exit 1
fi
+if test -e $RELNAME/doc/guide/admin/guide.sdf ; then
+ echo "build guide..."
+ ( cd $RELNAME/doc/guide/admin ; make guide.html )
+else
+ echo "No guide"
+fi
+
if test ! -e $RELNAME/build/version.sh ; then
echo "No build version"
OL_STRING="something"
LDAP_LIBLDAP_LA = $(LDAP_LIBDIR)/libldap/libldap.la
LDAP_LIBLDAP_R_LA = $(LDAP_LIBDIR)/libldap_r/libldap_r.la
-LDAP_LIBREWRITE_A = $(LDAP_LIBDIR)/librewrite/librewrite.a
+LDAP_LIBLREWRITE_LA = $(LDAP_LIBDIR)/librewrite/liblrewrite.la
LDAP_LIBLUNICODE_A = $(LDAP_LIBDIR)/liblunicode/liblunicode.a
LDAP_LIBLUTIL_A = $(LDAP_LIBDIR)/liblutil/liblutil.a
$(LDAP_LIBLDAP_LA) $(LDAP_LIBLBER_LA)
SLURPD_L = $(LDAP_LIBLUTIL_A) \
$(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
-SLAPD_L = $(LDAP_LIBLUNICODE_A) $(LDAP_LIBREWRITE_A) \
+SLAPD_L = $(LDAP_LIBLUNICODE_A) $(LDAP_LIBLREWRITE_LA) \
$(SLURPD_L)
WRAP_LIBS = @WRAP_LIBS@
.LP
.ft B
char *ldap_first_attribute(
- LDAP *ld, LDAPMessage entry, BerElement **berptr )
+ LDAP *ld, LDAPMessage *entry, BerElement **berptr )
.LP
.ft B
char *ldap_next_attribute(
- LDAP *ld, LDAPMessage entry, BerElement *ber )
+ LDAP *ld, LDAPMessage *entry, BerElement *ber )
.SH DESCRIPTION
The
.B ldap_first_attribute()
.SH SEE ALSO
.BR ldap (3),
.BR ldap_result (3),
-.BR ldap_getfilter (3),
.BR ldap_error (3)
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
#define LDAP_CONTROL_NOOP "1.3.6.1.4.1.4203.666.5.2"
#define LDAP_CONTROL_PRE_READ "1.3.6.1.4.1.4203.666.5.10.1"
#define LDAP_CONTROL_POST_READ "1.3.6.1.4.1.4203.666.5.10.2"
+#define LDAP_CONTROL_NO_SUBORDINATES "1.3.6.1.4.1.4203.666.5.11"
+#define LDAP_CONTROL_MANAGEDIT "1.3.6.1.4.1.4203.666.5.12"
+#define LDAP_CONTROL_SLURP "1.3.6.1.4.1.4203.666.5.13"
/* LDAP Duplicated Entry Control Extension *//* not implemented in slapd(8) */
#define LDAP_CONTROL_DUPENT_REQUEST "2.16.840.1.113719.1.27.101.1"
struct berval *value,
int *freeval ));
+LDAP_LDIF_F( FILE * )
+ldif_open_url LDAP_P(( LDAP_CONST char *urlstr ));
+
LDAP_LDIF_F( int )
ldif_fetch_url LDAP_P((
LDAP_CONST char *line,
LDAP_LDIF_F( int )
ldif_countlines LDAP_P(( LDAP_CONST char *line ));
+/* ldif_ropen, rclose, read_record - just for reading LDIF files,
+ * no special open/close needed to write LDIF files.
+ */
+typedef struct LDIFFP {
+ FILE *fp;
+ struct LDIFFP *prev;
+} LDIFFP;
+
+LDAP_LDIF_F( LDIFFP * )
+ldif_open LDAP_P(( char *file, char *mode ));
+
+LDAP_LDIF_F( void )
+ldif_close LDAP_P(( LDIFFP * ));
+
LDAP_LDIF_F( int )
ldif_read_record LDAP_P((
- FILE *fp,
+ LDIFFP *fp,
int *lineno,
char **bufp,
int *buflen ));
sasl_dispose( &oldctx );
ldap_pvt_sasl_remove( ld->ld_defconn->lconn_sb );
}
- ldap_pvt_sasl_install( ld->ld_conns->lconn_sb, ctx );
+ ldap_pvt_sasl_install( ld->ld_defconn->lconn_sb, ctx );
ld->ld_defconn->lconn_sasl_sockctx = ctx;
