works in most cases ...

diff --git a/servers/slapd/back-relay/README b/servers/slapd/back-relay/README
index 36f64e9582a03aeb7237f7c65f3a08945a913587..81f152c53cfd5c602581739b48a8b427f3e86556 100644 (file)
--- a/servers/slapd/back-relay/README
+++ b/servers/slapd/back-relay/README
@@ -13,8 +13,7 @@ database.  This also causes the rewrite-remap overlay
 to be automatically instantiated.  If the optional keyword 
 "massage" is present, the rewrite-remap overlay is 
 automatically configured to map the virtual to the real 
-naming context and vice-versa; in this case, the "suffix" 
-directive must precede the "relay" directive.
+naming context and vice-versa.
 
 Otherwise, the rewrite-remap overlay must be explicitly
 instantiated, by using the "overlay" directive, as 
@@ -26,10 +25,30 @@ not bound to a single target database; on the contrary,
 the target database is selected on a per-operation basis.
 
 This allows, for instance, to relay one database for 
-authentication and anothe for search/modify, or allows
+authentication and anotheir for search/modify, or allows
 to use one target for persons and another for groups
 and so on.
 
+To summarize: the "relay" directive:
+- explicitly bounds the database to a single database 
+  holding the real naming context;
+- automatically instantiates the rewrite-remap overlay;
+- automatically configures the naming context massaging
+  if the optional "massage" keyword is added
+
+If the "relay" directive is not used, the rewrite-remap
+overlay must be explicitly instantiated and the massaging
+must be configured, either by using the "suffixmassage"
+directive, or by issuing more sophisticate rewrite 
+instructions.
+
+AttributeType/objectClass mapping must be explicitly
+required.
+
+Note that the rewrite-remap overlay is not complete nor 
+production- ready yet.
+Examples are given of all the suggested usages. 
+
 # automatically massage from virtual to real naming context
 database       relay
 suffix         "dc=virtual,dc=naming,dc=context"
@@ -38,6 +57,13 @@ relay                "dc=real,dc=naming,dc=context" massage
 # explicitly massage (same as above)
 database       relay
 suffix         "dc=virtual,dc=naming,dc=context"
+relay          "dc=real,dc=naming,dc=context"
+suffixmassage  "dc=virtual,dc=naming,dc=context" \
+                       "dc=real,dc=naming,dc=context"
+
+# explicitly massage (same as above, but dynamic backend resolution)
+database       relay
+suffix         "dc=virtual,dc=naming,dc=context"
 overlay                rewrite-remap
 suffixmassage  "dc=virtual,dc=naming,dc=context" \
                        "dc=real,dc=naming,dc=context"
@@ -46,9 +72,12 @@ suffixmassage        "dc=virtual,dc=naming,dc=context" \
 # from virtual to real naming context, but not the reverse...
 database       relay
 suffix         "dc=virtual,dc=naming,dc=context"
-overlay                rewrite-remap
-rewriteEngine  on
+relay          "dc=real,dc=naming,dc=context"
 rewriteContext default
 rewriteRule    "(.*)dc=virtual,dc=naming,dc=context$" \
                        "$1dc=real,dc=naming,dc=context"
+rewriteContext searchFilter
+rewriteContext searchResult
+rewriteContext searchResultAttrDN
+rewriteContext matchedDN
 

diff --git a/servers/slapd/back-relay/back-relay.h b/servers/slapd/back-relay/back-relay.h
index d62474ea33b17be9b3b541a718793e7be4d95633..9e447a7448ba17c6935f1036beee959f8be614c0 100644 (file)
--- a/servers/slapd/back-relay/back-relay.h
+++ b/servers/slapd/back-relay/back-relay.h
@@ -1,7 +1,7 @@
 /* back-relay.h - relay backend header file */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1999-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *

diff --git a/servers/slapd/back-relay/config.c b/servers/slapd/back-relay/config.c
index f02a85e3a74d2d44f859e904af1c24e7c3e6e2ad..ba1d3da54429f62fe1d49f340c6bc60eed29920a 100644 (file)
--- a/servers/slapd/back-relay/config.c
+++ b/servers/slapd/back-relay/config.c
@@ -1,7 +1,7 @@
 /* config.c - relay backend configuration file routine */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -66,7 +66,8 @@ relay_back_db_config(
                rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
                if ( rc != LDAP_SUCCESS ) {
                        fprintf( stderr, "%s: line %d: "
-                                       "relay dn \"%s\" is invalid\n",
+                                       "relay dn \"%s\" is invalid "
+                                       "in \"relay <dn> [massage]\" line\n",
                                        fname, lineno, argv[ 1 ] );
                        return 1;
                }
@@ -75,13 +76,15 @@ relay_back_db_config(
                if ( bd == NULL ) {
                        fprintf( stderr, "%s: line %d: "
                                        "cannot find database "
-                                       "of relay dn \"%s\"\n",
+                                       "of relay dn \"%s\" "
+                                       "in \"relay <dn> [massage]\" line\n",
                                        fname, lineno, argv[ 1 ] );
                        return 1;
 
