From: Kurt Zeilenga Date: Sat, 26 Aug 2000 19:06:17 +0000 (+0000) Subject: Import typedef and other misc changes X-Git-Tag: OPENLDAP_REL_ENG_2_0_0~12 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=ff0bfd0cf32a1d1f3bfb791bbccbec036bf707d4;p=openldap Import typedef and other misc changes --- diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index 2e74071b31..f5dbbcd75f 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -24,7 +24,7 @@ static AccessControl * acl_get( int nmatches, regmatch_t *matches ); static slap_control_t acl_mask( - AccessControl *ac, slap_access_mask_t *mask, + AccessControl *ac, slap_mask_t *mask, Backend *be, Connection *conn, Operation *op, Entry *e, AttributeDescription *desc, @@ -85,7 +85,7 @@ access_allowed( #ifdef LDAP_DEBUG char accessmaskbuf[ACCESSMASK_MAXLEN]; #endif - slap_access_mask_t mask; + slap_mask_t mask; slap_control_t control; const char *attr = desc ? desc->ad_cname->bv_val : NULL; @@ -341,7 +341,7 @@ acl_get( static slap_control_t acl_mask( AccessControl *a, - slap_access_mask_t *mask, + slap_mask_t *mask, Backend *be, Connection *conn, Operation *op, @@ -372,7 +372,7 @@ acl_mask( accessmask2str( *mask, accessmaskbuf ) ); for ( i = 1, b = a->acl_access; b != NULL; b = b->a_next, i++ ) { - slap_access_mask_t oldmask, modmask; + slap_mask_t oldmask, modmask; ACL_INVALIDATE( modmask ); @@ -643,7 +643,7 @@ acl_mask( /* this case works different from the others above. * since aci's themselves give permissions, we need - * to first check b->a_mask, the ACL's access level. + * to first check b->a_access_mask, the ACL's access level. */ if( op->o_ndn == NULL || op->o_ndn[0] == '\0' ) { @@ -657,7 +657,7 @@ acl_mask( /* first check if the right being requested * is allowed by the ACL clause. */ - if ( ! ACL_GRANT( b->a_mask, *mask ) ) { + if ( ! ACL_GRANT( b->a_access_mask, *mask ) ) { continue; } @@ -686,7 +686,7 @@ acl_mask( } /* remove anything that the ACL clause does not allow */ - tgrant &= b->a_mask & ACL_PRIV_MASK; + tgrant &= b->a_access_mask & ACL_PRIV_MASK; tdeny &= ACL_PRIV_MASK; /* see if we have anything to contribute */ @@ -715,7 +715,7 @@ acl_mask( } else #endif { - modmask = b->a_mask; + modmask = b->a_access_mask; } diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c index ce8641d93c..ea8f6b9eed 100644 --- a/servers/slapd/aclparse.c +++ b/servers/slapd/aclparse.c @@ -258,7 +258,7 @@ parse_acl( b = (Access *) ch_calloc( 1, sizeof(Access) ); - ACL_INVALIDATE( b->a_mask ); + ACL_INVALIDATE( b->a_access_mask ); if ( ++i == argc ) { fprintf( stderr, @@ -682,7 +682,7 @@ parse_acl( if( i == argc || ( strcasecmp( left, "stop" ) == 0 )) { /* out of arguments or plain stop */ - ACL_PRIV_ASSIGN(b->a_mask, ACL_PRIV_ADDITIVE); + ACL_PRIV_ASSIGN(b->a_access_mask, ACL_PRIV_ADDITIVE); b->a_type = ACL_STOP; access_append( &a->acl_access, b ); @@ -692,7 +692,7 @@ parse_acl( if( strcasecmp( left, "continue" ) == 0 ) { /* plain continue */ - ACL_PRIV_ASSIGN(b->a_mask, ACL_PRIV_ADDITIVE); + ACL_PRIV_ASSIGN(b->a_access_mask, ACL_PRIV_ADDITIVE); b->a_type = ACL_CONTINUE; access_append( &a->acl_access, b ); @@ -702,7 +702,7 @@ parse_acl( if( strcasecmp( left, "break" ) == 0 ) { /* plain continue */ - ACL_PRIV_ASSIGN(b->a_mask, ACL_PRIV_ADDITIVE); + ACL_PRIV_ASSIGN(b->a_access_mask, ACL_PRIV_ADDITIVE); b->a_type = ACL_BREAK; access_append( &a->acl_access, b ); @@ -712,7 +712,7 @@ parse_acl( if ( strcasecmp( left, "by" ) == 0 ) { /* we've gone too far */ --i; - ACL_PRIV_ASSIGN(b->a_mask, ACL_PRIV_ADDITIVE); + ACL_PRIV_ASSIGN(b->a_access_mask, ACL_PRIV_ADDITIVE); b->a_type = ACL_STOP; access_append( &a->acl_access, b ); @@ -722,13 +722,13 @@ parse_acl( /* get */ if( strncasecmp( left, "self", 4 ) == 0 ) { b->a_dn_self = 1; - ACL_PRIV_ASSIGN( b->a_mask, str2accessmask( &left[4] ) ); + ACL_PRIV_ASSIGN( b->a_access_mask, str2accessmask( &left[4] ) ); } else { - ACL_PRIV_ASSIGN( b->a_mask, str2accessmask( left ) ); + ACL_PRIV_ASSIGN( b->a_access_mask, str2accessmask( left ) ); } - if( ACL_IS_INVALID( b->a_mask ) ) { + if( ACL_IS_INVALID( b->a_access_mask ) ) { fprintf( stderr, "%s: line %d: expecting got \"%s\"\n", fname, lineno, left ); @@ -793,7 +793,7 @@ parse_acl( } char * -accessmask2str( slap_access_mask_t mask, char *buf ) +accessmask2str( slap_mask_t mask, char *buf ) { int none=1; @@ -880,10 +880,10 @@ accessmask2str( slap_access_mask_t mask, char *buf ) return buf; } -slap_access_mask_t +slap_mask_t str2accessmask( const char *str ) { - slap_access_mask_t mask; + slap_mask_t mask; if( !ASCII_ALPHA(str[0]) ) { int i; @@ -1131,7 +1131,7 @@ print_access( Access *b ) fprintf( stderr, " %s%s", b->a_dn_self ? "self" : "", - accessmask2str( b->a_mask, maskbuf ) ); + accessmask2str( b->a_access_mask, maskbuf ) ); if( b->a_type == ACL_BREAK ) { fprintf( stderr, " break" ); diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index b78d96504d..294c851ce7 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -186,7 +186,7 @@ do_bind( if ( method == LDAP_AUTH_SASL ) { char *edn; - unsigned long ssf = 0; + slap_ssf_t ssf = 0; if ( version < LDAP_VERSION3 ) { Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n", diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index d76c7df89c..4d2c62ef2e 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -291,7 +291,7 @@ long connection_init( const char* peername, const char* sockname, int use_tls, - unsigned ssf, + slap_ssf_t ssf, char *authid ) { unsigned long id; @@ -922,14 +922,14 @@ int connection_read(ber_socket_t s) } else if ( rc == 0 ) { void *ssl; - unsigned ssf; + slap_ssf_t ssf; char *authid; c->c_needs_tls_accept = 0; /* we need to let SASL know */ ssl = (void *)ldap_pvt_tls_sb_handle( c->c_sb ); - ssf = (unsigned)ldap_pvt_tls_get_strength( ssl ); + ssf = (slap_ssf_t) ldap_pvt_tls_get_strength( ssl ); authid = (char *)ldap_pvt_tls_get_peer( ssl ); slap_sasl_external( c, ssf, authid ); } diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index 9c961d607d..fb0b70f1e2 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -829,7 +829,7 @@ slapd_daemon_task( ber_int_t s; socklen_t len = sizeof(from); long id; - unsigned ssf = 0; + slap_ssf_t ssf = 0; char *authid = NULL; char *dnsname; diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c index 23923fc826..1660aaa914 100644 --- a/servers/slapd/extended.c +++ b/servers/slapd/extended.c @@ -61,10 +61,6 @@ struct { static extop_list_t *find_extop( extop_list_t *list, char *oid ); -static int extop_callback( - Connection *conn, Operation *op, - int msg, int arg, void *argp); - char * get_supported_extop (int index) { @@ -152,7 +148,7 @@ do_extended( text = NULL; refs = NULL; - rc = (ext->ext_main)( extop_callback, conn, op, + rc = (ext->ext_main)( conn, op, reqoid, reqdata, &rspoid, &rspdata, &rspctrls, &text, &refs ); @@ -247,46 +243,4 @@ find_extop( extop_list_t *list, char *oid ) return(ext); } return(NULL); -} - -int -extop_callback( - Connection *conn, Operation *op, - int msg, int arg, void *argp) -{ - if (argp == NULL) - return(-1); - - switch (msg) { - case SLAPD_EXTOP_GETVERSION: - *(int *)argp = 1; - return(0); - - case SLAPD_EXTOP_GETPROTO: - *(int *)argp = op->o_protocol; - return(0); - - case SLAPD_EXTOP_GETAUTH: - *(int *)argp = op->o_authtype; - return(0); - - case SLAPD_EXTOP_GETDN: - *(char **)argp = op->o_dn; - return(0); - - case SLAPD_EXTOP_GETCLIENT: - if (conn->c_peer_domain != NULL && *conn->c_peer_domain != 0) { - *(char **)argp = conn->c_peer_domain; - return(0); - } - if (conn->c_peer_name != NULL && *conn->c_peer_name != 0) { - *(char **)argp = conn->c_peer_name; - return(0); - } - break; - - default: - break; - } - return(-1); -} +} \ No newline at end of file diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index db240991da..7580f7c661 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -19,7 +19,6 @@ #include int passwd_extop( - SLAP_EXTOP_CALLBACK_FN ext_callback, Connection *conn, Operation *op, const char *reqoid, struct berval *reqdata, diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 55927d4d63..e54ed9aa56 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -77,8 +77,8 @@ LDAP_SLAPD_F (char *) access2str LDAP_P(( slap_access_t access )); LDAP_SLAPD_F (slap_access_t) str2access LDAP_P(( const char *str )); #define ACCESSMASK_MAXLEN sizeof("unknown (+wrscan)") -LDAP_SLAPD_F (char *) accessmask2str LDAP_P(( slap_access_mask_t mask, char* )); -LDAP_SLAPD_F (slap_access_mask_t) str2accessmask LDAP_P(( const char *str )); +LDAP_SLAPD_F (char *) accessmask2str LDAP_P(( slap_mask_t mask, char* )); +LDAP_SLAPD_F (slap_mask_t) str2accessmask LDAP_P(( const char *str )); /* * at.c @@ -269,7 +269,7 @@ LDAP_SLAPD_F (long) connection_init LDAP_P(( const char* peername, const char* sockname, int use_tls, - unsigned ssf, + slap_ssf_t ssf, char *id )); LDAP_SLAPD_F (void) connection_closing LDAP_P(( Connection *c )); @@ -321,18 +321,7 @@ LDAP_SLAPD_F (int) entry_id_cmp LDAP_P(( Entry *a, Entry *b )); * extended.c */ -#define SLAPD_EXTOP_GETVERSION 0 -#define SLAPD_EXTOP_GETPROTO 1 -#define SLAPD_EXTOP_GETAUTH 2 -#define SLAPD_EXTOP_GETDN 3 -#define SLAPD_EXTOP_GETCLIENT 4 - -typedef int (*SLAP_EXTOP_CALLBACK_FN) LDAP_P(( - Connection *conn, Operation *op, - int msg, int arg, void *argp )); - typedef int (*SLAP_EXTOP_MAIN_FN) LDAP_P(( - SLAP_EXTOP_CALLBACK_FN, Connection *conn, Operation *op, const char * reqoid, struct berval * reqdata, @@ -537,7 +526,7 @@ LDAP_SLAPD_F (int) slap_sasl_open( Connection *c ); LDAP_SLAPD_F (char **) slap_sasl_mechs( Connection *c ); LDAP_SLAPD_F (int) slap_sasl_external( Connection *c, - unsigned ssf, /* relative strength of external security */ + slap_ssf_t ssf, /* relative strength of external security */ char *authid ); /* asserted authenication id */ LDAP_SLAPD_F (int) slap_sasl_reset( Connection *c ); @@ -547,7 +536,7 @@ LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P(( Connection *conn, Operation *op, const char *dn, const char *ndn, const char *mech, struct berval *cred, - char **edn, unsigned long *ssf )); + char **edn, slap_ssf_t *ssf )); /* oc.c */ LDAP_SLAPD_F (int) oc_schema_info( Entry *e ); @@ -667,7 +656,6 @@ LDAP_SLAPD_F (int) dscompare LDAP_P(( const char *s1, const char *s2del, char de */ LDAP_SLAPD_F (int) starttls_extop LDAP_P(( - SLAP_EXTOP_CALLBACK_FN, Connection *conn, Operation *op, const char * reqoid, struct berval * reqdata, @@ -723,7 +711,6 @@ LDAP_SLAPD_F (void) slap_init_user LDAP_P(( char *username, char *groupname )); * passwd.c */ LDAP_SLAPD_F (int) passwd_extop LDAP_P(( - SLAP_EXTOP_CALLBACK_FN, Connection *conn, Operation *op, const char * reqoid, struct berval * reqdata, diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 9d509ba9f9..7363716c92 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -290,7 +290,7 @@ int slap_sasl_open( Connection *conn ) int slap_sasl_external( Connection *conn, - unsigned ssf, + slap_ssf_t ssf, char *auth_id ) { #ifdef HAVE_CYRUS_SASL @@ -302,7 +302,7 @@ int slap_sasl_external( return LDAP_UNAVAILABLE; } - memset( &extprops, 0L, sizeof(extprops) ); + memset( &extprops, '\0', sizeof(extprops) ); extprops.ssf = ssf; extprops.auth_id = auth_id; @@ -385,7 +385,7 @@ int slap_sasl_bind( const char *mech, struct berval *cred, char **edn, - unsigned long *ssfp ) + slap_ssf_t *ssfp ) { int rc = 1; diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 62d3548b0e..8373bda8ef 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -2574,7 +2574,7 @@ struct mrule_defs_rec mrule_defs[] = { caseIgnoreIA5SubstringsFilter, NULL}, - {"( 1.3.6.1.4.1.4203.666.4.3 NAME 'caseExactIA5SubstringsMatch' " + {"( 1.3.6.1.4.1.4203.1.2.1 NAME 'caseExactIA5SubstringsMatch' " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )", SLAP_MR_SUBSTR, NULL, NULL, diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 638884c11d..83f927e19d 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -114,6 +114,10 @@ LDAP_BEGIN_DECL LDAP_SLAPD_F (int) slap_debug; +typedef unsigned slap_ssf_t; +typedef unsigned long slap_mask_t; + + /* * Index types */ @@ -150,8 +154,6 @@ LDAP_SLAPD_F (int) slap_debug; #define SLAP_INDEX_LANG 0x4000UL /* use index with lang subtypes */ #define SLAP_INDEX_AUTO_LANG 0x8000UL /* use mask with lang subtypes */ -typedef unsigned long slap_mask_t; - /* * there is a single index for each attribute. these prefixes ensure * that there is no collision among keys. @@ -617,7 +619,6 @@ typedef enum slap_style_e { ACL_STYLE_EXACT = ACL_STYLE_BASE } slap_style_t; -typedef unsigned long slap_access_mask_t; /* the "by" part */ typedef struct slap_access { @@ -680,7 +681,7 @@ typedef struct slap_access { #define ACL_LVL_ASSIGN_READ(m) ACL_PRIV_ASSIGN((m),ACL_LVL_READ) #define ACL_LVL_ASSIGN_WRITE(m) ACL_PRIV_ASSIGN((m),ACL_LVL_WRITE) - slap_access_mask_t a_mask; + slap_mask_t a_access_mask; slap_style_t a_dn_style; char *a_dn_pat; diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf index 543bcd10be..f31baf29e8 100644 --- a/servers/slapd/slapd.conf +++ b/servers/slapd/slapd.conf @@ -14,17 +14,12 @@ include %SYSCONFDIR%/schema/core.schema pidfile %LOCALSTATEDIR%/slapd.pid argsfile %LOCALSTATEDIR%/slapd.args -# Load dynamic backend modules - +# Load dynamic backend modules: # modulepath %MODULEDIR% -# moduleload back_bdb2.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la -# moduleload back_perl.la # moduleload back_shell.la -# moduleload back_bdb2.la -# moduleload back_tcl.la ####################################################################### # ldbm database definitions @@ -35,10 +30,12 @@ suffix "dc=my-domain, dc=com" #suffix "o=My Organization Name, c=US" rootdn "cn=Manager, dc=my-domain, dc=com" #rootdn "cn=Manager, o=My Organization Name, c=US" -# cleartext passwords, especially for the rootdn, should +# Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. rootpw secret -# database directory -# this directory MUST exist prior to running slapd AND +# The database directory MUST exist prior to running slapd AND # should only be accessable by the slapd/tools. Mode 700 recommended. directory %LOCALSTATEDIR%/openldap-ldbm +# Indices to maintain +index objectClass eq diff --git a/servers/slapd/starttls.c b/servers/slapd/starttls.c index b607c68ef7..f59f15adb4 100644 --- a/servers/slapd/starttls.c +++ b/servers/slapd/starttls.c @@ -20,7 +20,6 @@ int starttls_extop ( - SLAP_EXTOP_CALLBACK_FN cb, Connection *conn, Operation *op, const char * reqoid, diff --git a/servers/slapd/tools/slappasswd.c b/servers/slapd/tools/slappasswd.c index c433ab6357..7222b13db2 100644 --- a/servers/slapd/tools/slappasswd.c +++ b/servers/slapd/tools/slappasswd.c @@ -31,6 +31,7 @@ usage(const char *s) "Usage: %s [options]\n" " -h hash\tpassword scheme\n" " -s secret\tnew password\n" + " -u\t\tgenerate RFC2307 values\n" " -v\t\tincrease verbosity\n" , s ); @@ -50,7 +51,7 @@ main( int argc, char *argv[] ) struct berval *hash = NULL; while( (i = getopt( argc, argv, - "d:h:s:v" )) != EOF ) + "d:h:s:vu" )) != EOF ) { switch (i) { case 'h': /* scheme */ @@ -68,6 +69,9 @@ main( int argc, char *argv[] ) } break; + case 'u': /* RFC2307 userPassword */ + break; + case 'v': /* verbose */ verbose++; break; @@ -88,7 +92,7 @@ main( int argc, char *argv[] ) cknewpw = getpassphrase("Re-enter new password: "); if( strncmp( newpw, cknewpw, strlen(newpw) )) { - fprintf( stderr, "passwords do not match\n" ); + fprintf( stderr, "Password values do not match\n" ); return EXIT_FAILURE; } } @@ -104,7 +108,7 @@ main( int argc, char *argv[] ) } if( lutil_passwd( hash, &passwd, NULL ) ) { - fprintf( stderr, "Password verificaiton failed.\n"); + fprintf( stderr, "Password verification failed.\n"); return EXIT_FAILURE; }