X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsyncrepl.c;h=c8dc5281e80b06d045477b9078c9eaec7d0274af;hb=581c1ff6c74f5eb281b5e0052b2a5ca84a7679bd;hp=ff49fc7df9d62fba37d5b98096d7533321b81da4;hpb=26eee8984195b2f275df90c1508e02fa0110909b;p=openldap diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c index ff49fc7df9..c8dc5281e8 100644 --- a/servers/slapd/syncrepl.c +++ b/servers/slapd/syncrepl.c @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 2003-2005 The OpenLDAP Foundation. + * Copyright 2003-2006 The OpenLDAP Foundation. * Portions Copyright 2003 by IBM Corporation. * Portions Copyright 2003 by Howard Chu, Symas Corporation. * All rights reserved. @@ -31,24 +31,33 @@ #include "ldap_rq.h" -/* FIXME: for ldap_ld_free() */ -#undef ldap_debug -#include "../../libraries/libldap/ldap-int.h" - struct nonpresent_entry { struct berval *npe_name; struct berval *npe_nname; LDAP_LIST_ENTRY(nonpresent_entry) npe_link; }; +#define SYNCDATA_DEFAULT 0 /* entries are plain LDAP entries */ +#define SYNCDATA_ACCESSLOG 1 /* entries are accesslog format */ +#define SYNCDATA_CHANGELOG 2 /* entries are changelog format */ + +#define SYNCLOG_LOGGING 0 /* doing a log-based update */ +#define SYNCLOG_FALLBACK 1 /* doing a full refresh */ + +#define RETRYNUM_FOREVER (-1) /* retry forever */ +#define RETRYNUM_TAIL (-2) /* end of retrynum array */ +#define RETRYNUM_VALID(n) ((n) >= RETRYNUM_FOREVER) /* valid retrynum */ +#define RETRYNUM_FINITE(n) ((n) > RETRYNUM_FOREVER) /* not forever */ + typedef struct syncinfo_s { struct slap_backend_db *si_be; struct re_s *si_re; long si_rid; - struct berval si_provideruri; slap_bindconf si_bindconf; - struct berval si_filterstr; struct berval si_base; + struct berval si_logbase; + struct berval si_filterstr; + struct berval si_logfilterstr; int si_scope; int si_attrsonly; char *si_anfile; @@ -59,7 +68,8 @@ typedef struct syncinfo_s { int si_allattrs; int si_allopattrs; int si_schemachecking; - int si_type; + int si_type; /* the active type */ + int si_ctype; /* the configured type */ time_t si_interval; time_t *si_retryinterval; int *si_retrynum_init; @@ -70,6 +80,9 @@ typedef struct syncinfo_s { int si_tlimit; int si_refreshDelete; int si_refreshPresent; + int si_syncdata; + int si_logstate; + int si_conn_setup; Avlnode *si_presentlist; LDAP *si_ld; LDAP_LIST_HEAD(np, nonpresent_entry) si_nonpresentlist; @@ -79,6 +92,8 @@ typedef struct syncinfo_s { static int syncuuid_cmp( const void *, const void * ); static void avl_ber_bvfree( void * ); static void syncrepl_del_nonpresent( Operation *, syncinfo_t *, BerVarray ); +static int syncrepl_message_to_op( + syncinfo_t *, Operation *, LDAPMessage * ); static int syncrepl_message_to_entry( syncinfo_t *, Operation *, LDAPMessage *, Modifications **, Entry **, int ); @@ -87,7 +102,7 @@ static int syncrepl_entry( Modifications**,int, struct berval*, struct sync_cookie *, struct berval * ); -static void syncrepl_updateCookie( +static int syncrepl_updateCookie( syncinfo_t *, Operation *, struct berval *, struct sync_cookie * ); static struct berval * slap_uuidstr_from_normalized( @@ -178,7 +193,7 @@ init_syncrepl(syncinfo_t *si) } if ( attrs == NULL ) { - Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); + Debug( LDAP_DEBUG_ANY, "out of memory\n", 0, 0, 0 ); } /* Add Attributes */ @@ -224,9 +239,8 @@ init_syncrepl(syncinfo_t *si) j = 0; while ( exattrs[j] != NULL ) { if ( !strcmp( exattrs[j], sync_descs[i]->ad_cname.bv_val )) { + ch_free( exattrs[j] ); for ( k = j; exattrs[k] != NULL; k++ ) { - if ( k == j ) - ch_free( exattrs[k] ); exattrs[k] = exattrs[k+1]; } } else { @@ -243,9 +257,8 @@ init_syncrepl(syncinfo_t *si) while ( oc->soc_required[k] ) { if ( !strcmp( exattrs[i], oc->soc_required[k]->sat_cname.bv_val )) { + ch_free( exattrs[i] ); for ( l = i; exattrs[l]; l++ ) { - if ( l == i ) - ch_free( exattrs[i] ); exattrs[l] = exattrs[l+1]; } } else { @@ -265,6 +278,33 @@ init_syncrepl(syncinfo_t *si) si->si_exattrs = exattrs; } +typedef struct logschema { + struct berval ls_dn; + struct berval ls_req; + struct berval ls_mod; + struct berval ls_newRdn; + struct berval ls_delRdn; + struct berval ls_newSup; +} logschema; + +static logschema changelog_sc = { + BER_BVC("targetDN"), + BER_BVC("changeType"), + BER_BVC("changes"), + BER_BVC("newRDN"), + BER_BVC("deleteOldRDN"), + BER_BVC("newSuperior") +}; + +static logschema accesslog_sc = { + BER_BVC("reqDN"), + BER_BVC("reqType"), + BER_BVC("reqMod"), + BER_BVC("reqNewRDN"), + BER_BVC("reqDeleteOldRDN"), + BER_BVC("reqNewSuperior") +}; + static int ldap_sync_search( syncinfo_t *si, @@ -276,19 +316,66 @@ ldap_sync_search( struct timeval timeout; ber_int_t msgid; int rc; + int rhint; + char *base; + char **attrs, *lattrs[8]; + char *filter; + int attrsonly; + int scope; /* setup LDAP SYNC control */ ber_init2( ber, NULL, LBER_USE_DER ); ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx ); + /* If we're using a log but we have no state, then fallback to + * normal mode for a full refresh. + */ + if ( si->si_syncdata && BER_BVISEMPTY( &si->si_syncCookie.ctxcsn )) + si->si_logstate = SYNCLOG_FALLBACK; + + /* Use the log parameters if we're in log mode */ + if ( si->si_syncdata && si->si_logstate == SYNCLOG_LOGGING ) { + logschema *ls; + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + ls = &accesslog_sc; + else + ls = &changelog_sc; + lattrs[0] = ls->ls_dn.bv_val; + lattrs[1] = ls->ls_req.bv_val; + lattrs[2] = ls->ls_mod.bv_val; + lattrs[3] = ls->ls_newRdn.bv_val; + lattrs[4] = ls->ls_delRdn.bv_val; + lattrs[5] = ls->ls_newSup.bv_val; + lattrs[6] = slap_schema.si_ad_entryCSN->ad_cname.bv_val; + lattrs[7] = NULL; + + rhint = 0; + base = si->si_logbase.bv_val; + filter = si->si_logfilterstr.bv_val; + attrs = lattrs; + attrsonly = 0; + scope = LDAP_SCOPE_SUBTREE; + } else { + rhint = 1; + base = si->si_base.bv_val; + filter = si->si_filterstr.bv_val; + attrs = si->si_attrs; + attrsonly = si->si_attrsonly; + scope = si->si_scope; + } + if ( si->si_syncdata && si->si_logstate == SYNCLOG_FALLBACK ) { + si->si_type = LDAP_SYNC_REFRESH_ONLY; + } else { + si->si_type = si->si_ctype; + } + if ( !BER_BVISNULL( &si->si_syncCookie.octet_str ) ) { - ber_printf( ber, "{eO}", - abs(si->si_type), - &si->si_syncCookie.octet_str ); + ber_printf( ber, "{eOb}", + abs(si->si_type), &si->si_syncCookie.octet_str, rhint ); } else { - ber_printf( ber, "{e}", - abs(si->si_type) ); + ber_printf( ber, "{eb}", + abs(si->si_type), rhint ); } if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) { @@ -313,8 +400,7 @@ ldap_sync_search( timeout.tv_sec = si->si_tlimit; timeout.tv_usec = 0; - rc = ldap_search_ext( si->si_ld, si->si_base.bv_val, si->si_scope, - si->si_filterstr.bv_val, si->si_attrs, si->si_attrsonly, + rc = ldap_search_ext( si->si_ld, base, scope, filter, attrs, attrsonly, ctrls, NULL, si->si_tlimit > 0 ? &timeout : NULL, si->si_slimit, &msgid ); ber_free_buf( ber ); @@ -338,11 +424,11 @@ do_syncrep1( psub = &si->si_be->be_nsuffix[0]; /* Init connection to master */ - rc = ldap_initialize( &si->si_ld, si->si_provideruri.bv_val ); + rc = ldap_initialize( &si->si_ld, si->si_bindconf.sb_uri.bv_val ); if ( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "do_syncrep1: ldap_initialize failed (%s)\n", - si->si_provideruri.bv_val, 0, 0 ); + si->si_bindconf.sb_uri.bv_val, 0, 0 ); return rc; } @@ -373,7 +459,7 @@ do_syncrep1( if( rc != LDAP_OPT_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option " "(%s,SECPROPS,\"%s\") failed!