}
}
# It's ok for them to be here because the clean rule is harmless, and
# slapdmsg.res won't get built unless it's declared in OBJS.
+slapdmsg.bin: FORCE
+ @if [ ! -f $@ ]; then cp $(srcdir)/$@ .; fi
+
slapdmsg.res: slapdmsg.rc slapdmsg.bin
windres $< -O coff -o $@
#include "ldap_config.h"
#include "ldif.h"
-int
-ldif_fetch_url(
- LDAP_CONST char *urlstr,
- char **valuep,
- ber_len_t *vlenp
+FILE *
+ldif_open_url(
+ LDAP_CONST char *urlstr
)
{
FILE *url;
- char buffer[1024];
char *p = NULL;
- size_t total;
- size_t bytes;
-
- *valuep = NULL;
- *vlenp = 0;
-
#ifdef HAVE_FETCH
url = fetchGetURL( (char*) urlstr, "" );
if( strncasecmp( "file://", urlstr, sizeof("file://")-1 ) == 0 ) {
p = strchr( &urlstr[sizeof("file://")-1], '/' );
if( p == NULL ) {
- return -1;
+ return NULL;
}
/* we don't check for LDAP_DIRSEP since URLs should contain '/' */
- if( *p != '/' ) {
- /* skip over false root */
- p++;
- }
+ /* skip over false root */
+ p++;
p = ber_strdup( p );
ldap_pvt_hex_unescape( p );
url = fopen( p, "rb" );
+ ber_memfree( p );
} else {
- return -1;
+ return NULL;
}
#endif
+ return url;
+}
+
+int
+ldif_fetch_url(
+ LDAP_CONST char *urlstr,
+ char **valuep,
+ ber_len_t *vlenp
+)
+{
+ FILE *url;
+ char buffer[1024];
+ char *p = NULL;
+ size_t total;
+ size_t bytes;
+
+ *valuep = NULL;
+ *vlenp = 0;
+
+ url = ldif_open_url( urlstr );
if( url == NULL ) {
return -1;
return 1;
}
+LDIFFP *
+ldif_open(
+ char *file,
+ char *mode
+)
+{
+ FILE *fp = fopen( file, mode );
+ LDIFFP *lfp = NULL;
+
+ if ( fp ) {
+ lfp = ber_memalloc( sizeof( LDIFFP ));
+ lfp->fp = fp;
+ lfp->prev = NULL;
+ }
+ return lfp;
+}
+
+void
+ldif_close(
+ LDIFFP *lfp
+)
+{
+ LDIFFP *prev;
+
+ while ( lfp ) {
+ fclose( lfp->fp );
+ prev = lfp->prev;
+ ber_memfree( lfp );
+ lfp = prev;
+ }
+}
+
/*
- * slap_read_ldif - read an ldif record. Return 1 for success, 0 for EOF.
+ * ldif_read_record - read an ldif record. Return 1 for success, 0 for EOF.
*/
int
ldif_read_record(
- FILE *fp,
+ LDIFFP *lfp,
int *lno, /* ptr to line number counter */
char **bufp, /* ptr to malloced output buffer */
int *buflenp ) /* ptr to length of *bufp */
line = linebuf;
linesize = sizeof( linebuf );
- for ( stop = feof( fp ); !stop; last_ch = line[len-1] ) {
- if ( fgets( line, linesize, fp ) == NULL ) {
+ for ( stop = 0; !stop; last_ch = line[len-1] ) {
+ /* If we're at the end of this file, see if we should pop
+ * back to a previous file. (return from an include)
+ */
+ while ( feof( lfp->fp )) {
+ if ( lfp->prev ) {
+ LDIFFP *tmp = lfp->prev;
+ fclose( lfp->fp );
+ *lfp = *tmp;
+ ber_memfree( tmp );
+ } else {
+ stop = 1;
+ break;
+ }
+ }
+ if ( stop )
+ break;
+
+ if ( fgets( line, linesize, lfp->fp ) == NULL ) {
stop = 1;
/* Add \n in case the file does not end with newline */
line = "\n";
/* skip index */
continue;
}
+ if ( !strncasecmp( line, "include:",
+ STRLENOF("include:"))) {
+ FILE *fp2;
+ char *ptr;
+ found_entry = 0;
+
+ if ( line[len-1] == '\n' ) {
+ len--;
+ line[len] = '\0';
+ }
+ if ( line[len-1] == '\r' ) {
+ len--;
+ line[len] = '\0';
+ }
+
+ ptr = line + STRLENOF("include:");
+ while (isspace(*ptr)) ptr++;
+ fp2 = ldif_open_url( ptr );
+ if ( fp2 ) {
+ LDIFFP *lnew = ber_memalloc( sizeof( LDIFFP ));
+ lnew->prev = lfp->prev;
+ lnew->fp = lfp->fp;
+ lfp->prev = lnew;
+ lfp->fp = fp2;
+ line[len] = '\n';
+ len++;
+ continue;
+ } else {
+ /* We failed to open the file, this should
+ * be reported as an error somehow.
