From f7419e1c2e7c16ea27d92dcf81e546a4299e6f80 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Tue, 23 Apr 2002 17:12:03 +0000 Subject: [PATCH] Sync with HEAD --- contrib/ldapc++/src/LDAPAsynConnection.cpp | 320 ++++++++++++++++++ contrib/ldapc++/src/LDAPAsynConnection.h | 342 ++++++++++++++++++++ contrib/ldapc++/src/LDAPDeleteRequest.cpp | 78 +++++ contrib/ldapc++/src/LDAPEntry.cpp | 72 +++++ contrib/ldapc++/src/LDAPEntry.h | 80 +++++ contrib/ldapc++/src/LDAPException.h | 71 ++++ contrib/ldapc++/src/LDAPModList.h | 49 +++ contrib/ldapc++/src/LDAPModifyRequest.cpp | 84 +++++ contrib/ldapc++/src/LDAPReferenceList.h | 72 +++++ contrib/ldapc++/src/LDAPReferralException.h | 42 +++ contrib/ldapc++/src/LDAPUrl.h | 82 +++++ contrib/ldapc++/src/LDAPUrlList.h | 77 +++++ contrib/ldapc++/src/StringList.h | 87 +++++ servers/slapd/acl.c | 4 +- 14 files changed, 1459 insertions(+), 1 deletion(-) create mode 100644 contrib/ldapc++/src/LDAPAsynConnection.cpp create mode 100644 contrib/ldapc++/src/LDAPAsynConnection.h create mode 100644 contrib/ldapc++/src/LDAPDeleteRequest.cpp create mode 100644 contrib/ldapc++/src/LDAPEntry.cpp create mode 100644 contrib/ldapc++/src/LDAPEntry.h create mode 100644 contrib/ldapc++/src/LDAPException.h create mode 100644 contrib/ldapc++/src/LDAPModList.h create mode 100644 contrib/ldapc++/src/LDAPModifyRequest.cpp create mode 100644 contrib/ldapc++/src/LDAPReferenceList.h create mode 100644 contrib/ldapc++/src/LDAPReferralException.h create mode 100644 contrib/ldapc++/src/LDAPUrl.h create mode 100644 contrib/ldapc++/src/LDAPUrlList.h create mode 100644 contrib/ldapc++/src/StringList.h diff --git a/contrib/ldapc++/src/LDAPAsynConnection.cpp b/contrib/ldapc++/src/LDAPAsynConnection.cpp new file mode 100644 index 0000000000..6a5d5c464c --- /dev/null +++ b/contrib/ldapc++/src/LDAPAsynConnection.cpp @@ -0,0 +1,320 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#include "config.h" +#include "debug.h" +#include "LDAPAsynConnection.h" + +#include "LDAPAddRequest.h" +#include "LDAPBindRequest.h" +#include "LDAPCompareRequest.h" +#include "LDAPDeleteRequest.h" +#include "LDAPException.h" +#include "LDAPExtRequest.h" +#include "LDAPEntry.h" +#include "LDAPModDNRequest.h" +#include "LDAPModifyRequest.h" +#include "LDAPRequest.h" +#include "LDAPRebind.h" +#include "LDAPRebindAuth.h" +#include "LDAPSearchRequest.h" + +using namespace std; + +LDAPAsynConnection::LDAPAsynConnection(const string& hostname, int port, + LDAPConstraints *cons ){ + DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPAsynConnection::LDAPAsynConnection()" + << endl); + DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER, + " host:" << hostname << endl << " port:" << port << endl); + cur_session=0; + m_constr = 0; + this->init(hostname, port); + this->setConstraints(cons); +} + +LDAPAsynConnection::~LDAPAsynConnection(){ + DEBUG(LDAP_DEBUG_DESTROY, + "LDAPAsynConnection::~LDAPAsynConnection()" << endl); + if (cur_session){ + ldap_destroy_cache(cur_session); + } + unbind(); + //delete m_constr; +} + +void LDAPAsynConnection::init(const string& hostname, int port){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::init" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER, + " hostname:" << hostname << endl + << " port:" << port << endl); + cur_session=ldap_init(hostname.c_str(),port); + m_host=hostname; + m_port=port; + int opt=3; + ldap_set_option(cur_session, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); + ldap_set_option(cur_session, LDAP_OPT_PROTOCOL_VERSION, &opt); +} + +int LDAPAsynConnection::start_tls(){ + return ldap_start_tls_s( cur_session, NULL, NULL ); +} + +LDAPMessageQueue* LDAPAsynConnection::bind(const string& dn, + const string& passwd, const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::bind()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER, " dn:" << dn << endl + << " passwd:" << passwd << endl); + LDAPBindRequest *req = new LDAPBindRequest(dn,passwd,this,cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::search(const string& base,int scope, + const string& filter, + const StringList& attrs, + bool attrsOnly, + const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::search()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER, " base:" << base << endl + << " scope:" << scope << endl + << " filter:" << filter << endl ); + LDAPSearchRequest *req = new LDAPSearchRequest(base, scope,filter, attrs, + attrsOnly, this, cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::del(const string& dn, + const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::del()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," dn:" << dn << endl); + LDAPDeleteRequest *req = new LDAPDeleteRequest(dn, this, cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::compare(const string& dn, + const LDAPAttribute& attr, const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::compare()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," dn:" << dn << endl + << " attr:" << attr << endl); + LDAPCompareRequest *req = new