parent = 0; @@ -1496,25 +2200,22 @@ syncrepl_del_nonpresent( } } - op->o_managedsait = org_managedsait; - op->o_dn = org_dn; - op->o_ndn = org_ndn; - op->o_req_dn = org_req_dn; - op->o_req_ndn = org_req_ndn; op->o_delete_glue_parent = 0; ber_bvfree( np_prev->npe_name ); ber_bvfree( np_prev->npe_nname ); - op->o_req_dn.bv_val = NULL; - op->o_req_ndn.bv_val = NULL; ch_free( np_prev ); } + + slap_graduate_commit_csn( op ); + op->o_tmpfree( op->o_csn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_csn ); } return; } -void +int syncrepl_add_glue( Operation* op, Entry *e ) @@ -1525,11 +2226,12 @@ syncrepl_add_glue( int rc; int suffrdns; int i; - struct berval dn = {0, NULL}; - struct berval ndn = {0, NULL}; + struct berval dn = BER_BVNULL; + struct berval ndn = BER_BVNULL; Entry *glue; SlapReply rs_add = {REP_RESULT}; - char *ptr, *comma; + struct berval ptr, nptr; + char *comma; op->o_tag = LDAP_REQ_ADD; op->o_callback = &cb; @@ -1540,9 +2242,11 @@ syncrepl_add_glue( ndn = e->e_nname; /* count RDNs in suffix */ - if ( be->be_nsuffix[0].bv_len ) { - for (i=0, ptr=be->be_nsuffix[0].bv_val; ptr; ptr=strchr( ptr, ',' )) { - ptr++; + if ( !BER_BVISEMPTY( &be->be_nsuffix[0] ) ) { + for ( i = 0, ptr = be->be_nsuffix[0], comma = ptr.bv_val; comma != NULL; comma = ber_bvchr( &ptr, ',' ) ) { + comma++; + ptr.bv_len -= comma - ptr.bv_val; + ptr.bv_val = comma; i++; } suffrdns = i; @@ -1552,23 +2256,34 @@ syncrepl_add_glue( } /* Start with BE suffix */ - for ( i = 0, ptr = NULL; i < suffrdns; i++ ) { - comma = strrchr(dn.bv_val, ','); - if ( ptr ) *ptr = ','; - if ( comma ) *comma = '\0'; - ptr = comma; + ptr = dn; + for ( i = 0; i < suffrdns; i++ ) { + comma = ber_bvrchr( &ptr, ',' ); + if ( comma != NULL ) { + ptr.bv_len = comma - ptr.bv_val; + } else { + ptr.bv_len = 0; + break; + } } - if ( ptr ) { - *ptr++ = ','; - dn.bv_len -= ptr - dn.bv_val; - dn.bv_val = ptr; + + if ( !BER_BVISEMPTY( &ptr ) ) { + dn.bv_len -= ptr.bv_len + 1; + dn.bv_val += ptr.bv_len + 1; } + /* the normalizedDNs are always the same length, no counting * required. */ + nptr = ndn; if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) { ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len; ndn.bv_len = be->be_nsuffix[0].bv_len; + + nptr.bv_len = ndn.bv_val - nptr.bv_val - 1; + + } else { + nptr.bv_len = 0; } while ( ndn.bv_val > e->e_nname.bv_val ) { @@ -1610,23 +2325,28 @@ syncrepl_add_glue( } else { /* incl. ALREADY EXIST */ entry_free( glue ); + if ( rs_add.sr_err != LDAP_ALREADY_EXISTS ) { + entry_free( e ); + return rc; + } } /* Move to next child */ - for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--) { - /* empty */ - } - if ( ptr == e->e_name.bv_val ) break; - dn.bv_val = ++ptr; - dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val); - for( ptr = ndn.bv_val-2; - ptr > e->e_nname.bv_val && *ptr != ','; - ptr--) - { - /* empty */ + comma = ber_bvrchr( &ptr, ',' ); + if ( comma == NULL ) { + break; } - ndn.bv_val = ++ptr; - ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val); + ptr.bv_len = comma - ptr.bv_val; + + dn.bv_val = ++comma; + dn.bv_len = e->e_name.bv_len - (dn.bv_val - e->e_name.bv_val); + + comma = ber_bvrchr( &nptr, ',' ); + assert( comma != NULL ); + nptr.bv_len = comma - nptr.bv_val; + + ndn.bv_val = ++comma; + ndn.bv_len = e->e_nname.bv_len - (ndn.bv_val - e->e_nname.bv_val); } op->o_req_dn = e->e_name; @@ -1639,32 +2359,10 @@ syncrepl_add_glue( entry_free( e ); } - return; + return rc; } -static struct berval ocbva[] = { - BER_BVC("top"), - BER_BVC("subentry"), - BER_BVC("syncConsumerSubentry"), - BER_BVNULL -}; - -static struct berval cnbva[] = { - BER_BVNULL, - BER_BVNULL -}; - -static struct berval ssbva[] = { - BER_BVC("{}"), - BER_BVNULL -}; - -static struct berval scbva[] = { - BER_BVNULL, - BER_BVNULL -}; - -void +static void syncrepl_updateCookie( syncinfo_t *si, Operation *op, @@ -1672,257 +2370,154 @@ syncrepl_updateCookie( struct sync_cookie *syncCookie ) { Backend *be = op->o_bd; - Modifications *ml; - Modifications *mlnext; - Modifications *mod; - Modifications *modlist = NULL; - Modifications **modtail = &modlist; - - const char *text; - char txtbuf[SLAP_TEXT_BUFLEN]; - size_t textlen = sizeof txtbuf; + Modifications mod = { { 0 } }; + struct berval vals[ 2 ]; - Entry* e = NULL; - int rc; + int rc, dbflags; - char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)]; - struct berval slap_syncrepl_dn_bv = BER_BVNULL; - struct berval slap_syncrepl_cn_bv = BER_BVNULL; - slap_callback cb = { NULL }; - SlapReply rs_add = {REP_RESULT}; SlapReply rs_modify = {REP_RESULT}; slap_sync_cookie_free( &si->si_syncCookie, 0 ); slap_dup_sync_cookie( &si->si_syncCookie, syncCookie ); - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_objectClass; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = ocbva; - *modtail = mod; - modtail = &mod->sml_next; + mod.sml_op = LDAP_MOD_REPLACE; + mod.sml_desc = slap_schema.si_ad_contextCSN; + mod.sml_type = mod.sml_desc->ad_cname; + mod.sml_values = vals; + vals[0] = si->si_syncCookie.ctxcsn; + vals[1].bv_val = NULL; + vals[1].bv_len = 0; - ber_dupbv( &cnbva[0], (struct berval *) &slap_syncrepl_bvc ); - assert( si->si_rid < 1000 ); - cnbva[0].bv_len = snprintf( cnbva[0].bv_val, - slap_syncrepl_bvc.bv_len + 1, - "syncrepl%ld", si->si_rid ); - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_cn; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = cnbva; - *modtail = mod; - modtail = &mod->sml_next; - - if ( scbva[0].bv_val ) ch_free( scbva[0].bv_val ); - ber_dupbv( &scbva[0], &si->si_syncCookie.octet_str[0] ); - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_syncreplCookie; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = scbva; - *modtail = mod; - modtail = &mod->sml_next; - - mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); - mod->sml_op = LDAP_MOD_REPLACE; - mod->sml_desc = slap_schema.si_ad_subtreeSpecification; - mod->sml_type = mod->sml_desc->ad_cname; - mod->sml_values = ssbva; - *modtail = mod; - modtail = &mod->sml_next; - - mlnext = mod; - - op->o_tag = LDAP_REQ_ADD; - rc = slap_mods_opattrs( op, modlist, modtail, - &text, txtbuf, textlen ); + slap_queue_csn( op, &si->si_syncCookie.ctxcsn ); - for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { - ml->sml_op = LDAP_MOD_REPLACE; - } - - if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_updateCookie: mods opattrs (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods opattrs (%s)\n", - text, 0, 0 ); -#endif - } - - e = ( Entry * ) ch_calloc( 1, sizeof( Entry )); + op->o_tag = LDAP_REQ_MODIFY; - slap_syncrepl_cn_bv.bv_val = syncrepl_cbuf; assert( si->si_rid < 1000 ); - slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val, - slap_syncrepl_cn_bvc.bv_len + 1, - "cn=syncrepl%ld", si->si_rid ); - - build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, - op->o_tmpmemctx ); - ber_dupbv( &e->e_name, &slap_syncrepl_dn_bv ); - ber_dupbv( &e->e_nname, &slap_syncrepl_dn_bv ); - - if ( slap_syncrepl_dn_bv.bv_val ) { - slap_sl_free( slap_syncrepl_dn_bv.bv_val, op->o_tmpmemctx ); - } - - e->e_attrs = NULL; - - rc = slap_mods2entry( modlist, &e, 1, 1, &text, txtbuf, textlen ); - - if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_updateCookie: mods2entry (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods2entry (%s)\n", - text, 0, 0 ); -#endif - } cb.sc_response = null_callback; cb.sc_private = si; op->o_callback = &cb; - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; - - /* update persistent cookie */ -update_cookie_retry: - op->o_tag = LDAP_REQ_MODIFY; - op->orm_modlist = modlist; + op->o_req_dn = op->o_bd->be_suffix[0]; + op->o_req_ndn = op->o_bd->be_nsuffix[0]; + + /* update contextCSN */ + op->o_msgid = SLAP_SYNC_UPDATE_MSGID; + op->orm_modlist = &mod; + dbflags = SLAP_DBFLAGS(op->o_bd); + SLAP_DBFLAGS(op->o_bd) |= SLAP_DBFLAG_NOLASTMOD; rc = be->be_modify( op, &rs_modify ); + SLAP_DBFLAGS(op->o_bd) = dbflags; + op->o_msgid = 0; if ( rs_modify.sr_err != LDAP_SUCCESS ) { - if ( rs_modify.sr_err == LDAP_REFERRAL || - rs_modify.sr_err == LDAP_NO_SUCH_OBJECT ) { - op->o_tag = LDAP_REQ_ADD; - op->ora_e = e; - rc = be->be_add( op, &rs_add ); - if ( rs_add.sr_err != LDAP_SUCCESS ) { - if ( rs_add.sr_err == LDAP_ALREADY_EXISTS ) { - goto update_cookie_retry; - } else if ( rs_add.sr_err == LDAP_REFERRAL || - rs_add.sr_err == LDAP_NO_SUCH_OBJECT ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "cookie will be non-persistent\n", - 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "cookie will be non-persistent\n", - 0, 0, 0 ); -#endif - } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "be_add failed (%d)\n", rs_add.sr_err, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "be_add failed (%d)\n", rs_add.sr_err, 0, 0 ); -#endif - } - } else { - be_entry_release_w( op, e ); - goto done; - } - } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 ); -#endif - } - } - - if ( e != NULL ) { - entry_free( e ); - } - -done : - - if ( cnbva[0].bv_val ) { - ch_free( cnbva[0].bv_val ); - cnbva[0].bv_val = NULL; - } - if ( scbva[0].bv_val ) { - ch_free( scbva[0].bv_val ); - scbva[0].bv_val = NULL; - } - - if ( mlnext->sml_next ) { - slap_mods_free( mlnext->sml_next ); - mlnext->sml_next = NULL; + Debug( LDAP_DEBUG_ANY, + "syncrepl_updateCookie: rid %03d be_modify failed (%d)\n", + si->si_rid, rs_modify.sr_err, 0 ); } - for (ml = modlist ; ml != NULL; ml = mlnext ) { - mlnext = ml->sml_next; - free( ml ); - } + slap_graduate_commit_csn( op ); + op->o_tmpfree( op->o_csn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_csn ); + if ( mod.sml_next ) slap_mods_free( mod.sml_next, 1 ); return; } -int -syncrepl_isupdate( Operation *op ) -{ - return ( syncrepl_isupdate_dn( op->o_bd, &op->o_ndn )); -} - -int -syncrepl_isupdate_dn( - Backend* be, - struct berval* ndn ) -{ - syncinfo_t* si; - int ret = 0; - - if ( !LDAP_STAILQ_EMPTY( &be->be_syncinfo )) { - LDAP_STAILQ_FOREACH( si, &be->be_syncinfo, si_next ) { - if ( ( ret = dn_match( &si->si_updatedn, ndn ) ) ) { - return ret; - } - } - } - return 0; -} - static int dn_callback( Operation* op, SlapReply* rs ) { - syncinfo_t *si = op->o_callback->sc_private; + dninfo *dni = op->o_callback->sc_private; if ( rs->sr_type == REP_SEARCH ) { - if ( si->si_syncUUID_ndn.bv_val != NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "dn_callback : consistency error - entryUUID is not unique\n", 0, 0, 0 ); -#else + if ( !BER_BVISNULL( &dni->dn ) ) { Debug( LDAP_DEBUG_ANY, - "dn_callback : consistency error - entryUUID is not unique\n", 0, 0, 0 ); -#endif + "dn_callback: consistency error - " + "entryUUID is not unique\n", 0, 0, 0 ); } else { - ber_dupbv_x( &si->si_syncUUID_ndn, &rs->sr_entry->e_nname, op->o_tmpmemctx ); + ber_dupbv_x( &dni->dn, &rs->sr_entry->e_name, op->o_tmpmemctx ); + ber_dupbv_x( &dni->ndn, &rs->sr_entry->e_nname, op->o_tmpmemctx ); + /* If there is a new entry, see if it differs from the old. + * We compare the non-normalized values so that cosmetic changes + * in the provider are always propagated. + */ + if ( dni->new_entry ) { + Attribute *old, *new; + int i; + + /* Did the DN change? Note that we don't explicitly try to + * discover if the deleteOldRdn argument applies here. It + * would save an unnecessary Modify if we detected it, but + * that's a fair amount of trouble to compare the two attr + * lists in detail. (Just test normalized DN; we ignore + * insignificant changes here.) + */ + if ( !dn_match( &rs->sr_entry->e_nname, + &dni->new_entry->e_nname ) ) + { + dni->renamed = 1; + } + + for ( i = 0, old = rs->sr_entry->e_attrs; + old; + i++, old = old->a_next ) + ; + + dni->attrs = i; + + /* We assume that attributes are saved in the same order + * in the remote and local databases. So if we walk through + * the attributeDescriptions one by one they should match in + * lock step. If not, we signal a change. Otherwise we test + * all the values... + */ + for ( old = rs->sr_entry->e_attrs, new = dni->new_entry->e_attrs; + old && new; + old = old->a_next, new = new->a_next ) + { + if ( old->a_desc != new->a_desc ) { + dni->wasChanged = 1; + break; + } + for ( i = 0; ; i++ ) { + int nold, nnew; + nold = BER_BVISNULL( &old->a_vals[i] ); + nnew = BER_BVISNULL( &new->a_vals[i] ); + /* If both are empty, stop looking */ + if ( nold && nnew ) { + break; + } + /* If they are different, stop looking */ + if ( nold != nnew ) { + dni->wasChanged = 1; + break; + } + if ( ber_bvcmp( &old->a_vals[i], &new->a_vals[i] )) { + dni->wasChanged = 1; + break; + } + } + if ( dni->wasChanged ) break; + } + if ( dni->wasChanged ) { + dni->ads = op->o_tmpalloc( dni->attrs * + sizeof(AttributeDescription *), op->o_tmpmemctx ); + i = 0; + for ( old = rs->sr_entry->e_attrs; old; old = old->a_next ) { + dni->ads[i] = old->a_desc; + i++; + } + } + } } } else if ( rs->sr_type == REP_RESULT ) { if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "dn_callback : consistency error - entryUUID is not unique\n", 0, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "dn_callback : consistency error - entryUUID is not unique\n", 0, 0, 0 ); -#endif + "dn_callback: consistency error - " + "entryUUID is not unique\n", 0, 0, 0 ); } } @@ -1945,12 +2540,14 @@ nonpresent_callback( si->si_presentlist = NULL; } else if ( rs->sr_type == REP_SEARCH ) { - a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID ); + if ( !(si->si_refreshDelete & NP_DELETE_ONE )) { + a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID ); - if ( a == NULL ) return 0; + if ( a == NULL ) return 0; - present_uuid = avl_find( si->si_presentlist, &a->a_nvals[0], - syncuuid_cmp ); + present_uuid = avl_find( si->si_presentlist, &a->a_nvals[0], + syncuuid_cmp ); + } if ( present_uuid == NULL ) { np_entry = (struct nonpresent_entry *) @@ -1980,55 +2577,14 @@ null_callback( rs->sr_err != LDAP_NO_SUCH_OBJECT && rs->sr_err != LDAP_NOT_ALLOWED_ON_NONLEAF ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "null_callback : error code 0x%x\n", - rs->sr_err, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "null_callback : error code 0x%x\n", + "null_callback: error code 0x%x\n", rs->sr_err, 0, 0 ); -#endif } return LDAP_SUCCESS; } -Entry * -slap_create_syncrepl_entry( - Backend *be, - struct berval *context_csn, - struct berval *rdn, - struct berval *cn ) -{ - Entry* e; - - struct berval bv; - - e = ( Entry * ) ch_calloc( 1, sizeof( Entry )); - - attr_merge( e, slap_schema.si_ad_objectClass, ocbva, NULL ); - - attr_merge_one( e, slap_schema.si_ad_structuralObjectClass, - &ocbva[1], NULL ); - - attr_merge_one( e, slap_schema.si_ad_cn, cn, NULL ); - - if ( context_csn ) { - attr_merge_one( e, slap_schema.si_ad_syncreplCookie, - context_csn, NULL ); - } - - bv.bv_val = "{}"; - bv.bv_len = sizeof("{}")-1; - attr_merge_one( e, slap_schema.si_ad_subtreeSpecification, &bv, NULL ); - - build_new_dn( &e->e_name, &be->be_nsuffix[0], rdn, NULL ); - ber_dupbv( &e->e_nname, &e->e_name ); - - return e; -} - -struct berval * +static struct berval * slap_uuidstr_from_normalized( struct berval* uuidstr, struct berval* normalized, @@ -2045,12 +2601,17 @@ slap_uuidstr_from_normalized( new = uuidstr; } else { new = (struct berval *)slap_sl_malloc( sizeof(struct berval), ctx ); + if ( new == NULL ) { + return NULL; + } } new->bv_len = 36; - if (( new->bv_val = slap_sl_malloc( new->bv_len + 1, ctx )) == NULL) { - if ( !uuidstr ) slap_sl_free( new, ctx ); + if ( ( new->bv_val = slap_sl_malloc( new->bv_len + 1, ctx ) ) == NULL ) { + if ( new != uuidstr ) { + slap_sl_free( new, ctx ); + } return NULL; } @@ -2090,11 +2651,830 @@ syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 ) } static void -avl_ber_bvfree( void *bv ) +avl_ber_bvfree( void *v_bv ) { - if( bv == NULL ) return; - if ( ((struct berval *)bv)->bv_val != NULL ) { - ch_free( ((struct berval *)bv)->bv_val ); + struct berval *bv = (struct berval *)v_bv; + + if( v_bv == NULL ) return; + if ( !BER_BVISNULL( bv ) ) { + ch_free( bv->bv_val ); } ch_free( (char *) bv ); } + +void +syncinfo_free( syncinfo_t *sie ) +{ + if ( sie->si_ld ) { + if ( sie->si_conn_setup ) { + ber_socket_t s; + ldap_get_option( sie->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + sie->si_conn_setup = 0; + } + ldap_unbind_ext( sie->si_ld, NULL, NULL ); + } + + ldap_pvt_thread_mutex_destroy( &sie->si_mutex ); + + bindconf_free( &sie->si_bindconf ); + + if ( sie->si_filterstr.bv_val ) { + ch_free( sie->si_filterstr.bv_val ); + } + if ( sie->si_base.bv_val ) { + ch_free( sie->si_base.bv_val ); + } + if ( sie->si_attrs ) { + int i = 0; + while ( sie->si_attrs[i] != NULL ) { + ch_free( sie->si_attrs[i] ); + i++; + } + ch_free( sie->si_attrs ); + } + if ( sie->si_exattrs ) { + int i = 0; + while ( sie->si_exattrs[i] != NULL ) { + ch_free( sie->si_exattrs[i] ); + i++; + } + ch_free( sie->si_exattrs ); + } + if ( sie->si_anlist ) { + int i = 0; + while ( sie->si_anlist[i].an_name.bv_val != NULL ) { + ch_free( sie->si_anlist[i].an_name.bv_val ); + i++; + } + ch_free( sie->si_anlist ); + } + if ( sie->si_exanlist ) { + int i = 0; + while ( sie->si_exanlist[i].an_name.bv_val != NULL ) { + ch_free( sie->si_exanlist[i].an_name.bv_val ); + i++; + } + ch_free( sie->si_exanlist ); + } + if ( sie->si_retryinterval ) { + ch_free( sie->si_retryinterval ); + } + if ( sie->si_retrynum ) { + ch_free( sie->si_retrynum ); + } + if ( sie->si_retrynum_init ) { + ch_free( sie->si_retrynum_init ); + } + slap_sync_cookie_free( &sie->si_syncCookie, 0 ); + if ( sie->si_presentlist ) { + avl_free( sie->si_presentlist, avl_ber_bvfree ); + } + while ( !LDAP_LIST_EMPTY( &sie->si_nonpresentlist )) { + struct nonpresent_entry* npe; + npe = LDAP_LIST_FIRST( &sie->si_nonpresentlist ); + LDAP_LIST_REMOVE( npe, npe_link ); + if ( npe->npe_name ) { + if ( npe->npe_name->bv_val ) { + ch_free( npe->npe_name->bv_val ); + } + ch_free( npe->npe_name ); + } + if ( npe->npe_nname ) { + if ( npe->npe_nname->bv_val ) { + ch_free( npe->npe_nname->bv_val ); + } + ch_free( npe->npe_nname ); + } + ch_free( npe ); + } + ch_free( sie ); +} + + + +/* NOTE: used & documented in slapd.conf(5) */ +#define IDSTR "rid" +#define PROVIDERSTR "provider" +#define SCHEMASTR "schemachecking" +#define FILTERSTR "filter" +#define SEARCHBASESTR "searchbase" +#define SCOPESTR "scope" +#define ATTRSONLYSTR "attrsonly" +#define ATTRSSTR "attrs" +#define TYPESTR "type" +#define INTERVALSTR "interval" +#define RETRYSTR "retry" +#define SLIMITSTR "sizelimit" +#define TLIMITSTR "timelimit" +#define SYNCDATASTR "syncdata" + +/* FIXME: undocumented */ +#define LOGBASESTR "logbase" +#define LOGFILTERSTR "logfilter" +#define OLDAUTHCSTR "bindprincipal" +#define EXATTRSSTR "exattrs" +#define MANAGEDSAITSTR "manageDSAit" + +/* FIXME: unused */ +#define LASTMODSTR "lastmod" +#define LMGENSTR "gen" +#define LMNOSTR "no" +#define LMREQSTR "req" +#define SRVTABSTR "srvtab" +#define SUFFIXSTR "suffix" + +/* mandatory */ +#define GOT_ID 0x0001 +#define GOT_PROVIDER 0x0002 +#define GOT_BASE 0x0004 + +/* check */ +#define GOT_ALL (GOT_ID|GOT_PROVIDER|GOT_BASE) + +static struct { + struct berval key; + int val; +} scopes[] = { + { BER_BVC("base"), LDAP_SCOPE_BASE }, + { BER_BVC("one"), LDAP_SCOPE_ONELEVEL }, + { BER_BVC("onelevel"), LDAP_SCOPE_ONELEVEL }, /* OpenLDAP extension */ + { BER_BVC("children"), LDAP_SCOPE_SUBORDINATE }, + { BER_BVC("subordinate"), LDAP_SCOPE_SUBORDINATE }, + { BER_BVC("sub"), LDAP_SCOPE_SUBTREE }, + { BER_BVC("subtree"), LDAP_SCOPE_SUBTREE }, /* OpenLDAP extension */ + { BER_BVNULL, 0 } +}; + +static slap_verbmasks datamodes[] = { + { BER_BVC("default"), SYNCDATA_DEFAULT }, + { BER_BVC("accesslog"), SYNCDATA_ACCESSLOG }, + { BER_BVC("changelog"), SYNCDATA_CHANGELOG }, + { BER_BVNULL, 0 } +}; + +static int +parse_syncrepl_line( + ConfigArgs *c, + syncinfo_t *si ) +{ + int gots = 0; + int i; + char *val; + + for ( i = 1; i < c->argc; i++ ) { + if ( !strncasecmp( c->argv[ i ], IDSTR "=", + STRLENOF( IDSTR "=" ) ) ) + { + int tmp; + /* '\0' string terminator accounts for '=' */ + val = c->argv[ i ] + STRLENOF( IDSTR "=" ); + if ( lutil_atoi( &tmp, val ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unable to parse syncrepl id \"%s\"", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + if ( tmp >= 1000 || tmp < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "syncrepl id %d is out of range [0..999]", tmp ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + si->si_rid = tmp; + gots |= GOT_ID; + } else if ( !strncasecmp( c->argv[ i ], PROVIDERSTR "=", + STRLENOF( PROVIDERSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" ); + ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri ); + gots |= GOT_PROVIDER; + } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=", + STRLENOF( SCHEMASTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( SCHEMASTR "=" ); + if ( !strncasecmp( val, "on", STRLENOF( "on" ) )) { + si->si_schemachecking = 1; + } else if ( !strncasecmp( val, "off", STRLENOF( "off" ) ) ) { + si->si_schemachecking = 0; + } else { + si->si_schemachecking = 1; + } + } else if ( !strncasecmp( c->argv[ i ], FILTERSTR "=", + STRLENOF( FILTERSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( FILTERSTR "=" ); + if ( si->si_filterstr.bv_val ) + ch_free( si->si_filterstr.bv_val ); + ber_str2bv( val, 0, 1, &si->si_filterstr ); + } else if ( !strncasecmp( c->argv[ i ], LOGFILTERSTR "=", + STRLENOF( LOGFILTERSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( LOGFILTERSTR "=" ); + if ( si->si_logfilterstr.bv_val ) + ch_free( si->si_logfilterstr.bv_val ); + ber_str2bv( val, 0, 1, &si->si_logfilterstr ); + } else if ( !strncasecmp( c->argv[ i ], SEARCHBASESTR "=", + STRLENOF( SEARCHBASESTR "=" ) ) ) + { + struct berval bv; + int rc; + + val = c->argv[ i ] + STRLENOF( SEARCHBASESTR "=" ); + if ( si->si_base.bv_val ) { + ch_free( si->si_base.bv_val ); + } + ber_str2bv( val, 0, 0, &bv ); + rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_base, NULL ); + if ( rc != LDAP_SUCCESS ) { + snprintf( c->msg, sizeof( c->msg ), + "Invalid base DN \"%s\": %d (%s)", + val, rc, ldap_err2string( rc ) ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + if ( select_backend( &si->si_base, 0, 0 ) != c->be ) { + ber_memfree( si->si_base.bv_val ); + snprintf( c->msg, sizeof( c->msg ), + "Base DN \"%s\" is not within the database naming context", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + gots |= GOT_BASE; + } else if ( !strncasecmp( c->argv[ i ], LOGBASESTR "=", + STRLENOF( LOGBASESTR "=" ) ) ) + { + struct berval bv; + int rc; + + val = c->argv[ i ] + STRLENOF( LOGBASESTR "=" ); + if ( si->si_logbase.bv_val ) { + ch_free( si->si_logbase.bv_val ); + } + ber_str2bv( val, 0, 0, &bv ); + rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_logbase, NULL ); + if ( rc != LDAP_SUCCESS ) { + snprintf( c->msg, sizeof( c->msg ), + "Invalid logbase DN \"%s\": %d (%s)", + val, rc, ldap_err2string( rc ) ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } else if ( !strncasecmp( c->argv[ i ], SCOPESTR "=", + STRLENOF( SCOPESTR "=" ) ) ) + { + int j; + val = c->argv[ i ] + STRLENOF( SCOPESTR "=" ); + for ( j=0; !BER_BVISNULL(&scopes[j].key); j++ ) { + if (!strcasecmp( val, scopes[j].key.bv_val )) { + si->si_scope = scopes[j].val; + break; + } + } + if ( BER_BVISNULL(&scopes[j].key) ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unknown scope \"%s\"", val); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } else if ( !strncasecmp( c->argv[ i ], ATTRSONLYSTR, + STRLENOF( ATTRSONLYSTR ) ) ) + { + si->si_attrsonly = 1; + } else if ( !strncasecmp( c->argv[ i ], ATTRSSTR "=", + STRLENOF( ATTRSSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( ATTRSSTR "=" ); + if ( !strncasecmp( val, ":include:", STRLENOF(":include:") ) ) { + char *attr_fname; + attr_fname = ch_strdup( val + STRLENOF(":include:") ); + si->si_anlist = file2anlist( si->si_anlist, attr_fname, " ,\t" ); + if ( si->si_anlist == NULL ) { + ch_free( attr_fname ); + return -1; + } + si->si_anfile = attr_fname; + } else { + char *str, *s, *next; + char delimstr[] = " ,\t"; + str = ch_strdup( val ); + for ( s = ldap_pvt_strtok( str, delimstr, &next ); + s != NULL; + s = ldap_pvt_strtok( NULL, delimstr, &next ) ) + { + if ( strlen(s) == 1 && *s == '*' ) { + si->si_allattrs = 1; + *(val + ( s - str )) = delimstr[0]; + } + if ( strlen(s) == 1 && *s == '+' ) { + si->si_allopattrs = 1; + *(val + ( s - str )) = delimstr[0]; + } + } + ch_free( str ); + si->si_anlist = str2anlist( si->si_anlist, val, " ,\t" ); + if ( si->si_anlist == NULL ) { + return -1; + } + } + } else if ( !strncasecmp( c->argv[ i ], EXATTRSSTR "=", + STRLENOF( EXATTRSSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( EXATTRSSTR "=" ); + if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) { + char *attr_fname; + attr_fname = ch_strdup( val + STRLENOF(":include:") ); + si->si_exanlist = file2anlist( + si->si_exanlist, attr_fname, " ,\t" ); + if ( si->si_exanlist == NULL ) { + ch_free( attr_fname ); + return -1; + } + ch_free( attr_fname ); + } else { + si->si_exanlist = str2anlist( si->si_exanlist, val, " ,\t" ); + if ( si->si_exanlist == NULL ) { + return -1; + } + } + } else if ( !strncasecmp( c->argv[ i ], TYPESTR "=", + STRLENOF( TYPESTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( TYPESTR "=" ); + if ( !strncasecmp( val, "refreshOnly", + STRLENOF("refreshOnly") ) ) + { + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_ONLY; + } else if ( !strncasecmp( val, "refreshAndPersist", + STRLENOF("refreshAndPersist") ) ) + { + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_AND_PERSIST; + si->si_interval = 60; + } else { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unknown sync type \"%s\"", val); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } else if ( !strncasecmp( c->argv[ i ], INTERVALSTR "=", + STRLENOF( INTERVALSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( INTERVALSTR "=" ); + if ( si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ) { + si->si_interval = 0; + } else if ( strchr( val, ':' ) != NULL ) { + char *next, *ptr = val; + unsigned dd, hh, mm, ss; + + /* NOTE: the test for ptr[ 0 ] == '-' + * should go before the call to strtoul() */ + dd = strtoul( ptr, &next, 10 ); + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse days", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + ptr = next + 1; + hh = strtoul( ptr, &next, 10 ); + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' || hh > 24 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse hours", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + ptr = next + 1; + mm = strtoul( ptr, &next, 10 ); + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' || mm > 60 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse minutes", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + ptr = next + 1; + ss = strtoul( ptr, &next, 10 ); + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != '\0' || ss > 60 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse seconds", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + si->si_interval = (( dd * 24 + hh ) * 60 + mm ) * 60 + ss; + } else { + unsigned long t; + + if ( lutil_parse_time( val, &t ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\"", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + si->si_interval = (time_t)t; + } + if ( si->si_interval < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%ld\"", + (long) si->si_interval); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } else if ( !strncasecmp( c->argv[ i ], RETRYSTR "=", + STRLENOF( RETRYSTR "=" ) ) ) + { + char **retry_list; + int j, k, n; + + val = c->argv[ i ] + STRLENOF( RETRYSTR "=" ); + retry_list = (char **) ch_calloc( 1, sizeof( char * )); + retry_list[0] = NULL; + + slap_str2clist( &retry_list, val, " ,\t" ); + + for ( k = 0; retry_list && retry_list[k]; k++ ) ; + n = k / 2; + if ( k % 2 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: incomplete syncrepl retry list" ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + for ( k = 0; retry_list && retry_list[k]; k++ ) { + ch_free( retry_list[k] ); + } + ch_free( retry_list ); + return 1; + } + si->si_retryinterval = (time_t *) ch_calloc( n + 1, sizeof( time_t )); + si->si_retrynum = (int *) ch_calloc( n + 1, sizeof( int )); + si->si_retrynum_init = (int *) ch_calloc( n + 1, sizeof( int )); + for ( j = 0; j < n; j++ ) { + unsigned long t; + if ( lutil_atoul( &t, retry_list[j*2] ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid retry interval \"%s\" (#%d)", + retry_list[j*2], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } + si->si_retryinterval[j] = (time_t)t; + if ( *retry_list[j*2+1] == '+' ) { + si->si_retrynum_init[j] = RETRYNUM_FOREVER; + si->si_retrynum[j] = RETRYNUM_FOREVER; + j++; + break; + } else { + if ( lutil_atoi( &si->si_retrynum_init[j], retry_list[j*2+1] ) != 0 + || si->si_retrynum_init[j] <= 0 ) + { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid initial retry