+ */
+ break;
+ }
+ }
}
}
}
session.c subst.c var.c xmap.c \
parse.c rewrite.c
XSRCS = version.c
-OBJS = config.o context.o info.o ldapmap.o map.o params.o rule.o \
- session.o subst.o var.o xmap.o
+OBJS = config.lo context.lo info.lo ldapmap.lo map.lo params.lo rule.lo \
+ session.lo subst.lo var.lo xmap.lo
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
-LIBRARY = librewrite.a
+LIBRARY = liblrewrite.la
PROGRAMS = rewrite
XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) \
$(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
rewrite: $(XLIBS) rewrite.o parse.o
$(LTLINK) -o $@ rewrite.o parse.o $(LIBS)
+
+install-local: FORCE
+ -$(MKDIR) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+ $(LTFINISH) $(DESTDIR)$(libdir)
if ( a->a_nvals && a->a_nvals != a->a_vals ) {
ber_bvarray_free( a->a_nvals );
}
- ber_bvarray_free( a->a_vals );
+ if ( a->a_vals != &slap_dummy_bv ) {
+ ber_bvarray_free( a->a_vals );
+ }
free( a );
}
}
done:
+ switch( rc ) {
+ /* The callers all know how to deal with these results */
+ case 0:
+ case DB_LOCK_DEADLOCK:
+ case DB_LOCK_NOTGRANTED:
+ break;
+ /* Anything else is bad news */
+ default:
+ rc = LDAP_OTHER;
+ }
return rc;
}
static int
ldap_build_entry( Operation *op, LDAPMessage *e, Entry *ent,
- struct berval *bdn, int flags );
-#define LDAP_BUILD_ENTRY_PRIVATE 0x01
+ struct berval *bdn );
/*
* Quick'n'dirty rewrite of filter in case of error, to deal with
do_retry = 0;
e = ldap_first_entry( lc->lc_ld, res );
- rc = ldap_build_entry( op, e, &ent, &bdn,
- LDAP_BUILD_ENTRY_PRIVATE );
+ rc = ldap_build_entry( op, e, &ent, &bdn );
if ( rc == LDAP_SUCCESS ) {
rs->sr_entry = &ent;
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_flags = 0;
abort = send_search_entry( op, rs );
- while ( ent.e_attrs ) {
- Attribute *a;
-
- a = ent.e_attrs;
- ent.e_attrs = a->a_next;
-
- if ( a->a_nvals != a->a_vals ) {
- ber_bvarray_free( a->a_nvals );
- }
- if ( a->a_vals != &slap_dummy_bv ) {
- ber_bvarray_free( a->a_vals );
- }
- ch_free( a );
- }
-
- if ( ent.e_dn && ( ent.e_dn != bdn.bv_val ) ) {
- free( ent.e_dn );
+ if ( !BER_BVISNULL( &ent.e_name ) && ( ent.e_name.bv_val != bdn.bv_val ) )
+ {
+ free( ent.e_name.bv_val );
+ BER_BVZERO( &ent.e_name );
}
- if ( ent.e_ndn ) {
- free( ent.e_ndn );
+ if ( !BER_BVISNULL( &ent.e_nname ) ) {
+ free( ent.e_nname.bv_val );
+ BER_BVZERO( &ent.e_nname );
}
+ entry_clean( &ent );
}
ldap_msgfree( res );
if ( abort ) {
Operation *op,
LDAPMessage *e,
Entry *ent,
- struct berval *bdn,
- int flags )
+ struct berval *bdn )
{
struct berval a;
BerElement ber = *e->lm_ber;
Attribute *attr, **attrp;
const char *text;
int last;
- int private = flags & LDAP_BUILD_ENTRY_PRIVATE;
/* safe assumptions ... */
assert( ent );
* Note: attr->a_vals can be null when using
* values result filter
*/
- if ( private ) {
- attr->a_vals = (struct berval *)&slap_dummy_bv;
-
- } else {
- attr->a_vals = ch_malloc( sizeof( struct berval ) );
- BER_BVZERO( &attr->a_vals[ 0 ] );
- }
+ attr->a_vals = (struct berval *)&slap_dummy_bv;
last = 0;
} else {
*ent = ch_calloc( 1, sizeof( Entry ) );
- rc = ldap_build_entry( op, e, *ent, &bdn, 0 );
+ rc = ldap_build_entry( op, e, *ent, &bdn );
if ( rc != LDAP_SUCCESS ) {
ch_free( *ent );
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_META@_DEFS)
-shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
+shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) \
+ $(LDAP_LIBLREWRITE_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
break;
}
- if ( op->ors_slimit > 0 && rs->sr_nentries == op->ors_slimit )
- {
- rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- savepriv = op->o_private;
- op->o_private = (void *)i;
- send_ldap_result( op, rs );
- op->o_private = savepriv;
- goto finish;
- }
-
/*
* FIXME: handle time limit as well?