LDAPCompareRequest(dn, attr, this, cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::add( const LDAPEntry* le, + const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::add()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," entry:" << *le << endl); + LDAPAddRequest *req = new LDAPAddRequest(le, this, cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::modify(const string& dn, + const LDAPModList *mod, const LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::modify()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," dn:" << dn << endl); + LDAPModifyRequest *req = new LDAPModifyRequest(dn, mod, this, cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + +LDAPMessageQueue* LDAPAsynConnection::rename(const string& dn, + const string& newRDN, bool delOldRDN, const string& newParentDN, + const LDAPConstraints *cons ){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::rename()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," dn:" << dn << endl + << " newRDN:" << newRDN << endl + << " newParentDN:" << newParentDN << endl + << " delOldRDN:" << delOldRDN << endl); + LDAPModDNRequest *req = new LDAPModDNRequest(dn, newRDN, delOldRDN, + newParentDN, this, cons ); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + + +LDAPMessageQueue* LDAPAsynConnection::extOperation(const string& oid, + const string& value, const LDAPConstraints *cons ){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::extOperation()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER," oid:" << oid << endl); + LDAPExtRequest *req = new LDAPExtRequest(oid, value, this,cons); + try{ + LDAPMessageQueue *ret = req->sendRequest(); + return ret; + }catch(LDAPException e){ + delete req; + throw; + } +} + + +void LDAPAsynConnection::abandon(LDAPMessageQueue *q){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::abandon()" << endl); + LDAPRequestStack *reqStack=q->getRequestStack(); + LDAPRequest *req; + while(! reqStack->empty()){ + req=reqStack->top(); + if (ldap_abandon_ext(cur_session, req->getMsgID(), 0, 0) + != LDAP_SUCCESS){ + throw LDAPException(this); + } + delete req; + reqStack->pop(); + } +} + +void LDAPAsynConnection::unbind(){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::unbind()" << endl); + if(cur_session){ + LDAPControl** tmpSrvCtrls=m_constr->getSrvCtrlsArray(); + LDAPControl** tmpClCtrls=m_constr->getClCtrlsArray(); + int err=ldap_unbind_ext(cur_session, tmpSrvCtrls, tmpClCtrls); + cur_session=0; + LDAPControlSet::freeLDAPControlArray(tmpSrvCtrls); + LDAPControlSet::freeLDAPControlArray(tmpClCtrls); + if(err != LDAP_SUCCESS){ + throw LDAPException(err); + } + } +} + +void LDAPAsynConnection::setConstraints(LDAPConstraints *cons){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::setConstraints()" << endl); + m_constr=cons; +} + +const LDAPConstraints* LDAPAsynConnection::getConstraints() const { + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::getConstraints()" << endl); + return m_constr; +} + +LDAP* LDAPAsynConnection::getSessionHandle() const{ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::getSessionHandle()" << endl); + return cur_session; +} + +const string& LDAPAsynConnection::getHost() const{ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::setHost()" << endl); + return m_host; +} + +int LDAPAsynConnection::getPort() const{ + DEBUG(LDAP_DEBUG_TRACE,"LDAPAsynConnection::getPort()" << endl); + return m_port; +} + +LDAPAsynConnection* LDAPAsynConnection::referralConnect( + const LDAPUrlList& urls, LDAPUrlList::const_iterator& usedUrl, + const LDAPConstraints* cons) const { + DEBUG(LDAP_DEBUG_TRACE, "LDAPAsynConnection::referralConnect()" << endl) + LDAPUrlList::const_iterator conUrl; + LDAPAsynConnection* tmpConn=0; + const LDAPRebind* rebind = cons->getReferralRebind(); + LDAPRebindAuth* auth = 0; + + for(conUrl=urls.begin(); conUrl!=urls.end(); conUrl++){ + string host= conUrl->getHost(); + int port= conUrl->getPort(); + DEBUG(LDAP_DEBUG_TRACE," connecting to: " << host << ":" << + port << endl); + //Set the new connection's constraints-object ? + tmpConn=new LDAPAsynConnection(host.c_str(),port); + int err=0; + + if(rebind){ + auth=rebind->getRebindAuth(host, port); + } + if(auth){ + string dn = auth->getDN(); + string passwd = auth->getPassword(); + const char* c_dn=0; + const char* c_passwd=0; + if(dn != ""){ + c_dn = dn.c_str(); + } + if(passwd != ""){ + c_passwd = passwd.c_str(); + } + err = ldap_simple_bind_s(tmpConn->getSessionHandle(), c_dn, + c_passwd); + } else { + // Do anonymous bind + err = ldap_simple_bind_s(tmpConn->getSessionHandle(), 0,0); + } + if( err == LDAP_SUCCESS ){ + usedUrl=conUrl; + return tmpConn; + }else{ + delete tmpConn; + tmpConn=0; + } + auth=0; + } + return 0; +} + +int LDAPAsynConnection::enableCache(long timeout, long maxmem){ + int retval = ldap_enable_cache(cur_session, timeout, maxmem); + if (!retval) + m_cacheEnabled = true; + return retval; +} + +void LDAPAsynConnection::disableCache(){ + ldap_disable_cache(cur_session); + m_cacheEnabled = false; +} + +void LDAPAsynConnection::uncache_entry(string &dn){ + if (m_cacheEnabled){ + ldap_uncache_entry(cur_session, dn.c_str()); + } +} + +void LDAPAsynConnection::flush_cache(){ + if (m_cacheEnabled){ + ldap_flush_cache(cur_session); + } +} diff --git a/contrib/ldapc++/src/LDAPAsynConnection.h b/contrib/ldapc++/src/LDAPAsynConnection.h new file mode 100644 index 0000000000..fdef9ccd5f --- /dev/null +++ b/contrib/ldapc++/src/LDAPAsynConnection.h @@ -0,0 +1,342 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_ASYN_CONNECTION_H +#define LDAP_ASYN_CONNECTION_H + +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include + +class LDAPEntry; +class LDAPAttribute; + +//* Main class for an asynchronous LDAP connection +/** + * This class represents an asynchronous connection to an LDAP-Server. It + * provides the methods for authentication, and all other LDAP-Operations + * (e.g. search, add, delete, etc.) + * All of the LDAP-Operations return a pointer to a LDAPMessageQueue-Object, + * which can be used to obtain the results of that operation. + * A basic example of this class could be like this:
+ * 1. Create a new LDAPAsynConnection Object:
+ * 2. Use the init-method to initialize the connection
+ * 3. Call the bind-method to authenticate to the directory
+ * 4. Obtain the bind results from the return LDAPMessageQueue-Object
+ * 5. Perform on of the operations on the directory (add, delete, search, ..) + *
+ * 6. Use the return LDAPMessageQueue to obtain the results of the operation + *
+ * 7. Close the connection (feature not implemented yet :) )
+ */ +class LDAPAsynConnection{ + public : + /** + * Constant for the Search-Operation to indicate a Base-Level + * Search + */ + static const int SEARCH_BASE=0; + + /** + * Constant for the Search-Operation to indicate a One-Level + * Search + */ + static const int SEARCH_ONE=1; + + /** + * Constant for the Search-Operation to indicate a subtree + * Search + */ + static const int SEARCH_SUB=2; +// static const int SEARCH_SUB=LDAP_SCOPE_SUBTREE; +// static const int SEARCH_ONE=LDAP_SCOPE_ONELEVEL; +// static const int SEARCH_SUB=LDAP_SCOPE_SUBTREE; + + /** Construtor that initializes a connection to a server + * @param hostname Name (or IP-Adress) of the destination host + * @param port Port the LDAP server is running on + * @param cons Default constraints to use with operations over + * this connection + */ + LDAPAsynConnection(const std::string& hostname=std::string("localhost"), + int port=389, LDAPConstraints *cons=new LDAPConstraints() ); + + //* Destructor + virtual ~LDAPAsynConnection(); + + /** + * Initializes a connection to a server. + * + * There actually no + * communication to the server. Just the object is initialized + * (e.g. this method is called within the + * LDAPAsynConnection(char*,int,LDAPConstraints) constructor.) + * @param hostname The Name or IP-Address of the destination + * LDAP-Server + * @param port The Network Port the server is running on + */ + void init(const std::string& hostname, int port); + + /** + * Start TLS on this connection. This isn't in the constructor, + * because it could fail (i.e. server doesn't have SSL cert, client + * api wasn't compiled against OpenSSL, etc.). If you need TLS, + * then you should error if this call fails with an error code. + */ + int start_tls(); + + /** Simple authentication to a LDAP-Server + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * This method does a simple (username, password) bind to the server. + * Other, saver, authentcation methods are provided later + * @param dn the distiguished name to bind as + * @param passwd cleartext password to use + */ + LDAPMessageQueue* bind(const std::string& dn="", const std::string& passwd="", + const LDAPConstraints *cons=0); + + /** Performing a search on a directory tree. + * + * Use the search method to perform a search on the LDAP-Directory + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param base The distinguished name of the starting point for the + * search operation + * @param scope The scope of the search. Possible values:
+ * LDAPAsynConnection::SEARCH_BASE,
+ * LDAPAsynConnection::SEARCH_ONE,
+ * LDAPAsynConnection::SEARCH_SUB + * @param filter The std::string representation of a search filter to + * use with this operation + * @param attrsOnly true if only the attributes names (no values) + * should be returned + * @param cons A set of constraints that should be used with this + * request + */ + LDAPMessageQueue* search(const std::string& base="", int scope=0, + const std::string& filter="objectClass=*", + const StringList& attrs=StringList(), + bool attrsOnly=false, + const LDAPConstraints *cons=0); + + /** Delete an entry from the directory + * + * This method sends a delete request to the server + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param dn Distinguished name of the entry that should be deleted + * @param cons A set of constraints that should be used with this + * request + */ + LDAPMessageQueue* del(const std::string& dn, const LDAPConstraints *cons=0); + + /** + * Perform the COMPARE-operation on an attribute + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param