From: Kurt Zeilenga Date: Tue, 4 Jul 2000 19:58:12 +0000 (+0000) Subject: Import from devel X-Git-Tag: OPENLDAP_REL_ENG_2_0_BETA~14 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=0dbee3f688c9f283274cd65e534bb1bbffb15789;p=openldap Import from devel --- diff --git a/INSTALL b/INSTALL index 77fe82016a..6aafa69e41 100644 --- a/INSTALL +++ b/INSTALL @@ -151,12 +151,12 @@ information about how to use "configure", please read: USING ENVIRONMENT VARIABLES -The configure script will also use your environmental -variables for determining compiler/linker options. This can -be used to manual specify features and compilation options. +The configure script will also use environmental variables for +determining compiler/linker options. This can be used to manually +specify features and compilation options. -WARNING: Executable built in your environment may not run - in your user's environments. The portability of +WARNING: Executables built in your environment may not run + in your users' environments. The portability of executables between environments is your responsibility. Supported Environmental Variables diff --git a/acconfig.h b/acconfig.h index cd6ad29d45..e7581bed8a 100644 --- a/acconfig.h +++ b/acconfig.h @@ -13,11 +13,6 @@ /* end of preamble */ -#if !defined(SLAPD_SCHEMA_COMPAT) && !defined(SLAPD_SCHEMA_NOT_COMPAT) - /* define SLAPD_SCHEMA_COMPAT if you want old schema codes */ -#define SLAPD_SCHEMA_NOT_COMPAT 1 -#endif - @TOP@ /* define this if needed to get reentrant functions */ @@ -83,9 +78,9 @@ # define WIN32_LEAN_AND_MEAN 1 #endif -#ifndef __NEED_PROTOTYPES +#ifndef LDAP_NEEDS_PROTOTYPES /* force LDAP_P to always include prototypes */ -#define __NEED_PROTOTYPES 1 +#define LDAP_NEEDS_PROTOTYPES 1 #endif #ifdef HAVE_STDDEF_H diff --git a/build/main.dsw b/build/main.dsw index bc84913c00..a4e264b84d 100644 --- a/build/main.dsw +++ b/build/main.dsw @@ -273,30 +273,6 @@ Package=<4> ############################################################################### -Project: "ldif"=..\servers\slapd\tools\ldif.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name liblber - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldif - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldap - End Project Dependency - Begin Project Dependency - Project_Dep_Name liblutil - End Project Dependency -}}} - -############################################################################### - Project: "libavl"=..\libraries\libavl\libavl.dsp - Package Owner=<4> Package=<5> diff --git a/build/top.mk b/build/top.mk index 98cbf1aadb..1dc03e30c8 100644 --- a/build/top.mk +++ b/build/top.mk @@ -135,7 +135,6 @@ MODULES_LIBS = @MODULES_LIBS@ TERMCAP_LIBS = @TERMCAP_LIBS@ LINK_BINS_DYNAMIC = @LINK_BINS_DYNAMIC@ -QUIPU_LIBS = @QUIPU_LIBS@ SLAPD_LIBS = @SLAPD_LIBS@ SLURPD_LIBS = @SLURPD_LIBS@ diff --git a/clients/fax500/rp500.c b/clients/fax500/rp500.c index e957483a80..9ac3b3f8ff 100644 --- a/clients/fax500/rp500.c +++ b/clients/fax500/rp500.c @@ -30,7 +30,6 @@ #include #endif -#include #include #include "fax500.h" diff --git a/clients/tools/Makefile.in b/clients/tools/Makefile.in index ed54b4de99..d86b751312 100644 --- a/clients/tools/Makefile.in +++ b/clients/tools/Makefile.in @@ -8,7 +8,7 @@ OBJS = ldapsearch.o ldapmodify.o ldapdelete.o ldapmodrdn.o ldappasswd.o LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries -NT_DYN_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_DEFS) XLIBS = -llutil -lldif -lldap -llber diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index ff1675528c..14fb945969 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -16,7 +16,6 @@ #include #include -#include #include static char *binddn = NULL; @@ -36,11 +35,12 @@ static int not, verbose, contoper; static LDAP *ld; static int dodelete LDAP_P(( - LDAP *ld, - char *dn)); + LDAP *ld, + const char *dn)); -static int deletechildren LDAP_P(( LDAP *ld, - char *dn )); +static int deletechildren LDAP_P(( + LDAP *ld, + const char *dn )); static void usage( const char *s ) @@ -52,6 +52,7 @@ usage( const char *s ) " or from the file specified with \"-f file\".\n" "options:\n" " -c\t\tcontinuous operation mode (do not stop on errors)\n" +" -C\t\tchase referrals\n" " -d level\tset LDAP debugging level to `level'\n" " -D binddn\tbind DN\n" " -E\t\trequest SASL privacy (-EE to make it critical)\n" @@ -64,7 +65,7 @@ usage( const char *s ) " -M\t\tenable Manage DSA IT control (-MM to make it critical)\n" " -n\t\tshow what would be done but don't actually delete\n" " -p port\t\tport on LDAP server\n" -" -P version\tprocotol version (2 or 3)\n" +" -P version\tprocotol version (default: 3)\n" " -r\t\tdelete recursively\n" " -U user\t\tSASL authentication identity (username)\n" " -v\t\trun in verbose mode (diagnostics to standard output)\n" @@ -72,7 +73,7 @@ usage( const char *s ) " -W\t\tprompt for bind passwd\n" " -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" " -Y mech\t\tSASL mechanism\n" -" -Z\t\trequest the use of TLS (-ZZ to make it critical)\n" +" -Z\t\tissue Start TLS request (-ZZ to require successful response)\n" , s ); exit( EXIT_FAILURE ); @@ -84,14 +85,14 @@ main( int argc, char **argv ) { char buf[ 4096 ]; FILE *fp; - int i, rc, authmethod, want_bindpw, version, debug, manageDSAit; + int i, rc, authmethod, referrals, want_bindpw, version, debug, manageDSAit; - not = verbose = contoper = want_bindpw = debug = manageDSAit = 0; + not = verbose = contoper = want_bindpw = debug = manageDSAit = referrals = 0; fp = NULL; authmethod = LDAP_AUTH_SIMPLE; version = -1; - while (( i = getopt( argc, argv, "cD:d:Ef:h:IKkMnP:p:rU:vWw:X:Y:Z" )) != EOF ) { + while (( i = getopt( argc, argv, "cCD:d:Ef:h:IKMnP:p:rU:vWw:X:Y:Z" )) != EOF ) { switch( i ) { case 'k': /* kerberos bind */ #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND @@ -112,6 +113,9 @@ main( int argc, char **argv ) case 'c': /* continuous operation mode */ ++contoper; break; + case 'C': + referrals++; + break; case 'h': /* ldap host */ ldaphost = strdup( optarg ); break; @@ -291,35 +295,48 @@ main( int argc, char **argv ) #endif if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) { - perror( "ldap_init" ); - return( EXIT_FAILURE ); + perror( "ldap_init" ); + return( EXIT_FAILURE ); } { - /* this seems prudent */ + /* this seems prudent for searches below */ int deref = LDAP_DEREF_NEVER; ldap_set_option( ld, LDAP_OPT_DEREF, &deref ); } - /* don't chase referrals */ - ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); + /* chase referrals */ + if( ldap_set_option( ld, LDAP_OPT_REFERRALS, + referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) + { + fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", + referrals ? "on" : "off" ); + return EXIT_FAILURE; + } + + if (version == -1 ) { + version = 3; + } - if (version != -1 && - ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) + if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) + != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); + fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", + version ); + return EXIT_FAILURE; } if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { if ( use_tls > 1 ) { ldap_perror( ld, "ldap_start_tls" ); - return( EXIT_FAILURE ); + return EXIT_FAILURE; } + fprintf( stderr, "WARNING: could not start TLS\n" ); } if (want_bindpw) { passwd.bv_val = getpassphrase("Enter LDAP Password: "); - passwd.bv_len = strlen( passwd.bv_val ); + passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; } if ( authmethod == LDAP_AUTH_SASL ) { @@ -386,7 +403,8 @@ main( int argc, char **argv ) err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls ); if( err != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set Manage DSA IT Control\n" ); + fprintf( stderr, "Could not set ManageDSAit %scontrol\n", + c.ldctl_iscritical ? "critical " : "" ); if( c.ldctl_iscritical ) { exit( EXIT_FAILURE ); } @@ -415,83 +433,141 @@ main( int argc, char **argv ) static int dodelete( LDAP *ld, - char *dn) + const char *dn) { - int rc; + int id; + int rc, code; + char *matcheddn = NULL, *text = NULL, **refs = NULL; + LDAPMessage *res; + + if ( verbose ) { + printf( "%sdeleting entry \"%s\"\n", + (not ? "!" : ""), dn ); + } - if ( verbose ) { - printf( "%sdeleting entry \"%s\"\n", - (not ? "!" : ""), dn ); - } - if ( not ) { - rc = LDAP_SUCCESS; - } else { - /* If prune is on, remove a whole subtree. Delete the children of the - * DN recursively, then the DN requested. - */ - if ( prune ) deletechildren( ld, dn ); - if (( rc = ldap_delete_s( ld, dn )) != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_delete" ); - } else if ( verbose ) { - printf( "\tremoved\n" ); + if ( not ) { + return LDAP_SUCCESS; } - } - return( rc ); + /* If prune is on, remove a whole subtree. Delete the children of the + * DN recursively, then the DN requested. + */ + if ( prune ) deletechildren( ld, dn ); + + rc = ldap_delete_ext( ld, dn, NULL, NULL, &id ); + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_delete_ext" ); + return rc; + } + + rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ); + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_result" ); + return rc; + } + + rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, NULL, 1 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_parse_result" ); + return rc; + } + + if( verbose || code != LDAP_SUCCESS || matcheddn || text || refs ) { + printf( "Result: %s (%d)\n", ldap_err2string( code ), code ); + + if( text && *text ) { + printf( "Additional info: %s\n", text ); + } + + if( matcheddn && *matcheddn ) { + printf( "Matched DN: %s\n", matcheddn ); + } + + if( refs ) { + int i; + for( i=0; refs[i]; i++ ) { + printf("Referral: %s\n", refs[i] ); + } + } + } + + ber_memfree( text ); + ber_memfree( matcheddn ); + ber_memvfree( refs ); + + return code; } /* * Delete all the children of an entry recursively until leaf nodes are reached. * */ -static int deletechildren( LDAP *ld, - char *dn ) +static int deletechildren( + LDAP *ld, + const char *dn ) { - LDAPMessage *res, *e; - int entries; - int rc; - int timeout = 30 * 10000; - - ldap_set_option( ld, LDAP_OPT_TIMEOUT, &timeout ); - if ( verbose ) printf ( "deleting children of: %s\n", dn ); - /* - * Do a one level search at dn for children. For each, delete its children. - */ - if ( ldap_search_s( ld, dn, LDAP_SCOPE_ONELEVEL, NULL, NULL, 0, &res ) == -1 ) - { - ldap_perror( ld, "ldap_search" ); - ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc ); - return( rc ); - } + LDAPMessage *res, *e; + int entries; + int rc; + static char *attrs[] = { "1.1", NULL }; + + if ( verbose ) printf ( "deleting children of: %s\n", dn ); + /* + * Do a one level search at dn for children. For each, delete its children. + */ + + rc = ldap_search_ext_s( ld, dn, LDAP_SCOPE_ONELEVEL, NULL, attrs, 1, + NULL, NULL, NULL, -1, &res ); + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_search" ); + return( rc ); + } - entries = ldap_count_entries( ld, res ); - if ( entries > 0 ) - { - int i; - - for (e = ldap_first_entry( ld, res ), i = 0; e != NULL; - e = ldap_next_entry( ld, e ), i++ ) - { - if ( (rc = deletechildren( ld, ldap_get_dn( ld, e) )) == -1 ) - { - ldap_perror( ld, "ldap_prune" ); - return rc; - } - if ( verbose ) - { - printf( "\tremoving %s\n", ldap_get_dn( ld, e ) ); - } - if ( ( rc = ldap_delete_s( ld, ldap_get_dn( ld, e ) ) ) == -1 ) - { - ldap_perror( ld, "ldap_delete" ); - return rc; - } - else if ( verbose ) - { - printf( "\t%s removed\n", ldap_get_dn( ld, e ) ); - } - } - } - ldap_msgfree( res ); - return rc; + entries = ldap_count_entries( ld, res ); + + if ( entries > 0 ) { + int i; + + for (e = ldap_first_entry( ld, res ), i = 0; e != NULL; + e = ldap_next_entry( ld, e ), i++ ) + { + char *dn = ldap_get_dn( ld, e ); + + if( dn == NULL ) { + ldap_perror( ld, "ldap_prune" ); + ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc ); + ber_memfree( dn ); + return rc; + } + + rc = deletechildren( ld, dn ); + if ( rc == -1 ) { + ldap_perror( ld, "ldap_prune" ); + ber_memfree( dn ); + return rc; + } + + if ( verbose ) { + printf( "\tremoving %s\n", dn ); + } + + rc = ldap_delete_s( ld, dn ); + if ( rc == -1 ) { + ldap_perror( ld, "ldap_delete" ); + ber_memfree( dn ); + return rc; + + } + + if ( verbose ) { + printf( "\t%s removed\n", dn ); + } + + ber_memfree( dn ); + } + } + + ldap_msgfree( res ); + return rc; } diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index 5789f3dd2d..18385bffb7 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -27,7 +27,6 @@ #include #endif -#include #include #include "ldif.h" @@ -46,7 +45,7 @@ static int sasl_integrity = 0; static int sasl_privacy = 0; #endif static int use_tls = 0; -static int new, replace, not, verbose, contoper, force, valsfromfiles; +static int ldapadd, replace, not, verbose, contoper, force; static LDAP *ld; #define LDAPMOD_MAXLINE 4096 @@ -72,14 +71,22 @@ static LDAP *ld; static void usage LDAP_P(( const char *prog )) LDAP_GCCATTR((noreturn)); -static int process_ldapmod_rec LDAP_P(( char *rbuf )); static int process_ldif_rec LDAP_P(( char *rbuf, int count )); -static void addmodifyop LDAP_P(( LDAPMod ***pmodsp, int modop, char *attr, - char *value, int vlen )); -static int domodify LDAP_P(( char *dn, LDAPMod **pmods, int newentry )); -static int dodelete LDAP_P(( char *dn )); -static int domodrdn LDAP_P(( char *dn, char *newrdn, int deleteoldrdn )); -static int fromfile LDAP_P(( char *path, struct berval *bv )); +static void addmodifyop LDAP_P(( + LDAPMod ***pmodsp, int modop, + const char *attr, + struct berval *value )); +static int domodify LDAP_P(( + const char *dn, + LDAPMod **pmods, + int newentry )); +static int dodelete LDAP_P(( + const char *dn )); +static int dorename LDAP_P(( + const char *dn, + const char *newrdn, + const char *newsup, + int deleteoldrdn )); static char *read_one_record LDAP_P(( FILE *fp )); static void @@ -94,6 +101,7 @@ usage( const char *prog ) " -a\t\tadd values (default%s)\n" " -b\t\tread values from files (for binary attributes)\n" " -c\t\tcontinuous operation\n" +" -C\t\tchase referrals\n" " -d level\tset LDAP debugging level to `level'\n" " -D dn\t\tbind DN\n" " -E\t\trequest SASL privacy (-EE to make it critical)\n" @@ -105,7 +113,7 @@ usage( const char *prog ) " -k\t\tuse Kerberos authentication\n" " -K\t\tlike -k, but do only step 1 of the Kerberos bind\n" " -M\t\tenable Manage DSA IT control (-MM to make it critical)\n" -" -n\t\tprint adds, don't actually do them\n" +" -n\t\tprint changes, don't actually do them\n" " -p port\t\tport on LDAP server\n" " -r\t\treplace values\n" " -U user\t\tSASL authentication identity (username)\n" @@ -113,7 +121,7 @@ usage( const char *prog ) " -w passwd\tbind password (for Simple authentication)\n" " -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" " -Y mech\t\tSASL mechanism\n" -" -Z\t\trequest the use of TLS (-ZZ to make it critical)\n" +" -Z\t\tissue Start TLS request (-ZZ to require successful response)\n" , prog, (strcmp( prog, "ldapadd" ) ? " is to replace" : "") ); exit( EXIT_FAILURE ); } @@ -122,9 +130,9 @@ usage( const char *prog ) int main( int argc, char **argv ) { - char *infile, *rbuf, *start, *p, *q; + char *infile, *rbuf, *start; FILE *fp; - int rc, i, use_ldif, authmethod, version, want_bindpw, debug, manageDSAit; + int rc, i, authmethod, version, want_bindpw, debug, manageDSAit, referrals; int count; if (( prog = strrchr( argv[ 0 ], *LDAP_DIRSEP )) == NULL ) { @@ -134,27 +142,26 @@ main( int argc, char **argv ) } /* Print usage when no parameters */ - if( argc < 2 ) - usage( prog ); + if( argc < 2 ) usage( prog ); - new = ( strcmp( prog, "ldapadd" ) == 0 ); + ldapadd = ( strcmp( prog, "ldapadd" ) == 0 ); infile = NULL; - not = verbose = valsfromfiles = want_bindpw = debug = manageDSAit = 0; + not = verbose = want_bindpw = debug = manageDSAit = referrals = 0; authmethod = LDAP_AUTH_SIMPLE; version = -1; - while (( i = getopt( argc, argv, "abcD:d:EFf:h:IKkMnP:p:rtU:vWw:X:Y:Z" )) != EOF ) { + while (( i = getopt( argc, argv, "acCD:d:EFf:h:IKkMnP:p:rtU:vWw:X:Y:Z" )) != EOF ) { switch( i ) { case 'a': /* add */ - new = 1; - break; - case 'b': /* read values from files (for binary attributes) */ - valsfromfiles = 1; + ldapadd = 1; break; case 'c': /* continuous operation */ contoper = 1; break; + case 'C': + referrals++; + break; case 'r': /* default is to replace rather than add values */ replace = 1; break; @@ -360,18 +367,26 @@ main( int argc, char **argv ) return( EXIT_FAILURE ); } - /* this seems prudent */ + /* referrals */ + if( ldap_set_option( ld, LDAP_OPT_REFERRALS, + referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) { - int deref = LDAP_DEREF_NEVER; - ldap_set_option( ld, LDAP_OPT_DEREF, &deref); + fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", + referrals ? "on" : "off" ); + return EXIT_FAILURE; + } + + + if (version == -1 ) { + version = 3; } - /* don't chase referrals */ - ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); - if (version != -1 && - ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) + if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) + != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION to %d\n", version ); + fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", + version ); + return EXIT_FAILURE; } if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { @@ -379,11 +394,12 @@ main( int argc, char **argv ) ldap_perror( ld, "ldap_start_tls" ); return( EXIT_FAILURE ); } + fprintf( stderr, "WARNING: could not start TLS\n" ); } if (want_bindpw) { passwd.bv_val = getpassphrase("Enter LDAP Password: "); - passwd.bv_len = strlen( passwd.bv_val ); + passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; } if ( authmethod == LDAP_AUTH_SASL ) { @@ -454,7 +470,8 @@ main( int argc, char **argv ) err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls ); if( err != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set Manage DSA IT Control\n" ); + fprintf( stderr, "Could not set ManageDSAit %scontrol\n", + c.ldctl_iscritical ? "critical " : "" ); if( c.ldctl_iscritical ) { exit( EXIT_FAILURE ); } @@ -465,49 +482,18 @@ main( int argc, char **argv ) while (( rc == 0 || contoper ) && ( rbuf = read_one_record( fp )) != NULL ) { count++; - /* - * we assume record is ldif/slapd.replog if the first line - * has a colon that appears to the left of any equal signs, OR - * if the first line consists entirely of digits (an entry id) - */ -#ifdef LDAP_LDIF - use_ldif = 1; -#else - use_ldif = ( *rbuf == '#' ) || - (( p = strchr( rbuf, ':' )) != NULL && - ( q = strchr( rbuf, '\n' )) != NULL && p < q && - (( q = strchr( rbuf, '=' )) == NULL || p < q )); -#endif start = rbuf; - if ( !use_ldif && ( q = strchr( rbuf, '\n' )) != NULL ) { - for ( p = rbuf; p < q; ++p ) { - if ( !isdigit( (unsigned char) *p )) { - break; - } - } - if ( p >= q ) { - use_ldif = 1; - start = q + 1; - } - } - - if ( use_ldif ) { - rc = process_ldif_rec( start, count ); - } else { - rc = process_ldapmod_rec( start ); - } + rc = process_ldif_rec( start, count ); if( rc ) - fprintf( stderr, "%s() = %d\n", - use_ldif ? "ldif_rec" : "ldapmod_rec" , rc ); - - free( rbuf ); + fprintf( stderr, "ldif_record() = %d\n", rc ); + free( rbuf ); } if ( !not ) { - ldap_unbind( ld ); + ldap_unbind( ld ); } return( rc ); @@ -517,16 +503,16 @@ main( int argc, char **argv ) static int process_ldif_rec( char *rbuf, int count ) { - char *line, *dn, *type, *value, *newrdn, *newsup, *p; + char *line, *dn, *type, *newrdn, *newsup, *p; int rc, linenum, modop, replicaport; - ber_len_t vlen; int expect_modop, expect_sep, expect_ct, expect_newrdn, expect_newsup; int expect_deleteoldrdn, deleteoldrdn; int saw_replica, use_record, new_entry, delete_entry, got_all; LDAPMod **pmods; int version; + struct berval val; - new_entry = new; + new_entry = ldapadd; rc = got_all = saw_replica = delete_entry = modop = expect_modop = 0; expect_deleteoldrdn = expect_newrdn = expect_newsup = 0; @@ -547,7 +533,7 @@ process_ldif_rec( char *rbuf, int count ) continue; } - if ( ldif_parse_line( line, &type, &value, &vlen ) < 0 ) { + if ( ldif_parse_line( line, &type, &val.bv_val, &val.bv_len ) < 0 ) { fprintf( stderr, "%s: invalid format (line %d) entry: \"%s\"\n", prog, linenum, dn == NULL ? "" : dn ); rc = LDAP_PARAM_ERROR; @@ -557,27 +543,27 @@ process_ldif_rec( char *rbuf, int count ) if ( dn == NULL ) { if ( !use_record && strcasecmp( type, T_REPLICA_STR ) == 0 ) { ++saw_replica; - if (( p = strchr( value, ':' )) == NULL ) { + if (( p = strchr( val.bv_val, ':' )) == NULL ) { replicaport = 0; } else { *p++ = '\0'; replicaport = atoi( p ); } - if ( ldaphost != NULL && strcasecmp( value, ldaphost ) == 0 && + if ( ldaphost != NULL && strcasecmp( val.bv_val, ldaphost ) == 0 && replicaport == ldapport ) { use_record = 1; } } else if ( count == 1 && linenum == 1 && strcasecmp( type, T_VERSION_STR ) == 0 ) { - if( vlen == 0 || atoi(value) != 1 ) { + if( val.bv_len == 0 || atoi(val.bv_val) != 1 ) { fprintf( stderr, "%s: invalid version %s, line %d (ignored)\n", - prog, value == NULL ? "(null)" : value, linenum ); + prog, val.bv_val == NULL ? "(null)" : val.bv_val, linenum ); } version++; } else if ( strcasecmp( type, T_DN_STR ) == 0 ) { - if (( dn = strdup( value ? value : "" )) == NULL ) { + if (( dn = strdup( val.bv_val ? val.bv_val : "" )) == NULL ) { perror( "strdup" ); exit( EXIT_FAILURE ); } @@ -594,31 +580,31 @@ process_ldif_rec( char *rbuf, int count ) prog, dn ); free( dn ); ber_memfree( type ); - ber_memfree( value ); + ber_memfree( val.bv_val ); return( 0 ); } if ( strcasecmp( type, T_CHANGETYPESTR ) == 0 ) { - if ( strcasecmp( value, T_MODIFYCTSTR ) == 0 ) { + if ( strcasecmp( val.bv_val, T_MODIFYCTSTR ) == 0 ) { new_entry = 0; expect_modop = 1; - } else if ( strcasecmp( value, T_ADDCTSTR ) == 0 ) { + } else if ( strcasecmp( val.bv_val, T_ADDCTSTR ) == 0 ) { new_entry = 1; - } else if ( strcasecmp( value, T_MODRDNCTSTR ) == 0 - || strcasecmp( value, T_MODDNCTSTR ) == 0 - || strcasecmp( value, T_RENAMECTSTR ) == 0) + } else if ( strcasecmp( val.bv_val, T_MODRDNCTSTR ) == 0 + || strcasecmp( val.bv_val, T_MODDNCTSTR ) == 0 + || strcasecmp( val.bv_val, T_RENAMECTSTR ) == 0) { expect_newrdn = 1; - } else if ( strcasecmp( value, T_DELETECTSTR ) == 0 ) { + } else if ( strcasecmp( val.bv_val, T_DELETECTSTR ) == 0 ) { got_all = delete_entry = 1; } else { fprintf( stderr, "%s: unknown %s \"%s\" (line %d of entry \"%s\")\n", - prog, T_CHANGETYPESTR, value, linenum, dn ); + prog, T_CHANGETYPESTR, val.bv_val, linenum, dn ); rc = LDAP_PARAM_ERROR; } goto end_line; - } else if ( new ) { /* missing changetype => add */ + } else if ( ldapadd ) { /* missing changetype => add */ new_entry = 1; modop = LDAP_MOD_ADD; } else { @@ -634,11 +620,11 @@ process_ldif_rec( char *rbuf, int count ) goto end_line; } else if ( strcasecmp( type, T_MODOPREPLACESTR ) == 0 ) { modop = LDAP_MOD_REPLACE; - addmodifyop( &pmods, modop, value, NULL, 0 ); + addmodifyop( &pmods, modop, val.bv_val, NULL ); goto end_line; } else if ( strcasecmp( type, T_MODOPDELETESTR ) == 0 ) { modop = LDAP_MOD_DELETE; - addmodifyop( &pmods, modop, value, NULL, 0 ); + addmodifyop( &pmods, modop, val.bv_val, NULL ); goto end_line; } else { /* no modify op: use default */ modop = replace ? LDAP_MOD_REPLACE : LDAP_MOD_ADD; @@ -647,7 +633,7 @@ process_ldif_rec( char *rbuf, int count ) if ( expect_newrdn ) { if ( strcasecmp( type, T_NEWRDNSTR ) == 0 ) { - if (( newrdn = strdup( value )) == NULL ) { + if (( newrdn = strdup( val.bv_val ? val.bv_val : "" )) == NULL ) { perror( "strdup" ); exit( EXIT_FAILURE ); } @@ -660,7 +646,7 @@ process_ldif_rec( char *rbuf, int count ) } } else if ( expect_deleteoldrdn ) { if ( strcasecmp( type, T_DELETEOLDRDNSTR ) == 0 ) { - deleteoldrdn = ( *value == '0' ) ? 0 : 1; + deleteoldrdn = ( *val.bv_val == '0' ) ? 0 : 1; expect_deleteoldrdn = 0; expect_newsup = 1; got_all = 1; @@ -671,7 +657,7 @@ process_ldif_rec( char *rbuf, int count ) } } else if ( expect_newsup ) { if ( strcasecmp( type, T_NEWSUPSTR ) == 0 ) { - if (( newsup = strdup( value )) == NULL ) { + if (( newsup = strdup( val.bv_val ? val.bv_val : "" )) == NULL ) { perror( "strdup" ); exit( EXIT_FAILURE ); } @@ -687,12 +673,12 @@ process_ldif_rec( char *rbuf, int count ) prog, linenum, dn ); rc = LDAP_PARAM_ERROR; } else { - addmodifyop( &pmods, modop, type, value, vlen ); + addmodifyop( &pmods, modop, type, val.bv_val == NULL ? NULL : &val ); } end_line: ber_memfree( type ); - ber_memfree( value ); + ber_memfree( val.bv_val ); } if( linenum == 0 ) { @@ -707,7 +693,7 @@ end_line: if ( delete_entry ) { rc = dodelete( dn ); } else if ( newrdn != NULL ) { - rc = domodrdn( dn, newrdn, deleteoldrdn ); + rc = dorename( dn, newrdn, newsup, deleteoldrdn ); } else { rc = domodify( dn, pmods, new_entry ); } @@ -731,195 +717,85 @@ end_line: } -static int -process_ldapmod_rec( char *rbuf ) +static void +addmodifyop( + LDAPMod ***pmodsp, + int modop, + const char *attr, + struct berval *val ) { - char *line, *dn, *p, *q, *attr, *value; - int rc, linenum, modop; - LDAPMod **pmods; - - pmods = NULL; - dn = NULL; - linenum = 0; - line = rbuf; - rc = 0; - - while ( rc == 0 && rbuf != NULL && *rbuf != '\0' ) { - ++linenum; - if (( p = strchr( rbuf, '\n' )) == NULL ) { - rbuf = NULL; - } else { - if ( *(p-1) == '\\' ) { /* lines ending in '\' are continued */ - SAFEMEMCPY( p - 1, p, strlen( p ) + 1 ); - rbuf = p; - continue; - } - *p++ = '\0'; - rbuf = p; + LDAPMod **pmods; + int i, j; + + pmods = *pmodsp; + modop |= LDAP_MOD_BVALUES; + + i = 0; + if ( pmods != NULL ) { + for ( ; pmods[ i ] != NULL; ++i ) { + if ( strcasecmp( pmods[ i ]->mod_type, attr ) == 0 && + pmods[ i ]->mod_op == modop ) + { + break; + } + } } - if ( dn == NULL ) { /* first line contains DN */ - if (( dn = strdup( line )) == NULL ) { - perror( "strdup" ); - exit( EXIT_FAILURE ); - } - } else { - if (( p = strchr( line, '=' )) == NULL ) { - value = NULL; - p = line + strlen( line ); - } else { - *p++ = '\0'; - value = p; - } - - for ( attr = line; - *attr != '\0' && isspace( (unsigned char) *attr ); ++attr ) { - ; /* skip attribute leading white space */ - } - - for ( q = p - 1; q > attr && isspace( (unsigned char) *q ); --q ) { - *q = '\0'; /* remove attribute trailing white space */ - } - - if ( value != NULL ) { - while ( isspace( (unsigned char) *value )) { - ++value; /* skip value leading white space */ - } - for ( q = value + strlen( value ) - 1; q > value && - isspace( (unsigned char) *q ); --q ) { - *q = '\0'; /* remove value trailing white space */ - } - if ( *value == '\0' ) { - value = NULL; + if ( pmods == NULL || pmods[ i ] == NULL ) { + if (( pmods = (LDAPMod **)ber_memrealloc( pmods, (i + 2) * + sizeof( LDAPMod * ))) == NULL ) + { + perror( "realloc" ); + exit( EXIT_FAILURE ); } - } + *pmodsp = pmods; + pmods[ i + 1 ] = NULL; - if ( value == NULL && new ) { - fprintf( stderr, "%s: missing value on line %d (attr=\"%s\")\n", - prog, linenum, attr ); - rc = LDAP_PARAM_ERROR; - } else { - switch ( *attr ) { - case '-': - modop = LDAP_MOD_DELETE; - ++attr; - break; - case '+': - modop = LDAP_MOD_ADD; - ++attr; - break; - default: - modop = replace ? LDAP_MOD_REPLACE : LDAP_MOD_ADD; + pmods[ i ] = (LDAPMod *)ber_memcalloc( 1, sizeof( LDAPMod )); + if ( pmods[ i ] == NULL ) { + perror( "calloc" ); + exit( EXIT_FAILURE ); } - addmodifyop( &pmods, modop, attr, value, - ( value == NULL ) ? 0 : strlen( value )); - } - } - - line = rbuf; - } - - if ( rc == 0 ) { - if ( dn == NULL ) { - rc = LDAP_PARAM_ERROR; - } else if (( rc = domodify( dn, pmods, new )) == LDAP_SUCCESS ) { - rc = 0; - } - } - - if ( pmods != NULL ) { - ldap_mods_free( pmods, 1 ); - } - if ( dn != NULL ) { - free( dn ); - } - - return( rc ); -} - - -static void -addmodifyop( LDAPMod ***pmodsp, int modop, char *attr, char *value, int vlen ) -{ - LDAPMod **pmods; - int i, j; - struct berval *bvp; - - pmods = *pmodsp; - modop |= LDAP_MOD_BVALUES; - - i = 0; - if ( pmods != NULL ) { - for ( ; pmods[ i ] != NULL; ++i ) { - if ( strcasecmp( pmods[ i ]->mod_type, attr ) == 0 && - pmods[ i ]->mod_op == modop ) { - break; - } + pmods[ i ]->mod_op = modop; + pmods[ i ]->mod_type = ber_strdup( attr ); + if ( pmods[ i ]->mod_type == NULL ) { + perror( "strdup" ); + exit( EXIT_FAILURE ); + } } - } - if ( pmods == NULL || pmods[ i ] == NULL ) { - if (( pmods = (LDAPMod **)ber_memrealloc( pmods, (i + 2) * - sizeof( LDAPMod * ))) == NULL ) { - perror( "realloc" ); - exit( EXIT_FAILURE ); - } - *pmodsp = pmods; - pmods[ i + 1 ] = NULL; - if (( pmods[ i ] = (LDAPMod *)ber_memcalloc( 1, sizeof( LDAPMod ))) - == NULL ) { - perror( "calloc" ); - exit( EXIT_FAILURE ); - } - pmods[ i ]->mod_op = modop; - if (( pmods[ i ]->mod_type = ber_strdup( attr )) == NULL ) { - perror( "strdup" ); - exit( EXIT_FAILURE ); - } - } + if ( val != NULL ) { + j = 0; + if ( pmods[ i ]->mod_bvalues != NULL ) { + for ( ; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) { + /* Empty */; + } + } - if ( value != NULL ) { - j = 0; - if ( pmods[ i ]->mod_bvalues != NULL ) { - for ( ; pmods[ i ]->mod_bvalues[ j ] != NULL; ++j ) { - ; - } - } - if (( pmods[ i ]->mod_bvalues = - (struct berval **)ber_memrealloc( pmods[ i ]->mod_bvalues, - (j + 2) * sizeof( struct berval * ))) == NULL ) { - perror( "ber_realloc" ); - exit( EXIT_FAILURE ); - } - pmods[ i ]->mod_bvalues[ j + 1 ] = NULL; - if (( bvp = (struct berval *)ber_memalloc( sizeof( struct berval ))) - == NULL ) { - perror( "ber_memalloc" ); - exit( EXIT_FAILURE ); - } - pmods[ i ]->mod_bvalues[ j ] = bvp; + pmods[ i ]->mod_bvalues = (struct berval **) ber_memrealloc( + pmods[ i ]->mod_bvalues, (j + 2) * sizeof( struct berval * )); + if ( pmods[ i ]->mod_bvalues == NULL ) { + perror( "ber_realloc" ); + exit( EXIT_FAILURE ); + } - if ( valsfromfiles && *value == '/' ) { /* get value from file */ - if ( fromfile( value, bvp ) < 0 ) { - exit( EXIT_FAILURE ); - } - } else { - bvp->bv_len = vlen; - if (( bvp->bv_val = (char *)ber_memalloc( vlen + 1 )) == NULL ) { - perror( "malloc" ); - exit( EXIT_FAILURE ); - } - SAFEMEMCPY( bvp->bv_val, value, vlen ); - bvp->bv_val[ vlen ] = '\0'; + pmods[ i ]->mod_bvalues[ j + 1 ] = NULL; + pmods[ i ]->mod_bvalues[ j ] = ber_bvdup( val ); + if ( pmods[ i ]->mod_bvalues[ j ] == NULL ) { + perror( "ber_bvdup" ); + exit( EXIT_FAILURE ); + } } - } } static int -domodify( char *dn, LDAPMod **pmods, int newentry ) +domodify( + const char *dn, + LDAPMod **pmods, + int newentry ) { int i, j, k, notascii, op; struct berval *bvp; @@ -984,7 +860,8 @@ domodify( char *dn, LDAPMod **pmods, int newentry ) static int -dodelete( char *dn ) +dodelete( + const char *dn ) { int rc; @@ -1006,7 +883,11 @@ dodelete( char *dn ) static int -domodrdn( char *dn, char *newrdn, int deleteoldrdn ) +dorename( + const char *dn, + const char *newrdn, + const char* newsup, + int deleteoldrdn ) { int rc; @@ -1017,7 +898,7 @@ domodrdn( char *dn, char *newrdn, int deleteoldrdn ) newrdn, deleteoldrdn ? "do not " : "" ); } if ( !not ) { - if (( rc = ldap_modrdn2_s( ld, dn, newrdn, deleteoldrdn )) + if (( rc = ldap_rename2_s( ld, dn, newrdn, newsup, deleteoldrdn )) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_modrdn" ); } else { @@ -1033,55 +914,6 @@ domodrdn( char *dn, char *newrdn, int deleteoldrdn ) } -static int -fromfile( char *path, struct berval *bv ) -{ - FILE *fp; - long rlen; - int eof; - - if (( fp = fopen( path, "r" )) == NULL ) { - perror( path ); - return( -1 ); - } - - if ( fseek( fp, 0L, SEEK_END ) != 0 ) { - perror( path ); - fclose( fp ); - return( -1 ); - } - - bv->bv_len = ftell( fp ); - - if (( bv->bv_val = (char *)ber_memalloc( bv->bv_len )) == NULL ) { - perror( "malloc" ); - fclose( fp ); - return( -1 ); - } - - if ( fseek( fp, 0L, SEEK_SET ) != 0 ) { - perror( path ); - fclose( fp ); - ber_memfree( bv->bv_val ); - bv->bv_val = NULL; - return( -1 ); - } - - rlen = fread( bv->bv_val, 1, bv->bv_len, fp ); - eof = feof( fp ); - fclose( fp ); - - if ( (unsigned long) rlen != bv->bv_len ) { - perror( path ); - ber_memfree( bv->bv_val ); - bv->bv_val = NULL; - return( -1 ); - } - - return( bv->bv_len ); -} - - static char * read_one_record( FILE *fp ) { diff --git a/clients/tools/ldapmodify.dsw b/clients/tools/ldapmodify.dsw deleted file mode 100644 index 7c38c08844..0000000000 --- a/clients/tools/ldapmodify.dsw +++ /dev/null @@ -1,104 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 5.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "ldapmodify"=.\ldapmodify.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name liblber - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldap - End Project Dependency - Begin Project Dependency - Project_Dep_Name liblutil - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldif - End Project Dependency -}}} - -############################################################################### - -Project: "liblber"=..\..\libraries\liblber\liblber.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "libldap"=..\..\libraries\libldap\libldap.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name liblber - End Project Dependency -}}} - -############################################################################### - -Project: "libldif"=..\..\libraries\libldif\libldif.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "liblutil"=..\..\libraries\liblutil\liblutil.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "setup"=..\..\include\setup.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index c7f20c778a..b29e17cd0c 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -28,7 +28,6 @@ #include #include -#include #include static char *binddn = NULL; @@ -64,6 +63,7 @@ usage( const char *s ) " from the file specified by \"-f file\" (see man page).\n" "options:\n" " -c\t\tcontinuous operation mode (do not stop on errors)\n" +" -C\t\tchase referrals\n" " -d level\tset LDAP debugging level to `level'\n" " -D binddn\tbind DN\n" " -E\t\trequest SASL privacy (-EE to make it critical)\n" @@ -76,7 +76,7 @@ usage( const char *s ) " -M\t\tenable Manage DSA IT control (-MM to make it critical)\n" " -n\t\tshow what would be done but don't actually do it\n" " -p port\t\tport on LDAP server\n" -" -P version\tprocotol version (2 or 3)\n" +" -P version\tprocotol version (default: 3)\n" " -r\t\tremove old RDN\n" " -s newsuperior\tnew superior entry\n" " -U user\t\tSASL authentication identity (username)\n" @@ -85,7 +85,7 @@ usage( const char *s ) " -W\t\tprompt for bind passwd\n" " -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" " -Y mech\t\tSASL mechanism\n" -" -Z\t\trequest the use of TLS (-ZZ to make it critical)\n" +" -Z\t\tissue Start TLS request (-ZZ to require successful response)\n" , s ); exit( EXIT_FAILURE ); @@ -97,16 +97,18 @@ main(int argc, char **argv) char *myname,*infile, *entrydn = NULL, *rdn = NULL, buf[ 4096 ]; FILE *fp; int rc, i, remove, havedn, authmethod, version, want_bindpw, debug, manageDSAit; + int referrals; char *newSuperior=NULL; infile = NULL; - not = contoper = verbose = remove = want_bindpw = debug = manageDSAit = 0; + not = contoper = verbose = remove = want_bindpw = + debug = manageDSAit = referrals = 0; authmethod = LDAP_AUTH_SIMPLE; version = -1; myname = (myname = strrchr(argv[0], '/')) == NULL ? argv[0] : ++myname; - while (( i = getopt( argc, argv, "cD:d:Ef:h:IKkMnP:p:rs:U:vWw:X:Y:Z" )) != EOF ) { + while (( i = getopt( argc, argv, "cCD:d:Ef:h:IKkMnP:p:rs:U:vWw:X:Y:Z" )) != EOF ) { switch( i ) { case 'k': /* kerberos bind */ #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND @@ -127,6 +129,9 @@ main(int argc, char **argv) case 'c': /* continuous operation mode */ ++contoper; break; + case 'C': + referrals++; + break; case 'h': /* ldap host */ ldaphost = strdup( optarg ); break; @@ -342,19 +347,25 @@ main(int argc, char **argv) return( EXIT_FAILURE ); } - /* this seems prudent */ + /* referrals */ + if( ldap_set_option( ld, LDAP_OPT_REFERRALS, + referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) { - int deref = LDAP_DEREF_NEVER; - ldap_set_option( ld, LDAP_OPT_DEREF, &deref); + fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", + referrals ? "on" : "off" ); + return EXIT_FAILURE; } - /* don't chase referrals */ - ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); + if (version == -1 ) { + version = 3; + } - if (version != -1 && - ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS) + if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) + != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); + fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", + version ); + return EXIT_FAILURE; } if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { @@ -362,11 +373,12 @@ main(int argc, char **argv) ldap_perror( ld, "ldap_start_tls" ); return( EXIT_FAILURE ); } + fprintf( stderr, "WARNING: could not start TLS\n" ); } if (want_bindpw) { passwd.bv_val = getpassphrase("Enter LDAP Password: "); - passwd.bv_len = strlen( passwd.bv_val ); + passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; } if ( authmethod == LDAP_AUTH_SASL ) { @@ -433,7 +445,8 @@ main(int argc, char **argv) err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls ); if( err != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set Manage DSA IT Control\n" ); + fprintf( stderr, "Could not set ManageDSAit %scontrol\n", + c.ldctl_iscritical ? "critical " : "" ); if( c.ldctl_iscritical ) { exit( EXIT_FAILURE ); } @@ -477,7 +490,9 @@ static int domodrdn( char *newSuperior, int remove ) /* flag: remove old RDN */ { - int i; + int rc, code, id; + char *matcheddn=NULL, *text=NULL, **refs=NULL; + LDAPMessage *res; if ( verbose ) { printf( "Renaming \"%s\"\n", dn ); @@ -488,16 +503,51 @@ static int domodrdn( } } - if ( !not ) { - i = ldap_rename2_s( ld, dn, rdn, newSuperior, remove ); - if ( i != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_rename2_s" ); - } else if ( verbose ) { - printf( "modrdn complete\n" ); + if( not ) return LDAP_SUCCESS; + + rc = ldap_rename( ld, dn, rdn, newSuperior, remove, + NULL, NULL, &id ); + + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_rename" ); + return rc; } - } else { - i = LDAP_SUCCESS; - } - return( i ); + rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ); + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_result" ); + return rc; + } + + rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, NULL, 1 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_parse_result" ); + return rc; + } + + if( verbose || code != LDAP_SUCCESS || matcheddn || text || refs ) { + printf( "Result: %s (%d)\n", ldap_err2string( code ), code ); + + if( text && *text ) { + printf( "Additional info: %s\n", text ); + } + + if( matcheddn && *matcheddn ) { + printf( "Matched DN: %s\n", matcheddn ); + } + + if( refs ) { + int i; + for( i=0; refs[i]; i++ ) { + printf("Referral: %s\n", refs[i] ); + } + } + } + + ber_memfree( text ); + ber_memfree( matcheddn ); + ber_memvfree( refs ); + + return code; } diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index ba01854048..96e898afd2 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -34,6 +34,7 @@ usage(const char *s) " -a secret\told password\n" " -A\t\tprompt for old password\n" " -d level\tdebugging level\n" +" -C\t\tchase referrals\n" " -D binddn\tbind DN\n" " -E\t\trequest SASL privacy (-EE to make it critical)\n" " -h host\t\tLDAP server (default: localhost)\n" @@ -49,7 +50,7 @@ usage(const char *s) " -W\t\tprompt for bind password\n" " -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" " -Y mech\t\tSASL mechanism\n" -" -Z\t\trequest the use of TLS (-ZZ to make it critical)\n" +" -Z\t\tissue Start TLS request (-ZZ to require successful response)\n" , s ); exit( EXIT_FAILURE ); @@ -86,17 +87,21 @@ main( int argc, char *argv[] ) int sasl_privacy = 0; #endif int use_tls = 0; + int referrals = 0; LDAP *ld; struct berval *bv = NULL; - char *retoid; - struct berval *retdata; + int id, code; + LDAPMessage *res; + char *matcheddn = NULL, *text = NULL, **refs = NULL; + char *retoid = NULL; + struct berval *retdata = NULL; if (argc == 1) usage (argv[0]); while( (i = getopt( argc, argv, - "Aa:D:d:EIh:np:Ss:U:vWw:X:Y:Z" )) != EOF ) + "Aa:CD:d:EIh:np:Ss:U:vWw:X:Y:Z" )) != EOF ) { switch (i) { case 'A': /* prompt for oldr password */ @@ -113,6 +118,9 @@ main( int argc, char *argv[] ) } } break; + case 'C': + referrals++; + break; case 'D': /* bind distinguished name */ binddn = strdup (optarg); break; @@ -139,7 +147,6 @@ main( int argc, char *argv[] ) case 's': /* new password (secret) */ newpw = strdup (optarg); - { char* p; @@ -249,7 +256,9 @@ main( int argc, char *argv[] ) newpw = strdup(getpassphrase("Old password: ")); ckoldpw = getpassphrase("Re-enter old password: "); - if( strncmp( oldpw, ckoldpw, strlen(oldpw) )) { + if( newpw== NULL || ckoldpw == NULL || + strncmp( oldpw, ckoldpw, strlen(oldpw) )) + { fprintf( stderr, "passwords do not match\n" ); return EXIT_FAILURE; } @@ -261,7 +270,9 @@ main( int argc, char *argv[] ) newpw = strdup(getpassphrase("New password: ")); cknewpw = getpassphrase("Re-enter new password: "); - if( strncmp( newpw, cknewpw, strlen(newpw) )) { + if( newpw== NULL || cknewpw == NULL || + strncmp( newpw, cknewpw, strlen(newpw) )) + { fprintf( stderr, "passwords do not match\n" ); return EXIT_FAILURE; } @@ -281,7 +292,7 @@ main( int argc, char *argv[] ) /* handle bind password */ fprintf( stderr, "Bind DN: %s\n", binddn ); passwd.bv_val = strdup( getpassphrase("Enter bind password: ")); - passwd.bv_len = strlen( passwd.bv_val ); + passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; } if ( debug ) { @@ -303,8 +314,14 @@ main( int argc, char *argv[] ) return EXIT_FAILURE; } - /* don't chase referrals */ - ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF ); + /* referrals */ + if (ldap_set_option( ld, LDAP_OPT_REFERRALS, + referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) + { + fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", + referrals ? "on" : "off" ); + return EXIT_FAILURE; + } /* LDAPv3 only */ version = 3; @@ -312,6 +329,7 @@ main( int argc, char *argv[] ) if(rc != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); + return EXIT_FAILURE; } if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { @@ -319,6 +337,7 @@ main( int argc, char *argv[] ) ldap_perror( ld, "ldap_start_tls" ); return( EXIT_FAILURE ); } + fprintf( stderr, "WARNING: could not start TLS\n" ); } if ( authmethod == LDAP_AUTH_SASL ) { @@ -400,7 +419,7 @@ main( int argc, char *argv[] ) free(newpw); } - ber_printf( ber, /*{*/ "}" ); + ber_printf( ber, /*{*/ "N}" ); rc = ber_flatten( ber, &bv ); @@ -413,13 +432,43 @@ main( int argc, char *argv[] ) ber_free( ber, 1 ); } - rc = ldap_extended_operation_s( ld, + if ( noupdates ) { + rc = LDAP_SUCCESS; + goto skip; + } + + rc = ldap_extended_operation( ld, LDAP_EXOP_X_MODIFY_PASSWD, bv, - NULL, NULL, - &retoid, &retdata ); + NULL, NULL, &id ); ber_bvfree( bv ); + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_extended_operation" ); + ldap_unbind( ld ); + return EXIT_FAILURE; + } + + rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ); + if ( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_result" ); + return rc; + } + + rc = ldap_parse_result( ld, res, &code, &matcheddn, &text, &refs, NULL, 0 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_parse_result" ); + return rc; + } + + rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_parse_result" ); + return rc; + } + if( retdata != NULL ) { ber_tag_t tag; char *s; @@ -444,15 +493,32 @@ main( int argc, char *argv[] ) ber_free( ber, 1 ); } - if ( rc != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_extended_operation" ); - ldap_unbind( ld ); - return EXIT_FAILURE; + if( verbose || code != LDAP_SUCCESS || matcheddn || text || refs ) { + printf( "Result: %s (%d)\n", ldap_err2string( code ), code ); + + if( text && *text ) { + printf( "Additional info: %s\n", text ); + } + + if( matcheddn && *matcheddn ) { + printf( "Matched DN: %s\n", matcheddn ); + } + + if( refs ) { + int i; + for( i=0; refs[i]; i++ ) { + printf("Referral: %s\n", refs[i] ); + } + } } - ldap_memfree( retoid ); + ber_memfree( text ); + ber_memfree( matcheddn ); + ber_memvfree( refs ); + ber_memfree( retoid ); ber_bvfree( retdata ); +skip: /* disconnect from server */ ldap_unbind (ld); diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index 8b8aa3ee00..0bd21c266f 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -30,66 +30,59 @@ #include #include "ldif.h" +#include "lutil.h" #include "ldap_defaults.h" -#undef DEPSEP -#define DEFSEP "=" - static void usage( const char *s ) { fprintf( stderr, -"usage: %s [options] filter [attributes...]\nwhere:\n" -" filter\tRFC-1558 compliant LDAP search filter\n" -" attributes\twhitespace-separated list of attributes to retrieve\n" -"\t\t1.1 -- no attributes\n" -"\t\t* -- all user attributes\n" -"\t\t+ -- all operational attributes\n" -"\t\tempty list -- all non-operational attributes\n" +"usage: %s [options] [filter [attributes...]]\nwhere:\n" +"\tfilter\tRFC-2254 compliant LDAP search filter\n" +"\tattributes\twhitespace-separated list of attribute descriptions\n" +"\t which may include:\n" +"\t\t1.1 -- no attributes\n" +"\t\t* -- all user attributes\n" +"\t\t+ -- all operational attributes\n" "options:\n" -" -a deref\tone of `never', `always', `search', or `find' (alias\n" -" \tdereferencing)\n" -" -A\t\tretrieve attribute names only (no values)\n" -" -b basedn\tbase dn for search\n" -" -B\t\tdo not suppress printing of binary values\n" -" -d level\tset LDAP debugging level to `level'\n" -" -D binddn\tbind DN\n" -" -E\t\trequest SASL privacy (-EE to make it critical)\n" -" -f file\t\tperform sequence of searches listed in `file'\n" -" -F sep\t\tprint `sep' instead of `=' between attribute names and\n" -" \tvalues\n" -" -h host\t\tLDAP server\n" -" -I\t\trequest SASL integrity checking (-II to make it\n" -" \tcritical)\n" -" -k\t\tuse Kerberos authentication\n" -" -K\t\tlike -k, but do only step 1 of the Kerberos bind\n" -" -l limit\ttime limit (in seconds) for search\n" -" -L\t\tprint entries in LDIF format (implies -B)\n" -" -LL\t\tprint entries in LDIF format without comments\n" -" -LLL\t\tprint entries in LDIF format without comments and\n" -" \tversion\n" -" -M\t\tenable Manage DSA IT control (-MM to make critical)\n" -" -n\t\tshow what would be done but don't actually search\n" -" -p port\t\tport on LDAP server\n" -" -P version\tprocotol version (2 or 3)\n" -" -R\t\tdo not automatically follow referrals\n" -" -s scope\tone of base, one, or sub (search scope)\n" -" -S attr\t\tsort the results by attribute `attr'\n" -" -t\t\twrite binary values to files in TMPDIR\n" -" -tt\t\twrite all values to files in TMPDIR\n" -" -T path\t\twrite files to directory specified by path (default:\n" -" \t\"/tmp\")\n" -" -u\t\tinclude User Friendly entry names in the output\n" -" -U user\t\tSASL authentication identity (username)\n" -" -v\t\trun in verbose mode (diagnostics to standard output)\n" -" -V prefix\tURL prefix for files (default: \"file://tmp/\")\n" -" -w passwd\tbind passwd (for simple authentication)\n" -" -W\t\tprompt for bind passwd\n" -" -X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" -" -Y mech\t\tSASL mechanism\n" -" -z limit\tsize limit (in entries) for search\n" -" -Z\t\trequest the use of TLS (-ZZ to make it critical)\n" -, s ); +"\t-a deref\tdereference aliases: never (default), always, search, or find\n" +"\t-A\t\tretrieve attribute names only (no values)\n" +"\t-b basedn\tbase dn for search\n" +"\t-d level\tset LDAP debugging level to `level'\n" +"\t-D binddn\tbind DN\n" +"\t-E\t\trequest SASL privacy (-EE to make it critical)\n" +"\t-f file\t\tperform sequence of searches listed in `file'\n" +"\t-h host\t\tLDAP server\n" +"\t-I\t\trequest SASL integrity checking (-II to make it\n" +"\t\t\tcritical)\n" +"\t-k\t\tuse Kerberos authentication\n" +"\t-K\t\tlike -k, but do only step 1 of the Kerberos bind\n" +"\t-l limit\ttime limit (in seconds) for search\n" +"\t-L\t\tprint responses in LDIFv1 format\n" +"\t-LL\t\tprint responses in LDIF format without comments\n" +"\t-LLL\t\tprint responses in LDIF format without comments\n" +"\t\t\tand version\n" +"\t-M\t\tenable Manage DSA IT control (-MM to make critical)\n" +"\t-n\t\tshow what would be done but don't actually search\n" +"\t-p port\t\tport on LDAP server\n" +"\t-P version\tprocotol version (default: 3)\n" +"\t-s scope\tone of base, one, or sub (search scope)\n" +"\t-S attr\t\tsort the results by attribute `attr'\n" +"\t-t\t\twrite binary values to files in temporary directory\n" +"\t-tt\t\twrite all values to files in temporary directory\n" +"\t-T path\t\twrite files to directory specified by path (default:\n" +"\t\t\t\"" LDAP_TMPDIR "\")\n" +"\t-u\t\tinclude User Friendly entry names in the output\n" +"\t-U user\t\tSASL authentication identity (username)\n" +"\t-v\t\trun in verbose mode (diagnostics to standard output)\n" +"\t-V prefix\tURL prefix for files (default: \"" LDAP_FILE_URI_PREFIX ")\n" +"\t-w passwd\tbind passwd (for simple authentication)\n" +"\t-W\t\tprompt for bind passwd\n" +"\t-X id\t\tSASL authorization identity (\"dn:\" or \"u:\")\n" +"\t-Y mech\t\tSASL mechanism\n" +"\t-z limit\tsize limit (in entries) for search\n" +"\t-Z\t\tissue Start TLS request (-ZZ to require successful response)\n" +, s ); exit( EXIT_FAILURE ); } @@ -99,6 +92,26 @@ static void print_entry LDAP_P(( LDAPMessage *entry, int attrsonly)); +static void print_reference( + LDAP *ld, + LDAPMessage *reference ); + +static void print_extended( + LDAP *ld, + LDAPMessage *extended ); + +static void print_partial( + LDAP *ld, + LDAPMessage *partial ); + +static int print_result( + LDAP *ld, + LDAPMessage *result, + int search ); + +static void print_ctrls( + LDAPControl **ctrls ); + static int write_ldif LDAP_P(( int type, char *name, @@ -109,13 +122,14 @@ static int dosearch LDAP_P(( LDAP *ld, char *base, int scope, + char *filtpatt, + char *value, char **attrs, int attrsonly, - char *filtpatt, - char *value)); - -#define TMPDIR "/tmp" -#define URLPRE "file:/tmp/" + LDAPControl **sctrls, + LDAPControl **cctrls, + struct timeval *timelimit, + int sizelimit )); static char *tmpdir = NULL; static char *urlpre = NULL; @@ -133,15 +147,13 @@ static int sasl_integrity = 0; static int sasl_privacy = 0; #endif static int use_tls = 0; -static char *sep = DEFSEP; static char *sortattr = NULL; -static int skipsortattr = 0; -static int verbose, not, includeufn, binary, vals2tmp, ldif; +static int verbose, not, includeufn, vals2tmp, ldif; int main( int argc, char **argv ) { - char *infile, *filtpattern, **attrs, line[ BUFSIZ ]; + char *infile, *filtpattern, **attrs, line[BUFSIZ]; FILE *fp = NULL; int rc, i, first, scope, deref, attrsonly, manageDSAit; int referrals, timelimit, sizelimit, debug; @@ -149,22 +161,19 @@ main( int argc, char **argv ) LDAP *ld; infile = NULL; - debug = verbose = binary = not = vals2tmp = + debug = verbose = not = vals2tmp = referrals = attrsonly = manageDSAit = ldif = want_bindpw = 0; deref = sizelimit = timelimit = version = -1; - /* default should be off */ - referrals = 1; - scope = LDAP_SCOPE_SUBTREE; authmethod = LDAP_AUTH_SIMPLE; while (( i = getopt( argc, argv, - "Aa:Bb:D:d:EF:f:h:IKkLl:MnP:p:RS:s:T:tU:uV:vWw:X:Y:Zz:")) != EOF ) + "Aa:b:CD:d:Ef:h:IKkLl:MnP:p:RS:s:T:tU:uV:vWw:X:Y:Zz:")) != EOF ) { switch( i ) { - case 'n': /* do Not do any searches */ + case 'n': /* do nothing */ ++not; break; case 'v': /* verbose mode */ @@ -193,31 +202,31 @@ main( int argc, char **argv ) case 'u': /* include UFN */ ++includeufn; break; - case 't': /* write attribute values to /tmp files */ + case 't': /* write attribute values to TMPDIR files */ ++vals2tmp; break; case 'M': /* enable Manage DSA IT */ manageDSAit++; break; - case 'R': /* don't automatically chase referrals */ - referrals = 0; + case 'C': + referrals++; + break; + case 'R': /* ignore */ break; case 'A': /* retrieve attribute names only -- no values */ ++attrsonly; break; case 'L': /* print entries in LDIF format */ ++ldif; - /* fall through -- always allow binary when outputting LDIF */ - case 'B': /* allow binary values to be printed */ - ++binary; break; + case 's': /* search scope */ if ( strcasecmp( optarg, "base" ) == 0 ) { scope = LDAP_SCOPE_BASE; - } else if ( strcasecmp( optarg, "one" ) == 0 ) { + } else if ( strncasecmp( optarg, "one", sizeof("one")-1 ) == 0 ) { scope = LDAP_SCOPE_ONELEVEL; - } else if ( strcasecmp( optarg, "sub" ) == 0 ) { + } else if ( strncasecmp( optarg, "sub", sizeof("sub")-1 ) == 0 ) { scope = LDAP_SCOPE_SUBTREE; } else { fprintf( stderr, "scope should be base, one, or sub\n" ); @@ -228,9 +237,9 @@ main( int argc, char **argv ) case 'a': /* set alias deref option */ if ( strcasecmp( optarg, "never" ) == 0 ) { deref = LDAP_DEREF_NEVER; - } else if ( strcasecmp( optarg, "search" ) == 0 ) { + } else if ( strncasecmp( optarg, "search", sizeof("search")-1 ) == 0 ) { deref = LDAP_DEREF_SEARCHING; - } else if ( strcasecmp( optarg, "find" ) == 0 ) { + } else if ( strncasecmp( optarg, "find", sizeof("find")-1 ) == 0 ) { deref = LDAP_DEREF_FINDING; } else if ( strcasecmp( optarg, "always" ) == 0 ) { deref = LDAP_DEREF_ALWAYS; @@ -240,24 +249,21 @@ main( int argc, char **argv ) } break; - case 'T': /* field separator */ + case 'T': /* tmpdir */ if( tmpdir ) free( tmpdir ); tmpdir = strdup( optarg ); break; - case 'V': /* field separator */ + case 'V': /* uri prefix */ if( urlpre ) free( urlpre ); urlpre = strdup( optarg ); break; - case 'F': /* field separator */ - sep = strdup( optarg ); - break; case 'f': /* input file */ infile = strdup( optarg ); break; case 'h': /* ldap host */ ldaphost = strdup( optarg ); break; - case 'b': /* searchbase */ + case 'b': /* search base */ base = strdup( optarg ); break; case 'D': /* bind DN */ @@ -369,11 +375,6 @@ main( int argc, char **argv ) } } -#ifdef LDAP_LDIF - /* no alternative format */ - if( ldif < 1 ) ldif = 1; -#endif - if ( ( authmethod == LDAP_AUTH_KRBV4 ) || ( authmethod == LDAP_AUTH_KRBV41 ) ) { if( version > LDAP_VERSION2 ) { @@ -407,28 +408,15 @@ main( int argc, char **argv ) } if ( argc - optind < 1 ) { - usage( argv[ 0 ] ); + filtpattern = "(objectclass=*)"; + } else { + filtpattern = strdup( argv[optind++] ); } - filtpattern = strdup( argv[ optind ] ); - - if ( argv[ optind + 1 ] == NULL ) { + if ( argv[optind] == NULL ) { attrs = NULL; } else if ( sortattr == NULL || *sortattr == '\0' ) { - attrs = &argv[ optind + 1 ]; - } else { - for ( i = optind + 1; i < argc; i++ ) { - if ( strcasecmp( argv[ i ], sortattr ) == 0 ) { - break; - } - } - if ( i == argc ) { - skipsortattr = 1; - argv[ optind ] = sortattr; - } else { - optind++; - } - attrs = &argv[ optind ]; + attrs = &argv[optind]; } if ( infile != NULL ) { @@ -445,7 +433,7 @@ main( int argc, char **argv ) && (tmpdir = getenv("TMP")) == NULL && (tmpdir = getenv("TEMP")) == NULL ) { - tmpdir = "/tmp"; + tmpdir = LDAP_TMPDIR; } if( urlpre == NULL ) { @@ -485,48 +473,60 @@ main( int argc, char **argv ) if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) { perror( "ldap_init" ); - return( EXIT_FAILURE ); + return EXIT_FAILURE; } if (deref != -1 && ldap_set_option( ld, LDAP_OPT_DEREF, (void *) &deref ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_DEREF %d\n", deref ); + return EXIT_FAILURE; } if (timelimit != -1 && ldap_set_option( ld, LDAP_OPT_TIMELIMIT, (void *) &timelimit ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_TIMELIMIT %d\n", timelimit ); + return EXIT_FAILURE; } if (sizelimit != -1 && ldap_set_option( ld, LDAP_OPT_SIZELIMIT, (void *) &sizelimit ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_SIZELIMIT %d\n", sizelimit ); + return EXIT_FAILURE; } - if (referrals != -1 && - ldap_set_option( ld, LDAP_OPT_REFERRALS, - (referrals ? LDAP_OPT_ON : LDAP_OPT_OFF) ) != LDAP_OPT_SUCCESS ) + + /* referrals */ + if (ldap_set_option( ld, LDAP_OPT_REFERRALS, + referrals ? LDAP_OPT_ON : LDAP_OPT_OFF ) != LDAP_OPT_SUCCESS ) { fprintf( stderr, "Could not set LDAP_OPT_REFERRALS %s\n", referrals ? "on" : "off" ); + return EXIT_FAILURE; } - if (version != -1 && - ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS ) + if (version == -1 ) { + version = 3; + } + + if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) + != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version ); + fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", + version ); + return EXIT_FAILURE; } if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) { if ( use_tls > 1 ) { ldap_perror( ld, "ldap_start_tls" ); - return( EXIT_FAILURE ); + return EXIT_FAILURE; } + fprintf( stderr, "WARNING: could not start TLS\n" ); } if (want_bindpw) { passwd.bv_val = getpassphrase("Enter LDAP Password: "); - passwd.bv_len = strlen( passwd.bv_val ); + passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0; } if ( authmethod == LDAP_AUTH_SASL ) { @@ -569,8 +569,7 @@ main( int argc, char **argv ) argv[0] ); return( EXIT_FAILURE ); #endif - } - else { + } else { if ( ldap_bind_s( ld, binddn, passwd.bv_val, authmethod ) != LDAP_SUCCESS ) { ldap_perror( ld, "ldap_bind" ); @@ -593,7 +592,8 @@ main( int argc, char **argv ) err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls ); if( err != LDAP_OPT_SUCCESS ) { - fprintf( stderr, "Could not set Manage DSA IT Control\n" ); + fprintf( stderr, "Could not set ManageDSAit %scontrol\n", + c.ldctl_iscritical ? "critical " : "" ); if( c.ldctl_iscritical ) { exit( EXIT_FAILURE ); } @@ -601,7 +601,7 @@ main( int argc, char **argv ) } if ( verbose ) { - fprintf( stderr, "filter%s: %s\nreturning: ", + fprintf( stderr, "filter%s: %s\nrequesting: ", infile != NULL ? " pattern" : "", filtpattern ); @@ -615,42 +615,47 @@ main( int argc, char **argv ) fprintf( stderr, "\n" ); } - if ( ldif ) { - if (ldif < 3 ) { - printf( "version: 1\n\n"); - } + if (ldif < 3 ) { + printf( "version: %d\n\n", ldif ? 1 : 2 ); + } - if (ldif < 2 ) { - printf( "#\n# filter%s: %s\n# returning: ", - infile != NULL ? " pattern" : "", - filtpattern ); + if (ldif < 2 ) { + printf( "#\n# filter%s: %s\n# requesting: ", + infile != NULL ? " pattern" : "", + filtpattern ); - if ( attrs == NULL ) { - printf( "ALL" ); - } else { - for ( i = 0; attrs[ i ] != NULL; ++i ) { - printf( "%s ", attrs[ i ] ); - } + if ( attrs == NULL ) { + printf( "ALL" ); + } else { + for ( i = 0; attrs[ i ] != NULL; ++i ) { + printf( "%s ", attrs[ i ] ); } - printf( "\n#\n\n" ); } + + if ( manageDSAit ) { + printf("\n# with manageDSAit %scontrol", + manageDSAit > 1 ? "critical " : "" ); + } + + printf( "\n#\n\n" ); } if ( infile == NULL ) { - rc = dosearch( ld, base, scope, attrs, attrsonly, NULL, filtpattern ); + rc = dosearch( ld, base, scope, NULL, filtpattern, + attrs, attrsonly, NULL, NULL, NULL, -1 ); } else { rc = 0; first = 1; - while ( rc == 0 && fgets( line, sizeof( line ), fp ) != NULL ) { + while ( rc == 0 && fgets( line, sizeof( line ), fp ) != NULL ) { line[ strlen( line ) - 1 ] = '\0'; if ( !first ) { putchar( '\n' ); } else { first = 0; } - rc = dosearch( ld, base, scope, attrs, attrsonly, - filtpattern, line ); + rc = dosearch( ld, base, scope, filtpattern, line, + attrs, attrsonly, NULL, NULL, NULL, -1 ); } if ( fp != stdin ) { fclose( fp ); @@ -666,14 +671,24 @@ static int dosearch( LDAP *ld, char *base, int scope, + char *filtpatt, + char *value, char **attrs, int attrsonly, - char *filtpatt, - char *value) + LDAPControl **sctrls, + LDAPControl **cctrls, + struct timeval *timelimit, + int sizelimit ) { char filter[ BUFSIZ ]; - int rc, first, matches; - LDAPMessage *res, *e; + int rc, first; + int nresponses; + int nentries; + int nreferences; + int nextended; + int npartial; + LDAPMessage *res, *msg; + ber_int_t msgid; if( filtpatt != NULL ) { sprintf( filter, filtpatt, value ); @@ -682,7 +697,7 @@ static int dosearch( fprintf( stderr, "filter is: (%s)\n", filter ); } - if( ldif == 1 ) { + if( ldif < 2 ) { printf( "#\n# filter: %s\n#\n", filter ); } @@ -691,66 +706,86 @@ static int dosearch( } if ( not ) { - return( LDAP_SUCCESS ); + return LDAP_SUCCESS; } - if ( ldap_search( ld, base, scope, filter, attrs, attrsonly ) == -1 ) { - int ld_errno; - ldap_perror( ld, "ldap_search" ); + rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly, + sctrls, cctrls, timelimit, sizelimit, &msgid ); - ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &ld_errno); - return( ld_errno ); + if( rc != LDAP_SUCCESS ) { + ldap_perror( ld, "ldap_search" ); + return( rc ); } - matches = 0; - first = 1; - res = NULL; - while ( (rc = ldap_result( ld, LDAP_RES_ANY, sortattr ? 1 : 0, NULL, &res )) - == LDAP_RES_SEARCH_ENTRY ) { - matches++; - e = ldap_first_entry( ld, res ); - if ( !first ) { - putchar( '\n' ); - } else { - first = 0; - } - print_entry( ld, e, attrsonly ); - ldap_msgfree( res ); + nresponses = nentries = nreferences = nextended = npartial = 0; + res = NULL; - } - if ( rc == -1 ) { - ldap_perror( ld, "ldap_result" ); - return( rc ); - } - if (( rc = ldap_result2error( ld, res, 0 )) != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_search" ); - } - if ( sortattr != NULL ) { - (void) ldap_sort_entries( ld, &res, - ( *sortattr == '\0' ) ? NULL : sortattr, strcasecmp ); - matches = 0; - first = 1; - for ( e = ldap_first_entry( ld, res ); e != NULL; - e = ldap_next_entry( ld, e ) ) { - matches++; - if ( !first ) { - putchar( '\n' ); - } else { - first = 0; + while ((rc = ldap_result( ld, LDAP_RES_ANY, + sortattr ? 1 : 0, NULL, &res )) > 0 ) + { + if( sortattr ) { + (void) ldap_sort_entries( ld, &res, + ( *sortattr == '\0' ) ? NULL : sortattr, strcasecmp ); } - print_entry( ld, e, attrsonly ); + + for ( msg = ldap_first_message( ld, res ); + msg != NULL; + msg = ldap_next_message( ld, msg ) ) + { + if( nresponses++ ) putchar('\n'); + + switch( ldap_msgtype( msg ) ) { + case LDAP_RES_SEARCH_ENTRY: + nentries++; + print_entry( ld, msg, attrsonly ); + break; + + case LDAP_RES_SEARCH_REFERENCE: + nreferences++; + print_reference( ld, msg ); + break; + + case LDAP_RES_EXTENDED: + nextended++; + print_extended( ld, msg ); + + if( ldap_msgid( msg ) == 0 ) { + /* unsolicited extended operation */ + goto done; + } + break; + + case LDAP_RES_EXTENDED_PARTIAL: + npartial++; + print_partial( ld, msg ); + break; + + case LDAP_RES_SEARCH_RESULT: + rc = print_result( ld, msg, 1 ); + goto done; + } } + + ldap_msgfree( res ); } - if ( verbose ) { - printf( "%d matches\n", matches ); + if ( rc == -1 ) { + ldap_perror( ld, "ldap_result" ); + return( rc ); + } + +done: + if ( ldif < 2 ) { + printf( "\n# numResponses: %d\n", nresponses ); + if( nentries ) printf( "# numEntries: %d\n", nentries ); + if( nextended ) printf( "# numExtended: %d\n", nextended ); + if( npartial ) printf( "# numPartial: %d\n", npartial ); + if( nreferences ) printf( "# numReferences: %d\n", nreferences ); } - ldap_msgfree( res ); return( rc ); } - static void print_entry( LDAP *ld, @@ -760,33 +795,39 @@ print_entry( char *a, *dn, *ufn; char tmpfname[ 256 ]; char url[ 256 ]; - int i; + int i, rc; BerElement *ber = NULL; struct berval **bvals; + LDAPControl **ctrls = NULL; FILE *tmpfp; dn = ldap_get_dn( ld, entry ); ufn = NULL; - if ( ldif == 1 ) { + if ( ldif < 2 ) { ufn = ldap_dn2ufn( dn ); - write_ldif( LDIF_PUT_COMMENT, NULL, ufn, strlen( ufn )); + write_ldif( LDIF_PUT_COMMENT, NULL, ufn, ufn ? strlen( ufn ) : 0 ); } - if ( ldif ) { - write_ldif( LDIF_PUT_VALUE, "dn", dn, strlen( dn )); - } else { - printf( "%s\n", dn ); + write_ldif( LDIF_PUT_VALUE, "dn", dn, dn ? strlen( dn ) : 0); + + rc = ldap_get_entry_controls( ld, entry, &ctrls ); + + if( rc != LDAP_SUCCESS ) { + fprintf(stderr, "print_entry: %d\n", rc ); + ldap_perror( ld, "ldap_get_entry_controls" ); + exit( EXIT_FAILURE ); + } + + if( ctrls ) { + print_ctrls( ctrls ); + ldap_controls_free( ctrls ); } if ( includeufn ) { if( ufn == NULL ) { ufn = ldap_dn2ufn( dn ); } - if ( ldif ) { - write_ldif( LDIF_PUT_VALUE, "ufn", ufn, strlen( ufn )); - } else { - printf( "%s\n", ufn ); - } + write_ldif( LDIF_PUT_VALUE, "ufn", ufn, ufn ? strlen( ufn ) : 0 ); } if( ufn != NULL ) ldap_memfree( ufn ); @@ -795,16 +836,8 @@ print_entry( for ( a = ldap_first_attribute( ld, entry, &ber ); a != NULL; a = ldap_next_attribute( ld, entry, ber ) ) { - if ( skipsortattr && strcasecmp( a, sortattr ) == 0 ) { - continue; - } - if ( attrsonly ) { - if ( ldif ) { - write_ldif( LDIF_PUT_NOVALUE, a, NULL, 0 ); - } else { - printf( "%s\n", a ); - } + write_ldif( LDIF_PUT_NOVALUE, a, NULL, 0 ); } else if (( bvals = ldap_get_values_len( ld, entry, a )) != NULL ) { for ( i = 0; bvals[i] != NULL; i++ ) { @@ -845,25 +878,11 @@ print_entry( sprintf( url, "%s%s", urlpre, &tmpfname[strlen(tmpdir) + sizeof(LDAP_DIRSEP) - 1] ); - if ( ldif ) { - write_ldif( LDIF_PUT_URL, a, url, strlen( url )); - } else { - printf( "%s%s%s\n", a, sep, url ); - } - + write_ldif( LDIF_PUT_URL, a, url, strlen( url )); } else { - if ( ldif ) { - write_ldif( LDIF_PUT_VALUE, a, - bvals[ i ]->bv_val, bvals[ i ]->bv_len ); - - } else { - int notprint = !binary && !vals2tmp - && ldif_is_not_printable( bvals[i]->bv_val, - bvals[i]->bv_len ); - printf( "%s%s", a, sep ); - puts( notprint ? "NOT PRINTABLE" : bvals[ i ]->bv_val ); - } + write_ldif( LDIF_PUT_VALUE, a, + bvals[ i ]->bv_val, bvals[ i ]->bv_len ); } } ber_bvecfree( bvals ); @@ -875,6 +894,241 @@ print_entry( } } +static void print_reference( + LDAP *ld, + LDAPMessage *reference ) +{ + int rc; + char **refs = NULL; + LDAPControl **ctrls; + + if( ldif < 2 ) { + printf("# search reference\n"); + } + + rc = ldap_parse_reference( ld, reference, &refs, &ctrls, 0 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror(ld, "ldap_parse_reference"); + exit( EXIT_FAILURE ); + } + + if( refs ) { + int i; + for( i=0; refs[i] != NULL; i++ ) { + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "ref", refs[i], strlen(refs[i]) ); + } + ber_memvfree( (void **) refs ); + } + + if( ctrls ) { + print_ctrls( ctrls ); + ldap_controls_free( ctrls ); + } +} + +static void print_extended( + LDAP *ld, + LDAPMessage *extended ) +{ + int rc; + char *retoid = NULL; + struct berval *retdata = NULL; + + if( ldif < 2 ) { + printf("# extended result response\n"); + } + + rc = ldap_parse_extended_result( ld, extended, + &retoid, &retdata, 0 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror(ld, "ldap_parse_extended_result"); + exit( EXIT_FAILURE ); + } + + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "extended", retoid, retoid ? strlen(retoid) : 0 ); + ber_memfree( retoid ); + + if(retdata) { + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, + "data", retdata->bv_val, retdata->bv_len ); + ber_bvfree( retdata ); + } + + print_result( ld, extended, 0 ); +} + +static void print_partial( + LDAP *ld, + LDAPMessage *partial ) +{ + int rc; + char *retoid = NULL; + struct berval *retdata = NULL; + LDAPControl **ctrls = NULL; + + if( ldif < 2 ) { + printf("# extended partial response\n"); + } + + rc = ldap_parse_extended_partial( ld, partial, + &retoid, &retdata, &ctrls, 0 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror(ld, "ldap_parse_extended_partial"); + exit( EXIT_FAILURE ); + } + + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "partial", retoid, retoid ? strlen(retoid) : 0 ); + + ber_memfree( retoid ); + + if( retdata ) { + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_BINARY, + "data", + retdata->bv_val, retdata->bv_len ); + + ber_bvfree( retdata ); + } + + if( ctrls ) { + print_ctrls( ctrls ); + ldap_controls_free( ctrls ); + } +} + +static int print_result( + LDAP *ld, + LDAPMessage *result, int search ) +{ + char rst[BUFSIZ]; + int rc; + int err; + char *matcheddn = NULL; + char *text = NULL; + char **refs = NULL; + LDAPControl **ctrls = NULL; + + if( search ) { + if ( ldif < 2 ) { + printf("# search result\n"); + } + if ( ldif < 1 ) { + printf("%s: %d\n", "search", ldap_msgid(result) ); + } + } + + rc = ldap_parse_result( ld, result, + &err, &matcheddn, &text, &refs, &ctrls, 0 ); + + if( rc != LDAP_SUCCESS ) { + ldap_perror(ld, "ldap_parse_result"); + exit( EXIT_FAILURE ); + } + + + if( !ldif ) { + printf( "result: %d %s\n", err, ldap_err2string(err) ); + + } else if ( err != LDAP_SUCCESS ) { + fprintf( stderr, "%s (%d)\n", ldap_err2string(err), err ); + } + + if( matcheddn && *matcheddn ) { + if( !ldif ) { + write_ldif( LDIF_PUT_VALUE, + "matchedDN", matcheddn, strlen(matcheddn) ); + } else { + fprintf( stderr, "Matched DN: %s\n", matcheddn ); + } + + ber_memfree( matcheddn ); + } + + if( text && *text ) { + if( !ldif ) { + write_ldif( LDIF_PUT_TEXT, "text", + text, strlen(text) ); + } else { + fprintf( stderr, "Additional information: %s\n", text ); + } + + ber_memfree( text ); + } + + if( refs ) { + int i; + for( i=0; refs[i] != NULL; i++ ) { + if( !ldif ) { + write_ldif( LDIF_PUT_VALUE, "ref", refs[i], strlen(refs[i]) ); + } else { + fprintf( stderr, "Referral: %s", refs[i] ); + } + } + + ber_memvfree( (void **) refs ); + } + + if( ctrls ) { + print_ctrls( ctrls ); + ldap_controls_free( ctrls ); + } + + return err; +} + +void print_ctrls( LDAPControl **ctrls ) { + int i; + for(i=0; ctrls[i] != NULL; i++ ) { + /* control: OID criticality base64value */ + struct berval *b64 = NULL; + ber_len_t len; + char *str; + + len = strlen( ctrls[i]->ldctl_oid ); + + /* add enough for space after OID and the critical value itself */ + len += ctrls[i]->ldctl_iscritical + ? sizeof("true") : sizeof("false"); + + /* convert to base64 */ + if( ctrls[i]->ldctl_value.bv_len ) { + b64 = ber_memalloc( sizeof(struct berval) ); + + b64->bv_len = LUTIL_BASE64_ENCODE_LEN( + ctrls[i]->ldctl_value.bv_len ) + 1; + b64->bv_val = ber_memalloc( b64->bv_len + 1 ); + + b64->bv_len = lutil_b64_ntop( + ctrls[i]->ldctl_value.bv_val, ctrls[i]->ldctl_value.bv_len, + b64->bv_val, b64->bv_len ); + } + + if( b64 ) { + len += 1 + b64->bv_len; + } + + str = malloc( len + 1 ); + strcpy( str, ctrls[i]->ldctl_oid ); + strcat( str, ctrls[i]->ldctl_iscritical + ? " true" : " false" ); + + if( b64 ) { + strcat(str, " "); + strcat(str, b64->bv_val ); + } + + write_ldif( ldif ? LDIF_PUT_COMMENT : LDIF_PUT_VALUE, + "control", str, len ); + + free( str ); + ber_bvfree( b64 ); + } +} static int write_ldif( int type, char *name, char *value, ber_len_t vallen ) diff --git a/clients/tools/ldapsearch.dsw b/clients/tools/ldapsearch.dsw deleted file mode 100644 index b611123557..0000000000 --- a/clients/tools/ldapsearch.dsw +++ /dev/null @@ -1,101 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 5.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "ldapsearch"=.\ldapsearch.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name liblber - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldap - End Project Dependency - Begin Project Dependency - Project_Dep_Name libldif - End Project Dependency - Begin Project Dependency - Project_Dep_Name liblutil - End Project Dependency -}}} - -############################################################################### - -Project: "liblber"=..\..\libraries\liblber\liblber.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "libldap"=..\..\libraries\libldap\libldap.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "libldif"=..\..\libraries\libldif\libldif.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "liblutil"=..\..\libraries\liblutil\liblutil.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Project: "setup"=..\..\include\setup.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/clients/ud/Makefile.in b/clients/ud/Makefile.in index 7c22affb6b..85c20e4b0e 100644 --- a/clients/ud/Makefile.in +++ b/clients/ud/Makefile.in @@ -11,7 +11,7 @@ PROGRAMS= ud LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries -NT_DYN_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_DEFS) XLIBS = -llutil -lldif -lldap -llber diff --git a/clients/ud/auth.c b/clients/ud/auth.c index 5ae44ef154..169fd37117 100644 --- a/clients/ud/auth.c +++ b/clients/ud/auth.c @@ -31,7 +31,6 @@ #include #endif -#include #include #include "ldap_defaults.h" @@ -164,7 +163,7 @@ auth( char *who, int implicit ) /* if we're running as a server (e.g., out of inetd) */ if ( ! isatty( 1 ) ) { - strcpy( tktpath, "/tmp/ud_tktXXXXXX" ); + strcpy( tktpath, LDAP_TMPDIR LDAP_DEFSEP "ud_tktXXXXXX" ); mktemp( tktpath ); krb_set_tkt_string( tktpath ); } diff --git a/clients/ud/edit.c b/clients/ud/edit.c index de640dc380..45e3139460 100644 --- a/clients/ud/edit.c +++ b/clients/ud/edit.c @@ -46,7 +46,6 @@ #include #endif -#include #include #include "ldap_defaults.h" diff --git a/clients/ud/find.c b/clients/ud/find.c index f247fcc5bf..9525c86b97 100644 --- a/clients/ud/find.c +++ b/clients/ud/find.c @@ -25,7 +25,6 @@ #include #include -#include #include #include "ud.h" diff --git a/clients/ud/group.c b/clients/ud/group.c index fd73738e77..94e77cf519 100644 --- a/clients/ud/group.c +++ b/clients/ud/group.c @@ -29,7 +29,6 @@ #include #endif -#include #include #include "ldap_defaults.h" diff --git a/clients/ud/help.c b/clients/ud/help.c index 0fb0590bf2..5a48bc3da0 100644 --- a/clients/ud/help.c +++ b/clients/ud/help.c @@ -23,7 +23,6 @@ #include #include -#include #include #include "ud.h" diff --git a/clients/ud/main.c b/clients/ud/main.c index e830c85238..97d138fa38 100644 --- a/clients/ud/main.c +++ b/clients/ud/main.c @@ -44,7 +44,6 @@ #include #endif -#include #include #include "ldap_defaults.h" diff --git a/clients/ud/mod.c b/clients/ud/mod.c index 1a13a967f2..ecacefbe6d 100644 --- a/clients/ud/mod.c +++ b/clients/ud/mod.c @@ -25,7 +25,6 @@ #include #include -#include #include #include "ud.h" diff --git a/clients/ud/print.c b/clients/ud/print.c index 914b3e3d1b..9275f6d07c 100644 --- a/clients/ud/print.c +++ b/clients/ud/print.c @@ -23,7 +23,6 @@ #include #include -#include #include #include "ud.h" diff --git a/clients/ud/util.c b/clients/ud/util.c index 3cc445e2df..603d2c770d 100644 --- a/clients/ud/util.c +++ b/clients/ud/util.c @@ -29,7 +29,6 @@ #include #include -#include #include #include "ldap_defaults.h" diff --git a/configure b/configure index 66b7b14b5d..ccf244cf20 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # $OpenLDAP$ -# from OpenLDAP +# from OpenLDAP: pkg/ldap/configure.in,v 1.223.2.5 2000/06/13 17:56:59 kurt Exp # Copyright 1998-2000 The OpenLDAP Foundation. All Rights Reserved. # @@ -10,7 +10,7 @@ # in file LICENSE in the top-level directory of the distribution. echo "Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved." -echo "Copying restrictions apply, see COPYRIGHT file." +echo "Restrictions apply, see COPYRIGHT and LICENSE files." # Guess values for system-dependent variables and create Makefiles. # Generated automatically using autoconf version 2.13.1 @@ -78,8 +78,6 @@ ac_help="$ac_help --enable-multimaster enable multimaster replication (no)" ac_help="$ac_help --enable-phonetic enable phonetic/soundex (no)" -ac_help="$ac_help - --enable-quipu build quipu migration tools (no)" ac_help="$ac_help --enable-rlookups enable reverse lookups (auto)" ac_help="$ac_help @@ -672,7 +670,7 @@ echo "Configuring OpenLDAP $OL_VERSION ..." echo $ac_n "checking host system type""... $ac_c" 1>&6 -echo "configure:676: checking host system type" >&5 +echo "configure:674: checking host system type" >&5 if test "x$ac_cv_host" = "x" || (test "x$host" != "xNONE" && test "x$host" != "x$ac_cv_host_alias"); then # Make sure we can run config.sub. @@ -713,7 +711,7 @@ host_os=$ac_cv_host_os echo $ac_n "checking target system type""... $ac_c" 1>&6 -echo "configure:717: checking target system type" >&5 +echo "configure:715: checking target system type" >&5 if test "x$ac_cv_target" = "x" || (test "x$target" != "xNONE" && test "x$target" != "x$ac_cv_target_alias"); then # Make sure we can run config.sub. @@ -753,7 +751,7 @@ target_os=$ac_cv_target_os echo $ac_n "checking build system type""... $ac_c" 1>&6 -echo "configure:757: checking build system type" >&5 +echo "configure:755: checking build system type" >&5 if test "x$ac_cv_build" = "x" || (test "x$build" != "xNONE" && test "x$build" != "x$ac_cv_build_alias"); then # Make sure we can run config.sub. @@ -830,7 +828,7 @@ test "$host_alias" != "$target_alias" && # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # ./install, which can be erroneously created by make from ./install.sh. echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6 -echo "configure:834: checking for a BSD compatible install" >&5 +echo "configure:832: checking for a BSD compatible install" >&5 if test -z "$INSTALL"; then if eval "test \"\${ac_cv_path_install+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -887,7 +885,7 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' echo $ac_n "checking whether build environment is sane""... $ac_c" 1>&6 -echo "configure:891: checking whether build environment is sane" >&5 +echo "configure:889: checking whether build environment is sane" >&5 # Just in case sleep 1 echo timestamp > conftestfile @@ -948,7 +946,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:952: checking for $ac_word" >&5 +echo "configure:950: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_AWK+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -978,7 +976,7 @@ test -n "$AWK" && break done echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6 -echo "configure:982: checking whether ${MAKE-make} sets \${MAKE}" >&5 +echo "configure:980: checking whether ${MAKE-make} sets \${MAKE}" >&5 set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'` if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1018,7 +1016,7 @@ fi missing_dir=`cd $ac_aux_dir && pwd` echo $ac_n "checking for working aclocal""... $ac_c" 1>&6 -echo "configure:1022: checking for working aclocal" >&5 +echo "configure:1020: checking for working aclocal" >&5 # Run test in a subshell; some versions of sh will print an error if # an executable is not found, even if stderr is redirected. # Redirect stdin to placate older versions of autoconf. Sigh. @@ -1031,7 +1029,7 @@ else fi echo $ac_n "checking for working autoconf""... $ac_c" 1>&6 -echo "configure:1035: checking for working autoconf" >&5 +echo "configure:1033: checking for working autoconf" >&5 # Run test in a subshell; some versions of sh will print an error if # an executable is not found, even if stderr is redirected. # Redirect stdin to placate older versions of autoconf. Sigh. @@ -1044,7 +1042,7 @@ else fi echo $ac_n "checking for working automake""... $ac_c" 1>&6 -echo "configure:1048: checking for working automake" >&5 +echo "configure:1046: checking for working automake" >&5 # Run test in a subshell; some versions of sh will print an error if # an executable is not found, even if stderr is redirected. # Redirect stdin to placate older versions of autoconf. Sigh. @@ -1057,7 +1055,7 @@ else fi echo $ac_n "checking for working autoheader""... $ac_c" 1>&6 -echo "configure:1061: checking for working autoheader" >&5 +echo "configure:1059: checking for working autoheader" >&5 # Run test in a subshell; some versions of sh will print an error if # an executable is not found, even if stderr is redirected. # Redirect stdin to placate older versions of autoconf. Sigh. @@ -1070,7 +1068,7 @@ else fi echo $ac_n "checking for working makeinfo""... $ac_c" 1>&6 -echo "configure:1074: checking for working makeinfo" >&5 +echo "configure:1072: checking for working makeinfo" >&5 # Run test in a subshell; some versions of sh will print an error if # an executable is not found, even if stderr is redirected. # Redirect stdin to placate older versions of autoconf. Sigh. @@ -1090,7 +1088,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1094: checking for $ac_word" >&5 +echo "configure:1092: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_AMTAR+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -1141,7 +1139,7 @@ EOF echo $ac_n "checking configure arguments""... $ac_c" 1>&6 -echo "configure:1145: checking configure arguments" >&5 +echo "configure:1143: checking configure arguments" >&5 top_builddir=`pwd` @@ -1684,26 +1682,6 @@ else ol_enable_phonetic="no" fi # end --enable-phonetic -# OpenLDAP --enable-quipu - # Check whether --enable-quipu or --disable-quipu was given. -if test "${enable_quipu+set}" = set; then - enableval="$enable_quipu" - - ol_arg=invalid - for ol_val in auto yes no ; do - if test "$enableval" = "$ol_val" ; then - ol_arg="$ol_val" - fi - done - if test "$ol_arg" = "invalid" ; then - { echo "configure: error: bad value $enableval for --enable-quipu" 1>&2; exit 1; } - fi - ol_enable_quipu="$ol_arg" - -else - ol_enable_quipu="no" -fi -# end --enable-quipu # OpenLDAP --enable-rlookups # Check whether --enable-rlookups or --disable-rlookups was given. if test "${enable_rlookups+set}" = set; then @@ -2143,9 +2121,6 @@ if test $ol_enable_slapd = no ; then if test $ol_enable_phonetic = yes ; then echo "configure: warning: slapd disabled, ignoring --enable-phonetic argument" 1>&2 fi - if test $ol_enable_quipu = yes ; then - echo "configure: warning: slapd disabled, ignoring --enable-quipu argument" 1>&2 - fi if test $ol_enable_rlookups = yes ; then echo "configure: warning: slapd disabled, ignoring --enable-rlookups argument" 1>&2 fi @@ -2187,7 +2162,6 @@ if test $ol_enable_slapd = no ; then ol_enable_modules=no ol_enable_multimaster=no ol_enable_phonetic=no - ol_enable_quipu=no ol_enable_rlookups=no ol_enable_aci=no ol_enable_wrappers=no @@ -2278,14 +2252,12 @@ LDBM_LIBS= LTHREAD_LIBS= LUTIL_LIBS= -QUIPU_LIBS= SLAPD_LIBS= SLURPD_LIBS= BUILD_SLAPD=no BUILD_SLURPD=no -BUILD_QUIPU=no BUILD_THREAD=no BUILD_DNSSRV=no @@ -2339,7 +2311,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2343: checking for $ac_word" >&5 +echo "configure:2315: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2391,7 +2363,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2395: checking for $ac_word" >&5 +echo "configure:2367: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2451,7 +2423,7 @@ fi # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2455: checking for $ac_word" >&5 +echo "configure:2427: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_RANLIB+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2481,7 +2453,7 @@ fi # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2485: checking for $ac_word" >&5 +echo "configure:2457: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2511,7 +2483,7 @@ if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2515: checking for $ac_word" >&5 +echo "configure:2487: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2562,7 +2534,7 @@ fi # Extract the first word of "cl", so it can be a program name with args. set dummy cl; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2566: checking for $ac_word" >&5 +echo "configure:2538: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2594,7 +2566,7 @@ fi fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:2598: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works" >&5 +echo "configure:2570: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works" >&5 ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. @@ -2605,12 +2577,12 @@ cross_compiling=$ac_cv_prog_cc_cross cat > conftest.$ac_ext << EOF -#line 2609 "configure" +#line 2581 "configure" #include "confdefs.h" main(){return(0);} EOF -if { (eval echo configure:2614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2586: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ac_cv_prog_cc_works=yes # If we can't run a trivial program, we are probably using a cross compiler. if (./conftest; exit) 2>/dev/null; then @@ -2636,12 +2608,12 @@ if test $ac_cv_prog_cc_works = no; then { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:2640: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "configure:2612: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler" >&5 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 cross_compiling=$ac_cv_prog_cc_cross echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:2645: checking whether we are using GNU C" >&5 +echo "configure:2617: checking whether we are using GNU C" >&5 if eval "test \"\${ac_cv_prog_gcc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2650,7 +2622,7 @@ else yes; #endif EOF -if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2654: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2626: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ac_cv_prog_gcc=yes else ac_cv_prog_gcc=no @@ -2669,7 +2641,7 @@ ac_test_CFLAGS="${CFLAGS+set}" ac_save_CFLAGS="$CFLAGS" CFLAGS= echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:2673: checking whether ${CC-cc} accepts -g" >&5 +echo "configure:2645: checking whether ${CC-cc} accepts -g" >&5 if eval "test \"\${ac_cv_prog_cc_g+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2712,7 +2684,7 @@ ac_prog=ld if test "$ac_cv_prog_gcc" = yes; then # Check if gcc -print-prog-name=ld gives a path. echo $ac_n "checking for ld used by GCC""... $ac_c" 1>&6 -echo "configure:2716: checking for ld used by GCC" >&5 +echo "configure:2688: checking for ld used by GCC" >&5 ac_prog=`($CC -print-prog-name=ld) 2>&5` case "$ac_prog" in # Accept absolute paths. @@ -2736,10 +2708,10 @@ echo "configure:2716: checking for ld used by GCC" >&5 esac elif test "$with_gnu_ld" = yes; then echo $ac_n "checking for GNU ld""... $ac_c" 1>&6 -echo "configure:2740: checking for GNU ld" >&5 +echo "configure:2712: checking for GNU ld" >&5 else echo $ac_n "checking for non-GNU ld""... $ac_c" 1>&6 -echo "configure:2743: checking for non-GNU ld" >&5 +echo "configure:2715: checking for non-GNU ld" >&5 fi if eval "test \"\${ac_cv_path_LD+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -2774,7 +2746,7 @@ else fi test -z "$LD" && { echo "configure: error: no acceptable ld found in \$PATH" 1>&2; exit 1; } echo $ac_n "checking if the linker ($LD) is GNU ld""... $ac_c" 1>&6 -echo "configure:2778: checking if the linker ($LD) is GNU ld" >&5 +echo "configure:2750: checking if the linker ($LD) is GNU ld" >&5 if eval "test \"\${ac_cv_prog_gnu_ld+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2790,7 +2762,7 @@ echo "$ac_t""$ac_cv_prog_gnu_ld" 1>&6 echo $ac_n "checking for BSD-compatible nm""... $ac_c" 1>&6 -echo "configure:2794: checking for BSD-compatible nm" >&5 +echo "configure:2766: checking for BSD-compatible nm" >&5 if eval "test \"\${ac_cv_path_NM+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2826,7 +2798,7 @@ NM="$ac_cv_path_NM" echo "$ac_t""$NM" 1>&6 echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6 -echo "configure:2830: checking whether ln -s works" >&5 +echo "configure:2802: checking whether ln -s works" >&5 if eval "test \"\${ac_cv_prog_LN_S+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2881,8 +2853,8 @@ test x"$silent" = xyes && libtool_flags="$libtool_flags --silent" case "$lt_target" in *-*-irix6*) # Find out which ABI we are using. - echo '#line 2885 "configure"' > conftest.$ac_ext - if { (eval echo configure:2886: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + echo '#line 2857 "configure"' > conftest.$ac_ext + if { (eval echo configure:2858: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then case "`/usr/bin/file conftest.o`" in *32-bit*) LD="${LD-ld} -32" @@ -2903,19 +2875,19 @@ case "$lt_target" in SAVE_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -belf" echo $ac_n "checking whether the C compiler needs -belf""... $ac_c" 1>&6 -echo "configure:2907: checking whether the C compiler needs -belf" >&5 +echo "configure:2879: checking whether the C compiler needs -belf" >&5 if eval "test \"\${lt_cv_cc_needs_belf+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2891: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* lt_cv_cc_needs_belf=yes else @@ -2938,7 +2910,7 @@ echo "$ac_t""$lt_cv_cc_needs_belf" 1>&6 # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. set dummy ${ac_tool_prefix}dlltool; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2942: checking for $ac_word" >&5 +echo "configure:2914: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_DLLTOOL+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -2970,7 +2942,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "dlltool", so it can be a program name with args. set dummy dlltool; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:2974: checking for $ac_word" >&5 +echo "configure:2946: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_DLLTOOL+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3005,7 +2977,7 @@ fi # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. set dummy ${ac_tool_prefix}as; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3009: checking for $ac_word" >&5 +echo "configure:2981: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_AS+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3037,7 +3009,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "as", so it can be a program name with args. set dummy as; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3041: checking for $ac_word" >&5 +echo "configure:3013: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_AS+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3072,7 +3044,7 @@ fi # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. set dummy ${ac_tool_prefix}objdump; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3076: checking for $ac_word" >&5 +echo "configure:3048: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_OBJDUMP+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3104,7 +3076,7 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "objdump", so it can be a program name with args. set dummy objdump; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3108: checking for $ac_word" >&5 +echo "configure:3080: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_OBJDUMP+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3172,7 +3144,7 @@ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3176: checking for $ac_word" >&5 +echo "configure:3148: checking for $ac_word" >&5 if eval "test \"\${ac_cv_prog_AWK+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3203,7 +3175,7 @@ done # test for ln hardlink support echo $ac_n "checking whether ln works""... $ac_c" 1>&6 -echo "configure:3207: checking whether ln works" >&5 +echo "configure:3179: checking whether ln works" >&5 if eval "test \"\${ol_cv_prog_LN_H+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3226,7 +3198,7 @@ else fi echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6 -echo "configure:3230: checking whether ln -s works" >&5 +echo "configure:3202: checking whether ln -s works" >&5 if eval "test \"\${ac_cv_prog_LN_S+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3254,7 +3226,7 @@ fi # Extract the first word of "sendmail", so it can be a program name with args. set dummy sendmail; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3258: checking for $ac_word" >&5 +echo "configure:3230: checking for $ac_word" >&5 if eval "test \"\${ac_cv_path_SENDMAIL+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3290,7 +3262,7 @@ fi # Extract the first word of "vi", so it can be a program name with args. set dummy vi; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3294: checking for $ac_word" >&5 +echo "configure:3266: checking for $ac_word" >&5 if eval "test \"\${ac_cv_path_EDITOR+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3326,7 +3298,7 @@ fi # Extract the first word of "finger", so it can be a program name with args. set dummy finger; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3330: checking for $ac_word" >&5 +echo "configure:3302: checking for $ac_word" >&5 if eval "test \"\${ac_cv_path_FINGER+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3361,7 +3333,7 @@ fi echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:3365: checking how to run the C preprocessor" >&5 +echo "configure:3337: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= @@ -3376,13 +3348,13 @@ else # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3386: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:3358: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : @@ -3393,13 +3365,13 @@ else rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3403: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:3375: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : @@ -3410,13 +3382,13 @@ else rm -rf conftest* CPP="${CC-cc} -nologo -E" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3420: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:3392: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : @@ -3454,9 +3426,9 @@ elif test $cross_compiling = yes -a $ol_enable_x_compile = no; then fi echo $ac_n "checking for AIX""... $ac_c" 1>&6 -echo "configure:3458: checking for AIX" >&5 +echo "configure:3430: checking for AIX" >&5 cat > conftest.$ac_ext <&6 -echo "configure:3482: checking for POSIXized ISC" >&5 +echo "configure:3454: checking for POSIXized ISC" >&5 if test -d /etc/conf/kconfig.d && grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 then @@ -3500,17 +3472,17 @@ fi ac_safe=`echo "minix/config.h" | sed 'y%./+-%__p_%'` echo $ac_n "checking for minix/config.h""... $ac_c" 1>&6 -echo "configure:3504: checking for minix/config.h" >&5 +echo "configure:3476: checking for minix/config.h" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3514: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:3486: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -3549,12 +3521,12 @@ fi echo $ac_n "checking for Cygwin environment""... $ac_c" 1>&6 -echo "configure:3553: checking for Cygwin environment" >&5 +echo "configure:3525: checking for Cygwin environment" >&5 if eval "test \"\${ac_cv_cygwin+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3541: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_cygwin=yes else @@ -3581,19 +3553,19 @@ echo "$ac_t""$ac_cv_cygwin" 1>&6 CYGWIN= test "$ac_cv_cygwin" = yes && CYGWIN=yes echo $ac_n "checking for mingw32 environment""... $ac_c" 1>&6 -echo "configure:3585: checking for mingw32 environment" >&5 +echo "configure:3557: checking for mingw32 environment" >&5 if eval "test \"\${ac_cv_mingw32+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3569: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_mingw32=yes else @@ -3609,19 +3581,19 @@ echo "$ac_t""$ac_cv_mingw32" 1>&6 MINGW32= test "$ac_cv_mingw32" = yes && MINGW32=yes echo $ac_n "checking for EMX OS/2 environment""... $ac_c" 1>&6 -echo "configure:3613: checking for EMX OS/2 environment" >&5 +echo "configure:3585: checking for EMX OS/2 environment" >&5 if eval "test \"\${ac_cv_emxos2+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3597: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_emxos2=yes else @@ -3640,7 +3612,7 @@ test "$ac_cv_emxos2" = yes && EMXOS2=yes echo $ac_n "checking for executable suffix""... $ac_c" 1>&6 -echo "configure:3644: checking for executable suffix" >&5 +echo "configure:3616: checking for executable suffix" >&5 if eval "test \"\${ac_cv_exeext+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3650,7 +3622,7 @@ else rm -f conftest* echo 'int main () { return 0; }' > conftest.$ac_ext ac_cv_exeext= - if { (eval echo configure:3654: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then + if { (eval echo configure:3626: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then for file in conftest.*; do case $file in *.c | *.C | *.o | *.obj | *.xcoff) ;; @@ -3671,13 +3643,13 @@ echo "$ac_t""${ac_cv_exeext}" 1>&6 ac_exeext=$EXEEXT echo $ac_n "checking for object suffix""... $ac_c" 1>&6 -echo "configure:3675: checking for object suffix" >&5 +echo "configure:3647: checking for object suffix" >&5 if eval "test \"\${ac_cv_objext+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else rm -f conftest* echo 'int i = 1;' > conftest.$ac_ext -if { (eval echo configure:3681: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3653: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then for ac_file in conftest.*; do case $ac_file in *.c) ;; @@ -3701,7 +3673,7 @@ EOF echo $ac_n "checking for be_app in -lbe""... $ac_c" 1>&6 -echo "configure:3705: checking for be_app in -lbe" >&5 +echo "configure:3677: checking for be_app in -lbe" >&5 ac_lib_var=`echo be'_'be_app | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -3709,7 +3681,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lbe -lroot -lnet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:3696: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3746,7 +3718,7 @@ fi echo $ac_n "checking for ${CC-cc} option to accept ANSI C""... $ac_c" 1>&6 -echo "configure:3750: checking for ${CC-cc} option to accept ANSI C" >&5 +echo "configure:3722: checking for ${CC-cc} option to accept ANSI C" >&5 if eval "test \"\${am_cv_prog_cc_stdc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3763,7 +3735,7 @@ for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIO do CC="$ac_save_CC $ac_arg" cat > conftest.