static int bdb_cf_gen( ConfigArgs *c ) { struct bdb_info *bdb = c->be->be_private; int rc; if ( c->op == SLAP_CONFIG_EMIT ) { rc = 0; switch( c->type ) { case BDB_MODE: { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "0%o", bdb->bi_dbenv_mode ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } break; case BDB_CHKPT: if ( bdb->bi_txn_cp ) { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "%ld %ld", (long) bdb->bi_txn_cp_kbyte, (long) bdb->bi_txn_cp_min ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } else { rc = 1; } break; case BDB_CRYPTFILE: if ( bdb->bi_db_crypt_file ) { c->value_string = ch_strdup( bdb->bi_db_crypt_file ); } else { rc = 1; } break; /* If a crypt file has been set, its contents are copied here. * But we don't want the key to be incorporated here. */ case BDB_CRYPTKEY: if ( !bdb->bi_db_crypt_file && !BER_BVISNULL( &bdb->bi_db_crypt_key )) { value_add_one( &c->rvalue_vals, &bdb->bi_db_crypt_key ); } else { rc = 1; } break; case BDB_DIRECTORY: if ( bdb->bi_dbenv_home ) { c->value_string = ch_strdup( bdb->bi_dbenv_home ); } else { rc = 1; } break; case BDB_CONFIG: if ( !( bdb->bi_flags & BDB_IS_OPEN ) && !bdb->bi_db_config ) { char buf[SLAP_TEXT_BUFLEN]; FILE *f = fopen( bdb->bi_db_config_path, "r" ); struct berval bv; if ( f ) { bdb->bi_flags |= BDB_HAS_CONFIG; while ( fgets( buf, sizeof(buf), f )) { ber_str2bv( buf, 0, 1, &bv ); if ( bv.bv_len > 0 && bv.bv_val[bv.bv_len-1] == '\n' ) { bv.bv_len--; bv.bv_val[bv.bv_len] = '\0'; } /* shouldn't need this, but ... */ if ( bv.bv_len > 0 && bv.bv_val[bv.bv_len-1] == '\r' ) { bv.bv_len--; bv.bv_val[bv.bv_len] = '\0'; } ber_bvarray_add( &bdb->bi_db_config, &bv ); } fclose( f ); } } if ( bdb->bi_db_config ) { int i; struct berval bv; bv.bv_val = c->log; for (i=0; !BER_BVISNULL(&bdb->bi_db_config[i]); i++) { bv.bv_len = sprintf( bv.bv_val, "{%d}%s", i, bdb->bi_db_config[i].bv_val ); value_add_one( &c->rvalue_vals, &bv ); } } if ( !c->rvalue_vals ) rc = 1; break; case BDB_NOSYNC: if ( bdb->bi_dbenv_xflags & DB_TXN_NOSYNC ) c->value_int = 1; break; case BDB_CHECKSUM: if ( bdb->bi_flags & BDB_CHKSUM ) c->value_int = 1; break; case BDB_INDEX: bdb_attr_index_unparse( bdb, &c->rvalue_vals ); if ( !c->rvalue_vals ) rc = 1; break; case BDB_LOCKD: rc = 1; if ( bdb->bi_lock_detect != DB_LOCK_DEFAULT ) { int i; for (i=0; !BER_BVISNULL(&bdb_lockd[i].word); i++) { if ( bdb->bi_lock_detect == (u_int32_t)bdb_lockd[i].mask ) { value_add_one( &c->rvalue_vals, &bdb_lockd[i].word ); rc = 0; break; } } } break; case BDB_SSTACK: c->value_int = bdb->bi_search_stack_depth; break; case BDB_PGSIZE: { struct bdb_db_pgsize *ps; char buf[SLAP_TEXT_BUFLEN]; struct berval bv; int rc = 1; bv.bv_val = buf; for ( ps = bdb->bi_pagesizes; ps; ps = ps->bdp_next ) { bv.bv_len = sprintf( buf, "%s %d", ps->bdp_name.bv_val, ps->bdp_size / 1024 ); value_add_one( &c->rvalue_vals, &bv ); rc = 0; } break; } } return rc; } else if ( c->op == LDAP_MOD_DELETE ) { rc = 0; switch( c->type ) { case BDB_MODE: #if 0 /* FIXME: does it make any sense to change the mode, * if we don't exec a chmod()? */ bdb->bi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; break; #endif /* single-valued no-ops */ case BDB_LOCKD: case BDB_SSTACK: break; case BDB_CHKPT: if ( bdb->bi_txn_cp_task ) { struct re_s *re = bdb->bi_txn_cp_task; bdb->bi_txn_cp_task = NULL; ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ) ) ldap_pvt_runqueue_stoptask( &slapd_rq, re ); ldap_pvt_runqueue_remove( &slapd_rq, re ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } bdb->bi_txn_cp = 0; break; case BDB_CONFIG: if ( c->valx < 0 ) { ber_bvarray_free( bdb->bi_db_config ); bdb->bi_db_config = NULL; } else { int i = c->valx; ch_free( bdb->bi_db_config[i].bv_val ); for (; bdb->bi_db_config[i].bv_val; i++) bdb->bi_db_config[i] = bdb->bi_db_config[i+1]; } bdb->bi_flags |= BDB_UPD_CONFIG|BDB_RE_OPEN; c->cleanup = bdb_cf_cleanup; break; /* Doesn't really make sense to change these on the fly; * the entire DB must be dumped and reloaded */ case BDB_CRYPTFILE: if ( bdb->bi_db_crypt_file ) { ch_free( bdb->bi_db_crypt_file ); bdb->bi_db_crypt_file = NULL; } /* FALLTHRU */ case BDB_CRYPTKEY: if ( !BER_BVISNULL( &bdb->bi_db_crypt_key )) { ch_free( bdb->bi_db_crypt_key.bv_val ); BER_BVZERO( &bdb->bi_db_crypt_key ); } break; case BDB_DIRECTORY: bdb->bi_flags |= BDB_RE_OPEN; bdb->bi_flags ^= BDB_HAS_CONFIG; ch_free( bdb->bi_dbenv_home ); bdb->bi_dbenv_home = NULL; ch_free( bdb->bi_db_config_path ); bdb->bi_db_config_path = NULL; c->cleanup = bdb_cf_cleanup; ldap_pvt_thread_pool_purgekey( bdb->bi_dbenv ); break; case BDB_NOSYNC: bdb->bi_dbenv->set_flags( bdb->bi_dbenv, DB_TXN_NOSYNC, 0 ); break; case BDB_CHECKSUM: bdb->bi_flags &= ~BDB_CHKSUM; break; case BDB_INDEX: if ( c->valx == -1 ) { int i; /* delete all (FIXME) */ for ( i = 0; i < bdb->bi_nattrs; i++ ) { bdb->bi_attrs[i]->ai_indexmask |= BDB_INDEX_DELETING; } bdb->bi_flags |= BDB_DEL_INDEX; c->cleanup = bdb_cf_cleanup; } else { struct berval bv, def = BER_BVC("default"); char *ptr; for (ptr = c->line; !isspace( (unsigned char) *ptr ); ptr++); bv.bv_val = c->line; bv.bv_len = ptr - bv.bv_val; if ( bvmatch( &bv, &def )) { bdb->bi_defaultmask = 0; } else { int i; char **attrs; char sep; sep = bv.bv_val[ bv.bv_len ]; bv.bv_val[ bv.bv_len ] = '\0'; attrs = ldap_str2charray( bv.bv_val, "," ); for ( i = 0; attrs[ i ]; i++ ) { AttributeDescription *ad = NULL; const char *text; AttrInfo *ai; slap_str2ad( attrs[ i ], &ad, &text ); /* if we got here... */ assert( ad != NULL ); ai = bdb_attr_mask( bdb, ad ); /* if we got here... */ assert( ai != NULL ); ai->ai_indexmask |= BDB_INDEX_DELETING; bdb->bi_flags |= BDB_DEL_INDEX; c->cleanup = bdb_cf_cleanup; } bv.bv_val[ bv.bv_len ] = sep; ldap_charray_free( attrs ); } } break; /* doesn't make sense on the fly; the DB file must be * recreated */ case BDB_PGSIZE: { struct bdb_db_pgsize *ps, **prev; int i; for ( i = 0, prev = &bdb->bi_pagesizes, ps = *prev; ps; prev = &ps->bdp_next, ps = ps->bdp_next, i++ ) { if ( c->valx == -1 || i == c->valx ) { *prev = ps->bdp_next; ch_free( ps ); ps = *prev; if ( i == c->valx ) break; } } } break; } return rc; } switch( c->type ) { case BDB_MODE: if ( ASCII_DIGIT( c->argv[1][0] ) ) { long mode; char *next; errno = 0; mode = strtol( c->argv[1], &next, 0 ); if ( errno != 0 || next == c->argv[1] || next[0] != '\0' ) { fprintf( stderr, "%s: " "unable to parse mode=\"%s\".\n", c->log, c->argv[1] ); return 1; } bdb->bi_dbenv_mode = mode; } else { char *m = c->argv[1]; int who, what, mode = 0; if ( strlen( m ) != STRLENOF("-rwxrwxrwx") ) { return 1; } if ( m[0] != '-' ) { return 1; } m++; for ( who = 0; who < 3; who++ ) { for ( what = 0; what < 3; what++, m++ ) { if ( m[0] == '-' ) { continue; } else if ( m[0] != "rwx"[what] ) { return 1; } mode += ((1 << (2 - what)) << 3*(2 - who)); } } bdb->bi_dbenv_mode = mode; } break; case BDB_CHKPT: { long l; bdb->bi_txn_cp = 1; if ( lutil_atolx( &l, c->argv[1], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid kbyte \"%s\" in \"checkpoint\".\n", c->log, c->argv[1] ); return 1; } bdb->bi_txn_cp_kbyte = l; if ( lutil_atolx( &l, c->argv[2], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid minutes \"%s\" in \"checkpoint\".\n", c->log, c->argv[2] ); return 1; } bdb->bi_txn_cp_min = l; /* If we're in server mode and time-based checkpointing is enabled, * submit a task to perform periodic checkpoints. */ if ((slapMode & SLAP_SERVER_MODE) && bdb->bi_txn_cp_min ) { struct re_s *re = bdb->bi_txn_cp_task; if ( re ) { re->interval.tv_sec = bdb->bi_txn_cp_min * 60; } else { if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"checkpoint\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); bdb->bi_txn_cp_task = ldap_pvt_runqueue_insert( &slapd_rq, bdb->bi_txn_cp_min * 60, bdb_checkpoint, bdb, LDAP_XSTRING(bdb_checkpoint), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } } } break; case BDB_CONFIG: { char *ptr = c->line; struct berval bv; if ( c->op == SLAP_CONFIG_ADD ) { ptr += STRLENOF("dbconfig"); while (!isspace((unsigned char)*ptr)) ptr++; while (isspace((unsigned char)*ptr)) ptr++; } if ( bdb->bi_flags & BDB_IS_OPEN ) { bdb->bi_flags |= BDB_UPD_CONFIG|BDB_RE_OPEN; c->cleanup = bdb_cf_cleanup; } else { /* If we're just starting up... */ FILE *f; /* If a DB_CONFIG file exists, or we don't know the path * to the DB_CONFIG file, ignore these directives */ if (( bdb->bi_flags & BDB_HAS_CONFIG ) || !bdb->bi_db_config_path ) break; f = fopen( bdb->bi_db_config_path, "a" ); if ( f ) { /* FIXME: EBCDIC probably needs special handling */ fprintf( f, "%s\n", ptr ); fclose( f ); } } ber_str2bv( ptr, 0, 1, &bv ); ber_bvarray_add( &bdb->bi_db_config, &bv ); } break; case BDB_CRYPTFILE: rc = lutil_get_filed_password( c->value_string, &bdb->bi_db_crypt_key ); if ( rc == 0 ) { bdb->bi_db_crypt_file = c->value_string; } break; /* Cannot set key if file was already set */ case BDB_CRYPTKEY: if ( bdb->bi_db_crypt_file ) { rc = 1; } else { bdb->bi_db_crypt_key = c->value_bv; } break; case BDB_DIRECTORY: { FILE *f; char *ptr, *testpath; int len; len = strlen( c->value_string ); testpath = ch_malloc( len + STRLENOF(LDAP_DIRSEP) + STRLENOF("DUMMY") + 1 ); ptr = lutil_strcopy( testpath, c->value_string ); *ptr++ = LDAP_DIRSEP[0]; strcpy( ptr, "DUMMY" ); f = fopen( testpath, "w" ); if ( f ) { fclose( f ); unlink( testpath ); } ch_free( testpath ); if ( !f ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: invalid path: %s", c->log, strerror( errno )); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } if ( bdb->bi_dbenv_home ) ch_free( bdb->bi_dbenv_home ); bdb->bi_dbenv_home = c->value_string; /* See if a DB_CONFIG file already exists here */ if ( bdb->bi_db_config_path ) ch_free( bdb->bi_db_config_path ); bdb->bi_db_config_path = ch_malloc( len + STRLENOF(LDAP_DIRSEP) + STRLENOF("DB_CONFIG") + 1 ); ptr = lutil_strcopy( bdb->bi_db_config_path, bdb->bi_dbenv_home ); *ptr++ = LDAP_DIRSEP[0]; strcpy( ptr, "DB_CONFIG" ); f = fopen( bdb->bi_db_config_path, "r" ); if ( f ) { bdb->bi_flags |= BDB_HAS_CONFIG; fclose(f); } } break; case BDB_NOSYNC: if ( c->value_int ) bdb->bi_dbenv_xflags |= DB_TXN_NOSYNC; else bdb->bi_dbenv_xflags &= ~DB_TXN_NOSYNC; if ( bdb->bi_flags & BDB_IS_OPEN ) { bdb->bi_dbenv->set_flags( bdb->bi_dbenv, DB_TXN_NOSYNC, c->value_int ); } break; case BDB_CHECKSUM: if ( c->value_int ) bdb->bi_flags |= BDB_CHKSUM; else bdb->bi_flags &= ~BDB_CHKSUM; break; case BDB_INDEX: rc = bdb_attr_index_config( bdb, c->fname, c->lineno, c->argc - 1, &c->argv[1], &c->reply); if( rc != LDAP_SUCCESS ) return 1; if (( bdb->bi_flags & BDB_IS_OPEN ) && !bdb->bi_index_task ) { /* Start the task as soon as we finish here. Set a long * interval (10 hours) so that it only gets scheduled once. */ if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"index\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); bdb->bi_index_task = ldap_pvt_runqueue_insert( &slapd_rq, 36000, bdb_online_index, c->be, LDAP_XSTRING(bdb_online_index), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } break; case BDB_LOCKD: rc = verb_to_mask( c->argv[1], bdb_lockd ); if ( BER_BVISNULL(&bdb_lockd[rc].word) ) { fprintf( stderr, "%s: " "bad policy (%s) in \"lockDetect <policy>\" line\n", c->log, c->argv[1] ); return 1; } bdb->bi_lock_detect = (u_int32_t)rc; break; case BDB_SSTACK: if ( c->value_int < MINIMUM_SEARCH_STACK_DEPTH ) { fprintf( stderr, "%s: depth %d too small, using %d\n", c->log, c->value_int, MINIMUM_SEARCH_STACK_DEPTH ); c->value_int = MINIMUM_SEARCH_STACK_DEPTH; } bdb->bi_search_stack_depth = c->value_int; break; case BDB_PGSIZE: { struct bdb_db_pgsize *ps, **prev; int i, s; s = atoi(c->argv[2]); if ( s < 1 || s > 64 ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: size must be > 0 and <= 64: %d", c->log, s ); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } i = strlen(c->argv[1]); ps = ch_malloc( sizeof(struct bdb_db_pgsize) + i + 1 ); ps->bdp_next = NULL; ps->bdp_name.bv_len = i; ps->bdp_name.bv_val = (char *)(ps+1); strcpy( ps->bdp_name.bv_val, c->argv[1] ); ps->bdp_size = s * 1024; for ( prev = &bdb->bi_pagesizes; *prev; prev = &(*prev)->bdp_next ) ; *prev = ps; } break; } return 0; }
static int limits_get( Operation *op, struct slap_limits_set **limit ) { static struct berval empty_dn = BER_BVC( "" ); struct slap_limits **lm; struct berval *ndns[2]; assert( op != NULL ); assert( limit != NULL ); ndns[0] = &op->o_ndn; ndns[1] = &op->o_req_ndn; Debug( LDAP_DEBUG_TRACE, "==> limits_get: %s self=\"%s\" this=\"%s\"\n", op->o_log_prefix, BER_BVISNULL( ndns[0] ) ? "[anonymous]" : ndns[0]->bv_val, BER_BVISNULL( ndns[1] ) ? "" : ndns[1]->bv_val ); /* * default values */ *limit = &op->o_bd->be_def_limit; if ( op->o_bd->be_limits == NULL ) { return( 0 ); } for ( lm = op->o_bd->be_limits; lm[0] != NULL; lm++ ) { unsigned style = lm[0]->lm_flags & SLAP_LIMITS_MASK; unsigned type = lm[0]->lm_flags & SLAP_LIMITS_TYPE_MASK; unsigned isthis = type == SLAP_LIMITS_TYPE_THIS; struct berval *ndn = ndns[isthis]; if ( style == SLAP_LIMITS_ANY ) goto found_any; if ( BER_BVISEMPTY( ndn ) ) { if ( style == SLAP_LIMITS_ANONYMOUS ) goto found_nodn; if ( !isthis ) continue; ndn = &empty_dn; } switch ( style ) { case SLAP_LIMITS_EXACT: if ( type == SLAP_LIMITS_TYPE_GROUP ) { int rc = backend_group( op, NULL, &lm[0]->lm_pat, ndn, lm[0]->lm_group_oc, lm[0]->lm_group_ad ); if ( rc == 0 ) { goto found_group; } } else { if ( dn_match( &lm[0]->lm_pat, ndn ) ) { goto found_dn; } } break; case SLAP_LIMITS_ONE: case SLAP_LIMITS_SUBTREE: case SLAP_LIMITS_CHILDREN: { ber_len_t d; /* ndn shorter than lm_pat */ if ( ndn->bv_len < lm[0]->lm_pat.bv_len ) { break; } d = ndn->bv_len - lm[0]->lm_pat.bv_len; if ( d == 0 ) { /* allow exact match for SUBTREE only */ if ( style != SLAP_LIMITS_SUBTREE ) { break; } } else { /* check for unescaped rdn separator */ if ( !DN_SEPARATOR( ndn->bv_val[d - 1] ) ) { break; } } /* check that ndn ends with lm_pat */ if ( strcmp( lm[0]->lm_pat.bv_val, &ndn->bv_val[d] ) != 0 ) { break; } /* in case of ONE, require exactly one rdn below lm_pat */ if ( style == SLAP_LIMITS_ONE ) { if ( dn_rdnlen( NULL, ndn ) != d - 1 ) { break; } } goto found_dn; } case SLAP_LIMITS_REGEX: if ( regexec( &lm[0]->lm_regex, ndn->bv_val, 0, NULL, 0 ) == 0 ) { goto found_dn; } break; case SLAP_LIMITS_ANONYMOUS: break; case SLAP_LIMITS_USERS: found_nodn: Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n", dn_source[isthis], limits2str( style ), 0 ); found_any: *limit = &lm[0]->lm_limits; return( 0 ); found_dn: Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s dn=\"%s\"\n", dn_source[isthis], limits2str( style ), lm[0]->lm_pat.bv_val ); *limit = &lm[0]->lm_limits; return( 0 ); found_group: Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT " "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n", lm[0]->lm_pat.bv_val, lm[0]->lm_group_oc->soc_cname.bv_val, lm[0]->lm_group_ad->ad_cname.bv_val ); *limit = &lm[0]->lm_limits; return( 0 ); default: assert( 0 ); /* unreachable */ return( -1 ); } } return( 0 ); }
static int rwm_int_filter_map_rewrite( Operation *op, dncookie *dc, Filter *f, struct berval *fstr ) { int i; Filter *p; AttributeDescription *ad; struct berval atmp, vtmp, *tmp; static struct berval /* better than nothing... */ ber_bvfalse = BER_BVC( "(!(objectClass=*))" ), ber_bvtf_false = BER_BVC( "(|)" ), /* better than nothing... */ ber_bvtrue = BER_BVC( "(objectClass=*)" ), ber_bvtf_true = BER_BVC( "(&)" ), #if 0 /* no longer needed; preserved for completeness */ ber_bvundefined = BER_BVC( "(?=undefined)" ), #endif ber_bverror = BER_BVC( "(?=error)" ), ber_bvunknown = BER_BVC( "(?=unknown)" ), ber_bvnone = BER_BVC( "(?=none)" ); ber_len_t len; assert( fstr != NULL ); BER_BVZERO( fstr ); if ( f == NULL ) { ber_dupbv_x( fstr, &ber_bvnone, op->o_tmpmemctx ); return LDAP_OTHER; } if ( f->f_choice & SLAPD_FILTER_UNDEFINED ) { goto computed; } switch ( f->f_choice & SLAPD_FILTER_MASK ) { case LDAP_FILTER_EQUALITY: ad = f->f_av_desc; if ( map_attr_value( dc, &ad, &atmp, &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(=)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)", atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); break; case LDAP_FILTER_GE: ad = f->f_av_desc; if ( map_attr_value( dc, &ad, &atmp, &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(>=)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)", atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); break; case LDAP_FILTER_LE: ad = f->f_av_desc; if ( map_attr_value( dc, &ad, &atmp, &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(<=)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)", atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); break; case LDAP_FILTER_APPROX: ad = f->f_av_desc; if ( map_attr_value( dc, &ad, &atmp, &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(~=)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)", atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); break; case LDAP_FILTER_SUBSTRINGS: ad = f->f_sub_desc; if ( map_attr_value( dc, &ad, &atmp, NULL, NULL, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } /* cannot be a DN ... */ fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)", atmp.bv_val ); if ( !BER_BVISNULL( &f->f_sub_initial ) ) { len = fstr->bv_len; filter_escape_value_x( &f->f_sub_initial, &vtmp, op->o_tmpmemctx ); fstr->bv_len += vtmp.bv_len; fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( &fstr->bv_val[len - 2], vtmp.bv_len + 3, /* "(attr=" */ "%s*)", vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); } if ( f->f_sub_any != NULL ) { for ( i = 0; !BER_BVISNULL( &f->f_sub_any[i] ); i++ ) { len = fstr->bv_len; filter_escape_value_x( &f->f_sub_any[i], &vtmp, op->o_tmpmemctx ); fstr->bv_len += vtmp.bv_len + 1; fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3, /* "(attr=[init]*[any*]" */ "%s*)", vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); } } if ( !BER_BVISNULL( &f->f_sub_final ) ) { len = fstr->bv_len; filter_escape_value_x( &f->f_sub_final, &vtmp, op->o_tmpmemctx ); fstr->bv_len += vtmp.bv_len; fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3, /* "(attr=[init*][any*]" */ "%s)", vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); } break; case LDAP_FILTER_PRESENT: ad = f->f_desc; if ( map_attr_value( dc, &ad, &atmp, NULL, NULL, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)", atmp.bv_val ); break; case LDAP_FILTER_AND: case LDAP_FILTER_OR: case LDAP_FILTER_NOT: fstr->bv_len = STRLENOF( "(%)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)", f->f_choice == LDAP_FILTER_AND ? '&' : f->f_choice == LDAP_FILTER_OR ? '|' : '!' ); for ( p = f->f_list; p != NULL; p = p->f_next ) { int rc; len = fstr->bv_len; rc = rwm_int_filter_map_rewrite( op, dc, p, &vtmp ); if ( rc != LDAP_SUCCESS ) { return rc; } fstr->bv_len += vtmp.bv_len; fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( &fstr->bv_val[len-1], vtmp.bv_len + 2, /*"("*/ "%s)", vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); } break; case LDAP_FILTER_EXT: { if ( f->f_mr_desc ) { ad = f->f_mr_desc; if ( map_attr_value( dc, &ad, &atmp, &f->f_mr_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) ) { goto computed; } } else { BER_BVSTR( &atmp, "" ); filter_escape_value_x( &f->f_mr_value, &vtmp, op->o_tmpmemctx ); } fstr->bv_len = atmp.bv_len + ( f->f_mr_dnattrs ? STRLENOF( ":dn" ) : 0 ) + ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len + 1 : 0 ) + vtmp.bv_len + STRLENOF( "(:=)" ); fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx ); snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)", atmp.bv_val, f->f_mr_dnattrs ? ":dn" : "", !BER_BVISEMPTY( &f->f_mr_rule_text ) ? ":" : "", !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_val : "", vtmp.bv_len ? vtmp.bv_val : "" ); op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx ); break; } case -1: computed:; filter_free_x( op, f, 0 ); f->f_choice = SLAPD_FILTER_COMPUTED; f->f_result = SLAPD_COMPARE_UNDEFINED; /* fallthru */ case SLAPD_FILTER_COMPUTED: switch ( f->f_result ) { case LDAP_COMPARE_FALSE: /* FIXME: treat UNDEFINED as FALSE */ case SLAPD_COMPARE_UNDEFINED: if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) { tmp = &ber_bvtf_false; break; } tmp = &ber_bvfalse; break; case LDAP_COMPARE_TRUE: if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) { tmp = &ber_bvtf_true; break; } tmp = &ber_bvtrue; break; default: tmp = &ber_bverror; break; } ber_dupbv_x( fstr, tmp, op->o_tmpmemctx ); break; default: ber_dupbv_x( fstr, &ber_bvunknown, op->o_tmpmemctx ); break; } return LDAP_SUCCESS; }
