static int
changelog4_close()
{
int rc= 0 /* OK */;
Slapi_Backend *rbe= get_repl_backend();
Slapi_PBlock *pb = slapi_pblock_new ();
IFP closefn = NULL;
rc = slapi_be_getentrypoint (rbe, SLAPI_PLUGIN_CLOSE_FN, (void**)&closefn, pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,
"Error: backend close entry point is missing. "
"Replication subsystem disabled.\n");
slapi_pblock_destroy (pb);
set_repl_backend( NULL );
return -1;
}
rc = closefn (pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, "Error: the changelog database could "
"not be closed. Replication subsystem disabled.\n");
set_repl_backend( NULL );
rc = -1;
}
slapi_pblock_destroy (pb);
return rc;
}
int
urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new();
slapi_modify_internal_set_pb_ext (
newpb,
sdn,
slapi_mods_get_ldapmods_byref (smods),
NULL, /* Controls */
uniqueid,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
/* set operation csn */
slapi_pblock_get (newpb, SLAPI_OPERATION, &op);
operation_set_csn (op, opcsn);
/* do modify */
slapi_modify_internal_pb (newpb);
slapi_pblock_get (newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result);
slapi_pblock_destroy(newpb);
return op_result;
}
int
urp_fixup_delete_entry (const char *uniqueid, const char *dn, CSN *opcsn, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new ();
/*
* Mark this operation as replicated, so that the front end
* doesn't add extra attributes.
*/
slapi_delete_internal_set_pb (
newpb,
dn,
NULL, /*Controls*/
uniqueid, /*uniqueid*/
repl_get_plugin_identity ( PLUGIN_MULTIMASTER_REPLICATION ),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags );
slapi_pblock_get ( newpb, SLAPI_OPERATION, &op );
operation_set_csn ( op, opcsn );
slapi_delete_internal_pb ( newpb );
slapi_pblock_get ( newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result );
slapi_pblock_destroy ( newpb );
return op_result;
}
int
sync_send_entry_from_changelog(Slapi_PBlock *pb,int chg_req, char *uniqueid)
{
Slapi_Entry *db_entry = NULL;
int chg_type = LDAP_SYNC_ADD;
int rv;
Slapi_PBlock *search_pb = NULL;
Slapi_Entry **entries = NULL;
char *origbase;
char *filter = slapi_ch_smprintf("(nsuniqueid=%s)",uniqueid);
slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET_DN, &origbase );
search_pb = slapi_pblock_new();
slapi_search_internal_set_pb(search_pb, origbase,
LDAP_SCOPE_SUBTREE, filter,
NULL, 0, NULL, NULL, plugin_get_default_component_id(), 0);
slapi_search_internal_pb(search_pb);
slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_RESULT, &rv);
if ( rv == LDAP_SUCCESS) {
slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
if (entries)
db_entry = *entries; /* there can only be one */
}
if (db_entry && sync_is_entry_in_scope(pb, db_entry)) {
LDAPControl **ctrl = (LDAPControl **)slapi_ch_calloc(2, sizeof (LDAPControl *));
sync_create_state_control(db_entry, &ctrl[0], chg_type, NULL);
slapi_send_ldap_search_entry (pb, db_entry, ctrl, NULL, 0);
ldap_controls_free(ctrl);
}
slapi_free_search_results_internal(search_pb);
slapi_pblock_destroy(search_pb);
slapi_ch_free((void **)&filter);
return (0);
}
int
agmtlist_config_init()
{
Slapi_PBlock *pb;
int agmtcount = 0;
agmt_set = objset_new(agmtlist_objset_destructor);
/* Register callbacks so we're informed about updates */
slapi_config_register_callback(SLAPI_OPERATION_ADD, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_add_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_MODIFY, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_modify_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_DELETE, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_delete_callback, NULL);
slapi_config_register_callback(SLAPI_OPERATION_MODRDN, DSE_FLAG_PREOP, AGMT_CONFIG_BASE,
LDAP_SCOPE_SUBTREE, GLOBAL_CONFIG_FILTER, agmtlist_rename_callback, NULL);
/* Search the DIT and find all the replication agreements */
pb = slapi_pblock_new();
slapi_search_internal_set_pb(pb, AGMT_CONFIG_BASE, LDAP_SCOPE_SUBTREE,
GLOBAL_CONFIG_FILTER, NULL /* attrs */, 0 /* attrsonly */,
NULL, /* controls */ NULL /* uniqueid */,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0 /* actions */);
slapi_search_internal_callback_pb(pb,
(void *)&agmtcount /* callback data */,
NULL /* result_callback */,
handle_agmt_search /* search entry cb */,
NULL /* referral callback */);
slapi_pblock_destroy(pb);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_config_init: found %d replication agreements in DIT\n", agmtcount);
return 0;
}
static void free_pblock(void *arg)
{
