.br
- Binds fail unless the database option "bind on" is given.
.br
+- The
+.BR slapadd (8)
+and
+.BR slapcat (8)
+tools are equally exciting.
+.br
Inspired by the /dev/null device.
.SH CONFIGURATION
This
default slapd configuration file
.SH SEE ALSO
.BR slapd.conf (5),
-.BR slapd (8).
+.BR slapd (8),
+.BR slapadd (8),
+.BR slapcat (8).
{
struct ldapoptions *gopts = LDAP_INT_GLOBAL_OPT();
+ if ( gopts == NULL )
+ return;
+
gopts->ldo_valid = LDAP_UNINITIALIZED;
if ( gopts->ldo_defludp ) {
}
} else {
+ rs->sr_err = rc;
rc = slap_map_api2result( rs );
}
}
if ( rc != LDAP_SUCCESS ) {
- rs->sr_err = slap_map_api2result( rs );
-
Debug( LDAP_DEBUG_ANY, "%s meta_back_dobind[%d]: "
"(anonymous) err=%d\n",
op->o_log_prefix, i, rc );
* due to technical reasons (remote host down?)
* so better clear the handle
*/
- candidates[ i ].sr_tag = META_NOT_CANDIDATE;
+ /* leave the target candidate, but record the error for later use */
+ candidates[ i ].sr_err = rc;
if ( META_BACK_ONERR_STOP( mi ) ) {
bound = 0;
goto done;
int i,
rerr = LDAP_SUCCESS;
- char *rmsg = NULL;
- char *rmatch = NULL;
+ char *rmsg = NULL,
+ *rmatch = NULL;
+ const char *save_rmsg = NULL,
+ *save_rmatch = NULL;
+ void *rmatch_ctx = NULL;
if ( candidate != META_TARGET_NONE ) {
metasingleconn_t *msc = &mc->mc_conns[ candidate ];
}
rs->sr_err = rerr;
- rs->sr_text = rmsg;
+ if ( rmsg != NULL ) {
+ save_rmsg = rs->sr_text;
+ rs->sr_text = rmsg;
+ }
if ( rmatch != NULL ) {
struct berval dn, pdn;
ber_str2bv( rmatch, 0, 0, &dn );
if ( dnPretty( NULL, &dn, &pdn, op->o_tmpmemctx ) == LDAP_SUCCESS ) {
- rs->sr_matched = pdn.bv_val;
ldap_memfree( rmatch );
- rmatch = NULL;
- } else {
- rs->sr_matched = rmatch;
+ rmatch_ctx = op->o_tmpmemctx;
+ rmatch = pdn.bv_val;
}
-
- } else {
- rs->sr_matched = NULL;
+ save_rmatch = rs->sr_matched;
+ rs->sr_matched = rmatch;
}
send_ldap_result( op, rs );
if ( rmsg != NULL ) {
ber_memfree( rmsg );
+ rs->sr_text = save_rmsg;
}
- if ( rs->sr_matched != NULL ) {
- if ( rmatch == NULL ) {
- ber_memfree_x( rs->sr_matched, op->o_tmpmemctx );
-
- } else {
- ldap_memfree( rmatch );
- }
- rs->sr_matched = NULL;
+ if ( rmatch != NULL ) {
+ ber_memfree_x( rmatch, rmatch_ctx );
+ rs->sr_matched = save_rmatch;
}
- rs->sr_text = NULL;
return ( ( rerr == LDAP_SUCCESS ) ? 0 : -1 );
}
return candidate;
}
+static void *meta_back_candidates_dummy;
+
static void
meta_back_candidates_keyfree(
void *key,
void *data = NULL;
ldap_pvt_thread_pool_getkey( op->o_threadctx,
- meta_back_candidates_keyfree, &data, NULL );
+ &meta_back_candidates_dummy, &data, NULL );
mc = (metacandidates_t *)data;
} else {
data = (void *)mc;
ldap_pvt_thread_pool_setkey( op->o_threadctx,
- meta_back_candidates_keyfree, data,
+ &meta_back_candidates_dummy, data,
meta_back_candidates_keyfree );
} else {
* The target is activated; if needed, it is
* also init'd
*/
- int lerr = meta_back_init_one_conn( op, rs, &mi->mi_targets[ i ],
- &mc->mc_conns[ i ], sendok );
- if ( lerr == LDAP_SUCCESS ) {
+ candidates[ i ].sr_err =
+ meta_back_init_one_conn( op, rs,
+ &mi->mi_targets[ i ],
+ &mc->mc_conns[ i ], sendok );
+ if ( candidates[ i ].sr_err == LDAP_SUCCESS ) {
candidates[ i ].sr_tag = META_CANDIDATE;
ncandidates++;
* be tried?