dn Distinguished name of the entry for which the compare + * should be performed + * @param attr An Attribute (one (!) value) to use for the + * compare operation + * @param cons A set of constraints that should be used with this + * request + */ + LDAPMessageQueue* compare(const std::string& dn, + const LDAPAttribute& attr, + const LDAPConstraints *cons=0); + + /** Add an entry to the directory + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param le The entry that will be added to the directory + */ + LDAPMessageQueue* add( const LDAPEntry* le, + const LDAPConstraints *const=0); + + /** Apply modifications to attributes of an entry + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param dn Distiguished Name of the Entry to modify + * @param modlist A set of modification that should be applied + * to the Entry + * @param cons A set of constraints that should be used with this + * request + */ + LDAPMessageQueue* modify(const std::string& dn, + const LDAPModList *modlist, + const LDAPConstraints *cons=0); + + /** modify the DN of an entry + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param dn DN to modify + * @param newRDN The new relative DN for the entry + * @param delOldRDN true=The old RDN will be removed from the + * attributes
+ * false=The old RDN will still be present in the + * attributes of the entry + * @param newParentDN The DN of the new parent entry of the entry + * 0 to keep the old one + */ + LDAPMessageQueue* rename(const std::string& dn, + const std::string& newRDN, + bool delOldRDN=false, const std::string& newParentDN="", + const LDAPConstraints* cons=0); + + /** Perform a LDAP extended Operation + * + * @throws LDAPException If the Request could not be sent to the + * destination server, a LDAPException-object contains the + * error that occured. + * @param oid The dotted decimal representation of the extended + * Operation that should be performed + * @param value The data asociated with this operation + * @param cons A set of constraints that should be used with this + * request + */ + LDAPMessageQueue* extOperation(const std::string& oid, + const std::string& value="", const LDAPConstraints *cons=0); + + /** End an outstanding request + * + * @param q All outstanding request related to this LDAPMessageQueue + * will be abandoned + */ + void abandon(LDAPMessageQueue *q); + + /** + * Performs the UNBIND-operation on the destination server + * + * @throws LDAPException in any case of an error + */ + void unbind(); + + /** + * @returns The C-APIs LDAP-structure that is associated with the + * current connection + */ + LDAP* getSessionHandle() const ; + + /** + * @returns The Hostname of the destination server of the + * connection. + */ + const std::string& getHost() const; + + /** + * @returns The Port to which this connection is connecting to on + * the remote server. + */ + int getPort() const; + + /** Change the default constraints of the connection + * + * @parameter cons cons New LDAPConstraints to use with the connection + */ + void setConstraints(LDAPConstraints *cons); + + /** Get the default constraints of the connection + * + * @return Pointer to the LDAPConstraints-Object that is currently + * used with the Connection + */ + const LDAPConstraints* getConstraints() const; + + /** + * This method is used internally for automatic referral chasing. + * It tries to bind to a destination server of the URLs of a + * referral. + * + * @throws LDAPException in any case of an error + * @param urls Contains a std::list of LDAP-Urls that indicate the + * destinations of a referral + * @param usedUrl After this method has successfully bind to one of + * the Destination URLs this parameter contains the URLs + * which was contacted. + * @param cons An LDAPConstraints-Object that should be used for + * the new connection. If this object contains a + * LDAPRebind-object it is used to bind to the new server + */ + LDAPAsynConnection* referralConnect(const LDAPUrlList& urls, + LDAPUrlList::const_iterator& usedUrl, + const LDAPConstraints* cons) const; + + /** + * Turn on caching, maxmem is in MB and timeout is in seconds. + * maxmem can be zero if you want to restrict caching by timeout only. + */ + int enableCache(long timeout, long maxmem); + /// disable caching. + void disableCache(); + /// is cacheEnabled? + bool getCacheEnabled() { return m_cacheEnabled;}; + /// uncache a specific dn. Used internally by methods that write. + void uncache_entry(std::string &dn); + /// used to clear the cache. Probably should be used after creating + /// an object that a cached search should find. + void flush_cache(); + + + private : + /** + * Private copy constructor. So nobody can call it. + */ + LDAPAsynConnection(const LDAPAsynConnection& lc){}; + + /** + * A pointer to the C-API LDAP-structure that is associated with + * this connection + */ + LDAP *cur_session; + + /** + * A pointer to the default LDAPConstrains-object that is used when + * no LDAPConstraints-parameter is provided with a call for a + * LDAP-operation + */ + LDAPConstraints *m_constr; + + /** + * The name of the destination host + */ + std::string m_host; + + /** + * The port the destination server is running on. + */ + int m_port; + + protected: + /** + * Is caching enabled? + */ + bool m_cacheEnabled; +}; +#endif //LDAP_ASYN_CONNECTION_H + + diff --git a/contrib/ldapc++/src/LDAPDeleteRequest.cpp b/contrib/ldapc++/src/LDAPDeleteRequest.cpp new file mode 100644 index 0000000000..78d086f5fc --- /dev/null +++ b/contrib/ldapc++/src/LDAPDeleteRequest.cpp @@ -0,0 +1,78 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include + +#include "debug.h" + +#include "LDAPDeleteRequest.h" +#include "LDAPException.h" +#include "LDAPMessageQueue.h" +#include "LDAPResult.h" + +using namespace std; + +LDAPDeleteRequest::LDAPDeleteRequest( const LDAPDeleteRequest& req) : + LDAPRequest(req){ + DEBUG(LDAP_DEBUG_CONSTRUCT, + "LDAPDeleteRequest::LDAPDeleteRequest(&)" << endl); + m_dn = req.m_dn; +} + +LDAPDeleteRequest::LDAPDeleteRequest(const string& dn, + LDAPAsynConnection *connect, const LDAPConstraints *cons, + bool isReferral, const LDAPRequest* parent) + : LDAPRequest(connect, cons, isReferral, parent) { + DEBUG(LDAP_DEBUG_CONSTRUCT, + "LDAPDeleteRequest::LDAPDeleteRequest()" << endl); + DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER, " dn:" << dn << endl); + m_requestType=LDAPRequest::DELETE; + m_dn=dn; +} + +LDAPDeleteRequest::~LDAPDeleteRequest(){ + DEBUG(LDAP_DEBUG_DESTROY, + "LDAPDeleteRequest::~LDAPDeleteRequest()" << endl); + // TODO -- flush the entire cache here? or does this invalidate + // cached searches that may have found the deleted entry. + // m_connection->uncache_entry(m_dn); + m_connection->flush_cache(); +} + +LDAPMessageQueue* LDAPDeleteRequest::sendRequest(){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPDeleteRequest::sendRequest()" << endl); + int msgID=0; + LDAPControl** tmpSrvCtrls=m_cons->getSrvCtrlsArray(); + LDAPControl** tmpClCtrls=m_cons->getClCtrlsArray(); + int err=ldap_delete_ext(m_connection->getSessionHandle(),m_dn.c_str(), + tmpSrvCtrls, tmpClCtrls ,&msgID); + LDAPControlSet::freeLDAPControlArray(tmpSrvCtrls); + LDAPControlSet::freeLDAPControlArray(tmpClCtrls); + if(err != LDAP_SUCCESS){ + throw LDAPException(err); + }else{ + m_msgID=msgID; + return new LDAPMessageQueue(this); + } +} + +LDAPRequest* LDAPDeleteRequest::followReferral(LDAPMsg* refs){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPDeleteRequest::followReferral()" << endl); + LDAPUrlList::const_iterator usedUrl; + LDAPUrlList urls= ((LDAPResult*)refs)->getReferralUrls(); + LDAPAsynConnection* con=0; + try{ + con = getConnection()->referralConnect(urls,usedUrl,m_cons); + }catch (LDAPException e){ + delete con; + return 0; + } + if(con != 0){ + return new LDAPDeleteRequest(m_dn, con, m_cons, true, this); + } + return 0; +} + + diff --git a/contrib/ldapc++/src/LDAPEntry.cpp b/contrib/ldapc++/src/LDAPEntry.cpp new file mode 100644 index 0000000000..eb3dd5d6ab --- /dev/null +++ b/contrib/ldapc++/src/LDAPEntry.cpp @@ -0,0 +1,72 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#include "debug.h" +#include "LDAPEntry.h" + +#include "LDAPException.h" + +using namespace std; + +LDAPEntry::LDAPEntry(const LDAPEntry& entry){ + DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPEntry::LDAPEntry(&)" << endl); + m_dn=entry.m_dn; + m_attrs=new LDAPAttributeList( *(entry.m_attrs)); +} + + +LDAPEntry::LDAPEntry(const string& dn, const LDAPAttributeList *attrs){ + DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPEntry::LDAPEntry()" << endl); + DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER, + " dn:" << dn << endl << " attrs:" << *attrs << endl); + m_attrs=new LDAPAttributeList(*attrs); + m_dn=dn; +} + +LDAPEntry::LDAPEntry(const LDAPAsynConnection *ld, LDAPMessage *msg){ + DEBUG(LDAP_DEBUG_CONSTRUCT,"LDAPEntry::LDAPEntry()" << endl); + char* tmp=ldap_get_dn(ld->getSessionHandle(),msg); + m_dn=string(tmp); + ldap_memfree(tmp); + m_attrs = new LDAPAttributeList(ld, msg); +} + +LDAPEntry::~LDAPEntry(){ + DEBUG(LDAP_DEBUG_DESTROY,"LDAPEntry::~LDAPEntry()" << endl); + delete m_attrs; +} + +void LDAPEntry::setDN(const string& dn){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPEntry::setDN()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER, + " dn:" << dn << endl); + m_dn=dn; +} + +void LDAPEntry::setAttributes(LDAPAttributeList *attrs){ + DEBUG(LDAP_DEBUG_TRACE,"LDAPEntry::setAttributes()" << endl); + DEBUG(LDAP_DEBUG_TRACE | LDAP_DEBUG_PARAMETER, + " attrs:" << *attrs << endl); + if (m_attrs != 0){ + delete m_attrs; + } + m_attrs=attrs; +} + +const string& LDAPEntry::getDN() const{ + DEBUG(LDAP_DEBUG_TRACE,"LDAPEntry::getDN()" << endl); + return m_dn; +} + +const LDAPAttributeList* LDAPEntry::getAttributes() const{ + DEBUG(LDAP_DEBUG_TRACE,"LDAPEntry::getAttributes()" << endl); + return m_attrs; +} + +ostream& operator << (ostream& s, const LDAPEntry& le){ + s << "DN: " << le.m_dn << ": " << *(le.m_attrs); + return s; +} diff --git a/contrib/ldapc++/src/LDAPEntry.h b/contrib/ldapc++/src/LDAPEntry.h new file mode 100644 index 0000000000..c49e26d722 --- /dev/null +++ b/contrib/ldapc++/src/LDAPEntry.h @@ -0,0 +1,80 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_ENTRY_H +#define LDAP_ENTRY_H +#include + +#include +#include + +/** + * This class is used to store every kind of LDAP Entry. + */ +class LDAPEntry{ + + public : + /** + * Copy-constructor + */ + LDAPEntry(const LDAPEntry& entry); + + /** + * Constructs a new entry (also used as standard constructor). + * + * @param dn The Distinguished Name for the new entry. + * @param attrs The attributes for the new entry. + */ + LDAPEntry(const std::string& dn=std::string(), + const LDAPAttributeList *attrs=new LDAPAttributeList()); + + /** + * Used internally only. + * + * The constructor is used internally to create a LDAPEntry from + * the C-API's data structurs. + */ + LDAPEntry(const LDAPAsynConnection *ld, LDAPMessage *msg); + + /** + * Destructor + */ + ~LDAPEntry(); + + /** + * Sets the DN-attribute. + * @param dn: The new DN for the entry. + */ + void setDN(const std::string& dn); + + /** + * Sets the attributes of the entry. + * @param attr: A pointer to a std::list of the new attributes. + */ + void setAttributes(LDAPAttributeList *attrs); + + /** + * @returns The current DN of the entry. + */ + const std::string& getDN() const ; + + /** + * @returns A const pointer to the attributes of the entry. + */ + const LDAPAttributeList* getAttributes() const; + + /** + * This method can be used to dump the data of a LDAPResult-Object. + * It is only useful for debugging purposes at the moment + */ + friend std::ostream& operator << (std::ostream& s, const LDAPEntry& le); + + private : + + LDAPAttributeList *m_attrs; + std::string m_dn; +}; +#endif //LDAP_ENTRY_H diff --git a/contrib/ldapc++/src/LDAPException.h b/contrib/ldapc++/src/LDAPException.h new file mode 100644 index 0000000000..09d94f4ab5 --- /dev/null +++ b/contrib/ldapc++/src/LDAPException.h @@ -0,0 +1,71 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_EXCEPTION_H +#define LDAP_EXCEPTION_H + +#include +#include + +class LDAPAsynConnection; + +/** + * This class is only thrown as an Exception and used to signalize error + * conditions during LDAP-operations + */ +class LDAPException{ + + public : + /** + * Constructs a LDAPException-object from the parameters + * @param res_code A valid LDAP result code. + * @param err_string An addional error message for the error + * that happend (optional) + */ + LDAPException(int res_code, const std::string& err_string=std::string()); + + /** + * Constructs a LDAPException-object from the error state of a + * LDAPAsynConnection-object + * @param lc A LDAP-Connection for that an error has happend. The + * Constructor tries to read its error state. + */ + LDAPException(const LDAPAsynConnection *lc); + + /** + * Destructor + */ + virtual ~LDAPException(); + + /** + * @return The Result code of the object + */ + + int getResultCode() const; + + /** + * @return The error message that is corresponding to the result + * code . + */ + const std::string& getResultMsg() const; + + /** + * @return The addional error message of the error (if it was set) + */ + const std::string& getServerMsg() const; + + /** + * This method can be used to dump the data of a LDAPResult-Object. + * It is only useful for debugging purposes at the moment + */ + friend std::ostream& operator << (std::ostream &s, LDAPException e); + + private : + int m_res_code; + std::string m_res_string; + std::string m_err_string; +}; +#endif //LDAP_EXCEPTION_H diff --git a/contrib/ldapc++/src/LDAPModList.h b/contrib/ldapc++/src/LDAPModList.h new file mode 100644 index 0000000000..313808d5dd --- /dev/null +++ b/contrib/ldapc++/src/LDAPModList.h @@ -0,0 +1,49 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_MOD_LIST_H +#define LDAP_MOD_LIST_H + +#include +#include +#include + +typedef std::list ModList; + +/** + * This container class is used to store multiple LDAPModification-objects. + */ +class LDAPModList{ + + public : + /** + * Constructs an empty list. + */ + LDAPModList(); + + /** + * Copy-constructor + */ + LDAPModList(const LDAPModList&); + + /** + * Adds one element to the end of the list. + * @param mod The LDAPModification to add to the std::list. + */ + void addModification(const LDAPModification &mod); + + /** + * Translates the list to a 0-terminated array of + * LDAPMod-structures as needed by the C-API + */ + LDAPMod** toLDAPModArray(); + + private : + ModList m_modList; +}; +#endif //LDAP_MOD_LIST_H + + diff --git a/contrib/ldapc++/src/LDAPModifyRequest.cpp b/contrib/ldapc++/src/LDAPModifyRequest.cpp new file mode 100644 index 0000000000..3d688ca353 --- /dev/null +++ b/contrib/ldapc++/src/LDAPModifyRequest.cpp @@ -0,0 +1,84 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include + +#include "debug.h" + +#include "LDAPModifyRequest.h" +#include "LDAPException.h" +#include "LDAPMessageQueue.h" +#include "LDAPResult.h" + +using namespace std; + +LDAPModifyRequest::LDAPModifyRequest(const LDAPModifyRequest& req) : + LDAPRequest(req){ + DEBUG(LDAP_DEBUG_CONSTRUCT, + "LDAPModifyRequest::LDAPModifyRequest(&)" << endl); + m_modList = new LDAPModList(*(req.m_modList)); + m_dn = req.m_dn; +} + +LDAPModifyRequest::LDAPModifyRequest(const string& dn, + const LDAPModList *modList, LDAPAsynConnection *connect, + const LDAPConstraints *cons, bool isReferral, + const LDAPRequest* parent) : + LDAPRequest(connect, cons, isReferral, parent){ + DEBUG(LDAP_DEBUG_CONSTRUCT, + "LDAPModifyRequest::LDAPModifyRequest(&)" << endl); + DEBUG(LDAP_DEBUG_CONSTRUCT | LDAP_DEBUG_PARAMETER, + " dn:" << dn << endl); + m_dn = dn; + m_modList = new LDAPModList(*modList); +} + +LDAPModifyRequest::~LDAPModifyRequest(){ + DEBUG(LDAP_DEBUG_DESTROY, + "LDAPModifyRequest::~LDAPModifyRequest()" << endl); + delete m_modList; + // flush this entry from cache. + //m_connection->uncache_entry(m_dn); + // I think we need to do this... (j.costlow) + m_connection->flush_cache(); +} + +LDAPMessageQueue* LDAPModifyRequest::sendRequest(){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPModifyRequest::sendRequest()" << endl); + int msgID=0; + LDAPControl** tmpSrvCtrls=m_cons->getSrvCtrlsArray(); + LDAPControl** tmpClCtrls=m_cons->getClCtrlsArray(); + LDAPMod** tmpMods=m_modList->toLDAPModArray(); + int err=ldap_modify_ext(m_connection->getSessionHandle(),m_dn.c_str(), + tmpMods, tmpSrvCtrls, tmpClCtrls,&msgID); + LDAPControlSet::freeLDAPControlArray(tmpSrvCtrls); + LDAPControlSet::freeLDAPControlArray(tmpClCtrls); + ldap_mods_free(tmpMods,1); + if(err != LDAP_SUCCESS){ + throw LDAPException(err); + }else{ + m_msgID=msgID; + return new LDAPMessageQueue(this); + } +} + +LDAPRequest* LDAPModifyRequest::followReferral(LDAPMsg* ref){ + DEBUG(LDAP_DEBUG_TRACE, "LDAPModifyRequest::followReferral()" << endl); + LDAPUrlList::const_iterator usedUrl; + LDAPUrlList urls = ((LDAPResult*)ref)->getReferralUrls(); + LDAPAsynConnection* con = 0; + try { + con = getConnection()->referralConnect(urls,usedUrl,m_cons); + } catch(LDAPException e){ + delete con; + return 0; + } + if(con != 0){ + return new LDAPModifyRequest(m_dn, m_modList, con, m_cons,true,this); + } + return 0; +} + + diff --git a/contrib/ldapc++/src/LDAPReferenceList.h b/contrib/ldapc++/src/LDAPReferenceList.h new file mode 100644 index 0000000000..0aa5a18219 --- /dev/null +++ b/contrib/ldapc++/src/LDAPReferenceList.h @@ -0,0 +1,72 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#ifndef LDAP_REFERENCE_LIST_H +#define LDAP_REFERENCE_LIST_H + +#include + +class LDAPSearchReference; + +typedef std::list RefList; + +/** + * Container class for storing a list of Search References + * + * Used internally only by LDAPSearchResults + */ +class LDAPReferenceList{ + public: + typedef RefList::const_iterator const_iterator; + + /** + * Constructs an empty list. + */ + LDAPReferenceList(); + + /** + * Copy-constructor + */ + LDAPReferenceList(const LDAPReferenceList& rl); + + /** + * Destructor + */ + ~LDAPReferenceList(); + + /** + * @return The number of LDAPSearchReference-objects that are + * currently stored in this list. + */ + size_t size() const; + + /** + * @return true if there are zero LDAPSearchReference-objects + * currently stored in this list. + */ + bool empty() const; + + /** + * @return A iterator that points to the first element of the list. + */ + const_iterator begin() const; + + /** + * @return A iterator that points to the element after the last + * element of the list. + */ + const_iterator end() const; + + /** + * Adds one element to the end of the list. + * @param e The LDAPSearchReference to add to the list. + */ + void addReference(const LDAPSearchReference& e); + + private: + RefList m_refs; +}; +#endif // LDAP_REFERENCE_LIST_H + diff --git a/contrib/ldapc++/src/LDAPReferralException.h b/contrib/ldapc++/src/LDAPReferralException.h new file mode 100644 index 0000000000..f604f67adc --- /dev/null +++ b/contrib/ldapc++/src/LDAPReferralException.h @@ -0,0 +1,42 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_REFERRAL_EXCEPTION_H +#define LDAP_REFERRAL_EXCEPTION_H + +#include +#include +#include + +class LDAPUrlList; + +/** + * This class extends LDAPException and is used to signalize Referrals + * there were received during synchronous LDAP-operations + */ +class LDAPReferralException : public LDAPException{ + + public : + /** + * Creates an object that is initialized with a list of URLs + */ + LDAPReferralException(const LDAPUrlList& urls); + + /** + * Destructor + */ + ~LDAPReferralException(); + + /** + * @return The List of URLs of the Referral/Search Reference + */ + const LDAPUrlList& getUrls(); + + private : + LDAPUrlList m_urlList; +}; + +#endif //LDAP_REFERRAL_EXCEPTION_H diff --git a/contrib/ldapc++/src/LDAPUrl.h b/contrib/ldapc++/src/LDAPUrl.h new file mode 100644 index 0000000000..9314aa09b2 --- /dev/null +++ b/contrib/ldapc++/src/LDAPUrl.h @@ -0,0 +1,82 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + + +#ifndef LDAP_URL_H +#define LDAP_URL_H + +#include +#include + +/** + * This class is used to analyze and store LDAP-Urls as returned by a + * LDAP-Server as Referrals and Search References. LDAP-URLs are defined + * in RFC1959 and have the following format:
