int agmtlist_config_init() { Slapi_PBlock *pb; int agmtcount = 0; agmt_set = objset_new(agmtlist_objset_destructor); /* Register callbacks so we're informed about updates */ slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_add_callback, NULL); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_modify_callback, NULL); slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_delete_callback, NULL); slapi_config_register_callback(SLAPI_OPERATION_MODRDN, DSE_FLAG_PREOP, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_rename_callback, NULL); /* Search the DIT and find all the replication agreements */ pb = slapi_pblock_new(); slapi_search_internal_set_pb(pb, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, NULL /* attrs */, 0 /* attrsonly */, NULL, /* controls */ NULL /* uniqueid */, repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0 /* actions */); slapi_search_internal_callback_pb(pb, (void *)&agmtcount /* callback data */, NULL /* result_callback */, handle_agmt_search /* search entry cb */, NULL /* referral callback */); slapi_pblock_destroy(pb); slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_config_init: found %d replication agreements in DIT\n", agmtcount); return 0; }
/* * Read configuration and create a configuration data structure. * This is called after the server has configured itself so we can check * schema and whatnot. * Returns an LDAP error code (LDAP_SUCCESS if all goes well). */ int ipa_winsync_config(Slapi_Entry *config_e) { int returncode = LDAP_SUCCESS; char returntext[SLAPI_DSE_RETURNTEXT_SIZE]; if ( inited ) { LOG_FATAL("Error: IPA WinSync plug-in already configured. " "Please remove the plugin config entry [%s]\n", slapi_entry_get_dn_const(config_e)); return( LDAP_PARAM_ERROR ); } /* initialize fields */ if ((theConfig.lock = slapi_new_mutex()) == NULL) { return( LDAP_LOCAL_ERROR ); } /* init defaults */ theConfig.config_e = slapi_entry_alloc(); slapi_entry_init(theConfig.config_e, slapi_ch_strdup(""), NULL); theConfig.flatten = PR_TRUE; if (SLAPI_DSE_CALLBACK_OK == ipa_winsync_validate_config(NULL, NULL, config_e, &returncode, returntext, NULL)) { ipa_winsync_apply_config(NULL, NULL, config_e, &returncode, returntext, NULL); } /* config DSE must be initialized before we get here */ if (returncode == LDAP_SUCCESS) { const char *config_dn = slapi_entry_get_dn_const(config_e); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, config_dn, LDAP_SCOPE_BASE, IPA_WINSYNC_CONFIG_FILTER, ipa_winsync_validate_config,NULL); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_POSTOP, config_dn, LDAP_SCOPE_BASE, IPA_WINSYNC_CONFIG_FILTER, ipa_winsync_apply_config,NULL); slapi_config_register_callback(SLAPI_OPERATION_MODRDN, DSE_FLAG_PREOP, config_dn, LDAP_SCOPE_BASE, IPA_WINSYNC_CONFIG_FILTER, dont_allow_that, NULL); slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, config_dn, LDAP_SCOPE_BASE, IPA_WINSYNC_CONFIG_FILTER, dont_allow_that, NULL); slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, config_dn, LDAP_SCOPE_BASE, IPA_WINSYNC_CONFIG_FILTER, ipa_winsync_search,NULL); } inited = 1; if (returncode != LDAP_SUCCESS) { LOG_FATAL("Error %d: %s\n", returncode, returntext); } return returncode; }
int repl_rootdse_init() { /* The FE DSE *must* be initialised before we get here */ int return_value= LDAP_SUCCESS; slapi_config_register_callback(SLAPI_OPERATION_SEARCH,DSE_FLAG_PREOP,"",LDAP_SCOPE_BASE,"(objectclass=*)",repl_rootdse_search,NULL); return return_value; }
static int usn_rootdse_init() { int rc = -1; if (slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, "", LDAP_SCOPE_BASE, "(objectclass=*)", usn_rootdse_search, NULL)) { rc = 0; } return rc; }
/* When a new instance is started, we need to read the dse to * find out what attributes should be encrypted. This function * does that. Returns 0 on success. */ static int read_instance_attrcrypt_entries(ldbm_instance *inst) { Slapi_PBlock *tmp_pb; int scope = LDAP_SCOPE_SUBTREE; const char *searchfilter = ldbm_instance_attrcrypt_filter; char *basedn = NULL; /* Construct the base dn of the subtree that holds the index entries * for this instance. */ basedn = slapi_create_dn_string("cn=encrypted attributes,cn=%s,cn=%s,cn=plugins,cn=config", inst->inst_name, inst->inst_li->li_plugin->plg_name); if (NULL == basedn) { LDAPDebug2Args(LDAP_DEBUG_ANY, "read_instance_attrcrypt_entries: " "failed create encrypted attributes dn for plugin %s, " "instance %s\n", inst->inst_li->li_plugin->plg_name, inst->inst_name); return 1; } /* Set up a tmp callback that will handle the init for each index entry */ slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, basedn, scope, searchfilter, ldbm_attrcrypt_init_entry_callback, (void *) inst); /* Do a search of the subtree containing the index entries */ tmp_pb = slapi_pblock_new(); slapi_search_internal_set_pb(tmp_pb, basedn, LDAP_SCOPE_SUBTREE, searchfilter, NULL, 0, NULL, NULL, inst->inst_li->li_identity, 0); slapi_search_internal_pb (tmp_pb); /* Remove the tmp callback */ slapi_config_remove_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, basedn, scope, searchfilter, ldbm_attrcrypt_init_entry_callback); slapi_free_search_results_internal(tmp_pb); slapi_pblock_destroy(tmp_pb); slapi_ch_free_string(&basedn); return 0; }
/* Reads in any config information held in the dse for the given * entry. Creates dse entries used to configure the given instance * if they don't already exist. Registers dse callback functions to * maintain those dse entries. Returns 0 on success. */ int ldbm_instance_config_load_dse_info(ldbm_instance *inst) { struct ldbminfo *li = inst->inst_li; Slapi_PBlock *search_pb; Slapi_Entry **entries = NULL; char *dn = NULL; int rval = 0; /* We try to read the entry * cn=instance_name, cn=ldbm database, cn=plugins, cn=config. If the * entry is there, then we process the config information it stores. */ dn = slapi_create_dn_string("cn=%s,cn=%s,cn=plugins,cn=config", inst->inst_name, li->li_plugin->plg_name); if (NULL == dn) { LDAPDebug2Args(LDAP_DEBUG_ANY, "ldbm_instance_config_load_dse_info: " "failed create instance dn %s for plugin %s\n", inst->inst_name, inst->inst_li->li_plugin->plg_name); rval = 1; goto bail; } search_pb = slapi_pblock_new(); if (!search_pb) { LDAPDebug(LDAP_DEBUG_ANY, "ldbm_instance_config_load_dse_info: Out of memory\n", 0, 0, 0); rval = 1; goto bail; } slapi_search_internal_set_pb(search_pb, dn, LDAP_SCOPE_BASE, "objectclass=*", NULL, 0, NULL, NULL, li->li_identity, 0); slapi_search_internal_pb (search_pb); slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_RESULT, &rval); if (rval != LDAP_SUCCESS) { LDAPDebug(LDAP_DEBUG_ANY, "Error accessing the config DSE\n", 0, 0, 0); rval = 1; goto bail; } else { /* Need to parse the configuration information for the ldbm * plugin that is held in the DSE. */ slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries); if ((!entries) || (!entries[0])) { LDAPDebug(LDAP_DEBUG_ANY, "Error accessing the config DSE\n", 0, 0, 0); rval = 1; goto bail; } if (0 != parse_ldbm_instance_config_entry(inst, entries[0], ldbm_instance_config)) { LDAPDebug(LDAP_DEBUG_ANY, "Error parsing the config DSE\n", 0, 0, 0); rval = 1; goto bail; } } if (search_pb) { slapi_free_search_results_internal(search_pb); slapi_pblock_destroy(search_pb); } /* Add skeleton dse entries for this instance */ /* IF they already exist, that's ok */ ldbm_config_add_dse_entries(li, ldbm_instance_skeleton_entries, inst->inst_name, li->li_plugin->plg_name, inst->inst_name, 0); /* setup the dse callback functions for the ldbm instance config entry */ slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_instance_search_config_entry_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_instance_modify_config_entry_callback, (void *) inst); slapi_config_register_callback(DSE_OPERATION_WRITE, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_instance_search_config_entry_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_instance_deny_config, (void *)inst); /* delete is handled by a callback set in ldbm_config.c */ slapi_ch_free_string(&dn); /* don't forget the monitor! */ dn = slapi_create_dn_string("cn=monitor,cn=%s,cn=%s,cn=plugins,cn=config", inst->inst_name, li->li_plugin->plg_name); if (NULL == dn) { LDAPDebug2Args(LDAP_DEBUG_ANY, "ldbm_instance_config_load_dse_info: " "failed create monitor instance dn for plugin %s, " "instance %s\n", inst->inst_li->li_plugin->plg_name, inst->inst_name); rval = 1; goto bail; } /* make callback on search; deny add/modify/delete */ slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_back_monitor_instance_search, (void *)inst); slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, "(objectclass=*)", ldbm_instance_deny_config, (void *)inst); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, dn, LDAP_SCOPE_BASE, "(objectclass=*)", ldbm_instance_deny_config, (void *)inst); /* delete is okay */ slapi_ch_free_string(&dn); /* Callbacks to handle indexes */ dn = slapi_create_dn_string("cn=index,cn=%s,cn=%s,cn=plugins,cn=config", inst->inst_name, li->li_plugin->plg_name); if (NULL == dn) { LDAPDebug2Args(LDAP_DEBUG_ANY, "ldbm_instance_config_load_dse_info: " "failed create index instance dn for plugin %s, " "instance %s\n", inst->inst_li->li_plugin->plg_name, inst->inst_name); rval = 1; goto bail; } slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, "(objectclass=nsIndex)", ldbm_instance_index_config_add_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, "(objectclass=nsIndex)", ldbm_instance_index_config_delete_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, "(objectclass=nsIndex)", ldbm_instance_index_config_modify_callback, (void *) inst); slapi_ch_free_string(&dn); /* Callbacks to handle attribute encryption */ dn = slapi_create_dn_string("cn=encrypted attributes,cn=%s,cn=%s,cn=plugins,cn=config", inst->inst_name, li->li_plugin->plg_name); if (NULL == dn) { LDAPDebug2Args(LDAP_DEBUG_ANY, "ldbm_instance_config_load_dse_info: " "failed create encrypted attribute instance dn " "for plugin %s, instance %s\n", inst->inst_li->li_plugin->plg_name, inst->inst_name); rval = 1; goto bail; } slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, ldbm_instance_attrcrypt_filter, ldbm_instance_attrcrypt_config_add_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, ldbm_instance_attrcrypt_filter, ldbm_instance_attrcrypt_config_delete_callback, (void *) inst); slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, dn, LDAP_SCOPE_SUBTREE, ldbm_instance_attrcrypt_filter, ldbm_instance_attrcrypt_config_modify_callback, (void *) inst); rval = 0; bail: slapi_ch_free_string(&dn); return rval; }