$ac_ext < #include @@ -3800,7 +3772,7 @@ return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } EOF -if { (eval echo configure:3804: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:3776: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* am_cv_prog_cc_stdc="$ac_arg"; break else @@ -3834,7 +3806,7 @@ if test -z "${MKDEP}"; then OL_MKDEP="${CC-cc}" if test -z "${MKDEP_FLAGS}"; then echo $ac_n "checking for ${OL_MKDEP} depend flag""... $ac_c" 1>&6 -echo "configure:3838: checking for ${OL_MKDEP} depend flag" >&5 +echo "configure:3810: checking for ${OL_MKDEP} depend flag" >&5 if eval "test \"\${ol_cv_mkdep+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -3844,7 +3816,7 @@ else cat > conftest.c <&5; (eval $ac_try) 2>&5; }; } \ + if { ac_try='$OL_MKDEP $flag conftest.c'; { (eval echo configure:3820: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } \ | egrep '^conftest\.'"${ac_objext}" >/dev/null 2>&1 then if test ! -f conftest."${ac_object}" ; then @@ -3877,7 +3849,7 @@ if test "${ol_cv_mkdep}" = no ; then fi echo $ac_n "checking for afopen in -ls""... $ac_c" 1>&6 -echo "configure:3881: checking for afopen in -ls" >&5 +echo "configure:3853: checking for afopen in -ls" >&5 ac_lib_var=`echo s'_'afopen | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -3885,7 +3857,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ls $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:3872: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -3927,12 +3899,12 @@ fi for ac_func in getaddrinfo do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:3931: checking for $ac_func" >&5 +echo "configure:3903: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:3932: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -3993,17 +3965,17 @@ if test $ol_enable_unix != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:3997: checking for $ac_hdr" >&5 +echo "configure:3969: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4007: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:3979: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -4043,17 +4015,17 @@ if test $ol_enable_modules != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4047: checking for $ac_hdr" >&5 +echo "configure:4019: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4057: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4029: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -4085,7 +4057,7 @@ done fi echo $ac_n "checking for lt_dlinit in -lltdl""... $ac_c" 1>&6 -echo "configure:4089: checking for lt_dlinit in -lltdl" >&5 +echo "configure:4061: checking for lt_dlinit in -lltdl" >&5 ac_lib_var=`echo ltdl'_'lt_dlinit | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4093,7 +4065,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lltdl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4080: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4145,13 +4117,13 @@ fi # test for EBCDIC echo $ac_n "checking for EBCDIC""... $ac_c" 1>&6 -echo "configure:4149: checking for EBCDIC" >&5 +echo "configure:4121: checking for EBCDIC" >&5 if eval "test \"\${ol_cv_cpp_ebcdic+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4136: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -4184,12 +4156,12 @@ EOF fi echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:4188: checking for ANSI C header files" >&5 +echo "configure:4160: checking for ANSI C header files" >&5 if eval "test \"\${ol_cv_header_stdc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -4197,7 +4169,7 @@ else #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4201: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4173: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -4214,7 +4186,7 @@ rm -f conftest* if test $ol_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4232,7 +4204,7 @@ fi if test $ol_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -4253,7 +4225,7 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #ifndef HAVE_EBCDIC @@ -4271,7 +4243,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF -if { (eval echo configure:4275: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:4247: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then : else @@ -4305,12 +4277,12 @@ for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 -echo "configure:4309: checking for $ac_hdr that defines DIR" >&5 +echo "configure:4281: checking for $ac_hdr that defines DIR" >&5 if eval "test \"\${ac_cv_header_dirent_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include <$ac_hdr> @@ -4318,7 +4290,7 @@ int main() { DIR *dirp = 0; ; return 0; } EOF -if { (eval echo configure:4322: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4294: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* eval "ac_cv_header_dirent_$ac_safe=yes" else @@ -4343,7 +4315,7 @@ done # Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. if test $ac_header_dirent = dirent.h; then echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 -echo "configure:4347: checking for opendir in -ldir" >&5 +echo "configure:4319: checking for opendir in -ldir" >&5 ac_lib_var=`echo dir'_'opendir | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4351,7 +4323,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldir $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4338: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4384,7 +4356,7 @@ fi else echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 -echo "configure:4388: checking for opendir in -lx" >&5 +echo "configure:4360: checking for opendir in -lx" >&5 ac_lib_var=`echo x'_'opendir | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4392,7 +4364,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lx $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4379: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4426,12 +4398,12 @@ fi fi echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6 -echo "configure:4430: checking for sys/wait.h that is POSIX.1 compatible" >&5 +echo "configure:4402: checking for sys/wait.h that is POSIX.1 compatible" >&5 if eval "test \"\${ac_cv_header_sys_wait_h+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -4447,7 +4419,7 @@ wait (&s); s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; ; return 0; } EOF -if { (eval echo configure:4451: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:4423: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_header_sys_wait_h=yes else @@ -4468,12 +4440,12 @@ EOF fi echo $ac_n "checking POSIX termios""... $ac_c" 1>&6 -echo "configure:4472: checking POSIX termios" >&5 +echo "configure:4444: checking POSIX termios" >&5 if eval "test \"\${am_cv_sys_posix_termios+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -4483,7 +4455,7 @@ int main() { tcgetattr(0, 0); ; return 0; } EOF -if { (eval echo configure:4487: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4459: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* am_cv_sys_posix_termios=yes else @@ -4499,7 +4471,7 @@ echo "$ac_t""$am_cv_sys_posix_termios" 1>&6 echo $ac_n "checking whether use of TIOCGWINSZ requires sys/ioctl.h""... $ac_c" 1>&6 -echo "configure:4503: checking whether use of TIOCGWINSZ requires sys/ioctl.h" >&5 +echo "configure:4475: checking whether use of TIOCGWINSZ requires sys/ioctl.h" >&5 if eval "test \"\${am_cv_sys_tiocgwinsz_needs_sys_ioctl_h+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -4508,7 +4480,7 @@ else gwinsz_in_termios_h=no if test $am_cv_sys_posix_termios = yes; then cat > conftest.$ac_ext < # include @@ -4528,7 +4500,7 @@ rm -f conftest* if test $gwinsz_in_termios_h = no; then cat > conftest.$ac_ext < # include @@ -4611,17 +4583,17 @@ for ac_hdr in \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:4615: checking for $ac_hdr" >&5 +echo "configure:4587: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4625: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:4597: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -4651,7 +4623,7 @@ done echo $ac_n "checking for sigset in -lV3""... $ac_c" 1>&6 -echo "configure:4655: checking for sigset in -lV3" >&5 +echo "configure:4627: checking for sigset in -lV3" >&5 ac_lib_var=`echo V3'_'sigset | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4659,7 +4631,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lV3 $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4646: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4700,12 +4672,12 @@ fi if test $ac_cv_header_winsock_h = yes; then echo $ac_n "checking for winsock""... $ac_c" 1>&6 -echo "configure:4704: checking for winsock" >&5 +echo "configure:4676: checking for winsock" >&5 if eval "test \"\${ol_cv_winsock+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { @@ -4717,7 +4689,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:4721: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4693: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_winsock=yes else @@ -4745,12 +4717,12 @@ fi echo $ac_n "checking for socket""... $ac_c" 1>&6 -echo "configure:4749: checking for socket" >&5 +echo "configure:4721: checking for socket" >&5 if eval "test \"\${ac_cv_func_socket+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4750: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_socket=yes" else @@ -4793,7 +4765,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for main in -lsocket""... $ac_c" 1>&6 -echo "configure:4797: checking for main in -lsocket" >&5 +echo "configure:4769: checking for main in -lsocket" >&5 ac_lib_var=`echo socket'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4801,14 +4773,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4784: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4836,7 +4808,7 @@ else fi echo $ac_n "checking for main in -lnet""... $ac_c" 1>&6 -echo "configure:4840: checking for main in -lnet" >&5 +echo "configure:4812: checking for main in -lnet" >&5 ac_lib_var=`echo net'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4844,14 +4816,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lnet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4827: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4879,7 +4851,7 @@ else fi echo $ac_n "checking for main in -lnsl_s""... $ac_c" 1>&6 -echo "configure:4883: checking for main in -lnsl_s" >&5 +echo "configure:4855: checking for main in -lnsl_s" >&5 ac_lib_var=`echo nsl_s'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4887,14 +4859,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl_s $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4870: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4922,7 +4894,7 @@ else fi echo $ac_n "checking for main in -lnsl""... $ac_c" 1>&6 -echo "configure:4926: checking for main in -lnsl" >&5 +echo "configure:4898: checking for main in -lnsl" >&5 ac_lib_var=`echo nsl'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4930,14 +4902,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4913: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -4965,7 +4937,7 @@ else fi echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6 -echo "configure:4969: checking for socket in -linet" >&5 +echo "configure:4941: checking for socket in -linet" >&5 ac_lib_var=`echo inet'_'socket | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -4973,7 +4945,7 @@ else ac_save_LIBS="$LIBS" LIBS="-linet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:4960: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5012,7 +4984,7 @@ else fi echo $ac_n "checking for main in -lgen""... $ac_c" 1>&6 -echo "configure:5016: checking for main in -lgen" >&5 +echo "configure:4988: checking for main in -lgen" >&5 ac_lib_var=`echo gen'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5020,14 +4992,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lgen $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5003: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5059,12 +5031,12 @@ fi echo $ac_n "checking for select""... $ac_c" 1>&6 -echo "configure:5063: checking for select" >&5 +echo "configure:5035: checking for select" >&5 if eval "test \"\${ac_cv_func_select+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5064: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_select=yes" else @@ -5111,7 +5083,7 @@ fi if test "${ac_cv_header_winsock_h}" != yes; then echo $ac_n "checking types of arguments for select()""... $ac_c" 1>&6 -echo "configure:5115: checking types of arguments for select()" >&5 +echo "configure:5087: checking types of arguments for select()" >&5 if eval "test \"\${ac_cv_func_select_arg234+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5125,7 +5097,7 @@ else for ac_cv_func_select_arg1 in 'int' 'size_t' 'unsigned long' 'unsigned'; do for ac_cv_func_select_arg5 in 'struct timeval *' 'const struct timeval *'; do cat > conftest.$ac_ext < @@ -5144,7 +5116,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:5148: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:5120: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_not_found=no ; break 3 else @@ -5189,17 +5161,17 @@ for ac_hdr in regex.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:5193: checking for $ac_hdr" >&5 +echo "configure:5165: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:5203: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:5175: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -5229,12 +5201,12 @@ if test "$ac_cv_header_regex_h" != yes ; then { echo "configure: error: POSIX regex.h required." 1>&2; exit 1; } fi echo $ac_n "checking for regfree""... $ac_c" 1>&6 -echo "configure:5233: checking for regfree" >&5 +echo "configure:5205: checking for regfree" >&5 if eval "test \"\${ac_cv_func_regfree+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5234: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_regfree=yes" else @@ -5281,7 +5253,7 @@ fi echo $ac_n "checking for compatible POSIX regex""... $ac_c" 1>&6 -echo "configure:5285: checking for compatible POSIX regex" >&5 +echo "configure:5257: checking for compatible POSIX regex" >&5 if eval "test \"\${ol_cv_c_posix_regex+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5290,7 +5262,7 @@ else ol_cv_c_posix_regex=cross else cat > conftest.$ac_ext < @@ -5316,7 +5288,7 @@ main() return rc; } EOF -if { (eval echo configure:5320: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:5292: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_c_posix_regex=yes else @@ -5338,12 +5310,12 @@ fi ol_link_dnssrv=no echo $ac_n "checking for res_query""... $ac_c" 1>&6 -echo "configure:5342: checking for res_query" >&5 +echo "configure:5314: checking for res_query" >&5 if eval "test \"\${ac_cv_func_res_query+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5343: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_res_query=yes" else @@ -5388,7 +5360,7 @@ fi if test $ac_cv_func_res_query = no ; then echo $ac_n "checking for res_query in -lbind""... $ac_c" 1>&6 -echo "configure:5392: checking for res_query in -lbind" >&5 +echo "configure:5364: checking for res_query in -lbind" >&5 ac_lib_var=`echo bind'_'res_query | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5396,7 +5368,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lbind $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5383: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5439,7 +5411,7 @@ fi if test $ac_cv_func_res_query = no ; then echo $ac_n "checking for __res_query in -lbind""... $ac_c" 1>&6 -echo "configure:5443: checking for __res_query in -lbind" >&5 +echo "configure:5415: checking for __res_query in -lbind" >&5 ac_lib_var=`echo bind'_'__res_query | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5447,7 +5419,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lbind $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5434: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5490,7 +5462,7 @@ fi if test $ac_cv_func_res_query = no ; then echo $ac_n "checking for res_query in -lresolv""... $ac_c" 1>&6 -echo "configure:5494: checking for res_query in -lresolv" >&5 +echo "configure:5466: checking for res_query in -lresolv" >&5 ac_lib_var=`echo resolv'_'res_query | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5498,7 +5470,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lresolv $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5485: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5554,57 +5526,6 @@ if test "$ol_enable_dnssrv" = yes -a "$ol_link_dnssrv" = no ; then { echo "configure: error: DNSSRV requires res_query()" 1>&2; exit 1; } fi -if test $ol_enable_quipu != no ; then - for ac_hdr in quipu/commonarg.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:5563: checking for $ac_hdr" >&5 -if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:5573: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -fi -done - - - if test $ac_cv_header_quipu_commonarg_h = yes ; then - BUILD_QUIPU=yes - elif test $ol_enable_quipu = auto ; then - echo "configure: warning: no quipu for --enable-quipu=auto, disabling" 1>&2 - else - { echo "configure: error: no quipu for --enable-quipu=$ol_enable_quipu" 1>&2; exit 1; } - fi -fi - ol_link_kbind=no ol_link_kpasswd=no ol_link_krb5=no @@ -5617,17 +5538,17 @@ if test $ol_with_kerberos = auto -o $ol_with_kerberos = k5 \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:5621: checking for $ac_hdr" >&5 +echo "configure:5542: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:5631: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:5552: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -5659,17 +5580,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:5663: checking for $ac_hdr" >&5 +echo "configure:5584: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:5673: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:5594: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -5703,7 +5624,7 @@ done if test $krb5_impl = mit; then echo $ac_n "checking for main in -lkrb5""... $ac_c" 1>&6 -echo "configure:5707: checking for main in -lkrb5" >&5 +echo "configure:5628: checking for main in -lkrb5" >&5 ac_lib_var=`echo krb5'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5711,14 +5632,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lkrb5 -lcrypto -lcom_err $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5643: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5743,7 +5664,7 @@ fi elif test $krb5_impl = heimdal; then echo $ac_n "checking for main in -lkrb5""... $ac_c" 1>&6 -echo "configure:5747: checking for main in -lkrb5" >&5 +echo "configure:5668: checking for main in -lkrb5" >&5 ac_lib_var=`echo krb5'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5751,14 +5672,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lkrb5 -ldes -lasn1 -lroken -lcom_err $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5683: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5820,17 +5741,17 @@ if test $ol_link_krb5 = yes -a \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:5824: checking for $ac_hdr" >&5 +echo "configure:5745: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:5834: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:5755: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -5860,7 +5781,7 @@ done if test $ac_cv_header_kerberosIV_krb_h = yes ; then if test $krb5_impl = mit; then echo $ac_n "checking for main in -lkrb4""... $ac_c" 1>&6 -echo "configure:5864: checking for main in -lkrb4" >&5 +echo "configure:5785: checking for main in -lkrb4" >&5 ac_lib_var=`echo krb4'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5868,14 +5789,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lkrb4 -ldes425 -lkrb5 -lcrypto -lcom_err $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5800: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5900,7 +5821,7 @@ fi elif test $krb5_impl = heimdal; then echo $ac_n "checking for main in -lkrb4""... $ac_c" 1>&6 -echo "configure:5904: checking for main in -lkrb4" >&5 +echo "configure:5825: checking for main in -lkrb4" >&5 ac_lib_var=`echo krb4'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -5908,14 +5829,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lkrb4 -lkrb5 -ldes -lasn1 -lroken -lcom_err $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5840: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -5957,7 +5878,7 @@ EOF echo $ac_n "checking for des_debug in Kerberos libraries""... $ac_c" 1>&6 -echo "configure:5961: checking for des_debug in Kerberos libraries" >&5 +echo "configure:5882: checking for des_debug in Kerberos libraries" >&5 if eval "test \"\${ol_cv_var_des_debug+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -5965,7 +5886,7 @@ else save_LIBS="$LIBS" LIBS="$KRB4_LIBS $KRB5_LIBS $LIBS" cat > conftest.$ac_ext < @@ -5978,7 +5899,7 @@ des_debug = 1; ; return 0; } EOF -if { (eval echo configure:5982: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5903: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_var_des_debug=yes else @@ -6017,17 +5938,17 @@ if test $ol_with_kerberos = auto -o $ol_with_kerberos = k4 \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6021: checking for $ac_hdr" >&5 +echo "configure:5942: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6031: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:5952: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -6056,7 +5977,7 @@ done if test $ac_cv_header_krb_h = yes ; then echo $ac_n "checking for main in -lkrb""... $ac_c" 1>&6 -echo "configure:6060: checking for main in -lkrb" >&5 +echo "configure:5981: checking for main in -lkrb" >&5 ac_lib_var=`echo krb'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -6064,14 +5985,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lkrb -ldes $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:5996: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6135,17 +6056,17 @@ if test $ol_with_tls != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6139: checking for $ac_hdr" >&5 +echo "configure:6060: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6149: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:6070: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -6174,7 +6095,7 @@ done if test $ac_cv_header_openssl_ssl_h = yes -o $ac_cv_header_ssl_h = yes ; then echo $ac_n "checking for SSLeay_add_ssl_algorithms in -lssl""... $ac_c" 1>&6 -echo "configure:6178: checking for SSLeay_add_ssl_algorithms in -lssl" >&5 +echo "configure:6099: checking for SSLeay_add_ssl_algorithms in -lssl" >&5 ac_lib_var=`echo ssl'_'SSLeay_add_ssl_algorithms | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -6182,7 +6103,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lssl -lcrypto $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6118: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6218,7 +6139,7 @@ fi if test $have_ssleay = no ; then echo $ac_n "checking for SSL_library_init in -lssl""... $ac_c" 1>&6 -echo "configure:6222: checking for SSL_library_init in -lssl" >&5 +echo "configure:6143: checking for SSL_library_init in -lssl" >&5 ac_lib_var=`echo ssl'_'SSL_library_init | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -6226,7 +6147,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lssl -lcrypto $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6162: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6263,7 +6184,7 @@ fi if test $have_ssleay = no ; then echo $ac_n "checking for ssl3_accept in -lssl""... $ac_c" 1>&6 -echo "configure:6267: checking for ssl3_accept in -lssl" >&5 +echo "configure:6188: checking for ssl3_accept in -lssl" >&5 ac_lib_var=`echo ssl'_'ssl3_accept | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -6271,7 +6192,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lssl -lcrypto -lRSAglue -lrsaref $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6207: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -6342,12 +6263,12 @@ for ac_func in \ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6346: checking for $ac_func" >&5 +echo "configure:6267: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6296: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -6400,19 +6321,19 @@ if test "$ac_cv_func_ctime_r" = no ; then ol_cv_func_ctime_r_nargs=0 else echo $ac_n "checking number of arguments of ctime_r""... $ac_c" 1>&6 -echo "configure:6404: checking number of arguments of ctime_r" >&5 +echo "configure:6325: checking number of arguments of ctime_r" >&5 if eval "test \"\${ol_cv_func_ctime_r_nargs+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { time_t ti; char *buffer; ctime_r(&ti,buffer,32); ; return 0; } EOF -if { (eval echo configure:6416: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6337: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_ctime_r_nargs3=yes else @@ -6424,14 +6345,14 @@ fi rm -f conftest* cat > conftest.$ac_ext < int main() { time_t ti; char *buffer; ctime_r(&ti,buffer); ; return 0; } EOF -if { (eval echo configure:6435: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6356: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_ctime_r_nargs2=yes else @@ -6471,12 +6392,12 @@ fi if test "$ac_cv_func_gethostbyname_r" = yes ; then echo $ac_n "checking number of arguments of gethostbyname_r""... $ac_c" 1>&6 -echo "configure:6475: checking number of arguments of gethostbyname_r" >&5 +echo "configure:6396: checking number of arguments of gethostbyname_r" >&5 if eval "test \"\${ol_cv_func_gethostbyname_r_nargs+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -6490,7 +6411,7 @@ struct hostent hent; char buffer[BUFSIZE]; buffer, bufsize, &h_errno); ; return 0; } EOF -if { (eval echo configure:6494: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6415: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_gethostbyname_r_nargs5=yes else @@ -6502,7 +6423,7 @@ fi rm -f conftest* cat > conftest.$ac_ext < #include @@ -6517,7 +6438,7 @@ struct hostent hent;struct hostent *rhent; &rhent, &h_errno); ; return 0; } EOF -if { (eval echo configure:6521: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6442: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_gethostbyname_r_nargs6=yes else @@ -6558,12 +6479,12 @@ fi if test "$ac_cv_func_gethostbyaddr_r" = yes ; then echo $ac_n "checking number of arguments of gethostbyaddr_r""... $ac_c" 1>&6 -echo "configure:6562: checking number of arguments of gethostbyaddr_r" >&5 +echo "configure:6483: checking number of arguments of gethostbyaddr_r" >&5 if eval "test \"\${ol_cv_func_gethostbyaddr_r_nargs+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -6579,7 +6500,7 @@ struct hostent hent; char buffer[BUFSIZE]; alen, AF_INET, &hent, buffer, bufsize, &h_errno); ; return 0; } EOF -if { (eval echo configure:6583: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6504: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_gethostbyaddr_r_nargs7=yes else @@ -6591,7 +6512,7 @@ fi rm -f conftest* cat > conftest.$ac_ext < #include @@ -6609,7 +6530,7 @@ struct hostent hent; &rhent, &h_errno); ; return 0; } EOF -if { (eval echo configure:6613: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:6534: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_func_gethostbyaddr_r_nargs8=yes else @@ -6672,18 +6593,18 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \ echo $ac_n "checking for NT Threads""... $ac_c" 1>&6 -echo "configure:6676: checking for NT Threads" >&5 +echo "configure:6597: checking for NT Threads" >&5 if eval "test \"\${ol_cv_nt_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else echo $ac_n "checking for _beginthread""... $ac_c" 1>&6 -echo "configure:6682: checking for _beginthread" >&5 +echo "configure:6603: checking for _beginthread" >&5 if eval "test \"\${ac_cv_func__beginthread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6632: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__beginthread=yes" else @@ -6767,17 +6688,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6771: checking for $ac_hdr" >&5 +echo "configure:6692: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6781: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:6702: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -6806,13 +6727,13 @@ done if test $ac_cv_header_pthread_h = yes ; then echo $ac_n "checking POSIX thread version""... $ac_c" 1>&6 -echo "configure:6810: checking POSIX thread version" >&5 +echo "configure:6731: checking POSIX thread version" >&5 if eval "test \"\${ol_cv_pthread_version+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -6834,7 +6755,7 @@ rm -f conftest* cat > conftest.$ac_ext < @@ -6887,12 +6808,12 @@ EOF echo $ac_n "checking for LinuxThreads pthread.h""... $ac_c" 1>&6 -echo "configure:6891: checking for LinuxThreads pthread.h" >&5 +echo "configure:6812: checking for LinuxThreads pthread.h" >&5 if eval "test \"\${ol_cv_header_linux_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -6919,12 +6840,12 @@ EOF echo $ac_n "checking for GNU Pth pthread.h""... $ac_c" 1>&6 -echo "configure:6923: checking for GNU Pth pthread.h" >&5 +echo "configure:6844: checking for GNU Pth pthread.h" >&5 if eval "test \"\${ol_cv_header_gnu_pth_pthread_h+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #ifdef _POSIX_THREAD_IS_GNU_PTH @@ -6953,17 +6874,17 @@ echo "$ac_t""$ol_cv_header_gnu_pth_pthread_h" 1>&6 do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6957: checking for $ac_hdr" >&5 +echo "configure:6878: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6967: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:6888: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -6993,14 +6914,14 @@ done echo $ac_n "checking for pthread_create in default libraries""... $ac_c" 1>&6 -echo "configure:6997: checking for pthread_create in default libraries" >&5 +echo "configure:6918: checking for pthread_create in default libraries" >&5 if eval "test \"\${ol_cv_pthread_create+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7056,7 +6977,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7060: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:6981: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_create=yes else @@ -7068,7 +6989,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7129,7 +7050,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7133: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7054: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_create=yes else @@ -7154,7 +7075,7 @@ echo "$ac_t""$ol_cv_pthread_create" 1>&6 if test "$ol_link_threads" = no ; then # try -kthread echo $ac_n "checking for pthread link with -kthread""... $ac_c" 1>&6 -echo "configure:7158: checking for pthread link with -kthread" >&5 +echo "configure:7079: checking for pthread link with -kthread" >&5 if eval "test \"\${ol_cv_pthread_kthread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7165,7 +7086,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7221,7 +7142,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7225: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7146: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_kthread=yes else @@ -7233,7 +7154,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7294,7 +7215,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7298: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7219: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_kthread=yes else @@ -7324,7 +7245,7 @@ fi if test "$ol_link_threads" = no ; then # try -pthread echo $ac_n "checking for pthread link with -pthread""... $ac_c" 1>&6 -echo "configure:7328: checking for pthread link with -pthread" >&5 +echo "configure:7249: checking for pthread link with -pthread" >&5 if eval "test \"\${ol_cv_pthread_pthread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7335,7 +7256,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7391,7 +7312,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7395: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7316: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_pthread=yes else @@ -7403,7 +7324,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7464,7 +7385,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7468: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7389: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_pthread=yes else @@ -7494,7 +7415,7 @@ fi if test "$ol_link_threads" = no ; then # try -pthreads echo $ac_n "checking for pthread link with -pthreads""... $ac_c" 1>&6 -echo "configure:7498: checking for pthread link with -pthreads" >&5 +echo "configure:7419: checking for pthread link with -pthreads" >&5 if eval "test \"\${ol_cv_pthread_pthreads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7505,7 +7426,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7561,7 +7482,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7565: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7486: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_pthreads=yes else @@ -7573,7 +7494,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7634,7 +7555,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7638: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7559: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_pthreads=yes else @@ -7664,7 +7585,7 @@ fi if test "$ol_link_threads" = no ; then # try -mthreads echo $ac_n "checking for pthread link with -mthreads""... $ac_c" 1>&6 -echo "configure:7668: checking for pthread link with -mthreads" >&5 +echo "configure:7589: checking for pthread link with -mthreads" >&5 if eval "test \"\${ol_cv_pthread_mthreads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7675,7 +7596,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7731,7 +7652,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7735: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7656: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_mthreads=yes else @@ -7743,7 +7664,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7804,7 +7725,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7729: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_mthreads=yes else @@ -7834,7 +7755,7 @@ fi if test "$ol_link_threads" = no ; then # try -thread echo $ac_n "checking for pthread link with -thread""... $ac_c" 1>&6 -echo "configure:7838: checking for pthread link with -thread" >&5 +echo "configure:7759: checking for pthread link with -thread" >&5 if eval "test \"\${ol_cv_pthread_thread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -7845,7 +7766,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -7901,7 +7822,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:7905: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_thread=yes else @@ -7913,7 +7834,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -7974,7 +7895,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:7978: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:7899: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_thread=yes else @@ -8005,7 +7926,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthread -lmach -lexc -lc_r echo $ac_n "checking for pthread link with -lpthread -lmach -lexc -lc_r""... $ac_c" 1>&6 -echo "configure:8009: checking for pthread link with -lpthread -lmach -lexc -lc_r" >&5 +echo "configure:7930: checking for pthread link with -lpthread -lmach -lexc -lc_r" >&5 if eval "test \"\${ol_cv_pthread_lpthread_lmach_lexc_lc_r+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8016,7 +7937,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8072,7 +7993,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8076: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:7997: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthread_lmach_lexc_lc_r=yes else @@ -8084,7 +8005,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8145,7 +8066,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:8149: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8070: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthread_lmach_lexc_lc_r=yes else @@ -8175,7 +8096,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthread -lmach -lexc echo $ac_n "checking for pthread link with -lpthread -lmach -lexc""... $ac_c" 1>&6 -echo "configure:8179: checking for pthread link with -lpthread -lmach -lexc" >&5 +echo "configure:8100: checking for pthread link with -lpthread -lmach -lexc" >&5 if eval "test \"\${ol_cv_pthread_lpthread_lmach_lexc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8186,7 +8107,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8242,7 +8163,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8246: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:8167: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthread_lmach_lexc=yes else @@ -8254,7 +8175,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8315,7 +8236,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:8319: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8240: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthread_lmach_lexc=yes else @@ -8346,7 +8267,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthread -Wl,-woff,85 echo $ac_n "checking for pthread link with -lpthread -Wl,-woff,85""... $ac_c" 1>&6 -echo "configure:8350: checking for pthread link with -lpthread -Wl,-woff,85" >&5 +echo "configure:8271: checking for pthread link with -lpthread -Wl,-woff,85" >&5 if eval "test \"\${ol_cv_pthread_lib_lpthread_woff+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8357,7 +8278,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8413,7 +8334,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8417: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:8338: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lib_lpthread_woff=yes else @@ -8425,7 +8346,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8486,7 +8407,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:8490: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8411: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lib_lpthread_woff=yes else @@ -8517,7 +8438,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthread echo $ac_n "checking for pthread link with -lpthread""... $ac_c" 1>&6 -echo "configure:8521: checking for pthread link with -lpthread" >&5 +echo "configure:8442: checking for pthread link with -lpthread" >&5 if eval "test \"\${ol_cv_pthread_lpthread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8528,7 +8449,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8584,7 +8505,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8588: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:8509: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthread=yes else @@ -8596,7 +8517,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8657,7 +8578,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:8661: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthread=yes else @@ -8687,7 +8608,7 @@ fi if test "$ol_link_threads" = no ; then # try -lc_r echo $ac_n "checking for pthread link with -lc_r""... $ac_c" 1>&6 -echo "configure:8691: checking for pthread link with -lc_r" >&5 +echo "configure:8612: checking for pthread link with -lc_r" >&5 if eval "test \"\${ol_cv_pthread_lc_r+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8698,7 +8619,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8754,7 +8675,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8758: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:8679: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lc_r=yes else @@ -8766,7 +8687,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8827,7 +8748,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:8831: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8752: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lc_r=yes else @@ -8858,7 +8779,7 @@ fi if test "$ol_link_threads" = no ; then # try -threads echo $ac_n "checking for pthread link with -threads""... $ac_c" 1>&6 -echo "configure:8862: checking for pthread link with -threads" >&5 +echo "configure:8783: checking for pthread link with -threads" >&5 if eval "test \"\${ol_cv_pthread_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -8869,7 +8790,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -8925,7 +8846,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:8929: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:8850: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_threads=yes else @@ -8937,7 +8858,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -8998,7 +8919,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:9002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:8923: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_threads=yes else @@ -9029,7 +8950,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthreads -lmach -lexc -lc_r echo $ac_n "checking for pthread link with -lpthreads -lmach -lexc -lc_r""... $ac_c" 1>&6 -echo "configure:9033: checking for pthread link with -lpthreads -lmach -lexc -lc_r" >&5 +echo "configure:8954: checking for pthread link with -lpthreads -lmach -lexc -lc_r" >&5 if eval "test \"\${ol_cv_pthread_lpthreads_lmach_lexc_lc_r+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -9040,7 +8961,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -9096,7 +9017,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:9100: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9021: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthreads_lmach_lexc_lc_r=yes else @@ -9108,7 +9029,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -9169,7 +9090,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:9173: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:9094: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthreads_lmach_lexc_lc_r=yes else @@ -9199,7 +9120,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthreads -lmach -lexc echo $ac_n "checking for pthread link with -lpthreads -lmach -lexc""... $ac_c" 1>&6 -echo "configure:9203: checking for pthread link with -lpthreads -lmach -lexc" >&5 +echo "configure:9124: checking for pthread link with -lpthreads -lmach -lexc" >&5 if eval "test \"\${ol_cv_pthread_lpthreads_lmach_lexc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -9210,7 +9131,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -9266,7 +9187,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:9270: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9191: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthreads_lmach_lexc=yes else @@ -9278,7 +9199,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -9339,7 +9260,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:9343: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:9264: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthreads_lmach_lexc=yes else @@ -9369,7 +9290,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthreads -lexc echo $ac_n "checking for pthread link with -lpthreads -lexc""... $ac_c" 1>&6 -echo "configure:9373: checking for pthread link with -lpthreads -lexc" >&5 +echo "configure:9294: checking for pthread link with -lpthreads -lexc" >&5 if eval "test \"\${ol_cv_pthread_lpthreads_lexc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -9380,7 +9301,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -9436,7 +9357,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:9440: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9361: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lpthreads_lexc=yes else @@ -9448,7 +9369,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -9509,7 +9430,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:9513: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:9434: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lpthreads_lexc=yes else @@ -9540,7 +9461,7 @@ fi if test "$ol_link_threads" = no ; then # try -lpthreads echo $ac_n "checking for pthread link with -lpthreads""... $ac_c" 1>&6 -echo "configure:9544: checking for pthread link with -lpthreads" >&5 +echo "configure:9465: checking for pthread link with -lpthreads" >&5 if eval "test \"\${ol_cv_pthread_lib_lpthreads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -9551,7 +9472,7 @@ else if test "$cross_compiling" = yes; then cat > conftest.$ac_ext < @@ -9607,7 +9528,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:9611: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9532: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_pthread_lib_lpthreads=yes else @@ -9619,7 +9540,7 @@ fi rm -f conftest* else cat > conftest.$ac_ext < @@ -9680,7 +9601,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:9684: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:9605: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_lib_lpthreads=yes else @@ -9722,12 +9643,12 @@ EOF for ac_func in sched_yield pthread_yield do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:9726: checking for $ac_func" >&5 +echo "configure:9647: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9676: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -9779,7 +9700,7 @@ done if test $ac_cv_func_sched_yield = no -a \ $ac_cv_func_pthread_yield = no ; then echo $ac_n "checking for sched_yield in -lrt""... $ac_c" 1>&6 -echo "configure:9783: checking for sched_yield in -lrt" >&5 +echo "configure:9704: checking for sched_yield in -lrt" >&5 ac_lib_var=`echo rt'_'sched_yield | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -9787,7 +9708,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lrt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9723: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -9830,12 +9751,12 @@ fi for ac_func in thr_yield do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:9834: checking for $ac_func" >&5 +echo "configure:9755: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9784: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -9893,12 +9814,12 @@ done for ac_func in pthread_kill pthread_rwlock_destroy do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:9897: checking for $ac_func" >&5 +echo "configure:9818: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9847: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -9948,13 +9869,13 @@ done echo $ac_n "checking for pthread_detach with ""... $ac_c" 1>&6 -echo "configure:9952: checking for pthread_detach with " >&5 +echo "configure:9873: checking for pthread_detach with " >&5 if eval "test \"\${ol_cv_func_pthread_detach+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -9966,7 +9887,7 @@ int main() { pthread_detach(NULL); ; return 0; } EOF -if { (eval echo configure:9970: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9891: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_func_pthread_detach=yes else @@ -9998,12 +9919,12 @@ EOF do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:10002: checking for $ac_func" >&5 +echo "configure:9923: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:9952: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -10056,12 +9977,12 @@ done for ac_func in pthread_kill_other_threads_np do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:10060: checking for $ac_func" >&5 +echo "configure:9981: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10010: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -10110,7 +10031,7 @@ fi done echo $ac_n "checking for LinuxThreads implementation""... $ac_c" 1>&6 -echo "configure:10114: checking for LinuxThreads implementation" >&5 +echo "configure:10035: checking for LinuxThreads implementation" >&5 if eval "test \"\${ol_cv_sys_linux_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -10123,7 +10044,7 @@ echo "$ac_t""$ol_cv_sys_linux_threads" 1>&6 echo $ac_n "checking for LinuxThreads consistency""... $ac_c" 1>&6 -echo "configure:10127: checking for LinuxThreads consistency" >&5 +echo "configure:10048: checking for LinuxThreads consistency" >&5 if eval "test \"\${ol_cv_linux_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -10148,7 +10069,7 @@ echo "$ac_t""$ol_cv_linux_threads" 1>&6 fi echo $ac_n "checking if pthread_create() works""... $ac_c" 1>&6 -echo "configure:10152: checking if pthread_create() works" >&5 +echo "configure:10073: checking if pthread_create() works" >&5 if eval "test \"\${ol_cv_pthread_create_works+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -10157,7 +10078,7 @@ else ol_cv_pthread_create_works=yes else cat > conftest.$ac_ext < @@ -10218,7 +10139,7 @@ int main(argc, argv) } EOF -if { (eval echo configure:10222: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:10143: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_create_works=yes else @@ -10240,7 +10161,7 @@ echo "$ac_t""$ol_cv_pthread_create_works" 1>&6 if test $ol_with_yielding_select = auto ; then echo $ac_n "checking if select yields when using pthreads""... $ac_c" 1>&6 -echo "configure:10244: checking if select yields when using pthreads" >&5 +echo "configure:10165: checking if select yields when using pthreads" >&5 if eval "test \"\${ol_cv_pthread_select_yields+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -10249,7 +10170,7 @@ else ol_cv_pthread_select_yields=cross else cat > conftest.$ac_ext < @@ -10325,7 +10246,7 @@ int main(argc, argv) exit(2); } EOF -if { (eval echo configure:10329: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:10250: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_pthread_select_yields=no else @@ -10369,17 +10290,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:10373: checking for $ac_hdr" >&5 +echo "configure:10294: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:10383: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10304: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -10409,12 +10330,12 @@ done ol_with_threads=found echo $ac_n "checking for cthread_fork""... $ac_c" 1>&6 -echo "configure:10413: checking for cthread_fork" >&5 +echo "configure:10334: checking for cthread_fork" >&5 if eval "test \"\${ac_cv_func_cthread_fork+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10363: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_cthread_fork=yes" else @@ -10460,7 +10381,7 @@ fi if test $ol_link_threads = no ; then echo $ac_n "checking for cthread_fork with -all_load""... $ac_c" 1>&6 -echo "configure:10464: checking for cthread_fork with -all_load" >&5 +echo "configure:10385: checking for cthread_fork with -all_load" >&5 if eval "test \"\${ol_cv_cthread_all_load+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -10468,7 +10389,7 @@ else save_LIBS="$LIBS" LIBS="-all_load $LIBS" cat > conftest.$ac_ext < int main() { @@ -10477,7 +10398,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:10481: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10402: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_cthread_all_load=yes else @@ -10522,17 +10443,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:10526: checking for $ac_hdr" >&5 +echo "configure:10447: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:10536: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10457: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -10561,7 +10482,7 @@ done if test $ac_cv_header_pth_h = yes ; then echo $ac_n "checking for pth_version in -lpth""... $ac_c" 1>&6 -echo "configure:10565: checking for pth_version in -lpth" >&5 +echo "configure:10486: checking for pth_version in -lpth" >&5 ac_lib_var=`echo pth'_'pth_version | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -10569,7 +10490,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lpth $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10505: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -10624,17 +10545,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \ do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:10628: checking for $ac_hdr" >&5 +echo "configure:10549: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:10638: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10559: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -10662,7 +10583,7 @@ done if test $ac_cv_header_thread_h = yes -a $ac_cv_header_synch_h = yes ; then echo $ac_n "checking for thr_create in -lthread""... $ac_c" 1>&6 -echo "configure:10666: checking for thr_create in -lthread" >&5 +echo "configure:10587: checking for thr_create in -lthread" >&5 ac_lib_var=`echo thread'_'thr_create | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -10670,7 +10591,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lthread $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10606: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -10721,12 +10642,12 @@ EOF do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:10725: checking for $ac_func" >&5 +echo "configure:10646: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10675: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -10781,17 +10702,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:10785: checking for $ac_hdr" >&5 +echo "configure:10706: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:10795: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10716: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -10819,7 +10740,7 @@ done if test $ac_cv_header_lwp_lwp_h = yes ; then echo $ac_n "checking for lwp_create in -llwp""... $ac_c" 1>&6 -echo "configure:10823: checking for lwp_create in -llwp" >&5 +echo "configure:10744: checking for lwp_create in -llwp" >&5 ac_lib_var=`echo lwp'_'lwp_create | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -10827,7 +10748,7 @@ else ac_save_LIBS="$LIBS" LIBS="-llwp $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -10891,17 +10812,17 @@ if test $ol_with_threads = manual ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:10895: checking for $ac_hdr" >&5 +echo "configure:10816: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:10905: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10826: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -10930,12 +10851,12 @@ done for ac_func in sched_yield pthread_yield do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:10934: checking for $ac_func" >&5 +echo "configure:10855: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:10884: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -10985,12 +10906,12 @@ done echo $ac_n "checking for LinuxThreads pthread.h""... $ac_c" 1>&6 -echo "configure:10989: checking for LinuxThreads pthread.h" >&5 +echo "configure:10910: checking for LinuxThreads pthread.h" >&5 if eval "test \"\${ol_cv_header_linux_threads+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -11020,17 +10941,17 @@ EOF do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:11024: checking for $ac_hdr" >&5 +echo "configure:10945: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:11034: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10955: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -11060,17 +10981,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:11064: checking for $ac_hdr" >&5 +echo "configure:10985: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:11074: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:10995: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -11100,17 +11021,17 @@ done do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:11104: checking for $ac_hdr" >&5 +echo "configure:11025: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:11114: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:11035: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -11169,20 +11090,20 @@ EOF echo $ac_n "checking for thread specific errno""... $ac_c" 1>&6 -echo "configure:11173: checking for thread specific errno" >&5 +echo "configure:11094: checking for thread specific errno" >&5 if eval "test \"\${ol_cv_errno_thread_specific+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { errno = 0; ; return 0; } EOF -if { (eval echo configure:11186: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11107: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_errno_thread_specific=yes else @@ -11198,20 +11119,20 @@ fi echo "$ac_t""$ol_cv_errno_thread_specific" 1>&6 echo $ac_n "checking for thread specific h_errno""... $ac_c" 1>&6 -echo "configure:11202: checking for thread specific h_errno" >&5 +echo "configure:11123: checking for thread specific h_errno" >&5 if eval "test \"\${ol_cv_h_errno_thread_specific+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { h_errno = 0; ; return 0; } EOF -if { (eval echo configure:11215: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11136: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_h_errno_thread_specific=yes else @@ -11270,17 +11191,17 @@ for ac_hdr in db_185.h db.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:11274: checking for $ac_hdr" >&5 +echo "configure:11195: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:11284: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:11205: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -11308,13 +11229,13 @@ done if test $ac_cv_header_db_185_h = yes -o $ac_cv_header_db_h = yes; then echo $ac_n "checking if Berkeley DB header compatibility""... $ac_c" 1>&6 -echo "configure:11312: checking if Berkeley DB header compatibility" >&5 +echo "configure:11233: checking if Berkeley DB header compatibility" >&5 if eval "test \"\${ol_cv_header_db1+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&6 ol_cv_lib_db=no if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (default)""... $ac_c" 1>&6 -echo "configure:11355: checking for Berkeley DB link (default)" >&5 +echo "configure:11276: checking for Berkeley DB link (default)" >&5 if eval "test \"\${ol_cv_db_none+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11361,7 +11282,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_none=yes else @@ -11414,7 +11335,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb)""... $ac_c" 1>&6 -echo "configure:11418: checking for Berkeley DB link (-ldb)" >&5 +echo "configure:11339: checking for Berkeley DB link (-ldb)" >&5 if eval "test \"\${ol_cv_db_db+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11424,7 +11345,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11378: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db=yes else @@ -11477,7 +11398,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb3)""... $ac_c" 1>&6 -echo "configure:11481: checking for Berkeley DB link (-ldb3)" >&5 +echo "configure:11402: checking for Berkeley DB link (-ldb3)" >&5 if eval "test \"\${ol_cv_db_db3+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11487,7 +11408,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11441: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db3=yes else @@ -11540,7 +11461,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb2)""... $ac_c" 1>&6 -echo "configure:11544: checking for Berkeley DB link (-ldb2)" >&5 +echo "configure:11465: checking for Berkeley DB link (-ldb2)" >&5 if eval "test \"\${ol_cv_db_db2+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11550,7 +11471,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11504: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db2=yes else @@ -11603,7 +11524,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb1)""... $ac_c" 1>&6 -echo "configure:11607: checking for Berkeley DB link (-ldb1)" >&5 +echo "configure:11528: checking for Berkeley DB link (-ldb1)" >&5 if eval "test \"\${ol_cv_db_db1+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11613,7 +11534,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11567: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db1=yes else @@ -11677,17 +11598,17 @@ for ac_hdr in db.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:11681: checking for $ac_hdr" >&5 +echo "configure:11602: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:11691: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:11612: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -11717,7 +11638,7 @@ if test $ac_cv_header_db_h = yes; then ol_cv_lib_db=no if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (default)""... $ac_c" 1>&6 -echo "configure:11721: checking for Berkeley DB link (default)" >&5 +echo "configure:11642: checking for Berkeley DB link (default)" >&5 if eval "test \"\${ol_cv_db_none+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11727,7 +11648,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11681: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_none=yes else @@ -11780,7 +11701,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb)""... $ac_c" 1>&6 -echo "configure:11784: checking for Berkeley DB link (-ldb)" >&5 +echo "configure:11705: checking for Berkeley DB link (-ldb)" >&5 if eval "test \"\${ol_cv_db_db+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11790,7 +11711,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11744: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db=yes else @@ -11843,7 +11764,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb3)""... $ac_c" 1>&6 -echo "configure:11847: checking for Berkeley DB link (-ldb3)" >&5 +echo "configure:11768: checking for Berkeley DB link (-ldb3)" >&5 if eval "test \"\${ol_cv_db_db3+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11853,7 +11774,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db3=yes else @@ -11906,7 +11827,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb2)""... $ac_c" 1>&6 -echo "configure:11910: checking for Berkeley DB link (-ldb2)" >&5 +echo "configure:11831: checking for Berkeley DB link (-ldb2)" >&5 if eval "test \"\${ol_cv_db_db2+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11916,7 +11837,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11870: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db2=yes else @@ -11969,7 +11890,7 @@ fi if test $ol_cv_lib_db = no ; then echo $ac_n "checking for Berkeley DB link (-ldb1)""... $ac_c" 1>&6 -echo "configure:11973: checking for Berkeley DB link (-ldb1)" >&5 +echo "configure:11894: checking for Berkeley DB link (-ldb1)" >&5 if eval "test \"\${ol_cv_db_db1+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -11979,7 +11900,7 @@ else LIBS="$ol_DB_LIB $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:11933: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_db_db1=yes else @@ -12034,7 +11955,7 @@ fi if test "$ol_cv_lib_db" != no ; then ol_cv_berkeley_db=yes echo $ac_n "checking for Berkeley DB thread support""... $ac_c" 1>&6 -echo "configure:12038: checking for Berkeley DB thread support" >&5 +echo "configure:11959: checking for Berkeley DB thread support" >&5 if eval "test \"\${ol_cv_berkeley_db_thread+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12048,7 +11969,7 @@ else ol_cv_berkeley_db_thread=cross else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12013: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_berkeley_db_thread=yes else @@ -12152,18 +12073,18 @@ fi if test $ol_with_ldbm_api = auto -o $ol_with_ldbm_api = mdbm ; then echo $ac_n "checking for MDBM library""... $ac_c" 1>&6 -echo "configure:12156: checking for MDBM library" >&5 +echo "configure:12077: checking for MDBM library" >&5 if eval "test \"\${ol_cv_lib_mdbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ol_LIBS="$LIBS" echo $ac_n "checking for mdbm_set_chain""... $ac_c" 1>&6 -echo "configure:12162: checking for mdbm_set_chain" >&5 +echo "configure:12083: checking for mdbm_set_chain" >&5 if eval "test \"\${ac_cv_func_mdbm_set_chain+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_mdbm_set_chain=yes" else @@ -12206,7 +12127,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for mdbm_set_chain in -lmdbm""... $ac_c" 1>&6 -echo "configure:12210: checking for mdbm_set_chain in -lmdbm" >&5 +echo "configure:12131: checking for mdbm_set_chain in -lmdbm" >&5 ac_lib_var=`echo mdbm'_'mdbm_set_chain | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12214,7 +12135,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lmdbm $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12150: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12260,17 +12181,17 @@ echo "$ac_t""$ol_cv_lib_mdbm" 1>&6 do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12264: checking for $ac_hdr" >&5 +echo "configure:12185: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12274: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12195: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12297,7 +12218,7 @@ fi done echo $ac_n "checking for db""... $ac_c" 1>&6 -echo "configure:12301: checking for db" >&5 +echo "configure:12222: checking for db" >&5 if eval "test \"\${ol_cv_mdbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12330,18 +12251,18 @@ fi if test $ol_with_ldbm_api = auto -o $ol_with_ldbm_api = gdbm ; then echo $ac_n "checking for GDBM library""... $ac_c" 1>&6 -echo "configure:12334: checking for GDBM library" >&5 +echo "configure:12255: checking for GDBM library" >&5 if eval "test \"\${ol_cv_lib_gdbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ol_LIBS="$LIBS" echo $ac_n "checking for gdbm_open""... $ac_c" 1>&6 -echo "configure:12340: checking for gdbm_open" >&5 +echo "configure:12261: checking for gdbm_open" >&5 if eval "test \"\${ac_cv_func_gdbm_open+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12290: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_gdbm_open=yes" else @@ -12384,7 +12305,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for gdbm_open in -lgdbm""... $ac_c" 1>&6 -echo "configure:12388: checking for gdbm_open in -lgdbm" >&5 +echo "configure:12309: checking for gdbm_open in -lgdbm" >&5 ac_lib_var=`echo gdbm'_'gdbm_open | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12392,7 +12313,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lgdbm $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12328: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12438,17 +12359,17 @@ echo "$ac_t""$ol_cv_lib_gdbm" 1>&6 do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12442: checking for $ac_hdr" >&5 +echo "configure:12363: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12452: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12373: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12475,7 +12396,7 @@ fi done echo $ac_n "checking for db""... $ac_c" 1>&6 -echo "configure:12479: checking for db" >&5 +echo "configure:12400: checking for db" >&5 if eval "test \"\${ol_cv_gdbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12509,18 +12430,18 @@ fi if test $ol_with_ldbm_api = ndbm ; then echo $ac_n "checking for NDBM library""... $ac_c" 1>&6 -echo "configure:12513: checking for NDBM library" >&5 +echo "configure:12434: checking for NDBM library" >&5 if eval "test \"\${ol_cv_lib_ndbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ol_LIBS="$LIBS" echo $ac_n "checking for dbm_open""... $ac_c" 1>&6 -echo "configure:12519: checking for dbm_open" >&5 +echo "configure:12440: checking for dbm_open" >&5 if eval "test \"\${ac_cv_func_dbm_open+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12469: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_dbm_open=yes" else @@ -12563,7 +12484,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for dbm_open in -lndbm""... $ac_c" 1>&6 -echo "configure:12567: checking for dbm_open in -lndbm" >&5 +echo "configure:12488: checking for dbm_open in -lndbm" >&5 ac_lib_var=`echo ndbm'_'dbm_open | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12571,7 +12492,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lndbm $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12507: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12602,7 +12523,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for dbm_open in -ldbm""... $ac_c" 1>&6 -echo "configure:12606: checking for dbm_open in -ldbm" >&5 +echo "configure:12527: checking for dbm_open in -ldbm" >&5 ac_lib_var=`echo dbm'_'dbm_open | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12610,7 +12531,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ldbm $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12546: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12658,17 +12579,17 @@ echo "$ac_t""$ol_cv_lib_ndbm" 1>&6 do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12662: checking for $ac_hdr" >&5 +echo "configure:12583: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12672: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12593: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12695,7 +12616,7 @@ fi done echo $ac_n "checking for db""... $ac_c" 1>&6 -echo "configure:12699: checking for db" >&5 +echo "configure:12620: checking for db" >&5 if eval "test \"\${ol_cv_ndbm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12748,17 +12669,17 @@ if test $ol_enable_wrappers != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12752: checking for $ac_hdr" >&5 +echo "configure:12673: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12762: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12683: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12789,7 +12710,7 @@ done have_wrappers=no else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:12724: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* have_wrappers=yes else @@ -12819,7 +12740,7 @@ EOF WRAP_LIBS="-lwrap" echo $ac_n "checking for main in -lnsl""... $ac_c" 1>&6 -echo "configure:12823: checking for main in -lnsl" >&5 +echo "configure:12744: checking for main in -lnsl" >&5 ac_lib_var=`echo nsl'_'main | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12827,14 +12748,14 @@ else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12759: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12875,12 +12796,12 @@ fi if test $ol_enable_syslog != no ; then echo $ac_n "checking for openlog""... $ac_c" 1>&6 -echo "configure:12879: checking for openlog" >&5 +echo "configure:12800: checking for openlog" >&5 if eval "test \"\${ac_cv_func_openlog+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12829: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_openlog=yes" else @@ -12934,17 +12855,17 @@ for ac_hdr in termcap.h ncurses.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12938: checking for $ac_hdr" >&5 +echo "configure:12859: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12948: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12869: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12973,7 +12894,7 @@ done if test $ol_link_termcap = no ; then echo $ac_n "checking for tputs in -ltermcap""... $ac_c" 1>&6 -echo "configure:12977: checking for tputs in -ltermcap" >&5 +echo "configure:12898: checking for tputs in -ltermcap" >&5 ac_lib_var=`echo termcap'_'tputs | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12981,7 +12902,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ltermcap $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12917: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13025,7 +12946,7 @@ fi if test $ol_link_termcap = no ; then echo $ac_n "checking for initscr in -lncurses""... $ac_c" 1>&6 -echo "configure:13029: checking for initscr in -lncurses" >&5 +echo "configure:12950: checking for initscr in -lncurses" >&5 ac_lib_var=`echo ncurses'_'initscr | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13033,7 +12954,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lncurses $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12969: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13088,17 +13009,17 @@ ol_link_spasswd=no if test $ol_with_cyrus_sasl != no ; then ac_safe=`echo "sasl.h" | sed 'y%./+-%__p_%'` echo $ac_n "checking for sasl.h""... $ac_c" 1>&6 -echo "configure:13092: checking for sasl.h" >&5 +echo "configure:13013: checking for sasl.h" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:13102: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:13023: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -13122,7 +13043,7 @@ fi if test $ac_cv_header_sasl_h = yes ; then echo $ac_n "checking for sasl_client_init in -lsasl""... $ac_c" 1>&6 -echo "configure:13126: checking for sasl_client_init in -lsasl" >&5 +echo "configure:13047: checking for sasl_client_init in -lsasl" >&5 ac_lib_var=`echo sasl'_'sasl_client_init | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13130,7 +13051,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lsasl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13066: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13205,13 +13126,13 @@ if test $ol_with_fetch != no ; then ol_LIBS=$LIBS LIBS="-lfetch -lcom_err $LIBS" echo $ac_n "checking fetch(3) library""... $ac_c" 1>&6 -echo "configure:13209: checking fetch(3) library" >&5 +echo "configure:13130: checking fetch(3) library" >&5 if eval "test \"\${ol_cv_lib_fetch+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -13221,7 +13142,7 @@ int main() { struct url *u = fetchParseURL("file:///"); ; return 0; } EOF -if { (eval echo configure:13225: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13146: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_lib_fetch=yes else @@ -13259,17 +13180,17 @@ if test $ol_with_readline != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:13263: checking for $ac_hdr" >&5 +echo "configure:13184: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:13273: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:13194: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -13300,7 +13221,7 @@ done save_LIBS="$LIBS" LIBS="$TERMCAP_LIBS $LIBS" echo $ac_n "checking for readline in -lreadline""... $ac_c" 1>&6 -echo "configure:13304: checking for readline in -lreadline" >&5 +echo "configure:13225: checking for readline in -lreadline" >&5 ac_lib_var=`echo readline'_'readline | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13308,7 +13229,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lreadline $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13244: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13361,12 +13282,12 @@ fi if test $ol_enable_crypt != no ; then echo $ac_n "checking for crypt""... $ac_c" 1>&6 -echo "configure:13365: checking for crypt" >&5 +echo "configure:13286: checking for crypt" >&5 if eval "test \"\${ac_cv_func_crypt+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_crypt=yes" else @@ -13409,7 +13330,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:13413: checking for crypt in -lcrypt" >&5 +echo "configure:13334: checking for crypt in -lcrypt" >&5 ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13417,7 +13338,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13471,12 +13392,12 @@ fi if test $ol_enable_proctitle != no ; then echo $ac_n "checking for setproctitle""... $ac_c" 1>&6 -echo "configure:13475: checking for setproctitle" >&5 +echo "configure:13396: checking for setproctitle" >&5 if eval "test \"\${ac_cv_func_setproctitle+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13425: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_setproctitle=yes" else @@ -13519,7 +13440,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for setproctitle in -lutil""... $ac_c" 1>&6 -echo "configure:13523: checking for setproctitle in -lutil" >&5 +echo "configure:13444: checking for setproctitle in -lutil" >&5 ac_lib_var=`echo util'_'setproctitle | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13527,7 +13448,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lutil $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13463: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13574,12 +13495,12 @@ EOF fi echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:13578: checking for ANSI C header files" >&5 +echo "configure:13499: checking for ANSI C header files" >&5 if eval "test \"\${ac_cv_header_stdc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -13587,7 +13508,7 @@ else #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:13591: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:13512: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -13604,7 +13525,7 @@ rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -13622,7 +13543,7 @@ fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -13643,7 +13564,7 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #if ((' ' & 0x0FF) == 0x020) @@ -13661,7 +13582,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF -if { (eval echo configure:13665: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13586: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then : else @@ -13685,12 +13606,12 @@ EOF fi echo $ac_n "checking for mode_t""... $ac_c" 1>&6 -echo "configure:13689: checking for mode_t" >&5 +echo "configure:13610: checking for mode_t" >&5 if eval "test \"\${ac_cv_type_mode_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13721,12 +13642,12 @@ EOF fi echo $ac_n "checking for off_t""... $ac_c" 1>&6 -echo "configure:13725: checking for off_t" >&5 +echo "configure:13646: checking for off_t" >&5 if eval "test \"\${ac_cv_type_off_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13757,12 +13678,12 @@ EOF fi echo $ac_n "checking for pid_t""... $ac_c" 1>&6 -echo "configure:13761: checking for pid_t" >&5 +echo "configure:13682: checking for pid_t" >&5 if eval "test \"\${ac_cv_type_pid_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13793,19 +13714,19 @@ EOF fi echo $ac_n "checking for ptrdiff_t""... $ac_c" 1>&6 -echo "configure:13797: checking for ptrdiff_t" >&5 +echo "configure:13718: checking for ptrdiff_t" >&5 if eval "test \"\${am_cv_type_ptrdiff_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { ptrdiff_t p ; return 0; } EOF -if { (eval echo configure:13809: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13730: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* am_cv_type_ptrdiff_t=yes else @@ -13826,12 +13747,12 @@ EOF fi echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:13830: checking return type of signal handlers" >&5 +echo "configure:13751: checking return type of signal handlers" >&5 if eval "test \"\${ac_cv_type_signal+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -13848,7 +13769,7 @@ int main() { int i; ; return 0; } EOF -if { (eval echo configure:13852: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13773: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else @@ -13867,12 +13788,12 @@ EOF echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:13871: checking for size_t" >&5 +echo "configure:13792: checking for size_t" >&5 if eval "test \"\${ac_cv_type_size_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13904,12 +13825,12 @@ fi echo $ac_n "checking for ssize_t""... $ac_c" 1>&6 -echo "configure:13908: checking for ssize_t" >&5 +echo "configure:13829: checking for ssize_t" >&5 if eval "test \"\${ac_cv_type_ssize_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13940,12 +13861,12 @@ EOF fi echo $ac_n "checking for caddr_t""... $ac_c" 1>&6 -echo "configure:13944: checking for caddr_t" >&5 +echo "configure:13865: checking for caddr_t" >&5 if eval "test \"\${ac_cv_type_caddr_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13977,12 +13898,12 @@ fi echo $ac_n "checking for socklen_t""... $ac_c" 1>&6 -echo "configure:13981: checking for socklen_t" >&5 +echo "configure:13902: checking for socklen_t" >&5 if eval "test \"\${ol_cv_type_socklen_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13921: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_type_socklen_t=yes else @@ -14017,12 +13938,12 @@ EOF fi echo $ac_n "checking for member st_blksize in aggregate type struct stat""... $ac_c" 1>&6 -echo "configure:14021: checking for member st_blksize in aggregate type struct stat" >&5 +echo "configure:13942: checking for member st_blksize in aggregate type struct stat" >&5 if eval "test \"\${ac_cv_c_struct_member_st_blksize+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -14030,7 +13951,7 @@ int main() { struct stat foo; foo.st_blksize; ; return 0; } EOF -if { (eval echo configure:14034: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13955: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_struct_member_st_blksize=yes else @@ -14052,12 +13973,12 @@ EOF fi echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 -echo "configure:14056: checking whether time.h and sys/time.h may both be included" >&5 +echo "configure:13977: checking whether time.h and sys/time.h may both be included" >&5 if eval "test \"\${ac_cv_header_time+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -14066,7 +13987,7 @@ int main() { struct tm *tp; ; return 0; } EOF -if { (eval echo configure:14070: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13991: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_header_time=yes else @@ -14087,12 +14008,12 @@ EOF fi echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 -echo "configure:14091: checking whether struct tm is in sys/time.h or time.h" >&5 +echo "configure:14012: checking whether struct tm is in sys/time.h or time.h" >&5 if eval "test \"\${ac_cv_struct_tm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -14100,7 +14021,7 @@ int main() { struct tm *tp; tp->tm_sec; ; return 0; } EOF -if { (eval echo configure:14104: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14025: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_struct_tm=time.h else @@ -14121,12 +14042,12 @@ EOF fi echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:14125: checking for uid_t in sys/types.h" >&5 +echo "configure:14046: checking for uid_t in sys/types.h" >&5 if eval "test \"\${ac_cv_type_uid_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -14155,19 +14076,19 @@ EOF fi echo $ac_n "checking for sig_atomic_t""... $ac_c" 1>&6 -echo "configure:14159: checking for sig_atomic_t" >&5 +echo "configure:14080: checking for sig_atomic_t" >&5 if eval "test \"\${ol_cv_type_sig_atomic_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { sig_atomic_t atomic; ; return 0; } EOF -if { (eval echo configure:14171: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14092: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_type_sig_atomic_t=yes else @@ -14191,13 +14112,13 @@ EOF # test for pw_gecos in struct passwd echo $ac_n "checking struct passwd for pw_gecos""... $ac_c" 1>&6 -echo "configure:14195: checking struct passwd for pw_gecos" >&5 +echo "configure:14116: checking struct passwd for pw_gecos" >&5 if eval "test \"\${ol_cv_struct_passwd_pw_gecos+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { @@ -14207,7 +14128,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:14211: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14132: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_struct_passwd_pw_gecos=yes else @@ -14229,13 +14150,13 @@ fi # test for pw_passwd in struct passwd echo $ac_n "checking struct passwd for pw_passwd""... $ac_c" 1>&6 -echo "configure:14233: checking struct passwd for pw_passwd" >&5 +echo "configure:14154: checking struct passwd for pw_passwd" >&5 if eval "test \"\${ol_cv_struct_passwd_pw_passwd+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { @@ -14245,7 +14166,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:14249: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14170: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_struct_passwd_pw_passwd=yes else @@ -14267,7 +14188,7 @@ fi echo $ac_n "checking if toupper() requires islower()""... $ac_c" 1>&6 -echo "configure:14271: checking if toupper() requires islower()" >&5 +echo "configure:14192: checking if toupper() requires islower()" >&5 if eval "test \"\${ol_cv_c_upper_lower+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -14276,7 +14197,7 @@ else ol_cv_c_upper_lower=safe else cat > conftest.$ac_ext < @@ -14288,7 +14209,7 @@ main() exit(1); } EOF -if { (eval echo configure:14292: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:14213: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_c_upper_lower=no else @@ -14311,12 +14232,12 @@ EOF fi echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:14315: checking for working const" >&5 +echo "configure:14236: checking for working const" >&5 if eval "test \"\${ac_cv_c_const+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14290: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else @@ -14386,12 +14307,12 @@ EOF fi echo $ac_n "checking if compiler understands volatile""... $ac_c" 1>&6 -echo "configure:14390: checking if compiler understands volatile" >&5 +echo "configure:14311: checking if compiler understands volatile" >&5 if eval "test \"\${ol_cv_c_volatile+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14325: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_c_volatile=yes else @@ -14430,14 +14351,14 @@ EOF else echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6 -echo "configure:14434: checking whether byte ordering is bigendian" >&5 +echo "configure:14355: checking whether byte ordering is bigendian" >&5 if eval "test \"\${ac_cv_c_bigendian+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_cv_c_bigendian=unknown # See if sys/param.h defines the BYTE_ORDER macro. cat > conftest.$ac_ext < #include @@ -14448,11 +14369,11 @@ int main() { #endif ; return 0; } EOF -if { (eval echo configure:14452: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14373: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* # It does; now see whether it defined to BIG_ENDIAN or not. cat > conftest.$ac_ext < #include @@ -14463,7 +14384,7 @@ int main() { #endif ; return 0; } EOF -if { (eval echo configure:14467: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14388: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_bigendian=yes else @@ -14483,7 +14404,7 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:14421: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_c_bigendian=no else @@ -14522,13 +14443,13 @@ fi fi echo $ac_n "checking size of short""... $ac_c" 1>&6 -echo "configure:14526: checking size of short" >&5 +echo "configure:14447: checking size of short" >&5 if eval "test \"\${ac_cv_sizeof_short+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence. cat > conftest.$ac_ext < @@ -14538,7 +14459,7 @@ int main() { switch (0) case 0: case (sizeof (short) == $ac_size):; ; return 0; } EOF -if { (eval echo configure:14542: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14463: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_sizeof_short=$ac_size else @@ -14561,13 +14482,13 @@ EOF echo $ac_n "checking size of int""... $ac_c" 1>&6 -echo "configure:14565: checking size of int" >&5 +echo "configure:14486: checking size of int" >&5 if eval "test \"\${ac_cv_sizeof_int+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence. cat > conftest.$ac_ext < @@ -14577,7 +14498,7 @@ int main() { switch (0) case 0: case (sizeof (int) == $ac_size):; ; return 0; } EOF -if { (eval echo configure:14581: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14502: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_sizeof_int=$ac_size else @@ -14600,13 +14521,13 @@ EOF echo $ac_n "checking size of long""... $ac_c" 1>&6 -echo "configure:14604: checking size of long" >&5 +echo "configure:14525: checking size of long" >&5 if eval "test \"\${ac_cv_sizeof_long+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence. cat > conftest.