+ * + * ldap://host:port/baseDN[?attr[?scope[?filter]]]
+ * + */ +class LDAPUrl{ + + public : + /** + * Create a new object from a c-string that contains a LDAP-Url + */ + LDAPUrl(const char *url); + + /** + * Destructor + */ + ~LDAPUrl(); + + /** + * @return The part of the URL that is representing the network + * port + */ + int getPort() const; + + /** + * @return The scope part of the URL is returned. + */ + int getScope() const; + + /** + * @return The complete URL as a string + */ + const std::string& getURLString() const; + + /** + * @return The hostname or IP-Address of the destination host. + */ + const std::string& getHost() const; + + /** + * @return The Base-DN part of the URL + */ + const std::string& getDN() const; + + + /** + * @return The Filter part of the URL + */ + const std::string& getFilter() const; + + /** + * @return The List of attributes that was in the URL + */ + const StringList& getAttrs() const; + + protected : + int m_Port; + int m_Scope; + std::string m_Host; + std::string m_DN; + std::string m_Filter; + StringList m_Attrs; + LDAPURLDesc *m_urlDesc; + std::string m_urlString; +}; + +#endif //LDAP_URL_H diff --git a/contrib/ldapc++/src/LDAPUrlList.h b/contrib/ldapc++/src/LDAPUrlList.h new file mode 100644 index 0000000000..1247fc6ad1 --- /dev/null +++ b/contrib/ldapc++/src/LDAPUrlList.h @@ -0,0 +1,77 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#ifndef LDAP_URL_LIST_H +#define LDAP_URL_LIST_H + +#include +#include + +typedef std::list UrlList; + +/** + * This container class is used to store multiple LDAPUrl-objects. + */ +class LDAPUrlList{ + public: + typedef UrlList::const_iterator const_iterator; + + /** + * Constructs an empty list. + */ + LDAPUrlList(); + + /** + * Copy-constructor + */ + LDAPUrlList(const LDAPUrlList& urls); + + /** + * For internal use only + * + * This constructor is used by the library internally to create a + * std::list of URLs from a array of C-strings that was return by + * the C-API + */ + LDAPUrlList(char** urls); + + /** + * Destructor + */ + ~LDAPUrlList(); + + /** + * @return The number of LDAPUrl-objects that are currently + * stored in this list. + */ + size_t size() const; + + /** + * @return true if there are zero LDAPUrl-objects currently + * stored in this list. + */ + bool empty() const; + + /** + * @return A iterator that points to the first element of the list. + */ + const_iterator begin() const; + + /** + * @return A iterator that points to the element after the last + * element of the list. + */ + const_iterator end() const; + + /** + * Adds one element to the end of the list. + * @param attr The attribute to add to the list. + */ + void add(const LDAPUrl& url); + + private : + UrlList m_urls; +}; +#endif //LDAP_URL_LIST_H diff --git a/contrib/ldapc++/src/StringList.h b/contrib/ldapc++/src/StringList.h new file mode 100644 index 0000000000..caa8ddd147 --- /dev/null +++ b/contrib/ldapc++/src/StringList.h @@ -0,0 +1,87 @@ +/* + * Copyright 2000, OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#ifndef STRING_LIST_H +#define STRING_LIST_H + +#include +#include +typedef std::list ListType; + +/** + * Container class to store multiple string-objects + */ +class StringList{ + private: + ListType m_data; + + public: + typedef ListType::const_iterator const_iterator; + + /** + * Constructs an empty list. + */ + StringList(); + + /** + * Copy-constructor + */ + StringList(const StringList& sl); + + /** + * For internal use only + * + * This constructor is used by the library internally to create a + * list of string from a array for c-Strings (char*)thar was + * returned by the C-API + */ + StringList(char** values); + + /** + * Destructor + */ + ~StringList(); + + /** + * The methods converts the list to a 0-terminated array of + * c-Strings. + */ + char** toCharArray() const; + + /** + * Adds one element to the end of the list. + * @param attr The attribute to add to the list. + */ + void add(const std::string& value); + + /** + * @return The number of strings that are currently + * stored in this list. + */ + size_t size() const; + + /** + * @return true if there are zero strings currently + * stored in this list. + */ + bool empty() const; + + /** + * @return A iterator that points to the first element of the list. + */ + const_iterator begin() const; + + /** + * @return A iterator that points to the element after the last + * element of the list. + */ + const_iterator end() const; + + /** + * removes all elements from the list + */ + void clear(); +}; +#endif //STRING_LIST_H diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index f3433e9008..3b73c8d9d9 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -1678,7 +1678,9 @@ aci_group_member ( if (grp_oc != NULL && grp_ad != NULL ) { char buf[ACL_BUF_SIZE]; - struct berval bv = { sizeof(buf), buf }, ndn; + struct berval bv, ndn; + bv.bv_len = sizeof( buf ); + bv.bv_val = &buf; string_expand(&bv, &subjdn, e->e_ndn, matches); if ( dnNormalize2(NULL, &bv, &ndn) == LDAP_SUCCESS ) { rc = (backend_group(be, conn, op, e, &ndn, &op->o_ndn, grp_oc, grp_ad) == 0); -- 2.39.5