add server side controls to back-ldap and back-meta

diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c
index c12a313e8bd78d5ccbbdc07808f9cdb665c4885b..db1382042767276542b0a494b20eb69a4967c672 100644 (file)
--- a/servers/slapd/back-ldap/add.c
+++ b/servers/slapd/back-ldap/add.c
@@ -134,6 +134,10 @@ ldap_back_add(
                }
 #endif
                
+               if ( a->a_desc->ad_type->sat_no_user_mod  ) {
+                       continue;
+               }
+
                ldap_back_map(&li->at_map, &a->a_desc->ad_cname, &mapped, 0);
                if (mapped.bv_val == NULL) {
                        continue;

diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index 92d5856fa1ff00c248a15e707f036e3d4ad69d10..760b152c96427efe42ff35bf35543e4c39433dc1 100644 (file)
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -74,6 +74,10 @@ ldap_back_bind(
                return( -1 );
        }
 
+       if ( op->o_ctrls ) {
+               ldap_set_option( lc->ld, LDAP_OPT_SERVER_CONTROLS, op->o_ctrls );
+       }
+       
        /*
         * Rewrite the bind dn if needed
         */
@@ -350,15 +354,20 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op)
  * it can be used to simplify the check.
  */
 int
-ldap_back_dobind(struct ldapconn *lc, Operation *op)
+ldap_back_dobind( struct ldapconn *lc, Operation *op )
 {
-       if (lc->bound) {
+       if ( lc->bound ) {
                return( lc->bound );
        }
 
-       if (ldap_bind_s(lc->ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE) !=
-               LDAP_SUCCESS) {
-               ldap_back_op_result(lc, op);
+       if ( op->o_ctrls ) {
+               ldap_set_option( lc->ld, LDAP_OPT_SERVER_CONTROLS,
+                               op->o_ctrls );
+       }
+       
+       if ( ldap_bind_s( lc->ld, lc->bound_dn.bv_val, lc->cred.bv_val, 
+                               LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) {
+               ldap_back_op_result( lc, op );
                return( 0 );
        } /* else */
        return( lc->bound = 1 );

diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c
index 2b4a1c81f93f08626acf720d46e3228b2c09b530..6cc3078363d59777a8dc757bf4b5911a8720fe70 100644 (file)
--- a/servers/slapd/back-ldap/init.c
+++ b/servers/slapd/back-ldap/init.c
@@ -64,6 +64,8 @@ ldap_back_initialize(
     BackendInfo        *bi
 )
 {
+       bi->bi_controls = slap_known_controls;
+
        bi->bi_open = 0;
        bi->bi_config = 0;
        bi->bi_close = 0;

diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c
index 0bbb52e867201712336622da03e14e83028d760d..bea4dcbcd7506dad6d97c44963fd0492a01e4e91 100644 (file)
--- a/servers/slapd/back-ldap/modify.c
+++ b/servers/slapd/back-ldap/modify.c
@@ -114,6 +114,10 @@ ldap_back_modify(
        }
 
        for (i=0, ml=modlist; ml; ml=ml->sml_next) {
+               if ( ml->sml_desc->ad_type->sat_no_user_mod  ) {
+                       continue;
+               }
+
                ldap_back_map(&li->at_map, &ml->sml_desc->ad_cname, &mapped, 0);
                if (mapped.bv_val == NULL) {
                        continue;

diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c
index c2e278d5c7da2d4da400cff694e41c624be0e41f..a80de47198fda54e65b57ed200fcbe6c1473ef70 100644 (file)
--- a/servers/slapd/back-ldap/search.c
+++ b/servers/slapd/back-ldap/search.c
@@ -137,7 +137,14 @@ ldap_back_search(
                ldap_set_option( lc->ld, LDAP_OPT_TIMELIMIT, (void *)&tlimit);
        if (slimit != -1)
                ldap_set_option( lc->ld, LDAP_OPT_SIZELIMIT, (void *)&slimit);
-       
+
+
+       /*
+        * controls are set in ldap_back_dobind()
+        * 
+        * FIXME: in case of values return filter, we might want
+        * to map attrs and maybe rewrite value
+        */
        if ( !ldap_back_dobind( lc, op ) ) {
                return( -1 );
        }
@@ -455,12 +462,18 @@ ldap_send_entry(
                        continue;
                }
                
