/*
* call from within bdb_initialize()
*/
static int
bdb_monitor_initialize( void )
{
int i, code;
ConfigArgs c;
char *argv[ 3 ];
static int bdb_monitor_initialized = 0;
if ( backend_info( "monitor" ) == NULL ) {
return -1;
}
if ( bdb_monitor_initialized++ ) {
return 0;
}
/* register schema here */
argv[ 0 ] = "back-bdb/back-hdb monitor";
c.argv = argv;
c.argc = 3;
c.fname = argv[0];
for ( i = 0; s_oid[ i ].name; i++ ) {
c.lineno = i;
argv[ 1 ] = s_oid[ i ].name;
argv[ 2 ] = s_oid[ i ].oid;
if ( parse_oidm( &c, 0, NULL ) != 0 ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": unable to add "
"objectIdentifier \"%s=%s\"\n",
s_oid[ i ].name, s_oid[ i ].oid, 0 );
return 1;
}
}
for ( i = 0; s_at[ i ].desc != NULL; i++ ) {
code = register_at( s_at[ i ].desc, s_at[ i ].ad, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": register_at failed\n",
0, 0, 0 );
}
(*s_at[ i ].ad)->ad_type->sat_flags |= SLAP_AT_HIDE;
}
for ( i = 0; s_oc[ i ].desc != NULL; i++ ) {
code = register_oc( s_oc[ i ].desc, s_oc[ i ].oc, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": register_oc failed\n",
0, 0, 0 );
}
(*s_oc[ i ].oc)->soc_flags |= SLAP_OC_HIDE;
}
return 0;
}
/*
* call from within ldap_back_initialize()
*/
static int
ldap_back_monitor_initialize( void )
{
int i, code;
ConfigArgs c;
char *argv[ 3 ];
static int ldap_back_monitor_initialized = 0;
/* register schema here; if compiled as dynamic object,
* must be loaded __after__ back_monitor.la */
if ( ldap_back_monitor_initialized++ ) {
return 0;
}
if ( backend_info( "monitor" ) == NULL ) {
return -1;
}
argv[ 0 ] = "back-ldap monitor";
c.argv = argv;
c.argc = 3;
c.fname = argv[0];
for ( i = 0; s_oid[ i ].name; i++ ) {
argv[ 1 ] = s_oid[ i ].name;
argv[ 2 ] = s_oid[ i ].oid;
if ( parse_oidm( &c, 0, NULL ) != 0 ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: unable to add "
"objectIdentifier \"%s=%s\"\n",
s_oid[ i ].name, s_oid[ i ].oid, 0 );
return 1;
}
}
for ( i = 0; s_at[ i ].desc != NULL; i++ ) {
code = register_at( s_at[ i ].desc, s_at[ i ].ad, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: register_at failed\n",
0, 0, 0 );
}
}
for ( i = 0; s_oc[ i ].desc != NULL; i++ ) {
code = register_oc( s_oc[ i ].desc, s_oc[ i ].oc, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: register_oc failed\n",
0, 0, 0 );
}
}
return 0;
}
static
#endif /* SLAPD_OVER_RETCODE == SLAPD_MOD_DYNAMIC */
int
retcode_initialize( void )
{
int i, code;
static struct {
char *desc;
AttributeDescription **ad;
} retcode_at[] = {
{ "( 1.3.6.1.4.1.4203.666.11.4.1.1 "
"NAME ( 'errCode' ) "
"DESC 'LDAP error code' "
"EQUALITY integerMatch "
"ORDERING integerOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
"SINGLE-VALUE )",
&ad_errCode },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.2 "
"NAME ( 'errOp' ) "
"DESC 'Operations the errObject applies to' "
"EQUALITY caseIgnoreMatch "
"SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
&ad_errOp},
{ "( 1.3.6.1.4.1.4203.666.11.4.1.3 "
"NAME ( 'errText' ) "
"DESC 'LDAP error textual description' "
"EQUALITY caseIgnoreMatch "
"SUBSTR caseIgnoreSubstringsMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 "
"SINGLE-VALUE )",
&ad_errText },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.4 "
"NAME ( 'errSleepTime' ) "
"DESC 'Time to wait before returning the error' "
"EQUALITY integerMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 "
"SINGLE-VALUE )",
&ad_errSleepTime },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.5 "
"NAME ( 'errMatchedDN' ) "
"DESC 'Value to be returned as matched DN' "
"EQUALITY distinguishedNameMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 "
"SINGLE-VALUE )",
&ad_errMatchedDN },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.6 "
"NAME ( 'errUnsolicitedOID' ) "
"DESC 'OID to be returned within unsolicited response' "
"EQUALITY objectIdentifierMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 "
"SINGLE-VALUE )",
&ad_errUnsolicitedOID },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.7 "
"NAME ( 'errUnsolicitedData' ) "
"DESC 'Data to be returned within unsolicited response' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 "
"SINGLE-VALUE )",
&ad_errUnsolicitedData },
{ "( 1.3.6.1.4.1.4203.666.11.4.1.8 "
"NAME ( 'errDisconnect' ) "
"DESC 'Disconnect without notice' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 "
"SINGLE-VALUE )",
&ad_errDisconnect },
{ NULL }
};
static struct {
char *desc;
ObjectClass **oc;
} retcode_oc[] = {
{ "( 1.3.6.1.4.1.4203.666.11.4.3.0 "
"NAME ( 'errAbsObject' ) "
"SUP top ABSTRACT "
"MUST ( errCode ) "
"MAY ( "
"cn "
"$ description "
"$ errOp "
"$ errText "
"$ errSleepTime "
"$ errMatchedDN "
"$ errUnsolicitedOID "
"$ errUnsolicitedData "
"$ errDisconnect "
") )",
&oc_errAbsObject },
{ "( 1.3.6.1.4.1.4203.666.11.4.3.1 "
"NAME ( 'errObject' ) "
"SUP errAbsObject STRUCTURAL "
")",
&oc_errObject },
{ "( 1.3.6.1.4.1.4203.666.11.4.3.2 "
"NAME ( 'errAuxObject' ) "
"SUP errAbsObject AUXILIARY "
")",
&oc_errAuxObject },
{ NULL }
};
for ( i = 0; retcode_at[ i ].desc != NULL; i++ ) {
code = register_at( retcode_at[ i ].desc, retcode_at[ i ].ad, 0 );
if ( code ) {
Debug( LDAP_DEBUG_ANY,
"retcode: register_at failed\n" );
return code;
}
(*retcode_at[ i ].ad)->ad_type->sat_flags |= SLAP_AT_HIDE;
}
for ( i = 0; retcode_oc[ i ].desc != NULL; i++ ) {
code = register_oc( retcode_oc[ i ].desc, retcode_oc[ i ].oc, 0 );
if ( code ) {
Debug( LDAP_DEBUG_ANY,
"retcode: register_oc failed\n" );
return code;
}
(*retcode_oc[ i ].oc)->soc_flags |= SLAP_OC_HIDE;
}
retcode.on_bi.bi_type = "retcode";
retcode.on_bi.bi_db_init = retcode_db_init;
retcode.on_bi.bi_db_open = retcode_db_open;
retcode.on_bi.bi_db_destroy = retcode_db_destroy;
retcode.on_bi.bi_op_add = retcode_op_func;
retcode.on_bi.bi_op_bind = retcode_op_func;
retcode.on_bi.bi_op_compare = retcode_op_func;
retcode.on_bi.bi_op_delete = retcode_op_func;
retcode.on_bi.bi_op_modify = retcode_op_func;
retcode.on_bi.bi_op_modrdn = retcode_op_func;
retcode.on_bi.bi_op_search = retcode_op_func;
retcode.on_bi.bi_extended = retcode_op_func;
retcode.on_response = retcode_response;
retcode.on_bi.bi_cf_ocs = rcocs;
code = config_register_schema( rccfg, rcocs );
if ( code ) {
return code;
}
return overlay_register( &retcode );
}
/*
* call from within bdb_initialize()
*/
static int
bdb_monitor_initialize( void )
{
int i, code;
ConfigArgs c;
char *argv[ 3 ];
static int bdb_monitor_initialized = 0;
/* set to 0 when successfully initialized; otherwise, remember failure */
static int bdb_monitor_initialized_failure = 1;
if ( bdb_monitor_initialized++ ) {
return bdb_monitor_initialized_failure;
}
if ( backend_info( "monitor" ) == NULL ) {
return -1;
}
/* register schema here */
argv[ 0 ] = "back-bdb/back-hdb monitor";
c.argv = argv;
c.argc = 3;
c.fname = argv[0];
for ( i = 0; s_oid[ i ].name; i++ ) {
c.lineno = i;
argv[ 1 ] = s_oid[ i ].name;
argv[ 2 ] = s_oid[ i ].oid;
if ( parse_oidm( &c, 0, NULL ) != 0 ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": unable to add "
"objectIdentifier \"%s=%s\"\n",
s_oid[ i ].name, s_oid[ i ].oid, 0 );
return 2;
}
}
for ( i = 0; s_at[ i ].desc != NULL; i++ ) {
code = register_at( s_at[ i ].desc, s_at[ i ].ad, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": register_at failed for attributeType (%s)\n",
s_at[ i ].desc, 0, 0 );
return 3;
} else {
(*s_at[ i ].ad)->ad_type->sat_flags |= SLAP_AT_HIDE;
}
}
for ( i = 0; s_oc[ i ].desc != NULL; i++ ) {
code = register_oc( s_oc[ i ].desc, s_oc[ i ].oc, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(bdb_monitor_initialize)
": register_oc failed for objectClass (%s)\n",
s_oc[ i ].desc, 0, 0 );
return 4;
} else {
(*s_oc[ i ].oc)->soc_flags |= SLAP_OC_HIDE;
}
}
return ( bdb_monitor_initialized_failure = LDAP_SUCCESS );
}
static int
autoca_db_open(
BackendDB *be,
ConfigReply *cr
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
autoca_info *ai = on->on_bi.bi_private;
Connection conn = { 0 };
OperationBuffer opbuf;
Operation *op;
void *thrctx;
Entry *e;
Attribute *a;
int rc;
if (slapMode & SLAP_TOOL_MODE)
return 0;
if ( ! *aca_attr2[0].ad ) {
int i, code;
const char *text;
for ( i=0; aca_attr2[i].at; i++ ) {
code = slap_str2ad( aca_attr2[i].at, aca_attr2[i].ad, &text );
if ( code ) return code;
}
/* Schema may not be loaded, ignore if missing */
slap_str2ad( "ipHostNumber", &ad_ipaddr, &text );
for ( i=0; aca_ocs[i].ot; i++ ) {
code = register_oc( aca_ocs[i].ot, aca_ocs[i].oc, 0 );
if ( code ) return code;
}
}
thrctx = ldap_pvt_thread_pool_context();
connection_fake_init2( &conn, &opbuf, thrctx, 0 );
op = &opbuf.ob_op;
op->o_bd = be;
op->o_dn = be->be_rootdn;
op->o_ndn = be->be_rootndn;
rc = overlay_entry_get_ov( op, be->be_nsuffix, NULL,
NULL, 0, &e, on );
if ( e ) {
int gotoc = 0, gotat = 0;
if ( is_entry_objectclass( e, oc_caObj, 0 )) {
gotoc = 1;
a = attr_find( e->e_attrs, ad_caPkey );
if ( a ) {
const unsigned char *pp;
pp = (unsigned char *)a->a_vals[0].bv_val;
ai->ai_pkey = d2i_AutoPrivateKey( NULL, &pp, a->a_vals[0].bv_len );
if ( ai->ai_pkey )
{
a = attr_find( e->e_attrs, ad_caCert );
if ( a )
{
pp = (unsigned char *)a->a_vals[0].bv_val;
ai->ai_cert = d2i_X509( NULL, &pp, a->a_vals[0].bv_len );
/* If TLS wasn't configured yet, set this as our CA */
if ( !slap_tls_ctx )
autoca_setca( a->a_vals );
}
}
gotat = 1;
}
}
overlay_entry_release_ov( op, e, 0, on );
/* generate attrs, store... */
if ( !gotat ) {
genargs args;
saveargs arg2;
args.issuer_cert = NULL;
args.issuer_pkey = NULL;
args.subjectDN = &be->be_suffix[0];
args.cert_exts = CAexts;
args.more_exts = NULL;
args.keybits = ai->ai_cakeybits;
args.days = ai->ai_cadays;
rc = autoca_gencert( op, &args );
if ( rc )
return -1;
ai->ai_cert = args.newcert;
ai->ai_pkey = args.newpkey;
arg2.dn = be->be_suffix;
arg2.ndn = be->be_nsuffix;
arg2.isca = 1;
if ( !gotoc )
arg2.oc = oc_caObj;
else
arg2.oc = NULL;
arg2.on = on;
arg2.dercert = &args.dercert;
arg2.derpkey = &args.derpkey;
autoca_savecert( op, &arg2 );
/* If TLS wasn't configured yet, set this as our CA */
if ( !slap_tls_ctx )
autoca_setca( &args.dercert );
op->o_tmpfree( args.dercert.bv_val, op->o_tmpmemctx );
op->o_tmpfree( args.derpkey.bv_val, op->o_tmpmemctx );
}
}
return 0;
}
