From: Kurt Zeilenga Date: Wed, 17 Mar 2004 21:10:49 +0000 (+0000) Subject: Sync with HEAD X-Git-Tag: OPENLDAP_REL_ENG_2_2_7~24 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=52493faf2dfff3d680ec00024cc47b122a0f314e;p=openldap Sync with HEAD --- diff --git a/CHANGES b/CHANGES index f32a506259..128368c6d8 100644 --- a/CHANGES +++ b/CHANGES @@ -11,10 +11,14 @@ OpenLDAP 2.2.7 Engineering Fixed monitor backend crash when used with overlays (ITS#3023) Fixed oracle-related issues in back-sql (ITS#2641) Fixed '=' escape in DN (ITS#3009) + Updated ldapsearch paged results handling Build Environment Fixed libldap T_SRV portability bug + Fixed shared library soname versioning + Requires changes in linking practices of dependent applications Documentation Fixed ldapmodrdn(1) manpage (ITS#3003) + Updated release documents OpenLDAP 2.2.6 Release Fixed slapd SASL callback handling (ITS#2926) diff --git a/INSTALL b/INSTALL index f10ec1abe6..e6f1bca52f 100644 --- a/INSTALL +++ b/INSTALL @@ -43,7 +43,7 @@ Making and Installing the OpenLDAP Distribution LIBS libraries -llib PATH command path /usr/local/bin:/usr/bin:/bin -3. Configure the build system +3. Configure the build system: % [env settings] ./configure [options] @@ -51,11 +51,11 @@ Making and Installing the OpenLDAP Distribution the appropriate settings. However, you may need to specify options and/or environment variables to obtain desired results. -4. Build dependencies +4. Build dependencies: % make depend -5. Build the system +5. Build the system: % make @@ -64,7 +64,7 @@ Making and Installing the OpenLDAP Distribution may want to consult the Platform Hints subsection of the FAQ if you have not done so already. -6. Test the standalone system +6. Test the standalone system: This step requires the standalone LDAP server, slapd(8), with BDB, HDB, and/or LDBM support. @@ -72,17 +72,17 @@ Making and Installing the OpenLDAP Distribution % make test If all goes well, the system has been built as configured. If - not, return to step 4 after reviewing your configuration + not, return to step 2 after reviewing your configuration settings. You may want to consult the Installation section of the FAQ if you have not done so already. -7. install the binaries and man pages. You may need to be come the - super-user (e.g. root) to do this (depending on where you are - installing things): +7. Install the software. You may need to be come the super-user + (e.g. root) to do this (depending on where you are installing + things): % su root -c 'make install' -8. That's it! +8. That's it. Enjoy! See the OpenLDAP Administrator's Guide and the manual pages for the individual applications for configuration and use information. You may diff --git a/build/top.mk b/build/top.mk index 2d9a8f5f9c..03bfd508af 100644 --- a/build/top.mk +++ b/build/top.mk @@ -68,7 +68,7 @@ SHTOOL = $(top_srcdir)/build/shtool LIBTOOL = @LIBTOOL@ LIBVERSION = @OPENLDAP_LIBVERSION@ -LTVERSION = -version-info $(LIBVERSION) +LTVERSION = -release $(LIBVERSION) # libtool --only flag for libraries: platform specific NT_LTONLY_LIB = # --only-$(BUILD_LIBS_DYNAMIC) diff --git a/build/version.sh b/build/version.sh index bc3f94dd89..1dd2a21ed7 100755 --- a/build/version.sh +++ b/build/version.sh @@ -25,7 +25,7 @@ elif test $ol_minor != X ; then else ol_version=${ol_major}.${ol_minor} ol_type=Devel - ol_api_lib=0:0:0 + ol_api_lib=0 fi ol_string="${ol_package} ${ol_version}-${ol_type}" diff --git a/build/version.var b/build/version.var index edcce9e6df..d49c7384fe 100644 --- a/build/version.var +++ b/build/version.var @@ -16,6 +16,6 @@ ol_package=OpenLDAP ol_major=2 ol_minor=2 ol_patch=X -ol_api_inc=20204 -ol_api_lib=202:4:3 -ol_release_date="2004/02/25" +ol_api_inc=20206 +ol_api_lib=2.2.6 +ol_release_date="2004/03/16" diff --git a/configure.in b/configure.in index 8a73414866..aa3e46f665 100644 --- a/configure.in +++ b/configure.in @@ -183,8 +183,6 @@ OL_ARG_ENABLE(slapd,[ --enable-slapd enable building slapd], yes)dnl OL_ARG_ENABLE(aci,[ --enable-aci enable per-object ACIs (experimental)], no)dnl OL_ARG_ENABLE(cleartext,[ --enable-cleartext enable cleartext passwords], yes)dnl OL_ARG_ENABLE(crypt,[ --enable-crypt enable crypt(3) passwords], no)dnl -dnl OL_ARG_ENABLE(kpasswd,[ --enable-kpasswd enable Kerberos password verification], no)dnl -ol_enable_kpasswd=${ol_enable_kpasswd-no} OL_ARG_ENABLE(lmpasswd,[ --enable-lmpasswd enable LAN Manager passwords], no)dnl OL_ARG_ENABLE(spasswd,[ --enable-spasswd enable (Cyrus) SASL password verification], no)dnl OL_ARG_ENABLE(modules,[ --enable-modules enable dynamic module support], no)dnl @@ -507,14 +505,14 @@ if test $ol_enable_lmpasswd = yes ; then fi fi -if test $ol_enable_kbind = yes -o $ol_enable_kpasswd = yes ; then +if test $ol_enable_kbind = yes ; then if test $ol_with_kerberos = no ; then AC_MSG_ERROR([options require --with-kerberos]) elif test $ol_with_kerberos = auto ; then ol_with_kerberos=yes fi -elif test $ol_enable_kbind = no -o $ol_enable_kpasswd = no ; then +elif test $ol_enable_kbind = no ; then if test $ol_with_kerberos = auto ; then ol_with_kerberos=no elif test $ol_with_kerberos != no ; then @@ -1106,7 +1104,6 @@ fi dnl ---------------------------------------------------------------- dnl Kerberos ol_link_kbind=no -ol_link_kpasswd=no ol_link_krb5=no ol_link_krb4=no @@ -1161,10 +1158,6 @@ if test $ol_with_kerberos = yes -o $ol_with_kerberos = auto \ AC_DEFINE(HAVE_KRB5, 1, [define if you have Kerberos V]) - if test $ol_enable_kpasswd != no ; then - ol_link_kpasswd=yes; - fi - if test $ol_with_kerberos = k5only ; then ol_with_kerberos=found fi @@ -1261,10 +1254,6 @@ if test $ol_with_kerberos = yes -o $ol_with_kerberos = auto \ fi fi -if test $ol_link_krb4 = yes -a $ol_enable_kpasswd != no ; then - ol_link_kpasswd=yes -fi - if test $ol_link_krb4 = yes -a $ol_enable_kbind != no ; then ol_link_kbind=yes @@ -2525,9 +2514,6 @@ fi if test "$ol_enable_crypt" != no ; then AC_DEFINE(SLAPD_CRYPT,1,[define to support crypt(3) passwords]) fi -if test "$ol_link_kpasswd" != no ; then - AC_DEFINE(SLAPD_KPASSWD,1,[define to support Kerberos passwords]) -fi if test "$ol_link_spasswd" != no ; then AC_DEFINE(SLAPD_SPASSWD,1,[define to support SASL passwords]) fi @@ -2914,7 +2900,6 @@ servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in: servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk \ servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk \ servers/slapd/overlays/Makefile:build/top.mk:servers/slapd/overlays/Makefile.in:build/lib.mk \ -servers/slapd/tools/Makefile:build/top.mk:servers/slapd/tools/Makefile.in \ servers/slurpd/Makefile:build/top.mk:servers/slurpd/Makefile.in:build/srv.mk \ tests/Makefile:build/top.mk:tests/Makefile.in:build/dir.mk \ tests/run \ diff --git a/include/lber.h b/include/lber.h index 05033bdf6c..e712b291c7 100644 --- a/include/lber.h +++ b/include/lber.h @@ -152,7 +152,7 @@ typedef struct lber_memory_fns { #define LBER_OPT_SOCKBUF_DEBUG 0x1002 /* on/off values */ -extern char ber_pvt_opt_on; +LBER_V( char ) ber_pvt_opt_on; #define LBER_OPT_ON ((void *) &ber_pvt_opt_on) #define LBER_OPT_OFF ((void *) 0) diff --git a/include/ldap_cdefs.h b/include/ldap_cdefs.h index d25883f9de..8993bb1389 100644 --- a/include/ldap_cdefs.h +++ b/include/ldap_cdefs.h @@ -158,13 +158,9 @@ #endif /* LDBM library */ -#if defined(_WIN32) && defined(SLAPD_IMPORT) -# define LDAP_LDBM_F(type) extern __declspec(dllimport) type -# define LDAP_LDBM_V(type) extern __declspec(dllimport) type -#else +/* Not exported/imported any more */ # define LDAP_LDBM_F(type) extern type # define LDAP_LDBM_V(type) extern type -#endif /* LDIF library */ #if defined(_WIN32) && defined(SLAPD_IMPORT) diff --git a/include/lutil.h b/include/lutil.h index def956aa46..b5b5b8c5c7 100644 --- a/include/lutil.h +++ b/include/lutil.h @@ -70,15 +70,19 @@ lutil_get_filed_password LDAP_P(( /* passwd.c */ struct lutil_pw_scheme; +#define LUTIL_PASSWD_OK (0) +#define LUTIL_PASSWD_ERR (-1) + typedef int (LUTIL_PASSWD_CHK_FUNC)( const struct berval *scheme, const struct berval *passwd, const struct berval *cred, const char **text ); -typedef struct berval * (LUTIL_PASSWD_HASH_FUNC) ( +typedef int (LUTIL_PASSWD_HASH_FUNC) ( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ); LDAP_LUTIL_F( int ) @@ -118,13 +122,14 @@ lutil_passwd LDAP_P(( const char **methods, const char **text )); /* error message */ -LDAP_LUTIL_F( struct berval * ) -lutil_passwd_generate LDAP_P(( ber_len_t )); +LDAP_LUTIL_F( int ) +lutil_passwd_generate LDAP_P(( struct berval *pw, ber_len_t )); -LDAP_LUTIL_F( struct berval * ) +LDAP_LUTIL_F( int ) lutil_passwd_hash LDAP_P(( const struct berval *passwd, const char *method, + struct berval *hash, const char **text )); LDAP_LUTIL_F( int ) diff --git a/libraries/liblber/debug.c b/libraries/liblber/debug.c index 6a4329562a..69cff09769 100644 --- a/libraries/liblber/debug.c +++ b/libraries/liblber/debug.c @@ -146,8 +146,6 @@ void lutil_log_int( time_t now; struct tm *today; #endif - size_t i; - char * tmp; #ifdef LDAP_SYSLOG /* we're configured to use syslog */ diff --git a/libraries/libldap/cancel.c b/libraries/libldap/cancel.c index 82b6852bea..21af93145d 100644 --- a/libraries/libldap/cancel.c +++ b/libraries/libldap/cancel.c @@ -12,6 +12,10 @@ * top-level directory of the distribution or, alternatively, at * . */ +/* ACKNOWLEDGEMENTS: + * This program was orignally developed by Kurt D. Zeilenga for inclusion in + * OpenLDAP Software. + */ /* * LDAPv3 Cancel Operation Request diff --git a/libraries/libldap/controls.c b/libraries/libldap/controls.c index d60837ae4a..c9b6c722fe 100644 --- a/libraries/libldap/controls.c +++ b/libraries/libldap/controls.c @@ -26,9 +26,6 @@ * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY. *--- - * Modification to OpenLDAP source by Novell, Inc. - * June 2000 sfs Added control utilities - *-- * Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License * can be found in the file "build/LICENSE-2.0.1" in this distribution * of OpenLDAP Software. @@ -392,6 +389,25 @@ ldap_control_dup( const LDAPControl *c ) return new; } + +LDAPControl * +ldap_find_control( + LDAP_CONST char *oid, + LDAPControl **ctrls ) +{ + if( ctrls == NULL || *ctrls == NULL ) { + return NULL; + } + + for( ; *ctrls != NULL; ctrls++ ) { + if( strcmp( (*ctrls)->ldctl_oid, oid ) == 0 ) { + return *ctrls; + } + } + + return NULL; +} + /* ldap_create_control diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c index 8bdfc40fd0..6b3c4c0285 100644 --- a/libraries/libldap/cyrus.c +++ b/libraries/libldap/cyrus.c @@ -632,6 +632,7 @@ ldap_int_sasl_bind( LDAP_FREE( authid.bv_val ); } +#if !defined(_WIN32) /* Check for local */ if ( ldap_pvt_url_scheme2proto( ld->ld_defconn->lconn_server->lud_scheme ) == LDAP_PROTO_IPC ) { char authid[sizeof("uidNumber=4294967295+gidNumber=4294967295," @@ -641,6 +642,7 @@ ldap_int_sasl_bind( (int) geteuid(), (int) getegid() ); (void) ldap_int_sasl_external( ld, ld->ld_defconn, authid, LDAP_PVT_SASL_LOCAL_SSF ); } +#endif /* (re)set security properties */ sasl_setprop( ctx, SASL_SEC_PROPS, diff --git a/libraries/libldap/dnssrv.c b/libraries/libldap/dnssrv.c index 99c69c21de..66d977bd99 100644 --- a/libraries/libldap/dnssrv.c +++ b/libraries/libldap/dnssrv.c @@ -174,11 +174,6 @@ int ldap_domain2dn( return LDAP_SUCCESS; } -/* Bind 4 interface */ -#ifndef T_SRV -# define T_SRV 33 -#endif - /* * Lookup and return LDAP servers for domain (using the DNS * SRV record _ldap._tcp.domain). @@ -215,7 +210,15 @@ int ldap_domain2hostlist( #ifdef NS_HFIXEDSZ /* Bind 8/9 interface */ len = res_query(request, ns_c_in, ns_t_srv, reply, sizeof(reply)); +# ifndef T_SRV +# define T_SRV ns_t_srv +# endif #else + /* Bind 4 interface */ +# ifndef T_SRV +# define T_SRV 33 +# endif + len = res_query(request, C_IN, T_SRV, reply, sizeof(reply)); #endif if (len >= 0) { diff --git a/libraries/libldap/os-ip.c b/libraries/libldap/os-ip.c index e4cfc0c1f4..1b3b515810 100644 --- a/libraries/libldap/os-ip.c +++ b/libraries/libldap/os-ip.c @@ -523,7 +523,6 @@ ldap_host_connected_to( Sockbuf *sb, const char *host ) struct sockaddr sabuf; #endif struct sockaddr *sa = (struct sockaddr *) &sabuf; - int rc; ber_socket_t sd; (void)memset( (char *)sa, '\0', sizeof sabuf ); diff --git a/libraries/libldap/passwd.c b/libraries/libldap/passwd.c index 7fbc0cf900..57428292c8 100644 --- a/libraries/libldap/passwd.c +++ b/libraries/libldap/passwd.c @@ -12,6 +12,10 @@ * top-level directory of the distribution or, alternatively, at * . */ +/* ACKNOWLEDGEMENTS: + * This program was orignally developed by Kurt D. Zeilenga for inclusion in + * OpenLDAP Software. + */ #include "portable.h" diff --git a/libraries/libldap/search.c b/libraries/libldap/search.c index 7d0fb720a2..c1485f7182 100644 --- a/libraries/libldap/search.c +++ b/libraries/libldap/search.c @@ -217,7 +217,7 @@ ldap_build_search_req( ber_int_t *idp) { BerElement *ber; - int err, id; + int err; /* * Create the search request. It looks like this: diff --git a/libraries/libldap/whoami.c b/libraries/libldap/whoami.c index fc83e5f2cb..9f1a3b3b5c 100644 --- a/libraries/libldap/whoami.c +++ b/libraries/libldap/whoami.c @@ -12,6 +12,10 @@ * top-level directory of the distribution or, alternatively, at * . */ +/* ACKNOWLEDGEMENTS: + * This program was orignally developed by Kurt D. Zeilenga for inclusion in + * OpenLDAP Software. + */ #include "portable.h" diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c index e00a07d2f0..7f133a8367 100644 --- a/libraries/liblutil/passwd.c +++ b/libraries/liblutil/passwd.c @@ -41,16 +41,7 @@ # endif #endif -#ifdef SLAPD_KPASSWD -# include -# include -#endif - -/* KPASSWD/krb.h brings in a conflicting des.h so don't use both. - * configure currently requires OpenSSL to enable LMHASH. Obviously - * this requirement can be fulfilled by the KRB DES library as well. - */ -#if defined(SLAPD_LMHASH) && !defined(DES_ENCRYPT) +#if defined(SLAPD_LMHASH) # include #endif /* SLAPD_LMHASH */ @@ -121,18 +112,10 @@ static LUTIL_PASSWD_CHK_FUNC chk_lanman; static LUTIL_PASSWD_HASH_FUNC hash_lanman; #endif -#ifdef SLAPD_NS_MTA_MD5 -static LUTIL_PASSWD_CHK_FUNC chk_ns_mta_md5; -#endif - #ifdef SLAPD_SPASSWD static LUTIL_PASSWD_CHK_FUNC chk_sasl; #endif -#ifdef SLAPD_KPASSWD -static LUTIL_PASSWD_CHK_FUNC chk_kerberos; -#endif - #ifdef SLAPD_CRYPT static LUTIL_PASSWD_CHK_FUNC chk_crypt; static LUTIL_PASSWD_HASH_FUNC hash_crypt; @@ -164,18 +147,10 @@ static const struct pw_scheme pw_schemes_default[] = { BER_BVC("{LANMAN}"), chk_lanman, hash_lanman }, #endif /* SLAPD_LMHASH */ -#ifdef SLAPD_NS_MTA_MD5 - { BER_BVC("{NS-MTA-MD5}"), chk_ns_mta_md5, NULL }, -#endif /* SLAPD_NS_MTA_MD5 */ - #ifdef SLAPD_SPASSWD { BER_BVC("{SASL}"), chk_sasl, NULL }, #endif -#ifdef SLAPD_KPASSWD - { BER_BVC("{KERBEROS}"), chk_kerberos, NULL }, -#endif - #ifdef SLAPD_CRYPT { BER_BVC("{CRYPT}"), chk_crypt, hash_crypt }, # if defined( HAVE_GETPWNAM ) && defined( HAVE_PW_PASSWD ) @@ -210,11 +185,10 @@ int lutil_passwd_add( void lutil_passwd_init() { - struct pw_slist *ptr; struct pw_scheme *s; for( s=(struct pw_scheme *)pw_schemes_default; s->name.bv_val; s++) { - if ( lutil_passwd_add( &s->name, s->chk_fn, s->hash_fn )) break; + if ( lutil_passwd_add( &s->name, s->chk_fn, s->hash_fn ) ) break; } } @@ -338,26 +312,20 @@ lutil_passwd( return 1; } -struct berval * lutil_passwd_generate( ber_len_t len ) +int lutil_passwd_generate( struct berval *pw, ber_len_t len ) { - struct berval *pw; - - if( len < 1 ) return NULL; - pw = ber_memalloc( sizeof( struct berval ) ); - if( pw == NULL ) return NULL; + if( len < 1 ) return -1; pw->bv_len = len; pw->bv_val = ber_memalloc( len + 1 ); if( pw->bv_val == NULL ) { - ber_memfree( pw ); - return NULL; + return -1; } if( lutil_entropy( (unsigned char *) pw->bv_val, pw->bv_len) < 0 ) { - ber_bvfree( pw ); - return NULL; + return -1; } for( len = 0; len < pw->bv_len; len++ ) { @@ -367,76 +335,77 @@ struct berval * lutil_passwd_generate( ber_len_t len ) pw->bv_val[len] = '\0'; - return pw; + return 0; } -struct berval * lutil_passwd_hash( +int lutil_passwd_hash( const struct berval * passwd, const char * method, + struct berval *hash, const char **text ) { const struct pw_scheme *sc = get_scheme( method ); + hash->bv_val = NULL; + hash->bv_len = 0; + if( sc == NULL ) { if( text ) *text = "scheme not recognized"; - return NULL; + return -1; } if( ! sc->hash_fn ) { if( text ) *text = "scheme provided no hash function"; - return NULL; + return -1; } if( text ) *text = NULL; - return (sc->hash_fn)( &sc->name, passwd, text ); + return (sc->hash_fn)( &sc->name, passwd, hash, text ); } /* pw_string is only called when SLAPD_LMHASH or SLAPD_CRYPT is defined */ #if defined(SLAPD_LMHASH) || defined(SLAPD_CRYPT) -static struct berval * pw_string( +static int pw_string( const struct berval *sc, - const struct berval *passwd ) + struct berval *passwd ) { - struct berval *pw = ber_memalloc( sizeof( struct berval ) ); - if( pw == NULL ) return NULL; + struct berval pw; - pw->bv_len = sc->bv_len + passwd->bv_len; - pw->bv_val = ber_memalloc( pw->bv_len + 1 ); + pw.bv_len = sc->bv_len + passwd->bv_len; + pw.bv_val = ber_memalloc( pw.bv_len + 1 ); - if( pw->bv_val == NULL ) { - ber_memfree( pw ); - return NULL; + if( pw.bv_val == NULL ) { + return LUTIL_PASSWD_ERR; } - AC_MEMCPY( pw->bv_val, sc->bv_val, sc->bv_len ); - AC_MEMCPY( &pw->bv_val[sc->bv_len], passwd->bv_val, passwd->bv_len ); + AC_MEMCPY( pw.bv_val, sc->bv_val, sc->bv_len ); + AC_MEMCPY( &pw.bv_val[sc->bv_len], passwd->bv_val, passwd->bv_len ); - pw->bv_val[pw->bv_len] = '\0'; - return pw; + pw.bv_val[pw.bv_len] = '\0'; + *passwd = pw; + + return LUTIL_PASSWD_OK; } #endif /* SLAPD_LMHASH || SLAPD_CRYPT */ -static struct berval * pw_string64( +static int pw_string64( const struct berval *sc, const struct berval *hash, + struct berval *b64, const struct berval *salt ) { int rc; struct berval string; - struct berval *b64 = ber_memalloc( sizeof(struct berval) ); size_t b64len; - if( b64 == NULL ) return NULL; - if( salt ) { /* need to base64 combined string */ string.bv_len = hash->bv_len + salt->bv_len; string.bv_val = ber_memalloc( string.bv_len + 1 ); if( string.bv_val == NULL ) { - ber_memfree( b64 ); - return NULL; + return LUTIL_PASSWD_ERR; } AC_MEMCPY( string.bv_val, hash->bv_val, @@ -455,8 +424,7 @@ static struct berval * pw_string64( if( b64->bv_val == NULL ) { if( salt ) ber_memfree( string.bv_val ); - ber_memfree( b64 ); - return NULL; + return LUTIL_PASSWD_ERR; } AC_MEMCPY(b64->bv_val, sc->bv_val, sc->bv_len); @@ -468,14 +436,13 @@ static struct berval * pw_string64( if( salt ) ber_memfree( string.bv_val ); if( rc < 0 ) { - ber_bvfree( b64 ); - return NULL; + return LUTIL_PASSWD_ERR; } /* recompute length */ b64->bv_len = sc->bv_len + rc; assert( strlen(b64->bv_val) == b64->bv_len ); - return b64; + return LUTIL_PASSWD_OK; } /* PASSWORD CHECK ROUTINES */ @@ -495,20 +462,20 @@ static int chk_ssha1( /* safety check */ if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHA1digest)+SALT_SIZE) { - return -1; + return LUTIL_PASSWD_ERR; } /* decode base64 password */ orig_pass = (unsigned char *) ber_memalloc( (size_t) ( LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); - if( orig_pass == NULL ) return -1; + if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); if (rc < (int)(sizeof(SHA1digest)+SALT_SIZE)) { ber_memfree(orig_pass); - return -1; + return LUTIL_PASSWD_ERR; } /* hash credentials with salt */ @@ -523,7 +490,7 @@ static int chk_ssha1( /* compare */ rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); ber_memfree(orig_pass); - return rc ? 1 : 0; + return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } static int chk_sha1( @@ -539,20 +506,20 @@ static int chk_sha1( /* safety check */ if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHA1digest)) { - return -1; + return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ orig_pass = (unsigned char *) ber_memalloc( (size_t) ( LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); - if( orig_pass == NULL ) return -1; + if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); if( rc != sizeof(SHA1digest) ) { ber_memfree(orig_pass); - return -1; + return LUTIL_PASSWD_ERR; } /* hash credentials with salt */ @@ -564,7 +531,7 @@ static int chk_sha1( /* compare */ rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); ber_memfree(orig_pass); - return rc ? 1 : 0; + return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } #endif @@ -582,20 +549,20 @@ static int chk_smd5( /* safety check */ if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(MD5digest)+SALT_SIZE) { - return -1; + return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ orig_pass = (unsigned char *) ber_memalloc( (size_t) ( LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); - if( orig_pass == NULL ) return -1; + if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); if (rc < (int)(sizeof(MD5digest)+SALT_SIZE)) { ber_memfree(orig_pass); - return -1; + return LUTIL_PASSWD_ERR; } /* hash credentials with salt */ @@ -611,7 +578,7 @@ static int chk_smd5( /* compare */ rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); ber_memfree(orig_pass); - return rc ? 1 : 0; + return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } static int chk_md5( @@ -627,19 +594,19 @@ static int chk_md5( /* safety check */ if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(MD5digest)) { - return -1; + return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ orig_pass = (unsigned char *) ber_memalloc( (size_t) ( LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); - if( orig_pass == NULL ) return -1; + if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); if ( rc != sizeof(MD5digest) ) { ber_memfree(orig_pass); - return -1; + return LUTIL_PASSWD_ERR; } /* hash credentials with salt */ @@ -652,7 +619,7 @@ static int chk_md5( /* compare */ rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); ber_memfree(orig_pass); - return rc ? 1 : 0; + return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } #ifdef SLAPD_LMHASH @@ -747,12 +714,12 @@ static int chk_lanman( for( i=0; ibv_len; i++) { if(cred->bv_val[i] == '\0') { - return -1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( cred->bv_val[i] != '\0' ) { - return -1; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } strncpy( UcasePassword, cred->bv_val, 14 ); @@ -778,64 +745,10 @@ static int chk_lanman( storedPasswordHash[32] = '\0'; ldap_pvt_str2lower( storedPasswordHash ); - return memcmp( PasswordHash, storedPasswordHash, 32) ? 1 : 0; + return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } #endif /* SLAPD_LMHASH */ -#ifdef SLAPD_NS_MTA_MD5 -#define NS_MTA_MD5_PASSLEN 64 -static int chk_ns_mta_md5( - const struct berval *scheme, - const struct berval *passwd, - const struct berval *cred, - const char **text ) -{ - lutil_MD5_CTX MD5context; - unsigned char MD5digest[LUTIL_MD5_BYTES], c; - char buffer[LUTIL_MD5_BYTES*2]; - int i; - - if( passwd->bv_len != NS_MTA_MD5_PASSLEN ) { - return 1; - } - - /* hash credentials with salt */ - lutil_MD5Init(&MD5context); - lutil_MD5Update(&MD5context, - (const unsigned char *) &passwd->bv_val[32], - 32 ); - - c = 0x59; - lutil_MD5Update(&MD5context, - (const unsigned char *) &c, - 1 ); - - lutil_MD5Update(&MD5context, - (const unsigned char *) cred->bv_val, - cred->bv_len ); - - c = 0xF7; - lutil_MD5Update(&MD5context, - (const unsigned char *) &c, - 1 ); - - lutil_MD5Update(&MD5context, - (const unsigned char *) &passwd->bv_val[32], - 32 ); - - lutil_MD5Final(MD5digest, &MD5context); - - for( i=0; i < sizeof( MD5digest ); i++ ) { - buffer[i+i] = "0123456789abcdef"[(MD5digest[i]>>4) & 0x0F]; - buffer[i+i+1] = "0123456789abcdef"[ MD5digest[i] & 0x0F]; - } - - /* compare */ - return memcmp((char *)passwd->bv_val, - (char *)buffer, sizeof(buffer)) ? 1 : 0; -} -#endif - #ifdef SLAPD_SPASSWD #ifdef HAVE_CYRUS_SASL sasl_conn_t *lutil_passwd_sasl_conn = NULL; @@ -852,25 +765,25 @@ static int chk_sasl( for( i=0; ibv_len; i++) { if(cred->bv_val[i] == '\0') { - return 1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( cred->bv_val[i] != '\0' ) { - return 1; /* cred must behave like a string */ + return LUTIL_PASSWD_ERR; /* cred must behave like a string */ } for( i=0; ibv_len; i++) { if(passwd->bv_val[i] == '\0') { - return 1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( passwd->bv_val[i] != '\0' ) { - return 1; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } - rtn = 1; + rtn = LUTIL_PASSWD_ERR; #ifdef HAVE_CYRUS_SASL if( lutil_passwd_sasl_conn != NULL ) { @@ -885,7 +798,7 @@ static int chk_sasl( passwd->bv_val, passwd->bv_len, cred->bv_val, cred->bv_len ); # endif - rtn = ( sc != SASL_OK ); + rtn = ( sc != SASL_OK ) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } #endif @@ -893,180 +806,6 @@ static int chk_sasl( } #endif -#ifdef SLAPD_KPASSWD -static int chk_kerberos( - const struct berval *sc, - const struct berval * passwd, - const struct berval * cred, - const char **text ) -{ - unsigned int i; - int rtn; - - for( i=0; ibv_len; i++) { - if(cred->bv_val[i] == '\0') { - return 1; /* NUL character in password */ - } - } - - if( cred->bv_val[i] != '\0' ) { - return 1; /* cred must behave like a string */ - } - - for( i=0; ibv_len; i++) { - if(passwd->bv_val[i] == '\0') { - return 1; /* NUL character in password */ - } - } - - if( passwd->bv_val[i] != '\0' ) { - return 1; /* passwd must behave like a string */ - } - - rtn = 1; - -#ifdef HAVE_KRB5 /* HAVE_HEIMDAL_KRB5 */ - { -/* Portions: - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H\xf6gskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - krb5_context context; - krb5_error_code ret; - krb5_creds creds; - krb5_get_init_creds_opt get_options; - krb5_verify_init_creds_opt verify_options; - krb5_principal client, server; -#ifdef notdef - krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP}; -#endif - - ret = krb5_init_context( &context ); - if (ret) { - return 1; - } - -#ifdef notdef - krb5_get_init_creds_opt_set_preauth_list(&get_options, - pre_auth_types, 1); -#endif - - krb5_get_init_creds_opt_init( &get_options ); - - krb5_verify_init_creds_opt_init( &verify_options ); - - ret = krb5_parse_name( context, passwd->bv_val, &client ); - - if (ret) { - krb5_free_context( context ); - return 1; - } - - ret = krb5_get_init_creds_password( context, - &creds, client, cred->bv_val, NULL, - NULL, 0, NULL, &get_options ); - - if (ret) { - krb5_free_principal( context, client ); - krb5_free_context( context ); - return 1; - } - - { - char *host = ldap_pvt_get_fqdn( NULL ); - - if( host == NULL ) { - krb5_free_principal( context, client ); - krb5_free_context( context ); - return 1; - } - - ret = krb5_sname_to_principal( context, - host, "ldap", KRB5_NT_SRV_HST, &server ); - - ber_memfree( host ); - } - - if (ret) { - krb5_free_principal( context, client ); - krb5_free_context( context ); - return 1; - } - - ret = krb5_verify_init_creds( context, - &creds, server, NULL, NULL, &verify_options ); - - krb5_free_principal( context, client ); - krb5_free_principal( context, server ); - krb5_free_cred_contents( context, &creds ); - krb5_free_context( context ); - - rtn = !!ret; - } -#elif defined(HAVE_KRB4) - { - /* Borrowed from Heimdal kpopper */ -/* Portions: - * Copyright (c) 1989 Regents of the University of California. - * All rights reserved. The Berkeley software License Agreement - * specifies the terms and conditions for redistribution. - */ - - int status; - char lrealm[REALM_SZ]; - char tkt[MAXHOSTNAMELEN]; - - status = krb_get_lrealm(lrealm,1); - if (status == KFAILURE) { - return 1; - } - - snprintf(tkt, sizeof(tkt), "%s_slapd.%u", - TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string (tkt); - - status = krb_verify_user( passwd->bv_val, "", lrealm, - cred->bv_val, 1, "ldap"); - - dest_tkt(); /* no point in keeping the tickets */ - - return status == KFAILURE; - } -#endif - - return rtn; -} -#endif /* SLAPD_KPASSWD */ - #ifdef SLAPD_CRYPT static int chk_crypt( const struct berval *sc, @@ -1079,36 +818,36 @@ static int chk_crypt( for( i=0; ibv_len; i++) { if(cred->bv_val[i] == '\0') { - return 1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( cred->bv_val[i] != '\0' ) { - return -1; /* cred must behave like a string */ + return LUTIL_PASSWD_ERR; /* cred must behave like a string */ } if( passwd->bv_len < 2 ) { - return -1; /* passwd must be at least two characters long */ + return LUTIL_PASSWD_ERR; /* passwd must be at least two characters long */ } for( i=0; ibv_len; i++) { if(passwd->bv_val[i] == '\0') { - return -1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( passwd->bv_val[i] != '\0' ) { - return -1; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } cr = crypt( cred->bv_val, passwd->bv_val ); if( cr == NULL || cr[0] == '\0' ) { /* salt must have been invalid */ - return -1; + return LUTIL_PASSWD_ERR; } - return strcmp( passwd->bv_val, cr ) ? 1 : 0; + return strcmp( passwd->bv_val, cr ) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } # if defined( HAVE_GETPWNAM ) && defined( HAVE_PW_PASSWD ) @@ -1123,28 +862,28 @@ static int chk_unix( for( i=0; ibv_len; i++) { if(cred->bv_val[i] == '\0') { - return -1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( cred->bv_val[i] != '\0' ) { - return -1; /* cred must behave like a string */ + return LUTIL_PASSWD_ERR; /* cred must behave like a string */ } for( i=0; ibv_len; i++) { if(passwd->bv_val[i] == '\0') { - return -1; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( passwd->bv_val[i] != '\0' ) { - return -1; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } { struct passwd *pwd = getpwnam(passwd->bv_val); if(pwd == NULL) { - return -1; /* not found */ + return LUTIL_PASSWD_ERR; /* not found */ } pw = pwd->pw_passwd; @@ -1170,17 +909,17 @@ static int chk_unix( if( pw == NULL || pw[0] == '\0' || pw[1] == '\0' ) { /* password must must be at least two characters long */ - return -1; + return LUTIL_PASSWD_ERR; } cr = crypt(cred->bv_val, pw); if( cr == NULL || cr[0] == '\0' ) { /* salt must have been invalid */ - return -1; + return LUTIL_PASSWD_ERR; } - return strcmp(pw, cr) ? 1 : 0; + return strcmp(pw, cr) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } # endif @@ -1189,9 +928,10 @@ static int chk_unix( /* PASSWORD GENERATION ROUTINES */ #ifdef LUTIL_SHA1_BYTES -static struct berval *hash_ssha1( +static int hash_ssha1( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { lutil_SHA1_CTX SHA1context; @@ -1206,7 +946,7 @@ static struct berval *hash_ssha1( salt.bv_len = sizeof(saltdata); if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { - return NULL; + return LUTIL_PASSWD_ERR; } lutil_SHA1Init( &SHA1context ); @@ -1216,12 +956,13 @@ static struct berval *hash_ssha1( (const unsigned char *)salt.bv_val, salt.bv_len ); lutil_SHA1Final( SHA1digest, &SHA1context ); - return pw_string64( scheme, &digest, &salt); + return pw_string64( scheme, &digest, hash, &salt); } -static struct berval *hash_sha1( +static int hash_sha1( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { lutil_SHA1_CTX SHA1context; @@ -1235,13 +976,14 @@ static struct berval *hash_sha1( (const unsigned char *)passwd->bv_val, passwd->bv_len ); lutil_SHA1Final( SHA1digest, &SHA1context ); - return pw_string64( scheme, &digest, NULL); + return pw_string64( scheme, &digest, hash, NULL); } #endif -static struct berval *hash_smd5( +static int hash_smd5( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { lutil_MD5_CTX MD5context; @@ -1256,7 +998,7 @@ static struct berval *hash_smd5( salt.bv_len = sizeof(saltdata); if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { - return NULL; + return LUTIL_PASSWD_ERR; } lutil_MD5Init( &MD5context ); @@ -1266,12 +1008,13 @@ static struct berval *hash_smd5( (const unsigned char *) salt.bv_val, salt.bv_len ); lutil_MD5Final( MD5digest, &MD5context ); - return pw_string64( scheme, &digest, &salt ); + return pw_string64( scheme, &digest, hash, &salt ); } -static struct berval *hash_md5( +static int hash_md5( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { lutil_MD5_CTX MD5context; @@ -1287,14 +1030,15 @@ static struct berval *hash_md5( (const unsigned char *) passwd->bv_val, passwd->bv_len ); lutil_MD5Final( MD5digest, &MD5context ); - return pw_string64( scheme, &digest, NULL ); + return pw_string64( scheme, &digest, hash, NULL ); ; } #ifdef SLAPD_LMHASH -static struct berval *hash_lanman( +static int hash_lanman( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { @@ -1305,16 +1049,15 @@ static struct berval *hash_lanman( des_cblock StdText = "KGS!@#$%"; des_cblock PasswordHash1, PasswordHash2; char PasswordHash[33]; - struct berval hash; for( i=0; ibv_len; i++) { if(passwd->bv_val[i] == '\0') { - return NULL; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( passwd->bv_val[i] != '\0' ) { - return NULL; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } strncpy( UcasePassword, passwd->bv_val, 14 ); @@ -1335,35 +1078,35 @@ static struct berval *hash_lanman( PasswordHash2[0],PasswordHash2[1],PasswordHash2[2],PasswordHash2[3], PasswordHash2[4],PasswordHash2[5],PasswordHash2[6],PasswordHash2[7] ); - hash.bv_val = PasswordHash; - hash.bv_len = 32; + hash->bv_val = PasswordHash; + hash->bv_len = 32; - return pw_string( scheme, &hash ); + return pw_string( scheme, hash ); } #endif /* SLAPD_LMHASH */ #ifdef SLAPD_CRYPT -static struct berval *hash_crypt( +static int hash_crypt( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { - struct berval hash; unsigned char salt[32]; /* salt suitable for most anything */ unsigned int i; for( i=0; ibv_len; i++) { if(passwd->bv_val[i] == '\0') { - return NULL; /* NUL character in password */ + return LUTIL_PASSWD_ERR; /* NUL character in password */ } } if( passwd->bv_val[i] != '\0' ) { - return NULL; /* passwd must behave like a string */ + return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ } if( lutil_entropy( salt, sizeof( salt ) ) < 0 ) { - return NULL; + return LUTIL_PASSWD_ERR; } for( i=0; i< ( sizeof(salt) - 1 ); i++ ) { @@ -1379,17 +1122,17 @@ static struct berval *hash_crypt( snprintf( (char *) salt, sizeof(entropy), salt_format, entropy ); } - hash.bv_val = crypt( passwd->bv_val, (char *) salt ); + hash->bv_val = crypt( passwd->bv_val, (char *) salt ); - if( hash.bv_val == NULL ) return NULL; + if( hash->bv_val == NULL ) return -1; - hash.bv_len = strlen( hash.bv_val ); + hash->bv_len = strlen( hash->bv_val ); - if( hash.bv_len == 0 ) { - return NULL; + if( hash->bv_len == 0 ) { + return LUTIL_PASSWD_ERR; } - return pw_string( scheme, &hash ); + return pw_string( scheme, hash ); } #endif @@ -1405,12 +1148,14 @@ int lutil_salt_format(const char *format) } #ifdef SLAPD_CLEARTEXT -static struct berval *hash_clear( +static int hash_clear( const struct berval *scheme, const struct berval *passwd, + struct berval *hash, const char **text ) { - return ber_bvdup( (struct berval *) passwd ); + ber_dupbv( hash, (struct berval *)passwd ); + return LUTIL_PASSWD_OK; } #endif diff --git a/libraries/librewrite/map.c b/libraries/librewrite/map.c index c94c7bf530..d8ba01cdb2 100644 --- a/libraries/librewrite/map.c +++ b/libraries/librewrite/map.c @@ -51,7 +51,7 @@ rewrite_map_parse( * Go to the end of the map invocation (the right closing brace) */ for ( p = string, cnt = 1; p[ 0 ] != '\0' && cnt > 0; p++ ) { - if ( p[ 0 ] == REWRITE_SUBMATCH_ESCAPE ) { + if ( IS_REWRITE_SUBMATCH_ESCAPE( p[ 0 ] ) ) { /* * '%' marks the beginning of a new map */ diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h index bf17fb3e20..798620ad41 100644 --- a/libraries/librewrite/rewrite-int.h +++ b/libraries/librewrite/rewrite-int.h @@ -55,7 +55,10 @@ */ /* the '\' conflicts with slapd.conf parsing */ /* #define REWRITE_SUBMATCH_ESCAPE '\\' */ -#define REWRITE_SUBMATCH_ESCAPE '%' +#define REWRITE_SUBMATCH_ESCAPE_ORIG '%' +#define REWRITE_SUBMATCH_ESCAPE '$' +#define IS_REWRITE_SUBMATCH_ESCAPE(c) \ + ((c) == REWRITE_SUBMATCH_ESCAPE || (c) == REWRITE_SUBMATCH_ESCAPE_ORIG) /* * REGEX flags diff --git a/libraries/librewrite/subst.c b/libraries/librewrite/subst.c index 8de7f78940..3fb2ae2476 100644 --- a/libraries/librewrite/subst.c +++ b/libraries/librewrite/subst.c @@ -55,11 +55,11 @@ rewrite_subst_compile( /* * Keep only single escapes '%' */ - if ( p[ 0 ] != REWRITE_SUBMATCH_ESCAPE ) { + if ( !IS_REWRITE_SUBMATCH_ESCAPE( p[ 0 ] ) ) { continue; } - if ( p[ 1 ] == REWRITE_SUBMATCH_ESCAPE ) { + if ( IS_REWRITE_SUBMATCH_ESCAPE( p[ 1 ] ) ) { /* Pull &p[1] over p, including the trailing '\0' */ AC_MEMCPY((char *)p, &p[ 1 ], strlen( p ) ); continue; @@ -387,6 +387,7 @@ rewrite_subst_apply( if ( rc != REWRITE_SUCCESS ) { rc = REWRITE_REGEXEC_ERR; + goto cleanup; } /* diff --git a/libraries/librewrite/xmap.c b/libraries/librewrite/xmap.c index a70ecb6234..abffec0917 100644 --- a/libraries/librewrite/xmap.c +++ b/libraries/librewrite/xmap.c @@ -95,7 +95,7 @@ rewrite_xmap_parse( * Experimental file map: * looks up key in a `key value' ascii file */ - } else if ( strncasecmp(s, "xfile", 5 ) == 0 ) { + } else if ( strncasecmp( s, "xfile", 5 ) == 0 ) { char *filename; const char *p; int l; diff --git a/servers/slapd/tools/Makefile.in b/servers/slapd/tools/Makefile.in deleted file mode 100644 index 2d314b8537..0000000000 --- a/servers/slapd/tools/Makefile.in +++ /dev/null @@ -1,84 +0,0 @@ -# Makefile.in for slapd tools -# $OpenLDAP$ -## This work is part of OpenLDAP Software . -## -## Copyright 1998-2004 The OpenLDAP Foundation. -## All rights reserved. -## -## Redistribution and use in source and binary forms, with or without -## modification, are permitted only as authorized by the OpenLDAP -## Public License. -## -## A copy of this license is available in the file LICENSE in the -## top-level directory of the distribution or, alternatively, at -## . - -LDAP_INCDIR= ../../../include -LDAP_LIBDIR= ../../../libraries - -SLAP_DIR=../ -XDEFS = $(MODULES_CPPFLAGS) -XLDFLAGS = $(MODULES_LDFLAGS) - -XLIBS = $(SLAPD_L) $(LDBM_LIBS) -XXLIBS = $(SLAPD_LIBS) \ - $(LDBM_LIBS) $(SECURITY_LIBS) $(LUTIL_LIBS) -XXXLIBS = $(LTHREAD_LIBS) -SLAPI_DEP_LIBS = $(LIBS) @LIBSLAPITOOLS@ @SLAPI_LIBS@ $(MODULES_LIBS) - -STATIC_DEPENDS=@SLAPD_NO_STATIC@ ../libbackends.a - -PROGRAMS=slapadd slapcat slapindex slappasswd - -SRCS = mimic.c slapcommon.c \ - slapadd.c slapcat.c slapindex.c slappasswd.c - -SLAPD_OBJS = ../globals.o ../config.o ../ch_malloc.o ../cr.o ../backend.o \ - ../module.o ../aclparse.o ../filterentry.o ../schema.o \ - ../schema_check.o ../schema_init.o ../schema_prep.o \ - ../schemaparse.o ../ad.o ../at.o ../mr.o ../oc.o \ - ../syntax.o ../acl.o ../phonetic.o ../attr.o ../value.o \ - ../entry.o ../dn.o ../filter.o ../str2filter.o ../ava.o \ - ../init.o ../controls.o ../kerberos.o ../passwd.o \ - ../index.o ../extended.o ../starttls.o ../sets.o ../mra.o \ - ../referral.o ../backglue.o ../oidm.o ../mods.o ../operation.o \ - ../cancel.o ../sl_malloc.o ../backover.o ../ctxcsn.o ../syncrepl.o \ - ../ldapsync.o ../sessionlog.o - -SLAPOBJS = $(SLAPD_OBJS) slapcommon.o mimic.o - -all-local: build-progs - -build-progs: $(PROGRAMS) - -# -# SLAP Tools -# -slapadd: slapadd.o $(STATIC_DEPENDS) $(SLAPOBJS) $(SLAPD_L) - $(LTLINK) -o $@ slapadd.o $(SLAPOBJS) $(STATIC_DEPENDS) \ - $(SLAPI_DEP_LIBS) - -slapcat: slapcat.o $(STATIC_DEPENDS) $(SLAPOBJS) $(SLAPD_L) - $(LTLINK) -o $@ slapcat.o $(SLAPOBJS) $(STATIC_DEPENDS) \ - $(SLAPI_DEP_LIBS) - -slapindex: slapindex.o $(STATIC_DEPENDS) $(SLAPOBJS) $(SLAPD_L) - $(LTLINK) -o $@ slapindex.o $(SLAPOBJS) $(STATIC_DEPENDS) \ - $(SLAPI_DEP_LIBS) - -slappasswd: slappasswd.o $(SLAPD_L) - $(LTLINK) -o $@ slappasswd.o $(LIBS) - -clean-local: FORCE - $(RM) $(PROGRAMS) $(XPROGRAMS) $(XSRCS) *.o core .libs/* *.exe - -depend-local: FORCE - $(MKDEP) $(DEFS) $(DEFINES) $(SRCS) - -install-local: FORCE - -$(MKDIR) $(DESTDIR)$(sbindir) - @for bin in $(PROGRAMS); do \ - $(LTINSTALL) $(INSTALLFLAGS) -s -m 755 \ - $$bin$(EXEEXT) $(DESTDIR)$(sbindir); \ - done - diff --git a/servers/slapd/tools/mimic.c b/servers/slapd/tools/mimic.c deleted file mode 100644 index 1aa95059f0..0000000000 --- a/servers/slapd/tools/mimic.c +++ /dev/null @@ -1,322 +0,0 @@ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. - */ - - -/* - * Mimic unused interfaces of slapd... - * needed for linking. - */ -#include "portable.h" - -#include - -#include "../slap.h" - -#include "ldap_rq.h" - -/* needed by WIN32 and back-monitor */ -time_t starttime; - -/* because Versionstr is used in back-monitor */ -const char Versionstr[] = ""; - -/* bogus ../results.c */ -int str2result( - char* s, - int *code, - char **matched, - char **info ) -{ - assert(0); - return 0; -} - -void -send_ldap_disconnect( Operation *op, SlapReply *rs ) -{ - assert(0); -} - -int -slap_null_cb( - Operation *op, SlapReply *rs -) -{ - assert(0); -} - -int -slap_replog_cb( - Operation *op, SlapReply *rs -) -{ - assert(0); -} - -void -slap_send_ldap_extended( - Operation *op, SlapReply *rs -) -{ - assert(0); -} - -void -slap_send_ldap_intermediate_resp( - Operation *op, SlapReply *rs -) -{ - assert(0); -} - -void -send_ldap_sasl( Operation *op, SlapReply *rs ) -{ - assert(0); -} - -void -slap_send_ldap_result( Operation *op, SlapReply *rs ) -{ - assert(0); -} - -int -slap_send_search_entry( Operation *op, SlapReply *rs ) -{ - assert(0); - return -1; -} - -int -slap_send_search_reference( Operation *op, SlapReply *rs ) -{ - assert(0); - return -1; -} - -int slap_read_controls( - Operation *op, - SlapReply *rs, - Entry *e, - const struct berval *oid, - LDAPControl **c ) -{ - assert(0); - return -1; -} - -int slap_sasl_init(void) -{ - return LDAP_SUCCESS; -} - -int slap_sasl_destroy(void) -{ - return LDAP_SUCCESS; -} - -int slap_sasl_setpass( Operation *op, SlapReply *rs ) -{ - return LDAP_SUCCESS; -} - -int slap_sasl_config( - int cargc, - char **cargv, - char *line, - const char *fname, - int lineno ) -{ - return LDAP_SUCCESS; -} - - -int connection_client_setup( - ber_socket_t s, - Listener *l, - ldap_pvt_thread_start_t *func, - void *arg ) -{ - assert(0); - return 0; -} - -void connection_client_enable( ber_socket_t s ) -{ - assert(0); -} - -void connection_client_stop( ber_socket_t s ) -{ - assert(0); -} - -void connection2anonymous( Connection *c ) -{ - assert(0); -} - -Connection * connection_first( ber_socket_t *b ) -{ - assert(0); - return NULL; -} - -Connection * connection_next( Connection *c, ber_socket_t *b ) -{ - assert(0); - return NULL; -} - -unsigned long connections_nextid(void) -{ - return 0; -} - -void connection_done( Connection *c ) -{ - assert(0); -} - -const char * connection_state2str( int state ) -{ - assert(0); - return NULL; -} - -void replog( Operation *op ) -{ - assert(0); -} - -int add_replica_info( Backend *be, const char *host ) -{ - return 0; -} - -int add_replica_suffix( Backend *be, int nr, const char *suffix ) -{ - return 0; -} - -int add_replica_attrs( Backend *be, int nr, char *attrs, int exclude ) -{ - return 0; -} - -int parse_limits( Backend *be, const char *fname, int lineno, int argc, char **argv ) -{ - return 0; -} - -int parse_limit( const char *arg, struct slap_limits_set *limit ) -{ - return 0; -} - -int get_limits( Operation *op, struct berval *ndn, struct slap_limits_set **limit ) -{ - return 0; -} - -int read_root_dse_file ( const char *file ) -{ - return 0; -} - -Attribute * -slap_operational_subschemaSubentry( Backend *be ) -{ - return NULL; -} - -Attribute * -slap_operational_hasSubordinate( int hs ) -{ - return NULL; -} - -Listener ** -slapd_get_listeners(void) -{ - return NULL; -} - -int -slap_modrdn2mods( - Operation *op, SlapReply *rs, - Entry *e, - LDAPRDN oldrdn, - LDAPRDN newrdn, - Modifications **pmod ) -{ - return 0; -} - -int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, - char *user_realm, struct berval *dn, int flags ) -{ - return -1; -} - -int slap_sasl_authorized( Operation *op, - struct berval *authcDN, struct berval *authzDN ) -{ - return -1; -} - -int root_dse_info( Connection *conn, Entry **entry, const char **text ) -{ - return -1; -} - -int slap_entry2mods( Entry *e, Modifications **mods, const char **text, - char *textbuf, size_t textlen ) -{ - return -1; -} - -volatile sig_atomic_t slapd_shutdown; - -int slap_mods_check( Modifications *ml, int update, const char **text, - char *textbuf, size_t textlen, void *ctx ) -{ - return -1; -} - -int slap_mods2entry( Modifications *mods, Entry **e, int repl_user, - int dup, const char **text, char *textbuf, size_t textlen ) -{ - return -1; -} - -int slap_mods_opattrs( Operation *op, Modifications *mods, - Modifications **modtail, const char **text, - char *textbuf, size_t textlen ) -{ - return -1; -} - -int slap_parse_user( struct berval *id, struct berval *user, - struct berval *realm, struct berval *mech ) -{ - return -1; -} diff --git a/servers/slapd/tools/slapadd.c b/servers/slapd/tools/slapadd.c deleted file mode 100644 index 527399116b..0000000000 --- a/servers/slapd/tools/slapadd.c +++ /dev/null @@ -1,691 +0,0 @@ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * Portions Copyright 2003 IBM Corporation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. Additional signficant contributors include - * Jong Hyuk Choi - * Pierangelo Masarati - */ - -#include "portable.h" - -#include - -#include - -#include -#include -#include -#include - -#include -#include -#include - -#include "slapcommon.h" - -static char csnbuf[ LDAP_LUTIL_CSNSTR_BUFSIZE ]; -static const struct berval slap_syncrepl_bvc = BER_BVC("syncreplxxx"); -static const struct berval slap_syncrepl_cn_bvc = BER_BVC("cn=syncreplxxx"); -static struct berval slap_syncrepl_bv = BER_BVNULL; -static struct berval slap_syncrepl_cn_bv = BER_BVNULL; - -struct subentryinfo { - struct berval cn; - struct berval ndn; - struct berval rdn; - struct berval cookie; - LDAP_SLIST_ENTRY( subentryinfo ) sei_next; -}; - -int -main( int argc, char **argv ) -{ - char *buf = NULL; - int lineno; - int lmax; - int rc = EXIT_SUCCESS; - - const char *text; - char textbuf[SLAP_TEXT_BUFLEN] = { '\0' }; - size_t textlen = sizeof textbuf; - - struct berval csn; - struct berval maxcsn = { 0, NULL }; - struct berval ldifcsn = { 0, NULL }; - int match; - int provider_subentry = 0; - struct subentryinfo *sei; - LDAP_SLIST_HEAD( consumer_subentry_slist, subentryinfo ) consumer_subentry; - Attribute *attr; - Entry *ctxcsn_e; - ID ctxcsn_id; - struct berval ctxcsn_ndn = { 0, NULL }; - int ret; - struct berval bvtext; - int i; -#ifdef NEW_LOGGING - lutil_log_initialize(argc, argv ); -#endif - slap_tool_init( "slapadd", SLAPADD, argc, argv ); - - LDAP_SLIST_INIT( &consumer_subentry ); - - if( !be->be_entry_open || - !be->be_entry_close || - !be->be_entry_put ) - { - fprintf( stderr, "%s: database doesn't support necessary operations.\n", - progname ); - exit( EXIT_FAILURE ); - } - - lmax = 0; - lineno = 0; - - if( be->be_entry_open( be, 1 ) != 0 ) { - fprintf( stderr, "%s: could not open database.\n", - progname ); - exit( EXIT_FAILURE ); - } - - while( ldif_read_record( ldiffp, &lineno, &buf, &lmax ) ) { - Entry *e = str2entry( buf ); - - /* - * Initialize text buffer - */ - bvtext.bv_len = textlen; - bvtext.bv_val = textbuf; - bvtext.bv_val[0] = '\0'; - - if( e == NULL ) { - fprintf( stderr, "%s: could not parse entry (line=%d)\n", - progname, lineno ); - rc = EXIT_FAILURE; - if( continuemode ) continue; - break; - } - - /* make sure the DN is not empty */ - if( !e->e_nname.bv_len ) { - fprintf( stderr, "%s: empty dn=\"%s\" (line=%d)\n", - progname, e->e_dn, lineno ); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - - /* check backend */ - if( select_backend( &e->e_nname, is_entry_referral(e), nosubordinates ) - != be ) - { - fprintf( stderr, "%s: line %d: " - "database (%s) not configured to hold \"%s\"\n", - progname, lineno, - be ? be->be_suffix[0].bv_val : "", - e->e_dn ); - fprintf( stderr, "%s: line %d: " - "database (%s) not configured to hold \"%s\"\n", - progname, lineno, - be ? be->be_nsuffix[0].bv_val : "", - e->e_ndn ); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - - if( global_schemacheck ) { - Attribute *sc = attr_find( e->e_attrs, - slap_schema.si_ad_structuralObjectClass ); - Attribute *oc = attr_find( e->e_attrs, - slap_schema.si_ad_objectClass ); - - if( oc == NULL ) { - fprintf( stderr, "%s: dn=\"%s\" (line=%d): %s\n", - progname, e->e_dn, lineno, - "no objectClass attribute"); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - - if( sc == NULL ) { - struct berval vals[2]; - - rc = structural_class( oc->a_vals, vals, - NULL, &text, textbuf, textlen ); - - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "%s: dn=\"%s\" (line=%d): (%d) %s\n", - progname, e->e_dn, lineno, rc, text ); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - - vals[1].bv_len = 0; - vals[1].bv_val = NULL; - - attr_merge( e, slap_schema.si_ad_structuralObjectClass, - vals, NULL /* FIXME */ ); - } - - /* check schema */ - rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen ); - - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "%s: dn=\"%s\" (line=%d): (%d) %s\n", - progname, e->e_dn, lineno, rc, text ); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - } - - if ( SLAP_LASTMOD(be) ) { - struct tm *ltm; - time_t now = slap_get_time(); - char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ]; - struct berval vals[ 2 ]; - - struct berval name, timestamp; - - struct berval nvals[ 2 ]; - struct berval nname; - char timebuf[ LDAP_LUTIL_GENTIME_BUFSIZE ]; - - vals[1].bv_len = 0; - vals[1].bv_val = NULL; - - nvals[1].bv_len = 0; - nvals[1].bv_val = NULL; - - ltm = gmtime(&now); - lutil_gentime( timebuf, sizeof(timebuf), ltm ); - - csn.bv_len = lutil_csnstr( csnbuf, sizeof( csnbuf ), 0, 0 ); - csn.bv_val = csnbuf; - - timestamp.bv_val = timebuf; - timestamp.bv_len = strlen(timebuf); - - if ( be->be_rootndn.bv_len == 0 ) { - name.bv_val = SLAPD_ANONYMOUS; - name.bv_len = sizeof(SLAPD_ANONYMOUS) - 1; - nname.bv_val = SLAPD_ANONYMOUS; - nname.bv_len = sizeof(SLAPD_ANONYMOUS) - 1; - } else { - name = be->be_rootdn; - nname = be->be_rootndn; - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_entryUUID ) - == NULL ) - { - vals[0].bv_len = lutil_uuidstr( uuidbuf, sizeof( uuidbuf ) ); - vals[0].bv_val = uuidbuf; - attr_merge_normalize_one( e, - slap_schema.si_ad_entryUUID, vals, NULL ); - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_creatorsName ) - == NULL ) - { - vals[0] = name; - nvals[0] = nname; - attr_merge( e, slap_schema.si_ad_creatorsName, vals, nvals ); - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_modifiersName ) - == NULL ) - { - vals[0] = name; - nvals[0] = nname; - attr_merge( e, slap_schema.si_ad_modifiersName, vals, nvals ); - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_createTimestamp ) - == NULL ) - { - vals[0] = timestamp; - attr_merge( e, slap_schema.si_ad_createTimestamp, vals, NULL ); - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_modifyTimestamp ) - == NULL ) - { - vals[0] = timestamp; - attr_merge( e, slap_schema.si_ad_modifyTimestamp, vals, NULL ); - } - - if( attr_find( e->e_attrs, slap_schema.si_ad_entryCSN ) - == NULL ) - { - vals[0] = csn; - attr_merge( e, slap_schema.si_ad_entryCSN, vals, NULL ); - } - - if ( !is_entry_syncProviderSubentry( e ) && - !is_entry_syncConsumerSubentry( e ) && - update_ctxcsn != SLAP_TOOL_CTXCSN_KEEP ) { - attr = attr_find( e->e_attrs, slap_schema.si_ad_entryCSN ); - if ( maxcsn.bv_len != 0 ) { - value_match( &match, slap_schema.si_ad_entryCSN, - slap_schema.si_ad_entryCSN->ad_type->sat_ordering, - SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &maxcsn, &attr->a_nvals[0], &text ); - } else { - match = -1; - } - if ( match < 0 ) { - if ( maxcsn.bv_val ) - ch_free( maxcsn.bv_val ); - ber_dupbv( &maxcsn, &attr->a_nvals[0] ); - } - } - } - - if ( update_ctxcsn == SLAP_TOOL_CTXCSN_KEEP && - ( replica_promotion || replica_demotion )) { - if ( is_entry_syncProviderSubentry( e )) { - if ( !LDAP_SLIST_EMPTY( &consumer_subentry )) { - fprintf( stderr, "%s: consumer and provider subentries " - "are both present\n", progname ); - rc = EXIT_FAILURE; - entry_free( e ); - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - while ( sei ) { - ch_free( sei->cn.bv_val ); - ch_free( sei->ndn.bv_val ); - ch_free( sei->rdn.bv_val ); - ch_free( sei->cookie.bv_val ); - LDAP_SLIST_REMOVE_HEAD( &consumer_subentry, sei_next ); - ch_free( sei ); - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - } - break; - } - if ( provider_subentry ) { - fprintf( stderr, "%s: multiple provider subentries are " - "present : add -w flag to refresh\n", progname ); - rc = EXIT_FAILURE; - entry_free( e ); - break; - } - attr = attr_find( e->e_attrs, slap_schema.si_ad_contextCSN ); - if ( attr == NULL ) { - entry_free( e ); - continue; - } - provider_subentry = 1; - ber_dupbv( &maxcsn, &attr->a_nvals[0] ); - } else if ( is_entry_syncConsumerSubentry( e )) { - if ( provider_subentry ) { - fprintf( stderr, "%s: consumer and provider subentries " - "are both present\n", progname ); - rc = EXIT_FAILURE; - entry_free( e ); - break; - } - - attr = attr_find( e->e_attrs, slap_schema.si_ad_cn ); - - if ( attr == NULL ) { - entry_free( e ); - continue; - } - - if ( !LDAP_SLIST_EMPTY( &consumer_subentry )) { - LDAP_SLIST_FOREACH( sei, &consumer_subentry, sei_next ) { - value_match( &match, slap_schema.si_ad_cn, - slap_schema.si_ad_cn->ad_type->sat_equality, - SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &sei->cn, &attr->a_nvals[0], &text ); - } - if ( !match ) { - fprintf( stderr, "%s: multiple consumer subentries " - "have the same id : add -w flag to refresh\n", - progname ); - rc = EXIT_FAILURE; - entry_free( e ); - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - while ( sei ) { - ch_free( sei->cn.bv_val ); - ch_free( sei->ndn.bv_val ); - ch_free( sei->rdn.bv_val ); - ch_free( sei->cookie.bv_val ); - LDAP_SLIST_REMOVE_HEAD( &consumer_subentry, sei_next ); - ch_free( sei ); - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - } - break; - } - } - sei = ch_calloc( 1, sizeof( struct subentryinfo )); - ber_dupbv( &sei->cn, &attr->a_nvals[0] ); - ber_dupbv( &sei->ndn, &e->e_nname ); - dnExtractRdn( &sei->ndn, &sei->rdn, NULL ); - attr = attr_find( e->e_attrs, slap_schema.si_ad_syncreplCookie ); - if ( attr == NULL ) { - ch_free( sei->cn.bv_val ); - ch_free( sei->ndn.bv_val ); - ch_free( sei->rdn.bv_val ); - ch_free( sei->cookie.bv_val ); - ch_free( sei ); - entry_free( e ); - continue; - } - ber_dupbv( &sei->cookie, &attr->a_nvals[0] ); - LDAP_SLIST_INSERT_HEAD( &consumer_subentry, sei, sei_next ); - } - } - - if (( !is_entry_syncProviderSubentry( e ) && - !is_entry_syncConsumerSubentry( e )) || - ( !replica_promotion && !replica_demotion )) { - if (!dryrun) { - ID id = be->be_entry_put( be, e, &bvtext ); - if( id == NOID ) { - fprintf( stderr, "%s: could not add entry dn=\"%s\" " - "(line=%d): %s\n", progname, e->e_dn, - lineno, bvtext.bv_val ); - rc = EXIT_FAILURE; - entry_free( e ); - if( continuemode ) continue; - break; - } - - if ( verbose ) { - fprintf( stderr, "added: \"%s\" (%08lx)\n", - e->e_dn, (long) id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) added: \"%s\"\n", e->e_dn ); - } - } - } - - entry_free( e ); - } - - bvtext.bv_len = textlen; - bvtext.bv_val = textbuf; - bvtext.bv_val[0] = '\0'; - - if ( !LDAP_SLIST_EMPTY( &consumer_subentry )) { - maxcsn.bv_len = 0; - maxcsn.bv_val = NULL; - LDAP_SLIST_FOREACH( sei, &consumer_subentry, sei_next ) { - if ( maxcsn.bv_len != 0 ) { - value_match( &match, slap_schema.si_ad_syncreplCookie, - slap_schema.si_ad_syncreplCookie->ad_type->sat_ordering, - SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, - &maxcsn, &sei->cookie, &text ); - } else { - match = -1; - } - if ( match < 0 ) { - if ( maxcsn.bv_val ) - ch_free( maxcsn.bv_val ); - ber_dupbv( &maxcsn, &sei->cookie ); - } - } - } - - if ( SLAP_LASTMOD(be) && replica_promotion ) { - if ( provider_subentry || update_ctxcsn == SLAP_TOOL_CTXCSN_BATCH || - !LDAP_SLIST_EMPTY( &consumer_subentry )) { - build_new_dn( &ctxcsn_ndn, &be->be_nsuffix[0], - (struct berval *)&slap_ldapsync_cn_bv, NULL ); - ctxcsn_id = be->be_dn2id_get( be, &ctxcsn_ndn ); - - if ( ctxcsn_id == NOID ) { - ctxcsn_e = slap_create_context_csn_entry( be, &maxcsn ); - if ( !dryrun ) { - ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not add ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "added: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) added: \"%s\"\n", ctxcsn_e->e_dn ); - } - } - entry_free( ctxcsn_e ); - } else { - ret = be->be_id2entry_get( be, ctxcsn_id, &ctxcsn_e ); - if ( ret == LDAP_SUCCESS ) { - attr = attr_find( ctxcsn_e->e_attrs, - slap_schema.si_ad_contextCSN ); - AC_MEMCPY( attr->a_vals[0].bv_val, maxcsn.bv_val, maxcsn.bv_len ); - attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0'; - attr->a_vals[0].bv_len = maxcsn.bv_len; - if ( !dryrun ) { - ctxcsn_id = be->be_entry_modify( be, ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not modify ctxcsn " - "subentry\n", progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "modified: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) modified: \"%s\"\n", - ctxcsn_e->e_dn ); - } - } - } else { - fprintf( stderr, "%s: could not modify ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - } - } - } else if ( SLAP_LASTMOD(be) && replica_demotion && - ( update_ctxcsn == SLAP_TOOL_CTXCSN_BATCH || - provider_subentry )) { - - ber_dupbv( &slap_syncrepl_bv, (struct berval *) &slap_syncrepl_bvc ); - ber_dupbv( &slap_syncrepl_cn_bv, - (struct berval *) &slap_syncrepl_cn_bvc ); - - if ( replica_id_list == NULL ) { - replica_id_list = ch_calloc( 2, sizeof( int )); - replica_id_list[0] = 0; - replica_id_list[1] = -1; - } - - for ( i = 0; replica_id_list[i] > -1 ; i++ ) { - slap_syncrepl_bv.bv_len = snprintf( slap_syncrepl_bv.bv_val, - slap_syncrepl_bvc.bv_len, - "syncrepl%d", replica_id_list[i] ); - slap_syncrepl_cn_bv.bv_len = snprintf( slap_syncrepl_cn_bv.bv_val, - slap_syncrepl_cn_bvc.bv_len, - "cn=syncrepl%d", replica_id_list[i] ); - build_new_dn( &ctxcsn_ndn, &be->be_nsuffix[0], - (struct berval *)&slap_syncrepl_cn_bv, NULL ); - ctxcsn_id = be->be_dn2id_get( be, &ctxcsn_ndn ); - - if ( ctxcsn_id == NOID ) { - ctxcsn_e = slap_create_syncrepl_entry( be, &maxcsn, - &slap_syncrepl_cn_bv, - &slap_syncrepl_bv ); - if ( !dryrun ) { - ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not add ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "added: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) added: \"%s\"\n", - ctxcsn_e->e_dn ); - } - } - entry_free( ctxcsn_e ); - } else { - ret = be->be_id2entry_get( be, ctxcsn_id, &ctxcsn_e ); - if ( ret == LDAP_SUCCESS ) { - attr = attr_find( ctxcsn_e->e_attrs, - slap_schema.si_ad_syncreplCookie ); - AC_MEMCPY( attr->a_vals[0].bv_val, maxcsn.bv_val, maxcsn.bv_len ); - attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0'; - attr->a_vals[0].bv_len = maxcsn.bv_len; - if ( !dryrun ) { - ctxcsn_id = be->be_entry_modify( be, - ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not modify ctxcsn " - "subentry\n", progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "modified: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) modified: \"%s\"\n", - ctxcsn_e->e_dn ); - } - } - } else { - fprintf( stderr, "%s: could not modify ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - } - } - - if ( slap_syncrepl_bv.bv_val ) { - ch_free( slap_syncrepl_bv.bv_val ); - } - if ( slap_syncrepl_cn_bv.bv_val ) { - ch_free( slap_syncrepl_cn_bv.bv_val ); - } - } else if ( SLAP_LASTMOD(be) && replica_demotion && - !LDAP_SLIST_EMPTY( &consumer_subentry )) { - - LDAP_SLIST_FOREACH( sei, &consumer_subentry, sei_next ) { - ctxcsn_id = be->be_dn2id_get( be, &sei->ndn ); - - if ( ctxcsn_id == NOID ) { - ctxcsn_e = slap_create_syncrepl_entry( be, &sei->cookie, - &sei->rdn, &sei->cn ); - if ( !dryrun ) { - ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not add ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "added: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) added: \"%s\"\n", - ctxcsn_e->e_dn ); - } - } - entry_free( ctxcsn_e ); - } else { - ret = be->be_id2entry_get( be, ctxcsn_id, &ctxcsn_e ); - if ( ret == LDAP_SUCCESS ) { - attr = attr_find( ctxcsn_e->e_attrs, - slap_schema.si_ad_syncreplCookie ); - AC_MEMCPY( attr->a_vals[0].bv_val, maxcsn.bv_val, maxcsn.bv_len ); - attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0'; - attr->a_vals[0].bv_len = maxcsn.bv_len; - if ( !dryrun ) { - ctxcsn_id = be->be_entry_modify( be, - ctxcsn_e, &bvtext ); - if( ctxcsn_id == NOID ) { - fprintf( stderr, "%s: could not modify ctxcsn " - "subentry\n", progname); - rc = EXIT_FAILURE; - } - if ( verbose ) { - fprintf( stderr, "modified: \"%s\" (%08lx)\n", - ctxcsn_e->e_dn, (long) ctxcsn_id ); - } - } else { - if ( verbose ) { - fprintf( stderr, "(dry) modified: \"%s\"\n", - ctxcsn_e->e_dn ); - } - } - } else { - fprintf( stderr, "%s: could not modify ctxcsn subentry\n", - progname); - rc = EXIT_FAILURE; - } - } - } - - if ( slap_syncrepl_bv.bv_val ) { - ch_free( slap_syncrepl_bv.bv_val ); - } - if ( slap_syncrepl_cn_bv.bv_val ) { - ch_free( slap_syncrepl_cn_bv.bv_val ); - } - } - - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - while ( sei ) { - ch_free( sei->cn.bv_val ); - ch_free( sei->ndn.bv_val ); - ch_free( sei->rdn.bv_val ); - ch_free( sei->cookie.bv_val ); - LDAP_SLIST_REMOVE_HEAD( &consumer_subentry, sei_next ); - ch_free( sei ); - sei = LDAP_SLIST_FIRST( &consumer_subentry ); - } - - ch_free( buf ); - - if( be->be_entry_close( be )) rc = EXIT_FAILURE; - - if( be->be_sync ) { - be->be_sync( be ); - } - - slap_tool_destroy(); - return rc; -} diff --git a/servers/slapd/tools/slapcat.c b/servers/slapd/tools/slapcat.c deleted file mode 100644 index 7d985a3d7d..0000000000 --- a/servers/slapd/tools/slapcat.c +++ /dev/null @@ -1,117 +0,0 @@ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * Portions Copyright 2003 IBM Corporation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. Additional signficant contributors include - * Jong Hyuk Choi - */ - -#include "portable.h" - -#include - -#include -#include -#include -#include - -#include "slapcommon.h" - -int -main( int argc, char **argv ) -{ - ID id; - int rc = EXIT_SUCCESS; - Operation op = {0}; - - slap_tool_init( "slapcat", SLAPCAT, argc, argv ); - - if( !be->be_entry_open || - !be->be_entry_close || - !be->be_entry_first || - !be->be_entry_next || - !be->be_entry_get ) - { - fprintf( stderr, "%s: database doesn't support necessary operations.\n", - progname ); - exit( EXIT_FAILURE ); - } - - if( be->be_entry_open( be, 0 ) != 0 ) { - fprintf( stderr, "%s: could not open database.\n", - progname ); - exit( EXIT_FAILURE ); - } - - for ( id = be->be_entry_first( be ); - id != NOID; - id = be->be_entry_next( be ) ) - { - char *data; - int len; - Entry* e = be->be_entry_get( be, id ); - op.o_bd = be; - - if ( e == NULL ) { - printf("# no data for entry id=%08lx\n\n", (long) id ); - rc = EXIT_FAILURE; - if( continuemode ) continue; - break; - } - - if( sub_ndn.bv_len && !dnIsSuffix( &e->e_nname, &sub_ndn ) ) { - be_entry_release_r( &op, e ); - continue; - } - - if ( retrieve_ctxcsn == 0 ) { - if ( is_entry_syncProviderSubentry( e ) ) { - be_entry_release_r( &op, e ); - continue; - } - } - - if ( retrieve_synccookie == 0 ) { - if ( is_entry_syncConsumerSubentry( e ) ) { - be_entry_release_r( &op, e ); - continue; - } - } - - if( verbose ) { - printf( "# id=%08lx\n", (long) id ); - } - - data = entry2str( e, &len ); - be_entry_release_r( &op, e ); - - if ( data == NULL ) { - printf("# bad data for entry id=%08lx\n\n", (long) id ); - rc = EXIT_FAILURE; - if( continuemode ) continue; - break; - } - - fputs( data, ldiffp ); - fputs( "\n", ldiffp ); - } - - be->be_entry_close( be ); - - slap_tool_destroy(); - return rc; -} diff --git a/servers/slapd/tools/slapcommon.c b/servers/slapd/tools/slapcommon.c deleted file mode 100644 index 4d2117b466..0000000000 --- a/servers/slapd/tools/slapcommon.c +++ /dev/null @@ -1,441 +0,0 @@ -/* slapcommon.c - common routine for the slap tools */ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * Portions Copyright 2003 IBM Corporation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. Additional signficant contributors include - * Jong Hyuk Choi - * Hallvard B. Furuseth - * Howard Chu - * Pierangelo Masarati - */ - -#include "portable.h" - -#include - -#include -#include -#include -#include -#include - -#include "slapcommon.h" -#include "lutil.h" - - -char *progname = NULL; -char *conffile = SLAPD_DEFAULT_CONFIGFILE; -int truncatemode = 0; -int verbose = 0; -int update_ctxcsn = SLAP_TOOL_CTXCSN_KEEP; -int retrieve_ctxcsn = 0; -int retrieve_synccookie = 0; -int replica_promotion = 0; -int replica_demotion = 0; -char *replica_id_string = NULL; -char **replica_id_strlist = NULL; -int *replica_id_list = NULL; -int continuemode = 0; -int nosubordinates = 0; -int dryrun = 0; -struct berval sub_ndn = { 0, NULL }; - -char *ldiffile = NULL; -FILE *ldiffp = NULL; - -#ifdef CSRIMALLOC - char *leakfilename; - FILE *leakfile; -#endif - -Backend *be = NULL; - -static void -usage( int tool ) -{ - char *options = NULL; - fprintf( stderr, - "usage: %s [-v] [-c] [-d debuglevel] [-f configfile]\n" - "\t[-n databasenumber | -b suffix]", progname ); - - switch( tool ) { - case SLAPADD: - options = "\n\t[-l ldiffile] [-u] [-p [-w] | -r [-i syncreplidlist] [-w]]\n"; - break; - - case SLAPCAT: - options = "\t[-l ldiffile] [-m] [-k]\n"; - break; - - case SLAPINDEX: - options = "\n"; - break; - } - - if( options != NULL ) { - fputs( options, stderr ); - } - exit( EXIT_FAILURE ); -} - - -/* - * slap_tool_init - initialize slap utility, handle program options. - * arguments: - * name program name - * tool tool code - * argc, argv command line arguments - */ - -void -slap_tool_init( - const char* name, - int tool, - int argc, char **argv ) -{ - char *options; - struct berval base = { 0, NULL }; - char *subtree = NULL; - int rc, i, dbnum; - int mode = SLAP_TOOL_MODE; - - progname = lutil_progname( name, argc, argv ); - -#ifdef CSRIMALLOC - leakfilename = malloc( strlen( progname ) + sizeof(".leak") ); - sprintf( leakfilename, "%s.leak", progname ); - if( ( leakfile = fopen( leakfilename, "w" )) == NULL ) { - leakfile = stderr; - } - free( leakfilename ); -#endif - - switch( tool ) { - case SLAPADD: - options = "b:cd:f:i:l:n:prtuvWw"; - break; - - case SLAPINDEX: - options = "b:cd:f:n:v"; - mode |= SLAP_TOOL_READMAIN; - break; - - case SLAPCAT: - options = "b:cd:f:kl:mn:s:v"; - mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY; - break; - - default: - fprintf( stderr, "%s: unknown tool mode (%d)\n", - progname, tool ); - exit( EXIT_FAILURE ); - } - - ldiffile = NULL; - conffile = SLAPD_DEFAULT_CONFIGFILE; - dbnum = -1; - while ( (i = getopt( argc, argv, options )) != EOF ) { - switch ( i ) { - case 'b': - base.bv_val = strdup( optarg ); - base.bv_len = strlen( base.bv_val ); - break; - - case 'c': /* enable continue mode */ - continuemode++; - break; - - case 'd': /* turn on debugging */ - ldap_debug += atoi( optarg ); - break; - - case 'f': /* specify a conf file */ - conffile = strdup( optarg ); - break; - - case 'i': /* specify syncrepl id list */ - replica_id_string = strdup( optarg ); - if ( !isdigit( (unsigned char) *replica_id_string )) { - usage( tool ); - exit( EXIT_FAILURE ); - } - str2clist( &replica_id_strlist, replica_id_string, "," ); - for ( i = 0; replica_id_strlist && replica_id_strlist[i]; i++ ) ; - replica_id_list = ch_calloc( i + 1, sizeof( int ) ); - for ( i = 0; replica_id_strlist && replica_id_strlist[i]; i++ ) { - replica_id_list[i] = atoi( replica_id_strlist[i] ); - if ( replica_id_list[i] >= 1000 ) { - fprintf(stderr, - "%s: syncrepl id %d is out of range [0..999]\n", - progname, replica_id_list[i] ); - exit( EXIT_FAILURE ); - } - } - replica_id_list[i] = -1; - break; - - case 'k': /* Retrieve sync cookie entry */ - retrieve_synccookie = 1; - break; - - case 'l': /* LDIF file */ - ldiffile = strdup( optarg ); - break; - - case 'm': /* Retrieve ldapsync entry */ - retrieve_ctxcsn = 1; - break; - - case 'n': /* which config file db to index */ - dbnum = atoi( optarg ) - 1; - break; - - case 'p': /* replica promotion */ - replica_promotion = 1; - break; - - case 'r': /* replica demotion */ - replica_demotion = 1; - break; - - case 's': /* dump subtree */ - subtree = strdup( optarg ); - break; - - case 't': /* turn on truncate */ - truncatemode++; - mode |= SLAP_TRUNCATE_MODE; - break; - - case 'u': /* dry run */ - dryrun++; - break; - - case 'v': /* turn on verbose */ - verbose++; - break; - - case 'W': /* write context csn on every entry add */ - update_ctxcsn = SLAP_TOOL_CTXCSN_BATCH; - /* FIXME : update_ctxcsn = SLAP_TOOL_CTXCSN_ENTRY; */ - break; - - case 'w': /* write context csn on at the end */ - update_ctxcsn = SLAP_TOOL_CTXCSN_BATCH; - break; - - default: - usage( tool ); - break; - } - } - - if ( ( argc != optind ) || (dbnum >= 0 && base.bv_val != NULL ) ) { - usage( tool ); - } - - if ( replica_promotion && replica_demotion ) { - usage( tool ); - } else if ( !replica_promotion && !replica_demotion ) { - if ( update_ctxcsn != SLAP_TOOL_CTXCSN_KEEP ) { - usage( tool ); - } - } - - if ( ldiffile == NULL ) { - ldiffp = tool == SLAPCAT ? stdout : stdin; - - } else if( (ldiffp = fopen( ldiffile, tool == SLAPCAT ? "w" : "r" )) - == NULL ) - { - perror( ldiffile ); - exit( EXIT_FAILURE ); - } - - /* - * initialize stuff and figure out which backend we're dealing with - */ - -#ifdef SLAPD_MODULES - if ( module_init() != 0 ) { - fprintf( stderr, "%s: module_init failed!\n", progname ); - exit( EXIT_FAILURE ); - } -#endif - - rc = slap_init( mode, progname ); - - if ( rc != 0 ) { - fprintf( stderr, "%s: slap_init failed!\n", progname ); - exit( EXIT_FAILURE ); - } - - rc = slap_schema_init(); - - if ( rc != 0 ) { - fprintf( stderr, "%s: slap_schema_init failed!\n", progname ); - exit( EXIT_FAILURE ); - } - - rc = read_config( conffile, 0 ); - - if ( rc != 0 ) { - fprintf( stderr, "%s: bad configuration file!\n", progname ); - exit( EXIT_FAILURE ); - } - - if ( !nbackends ) { - fprintf( stderr, "No databases found in config file\n" ); - exit( EXIT_FAILURE ); - } - - rc = glue_sub_init(); - - if ( rc != 0 ) { - fprintf( stderr, "Subordinate configuration error\n" ); - exit( EXIT_FAILURE ); - } - - rc = slap_schema_check(); - - if ( rc != 0 ) { - fprintf( stderr, "%s: slap_schema_prep failed!\n", progname ); - exit( EXIT_FAILURE ); - } - - if( subtree ) { - struct berval val; - val.bv_val = subtree; - val.bv_len = strlen( subtree ); - rc = dnNormalize( 0, NULL, NULL, &val, &sub_ndn, NULL ); - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "Invalid subtree DN '%s'\n", optarg ); - exit( EXIT_FAILURE ); - } - - if( base.bv_val == NULL && dbnum == -1 ) - base = val; - else - free( subtree ); - } - - if( base.bv_val != NULL ) { - struct berval nbase; - - rc = dnNormalize( 0, NULL, NULL, &base, &nbase, NULL ); - if( rc != LDAP_SUCCESS ) { - fprintf( stderr, "%s: slap_init invalid suffix (\"%s\")\n", - progname, base.bv_val ); - exit( EXIT_FAILURE ); - } - - be = select_backend( &nbase, 0, 0 ); - ber_memfree( nbase.bv_val ); - - if( be == NULL ) { - fprintf( stderr, "%s: slap_init no backend for \"%s\"\n", - progname, base.bv_val ); - exit( EXIT_FAILURE ); - } - /* If the named base is a glue master, operate on the - * entire context - */ - if (SLAP_GLUE_INSTANCE(be)) { - nosubordinates = 1; - } - - } else if ( dbnum == -1 ) { - if ( nbackends <= 0 ) { - fprintf( stderr, "No available databases\n" ); - exit( EXIT_FAILURE ); - } - - be = &backends[dbnum=0]; - /* If just doing the first by default and it is a - * glue subordinate, find the master. - */ - while (SLAP_GLUE_SUBORDINATE(be) || SLAP_MONITOR(be)) { - if (SLAP_GLUE_SUBORDINATE(be)) { - nosubordinates = 1; - } - be++; - dbnum++; - } - - - if ( dbnum >= nbackends ) { - fprintf( stderr, "Available database(s) " - "do not allow %s\n", name ); - exit( EXIT_FAILURE ); - } - - if ( nosubordinates == 0 && dbnum > 0 ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACKEND, ERR, -"The first database does not allow %s; using the first available one (%d)\n", - name, dbnum + 1, 0 ); -#else - Debug( LDAP_DEBUG_ANY, -"The first database does not allow %s; using the first available one (%d)\n", - name, dbnum + 1, 0 ); -#endif - } - - } else if ( dbnum < 0 || dbnum > (nbackends-1) ) { - fprintf( stderr, - "Database number selected via -n is out of range\n" - "Must be in the range 1 to %d" - " (number of databases in the config file)\n", - nbackends ); - exit( EXIT_FAILURE ); - - } else { - be = &backends[dbnum]; - } - -#ifdef CSRIMALLOC - mal_leaktrace(1); -#endif - - if ( slap_startup( be ) ) { - fprintf( stderr, "slap_startup failed\n" ); - exit( EXIT_FAILURE ); - } -} - -void slap_tool_destroy( void ) -{ - slap_shutdown( be ); - slap_destroy(); -#ifdef SLAPD_MODULES - if ( slapMode == SLAP_SERVER_MODE ) { - /* always false. just pulls in necessary symbol references. */ - lutil_uuidstr(NULL, 0); - } - module_kill(); -#endif - schema_destroy(); -#ifdef HAVE_TLS - ldap_pvt_tls_destroy(); -#endif - config_destroy(); - -#ifdef CSRIMALLOC - mal_dumpleaktrace( leakfile ); -#endif -} diff --git a/servers/slapd/tools/slapcommon.h b/servers/slapd/tools/slapcommon.h deleted file mode 100644 index 396a71a5bc..0000000000 --- a/servers/slapd/tools/slapcommon.h +++ /dev/null @@ -1,62 +0,0 @@ -/* slapcommon.h - common definitions for the slap tools */ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in the file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ - -#ifndef SLAPCOMMON_H_ -#define SLAPCOMMON_H_ 1 - -#define SLAPD_TOOLS 1 -#include "../slap.h" - -enum slaptool { - SLAPCAT=1, /* database -> LDIF tool */ - SLAPADD, /* LDIF -> database tool */ - SLAPINDEX, /* database index tool */ - SLAPTEST /* database testing tool */ -}; - -#define SLAP_TOOL_CTXCSN_KEEP 0 -#define SLAP_TOOL_CTXCSN_ENTRY 1 -#define SLAP_TOOL_CTXCSN_BATCH 2 - -extern char *progname; -extern char *conffile; -extern Backend *be; -extern int appendmode; -extern int verbose; -extern int update_ctxcsn; -extern int retrieve_ctxcsn; -extern int retrieve_synccookie; -extern int replica_promotion; -extern int replica_demotion; -extern char *replica_id_string; -extern char **replica_id_strlist; -extern int *replica_id_list; -extern int continuemode; -extern int nosubordinates; -extern int dryrun; -extern struct berval sub_ndn; - -extern char *ldiffile; -extern FILE *ldiffp; - -void slap_tool_init LDAP_P(( - const char* name, - int tool, - int argc, char **argv )); - -void slap_tool_destroy LDAP_P((void)); - -#endif /* SLAPCOMMON_H_ */ diff --git a/servers/slapd/tools/slapindex.c b/servers/slapd/tools/slapindex.c deleted file mode 100644 index 08fd49c769..0000000000 --- a/servers/slapd/tools/slapindex.c +++ /dev/null @@ -1,82 +0,0 @@ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. - */ - -#include "portable.h" - -#include - -#include - -#include -#include -#include -#include - -#include "slapcommon.h" - -int -main( int argc, char **argv ) -{ - ID id; - int rc = EXIT_SUCCESS; - - slap_tool_init( "slapindex", SLAPINDEX, argc, argv ); - - if( !be->be_entry_open || - !be->be_entry_close || - !be->be_entry_first || - !be->be_entry_next || - !be->be_entry_reindex ) - { - fprintf( stderr, "%s: database doesn't support necessary operations.\n", - progname ); - exit( EXIT_FAILURE ); - } - - if( be->be_entry_open( be, 0 ) != 0 ) { - fprintf( stderr, "%s: could not open database.\n", - progname ); - exit( EXIT_FAILURE ); - } - - for ( id = be->be_entry_first( be ); - id != NOID; - id = be->be_entry_next( be ) ) - { - int rtn; - - if( verbose ) { - printf("indexing id=%08lx\n", (long) id ); - } - - rtn = be->be_entry_reindex( be, id ); - - if( rtn != LDAP_SUCCESS ) { - rc = EXIT_FAILURE; - if( continuemode ) continue; - break; - } - } - - (void) be->be_entry_close( be ); - - slap_tool_destroy(); - return( rc ); -} diff --git a/servers/slapd/tools/slappasswd.c b/servers/slapd/tools/slappasswd.c deleted file mode 100644 index b144ae5937..0000000000 --- a/servers/slapd/tools/slappasswd.c +++ /dev/null @@ -1,149 +0,0 @@ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2004 The OpenLDAP Foundation. - * Portions Copyright 1998-2003 Kurt D. Zeilenga. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ -/* ACKNOWLEDGEMENTS: - * This work was initially developed by Kurt Zeilenga for inclusion - * in OpenLDAP Software. - */ - -#include "portable.h" - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "ldap_defaults.h" - -static int verbose = 0; - -static void -usage(const char *s) -{ - fprintf(stderr, - "Usage: %s [options]\n" - " -h hash\tpassword scheme\n" - " -s secret\tnew password\n" - " -c format\tcrypt(3) salt format\n" - " -u\t\tgenerate RFC2307 values (default)\n" - " -v\t\tincrease verbosity\n" - " -T file\tread file for new password\n" - , s ); - - exit( EXIT_FAILURE ); -} - -int -main( int argc, char *argv[] ) -{ - char *scheme = "{SSHA}"; - char *newpw = NULL; - char *pwfile = NULL; - const char *text; - - int i; - struct berval passwd; - struct berval *hash = NULL; - - while( (i = getopt( argc, argv, - "c:d:h:s:T:vu" )) != EOF ) - { - switch (i) { - case 'c': /* crypt salt format */ - scheme = "{CRYPT}"; - lutil_salt_format( optarg ); - break; - - case 'h': /* scheme */ - scheme = strdup( optarg ); - break; - - case 's': /* new password (secret) */ - { - char* p; - newpw = strdup( optarg ); - - for( p = optarg; *p != '\0'; p++ ) { - *p = '\0'; - } - } break; - - case 'T': /* password file */ - pwfile = optarg; - break; - - case 'u': /* RFC2307 userPassword */ - break; - - case 'v': /* verbose */ - verbose++; - break; - - default: - usage (argv[0]); - } - } - - if( argc - optind != 0 ) { - usage( argv[0] ); - } - - if( pwfile != NULL ) { - if( lutil_get_filed_password( pwfile, &passwd )) { - return EXIT_FAILURE; - } - } else { - if( newpw == NULL ) { - /* prompt for new password */ - char *cknewpw; - newpw = strdup(getpassphrase("New password: ")); - cknewpw = getpassphrase("Re-enter new password: "); - - if( strcmp( newpw, cknewpw )) { - fprintf( stderr, "Password values do not match\n" ); - return EXIT_FAILURE; - } - } - - passwd.bv_val = newpw; - passwd.bv_len = strlen(passwd.bv_val); - } - - hash = lutil_passwd_hash( &passwd, scheme, &text ); - if( hash == NULL || hash->bv_val == NULL ) { - fprintf( stderr, - "Password generation failed for scheme %s: %s\n", - scheme, text ? text : "" ); - return EXIT_FAILURE; - } - - if( lutil_passwd( hash, &passwd, NULL, &text ) ) { - fprintf( stderr, "Password verification failed. %s\n", - text ? text : "" ); - return EXIT_FAILURE; - } - - printf( "%s\n" , hash->bv_val ); - return EXIT_SUCCESS; -}