* Note that target servers are likely
goto finish;
} else if ( rc == LDAP_RES_SEARCH_ENTRY ) {
+ if ( --op->ors_slimit == -1 ) {
+ ldap_msgfree( res );
+ res = NULL;
+
+ rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ savepriv = op->o_private;
+ op->o_private = (void *)i;
+ send_ldap_result( op, rs );
+ op->o_private = savepriv;
+ goto finish;
+ }
+
is_ok++;
e = ldap_first_entry( msc->msc_ld, res );
send_search_entry( op, rs );
rs->sr_entry = NULL;
rs->sr_attrs = NULL;
- while ( ent.e_attrs ) {
- attr = ent.e_attrs;
- ent.e_attrs = attr->a_next;
- if ( attr->a_vals != &slap_dummy_bv ) {
- if ( attr->a_nvals != attr->a_vals ) {
- ber_bvarray_free( attr->a_nvals );
- }
- ber_bvarray_free( attr->a_vals );
- }
- free( attr );
- }
- if ( ent.e_dn && ent.e_dn != bdn.bv_val ) {
- free( ent.e_dn );
+ if ( !BER_BVISNULL( &ent.e_name ) && ent.e_name.bv_val != bdn.bv_val ) {
+ free( ent.e_name.bv_val );
+ BER_BVZERO( &ent.e_name );
}
- if ( ent.e_ndn ) {
- free( ent.e_ndn );
+ if ( !BER_BVISNULL( &ent.e_nname ) ) {
+ free( ent.e_nname.bv_val );
+ BER_BVZERO( &ent.e_nname );
}
+ entry_clean( &ent );
return LDAP_SUCCESS;
}
op->ora_e->e_name.bv_val, 0, 0 );
/* check schema */
- if ( global_schemacheck ) {
+ if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
rs->sr_err = entry_schema_check( op->o_bd, op->ora_e,
#define BSQLF_FETCH_ALL_USERATTRS 0x0200
#define BSQLF_FETCH_ALL_OPATTRS 0x0400
#define BSQLF_FETCH_ALL_ATTRS (BSQLF_FETCH_ALL_USERATTRS|BSQLF_FETCH_ALL_OPATTRS)
+#define BSQLF_CHECK_SCHEMA 0x0800
#define BACKSQL_ISF(si, f) \
(((si)->sql_flags & f) == f)
BACKSQL_ISF(si, BSQLF_FETCH_ALL_OPATTRS)
#define BACKSQL_FETCH_ALL_ATTRS(si) \
BACKSQL_ISF(si, BSQLF_FETCH_ALL_ATTRS)
+#define BACKSQL_CHECK_SCHEMA(si) \
+ BACKSQL_ISF(si, BSQLF_CHECK_SCHEMA)
Entry *sql_baseObject;
#ifdef BACKSQL_ARBITRARY_KEY
return -1;
}
+ } else if ( !strcasecmp( argv[ 0 ], "check_schema") ) {
+ if ( argc < 2 ) {
+ Debug( LDAP_DEBUG_TRACE,
+ "<==backsql_db_config (%s line %d): "
+ "missing { yes | no }"
+ "in \"check_schema\" directive\n",
+ fname, lineno, 0 );
+ return 1;
+ }
+
+ if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ bi->sql_flags |= BSQLF_CHECK_SCHEMA;
+
+ } else if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ bi->sql_flags &= ~BSQLF_CHECK_SCHEMA;
+
+ } else {
+ Debug( LDAP_DEBUG_TRACE,
+ "<==backsql_db_config (%s line %d): "
+ "\"check_schema\" directive arg "
+ "must be \"yes\" or \"no\"\n",
+ fname, lineno, 0 );
+ return 1;
+
+ }
+ Debug( LDAP_DEBUG_TRACE, "<==backsql_db_config(): "
+ "check_schema=%s\n",
+ BACKSQL_CHECK_SCHEMA( bi ) ? "yes" : "no",
+ 0, 0 );
+
} else {
return SLAP_CONF_UNKNOWN;
}
const char *fname )
{
backsql_info *bi = (backsql_info *)be->be_private;
- FILE *fp;
+ LDIFFP *fp;
int rc = 0, lineno = 0, lmax = 0;
char *buf = NULL;
assert( fname );
- fp = fopen( fname, "r" );
+ fp = ldif_open( fname, "r" );
if ( fp == NULL ) {
Debug( LDAP_DEBUG_ANY,
"could not open back-sql baseObject "
if ( bi->sql_baseObject == NULL ) {
Debug( LDAP_DEBUG_ANY,
