1 /* syncrepl.c -- Replication Engine which uses the LDAP Sync protocol */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2003-2005 The OpenLDAP Foundation.
6 * Portions Copyright 2003 by IBM Corporation.
7 * Portions Copyright 2003 by Howard Chu, Symas Corporation.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
23 #include <ac/string.h>
24 #include <ac/socket.h>
28 #include "lutil_ldap.h"
34 /* FIXME: for ldap_ld_free() */
36 #include "../../libraries/libldap/ldap-int.h"
38 struct nonpresent_entry {
39 struct berval *npe_name;
40 struct berval *npe_nname;
41 LDAP_LIST_ENTRY(nonpresent_entry) npe_link;
44 typedef struct syncinfo_s {
45 struct slap_backend_db *si_be;
48 struct berval si_provideruri;
49 slap_bindconf si_bindconf;
50 struct berval si_filterstr;
51 struct berval si_base;
55 AttributeName *si_anlist;
56 AttributeName *si_exanlist;
61 int si_schemachecking;
64 time_t *si_retryinterval;
65 int *si_retrynum_init;
67 struct sync_cookie si_syncCookie;
72 int si_refreshPresent;
73 Avlnode *si_presentlist;
75 LDAP_LIST_HEAD(np, nonpresent_entry) si_nonpresentlist;
76 ldap_pvt_thread_mutex_t si_mutex;
79 static int syncuuid_cmp( const void *, const void * );
80 static void avl_ber_bvfree( void * );
81 static void syncrepl_del_nonpresent( Operation *, syncinfo_t *, BerVarray );
82 static int syncrepl_message_to_entry(
83 syncinfo_t *, Operation *, LDAPMessage *,
84 Modifications **, Entry **, int );
85 static int syncrepl_entry(
86 syncinfo_t *, Operation*, Entry*,
87 Modifications**,int, struct berval*,
90 static void syncrepl_updateCookie(
91 syncinfo_t *, Operation *, struct berval *,
92 struct sync_cookie * );
93 static struct berval * slap_uuidstr_from_normalized(
94 struct berval *, struct berval *, void * );
96 /* callback functions */
97 static int dn_callback( struct slap_op *, struct slap_rep * );
98 static int nonpresent_callback( struct slap_op *, struct slap_rep * );
99 static int null_callback( struct slap_op *, struct slap_rep * );
101 static AttributeDescription *sync_descs[4];
104 init_syncrepl(syncinfo_t *si)
107 char **attrs, **exattrs;
109 if ( !sync_descs[0] ) {
110 sync_descs[0] = slap_schema.si_ad_objectClass;
111 sync_descs[1] = slap_schema.si_ad_structuralObjectClass;
112 sync_descs[2] = slap_schema.si_ad_entryCSN;
113 sync_descs[3] = NULL;
116 if ( si->si_allattrs && si->si_allopattrs )
119 attrs = anlist2attrs( si->si_anlist );
122 if ( si->si_allattrs ) {
125 if ( !is_at_operational( at_find( attrs[i] ))) {
126 for ( j = i; attrs[j] != NULL; j++ ) {
129 attrs[j] = attrs[j+1];
135 attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) );
136 attrs[i] = ch_strdup("*");
139 } else if ( si->si_allopattrs ) {
142 if ( is_at_operational( at_find( attrs[i] ))) {
143 for ( j = i; attrs[j] != NULL; j++ ) {
146 attrs[j] = attrs[j+1];
152 attrs = ( char ** ) ch_realloc( attrs, (i + 2)*sizeof( char * ) );
153 attrs[i] = ch_strdup("+");
157 for ( i = 0; sync_descs[i] != NULL; i++ ) {
160 if ( !strcmp( attrs[j], sync_descs[i]->ad_cname.bv_val )) {
161 for ( k = j; attrs[k] != NULL; k++ ) {
164 attrs[k] = attrs[k+1];
172 for ( n = 0; attrs[ n ] != NULL; n++ ) /* empty */;
174 if ( si->si_allopattrs ) {
175 attrs = ( char ** ) ch_realloc( attrs, (n + 2)*sizeof( char * ));
177 attrs = ( char ** ) ch_realloc( attrs, (n + 4)*sizeof( char * ));
180 if ( attrs == NULL ) {
181 Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
185 if ( si->si_allopattrs ) {
186 attrs[n++] = ch_strdup( sync_descs[0]->ad_cname.bv_val );
188 for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
189 attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
197 if ( si->si_allattrs == si->si_allopattrs ) {
198 attrs = (char**) ch_malloc( 3 * sizeof(char*) );
199 attrs[i++] = ch_strdup( "*" );
200 attrs[i++] = ch_strdup( "+" );
201 } else if ( si->si_allattrs && !si->si_allopattrs ) {
202 for ( n = 0; sync_descs[ n ] != NULL; n++ ) ;
203 attrs = (char**) ch_malloc( (n+1)* sizeof(char*) );
204 attrs[i++] = ch_strdup( "*" );
205 for ( j = 1; sync_descs[ j ] != NULL; j++ ) {
206 attrs[i++] = ch_strdup ( sync_descs[j]->ad_cname.bv_val );
208 } else if ( !si->si_allattrs && si->si_allopattrs ) {
209 attrs = (char**) ch_malloc( 3 * sizeof(char*) );
210 attrs[i++] = ch_strdup( "+" );
211 attrs[i++] = ch_strdup( sync_descs[0]->ad_cname.bv_val );
216 si->si_attrs = attrs;
218 exattrs = anlist2attrs( si->si_exanlist );
221 for ( n = 0; exattrs[n] != NULL; n++ ) ;
223 for ( i = 0; sync_descs[i] != NULL; i++ ) {
225 while ( exattrs[j] != NULL ) {
226 if ( !strcmp( exattrs[j], sync_descs[i]->ad_cname.bv_val )) {
227 for ( k = j; exattrs[k] != NULL; k++ ) {
229 ch_free( exattrs[k] );
230 exattrs[k] = exattrs[k+1];
238 for ( i = 0; exattrs[i] != NULL; i++ ) {
239 for ( j = 0; si->si_anlist[j].an_name.bv_val; j++ ) {
241 if ( ( oc = si->si_anlist[j].an_oc ) ) {
243 while ( oc->soc_required[k] ) {
244 if ( !strcmp( exattrs[i],
245 oc->soc_required[k]->sat_cname.bv_val )) {
246 for ( l = i; exattrs[l]; l++ ) {
248 ch_free( exattrs[i] );
249 exattrs[l] = exattrs[l+1];
259 for ( i = 0; exattrs[i] != NULL; i++ ) ;
262 exattrs = (char **) ch_realloc( exattrs, (i + 1)*sizeof(char *));
265 si->si_exattrs = exattrs;
273 BerElementBuffer berbuf;
274 BerElement *ber = (BerElement *)&berbuf;
275 LDAPControl c[2], *ctrls[3];
276 struct timeval timeout;
280 /* setup LDAP SYNC control */
281 ber_init2( ber, NULL, LBER_USE_DER );
282 ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
284 if ( !BER_BVISNULL( &si->si_syncCookie.octet_str ) )
286 ber_printf( ber, "{eO}",
288 &si->si_syncCookie.octet_str );
290 ber_printf( ber, "{e}",
294 if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
299 c[0].ldctl_oid = LDAP_CONTROL_SYNC;
300 c[0].ldctl_iscritical = si->si_type < 0;
303 if ( !BER_BVISNULL( &si->si_bindconf.sb_authzId ) ) {
304 c[1].ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
305 c[1].ldctl_value = si->si_bindconf.sb_authzId;
306 c[1].ldctl_iscritical = 1;
313 timeout.tv_sec = si->si_tlimit;
316 rc = ldap_search_ext( si->si_ld, si->si_base.bv_val, si->si_scope,
317 si->si_filterstr.bv_val, si->si_attrs, si->si_attrsonly,
318 ctrls, NULL, si->si_tlimit > 0 ? &timeout : NULL,
319 si->si_slimit, &msgid );
330 int cmdline_cookie_found = 0;
332 struct sync_cookie *sc = NULL;
338 psub = &si->si_be->be_nsuffix[0];
340 /* Init connection to master */
341 rc = ldap_initialize( &si->si_ld, si->si_provideruri.bv_val );
342 if ( rc != LDAP_SUCCESS ) {
343 Debug( LDAP_DEBUG_ANY,
344 "do_syncrep1: ldap_initialize failed (%s)\n",
345 si->si_provideruri.bv_val, 0, 0 );
349 op->o_protocol = LDAP_VERSION3;
350 ldap_set_option( si->si_ld, LDAP_OPT_PROTOCOL_VERSION, &op->o_protocol );
354 if ( si->si_bindconf.sb_tls ) {
355 rc = ldap_start_tls_s( si->si_ld, NULL, NULL );
356 if( rc != LDAP_SUCCESS ) {
357 Debug( LDAP_DEBUG_ANY,
358 "%s: ldap_start_tls failed (%d)\n",
359 si->si_bindconf.sb_tls == SB_TLS_CRITICAL ? "Error" : "Warning",
361 if( si->si_bindconf.sb_tls == SB_TLS_CRITICAL ) goto done;
365 if ( si->si_bindconf.sb_method == LDAP_AUTH_SASL ) {
366 #ifdef HAVE_CYRUS_SASL
369 if ( si->si_bindconf.sb_secprops != NULL ) {
370 rc = ldap_set_option( si->si_ld,
371 LDAP_OPT_X_SASL_SECPROPS, si->si_bindconf.sb_secprops);
373 if( rc != LDAP_OPT_SUCCESS ) {
374 Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option "
375 "(%s,SECPROPS,\"%s\") failed!\n",
376 si->si_provideruri.bv_val, si->si_bindconf.sb_secprops, 0 );
381 defaults = lutil_sasl_defaults( si->si_ld,
382 si->si_bindconf.sb_saslmech.bv_val,
383 si->si_bindconf.sb_realm.bv_val,
384 si->si_bindconf.sb_authcId.bv_val,
385 si->si_bindconf.sb_cred.bv_val,
386 si->si_bindconf.sb_authzId.bv_val );
388 rc = ldap_sasl_interactive_bind_s( si->si_ld,
389 si->si_bindconf.sb_binddn.bv_val,
390 si->si_bindconf.sb_saslmech.bv_val,
396 lutil_sasl_freedefs( defaults );
398 /* FIXME: different error behaviors according to
400 * 2) on err policy : exit, retry, backoff ...
402 if ( rc != LDAP_SUCCESS ) {
403 static struct berval bv_GSSAPI = BER_BVC( "GSSAPI" );
405 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
406 "ldap_sasl_interactive_bind_s failed (%d)\n",
409 /* FIXME (see above comment) */
410 /* if Kerberos credentials cache is not active, retry */
411 if ( ber_bvcmp( &si->si_bindconf.sb_saslmech, &bv_GSSAPI ) == 0 &&
412 rc == LDAP_LOCAL_ERROR )
414 rc = LDAP_SERVER_DOWN;
419 #else /* HAVE_CYRUS_SASL */
420 /* Should never get here, we trapped this at config time */
422 fprintf( stderr, "not compiled with SASL support\n" );
427 } else if ( si->si_bindconf.sb_method == LDAP_AUTH_SIMPLE ) {
428 rc = ldap_sasl_bind_s( si->si_ld,
429 si->si_bindconf.sb_binddn.bv_val, LDAP_SASL_SIMPLE,
430 &si->si_bindconf.sb_cred, NULL, NULL, NULL );
431 if ( rc != LDAP_SUCCESS ) {
432 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
433 "ldap_sasl_bind_s failed (%d)\n", rc, 0, 0 );
438 /* Set SSF to strongest of TLS, SASL SSFs */
441 op->o_transport_ssf = 0;
443 if ( ldap_get_option( si->si_ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl )
444 == LDAP_SUCCESS && ssl != NULL )
446 op->o_tls_ssf = ldap_pvt_tls_get_strength( ssl );
448 #endif /* HAVE_TLS */
449 ldap_get_option( si->si_ld, LDAP_OPT_X_SASL_SSF, &op->o_sasl_ssf );
450 op->o_ssf = ( op->o_sasl_ssf > op->o_tls_ssf )
451 ? op->o_sasl_ssf : op->o_tls_ssf;
454 if ( BER_BVISNULL( &si->si_syncCookie.octet_str )) {
455 /* get contextCSN shadow replica from database */
456 BerVarray csn = NULL;
458 assert( si->si_rid < 1000 );
459 op->o_req_ndn = op->o_bd->be_nsuffix[0];
460 op->o_req_dn = op->o_req_ndn;
462 /* try to read stored contextCSN */
463 backend_attribute( op, NULL, &op->o_req_ndn,
464 slap_schema.si_ad_contextCSN, &csn, ACL_READ );
466 ch_free( si->si_syncCookie.ctxcsn.bv_val );
467 ber_dupbv( &si->si_syncCookie.ctxcsn, csn );
468 ber_bvarray_free_x( csn, op->o_tmpmemctx );
471 si->si_syncCookie.rid = si->si_rid;
473 LDAP_STAILQ_FOREACH( sc, &slap_sync_cookie, sc_next ) {
474 if ( si->si_rid == sc->rid ) {
475 cmdline_cookie_found = 1;
480 if ( cmdline_cookie_found ) {
481 /* cookie is supplied in the command line */
483 LDAP_STAILQ_REMOVE( &slap_sync_cookie, sc, sync_cookie, sc_next );
485 if ( BER_BVISNULL( &sc->ctxcsn ) ) {
486 /* if cmdline cookie does not have ctxcsn */
487 /* component, set it to an initial value */
488 slap_init_sync_cookie_ctxcsn( sc );
490 slap_sync_cookie_free( &si->si_syncCookie, 0 );
491 slap_dup_sync_cookie( &si->si_syncCookie, sc );
492 slap_sync_cookie_free( sc, 1 );
495 slap_compose_sync_cookie( NULL, &si->si_syncCookie.octet_str,
496 &si->si_syncCookie.ctxcsn, si->si_syncCookie.rid );
499 rc = ldap_sync_search( si, op->o_tmpmemctx );
501 if( rc != LDAP_SUCCESS ) {
502 Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
503 "ldap_search_ext: %s (%d)\n", ldap_err2string( rc ), rc, 0 );
509 ldap_unbind_ext( si->si_ld, NULL, NULL );
522 LDAPControl **rctrls = NULL;
525 BerElementBuffer berbuf;
526 BerElement *ber = (BerElement *)&berbuf;
528 LDAPMessage *res = NULL;
529 LDAPMessage *msg = NULL;
532 struct berval *retdata = NULL;
537 struct berval syncUUID = BER_BVNULL;
538 struct sync_cookie syncCookie = { BER_BVNULL };
539 struct sync_cookie syncCookie_req = { BER_BVNULL };
540 struct berval cookie = BER_BVNULL;
548 Modifications *modlist = NULL;
553 struct timeval *tout_p = NULL;
554 struct timeval tout = { 0, 0 };
556 int refreshDeletes = 0;
558 BerVarray syncUUIDs = NULL;
561 if ( slapd_shutdown ) {
566 ber_init2( ber, NULL, LBER_USE_DER );
567 ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
569 Debug( LDAP_DEBUG_TRACE, "=>do_syncrep2\n", 0, 0, 0 );
571 psub = &si->si_be->be_nsuffix[0];
573 slap_dup_sync_cookie( &syncCookie_req, &si->si_syncCookie );
575 if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) {
581 while (( rc = ldap_result( si->si_ld, LDAP_RES_ANY, LDAP_MSG_ONE,
582 tout_p, &res )) > 0 )
584 if ( slapd_shutdown ) {
588 for( msg = ldap_first_message( si->si_ld, res );
590 msg = ldap_next_message( si->si_ld, msg ) )
592 if ( slapd_shutdown ) {
596 switch( ldap_msgtype( msg ) ) {
597 case LDAP_RES_SEARCH_ENTRY:
598 ldap_get_entry_controls( si->si_ld, msg, &rctrls );
599 /* we can't work without the control */
601 Debug( LDAP_DEBUG_ANY, "do_syncrep2: "
602 "got search entry without "
603 "control\n", 0, 0, 0 );
608 ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
609 ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID );
610 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
611 ber_scanf( ber, /*"{"*/ "m}", &cookie );
612 if ( !BER_BVISNULL( &cookie ) ) {
613 ch_free( syncCookie.octet_str.bv_val );
614 ber_dupbv( &syncCookie.octet_str, &cookie );
616 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
618 slap_parse_sync_cookie( &syncCookie );
621 if ( syncrepl_message_to_entry( si, op, msg,
622 &modlist, &entry, syncstate ) == LDAP_SUCCESS ) {
623 rc_efree = syncrepl_entry( si, op, entry, &modlist,
624 syncstate, &syncUUID, &syncCookie_req, &syncCookie.ctxcsn );
625 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
627 syncrepl_updateCookie( si, op, psub, &syncCookie );
630 ldap_controls_free( rctrls );
632 slap_mods_free( modlist, 1 );
634 if ( rc_efree && entry ) {
640 case LDAP_RES_SEARCH_REFERENCE:
641 Debug( LDAP_DEBUG_ANY,
642 "do_syncrep2: reference received error\n", 0, 0, 0 );
645 case LDAP_RES_SEARCH_RESULT:
646 Debug( LDAP_DEBUG_SYNC,
647 "do_syncrep2: LDAP_RES_SEARCH_RESULT\n", 0, 0, 0 );
648 ldap_parse_result( si->si_ld, msg, &err, NULL, NULL, NULL,
652 ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
654 ber_scanf( ber, "{" /*"}"*/);
655 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
656 ber_scanf( ber, "m", &cookie );
657 if ( !BER_BVISNULL( &cookie ) ) {
658 ch_free( syncCookie.octet_str.bv_val );
659 ber_dupbv( &syncCookie.octet_str, &cookie);
661 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
663 slap_parse_sync_cookie( &syncCookie );
666 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES )
668 ber_scanf( ber, "b", &refreshDeletes );
670 ber_scanf( ber, /*"{"*/ "}" );
672 if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) {
674 } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) {
677 value_match( &match, slap_schema.si_ad_entryCSN,
678 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
679 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
680 &syncCookie_req.ctxcsn, &syncCookie.ctxcsn,
683 if ( !BER_BVISNULL( &syncCookie.octet_str ) &&
684 match < 0 && err == LDAP_SUCCESS )
686 syncrepl_updateCookie( si, op, psub, &syncCookie );
689 ldap_controls_free( rctrls );
691 if (si->si_type != LDAP_SYNC_REFRESH_AND_PERSIST) {
692 /* FIXME : different error behaviors according to
693 * 1) err code : LDAP_BUSY ...
694 * 2) on err policy : stop service, stop sync, retry
696 if ( refreshDeletes == 0 && match < 0 &&
697 err == LDAP_SUCCESS )
699 syncrepl_del_nonpresent( op, si, NULL );
701 avl_free( si->si_presentlist, avl_ber_bvfree );
702 si->si_presentlist = NULL;
709 case LDAP_RES_INTERMEDIATE:
710 rc = ldap_parse_intermediate( si->si_ld, msg,
711 &retoid, &retdata, NULL, 0 );
712 if ( !rc && !strcmp( retoid, LDAP_SYNC_INFO ) ) {
713 ber_init2( ber, retdata, LBER_USE_DER );
715 switch ( si_tag = ber_peek_tag( ber, &len )) {
717 case LDAP_TAG_SYNC_NEW_COOKIE:
718 Debug( LDAP_DEBUG_SYNC,
719 "do_syncrep2: %s - %s%s\n",
720 "LDAP_RES_INTERMEDIATE",
721 "NEW_COOKIE", "\n" );
722 ber_scanf( ber, "tm", &tag, &cookie );
724 case LDAP_TAG_SYNC_REFRESH_DELETE:
725 case LDAP_TAG_SYNC_REFRESH_PRESENT:
726 Debug( LDAP_DEBUG_SYNC,
727 "do_syncrep2: %s - %s%s\n",
728 "LDAP_RES_INTERMEDIATE",
729 si_tag == LDAP_TAG_SYNC_REFRESH_PRESENT ?
730 "REFRESH_PRESENT" : "REFRESH_DELETE",
732 if ( si_tag == LDAP_TAG_SYNC_REFRESH_DELETE ) {
733 si->si_refreshDelete = 1;
735 si->si_refreshPresent = 1;
737 ber_scanf( ber, "t{" /*"}"*/, &tag );
738 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE )
740 ber_scanf( ber, "m", &cookie );
741 if ( !BER_BVISNULL( &cookie ) ) {
742 ch_free( syncCookie.octet_str.bv_val );
743 ber_dupbv( &syncCookie.octet_str, &cookie );
745 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
747 slap_parse_sync_cookie( &syncCookie );
750 if ( ber_peek_tag( ber, &len ) ==
751 LDAP_TAG_REFRESHDONE )
753 ber_scanf( ber, "b", &refreshDone );
755 ber_scanf( ber, /*"{"*/ "}" );
757 case LDAP_TAG_SYNC_ID_SET:
758 Debug( LDAP_DEBUG_SYNC,
759 "do_syncrep2: %s - %s%s\n",
760 "LDAP_RES_INTERMEDIATE",
763 ber_scanf( ber, "t{" /*"}"*/, &tag );
764 if ( ber_peek_tag( ber, &len ) ==
765 LDAP_TAG_SYNC_COOKIE )
767 ber_scanf( ber, "m", &cookie );
768 if ( !BER_BVISNULL( &cookie ) ) {
769 ch_free( syncCookie.octet_str.bv_val );
770 ber_dupbv( &syncCookie.octet_str, &cookie );
772 if ( !BER_BVISNULL( &syncCookie.octet_str ) )
774 slap_parse_sync_cookie( &syncCookie );
777 if ( ber_peek_tag( ber, &len ) ==
778 LDAP_TAG_REFRESHDELETES )
780 ber_scanf( ber, "b", &refreshDeletes );
782 ber_scanf( ber, "[W]", &syncUUIDs );
783 ber_scanf( ber, /*"{"*/ "}" );
784 if ( refreshDeletes ) {
785 syncrepl_del_nonpresent( op, si, syncUUIDs );
786 ber_bvarray_free_x( syncUUIDs, op->o_tmpmemctx );
788 for ( i = 0; !BER_BVISNULL( &syncUUIDs[i] ); i++ ) {
789 struct berval *syncuuid_bv;
790 syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] );
791 slap_sl_free( syncUUIDs[i].bv_val,op->o_tmpmemctx );
792 avl_insert( &si->si_presentlist,
793 (caddr_t) syncuuid_bv,
794 syncuuid_cmp, avl_dup_error );
796 slap_sl_free( syncUUIDs, op->o_tmpmemctx );
800 Debug( LDAP_DEBUG_ANY,
801 "do_syncrep2 : unknown syncinfo tag (%ld)\n",
802 (long) si_tag, 0, 0 );
803 ldap_memfree( retoid );
804 ber_bvfree( retdata );
808 if ( BER_BVISNULL( &syncCookie_req.ctxcsn )) {
810 } else if ( BER_BVISNULL( &syncCookie.ctxcsn )) {
813 value_match( &match, slap_schema.si_ad_entryCSN,
814 slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
815 SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
816 &syncCookie_req.ctxcsn,
817 &syncCookie.ctxcsn, &text );
820 if ( !BER_BVISNULL( &syncCookie.ctxcsn ) &&
823 syncrepl_updateCookie( si, op, psub, &syncCookie);
826 if ( si->si_refreshPresent == 1 ) {
828 syncrepl_del_nonpresent( op, si, NULL );
832 ldap_memfree( retoid );
833 ber_bvfree( retdata );
837 Debug( LDAP_DEBUG_ANY, "do_syncrep2 : "
838 "unknown intermediate response (%d)\n",
840 ldap_memfree( retoid );
841 ber_bvfree( retdata );
847 Debug( LDAP_DEBUG_ANY, "do_syncrep2 : "
848 "unknown message\n", 0, 0, 0 );
852 if ( !BER_BVISNULL( &syncCookie.octet_str )) {
853 slap_sync_cookie_free( &syncCookie_req, 0 );
854 slap_dup_sync_cookie( &syncCookie_req, &syncCookie );
855 slap_sync_cookie_free( &syncCookie, 0 );
865 ldap_get_option( si->si_ld, LDAP_OPT_ERROR_NUMBER, &rc );
866 errstr = ldap_err2string( rc );
868 Debug( LDAP_DEBUG_ANY,
869 "do_syncrep2 : %s\n", errstr, 0, 0 );
873 slap_sync_cookie_free( &syncCookie, 0 );
874 slap_sync_cookie_free( &syncCookie_req, 0 );
876 if ( res ) ldap_msgfree( res );
878 if ( rc && si->si_ld ) {
879 ldap_unbind_ext( si->si_ld, NULL, NULL );
891 struct re_s* rtask = arg;
892 syncinfo_t *si = ( syncinfo_t * ) rtask->arg;
893 Connection conn = {0};
894 char opbuf[OPERATION_BUFFER_SIZE];
896 int rc = LDAP_SUCCESS;
903 Debug( LDAP_DEBUG_TRACE, "=>do_syncrepl\n", 0, 0, 0 );
908 ldap_pvt_thread_mutex_lock( &si->si_mutex );
910 switch( abs( si->si_type )) {
911 case LDAP_SYNC_REFRESH_ONLY:
912 case LDAP_SYNC_REFRESH_AND_PERSIST:
915 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
919 if ( slapd_shutdown ) {
921 ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s );
922 connection_client_stop( s );
923 ldap_unbind_ext( si->si_ld, NULL, NULL );
926 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
930 op = (Operation *)opbuf;
931 connection_fake_init( &conn, op, ctx );
933 /* use global malloc for now */
934 op->o_tmpmemctx = NULL;
935 op->o_tmpmfuncs = &ch_mfuncs;
937 op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
938 op->o_bd = be = si->si_be;
939 op->o_dn = op->o_bd->be_rootdn;
940 op->o_ndn = op->o_bd->be_rootndn;
942 /* Establish session, do search */
945 si->si_refreshDelete = 0;
946 si->si_refreshPresent = 0;
947 rc = do_syncrep1( op, si );
950 /* Process results */
951 if ( rc == LDAP_SUCCESS ) {
952 ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s );
954 rc = do_syncrep2( op, si );
956 if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) {
957 /* If we succeeded, enable the connection for further listening.
958 * If we failed, tear down the connection and reschedule.
960 if ( rc == LDAP_SUCCESS ) {
962 rc = connection_client_setup( s, do_syncrepl, arg );
964 connection_client_enable( s );
966 } else if ( !first ) {
970 if ( rc == -2 ) rc = 0;
974 /* At this point, we have 4 cases:
975 * 1) for any hard failure, give up and remove this task
976 * 2) for ServerDown, reschedule this task to run
977 * 3) for Refresh and Success, reschedule to run
978 * 4) for Persist and Success, reschedule to defer
980 ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex );
982 if ( ldap_pvt_runqueue_isrunning( &slapd_rq, rtask )) {
983 ldap_pvt_runqueue_stoptask( &slapd_rq, rtask );
987 connection_client_stop( s );
990 if ( rc == LDAP_SUCCESS ) {
991 if ( si->si_type == LDAP_SYNC_REFRESH_ONLY ) {
994 rtask->interval.tv_sec = si->si_interval;
995 ldap_pvt_runqueue_resched( &slapd_rq, rtask, defer );
996 if ( si->si_retrynum ) {
997 for ( i = 0; si->si_retrynum_init[i] != -2; i++ ) {
998 si->si_retrynum[i] = si->si_retrynum_init[i];
1000 si->si_retrynum[i] = -2;
1003 for ( i = 0; si->si_retrynum && si->si_retrynum[i] <= 0; i++ ) {
1004 if ( si->si_retrynum[i] == -1 || si->si_retrynum[i] == -2 )
1008 if ( !si->si_retrynum || si->si_retrynum[i] == -2 ) {
1009 ldap_pvt_runqueue_remove( &slapd_rq, rtask );
1010 } else if ( si->si_retrynum[i] >= -1 ) {
1011 if ( si->si_retrynum[i] > 0 )
1012 si->si_retrynum[i]--;
1013 rtask->interval.tv_sec = si->si_retryinterval[i];
1014 ldap_pvt_runqueue_resched( &slapd_rq, rtask, 0 );
1015 slap_wake_listener();
1019 ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex );
1020 ldap_pvt_thread_mutex_unlock( &si->si_mutex );
1026 syncrepl_message_to_entry(
1030 Modifications **modlist,
1036 BerElement *ber = NULL;
1039 Modifications **modtail = modlist;
1042 char txtbuf[SLAP_TEXT_BUFLEN];
1043 size_t textlen = sizeof txtbuf;
1045 struct berval bdn = {0, NULL}, dn, ndn;
1050 if ( ldap_msgtype( msg ) != LDAP_RES_SEARCH_ENTRY ) {
1051 Debug( LDAP_DEBUG_ANY,
1052 "Message type should be entry (%d)", ldap_msgtype( msg ), 0, 0 );
1056 op->o_tag = LDAP_REQ_ADD;
1058 rc = ldap_get_dn_ber( si->si_ld, msg, &ber, &bdn );
1060 if ( rc != LDAP_SUCCESS ) {
1061 Debug( LDAP_DEBUG_ANY,
1062 "syncrepl_message_to_entry : dn get failed (%d)", rc, 0, 0 );
1066 dnPrettyNormal( NULL, &bdn, &dn, &ndn, op->o_tmpmemctx );
1067 ber_dupbv( &op->o_req_dn, &dn );
1068 ber_dupbv( &op->o_req_ndn, &ndn );
1069 slap_sl_free( ndn.bv_val, op->o_tmpmemctx );
1070 slap_sl_free( dn.bv_val, op->o_tmpmemctx );
1072 if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) {
1075 return LDAP_SUCCESS;
1078 if ( entry == NULL ) {
1082 e = ( Entry * ) ch_calloc( 1, sizeof( Entry ) );
1084 e->e_name = op->o_req_dn;
1085 e->e_nname = op->o_req_ndn;
1087 while ( ber_remaining( ber ) ) {
1088 if ( (ber_scanf( ber, "{mW}", &tmp.sml_type, &tmp.sml_values ) ==
1089 LBER_ERROR ) || BER_BVISNULL( &tmp.sml_type ) )
1094 mod = (Modifications *) ch_malloc( sizeof( Modifications ));
1096 mod->sml_op = LDAP_MOD_REPLACE;
1098 mod->sml_next = NULL;
1099 mod->sml_desc = NULL;
1100 mod->sml_type = tmp.sml_type;
1101 mod->sml_values = tmp.sml_values;
1102 mod->sml_nvalues = NULL;
1105 modtail = &mod->sml_next;
1108 if ( *modlist == NULL ) {
1109 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: no attributes\n",
1115 rc = slap_mods_check( *modlist, &text, txtbuf, textlen, NULL );
1117 if ( rc != LDAP_SUCCESS ) {
1118 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods check (%s)\n",
1123 /* Strip out dynamically generated attrs */
1124 for ( modtail = modlist; *modtail ; ) {
1126 if ( mod->sml_desc->ad_type->sat_flags & SLAP_AT_DYNAMIC ) {
1127 *modtail = mod->sml_next;
1128 slap_mod_free( &mod->sml_mod, 0 );
1131 modtail = &mod->sml_next;
1135 /* Strip out attrs in exattrs list */
1136 for ( modtail = modlist; *modtail ; ) {
1138 if ( ldap_charray_inlist( si->si_exattrs,
1139 mod->sml_desc->ad_type->sat_cname.bv_val )) {
1140 *modtail = mod->sml_next;
1141 slap_mod_free( &mod->sml_mod, 0 );
1144 modtail = &mod->sml_next;
1148 rc = slap_mods2entry( *modlist, &e, 1, 1, &text, txtbuf, textlen);
1149 if( rc != LDAP_SUCCESS ) {
1150 Debug( LDAP_DEBUG_ANY, "syncrepl_message_to_entry: mods2entry (%s)\n",
1155 ber_free ( ber, 0 );
1156 if ( rc != LDAP_SUCCESS ) {
1166 static struct berval generic_filterstr = BER_BVC("(objectclass=*)");
1168 /* During a refresh, we may get an LDAP_SYNC_ADD for an already existing
1169 * entry if a previous refresh was interrupted before sending us a new
1170 * context state. We try to compare the new entry to the existing entry
1171 * and ignore the new entry if they are the same.
1173 * Also, we may get an update where the entryDN has changed, due to
1174 * a ModDn on the provider. We detect this as well, so we can issue
1175 * the corresponding operation locally.
1177 * In the case of a modify, we get a list of all the attributes
1178 * in the original entry. Rather than deleting the entry and re-adding it,
1179 * we issue a Modify request that deletes all the attributes and adds all
1180 * the new ones. This avoids the issue of trying to delete/add a non-leaf
1183 * We don't try to otherwise distinguish ModDN from Modify; in the case of
1184 * a ModDN we will issue both operations on the local database.
1186 typedef struct dninfo {
1190 int renamed; /* Was an existing entry renamed? */
1191 int wasChanged; /* are the attributes changed? */
1192 int attrs; /* how many attribute types are in the ads list */
1193 AttributeDescription **ads;
1201 Modifications** modlist,
1203 struct berval* syncUUID,
1204 struct sync_cookie* syncCookie_req,
1205 struct berval* syncCSN )
1207 Backend *be = op->o_bd;
1208 slap_callback cb = { NULL, NULL, NULL, NULL };
1209 struct berval *syncuuid_bv = NULL;
1210 struct berval syncUUID_strrep = BER_BVNULL;
1211 struct berval uuid_bv = BER_BVNULL;
1213 SlapReply rs_search = {REP_RESULT};
1214 SlapReply rs_delete = {REP_RESULT};
1215 SlapReply rs_add = {REP_RESULT};
1216 SlapReply rs_modify = {REP_RESULT};
1218 #ifdef LDAP_COMP_MATCH
1219 AttributeAssertion ava = { NULL, BER_BVNULL, NULL };
1221 AttributeAssertion ava = { NULL, BER_BVNULL };
1223 int rc = LDAP_SUCCESS;
1224 int ret = LDAP_SUCCESS;
1226 struct berval pdn = BER_BVNULL;
1230 switch( syncstate ) {
1231 case LDAP_SYNC_PRESENT:
1232 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1234 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_PRESENT)", 0 );
1237 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1239 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)", 0 );
1241 case LDAP_SYNC_DELETE:
1242 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1244 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_DELETE)", 0 );
1246 case LDAP_SYNC_MODIFY:
1247 Debug( LDAP_DEBUG_SYNC, "%s: %s\n",
1249 "LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)", 0 );
1252 Debug( LDAP_DEBUG_ANY, "%s: %s\n",
1254 "LDAP_RES_SEARCH_ENTRY(UNKNOWN syncstate)", 0 );
1257 if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
1258 if ( !si->si_refreshPresent ) {
1259 syncuuid_bv = ber_dupbv( NULL, syncUUID );
1260 avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv,
1261 syncuuid_cmp, avl_dup_error );
1265 if ( syncstate == LDAP_SYNC_PRESENT ) {
1267 } else if ( syncstate != LDAP_SYNC_DELETE ) {
1268 if ( entry == NULL ) {
1273 f.f_choice = LDAP_FILTER_EQUALITY;
1275 ava.aa_desc = slap_schema.si_ad_entryUUID;
1276 (void)slap_uuidstr_from_normalized( &syncUUID_strrep, syncUUID, op->o_tmpmemctx );
1277 ava.aa_value = *syncUUID;
1278 op->ors_filter = &f;
1280 op->ors_filterstr.bv_len = STRLENOF( "(entryUUID=)" ) + syncUUID->bv_len;
1281 op->ors_filterstr.bv_val = (char *) slap_sl_malloc(
1282 op->ors_filterstr.bv_len + 1, op->o_tmpmemctx );
1283 AC_MEMCPY( op->ors_filterstr.bv_val, "(entryUUID=", STRLENOF( "(entryUUID=" ) );
1284 AC_MEMCPY( &op->ors_filterstr.bv_val[STRLENOF( "(entryUUID=" )],
1285 syncUUID->bv_val, syncUUID->bv_len );
1286 op->ors_filterstr.bv_val[op->ors_filterstr.bv_len - 1] = ')';
1287 op->ors_filterstr.bv_val[op->ors_filterstr.bv_len] = '\0';
1289 op->o_tag = LDAP_REQ_SEARCH;
1290 op->ors_scope = LDAP_SCOPE_SUBTREE;
1291 op->ors_deref = LDAP_DEREF_NEVER;
1293 /* get the entry for this UUID */
1294 op->o_req_dn = si->si_base;
1295 op->o_req_ndn = si->si_base;
1297 op->o_time = slap_get_time();
1298 op->ors_tlimit = SLAP_NO_LIMIT;
1301 op->ors_attrs = slap_anlist_all_attributes;
1302 op->ors_attrsonly = 0;
1304 /* set callback function */
1305 op->o_callback = &cb;
1306 cb.sc_response = dn_callback;
1307 cb.sc_private = &dni;
1308 dni.new_entry = entry;
1310 if ( limits_check( op, &rs_search ) == 0 ) {
1311 rc = be->be_search( op, &rs_search );
1312 Debug( LDAP_DEBUG_SYNC,
1313 "syncrepl_entry: %s (%d)\n",
1314 "be_search", rc, 0 );
1317 if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
1318 slap_sl_free( op->ors_filterstr.bv_val, op->o_tmpmemctx );
1321 cb.sc_response = null_callback;
1324 if ( entry && !BER_BVISNULL( &entry->e_name ) ) {
1325 Debug( LDAP_DEBUG_SYNC,
1326 "syncrepl_entry: %s\n",
1327 entry->e_name.bv_val, 0, 0 );
1329 Debug( LDAP_DEBUG_SYNC,
1330 "syncrepl_entry: %s\n",
1331 dni.dn.bv_val ? dni.dn.bv_val : "(null)", 0, 0 );
1334 if ( syncstate != LDAP_SYNC_DELETE ) {
1335 Attribute *a = attr_find( entry->e_attrs, slap_schema.si_ad_entryUUID );
1338 /* add if missing */
1339 attr_merge_one( entry, slap_schema.si_ad_entryUUID,
1340 &syncUUID_strrep, syncUUID );
1342 } else if ( !bvmatch( &a->a_nvals[0], syncUUID ) ) {
1343 /* replace only if necessary */
1344 if ( a->a_nvals != a->a_vals ) {
1345 ber_memfree( a->a_nvals[0].bv_val );
1346 ber_dupbv( &a->a_nvals[0], syncUUID );
1348 ber_memfree( a->a_vals[0].bv_val );
1349 ber_dupbv( &a->a_vals[0], &syncUUID_strrep );
1353 switch ( syncstate ) {
1355 case LDAP_SYNC_MODIFY:
1357 if ( BER_BVISNULL( &dni.dn )) {
1359 op->o_req_dn = entry->e_name;
1360 op->o_req_ndn = entry->e_nname;
1361 op->o_tag = LDAP_REQ_ADD;
1364 rc = be->be_add( op, &rs_add );
1365 Debug( LDAP_DEBUG_SYNC,
1366 "syncrepl_entry: %s (%d)\n",
1368 switch ( rs_add.sr_err ) {
1370 be_entry_release_w( op, entry );
1375 /* we assume that LDAP_NO_SUCH_OBJECT is returned
1376 * only if the suffix entry is not present */
1377 case LDAP_NO_SUCH_OBJECT:
1378 syncrepl_add_glue( op, entry );
1382 /* if an entry was added via syncrepl_add_glue(),
1383 * it likely has no entryUUID, so the previous
1384 * be_search() doesn't find it. In this case,
1385 * give syncrepl a chance to modify it. Also
1386 * allow for entries that were recreated with the
1387 * same DN but a different entryUUID.
1389 case LDAP_ALREADY_EXISTS:
1391 Operation op2 = *op;
1392 SlapReply rs2 = { 0 };
1393 slap_callback cb2 = { 0 };
1395 op2.o_tag = LDAP_REQ_SEARCH;
1396 op2.o_req_dn = entry->e_name;
1397 op2.o_req_ndn = entry->e_nname;
1398 op2.ors_scope = LDAP_SCOPE_BASE;
1399 op2.ors_deref = LDAP_DEREF_NEVER;
1400 op2.ors_attrs = slap_anlist_all_attributes;
1401 op2.ors_attrsonly = 0;
1402 op2.ors_limit = NULL;
1404 op2.ors_tlimit = SLAP_NO_LIMIT;
1406 f.f_choice = LDAP_FILTER_PRESENT;
1407 f.f_desc = slap_schema.si_ad_objectClass;
1408 op2.ors_filter = &f;
1409 op2.ors_filterstr = generic_filterstr;
1411 op2.o_callback = &cb2;
1412 cb2.sc_response = dn_callback;
1413 cb2.sc_private = &dni;
1415 be->be_search( &op2, &rs2 );
1423 Debug( LDAP_DEBUG_ANY,
1424 "syncrepl_entry : be_add failed (%d)\n",
1425 rs_add.sr_err, 0, 0 );
1432 op->o_req_dn = dni.dn;
1433 op->o_req_ndn = dni.ndn;
1434 if ( dni.renamed ) {
1435 struct berval noldp, newp, nnewp;
1437 op->o_tag = LDAP_REQ_MODRDN;
1438 dnRdn( &entry->e_name, &op->orr_newrdn );
1439 dnRdn( &entry->e_nname, &op->orr_nnewrdn );
1441 dnParent( &dni.ndn, &noldp );
1442 dnParent( &entry->e_nname, &nnewp );
1443 if ( !dn_match( &noldp, &newp )) {
1444 dnParent( &entry->e_name, &newp );
1445 op->orr_newSup = &newp;
1446 op->orr_nnewSup = &nnewp;
1448 op->orr_deleteoldrdn = 0;
1449 rc = be->be_modrdn( op, &rs_modify );
1450 Debug( LDAP_DEBUG_SYNC,
1451 "syncrepl_entry: %s (%d)\n",
1452 "be_modrdn", rc, 0 );
1453 if ( rs_modify.sr_err == LDAP_SUCCESS ) {
1454 op->o_req_dn = entry->e_name;
1455 op->o_req_ndn = entry->e_nname;
1461 if ( dni.wasChanged ) {
1462 Modifications *mod, *modhead = NULL;
1463 Modifications *modtail = NULL;
1466 op->o_tag = LDAP_REQ_MODIFY;
1468 assert( *modlist != NULL );
1470 /* Delete all the old attrs */
1471 for ( i = 0; i < dni.attrs; i++ ) {
1472 mod = ch_malloc( sizeof( Modifications ) );
1473 mod->sml_op = LDAP_MOD_DELETE;
1475 mod->sml_desc = dni.ads[i];
1476 mod->sml_type = mod->sml_desc->ad_cname;
1477 mod->sml_values = NULL;
1478 mod->sml_nvalues = NULL;
1479 if ( !modhead ) modhead = mod;
1481 modtail->sml_next = mod;
1486 /* Append passed in list to ours */
1488 modtail->sml_next = *modlist;
1494 /* Find end of this list */
1495 for ( ; mod != NULL; mod = mod->sml_next ) {
1499 mod = (Modifications *)ch_calloc(1, sizeof(Modifications));
1500 mod->sml_op = LDAP_MOD_REPLACE;
1502 mod->sml_desc = slap_schema.si_ad_entryUUID;
1503 mod->sml_type = mod->sml_desc->ad_cname;
1504 ber_dupbv( &uuid_bv, &syncUUID_strrep );
1505 ber_bvarray_add( &mod->sml_values, &uuid_bv );
1506 ber_dupbv( &uuid_bv, syncUUID );
1507 ber_bvarray_add( &mod->sml_nvalues, &uuid_bv );
1508 modtail->sml_next = mod;
1510 op->o_tag = LDAP_REQ_MODIFY;
1511 op->orm_modlist = *modlist;
1513 rc = be->be_modify( op, &rs_modify );
1514 Debug( LDAP_DEBUG_SYNC,
1515 "syncrepl_entry: %s (%d)\n",
1516 "be_modify", rc, 0 );
1517 if ( rs_modify.sr_err != LDAP_SUCCESS ) {
1518 Debug( LDAP_DEBUG_ANY,
1519 "syncrepl_entry : be_modify failed (%d)\n",
1520 rs_modify.sr_err, 0, 0 );