\n", - si->si_provideruri.bv_val, si->si_bindconf.sb_secprops, 0 ); + si->si_bindconf.sb_uri.bv_val, si->si_bindconf.sb_secprops, 0 ); goto done; } } @@ -419,7 +505,7 @@ do_syncrep1( #else /* HAVE_CYRUS_SASL */ /* Should never get here, we trapped this at config time */ assert(0); - fprintf( stderr, "not compiled with SASL support\n" ); + Debug( LDAP_DEBUG_SYNC, "not compiled with SASL support\n", 0, 0, 0 ); rc = LDAP_OTHER; goto done; #endif @@ -482,6 +568,8 @@ do_syncrep1( LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next ); + /* ctxcsn wasn't parsed yet, do it now */ + slap_parse_sync_cookie( sc, op->o_tmpmemctx ); if ( BER_BVISNULL( &sc->ctxcsn ) ) { /* if cmdline cookie does not have ctxcsn */ /* component, set it to an initial value */ @@ -535,15 +623,13 @@ do_syncrep2( int syncstate; struct berval syncUUID = BER_BVNULL; - struct sync_cookie syncCookie = { 0 }; - struct sync_cookie syncCookie_req = { 0 }; + struct sync_cookie syncCookie = { BER_BVNULL }; + struct sync_cookie syncCookie_req = { BER_BVNULL }; struct berval cookie = BER_BVNULL; int rc, err, i; ber_len_t len; - int rc_efree = 1; - struct berval *psub; Modifications *modlist = NULL; @@ -607,6 +693,15 @@ do_syncrep2( rctrlp = *rctrls; ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID ); + /* FIXME: what if syncUUID is NULL or empty? + * (happens with back-sql...) */ + if ( BER_BVISEMPTY( &syncUUID ) ) { + Debug( LDAP_DEBUG_ANY, "do_syncrep2: " + "got empty syncUUID\n", 0, 0, 0 ); + ldap_controls_free( rctrls ); + rc = -1; + goto done; + } if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { ber_scanf( ber, /*"{"*/ "m}", &cookie ); if ( !BER_BVISNULL( &cookie ) ) { @@ -615,26 +710,31 @@ do_syncrep2( } if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } - if ( syncrepl_message_to_entry( si, op, msg, - &modlist, &entry, syncstate ) == LDAP_SUCCESS ) { - rc_efree = syncrepl_entry( si, op, entry, &modlist, - syncstate, &syncUUID, &syncCookie_req, &syncCookie.ctxcsn ); - if ( !BER_BVISNULL( &syncCookie.octet_str ) ) - { - syncrepl_updateCookie( si, op, psub, &syncCookie ); + rc = 0; + if ( si->si_syncdata && si->si_logstate == SYNCLOG_LOGGING ) { + modlist = NULL; + if (( rc = syncrepl_message_to_op( si, op, msg )) == LDAP_SUCCESS && + !BER_BVISNULL( &syncCookie.ctxcsn ) ) { + rc = syncrepl_updateCookie( si, op, psub, &syncCookie ); + } + } else if (( rc = syncrepl_message_to_entry( si, op, msg, + &modlist, &entry, syncstate )) == LDAP_SUCCESS ) { + if (( rc = syncrepl_entry( si, op, entry, &modlist, + syncstate, &syncUUID, &syncCookie_req, + &syncCookie.ctxcsn )) == LDAP_SUCCESS && + !BER_BVISNULL( &syncCookie.ctxcsn ) ) { + rc = syncrepl_updateCookie( si, op, psub, &syncCookie ); } } ldap_controls_free( rctrls ); if ( modlist ) { - slap_mods_free( modlist ); + slap_mods_free( modlist, 1 ); } - if ( rc_efree && entry ) { - entry_free( entry ); - } - entry = NULL; + if ( rc ) + goto done; break; case LDAP_RES_SEARCH_REFERENCE: @@ -647,6 +747,19 @@ do_syncrep2( "do_syncrep2: LDAP_RES_SEARCH_RESULT\n", 0, 0, 0 ); ldap_parse_result( si->si_ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 ); +#ifdef LDAP_X_SYNC_REFRESH_REQUIRED + if ( err == LDAP_X_SYNC_REFRESH_REQUIRED ) { + /* map old result code to registered code */ + err = LDAP_SYNC_REFRESH_REQUIRED; + } +#endif + if ( err == LDAP_SYNC_REFRESH_REQUIRED ) { + if ( si->si_logstate == SYNCLOG_LOGGING ) { + si->si_logstate = SYNCLOG_FALLBACK; + } + rc = err; + goto done; + } if ( rctrls ) { rctrlp = *rctrls; ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); @@ -660,7 +773,7 @@ do_syncrep2( } if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES ) @@ -680,10 +793,10 @@ do_syncrep2( &syncCookie_req.ctxcsn, &syncCookie.ctxcsn, &text ); } - if ( !BER_BVISNULL( &syncCookie.octet_str ) && + if ( !BER_BVISNULL( &syncCookie.ctxcsn ) && match < 0 && err == LDAP_SUCCESS ) { - syncrepl_updateCookie( si, op, psub, &syncCookie ); + rc = syncrepl_updateCookie( si, op, psub, &syncCookie ); } if ( rctrls ) { ldap_controls_free( rctrls ); @@ -702,7 +815,13 @@ do_syncrep2( si->si_presentlist = NULL; } } - rc = -2; + if ( err == LDAP_SUCCESS + && si->si_logstate == SYNCLOG_FALLBACK ) { + si->si_logstate = SYNCLOG_LOGGING; + rc = LDAP_SYNC_REFRESH_REQUIRED; + } else { + rc = -2; + } goto done; break; @@ -744,7 +863,7 @@ do_syncrep2( } if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } if ( ber_peek_tag( ber, &len ) == @@ -771,7 +890,7 @@ do_syncrep2( } if ( !BER_BVISNULL( &syncCookie.octet_str ) ) { - slap_parse_sync_cookie( &syncCookie ); + slap_parse_sync_cookie( &syncCookie, NULL ); } } if ( ber_peek_tag( ber, &len ) == @@ -820,7 +939,7 @@ do_syncrep2( if ( !BER_BVISNULL( &syncCookie.ctxcsn ) && match < 0 ) { - syncrepl_updateCookie( si, op, psub, &syncCookie); + rc = syncrepl_updateCookie( si, op, psub, &syncCookie); } if ( si->si_refreshPresent == 1 ) { @@ -875,7 +994,13 @@ done: if ( res ) ldap_msgfree( res ); - if ( rc && si->si_ld ) { + if ( rc && rc != LDAP_SYNC_REFRESH_REQUIRED && si->si_ld ) { + if ( si->si_conn_setup ) { + ber_socket_t s; + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + si->si_conn_setup = 0; + } ldap_unbind_ext( si->si_ld, NULL, NULL ); si->si_ld = NULL; } @@ -891,10 +1016,9 @@ do_syncrepl( struct re_s* rtask = arg; syncinfo_t *si = ( syncinfo_t * ) rtask->arg; Connection conn = {0}; - char opbuf[OPERATION_BUFFER_SIZE]; + OperationBuffer opbuf; Operation *op; int rc = LDAP_SUCCESS; - int first = 0; int dostop = 0; ber_socket_t s; int i, defer = 1; @@ -918,8 +1042,11 @@ do_syncrepl( if ( slapd_shutdown ) { if ( si->si_ld ) { - ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); - connection_client_stop( s ); + if ( si->si_conn_setup ) { + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + si->si_conn_setup = 0; + } ldap_unbind_ext( si->si_ld, NULL, NULL ); si->si_ld = NULL; } @@ -927,7 +1054,7 @@ do_syncrepl( return NULL; } - op = (Operation *)opbuf; + op = (Operation *) &opbuf; connection_fake_init( &conn, op, ctx ); /* use global malloc for now */ @@ -941,29 +1068,35 @@ do_syncrepl( /* Establish session, do search */ if ( !si->si_ld ) { - first = 1; si->si_refreshDelete = 0; si->si_refreshPresent = 0; rc = do_syncrep1( op, si ); } +reload: /* Process results */ if ( rc == LDAP_SUCCESS ) { ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); rc = do_syncrep2( op, si ); + if ( rc == LDAP_SYNC_REFRESH_REQUIRED ) { + rc = ldap_sync_search( si, op->o_tmpmemctx ); + goto reload; + } if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) { /* If we succeeded, enable the connection for further listening. * If we failed, tear down the connection and reschedule. */ if ( rc == LDAP_SUCCESS ) { - if ( first ) { - rc = connection_client_setup( s, do_syncrepl, arg ); - } else { + if ( si->si_conn_setup ) { connection_client_enable( s ); + } else { + rc = connection_client_setup( s, do_syncrepl, arg ); + if ( rc == 0 ) + si->si_conn_setup = 1; } - } else if ( !first ) { + } else if ( si->si_conn_setup ) { dostop = 1; } } else { @@ -994,20 +1127,20 @@ do_syncrepl( rtask->interval.tv_sec = si->si_interval; ldap_pvt_runqueue_resched( &slapd_rq, rtask, defer ); if ( si->si_retrynum ) { - for ( i = 0; si->si_retrynum_init[i] != -2; i++ ) { + for ( i = 0; si->si_retrynum_init[i] != RETRYNUM_TAIL; i++ ) { si->si_retrynum[i] = si->si_retrynum_init[i]; } - si->si_retrynum[i] = -2; + si->si_retrynum[i] = RETRYNUM_TAIL; } } else { for ( i = 0; si->si_retrynum && si->si_retrynum[i] <= 0; i++ ) { - if ( si->si_retrynum[i] == -1 || si->si_retrynum[i] == -2 ) + if ( si->si_retrynum[i] == RETRYNUM_FOREVER || si->si_retrynum[i] == RETRYNUM_TAIL ) break; } - if ( !si->si_retrynum || si->si_retrynum[i] == -2 ) { + if ( !si->si_retrynum || si->si_retrynum[i] == RETRYNUM_TAIL ) { ldap_pvt_runqueue_remove( &slapd_rq, rtask ); - } else if ( si->si_retrynum[i] >= -1 ) { + } else if ( RETRYNUM_VALID( si->si_retrynum[i] ) ) { if ( si->si_retrynum[i] > 0 ) si->si_retrynum[i]--; rtask->interval.tv_sec = si->si_retryinterval[i]; @@ -1022,7 +1155,274 @@ do_syncrepl( return NULL; } -int +static slap_verbmasks modops[] = { + { BER_BVC("add"), LDAP_REQ_ADD }, + { BER_BVC("delete"), LDAP_REQ_DELETE }, + { BER_BVC("modify"), LDAP_REQ_MODIFY }, + { BER_BVC("modrdn"), LDAP_REQ_MODRDN}, + { BER_BVNULL, 0 } +}; + +static Modifications * +syncrepl_accesslog_mods( + syncinfo_t *si, + struct berval *vals +) +{ + char *colon; + const char *text; + AttributeDescription *ad; + struct berval bv, bv2; + short op; + Modifications *mod = NULL, *modlist = NULL, **modtail; + int i; + + modtail = &modlist; + + for (i=0; !BER_BVISNULL( &vals[i] ); i++) { + ad = NULL; + bv = vals[i]; + + colon = ber_bvchr( &bv, ':' ); + if ( !colon ) + continue; /* invalid */ + bv.bv_len = colon - bv.bv_val; + if ( slap_bv2ad( &bv, &ad, &text )) { + /* Invalid */ + continue; + } + /* Ignore dynamically generated attrs */ + if ( ad->ad_type->sat_flags & SLAP_AT_DYNAMIC ) + continue; + /* Ignore excluded attrs */ + if ( ldap_charray_inlist( si->si_exattrs, + ad->ad_type->sat_cname.bv_val )) + continue; + + switch(colon[1]) { + case '+': op = LDAP_MOD_ADD; break; + case '-': op = LDAP_MOD_DELETE; break; + case '=': op = LDAP_MOD_REPLACE; break; + case '#': op = LDAP_MOD_INCREMENT; break; + default: continue; + } + + if ( !mod || ad != mod->sml_desc || op != mod->sml_op ) { + mod = (Modifications *) ch_malloc( sizeof( Modifications )); + mod->sml_flags = 0; + mod->sml_op = op; + mod->sml_next = NULL; + mod->sml_desc = ad; + mod->sml_type = ad->ad_cname; + mod->sml_values = NULL; + mod->sml_nvalues = NULL; + + *modtail = mod; + modtail = &mod->sml_next; + } + if ( colon[2] == ' ' ) { + bv.bv_val = colon + 3; + bv.bv_len = vals[i].bv_len - ( bv.bv_val - vals[i].bv_val ); + ber_dupbv( &bv2, &bv ); + ber_bvarray_add( &mod->sml_values, &bv2 ); + } + } + return modlist; +} + +static Modifications * +syncrepl_changelog_mods( + syncinfo_t *si, + struct berval *vals +) +{ + return NULL; /* FIXME */ +} + +static int +syncrepl_message_to_op( + syncinfo_t *si, + Operation *op, + LDAPMessage *msg +) +{ + BerElement *ber = NULL; + Modifications *modlist = NULL; + logschema *ls; + SlapReply rs = { REP_RESULT }; + slap_callback cb = { NULL, null_callback, NULL, NULL }; + + const char *text; + char txtbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof txtbuf; + + struct berval bdn, dn = BER_BVNULL, ndn; + struct berval bv, *bvals = NULL; + struct berval rdn = BER_BVNULL, sup = BER_BVNULL, + prdn = BER_BVNULL, nrdn = BER_BVNULL, + psup = BER_BVNULL, nsup = BER_BVNULL; + int rc, deleteOldRdn = 0; + + if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) { + Debug( LDAP_DEBUG_ANY, + "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 ); + return -1; + } + + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + ls = &accesslog_sc; + else + ls = &changelog_sc; + + rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn ); + + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "syncrepl_message_to_op : dn get failed (%d)", rc, 0, 0 ); + return rc; + } + + op->o_tag = LBER_DEFAULT; + + while (( rc = ldap_get_attribute_ber( si->si_ld, msg, ber, &bv, &bvals )) + == LDAP_SUCCESS ) { + if ( bv.bv_val == NULL ) + break; + + if ( !ber_bvstrcasecmp( &bv, &ls->ls_dn )) { + bdn = bvals[0]; + dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx ); + ber_dupbv( &op->o_req_dn, &dn ); + ber_dupbv( &op->o_req_ndn, &ndn ); + slap_sl_free( ndn.bv_val, op->o_tmpmemctx ); + slap_sl_free( dn.bv_val, op->o_tmpmemctx ); + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_req )) { + int i = verb_to_mask( bvals[0].bv_val, modops ); + if ( i < 0 ) { + Debug( LDAP_DEBUG_ANY, + "syncrepl_message_to_op : unknown op %s", + bvals[0].bv_val, 0, 0 ); + ch_free( bvals ); + rc = -1; + goto done; + } + op->o_tag = modops[i].mask; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_mod )) { + /* Parse attribute into modlist */ + if ( si->si_syncdata == SYNCDATA_ACCESSLOG ) + modlist = syncrepl_accesslog_mods( si, bvals ); + else + modlist = syncrepl_changelog_mods( si, bvals ); + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_newRdn )) { + rdn = bvals[0]; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_delRdn )) { + if ( !ber_bvstrcasecmp( &slap_true_bv, bvals )) + deleteOldRdn = 1; + } else if ( !ber_bvstrcasecmp( &bv, &ls->ls_newSup )) { + sup = bvals[0]; + } else if ( !ber_bvstrcasecmp( &bv, + &slap_schema.si_ad_entryCSN->ad_cname )) { + slap_queue_csn( op, bvals ); + } + ch_free( bvals ); + } + + /* If we didn't get a mod type or a target DN, bail out */ + if ( op->o_tag == LBER_DEFAULT || BER_BVISNULL( &dn )) { + rc = -1; + goto done; + } + + op->o_callback = &cb; + + switch( op->o_tag ) { + case LDAP_REQ_ADD: + case LDAP_REQ_MODIFY: + /* If we didn't get required data, bail */ + if ( !modlist ) goto done; + + rc = slap_mods_check( modlist, &text, txtbuf, textlen, NULL ); + + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_op: mods check (%s)\n", + text, 0, 0 ); + goto done; + } + + if ( op->o_tag == LDAP_REQ_ADD ) { + op->ora_e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); + op->ora_e->e_name = op->o_req_dn; + op->ora_e->e_nname = op->o_req_ndn; + rc = slap_mods2entry( modlist, &op->ora_e, 1, 0, &text, txtbuf, textlen); + if( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_op: mods2entry (%s)\n", + text, 0, 0 ); + } else { + rc = op->o_bd->be_add( op, &rs ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: be_add %s (%d)\n", + op->o_req_dn.bv_val, rc, 0 ); + } + be_entry_release_w( op, op->ora_e ); + } else { + op->orm_modlist = modlist; + rc = op->o_bd->be_modify( op, &rs ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: be_modify %s (%d)\n", + op->o_req_dn.bv_val, rc, 0 ); + } + break; + case LDAP_REQ_MODRDN: + if ( BER_BVISNULL( &rdn )) goto done; + + if ( rdnPretty( NULL, &rdn, &prdn, NULL )) + goto done; + if ( rdnNormalize( 0, NULL, NULL, &rdn, &nrdn, NULL )) + goto done; + if ( !BER_BVISNULL( &sup )) { + if ( dnPrettyNormal( NULL, &sup, &psup, &nsup, NULL )) + goto done; + op->orr_newSup = &psup; + op->orr_nnewSup = ⊅ + } + op->orr_newrdn = prdn; + op->orr_nnewrdn = nrdn; + op->orr_deleteoldrdn = deleteOldRdn; + op->orr_modlist = NULL; + if ( slap_modrdn2mods( op, &rs )) + goto done; + rc = op->o_bd->be_modrdn( op, &rs ); + slap_mods_free( op->orr_modlist, 1 ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: be_modrdn %s (%d)\n", + op->o_req_dn.bv_val, rc, 0 ); + break; + case LDAP_REQ_DELETE: + rc = op->o_bd->be_delete( op, &rs ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_message_to_op: be_delete %s (%d)\n", + op->o_req_dn.bv_val, rc, 0 ); + break; + } +done: + slap_graduate_commit_csn( op ); + if ( modlist ) + slap_mods_free( modlist, op->o_tag != LDAP_REQ_ADD ); + if ( !BER_BVISNULL( &rdn )) { + if ( !BER_BVISNULL( &nsup )) + ch_free( nsup.bv_val ); + if ( !BER_BVISNULL( &psup )) + ch_free( psup.bv_val ); + if ( !BER_BVISNULL( &nrdn )) + ch_free( nrdn.bv_val ); + if ( !BER_BVISNULL( &prdn )) + ch_free( prdn.bv_val ); + } + ber_free ( ber, 0 ); + return rc; +} + +static int syncrepl_message_to_entry( syncinfo_t *si, Operation *op, @@ -1080,7 +1480,6 @@ syncrepl_message_to_entry( } e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); - *entry = e; e->e_name = op->o_req_dn; e->e_nname = op->o_req_ndn; @@ -1094,6 +1493,7 @@ syncrepl_message_to_entry( mod = (Modifications *) ch_malloc( sizeof( Modifications )); mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_flags = 0; mod->sml_next = NULL; mod->sml_desc = NULL; mod->sml_type = tmp.sml_type; @@ -1155,9 +1555,10 @@ done: if ( rc != LDAP_SUCCESS ) { if ( e ) { entry_free( e ); - *entry = e = NULL; + e = NULL; } } + *entry = e; return rc; } @@ -1192,7 +1593,7 @@ typedef struct dninfo { AttributeDescription **ads; } dninfo; -int +static int syncrepl_entry( syncinfo_t* si, Operation *op, @@ -1204,7 +1605,7 @@ syncrepl_entry( struct berval* syncCSN ) { Backend *be = op->o_bd; - slap_callback cb = { NULL }; + slap_callback cb = { NULL, NULL, NULL, NULL }; struct berval *syncuuid_bv = NULL; struct berval syncUUID_strrep = BER_BVNULL; struct berval uuid_bv = BER_BVNULL; @@ -1220,7 +1621,6 @@ syncrepl_entry( AttributeAssertion ava = { NULL, BER_BVNULL }; #endif int rc = LDAP_SUCCESS; - int ret = LDAP_SUCCESS; struct berval pdn = BER_BVNULL; dninfo dni = {0}; @@ -1276,12 +1676,12 @@ syncrepl_entry( ava.aa_value = *syncUUID; op->ors_filter = &f; - op->ors_filterstr.bv_len = STRLENOF( "(entryUUID=)" ) + syncUUID->bv_len; + op->ors_filterstr.bv_len = STRLENOF( "(entryUUID=)" ) + syncUUID_strrep.bv_len; op->ors_filterstr.bv_val = (char *) slap_sl_malloc( op->ors_filterstr.bv_len + 1, op->o_tmpmemctx ); AC_MEMCPY( op->ors_filterstr.bv_val, "(entryUUID=", STRLENOF( "(entryUUID=" ) ); AC_MEMCPY( &op->ors_filterstr.bv_val[STRLENOF( "(entryUUID=" )], - syncUUID->bv_val, syncUUID->bv_len ); + syncUUID_strrep.bv_val, syncUUID_strrep.bv_len ); op->ors_filterstr.bv_val[op->ors_filterstr.bv_len - 1] = ')'; op->ors_filterstr.bv_val[op->ors_filterstr.bv_len] = '\0'; @@ -1352,6 +1752,18 @@ syncrepl_entry( switch ( syncstate ) { case LDAP_SYNC_ADD: case LDAP_SYNC_MODIFY: + { + Attribute *a = attr_find( entry->e_attrs, slap_schema.si_ad_entryCSN ); + if ( a ) { + /* FIXME: op->o_csn is assumed to be + * on the thread's slab; this needs + * to be cleared ASAP. + * What happens if already present? + */ + assert( BER_BVISNULL( &op->o_csn ) ); + op->o_csn = a->a_vals[0]; + } + } retry_add:; if ( BER_BVISNULL( &dni.dn )) { @@ -1367,15 +1779,15 @@ retry_add:; switch ( rs_add.sr_err ) { case LDAP_SUCCESS: be_entry_release_w( op, entry ); - ret = 0; + entry = NULL; break; case LDAP_REFERRAL: /* we assume that LDAP_NO_SUCH_OBJECT is returned * only if the suffix entry is not present */ case LDAP_NO_SUCH_OBJECT: - syncrepl_add_glue( op, entry ); - ret = 0; + rc = syncrepl_add_glue( op, entry ); + entry = NULL; break; /* if an entry was added via syncrepl_add_glue(), @@ -1411,7 +1823,8 @@ retry_add:; cb2.sc_response = dn_callback; cb2.sc_private = &dni; - be->be_search( &op2, &rs2 ); + rc = be->be_search( &op2, &rs2 ); + if ( rc ) goto done; retry = 0; goto retry_add; @@ -1422,7 +1835,6 @@ retry_add:; Debug( LDAP_DEBUG_ANY, "syncrepl_entry : be_add failed (%d)\n", rs_add.sr_err, 0, 0 ); - ret = 1; break; } goto done; @@ -1439,13 +1851,18 @@ retry_add:; dnParent( &dni.ndn, &noldp ); dnParent( &entry->e_nname, &nnewp ); - if ( !dn_match( &noldp, &newp )) { + if ( !dn_match( &noldp, &nnewp )) { dnParent( &entry->e_name, &newp ); op->orr_newSup = &newp; op->orr_nnewSup = &nnewp; } op->orr_deleteoldrdn = 0; + op->orr_modlist = NULL; + if (( rc = slap_modrdn2mods( op, &rs_modify ))) { + goto done; + } rc = be->be_modrdn( op, &rs_modify ); + slap_mods_free( op->orr_modlist, 1 ); Debug( LDAP_DEBUG_SYNC, "syncrepl_entry: %s (%d)\n", "be_modrdn", rc, 0 ); @@ -1453,7 +1870,6 @@ retry_add:; op->o_req_dn = entry->e_name; op->o_req_ndn = entry->e_nname; } else { - ret = 1; goto done; } } @@ -1464,12 +1880,13 @@ retry_add:; op->o_tag = LDAP_REQ_MODIFY; - assert( *modlist ); + assert( *modlist != NULL ); /* Delete all the old attrs */ for ( i = 0; i < dni.attrs; i++ ) { mod = ch_malloc( sizeof( Modifications ) ); mod->sml_op = LDAP_MOD_DELETE; + mod->sml_flags = 0; mod->sml_desc = dni.ads[i]; mod->sml_type = mod->sml_desc->ad_cname; mod->sml_values = NULL; @@ -1496,6 +1913,7 @@ retry_add:; mod = (Modifications *)ch_calloc(1, sizeof(Modifications)); mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_flags = 0; mod->sml_desc = slap_schema.si_ad_entryUUID; mod->sml_type = mod->sml_desc->ad_cname; ber_dupbv( &uuid_bv, &syncUUID_strrep ); @@ -1517,7 +1935,6 @@ retry_add:; rs_modify.sr_err, 0, 0 ); } } - ret = 1; goto done; case LDAP_SYNC_DELETE : if ( !BER_BVISNULL( &dni.dn )) { @@ -1545,17 +1962,15 @@ retry_add:; } } } - ret = 0; goto done; default : Debug( LDAP_DEBUG_ANY, "syncrepl_entry : unknown syncstate\n", 0, 0, 0 ); - ret = 1; goto done; } -done : +done: if ( !BER_BVISNULL( &syncUUID_strrep ) ) { slap_sl_free( syncUUID_strrep.bv_val, op->o_tmpmemctx ); BER_BVZERO( &syncUUID_strrep ); @@ -1569,7 +1984,10 @@ done : if ( !BER_BVISNULL( &dni.dn ) ) { op->o_tmpfree( dni.dn.bv_val, op->o_tmpmemctx ); } - return ret; + if ( entry ) + entry_free( entry ); + BER_BVZERO( &op->o_csn ); + return rc; } static struct berval gcbva[] = { @@ -1633,8 +2051,12 @@ syncrepl_del_nonpresent( for (i=0; uuids[i].bv_val; i++) { op->ors_slimit = 1; + slap_uuidstr_from_normalized( &uf.f_av_value, &uuids[i], + op->o_tmpmemctx ); + filter2bv_x( op, op->ors_filter, &op->ors_filterstr ); uf.f_av_value = uuids[i]; rc = be->be_search( op, &rs_search ); + op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx ); } si->si_refreshDelete ^= NP_DELETE_ONE; } else { @@ -1672,10 +2094,14 @@ syncrepl_del_nonpresent( op->o_req_dn = *np_prev->npe_name; op->o_req_ndn = *np_prev->npe_nname; rc = op->o_bd->be_delete( op, &rs_delete ); + Debug( LDAP_DEBUG_SYNC, + "syncrepl_del_nonpresent: be_delete %s (%d)\n", + op->o_req_dn.bv_val, rc, 0 ); if ( rs_delete.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) { Modifications mod1, mod2; mod1.sml_op = LDAP_MOD_REPLACE; + mod1.sml_flags = 0; mod1.sml_desc = slap_schema.si_ad_objectClass; mod1.sml_type = mod1.sml_desc->ad_cname; mod1.sml_values = &gcbva[0]; @@ -1683,6 +2109,7 @@ syncrepl_del_nonpresent( mod1.sml_next = &mod2; mod2.sml_op = LDAP_MOD_REPLACE; + mod2.sml_flags = 0; mod2.sml_desc = slap_schema.si_ad_structuralObjectClass; mod2.sml_type = mod2.sml_desc->ad_cname; mod2.sml_values = &gcbva[1]; @@ -1720,12 +2147,15 @@ syncrepl_del_nonpresent( } slap_graduate_commit_csn( op ); + + op->o_tmpfree( op->o_csn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_csn ); } return; } -void +int syncrepl_add_glue( Operation* op, Entry *e ) @@ -1736,11 +2166,12 @@ syncrepl_add_glue( int rc; int suffrdns; int i; - struct berval dn = {0, NULL}; - struct berval ndn = {0, NULL}; + struct berval dn = BER_BVNULL; + struct berval ndn = BER_BVNULL; Entry *glue; SlapReply rs_add = {REP_RESULT}; - char *ptr, *comma; + struct berval ptr, nptr; + char *comma; op->o_tag = LDAP_REQ_ADD; op->o_callback = &cb; @@ -1752,8 +2183,10 @@ syncrepl_add_glue( /* count RDNs in suffix */ if ( !BER_BVISEMPTY( &be->be_nsuffix[0] ) ) { - for ( i = 0, ptr = be->be_nsuffix[0].bv_val; ptr; ptr = strchr( ptr, ',' ) ) { - ptr++; + for ( i = 0, ptr = be->be_nsuffix[0], comma = ptr.bv_val; comma != NULL; comma = ber_bvchr( &ptr, ',' ) ) { + comma++; + ptr.bv_len -= comma - ptr.bv_val; + ptr.bv_val = comma; i++; } suffrdns = i; @@ -1763,23 +2196,34 @@ syncrepl_add_glue( } /* Start with BE suffix */ - for ( i = 0, ptr = NULL; i < suffrdns; i++ ) { - comma = strrchr( dn.bv_val, ',' ); - if ( ptr ) *ptr = ','; - if ( comma ) *comma = '\0'; - ptr = comma; + ptr = dn; + for ( i = 0; i < suffrdns; i++ ) { + comma = ber_bvrchr( &ptr, ',' ); + if ( comma != NULL ) { + ptr.bv_len = comma - ptr.bv_val; + } else { + ptr.bv_len = 0; + break; + } } - if ( ptr ) { - *ptr++ = ','; - dn.bv_len -= ptr - dn.bv_val; - dn.bv_val = ptr; + + if ( !BER_BVISEMPTY( &ptr ) ) { + dn.bv_len -= ptr.bv_len + 1; + dn.bv_val += ptr.bv_len + 1; } + /* the normalizedDNs are always the same length, no counting * required. */ + nptr = ndn; if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) { ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len; ndn.bv_len = be->be_nsuffix[0].bv_len; + + nptr.bv_len = ndn.bv_val - nptr.bv_val - 1; + + } else { + nptr.bv_len = 0; } while ( ndn.bv_val > e->e_nname.bv_val ) { @@ -1821,23 +2265,28 @@ syncrepl_add_glue( } else { /* incl. ALREADY EXIST */ entry_free( glue ); + if ( rs_add.sr_err != LDAP_ALREADY_EXISTS ) { + entry_free( e ); + return rc; + } } /* Move to next child */ - for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--) { - /* empty */ - } - if ( ptr == e->e_name.bv_val ) break; - dn.bv_val = ++ptr; - dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val); - for( ptr = ndn.bv_val-2; - ptr > e->e_nname.bv_val && *ptr != ','; - ptr--) - { - /* empty */ + comma = ber_bvrchr( &ptr, ',' ); + if ( comma == NULL ) { + break; } - ndn.bv_val = ++ptr; - ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val); + ptr.bv_len = comma - ptr.bv_val; + + dn.bv_val = ++comma; + dn.bv_len = e->e_name.bv_len - (dn.bv_val - e->e_name.bv_val); + + comma = ber_bvrchr( &nptr, ',' ); + assert( comma != NULL ); + nptr.bv_len = comma - nptr.bv_val; + + ndn.bv_val = ++comma; + ndn.bv_len = e->e_nname.bv_len - (ndn.bv_val - e->e_nname.bv_val); } op->o_req_dn = e->e_name; @@ -1850,10 +2299,10 @@ syncrepl_add_glue( entry_free( e ); } - return; + return rc; } -void +static int syncrepl_updateCookie( syncinfo_t *si, Operation *op, @@ -1861,26 +2310,22 @@ syncrepl_updateCookie( struct sync_cookie *syncCookie ) { Backend *be = op->o_bd; - Modifications mod = {0}; - struct berval vals[2]; + Modifications mod = { { 0 } }; + struct berval vals[ 2 ]; int rc; slap_callback cb = { NULL }; SlapReply rs_modify = {REP_RESULT}; - slap_sync_cookie_free( &si->si_syncCookie, 0 ); - slap_dup_sync_cookie( &si->si_syncCookie, syncCookie ); - mod.sml_op = LDAP_MOD_REPLACE; mod.sml_desc = slap_schema.si_ad_contextCSN; mod.sml_type = mod.sml_desc->ad_cname; mod.sml_values = vals; - vals[0] = si->si_syncCookie.ctxcsn; - vals[1].bv_val = NULL; - vals[1].bv_len = 0; + vals[0] = syncCookie->ctxcsn; + BER_BVZERO( &vals[1] ); - slap_queue_csn( op, &si->si_syncCookie.ctxcsn ); + slap_queue_csn( op, &syncCookie->ctxcsn ); op->o_tag = LDAP_REQ_MODIFY; @@ -1899,14 +2344,20 @@ syncrepl_updateCookie( rc = be->be_modify( op, &rs_modify ); op->o_msgid = 0; - if ( rs_modify.sr_err != LDAP_SUCCESS ) { + if ( rs_modify.sr_err == LDAP_SUCCESS ) { + slap_sync_cookie_free( &si->si_syncCookie, 0 ); + slap_dup_sync_cookie( &si->si_syncCookie, syncCookie ); + } else { Debug( LDAP_DEBUG_ANY, "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 ); } slap_graduate_commit_csn( op ); - return; + op->o_tmpfree( op->o_csn.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &op->o_csn ); + + return rc; } static int @@ -1936,10 +2387,11 @@ dn_callback( * discover if the deleteOldRdn argument applies here. It * would save an unnecessary Modify if we detected it, but * that's a fair amount of trouble to compare the two attr - * lists in detail. + * lists in detail. (Just test normalized DN; we ignore + * insignificant changes here.) */ - if ( !dn_match( &rs->sr_entry->e_name, - &dni->new_entry->e_name ) ) + if ( !dn_match( &rs->sr_entry->e_nname, + &dni->new_entry->e_nname ) ) { dni->renamed = 1; } @@ -2067,7 +2519,7 @@ null_callback( return LDAP_SUCCESS; } -struct berval * +static struct berval * slap_uuidstr_from_normalized( struct berval* uuidstr, struct berval* normalized, @@ -2148,11 +2600,26 @@ avl_ber_bvfree( void *v_bv ) void syncinfo_free( syncinfo_t *sie ) { - ldap_pvt_thread_mutex_destroy( &sie->si_mutex ); - if ( !BER_BVISNULL( &sie->si_provideruri ) ) { - ch_free( sie->si_provideruri.bv_val ); + if ( sie->si_ld ) { + if ( sie->si_conn_setup ) { + ber_socket_t s; + ldap_get_option( sie->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + sie->si_conn_setup = 0; + } + ldap_unbind_ext( sie->si_ld, NULL, NULL ); + } + + /* re-fetch it, in case it was already removed */ + sie->si_re = ldap_pvt_runqueue_find( &slapd_rq, do_syncrepl, sie ); + if ( sie->si_re ) { + if ( ldap_pvt_runqueue_isrunning( &slapd_rq, sie->si_re ) ) + ldap_pvt_runqueue_stoptask( &slapd_rq, sie->si_re ); + ldap_pvt_runqueue_remove( &slapd_rq, sie->si_re ); } + ldap_pvt_thread_mutex_destroy( &sie->si_mutex ); + bindconf_free( &sie->si_bindconf ); if ( sie->si_filterstr.bv_val ) { @@ -2206,9 +2673,6 @@ syncinfo_free( syncinfo_t *sie ) if ( sie->si_presentlist ) { avl_free( sie->si_presentlist, avl_ber_bvfree ); } - if ( sie->si_ld ) { - ldap_ld_free( sie->si_ld, 1, NULL, NULL ); - } while ( !LDAP_LIST_EMPTY( &sie->si_nonpresentlist )) { struct nonpresent_entry* npe; npe = LDAP_LIST_FIRST( &sie->si_nonpresentlist ); @@ -2235,21 +2699,25 @@ syncinfo_free( syncinfo_t *sie ) /* NOTE: used & documented in slapd.conf(5) */ #define IDSTR "rid" #define PROVIDERSTR "provider" -#define TYPESTR "type" -#define INTERVALSTR "interval" -#define SEARCHBASESTR "searchbase" +#define SCHEMASTR "schemachecking" #define FILTERSTR "filter" +#define SEARCHBASESTR "searchbase" #define SCOPESTR "scope" -#define ATTRSSTR "attrs" #define ATTRSONLYSTR "attrsonly" +#define ATTRSSTR "attrs" +#define TYPESTR "type" +#define INTERVALSTR "interval" +#define RETRYSTR "retry" #define SLIMITSTR "sizelimit" #define TLIMITSTR "timelimit" -#define SCHEMASTR "schemachecking" +#define SYNCDATASTR "syncdata" /* FIXME: undocumented */ +#define LOGBASESTR "logbase" +#define LOGFILTERSTR "logfilter" #define OLDAUTHCSTR "bindprincipal" #define EXATTRSSTR "exattrs" -#define RETRYSTR "retry" +#define MANAGEDSAITSTR "manageDSAit" /* FIXME: unused */ #define LASTMODSTR "lastmod" @@ -2258,7 +2726,6 @@ syncinfo_free( syncinfo_t *sie ) #define LMREQSTR "req" #define SRVTABSTR "srvtab" #define SUFFIXSTR "suffix" -#define MANAGEDSAITSTR "manageDSAit" /* mandatory */ #define GOT_ID 0x0001 @@ -2273,50 +2740,64 @@ static struct { } scopes[] = { { BER_BVC("base"), LDAP_SCOPE_BASE }, { BER_BVC("one"), LDAP_SCOPE_ONELEVEL }, -#ifdef LDAP_SCOPE_SUBORDINATE + { BER_BVC("onelevel"), LDAP_SCOPE_ONELEVEL }, /* OpenLDAP extension */ { BER_BVC("children"), LDAP_SCOPE_SUBORDINATE }, - { BER_BVC("subordinate"), 0 }, -#endif + { BER_BVC("subord"), LDAP_SCOPE_SUBORDINATE }, + { BER_BVC("subordinate"), LDAP_SCOPE_SUBORDINATE }, { BER_BVC("sub"), LDAP_SCOPE_SUBTREE }, + { BER_BVC("subtree"), LDAP_SCOPE_SUBTREE }, /* OpenLDAP extension */ + { BER_BVNULL, 0 } +}; + +static slap_verbmasks datamodes[] = { + { BER_BVC("default"), SYNCDATA_DEFAULT }, + { BER_BVC("accesslog"), SYNCDATA_ACCESSLOG }, + { BER_BVC("changelog"), SYNCDATA_CHANGELOG }, { BER_BVNULL, 0 } }; static int parse_syncrepl_line( - char **cargv, - int cargc, - syncinfo_t *si -) + ConfigArgs *c, + syncinfo_t *si ) { int gots = 0; int i; char *val; - for ( i = 1; i < cargc; i++ ) { - if ( !strncasecmp( cargv[ i ], IDSTR "=", + for ( i = 1; i < c->argc; i++ ) { + if ( !strncasecmp( c->argv[ i ], IDSTR "=", STRLENOF( IDSTR "=" ) ) ) { int tmp; /* '\0' string terminator accounts for '=' */ - val = cargv[ i ] + STRLENOF( IDSTR "=" ); - tmp= atoi( val ); + val = c->argv[ i ] + STRLENOF( IDSTR "=" ); + if ( lutil_atoi( &tmp, val ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unable to parse syncrepl id \"%s\"", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } if ( tmp >= 1000 || tmp < 0 ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "syncrepl