$ac_ext < @@ -14616,7 +14537,7 @@ int main() { switch (0) case 0: case (sizeof (long) == $ac_size):; ; return 0; } EOF -if { (eval echo configure:14620: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14541: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_sizeof_long=$ac_size else @@ -14667,7 +14588,7 @@ EOF echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6 -echo "configure:14671: checking for 8-bit clean memcmp" >&5 +echo "configure:14592: checking for 8-bit clean memcmp" >&5 if eval "test \"\${ac_cv_func_memcmp_clean+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -14675,7 +14596,7 @@ else ac_cv_func_memcmp_clean=no else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:14610: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_func_memcmp_clean=yes else @@ -14703,12 +14624,12 @@ echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6 test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}" echo $ac_n "checking for strftime""... $ac_c" 1>&6 -echo "configure:14707: checking for strftime" >&5 +echo "configure:14628: checking for strftime" >&5 if eval "test \"\${ac_cv_func_strftime+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14657: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strftime=yes" else @@ -14754,7 +14675,7 @@ else echo "$ac_t""no" 1>&6 # strftime is in -lintl on SCO UNIX. echo $ac_n "checking for strftime in -lintl""... $ac_c" 1>&6 -echo "configure:14758: checking for strftime in -lintl" >&5 +echo "configure:14679: checking for strftime in -lintl" >&5 ac_lib_var=`echo intl'_'strftime | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -14762,7 +14683,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lintl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14698: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -14801,12 +14722,12 @@ fi echo $ac_n "checking for inet_aton()""... $ac_c" 1>&6 -echo "configure:14805: checking for inet_aton()" >&5 +echo "configure:14726: checking for inet_aton()" >&5 if eval "test \"\${ol_cv_func_inet_aton+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14753: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_func_inet_aton=yes else @@ -14850,12 +14771,12 @@ EOF echo $ac_n "checking for _spawnlp""... $ac_c" 1>&6 -echo "configure:14854: checking for _spawnlp" >&5 +echo "configure:14775: checking for _spawnlp" >&5 if eval "test \"\${ac_cv_func__spawnlp+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14804: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__spawnlp=yes" else @@ -14903,12 +14824,12 @@ fi echo $ac_n "checking for _snprintf""... $ac_c" 1>&6 -echo "configure:14907: checking for _snprintf" >&5 +echo "configure:14828: checking for _snprintf" >&5 if eval "test \"\${ac_cv_func__snprintf+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14857: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__snprintf=yes" else @@ -14958,12 +14879,12 @@ fi echo $ac_n "checking for _vsnprintf""... $ac_c" 1>&6 -echo "configure:14962: checking for _vsnprintf" >&5 +echo "configure:14883: checking for _vsnprintf" >&5 if eval "test \"\${ac_cv_func__vsnprintf+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14912: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__vsnprintf=yes" else @@ -15013,12 +14934,12 @@ fi echo $ac_n "checking for vprintf""... $ac_c" 1>&6 -echo "configure:15017: checking for vprintf" >&5 +echo "configure:14938: checking for vprintf" >&5 if eval "test \"\${ac_cv_func_vprintf+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14967: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_vprintf=yes" else @@ -15066,12 +14987,12 @@ fi if test "$ac_cv_func_vprintf" != yes; then echo $ac_n "checking for _doprnt""... $ac_c" 1>&6 -echo "configure:15070: checking for _doprnt" >&5 +echo "configure:14991: checking for _doprnt" >&5 if eval "test \"\${ac_cv_func__doprnt+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15020: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__doprnt=yes" else @@ -15124,12 +15045,12 @@ if test $ac_cv_func_vprintf = yes ; then for ac_func in vsnprintf vsprintf do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:15128: checking for $ac_func" >&5 +echo "configure:15049: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15078: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -15232,12 +15153,12 @@ for ac_func in \ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:15236: checking for $ac_func" >&5 +echo "configure:15157: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15186: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -15289,12 +15210,12 @@ done for ac_func in getopt tempnam do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:15293: checking for $ac_func" >&5 +echo "configure:15214: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15243: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -15355,13 +15276,13 @@ fi # Check Configuration echo $ac_n "checking declaration of sys_errlist""... $ac_c" 1>&6 -echo "configure:15359: checking declaration of sys_errlist" >&5 +echo "configure:15280: checking declaration of sys_errlist" >&5 if eval "test \"\${ol_cv_dcl_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -15374,7 +15295,7 @@ int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:15378: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:15299: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_dcl_sys_errlist=yes ol_cv_have_sys_errlist=yes @@ -15397,20 +15318,20 @@ EOF echo $ac_n "checking existence of sys_errlist""... $ac_c" 1>&6 -echo "configure:15401: checking existence of sys_errlist" >&5 +echo "configure:15322: checking existence of sys_errlist" >&5 if eval "test \"\${ol_cv_have_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:15414: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15335: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_have_sys_errlist=yes else @@ -15681,8 +15602,6 @@ fi - - @@ -15897,7 +15816,6 @@ s%@BUILD_DNSSRV@%$BUILD_DNSSRV%g s%@BUILD_LDAP@%$BUILD_LDAP%g s%@BUILD_LDBM@%$BUILD_LDBM%g s%@BUILD_PASSWD@%$BUILD_PASSWD%g -s%@BUILD_QUIPU@%$BUILD_QUIPU%g s%@BUILD_SHELL@%$BUILD_SHELL%g s%@BUILD_DNSSRV_DYNAMIC@%$BUILD_DNSSRV_DYNAMIC%g s%@BUILD_LDAP_DYNAMIC@%$BUILD_LDAP_DYNAMIC%g @@ -15908,7 +15826,6 @@ s%@BUILD_SLURPD@%$BUILD_SLURPD%g s%@LDAP_LIBS@%$LDAP_LIBS%g s%@LDIF_LIBS@%$LDIF_LIBS%g s%@SLAPD_LIBS@%$SLAPD_LIBS%g -s%@QUIPU_LIBS@%$QUIPU_LIBS%g s%@SLURPD_LIBS@%$SLURPD_LIBS%g s%@LDBM_LIBS@%$LDBM_LIBS%g s%@LTHREAD_LIBS@%$LTHREAD_LIBS%g diff --git a/configure.in b/configure.in index 4697b764cd..f778cb0193 100644 --- a/configure.in +++ b/configure.in @@ -23,7 +23,7 @@ define([AC_INIT_BINSH], # in file LICENSE in the top-level directory of the distribution. echo "Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved." -echo "Copying restrictions apply, see COPYRIGHT file." +echo "Restrictions apply, see COPYRIGHT and LICENSE files." ])dnl dnl ---------------------------------------------------------------- dnl Disable config.cache! @@ -146,7 +146,6 @@ OL_ARG_ENABLE(spasswd,[ --enable-spasswd enable (Cyrus) SASL password verific OL_ARG_ENABLE(modules,[ --enable-modules enable dynamic module support], no)dnl OL_ARG_ENABLE(multimaster,[ --enable-multimaster enable multimaster replication], no)dnl OL_ARG_ENABLE(phonetic,[ --enable-phonetic enable phonetic/soundex], no)dnl -OL_ARG_ENABLE(quipu,[ --enable-quipu build quipu migration tools], no)dnl OL_ARG_ENABLE(rlookups,[ --enable-rlookups enable reverse lookups], auto)dnl OL_ARG_ENABLE(aci,[ --enable-aci enable per-object ACIs], no)dnl OL_ARG_ENABLE(wrappers,[ --enable-wrappers enable tcp wrapper support], no)dnl @@ -217,9 +216,6 @@ if test $ol_enable_slapd = no ; then if test $ol_enable_phonetic = yes ; then AC_MSG_WARN([slapd disabled, ignoring --enable-phonetic argument]) fi - if test $ol_enable_quipu = yes ; then - AC_MSG_WARN([slapd disabled, ignoring --enable-quipu argument]) - fi if test $ol_enable_rlookups = yes ; then AC_MSG_WARN([slapd disabled, ignoring --enable-rlookups argument]) fi @@ -261,7 +257,6 @@ if test $ol_enable_slapd = no ; then ol_enable_modules=no ol_enable_multimaster=no ol_enable_phonetic=no - ol_enable_quipu=no ol_enable_rlookups=no ol_enable_aci=no ol_enable_wrappers=no @@ -357,14 +352,12 @@ LDBM_LIBS= LTHREAD_LIBS= LUTIL_LIBS= -QUIPU_LIBS= SLAPD_LIBS= SLURPD_LIBS= BUILD_SLAPD=no BUILD_SLURPD=no -BUILD_QUIPU=no BUILD_THREAD=no BUILD_DNSSRV=no @@ -738,20 +731,6 @@ if test "$ol_enable_dnssrv" = yes -a "$ol_link_dnssrv" = no ; then AC_MSG_ERROR([DNSSRV requires res_query()]) fi -dnl ---------------------------------------------------------------- -dnl QUIPU -if test $ol_enable_quipu != no ; then - AC_CHECK_HEADERS(quipu/commonarg.h) - - if test $ac_cv_header_quipu_commonarg_h = yes ; then - BUILD_QUIPU=yes - elif test $ol_enable_quipu = auto ; then - AC_MSG_WARN([no quipu for --enable-quipu=auto, disabling]) - else - AC_MSG_ERROR(no quipu for --enable-quipu=$ol_enable_quipu) - fi -fi - dnl ---------------------------------------------------------------- dnl Kerberos ol_link_kbind=no @@ -2171,7 +2150,6 @@ AC_SUBST(BUILD_SLAPD) AC_SUBST(BUILD_LDAP) AC_SUBST(BUILD_LDBM) AC_SUBST(BUILD_PASSWD) - AC_SUBST(BUILD_QUIPU) AC_SUBST(BUILD_SHELL) AC_SUBST(BUILD_DNSSRV_DYNAMIC) AC_SUBST(BUILD_LDAP_DYNAMIC) @@ -2183,7 +2161,6 @@ AC_SUBST(BUILD_SLURPD) AC_SUBST(LDAP_LIBS) AC_SUBST(LDIF_LIBS) AC_SUBST(SLAPD_LIBS) -AC_SUBST(QUIPU_LIBS) AC_SUBST(SLURPD_LIBS) AC_SUBST(LDBM_LIBS) AC_SUBST(LTHREAD_LIBS) diff --git a/contrib/README b/contrib/README index 26e86aaff1..bb43ae5fcc 100644 --- a/contrib/README +++ b/contrib/README @@ -22,6 +22,11 @@ Current contributions: Contributed by Eric Rosenquist. See saucer/README and its man page for more information. + tweb + HTTP gateway derived from web500gw. Contributed + by the Universitaet Tuebingen, GERMANY. See + tweb/README for more information. + web_ldap web frontend (in C) from Jens Moller @@ -37,3 +42,5 @@ Current contributions: Please submit your contributions using the OpenLDAP Issue Tracking System . + +$OpenLDAP$ diff --git a/contrib/ldaptcl/ldaperr.tcl b/contrib/ldaptcl/ldaperr.tcl index 31872f66f9..ef77d7f736 100644 --- a/contrib/ldaptcl/ldaperr.tcl +++ b/contrib/ldaptcl/ldaperr.tcl @@ -10,18 +10,34 @@ proc genstrings {path} { puts "/* This file automatically generated, hand edit at your own risk! */" puts -nonewline "char *ldaptclerrorcode\[\] = { NULL" - set lasterr 0 while {[gets $fp line] != -1} { + #puts stderr $line if {[clength $line] == 0 || [ctype space $line]} continue if {![string match #define* $line]} break if {![string match "#define LDAP_*" $line]} continue + if {[string match "*LDAP_RANGE*" $line]} continue lassign $line define macro value + set ldap_errcode($macro) $value + } + foreach i [array names ldap_errcode] { + set value $ldap_errcode($i) + #puts stderr "checking $value" + if [regexp {^[A-Z_]} $value] { + if [info exists ldap_errcode($value)] { + set value $ldap_errcode($value) + set ldap_errcode($i) $value + } + } + set ldap_errname($value) $i + } + set lasterr 0 + foreach value [lsort -integer [array names ldap_errname]] { incr lasterr while {$lasterr < $value} { puts -nonewline ",\n\tNULL" incr lasterr } - puts -nonewline ",\n\t\"$macro\"" + puts -nonewline ",\n\t\"$ldap_errname($value)\"" } puts "\n};" puts "#define LDAPTCL_MAXERR\t$value" diff --git a/contrib/ldaptcl/neoXldap.c b/contrib/ldaptcl/neoXldap.c index 2ba7b6545b..305c290944 100644 --- a/contrib/ldaptcl/neoXldap.c +++ b/contrib/ldaptcl/neoXldap.c @@ -797,7 +797,7 @@ NeoX_LdapTargetObjCmd (clientData, interp, objc, objv) deref = LDAP_DEREF_NEVER; else if (STREQU(derefString, "search")) deref = LDAP_DEREF_SEARCHING; - else if (STREQU(derefString, "find") == 0) + else if (STREQU(derefString, "find")) deref = LDAP_DEREF_FINDING; else if (STREQU(derefString, "always")) deref = LDAP_DEREF_ALWAYS; @@ -886,6 +886,9 @@ NeoX_LdapTargetObjCmd (clientData, interp, objc, objv) ldap_disable_cache(ldap); } #endif + + ldap_set_option(ldap, LDAP_OPT_DEREF, &deref); + tclResult = LDAP_PerformSearch (interp, ldaptcl, baseString, @@ -907,10 +910,42 @@ NeoX_LdapTargetObjCmd (clientData, interp, objc, objv) else ldap_enable_cache(ldap, ldaptcl->timeout, ldaptcl->maxmem); } + deref = LDAP_DEREF_NEVER; + ldap_set_option(ldap, LDAP_OPT_DEREF, &deref); #endif return tclResult; } + /* object compare dn attr value */ + if (STREQU (subCommand, "compare")) { + char *dn; + char *attr; + char *value; + int result; + int lderrno; + + if (objc != 5) + return TclX_WrongArgs (interp, + objv [0], + "compare dn attribute value"); + + dn = Tcl_GetStringFromObj (objv[2], NULL); + attr = Tcl_GetStringFromObj (objv[3], NULL); + value = Tcl_GetStringFromObj (objv[4], NULL); + + result = ldap_compare_s (ldap, dn, attr, value); + if (result == LDAP_COMPARE_TRUE || result == LDAP_COMPARE_FALSE) { + Tcl_SetIntObj(resultObj, result == LDAP_COMPARE_TRUE); + return TCL_OK; + } + LDAP_SetErrorCode(ldaptcl, result, interp); + Tcl_AppendStringsToObj (resultObj, + "LDAP compare error: ", + LDAP_ERR_STRING(ldap), + (char *)NULL); + return TCL_ERROR; + } + #if defined(UMICH_LDAP) || (defined(OPEN_LDAP) && !defined(LDAP_API_VERSION)) if (STREQU (subCommand, "cache")) { char *cacheCommand; diff --git a/doc/drafts/README b/doc/drafts/README index cfe85242af..217d6f4114 100644 --- a/doc/drafts/README +++ b/doc/drafts/README @@ -7,10 +7,12 @@ and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." -OpenLDAP maintains copies of drafts for which we have and/or -are planning "experimental" implementations of. The I-D -found in this directory may be stale, expired, or otherwise -out of date. +OpenLDAP maintains copies of drafts for which we find interesting. +It existance does not necessarily imply any support or any plans to +support for the I-D. The I-D found in this directory may be stale, +expired, or otherwise out of date. Please refer to http://www.ietf.org/ for latest revisions (and status). + +$OpenLDAP$ diff --git a/doc/drafts/draft-ietf-ldapext-ldapv3-dupent-xx.txt b/doc/drafts/draft-ietf-ldapext-ldapv3-dupent-xx.txt new file mode 100644 index 0000000000..f7cb49acfe --- /dev/null +++ b/doc/drafts/draft-ietf-ldapext-ldapv3-dupent-xx.txt @@ -0,0 +1,412 @@ + + +LDAPEXT Working Group J. Sermersheim +Internet Draft Novell, Inc +Document: draft-ietf-ldapext-ldapv3-dupent-03.txt March 2000 +Category: Proposed Standard + + + LDAP Control for a Duplicate Entry Representation of Search Results + + +1. Status of this Memo + + This document is an Internet-Draft and is in full conformance with + all provisions of Section 10 of RFC2026 [1]. + + Internet-Drafts are working documents of the Internet Engineering + Task Force (IETF), its areas, and its working groups. Note that + other groups may also distribute working documents as Internet- + Drafts. Internet-Drafts are draft documents valid for a maximum of + six months and may be updated, replaced, or obsoleted by other + documents at any time. It is inappropriate to use Internet- Drafts + as reference material or to cite them other than as "work in + progress." + + The list of current Internet-Drafts can be accessed at + http://www.ietf.org/ietf/1id-abstracts.txt + + The list of Internet-Draft Shadow Directories can be accessed at + http://www.ietf.org/shadow.html. + +2. Abstract + + This document describes a Duplicate Entry Representation control + extension for the LDAP Search operation. By using the control with + an LDAP search, a client requests that the server return separate + entries for each value held in the specified attributes. For + instance, if a specified attribute of an entry holds multiple + values, the search operation will return multiple instances of that + entry, each instance holding a separate single value in that + attribute. + +3. Overview + + The Server-Side Sorting control [SSS] allows the server to order + search result entries based on attribute values (sort keys). It + does not allow one to specify behavior when an attribute contains + multiple values. The default behavior, as outlined in 7.9 of + [X.511], is to use the smallest value as the sort key. + + An application may need to produce an ordered list of entries, + sorted by a multi-valued attribute, where each attribute value is + represented in the list. In order to do this, a separate control is + needed which causes the set of entries to be expanded sufficiently + to represent each attribute value prior to sorting. + + + Sermersheim Standards Track - Expires Sep 2000 Page 1 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + This document describes controls, which allow duplicate entries in + the result set of search, where each entry represents a distinct + value of a given multiple valued attribute. + + An example of this would be a sorted list of all telephone numbers + in an organization. Because any entry may have multiple telephone + numbers, and the list is to be sorted by telephone number, the list + must be able to contain duplicate entries, each with its own unique + telephone number. + + Another example would be an application that needs to display an + ordered list of all members of a group. It would use this control + to create a result set of duplicate groupOfNames entries, each with + a single, unique value in its member attribute. + + The key words "MUST", "SHOULD", and "MAY" used in this document + carry the meanings described in [Bradner97]. + +4. The Controls + + Support for the controls is advertised by the presence of their OID + in the supportedControl attribute of a server's root DSE. The OID + for the request control is "2.16.840.1.113719.1.27.101.1" and the + OID for the response control is "2.16.840.1.113719.1.27.101.2". + +4.1 Request Control + + This control is included in the searchRequest message as part of the + controls field of the LDAPMessage, as defined in Section 4.1.12 of + [LDAPv3]. + + The controlType is set to "2.16.840.1.113719.1.27.101.1". The + criticality MAY be set to either TRUE or FALSE. The controlValue is + an OCTET STRING, whose value is the BER encoding of the following + type: + + DuplicateEntryRequest ::= AttributeDescriptionList + + The "AttributeDescriptionList" data type is described in 4.1.5 of + [LDAPv3] and describes a list of 0 or more AttributeDescription + types as also described in 4.1.5 of [LDAPv3]. Both definitions are + repeated here for convenience: + + AttributeDescriptionList ::= SEQUENCE OF + AttributeDescription + + AttributeDescription ::= [ ";" ] + + While processing a search request, a server implementation examines + this list. If a specified attribute exists in an entry to be + returned by search, one instance of that entry per attribute value + is returned. In this case, the specified attribute in each entry + + +Sermersheim Standards Track - Expires Sep 2000 Page 2 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + holds a single, unique value from the original set of values of that + attribute. + + An AttributeDescription should only occur once in the list. If an + AttributeDescription is included in the DuplicateEntryRequest + multiple times, the server should return an unwillingToPerform error + in the DuplicateEntryResponse. + + When two or more attribute types are specified by this control, the + number of duplicate entries is the combination of all values in each + attribute. Because of the potential complexity involved in servicing + multiple attribute types, server implementations MAY choose to + support a limited number of attribute types in the control. + + There is a special case where either no attributes are specified, or + an attribute description value of "*" is specified. In this case, + all attributes are used. (The "*" allows the client to request all + user attributes in addition to specific operational attributes). + +4.2 Response Control + + This control is included in the searchResultDone message as part of + the controls field of the LDAPMessage, as defined in Section 4.1.12 + of [LDAPv3]. + + The controlType is set to "2.16.840.1.113719.1.27.101.2". The + criticality is FALSE (MAY be absent). The controlValue is an OCTET + STRING, whose value is the BER encoding of the following SEQUENCE: + + DuplicateEntryResponse ::= SEQUENCE { + result ENUMERATED { + success (0), + operations error (1), -- server internal failure + timeLimitExceeded (3), -- time limit reached before + -- attribute values could be + -- processed + sizeLimitExceeded (4), -- size limit reached as a + -- result of this control + adminLimitExceeded (11), -- result set too large for + -- server to handle + noSuchAttribute (16), -- unrecognized attribute + -- description + busy (51), + unwillingToPerform (53), + other (80) }, + attributeType AttributeDescription OPTIONAL } + + A result field is provided here to allow feedback in the case where + the criticality of the request control is FALSE, and the server + could not process the control - yet it could complete the search + operation successfully. If the request control's criticality is + TRUE, and the server cannot process the control, the resultCode of + the LDAPResult is used to report the error. + +Sermersheim Standards Track - Expires Sep 2000 Page 3 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + + attributeType MAY be set to the value of the first attribute type + specified by the DuplicateEntryRequest that was in error. The + client MUST ignore the attributeType field if the result is success. + +5. Protocol Examples + +5.1 Simple example + + This example will show this control being used to produce a list of + all telephone numbers in the "Acting" organizational unit of "Looney + Tunes". Let's say the following three entries exist in this + organization; + + dn: cn=Bugs Bunny,ou=Acting,o=Looney Tunes + telephoneNumber: 555-0123 + + dn: cn=Daffy Duck,ou=Acting,o=Looney Tunes + telephoneNumber: 555-8854 + telephoneNumber: 555-4588 + telephoneNumber: 555-5884 + + dn: cn=Porky Pig,ou=Acting,o=Looney Tunes + telephoneNumber: 555-9425 + telephoneNumber: 555-7992 + + First an LDAP search is specified with a baseDN of "ou=Acting, + o=Looney Tunes ", subtree scope, filter set to "telephoneNumber=*". + A DuplicateEntryRequest control is attached to the search, + specifying "telephoneNumber" as the attribute description, and the + search request is sent to the server. + + The set of search results returned by the server would then consist + of the following entries: + + dn: cn=Bugs Bunny,ou=Acting,o=Looney Tunes + telephoneNumber: 555-0123 + + dn: cn=Daffy Duck,ou=Acting,o=Looney Tunes + telephoneNumber: 555-8854 + + dn: cn=Daffy Duck,ou=Acting,o=Looney Tunes + telephoneNumber: 555-4588 + + dn: cn=Daffy Duck,ou=Acting,o=Looney Tunes + telephoneNumber: 555-5884 + + dn: cn=Porky Pig,ou=Acting,o=Looney Tunes + telephoneNumber: 555-9425 + + dn: cn=Porky Pig,ou=Acting,o=Looney Tunes + telephoneNumber: 555-7992 + + +Sermersheim Standards Track - Expires Sep 2000 Page 4 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + Note that it is not necessary to use an attribute type in this + control that is specified in the search filter. This example only + does so, because the result was to obtain a list of telephone + numbers. + +5.2 Specifying multiple attributes + + A more complicated example involving multiple attributes will result + in more entries. If we assume these entries in the directory: + + dn: cn=Bugs Bunny,ou=Acting,o=Looney Tunes + givenName: Bugs + mail: bbunny@looneytunes.com + + dn: cn=Elmer Fudd,ou=Acting,o=Looney Tunes + givenName: Elmer + givenName: Doc + mail: efudd@looneytunes.com + mail: bunnyhunter@nra.org + + And both "mail" and "givenName" are specified as attribute types in + this control, the resulting set of entries would be this: + + dn: cn=Bugs Bunny,ou=Acting,o=Looney Tunes + givenName: Bugs + mail: bbunny@looneytunes.com + + dn: cn=Elmer Fudd,ou=Acting,o=Looney Tunes + givenName: Elmer + mail: efudd@looneytunes.com + + dn: cn=Elmer Fudd,ou=Acting,o=Looney Tunes + givenName: Elmer + mail: bunnyhunter@nra.org + + dn: cn=Elmer Fudd,ou=Acting,o=Looney Tunes + givenName: Doc + mail: efudd@looneytunes.com + + dn: cn=Elmer Fudd,ou=Acting,o=Looney Tunes + givenName: Doc + mail: bunnyhunter@nra.org + +5.3 Listing the members of a groupOfNames + + This example shows how the controls can be used to turn a single + groupOfNames entry into multiple duplicate entries. LetÆs say this + is our groupOfNames entry: + + dn: cn=Administrators,o=acme + cn: Administrators + member: cn=aBaker,o=acme + member: cn=cDavis,o=acme + +Sermersheim Standards Track - Expires Sep 2000 Page 5 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + member: cn=bChilds,o=acme + member: cn=dEvans,o=acme + + We could set our search base to "cn=Administrators,o=acme", filter + to "objectClass=*", use an object scope (to restrict it to this + entry) and send the duplicateEntryRequest control with "member" as + its attribute value. The resulting set would look like this: + + dn: cn=Administrators,o=acme + member: cn=aBaker,o=acme + + dn: cn=Administrators,o=acme + member: cn=cDavis,o=acme + + dn: cn=Administrators,o=acme + member: cn=bChilds,o=acme + + dn: cn=Administrators,o=acme + member: cn=dEvans,o=acme + + This list can then be sorted by member and displayed (also by + member) in a list. + +6 Relationship to other controls + + This control is intended (but not limited) to be used with the + Server Side Sorting control [SSS]. By pairing this control with the + Server Side Sorting control, One can produce a set of entries, + sorted by attribute values, where each attribute value is + represented in the sorted set. Server implementations should ensure + that this control is processed before sorting the result of a + search, as this control alters the result set of search. + + This control may also be used with the Virtual List View [VLV] + control (which has a dependency on the Server Side Sort control). + The nature of the dependency between the VLV control and the Sort + control is such that the Sorting takes place first. Because the sort + happens first, and because this control is processed before the sort + control, the impact of this control on the VLV control is minimal. + Some server implementations may need to carefully consider how to + handle the typedown functionality of the VLV control when paired + with this control. The details of this are heavily implementation + dependent and are beyond the scope of this document. + +7. Notes for Implementers + + Both client and server implementations should be aware that using + this control could potentially result in a very large set of search + results. Servers MAY return an adminLimitExceeded result in the + response control due to inordinate consumption of resources. This + may be due to some a priori knowledge such as a server restriction + of the number of attribute types in the request control that it's + + +Sermersheim Standards Track - Expires Sep 2000 Page 6 + +LDAP Control for a Duplicate Entry Representation of Search Results + + + willing to service, or it may be due to the server attempting to + service the control and running out of resources. + + Client implementations must be aware that search entries returned, + when using this control will contain a subset of the values of any + specified attribute. + +8. Acknowledgments + + The author gratefully thanks the input and support of participants + of the LDAP-EXT working group. + +9. References + + [LDAPv3] + Wahl, M, S. Kille and T. Howes, "Lightweight Directory Access + Protocol (v3)", Internet Standard, December, 1997. + Available as RFC2251. + + [SSS] + Wahl, M, A. Herron and T. Howes, "LDAP Control Extension for Server + Side Sorting of Search Results", Internet Draft, March, 1998. + Available as draft-ietf-ldapext-sorting-02.txt. + + [VLV] + Boreham, D, Sermersheim, J, Anantha, A, Armijo, M, "LDAP Extensions + for Scrolling View Browsing of Search Results", Internet Draft, + June, 1999. + Available as draft-ietf-ldapext-ldapv3-vlv-03.txt. + + + [X.511] + ITU-T Rec. X.511, "The Directory: Abstract Service Definition", + 1993. + + [Bradner97] + Bradner, Scott, "Key Words for use in RFCs to Indicate Requirement + Levels", Internet Draft, March, 1997. + Available as RFC2119. + +10. Author's Address + + Jim Sermersheim + Novell, Inc. + 122 East 1700 South + Provo, Utah 84606, USA + jimse@novell.com + +1 801 861-3088 + + + + + + +Sermersheim Standards Track - Expires Sep 2000 Page 7 diff --git a/doc/drafts/draft-ietf-ldapext-matchedval-xx.txt b/doc/drafts/draft-ietf-ldapext-matchedval-xx.txt new file mode 100644 index 0000000000..5bbe792698 --- /dev/null +++ b/doc/drafts/draft-ietf-ldapext-matchedval-xx.txt @@ -0,0 +1,307 @@ +Internet-Draft David Chadwick +LDAPExt WG University of Salford +Intended Category: Standards Track Sean Mullan + Sun +Microsystems +Expires: 8 March 2000 8 September 1999 + +Returning Matched Values with LDAPv3 + + +STATUS OF THIS MEMO + +This document is an Internet-Draft and is in full conformance with +all the provisions of Section 10 of RFC2026. + +Internet-Drafts are working documents of the Internet Engineering +Task Force (IETF), its areas, and its working groups. Note that other +groups may also distribute working documents as Internet-Drafts. + +Internet-Drafts are draft documents valid for a maximum of six months +and may be updated, replaced, or obsoleted by other documents at any +time. It is inappropriate to use Internet-Drafts as reference +material or to cite them other than as "work in progress." + +The list of current Internet-Drafts can be accessed at +http://www.ietf.org/ietf/1id-abstracts.txt. + +The list of Internet-Draft Shadow Directories can be accessed at +http://www.ietf.org/shadow.html. + +This Internet-Draft expires on 8 March 2000. Comments and suggestions +on this document are encouraged. Comments on this document should be +sent to the LDAPExt working group discussion list: + ietf-ldapext@netscape.com +or directly to the authors. + +ABSTRACT + +This document describes a control for the Lightweight Directory +Access Protocol v3 that is used to return a subset of attribute +values from an entry, specifically, only those values that +contributed to the search filter evaluating to TRUE. Without support +for this control, a client must retrieve all of an attribute's values +and search for specific values locally. + +1. Introduction + +When reading an attribute from an entry using LDAP v2 [1] or LDAPv3 +[2], it is normally only possible to read either the attribute type, +or the attribute type and all its values. It is not possible to +selectively read just a few of the attribute values. If an attribute +holds many values, for example, the userCertificate attribute, or the +subschema publishing operational attributes objectClasses and +attributeTypes [3], then it may be desirable for the user to be able +to selectively retrieve a subset of the values, specifically, those +attribute values that match the selection criteria as specified by +the user in the filter. Without the control specified in this +[ID/standard] a client must read all of the attribute's values and +filter out the unwanted values, necessitating the client to implement +the matching rules. It also requires the client to potentially read +and process many irrelevant values, which can be inefficient if the +values are large or complex, or there are many values stored per +attribute. + +This Internet Draft specifies an LDAPv3 control to enable a user to +return only those values that matched (i.e. returned TRUE to) one or +more elements of the Search filter. This control can be especially +useful when used in conjunction with extensible matching rules that +match on one or more components of complex binary attribute values. + +The control has been described in such a way as to be fully +compatible with the matchedValuesOnly boolean of the X.500 DAP [4] +Search argument, as amended in the latest version [6]. + +The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", +"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this +document are to be interpreted as described in RFC 2119 [5]. + +2. The matchedValuesOnly Control + +The matchedValuesOnly control MAY be critical or non-critical as +determined by the user. It is only applicable to the Search +operation, and SHALL be ignored by the server if it is present on any +other LDAP operation (even if marked critical on such operations). + +The object identifier for this control is 1.2.826.0.1.3344810.2.2 + +The controlValue is absent. + +If the server supports this control, the server MUST make use of the +control as follows: + +(1) If the typesOnly parameter of the Search Request is TRUE, +the control has no effect and the Search Request SHOULD be +processed as if the control had not been specified. + +(2) If the attributes parameter of the Search Request consists +of a list containing only the attribute with OID "1.1" +(specifying that no attributes are to be returned), the control +has no effect and the Search Request SHOULD be processed as if +the control had not been specified. + +(3) For each attribute listed in the attributes parameter of the +Search Request, the server MUST apply the control as follows: + +i) Every attribute value that evaluates TRUE against one or +more filters, excluding the ignored filters (see below), +is logically marked by the server as contributing to the +filter matching. +ii) Attributes that have no values marked as contributing, +have all their values returned to the user. +iii) Attributes that have one or more values marked as +contributing have only the contributing values returned to +the user, whilst the other values of the same attribute +(if there are any) are not returned. + +Certain filters are ignored for the purposes of marking the attribute +values as contributing. These are: + +the ôpresentö filter, since this filter does not test against +any attribute values; +the ônotö filter, since this would have the effect of marking +all the attribute values except the one(s) that matched the +non-negated filter. + +3. Relationship to X.500 + +The matchedValuesOnly control defined in this document is derived +from the matchedValuesOnly boolean parameter of the X.511 (93) DAP +Search operation [4]. Note however that in X.511 (93), the +matchedValuesOnly parameter is ignored when used with an "equality" +match FilterItem, and so the user must use the extensibleMatch filter +along with the equality matching rule if only matched values are +wanted with equality matching. This slightly spurious equality match +restriction has been removed from the 2000 version of X.511 [6]. For +LDAP servers acting as a gateway to an X.500 directory, the matched +valuesOnly control can be directly mapped onto the X.511 +matchedValuesOnly Search parameter as follows: + +(1) If the matchedValuesOnly control is specified, the +matchedValuesOnly DAP parameter MUST be set to true. If the +control criticality value is TRUE then bit 17 of the DAP +criticalExtensions MUST be set. + +(2) If an equality matching rule is specified in the filter of +the LDAPv3 search operation, then if operating with a pre-2000 +edition DSA, the corresponding equality FilterItem contained in +the X.511 filter parameter MUST NOT be used, but rather the +extensibleMatch filter item MUST be used instead (the assertion +consisting of the equality matching rule, the attribute type to +match on, and the asserted value). When operating with DSAs +that support the 2000 DAP enhancement, the equality FilterItem +MAY be used. + +4. Examples + +(1) The first example simply shows how the control can be used to +selectively read a subset of attribute values. + +The entry below represents a groupOfNames object class containing +several members from different organizations. + +cn: Cross Organizational Standards Body +member: cn=joe, o=acme +member: cn=alice, o=acme +member: cn=bob, o=foo +member: cn=sue, o=bar + +An LDAP search operation is specified with a baseObject set to the +DN of the entry, a baseObject scope, a filter set to +"member=*o=acme", and the list of attributes to be returned set to +"member". In addition, a matchedValuesOnly control is attached to the +search request. + +The search results returned by the server would consist of the +following entry: + +cn: Cross Organizational Standards Body +member: cn=joe, o=acme +member: cn=alice, o=acme + +(2) The second example shows how the control has no effect on +attributes that do not participate in the search filter. + +The entries below represent inetOrgPerson [7] object classes located +below some distinguished name in the directory. + +cn: Sean Mullan +mail: sean.mullan@sun.com +mail: mullan@east.sun.com +telephoneNumber: +1 781 442 0926 +telephoneNumber: 555-9999 + +cn: David Chadwick +mail: d.w.chadwick@salford.ac.uk + +An LDAP search operation is specified with a baseObject set to the +DN of the entry, a subtree scope, a filter set to +"(|(mail=sean.mullan@sun.com)(mail=d.w.chadwick@salford.ac.uk))", and +the list of attributes to be returned set to "mail telephoneNumber". +In addition, a matchedValuesOnly control is attached to the search +request. + +The search results returned by the server would consist of the +following entries: + +cn: Sean Mullan +mail: sean.mullan@sun.com +telephoneNumber: +1 781 442 0926 +telephoneNumber: 555-9999 + +cn: David Chadwick +mail: d.w.chadwick@salford.ac.uk + +Note that the control has no effect on the values returned for the +"telephoneNumber" attribute (all of the values are returned), since +it did not participate in the search filter. + +5. Security Considerations + +This Internet Draft does not discuss security issues at all. + +Note that attribute values MUST only be returned if the access +controls applied by the LDAP server allow them to be returned, and in +this respect the effect of the matchedValuesOnly control is of no +consequence. + +Note that the matchedValuesOnly control may have a positive effect on +the deployment of public key infrastructures. Certain PKI operations, +like searching for specific certificates, become more practical (when +combined with X.509 certificate matching rules at the server) and +more scalable, since the control avoids the downloading of +potentially large numbers of irrelevant certificates which would have +to be processed and filtered locally (which in some cases is very +difficult to perform). + +6. Copyright + +Copyright (C) The Internet Society (date). All Rights Reserved. + +This document and translations of it may be copied and furnished to +others, and derivative works that comment on or otherwise explain it +or assist in its implementation may be prepared, copied, published +and distributed, in whole or in part, without restriction of any +kind, provided that the above copyright notice and this paragraph are +included on all such copies and derivative works. However, this +document itself may not be modified in any way, such as by removing +the copyright notice or references to the Internet Society or other +Internet organizations, except as needed for the purpose of +developing Internet standards in which case the procedures for +copyrights defined in the Internet Standards process must be +followed, or as required to translate it into languages other than +English. + +The limited permissions granted above are perpetual and will not be +revoked by the Internet Society or its successors or assigns. + +This document and the information contained herein is provided on an +"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +7. References + +[1] Yeong, W., Howes, T., and Kille, S. "Lightweight Directory Access +Protocol", RFC 1777, March 1995. +[2] M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access +Protocol (v3)", Dec. 1997, RFC 2251 +[3] M. Wahl, A. Coulbeck, T. Howes, S. Kille, ôLightweight Directory +Access Protocol (v3): Attribute Syntax Definitionsö, RFC 2252, Dec +1997 +[4] ITU-T Rec. X.511, "The Directory: Abstract Service Definition", +1993. +[5] S.Bradner. "Key words for use in RFCs to Indicate Requirement +Levels", RFC 2119, March 1997. +[6] ôFPDAMs to ISO/IEC 9594 Parts 1, 2, 3, 4, 5, 6, 7 and 9 to +support the ITU-T Rec. F.510 "Automated Directory Assistance, White +Pages Service Definitions"ö, Collaborative ITU-T/SG7/Q15 and +JTC1/SC6/WG7 OSI Directory Meeting 7-15 April 1999, Orlando, USA +[7] M. Smith. "Definition of the inetOrgPerson LDAP Object Class", +Internet Draft , April 1999. + +8. Authors Addresses + +David Chadwick +IS Institute +University of Salford +Salford M5 4WT +England + +Email: d.w.chadwick@salford.ac.uk + +Sean Mullan +Sun Microsystems Laboratories +One Network Drive +Burlington +MA 01803-0902 +USA + +Tel: +1 781 442-0926 Fax: +1 781 442-1692 +Email: sean.mullan@sun.com + +Internet-Draft Returning Matched Values with LDAPv3 8 September 1999 + +5 diff --git a/doc/drafts/draft-ietf-ldapext-psearch-xx.txt b/doc/drafts/draft-ietf-ldapext-psearch-xx.txt new file mode 100644 index 0000000000..c313da6aaa --- /dev/null +++ b/doc/drafts/draft-ietf-ldapext-psearch-xx.txt @@ -0,0 +1,463 @@ + +Network Working Group M. Smith, Editor +INTERNET-DRAFT G. Good +Intended Category: Informational R. Weltman +Expires: September 2000 Netscape Communications Corp. + T. Howes + Loudcloud, Inc. + + 7 March 2000 + + + Persistent Search: A Simple LDAP Change Notification Mechanism + + + + + + +1. Status of this Memo + +This document is an Internet-Draft and is in full conformance with all +provisions of Section 10 of RFC2026. Internet-Drafts are working docu- +ments of the Internet Engineering Task Force (IETF), its areas, and its +working groups. Note that other groups may also distribute working +documents as Internet-Drafts. + +Internet-Drafts are draft documents valid for a maximum of six months +and may be updated, replaced, or obsoleted by other documents at any +time. It is inappropriate to use Internet-Drafts as reference material +or to cite them other than as "work in progress." + +The list of current Internet-Drafts can be accessed at +http://www.ietf.org/ietf/1id-abstracts.txt. + +The list of Internet-Draft Shadow Directories can be accessed at +http://www.ietf.org/shadow.html. + +This draft document will be submitted to the RFC Editor as an Informa- +tional document. Distribution of this memo is unlimited. Technical dis- +cussion of this document will take place on the IETF LDAP Extension +Working Group mailing list . Please send +editorial comments directly to the editor . + +Copyright (C) The Internet Society (1997-2000). All Rights Reserved. + +Please see the Copyright section near the end of this document for more +information. + + + + + +Smith, et. al. Intended Category: Informational [Page 1] + +LDAP Persistent Search 7 March 2000 + + +2. Abstract + +This document defines two controls that extend the LDAPv3 [LDAP] search +operation to provide a simple mechanism by which an LDAP client can +receive notification of changes that occur in an LDAP server. The +mechanism is designed to be very flexible yet easy for clients and +servers to implement. Since the IETF is likely to pursue a different, +more comprehensive solution in this area, this document will eventually +be published with Informational status in order to document an existing +practice. + +The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", +"SHOULD", "SHOULD NOT", "RECOMMENDED", and "MAY" in this document are +to be interpreted as described in RFC 2119 [KEYWORDS]. + + + +3. General Approach + +The approach taken by the Persistent Search mechanism described in this +document is to alter the standard LDAP search operation so that it does +not end after the initial set of entries matching the search criteria +are returned. Instead, LDAP servers keep the search operation going. +This provides clients and servers participating in Persistent Search +with an active channel through which entries that change (and additional +information about the changes that occur) can be communicated. + + + +4. Persistent Search Control + +This control may be included in the Controls portion of an LDAPv3 Sear- +chRequest message. The controlType is "2.16.840.1.113730.3.4.3". + + PersistentSearch ::= SEQUENCE { + changeTypes INTEGER, + changesOnly BOOLEAN, + returnECs BOOLEAN + } + +Upon receiving this control, a server that supports it MUST process this +as a standard LDAPv3 search with the following exceptions: + + + a) If changesOnly is TRUE, the server MUST NOT return any existing + entries that match the search criteria. Entries are only + returned when they are changed (added, modified, deleted, or + subject to a modifyDN operation). + + + +Smith, et. al. Intended Category: Informational [Page 2] + +LDAP Persistent Search 7 March 2000 + + + b) The server MUST NOT return a SearchResult message. Instead, the + search operation MUST be kept active until it is abandoned by + the client or until the client unbinds. + + + c) As changes are made to the server, the effected entries MUST be + returned to the client if they match the standard search cri- + teria and if the operation that caused the change is included in + the changeTypes field. The changeTypes field is the logical OR + of one or more of these values: add (1), delete (2), modify (4), + modDN (8). + + + d) If returnECs is TRUE, the server MUST return an Entry Change + Notification control with each entry returned as the result of + changes. This control is described in the next section. + + + +5. Entry Change Notification Control + +This control provides additional information about the change the caused +a particular entry to be returned as the result of a persistent search. +The controlType is "2.16.840.1.113730.3.4.7". If the client set the +returnECs boolean to TRUE in the PersistentSearch control, servers MUST +include an EntryChangeNotification control in the Controls portion of +each SearchResultEntry that is returned due to an entry being added, +deleted, or modified. + + EntryChangeNotification ::= SEQUENCE { + changeType ENUMERATED { + add (1), + delete (2), + modify (4), + modDN (8) + }, + previousDN LDAPDN OPTIONAL, -- modifyDN ops. only + changeNumber INTEGER OPTIONAL -- if supported + } + +changeType indicates what LDAP operation caused the entry to be +returned. + +previousDN is present only for modifyDN operations and gives the DN of +the entry before it was renamed and/or moved. Servers MUST include this +optional field only when returning change notifications as a result of +modifyDN operations. + + + + +Smith, et. al. Intended Category: Informational [Page 3] + +LDAP Persistent Search 7 March 2000 + + +changeNumber is the change number [CHANGELOG] assigned by a server for +the change. If a server supports an LDAP Change Log it SHOULD include +this field. + + + +6. Intended Use + +Some of the scenarios that the Persistent Search mechanism described in +this document is designed to support are described in this section. +Other uses of the mechanism are possible as well, but please refer to +the "Implementation Considerations" section for some issues to consider. + + +6.1. Cache Consistency + +An LDAP client application with high performance needs may want to main- +tain a temporary, local cache of information obtained through LDAP +search, compare, or bind operations. To improve performance, the local +cache is always consulted before sending a request to an LDAP server. +The client application can use Persistent Search(es) against the change- +log [CHANGELOG] (if one is available) or against one or more subtrees +within the LDAP server to enable it to maintain consistency between the +data in its local cache and the data stored in the LDAP server. A Per- +sistent Search request where the changesOnly flag is FALSE can be used +if it is desirable to prime the cache; otherwise changesOnly would typi- +cally be set to TRUE in the request. + +Caches are used for reasons other than performance improvement as well. +In some cases, they arise naturally out of a particular application's +design. For example, an LDAP client designed for administration of +information held in LDAP servers will undoubtedly generate screen +displays that show information gleaned from an LDAP server. The screen +display is a cache that is active and visible until the user of the +application takes some action that causes different information to be +displayed. A refresh button or similar control may be provided to the +user to allow them to update the cached display. A Persistent Search +request can be used instead by the administrative application to +automatically refresh the screen display as soon as the underlying LDAP +information changes. + + +6.2. Synchronization + +Some LDAP clients such as those that execute on a portable computer may +maintain a partial or complete offline copy of the entries stored in an +LDAP server. While connected to the network, such a client can direct +all queries to the copy of data it holds and use a Persistent Search to + + + +Smith, et. al. Intended Category: Informational [Page 4] + +LDAP Persistent Search 7 March 2000 + + +actively maintain the contents of the offline copy (alternatively, the +client could direct requests to the LDAP server that is the source of +the data). While disconnected from the network, the client must satisfy +all queries using its offline copy of the data. When the client recon- +nects to the network, it can synchronize its own copy of the data with +the one stored on the LDAP server and proceed to actively maintain its +offline copy by issuing a Persistent Search with the changesOnly flag +set to FALSE against the server's changelog [CHANGELOG]. A search +filter like "(changeNumber>=NUM)" where NUM is an integer one greater +than the last change the client processed would be used to limit the +entries returned to the set of changes the client has not yet seen. + + +6.3. Triggered Actions + +An LDAP client application may want to take some action when an entry in +the directory is changed. A Persistent Search request can be used to +proactively monitor one or more LDAP servers for interesting changes +that in turn cause specific actions to be taken by an application. For +example, an electronic mail repository may want to perform a "create +mailbox" task when a new person entry is added to an LDAP directory and +a "delete mailbox" task when a person entry is deleted from an LDAP +directory. + + + +7. Implementation Considerations + +Implementors of servers that support the mechanism described in this +document should ensure that their implementation scales well as the +number of active Persistent Search requests increases and as the number +of changes made in the directory increases. + +Each active Persistent Search request requires that an open TCP connec- +tion be maintained between an LDAP client and an LDAP server that might +not otherwise be kept open. Therefore, client implementors are +encouraged to avoid using Persistent Search for non-essential tasks and +to close idle LDAP connections as soon as practical. Server implemen- +tors are encouraged to support a large number of client connections if +they need to support large numbers of Persistent Search clients. + + +This specification makes no guarantees about how soon a server should +send notification of a changed entry to a Persistent Search client. +This is intentional as any specific maximum delay would be impossible to +meet in a distributed directory service implementation. Server imple- +mentors are encouraged to minimize the delay before sending notifica- +tions to ensure that clients' needs for timeliness of change + + + +Smith, et. al. Intended Category: Informational [Page 5] + +LDAP Persistent Search 7 March 2000 + + +notification are met. + + + +8. Security Considerations + +In some situations, it may be important to prevent general exposure of +information about changes that occur in an LDAP server. Therefore, +servers that implement the mechanism described in this document SHOULD +provide a means to enforce access control on the entries returned and +MAY also provide specific access control mechanisms to control the use +of the PersistentSearch and EntryChangeNotification controls. + + +As with normal LDAP search requests, a malicious client can initiate a +large number of Persistent Search requests in an attempt to consume all +available server resources and deny service to legitimate clients. For +this reason, servers that implement the mechanism described in the docu- +ment SHOULD provide a means to limit the number of resources that can be +consumed by a single client. + + + +9. Copyright + +Copyright (C) The Internet Society (1997-2000). All Rights Reserved. + +This document and translations of it may be copied and furnished to oth- +ers, and derivative works that comment on or otherwise explain it or +assist in its implementation may be prepared, copied, published and dis- +tributed, in whole or in part, without restriction of any kind, provided +that the above copyright notice and this paragraph are included on all +such copies and derivative works. However, this document itself may not +be modified in any way, such as by removing the copyright notice or +references to the Internet Society or other Internet organizations, +except as needed for the purpose of developing Internet standards in +which case the procedures for copyrights defined in the Internet Stan- +dards process must be followed, or as required to translate it into +languages other than English. + +The limited permissions granted above are perpetual and will not be +revoked by the Internet Society or its successors or assigns. + +This document and the information contained herein is provided on an "AS +IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK +FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT +LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT +INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR + + + +Smith, et. al. Intended Category: Informational [Page 6] + +LDAP Persistent Search 7 March 2000 + + +FITNESS FOR A PARTICULAR PURPOSE. + + + +10. Bibliography + +[KEYWORDS] S. Bradner, "Key words for use in RFCs to Indicate Require- + ment Levels", RFC 2119, March 1997. + +[LDAP] M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access + Protocol (v3)", RFC 2251, December 1997. + +[CHANGELOG] G. Good, "Definition of an Object Class to Hold LDAP Change + Record", INTERNET-DRAFT , + July 1997. + +[PSEARCHAPI] M. Smith, "LDAP C API Extensions for Persistent Search", + INTERNET-DRAFT , + March 1998. + + + +11. Authors' Addresses + + Mark Smith + Netscape Communications Corp. + 501 E. Middlefield Rd., Mailstop MV068 + Mountain View, CA 94043 + USA + +1 650 937-3477 + mcs@netscape.com + + Gordon Good + Netscape Communications Corp. + 501 E. Middlefield Rd., Mailstop MV068 + Mountain View, CA 94043 + USA + +1 650 937-3825 + ggood@netscape.com + + Rob Weltman + Netscape Communications Corp. + 501 E. Middlefield Rd., Mailstop MV068 + Mountain View, CA 94043 + USA + +1 650 937-3301 + rweltman@netscape.com + + + + +Smith, et. al. Intended Category: Informational [Page 7] + +LDAP Persistent Search 7 March 2000 + + + Tim Howes + Loudcloud, Inc. + 615 Tasman Dr. + Sunnyvale, CA 94089 + USA + +1 650 321 4565 + howes@loudcloud.com + + + +12. Appendix A: Changes since draft-ietf-ldapext-psearch-01.txt + + "Status of this Memo" section: changed "Intended Category" to Infor- + mational. Also updated boilerplate text to reflect current I-D + guidelines and updated copyright to include the year "2000." + + "Abstract" section: added sentence that says why this will be pub- + lished as Informational. + + "Entry Change Notification Control" section: added the word "only" to + clarify that the previousDN field is only returned for modifyDN + operations. + + "Authors' Addresses" section: updated Tim Howes' information. + + + + + + + + + + + + + + + + + + + + + + + + + + + +Smith, et. al. Intended Category: Informational [Page 8] + + + +1. Status of this Memo............................................1 +2. Abstract.......................................................2 +3. General Approach...............................................2 +4. Persistent Search Control......................................2 +5. Entry Change Notification Control..............................3 +6. Intended Use...................................................4 +6.1. Cache Consistency...........................................4 +6.2. Synchronization.............................................4 +6.3. Triggered Actions...........................................5 +7. Implementation Considerations..................................5 +8. Security Considerations........................................6 +9. Copyright......................................................6 +10. Bibliography...................................................7 +11. Authors' Addresses.............................................7 +12. Appendix A: Changes since draft-ietf-ldapext-psearch-01.txt...8 diff --git a/doc/drafts/draft-ietf-ldapext-sorting-xx.txt b/doc/drafts/draft-ietf-ldapext-sorting-xx.txt index 8a7b99f128..6db7343359 100644 --- a/doc/drafts/draft-ietf-ldapext-sorting-xx.txt +++ b/doc/drafts/draft-ietf-ldapext-sorting-xx.txt @@ -1,45 +1,50 @@ +Network Working Group T. Howes, Netscape +INTERNET DRAFT M. Wahl, Critical Angle Inc +Intended Category: Standards Track A. Anantha, Microsoft +Expires: December 5, 2000 June 5, 2000 -Network Working Group A. Herron, Microsoft -INTERNET DRAFT T. Howes, Netscape -Expire in six months M. Wahl, Critical Angle Inc - A. Anantha, Microsoft - April 5, 1999 LDAP Control Extension for Server Side Sorting of Search Results - draft-ietf-ldapext-sorting-02.txt + draft-ietf-ldapext-sorting-03.txt 1. Status of this Memo -This document is an Internet-Draft. Internet-Drafts are working docu- -ments of the Internet Engineering Task Force (IETF), its areas, and its -working groups. Note that other groups may also distribute working +This document is an Internet-Draft and is in full conformance with all +provisions of Section 10 of RFC2026. Internet-Drafts are working +documents of the Internet Engineering Task Force (IETF), its areas, and +its working groups. Note that other groups may also distribute working documents as Internet-Drafts. -Internet-Drafts are draft documents valid for a maximum of six months -and may be updated, replaced, or obsoleted by other documents at any -time. It is inappropriate to use Internet- Drafts as reference material -or to cite them other than as ``work in progress.'' +Internet-Drafts are draft documents valid for a maximum of six months +and may be updated, replaced, or obsoleted by other documents at any +time. It is inappropriate to use Internet-Drafts as reference material +or to cite them other than as "work in progress." -To learn the current status of any Internet-Draft, please check the -``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow -Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), -ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). +The list of current Internet-Drafts can be accessed at +http://www.ietf.org/ietf/1id-abstracts.txt. -This document expires on October 5, 1999. +The list of Internet-Draft Shadow Directories can be accessed at +http://www.ietf.org/shadow.html. + +This draft document will be submitted to the RFC Editor as a Standards +Track document. Distribution of this memo is unlimited. Technical +discussion of this document will take place on the IETF LDAP Extension +Working Group mailing list . Please send +editorial comments directly to the authors. 2. Abstract -This document describes two LDAPv3 control extensions for server side +This document describes two LDAPv3 control extensions for server side sorting of search results. These controls allows a client to specify the -attribute types and matching rules a server should use when returning -the results to an LDAP search request. The controls may be useful when -the LDAP client has limited functionality or for some other reason -cannot sort the results but still needs them sorted. Other permissible +attribute types and matching rules a server should use when returning +the results to an LDAP search request. The controls may be useful when +the LDAP client has limited functionality or for some other reason +cannot sort the results but still needs them sorted. Other permissible controls on search operations are not defined in this extension. The sort controls allow a server to return a result code for the sorting -of the results that is independent of the result code returned for the +of the results that is independent of the result code returned for the search operation. The key words "MUST", "SHOULD", and "MAY" used in this document are to @@ -49,13 +54,14 @@ be interpreted as described in [bradner97]. 3.1 Request Control -This control is included in the searchRequest message as part of the -controls field of the LDAPMessage, as defined in Section 4.1.12 of +This control is included in the searchRequest message as part of the +controls field of the LDAPMessage, as defined in Section 4.1.12 of + [LDAPv3]. The controlType is set to "1.2.840.113556.1.4.473". The criticality MAY be either TRUE or FALSE (where absent is also equivalent to -FALSE) at the client's option. The controlValue is an OCTET STRING, +FALSE) at the client's option. The controlValue is an OCTET STRING, whose value is the BER encoding of a value of the following SEQUENCE: SortKeyList ::= SEQUENCE OF SEQUENCE { @@ -66,27 +72,27 @@ whose value is the BER encoding of a value of the following SEQUENCE: The SortKeyList sequence is in order of highest to lowest sort key precedence. -The MatchingRuleID SHOULD be one that is valid for the attribute type -it applies to. If it is not, the server MUST return unwillingToPerform. +The MatchingRuleID SHOULD be one that is valid for the attribute type it +applies to. If it is not, the server will return inappropriateMatching. -Each attributeType should only occur in the SortKeyList once. If an -attributeType is included in the sort key list multiple times, the +Each attributeType should only occur in the SortKeyList once. If an +attributeType is included in the sort key list multiple times, the server should return an error in the sortResult of unwillingToPerform. -If the orderingRule is omitted, the ordering MatchingRule defined for use -with this attribute MUST be used. +If the orderingRule is omitted, the ordering MatchingRule defined for +use with this attribute MUST be used. -Any conformant implementation of this control MUST allow a sort key -list with at least one key. +Any conformant implementation of this control MUST allow a sort key list +with at least one key. 3.2 Response Control This control is included in the searchResultDone message as part of the -controls field of the LDAPMessage, as defined in Section 4.1.12 of +controls field of the LDAPMessage, as defined in Section 4.1.12 of [LDAPv3]. The controlType is set to "1.2.840.113556.1.4.474". The criticality is -FALSE (MAY be absent). The controlValue is an OCTET STRING, whose +FALSE (MAY be absent). The controlValue is an OCTET STRING, whose value is the BER encoding of a value of the following SEQUENCE: SortResult ::= SEQUENCE { @@ -102,24 +108,26 @@ value is the BER encoding of a value of the following SEQUENCE: -- for the server to sort noSuchAttribute (16), -- unrecognized attribute -- type in sort key - inappropriateMatching (18), -- unrecognized or inappro- - -- priate matching rule in - -- sort key + inappropriateMatching (18), -- unrecognized or + -- inappropriate matching + -- rule in sort key insufficientAccessRights (50), -- refused to return sorted -- results to this client busy (51), -- too busy to process + unwillingToPerform (53), -- unable to sort other (80) }, attributeType [0] AttributeDescription OPTIONAL } + 4. Client-Server Interaction -The sortKeyRequestControl specifies one or more attribute types and +The sortKeyRequestControl specifies one or more attribute types and matching rules for the results returned by a search request. The server SHOULD return all results for the search request in the order specified -by the sort keys. If the reverseOrder field is set to TRUE, then the -entries will be presented in reverse sorted order for the specified +by the sort keys. If the reverseOrder field is set to TRUE, then the +entries will be presented in reverse sorted order for the specified key. There are six possible scenarios that may occur as a result of the sort @@ -128,13 +136,13 @@ control being included on the search request : 1 - If the server does not support this sorting control and the client specified TRUE for the control's criticality field, then the server MUST return unavailableCriticalExtension as a return code in the -searchResultDone message and not send back any other results. This +searchResultDone message and not send back any other results. This behavior is specified in section 4.1.12 of [LDAPv3]. 2 - If the server does not support this sorting control and the client specified FALSE for the control's criticality field, then the server MUST ignore the sort control and process the search request as if it -were not present. This behavior is specified in section 4.1.12 of +were not present. This behavior is specified in section 4.1.12 of [LDAPv3]. 3 - If the server supports this sorting control but for some reason @@ -163,18 +171,19 @@ searchResultDone message. The client application is assured that the results are sorted in the specified key order if and only if the result code in the -sortKeyResponseControl is success. If the server omits the +sortKeyResponseControl is success. If the server omits the + sortKeyResponseControl from the searchResultDone message, the client SHOULD assume that the sort control was ignored by the server. The sortKeyResponseControl, if included by the server in the searchResultDone message, should have the sortResult set to either -success if the results were sorted in accordance with the keys +success if the results were sorted in accordance with the keys specified in the sortKeyRequestControl or set to the appropriate error code as to why it could not sort the data (such as noSuchAttribute or -inappropriateMatching). Optionally, the server MAY set the +inappropriateMatching). Optionally, the server MAY set the attributeType to the first attribute type specified in the SortKeyList -that was in error. The client SHOULD ignore the attributeType field if +that was in error. The client SHOULD ignore the attributeType field if the sortResult is success. The server may not be able to sort the results using the specified sort @@ -190,53 +199,54 @@ prior to sending back the results. 4.1 Behavior in a chained environment -If a server receives a sort request, the client expects to receive a -set of sorted results. If a client submits a sort request to a server -which chains the request and gets entries from multiple servers, and -the client has set the criticality of the sort extension to TRUE, the -server MUST merge sort the results before returning them to the client +If a server receives a sort request, the client expects to receive a +set of sorted results. If a client submits a sort request to a server +which chains the request and gets entries from multiple servers, and +the client has set the criticality of the sort extension to TRUE, the +server MUST merge sort the results before returning them to the client or MUST return unwillingToPerform. 4.2 Other sort issues -An entry that meets the search criteria may be missing one or more of -the sort keys. In that case, the entry is considered to have a value of -NULL for that key. This standard considers NULL to be a larger value -than all other valid values for that key. For example, if only one key -is specified, entries which meet the search criteria but do not have -that key collate after all the entries which do have that key. If the -reverseOrder flag is set, and only one key is specified, entries which -meet the search criteria but do not have that key collate BEFORE all -the entries which do have that key. - -If a sort key is a multi-valued attribute, and an entry happens to have -multiple values for that attribute and no other controls are present that -affect the sorting order, then the server SHOULD use the least value -(according to the ORDERING rule for that attribute). +An entry that meets the search criteria may be missing one or more of +the sort keys. In that case, the entry is considered to have a value of +NULL for that key. This standard considers NULL to be a larger value +than all other valid values for that key. For example, if only one key +is specified, entries which meet the search criteria but do not have +that key collate after all the entries which do have that key. If the +reverseOrder flag is set, and only one key is specified, entries which +meet the search criteria but do not have that key collate BEFORE all +the entries which do have that key. + +If a sort key is a multi-valued attribute, and an entry happens to have +multiple values for that attribute and no other controls are present +that affect the sorting order, then the server SHOULD use the least +value (according to the ORDERING rule for that attribute). 5. Interaction with other search controls When the sortKeyRequestControl control is included with the pagedResultsControl control as specified in [LdapPaged], then the server should send the searchResultEntry messages sorted according to -the sort keys applied to the entire result set. The server should not +the sort keys applied to the entire result set. The server should not simply sort each page, as this will give erroneous results to the + client. The sortKeyList must be present on each searchRequest message for the -paged result. It also must not change between searchRequests for the -same result set. If the server has sorted the data, then it SHOULD +paged result. It also must not change between searchRequests for the +same result set. If the server has sorted the data, then it SHOULD send back a sortKeyResponseControl control on every searchResultDone -message for each page. This will allow clients to quickly determine +message for each page. This will allow clients to quickly determine if the result set is sorted, rather than waiting to receive the entire result set. 6. Security Considerations -Implementors and administrators should be aware that allowing sorting -of results could enable the retrieval of a large number of records from -a given directory service, irregardless of administrative limits set on +Implementors and administrators should be aware that allowing sorting of +results could enable the retrieval of a large number of records from +a given directory service, regardless of administrative limits set on the maximum number of records to return. A client that desired to pull all records out of a directory service @@ -253,51 +263,40 @@ retrieved by a client. 7. References [LDAPv3] - Wahl, M, S. Kille and T. Howes, "Lightweight Directory Access -Pro- - tocol (v3)", RFC 2251, December, 1997. + Wahl, M, S. Kille and T. Howes, "Lightweight Directory Access + Protocol (v3)", RFC 2251, December, 1997. [Bradner97] - Bradner, Scott, "Key Words for use in RFCs to Indicate -Requirement - Levels", RFC 2119, March, 1997. + Bradner, Scott, "Key Words for use in RFCs to Indicate Requirement + Levels", RFC 2119, March, 1997. [LdapPaged] - C. Weider, A. Herron, and T. Howes, "LDAP Control Extension for - Simple Paged Results Manipulation", Internet Draft, February, 1997. - Available as draft-ietf-asid-ldapv3-simplepaged-00.txt. + C. Weider, A. Herron, A. Anantha and T. Howes, "LDAP Control + Extension for Simple Paged Results Manipulation", RFC 2696, + September 1999. 8. Author's Address - Anoop Anantha - Microsoft Corp. - 1 Microsoft Way - Redmond, WA 98052 - USA - Anoopa@microsoft.com - +1 425 882-8080 - - Andy Herron - Microsoft Corp. - 1 Microsoft Way - Redmond, WA 98052 - USA - andyhe@microsoft.com - +1 425 882-8080 - - Tim Howes - Netscape Communications Corp. - 501 E. Middlefield Road - Mountain View, CA 94043 - USA - howes@netscape.com - +1 415 937-2600 - - Mark Wahl - Critical Angle Inc. - 4815 W Braker Lane #502-385 - Austin, TX 78759 - USA - M.Wahl@critical-angle.com - +Anoop Anantha +Microsoft Corp. +1 Microsoft Way +Redmond, WA 98052 +USA +anoopa@microsoft.com ++1 425 882-8080 + +Tim Howes +Loudcloud, Inc. +615 Tasman Dr. +Sunnyvale, CA 94089 +USA +howes@loudcloud.com + +Mark Wahl +Sun Microsystems, Inc. +8911 Capital of Texas Hwy Suite 4140 +Austin, TX 78759 +USA +M.Wahl@innosoft.com + diff --git a/doc/drafts/draft-just-ldapv3-rescodes-xx.txt b/doc/drafts/draft-just-ldapv3-rescodes-xx.txt new file mode 100644 index 0000000000..5003e57062 --- /dev/null +++ b/doc/drafts/draft-just-ldapv3-rescodes-xx.txt @@ -0,0 +1,1785 @@ + +Internet Draft Mike Just, Entrust + K. Leclair, Entrust + Jim Sermersheim, Novell + Mark Smith, Netscape +Document: April, 2000 +Category: Standards Track + + + LDAPv3 Result Codes: Definitions and Appropriate Use + + + +Status of this Memo + + This document is an Internet-Draft and is in full conformance with + all provisions of Section 10 of RFC2026 [RFC2026]. + + Internet-Drafts are working documents of the Internet Engineering + Task Force (IETF), its areas, and its working groups. Note that other + groups may also distribute working documents as Internet-Drafts. + Internet-Drafts are draft documents valid for a maximum of six months + and may be updated, replaced, or obsoleted by other documents at any + time. It is inappropriate to use Internet- Drafts as reference + material or to cite them other than as "work in progress." + + The list of current Internet-Drafts can be accessed at + http://www.ietf.org/ietf/1id-abstracts.txt + The list of Internet-Draft Shadow Directories can be accessed at + http://www.ietf.org/shadow.html. + +1. Abstract + + The purpose of this document is to describe, in some detail, the + meaning and use of the result codes used with the LDAPv3 protocol. + Of particular importance are the error codes, which represent the + majority of the result codes. This document provides definitions for + each result code, and outlines the expected behaviour of the various + operations with respect to how result codes and in particular, error + conditions should be handled and which specific error code should be + returned. + + It is hoped that this document will facilitate interoperability + between clients and servers and the development of intelligent LDAP + clients capable of acting upon the results received from the server. + +1.1 Relationship to X.500 + + The LDAPv3 RFC [RFC2251] states that "An LDAP server MUST act in + accordance with the X.500(1993) series of ITU recommendations when + providing the service. However, it is not required that an LDAP + server make use of any X.500 protocols in providing this service, + e.g. LDAP can be mapped onto any other directory system so long as + the X.500 data and service model as used in LDAP is not violated in + the LDAP interface." This means that there are two types of LDAP + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 1 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + servers, those that act as a front end to an X.500 directory, and + stand alone LDAP servers which use some other form of repository as + the back end. + + Because of differences between X.500 and LDAP there may be some + differences in behaviour between LDAP-only servers and LDAP servers + that act as front ends to X.500 DSAs. One such difference is the + definition of specific access controls for X.500. X.500 defines the + discloseOnError permission, an access control parameter for which + there is currently no equivalent defined for LDAP. If an LDAP server + is acting as a front end to an X.500 DSA then it may return + noSuchObject when the target entry is found but the client does not + have permission to view or modify the entry. Unless the server + implements X.500 style access controls LDAP-only servers should only + return noSuchObject when the target entry is not found until such + time that similar access controls are defined for LDAP only servers. + Because the client may not know what sort of LDAP server it is + communicating with it should not rely on the behaviour of the server + in this respect. + +2. Conventions used in this document + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this + document are to be interpreted as described in RFC-2119 [RFC2119]. + +3. Overview + + This document collects and refines the definitions and descriptions + for LDAPv3 result codes, as found in a variety of sources (see + Section 8). In some cases, material from these sources was absent, + inadequate or ambiguous. It is the hope of this document to present + consistent definitions and descriptions of LDAPv3 result codes. + + This document consists of two major sections facilitating information + searches based on either a particular result code, or LDAP operation. + + Section 5 presents a glossary for the result codes. Firstly, each is + classified as either an erroneous or non-erroneous result. The + erroneous results, or error codes, are further classified based on + the types of error codes defined in X.511 [X511]. Some + reclassification was performed where appropriate. For each result + code, a definition, and list of operations that could return this + code are given. + + Section 6 describes, for each operation, the result codes that could + be returned for that operation. Firstly, Section 6.1 enumerates + those result codes that are applicable to all operations. Within + each remaining section (which is specific to each operation), the + error codes that are specific to that operation (in addition to the + result codes specified in Section 6.1) are presented. + + Also, Appendix A (Section 11) presents a simple matrix that indicates + valid operation/result code pairs in LDAPv3. + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 2 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + +4. Table of Contents + + 1. Abstract........................................................1 + 1.1 Relationship to X.500...........................................1 + 2. Conventions used in this document...............................2 + 3. Overview........................................................2 + 4. Table of Contents...............................................3 + 5. Result Codes in LDAPv3..........................................4 + 5.1 Description of Non-Erroneous Result Codes.......................6 + 5.1.1 success(0)...................................................6 + 5.1.2 compareFalse(5)..............................................6 + 5.1.3 compareTrue(6)...............................................6 + 5.1.4 referral(10).................................................7 + 5.1.5 saslBindInProgress(14).......................................7 + 5.2 Description of Error Codes......................................7 + 5.2.1 General Error Codes..........................................7 + 5.2.1.1 other(80)................................................7 + 5.2.2 Specific Error Codes.........................................7 + 5.2.2.1 Attribute Problem Error Codes............................7 + 5.2.2.1.1 noSuchAttribute(16)...................................8 + 5.2.2.1.2 undefinedAttributeType(17)............................8 + 5.2.2.1.3 inappropriateMatching(18).............................8 + 5.2.2.1.4 constraintViolation(19)...............................8 + 5.2.2.1.5 attributeOrValueExists(20)............................8 + 5.2.2.1.6 invalidAttributeSyntax(21)............................8 + 5.2.2.2 NameProblem Error Codes..................................9 + 5.2.2.2.1 noSuchObject(32)......................................9 + 5.2.2.2.2 aliasProblem(33)......................................9 + 5.2.2.2.3 invalidDNSyntax(34)...................................9 + 5.2.2.3 SecurityProblem Error Codes..............................9 + 5.2.2.3.1 authMethodNotSupported(7).............................9 + 5.2.2.3.2 strongAuthRequired(8)................................10 + 5.2.2.3.3 confidentialityRequired(13)..........................10 + 5.2.2.3.4 aliasDereferencingProblem(36)........................10 + 5.2.2.3.5 inappropriateAuthentication(48)......................10 + 5.2.2.3.6 invalidCredentials(49)...............................11 + 5.2.2.3.7 insufficientAccessRights(50).........................11 + 5.2.2.4 ServiceProblem Error Codes..............................11 + 5.2.2.4.1 operationsError(1)...................................11 + 5.2.2.4.2 protocolError(2).....................................11 + 5.2.2.4.3 timeLimitExceeded(3).................................12 + 5.2.2.4.4 sizeLimitExceeded(4).................................12 + 5.2.2.4.5 adminLimitExceeded(11)...............................12 + 5.2.2.4.6 unavailableCriticalExtension(12).....................12 + 5.2.2.4.7 busy(51).............................................13 + 5.2.2.4.8 unavailable(52)......................................13 + 5.2.2.4.9 unwillingToPerform(53)...............................13 + 5.2.2.4.10 loopDetect(54)......................................13 + 5.2.2.5 UpdateProblem Error Codes...............................13 + 5.2.2.5.1 namingViolation(64)..................................13 + 5.2.2.5.2 objectClassViolation(65).............................14 + 5.2.2.5.3 notAllowedOnNonLeaf(66)..............................14 + 5.2.2.5.4 notAllowedOnRDN(67)..................................14 + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 3 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + 5.2.2.5.5 entryAlreadyExists(68)...............................14 + 5.2.2.5.6 objectClassModsProhibited(69)........................14 + 5.2.2.5.7 affectsMultipleDSAs(71)..............................15 + 6 LDAP Operations.................................................15 + 6.1 Common Result Codes............................................16 + 6.1.1 Non-erroneous results.......................................16 + 6.1.2 Security Errors.............................................16 + 6.1.3 Service Errors..............................................16 + 6.1.4 General Errors..............................................16 + 6.2 Bind Operation Errors..........................................16 + 6.2.1 Non-erroneous results.......................................17 + 6.2.2 Name Errors.................................................17 + 6.2.3 Security Errors.............................................17 + 6.3 Search Operation Errors........................................17 + 6.3.1 Name Errors.................................................18 + 6.3.2 Attribute Errors............................................18 + 6.3.3 Security Errors.............................................18 + 6.3.4 Service Errors..............................................18 + 6.4 Modify Operation Errors........................................18 + 6.4.1 Name Errors.................................................19 + 6.4.2 Update Errors...............................................19 + 6.4.3 Attribute Errors............................................19 + 6.4.4 Security Errors.............................................19 + 6.5 Add Operation Errors...........................................19 + 6.5.1 Name Errors.................................................20 + 6.5.2 Update Errors...............................................20 + 6.5.3 Attribute Errors............................................20 + 6.5.4 Security Errors.............................................20 + 6.6 Delete Operation Errors........................................21 + 6.6.1 Name Errors.................................................21 + 6.6.2 Update Errors...............................................21 + 6.6.3 Security Errors.............................................21 + 6.7 ModifyDN Operation Errors......................................21 + 6.7.1 Name Errors.................................................22 + 6.7.2 Update Errors...............................................22 + 6.7.3 Attribute Errors............................................22 + 6.7.4 Security Errors.............................................22 + 6.8 Compare Operation Errors.......................................22 + 6.8.1 Name Errors.................................................23 + 6.8.2 Attribute Errors............................................23 + 6.8.3 Security Errors.............................................23 + 6.8.4 Example.....................................................23 + 6.9 Extended Operation Errors......................................24 + 6.10 Operations with no Server Response............................24 + 6.11 Unsolicited Notification......................................24 + 6.12 Controls......................................................25 + 7. Security Considerations........................................25 + 8. References.....................................................25 + 9. Acknowledgments................................................25 + 10. Author's Addresses............................................26 + 11 Appendix A: Operation/Response Matrix..........................27 + 12 Full Copyright Statement.......................................29 + +5. Result Codes in LDAPv3 + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 4 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + In this section, a glossary of the result codes that may be returned + from a server to a client is provided. This section is meant to + provide a central, unified source for these definitions. RFC 2251 + [RFC2251] and X.511 [X511] were primary sources, forming the basis + for the definitions given in this section. + + LDAP v3 [RFC2251] defines the following result message for return + from the server to the client, where "new" indicates those codes that + were not used in LDAP v2. + + LDAPResult ::= SEQUENCE { + resultCode ENUMERATED { + success (0), + operationsError (1), + protocolError (2), + timeLimitExceeded (3), + sizeLimitExceeded (4), + compareFalse (5), + compareTrue (6), + authMethodNotSupported (7), + strongAuthRequired (8), + -- 9 reserved -- + referral (10), -- new + adminLimitExceeded (11), -- new + unavailableCriticalExtension (12), -- new + confidentialityRequired (13), -- new + saslBindInProgress (14), -- new + noSuchAttribute (16), + undefinedAttributeType (17), + inappropriateMatching (18), + constraintViolation (19), + attributeOrValueExists (20), + invalidAttributeSyntax (21), + -- 22-31 unused -- + noSuchObject (32), + aliasProblem (33), + invalidDNSyntax (34), + -- 35 reserved for undefined isLeaf -- + aliasDereferencingProblem (36), + -- 37-47 unused -- + inappropriateAuthentication (48), + invalidCredentials (49), + insufficientAccessRights (50), + busy (51), + unavailable (52), + unwillingToPerform (53), + loopDetect (54), + -- 55-63 unused -- + namingViolation (64), + objectClassViolation (65), + notAllowedOnNonLeaf (66), + notAllowedOnRDN (67), + entryAlreadyExists (68), + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 5 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + objectClassModsProhibited (69), + -- 70 reserved for CLDAP -- + affectsMultipleDSAs (71), -- new + -- 72-79 unused -- + other (80) }, + -- 81-90 reserved for APIs -- + matchedDN LDAPDN, + errorMessage LDAPString, + referral [3] Referral OPTIONAL } + + If a client receives a result code that is not listed above, it is to + be treated as an unknown error condition. A server MUST NOT return an + API result code (81-90). + + The LDAP result includes an errorMessage field, which may, at the + server's option, be used to return a string containing a textual, + human-readable error diagnostic. As this error diagnostic is not + standardized, implementations MUST NOT rely on the values returned. + If the server chooses not to return a textual diagnostic, the + errorMessage field of the LDAPResult type MUST contain a zero length + string. + + In the following subsections, definitions for each result code are + provided. In addition, the operations that may return each result + code are also identified. The set of all operations consists of the + following: Bind; Search; Modify; Add; Delete; ModifyDN; Extended; and + Compare. + +5.1 Description of Non-Erroneous Result Codes + + Five result codes that may be returned in LDAPResult are not used to + indicate an error. These result codes are listed below. The first + three codes, indicate to the client that no further action is + required in order to satisfy their request. In contrast, the last + two errors require further action by the client in order to complete + their original operation request. + +5.1.1 success(0) + + Applicable operations: all except for Compare. + + This result code does not indicate an error. It is returned when the + client operation completed successfully. + +5.1.2 compareFalse(5) + + Applicable operations: Compare. + + This result code does not indicate an error. It is used to indicate + that the result of a Compare operation is FALSE. + +5.1.3 compareTrue(6) + + Applicable operations: Compare. + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 6 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + This result code does not indicate an error. It is used to indicate + that the result of a Compare operation is TRUE. + +5.1.4 referral(10) + + Applicable operations: all. + + This result code is new in LDAPv3. Rather than indicating an error, + this result code is used to indicate that the server does not hold + the target entry of the request but is able to provide alternative + servers that may. A set of server(s) URLs may be returned in the + referral field, which the client may subsequently query to attempt to + complete their operation. + +5.1.5 saslBindInProgress(14) + + Applicable operations: Bind. + + This result code is new in LDAPv3. This result code is not an error + response from the server, but rather, is a request for bind + continuation. The server requires the client to send a new bind + request, with the same SASL mechanism, to continue the authentication + process [RFC2251, Section 4.2.3]. + +5.2 Description of Error Codes + + General error codes (see Section 5.2.1) are typically returned only + when no suitable specific error exists. Specific error codes (see + Section 5.2.2) are meant to capture situations that are specific to + the requested operation. + +5.2.1 General Error Codes + + A general error code typically specifies an error condition for which + there is no suitable specific error code. If the server can return an + error, which is more specific than the following general errors, then + the specific error should be returned instead. + +5.2.1.1 other(80) + + Applicable operations: all. + + This error code should be returned only if no other error code is + suitable. Use of this error code should be avoided if possible. + Details of the error should be provided in the error message. + +5.2.2 Specific Error Codes + + Specific errors are used to indicate that a particular type of error + has occurred. These error types are Name, Update, Attribute, + Security, and Service. + +5.2.2.1 Attribute Problem Error Codes + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 7 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + An attribute error reports a problem related to an attribute + specified by the client in their request message. + +5.2.2.1.1 noSuchAttribute(16) + + Applicable operations: Modify, Compare. + + This error may be returned if the attribute specified as an argument + of the operation does not exist in the entry. + +5.2.2.1.2 undefinedAttributeType(17) + + Applicable operations: Modify, Add. + + This error may be returned if the specified attribute is unrecognized + by the server, since it is not present in the serverÆs defined + schema. If the server doesnÆt recognize an attribute specified in a + search request as the attribute to be returned the server should not + return an error in this case - it should just return values for the + requested attributes it does recognize. Note that this result code + only applies to the Add and Modify operations [X.511, Section 12.4]. + +5.2.2.1.3 inappropriateMatching(18) + + Applicable operations: Search. + + An attempt was made, e.g., in a filter, to use a matching rule not + defined for the attribute type concerned [X511, Section 12.4]. + +5.2.2.1.4 constraintViolation(19) + + Applicable operations: Modify, Add, ModifyDN. + + This error should be returned by the server if an attribute value + specified by the client violates the constraints placed on the + attribute as it was defined in the DSA - this may be a size + constraint or a constraint on the content. + +5.2.2.1.5 attributeOrValueExists(20) + + Applicable operations: Modify, Add. + + This error should be returned by the server if the value specified by + the client already exists within the attribute. + +5.2.2.1.6 invalidAttributeSyntax(21) + + Applicable operations: Modify, Add. + + This error should be returned by the server if the attribute syntax + for the attribute value, specified as an argument of the operation, + is unrecognized or invalid. + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 8 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + +5.2.2.2 NameProblem Error Codes + + A name error reports a problem related to the distinguished name + provided as an argument to an operation [X511, Section 12.5]. + + For result codes of noSuchObject, aliasProblem, invalidDNSyntax and + aliasDereferencingProblem (see Section 5.2.2.3.7), the matchedDN + field is set to the name of the lowest entry (object or alias) in the + directory that was matched. If no aliases were dereferenced while + attempting to locate the entry, this will be a truncated form of the + name provided, or if aliases were dereferenced, of the resulting + name, as defined in section 12.5 of X.511 [X511]. The matchedDN field + is to be set to a zero length string with all other result codes + [RFC2251, Section 4.1.10]. + +5.2.2.2.1 noSuchObject(32) + + Applicable operations: all except for Bind. + + This error should only be returned if the target object cannot be + found. For example, in a search operation if the search base can not + be located in the DSA the server should return noSuchObject. If, + however, the search base is found but does not match the search + filter, success, with no resultant objects, should be returned + instead of noSuchObject. + + If the LDAP server is a front end for an X.500 DSA then noSuchObject + may also be returned if discloseOnError is not granted for an entry + and the client does not have permission to view or modify the entry. + +5.2.2.2.2 aliasProblem(33) + + Applicable operations: Search. + + An alias has been dereferenced which names no object [X511, Section + 12.5]. + +5.2.2.2.3 invalidDNSyntax(34) + + Applicable operations: all. + + This error should be returned by the server if the DN syntax is + incorrect. It should not be returned if the DN is correctly formed + but represents an entry which is not permitted by the structure rules + at the DSA; in this case namingViolation should be returned instead. + +5.2.2.3 SecurityProblem Error Codes + + A security error reports a problem in carrying out an operation for + security reasons [X511, Section 12.7]. + +5.2.2.3.1 authMethodNotSupported(7) + + Applicable operations: Bind. + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 9 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + This error code should be returned if the client requests, in a Bind + request, an authentication method which is not supported or + recognized by the server. + +5.2.2.3.2 strongAuthRequired(8) + + Applicable operations: all. + + This error may be returned on a bind request if the server only + accepts strong authentication or it may be returned when a client + attempts an operation which requires the client to be strongly + authenticated - for example Delete. + + This result code may also be returned in an unsolicited notice of + disconnection if the server detects that an established underlying + security association protecting communication between the client and + server has unexpectedly failed or been compromised. [RFC2251, Section + 4.4.1] + +5.2.2.3.3 confidentialityRequired(13) + + Applicable operations: all. + + This error code is new in LDAPv3. This error code may be returned if + the session is not protected by a protocol which provides session + confidentiality. For example, if the client did not establish a TLS + connection using a cipher suite which provides confidentiality of the + session before sending any other requests, and the server requires + session confidentiality then the server may reject that request with + a result code of confidentialityRequired. + +5.2.2.3.4 aliasDereferencingProblem(36) + + Applicable operations: Search. + + An alias was encountered in a situation where it was not allowed or + where access was denied [X511, Section 12.5]. For example, if the + client does not have read permission for the aliasedObjectName + attribute and its value then the error aliasDereferencingProblem + should be returned. [X511, Section 7.11.1.1] + + Notice that this error has similar meaning to + insufficientAccessRights(50) (see Section 5.2.2.3.7), but is specific + to Searching on an alias. + + (See note at start of Section 5.2.2.2 regarding this error code.) + +5.2.2.3.5 inappropriateAuthentication(48) + + Applicable operations: Bind. + + This error should be returned by the server when the client has tried + to use a method of authentication that is inappropriate, that is a + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 10 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + method of authentication which the client is unable to use correctly. + In other words, the level of security associated with the requestorÆs + credentials is inconsistent with the level of protection requested, + e.g. simple credentials were supplied while strong credentials were + required [X511, Section 12.7]. + +5.2.2.3.6 invalidCredentials(49) + + Applicable operations: Bind. + + This error code is returned if the DN or password used in a simple + bind operation is incorrect, or if the DN or password is incorrect + for some other reason, e.g. the password has expired. This result + code only applies to Bind operations -- it should not be returned for + other operations if the client does not have sufficient permission to + perform the requested operation - in this case the return code should + be insufficientAccessRights. + +5.2.2.3.7 insufficientAccessRights(50) + + Applicable operations: all except for Bind. + + The requestor does not have the right to carry out the requested + operation [X511, Section 12.7]. Note that the more specific + aliasDereferencingProblem (see Section 5.2.2.3.4) is returned in case + of a Search on an alias where the requestor has + insufficientAccessRights. + +5.2.2.4 ServiceProblem Error Codes + + A service error reports a problem related to the provision of the + service [X511, Section 12.8]. + +5.2.2.4.1 operationsError(1) + + Applicable operations: all except Bind. + + If the server requires that the client bind before browsing or + modifying the directory, the server MAY reject a request other than + binding, unbinding or an extended request with the "operationsError" + result. [RFC2251, Section 4.2.1] + +5.2.2.4.2 protocolError(2) + + Applicable operations: all. + + A protocol error should be returned by the server when an invalid or + malformed request is received from the client. This may be a request + that is not recognized as an LDAP request, for example, if a + nonexistent operation were specified in LDAPMessage. As well, it may + be the result of a request that is missing a required parameter, such + as a search filter in a search request. If the server can return an + error, which is more specific than protocolError, then this error + should be returned instead. For example if the server does not + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 11 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + recognize the authentication method requested by the client then the + error authMethodNotSupported should be returned instead of + protocolError. The server may return details of the error in the + error string. + +5.2.2.4.3 timeLimitExceeded(3) + + Applicable operations: all. + + This error should be returned when the time to perform an operation + has exceeded either the time limit specified by the client (which may + only be set by the client in a search operation) or the limit + specified by the server. If the time limit is exceeded on a search + operation then the result is an arbitrary selection of the + accumulated results [X511, Section 7.5]. Note that an arbitrary + selection of results may mean that no results are returned to the + client. + + If the LDAP server is a front end for an X.500 server, any operation + that is chained may exceed the timelimit, therefore clients can + expect to receive timelimitExceeded for all operations. For stand + alone LDAP-Servers that do not implement chaining it is unlikely that + operations other than search operations will exceed the defined + timelimit. + +5.2.2.4.4 sizeLimitExceeded(4) + + Applicable operations: Search. + + This error should be returned when the number of results generated by + a search exceeds the maximum number of results specified by either + the client or the server. If the size limit is exceeded then the + results of a search operation will be an arbitrary selection of the + accumulated results, equal in number to the size limit [X511, Section + 7.5]. + +5.2.2.4.5 adminLimitExceeded(11) + + Applicable operations: all. + + This error code is new in LDAPv3. The server has reached some limit + set by an administrative authority, and no partial results are + available to return to the user [X511, Section 12.8]. For example, + there may be an administrative limit to the number of entries a + server will check when gathering potential search result candidates + [Net]. + +5.2.2.4.6 unavailableCriticalExtension(12) + + Applicable operations: all. + + This error code is new in LDAPv3. The server was unable to satisfy + the request because one or more critical extensions were not + available [X511, Section 12.8]. This error is returned, for example, + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 12 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + when a control submitted with a request is marked critical but is not + recognized by a server or when such a control is not appropriate for + the operation type. [RFC2251 section 4.1.12]. + +5.2.2.4.7 busy(51) + + Applicable operations: all. + + This error code may be returned if the server is unable to process + the clientÆs request at this time. This implies that if the client + retries the request shortly the server will be able to process it + then. + +5.2.2.4.8 unavailable(52) + + Applicable operations: all. + + This error code is returned when the server is unavailable to process + the clientÆs request. This usually means that the LDAP server is + shutting down [RFC2251, Section 4.2.3]. + +5.2.2.4.9 unwillingToPerform(53) + + Applicable operations: all. + + This error code should be returned by the server when a client + request is properly formed but which the server is unable to complete + due to server-defined restrictions. For example, the server, or some + part of it, is not prepared to execute this request, e.g. because it + would lead to excessive consumption of resources or violates the + policy of an Administrative Authority involved [X511, Section 12.8]. + If the server is able to return a more specific error code such as + adminLimitExceeded it should. This error may also be returned if the + client attempts to modify attributes which can not be modified by + users, e.g., operational attributes such as creatorsName or + createTimestamp [X511, Section 7.12]. If appropriate, details of the + error should be provided in the error message. + +5.2.2.4.10 loopDetect(54) + + Applicable operations: all. + + This error may be returned by the server if it detects an alias or + referral loop, and is unable to satisfy the clientÆs request. + +5.2.2.5 UpdateProblem Error Codes + + An update error reports problems related to attempts to add, delete, + or modify information in the DIB [X511, Section 12.9]. + +5.2.2.5.1 namingViolation(64) + + Applicable operations: Add, ModifyDN. + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 13 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + The attempted addition or modification would violate the structure + rules of the DIT as defined in the directory schema and X.501. That + is, it would place an entry as the subordinate of an alias entry, or + in a region of the DIT not permitted to a member of its object class, + or would define an RDN for an entry to include a forbidden attribute + type [X511, Section 12.9]. + +5.2.2.5.2 objectClassViolation(65) + + Applicable operations: Modify, Add, ModifyDN. + + This error should be returned if the operation requested by the user + would violate the objectClass requirements for the entry if carried + out. On an add or modify operation this would result from trying to + add an object class without a required attribute, or by trying to add + an attribute which is not permitted by the current object class set + in the entry. On a modify operation this may result from trying to + remove a required attribute without removing the associated auxiliary + object class, or by attempting to remove an object class while the + attributes it permits are still present. + +5.2.2.5.3 notAllowedOnNonLeaf(66) + + Applicable operations: Delete, ModifyDN. + + This operation should be returned if the client attempts to perform + an operation which is permitted only on leaf entries - e.g., if the + client attempts to delete a non-leaf entry. If the directory does + not permit ModifyDN for non-leaf entries then this error may be + returned if the client attempts to change the DN of a non-leaf entry. + (Note that 1988 edition X.500 servers only permitted change of the + RDN of an entry's DN [X.511, Section 11.4.1]). + +5.2.2.5.4 notAllowedOnRDN(67) + + Applicable operations: Modify. + + The attempted operation would affect the RDN (e.g., removal of an + attribute which is a part of the RDN) [X511, Section 12.9]. If the + client attempts to remove from an entry any of its distinguished + values, those values which form the entry's relative distinguished + name the server should return the error notAllowedOnRDN. [RFC2251, + Section 4.6] + +5.2.2.5.5 entryAlreadyExists(68) + + Applicable operations: Add, ModifyDN. + + This error should be returned by the server when the client attempts + to add an entry which already exists, or if the client attempts to + rename an entry with the name of an entry which exists. + +5.2.2.5.6 objectClassModsProhibited(69) + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 14 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + Applicable operations: Modify. + + An operation attempted to modify an object class that should not be + modified, e.g., the structural object class