} static struct extop_list * find_extop( struct extop_list *list, struct berval *oid ) { struct extop_list *ext; for (ext = list; ext; ext = ext->next) { if (bvmatch(&ext->oid, oid)) return(ext); } return(NULL); } const struct berval slap_EXOP_WHOAMI = BER_BVC(LDAP_EXOP_WHO_AM_I); static int whoami_extop ( Operation *op, SlapReply *rs ) { struct berval *bv; if ( op->ore_reqdata != NULL ) { /* no request data should be provided */ rs->sr_text = "no request data expected"; return LDAP_PROTOCOL_ERROR; } Debug( LDAP_DEBUG_STATS, "%s WHOAMI\n",
static sasl_security_properties_t sasl_secprops; #elif defined( SLAP_BUILTIN_SASL ) /* * built-in SASL implementation * only supports EXTERNAL */ typedef struct sasl_ctx { slap_ssf_t sc_external_ssf; struct berval sc_external_id; } SASL_CTX; #endif #include <lutil.h> static struct berval ext_bv = BER_BVC( "EXTERNAL" ); char *slap_sasl_auxprops; #ifdef HAVE_CYRUS_SASL /* Just use our internal auxprop by default */ static int slap_sasl_getopt( void *context, const char *plugin_name, const char *option, const char **result, unsigned *len) { if ( strcmp( option, "auxprop_plugin" )) {
static int mdb_cf_gen( ConfigArgs *c ) { struct mdb_info *mdb = c->be->be_private; int rc; if ( c->op == SLAP_CONFIG_EMIT ) { rc = 0; switch( c->type ) { case MDB_MODE: { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "0%o", mdb->mi_dbenv_mode ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } break; case MDB_CHKPT: if ( mdb->mi_txn_cp ) { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "%ld %ld", (long) mdb->mi_txn_cp_kbyte, (long) mdb->mi_txn_cp_min ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } else { rc = 1; } break; case MDB_DIRECTORY: if ( mdb->mi_dbenv_home ) { c->value_string = ch_strdup( mdb->mi_dbenv_home ); } else { rc = 1; } break; case MDB_DBNOSYNC: if ( mdb->mi_dbenv_flags & MDB_NOSYNC ) c->value_int = 1; break; case MDB_ENVFLAGS: if ( mdb->mi_dbenv_flags ) { mask_to_verbs( mdb_envflags, mdb->mi_dbenv_flags, &c->rvalue_vals ); } if ( !c->rvalue_vals ) rc = 1; break; case MDB_INDEX: mdb_attr_index_unparse( mdb, &c->rvalue_vals ); if ( !c->rvalue_vals ) rc = 1; break; case MDB_SSTACK: c->value_int = mdb->mi_search_stack_depth; break; case MDB_MAXREADERS: c->value_int = mdb->mi_readers; break; case MDB_MAXSIZE: c->value_ulong = mdb->mi_mapsize; break; } return rc; } else if ( c->op == LDAP_MOD_DELETE ) { rc = 0; switch( c->type ) { case MDB_MODE: #if 0 /* FIXME: does it make any sense to change the mode, * if we don't exec a chmod()? */ mdb->bi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; break; #endif /* single-valued no-ops */ case MDB_SSTACK: case MDB_MAXREADERS: case MDB_MAXSIZE: break; case MDB_CHKPT: if ( mdb->mi_txn_cp_task ) { struct re_s *re = mdb->mi_txn_cp_task; mdb->mi_txn_cp_task = NULL; ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ) ) ldap_pvt_runqueue_stoptask( &slapd_rq, re ); ldap_pvt_runqueue_remove( &slapd_rq, re ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } mdb->mi_txn_cp = 0; break; case MDB_DIRECTORY: mdb->mi_flags |= MDB_RE_OPEN; ch_free( mdb->mi_dbenv_home ); mdb->mi_dbenv_home = NULL; c->cleanup = mdb_cf_cleanup; ldap_pvt_thread_pool_purgekey( mdb->mi_dbenv ); break; case MDB_DBNOSYNC: mdb_env_set_flags( mdb->mi_dbenv, MDB_NOSYNC, 0 ); mdb->mi_dbenv_flags &= ~MDB_NOSYNC; break; case MDB_ENVFLAGS: if ( c->valx == -1 ) { int i; for ( i=0; mdb_envflags[i].mask; i++) { if ( mdb->mi_dbenv_flags & mdb_envflags[i].mask ) { /* not all flags are runtime resettable */ rc = mdb_env_set_flags( mdb->mi_dbenv, mdb_envflags[i].mask, 0 ); if ( rc ) { mdb->mi_flags |= MDB_RE_OPEN; c->cleanup = mdb_cf_cleanup; rc = 0; } mdb->mi_dbenv_flags ^= mdb_envflags[i].mask; } } } else { int i = verb_to_mask( c->line, mdb_envflags ); if ( mdb_envflags[i].mask & mdb->mi_dbenv_flags ) { rc = mdb_env_set_flags( mdb->mi_dbenv, mdb_envflags[i].mask, 0 ); if ( rc ) { mdb->mi_flags |= MDB_RE_OPEN; c->cleanup = mdb_cf_cleanup; rc = 0; } mdb->mi_dbenv_flags ^= mdb_envflags[i].mask; } else { /* unknown keyword */ rc = 1; } } break; case MDB_INDEX: if ( c->valx == -1 ) { int i; /* delete all (FIXME) */ for ( i = 0; i < mdb->mi_nattrs; i++ ) { mdb->mi_attrs[i]->ai_indexmask |= MDB_INDEX_DELETING; } mdb->mi_flags |= MDB_DEL_INDEX; c->cleanup = mdb_cf_cleanup; } else { struct berval bv, def = BER_BVC("default"); char *ptr; for (ptr = c->line; !isspace( (unsigned char) *ptr ); ptr++); bv.bv_val = c->line; bv.bv_len = ptr - bv.bv_val; if ( bvmatch( &bv, &def )) { mdb->mi_defaultmask = 0; } else { int i; char **attrs; char sep; sep = bv.bv_val[ bv.bv_len ]; bv.bv_val[ bv.bv_len ] = '\0'; attrs = ldap_str2charray( bv.bv_val, "," ); for ( i = 0; attrs[ i ]; i++ ) { AttributeDescription *ad = NULL; const char *text; AttrInfo *ai; slap_str2ad( attrs[ i ], &ad, &text ); /* if we got here... */ assert( ad != NULL ); ai = mdb_attr_mask( mdb, ad ); /* if we got here... */ assert( ai != NULL ); ai->ai_indexmask |= MDB_INDEX_DELETING; mdb->mi_flags |= MDB_DEL_INDEX; c->cleanup = mdb_cf_cleanup; } bv.bv_val[ bv.bv_len ] = sep; ldap_charray_free( attrs ); } } break; } return rc; } switch( c->type ) { case MDB_MODE: if ( ASCII_DIGIT( c->argv[1][0] ) ) { long mode; char *next; errno = 0; mode = strtol( c->argv[1], &next, 0 ); if ( errno != 0 || next == c->argv[1] || next[0] != '\0' ) { fprintf( stderr, "%s: " "unable to parse mode=\"%s\".\n", c->log, c->argv[1] ); return 1; } mdb->mi_dbenv_mode = mode; } else { char *m = c->argv[1]; int who, what, mode = 0; if ( strlen( m ) != STRLENOF("-rwxrwxrwx") ) { return 1; } if ( m[0] != '-' ) { return 1; } m++; for ( who = 0; who < 3; who++ ) { for ( what = 0; what < 3; what++, m++ ) { if ( m[0] == '-' ) { continue; } else if ( m[0] != "rwx"[what] ) { return 1; } mode += ((1 << (2 - what)) << 3*(2 - who)); } } mdb->mi_dbenv_mode = mode; } break; case MDB_CHKPT: { long l; mdb->mi_txn_cp = 1; if ( lutil_atolx( &l, c->argv[1], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid kbyte \"%s\" in \"checkpoint\".\n", c->log, c->argv[1] ); return 1; } mdb->mi_txn_cp_kbyte = l; if ( lutil_atolx( &l, c->argv[2], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid minutes \"%s\" in \"checkpoint\".\n", c->log, c->argv[2] ); return 1; } mdb->mi_txn_cp_min = l; /* If we're in server mode and time-based checkpointing is enabled, * submit a task to perform periodic checkpoints. */ if ((slapMode & SLAP_SERVER_MODE) && mdb->mi_txn_cp_min ) { struct re_s *re = mdb->mi_txn_cp_task; if ( re ) { re->interval.tv_sec = mdb->mi_txn_cp_min * 60; } else { if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"checkpoint\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); mdb->mi_txn_cp_task = ldap_pvt_runqueue_insert( &slapd_rq, mdb->mi_txn_cp_min * 60, mdb_checkpoint, mdb, LDAP_XSTRING(mdb_checkpoint), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } } } break; case MDB_DIRECTORY: { FILE *f; char *ptr, *testpath; int len; len = strlen( c->value_string ); testpath = ch_malloc( len + STRLENOF(LDAP_DIRSEP) + STRLENOF("DUMMY") + 1 ); ptr = lutil_strcopy( testpath, c->value_string ); *ptr++ = LDAP_DIRSEP[0]; strcpy( ptr, "DUMMY" ); f = fopen( testpath, "w" ); if ( f ) { fclose( f ); unlink( testpath ); } ch_free( testpath ); if ( !f ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: invalid path: %s", c->log, strerror( errno )); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } if ( mdb->mi_dbenv_home ) ch_free( mdb->mi_dbenv_home ); mdb->mi_dbenv_home = c->value_string; } break; case MDB_DBNOSYNC: if ( c->value_int ) mdb->mi_dbenv_flags |= MDB_NOSYNC; else mdb->mi_dbenv_flags ^= MDB_NOSYNC; if ( mdb->mi_flags & MDB_IS_OPEN ) { mdb_env_set_flags( mdb->mi_dbenv, MDB_NOSYNC, c->value_int ); } break; case MDB_ENVFLAGS: { int i, j; for ( i=1; i<c->argc; i++ ) { j = verb_to_mask( c->argv[i], mdb_envflags ); if ( mdb_envflags[j].mask ) { if ( mdb->mi_flags & MDB_IS_OPEN ) rc = mdb_env_set_flags( mdb->mi_dbenv, mdb_envflags[j].mask, 1 ); else rc = 0; if ( rc ) { mdb->mi_flags |= MDB_RE_OPEN; c->cleanup = mdb_cf_cleanup; rc = 0; } mdb->mi_dbenv_flags |= mdb_envflags[j].mask; } else { /* unknown keyword */ rc = 1; } } } break; case MDB_INDEX: rc = mdb_attr_index_config( mdb, c->fname, c->lineno, c->argc - 1, &c->argv[1], &c->reply); if( rc != LDAP_SUCCESS ) return 1; c->cleanup = mdb_cf_cleanup; mdb->mi_flags |= MDB_OPEN_INDEX; if (( mdb->mi_flags & MDB_IS_OPEN ) && !mdb->mi_index_task ) { /* Start the task as soon as we finish here. Set a long * interval (10 hours) so that it only gets scheduled once. */ if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"index\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); mdb->mi_index_task = ldap_pvt_runqueue_insert( &slapd_rq, 36000, mdb_online_index, c->be, LDAP_XSTRING(mdb_online_index), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } break; case MDB_SSTACK: if ( c->value_int < MINIMUM_SEARCH_STACK_DEPTH ) { fprintf( stderr, "%s: depth %d too small, using %d\n", c->log, c->value_int, MINIMUM_SEARCH_STACK_DEPTH ); c->value_int = MINIMUM_SEARCH_STACK_DEPTH; } mdb->mi_search_stack_depth = c->value_int; break; case MDB_MAXREADERS: mdb->mi_readers = c->value_int; if ( mdb->mi_flags & MDB_IS_OPEN ) { mdb->mi_flags |= MDB_RE_OPEN; c->cleanup = mdb_cf_cleanup; } break; case MDB_MAXSIZE: mdb->mi_mapsize = c->value_ulong; if ( mdb->mi_flags & MDB_IS_OPEN ) { mdb->mi_flags |= MDB_RE_OPEN; c->cleanup = mdb_cf_cleanup; } break; } return 0; }
"%s: %s\n", c->log, c->cr_msg, 0 ); return ARG_BAD_CONF; } *an = a2; return 0; } static slap_overinst translucent; /* ** glue_parent() ** call syncrepl_add_glue() with the parent suffix; ** */ static struct berval glue[] = { BER_BVC("top"), BER_BVC("glue"), BER_BVNULL }; void glue_parent(Operation *op) { Operation nop = *op; slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; struct berval ndn = BER_BVNULL; Attribute *a; Entry *e; struct berval pdn; dnParent( &op->o_req_ndn, &pdn ); ber_dupbv_x( &ndn, &pdn, op->o_tmpmemctx ); Debug(LDAP_DEBUG_TRACE, "=> glue_parent: fabricating glue for <%s>\n", ndn.bv_val, 0, 0); e = entry_alloc();