                } else if ( bd == be ) {
                        fprintf( stderr, "%s: line %d: "
-                                       "relay dn \"%s\" would call self\n",
+                                       "relay dn \"%s\" would call self "
+                                       "in \"relay <dn> [massage]\" line\n",
                                        fname, lineno, pdn.bv_val );
                        return 1;
                }
@@ -91,24 +94,26 @@ relay_back_db_config(
                if ( overlay_config( be, "rewrite-remap" ) ) {
                        fprintf( stderr, "%s: line %d: unable to install "
                                        "rewrite-remap overlay "
-                                       "in back-relay\n",
+                                       "in back-relay "
+                                       "in \"relay <dn> [massage]\" line\n",
                                        fname, lineno );
                        return 1;
                }
 
-#if 0
-               {
+               if ( argc == 3 ) {
                        char    *cargv[ 4 ];
 
-                       cargv[ 0 ] = "overlay";
-                       cargv[ 1 ] = "rewrite-remap";
-                       cargv[ 2 ] = NULL;
-
-                       be->be_config( be, fname, lineno, 2, cargv ); 
+                       if ( strcmp( argv[2], "massage" ) != 0 ) {
+                               fprintf( stderr, "%s: line %d: "
+                                       "unknown directive \"%s\" "
+                                       "in \"relay <dn> [massage]\" line\n",
+                                       fname, lineno, argv[2] );
+                               return 1;
+                       }
 
                        cargv[ 0 ] = "suffixmassage";
                        cargv[ 1 ] = be->be_suffix[0].bv_val;
-                       cargv[ 2 ] = ri->ri_bd->be_suffix[0].bv_val;
+                       cargv[ 2 ] = pdn.bv_val;
                        cargv[ 3 ] = NULL;
 
                        if ( be->be_config( be, fname, lineno, 3, cargv ) ) {
@@ -116,18 +121,7 @@ relay_back_db_config(
                        }
                }
 
-               if ( argc == 3 ) {
-                       if ( strcmp( argv[2], "massage" ) ) {
-                               fprintf( stderr, "%s: line %d: "
-                                       "unknown directive \"%s\" "
-                                       "in \"relay <dn> [massage]\" line\n",
-                                       fname, lineno, argv[2] );
-                               return 1;
-                       }
-
-                       ri->ri_massage = 1;
-               }
-#endif
+               ch_free( pdn.bv_val );
 
        /* anything else */
        } else {

diff --git a/servers/slapd/back-relay/init.c b/servers/slapd/back-relay/init.c
index 66631c2e6029e70a461430914abeadfc9379cef7..3122858fd6dc01f384f8b65b06fe7f64b2ada9dc 100644 (file)
--- a/servers/slapd/back-relay/init.c
+++ b/servers/slapd/back-relay/init.c
@@ -1,7 +1,7 @@
 /* init.c - initialize relay backend */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -110,29 +110,10 @@ relay_back_db_open( Backend *be )
 
        if ( ri->ri_realsuffix.bv_val != NULL ) {
                ri->ri_bd = select_backend( &ri->ri_realsuffix, 0, 1 );
+               /* must be there: it was during config! */
                assert( ri->ri_bd );
        }
 
-#if 0
-       if ( ri->ri_massage ) {
-               char    *argv[ 4 ];
-
-               if ( be->be_suffix[0].bv_val == NULL ) {
-                       fprintf( stderr, "suffix must be defined to require suffix massage\n" );
-                       return 1;
-               }
-
-               argv[ 0 ] = "suffixmassage";
-               argv[ 1 ] = be->be_suffix[0].bv_val;
-               argv[ 2 ] = ri->ri_bd->be_suffix[0].bv_val;
-               argv[ 3 ] = NULL;
-
-               if ( be->be_config( be, "back-relay", 1, 3, argv ) ) {
-                       return 1;
-               }
-       }
-#endif
-
        return 0;
 }
 