of an entry. Some + servers may not permit object class modifications, especially + modifications to the structural object class since this may change + the entry entirely, name forms, structure rules etc. [X.511, Section + 12.9]. + +5.2.2.5.7 affectsMultipleDSAs(71) + + Applicable operations: ModifyDN. + + This error code is new for LDAPv3. This error code should be returned + to indicate that the operation could not be performed since it + affects more than one DSA. + + X.500 restricts the ModifyDN operation to only affect entries that + are contained within a single server. If the LDAP server is mapped + onto DAP, then this restriction will apply, and the resultCode + affectsMultipleDSAs will be returned if this error occurred. In + general clients MUST NOT expect to be able to perform arbitrary + movements of entries and subtrees between servers [RFC2251, Section + 4.9]. + +6 LDAP Operations + + LDAP v3 [RFC2251] defines the following LDAPMessage for conveyance of + the intended operation request from the client to the server. + + LDAPMessage ::= SEQUENCE { + messageID MessageID, + protocolOp CHOICE { + bindRequest BindRequest, + bindResponse BindResponse, + unbindRequest UnbindRequest, + searchRequest SearchRequest, + searchResEntry SearchResultEntry, + searchResDone SearchResultDone, + searchResRef SearchResultReference, + modifyRequest ModifyRequest, + modifyResponse ModifyResponse, + addRequest AddRequest, + addResponse AddResponse, + delRequest DelRequest, + delResponse DelResponse, + modDNRequest ModifyDNRequest, + modDNResponse ModifyDNResponse, + compareRequest CompareRequest, + compareResponse CompareResponse, + abandonRequest AbandonRequest, + extendedReq ExtendedRequest, + extendedResp ExtendedResponse }, + controls [0] Controls OPTIONAL } + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 15 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + MessageID ::= INTEGER (0 .. maxInt) + + maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) - + + Starting in Section 6.2, behaviour regarding the return of each + result code is specified for each operation. Section 6.1 indicates + those result codes that are typically applicable to all operations. + +6.1 Common Result Codes + + The following result codes are applicable to, and may be returned in + response to all operations (except where stated otherwise). + +6.1.1 Non-erroneous results + + For all but a Compare operation, a success(0) result code will be + returned in the case that the requested operation succeeds; a + compareTrue would be returned for a Compare operation. For each + operation, the server may return referral(10), as defined in Section + 5.1.4. + +6.1.2 Security Errors + + Of the six possible security errors, two may be returned in response + to every operation. These two errors are strongAuthRequired(8) and + confidentialityRequired(13). + +6.1.3 Service Errors + + All service errors, except operationsError(1), and + sizeLimitExceeded(4) may be returned in response to any LDAP v3 + operation. operationsError(1) is applicable to all operations except + Bind. sizeLimitExceeded is only applicable to the Search operation. + +6.1.4 General Errors + + The general error other(80)is applicable to all operations. + +6.2 Bind Operation Errors + + If the bind operation succeeds then a result code of success will be + returned to the client. If the server does not hold the target entry + of the request, a referral(10) may be returned. If the operation + fails then the result code will be one of the following from the set + of non-erroneous result, name errors, security errors, service + errors, and general errors. + + If the server does not support the client's requested protocol + version, it MUST set the resultCode to protocolError. + If the client receives a BindResponse response where the resultCode + was protocolError, it MUST close the connection as the server will be + unwilling to accept further operations. (This is for compatibility + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 16 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + with earlier versions of LDAP, in which the bind was always the first + operation, and there was no negotiation.) [RFC2251, Section 5.2.3] + + The remaining errors listed in this section are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.2.1 Non-erroneous results + + In addition to success or referral, the following non-erroneous + result code may be returned: + + saslBindInProgress: the server requires the client to send a new bind + request, with the same sasl mechanism, to continue the authentication + process, + +6.2.2 Name Errors + + invalidDNSyntax: the DN provided does not have the correct syntax, + +6.2.3 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + authMethodNotSupported: unrecognized SASL mechanism name, + + inappropriateAuthentication: the server requires the client which had + attempted to bind anonymously or without supplying credentials to + provide some form of credentials, + + invalidCredentials: the wrong password was supplied or the SASL + credentials could not be processed, [RFC2251, Section 4.2.3] + +6.3 Search Operation Errors + + X.500 provides three separate operations for searching the directory + - Read of a single entry, List of an entryÆs children and search of + an entire sub-tree. LDAP provides a single search operation, however + the X.500 operations can be simulated by using base, one-level and + sub-tree scope restrictions respectively. + + If the Search operation succeeds then zero or more search entries + will be returned followed by a search result of success. If the + server does not hold the target entry of the request, a referral(10) + may be returned. If the search operation fails then zero or more + search entries will be returned followed by a search result + containing one of the following result codes from the set of name + errors, attribute errors, security errors, service errors, and + general errors. + + The remaining errors listed in this section are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 17 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + +6.3.1 Name Errors + + noSuchObject: the base object, for the search, does not exist. + + aliasProblem: an alias was dereferenced which named no object. + + invalidDNSyntax: the DN provided for the search base does not have + the correct syntax, + +6.3.2 Attribute Errors + + inappropriateMatching: an attempt was made to use a matching rule not + defined for an attribute in the search filter. + +6.3.3 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + aliasDereferenceProblem: The client does not have permission for the + aliasedObjectName attribute or to search the dereferenced alias + object. + + insufficientAccessRights: The requestor does not have sufficient + permissions to perform the search. aliasDereferenceProblem should be + returned in this case, if applicable. + +6.3.4 Service Errors + + In addition to the common service errors indicated in Section 6.1.3, + the following service error may also be returned: + + sizeLimitExceeded: the number of search results exceeds the size + limit specified by the client or the server. If the server has + defined a maximum PDU size, this error may also be returned if the + size of the combined results exceeds this limit. + +6.4 Modify Operation Errors + + The Modify operation cannot be used to remove from an entry any of + its distinguished values, those values that form the entry's relative + distinguished name. An attempt to do so will result in the server + returning the error notAllowedOnRDN. The Modify DN Operation + described in section 5.9 is used to rename an entry. [RFC2251, + Section 4.6] + + If the modify operation succeeds, a result code of success will be + returned to the client. If the server does not hold the target entry + of the request, a referral(10) may be returned. If the operation + fails, the result code will be one of the following from the set of + name errors, update errors, attribute errors, security errors, + service errors, and general errors. + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 18 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + The remaining errors listed in this section, are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.4.1 Name Errors + + noSuchObject: the target object does not exist. + + invalidDNSyntax: the DN provided does not have the correct syntax, + +6.4.2 Update Errors + + objectClassViolation: An attempt was made to modify an object which + is illegal according to its object class definition in the schema or + DIT content rules for that object class. + + notAllowedOnRDN: An attempt was made to modify the object entryÆs + distinguished name + + objectClassModsProhibited: The modification attempted to change an + entryÆs object class which is not allowed. + +6.4.3 Attribute Errors + + noSuchAttribute: the attribute to be modified does not exist in the + target entry. + + undefinedAttributeType: The attribute specified does not exist in the + server's defined schema. + + constraintViolation: The modification would create an attribute value + outside the normal bounds. + + attributeOrValueExists: The modification would create a value which + already exists within the attribute. + + invalidAttributeSyntax: The value specified doesnÆt adhere to the + syntax definition for that attribute. + +6.4.4 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + insufficientAccessRights: The requestor does not have sufficient + permissions to modify the entry. + +6.5 Add Operation Errors + + The superior of the entry must exist for the operation to succeed. If + not, a noSuchObject error is returned and the matchedDN field will + contain the name of the lowest entry in the directory that was + matched. + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 19 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + If the add operation succeeds, a result code of success will be + returned to the client. If the server does not hold the target entry + of the request, a referral(10) may be returned. If the operation + fails, the result code will be one of the following from the set of + name errors, update errors, attribute errors, security errors, + service errors, and general errors. + + The remaining errors listed in this section, are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.5.1 Name Errors + + noSuchObject: One or more superiors to the target entry do not exist. + + invalidDNSyntax: the DN provided does not have the correct syntax, + +6.5.2 Update Errors + + namingViolation: Either the target entry cannot be created under the + specified superior due to DIT structure rules, or the target entry is + named by an RDN not permitted by the DIT name form rule for its + object class. + + objectClassViolation: An attempt was made to add an entry and one of + the following conditions existed: A required attribute was not + specified; an attribute was specified which is not permitted by the + current object class set in the entry; a structural object class + value was not specified; an object class value was specified that + doesnÆt exist in the schema. + + entryAlreadyExists: The target entry already exists. + +6.5.3 Attribute Errors + + undefinedAttributeType: The attribute specified does not exist in the + server's defined schema. + + constraintViolation: The attribute value falls outside the bounds + specified by the attribute syntax. + + attributeOrValueExists: A duplicate attribute value appears in the + list of attributes for the entry. + + invalidAttributeSyntax: The value specified doesnÆt adhere to the + syntax definition for that attribute. + +6.5.4 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 20 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + insufficientAccessRights: The requestor does not have sufficient + permissions to either add the entry or to add one or more of the + attributes specified. + +6.6 Delete Operation Errors + + If the delete operation succeeds, a result code of success will be + returned to the client. If the server does not hold the target entry + of the request, a referral(10) may be returned. If the operation + fails, the result code will be one of the following from the set of + name errors, update errors, security errors, service errors, and + general errors. + + The remaining errors listed in this section, are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.6.1 Name Errors + + noSuchObject: The target entry does not exist. + + invalidDNSyntax: the DN provided does not have the correct syntax, + +6.6.2 Update Errors + + notAllowedOnNonLeaf: The target entry is not a leaf object. Only + objects having no subordinate objects in the tree may be deleted. + +6.6.3 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + insufficientAccessRights: The requestor does not have sufficient + permissions to delete the entry. + +6.7 ModifyDN Operation Errors + + Note that X.500 restricts the ModifyDN operation to only affect + entries that are contained within a single server. If the LDAP server + is mapped onto DAP, then this restriction will apply, and the + resultCode affectsMultipleDSAs will be returned if this error + occurred. In general clients MUST NOT expect to be able to perform + arbitrary movements of entries and subtrees between servers. + [RFC2251, Section 4.9] + + If the Modify DN operation succeeds then a result code of success + will be returned to the client. If the server does not hold the + target entry of the request, a referral(10) may be returned. If the + operation fails then the result code will be one of the following + from the set of name errors, update errors, attribute errors, + security errors, service errors, and general errors. + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 21 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + The remaining errors listed in this section, are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.7.1 Name Errors + + noSuchObject: the target object does not exist or a new superior + object was specified that does not exist. + + invalidDNSyntax: the DN provided does not have the correct syntax. + +6.7.2 Update Errors + + namingViolation: Either the target entry cannot be moved to the + specified superior due to DIT structure rules, or the target entry is + named by an RDN not permitted by the DIT name form rule for its + object class. + + objectClassViolation: The client has specified that the old RDN + values should be removed from the entry (using the 'deleteOldRdn' + parameter) but the removal of these values would violate the entry's + schema. [RFC 2251 Section 4.9] + + notAllowedOnNonLeaf: If the server does not permit the ModifyDN + operation on non-leaf entries this error will be returned if the + client attempts to rename a non-leaf entry + + entryAlreadyExists: The target entry already exists. + + AffectsMultipleDSAs: X.500 restricts the ModifyDN operation to only + affect entries that are contained within a single server. If the LDAP + server is mapped onto DAP, then this restriction will apply, and the + resultCode affectsMultipleDSAs will be returned if this error + occurred. In general clients MUST NOT expect to be able to perform + arbitrary movements of entries and sub-trees between servers. + [RFC2251, Section 4.9] + +6.7.3 Attribute Errors + + constraintViolation: The operation would create an attribute value + outside the normal bounds. + +6.7.4 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + insufficientAccessRights: The requestor does not have sufficient + permissions to either add the entry or to add one or more of the + attributes specified. + +6.8 Compare Operation Errors + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 22 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + If there exists a value within the attribute being compared that + matches the purported argument and for which compare permissions is + granted, the operation returns the value compareTrue in the result, + otherwise, the operation returns compareFalse. [X511, Section 9.2.4] + If the server does not hold the target entry of the request, a + referral(10) may be returned. + + If the compare operation can not be completed, then the server may + return one of the following results from the set of name errors, + attribute errors, security errors, service errors, and general + errors. + + The remaining errors listed in this section are operation-specific. + An operation may also result in the return of any of the common + errors, as listed in Section 6.1. + +6.8.1 Name Errors + + noSuchObject: the entry to be compared does not exist in the + directory. + + invalidDNSyntax: the DN provided for the entry to be compared does + not have the correct syntax. + +6.8.2 Attribute Errors + + noSuchAttribute: the attribute to be compared does not exist in the + target entry. + + invalidAttributeSyntax: The value specified doesnÆt adhere to the + syntax definition for that attribute. + +6.8.3 Security Errors + + As stated in Section 6.1.2, strongAuthRequired(8) and + confidentialityRequired(13) may be returned for any operation. + + insufficientAccessRights: If the client does not have read permission + for the entry to be compared, or for the attribute then + insufficientAccessRights should be returned, [X511, Section 9.2.4] + +6.8.4 Example + + The following example is included to demonstrate the expected + responses for the compare operation. + Given the following entry: + + dn: cn=Foo + objectClass: top + objectClass: person + sn: bar + userPassword: xyz + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 23 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + i) Compare with userPassword=xyz results in a compareTrue because the + requested value exists in the entry. + + ii) Compare with userPassword=abc results in a compareFalse because + the entry contains a userPassword attribute but the value abc is not + present. + + iii) Compare with telephoneNumber=123-456-7890 results in a + noSuchAttribute. The attribute telephoneNumber is permissible in the + entry based on the schema defined in the server but because it is + empty it does not exist in the target entry. + + iv) Compare with ou=myOrg results in noSuchAttribute. The requested + attribute is a recognized attribute but it is neither present nor is + it valid for the target entry. + + v) Compare with bogusAttr=abc results in noSuchAttribute. The + requested attribute is not a recognized attribute nor is it present + in the target entry. + + Note that the response for scenarios 3 through 5 is always + noSuchAttribute. The semantics of the compare operation is simply + "does the target entry contain the specified value?" and so no + distinction is made between a request for an unknown, invalid, or, + valid but empty attribute. In all cases if the attribute is not + present in the entry then the result is noSuchAttribute. + +6.9 Extended Operation Errors + + The results returned for an extended operation vary, depending on the + particular operation. In any case, extended Operations MAY return any + result code (excepting 81-90). + + If the server does not recognize the request name, it MUST return + only the response fields from LDAPResult, containing the + protocolError result code [RFC2251, Section 4.12] + +6.10 Operations with no Server Response + + The LDAP v3 protocol has two client operations for which no server + response is returned. Specifically, these are unbindRequest, and + abandonRequest. Since no response is returned, there is no need to + consider possible result codes for these operations. + +6.11 Unsolicited Notification + + In some situations, a server may issue a "response" to a client for + which there was no client request. This notification "is used to + signal an extraordinary condition in the server or in the connection + between the client and the server. The notification is of an + advisory nature, and the server will not expect any response to be + returned from the client." [RFC2251, Section 4.4] + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 24 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + RFC 2251 [RFC2251] describes a notice of disconnection in which a + protocolError, strongAuthRequired, or unavailable result code may be + returned. The reader is directed there for further information. + +6.12 Controls + + Section 4.1.12 of [RFC2251] specifies the syntax for controls that + may be sent as part of a request. [RFC2251] defines no specific + controls. It should be noted that the semantics of a control may + alter the result code that might otherwise have been returned for the + requested operation (see Section 5.2.2.4.6 for example). + +7. Security Considerations + + This draft is meant to complement and enhance the coverage of result + codes for LDAP v3, as described in RFC 2251 [RFC2251]. Section 7 of + RFC 2251 [RFC2251] lists a number of security considerations specific + to LDAP v3. + + Note that in X.500 if the discloseOnError permission is not granted + then many operations will return noSuchObject instead of a more + specific error. As there is currently no equivalent for this + permission in LDAP, LDAP-only servers should return the appropriate + error code in the event of an error. + +8. References + + [RFC2026] S. Bradner, "The Internet Standards Process - Revision + 3", RFC 2026, October 1996. + + [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate + Requirement Levels", RFC 2119, March 1997. + + [RFC2251] M. Wahl, T. Howes, S. Kille, "Lightweight Directory + Access Protocol", RFC 2251, December 1997. + + [X511] ITU-T Recommendation X.511, "The Directory: Abstract + Service Definition", 1993. + + [TLS] J. Hodges, R.L. Morgan, M. Wahl, "Lightweight Directory + Access Protocol (v3): Extension for Transport Layer + Security", June 1999. "work in progress" + + [Net] Netscape Directory SDK 3.0 for C ProgrammerÆs Guide, + Chapter 19: Result Codes. Available at Error! Bookmark + not defined. + + +9. Acknowledgments + + The production of this document relied heavily on the information + available from RFC 2251 [RFC2251] and ITU-T Recommendation X.511 + [X511]. + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 25 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + +10. Author's Addresses + + Mike Just + Entrust Technologies + 750 Heron Rd, Tower E + Ottawa, Ontario, Canada + mike.just@entrust.com + + Kristianne Leclair + Entrust Technologies + 750 Heron Rd, Tower E + Ottawa, Ontario, Canada + kristianne.leclair@entrust.com + + Jim Sermersheim + Novell + 122 East 1700 South + Provo, Utah 84606, USA + Error! Bookmark not defined. + + Mark Smith + Netscape + 501 Ellis Street + Mountain View, CA 94043 + Error! Bookmark not defined. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 26 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + +11 Appendix A: Operation/Response Matrix + + + Result Codes Operations + + B S M A D M C + i e o d e o o + n a d d l d m + d r i e D p + c f t N a + h y e r + e + + Non-erroneous results + + success (0) X X X X X X + + compareFalse (5) X + + compareTrue (6) X + + referral (10) X X X X X X X + + saslBindInProgress (14) X + + Name errors + + noSuchObject (32) X X X X X X + + aliasProblem (33) X + + invalidDNSyntax (34) X X X X X X X + + Update errors + + namingViolation (64) X X + + objectClassViolation (65) X X X + + notAllowedOnNonLeaf (66) X X + + notAllowedonRDN (67) X + + entryAlreadyExists (68) X X + + objectClassModesProhibite X + d (69) + + affectsMultipleDSAs (71) X + + Attribute errors + + noSuchAttribute(16) X X + + undefinedAttributeType X X + (17) + + inappropriateMatching X + (18) + + constraintViolation (19) X X X + + attributeOrValueExists X X + (20) + + invalidAttributeSyntax X X + (21) + + Security errors + + authMethodNotSupported X + (7) + + strongAuthRequired (8) X X X X X X X + + confidentialityRequred(13 X X X X X X X + ) + + aliasDereferencingProblem X + (36) + + inappropriateAuthenticati X + on (48) + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 27 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + + invalidCredentials (49) X + + insufficientAccessRights X X X X X X + (50) + + Service errors + + operationsError (1) X X X X X X + + protocolError (2) X X X X X X X + + timeLimitExceeded (3) X X X X X X X + + sizeLimitExceeded (4) X + + adminLimitExceeded (11) X X X X X X X + + unavailableCriticialExten X X X X X X X + sion (12) + + busy (51) X X X X X X X + + unavailable (52) X X X X X X X + + unwillingToPerform (53) X X X X X X X + + loopDetect (54) X X X X X X X + + General errors + + other (80) X X X X X X X + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 28 + + + LDAPv3 Result Codes: Definitions and Appropriate Use Apr, 2000 + + +12 Full Copyright Statement + + Copyright (C) The Internet Society (Oct 1999). All Rights Reserved. + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph are + included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + This document and the information contained herein is provided on an + "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET + ENGINEERINGTASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDINGBUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATIONHEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Just, Leclair, Sermersheim, Smith INTERNET-DRAFT 29 + diff --git a/doc/man/Makefile.in b/doc/man/Makefile.in index ace0d25e9a..338951a151 100644 --- a/doc/man/Makefile.in +++ b/doc/man/Makefile.in @@ -1,3 +1,4 @@ +# $OpenLDAP$ ## Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. ## COPYING RESTRICTIONS APPLY, See COPYRIGHT file ## diff --git a/doc/man/man1/Makefile.in b/doc/man/man1/Makefile.in index a23d711de1..bf8ea77bee 100644 --- a/doc/man/man1/Makefile.in +++ b/doc/man/man1/Makefile.in @@ -1,3 +1,4 @@ +# $OpenLDAP$ ## Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. ## COPYING RESTRICTIONS APPLY, See COPYRIGHT file ## diff --git a/doc/man/man1/ldapdelete.1 b/doc/man/man1/ldapdelete.1 index b92119a92c..480a66ad08 100644 --- a/doc/man/man1/ldapdelete.1 +++ b/doc/man/man1/ldapdelete.1 @@ -17,6 +17,8 @@ ldapdelete \- LDAP delete entry tool [\c .BR \-c ] [\c +.BR \-C ] +[\c .BR \-M[M] ] [\c .BI \-d \ debuglevel\fR] @@ -82,6 +84,9 @@ Same as \-k, but only does step 1 of the kerberos bind. This is useful when connecting to a slapd and there is no x500dsa.hostname principal registered with your kerberos servers. .TP +.B \-C +Automatically chase referrals. +.TP .B \-c Continuous operation mode. Errors are reported, but .B ldapdelete diff --git a/doc/man/man1/ldapmodify.1 b/doc/man/man1/ldapmodify.1 index e04a0d186a..4feb264fa7 100644 --- a/doc/man/man1/ldapmodify.1 +++ b/doc/man/man1/ldapmodify.1 @@ -13,6 +13,8 @@ ldapmodify, ldapadd \- LDAP modify entry and LDAP add entry tools [\c .BR \-c ] [\c +.BR \-C ] +[\c .BR \-r ] [\c .BR \-n ] @@ -128,6 +130,9 @@ Assume that any values that start with a `/' are binary values and that the actual value is in a file whose path is specified in the place where values normally appear. .TP +.B \-C +Automatically chase referrals. +.TP .B \-c Continuous operation mode. Errors are reported, but .B ldapmodify diff --git a/doc/man/man1/ldapmodrdn.1 b/doc/man/man1/ldapmodrdn.1 index 5fc47bae1f..e85ddd69ab 100644 --- a/doc/man/man1/ldapmodrdn.1 +++ b/doc/man/man1/ldapmodrdn.1 @@ -19,6 +19,8 @@ ldapmodrdn \- LDAP rename entry tool [\c .BR \-c ] [\c +.BR \-C ] +[\c .BR \-M[M] ] [\c .BI \-d \ debuglevel\fR] @@ -86,6 +88,9 @@ Same as \-k, but only does step 1 of the kerberos bind. This is useful when connecting to a slapd and there is no x500dsa.hostname principal registered with your kerberos servers. .TP +.B \-C +Automatically chase referrals. +.TP .B \-c Continuous operation mode. Errors are reported, but ldapmodify will continue with modifications. The default is to exit after diff --git a/doc/man/man1/ldappasswd.1 b/doc/man/man1/ldappasswd.1 index a5f569c8dd..a985647f5a 100644 --- a/doc/man/man1/ldappasswd.1 +++ b/doc/man/man1/ldappasswd.1 @@ -10,6 +10,9 @@ ldappasswd \- change the password of an LDAP entry .BR \-A ] [\c .BI \-a \ oldPasswd\fR] +[\c +.BR \-C ] +[\c .BI \-D \ binddn\fR [\c .BI \-d \ debuglevel\fR] @@ -62,6 +65,9 @@ This is used instead of specifying the password on the command line. .BI \-a \ oldPasswd Set the old password to \fIoldPasswd\fP. .TP +.B \-C +Automatically chase referrals. +.TP .BI \-D \ binddn Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be a string-represented DN as defined in RFC 2253. diff --git a/doc/man/man1/ldapsearch.1 b/doc/man/man1/ldapsearch.1 index 7de3b6f511..0c59f5231e 100644 --- a/doc/man/man1/ldapsearch.1 +++ b/doc/man/man1/ldapsearch.1 @@ -21,18 +21,14 @@ ldapsearch \- LDAP search tool [\c .BR \-A ] [\c -.BR \-B ] +.BR \-C ] [\c -.BR \-L ] +.BR \-L[L[L]] ] [\c .BR \-M[M] ] [\c -.BR \-R ] -[\c .BI \-d \ debuglevel\fR] [\c -.BI \-F \ sep\fR] -[\c .BI \-f \ file\fR] [\c .BI \-D \ binddn\fR] @@ -122,32 +118,20 @@ Retrieve attributes only (no values). This is useful when you just want to see if an attribute is present in an entry and are not interested in the specific values. .TP -.B \-B -Do not suppress display of non-ascii values. This is useful when -dealing with values that appear in alternate characters sets such as -ISO-8859.1. This option is implied by -L (see below). -.TP .B \-L Display search results in .BR ldif (5) -format. This option also turns on the -B option, and causes the -F option -to be ignored. +format. A second -L disables comments. A third -L disables +printing of the LDIF version. +The default is -L. .TP .B \-M[M] Enable manage DSA IT control. .B \-MM makes control critical. .TP -.B \-R -Do not automatically follow referrals returned while searching. -.B ldapsearch -must be compiled with LDAP_REFERRALS defined for referrals to be -automatically followed by default, and for this option to have any effect. -.TP -.BI \-F \ sep -Use \fIsep\fP as the field separator between attribute names and values. -The default separator is `=', unless the -L flag has been specified, in -which case this option is ignored. +.B \-C +Automatically chase referrals. .TP .BI \-S \ attribute Sort the entries returned based on \fIattribute\fP. The default is not @@ -292,16 +276,15 @@ in the form: ... .fi .LP -Multiple entries are separated with a single blank line. If the -F option -is used to specify a separator character, it will be used instead of the -`=' character. If the -t option is used, the name of a temporary file +Multiple entries are separated with a single blank line. +If the -t option is used, the name of a temporary file is used in place of the actual value. If the -A option is given, only the "attributename" part is written. .SH EXAMPLE The following command: .LP .nf - ldapsearch "(sn=smith)" cn sn telephoneNumber + ldapsearch -LLL "(sn=smith)" cn sn telephoneNumber .fi .LP will perform a subtree search (using the default search base) for @@ -311,23 +294,27 @@ standard output. The output might look something like this if two entries are found: .LP .nf -uid=jts, ou=Volunteers, ou=People, dc=OpenLDAP, dc=org -cn=John Smith -cn=John T. Smith -sn=Smith -telephoneNumber=+1 555 123-4567 +dn: uid=jts, ou=Volunteers, ou=People, dc=OpenLDAP, dc=org +cn: John Smith +cn: John T. Smith +sn: Smith +sn;lang-en: Smith +sn;lang-de: Schmidt +telephoneNumber: 1 555 123-4567 -uid=sss, ou=Staff, ou=People, dc=OpenLDAP, dc=org -cn=Steve Smith -cn=Steve S. Smith -sn=Smith -telephoneNumber=+1 555 765-4321 +dn: uid=sss, ou=Staff, ou=People, dc=OpenLDAP, dc=org +cn: Steve Smith +cn: Steve S. Smith +sn: Smith +sn;lang-en: Smith +sn;lang-de: Schmidt +telephoneNumber: 1 555 765-4321 .fi .LP The command: .LP .nf - ldapsearch -u -t "uid=xyz" jpegPhoto audio + ldapsearch -LLL -u -t "(uid=xyz)" jpegPhoto audio .fi .LP will perform a subtree search using the default search base for entries @@ -338,21 +325,20 @@ output might look like this if one entry with one value for each of the requested attributes is found: .LP .nf -uid=xyz, ou=Staff, ou=People, dc=OpenLDAP, dc=org -xyz, Staff, People, OpenLDAP, org -audio=/tmp/ldapsearch-audio-a19924 -jpegPhoto=/tmp/ldapsearch-jpegPhoto-a19924 +dn: uid=xyz, ou=Staff, ou=People, dc=OpenLDAP, dc=org +ufn: xyz, Staff, People, OpenLDAP, org +audio:< file::/tmp/ldapsearch-audio-a19924 +jpegPhoto:< file::=/tmp/ldapsearch-jpegPhoto-a19924 .fi .LP This command: .LP .nf - ldapsearch -L -s one -b "c=US" "o=University*" o description + ldapsearch -LLL -s one -b "c=US" "(o=University*)" o description .fi .LP will perform a one-level search at the c=US level for all entries whose organizationName (o) begins begins with \fBUniversity\fP. -Search results will be displayed in the LDIF format. The organizationName and description attribute values will be retrieved and printed to standard output, resulting in output similar to this: .LP diff --git a/doc/man/man3/Makefile.in b/doc/man/man3/Makefile.in index b1ec689731..af22a3eda6 100644 --- a/doc/man/man3/Makefile.in +++ b/doc/man/man3/Makefile.in @@ -1,3 +1,4 @@ +# $OpenLDAP$ ## Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. ## COPYING RESTRICTIONS APPLY, See COPYRIGHT file ## diff --git a/doc/man/man5/Makefile.in b/doc/man/man5/Makefile.in index b83e294784..fe1887bc9a 100644 --- a/doc/man/man5/Makefile.in +++ b/doc/man/man5/Makefile.in @@ -1,3 +1,4 @@ +# $OpenLDAP$ ## Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. ## COPYING RESTRICTIONS APPLY, See COPYRIGHT file ## diff --git a/doc/man/man5/ldif.5 b/doc/man/man5/ldif.5 index 1cb621a5dc..9ab351768e 100644 --- a/doc/man/man5/ldif.5 +++ b/doc/man/man5/ldif.5 @@ -17,16 +17,16 @@ The basic form of an LDIF entry is: .nf .ft tt dn: - : - : - :: - :< + : + : + :: + :< ... .ft .fi .LP -The value may be specified as ASCII text or as base64 encoded data, -or a URL may be provided to the location of the attribute value. +The value may be specified as UTF-8 text or as base64 encoded data, +or a URI may be provided to the location of the attribute value. .LP A line may be continued by starting the next line with a single space or tab, e.g., @@ -38,6 +38,8 @@ or tab, e.g., .ft .fi .LP +Lines beginning with a sharpe sign ('#') are ignored. +.LP Multiple attribute values are specified on separate lines, e.g., .LP .nf @@ -59,7 +61,7 @@ the value " begins with a space" would be encoded like this: .fi .LP If the attribute value is located in a file, the is -followed by a ':<' and a file:// URL. e.g., the value contained +followed by a ':<' and a file:// URI. e.g., the value contained in the file /tmp/value would be listed like this: .LP .nf @@ -67,6 +69,7 @@ in the file /tmp/value would be listed like this: cn:< file://tmp/value .ft .fi +Other URI schemes (ftp,http) may be supported as well. .LP Multiple entries within the same LDIF file are separated by blank lines. @@ -79,7 +82,7 @@ Here is an example of an LDIF file containing three entries. cn: Barbara J Jensen cn: Babs Jensen objectclass: person - description:< file://tmp/barbara + description:< file://tmp/babs sn: Jensen dn: cn=Bjorn J Jensen, dc=OpenLDAP, dc=Org @@ -100,14 +103,14 @@ Here is an example of an LDIF file containing three entries. .ft .fi .LP -Notice that the jpegPhoto in Jennifer Jensen's entry is encoded using -base 64. +Notice that the description in Barbara Jensen's entry is +read from file://tmp/babs and the jpegPhoto in Jennifer +Jensen's entry is encoded using base 64. .SH SEE ALSO .BR ldap (3), .BR ldapsearch (1), .BR ldapadd (1) -.LP -"The SLAPD and SLURPD Administrator's Guide" +.BR "LDAP Data Interchange Format," Good, G., RFC 2849. .SH ACKNOWLEDGEMENTS .B OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index 4016f9df55..14d95a8937 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -138,17 +138,6 @@ The ( absolute ) name of a file that will hold the server's command line options if started without the debugging command line option. .TP -.B -locale { | on | off } -Obey 's character classification and case conversion; i.e. the -.BR locale (5) -LC_CTYPE category. See -.BR locale (5) -for details about locales. "on" takes the locale from the environment, -typically $LANG or $LC_CTYPE, and will only work properly if slapd will -run with the same environment variables as when the database was -generated. "off" (the default setting) resets to the initial "C" locale. -.TP .B loglevel Specify the level at which debugging statements and operation statistics should be syslogged (currently logged to the @@ -321,7 +310,9 @@ or administrative limit restrictions for operations on this database. Specify a password (or hash of the password) for the rootdn. This option accepts all RFC 2307 userPassword formats known to the server including \fB{SSHA}\fP, \fB{SHA}\fP, \fB{SMD5}\fP, -\fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext schemes. Cleartext +\fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext schemes. +.BR slappasswd (8) +may be used to generate a hash of a password. Cleartext and \fB{CRYPT}\fP passwords are not recommended. .TP .B suffix @@ -439,6 +430,7 @@ ETCDIR/slapd.conf .BR slapadd (8), .BR slapcat (8), .BR slapindex (8), +.BR slappassword (8), .BR slurpd (8), .LP "The SLAPD and SLURPD Administrator's Guide" diff --git a/doc/man/man8/Makefile.in b/doc/man/man8/Makefile.in index 795dd928a8..d0b21f401e 100644 --- a/doc/man/man8/Makefile.in +++ b/doc/man/man8/Makefile.in @@ -1,3 +1,4 @@ +# $OpenLDAP$ ## Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. ## COPYING RESTRICTIONS APPLY, See COPYRIGHT file ## diff --git a/doc/man/man8/centipede.8 b/doc/man/man8/centipede.8 deleted file mode 100644 index 361f1aa6b4..0000000000 --- a/doc/man/man8/centipede.8 +++ /dev/null @@ -1,162 +0,0 @@ -.TH CENTIPEDE 8C "22 September 1998" "OpenLDAP LDVERSION" -.\" $OpenLDAP$ -.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved. -.\" Copying restrictions apply. See COPYRIGHT/LICENSE. -.SH NAME -centipede \- LDAP centroid index generation and maintenance program -.SH SYNOPSIS -.B SBINDIR/centipede -.B [\-f filter] -.B [\-F] [\-R] -.B [\-f filter] [\-t directory] -.B [\-m authmethod] [\-b binddn] -.B [\-p passwd] [\-c cachesize] -.B \-s sourceurl \-d desturl attributes -.SH DESCRIPTION -.LP -The centipede program is used to extract centroid or other index -information from one LDAP server and install it in another. Although -index information can be extracted from any LDAP server, only a -.BR slapd (8) -LDAP server will understand the information and thus be capable of -making use of it as indexing information (i.e., you should only -install index information in a -.BR slapd (8) -LDAP server). -.LP -The basic form of the command is as follows -.LP -.nf -.ft tt - SBINDIR/centipede [options] - -s "ldap://[host/]subtree-to-index-dn" - -d "ldap://[host/]parent-of-index-entry-dn" - attributes -.ft -.fi -.LP -where the -.B \-s -option specifies the subtree for which index information is to -be generated, and the -.B \-d -option specifies the parent under which the index information is to -be installed. -.LP -For example, suppose you are running an -LDAP server on the host -.I babs.com -for an organization called "BabsCo" based in the US, and you want to -generate index information for the cn, sn and objectclass attributes of -all the people entries in your subtree. You want to install the index -informatioin in the indexing -.BR slapd (8) -running on the host -.I vertigo.rs.itd.umich.edu -under the c=US entry. -This way, when an LDAP client connects to the -.BR slapd (8) -on vertigo and does a subtree search of c=US, -.BR slapd (8) -can consult the index information to tell whether it should refer the -client to your server or not. You could accomplish this with a command -like this: -.LP -.nf -.ft tt - SBINDIR/centipede -f '(objectclass=person)' - -m simple -b your-rootdn -p your-rootdnpw - -s "ldap://babs.com/o=BabsCo, c=US" - -d "ldap://vertigo.rs.itd.umich.edu/c=US" - cn sn objectclass -.ft -.fi -.LP -Note the -.B \-b -and -.B \-p -options can be used to authenticate as an entity able to read all -the information you want. -.LP -See "The SLAPD and SLURPD Administrator's Guide" for more details on -using this program. -.SH OPTIONS -.TP -.B \-v -Turn on verbose mode. This option can be given multiple times to increase -the level of verbosity. -.TP -.B \-n -Do not actually install index information. Useful in conjunction with -.B -v -for seeing what -.B centipede -is up to. -.TP -.BI \-f " ldapfilter" -Specify a filter used to select the entries for which to generate indexing -information. -.I ldapfilter -should be a string LDAP filter as described by RFC 1588. -.TP -.BI \-F -Generate full, as opposed to relative, index information. -.TP -.BI \-R -Generate relative, as opposed to full, index information. Full information -is still generated if there is no previous information available from -which to generate the relative information. This is the default. -.TP -.BI \-t " directory" -Specify the directory in which to create temporary files, find existing -index information, and put new index information. The default is -whatever is used by tempnam. -.TP -.BI \-b " binddn" -Specify the DN to authenticate with when extracting index information. -.TP -.BI \-p " passwd" -Specify the password to use for simple authentication when extracting -index information. -.TP -.BI \-m " authmethod" -Specify the authentication method to use when extracting index information. -.I authmethod -should be either "simple" or "kerberos". -.TP -.BI \-B " binddn" -Specify the DN to authenticate with when installing index information. -.TP -.BI \-P " passwd" -Specify the password to use for simple authentication when installing -index information. -.TP -.BI \-M " authmethod" -Specify the authentication method to use when installing index information. -.I authmethod -should be either "simple" or "kerberos". -.TP -.BI \-c " cachesize" -Specify the size in bytes of the cache used when building the new -index information. Upping this number can cause a big performance boost, -if you've got the memory for it. -.SH NOTES -This is all very experimental at the moment, and is subject to change. -.LP -Currently, -.B centipede -only handles value-based index information. A future version of centipede -will allow other types of index information to be manipulated (e.g., -word-based indexes, substring indexes, phonetic indexes, hash indexes, -etc.). A future version may also allow weights to be generated. -.SH "SEE ALSO" -.BR ldap (3), -.BR slapd (8) -.LP -"The SLAPD and SLURPD Administrator's Guide" -.SH ACKNOWLEDGEMENTS -.B OpenLDAP -is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). -.B OpenLDAP -is derived from University of Michigan LDAP 3.3 Release. diff --git a/doc/man/man8/chlog2replog.8 b/doc/man/man8/chlog2replog.8 deleted file mode 100644 index d17c83cc5c..0000000000 --- a/doc/man/man8/chlog2replog.8 +++ /dev/null @@ -1,110 +0,0 @@ -.TH CHLOG2REPLOG 8C "22 September 1998" "OpenLDAP LDVERSION" -.\" $OpenLDAP$ -.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved. -.\" Copying restrictions apply. See COPYRIGHT/LICENSE. -.SH NAME -chlog2replog \- convert an X.500 DSA-style changelog to an LDAP-style -replication log -.SH SYNOPSIS -.B SBINDIR/chlog2replog -.B \-r hostname:port [\-r hostname:port ...] -.B \-d dn\-suffix [\-o output\-file] < input\-file -.LP -.SH DESCRIPTION -.LP -chlog2replog is used to convert an X.500\-style changelog to an -LDAP\-style replication log. It reads its standard input and -writes standard output if no \-o flag is given. If the \-o flag -is given, -.B chlog2replog -writes its output to the given file, following -the same advisory locking mechanisms respected by the -.B slurpd -program. This makes it possible to use chlog2replog in a pipeline -to produce input for -.B slurpd. - -.SH OPTIONS -.TP -.BI \-r " hostname:port" -This option specifies the hostname and port number to which updates -should be propagated. -.B chlog2replog -will include one "replica: hostname:port" directive in each replication -log entry it writes out for each -.B \-r -option given. You may supply as many replica hostname:port options as -you wish. -.TP -.BI \-d " dn\-suffix" -This option specifies an additional string to append to converted -DNs (Distinguished Names) converted from the changelog file. The -DNs in the changelog file will typically be partial DNs which omit -the portion of the directory tree "above" the organizational root. -For example, if your directory tree is rooted at o=University of -Michigan, c=US, you will need to include the argument -"\-d ", o=University of Michigan, c=US". -.TP -.BI \-o " output\-file" -If given, this option specifies an output file to which converted -replication log entries will be written. -.B chlog2replog -obeys the same file locking conventions used by -.B slurpd, -so that it is possible to use -.B chlog2replog -to "feed" changes from an X.500 DSA to -.B slurpd. See the -.B examples -section, below, for more information. -.SH EXAMPLES -To read the DSA-style changelog file -.BR changlelog -and write on the standard output an LDAP-style replication log, -appending ", o=University of Michigan, c=US" to all entry -DNs, and including a replica: entry for host "ldapserver," port -389, give the command: -.LP -.nf -.ft tt - SBINDIR/chlog2replog -d ", o=University of Michigan, c=US" - -r ldapserver:389 < changelog -.ft -.fi -.LP -To do the same, but routing the output to the file "replog," using -slurpd\-compatible file\-locking, -give this command: -.LP -.nf -.ft tt - SBINDIR/chlog2replog -d ", o=University of Michigan, c=US" - -r ldapserver:389 -o replog < changelog -.ft -.fi -.LP -To continually read new changes from the file "changelog" and write -them to the file "replog", -give this command: -.LP -.nf -.ft tt - tail +0f changelog | SBINDIR/chlog2replog - -d ", o=University of Michigan, c=US" - -r ldapserver:389 -o replog < changelog -.ft -.fi - -.LP -.SH "SEE ALSO" -.BR ldap (3), -.BR ldif (5), -.BR slurpd (8), -.BR slapd (8), -.LP -"The SLAPD and SLURPD Administrator's Guide" -.SH ACKNOWLEDGEMENTS -.B OpenLDAP -is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). -.B OpenLDAP -is derived from University of Michigan LDAP 3.3 Release. diff --git a/doc/man/man8/edb2ldif.8 b/doc/man/man8/edb2ldif.8 deleted file mode 100644 index bcfcadbe4f..0000000000 --- a/doc/man/man8/edb2ldif.8 +++ /dev/null @@ -1,107 +0,0 @@ -.TH EDB2LDIF 8C "22 September 1998" "OpenLDAP LDVERSION" -.\" $OpenLDAP$ -.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved. -.\" Copying restrictions apply. See COPYRIGHT/LICENSE. -.SH NAME -edb2ldif \- QUIPU EDB file to LDIF conversion tool -.SH SYNOPSIS -.B SBINDIR/edb2ldif -.B [\-d] [\-v] [\-r] [\-o] [\-b basedn] -.B [\-a addvalsfile] [\-f fileattrdir] -.B [\-i ignoreattr...] [edbfile...] -.B -.SH DESCRIPTION -.LP -Data that is held in a QUIPU DSA (available as part of the ISODE package) -is stored in or can be easily converted to the EDB file format. The -.I edb2ldif -tool is used to convert directory data from EDB file format to the -LDAP Directory Interchange Format (LDIF) used by -.BR slapd (8) -and associated utilities. The -.BR slapadd (8) -program can be used to convert the resulting LDIF data into a database -that is compatible with -.BR slapd (8). -.LP -.I edb2ldif -writes LDIF formatted data to standard output. If you specify a particular -.I edbfile -(or files) to read data from, they are converted. If no -.I edbfile -is specified, the files named -.BR EDB.root -(if it exists) and -.BR EDB -in the current directory are converted. An entire EDB hierarchy -can be converted using the -.B \-r -option. -.LP -When -.I edb2ldif -is invoked, it will also look for files named -.BR .add -in the directories -where EDB files are found and append the contents of the -.BR .add -file to each entry in the corresponding EDB file. -Typically, this feature is used to include inherited -attribute values (e.g., objectClass) that do not appear in the EDB files. -.LP -See "The SLAPD and SLURPD Administrator's Guide" for more details on -using -.I edb2ldif, -including step-by-step conversion instructions. -.SH OPTIONS -.TP -.B \-d -Turn on some extra debugging which is written to standard error. -.TP -.B \-v -Enable verbose mode that writes status information to standard error, such -as which EDB file is being processed, how many entries have been -converted so far, etc. -.TP -.B \-r -Recurse through child directories, processing all EDB files found. -.TP -.B \-o -Cause local -.B .add -file definitions to override the global addfile (see the -.B \-a -option below) -.TP -.BI \-b " basedn" -Specify the Distinguished Name that all EDB file entries appear below. -.TP -.B \-a " addvalsfile" -The LDIF information contained in this file will be appended to each entry. -(See the -.B \-o -option above.) -.TP -.BI \-f " fileattrdir" -Specify a single directory where all file-based attributes (typically sounds -and images) can be found. If this option is not given, file attributes are -assumed to be located in the same directory as the EDB file that refers to -them. -.TP -.BI \-i " ignoreattr" -Specify an attribute that should not be converted. You can include as many -\- i flags as necessary. -.SH "SEE ALSO" -.BR ldap (3), -.BR ldif (5), -.BR slapd (8), -.BR slapadd (8) -.LP -"The SLAPD and SLURPD Administrator's Guide" -.LP -Volume 5 of The ISODE Manual -.SH ACKNOWLEDGEMENTS -.B OpenLDAP -is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). -.B OpenLDAP -is derived from University of Michigan LDAP 3.3 Release. diff --git a/doc/man/man8/ldif.8 b/doc/man/man8/ldif.8 deleted file mode 100644 index be3bc42847..0000000000 --- a/doc/man/man8/ldif.8 +++ /dev/null @@ -1,56 +0,0 @@ -.TH LDIF 8C "22 September 1998" "OpenLDAP LDVERSION" -.\" $OpenLDAP$ -.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved. -.\" Copying restrictions apply. See COPYRIGHT/LICENSE. -.SH NAME -ldif \- convert arbitrary data to LDIF format -.SH SYNOPSIS -.B SBINDIR/ldif [\-b] attr\-name -.LP -.SH DESCRIPTION -.LP -This program is used to convert arbitrary data to the -LDAP Directory Interchange Format (LDIF) described in -.BR ldif (5). -.B ldif -reads data from standard input, converts it, -and writes the corresponding LDIF output to standard output. -The output is suitable for use as a line in an -.BR ldif (5) -file. -.LP -Without the -.B \-b -flag, -.B ldif -considers its input a sequence of values to be -converted, one per line. With the -.B \-b -flag, -.B ldif -considers its input as a single raw binary value to be -converted. This can be useful when converting binary data -such as a photo or audio attribute. -.LP -See "The SLAPD and SLURPD Administrator's Guide" for more details on -using this program. -.SH OPTIONS -.TP -.B \-b -This option specifies that -.B ldif -should interpret its input as a single binary value for conversion. -Otherwise, it interprets it as a sequence of lines, with each line -containing a single value. -.SH "SEE ALSO" -.BR ldap (3), -.BR ldif (5), -.BR slapadd (8), -.BR slapd (8) -.LP -"The SLAPD and SLURPD Administrator's Guide" -.SH ACKNOWLEDGEMENTS -.B OpenLDAP -is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). -.B OpenLDAP -is derived from University of Michigan LDAP 3.3 Release. diff --git a/doc/rfc/INDEX b/doc/rfc/INDEX index 83b34b14de..58b0101f76 100644 --- a/doc/rfc/INDEX +++ b/doc/rfc/INDEX @@ -53,3 +53,5 @@ rfc2829.txt LDAPv3/Authentication Methods (PS) rfc2830.txt LDAPv3/StartTLS (PS) rfc2831.txt SASL/DIGEST-MD5 (PS) rfc2849.txt LDIFv1 (PS) + +$OpenLDAP$ diff --git a/include/ac/errno.h b/include/ac/errno.h index e04c228856..7e6abae9c0 100644 --- a/include/ac/errno.h +++ b/include/ac/errno.h @@ -25,8 +25,8 @@ # define sys_errlist ((char **)0) #elif DECL_SYS_ERRLIST /* have sys_errlist but need declaration */ - LIBC_F (int) sys_nerr; - LIBC_F (char) *sys_errlist[]; + LDAP_LIBC_V (int) sys_nerr; + LDAP_LIBC_V (char) *sys_errlist[]; #endif #ifdef HAVE_STRERROR diff --git a/include/ac/setproctitle.h b/include/ac/setproctitle.h index 910dc96b15..4f928ac756 100644 --- a/include/ac/setproctitle.h +++ b/include/ac/setproctitle.h @@ -19,10 +19,10 @@ # include #else /* use lutil version */ - LIBLUTIL_F (void) (setproctitle) LDAP_P((const char *fmt, ...)) \ - LDAP_GCCATTR((format(printf, 1, 2))); - LIBLUTIL_F (int) Argc; - LIBLUTIL_F (char) **Argv; + LDAP_LUTIL_F (void) (setproctitle) LDAP_P((const char *fmt, ...)) \ + LDAP_GCCATTR((format(printf, 1, 2))); + LDAP_LUTIL_V (int) Argc; + LDAP_LUTIL_V (char) **Argv; #endif #endif /* LDAP_PROCTITLE */ diff --git a/include/ac/signal.h b/include/ac/signal.h index 4b7a9d120e..faca4c66ad 100644 --- a/include/ac/signal.h +++ b/include/ac/signal.h @@ -36,11 +36,10 @@ # else /* - LinuxThreads implemented unfortunately uses the only - two signals reserved for user applications. This forces - OpenLDAP to use, hopefullly unused, signals reserved - for other uses. - */ + * Some versions of LinuxThreads unfortunately uses the only + * two signals reserved for user applications. This forces + * OpenLDAP to use other signals reserved for other uses. + */ # if defined( SIGSTKFLT ) # define LDAP_SIGUSR1 SIGSTKFLT diff --git a/include/ac/socket.h b/include/ac/socket.h index 5a141e0f0c..81b4895e8c 100644 --- a/include/ac/socket.h +++ b/include/ac/socket.h @@ -92,7 +92,7 @@ #define sock_errno() WSAGetLastError() #define sock_errstr(e) ber_pvt_wsa_err2string(e) -LIBLBER_F (char *) ber_pvt_wsa_err2string LDAP_P((int)); +LBER_F( char * ) ber_pvt_wsa_err2string LDAP_P((int)); #elif MACOS # define tcp_close( s ) tcpclose( s ) @@ -148,7 +148,7 @@ LIBLBER_F (char *) ber_pvt_wsa_err2string LDAP_P((int)); #if !defined( HAVE_INET_ATON ) && !defined( inet_aton ) #define inet_aton ldap_pvt_inet_aton struct in_addr; -LIBLDAP_F (int) ldap_pvt_inet_aton LDAP_P(( const char *, struct in_addr * )); +LDAP_F (int) ldap_pvt_inet_aton LDAP_P(( const char *, struct in_addr * )); #endif #if defined(__WIN32) && defined(_ALPHA) diff --git a/include/ac/string.h b/include/ac/string.h index bb1c10b836..bac0dc256e 100644 --- a/include/ac/string.h +++ b/include/ac/string.h @@ -43,7 +43,7 @@ #endif /* use ldap_pvt_strtok instead of strtok or strtok_r! */ -LIBLDAP_F(char *) ldap_pvt_strtok LDAP_P(( char *str, const char *delim, +LDAP_F(char *) ldap_pvt_strtok LDAP_P(( char *str, const char *delim, char **pos )); #ifndef HAVE_STRDUP @@ -52,7 +52,7 @@ LIBLDAP_F(char *) ldap_pvt_strtok LDAP_P(( char *str, const char *delim, # define strdup(s) ber_strdup(s) #else /* some systems fail to declare strdup */ - LIBC_F(char *) (strdup)(); + LDAP_LIBC_F(char *) (strdup)(); #endif /* diff --git a/include/ac/unistd.h b/include/ac/unistd.h index b7710dcd75..3593bb7024 100644 --- a/include/ac/unistd.h +++ b/include/ac/unistd.h @@ -28,16 +28,16 @@ /* note: callers of crypt(3) should include */ #if defined(HAVE_GETPASSPHRASE) -LIBC_F(char*)(getpassphrase)(); +LDAP_LIBC_F(char*)(getpassphrase)(); #elif defined(HAVE_GETPASS) #define getpassphrase(p) getpass(p) -LIBC_F(char*)(getpass)(); +LDAP_LIBC_F(char*)(getpass)(); #else #define NEED_GETPASSPHRASE 1 #define getpassphrase(p) lutil_getpass(p) -LIBLUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass)); +LDAP_LUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass)); #endif /* getopt() defines may be in separate include file */ @@ -50,13 +50,14 @@ LIBLUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass)); #else /* assume we need to declare these externs */ - LIBC_F (char *) optarg; - LIBC_F (int) optind, opterr, optopt; + LDAP_LIBC_V (char *) optarg; + LDAP_LIBC_V (int) optind, opterr, optopt; #endif #ifndef HAVE_TEMPNAM - LIBLUTIL_F(char *)(tempnam) LDAP_P(( const char *tmpdir, - const char *prefix)); + LDAP_LUTIL_F(char *)(tempnam) LDAP_P(( + const char *tmpdir, + const char *prefix)); #endif /* use lutil file locking */ diff --git a/include/avl.h b/include/avl.h index 7ecb3affe5..da98ae9879 100644 --- a/include/avl.h +++ b/include/avl.h @@ -61,39 +61,39 @@ typedef int (*AVL_CMP) LDAP_P((const void*, const void*)); typedef int (*AVL_DUP) LDAP_P((void*, void*)); typedef void (*AVL_FREE) LDAP_P((void*)); -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_free LDAP_P(( Avlnode *root, AVL_FREE dfree )); -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_insert LDAP_P((Avlnode **, void*, AVL_CMP, AVL_DUP)); -LIBAVL_F( void* ) +LDAP_AVL_F( void* ) avl_delete LDAP_P((Avlnode **, void*, AVL_CMP)); -LIBAVL_F( void* ) +LDAP_AVL_F( void* ) avl_find LDAP_P((Avlnode *, const void*, AVL_CMP)); -LIBAVL_F( void* ) +LDAP_AVL_F( void* ) avl_find_lin LDAP_P((Avlnode *, const void*, AVL_CMP)); #ifdef AVL_NONREENTRANT -LIBAVL_F( void* ) +LDAP_AVL_F( void* ) avl_getfirst LDAP_P((Avlnode *)); -LIBAVL_F( void* ) +LDAP_AVL_F( void* ) avl_getnext LDAP_P((void)); #endif -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_dup_error LDAP_P((void*, void*)); -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_dup_ok LDAP_P((void*, void*)); -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_apply LDAP_P((Avlnode *, AVL_APPLY, void*, int, int)); -LIBAVL_F( int ) +LDAP_AVL_F( int ) avl_prefixapply LDAP_P((Avlnode *, void*, AVL_CMP, void*, AVL_CMP, void*, int)); /* apply traversal types */ diff --git a/include/disptmpl.h b/include/disptmpl.h index c99ddb240b..8acfc30c70 100644 --- a/include/disptmpl.h +++ b/include/disptmpl.h @@ -225,88 +225,88 @@ struct ldap_disptmpl { typedef int (*ldap_writeptype) LDAP_P(( void *writeparm, char *p, ber_len_t len )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_init_templates LDAP_P(( char *file, struct ldap_disptmpl **tmpllistp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_init_templates_buf LDAP_P(( char *buf, ber_len_t buflen, struct ldap_disptmpl **tmpllistp )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_free_templates LDAP_P(( struct ldap_disptmpl *tmpllist )); -LIBLDAP_F( struct ldap_disptmpl * ) +LDAP_F( struct ldap_disptmpl * ) ldap_first_disptmpl LDAP_P(( struct ldap_disptmpl *tmpllist )); -LIBLDAP_F( struct ldap_disptmpl * ) +LDAP_F( struct ldap_disptmpl * ) ldap_next_disptmpl LDAP_P(( struct ldap_disptmpl *tmpllist, struct ldap_disptmpl *tmpl )); -LIBLDAP_F( struct ldap_disptmpl * ) +LDAP_F( struct ldap_disptmpl * ) ldap_name2template LDAP_P(( char *name, struct ldap_disptmpl *tmpllist )); -LIBLDAP_F( struct ldap_disptmpl * ) +LDAP_F( struct ldap_disptmpl * ) ldap_oc2template LDAP_P(( char **oclist, struct ldap_disptmpl *tmpllist )); -LIBLDAP_F( char ** ) +LDAP_F( char ** ) ldap_tmplattrs LDAP_P(( struct ldap_disptmpl *tmpl, char **includeattrs, int exclude, unsigned long syntaxmask )); -LIBLDAP_F( struct ldap_tmplitem * ) +LDAP_F( struct ldap_tmplitem * ) ldap_first_tmplrow LDAP_P(( struct ldap_disptmpl *tmpl )); -LIBLDAP_F( struct ldap_tmplitem * ) +LDAP_F( struct ldap_tmplitem * ) ldap_next_tmplrow LDAP_P(( struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row )); -LIBLDAP_F( struct ldap_tmplitem * ) +LDAP_F( struct ldap_tmplitem * ) ldap_first_tmplcol LDAP_P(( struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row )); -LIBLDAP_F( struct ldap_tmplitem * ) +LDAP_F( struct ldap_tmplitem * ) ldap_next_tmplcol LDAP_P(( struct ldap_disptmpl *tmpl, struct ldap_tmplitem *row, struct ldap_tmplitem *col )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_entry2text LDAP_P(( LDAP *ld, char *buf, LDAPMessage *entry, struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals, ldap_writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned long opts )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_vals2text LDAP_P(( LDAP *ld, char *buf, char **vals, char *label, int labelwidth, unsigned long syntaxid, ldap_writeptype writeproc, void *writeparm, char *eol, int rdncount )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_entry2text_search LDAP_P(( LDAP *ld, char *dn, char *base, LDAPMessage *entry, struct ldap_disptmpl *tmpllist, char **defattrs, char ***defvals, ldap_writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned long opts )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_entry2html LDAP_P(( LDAP *ld, char *buf, LDAPMessage *entry, struct ldap_disptmpl *tmpl, char **defattrs, char ***defvals, ldap_writeptype writeproc, void *writeparm, char *eol, int rdncount, unsigned long opts, char *urlprefix, char *base )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_vals2html LDAP_P(( LDAP *ld, char *buf, char **vals, char *label, int labelwidth, unsigned long syntaxid, ldap_writeptype writeproc, void *writeparm, char *eol, int rdncount, char *urlprefix )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_entry2html_search LDAP_P(( LDAP *ld, char *dn, char *base, LDAPMessage *entry, struct ldap_disptmpl *tmpllist, char **defattrs, char ***defvals, diff --git a/include/getopt-compat.h b/include/getopt-compat.h index ca23e4b776..e26c43e0ca 100644 --- a/include/getopt-compat.h +++ b/include/getopt-compat.h @@ -25,10 +25,9 @@ LDAP_BEGIN_DECL #define optopt lutil_optopt #define getopt lutil_getopt -LIBLUTIL_F (char *) optarg; -LIBLUTIL_F (int) optind, opterr, optopt; - -LIBLUTIL_F (int) getopt LDAP_P(( int, char * const [], const char *)); +LDAP_LUTIL_V (char *) optarg; +LDAP_LUTIL_V (int) optind, opterr, optopt; +LDAP_LUTIL_F (int) getopt LDAP_P(( int, char * const [], const char *)); LDAP_END_DECL diff --git a/include/lber.h b/include/lber.h index 13551e37a6..2ee98d8246 100644 --- a/include/lber.h +++ b/include/lber.h @@ -101,6 +101,9 @@ LDAP_BEGIN_DECL #define LBER_OPT_ERROR_FN 0x8003 #define LBER_OPT_LOG_PRINT_FILE 0x8004 +/* get/set Memory Debug options */ +#define LBER_OPT_MEMORY_INUSE 0x8005 /* for memory debugging */ + typedef int* (*BER_ERRNO_FN) LDAP_P(( void )); typedef void (*BER_LOG_PRINT_FN) LDAP_P(( LDAP_CONST char *buf )); @@ -202,19 +205,19 @@ typedef struct berval { /* * in bprint.c: */ -LIBLBER_F( void ) +LBER_F( void ) ber_error_print LDAP_P(( LDAP_CONST char *data )); -LIBLBER_F( void ) +LBER_F( void ) ber_bprint LDAP_P(( LDAP_CONST char *data, ber_len_t len )); -LIBLBER_F( void ) +LBER_F( void ) ber_dump LDAP_P(( BerElement *ber, int inout )); -LIBLBER_F( void ) +LBER_F( void ) ber_sos_dump LDAP_P(( Seqorset *sos )); @@ -227,74 +230,74 @@ typedef int (*BERDecodeCallback) LDAP_P(( void *data, int mode )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_tag LDAP_P(( BerElement *ber )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_skip_tag LDAP_P(( BerElement *ber, ber_len_t *len )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_peek_tag LDAP_P(( BerElement *ber, ber_len_t *len )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_int LDAP_P(( BerElement *ber, ber_int_t *num )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_enum LDAP_P(( BerElement *ber, ber_int_t *num )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_stringb LDAP_P(( BerElement *ber, char *buf, ber_len_t *len )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_stringa LDAP_P(( BerElement *ber, char **buf )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_stringal LDAP_P(( BerElement *ber, struct berval **bv )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_bitstringa LDAP_P(( BerElement *ber, char **buf, ber_len_t *len )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_null LDAP_P(( BerElement *ber )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_boolean LDAP_P(( BerElement *ber, ber_int_t *boolval )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_first_element LDAP_P(( BerElement *ber, ber_len_t *len, char **last )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_next_element LDAP_P(( BerElement *ber, ber_len_t *len, LDAP_CONST char *last )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_scanf LDAP_P(( BerElement *ber, LDAP_CONST char *fmt, @@ -307,74 +310,74 @@ typedef int (*BEREncodeCallback) LDAP_P(( BerElement *ber, void *data )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_enum LDAP_P(( BerElement *ber, ber_int_t num, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_int LDAP_P(( BerElement *ber, ber_int_t num, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_ostring LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_len_t len, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_berval LDAP_P(( BerElement *ber, LDAP_CONST struct berval *bv, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_string LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_bitstring LDAP_P(( BerElement *ber, LDAP_CONST char *str, ber_len_t bitlen, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_null LDAP_P(( BerElement *ber, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_boolean LDAP_P(( BerElement *ber, ber_int_t boolval, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_start_seq LDAP_P(( BerElement *ber, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_start_set LDAP_P(( BerElement *ber, ber_tag_t tag )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_seq LDAP_P(( BerElement *ber )); -LIBLBER_F( int ) +LBER_F( int ) ber_put_set LDAP_P(( BerElement *ber )); -LIBLBER_F( int ) +LBER_F( int ) ber_printf LDAP_P(( BerElement *ber, LDAP_CONST char *fmt, @@ -385,65 +388,65 @@ ber_printf LDAP_P(( * in io.c: */ -LIBLBER_F( ber_slen_t ) +LBER_F( ber_slen_t ) ber_read LDAP_P(( BerElement *ber, char *buf, ber_len_t len )); -LIBLBER_F( ber_slen_t ) +LBER_F( ber_slen_t ) ber_write LDAP_P(( BerElement *ber, LDAP_CONST char *buf, ber_len_t len, int nosos )); -LIBLBER_F( void ) +LBER_F( void ) ber_free LDAP_P(( BerElement *ber, int freebuf )); -LIBLBER_F( int ) +LBER_F( int ) ber_flush LDAP_P(( Sockbuf *sb, BerElement *ber, int freeit )); -LIBLBER_F( BerElement * ) +LBER_F( BerElement * ) ber_alloc LDAP_P(( void )); /* DEPRECATED */ -LIBLBER_F( BerElement * ) +LBER_F( BerElement * ) der_alloc LDAP_P(( void )); /* DEPRECATED */ -LIBLBER_F( BerElement * ) +LBER_F( BerElement * ) ber_alloc_t LDAP_P(( int beroptions )); -LIBLBER_F( BerElement * ) +LBER_F( BerElement * ) ber_dup LDAP_P(( BerElement *ber )); -LIBLBER_F( ber_tag_t ) +LBER_F( ber_tag_t ) ber_get_next LDAP_P(( Sockbuf *sb, ber_len_t *len, BerElement *ber )); -LIBLBER_F( void ) +LBER_F( void ) ber_init_w_nullc LDAP_P(( BerElement *ber, int options )); -LIBLBER_F( void ) +LBER_F( void ) ber_reset LDAP_P(( BerElement *ber, int was_writing )); -LIBLBER_F( BerElement * ) +LBER_F( BerElement * ) ber_init LDAP_P(( struct berval *bv )); -LIBLBER_F( int ) +LBER_F( int ) ber_flatten LDAP_P(( BerElement *ber, struct berval **bvPtr )); @@ -452,13 +455,13 @@ ber_flatten LDAP_P(( * LBER ber accessor functions */ -LIBLBER_F( int ) +LBER_F( int ) ber_get_option LDAP_P(( void *item, int option, void *outvalue)); -LIBLBER_F( int ) +LBER_F( int ) ber_set_option LDAP_P(( void *item, int option, @@ -468,97 +471,97 @@ ber_set_option LDAP_P(( * LBER sockbuf.c */ -LIBLBER_F( Sockbuf * ) +LBER_F( Sockbuf * ) ber_sockbuf_alloc LDAP_P(( void )); -LIBLBER_F( void ) +LBER_F( void ) ber_sockbuf_free LDAP_P(( Sockbuf *sb )); -LIBLBER_F( int ) +LBER_F( int ) ber_sockbuf_add_io LDAP_P(( Sockbuf *sb, Sockbuf_IO *sbio, int layer, void *arg )); -LIBLBER_F( int ) +LBER_F( int ) ber_sockbuf_remove_io LDAP_P(( Sockbuf *sb, Sockbuf_IO *sbio, int layer )); -LIBLBER_F( int ) +LBER_F( int ) ber_sockbuf_ctrl LDAP_P(( Sockbuf *sb, int opt, void *arg )); -LIBLBER_F( Sockbuf_IO ) ber_sockbuf_io_tcp; -LIBLBER_F( Sockbuf_IO ) ber_sockbuf_io_udp; -LIBLBER_F( Sockbuf_IO ) ber_sockbuf_io_readahead; -LIBLBER_F( Sockbuf_IO ) ber_sockbuf_io_fd; -LIBLBER_F( Sockbuf_IO ) ber_sockbuf_io_debug; +LBER_F( Sockbuf_IO ) ber_sockbuf_io_tcp; +LBER_F( Sockbuf_IO ) ber_sockbuf_io_udp; +LBER_F( Sockbuf_IO ) ber_sockbuf_io_readahead; +LBER_F( Sockbuf_IO ) ber_sockbuf_io_fd; +LBER_F( Sockbuf_IO ) ber_sockbuf_io_debug; /* * LBER memory.c */ -LIBLBER_F( void * ) +LBER_F( void * ) ber_memalloc LDAP_P(( ber_len_t s )); -LIBLBER_F( void * ) +LBER_F( void * ) ber_memrealloc LDAP_P(( void* p, ber_len_t s )); -LIBLBER_F( void * ) +LBER_F( void * ) ber_memcalloc LDAP_P(( ber_len_t n, ber_len_t s )); -LIBLBER_F( void ) +LBER_F( void ) ber_memfree LDAP_P(( void* p )); -LIBLBER_F( void ) +LBER_F( void ) ber_memvfree LDAP_P(( void** vector )); -LIBLBER_F( void ) +LBER_F( void ) ber_bvfree LDAP_P(( struct berval *bv )); -LIBLBER_F( void ) +LBER_F( void ) ber_bvecfree LDAP_P(( struct berval **bv )); -LIBLBER_F( int ) +LBER_F( int ) ber_bvecadd LDAP_P(( struct berval ***bvec, struct berval *bv )); -LIBLBER_F( struct berval * ) +LBER_F( struct berval * ) ber_bvdup LDAP_P(( LDAP_CONST struct berval *bv )); -LIBLBER_F( struct berval * ) +LBER_F( struct berval * ) ber_bvstr LDAP_P(( LDAP_CONST char * )); -LIBLBER_F( struct berval * ) +LBER_F( struct berval * ) ber_bvstrdup LDAP_P(( LDAP_CONST char * )); -LIBLBER_F( char * ) +LBER_F( char * ) ber_strdup LDAP_P(( LDAP_CONST char * )); /* * error.c */ -LIBLBER_F( int * ) ber_errno_addr LDAP_P((void)); +LBER_F( int * ) ber_errno_addr LDAP_P((void)); #define ber_errno (*(ber_errno_addr)()) #define LBER_ERROR_NONE 0 diff --git a/include/lber_pvt.h b/include/lber_pvt.h index e314205f47..f67a26ae5e 100644 --- a/include/lber_pvt.h +++ b/include/lber_pvt.h @@ -30,9 +30,9 @@ typedef struct sockbuf_buf { /* * bprint.c */ -LIBLBER_F( BER_LOG_PRINT_FN ) ber_pvt_log_print; +LBER_F( BER_LOG_PRINT_FN ) ber_pvt_log_print; -LIBLBER_F( int ) +LBER_F( int ) ber_pvt_log_printf LDAP_P(( int errlvl, int loglvl, @@ -42,22 +42,22 @@ ber_pvt_log_printf LDAP_P(( /* * sockbuf.c */ -LIBLBER_F( ber_slen_t ) +LBER_F( ber_slen_t ) ber_pvt_sb_do_write LDAP_P(( Sockbuf_IO_Desc *sbiod, Sockbuf_Buf *buf_out )); -LIBLBER_F( void ) +LBER_F( void ) ber_pvt_sb_buf_init LDAP_P(( Sockbuf_Buf *buf )); -LIBLBER_F( void ) +LBER_F( void ) ber_pvt_sb_buf_destroy LDAP_P(( Sockbuf_Buf *buf )); -LIBLBER_F( int ) +LBER_F( int ) ber_pvt_sb_grow_buffer LDAP_P(( Sockbuf_Buf *buf, ber_len_t minsize )); -LIBLBER_F( ber_len_t ) +LBER_F( ber_len_t ) ber_pvt_sb_copy_out LDAP_P(( Sockbuf_Buf *sbb, char *buf, ber_len_t len )); -LIBLBER_F( int ) +LBER_F( int ) ber_pvt_socket_set_nonblock LDAP_P(( ber_socket_t sd, int nb )); LDAP_END_DECL diff --git a/include/ldap.h b/include/ldap.h index 911c4e9180..ccb0f4aa28 100644 --- a/include/ldap.h +++ b/include/ldap.h @@ -138,6 +138,12 @@ LDAP_BEGIN_DECL #define LDAP_OPT_ON ((void *) 1) #define LDAP_OPT_OFF ((void *) 0) +/* + * ldap_get_option() and ldap_set_option() return values. + * As later versions may return other values indicating + * failure, current applications should only compare returned + * value against LDAP_OPT_SUCCESS. + */ #define LDAP_OPT_SUCCESS 0 #define LDAP_OPT_ERROR (-1) @@ -529,13 +535,13 @@ struct timeval; /* * in options.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_get_option LDAP_P(( LDAP *ld, int option, void *outvalue)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_set_option LDAP_P(( LDAP *ld, int option, @@ -545,7 +551,7 @@ ldap_set_option LDAP_P(( typedef int (LDAP_REBIND_PROC) LDAP_P(( LDAP *ld, LDAP_CONST char *url, int request, ber_int_t msgid )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_set_rebind_proc LDAP_P(( LDAP *ld, LDAP_REBIND_PROC *ldap_proc)); @@ -553,28 +559,28 @@ ldap_set_rebind_proc LDAP_P(( /* * in controls.c: */ -LIBLDAP_F( void ) +LDAP_F( void ) ldap_control_free LDAP_P(( LDAPControl *ctrl )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_controls_free LDAP_P(( LDAPControl **ctrls )); /* * in dnssrv.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_domain2dn LDAP_P(( LDAP_CONST char* domain, char** dn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_dn2domain LDAP_P(( LDAP_CONST char* dn, char** domain )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_domain2hostlist LDAP_P(( LDAP_CONST char *domain, char** hostlist )); @@ -582,7 +588,7 @@ ldap_domain2hostlist LDAP_P(( /* * in extended.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_extended_operation LDAP_P(( LDAP *ld, LDAP_CONST char *reqoid, @@ -591,7 +597,7 @@ ldap_extended_operation LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_extended_operation_s LDAP_P(( LDAP *ld, LDAP_CONST char *reqoid, @@ -601,7 +607,7 @@ ldap_extended_operation_s LDAP_P(( char **retoidp, struct berval **retdatap )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_extended_result LDAP_P(( LDAP *ld, LDAPMessage *res, @@ -609,17 +615,26 @@ ldap_parse_extended_result LDAP_P(( struct berval **retdatap, int freeit )); +LDAP_F( int ) +ldap_parse_extended_partial LDAP_P(( + LDAP *ld, + LDAPMessage *res, + char **retoidp, + struct berval **retdatap, + LDAPControl ***serverctrls, + int freeit )); + /* * in abandon.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_abandon_ext LDAP_P(( LDAP *ld, int msgid, LDAPControl **serverctrls, LDAPControl **clientctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_abandon LDAP_P(( /* deprecated */ LDAP *ld, int msgid )); @@ -628,7 +643,7 @@ ldap_abandon LDAP_P(( /* deprecated */ /* * in add.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_add_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -637,7 +652,7 @@ ldap_add_ext LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_add_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -645,13 +660,13 @@ ldap_add_ext_s LDAP_P(( LDAPControl **serverctrls, LDAPControl **clientctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_add LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **attrs )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_add_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -661,7 +676,7 @@ ldap_add_s LDAP_P(( /* deprecated */ /* * in sasl.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_sasl_bind LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -671,7 +686,7 @@ ldap_sasl_bind LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_negotiated_sasl_bind_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, /* usually NULL */ @@ -682,7 +697,7 @@ ldap_negotiated_sasl_bind_s LDAP_P(( LDAPControl **serverControls, LDAPControl **clientControls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_sasl_bind_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -692,7 +707,7 @@ ldap_sasl_bind_s LDAP_P(( LDAPControl **clientctrls, struct berval **servercredp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_sasl_bind_result LDAP_P(( LDAP *ld, LDAPMessage *res, @@ -703,14 +718,14 @@ ldap_parse_sasl_bind_result LDAP_P(( * in bind.c: * (deprecated) */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_bind LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *passwd, int authmethod )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_bind_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who, @@ -720,13 +735,13 @@ ldap_bind_s LDAP_P(( /* deprecated */ /* * in sbind.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_simple_bind LDAP_P(( LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *passwd )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_simple_bind_s LDAP_P(( LDAP *ld, LDAP_CONST char *who, @@ -737,27 +752,27 @@ ldap_simple_bind_s LDAP_P(( * in kbind.c: * (deprecated) */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_kerberos_bind_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_kerberos_bind1 LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_kerberos_bind1_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_kerberos_bind2 LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_kerberos_bind2_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *who )); @@ -766,32 +781,32 @@ ldap_kerberos_bind2_s LDAP_P(( /* deprecated */ * in cache.c * (deprecated) */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_enable_cache LDAP_P(( LDAP *ld, long timeout, ber_len_t maxmem )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_disable_cache LDAP_P(( LDAP *ld )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_set_cache_options LDAP_P(( LDAP *ld, unsigned long opts )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_destroy_cache LDAP_P(( LDAP *ld )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_flush_cache LDAP_P(( LDAP *ld )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_uncache_entry LDAP_P(( LDAP *ld, LDAP_CONST char *dn )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_uncache_request LDAP_P(( LDAP *ld, int msgid )); /* * in compare.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_compare_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -801,7 +816,7 @@ ldap_compare_ext LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_compare_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -810,14 +825,14 @@ ldap_compare_ext_s LDAP_P(( LDAPControl **serverctrls, LDAPControl **clientctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_compare LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *attr, LDAP_CONST char *value )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_compare_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -828,7 +843,7 @@ ldap_compare_s LDAP_P(( /* deprecated */ /* * in delete.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_delete_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -836,19 +851,19 @@ ldap_delete_ext LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_delete_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, LDAPControl **serverctrls, LDAPControl **clientctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_delete LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_delete_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn )); @@ -857,7 +872,7 @@ ldap_delete_s LDAP_P(( /* deprecated */ /* * in error.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_result LDAP_P(( LDAP *ld, LDAPMessage *res, @@ -868,17 +883,17 @@ ldap_parse_result LDAP_P(( LDAPControl ***serverctrls, int freeit )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_err2string LDAP_P(( int err )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_result2error LDAP_P(( /* deprecated */ LDAP *ld, LDAPMessage *r, int freeit )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_perror LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *s )); @@ -887,7 +902,7 @@ ldap_perror LDAP_P(( /* deprecated */ /* * in modify.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modify_ext LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -896,7 +911,7 @@ ldap_modify_ext LDAP_P(( LDAPControl **clientctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modify_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -904,13 +919,13 @@ ldap_modify_ext_s LDAP_P(( LDAPControl **serverctrls, LDAPControl **clientctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modify LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modify_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -920,7 +935,7 @@ ldap_modify_s LDAP_P(( /* deprecated */ /* * in modrdn.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_rename LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -931,7 +946,7 @@ ldap_rename LDAP_P(( LDAPControl **cctrls, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_rename_s LDAP_P(( LDAP *ld, LDAP_CONST char *dn, @@ -941,7 +956,7 @@ ldap_rename_s LDAP_P(( LDAPControl **sctrls, LDAPControl **cctrls )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_rename2 LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -949,7 +964,7 @@ ldap_rename2 LDAP_P(( /* deprecated */ LDAP_CONST char *newSuperior, int deleteoldrdn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_rename2_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -957,26 +972,26 @@ ldap_rename2_s LDAP_P(( /* deprecated */ LDAP_CONST char *newSuperior, int deleteoldrdn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modrdn LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modrdn_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modrdn2 LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *newrdn, int deleteoldrdn )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_modrdn2_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *dn, @@ -987,26 +1002,26 @@ ldap_modrdn2_s LDAP_P(( /* deprecated */ /* * in open.c: */ -LIBLDAP_F( LDAP *) +LDAP_F( LDAP *) ldap_init LDAP_P(( LDAP_CONST char *host, int port )); -LIBLDAP_F( LDAP *) +LDAP_F( LDAP *) ldap_open LDAP_P(( /* deprecated */ LDAP_CONST char *host, int port )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_create LDAP_P(( LDAP **ldp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_initialize LDAP_P(( LDAP **ldp, LDAP_CONST char *url )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_start_tls_s LDAP_P(( LDAP *ld, LDAPControl **serverctrls, @@ -1015,17 +1030,17 @@ ldap_start_tls_s LDAP_P(( /* * in messages.c: */ -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_first_message LDAP_P(( LDAP *ld, LDAPMessage *chain )); -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_next_message LDAP_P(( LDAP *ld, LDAPMessage *msg )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_count_messages LDAP_P(( LDAP *ld, LDAPMessage *chain )); @@ -1034,22 +1049,22 @@ ldap_count_messages LDAP_P(( /* * in references.c: */ -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_first_reference LDAP_P(( LDAP *ld, LDAPMessage *chain )); -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_next_reference LDAP_P(( LDAP *ld, LDAPMessage *ref )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_count_references LDAP_P(( LDAP *ld, LDAPMessage *chain )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_reference LDAP_P(( LDAP *ld, LDAPMessage *ref, @@ -1061,22 +1076,22 @@ ldap_parse_reference LDAP_P(( /* * in getentry.c: */ -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_first_entry LDAP_P(( LDAP *ld, LDAPMessage *chain )); -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_next_entry LDAP_P(( LDAP *ld, LDAPMessage *entry )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_count_entries LDAP_P(( LDAP *ld, LDAPMessage *chain )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_get_entry_controls LDAP_P(( LDAP *ld, LDAPMessage *entry, @@ -1086,12 +1101,12 @@ ldap_get_entry_controls LDAP_P(( /* * in addentry.c */ -LIBLDAP_F( LDAPMessage *) +LDAP_F( LDAPMessage *) ldap_delete_result_entry LDAP_P(( LDAPMessage **list, LDAPMessage *e )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_add_result_entry LDAP_P(( LDAPMessage **list, LDAPMessage *e )); @@ -1100,53 +1115,41 @@ ldap_add_result_entry LDAP_P(( /* * in getdn.c */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_get_dn LDAP_P(( LDAP *ld, LDAPMessage *entry )); -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_dn2ufn LDAP_P(( LDAP_CONST char *dn )); -LIBLDAP_F( char ** ) +LDAP_F( char ** ) ldap_explode_dn LDAP_P(( LDAP_CONST char *dn, int notypes )); -LIBLDAP_F( char ** ) +LDAP_F( char ** ) ldap_explode_rdn LDAP_P(( LDAP_CONST char *rdn, int notypes )); -LIBLDAP_F( char * ) -ldap_parent_dn LDAP_P(( - LDAP_CONST char *dn )); - -LIBLDAP_F( char * ) -ldap_relative_dn LDAP_P(( - LDAP_CONST char *dn )); - -LIBLDAP_F( char * ) -ldap_normalize_dn LDAP_P(( - LDAP_CONST char *dn )); - -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_dn2dcedn LDAP_P(( LDAP_CONST char *dn )); /* deprecated */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_dcedn2dn LDAP_P(( LDAP_CONST char *dce )); /* deprecated */ /* * in getattr.c */ -LIBLDAP_F( char *) +LDAP_F( char *) ldap_first_attribute LDAP_P(( LDAP *ld, LDAPMessage *entry, BerElement **ber )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_next_attribute LDAP_P(( LDAP *ld, LDAPMessage *entry, @@ -1156,38 +1159,38 @@ ldap_next_attribute LDAP_P(( /* * in getvalues.c */ -LIBLDAP_F( char **) +LDAP_F( char **) ldap_get_values LDAP_P(( LDAP *ld, LDAPMessage *entry, LDAP_CONST char *target )); -LIBLDAP_F( struct berval **) +LDAP_F( struct berval **) ldap_get_values_len LDAP_P(( LDAP *ld, LDAPMessage *entry, LDAP_CONST char *target )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_count_values LDAP_P(( char **vals )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_count_values_len LDAP_P(( struct berval **vals )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_value_free LDAP_P(( char **vals )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_value_free_len LDAP_P(( struct berval **vals )); /* * in result.