int ldap_dn2domain( LDAP_CONST char *dn_in, char **domainp) { int i, j; char *ndomain; LDAPDN dn = NULL; LDAPRDN rdn = NULL; LDAPAVA *ava = NULL; struct berval domain = BER_BVNULL; static const struct berval DC = BER_BVC("DC"); static const struct berval DCOID = BER_BVC("0.9.2342.19200300.100.1.25"); assert( dn_in != NULL ); assert( domainp != NULL ); *domainp = NULL; if ( ldap_str2dn( dn_in, &dn, LDAP_DN_FORMAT_LDAP ) != LDAP_SUCCESS ) { return -2; } if( dn ) for( i=0; dn[i] != NULL; i++ ) { rdn = dn[i]; for( j=0; rdn[j] != NULL; j++ ) { ava = rdn[j]; if( rdn[j+1] == NULL && (ava->la_flags & LDAP_AVA_STRING) && ava->la_value.bv_len && ( ber_bvstrcasecmp( &ava->la_attr, &DC ) == 0 || ber_bvcmp( &ava->la_attr, &DCOID ) == 0 ) ) { if( domain.bv_len == 0 ) { ndomain = LDAP_REALLOC( domain.bv_val, ava->la_value.bv_len + 1); if( ndomain == NULL ) { goto return_error; } domain.bv_val = ndomain; AC_MEMCPY( domain.bv_val, ava->la_value.bv_val, ava->la_value.bv_len ); domain.bv_len = ava->la_value.bv_len; domain.bv_val[domain.bv_len] = '\0'; } else { ndomain = LDAP_REALLOC( domain.bv_val, ava->la_value.bv_len + sizeof(".") + domain.bv_len ); if( ndomain == NULL ) { goto return_error; } domain.bv_val = ndomain; domain.bv_val[domain.bv_len++] = '.'; AC_MEMCPY( &domain.bv_val[domain.bv_len], ava->la_value.bv_val, ava->la_value.bv_len ); domain.bv_len += ava->la_value.bv_len; domain.bv_val[domain.bv_len] = '\0'; } } else { domain.bv_len = 0; } } } if( domain.bv_len == 0 && domain.bv_val != NULL ) { LDAP_FREE( domain.bv_val ); domain.bv_val = NULL; } ldap_dnfree( dn ); *domainp = domain.bv_val; return 0; return_error: ldap_dnfree( dn ); LDAP_FREE( domain.bv_val ); return -1; }
static int do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr, int maxloop, int force, int chaserefs, int noinit, int delay, int action_type, void *action ) { LDAP *ld = NULL; int i = 0; int rc = LDAP_SUCCESS; ber_int_t msgid; LDAPMessage *res, *msg; char **dns = NULL; struct berval *creds = NULL; char *attrs[] = { LDAP_NO_ATTRS, NULL }; int ndns = 0; #ifdef _WIN32 DWORD beg, end; #else struct timeval beg, end; #endif int version = LDAP_VERSION3; char *nullstr = ""; ldap_initialize( &ld, uri ); if ( ld == NULL ) { tester_perror( "ldap_initialize", NULL ); exit( EXIT_FAILURE ); } (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); (void) ldap_set_option( ld, LDAP_OPT_REFERRALS, chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF ); rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { tester_ldap_error( ld, "ldap_sasl_bind_s", NULL ); exit( EXIT_FAILURE ); } fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n", (long) pid, maxloop, base, filter, pwattr ); if ( pwattr != NULL ) { attrs[ 0 ] = pwattr; } rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE, filter, attrs, 0, NULL, NULL, 0, 0, &msgid ); if ( rc != LDAP_SUCCESS ) { tester_ldap_error( ld, "ldap_search_ext", NULL ); exit( EXIT_FAILURE ); } while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 ) { BerElement *ber; struct berval bv; int done = 0; for ( msg = ldap_first_message( ld, res ); msg; msg = ldap_next_message( ld, msg ) ) { switch ( ldap_msgtype( msg ) ) { case LDAP_RES_SEARCH_ENTRY: rc = ldap_get_dn_ber( ld, msg, &ber, &bv ); dns = realloc( dns, (ndns + 1)*sizeof(char *) ); dns[ndns] = ber_strdup( bv.bv_val ); if ( pwattr != NULL ) { struct berval **values = ldap_get_values_len( ld, msg, pwattr ); creds = realloc( creds, (ndns + 1)*sizeof(struct berval) ); if ( values == NULL ) { novals:; creds[ndns].bv_len = 0; creds[ndns].bv_val = nullstr; } else { static struct berval cleartext = BER_BVC( "{CLEARTEXT} " ); struct berval value = *values[ 0 ]; if ( value.bv_val[ 0 ] == '{' ) { char *end = ber_bvchr( &value, '}' ); if ( end ) { if ( ber_bvcmp( &value, &cleartext ) == 0 ) { value.bv_val += cleartext.bv_len; value.bv_len -= cleartext.bv_len; } else { ldap_value_free_len( values ); goto novals; } } } ber_dupbv( &creds[ndns], &value ); ldap_value_free_len( values ); } } ndns++; ber_free( ber, 0 ); break; case LDAP_RES_SEARCH_RESULT: done = 1; break; } if ( done ) break; } ldap_msgfree( res ); if ( done ) break; } #ifdef _WIN32 beg = GetTickCount(); #else gettimeofday( &beg, NULL ); #endif if ( ndns == 0 ) { tester_error( "No DNs" ); return 1; } fprintf( stderr, " PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n", (long) pid, base, filter, ndns ); /* Ok, got list of DNs, now start binding to each */ for ( i = 0; i < maxloop; i++ ) { int j; struct berval cred = { 0, NULL }; #if 0 /* use high-order bits for better randomness (Numerical Recipes in "C") */ j = rand() % ndns; #endif j = ((double)ndns)*rand()/(RAND_MAX + 1.0); if ( creds && !BER_BVISEMPTY( &creds[j] ) ) { cred = creds[j]; } if ( do_bind( uri, dns[j], &cred, 1, force, chaserefs, noinit, &ld, action_type, action ) && !force ) { break; } if ( delay ) { sleep( delay ); } } if ( ld != NULL ) { ldap_unbind_ext( ld, NULL, NULL ); ld = NULL; } #ifdef _WIN32 end = GetTickCount(); end -= beg; fprintf( stderr, " PID=%ld - Bind done %d in %d.%03d seconds.\n", (long) pid, i, end / 1000, end % 1000 ); #else gettimeofday( &end, NULL ); end.tv_usec -= beg.tv_usec; if (end.tv_usec < 0 ) { end.tv_usec += 1000000; end.tv_sec -= 1; } end.tv_sec -= beg.tv_sec; fprintf( stderr, " PID=%ld - Bind done %d in %ld.%06ld seconds.\n", (long) pid, i, (long) end.tv_sec, (long) end.tv_usec ); #endif if ( dns ) { for ( i = 0; i < ndns; i++ ) { ber_memfree( dns[i] ); } free( dns ); } if ( creds ) { for ( i = 0; i < ndns; i++ ) { if ( creds[i].bv_val != nullstr ) { ber_memfree( creds[i].bv_val ); } } free( creds ); } return 0; }
#include "lutil.h" #include <ac/stdlib.h> #include <ac/ctype.h> #include <ac/string.h> /* include socket.h to get sys/types.h and/or winsock2.h */ #include <ac/socket.h> #include <openssl/sha.h> #include <openssl/hmac.h> #include "slap.h" #include "config.h" static LUTIL_PASSWD_CHK_FUNC chk_totp1, chk_totp256, chk_totp512; static LUTIL_PASSWD_HASH_FUNC hash_totp1, hash_totp256, hash_totp512; static const struct berval scheme_totp1 = BER_BVC("{TOTP1}"); static const struct berval scheme_totp256 = BER_BVC("{TOTP256}"); static const struct berval scheme_totp512 = BER_BVC("{TOTP512}"); static AttributeDescription *ad_authTimestamp; /* This is the definition used by ISODE, as supplied to us in * ITS#6238 Followup #9 */ static struct schema_info { char *def; AttributeDescription **ad; } totp_OpSchema[] = { { "( 1.3.6.1.4.1.453.16.2.188 " "NAME 'authTimestamp' " "DESC 'last successful authentication using any method/mech' "
static int chk_sha512( const struct berval *scheme, // Scheme of hashed reference password const struct berval *passwd, // Hashed reference password to check against const struct berval *cred, // user-supplied password to check const char **text ) { #ifdef SLAPD_SHA2_DEBUG fprintf(stderr, " Password to validate: %s\n", cred->bv_val); fprintf(stderr, " Hashes to: %s\n", sha512_hex_hash(cred->bv_val)); fprintf(stderr, " Stored password scheme: %s\n", scheme->bv_val); fprintf(stderr, " Stored password value: %s\n", passwd->bv_val); fprintf(stderr, " -> Passwords %s\n", strcmp(sha512_hex_hash(cred->bv_val), passwd->bv_val) == 0 ? "match" : "do not match"); #endif return (strcmp(sha512_hex_hash(cred->bv_val), passwd->bv_val)); } const struct berval sha256scheme = BER_BVC("{SHA256}"); const struct berval sha384scheme = BER_BVC("{SHA384}"); const struct berval sha512scheme = BER_BVC("{SHA512}"); int init_module(int argc, char *argv[]) { int result = 0; result = lutil_passwd_add( (struct berval *)&sha256scheme, chk_sha256, hash_sha256 ); if (result != 0) return result; result = lutil_passwd_add( (struct berval *)&sha384scheme, chk_sha384, hash_sha384 ); if (result != 0) return result; result = lutil_passwd_add( (struct berval *)&sha512scheme, chk_sha512, hash_sha512 ); return result; }
int backsql_db_open( BackendDB *bd, ConfigReply *cr ) { backsql_info *bi = (backsql_info*)bd->be_private; struct berbuf bb = BB_NULL; Connection conn = { 0 }; OperationBuffer opbuf; Operation* op; SQLHDBC dbh = SQL_NULL_HDBC; void *thrctx = ldap_pvt_thread_pool_context(); Debug( LDAP_DEBUG_TRACE, "==>backsql_db_open(): " "testing RDBMS connection\n", 0, 0, 0 ); if ( bi->sql_dbname == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "datasource name not specified " "(use \"dbname\" directive in slapd.conf)\n", 0, 0, 0 ); return 1; } if ( bi->sql_concat_func == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "concat func not specified (use \"concat_pattern\" " "directive in slapd.conf)\n", 0, 0, 0 ); if ( backsql_split_pattern( backsql_def_concat_func, &bi->sql_concat_func, 2 ) ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "unable to parse pattern \"%s\"", backsql_def_concat_func, 0, 0 ); return 1; } } /* * see back-sql.h for default values */ if ( BER_BVISNULL( &bi->sql_aliasing ) ) { ber_str2bv( BACKSQL_ALIASING, STRLENOF( BACKSQL_ALIASING ), 1, &bi->sql_aliasing ); } if ( BER_BVISNULL( &bi->sql_aliasing_quote ) ) { ber_str2bv( BACKSQL_ALIASING_QUOTE, STRLENOF( BACKSQL_ALIASING_QUOTE ), 1, &bi->sql_aliasing_quote ); } /* * Prepare cast string as required */ if ( bi->sql_upper_func.bv_val ) { char buf[1024]; if ( BACKSQL_UPPER_NEEDS_CAST( bi ) ) { snprintf( buf, sizeof( buf ), "%s(cast (" /* ? as varchar(%d))) */ , bi->sql_upper_func.bv_val ); ber_str2bv( buf, 0, 1, &bi->sql_upper_func_open ); snprintf( buf, sizeof( buf ), /* (cast(? */ " as varchar(%d)))", BACKSQL_MAX_DN_LEN ); ber_str2bv( buf, 0, 1, &bi->sql_upper_func_close ); } else { snprintf( buf, sizeof( buf ), "%s(" /* ?) */ , bi->sql_upper_func.bv_val ); ber_str2bv( buf, 0, 1, &bi->sql_upper_func_open ); ber_str2bv( /* (? */ ")", 0, 1, &bi->sql_upper_func_close ); } } /* normalize filter values only if necessary */ bi->sql_caseIgnoreMatch = mr_find( "caseIgnoreMatch" ); assert( bi->sql_caseIgnoreMatch != NULL ); bi->sql_telephoneNumberMatch = mr_find( "telephoneNumberMatch" ); assert( bi->sql_telephoneNumberMatch != NULL ); if ( bi->sql_dbuser == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "user name not specified " "(use \"dbuser\" directive in slapd.conf)\n", 0, 0, 0 ); return 1; } if ( BER_BVISNULL( &bi->sql_subtree_cond ) ) { /* * Prepare concat function for subtree search condition */ struct berval concat; struct berval values[] = { BER_BVC( "'%'" ), BER_BVC( "?" ), BER_BVNULL }; struct berbuf bb = BB_NULL; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "subtree search SQL condition not specified " "(use \"subtree_cond\" directive in slapd.conf); " "preparing default\n", 0, 0, 0); if ( backsql_prepare_pattern( bi->sql_concat_func, values, &concat ) ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "unable to prepare CONCAT pattern for subtree search", 0, 0, 0 ); return 1; } if ( bi->sql_upper_func.bv_val ) { /* * UPPER(ldap_entries.dn) LIKE UPPER(CONCAT('%',?)) */ backsql_strfcat_x( &bb, NULL, "blbbb", &bi->sql_upper_func, (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE " ), "(ldap_entries.dn) LIKE ", &bi->sql_upper_func_open, &concat, &bi->sql_upper_func_close ); } else { /* * ldap_entries.dn LIKE CONCAT('%',?) */ backsql_strfcat_x( &bb, NULL, "lb", (ber_len_t)STRLENOF( "ldap_entries.dn LIKE " ), "ldap_entries.dn LIKE ", &concat ); } ch_free( concat.bv_val ); bi->sql_subtree_cond = bb.bb_val; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" as default \"subtree_cond\"\n", bi->sql_subtree_cond.bv_val, 0, 0 ); } if ( bi->sql_children_cond.bv_val == NULL ) { /* * Prepare concat function for children search condition */ struct berval concat; struct berval values[] = { BER_BVC( "'%,'" ), BER_BVC( "?" ), BER_BVNULL }; struct berbuf bb = BB_NULL; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "children search SQL condition not specified " "(use \"children_cond\" directive in slapd.conf); " "preparing default\n", 0, 0, 0); if ( backsql_prepare_pattern( bi->sql_concat_func, values, &concat ) ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "unable to prepare CONCAT pattern for children search", 0, 0, 0 ); return 1; } if ( bi->sql_upper_func.bv_val ) { /* * UPPER(ldap_entries.dn) LIKE UPPER(CONCAT('%,',?)) */ backsql_strfcat_x( &bb, NULL, "blbbb", &bi->sql_upper_func, (ber_len_t)STRLENOF( "(ldap_entries.dn) LIKE " ), "(ldap_entries.dn) LIKE ", &bi->sql_upper_func_open, &concat, &bi->sql_upper_func_close ); } else { /* * ldap_entries.dn LIKE CONCAT('%,',?) */ backsql_strfcat_x( &bb, NULL, "lb", (ber_len_t)STRLENOF( "ldap_entries.dn LIKE " ), "ldap_entries.dn LIKE ", &concat ); } ch_free( concat.bv_val ); bi->sql_children_cond = bb.bb_val; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" as default \"children_cond\"\n", bi->sql_children_cond.bv_val, 0, 0 ); } if ( bi->sql_dn_match_cond.bv_val == NULL ) { /* * Prepare concat function for dn match search condition */ struct berbuf bb = BB_NULL; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "DN match search SQL condition not specified " "(use \"dn_match_cond\" directive in slapd.conf); " "preparing default\n", 0, 0, 0); if ( bi->sql_upper_func.bv_val ) { /* * UPPER(ldap_entries.dn)=? */ backsql_strfcat_x( &bb, NULL, "blbcb", &bi->sql_upper_func, (ber_len_t)STRLENOF( "(ldap_entries.dn)=" ), "(ldap_entries.dn)=", &bi->sql_upper_func_open, '?', &bi->sql_upper_func_close ); } else { /* * ldap_entries.dn=? */ backsql_strfcat_x( &bb, NULL, "l", (ber_len_t)STRLENOF( "ldap_entries.dn=?" ), "ldap_entries.dn=?" ); } bi->sql_dn_match_cond = bb.bb_val; Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" as default \"dn_match_cond\"\n", bi->sql_dn_match_cond.bv_val, 0, 0 ); } if ( bi->sql_oc_query == NULL ) { if ( BACKSQL_CREATE_NEEDS_SELECT( bi ) ) { bi->sql_oc_query = ch_strdup( backsql_def_needs_select_oc_query ); } else { bi->sql_oc_query = ch_strdup( backsql_def_oc_query ); } Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "objectclass mapping SQL statement not specified " "(use \"oc_query\" directive in slapd.conf)\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", bi->sql_oc_query, 0, 0 ); } if ( bi->sql_at_query == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "attribute mapping SQL statement not specified " "(use \"at_query\" directive in slapd.conf)\n", 0, 0, 0 ); Debug(LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", backsql_def_at_query, 0, 0 ); bi->sql_at_query = ch_strdup( backsql_def_at_query ); } if ( bi->sql_insentry_stmt == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "entry insertion SQL statement not specified " "(use \"insentry_stmt\" directive in slapd.conf)\n", 0, 0, 0 ); Debug(LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", backsql_def_insentry_stmt, 0, 0 ); bi->sql_insentry_stmt = ch_strdup( backsql_def_insentry_stmt ); } if ( bi->sql_delentry_stmt == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "entry deletion SQL statement not specified " "(use \"delentry_stmt\" directive in slapd.conf)\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", backsql_def_delentry_stmt, 0, 0 ); bi->sql_delentry_stmt = ch_strdup( backsql_def_delentry_stmt ); } if ( bi->sql_renentry_stmt == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "entry deletion SQL statement not specified " "(use \"renentry_stmt\" directive in slapd.conf)\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", backsql_def_renentry_stmt, 0, 0 ); bi->sql_renentry_stmt = ch_strdup( backsql_def_renentry_stmt ); } if ( bi->sql_delobjclasses_stmt == NULL ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "objclasses deletion SQL statement not specified " "(use \"delobjclasses_stmt\" directive in slapd.conf)\n", 0, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "setting \"%s\" by default\n", backsql_def_delobjclasses_stmt, 0, 0 ); bi->sql_delobjclasses_stmt = ch_strdup( backsql_def_delobjclasses_stmt ); } /* This should just be to force schema loading */ connection_fake_init2( &conn, &opbuf, thrctx, 0 ); op = &opbuf.ob_op; op->o_bd = bd; if ( backsql_get_db_conn( op, &dbh ) != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "connection failed, exiting\n", 0, 0, 0 ); return 1; } if ( backsql_load_schema_map( bi, dbh ) != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "schema mapping failed, exiting\n", 0, 0, 0 ); return 1; } if ( backsql_free_db_conn( op, dbh ) != SQL_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "connection free failed\n", 0, 0, 0 ); } if ( !BACKSQL_SCHEMA_LOADED( bi ) ) { Debug( LDAP_DEBUG_TRACE, "backsql_db_open(): " "test failed, schema map not loaded - exiting\n", 0, 0, 0 ); return 1; } /* * Prepare ID selection query */ if ( bi->sql_id_query == NULL ) { /* no custom id_query provided */ if ( bi->sql_upper_func.bv_val == NULL ) { backsql_strcat_x( &bb, NULL, backsql_id_query, "dn=?", NULL ); } else { if ( BACKSQL_HAS_LDAPINFO_DN_RU( bi ) ) { backsql_strcat_x( &bb, NULL, backsql_id_query, "dn_ru=?", NULL ); } else { if ( BACKSQL_USE_REVERSE_DN( bi ) ) { backsql_strfcat_x( &bb, NULL, "sbl", backsql_id_query, &bi->sql_upper_func, (ber_len_t)STRLENOF( "(dn)=?" ), "(dn)=?" ); } else { backsql_strfcat_x( &bb, NULL, "sblbcb", backsql_id_query, &bi->sql_upper_func, (ber_len_t)STRLENOF( "(dn)=" ), "(dn)=", &bi->sql_upper_func_open, '?', &bi->sql_upper_func_close ); } } } bi->sql_id_query = bb.bb_val.bv_val; } /* * Prepare children count query */ BER_BVZERO( &bb.bb_val ); bb.bb_len = 0; backsql_strfcat_x( &bb, NULL, "sbsb", "SELECT COUNT(distinct subordinates.id) " "FROM ldap_entries,ldap_entries ", &bi->sql_aliasing, "subordinates " "WHERE subordinates.parent=ldap_entries.id AND ", &bi->sql_dn_match_cond ); bi->sql_has_children_query = bb.bb_val.bv_val; /* * Prepare DN and objectClass aliasing bit of query */ BER_BVZERO( &bb.bb_val ); bb.bb_len = 0; backsql_strfcat_x( &bb, NULL, "sbbsbsbbsb", " ", &bi->sql_aliasing, &bi->sql_aliasing_quote, "objectClass", &bi->sql_aliasing_quote, ",ldap_entries.dn ", &bi->sql_aliasing, &bi->sql_aliasing_quote, "dn", &bi->sql_aliasing_quote ); bi->sql_dn_oc_aliasing = bb.bb_val; /* should never happen! */ assert( bd->be_nsuffix != NULL ); if ( BER_BVISNULL( &bd->be_nsuffix[ 1 ] ) ) { /* enable if only one suffix is defined */ bi->sql_flags |= BSQLF_USE_SUBTREE_SHORTCUT; } bi->sql_flags |= BSQLF_CHECK_SCHEMA; Debug( LDAP_DEBUG_TRACE, "<==backsql_db_open(): " "test succeeded, schema map loaded\n", 0, 0, 0 ); return 0; }
Debug( LDAP_DEBUG_ANY,"nssov: problem closing socket: %s",strerror(errno),0,0); return; } } connection_fake_init( &conn, &opbuf, ctx ); op=&opbuf.ob_op; conn.c_ssf = conn.c_transport_ssf = local_ssf; op->o_bd = ni->ni_db; op->o_tag = LDAP_REQ_SEARCH; /* handle the connection */ handleconnection(ni,csock,op); } static slap_verbmasks nss_svcs[] = { { BER_BVC("aliases"), NM_alias }, { BER_BVC("ethers"), NM_ether }, { BER_BVC("group"), NM_group }, { BER_BVC("hosts"), NM_host }, { BER_BVC("netgroup"), NM_netgroup }, { BER_BVC("networks"), NM_network }, { BER_BVC("passwd"), NM_passwd }, { BER_BVC("protocols"), NM_protocol }, { BER_BVC("rpc"), NM_rpc }, { BER_BVC("services"), NM_service }, { BER_BVC("shadow"), NM_shadow }, { BER_BVNULL, 0 } }; static slap_verbmasks pam_opts[] = { { BER_BVC("userhost"), NI_PAM_USERHOST },
*/ #include "portable.h" #include <stdio.h> #include <ac/ctype.h> #include <ac/errno.h> #include <ac/socket.h> #include <ac/string.h> #include <ac/time.h> #include "slap.h" #include "lutil.h" static struct berval bv_no_attrs = BER_BVC( LDAP_NO_ATTRS ); static struct berval bv_all_user_attrs = BER_BVC( "*" ); static struct berval bv_all_operational_attrs = BER_BVC( "+" ); static AttributeName anlist_no_attrs[] = { { BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL }, { BER_BVNULL, NULL, 0, NULL } }; static AttributeName anlist_all_user_attributes[] = { { BER_BVC( LDAP_ALL_USER_ATTRIBUTES ), NULL, 0, NULL }, { BER_BVNULL, NULL, 0, NULL } }; static AttributeName anlist_all_operational_attributes[] = { { BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES ), NULL, 0, NULL },
#include "reldap.h" #include <stdio.h> #include <ac/socket.h> #include <ac/string.h> #include <ac/unistd.h> #include "slap.h" #include <lber_pvt.h> #include <lutil.h> #ifdef LDAP_X_TXN const struct berval slap_EXOP_TXN_START = BER_BVC(LDAP_EXOP_X_TXN_START); const struct berval slap_EXOP_TXN_END = BER_BVC(LDAP_EXOP_X_TXN_END); int txn_start_extop( Operation *op, SlapReply *rs ) { int rc; struct berval *bv; Statslog( LDAP_DEBUG_STATS, "%s TXN START\n", op->o_log_prefix ); if( op->ore_reqdata != NULL ) { rs->sr_text = "no request data expected"; return LDAP_PROTOCOL_ERROR; }
int main( int argc, char **argv ) { int i; char *uri = NULL; char *host = "localhost"; char *dn = NULL; char *base = NULL; char *filter = "(objectClass=person)"; struct berval pass = { 0, NULL }; char *pwattr = NULL; int port = -1; int loops = LOOPS; int outerloops = 1; int force = 0; int chaserefs = 0; int noinit = 1; int delay = 0; /* extra action to do after bind... */ struct berval type[] = { BER_BVC( "tester=" ), BER_BVC( "add=" ), BER_BVC( "bind=" ), BER_BVC( "modify=" ), BER_BVC( "modrdn=" ), BER_BVC( "read=" ), BER_BVC( "search=" ), BER_BVNULL }; LDAPURLDesc *extra_ludp = NULL; tester_init( "slapd-bind", TESTER_BIND ); /* by default, tolerate invalid credentials */ tester_ignore_str2errlist( "INVALID_CREDENTIALS" ); while ( ( i = getopt( argc, argv, "a:B:b:D:Ff:H:h:Ii:L:l:p:t:w:" ) ) != EOF ) { switch ( i ) { case 'a': pwattr = optarg; break; case 'b': /* base DN of a tree of user DNs */ base = optarg; break; case 'B': { int c; for ( c = 0; type[c].bv_val; c++ ) { if ( strncasecmp( optarg, type[c].bv_val, type[c].bv_len ) == 0 ) { break; } } if ( type[c].bv_val == NULL ) { usage( argv[0], 'B' ); } switch ( c ) { case TESTER_TESTER: case TESTER_BIND: /* invalid */ usage( argv[0], 'B' ); case TESTER_SEARCH: { if ( ldap_url_parse( &optarg[type[c].bv_len], &extra_ludp ) != LDAP_URL_SUCCESS ) { usage( argv[0], 'B' ); } } break; case TESTER_ADDEL: case TESTER_MODIFY: case TESTER_MODRDN: case TESTER_READ: /* nothing to do */ break; default: assert( 0 ); } } break; case 'C': chaserefs++; break; case 'H': /* the server uri */ uri = optarg; break; case 'h': /* the servers host */ host = optarg; break; case 'i': tester_ignore_str2errlist( optarg ); break; case 'p': /* the servers port */ if ( lutil_atoi( &port, optarg ) != 0 ) { usage( argv[0], 'p' ); } break; case 'D': dn = optarg; break; case 'w': ber_str2bv( optarg, 0, 1, &pass ); memset( optarg, '*', pass.bv_len ); break; case 'l': /* the number of loops */ if ( lutil_atoi( &loops, optarg ) != 0 ) { usage( argv[0], 'l' ); } break; case 'L': /* the number of outerloops */ if ( lutil_atoi( &outerloops, optarg ) != 0 ) { usage( argv[0], 'L' ); } break; case 'f': filter = optarg; break; case 'F': force++; break; case 'I': /* reuse connection */ noinit = 0; break; case 't': /* sleep between binds */ if ( lutil_atoi( &delay, optarg ) != 0 ) { usage( argv[0], 't' ); } break; default: usage( argv[0], i ); break; } } if ( port == -1 && uri == NULL ) { usage( argv[0], '\0' ); } uri = tester_uri( uri, host, port ); for ( i = 0; i < outerloops; i++ ) { int rc; if ( base != NULL ) { rc = do_base( uri, dn, &pass, base, filter, pwattr, loops, force, chaserefs, noinit, delay, -1, NULL ); } else { rc = do_bind( uri, dn, &pass, loops, force, chaserefs, noinit, NULL, -1, NULL ); } if ( rc == LDAP_SERVER_DOWN ) break; } exit( EXIT_SUCCESS ); }
static ConfigOCs mdbocs[] = { { "( OLcfgDbOc:12.1 " "NAME 'olcMdbConfig' " "DESC 'MDB backend configuration' " "SUP olcDatabaseConfig " "MUST olcDbDirectory " "MAY ( olcDbCheckpoint $ olcDbEnvFlags $ " "olcDbNoSync $ olcDbIndex $ olcDbMaxReaders $ olcDbMaxsize $ " "olcDbMode $ olcDbSearchStack ) )", Cft_Database, mdbcfg }, { NULL, 0, NULL } }; static slap_verbmasks mdb_envflags[] = { { BER_BVC("nosync"), MDB_NOSYNC }, { BER_BVC("nometasync"), MDB_NOMETASYNC }, { BER_BVC("writemap"), MDB_WRITEMAP }, { BER_BVC("mapasync"), MDB_MAPASYNC }, { BER_BVC("nordahead"), MDB_NORDAHEAD }, { BER_BVNULL, 0 } }; /* perform periodic syncs */ static void * mdb_checkpoint( void *ctx, void *arg ) { struct re_s *rtask = arg; struct mdb_info *mdb = rtask->arg; mdb_env_sync( mdb->mi_dbenv, 1 );
* This code references portions of the nss-ldapd package * written by Arthur de Jong. The nss-ldapd code was forked * from the nss-ldap library written by Luke Howard. */ #include "nssov.h" #include <ac/ctype.h> /* ( nisSchema.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL * DESC 'Abstraction of a netgroup. May refer to other netgroups' * MUST cn * MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) */ /* the basic search filter for searches */ static struct berval netgroup_filter = BER_BVC("(objectClass=nisNetgroup)"); /* the attributes to request with searches */ static struct berval netgroup_keys[] = { BER_BVC("cn"), BER_BVC("nisNetgroupTriple"), BER_BVC("memberNisNetgroup"), BER_BVNULL }; NSSOV_INIT(netgroup) NSSOV_CBPRIV(netgroup, char buf[256]; struct berval name;);
#include <ac/string.h> #include "slap.h" #include "back-ldap.h" #include "lber_pvt.h" typedef int (ldap_back_exop_f)( Operation *op, SlapReply *rs, ldapconn_t **lc ); static ldap_back_exop_f ldap_back_exop_passwd; static ldap_back_exop_f ldap_back_exop_generic; static struct exop { struct berval oid; ldap_back_exop_f *extended; } exop_table[] = { { BER_BVC(LDAP_EXOP_MODIFY_PASSWD), ldap_back_exop_passwd }, { BER_BVNULL, NULL } }; static int ldap_back_extended_one( Operation *op, SlapReply *rs, ldap_back_exop_f exop ) { ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private; ldapconn_t *lc = NULL; LDAPControl **ctrls = NULL, **oldctrls = NULL; int rc; /* FIXME: this needs to be called here, so it is * called twice; maybe we could avoid the * ldap_back_dobind() call inside each extended()
* written by Arthur de Jong. The nss-ldapd code was forked * from the nss-ldap library written by Luke Howard. */ #include "nssov.h" /* Vendor-specific attributes and object classes. * (Mainly from Sun.) * ( 1.3.6.1.4.1.42.2.27.1.2.5 NAME 'nisMailAlias' SUP top STRUCTURAL * DESC 'NIS mail alias' * MUST cn * MAY rfc822MailMember ) */ /* the basic search filter for searches */ static struct berval alias_filter = BER_BVC("(objectClass=nisMailAlias)"); /* the attributes to request with searches */ static struct berval alias_keys[] = { BER_BVC("cn"), BER_BVC("rfc822MailMember"), BER_BVNULL }; NSSOV_INIT(alias) NSSOV_CBPRIV(alias, struct berval name; char buf[256];); static int write_alias(nssov_alias_cbp *cbp,Entry *entry)
*/ #include "nssov.h" struct ether_addr { uint8_t ether_addr_octet[6]; }; /* ( nisSchema.2.11 NAME 'ieee802Device' SUP top AUXILIARY * DESC 'A device with a MAC address; device SHOULD be * used as a structural class' * MAY macAddress ) */ /* the basic search filter for searches */ static struct berval ether_filter = BER_BVC("(objectClass=ieee802Device)"); /* the attributes to request with searches */ static struct berval ether_keys[] = { BER_BVC("cn"), BER_BVC("macAddress"), BER_BVNULL }; NSSOV_INIT(ether) NSSOV_CBPRIV(ether, char buf[256]; struct berval name; struct berval addr;);
static int asyncmeta_proxy_authz_bind( a_metaconn_t *mc, int candidate, Operation *op, SlapReply *rs, ldap_back_send_t sendok, int dolock ) { a_metainfo_t *mi = mc->mc_info; a_metatarget_t *mt = mi->mi_targets[ candidate ]; a_metasingleconn_t *msc = &mc->mc_conns[ candidate ]; struct berval binddn = BER_BVC( "" ), cred = BER_BVC( "" ); int method = LDAP_AUTH_NONE, rc; rc = asyncmeta_back_proxy_authz_cred( mc, candidate, op, rs, sendok, &binddn, &cred, &method ); if ( rc == LDAP_SUCCESS && !LDAP_BACK_CONN_ISBOUND( msc ) ) { int msgid; switch ( method ) { case LDAP_AUTH_NONE: case LDAP_AUTH_SIMPLE: for (;;) { rs->sr_err = ldap_sasl_bind( msc->msc_ld, binddn.bv_val, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &msgid ); if ( rs->sr_err != LDAP_X_CONNECTING ) { break; } ldap_pvt_thread_yield(); } rc = asyncmeta_bind_op_result( op, rs, mc, candidate, msgid, sendok, dolock ); if ( rc == LDAP_SUCCESS ) { /* set rebind stuff in case of successful proxyAuthz bind, * so that referral chasing is attempted using the right * identity */ LDAP_BACK_CONN_ISBOUND_SET( msc ); ber_bvreplace( &msc->msc_bound_ndn, &binddn ); if ( META_BACK_TGT_SAVECRED( mt ) ) { if ( !BER_BVISNULL( &msc->msc_cred ) ) { memset( msc->msc_cred.bv_val, 0, msc->msc_cred.bv_len ); } ber_bvreplace( &msc->msc_cred, &cred ); ldap_set_rebind_proc( msc->msc_ld, mt->mt_rebind_f, msc ); } } break; default: assert( 0 ); break; } } return LDAP_BACK_CONN_ISBOUND( msc ); }
(void *)tls_imp->ti_sbio ) #endif /* HAVE_TLS */ #define LDAP_USE_NON_BLOCKING_TLS /* RFC2459 minimum required set of supported attribute types * in a certificate DN */ typedef struct oid_name { struct berval oid; struct berval name; } oid_name; static oid_name oids[] = { { BER_BVC("2.5.4.3"), BER_BVC("cn") }, { BER_BVC("2.5.4.4"), BER_BVC("sn") }, { BER_BVC("2.5.4.6"), BER_BVC("c") }, { BER_BVC("2.5.4.7"), BER_BVC("l") }, { BER_BVC("2.5.4.8"), BER_BVC("st") }, { BER_BVC("2.5.4.10"), BER_BVC("o") }, { BER_BVC("2.5.4.11"), BER_BVC("ou") }, { BER_BVC("2.5.4.12"), BER_BVC("title") }, { BER_BVC("2.5.4.41"), BER_BVC("name") }, { BER_BVC("2.5.4.42"), BER_BVC("givenName") }, { BER_BVC("2.5.4.43"), BER_BVC("initials") }, { BER_BVC("2.5.4.44"), BER_BVC("generationQualifier") }, { BER_BVC("2.5.4.46"), BER_BVC("dnQualifier") }, { BER_BVC("1.2.840.113549.1.9.1"), BER_BVC("email") }, { BER_BVC("0.9.2342.19200300.100.1.25"), BER_BVC("dc") }, { BER_BVNULL, BER_BVNULL }
/* * asyncmeta_back_single_dobind */ int asyncmeta_back_single_dobind( Operation *op, SlapReply *rs, a_metaconn_t **mcp, int candidate, ldap_back_send_t sendok, int nretries, int dolock ) { a_metaconn_t *mc = *mcp; a_metainfo_t *mi = mc->mc_info; a_metatarget_t *mt = mi->mi_targets[ candidate ]; a_metasingleconn_t *msc = &mc->mc_conns[ candidate ]; int msgid; assert( !LDAP_BACK_CONN_ISBOUND( msc ) ); if ( op->o_conn != NULL && !op->o_do_not_cache && ( BER_BVISNULL( &msc->msc_bound_ndn ) || BER_BVISEMPTY( &msc->msc_bound_ndn ) || ( LDAP_BACK_CONN_ISPRIV( mc ) && dn_match( &msc->msc_bound_ndn, &mt->mt_idassert_authcDN ) ) || ( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) ) ) { (void)asyncmeta_proxy_authz_bind( mc, candidate, op, rs, sendok, dolock ); } else { char *binddn = ""; struct berval cred = BER_BVC( "" ); /* use credentials if available */ if ( !BER_BVISNULL( &msc->msc_bound_ndn ) && !BER_BVISNULL( &msc->msc_cred ) ) { binddn = msc->msc_bound_ndn.bv_val; cred = msc->msc_cred; } for (;;) { rs->sr_err = ldap_sasl_bind( msc->msc_ld, binddn, LDAP_SASL_SIMPLE, &cred, NULL, NULL, &msgid ); if ( rs->sr_err != LDAP_X_CONNECTING ) { break; } ldap_pvt_thread_yield(); } rs->sr_err = asyncmeta_bind_op_result( op, rs, mc, candidate, msgid, sendok, dolock ); /* if bind succeeded, but anonymous, clear msc_bound_ndn */ if ( rs->sr_err != LDAP_SUCCESS || binddn[0] == '\0' ) { if ( !BER_BVISNULL( &msc->msc_bound_ndn ) ) { ber_memfree( msc->msc_bound_ndn.bv_val ); BER_BVZERO( &msc->msc_bound_ndn ); } if ( !BER_BVISNULL( &msc->msc_cred ) ) { memset( msc->msc_cred.bv_val, 0, msc->msc_cred.bv_len ); ber_memfree( msc->msc_cred.bv_val ); BER_BVZERO( &msc->msc_cred ); } } } if ( META_BACK_TGT_QUARANTINE( mt ) ) { asyncmeta_quarantine( op, mi, rs, candidate ); } return rs->sr_err; }
#include "portable.h" #include <stdio.h> #include <ac/ctype.h> #include <ac/regex.h> #include <ac/string.h> #include "slap.h" #include "lutil.h" /* define to get an error if requesting limit higher than hard */ #undef ABOVE_HARD_LIMIT_IS_ERROR static const struct berval lmpats[] = { BER_BVC( "base" ), BER_BVC( "base" ), BER_BVC( "onelevel" ), BER_BVC( "subtree" ), BER_BVC( "children" ), BER_BVC( "regex" ), BER_BVC( "anonymous" ), BER_BVC( "users" ), BER_BVC( "*" ) }; #ifdef LDAP_DEBUG static const char *const dn_source[2] = { "DN", "DN.THIS" }; static const char *const lmpats_out[] = { "UNDEFINED", "EXACT",
ACI_BV_GRANT, ACI_BV_DENY, ACI_BV_GROUP_CLASS, ACI_BV_GROUP_ATTR, ACI_BV_ROLE_CLASS, ACI_BV_ROLE_ATTR, ACI_BV_SET_ATTR, ACI_BV_LAST }; static const struct berval aci_bv[] = { /* scope */ BER_BVC("entry"), BER_BVC("children"), BER_BVC("onelevel"), BER_BVC("subtree"), /* */ BER_BVC("[entry]"), BER_BVC("[children]"), BER_BVC("[all]"), /* type */ BER_BVC("access-id"), BER_BVC("public"), BER_BVC("users"), BER_BVC("self"), BER_BVC("dnattr"),
/* ACKNOWLEDGEMENTS: * This code references portions of the nss-ldapd package * written by Arthur de Jong. The nss-ldapd code was forked * from the nss-ldap library written by Luke Howard. */ #include "nssov.h" /* ( nisSchema.2.0 NAME 'posixAccount' SUP top AUXILIARY * DESC 'Abstraction of an account with POSIX attributes' * MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) * MAY ( userPassword $ loginShell $ gecos $ description ) ) */ /* the basic search filter for searches */ static struct berval passwd_filter = BER_BVC("(objectClass=posixAccount)"); /* the attributes used in searches */ static struct berval passwd_keys[] = { BER_BVC("uid"), BER_BVC("userPassword"), BER_BVC("uidNumber"), BER_BVC("gidNumber"), BER_BVC("gecos"), BER_BVC("cn"), BER_BVC("homeDirectory"), BER_BVC("loginShell"), BER_BVC("objectClass"), BER_BVNULL };
"SYNTAX OMsDirectoryString )", NULL, NULL }, { NULL } }; static ConfigOCs valsort_cfocs[] = { { "( OLcfgOvOc:5.1 " "NAME 'olcValSortConfig' " "DESC 'Value Sorting configuration' " "SUP olcOverlayConfig " "MUST olcValSortAttr )", Cft_Overlay, valsort_cfats }, { NULL } }; static slap_verbmasks sorts[] = { { BER_BVC("alpha-ascend"), VALSORT_ASCEND|VALSORT_ALPHA }, { BER_BVC("alpha-descend"), VALSORT_DESCEND|VALSORT_ALPHA }, { BER_BVC("numeric-ascend"), VALSORT_ASCEND|VALSORT_NUMERIC }, { BER_BVC("numeric-descend"), VALSORT_DESCEND|VALSORT_NUMERIC }, { BER_BVC("weighted"), VALSORT_WEIGHTED }, { BER_BVNULL, 0 } }; static Syntax *syn_numericString; static int valsort_cf_func(ConfigArgs *c) { slap_overinst *on = (slap_overinst *)c->bi; valsort_info vitmp, *vi; const char *text = NULL; int i, is_numeric;
int main( int argc, char **argv ) { int i, j; char *uri = NULL; char *host = "localhost"; char *port = NULL; char *manager = NULL; char *passwd = NULL; char *dirname = NULL; char *progdir = NULL; int loops = LOOPS; char *outerloops = OUTERLOOPS; char *retries = RETRIES; char *delay = "0"; DIR *datadir; struct dirent *file; int friendly = 0; int chaserefs = 0; int noattrs = 0; int nobind = 0; int noinit = 1; char *ignore = NULL; /* search */ char *sfile = NULL; char *sreqs[MAXREQS]; char *sattrs[MAXREQS]; char *sbase[MAXREQS]; LDAPURLDesc *slud[MAXREQS]; int snum = 0; char *sargs[MAXARGS]; int sanum; int sextra_args = 0; char scmd[MAXPATHLEN]; int swamp = 0; char swampopt[sizeof("-SSS")]; /* static so that its address can be used in initializer below. */ static char sloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; /* read */ char *rfile = NULL; char *rreqs[MAXREQS]; int rnum = 0; char *rargs[MAXARGS]; char *rflts[MAXREQS]; int ranum; int rextra_args = 0; char rcmd[MAXPATHLEN]; static char rloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; /* addel */ char *afiles[MAXREQS]; int anum = 0; char *aargs[MAXARGS]; int aanum; char acmd[MAXPATHLEN]; static char aloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; /* modrdn */ char *nfile = NULL; char *nreqs[MAXREQS]; int nnum = 0; char *nargs[MAXARGS]; int nanum; char ncmd[MAXPATHLEN]; static char nloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; /* modify */ char *mfile = NULL; char *mreqs[MAXREQS]; char *mdn[MAXREQS]; int mnum = 0; char *margs[MAXARGS]; int manum; char mcmd[MAXPATHLEN]; static char mloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; /* bind */ char *bfile = NULL; char *breqs[MAXREQS]; char *bcreds[MAXREQS]; char *battrs[MAXREQS]; int bnum = 0; char *bargs[MAXARGS]; int banum; char bcmd[MAXPATHLEN]; static char bloops[LDAP_PVT_INTTYPE_CHARS(unsigned long)]; char **bargs_extra = NULL; char *friendlyOpt = NULL; int pw_ask = 0; char *pw_file = NULL; /* extra action to do after bind... */ typedef struct extra_t { char *action; struct extra_t *next; } extra_t; extra_t *extra = NULL; int nextra = 0; tester_init( "slapd-tester", TESTER_TESTER ); sloops[0] = '\0'; rloops[0] = '\0'; aloops[0] = '\0'; nloops[0] = '\0'; mloops[0] = '\0'; bloops[0] = '\0'; while ( ( i = getopt( argc, argv, "AB:CD:d:FH:h:Ii:j:L:l:NP:p:r:St:Ww:y:" ) ) != EOF ) { switch ( i ) { case 'A': noattrs++; break; case 'B': { char **p, **b = ldap_str2charray( optarg, "," ); extra_t **epp; for ( epp = &extra; *epp; epp = &(*epp)->next ) ; for ( p = b; p[0]; p++ ) { *epp = calloc( 1, sizeof( extra_t ) ); (*epp)->action = p[0]; epp = &(*epp)->next; nextra++; } ldap_memfree( b ); } break; case 'C': chaserefs++; break; case 'D': /* slapd manager */ manager = ArgDup( optarg ); break; case 'd': /* data directory */ dirname = strdup( optarg ); break; case 'F': friendly++; break; case 'H': /* slapd uri */ uri = strdup( optarg ); break; case 'h': /* slapd host */ host = strdup( optarg ); break; case 'I': noinit = 0; break; case 'i': ignore = optarg; break; case 'j': /* the number of parallel clients */ if ( lutil_atoi( &maxkids, optarg ) != 0 ) { usage( argv[0], 'j' ); } break; case 'l': /* the number of loops per client */ if ( !isdigit( (unsigned char) optarg[0] ) ) { char **p, **l = ldap_str2charray( optarg, "," ); for ( p = l; p[0]; p++) { struct { struct berval type; char *buf; } types[] = { { BER_BVC( "add=" ), aloops }, { BER_BVC( "bind=" ), bloops }, { BER_BVC( "modify=" ), mloops }, { BER_BVC( "modrdn=" ), nloops }, { BER_BVC( "read=" ), rloops }, { BER_BVC( "search=" ), sloops }, { BER_BVNULL, NULL } }; int c, n; for ( c = 0; types[c].type.bv_val; c++ ) { if ( strncasecmp( p[0], types[c].type.bv_val, types[c].type.bv_len ) == 0 ) { break; } } if ( types[c].type.bv_val == NULL ) { usage( argv[0], 'l' ); } if ( lutil_atoi( &n, &p[0][types[c].type.bv_len] ) != 0 ) { usage( argv[0], 'l' ); } snprintf( types[c].buf, sizeof( aloops ), "%d", n ); } ldap_charray_free( l ); } else if ( lutil_atoi( &loops, optarg ) != 0 ) { usage( argv[0], 'l' ); } break; case 'L': /* the number of outerloops per client */ outerloops = strdup( optarg ); break; case 'N': nobind++; break; case 'P': /* prog directory */ progdir = strdup( optarg ); break; case 'p': /* the servers port number */ port = strdup( optarg ); break; case 'r': /* the number of retries in case of error */ retries = strdup( optarg ); break; case 'S': swamp++; break; case 't': /* the delay in seconds between each retry */ delay = strdup( optarg ); break; case 'w': /* the managers passwd */ passwd = ArgDup( optarg ); memset( optarg, '*', strlen( optarg ) ); break; case 'W': pw_ask++; break; case 'y': pw_file = optarg; break; default: usage( argv[0], '\0' ); break; } } if (( dirname == NULL ) || ( port == NULL && uri == NULL ) || ( manager == NULL ) || ( passwd == NULL ) || ( progdir == NULL )) { usage( argv[0], '\0' ); } #ifdef HAVE_WINSOCK children = malloc( maxkids * sizeof(HANDLE) ); #endif /* get the file list */ if ( ( datadir = opendir( dirname )) == NULL ) { fprintf( stderr, "%s: couldn't open data directory \"%s\".\n", argv[0], dirname ); exit( EXIT_FAILURE ); } /* look for search, read, modrdn, and add/delete files */ for ( file = readdir( datadir ); file; file = readdir( datadir )) { if ( !strcasecmp( file->d_name, TSEARCHFILE )) { sfile = get_file_name( dirname, file->d_name ); continue; } else if ( !strcasecmp( file->d_name, TREADFILE )) { rfile = get_file_name( dirname, file->d_name ); continue; } else if ( !strcasecmp( file->d_name, TMODRDNFILE )) { nfile = get_file_name( dirname, file->d_name ); continue; } else if ( !strcasecmp( file->d_name, TMODIFYFILE )) { mfile = get_file_name( dirname, file->d_name ); continue; } else if ( !strncasecmp( file->d_name, TADDFILE, strlen( TADDFILE )) && ( anum < MAXREQS )) { afiles[anum++] = get_file_name( dirname, file->d_name ); continue; } else if ( !strcasecmp( file->d_name, TBINDFILE )) { bfile = get_file_name( dirname, file->d_name ); continue; } } closedir( datadir ); if ( pw_ask ) { passwd = getpassphrase( _("Enter LDAP Password: "******"no data files found.\n" ); exit( EXIT_FAILURE ); } /* look for search requests */ if ( sfile ) { snum = get_search_filters( sfile, sreqs, sattrs, sbase, slud ); if ( snum < 0 ) { fprintf( stderr, "unable to parse file \"%s\" line %d\n", sfile, -2*(snum + 1)); exit( EXIT_FAILURE ); } } /* look for read requests */ if ( rfile ) { rnum = get_read_entries( rfile, rreqs, rflts ); if ( rnum < 0 ) { fprintf( stderr, "unable to parse file \"%s\" line %d\n", rfile, -2*(rnum + 1) ); exit( EXIT_FAILURE ); } } /* look for modrdn requests */ if ( nfile ) { nnum = get_read_entries( nfile, nreqs, NULL ); if ( nnum < 0 ) { fprintf( stderr, "unable to parse file \"%s\" line %d\n", nfile, -2*(nnum + 1) ); exit( EXIT_FAILURE ); } } /* look for modify requests */ if ( mfile ) { mnum = get_search_filters( mfile, mreqs, NULL, mdn, NULL ); if ( mnum < 0 ) { fprintf( stderr, "unable to parse file \"%s\" line %d\n", mfile, -2*(mnum + 1) ); exit( EXIT_FAILURE ); } } /* look for bind requests */ if ( bfile ) { bnum = get_search_filters( bfile, bcreds, battrs, breqs, NULL ); if ( bnum < 0 ) { fprintf( stderr, "unable to parse file \"%s\" line %d\n", bfile, -2*(bnum + 1) ); exit( EXIT_FAILURE ); } } /* setup friendly option */ switch ( friendly ) { case 0: break; case 1: friendlyOpt = "-F"; break; default: /* NOTE: right now we don't need it more than twice */ case 2: friendlyOpt = "-FF"; break; } /* setup swamp option */ if ( swamp ) { swampopt[0] = '-'; if ( swamp > 3 ) swamp = 3; swampopt[swamp + 1] = '\0'; for ( ; swamp-- > 0; ) swampopt[swamp + 1] = 'S'; } /* setup loop options */ if ( sloops[0] == '\0' ) snprintf( sloops, sizeof( sloops ), "%d", 10 * loops ); if ( rloops[0] == '\0' ) snprintf( rloops, sizeof( rloops ), "%d", 20 * loops ); if ( aloops[0] == '\0' ) snprintf( aloops, sizeof( aloops ), "%d", loops ); if ( nloops[0] == '\0' ) snprintf( nloops, sizeof( nloops ), "%d", loops ); if ( mloops[0] == '\0' ) snprintf( mloops, sizeof( mloops ), "%d", loops ); if ( bloops[0] == '\0' ) snprintf( bloops, sizeof( bloops ), "%d", 20 * loops ); /* * generate the search clients */ sanum = 0; snprintf( scmd, sizeof scmd, "%s" LDAP_DIRSEP SEARCHCMD, progdir ); sargs[sanum++] = scmd; if ( uri ) { sargs[sanum++] = "-H"; sargs[sanum++] = uri; } else { sargs[sanum++] = "-h"; sargs[sanum++] = host; sargs[sanum++] = "-p"; sargs[sanum++] = port; } sargs[sanum++] = "-D"; sargs[sanum++] = manager; sargs[sanum++] = "-w"; sargs[sanum++] = passwd; sargs[sanum++] = "-l"; sargs[sanum++] = sloops; sargs[sanum++] = "-L"; sargs[sanum++] = outerloops; sargs[sanum++] = "-r"; sargs[sanum++] = retries; sargs[sanum++] = "-t"; sargs[sanum++] = delay; if ( friendly ) { sargs[sanum++] = friendlyOpt; } if ( chaserefs ) { sargs[sanum++] = "-C"; } if ( noattrs ) { sargs[sanum++] = "-A"; } if ( nobind ) { sargs[sanum++] = "-N"; } if ( ignore ) { sargs[sanum++] = "-i"; sargs[sanum++] = ignore; } if ( swamp ) { sargs[sanum++] = swampopt; } sargs[sanum++] = "-b"; sargs[sanum++] = NULL; /* will hold the search base */ sargs[sanum++] = "-s"; sargs[sanum++] = NULL; /* will hold the search scope */ sargs[sanum++] = "-f"; sargs[sanum++] = NULL; /* will hold the search request */ sargs[sanum++] = NULL; sargs[sanum++] = NULL; /* might hold the "attr" request */ sextra_args += 2; sargs[sanum] = NULL; /* * generate the read clients */ ranum = 0; snprintf( rcmd, sizeof rcmd, "%s" LDAP_DIRSEP READCMD, progdir ); rargs[ranum++] = rcmd; if ( uri ) { rargs[ranum++] = "-H"; rargs[ranum++] = uri; } else { rargs[ranum++] = "-h"; rargs[ranum++] = host; rargs[ranum++] = "-p"; rargs[ranum++] = port; } rargs[ranum++] = "-D"; rargs[ranum++] = manager; rargs[ranum++] = "-w"; rargs[ranum++] = passwd; rargs[ranum++] = "-l"; rargs[ranum++] = rloops; rargs[ranum++] = "-L"; rargs[ranum++] = outerloops; rargs[ranum++] = "-r"; rargs[ranum++] = retries; rargs[ranum++] = "-t"; rargs[ranum++] = delay; if ( friendly ) { rargs[ranum++] = friendlyOpt; } if ( chaserefs ) { rargs[ranum++] = "-C"; } if ( noattrs ) { rargs[ranum++] = "-A"; } if ( ignore ) { rargs[ranum++] = "-i"; rargs[ranum++] = ignore; } if ( swamp ) { rargs[ranum++] = swampopt; } rargs[ranum++] = "-e"; rargs[ranum++] = NULL; /* will hold the read entry */ rargs[ranum++] = NULL; rargs[ranum++] = NULL; /* might hold the filter arg */ rextra_args += 2; rargs[ranum] = NULL; /* * generate the modrdn clients */ nanum = 0; snprintf( ncmd, sizeof ncmd, "%s" LDAP_DIRSEP MODRDNCMD, progdir ); nargs[nanum++] = ncmd; if ( uri ) { nargs[nanum++] = "-H"; nargs[nanum++] = uri; } else { nargs[nanum++] = "-h"; nargs[nanum++] = host; nargs[nanum++] = "-p"; nargs[nanum++] = port; } nargs[nanum++] = "-D"; nargs[nanum++] = manager; nargs[nanum++] = "-w"; nargs[nanum++] = passwd; nargs[nanum++] = "-l"; nargs[nanum++] = nloops; nargs[nanum++] = "-L"; nargs[nanum++] = outerloops; nargs[nanum++] = "-r"; nargs[nanum++] = retries; nargs[nanum++] = "-t"; nargs[nanum++] = delay; if ( friendly ) { nargs[nanum++] = friendlyOpt; } if ( chaserefs ) { nargs[nanum++] = "-C"; } if ( ignore ) { nargs[nanum++] = "-i"; nargs[nanum++] = ignore; } nargs[nanum++] = "-e"; nargs[nanum++] = NULL; /* will hold the modrdn entry */ nargs[nanum] = NULL; /* * generate the modify clients */ manum = 0; snprintf( mcmd, sizeof mcmd, "%s" LDAP_DIRSEP MODIFYCMD, progdir ); margs[manum++] = mcmd; if ( uri ) { margs[manum++] = "-H"; margs[manum++] = uri; } else { margs[manum++] = "-h"; margs[manum++] = host; margs[manum++] = "-p"; margs[manum++] = port; } margs[manum++] = "-D"; margs[manum++] = manager; margs[manum++] = "-w"; margs[manum++] = passwd; margs[manum++] = "-l"; margs[manum++] = mloops; margs[manum++] = "-L"; margs[manum++] = outerloops; margs[manum++] = "-r"; margs[manum++] = retries; margs[manum++] = "-t"; margs[manum++] = delay; if ( friendly ) { margs[manum++] = friendlyOpt; } if ( chaserefs ) { margs[manum++] = "-C"; } if ( ignore ) { margs[manum++] = "-i"; margs[manum++] = ignore; } margs[manum++] = "-e"; margs[manum++] = NULL; /* will hold the modify entry */ margs[manum++] = "-a";; margs[manum++] = NULL; /* will hold the ava */ margs[manum] = NULL; /* * generate the add/delete clients */ aanum = 0; snprintf( acmd, sizeof acmd, "%s" LDAP_DIRSEP ADDCMD, progdir ); aargs[aanum++] = acmd; if ( uri ) { aargs[aanum++] = "-H"; aargs[aanum++] = uri; } else { aargs[aanum++] = "-h"; aargs[aanum++] = host; aargs[aanum++] = "-p"; aargs[aanum++] = port; } aargs[aanum++] = "-D"; aargs[aanum++] = manager; aargs[aanum++] = "-w"; aargs[aanum++] = passwd; aargs[aanum++] = "-l"; aargs[aanum++] = aloops; aargs[aanum++] = "-L"; aargs[aanum++] = outerloops; aargs[aanum++] = "-r"; aargs[aanum++] = retries; aargs[aanum++] = "-t"; aargs[aanum++] = delay; if ( friendly ) { aargs[aanum++] = friendlyOpt; } if ( chaserefs ) { aargs[aanum++] = "-C"; } if ( ignore ) { aargs[aanum++] = "-i"; aargs[aanum++] = ignore; } aargs[aanum++] = "-f"; aargs[aanum++] = NULL; /* will hold the add data file */ aargs[aanum] = NULL; /* * generate the bind clients */ banum = 0; snprintf( bcmd, sizeof bcmd, "%s" LDAP_DIRSEP BINDCMD, progdir ); bargs[banum++] = bcmd; if ( !noinit ) { bargs[banum++] = "-I"; /* init on each bind */ } if ( uri ) { bargs[banum++] = "-H"; bargs[banum++] = uri; } else { bargs[banum++] = "-h"; bargs[banum++] = host; bargs[banum++] = "-p"; bargs[banum++] = port; } bargs[banum++] = "-l"; bargs[banum++] = bloops; bargs[banum++] = "-L"; bargs[banum++] = outerloops; #if 0 bargs[banum++] = "-r"; bargs[banum++] = retries; bargs[banum++] = "-t"; bargs[banum++] = delay; #endif if ( friendly ) { bargs[banum++] = friendlyOpt; } if ( chaserefs ) { bargs[banum++] = "-C"; } if ( ignore ) { bargs[banum++] = "-i"; bargs[banum++] = ignore; } if ( nextra ) { bargs[banum++] = "-B"; bargs_extra = &bargs[banum++]; } bargs[banum++] = "-D"; bargs[banum++] = NULL; bargs[banum++] = "-w"; bargs[banum++] = NULL; bargs[banum] = NULL; #define DOREQ(n,j) ((n) && ((maxkids > (n)) ? ((j) < maxkids ) : ((j) < (n)))) for ( j = 0; j < MAXREQS; j++ ) { /* search */ if ( DOREQ( snum, j ) ) { int jj = j % snum; int x = sanum - sextra_args; /* base */ if ( sbase[jj] != NULL ) { sargs[sanum - 7] = sbase[jj]; } else { sargs[sanum - 7] = slud[jj]->lud_dn; } /* scope */ if ( slud[jj] != NULL ) { sargs[sanum - 5] = (char *)ldap_pvt_scope2str( slud[jj]->lud_scope ); } else { sargs[sanum - 5] = "sub"; } /* filter */ if ( sreqs[jj] != NULL ) { sargs[sanum - 3] = sreqs[jj]; } else if ( slud[jj]->lud_filter != NULL ) { sargs[sanum - 3] = slud[jj]->lud_filter; } else { sargs[sanum - 3] = "(objectClass=*)"; } /* extras */ sargs[x] = NULL; /* attr */ if ( sattrs[jj] != NULL ) { sargs[x++] = "-a"; sargs[x++] = sattrs[jj]; } /* attrs */ if ( slud[jj] != NULL && slud[jj]->lud_attrs != NULL ) { int i; for ( i = 0; slud[jj]->lud_attrs[ i ] != NULL && x + i < MAXARGS - 1; i++ ) { sargs[x + i] = slud[jj]->lud_attrs[ i ]; } sargs[x + i] = NULL; } fork_child( scmd, sargs ); } /* read */ if ( DOREQ( rnum, j ) ) { int jj = j % rnum; int x = ranum - rextra_args; rargs[ranum - 3] = rreqs[jj]; if ( rflts[jj] != NULL ) { rargs[x++] = "-f"; rargs[x++] = rflts[jj]; } rargs[x] = NULL; fork_child( rcmd, rargs ); } /* rename */ if ( j < nnum ) { nargs[nanum - 1] = nreqs[j]; fork_child( ncmd, nargs ); } /* modify */ if ( j < mnum ) { margs[manum - 3] = mdn[j]; margs[manum - 1] = mreqs[j]; fork_child( mcmd, margs ); } /* add/delete */ if ( j < anum ) { aargs[aanum - 1] = afiles[j]; fork_child( acmd, aargs ); } /* bind */ if ( DOREQ( bnum, j ) ) { int jj = j % bnum; if ( nextra ) { int n = ((double)nextra)*rand()/(RAND_MAX + 1.0); extra_t *e; for ( e = extra; n-- > 0; e = e->next ) ; *bargs_extra = e->action; } if ( battrs[jj] != NULL ) { bargs[banum - 3] = manager ? manager : ""; bargs[banum - 1] = passwd ? passwd : ""; bargs[banum + 0] = "-b"; bargs[banum + 1] = breqs[jj]; bargs[banum + 2] = "-f"; bargs[banum + 3] = bcreds[jj]; bargs[banum + 4] = "-a"; bargs[banum + 5] = battrs[jj]; bargs[banum + 6] = NULL; } else { bargs[banum - 3] = breqs[jj]; bargs[banum - 1] = bcreds[jj]; bargs[banum] = NULL; } fork_child( bcmd, bargs ); bargs[banum] = NULL; } } wait4kids( -1 ); exit( EXIT_SUCCESS ); }
"DESC 'BDB backend configuration' " #endif "SUP olcDatabaseConfig " "MUST olcDbDirectory " "MAY ( olcDbCacheSize $ olcDbCheckpoint $ olcDbConfig $ " "olcDbCryptFile $ olcDbCryptKey $ " "olcDbNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ " "olcDbIndex $ olcDbLinearIndex $ olcDbLockDetect $ " "olcDbMode $ olcDbSearchStack $ olcDbShmKey $ " "olcDbCacheFree $ olcDbDNcacheSize $ olcDbPageSize ) )", Cft_Database, bdbcfg }, { NULL, 0, NULL } }; static slap_verbmasks bdb_lockd[] = { { BER_BVC("default"), DB_LOCK_DEFAULT }, { BER_BVC("oldest"), DB_LOCK_OLDEST }, { BER_BVC("random"), DB_LOCK_RANDOM }, { BER_BVC("youngest"), DB_LOCK_YOUNGEST }, { BER_BVC("fewest"), DB_LOCK_MINLOCKS }, { BER_BVNULL, 0 } }; /* perform periodic checkpoints */ static void * bdb_checkpoint( void *ctx, void *arg ) { struct re_s *rtask = arg; struct bdb_info *bdb = rtask->arg; TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte,