X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsyncrepl.c;h=f0fac417fb7b4c9a8184b9221fac843911ca7da4;hb=62b6b326338d5162b0f570eaeb8a227fbc5a9c62;hp=d510b4309875f79274843ef8a848d2ed58cce934;hpb=cd108bb682b630714567bb06f817eff88a36a791;p=openldap diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c index d510b43098..f0fac417fb 100644 --- a/servers/slapd/syncrepl.c +++ b/servers/slapd/syncrepl.c @@ -1,23 +1,19 @@ +/* syncrepl.c -- Replication Engine which uses the LDAP Sync protocol */ /* $OpenLDAP$ */ -/* - * Replication Engine which uses the LDAP Sync protocol - */ -/* Copyright (c) 2003 by International Business Machines, Inc. +/* This work is part of OpenLDAP Software . + * + * Copyright 2003-2004 The OpenLDAP Foundation. + * Portions Copyright 2003 by IBM Corporation. + * Portions Copyright 2003 by Howard Chu, Symas Corporation. + * All rights reserved. * - * International Business Machines, Inc. (hereinafter called IBM) grants - * permission under its copyrights to use, copy, modify, and distribute this - * Software with or without fee, provided that the above copyright notice and - * all paragraphs of this notice appear in all copies, and that the name of IBM - * not be used in connection with the marketing of any product incorporating - * the Software or modifications thereof, without specific, written prior - * permission. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. * - * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, - * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, - * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN - * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. + * A copy of this license is available in the file LICENSE in the + * top-level directory of the distribution or, alternatively, at + * . */ #include "portable.h" @@ -26,736 +22,1049 @@ #include #include -#include -#include "ldap_pvt.h" #include "lutil.h" #include "slap.h" #include "lutil_ldap.h" #include "ldap_rq.h" -static void -syncrepl_del_nonpresent( LDAP *, Operation * ); +#define SYNCREPL_STR "syncreplxxx" +#define CN_STR "cn=" + +static const struct berval slap_syncrepl_bvc = BER_BVC(SYNCREPL_STR); +static const struct berval slap_syncrepl_cn_bvc = BER_BVC(CN_STR SYNCREPL_STR); + +static int syncuuid_cmp( const void *, const void * ); +static void avl_ber_bvfree( void * ); +static void syncrepl_del_nonpresent( Operation *, syncinfo_t * ); /* callback functions */ -static int cookie_callback( struct slap_op *, struct slap_rep * ); static int dn_callback( struct slap_op *, struct slap_rep * ); static int nonpresent_callback( struct slap_op *, struct slap_rep * ); static int null_callback( struct slap_op *, struct slap_rep * ); -static int contextcsn_callback( Operation*, SlapReply* ); -static AttributeDescription **sync_descs; +static AttributeDescription *sync_descs[4]; struct runqueue_s syncrepl_rq; void -init_syncrepl() +init_syncrepl(syncinfo_t *si) { - sync_descs = ch_malloc( 4 * sizeof( AttributeDescription * )); - sync_descs[0] = slap_schema.si_ad_objectClass; - sync_descs[1] = slap_schema.si_ad_structuralObjectClass; - sync_descs[2] = slap_schema.si_ad_entryCSN; - sync_descs[3] = NULL; -} - -int -ldap_sync_search( - syncinfo_t *si, - LDAP *ld, - LDAPControl **sctrls, - LDAPControl **cctrls, - int *msgidp ) -{ - BerElement *ber; - int timelimit; - ber_int_t id; - - int rc; - BerElement *sync_ber = NULL; - struct berval *sync_bvalp = NULL; - LDAPControl c[2]; - LDAPControl **ctrls; - int err; - struct timeval timeout; + int i, j, k, l, n; + char **attrs, **exattrs; + ObjectClass *oc; + + if ( !sync_descs[0] ) { + sync_descs[0] = slap_schema.si_ad_objectClass; + sync_descs[1] = slap_schema.si_ad_structuralObjectClass; + sync_descs[2] = slap_schema.si_ad_entryCSN; + sync_descs[3] = NULL; + } - /* setup LDAP SYNC control */ - sync_ber = ber_alloc_t( LBER_USE_DER ); - ber_set_option( sync_ber, LBER_OPT_BER_MEMCTX, NULL ); + if ( si->si_allattrs && si->si_allopattrs ) + attrs = NULL; + else + attrs = anlist2attrs( si->si_anlist ); + + if ( attrs ) { + if ( si->si_allattrs ) { + i = 0; + while ( attrs[i] ) { + if ( !is_at_operational( at_find( attrs[i] ))) { + for ( j = i; attrs[j] != NULL; j++ ) { + if ( j == i ) + ch_free( attrs[i] ); + attrs[j] = attrs[j+1]; + } + } else { + i++; + } + } + attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) ); + attrs[i] = ch_strdup("*"); + attrs[i + 1] = NULL; + + } else if ( si->si_allopattrs ) { + i = 0; + while ( attrs[i] ) { + if ( is_at_operational( at_find( attrs[i] ))) { + for ( j = i; attrs[j] != NULL; j++ ) { + if ( j == i ) + ch_free( attrs[i] ); + attrs[j] = attrs[j+1]; + } + } else { + i++; + } + } + attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) ); + attrs[i] = ch_strdup("+"); + attrs[i + 1] = NULL; + } - if ( si->syncCookie ) { - ber_printf( sync_ber, "{eO}", abs(si->type), si->syncCookie ); - } else { - ber_printf( sync_ber, "{e}", abs(si->type) ); - } + if ( !si->si_allopattrs ) { + for ( i = 0; sync_descs[i] != NULL; i++ ) { + j = 0; + while ( attrs[j] ) { + if ( !strcmp( attrs[j], sync_descs[i]->ad_cname.bv_val )) { + for ( k = j; attrs[k] != NULL; k++ ) { + if ( k == j ) + ch_free( attrs[k] ); + attrs[k] = attrs[k+1]; + } + } else { + j++; + } + } - if ( ber_flatten( sync_ber, &sync_bvalp ) == LBER_ERROR ) { - ber_free( sync_ber, 1 ); - return LBER_ERROR; - } - ber_free( sync_ber, 1 ); + } + for ( n = 0; attrs[ n ] != NULL; n++ ) /* empty */; + attrs = ( char ** ) ch_realloc( attrs, (n + 4)*sizeof( char * )); + if ( attrs == NULL ) { + Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); + } + + /* Add Attributes */ + for ( i = 0; sync_descs[ i ] != NULL; i++ ) { + attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val ); + } + attrs[ n ] = NULL; + } - ctrls = (LDAPControl**) sl_calloc( 3, sizeof(LDAPControl*), NULL ); + } else { + for ( n = 0; sync_descs[ n ] != NULL; n++ ) ; + + attrs = ( char ** ) ch_malloc(( + (si->si_allattrs ? 1 : ( si->si_allopattrs ? 0 : 1)) + + (si->si_allopattrs ? 1 : ( si->si_allattrs ? n : 1)) + + 1 ) * sizeof( char * ) ); + if ( attrs == NULL ) { + Debug( LDAP_DEBUG_ANY, "out of memory\n", 0, 0, 0 ); + } + + i = 0; + if ( si->si_allattrs ) { + attrs[i++] = ch_strdup( "*" ); + } - c[0].ldctl_oid = LDAP_CONTROL_SYNC; - c[0].ldctl_value = (*sync_bvalp); - c[0].ldctl_iscritical = si->type < 0; - ctrls[0] = &c[0]; + if ( si->si_allopattrs ) { + attrs[i++] = ch_strdup( "+" ); + } else { + for ( j = 0; sync_descs[ j ] != NULL; j++ ) { + attrs[ i++ ] = ch_strdup ( sync_descs[j]->ad_cname.bv_val ); + } + } + attrs[i] = NULL; - if ( si->authzId ) { - c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ; - c[1].ldctl_value.bv_val = si->authzId; - c[1].ldctl_value.bv_len = strlen( si->authzId ); - c[1].ldctl_iscritical = 1; - ctrls[1] = &c[1]; - } else { - ctrls[1] = NULL; - } + if ( !si->si_allattrs && !si->si_allopattrs ) { + attrs[0] = ch_strdup( "*" ); + attrs[1] = ch_strdup( "+" ); + attrs[2] = NULL; + } + } + + si->si_attrs = attrs; - ctrls[2] = NULL; + exattrs = anlist2attrs( si->si_exanlist ); - err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, ctrls ); + if ( exattrs ) { + for ( n = 0; exattrs[n] != NULL; n++ ) ; - ber_bvfree( sync_bvalp ); - ch_free( ctrls ); + for ( i = 0; sync_descs[i] != NULL; i++ ) { + j = 0; + while ( exattrs[j] != NULL ) { + if ( !strcmp( exattrs[j], sync_descs[i]->ad_cname.bv_val )) { + for ( k = j; exattrs[k] != NULL; k++ ) { + if ( k == j ) + ch_free( exattrs[k] ); + exattrs[k] = exattrs[k+1]; + } + } else { + j++; + } + } + } - if ( err != LDAP_OPT_SUCCESS ) - fprintf( stderr, "Could not set controls : %d\n", err ); + for ( i = 0; exattrs[i] != NULL; i++ ) { + for ( j = 0; si->si_anlist[j].an_name.bv_val; j++ ) { + if ( oc = si->si_anlist[j].an_oc ) { + k = 0; + while ( oc->soc_required[k] ) { + if ( !strcmp( exattrs[i], + oc->soc_required[k]->sat_cname.bv_val )) { + for ( l = i; exattrs[l]; l++ ) { + if ( l == i ) + ch_free( exattrs[i] ); + exattrs[l] = exattrs[l+1]; + } + } else { + k++; + } + } + } + } + } - timeout.tv_sec = si->tlimit > 0 ? si->tlimit : 1; + for ( i = 0; exattrs[i] != NULL; i++ ) ; - rc = ldap_search_ext( ld, si->base, si->scope, si->filterstr, - si->attrs, si->attrsonly, sctrls, cctrls, - si->tlimit < 0 ? NULL : &timeout, - si->slimit, msgidp ); + if ( i != n ) + exattrs = (char **) ch_realloc( exattrs, (i + 1)*sizeof(char *)); + } - return rc; + si->si_exattrs = exattrs; } -void * -do_syncrepl( - void *ctx, - void *arg ) +static int +ldap_sync_search( + syncinfo_t *si, + void *ctx ) { - struct re_s* rtask = arg; - syncinfo_t *si = ( syncinfo_t * ) rtask->arg; - Backend *be = si->be; - - SlapReply rs = {REP_RESULT}; - - LDAPControl c[2]; - LDAPControl **sctrls = NULL; - LDAPControl **rctrls = NULL; - LDAPControl *rctrlp = NULL; - BerElement *sync_ber = NULL; - struct berval *sync_bvalp = NULL; - - BerElement *ctrl_ber = NULL; - BerElement *res_ber = NULL; - - LDAP *ld = NULL; - LDAPMessage *res = NULL; - LDAPMessage *msg = NULL; - + BerElementBuffer berbuf; + BerElement *ber = (BerElement *)&berbuf; + LDAPControl c[2], *ctrls[3]; + struct timeval timeout; ber_int_t msgid; + int rc; - int nresponses, nreferences, nextended, npartial; - int nresponses_psearch; - - int cancel_msgid = -1; - char *retoid = NULL; - struct berval *retdata = NULL; - - int sync_info_arrived = 0; - Entry *entry = NULL; - - int syncstate; - struct berval syncUUID = { 0, NULL }; - struct berval syncCookie = { 0, NULL }; - struct berval syncCookie_req = { 0, NULL }; + /* setup LDAP SYNC control */ + ber_init2( ber, NULL, LBER_USE_DER ); + ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx ); - int rc; - int err; - ber_len_t len; - int syncinfo_arrived = 0; + if ( si->si_syncCookie.octet_str && + !BER_BVISNULL( &si->si_syncCookie.octet_str[0] ) ) + { + ber_printf( ber, "{eO}", + abs(si->si_type), + &si->si_syncCookie.octet_str[0] ); + } else { + ber_printf( ber, "{e}", + abs(si->si_type) ); + } - char **tmp = NULL; - AttributeDescription** descs = NULL; + if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) { + ber_free_buf( ber ); + return rc; + } - Connection conn; - Operation op = {0}; - slap_callback cb; + c[0].ldctl_oid = LDAP_CONTROL_SYNC; + c[0].ldctl_iscritical = si->si_type < 0; + ctrls[0] = &c[0]; - void *memctx = NULL; - ber_len_t memsiz; - - int i, j, k, n; - int rc_efree; - - struct berval base_bv = { 0, NULL }; - struct berval pbase = { 0, NULL }; - struct berval nbase = { 0, NULL }; - struct berval sub_bv = { 0, NULL }; - struct berval psubrdn = { 0, NULL }; - struct berval nsubrdn = { 0, NULL }; - struct berval psub = { 0, NULL }; - struct berval nsub = { 0, NULL }; - char substr[64]; - Modifications *modlist = NULL; - Modifications *ml, *mlnext; - char *def_filter_str = NULL; + if ( si->si_authzId ) { + c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ; + ber_str2bv( si->si_authzId, 0, 0, &c[1].ldctl_value ); + c[1].ldctl_iscritical = 1; + ctrls[1] = &c[1]; + ctrls[2] = NULL; + } else { + ctrls[1] = NULL; + } - const char *text; - int match; + timeout.tv_sec = si->si_tlimit; + timeout.tv_usec = 0; - struct timeval *tout_p = NULL; - struct timeval tout = { 10, 0 }; + rc = ldap_search_ext( si->si_ld, si->si_base.bv_val, si->si_scope, + si->si_filterstr.bv_val, si->si_attrs, si->si_attrsonly, + ctrls, NULL, si->si_tlimit > 0 ? &timeout : NULL, + si->si_slimit, &msgid ); + ber_free_buf( ber ); + return rc; +} -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, DETAIL1, "do_syncrepl\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 ); +static int +do_syncrep1( + Operation *op, + syncinfo_t *si ) +{ + int rc; + int cmdline_cookie_found = 0; + + char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)]; + struct berval syncrepl_cn_bv; + struct sync_cookie *sc = NULL; + struct sync_cookie syncCookie = { NULL, -1, NULL }; + struct berval *psub; +#ifdef HAVE_TLS + void *ssl; #endif - if ( si == NULL ) - return NULL; - - if ( abs(si->type) != LDAP_SYNC_REFRESH_ONLY && - abs(si->type) != LDAP_SYNC_REFRESH_AND_PERSIST ) { - return NULL; - } - - si->sync_mode = LDAP_SYNC_STATE_MODE; + psub = &si->si_be->be_nsuffix[0]; /* Init connection to master */ - - rc = ldap_initialize( &ld, si->provideruri ); + rc = ldap_initialize( &si->si_ld, si->si_provideruri ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "do_syncrepl: " - "ldap_initialize failed (%s)\n", - si->provideruri, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrepl: " - "ldap_initialize failed (%s)\n", - si->provideruri, 0, 0 ); -#endif + Debug( LDAP_DEBUG_ANY, + "do_syncrep1: ldap_initialize failed (%s)\n", + si->si_provideruri, 0, 0 ); + return rc; } - op.o_protocol = LDAP_VERSION3; - ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &op.o_protocol ); + op->o_protocol = LDAP_VERSION3; + ldap_set_option( si->si_ld, LDAP_OPT_PROTOCOL_VERSION, &op->o_protocol ); /* Bind to master */ - if ( si->tls ) { - rc = ldap_start_tls_s( ld, NULL, NULL ); + if ( si->si_tls ) { + rc = ldap_start_tls_s( si->si_ld, NULL, NULL ); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrepl: " - "%s: ldap_start_tls failed (%d)\n", - si->tls == TLS_CRITICAL ? "Error" : "Warning", - rc, 0 ); -#else Debug( LDAP_DEBUG_ANY, "%s: ldap_start_tls failed (%d)\n", - si->tls == TLS_CRITICAL ? "Error" : "Warning", + si->si_tls == SYNCINFO_TLS_CRITICAL ? "Error" : "Warning", rc, 0 ); -#endif - if( si->tls == TLS_CRITICAL ) - return NULL; + if( si->si_tls == SYNCINFO_TLS_CRITICAL ) goto done; } } - if ( si->bindmethod == LDAP_AUTH_SASL ) { + if ( si->si_bindmethod == LDAP_AUTH_SASL ) { #ifdef HAVE_CYRUS_SASL void *defaults; - if ( si->secprops != NULL ) { - int err = ldap_set_option( ld, - LDAP_OPT_X_SASL_SECPROPS, si->secprops); + if ( si->si_secprops != NULL ) { + rc = ldap_set_option( si->si_ld, + LDAP_OPT_X_SASL_SECPROPS, si->si_secprops); - if( err != LDAP_OPT_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_bind: Error: " - "ldap_set_option(%s,SECPROPS,\"%s\") failed!\n", - si->provideruri, si->secprops, 0 ); -#else + if( rc != LDAP_OPT_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option " "(%s,SECPROPS,\"%s\") failed!\n", - si->provideruri, si->secprops, NULL ); -#endif - return NULL; + si->si_provideruri, si->si_secprops, 0 ); + goto done; } } - defaults = lutil_sasl_defaults( ld, - si->saslmech, - si->realm, - si->authcId, - si->passwd, - si->authzId ); + defaults = lutil_sasl_defaults( si->si_ld, si->si_saslmech, + si->si_realm, si->si_authcId, si->si_passwd, si->si_authzId ); - rc = ldap_sasl_interactive_bind_s( ld, - si->binddn, - si->saslmech, + rc = ldap_sasl_interactive_bind_s( si->si_ld, + si->si_binddn, + si->si_saslmech, NULL, NULL, LDAP_SASL_QUIET, lutil_sasl_interact, defaults ); - /* FIXME : different error behaviors according to - 1) return code - 2) on err policy : exit, retry, backoff ... - */ + lutil_sasl_freedefs( defaults ); + + /* FIXME: different error behaviors according to + * 1) return code + * 2) on err policy : exit, retry, backoff ... + */ if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrepl: " - "ldap_sasl_interactive_bind_s failed (%d)\n", - rc, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrepl: " + Debug( LDAP_DEBUG_ANY, "do_syncrep1: " "ldap_sasl_interactive_bind_s failed (%d)\n", rc, 0, 0 ); -#endif - return NULL; + + /* FIXME (see above comment) */ + /* if Kerberos credentials cache is not active, retry */ + if ( strcmp( si->si_saslmech, "GSSAPI" ) == 0 && + rc == LDAP_LOCAL_ERROR ) + { + rc = LDAP_SERVER_DOWN; + } + + goto done; } #else /* HAVE_CYRUS_SASL */ + /* Should never get here, we trapped this at config time */ + assert(0); fprintf( stderr, "not compiled with SASL support\n" ); - return NULL; + rc = LDAP_OTHER; + goto done; #endif + } else { - rc = ldap_bind_s( ld, si->binddn, si->passwd, si->bindmethod ); + rc = ldap_bind_s( si->si_ld, + si->si_binddn, si->si_passwd, si->si_bindmethod ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "do_syncrepl: " + Debug( LDAP_DEBUG_ANY, "do_syncrep1: " "ldap_bind_s failed (%d)\n", rc, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrepl: " - "ldap_bind_s failed (%d)\n", rc, 0, 0 ); -#endif - return NULL; + goto done; } } - /* set thread context in syncinfo */ - si->ctx = ctx; - - /* set memory context */ -#define SLAB_SIZE 1048576 - memsiz = SLAB_SIZE; - memctx = sl_mem_create( memsiz, ctx ); - op.o_tmpmemctx = memctx; - op.o_tmpmfuncs = &sl_mfuncs; - - op.o_si = si; - op.o_tag = LDAP_REQ_SEARCH; - op.o_dn = si->updatedn; - op.o_ndn = si->updatedn; - op.o_callback = &cb; - op.o_time = slap_get_time(); - op.o_managedsait = 1; - op.o_threadctx = si->ctx; - op.o_bd = be; - op.o_conn = &conn; - op.o_connid = op.o_conn->c_connid; - op.ors_scope = LDAP_SCOPE_BASE; - op.ors_deref = LDAP_DEREF_NEVER; - op.ors_slimit = 0; - op.ors_tlimit = 0; - op.ors_attrsonly = 0; - op.ors_attrs = NULL; - op.ors_filter = str2filter_x( &op, def_filter_str = "(objectClass=*)" ); - ber_str2bv( def_filter_str, 0, 0, &op.ors_filterstr ); - - si->conn = &conn; - conn.c_send_ldap_result = slap_send_ldap_result; - conn.c_send_search_entry = slap_send_search_entry; - conn.c_send_search_reference = slap_send_search_reference; + /* Set SSF to strongest of TLS, SASL SSFs */ + op->o_sasl_ssf = 0; + op->o_tls_ssf = 0; + op->o_transport_ssf = 0; +#ifdef HAVE_TLS + if ( ldap_get_option( si->si_ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl ) + == LDAP_SUCCESS && ssl != NULL ) + { + op->o_tls_ssf = ldap_pvt_tls_get_strength( ssl ); + } +#endif /* HAVE_TLS */ + ldap_get_option( si->si_ld, LDAP_OPT_X_SASL_SSF, &op->o_sasl_ssf ); + op->o_ssf = ( op->o_sasl_ssf > op->o_tls_ssf ) + ? op->o_sasl_ssf : op->o_tls_ssf; /* get syncrepl cookie of shadow replica from subentry */ - ber_str2bv( si->base, 0, 0, &base_bv ); - dnPrettyNormal( 0, &base_bv, &pbase, &nbase, op.o_tmpmemctx ); - - sprintf( substr, "cn=syncrepl%d", si->id ); - ber_str2bv( substr, 0, 0, &sub_bv ); - dnPrettyNormal( 0, &sub_bv, &psubrdn, &nsubrdn, op.o_tmpmemctx ); - - build_new_dn( &op.o_req_dn, &pbase, &psubrdn, op.o_tmpmemctx ); - build_new_dn( &op.o_req_ndn, &nbase, &nsubrdn, op.o_tmpmemctx ); - - /* set callback function */ - cb.sc_response = cookie_callback; - cb.sc_private = si; - - /* search subentry to retrieve cookie */ - si->syncCookie = NULL; - be->be_search( &op, &rs ); - - ber_dupbv( &syncCookie_req, si->syncCookie ); - - psub = be->be_nsuffix[0]; + assert( si->si_rid < 1000 ); + syncrepl_cn_bv.bv_val = syncrepl_cbuf; + syncrepl_cn_bv.bv_len = snprintf( syncrepl_cbuf, sizeof(syncrepl_cbuf), + CN_STR "syncrepl%ld", si->si_rid ); + build_new_dn( &op->o_req_ndn, psub, &syncrepl_cn_bv, op->o_tmpmemctx ); + op->o_req_dn = op->o_req_ndn; + + LDAP_STAILQ_FOREACH( sc, &slap_sync_cookie, sc_next ) { + if ( si->si_rid == sc->rid ) { + cmdline_cookie_found = 1; + break; + } + } - for ( n = 0; si->attrs[ n ] != NULL; n++ ) ; + if ( cmdline_cookie_found ) { + /* cookie is supplied in the command line */ + BerVarray cookie = NULL; + struct berval cookie_bv; + + LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next ); + slap_sync_cookie_free( &si->si_syncCookie, 0 ); + + /* read stored cookie if it exists */ + backend_attribute( op, NULL, &op->o_req_ndn, + slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ ); + + if ( !cookie ) { + /* no stored cookie */ + if ( sc->ctxcsn == NULL || + BER_BVISNULL( sc->ctxcsn ) ) { + /* if cmdline cookie does not have ctxcsn */ + /* component, set it to an initial value */ + slap_init_sync_cookie_ctxcsn( sc ); + } + slap_dup_sync_cookie( &si->si_syncCookie, sc ); + slap_sync_cookie_free( sc, 1 ); + sc = NULL; - if ( n != 0 ) { - /* Delete Attributes */ - descs = sync_descs; - for ( i = 0; descs[i] != NULL; i++ ) { - for ( j = 0; si->attrs[j] != NULL; j++ ) { - if ( !strcmp( si->attrs[j], descs[i]->ad_cname.bv_val )) { - ch_free( si->attrs[j] ); - for ( k = j; si->attrs[k] != NULL; k++ ) { - si->attrs[k] = si->attrs[k+1]; - } + } else { + /* stored cookie */ + struct berval newcookie = BER_BVNULL; + ber_dupbv( &cookie_bv, &cookie[0] ); + ber_bvarray_add( &si->si_syncCookie.octet_str, &cookie_bv ); + slap_parse_sync_cookie( &si->si_syncCookie ); + ber_bvarray_free( si->si_syncCookie.octet_str ); + si->si_syncCookie.octet_str = NULL; + ber_bvarray_free_x( cookie, op->o_tmpmemctx ); + if ( sc->sid != -1 ) { + /* command line cookie wins */ + si->si_syncCookie.sid = sc->sid; + } + if ( sc->ctxcsn != NULL ) { + /* command line cookie wins */ + if ( si->si_syncCookie.ctxcsn ) { + ber_bvarray_free( si->si_syncCookie.ctxcsn ); + si->si_syncCookie.ctxcsn = NULL; } + ber_dupbv( &cookie_bv, &sc->ctxcsn[0] ); + ber_bvarray_add( &si->si_syncCookie.ctxcsn, &cookie_bv ); } + if ( sc->rid != -1 ) { + /* command line cookie wins */ + si->si_syncCookie.rid = sc->rid; + } + slap_sync_cookie_free( sc, 1 ); + sc = NULL; + slap_compose_sync_cookie( NULL, &newcookie, + &si->si_syncCookie.ctxcsn[0], + si->si_syncCookie.sid, si->si_syncCookie.rid ); + ber_bvarray_add( &si->si_syncCookie.octet_str, &newcookie ); } - for ( n = 0; si->attrs[ n ] != NULL; n++ ); - tmp = ( char ** ) ch_realloc( si->attrs, ( n + 4 ) * sizeof( char * )); - if ( tmp == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 ); -#else - Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); -#endif - } + } else { - tmp = ( char ** ) ch_realloc( si->attrs, 5 * sizeof( char * )); - if ( tmp == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "out of memory\n", 0,0,0 ); -#else - Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); -#endif + /* no command line cookie is specified */ + if ( si->si_syncCookie.octet_str == NULL ) { + BerVarray cookie = NULL; + struct berval cookie_bv; + /* try to read stored cookie */ + backend_attribute( op, NULL, &op->o_req_ndn, + slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ ); + if ( cookie ) { + ber_dupbv( &cookie_bv, &cookie[0] ); + ber_bvarray_add( &si->si_syncCookie.octet_str, &cookie_bv ); + slap_parse_sync_cookie( &si->si_syncCookie ); + ber_bvarray_free_x( cookie, op->o_tmpmemctx ); + } } - tmp[ n++ ] = ch_strdup( "*" ); } - - descs = sync_descs; - si->attrs = tmp; - /* Add Attributes */ + rc = ldap_sync_search( si, op->o_tmpmemctx ); - for ( i = 0; descs[ i ] != NULL; i++ ) { - si->attrs[ n++ ] = ch_strdup ( descs[i]->ad_cname.bv_val ); - si->attrs[ n ] = NULL; + if( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "do_syncrep1: " + "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 ); } - rc = ldap_sync_search( si, ld, NULL, NULL, &msgid ); - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "syncrepl: ldap_search_ext: %s (%d)\n", - ldap_err2string( rc ), rc ); - return NULL; +done: + if ( rc ) { + if ( si->si_ld ) { + ldap_unbind( si->si_ld ); + si->si_ld = NULL; + } } - if ( abs(si->type) == LDAP_SYNC_REFRESH_AND_PERSIST ){ + slap_sl_free( op->o_req_ndn.bv_val, op->o_tmpmemctx ); + + return rc; +} + +static int +do_syncrep2( + Operation *op, + syncinfo_t *si ) +{ + LDAPControl **rctrls = NULL; + LDAPControl *rctrlp; + + BerElementBuffer berbuf; + BerElement *ber = (BerElement *)&berbuf; + + LDAPMessage *res = NULL; + LDAPMessage *msg = NULL; + + char *retoid = NULL; + struct berval *retdata = NULL; + + Entry *entry = NULL; + + int syncstate; + struct berval syncUUID = BER_BVNULL; + struct sync_cookie syncCookie = { NULL, -1, NULL }; + struct sync_cookie syncCookie_req = { NULL, -1, NULL }; + struct berval cookie = BER_BVNULL; + + int rc, err, i; + ber_len_t len; + + int rc_efree = 1; + + struct berval *psub; + Modifications *modlist = NULL; + + const char *text; + int match; + + struct timeval *tout_p = NULL; + struct timeval tout = { 0, 0 }; + + int refreshDeletes = 0; + int refreshDone = 1; + BerVarray syncUUIDs = NULL; + ber_tag_t si_tag; + + if ( slapd_shutdown ) { + rc = -2; + goto done; + } + + ber_init2( ber, NULL, LBER_USE_DER ); + ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx ); + + Debug( LDAP_DEBUG_TRACE, "=>do_syncrep2\n", 0, 0, 0 ); + + psub = &si->si_be->be_nsuffix[0]; + + slap_dup_sync_cookie( &syncCookie_req, &si->si_syncCookie ); + + if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) { tout_p = &tout; } else { tout_p = NULL; } - while (( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, tout_p, &res )) >= 0 ) { - - if ( rc == 0 ) { - if ( slapd_abrupt_shutdown ) { - break; - } else { - continue; - } + while (( rc = ldap_result( si->si_ld, LDAP_RES_ANY, LDAP_MSG_ONE, + tout_p, &res )) > 0 ) + { + if ( slapd_shutdown ) { + rc = -2; + goto done; } - - for ( msg = ldap_first_message( ld, res ); - msg != NULL; - msg = ldap_next_message( ld, msg ) ) + for( msg = ldap_first_message( si->si_ld, res ); + msg != NULL; + msg = ldap_next_message( si->si_ld, msg ) ) { - syncCookie.bv_len = 0; syncCookie.bv_val = NULL; switch( ldap_msgtype( msg ) ) { case LDAP_RES_SEARCH_ENTRY: - entry = syncrepl_message_to_entry( si, ld, &op, msg, - &modlist, &syncstate, &syncUUID, &syncCookie ); - rc_efree = syncrepl_entry( si, ld, &op, entry, modlist, - syncstate, &syncUUID, &syncCookie, !syncinfo_arrived ); - if ( syncCookie.bv_len ) { - syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie ); + ldap_get_entry_controls( si->si_ld, msg, &rctrls ); + /* we can't work without the control */ + if ( !rctrls ) { + Debug( LDAP_DEBUG_ANY, "do_syncrep2 : " + "got search entry without " + "control\n", 0, 0, 0 ); + rc = -1; + goto done; } + rctrlp = *rctrls; + ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); + ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID ); + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { + ber_scanf( ber, /*"{"*/ "m}", &cookie ); + if ( !BER_BVISNULL( &cookie ) ) { + struct berval tmp_bv; + ber_dupbv( &tmp_bv, &cookie ); + ber_bvarray_add( &syncCookie.octet_str, &tmp_bv ); + } + if ( syncCookie.octet_str && + !BER_BVISNULL( &syncCookie.octet_str[0] ) ) + { + slap_parse_sync_cookie( &syncCookie ); + } + } + if ( syncrepl_message_to_entry( si, op, msg, + &modlist, &entry, syncstate ) == LDAP_SUCCESS ) { + rc_efree = syncrepl_entry( si, op, entry, modlist, + syncstate, &syncUUID, &syncCookie_req ); + if ( syncCookie.octet_str && + !BER_BVISNULL( &syncCookie.octet_str[0] ) ) + { + syncrepl_updateCookie( si, op, psub, &syncCookie ); + } + } + ldap_controls_free( rctrls ); if ( modlist ) { slap_mods_free( modlist ); } - if ( rc_efree ) { + if ( rc_efree && entry ) { entry_free( entry ); } + entry = NULL; break; case LDAP_RES_SEARCH_REFERENCE: -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrepl : reference received\n", 0, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "do_syncrepl : reference received\n", 0, 0, 0 ); -#endif + "do_syncrep2 : reference received\n", 0, 0, 0 ); break; case LDAP_RES_SEARCH_RESULT: - ldap_parse_result( ld, msg, &err, NULL, NULL, NULL, &rctrls, 0 ); + ldap_parse_result( si->si_ld, msg, &err, NULL, NULL, NULL, + &rctrls, 0 ); if ( rctrls ) { rctrlp = *rctrls; - ctrl_ber = ber_alloc_t( LBER_USE_DER ); - ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op.o_tmpmemctx ); - ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 ); - ber_reset( ctrl_ber, 1 ); - - ber_scanf( ctrl_ber, "{" /*"}"*/); - if ( ber_peek_tag( ctrl_ber, &len ) - == LDAP_SYNC_TAG_COOKIE ) { - ber_scanf( ctrl_ber, "o", &syncCookie ); + ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); + + ber_scanf( ber, "{" /*"}"*/); + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { + ber_scanf( ber, "m", &cookie ); + if ( !BER_BVISNULL( &cookie ) ) { + struct berval tmp_bv; + ber_dupbv( &tmp_bv, &cookie ); + ber_bvarray_add( &syncCookie.octet_str, &tmp_bv); + } + if ( syncCookie.octet_str && + !BER_BVISNULL( &syncCookie.octet_str[0] ) ) + { + slap_parse_sync_cookie( &syncCookie ); + } } - } - value_match( &match, slap_schema.si_ad_entryCSN, - slap_schema.si_ad_entryCSN->ad_type->sat_ordering, - SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &syncCookie_req, &syncCookie, &text ); - if (si->type == LDAP_SYNC_REFRESH_AND_PERSIST) { - /* FIXME : different error behaviors according to - 1) err code : LDAP_BUSY ... - 2) on err policy : stop service, stop sync, retry - */ - if ( syncCookie.bv_len && match < 0) { - syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie ); + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES ) + { + ber_scanf( ber, "b", &refreshDeletes ); } - if ( ctrl_ber ) - ber_free( ctrl_ber, 1 ); - goto done; + ber_scanf( ber, /*"{"*/ "}" ); + } + if ( syncCookie_req.ctxcsn == NULL ) { + match = -1; + } else if ( syncCookie.ctxcsn == NULL ) { + match = 1; } else { + value_match( &match, slap_schema.si_ad_entryCSN, + slap_schema.si_ad_entryCSN->ad_type->sat_ordering, + SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, + &syncCookie_req.ctxcsn[0], &syncCookie.ctxcsn[0], + &text ); + } + if ( syncCookie.octet_str && !BER_BVISNULL( syncCookie.octet_str ) && + match < 0 && err == LDAP_SUCCESS ) + { + syncrepl_updateCookie( si, op, psub, &syncCookie ); + } + if ( rctrls ) { + ldap_controls_free( rctrls ); + } + if (si->si_type != LDAP_SYNC_REFRESH_AND_PERSIST) { /* FIXME : different error behaviors according to - 1) err code : LDAP_BUSY ... - 2) on err policy : stop service, stop sync, retry - */ - if ( syncCookie.bv_len && match < 0 ) { - syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie); - } - if ( si->sync_mode == LDAP_SYNC_STATE_MODE && match < 0 ) { - syncrepl_del_nonpresent( ld, &op ); + * 1) err code : LDAP_BUSY ... + * 2) on err policy : stop service, stop sync, retry + */ + if ( refreshDeletes == 0 && match < 0 && + err == LDAP_SUCCESS ) + { + syncrepl_del_nonpresent( op, si ); + } else { + avl_free( si->si_presentlist, avl_ber_bvfree ); + si->si_presentlist = NULL; } - if ( ctrl_ber ) - ber_free( ctrl_ber, 1 ); - goto done; } + rc = -2; + goto done; break; case LDAP_RES_INTERMEDIATE: - rc = ldap_parse_intermediate( ld, msg, + rc = ldap_parse_intermediate( si->si_ld, msg, &retoid, &retdata, NULL, 0 ); if ( !rc && !strcmp( retoid, LDAP_SYNC_INFO ) ) { - sync_info_arrived = 1; - res_ber = ber_init( retdata ); - ber_scanf( res_ber, "{e" /*"}"*/, &syncstate ); - - if ( ber_peek_tag( res_ber, &len ) - == LDAP_SYNC_TAG_COOKIE ) { - ber_scanf( res_ber, /*"{"*/ "o}", &syncCookie ); - } else { - if ( syncstate == LDAP_SYNC_NEW_COOKIE ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrepl : cookie required\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "do_syncrepl : cookie required\n", 0, 0, 0 ); -#endif + int si_refreshDelete = 0; + int si_refreshPresent = 0; + ber_init2( ber, retdata, LBER_USE_DER ); + + switch ( si_tag = ber_peek_tag( ber, &len )) { + ber_tag_t tag; + case LDAP_TAG_SYNC_NEW_COOKIE: + ber_scanf( ber, "tm", &tag, &cookie ); + break; + case LDAP_TAG_SYNC_REFRESH_DELETE: + si_refreshDelete = 1; + case LDAP_TAG_SYNC_REFRESH_PRESENT: + si_refreshPresent = 1; + ber_scanf( ber, "t{" /*"}"*/, &tag ); + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) + { + ber_scanf( ber, "m", &cookie ); + if ( !BER_BVISNULL( &cookie ) ) { + struct berval tmp_bv; + ber_dupbv( &tmp_bv, &cookie ); + ber_bvarray_add( &syncCookie.octet_str, + &tmp_bv); + } + if ( syncCookie.octet_str && + !BER_BVISNULL( &syncCookie.octet_str[0] ) ) + { + slap_parse_sync_cookie( &syncCookie ); + } + } + if ( ber_peek_tag( ber, &len ) == + LDAP_TAG_REFRESHDONE ) + { + ber_scanf( ber, "b", &refreshDone ); } + ber_scanf( ber, /*"{"*/ "}" ); + break; + case LDAP_TAG_SYNC_ID_SET: + ber_scanf( ber, "t{" /*"}"*/, &tag ); + if ( ber_peek_tag( ber, &len ) == + LDAP_TAG_SYNC_COOKIE ) + { + ber_scanf( ber, "m", &cookie ); + if ( !BER_BVISNULL( &cookie ) ) { + struct berval tmp_bv; + ber_dupbv( &tmp_bv, &cookie ); + ber_bvarray_add( &syncCookie.octet_str, + &tmp_bv ); + } + if ( syncCookie.octet_str && + !BER_BVISNULL( &syncCookie.octet_str[0] ) ) + { + slap_parse_sync_cookie( &syncCookie ); + } + } + if ( ber_peek_tag( ber, &len ) == + LDAP_TAG_REFRESHDELETES ) + { + ber_scanf( ber, "b", &refreshDeletes ); + } + ber_scanf( ber, "[W]", &syncUUIDs ); + ber_scanf( ber, /*"{"*/ "}" ); + for ( i = 0; !BER_BVISNULL( &syncUUIDs[i] ); i++ ) { + struct berval *syncuuid_bv; + syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] ); + slap_sl_free( syncUUIDs[i].bv_val,op->o_tmpmemctx ); + avl_insert( &si->si_presentlist, + (caddr_t) syncuuid_bv, + syncuuid_cmp, avl_dup_error ); + } + slap_sl_free( syncUUIDs, op->o_tmpmemctx ); + break; + default: + Debug( LDAP_DEBUG_ANY, + "do_syncrep2 : unknown syncinfo tag (%ld)\n", + (long) si_tag, 0, 0 ); + ldap_memfree( retoid ); + ber_bvfree( retdata ); + continue; } - value_match( &match, slap_schema.si_ad_entryCSN, - slap_schema.si_ad_entryCSN->ad_type->sat_ordering, - SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &syncCookie_req, &syncCookie, &text ); + if ( syncCookie_req.ctxcsn == NULL ) { + match = -1; + } else if ( syncCookie.ctxcsn == NULL ) { + match = 1; + } else { + value_match( &match, slap_schema.si_ad_entryCSN, + slap_schema.si_ad_entryCSN->ad_type->sat_ordering, + SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, + &syncCookie_req.ctxcsn[0], + &syncCookie.ctxcsn[0], &text ); + } - if ( syncCookie.bv_len && match < 0 ) { - syncrepl_updateCookie( si, ld, &op, &psub, &syncCookie); + if ( syncCookie.ctxcsn && !BER_BVISNULL( &syncCookie.ctxcsn[0] ) && + match < 0 ) + { + syncrepl_updateCookie( si, op, psub, &syncCookie); } - if ( syncstate == LDAP_SYNC_STATE_MODE_DONE ) { + if ( si_refreshPresent == 1 ) { if ( match < 0 ) { - syncrepl_del_nonpresent( ld, &op ); + syncrepl_del_nonpresent( op, si ); } - si->sync_mode = LDAP_SYNC_LOG_MODE; - } else if ( syncstate == LDAP_SYNC_LOG_MODE_DONE ) { - si->sync_mode = LDAP_SYNC_PERSIST_MODE; - } else if ( syncstate == LDAP_SYNC_REFRESH_DONE ) { - si->sync_mode = LDAP_SYNC_PERSIST_MODE; - } else if ( syncstate != LDAP_SYNC_NEW_COOKIE || - syncstate != LDAP_SYNC_LOG_MODE_DONE ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrepl : unknown sync info\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "do_syncrepl : unknown sync info\n", 0, 0, 0 ); -#endif - } + } ldap_memfree( retoid ); ber_bvfree( retdata ); - ber_free( res_ber, 1 ); break; + } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR,"do_syncrepl :" - " unknown intermediate " - "response\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrepl : " + Debug( LDAP_DEBUG_ANY, "do_syncrep2 : " "unknown intermediate response (%d)\n", rc, 0, 0 ); -#endif ldap_memfree( retoid ); ber_bvfree( retdata ); break; } break; + default: -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, "do_syncrepl : " - "unknown message\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "do_syncrepl : " + Debug( LDAP_DEBUG_ANY, "do_syncrep2 : " "unknown message\n", 0, 0, 0 ); -#endif break; } - if ( syncCookie.bv_val ) - ch_free( syncCookie.bv_val ); - if ( syncUUID.bv_val ) - ch_free( syncUUID.bv_val ); + if ( syncCookie.octet_str ) { + slap_sync_cookie_free( &syncCookie_req, 0 ); + slap_dup_sync_cookie( &syncCookie_req, &syncCookie ); + slap_sync_cookie_free( &syncCookie, 0 ); + } } ldap_msgfree( res ); + res = NULL; } if ( rc == -1 ) { - int errno; const char *errstr; - ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &errno ); - errstr = ldap_err2string( errno ); + ldap_get_option( si->si_ld, LDAP_OPT_ERROR_NUMBER, &rc ); + errstr = ldap_err2string( rc ); -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "do_syncrepl : %s\n", errstr, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "do_syncrepl : %s\n", errstr, 0, 0 ); -#endif + "do_syncrep2 : %s\n", errstr, 0, 0 ); } done: - if ( syncCookie.bv_val ) - ch_free( syncCookie.bv_val ); - if ( syncCookie_req.bv_val ) - ch_free( syncCookie_req.bv_val ); - if ( syncUUID.bv_val ) - ch_free( syncUUID.bv_val ); - - if ( res ) - ldap_msgfree( res ); + slap_sync_cookie_free( &syncCookie, 0 ); + slap_sync_cookie_free( &syncCookie_req, 0 ); + + if ( res ) ldap_msgfree( res ); + + if ( rc && si->si_ld ) { + ldap_unbind( si->si_ld ); + si->si_ld = NULL; + } - ldap_unbind( ld ); + return rc; +} + +void * +do_syncrepl( + void *ctx, + void *arg ) +{ + struct re_s* rtask = arg; + syncinfo_t *si = ( syncinfo_t * ) rtask->arg; + Connection conn = {0}; + Operation op = {0}; + int rc = LDAP_SUCCESS; + int first = 0; + int dostop = 0; + ber_socket_t s; + int i, defer = 1; + Backend *be; + + Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 ); + if ( si == NULL ) + return NULL; + + switch( abs( si->si_type )) { + case LDAP_SYNC_REFRESH_ONLY: + case LDAP_SYNC_REFRESH_AND_PERSIST: + break; + default: + return NULL; + } + + if ( slapd_shutdown && si->si_ld ) { + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + connection_client_stop( s ); + ldap_unbind( si->si_ld ); + si->si_ld = NULL; + return NULL; + } + + connection_fake_init( &conn, &op, ctx ); + + /* use global malloc for now */ + op.o_tmpmemctx = NULL; + op.o_tmpmfuncs = &ch_mfuncs; + + op.o_dn = si->si_updatedn; + op.o_ndn = si->si_updatedn; + op.o_managedsait = 1; + op.o_bd = be = si->si_be; + + op.o_sync_state.ctxcsn = NULL; + op.o_sync_state.sid = -1; + op.o_sync_state.octet_str = NULL; + op.o_sync_slog_size = -1; + LDAP_STAILQ_FIRST( &op.o_sync_slog_list ) = NULL; + op.o_sync_slog_list.stqh_last = &LDAP_STAILQ_FIRST(&op.o_sync_slog_list); + + /* Establish session, do search */ + if ( !si->si_ld ) { + first = 1; + rc = do_syncrep1( &op, si ); + } + + /* Process results */ + if ( rc == LDAP_SUCCESS ) { + ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); + + rc = do_syncrep2( &op, si ); + + if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) { + /* If we succeeded, enable the connection for further listening. + * If we failed, tear down the connection and reschedule. + */ + if ( rc == LDAP_SUCCESS ) { + if ( first ) { + rc = connection_client_setup( s, do_syncrepl, arg ); + } else { + connection_client_enable( s ); + } + } else if ( !first ) { + dostop = 1; + } + } else { + if ( rc == -2 ) rc = 0; + } + } + + /* At this point, we have 4 cases: + * 1) for any hard failure, give up and remove this task + * 2) for ServerDown, reschedule this task to run + * 3) for Refresh and Success, reschedule to run + * 4) for Persist and Success, reschedule to defer + */ ldap_pvt_thread_mutex_lock( &syncrepl_rq.rq_mutex ); - ldap_pvt_runqueue_stoptask( &syncrepl_rq, rtask ); - if ( si->type == LDAP_SYNC_REFRESH_ONLY ) { - ldap_pvt_runqueue_resched( &syncrepl_rq, rtask ); + + if ( ldap_pvt_runqueue_isrunning( &syncrepl_rq, rtask )) { + ldap_pvt_runqueue_stoptask( &syncrepl_rq, rtask ); + } + + if ( dostop ) { + connection_client_stop( s ); + } + + if ( rc == LDAP_SUCCESS ) { + if ( si->si_type == LDAP_SYNC_REFRESH_ONLY ) { + defer = 0; + } + rtask->interval.tv_sec = si->si_interval; + ldap_pvt_runqueue_resched( &syncrepl_rq, rtask, defer ); + if ( si->si_retrynum ) { + for ( i = 0; si->si_retrynum_init[i] != -2; i++ ) { + si->si_retrynum[i] = si->si_retrynum_init[i]; + } + si->si_retrynum[i] = -2; + } } else { - ldap_pvt_runqueue_remove( &syncrepl_rq, rtask ); + for ( i = 0; si->si_retrynum && si->si_retrynum[i] <= 0; i++ ) { + if ( si->si_retrynum[i] == -1 || si->si_retrynum[i] == -2 ) + break; + } + + if ( !si->si_retrynum || si->si_retrynum[i] == -2 ) { + ldap_pvt_runqueue_remove( &syncrepl_rq, rtask ); + LDAP_STAILQ_REMOVE( &be->be_syncinfo, si, syncinfo_s, si_next ); + syncinfo_free( si ); + } else if ( si->si_retrynum[i] >= -1 ) { + if ( si->si_retrynum[i] > 0 ) + si->si_retrynum[i]--; + rtask->interval.tv_sec = si->si_retryinterval[i]; + ldap_pvt_runqueue_resched( &syncrepl_rq, rtask, 0 ); + slap_wake_listener(); + } } + ldap_pvt_thread_mutex_unlock( &syncrepl_rq.rq_mutex ); return NULL; } -Entry* +int syncrepl_message_to_entry( syncinfo_t *si, - LDAP *ld, Operation *op, LDAPMessage *msg, Modifications **modlist, - int *syncstate, - struct berval *syncUUID, - struct berval *syncCookie + Entry **entry, + int syncstate ) { - Entry *e; + Entry *e = NULL; BerElement *ber = NULL; - BerElement *tmpber; - struct berval bv = {0, NULL}; Modifications tmp; Modifications *mod; Modifications **modtail = modlist; - Backend *be = op->o_bd; const char *text; char txtbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof txtbuf; - struct berval **bvals = NULL; - char *dn; - struct berval bdn = {0, NULL}; - Attribute *attr; - struct berval empty_bv = { 0, NULL }; + struct berval bdn = {0, NULL}, dn, ndn; int rc; - char *a; - - ber_len_t len; - LDAPControl* rctrlp; - LDAPControl** rctrls = NULL; - BerElement* ctrl_ber; - - ber_tag_t tag; - - Modifications *ml = NULL; - AttributeDescription** descs; - int i; *modlist = NULL; if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 ); -#endif - return NULL; + return -1; } op->o_tag = LDAP_REQ_ADD; - rc = ldap_get_dn_ber( ld, msg, &ber, &bdn ); + rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 ); -#endif - return NULL; + return rc; } - e = ( Entry * ) ch_calloc( 1, sizeof( Entry )); - dnPrettyNormal( NULL, &bdn, &e->e_name, &e->e_nname, NULL ); + dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx ); + ber_dupbv( &op->o_req_dn, &dn ); + ber_dupbv( &op->o_req_ndn, &ndn ); + slap_sl_free( ndn.bv_val, op->o_tmpmemctx ); + slap_sl_free( dn.bv_val, op->o_tmpmemctx ); - e->e_attrs = NULL; + if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) { + if ( entry ) + *entry = NULL; + return LDAP_SUCCESS; + } - while ( ber_remaining( ber ) ) { - tag = ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ); + if ( entry == NULL ) { + return -1; + } - if ( tag == LBER_ERROR ) break; - if ( tmp.sml_type.bv_val == NULL ) break; + e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) ); + *entry = e; + e->e_name = op->o_req_dn; + e->e_nname = op->o_req_ndn; + + while ( ber_remaining( ber ) ) { + if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) == + LBER_ERROR ) || BER_BVISNULL( &tmp.sml_type ) ) + { + break; + } mod = (Modifications *) ch_malloc( sizeof( Modifications )); @@ -763,470 +1072,546 @@ syncrepl_message_to_entry( mod->sml_next = NULL; mod->sml_desc = NULL; mod->sml_type = tmp.sml_type; - mod->sml_bvalues = tmp.sml_bvalues; + mod->sml_values = tmp.sml_values; mod->sml_nvalues = NULL; *modtail = mod; modtail = &mod->sml_next; } - if ( ber_scanf( ber, "}") == LBER_ERROR ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: ber_scanf failed\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: ber_scanf failed\n", - 0, 0, 0 ); -#endif - return NULL; + if ( *modlist == NULL ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n", + 0, 0, 0 ); + rc = -1; + goto done; } - ber_free( ber, 0 ); - tmpber = ldap_get_message_ber( msg ); - ber = ber_dup( tmpber ); - - ber_scanf( ber, "{xx" ); - - rc = ldap_int_get_controls( ber, &rctrls ); + rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL ); if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry : control get failed (%d)", rc, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "syncrepl_message_to_entry : control get failed (%d)", rc, 0, 0 ); -#endif - return NULL; - } - - if ( rctrls ) { - rctrlp = *rctrls; - ctrl_ber = ber_alloc_t( LBER_USE_DER ); - ber_set_option( ctrl_ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx ); - ber_write( ctrl_ber, rctrlp->ldctl_value.bv_val, rctrlp->ldctl_value.bv_len, 0 ); - ber_reset( ctrl_ber, 1 ); - ber_scanf( ctrl_ber, "{eo", syncstate, syncUUID ); - if ( ber_peek_tag( ctrl_ber, &len ) == LDAP_SYNC_TAG_COOKIE ) { - ber_scanf( ctrl_ber, "o}", syncCookie ); - } - ber_free( ctrl_ber, 1 ); - ldap_controls_free( rctrls ); - } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR,"syncrepl_message_to_entry : " - " rctrls absent\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry :" - " rctrls absent\n", 0, 0, 0 ); -#endif - } - - if ( *syncstate == LDAP_SYNC_PRESENT || *syncstate == LDAP_SYNC_DELETE ) { + Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n", + text, 0, 0 ); goto done; } - if ( *modlist == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: no attributes\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n", - 0, 0, 0 ); -#endif - } - - ml = *modlist; - while ( ml != NULL ) { - AttributeDescription *ad = NULL; - rc = slap_bv2ad( &ml->sml_type, &ml->sml_desc, &text ); - - if( rc != LDAP_SUCCESS ) { - e = NULL; - goto done; + /* Strip out dynamically generated attrs */ + for ( modtail = modlist; *modtail ; ) { + mod = *modtail; + if ( mod->sml_desc->ad_type->sat_flags & SLAP_AT_DYNAMIC ) { + *modtail = mod->sml_next; + slap_mod_free( &mod->sml_mod, 0 ); + ch_free( mod ); + } else { + modtail = &mod->sml_next; } - - ad = ml->sml_desc; - ml->sml_desc = NULL; - ml = ml->sml_next; } - rc = slap_mods_check( *modlist, 1, &text, txtbuf, textlen, NULL ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: mods check (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n", - text, 0, 0 ); -#endif - return NULL; + /* Strip out attrs in exattrs list */ + for ( modtail = modlist; *modtail ; ) { + mod = *modtail; + if ( ldap_charray_inlist( si->si_exattrs, + mod->sml_desc->ad_type->sat_cname.bv_val )) { + *modtail = mod->sml_next; + slap_mod_free( &mod->sml_mod, 0 ); + ch_free( mod ); + } else { + modtail = &mod->sml_next; + } } rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_message_to_entry: mods2entry (%s)\n", text, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods2entry (%s)\n", - text, 0, 0 ); -#endif + text, 0, 0 ); } done: - ber_free ( ber, 0 ); + if ( rc != LDAP_SUCCESS ) { + if ( e ) { + entry_free( e ); + *entry = e = NULL; + } + } - return e; -} - -int -syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 ) -{ - const struct berval *uuid1 = v_uuid1; - const struct berval *uuid2 = v_uuid2; - int rc = uuid1->bv_len - uuid2->bv_len; - if ( rc ) return rc; - return ( strcmp( uuid1->bv_val, uuid2->bv_val ) ); + return rc; } int syncrepl_entry( syncinfo_t* si, - LDAP *ld, Operation *op, - Entry* e, + Entry* entry, Modifications* modlist, int syncstate, struct berval* syncUUID, - struct berval* syncCookie, - int refresh -) + struct sync_cookie* syncCookie_req ) { Backend *be = op->o_bd; - slap_callback cb; - struct berval csn_bv = {0, NULL}; + slap_callback cb = { NULL }; struct berval *syncuuid_bv = NULL; - char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ]; - - SlapReply rs = {REP_RESULT}; + struct berval syncUUID_strrep = BER_BVNULL; + struct berval uuid_bv = BER_BVNULL; + + SlapReply rs_search = {REP_RESULT}; + SlapReply rs_delete = {REP_RESULT}; + SlapReply rs_add = {REP_RESULT}; + SlapReply rs_modify = {REP_RESULT}; + Filter f = {0}; + AttributeAssertion ava = {0}; int rc = LDAP_SUCCESS; + int ret = LDAP_SUCCESS; + const char *text; - struct berval base_bv = {0, NULL}; - - char *filterstr; - Filter *filter; - - Attribute *a; + struct berval pdn = BER_BVNULL; + struct berval org_req_dn = BER_BVNULL; + struct berval org_req_ndn = BER_BVNULL; + struct berval org_dn = BER_BVNULL; + struct berval org_ndn = BER_BVNULL; + int org_managedsait; - if ( refresh && - ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) { + if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) { syncuuid_bv = ber_dupbv( NULL, syncUUID ); - avl_insert( &si->presentlist, (caddr_t) syncuuid_bv, - syncuuid_cmp, avl_dup_error ); + avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv, + syncuuid_cmp, avl_dup_error ); } if ( syncstate == LDAP_SYNC_PRESENT ) { - if ( e ) { - return 1; - } else { + return 0; + } else if ( syncstate != LDAP_SYNC_DELETE ) { + if ( entry == NULL ) { return 0; } } - filterstr = (char *) sl_malloc( strlen("entryUUID=") + syncUUID->bv_len + 1, - op->o_tmpmemctx ); - strcpy( filterstr, "entryUUID=" ); - strcat( filterstr, syncUUID->bv_val ); - - si->e = e; - si->syncUUID_ndn = NULL; + f.f_choice = LDAP_FILTER_EQUALITY; + f.f_ava = &ava; + ava.aa_desc = slap_schema.si_ad_entryUUID; + (void)slap_uuidstr_from_normalized( &syncUUID_strrep, syncUUID, op->o_tmpmemctx ); + ava.aa_value = *syncUUID; + op->ors_filter = &f; + + op->ors_filterstr.bv_len = STRLENOF( "entryUUID=" ) + syncUUID->bv_len; + op->ors_filterstr.bv_val = (char *) slap_sl_malloc( + op->ors_filterstr.bv_len + 1, op->o_tmpmemctx ); + AC_MEMCPY( op->ors_filterstr.bv_val, "entryUUID=", STRLENOF( "entryUUID=" ) ); + AC_MEMCPY( &op->ors_filterstr.bv_val[STRLENOF( "entryUUID=" )], + syncUUID->bv_val, syncUUID->bv_len ); + op->ors_filterstr.bv_val[op->ors_filterstr.bv_len] = '\0'; - filter = str2filter( filterstr ); - ber_str2bv( filterstr, strlen(filterstr), 1, &op->ors_filterstr ); - ch_free( filterstr ); - op->ors_filter = filter; + op->o_tag = LDAP_REQ_SEARCH; op->ors_scope = LDAP_SCOPE_SUBTREE; /* get syncrepl cookie of shadow replica from subentry */ - ber_str2bv( si->base, strlen(si->base), 1, &base_bv ); - dnPrettyNormal( 0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx ); - ch_free( base_bv.bv_val ); + op->o_req_dn = si->si_base; + op->o_req_ndn = si->si_base; + + op->o_time = slap_get_time(); + op->ors_tlimit = SLAP_NO_LIMIT; + op->ors_slimit = 1; + + op->ors_attrs = slap_anlist_no_attrs; + op->ors_attrsonly = 1; /* set callback function */ op->o_callback = &cb; cb.sc_response = dn_callback; cb.sc_private = si; - si->syncUUID_ndn = NULL; + BER_BVZERO( &si->si_syncUUID_ndn ); - rc = be->be_search( op, &rs ); + if ( limits_check( op, &rs_search ) == 0 ) { + rc = be->be_search( op, &rs_search ); + } - ch_free( op->o_req_dn.bv_val ); - ch_free( op->o_req_ndn.bv_val ); - filter_free( op->ors_filter ); - ch_free( op->ors_filterstr.bv_val ); + if ( !BER_BVISNULL( &op->ors_filterstr ) ) { + slap_sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx ); + } cb.sc_response = null_callback; cb.sc_private = si; - if ( rc == LDAP_SUCCESS && si->syncUUID_ndn && si->sync_mode != LDAP_SYNC_LOG_MODE ) { - op->o_req_dn = *si->syncUUID_ndn; - op->o_req_ndn = *si->syncUUID_ndn; + if ( rs_search.sr_err == LDAP_SUCCESS && !BER_BVISNULL( &si->si_syncUUID_ndn ) ) + { + char *subseq_ptr; + + if ( syncstate != LDAP_SYNC_DELETE ) { + op->o_no_psearch = 1; + } + + ber_dupbv( &op->o_sync_csn, syncCookie_req->ctxcsn ); + if ( !BER_BVISNULL( &op->o_sync_csn ) ) { + subseq_ptr = strstr( op->o_sync_csn.bv_val, "#0000" ); + subseq_ptr += 4; + *subseq_ptr = '1'; + } + + op->o_req_dn = si->si_syncUUID_ndn; + op->o_req_ndn = si->si_syncUUID_ndn; op->o_tag = LDAP_REQ_DELETE; - rc = be->be_delete( op, &rs ); - } + rc = be->be_delete( op, &rs_delete ); + + org_req_dn = op->o_req_dn; + org_req_ndn = op->o_req_ndn; + org_dn = op->o_dn; + org_ndn = op->o_ndn; + org_managedsait = get_manageDSAit( op ); + op->o_dn = op->o_bd->be_rootdn; + op->o_ndn = op->o_bd->be_rootndn; + op->o_managedsait = 1; + + while ( rs_delete.sr_err == LDAP_SUCCESS && op->o_delete_glue_parent ) { + op->o_delete_glue_parent = 0; + if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) { + slap_callback cb = { NULL }; + cb.sc_response = slap_null_cb; + dnParent( &op->o_req_ndn, &pdn ); + op->o_req_dn = pdn; + op->o_req_ndn = pdn; + op->o_callback = &cb; + op->o_bd->be_delete( op, &rs_delete ); + } else { + break; + } + } - if ( si->syncUUID_ndn ) { - ber_bvfree( si->syncUUID_ndn ); + op->o_managedsait = org_managedsait; + op->o_dn = org_dn; + op->o_ndn = org_ndn; + op->o_req_dn = org_req_dn; + op->o_req_ndn = org_req_ndn; + op->o_delete_glue_parent = 0; + + op->o_no_psearch = 0; } switch ( syncstate ) { - case LDAP_SYNC_ADD : - case LDAP_SYNC_MODIFY : + case LDAP_SYNC_ADD: + case LDAP_SYNC_MODIFY: + if ( rs_search.sr_err == LDAP_SUCCESS || + rs_search.sr_err == LDAP_REFERRAL || + rs_search.sr_err == LDAP_NO_SUCH_OBJECT || + rs_search.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) + { + attr_delete( &entry->e_attrs, slap_schema.si_ad_entryUUID ); + attr_merge_one( entry, slap_schema.si_ad_entryUUID, + &syncUUID_strrep, syncUUID ); - if ( rc == LDAP_SUCCESS || - rc == LDAP_REFERRAL || - rc == LDAP_NO_SUCH_OBJECT ) { + op->o_tag = LDAP_REQ_ADD; + op->ora_e = entry; + op->o_req_dn = entry->e_name; + op->o_req_ndn = entry->e_nname; - attr_delete( &e->e_attrs, slap_schema.si_ad_entryUUID ); - attr_merge_normalize_one( e, slap_schema.si_ad_entryUUID, syncUUID, op->o_tmpmemctx ); + rc = be->be_add( op, &rs_add ); - op->o_tag = LDAP_REQ_ADD; - op->ora_e = e; - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; - rc = be->be_add( op, &rs ); + if ( rs_add.sr_err != LDAP_SUCCESS ) { + if ( rs_add.sr_err == LDAP_ALREADY_EXISTS && + rs_search.sr_err != LDAP_NO_SUCH_OBJECT ) { + Modifications *mod; + Modifications *modtail = modlist; + + assert( modlist ); - if ( rc != LDAP_SUCCESS ) { - if ( rc == LDAP_ALREADY_EXISTS ) { + for ( mod = modlist; mod != NULL; mod = mod->sml_next ) { + modtail = mod; + } + + mod = (Modifications *)ch_calloc(1, sizeof(Modifications)); + ber_dupbv( &uuid_bv, syncUUID ); + mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_desc = slap_schema.si_ad_entryUUID; + mod->sml_type = mod->sml_desc->ad_cname; + ber_bvarray_add( &mod->sml_values, &uuid_bv ); + modtail->sml_next = mod; + op->o_tag = LDAP_REQ_MODIFY; op->orm_modlist = modlist; - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; - rc = be->be_modify( op, &rs ); - si->e = NULL; - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_modify failed (%d)\n", - rc, 0, 0 ); -#else + op->o_req_dn = entry->e_name; + op->o_req_ndn = entry->e_nname; + + rc = be->be_modify( op, &rs_modify ); + if ( rs_modify.sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "syncrepl_entry : be_modify failed (%d)\n", - rc, 0, 0 ); -#endif + rs_modify.sr_err, 0, 0 ); } - return 1; - } else if ( rc == LDAP_REFERRAL || - rc == LDAP_NO_SUCH_OBJECT ) { - syncrepl_add_glue( si, ld, op, e, - modlist, syncstate, - syncUUID, syncCookie); - si->e = NULL; - return 0; + ret = 1; + goto done; + } else if ( rs_modify.sr_err == LDAP_REFERRAL || + rs_modify.sr_err == LDAP_NO_SUCH_OBJECT ) { + syncrepl_add_glue( op, entry ); + ret = 0; + goto done; } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_add failed (%d)\n", - rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_entry : be_add failed (%d)\n", - rc, 0, 0 ); -#endif - si->e = NULL; - return 1; + rs_add.sr_err, 0, 0 ); + ret = 1; + goto done; } } else { - si->e = NULL; - be_entry_release_w( op, e ); - return 0; + be_entry_release_w( op, entry ); + ret = 0; + goto done; } } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : be_search failed (%d)\n", rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "syncrepl_entry : be_search failed (%d)\n", rc, 0, 0 ); -#endif - si->e = NULL; - return 1; + "syncrepl_entry : be_search failed (%d)\n", + rs_search.sr_err, 0, 0 ); + ret = 1; + goto done; } case LDAP_SYNC_DELETE : - if ( si->sync_mode == LDAP_SYNC_LOG_MODE ) { - op->o_req_dn = *si->syncUUID_ndn; - op->o_req_ndn = *si->syncUUID_ndn; - op->o_tag = LDAP_REQ_DELETE; - rc = be->be_delete( op, &rs ); - } - /* Already deleted otherwise */ - return 1; + /* Already deleted */ + ret = 0; + goto done; default : -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_entry : unknown syncstate\n", 0, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_entry : unknown syncstate\n", 0, 0, 0 ); -#endif - return 1; + ret = 1; + goto done; + } + +done : + + if ( !BER_BVISNULL( &syncUUID_strrep ) ) { + slap_sl_free( syncUUID_strrep.bv_val, op->o_tmpmemctx ); + BER_BVZERO( &syncUUID_strrep ); } + if ( !BER_BVISNULL( &si->si_syncUUID_ndn ) ) { + ch_free( si->si_syncUUID_ndn.bv_val ); + BER_BVZERO( &si->si_syncUUID_ndn ); + } + return ret; } +static struct berval gcbva[] = { + BER_BVC("top"), + BER_BVC("glue"), + BER_BVNULL +}; + static void syncrepl_del_nonpresent( - LDAP *ld, - Operation *op -) + Operation *op, + syncinfo_t *si ) { Backend* be = op->o_bd; - syncinfo_t *si = op->o_si; - slap_callback cb; - struct berval base_bv = {0, NULL}; - Filter *filter; - SlapReply rs = {REP_RESULT}; - struct berval filterstr_bv = {0, NULL}; + slap_callback cb = { NULL }; + SlapReply rs_search = {REP_RESULT}; + SlapReply rs_delete = {REP_RESULT}; + SlapReply rs_modify = {REP_RESULT}; struct nonpresent_entry *np_list, *np_prev; + int rc; + Modifications *ml; + Modifications *mlnext; + Modifications *mod; + Modifications *modlist = NULL; + Modifications **modtail = &modlist; + Attribute *attr; + AttributeName an[2]; - ber_str2bv( si->base, strlen(si->base), 1, &base_bv ); - dnPrettyNormal(0, &base_bv, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx ); - ch_free( base_bv.bv_val ); + struct berval pdn = BER_BVNULL; + struct berval org_req_dn = BER_BVNULL; + struct berval org_req_ndn = BER_BVNULL; + struct berval org_dn = BER_BVNULL; + struct berval org_ndn = BER_BVNULL; + int org_managedsait; - filter = str2filter( si->filterstr ); + op->o_req_dn = si->si_base; + op->o_req_ndn = si->si_base; cb.sc_response = nonpresent_callback; cb.sc_private = si; op->o_callback = &cb; op->o_tag = LDAP_REQ_SEARCH; - op->ors_scope = si->scope; + op->ors_scope = si->si_scope; op->ors_deref = LDAP_DEREF_NEVER; - op->ors_slimit = 0; - op->ors_tlimit = 0; + op->o_time = slap_get_time(); + op->ors_tlimit = SLAP_NO_LIMIT; + op->ors_slimit = SLAP_NO_LIMIT; + + memset( &an[0], 0, 2 * sizeof( AttributeName ) ); + an[0].an_name = slap_schema.si_ad_entryUUID->ad_cname; + an[0].an_desc = slap_schema.si_ad_entryUUID; + op->ors_attrs = an; + op->ors_attrsonly = 0; - op->ors_attrs = NULL; - op->ors_filter = filter; - ber_str2bv( si->filterstr, strlen( si->filterstr ), 1, &op->ors_filterstr ); + op->ors_filter = str2filter_x( op, si->si_filterstr.bv_val ); + op->ors_filterstr = si->si_filterstr; + + op->o_nocaching = 1; + op->o_managedsait = 0; - be->be_search( op, &rs ); + if ( limits_check( op, &rs_search ) == 0 ) { + rc = be->be_search( op, &rs_search ); + } + + op->o_managedsait = 1; + op->o_nocaching = 0; - if ( !LDAP_LIST_EMPTY( &si->nonpresentlist ) ) { - np_list = LDAP_LIST_FIRST( &si->nonpresentlist ); + if ( op->ors_filter ) filter_free_x( op, op->ors_filter ); + + if ( !LDAP_LIST_EMPTY( &si->si_nonpresentlist ) ) { + np_list = LDAP_LIST_FIRST( &si->si_nonpresentlist ); while ( np_list != NULL ) { - LDAP_LIST_REMOVE( np_list, np_link ); + LDAP_LIST_REMOVE( np_list, npe_link ); np_prev = np_list; - np_list = LDAP_LIST_NEXT( np_list, np_link ); + np_list = LDAP_LIST_NEXT( np_list, npe_link ); op->o_tag = LDAP_REQ_DELETE; op->o_callback = &cb; cb.sc_response = null_callback; cb.sc_private = si; - op->o_req_dn = *np_prev->dn; - op->o_req_ndn = *np_prev->ndn; - op->o_bd->be_delete( op, &rs ); - ber_bvfree( np_prev->dn ); - ber_bvfree( np_prev->ndn ); - op->o_req_dn.bv_val = NULL; - op->o_req_ndn.bv_val = NULL; + op->o_req_dn = *np_prev->npe_name; + op->o_req_ndn = *np_prev->npe_nname; + rc = op->o_bd->be_delete( op, &rs_delete ); + + if ( rs_delete.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) { + mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); + mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_desc = slap_schema.si_ad_objectClass; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = &gcbva[0]; + *modtail = mod; + modtail = &mod->sml_next; + + mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); + mod->sml_op = LDAP_MOD_REPLACE; + mod->sml_desc = slap_schema.si_ad_structuralObjectClass; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = &gcbva[1]; + *modtail = mod; + modtail = &mod->sml_next; + + op->o_tag = LDAP_REQ_MODIFY; + op->orm_modlist = modlist; + + rc = be->be_modify( op, &rs_modify ); + + for ( ml = modlist; ml != NULL; ml = mlnext ) { + mlnext = ml->sml_next; + free( ml ); + } + } + + org_req_dn = op->o_req_dn; + org_req_ndn = op->o_req_ndn; + org_dn = op->o_dn; + org_ndn = op->o_ndn; + org_managedsait = get_manageDSAit( op ); + op->o_dn = op->o_bd->be_rootdn; + op->o_ndn = op->o_bd->be_rootndn; + op->o_managedsait = 1; + + while ( rs_delete.sr_err == LDAP_SUCCESS && + op->o_delete_glue_parent ) { + op->o_delete_glue_parent = 0; + if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) { + slap_callback cb = { NULL }; + cb.sc_response = slap_null_cb; + dnParent( &op->o_req_ndn, &pdn ); + op->o_req_dn = pdn; + op->o_req_ndn = pdn; + op->o_callback = &cb; + /* give it a root privil ? */ + op->o_bd->be_delete( op, &rs_delete ); + } else { + break; + } + } + + op->o_managedsait = org_managedsait; + op->o_dn = org_dn; + op->o_ndn = org_ndn; + op->o_req_dn = org_req_dn; + op->o_req_ndn = org_req_ndn; + op->o_delete_glue_parent = 0; + + ber_bvfree( np_prev->npe_name ); + ber_bvfree( np_prev->npe_nname ); + BER_BVZERO( &op->o_req_dn ); + BER_BVZERO( &op->o_req_ndn ); ch_free( np_prev ); } } - if ( op->o_req_dn.bv_val ) - ch_free( op->o_req_dn.bv_val ); - if ( op->o_req_ndn.bv_val ) - ch_free( op->o_req_ndn.bv_val ); - filter_free( op->ors_filter ); - ch_free( op->ors_filterstr.bv_val ); - return; } - void syncrepl_add_glue( - syncinfo_t *si, - LDAP *ld, Operation* op, - Entry *e, - Modifications* modlist, - int syncstate, - struct berval* syncUUID, - struct berval* syncCookie -) + Entry *e ) { Backend *be = op->o_bd; - struct berval uuid_bv = {0, NULL}; - slap_callback cb; + slap_callback cb = { NULL }; Attribute *a; int rc; - char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ]; - int levels = 0; - int i, j, k; + int suffrdns; + int i; struct berval dn = {0, NULL}; - struct berval pdn = {0, NULL}; struct berval ndn = {0, NULL}; - struct berval rdn = {0, NULL}; Entry *glue; - SlapReply rs = {REP_RESULT}; - Connection *conn = op->o_conn; - char* ptr; + SlapReply rs_add = {REP_RESULT}; + char *ptr, *comma; op->o_tag = LDAP_REQ_ADD; op->o_callback = &cb; cb.sc_response = null_callback; - cb.sc_private = si; + cb.sc_private = NULL; - ber_dupbv( &dn, &e->e_nname ); - ber_dupbv( &pdn, &e->e_nname ); + dn = e->e_name; + ndn = e->e_nname; - ptr = dn.bv_val; - while ( !be_issuffix ( be, &pdn )) { - dnParent( &dn, &pdn ); - dn.bv_val = pdn.bv_val; - dn.bv_len = pdn.bv_len; - levels++; + /* count RDNs in suffix */ + if ( !BER_BVISEMPTY( &be->be_nsuffix[0] ) ) { + for ( i = 0, ptr = be->be_nsuffix[0].bv_val; ptr; ptr = strchr( ptr, ',' ) ) { + ptr++; + i++; + } + suffrdns = i; + } else { + /* suffix is "" */ + suffrdns = 0; } - ch_free( ptr ); - - for ( i = 0; i <= levels; i++ ) { - glue = (Entry*) ch_calloc( 1, sizeof(Entry) ); - ber_dupbv( &dn, &e->e_nname ); - j = levels - i; - ptr = dn.bv_val; - for ( k = 0; k < j; k++ ) { - dnParent( &dn, &pdn ); - dn.bv_val = pdn.bv_val; - dn.bv_len = pdn.bv_len; - } + /* Start with BE suffix */ + for ( i = 0, ptr = NULL; i < suffrdns; i++ ) { + comma = strrchr( dn.bv_val, ',' ); + if ( ptr ) *ptr = ','; + if ( comma ) *comma = '\0'; + ptr = comma; + } + if ( ptr ) { + *ptr++ = ','; + dn.bv_len -= ptr - dn.bv_val; + dn.bv_val = ptr; + } + /* the normalizedDNs are always the same length, no counting + * required. + */ + if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) { + ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len; + ndn.bv_len = be->be_nsuffix[0].bv_len; + } - dnPrettyNormal( 0, &dn, &pdn, &ndn, op->o_tmpmemctx ); - ber_dupbv( &glue->e_name, &pdn ); + while ( ndn.bv_val > e->e_nname.bv_val ) { + glue = (Entry *) ch_calloc( 1, sizeof(Entry) ); + ber_dupbv( &glue->e_name, &dn ); ber_dupbv( &glue->e_nname, &ndn ); - ch_free( ptr ); - ch_free( pdn.bv_val ); - ch_free( ndn.bv_val ); a = ch_calloc( 1, sizeof( Attribute )); a->a_desc = slap_schema.si_ad_objectClass; a->a_vals = ch_calloc( 3, sizeof( struct berval )); - ber_str2bv( "top", strlen("top"), 1, &a->a_vals[0] ); - ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[1] ); - a->a_vals[2].bv_len = 0; - a->a_vals[2].bv_val = NULL; + ber_dupbv( &a->a_vals[0], &gcbva[0] ); + ber_dupbv( &a->a_vals[1], &gcbva[1] ); + ber_dupbv( &a->a_vals[2], &gcbva[2] ); - a->a_nvals = ch_calloc( 3, sizeof( struct berval )); - ber_str2bv( "top", strlen("top"), 1, &a->a_nvals[0] ); - ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[1] ); - a->a_nvals[2].bv_len = 0; - a->a_nvals[2].bv_val = NULL; + a->a_nvals = a->a_vals; a->a_next = glue->e_attrs; glue->e_attrs = a; @@ -1235,53 +1620,83 @@ syncrepl_add_glue( a->a_desc = slap_schema.si_ad_structuralObjectClass; a->a_vals = ch_calloc( 2, sizeof( struct berval )); - ber_str2bv( "glue", strlen("glue"), 1, &a->a_vals[0] ); - a->a_vals[1].bv_len = 0; - a->a_vals[1].bv_val = NULL; + ber_dupbv( &a->a_vals[0], &gcbva[1] ); + ber_dupbv( &a->a_vals[1], &gcbva[2] ); - a->a_nvals = ch_calloc( 2, sizeof( struct berval )); - ber_str2bv( "glue", strlen("glue"), 1, &a->a_nvals[0] ); - a->a_nvals[1].bv_len = 0; - a->a_nvals[1].bv_val = NULL; + a->a_nvals = a->a_vals; a->a_next = glue->e_attrs; glue->e_attrs = a; - if ( !strcmp( e->e_nname.bv_val, glue->e_nname.bv_val )) { - op->o_req_dn = e->e_name; - op->o_req_ndn = e->e_nname; - op->ora_e = e; - rc = be->be_add ( op, &rs ); - if ( rc == LDAP_SUCCESS ) - be_entry_release_w( op, e ); - else - entry_free( e ); - entry_free( glue ); + op->o_req_dn = glue->e_name; + op->o_req_ndn = glue->e_nname; + op->ora_e = glue; + rc = be->be_add ( op, &rs_add ); + if ( rs_add.sr_err == LDAP_SUCCESS ) { + be_entry_release_w( op, glue ); } else { - op->o_req_dn = glue->e_name; - op->o_req_ndn = glue->e_nname; - op->ora_e = glue; - rc = be->be_add ( op, &rs ); - if ( rc == LDAP_SUCCESS ) { - be_entry_release_w( op, glue ); - } else { - /* incl. ALREADY EXIST */ - entry_free( glue ); - } + /* incl. ALREADY EXIST */ + entry_free( glue ); + } + + /* Move to next child */ + for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--) { + /* empty */ + } + if ( ptr == e->e_name.bv_val ) break; + dn.bv_val = ++ptr; + dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val); + for( ptr = ndn.bv_val-2; + ptr > e->e_nname.bv_val && *ptr != ','; + ptr--) + { + /* empty */ } + ndn.bv_val = ++ptr; + ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val); + } + + op->o_req_dn = e->e_name; + op->o_req_ndn = e->e_nname; + op->ora_e = e; + rc = be->be_add ( op, &rs_add ); + if ( rs_add.sr_err == LDAP_SUCCESS ) { + be_entry_release_w( op, e ); + } else { + entry_free( e ); } return; } +static struct berval ocbva[] = { + BER_BVC("top"), + BER_BVC("subentry"), + BER_BVC("syncConsumerSubentry"), + BER_BVNULL +}; + +static struct berval cnbva[] = { + BER_BVNULL, + BER_BVNULL +}; + +static struct berval ssbva[] = { + BER_BVC("{}"), + BER_BVNULL +}; + +static struct berval scbva[] = { + BER_BVNULL, + BER_BVNULL +}; + void syncrepl_updateCookie( syncinfo_t *si, - LDAP *ld, Operation *op, struct berval *pdn, - struct berval *syncCookie -) + struct sync_cookie *syncCookie ) { Backend *be = op->o_bd; Modifications *ml; @@ -1290,13 +1705,6 @@ syncrepl_updateCookie( Modifications *modlist = NULL; Modifications **modtail = &modlist; - struct berval* ocbva = NULL; - struct berval* cnbva = NULL; - struct berval* ssbva = NULL; - struct berval* scbva = NULL; - - char substr[64]; - char rdnstr[67]; const char *text; char txtbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof txtbuf; @@ -1304,112 +1712,98 @@ syncrepl_updateCookie( Entry* e = NULL; int rc; - struct berval sub_bv = { 0, NULL }; - struct berval psubrdn = { 0, NULL }; + char syncrepl_cbuf[sizeof(CN_STR SYNCREPL_STR)]; + struct berval slap_syncrepl_dn_bv = BER_BVNULL; + struct berval slap_syncrepl_cn_bv = BER_BVNULL; - slap_callback cb; - SlapReply rs = {REP_RESULT}; - - ocbva = ( struct berval * ) ch_calloc( 4, sizeof( struct berval )); - cnbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval )); - ssbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval )); - scbva = ( struct berval * ) ch_calloc( 2, sizeof( struct berval )); - - /* update in memory cookie */ - if ( si->syncCookie != NULL ) { - ber_bvfree( si->syncCookie ); - } - si->syncCookie = ber_dupbv( NULL, syncCookie ); - ber_str2bv( "top", strlen("top"), 1, &ocbva[0] ); - ber_str2bv( "subentry", strlen("subentry"), 1, &ocbva[1] ); - ber_str2bv( "syncConsumerSubentry", - strlen("syncConsumerSubentry"), 1, &ocbva[2] ); + slap_callback cb = { NULL }; + SlapReply rs_add = {REP_RESULT}; + SlapReply rs_modify = {REP_RESULT}; + + slap_sync_cookie_free( &si->si_syncCookie, 0 ); + slap_dup_sync_cookie( &si->si_syncCookie, syncCookie ); + mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); mod->sml_op = LDAP_MOD_REPLACE; - ber_str2bv( "objectClass", strlen("objectClass"), 1, &mod->sml_type ); - mod->sml_bvalues = ocbva; + mod->sml_desc = slap_schema.si_ad_objectClass; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = ocbva; *modtail = mod; modtail = &mod->sml_next; - sprintf( substr, "syncrepl%d", si->id ); - sprintf( rdnstr, "cn=%s", substr ); - ber_str2bv( substr, strlen( substr ), 1, &cnbva[0] ); - ber_str2bv( rdnstr, strlen( rdnstr ), 1, &psubrdn ); + ber_dupbv( &cnbva[0], (struct berval *) &slap_syncrepl_bvc ); + assert( si->si_rid < 1000 ); + cnbva[0].bv_len = snprintf( cnbva[0].bv_val, + slap_syncrepl_bvc.bv_len + 1, + "syncrepl%ld", si->si_rid ); mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); mod->sml_op = LDAP_MOD_REPLACE; - ber_str2bv( "cn", strlen("cn"), 1, &mod->sml_type ); - mod->sml_bvalues = cnbva; + mod->sml_desc = slap_schema.si_ad_cn; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = cnbva; *modtail = mod; modtail = &mod->sml_next; - ber_dupbv( &scbva[0], si->syncCookie ); mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); mod->sml_op = LDAP_MOD_REPLACE; - ber_str2bv( "syncreplCookie", strlen("syncreplCookie"), - 1, &mod->sml_type ); - mod->sml_bvalues = scbva; + mod->sml_desc = slap_schema.si_ad_subtreeSpecification; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = ssbva; *modtail = mod; modtail = &mod->sml_next; - ber_str2bv( "{}", strlen("{}"), 1, &ssbva[0] ); + /* Keep this last, so we can avoid touching the previous + * attributes unnecessarily. + */ + if ( scbva[0].bv_val ) ch_free( scbva[0].bv_val ); + ber_dupbv( &scbva[0], &si->si_syncCookie.octet_str[0] ); mod = (Modifications *) ch_calloc( 1, sizeof( Modifications )); mod->sml_op = LDAP_MOD_REPLACE; - ber_str2bv( "subtreeSpecification", - strlen("subtreeSpecification"), 1, &mod->sml_type ); - mod->sml_bvalues = ssbva; + mod->sml_desc = slap_schema.si_ad_syncreplCookie; + mod->sml_type = mod->sml_desc->ad_cname; + mod->sml_values = scbva; *modtail = mod; modtail = &mod->sml_next; - rc = slap_mods_check( modlist, 1, &text, txtbuf, textlen, NULL ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_updateCookie: mods check (%s)\n", text, 0, 0 ); -#else - Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods check (%s)\n", - text, 0, 0 ); -#endif - } + mlnext = mod; op->o_tag = LDAP_REQ_ADD; rc = slap_mods_opattrs( op, modlist, modtail, - &text,txtbuf, textlen ); + &text, txtbuf, textlen, 0 ); - for ( ml = modlist; ml != NULL; ml = mlnext ) { - mlnext = ml->sml_next; + for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { ml->sml_op = LDAP_MOD_REPLACE; } if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_updateCookie: mods opattrs (%s)\n", text, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods opattrs (%s)\n", text, 0, 0 ); -#endif } e = ( Entry * ) ch_calloc( 1, sizeof( Entry )); - build_new_dn( &sub_bv, pdn, &psubrdn, NULL ); - dnPrettyNormal( NULL, &sub_bv, &e->e_name, &e->e_nname, NULL ); - ch_free( sub_bv.bv_val ); - ch_free( psubrdn.bv_val ); + slap_syncrepl_cn_bv.bv_val = syncrepl_cbuf; + assert( si->si_rid < 1000 ); + slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val, + slap_syncrepl_cn_bvc.bv_len + 1, + "cn=syncrepl%ld", si->si_rid ); + + build_new_dn( &slap_syncrepl_dn_bv, pdn, &slap_syncrepl_cn_bv, + op->o_tmpmemctx ); + ber_dupbv( &e->e_name, &slap_syncrepl_dn_bv ); + ber_dupbv( &e->e_nname, &slap_syncrepl_dn_bv ); + + if ( !BER_BVISNULL( &slap_syncrepl_dn_bv ) ) { + slap_sl_free( slap_syncrepl_dn_bv.bv_val, op->o_tmpmemctx ); + } e->e_attrs = NULL; rc = slap_mods2entry( modlist, &e, 1, 1, &text, txtbuf, textlen ); if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "syncrepl_updateCookie: mods2entry (%s)\n", text, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, "syncrepl_updateCookie: mods2entry (%s)\n", text, 0, 0 ); -#endif } cb.sc_response = null_callback; @@ -1422,124 +1816,110 @@ syncrepl_updateCookie( /* update persistent cookie */ update_cookie_retry: op->o_tag = LDAP_REQ_MODIFY; - op->orm_modlist = modlist; - rc = be->be_modify( op, &rs ); + /* Just modify the cookie value, not the entire entry */ + op->orm_modlist = mod; + rc = be->be_modify( op, &rs_modify ); - if ( rc != LDAP_SUCCESS ) { - if ( rc == LDAP_REFERRAL || - rc == LDAP_NO_SUCH_OBJECT ) { + if ( rs_modify.sr_err != LDAP_SUCCESS ) { + if ( rs_modify.sr_err == LDAP_REFERRAL || + rs_modify.sr_err == LDAP_NO_SUCH_OBJECT ) { op->o_tag = LDAP_REQ_ADD; op->ora_e = e; - rc = be->be_add( op, &rs ); - if ( rc != LDAP_SUCCESS ) { - if ( rc == LDAP_ALREADY_EXISTS ) { + rc = be->be_add( op, &rs_add ); + if ( rs_add.sr_err != LDAP_SUCCESS ) { + if ( rs_add.sr_err == LDAP_ALREADY_EXISTS ) { goto update_cookie_retry; - } else if ( rc == LDAP_REFERRAL || - rc == LDAP_NO_SUCH_OBJECT ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "cookie will be non-persistent\n", - 0, 0, 0 ); -#else + } else if ( rs_add.sr_err == LDAP_REFERRAL || + rs_add.sr_err == LDAP_NO_SUCH_OBJECT ) { Debug( LDAP_DEBUG_ANY, "cookie will be non-persistent\n", 0, 0, 0 ); -#endif } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "be_add failed (%d)\n", - rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "be_add failed (%d)\n", - rc, 0, 0 ); -#endif + "be_add failed (%d)\n", rs_add.sr_err, 0, 0 ); } } else { be_entry_release_w( op, e ); goto done; } } else { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "be_modify failed (%d)\n", rc, 0, 0 ); -#else Debug( LDAP_DEBUG_ANY, - "be_modify failed (%d)\n", rc, 0, 0 ); -#endif + "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 ); } } -done : - if ( e != NULL ) { entry_free( e ); } - if ( modlist ) { - slap_mods_free( modlist ); +done : + + if ( !BER_BVISNULL( &cnbva[0] ) ) { + ch_free( cnbva[0].bv_val ); + BER_BVZERO( &cnbva[0] ); + } + if ( !BER_BVISNULL( &scbva[0] ) ) { + ch_free( scbva[0].bv_val ); + BER_BVZERO( &scbva[0] ); + } + + if ( mlnext->sml_next ) { + slap_mods_free( mlnext->sml_next ); + mlnext->sml_next = NULL; + } + + for (ml = modlist ; ml != NULL; ml = mlnext ) { + mlnext = ml->sml_next; + free( ml ); } return; } -void -avl_ber_bvfree( void *bv ) +int +syncrepl_isupdate( Operation *op ) { - if( bv == NULL ) { - return; - } - if ( ((struct berval *)bv)->bv_val != NULL ) { - ch_free ( ((struct berval *)bv)->bv_val ); - } - ch_free ( (char *) bv ); + return ( syncrepl_isupdate_dn( op->o_bd, &op->o_ndn )); } -static int -cookie_callback( - Operation* op, - SlapReply* rs -) +int +syncrepl_isupdate_dn( + Backend* be, + struct berval* ndn ) { - syncinfo_t *si = op->o_callback->sc_private; - Attribute *a; - - if ( rs->sr_type != REP_SEARCH ) return LDAP_SUCCESS; - - a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_syncreplCookie ); + syncinfo_t* si; + int ret = 0; - if ( a == NULL ) { - si->syncCookie = NULL; - } else { - si->syncCookie = ber_dupbv( NULL, &a->a_vals[0] ); + if ( !LDAP_STAILQ_EMPTY( &be->be_syncinfo )) { + LDAP_STAILQ_FOREACH( si, &be->be_syncinfo, si_next ) { + if ( ( ret = dn_match( &si->si_updatedn, ndn ) ) ) { + return ret; + } + } } - return LDAP_SUCCESS; + return 0; } static int dn_callback( Operation* op, - SlapReply* rs -) + SlapReply* rs ) { syncinfo_t *si = op->o_callback->sc_private; if ( rs->sr_type == REP_SEARCH ) { - if ( si->syncUUID_ndn != NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "dn_callback : multiple entries match dn\n", 0, 0, 0 ); -#else + if ( !BER_BVISNULL( &si->si_syncUUID_ndn ) ) { Debug( LDAP_DEBUG_ANY, - "dn_callback : multiple entries match dn\n", 0, 0, 0 ); -#endif + "dn_callback : consistency error - " + "entryUUID is not unique\n", 0, 0, 0 ); } else { - if ( rs->sr_entry == NULL ) { - si->syncUUID_ndn = NULL; - } else { - si->syncUUID_ndn = ber_dupbv( NULL, &rs->sr_entry->e_nname ); - } + ber_dupbv_x( &si->si_syncUUID_ndn, &rs->sr_entry->e_nname, NULL ); + } + } else if ( rs->sr_type == REP_RESULT ) { + if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) { + Debug( LDAP_DEBUG_ANY, + "dn_callback : consistency error - " + "entryUUID is not unique\n", 0, 0, 0 ); } } @@ -1549,114 +1929,280 @@ dn_callback( static int nonpresent_callback( Operation* op, - SlapReply* rs -) + SlapReply* rs ) { syncinfo_t *si = op->o_callback->sc_private; Attribute *a; int count = 0; struct berval* present_uuid = NULL; - slap_callback cb; - SlapReply rs_cb = {REP_RESULT}; struct nonpresent_entry *np_entry; if ( rs->sr_type == REP_RESULT ) { - count = avl_free( si->presentlist, avl_ber_bvfree ); - si->presentlist = NULL; - return LDAP_SUCCESS; + count = avl_free( si->si_presentlist, avl_ber_bvfree ); + si->si_presentlist = NULL; + } else if ( rs->sr_type == REP_SEARCH ) { a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID ); - if ( a == NULL ) - return 0; + if ( a == NULL ) return 0; - present_uuid = avl_find( si->presentlist, &a->a_vals[0], syncuuid_cmp ); + present_uuid = avl_find( si->si_presentlist, &a->a_nvals[0], + syncuuid_cmp ); if ( present_uuid == NULL ) { np_entry = (struct nonpresent_entry *) - ch_calloc( 1, sizeof( struct nonpresent_entry )); - np_entry->dn = ber_dupbv( NULL, &rs->sr_entry->e_name ); - np_entry->ndn = ber_dupbv( NULL, &rs->sr_entry->e_nname ); - LDAP_LIST_INSERT_HEAD( &si->nonpresentlist, np_entry, np_link ); + ch_calloc( 1, sizeof( struct nonpresent_entry )); + np_entry->npe_name = ber_dupbv( NULL, &rs->sr_entry->e_name ); + np_entry->npe_nname = ber_dupbv( NULL, &rs->sr_entry->e_nname ); + LDAP_LIST_INSERT_HEAD( &si->si_nonpresentlist, np_entry, npe_link ); + } else { - avl_delete( &si->presentlist, - &a->a_vals[0], syncuuid_cmp ); + avl_delete( &si->si_presentlist, + &a->a_nvals[0], syncuuid_cmp ); ch_free( present_uuid->bv_val ); ch_free( present_uuid ); } - return LDAP_SUCCESS; - } else { - return LDAP_SUCCESS; } - + return LDAP_SUCCESS; } static int null_callback( Operation* op, - SlapReply* rs -) + SlapReply* rs ) { - syncinfo_t *si = op->o_callback->sc_private; - if ( rs->sr_err != LDAP_SUCCESS && - rs->sr_err != LDAP_REFERRAL && - rs->sr_err != LDAP_ALREADY_EXISTS && - rs->sr_err != LDAP_NO_SUCH_OBJECT ) { -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, ERR, - "null_callback : error code 0x%x\n", - rs->sr_err, 0, 0 ); -#else + rs->sr_err != LDAP_REFERRAL && + rs->sr_err != LDAP_ALREADY_EXISTS && + rs->sr_err != LDAP_NO_SUCH_OBJECT && + rs->sr_err != LDAP_NOT_ALLOWED_ON_NONLEAF ) + { Debug( LDAP_DEBUG_ANY, "null_callback : error code 0x%x\n", rs->sr_err, 0, 0 ); -#endif } return LDAP_SUCCESS; } +Entry * +slap_create_syncrepl_entry( + Backend *be, + struct berval *context_csn, + struct berval *rdn, + struct berval *cn ) +{ + Entry* e; + + struct berval bv; + + e = ( Entry * ) ch_calloc( 1, sizeof( Entry )); + + attr_merge( e, slap_schema.si_ad_objectClass, ocbva, NULL ); + + attr_merge_one( e, slap_schema.si_ad_structuralObjectClass, + &ocbva[1], NULL ); + + attr_merge_one( e, slap_schema.si_ad_cn, cn, NULL ); + + if ( context_csn ) { + attr_merge_one( e, slap_schema.si_ad_syncreplCookie, + context_csn, NULL ); + } + + BER_BVSTR( &bv, "{}" ); + attr_merge_one( e, slap_schema.si_ad_subtreeSpecification, &bv, NULL ); + + build_new_dn( &e->e_name, &be->be_nsuffix[0], rdn, NULL ); + ber_dupbv( &e->e_nname, &e->e_name ); + + return e; +} -char ** -str2clist( char ***out, char *in, const char *brkstr ) +struct berval * +slap_uuidstr_from_normalized( + struct berval* uuidstr, + struct berval* normalized, + void *ctx ) { - char *str; - char *s; - char *lasts; - int i, j; - const char *text; - char **new; + struct berval *new; + unsigned char nibble; + int i, d = 0; - /* find last element in list */ - for (i = 0; *out && *out[i]; i++); + if ( normalized == NULL ) return NULL; + if ( normalized->bv_len != 16 ) return NULL; + + if ( uuidstr ) { + new = uuidstr; + } else { + new = (struct berval *)slap_sl_malloc( sizeof(struct berval), ctx ); + if ( new == NULL ) { + return NULL; + } + } - /* protect the input string from strtok */ - str = ch_strdup( in ); + new->bv_len = 36; - if ( *str == '\0' ) { - free( str ); - return( *out ); + if ( ( new->bv_val = slap_sl_malloc( new->bv_len + 1, ctx ) ) == NULL ) { + if ( new != uuidstr ) { + slap_sl_free( new, ctx ); + } + return NULL; } - /* Count words in string */ - j=1; - for ( s = str; *s; s++ ) { - if ( strchr( brkstr, *s ) != NULL ) { - j++; + for ( i = 0; i < 16; i++ ) { + if ( i == 4 || i == 6 || i == 8 || i == 10 ) { + new->bv_val[(i<<1)+d] = '-'; + d += 1; + } + + nibble = (normalized->bv_val[i] >> 4) & 0xF; + if ( nibble < 10 ) { + new->bv_val[(i<<1)+d] = nibble + '0'; + } else { + new->bv_val[(i<<1)+d] = nibble - 10 + 'a'; + } + + nibble = (normalized->bv_val[i]) & 0xF; + if ( nibble < 10 ) { + new->bv_val[(i<<1)+d+1] = nibble + '0'; + } else { + new->bv_val[(i<<1)+d+1] = nibble - 10 + 'a'; } } - *out = ch_realloc( *out, ( i + j + 1 ) * sizeof( char * ) ); - new = *out + i; - for ( s = ldap_pvt_strtok( str, brkstr, &lasts ); - s != NULL; - s = ldap_pvt_strtok( NULL, brkstr, &lasts ) ) - { - *new = ch_strdup( s ); - new++; + new->bv_val[new->bv_len] = '\0'; + return new; +} + +static int +syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 ) +{ + const struct berval *uuid1 = v_uuid1; + const struct berval *uuid2 = v_uuid2; + int rc = uuid1->bv_len - uuid2->bv_len; + if ( rc ) return rc; + return ( memcmp( uuid1->bv_val, uuid2->bv_val, uuid1->bv_len ) ); +} + +static void +avl_ber_bvfree( void *v_bv ) +{ + struct berval *bv = (struct berval *)v_bv; + + if( v_bv == NULL ) return; + if ( !BER_BVISNULL( bv ) ) { + ch_free( bv->bv_val ); } + ch_free( (char *) bv ); +} - *new = NULL; - free( str ); - return( *out ); +void +syncinfo_free( syncinfo_t *sie ) +{ + if ( sie->si_provideruri ) { + ch_free( sie->si_provideruri ); + } + if ( sie->si_provideruri_bv ) { + ber_bvarray_free( sie->si_provideruri_bv ); + } + if ( sie->si_updatedn.bv_val ) { + ch_free( sie->si_updatedn.bv_val ); + } + if ( sie->si_binddn ) { + ch_free( sie->si_binddn ); + } + if ( sie->si_passwd ) { + ch_free( sie->si_passwd ); + } + if ( sie->si_saslmech ) { + ch_free( sie->si_saslmech ); + } + if ( sie->si_secprops ) { + ch_free( sie->si_secprops ); + } + if ( sie->si_realm ) { + ch_free( sie->si_realm ); + } + if ( sie->si_authcId ) { + ch_free( sie->si_authcId ); + } + if ( sie->si_authzId ) { + ch_free( sie->si_authzId ); + } + if ( sie->si_filterstr.bv_val ) { + ch_free( sie->si_filterstr.bv_val ); + } + if ( sie->si_base.bv_val ) { + ch_free( sie->si_base.bv_val ); + } + if ( sie->si_attrs ) { + int i = 0; + while ( sie->si_attrs[i] != NULL ) { + ch_free( sie->si_attrs[i] ); + i++; + } + ch_free( sie->si_attrs ); + } + if ( sie->si_exattrs ) { + int i = 0; + while ( sie->si_exattrs[i] != NULL ) { + ch_free( sie->si_exattrs[i] ); + i++; + } + ch_free( sie->si_exattrs ); + } + if ( sie->si_anlist ) { + int i = 0; + while ( sie->si_anlist[i].an_name.bv_val != NULL ) { + ch_free( sie->si_anlist[i].an_name.bv_val ); + i++; + } + ch_free( sie->si_anlist ); + } + if ( sie->si_exanlist ) { + int i = 0; + while ( sie->si_exanlist[i].an_name.bv_val != NULL ) { + ch_free( sie->si_exanlist[i].an_name.bv_val ); + i++; + } + ch_free( sie->si_exanlist ); + } + if ( sie->si_retryinterval ) { + ch_free( sie->si_retryinterval ); + } + if ( sie->si_retrynum ) { + ch_free( sie->si_retrynum ); + } + if ( sie->si_retrynum_init ) { + ch_free( sie->si_retrynum_init ); + } + slap_sync_cookie_free( &sie->si_syncCookie, 0 ); + if ( sie->si_syncUUID_ndn.bv_val ) { + ch_free( sie->si_syncUUID_ndn.bv_val ); + } + if ( sie->si_presentlist ) { + avl_free( sie->si_presentlist, avl_ber_bvfree ); + } + if ( sie->si_ld ) { + ldap_ld_free( sie->si_ld, 1, NULL, NULL ); + } + while ( !LDAP_LIST_EMPTY( &sie->si_nonpresentlist )) { + struct nonpresent_entry* npe; + npe = LDAP_LIST_FIRST( &sie->si_nonpresentlist ); + LDAP_LIST_REMOVE( npe, npe_link ); + if ( npe->npe_name ) { + if ( npe->npe_name->bv_val ) { + ch_free( npe->npe_name->bv_val ); + } + ch_free( npe->npe_name ); + } + if ( npe->npe_nname ) { + if ( npe->npe_nname->bv_val ) { + ch_free( npe->npe_nname->bv_val ); + } + ch_free( npe->npe_nname ); + } + ch_free( npe ); + } + ch_free( sie ); }