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_result LDAP_P(( LDAP *ld, int msgid, @@ -1195,19 +1198,19 @@ ldap_result LDAP_P(( struct timeval *timeout, LDAPMessage **result )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_msgtype LDAP_P(( LDAPMessage *lm )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_msgid LDAP_P(( LDAPMessage *lm )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_msgfree LDAP_P(( LDAPMessage *lm )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_msgdelete LDAP_P(( LDAP *ld, int msgid )); @@ -1216,7 +1219,7 @@ ldap_msgdelete LDAP_P(( /* * in search.c: */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_search_ext LDAP_P(( LDAP *ld, LDAP_CONST char *base, @@ -1230,7 +1233,7 @@ ldap_search_ext LDAP_P(( int sizelimit, int *msgidp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_search_ext_s LDAP_P(( LDAP *ld, LDAP_CONST char *base, @@ -1244,7 +1247,7 @@ ldap_search_ext_s LDAP_P(( int sizelimit, LDAPMessage **res )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_search LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *base, @@ -1253,7 +1256,7 @@ ldap_search LDAP_P(( /* deprecated */ char **attrs, int attrsonly )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_search_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *base, @@ -1263,7 +1266,7 @@ ldap_search_s LDAP_P(( /* deprecated */ int attrsonly, LDAPMessage **res )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_search_st LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *base, @@ -1279,7 +1282,7 @@ ldap_search_st LDAP_P(( /* deprecated */ * in ufn.c * (deprecated) */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_ufn_search_c LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *ufn, @@ -1289,7 +1292,7 @@ ldap_ufn_search_c LDAP_P(( /* deprecated */ int (*cancelproc)( void *cl ), void *cancelparm )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_ufn_search_ct LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *ufn, @@ -1302,7 +1305,7 @@ ldap_ufn_search_ct LDAP_P(( /* deprecated */ char *tag2, char *tag3 )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_ufn_search_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *ufn, @@ -1310,17 +1313,17 @@ ldap_ufn_search_s LDAP_P(( /* deprecated */ int attrsonly, LDAPMessage **res )); -LIBLDAP_F( LDAPFiltDesc *) +LDAP_F( LDAPFiltDesc *) ldap_ufn_setfilter LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *fname )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_ufn_setprefix LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *prefix )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_ufn_timeout LDAP_P(( /* deprecated */ void *tvparam )); @@ -1328,21 +1331,21 @@ ldap_ufn_timeout LDAP_P(( /* deprecated */ /* * in unbind.c */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_unbind LDAP_P(( /* deprecated */ LDAP *ld )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_unbind_s LDAP_P(( /* deprecated */ LDAP *ld )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_unbind_ext LDAP_P(( LDAP *ld, LDAPControl **serverctrls, LDAPControl **clientctrls)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_unbind_ext_s LDAP_P(( LDAP *ld, LDAPControl **serverctrls, @@ -1352,32 +1355,32 @@ ldap_unbind_ext_s LDAP_P(( * in getfilter.c * (deprecated) */ -LIBLDAP_F( LDAPFiltDesc *) +LDAP_F( LDAPFiltDesc *) ldap_init_getfilter LDAP_P(( /* deprecated */ LDAP_CONST char *fname )); -LIBLDAP_F( LDAPFiltDesc *) +LDAP_F( LDAPFiltDesc *) ldap_init_getfilter_buf LDAP_P(( /* deprecated */ /* LDAP_CONST */ char *buf, ber_len_t buflen )); -LIBLDAP_F( LDAPFiltInfo *) +LDAP_F( LDAPFiltInfo *) ldap_getfirstfilter LDAP_P(( /* deprecated */ LDAPFiltDesc *lfdp, /* LDAP_CONST */ char *tagpat, /* LDAP_CONST */ char *value )); -LIBLDAP_F( LDAPFiltInfo *) +LDAP_F( LDAPFiltInfo *) ldap_getnextfilter LDAP_P(( /* deprecated */ LDAPFiltDesc *lfdp )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_setfilteraffixes LDAP_P(( /* deprecated */ LDAPFiltDesc *lfdp, LDAP_CONST char *prefix, LDAP_CONST char *suffix )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_build_filter LDAP_P(( /* deprecated */ char *buf, ber_len_t buflen, @@ -1393,37 +1396,37 @@ ldap_build_filter LDAP_P(( /* deprecated */ * in free.c */ -LIBLDAP_F( void * ) +LDAP_F( void * ) ldap_memalloc LDAP_P(( ber_len_t s )); -LIBLDAP_F( void * ) +LDAP_F( void * ) ldap_memrealloc LDAP_P(( void* p, ber_len_t s )); -LIBLDAP_F( void * ) +LDAP_F( void * ) ldap_memcalloc LDAP_P(( ber_len_t n, ber_len_t s )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_memfree LDAP_P(( void* p )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_memvfree LDAP_P(( void** v )); -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_strdup LDAP_P(( LDAP_CONST char * )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_getfilter_free LDAP_P(( LDAPFiltDesc *lfdp )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_mods_free LDAP_P(( LDAPMod **mods, int freemods )); @@ -1433,13 +1436,13 @@ ldap_mods_free LDAP_P(( * in friendly.c * (deprecated) */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_friendly_name LDAP_P(( /* deprecated */ LDAP_CONST char *filename, /* LDAP_CONST */ char *uname, LDAPFriendlyMap **map )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_free_friendlymap LDAP_P(( /* deprecated */ LDAPFriendlyMap **map )); @@ -1448,16 +1451,16 @@ ldap_free_friendlymap LDAP_P(( /* deprecated */ * in cldap.c * (deprecated) */ -LIBLDAP_F( LDAP * ) +LDAP_F( LDAP * ) cldap_open LDAP_P(( /* deprecated */ LDAP_CONST char *host, int port )); -LIBLDAP_F( void ) +LDAP_F( void ) cldap_close LDAP_P(( /* deprecated */ LDAP *ld )); -LIBLDAP_F( int ) +LDAP_F( int ) cldap_search_s LDAP_P(( /* deprecated */ LDAP *ld, LDAP_CONST char *base, @@ -1468,7 +1471,7 @@ cldap_search_s LDAP_P(( /* deprecated */ LDAPMessage **res, char *logdn )); -LIBLDAP_F( void ) +LDAP_F( void ) cldap_setretryinfo LDAP_P(( /* deprecated */ LDAP *ld, int tries, @@ -1486,19 +1489,19 @@ typedef int (LDAP_SORT_AV_CMP_PROC) LDAP_P(( LDAP_CONST void *left, LDAP_CONST void *right )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_sort_entries LDAP_P(( LDAP *ld, LDAPMessage **chain, LDAP_CONST char *attr, LDAP_SORT_AD_CMP_PROC *cmp )); -LIBLDAP_F( int ) /* deprecated */ +LDAP_F( int ) /* deprecated */ ldap_sort_values LDAP_P(( LDAP *ld, char **vals, LDAP_SORT_AV_CMP_PROC *cmp )); -LIBLDAP_F( int ) /* deprecated */ +LDAP_F( int ) /* deprecated */ ldap_sort_strcasecmp LDAP_P(( LDAP_CONST void *a, LDAP_CONST void *b )); @@ -1509,41 +1512,41 @@ ldap_sort_strcasecmp LDAP_P(( * * need _ext varients */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_is_ldap_url LDAP_P(( LDAP_CONST char *url )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_is_ldaps_url LDAP_P(( LDAP_CONST char *url )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_is_ldapi_url LDAP_P(( LDAP_CONST char *url )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_url_parse LDAP_P(( LDAP_CONST char *url, LDAPURLDesc **ludpp )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_free_urldesc LDAP_P(( LDAPURLDesc *ludp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_url_search LDAP_P(( LDAP *ld, LDAP_CONST char *url, int attrsonly )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_url_search_s LDAP_P(( LDAP *ld, LDAP_CONST char *url, int attrsonly, LDAPMessage **res )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_url_search_st LDAP_P(( LDAP *ld, LDAP_CONST char *url, @@ -1563,23 +1566,23 @@ typedef struct ldapsortkey { int reverseOrder; } LDAPSortKey; -LIBLDAP_F( int ) +LDAP_F( int ) ldap_create_sort_keylist LDAP_P(( LDAPSortKey ***sortKeyList, char *keyString )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_free_sort_keylist LDAP_P(( LDAPSortKey **sortkeylist )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_create_sort_control LDAP_P(( LDAP *ld, LDAPSortKey **keyList, int ctl_iscritical, LDAPControl **ctrlp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_sort_control LDAP_P(( LDAP *ld, LDAPControl **ctrlp, @@ -1605,13 +1608,13 @@ typedef struct ldapvlvinfo { void *ldvlv_extradata; } LDAPVLVInfo; -LIBLDAP_F( int ) +LDAP_F( int ) ldap_create_vlv_control LDAP_P(( LDAP *ld, LDAPVLVInfo *ldvlistp, LDAPControl **ctrlp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_parse_vlv_control LDAP_P(( LDAP *ld, LDAPControl **ctrls, diff --git a/include/ldap_cdefs.h b/include/ldap_cdefs.h index c4e78b4cc2..5de6308569 100644 --- a/include/ldap_cdefs.h +++ b/include/ldap_cdefs.h @@ -21,7 +21,7 @@ # define LDAP_END_DECL /* end declarations */ #endif -#if !defined(__NO_PROTOTYPES) && ( defined(__NEED_PROTOTYPES) || \ +#if !defined(LDAP_NO_PROTOTYPES) && ( defined(LDAP_NEEDS_PROTOTYPES) || \ defined(__STDC__) || defined(__cplusplus) || defined(c_plusplus) ) /* ANSI C or C++ */ @@ -57,6 +57,24 @@ /* Support for NT dynamic libraries. */ +/* LBER library */ +#if defined(LBER_DECL) && defined(_WIN32) +# define LBER_F(type) extern __declspec(LBER_DECL) type +# define LBER_V(type) extern __declspec(LBER_DECL) type +#else +# define LBER_F(type) extern type +# define LBER_V(type) extern type +#endif + +/* LDAP library */ +#if defined(LDAP_DECL) && defined(_WIN32) +# define LDAP_F(type) extern __declspec(LDAP_DECL) type +# define LDAP_V(type) extern __declspec(LDAP_DECL) type +#else +# define LDAP_F(type) extern type +# define LDAP_V(type) extern type +#endif + /* * C library. Mingw32 links with the C run-time library by default, * so the explicit definition of CSTATIC will keep dllimport from @@ -64,58 +82,65 @@ */ #if (defined(__MINGW32__) && !defined(CSTATIC) || \ defined(_WIN32) && defined(_DLL)) -# define LIBC_F(type) extern __declspec(dllimport) type +# define LDAP_LIBC_F(type) extern __declspec(dllimport) type +# define LDAP_LIBC_V(type) extern __declspec(dllimport) type #else -# define LIBC_F(type) extern type +# define LDAP_LIBC_F(type) extern type +# define LDAP_LIBC_V(type) extern type #endif /* AVL library */ -#if defined(LIBAVL_DECL) && defined(_WIN32) -# define LIBAVL_F(type) extern __declspec(LIBAVL_DECL) type +#if defined(LDAP_AVL_DECL) && defined(_WIN32) +# define LDAP_AVL_F(type) extern __declspec(LDAP_AVL_DECL) type +# define LDAP_AVL_V(type) extern __declspec(LDAP_AVL_DECL) type #else -# define LIBAVL_F(type) extern type +# define LDAP_AVL_F(type) extern type +# define LDAP_AVL_V(type) extern type #endif -/* LBER library */ -#if defined(LIBLBER_DECL) && defined(_WIN32) -# define LIBLBER_F(type) extern __declspec(LIBLBER_DECL) type -#else -# define LIBLBER_F(type) extern type -#endif - -/* LDAP library */ -#if defined(LIBLDAP_DECL) && defined(_WIN32) -# define LIBLDAP_F(type) extern __declspec(LIBLDAP_DECL) type +/* LDBM library */ +#if defined(LDAP_LDBM_DECL) && defined(_WIN32) +# define LDAP_LDBM_F(type) extern __declspec(LDAP_LDBM_DECL) type +# define LDAP_LDBM_V(type) extern __declspec(LDAP_LDBM_DECL) type #else -# define LIBLDAP_F(type) extern type +# define LDAP_LDBM_F(type) extern type +# define LDAP_LDBM_V(type) extern type #endif -/* LDBM library */ -#if defined(LIBLDBM_DECL) && defined(_WIN32) -# define LIBLDBM_F(type) extern __declspec(LIBLDBM_DECL) type +/* LDIF library */ +#if defined(LDAP_LDIF_DECL) && defined(_WIN32) +# define LDAP_LDIF_F(type) extern __declspec(LDAP_LDIF_DECL) type +# define LDAP_LDIF_V(type) extern __declspec(LDAP_LDIF_DECL) type #else -# define LIBLDBM_F(type) extern type +# define LDAP_LDIF_F(type) extern type +# define LDAP_LDIF_V(type) extern type #endif -/* LDIF library */ -#if defined(LIBLDIF_DECL) && defined(_WIN32) -# define LIBLDIF_F(type) extern __declspec(LIBLDIF_DECL) type +/* LUNICODE library */ +#if defined(LDAP_LUNICODE_DECL) && defined(_WIN32) +# define LDAP_LUNICODE_F(type) extern __declspec(LDAP_LUNICODE_DECL) type +# define LDAP_LUNICODE_V(type) extern __declspec(LDAP_LUNICODE_DECL) type #else -# define LIBLDIF_F(type) extern type +# define LDAP_LUNICODE_F(type) extern type +# define LDAP_LUNICODE_V(type) extern type #endif /* LUTIL library */ -#if defined(LIBLUTIL_DECL) && defined(_WIN32) -# define LIBLUTIL_F(type) extern __declspec(LIBLUTIL_DECL) type +#if defined(LDAP_LUTIL_DECL) && defined(_WIN32) +# define LDAP_LUTIL_F(type) extern __declspec(LDAP_LUTIL_DECL) type +# define LDAP_LUTIL_V(type) extern __declspec(LDAP_LUTIL_DECL) type #else -# define LIBLUTIL_F(type) extern type +# define LDAP_LUTIL_F(type) extern type +# define LDAP_LUTIL_V(type) extern type #endif /* SLAPD (as a module exporting symbols) */ -#if defined(LIBSLAPD_DECL) && defined(_WIN32) -# define LIBSLAPD_F(type) extern __declspec(LIBSLAPD_DECL) type +#if defined(LDAP_SLAPD_DECL) && defined(_WIN32) +# define LDAP_SLAPD_F(type) extern __declspec(LDAP_SLAPD_DECL) type +# define LDAP_SLAPD_V(type) extern __declspec(LDAP_SLAPD_DECL) type #else -# define LIBSLAPD_F(type) extern type +# define LDAP_SLAPD_F(type) extern type +# define LDAP_SLAPD_V(type) extern type #endif #endif /* _LDAP_CDEFS_H */ diff --git a/include/ldap_config.h.in b/include/ldap_config.h.in index 63b604f6ea..b0167e24b2 100644 --- a/include/ldap_config.h.in +++ b/include/ldap_config.h.in @@ -26,6 +26,17 @@ #endif #endif +/* directory for temporary files */ +#if defined( _P_tmpdir ) +# define LDAP_TMPDIR _P_tmpdir +#elif defined( P_tmpdir ) +# define LDAP_TMPDIR P_tmpdir +#elif defined( _PATH_TMPDIR ) +# define LDAP_TMPDIR _PATH_TMPDIR +#else +# define LDAP_TMPDIR LDAP_DIRSEP "tmp" +#endif + /* directories */ #ifndef LDAP_BINDIR #define LDAP_BINDIR "%BINDIR%" diff --git a/include/ldap_config.nt b/include/ldap_config.nt index cee39be0b4..f19eb38016 100644 --- a/include/ldap_config.nt +++ b/include/ldap_config.nt @@ -22,6 +22,13 @@ #define LDAP_DIRSEP "\\" #endif +/* directory for temporary files */ +#if defined( _P_tmpdir ) +#define LDAP_TMPDIR _P_tmpdir +#else +#define LDAP_TMPDIR "\\" +#endif + /* directories */ #ifndef LDAP_PREFIX #define LDAP_PREFIX "C:\\OpenLDAP" diff --git a/include/ldap_defaults.h b/include/ldap_defaults.h index 0d0919ff8c..c02734465d 100644 --- a/include/ldap_defaults.h +++ b/include/ldap_defaults.h @@ -35,6 +35,11 @@ #define LDAP_USERRC_FILE "ldaprc" #define LDAP_ENV_PREFIX "LDAP" +/* default ldapi:// socket */ +#define LDAPI_SOCK LDAP_TMPDIR LDAP_DIRSEP ".ldapi_sock" + +/* default file: URI prefix */ +#define LDAP_FILE_URI_PREFIX "file://" LDAP_TMPDIR LDAP_DIRSEP /* * SHARED DEFINITIONS - other things you can change diff --git a/include/ldap_int_thread.h b/include/ldap_int_thread.h index f89afb55a4..4f398498de 100644 --- a/include/ldap_int_thread.h +++ b/include/ldap_int_thread.h @@ -187,10 +187,10 @@ LDAP_END_DECL LDAP_BEGIN_DECL -LIBLDAP_F(int) ldap_int_thread_initialize LDAP_P(( void )); -LIBLDAP_F(int) ldap_int_thread_destroy LDAP_P(( void )); -LIBLDAP_F(int) ldap_int_thread_pool_startup ( void ); -LIBLDAP_F(int) ldap_int_thread_pool_shutdown ( void ); +LDAP_F(int) ldap_int_thread_initialize LDAP_P(( void )); +LDAP_F(int) ldap_int_thread_destroy LDAP_P(( void )); +LDAP_F(int) ldap_int_thread_pool_startup ( void ); +LDAP_F(int) ldap_int_thread_pool_shutdown ( void ); #ifndef LDAP_THREAD_HAVE_TPOOL typedef struct ldap_int_thread_pool_s * ldap_int_thread_pool_t; diff --git a/include/ldap_log.h b/include/ldap_log.h index 1ba0b42d68..d52358d430 100644 --- a/include/ldap_log.h +++ b/include/ldap_log.h @@ -78,7 +78,7 @@ extern int ldap_syslog_level; #define Debug( level, fmt, arg1, arg2, arg3 ) #endif /* LDAP_DEBUG */ -LIBLUTIL_F(void) lutil_debug LDAP_P(( +LDAP_LUTIL_F(void) lutil_debug LDAP_P(( int debug, int level, const char* fmt, ... )) LDAP_GCCATTR((format(printf, 3, 4))); diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h index 7107c9b8ec..f6eeb6f379 100644 --- a/include/ldap_pvt.h +++ b/include/ldap_pvt.h @@ -25,27 +25,27 @@ LDAP_BEGIN_DECL #define LDAP_PROTO_UDP 2 #define LDAP_PROTO_IPC 3 -LIBLDAP_F ( int ) +LDAP_F ( int ) ldap_pvt_url_scheme2proto LDAP_P(( const char * )); -LIBLDAP_F ( int ) +LDAP_F ( int ) ldap_pvt_url_scheme2tls LDAP_P(( const char * )); -LIBLDAP_F ( int ) +LDAP_F ( int ) ldap_pvt_domain2dn LDAP_P(( LDAP_CONST char *domain, char **dn )); struct hostent; /* avoid pulling in */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_pvt_ctime LDAP_P(( const time_t *tp, char *buf )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_gethostbyname_a LDAP_P(( const char *name, struct hostent *resbuf, @@ -53,7 +53,7 @@ ldap_pvt_gethostbyname_a LDAP_P(( struct hostent **result, int *herrno_ptr )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_gethostbyaddr_a LDAP_P(( const char *addr, int len, @@ -66,40 +66,40 @@ ldap_pvt_gethostbyaddr_a LDAP_P(( /* charray.c */ -LIBLDAP_F( int ) +LDAP_F( int ) ldap_charray_add LDAP_P(( char ***a, char *s )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_charray_merge LDAP_P(( char ***a, char **s )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_charray_free LDAP_P(( char **a )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_charray_inlist LDAP_P(( char **a, char *s )); -LIBLDAP_F( char ** ) +LDAP_F( char ** ) ldap_charray_dup LDAP_P(( char **a )); -LIBLDAP_F( char ** ) +LDAP_F( char ** ) ldap_str2charray LDAP_P(( const char *str, const char *brkstr )); /* url.c */ -LIBLDAP_F (void) ldap_pvt_hex_unescape LDAP_P(( char *s )); -LIBLDAP_F (int) ldap_pvt_unhex( int c ); +LDAP_F (void) ldap_pvt_hex_unescape LDAP_P(( char *s )); +LDAP_F (int) ldap_pvt_unhex( int c ); /* these macros assume 'x' is an ASCII x */ #define LDAP_DNSEPARATOR(c) ((c) == ',' || (c) == ';') #define LDAP_SEPARATOR(c) ((c) == ',' || (c) == ';' || (c) == '+') -#define LDAP_SPACE(c) ((c) == ' ' || (c) == '\n') +#define LDAP_SPACE(c) ((c) == ' ' || (c) == '\t' || (c) == '\n') #define LDAP_LOWER(c) ( (c) >= 'a' && (c) <= 'z' ) #define LDAP_UPPER(c) ( (c) >= 'A' && (c) <= 'Z' ) @@ -113,55 +113,56 @@ LIBLDAP_F (int) ldap_pvt_unhex( int c ); #define LDAP_OIDCHAR(c) ( LDAP_DIGIT(c) || (c) == '.' ) #define LDAP_LEADATTRCHAR(c) ( LDAP_LEADKEYCHAR(c) || LDAP_LEADOIDCHAR(c) ) -#define LDAP_ATTRCHAR(c) ( LDAP_KEYCHAR((c)) || (c) == '.' ) +#define LDAP_ATTRCHAR(c) ( LDAP_KEYCHAR(c) || LDAP_OIDCHAR(c) ) #define LDAP_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"') #ifdef HAVE_CYRUS_SASL /* sasl.c */ - +LDAP_END_DECL #include #include +LDAP_BEGIN_DECL -LIBLDAP_F (int) ldap_pvt_sasl_init LDAP_P(( void )); /* clientside init */ -LIBLDAP_F (int) ldap_pvt_sasl_install LDAP_P(( Sockbuf *, void * )); -LIBLDAP_F (int) ldap_pvt_sasl_bind LDAP_P(( LDAP *, LDAP_CONST char *, +LDAP_F (int) ldap_pvt_sasl_init LDAP_P(( void )); /* clientside init */ +LDAP_F (int) ldap_pvt_sasl_install LDAP_P(( Sockbuf *, void * )); +LDAP_F (int) ldap_pvt_sasl_bind LDAP_P(( LDAP *, LDAP_CONST char *, LDAP_CONST char *, LDAP_CONST sasl_callback_t *, LDAPControl **, LDAPControl ** )); -LIBLDAP_F (int) ldap_pvt_sasl_get_option LDAP_P(( LDAP *ld, int option, +LDAP_F (int) ldap_pvt_sasl_get_option LDAP_P(( LDAP *ld, int option, void *arg )); -LIBLDAP_F (int) ldap_pvt_sasl_set_option LDAP_P(( LDAP *ld, int option, +LDAP_F (int) ldap_pvt_sasl_set_option LDAP_P(( LDAP *ld, int option, void *arg )); #endif /* HAVE_CYRUS_SASL */ /* search.c */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_pvt_find_wildcard LDAP_P(( const char *s )); -LIBLDAP_F( ber_slen_t ) +LDAP_F( ber_slen_t ) ldap_pvt_filter_value_unescape LDAP_P(( char *filter )); /* string.c */ -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_pvt_str2upper LDAP_P(( char *str )); -LIBLDAP_F( char * ) +LDAP_F( char * ) ldap_pvt_str2lower LDAP_P(( char *str )); /* tls.c */ struct ldapoptions; struct ldap; -LIBLDAP_F (int) ldap_pvt_tls_init LDAP_P(( void )); -LIBLDAP_F (int) ldap_pvt_tls_config LDAP_P(( struct ldapoptions *lo, int option, const char *arg )); -LIBLDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, void *ctx_arg )); -LIBLDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg )); -LIBLDAP_F (int) ldap_pvt_tls_get_option LDAP_P(( struct ldapoptions *lo, int option, void *arg )); -LIBLDAP_F (int) ldap_pvt_tls_set_option LDAP_P(( struct ldapoptions *lo, int option, void *arg )); -LIBLDAP_F (void *) ldap_pvt_tls_sb_handle LDAP_P(( Sockbuf *sb )); -LIBLDAP_F (void *) ldap_pvt_tls_get_handle LDAP_P(( struct ldap *ld )); -LIBLDAP_F (int) ldap_pvt_tls_inplace LDAP_P(( Sockbuf *sb )); -LIBLDAP_F (int) ldap_pvt_tls_start LDAP_P(( struct ldap *ld, Sockbuf *sb, void *ctx_arg )); +LDAP_F (int) ldap_pvt_tls_init LDAP_P(( void )); +LDAP_F (int) ldap_pvt_tls_config LDAP_P(( struct ldapoptions *lo, int option, const char *arg )); +LDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, void *ctx_arg )); +LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg )); +LDAP_F (int) ldap_pvt_tls_get_option LDAP_P(( struct ldapoptions *lo, int option, void *arg )); +LDAP_F (int) ldap_pvt_tls_set_option LDAP_P(( struct ldapoptions *lo, int option, void *arg )); +LDAP_F (void *) ldap_pvt_tls_sb_handle LDAP_P(( Sockbuf *sb )); +LDAP_F (void *) ldap_pvt_tls_get_handle LDAP_P(( struct ldap *ld )); +LDAP_F (int) ldap_pvt_tls_inplace LDAP_P(( Sockbuf *sb )); +LDAP_F (int) ldap_pvt_tls_start LDAP_P(( struct ldap *ld, Sockbuf *sb, void *ctx_arg )); /* * UTF-8 (in utf-8.c) @@ -172,39 +173,39 @@ typedef short ldap_ucs2_t; typedef ldap_ucs2_t ldap_unicode_t; /* returns the number of bytes in the UTF-8 string */ -LIBLDAP_F (ber_len_t) ldap_utf8_bytes( const char * ); +LDAP_F (ber_len_t) ldap_utf8_bytes( const char * ); /* returns the number of UTF-8 characters in the string */ -LIBLDAP_F (ber_len_t) ldap_utf8_chars( const char * ); +LDAP_F (ber_len_t) ldap_utf8_chars( const char * ); /* returns the length (in bytes) of the UTF-8 character */ -LIBLDAP_F (int) ldap_utf8_offset( const char * ); +LDAP_F (int) ldap_utf8_offset( const char * ); /* returns the length (in bytes) indicated by the UTF-8 character */ -LIBLDAP_F (int) ldap_utf8_charlen( const char * ); +LDAP_F (int) ldap_utf8_charlen( const char * ); /* copies a UTF-8 character and returning number of bytes copied */ -LIBLDAP_F (int) ldap_utf8_copy( char *, const char *); +LDAP_F (int) ldap_utf8_copy( char *, const char *); /* returns pointer of next UTF-8 character in string */ -LIBLDAP_F (char*) ldap_utf8_next( const char * ); +LDAP_F (char*) ldap_utf8_next( const char * ); /* returns pointer of previous UTF-8 character in string */ -LIBLDAP_F (char*) ldap_utf8_prev( const char * ); +LDAP_F (char*) ldap_utf8_prev( const char * ); /* primitive ctype routines -- not aware of non-ascii characters */ -LIBLDAP_F (int) ldap_utf8_isascii( const char * ); -LIBLDAP_F (int) ldap_utf8_isalpha( const char * ); -LIBLDAP_F (int) ldap_utf8_isalnum( const char * ); -LIBLDAP_F (int) ldap_utf8_isdigit( const char * ); -LIBLDAP_F (int) ldap_utf8_isxdigit( const char * ); -LIBLDAP_F (int) ldap_utf8_isspace( const char * ); +LDAP_F (int) ldap_utf8_isascii( const char * ); +LDAP_F (int) ldap_utf8_isalpha( const char * ); +LDAP_F (int) ldap_utf8_isalnum( const char * ); +LDAP_F (int) ldap_utf8_isdigit( const char * ); +LDAP_F (int) ldap_utf8_isxdigit( const char * ); +LDAP_F (int) ldap_utf8_isspace( const char * ); /* span characters not in set, return bytes spanned */ -LIBLDAP_F (ber_len_t) ldap_utf8_strcspn( const char* str, const char *set); +LDAP_F (ber_len_t) ldap_utf8_strcspn( const char* str, const char *set); /* span characters in set, return bytes spanned */ -LIBLDAP_F (ber_len_t) ldap_utf8_strspn( const char* str, const char *set); +LDAP_F (ber_len_t) ldap_utf8_strspn( const char* str, const char *set); /* return first occurance of character in string */ -LIBLDAP_F (char *) ldap_utf8_strchr( const char* str, const char *chr); +LDAP_F (char *) ldap_utf8_strchr( const char* str, const char *chr); /* return first character of set in string */ -LIBLDAP_F (char *) ldap_utf8_strpbrk( const char* str, const char *set); +LDAP_F (char *) ldap_utf8_strpbrk( const char* str, const char *set); /* reentrant tokenizer */ -LIBLDAP_F (char*) ldap_utf8_strtok( char* sp, const char* sep, char **last); +LDAP_F (char*) ldap_utf8_strtok( char* sp, const char* sep, char **last); /* Optimizations */ #define LDAP_UTF8_ISASCII(p) ( * (const unsigned char *) (p) < 0x100 ) diff --git a/include/ldap_pvt_thread.h b/include/ldap_pvt_thread.h index 23df121b1e..5b65406731 100644 --- a/include/ldap_pvt_thread.h +++ b/include/ldap_pvt_thread.h @@ -22,111 +22,111 @@ typedef ldap_int_thread_t ldap_pvt_thread_t; typedef ldap_int_thread_mutex_t ldap_pvt_thread_mutex_t; typedef ldap_int_thread_cond_t ldap_pvt_thread_cond_t; -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_initialize LDAP_P(( void )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_destroy LDAP_P(( void )); -LIBLDAP_F( unsigned int ) +LDAP_F( unsigned int ) ldap_pvt_thread_sleep LDAP_P(( unsigned int s )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_get_concurrency LDAP_P(( void )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_set_concurrency LDAP_P(( int )); #define LDAP_PVT_THREAD_CREATE_JOINABLE 0 #define LDAP_PVT_THREAD_CREATE_DETACHED 1 -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_create LDAP_P(( ldap_pvt_thread_t * thread, int detach, void *(*start_routine)( void * ), void *arg)); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_pvt_thread_exit LDAP_P(( void *retval )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_join LDAP_P(( ldap_pvt_thread_t thread, void **status )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_kill LDAP_P(( ldap_pvt_thread_t thread, int signo )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_yield LDAP_P(( void )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_cond_init LDAP_P(( ldap_pvt_thread_cond_t *cond )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_cond_destroy LDAP_P(( ldap_pvt_thread_cond_t *cond )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_cond_signal LDAP_P(( ldap_pvt_thread_cond_t *cond )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_cond_broadcast LDAP_P(( ldap_pvt_thread_cond_t *cond )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_cond_wait LDAP_P(( ldap_pvt_thread_cond_t *cond, ldap_pvt_thread_mutex_t *mutex )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_mutex_init LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_mutex_destroy LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_mutex_lock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_mutex_trylock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_mutex_unlock LDAP_P(( ldap_pvt_thread_mutex_t *mutex )); #ifndef LDAP_THREAD_HAVE_RDWR typedef struct ldap_int_thread_rdwr_s * ldap_pvt_thread_rdwr_t; #endif -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_init LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_destroy LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_rlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_rtrylock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_runlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_wlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_wtrylock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_wunlock LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); #ifdef LDAP_DEBUG -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_readers LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_writers LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_rdwr_active LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); #endif /* LDAP_DEBUG */ @@ -135,23 +135,23 @@ ldap_pvt_thread_rdwr_active LDAP_P((ldap_pvt_thread_rdwr_t *rdwrp)); typedef ldap_int_thread_pool_t ldap_pvt_thread_pool_t; -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_pool_init LDAP_P(( ldap_pvt_thread_pool_t *pool_out, int max_concurrency, int max_pending )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_pool_submit LDAP_P(( ldap_pvt_thread_pool_t *pool, void *(*start_routine)( void * ), void *arg )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_pool_backload LDAP_P(( ldap_pvt_thread_pool_t *pool )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_pvt_thread_pool_destroy LDAP_P(( ldap_pvt_thread_pool_t *pool, int run_pending )); diff --git a/include/ldap_schema.h b/include/ldap_schema.h index ec29616445..e6933d9d22 100644 --- a/include/ldap_schema.h +++ b/include/ldap_schema.h @@ -107,83 +107,83 @@ typedef struct ldap_objectclass { #define LDAP_SCHEMA_ALLOW_DESCR_PREFIX 0x08 /* Allow descr as OID prefix */ #define LDAP_SCHEMA_ALLOW_ALL 0x0f /* Be very liberal in parsing */ -LIBLDAP_F( LDAP_CONST char * ) +LDAP_F( LDAP_CONST char * ) ldap_syntax2name LDAP_P(( LDAP_SYNTAX * syn )); -LIBLDAP_F( LDAP_CONST char * ) +LDAP_F( LDAP_CONST char * ) ldap_matchingrule2name LDAP_P(( LDAP_MATCHING_RULE * mr )); -LIBLDAP_F( LDAP_CONST char * ) +LDAP_F( LDAP_CONST char * ) ldap_attributetype2name LDAP_P(( LDAP_ATTRIBUTE_TYPE * at )); -LIBLDAP_F( LDAP_CONST char * ) +LDAP_F( LDAP_CONST char * ) ldap_objectclass2name LDAP_P(( LDAP_OBJECT_CLASS * oc )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_syntax_free LDAP_P(( LDAP_SYNTAX * syn )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_matchingrule_free LDAP_P(( LDAP_MATCHING_RULE * mr )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_attributetype_free LDAP_P(( LDAP_ATTRIBUTE_TYPE * at )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_objectclass_free LDAP_P(( LDAP_OBJECT_CLASS * oc )); -LIBLDAP_F( LDAP_OBJECT_CLASS * ) +LDAP_F( LDAP_OBJECT_CLASS * ) ldap_str2objectclass LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST int flags )); -LIBLDAP_F( LDAP_ATTRIBUTE_TYPE * ) +LDAP_F( LDAP_ATTRIBUTE_TYPE * ) ldap_str2attributetype LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST int flags )); -LIBLDAP_F( LDAP_SYNTAX * ) +LDAP_F( LDAP_SYNTAX * ) ldap_str2syntax LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST int flags )); -LIBLDAP_F( LDAP_MATCHING_RULE * ) +LDAP_F( LDAP_MATCHING_RULE * ) ldap_str2matchingrule LDAP_P(( LDAP_CONST char * s, int * code, LDAP_CONST char ** errp, LDAP_CONST int flags )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_objectclass2str LDAP_P(( LDAP_CONST LDAP_OBJECT_CLASS * oc )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_attributetype2str LDAP_P(( LDAP_CONST LDAP_ATTRIBUTE_TYPE * at )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_syntax2str LDAP_P(( LDAP_CONST LDAP_SYNTAX * syn )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_matchingrule2str LDAP_P(( LDAP_CONST LDAP_MATCHING_RULE * mr )); -LIBLDAP_F( char *) +LDAP_F( char *) ldap_scherr2str LDAP_P(( int code )) LDAP_GCCATTR((const)); diff --git a/include/ldbm.h b/include/ldbm.h index 3da50df682..68b143208b 100644 --- a/include/ldbm.h +++ b/include/ldbm.h @@ -236,25 +236,25 @@ LDAP_END_DECL LDAP_BEGIN_DECL -LIBLDBM_F (int) ldbm_initialize( void ); -LIBLDBM_F (int) ldbm_shutdown( void ); - -LIBLDBM_F (int) ldbm_errno( LDBM ldbm ); -LIBLDBM_F (LDBM) ldbm_open( char *name, int rw, int mode, int dbcachesize ); -LIBLDBM_F (void) ldbm_close( LDBM ldbm ); -LIBLDBM_F (void) ldbm_sync( LDBM ldbm ); -LIBLDBM_F (void) ldbm_datum_free( LDBM ldbm, Datum data ); -LIBLDBM_F (Datum) ldbm_datum_dup( LDBM ldbm, Datum data ); -LIBLDBM_F (Datum) ldbm_fetch( LDBM ldbm, Datum key ); -LIBLDBM_F (int) ldbm_store( LDBM ldbm, Datum key, Datum data, int flags ); -LIBLDBM_F (int) ldbm_delete( LDBM ldbm, Datum key ); - -LIBLDBM_F (Datum) ldbm_firstkey( LDBM ldbm, LDBMCursor **cursor ); -LIBLDBM_F (Datum) ldbm_nextkey( LDBM ldbm, Datum key, LDBMCursor *cursor ); +LDAP_LDBM_F (int) ldbm_initialize( void ); +LDAP_LDBM_F (int) ldbm_shutdown( void ); + +LDAP_LDBM_F (int) ldbm_errno( LDBM ldbm ); +LDAP_LDBM_F (LDBM) ldbm_open( char *name, int rw, int mode, int dbcachesize ); +LDAP_LDBM_F (void) ldbm_close( LDBM ldbm ); +LDAP_LDBM_F (void) ldbm_sync( LDBM ldbm ); +LDAP_LDBM_F (void) ldbm_datum_free( LDBM ldbm, Datum data ); +LDAP_LDBM_F (Datum) ldbm_datum_dup( LDBM ldbm, Datum data ); +LDAP_LDBM_F (Datum) ldbm_fetch( LDBM ldbm, Datum key ); +LDAP_LDBM_F (int) ldbm_store( LDBM ldbm, Datum key, Datum data, int flags ); +LDAP_LDBM_F (int) ldbm_delete( LDBM ldbm, Datum key ); + +LDAP_LDBM_F (Datum) ldbm_firstkey( LDBM ldbm, LDBMCursor **cursor ); +LDAP_LDBM_F (Datum) ldbm_nextkey( LDBM ldbm, Datum key, LDBMCursor *cursor ); /* initialization of Datum structures */ #if defined( HAVE_BERKELEY_DB ) && (DB_VERSION_MAJOR >= 2) - LIBLDBM_F (void *) ldbm_malloc( size_t size ); + LDAP_LDBM_F (void *) ldbm_malloc( size_t size ); # define ldbm_datum_init(d) ((void)memset(&(d), '\0', sizeof(Datum))) #else # define ldbm_datum_init(d) ((void)0) diff --git a/include/ldif.h b/include/ldif.h index 2d0ee1de9d..4e67f71eb8 100644 --- a/include/ldif.h +++ b/include/ldif.h @@ -28,7 +28,7 @@ LDAP_BEGIN_DECL /* This is NOT a bogus extern declaration (unlike ldap_debug) */ -LIBLDIF_F (int) ldif_debug; +LDAP_LDIF_V (int) ldif_debug; #define LDIF_LINE_WIDTH 76 /* maximum length of LDIF lines */ @@ -49,23 +49,23 @@ LIBLDIF_F (int) ldif_debug; ((nlen) + 4 + LDIF_BASE64_LEN(vlen) \ + ((LDIF_BASE64_LEN(vlen) + (nlen) + 3) / LDIF_LINE_WIDTH * 2 )) -LIBLDIF_F( int ) +LDAP_LDIF_F( int ) ldif_parse_line LDAP_P(( LDAP_CONST char *line, char **name, char **value, ber_len_t *vlen )); -LIBLDIF_F( int ) +LDAP_LDIF_F( int ) ldif_fetch_url LDAP_P(( LDAP_CONST char *line, char **value, ber_len_t *vlen )); -LIBLDIF_F( char * ) +LDAP_LDIF_F( char * ) ldif_getline LDAP_P(( char **next )); -LIBLDIF_F( int ) +LDAP_LDIF_F( int ) ldif_read_record LDAP_P(( FILE *fp, int *lineno, @@ -83,7 +83,7 @@ ldif_read_record LDAP_P(( #define LDIF_PUT_URL 0x0020 /* url */ #define LDIF_PUT_SEP 0x0040 /* separator */ -LIBLDIF_F( void ) +LDAP_LDIF_F( void ) ldif_sput LDAP_P(( char **out, int type, @@ -91,14 +91,14 @@ ldif_sput LDAP_P(( LDAP_CONST char *val, ber_len_t vlen )); -LIBLDIF_F( char * ) +LDAP_LDIF_F( char * ) ldif_put LDAP_P(( int type, LDAP_CONST char *name, LDAP_CONST char *val, ber_len_t vlen )); -LIBLDIF_F( int ) +LDAP_LDIF_F( int ) ldif_is_not_printable LDAP_P(( LDAP_CONST char *val, ber_len_t vlen )); diff --git a/include/lutil.h b/include/lutil.h index 398f50f2a8..c6a52d8441 100644 --- a/include/lutil.h +++ b/include/lutil.h @@ -30,27 +30,27 @@ LDAP_BEGIN_DECL /* ISC Base64 Routines */ /* base64.c */ -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_b64_ntop LDAP_P(( unsigned char const *, size_t, char *, size_t)); -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_b64_pton LDAP_P(( char const *, unsigned char *, size_t)); /* detach.c */ -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_detach LDAP_P(( int debug, int do_close)); /* entropy.c */ -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_entropy LDAP_P(( char *buf, ber_len_t nbytes )); @@ -58,13 +58,13 @@ lutil_entropy LDAP_P(( /* passwd.c */ struct berval; /* avoid pulling in lber.h */ -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_authpasswd LDAP_P(( const struct berval *passwd, /* stored password */ const struct berval *cred, /* user supplied value */ const char **methods )); -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_authpasswd_hash LDAP_P(( const struct berval *cred, struct berval **passwd, /* password to store */ @@ -73,36 +73,36 @@ lutil_authpasswd_hash LDAP_P(( #if defined( SLAPD_SPASSWD ) && defined( HAVE_CYRUS_SASL ) /* cheat to avoid pulling in */ -LIBLUTIL_F( struct sasl_conn * ) lutil_passwd_sasl_conn; +LDAP_LUTIL_F( struct sasl_conn * ) lutil_passwd_sasl_conn; #endif -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_passwd LDAP_P(( const struct berval *passwd, /* stored password */ const struct berval *cred, /* user supplied value */ const char **methods )); -LIBLUTIL_F( struct berval * ) +LDAP_LUTIL_F( struct berval * ) lutil_passwd_generate LDAP_P(( ber_len_t )); -LIBLUTIL_F( struct berval * ) +LDAP_LUTIL_F( struct berval * ) lutil_passwd_hash LDAP_P(( const struct berval *passwd, const char *method )); -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_passwd_scheme LDAP_P(( const char *scheme )); /* utils.c */ -LIBLUTIL_F( char* ) +LDAP_LUTIL_F( char* ) lutil_progname LDAP_P(( const char* name, int argc, char *argv[] )); /* sockpair.c */ -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_pair( LBER_SOCKET_T sd[2] ); LDAP_END_DECL diff --git a/include/lutil_lockf.h b/include/lutil_lockf.h index 3afb7bd335..cd83c796d9 100644 --- a/include/lutil_lockf.h +++ b/include/lutil_lockf.h @@ -19,10 +19,10 @@ LDAP_BEGIN_DECL -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_lockf LDAP_P(( int fd )); -LIBLUTIL_F( int ) +LDAP_LUTIL_F( int ) lutil_unlockf LDAP_P(( int fd )); LDAP_END_DECL diff --git a/include/lutil_md5.h b/include/lutil_md5.h index 7148abc0ab..6e4be8627b 100644 --- a/include/lutil_md5.h +++ b/include/lutil_md5.h @@ -32,22 +32,22 @@ struct lutil_MD5Context { unsigned char in[64]; }; -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_MD5Init LDAP_P(( struct lutil_MD5Context *context)); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_MD5Update LDAP_P(( struct lutil_MD5Context *context, unsigned char const *buf, ber_len_t len)); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_MD5Final LDAP_P(( unsigned char digest[16], struct lutil_MD5Context *context)); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_MD5Transform LDAP_P(( ber_uint_t buf[4], const unsigned char in[64])); diff --git a/include/lutil_sha1.h b/include/lutil_sha1.h index cb3e67c2b1..6f1e410f41 100644 --- a/include/lutil_sha1.h +++ b/include/lutil_sha1.h @@ -35,31 +35,31 @@ typedef struct { unsigned char buffer[64]; } lutil_SHA1_CTX; -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_SHA1Transform LDAP_P((uint32 state[5], const unsigned char buffer[64])); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_SHA1Init LDAP_P((lutil_SHA1_CTX *context)); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_SHA1Update LDAP_P((lutil_SHA1_CTX *context, const unsigned char *data, uint32 len)); -LIBLUTIL_F( void ) +LDAP_LUTIL_F( void ) lutil_SHA1Final LDAP_P((unsigned char digest[20], lutil_SHA1_CTX *context)); -LIBLUTIL_F( char * ) +LDAP_LUTIL_F( char * ) lutil_SHA1End LDAP_P((lutil_SHA1_CTX *, char *)); -LIBLUTIL_F( char * ) +LDAP_LUTIL_F( char * ) lutil_SHA1File LDAP_P((char *, char *)); -LIBLUTIL_F( char * ) +LDAP_LUTIL_F( char * ) lutil_SHA1Data LDAP_P((const unsigned char *, size_t, char *)); diff --git a/include/portable.h.in b/include/portable.h.in index ff2fe67015..840383499b 100644 --- a/include/portable.h.in +++ b/include/portable.h.in @@ -14,11 +14,6 @@ /* end of preamble */ -#if !defined(SLAPD_SCHEMA_COMPAT) && !defined(SLAPD_SCHEMA_NOT_COMPAT) - /* define SLAPD_SCHEMA_COMPAT if you want old schema codes */ -#define SLAPD_SCHEMA_NOT_COMPAT 1 -#endif - /* Define if on AIX 3. System headers sometimes define this. @@ -458,9 +453,6 @@ /* Define if you have the header file. */ #undef HAVE_PWD_H -/* Define if you have the header file. */ -#undef HAVE_QUIPU_COMMONARG_H - /* Define if you have the header file. */ #undef HAVE_READLINE_HISTORY_H @@ -925,9 +917,9 @@ # define WIN32_LEAN_AND_MEAN 1 #endif -#ifndef __NEED_PROTOTYPES +#ifndef LDAP_NEEDS_PROTOTYPES /* force LDAP_P to always include prototypes */ -#define __NEED_PROTOTYPES 1 +#define LDAP_NEEDS_PROTOTYPES 1 #endif #ifdef HAVE_STDDEF_H diff --git a/include/portable.nt b/include/portable.nt index 080089649f..8e478479da 100644 --- a/include/portable.nt +++ b/include/portable.nt @@ -725,9 +725,9 @@ typedef signed int ssize_t; /* begin of postamble */ -#ifndef __NEED_PROTOTYPES +#ifndef LDAP_NEEDS_PROTOTYPES /* force LDAP_P to always include prototypes */ -#define __NEED_PROTOTYPES 1 +#define LDAP_NEEDS_PROTOTYPES 1 #endif #ifdef HAVE_STDDEF_H diff --git a/include/srchpref.h b/include/srchpref.h index 4731597f05..eb6345b61a 100644 --- a/include/srchpref.h +++ b/include/srchpref.h @@ -78,22 +78,22 @@ struct ldap_searchobj { #define LDAP_SEARCHPREF_ERR_FILE 4 -LIBLDAP_F( int ) +LDAP_F( int ) ldap_init_searchprefs LDAP_P(( char *file, struct ldap_searchobj **solistp )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_init_searchprefs_buf LDAP_P(( char *buf, ber_len_t buflen, struct ldap_searchobj **solistp )); -LIBLDAP_F( void ) +LDAP_F( void ) ldap_free_searchprefs LDAP_P(( struct ldap_searchobj *solist )); -LIBLDAP_F( struct ldap_searchobj * ) +LDAP_F( struct ldap_searchobj * ) ldap_first_searchobj LDAP_P(( struct ldap_searchobj *solist )); -LIBLDAP_F( struct ldap_searchobj * ) +LDAP_F( struct ldap_searchobj * ) ldap_next_searchobj LDAP_P(( struct ldap_searchobj *sollist, struct ldap_searchobj *so )); diff --git a/libraries/liblber/Makefile.in b/libraries/liblber/Makefile.in index 0c687d843d..c43adbd9f0 100644 --- a/libraries/liblber/Makefile.in +++ b/libraries/liblber/Makefile.in @@ -27,7 +27,7 @@ XXLIBS = LINKAGE = @LT_LIB_LINKAGE@ -NT_DYN_TEST_DEFS = -DLIBLBER_DECL=dllimport +NT_DYN_TEST_DEFS = -DLBER_DECL=dllimport # Extras for building the library EXTRA_DEFS = $(@PLAT@_@LIB_LINKAGE@_LIB_DEFS) diff --git a/libraries/liblber/encode.c b/libraries/liblber/encode.c index 68f321d8be..00bcf197af 100644 --- a/libraries/liblber/encode.c +++ b/libraries/liblber/encode.c @@ -649,6 +649,9 @@ ber_put_set( BerElement *ber ) return( ber_put_seqorset( ber ) ); } +/* N tag */ +static ber_tag_t lber_int_null = 0; + /* VARARGS */ int ber_printf( BerElement *ber, LDAP_CONST char *fmt, ... ) @@ -698,6 +701,15 @@ ber_printf( BerElement *ber, LDAP_CONST char *fmt, ... ) rc = ber_put_null( ber, ber->ber_tag ); break; + case 'N': /* Debug NULL */ + if( lber_int_null != 0 ) { + /* Insert NULL to ensure peer ignores unknown tags */ + rc = ber_put_null( ber, lber_int_null ); + } else { + rc = 0; + } + break; + case 'o': /* octet string (non-null terminated) */ s = va_arg( ap, char * ); len = va_arg( ap, ber_len_t ); diff --git a/libraries/liblber/etest.c b/libraries/liblber/etest.c index 01c10e9907..0b91ba75ce 100644 --- a/libraries/liblber/etest.c +++ b/libraries/liblber/etest.c @@ -144,7 +144,7 @@ main( int argc, char **argv ) } fprintf(stderr, "encode: end\n" ); - if( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if( ber_printf( ber, /*{*/ "N}" ) == -1 ) { perror( /*{*/ "ber_printf }" ); return( EXIT_FAILURE ); } diff --git a/libraries/liblber/lber-int.h b/libraries/liblber/lber-int.h index 136ea0c024..6ee5e7389e 100644 --- a/libraries/liblber/lber-int.h +++ b/libraries/liblber/lber-int.h @@ -24,12 +24,13 @@ LDAP_BEGIN_DECL -LIBLBER_F (BER_ERRNO_FN) ber_int_errno_fn; +LBER_F (BER_ERRNO_FN) ber_int_errno_fn; struct lber_options { short lbo_valid; unsigned short lbo_options; int lbo_debug; + long lbo_meminuse; }; #define LBER_UNINITIALIZED 0x0 @@ -37,7 +38,7 @@ struct lber_options { #define LBER_VALID_BERELEMENT 0x2 #define LBER_VALID_SOCKBUF 0x3 -LIBLBER_F (struct lber_options) ber_int_options; +LBER_F (struct lber_options) ber_int_options; #define ber_int_debug ber_int_options.lbo_debug struct berelement { @@ -100,21 +101,21 @@ int ber_realloc LDAP_P(( */ #define ber_log_printf ber_pvt_log_printf -LIBLBER_F( int ) +LBER_F( int ) ber_log_bprint LDAP_P(( int errlvl, int loglvl, const char *data, ber_len_t len )); -LIBLBER_F( int ) +LBER_F( int ) ber_log_dump LDAP_P(( int errlvl, int loglvl, BerElement *ber, int inout )); -LIBLBER_F( int ) +LBER_F( int ) ber_log_sos_dump LDAP_P(( int errlvl, int loglvl, @@ -123,7 +124,7 @@ ber_log_sos_dump LDAP_P(( /* memory.c */ /* simple macros to realloc for now */ -LIBLBER_F (BerMemoryFunctions *) ber_int_memory_fns; +LBER_F (BerMemoryFunctions *) ber_int_memory_fns; #ifdef CSRIMALLOC #define LBER_INT_MALLOC malloc @@ -158,19 +159,19 @@ LIBLBER_F (BerMemoryFunctions *) ber_int_memory_fns; /* sockbuf.c */ -LIBLBER_F( int ) +LBER_F( int ) ber_int_sb_init LDAP_P(( Sockbuf *sb )); -LIBLBER_F( int ) +LBER_F( int ) ber_int_sb_close LDAP_P(( Sockbuf *sb )); -LIBLBER_F( int ) +LBER_F( int ) ber_int_sb_destroy LDAP_P(( Sockbuf *sb )); -LIBLBER_F( ber_slen_t ) +LBER_F( ber_slen_t ) ber_int_sb_read LDAP_P(( Sockbuf *sb, void *buf, ber_len_t len )); -LIBLBER_F( ber_slen_t ) +LBER_F( ber_slen_t ) ber_int_sb_write LDAP_P(( Sockbuf *sb, void *buf, ber_len_t len )); LDAP_END_DECL diff --git a/libraries/liblber/memory.c b/libraries/liblber/memory.c index 3b4be421ba..a500569cdc 100644 --- a/libraries/liblber/memory.c +++ b/libraries/liblber/memory.c @@ -10,6 +10,13 @@ #include "lber-int.h" +#ifdef LDAP_MEMORY_TRACE +# ifndef LDAP_MEMORY_DEBUG +# define LDAP_MEMORY_DEBUG 1 +# endif +#include +#endif + #if LDAP_MEMORY_DEBUG /* * LDAP_MEMORY_DEBUG should only be enabled for the purposes of @@ -23,7 +30,12 @@ */ struct ber_mem_hdr { - union bmu_align_u { + ber_int_t bm_top; /* Pattern to detect buf overrun from prev buffer */ + ber_int_t bm_length; /* Length of user allocated area */ +#ifdef LDAP_MEMORY_TRACE + ber_int_t bm_sequence; /* Allocation sequence number */ +#endif + union bmu_align_u { /* Force alignment, pattern to detect back clobber */ ber_len_t bmu_len_t; ber_tag_t bmu_tag_t; ber_int_t bmu_int_t; @@ -33,13 +45,61 @@ struct ber_mem_hdr { double bmu_double; long bmu_long; long (*bmu_funcp)( double ); - char bmu_char[4]; + unsigned char bmu_char[4]; } ber_align; #define bm_junk ber_align.bmu_len_t #define bm_data ber_align.bmu_char[1] +#define bm_char ber_align.bmu_char }; + +/* Pattern at top of allocated space */ #define BER_MEM_JUNK 0xdeaddadaU -static const struct ber_mem_hdr ber_int_mem_hdr = { BER_MEM_JUNK }; + +static const struct ber_mem_hdr ber_int_mem_hdr = { BER_MEM_JUNK, 0, 0 }; + +/* Note sequence and ber_int_options.lbu_meminuse are counters, but are not + * thread safe. If you want to use these values for multithreaded applications, + * you must put mutexes around them, otherwise they will have incorrect values. + * When debugging, if you sort the debug output, the sequence number will + * put allocations/frees together. It is then a simple matter to write a script + * to find any allocations that don't have a buffer free function. + */ +#ifdef LDAP_MEMORY_TRACE +static ber_int_t sequence = 0; +#endif + +/* Pattern placed just before user data */ +static unsigned char toppattern[4] = { 0xde, 0xad, 0xba, 0xde }; +/* Pattern placed just after user data */ +static unsigned char endpattern[4] = { 0xd1, 0xed, 0xde, 0xca }; + +#define mbu_len sizeof(ber_int_mem_hdr.ber_align) + +/* Test if pattern placed just before user data is good */ +#define testdatatop(val) ( \ + *(val->bm_char+mbu_len-4)==toppattern[0] && \ + *(val->bm_char+mbu_len-3)==toppattern[1] && \ + *(val->bm_char+mbu_len-2)==toppattern[2] && \ + *(val->bm_char+mbu_len-1)==toppattern[3] ) + +/* Place pattern just before user data */ +#define setdatatop(val) *(val->bm_char+mbu_len-4)=toppattern[0]; \ + *(val->bm_char+mbu_len-3)=toppattern[1]; \ + *(val->bm_char+mbu_len-2)=toppattern[2]; \ + *(val->bm_char+mbu_len-1)=toppattern[3]; + +/* Test if pattern placed just after user data is good */ +#define testend(val) ( *((unsigned char *)val+0)==endpattern[0] && \ + *((unsigned char *)val+1)==endpattern[1] && \ + *((unsigned char *)val+2)==endpattern[2] && \ + *((unsigned char *)val+3)==endpattern[3] ) + +/* Place pattern just after user data */ +#define setend(val) *((unsigned char *)val+0)=endpattern[0]; \ + *((unsigned char *)val+1)=endpattern[1]; \ + *((unsigned char *)val+2)=endpattern[2]; \ + *((unsigned char *)val+3)=endpattern[3]; + #define BER_MEM_BADADDR ((void *) &ber_int_mem_hdr.bm_data) #define BER_MEM_VALID(p) do { \ assert( (p) != BER_MEM_BADADDR ); \ @@ -80,9 +140,17 @@ ber_memfree( void *p ) #ifdef LDAP_MEMORY_DEBUG struct ber_mem_hdr *mh = (struct ber_mem_hdr *) ((char *)p - sizeof(struct ber_mem_hdr)); - - assert( mh->bm_junk == BER_MEM_JUNK ); - mh->bm_junk = ~BER_MEM_JUNK; + assert( mh->bm_top == BER_MEM_JUNK); + assert( testdatatop( mh)); + assert( testend( (char *)&mh[1] + mh->bm_length) ); + ber_int_options.lbo_meminuse -= mh->bm_length; + +#ifdef LDAP_MEMORY_TRACE + fprintf(stderr, "0x%08x 0x%08x -f- %d ber_memfree %d\n", + mh->bm_sequence, mh, mh->bm_length, ber_int_options.lbo_meminuse); +#endif + /* Fill the free space with poison */ + memset( mh, 0xff, mh->bm_length + sizeof(struct ber_mem_hdr) + sizeof( ber_int_t)); free( mh ); #else free( p ); @@ -133,11 +201,23 @@ ber_memalloc( ber_len_t s ) if( ber_int_memory_fns == NULL ) { #ifdef LDAP_MEMORY_DEBUG - struct ber_mem_hdr *mh = malloc(s + sizeof(struct ber_mem_hdr)); - + struct ber_mem_hdr *mh = malloc(s + sizeof(struct ber_mem_hdr) + sizeof( ber_int_t)); if( mh == NULL ) return NULL; - mh->bm_junk = BER_MEM_JUNK; + mh->bm_top = BER_MEM_JUNK; + mh->bm_length = s; + setdatatop( mh); + setend( (char *)&mh[1] + mh->bm_length ); + + ber_int_options.lbo_meminuse += mh->bm_length; /* Count mem inuse */ + +#ifdef LDAP_MEMORY_TRACE + mh->bm_sequence = sequence++; + fprintf(stderr, "0x%08x 0x%08x -a- %d ber_memalloc %d\n", + mh->bm_sequence, mh, mh->bm_length, ber_int_options.lbo_meminuse); +#endif + /* poison new memory */ + memset( (char *)&mh[1], 0xff, s); BER_MEM_VALID( &mh[1] ); new = &mh[1]; @@ -173,10 +253,21 @@ ber_memcalloc( ber_len_t n, ber_len_t s ) if( ber_int_memory_fns == NULL ) { #ifdef LDAP_MEMORY_DEBUG struct ber_mem_hdr *mh = calloc(1, - (n * s) + sizeof(struct ber_mem_hdr) ); + (n * s) + sizeof(struct ber_mem_hdr) + sizeof(ber_int_t) ); + if( mh == NULL ) return NULL; + + mh->bm_top = BER_MEM_JUNK; + mh->bm_length = n*s; + setdatatop( mh); + setend( (char *)&mh[1] + mh->bm_length ); - mh->bm_junk = BER_MEM_JUNK; + ber_int_options.lbo_meminuse += mh->bm_length; +#ifdef LDAP_MEMORY_TRACE + mh->bm_sequence = sequence++; + fprintf(stderr, "0x%08x 0x%08x -a- %d ber_memcalloc %d\n", + mh->bm_sequence, mh, mh->bm_length, ber_int_options.lbo_meminuse); +#endif BER_MEM_VALID( &mh[1] ); new = &mh[1]; #else @@ -216,20 +307,38 @@ ber_memrealloc( void* p, ber_len_t s ) if( ber_int_memory_fns == NULL ) { #ifdef LDAP_MEMORY_DEBUG + ber_int_t oldlen; struct ber_mem_hdr *mh = (struct ber_mem_hdr *) ((char *)p - sizeof(struct ber_mem_hdr)); - assert( mh->bm_junk == BER_MEM_JUNK ); - - p = realloc( mh, s + sizeof(struct ber_mem_hdr) ); + assert( mh->bm_top == BER_MEM_JUNK); + assert( testdatatop( mh)); + assert( testend( (char *)&mh[1] + mh->bm_length) ); + oldlen = mh->bm_length; + + p = realloc( mh, s + sizeof(struct ber_mem_hdr) + sizeof(ber_int_t) ); + if( p == NULL ) { + ber_errno = LBER_ERROR_MEMORY; + return NULL; + } - if( p != NULL ) { mh = p; + mh->bm_length = s; + setend( (char *)&mh[1] + mh->bm_length ); + if( (s - oldlen) > 0 ) { + /* poison any new memory */ + memset( (char *)&mh[1] + oldlen, 0xff, s - oldlen); + } - assert( mh->bm_junk == BER_MEM_JUNK ); + assert( mh->bm_top == BER_MEM_JUNK); + assert( testdatatop( mh)); + ber_int_options.lbo_meminuse += s - oldlen; +#ifdef LDAP_MEMORY_TRACE + fprintf(stderr, "0x%08x 0x%08x -a- %d ber_memrealloc %d\n", + mh->bm_sequence, mh, mh->bm_length, ber_int_options.lbo_meminuse); +#endif BER_MEM_VALID( &mh[1] ); - new = &mh[1]; - } + return &mh[1]; #else new = realloc( p, s ); #endif diff --git a/libraries/liblber/options.c b/libraries/liblber/options.c index dc61707dfd..0b6ded358f 100644 --- a/libraries/liblber/options.c +++ b/libraries/liblber/options.c @@ -36,6 +36,20 @@ ber_get_option( if(option == LBER_OPT_BER_DEBUG) { * (int *) outvalue = ber_int_debug; return LBER_OPT_SUCCESS; + } else if(option == LBER_OPT_MEMORY_INUSE) { + /* The memory inuse is a global variable on kernal implementations. + * This means that memory debug is shared by all LDAP processes + * so for this variable to have much meaning, only one LDAP process + * should be running and memory inuse should be initialized to zero + * using the lber_set_option() function during startup. + * The counter is not accurate for multithreaded ldap applications. + */ +#ifdef LDAP_MEMORY_DEBUG + * (int *) outvalue = ber_int_options.lbo_meminuse; + return LBER_OPT_SUCCESS; +#else + return LBER_OPT_ERROR; +#endif } ber_errno = LBER_ERROR_PARAM; @@ -135,6 +149,20 @@ ber_set_option( } else if(option == LBER_OPT_LOG_PRINT_FILE) { ber_pvt_err_file = (void *) invalue; return LBER_OPT_SUCCESS; + } else if(option == LBER_OPT_MEMORY_INUSE) { + /* The memory inuse is a global variable on kernal implementations. + * This means that memory debug is shared by all LDAP processes + * so for this variable to have much meaning, only one LDAP process + * should be running and memory inuse should be initialized to zero + * using the lber_set_option() function during startup. + * The counter is not accurate for multithreaded applications. + */ +#ifdef LDAP_MEMORY_DEBUG + ber_int_options.lbo_meminuse = * (int *) invalue; + return LBER_OPT_SUCCESS; +#else + return LBER_OPT_ERROR; +#endif } ber_errno = LBER_ERROR_PARAM; diff --git a/libraries/libldap/Makefile.in b/libraries/libldap/Makefile.in index 0ae884ddb1..fc02e1d780 100644 --- a/libraries/libldap/Makefile.in +++ b/libraries/libldap/Makefile.in @@ -39,8 +39,8 @@ XXLIBS = $(SECURITY_LIBS) $(TLS_LIBS) LINKAGE = @LT_LIB_LINKAGE@ NT_DYN_LIB_LIBS = -llber -llutil $(AC_LIBS) -NT_DYN_LIB_DEFS = -DLIBLBER_DECL=dllimport -NT_DYN_TEST_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_LIB_DEFS = -DLBER_DECL=dllimport +NT_DYN_TEST_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport NT_XXLIBS = $(SECURITY_LIBS) diff --git a/libraries/libldap/abandon.c b/libraries/libldap/abandon.c index 3ce621f7aa..82526f5256 100644 --- a/libraries/libldap/abandon.c +++ b/libraries/libldap/abandon.c @@ -163,7 +163,7 @@ do_abandon( } else { /* close '{' */ - err = ber_printf( ber, /*{*/ "}" ); + err = ber_printf( ber, /*{*/ "N}" ); if( err == -1 ) { /* encoding error */ diff --git a/libraries/libldap/add.c b/libraries/libldap/add.c index d3816b448c..5ae7460527 100644 --- a/libraries/libldap/add.c +++ b/libraries/libldap/add.c @@ -123,10 +123,10 @@ ldap_add_ext( /* for each attribute in the entry... */ for ( i = 0; attrs[i] != NULL; i++ ) { if ( ( attrs[i]->mod_op & LDAP_MOD_BVALUES) != 0 ) { - rc = ber_printf( ber, "{s[V]}", attrs[i]->mod_type, + rc = ber_printf( ber, "{s[V]N}", attrs[i]->mod_type, attrs[i]->mod_bvalues ); } else { - rc = ber_printf( ber, "{s[v]}", attrs[i]->mod_type, + rc = ber_printf( ber, "{s[v]N}", attrs[i]->mod_type, attrs[i]->mod_values ); } if ( rc == -1 ) { @@ -136,7 +136,7 @@ ldap_add_ext( } } - if ( ber_printf( ber, /*{{*/ "}}" ) == -1 ) { + if ( ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return ld->ld_errno; @@ -148,7 +148,7 @@ ldap_add_ext( return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return ld->ld_errno; diff --git a/libraries/libldap/addentry.c b/libraries/libldap/addentry.c index 4ee6870222..3bf03ce2f8 100644 --- a/libraries/libldap/addentry.c +++ b/libraries/libldap/addentry.c @@ -16,7 +16,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/compare.c b/libraries/libldap/compare.c index 9cfa56963a..a48dda120f 100644 --- a/libraries/libldap/compare.c +++ b/libraries/libldap/compare.c @@ -66,7 +66,7 @@ ldap_compare_ext( return( LDAP_NO_MEMORY ); } - if ( ber_printf( ber, "{it{s{sO}}", /* '}' */ + if ( ber_printf( ber, "{it{s{sON}N}", /* '}' */ ++ld->ld_msgid, LDAP_REQ_COMPARE, dn, attr, bvalue ) == -1 ) { @@ -81,7 +81,7 @@ ldap_compare_ext( return ld->ld_errno; } - if( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); diff --git a/libraries/libldap/controls.c b/libraries/libldap/controls.c index 34f49f5343..72857fb3bb 100644 --- a/libraries/libldap/controls.c +++ b/libraries/libldap/controls.c @@ -94,14 +94,14 @@ ldap_int_put_controls( } - if( ber_printf( ber, /*{*/"}" ) == -1 ) { + if( ber_printf( ber, /*{*/"N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; } } - if( ber_printf( ber, /*{*/"}" ) == -1 ) { + if( ber_printf( ber, /*{*/ "}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; return ld->ld_errno; } @@ -401,7 +401,7 @@ ldap_control_dup( const LDAPControl *c ) SHOULD be freed by calling ldap_control_free() when done. ---*/ -LIBLDAP_F( int ) +int ldap_int_create_control( const char *requestOID, BerElement *ber, diff --git a/libraries/libldap/delete.c b/libraries/libldap/delete.c index e750ecb9d8..714acc5a5a 100644 --- a/libraries/libldap/delete.c +++ b/libraries/libldap/delete.c @@ -74,7 +74,7 @@ ldap_delete_ext( return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); diff --git a/libraries/libldap/disptmpl.c b/libraries/libldap/disptmpl.c index 82dcfe8f3d..f1cf4117ce 100644 --- a/libraries/libldap/disptmpl.c +++ b/libraries/libldap/disptmpl.c @@ -24,7 +24,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/dn.c b/libraries/libldap/dn.c index d0ba92f886..d60edd0cec 100644 --- a/libraries/libldap/dn.c +++ b/libraries/libldap/dn.c @@ -9,7 +9,6 @@ #include -#include #include #include #include @@ -245,7 +244,7 @@ ldap_dn_parent( return( LDAP_STRDUP( "" ) ); } -char * ldap_dn_rdn( +char * ldap_dn_relative( const char *dn ) { char *s; diff --git a/libraries/libldap/dsparse.c b/libraries/libldap/dsparse.c index 8ec7116fd9..57d80a541c 100644 --- a/libraries/libldap/dsparse.c +++ b/libraries/libldap/dsparse.c @@ -25,7 +25,6 @@ #include #include -#include #include #include @@ -155,7 +154,7 @@ next_token( char **sp ) p = *sp; - while ( isspace( (unsigned char) *p )) { /* skip leading white space */ + while ( LDAP_SPACE( (unsigned char) *p )) { /* skip leading white space */ ++p; } @@ -170,7 +169,7 @@ next_token( char **sp ) t = tokstart = p; for ( ;; ) { - if ( *p == '\0' || ( isspace( (unsigned char) *p ) && !in_quote )) { + if ( *p == '\0' || ( LDAP_SPACE( (unsigned char) *p ) && !in_quote )) { if ( *p != '\0' ) { ++p; } diff --git a/libraries/libldap/error.c b/libraries/libldap/error.c index 34cac4600b..8594c849af 100644 --- a/libraries/libldap/error.c +++ b/libraries/libldap/error.c @@ -92,7 +92,7 @@ static const struct ldaperror ldap_errlist[] = { {LDAP_CLIENT_LOOP, "Client Loop" }, {LDAP_REFERRAL_LIMIT_EXCEEDED, "Referral Limit Exceeded" }, - {-1, 0 } + {-1, NULL } }; static const struct ldaperror * @@ -150,7 +150,7 @@ ldap_perror( LDAP *ld, LDAP_CONST char *str ) } if ( ld->ld_matched != NULL && ld->ld_matched[0] != '\0' ) { - fprintf( stderr, "\tmatched: \"%s\"\n", + fprintf( stderr, "\tmatched DN: \"%s\"\n", ld->ld_matched ); } @@ -235,7 +235,8 @@ ldap_parse_result( for ( lm = r; lm->lm_chain != NULL; lm = lm->lm_chain ) { /* skip over entries and references */ if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY && - lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE ) + lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE && + lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL ) { break; } @@ -342,7 +343,8 @@ ldap_parse_result( for ( lm = lm->lm_chain; lm != NULL; lm = lm->lm_chain ) { /* skip over entries and references */ if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY && - lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE ) + lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE && + lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL ) { /* more results to return */ errcode = LDAP_MORE_RESULTS_TO_RETURN; diff --git a/libraries/libldap/extended.c b/libraries/libldap/extended.c index f42afd281a..4925618592 100644 --- a/libraries/libldap/extended.c +++ b/libraries/libldap/extended.c @@ -68,13 +68,13 @@ ldap_extended_operation( } if ( reqdata != NULL ) { - rc = ber_printf( ber, "{it{tstO}", /* '}' */ + rc = ber_printf( ber, "{it{tstON}", /* '}' */ ++ld->ld_msgid, LDAP_REQ_EXTENDED, LDAP_TAG_EXOP_REQ_OID, reqoid, LDAP_TAG_EXOP_REQ_VALUE, reqdata ); } else { - rc = ber_printf( ber, "{it{ts}", /* '}' */ + rc = ber_printf( ber, "{it{tsN}", /* '}' */ ++ld->ld_msgid, LDAP_REQ_EXTENDED, LDAP_TAG_EXOP_REQ_OID, reqoid ); } @@ -91,7 +91,7 @@ ldap_extended_operation( return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); @@ -274,3 +274,115 @@ ldap_parse_extended_result ( return LDAP_SUCCESS; } + + +/* Parse an extended partial */ +int +ldap_parse_extended_partial ( + LDAP *ld, + LDAPMessage *res, + char **retoidp, + struct berval **retdatap, + LDAPControl ***serverctrls, + int freeit ) +{ + BerElement *ber; + ber_tag_t rc; + ber_tag_t tag; + ber_len_t len; + struct berval *resdata; + char *resoid; + + assert( ld != NULL ); + assert( LDAP_VALID( ld ) ); + assert( res != NULL ); + + Debug( LDAP_DEBUG_TRACE, "ldap_parse_extended_result\n", 0, 0, 0 ); + + if( ld->ld_version < LDAP_VERSION3 ) { + ld->ld_errno = LDAP_NOT_SUPPORTED; + return ld->ld_errno; + } + + if( res->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL ) { + ld->ld_errno = LDAP_PARAM_ERROR; + return ld->ld_errno; + } + + if( retoidp != NULL ) *retoidp = NULL; + if( retdatap != NULL ) *retdatap = NULL; + + ber = ber_dup( res->lm_ber ); + + if ( ber == NULL ) { + ld->ld_errno = LDAP_NO_MEMORY; + return ld->ld_errno; + } + + rc = ber_scanf( ber, "{" /*}*/ ); + + if( rc == LBER_ERROR ) { + ld->ld_errno = LDAP_DECODING_ERROR; + ber_free( ber, 0 ); + return ld->ld_errno; + } + + resoid = NULL; + resdata = NULL; + + tag = ber_peek_tag( ber, &len ); + + if( tag == LDAP_TAG_EXOP_RES_OID ) { + /* we have a resoid */ + if( ber_scanf( ber, "a", &resoid ) == LBER_ERROR ) { + ld->ld_errno = LDAP_DECODING_ERROR; + ber_free( ber, 0 ); + return ld->ld_errno; + } + + tag = ber_peek_tag( ber, &len ); + } + + if( tag == LDAP_TAG_EXOP_RES_VALUE ) { + /* we have a resdata */ + if( ber_scanf( ber, "O", &resdata ) == LBER_ERROR ) { + ld->ld_errno = LDAP_DECODING_ERROR; + ber_free( ber, 0 ); + if( resoid != NULL ) LDAP_FREE( resoid ); + return ld->ld_errno; + } + } + + if ( serverctrls == NULL ) { + rc = LDAP_SUCCESS; + goto free_and_return; + } + + if ( ber_scanf( ber, /*{*/ "}" ) == LBER_ERROR ) { + rc = LDAP_DECODING_ERROR; + goto free_and_return; + } + + rc = ldap_int_get_controls( ber, serverctrls ); + +free_and_return: + ber_free( ber, 0 ); + + if( retoidp != NULL ) { + *retoidp = resoid; + } else { + LDAP_FREE( resoid ); + } + + if( retdatap != NULL ) { + *retdatap = resdata; + } else { + ber_bvfree( resdata ); + } + + if( freeit ) { + ldap_msgfree( res ); + } + + return LDAP_SUCCESS; +} diff --git a/libraries/libldap/free.c b/libraries/libldap/free.c index e20ffbd24d..8d871ef241 100644 --- a/libraries/libldap/free.c +++ b/libraries/libldap/free.c @@ -16,7 +16,6 @@ #include #include -#include #include #include diff --git a/libraries/libldap/friendly.c b/libraries/libldap/friendly.c index 3078fee693..5d4abdabbe 100644 --- a/libraries/libldap/friendly.c +++ b/libraries/libldap/friendly.c @@ -15,7 +15,6 @@ #include #include -#include #include #include #include diff --git a/libraries/libldap/getattr.c b/libraries/libldap/getattr.c index 9a511ee2ea..79fe0a4ad0 100644 --- a/libraries/libldap/getattr.c +++ b/libraries/libldap/getattr.c @@ -15,7 +15,6 @@ #include #include -#include #include #include #include diff --git a/libraries/libldap/getentry.c b/libraries/libldap/getentry.c index 2cf17681d8..ccdca5ea40 100644 --- a/libraries/libldap/getentry.c +++ b/libraries/libldap/getentry.c @@ -15,7 +15,6 @@ #include #include -#include #include #include #include @@ -99,7 +98,7 @@ ldap_get_entry_controls( assert( sctrls != NULL ); if ( ld == NULL || sctrls == NULL || - entry == NULL || entry->lm_msgtype == LDAP_RES_SEARCH_ENTRY ) + entry == NULL || entry->lm_msgtype != LDAP_RES_SEARCH_ENTRY ) { return LDAP_PARAM_ERROR; } diff --git a/libraries/libldap/getfilter.c b/libraries/libldap/getfilter.c index 2d8b89c8a8..c837631e6d 100644 --- a/libraries/libldap/getfilter.c +++ b/libraries/libldap/getfilter.c @@ -16,7 +16,6 @@ #include -#include #include #include #include @@ -347,12 +346,12 @@ ldap_build_filter( if ( *p == '%' ) { ++p; if ( *p == 'v' ) { - if ( isdigit( (unsigned char) p[1] )) { + if ( LDAP_DIGIT( (unsigned char) p[1] )) { ++p; wordnum = *p - '1'; if ( *(p+1) == '-' ) { ++p; - if ( isdigit( (unsigned char) p[1] )) { + if ( LDAP_DIGIT( (unsigned char) p[1] )) { ++p; endwordnum = *p - '1'; /* e.g., "%v2-4" */ if ( endwordnum > wordcount - 1 ) { diff --git a/libraries/libldap/kbind.c b/libraries/libldap/kbind.c index fd6d59ab7f..65fb0d2e03 100644 --- a/libraries/libldap/kbind.c +++ b/libraries/libldap/kbind.c @@ -66,6 +66,11 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn ) Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind1\n", 0, 0, 0 ); + if( ld->ld_version > LDAP_VERSION2 ) { + ld->ld_errno = LDAP_NOT_SUPPORTED; + return -1; + } + if ( dn == NULL ) dn = ""; @@ -81,7 +86,7 @@ ldap_kerberos_bind1( LDAP *ld, LDAP_CONST char *dn ) } /* fill it in */ - rc = ber_printf( ber, "{it{isto}}", ++ld->ld_msgid, LDAP_REQ_BIND, + rc = ber_printf( ber, "{it{istoN}N}", ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_KRBV41, cred, credlen ); if ( rc == -1 ) { @@ -144,6 +149,11 @@ ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn ) Debug( LDAP_DEBUG_TRACE, "ldap_kerberos_bind2\n", 0, 0, 0 ); + if( ld->ld_version > LDAP_VERSION2 ) { + ld->ld_errno = LDAP_NOT_SUPPORTED; + return -1; + } + if ( dn == NULL ) dn = ""; @@ -159,7 +169,7 @@ ldap_kerberos_bind2( LDAP *ld, LDAP_CONST char *dn ) } /* fill it in */ - rc = ber_printf( ber, "{it{isto}}", ++ld->ld_msgid, LDAP_REQ_BIND, + rc = ber_printf( ber, "{it{istoN}N}", ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_KRBV42, cred, credlen ); diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h index 36993c8afd..fd6352d93a 100644 --- a/libraries/libldap/ldap-int.h +++ b/libraries/libldap/ldap-int.h @@ -1,3 +1,4 @@ +/* ldap-int.h - defines & prototypes internal to the LDAP library */ /* $OpenLDAP$ */ /* * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. @@ -6,8 +7,6 @@ /* Portions * Copyright (c) 1995 Regents of the University of Michigan. * All rights reserved. - * - * ldap-int.h - defines & prototypes internal to the LDAP library */ #ifndef _LDAP_INT_H @@ -58,17 +57,16 @@ LDAP_BEGIN_DECL #define LDAPS_URL_PREFIX_LEN (sizeof(LDAPS_URL_PREFIX)-1) #define LDAPI_URL_PREFIX "ldapi://" #define LDAPI_URL_PREFIX_LEN (sizeof(LDAPI_URL_PREFIX)-1) -#define LDAPIS_URL_PREFIX "ldapis://" -#define LDAPIS_URL_PREFIX_LEN (sizeof(LDAPIS_URL_PREFIX)-1) #define LDAP_URL_URLCOLON "URL:" #define LDAP_URL_URLCOLON_LEN (sizeof(LDAP_URL_URLCOLON)-1) -#define NULLLDAPURLDESC ((LDAPURLDesc *)NULL) + +#define CLDAP_URL_PREFIX "cldap://" +#define CLDAP_URL_PREFIX_LEN (sizeof(CLDAP_URL_PREFIX)-1) #define LDAP_REF_STR "Referral:\n" #define LDAP_REF_STR_LEN (sizeof(LDAP_REF_STR)-1) #define LDAP_LDAP_REF_STR LDAP_URL_PREFIX -#define LDAP_LDAP_REF_STR_LEN (sizeof(LDAP_LDAP_REF_STR)-1) - +#define LDAP_LDAP_REF_STR_LEN LDAP_URL_PREFIX_LEN #define LDAP_DEFAULT_REFHOPLIMIT 5 @@ -78,8 +76,8 @@ LDAP_BEGIN_DECL #define LDAP_BOOLEANS unsigned long #define LDAP_BOOL(n) (1 << (n)) -#define LDAP_BOOL_GET(lo, bool) ((lo)->ldo_booleans & LDAP_BOOL(bool) \ - ? -1 : 0) +#define LDAP_BOOL_GET(lo, bool) \ + ((lo)->ldo_booleans & LDAP_BOOL(bool) ? -1 : 0) #define LDAP_BOOL_SET(lo, bool) ((lo)->ldo_booleans |= LDAP_BOOL(bool)) #define LDAP_BOOL_CLR(lo, bool) ((lo)->ldo_booleans &= ~LDAP_BOOL(bool)) #define LDAP_BOOL_ZERO(lo) ((lo)->ldo_booleans = 0) @@ -134,8 +132,8 @@ struct ldapoptions { /* LDAPv3 server and client controls */ LDAPControl **ldo_sctrls; LDAPControl **ldo_cctrls; - /* LDAPV3 rebind callback function - */ + + /* LDAP rebind callback function */ LDAP_REBIND_PROC *ldo_rebindproc; #ifdef HAVE_TLS @@ -158,7 +156,6 @@ typedef struct ldap_server { char *lsrv_host; char *lsrv_dn; /* if NULL, use default */ int lsrv_port; -/* int lsrv_protocol; */ struct ldap_server *lsrv_next; } LDAPServer; @@ -316,9 +313,9 @@ extern ldap_pvt_thread_mutex_t ldap_int_resolv_mutex; * in init.c */ -LIBLDAP_F ( struct ldapoptions ) ldap_int_global_options; -LIBLDAP_F ( void ) ldap_int_initialize LDAP_P((struct ldapoptions *, int *)); -LIBLDAP_F ( void ) ldap_int_initialize_global_options LDAP_P(( +LDAP_F ( struct ldapoptions ) ldap_int_global_options; +LDAP_F ( void ) ldap_int_initialize LDAP_P((struct ldapoptions *, int *)); +LDAP_F ( void ) ldap_int_initialize_global_options LDAP_P(( struct ldapoptions *, int *)); /* memory.c */ @@ -340,41 +337,41 @@ LIBLDAP_F ( void ) ldap_int_initialize_global_options LDAP_P(( /* * in unit-int.c */ -LIBLDAP_F (void) ldap_int_utils_init LDAP_P(( void )); +LDAP_F (void) ldap_int_utils_init LDAP_P(( void )); /* * in print.c */ -LIBLDAP_F (int) ldap_log_printf LDAP_P((LDAP *ld, int level, const char *fmt, ...)) LDAP_GCCATTR((format(printf, 3, 4))); +LDAP_F (int) ldap_log_printf LDAP_P((LDAP *ld, int level, const char *fmt, ...)) LDAP_GCCATTR((format(printf, 3, 4))); /* * in cache.c */ -LIBLDAP_F (void) ldap_add_request_to_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype, +LDAP_F (void) ldap_add_request_to_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype, BerElement *request )); -LIBLDAP_F (void) ldap_add_result_to_cache LDAP_P(( LDAP *ld, LDAPMessage *result )); -LIBLDAP_F (int) ldap_check_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype, BerElement *request )); +LDAP_F (void) ldap_add_result_to_cache LDAP_P(( LDAP *ld, LDAPMessage *result )); +LDAP_F (int) ldap_check_cache LDAP_P(( LDAP *ld, ber_tag_t msgtype, BerElement *request )); /* * in controls.c */ -LIBLDAP_F (LDAPControl *) ldap_control_dup LDAP_P(( +LDAP_F (LDAPControl *) ldap_control_dup LDAP_P(( const LDAPControl *ctrl )); -LIBLDAP_F (LDAPControl **) ldap_controls_dup LDAP_P(( +LDAP_F (LDAPControl **) ldap_controls_dup LDAP_P(( LDAPControl *const *ctrls )); -LIBLDAP_F (int) ldap_int_get_controls LDAP_P(( +LDAP_F (int) ldap_int_get_controls LDAP_P(( BerElement *be, LDAPControl ***ctrlsp)); -LIBLDAP_F (int) ldap_int_put_controls LDAP_P(( +LDAP_F (int) ldap_int_put_controls LDAP_P(( LDAP *ld, LDAPControl *const *ctrls, BerElement *ber )); -LIBLDAP_F( int ) +LDAP_F( int ) ldap_int_create_control LDAP_P(( const char *requestOID, BerElement *ber, @@ -384,13 +381,13 @@ ldap_int_create_control LDAP_P(( /* * in dsparse.c */ -LIBLDAP_F (int) ldap_int_next_line_tokens LDAP_P(( char **bufp, ber_len_t *blenp, char ***toksp )); +LDAP_F (int) ldap_int_next_line_tokens LDAP_P(( char **bufp, ber_len_t *blenp, char ***toksp )); #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND /* * in kerberos.c */ -LIBLDAP_F (char *) ldap_get_kerberosv4_credentials LDAP_P(( +LDAP_F (char *) ldap_get_kerberosv4_credentials LDAP_P(( LDAP *ld, LDAP_CONST char *who, LDAP_CONST char *service, @@ -402,67 +399,68 @@ LIBLDAP_F (char *) ldap_get_kerberosv4_credentials LDAP_P(( /* * in open.c */ -LIBLDAP_F (int) ldap_open_defconn( LDAP *ld ); -LIBLDAP_F (int) open_ldap_connection( LDAP *ld, Sockbuf *sb, LDAPURLDesc *srvlist, char **krbinstancep, int async ); +LDAP_F (int) ldap_open_defconn( LDAP *ld ); +LDAP_F (int) open_ldap_connection( LDAP *ld, Sockbuf *sb, LDAPURLDesc *srvlist, char **krbinstancep, int async ); /* * in os-ip.c */ -LIBLDAP_F (int) ldap_int_tblsize; -LIBLDAP_F (int) ldap_int_timeval_dup( struct timeval **dest, const struct timeval *tm ); -LIBLDAP_F (int) ldap_connect_to_host( LDAP *ld, Sockbuf *sb, const char *host, unsigned long address, int port, int async ); +LDAP_F (int) ldap_int_tblsize; +LDAP_F (int) ldap_int_timeval_dup( struct timeval **dest, const struct timeval *tm ); +LDAP_F (int) ldap_connect_to_host( LDAP *ld, Sockbuf *sb, const char *host, unsigned long address, int port, int async ); #if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) -LIBLDAP_F (char *) ldap_host_connected_to( Sockbuf *sb ); +LDAP_F (char *) ldap_host_connected_to( Sockbuf *sb ); #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ -LIBLDAP_F (void) ldap_int_ip_init( void ); -LIBLDAP_F (int) do_ldap_select( LDAP *ld, struct timeval *timeout ); -LIBLDAP_F (void *) ldap_new_select_info( void ); -LIBLDAP_F (void) ldap_free_select_info( void *sip ); -LIBLDAP_F (void) ldap_mark_select_write( LDAP *ld, Sockbuf *sb ); -LIBLDAP_F (void) ldap_mark_select_read( LDAP *ld, Sockbuf *sb ); -LIBLDAP_F (void) ldap_mark_select_clear( LDAP *ld, Sockbuf *sb ); -LIBLDAP_F (int) ldap_is_read_ready( LDAP *ld, Sockbuf *sb ); -LIBLDAP_F (int) ldap_is_write_ready( LDAP *ld, Sockbuf *sb ); +LDAP_F (void) ldap_int_ip_init( void ); +LDAP_F (int) do_ldap_select( LDAP *ld, struct timeval *timeout ); +LDAP_F (void *) ldap_new_select_info( void ); +LDAP_F (void) ldap_free_select_info( void *sip ); +LDAP_F (void) ldap_mark_select_write( LDAP *ld, Sockbuf *sb ); +LDAP_F (void) ldap_mark_select_read( LDAP *ld, Sockbuf *sb ); +LDAP_F (void) ldap_mark_select_clear( LDAP *ld, Sockbuf *sb ); +LDAP_F (int) ldap_is_read_ready( LDAP *ld, Sockbuf *sb ); +LDAP_F (int) ldap_is_write_ready( LDAP *ld, Sockbuf *sb ); /* * in os-local.c */ #ifdef LDAP_PF_UNIX -LIBLDAP_F (int) ldap_connect_to_path( LDAP *ld, Sockbuf *sb, const char *path, int async ); +LDAP_F (int) ldap_connect_to_path( LDAP *ld, Sockbuf *sb, const char *path, int async ); #endif /* LDAP_PF_UNIX */ /* * in request.c */ -LIBLDAP_F (ber_int_t) ldap_send_initial_request( LDAP *ld, ber_tag_t msgtype, +LDAP_F (ber_int_t) ldap_send_initial_request( LDAP *ld, ber_tag_t msgtype, const char *dn, BerElement *ber ); -LIBLDAP_F (BerElement *) ldap_alloc_ber_with_options( LDAP *ld ); -LIBLDAP_F (void) ldap_set_ber_options( LDAP *ld, BerElement *ber ); - -LIBLDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber, ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc *srvlist, LDAPConn *lc, LDAPreqinfo *bind ); -LIBLDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, int connect, LDAPreqinfo *bind ); -LIBLDAP_F (LDAPRequest *) ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid ); -LIBLDAP_F (void) ldap_free_request( LDAP *ld, LDAPRequest *lr ); -LIBLDAP_F (void) ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind ); -LIBLDAP_F (void) ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all ); -LIBLDAP_F (void) ldap_dump_requests_and_responses( LDAP *ld ); -LIBLDAP_F (int) ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ); -LIBLDAP_F (int) ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, char **referralsp, int *hadrefp ); -LIBLDAP_F (int) ldap_append_referral( LDAP *ld, char **referralsp, char *s ); +LDAP_F (BerElement *) ldap_alloc_ber_with_options( LDAP *ld ); +LDAP_F (void) ldap_set_ber_options( LDAP *ld, BerElement *ber ); + +LDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber, ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc *srvlist, LDAPConn *lc, LDAPreqinfo *bind ); +LDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, int connect, LDAPreqinfo *bind ); +LDAP_F (LDAPRequest *) ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid ); +LDAP_F (void) ldap_free_request( LDAP *ld, LDAPRequest *lr ); +LDAP_F (void) ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind ); +LDAP_F (void) ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all ); +LDAP_F (void) ldap_dump_requests_and_responses( LDAP *ld ); +LDAP_F (int) ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp ); +LDAP_F (int) ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, char **referralsp, int *hadrefp ); +LDAP_F (int) ldap_append_referral( LDAP *ld, char **referralsp, char *s ); /* * in result.c: */ #ifdef LDAP_CONNECTIONLESS -LIBLDAP_F (int) cldap_getmsg( LDAP *ld, struct timeval *timeout, BerElement *ber ); +LDAP_F (int) cldap_getmsg( LDAP *ld, struct timeval *timeout, BerElement *ber ); #endif +LDAP_F (char *) ldap_int_msgtype2str( ber_tag_t tag ); /* * in search.c */ -LIBLDAP_F (BerElement *) ldap_build_search_req LDAP_P(( +LDAP_F (BerElement *) ldap_build_search_req LDAP_P(( LDAP *ld, const char *base, ber_int_t scope, @@ -482,13 +480,13 @@ LIBLDAP_F (BerElement *) ldap_build_search_req LDAP_P(( /* * in unbind.c */ -LIBLDAP_F (int) ldap_ld_free LDAP_P(( +LDAP_F (int) ldap_ld_free LDAP_P(( LDAP *ld, int close, LDAPControl **sctrls, LDAPControl **cctrls )); -LIBLDAP_F (int) ldap_send_unbind LDAP_P(( +LDAP_F (int) ldap_send_unbind LDAP_P(( LDAP *ld, Sockbuf *sb, LDAPControl **sctrls, @@ -497,27 +495,27 @@ LIBLDAP_F (int) ldap_send_unbind LDAP_P(( /* * in url.c */ -LIBLDAP_F (LDAPURLDesc *) ldap_url_dup LDAP_P(( +LDAP_F (LDAPURLDesc *) ldap_url_dup LDAP_P(( LDAPURLDesc *ludp )); -LIBLDAP_F (LDAPURLDesc *) ldap_url_duplist LDAP_P(( +LDAP_F (LDAPURLDesc *) ldap_url_duplist LDAP_P(( LDAPURLDesc *ludlist )); -LIBLDAP_F (int) ldap_url_parselist LDAP_P(( +LDAP_F (int) ldap_url_parselist LDAP_P(( LDAPURLDesc **ludlist, const char *url )); -LIBLDAP_F (int) ldap_url_parsehosts LDAP_P(( +LDAP_F (int) ldap_url_parsehosts LDAP_P(( LDAPURLDesc **ludlist, const char *hosts )); -LIBLDAP_F (char *) ldap_url_list2hosts LDAP_P(( +LDAP_F (char *) ldap_url_list2hosts LDAP_P(( LDAPURLDesc *ludlist )); -LIBLDAP_F (char *) ldap_url_list2urls LDAP_P(( +LDAP_F (char *) ldap_url_list2urls LDAP_P(( LDAPURLDesc *ludlist )); -LIBLDAP_F (void) ldap_free_urllist LDAP_P(( +LDAP_F (void) ldap_free_urllist LDAP_P(( LDAPURLDesc *ludlist )); diff --git a/libraries/libldap/ldap.conf b/libraries/libldap/ldap.conf index 1d1b786be7..32fd51d2ed 100644 --- a/libraries/libldap/ldap.conf +++ b/libraries/libldap/ldap.conf @@ -8,10 +8,10 @@ #BASE dc=OpenLDAP, dc=Org #HOST ldap.openldap.org - -#HOST ldap.openldap.org ldap-master.openldap.org:666 #PORT 389 +#URI ldap://ldap.openldap.org ldap://ldap-master.openldap.org:666 + #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never diff --git a/libraries/libldap/messages.c b/libraries/libldap/messages.c index 57cd4dbd43..f829ca7e14 100644 --- a/libraries/libldap/messages.c +++ b/libraries/libldap/messages.c @@ -13,7 +13,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/modify.c b/libraries/libldap/modify.c index 83a4b67a3e..da8b0e6027 100644 --- a/libraries/libldap/modify.c +++ b/libraries/libldap/modify.c @@ -88,11 +88,11 @@ ldap_modify_ext( LDAP *ld, /* for each modification to be performed... */ for ( i = 0; mods[i] != NULL; i++ ) { if (( mods[i]->mod_op & LDAP_MOD_BVALUES) != 0 ) { - rc = ber_printf( ber, "{e{s[V]}}", + rc = ber_printf( ber, "{e{s[V]N}N}", (ber_int_t) ( mods[i]->mod_op & ~LDAP_MOD_BVALUES ), mods[i]->mod_type, mods[i]->mod_bvalues ); } else { - rc = ber_printf( ber, "{e{s[v]}}", + rc = ber_printf( ber, "{e{s[v]N}N}", (ber_int_t) mods[i]->mod_op, mods[i]->mod_type, mods[i]->mod_values ); } @@ -104,7 +104,7 @@ ldap_modify_ext( LDAP *ld, } } - if ( ber_printf( ber, /*{{*/ "}}" ) == -1 ) { + if ( ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); @@ -116,7 +116,7 @@ ldap_modify_ext( LDAP *ld, return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); diff --git a/libraries/libldap/modrdn.c b/libraries/libldap/modrdn.c index 29108a3f38..13678ef041 100644 --- a/libraries/libldap/modrdn.c +++ b/libraries/libldap/modrdn.c @@ -83,13 +83,13 @@ ldap_rename( return( ld->ld_errno ); } - rc = ber_printf( ber, "{it{ssbts}", /* '}' */ + rc = ber_printf( ber, "{it{ssbtsN}", /* '}' */ ++ld->ld_msgid, LDAP_REQ_MODDN, dn, newrdn, (ber_int_t) deleteoldrdn, LDAP_TAG_NEWSUPERIOR, newSuperior ); } else { - rc = ber_printf( ber, "{it{ssb}", /* '}' */ + rc = ber_printf( ber, "{it{ssbN}", /* '}' */ ++ld->ld_msgid, LDAP_REQ_MODDN, dn, newrdn, (ber_int_t) deleteoldrdn ); } @@ -106,7 +106,7 @@ ldap_rename( return ld->ld_errno; } - rc = ber_printf( ber, /*{*/ "}" ); + rc = ber_printf( ber, /*{*/ "N}" ); if ( rc < 0 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); diff --git a/libraries/libldap/options.c b/libraries/libldap/options.c index 879c70f3a8..a45cccecf7 100644 --- a/libraries/libldap/options.c +++ b/libraries/libldap/options.c @@ -591,7 +591,7 @@ ldap_set_option( return LDAP_OPT_ERROR; } -LIBLDAP_F(int) +int ldap_set_rebind_proc( LDAP *ld, LDAP_REBIND_PROC *rebind_proc) { return( ldap_set_option( ld, LDAP_OPT_REBIND_PROC, (void *)rebind_proc)); diff --git a/libraries/libldap/os-local.c b/libraries/libldap/os-local.c index 6d45b2589a..a2cd834308 100644 --- a/libraries/libldap/os-local.c +++ b/libraries/libldap/os-local.c @@ -33,6 +33,7 @@ #endif /* HAVE_IO_H */ #include "ldap-int.h" +#include "ldap_defaults.h" /* int ldap_int_tblsize = 0; */ @@ -110,10 +111,10 @@ ldap_pvt_is_socket_ready(LDAP *ld, int s) #else { /* error slippery */ - struct sockaddr_un sun; + struct sockaddr_un sa; char ch; - int dummy = sizeof(sun); - if ( getpeername( s, (struct sockaddr *) &sun, &dummy ) == -1 ) { + int dummy = sizeof(sa); + if ( getpeername( s, (struct sockaddr *) &sa, &dummy ) == -1 ) { /* XXX: needs to be replace with ber_stream_read() */ read(s, &ch, 1); TRACE; @@ -127,7 +128,7 @@ ldap_pvt_is_socket_ready(LDAP *ld, int s) #undef TRACE static int -ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sun, int async) +ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async) { struct timeval tv, *opt_tv=NULL; fd_set wfds, *z=NULL; @@ -143,7 +144,7 @@ ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sun, int async) if ( ldap_pvt_ndelay_on(ld, s) == -1 ) return ( -1 ); - if ( connect(s, (struct sockaddr *) sun, sizeof(struct sockaddr_un)) == 0 ) + if ( connect(s, (struct sockaddr *) sa, sizeof(struct sockaddr_un)) == 0 ) { if ( ldap_pvt_ndelay_off(ld, s) == -1 ) return ( -1 ); @@ -191,7 +192,7 @@ ldap_connect_to_path(LDAP *ld, Sockbuf *sb, const char *path, int async) } if ( path == NULL || path[0] == '\0' ) { - path = "/tmp/.ldap-sock"; + path = LDAPI_SOCK; } else { if ( strlen(path) > (sizeof( server.sun_path ) - 1) ) { ldap_pvt_set_errno( ENAMETOOLONG ); diff --git a/libraries/libldap/references.c b/libraries/libldap/references.c index c42f652057..9336aa9417 100644 --- a/libraries/libldap/references.c +++ b/libraries/libldap/references.c @@ -13,7 +13,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/request.c b/libraries/libldap/request.c index cb645b18a7..8c348a1552 100644 --- a/libraries/libldap/request.c +++ b/libraries/libldap/request.c @@ -578,7 +578,7 @@ ldap_free_request( LDAP *ld, LDAPRequest *lr ) * * Return value - number of referrals followed */ -LIBLDAP_F(int) +int ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, char **errstrp, int *hadrefp ) { char *unfollowed; @@ -1010,7 +1010,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp, i if ( tag == LDAP_REQ_BIND ) { rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, *dnp ); } else if ( tag == LDAP_REQ_DELETE ) { - rc = ber_printf( ber, "{its}", msgid, tag, *dnp ); + rc = ber_printf( ber, "{itsN}", msgid, tag, *dnp ); } else { rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, *dnp ); } @@ -1024,7 +1024,7 @@ re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp, i if ( tag != LDAP_REQ_DELETE && ( ber_write(ber, tmpber.ber_ptr, ( tmpber.ber_end - tmpber.ber_ptr ), 0) != ( tmpber.ber_end - tmpber.ber_ptr ) || - ber_printf( ber, /*{{*/ "}}" ) == -1 ) ) + ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c index 6fa1ef19fe..3d326ca7c5 100644 --- a/libraries/libldap/result.c +++ b/libraries/libldap/result.c @@ -135,7 +135,8 @@ ldap_result( if ( all == LDAP_MSG_ONE || (lm->lm_msgtype != LDAP_RES_SEARCH_RESULT && lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE /* LDAPv3 */ - && lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY) ) + && lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY + && lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL) ) break; for ( tmp = lm; tmp != NULL; tmp = tmp->lm_chain ) { @@ -382,8 +383,7 @@ try_read1msg( } Debug( LDAP_DEBUG_TRACE, "ldap_read: message type %s msgid %ld, original id %ld\n", - ( tag == LDAP_RES_SEARCH_ENTRY ) ? "entry" : - ( tag == LDAP_RES_SEARCH_REFERENCE ) ? "reference" : "result", + ldap_int_msgtype2str( tag ), (long) lr->lr_msgid, (long) lr->lr_origid ); id = lr->lr_origid; @@ -653,7 +653,8 @@ lr->lr_res_matched ? lr->lr_res_matched : "" ); /* part of a search response - add to end of list of entries */ for ( tmp = l; (tmp->lm_chain != NULL) && ((tmp->lm_chain->lm_msgtype == LDAP_RES_SEARCH_ENTRY) || - (tmp->lm_chain->lm_msgtype == LDAP_RES_SEARCH_REFERENCE)); + (tmp->lm_chain->lm_msgtype == LDAP_RES_SEARCH_REFERENCE) || + (tmp->lm_chain->lm_msgtype == LDAP_RES_EXTENDED_PARTIAL )); tmp = tmp->lm_chain ) ; /* NULL */ tmp->lm_chain = new; @@ -793,6 +794,24 @@ ldap_msgid( LDAPMessage *lm ) } +char * ldap_int_msgtype2str( ber_tag_t tag ) +{ + switch( tag ) { + case LDAP_RES_ADD: return "add"; + case LDAP_RES_BIND: return "bind"; + case LDAP_RES_COMPARE: return "compare"; + case LDAP_RES_DELETE: return "delete"; + case LDAP_RES_EXTENDED: return "extended-result"; + case LDAP_RES_EXTENDED_PARTIAL: return "extended-partial"; + case LDAP_RES_MODIFY: return "modify"; + case LDAP_RES_RENAME: return "rename"; + case LDAP_RES_SEARCH_ENTRY: return "search-entry"; + case LDAP_RES_SEARCH_REFERENCE: return "search-reference"; + case LDAP_RES_SEARCH_RESULT: return "search-result"; + } + return "unknown"; +} + int ldap_msgfree( LDAPMessage *lm ) { diff --git a/libraries/libldap/sasl.c b/libraries/libldap/sasl.c index 1243454d76..a7dab4373a 100644 --- a/libraries/libldap/sasl.c +++ b/libraries/libldap/sasl.c @@ -97,21 +97,21 @@ ldap_sasl_bind( if( mechanism == LDAP_SASL_SIMPLE ) { /* simple bind */ - rc = ber_printf( ber, "{it{istO}" /*}*/, + rc = ber_printf( ber, "{it{istON}" /*}*/, ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_SIMPLE, cred ); } else if ( cred == NULL ) { /* SASL bind w/o creditials */ - rc = ber_printf( ber, "{it{ist{s}}" /*}*/, + rc = ber_printf( ber, "{it{ist{sN}N}" /*}*/, ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_SASL, mechanism ); } else { /* SASL bind w/ creditials */ - rc = ber_printf( ber, "{it{ist{sO}}" /*}*/, + rc = ber_printf( ber, "{it{ist{sON}N}" /*}*/, ++ld->ld_msgid, LDAP_REQ_BIND, ld->ld_version, dn, LDAP_AUTH_SASL, mechanism, cred ); @@ -129,7 +129,7 @@ ldap_sasl_bind( return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return ld->ld_errno; diff --git a/libraries/libldap/schema.c b/libraries/libldap/schema.c index cae5dfc660..a8f85951ba 100644 --- a/libraries/libldap/schema.c +++ b/libraries/libldap/schema.c @@ -13,7 +13,6 @@ #include #include -#include #include #include @@ -131,7 +130,7 @@ append_to_safe_string(safe_string * ss, char * s) } strncpy(&ss->val[ss->pos], s, l); ss->pos += l; - if ( ss->pos > 0 && isspace(ss->val[ss->pos-1]) ) + if ( ss->pos > 0 && LDAP_SPACE(ss->val[ss->pos-1]) ) ss->at_whsp = 1; else ss->at_whsp = 0; @@ -637,7 +636,7 @@ get_token(const char ** sp, char ** token_val) default: kind = TK_BAREWORD; p = *sp; - while ( !isspace(**sp) && + while ( !LDAP_SPACE(**sp) && **sp != '(' && **sp != ')' && **sp != '$' && @@ -665,7 +664,7 @@ get_token(const char ** sp, char ** token_val) static void parse_whsp(const char **sp) { - while (isspace(**sp)) + while (LDAP_SPACE(**sp)) (*sp)++; } @@ -694,7 +693,7 @@ parse_numericoid(const char **sp, int *code, const int flags) } /* Each iteration of this loop gets one decimal string */ while (**sp) { - if ( !isdigit(**sp) ) { + if ( !LDAP_DIGIT(**sp) ) { /* * Initial char is not a digit or char after dot is * not a digit @@ -703,7 +702,7 @@ parse_numericoid(const char **sp, int *code, const int flags) return NULL; } (*sp)++; - while ( isdigit(**sp) ) + while ( LDAP_DIGIT(**sp) ) (*sp)++; if ( **sp != '.' ) break; @@ -838,7 +837,7 @@ parse_noidlen(const char **sp, int *code, int *len, int allow_quoted) if ( **sp == '{' /*}*/ ) { (*sp)++; *len = atoi(*sp); - while ( isdigit(**sp) ) + while ( LDAP_DIGIT(**sp) ) (*sp)++; if ( **sp != /*{*/ '}' ) { *code = LDAP_SCHERR_UNEXPTOKEN; diff --git a/libraries/libldap/search.c b/libraries/libldap/search.c index 4f9984affe..9587adc4a8 100644 --- a/libraries/libldap/search.c +++ b/libraries/libldap/search.c @@ -16,7 +16,6 @@ #include -#include #include #include #include @@ -173,7 +172,7 @@ ldap_search_ext_s( return( ld->ld_errno ); } - if( rc == LDAP_RES_SEARCH_REFERENCE) { + if( rc == LDAP_RES_SEARCH_REFERENCE || rc == LDAP_RES_EXTENDED_PARTIAL ) { return( ld->ld_errno ); } @@ -325,7 +324,7 @@ ldap_build_search_req( return( NULL ); } - if ( ber_printf( ber, /*{*/ "{v}}", attrs ) == -1 ) { + if ( ber_printf( ber, /*{*/ "{v}N}", attrs ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( NULL ); @@ -337,7 +336,7 @@ ldap_build_search_req( return( NULL ); } - if ( ber_printf( ber, /*{*/ "}", attrs ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( NULL ); @@ -523,7 +522,7 @@ put_complex_filter( BerElement *ber, char *str, ber_tag_t tag, int not ) *next++ = ')'; /* flush explicit tagged thang */ - if ( ber_printf( ber, /*{*/ "}" ) == -1 ) + if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) return( NULL ); return( next ); @@ -578,7 +577,7 @@ put_filter( BerElement *ber, char *str ) parens++; /* skip spaces */ - while( isspace( *str ) ) str++; + while( LDAP_SPACE( *str ) ) str++; switch ( *str ) { case '&': @@ -690,7 +689,7 @@ put_filter_list( BerElement *ber, char *str ) Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n", str, 0, 0 ); while ( *str ) { - while ( *str && isspace( (unsigned char) *str ) ) + while ( *str && LDAP_SPACE( (unsigned char) *str ) ) str++; if ( *str == '\0' ) break; @@ -823,7 +822,7 @@ put_simple_filter( ber_slen_t len = ldap_pvt_filter_value_unescape( value ); if( len >= 0 ) { - rc = ber_printf( ber, "totb}", + rc = ber_printf( ber, "totbN}", LDAP_FILTER_EXT_VALUE, value, len, LDAP_FILTER_EXT_DNATTRS, dn != NULL); } else { @@ -852,7 +851,7 @@ put_simple_filter( ber_slen_t len = ldap_pvt_filter_value_unescape( value ); if( len >= 0 ) { - rc = ber_printf( ber, "t{so}", + rc = ber_printf( ber, "t{soN}", ftype, str, value, len ); } } @@ -903,7 +902,7 @@ put_substring_filter( BerElement *ber, char *type, char *val ) gotstar = 1; } - if ( ber_printf( ber, /* {{ */ "}}" ) == -1 ) + if ( ber_printf( ber, /* {{ */ "N}N}" ) == -1 ) return( -1 ); return( 0 ); diff --git a/libraries/libldap/sortctrl.c b/libraries/libldap/sortctrl.c index 3f04a20529..c1374a2c4c 100644 --- a/libraries/libldap/sortctrl.c +++ b/libraries/libldap/sortctrl.c @@ -23,7 +23,6 @@ #include #include #include -#include #include "ldap-int.h" @@ -48,7 +47,7 @@ static int countKeys(char *keyString) for (;;) { - while (isspace(*p)) /* Skip leading whitespace */ + while (LDAP_SPACE(*p)) /* Skip leading whitespace */ p++; if (*p == '\0') /* End of string? */ @@ -56,7 +55,7 @@ static int countKeys(char *keyString) count++; /* Found start of a key */ - while (!isspace(*p)) /* Skip till next space or end of string. */ + while (!LDAP_SPACE(*p)) /* Skip till next space or end of string. */ if (*p++ == '\0') return count; } @@ -92,7 +91,7 @@ static int readNextKey( char **pNextKey, LDAPSortKey **key) int oidLen = 0; /* Skip leading white space. */ - while (isspace(*p)) + while (LDAP_SPACE(*p)) p++; if (*p == '-') /* Check if the reverse flag is present. */ @@ -171,7 +170,7 @@ static int readNextKey( char **pNextKey, LDAPSortKey **key) ---------------------------------------------------------------------------*/ -LIBLDAP_F(int) +int ldap_create_sort_keylist ( LDAPSortKey ***sortKeyList, char *keyString ) { int numKeys, rc, i; @@ -221,7 +220,7 @@ ldap_create_sort_keylist ( LDAPSortKey ***sortKeyList, char *keyString ) keyList (IN) Points to an array of pointers to LDAPSortKey structures. ---------------------------------------------------------------------------*/ -LIBLDAP_F(void) +void ldap_free_sort_keylist ( LDAPSortKey **keyList ) { int i; @@ -276,7 +275,7 @@ ldap_free_sort_keylist ( LDAPSortKey **keyList ) ---------------------------------------------------------------------------*/ -LIBLDAP_F( int ) +int ldap_create_sort_control ( LDAP *ld, LDAPSortKey **keyList, @@ -321,11 +320,11 @@ ldap_create_sort_control ( if( tag == LBER_ERROR ) goto exit; } - tag = ber_printf(ber, /*{*/ "}"); + tag = ber_printf(ber, /*{*/ "N}"); if( tag == LBER_ERROR ) goto exit; } - tag = ber_printf(ber, /*{*/ "}"); + tag = ber_printf(ber, /*{*/ "N}"); if( tag == LBER_ERROR ) goto exit; ld->ld_errno = ldap_int_create_control( LDAP_CONTROL_SORTREQUEST, @@ -391,7 +390,7 @@ exit: attributeType [0] AttributeDescription OPTIONAL } ---------------------------------------------------------------------------*/ -LIBLDAP_F( int ) +int ldap_parse_sort_control( LDAP *ld, LDAPControl **ctrls, diff --git a/libraries/libldap/ufn.c b/libraries/libldap/ufn.c index d5e1a5206b..db21748c8d 100644 --- a/libraries/libldap/ufn.c +++ b/libraries/libldap/ufn.c @@ -16,7 +16,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/unbind.c b/libraries/libldap/unbind.c index 36810f3d8d..98a559669f 100644 --- a/libraries/libldap/unbind.c +++ b/libraries/libldap/unbind.c @@ -200,7 +200,7 @@ ldap_send_unbind( return ld->ld_errno; } - if ( ber_printf( ber, /*{*/ "}", LDAP_REQ_UNBIND ) == -1 ) { + if ( ber_printf( ber, /*{*/ "N}", LDAP_REQ_UNBIND ) == -1 ) { ld->ld_errno = LDAP_ENCODING_ERROR; ber_free( ber, 1 ); return( ld->ld_errno ); diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c index 468ad4d295..e6cf9e0753 100644 --- a/libraries/libldap/url.c +++ b/libraries/libldap/url.c @@ -28,7 +28,6 @@ #include -#include #include #include #include diff --git a/libraries/libldap/vlvctrl.c b/libraries/libldap/vlvctrl.c index 04b5526a65..889de2f411 100644 --- a/libraries/libldap/vlvctrl.c +++ b/libraries/libldap/vlvctrl.c @@ -22,7 +22,6 @@ #include #include #include -#include #include "ldap-int.h" @@ -72,7 +71,7 @@ ---*/ -LIBLDAP_F( int ) +int ldap_create_vlv_control( LDAP *ld, LDAPVLVInfo *vlvinfop, LDAPControl **ctrlp ) @@ -96,7 +95,7 @@ ldap_create_vlv_control( LDAP *ld, if( tag == LBER_ERROR ) goto exit; if (vlvinfop->ldvlv_attrvalue == NULL) { - tag = ber_printf(ber, "t{ii}", + tag = ber_printf(ber, "t{iiN}", LDAP_VLVBYINDEX_IDENTIFIER, vlvinfop->ldvlv_offset, vlvinfop->ldvlv_count); @@ -116,7 +115,7 @@ ldap_create_vlv_control( LDAP *ld, if( tag == LBER_ERROR ) goto exit; } - tag = ber_printf(ber, /*{*/ "}"); + tag = ber_printf(ber, /*{*/ "N}"); if( tag == LBER_ERROR ) goto exit; ld->ld_errno = ldap_int_create_control( @@ -188,7 +187,7 @@ exit: ---*/ -LIBLDAP_F( int ) +int ldap_parse_vlv_control( LDAP *ld, LDAPControl **ctrls, diff --git a/libraries/libldap_r/Makefile.in b/libraries/libldap_r/Makefile.in index a95fec2275..9ade237ee5 100644 --- a/libraries/libldap_r/Makefile.in +++ b/libraries/libldap_r/Makefile.in @@ -48,8 +48,8 @@ XXXLIBS = $(LTHREAD_LIBS) LINKAGE = @LT_LIB_LINKAGE@ NT_DYN_LIB_LIBS = -llber -llutil $(AC_LIBS) -NT_DYN_LIB_DEFS = -DLIBLBER_DECL=dllimport -NT_DYN_TEST_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_LIB_DEFS = -DLBER_DECL=dllimport +NT_DYN_TEST_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport NT_XXLIBS = $(SECURITY_LIBS) diff --git a/libraries/libldap_r/tpool.c b/libraries/libldap_r/tpool.c index d65dc0eeb9..ba44fb22cc 100644 --- a/libraries/libldap_r/tpool.c +++ b/libraries/libldap_r/tpool.c @@ -44,6 +44,7 @@ struct ldap_int_thread_pool_s { long ltp_pending_count; long ltp_active_count; long ltp_open_count; + long ltp_starting; }; typedef struct ldap_int_thread_ctx_s { @@ -87,9 +88,8 @@ ldap_pvt_thread_pool_init ( int max_concurrency, int max_pending ) { - int rc; ldap_pvt_thread_pool_t pool; - ldap_pvt_thread_t thr; + int rc; *tpool = NULL; pool = (ldap_pvt_thread_pool_t) LDAP_CALLOC(1, @@ -97,8 +97,12 @@ ldap_pvt_thread_pool_init ( if (pool == NULL) return(-1); - ldap_pvt_thread_mutex_init(&pool->ltp_mutex); - ldap_pvt_thread_cond_init(&pool->ltp_cond); + rc = ldap_pvt_thread_mutex_init(&pool->ltp_mutex); + if (rc != 0) + return(rc); + rc = ldap_pvt_thread_cond_init(&pool->ltp_cond); + if (rc != 0) + return(rc); pool->ltp_state = LDAP_INT_THREAD_POOL_RUNNING; pool->ltp_max_count = max_concurrency; pool->ltp_max_pending = max_pending; @@ -106,9 +110,24 @@ ldap_pvt_thread_pool_init ( ldap_int_thread_enlist(&ldap_int_thread_pool_list, pool); ldap_pvt_thread_mutex_unlock(&ldap_pvt_thread_pool_mutex); - /* start up one thread, just so there is one */ +#if 0 + /* THIS WILL NOT WORK on some systems. If the process + * forks after starting a thread, there is no guarantee + * that the thread will survive the fork. For example, + * slapd forks in order to daemonize, and does so after + * calling ldap_pvt_thread_pool_init. On some systems, + * this initial thread does not run in the child process, + * but ltp_open_count == 1, so two things happen: + * 1) the first client connection fails, and 2) when + * slapd is kill'ed, it never terminates since it waits + * for all worker threads to exit. + + /* start up one thread, just so there is one. no need to + * lock the mutex right now, since no threads are running. + */ pool->ltp_open_count++; + ldap_pvt_thread_t thr; rc = ldap_pvt_thread_create( &thr, 1, (void *) ldap_int_thread_pool_wrapper, pool ); @@ -122,6 +141,7 @@ ldap_pvt_thread_pool_init ( free(pool); return(-1); } +#endif *tpool = pool; return(0); @@ -172,6 +192,7 @@ ldap_pvt_thread_pool_submit ( || pool->ltp_open_count < pool->ltp_max_count)) { pool->ltp_open_count++; + pool->ltp_starting++; need_thread = 1; } ldap_pvt_thread_mutex_unlock(&pool->ltp_mutex); @@ -179,15 +200,17 @@ ldap_pvt_thread_pool_submit ( if (need_thread) { int rc = ldap_pvt_thread_create( &thr, 1, (void *)ldap_int_thread_pool_wrapper, pool ); - if (rc != 0) { + ldap_pvt_thread_mutex_lock(&pool->ltp_mutex); + if (rc == 0) { + pool->ltp_starting--; + } else { /* couldn't create thread. back out of * ltp_open_count and check for even worse things. */ - ldap_pvt_thread_mutex_lock(&pool->ltp_mutex); pool->ltp_open_count--; + pool->ltp_starting--; if (pool->ltp_open_count == 0) { - /* no open threads at all?!? this will never happen - * because we always leave at least one thread open. + /* no open threads at all?!? */ if (ldap_int_thread_delist(&pool->ltp_pending_list, ctx)) { /* no open threads, context not handled, so @@ -200,13 +223,13 @@ ldap_pvt_thread_pool_submit ( return(-1); } } - ldap_pvt_thread_mutex_unlock(&pool->ltp_mutex); /* there is another open thread, so this * context will be handled eventually. * continue on and signal that the context * is waiting. */ } + ldap_pvt_thread_mutex_unlock(&pool->ltp_mutex); } return(0); @@ -305,7 +328,10 @@ ldap_int_thread_pool_wrapper ( /* we could check an idle timer here, and let the * thread die if it has been inactive for a while. * only die if there are other open threads (i.e., - * always have at least one thread open). + * always have at least one thread open). the check + * should be like this: + * if (pool->ltp_open_count > 1 && pool->ltp_starting == 0) + * check timer, leave thread (break;) */ if (pool->ltp_state == LDAP_INT_THREAD_POOL_RUNNING) diff --git a/libraries/libldbm/Makefile.in b/libraries/libldbm/Makefile.in index a2679ab8a6..b5885fca00 100644 --- a/libraries/libldbm/Makefile.in +++ b/libraries/libldbm/Makefile.in @@ -13,7 +13,7 @@ OBJS = ldbm.o LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries -NT_DYN_LIB_DEFS = -DLIBLDAP_DECL=dllimport +NT_DYN_LIB_DEFS = -DLDAP_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_LIB_DEFS) XLIBS = -lldbm -lavl diff --git a/libraries/libldif/Makefile.in b/libraries/libldif/Makefile.in index c15f30be93..8decced43f 100644 --- a/libraries/libldif/Makefile.in +++ b/libraries/libldif/Makefile.in @@ -12,6 +12,6 @@ OBJS = line64.o fetch.o LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries -NT_DYN_LIB_DEFS = -DLIBLDAP_DECL=dllimport -DLIBLBER_DECL=dllimport +NT_DYN_LIB_DEFS = -DLDAP_DECL=dllimport -DLBER_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_LIB_DEFS) diff --git a/libraries/libldif/fetch.c b/libraries/libldif/fetch.c index 4dc179bbc5..daf9034598 100644 --- a/libraries/libldif/fetch.c +++ b/libraries/libldif/fetch.c @@ -59,7 +59,7 @@ ldif_fetch_url( p = ber_strdup( p ); ldap_pvt_hex_unescape( p ); - url = fopen( p, "r" ); + url = fopen( p, "rb" ); } else { return -1; @@ -79,7 +79,7 @@ ldif_fetch_url( fclose( url ); return -1; } - newp = p; + p = newp; SAFEMEMCPY( &p[total], buffer, bytes ); total += bytes; } diff --git a/libraries/libldif/line64.c b/libraries/libldif/line64.c index 7ee83d8e6a..e4a85a226d 100644 --- a/libraries/libldif/line64.c +++ b/libraries/libldif/line64.c @@ -314,18 +314,15 @@ ldif_sput( /* prefix */ switch( type ) { case LDIF_PUT_COMMENT: - if( name != NULL ) break; - *(*out)++ = '#'; len++; if( vlen ) { *(*out)++ = ' '; len++; - break; } - /* no value, fall-thru */ + break; case LDIF_PUT_SEP: *(*out)++ = '\n'; diff --git a/libraries/liblutil/Makefile.in b/libraries/liblutil/Makefile.in index 87192d2970..be9f2a08d5 100644 --- a/libraries/liblutil/Makefile.in +++ b/libraries/liblutil/Makefile.in @@ -24,7 +24,7 @@ OBJS = base64.o debug.o entropy.o \ LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries -NT_DYN_LIB_DEFS = -DLIBLDAP_DECL=dllimport +NT_DYN_LIB_DEFS = -DLDAP_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_LIB_DEFS) # These rules are for a Mingw32 build, specifically. diff --git a/libraries/liblutil/passwd.dsw b/libraries/liblutil/passwd.dsw deleted file mode 100644 index 4746b7401d..0000000000 --- a/libraries/liblutil/passwd.dsw +++ /dev/null @@ -1,44 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 5.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -############################################################################### - -Project: "passwd"=.\passwd.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ - Begin Project Dependency - Project_Dep_Name liblber - End Project Dependency -}}} - -############################################################################### - -Project: "liblber"=.\liblber.dsp - Package Owner=<4> - -Package=<5> -{{{ -}}} - -Package=<4> -{{{ -}}} - -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/libraries/liblutil/tempnam.c b/libraries/liblutil/tempnam.c index 024f1fd725..fa455c0c75 100644 --- a/libraries/liblutil/tempnam.c +++ b/libraries/liblutil/tempnam.c @@ -17,7 +17,7 @@ char * char *s; if ( dir == NULL ) { - dir = "/tmp"; + dir = LDAP_TMPDIR; } /* diff --git a/servers/slapd/Makefile.in b/servers/slapd/Makefile.in index 8d618e927b..c27ebbd315 100644 --- a/servers/slapd/Makefile.in +++ b/servers/slapd/Makefile.in @@ -17,7 +17,7 @@ SRCS = main.c daemon.c connection.c search.c filter.c add.c charray.c \ repl.c lock.c controls.c extended.c kerberos.c passwd.c \ schema.c schema_check.c schema_init.c schema_prep.c \ schemaparse.c ad.c at.c mr.c syntax.c oc.c \ - monitor.c configinfo.c starttls.c index.c \ + monitor.c configinfo.c starttls.c index.c sets.c\ root_dse.c sasl.c module.c suffixalias.c $(@PLAT@_SRCS) OBJS = main.o daemon.o connection.o search.o filter.o add.o charray.o \ @@ -28,7 +28,7 @@ OBJS = main.o daemon.o connection.o search.o filter.o add.o charray.o \ repl.o lock.o controls.o extended.o kerberos.o passwd.o \ schema.o schema_check.o schema_init.o schema_prep.o \ schemaparse.o ad.o at.o mr.o syntax.o oc.o \ - monitor.o configinfo.o starttls.o index.o \ + monitor.o configinfo.o starttls.o index.o sets.o\ root_dse.o sasl.o module.o suffixalias.o $(@PLAT@_OBJS) LDAP_INCDIR= ../../include @@ -52,7 +52,7 @@ BUILD_SRV = @BUILD_SLAPD@ all-local-srv: all-cffiles -NT_DYN_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport DEFINES = $(@PLAT@_@LIB_LINKAGE@_DEFS) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index c942737821..4dacfc06e9 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -14,6 +14,7 @@ #include #include "slap.h" +#include "sets.h" static AccessControl * acl_get( AccessControl *ac, int *count, @@ -50,6 +51,9 @@ static void string_expand( char *newbuf, int bufsiz, char *pattern, char *match, regmatch_t *matches); +char **aci_set_gather (void *cookie, char *name, char *attr); +static int aci_match_set ( struct berval *subj, Backend *be, + Entry *e, Connection *conn, Operation *op, int setref ); /* * access_allowed - check whether op->o_ndn is allowed the requested access @@ -565,9 +569,9 @@ acl_mask( /* target is attribute, check if the attribute value * is the op dn. */ - rc = value_match( &match, b->a_dn_at, - b->a_dn_at->ad_type->sat_equality, - val, &bv, &text ); + rc = value_match( &match, b->a_dn_at, + b->a_dn_at->ad_type->sat_equality, 0, + val, &bv, &text ); /* on match error or no match, fail the ACL clause */ if (rc != LDAP_SUCCESS || match != 0 ) continue; @@ -584,9 +588,10 @@ acl_mask( /* target is attribute, check if the attribute value * is the op dn. */ - rc = value_match( &match, b->a_dn_at, - b->a_dn_at->ad_type->sat_equality, - val, &bv, &text ); + rc = value_match( &match, b->a_dn_at, + b->a_dn_at->ad_type->sat_equality, 0, + val, &bv, &text ); + /* on match error or no match, fail the ACL clause */ if (rc != LDAP_SUCCESS || match != 0 ) continue; @@ -601,7 +606,7 @@ acl_mask( * the values in the attribute group */ /* see if asker is listed in dnattr */ - if ( b->a_group_style != ACL_STYLE_REGEX ) { + if ( b->a_group_style == ACL_STYLE_REGEX ) { string_expand(buf, sizeof(buf), b->a_group_pat, e->e_ndn, matches); if ( dn_normalize(buf) == NULL ) { /* did not expand to a valid dn */ @@ -619,6 +624,16 @@ acl_mask( } } + if ( b->a_set_pat != NULL ) { + struct berval bv; + + bv.bv_val = b->a_set_pat; + bv.bv_len = strlen(b->a_set_pat); + if (aci_match_set( &bv, be, e, conn, op, 0 ) == 0) { + continue; + } + } + #ifdef SLAPD_ACI_ENABLED if ( b->a_aci_at != NULL ) { Attribute *at; @@ -855,7 +870,6 @@ acl_check_modlist( return( 1 ); } -#ifdef SLAPD_ACI_ENABLED static char * aci_bvstrdup( struct berval *bv ) { @@ -926,6 +940,126 @@ aci_get_part( return(bv->bv_len); } +char ** +aci_set_gather (void *cookie, char *name, char *attr) +{ + struct { + Backend *be; + Entry *e; + Connection *conn; + Operation *op; + } *cp = (void *)cookie; + struct berval **bvals = NULL; + char **vals = NULL; + char *ndn; + int i; + + /* this routine needs to return the bervals instead of + * plain strings, since syntax is not known. It should + * also return the syntax or some "comparison cookie". + */ + + if ((ndn = ch_strdup(name)) != NULL) { + if (dn_normalize(ndn) != NULL) { + char *text; + AttributeDescription *desc = NULL; + if (slap_str2ad(attr, &desc, &text) == 0) { + backend_attribute(cp->be, NULL /*cp->conn*/, + NULL /*cp->op*/, cp->e, + ndn, desc, &bvals); + if (bvals != NULL) { + for (i = 0; bvals[i] != NULL; i++) { } + vals = ch_calloc(i + 1, sizeof(char *)); + if (vals != NULL) { + while (--i >= 0) { + vals[i] = bvals[i]->bv_val; + bvals[i]->bv_val = NULL; + } + } + ber_bvecfree(bvals); + } + ad_free(desc, 1); + } + } + ch_free(ndn); + } + return(vals); +} + +static int +aci_match_set ( + struct berval *subj, + Backend *be, + Entry *e, + Connection *conn, + Operation *op, + int setref +) +{ + char *set = NULL; + int rc = 0; + struct { + Backend *be; + Entry *e; + Connection *conn; + Operation *op; + } cookie; + + if (setref == 0) { + set = aci_bvstrdup(subj); + } else { + struct berval bv; + char *subjdn; + char *setat; + struct berval **bvals; + char *text; + AttributeDescription *desc = NULL; + + /* format of string is "entry/setAttrName" */ + if (aci_get_part(subj, 0, '/', &bv) < 0) { + return(0); + } + + subjdn = aci_bvstrdup(&bv); + if ( subjdn == NULL ) { + return(0); + } + + if ( aci_get_part(subj, 1, '/', &bv) < 0 ) { + setat = ch_strdup( SLAPD_ACI_SET_ATTR ); + } else { + setat = aci_bvstrdup(&bv); + } + if ( setat != NULL ) { + if ( dn_normalize(subjdn) != NULL + && slap_str2ad(setat, &desc, &text) == 0 ) + { + backend_attribute(be, NULL, NULL, e, + subjdn, desc, &bvals); + ad_free(desc, 1); + if ( bvals != NULL ) { + if ( bvals[0] != NULL ) + set = ch_strdup(bvals[0]->bv_val); + ber_bvecfree(bvals); + } + } + ch_free(setat); + } + ch_free(subjdn); + } + + if (set != NULL) { + cookie.be = be; + cookie.e = e; + cookie.conn = conn; + cookie.op = op; + rc = (set_filter(aci_set_gather, &cookie, set, op->o_ndn, e->e_ndn, NULL) > 0); + ch_free(set); + } + return(rc); +} + +#ifdef SLAPD_ACI_ENABLED static int aci_list_map_rights( struct berval *list ) @@ -1262,6 +1396,14 @@ aci_mask( if (aci_group_member(&sdn, SLAPD_ROLE_CLASS, SLAPD_ROLE_ATTR, be, e, op, matches)) return(1); + } else if (aci_strbvcmp( "set", &bv ) == 0) { + if (aci_match_set(&sdn, be, e, conn, op, 0)) + return(1); + + } else if (aci_strbvcmp( "set-ref", &bv ) == 0) { + if (aci_match_set(&sdn, be, e, conn, op, 1)) + return(1); + } return(0); diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index 8d64d9aad8..f41c702ca6 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -279,7 +279,7 @@ parse_acl( { sty = ACL_STYLE_REGEX; } else if ( strcasecmp( style, "exact" ) == 0 ) { - sty = ACL_STYLE_BASE; + sty = ACL_STYLE_EXACT; } else if ( strcasecmp( style, "base" ) == 0 ) { sty = ACL_STYLE_BASE; } else if ( strcasecmp( style, "one" ) == 0 ) { @@ -466,7 +466,6 @@ parse_acl( } } -#if 0 if( is_object_subclass( b->a_group_oc, slap_schema.si_oc_referral ) ) { @@ -486,7 +485,6 @@ parse_acl( fname, lineno, value ); acl_usage(); } -#endif if (name && *name) { rc = slap_str2ad( right, &b->a_group_at, &text ); @@ -609,6 +607,27 @@ parse_acl( continue; } + if ( strcasecmp( left, "set" ) == 0 ) { + if( b->a_set_pat != NULL ) { + fprintf( stderr, + "%s: line %d: set attribute already specified.\n", + fname, lineno ); + acl_usage(); + } + + if ( right == NULL || *right == '\0' ) { + fprintf( stderr, + "%s: line %d: no set is defined\n", + fname, lineno ); + acl_usage(); + } + + b->a_set_style = sty; + b->a_set_pat = ch_strdup(right); + + continue; + } + #ifdef SLAPD_ACI_ENABLED if ( strcasecmp( left, "aci" ) == 0 ) { if( b->a_aci_at != NULL ) { @@ -866,7 +885,7 @@ str2accessmask( const char *str ) { slap_access_mask_t mask; - if( !isalpha(str[0]) ) { + if( !ASCII_ALPHA(str[0]) ) { int i; if ( str[0] == '=' ) { diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c index 96078b257d..701534a766 100644 --- a/servers/slapd/ad.c +++ b/servers/slapd/ad.c @@ -243,3 +243,54 @@ int ad_inlist( } +int slap_str2undef_ad( + const char *str, + AttributeDescription **ad, + const char **text ) +{ + struct berval bv; + bv.bv_val = (char *) str; + bv.bv_len = strlen( str ); + + return slap_bv2undef_ad( &bv, ad, text ); +} + +int slap_bv2undef_ad( + struct berval *bv, + AttributeDescription **ad, + const char **text ) +{ + AttributeDescription desc; + + assert( ad != NULL ); + assert( *ad == NULL ); /* temporary */ + + if( bv == NULL || bv->bv_len == 0 ) { + *text = "empty attribute description"; + return LDAP_UNDEFINED_TYPE; + } + + /* make sure description is IA5 */ + if( ad_keystring( bv ) ) { + *text = "attribute description contains inappropriate characters"; + return LDAP_UNDEFINED_TYPE; + } + + desc.ad_type = slap_schema.si_at_undefined; + desc.ad_flags = SLAP_DESC_NONE; + desc.ad_lang = NULL; + + desc.ad_cname = ber_bvdup( bv ); + + /* canoncial to upper case */ + ldap_pvt_str2upper( bv->bv_val ); + + if( *ad == NULL ) { + *ad = ch_malloc( sizeof( AttributeDescription ) ); + } + + **ad = desc; + + return LDAP_SUCCESS; +} + diff --git a/servers/slapd/add.c b/servers/slapd/add.c index 347496d1b1..e45ded2ae6 100644 --- a/servers/slapd/add.c +++ b/servers/slapd/add.c @@ -285,8 +285,34 @@ static int slap_mods2entry( attr = attr_find( (*e)->e_attrs, mods->sml_desc ); if( attr != NULL ) { +#define SLURPD_FRIENDLY +#ifdef SLURPD_FRIENDLY + ber_len_t i,j; + + for( i=0; attr->a_vals[i]; i++ ) { + /* count them */ + } + for( j=0; mods->sml_bvalues[j]; j++ ) { + /* count them */ + } + j++; /* NULL */ + + attr->a_vals = ch_realloc( attr->a_vals, + sizeof( struct berval * ) * (i+j) ); + + /* should check for duplicates */ + memcpy( &attr->a_vals[i], mods->sml_bvalues, + sizeof( struct berval * ) * j ); + + /* trim the mods array */ + ch_free( mods->sml_bvalues ); + mods->sml_bvalues = NULL; + + continue; +#else *text = "attribute provided more than once"; - return LDAP_OPERATIONS_ERROR; + return LDAP_TYPE_OR_VALUE_EXISTS; +#endif } attr = ch_calloc( 1, sizeof(Attribute) ); diff --git a/servers/slapd/back-dnssrv/init.c b/servers/slapd/back-dnssrv/init.c index d2c44b4d30..d1e0091d86 100644 --- a/servers/slapd/back-dnssrv/init.c +++ b/servers/slapd/back-dnssrv/init.c @@ -66,6 +66,7 @@ dnssrv_back_initialize( bi->bi_extended = 0; bi->bi_acl_group = 0; + bi->bi_acl_attribute = 0; #ifdef HAVE_CYRUS_SASL bi->bi_sasl_authorize = 0; diff --git a/servers/slapd/back-ldap/Makefile.in b/servers/slapd/back-ldap/Makefile.in index 99808c446e..2f740a1e5d 100644 --- a/servers/slapd/back-ldap/Makefile.in +++ b/servers/slapd/back-ldap/Makefile.in @@ -1,9 +1,9 @@ # $OpenLDAP$ SRCS = init.c config.c search.c bind.c unbind.c add.c compare.c \ - delete.c modify.c modrdn.c group.c + delete.c modify.c modrdn.c group.c attribute.c OBJS = init.lo config.lo search.lo bind.lo unbind.lo add.lo compare.lo \ - delete.lo modify.lo modrdn.lo group.lo + delete.lo modify.lo modrdn.lo group.lo attribute.lo LDAP_INCDIR= ../../../include LDAP_LIBDIR= ../../../libraries diff --git a/servers/slapd/back-ldap/attribute.c b/servers/slapd/back-ldap/attribute.c new file mode 100644 index 0000000000..df465f6619 --- /dev/null +++ b/servers/slapd/back-ldap/attribute.c @@ -0,0 +1,105 @@ +/* group.c - ldap backend acl group routine */ +/* $OpenLDAP$ */ +/* + * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include "portable.h" + +#include + +#include +#include + +#include "slap.h" +#include "back-ldap.h" + + +/* return 0 IFF we can retrieve the attributes + * of entry with e_ndn + */ +int +ldap_back_attribute( + Backend *be, + Connection *conn, + Operation *op, + Entry *target, + const char *e_ndn, + AttributeDescription *entry_at, + struct berval ***vals +) +{ + struct ldapinfo *li = (struct ldapinfo *) be->be_private; + int rc = 1, i, j, count; + Attribute *attr; + struct berval **abv, **v; + char **vs; + LDAPMessage *result, *e; + char *gattr[2]; + LDAP *ld; + + *vals = NULL; + if (target != NULL && strcmp(target->e_ndn, e_ndn) == 0) { + /* we already have a copy of the entry */ + if ((attr = attr_find(target->e_attrs, entry_at)) == NULL) + return(1); + + for ( count = 0; attr->a_vals[count] != NULL; count++ ) { } + v = (struct berval **) ch_calloc( (count + 1), sizeof(struct berval *) ); + if (v != NULL) { + for ( j = 0, abv = attr->a_vals; --count >= 0; abv++ ) { + if ( (*abv)->bv_len > 0 ) { + v[j] = ber_bvdup( *abv ); + if( v[j] == NULL ) + break; + } + } + v[j] = NULL; + *vals = v; + rc = 0; + } + + } else { + if (ldap_initialize(&ld, li->url) != LDAP_SUCCESS) { + return(1); + } + + if (ldap_bind_s(ld, li->binddn, li->bindpw, LDAP_AUTH_SIMPLE) == LDAP_SUCCESS) { + gattr[0] = entry_at->ad_cname->bv_val; + gattr[1] = NULL; + if (ldap_search_ext_s(ld, e_ndn, LDAP_SCOPE_BASE, "(objectclass=*)", + gattr, 0, NULL, NULL, LDAP_NO_LIMIT, + LDAP_NO_LIMIT, &result) == LDAP_SUCCESS) + { + if ((e = ldap_first_entry(ld, result)) != NULL) { + vs = ldap_get_values(ld, e, entry_at->ad_cname->bv_val); + if (vs != NULL) { + for ( count = 0; vs[count] != NULL; count++ ) { } + v = (struct berval **) ch_calloc( (count + 1), sizeof(struct berval *) ); + if (v == NULL) { + ldap_value_free(vs); + } else { + for ( i = 0, j = 0; i < count; i++) { + v[j] = ber_bvstr( vs[i] ); + if( v[j] == NULL ) + ch_free(vs[i]); + else + j++; + } + v[j] = NULL; + *vals = v; + rc = 0; + ch_free(vs); + } + } + } + ldap_msgfree(result); + } + } + ldap_unbind(ld); + } + + return(rc); +} + diff --git a/servers/slapd/back-ldap/external.h b/servers/slapd/back-ldap/external.h index 46c39edcac..bef70998bc 100644 --- a/servers/slapd/back-ldap/external.h +++ b/servers/slapd/back-ldap/external.h @@ -62,6 +62,13 @@ extern int ldap_back_group LDAP_P(( BackendDB *bd, ObjectClass* group_oc, AttributeDescription* group_at)); +extern int ldap_back_attribute LDAP_P(( BackendDB *bd, + Connection *conn, Operation *op, + Entry *target, + const char* e_ndn, + AttributeDescription* entry_at, + struct berval ***vals)); + LDAP_END_DECL #endif /* _LDAP_EXTERNAL_H */ diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c index f18d3acb17..eb62b343b0 100644 --- a/servers/slapd/back-ldap/init.c +++ b/servers/slapd/back-ldap/init.c @@ -75,6 +75,7 @@ ldap_back_initialize( bi->bi_extended = 0; bi->bi_acl_group = ldap_back_group; + bi->bi_acl_attribute = ldap_back_attribute; bi->bi_chk_referrals = 0; #ifdef HAVE_CYRUS_SASL diff --git a/servers/slapd/back-ldbm/Makefile.in b/servers/slapd/back-ldbm/Makefile.in index af5e34410f..bdd26ae661 100644 --- a/servers/slapd/back-ldbm/Makefile.in +++ b/servers/slapd/back-ldbm/Makefile.in @@ -4,12 +4,12 @@ SRCS = idl.c add.c search.c cache.c dbcache.c dn2id.c entry.c id2entry.c \ index.c id2children.c nextid.c abandon.c compare.c group.c \ modify.c modrdn.c delete.c init.c config.c bind.c attr.c \ filterindex.c unbind.c close.c alias.c tools.c key.c \ - extended.c passwd.c sasl.c referral.c + extended.c passwd.c sasl.c referral.c attribute.c OBJS = idl.lo add.lo search.lo cache.lo dbcache.lo dn2id.lo entry.lo id2entry.lo \ index.lo id2children.lo nextid.lo abandon.lo compare.lo group.lo \ modify.lo modrdn.lo delete.lo init.lo config.lo bind.lo attr.lo \ filterindex.lo unbind.lo close.lo alias.lo tools.lo key.lo \ - extended.lo passwd.lo sasl.lo referral.lo + extended.lo passwd.lo sasl.lo referral.lo attribute.lo LDAP_INCDIR= ../../../include LDAP_LIBDIR= ../../../libraries @@ -18,7 +18,7 @@ BUILD_OPT = "--enable-ldbm" BUILD_MOD = @BUILD_LDBM@ LINKAGE = @BUILD_LDBM_DYNAMIC@ -DYN_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +DYN_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport # TODO #NT_mod_DYN_MODDEFS = diff --git a/servers/slapd/back-ldbm/attribute.c b/servers/slapd/back-ldbm/attribute.c new file mode 100644 index 0000000000..a76d437415 --- /dev/null +++ b/servers/slapd/back-ldbm/attribute.c @@ -0,0 +1,152 @@ +/* attribute.c - ldbm backend acl attribute routine */ +/* $OpenLDAP$ */ +/* + * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include "portable.h" + +#include + +#include +#include + +#include "slap.h" +#include "back-ldbm.h" +#include "proto-back-ldbm.h" + + +/* return LDAP_SUCCESS IFF we can retrieve the attributes + * of entry with e_ndn + */ +int +ldbm_back_attribute( + Backend *be, + Connection *conn, + Operation *op, + Entry *target, + const char *e_ndn, + AttributeDescription *entry_at, + struct berval ***vals +) +{ + struct ldbminfo *li = (struct ldbminfo *) be->be_private; + Entry *e; + int i, j, rc; + Attribute *attr; + struct berval **v; + const char *entry_at_name = entry_at->ad_cname->bv_val; + + Debug( LDAP_DEBUG_ARGS, + "=> ldbm_back_attribute: gr dn: \"%s\"\n", + e_ndn, 0, 0 ); + Debug( LDAP_DEBUG_ARGS, + "=> ldbm_back_attribute: at: \"%s\"\n", + entry_at_name, 0, 0 ); + + Debug( LDAP_DEBUG_ARGS, + "=> ldbm_back_attribute: tr dn: \"%s\"\n", + target ? target->e_ndn : "", 0, 0 ); + + if (target != NULL && strcmp(target->e_ndn, e_ndn) == 0) { + /* we already have a LOCKED copy of the entry */ + e = target; + Debug( LDAP_DEBUG_ARGS, + "=> ldbm_back_attribute: target is entry: \"%s\"\n", + e_ndn, 0, 0 ); + + } else { + /* can we find entry with reader lock */ + if ((e = dn2entry_r(be, e_ndn, NULL )) == NULL) { + Debug( LDAP_DEBUG_ACL, + "=> ldbm_back_attribute: cannot find entry: \"%s\"\n", + e_ndn, 0, 0 ); + return LDAP_NO_SUCH_OBJECT; + } + + Debug( LDAP_DEBUG_ACL, + "=> ldbm_back_attribute: found entry: \"%s\"\n", + e_ndn, 0, 0 ); + } + + /* find attribute values */ + + if( is_entry_alias( e ) ) { + Debug( LDAP_DEBUG_ACL, + "<= ldbm_back_attribute: entry is an alias\n", 0, 0, 0 ); + rc = LDAP_ALIAS_PROBLEM; + goto return_results; + } + + if( is_entry_referral( e ) ) { + Debug( LDAP_DEBUG_ACL, + "<= ldbm_back_attribute: entry is an referral\n", 0, 0, 0 ); + rc = LDAP_REFERRAL; + goto return_results; + } + + if (conn != NULL && op != NULL + && access_allowed(be, conn, op, e, slap_schema.si_ad_entry, + NULL, ACL_READ) == 0) + { + rc = LDAP_INSUFFICIENT_ACCESS; + goto return_results; + } + + if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) { + Debug( LDAP_DEBUG_ACL, + "<= ldbm_back_attribute: failed to find %s\n", + entry_at_name, 0, 0 ); + rc = LDAP_NO_SUCH_ATTRIBUTE; + goto return_results; + } + + if (conn != NULL && op != NULL + && access_allowed(be, conn, op, e, entry_at, NULL, ACL_READ) == 0) + { + rc = LDAP_INSUFFICIENT_ACCESS; + goto return_results; + } + + for ( i = 0; attr->a_vals[i] != NULL; i++ ) { + /* count them */ + } + + v = (struct berval **) ch_malloc( sizeof(struct berval *) * (i+1) ); + + for ( i=0, j=0; attr->a_vals[i] != NULL; i++ ) { + if( conn != NULL + && op != NULL + && access_allowed(be, conn, op, e, entry_at, + attr->a_vals[i], ACL_READ) == 0) + { + continue; + } + v[j] = ber_bvdup( attr->a_vals[i] ); + + if( v[j] != NULL ) j++; + } + + if( j == 0 ) { + ch_free( v ); + *vals = NULL; + rc = LDAP_INSUFFICIENT_ACCESS; + } else { + v[j] = NULL; + *vals = v; + rc = LDAP_SUCCESS; + } + +return_results: + if( target != e ) { + /* free entry and reader lock */ + cache_return_entry_r( &li->li_cache, e ); + } + + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_attribute: rc=%d nvals=%d\n", + rc, j, 0 ); + return(rc); +} + diff --git a/servers/slapd/back-ldbm/backldbm.dsp b/servers/slapd/back-ldbm/backldbm.dsp index 9ac6217424..61d7a1984a 100644 --- a/servers/slapd/back-ldbm/backldbm.dsp +++ b/servers/slapd/back-ldbm/backldbm.dsp @@ -258,5 +258,9 @@ SOURCE=.\tools.c SOURCE=.\unbind.c # End Source File +# Begin Source File + +SOURCE=.\attribute.c +# End Source File # End Target # End Project diff --git a/servers/slapd/back-ldbm/bind.c b/servers/slapd/back-ldbm/bind.c index 1c72e0eda1..e31a267f69 100644 --- a/servers/slapd/back-ldbm/bind.c +++ b/servers/slapd/back-ldbm/bind.c @@ -237,10 +237,11 @@ ldbm_back_bind( break; case LDAP_AUTH_KRBV42: - send_ldap_result( conn, op, LDAP_SUCCESS, - NULL, NULL, NULL, NULL ); + send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, + NULL, "Kerberos bind step 2 not supported", + NULL, NULL ); /* stop front end from sending result */ - rc = 1; + rc = LDAP_UNWILLING_TO_PERFORM; goto return_results; #endif diff --git a/servers/slapd/back-ldbm/external.h b/servers/slapd/back-ldbm/external.h index b8c2a8d5fb..1ea9d56561 100644 --- a/servers/slapd/back-ldbm/external.h +++ b/servers/slapd/back-ldbm/external.h @@ -80,6 +80,13 @@ extern int ldbm_back_group LDAP_P(( BackendDB *bd, ObjectClass* group_oc, AttributeDescription* group_at)); +extern int ldbm_back_attribute LDAP_P(( BackendDB *bd, + Connection *conn, Operation *op, + Entry *target, + const char* e_ndn, + AttributeDescription* entry_at, + struct berval ***vals)); + /* hooks for slap tools */ extern int ldbm_tool_entry_open LDAP_P(( BackendDB *be, int mode )); diff --git a/servers/slapd/back-ldbm/init.c b/servers/slapd/back-ldbm/init.c index 6fb070b8b5..aff7a076b1 100644 --- a/servers/slapd/back-ldbm/init.c +++ b/servers/slapd/back-ldbm/init.c @@ -67,6 +67,7 @@ ldbm_back_initialize( bi->bi_entry_release_rw = ldbm_back_entry_release_rw; bi->bi_acl_group = ldbm_back_group; + bi->bi_acl_attribute = ldbm_back_attribute; bi->bi_chk_referrals = ldbm_back_referrals; /* diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index bf5ebd4409..6d3974cef4 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -298,6 +298,7 @@ add_values( for ( j = 0; a->a_vals[j] != NULL; j++ ) { int match; int rc = value_match( &match, mod->sm_desc, mr, + SLAP_MR_MODIFY_MATCHING, a->a_vals[j], asserted, &text ); if( rc == LDAP_SUCCESS && match == 0 ) { @@ -372,10 +373,10 @@ delete_values( for ( j = 0; a->a_vals[j] != NULL; j++ ) { int match; int rc = value_match( &match, mod->sm_desc, mr, + SLAP_MR_MODIFY_MATCHING, a->a_vals[j], asserted, &text ); - if( rc == LDAP_SUCCESS && match != 0 ) - { + if( rc == LDAP_SUCCESS && match != 0 ) { continue; } found = 1; diff --git a/servers/slapd/back-passwd/init.c b/servers/slapd/back-passwd/init.c index ccaeae6843..accff0551a 100644 --- a/servers/slapd/back-passwd/init.c +++ b/servers/slapd/back-passwd/init.c @@ -54,6 +54,7 @@ passwd_back_initialize( bi->bi_extended = 0; bi->bi_acl_group = 0; + bi->bi_acl_attribute = 0; bi->bi_chk_referrals = 0; #ifdef HAVE_CYRUS_SASL diff --git a/servers/slapd/back-shell/init.c b/servers/slapd/back-shell/init.c index d0de95129b..b05b029132 100644 --- a/servers/slapd/back-shell/init.c +++ b/servers/slapd/back-shell/init.c @@ -58,6 +58,7 @@ shell_back_initialize( bi->bi_extended = 0; bi->bi_acl_group = 0; + bi->bi_acl_attribute = 0; bi->bi_chk_referrals = 0; #ifdef HAVE_CYRUS_SASL diff --git a/servers/slapd/back-sql/rdbms_depend/mssql/backsql_create.sql b/servers/slapd/back-sql/rdbms_depend/mssql/backsql_create.sql new file mode 100644 index 0000000000..ebbffbd0b9 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mssql/backsql_create.sql @@ -0,0 +1,100 @@ +create table ldap_oc_mappings ( + id int identity (1, 1) not null , + name varchar (64) not null , + keytbl varchar (64) not null , + keycol varchar (64) not null , + create_proc varchar (255) NULL , + delete_proc varchar (255) NULL, + expect_return int not null +) +GO + +alter table ldap_oc_mappings add + constraint pk_ldap_oc_mappings primary key + ( + id + ) +GO + + +alter table ldap_oc_mappings add + constraint unq1_ldap_oc_mappings unique + ( + name + ) +GO + + +create table ldap_attr_mappings ( + id int identity (1, 1) not null , + oc_map_id int not null references ldap_oc_mappings(id), + name varchar (255) not null , + sel_expr varchar (255) not null , + from_tbls varchar (255) not null , + join_where varchar (255) NULL , + add_proc varchar (255) NULL , + modify_proc varchar (255) NULL , + delete_proc varchar (255) NULL , + param_order int not null, + expect_return int not null +) +GO + +alter table ldap_attr_mappings add + constraint pk_ldap_attr_mappings primary key + ( + id + ) +GO + + +create table ldap_entries ( + id int identity (1, 1) not null , + dn varchar (255) not null , + oc_map_id int not null references ldap_oc_mappings(id), + parent int not null , + keyval int not null +) +GO + + +alter table ldap_entries add + constraint pk_ldap_entries primary key + ( + id + ) +GO + +alter table ldap_entries add + constraint unq1_ldap_entries unique + ( + oc_map_id, + keyval + ) +GO + +alter table ldap_entries add + constraint unq2_ldap_entries unique + ( + dn + ) +GO + + +create table ldap_referrals + ( + entry_id int not null references ldap_entries(id), + url text not null +) +GO + +create index entry_idx on ldap_referrals(entry_id); + +create table ldap_entry_objclasses + ( + entry_id int not null references ldap_entries(id), + oc_name varchar(64) + ) +GO + +create index entry_idx on ldap_entry_objclasses(entry_id); \ No newline at end of file diff --git a/servers/slapd/back-sql/rdbms_depend/mssql/backsql_drop.sql b/servers/slapd/back-sql/rdbms_depend/mssql/backsql_drop.sql new file mode 100644 index 0000000000..0e888b31c6 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mssql/backsql_drop.sql @@ -0,0 +1,14 @@ +drop table ldap_attr_mappings +GO + +drop table ldap_referrals +GO + +drop table ldap_entry_objclasses +GO + +drop table ldap_entries +GO + +drop table ldap_oc_mappings +GO diff --git a/servers/slapd/back-sql/rdbms_depend/mssql/testdb_create.sql b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_create.sql new file mode 100644 index 0000000000..42bfe4d624 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_create.sql @@ -0,0 +1,72 @@ + +CREATE TABLE authors_docs ( + pers_id int NOT NULL , + doc_id int NOT NULL +) +GO + +CREATE TABLE documents ( + id int IDENTITY (1, 1) NOT NULL , + abstract varchar (255) NULL , + title varchar (255) NULL , + body binary (255) NULL +) +GO + +CREATE TABLE institutes ( + id int IDENTITY (1, 1) NOT NULL , + name varchar (255) NOT NULL +) +GO + + +CREATE TABLE persons ( + id int IDENTITY (1, 1) NOT NULL , + name varchar (255) NULL +) +GO + +CREATE TABLE phones ( + id int IDENTITY (1, 1) NOT NULL , + phone varchar (255) NOT NULL , + pers_id int NOT NULL +) +GO + +ALTER TABLE authors_docs WITH NOCHECK ADD + CONSTRAINT PK_authors_docs PRIMARY KEY + ( + pers_id, + doc_id + ) +GO + +ALTER TABLE documents WITH NOCHECK ADD + CONSTRAINT PK_documents PRIMARY KEY + ( + id + ) +GO + +ALTER TABLE institutes WITH NOCHECK ADD + CONSTRAINT PK_institutes PRIMARY KEY + ( + id + ) +GO + + +ALTER TABLE persons WITH NOCHECK ADD + CONSTRAINT PK_persons PRIMARY KEY + ( + id + ) +GO + +ALTER TABLE phones WITH NOCHECK ADD + CONSTRAINT PK_phones PRIMARY KEY + ( + id + ) +GO + diff --git a/servers/slapd/back-sql/rdbms_depend/mssql/testdb_data.sql b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_data.sql new file mode 100644 index 0000000000..1daa348ed8 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_data.sql @@ -0,0 +1,24 @@ +set IDENTITY_INSERT institutes ON +insert into institutes (id,name) values (1,'sql') +set IDENTITY_INSERT institutes OFF + +set IDENTITY_INSERT persons ON +insert into persons (id,name) values (1,'Mitya Kovalev') +insert into persons (id,name) values (2,'Torvlobnor Puzdoy') +insert into persons (id,name) values (3,'Akakiy Zinberstein') +set IDENTITY_INSERT persons OFF + +set IDENTITY_INSERT phones ON +insert into phones (id,phone,pers_id) values (1,'332-2334',1) +insert into phones (id,phone,pers_id) values (2,'222-3234',1) +insert into phones (id,phone,pers_id) values (3,'545-4563',2) +set IDENTITY_INSERT phones OFF + +set IDENTITY_INSERT documents ON +insert into documents (id,abstract,title) values (1,'abstract1','book1') +insert into documents (id,abstract,title) values (2,'abstract2','book2') +set IDENTITY_INSERT documents OFF + +insert into authors_docs (pers_id,doc_id) values (1,1) +insert into authors_docs (pers_id,doc_id) values (1,2) +insert into authors_docs (pers_id,doc_id) values (2,1) diff --git a/servers/slapd/back-sql/rdbms_depend/mssql/testdb_drop.sql b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_drop.sql new file mode 100644 index 0000000000..4842ed8920 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mssql/testdb_drop.sql @@ -0,0 +1,39 @@ +drop procedure create_person +drop procedure set_person_name +drop procedure delete_phone +drop procedure add_phone +drop procedure make_doc_link +drop procedure del_doc_link +drop procedure delete_person + +drop procedure create_org +drop procedure set_org_name +drop procedure delete_org + +drop procedure create_document +drop procedure set_doc_title +drop procedure set_doc_abstract +drop procedure make_author_link +drop procedure del_author_link +drop procedure delete_document + +if exists (select * from sysobjects where id = object_id(N'authors_docs') and OBJECTPROPERTY(id, N'IsUserTable') = 1) +drop table authors_docs +GO + +if exists (select * from sysobjects where id = object_id(N'documents') and OBJECTPROPERTY(id, N'IsUserTable') = 1) +drop table documents +GO + +if exists (select * from sysobjects where id = object_id(N'institutes') and OBJECTPROPERTY(id, N'IsUserTable') = 1) +drop table institutes +GO + +if exists (select * from sysobjects where id = object_id(N'persons') and OBJECTPROPERTY(id, N'IsUserTable') = 1) +drop table persons +GO + +if exists (select * from sysobjects where id = object_id(N'phones') and OBJECTPROPERTY(id, N'IsUserTable') = 1) +drop table phones +GO + diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/backsql_create.sql b/servers/slapd/back-sql/rdbms_depend/mysql/backsql_create.sql new file mode 100644 index 0000000000..4e5bb51e0f --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mysql/backsql_create.sql @@ -0,0 +1,64 @@ +drop table if exists ldap_oc_mappings; +create table ldap_oc_mappings + ( + id integer unsigned not null primary key auto_increment, + name varchar(64) not null, + keytbl varchar(64) not null, + keycol varchar(64) not null, + create_proc varchar(255), + delete_proc varchar(255), + expect_return tinyint not null +); + +drop table if exists ldap_attr_mappings; +create table ldap_attr_mappings + ( + id integer unsigned not null primary key auto_increment, + oc_map_id integer unsigned not null references ldap_oc_mappings(id), + name varchar(255) not null, + sel_expr varchar(255) not null, + from_tbls varchar(255) not null, + join_where varchar(255), + add_proc varchar(255), + delete_proc varchar(255), + param_order tinyint not null, + expect_return tinyint not null +); + +drop table if exists ldap_entries; +create table ldap_entries + ( + id integer unsigned not null primary key auto_increment, + dn varchar(255) not null, + oc_map_id integer unsigned not null references ldap_oc_mappings(id), + parent int NOT NULL , + keyval int NOT NULL +); + +alter table ldap_entries add + constraint unq1_ldap_entries unique + ( + oc_map_id, + keyval + ); + +alter table ldap_entries add + constraint unq2_ldap_entries unique + ( + dn + ); + +drop table if exists ldap_referrals; +create table ldap_referrals + ( + entry_id integer not null references ldap_entries(id), + url text not null +); + +drop table if exists ldap_entry_objclasses; +create table ldap_entry_objclasses + ( + entry_id integer not null references ldap_entries(id), + oc_name varchar(64) + ); + diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/backsql_drop.sql b/servers/slapd/back-sql/rdbms_depend/mysql/backsql_drop.sql new file mode 100644 index 0000000000..b497eb9d54 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mysql/backsql_drop.sql @@ -0,0 +1,9 @@ +DROP TABLE IF EXISTS ldap_referrals; + +DROP TABLE IF EXISTS ldap_entry_objclasses; + +DROP TABLE IF EXISTS ldap_attr_mappings; + +DROP TABLE IF EXISTS ldap_entries; + +DROP TABLE IF EXISTS ldap_oc_mappings; diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql new file mode 100644 index 0000000000..9fb97416f9 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sql @@ -0,0 +1,66 @@ +drop table if exists persons; +CREATE TABLE persons ( + id int NOT NULL, + name varchar(255) NOT NULL +); + +drop table if exists institutes; +CREATE TABLE institutes ( + id int NOT NULL, + name varchar(255) +); + +drop table if exists documents; +CREATE TABLE documents ( + id int NOT NULL, + title varchar(255) NOT NULL, + abstract varchar(255) +); + +drop table if exists authors_docs; +CREATE TABLE authors_docs ( + pers_id int NOT NULL, + doc_id int NOT NULL +); + +drop table if exists phones; +CREATE TABLE phones ( + id int NOT NULL , + phone varchar(255) NOT NULL , + pers_id int NOT NULL +); + + + +ALTER TABLE authors_docs ADD + CONSTRAINT PK_authors_docs PRIMARY KEY + ( + pers_id, + doc_id + ); + +ALTER TABLE documents ADD + CONSTRAINT PK_documents PRIMARY KEY + ( + id + ); + +ALTER TABLE institutes ADD + CONSTRAINT PK_institutes PRIMARY KEY + ( + id + ); + + +ALTER TABLE persons ADD + CONSTRAINT PK_persons PRIMARY KEY + ( + id + ); + +ALTER TABLE phones ADD + CONSTRAINT PK_phones PRIMARY KEY + ( + id + ); + diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql new file mode 100644 index 0000000000..f141f414eb --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql @@ -0,0 +1,16 @@ +insert into institutes (id,name) values (1,'sql'); + +insert into persons (id,name) values (1,'Mitya Kovalev'); +insert into persons (id,name) values (2,'Torvlobnor Puzdoy'); +insert into persons (id,name) values (3,'Akakiy Zinberstein'); + +insert into phones (id,phone,pers_id) values (1,'332-2334',1); +insert into phones (id,phone,pers_id) values (2,'222-3234',1); +insert into phones (id,phone,pers_id) values (3,'545-4563',2); + +insert into documents (id,abstract,title) values (1,'abstract1','book1'); +insert into documents (id,abstract,title) values (2,'abstract2','book2'); + +insert into authors_docs (pers_id,doc_id) values (1,1); +insert into authors_docs (pers_id,doc_id) values (1,2); +insert into authors_docs (pers_id,doc_id) values (2,1); diff --git a/servers/slapd/back-sql/rdbms_depend/mysql/testdb_drop.sql b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_drop.sql new file mode 100644 index 0000000000..7c5e9e759e --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/mysql/testdb_drop.sql @@ -0,0 +1,5 @@ +DROP TABLE IF EXISTS persons; +DROP TABLE IF EXISTS institutes; +DROP TABLE IF EXISTS documents; +DROP TABLE IF EXISTS authors_docs; +DROP TABLE IF EXISTS phones; diff --git a/servers/slapd/back-sql/rdbms_depend/oracle/backsql_create.sql b/servers/slapd/back-sql/rdbms_depend/oracle/backsql_create.sql new file mode 100644 index 0000000000..e88284bba8 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/oracle/backsql_create.sql @@ -0,0 +1,86 @@ +create table ldap_oc_mappings ( + id number not null , + name varchar2(64) not null , + keytbl varchar2(64) not null , + keycol varchar2(64) not null , + create_proc varchar2(255), + delete_proc varchar2(255), + expect_return number not null +); + +alter table ldap_oc_mappings add + constraint PK_ldap_oc_mappings primary key + ( + id + ); + +alter table ldap_oc_mappings add + constraint unq_ldap_oc_mappings unique + ( + name + ); + +create table ldap_attr_mappings ( + id number not null, + oc_map_id number not null references ldap_oc_mappings(id), + name varchar2(255) not null, + sel_expr varchar2(255) not null, + from_tbls varchar2(255) not null, + join_where varchar2(255), + add_proc varchar2(255), + delete_proc varchar2(255), + param_order number not null, + expect_return number not null +); + +alter table ldap_attr_mappings add + constraint pk_ldap_attr_mappings primary key + ( + id + ); + + +create table ldap_entries ( + id number not null , + dn varchar2(255) not null , + oc_map_id number not null references ldap_oc_mappings(id), + parent number not null , + keyval number not null +); + +alter table ldap_entries add + constraint PK_ldap_entries primary key + ( + id + ); + +alter table ldap_entries add + constraint unq1_ldap_entries unique + ( + oc_map_id, + keyval + ); + +alter table ldap_entries add + constraint unq2_ldap_entries unique + ( + dn + ); + +create sequence ldap_objclass_ids start with 1 increment by 1; + +create sequence ldap_attr_ids start with 1 increment by 1; + +create sequence ldap_entry_ids start with 1 increment by 1; + +create table ldap_referrals + ( + entry_id number not null references ldap_entries(id), + url varchar(1023) not null +); + +create table ldap_entry_objclasses + ( + entry_id number not null references ldap_entries(id), + oc_name varchar(64) + ); diff --git a/servers/slapd/back-sql/rdbms_depend/oracle/backsql_drop.sql b/servers/slapd/back-sql/rdbms_depend/oracle/backsql_drop.sql new file mode 100644 index 0000000000..19bb8b66cc --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/oracle/backsql_drop.sql @@ -0,0 +1,8 @@ +drop table ldap_attr_mappings; +drop table ldap_entry_objclasses; +drop table ldap_referrals; +drop sequence ldap_entry_ids; +drop sequence ldap_attr_ids; +drop sequence ldap_objclass_ids; +drop table ldap_entries; +drop table ldap_oc_mappings; diff --git a/servers/slapd/back-sql/rdbms_depend/oracle/testdb_create.sql b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_create.sql new file mode 100644 index 0000000000..36859d1b76 --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_create.sql @@ -0,0 +1,66 @@ +CREATE TABLE persons ( + id NUMBER NOT NULL, + name varchar2(255) NOT NULL +); + +CREATE TABLE institutes ( + id NUMBER NOT NULL, + name varchar2(255) +); + +CREATE TABLE documents ( + id NUMBER NOT NULL, + title varchar2(255) NOT NULL, + abstract varchar2(255) +); + +CREATE TABLE authors_docs ( + pers_id NUMBER NOT NULL, + doc_id NUMBER NOT NULL +); + +CREATE TABLE phones ( + id NUMBER NOT NULL , + phone varchar2(255) NOT NULL , + pers_id NUMBER NOT NULL +); + + +ALTER TABLE authors_docs ADD + CONSTRAINT PK_authors_docs PRIMARY KEY + ( + pers_id, + doc_id + ); + +ALTER TABLE documents ADD + CONSTRAINT PK_documents PRIMARY KEY + ( + id + ); + +ALTER TABLE institutes ADD + CONSTRAINT PK_institutes PRIMARY KEY + ( + id + ); + +ALTER TABLE persons ADD + CONSTRAINT PK_persons PRIMARY KEY + ( + id + ); + +ALTER TABLE phones ADD + CONSTRAINT PK_phones PRIMARY KEY + ( + id + ); + +CREATE SEQUENCE person_ids START WITH 1 INCREMENT BY 1; + +CREATE SEQUENCE document_ids START WITH 1 INCREMENT BY 1; + +CREATE SEQUENCE institute_ids START WITH 1 INCREMENT BY 1; + +CREATE SEQUENCE phone_ids START WITH 1 INCREMENT BY 1; diff --git a/servers/slapd/back-sql/rdbms_depend/oracle/testdb_data.sql b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_data.sql new file mode 100644 index 0000000000..439bacca3b --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_data.sql @@ -0,0 +1,27 @@ +insert into institutes (id,name) values (institute_ids.nextval,'sql'); + +insert into persons (id,name) values (person_ids.nextval,'Mitya Kovalev'); + +insert into persons (id,name) values (person_ids.nextval,'Torvlobnor Puzdoy'); + +insert into persons (id,name) values (person_ids.nextval,'Akakiy Zinberstein'); + + +insert into phones (id,phone,pers_id) values (phone_ids.nextval,'332-2334',1); + +insert into phones (id,phone,pers_id) values (phone_ids.nextval,'222-3234',1); + +insert into phones (id,phone,pers_id) values (phone_ids.nextval,'545-4563',2); + + +insert into documents (id,abstract,title) values (document_ids.nextval,'abstract1','book1'); + +insert into documents (id,abstract,title) values (document_ids.nextval,'abstract2','book2'); + + +insert into authors_docs (pers_id,doc_id) values (1,1); + +insert into authors_docs (pers_id,doc_id) values (1,2); + +insert into authors_docs (pers_id,doc_id) values (2,1); + diff --git a/servers/slapd/back-sql/rdbms_depend/oracle/testdb_drop.sql b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_drop.sql new file mode 100644 index 0000000000..0cf44637be --- /dev/null +++ b/servers/slapd/back-sql/rdbms_depend/oracle/testdb_drop.sql @@ -0,0 +1,25 @@ +DROP TABLE persons; +DROP TABLE institutes; +DROP TABLE documents; +DROP TABLE authors_docs; +DROP TABLE phones; +DROP SEQUENCE person_ids; +DROP SEQUENCE institute_ids; +DROP SEQUENCE document_ids; +DROP SEQUENCE phone_ids; +DROP PROCEDURE create_person; +DROP PROCEDURE delete_person; +DROP PROCEDURE add_phone; +DROP PROCEDURE delete_phone; +DROP PROCEDURE set_person_name; +DROP PROCEDURE set_org_name; +DROP PROCEDURE set_doc_title; +DROP PROCEDURE set_doc_abstract; +DROP PROCEDURE create_document; +DROP PROCEDURE create_org; +DROP PROCEDURE delete_document; +DROP PROCEDURE delete_org; +DROP PROCEDURE make_doc_link; +DROP PROCEDURE del_doc_link; +DROP PROCEDURE make_author_link; +DROP PROCEDURE del_author_link; diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index e6f5f7606f..780e3b9cc3 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -667,6 +667,35 @@ backend_group( return LDAP_UNWILLING_TO_PERFORM; } +int +backend_attribute( + Backend *be, + Connection *conn, + Operation *op, + Entry *target, + const char *e_ndn, + AttributeDescription *entry_at, + struct berval ***vals +) +{ + if( target == NULL || strcmp( target->e_ndn, e_ndn ) != 0 ) { + /* we won't attempt to send it to a different backend */ + + be = select_backend(e_ndn); + + if (be == NULL) { + return LDAP_NO_SUCH_OBJECT; + } + } + + if( be->be_attribute ) { + return be->be_attribute( be, conn, op, target, e_ndn, + entry_at, vals ); + } + + return LDAP_UNWILLING_TO_PERFORM; +} + Attribute *backend_operational( Backend *be, Entry *e ) diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 9f78b99911..f5041fe007 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -8,9 +8,6 @@ #include "portable.h" #include -#ifdef HAVE_LOCALE_H -#include -#endif #include #include @@ -436,35 +433,6 @@ read_config( const char *fname ) vals[0]->bv_len = strlen( vals[0]->bv_val ); value_add( &default_referral, vals ); - /* specify locale */ - } else if ( strcasecmp( cargv[0], "locale" ) == 0 ) { -#ifdef HAVE_LOCALE_H - char *locale; - if ( cargc < 2 ) { - Debug( LDAP_DEBUG_ANY, - "%s: line %d: missing locale in \"locale \" line\n", - fname, lineno, 0 ); - return( 1 ); - } - - locale = (strcasecmp( cargv[1], "on" ) == 0 ? "" - : strcasecmp( cargv[1], "off" ) == 0 ? "C" - : ch_strdup( cargv[1] ) ); - - if ( setlocale( LC_CTYPE, locale ) == 0 ) { - Debug( LDAP_DEBUG_ANY, - (*locale - ? "%s: line %d: bad locale \"%s\"\n" - : "%s: line %d: bad locale\n"), - fname, lineno, locale ); - return( 1 ); - } -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: \"locale\" unsupported\n", - fname, lineno, 0 ); - return( 1 ); -#endif /* specify an Object Identifier macro */ } else if ( strcasecmp( cargv[0], "objectidentifier" ) == 0 ) { parse_oidm( fname, lineno, cargc, cargv ); diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index 61a7989be5..88dcd60d46 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -247,9 +247,9 @@ static Listener * open_listener( const char* url ) # ifdef LDAP_PF_UNIX if ( ldap_pvt_url_scheme2proto(lud->lud_scheme) == LDAP_PROTO_IPC ) { if ( lud->lud_host == NULL || lud->lud_host[0] == '\0' ) { - err = getaddrinfo(NULL, "/tmp/.ldap-sock", &hints, &res); + err = getaddrinfo(NULL, LDAPI_SOCK, &hints, &res); if (!err) - unlink( "/tmp/.ldap-sock" ); + unlink( LDAPI_SOCK ); } else { err = getaddrinfo(NULL, lud->lud_host, &hints, &res); if (!err) @@ -279,6 +279,7 @@ static Listener * open_listener( const char* url ) do { l.sl_sd = socket( sai->ai_family, sai->ai_socktype, sai->ai_protocol); if ( l.sl_sd == AC_SOCKET_INVALID ) { + int err = sock_errno(); Debug( LDAP_DEBUG_ANY, "daemon: socket() failed errno=%d (%s)\n", err, sock_errstr(err), 0 ); @@ -297,7 +298,7 @@ static Listener * open_listener( const char* url ) /* hack: overload the host to be the path */ if ( lud->lud_host == NULL || lud->lud_host[0] == '\0' ) { - strcpy( l.sl_sa.sa_un_addr.sun_path, "/tmp/.ldap-sock" ); + strcpy( l.sl_sa.sa_un_addr.sun_path, LDAPI_SOCK ); } else { if ( strlen(lud->lud_host) > (sizeof(l.sl_sa.sa_un_addr.sun_path) - 1) ) { Debug( LDAP_DEBUG_ANY, @@ -437,7 +438,7 @@ static Listener * open_listener( const char* url ) # ifdef LDAP_PF_UNIX case AF_UNIX: if ( chmod( (char *)sai->ai_addr, S_IRWXU ) < 0 ) { - err = sock_errno(); + int err = sock_errno(); Debug( LDAP_DEBUG_ANY, "daemon: fchmod(%ld) failed errno=%d (%s)", (long) l.sl_sd, err, sock_errstr(err) ); tcp_close( l.sl_sd ); diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c index 115daa3eea..c8817c87ef 100644 --- a/servers/slapd/entry.c +++ b/servers/slapd/entry.c @@ -115,11 +115,19 @@ str2entry( char *s ) if( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, - "<= str2entry NULL (str2ad=%s)\n", text, 0, 0 ); - entry_free( e ); - free( value.bv_val ); - free( type ); - return( NULL ); + "<= str2entry: str2ad(%s): %s\n", type, text, 0 ); + + rc = slap_str2undef_ad( type, &ad, &text ); + + if( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + "<= str2entry: str2undef_ad(%s): %s\n", + type, text, 0 ); + entry_free( e ); + free( value.bv_val ); + free( type ); + return( NULL ); + } } rc = attr_merge( e, ad, vals ); diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c index 6c44ca305a..4aa04f3dfb 100644 --- a/servers/slapd/filter.c +++ b/servers/slapd/filter.c @@ -28,6 +28,10 @@ static int get_substring_filter( char **fstr, const char **text ); +static int filter_escape_value( + struct berval *in, + struct berval *out ); + int get_filter( Connection *conn, @@ -41,6 +45,7 @@ get_filter( int err; Filter *f; char *ftmp = NULL; + struct berval escaped; Debug( LDAP_DEBUG_FILTER, "begin get_filter\n", 0, 0, 0 ); @@ -102,14 +107,17 @@ get_filter( assert( f->f_ava != NULL ); + filter_escape_value( f->f_av_value, &escaped ); + *fstr = ch_malloc( sizeof("(=)") + f->f_av_desc->ad_cname->bv_len - + f->f_av_value->bv_len ); + + escaped.bv_len ); sprintf( *fstr, "(%s=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_SUBSTRINGS: @@ -125,14 +133,17 @@ get_filter( break; } + filter_escape_value( f->f_av_value, &escaped ); + *fstr = ch_malloc( sizeof("(>=)") + f->f_av_desc->ad_cname->bv_len - + f->f_av_value->bv_len ); + + escaped.bv_len ); sprintf( *fstr, "(%s>=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_LE: @@ -144,14 +155,17 @@ get_filter( } + filter_escape_value( f->f_av_value, &escaped ); + *fstr = ch_malloc( sizeof("(<=)") + f->f_av_desc->ad_cname->bv_len - + f->f_av_value->bv_len ); + + escaped.bv_len ); sprintf( *fstr, "(%s<=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_PRESENT: { @@ -190,14 +204,17 @@ get_filter( break; } + filter_escape_value( f->f_av_value, &escaped ); + *fstr = ch_malloc( sizeof("(~=)") + f->f_av_desc->ad_cname->bv_len - + f->f_av_value->bv_len ); + + escaped.bv_len ); sprintf( *fstr, "(%s~=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_AND: @@ -241,12 +258,14 @@ get_filter( /* not yet implemented */ Debug( LDAP_DEBUG_ANY, "extensible match not yet implemented.\n", f->f_choice, 0, 0 ); + (void) ber_skip_tag( ber, &len ); f->f_choice = SLAPD_FILTER_COMPUTED; f->f_result = SLAPD_COMPARE_UNDEFINED; *fstr = ch_strdup( "(extended)" ); break; default: + (void) ber_skip_tag( ber, &len ); Debug( LDAP_DEBUG_ANY, "get_filter: unknown filter type=%lu\n", f->f_choice, 0, 0 ); f->f_choice = SLAPD_FILTER_COMPUTED; @@ -332,6 +351,7 @@ get_substring_filter( ber_len_t len; ber_tag_t rc; struct berval *value; + struct berval escaped; char *last; struct berval type; struct berval *nvalue; @@ -431,9 +451,11 @@ get_substring_filter( f->f_sub_initial = value; if( fstr ) { + filter_escape_value( value, &escaped ); *fstr = ch_realloc( *fstr, - strlen( *fstr ) + value->bv_len + 1 ); - strcat( *fstr, value->bv_val ); + strlen( *fstr ) + escaped.bv_len + 1 ); + strcat( *fstr, escaped.bv_val ); + ber_memfree( escaped.bv_val ); } break; @@ -445,10 +467,12 @@ get_substring_filter( } if( fstr ) { + filter_escape_value( value, &escaped ); *fstr = ch_realloc( *fstr, - strlen( *fstr ) + value->bv_len + 2 ); + strlen( *fstr ) + escaped.bv_len + 2 ); strcat( *fstr, "*" ); - strcat( *fstr, value->bv_val ); + strcat( *fstr, escaped.bv_val ); + ber_memfree( escaped.bv_val ); } break; @@ -461,10 +485,12 @@ get_substring_filter( f->f_sub_final = value; if( fstr ) { + filter_escape_value( value, &escaped ); *fstr = ch_realloc( *fstr, - strlen( *fstr ) + value->bv_len + 2 ); + strlen( *fstr ) + escaped.bv_len + 2 ); strcat( *fstr, "*" ); - strcat( *fstr, value->bv_val ); + strcat( *fstr, escaped.bv_val ); + ber_memfree( escaped.bv_val ); } break; @@ -559,12 +585,12 @@ filter_free( Filter *f ) } #ifdef LDAP_DEBUG - void filter_print( Filter *f ) { int i; Filter *p; + struct berval escaped; if ( f == NULL ) { fprintf( stderr, "No filter!" ); @@ -572,45 +598,59 @@ filter_print( Filter *f ) switch ( f->f_choice ) { case LDAP_FILTER_EQUALITY: + filter_escape_value( f->f_av_value, &escaped ); fprintf( stderr, "(%s=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_GE: + filter_escape_value( f->f_av_value, &escaped ); fprintf( stderr, "(%s>=%s)", f->f_av_desc->ad_cname->bv_val, - f->f_av_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_LE: + filter_escape_value( f->f_av_value, &escaped ); fprintf( stderr, "(%s<=%s)", f->f_ava->aa_desc->ad_cname->bv_val, - f->f_ava->aa_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_APPROX: + filter_escape_value( f->f_av_value, &escaped ); fprintf( stderr, "(%s~=%s)", f->f_ava->aa_desc->ad_cname->bv_val, - f->f_ava->aa_value->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); break; case LDAP_FILTER_SUBSTRINGS: fprintf( stderr, "(%s=" /*)*/, f->f_sub_desc->ad_cname->bv_val ); if ( f->f_sub_initial != NULL ) { + filter_escape_value( f->f_sub_initial, &escaped ); fprintf( stderr, "%s", - f->f_sub_initial->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); } if ( f->f_sub_any != NULL ) { for ( i = 0; f->f_sub_any[i] != NULL; i++ ) { + filter_escape_value( f->f_sub_any[i], &escaped ); fprintf( stderr, "*%s", - f->f_sub_any[i]->bv_val ); + escaped.bv_val ); + ber_memfree( escaped.bv_val ); } } if ( f->f_sub_final != NULL ) { + filter_escape_value( f->f_sub_final, &escaped ); fprintf( stderr, - "*%s", f->f_sub_final->bv_val ); + "*%s", escaped.bv_val ); + ber_memfree( escaped.bv_val ); } fprintf( stderr, /*(*/ ")" ); break; @@ -647,3 +687,37 @@ filter_print( Filter *f ) } #endif /* ldap_debug */ + +int filter_escape_value( + struct berval *in, + struct berval *out ) +{ + ber_len_t i; + assert( in ); + assert( out ); + + out->bv_val = (char *) ch_malloc( ( in->bv_len * 3 ) + 1 ); + out->bv_len = 0; + +#undef NIBBLE +#undef ESCAPE_LO +#undef ESCAPE_HI +#define NIBBLE(c) ((c)&0x0f) +#define ESCAPE_LO(c) ( NIBBLE(c) + ( NIBBLE(c) < 10 ? '0' : 'A' - 10 ) ) +#define ESCAPE_HI(c) ( ESCAPE_LO((c)>>4) ) + + for( i=0; i < in->bv_len ; i++ ) { + if( FILTER_ESCAPE(in->bv_val[i]) ) { + out->bv_val[out->bv_len++] = '\\'; + out->bv_val[out->bv_len++] = ESCAPE_HI( in->bv_val[i] ); + out->bv_val[out->bv_len++] = ESCAPE_LO( in->bv_val[i] ); + } else { + out->bv_val[out->bv_len++] = in->bv_val[i]; + } + } + + out->bv_val[out->bv_len] = '\0'; + return LDAP_SUCCESS; +} + + diff --git a/servers/slapd/filterentry.c b/servers/slapd/filterentry.c index bd3e62eaed..e4bcf3c23e 100644 --- a/servers/slapd/filterentry.c +++ b/servers/slapd/filterentry.c @@ -21,7 +21,7 @@ static int test_filter_and( Backend *be, static int test_filter_or( Backend *be, Connection *conn, Operation *op, Entry *e, Filter *flist ); -static int test_substring_filter( Backend *be, +static int test_substrings_filter( Backend *be, Connection *conn, Operation *op, Entry *e, Filter *f); static int test_ava_filter( Backend *be, @@ -75,7 +75,7 @@ test_filter( case LDAP_FILTER_SUBSTRINGS: Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 ); - rc = test_substring_filter( be, conn, op, e, f ); + rc = test_substrings_filter( be, conn, op, e, f ); break; case LDAP_FILTER_GE: @@ -193,7 +193,7 @@ test_ava_filter( int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, + rc = value_match( &ret, a->a_desc, mr, 0, a->a_vals[i], ava->aa_value, &text ); @@ -310,7 +310,7 @@ test_filter_or( static int -test_substring_filter( +test_substrings_filter( Backend *be, Connection *conn, Operation *op, @@ -320,7 +320,7 @@ test_substring_filter( { Attribute *a; - Debug( LDAP_DEBUG_FILTER, "begin test_substring_filter\n", 0, 0, 0 ); + Debug( LDAP_DEBUG_FILTER, "begin test_substrings_filter\n", 0, 0, 0 ); if ( be != NULL && ! access_allowed( be, conn, op, e, f->f_sub_desc, NULL, ACL_SEARCH ) ) @@ -344,7 +344,7 @@ test_substring_filter( int rc; const char *text; - rc = value_match( &ret, a->a_desc, mr, + rc = value_match( &ret, a->a_desc, mr, 0, a->a_vals[i], f->f_sub, &text ); @@ -358,6 +358,6 @@ test_substring_filter( } } - Debug( LDAP_DEBUG_FILTER, "end test_substring_filter 1\n", 0, 0, 0 ); + Debug( LDAP_DEBUG_FILTER, "end test_substrings_filter 1\n", 0, 0, 0 ); return LDAP_COMPARE_FALSE; } diff --git a/servers/slapd/libslapd.dsp b/servers/slapd/libslapd.dsp index da4167d05a..700b29c4bc 100644 --- a/servers/slapd/libslapd.dsp +++ b/servers/slapd/libslapd.dsp @@ -312,6 +312,14 @@ SOURCE=.\search.c # End Source File # Begin Source File +SOURCE=.\sets.c +# End Source File +# Begin Source File + +SOURCE=.\sets.h +# End Source File +# Begin Source File + SOURCE=.\slap.h # End Source File # Begin Source File diff --git a/servers/slapd/main.c b/servers/slapd/main.c index b065a21db0..c4f610bbb2 100644 --- a/servers/slapd/main.c +++ b/servers/slapd/main.c @@ -28,8 +28,8 @@ static RETSIGTYPE wait4child( int sig ); struct sockaddr_in bind_addr; /* in nt_main.c */ -LIBLUTIL_F (SERVICE_STATUS) SLAPDServiceStatus; -LIBLUTIL_F (SERVICE_STATUS_HANDLE) hSLAPDServiceStatus; +LDAP_LUTIL_V(SERVICE_STATUS) SLAPDServiceStatus; +LDAP_LUTIL_V(SERVICE_STATUS_HANDLE) hSLAPDServiceStatus; extern ldap_pvt_thread_cond_t started_event, stopped_event; extern int is_NT_Service; diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c index 8c185e07e5..1817fe1143 100644 --- a/servers/slapd/oc.c +++ b/servers/slapd/oc.c @@ -22,6 +22,13 @@ int is_object_subclass( { int i; + if( sub == NULL || sup == NULL ) return 0; + +#if 0 + Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n", + sub->soc_oid, sup->soc_oid, sup == sub ); +#endif + if( sup == sub ) { return 1; } @@ -31,7 +38,7 @@ int is_object_subclass( } for( i=0; sup->soc_sups[i] != NULL; i++ ) { - if( is_object_subclass( sup->soc_sups[i], sup ) ) { + if( is_object_subclass( sub, sup->soc_sups[i] ) ) { return 1; } } @@ -41,8 +48,7 @@ int is_object_subclass( int is_entry_objectclass( Entry* e, - ObjectClass *oc -) + ObjectClass *oc ) { Attribute *attr; int i; @@ -81,8 +87,6 @@ int is_entry_objectclass( } - - struct oindexrec { char *oir_name; ObjectClass *oir_oc; @@ -94,8 +98,7 @@ static ObjectClass *oc_list = NULL; static int oc_index_cmp( struct oindexrec *oir1, - struct oindexrec *oir2 -) + struct oindexrec *oir2 ) { assert( oir1->oir_name ); assert( oir1->oir_oc ); @@ -108,8 +111,7 @@ oc_index_cmp( static int oc_index_name_cmp( char *name, - struct oindexrec *oir -) + struct oindexrec *oir ) { assert( oir->oir_name ); assert( oir->oir_oc ); @@ -139,8 +141,7 @@ static int oc_create_required( ObjectClass *soc, char **attrs, - const char **err -) + const char **err ) { char **attrs1; AttributeType *sat; @@ -178,8 +179,7 @@ static int oc_create_allowed( ObjectClass *soc, char **attrs, - const char **err -) + const char **err ) { char **attrs1; AttributeType *sat; @@ -208,9 +208,8 @@ oc_create_allowed( static int oc_add_sups( ObjectClass *soc, - char **sups, - const char **err -) + char **sups, + const char **err ) { int code; ObjectClass *soc1; @@ -244,16 +243,14 @@ oc_add_sups( if ( add_sups ) soc->soc_sups[nsups] = soc1; - code = oc_add_sups(soc,soc1->soc_sup_oids, err); - if ( code ) - return code; + code = oc_add_sups( soc, soc1->soc_sup_oids, err ); + if ( code ) return code; - code = oc_create_required(soc,soc1->soc_at_oids_must,err); - if ( code ) - return code; - code = oc_create_allowed(soc,soc1->soc_at_oids_may,err); - if ( code ) - return code; + code = oc_create_required( soc, soc1->soc_at_oids_must, err ); + if ( code ) return code; + + code = oc_create_allowed( soc, soc1->soc_at_oids_may, err ); + if ( code ) return code; nsups++; sups1++; @@ -341,13 +338,25 @@ oc_add( int code; soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) ); - memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS)); - if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 ) - return code; - if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 ) - return code; - if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 ) - return code; + memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS) ); + + if( soc->soc_sup_oids == NULL && + soc->soc_kind == LDAP_SCHEMA_STRUCTURAL ) + { + /* structural object classes implicitly inherit from 'top' */ + static char *top_oids[] = { SLAPD_TOP_OID, NULL }; + code = oc_add_sups( soc, top_oids, err ); + } else { + code = oc_add_sups( soc, soc->soc_sup_oids, err ); + } + if ( code != 0 ) return code; + + code = oc_create_required( soc, soc->soc_at_oids_must, err ); + if ( code != 0 ) return code; + + code = oc_create_allowed( soc, soc->soc_at_oids_may, err ); + if ( code != 0 ) return code; + code = oc_insert(soc,err); return code; } diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index 8246f55965..db240991da 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -202,7 +202,7 @@ struct berval * slap_passwd_return( if( ber == NULL ) return NULL; - rc = ber_printf( ber, "{tO}", + rc = ber_printf( ber, "{tON}", LDAP_TAG_EXOP_X_MODIFY_PASSWD_GEN, cred ); if( rc == -1 ) { diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 826c6e9cbb..27cf5cedff 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -10,83 +10,93 @@ LDAP_BEGIN_DECL -LIBSLAPD_F( int ) schema_init_done; -LIBSLAPD_F( struct slap_internal_schema ) slap_schema; +LDAP_SLAPD_F( int ) schema_init_done; +LDAP_SLAPD_F( struct slap_internal_schema ) slap_schema; -LIBSLAPD_F (int) slap_str2ad LDAP_P(( +LDAP_SLAPD_F (int) slap_str2ad LDAP_P(( const char *, AttributeDescription **ad, const char **text )); -LIBSLAPD_F (int) slap_bv2ad LDAP_P(( +LDAP_SLAPD_F (int) slap_bv2ad LDAP_P(( struct berval *bv, AttributeDescription **ad, const char **text )); -LIBSLAPD_F (AttributeDescription *) ad_dup LDAP_P(( +LDAP_SLAPD_F (AttributeDescription *) ad_dup LDAP_P(( AttributeDescription *desc )); -LIBSLAPD_F (void) ad_free LDAP_P(( +LDAP_SLAPD_F (void) ad_free LDAP_P(( AttributeDescription *desc, int freeit )); #define ad_cmp(l,r) ( strcasecmp( \ (l)->ad_cname->bv_val, (r)->ad_cname->bv_val )) -LIBSLAPD_F (int) is_ad_subtype LDAP_P(( +LDAP_SLAPD_F (int) is_ad_subtype LDAP_P(( AttributeDescription *sub, AttributeDescription *super )); -LIBSLAPD_F (int) ad_inlist LDAP_P(( +LDAP_SLAPD_F (int) ad_inlist LDAP_P(( AttributeDescription *desc, char **attrs )); +LDAP_SLAPD_F (int) slap_str2undef_ad LDAP_P(( + const char *, + AttributeDescription **ad, + const char **text )); + +LDAP_SLAPD_F (int) slap_bv2undef_ad LDAP_P(( + struct berval *bv, + AttributeDescription **ad, + const char **text )); + /* * acl.c */ -LIBSLAPD_F (int) access_allowed LDAP_P(( +LDAP_SLAPD_F (int) access_allowed LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e, AttributeDescription *desc, struct berval *val, slap_access_t access )); -LIBSLAPD_F (int) acl_check_modlist LDAP_P(( +LDAP_SLAPD_F (int) acl_check_modlist LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e, Modifications *ml )); -LIBSLAPD_F (void) acl_append( AccessControl **l, AccessControl *a ); +LDAP_SLAPD_F (void) acl_append( AccessControl **l, AccessControl *a ); /* * aclparse.c */ -LIBSLAPD_F (void) parse_acl LDAP_P(( Backend *be, +LDAP_SLAPD_F (void) parse_acl LDAP_P(( Backend *be, const char *fname, int lineno, int argc, char **argv )); -LIBSLAPD_F (char *) access2str LDAP_P(( slap_access_t access )); -LIBSLAPD_F (slap_access_t) str2access LDAP_P(( const char *str )); +LDAP_SLAPD_F (char *) access2str LDAP_P(( slap_access_t access )); +LDAP_SLAPD_F (slap_access_t) str2access LDAP_P(( const char *str )); #define ACCESSMASK_MAXLEN sizeof("unknown (+wrscan)") -LIBSLAPD_F (char *) accessmask2str LDAP_P(( slap_access_mask_t mask, char* )); -LIBSLAPD_F (slap_access_mask_t) str2accessmask LDAP_P(( const char *str )); +LDAP_SLAPD_F (char *) accessmask2str LDAP_P(( slap_access_mask_t mask, char* )); +LDAP_SLAPD_F (slap_access_mask_t) str2accessmask LDAP_P(( const char *str )); /* * at.c */ -LIBSLAPD_F (void) at_config LDAP_P(( const char *fname, int lineno, int argc, char **argv )); -LIBSLAPD_F (AttributeType *) at_find LDAP_P(( const char *name )); -LIBSLAPD_F (int) at_find_in_list LDAP_P(( AttributeType *sat, AttributeType **list )); -LIBSLAPD_F (int) at_append_to_list LDAP_P(( AttributeType *sat, AttributeType ***listp )); -LIBSLAPD_F (int) at_delete_from_list LDAP_P(( int pos, AttributeType ***listp )); -LIBSLAPD_F (int) at_schema_info LDAP_P(( Entry *e )); -LIBSLAPD_F (int) at_add LDAP_P(( LDAP_ATTRIBUTE_TYPE *at, const char **err )); +LDAP_SLAPD_F (void) at_config LDAP_P(( const char *fname, int lineno, int argc, char **argv )); +LDAP_SLAPD_F (AttributeType *) at_find LDAP_P(( const char *name )); +LDAP_SLAPD_F (int) at_find_in_list LDAP_P(( AttributeType *sat, AttributeType **list )); +LDAP_SLAPD_F (int) at_append_to_list LDAP_P(( AttributeType *sat, AttributeType ***listp )); +LDAP_SLAPD_F (int) at_delete_from_list LDAP_P(( int pos, AttributeType ***listp )); +LDAP_SLAPD_F (int) at_schema_info LDAP_P(( Entry *e )); +LDAP_SLAPD_F (int) at_add LDAP_P(( LDAP_ATTRIBUTE_TYPE *at, const char **err )); -LIBSLAPD_F (int) is_at_subtype LDAP_P(( +LDAP_SLAPD_F (int) is_at_subtype LDAP_P(( AttributeType *sub, AttributeType *super )); -LIBSLAPD_F (int) is_at_syntax LDAP_P(( +LDAP_SLAPD_F (int) is_at_syntax LDAP_P(( AttributeType *at, const char *oid )); @@ -97,29 +107,29 @@ LIBSLAPD_F (int) is_at_syntax LDAP_P(( * attr.c */ -LIBSLAPD_F (void) attr_free LDAP_P(( Attribute *a )); -LIBSLAPD_F (Attribute *) attr_dup LDAP_P(( Attribute *a )); +LDAP_SLAPD_F (void) attr_free LDAP_P(( Attribute *a )); +LDAP_SLAPD_F (Attribute *) attr_dup LDAP_P(( Attribute *a )); -LIBSLAPD_F (int) attr_merge LDAP_P(( Entry *e, +LDAP_SLAPD_F (int) attr_merge LDAP_P(( Entry *e, AttributeDescription *desc, struct berval **vals )); -LIBSLAPD_F (Attribute *) attrs_find LDAP_P(( Attribute *a, AttributeDescription *desc )); -LIBSLAPD_F (Attribute *) attr_find LDAP_P(( Attribute *a, AttributeDescription *desc )); -LIBSLAPD_F (int) attr_delete LDAP_P(( Attribute **attrs, AttributeDescription *desc )); +LDAP_SLAPD_F (Attribute *) attrs_find LDAP_P(( Attribute *a, AttributeDescription *desc )); +LDAP_SLAPD_F (Attribute *) attr_find LDAP_P(( Attribute *a, AttributeDescription *desc )); +LDAP_SLAPD_F (int) attr_delete LDAP_P(( Attribute **attrs, AttributeDescription *desc )); -LIBSLAPD_F (void) attrs_free LDAP_P(( Attribute *a )); -LIBSLAPD_F (Attribute *) attrs_dup LDAP_P(( Attribute *a )); +LDAP_SLAPD_F (void) attrs_free LDAP_P(( Attribute *a )); +LDAP_SLAPD_F (Attribute *) attrs_dup LDAP_P(( Attribute *a )); /* * ava.c */ -LIBSLAPD_F (int) get_ava LDAP_P(( +LDAP_SLAPD_F (int) get_ava LDAP_P(( BerElement *ber, AttributeAssertion **ava, unsigned usage, const char **text )); -LIBSLAPD_F (void) ava_free LDAP_P(( +LDAP_SLAPD_F (void) ava_free LDAP_P(( AttributeAssertion *ava, int freeit )); @@ -127,45 +137,45 @@ LIBSLAPD_F (void) ava_free LDAP_P(( * backend.c */ -LIBSLAPD_F (int) backend_init LDAP_P((void)); -LIBSLAPD_F (int) backend_add LDAP_P((BackendInfo *aBackendInfo)); -LIBSLAPD_F (int) backend_num LDAP_P((Backend *be)); -LIBSLAPD_F (int) backend_startup LDAP_P((Backend *be)); -LIBSLAPD_F (int) backend_shutdown LDAP_P((Backend *be)); -LIBSLAPD_F (int) backend_destroy LDAP_P((void)); +LDAP_SLAPD_F (int) backend_init LDAP_P((void)); +LDAP_SLAPD_F (int) backend_add LDAP_P((BackendInfo *aBackendInfo)); +LDAP_SLAPD_F (int) backend_num LDAP_P((Backend *be)); +LDAP_SLAPD_F (int) backend_startup LDAP_P((Backend *be)); +LDAP_SLAPD_F (int) backend_shutdown LDAP_P((Backend *be)); +LDAP_SLAPD_F (int) backend_destroy LDAP_P((void)); -LIBSLAPD_F (BackendInfo *) backend_info LDAP_P(( const char *type )); -LIBSLAPD_F (BackendDB *) backend_db_init LDAP_P(( const char *type )); +LDAP_SLAPD_F (BackendInfo *) backend_info LDAP_P(( const char *type )); +LDAP_SLAPD_F (BackendDB *) backend_db_init LDAP_P(( const char *type )); -LIBSLAPD_F (BackendDB *) select_backend LDAP_P(( const char * dn )); +LDAP_SLAPD_F (BackendDB *) select_backend LDAP_P(( const char * dn )); -LIBSLAPD_F (int) be_issuffix LDAP_P(( Backend *be, const char *suffix )); -LIBSLAPD_F (int) be_isroot LDAP_P(( Backend *be, const char *ndn )); -LIBSLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be, const char *ndn, struct berval *cred )); -LIBSLAPD_F (char *) be_root_dn LDAP_P(( Backend *be )); -LIBSLAPD_F (int) be_entry_release_rw LDAP_P(( Backend *be, Entry *e, int rw )); +LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be, const char *suffix )); +LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be, const char *ndn )); +LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be, const char *ndn, struct berval *cred )); +LDAP_SLAPD_F (char *) be_root_dn LDAP_P(( Backend *be )); +LDAP_SLAPD_F (int) be_entry_release_rw LDAP_P(( Backend *be, Entry *e, int rw )); #define be_entry_release_r( be, e ) be_entry_release_rw( be, e, 0 ) #define be_entry_release_w( be, e ) be_entry_release_rw( be, e, 1 ) -LIBSLAPD_F (int) backend_unbind LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) backend_unbind LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F( int ) backend_check_controls LDAP_P(( +LDAP_SLAPD_F( int ) backend_check_controls LDAP_P(( Backend *be, Connection *conn, Operation *op, const char **text )); -LIBSLAPD_F( int ) backend_check_referrals LDAP_P(( +LDAP_SLAPD_F( int ) backend_check_referrals LDAP_P(( Backend *be, Connection *conn, Operation *op, const char *dn, const char *ndn )); -LIBSLAPD_F (int) backend_connection_init LDAP_P((Connection *conn)); -LIBSLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn)); +LDAP_SLAPD_F (int) backend_connection_init LDAP_P((Connection *conn)); +LDAP_SLAPD_F (int) backend_connection_destroy LDAP_P((Connection *conn)); -LIBSLAPD_F (int) backend_group LDAP_P((Backend *be, +LDAP_SLAPD_F (int) backend_group LDAP_P((Backend *be, Entry *target, const char *gr_ndn, const char *op_ndn, @@ -173,7 +183,16 @@ LIBSLAPD_F (int) backend_group LDAP_P((Backend *be, AttributeDescription *group_at )); -LIBSLAPD_F (Attribute *) backend_operational( Backend *, Entry * ); +LDAP_SLAPD_F (int) backend_attribute LDAP_P((Backend *be, + Connection *conn, + Operation *op, + Entry *target, + const char *e_ndn, + AttributeDescription *entry_at, + struct berval ***vals +)); + +LDAP_SLAPD_F (Attribute *) backend_operational( Backend *, Entry * ); @@ -189,11 +208,11 @@ LIBSLAPD_F (Attribute *) backend_operational( Backend *, Entry * ); #define ch_free free #else -LIBSLAPD_F (void *) ch_malloc LDAP_P(( ber_len_t size )); -LIBSLAPD_F (void *) ch_realloc LDAP_P(( void *block, ber_len_t size )); -LIBSLAPD_F (void *) ch_calloc LDAP_P(( ber_len_t nelem, ber_len_t size )); -LIBSLAPD_F (char *) ch_strdup LDAP_P(( const char *string )); -LIBSLAPD_F (void) ch_free LDAP_P(( void * )); +LDAP_SLAPD_F (void *) ch_malloc LDAP_P(( ber_len_t size )); +LDAP_SLAPD_F (void *) ch_realloc LDAP_P(( void *block, ber_len_t size )); +LDAP_SLAPD_F (void *) ch_calloc LDAP_P(( ber_len_t nelem, ber_len_t size )); +LDAP_SLAPD_F (char *) ch_strdup LDAP_P(( const char *string )); +LDAP_SLAPD_F (void) ch_free LDAP_P(( void * )); #ifndef CH_FREE #undef free @@ -205,45 +224,45 @@ LIBSLAPD_F (void) ch_free LDAP_P(( void * )); * charray.c */ -LIBSLAPD_F (void) charray_add LDAP_P(( char ***a, const char *s )); -LIBSLAPD_F (void) charray_merge LDAP_P(( char ***a, char **s )); -LIBSLAPD_F (void) charray_free LDAP_P(( char **array )); -LIBSLAPD_F (int) charray_inlist LDAP_P(( char **a, const char *s )); -LIBSLAPD_F (char **) charray_dup LDAP_P(( char **a )); -LIBSLAPD_F (char **) str2charray LDAP_P(( const char *str, const char *brkstr )); +LDAP_SLAPD_F (void) charray_add LDAP_P(( char ***a, const char *s )); +LDAP_SLAPD_F (void) charray_merge LDAP_P(( char ***a, char **s )); +LDAP_SLAPD_F (void) charray_free LDAP_P(( char **array )); +LDAP_SLAPD_F (int) charray_inlist LDAP_P(( char **a, const char *s )); +LDAP_SLAPD_F (char **) charray_dup LDAP_P(( char **a )); +LDAP_SLAPD_F (char **) str2charray LDAP_P(( const char *str, const char *brkstr )); /* * controls.c */ -LIBSLAPD_F (int) get_ctrls LDAP_P(( +LDAP_SLAPD_F (int) get_ctrls LDAP_P(( Connection *co, Operation *op, int senderrors )); -LIBSLAPD_F (int) get_manageDSAit LDAP_P(( Operation *op )); +LDAP_SLAPD_F (int) get_manageDSAit LDAP_P(( Operation *op )); /* * config.c */ -LIBSLAPD_F (int) read_config LDAP_P(( const char *fname )); +LDAP_SLAPD_F (int) read_config LDAP_P(( const char *fname )); /* * index.c */ -LIBSLAPD_F (int) slap_index2prefix LDAP_P(( int indextype )); -LIBSLAPD_F (int) slap_str2index LDAP_P(( const char *str, slap_index *idx )); +LDAP_SLAPD_F (int) slap_index2prefix LDAP_P(( int indextype )); +LDAP_SLAPD_F (int) slap_str2index LDAP_P(( const char *str, slap_index *idx )); /* * connection.c */ -LIBSLAPD_F (int) connections_init LDAP_P((void)); -LIBSLAPD_F (int) connections_shutdown LDAP_P((void)); -LIBSLAPD_F (int) connections_destroy LDAP_P((void)); -LIBSLAPD_F (int) connections_timeout_idle LDAP_P((time_t)); +LDAP_SLAPD_F (int) connections_init LDAP_P((void)); +LDAP_SLAPD_F (int) connections_shutdown LDAP_P((void)); +LDAP_SLAPD_F (int) connections_destroy LDAP_P((void)); +LDAP_SLAPD_F (int) connections_timeout_idle LDAP_P((time_t)); -LIBSLAPD_F (long) connection_init LDAP_P(( +LDAP_SLAPD_F (long) connection_init LDAP_P(( ber_socket_t s, const char* url, const char* dnsname, @@ -251,34 +270,34 @@ LIBSLAPD_F (long) connection_init LDAP_P(( const char* sockname, int use_tls )); -LIBSLAPD_F (void) connection_closing LDAP_P(( Connection *c )); -LIBSLAPD_F (int) connection_state_closing LDAP_P(( Connection *c )); -LIBSLAPD_F (const char *) connection_state2str LDAP_P(( int state )) LDAP_GCCATTR((const)); +LDAP_SLAPD_F (void) connection_closing LDAP_P(( Connection *c )); +LDAP_SLAPD_F (int) connection_state_closing LDAP_P(( Connection *c )); +LDAP_SLAPD_F (const char *) connection_state2str LDAP_P(( int state )) LDAP_GCCATTR((const)); -LIBSLAPD_F (int) connection_write LDAP_P((ber_socket_t s)); -LIBSLAPD_F (int) connection_read LDAP_P((ber_socket_t s)); +LDAP_SLAPD_F (int) connection_write LDAP_P((ber_socket_t s)); +LDAP_SLAPD_F (int) connection_read LDAP_P((ber_socket_t s)); -LIBSLAPD_F (unsigned long) connections_nextid(void); +LDAP_SLAPD_F (unsigned long) connections_nextid(void); -LIBSLAPD_F (Connection *) connection_first LDAP_P((ber_socket_t *)); -LIBSLAPD_F (Connection *) connection_next LDAP_P((Connection *, ber_socket_t *)); -LIBSLAPD_F (void) connection_done LDAP_P((Connection *)); +LDAP_SLAPD_F (Connection *) connection_first LDAP_P((ber_socket_t *)); +LDAP_SLAPD_F (Connection *) connection_next LDAP_P((Connection *, ber_socket_t *)); +LDAP_SLAPD_F (void) connection_done LDAP_P((Connection *)); /* * dn.c */ -LIBSLAPD_F (char *) dn_validate LDAP_P(( char *dn )); -LIBSLAPD_F (char *) dn_normalize LDAP_P(( char *dn )); -LIBSLAPD_F (char *) dn_parent LDAP_P(( Backend *be, const char *dn )); -LIBSLAPD_F (char **) dn_subtree LDAP_P(( Backend *be, const char *dn )); -LIBSLAPD_F (char *) dn_rdn LDAP_P(( Backend *be, const char *dn )); -LIBSLAPD_F (int) dn_issuffix LDAP_P(( const char *dn, const char *suffix )); -LIBSLAPD_F (int) rdn_validate LDAP_P(( const char* str )); -LIBSLAPD_F (char *) rdn_attr_value LDAP_P(( const char * rdn )); -LIBSLAPD_F (char *) rdn_attr_type LDAP_P(( const char * rdn )); +LDAP_SLAPD_F (char *) dn_validate LDAP_P(( char *dn )); +LDAP_SLAPD_F (char *) dn_normalize LDAP_P(( char *dn )); +LDAP_SLAPD_F (char *) dn_parent LDAP_P(( Backend *be, const char *dn )); +LDAP_SLAPD_F (char **) dn_subtree LDAP_P(( Backend *be, const char *dn )); +LDAP_SLAPD_F (char *) dn_rdn LDAP_P(( Backend *be, const char *dn )); +LDAP_SLAPD_F (int) dn_issuffix LDAP_P(( const char *dn, const char *suffix )); +LDAP_SLAPD_F (int) rdn_validate LDAP_P(( const char* str )); +LDAP_SLAPD_F (char *) rdn_attr_value LDAP_P(( const char * rdn )); +LDAP_SLAPD_F (char *) rdn_attr_type LDAP_P(( const char * rdn )); -LIBSLAPD_F (void) build_new_dn LDAP_P(( char ** new_dn, +LDAP_SLAPD_F (void) build_new_dn LDAP_P(( char ** new_dn, const char *e_dn, const char * p_dn, const char * newrdn )); @@ -286,15 +305,15 @@ LIBSLAPD_F (void) build_new_dn LDAP_P(( char ** new_dn, * entry.c */ -LIBSLAPD_F (int) entry_destroy LDAP_P((void)); +LDAP_SLAPD_F (int) entry_destroy LDAP_P((void)); -LIBSLAPD_F (Entry *) str2entry LDAP_P(( char *s )); -LIBSLAPD_F (char *) entry2str LDAP_P(( Entry *e, int *len )); -LIBSLAPD_F (void) entry_free LDAP_P(( Entry *e )); +LDAP_SLAPD_F (Entry *) str2entry LDAP_P(( char *s )); +LDAP_SLAPD_F (char *) entry2str LDAP_P(( Entry *e, int *len )); +LDAP_SLAPD_F (void) entry_free LDAP_P(( Entry *e )); -LIBSLAPD_F (int) entry_cmp LDAP_P(( Entry *a, Entry *b )); -LIBSLAPD_F (int) entry_dn_cmp LDAP_P(( Entry *a, Entry *b )); -LIBSLAPD_F (int) entry_id_cmp LDAP_P(( Entry *a, Entry *b )); +LDAP_SLAPD_F (int) entry_cmp LDAP_P(( Entry *a, Entry *b )); +LDAP_SLAPD_F (int) entry_dn_cmp LDAP_P(( Entry *a, Entry *b )); +LDAP_SLAPD_F (int) entry_id_cmp LDAP_P(( Entry *a, Entry *b )); /* * extended.c @@ -324,63 +343,63 @@ typedef int (*SLAP_EXTOP_MAIN_FN) LDAP_P(( typedef int (*SLAP_EXTOP_GETOID_FN) LDAP_P(( int index, char *oid, int blen )); -LIBSLAPD_F (int) load_extension LDAP_P((const void *module, const char *file_name)); -LIBSLAPD_F (char *) get_supported_extension LDAP_P((int index)); +LDAP_SLAPD_F (int) load_extension LDAP_P((const void *module, const char *file_name)); +LDAP_SLAPD_F (char *) get_supported_extension LDAP_P((int index)); -LIBSLAPD_F (int) load_extop LDAP_P(( +LDAP_SLAPD_F (int) load_extop LDAP_P(( const char *ext_oid, SLAP_EXTOP_MAIN_FN ext_main )); -LIBSLAPD_F (int) extops_init LDAP_P(( void )); +LDAP_SLAPD_F (int) extops_init LDAP_P(( void )); -LIBSLAPD_F (int) extops_kill LDAP_P(( void )); +LDAP_SLAPD_F (int) extops_kill LDAP_P(( void )); -LIBSLAPD_F (char *) get_supported_extop LDAP_P((int index)); +LDAP_SLAPD_F (char *) get_supported_extop LDAP_P((int index)); /* * filter.c */ -LIBSLAPD_F (int) get_filter LDAP_P(( +LDAP_SLAPD_F (int) get_filter LDAP_P(( Connection *conn, BerElement *ber, Filter **filt, char **fstr, const char **text )); -LIBSLAPD_F (void) filter_free LDAP_P(( Filter *f )); -LIBSLAPD_F (void) filter_print LDAP_P(( Filter *f )); +LDAP_SLAPD_F (void) filter_free LDAP_P(( Filter *f )); +LDAP_SLAPD_F (void) filter_print LDAP_P(( Filter *f )); /* * filterentry.c */ -LIBSLAPD_F (int) test_filter LDAP_P(( +LDAP_SLAPD_F (int) test_filter LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e, Filter *f )); /* * lock.c */ -LIBSLAPD_F (FILE *) lock_fopen LDAP_P(( const char *fname, const char *type, FILE **lfp )); -LIBSLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp )); +LDAP_SLAPD_F (FILE *) lock_fopen LDAP_P(( const char *fname, const char *type, FILE **lfp )); +LDAP_SLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp )); /* * modify.c * should be relocated to separate file */ -LIBSLAPD_F( void ) slap_mod_free LDAP_P(( Modification *mod, int freeit )); -LIBSLAPD_F( void ) slap_mods_free LDAP_P(( Modifications *mods )); -LIBSLAPD_F( void ) slap_modlist_free LDAP_P(( LDAPModList *ml )); +LDAP_SLAPD_F( void ) slap_mod_free LDAP_P(( Modification *mod, int freeit )); +LDAP_SLAPD_F( void ) slap_mods_free LDAP_P(( Modifications *mods )); +LDAP_SLAPD_F( void ) slap_modlist_free LDAP_P(( LDAPModList *ml )); -LIBSLAPD_F( int ) slap_modlist2mods( +LDAP_SLAPD_F( int ) slap_modlist2mods( LDAPModList *ml, int update, Modifications **mods, const char **text ); -LIBSLAPD_F( int ) slap_mods_opattrs( +LDAP_SLAPD_F( int ) slap_mods_opattrs( Operation *op, Modifications **modlist, const char **text ); @@ -391,20 +410,20 @@ LIBSLAPD_F( int ) slap_mods_opattrs( #ifdef SLAPD_MODULES -LIBSLAPD_F (int) module_init LDAP_P(( void )); -LIBSLAPD_F (int) module_kill LDAP_P(( void )); +LDAP_SLAPD_F (int) module_init LDAP_P(( void )); +LDAP_SLAPD_F (int) module_kill LDAP_P(( void )); -LIBSLAPD_F (int) load_null_module( +LDAP_SLAPD_F (int) load_null_module( const void *module, const char *file_name); -LIBSLAPD_F (int) load_extop_module( +LDAP_SLAPD_F (int) load_extop_module( const void *module, const char *file_name); -LIBSLAPD_F (int) module_load LDAP_P(( +LDAP_SLAPD_F (int) module_load LDAP_P(( const char* file_name, int argc, char *argv[] )); -LIBSLAPD_F (int) module_path LDAP_P(( const char* path )); +LDAP_SLAPD_F (int) module_path LDAP_P(( const char* path )); -LIBSLAPD_F (void) *module_resolve LDAP_P(( +LDAP_SLAPD_F (void) *module_resolve LDAP_P(( const void *module, const char *name)); #endif /* SLAPD_MODULES */ @@ -412,54 +431,54 @@ LIBSLAPD_F (void) *module_resolve LDAP_P(( /* * monitor.c */ -LIBSLAPD_F (char *) supportedControls[]; +LDAP_SLAPD_F (char *) supportedControls[]; -LIBSLAPD_F (int) monitor_info LDAP_P(( +LDAP_SLAPD_F (int) monitor_info LDAP_P(( Entry **entry, const char **text )); /* * operation.c */ -LIBSLAPD_F (void) slap_op_free LDAP_P(( Operation *op )); -LIBSLAPD_F (Operation *) slap_op_alloc LDAP_P(( +LDAP_SLAPD_F (void) slap_op_free LDAP_P(( Operation *op )); +LDAP_SLAPD_F (Operation *) slap_op_alloc LDAP_P(( BerElement *ber, ber_int_t msgid, ber_tag_t tag, ber_int_t id )); -LIBSLAPD_F (int) slap_op_add LDAP_P(( Operation **olist, Operation *op )); -LIBSLAPD_F (int) slap_op_remove LDAP_P(( Operation **olist, Operation *op )); -LIBSLAPD_F (Operation *) slap_op_pop LDAP_P(( Operation **olist )); +LDAP_SLAPD_F (int) slap_op_add LDAP_P(( Operation **olist, Operation *op )); +LDAP_SLAPD_F (int) slap_op_remove LDAP_P(( Operation **olist, Operation *op )); +LDAP_SLAPD_F (Operation *) slap_op_pop LDAP_P(( Operation **olist )); /* * phonetic.c */ -LIBSLAPD_F (char *) first_word LDAP_P(( char *s )); -LIBSLAPD_F (char *) next_word LDAP_P(( char *s )); -LIBSLAPD_F (char *) word_dup LDAP_P(( char *w )); -LIBSLAPD_F (char *) phonetic LDAP_P(( char *s )); +LDAP_SLAPD_F (char *) first_word LDAP_P(( char *s )); +LDAP_SLAPD_F (char *) next_word LDAP_P(( char *s )); +LDAP_SLAPD_F (char *) word_dup LDAP_P(( char *w )); +LDAP_SLAPD_F (char *) phonetic LDAP_P(( char *s )); /* * repl.c */ -LIBSLAPD_F (void) replog LDAP_P(( Backend *be, Operation *op, char *dn, void *change )); +LDAP_SLAPD_F (void) replog LDAP_P(( Backend *be, Operation *op, char *dn, void *change )); /* * result.c */ -LIBSLAPD_F (struct berval **) get_entry_referrals LDAP_P(( +LDAP_SLAPD_F (struct berval **) get_entry_referrals LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e )); -LIBSLAPD_F (void) send_ldap_result LDAP_P(( +LDAP_SLAPD_F (void) send_ldap_result LDAP_P(( Connection *conn, Operation *op, ber_int_t err, const char *matched, const char *text, struct berval **refs, LDAPControl **ctrls )); -LIBSLAPD_F (void) send_ldap_sasl LDAP_P(( +LDAP_SLAPD_F (void) send_ldap_sasl LDAP_P(( Connection *conn, Operation *op, ber_int_t err, const char *matched, const char *text, @@ -467,86 +486,86 @@ LIBSLAPD_F (void) send_ldap_sasl LDAP_P(( LDAPControl **ctrls, struct berval *cred )); -LIBSLAPD_F (void) send_ldap_disconnect LDAP_P(( +LDAP_SLAPD_F (void) send_ldap_disconnect LDAP_P(( Connection *conn, Operation *op, ber_int_t err, const char *text )); -LIBSLAPD_F (void) send_ldap_extended LDAP_P(( +LDAP_SLAPD_F (void) send_ldap_extended LDAP_P(( Connection *conn, Operation *op, ber_int_t err, const char *matched, const char *text, struct berval **refs, const char *rspoid, struct berval *rspdata, LDAPControl **ctrls )); -LIBSLAPD_F (void) send_ldap_partial LDAP_P(( +LDAP_SLAPD_F (void) send_ldap_partial LDAP_P(( Connection *conn, Operation *op, const char *rspoid, struct berval *rspdata, LDAPControl **ctrls )); -LIBSLAPD_F (void) send_search_result LDAP_P(( +LDAP_SLAPD_F (void) send_search_result LDAP_P(( Connection *conn, Operation *op, ber_int_t err, const char *matched, const char *text, struct berval **refs, LDAPControl **ctrls, int nentries )); -LIBSLAPD_F (int) send_search_reference LDAP_P(( +LDAP_SLAPD_F (int) send_search_reference LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e, struct berval **refs, int scope, LDAPControl **ctrls, struct berval ***v2refs )); -LIBSLAPD_F (int) send_search_entry LDAP_P(( +LDAP_SLAPD_F (int) send_search_entry LDAP_P(( Backend *be, Connection *conn, Operation *op, Entry *e, char **attrs, int attrsonly, LDAPControl **ctrls )); -LIBSLAPD_F (int) str2result LDAP_P(( char *s, +LDAP_SLAPD_F (int) str2result LDAP_P(( char *s, int *code, char **matched, char **info )); /* * sasl.c */ -LIBSLAPD_F (char **) supportedSASLMechanisms; +LDAP_SLAPD_F (char **) supportedSASLMechanisms; -LIBSLAPD_F (int) sasl_init(void); -LIBSLAPD_F (int) sasl_destroy(void); -LIBSLAPD_F (int) sasl_errldap LDAP_P(( int )); -LIBSLAPD_F (int) sasl_bind LDAP_P(( +LDAP_SLAPD_F (int) sasl_init(void); +LDAP_SLAPD_F (int) sasl_destroy(void); +LDAP_SLAPD_F (int) sasl_errldap LDAP_P(( int )); +LDAP_SLAPD_F (int) sasl_bind LDAP_P(( Connection *conn, Operation *op, const char *dn, const char *ndn, const char *mech, struct berval *cred, char **edn )); /* oc.c */ -LIBSLAPD_F (int) oc_schema_info( Entry *e ); +LDAP_SLAPD_F (int) oc_schema_info( Entry *e ); /* mr.c */ -LIBSLAPD_F (int) mr_schema_info( Entry *e ); +LDAP_SLAPD_F (int) mr_schema_info( Entry *e ); /* syntax.c */ -LIBSLAPD_F (int) syn_schema_info( Entry *e ); +LDAP_SLAPD_F (int) syn_schema_info( Entry *e ); /* * schema.c */ -LIBSLAPD_F (ObjectClass *) oc_find LDAP_P(( +LDAP_SLAPD_F (ObjectClass *) oc_find LDAP_P(( const char *ocname)); -LIBSLAPD_F (int) oc_add LDAP_P(( +LDAP_SLAPD_F (int) oc_add LDAP_P(( LDAP_OBJECT_CLASS *oc, const char **err)); -LIBSLAPD_F (int) is_object_subclass LDAP_P(( +LDAP_SLAPD_F (int) is_object_subclass LDAP_P(( ObjectClass *sub, ObjectClass *sup )); -LIBSLAPD_F (Syntax *) syn_find LDAP_P((const char *synname)); -LIBSLAPD_F (Syntax *) syn_find_desc LDAP_P((const char *syndesc, int *slen)); +LDAP_SLAPD_F (Syntax *) syn_find LDAP_P((const char *synname)); +LDAP_SLAPD_F (Syntax *) syn_find_desc LDAP_P((const char *syndesc, int *slen)); #ifdef SLAPD_BINARY_CONVERSION -LIBSLAPD_F (int) syn_add LDAP_P(( +LDAP_SLAPD_F (int) syn_add LDAP_P(( LDAP_SYNTAX *syn, unsigned flags, slap_syntax_validate_func *validate, @@ -556,7 +575,7 @@ LIBSLAPD_F (int) syn_add LDAP_P(( slap_syntax_transform_func *str2ber, const char **err)); #else -LIBSLAPD_F (int) syn_add LDAP_P(( +LDAP_SLAPD_F (int) syn_add LDAP_P(( LDAP_SYNTAX *syn, unsigned flags, slap_syntax_validate_func *validate, @@ -565,8 +584,8 @@ LIBSLAPD_F (int) syn_add LDAP_P(( const char **err)); #endif -LIBSLAPD_F (MatchingRule *) mr_find LDAP_P((const char *mrname)); -LIBSLAPD_F (int) mr_add LDAP_P((LDAP_MATCHING_RULE *mr, +LDAP_SLAPD_F (MatchingRule *) mr_find LDAP_P((const char *mrname)); +LDAP_SLAPD_F (int) mr_add LDAP_P((LDAP_MATCHING_RULE *mr, unsigned usage, slap_mr_convert_func *convert, slap_mr_normalize_func *normalize, @@ -575,14 +594,14 @@ LIBSLAPD_F (int) mr_add LDAP_P((LDAP_MATCHING_RULE *mr, slap_mr_filter_func *filter, const char **err)); -LIBSLAPD_F (int) register_syntax LDAP_P(( +LDAP_SLAPD_F (int) register_syntax LDAP_P(( char *desc, unsigned flags, slap_syntax_validate_func *validate, slap_syntax_transform_func *ber2str, slap_syntax_transform_func *str2ber )); -LIBSLAPD_F (int) register_matching_rule LDAP_P(( +LDAP_SLAPD_F (int) register_matching_rule LDAP_P(( char * desc, unsigned usage, slap_mr_convert_func *convert, @@ -591,9 +610,9 @@ LIBSLAPD_F (int) register_matching_rule LDAP_P(( slap_mr_indexer_func *indexer, slap_mr_filter_func *filter )); -LIBSLAPD_F (int) schema_info LDAP_P(( Entry **entry, const char **text )); +LDAP_SLAPD_F (int) schema_info LDAP_P(( Entry **entry, const char **text )); -LIBSLAPD_F (int) is_entry_objectclass LDAP_P(( +LDAP_SLAPD_F (int) is_entry_objectclass LDAP_P(( Entry *, ObjectClass *oc )); #define is_entry_alias(e) is_entry_objectclass((e), slap_schema.si_oc_alias) #define is_entry_referral(e) is_entry_objectclass((e), slap_schema.si_oc_referral) @@ -605,7 +624,7 @@ LIBSLAPD_F (int) is_entry_objectclass LDAP_P(( int oc_check_allowed( AttributeType *type, struct berval **oclist ); -LIBSLAPD_F (int) entry_schema_check LDAP_P(( +LDAP_SLAPD_F (int) entry_schema_check LDAP_P(( Entry *e, Attribute *attrs, const char** text )); @@ -613,27 +632,27 @@ LIBSLAPD_F (int) entry_schema_check LDAP_P(( /* * schema_init.c */ -LIBSLAPD_F (int) schema_init LDAP_P((void)); -LIBSLAPD_F (int) schema_prep LDAP_P((void)); +LDAP_SLAPD_F (int) schema_init LDAP_P((void)); +LDAP_SLAPD_F (int) schema_prep LDAP_P((void)); /* * schemaparse.c */ -LIBSLAPD_F (void) parse_oc_old LDAP_P(( Backend *be, const char *fname, int lineno, int argc, char **argv )); -LIBSLAPD_F (void) parse_oc LDAP_P(( const char *fname, int lineno, char *line, char **argv )); -LIBSLAPD_F (void) parse_at LDAP_P(( const char *fname, int lineno, char *line, char **argv )); -LIBSLAPD_F (void) parse_oidm LDAP_P(( const char *fname, int lineno, int argc, char **argv )); -LIBSLAPD_F (char *) scherr2str LDAP_P((int code)) LDAP_GCCATTR((const)); -LIBSLAPD_F (int) dscompare LDAP_P(( const char *s1, const char *s2del, char delim )); +LDAP_SLAPD_F (void) parse_oc_old LDAP_P(( Backend *be, const char *fname, int lineno, int argc, char **argv )); +LDAP_SLAPD_F (void) parse_oc LDAP_P(( const char *fname, int lineno, char *line, char **argv )); +LDAP_SLAPD_F (void) parse_at LDAP_P(( const char *fname, int lineno, char *line, char **argv )); +LDAP_SLAPD_F (void) parse_oidm LDAP_P(( const char *fname, int lineno, int argc, char **argv )); +LDAP_SLAPD_F (char *) scherr2str LDAP_P((int code)) LDAP_GCCATTR((const)); +LDAP_SLAPD_F (int) dscompare LDAP_P(( const char *s1, const char *s2del, char delim )); /* * starttls.c */ -LIBSLAPD_F (int) starttls_extop LDAP_P(( +LDAP_SLAPD_F (int) starttls_extop LDAP_P(( SLAP_EXTOP_CALLBACK_FN, Connection *conn, Operation *op, const char * reqoid, @@ -649,46 +668,47 @@ LIBSLAPD_F (int) starttls_extop LDAP_P(( * str2filter.c */ -LIBSLAPD_F (Filter *) str2filter LDAP_P(( const char *str )); +LDAP_SLAPD_F (Filter *) str2filter LDAP_P(( const char *str )); /* * suffixalias.c */ -LIBSLAPD_F (char *) suffix_alias LDAP_P(( Backend *be, char *ndn )); +LDAP_SLAPD_F (char *) suffix_alias LDAP_P(( Backend *be, char *ndn )); /* * value.c */ -LIBSLAPD_F (int) value_normalize LDAP_P(( +LDAP_SLAPD_F (int) value_normalize LDAP_P(( AttributeDescription *ad, unsigned usage, struct berval *in, struct berval **out, const char ** text )); -LIBSLAPD_F (int) value_match LDAP_P(( +LDAP_SLAPD_F (int) value_match LDAP_P(( int *match, AttributeDescription *ad, MatchingRule *mr, + unsigned flags, struct berval *v1, void *v2, const char ** text )); -LIBSLAPD_F (int) value_find LDAP_P(( +LDAP_SLAPD_F (int) value_find LDAP_P(( AttributeDescription *ad, struct berval **values, struct berval *value )); -LIBSLAPD_F (int) value_add LDAP_P(( struct berval ***vals, struct berval **addvals )); +LDAP_SLAPD_F (int) value_add LDAP_P(( struct berval ***vals, struct berval **addvals )); /* * user.c */ #if defined(HAVE_PWD_H) && defined(HAVE_GRP_H) -LIBSLAPD_F (void) slap_init_user LDAP_P(( char *username, char *groupname )); +LDAP_SLAPD_F (void) slap_init_user LDAP_P(( char *username, char *groupname )); #endif /* * passwd.c */ -LIBSLAPD_F (int) passwd_extop LDAP_P(( +LDAP_SLAPD_F (int) passwd_extop LDAP_P(( SLAP_EXTOP_CALLBACK_FN, Connection *conn, Operation *op, const char * reqoid, @@ -699,19 +719,19 @@ LIBSLAPD_F (int) passwd_extop LDAP_P(( const char ** text, struct berval *** refs )); -LIBSLAPD_F (int) slap_passwd_check( +LDAP_SLAPD_F (int) slap_passwd_check( Attribute *attr, struct berval *cred ); -LIBSLAPD_F (struct berval *) slap_passwd_generate( void ); +LDAP_SLAPD_F (struct berval *) slap_passwd_generate( void ); -LIBSLAPD_F (struct berval *) slap_passwd_hash( +LDAP_SLAPD_F (struct berval *) slap_passwd_hash( struct berval *cred ); -LIBSLAPD_F (struct berval *) slap_passwd_return( +LDAP_SLAPD_F (struct berval *) slap_passwd_return( struct berval *cred ); -LIBSLAPD_F (int) slap_passwd_parse( +LDAP_SLAPD_F (int) slap_passwd_parse( struct berval *reqdata, struct berval **id, struct berval **oldpass, @@ -723,98 +743,98 @@ LIBSLAPD_F (int) slap_passwd_parse( */ #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND extern char *ldap_srvtab; -LIBSLAPD_F (int) krbv4_ldap_auth(); +LDAP_SLAPD_F (int) krbv4_ldap_auth(); #endif /* * Other... */ -LIBSLAPD_F (struct berval **) default_referral; -LIBSLAPD_F (char *) replogfile; -LIBSLAPD_F (const char) Versionstr[]; -LIBSLAPD_F (int) defsize; -LIBSLAPD_F (int) deftime; -LIBSLAPD_F (int) g_argc; -LIBSLAPD_F (slap_access_t) global_default_access; -LIBSLAPD_F (int) global_readonly; -LIBSLAPD_F (int) global_lastmod; -LIBSLAPD_F (int) global_idletimeout; -LIBSLAPD_F (int) global_schemacheck; -LIBSLAPD_F (char) *global_realm; -LIBSLAPD_F (char) *default_passwd_hash; -LIBSLAPD_F (int) lber_debug; -LIBSLAPD_F (int) ldap_syslog; - -LIBSLAPD_F (ldap_pvt_thread_mutex_t) num_sent_mutex; -LIBSLAPD_F (long) num_bytes_sent; -LIBSLAPD_F (long) num_pdu_sent; -LIBSLAPD_F (long) num_entries_sent; -LIBSLAPD_F (long) num_refs_sent; - -LIBSLAPD_F (ldap_pvt_thread_mutex_t) num_ops_mutex; -LIBSLAPD_F (long) num_ops_completed; -LIBSLAPD_F (long) num_ops_initiated; - -LIBSLAPD_F (char *) slapd_pid_file; -LIBSLAPD_F (char *) slapd_args_file; -LIBSLAPD_F (char) **g_argv; -LIBSLAPD_F (time_t) starttime; - -LIBSLAPD_F (time_t) slap_get_time LDAP_P((void)); - -LIBSLAPD_F (ldap_pvt_thread_pool_t) connection_pool; - -LIBSLAPD_F (ldap_pvt_thread_mutex_t) entry2str_mutex; -LIBSLAPD_F (ldap_pvt_thread_mutex_t) replog_mutex; +LDAP_SLAPD_F (struct berval **) default_referral; +LDAP_SLAPD_F (char *) replogfile; +LDAP_SLAPD_F (const char) Versionstr[]; +LDAP_SLAPD_F (int) defsize; +LDAP_SLAPD_F (int) deftime; +LDAP_SLAPD_F (int) g_argc; +LDAP_SLAPD_F (slap_access_t) global_default_access; +LDAP_SLAPD_F (int) global_readonly; +LDAP_SLAPD_F (int) global_lastmod; +LDAP_SLAPD_F (int) global_idletimeout; +LDAP_SLAPD_F (int) global_schemacheck; +LDAP_SLAPD_F (char) *global_realm; +LDAP_SLAPD_F (char) *default_passwd_hash; +LDAP_SLAPD_F (int) lber_debug; +LDAP_SLAPD_F (int) ldap_syslog; + +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) num_sent_mutex; +LDAP_SLAPD_F (long) num_bytes_sent; +LDAP_SLAPD_F (long) num_pdu_sent; +LDAP_SLAPD_F (long) num_entries_sent; +LDAP_SLAPD_F (long) num_refs_sent; + +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) num_ops_mutex; +LDAP_SLAPD_F (long) num_ops_completed; +LDAP_SLAPD_F (long) num_ops_initiated; + +LDAP_SLAPD_F (char *) slapd_pid_file; +LDAP_SLAPD_F (char *) slapd_args_file; +LDAP_SLAPD_F (char) **g_argv; +LDAP_SLAPD_F (time_t) starttime; + +LDAP_SLAPD_F (time_t) slap_get_time LDAP_P((void)); + +LDAP_SLAPD_F (ldap_pvt_thread_pool_t) connection_pool; + +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) entry2str_mutex; +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) replog_mutex; #ifdef SLAPD_CRYPT -LIBSLAPD_F (ldap_pvt_thread_mutex_t) crypt_mutex; +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) crypt_mutex; #endif -LIBSLAPD_F (ldap_pvt_thread_mutex_t) gmtime_mutex; +LDAP_SLAPD_F (ldap_pvt_thread_mutex_t) gmtime_mutex; -LIBSLAPD_F (AccessControl *) global_acl; +LDAP_SLAPD_F (AccessControl *) global_acl; -LIBSLAPD_F (int) slap_init LDAP_P((int mode, const char* name)); -LIBSLAPD_F (int) slap_startup LDAP_P(( Backend *be )); -LIBSLAPD_F (int) slap_shutdown LDAP_P(( Backend *be )); -LIBSLAPD_F (int) slap_destroy LDAP_P((void)); +LDAP_SLAPD_F (int) slap_init LDAP_P((int mode, const char* name)); +LDAP_SLAPD_F (int) slap_startup LDAP_P(( Backend *be )); +LDAP_SLAPD_F (int) slap_shutdown LDAP_P(( Backend *be )); +LDAP_SLAPD_F (int) slap_destroy LDAP_P((void)); struct sockaddr_in; -LIBSLAPD_F (int) slapd_daemon_init( const char *urls ); -LIBSLAPD_F (int) slapd_daemon_destroy(void); -LIBSLAPD_F (int) slapd_daemon(void); +LDAP_SLAPD_F (int) slapd_daemon_init( const char *urls ); +LDAP_SLAPD_F (int) slapd_daemon_destroy(void); +LDAP_SLAPD_F (int) slapd_daemon(void); -LIBSLAPD_F (void) slapd_set_write LDAP_P((ber_socket_t s, int wake)); -LIBSLAPD_F (void) slapd_clr_write LDAP_P((ber_socket_t s, int wake)); -LIBSLAPD_F (void) slapd_set_read LDAP_P((ber_socket_t s, int wake)); -LIBSLAPD_F (void) slapd_clr_read LDAP_P((ber_socket_t s, int wake)); +LDAP_SLAPD_F (void) slapd_set_write LDAP_P((ber_socket_t s, int wake)); +LDAP_SLAPD_F (void) slapd_clr_write LDAP_P((ber_socket_t s, int wake)); +LDAP_SLAPD_F (void) slapd_set_read LDAP_P((ber_socket_t s, int wake)); +LDAP_SLAPD_F (void) slapd_clr_read LDAP_P((ber_socket_t s, int wake)); -LIBSLAPD_F (void) slapd_remove LDAP_P((ber_socket_t s, int wake)); +LDAP_SLAPD_F (void) slapd_remove LDAP_P((ber_socket_t s, int wake)); -LIBSLAPD_F (RETSIGTYPE) slap_sig_shutdown LDAP_P((int sig)); -LIBSLAPD_F (RETSIGTYPE) slap_sig_wake LDAP_P((int sig)); +LDAP_SLAPD_F (RETSIGTYPE) slap_sig_shutdown LDAP_P((int sig)); +LDAP_SLAPD_F (RETSIGTYPE) slap_sig_wake LDAP_P((int sig)); -LIBSLAPD_F (int) config_info LDAP_P(( +LDAP_SLAPD_F (int) config_info LDAP_P(( Entry **e, const char **text )); -LIBSLAPD_F (int) root_dse_info LDAP_P(( +LDAP_SLAPD_F (int) root_dse_info LDAP_P(( Entry **e, const char **text )); -LIBSLAPD_F (int) do_abandon LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_add LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_bind LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_compare LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_delete LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_modify LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_modrdn LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_search LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_unbind LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (int) do_extended LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_abandon LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_add LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_bind LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_compare LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_delete LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_modify LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_modrdn LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_search LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_unbind LDAP_P((Connection *conn, Operation *op)); +LDAP_SLAPD_F (int) do_extended LDAP_P((Connection *conn, Operation *op)); -LIBSLAPD_F (ber_socket_t) dtblsize; +LDAP_SLAPD_F (ber_socket_t) dtblsize; LDAP_END_DECL diff --git a/servers/slapd/result.c b/servers/slapd/result.c index 70fabc0a95..7a7000d625 100644 --- a/servers/slapd/result.c +++ b/servers/slapd/result.c @@ -276,7 +276,7 @@ send_ldap_response( #ifdef LDAP_CONNECTIONLESS if ( op->o_cldap ) { - rc = ber_printf( ber, "{is{t{ess}}}", msgid, "", tag, + rc = ber_printf( ber, "{is{t{essN}N}N}", msgid, "", tag, err, matched ? matched : "", text ? text : "" ); } else #endif @@ -312,7 +312,7 @@ send_ldap_response( } if( rc != -1 ) { - rc = ber_printf( ber, "}}" ); + rc = ber_printf( ber, "N}N}" ); } } @@ -747,7 +747,7 @@ send_search_entry( } } - if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) { + if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) { Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); ber_free( ber, 1 ); send_ldap_result( conn, op, LDAP_OTHER, @@ -822,7 +822,7 @@ send_search_entry( } } - if (( rc = ber_printf( ber, /*{[*/ "]}" )) == -1 ) { + if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) { Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); ber_free( ber, 1 ); send_ldap_result( conn, op, LDAP_OTHER, @@ -833,7 +833,7 @@ send_search_entry( attrs_free( aa ); - rc = ber_printf( ber, /*{{{*/ "}}}" ); + rc = ber_printf( ber, /*{{{*/ "}N}N}" ); if ( rc == -1 ) { Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 ); @@ -934,7 +934,7 @@ send_search_reference( return -1; } - rc = ber_printf( ber, "{it{V}}", op->o_msgid, + rc = ber_printf( ber, "{it{V}N}", op->o_msgid, LDAP_RES_SEARCH_REFERENCE, refs ); if ( rc == -1 ) { diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 2fd29f5073..8d3769c22a 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -132,7 +132,7 @@ int sasl_init( void ) return -1; } -#ifdef RESTRICT_SASL +#ifndef SLAPD_IGNORE_RFC2829 { sasl_security_properties_t secprops; memset(&secprops, '\0', sizeof(secprops)); diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema index bbf2dd593f..7f5aeafbf1 100644 --- a/servers/slapd/schema/core.schema +++ b/servers/slapd/schema/core.schema @@ -14,136 +14,140 @@ # select informational schema items: # RFC2377 (uidObject) # -# select experimental IETF LDAPext items +# select experimental IETF LDAPext/LDUP items # ldapSubentry draft # ldapRootDSE # named referrals draft # alias draft - # Standard X.501(93) Operational Attribute Types from RFC2252 -attributetype ( 2.5.18.1 NAME 'createTimestamp' EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) +attributetype ( 2.5.18.1 NAME 'createTimestamp' + EQUALITY generalizedTimeMatch + ORDERING generalizedTimeOrderingMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) -attributetype ( 2.5.18.2 NAME 'modifyTimestamp' EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) +attributetype ( 2.5.18.2 NAME 'modifyTimestamp' + EQUALITY generalizedTimeMatch + ORDERING generalizedTimeOrderingMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) -attributetype ( 2.5.18.3 NAME 'creatorsName' EQUALITY distinguishedNameMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 - SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) +attributetype ( 2.5.18.3 NAME 'creatorsName' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) -attributetype ( 2.5.18.4 NAME 'modifiersName' EQUALITY distinguishedNameMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 - SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) +attributetype ( 2.5.18.4 NAME 'modifiersName' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) attributetype ( 2.5.18.10 NAME 'subschemaSubentry' - EQUALITY distinguishedNameMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION - SINGLE-VALUE USAGE directoryOperation ) + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION + SINGLE-VALUE USAGE directoryOperation ) + +attributetype ( 2.5.21.1 NAME 'dITStructureRules' + EQUALITY integerFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation ) + +attributetype ( 2.5.21.2 NAME 'dITContentRules' + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation ) + +attributetype ( 2.5.21.4 NAME 'matchingRules' + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation ) attributetype ( 2.5.21.5 NAME 'attributeTypes' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation ) + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation ) attributetype ( 2.5.21.6 NAME 'objectClasses' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation ) + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation ) -attributetype ( 2.5.21.4 NAME 'matchingRules' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation ) +attributetype ( 2.5.21.7 NAME 'nameForms' + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation ) attributetype ( 2.5.21.8 NAME 'matchingRuleUse' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation ) + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation ) -# LDAP Operational Attributes from RFC2252 +# From X.500(97?) +attributetype ( 2.5.21.9 NAME 'structuralObjectClass' + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 + NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation ) +# LDAP Operational Attributes from RFC2252 attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation ) - -# LDAP Subschema Atrribute from RFC2252 + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation ) - -# X.500 Subschema attributes from RFC2252 - -attributetype ( 2.5.21.1 NAME 'dITStructureRules' EQUALITY integerFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation ) - -attributetype ( 2.5.21.7 NAME 'nameForms' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation ) - -attributetype ( 2.5.21.2 NAME 'dITContentRules' - EQUALITY objectIdentifierFirstComponentMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation ) + EQUALITY objectIdentifierFirstComponentMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation ) # Object Classes from RFC2252 +objectclass ( 2.5.20.1 NAME 'subschema' AUXILIARY + DESC 'RFC2252: controlling subschema' + MAY ( dITStructureRules $ nameForms $ ditContentRules $ + objectClasses $ attributeTypes $ matchingRules $ + matchingRuleUse ) ) -# extensibleObject moved forward, since it depends on top -# ldapSyntaxes (operational) is admissible in next: +# Standard attribute types used for subtyping from RFC2256 -objectclass ( 2.5.20.1 NAME 'subschema' AUXILIARY - MAY ( dITStructureRules $ nameForms $ ditContentRules $ - objectClasses $ attributeTypes $ matchingRules $ - matchingRuleUse ) ) +attributetype ( 2.5.4.41 NAME 'name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + +attributetype ( 2.5.4.49 NAME 'distinguishedName' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) # Standard attribute types from RFC2256 attributetype ( 2.5.4.0 NAME 'objectClass' - EQUALITY objectIdentifierMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) attributetype ( 2.5.4.1 NAME 'aliasedObjectName' - EQUALITY distinguishedNameMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) - -# Defined, but no longer used + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) +# obsolete attributetype ( 2.5.4.2 NAME 'knowledgeInformation' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) - -# Place here since other attribute types derive from it - -attributetype ( 2.5.4.41 NAME 'name' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) SUP name ) attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) SUP name ) attributetype ( 2.5.4.5 NAME 'serialNumber' EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) # (2-letter code from ISO 3166) - attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) SUP name SINGLE-VALUE ) attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) SUP name ) @@ -151,9 +155,9 @@ attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) SUP name ) attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) SUP name ) attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) SUP name ) @@ -162,100 +166,83 @@ attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) SUP name ) attributetype ( 2.5.4.12 NAME 'title' SUP name ) attributetype ( 2.5.4.13 NAME 'description' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) # Obsoleted by enhancedSearchGuide - attributetype ( 2.5.4.14 NAME 'searchGuide' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) attributetype ( 2.5.4.15 NAME 'businessCategory' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) attribute ( 2.5.4.16 NAME 'postalAddress' - EQUALITY caseIgnoreListMatch - SUBSTR caseIgnoreListSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + EQUALITY caseIgnoreListMatch + SUBSTR caseIgnoreListSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) attributetype ( 2.5.4.17 NAME 'postalCode' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) attributetype ( 2.5.4.18 NAME 'postOfficeBox' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) attributetype ( 2.5.4.20 NAME 'telephoneNumber' - EQUALITY telephoneNumberMatch - SUBSTR telephoneNumberSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) + EQUALITY telephoneNumberMatch + SUBSTR telephoneNumberSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) attributetype ( 2.5.4.21 NAME 'telexNumber' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) - SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) attributetype ( 2.5.4.24 NAME 'x121Address' - EQUALITY numericStringMatch - SUBSTR numericStringSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' - EQUALITY numericStringMatch - SUBSTR numericStringSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) + EQUALITY numericStringMatch + SUBSTR numericStringSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress - SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) attributetype ( 2.5.4.27 NAME 'destinationIndicator' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 - SINGLE-VALUE ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) attributetype ( 2.5.4.29 NAME 'presentationAddress' - EQUALITY presentationAddressMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 - SINGLE-VALUE ) + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' - EQUALITY objectIdentifierMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) - -# Placed here because others derive from it. - -# We had a dn definition in slapd.at.conf and Netscape lists both -# names for that OID. This is wrong, 'dn' is used internally in slapd -# as the name of a pseudo-attribute type that contains the -# distinguished name of an entry. On the other hand, the attribute -# type distinguishedName is meant to be an "abstract" type and other -# dn-valued attribute types derive from it. So at most, 'dn' would -# be a subtype of distinguishedName, something like: -# attributetype ( dnOID NAME 'dn' SUP distinguishedName -# SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) - -attributetype ( 2.5.4.49 NAME 'distinguishedName' - EQUALITY distinguishedNameMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) attributetype ( 2.5.4.31 NAME 'member' SUP distinguishedName ) @@ -266,236 +253,214 @@ attributetype ( 2.5.4.33 NAME 'roleOccupant' SUP distinguishedName ) attributetype ( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName ) attributetype ( 2.5.4.35 NAME 'userPassword' - EQUALITY octetStringMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) -# Must be stored and requested in the binary form, as -# userCertificate;binary +# Must be transferred using ;binary attributetype ( 2.5.4.36 NAME 'userCertificate' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) -# As above +# Must be transferred using ;binary attributetype ( 2.5.4.37 NAME 'cACertificate' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) -# As above +# Must be transferred using ;binary attributetype ( 2.5.4.38 NAME 'authorityRevocationList' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) -# As above +# Must be transferred using ;binary attributetype ( 2.5.4.39 NAME 'certificateRevocationList' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) -# As above +# Must be stored and requested in the binary form attributetype ( 2.5.4.40 NAME 'crossCertificatePair' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) -# 2.5.4.41 is 'name', moved above since other attribute types derive from it +# 2.5.4.41 is defined above as it's used for subtyping +#attributetype ( 2.5.4.41 NAME 'name' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name ) -attributetype ( 2.5.4.43 NAME 'initials' SUP name ) +attributetype ( 2.5.4.43 NAME 'initials' SUP name + DESC 'The initials attribute type contains the initials of some + or all of an individuals names, but not the surname(s).' ) + +attributetype ( 2.5.4.44 NAME 'generationQualifier' + DESC 'e.g. Jr or II.' + SUP name ) attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' - EQUALITY bitStringMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) + EQUALITY bitStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) attributetype ( 2.5.4.46 NAME 'dnQualifier' - EQUALITY caseIgnoreMatch - ORDERING caseIgnoreOrderingMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) attributetype ( 2.5.4.48 NAME 'protocolInformation' - EQUALITY protocolInformationMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) + EQUALITY protocolInformationMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) -# 2.5.4.49 is distinguishedName, moved up +# 2.5.4.49 is defined above as it's used for subtyping +#attributetype ( 2.5.4.49 NAME 'distinguishedName' +# EQUALITY distinguishedNameMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) attributetype ( 2.5.4.50 NAME 'uniqueMember' - EQUALITY uniqueMemberMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) + EQUALITY uniqueMemberMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) attributetype ( 2.5.4.51 NAME 'houseIdentifier' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) - -# This attribute is to be stored and requested in the binary form, as -# 'supportedAlgorithms;binary'. + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) +# Must be transferred using ;binary attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) - -# This attribute is to be stored and requested in the binary form, as -# 'deltaRevocationList;binary'. + SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) +# Must be transferred using ;binary attributetype ( 2.5.4.53 NAME 'deltaRevocationList' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) attributetype ( 2.5.4.54 NAME 'dmdName' SUP name ) # Standard object classes from RFC2256 objectclass ( 2.5.6.0 NAME 'top' ABSTRACT - MUST objectClass ) + MUST objectClass ) objectclass ( 2.5.6.1 NAME 'alias' SUP top STRUCTURAL - MUST aliasedObjectName ) + MUST aliasedObjectName ) objectclass ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL - MUST c - MAY ( searchGuide $ description ) ) + MUST c + MAY ( searchGuide $ description ) ) objectclass ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL - MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) + MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) objectclass ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL - MUST o - MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ - x121Address $ registeredAddress $ destinationIndicator $ - preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ - telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ - street $ postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ st $ l $ description ) ) + MUST o + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) objectclass ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL - MUST ou - MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ - x121Address $ registeredAddress $ destinationIndicator $ - preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ - telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ - street $ postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ st $ l $ description ) ) + MUST ou + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) objectclass ( 2.5.6.6 NAME 'person' SUP top STRUCTURAL - MUST ( sn $ cn ) - MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) + MUST ( sn $ cn ) + MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) objectclass ( 2.5.6.7 NAME 'organizationalPerson' SUP person STRUCTURAL - MAY ( title $ x121Address $ registeredAddress $ - destinationIndicator $ - preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ - telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ - street $ postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ ou $ st $ l ) ) - -# Notice that preferredDeliveryMethod is duplicate + MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ + postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) objectclass ( 2.5.6.8 NAME 'organizationalRole' SUP top STRUCTURAL - MUST cn - MAY ( x121Address $ registeredAddress $ destinationIndicator $ - preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ - telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ - seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ - postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) + MUST cn + MAY ( x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) objectclass ( 2.5.6.9 NAME 'groupOfNames' SUP top STRUCTURAL - MUST ( member $ cn ) - MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) - -# Notice that preferredDeliveryMethod is duplicate -# It seems they could not agree on whether telephoneNumber is MAY -# in person. Probably it wasn't originally at was added as an -# afterthought + MUST ( member $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) objectclass ( 2.5.6.10 NAME 'residentialPerson' SUP person STRUCTURAL - MUST l - MAY ( businessCategory $ x121Address $ registeredAddress $ - destinationIndicator $ preferredDeliveryMethod $ telexNumber $ - teletexTerminalIdentifier $ telephoneNumber $ - internationaliSDNNumber $ - facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ - postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ st $ l ) ) + MUST l + MAY ( businessCategory $ x121Address $ registeredAddress $ + destinationIndicator $ preferredDeliveryMethod $ telexNumber $ + teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ + facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ + postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l ) ) objectclass ( 2.5.6.11 NAME 'applicationProcess' SUP top STRUCTURAL - MUST cn - MAY ( seeAlso $ ou $ l $ description ) ) + MUST cn + MAY ( seeAlso $ ou $ l $ description ) ) objectclass ( 2.5.6.12 NAME 'applicationEntity' SUP top STRUCTURAL - MUST ( presentationAddress $ cn ) - MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ - description ) ) - -# This one was wrong in our schema, it only allowed the aditional -# knowledgeInformation attribute, while it is derived from -# applicationEntity and should allow all its attributes as well. + MUST ( presentationAddress $ cn ) + MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ + description ) ) objectclass ( 2.5.6.13 NAME 'dSA' SUP applicationEntity STRUCTURAL - MAY knowledgeInformation ) + MAY knowledgeInformation ) objectclass ( 2.5.6.14 NAME 'device' SUP top STRUCTURAL - MUST cn - MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) + MUST cn + MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' SUP top AUXILIARY - MUST userCertificate ) + MUST userCertificate ) objectclass ( 2.5.6.16 NAME 'certificationAuthority' SUP top AUXILIARY - MUST ( authorityRevocationList $ certificateRevocationList $ - cACertificate ) MAY crossCertificatePair ) - -# New + MUST ( authorityRevocationList $ certificateRevocationList $ + cACertificate ) MAY crossCertificatePair ) objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL - MUST ( uniqueMember $ cn ) - MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) - -# New + MUST ( uniqueMember $ cn ) + MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) objectclass ( 2.5.6.18 NAME 'userSecurityInformation' SUP top AUXILIARY - MAY ( supportedAlgorithms ) ) - -# New + MAY ( supportedAlgorithms ) ) objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP - certificationAuthority - AUXILIARY MAY ( deltaRevocationList ) ) - -# New + certificationAuthority + AUXILIARY MAY ( deltaRevocationList ) ) objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL - MUST ( cn ) - MAY ( certificateRevocationList $ authorityRevocationList $ - deltaRevocationList ) ) - -# New + MUST ( cn ) + MAY ( certificateRevocationList $ authorityRevocationList $ + deltaRevocationList ) ) objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL - MUST ( dmdName ) - MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ - x121Address $ registeredAddress $ destinationIndicator $ - preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ - telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ - street $ postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ st $ l $ description ) ) - -# Next objectclass is defined in RFC2252, but has to be put after top + MUST ( dmdName ) + MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ + x121Address $ registeredAddress $ destinationIndicator $ + preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ + telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ + street $ postOfficeBox $ postalCode $ postalAddress $ + physicalDeliveryOfficeName $ st $ l $ description ) ) objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' - DESC 'RFC2252 extensible object' + DESC 'RFC2252: extensible object' SUP top AUXILIARY ) # # Standard Track URI label schema from RFC2079 # attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' - DESC 'Uniform Resource Identifier with optional label' + DESC 'RFC2079: Uniform Resource Identifier with optional label' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' - DESC 'object that contains the URI attribute type' + DESC 'RFC2079: object that contains the URI attribute type' MAY ( labeledURI ) SUP top AUXILIARY ) @@ -503,54 +468,58 @@ objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' # Standard Track Dynamic Directory Services from RFC2589 # objectclass ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' - DESC 'RFC2589 Dynamic Object' + DESC 'RFC2589: Dynamic Object' SUP top AUXILIARY ) attributetype ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' - DESC 'RFC2589 entry time-to-live' + DESC 'RFC2589: entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees' - DESC 'RFC2589 dynamic subtrees' + DESC 'RFC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE dSAOperation ) +# # Derived from RFC1274, but with new "short names" +# attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) - DESC 'RFC1274 user identifier' + DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) - DESC 'rfc822 mail box' +attributetype ( 0.9.2342.19200300.100.1.3 + NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST userPassword ) - # RFC1274 + RFC2247 attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) - DESC 'RFC1274/2247 domain component' + DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) # RFC2247 objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' + DESC 'RFC2247: domain component object' SUP top AUXILIARY MUST dc ) # From RFC2377 objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' - DESC 'RFC2377 uid object' + DESC 'RFC2377: uid object' SUP top AUXILIARY MUST uid ) # @@ -559,7 +528,8 @@ objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' # attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'Named referral' - EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE distributedOperation ) objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral' @@ -581,7 +551,6 @@ objectclass ( 1.3.6.1.4.1.4203.666.3.2 DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn ) - # # From Cosine Pilot # @@ -600,33 +569,32 @@ attributetype ( 1.3.6.1.4.1.250.1.32 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) - # # OpenLDAP specific schema items # attributetype ( 1.3.6.1.4.1.4203.666.1.1 NAME 'authPassword' - DESC 'OpenLDAP authPassword attribute' + DESC 'OpenLDAP authentication password attribute' EQUALITY authPasswordMatch SYNTAX 1.3.6.1.4.1.4203.666.2.2 USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.4203.666.1.2 NAME 'supportedAuthPasswordSchemes' - DESC 'OpenLDAP authPassword attribute' + DESC 'OpenLDAP supported authPassword schemes' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} NO-USER-MODIFICATION USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.4203.666.1.3 NAME 'entry' - DESC 'OpenLDAP ACL entry psuedo attribute' + DESC 'OpenLDAP ACL entry pseudo attribute' SYNTAX 1.3.6.1.4.1.4203.666.2.3 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) attributetype ( 1.3.6.1.4.1.4203.666.1.4 NAME 'children' - DESC 'OpenLDAP ACL children psuedo attribute' + DESC 'OpenLDAP ACL children pseudo attribute' SYNTAX 1.3.6.1.4.1.4203.666.2.3 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) @@ -638,6 +606,6 @@ attributetype ( 1.3.6.1.4.1.4203.666.1.5 USAGE directoryOperation ) objectclass ( 1.3.6.1.4.1.4203.666.3.1 NAME 'authPasswordObject' - DESC 'authentication password mixin class' + DESC 'OpenLDAP authPassword mixin class' MAY authPassword AUXILIARY ) diff --git a/servers/slapd/schema/inetorgperson.schema b/servers/slapd/schema/inetorgperson.schema index 98fed85402..2589c36029 100644 --- a/servers/slapd/schema/inetorgperson.schema +++ b/servers/slapd/schema/inetorgperson.schema @@ -20,7 +20,7 @@ # registration plate associated with an individual. attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' - DESC 'vehicle license or registration plate' + DESC 'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) @@ -30,7 +30,7 @@ attributetype ( 2.16.840.1.113730.3.1.1 # strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' - DESC 'identifies a department within an organization' + DESC 'RFC2798: identifies a department within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) @@ -42,7 +42,8 @@ attributetype ( 2.16.840.1.113730.3.1.2 # needed. Display name is defined for this purpose. attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' - DESC 'preferred name of a person to be used when displaying entries' + DESC 'RFC2798: preferred name of a person to be used + when displaying entries' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 @@ -53,7 +54,7 @@ attributetype ( 2.16.840.1.113730.3.1.241 # on order of hire or association with an organization. Single valued. attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' - DESC 'numerically identifies an employee within an organization' + DESC 'RFC2798: numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 @@ -65,7 +66,7 @@ attributetype ( 2.16.840.1.113730.3.1.3 # "Unknown" but any value may be used. attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' - DESC 'type of employment for a person' + DESC 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) @@ -80,7 +81,6 @@ attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) - # preferredLanguage # Used to indicate an individual's preferred written or spoken @@ -89,10 +89,9 @@ attributetype ( 0.9.2342.19200300.100.1.60 # the definition of the Accept-Language header field defined in # [RFC2068] with one exception: the sequence "Accept-Language" ":" # should be omitted. This is a single valued attribute type. - attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' - DESC 'preferred written or spoken language for a person' + DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 @@ -108,10 +107,9 @@ attributetype ( 2.16.840.1.113730.3.1.39 # this attribute are to be stored and requested in binary form, as # 'userSMIMECertificate;binary'. If available, this attribute is # preferred over the userCertificate attribute for S/MIME applications. - attributetype ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' - DESC 'PKCS#7 SignedData used to support S/MIME' + DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) # userPKCS12 @@ -122,16 +120,18 @@ attributetype ( 2.16.840.1.113730.3.1.40 # values are PFX PDUs stored as binary data. attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' - DESC 'PKCS #12 PFX PDU for exchange of personal identity information' + DESC 'RFC2798: PKCS #12 PFX PDU for exchange of + personal identity information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) # inetOrgPerson # The inetOrgPerson represents people who are associated with an # organization in some way. It is a structural class and is derived -# from the organizationalPerson class which is defined in X.521 [X521]. +# from the organizationalPerson which is defined in X.521 [X521]. objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' + DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( @@ -141,5 +141,5 @@ objectclass ( 2.16.840.1.113730.3.2.2 labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ - userSMIMECertificate $ userPKCS12 - ) ) + userSMIMECertificate $ userPKCS12 ) + ) diff --git a/servers/slapd/schema/misc.schema b/servers/slapd/schema/misc.schema index 0a6ac6855e..798606ab17 100644 --- a/servers/slapd/schema/misc.schema +++ b/servers/slapd/schema/misc.schema @@ -1,15 +1,12 @@ # $OpenLDAP$ -# # Assorted definitions from several sources -# depends on core.schema and pilot.schema -# # # draft-lachman-laser-ldap-mail-routing-01.txt # attributetype ( 2.16.840.1.113730.3.1.13 NAME 'mailLocalAddress' - DESC 'RFC 822 email address of this recipient' + DESC 'RFC822 email address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX '1.3.6.1.4.1.1466.115.121.1.26{256}' ) @@ -23,13 +20,15 @@ attributetype ( 2.16.840.1.113730.3.1.18 attributetype ( 2.16.840.1.113730.3.1.47 NAME 'mailRoutingAddress' - DESC 'RFC 822 address to use when routing messages to + DESC 'RFC822 address to use when routing messages to the SMTP MTA of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX '1.3.6.1.4.1.1466.115.121.1.26{256}' SINGLE-VALUE ) -objectclass ( 2.16.840.1.113730.3.2.TBD NAME 'inetLocalMailRecipient' +objectclass ( 2.16.840.1.113730.3.2.TBD + NAME 'inetLocalMailRecipient' + DESC 'Internet local mail recipient' SUP top AUXILIARY MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) diff --git a/servers/slapd/schema/nis.schema b/servers/slapd/schema/nis.schema index 525ee5c030..3039d887e3 100644 --- a/servers/slapd/schema/nis.schema +++ b/servers/slapd/schema/nis.schema @@ -28,7 +28,7 @@ attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; the common name' EQUALITY caseIgnoreIA5Match - SUBSTRINGS caseIgnoreIA5SubstringsMatch + SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' @@ -71,12 +71,12 @@ attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match - SUBSTRINGS caseExactIA5SubstringsMatch + SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY caseExactIA5Match - SUBSTRINGS caseExactIA5SubstringsMatch + SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' diff --git a/servers/slapd/schema/openldap.schema b/servers/slapd/schema/openldap.schema index 5b5da8fa5c..3d52b7db07 100644 --- a/servers/slapd/schema/openldap.schema +++ b/servers/slapd/schema/openldap.schema @@ -8,18 +8,23 @@ # inetorgperson.schema # -objectClass: ( 1.3.6.1.4.1.4203.666.3.3 NAME 'OpenLDAPorg' +objectClass ( 1.3.6.1.4.1.4203.666.3.3 NAME 'OpenLDAPorg' DESC 'OpenLDAP Organizational Object' - SUP pilotOrganization - MAY ( authPassword $ displayName $ labeledURI ) ) + SUP organization + MAY ( authPassword $ buildingName $ displayName $ labeledURI ) ) -objectClass: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'OpenLDAPperson' +objectClass ( 1.3.6.1.4.1.4203.666.3.4 NAME 'OpenLDAPou' + DESC 'OpenLDAP Organizational Unit Object' + SUP organizationalUnit + MAY ( authPassword $ buildingName $ displayName $ labeledURI $ o ) ) + +objectClass ( 1.3.6.1.4.1.4203.666.3.5 NAME 'OpenLDAPperson' DESC 'OpenLDAP Person' - SUP ( pilotPerson inetOrgPerson ) + SUP ( pilotPerson $ inetOrgPerson ) MUST ( uid $ cn ) - MAY ( authPassword $ givenName $ labeledURI $ o $ ou ) ) + MAY ( authPassword $ givenName $ labeledURI $ o ) ) -objectClass: ( 1.3.6.1.4.1.4203.666.3.5 NAME 'displayableObject' - DESC 'A Displayable Object' +objectClass ( 1.3.6.1.4.1.4203.666.3.6 NAME 'OpenLDAPdisplayableObject' + DESC 'OpenLDAP Displayable Object' MAY displayName AUXILIARY ) diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 50b97d6bd0..747c3f94c5 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -17,10 +17,78 @@ #include "ldap_pvt.h" #include "lutil_md5.h" +/* recycled validatation routines */ +#define berValidate blobValidate + +/* unimplemented validators */ +#define bitStringValidate NULL + +/* recycled normalization routines */ +#define faxNumberNormalize numericStringNormalize +#define phoneNumberNormalize numericStringNormalize +#define telexNumberNormalize numericStringNormalize +#define integerNormalize numericStringNormalize + +/* unimplemented normalizers */ +#define bitStringNormalize NULL + +/* unimplemented pretters */ +#define dnPretty NULL +#define integerPretty NULL + +/* recycled matching routines */ +#define caseIgnoreMatch caseIgnoreIA5Match +#define caseIgnoreOrderingMatch caseIgnoreMatch +#define caseIgnoreSubstringsMatch caseIgnoreIA5SubstringsMatch + +#define caseExactMatch caseExactIA5Match +#define caseExactOrderingMatch caseExactMatch +#define caseExactSubstringsMatch caseExactIA5SubstringsMatch + +#define numericStringMatch caseIgnoreMatch +#define objectIdentifierMatch numericStringMatch +#define integerMatch numericStringMatch +#define telephoneNumberMatch numericStringMatch +#define telephoneNumberSubstringsMatch caseIgnoreIA5SubstringsMatch +#define generalizedTimeMatch numericStringMatch +#define generalizedTimeOrderingMatch numericStringMatch + +/* unimplemented matching routines */ +#define caseIgnoreListMatch NULL +#define caseIgnoreListSubstringsMatch NULL +#define bitStringMatch NULL +#define presentationAddressMatch NULL +#define uniqueMemberMatch NULL +#define protocolInformationMatch NULL +#define integerFirstComponentMatch NULL + +#define OpenLDAPaciMatch NULL +#define authPasswordMatch NULL + +/* unimplied indexer/filter routines */ +#define caseIgnoreIA5SubstringsIndexer NULL +#define caseIgnoreIA5SubstringsFilter NULL + +/* recycled indexing/filtering routines */ +#define caseIgnoreIndexer caseIgnoreIA5Indexer +#define caseIgnoreFilter caseIgnoreIA5Filter +#define caseExactIndexer caseExactIA5Indexer +#define caseExactFilter caseExactIA5Filter +#define dnIndexer caseIgnoreIndexer +#define dnFilter caseIgnoreFilter + +#define caseIgnoreSubstringsIndexer caseIgnoreIA5SubstringsIndexer +#define caseIgnoreSubstringsFilter caseIgnoreIA5SubstringsFilter +#define caseExactSubstringsIndexer caseExactIA5SubstringsIndexer +#define caseExactSubstringsFilter caseExactIA5SubstringsFilter +#define caseExactIA5SubstringsFilter caseIgnoreIA5SubstringsFilter +#define caseExactIA5SubstringsIndexer caseIgnoreIA5SubstringsIndexer + + static int octetStringMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -40,7 +108,7 @@ octetStringMatch( /* Index generation function */ int octetStringIndexer( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -93,7 +161,7 @@ int octetStringIndexer( /* Index generation function */ int octetStringFilter( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -186,7 +254,7 @@ dnNormalize( static int dnMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -211,7 +279,7 @@ dnMatch( *matchp = match; return LDAP_SUCCESS; } - + static int inValidate( Syntax *syntax, @@ -230,7 +298,48 @@ blobValidate( return LDAP_SUCCESS; } -#define berValidate blobValidate +/* + * Handling boolean syntax and matching is quite rigid. + * A more flexible approach would be to allow a variety + * of strings to be normalized and prettied into TRUE + * and FALSE. + */ +static int +booleanValidate( + Syntax *syntax, + struct berval *in ) +{ + /* very unforgiving validation, requires no normalization + * before simplistic matching + */ + + if( in->bv_len == 4 ) { + if( !memcmp( in->bv_val, "TRUE", 4 ) ) { + return LDAP_SUCCESS; + } + } else if( in->bv_len == 5 ) { + if( !memcmp( in->bv_val, "FALSE", 5 ) ) { + return LDAP_SUCCESS; + } + } + + return LDAP_INVALID_SYNTAX; +} + +static int +booleanMatch( + int *matchp, + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + /* simplistic matching allowed by rigid validation */ + struct berval *asserted = (struct berval *) assertedValue; + *matchp = value->bv_len != asserted->bv_len; + return LDAP_SUCCESS; +} static int UTF8StringValidate( @@ -241,6 +350,8 @@ UTF8StringValidate( int len; unsigned char *u = in->bv_val; + if( !in->bv_len ) return LDAP_INVALID_SYNTAX; + for( count = in->bv_len; count > 0; count-=len, u+=len ) { /* get the length indicated by the first byte */ len = LDAP_UTF8_CHARLEN( u ); @@ -308,7 +419,7 @@ UTF8StringNormalize( assert( *newval->bv_val ); assert( newval->bv_val < p ); - assert( p <= q ); + assert( p >= q ); /* cannot start with a space */ assert( !ldap_utf8_isspace(newval->bv_val) ); @@ -344,12 +455,12 @@ oidValidate( if( val->bv_len == 0 ) return 0; - if( isdigit(val->bv_val[0]) ) { + if( OID_LEADCHAR(val->bv_val[0]) ) { int dot = 0; for(i=1; i < val->bv_len; i++) { - if( val->bv_val[i] == '.' ) { + if( OID_SEPARATOR( val->bv_val[i] ) ) { if( dot++ ) return 1; - } else if ( isdigit(val->bv_val[i]) ) { + } else if ( OID_CHAR( val->bv_val[i] ) ) { dot = 0; } else { return LDAP_INVALID_SYNTAX; @@ -358,9 +469,9 @@ oidValidate( return !dot ? LDAP_SUCCESS : LDAP_INVALID_SYNTAX; - } else if( isalpha(val->bv_val[0]) ) { + } else if( DESC_LEADCHAR(val->bv_val[0]) ) { for(i=1; i < val->bv_len; i++) { - if( !isalpha(val->bv_val[i] ) ) { + if( !DESC_CHAR(val->bv_val[i] ) ) { return LDAP_INVALID_SYNTAX; } } @@ -378,8 +489,10 @@ integerValidate( { ber_len_t i; + if( !val->bv_len ) return LDAP_INVALID_SYNTAX; + for(i=0; i < val->bv_len; i++) { - if( !isdigit(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX; + if( !ASCII_DIGIT(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX; } return LDAP_SUCCESS; @@ -392,6 +505,8 @@ printableStringValidate( { ber_len_t i; + if( !val->bv_len ) return LDAP_INVALID_SYNTAX; + for(i=0; i < val->bv_len; i++) { if( !isprint(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX; } @@ -406,6 +521,8 @@ IA5StringValidate( { ber_len_t i; + if( !val->bv_len ) return LDAP_INVALID_SYNTAX; + for(i=0; i < val->bv_len; i++) { if( !isascii(val->bv_val[i]) ) return LDAP_INVALID_SYNTAX; } @@ -424,7 +541,7 @@ IA5StringConvert( struct berval *bv = ch_malloc( sizeof(struct berval) ); bv->bv_len = len * sizeof( ldap_unicode_t ); - bv->bv_val = (char *) u = ch_malloc( bv->bv_len + sizeof( ldap_unicode_t ) );; + bv->bv_val = (char *) u = ch_malloc( bv->bv_len + sizeof(ldap_unicode_t) ); for(i=0; i < len; i++ ) { /* @@ -453,11 +570,11 @@ IA5StringNormalize( p = val->bv_val; /* Ignore initial whitespace */ - while ( isspace( *p ) ) { + while ( ASCII_SPACE( *p ) ) { p++; } - if( *p != '\0' ) { + if( *p == '\0' ) { ch_free( newval ); return LDAP_INVALID_SYNTAX; } @@ -466,11 +583,11 @@ IA5StringNormalize( p = q = newval->bv_val; while ( *p ) { - if ( isspace( *p ) ) { + if ( ASCII_SPACE( *p ) ) { *q++ = *p++; /* Ignore the extra whitespace */ - while ( isspace( *p ) ) { + while ( ASCII_SPACE( *p ) ) { p++; } } else { @@ -483,7 +600,7 @@ IA5StringNormalize( assert( p <= q ); /* cannot start with a space */ - assert( !isspace(*newval->bv_val) ); + assert( !ASCII_SPACE(*newval->bv_val) ); /* * If the string ended in space, backup the pointer one @@ -491,12 +608,12 @@ IA5StringNormalize( * all whitespace to a single space. */ - if ( isspace( q[-1] ) ) { + if ( ASCII_SPACE( q[-1] ) ) { --q; } /* cannot end with a space */ - assert( !isspace( q[-1] ) ); + assert( !ASCII_SPACE( q[-1] ) ); /* null terminate */ *q = '\0'; @@ -509,22 +626,29 @@ IA5StringNormalize( static int caseExactIA5Match( - int *match, - unsigned use, + int *matchp, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, void *assertedValue ) { - *match = strcmp( value->bv_val, - ((struct berval *) assertedValue)->bv_val ); + int match = value->bv_len - ((struct berval *) assertedValue)->bv_len; + + if( match == 0 ) { + match = strncmp( value->bv_val, + ((struct berval *) assertedValue)->bv_val, + value->bv_len ); + } + + *matchp = match; return LDAP_SUCCESS; } static int caseExactIA5SubstringsMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -646,17 +770,122 @@ done: return LDAP_SUCCESS; } +/* Index generation function */ +int caseExactIA5Indexer( + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *prefix, + struct berval **values, + struct berval ***keysp ) +{ + int i; + size_t slen, mlen; + struct berval **keys; + lutil_MD5_CTX MD5context; + unsigned char MD5digest[16]; + struct berval digest; + digest.bv_val = MD5digest; + digest.bv_len = sizeof(MD5digest); + + for( i=0; values[i] != NULL; i++ ) { + /* just count them */ + } + + assert( i > 0 ); + + keys = ch_malloc( sizeof( struct berval * ) * (i+1) ); + + slen = strlen( syntax->ssyn_oid ); + mlen = strlen( mr->smr_oid ); + + for( i=0; values[i] != NULL; i++ ) { + struct berval *value = values[i]; + + lutil_MD5Init( &MD5context ); + if( prefix != NULL && prefix->bv_len > 0 ) { + lutil_MD5Update( &MD5context, + prefix->bv_val, prefix->bv_len ); + } + lutil_MD5Update( &MD5context, + syntax->ssyn_oid, slen ); + lutil_MD5Update( &MD5context, + mr->smr_oid, mlen ); + lutil_MD5Update( &MD5context, + value->bv_val, value->bv_len ); + lutil_MD5Final( MD5digest, &MD5context ); + + keys[i] = ber_bvdup( &digest ); + } + + keys[i] = NULL; + *keysp = keys; + return LDAP_SUCCESS; +} + +/* Index generation function */ +int caseExactIA5Filter( + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *prefix, + void * assertValue, + struct berval ***keysp ) +{ + size_t slen, mlen; + struct berval **keys; + lutil_MD5_CTX MD5context; + unsigned char MD5digest[LUTIL_MD5_BYTES]; + struct berval *value; + struct berval digest; + digest.bv_val = MD5digest; + digest.bv_len = sizeof(MD5digest); + + slen = strlen( syntax->ssyn_oid ); + mlen = strlen( mr->smr_oid ); + + value = (struct berval *) assertValue; + + keys = ch_malloc( sizeof( struct berval * ) * 2 ); + + lutil_MD5Init( &MD5context ); + if( prefix != NULL && prefix->bv_len > 0 ) { + lutil_MD5Update( &MD5context, + prefix->bv_val, prefix->bv_len ); + } + lutil_MD5Update( &MD5context, + syntax->ssyn_oid, slen ); + lutil_MD5Update( &MD5context, + mr->smr_oid, mlen ); + lutil_MD5Update( &MD5context, + value->bv_val, value->bv_len ); + lutil_MD5Final( MD5digest, &MD5context ); + + keys[0] = ber_bvdup( &digest ); + keys[1] = NULL; + + *keysp = keys; + return LDAP_SUCCESS; +} + static int caseIgnoreIA5Match( - int *match, - unsigned use, + int *matchp, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, void *assertedValue ) { - *match = strcasecmp( value->bv_val, - ((struct berval *) assertedValue)->bv_val ); + int match = value->bv_len - ((struct berval *) assertedValue)->bv_len; + + if( match == 0 ) { + match = strncasecmp( value->bv_val, + ((struct berval *) assertedValue)->bv_val, + value->bv_len ); + } + + *matchp = match; return LDAP_SUCCESS; } @@ -677,7 +906,7 @@ static char *strcasechr( const char *str, int c ) static int caseIgnoreIA5SubstringsMatch( int *matchp, - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, @@ -802,7 +1031,7 @@ done: /* Index generation function */ int caseIgnoreIA5Indexer( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -858,7 +1087,7 @@ int caseIgnoreIA5Indexer( /* Index generation function */ int caseIgnoreIA5Filter( - unsigned use, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *prefix, @@ -919,11 +1148,11 @@ numericStringNormalize( p = val->bv_val; /* Ignore initial whitespace */ - while ( isspace( *p ) ) { + while ( ASCII_SPACE( *p ) ) { p++; } - if( *p != '\0' ) { + if( *p == '\0' ) { ch_free( newval ); return LDAP_INVALID_SYNTAX; } @@ -932,7 +1161,7 @@ numericStringNormalize( p = q = newval->bv_val; while ( *p ) { - if ( isspace( *p ) ) { + if ( ASCII_SPACE( *p ) ) { /* Ignore whitespace */ p++; } else { @@ -945,10 +1174,10 @@ numericStringNormalize( assert( p <= q ); /* cannot start with a space */ - assert( !isspace(*newval->bv_val) ); + assert( !ASCII_SPACE(*newval->bv_val) ); /* cannot end with a space */ - assert( !isspace( q[-1] ) ); + assert( !ASCII_SPACE( q[-1] ) ); /* null terminate */ *q = '\0'; @@ -959,6 +1188,93 @@ numericStringNormalize( return LDAP_SUCCESS; } +static int +objectIdentifierFirstComponentMatch( + int *matchp, + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + int rc = LDAP_SUCCESS; + int match; + struct berval *asserted = (struct berval *) assertedValue; + ber_len_t i; + struct berval oid; + + if( value->bv_len == 0 || value->bv_val[0] != '(' /*')'*/ ) { + return LDAP_INVALID_SYNTAX; + } + + /* trim leading white space */ + for( i=1; ASCII_SPACE(value->bv_val[i]) && i < value->bv_len; i++ ) { + /* empty */ + } + + /* grab next word */ + oid.bv_val = &value->bv_val[i]; + oid.bv_len = value->bv_len - i; + for( i=1; ASCII_SPACE(value->bv_val[i]) && i < oid.bv_len; i++ ) { + /* empty */ + } + oid.bv_len = i; + + /* insert attributeTypes, objectclass check here */ + if( OID_LEADCHAR(asserted->bv_val[0]) ) { + rc = objectIdentifierMatch( &match, flags, syntax, mr, &oid, asserted ); + + } else { + char *stored = ch_malloc( oid.bv_len + 1 ); + memcpy( stored, oid.bv_val, oid.bv_len ); + stored[oid.bv_len] = '\0'; + + if ( !strcmp( syntax->ssyn_oid, SLAP_SYNTAX_MATCHINGRULES_OID ) ) { + MatchingRule *asserted_mr = mr_find( asserted->bv_val ); + MatchingRule *stored_mr = mr_find( stored ); + + if( asserted_mr == NULL ) { + rc = SLAPD_COMPARE_UNDEFINED; + } else { + match = asserted_mr != stored_mr; + } + + } else if ( !strcmp( syntax->ssyn_oid, + SLAP_SYNTAX_ATTRIBUTETYPES_OID ) ) + { + AttributeType *asserted_at = at_find( asserted->bv_val ); + AttributeType *stored_at = at_find( stored ); + + if( asserted_at == NULL ) { + rc = SLAPD_COMPARE_UNDEFINED; + } else { + match = asserted_at != stored_at; + } + + } else if ( !strcmp( syntax->ssyn_oid, + SLAP_SYNTAX_OBJECTCLASSES_OID ) ) + { + ObjectClass *asserted_oc = oc_find( asserted->bv_val ); + ObjectClass *stored_oc = oc_find( stored ); + + if( asserted_oc == NULL ) { + rc = SLAPD_COMPARE_UNDEFINED; + } else { + match = asserted_oc != stored_oc; + } + } + + ch_free( stored ); + } + + Debug( LDAP_DEBUG_ARGS, "objectIdentifierFirstComponentMatch " + "%d\n\t\"%s\"\n\t\"%s\"\n", + match, value->bv_val, asserted->bv_val ); + + if( rc == LDAP_SUCCESS ) *matchp = match; + return rc; +} + static int check_time_syntax (struct berval *val, int start, @@ -976,7 +1292,7 @@ check_time_syntax (struct berval *val, e = p + val->bv_len; /* Ignore initial whitespace */ - while ( ( p < e ) && isspace( *p ) ) { + while ( ( p < e ) && ASCII_SPACE( *p ) ) { p++; } @@ -1058,7 +1374,7 @@ check_time_syntax (struct berval *val, } /* Ignore trailing whitespace */ - while ( ( p < e ) && isspace( *p ) ) { + while ( ( p < e ) && ASCII_SPACE( *p ) ) { p++; } if (p != e) @@ -1153,6 +1469,16 @@ utcTimeValidate( return check_time_syntax(in, 1, parts); } +static int +generalizedTimeValidate( + Syntax *syntax, + struct berval *in ) +{ + int parts[9]; + + return check_time_syntax(in, 0, parts); +} + static int generalizedTimeNormalize( Syntax *syntax, @@ -1187,16 +1513,6 @@ generalizedTimeNormalize( return LDAP_SUCCESS; } -static int -generalizedTimeValidate( - Syntax *syntax, - struct berval *in ) -{ - int parts[9]; - - return check_time_syntax(in, 0, parts); -} - struct syntax_defs_rec { char *sd_desc; int sd_flags; @@ -1213,10 +1529,6 @@ struct syntax_defs_rec { #define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' " #define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' " -#define faxNumberNormalize numericStringNormalize -#define phoneNumberNormalize numericStringNormalize -#define telexNumberNormalize numericStringNormalize - struct syntax_defs_rec syntax_defs[] = { {"( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' " X_BINARY X_NOT_H_R ")", SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, NULL, NULL, NULL}, @@ -1229,9 +1541,9 @@ struct syntax_defs_rec syntax_defs[] = { {"( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' " X_BINARY X_NOT_H_R ")", SLAP_SYNTAX_BER, berValidate, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )", - 0, NULL, NULL, NULL}, + 0, bitStringValidate, bitStringNormalize, NULL }, {"( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )", - 0, NULL, NULL, NULL}, + 0, booleanValidate, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' " X_BINARY X_NOT_H_R ")", SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER, berValidate, NULL, NULL}, @@ -1244,7 +1556,7 @@ struct syntax_defs_rec syntax_defs[] = { {"( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )", 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )", - 0, dnValidate, dnNormalize, NULL}, + 0, dnValidate, dnNormalize, dnPretty}, {"( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )", 0, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )", @@ -1272,7 +1584,7 @@ struct syntax_defs_rec syntax_defs[] = { {"( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )", 0, IA5StringValidate, IA5StringNormalize, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )", - 0, integerValidate, NULL, NULL}, + 0, integerValidate, integerNormalize, integerPretty}, {"( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' " X_NOT_H_R ")", SLAP_SYNTAX_BLOB, NULL, NULL, NULL}, {"( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Access Points' )", @@ -1355,7 +1667,7 @@ struct mrule_defs_rec { }; /* - * Other matching rules in X.520 that we do not use: + * Other matching rules in X.520 that we do not use (yet): * * 2.5.13.9 numericStringOrderingMatch * 2.5.13.13 booleanMatch @@ -1380,46 +1692,6 @@ struct mrule_defs_rec { * 2.5.13.44 attributeIntegrityMatch */ - -/* recycled matching functions */ -#define caseIgnoreMatch caseIgnoreIA5Match -#define caseIgnoreOrderingMatch caseIgnoreMatch -#define caseIgnoreSubstringsMatch caseIgnoreIA5SubstringsMatch -#define caseExactMatch caseExactIA5Match -#define caseExactOrderingMatch caseExactMatch -#define caseExactSubstringsMatch caseExactIA5SubstringsMatch - -/* unimplemented matching functions */ -#define objectIdentifierMatch NULL -#define caseIgnoreListMatch NULL -#define caseIgnoreListSubstringsMatch NULL -#define integerMatch NULL -#define bitStringMatch NULL -#define octetStringMatch NULL -#define telephoneNumberMatch NULL -#define telephoneNumberSubstringsMatch NULL -#define presentationAddressMatch NULL -#define uniqueMemberMatch NULL -#define protocolInformationMatch NULL -#define generalizedTimeMatch caseExactIA5Match -#define generalizedTimeOrderingMatch caseExactIA5Match -#define integerFirstComponentMatch NULL -#define objectIdentifierFirstComponentMatch NULL - -#define OpenLDAPaciMatch NULL -#define authPasswordMatch NULL - -/* unimplied indexer/filter routines */ -#define dnIndexer NULL -#define dnFilter NULL - -#define caseIgnoreIndexer caseIgnoreIA5Indexer -#define caseIgnoreFilter caseIgnoreIA5Filter -#define caseExactIndexer caseExactIA5Indexer -#define caseExactFilter caseExactIA5Filter -#define caseExactIA5Indexer caseIgnoreIA5Indexer -#define caseExactIA5Filter caseIgnoreIA5Filter - struct mrule_defs_rec mrule_defs[] = { {"( 2.5.13.0 NAME 'objectIdentifierMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )", @@ -1445,9 +1717,9 @@ struct mrule_defs_rec mrule_defs[] = { {"( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )", SLAP_MR_SUBSTR | SLAP_MR_EXT, - NULL, NULL, caseIgnoreSubstringsMatch, NULL, NULL}, + NULL, NULL, caseIgnoreSubstringsMatch, + caseIgnoreSubstringsIndexer, caseIgnoreSubstringsFilter}, - /* Next three are not in the RFC's, but are needed for compatibility */ {"( 2.5.13.5 NAME 'caseExactMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )", SLAP_MR_EQUALITY | SLAP_MR_EXT, @@ -1461,7 +1733,8 @@ struct mrule_defs_rec mrule_defs[] = { {"( 2.5.13.7 NAME 'caseExactSubstringsMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )", SLAP_MR_SUBSTR | SLAP_MR_EXT, - NULL, NULL, caseExactSubstringsMatch, NULL, NULL}, + NULL, NULL, caseExactSubstringsMatch, + caseExactSubstringsIndexer, caseExactSubstringsFilter}, {"( 2.5.13.8 NAME 'numericStringMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )", @@ -1471,7 +1744,8 @@ struct mrule_defs_rec mrule_defs[] = { {"( 2.5.13.10 NAME 'numericStringSubstringsMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )", SLAP_MR_SUBSTR | SLAP_MR_EXT, - NULL, NULL, caseIgnoreIA5SubstringsMatch, NULL, NULL}, + NULL, NULL, caseIgnoreIA5SubstringsMatch, + caseIgnoreIA5SubstringsIndexer, caseIgnoreIA5SubstringsFilter}, {"( 2.5.13.11 NAME 'caseIgnoreListMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )", @@ -1483,14 +1757,19 @@ struct mrule_defs_rec mrule_defs[] = { SLAP_MR_SUBSTR | SLAP_MR_EXT, NULL, NULL, caseIgnoreListSubstringsMatch, NULL, NULL}, + {"( 2.5.13.13 NAME 'booleanMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )", + SLAP_MR_EQUALITY | SLAP_MR_EXT, + NULL, NULL, booleanMatch, NULL, NULL}, + {"( 2.5.13.14 NAME 'integerMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )", - SLAP_MR_NONE | SLAP_MR_EXT, + SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, NULL, integerMatch, NULL, NULL}, {"( 2.5.13.16 NAME 'bitStringMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )", - SLAP_MR_NONE | SLAP_MR_EXT, + SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, NULL, bitStringMatch, NULL, NULL}, {"( 2.5.13.17 NAME 'octetStringMatch' " @@ -1510,17 +1789,17 @@ struct mrule_defs_rec mrule_defs[] = { {"( 2.5.13.22 NAME 'presentationAddressMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 )", - SLAP_MR_NONE | SLAP_MR_EXT, + SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, NULL, presentationAddressMatch, NULL, NULL}, {"( 2.5.13.23 NAME 'uniqueMemberMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )", - SLAP_MR_NONE | SLAP_MR_EXT, + SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, NULL, uniqueMemberMatch, NULL, NULL}, {"( 2.5.13.24 NAME 'protocolInformationMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )", - SLAP_MR_NONE | SLAP_MR_EXT, + SLAP_MR_EQUALITY | SLAP_MR_EXT, NULL, NULL, protocolInformationMatch, NULL, NULL}, {"( 2.5.13.27 NAME 'generalizedTimeMatch' " @@ -1546,17 +1825,26 @@ struct mrule_defs_rec mrule_defs[] = { {"( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )", SLAP_MR_EQUALITY | SLAP_MR_EXT, - NULL, NULL, caseExactIA5Match, caseExactIA5Indexer, caseExactIA5Filter}, + NULL, NULL, + caseExactIA5Match, caseExactIA5Indexer, caseExactIA5Filter}, {"( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )", SLAP_MR_EQUALITY | SLAP_MR_EXT, - NULL, NULL, caseIgnoreIA5Match, caseExactIA5Indexer, caseExactIA5Filter}, + NULL, NULL, + caseIgnoreIA5Match, caseExactIA5Indexer, caseExactIA5Filter}, {"( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )", SLAP_MR_SUBSTR, - NULL, NULL, caseIgnoreIA5SubstringsMatch, NULL, NULL}, + NULL, NULL, caseIgnoreIA5SubstringsMatch, + caseIgnoreIA5SubstringsIndexer, caseIgnoreIA5SubstringsFilter}, + + {"( 1.3.6.1.4.1.4203.666.4.3 NAME 'caseExactIA5SubstringsMatch' " + "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )", + SLAP_MR_SUBSTR, + NULL, NULL, caseExactIA5SubstringsMatch, + caseExactIA5SubstringsIndexer, caseExactIA5SubstringsFilter}, {"( 1.3.6.1.4.1.4203.666.4.1 NAME 'authPasswordMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )", diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c index adcd6c7693..1bd2f942f4 100644 --- a/servers/slapd/schema_prep.c +++ b/servers/slapd/schema_prep.c @@ -20,19 +20,91 @@ int schema_init_done = 0; struct slap_internal_schema slap_schema; +#define objectClassIndexer NULL +#define objectClassFilter NULL + static int objectClassMatch( - int *match, - unsigned use, + int *matchp, + unsigned flags, Syntax *syntax, MatchingRule *mr, struct berval *value, void *assertedValue ) { + struct berval *a = (struct berval *) assertedValue; ObjectClass *oc = oc_find( value->bv_val ); - ObjectClass *asserted = oc_find( ((struct berval *) assertedValue)->bv_val ); + ObjectClass *asserted = oc_find( a->bv_val ); + + if( asserted == NULL ) { + if( OID_LEADCHAR( *a->bv_val ) ) { + /* OID form, return FALSE */ + *matchp = 1; + return LDAP_SUCCESS; + } + + /* desc form, return undefined */ + return SLAPD_COMPARE_UNDEFINED; + } + + if ( oc == NULL ) { + /* unrecognized stored value */ + return SLAPD_COMPARE_UNDEFINED; + } + + if( flags & SLAP_MR_MODIFY_MATCHING ) { + *matchp = ( asserted != oc ); + } else { + *matchp = !is_object_subclass( asserted, oc ); + } + +#if 0 + Debug( LDAP_DEBUG_TRACE, "objectClassMatch(%s,%s) = %d\n", + value->bv_val, a->bv_val, *matchp ); +#endif + + return LDAP_SUCCESS; +} + +#define structuralObjectClassIndexer NULL +#define structuralObjectClassFilter NULL + +static int +structuralObjectClassMatch( + int *matchp, + unsigned flags, + Syntax *syntax, + MatchingRule *mr, + struct berval *value, + void *assertedValue ) +{ + struct berval *a = (struct berval *) assertedValue; + ObjectClass *oc = oc_find( value->bv_val ); + ObjectClass *asserted = oc_find( a->bv_val ); + + if( asserted == NULL ) { + if( OID_LEADCHAR( *a->bv_val ) ) { + /* OID form, return FALSE */ + *matchp = 1; + return LDAP_SUCCESS; + } + + /* desc form, return undefined */ + return SLAPD_COMPARE_UNDEFINED; + } + + if ( oc == NULL ) { + /* unrecognized stored value */ + return SLAPD_COMPARE_UNDEFINED; + } + + *matchp = ( asserted != oc ); + +#if 0 + Debug( LDAP_DEBUG_TRACE, "structuralObjectClassMatch(%s,%s) = %d\n", + value->bv_val, a->bv_val, *matchp ); +#endif - *match = ( oc == NULL || oc != asserted ); return LDAP_SUCCESS; } @@ -53,73 +125,91 @@ struct slap_schema_oc_map { struct slap_schema_ad_map { char *ssam_name; slap_mr_match_func *ssam_match; + slap_mr_indexer_func *ssam_indexer; + slap_mr_filter_func *ssam_filter; size_t ssam_offset; } ad_map[] = { - { "objectClass", objectClassMatch, + { "objectClass", + objectClassMatch, objectClassIndexer, objectClassFilter, offsetof(struct slap_internal_schema, si_ad_objectClass) }, + { "structuralObjectClass", + structuralObjectClassMatch, + structuralObjectClassIndexer, structuralObjectClassFilter, + offsetof(struct slap_internal_schema, si_ad_structuralObjectClass) }, /* user entry operational attributes */ - { "creatorsName", NULL, + { "creatorsName", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_creatorsName) }, - { "createTimestamp", NULL, + { "createTimestamp", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_createTimestamp) }, - { "modifiersName", NULL, + { "modifiersName", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_modifiersName) }, - { "modifyTimestamp", NULL, + { "modifyTimestamp", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_modifyTimestamp) }, - { "subschemaSubentry", NULL, + { "subschemaSubentry", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_subschemaSubentry) }, /* root DSE attributes */ - { "namingContexts", NULL, + { "namingContexts", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_namingContexts) }, - { "supportedControl", NULL, + { "supportedControl", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedControl) }, - { "supportedExtension", NULL, + { "supportedExtension", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedExtension) }, - { "supportedLDAPVersion", NULL, + { "supportedLDAPVersion", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedLDAPVersion) }, - { "supportedSASLMechanisms", NULL, + { "supportedSASLMechanisms", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_supportedSASLMechanisms) }, /* subschema subentry attributes */ - { "attributeTypes", NULL, + { "attributeTypes", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_attributeTypes) }, - { "ldapSyntaxes", NULL, + { "ldapSyntaxes", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ldapSyntaxes) }, - { "matchingRules", NULL, + { "matchingRules", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_matchingRules) }, - { "objectClasses", NULL, + { "objectClasses", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_objectClasses) }, /* knowledge information */ - { "aliasedObjectName", NULL, + { "aliasedObjectName", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_aliasedObjectName) }, - { "ref", NULL, + { "ref", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_ref) }, /* access control internals */ - { "entry", NULL, + { "entry", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_entry) }, - { "children", NULL, + { "children", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_children) }, #ifdef SLAPD_ACI_ENABLED - { "OpenLDAPaci", NULL, + { "OpenLDAPaci", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_aci) }, #endif - { "userPassword", NULL, + { "userPassword", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_userPassword) }, - { "authPassword", NULL, + { "authPassword", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_authPassword) }, #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - { "krbName", NULL, + { "krbName", NULL, NULL, NULL, offsetof(struct slap_internal_schema, si_ad_krbName) }, #endif - { NULL, NULL, 0 } + { NULL, NULL, NULL, NULL, 0 } }; +static AttributeType slap_at_undefined = { + "UNDEFINED", /* cname */ + { "1.1.1", NULL, NULL, 1, NULL, + NULL, NULL, NULL, NULL, + 0, 0, 0, 1, 3 }, + NULL, /* sup */ + NULL, /* subtypes */ + NULL, NULL, NULL, NULL, /* matching rules */ + NULL, /* syntax (this may need to be defined) */ + NULL /* next */ +}; int schema_prep( void ) @@ -166,6 +256,14 @@ schema_prep( void ) } } + slap_at_undefined.sat_syntax = syn_find( SLAPD_OCTETSTRING_SYNTAX ); + if( slap_at_undefined.sat_syntax == NULL ) { + fprintf( stderr, + "No octetString syntax \"" SLAPD_OCTETSTRING_SYNTAX "\"\n" ); + return LDAP_INVALID_SYNTAX; + } + slap_schema.si_at_undefined = &slap_at_undefined; + ++schema_init_done; return LDAP_SUCCESS; } diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c index 8350b877b7..6f00e93eef 100644 --- a/servers/slapd/schemaparse.c +++ b/servers/slapd/schemaparse.c @@ -78,7 +78,7 @@ find_oidm(char *oid) OidMacro *om; /* OID macros must start alpha */ - if ( isdigit( *oid ) ) { + if ( OID_LEADCHAR( *oid ) ) { return oid; } @@ -178,7 +178,7 @@ parse_oc( oc_usage(); } if ( oc->oc_oid ) { - if ( !isdigit( oc->oc_oid[0] )) { + if ( !OID_LEADCHAR( oc->oc_oid[0] )) { /* Expand OID macros */ oid = find_oidm( oc->oc_oid ); if ( !oid ) { @@ -272,7 +272,7 @@ parse_at( for (; argv[3]; argv++) { if (!strcasecmp(argv[3], "syntax") && - !isdigit(*argv[4])) + !OID_LEADCHAR(*argv[4])) { int slen; Syntax *syn; @@ -295,7 +295,7 @@ parse_at( at_usage(); } if ( at->at_oid ) { - if ( !isdigit( at->at_oid[0] )) { + if ( !OID_LEADCHAR( at->at_oid[0] )) { /* Expand OID macros */ oid = find_oidm( at->at_oid ); if ( !oid ) { @@ -311,8 +311,7 @@ parse_at( } } /* at->at_oid == NULL will be an error someday */ - if (soid) - { + if (soid) { ldap_memfree(at->at_syntax_oid); at->at_syntax_oid = soid; } diff --git a/servers/slapd/sets.c b/servers/slapd/sets.c new file mode 100644 index 0000000000..0fdec47ee2 --- /dev/null +++ b/servers/slapd/sets.c @@ -0,0 +1,390 @@ +/* $OpenLDAP$ */ +/* + * Copyright 2000 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include "portable.h" + +#include +#include + +#include "slap.h" +#include "sets.h" + +static char **set_join (char **lset, int op, char **rset); +static char **set_chase (SET_GATHER gatherer, void *cookie, char **set, char *attr, int attrlen, int closure); +static int set_samedn (char *dn1, char *dn2); + +long +set_size (char **set) +{ + int i; + + i = 0; + if (set != NULL) { + while (set[i]) + i++; + } + return(i); +} + +void +set_dispose (char **set) +{ + int i; + + if (set != NULL) { + for (i = 0; set[i]; i++) + ch_free(set[i]); + ch_free(set); + } +} + +static char ** +set_join (char **lset, int op, char **rset) +{ + char **set; + long i, j, last; + + set = NULL; + if (op == '|') { + if (lset == NULL || *lset == NULL) { + if (rset == NULL) { + if (lset == NULL) + return(ch_calloc(1, sizeof(char *))); + return(lset); + } + set_dispose(lset); + return(rset); + } + if (rset == NULL || *rset == NULL) { + set_dispose(rset); + return(lset); + } + + i = set_size(lset) + set_size(rset) + 1; + set = ch_calloc(i, sizeof(char *)); + if (set != NULL) { + /* set_chase() depends on this routine to + * keep the first elements of the result + * set the same (and in the same order) + * as the left-set. + */ + for (i = 0; lset[i]; i++) + set[i] = lset[i]; + ch_free(lset); + for (i = 0; rset[i]; i++) { + for (j = 0; set[j]; j++) { + if (set_samedn(rset[i], set[j])) { + ch_free(rset[i]); + rset[i] = NULL; + break; + } + } + if (rset[i]) + set[j] = rset[i]; + } + ch_free(rset); + } + return(set); + } + + if (op == '&') { + if (lset == NULL || *lset == NULL || rset == NULL || *rset == NULL) { + set = ch_calloc(1, sizeof(char *)); + } else { + set = lset; + lset = NULL; + last = set_size(set) - 1; + for (i = 0; set[i]; i++) { + for (j = 0; rset[j]; j++) { + if (set_samedn(set[i], rset[j])) + break; + } + if (rset[j] == NULL) { + ch_free(set[i]); + set[i] = set[last]; + set[last] = NULL; + last--; + i--; + } + } + } + } + + set_dispose(lset); + set_dispose(rset); + return(set); +} + +static char ** +set_chase (SET_GATHER gatherer, void *cookie, char **set, char *attr, int attrlen, int closure) +{ + char **vals, **nset; + char attrstr[32]; + int i; + + if (set == NULL) + return(ch_calloc(1, sizeof(char *))); + + if (*set == NULL) + return(set); + + if (attrlen > (sizeof(attrstr) - 1)) { + set_dispose(set); + return(NULL); + } + memcpy(attrstr, attr, attrlen); + attrstr[attrlen] = 0; + + nset = ch_calloc(1, sizeof(char *)); + if (nset == NULL) { + set_dispose(set); + return(NULL); + } + for (i = 0; set[i]; i++) { + vals = (gatherer)(cookie, set[i], attrstr); + if (vals != NULL) + nset = set_join(nset, '|', vals); + } + set_dispose(set); + + if (closure) { + for (i = 0; nset[i]; i++) { + vals = (gatherer)(cookie, nset[i], attrstr); + if (vals != NULL) { + nset = set_join(nset, '|', vals); + if (nset == NULL) + break; + } + } + } + return(nset); +} + +static int +set_samedn (char *dn1, char *dn2) +{ + char c1, c2; + + while (*dn1 == ' ') dn1++; + while (*dn2 == ' ') dn2++; + while (*dn1 || *dn2) { + if (*dn1 != '=' && *dn1 != ',' + && *dn2 != '=' && *dn2 != ',') + { + c1 = *dn1++; + c2 = *dn2++; + if (c1 >= 'a' && c1 <= 'z') + c1 -= 'a' - 'A'; + if (c2 >= 'a' && c2 <= 'z') + c2 -= 'a' - 'A'; + if (c1 != c2) + return(0); + } else { + while (*dn1 == ' ') dn1++; + while (*dn2 == ' ') dn2++; + if (*dn1++ != *dn2++) + return(0); + while (*dn1 == ' ') dn1++; + while (*dn2 == ' ') dn2++; + } + } + return(1); +} + +int +set_filter (SET_GATHER gatherer, void *cookie, char *filter, char *user, char *this, char ***results) +{ + #define IS_SET(x) ( (long)(x) >= 256 ) + #define IS_OP(x) ( (long)(x) < 256 ) + #define SF_ERROR(x) { rc = -1; goto _error; } + #define SF_TOP() (char **)( (stp < 0) ? 0 : stack[stp] ) + #define SF_POP() (char **)( (stp < 0) ? 0 : stack[stp--] ) + #define SF_PUSH(x) { if (stp >= 63) SF_ERROR(overflow); stack[++stp] = (char **)(long)(x); } + char c; + char **set, **lset; + int len, op, rc, stp; + char **stack[64]; + + if (results) + *results = NULL; + + stp = -1; + while (c = *filter++) { + set = NULL; + switch (c) { + case ' ': + case '\t': + case '\x0A': + case '\x0D': + break; + + case '(': + if (IS_SET(SF_TOP())) + SF_ERROR(syntax); + SF_PUSH(c); + break; + + case ')': + set = SF_POP(); + if (IS_OP(set)) + SF_ERROR(syntax); + if (SF_TOP() == (void *)'(') { + SF_POP(); + SF_PUSH(set); + set = NULL; + } else if (IS_OP(SF_TOP())) { + op = (long)SF_POP(); + lset = SF_POP(); + SF_POP(); + set = set_join(lset, op, set); + if (set == NULL) + SF_ERROR(memory); + SF_PUSH(set); + set = NULL; + } else { + SF_ERROR(syntax); + } + break; + + case '&': + case '|': + set = SF_POP(); + if (IS_OP(set)) + SF_ERROR(syntax); + if (SF_TOP() == 0 || SF_TOP() == (void *)'(') { + SF_PUSH(set); + set = NULL; + } else if (IS_OP(SF_TOP())) { + op = (long)SF_POP(); + lset = SF_POP(); + set = set_join(lset, op, set); + if (set == NULL) + SF_ERROR(memory); + SF_PUSH(set); + set = NULL; + } else { + SF_ERROR(syntax); + } + SF_PUSH(c); + break; + + case '[': + if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP())) + SF_ERROR(syntax); + for ( len = 0; + (c = *filter++) && (c != ']'); + len++) + { } + if (c == 0) + SF_ERROR(syntax); + + set = ch_calloc(2, sizeof(char *)); + if (set == NULL) + SF_ERROR(memory); + *set = ch_calloc(len + 1, sizeof(char)); + if (*set == NULL) + SF_ERROR(memory); + memcpy(*set, &filter[-len - 1], len); + SF_PUSH(set); + set = NULL; + break; + + case '-': + c = *filter++; + if (c != '>') + SF_ERROR(syntax); + /* fall through to next case */ + + case '/': + if (IS_OP(SF_TOP())) + SF_ERROR(syntax); + SF_PUSH('/'); + break; + + default: + if ((c != '_') + && (c < 'A' || c > 'Z') + && (c < 'a' || c > 'z')) + { + SF_ERROR(syntax); + } + filter--; + for ( len = 1; + (c = filter[len]) + && ((c >= '0' && c <= '9') + || (c >= 'A' && c <= 'Z') + || (c >= 'a' && c <= 'z')); + len++) + { } + if (len == 4 + && memcmp("this", filter, len) == 0) + { + if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP())) + SF_ERROR(syntax); + set = ch_calloc(2, sizeof(char *)); + if (set == NULL) + SF_ERROR(memory); + *set = ch_strdup(this); + if (*set == NULL) + SF_ERROR(memory); + } else if (len == 4 + && memcmp("user", filter, len) == 0) + { + if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP())) + SF_ERROR(syntax); + set = ch_calloc(2, sizeof(char *)); + if (set == NULL) + SF_ERROR(memory); + *set = ch_strdup(user); + if (*set == NULL) + SF_ERROR(memory); + } else if (SF_TOP() != (void *)'/') { + SF_ERROR(syntax); + } else { + SF_POP(); + set = set_chase(gatherer, cookie, SF_POP(), filter, len, c == '*'); + if (set == NULL) + SF_ERROR(memory); + if (c == '*') + len++; + } + filter += len; + SF_PUSH(set); + set = NULL; + break; + } + } + + set = SF_POP(); + if (IS_OP(set)) + SF_ERROR(syntax); + if (SF_TOP() == 0) { + + } else if (IS_OP(SF_TOP())) { + op = (long)SF_POP(); + lset = SF_POP(); + set = set_join(lset, op, set); + if (set == NULL) + SF_ERROR(memory); + } else { + SF_ERROR(syntax); + } + + rc = set_size(set); + if (results) { + *results = set; + set = NULL; + } + +_error: + if (IS_SET(set)) + set_dispose(set); + while (set = SF_POP()) { + if (IS_SET(set)) + set_dispose(set); + } + return(rc); +} diff --git a/servers/slapd/sets.h b/servers/slapd/sets.h new file mode 100644 index 0000000000..134707fe5e --- /dev/null +++ b/servers/slapd/sets.h @@ -0,0 +1,18 @@ +/* $OpenLDAP$ */ +/* + * Copyright 2000 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +/* this routine needs to return the bervals instead of + * plain strings, since syntax is not known. It should + * also return the syntax or some "comparison cookie" + * that is used by set_filter. + */ +typedef char **(*SET_GATHER) (void *cookie, char *name, char *attr); + +long set_size (char **set); +void set_dispose (char **set); + +int set_filter (SET_GATHER gatherer, void *cookie, char *filter, char *user, char *this, char ***results); + diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 105937c807..e2ddbacca3 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -78,6 +78,9 @@ LDAP_BEGIN_DECL #define ASCII_DIGIT(c) ( (c) >= '0' && (c) <= '9' ) #define ASCII_ALNUM(c) ( ASCII_ALPHA(c) || ASCII_DIGIT(c) ) +#define ASCII_PRINTABLE(c) ( (c) >= ' ' && (c) <= '~' ) +#define FILTER_ESCAPE(c) ( (c) == '\\' || (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) ) + #define DN_SEPARATOR(c) ((c) == ',' || (c) == ';') #define RDN_SEPARATOR(c) ((c) == ',' || (c) == ';' || (c) == '+') #define RDN_NEEDSESCAPE(c) ((c) == '\\' || (c) == '"') @@ -85,7 +88,8 @@ LDAP_BEGIN_DECL #define DESC_LEADCHAR(c) ( ASCII_ALPHA(c) ) #define DESC_CHAR(c) ( ASCII_ALNUM(c) || (c) == '-' ) #define OID_LEADCHAR(c) ( ASCII_DIGIT(c) ) -#define OID_CHAR(c) ( ASCII_DIGIT(c) || (c) == '.' ) +#define OID_SEPARATOR(c) ( (c) == '.' ) +#define OID_CHAR(c) ( OID_LEADCHAR(c) || OID_SEPARATOR(c) ) #define ATTR_LEADCHAR(c) ( DESC_LEADCHAR(c) || OID_LEADCHAR(c) ) #define ATTR_CHAR(c) ( DESC_CHAR((c)) || (c) == '.' ) @@ -103,7 +107,14 @@ LDAP_BEGIN_DECL #define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1" #define SLAPD_ACI_ATTR "OpenLDAPaci" -LIBSLAPD_F (int) slap_debug; +#define SLAPD_OCTETSTRING_SYNTAX "1.3.6.1.4.1.1466.115.121.1.40" + +/* change this to "OpenLDAPset" */ +#define SLAPD_ACI_SET_ATTR "template" + +#define SLAPD_TOP_OID "2.5.6.0" + +LDAP_SLAPD_F (int) slap_debug; /* * Index types @@ -128,6 +139,11 @@ LIBSLAPD_F (int) slap_debug; #define SLAP_INDEX_SUBSTR_DEFAULT ( SLAP_INDEX_SUBSTR \ | SLAP_INDEX_SUBSTR_INITIAL | SLAP_INDEX_SUBSTR_FINAL ) +#define SLAP_INDEX_SUBSTR_INITIAL_MIN_LEN 2 +#define SLAP_INDEX_SUBSTR_INITIAL_MAX_LEN 4 +#define SLAP_INDEX_SUBSTR_FINAL_MIN_LEN 2 +#define SLAP_INDEX_SUBSTR_FINAL_MAX_LEN 4 + #define SLAP_INDEX_FLAGS 0xF000UL #define SLAP_INDEX_SUBTYPES 0x1000UL /* use index with subtypes */ #define SLAP_INDEX_AUTO_SUBTYPES 0x2000UL /* use mask with subtypes */ @@ -146,6 +162,10 @@ typedef long slap_index; #define SLAP_INDEX_CONT_PREFIX '.' /* prefix for continuation keys */ #define SLAP_INDEX_UNKNOWN_PREFIX '?' /* prefix for unknown keys */ +#define SLAP_SYNTAX_MATCHINGRULES_OID "1.3.6.1.4.1.1466.115.121.1.30" +#define SLAP_SYNTAX_ATTRIBUTETYPES_OID "1.3.6.1.4.1.1466.115.121.1.3" +#define SLAP_SYNTAX_OBJECTCLASSES_OID "1.3.6.1.4.1.1466.115.121.1.37" + /* * represents schema information for a database */ @@ -230,7 +250,7 @@ typedef int slap_mr_normalize_func LDAP_P(( /* Match (compare) function */ typedef int slap_mr_match_func LDAP_P(( int *match, - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval * value, @@ -238,7 +258,7 @@ typedef int slap_mr_match_func LDAP_P(( /* Index generation function */ typedef int slap_mr_indexer_func LDAP_P(( - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval *prefix, @@ -247,7 +267,7 @@ typedef int slap_mr_indexer_func LDAP_P(( /* Filter index function */ typedef int slap_mr_filter_func LDAP_P(( - unsigned use, + unsigned flags, struct slap_syntax *syntax, /* syntax of stored value */ struct slap_matching_rule *mr, struct berval *prefix, @@ -259,7 +279,8 @@ typedef struct slap_matching_rule { unsigned smr_usage; #define SLAP_MR_TYPE_MASK 0xFF00U -#define SLAP_MR_SUBTYPE_MASK 0x00FFU +#define SLAP_MR_SUBTYPE_MASK 0x00F0U +#define SLAP_MR_USAGE 0x000FU #define SLAP_MR_NONE 0x0000U #define SLAP_MR_EQUALITY 0x0100U @@ -267,11 +288,14 @@ typedef struct slap_matching_rule { #define SLAP_MR_SUBSTR 0x0400U #define SLAP_MR_EXT 0x0800U -#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0001U ) +#define SLAP_MR_EQUALITY_APPROX ( SLAP_MR_EQUALITY | 0x0010U ) -#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0001U ) -#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0002U ) -#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0004U ) +#define SLAP_MR_SUBSTR_INITIAL ( SLAP_MR_SUBSTR | 0x0010U ) +#define SLAP_MR_SUBSTR_ANY ( SLAP_MR_SUBSTR | 0x0020U ) +#define SLAP_MR_SUBSTR_FINAL ( SLAP_MR_SUBSTR | 0x0040U ) + +/* this is used to kludge objectClass testing */ +#define SLAP_MR_MODIFY_MATCHING 0x0001U Syntax *smr_syntax; slap_mr_convert_func *smr_convert; @@ -342,8 +366,8 @@ typedef struct slap_object_class { * represents a recognized attribute description ( type + options ) */ typedef struct slap_attr_desc { - struct berval *ad_cname; /* canonical name */ - AttributeType *ad_type; /* NULL if unknown */ + struct berval *ad_cname; /* canonical name, must be specified */ + AttributeType *ad_type; /* attribute type, must be specified */ char *ad_lang; /* NULL if no language tags */ unsigned ad_flags; #define SLAP_DESC_NONE 0x0U @@ -366,24 +390,25 @@ struct slap_internal_schema { ObjectClass *si_oc_subschema; ObjectClass *si_oc_rootdse; - /* objectClass attribute */ + /* objectClass attribute descriptions */ AttributeDescription *si_ad_objectClass; - /* operational attributes */ + /* operational attribute descriptions */ + AttributeDescription *si_ad_structuralObjectClass; AttributeDescription *si_ad_creatorsName; AttributeDescription *si_ad_createTimestamp; AttributeDescription *si_ad_modifiersName; AttributeDescription *si_ad_modifyTimestamp; AttributeDescription *si_ad_subschemaSubentry; - /* root DSE attributes */ + /* root DSE attribute descriptions */ AttributeDescription *si_ad_namingContexts; AttributeDescription *si_ad_supportedControl; AttributeDescription *si_ad_supportedExtension; AttributeDescription *si_ad_supportedLDAPVersion; AttributeDescription *si_ad_supportedSASLMechanisms; - /* subschema subentry attributes */ + /* subschema subentry attribute descriptions */ AttributeDescription *si_ad_objectClasses; AttributeDescription *si_ad_attributeTypes; AttributeDescription *si_ad_ldapSyntaxes; @@ -401,12 +426,15 @@ struct slap_internal_schema { AttributeDescription *si_ad_aci; #endif - /* Other */ + /* Other attributes descriptions */ AttributeDescription *si_ad_userPassword; AttributeDescription *si_ad_authPassword; #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND AttributeDescription *si_ad_krbName; #endif + + /* Undefined Attribute Type */ + AttributeType *si_at_undefined; }; typedef struct slap_attr_assertion { @@ -432,7 +460,6 @@ typedef struct slap_mr_assertion { /* * represents a search filter */ - typedef struct slap_filter { ber_tag_t f_choice; /* values taken from ldap.h, plus: */ #define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1) @@ -555,7 +582,6 @@ typedef struct slap_ldap_modlist { /* * represents an access control list */ - typedef enum slap_access_e { ACL_INVALID_ACCESS = -1, ACL_NONE = 0, @@ -574,11 +600,15 @@ typedef enum slap_control_e { } slap_control_t; typedef enum slap_style_e { - ACL_STYLE_REGEX, + ACL_STYLE_REGEX = 0, ACL_STYLE_BASE, ACL_STYLE_ONE, ACL_STYLE_SUBTREE, - ACL_STYLE_CHILDREN + ACL_STYLE_CHILDREN, + ACL_STYLE_ATTROF, + + /* alternate names */ + ACL_STYLE_EXACT = ACL_STYLE_BASE } slap_style_t; typedef unsigned long slap_access_mask_t; @@ -660,6 +690,8 @@ typedef struct slap_access { char *a_domain_pat; slap_style_t a_sockurl_style; char *a_sockurl_pat; + slap_style_t a_set_style; + char *a_set_pat; #ifdef SLAPD_ACI_ENABLED AttributeDescription *a_aci_at; @@ -706,12 +738,12 @@ struct replog_moddn { typedef struct slap_backend_info BackendInfo; /* per backend type */ typedef struct slap_backend_db BackendDB; /* per backend database */ -LIBSLAPD_F (int) nBackendInfo; -LIBSLAPD_F (int) nBackendDB; -LIBSLAPD_F (BackendInfo *) backendInfo; -LIBSLAPD_F (BackendDB *) backendDB; +LDAP_SLAPD_F (int) nBackendInfo; +LDAP_SLAPD_F (int) nBackendDB; +LDAP_SLAPD_F (BackendInfo *) backendInfo; +LDAP_SLAPD_F (BackendDB *) backendDB; -LIBSLAPD_F (int) slapMode; +LDAP_SLAPD_F (int) slapMode; #define SLAP_UNDEFINED_MODE 0x0000 #define SLAP_SERVER_MODE 0x0001 #define SLAP_TOOL_MODE 0x0002 @@ -745,6 +777,7 @@ struct slap_backend_db { #define be_release bd_info->bi_entry_release_rw #define be_chk_referrals bd_info->bi_chk_referrals #define be_group bd_info->bi_acl_group +#define be_attribute bd_info->bi_acl_attribute #define be_controls bd_info->bi_controls @@ -917,6 +950,11 @@ struct slap_backend_info { Entry *e, const char *bdn, const char *edn, ObjectClass *group_oc, AttributeDescription *group_at )); + int (*bi_acl_attribute) LDAP_P((Backend *bd, + struct slap_conn *c, struct slap_op *o, + Entry *e, const char *edn, + AttributeDescription *entry_at, + struct berval ***vals )); int (*bi_connection_init) LDAP_P((BackendDB *bd, struct slap_conn *c)); @@ -961,7 +999,6 @@ struct slap_backend_info { /* * represents an operation pending from an ldap client */ - typedef struct slap_op { ber_int_t o_opid; /* id of this operation */ ber_int_t o_msgid; /* msgid of the request */ @@ -1012,7 +1049,6 @@ typedef struct slap_op { /* * represents a connection from an ldap client */ - typedef struct slap_conn { int c_struct_state; /* structure management state */ int c_conn_state; /* connection state */ diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf index 3f3a973e5e..543bcd10be 100644 --- a/servers/slapd/slapd.conf +++ b/servers/slapd/slapd.conf @@ -36,9 +36,9 @@ suffix "dc=my-domain, dc=com" rootdn "cn=Manager, dc=my-domain, dc=com" #rootdn "cn=Manager, o=My Organization Name, c=US" # cleartext passwords, especially for the rootdn, should -# be avoid. See slapd.conf(5) for details. +# be avoid. See slappasswd(8) and slapd.conf(5) for details. rootpw secret # database directory # this directory MUST exist prior to running slapd AND -# should only be accessable by the slapd/tools Mode 700 recommended. +# should only be accessable by the slapd/tools. Mode 700 recommended. directory %LOCALSTATEDIR%/openldap-ldbm diff --git a/servers/slapd/tools/Makefile.in b/servers/slapd/tools/Makefile.in index 2eeff95e5c..fad33e3883 100644 --- a/servers/slapd/tools/Makefile.in +++ b/servers/slapd/tools/Makefile.in @@ -16,7 +16,6 @@ # #----------------------------------------------------------------------------- BUILD_LDBM = @BUILD_LDBM@ -BUILD_QUIPU = @BUILD_QUIPU@ LDAP_INCDIR= ../../../include LDAP_LIBDIR= ../../../libraries @@ -27,27 +26,20 @@ XDEFS = $(MODULES_CPPFLAGS) XLDFLAGS = $(MODULES_LDFLAGS) $(SLAPD_MODULES) XLIBS = -lavl -lldif -lldbm -llutil -lldap_r -llber -XXLIBS = $(QUIPU_LIBS) $(SLAPD_LIBS) \ +XXLIBS = $(SLAPD_LIBS) \ $(LDBM_LIBS) $(SECURITY_LIBS) \ $(LDIF_LIBS) $(LUTIL_LIBS) -XXXLIBS = $(LTHREAD_LIBS) $(MODULES_LIBS) +XXXLIBS = $(MODULES_LIBS) $(LTHREAD_LIBS) -PROGRAMS=ldif slappasswd slapadd slapcat slapindex -LDBMPROGRAMS=centipede sizecount -QUIPUPROGRAMS=chlog2replog edb2ldif +PROGRAMS=slapadd slapcat slapindex slappasswd # CPPFLAGS will include the defines for dynamic libs in Mingw32. -NT_DYN_DEFS = -DLIBLBER_DECL=dllimport -DLIBLDAP_DECL=dllimport +NT_DYN_DEFS = -DLBER_DECL=dllimport -DLDAP_DECL=dllimport CPPFLAGS = $(@PLAT@_@LIB_LINKAGE@_DEFS) -SRCS = ldif.c mimic.c slapcommon.c slapadd.c slapcat.c slapindex.c +SRCS = mimic.c slapcommon.c \ + slapadd.c slapcat.c slapindex.c slappasswd.c -XSRCS = edb2-vers.c - -# LDBMSRCS = centipede.c sizecount.c -LDBMSRCS = - -QUIPUSRCS = edb2ldif.c ldapsyntax.c chlog2replog.c SLAPD_OBJS = ../config.o ../ch_malloc.o ../backend.o ../charray.o \ ../module.o ../aclparse.o ../filterentry.o \ ../schema.o ../schema_check.o ../schema_init.o ../schema_prep.o \ @@ -55,31 +47,14 @@ SLAPD_OBJS = ../config.o ../ch_malloc.o ../backend.o ../charray.o \ ../acl.o ../phonetic.o ../attr.o ../value.o ../entry.o \ ../dn.o ../filter.o ../str2filter.o ../ava.o ../init.o \ ../controls.o ../kerberos.o ../passwd.o ../index.o \ - ../extended.o ../starttls.o + ../extended.o ../starttls.o ../sets.o SLAPOBJS = $(SLAPD_OBJS) slapcommon.o mimic.o -EDB2LDIFSRCS = edb2ldif.c ldapsyntax.c -EDB2LDIFOBJS = edb2ldif.o ldapsyntax.o - -UNIX_PRGS = build-ldbm build-quipu - -all-local: build-progs $(@PLAT@_PRGS) +all-local: build-progs build-progs: $(PROGRAMS) -build-ldbm: ldbm-tools-$(BUILD_LDBM) -ldbm-tools-no: - @echo "run configure with --enable-ldbm to build LDBM tools" - -ldbm-tools-yes ldbm-tools-mod: $(LDBMPROGRAMS) - -build-quipu: quipu-tools-$(BUILD_QUIPU) -quipu-tools-no: - @echo "run configure with --enable-quipu to build QUIPU tools" - -quipu-tools-yes quipu-tools-mod: $(QUIPUPROGRAMS) - # # SLAP Tools # @@ -92,63 +67,11 @@ slapcat: slapcat.o ../libbackends.a $(SLAPOBJS) $(SLAPD_LIBDEPEND) slapindex: slapindex.o ../libbackends.a $(SLAPOBJS) $(SLAPD_LIBDEPEND) $(LTLINK) -o $@ slapindex.o $(SLAPOBJS) ../libbackends.a $(LIBS) -ldif: ldif.o $(SLAPD_LIBDEPEND) - $(LTLINK) -o $@ ldif.o $(LIBS) - slappasswd: slappasswd.o $(SLAPD_LIBDEPEND) $(LTLINK) -o $@ slappasswd.o $(LIBS) -# -# LDBM Specific Tools -# (deprecated) -centipede: centipede.o $(SLAPD_LIBDEPEND) - $(LTLINK) -o $@ centipede.o $(LIBS) - -sizecount: sizecount.o ../phonetic.o ../ch_malloc.o $(SLAPD_LIBDEPEND) - $(LTLINK) -o $@ sizecount.o ../phonetic.o ../ch_malloc.o $(LIBS) - -# -# QUIPU Specific Tools -# -edb2ldif: edb2-vers.o - $(CC) $(LDFLAGS) -o $@ $(EDB2LDIFOBJS) edb2-vers.o $(LIBS) - -edb2-vers.c: $(EDB2LDIFOBJS) - @-$(RM) $@ - $(MKVERSION) ebd2ldif > $@ - -chlog2replog: chlog2replog.o ../lock.o ../ch_malloc.o $(SLAPD_LIBDEPEND) - $(LTLINK) -o $@ chlog2replog.o ../lock.o ../ch_malloc.o $(LIBS) - clean-local: FORCE - $(RM) $(PROGRAMS) $(LDBMPROGRAMS) $(QUIPUPROGRAMS) \ - $(XPROGRAMS) $(XSRCS) *.o core .libs/* *.exe + $(RM) $(PROGRAMS) $(XPROGRAMS) $(XSRCS) *.o core .libs/* *.exe depend-local: FORCE - DEPEND_LDBM= ; DEPEND_QUIPU= ; \ - if [ "$(BUILD_LDBM)" != "no" ]; then \ - DEPEND_LDBM="$(LDBMSRCS)"; \ - fi; \ - if [ "$(BUILD_QUIPU)" != "no" ]; then \ - DEPEND_QUIPU="$(QUIPUINCLUDEFLAG) $(QUIPUSRCS)"; \ - fi; \ - $(MKDEP) $(DEFS) $(DEFINES) $(SRCS) $$DEPEND_QUIPU $$DEPEND_LDBM - -install-local: install-ldbm-$(BUILD_LDBM) \ - install-quipu-$(BUILD_QUIPU) - -install-ldbm-no install-quipu-no: - -install-ldbm-yes install-ldbm-mod: FORCE - -$(MKDIR) $(DESTDIR)$(sbindir) - @for bin in $(PROGRAMS); do \ - $(LTINSTALL) $(INSTALLFLAGS) -s -m 755 \ - $$bin$(EXEEXT) $(DESTDIR)$(sbindir); \ - done - -install-quipu-yes: FORCE - @-$(MKDIR) $(DESTDIR)$(sbindir) - for bin in edb2ldif chlog2replog; do \ - $(LTINSTALL) $(INSTALLFLAGS) -s -m 755 \ - $$bin $(DESTDIR)$(sbindir); \ - done + $(MKDEP) $(DEFS) $(DEFINES) $(SRCS) diff --git a/servers/slapd/tools/centipede.c b/servers/slapd/tools/centipede.c deleted file mode 100644 index 732c8405dc..0000000000 --- a/servers/slapd/tools/centipede.c +++ /dev/null @@ -1,1026 +0,0 @@ -/* centipede.c - generate and install indexing information (view w/tabstop=4) */ -/* $OpenLDAP$ */ - -#include "portable.h" - -#include -#include - -#include -#include -#include -#include /* get link(), unlink() */ - -#include -#include - -int slap_debug; - -#define DEFAULT_LDAPFILTER "(objectclass=*)" - -#define CENTROID_VALUE 1 -#define CENTROID_WORD 2 - -#define CENTROID_RELATIVE 1 -#define CENTROID_FULL 2 - -#define WORD_BREAKS " -',.()!;:&$%*\"/\\+_<>=?[]|^~" - -char *centdir; -int ldbmcachesize; -int centroidvalues; -int centroidtype; -int doweights; -char *ldaphost; -char *srcldapbinddn; -char *srcldappasswd; -char *destldapbinddn; -char *destldappasswd; -char *ldapbase; -int srcldapauthmethod; -int destldapauthmethod; -int verbose; -int not; - -static LDAP *start_ldap_search(char *ldapsrcurl, char *ldapfilter, char **attrs); -static LDAP *bind_to_destination_ldap(char *ldapsrcurl, char *ldapdesturl); -static int create_tmp_files(char **attrs, char ***tmpfile, LDBM **ldbm); -static int generate_new_centroids(LDAP *ld, char **attrs, LDBM *ldbm); -static LDAPMod **diff_centroids(char *attr, LDBM oldbm, LDBM nldbm, int nentries); -static LDAPMod **full_centroid(char *attr, LDBM ldbm, int nentries); -static char **charray_add_dup(char ***a, int *cur, int *max, char *s); - -static void usage( char *name ) -{ - fprintf( stderr, "usage: %s [options] -s url -d url attributes\n", name ); - fprintf( stderr, "where:\n" ); - fprintf( stderr, "\t-s url\t\t[[ldap://][host[:port]]/]searchbasedn\n"); - fprintf( stderr, "\t-d url\t\t[[ldap://][host[:port]]/]centroidentrydn\n"); - fprintf( stderr, "options:\n" ); - fprintf( stderr, "\t-v \t\tturn on verbose mode\n" ); - fprintf( stderr, "\t-n \t\tgenerate, but do not install index info\n" ); - fprintf( stderr, "\t-f filter\tentry selection filter\n" ); - fprintf( stderr, "\t-F \t\tgenerate a full centroid\n" ); - fprintf( stderr, "\t-R \t\tgenerate a relative centroid\n" ); - fprintf( stderr, "\t-w \t\tgenerate a word-based centroid\n" ); - fprintf( stderr, "\t-t directory\tcentroid directory\n" ); - fprintf( stderr, "\t-b binddn\tsource bind dn\n" ); - fprintf( stderr, "\t-p passwd\tsource bind passwd (for simple auth)\n" ); - fprintf( stderr, "\t-m authmethod\tsource authmethod \"simple\" or \"kerberos\"\n" ); - fprintf( stderr, "\t-B binddn\tdestination bind dn\n" ); - fprintf( stderr, "\t-P passwd\tdestination bind passwd (for simple auth)\n" ); - fprintf( stderr, "\t-M authmethod\tdestination authmethod \"simple\" or \"kerberos\"\n" ); - fprintf( stderr, "\t-c size\t\tldbm cache size\n" ); -} - -int -main( int argc, char **argv ) -{ - char *ldapfilter; - char *ldapsrcurl, *ldapdesturl; - LDAP *ld; - LDAPMod **mods; - char **attrs; - char **tmpfile; - LDBM *ldbm; - LDBM oldbm; - char buf[BUFSIZ]; - int i, j, k, count; - char *s; - - ldapsrcurl = NULL; - ldapdesturl = NULL; - ldaphost = NULL; - ldapbase = NULL; - srcldapauthmethod = LDAP_AUTH_SIMPLE; - destldapauthmethod = LDAP_AUTH_SIMPLE; - srcldapbinddn = NULL; - srcldappasswd = NULL; - destldapbinddn = NULL; - destldappasswd = NULL; - ldapfilter = DEFAULT_LDAPFILTER; - centroidvalues = CENTROID_VALUE; - centroidtype = CENTROID_RELATIVE; - centdir = NULL; - tmpfile = NULL; - ldbmcachesize = 0; - - while ( (i = getopt( argc, argv, "s:d:c:b:B:f:FRWp:P:m:M:t:vwn" )) - != EOF ) { - switch ( i ) { - case 's': /* source url [[ldap://][host[:port]]/]basedn */ - ldapsrcurl = strdup( optarg ); - break; - - case 'd': /* destination url [[ldap://][host[:port]]/]entrydn */ - ldapdesturl = strdup( optarg ); - break; - - case 'f': /* specify a filter */ - ldapfilter = strdup( optarg ); - break; - - case 'F': /* generate full centroid */ - centroidtype = CENTROID_FULL; - break; - - case 'R': /* generate relative centroid */ - centroidtype = CENTROID_RELATIVE; - break; - - case 'w': /* generate word centroid */ - centroidvalues = CENTROID_WORD; - break; - - case 'W': /* generate weights */ - doweights = 1; - break; - - case 't': /* temp file directory */ - centdir = strdup( optarg ); - break; - - case 'b': /* src bind dn */ - srcldapbinddn = strdup( optarg ); - break; - - case 'p': /* src bind password */ - srcldappasswd = strdup( optarg ); - while ( *optarg ) - *optarg++ = 'x'; - break; - - case 'B': /* dest bind dn */ - destldapbinddn = strdup( optarg ); - break; - - case 'P': /* dest bind password */ - destldappasswd = strdup( optarg ); - while ( *optarg ) - *optarg++ = 'x'; - break; - - case 'm': /* src bind method */ - if ( strcasecmp( optarg, "simple" ) == 0 ) { - srcldapauthmethod = LDAP_AUTH_SIMPLE; - } else if ( strcasecmp( optarg, "kerberos" ) == 0 ) { - srcldapauthmethod = LDAP_AUTH_KRBV4; - } else { - fprintf( stderr, "%s: unknown auth method\n", optarg ); - fputs( "expecting \"simple\" or \"kerberos\"\n", stderr ); - exit( EXIT_FAILURE ); - } - break; - - case 'M': /* dest bind method */ - if ( strcasecmp( optarg, "simple" ) == 0 ) { - destldapauthmethod = LDAP_AUTH_SIMPLE; - } else if ( strcasecmp( optarg, "kerberos" ) == 0 ) { - destldapauthmethod = LDAP_AUTH_KRBV4; - } else { - fprintf( stderr, "%s: unknown auth method\n", optarg ); - fputs( "expecting \"simple\" or \"kerberos\"\n", stderr ); - exit( EXIT_FAILURE ); - } - break; - - case 'c': /* ldbm cache size */ - ldbmcachesize = atoi( optarg ); - break; - - case 'v': /* turn on verbose mode */ - verbose++; - break; - - case 'n': /* don't actually install index info */ - not++; - break; - - default: - usage( argv[0] ); - exit( EXIT_FAILURE ); - } - } - if ( optind == argc || ldapsrcurl == NULL || ldapdesturl == NULL ) { - usage( argv[0] ); - exit( EXIT_FAILURE ); - } - attrs = &argv[optind]; - - /* - * open the ldap connection and start searching for the entries - * we will use to generate the centroids. - */ - - if ( (ld = start_ldap_search( ldapsrcurl, ldapfilter, attrs )) == NULL ) { - fprintf( stderr, "could not initiate ldap search\n" ); - exit( EXIT_FAILURE ); - } - - if ( create_tmp_files( attrs, &tmpfile, &ldbm ) != 0 ) { - fprintf( stderr, "could not create temp files\n" ); - exit( EXIT_FAILURE ); - } - - /* - * go through the entries returned, building a centroid for each - * attribute as we go. - */ - - if ( (count = generate_new_centroids( ld, attrs, ldbm )) < 1 ) { - if ( count == 0 ) { - fprintf( stderr, "no entries matched\n" ); - exit( EXIT_SUCCESS ); - } else { - fprintf( stderr, "could not generate new centroid\n" ); - exit( EXIT_FAILURE ); - } - } - - /* - * for each centroid we generated above, compare to the existing - * centroid, if any, and produce adds and deletes, or produce - * an entirely new centroid. in either case, update the "current" - * centroid version with the new one we just generated. - */ - - if ( (ld = bind_to_destination_ldap( ldapsrcurl, ldapdesturl )) == NULL ) { - fprintf( stderr, - "could not bind to index server, or could not create index entry\n" ); - exit( EXIT_FAILURE ); - } - - for ( i = 0; ldbm[i] != NULL; i++ ) { - /* generate the name of the existing centroid, if any */ - s = strrchr( tmpfile[i], '/' ); - *s = '\0'; - sprintf( buf, "%s/cent.%s", tmpfile[i], attrs[i] ); - *s = '/'; - - /* generate the full centroid changes */ - if ( centroidtype == CENTROID_FULL || (oldbm = ldbm_open( buf, - LDBM_WRITER, 0, ldbmcachesize )) == NULL ) { - if ( (mods = full_centroid( attrs[i], ldbm[i], count )) == NULL ) { - fprintf( stderr, "could not produce full centroid for %s\n", - attrs[i] ); - continue; - } - - /* generate the differential centroid changes */ - } else { - if ( (mods = diff_centroids( attrs[i], oldbm, ldbm[i], count )) - == NULL ) { - fprintf( stderr, "could not diff centroids\n" ); - ldbm_close( oldbm ); - continue; - } - ldbm_close( oldbm ); - } - - if ( verbose > 1 ) { - printf("changes:\n"); - for ( j = 0; mods[j] != NULL; j++ ) { - switch( mods[j]->mod_op ) { - case LDAP_MOD_ADD: - printf( "\tadd: %s\n",mods[j]->mod_type ); - break; - case LDAP_MOD_DELETE: - printf( "\tdelete: %s\n",mods[j]->mod_type ); - break; - case LDAP_MOD_REPLACE: - printf( "\treplace: %s\n",mods[j]->mod_type ); - break; - } - if ( mods[j]->mod_values != NULL ) { - for ( k = 0; mods[j]->mod_values[k] != NULL; k++ ) { - printf( "\t\t%s\n", mods[j]->mod_values[k] ); - } - } - } - printf("end changes:\n"); - } - - if ( verbose ) { - printf( "%sModifying centroid...", not ? "Not " : "" ); - fflush( stdout ); - } - - /* attempt to make the changes to the index server entry */ - if ( !not && ldap_modify_s( ld, ldapbase, mods ) != LDAP_SUCCESS ) { - fprintf( stderr, "could not apply centroid modification for %s\n", - attrs[i] ); - ldap_perror( ld, ldapbase ); - } - ldap_mods_free( mods, 1 ); - - if ( verbose ) { - printf( "\n" ); - fflush( stdout ); - } - - /* move the new centroid into the old one's place */ - if ( ! not ) { - (void) unlink( buf ); - if ( link( tmpfile[i], buf ) != 0 ) { - perror( "link" ); - fprintf( stderr, "could not rename %s to %s\n", buf, - tmpfile[i] ); - continue; - } - } - (void) unlink( tmpfile[i] ); - } - - /* clean up */ - for ( i = 0; attrs[i] != NULL; i++ ) { - ldbm_close( ldbm[i] ); - free( tmpfile[i] ); - } - free( ldbm ); - free( tmpfile ); - - exit( EXIT_SUCCESS ); -} - -/* - * open an ldap connection, bind, and initiate the search - */ - -static LDAP * -start_ldap_search( - char *ldapsrcurl, - char *ldapfilter, - char **attrs -) -{ - LDAP *ld; - char *s, *s2; - int i; - - if ( strncmp( ldapsrcurl, "ldap://", 7 ) != 0 ) { - fputs( "Not an LDAP URL", stderr ); /* Should be smarter? */ - return( NULL ); - } - s = ldapsrcurl + 7; - if ( (s2 = strchr( s, '/' )) == NULL ) { - ldapbase = strdup( s ); - } else { - if ( *s != '/' ) { - *s2 = '\0'; - ldaphost = strdup( s ); - *s2 = '/'; - } - ldapbase = strdup( s2 + 1 ); - } - - if ( verbose ) { - printf( "Base: %s\n", ldapbase ); - printf( "Attributes:" ); - for ( i = 0; attrs[i] != NULL; i++ ) { - printf( " %s", attrs[i] ); - } - printf( "\n" ); - printf( "Binding to source LDAP server..." ); - fflush( stdout ); - } - - if ( (ld = ldap_init( ldaphost, 0 )) == NULL ) { - perror( "ldap_init" ); - return( NULL ); - } - - if ( ldap_bind_s( ld, srcldapbinddn, srcldappasswd, srcldapauthmethod ) - != LDAP_SUCCESS) { - ldap_perror( ld, "ldap_bind_s" ); - ldap_unbind( ld ); - return( NULL ); - } - - printf( "\nInitiating search..." ); - if ( ldap_search( ld, ldapbase, LDAP_SCOPE_SUBTREE, ldapfilter, attrs, 0 ) - == -1 ) { - ldap_perror( ld, "ldap_search" ); - ldap_unbind( ld ); - return( NULL ); - } - - if ( verbose ) { - printf( "\n" ); - } - - return( ld ); -} - -/* - * create the temporary ldbm files we will use to hold the new centroids - */ - -static int -create_tmp_files( - char **attrs, - char ***tmpfile, - LDBM **ldbm -) -{ - int i; - - for ( i = 0; attrs[i] != NULL; i++ ) - ; /* NULL */ - i++; - - if ( (*tmpfile = (char **) malloc( i * sizeof(char *) )) == NULL ) { - perror( "malloc" ); - return( -1 ); - } - if ( (*ldbm = (LDBM *) malloc( i * sizeof(LDBM) )) == NULL ) { - perror( "malloc" ); - return( -1 ); - } - for ( i = 0; attrs[i] != NULL; i++ ) { - if ( ((*tmpfile)[i] = tempnam( centdir, NULL )) == NULL ) { - perror( "tmpnam" ); - return( -1 ); - } - - if ( ((*ldbm)[i] = ldbm_open( (*tmpfile)[i], LDBM_WRCREAT, 0600, - ldbmcachesize )) == NULL ) { - fprintf( stderr, "ldbm_open of \"%s\" failed\n", (*tmpfile)[i] ); - perror( "ldbm_open" ); - return( -1 ); - } - } - (*tmpfile)[i] = NULL; - (*ldbm)[i] = NULL; - - return( 0 ); -} - -/* - * step through each entry returned from the search and generate - * the appropriate centroid values. - */ - -static int -generate_new_centroids( - LDAP *ld, - char **attrs, - LDBM *ldbm -) -{ - Datum key, data; - int rc, i, j, count; - LDAPMessage *res, *e; - char *dn, *s, *w; - char **val; - char last; - - ldbm_datum_init( data ); - - if ( verbose ) { - printf( "Generating new centroids for..." ); - fflush( stdout ); - } - - data.dptr = ""; - data.dsize = 1; - count = 0; - while ( (rc = ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res )) - == LDAP_RES_SEARCH_ENTRY ) { - count++; - e = ldap_first_entry( ld, res ); - dn = ldap_get_dn( ld, e ); - - /* for each attr we want to generate a centroid for */ - for ( i = 0; attrs[i] != NULL; i++ ) { - if ( (val = ldap_get_values( ld, e, attrs[i] )) == NULL ) { - continue; - } - - /* for each value */ - for ( j = 0; val[j] != NULL; j++ ) { - - ldbm_datum_init( key ); - - /* normalize the value */ - for ( s = val[j]; *s; s++ ) { - *s = TOLOWER( (unsigned char) *s ); - last = *s; - } - if ( isascii( last ) && isdigit( last ) ) { - continue; - } - - /* generate a value-based centroid */ - if ( centroidvalues == CENTROID_VALUE ) { - key.dptr = val[j]; - key.dsize = strlen( key.dptr ) + 1; - (void) ldbm_store( ldbm[i], key, data, LDBM_INSERT ); - - /* generate a word-based centroid */ - } else { - char *lasts; - for ( w = ldap_pvt_strtok( val[j], WORD_BREAKS, &lasts ); - w != NULL; - w = ldap_pvt_strtok( NULL, WORD_BREAKS, &lasts ) ) { - key.dptr = w; - key.dsize = strlen( key.dptr ) + 1; - (void) ldbm_store( ldbm[i], key, data, LDBM_INSERT ); - } - } - } - ldap_value_free( val ); - } - free( dn ); - ldap_msgfree( res ); - } - ldap_msgfree( res ); - ldap_unbind( ld ); - - if ( verbose ) { - printf( "%d entries\n", count ); - } - - return( count ); -} - -/* - * compare the old and new centroids, generating the appropriate add - * and delete operations. if the underlying database is ordered, we - * can do this more efficiently. - */ - -static LDAPMod ** -diff_centroids( - char *attr, - LDBM oldbm, - LDBM nldbm, - int nentries -) -{ -#ifdef LDBM_ORDERED - Datum okey, nkey; - Datum olast, nlast; -#endif - Datum lastkey, key; - Datum data; - LDAPMod **mods; - char **avals, **dvals; - int amax, acur, dmax, dcur; - char **vals; - - LDBMCursor *ocursorp; - LDBMCursor *ncursorp; - - if ( verbose ) { - printf( "Generating mods for differential %s centroid...", attr ); - fflush( stdout ); - } - - ldbm_datum_init( lastkey ); - ldbm_datum_init( key ); - ldbm_datum_init( data ); - - if ( (mods = (LDAPMod **) malloc( sizeof(LDAPMod *) * 4 )) == NULL || - (mods[0] = (LDAPMod *) malloc( sizeof(LDAPMod) )) == NULL || - (mods[1] = (LDAPMod *) malloc( sizeof(LDAPMod) )) == NULL || - (mods[2] = (LDAPMod *) malloc( sizeof(LDAPMod) )) == NULL || - (vals = (char **) malloc( 2 * sizeof(char *) )) == NULL || - (vals[0] = (char *) malloc( 20 )) == NULL ) - { - perror( "malloc" ); - exit( EXIT_FAILURE ); - } - /* add values in mods[0] */ - mods[0]->mod_op = LDAP_MOD_ADD; - mods[0]->mod_type = attr; - mods[0]->mod_values = NULL; - avals = NULL; - acur = amax = 0; - /* delete values in mods[1] */ - mods[1]->mod_op = LDAP_MOD_DELETE; - mods[1]->mod_type = attr; - mods[1]->mod_values = NULL; - dvals = NULL; - dcur = dmax = 0; - /* number of entries in mods[2] */ - sprintf( vals[0], "%d", nentries ); - vals[1] = NULL; - mods[2]->mod_op = LDAP_MOD_REPLACE; - mods[2]->mod_type = "nentries"; - mods[2]->mod_values = vals; - /* null terminate list of mods */ - mods[3] = NULL; - -#ifdef LDBM_ORDERED - /* - * if the underlying database is ordered, we can do a more efficient - * dual traversal, yielding O(N) performance. - */ - - ldbm_datum_init( okey ); - ldbm_datum_init( nkey ); - ldbm_datum_init( olast ); - ldbm_datum_init( nlast ); - - olast.dptr = NULL; - nlast.dptr = NULL; - - for ( okey = ldbm_firstkey( oldbm, &ocursorp ), - nkey = ldbm_firstkey( nldbm, &ncursorp ); - okey.dptr != NULL && nkey.dptr != NULL; ) - { - int rc = strcmp( okey.dptr, nkey.dptr ); - - if ( rc == 0 ) { - /* value is in both places - leave it */ - if ( olast.dptr != NULL ) { - ldbm_datum_free( oldbm, olast ); - } - olast = okey; - if ( nlast.dptr != NULL ) { - ldbm_datum_free( nldbm, nlast ); - } - nlast = nkey; - - okey = ldbm_nextkey( oldbm, olast, ocursorp ); - nkey = ldbm_nextkey( nldbm, nlast, ncursorp ); - - } else if ( rc > 0 ) { - /* new value is not in old centroid - add it */ - if ( charray_add_dup( &avals, &acur, &amax, nkey.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - - if ( nlast.dptr != NULL ) { - ldbm_datum_free( nldbm, nlast ); - } - nlast = nkey; - - nkey = ldbm_nextkey( nldbm, nlast, ncursorp ); - - } else { - /* old value is not in new centroid - delete it */ - if ( charray_add_dup( &dvals, &dcur, &dmax, okey.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - - if ( olast.dptr != NULL ) { - ldbm_datum_free( oldbm, olast ); - } - olast = okey; - - okey = ldbm_nextkey( oldbm, olast, ocursorp ); - } - } - - while ( okey.dptr != NULL ) { - if ( charray_add_dup( &dvals, &dcur, &dmax, okey.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - - okey = ldbm_nextkey( oldbm, olast, ocursorp ); - if ( olast.dptr != NULL ) { - ldbm_datum_free( oldbm, olast ); - } - olast = okey; - } - if ( olast.dptr != NULL ) { - ldbm_datum_free( oldbm, olast ); - } - while ( nkey.dptr != NULL ) { - if ( charray_add_dup( &avals, &acur, &amax, nkey.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - - nkey = ldbm_nextkey( nldbm, nlast, ncursorp ); - if ( nlast.dptr != NULL ) { - ldbm_datum_free( nldbm, nlast ); - } - nlast = nkey; - } - if ( nlast.dptr != NULL ) { - ldbm_datum_free( nldbm, nlast ); - } -#else - /* - * if the underlying database is not ordered, we have to - * generate list of values to add by stepping through all new - * values and looking them up in the old centroid (not there => add), - * then stepping through all old values and looking them up in the - * new centroid (not there => delete). this yields O(Nf(N)) performance, - * where f(N) is the order to retrieve a single item. - */ - - /* generate list of values to add */ - lastkey.dptr = NULL; - for ( key = ldbm_firstkey( nldbm, &ncursorp ); key.dptr != NULL; - key = ldbm_nextkey( nldbm, lastkey, ncursorp ) ) - { - /* see if it's in the old one */ - data = ldbm_fetch( oldbm, key ); - - /* not there - add it */ - if ( data.dptr == NULL ) { - if ( charray_add_dup( &avals, &acur, &amax, key.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - } else { - ldbm_datum_free( oldbm, data ); - } - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( nldbm, lastkey ); - } - lastkey = key; - } - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( nldbm, lastkey ); - } - - /* generate list of values to delete */ - lastkey.dptr = NULL; - for ( key = ldbm_firstkey( oldbm, &ocursorp ); key.dptr != NULL; - key = ldbm_nextkey( oldbm, lastkey, ocursorp ) ) - { - /* see if it's in the new one */ - data = ldbm_fetch( nldbm, key ); - - /* not there - delete it */ - if ( data.dptr == NULL ) { - if ( charray_add_dup( &dvals, &dcur, &dmax, key.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - } else { - ldbm_datum_free( nldbm, data ); - } - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( oldbm, lastkey ); - } - lastkey = key; - } - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( oldbm, lastkey ); - } -#endif - - mods[0]->mod_values = avals; - mods[1]->mod_values = dvals; - - if ( verbose ) { - printf( "\n" ); - fflush( stdout ); - } - - if ( mods[1]->mod_values == NULL ) { - free( (char *) mods[1] ); - mods[1] = NULL; - } - if ( mods[0]->mod_values == NULL ) { - free( (char *) mods[0] ); - mods[0] = mods[1]; - mods[1] = NULL; - } - if ( mods[0] == NULL ) { - free( (char *) mods ); - return( NULL ); - } else { - return( mods ); - } -} - -static LDAPMod ** -full_centroid( - char *attr, - LDBM ldbm, - int nentries -) -{ - Datum key, lastkey; - LDAPMod **mods; - char **vals; - int vcur, vmax; - - LDBMCursor *cursorp; - - if ( verbose ) { - printf( "Generating mods for full %s centroid...", attr ); - fflush( stdout ); - } - - ldbm_datum_init( key ); - ldbm_datum_init( lastkey ); - - if ( (mods = (LDAPMod **) malloc( sizeof(LDAPMod *) * 3 )) == NULL || - (mods[0] = (LDAPMod *) malloc( sizeof(LDAPMod) )) == NULL || - (mods[1] = (LDAPMod *) malloc( sizeof(LDAPMod) )) == NULL || - (vals = (char **) malloc( 2 * sizeof(char *) )) == NULL || - (vals[0] = (char *) malloc( 20 )) == NULL ) - { - perror( "malloc" ); - exit( EXIT_FAILURE ); - } - mods[0]->mod_op = LDAP_MOD_REPLACE; - mods[0]->mod_type = attr; - mods[0]->mod_values = NULL; - sprintf( vals[0], "%d", nentries ); - vals[1] = NULL; - mods[1]->mod_op = LDAP_MOD_REPLACE; - mods[1]->mod_type = "nentries"; - mods[1]->mod_values = vals; - mods[2] = NULL; - - lastkey.dptr = NULL; - vals = NULL; - vcur = vmax = 0; - - for ( key = ldbm_firstkey( ldbm, &cursorp ); key.dptr != NULL; - key = ldbm_nextkey( ldbm, lastkey, cursorp ) ) - { - if ( charray_add_dup( &vals, &vcur, &vmax, key.dptr ) == NULL ) { - ldap_mods_free( mods, 1 ); - return( NULL ); - } - - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( ldbm, lastkey ); - } - lastkey = key; - } - if ( lastkey.dptr != NULL ) { - ldbm_datum_free( ldbm, lastkey ); - } - mods[0]->mod_values = vals; - - if ( verbose ) { - printf( "\n" ); - fflush( stdout ); - } - - if ( mods[0]->mod_values == NULL ) { - free( (char *) mods[0] ); - free( (char *) mods ); - return( NULL ); - } else { - return( mods ); - } -} - -/* - * extract the destination ldap host, port, and base object for the - * server to receive the index information. then, open a connection, - * bind, and see if the entry exists. if not, create it and set things - * up so the centroid full and diff routines can modify it to contain - * the new centroid information. - */ - -static LDAP * -bind_to_destination_ldap( - char *ldapsrcurl, - char *ldapdesturl -) -{ - LDAP *ld; - LDAPMessage *res; - int rc; - char *s, *s2, *d; - char *attrs[2], *refvalues[2], *ocvalues[2]; - LDAPMod *mp[3]; - LDAPMod m[2]; - char buf[BUFSIZ]; - - if ( verbose ) { - printf( "Binding to destination LDAP server..." ); - fflush( stdout ); - } - - /* first, pick out the destination ldap server info */ - if ( ldapbase != NULL ) { - free( ldapbase ); - ldapbase = NULL; - } - if ( strncmp( ldapdesturl, "ldap://", 7 ) != 0 ) { - fputs( "Not an LDAP URL", stderr ); /* Should be smarter? */ - return( NULL ); - } - s = ldapdesturl + 7; - if ( (s2 = strchr( s, '/' )) == NULL ) { - ldapbase = strdup( s ); - } else { - if ( *s != '/' ) { - *s2 = '\0'; - if ( ldaphost != NULL ) - free( ldaphost ); - ldaphost = strdup( s ); - *s2 = '/'; - } - ldapbase = strdup( s2 + 1 ); - } - strcpy( buf, "ref=" ); - if ( strpbrk( ldapsrcurl, " ,;" ) != NULL ) { - strcat( buf, "\"" ); - } - for ( s = d = ldapsrcurl; *s; s++ ) { - if ( *s != '"' ) { - *d++ = *s; - } - } - *d = '\0'; - strcat( buf, ldapsrcurl ); - if ( strpbrk( ldapsrcurl, " ,;" ) != NULL ) { - strcat( buf, "\"" ); - } - strcat( buf, ", " ); - strcat( buf, ldapbase ); - free( ldapbase ); - ldapbase = strdup( buf ); - - if ( (ld = ldap_init( ldaphost, 0 )) == NULL ) { - perror( "ldap_init" ); - return( NULL ); - } - - if ( ldap_bind_s( ld, destldapbinddn, destldappasswd, destldapauthmethod ) - != LDAP_SUCCESS) { - ldap_perror( ld, "ldap_bind_s" ); - ldap_unbind( ld ); - return( NULL ); - } - if ( verbose ) { - printf( "\n" ); - } - - attrs[0] = "c"; - attrs[1] = NULL; - rc = ldap_search_s( ld, ldapbase, LDAP_SCOPE_BASE, "(objectclass=*)", - attrs, 0, &res ); - ldap_msgfree( res ); - - if ( rc == LDAP_NO_SUCH_OBJECT ) { - if ( verbose ) { - printf( "%sCreating centroid entry...", not ? "Not " : "" ); - fflush( stdout ); - } - - /* create the centroid index entry */ - m[0].mod_op = 0; - m[0].mod_type = "ref"; - refvalues[0] = ldapsrcurl; - refvalues[1] = NULL; - m[0].mod_values = refvalues; - m[1].mod_op = 0; - m[1].mod_type = "objectclass"; - ocvalues[0] = "indexentry"; - ocvalues[1] = NULL; - m[1].mod_values = ocvalues; - mp[0] = &m[0]; - mp[1] = &m[1]; - mp[2] = NULL; - - if ( !not && ldap_add_s( ld, ldapbase, mp ) != LDAP_SUCCESS ) { - ldap_perror( ld, ldapbase ); - ldap_unbind( ld ); - return( NULL ); - } - - if ( verbose ) { - printf( "\n" ); - fflush( stdout ); - } - } else if ( rc != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_search_s" ); - ldap_unbind( ld ); - return( NULL ); - } - - return( ld ); -} - -static char ** -charray_add_dup( - char ***a, - int *cur, - int *max, - char *s -) -{ - if ( *a == NULL ) { - *a = (char **) malloc( (BUFSIZ + 1) * sizeof(char *) ); - *cur = 0; - *max = BUFSIZ; - } else if ( *cur >= *max ) { - *max += BUFSIZ; - *a = (char **) realloc( *a, (*max + 1) * sizeof(char *) ); - } - if ( *a == NULL ) { - return( NULL ); - } - - (*a)[(*cur)++] = strdup( s ); - (*a)[*cur] = NULL; - return( *a ); -} diff --git a/servers/slapd/tools/chlog2replog.c b/servers/slapd/tools/chlog2replog.c deleted file mode 100644 index 2d77aa67d5..0000000000 --- a/servers/slapd/tools/chlog2replog.c +++ /dev/null @@ -1,702 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright (c) 1990, 1995 Regents of the University of Michigan. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to the University of Michigan at Ann Arbor. The name of the University - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -/* - * chlog2replog - read a quipu-style changelog on stdin and write a - * slapd-style replog on stdout, or write to a file, respecting - * slapd/slurpd locking conventions. - */ - -#include "portable.h" - -#include -#include - -#include -#include -#include - -#include -#include - -#include "ldif.h" - -static int dn2ldif(PS ps, DN dn); -static void de_t61(char *s, int t61mark); - -extern FILE *lock_fopen( char *, char *, FILE ** ); -extern int lock_fclose( FILE *, FILE * ); -extern void *ch_realloc( void *, unsigned long ); - -short ldap_dn_syntax; -PS rps; -char *progname; -int ldap_syslog = 0; -int ldap_syslog_level = 0; - - -#define ST_START 0 -#define ST_DN 2 -#define ST_TYPE 3 -#define ST_ARGS 4 -#define ST_NL1 5 -#define ST_PUNT 6 -#define ST_BAD 7 -#define ST_CONCAT 8 - -#define TY_MODIFYTYPE 1 -#define TY_ADD 2 -#define TY_REMOVE 3 -#define TY_NEWRDN 4 -#define TY_PUNT 5 -#define TY_MODIFYARGS 6 - -#define MOD_ADDVALUES 1 -#define MOD_ADDATTRIBUTE 2 -#define MOD_REMOVEATTRIBUTE 3 -#define MOD_REMOVEVALUES 4 - - -char * -dn2ldap( char *edbdn ) -{ - DN dn; - PS str_ps; - char *ldapdn; - int len; - static int inited = 0; - - if ( !inited ) { - /* load & initialize quipu syntax handlers */ - quipu_syntaxes(); - -#ifdef LDAP_USE_PP - pp_quipu_init( progname ); -#endif - - dsap_init( NULL, NULL ); - - if (( ldap_dn_syntax = str2syntax( "DN" )) == 0 ) { - return( NULL ); - } - inited = 1; - } - - if (( dn = str2dn( edbdn )) == NULLDN ) { - return( NULL ); - } - - if (( str_ps = ps_alloc( str_open )) == NULLPS || - str_setup( str_ps, NULLCP, 0, 0 ) == NOTOK ) { - dn_free( dn ); - return( NULL ); - } - - if ( dn2ldif( str_ps, dn ) != 0 ) { - ps_free( str_ps ); - dn_free( dn ); - return( NULL ); - } - - dn_free( dn ); - len = ( str_ps->ps_ptr - str_ps->ps_base ); - - if (( ldapdn = malloc( len + 1 )) == NULL ) { - ps_free( str_ps ); - return( NULL ); - } - - memcpy( ldapdn, str_ps->ps_base, len ); - ldapdn[ len ] = '\0'; - ps_free( str_ps ); - return( ldapdn ); -} - - -#define SEPARATOR(c) ((c) == ',' || (c) == ';') -#define SPACE(c) ((c) == ' ' || (c) == '\n') - -static int -dn2ldif( PS ps, DN dn ) -{ - RDN rdn; - int firstrdn, rc; - char *value; - PS rps; - - if ( dn == NULLDN ) { - return( 0 ); - } - - if ( dn->dn_parent != NULLDN ) { - if (( rc = dn2ldif( ps, dn->dn_parent )) != 0 ) { - return( rc ); - } - ps_print( ps, ", " ); - } - - if ( (rps = ps_alloc( str_open )) == NULLPS || - str_setup( rps, NULLCP, 0, 0 ) == NOTOK ) { - return( -1 ); - } - - firstrdn = 1; - for ( rdn = dn->dn_rdn; rdn != NULLRDN; rdn = rdn->rdn_next ) { - if ( firstrdn ) { - firstrdn = 0; - } else { - ps_print( ps, " + " ); - } - - AttrT_print( ps, rdn->rdn_at, EDBOUT ); - ps_print( ps, "=" ); - - if ( rdn->rdn_at->oa_syntax == ldap_dn_syntax ) { - if (( rc = dn2ldif( rps, (DN) rdn->rdn_av.av_struct )) != 0 ) { - return( rc ); - } - *rps->ps_ptr = '\0'; - value = rps->ps_base; - } else { - AttrV_print( rps, &rdn->rdn_av, EDBOUT ); - *rps->ps_ptr = '\0'; - value = rps->ps_base; - de_t61( value, 0 ); - } - - /* - * ,+="\\\n all go in quotes. " and \\ need to - * be preceeded by \\. - */ - - if ( strpbrk( value, ",+=\"\\\n" ) != NULL || SPACE( value[0] ) - || SPACE( value[max( strlen(value) - 1, 0 )] ) ) { - char *p, *t, *tmp; - int specialcount; - - ps_print( ps, "\"" ); - - specialcount = 0; - for ( p = value; *p != '\0'; p++ ) { - if ( *p == '"' || *p == '\\' ) { - specialcount++; - } - } - if ( specialcount > 0 ) { - tmp = smalloc( strlen( value ) + specialcount + 1 ); - for ( p = value, t = tmp; *p != '\0'; p++ ) { - switch ( *p ) { - case '"': - case '\\': - *t++ = '\\'; - /* FALL THROUGH */ - default: - *t++ = *p; - } - } - *t = '\0'; - ps_print( ps, tmp ); - free( tmp ); - } else { - ps_print( ps, value ); - } - - ps_print( ps, "\"" ); - } else { - ps_print( ps, value ); - } - - rps->ps_ptr = rps->ps_base; - } - - ps_free( rps ); - - return( 0 ); -} - -#define T61 "{T.61}" -#define T61LEN 6 - - - -static void -de_t61(char *s, int t61mark) -{ - char *next = s; - unsigned char c; - unsigned int hex; - - while ( *s ) { - switch ( *s ) { - case '{' : - if ( strncasecmp( s, T61, T61LEN) == 0 ) { - s += T61LEN; - if ( t61mark ) - *next++ = '@'; - } else { - *next++ = *s++; - } - break; - - case '\\': - c = *(s + 1); - if ( c == '\n' ) { - s += 2; - if ( *s == '\t' ) - s++; - break; - } - if ( isdigit( c ) ) - hex = c - '0'; - else if ( c >= 'A' && c <= 'F' ) - hex = c - 'A' + 10; - else if ( c >= 'a' && c <= 'f' ) - hex = c - 'a' + 10; - else { - *next++ = *s++; - break; - } - hex <<= 4; - c = *(s + 2); - if ( isdigit( c ) ) - hex += c - '0'; - else if ( c >= 'A' && c <= 'F' ) - hex += c - 'A' + 10; - else if ( c >= 'a' && c <= 'f' ) - hex += c - 'a' + 10; - else { - *next++ = *s++; - *next++ = *s++; - break; - } - - *next++ = hex; - s += 3; - break; - - default: - *next++ = *s++; - break; - } - } - *next = '\0'; -} - - - - -char * -getattr(char *buf, char sep) -{ - char *val; -#define RBSIZE 255 - static char retbuf[ RBSIZE ]; - - if (( val = strchr( buf, sep )) != NULL ) { - strncpy( retbuf, buf, val - buf ); - retbuf[ val - buf ] = '\0'; - } else { - retbuf[ 0 ] = '\0'; - } - return( retbuf ); -} - - -char * -getattr_ldif(char *buf) -{ - return( getattr( buf, ':' )); -} - - -char * -getattr_edb(char *buf) -{ - return( getattr( buf, '=' )); -} - -char * -getval(char *buf, char sep) -{ - char *val; - - if (( val = strchr( buf, sep )) != NULL ) { - return( strdup( ++val )); - } else { - return( NULL ); - } -} - -char * -getval_ldif(char *buf) -{ - return( getval( buf, ':' )); -} - - -char * -getval_edb(char *buf) -{ - return( getval( buf, '=' )); -} - - - - -int -isDNsyntax(char *attr) -{ - oid_table_attr *p, *name2attr(char *); - - p = name2attr( attr ); - if ( p == ( oid_table_attr * ) 0 ) { - return( -1 ); - } - if ( p->oa_syntax == ldap_dn_syntax ) { - return( 1 ); - } else { - return( 0 ); - } -} - - - -void -print_as(Attr_Sequence as, int modtype, FILE *ofp) -{ - Attr_Sequence p; - AV_Sequence av; - char *attrname, *tmpdn, *obuf; - - p = as; - for ( p = as; p != NULLATTR; p = p->attr_link) { - rps->ps_ptr = rps->ps_base; - AttrT_print( rps, p->attr_type, EDBOUT ); - *rps->ps_ptr = '\0'; - attrname = strdup( rps->ps_base ); - if ( modtype != 0 ) { - switch ( modtype ) { - case MOD_ADDVALUES: - case MOD_ADDATTRIBUTE: - fprintf( ofp, "add: %s\n", attrname ); - break; - case MOD_REMOVEATTRIBUTE: - case MOD_REMOVEVALUES: - fprintf( ofp, "delete: %s\n", attrname ); - break; - default: - break; - } - } - for ( av = p->attr_value; av != NULLAV; av = av->avseq_next ) { - rps->ps_ptr = rps->ps_base; - AttrV_print( rps, &av->avseq_av, EDBOUT ); - *rps->ps_ptr = '\0'; - de_t61( rps->ps_base, 0 ); - if ( isDNsyntax( attrname )) { - tmpdn = dn2ldap( rps->ps_base ); - obuf = ldif_type_and_value( attrname, tmpdn, - strlen( tmpdn )); - free( tmpdn ); - } else { - obuf = ldif_type_and_value( attrname, rps->ps_base, - strlen( rps->ps_base )); - } - if ( obuf != NULL ) { - fputs( obuf, ofp ); - ber_memfree( obuf ); - } - } - if ( modtype != 0 ) { - fprintf( ofp, "-\n" ); - } - free( attrname ); - } -} - - - -void -usage( char *name ) -{ - fprintf( stderr, "usage: %s -d dn-suffix -r replica:port ", name ); - fprintf( stderr, "[-r replica:port...] [-o outputfile]\n" ); -} - - - -main( int argc, char **argv ) -{ - char *ldapdn, nbuf[ 4096 ], *buf, *p; - int state, prevstate, modstate, modtype, i; - int buflen, nbuflen; - Attr_Sequence as; - PS std_ps; - int arg; - char *ofile = NULL; - FILE *ofp, *lfp; - - extern char *optarg; - char **replicas = NULL; - int nreplicas = 0; - char *dn_suffix = NULL; - - if (( progname = strrchr( argv[ 0 ], '/' )) == NULL ) { - progname = argv[ 0 ]; - } else { - ++progname; - } - - while (( arg = getopt( argc, argv, "o:r:d:" )) != EOF ) { - switch( arg ) { - case 'o': - ofile = optarg; - break; - case 'r': - replicas = (char **) ch_realloc( (char *) replicas, (unsigned long) - ( nreplicas + 2 ) * sizeof( char * )); - replicas[ nreplicas ] = optarg; - replicas[ nreplicas + 1 ] = NULL; - nreplicas++; - break; - case 'd': - dn_suffix = optarg; - break; - default: - usage( progname ); - exit( EXIT_FAILURE ); - } - } - - if (( dn_suffix == NULL ) || ( nreplicas == 0 )) { - usage( progname ); - exit( EXIT_FAILURE ); - } - - if ( ofile == NULL ) { - /* Just write to stdout */ - ofp = stdout; - } - - - state = prevstate = ST_START; - buf = NULL; - as = NULL; - if (( std_ps = ps_alloc( std_open )) == NULLPS || - std_setup( std_ps, ofp ) != OK ) { - fprintf( stderr, "std_ps setup failed - help!\n" ); - exit( EXIT_FAILURE ); - } - if (( rps = ps_alloc( str_open )) == NULLPS || - str_setup( rps, NULLCP, 0, 0 ) != OK ) { - fprintf( stderr, "rps setup failed - help!\n" ); - exit( EXIT_FAILURE ); - } - - - while ( gets( nbuf ) != NULL ) { - if ( nbuf[ 0 ] == '\0' ) { - if ( state == ST_NL1 ) { - if ( prevstate == ST_ARGS ) { - /* We've got an attribute sequence to print */ - if ( modtype == TY_ADD ) { - print_as( as, 0, ofp ); - } else { - print_as( as, modstate, ofp ); - } - /* as_print( std_ps, as, EDBOUT ); */ - as_free( as ); - as = NULL; - } - state = ST_START; - fprintf( ofp, "\n" ); - fflush( ofp ); - /* If writing to a file, release the lock */ - if ( ofile != NULL ) { - lock_fclose( ofp, lfp ); - } - } else { - prevstate = state; - state = ST_NL1; - } - continue; - } - - /* See if we've got a line continuation to deal with */ - nbuflen = strlen( nbuf ); - if ( state == ST_CONCAT ) { - for ( p = nbuf; isspace( (unsigned char) *p ); p++, nbuflen-- ) - ; /* skip space */ - buf = realloc( buf, buflen + nbuflen + 1 ); - strcat( buf, p ); - buflen += ( nbuflen ); - } else { - if ( buf != NULL ) { - free( buf ); - } - buf = strdup( nbuf ); - buflen = nbuflen; - } - if ( buf[ buflen - 1 ] == '\\' ) { - if ( state != ST_CONCAT ) { - prevstate = state; - } - state = ST_CONCAT; - buf[ buflen - 1 ] = '\0'; - buflen--; - continue; - } else if ( state == ST_CONCAT ) { - state = prevstate; - } - - if ( state == ST_PUNT ) { - continue; - } - - if ( state == ST_START ) { - /* - * Acquire the file lock if writing to a file. - */ - if ( ofile != NULL ) { - if (( ofp = lock_fopen( ofile, "a", &lfp )) == NULL ) { - perror( "open" ); - exit( EXIT_FAILURE ); - } - } - /* - * If we have a changelog entry, then go ahead - * and write the replica: lines for the replog entry. - */ - for ( i = 0; replicas[ i ] != NULL; i++ ) { - fprintf( ofp, "replica: %s\n", replicas[ i ] ); - } - fprintf( ofp, "time: %ld\n", time( NULL )); - state = ST_DN; - continue; - } - - if ( state == ST_DN ) { - /* Second line - dn (quipu-style) of entry to be modified */ - if (( ldapdn = dn2ldap( buf )) == NULL ) { - fprintf( ofp, "dn: (conversion failed)\n" ); - } else { - fprintf( ofp, "dn: %s%s\n", ldapdn, dn_suffix ); - free( ldapdn ); - } - state = ST_TYPE; - continue; - } - - if ( state == ST_TYPE ) { - state = ST_ARGS; - modstate = 0; - if ( !strcmp( buf, "modify" )) { - modtype = TY_MODIFYTYPE; - fprintf( ofp, "changetype: modify\n" ); - } else if ( !strcmp( buf, "add" )) { - modtype = TY_ADD; - fprintf( ofp, "changetype: add\n" ); - as = NULL; - } else if ( !strcmp( buf, "remove" )) { - modtype = TY_REMOVE; - fprintf( ofp, "changetype: delete\n" ); - } else if ( !strcmp( buf, "newrdn" )) { - modtype = TY_NEWRDN; - fprintf( ofp, "changetype: modrdn\n" ); - } else { - modtype = TY_PUNT; - state = ST_BAD; - } - continue; - } - - if ( state == ST_ARGS ) { - switch ( modtype ) { - case TY_NEWRDN: - fprintf( ofp, "newrdn: %s\n", buf ); - break; - case TY_REMOVE: /* No additional args */ - break; - case TY_ADD: - as = as_combine( as, buf, 0 ); - break; - case TY_MODIFYTYPE: - case TY_MODIFYARGS: - if ( buf[ 0 ] == '\0' ) { - state == ST_NL1; - if ( as != NULL ) { - print_as( as, modstate, ofp); - as_free( as ); - as = NULL; - } - continue; - } - if (!strcmp( buf, "addvalues" )) { - if ( as != NULL ) { - print_as( as, modstate, ofp ); - as_free( as ); - as = NULL; - } - modstate = MOD_ADDVALUES; - continue; - } else if (!strcmp( buf, "removevalues" )) { - if ( as != NULL ) { - print_as( as, modstate, ofp ); - as_free( as ); - as = NULL; - } - modstate = MOD_REMOVEVALUES; - continue; - } else if (!strcmp( buf, "addattribute" )) { - if ( as != NULL ) { - print_as( as, modstate, ofp ); - as_free( as ); - as = NULL; - } - modstate = MOD_ADDATTRIBUTE; - continue; - } else if (!strcmp( buf, "removeattribute" )) { - if ( as != NULL ) { - print_as( as, modstate, ofp ); - as_free( as ); - as = NULL; - } - modstate = MOD_REMOVEATTRIBUTE; - continue; - } - switch ( modstate ) { - case MOD_ADDVALUES: - as = as_combine( as, buf, 0 ); - break; - case MOD_REMOVEVALUES: - as = as_combine( as, buf, 0 ); - break; - case MOD_ADDATTRIBUTE: - as = as_combine( as, buf, 0 ); - break; - case MOD_REMOVEATTRIBUTE: - fprintf( ofp, "delete: %s\n-\n", buf); - break; - } - } - continue; - } - } - - if ( ofile != NULL ) { - lock_fclose( ofp, lfp ); - sprintf( nbuf, "%s.lock", ofile ); - (void) unlink( nbuf ); - } - exit( EXIT_SUCCESS ); -} diff --git a/servers/slapd/tools/edb2ldif.c b/servers/slapd/tools/edb2ldif.c deleted file mode 100644 index 0ef3fb8edc..0000000000 --- a/servers/slapd/tools/edb2ldif.c +++ /dev/null @@ -1,906 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright (c) 1995 Regents of the University of Michigan. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to the University of Michigan at Ann Arbor. The name of the University - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -#include "portable.h" - -#include - -#include - -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include - -#if ICRELEASE > 1 -#define HAVE_FILE_ATTR_DIR -#endif - -#ifdef TURBO_DISK -#define HAVE_PARSE_ENTRY -#endif - -#define DEF_EDBFILENAME "EDB" -#define EDB_ROOT_FILENAME "EDB.root" -#define DEF_BASEDN "" -#define EDBMAP_FILENAME "EDB.map" -#define ADDVALS_FILENAME ".add" - -#define MAX_LINE_SIZE 2048 - -#define VERBOSE_ENTRY_REPORT_THRESHOLD 250 - - -/* data structures */ -struct edbmap { - char *edbm_filename; - char *edbm_rdn; - struct edbmap *edbm_next; -}; - -/* prototypes */ -static int edb2ldif( FILE *outfp, char *edbfile, char *basedn, int recurse ); -static int convert_entry( FILE *fp, char *edbname, FILE *outfp, - char *basedn, char *loc_addvals, int loc_addlen, char *linebuf ); -static int add_rdn_values (Attr_Sequence entryas, RDN rdn); -static int read_edbmap( char *mapfile, struct edbmap **edbmapp ); -static char *file2rdn( struct edbmap *edbmap, char *filename ); -static void free_edbmap( struct edbmap *edbmap ); -static char *read_file( char *filename, int *lenp ); -static void print_err( char *msg ); - - -/* globals */ -#ifdef LDAP_DEBUG -static int debugflg; -#endif -static int verboseflg; -static int override_add = 0; -static int entrycount; -static char **ignore_attr = NULL; -static char *always_addvals = NULL; -static int always_addlen; -static char *last_dn; -static char *edb_home = "."; -char *progname; -int ldap_syslog = 0; -int ldap_syslog_level = 0; - - -int -main( int argc, char **argv ) -{ - char *usage = "usage: %s [-d] [-o] [-r] [-v] [-b basedn] [-a addvalsfile] [-f fileattrdir] [-i ignoreattr...] [edbfile...]\n"; - char edbfile[ MAXNAMLEN ], *basedn; - int c, rc, errflg, ignore_count, recurse; - extern char dsa_mode; -#ifdef HAVE_FILE_ATTR_DIR - extern char *file_attr_directory; -#endif - - if (( progname = strrchr( argv[ 0 ], '/' )) == NULL ) { - progname = argv[ 0 ]; - } else { - ++progname; - } - - errflg = recurse = 0; -#ifdef LDAP_DEBUG - debugflg = 0; -#endif - ignore_count = 0; - always_addvals = NULL; - basedn = NULL; - - while (( c = getopt( argc, argv, "dorva:b:f:h:i:" )) != EOF ) { - switch( c ) { - case 'd': -#ifdef LDAP_DEBUG - ++debugflg; -#else - fprintf( stderr, "Ignoring -d: compile with -DLDAP_DEBUG to enable this option.\n" ); -#endif - break; - - case 'o': - ++override_add; - break; - - case 'r': - ++recurse; - break; - - case 'v': - ++verboseflg; - break; - - case 'a': - if ( always_addvals != NULL ) { - ++errflg; - } else if (( always_addvals = read_file( optarg, &always_addlen )) - == NULL ) { - print_err( optarg ); - exit( EXIT_FAILURE ); - } - break; - - case 'b': - if ( basedn != NULL ) { - ++errflg; - } else { - basedn = optarg; - } - break; - - case 'f': -#ifdef HAVE_FILE_ATTR_DIR - /* add trailing slash to directory name if missing */ - if ( *( optarg + strlen( optarg ) - 1 ) == '/' ) { - file_attr_directory = strdup( optarg ); - } else if (( file_attr_directory = (char *)malloc( strlen( optarg ) - + 2 )) != NULL ) { - sprintf( file_attr_directory, "%s/", optarg ); - - } - if ( file_attr_directory == NULL ) { - print_err( "malloc" ); - exit( EXIT_FAILURE ); - } -#else /* HAVE_FILE_ATTR_DIR */ - fprintf( stderr, "Ignoring -f: this option requires a newer version of ISODE.\n" ); -#endif /* HAVE_FILE_ATTR_DIR */ - break; - - case 'h': - edb_home = optarg; - break; - - case 'i': - if ( ignore_count == 0 ) { - ignore_attr = (char **)malloc( 2 * sizeof( char * )); - } else { - ignore_attr = (char **)realloc( ignore_attr, - ( ignore_count + 2 ) * sizeof( char * )); - } - if ( ignore_attr == NULL ) { - print_err( "malloc/realloc" ); - exit( EXIT_FAILURE ); - } - ignore_attr[ ignore_count ] = optarg; - ignore_attr[ ++ignore_count ] = NULL; - break; - - default: - ++errflg; - } - } - - if ( errflg ) { - fprintf( stderr, usage, progname ); - exit( EXIT_FAILURE ); - } - - if ( basedn == NULL ) { - basedn = DEF_BASEDN; - } - - /* load & initialize quipu syntax handlers */ - quipu_syntaxes(); -#ifdef LDAP_USE_PP - pp_quipu_init( progname ); -#endif - dsap_init( NULL, NULL ); - - dsa_mode = 1; /* so {CRYPT} is accepted by EDB parse routines */ - - if ( init_syntaxes() < 0 ) { - fprintf( stderr, "%s: init_syntaxes failed -- check your oid tables \n", - progname ); - exit( EXIT_FAILURE ); - } - - - entrycount = 0; - - /* process EDB file(s) */ - if ( optind >= argc ) { - *edbfile = '\0'; - rc = edb2ldif( stdout, edbfile, basedn, recurse ); - } else { - for ( rc = 0; rc >= 0 && optind < argc; ++optind ) { - if ( argv[ optind ][ 0 ] == '/' ) { - strcpy( edbfile, argv[ optind ] ); - } else { - sprintf( edbfile, "%s/%s", edb_home, argv[ optind ] ); - } - rc = edb2ldif( stdout, edbfile, basedn, recurse ); - } - } - - if ( last_dn != NULL ) { - free( last_dn ); - } - -#ifdef LDAP_DEBUG - fprintf( stderr, "edb2ldif: exit( %d )\n", ( rc < 0 ) ? 1 : 0 ); -#endif - - exit( ( rc < 0 ) ? EXIT_FAILURE : EXIT_SUCCESS ); -} - - -static int -edb2ldif( FILE *outfp, char *edbfile, char *basedn, int recurse ) -{ - FILE *fp; - char *addvals, *p, *rdn, line[ MAX_LINE_SIZE + 1 ]; - char dirname[ MAXNAMLEN ], filename[ MAXNAMLEN ]; - int err, startcount, addvals_len; - struct stat st; - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif( 0x%X, \"%s\", \"%s\", %d)\n", - outfp, edbfile, basedn, recurse ); - } -#endif - - if ( *edbfile == '\0' ) { - sprintf( filename, "%s/%s", edb_home, EDB_ROOT_FILENAME ); - if ( stat( filename, &st ) == 0 ) { - if (( err = edb2ldif( outfp, filename, basedn, 0 )) < 0 ) { -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 0 return( %d )\n", err ); - } -#endif - return( err ); - } - if (( basedn = strdup( last_dn )) == NULL ) { - print_err( "strdup" ); -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 1 return( -1 )\n" ); - } -#endif - return( -1 ); - } - } - sprintf( edbfile, "%s/%s", edb_home, DEF_EDBFILENAME ); - } - - if ( verboseflg ) { - fprintf( stderr, "%s: converting EDB file: \"%s\"\n\tbasedn: \"%s\"\n", - progname, edbfile, basedn ); - } - - startcount = entrycount; - err = 0; - - - /* construct name of directory we are working in */ - if (( p = strrchr( edbfile, '/' )) == NULL ) { - dirname[ 0 ] = '.'; - dirname[ 1 ] = '\0'; - } else { - strncpy( dirname, edbfile, p - edbfile ); - dirname[ p - edbfile ] = '\0'; - } - - /* load local ".add" file (if any) */ - sprintf( filename, "%s/%s", dirname, ADDVALS_FILENAME ); - addvals_len = 0; - addvals = read_file( filename, &addvals_len ); - - /* read and convert this EDB file */ - if (( fp = fopen( edbfile, "r" )) == NULL ) { - print_err( edbfile ); - if ( addvals != NULL ) { - free( addvals ); - } -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 2 return( -1 )\n" ); - } -#endif - return( -1 ); - } - - /* skip first two lines (type and timestamp) if they are present */ - if ( fgets( line, MAX_LINE_SIZE, fp ) == NULL ) { - err = -1; - } else { - line[ strlen( line ) - 1 ] = '\0'; - if ( strcmp( line, "MASTER" ) == 0 || strcmp( line, "SLAVE" ) == 0 || - strcmp( line, "CACHE" ) == 0 ) { - if ( fgets( line, MAX_LINE_SIZE, fp ) == NULL ) { - err = -1; - } - } else { - rewind( fp ); - } - } - - if ( err != 0 ) { - fprintf( stderr, "%s: skipping empty EDB file %s\n", progname, - edbfile ); - err = 0; /* treat as a non-fatal error */ - } else { - while ( !feof( fp ) && ( err = convert_entry( fp, edbfile, outfp, - basedn, addvals, addvals_len, line )) > 0 ) { - if ( verboseflg && (( entrycount - startcount ) % - VERBOSE_ENTRY_REPORT_THRESHOLD ) == 0 ) { - fprintf( stderr, "\tworking... %d entries done...\n", - entrycount - startcount ); - } - } - } - - fclose( fp ); - if ( addvals != NULL ) { - free( addvals ); - } - - if ( err < 0 ) { -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 3 return( %d )\n", err ); - } -#endif - return( err ); - } - - if ( verboseflg ) { - fprintf( stderr, "\t%d entries converted\n\n", - entrycount - startcount ); - } - - /* optionally convert EDB file within sub-directories */ - if ( recurse ) { - char *newbase; - DIR *dp; - struct dirent *dep; - struct edbmap *edbmap; - - /* open this directory */ - if (( dp = opendir( dirname )) == NULL ) { - print_err( dirname ); -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 4 return( -1 )\n" ); - } -#endif - return( -1 ); - } - - /* check for EDB.map file and record contents for future reference */ - sprintf( filename, "%s/%s", dirname, EDBMAP_FILENAME ); - if ( read_edbmap( filename, &edbmap ) < 0 ) { - print_err( "read_edbmap" ); - closedir( dp ); -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 5 return( -1 )\n" ); - } -#endif - return( -1 ); - } - - p = dirname + strlen( dirname ); - *p++ = '/'; - *p = '\0'; - - /* scan looking for sub-directories w/EDB files in them */ - err = 0; - while ( err >= 0 && ( dep = readdir( dp )) != NULL ) { - if ( dep->d_name[ 0 ] == '.' && ( dep->d_name[ 1 ] == '\0' || - ( dep->d_name[ 1 ] == '.' && dep->d_name[ 2 ] == '\0' ))) { - continue; /* skip "." and ".." */ - } - - strcpy( p, dep->d_name ); -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: checking directory \"%s\"\n", - dirname ); - } -#endif - - if ( stat( dirname, &st ) != 0 ) { - print_err( dirname ); - } else if ( S_ISDIR( st.st_mode )) { - sprintf( filename, "%s/%s", dirname, DEF_EDBFILENAME ); - - if ( stat( filename, &st ) == 0 && S_ISREG( st.st_mode )) { - if (( newbase = malloc( strlen( basedn ) + - strlen( dep->d_name ) + 3 )) == NULL ) { - print_err( "malloc" ); - err = -1; - continue; - } - - sprintf( newbase, "%s@%s", basedn, - file2rdn( edbmap, dep->d_name )); - - /* recurse */ - err = edb2ldif( outfp, filename, newbase, recurse ); - - free( newbase ); - } - } - } - - free_edbmap( edbmap ); - closedir( dp ); - - if ( verboseflg ) { - fprintf( stderr, "%s: %d total entries converted under \"%s\"\n\n", - progname, entrycount - startcount, basedn ); - } - } - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "edb2ldif: 6 return( %d )\n", err ); - } -#endif - return( err ); -} - - -/* - * read one entry from fp and write to outfp. - * return > 0 if entry converted, 0 if end of file, < 0 if error occurs - */ -static int -convert_entry( - FILE *fp, - char *edbname, - FILE *outfp, - char *basedn, - char *loc_addvals, - int loc_addlen, - char *linebuf -) -{ - Attr_Sequence as, tmpas; - AV_Sequence av; - PS attrtype_ps, val_ps; - char *dnstr; - DN dn; - RDN rdn; - int valcnt; - extern int parse_status; - extern char *parse_file; - extern RDN parse_rdn; -#ifdef HAVE_PARSE_ENTRY - extern char *parse_entry; - extern Attr_Sequence fget_attributes(); -#else /* HAVE_PARSE_ENTRY */ - extern Attr_Sequence get_attributes(); -#endif /* HAVE_PARSE_ENTRY */ - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "convert_entry( 0x%X, \"%s\", 0x%X, \"%s\", ...)\n", - fp, edbname, outfp, basedn ); - } -#endif - - while (( dnstr = fgets( linebuf, MAX_LINE_SIZE, fp )) != NULL && - *linebuf == '\n' ) { - ; - } - - if ( dnstr == NULL ) { - return( feof( fp ) ? 0 : -1 ); /* end of file or error */ - } - - linebuf[ strlen( linebuf ) - 1 ] = '\0'; - - if (( dnstr = malloc( strlen( basedn ) + strlen( linebuf ) + 2 )) - == NULL ) { - print_err( "convert_entry" ); - return( -1 ); - } - sprintf( dnstr, "%s@%s", basedn, linebuf ); - if ( last_dn != NULL ) { - free( last_dn ); - } - last_dn = dnstr; - - if ( entrycount > 0 ) { - fputc( '\n', outfp ); - } - - /* - * parse_entry, parse_file and parse_rdn are needed inside the - * libisode decoding routines, so we set it here. - */ - parse_file = edbname; -#ifdef HAVE_PARSE_ENTRY - parse_entry = dnstr; -#endif - parse_rdn = rdn = str2rdn( linebuf ); - - if (( val_ps = ps_alloc( str_open )) == NULLPS || - str_setup( val_ps, NULLCP, 0, 0 ) == NOTOK ) { - fprintf( stderr, "%s: ps_alloc/setup failed (EDB file %s)\n", progname, - edbname ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - if (( dn = str2dn( dnstr )) == NULLDN || av2ldif( outfp, NULL, dn, - 0, "dn", val_ps ) < 0 ) { - sprintf( linebuf, - "str2dn or av2ldif of DN failed (EDB file %s, entry %s)\n", - edbname, dnstr ); - print_err( linebuf ); - if ( dn != NULLDN ) { - dn_free( dn ); - } - ps_free( val_ps ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - dn_free( dn ); - - ++entrycount; - - if ( always_addvals != NULL && ( loc_addvals == NULL || !override_add ) - && fwrite( always_addvals, always_addlen, 1, outfp ) != 1 ) { - sprintf( linebuf, - "write of additional values failed (EDB file %s, entry %s)\n", - edbname, dnstr ); - print_err( linebuf ); - ps_free( val_ps ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - if ( loc_addvals != NULL && fwrite( loc_addvals, loc_addlen, 1, - outfp ) != 1 ) { - sprintf( linebuf, - "write of additional values failed (EDB file %s, entry %s)\n", - edbname, dnstr ); - print_err( linebuf ); - ps_free( val_ps ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - -#ifdef HAVE_PARSE_ENTRY - as = fget_attributes( fp ); -#else /* HAVE_PARSE_ENTRY */ - as = get_attributes( fp ); -#endif /* HAVE_PARSE_ENTRY */ - - if ( parse_status != 0 ) { - fprintf( stderr, "%s: problem parsing entry (EDB file %s)\n", progname, - edbname ); - ps_free( val_ps ); - if ( as != NULLATTR ) { - as_free( as ); - } - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - if ( add_rdn_values( as, rdn ) != 0 ) { - sprintf( linebuf, - "adding RDN values(s) failed (EDB file %s, entry %s)\n", - edbname, dnstr ); - print_err( linebuf ); - if ( as != NULLATTR ) { - as_free( as ); - } - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - if (( attrtype_ps = ps_alloc( str_open )) == NULLPS || - str_setup( attrtype_ps, NULLCP, 0, 0 ) == NOTOK ) { - fprintf( stderr, "%s: ps_alloc/setup failed (EDB file %s)\n", progname, - edbname ); - if ( as != NULLATTR ) { - as_free( as ); - } - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - - for ( tmpas = as; tmpas != NULLATTR; tmpas = tmpas->attr_link ) { - attrtype_ps->ps_ptr = attrtype_ps->ps_base; - AttrT_print( attrtype_ps, tmpas->attr_type, EDBOUT ); - *attrtype_ps->ps_ptr = '\0'; - - if ( ignore_attr != NULL ) { - int i; - - for ( i = 0; ignore_attr[ i ] != NULL; ++i ) { - if ( strcasecmp( attrtype_ps->ps_base, ignore_attr[ i ] ) - == 0 ) { - break; - } - } - if ( ignore_attr[ i ] != NULL ) { - continue; /* skip this attribute */ - } - } - - valcnt = 0; - for ( av = tmpas->attr_value; av != NULLAV; av = av->avseq_next ) { - ++valcnt; - if ( av2ldif( outfp, av, NULL, tmpas->attr_type->oa_syntax, - attrtype_ps->ps_base, val_ps ) < 0 ) { - sprintf( linebuf, - "av2ldif failed (EDB file %s, entry %s, attribute %s, value no. %d)\n", - edbname, dnstr, attrtype_ps->ps_base, valcnt ); - print_err( linebuf ); - ps_free( attrtype_ps ); - ps_free( val_ps ); - as_free( as ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - return( -1 ); - } - } - } - - ps_free( attrtype_ps ); - ps_free( val_ps ); - as_free( as ); - if ( rdn != NULLRDN ) { - rdn_free( rdn ); - } - - return( 1 ); -} - - -static int -add_rdn_values( Attr_Sequence entryas, RDN rdn ) -{ -/* - * this routine is based on code from the real_unravel_attribute() routine - * found in isode-8.0/.dsap/common/attribute.c - */ - AttributeType at; - AV_Sequence avs; - Attr_Sequence as; - - for (; rdn != NULLRDN; rdn = rdn->rdn_next ) { - if (( as = as_find_type( entryas, rdn->rdn_at )) == NULLATTR ) { - at = AttrT_cpy( rdn->rdn_at ); - avs = avs_comp_new( AttrV_cpy(&rdn->rdn_av )); - as = as_comp_new( at, avs, NULLACL_INFO ); - entryas = as_merge( entryas, as ); - } else { - for ( avs = as->attr_value; avs != NULLAV; avs = avs->avseq_next ) { - if ( AttrV_cmp( &rdn->rdn_av, &avs->avseq_av ) == 0 ) { - break; - } - } - - if ( avs == NULLAV ) { - avs = avs_comp_new( AttrV_cpy( &rdn->rdn_av )); - as->attr_value = avs_merge( as->attr_value, avs ); - } - } - } - - return( 0 ); -} - - -/* read the EDB.map file and return a linked list of translations */ -static int -read_edbmap( char *mapfile, struct edbmap **edbmapp ) -{ - FILE *fp; - char *p, *filename, *rdn, line[ MAX_LINE_SIZE + 1 ]; - int err; - struct edbmap *emp, *tmpemp; - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "read_edbmap( \"%s\", ...)\n", mapfile ); - } -#endif - - if (( fp = fopen( mapfile, "r" )) == NULL ) { - *edbmapp = NULL; - return( 0 ); /* soft error -- no EDB.map file */ - } - - emp = NULL; - - /* - * read all the lines in the file, looking for lines of the form: - * RDN # filename - */ - err = 0; - while ( err == 0 && fgets( line, MAX_LINE_SIZE, fp ) != NULL ) { - line[ strlen( line ) - 1 ] = '\0'; /* remove trailing newline */ - if (( filename = strchr( line, '#' )) == NULL ) { - continue; - } - - *filename++ = '\0'; - while ( isspace((unsigned char) *filename) ) { /* strip leading whitespace */ - ++filename; - } - - if ( *filename == '\0' ) { - continue; - } - - p = filename + strlen( filename ) - 1; - while ( isspace((unsigned char) *p) ) { /* strip trailing whitespace */ - *p-- = '\0'; - } - - rdn = line; - while ( isspace((unsigned char) *rdn)) { /* strip leading whitespace */ - ++rdn; - } - - if ( *rdn == '\0' ) { - continue; - } - - p = rdn + strlen( rdn ) - 1; - while ( isspace((unsigned char) *p)) { /* strip trailing whitespace */ - *p-- = '\0'; - } - - if (( tmpemp = (struct edbmap *)calloc( 1, sizeof( struct edbmap ))) - == NULL || - ( tmpemp->edbm_filename = strdup( filename )) == NULL || - ( tmpemp->edbm_rdn = strdup( rdn )) == NULL ) { - err = -1; - } else { - tmpemp->edbm_next = emp; - emp = tmpemp; - } - } - - fclose( fp ); - - if ( err == 0 ) { - *edbmapp = emp; - } else { - free_edbmap( emp ); - } - - return( err ); -} - - -static char * -file2rdn( struct edbmap *edbmap, char *filename ) -{ -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "file2rdn( 0x%X, \"%s\" )\n", edbmap, filename ); - } -#endif - - while ( edbmap != NULL ) { - if ( strcmp( filename, edbmap->edbm_filename ) == 0 ) { - break; - } - edbmap = edbmap->edbm_next; - } - - return(( edbmap == NULL ) ? filename : edbmap->edbm_rdn ); -} - - -/* free the edbmap list */ -static void -free_edbmap( struct edbmap *edbmap ) -{ - struct edbmap *tmp; - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "free_edbmap( 0x%X )\n", edbmap ); - } -#endif - - while ( edbmap != NULL ) { - if ( edbmap->edbm_filename != NULL ) free( edbmap->edbm_filename ); - if ( edbmap->edbm_rdn != NULL ) free( edbmap->edbm_rdn ); - tmp = edbmap; - edbmap = edbmap->edbm_next; - free( tmp ); - } -} - - -static void -print_err( char *msg ) -{ -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "print_err( \"%s\" )\n", msg ); - } -#endif - - if ( errno > sys_nerr ) { - fprintf( stderr, "%s: %s: errno=%d\n", progname, msg, errno ); - } else { - fprintf( stderr, "%s: %s: %s\n", progname, msg, sys_errlist[ errno ] ); - } -} - - -static char * -read_file( char *filename, int *lenp ) -{ - FILE *fp; - struct stat st; - char *buf; - -#ifdef LDAP_DEBUG - if ( debugflg ) { - fprintf( stderr, "read_file( \"%s\", 0x%X )\n", filename, lenp ); - } -#endif - - if ( stat( filename, &st ) != 0 || !S_ISREG( st.st_mode ) || - ( fp = fopen( filename, "r" )) == NULL ) { - return( NULL ); - } - - if (( buf = (char *)malloc( st.st_size )) == NULL ) { - fclose( fp ); - return( NULL ); - } - - if ( fread( buf, st.st_size, 1, fp ) != 1 ) { - fclose( fp ); - free( buf ); - return( NULL ); - } - - fclose( fp ); - *lenp = st.st_size; - return( buf ); -} diff --git a/servers/slapd/tools/ldapsyntax.c b/servers/slapd/tools/ldapsyntax.c deleted file mode 100644 index 04bba0fd16..0000000000 --- a/servers/slapd/tools/ldapsyntax.c +++ /dev/null @@ -1,464 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright (c) 1995 Regents of the University of Michigan. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to the University of Michigan at Ann Arbor. The name of the University - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -#include "portable.h" - -#include - -#include -#include - -#include -#include -#include -#include -/* #include */ -#include - -#include - -#include "ldif.h" -#include "ldapsyntax.h" - -short ldap_dn_syntax; -short ldap_password_syntax; -short ldap_photo_syntax; -short ldap_jpeg_syntax; -short ldap_audio_syntax; - -static int dn2ldif( PS ps, DN dn ); -static int jpeg2ldif( PS ps, AttributeValue av ); -static int audio2ldif( PS ps, AttributeValue av ); -static int photo2ldif( PS ps, AttributeValue av ); -static int fileattr2ldif( PS ps, AttributeValue av ); -static void de_t61( char *s, int t61mark ); -static void de_crypt( char *s ); - -extern char *progname; - -#define SEPARATOR(c) ((c) == ',' || (c) == ';') -#define SPACE(c) ((c) == ' ' || (c) == '\n') - - -int -init_syntaxes() -{ - if (( ldap_dn_syntax = str2syntax( "DN" )) == 0 ) { - return( -1 ); /* must have this syntax handler */ - } - ldap_password_syntax = str2syntax( "password" ); - ldap_photo_syntax = str2syntax( "photo" ); - ldap_jpeg_syntax = str2syntax( "jpeg" ); - ldap_audio_syntax = str2syntax( "audio" ); - - return( 0 ); -} - - -/* - * av2ldif: convert attribute value contained in "av" to ldif format - * and write to "outfp". If "dn" is not NULL, convert it instead of "av". - */ -int -av2ldif( FILE *outfp, AV_Sequence av, DN dn, short syntax, char *attrname, - PS str_ps ) -{ - char *buf; - int rc; - struct file_syntax *fsyntax; - - if ( av != NULLAV ) { - fsyntax = (struct file_syntax *) av->avseq_av.av_struct; - } - - rc = 0; /* optimistic */ - str_ps->ps_ptr = str_ps->ps_base; /* reset string PS */ - - if ( dn != NULL || syntax == ldap_dn_syntax ) { /* DNs */ - rc = dn2ldif( str_ps, ( dn != NULLDN ) ? dn : - (DN)(av->avseq_av.av_struct)); - - } else if ( syntax == ldap_jpeg_syntax || ( syntax > AV_WRITE_FILE && - fsyntax->fs_real_syntax == ldap_jpeg_syntax )) { - rc = jpeg2ldif( str_ps, &av->avseq_av ); - - } else if ( syntax == ldap_photo_syntax || ( syntax > AV_WRITE_FILE && - fsyntax->fs_real_syntax == ldap_photo_syntax )) { - rc = photo2ldif( str_ps, &av->avseq_av ); - - } else if ( syntax == ldap_audio_syntax || ( syntax > AV_WRITE_FILE && - fsyntax->fs_real_syntax == ldap_audio_syntax )) { - rc = audio2ldif( str_ps, &av->avseq_av ); - - } else if ( syntax > AV_WRITE_FILE ) { - rc = fileattr2ldif( str_ps, &av->avseq_av ); - - } else { - AttrV_print( str_ps, &av->avseq_av, EDBOUT ); - *str_ps->ps_ptr = '\0'; - de_t61( str_ps->ps_base, 0 ); - - if ( syntax == ldap_password_syntax ) { - de_crypt( str_ps->ps_base ); - } - - str_ps->ps_ptr = str_ps->ps_base + strlen( str_ps->ps_base ); - } - - if ( rc == 0 && str_ps->ps_ptr > str_ps->ps_base ) { - *str_ps->ps_ptr = '\0'; - if (( buf = ldif_type_and_value( attrname, str_ps->ps_base, - str_ps->ps_ptr - str_ps->ps_base )) == NULL ) { - rc = -1; - } else { - if ( fputs( buf, outfp ) == EOF ) { - rc = -1; - } - ber_memfree( buf ); - } - } - - if ( rc == -2 ) { - if ( syntax > AV_WRITE_FILE ) { - fprintf( stderr, - "%s: attribute file '%s' not found (skipping value)\n", - progname, fsyntax->fs_name ); - } - rc = 0; /* treat as "soft" error -- keep going */ - } - - return( rc ); -} - - -static int -dn2ldif( PS ps, DN dn ) -{ - RDN rdn; - int firstrdn, rc; - char *value; - PS rps; - - if ( dn == NULLDN ) { - return( 0 ); - } - - if ( dn->dn_parent != NULLDN ) { - if (( rc = dn2ldif( ps, dn->dn_parent )) != 0 ) { - return( rc ); - } - ps_print( ps, ", " ); - } - - if ( (rps = ps_alloc( str_open )) == NULLPS || - str_setup( rps, NULLCP, 0, 0 ) == NOTOK ) { - return( -1 ); - } - - firstrdn = 1; - for ( rdn = dn->dn_rdn; rdn != NULLRDN; rdn = rdn->rdn_next ) { - if ( firstrdn ) { - firstrdn = 0; - } else { - ps_print( ps, " + " ); - } - - AttrT_print( ps, rdn->rdn_at, EDBOUT ); - ps_print( ps, "=" ); - - if ( rdn->rdn_at->oa_syntax == ldap_dn_syntax ) { - if (( rc = dn2ldif( rps, (DN) rdn->rdn_av.av_struct )) != 0 ) { - return( rc ); - } - *rps->ps_ptr = '\0'; - value = rps->ps_base; - } else { - AttrV_print( rps, &rdn->rdn_av, EDBOUT ); - *rps->ps_ptr = '\0'; - value = rps->ps_base; - de_t61( value, 0 ); - } - - /* - * ,+="\\\n all go in quotes. " and \\ need to - * be preceeded by \\. - */ - - if ( strpbrk( value, ",+=\"\\\n" ) != NULL || SPACE( value[0] ) - || SPACE( value[max( strlen(value) - 1, 0 )] ) ) { - char *p, *t, *tmp; - int specialcount; - - ps_print( ps, "\"" ); - - specialcount = 0; - for ( p = value; *p != '\0'; p++ ) { - if ( *p == '"' || *p == '\\' ) { - specialcount++; - } - } - if ( specialcount > 0 ) { - tmp = smalloc( strlen( value ) + specialcount + 1 ); - for ( p = value, t = tmp; *p != '\0'; p++ ) { - switch ( *p ) { - case '"': - case '\\': - *t++ = '\\'; - /* FALL THROUGH */ - default: - *t++ = *p; - } - } - *t = '\0'; - ps_print( ps, tmp ); - free( tmp ); - } else { - ps_print( ps, value ); - } - - ps_print( ps, "\"" ); - } else { - ps_print( ps, value ); - } - - rps->ps_ptr = rps->ps_base; - } - - ps_free( rps ); - - return( 0 ); -} - -#define T61 "{T.61}" -#define T61LEN 6 - -static void -de_t61( s, t61mark ) -char *s; -int t61mark; -{ - char *next = s; - unsigned char c; - unsigned int hex; - - while ( *s ) { - switch ( *s ) { - case '{' : - if ( strncasecmp( s, T61, T61LEN) == 0 ) { - s += T61LEN; - if ( t61mark ) - *next++ = '@'; - } else { - *next++ = *s++; - } - break; - - case '\\': - c = *(s + 1); - if ( c == '\n' ) { - s += 2; - if ( *s == '\t' ) - s++; - break; - } - if ( isdigit( c ) ) - hex = c - '0'; - else if ( c >= 'A' && c <= 'F' ) - hex = c - 'A' + 10; - else if ( c >= 'a' && c <= 'f' ) - hex = c - 'a' + 10; - else { - *next++ = *s++; - break; - } - hex <<= 4; - c = *(s + 2); - if ( isdigit( c ) ) - hex += c - '0'; - else if ( c >= 'A' && c <= 'F' ) - hex += c - 'A' + 10; - else if ( c >= 'a' && c <= 'f' ) - hex += c - 'a' + 10; - else { - *next++ = *s++; - *next++ = *s++; - break; - } - - *next++ = hex; - s += 3; - break; - - default: - *next++ = *s++; - break; - } - } - *next = '\0'; -} - - -#define CRYPT_MASK 0x23 - -static void -de_crypt( char *s ) -{ - char *p; - - if ( strncmp( s, "{CRYPT}", 7 ) == 0 ) { - SAFEMEMCPY( s, s + 7, strlen( s + 7 ) + 1 ); /* strip off "{CRYPT}" */ - - for ( p = s; *p != '\0'; ++p) { /* "decrypt" each byte */ - if ( *p != CRYPT_MASK ) { - *p ^= CRYPT_MASK; - } - } - } -} - - -static int -jpeg2ldif( PS ps, AttributeValue av ) -{ - PE pe; - int len; - - if (( pe = grab_pe( av )) == NULLPE || pe->pe_id == PE_PRIM_NULL ) { - return( -2 ); /* signal soft error */ - } - - if (( pe->pe_class != PE_CLASS_UNIV && pe->pe_class != PE_CLASS_CONT ) - || pe->pe_form != PE_FORM_PRIM || pe->pe_id != PE_PRIM_OCTS ) { - return( -1 ); - } - - if ( pe_pullup( pe ) == NOTOK ) { - return( -1 ); - } - - len = ps_get_abs( pe ); - - if ( ps_write( ps, (PElementData)pe->pe_prim, len ) == NOTOK ) { - return( -1 ); - } - - return( 0 ); -} - - -static int -audio2ldif( PS ps, AttributeValue av ) -{ - PE pe; - struct qbuf *qb, *p; - int rc, len; - char *buf; - - return( 0 ); /* for now */ - - if (( pe = grab_pe( av )) == NULLPE || pe->pe_id == PE_PRIM_NULL ) { - return( -2 ); /* signal soft error */ - } - - qb = (struct qbuf *)pe; - - len = 0; - for ( p = qb->qb_forw; p != qb; p = p->qb_forw ) { - len += p->qb_len; - } - - if (( buf = (char *) malloc( len )) == NULL ) { - return( -1 ); - } - - len = 0; - for ( p = qb->qb_forw; p != qb; p = p->qb_forw ) { - SAFEMEMCPY( buf + len, p->qb_data, p->qb_len ); - len += p->qb_len; - } - - if ( ps_write( ps, (PElementData)buf, len ) == NOTOK ) { - rc = -1; - } else { - rc = 0; - } - - free( buf ); - - return( rc ); -} - - -static int -photo2ldif( PS ps, AttributeValue av ) -{ - PE pe; - int len; - char *faxparamset = "\000\300\000\000"; - BerElement *phber; - - if (( pe = grab_pe( av )) == NULLPE || pe->pe_id == PE_PRIM_NULL ) { - return( -2 ); /* signal soft error */ - } - - /* old bit string-like format - only handle this for now */ - if ( pe->pe_class == PE_CLASS_UNIV && pe->pe_form == PE_FORM_PRIM - && pe->pe_id == PE_PRIM_BITS ) { - len = ps_get_abs( pe ); - if (( phber = der_alloc()) == NULL ) { - return( -1 ); - } - if ( ber_printf( phber, "t{[tB]{B}}", - (ber_tag_t) 0xA3, (ber_tag_t) 0x81, faxparamset, (ber_len_t) 31, - (char *)pe->pe_prim, (ber_len_t) (len * 8) ) == -1 ) - { - ber_free( phber, 1 ); - return( -1 ); - } - if ( ps_write( ps, (PElementData)phber->ber_buf, - phber->ber_ptr - phber->ber_buf ) == NOTOK ) { - ber_free( phber, 1 ); - return( -1 ); - } - ber_free( phber, 1 ); - } else { - /* - * try just writing this into a PS and sending it along - */ - if ( pe2ps( ps, pe ) == NOTOK ) { - return( -1 ); - } - } - - return( 0 ); -} - - -static int -fileattr2ldif( PS ps, AttributeValue av ) -{ - PE pe; - - if (( pe = grab_pe( av )) == NULLPE || pe->pe_id == PE_PRIM_NULL ) { - return( -2 ); /* signal soft error */ - } - - /* - * try just writing this into a PS and sending it along - */ - if ( pe2ps( ps, pe ) == NOTOK ) { - return( -1 ); - } - - return( 0 ); -} diff --git a/servers/slapd/tools/ldapsyntax.h b/servers/slapd/tools/ldapsyntax.h deleted file mode 100644 index f42934039c..0000000000 --- a/servers/slapd/tools/ldapsyntax.h +++ /dev/null @@ -1,33 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright (c) 1995 Regents of the University of Michigan. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to the University of Michigan at Ann Arbor. The name of the University - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -#ifndef LDAPSYNTAX_H -#define LDAPSYNTAX_H 1 - -#include - -LDAP_BEGIN_DECL - -/* XXX: the "master" LINE_WIDTH #define is in ../slap.h */ -#define LINE_WIDTH 76 /* for lines in string rep of an entry */ - -/* - * function prototypes - */ - -int init_syntaxes LDAP_P(( void )); -int av2ldif LDAP_P(( FILE *outfp, AV_Sequence av, DN dn, short syntax, - char *attrname, PS str_ps )); - -LDAP_END_DECL -#endif diff --git a/servers/slapd/tools/ldbmtest.c b/servers/slapd/tools/ldbmtest.c deleted file mode 100644 index 39e6c7432a..0000000000 --- a/servers/slapd/tools/ldbmtest.c +++ /dev/null @@ -1,796 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. - * COPYING RESTRICTIONS APPLY, see COPYRIGHT file - */ -#include "portable.h" - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include - -#ifdef HAVE_FCNTL_H -#include -#endif - -#ifdef HAVE_IO_H -#include -#endif - -#include "../slap.h" -#include "../back-ldbm/back-ldbm.h" - -static DBCache *openchoice(char c, int mode, int verbose, char **fname); -static void print_entry(FILE *fp, char c, Datum *key, char *klabel, Datum *data, char *dlabel); -static void free_and_close(DBCache *dbc, Datum key, Datum data); -static void edit_entry(char c, Datum *data); -static void get_keydata(FILE *fp, char c, Datum *key, Datum *data); - -static DBCache *dbc; -static LDBM dbp; -static Backend *be = NULL; - -int -main( int argc, char **argv ) -{ - char buf[256]; - Datum savekey, key, data, last; - char *fname; - ID id, cursor; - ID_BLOCK *idl; - Backend *tbe; - int i; - char *tailorfile; - - LDBMCursor *cursorp; - - fprintf(stderr, - "ldbmtest not updated to support new index formats!\n" ); - exit( EXIT_FAILURE ); - - - ldbm_datum_init( savekey ); - ldbm_datum_init( key ); - ldbm_datum_init( data ); - ldbm_datum_init( last ); - - tailorfile = SLAPD_DEFAULT_CONFIGFILE; - while ( (i = getopt( argc, argv, "d:f:" )) != EOF ) { - switch ( i ) { - case 'd': /* turn on debugging */ - ldap_debug = atoi( optarg ); - break; - - case 'f': /* specify a tailor file */ - tailorfile = strdup( optarg ); - break; - - default: - fprintf( stderr, - "usage: %s [-d level] [-f slapdconfigfile]\n", - argv[0] ); - exit( EXIT_FAILURE ); - } - } - - /* - * initialize stuff and figure out which backend we're dealing with - */ - - slap_init(SLAP_TOOL_MODE, "ldbmtest"); - read_config( tailorfile ); - slap_startup( NULL ); - - while ( 1 ) { - printf( "dbtest: " ); - - if ( fgets( buf, sizeof(buf), stdin ) == NULL ) - break; - - switch ( buf[0] ) { - case 'c': /* create an index */ - fname = NULL; - if ( (dbc = openchoice( buf[1], LDBM_READER, 0, - &fname )) != NULL ) { - printf( "Already exists\n" ); - ldbm_close( dbc->dbc_db ); - break; - } - if ( (dbc = openchoice( buf[1], LDBM_WRCREAT, 1, - &fname )) != NULL ) { - ldbm_close( dbc->dbc_db ); - } - break; - - case 'l': /* lookup something in an index */ - if ( (dbc = openchoice( buf[1], LDBM_READER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, NULL ); - data = ldbm_fetch( dbc->dbc_db, key ); - print_entry( stdout, buf[1], &key, "key: ", &data, - "data:\n" ); - - free_and_close( dbc, key, data ); - break; - - case 'L': /* get all blocks for a key from an index */ - if ( (dbc = openchoice( buf[1], LDBM_READER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, NULL ); - if ( (idl = idl_fetch( be, dbc, key )) != NULL ) { - data.dptr = (char *) idl; - data.dsize = (ID_BLOCK_NMAX(idl) + 1) * sizeof(ID); - print_entry( stdout, buf[1], &key, "key: ", - &data, "data:\n" ); - } - free_and_close( dbc, key, data ); - break; - - case 't': /* traverse */ - case 'T': /* traverse - keys only */ - if ( (dbc = openchoice( buf[1], LDBM_READER, 1, NULL )) - == NULL ) { - perror( "openchoice" ); - continue; - } - - savekey.dptr = NULL; - for ( key = ldbm_firstkey( dbc->dbc_db, &cursorp ); - key.dptr != NULL; - key = ldbm_nextkey( dbc->dbc_db, key, cursorp ) ) - { - if ( savekey.dptr != NULL ) - ldbm_datum_free( dbc->dbc_db, savekey ); - savekey = key; - - data = ldbm_fetch( dbc->dbc_db, key ); - - if ( buf[0] == 't' ) { - print_entry( stdout, buf[1], &key, - "key: ", &data, "data:\n" ); - } else { - print_entry( stdout, buf[1], &key, - "key: ", NULL, NULL ); - } - - if ( data.dptr != NULL ) { - ldbm_datum_free( dbc->dbc_db, data ); - } - } - if ( savekey.dptr != NULL ) - ldbm_datum_free( dbc->dbc_db, savekey ); - - ldbm_close( dbc->dbc_db ); - break; - - case 'x': /* delete an entry */ - if ( (dbc = openchoice( buf[1], LDBM_WRITER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, NULL ); - - if ( ldbm_delete( dbc->dbc_db, key ) != 0 ) { - if ( ldbm_errno( dbc->dbc_db ) == 0 ) { - perror( "ldbm_delete" ); - } else { - fprintf( stderr, "db_errno=%d", - ldbm_errno( dbc->dbc_db ) ); - } - } - - data.dptr = NULL; - free_and_close( dbc, key, data ); - break; - -#ifndef HAVE_WINSOCK - case 'e': /* edit an entry */ - if ( (dbc = openchoice( buf[1], LDBM_WRITER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, NULL ); - - data = ldbm_fetch( dbc->dbc_db, key ); - if ( data.dptr == NULL ) { - if ( ldbm_errno( dbc->dbc_db ) == 0 ) { - perror( "ldbm_fetch" ); - } else { - fprintf( stderr, "db_errno=%d\n", - ldbm_errno( dbc->dbc_db ) ); - } - free_and_close( dbc, key, data ); - break; - } - - edit_entry( buf[1], &data ); - - if ( data.dptr == NULL ) { - if ( ldbm_delete( dbc->dbc_db, key ) != 0 ) { - perror( "ldbm_delete" ); - } - } else if ( ldbm_store( dbc->dbc_db, key, data, - LDBM_REPLACE ) != 0 ) { - if ( ldbm_errno( dbc->dbc_db ) == 0 ) { - perror( "ldbm_store" ); - } else { - fprintf( stderr, "db_errno=%d\n", - ldbm_errno( dbc->dbc_db ) ); - } - } - - free_and_close( dbc, key, data ); - break; -#endif - - case 'a': /* add an entry */ - if ( (dbc = openchoice( buf[1], LDBM_WRITER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, &data ); - - if ( ldbm_store( dbc->dbc_db, key, data, LDBM_INSERT ) - != 0 ) { - if ( ldbm_errno( dbc->dbc_db ) == 0 ) { - perror( "ldbm_store" ); - } else { - fprintf( stderr, "db_errno=%d\n", - ldbm_errno( dbc->dbc_db ) ); - } - } - - free_and_close( dbc, key, data ); - break; - - case 'i': /* insert an id into an index entry */ - if ( (dbc = openchoice( buf[1], LDBM_WRITER, 1, NULL )) - == NULL ) { - continue; - } - - get_keydata( stdin, buf[1], &key, &data ); - - idl = (ID_BLOCK *) data.dptr; - for ( id = idl_firstid( idl, &cursor ); id != NOID; - id = idl_nextid( idl, &cursor ) ) { - if ( idl_insert_key( be, dbc, key, id ) - != 0 ) { - fprintf( stderr, - "idl_insert_key (%s) %ld failed\n", - key.dptr, id ); - continue; - } - } - - free_and_close( dbc, key, data ); - break; - - case 'b': /* select a backend by suffix */ - printf( "suffix: " ); - fflush( stdout ); - if ( fgets( buf, sizeof(buf), stdin ) == NULL ) { - exit( EXIT_SUCCESS ); - } else { - buf[strlen( buf ) - 1] = '\0'; - } - (void) dn_normalize( buf ); - if ( (tbe = select_backend( buf )) == NULL ) { - fprintf( stderr, "unknown suffix \"%s\"\n", - buf ); - } else { - be = tbe; - } - break; - - case 'B': /* print current suffix */ - if ( be == NULL ) { - printf( "no current backend\n" ); - } else { - printf( "current backend has suffix \"%s\"\n", - be->be_suffix[0] ); - } - break; - - case 'C': /* produce concordance of an index */ - if ( (dbc = openchoice( 'i', LDBM_READER, 1, NULL )) - == NULL ) { - continue; - } - - last.dptr = NULL; - - for ( key = ldbm_firstkey( dbp, &cursorp ); - key.dptr != NULL; - key = ldbm_nextkey( dbp, last, cursorp ) ) - { - if ( last.dptr != NULL ) { - ldbm_datum_free( dbp, last ); - } - last = key; - printf( "key(%d): (%s)\n", key.dsize, - key.dptr ); - } - - free_and_close( dbc, key, last ); - break; - - default: - printf( "commands: l => lookup index\n" ); - printf( " L => lookup index (all)\n" ); - printf( " t => traverse index\n" ); - printf( " T => traverse index keys\n" ); - printf( " x => delete from index\n" ); - printf( " e => edit index entry\n" ); - printf( " a => add index entry\n" ); - printf( " c => create index\n" ); - printf( " i => insert ids into index\n" ); - printf( " b => change default backend\n" ); - printf( " B => print default backend\n" ); - printf( "where is a char selecting the index:\n" ); - printf( " d => dn2id\n" ); - printf( " e => id2entry\n" ); - printf( " f => arbitrary file\n" ); - printf( " i => attribute index\n" ); - break; - } - } - - slap_shutdown( NULL ); - slap_destroy(); - - return( EXIT_SUCCESS ); -} - -static void -free_and_close( DBCache *dbc, Datum key, Datum data ) -{ - ldbm_cache_really_close( be, dbc ); - if ( key.dptr != NULL ) - ldbm_datum_free( dbp, key ); - if ( data.dptr != NULL ) - ldbm_datum_free( dbp, data ); -} - -static int -dnid_cmp( const void *a, const void *b ) -{ - return( *(const long int *)a - *(const long int *)b ); -} - -static char * -myrealloc( char *p, int size ) -{ - if ( p == NULL ) - return( (char *) malloc( size ) ); - else - return( (char *) realloc( p, size ) ); -} - -static void -get_idlist( FILE *fp, Datum *data ) -{ - char buf[20]; - int i, fd, tty; - ID_BLOCK *p; - unsigned int psize, pmax; - unsigned int nmax, nids; - - fd = fileno( fp ); - tty = isatty( fd ); - - p = NULL; - psize = 2 * sizeof(ID); - pmax = 0; - nmax = 0; - nids = 0; - i = 0; - while ( 1 ) { - if ( tty ) - printf( "id? " ); - if ( fgets( buf, sizeof(buf), fp ) == NULL || buf[0] == '\n' ) - break; - if ( strncmp( buf, "nmax=", 5 ) == 0 ) { - nmax = atol( buf + 5 ); - continue; - } - - if ( psize + sizeof(ID) > pmax ) { - pmax += BUFSIZ; - p = (ID_BLOCK *) myrealloc( (char *) p, pmax ); - } - - if ( strncmp( buf, "nids=0", 6 ) == 0 ) { - nids = NOID; - continue; - } - - ID_BLOCK_ID(p,i++) = atol( buf ); - psize += sizeof(ID); - } - if ( nmax == 0 ) { - if ( tty ) { - nmax = i; - printf( "%d IDs entered. Max number of ids? [%d] ", i, - i ); - if ( fgets( buf, sizeof(buf), fp ) != NULL && - isdigit( (unsigned char) buf[0] ) ) { - nmax = atol( buf ); - } - } else { - nmax = i; - } - } - if ( i > 0 ) { - ID_BLOCK_NMAX(p) = nmax; - if ( nids != 0 ) { - ID_BLOCK_NIDS(p) = 0; - ID_BLOCK_ID(p,i) = NOID; - } else { - ID_BLOCK_NIDS(p) = i; - } - - qsort( (void *) &ID_BLOCK_ID(p, 0), i, sizeof(ID), dnid_cmp ); - } - - data->dptr = (char *) p; - data->dsize = (nmax + ID_BLOCK_IDS_OFFSET) * sizeof(ID); -} - -static void -get_entry( FILE *fp, Datum *data ) -{ - char buf[BUFSIZ]; - char *p; - unsigned int pmax, psize, len; - int fd; - - fd = fileno( fp ); - if ( isatty( fd ) ) - printf( "Enter entry, to end:\n" ); - - p = NULL; - pmax = psize = 0; - while ( fgets( buf, sizeof(buf), fp ) != NULL ) { - len = strlen( buf ); - if ( psize + strlen( buf ) > pmax ) { - pmax += BUFSIZ; - p = myrealloc( p, pmax ); - } - if ( psize == 0 ) - strcpy( p, buf ); - else - strcat( p, buf ); - psize += len; - - if ( buf[0] == '\n' ) - break; - } - - data->dptr = p; - data->dsize = psize + 1; -} - -#ifndef HAVE_WINSOCK -static void -edit_entry( char c, Datum *data ) -{ - int fd, pid; - char tmpname[20]; - FILE *fp; -#ifndef HAVE_WAITPID - WAITSTATUSTYPE status; -#endif - - strcpy( tmpname, "/tmp/dbtestXXXXXX" ); -#ifndef HAVE_MKSTEMP - if ( (fd = open( mktemp( tmpname ), O_RDWR|O_CREAT|O_EXCL, 0600 )) == -1 ) { - perror( tmpname ); - return; - } -#else - if ( (fd = mkstemp( tmpname )) == -1 ) { - perror( tmpname ); - return; - } -#endif - - fp = fdopen( fd, "w" ); - print_entry( fp, c, NULL, NULL, data, NULL ); - fflush( fp ); - - pid = fork(); - - if ( pid == -1 ) { - perror( "fork" ); - return; - } else if ( pid == 0 ) { - char *editor; - - if ( (editor = getenv( "EDITOR" )) == NULL ) { - editor = LDAP_EDITOR; - } - execl( editor, editor, tmpname, NULL ); - perror( "execl" ); - exit( EXIT_FAILURE ); - } - - fclose( fp ); - -#ifdef HAVE_WAITPID - if ( waitpid( (pid_t) -1, NULL, WAIT_FLAGS ) < 0 ) -#else - if ( wait3( (pid_t) -1, &status, WAIT_FLAGS, 0 ) < 0 ) -#endif - { - perror( "wait" ); - return; - } - - if ( (fp = fopen( tmpname, "r" )) == NULL ) { - perror( tmpname ); - return; - } - if ( data->dptr != NULL ) { - ldbm_datum_free( NULL, *data ); - } - get_keydata( fp, c, NULL, data ); - fclose( fp ); - unlink( tmpname ); -} -#endif - -static DBCache * -openfile( char *name, int namesiz, int mode, int verbose, char c ) -{ - DBCache *dbc; - - if ( name == NULL || *name == '\0' ) { - if ( c == 'f' ) { - printf( " file: " ); - if ( fgets( name, namesiz, stdin ) == NULL ) - exit( EXIT_SUCCESS ); - name[strlen( name ) - 1] = '\0'; - } else { - printf( " attr: " ); - if ( fgets( name, namesiz, stdin ) == NULL ) - exit( EXIT_SUCCESS ); - name[strlen( name ) - 1] = '\0'; - } - } - - if ( (dbc = ldbm_cache_open( be, name, (c == 'f') ? "" : LDBM_SUFFIX, - LDBM_READER )) == NULL ) { - perror( name ); - } else { - dbp = dbc->dbc_db; - } - - return( dbc ); -} - -static DBCache * -openchoice( char c, int mode, int verbose, char **fname ) -{ - static char name[MAXPATHLEN]; - - switch ( c ) { - case 'd': /* dn2id */ - sprintf( name, "dn2id" ); - break; - case 'e': /* id2entry */ - sprintf( name, "id2entry" ); - break; - case 'f': /* arbitrary file */ - case 'i': /* index */ - if ( fname != NULL && *fname != NULL ) { - strcpy( name, *fname ); - } else { - name[0] = '\0'; - } - break; - default: - printf( "specify one of [fdei] to select file\n" ); - return( NULL ); - break; - } - if ( fname != NULL ) { - *fname = name; - } - - return( openfile( name, MAXPATHLEN, mode, verbose, c ) ); -} - -static void -print_entry( - FILE *fp, - char c, - Datum *key, - char *klabel, - Datum *data, - char *dlabel -) -{ - ID id; - ID_BLOCK *idl; - unsigned int i; - char msg[2]; - - if ( data != NULL && data->dptr == NULL ) { - msg[0] = c; - msg[1] = '\0'; - - if ( ldbm_errno( dbp ) == 0 ) - perror( msg ); - else - fprintf( stderr, "%s: db_errno=%d\n", msg, - ldbm_errno( dbp ) ); - return; - } - - switch ( c ) { - case 'd': /* dn2id - key is dn, data is dnid */ - if ( key != NULL ) - fprintf( fp, "%s%s (len %d)\n", klabel, key->dptr, - key->dsize ); - if ( data != NULL ) { - SAFEMEMCPY( (char *) &id, data->dptr, sizeof(ID) ); - fprintf( fp, "%s%ld\n", dlabel ? dlabel : "", id ); - } - break; - - case 'e': /* id2entry - key is dnid, data is entry */ - if ( key != NULL ) { - SAFEMEMCPY( (char *) &id, key->dptr, sizeof(ID) ); - fprintf( fp, "%s %ld\n", klabel, id ); - } - if ( data != NULL ) { - if ( dlabel ) { - fprintf( fp, "data length: %d\n", data->dsize ); - fputs( dlabel, fp ); - } - fputs( data->dptr, fp ); - } - break; - - case 'i': /* index - key is string, data is dnid[] */ - if ( key != NULL ) - fprintf( fp, "%s%s (len %d)\n", klabel, key->dptr, - key->dsize ); - if ( data != NULL ) { - idl = (ID_BLOCK *) data->dptr; - - if ( dlabel ) - fprintf( fp, "%s\tnmax=%ld\n\tncur=%ld\n", dlabel, - ID_BLOCK_NMAX(idl), ID_BLOCK_NIDS(idl) ); - - if ( ID_BLOCK_INDIRECT( idl ) ) { - for ( i = 0; !ID_BLOCK_NOID(idl, i); i++ ) { - fprintf( fp, "\t%ld\n", ID_BLOCK_ID(idl, i) ); - } - } else if ( ID_BLOCK_ALLIDS( idl ) ) { - fprintf( fp, "\tALLIDS\n" ); - } else { - for ( i = 0; i < ID_BLOCK_NIDS(idl); i++ ) { - fprintf( fp, "\t%ld\n", ID_BLOCK_ID(idl,i) ); - } - } - } - break; - - case 'f': /* arbitrary file - assume key & data are strings */ - if ( key != NULL ) - fprintf( fp, "%s%s\n", klabel, key->dptr ); - if ( data != NULL ) { - fprintf( fp, "%s%s\n", dlabel ? dlabel : "", - data->dptr ); - } - break; - - default: - fprintf( stderr, "specify [dei] to select a file\n" ); - break; - } -} - -static void -get_keydata( FILE *fp, char c, Datum *key, Datum *data ) -{ - static char kbuf[BUFSIZ], dbuf[BUFSIZ]; - long n; - int fd, tty; - - fd = fileno( fp ); - tty = isatty( fd ); - - switch ( c ) { - case 'd': /* dn2id - key is dn, data is dnid */ - if ( key != NULL ) { - if ( tty ) - printf( " dn: " ); - if ( fgets( kbuf, sizeof(kbuf), fp ) == NULL ) { - exit( EXIT_SUCCESS ); - } - kbuf[strlen( kbuf ) - 1] = '\0'; - key->dptr = strdup( kbuf ); - key->dsize = strlen( kbuf ) + 1; - } - - if ( data != NULL ) { - if ( tty ) - printf( " dnid: " ); - if ( fgets( dbuf, sizeof(dbuf), fp ) == NULL ) { - exit( EXIT_SUCCESS ); - } - n = atol( dbuf ); - data->dptr = (char *) malloc( sizeof(n) ); - memcpy( data->dptr, (char *) &n, sizeof(n) ); - data->dsize = sizeof(n); - } - break; - - case 'e': /* id2entry - key is dnid, data is entry */ - if ( key != NULL ) { - if ( tty ) - printf( " dnid: " ); - if ( fgets( kbuf, sizeof(kbuf), fp ) == NULL ) { - exit( EXIT_SUCCESS ); - } - n = atol( kbuf ); - key->dptr = (char *) malloc( sizeof(n) ); - memcpy( key->dptr, (char *) &n, sizeof(n) ); - key->dsize = sizeof(n); - } - - if ( data != NULL ) { - get_entry( fp, data ); - } - break; - - case 'i': /* index - key is string, data is dnid[] */ - if ( key != NULL ) { - if ( tty ) - printf( " key: " ); - if ( fgets( kbuf, sizeof(kbuf), fp ) == NULL ) { - exit( EXIT_SUCCESS ); - } - kbuf[strlen( kbuf ) - 1] = '\0'; - key->dptr = strdup( kbuf ); - key->dsize = strlen( kbuf ) + 1; - } - - if ( data != NULL ) { - get_idlist( fp, data ); - } - break; - - default: - fprintf(stderr, "specify [dei] to select file type\n"); - break; - } -} - diff --git a/servers/slapd/tools/ldbmtest.dsp b/servers/slapd/tools/ldbmtest.dsp deleted file mode 100644 index 3f83351506..0000000000 --- a/servers/slapd/tools/ldbmtest.dsp +++ /dev/null @@ -1,148 +0,0 @@ -# Microsoft Developer Studio Project File - Name="ldbmtest" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=ldbmtest - Win32 Single Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "ldbmtest.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "ldbmtest.mak" CFG="ldbmtest - Win32 Single Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "ldbmtest - Win32 Release" (based on\ - "Win32 (x86) Console Application") -!MESSAGE "ldbmtest - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE "ldbmtest - Win32 Single Debug" (based on\ - "Win32 (x86) Console Application") -!MESSAGE "ldbmtest - Win32 Single Release" (based on\ - "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "ldbmtest - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "..\..\..\Release" -# PROP Intermediate_Dir "..\..\..\Release\ldbmtest" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 libdb.lib libsasl.lib hs_regex.lib ws2_32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\..\..\Release" - -!ELSEIF "$(CFG)" == "ldbmtest - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "..\..\..\Debug" -# PROP Intermediate_Dir "..\..\..\Debug\ldbmtest" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 libdb.lib libsasl.lib hs_regex.lib ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\..\..\Debug" - -!ELSEIF "$(CFG)" == "ldbmtest - Win32 Single Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "ldbmtest" -# PROP BASE Intermediate_Dir "ldbmtest" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "..\..\..\SDebug" -# PROP Intermediate_Dir "..\..\..\SDebug\ldbmtest" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 libdb.lib libsasl.lib hs_regex.lib ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\..\..\SDebug" - -!ELSEIF "$(CFG)" == "ldbmtest - Win32 Single Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "ldbmtes0" -# PROP BASE Intermediate_Dir "ldbmtes0" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "..\..\..\SRelease" -# PROP Intermediate_Dir "..\..\..\SRelease\ldbmtest" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 libdbs.lib libsasl.lib hs_regex.lib ws2_32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\..\..\SRelease" - -!ENDIF - -# Begin Target - -# Name "ldbmtest - Win32 Release" -# Name "ldbmtest - Win32 Debug" -# Name "ldbmtest - Win32 Single Debug" -# Name "ldbmtest - Win32 Single Release" -# Begin Source File - -SOURCE=.\ldbmtest.c -# End Source File -# Begin Source File - -SOURCE=.\mimic.c -# End Source File -# End Target -# End Project diff --git a/servers/slapd/tools/ldif.c b/servers/slapd/tools/ldif.c deleted file mode 100644 index 67124e0134..0000000000 --- a/servers/slapd/tools/ldif.c +++ /dev/null @@ -1,103 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. - * COPYING RESTRICTIONS APPLY, see COPYRIGHT file - */ -#include "portable.h" - -#include - -#include - -#include -#include -#include - -#ifdef HAVE_IO_H -#include -#endif - -#include - -#include "ldif.h" - -static void -usage( char *name ) -{ - fprintf( stderr, "usage: %s [-b] \n", name ); - exit( EXIT_FAILURE ); -} - -int -main( int argc, char **argv ) -{ - char buf[BUFSIZ]; - char *type, *out; - int len, binary = 0; - - if (argc < 2 || argc > 3 ) { - usage( argv[0] ); - } - if ( argc == 3 ) { - if ( strcmp( argv[1], "-b" ) != 0 ) { - usage( argv[0] ); - } - binary = 1; - type = argv[2]; - } else { - if ( strcmp( argv[1], "-b" ) == 0 ) { - usage( argv[0] ); - } - type = argv[1]; - } - - /* if the -b flag was used, read single binary value from stdin */ - if ( binary ) { - char *val; - int nread, max, cur; - - if (( val = (char *) malloc( BUFSIZ )) == NULL ) { - perror( "malloc" ); - return EXIT_FAILURE; - } - max = BUFSIZ; - cur = 0; - while ( (nread = read( 0, buf, BUFSIZ )) != 0 ) { - if ( nread + cur > max ) { - max += BUFSIZ; - if (( val = (char *) realloc( val, max )) == - NULL ) { - perror( "realloc" ); - return EXIT_FAILURE; - } - } - memcpy( val + cur, buf, nread ); - cur += nread; - } - - if (( out = ldif_put( LDIF_PUT_BINARY, type, val, cur )) == NULL ) { - perror( "ldif_type_and_value" ); - return EXIT_FAILURE; - } - - fputs( out, stdout ); - ber_memfree( out ); - free( val ); - return EXIT_SUCCESS; - } - - /* not binary: one value per line... */ - while ( fgets( buf, sizeof(buf), stdin ) != NULL ) { - if( buf[len=strlen(buf)] == '\n') buf[len] = '\0'; - - if (( out = ldif_put( LDIF_PUT_VALUE, type, buf, strlen( buf ) )) - == NULL ) { - perror( "ldif_type_and_value" ); - return EXIT_FAILURE; - } - fputs( out, stdout ); - ber_memfree( out ); - } - - return EXIT_SUCCESS; -} diff --git a/servers/slapd/tools/ldif.dsp b/servers/slapd/tools/ldif.dsp deleted file mode 100644 index 7b32bb1d41..0000000000 --- a/servers/slapd/tools/ldif.dsp +++ /dev/null @@ -1,145 +0,0 @@ -# Microsoft Developer Studio Project File - Name="ldif" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=ldif - Win32 Single Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "ldif.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "ldif.mak" CFG="ldif - Win32 Single Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "ldif - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "ldif - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE "ldif - Win32 Single Debug" (based on\ - "Win32 (x86) Console Application") -!MESSAGE "ldif - Win32 Single Release" (based on\ - "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "ldif - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "..\..\..\Release" -# PROP Intermediate_Dir "..\..\..\Release\ldif" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 libdb.lib hs_regex.lib libsasl.lib ws2_32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\..\..\Release" - -!ELSEIF "$(CFG)" == "ldif - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "ldif___W" -# PROP BASE Intermediate_Dir "ldif___W" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "..\..\..\Debug" -# PROP Intermediate_Dir "..\..\..\Debug\ldif" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 libdb.lib hs_regex.lib libsasl.lib ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\..\..\Debug" - -!ELSEIF "$(CFG)" == "ldif - Win32 Single Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "ldif___W" -# PROP BASE Intermediate_Dir "ldif___W" -# PROP BASE Ignore_Export_Lib 0 -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "..\..\..\SDebug" -# PROP Intermediate_Dir "..\..\..\SDebug\ldif" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /W3 /Gm /GX /Zi /Od /I "..\..\..\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 oldif32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\..\..\libraries\Debug" -# ADD LINK32 libdbs.lib hs_regex.lib libsasl.lib ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\..\..\SDebug" - -!ELSEIF "$(CFG)" == "ldif - Win32 Single Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "ldif___0" -# PROP BASE Intermediate_Dir "ldif___0" -# PROP BASE Ignore_Export_Lib 0 -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "..\..\..\SRelease" -# PROP Intermediate_Dir "..\..\..\SRelease\ldif" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /W3 /GX /O2 /I "..\..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 oldif32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\..\..\libraries\Release" -# ADD LINK32 libdbs.lib hs_regex.lib libsasl.lib ws2_32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\..\..\SRelease" - -!ENDIF - -# Begin Target - -# Name "ldif - Win32 Release" -# Name "ldif - Win32 Debug" -# Name "ldif - Win32 Single Debug" -# Name "ldif - Win32 Single Release" -# Begin Source File - -SOURCE=.\ldif.c -# End Source File -# End Target -# End Project diff --git a/servers/slapd/tools/sizecount.c b/servers/slapd/tools/sizecount.c deleted file mode 100644 index 8eca6bf1a6..0000000000 --- a/servers/slapd/tools/sizecount.c +++ /dev/null @@ -1,190 +0,0 @@ -/* $OpenLDAP$ */ -#include "portable.h" - -#include - -#include -#include -#include - -#include -#include - -#define CACHE_SIZE 1000000 -#define MODE 0600 -#define DB_FLAGS (LDBM_WRCREAT|LDBM_NEWDB) -#define SUBLEN 3 - -extern char *first_word(char *); -extern char *next_word(char *); -extern char *word_dup(char *); -extern char *phonetic(char *); - -extern int ldap_debug; - -int slap_debug; -int ldap_syslog; -int ldap_syslog_level; - -static void add(LDBM ldbm, char *s, int *count, int *size, int freeit); - -int -main( int argc, char **argv ) -{ - LDAP *ld; - LDAPMessage *res, *e; - int i, j, k, count, len, nentries; - int vcount, wcount, pcount, scount; - int vsize, wsize, psize, ssize; - struct berval **bvals; - char **vals; - char *dn, *p, *val; - char buf[SUBLEN+1]; - LDBM wldbm, pldbm, sldbm; - static char *attrs[] = { "cn", "nentries", NULL }; - -/* - ldap_debug = 255; -*/ - if ( (ld = ldap_init( "vertigo:5555", 0 )) == NULL ) { - perror( "ldap_init" ); - exit( EXIT_FAILURE ); - } - - if ( ldap_search( ld, "cn=index", LDAP_SCOPE_ONELEVEL, "(objectclass=*)", - attrs, 0 ) == -1 ) { - ldap_perror( ld, "ldap_search" ); - exit( EXIT_FAILURE ); - } - - printf( "attr\tdn\tnentries\tvcount\tvsize\twcount\twsize\tpcount\tpsize\tscount\tssize\n" ); - fflush( stdout ); - count = 0; - while ( ldap_result( ld, LDAP_RES_ANY, 0, NULL, &res ) - == LDAP_RES_SEARCH_ENTRY ) { - count++; - e = ldap_first_entry( ld, res ); - dn = ldap_get_dn( ld, e ); - if ( (vals = ldap_get_values( ld, e, "nentries" )) != NULL ) { - nentries = atoi( vals[0] ); - ldap_value_free( vals ); - } else { - fprintf( stderr, "no nentries attribute for (%s)\n", dn ); - nentries = -1; - } - - for ( i = 0; attrs[i] != NULL; i++ ) { - if ( strcasecmp( attrs[i], "nentries" ) == 0 ) { - continue; - } - if ( (wldbm = ldbm_open( "wcount.ldbm", DB_FLAGS, MODE, - CACHE_SIZE )) == NULL || (pldbm = ldbm_open( "pcount.ldbm", - DB_FLAGS, MODE, CACHE_SIZE )) == NULL || (sldbm = ldbm_open( - "scount.ldbm", DB_FLAGS, MODE, CACHE_SIZE )) == NULL ) { - perror( "ldbm_open" ); - exit( EXIT_FAILURE ); - } - vcount = 0; vsize = 0; - wcount = 0; wsize = 0; - pcount = 0; psize = 0; - scount = 0; ssize = 0; - if ( (bvals = ldap_get_values_len( ld, e, attrs[i] )) != NULL ) { - for ( j = 0; bvals[j] != NULL; j++ ) { - char *w; - - /* update value count */ - vcount++; - vsize += bvals[j]->bv_len; - - /* update word and phoneme counts */ - for ( w = first_word( bvals[j]->bv_val ); w != NULL; - w = next_word( w ) ) { - add( wldbm, word_dup( w ), &wcount, &wsize, 1 ); - - add( pldbm, phonetic( w ), &pcount, &psize, 1 ); - } - - /* update substring count */ - len = bvals[j]->bv_len; - val = bvals[j]->bv_val; - if ( len > SUBLEN - 2 ) { - buf[0] = '^'; - for ( k = 0; k < SUBLEN - 1; k++ ) { - buf[k + 1] = val[k]; - } - buf[SUBLEN] = '\0'; - add( sldbm, buf, &scount, &ssize, 0 ); - - p = val + len - SUBLEN + 1; - for ( k = 0; k < SUBLEN; k++ ) { - buf[k] = p[k]; - } - buf[SUBLEN - 1] = '$'; - buf[SUBLEN] = '\0'; - add( sldbm, buf, &scount, &ssize, 0 ); - } - for ( p = val; p < (val + len - SUBLEN + 1); p++ ) { - for ( k = 0; k < SUBLEN; k++ ) { - buf[k] = p[k]; - } - buf[SUBLEN] = '\0'; - add( sldbm, buf, &scount, &ssize, 0 ); - } - } - ldap_value_free_len( bvals ); - } - printf( "%s\t%s\t%d", attrs[i], dn, nentries ); - printf( "\t%d\t%d", vcount, vsize ); - printf( "\t%d\t%d", wcount, wsize ); - printf( "\t%d\t%d", pcount, psize ); - printf( "\t%d\t%d\n", scount, ssize ); - fflush( stdout ); - - ldbm_close( wldbm ); - ldbm_close( pldbm ); - ldbm_close( sldbm ); - } - - free( dn ); - ldap_msgfree( res ); - } - printf( "%d entries\n", count ); - fflush( stdout ); - - if ( ldap_result2error( ld, res, 1 ) != LDAP_SUCCESS ) { - ldap_perror( ld, "ldap_result" ); - } - ldap_unbind( ld ); - - (void) unlink( "wcount.ldbm" ); - (void) unlink( "pcount.ldbm" ); - (void) unlink( "scount.ldbm" ); - - exit( EXIT_SUCCESS ); -} - -static void -add( - LDBM ldbm, - char *s, - int *count, - int *size, - int freeit -) -{ - Datum key, data; - - ldbm_datum_init( key ); - ldbm_datum_init( data ); - - key.dptr = s; - key.dsize = strlen( key.dptr ) + 1; - data.dptr = ""; - data.dsize = 0; - if ( ldbm_store( ldbm, key, data, LDBM_INSERT ) == 0 ) { - (*count)++; - (*size) += strlen( key.dptr ); - } - if ( freeit && ( key.dptr != NULL ) ) - ldbm_datum_free( ldbm, key ); -} diff --git a/servers/slapd/value.c b/servers/slapd/value.c index 74434b6126..2440a6a6e1 100644 --- a/servers/slapd/value.c +++ b/servers/slapd/value.c @@ -125,12 +125,12 @@ value_match( int *match, AttributeDescription *ad, MatchingRule *mr, + unsigned flags, struct berval *v1, /* stored value */ void *v2, /* assertion */ const char ** text ) { int rc; - int usage = 0; struct berval *nv1 = NULL; if( !mr->smr_match ) { @@ -146,7 +146,7 @@ value_match( } } - rc = (mr->smr_match)( match, usage, + rc = (mr->smr_match)( match, flags, ad->ad_type->sat_syntax, mr, nv1 != NULL ? nv1 : v1, @@ -184,11 +184,10 @@ int value_find( int match; const char *text; - rc = value_match( &match, ad, mr, vals[i], - nval == NULL ? val : nval, &text ); + rc = value_match( &match, ad, mr, 0, + vals[i], nval == NULL ? val : nval, &text ); - if( rc == LDAP_SUCCESS && match == 0 ) - { + if( rc == LDAP_SUCCESS && match == 0 ) { return LDAP_SUCCESS; } } diff --git a/servers/slurpd/args.c b/servers/slurpd/args.c index ff28e0bb4f..f9cd9db8a3 100644 --- a/servers/slurpd/args.c +++ b/servers/slurpd/args.c @@ -24,7 +24,6 @@ #include #include -#include #include #include "slurp.h" @@ -64,7 +63,7 @@ doargs( g->myname = strdup( g->myname + 1 ); } - while ( (i = getopt( argc, argv, "hd:f:r:t:k:o" )) != EOF ) { + while ( (i = getopt( argc, argv, "hd:f:r:t:o" )) != EOF ) { switch ( i ) { case 'd': /* set debug level and 'do not detach' flag */ g->no_detach = 1; @@ -114,13 +113,6 @@ doargs( g->slurpd_rdir = (char *)malloc (strlen(optarg) + strlen("/replica") + 1); sprintf(g->slurpd_rdir, "%s/replica", optarg); break; - case 'k': /* name of kerberos srvtab file */ -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - g->default_srvtab = strdup( optarg ); -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ - fprintf( stderr, "must compile with KERBEROS to use -k option\n" ); -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ - break; case 'h': usage( g->myname ); return( -1 ); diff --git a/servers/slurpd/config.c b/servers/slurpd/config.c index 1df6123240..d91a70aa23 100644 --- a/servers/slurpd/config.c +++ b/servers/slurpd/config.c @@ -25,7 +25,6 @@ #include #include -#include #include #include "slurp.h" @@ -299,7 +298,7 @@ add_replica( * Parse a "replica" line from the config file. replica lines should be * in the following format: * replica host= binddn= - * bindmethod="simple|kerberos" credentials= + * bindmethod="simple" credentials= * * where: * describes the host name and port number where the @@ -307,12 +306,10 @@ add_replica( * * is the DN to bind to the replica slapd as, * - * bindmethod is either "simple" or "kerberos", and + * bindmethod is "simple", and * * are the credentials (e.g. password) for binddn. are - * only used for bindmethod=simple. For bindmethod=kerberos, the - * credentials= option should be omitted. Credentials for kerberos - * authentication are in the system srvtab file. + * only used for bindmethod=simple. * * The "replica" config file line may be split across multiple lines. If * a line begins with whitespace, it is considered a continuation of the @@ -355,21 +352,10 @@ parse_replica_line( strlen( BINDMETHSTR ))) { val = cargv[ i ] + strlen( BINDMETHSTR ) + 1; if ( !strcasecmp( val, KERBEROSSTR )) { -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - ri->ri_bind_method = AUTH_KERBEROS; - if ( ri->ri_srvtab == NULL ) { - ri->ri_srvtab = strdup( sglob->default_srvtab ); - } - gots |= GOT_METHOD; -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ fprintf( stderr, "Error: a bind method of \"kerberos\" was\n" ); - fprintf( stderr, "specified in the slapd configuration file,\n" ); - fprintf( stderr, "but slurpd was not built with kerberos.\n" ); - fprintf( stderr, "You must rebuild the LDAP release with\n" ); - fprintf( stderr, "kerberos support if you wish to use\n" ); - fprintf( stderr, "bindmethod=kerberos\n" ); + fprintf( stderr, "specified in the slapd configuration file.\n" ); + fprintf( stderr, "slurpd no longer supports Kerberos.\n" ); exit( EXIT_FAILURE ); -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ } else if ( !strcasecmp( val, SIMPLESTR )) { ri->ri_bind_method = AUTH_SIMPLE; gots |= GOT_METHOD; diff --git a/servers/slurpd/ldap_op.c b/servers/slurpd/ldap_op.c index dae3e8698a..1673a12e78 100644 --- a/servers/slurpd/ldap_op.c +++ b/servers/slurpd/ldap_op.c @@ -27,14 +27,6 @@ #include #include -#include - -#if defined( STR_TRANSLATION ) && defined( LDAP_DEFAULT_CHARSET ) -/* Get LDAP->ld_lberoptions. Must precede slurp.h, both define ldap_debug. */ -#include "../../libraries/libldap/ldap-int.h" -#endif - -#include #include #include "slurp.h" @@ -50,19 +42,10 @@ static void free_ldapmod LDAP_P(( LDAPMod * )); static void free_ldmarr LDAP_P(( LDAPMod ** )); static int getmodtype LDAP_P(( char * )); static void dump_ldm_array LDAP_P(( LDAPMod ** )); -static char **read_krbnames LDAP_P(( Ri * )); -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND -static void upcase LDAP_P(( char * )); -#endif static int do_bind LDAP_P(( Ri *, int * )); static int do_unbind LDAP_P(( Ri * )); -static char *kattrs[] = {"kerberosName", NULL }; -static struct timeval kst = {30L, 0L}; - - - /* * Determine the type of ldap operation being performed and call the * appropriate routine. @@ -91,7 +74,6 @@ do_ldap( rc = do_bind( ri, &lderr ); if ( rc != BIND_OK ) { - (void) do_unbind( ri ); return DO_LDAP_ERR_RETRYABLE; } } @@ -432,7 +414,7 @@ op_ldap_modrdn( Debug( LDAP_DEBUG_ANY, "Error: op_ldap_modrdn: multiple newsuperior arg \"%s\"\n", mi[ i ].mi_val, 0, 0 ); - *errmsg = "Multiple newrdn argument"; + *errmsg = "Multiple newsuperior argument"; return -1; } @@ -627,16 +609,6 @@ do_bind( ) { int ldrc; -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - int rc; - int retval = 0; - int kni, got_tgt; - char **krbnames; - char *skrbnames[ 2 ]; - char realm[ REALM_SZ ]; - char name[ ANAME_SZ ]; - char instance[ INST_SZ ]; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ *lderr = 0; @@ -657,113 +629,50 @@ do_bind( Debug( LDAP_DEBUG_ARGS, "Initializing session to %s:%d\n", ri->ri_hostname, ri->ri_port, 0 ); + ri->ri_ldp = ldap_init( ri->ri_hostname, ri->ri_port ); if ( ri->ri_ldp == NULL ) { - Debug( LDAP_DEBUG_ANY, "Error: ldap_init(%s, %d) failed: %s\n", - ri->ri_hostname, ri->ri_port, sys_errlist[ errno ] ); - return( BIND_ERR_OPEN ); + Debug( LDAP_DEBUG_ANY, "Error: ldap_init(%s, %d) failed: %s\n", + ri->ri_hostname, ri->ri_port, sys_errlist[ errno ] ); + return( BIND_ERR_OPEN ); } - /* - * Disable string translation if enabled by default. - * The replication log is written in the internal format, - * so this would do another translation, breaking havoc. - */ -#if defined( STR_TRANSLATION ) && defined( LDAP_DEFAULT_CHARSET ) - ri->ri_ldp->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS; -#endif /* STR_TRANSLATION && LDAP_DEFAULT_CHARSET */ + { /* set version 3 */ + int err, version = 3; + err = ldap_set_option(ri->ri_ldp, + LDAP_OPT_PROTOCOL_VERSION, &version); + + if( err != LDAP_OPT_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "Error: ldap_set_option(%s, LDAP_OPT_VERSION, 3) failed!\n", + ri->ri_hostname, NULL, NULL ); + + ldap_unbind( ri->ri_ldp ); + ri->ri_ldp = NULL; + return BIND_ERR_VERSION; + } + } /* * Set ldap library options to (1) not follow referrals, and * (2) restart the select() system call. */ - ldap_set_option(ri->ri_ldp, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); + { + int err; + err = ldap_set_option(ri->ri_ldp, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); + + if( err != LDAP_OPT_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "Error: ldap_set_option(%s,REFERRALS, OFF) failed!\n", + ri->ri_hostname, NULL, NULL ); + ldap_unbind( ri->ri_ldp ); + ri->ri_ldp = NULL; + return BIND_ERR_REFERRALS; + } + } ldap_set_option(ri->ri_ldp, LDAP_OPT_RESTART, LDAP_OPT_ON); switch ( ri->ri_bind_method ) { - case AUTH_KERBEROS: -#ifndef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - Debug( LDAP_DEBUG_ANY, - "Error: Kerberos bind for %s:%d, but not compiled w/kerberos\n", - ri->ri_hostname, ri->ri_port, 0 ); - return( BIND_ERR_KERBEROS_FAILED ); -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ - /* - * Bind using kerberos. - * If "bindprincipal" was given in the config file, then attempt - * to get a TGT for that principal (via the srvtab file). If only - * a binddn was given, then we need to read that entry to get - * the kerberosName attributes, and try to get a TGT for one - * of them. All are tried. The first one which succeeds is - * returned. XXX It might be a good idea to just require a - * bindprincipal. Reading the entry every time might be a significant - * amount of overhead, if the connection is closed between most - * updates. - */ - - if ( ri->ri_principal != NULL ) { - skrbnames[ 0 ] = ri->ri_principal; - skrbnames[ 1 ] = NULL; - krbnames = skrbnames; - } else { - krbnames = read_krbnames( ri ); - } - - if (( krbnames == NULL ) || ( krbnames[ 0 ] == NULL )) { - Debug( LDAP_DEBUG_ANY, - "Error: Can't find krbname for binddn \"%s\"\n", - ri->ri_bind_dn, 0, 0 ); - retval = BIND_ERR_KERBEROS_FAILED; - goto kexit; - } - /* - * Now we've got one or more kerberos principals. See if any - * of them are in the srvtab file. - */ - got_tgt = 0; - for ( kni = 0; krbnames[ kni ] != NULL; kni++ ) { - rc = kname_parse( name, instance, realm, krbnames[ kni ]); - if ( rc != KSUCCESS ) { - continue; - } - upcase( realm ); - rc = krb_get_svc_in_tkt( name, instance, realm, "krbtgt", realm, - 1, ri->ri_srvtab ); - if ( rc != KSUCCESS) { - Debug( LDAP_DEBUG_ANY, "Error: Can't get TGT for %s: %s\n", - krbnames[ kni ], krb_err_txt[ rc ], 0 ); - } else { - got_tgt = 1; - break; - } - } - if (!got_tgt) { - Debug( LDAP_DEBUG_ANY, - "Error: Could not obtain TGT for DN \"%s\"\n", - ri->ri_bind_dn, 0, 0 ); - retval = BIND_ERR_KERBEROS_FAILED; - goto kexit; - } - /* - * We've got a TGT. Do a kerberos bind. - */ - Debug( LDAP_DEBUG_ARGS, "bind to %s:%d as %s (kerberos)\n", - ri->ri_hostname, ri->ri_port, ri->ri_bind_dn ); - ldrc = ldap_kerberos_bind_s( ri->ri_ldp, ri->ri_bind_dn ); - ri->ri_principal = strdup( krbnames[ kni ] ); - if ( ldrc != LDAP_SUCCESS ) { - Debug( LDAP_DEBUG_ANY, "Error: kerberos bind for %s:%dfailed: %s\n", - ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc )); - *lderr = ldrc; - retval = BIND_ERR_KERBEROS_FAILED; - goto kexit; - } -kexit: if ( krbnames != NULL ) { - ldap_value_free( krbnames ); - } - return( retval); - break; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ case AUTH_SIMPLE: /* * Bind with a plaintext password. @@ -777,17 +686,45 @@ kexit: if ( krbnames != NULL ) { "Error: ldap_simple_bind_s for %s:%d failed: %s\n", ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc )); *lderr = ldrc; + ldap_unbind( ri->ri_ldp ); + ri->ri_ldp = NULL; return( BIND_ERR_SIMPLE_FAILED ); - } else { - return( BIND_OK ); } break; default: Debug( LDAP_DEBUG_ANY, "Error: do_bind: unknown auth type \"%d\" for %s:%d\n", ri->ri_bind_method, ri->ri_hostname, ri->ri_port ); + ldap_unbind( ri->ri_ldp ); + ri->ri_ldp = NULL; return( BIND_ERR_BAD_ATYPE ); } + + { + int err; + LDAPControl c; + LDAPControl *ctrls[2]; + ctrls[0] = &c; + ctrls[1] = NULL; + + c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT; + c.ldctl_value.bv_val = NULL; + c.ldctl_value.bv_len = 0; + c.ldctl_iscritical = 1; + + err = ldap_set_option(ri->ri_ldp, LDAP_OPT_SERVER_CONTROLS, &ctrls); + + if( err != LDAP_OPT_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, + "Error: ldap_set_option(%s, SERVER_CONTROLS, ManageDSAit) failed!\n", + ri->ri_hostname, NULL, NULL ); + ldap_unbind( ri->ri_ldp ); + ri->ri_ldp = NULL; + return BIND_ERR_MANAGEDSAIT; + } + } + + return( BIND_OK ); } @@ -830,81 +767,3 @@ dump_ldm_array( } } } - - -/* - * Get the kerberos names from the binddn for "replica" via an ldap search. - * Returns a null-terminated array of char *, or NULL if the entry could - * not be found or there were no kerberosName attributes. The caller is - * responsible for freeing the returned array and strings it points to. - */ -static char ** -read_krbnames( - Ri *ri -) -{ - int rc; - char **krbnames; - int ne; - LDAPMessage *result, *entry; - - /* First need to bind as NULL */ - rc = ldap_simple_bind_s( ri->ri_ldp, NULL, NULL ); - if ( rc != LDAP_SUCCESS ) { - Debug( LDAP_DEBUG_ANY, - "Error: null bind failed getting krbnames for %s:%d: %s\n", - ri->ri_hostname, ri->ri_port, ldap_err2string( rc )); - return( NULL ); - } - rc = ldap_search_st( ri->ri_ldp, ri->ri_bind_dn, LDAP_SCOPE_BASE, - NULL, kattrs, 0, &kst, &result ); - if ( rc != LDAP_SUCCESS ) { - Debug( LDAP_DEBUG_ANY, - "Error: search failed getting krbnames for %s:%d: %s\n", - ri->ri_hostname, ri->ri_port, ldap_err2string( rc )); - return( NULL ); - } - ne = ldap_count_entries( ri->ri_ldp, result ); - if ( ne == 0 ) { - Debug( LDAP_DEBUG_ANY, - "Error: Can't find entry \"%s\" for %s:%d kerberos bind\n", - ri->ri_bind_dn, ri->ri_hostname, ri->ri_port ); - return( NULL ); - } - if ( ne > 1 ) { - Debug( LDAP_DEBUG_ANY, - "Error: Kerberos binddn \"%s\" for %s:%dis ambiguous\n", - ri->ri_bind_dn, ri->ri_hostname, ri->ri_port ); - return( NULL ); - } - entry = ldap_first_entry( ri->ri_ldp, result ); - if ( entry == NULL ) { - Debug( LDAP_DEBUG_ANY, - "Error: Can't find \"%s\" for kerberos binddn for %s:%d\n", - ri->ri_bind_dn, ri->ri_hostname, ri->ri_port ); - return( NULL ); - } - krbnames = ldap_get_values( ri->ri_ldp, entry, "kerberosName" ); - ldap_msgfree( result ); - return( krbnames ); -} - - -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - -/* - * upcase a string - */ -static void -upcase( - char *s -) -{ - char *p; - - for ( p = s; ( p != NULL ) && ( *p != '\0' ); p++ ) { - *p = TOUPPER( (unsigned char) *p ); - } -} - -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ diff --git a/servers/slurpd/slurp.h b/servers/slurpd/slurp.h index 26368bd487..4983641a60 100644 --- a/servers/slurpd/slurp.h +++ b/servers/slurpd/slurp.h @@ -127,6 +127,9 @@ #define BIND_ERR_SIMPLE_FAILED 4 #define BIND_ERR_KERBEROS_FAILED 5 #define BIND_ERR_BADRI 6 +#define BIND_ERR_VERSION 7 +#define BIND_ERR_REFERRALS 8 +#define BIND_ERR_MANAGEDSAIT 9 /* Return codes for do_ldap() */ #define DO_LDAP_OK 0 diff --git a/tests/Makefile.in b/tests/Makefile.in index d75fad857c..5d250a2d5a 100644 --- a/tests/Makefile.in +++ b/tests/Makefile.in @@ -38,7 +38,7 @@ test-nis-schema-ldbm: $(srcdir)/scripts/startup_nis_ldap_server.sh $(srcdir) ldbm clean-local: FORCE - -$(RM) test-db/[!C]* test-repl/[!C]* *leak *gmon *core + -$(RM) -r test-db/[!C]* test-repl/[!C]* *leak *gmon *core veryclean-local: FORCE @-$(RM) data schema diff --git a/tests/data/acl.out.master b/tests/data/acl.out.master index 967a64073c..f94cd7c4fc 100644 --- a/tests/data/acl.out.master +++ b/tests/data/acl.out.master @@ -18,6 +18,7 @@ pager: +1 313 555 3923 mail: jaj@mail.alumni.umich.edu facsimiletelephonenumber: +1 313 555 4332 telephonenumber: +1 313 555 0895 + dn: cn=All Staff,ou=Groups,o=University of Michigan,c=US member: cn=Manager, o=University of Michigan, c=US member: cn=Barbara Jensen, ou=Information Technology Division, ou=People, o=Un @@ -210,3 +211,4 @@ postaladdress: University of Michigan $ 535 W. William St. $ Ann Arbor, MI 481 09 $ US telephonenumber: +1 313 764-1817 associateddomain: umich.edu + diff --git a/tests/data/modify.out.master b/tests/data/modify.out.master index 429d901fa6..e3901bee28 100644 --- a/tests/data/modify.out.master +++ b/tests/data/modify.out.master @@ -292,3 +292,4 @@ homephone: +1 313 555 8421 pager: +1 313 555 2844 facsimiletelephonenumber: +1 313 555 9700 telephonenumber: +1 313 555 5331 + diff --git a/tests/data/modrdn.out.master b/tests/data/modrdn.out.master index 3e794d32c4..8d62e2a3ed 100644 --- a/tests/data/modrdn.out.master +++ b/tests/data/modrdn.out.master @@ -312,3 +312,4 @@ homephone: +1 313 555 8421 pager: +1 313 555 2844 facsimiletelephonenumber: +1 313 555 9700 telephonenumber: +1 313 555 5331 + diff --git a/tests/data/modrdn.out.master.0 b/tests/data/modrdn.out.master.0 index 3e794d32c4..8d62e2a3ed 100644 --- a/tests/data/modrdn.out.master.0 +++ b/tests/data/modrdn.out.master.0 @@ -312,3 +312,4 @@ homephone: +1 313 555 8421 pager: +1 313 555 2844 facsimiletelephonenumber: +1 313 555 9700 telephonenumber: +1 313 555 5331 + diff --git a/tests/data/modrdn.out.master.1 b/tests/data/modrdn.out.master.1 index dfd8633d28..0483a50cc4 100644 --- a/tests/data/modrdn.out.master.1 +++ b/tests/data/modrdn.out.master.1 @@ -20,3 +20,4 @@ pager: +1 313 555 3923 mail: jaj@mail.alumni.umich.edu facsimiletelephonenumber: +1 313 555 4332 telephonenumber: +1 313 555 0895 + diff --git a/tests/data/modrdn.out.master.2 b/tests/data/modrdn.out.master.2 index 65279ea171..b83d0fc0f1 100644 --- a/tests/data/modrdn.out.master.2 +++ b/tests/data/modrdn.out.master.2 @@ -18,3 +18,4 @@ postaladdress: Info Tech Division $ 535 W William $ Ann Arbor, MI 48103 pager: +1 313 555 2833 facsimiletelephonenumber: +1 313 555 8688 telephonenumber: +1 313 555 7334 + diff --git a/tests/data/modrdn.out.master.3 b/tests/data/modrdn.out.master.3 index 0345196c24..ebe0fba843 100644 --- a/tests/data/modrdn.out.master.3 +++ b/tests/data/modrdn.out.master.3 @@ -19,3 +19,4 @@ pager: +1 313 555 3923 mail: jaj@mail.alumni.umich.edu facsimiletelephonenumber: +1 313 555 4332 telephonenumber: +1 313 555 0895 + diff --git a/tests/data/search.out.master b/tests/data/search.out.master index ebadd3d27c..29e465a4bc 100644 --- a/tests/data/search.out.master +++ b/tests/data/search.out.master @@ -42,6 +42,7 @@ homephone: +1 313 555 5444 pager: +1 313 555 4474 facsimiletelephonenumber: +1 313 555 2177 telephonenumber: +1 313 555 0355 + dn: cn=All Staff,ou=Groups,o=University of Michigan,c=US member: cn=Manager, o=University of Michigan, c=US member: cn=Barbara Jensen, ou=Information Technology Division, ou=People, o=Un @@ -122,6 +123,7 @@ pager: +1 313 555 3923 mail: jaj@mail.alumni.umich.edu facsimiletelephonenumber: +1 313 555 4332 telephonenumber: +1 313 555 0895 + dn: cn=All Staff,ou=Groups,o=University of Michigan,c=US member: cn=Manager, o=University of Michigan, c=US member: cn=Barbara Jensen, ou=Information Technology Division, ou=People, o=Un @@ -167,6 +169,7 @@ owner: cn=Manager, o=University of Michigan, c=US description: All Alumni Assoc Staff cn: Alumni Assoc Staff objectclass: groupofnames + dn: cn=All Staff,ou=Groups,o=University of Michigan,c=US member: cn=Manager, o=University of Michigan, c=US member: cn=Barbara Jensen, ou=Information Technology Division, ou=People, o=Un @@ -263,3 +266,4 @@ postaladdress: University of Michigan $ 535 W. William St. $ Ann Arbor, MI 481 09 $ US telephonenumber: +1 313 764-1817 associateddomain: umich.edu + diff --git a/tests/data/slapd-master.conf b/tests/data/slapd-master.conf index a192c426f0..8d862673b7 100644 --- a/tests/data/slapd-master.conf +++ b/tests/data/slapd-master.conf @@ -7,6 +7,7 @@ include ./schema/core.schema include ./schema/cosine.schema include ./schema/inetorgperson.schema +#include ./schema/nis.schema schemacheck on pidfile ./test-db/slapd.pid argsfile ./test-db/slapd.args diff --git a/tests/data/slapd-repl-slave.conf b/tests/data/slapd-repl-slave.conf index bc35f46d78..d821427d2e 100644 --- a/tests/data/slapd-repl-slave.conf +++ b/tests/data/slapd-repl-slave.conf @@ -12,7 +12,7 @@ schemacheck off pidfile ./test-repl/slapd.pid argsfile ./test-repl/slapd.args -referral "ldap://localhost:9009/" +#referral "ldap://localhost:9009/" ####################################################################### # ldbm database definitions diff --git a/tests/data/test.ldif b/tests/data/test.ldif index 919bdd6726..188512a332 100644 --- a/tests/data/test.ldif +++ b/tests/data/test.ldif @@ -311,3 +311,4 @@ homephone: +1 313 555 8421 pager: +1 313 555 2844 facsimiletelephonenumber: +1 313 555 9700 telephonenumber: +1 313 555 5331 + diff --git a/tests/scripts/acfilter.sh b/tests/scripts/acfilter.sh index 7e3659e568..975460cd61 100755 --- a/tests/scripts/acfilter.sh +++ b/tests/scripts/acfilter.sh @@ -1,6 +1,6 @@ #! /bin/sh # $OpenLDAP$ # -# Strip operational attributes +# Strip comments # -egrep -iv '^modifiersname:|^modifytimestamp:|^creatorsname:|^createtimestamp' +egrep -iv '^#' diff --git a/tests/scripts/test007-replication b/tests/scripts/test007-replication index 32114d8abb..07b60921ab 100755 --- a/tests/scripts/test007-replication +++ b/tests/scripts/test007-replication @@ -65,7 +65,7 @@ for i in 0 1 2 3 4 5; do done echo "Starting slurpd..." -$SLURPD -f $MASTERCONF -d ${SLURPD_DEBUG-4} -t $REPLDIR > $SLURPLOG 2>&1 & +$SLURPD -f $MASTERCONF -d ${SLURPD_DEBUG-5} -t $REPLDIR > $SLURPLOG 2>&1 & SLURPPID=$! echo "Using ldapadd to populate the master directory..." @@ -81,13 +81,13 @@ fi echo "Waiting 15 seconds for slurpd to send changes..." sleep 15 -echo "Using ldapmodify to modify slave directory..." +echo "Using ldapmodify to modify master directory..." # # Do some modifications # -$LDAPMODIFY -v -D "$MANAGERDN" -h localhost -p $SLAVEPORT -w $PASSWD > \ +$LDAPMODIFY -v -D "$MANAGERDN" -h localhost -p $PORT -w $PASSWD > \ $TESTOUT 2>&1 << EOMODS dn: cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US changetype: modify diff --git a/tests/scripts/test009-referral b/tests/scripts/test009-referral index 5273b5f205..9cc30645e2 100755 --- a/tests/scripts/test009-referral +++ b/tests/scripts/test009-referral @@ -69,7 +69,7 @@ done cat /dev/null > $SEARCHOUT echo "Testing exact searching..." -$LDAPSEARCH -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ +$LDAPSEARCH -C -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ 'sn=jensen' >> $SEARCHOUT 2>&1 if test $RC != 0 ; then echo "ldapsearch failed!" @@ -78,7 +78,7 @@ if test $RC != 0 ; then fi echo "Testing OR searching..." -$LDAPSEARCH -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ +$LDAPSEARCH -C -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ '(|(objectclass=groupofnames)(sn=jones))' >> $SEARCHOUT 2>&1 if test $RC != 0 ; then echo "ldapsearch failed!" @@ -87,7 +87,7 @@ if test $RC != 0 ; then fi echo "Testing AND matching and ends-with searching..." -$LDAPSEARCH -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ +$LDAPSEARCH -C -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ '(&(objectclass=groupofnames)(cn=A*))' >> $SEARCHOUT 2>&1 if test $RC != 0 ; then echo "ldapsearch failed!" @@ -96,7 +96,7 @@ if test $RC != 0 ; then fi echo "Testing NOT searching..." -$LDAPSEARCH -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ +$LDAPSEARCH -C -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \ '(!(objectclass=person))' >> $SEARCHOUT 2>&1 if test $RC != 0 ; then echo "ldapsearch failed!"