1525 case LDAP_SYNC_DELETE :
1526 if ( !BER_BVISNULL( &dni.dn )) {
1527 op->o_req_dn = dni.dn;
1528 op->o_req_ndn = dni.ndn;
1529 op->o_tag = LDAP_REQ_DELETE;
1530 rc = be->be_delete( op, &rs_delete );
1531 Debug( LDAP_DEBUG_SYNC,
1532 "syncrepl_entry: %s (%d)\n",
1533 "be_delete", rc, 0 );
1535 while ( rs_delete.sr_err == LDAP_SUCCESS
1536 && op->o_delete_glue_parent ) {
1537 op->o_delete_glue_parent = 0;
1538 if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
1539 slap_callback cb = { NULL };
1540 cb.sc_response = slap_null_cb;
1541 dnParent( &op->o_req_ndn, &pdn );
1543 op->o_req_ndn = pdn;
1544 op->o_callback = &cb;
1545 op->o_bd->be_delete( op, &rs_delete );
1555 Debug( LDAP_DEBUG_ANY,
1556 "syncrepl_entry : unknown syncstate\n", 0, 0, 0 );
1562 if ( !BER_BVISNULL( &syncUUID_strrep ) ) {
1563 slap_sl_free( syncUUID_strrep.bv_val, op->o_tmpmemctx );
1564 BER_BVZERO( &syncUUID_strrep );
1567 op->o_tmpfree( dni.ads, op->o_tmpmemctx );
1569 if ( !BER_BVISNULL( &dni.ndn ) ) {
1570 op->o_tmpfree( dni.ndn.bv_val, op->o_tmpmemctx );
1572 if ( !BER_BVISNULL( &dni.dn ) ) {
1573 op->o_tmpfree( dni.dn.bv_val, op->o_tmpmemctx );
1578 static struct berval gcbva[] = {
1584 #define NP_DELETE_ONE 2
1587 syncrepl_del_nonpresent(
1592 Backend* be = op->o_bd;
1593 slap_callback cb = { NULL };
1594 SlapReply rs_search = {REP_RESULT};
1595 SlapReply rs_delete = {REP_RESULT};
1596 SlapReply rs_modify = {REP_RESULT};
1597 struct nonpresent_entry *np_list, *np_prev;
1599 AttributeName an[2];
1601 struct berval pdn = BER_BVNULL;
1603 op->o_req_dn = si->si_base;
1604 op->o_req_ndn = si->si_base;
1606 cb.sc_response = nonpresent_callback;
1609 op->o_callback = &cb;
1610 op->o_tag = LDAP_REQ_SEARCH;
1611 op->ors_scope = si->si_scope;
1612 op->ors_deref = LDAP_DEREF_NEVER;
1613 op->o_time = slap_get_time();
1614 op->ors_tlimit = SLAP_NO_LIMIT;
1619 #ifdef LDAP_COMP_MATCH
1620 AttributeAssertion eq = { NULL, BER_BVNULL, NULL };
1622 AttributeAssertion eq = { NULL, BER_BVNULL };
1626 op->ors_attrsonly = 1;
1627 op->ors_attrs = slap_anlist_no_attrs;
1628 op->ors_limit = NULL;
1629 op->ors_filter = &uf;
1632 uf.f_av_desc = slap_schema.si_ad_entryUUID;
1634 uf.f_choice = LDAP_FILTER_EQUALITY;
1635 si->si_refreshDelete |= NP_DELETE_ONE;
1637 for (i=0; uuids[i].bv_val; i++) {
1639 uf.f_av_value = uuids[i];
1640 rc = be->be_search( op, &rs_search );
1642 si->si_refreshDelete ^= NP_DELETE_ONE;
1644 memset( &an[0], 0, 2 * sizeof( AttributeName ) );
1645 an[0].an_name = slap_schema.si_ad_entryUUID->ad_cname;
1646 an[0].an_desc = slap_schema.si_ad_entryUUID;
1648 op->ors_slimit = SLAP_NO_LIMIT;
1649 op->ors_attrsonly = 0;
1650 op->ors_filter = str2filter_x( op, si->si_filterstr.bv_val );
1651 op->ors_filterstr = si->si_filterstr;
1652 op->o_nocaching = 1;
1654 if ( limits_check( op, &rs_search ) == 0 ) {
1655 rc = be->be_search( op, &rs_search );
1657 if ( op->ors_filter ) filter_free_x( op, op->ors_filter );
1660 op->o_nocaching = 0;
1662 if ( !LDAP_LIST_EMPTY( &si->si_nonpresentlist ) ) {
1664 slap_queue_csn( op, &si->si_syncCookie.ctxcsn );
1666 np_list = LDAP_LIST_FIRST( &si->si_nonpresentlist );
1667 while ( np_list != NULL ) {
1668 LDAP_LIST_REMOVE( np_list, npe_link );
1670 np_list = LDAP_LIST_NEXT( np_list, npe_link );
1671 op->o_tag = LDAP_REQ_DELETE;
1672 op->o_callback = &cb;
1673 cb.sc_response = null_callback;
1675 op->o_req_dn = *np_prev->npe_name;
1676 op->o_req_ndn = *np_prev->npe_nname;
1677 rc = op->o_bd->be_delete( op, &rs_delete );
1679 if ( rs_delete.sr_err == LDAP_NOT_ALLOWED_ON_NONLEAF ) {
1680 Modifications mod1, mod2;
1681 mod1.sml_op = LDAP_MOD_REPLACE;
1683 mod1.sml_desc = slap_schema.si_ad_objectClass;
1684 mod1.sml_type = mod1.sml_desc->ad_cname;
1685 mod1.sml_values = &gcbva[0];
1686 mod1.sml_nvalues = NULL;
1687 mod1.sml_next = &mod2;
1689 mod2.sml_op = LDAP_MOD_REPLACE;
1691 mod2.sml_desc = slap_schema.si_ad_structuralObjectClass;
1692 mod2.sml_type = mod2.sml_desc->ad_cname;
1693 mod2.sml_values = &gcbva[1];
1694 mod2.sml_nvalues = NULL;
1695 mod2.sml_next = NULL;
1697 op->o_tag = LDAP_REQ_MODIFY;
1698 op->orm_modlist = &mod1;
1700 rc = be->be_modify( op, &rs_modify );
1703 while ( rs_delete.sr_err == LDAP_SUCCESS &&
1704 op->o_delete_glue_parent ) {
1705 op->o_delete_glue_parent = 0;
1706 if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
1707 slap_callback cb = { NULL };
1708 cb.sc_response = slap_null_cb;
1709 dnParent( &op->o_req_ndn, &pdn );
1711 op->o_req_ndn = pdn;
1712 op->o_callback = &cb;
1713 /* give it a root privil ? */
1714 op->o_bd->be_delete( op, &rs_delete );
1720 op->o_delete_glue_parent = 0;
1722 ber_bvfree( np_prev->npe_name );
1723 ber_bvfree( np_prev->npe_nname );
1727 slap_graduate_commit_csn( op );
1738 Backend *be = op->o_bd;
1739 slap_callback cb = { NULL };
1744 struct berval dn = {0, NULL};
1745 struct berval ndn = {0, NULL};
1747 SlapReply rs_add = {REP_RESULT};
1750 op->o_tag = LDAP_REQ_ADD;
1751 op->o_callback = &cb;
1752 cb.sc_response = null_callback;
1753 cb.sc_private = NULL;
1758 /* count RDNs in suffix */
1759 if ( !BER_BVISEMPTY( &be->be_nsuffix[0] ) ) {
1760 for ( i = 0, ptr = be->be_nsuffix[0].bv_val; ptr; ptr = strchr( ptr, ',' ) ) {
1770 /* Start with BE suffix */
1771 for ( i = 0, ptr = NULL; i < suffrdns; i++ ) {
1772 comma = strrchr( dn.bv_val, ',' );
1773 if ( ptr ) *ptr = ',';
1774 if ( comma ) *comma = '\0';
1779 dn.bv_len -= ptr - dn.bv_val;
1782 /* the normalizedDNs are always the same length, no counting
1785 if ( ndn.bv_len > be->be_nsuffix[0].bv_len ) {
1786 ndn.bv_val += ndn.bv_len - be->be_nsuffix[0].bv_len;
1787 ndn.bv_len = be->be_nsuffix[0].bv_len;
1790 while ( ndn.bv_val > e->e_nname.bv_val ) {
1791 glue = (Entry *) ch_calloc( 1, sizeof(Entry) );
1792 ber_dupbv( &glue->e_name, &dn );
1793 ber_dupbv( &glue->e_nname, &ndn );
1795 a = ch_calloc( 1, sizeof( Attribute ));
1796 a->a_desc = slap_schema.si_ad_objectClass;
1798 a->a_vals = ch_calloc( 3, sizeof( struct berval ));
1799 ber_dupbv( &a->a_vals[0], &gcbva[0] );
1800 ber_dupbv( &a->a_vals[1], &gcbva[1] );
1801 ber_dupbv( &a->a_vals[2], &gcbva[2] );
1803 a->a_nvals = a->a_vals;
1805 a->a_next = glue->e_attrs;
1808 a = ch_calloc( 1, sizeof( Attribute ));
1809 a->a_desc = slap_schema.si_ad_structuralObjectClass;
1811 a->a_vals = ch_calloc( 2, sizeof( struct berval ));
1812 ber_dupbv( &a->a_vals[0], &gcbva[1] );
1813 ber_dupbv( &a->a_vals[1], &gcbva[2] );
1815 a->a_nvals = a->a_vals;
1817 a->a_next = glue->e_attrs;
1820 op->o_req_dn = glue->e_name;
1821 op->o_req_ndn = glue->e_nname;
1823 rc = be->be_add ( op, &rs_add );
1824 if ( rs_add.sr_err == LDAP_SUCCESS ) {
1825 be_entry_release_w( op, glue );
1827 /* incl. ALREADY EXIST */
1831 /* Move to next child */
1832 for (ptr = dn.bv_val-2; ptr > e->e_name.bv_val && *ptr != ','; ptr--) {
1835 if ( ptr == e->e_name.bv_val ) break;
1837 dn.bv_len = e->e_name.bv_len - (ptr-e->e_name.bv_val);
1838 for( ptr = ndn.bv_val-2;
1839 ptr > e->e_nname.bv_val && *ptr != ',';
1845 ndn.bv_len = e->e_nname.bv_len - (ptr-e->e_nname.bv_val);
1848 op->o_req_dn = e->e_name;
1849 op->o_req_ndn = e->e_nname;
1851 rc = be->be_add ( op, &rs_add );
1852 if ( rs_add.sr_err == LDAP_SUCCESS ) {
1853 be_entry_release_w( op, e );
1862 syncrepl_updateCookie(
1866 struct sync_cookie *syncCookie )
1868 Backend *be = op->o_bd;
1869 Modifications mod = {0};
1870 struct berval vals[2];
1874 slap_callback cb = { NULL };
1875 SlapReply rs_modify = {REP_RESULT};
1877 slap_sync_cookie_free( &si->si_syncCookie, 0 );
1878 slap_dup_sync_cookie( &si->si_syncCookie, syncCookie );
1880 mod.sml_op = LDAP_MOD_REPLACE;
1881 mod.sml_desc = slap_schema.si_ad_contextCSN;
1882 mod.sml_type = mod.sml_desc->ad_cname;
1883 mod.sml_values = vals;
1884 vals[0] = si->si_syncCookie.ctxcsn;
1885 vals[1].bv_val = NULL;
1888 slap_queue_csn( op, &si->si_syncCookie.ctxcsn );
1890 op->o_tag = LDAP_REQ_MODIFY;
1892 assert( si->si_rid < 1000 );
1894 cb.sc_response = null_callback;
1897 op->o_callback = &cb;
1898 op->o_req_dn = op->o_bd->be_suffix[0];
1899 op->o_req_ndn = op->o_bd->be_nsuffix[0];
1901 /* update contextCSN */
1902 op->o_msgid = SLAP_SYNC_UPDATE_MSGID;
1903 op->orm_modlist = &mod;
1904 rc = be->be_modify( op, &rs_modify );
1907 if ( rs_modify.sr_err != LDAP_SUCCESS ) {
1908 Debug( LDAP_DEBUG_ANY,
1909 "be_modify failed (%d)\n", rs_modify.sr_err, 0, 0 );
1912 slap_graduate_commit_csn( op );
1922 dninfo *dni = op->o_callback->sc_private;
1924 if ( rs->sr_type == REP_SEARCH ) {
1925 if ( !BER_BVISNULL( &dni->dn ) ) {
1926 Debug( LDAP_DEBUG_ANY,
1927 "dn_callback : consistency error - "
1928 "entryUUID is not unique\n", 0, 0, 0 );
1930 ber_dupbv_x( &dni->dn, &rs->sr_entry->e_name, op->o_tmpmemctx );
1931 ber_dupbv_x( &dni->ndn, &rs->sr_entry->e_nname, op->o_tmpmemctx );
1932 /* If there is a new entry, see if it differs from the old.