number \"%s\" (#%d)", + retry_list[j*2+1], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } + if ( lutil_atoi( &si->si_retrynum[j], retry_list[j*2+1] ) != 0 + || si->si_retrynum[j] <= 0 ) + { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid retry number \"%s\" (#%d)", + retry_list[j*2+1], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } + } + } + si->si_retrynum_init[j] = RETRYNUM_TAIL; + si->si_retrynum[j] = RETRYNUM_TAIL; + si->si_retryinterval[j] = 0; + + for ( k = 0; retry_list && retry_list[k]; k++ ) { + ch_free( retry_list[k] ); + } + ch_free( retry_list ); + } else if ( !strncasecmp( c->argv[ i ], MANAGEDSAITSTR "=", + STRLENOF( MANAGEDSAITSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( MANAGEDSAITSTR "=" ); + if ( lutil_atoi( &si->si_manageDSAit, val ) != 0 + || si->si_manageDSAit < 0 || si->si_manageDSAit > 1 ) + { + snprintf( c->msg, sizeof( c->msg ), + "invalid manageDSAit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], SLIMITSTR "=", + STRLENOF( SLIMITSTR "=") ) ) + { + val = c->argv[ i ] + STRLENOF( SLIMITSTR "=" ); + if ( strcasecmp( val, "unlimited" ) == 0 ) { + si->si_slimit = 0; + + } else if ( lutil_atoi( &si->si_slimit, val ) != 0 || si->si_slimit < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "invalid size limit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], TLIMITSTR "=", + STRLENOF( TLIMITSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( TLIMITSTR "=" ); + if ( strcasecmp( val, "unlimited" ) == 0 ) { + si->si_tlimit = 0; + + } else if ( lutil_atoi( &si->si_tlimit, val ) != 0 || si->si_tlimit < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "invalid time limit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], SYNCDATASTR "=", + STRLENOF( SYNCDATASTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( SYNCDATASTR "=" ); + si->si_syncdata = verb_to_mask( val, datamodes ); + } else if ( bindconf_parse( c->argv[i], &si->si_bindconf ) ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unable to parse \"%s\"\n", c->argv[ i ] ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } + + if ( gots != GOT_ALL ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: Malformed \"syncrepl\" line in slapd config file, missing%s%s%s", + gots & GOT_ID ? "" : " "IDSTR, + gots & GOT_PROVIDER ? "" : " "PROVIDERSTR, + gots & GOT_BASE ? "" : " "SEARCHBASESTR ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + + return 0; +} + +static int +add_syncrepl( + ConfigArgs *c ) +{ + syncinfo_t *si; + int rc = 0; + + if ( !( c->be->be_search && c->be->be_add && c->be->be_modify && c->be->be_delete ) ) { + snprintf( c->msg, sizeof(c->msg), "database %s does not support " + "operations required for syncrepl", c->be->be_type ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); + return 1; + } + if ( BER_BVISEMPTY( &c->be->be_rootdn )) { + strcpy( c->msg, "rootDN must be defined before syncrepl may be used" ); + Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); + return 1; + } + si = (syncinfo_t *) ch_calloc( 1, sizeof( syncinfo_t ) ); + + if ( si == NULL ) { + Debug( LDAP_DEBUG_ANY, "out of memory in add_syncrepl\n", 0, 0, 0 ); + return 1; + } + + si->si_bindconf.sb_tls = SB_TLS_OFF; + si->si_bindconf.sb_method = LDAP_AUTH_SIMPLE; + si->si_schemachecking = 0; + ber_str2bv( "(objectclass=*)", STRLENOF("(objectclass=*)"), 1, + &si->si_filterstr ); + si->si_base.bv_val = NULL; + si->si_scope = LDAP_SCOPE_SUBTREE; + si->si_attrsonly = 0; + si->si_anlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName )); + si->si_exanlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName )); + si->si_attrs = NULL; + si->si_allattrs = 0; + si->si_allopattrs = 0; + si->si_exattrs = NULL; + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_ONLY; + si->si_interval = 86400; + si->si_retryinterval = NULL; + si->si_retrynum_init = NULL; + si->si_retrynum = NULL; + si->si_manageDSAit = 0; + si->si_tlimit = 0; + si->si_slimit = 0; + si->si_conn_setup = 0; + + si->si_presentlist = NULL; + LDAP_LIST_INIT( &si->si_nonpresentlist ); + ldap_pvt_thread_mutex_init( &si->si_mutex ); + + rc = parse_syncrepl_line( c, si ); + + if ( rc == 0 ) { + si->si_be = c->be; + init_syncrepl( si ); + si->si_re = ldap_pvt_runqueue_insert( &slapd_rq, si->si_interval, + do_syncrepl, si, "do_syncrepl", c->be->be_suffix[0].bv_val ); + if ( !si->si_re ) + rc = -1; + } + if ( rc < 0 ) { + Debug( LDAP_DEBUG_ANY, "failed to add syncinfo\n", 0, 0, 0 ); + syncinfo_free( si ); + return 1; + } else { + Debug( LDAP_DEBUG_CONFIG, + "Config: ** successfully added syncrepl \"%s\"\n", + BER_BVISNULL( &si->si_bindconf.sb_uri ) ? + "(null)" : si->si_bindconf.sb_uri.bv_val, 0, 0 ); + if ( !si->si_schemachecking ) { + SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK; + } + c->be->be_syncinfo = si; + return 0; + } +} + +static