From: Kurt Zeilenga Date: Sat, 31 May 2003 20:19:02 +0000 (+0000) Subject: Hide experimental controls and extended operations X-Git-Tag: OPENLDAP_REL_ENG_2_1_MP~955 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=16af7fdd4cfd9a29e5685ffa054bb541e4e3d869;p=openldap Hide experimental controls and extended operations --- diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c index c82b410c1f..ec574b626c 100644 --- a/servers/slapd/back-ldap/config.c +++ b/servers/slapd/back-ldap/config.c @@ -132,7 +132,8 @@ ldap_back_db_config( fname, lineno ); return( 1 ); } - load_extop( (struct berval *)&slap_EXOP_WHOAMI, ldap_back_exop_whoami ); + load_extop( (struct berval *)&slap_EXOP_WHOAMI, + 0, ldap_back_exop_whoami ); /* dn massaging */ } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) { diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c index 20c4545c01..c5eacd2029 100644 --- a/servers/slapd/controls.c +++ b/servers/slapd/controls.c @@ -106,12 +106,12 @@ static struct slap_control control_defs[] = { parseNoOp, LDAP_SLIST_ENTRY_INITIALIZER(next) }, #ifdef LDAP_CLIENT_UPDATE { LDAP_CONTROL_CLIENT_UPDATE, - SLAP_CTRL_SEARCH, NULL, + SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL, parseClientUpdate, LDAP_SLIST_ENTRY_INITIALIZER(next) }, #endif #ifdef LDAP_SYNC { LDAP_CONTROL_SYNC, - SLAP_CTRL_SEARCH, NULL, + SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL, parseLdupSync, LDAP_SLIST_ENTRY_INITIALIZER(next) }, #endif { LDAP_CONTROL_MANAGEDSAIT, @@ -248,10 +248,14 @@ controls_root_dse_info( Entry *e ) vals[1].bv_len = 0; LDAP_SLIST_FOREACH( sc, &controls_list, sc_next ) { + if( sc->sc_mask & SLAP_CTRL_HIDE ) continue; + vals[0].bv_val = sc->sc_oid; vals[0].bv_len = strlen( sc->sc_oid ); - if ( attr_merge( e, ad_supportedControl, vals, NULL ) ) + + if ( attr_merge( e, ad_supportedControl, vals, NULL ) ) { return -1; + } } return 0; diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c index 7ec130854f..6f6ca23369 100644 --- a/servers/slapd/extended.c +++ b/servers/slapd/extended.c @@ -41,9 +41,12 @@ #define UNSUPPORTED_EXTENDEDOP "unsupported extended operation" +#define SLAP_EXOP_HIDE 0x8000 + static struct extop_list { struct extop_list *next; struct berval oid; + slap_mask_t flags; SLAP_EXTOP_MAIN_FN *ext_main; } *supp_ext_list = NULL; @@ -63,15 +66,16 @@ const struct berval slap_EXOP_START_TLS = BER_BVC(LDAP_EXOP_START_TLS); static struct { const struct berval *oid; + slap_mask_t flags; SLAP_EXTOP_MAIN_FN *ext_main; } builtin_extops[] = { #ifdef LDAP_EXOP_X_CANCEL - { &slap_EXOP_CANCEL, cancel_extop }, + { &slap_EXOP_CANCEL, SLAP_EXOP_HIDE, cancel_extop }, #endif - { &slap_EXOP_WHOAMI, whoami_extop }, - { &slap_EXOP_MODIFY_PASSWD, passwd_extop }, + { &slap_EXOP_WHOAMI, 0, whoami_extop }, + { &slap_EXOP_MODIFY_PASSWD, 0, passwd_extop }, #ifdef HAVE_TLS - { &slap_EXOP_START_TLS, starttls_extop }, + { &slap_EXOP_START_TLS, 0, starttls_extop }, #endif { NULL, NULL } }; @@ -80,21 +84,27 @@ static struct { static struct extop_list *find_extop( struct extop_list *list, struct berval *oid ); -struct berval * -get_supported_extop (int index) +int exop_root_dse_info( Entry *e ) { + AttributeDescription *ad_supportedExtension + = slap_schema.si_ad_supportedExtension; + struct berval vals[2]; struct extop_list *ext; - /* linear scan is slow, but this way doesn't force a - * big change on root_dse.c, where this routine is used. - */ - for (ext = supp_ext_list; ext != NULL && --index >= 0; ext = ext->next) { - ; /* empty */ - } + vals[1].bv_val = NULL; + vals[1].bv_len = 0; + + for (ext = supp_ext_list; ext != NULL; ext = ext->next) { + if( ext->flags & SLAP_EXOP_HIDE ) continue; + + vals[0] = ext->oid; - if (ext == NULL) return NULL; + if( attr_merge( e, ad_supportedExtension, vals, NULL ) ) { + return LDAP_OTHER; + } + } - return &ext->oid ; + return LDAP_SUCCESS; } int @@ -308,6 +318,7 @@ done: int load_extop( struct berval *ext_oid, + slap_mask_t ext_flags, SLAP_EXTOP_MAIN_FN *ext_main ) { struct extop_list *ext; @@ -320,6 +331,8 @@ load_extop( if (ext == NULL) return(-1); + ext->flags = ext_flags; + ext->oid.bv_val = (char *)(ext + 1); AC_MEMCPY( ext->oid.bv_val, ext_oid->bv_val, ext_oid->bv_len ); ext->oid.bv_len = ext_oid->bv_len; @@ -339,7 +352,9 @@ extops_init (void) int i; for (i = 0; builtin_extops[i].oid != NULL; i++) { - load_extop((struct berval *)builtin_extops[i].oid, builtin_extops[i].ext_main); + load_extop((struct berval *)builtin_extops[i].oid, + builtin_extops[i].flags, + builtin_extops[i].ext_main); } return(0); } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 6451090783..050782828e 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -443,6 +443,8 @@ LDAP_SLAPD_F (int) entry_id_cmp LDAP_P(( const void *v_a, const void *v_b )); /* * extended.c */ +LDAP_SLAPD_F (int) exop_root_dse_info LDAP_P ((Entry *e)); + #ifdef LDAP_EXOP_X_CANCEL LDAP_SLAPD_V( const struct berval ) slap_EXOP_CANCEL; #endif @@ -457,14 +459,13 @@ typedef int (SLAP_EXTOP_GETOID_FN) LDAP_P(( LDAP_SLAPD_F (int) load_extop LDAP_P(( struct berval *ext_oid, + slap_mask_t flags, SLAP_EXTOP_MAIN_FN *ext_main )); LDAP_SLAPD_F (int) extops_init LDAP_P(( void )); LDAP_SLAPD_F (int) extops_kill LDAP_P(( void )); -LDAP_SLAPD_F (struct berval *) get_supported_extop LDAP_P((int index)); - /* * * cancel.c * */ diff --git a/servers/slapd/root_dse.c b/servers/slapd/root_dse.c index 5357ed46fb..06f1ea12b2 100644 --- a/servers/slapd/root_dse.c +++ b/servers/slapd/root_dse.c @@ -139,29 +139,22 @@ root_dse_info( } /* supportedExtension */ - for ( i=0; (bv = get_supported_extop(i)) != NULL; i++ ) { - vals[0] = *bv; - if( attr_merge( e, ad_supportedExtension, vals, NULL ) ) - { - return LDAP_OTHER; - } + if ( exop_root_dse_info( e ) != 0 ) { + return LDAP_OTHER; } #ifdef LDAP_SLAPI /* netscape supportedExtension */ for ( i = 0; (bv = ns_get_supported_extop(i)) != NULL; i++ ) { vals[0] = *bv; - if( attr_merge( e, ad_supportedExtension, vals, NULL )) - { + if( attr_merge( e, ad_supportedExtension, vals, NULL )) { return LDAP_OTHER; } } #endif /* LDAP_SLAPI */ /* supportedFeatures */ - if( attr_merge( e, ad_supportedFeatures, - supportedFeatures, NULL ) ) - { + if( attr_merge( e, ad_supportedFeatures, supportedFeatures, NULL ) ) { return LDAP_OTHER; } diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 0e4ecde52e..678e74e824 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -2193,8 +2193,10 @@ enum { #define SLAP_SEARCH_MAX_CTRLS 10 #endif -#define SLAP_CTRL_FRONTEND 0x80000000U -#define SLAP_CTRL_FRONTEND_SEARCH 0x01000000U /* for NOOP */ +#define SLAP_CTRL_HIDE 0x80000000U + +#define SLAP_CTRL_FRONTEND 0x00800000U +#define SLAP_CTRL_FRONTEND_SEARCH 0x00010000U /* for NOOP */ #define SLAP_CTRL_OPFLAGS 0x0000FFFFU #define SLAP_CTRL_ABANDON 0x00000001U