1933 * We compare the non-normalized values so that cosmetic changes
1934 * in the provider are always propagated.
1936 if ( dni->new_entry ) {
1937 Attribute *old, *new;
1940 /* Did the DN change? Note that we don't explicitly try to
1941 * discover if the deleteOldRdn argument applies here. It
1942 * would save an unnecessary Modify if we detected it, but
1943 * that's a fair amount of trouble to compare the two attr
1946 if ( !dn_match( &rs->sr_entry->e_name,
1947 &dni->new_entry->e_name ) )
1952 for ( i = 0, old = rs->sr_entry->e_attrs;
1954 i++, old = old->a_next )
1959 /* We assume that attributes are saved in the same order
1960 * in the remote and local databases. So if we walk through
1961 * the attributeDescriptions one by one they should match in
1962 * lock step. If not, we signal a change. Otherwise we test
1965 for ( old = rs->sr_entry->e_attrs, new = dni->new_entry->e_attrs;
1967 old = old->a_next, new = new->a_next )
1969 if ( old->a_desc != new->a_desc ) {
1970 dni->wasChanged = 1;
1973 for ( i = 0; ; i++ ) {
1975 nold = BER_BVISNULL( &old->a_vals[i] );
1976 nnew = BER_BVISNULL( &new->a_vals[i] );
1977 /* If both are empty, stop looking */
1978 if ( nold && nnew ) {
1981 /* If they are different, stop looking */
1982 if ( nold != nnew ) {
1983 dni->wasChanged = 1;
1986 if ( ber_bvcmp( &old->a_vals[i], &new->a_vals[i] )) {
1987 dni->wasChanged = 1;
1991 if ( dni->wasChanged ) break;
1993 if ( dni->wasChanged ) {
1994 dni->ads = op->o_tmpalloc( dni->attrs *
1995 sizeof(AttributeDescription *), op->o_tmpmemctx );
1997 for ( old = rs->sr_entry->e_attrs; old; old = old->a_next ) {
1998 dni->ads[i] = old->a_desc;
2004 } else if ( rs->sr_type == REP_RESULT ) {
2005 if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) {
2006 Debug( LDAP_DEBUG_ANY,
2007 "dn_callback : consistency error - "
2008 "entryUUID is not unique\n", 0, 0, 0 );
2012 return LDAP_SUCCESS;
2016 nonpresent_callback(
2020 syncinfo_t *si = op->o_callback->sc_private;
2023 struct berval* present_uuid = NULL;
2024 struct nonpresent_entry *np_entry;
2026 if ( rs->sr_type == REP_RESULT ) {
2027 count = avl_free( si->si_presentlist, avl_ber_bvfree );
2028 si->si_presentlist = NULL;
2030 } else if ( rs->sr_type == REP_SEARCH ) {
2031 if ( !(si->si_refreshDelete & NP_DELETE_ONE )) {
2032 a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryUUID );
2034 if ( a == NULL ) return 0;
2036 present_uuid = avl_find( si->si_presentlist, &a->a_nvals[0],
2040 if ( present_uuid == NULL ) {
2041 np_entry = (struct nonpresent_entry *)
2042 ch_calloc( 1, sizeof( struct nonpresent_entry ));
2043 np_entry->npe_name = ber_dupbv( NULL, &rs->sr_entry->e_name );
2044 np_entry->npe_nname = ber_dupbv( NULL, &rs->sr_entry->e_nname );
2045 LDAP_LIST_INSERT_HEAD( &si->si_nonpresentlist, np_entry, npe_link );
2048 avl_delete( &si->si_presentlist,
2049 &a->a_nvals[0], syncuuid_cmp );
2050 ch_free( present_uuid->bv_val );
2051 ch_free( present_uuid );
2054 return LDAP_SUCCESS;
2062 if ( rs->sr_err != LDAP_SUCCESS &&
2063 rs->sr_err != LDAP_REFERRAL &&
2064 rs->sr_err != LDAP_ALREADY_EXISTS &&
2065 rs->sr_err != LDAP_NO_SUCH_OBJECT &&
2066 rs->sr_err != LDAP_NOT_ALLOWED_ON_NONLEAF )
2068 Debug( LDAP_DEBUG_ANY,
2069 "null_callback : error code 0x%x\n",
2072 return LDAP_SUCCESS;
2075 static struct berval *
2076 slap_uuidstr_from_normalized(
2077 struct berval* uuidstr,
2078 struct berval* normalized,
2082 unsigned char nibble;
2085 if ( normalized == NULL ) return NULL;
2086 if ( normalized->bv_len != 16 ) return NULL;
2091 new = (struct berval *)slap_sl_malloc( sizeof(struct berval), ctx );
2092 if ( new == NULL ) {
2099 if ( ( new->bv_val = slap_sl_malloc( new->bv_len + 1, ctx ) ) == NULL ) {
2100 if ( new != uuidstr ) {
2101 slap_sl_free( new, ctx );
2106 for ( i = 0; i < 16; i++ ) {
2107 if ( i == 4 || i == 6 || i == 8 || i == 10 ) {
2108 new->bv_val[(i<<1)+d] = '-';
2112 nibble = (normalized->bv_val[i] >> 4) & 0xF;
2113 if ( nibble < 10 ) {
2114 new->bv_val[(i<<1)+d] = nibble + '0';
2116 new->bv_val[(i<<1)+d] = nibble - 10 + 'a';
2119 nibble = (normalized->bv_val[i]) & 0xF;
2120 if ( nibble < 10 ) {
2121 new->bv_val[(i<<1)+d+1] = nibble + '0';
2123 new->bv_val[(i<<1)+d+1] = nibble - 10 + 'a';
2127 new->bv_val[new->bv_len] = '\0';
2132 syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 )
2134 const struct berval *uuid1 = v_uuid1;
2135 const struct berval *uuid2 = v_uuid2;
2136 int rc = uuid1->bv_len - uuid2->bv_len;
2137 if ( rc ) return rc;
2138 return ( memcmp( uuid1->bv_val, uuid2->bv_val, uuid1->bv_len ) );
2142 avl_ber_bvfree( void *v_bv )
2144 struct berval *bv = (struct berval *)v_bv;
2146 if( v_bv == NULL ) return;
2147 if ( !BER_BVISNULL( bv ) ) {
2148 ch_free( bv->bv_val );
2150 ch_free( (char *) bv );
2154 syncinfo_free( syncinfo_t *sie )
2156 ldap_pvt_thread_mutex_destroy( &sie->si_mutex );
2157 if ( !BER_BVISNULL( &sie->si_provideruri ) ) {
2158 ch_free( sie->si_provideruri.bv_val );
2161 bindconf_free( &sie->si_bindconf );
2163 if ( sie->si_filterstr.bv_val ) {
2164 ch_free( sie->si_filterstr.bv_val );
2166 if ( sie->si_base.bv_val ) {
2167 ch_free( sie->si_base.bv_val );
2169 if ( sie->si_attrs ) {
2171 while ( sie->si_attrs[i] != NULL ) {
2172 ch_free( sie->si_attrs[i] );
2175 ch_free( sie->si_attrs );
2177 if ( sie->si_exattrs ) {
2179 while ( sie->si_exattrs[i] != NULL ) {
2180 ch_free( sie->si_exattrs[i] );
2183 ch_free( sie->si_exattrs );
2185 if ( sie->si_anlist ) {
2187 while ( sie->si_anlist[i].an_name.bv_val != NULL ) {
2188 ch_free( sie->si_anlist[i].an_name.bv_val );
2191 ch_free( sie->si_anlist );
2193 if ( sie->si_exanlist ) {
2195 while ( sie->si_exanlist[i].an_name.bv_val != NULL ) {
2196 ch_free( sie->si_exanlist[i].an_name.bv_val );
2199 ch_free( sie->si_exanlist );
2201 if ( sie->si_retryinterval ) {
2202 ch_free( sie->si_retryinterval );
2204 if ( sie->si_retrynum ) {
2205 ch_free( sie->si_retrynum );
2207 if ( sie->si_retrynum_init ) {
2208 ch_free( sie->si_retrynum_init );
2210 slap_sync_cookie_free( &sie->si_syncCookie, 0 );
2211 if ( sie->si_presentlist ) {
2212 avl_free( sie->si_presentlist, avl_ber_bvfree );
2215 ldap_ld_free( sie->si_ld, 1, NULL, NULL );
2217 while ( !LDAP_LIST_EMPTY( &sie->si_nonpresentlist )) {
2218 struct nonpresent_entry* npe;
2219 npe = LDAP_LIST_FIRST( &sie->si_nonpresentlist );
2220 LDAP_LIST_REMOVE( npe, npe_link );
2221 if ( npe->npe_name ) {
2222 if ( npe->npe_name->bv_val ) {
2223 ch_free( npe->npe_name->bv_val );
2225 ch_free( npe->npe_name );
2227 if ( npe->npe_nname ) {
2228 if ( npe->npe_nname->bv_val ) {
2229 ch_free( npe->npe_nname->bv_val );
2231 ch_free( npe->npe_nname );
2240 /* NOTE: used & documented in slapd.conf(5) */
2242 #define PROVIDERSTR "provider"
2243 #define SCHEMASTR "schemachecking"
2244 #define FILTERSTR "filter"
2245 #define SEARCHBASESTR "searchbase"
2246 #define SCOPESTR "scope"
2247 #define ATTRSONLYSTR "attrsonly"
2248 #define ATTRSSTR "attrs"
2249 #define TYPESTR "type"
