do not return search reference responses.
By default, they are returned unless request is LDAPv2.
+.TP
+.B omit-unknown-schema <NO|yes>
+If
+.BR yes ,
+do not return objectClasses or attributes that are not known to the local server.
+The default is to return all schema elements.
+
.TP
.B noundeffilter <NO|yes>
If
#define LDAP_BACK_F_NOREFS (0x00080000U)
#define LDAP_BACK_F_NOUNDEFFILTER (0x00100000U)
+#define LDAP_BACK_F_OMIT_UNKNOWN_SCHEMA (0x00200000U)
#define LDAP_BACK_F_ONERR_STOP (0x00200000U)
#define LDAP_BACK_NOREFS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_NOREFS)
#define LDAP_BACK_NOUNDEFFILTER(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_NOUNDEFFILTER)
-
+#define LDAP_BACK_OMIT_UNKNOWN_SCHEMA(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_OMIT_UNKNOWN_SCHEMA)
#define LDAP_BACK_ONERR_STOP(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ONERR_STOP)
int li_version;
LDAP_BACK_CFG_REWRITE,
LDAP_BACK_CFG_KEEPALIVE,
+ LDAP_BACK_CFG_OMIT_UNKNOWN_SCHEMA,
+
LDAP_BACK_CFG_LAST
};
{ "rewrite", "<arglist>", 2, 4, STRLENOF( "rewrite" ),
ARG_STRING|ARG_MAGIC|LDAP_BACK_CFG_REWRITE,
ldap_back_cf_gen, NULL, NULL, NULL },
+ { "omit-unknown-schema", "true|FALSE", 2, 2, 0,
+ ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_OMIT_UNKNOWN_SCHEMA,
+ ldap_back_cf_gen, "( OLcfgDbAt:3.28 "
+ "NAME 'olcDbRemoveUnknownSchema' "
+ "DESC 'Omit unknown schema when returning search results' "
+ "SYNTAX OMsBoolean "
+ "SINGLE-VALUE )",
+ NULL, NULL },
{ "keepalive", "keepalive", 2, 2, 0,
ARG_MAGIC|LDAP_BACK_CFG_KEEPALIVE,
ldap_back_cf_gen, "( OLcfgDbAt:3.29 "
c->value_int = LDAP_BACK_NOUNDEFFILTER( li );
break;
+ case LDAP_BACK_CFG_OMIT_UNKNOWN_SCHEMA:
+ c->value_int = LDAP_BACK_OMIT_UNKNOWN_SCHEMA( li );
+ break;
+
case LDAP_BACK_CFG_ONERR:
enum_to_verb( onerr_mode, li->li_flags & LDAP_BACK_F_ONERR_STOP, &bv );
if ( BER_BVISNULL( &bv )) {
li->li_flags &= ~LDAP_BACK_F_NOUNDEFFILTER;
break;
+ case LDAP_BACK_CFG_OMIT_UNKNOWN_SCHEMA:
+ li->li_flags &= ~LDAP_BACK_F_OMIT_UNKNOWN_SCHEMA;
+ break;
+
case LDAP_BACK_CFG_ONERR:
li->li_flags &= ~LDAP_BACK_F_ONERR_STOP;
break;
Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->cr_msg, 0 );
return 1;
+ case LDAP_BACK_CFG_OMIT_UNKNOWN_SCHEMA:
+ if ( c->value_int ) {
+ li->li_flags |= LDAP_BACK_F_OMIT_UNKNOWN_SCHEMA;
+
+ } else {
+ li->li_flags &= ~LDAP_BACK_F_OMIT_UNKNOWN_SCHEMA;
+ }
+ break;
+
case LDAP_BACK_CFG_KEEPALIVE:
slap_keepalive_parse( ber_bvstrdup(c->argv[1]),
&li->li_tls.sb_keepalive, 0, 0, 0);
static int
ldap_build_entry( Operation *op, LDAPMessage *e, Entry *ent,
- struct berval *bdn );
+ struct berval *bdn, int remove_unknown_schema );
+
+
+static ObjectClass *
+oc_bvfind_undef_ex( struct berval *ocname, int flag )
+{
+ ObjectClass *oc = oc_bvfind( ocname );
+
+ if ( oc || flag ) {
+ /* oc defined or remove-unknown-schema flag set */
+ return oc;
+ }
+
+ return oc_bvfind_undef( ocname );
+}
+
/*
* replaces (&) with (objectClass=*) and (|) with (!(objectClass=*))
int do_retry = 1, dont_retry = 0;
LDAPControl **ctrls = NULL;
char **references = NULL;
+ int remove_unknown_schema =
+ LDAP_BACK_OMIT_UNKNOWN_SCHEMA (li);
rs_assert_ready( rs );
rs->sr_flags &= ~REP_ENTRY_MASK; /* paranoia, we can set rs = non-entry */
do_retry = 0;
e = ldap_first_entry( lc->lc_ld, res );
- rc = ldap_build_entry( op, e, &ent, &bdn );
+ rc = ldap_build_entry( op, e, &ent, &bdn,
+ remove_unknown_schema);
if ( rc == LDAP_SUCCESS ) {
ldap_get_entry_controls( lc->lc_ld, res, &rs->sr_ctrls );
rs->sr_entry = &ent;
Operation *op,
LDAPMessage *e,
Entry *ent,
- struct berval *bdn )
+ struct berval *bdn,
+ int remove_unknown_schema)
{
struct berval a;
BerElement ber = *ldap_get_message_ber( e );
!= LDAP_SUCCESS )
{
if ( slap_bv2undef_ad( &a, &attr->a_desc, &text,
- SLAP_AD_PROXIED ) != LDAP_SUCCESS )
+ (remove_unknown_schema ? SLAP_AD_NOINSERT : SLAP_AD_PROXIED )) != LDAP_SUCCESS )
{
Debug( LDAP_DEBUG_ANY,
"%s ldap_build_entry: "
/* check if, by chance, it's an undefined objectClass */
if ( attr->a_desc == slap_schema.si_ad_objectClass &&
- ( oc = oc_bvfind_undef( &attr->a_vals[i] ) ) != NULL )
+ ( oc = oc_bvfind_undef_ex( &attr->a_vals[i],
+ remove_unknown_schema ) ) != NULL )
{
ber_dupbv( &pval, &oc->soc_cname );
rc = LDAP_SUCCESS;
LDAPControl **ctrls = NULL;
Operation op2 = *op;
+ int remove_unknown_schema =
+ LDAP_BACK_OMIT_UNKNOWN_SCHEMA (li);
*ent = NULL;
/* Tell getconn this is a privileged op */
goto cleanup;
}
- rc = ldap_build_entry( op, e, *ent, &bdn );
+ rc = ldap_build_entry( op, e, *ent, &bdn, remove_unknown_schema );
if ( rc != LDAP_SUCCESS ) {
entry_free( *ent );
projects / openldap / commitdiff