@@ -148,8 +129,12 @@ relay_back_db_destroy( Backend *be )
        relay_back_info         *ri = (relay_back_info *)be->be_private;
 
        if ( ri ) {
+               if ( ri->ri_realsuffix.bv_val ) {
+                       ch_free( ri->ri_realsuffix.bv_val );
+               }
                ch_free( ri );
        }
 
        return 0;
 }
+

diff --git a/servers/slapd/back-relay/op.c b/servers/slapd/back-relay/op.c
index 868c3810331097093132f7e63c69f1ea5b1b7d36..d2137d339cfcfc73522d01276d5058102ac23e83 100644 (file)
--- a/servers/slapd/back-relay/op.c
+++ b/servers/slapd/back-relay/op.c
@@ -1,7 +1,7 @@
 /* op.c - relay backend operations */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -37,6 +37,16 @@ relay_back_swap_bd( struct slap_op *op, struct slap_rep *rs )
        return SLAP_CB_CONTINUE;
 }
 
+static void
+relay_back_add_cb( slap_callback *cb, struct slap_op *op )
+{
+               cb->sc_next = op->o_callback;
+               cb->sc_response = relay_back_swap_bd;
+               cb->sc_cleanup = relay_back_swap_bd;
+               cb->sc_private = op->o_bd;
+               op->o_callback = cb;
+}
+
 static BackendDB *
 relay_back_select_backend( struct slap_op *op, struct slap_rep *rs, int err )
 {
@@ -95,11 +105,16 @@ relay_back_op_bind( struct slap_op *op, struct slap_rep *rs )
 
        if ( bd->be_bind ) {
                BackendDB       *be = op->o_bd;
+               slap_callback   cb;
+
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_bind )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -125,15 +140,13 @@ relay_back_op_unbind( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_unbind )( op, rs );
                op->o_bd = be;
+
+               op->o_callback = op->o_callback->sc_next;
        }
 
        return 0;
@@ -155,16 +168,14 @@ relay_back_op_search( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_search )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -190,16 +201,14 @@ relay_back_op_compare( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_compare )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -225,16 +234,14 @@ relay_back_op_modify( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_modify )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -260,16 +267,14 @@ relay_back_op_modrdn( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_modrdn )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -295,16 +300,14 @@ relay_back_op_add( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_add )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -330,15 +333,13 @@ relay_back_op_delete( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_delete )( op, rs );
                op->o_bd = be;
+
+               op->o_callback = op->o_callback->sc_next;
        }
 
        return rc;
@@ -360,16 +361,14 @@ relay_back_op_abandon( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_abandon )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -395,16 +394,14 @@ relay_back_op_cancel( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_cancel )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -430,16 +427,14 @@ relay_back_op_extended( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_extended )( op, rs );
                op->o_bd = be;
 
+               op->o_callback = op->o_callback->sc_next;
+
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "operation not supported "
@@ -520,15 +515,13 @@ relay_back_chk_referrals( struct slap_op *op, struct slap_rep *rs )
                BackendDB       *be = op->o_bd;
                slap_callback   cb;
 
-               cb.sc_next = op->o_callback;
-               cb.sc_response = relay_back_swap_bd;
-               cb.sc_cleanup = relay_back_swap_bd;
-               cb.sc_private = op->o_bd;
-               op->o_callback = &cb;
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_chk_referrals )( op, rs );
                op->o_bd = be;
+
+               op->o_callback = op->o_callback->sc_next;
        }
 
        return rc;
@@ -553,10 +546,15 @@ relay_back_operational( struct slap_op *op, struct slap_rep *rs,
 
        if ( bd->be_operational ) {
                BackendDB       *be = op->o_bd;
+               slap_callback   cb;
+
+               relay_back_add_cb( &cb, op );
 
                op->o_bd = bd;
                rc = ( bd->be_operational )( op, rs, opattrs, ap );
                op->o_bd = be;
+
+               op->o_callback = op->o_callback->sc_next;
        }
 
        return rc;

diff --git a/servers/slapd/back-relay/proto-back-relay.h b/servers/slapd/back-relay/proto-back-relay.h
index 3fd023e12be818db1c94ea8ac7d4aed5958528e4..afaba21bf147cf80625425bd3d5896fb3328ee3c 100644 (file)
--- a/servers/slapd/back-relay/proto-back-relay.h
+++ b/servers/slapd/back-relay/proto-back-relay.h
@@ -1,6 +1,6 @@
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2001-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *