/* writes the current cookie into dse.ldif under the replication agreement entry
returns: ldap result code of the operation. */
int
windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Mods *mods = NULL;
LDAPDebug0Args( LDAP_DEBUG_TRACE, "=> windows_private_save_dirsync_cookie\n" );
PR_ASSERT(ra);
dp = (Dirsync_Private *) agmt_get_priv(ra);
PR_ASSERT (dp);
pb = slapi_pblock_new ();
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_REPLACE);
sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc == LDAP_NO_SUCH_ATTRIBUTE)
{ /* try again, but as an add instead */
slapi_mods_free(&mods);
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_ADD);
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
}
slapi_pblock_destroy (pb);
slapi_mods_free(&mods);
slapi_sdn_free(&sdn);
LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_save_dirsync_cookie\n" );
return rc;
}
int
urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new();
slapi_modify_internal_set_pb_ext (
newpb,
sdn,
slapi_mods_get_ldapmods_byref (smods),
NULL, /* Controls */
uniqueid,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
/* set operation csn */
slapi_pblock_get (newpb, SLAPI_OPERATION, &op);
operation_set_csn (op, opcsn);
/* do modify */
slapi_modify_internal_pb (newpb);
slapi_pblock_get (newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result);
slapi_pblock_destroy(newpb);
return op_result;
}
int
urp_fixup_delete_entry (const char *uniqueid, const char *dn, CSN *opcsn, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new ();
/*
* Mark this operation as replicated, so that the front end
* doesn't add extra attributes.
*/
slapi_delete_internal_set_pb (
newpb,
dn,
NULL, /*Controls*/
uniqueid, /*uniqueid*/
repl_get_plugin_identity ( PLUGIN_MULTIMASTER_REPLICATION ),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags );
slapi_pblock_get ( newpb, SLAPI_OPERATION, &op );
operation_set_csn ( op, opcsn );
slapi_delete_internal_pb ( newpb );
slapi_pblock_get ( newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result );
slapi_pblock_destroy ( newpb );
return op_result;
}
int
agmtlist_config_init()
{
Slapi_PBlock *pb;
int agmtcount = 0;
agmt_set = objset_new(agmtlist_objset_destructor);
/* Register callbacks so we're informed about updates */
slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_add_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_modify_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_delete_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_MODRDN, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_rename_callback, NULL);
/* Search the DIT and find all the replication agreements */
pb = slapi_pblock_new();
slapi_search_internal_set_pb(pb, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE,
GLOBAL_CONFIG_FILTER, NULL /* attrs */, 0 /* attrsonly */,
NULL, /* controls */ NULL /* uniqueid */,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0 /* actions */);
slapi_search_internal_callback_pb(pb,
(void *)&agmtcount /* callback data */,
NULL /* result_callback */,
handle_agmt_search /* search entry cb */,
NULL /* referral callback */);
slapi_pblock_destroy(pb);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_config_init: found %d replication agreements in DIT\n", agmtcount);
return 0;
}
Slapi_ValueSet *
replica_updatedn_list_get_members(Slapi_DN *dn)
{
static char* const filter_groups = "(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs))";
static char* const type_member = "member";
static char* const type_uniquemember = "uniquemember";
static char* const type_memberURL = "memberURL";
int rval;
char *attrs[4];
Slapi_PBlock *mpb = slapi_pblock_new ();
Slapi_ValueSet *members = slapi_valueset_new();
attrs[0] = type_member;
attrs[1] = type_uniquemember;
attrs[2] = type_memberURL;
attrs[3] = NULL;
slapi_search_internal_set_pb ( mpb, slapi_sdn_get_ndn(dn), LDAP_SCOPE_BASE, filter_groups,
&attrs[0], 0, NULL /* controls */, NULL /* uniqueid */,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_search_internal_pb(mpb);
slapi_pblock_get(mpb, SLAPI_PLUGIN_INTOP_RESULT, &rval);
if (rval == LDAP_SUCCESS) {
Slapi_Entry **ep;
slapi_pblock_get(mpb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &ep);
if ((ep != NULL) && (ep[0] != NULL)) {
Slapi_Attr *attr = NULL;
Slapi_Attr *nextAttr = NULL;
Slapi_ValueSet *vs = NULL;
char *attrType;
slapi_entry_first_attr ( ep[0], &attr);
while (attr) {
slapi_attr_get_type ( attr, &attrType );
if ((strcasecmp (attrType, type_member) == 0) ||
(strcasecmp (attrType, type_uniquemember) == 0 )) {
slapi_attr_get_valueset(attr, &vs);
slapi_valueset_join_attr_valueset(attr, members, vs);
slapi_valueset_free(vs);
} else if (strcasecmp (attrType, type_memberURL) == 0) {
/* not yet supported */
}
slapi_entry_next_attr ( ep[0], attr, &nextAttr );
attr = nextAttr;
}
}
}
slapi_free_search_results_internal(mpb);
slapi_pblock_destroy (mpb);
return(members);
}
/*
* Create the entry at the top of the replication configuration subtree.
*/
static int
create_config_top(void)
{
/* DN part of this entry_string: no need to be optimized. */
char *entry_string = slapi_ch_strdup("dn: cn=replication,cn=config\nobjectclass: top\nobjectclass: extensibleobject\ncn: replication\n");
Slapi_PBlock *pb = slapi_pblock_new();
Slapi_Entry *e = slapi_str2entry(entry_string, 0);
int return_value;
slapi_add_entry_internal_set_pb(pb, e, NULL, /* controls */
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0 /* flags */);
slapi_add_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &return_value);
slapi_pblock_destroy(pb);
slapi_ch_free((void **)&entry_string);
return return_value;
}
int
urp_fixup_add_entry (Slapi_Entry *e, const char *target_uniqueid, const char *parentuniqueid, CSN *opcsn, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new ();
/*
* Mark this operation as replicated, so that the front end
* doesn't add extra attributes.
*/
slapi_add_entry_internal_set_pb (
newpb,
e, /* entry will be consumed */
NULL, /*Controls*/
repl_get_plugin_identity ( PLUGIN_MULTIMASTER_REPLICATION ),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
if (target_uniqueid)
{
slapi_pblock_set( newpb, SLAPI_TARGET_UNIQUEID, (void*)target_uniqueid);
}
if (parentuniqueid)
{
struct slapi_operation_parameters *op_params;
slapi_pblock_get( newpb, SLAPI_OPERATION_PARAMETERS, &op_params );
op_params->p.p_add.parentuniqueid = (char*)parentuniqueid; /* Consumes parentuniqueid */
}
slapi_pblock_get ( newpb, SLAPI_OPERATION, &op );
operation_set_csn ( op, opcsn );
slapi_add_internal_pb ( newpb );
slapi_pblock_get ( newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result );
slapi_pblock_destroy ( newpb );
return op_result;
}
int
urp_fixup_rename_entry (const Slapi_Entry *entry, const char *newrdn, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
CSN *opcsn;
int op_result;
newpb = slapi_pblock_new();
/*
* Must mark this operation as replicated,
* so that the frontend doesn't add extra attributes.
*/
slapi_rename_internal_set_pb_ext (
newpb,
slapi_entry_get_sdn_const (entry),
newrdn, /*NewRDN*/
NULL, /*NewSuperior*/
0, /* !Delete Old RDNS */
NULL, /*Controls*/
slapi_entry_get_uniqueid (entry), /*uniqueid*/
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
/* set operation csn to the entry's dncsn */
opcsn = (CSN *)entry_get_dncsn (entry);
slapi_pblock_get (newpb, SLAPI_OPERATION, &op);
operation_set_csn (op, opcsn);
slapi_modrdn_internal_pb(newpb);
slapi_pblock_get(newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result);
slapi_pblock_destroy(newpb);
return op_result;
}
/*
* An URP Naming Collision helper function. Retreives a list of entries
* that have the given dn excluding the unique id of the entry. Any
* entries returned will be entries that have been added with the same
* dn, but caused a naming conflict when replicated. The URP to fix
* this constraint violation is to append the unique id of the entry
* to its RDN.
*/
static Slapi_Entry *
urp_get_min_naming_conflict_entry ( Slapi_PBlock *pb, char *sessionid, CSN *opcsn )
{
Slapi_PBlock *newpb = NULL;
LDAPControl **server_ctrls = NULL;
Slapi_Entry **entries = NULL;
Slapi_Entry *min_naming_conflict_entry = NULL;
const CSN *min_csn = NULL;
char *filter = NULL;
char *parent_dn = NULL;
char *basedn;
int i = 0;
int min_i = -1;
int op_result = LDAP_SUCCESS;
slapi_pblock_get (pb, SLAPI_URP_NAMING_COLLISION_DN, &basedn);
if (NULL == basedn || strncmp (basedn, SLAPI_ATTR_UNIQUEID, strlen(SLAPI_ATTR_UNIQUEID)) == 0)
return NULL;
slapi_log_error ( SLAPI_LOG_REPL, sessionid,
"Enter urp_get_min_naming_conflict_entry for %s\n", basedn);
filter = slapi_filter_sprintf("(%s=%s %s%s)", ATTR_NSDS5_REPLCONFLICT, REASON_ANNOTATE_DN,
ESC_NEXT_VAL, basedn);
/* server_ctrls will be freed when newpb is destroyed */
server_ctrls = (LDAPControl **)slapi_ch_calloc (2, sizeof (LDAPControl *));
server_ctrls[0] = create_managedsait_control();
server_ctrls[1] = NULL;
newpb = slapi_pblock_new();
parent_dn = slapi_dn_parent (basedn);
slapi_search_internal_set_pb(newpb,
parent_dn, /* Base DN */
LDAP_SCOPE_ONELEVEL,
filter,
NULL, /* Attrs */
0, /* AttrOnly */
server_ctrls, /* Controls */
NULL, /* UniqueID */
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION),
0);
slapi_search_internal_pb(newpb);
slapi_pblock_get(newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result);
slapi_pblock_get(newpb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
if ( (op_result != LDAP_SUCCESS) || (entries == NULL) )
{
/* Log a message */
goto done;
}
/* For all entries, get the one with the smallest dn csn */
for (i = 0; NULL != entries[i]; i++)
{
const CSN *dncsn;
dncsn = entry_get_dncsn(entries[i]);
if ((dncsn != opcsn) &&
((min_csn == NULL) || (csn_compare(dncsn, min_csn) < 0)) &&
!is_tombstone_entry (entries[i]))
{
min_csn = dncsn;
min_i = i;
}
/*
* If there are too many conflicts, the current urp code has no
* guarantee for all servers to converge anyway, because the
* urp and the backend can't be done in one transaction due
* to either performance or the deadlock problem.
* Don't sacrifice the performance too much for impossible.
*/
if (min_csn && i > 5)
{
break;
}
}
if (min_csn != NULL) {
/* Found one entry */
min_naming_conflict_entry = slapi_entry_dup(entries[min_i]);
}
done:
slapi_ch_free_string(&parent_dn);
if (filter) {
PR_smprintf_free(filter);
}
slapi_free_search_results_internal(newpb);
slapi_pblock_destroy(newpb);
newpb = NULL;
slapi_log_error ( SLAPI_LOG_REPL, sessionid,
"Leave urp_get_min_naming_conflict_entry (found %d entries)\n", i);
return min_naming_conflict_entry;
}
static int
agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry *e,
int *returncode, char *returntext, void *arg)
{
int i;
Slapi_DN *sdn = NULL;
int start_initialize = 0, stop_initialize = 0, cancel_initialize = 0;
int update_the_schedule = 0; /* do we need to update the repl sched? */
Repl_Agmt *agmt = NULL;
LDAPMod **mods;
char buff [SLAPI_DSE_RETURNTEXT_SIZE];
char *errortext = returntext ? returntext : buff;
int rc = SLAPI_DSE_CALLBACK_OK;
Slapi_Operation *op;
void *identity;
*returncode = LDAP_SUCCESS;
/* just let internal operations originated from replication plugin to go through */
slapi_pblock_get (pb, SLAPI_OPERATION, &op);
slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &identity);
if (operation_is_flag_set(op, OP_FLAG_INTERNAL) &&
(identity == repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION)))
{
goto done;
}
slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
if (NULL == sdn) {
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"agmtlist_modify_callback: NULL target dn\n");
goto done;
}
agmt = agmtlist_get_by_agmt_name(sdn);
if (NULL == agmt)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_modify_callback: received "
"a modification for unknown replication agreement \"%s\"\n",
slapi_sdn_get_dn(sdn));
goto done;
}
slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &mods);
for (i = 0; NULL != mods && NULL != mods[i]; i++)
{
if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaInitialize))
{
/* we don't allow delete attribute operations unless it was issued by
the replication plugin - handled above */
if (mods[i]->mod_op & LDAP_MOD_DELETE)
{
if(strcasecmp (mods[i]->mod_type, type_nsds5ReplicaCleanRUVnotified) == 0){
/* allow the deletion of cleanallruv agmt attr */
continue;
}
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"deletion of %s attribute is not allowed\n", type_nsds5ReplicaInitialize);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
break;
}
else
{
char *val;
if (mods[i]->mod_bvalues && mods[i]->mod_bvalues[0])
val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
else
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"no value provided for %s attribute\n", type_nsds5ReplicaInitialize);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
break;
}
/* Start replica initialization */
if (val == NULL)
{
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "No value supplied for attr (%s)", mods[i]->mod_type);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: %s\n",
errortext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
break;
}
if (strcasecmp (val, "start") == 0)
{
start_initialize = 1;
}
else if (strcasecmp (val, "stop") == 0)
{
stop_initialize = 1;
}
else if (strcasecmp (val, "cancel") == 0)
{
cancel_initialize = 1;
}
else
{
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value (%s) value supplied for attr (%s)",
val, mods[i]->mod_type);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: %s\n", errortext);
}
slapi_ch_free ((void**)&val);
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaUpdateSchedule))
{
/*
* Request to update the replication schedule. Set a flag so
* we know to update the schedule later.
*/
update_the_schedule = 1;
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaCredentials))
{
/* New replica credentials */
if (agmt_set_credentials_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update credentials for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaTimeout))
{
/* New replica timeout */
if (agmt_set_timeout_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update timeout for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaBusyWaitTime))
{
/* New replica busywaittime */
if (agmt_set_busywaittime_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update busy wait time for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaSessionPauseTime))
{
/* New replica pausetime */
if (agmt_set_pausetime_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update session pause time for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaBindDN))
{
/* New replica Bind DN */
if (agmt_set_binddn_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update bind DN for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaPort))
{
/* New replica port */
if (agmt_set_port_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"agmtlist_modify_callback: "
"failed to update port for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5TransportInfo))
{
/* New Transport info */
if (agmt_set_transportinfo_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update transport info for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaBindMethod))
{
if (agmt_set_bind_method_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update bind method for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicatedAttributeList))
{
char **denied_attrs = NULL;
/* New set of excluded attributes */
if (agmt_set_replicated_attributes_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update replicated attributes for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
/* Check that there are no verboten attributes in the exclude list */
denied_attrs = agmt_validate_replicated_attributes(agmt, 0 /* incremental */);
if (denied_attrs)
{
/* Report the error to the client */
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "attempt to exclude an illegal attribute in a fractional agreement");
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"attempt to exclude an illegal attribute in a fractional agreement\n");
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
/* Free the deny list if we got one */
slapi_ch_array_free(denied_attrs);
break;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicatedAttributeListTotal))
{
char **denied_attrs = NULL;
/* New set of excluded attributes */
if (agmt_set_replicated_attributes_total_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update total update replicated attributes for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
/* Check that there are no verboten attributes in the exclude list */
denied_attrs = agmt_validate_replicated_attributes(agmt, 1 /* total */);
if (denied_attrs)
{
/* Report the error to the client */
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "attempt to exclude an illegal total update "
"attribute in a fractional agreement");
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"attempt to exclude an illegal total update attribute in a fractional agreement\n");
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
/* Free the deny list if we got one */
slapi_ch_array_free(denied_attrs);
break;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
"nsds5debugreplicatimeout"))
{
char *val = slapi_entry_attr_get_charptr(e, "nsds5debugreplicatimeout");
repl5_set_debug_timeout(val);
slapi_ch_free_string(&val);
}
else if (strcasecmp (mods[i]->mod_type, "modifytimestamp") == 0 ||
strcasecmp (mods[i]->mod_type, "modifiersname") == 0 ||
strcasecmp (mods[i]->mod_type, "description") == 0)
{
/* ignore modifier's name and timestamp attributes and the description. */
continue;
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaEnabled))
{
if(agmt_set_enabled_from_entry(agmt, e, returntext) != 0){
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to set replica agmt state \"enabled/disabled\" for %s\n",agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaStripAttrs))
{
if(agmt_set_attrs_to_strip(agmt, e) != 0){
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to set replica agmt attributes to strip for %s\n",agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (0 == windows_handle_modify_agreement(agmt, mods[i]->mod_type, e))
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"modification of %s attribute is not allowed\n", mods[i]->mod_type);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
break;
}
}
if (stop_initialize)
{
agmt_stop (agmt);
}
else if (start_initialize)
{
if (agmt_initialize_replica(agmt) != 0) {
/* The suffix/repl agmt is disabled */
agmt_set_last_init_status(agmt, 0, NSDS50_REPL_DISABLED, NULL);
if(agmt_is_enabled(agmt)){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Suffix is disabled");
} else {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replication agreement is disabled");
}
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
else if (cancel_initialize)
{
agmt_replica_init_done(agmt);
}
if (update_the_schedule)
{
if (agmt_set_schedule_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update replication schedule for agreement %s\n",
agmt_get_long_name(agmt));
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
done:
if (NULL != agmt)
{
agmtlist_release_agmt(agmt);
}
return rc;
}
/* reads the cookie in dse.ldif to the replication agreement entry
returns: ldap result code of ldap operation, or
LDAP_NO_SUCH_ATTRIBUTE. (this is the equilivent of a null cookie) */
int windows_private_load_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Entry *entry = NULL;
Slapi_Attr *attr = NULL;
LDAPDebug0Args( LDAP_DEBUG_TRACE, "=> windows_private_load_dirsync_cookie\n" );
PR_ASSERT(ra);
dp = (Dirsync_Private *) agmt_get_priv(ra);
PR_ASSERT (dp);
pb = slapi_pblock_new ();
sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
rc = slapi_search_internal_get_entry(sdn, NULL, &entry,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION));
if (rc == 0)
{
rc= slapi_entry_attr_find( entry, type_nsds7DirsyncCookie, &attr );
if (attr)
{
struct berval **vals;
rc = slapi_attr_get_bervals_copy(attr, &vals );
if (vals)
{
dp->dirsync_cookie_len = (int) (vals[0])->bv_len;
slapi_ch_free_string(&dp->dirsync_cookie);
dp->dirsync_cookie = ( char* ) slapi_ch_malloc(dp->dirsync_cookie_len + 1);
memcpy(dp->dirsync_cookie,(vals[0]->bv_val), (vals[0])->bv_len+1);
}
ber_bvecfree(vals);
/* we do not free attr */
}
else
{
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
}
if (entry)
{
slapi_entry_free(entry);
}
slapi_sdn_free( &sdn);
slapi_pblock_destroy (pb);
LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_load_dirsync_cookie\n" );
return rc;
}
