From 3579a48d9d68f6e264aa8a112a24c6d915bd3d95 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sun, 9 Feb 2003 18:41:14 +0000 Subject: [PATCH] More sync'ing --- build/version.sh | 6 +- servers/slapd/Makefile.in | 4 +- servers/slapd/back-bdb/modify.c | 8 +- servers/slapd/back-bdb/psearch.c | 2 +- servers/slapd/back-bdb/search.c | 14 +-- servers/slapd/back-ldbm/modify.c | 12 ++- servers/slapd/back-ldbm/search.c | 4 +- servers/slapd/back-monitor/database.c | 62 ++++++++++++ servers/slapd/bind.c | 3 - servers/slapd/cancel.c | 10 +- servers/slapd/compare.c | 3 - servers/slapd/config.c | 134 -------------------------- servers/slapd/connection.c | 8 +- servers/slapd/controls.c | 77 +++++++-------- servers/slapd/delete.c | 3 - servers/slapd/extended.c | 4 +- servers/slapd/modify.c | 3 - servers/slapd/modrdn.c | 6 -- servers/slapd/proto-slap.h | 5 - servers/slapd/result.c | 12 +-- servers/slapd/saslauthz.c | 2 - servers/slapd/search.c | 3 - servers/slapd/slap.h | 22 +++-- servers/slapd/suffixalias.c | 81 ---------------- 24 files changed, 160 insertions(+), 328 deletions(-) delete mode 100644 servers/slapd/suffixalias.c diff --git a/build/version.sh b/build/version.sh index 2308efee2e..b3cbad9106 100755 --- a/build/version.sh +++ b/build/version.sh @@ -6,10 +6,10 @@ # ol_package=OpenLDAP ol_major=2 -ol_minor=X +ol_minor=1 ol_patch=X -ol_api_inc=000000 -ol_api_lib=0:0:0 +ol_api_inc=20111 +ol_api_lib=2:111:0 ol_release_date="00/00/0000" if test $ol_patch != X ; then diff --git a/servers/slapd/Makefile.in b/servers/slapd/Makefile.in index e3e1ae3e56..1c589266cc 100644 --- a/servers/slapd/Makefile.in +++ b/servers/slapd/Makefile.in @@ -18,7 +18,7 @@ SRCS = main.c daemon.c connection.c search.c filter.c add.c cr.c \ schema.c schema_check.c schema_init.c schema_prep.c \ schemaparse.c ad.c at.c mr.c syntax.c oc.c saslauthz.c \ oidm.c starttls.c index.c sets.c referral.c \ - root_dse.c sasl.c module.c suffixalias.c mra.c mods.c \ + root_dse.c sasl.c module.c mra.c mods.c \ limits.c backglue.c operational.c matchedValues.c cancel.c \ $(@PLAT@_SRCS) @@ -31,7 +31,7 @@ OBJS = main.o daemon.o connection.o search.o filter.o add.o cr.o \ schema.o schema_check.o schema_init.o schema_prep.o \ schemaparse.o ad.o at.o mr.o syntax.o oc.o saslauthz.o \ oidm.o starttls.o index.o sets.o referral.o \ - root_dse.o sasl.o module.o suffixalias.o mra.o mods.o \ + root_dse.o sasl.o module.o mra.o mods.o \ limits.o backglue.o operational.o matchedValues.o cancel.o \ $(@PLAT@_OBJS) diff --git a/servers/slapd/back-bdb/modify.c b/servers/slapd/back-bdb/modify.c index 3d9e86dceb..b2ffc7a178 100644 --- a/servers/slapd/back-bdb/modify.c +++ b/servers/slapd/back-bdb/modify.c @@ -56,7 +56,7 @@ int bdb_modify_internal( #else Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: add\n", 0, 0, 0); #endif - err = modify_add_values( e, mod, get_permitmodify(op), + err = modify_add_values( e, mod, get_permissiveModify(op), text, textbuf, textlen ); if( err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING @@ -76,7 +76,7 @@ int bdb_modify_internal( #else Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: delete\n", 0, 0, 0); #endif - err = modify_delete_values( e, mod, get_permitmodify(op), + err = modify_delete_values( e, mod, get_permissiveModify(op), text, textbuf, textlen ); assert( err != LDAP_TYPE_OR_VALUE_EXISTS ); if( err != LDAP_SUCCESS ) { @@ -97,7 +97,7 @@ int bdb_modify_internal( #else Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: replace\n", 0, 0, 0); #endif - err = modify_replace_values( e, mod, get_permitmodify(op), + err = modify_replace_values( e, mod, get_permissiveModify(op), text, textbuf, textlen ); if( err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING @@ -122,7 +122,7 @@ int bdb_modify_internal( */ mod->sm_op = LDAP_MOD_ADD; - err = modify_add_values( e, mod, get_permitmodify(op), + err = modify_add_values( e, mod, get_permissiveModify(op), text, textbuf, textlen ); if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) { err = LDAP_SUCCESS; diff --git a/servers/slapd/back-bdb/psearch.c b/servers/slapd/back-bdb/psearch.c index a53c0b0b72..2dbd40e752 100644 --- a/servers/slapd/back-bdb/psearch.c +++ b/servers/slapd/back-bdb/psearch.c @@ -67,7 +67,7 @@ bdb_cancel( LDAP_LIST_FOREACH ( ps_list, &bdb->psearch_list, link ) { if ( ps_list->o_connid == conn->c_connid ) { if ( ps_list->o_msgid == id ) { - ps_list->o_cancel = LDAP_CANCEL_DONE; + ps_list->o_cancel = SLAP_CANCEL_DONE; LDAP_LIST_REMOVE( ps_list, link ); #if 0 diff --git a/servers/slapd/back-bdb/search.c b/servers/slapd/back-bdb/search.c index 7f83a341fe..34a60cf355 100644 --- a/servers/slapd/back-bdb/search.c +++ b/servers/slapd/back-bdb/search.c @@ -500,11 +500,11 @@ loop_begin: #ifdef LDAP_EXOP_X_CANCEL if ( op->o_cancel ) { - assert( op->o_cancel == LDAP_CANCEL_REQ ); + assert( op->o_cancel == SLAP_CANCEL_REQ ); rc = 0; send_search_result( conn, op, LDAP_CANCELLED, NULL, NULL, NULL, NULL, 0 ); - op->o_cancel = LDAP_CANCEL_ACK; + op->o_cancel = SLAP_CANCEL_ACK; goto done; } #endif @@ -1049,7 +1049,8 @@ static int search_candidates( * these clauses are redundant. */ if (!oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) { - if( !get_manageDSAit(op) ) { /* match referrals */ + if( !get_manageDSAit(op) && !get_domainScope(op) ) { + /* match referral objects */ struct berval bv_ref = { sizeof("referral")-1, "referral" }; rf.f_choice = LDAP_FILTER_EQUALITY; rf.f_ava = &aa_ref; @@ -1060,7 +1061,8 @@ static int search_candidates( } #ifdef BDB_ALIASES - if( deref & LDAP_DEREF_SEARCHING ) { /* match aliases */ + if( deref & LDAP_DEREF_SEARCHING ) { + /* match alias objects */ struct berval bv_alias = { sizeof("alias")-1, "alias" }; af.f_choice = LDAP_FILTER_EQUALITY; af.f_ava = &aa_alias; @@ -1261,7 +1263,7 @@ bdb_build_lcup_update_ctrl( "{bb{sON}N}", SLAP_LCUP_STATE_UPDATE_FALSE, isdeleted, - LDAP_LCUP_COOKIE_OID, &entrycsn_bv ); + LDAP_CUP_COOKIE_OID, &entrycsn_bv ); else /* Do not send cookie */ ber_printf( ber, "{bbN}", @@ -1311,7 +1313,7 @@ bdb_build_lcup_done_ctrl( ctrls[num_ctrls] = ch_malloc ( sizeof ( LDAPControl ) ); - ber_printf( ber, "{sO", LDAP_LCUP_COOKIE_OID, latest_entrycsn_bv ); + ber_printf( ber, "{sO", LDAP_CUP_COOKIE_OID, latest_entrycsn_bv ); ber_printf( ber, "N}" ); ctrls[num_ctrls]->ldctl_oid = LDAP_CONTROL_CLIENT_UPDATE_DONE; diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index 7daf460d78..b7bd5c55e7 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -65,7 +65,8 @@ int ldbm_modify_internal( Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0); #endif - rc = modify_add_values( e, mod, op->o_permitmodify, text, textbuf, textlen ); + rc = modify_add_values( e, mod, get_permissiveModify(op), + text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -84,7 +85,8 @@ int ldbm_modify_internal( Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0); #endif - rc = modify_delete_values( e, mod, op->o_permitmodify, text, textbuf, textlen ); + rc = modify_delete_values( e, mod, get_permissiveModify(op), + text, textbuf, textlen ); assert( rc != LDAP_TYPE_OR_VALUE_EXISTS ); if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING @@ -104,7 +106,8 @@ int ldbm_modify_internal( Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0); #endif - rc = modify_replace_values( e, mod, op->o_permitmodify, text, textbuf, textlen ); + rc = modify_replace_values( e, mod, get_permissiveModify(op), + text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, INFO, @@ -129,7 +132,8 @@ int ldbm_modify_internal( */ mod->sm_op = LDAP_MOD_ADD; - rc = modify_add_values( e, mod, op->o_permitmodify, text, textbuf, textlen ); + rc = modify_add_values( e, mod, get_permissiveModify(op), + text, textbuf, textlen ); if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) { rc = LDAP_SUCCESS; } diff --git a/servers/slapd/back-ldbm/search.c b/servers/slapd/back-ldbm/search.c index 765e79a543..12ec9a6c01 100644 --- a/servers/slapd/back-ldbm/search.c +++ b/servers/slapd/back-ldbm/search.c @@ -1,7 +1,7 @@ /* search.c - ldbm backend search function */ /* $OpenLDAP$ */ /* - * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -74,7 +74,7 @@ ldbm_back_search( ber_dupbv( &realbase, &e->e_nname ); candidates = search_candidates( be, e, filter, - scope, deref, manageDSAit ); + scope, deref, manageDSAit || get_domainScope(op) ); goto searchit; diff --git a/servers/slapd/back-monitor/database.c b/servers/slapd/back-monitor/database.c index 6217b12733..22d61e5c76 100644 --- a/servers/slapd/back-monitor/database.c +++ b/servers/slapd/back-monitor/database.c @@ -36,8 +36,15 @@ #include #include "slap.h" +#ifdef LDAP_SLAPI +#include "slapi.h" +#endif #include "back-monitor.h" +#if defined(LDAP_SLAPI) +static int monitor_back_add_plugin( Backend *be, Entry *e ); +#endif /* defined(LDAP_SLAPI) */ + int monitor_subsys_database_init( BackendDB *be @@ -179,6 +186,10 @@ monitor_subsys_database_init( return( -1 ); } +#if defined(LDAP_SLAPI) + monitor_back_add_plugin( be, e ); +#endif /* defined(LDAP_SLAPI) */ + e_tmp = e; } @@ -190,3 +201,54 @@ monitor_subsys_database_init( return( 0 ); } +#if defined(LDAP_SLAPI) +static int +monitor_back_add_plugin( Backend *be, Entry *e_database ) +{ + Slapi_PBlock *pCurrentPB; + int i, rc = LDAP_SUCCESS; + + if ( slapi_x_pblock_get_first( be, &pCurrentPB ) != LDAP_SUCCESS ) { + /* + * LDAP_OTHER is returned if no plugins are installed + */ + rc = LDAP_OTHER; + goto done; + } + + i = 0; + do { + Slapi_PluginDesc *srchdesc; + char buf[1024]; + struct berval bv; + + rc = slapi_pblock_get( pCurrentPB, SLAPI_PLUGIN_DESCRIPTION, + &srchdesc ); + if ( rc != LDAP_SUCCESS ) { + goto done; + } + + snprintf( buf, sizeof(buf), + "plugin %d name: %s; " + "vendor: %s; " + "version: %s; " + "description: %s", + i, + srchdesc->spd_id, + srchdesc->spd_vendor, + srchdesc->spd_version, + srchdesc->spd_description ); + + bv.bv_val = buf; + bv.bv_len = strlen( buf ); + attr_merge_one( e_database, monitor_ad_desc, &bv ); + + i++; + + } while ( ( slapi_x_pblock_get_next( &pCurrentPB ) == LDAP_SUCCESS ) + && ( pCurrentPB != NULL ) ); + +done: + return rc; +} +#endif /* defined(LDAP_SLAPI) */ diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index 6316a9878a..f27b35503e 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -605,9 +605,6 @@ do_bind( if ( be->be_bind ) { int ret; - /* deref suffix alias if appropriate */ - suffix_alias( be, &ndn ); - ret = (*be->be_bind)( be, conn, op, &pdn, &ndn, method, &cred, &edn ); diff --git a/servers/slapd/cancel.c b/servers/slapd/cancel.c index fc2832bfab..dd98928941 100644 --- a/servers/slapd/cancel.c +++ b/servers/slapd/cancel.c @@ -107,26 +107,26 @@ int cancel_extop( #endif } - if ( op->o_cancel != LDAP_CANCEL_NONE ) { + if ( op->o_cancel != SLAP_CANCEL_NONE ) { *text = "message ID already being cancelled"; ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); return LDAP_PROTOCOL_ERROR; } - op->o_cancel = LDAP_CANCEL_REQ; + op->o_cancel = SLAP_CANCEL_REQ; ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); - while ( op->o_cancel == LDAP_CANCEL_REQ ) { + while ( op->o_cancel == SLAP_CANCEL_REQ ) { ldap_pvt_thread_yield(); } - if ( op->o_cancel == LDAP_CANCEL_ACK ) { + if ( op->o_cancel == SLAP_CANCEL_ACK ) { rc = LDAP_SUCCESS; } else { rc = op->o_cancel; } - op->o_cancel = LDAP_CANCEL_DONE; + op->o_cancel = SLAP_CANCEL_DONE; return rc; } diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c index 1f1681eb51..021fdee4b2 100644 --- a/servers/slapd/compare.c +++ b/servers/slapd/compare.c @@ -271,9 +271,6 @@ do_compare( ava.aa_desc->ad_cname.bv_val, 0 ); - /* deref suffix alias if appropriate */ - suffix_alias( be, &ndn ); - #if defined( LDAP_SLAPI ) slapi_x_backend_set_pb( pb, be ); slapi_x_connection_set_pb( pb, conn ); diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 2c66a841b4..75a0a43d81 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -956,140 +956,6 @@ read_config( const char *fname, int depth ) ber_bvarray_add( &be->be_suffix, &pdn ); ber_bvarray_add( &be->be_nsuffix, &ndn ); - /* set database suffixAlias */ - } else if ( strcasecmp( cargv[0], "suffixAlias" ) == 0 ) { - Backend *tmp_be; - struct berval alias, palias, nalias; - struct berval aliased, paliased, naliased; - - if ( cargc < 2 ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, CRIT, - "%s: line %d: missing alias and aliased_dn in " - "\"suffixAlias \" line.\n", - fname, lineno, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: missing alias and aliased_dn in " - "\"suffixAlias \" line.\n", - fname, lineno, 0 ); -#endif - - return( 1 ); - } else if ( cargc < 3 ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, CRIT, - "%s: line %d: missing aliased_dn in " - "\"suffixAlias \" line\n", - fname, lineno, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: missing aliased_dn in " - "\"suffixAlias \" line\n", - fname, lineno, 0 ); -#endif - return( 1 ); - - } else if ( cargc > 3 ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, CRIT, - "%s: line %d: extra cruft in suffixAlias line (ignored)\n", - fname, lineno, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: extra cruft in suffixAlias line (ignored)\n", - fname, lineno, 0 ); -#endif - } - - if ( be == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, INFO, - "%s: line %d: suffix line must appear inside a database " - "definition.\n", fname, lineno, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: suffixAlias line" - " must appear inside a database definition.\n", - fname, lineno, 0 ); -#endif - return 1; - } - - if ( load_ucdata( NULL ) < 0 ) return 1; - - alias.bv_val = cargv[1]; - alias.bv_len = strlen( cargv[1] ); - - rc = dnPrettyNormal( NULL, &alias, &palias, &nalias ); - if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, CRIT, - "%s: line %d: alias DN is invalid.\n", fname, lineno, 0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: alias DN is invalid\n", - fname, lineno, 0 ); -#endif - return( 1 ); - } - - tmp_be = select_backend( &nalias, 0, 0 ); - free( nalias.bv_val ); - if ( tmp_be && tmp_be != be ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, INFO, - "%s: line %d: suffixAlias served by a preceeding " - "backend \"%s\"\n", fname, lineno, - tmp_be->be_suffix[0].bv_val ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: suffixAlias served by" - " a preceeding backend \"%s\"\n", - fname, lineno, tmp_be->be_suffix[0].bv_val ); -#endif - free( palias.bv_val ); - return -1; - } - - aliased.bv_val = cargv[2]; - aliased.bv_len = strlen( cargv[2] ); - - rc = dnPrettyNormal( NULL, &aliased, &paliased, &naliased ); - if( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, CRIT, - "%s: line %d: aliased DN is invalid.