Fixed slapd sortvals binary search (ITS#5578)
Fixed slapd syncrepl updates with multiple masters (ITS#5597)
Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
+ Added slapd-ldap/slapd-meta option to filter out search references (ITS#5593)
Fixed slapd-meta link to slapd-ldap (ITS#5355)
Fixed slapd-sock, back-shell buffer count (ITS#5558)
Fixed slapo-dynlist dg attrs lookup (ITS#5583)
The value is in seconds, and it can be specified as for
.BR idle-timeout .
+.TP
+.B norefs <NO|yes>
+If
+.BR yes ,
+do not return search reference responses.
+By default, they are returned unless request is LDAPv2.
+
.TP
.B protocol\-version {0,2,3}
This directive indicates what protocol version must be used to contact
but, in case at least one target returned an error code, the first
non-success error code is returned.
+.TP
+.B norefs <NO|yes>
+If
+.BR yes ,
+do not return search reference responses.
+By default, they are returned unless request is LDAPv2.
+If set before any target specification, it affects all targets, unless
+overridden by any per-target directive.
+
.TP
.B protocol\-version {0,2,3}
This directive indicates what protocol version must be used to contact
#define LDAP_BACK_F_ST_RESPONSE (0x00040000U)
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+#define LDAP_BACK_F_NOREFS (0x00080000U)
+
#define LDAP_BACK_ISSET_F(ff,f) ( ( (ff) & (f) ) == (f) )
#define LDAP_BACK_ISMASK_F(ff,m,f) ( ( (ff) & (m) ) == (f) )
#define LDAP_BACK_ST_RESPONSE(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ST_RESPONSE)
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+#define LDAP_BACK_NOREFS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_NOREFS)
+
int li_version;
/* cached connections;
LDAP_BACK_CFG_CANCEL,
LDAP_BACK_CFG_QUARANTINE,
LDAP_BACK_CFG_ST_REQUEST,
+ LDAP_BACK_CFG_NOREFS,
+
LDAP_BACK_CFG_REWRITE,
LDAP_BACK_CFG_LAST
"SINGLE-VALUE )",
NULL, NULL },
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+ { "norefs", "true|FALSE", 2, 2, 0,
+ ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_NOREFS,
+ ldap_back_cf_gen, "( OLcfgDbAt:3.25 "
+ "NAME 'olcDbNorefs' "
+ "DESC 'Do not return search reference responses' "
+ "SYNTAX OMsBoolean "
+ "SINGLE-VALUE )",
+ NULL, NULL },
{ "suffixmassage", "[virtual]> <real", 2, 3, 0,
ARG_STRING|ARG_MAGIC|LDAP_BACK_CFG_REWRITE,
ldap_back_cf_gen, NULL, NULL, NULL },
"$ olcDbQuarantine "
"$ olcDbUseTemporaryConn "
"$ olcDbConnectionPoolMax "
+#ifdef SLAP_CONTROL_X_SESSION_TRACKING
+ "$ olcDbSessionTrackingRequest "
+#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+ "$ olcDbNorefs "
") )",
Cft_Database, ldapcfg},
{ NULL, 0, NULL }
break;
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+ case LDAP_BACK_CFG_NOREFS:
+ c->value_int = LDAP_BACK_NOREFS( li );
+ break;
+
default:
/* FIXME: we need to handle all... */
assert( 0 );
break;
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+ case LDAP_BACK_CFG_NOREFS:
+ li->li_flags &= ~LDAP_BACK_F_NOREFS;
+ break;
+
default:
/* FIXME: we need to handle all... */
assert( 0 );
break;
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+ case LDAP_BACK_CFG_NOREFS:
+ if ( c->value_int ) {
+ li->li_flags |= LDAP_BACK_F_NOREFS;
+
+ } else {
+ li->li_flags &= ~LDAP_BACK_F_NOREFS;
+ }
+ break;
+
case LDAP_BACK_CFG_REWRITE:
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"rewrite/remap capabilities have been moved "
}
} else if ( rc == LDAP_RES_SEARCH_REFERENCE ) {
+ if ( LDAP_BACK_NOREFS( li ) ) {
+ ldap_msgfree( res );
+ continue;
+ }
+
do_retry = 0;
rc = ldap_parse_reference( lc->lc_ld, res,
&references, &rs->sr_ctrls, 1 );
#define META_BACK_TGT_ST_RESPONSE(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_ST_RESPONSE )
#endif /* SLAP_CONTROL_X_SESSION_TRACKING */
+#define META_BACK_TGT_NOREFS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOREFS )
+
int mt_version;
time_t mt_network_timeout;
struct timeval mt_bind_timeout;
return 1;
}
+ /* do not return search references */
+ } else if ( strcasecmp( argv[ 0 ], "norefs" ) == 0 ) {
+ unsigned *flagsp = mi->mi_ntargets ?
+ &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_flags
+ : &mi->mi_flags;
+
+ if ( argc != 2 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: \"norefs {TRUE|false}\" needs 1 argument.\n",
+ fname, lineno, 0 );
+ return( 1 );
+ }
+
+ /* this is the default; we add it because the default might change... */
+ switch ( check_true_false( argv[ 1 ] ) ) {
+ case 1:
+ *flagsp |= LDAP_BACK_F_NOREFS;
+ break;
+
+ case 0:
+ *flagsp &= ~LDAP_BACK_F_NOREFS;
+ break;
+
+ default:
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: \"norefs {TRUE|false}\": unknown argument \"%s\".\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
/* anything else */
} else {
return SLAP_CONF_UNKNOWN;
char **references = NULL;
int cnt;
+ if ( META_BACK_TGT_NOREFS( mi->mi_targets[ i ] ) ) {
+ continue;
+ }
+
if ( candidates[ i ].sr_type == REP_INTERMEDIATE ) {
/* don't retry any more... */
candidates[ i ].sr_type = REP_RESULT;