*/
candidates[ i ].sr_tag = META_NOT_CANDIDATE;
- err = lerr;
+ err = candidates[ i ].sr_err;
continue;
}
}
}
if ( rs->sr_err != LDAP_SUCCESS ) {
- if ( new_conn ) {
- meta_back_freeconn( op, mc );
-
- } else {
+ if ( mc != NULL ) {
meta_back_release_conn( op, mc );
}
if ( newparent && meta_back_get_candidate( op, rs, op->orr_nnewSup ) != i )
{
- if ( new_conn ) {
- meta_back_freeconn( op, mc );
-
- } else {
+ if ( mc != NULL ) {
meta_back_release_conn( op, mc );
}
return NULL;
}
+ candidates[ i ].sr_err = LDAP_SUCCESS;
candidates[ i ].sr_tag = META_CANDIDATE;
ncandidates++;
&mc->mc_conns[ i ], sendok );
if ( lerr == LDAP_SUCCESS ) {
candidates[ i ].sr_tag = META_CANDIDATE;
+ candidates[ i ].sr_err = LDAP_SUCCESS;
ncandidates++;
Debug( LDAP_DEBUG_TRACE, "%s: meta_back_init_one_conn(%d)\n",
if ( new_conn ) {
( void )meta_clear_one_candidate( &mc->mc_conns[ i ] );
}
- candidates[ i ].sr_tag = META_NOT_CANDIDATE;
+ /* leave the target candidate, but record the error for later use */
+ candidates[ i ].sr_err = lerr;
err = lerr;
Debug( LDAP_DEBUG_ANY, "%s: meta_back_init_one_conn(%d) failed: %d\n",
metasingleconn_t *msc = &mc->mc_conns[ i ];
candidates[ i ].sr_msgid = -1;
-
- if ( candidates[ i ].sr_tag != META_CANDIDATE ) {
- continue;
- }
-
- candidates[ i ].sr_err = LDAP_SUCCESS;
candidates[ i ].sr_matched = NULL;
candidates[ i ].sr_text = NULL;
candidates[ i ].sr_ref = NULL;
candidates[ i ].sr_ctrls = NULL;
+ if ( candidates[ i ].sr_tag != META_CANDIDATE
+ || candidates[ i ].sr_err != LDAP_SUCCESS )
+ {
+ continue;
+ }
+
switch ( meta_back_search_start( op, rs, &dc, msc, i, candidates ) )
{
case 0:
op->o_log_prefix, op->o_req_dn.bv_val,
op->ors_scope );
- send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
-
+ /* FIXME: we're sending the first error we encounter;
+ * maybe we should pick the worst... */
rc = LDAP_NO_SUCH_OBJECT;
+ for ( i = 0; i < mi->mi_ntargets; i++ ) {
+ if ( candidates[ i ].sr_tag == META_CANDIDATE
+ && candidates[ i ].sr_err != LDAP_SUCCESS )
+ {
+ rc = candidates[ i ].sr_err;
+ break;
+ }
+ }
+
+ send_ldap_error( op, rs, rc, NULL );
+
goto finish;
}
BackendDB *be )
{
int rc;
- struct berval dn, ndn;
- struct berval bv;
+ struct berval dn = BER_BVC( SLAPD_MONITOR_DN ),
+ pdn,
+ ndn;
+ BackendDB *be2;
/*
* database monitor can be defined once only
/* indicate system schema supported */
SLAP_BFLAGS(be) |= SLAP_BFLAG_MONITOR;
- dn.bv_val = SLAPD_MONITOR_DN;
- dn.bv_len = sizeof( SLAPD_MONITOR_DN ) - 1;
-
- rc = dnNormalize( 0, NULL, NULL, &dn, &ndn, NULL );
+ rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
if( rc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
- "unable to normalize monitor DN \"%s\" (%d)\n",
+ "unable to normalize/pretty monitor DN \"%s\" (%d)\n",
dn.bv_val, rc, 0 );
return -1;
}
- ber_dupbv( &bv, &dn );
- ber_bvarray_add( &be->be_suffix, &bv );
+ ber_bvarray_add( &be->be_suffix, &pdn );
ber_bvarray_add( &be->be_nsuffix, &ndn );
/* NOTE: only one monitor database is allowed,
be->be_private = &monitor_info;
+ be2 = select_backend( &ndn, 0, 0 );
+ if ( be2 != be ) {
+ char *type = be2->bd_info->bi_type;
+
+ if ( overlay_is_over( be2 ) ) {
+ slap_overinfo *oi = (slap_overinfo *)be2->bd_info->bi_private;
+ type = oi->oi_orig->bi_type;
+ }
+
+ Debug( LDAP_DEBUG_ANY,
+ "\"monitor\" database serving namingContext \"%s\" "
+ "is hidden by \"%s\" database serving namingContext \"%s\".\n",
+ pdn.bv_val, type, be2->be_nsuffix[ 0 ].bv_val );
+ return -1;
+ }
+
return 0;
}
#include "slap.h"
struct null_info {
- int bind_allowed;