"read_baseObject_file: SLAP_CALLOC failed", 0, 0, 0 );
- fclose( fp );
+ ldif_close( fp );
return LDAP_NO_MEMORY;
}
bi->sql_baseObject->e_name = be->be_suffix[0];
ch_free( buf );
- fclose( fp );
+ ldif_close( fp );
Debug( LDAP_DEBUG_CONFIG, "back-sql baseObject file \"%s\" read.\n",
fname, 0, 0 );
}
}
- if ( global_schemacheck ) {
- const char *text = NULL;
- char textbuf[ 1024 ];
- size_t textlen = sizeof( textbuf );
- struct berval bv[ 2 ];
- struct berval soc;
- int rc;
-
- bv[ 0 ] = bsi->bsi_oc->bom_oc->soc_cname;
- BER_BVZERO( &bv[ 1 ] );
-
- rc = structural_class( bv, &soc, NULL,
- &text, textbuf, textlen );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_TRACE, "backsql_id2entry(%s): "
- "structural_class() failed %d (%s)\n",
- bsi->bsi_e->e_name.bv_val,
- rc, text ? text : "" );
- entry_clean( bsi->bsi_e );
- return rc;
- }
+ if ( ( bsi->bsi_flags & BSQL_SF_ALL_OPER )
+ || an_find( bsi->bsi_attrs, &AllOper )
+ || an_find( bsi->bsi_attrs, &slap_schema.si_ad_structuralObjectClass->ad_cname ) )
+ {
+ if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
+ Attribute *a;
+ const char *text = NULL;
+ char textbuf[ 1024 ];
+ size_t textlen = sizeof( textbuf );
+ struct berval soc,
+ bv[ 2 ],
+ *nvals;
+ int rc = LDAP_SUCCESS;
+
+ a = attr_find( bsi->bsi_e->e_attrs,
+ slap_schema.si_ad_objectClass );
+ if ( a != NULL ) {
+ nvals = a->a_nvals;
- if ( ( bsi->bsi_flags & BSQL_SF_ALL_OPER )
- || an_find( bsi->bsi_attrs, &AllOper )
- || an_find( bsi->bsi_attrs, &slap_schema.si_ad_structuralObjectClass->ad_cname ) )
- {
- rc = attr_merge_normalize_one( bsi->bsi_e,
- slap_schema.si_ad_structuralObjectClass,
- &soc, bsi->bsi_op->o_tmpmemctx );
+ } else {
+ bv[ 0 ] = bsi->bsi_oc->bom_oc->soc_cname;
+ BER_BVZERO( &bv[ 1 ] );
+ nvals = bv;
+ }
+
+ rc = structural_class( nvals, &soc, NULL,
+ &text, textbuf, textlen );
if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_id2entry(%s): "
+ "structural_class() failed %d (%s)\n",
+ bsi->bsi_e->e_name.bv_val,
+ rc, text ? text : "" );
entry_clean( bsi->bsi_e );
return rc;
}
+
+ if ( !bvmatch( &soc, &bsi->bsi_oc->bom_oc->soc_cname ) ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_id2entry(%s): "
+ "computed structuralObjectClass %s "
+ "does not match objectClass %s associated "
+ "to entry\n",
+ bsi->bsi_e->e_name.bv_val, soc.bv_val,
+ bsi->bsi_oc->bom_oc->soc_cname.bv_val );
+ entry_clean( bsi->bsi_e );
+ return rc;
+ }
+ }
+
+ rc = attr_merge_normalize_one( bsi->bsi_e,
+ slap_schema.si_ad_structuralObjectClass,
+ &bsi->bsi_oc->bom_oc->soc_cname,
+ bsi->bsi_op->o_tmpmemctx );
+ if ( rc != LDAP_SUCCESS ) {
+ entry_clean( bsi->bsi_e );
+ return rc;
}
}
backsql_info *bi;
Debug( LDAP_DEBUG_TRACE, "==>backsql_db_init()\n", 0, 0, 0 );
- bi = (backsql_info *)ch_calloc( 1, sizeof( backsql_info ) );
+ bi = (backsql_info *)ch_malloc( sizeof( backsql_info ) );
memset( bi, '\0', sizeof( backsql_info ) );
ldap_pvt_thread_mutex_init( &bi->sql_dbconn_mutex );
ldap_pvt_thread_mutex_init( &bi->sql_schema_mutex );
/* enable if only one suffix is defined */
bi->sql_flags |= BSQLF_USE_SUBTREE_SHORTCUT;
}
+ bi->sql_flags |= BSQLF_CHECK_SCHEMA;
Debug( LDAP_DEBUG_TRACE, "<==backsql_db_open(): "
"test succeeded, schema map loaded\n", 0, 0, 0 );
goto do_transact;
}
- if ( global_schemacheck ) {
+ if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
entry_clean( &m );
goto done;
}
- if ( global_schemacheck ) {
+ if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
entry_clean( &r );
CFG_DIT,
CFG_ATTR,
CFG_ATOPT,
- CFG_CHECK,
CFG_REPLOG,
CFG_ROOTDSE,
CFG_LOGFILE,
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "saslRegexp", NULL, 3, 3, 0, ARG_MAGIC|CFG_AZREGEXP,
&config_generic, NULL, NULL, NULL },
- { "schemacheck", "on|off", 2, 2, 0, ARG_ON_OFF|ARG_MAGIC|CFG_CHECK,
- &config_generic, "( OLcfgGlAt:57 NAME 'olcSchemaCheck' "
- "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
{ "schemadn", "dn", 2, 2, 0, ARG_MAY_DB|ARG_DN|ARG_MAGIC,
&config_schema_dn, "( OLcfgGlAt:58 NAME 'olcSchemaDN' "
"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
"olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
"olcRootDSE $ olcRootPW $ "
"olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
- "olcSchemaCheck $ olcSecurity $ olcSizeLimit $ "
+ "olcSecurity $ olcSizeLimit $ "
"olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
}
break;
- case CFG_CHECK:
- c->value_int = global_schemacheck;
- break;
case CFG_ACL: {
AccessControl *a;
char *src, *dst, ibuf[11];
case CFG_RO:
case CFG_AZPOLICY:
case CFG_DEPTH:
- case CFG_CHECK:
case CFG_LASTMOD:
case CFG_SASLSECP:
case CFG_SSTR_IF_MAX:
return(1);
break;
- case CFG_CHECK:
- global_schemacheck = c->value_int;
- if(!global_schemacheck) Debug(LDAP_DEBUG_ANY, "%s: "
- "schema checking disabled! your mileage may vary!\n",
- c->log, 0, 0);
- break;
-
case CFG_ACL:
parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx);
break;
cfdir = SLAPD_DEFAULT_CONFIGDIR;
}
/* if fname is defaulted, try reading .d */
- if ( config_setup_ldif( be, cfdir, !fname ))
+ rc = config_setup_ldif( be, cfdir, !fname );
+
+ /* It's OK if the base object doesn't exist yet */
+ if ( rc && rc != LDAP_NO_SUCH_OBJECT )
return 1;
/* If we read the config from back-ldif, nothing to do here */
if(rc == LDAP_SUCCESS) {
/* check that the entry still obeys the schema */
- rc = entry_schema_check(op->o_bd, e, NULL,
- &rs->sr_text, ca->msg, sizeof(ca->msg) );
+ rc = entry_schema_check(op->o_bd, e, NULL, 0,
+ &rs->sr_text, ca->msg, sizeof(ca->msg) );
}
if ( rc == LDAP_SUCCESS ) {
/* Basic syntax checks are OK. Do the actual settings. */
SLAP_CTRL_HIDE|SLAP_CTRL_DELETE, NULL,
parseTreeDelete, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#endif
-#ifdef LDAP_CONTORL_X_SEARCH_OPTIONS
- { LDAP_CONTORL_X_SEARCH_OPTIONS,
+#ifdef LDAP_CONTROL_X_SEARCH_OPTIONS
+ { LDAP_CONTROL_X_SEARCH_OPTIONS,
(int)offsetof(struct slap_control_ids, sc_searchOptions),
SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH, NULL,
parseSearchOptions, LDAP_SLIST_ENTRY_INITIALIZER(next) },
? SLAP_CONTROL_CRITICAL
: SLAP_CONTROL_NONCRITICAL;
- if ( (void *)(ctrl->ldctl_value.bv_val[2] != 0x00)) {
+ if (ctrl->ldctl_value.bv_val[2]) {
set_subentries_visibility( op );
}
}
#endif
-#ifdef LDAP_CONTORL_X_SEARCH_OPTIONS
+#ifdef LDAP_CONTROL_X_SEARCH_OPTIONS
static int parseSearchOptions (
Operation *op,
SlapReply *rs,
{
BerElement *ber;
ber_int_t search_flags;
+ ber_tag_t tag;
if ( ctrl->ldctl_value.bv_len == 0 ) {
rs->sr_text = "searchOptions control value not empty";
int fv;
for (i=0; i<lines; i++) {
- k = i;
for ( j=i+1; j<lines; j++ ) {
if ( bvmatch( type+i, type+j )) {
/* out of order, move intervening attributes down */
- if ( j != k+1 ) {
- int l;
+ if ( j != i+1 ) {
bv = vals[j];
fv = freeval[j];
- for ( l=j; l>k; l-- ) {
- type[l] = type[l-1];
- vals[l] = vals[l-1];
- freeval[l] = freeval[l-1];
+ for ( k=j; k>i; k-- ) {
+ type[k] = type[k-1];
+ vals[k] = vals[k-1];
+ freeval[k] = freeval[k-1];
}
- type[l] = type[i];
- vals[l] = bv;
- freeval[l] = fv;
+ k++;
+ type[k] = type[i];
+ vals[k] = bv;
+ freeval[k] = fv;
}
- i = k = j;
+ i++;
}
}
}
if( op->o_tag == LDAP_REQ_ADD ) {
struct berval tmpval;
- if( global_schemacheck ) {
+ {
int rc = mods_structural_class( mods, &tmpval,
text, textbuf, textlen );
if( rc != LDAP_SUCCESS ) return rc;
OBJS = overlays.o \
@SLAPD_STATIC_OVERLAYS@
+LTONLY_MOD = $(LTONLY_mod)
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
$(LD) -r -o $@ rwm.o rwmconf.o rwmdn.o rwmmap.o
rwm.la : rwm.lo rwmconf.lo rwmdn.lo rwmmap.lo
- $(LTLINK_MOD) -module -o $@ rwm.lo rwmconf.lo rwmdn.lo rwmmap.lo version.lo $(LINK_LIBS)
+ $(LTLINK_MOD) -module -o $@ rwm.lo rwmconf.lo rwmdn.lo rwmmap.lo \
+ version.lo $(LINK_LIBS) $(LDAP_LIBLREWRITE_LA)
syncprov.la : syncprov.lo
$(LTLINK_MOD) -module -o $@ syncprov.lo version.lo $(LINK_LIBS)
.SUFFIXES: .c .o .lo
-.c.o:
- $(LTCOMPILE_LIB) $<
-
.c.lo:
$(LTCOMPILE_MOD) $<
$(LIBRARY): version.lo
- $(LTLINK_LIB) -o $@ $(OBJS) version.lo
+ $(AR) rs $@ $(OBJS)
/* just count */ ;
if ( last == 0 ) {
- /* empty? for now, we leave it in place */
+ /* empty? leave it in place because of attrsonly and vlv */
goto next_attr;
}
last--;
return SLAP_CB_CONTINUE;
fail:;
+ if ( e != NULL && e != rs->sr_entry ) {
+ if ( e->e_name.bv_val == dn.bv_val ) {
+ BER_BVZERO( &e->e_name );
+ }
+
+ if ( e->e_nname.bv_val == ndn.bv_val ) {
+ BER_BVZERO( &e->e_nname );
+ }
+
+ entry_free( e );
+ }
+
if ( !BER_BVISNULL( &dn ) ) {
ch_free( dn.bv_val );
}
ch_free( ndn.bv_val );
}
- if ( e != NULL && e != rs->sr_entry ) {
- entry_free( e );
- }
-
return rc;
}
LDAP_SLAPD_V (int) global_gentlehup;
LDAP_SLAPD_V (int) global_idletimeout;
-LDAP_SLAPD_V (int) global_schemacheck;
LDAP_SLAPD_V (char *) global_host;
LDAP_SLAPD_V (char *) global_realm;
LDAP_SLAPD_V (char **) default_passwd_hash;
}
/* supportedLDAPVersion */
- for ( i=LDAP_VERSION_MIN; i<=LDAP_VERSION_MAX; i++ ) {
+ /* don't publish version 2 as we don't really support it
+ * (even when configured to accept version 2 Bind requests)
+ * and the value would never be used by true LDAPv2 (or LDAPv3)
+ * clients.
+ */
+ for ( i=LDAP_VERSION3; i<=LDAP_VERSION_MAX; i++ ) {
char buf[BUFSIZ];
- if (!( global_allows & SLAP_ALLOW_BIND_V2 ) &&
- ( i < LDAP_VERSION3 ) )
- {
- /* version 2 and lower are disallowed */
- continue;
- }
snprintf(buf, sizeof buf, "%d", i);
val.bv_val = buf;
val.bv_len = strlen( val.bv_val );
*/
int read_root_dse_file( const char *fname )
{
- FILE *fp;
+ struct LDIFFP *fp;
int rc = 0, lineno = 0, lmax = 0;
char *buf = NULL;
- if ( (fp = fopen( fname, "r" )) == NULL ) {
+ if ( (fp = ldif_open( fname, "r" )) == NULL ) {
Debug( LDAP_DEBUG_ANY,
"could not open rootdse attr file \"%s\" - absolute path?\n",
fname, 0, 0 );
if( usr_attr == NULL ) {
Debug( LDAP_DEBUG_ANY,
"read_root_dse_file: SLAP_CALLOC failed", 0, 0, 0 );
- fclose( fp );
+ ldif_close( fp );
return LDAP_OTHER;
}
usr_attr->e_attrs = NULL;
ch_free( buf );
- fclose( fp );
+ ldif_close( fp );
Debug(LDAP_DEBUG_CONFIG, "rootDSE file %s read.\n", fname, 0, 0);
return rc;
}
}
- /* it's a REALLY bad idea to disable schema checks */
- if( !global_schemacheck ) return LDAP_SUCCESS;
-
/* find the structural object class attribute */
asc = attr_find( e->e_attrs, ad_structuralObjectClass );
if ( asc == NULL ) {
#include "slap.h"
#include "ldap_schema.h"
-int global_schemacheck = 1; /* schemacheck ON is default */
-
static void oc_usage(void);
static void at_usage(void);
ACL_WRITE,
ACL_MANAGE,
+ /* always leave at end of levels but not greater than ACL_LEVEL_MASK */
+ ACL_LAST,
+
/* ACL level mask and modifiers */
ACL_LEVEL_MASK = 0x000f,
ACL_QUALIFIER1 = 0x0100,
char o_do_not_cache; /* don't cache groups from this op */
char o_is_auth_check; /* authorization in progress */
+ char o_nocaching;
+ char o_delete_glue_parent;
+
#define SLAP_CONTROL_NONE 0
#define SLAP_CONTROL_IGNORED 1
#define SLAP_CONTROL_NONCRITICAL 2
void *o_private; /* anything the backend needs */
LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
-
- int o_nocaching;
- int o_delete_glue_parent;
-
} Operation;
#define OPERATION_BUFFER_SIZE (sizeof(Operation)+sizeof(Opheader)+SLAP_MAX_CIDS*sizeof(void *))
#include <ac/string.h>
#include "slapcommon.h"
+#include "ldif.h"
int
slapcat( int argc, char **argv )
break;
}
- fputs( data, ldiffp );
- fputs( "\n", ldiffp );
+ fputs( data, ldiffp->fp );
+ fputs( "\n", ldiffp->fp );
}
be->be_entry_close( be );
#include "slapcommon.h"
#include "lutil.h"
+#include "ldif.h"
tool_vars tool_globals;
static FILE *leakfile;
#endif
+static LDIFFP dummy;
+
static void
usage( int tool, const char *progname )
{
ldap_syslog = 0;
if ( ldiffile == NULL ) {
- ldiffp = tool == SLAPCAT ? stdout : stdin;
+ dummy.fp = tool == SLAPCAT ? stdout : stdin;
+ ldiffp = &dummy;
- } else if ((ldiffp = fopen( ldiffile, tool == SLAPCAT ? "w" : "r" ))
+ } else if ((ldiffp = ldif_open( ldiffile, tool == SLAPCAT ? "w" : "r" ))
== NULL )
{
perror( ldiffile );
int tv_dryrun;
Filter *tv_filter;
struct berval tv_sub_ndn;
- FILE *tv_ldiffp;
+ struct LDIFFP *tv_ldiffp;
struct berval tv_baseDN;
struct berval tv_authcDN;
struct berval tv_authzDN;