-               if (ber_scanf( &ber, "[W]", &attr->a_vals ) == LBER_ERROR ) {
+               if ( ber_scanf( &ber, "[W]", &attr->a_vals ) == LBER_ERROR
+                               || attr->a_vals == NULL ) {
+                       /*
+                        * Note: attr->a_vals can be null when using
+                        * values result filter
+                        */
                        attr->a_vals = &dummy;
+
                } else if ( attr->a_desc == slap_schema.si_ad_objectClass
                                || attr->a_desc == slap_schema.si_ad_structuralObjectClass ) {
                        int i, last;
-                       assert( attr->a_vals );
+
                        for ( last = 0; attr->a_vals[last].bv_val; last++ ) ;
                        for ( i = 0, bv = attr->a_vals; bv->bv_val; bv++, i++ ) {
                                ldap_back_map(&li->oc_map, bv, &mapped, 1);
@@ -497,7 +510,6 @@ ldap_send_entry(
                } else if ( strcmp( attr->a_desc->ad_type->sat_syntax->ssyn_oid,
                                        SLAPD_DN_SYNTAX ) == 0 ) {
                        int i;
-                       assert( attr->a_vals );
                        for ( i = 0, bv = attr->a_vals; bv->bv_val; bv++, i++ ) {
                                struct berval newval;
                                

diff --git a/servers/slapd/back-meta/add.c b/servers/slapd/back-meta/add.c
index 58555bbdfebd9b9e4d246ef7ebf6edf7d9f8cd4a..e0d52e1173816311c022a1b4b48b49cde1c3f008 100644 (file)
--- a/servers/slapd/back-meta/add.c
+++ b/servers/slapd/back-meta/add.c
@@ -148,25 +148,11 @@ meta_back_add(
 
        for ( i = 0, a = e->e_attrs; a; a = a->a_next ) {
                int j;
-               /*
-                * lastmod should always be <off>, so that
-                * creation/modification operational attrs
-                * of the target directory are used, if available
-                */
-#if 0
-               if ( !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_creatorsName->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_createTimestamp->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_modifiersName->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_modifyTimestamp->ad_cname.bv_val )
-               ) {
+
+               if ( a->a_desc->ad_type->sat_no_user_mod  ) {
                        continue;
                }
-#endif
-               
+
                ldap_back_map( &li->targets[ candidate ]->at_map,
                                &a->a_desc->ad_cname, &mapped, 0);
                if ( mapped.bv_val == NULL ) {

diff --git a/servers/slapd/back-meta/back-meta.h b/servers/slapd/back-meta/back-meta.h
index 3bf9285cf00186f78a03b1dc1c013355694f5703..f14345a208268af751a6fb7b54f03a648f654aca 100644 (file)
--- a/servers/slapd/back-meta/back-meta.h
+++ b/servers/slapd/back-meta/back-meta.h
@@ -151,18 +151,6 @@ struct metainfo {
        Avlnode                 *conntree;
 };
 
-extern int
-meta_back_do_single_bind(
-               struct metainfo         *li,
-               struct metaconn         *lc,
-               struct berval           *dn,
-               struct berval           *ndn,
-               struct berval           *cred,
-               int                     method,
-               int                     candidate
-);
-
-
 #define META_OP_ALLOW_MULTIPLE         0x00
 #define META_OP_REQUIRE_SINGLE         0x01
 #define META_OP_REQUIRE_ALL            0x02

diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 8735d3e0946d836bcfdc21edc2d7d4c95f3d0a53..b3c3f809a89094ab9f35cb4037cb549a33f59938 100644 (file)
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -77,6 +77,18 @@
 #include "../back-ldap/back-ldap.h"
 #include "back-meta.h"
 