\n", fname, lineno,0 ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: aliased DN is invalid\n", - fname, lineno, 0 ); -#endif - free( palias.bv_val ); - return( 1 ); - } - - tmp_be = select_backend( &naliased, 0, 0 ); - free( naliased.bv_val ); - if ( tmp_be && tmp_be != be ) { -#ifdef NEW_LOGGING - LDAP_LOG( CONFIG, INFO, - "%s: line %d: suffixAlias derefs to a different backend " - "a preceeding backend \"%s\"\n", - fname, lineno, tmp_be->be_suffix[0].bv_val ); -#else - Debug( LDAP_DEBUG_ANY, - "%s: line %d: suffixAlias derefs to differnet backend" - " a preceeding backend \"%s\"\n", - fname, lineno, tmp_be->be_suffix[0].bv_val ); -#endif - free( palias.bv_val ); - free( paliased.bv_val ); - return -1; - } - - ber_bvarray_add( &be->be_suffixAlias, &palias ); - ber_bvarray_add( &be->be_suffixAlias, &paliased ); /* set max deref depth */ } else if ( strcasecmp( cargv[0], "maxDerefDepth" ) == 0 ) { diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index f5fe518b77..2e79468558 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -1028,12 +1028,12 @@ operations_error: ldap_pvt_thread_mutex_unlock( &num_ops_mutex ); #ifdef LDAP_EXOP_X_CANCEL - if ( arg->co_op->o_cancel == LDAP_CANCEL_REQ ) { + if ( arg->co_op->o_cancel == SLAP_CANCEL_REQ ) { arg->co_op->o_cancel = LDAP_TOO_LATE; } - while ( arg->co_op->o_cancel != LDAP_CANCEL_NONE && - arg->co_op->o_cancel != LDAP_CANCEL_DONE ) + while ( arg->co_op->o_cancel != SLAP_CANCEL_NONE && + arg->co_op->o_cancel != SLAP_CANCEL_DONE ) { ldap_pvt_thread_yield(); } @@ -1048,7 +1048,7 @@ operations_error: LDAP_STAILQ_NEXT(arg->co_op, o_next) = NULL; #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC) - if ( arg->co_op->o_cancel == LDAP_CANCEL_ACK ) + if ( arg->co_op->o_cancel == SLAP_CANCEL_ACK ) goto co_op_free; #endif #ifdef LDAP_CLIENT_UPDATE diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c index 56187c587a..c4b726d79b 100644 --- a/servers/slapd/controls.c +++ b/servers/slapd/controls.c @@ -49,8 +49,8 @@ static SLAP_CTRL_PARSE_FN parseManageDSAit; static SLAP_CTRL_PARSE_FN parseNoOp; static SLAP_CTRL_PARSE_FN parsePagedResults; static SLAP_CTRL_PARSE_FN parseValuesReturnFilter; -static SLAP_CTRL_PARSE_FN parsePermitModify; -static SLAP_CTRL_PARSE_FN parseNoReferrals; +static SLAP_CTRL_PARSE_FN parsePermissiveModify; +static SLAP_CTRL_PARSE_FN parseDomainScope; #ifdef LDAP_CONTROL_SUBENTRIES static SLAP_CTRL_PARSE_FN parseSubentries; @@ -113,35 +113,29 @@ static struct slap_control { { LDAP_CONTROL_VALUESRETURNFILTER, SLAP_CTRL_SEARCH, NULL, parseValuesReturnFilter }, -#ifdef LDAP_CONTROL_SUBENTRIES - { LDAP_CONTROL_SUBENTRIES, - SLAP_CTRL_SEARCH, NULL, - parseSubentries }, -#endif - { LDAP_CONTROL_NOOP, - SLAP_CTRL_ACCESS, NULL, - parseNoOp }, #ifdef LDAP_CONTROL_PAGEDRESULTS { LDAP_CONTROL_PAGEDRESULTS, SLAP_CTRL_SEARCH, NULL, parsePagedResults }, #endif - { LDAP_CONTROL_MANAGEDSAIT, - SLAP_CTRL_ACCESS, NULL, - parseManageDSAit }, - { LDAP_CONTROL_PROXY_AUTHZ, - SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops, - parseProxyAuthz }, -#ifdef LDAP_CONTROL_PERMITMODIFY - { LDAP_CONTROL_PERMITMODIFY, - SLAP_CTRL_UPDATE, NULL, - parsePermitModify }, +#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE + { LDAP_CONTROL_X_DOMAIN_SCOPE, + SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL, + parseDomainScope }, #endif -#ifdef LDAP_CONTROL_NOREFERRALS - { LDAP_CONTROL_NOREFERRALS, +#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY + { LDAP_CONTROL_X_PERMISSIVE_MODIFY, + SLAP_CTRL_MODIFY, NULL, + parsePermissiveModify }, +#endif +#ifdef LDAP_CONTROL_SUBENTRIES + { LDAP_CONTROL_SUBENTRIES, SLAP_CTRL_SEARCH, NULL, - parseNoReferrals }, + parseSubentries }, #endif + { LDAP_CONTROL_NOOP, + SLAP_CTRL_ACCESS, NULL, + parseNoOp }, #ifdef LDAP_CLIENT_UPDATE { LDAP_CONTROL_CLIENT_UPDATE, SLAP_CTRL_SEARCH, NULL, @@ -152,6 +146,12 @@ static struct slap_control { SLAP_CTRL_SEARCH, NULL, parseLdupSync }, #endif + { LDAP_CONTROL_MANAGEDSAIT, + SLAP_CTRL_ACCESS, NULL, + parseManageDSAit }, + { LDAP_CONTROL_PROXY_AUTHZ, + SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops, + parseProxyAuthz }, { NULL, 0, NULL, 0 } }; @@ -813,24 +813,24 @@ static int parseSubentries ( } #endif -#ifdef LDAP_CONTROL_PERMITMODIFY -static int parsePermitModify ( +#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY +static int parsePermissiveModify ( Connection *conn, Operation *op, LDAPControl *ctrl, const char **text ) { - if ( op->o_permitmodify != SLAP_NO_CONTROL ) { - *text = "permitmodify control specified multiple times"; + if ( op->o_permissive_modify != SLAP_NO_CONTROL ) { + *text = "permissiveModify control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "permitmodify control value not empty"; + *text = "permissiveModify control value not empty"; return LDAP_PROTOCOL_ERROR; } - op->o_permitmodify = ctrl->ldctl_iscritical + op->o_permissive_modify = ctrl->ldctl_iscritical ? SLAP_CRITICAL_CONTROL : SLAP_NONCRITICAL_CONTROL; @@ -838,24 +838,24 @@ static int parsePermitModify ( } #endif -#ifdef LDAP_CONTROL_NOREFERRALS -static int parseNoReferrals ( +#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE +static int parseDomainScope ( Connection *conn, Operation *op, LDAPControl *ctrl, const char **text ) { - if ( op->o_noreferrals != SLAP_NO_CONTROL ) { - *text = "noreferrals control specified multiple times"; + if ( op->o_domain_scope != SLAP_NO_CONTROL ) { + *text = "domainScope control specified multiple times"; return LDAP_PROTOCOL_ERROR; } if ( ctrl->ldctl_value.bv_len ) { - *text = "noreferrals control value not empty"; + *text = "domainScope control value not empty"; return LDAP_PROTOCOL_ERROR; } - op->o_noreferrals = ctrl->ldctl_iscritical + op->o_domain_scope = ctrl->ldctl_iscritical ? SLAP_CRITICAL_CONTROL : SLAP_NONCRITICAL_CONTROL; @@ -937,7 +937,7 @@ static int parseClientUpdate ( return LDAP_PROTOCOL_ERROR; } - if ( tag == LDAP_TAG_INTERVAL ) { + if ( tag == LDAP_CUP_TAG_INTERVAL ) { if ( (tag = ber_scanf( ber, "i", &interval )) == LBER_ERROR ) { *text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; @@ -958,9 +958,10 @@ static int parseClientUpdate ( return LDAP_PROTOCOL_ERROR; } - if ( tag == LDAP_LCUP_TAG_COOKIE ) { + if ( tag == LDAP_CUP_TAG_COOKIE ) { if ( (tag = ber_scanf( ber, /*{*/ "{mm}}", - &scheme, &cookie )) == LBER_ERROR ) { + &scheme, &cookie )) == LBER_ERROR ) + { *text = "LCUP client update control : decoding error"; return LDAP_PROTOCOL_ERROR; } diff --git a/servers/slapd/delete.c b/servers/slapd/delete.c index 9ac507a65a..baf178d2f0 100644 --- a/servers/slapd/delete.c +++ b/servers/slapd/delete.c @@ -157,9 +157,6 @@ do_delete( goto cleanup; } - /* deref suffix alias if appropriate */ - suffix_alias( be, &ndn ); - #if defined( LDAP_SLAPI ) slapi_x_backend_set_pb( pb, be ); slapi_x_connection_set_pb( pb, conn ); diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c index 4e8c7d1eb4..a7c10ef304 100644 --- a/servers/slapd/extended.c +++ b/servers/slapd/extended.c @@ -61,11 +61,11 @@ static struct { struct berval oid; SLAP_EXTOP_MAIN_FN *ext_main; } builtin_extops[] = { - { BVC(LDAP_EXOP_X_WHO_AM_I), whoami_extop }, - { BVC(LDAP_EXOP_MODIFY_PASSWD), passwd_extop }, #ifdef LDAP_EXOP_X_CANCEL { BVC(LDAP_EXOP_X_CANCEL), cancel_extop }, #endif + { BVC(LDAP_EXOP_X_WHO_AM_I), whoami_extop }, + { BVC(LDAP_EXOP_MODIFY_PASSWD), passwd_extop }, #ifdef HAVE_TLS { BVC(LDAP_EXOP_START_TLS), starttls_extop }, #endif diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index 051722533f..44c9da2be8 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -331,9 +331,6 @@ do_modify( goto cleanup; } - /* deref suffix alias if appropriate */ - suffix_alias( be, &ndn ); - #if defined( LDAP_SLAPI ) slapi_x_backend_set_pb( pb, be ); slapi_x_connection_set_pb( pb, conn ); diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c index 3c88a02473..d2c11b96b1 100644 --- a/servers/slapd/modrdn.c +++ b/servers/slapd/modrdn.c @@ -323,14 +323,8 @@ do_modrdn( goto cleanup; } - - /* deref suffix alias if appropriate */ - suffix_alias( be, &nnewSuperior ); } - /* deref suffix alias if appropriate */ - suffix_alias( be, &ndn ); - #if defined( LDAP_SLAPI ) slapi_x_backend_set_pb( pb, be ); slapi_x_connection_set_pb( pb, conn ); diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 4b26475dfc..e2df5f9f6c 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -1016,11 +1016,6 @@ LDAP_SLAPD_F (SLAP_EXTOP_MAIN_FN) starttls_extop; */ LDAP_SLAPD_F (Filter *) str2filter LDAP_P(( const char *str )); -/* - * suffixalias.c - */ -LDAP_SLAPD_F (void) suffix_alias LDAP_P(( Backend *be, struct berval *ndn )); - /* syntax.c */ LDAP_SLAPD_F (Syntax *) syn_find LDAP_P(( const char *synname )); diff --git a/servers/slapd/result.c b/servers/slapd/result.c index 2e7534f418..e6c1762d10 100644 --- a/servers/slapd/result.c +++ b/servers/slapd/result.c @@ -482,8 +482,8 @@ slap_send_ldap_result( assert( err != LDAP_PARTIAL_RESULTS ); if ( err == LDAP_REFERRAL ) { -#ifdef LDAP_CONTROL_NOREFERRALS - if( op->o_noreferrals ) { +#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE + if( op->o_domain_scope ) { ref = NULL; } #endif @@ -1385,15 +1385,15 @@ slap_send_search_reference( return( 1 ); } -#ifdef LDAP_CONTROL_NOREFERRALS - if( op->o_noreferrals ) { +#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE + if( op->o_domain_scope ) { #ifdef NEW_LOGGING LDAP_LOG( OPERATION, ERR, - "send_search_reference: conn %lu noreferrals control in (%s).\n", + "send_search_reference: conn %lu domainScope control in (%s).\n", op->o_connid, e->e_dn, 0 ); #else Debug( LDAP_DEBUG_ANY, - "send_search_reference: noreferrals control in (%s)\n", + "send_search_reference: domainScope control in (%s)\n", e->e_dn, 0, 0 ); #endif diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index 75007d86f4..6726639f04 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -463,7 +463,6 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert rc = LDAP_INAPPROPRIATE_AUTH; goto CONCLUDED; } - suffix_alias( be, &searchbase ); sm.dn = assertDN; sm.match = 0; @@ -628,7 +627,6 @@ void slap_sasl2dn( Connection *conn, if(( be == NULL ) || ( be->be_search == NULL)) { goto FINISHED; } - suffix_alias( be, &dn ); op.o_tag = LDAP_REQ_SEARCH; op.o_protocol = LDAP_VERSION3; diff --git a/servers/slapd/search.c b/servers/slapd/search.c index ebab4bd087..fd7ea25a02 100644 --- a/servers/slapd/search.c +++ b/servers/slapd/search.c @@ -382,9 +382,6 @@ do_search( goto return_results; } - /* deref the base if needed */ - suffix_alias( be, &nbase ); - #ifdef LDAP_SLAPI attrs = anlist2charray( an ); pb = initSearchPlugin( be, conn, op, &pbase, diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index b0801608cc..c5dff6c126 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -1322,7 +1322,6 @@ struct slap_backend_db { /* these should be renamed from be_ to bd_ */ BerVarray be_suffix; /* the DN suffixes of data in this backend */ BerVarray be_nsuffix; /* the normalized DN suffixes in this backend */ - BerVarray be_suffixAlias; /* pairs of DN suffix aliases and deref values */ struct berval be_schemadn; /* per-backend subschema subentry DN */ struct berval be_schemandn; /* normalized subschema DN */ struct berval be_rootdn; /* the magic "root" name (DN) for this db */ @@ -1663,7 +1662,11 @@ typedef struct slap_op { ldap_pvt_thread_t o_tid; /* thread handling this op */ volatile sig_atomic_t o_abandon; /* abandon flag */ - volatile sig_atomic_t o_cancel; /* cancel flag */ + volatile sig_atomic_t o_cancel; /* cancel flag */ +#define SLAP_CANCEL_NONE 0x00 +#define SLAP_CANCEL_REQ 0x01 +#define SLAP_CANCEL_ACK 0x02 +#define SLAP_CANCEL_DONE 0x03 char o_do_not_cache; /* don't cache from this op */ @@ -1683,15 +1686,18 @@ typedef struct slap_op { char o_valuesreturnfilter; -#ifdef LDAP_CONTROL_PERMITMODIFY - char o_permitmodify; -#define get_permitmodify(op) ((int)(op)->o_permitmodify) +#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY + char o_permissive_modify; +#define get_permissiveModify(op) ((int)(op)->o_permissive_modify) #else -#define get_permitmodify(op) (0) +#define get_permissiveModify(op) (0) #endif -#ifdef LDAP_CONTROL_NOREFERRALS - char o_noreferrals; +#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE + char o_domain_scope; +#define get_domainScope(op) ((int)(op)->o_domain_scope) +#else +#define get_domainScope(op) (0) #endif #ifdef LDAP_CONTROL_PAGEDRESULTS diff --git a/servers/slapd/suffixalias.c b/servers/slapd/suffixalias.c deleted file mode 100644 index 78a1a18cb3..0000000000 --- a/servers/slapd/suffixalias.c +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenLDAP$ */ -/* - * Copyright 1999-2002 The OpenLDAP Foundation, All Rights Reserved. - * - * COPYING RESTRICTIONS APPLY, see COPYRIGHT file in the top level - * directory of this package. - */ -/* Portions - * Copyright (c) 1998 Will Ballantyne, ITSD, Government of BC - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that this notice is preserved and that due credit is given - * to ITSD, Government of BC. The name of ITSD - * may not be used to endorse or promote products derived from this - * software without specific prior written permission. This software - * is provided ``as is'' without express or implied warranty. - */ - -#include "portable.h" - -#include -#include -#include -#include "slap.h" - -/* - * given a normalized uppercased dn (or root part), - * return an aliased dn if any of the alias suffixes match - */ -void suffix_alias( - Backend *be, - struct berval *dn ) -{ - int i, dnLength; - - if(dn == NULL || be == NULL || dn->bv_len == 0) - return; - - dnLength = dn->bv_len; - - for ( i = 0; - be->be_suffixAlias != NULL && be->be_suffixAlias[i].bv_val != NULL; - i += 2 ) - { - int aliasLength = be->be_suffixAlias[i].bv_len; - int diff = dnLength - aliasLength; - - if ( diff < 0 ) { - /* alias is longer than dn */ - continue; - } else if ( diff > 0 ) { - if ( ! DN_SEPARATOR(dn->bv_val[diff-1]) ) { - /* boundary is not at a DN separator */ - continue; - } - /* At a DN Separator */ - /* XXX or an escaped separator... oh well */ - } - - if (!strcmp(be->be_suffixAlias[i].bv_val, &dn->bv_val[diff])) { - char *oldDN = dn->bv_val; - dn->bv_len = diff + be->be_suffixAlias[i+1].bv_len; - dn->bv_val = ch_malloc( dn->bv_len + 1 ); - strncpy( dn->bv_val, oldDN, diff ); - strcpy( &dn->bv_val[diff], be->be_suffixAlias[i+1].bv_val ); -#ifdef NEW_LOGGING - LDAP_LOG( OPERATION, INFO, - "suffix_alias: converted \"%s\" to \"%s\"\n", - oldDN, dn->bv_val, 0 ); -#else - Debug( LDAP_DEBUG_ARGS, - "suffix_alias: converted \"%s\" to \"%s\"\n", - oldDN, dn->bv_val, 0); -#endif - - free (oldDN); - break; - } - } -} -- 2.39.5