void +syncrepl_unparse( syncinfo_t *si, struct berval *bv ) +{ + struct berval bc, uri; + char buf[BUFSIZ*2], *ptr; + int i; + + /* FIXME: we're not checking for buf[] overflow! */ + + /* temporarily inhibit bindconf from printing URI */ + uri = si->si_bindconf.sb_uri; + BER_BVZERO( &si->si_bindconf.sb_uri ); + bindconf_unparse( &si->si_bindconf, &bc ); + si->si_bindconf.sb_uri = uri; + + ptr = buf; + ptr += snprintf( ptr, sizeof( buf ), IDSTR "=%03d " PROVIDERSTR "=%s", + si->si_rid, si->si_bindconf.sb_uri.bv_val ); + if ( !BER_BVISNULL( &bc )) { + ptr = lutil_strcopy( ptr, bc.bv_val ); + free( bc.bv_val ); + } + if ( !BER_BVISEMPTY( &si->si_filterstr )) { + ptr = lutil_strcopy( ptr, " " FILTERSTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_filterstr.bv_val ); + *ptr++ = '"'; + } + if ( !BER_BVISNULL( &si->si_base )) { + ptr = lutil_strcopy( ptr, " " SEARCHBASESTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_base.bv_val ); + *ptr++ = '"'; + } + if ( !BER_BVISEMPTY( &si->si_logfilterstr )) { + ptr = lutil_strcopy( ptr, " " LOGFILTERSTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_logfilterstr.bv_val ); + *ptr++ = '"'; + } + if ( !BER_BVISNULL( &si->si_logbase )) { + ptr = lutil_strcopy( ptr, " " LOGBASESTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_logbase.bv_val ); + *ptr++ = '"'; + } + for (i=0; !BER_BVISNULL(&scopes[i].key);i++) { + if ( si->si_scope == scopes[i].val ) { + ptr = lutil_strcopy( ptr, " " SCOPESTR "=" ); + ptr = lutil_strcopy( ptr, scopes[i].key.bv_val ); + break; + } + } + if ( si->si_attrsonly ) { + ptr = lutil_strcopy( ptr, " " ATTRSONLYSTR ); + } + if ( si->si_anfile ) { + ptr = lutil_strcopy( ptr, " " ATTRSSTR "=:include:" ); + ptr = lutil_strcopy( ptr, si->si_anfile ); + } else if ( si->si_allattrs || si->si_allopattrs || + ( si->si_anlist && !BER_BVISNULL(&si->si_anlist[0].an_name) )) { + char *old; + ptr = lutil_strcopy( ptr, " " ATTRSSTR "=\"" ); + old = ptr; + ptr = anlist_unparse( si->si_anlist, ptr ); + if ( si->si_allattrs ) { + if ( old != ptr ) *ptr++ = ','; + *ptr++ = '*'; + } + if ( si->si_allopattrs ) { + if ( old != ptr ) *ptr++ = ','; + *ptr++ = '+'; + } + *ptr++ = '"'; + } + if ( si->si_exanlist && !BER_BVISNULL(&si->si_exanlist[0].an_name) ) { + ptr = lutil_strcopy( ptr, " " EXATTRSSTR "=" ); + ptr = anlist_unparse( si->si_exanlist, ptr ); + } + ptr = lutil_strcopy( ptr, " " SCHEMASTR "=" ); + ptr = lutil_strcopy( ptr, si->si_schemachecking ? "on" : "off" ); + + ptr = lutil_strcopy( ptr, " " TYPESTR "=" ); + ptr = lutil_strcopy( ptr, si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ? + "refreshAndPersist" : "refreshOnly" ); + + if ( si->si_type == LDAP_SYNC_REFRESH_ONLY ) { + int dd, hh, mm, ss; + + dd = si->si_interval; + ss = dd % 60; + dd /= 60; + mm = dd % 60; + dd /= 60; + hh = dd % 24; + dd /= 24; + ptr = lutil_strcopy( ptr, " " INTERVALSTR "=" ); + ptr += sprintf( ptr, "%02d:%02d:%02d:%02d", dd, hh, mm, ss ); + } else if ( si->si_retryinterval ) { + int space=0; + ptr = lutil_strcopy( ptr, " " RETRYSTR "=\"" ); + for (i=0; si->si_retryinterval[i]; i++) { + if ( space ) *ptr++ = ' '; + space = 1; + ptr += sprintf( ptr, "%ld ", (long) si->si_retryinterval[i] ); + if ( si->si_retrynum_init[i] == RETRYNUM_FOREVER ) + *ptr++ = '+'; + else + ptr += sprintf( ptr, "%d", si->si_retrynum_init[i] ); + } + *ptr++ = '"'; + } + + if ( si->si_slimit ) { + ptr = lutil_strcopy( ptr, " " SLIMITSTR "=" ); + ptr += sprintf( ptr, "%d", si->si_slimit ); + } + + if ( si->si_tlimit ) { + ptr = lutil_strcopy( ptr, " " TLIMITSTR "=" ); + ptr += sprintf( ptr, "%d", si->si_tlimit ); + } + + if ( si->si_syncdata ) { + if ( enum_to_verb( datamodes, si->si_syncdata, &bc ) >= 0 ) { + ptr = lutil_strcopy( ptr, " " SYNCDATASTR "=" ); + ptr = lutil_strcopy( ptr, bc.bv_val ); + } + } + bc.bv_len = ptr - buf; + bc.bv_val = buf; + ber_dupbv( bv, &bc ); +} + +int +syncrepl_config( ConfigArgs *c ) +{ + if (c->op == SLAP_CONFIG_EMIT) { + if ( c->be->be_syncinfo ) { + struct berval bv; + syncrepl_unparse( c->be->be_syncinfo, &bv ); + ber_bvarray_add( &c->rvalue_vals, &bv ); + return 0; + } + return 1; + } else if ( c->op == LDAP_MOD_DELETE ) { + struct re_s *re; + + if ( c->be->be_syncinfo ) { + re = c->be->be_syncinfo->si_re; + if ( re ) { + if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ) ) + ldap_pvt_runqueue_stoptask( &slapd_rq, re ); + ldap_pvt_runqueue_remove( &slapd_rq, re ); + } + syncinfo_free( c->be->be_syncinfo ); + c->be->be_syncinfo = NULL; + } + SLAP_DBFLAGS( c->be ) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW); + return 0; + } + if ( SLAP_SHADOW( c->be ) ) { + Debug(LDAP_DEBUG_ANY, "%s: " + "syncrepl: database already shadowed.\n", + c->log, 0, 0); + return(1); + } else if ( add_syncrepl( c ) ) { + return(1); + } + return config_sync_shadow( c ); +}