+static int
+meta_back_do_single_bind(
+               struct metainfo         *li,
+               struct metaconn         *lc,
+               Operation               *op,
+               struct berval           *dn,
+               struct berval           *ndn,
+               struct berval           *cred,
+               int                     method,
+               int                     candidate
+);
+
 int
 meta_back_bind(
                Backend         *be,
@@ -177,7 +189,7 @@ meta_back_bind(
                        realmethod = method;
                }
                
-               lerr = meta_back_do_single_bind( li, lc,
+               lerr = meta_back_do_single_bind( li, lc, op,
                                realdn, realndn, realcred, realmethod, i );
                if ( lerr != LDAP_SUCCESS ) {
                        err = lerr;
@@ -223,10 +235,11 @@ meta_back_bind(
  *
  * attempts to perform a bind with creds
  */
-int
+static int
 meta_back_do_single_bind(
                struct metainfo         *li,
                struct metaconn         *lc,
+               Operation               *op,
                struct berval           *dn,
                struct berval           *ndn,
                struct berval           *cred,
@@ -263,6 +276,11 @@ meta_back_do_single_bind(
                return LDAP_OTHER;
        }
 
+       if ( op->o_ctrls ) {
+               ldap_set_option( lc->conns[ candidate ].ld, 
+                               LDAP_OPT_SERVER_CONTROLS, op->o_ctrls );
+       }
+       
        rc = ldap_bind_s( lc->conns[ candidate ].ld, mdn.bv_val, cred->bv_val, method );
        if ( rc != LDAP_SUCCESS ) {
                rc = ldap_back_map_result( rc );
@@ -329,6 +347,12 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
                        lsc->bound_dn.bv_val = NULL;
                        lsc->bound_dn.bv_len = 0;
                }
+               
+               if ( op->o_ctrls ) {
+                       ldap_set_option( lsc->ld, LDAP_OPT_SERVER_CONTROLS,
+                                       op->o_ctrls );
+               }
+       
                rc = ldap_bind_s( lsc->ld, 0, NULL, LDAP_AUTH_SIMPLE );
                if ( rc != LDAP_SUCCESS ) {
                        

diff --git a/servers/slapd/back-meta/init.c b/servers/slapd/back-meta/init.c
index 3ca62e4d52f1ce1bb8264c7d4f28ce535db4a980..eae98ba6aa90842217fceda899fca19004af8ce2 100644 (file)
--- a/servers/slapd/back-meta/init.c
+++ b/servers/slapd/back-meta/init.c
@@ -95,6 +95,8 @@ meta_back_initialize(
                BackendInfo     *bi
 )
 {
+       bi->bi_controls = slap_known_controls;
+
        bi->bi_open = 0;
        bi->bi_config = 0;
        bi->bi_close = 0;

diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c
index 45429332c4bb8f233f0321d201b305607b3c0d14..b6890382c87a809c5504ec730c7b025978d9d02b 100644 (file)
--- a/servers/slapd/back-meta/modify.c
+++ b/servers/slapd/back-meta/modify.c
@@ -152,21 +152,10 @@ meta_back_modify(
 
        for ( i = 0, ml = modlist; ml; ml = ml->sml_next ) {
                int j;
-               /*
-                * lastmod should always be <off>
-                */
-#if 0
-               if ( !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_creatorsName->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_createTimestamp->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_modifiersName->ad_cname.bv_val )
-                       || !strcasecmp( a->a_desc->ad_cname.bv_val,
-                       slap_schema.si_ad_modifyTimestamp->ad_cname.bv_val ) ) {
+
+               if ( ml->sml_desc->ad_type->sat_no_user_mod  ) {
                        continue;
                }
-#endif
 
                ldap_back_map( &li->targets[ candidate ]->at_map,
                                &ml->sml_desc->ad_cname, &mapped, 0 );

diff --git a/servers/slapd/init.c b/servers/slapd/init.c
index d091c4fe07a25feb96b0761398b31bfa23549a98..90f66152ea85758efc344eaf96c4d0394d7d3259 100644 (file)
--- a/servers/slapd/init.c
+++ b/servers/slapd/init.c
@@ -71,6 +71,65 @@ ldap_pvt_thread_mutex_t      replog_mutex;
 static const char* slap_name = NULL;
 int slapMode = SLAP_UNDEFINED_MODE;
 
+/*
+ * all known control OIDs should be added to this list
+ */
+char *slap_known_controls[] = {
+#ifdef LDAP_CONTROL_REFERRALS
+       LDAP_CONTROL_REFERRALS,
+#endif /* LDAP_CONTROL_REFERRALS */
+
+#ifdef LDAP_CONTROL_MANAGEDSAIT
+       LDAP_CONTROL_MANAGEDSAIT,
+#endif /* LDAP_CONTROL_MANAGEDSAIT */
+
+#ifdef LDAP_CONTROL_SUBENTRIES
+       LDAP_CONTROL_SUBENTRIES,
+#endif /* LDAP_CONTROL_SUBENTRIES */
+
+#ifdef LDAP_CONTROL_NOOP
+       LDAP_CONTROL_NOOP,
+#endif /* LDAP_CONTROL_NOOP */
+
+#ifdef LDAP_CONTROL_DUPENT_REQUEST
+       LDAP_CONTROL_DUPENT_REQUEST,
+#endif /* LDAP_CONTROL_DUPENT_REQUEST */
+
+#ifdef LDAP_CONTROL_DUPENT_RESPONSE
+       LDAP_CONTROL_DUPENT_RESPONSE,
+#endif /* LDAP_CONTROL_DUPENT_RESPONSE */
+
+#ifdef LDAP_CONTROL_DUPENT_ENTRY
+       LDAP_CONTROL_DUPENT_ENTRY,
+#endif /* LDAP_CONTROL_DUPENT_ENTRY */
+
+#ifdef LDAP_CONTROL_PAGEDRESULTS
+       LDAP_CONTROL_PAGEDRESULTS,
+#endif /* LDAP_CONTROL_PAGEDRESULTS */
+
+#ifdef LDAP_CONTROL_SORTREQUEST
+       LDAP_CONTROL_SORTREQUEST,
+#endif /* LDAP_CONTROL_SORTREQUEST */
+
+#ifdef LDAP_CONTROL_SORTRESPONSE
+       LDAP_CONTROL_SORTRESPONSE,
+#endif /* LDAP_CONTROL_SORTRESPONSE */
+
+#ifdef LDAP_CONTROL_VLVREQUEST
+       LDAP_CONTROL_VLVREQUEST,
+#endif /* LDAP_CONTROL_VLVREQUEST */
+
+#ifdef LDAP_CONTROL_VLVRESPONSE
+       LDAP_CONTROL_VLVRESPONSE,
+#endif /* LDAP_CONTROL_VLVRESPONSE */
+
+#ifdef LDAP_CONTROL_VALUESRETURNFILTER
+       LDAP_CONTROL_VALUESRETURNFILTER,
+#endif /* LDAP_CONTROL_VALUESRETURNFILTER */
+
+       NULL
+};
+
 int
 slap_init( int mode, const char *name )
 {

diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index a3bde2cedc39270bedcdad24259878f310fe24eb..f51f24a18bad32b0c92e8c2f2bdad10d832ba5af 100644 (file)
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -500,6 +500,8 @@ LDAP_SLAPD_F (int)  slap_startup LDAP_P(( Backend *be ));
 LDAP_SLAPD_F (int)     slap_shutdown LDAP_P(( Backend *be ));
 LDAP_SLAPD_F (int)     slap_destroy LDAP_P((void));
 
+LDAP_SLAPD_V (char *)  slap_known_controls[];
+
 /*
  * kerberos.c
  */