2250 #define INTERVALSTR "interval"
2251 #define RETRYSTR "retry"
2252 #define SLIMITSTR "sizelimit"
2253 #define TLIMITSTR "timelimit"
2255 /* FIXME: undocumented */
2256 #define OLDAUTHCSTR "bindprincipal"
2257 #define EXATTRSSTR "exattrs"
2258 #define MANAGEDSAITSTR "manageDSAit"
2261 #define LASTMODSTR "lastmod"
2262 #define LMGENSTR "gen"
2263 #define LMNOSTR "no"
2264 #define LMREQSTR "req"
2265 #define SRVTABSTR "srvtab"
2266 #define SUFFIXSTR "suffix"
2269 #define GOT_ID 0x0001
2270 #define GOT_PROVIDER 0x0002
2273 #define GOT_ALL (GOT_ID|GOT_PROVIDER)
2279 { BER_BVC("base"), LDAP_SCOPE_BASE },
2280 { BER_BVC("one"), LDAP_SCOPE_ONELEVEL },
2281 { BER_BVC("onelevel"), LDAP_SCOPE_ONELEVEL }, /* OpenLDAP extension */
2282 #ifdef LDAP_SCOPE_SUBORDINATE
2283 { BER_BVC("children"), LDAP_SCOPE_SUBORDINATE },
2284 { BER_BVC("subordinate"), LDAP_SCOPE_SUBORDINATE },
2286 { BER_BVC("sub"), LDAP_SCOPE_SUBTREE },
2287 { BER_BVC("subtree"), LDAP_SCOPE_SUBTREE }, /* OpenLDAP extension */
2292 parse_syncrepl_line(
2302 for ( i = 1; i < cargc; i++ ) {
2303 if ( !strncasecmp( cargv[ i ], IDSTR "=",
2304 STRLENOF( IDSTR "=" ) ) )
2307 /* '\0' string terminator accounts for '=' */
2308 val = cargv[ i ] + STRLENOF( IDSTR "=" );
2310 if ( tmp >= 1000 || tmp < 0 ) {
2311 fprintf( stderr, "Error: parse_syncrepl_line: "
2312 "syncrepl id %d is out of range [0..999]\n", tmp );
2317 } else if ( !strncasecmp( cargv[ i ], PROVIDERSTR "=",
2318 STRLENOF( PROVIDERSTR "=" ) ) )
2320 val = cargv[ i ] + STRLENOF( PROVIDERSTR "=" );
2321 ber_str2bv( val, 0, 1, &si->si_provideruri );
2322 gots |= GOT_PROVIDER;
2323 } else if ( !strncasecmp( cargv[ i ], SCHEMASTR "=",
2324 STRLENOF( SCHEMASTR "=" ) ) )
2326 val = cargv[ i ] + STRLENOF( SCHEMASTR "=" );
2327 if ( !strncasecmp( val, "on", STRLENOF( "on" ) )) {
2328 si->si_schemachecking = 1;
2329 } else if ( !strncasecmp( val, "off", STRLENOF( "off" ) ) ) {
2330 si->si_schemachecking = 0;
2332 si->si_schemachecking = 1;
2334 } else if ( !strncasecmp( cargv[ i ], FILTERSTR "=",
2335 STRLENOF( FILTERSTR "=" ) ) )
2337 val = cargv[ i ] + STRLENOF( FILTERSTR "=" );
2338 ber_str2bv( val, 0, 1, &si->si_filterstr );
2339 } else if ( !strncasecmp( cargv[ i ], SEARCHBASESTR "=",
2340 STRLENOF( SEARCHBASESTR "=" ) ) )
2345 val = cargv[ i ] + STRLENOF( SEARCHBASESTR "=" );
2346 if ( si->si_base.bv_val ) {
2347 ch_free( si->si_base.bv_val );
2349 ber_str2bv( val, 0, 0, &bv );
2350 rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_base, NULL );
2351 if ( rc != LDAP_SUCCESS ) {
2352 fprintf( stderr, "Invalid base DN \"%s\": %d (%s)\n",
2353 val, rc, ldap_err2string( rc ) );
2356 } else if ( !strncasecmp( cargv[ i ], SCOPESTR "=",
2357 STRLENOF( SCOPESTR "=" ) ) )
2360 val = cargv[ i ] + STRLENOF( SCOPESTR "=" );
2361 for ( j=0; !BER_BVISNULL(&scopes[j].key); j++ ) {
2362 if (!strcasecmp( val, scopes[j].key.bv_val )) {
2363 si->si_scope = scopes[j].val;
2367 if ( BER_BVISNULL(&scopes[j].key) ) {
2368 fprintf( stderr, "Error: parse_syncrepl_line: "
2369 "unknown scope \"%s\"\n", val);
2372 } else if ( !strncasecmp( cargv[ i ], ATTRSONLYSTR "=",
2373 STRLENOF( ATTRSONLYSTR "=" ) ) )
2375 si->si_attrsonly = 1;
2376 } else if ( !strncasecmp( cargv[ i ], ATTRSSTR "=",
2377 STRLENOF( ATTRSSTR "=" ) ) )
2379 val = cargv[ i ] + STRLENOF( ATTRSSTR "=" );
2380 if ( !strncasecmp( val, ":include:", STRLENOF(":include:") ) ) {
2382 attr_fname = ch_strdup( val + STRLENOF(":include:") );
2383 si->si_anlist = file2anlist( si->si_anlist, attr_fname, " ,\t" );
2384 if ( si->si_anlist == NULL ) {
2385 ch_free( attr_fname );
2388 si->si_anfile = attr_fname;
2390 char *str, *s, *next;
2391 char delimstr[] = " ,\t";
2392 str = ch_strdup( val );
2393 for ( s = ldap_pvt_strtok( str, delimstr, &next );
2395 s = ldap_pvt_strtok( NULL, delimstr, &next ) )
2397 if ( strlen(s) == 1 && *s == '*' ) {
2398 si->si_allattrs = 1;
2399 *(val + ( s - str )) = delimstr[0];
2401 if ( strlen(s) == 1 && *s == '+' ) {
2402 si->si_allopattrs = 1;
2403 *(val + ( s - str )) = delimstr[0];
2407 si->si_anlist = str2anlist( si->si_anlist, val, " ,\t" );
2408 if ( si->si_anlist == NULL ) {
2412 } else if ( !strncasecmp( cargv[ i ], EXATTRSSTR "=",
2413 STRLENOF( EXATTRSSTR "=" ) ) )
2415 val = cargv[ i ] + STRLENOF( EXATTRSSTR "=" );
2416 if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) {
2418 attr_fname = ch_strdup( val + STRLENOF(":include:") );
2419 si->si_exanlist = file2anlist(
2420 si->si_exanlist, attr_fname, " ,\t" );
2421 if ( si->si_exanlist == NULL ) {
2422 ch_free( attr_fname );
2425 ch_free( attr_fname );
2427 si->si_exanlist = str2anlist( si->si_exanlist, val, " ,\t" );
2428 if ( si->si_exanlist == NULL ) {
2432 } else if ( !strncasecmp( cargv[ i ], TYPESTR "=",
2433 STRLENOF( TYPESTR "=" ) ) )
2435 val = cargv[ i ] + STRLENOF( TYPESTR "=" );
2436 if ( !strncasecmp( val, "refreshOnly",
2437 STRLENOF("refreshOnly") ))
2439 si->si_type = LDAP_SYNC_REFRESH_ONLY;
2440 } else if ( !strncasecmp( val, "refreshAndPersist",
2441 STRLENOF("refreshAndPersist") ))
2443 si->si_type = LDAP_SYNC_REFRESH_AND_PERSIST;
2444 si->si_interval = 60;
2446 fprintf( stderr, "Error: parse_syncrepl_line: "
2447 "unknown sync type \"%s\"\n", val);
2450 } else if ( !strncasecmp( cargv[ i ], INTERVALSTR "=",
2451 STRLENOF( INTERVALSTR "=" ) ) )
2453 val = cargv[ i ] + STRLENOF( INTERVALSTR "=" );
2454 if ( si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ) {
2455 si->si_interval = 0;
2463 hstr = strchr( dstr, ':' );
2464 if ( hstr == NULL ) {
2465 fprintf( stderr, "Error: parse_syncrepl_line: "
2466 "invalid interval \"%s\"\n", val );
2470 mstr = strchr( hstr, ':' );
2471 if ( mstr == NULL ) {
2472 fprintf( stderr, "Error: parse_syncrepl_line: "
2473 "invalid interval \"%s\"\n", val );
2477 sstr = strchr( mstr, ':' );
2478 if ( sstr == NULL ) {
2479 fprintf( stderr, "Error: parse_syncrepl_line: "
2480 "invalid interval \"%s\"\n", val );
2489 if (( hh > 24 ) || ( hh < 0 ) ||
2490 ( mm > 60 ) || ( mm < 0 ) ||
2491 ( ss > 60 ) || ( ss < 0 ) || ( dd < 0 )) {
2492 fprintf( stderr, "Error: parse_syncrepl_line: "
2493 "invalid interval \"%s\"\n", val );
2496 si->si_interval = (( dd * 24 + hh ) * 60 + mm ) * 60 + ss;
2498 if ( si->si_interval < 0 ) {
2499 fprintf( stderr, "Error: parse_syncrepl_line: "
2500 "invalid interval \"%ld\"\n",
2501 (long) si->si_interval);
2504 } else if ( !strncasecmp( cargv[ i ], RETRYSTR "=",
2505 STRLENOF( RETRYSTR "=" ) ) )
2510 val = cargv[ i ] + STRLENOF( RETRYSTR "=" );
2511 retry_list = (char **) ch_calloc( 1, sizeof( char * ));
2512 retry_list[0] = NULL;
2514 slap_str2clist( &retry_list, val, " ,\t" );
2516 for ( k = 0; retry_list && retry_list[k]; k++ ) ;
2520 "Error: incomplete syncrepl retry list\n" );
2521 for ( k = 0; retry_list && retry_list[k]; k++ ) {
2522 ch_free( retry_list[k] );
2524 ch_free( retry_list );
2525 exit( EXIT_FAILURE );
2527 si->si_retryinterval = (time_t *) ch_calloc( n + 1, sizeof( time_t ));
2528 si->si_retrynum = (int *) ch_calloc( n + 1, sizeof( int ));
2529 si->si_retrynum_init = (int *) ch_calloc( n + 1, sizeof( int ));
2530 for ( j = 0; j < n; j++ ) {
2531 si->si_retryinterval[j] = atoi( retry_list[j*2] );
2532 if ( *retry_list[j*2+1] == '+' ) {
2533 si->si_retrynum_init[j] = -1;
2534 si->si_retrynum[j] = -1;
2538 si->si_retrynum_init[j] = atoi( retry_list[j*2+1] );
2539 si->si_retrynum[j] = atoi( retry_list[j*2+1] );
2542 si->si_retrynum_init[j] = -2;
2543 si->si_retrynum[j] = -2;
2544 si->si_retryinterval[j] = 0;
2546 for ( k = 0; retry_list && retry_list[k]; k++ ) {
2547 ch_free( retry_list[k] );
2549 ch_free( retry_list );
2550 } else if ( !strncasecmp( cargv[ i ], MANAGEDSAITSTR "=",
2551 STRLENOF( MANAGEDSAITSTR "=" ) ) )
2553 val = cargv[ i ] + STRLENOF( MANAGEDSAITSTR "=" );
2554 si->si_manageDSAit = atoi( val );
2555 } else if ( !strncasecmp( cargv[ i ], SLIMITSTR "=",
2556 STRLENOF( SLIMITSTR "=") ) )
2558 val = cargv[ i ] + STRLENOF( SLIMITSTR "=" );
2559 si->si_slimit = atoi( val );
2560 } else if ( !strncasecmp( cargv[ i ], TLIMITSTR "=",
2561 STRLENOF( TLIMITSTR "=" ) ) )
2563 val = cargv[ i ] + STRLENOF( TLIMITSTR "=" );
2564 si->si_tlimit = atoi( val );
2565 } else if ( bindconf_parse( cargv[i], &si->si_bindconf )) {
2566 fprintf( stderr, "Error: parse_syncrepl_line: "
2567 "unknown keyword \"%s\"\n", cargv[ i ] );
2572 if ( gots != GOT_ALL ) {
2574 "Error: Malformed \"syncrepl\" line in slapd config file" );
2591 if ( !( be->be_search && be->be_add && be->be_modify && be->be_delete )) {
2592 Debug( LDAP_DEBUG_ANY, "database %s does not support operations "
2593 "required for syncrepl\n", be->be_type, 0, 0 );
2596 si = (syncinfo_t *) ch_calloc( 1, sizeof( syncinfo_t ) );
2599 Debug( LDAP_DEBUG_ANY, "out of memory in add_syncrepl\n", 0, 0, 0 );
2603 si->si_bindconf.sb_tls = SB_TLS_OFF;
2604 si->si_bindconf.sb_method = LDAP_AUTH_SIMPLE;
2605 si->si_schemachecking = 0;
2606 ber_str2bv( "(objectclass=*)", STRLENOF("(objectclass=*)"), 1,
2607 &si->si_filterstr );
2608 si->si_base.bv_val = NULL;
2609 si->si_scope = LDAP_SCOPE_SUBTREE;
2610 si->si_attrsonly = 0;
2611 si->si_anlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName ));
2612 si->si_exanlist = (AttributeName *) ch_calloc( 1, sizeof( AttributeName ));
2613 si->si_attrs = NULL;
2614 si->si_allattrs = 0;
2615 si->si_allopattrs = 0;
2616 si->si_exattrs = NULL;
2617 si->si_type = LDAP_SYNC_REFRESH_ONLY;
2618 si->si_interval = 86400;
2619 si->si_retryinterval = NULL;
2620 si->si_retrynum_init = NULL;
2621 si->si_retrynum = NULL;
2622 si->si_manageDSAit = 0;
2626 si->si_presentlist = NULL;
2627 LDAP_LIST_INIT( &si->si_nonpresentlist );
2628 ldap_pvt_thread_mutex_init( &si->si_mutex );
2630 rc = parse_syncrepl_line( cargv, cargc, si );
2634 init_syncrepl( si );
2635 si->si_re = ldap_pvt_runqueue_insert( &slapd_rq, si->si_interval,
2636 do_syncrepl, si, "do_syncrepl", be->be_suffix[0].bv_val );
2641 Debug( LDAP_DEBUG_ANY, "failed to add syncinfo\n", 0, 0, 0 );
2642 syncinfo_free( si );
2645 Debug( LDAP_DEBUG_CONFIG,
2646 "Config: ** successfully added syncrepl \"%s\"\n",
2647 BER_BVISNULL( &si->si_provideruri ) ?
2648 "(null)" : si->si_provideruri.bv_val, 0, 0 );
2649 if ( !si->si_schemachecking ) {
2650 SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
2652 be->be_syncinfo = si;
2658 syncrepl_unparse( syncinfo_t *si, struct berval *bv )
2661 char buf[BUFSIZ*2], *ptr;
2664 bindconf_unparse( &si->si_bindconf, &bc );
2666 ptr += sprintf( ptr, IDSTR "=%03ld " PROVIDERSTR "=%s",
2667 si->si_rid, si->si_provideruri.bv_val );
2668 if ( !BER_BVISNULL( &bc )) {
2669 ptr = lutil_strcopy( ptr, bc.bv_val );
2672 if ( !BER_BVISEMPTY( &si->si_filterstr )) {
2673 ptr = lutil_strcopy( ptr, " " FILTERSTR "=\"" );
2674 ptr = lutil_strcopy( ptr, si->si_filterstr.bv_val );
2677 if ( !BER_BVISNULL( &si->si_base )) {
2678 ptr = lutil_strcopy( ptr, " " SEARCHBASESTR "=\"" );
2679 ptr = lutil_strcopy( ptr, si->si_base.bv_val );
2682 for (i=0; !BER_BVISNULL(&scopes[i].key);i++) {
2683 if ( si->si_scope == scopes[i].val ) {
2684 ptr = lutil_strcopy( ptr, " " SCOPESTR "=" );
2685 ptr = lutil_strcopy( ptr, scopes[i].key.bv_val );
2689 if ( si->si_attrsonly ) {
2690 ptr = lutil_strcopy( ptr, " " ATTRSONLYSTR "=yes" );
2692 if ( si->si_anfile ) {
2693 ptr = lutil_strcopy( ptr, " " ATTRSSTR "=:include:" );
2694 ptr = lutil_strcopy( ptr, si->si_anfile );
2695 } else if ( si->si_allattrs || si->si_allopattrs ||
2696 ( si->si_anlist && !BER_BVISNULL(&si->si_anlist[0].an_name) )) {
2698 ptr = lutil_strcopy( ptr, " " ATTRSSTR "=\"" );
2700 ptr = anlist_unparse( si->si_anlist, ptr );
2701 if ( si->si_allattrs ) {
2702 if ( old != ptr ) *ptr++ = ',';
2705 if ( si->si_allopattrs ) {
2706 if ( old != ptr ) *ptr++ = ',';
2711 if ( si->si_exanlist && !BER_BVISNULL(&si->si_exanlist[0].an_name) ) {
2712 ptr = lutil_strcopy( ptr, " " EXATTRSSTR "=" );
2713 ptr = anlist_unparse( si->si_exanlist, ptr );
2715 ptr = lutil_strcopy( ptr, " " SCHEMASTR "=" );
2716 ptr = lutil_strcopy( ptr, si->si_schemachecking ? "on" : "off" );
2718 ptr = lutil_strcopy( ptr, " " TYPESTR "=" );
2719 ptr = lutil_strcopy( ptr, si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ?
2720 "refreshAndPersist" : "refreshOnly" );
2722 if ( si->si_type == LDAP_SYNC_REFRESH_ONLY ) {
2725 dd = si->si_interval;
2732 ptr = lutil_strcopy( ptr, " " INTERVALSTR "=" );
2733 ptr += sprintf( ptr, "%02d:%02d:%02d:%02d", dd, hh, mm, ss );
2734 } else if ( si->si_retryinterval ) {
2736 ptr = lutil_strcopy( ptr, " " RETRYSTR "=\"" );
2737 for (i=0; si->si_retryinterval[i]; i++) {
2738 if ( space ) *ptr++ = ' ';
2740 ptr += sprintf( ptr, "%ld ", (long) si->si_retryinterval[i] );
2741 if ( si->si_retrynum_init[i] == -1 )
2744 ptr += sprintf( ptr, "%d", si->si_retrynum_init[i] );
2749 if ( si->si_slimit ) {
2750 ptr = lutil_strcopy( ptr, " " SLIMITSTR "=" );
2751 ptr += sprintf( ptr, "%d", si->si_slimit );
2754 if ( si->si_tlimit ) {
2755 ptr = lutil_strcopy( ptr, " " TLIMITSTR "=" );
2756 ptr += sprintf( ptr, "%d", si->si_tlimit );
2758 bc.bv_len = ptr - buf;
2760 ber_dupbv( bv, &bc );
2764 syncrepl_config(ConfigArgs *c) {
2765 if (c->op == SLAP_CONFIG_EMIT) {
2766 if ( c->be->be_syncinfo ) {
2768 syncrepl_unparse( c->be->be_syncinfo, &bv );
2769 ber_bvarray_add( &c->rvalue_vals, &bv );
2773 } else if ( c->op == LDAP_MOD_DELETE ) {
2776 if ( c->be->be_syncinfo ) {
2777 re = c->be->be_syncinfo->si_re;
2779 if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ))
2780 ldap_pvt_runqueue_stoptask( &slapd_rq, re );
2781 ldap_pvt_runqueue_remove( &slapd_rq, re );
2783 syncinfo_free( c->be->be_syncinfo );
2784 c->be->be_syncinfo = NULL;
2786 SLAP_DBFLAGS(c->be) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW);
2789 if(SLAP_SHADOW(c->be)) {
2790 Debug(LDAP_DEBUG_ANY, "%s: "
2791 "syncrepl: database already shadowed.\n",
2794 } else if(add_syncrepl(c->be, c->argv, c->argc)) {
2797 SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SYNC_SHADOW);
projects / openldap / blob