+ int ni_bind_allowed;
+ ID ni_nextid;
};
+
+/* LDAP operations */
+
static int
null_back_bind( Operation *op, SlapReply *rs )
{
struct null_info *ni = (struct null_info *) op->o_bd->be_private;
- if ( ni->bind_allowed ) {
+ if ( ni->ni_bind_allowed ) {
/* front end will send result on success (0) */
return LDAP_SUCCESS;
}
return 0;
}
+
+/* Slap tools */
+
+static int
+null_tool_entry_open( BackendDB *be, int mode )
+{
+ return 0;
+}
+
+static int
+null_tool_entry_close( BackendDB *be )
+{
+ assert( be != NULL );
+ return 0;
+}
+
+static ID
+null_tool_entry_next( BackendDB *be )
+{
+ return NOID;
+}
+
+static Entry *
+null_tool_entry_get( BackendDB *be, ID id )
+{
+ assert( slapMode & SLAP_TOOL_MODE );
+ return NULL;
+}
+
+static ID
+null_tool_entry_put( BackendDB *be, Entry *e, struct berval *text )
+{
+ assert( slapMode & SLAP_TOOL_MODE );
+ assert( text != NULL );
+ assert( text->bv_val != NULL );
+ assert( text->bv_val[0] == '\0' ); /* overconservative? */
+
+ e->e_id = ((struct null_info *) be->be_private)->ni_nextid++;
+ return e->e_id;
+}
+
+
+/* Setup */
+
static int
null_back_db_config(
BackendDB *be,
fname, lineno );
return 1;
}
- ni->bind_allowed = strcasecmp( argv[1], "off" );
+ ni->ni_bind_allowed = strcasecmp( argv[1], "off" );
/* anything else */
} else {
static int
null_back_db_init( BackendDB *be )
{
- struct null_info *ni;
-
- ni = ch_calloc( 1, sizeof(struct null_info) );
- ni->bind_allowed = 0;
+ struct null_info *ni = ch_calloc( 1, sizeof(struct null_info) );
+ ni->ni_bind_allowed = 0;
+ ni->ni_nextid = 1;
be->be_private = ni;
return 0;
}
bi->bi_connection_init = 0;
bi->bi_connection_destroy = 0;
+ bi->bi_tool_entry_open = null_tool_entry_open;
+ bi->bi_tool_entry_close = null_tool_entry_close;
+ bi->bi_tool_entry_first = null_tool_entry_next;
+ bi->bi_tool_entry_next = null_tool_entry_next;
+ bi->bi_tool_entry_get = null_tool_entry_get;
+ bi->bi_tool_entry_put = null_tool_entry_put;
+
return 0;
}
free(pdn.bv_val);
free(ndn.bv_val);
} else if(tbe) {
- sprintf( c->msg, "<%s> suffix already served by a preceding backend",
- c->argv[0] );
+ char *type = tbe->bd_info->bi_type;
+
+ if ( overlay_is_over( tbe ) ) {
+ slap_overinfo *oi = (slap_overinfo *)tbe->bd_info->bi_private;
+ type = oi->oi_orig->bi_type;
+ }
+
+ sprintf( c->msg, "<%s> namingContext \"%s\" already served by "
+ "a preceding %s database serving namingContext",
+ c->argv[0], pdn.bv_val, type );
Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, tbe->be_suffix[0].bv_val);
free(pdn.bv_val);
return 1;
}
-#ifdef SLAP_DYNACL
if ( acl_init() ) {
ldap_debug |= 1;
Debug( LDAP_DEBUG_ANY,
name, 0, 0 );
return 1;
}
-#endif /* SLAP_DYNACL */
+
return rc;
}
fname, lineno, argv[1] );
return -1;
}
+ if ( SLAP_GLUE_INSTANCE( b2 )) {
+ fprintf( stderr, "%s: line %d: backend for %s is already glued; "
+ "only one glue overlay is allowed per tree.\n",
+ fname, lineno, argv[1] );
+ return -1;
+ }
SLAP_DBFLAGS(b2) |= SLAP_DBFLAG_GLUE_SUBORDINATE;
if ( advertise ) {
SLAP_DBFLAGS(b2) |= SLAP_DBFLAG_GLUE_ADVERTISE;
*)
echo "Test does not support $BACKEND backend"
exit 0
+ ;;
esac
echo "running defines.sh"
'(objectclass=*)' >> $SEARCHOUT 2>> $TESTOUT
RC=$?
if test $RC != 32 ; then
- echo "ldapsearch should have failed ($RC)!"
+ echo "ldapsearch should have failed with noSuchObject ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ if test $RC = 0 ; then
+ exit -1
+ fi
exit $RC
fi
if test $RC = 0 ; then
echo "ldapwhoami should have failed!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
+ exit -1
fi
# Populate ACIs