id %d is out of range [0..999]\n", tmp ); + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "syncrepl id %d is out of range [0..999]", tmp ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } si->si_rid = tmp; gots |= GOT_ID; - } else if ( !strncasecmp( cargv[ i ], PROVIDERSTR "=", + } else if ( !strncasecmp( c->argv[ i ], PROVIDERSTR "=", STRLENOF( PROVIDERSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( PROVIDERSTR "=" ); - ber_str2bv( val, 0, 1, &si->si_provideruri ); + val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" ); + ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri ); gots |= GOT_PROVIDER; - } else if ( !strncasecmp( cargv[ i ], SCHEMASTR "=", + } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=", STRLENOF( SCHEMASTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( SCHEMASTR "=" ); + val = c->argv[ i ] + STRLENOF( SCHEMASTR "=" ); if ( !strncasecmp( val, "on", STRLENOF( "on" ) )) { si->si_schemachecking = 1; } else if ( !strncasecmp( val, "off", STRLENOF( "off" ) ) ) { @@ -2324,54 +2805,84 @@ parse_syncrepl_line( } else { si->si_schemachecking = 1; } - } else if ( !strncasecmp( cargv[ i ], FILTERSTR "=", + } else if ( !strncasecmp( c->argv[ i ], FILTERSTR "=", STRLENOF( FILTERSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( FILTERSTR "=" ); + val = c->argv[ i ] + STRLENOF( FILTERSTR "=" ); + if ( si->si_filterstr.bv_val ) + ch_free( si->si_filterstr.bv_val ); ber_str2bv( val, 0, 1, &si->si_filterstr ); - } else if ( !strncasecmp( cargv[ i ], SEARCHBASESTR "=", + } else if ( !strncasecmp( c->argv[ i ], LOGFILTERSTR "=", + STRLENOF( LOGFILTERSTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( LOGFILTERSTR "=" ); + if ( si->si_logfilterstr.bv_val ) + ch_free( si->si_logfilterstr.bv_val ); + ber_str2bv( val, 0, 1, &si->si_logfilterstr ); + } else if ( !strncasecmp( c->argv[ i ], SEARCHBASESTR "=", STRLENOF( SEARCHBASESTR "=" ) ) ) { struct berval bv; int rc; - val = cargv[ i ] + STRLENOF( SEARCHBASESTR "=" ); + val = c->argv[ i ] + STRLENOF( SEARCHBASESTR "=" ); if ( si->si_base.bv_val ) { ch_free( si->si_base.bv_val ); } ber_str2bv( val, 0, 0, &bv ); rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_base, NULL ); if ( rc != LDAP_SUCCESS ) { - fprintf( stderr, "Invalid base DN \"%s\": %d (%s)\n", + snprintf( c->msg, sizeof( c->msg ), + "Invalid base DN \"%s\": %d (%s)", + val, rc, ldap_err2string( rc ) ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + } else if ( !strncasecmp( c->argv[ i ], LOGBASESTR "=", + STRLENOF( LOGBASESTR "=" ) ) ) + { + struct berval bv; + int rc; + + val = c->argv[ i ] + STRLENOF( LOGBASESTR "=" ); + if ( si->si_logbase.bv_val ) { + ch_free( si->si_logbase.bv_val ); + } + ber_str2bv( val, 0, 0, &bv ); + rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_logbase, NULL ); + if ( rc != LDAP_SUCCESS ) { + snprintf( c->msg, sizeof( c->msg ), + "Invalid logbase DN \"%s\": %d (%s)", val, rc, ldap_err2string( rc ) ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - } else if ( !strncasecmp( cargv[ i ], SCOPESTR "=", + } else if ( !strncasecmp( c->argv[ i ], SCOPESTR "=", STRLENOF( SCOPESTR "=" ) ) ) { int j; - val = cargv[ i ] + STRLENOF( SCOPESTR "=" ); + val = c->argv[ i ] + STRLENOF( SCOPESTR "=" ); for ( j=0; !BER_BVISNULL(&scopes[j].key); j++ ) { - if (!strncasecmp( val, scopes[j].key.bv_val, - scopes[j].key.bv_len )) { - while (!scopes[j].val) j--; + if (!strcasecmp( val, scopes[j].key.bv_val )) { si->si_scope = scopes[j].val; break; } } if ( BER_BVISNULL(&scopes[j].key) ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "unknown scope \"%s\"\n", val); + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unknown scope \"%s\"", val); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - } else if ( !strncasecmp( cargv[ i ], ATTRSONLYSTR "=", - STRLENOF( ATTRSONLYSTR "=" ) ) ) + } else if ( !strncasecmp( c->argv[ i ], ATTRSONLYSTR, + STRLENOF( ATTRSONLYSTR ) ) ) { si->si_attrsonly = 1; - } else if ( !strncasecmp( cargv[ i ], ATTRSSTR "=", + } else if ( !strncasecmp( c->argv[ i ], ATTRSSTR "=", STRLENOF( ATTRSSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( ATTRSSTR "=" ); + val = c->argv[ i ] + STRLENOF( ATTRSSTR "=" ); if ( !strncasecmp( val, ":include:", STRLENOF(":include:") ) ) { char *attr_fname; attr_fname = ch_strdup( val + STRLENOF(":include:") ); @@ -2404,15 +2915,15 @@ parse_syncrepl_line( return -1; } } - } else if ( !strncasecmp( cargv[ i ], EXATTRSSTR "=", + } else if ( !strncasecmp( c->argv[ i ], EXATTRSSTR "=", STRLENOF( EXATTRSSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( EXATTRSSTR "=" ); + val = c->argv[ i ] + STRLENOF( EXATTRSSTR "=" ); if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) { char *attr_fname; attr_fname = ch_strdup( val + STRLENOF(":include:") ); si->si_exanlist = file2anlist( - si->si_exanlist, attr_fname, " ,\t" ); + si->si_exanlist, attr_fname, " ,\t" ); if ( si->si_exanlist == NULL ) { ch_free( attr_fname ); return -1; @@ -2424,85 +2935,98 @@ parse_syncrepl_line( return -1; } } - } else if ( !strncasecmp( cargv[ i ], TYPESTR "=", + } else if ( !strncasecmp( c->argv[ i ], TYPESTR "=", STRLENOF( TYPESTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( TYPESTR "=" ); + val = c->argv[ i ] + STRLENOF( TYPESTR "=" ); if ( !strncasecmp( val, "refreshOnly", - STRLENOF("refreshOnly") )) + STRLENOF("refreshOnly") ) ) { - si->si_type = LDAP_SYNC_REFRESH_ONLY; + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_ONLY; } else if ( !strncasecmp( val, "refreshAndPersist", - STRLENOF("refreshAndPersist") )) + STRLENOF("refreshAndPersist") ) ) { - si->si_type = LDAP_SYNC_REFRESH_AND_PERSIST; + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_AND_PERSIST; si->si_interval = 60; } else { - fprintf( stderr, "Error: parse_syncrepl_line: " - "unknown sync type \"%s\"\n", val); + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unknown sync type \"%s\"", val); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - } else if ( !strncasecmp( cargv[ i ], INTERVALSTR "=", + } else if ( !strncasecmp( c->argv[ i ], INTERVALSTR "=", STRLENOF( INTERVALSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( INTERVALSTR "=" ); + val = c->argv[ i ] + STRLENOF( INTERVALSTR "=" ); if ( si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ) { si->si_interval = 0; - } else { - char *hstr; - char *mstr; - char *dstr; - char *sstr; - int dd, hh, mm, ss; - dstr = val; - hstr = strchr( dstr, ':' ); - if ( hstr == NULL ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "invalid interval \"%s\"\n", val ); + } else if ( strchr( val, ':' ) != NULL ) { + char *next, *ptr = val; + unsigned dd, hh, mm, ss; + dd = strtoul( ptr, &next, 10 ); + if ( next == ptr || next[0] != ':' ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse days", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - *hstr++ = '\0'; - mstr = strchr( hstr, ':' ); - if ( mstr == NULL ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "invalid interval \"%s\"\n", val ); + ptr = next + 1; + hh = strtoul( ptr, &next, 10 ); + if ( next == ptr || next[0] != ':' || hh > 24 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse hours", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - *mstr++ = '\0'; - sstr = strchr( mstr, ':' ); - if ( sstr == NULL ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "invalid interval \"%s\"\n", val ); + ptr = next + 1; + mm = strtoul( ptr, &next, 10 ); + if ( next == ptr || next[0] != ':' || mm > 60 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse minutes", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - *sstr++ = '\0'; - - dd = atoi( dstr ); - hh = atoi( hstr ); - mm = atoi( mstr ); - ss = atoi( sstr ); - if (( hh > 24 ) || ( hh < 0 ) || - ( mm > 60 ) || ( mm < 0 ) || - ( ss > 60 ) || ( ss < 0 ) || ( dd < 0 )) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "invalid interval \"%s\"\n", val ); + ptr = next + 1; + ss = strtoul( ptr, &next, 10 ); + if ( next == ptr || next[0] != '\0' || ss > 60 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\", unable to parse seconds", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } si->si_interval = (( dd * 24 + hh ) * 60 + mm ) * 60 + ss; + } else { + unsigned long t; + + if ( lutil_parse_time( val, &t ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%s\"", val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return -1; + } + si->si_interval = (time_t)t; } if ( si->si_interval < 0 ) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "invalid interval \"%ld\"\n", + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "invalid interval \"%ld\"", (long) si->si_interval); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } - } else if ( !strncasecmp( cargv[ i ], RETRYSTR "=", + } else if ( !strncasecmp( c->argv[ i ], RETRYSTR "=", STRLENOF( RETRYSTR "=" ) ) ) { char **retry_list; int j, k, n; - val = cargv[ i ] + STRLENOF( RETRYSTR "=" ); + val = c->argv[ i ] + STRLENOF( RETRYSTR "=" ); retry_list = (char **) ch_calloc( 1, sizeof( char * )); retry_list[0] = NULL; @@ -2511,62 +3035,124 @@ parse_syncrepl_line( for ( k = 0; retry_list && retry_list[k]; k++ ) ; n = k / 2; if ( k % 2 ) { - fprintf( stderr, - "Error: incomplete syncrepl retry list\n" ); + snprintf( c->msg, sizeof( c->msg ), + "Error: incomplete syncrepl retry list" ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); for ( k = 0; retry_list && retry_list[k]; k++ ) { ch_free( retry_list[k] ); } ch_free( retry_list ); - exit( EXIT_FAILURE ); + return 1; } si->si_retryinterval = (time_t *) ch_calloc( n + 1, sizeof( time_t )); si->si_retrynum = (int *) ch_calloc( n + 1, sizeof( int )); si->si_retrynum_init = (int *) ch_calloc( n + 1, sizeof( int )); for ( j = 0; j < n; j++ ) { - si->si_retryinterval[j] = atoi( retry_list[j*2] ); + unsigned long t; + if ( lutil_atoul( &t, retry_list[j*2] ) != 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid retry interval \"%s\" (#%d)", + retry_list[j*2], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } + si->si_retryinterval[j] = (time_t)t; if ( *retry_list[j*2+1] == '+' ) { - si->si_retrynum_init[j] = -1; - si->si_retrynum[j] = -1; + si->si_retrynum_init[j] = RETRYNUM_FOREVER; + si->si_retrynum[j] = RETRYNUM_FOREVER; j++; break; } else { - si->si_retrynum_init[j] = atoi( retry_list[j*2+1] ); - si->si_retrynum[j] = atoi( retry_list[j*2+1] ); + if ( lutil_atoi( &si->si_retrynum_init[j], retry_list[j*2+1] ) != 0 + || si->si_retrynum_init[j] <= 0 ) + { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid initial retry number \"%s\" (#%d)", + retry_list[j*2+1], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } + if ( lutil_atoi( &si->si_retrynum[j], retry_list[j*2+1] ) != 0 + || si->si_retrynum[j] <= 0 ) + { + snprintf( c->msg, sizeof( c->msg ), + "Error: invalid retry number \"%s\" (#%d)", + retry_list[j*2+1], j ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + /* do some cleanup */ + return 1; + } } } - si->si_retrynum_init[j] = -2; - si->si_retrynum[j] = -2; + si->si_retrynum_init[j] = RETRYNUM_TAIL; + si->si_retrynum[j] = RETRYNUM_TAIL; si->si_retryinterval[j] = 0; for ( k = 0; retry_list && retry_list[k]; k++ ) { ch_free( retry_list[k] ); } ch_free( retry_list ); - } else if ( !strncasecmp( cargv[ i ], MANAGEDSAITSTR "=", + } else if ( !strncasecmp( c->argv[ i ], MANAGEDSAITSTR "=", STRLENOF( MANAGEDSAITSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( MANAGEDSAITSTR "=" ); - si->si_manageDSAit = atoi( val ); - } else if ( !strncasecmp( cargv[ i ], SLIMITSTR "=", + val = c->argv[ i ] + STRLENOF( MANAGEDSAITSTR "=" ); + if ( lutil_atoi( &si->si_manageDSAit, val ) != 0 + || si->si_manageDSAit < 0 || si->si_manageDSAit > 1 ) + { + snprintf( c->msg, sizeof( c->msg ), + "invalid manageDSAit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], SLIMITSTR "=", STRLENOF( SLIMITSTR "=") ) ) { - val = cargv[ i ] + STRLENOF( SLIMITSTR "=" ); - si->si_slimit = atoi( val ); - } else if ( !strncasecmp( cargv[ i ], TLIMITSTR "=", + val = c->argv[ i ] + STRLENOF( SLIMITSTR "=" ); + if ( strcasecmp( val, "unlimited" ) == 0 ) { + si->si_slimit = 0; + + } else if ( lutil_atoi( &si->si_slimit, val ) != 0 || si->si_slimit < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "invalid size limit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], TLIMITSTR "=", STRLENOF( TLIMITSTR "=" ) ) ) { - val = cargv[ i ] + STRLENOF( TLIMITSTR "=" ); - si->si_tlimit = atoi( val ); - } else if ( bindconf_parse( cargv[i], &si->si_bindconf )) { - fprintf( stderr, "Error: parse_syncrepl_line: " - "unknown keyword \"%s\"\n", cargv[ i ] ); + val = c->argv[ i ] + STRLENOF( TLIMITSTR "=" ); + if ( strcasecmp( val, "unlimited" ) == 0 ) { + si->si_tlimit = 0; + + } else if ( lutil_atoi( &si->si_tlimit, val ) != 0 || si->si_tlimit < 0 ) { + snprintf( c->msg, sizeof( c->msg ), + "invalid time limit value \"%s\".\n", + val ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); + return 1; + } + } else if ( !strncasecmp( c->argv[ i ], SYNCDATASTR "=", + STRLENOF( SYNCDATASTR "=" ) ) ) + { + val = c->argv[ i ] + STRLENOF( SYNCDATASTR "=" ); + si->si_syncdata = verb_to_mask( val, datamodes ); + } else if ( bindconf_parse( c->argv[i], &si->si_bindconf ) ) { + snprintf( c->msg, sizeof( c->msg ), + "Error: parse_syncrepl_line: " + "unknown keyword \"%s\"\n", c->argv[ i ] ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } } if ( gots != GOT_ALL ) { - fprintf( stderr, + snprintf( c->msg, sizeof( c->msg ), "Error: Malformed \"syncrepl\" line in slapd config file" ); + Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 ); return -1; } @@ -2575,17 +3161,14 @@ parse_syncrepl_line( static int add_syncrepl( - Backend *be, - char **cargv, - int cargc -) + ConfigArgs *c ) { syncinfo_t *si; int rc = 0; - if ( !( be->be_search && be->be_add && be->be_modify && be->be_delete )) { - Debug( LDAP_DEBUG_ANY, "database %s does not support operations " - "required for syncrepl\n", be->be_type, 0, 0 ); + if ( !( c->be->be_search && c->be->be_add && c->be->be_modify && c->be->be_delete ) ) { + Debug( LDAP_DEBUG_ANY, "%s: database %s does not support operations " + "required for syncrepl\n", c->log, c->be->be_type, 0 ); return 1; } si = (syncinfo_t *) ch_calloc( 1, sizeof( syncinfo_t ) ); @@ -2609,7 +3192,7 @@ add_syncrepl( si->si_allattrs = 0; si->si_allopattrs = 0; si->si_exattrs = NULL; - si->si_type = LDAP_SYNC_REFRESH_ONLY; + si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_ONLY; si->si_interval = 86400; si->si_retryinterval = NULL; si->si_retrynum_init = NULL; @@ -2617,18 +3200,19 @@ add_syncrepl( si->si_manageDSAit = 0; si->si_tlimit = 0; si->si_slimit = 0; + si->si_conn_setup = 0; si->si_presentlist = NULL; LDAP_LIST_INIT( &si->si_nonpresentlist ); ldap_pvt_thread_mutex_init( &si->si_mutex ); - rc = parse_syncrepl_line( cargv, cargc, si ); + rc = parse_syncrepl_line( c, si ); if ( rc == 0 ) { - si->si_be = be; + si->si_be = c->be; init_syncrepl( si ); si->si_re = ldap_pvt_runqueue_insert( &slapd_rq, si->si_interval, - do_syncrepl, si, "do_syncrepl", be->be_suffix[0].bv_val ); + do_syncrepl, si, "do_syncrepl", c->be->be_suffix[0].bv_val ); if ( !si->si_re ) rc = -1; } @@ -2639,12 +3223,12 @@ add_syncrepl( } else { Debug( LDAP_DEBUG_CONFIG, "Config: ** successfully added syncrepl \"%s\"\n", - BER_BVISNULL( &si->si_provideruri ) ? - "(null)" : si->si_provideruri.bv_val, 0, 0 ); + BER_BVISNULL( &si->si_bindconf.sb_uri ) ? + "(null)" : si->si_bindconf.sb_uri.bv_val, 0, 0 ); if ( !si->si_schemachecking ) { - SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK; + SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK; } - be->be_syncinfo = si; + c->be->be_syncinfo = si; return 0; } } @@ -2652,64 +3236,106 @@ add_syncrepl( static void syncrepl_unparse( syncinfo_t *si, struct berval *bv ) { - struct berval bc; + struct berval bc, uri; char buf[BUFSIZ*2], *ptr; - int i, len; + int i; +#define WHATSLEFT ( sizeof( buf ) - ( ptr - buf ) ) + + BER_BVZERO( bv ); + + /* temporarily inhibit bindconf from printing URI */ + uri = si->si_bindconf.sb_uri; + BER_BVZERO( &si->si_bindconf.sb_uri ); bindconf_unparse( &si->si_bindconf, &bc ); + si->si_bindconf.sb_uri = uri; + ptr = buf; - ptr += sprintf( ptr, IDSTR "=%03d " PROVIDERSTR "=%s", - si->si_rid, si->si_provideruri.bv_val ); + ptr += snprintf( ptr, WHATSLEFT, IDSTR "=%03ld " PROVIDERSTR "=%s", + si->si_rid, si->si_bindconf.sb_uri.bv_val ); + if ( ptr - buf >= sizeof( buf ) ) return; if ( !BER_BVISNULL( &bc )) { + if ( WHATSLEFT <= bc.bv_len ) { + free( bc.bv_val ); + return; + } ptr = lutil_strcopy( ptr, bc.bv_val ); free( bc.bv_val ); } if ( !BER_BVISEMPTY( &si->si_filterstr )) { + if ( WHATSLEFT <= STRLENOF( " " FILTERSTR "=\"" "\"" ) + si->si_filterstr.bv_len ) return; ptr = lutil_strcopy( ptr, " " FILTERSTR "=\"" ); ptr = lutil_strcopy( ptr, si->si_filterstr.bv_val ); *ptr++ = '"'; } if ( !BER_BVISNULL( &si->si_base )) { + if ( WHATSLEFT <= STRLENOF( " " SEARCHBASESTR "=\"" "\"" ) + si->si_base.bv_len ) return; ptr = lutil_strcopy( ptr, " " SEARCHBASESTR "=\"" ); ptr = lutil_strcopy( ptr, si->si_base.bv_val ); *ptr++ = '"'; } + if ( !BER_BVISEMPTY( &si->si_logfilterstr )) { + if ( WHATSLEFT <= STRLENOF( " " LOGFILTERSTR "=\"" "\"" ) + si->si_logfilterstr.bv_len ) return; + ptr = lutil_strcopy( ptr, " " LOGFILTERSTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_logfilterstr.bv_val ); + *ptr++ = '"'; + } + if ( !BER_BVISNULL( &si->si_logbase )) { + if ( WHATSLEFT <= STRLENOF( " " LOGBASESTR "=\"" "\"" ) + si->si_logbase.bv_len ) return; + ptr = lutil_strcopy( ptr, " " LOGBASESTR "=\"" ); + ptr = lutil_strcopy( ptr, si->si_logbase.bv_val ); + *ptr++ = '"'; + } for (i=0; !BER_BVISNULL(&scopes[i].key);i++) { if ( si->si_scope == scopes[i].val ) { + if ( WHATSLEFT <= STRLENOF( " " SCOPESTR "=" ) + scopes[i].key.bv_len ) return; ptr = lutil_strcopy( ptr, " " SCOPESTR "=" ); ptr = lutil_strcopy( ptr, scopes[i].key.bv_val ); break; } } if ( si->si_attrsonly ) { - ptr = lutil_strcopy( ptr, " " ATTRSONLYSTR "=yes" ); + if ( WHATSLEFT <= STRLENOF( " " ATTRSONLYSTR "=\"" "\"" ) ) return; + ptr = lutil_strcopy( ptr, " " ATTRSONLYSTR ); } if ( si->si_anfile ) { - ptr = lutil_strcopy( ptr, " " ATTRSSTR "=:include:" ); + if ( WHATSLEFT <= STRLENOF( " " ATTRSSTR "=\":include:" "\"" ) + strlen( si->si_anfile ) ) return; + ptr = lutil_strcopy( ptr, " " ATTRSSTR "=:include:\"" ); ptr = lutil_strcopy( ptr, si->si_anfile ); + *ptr++ = '"'; } else if ( si->si_allattrs || si->si_allopattrs || - ( si->si_anlist && !BER_BVISNULL(&si->si_anlist[0].an_name) )) { + ( si->si_anlist && !BER_BVISNULL(&si->si_anlist[0].an_name) )) + { char *old; + + if ( WHATSLEFT <= STRLENOF( " " ATTRSONLYSTR "=\"" "\"" ) ) return; ptr = lutil_strcopy( ptr, " " ATTRSSTR "=\"" ); old = ptr; - ptr = anlist_unparse( si->si_anlist, ptr ); + /* FIXME: add check for overflow */ + ptr = anlist_unparse( si->si_anlist, ptr, WHATSLEFT ); if ( si->si_allattrs ) { + if ( WHATSLEFT <= STRLENOF( ",*\"" ) ) return; if ( old != ptr ) *ptr++ = ','; *ptr++ = '*'; } if ( si->si_allopattrs ) { + if ( WHATSLEFT <= STRLENOF( ",+\"" ) ) return; if ( old != ptr ) *ptr++ = ','; *ptr++ = '+'; } *ptr++ = '"'; } if ( si->si_exanlist && !BER_BVISNULL(&si->si_exanlist[0].an_name) ) { + if ( WHATSLEFT <= STRLENOF( " " EXATTRSSTR "=" ) ) return; ptr = lutil_strcopy( ptr, " " EXATTRSSTR "=" ); - ptr = anlist_unparse( si->si_exanlist, ptr ); + /* FIXME: add check for overflow */ + ptr = anlist_unparse( si->si_exanlist, ptr, WHATSLEFT ); } + if ( WHATSLEFT <= STRLENOF( " " SCHEMASTR "=" ) + STRLENOF( "off" ) ) return; ptr = lutil_strcopy( ptr, " " SCHEMASTR "=" ); ptr = lutil_strcopy( ptr, si->si_schemachecking ? "on" : "off" ); + if ( WHATSLEFT <= STRLENOF( " " TYPESTR "=" ) + STRLENOF( "refreshAndPersist" ) ) return; ptr = lutil_strcopy( ptr, " " TYPESTR "=" ); ptr = lutil_strcopy( ptr, si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ? "refreshAndPersist" : "refreshOnly" ); @@ -2725,30 +3351,43 @@ syncrepl_unparse( syncinfo_t *si, struct berval *bv ) hh = dd % 24; dd /= 24; ptr = lutil_strcopy( ptr, " " INTERVALSTR "=" ); - ptr += sprintf( ptr, "%02d:%02d:%02d:%02d", dd, hh, mm, ss ); + ptr += snprintf( ptr, WHATSLEFT, "%02d:%02d:%02d:%02d", dd, hh, mm, ss ); + if ( ptr - buf >= sizeof( buf ) ) return; } else if ( si->si_retryinterval ) { int space=0; + if ( WHATSLEFT <= STRLENOF( " " RETRYSTR "=\"" "\"" ) ) return; ptr = lutil_strcopy( ptr, " " RETRYSTR "=\"" ); for (i=0; si->si_retryinterval[i]; i++) { if ( space ) *ptr++ = ' '; space = 1; - ptr += sprintf( ptr, "%d ", si->si_retryinterval[i] ); - if ( si->si_retrynum_init[i] == -1 ) + ptr += snprintf( ptr, WHATSLEFT, "%ld ", (long) si->si_retryinterval[i] ); + if ( si->si_retrynum_init[i] == RETRYNUM_FOREVER ) *ptr++ = '+'; else - ptr += sprintf( ptr, "%d", si->si_retrynum_init ); + ptr += snprintf( ptr, WHATSLEFT, "%d", si->si_retrynum_init[i] ); } + if ( WHATSLEFT <= STRLENOF( "\"" ) ) return; *ptr++ = '"'; } if ( si->si_slimit ) { + if ( WHATSLEFT <= STRLENOF( " " SLIMITSTR "=" ) ) return; ptr = lutil_strcopy( ptr, " " SLIMITSTR "=" ); - ptr += sprintf( ptr, "%d", si->si_slimit ); + ptr += snprintf( ptr, WHATSLEFT, "%d", si->si_slimit ); } if ( si->si_tlimit ) { + if ( WHATSLEFT <= STRLENOF( " " TLIMITSTR "=" ) ) return; ptr = lutil_strcopy( ptr, " " TLIMITSTR "=" ); - ptr += sprintf( ptr, "%d", si->si_tlimit ); + ptr += snprintf( ptr, WHATSLEFT, "%d", si->si_tlimit ); + } + + if ( si->si_syncdata ) { + if ( enum_to_verb( datamodes, si->si_syncdata, &bc ) >= 0 ) { + if ( WHATSLEFT <= STRLENOF( " " SYNCDATASTR "=" ) + bc.bv_len ) return; + ptr = lutil_strcopy( ptr, " " SYNCDATASTR "=" ); + ptr = lutil_strcopy( ptr, bc.bv_val ); + } } bc.bv_len = ptr - buf; bc.bv_val = buf; @@ -2756,7 +3395,8 @@ syncrepl_unparse( syncinfo_t *si, struct berval *bv ) } int -syncrepl_config(ConfigArgs *c) { +syncrepl_config( ConfigArgs *c ) +{ if (c->op == SLAP_CONFIG_EMIT) { if ( c->be->be_syncinfo ) { struct berval bv; @@ -2769,26 +3409,19 @@ syncrepl_config(ConfigArgs *c) { struct re_s *re; if ( c->be->be_syncinfo ) { - re = c->be->be_syncinfo->si_re; - if ( re ) { - if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re )) - ldap_pvt_runqueue_stoptask( &slapd_rq, re ); - ldap_pvt_runqueue_remove( &slapd_rq, re ); - } syncinfo_free( c->be->be_syncinfo ); c->be->be_syncinfo = NULL; } - SLAP_DBFLAGS(c->be) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW); + SLAP_DBFLAGS( c->be ) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW); return 0; } - if(SLAP_SHADOW(c->be)) { + if ( SLAP_SHADOW( c->be ) ) { Debug(LDAP_DEBUG_ANY, "%s: " "syncrepl: database already shadowed.\n", c->log, 0, 0); return(1); - } else if(add_syncrepl(c->be, c->argv, c->argc)) { + } else if ( add_syncrepl( c ) ) { return(1); } - SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SYNC_SHADOW); - return(0); + return config_sync_shadow( c ); }