Slapi_PBlock *pb = (Slapi_PBlock *) arg;
slapi_free_search_results_internal(pb);
slapi_pblock_destroy(pb);
}
static int
linked_attrs_remove_backlinks_callback(Slapi_Entry *e, void *callback_data)
{
int rc = 0;
Slapi_DN *sdn = slapi_entry_get_sdn(e);
char *type = (char *)callback_data;
Slapi_PBlock *pb = slapi_pblock_new();
char *val[1];
LDAPMod mod;
LDAPMod *mods[2];
/* Remove all values of the passed in type. */
val[0] = 0;
mod.mod_op = LDAP_MOD_DELETE;
mod.mod_type = type;
mod.mod_values = val;
mods[0] = &mod;
mods[1] = 0;
slapi_log_error(SLAPI_LOG_PLUGIN, LINK_PLUGIN_SUBSYSTEM,
"Removing backpointer attribute (%s) from entry (%s)\n",
type, slapi_sdn_get_dn(sdn));
/* Perform the operation. */
slapi_modify_internal_set_pb_ext(pb, sdn, mods, 0, 0,
linked_attrs_get_plugin_id(), 0);
slapi_modify_internal_pb(pb);
slapi_pblock_destroy(pb);
return rc;
}
static void
_ger_release_gerpb (
Slapi_PBlock **gerpb,
void **aclcb, /* original aclcb */
Slapi_PBlock *pb /* original pb */
)
{
if ( *gerpb )
{
slapi_pblock_destroy ( *gerpb );
*gerpb = NULL;
}
/* Put the original aclcb back to pb */
if ( *aclcb )
{
Connection *conn = NULL;
slapi_pblock_get ( pb, SLAPI_CONNECTION, &conn );
if (conn)
{
struct aclcb *geraclcb;
geraclcb = (struct aclcb *) acl_get_ext ( ACL_EXT_CONNECTION, conn );
acl_conn_ext_destructor ( geraclcb, NULL, NULL );
acl_set_ext ( ACL_EXT_CONNECTION, conn, *aclcb );
*aclcb = NULL;
}
}
}
int oath_update_token(Slapi_Entry *e, long i) {
char *dn, value[22], *values[2] = {value, NULL};
int rc = LDAP_SUCCESS;
Slapi_PBlock *pb;
snprintf(value, 22, "%d", i);
LDAPMod mod = {
.mod_op = LDAP_MOD_REPLACE,
.mod_type = "tokenCounter",
.mod_values = values
};
LDAPMod *mods[] = {&mod, NULL};
dn = slapi_entry_get_dn(e);
pb = slapi_pblock_new();
slapi_modify_internal_set_pb(pb, dn, mods, NULL, NULL, oath_preop_plugin_id, 0);
if (slapi_modify_internal_pb(pb) != 0) {
slapi_log_error(SLAPI_LOG_PLUGIN, "oath", "oath_update_token: Failed to update token\n");
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
}
slapi_pblock_destroy(pb);
return rc;
}
static void
freePblock( Slapi_PBlock *spb ) {
if ( spb )
{
slapi_free_search_results_internal( spb );
slapi_pblock_destroy( spb );
}
}
/*
* snmp_update_cache_stats()
*
* Reads the backend cache stats from the backend monitor entry and
* updates the global counter used by the SNMP sub-agent as well as
* the SNMP monitor entry.
*/
static void
snmp_update_cache_stats(void)
{
Slapi_Backend *be, *be_next;
char *cookie = NULL;
Slapi_PBlock *search_result_pb = NULL;
Slapi_Entry **search_entries;
int search_result;
/* set the cache hits/cache entries info */
be = slapi_get_first_backend(&cookie);
if (!be){
slapi_ch_free ((void **) &cookie);
return;
}
be_next = slapi_get_next_backend(cookie);
slapi_ch_free ((void **) &cookie);
/* for now, only do it if there is only 1 backend, otherwise don't know
* which backend to pick */
if(be_next == NULL)
{
Slapi_DN monitordn;
slapi_sdn_init(&monitordn);
be_getmonitordn(be,&monitordn);
/* do a search on the monitor dn to get info */
search_result_pb = slapi_search_internal( slapi_sdn_get_dn(&monitordn),
LDAP_SCOPE_BASE,
"objectclass=*",
NULL,
NULL,
0);
slapi_sdn_done(&monitordn);
slapi_pblock_get( search_result_pb, SLAPI_PLUGIN_INTOP_RESULT, &search_result);
if(search_result == 0)
{
slapi_pblock_get( search_result_pb,SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
&search_entries);
/* set the entrycachehits */
slapi_counter_set_value(g_get_global_snmp_vars()->entries_tbl.dsCacheHits,
slapi_entry_attr_get_ulonglong(search_entries[0], "entrycachehits"));
/* set the currententrycachesize */
slapi_counter_set_value(g_get_global_snmp_vars()->entries_tbl.dsCacheEntries,
slapi_entry_attr_get_ulonglong(search_entries[0], "currententrycachesize"));
}
slapi_free_search_results_internal(search_result_pb);
slapi_pblock_destroy(search_result_pb);
}
}
void retrocl_create_cle (void)
{
Slapi_PBlock *pb = NULL;
Slapi_Entry *e;
int rc;
struct berval *vals[2];
struct berval val;
vals[0] = &val;
vals[1] = NULL;
e = slapi_entry_alloc();
slapi_entry_set_dn(e,slapi_ch_strdup(RETROCL_CHANGELOG_DN));
/* Set the objectclass attribute */
val.bv_val = "top";
val.bv_len = strlen(val.bv_val);
slapi_entry_add_values( e, "objectclass", vals );
/* Set the objectclass attribute */
val.bv_val = "nsContainer";
val.bv_len = strlen(val.bv_val);
slapi_entry_add_values( e, "objectclass", vals );
/* Set the objectclass attribute */
val.bv_val = "changelog";
val.bv_len = strlen(val.bv_val);
slapi_entry_add_values( e, "cn", vals );
val.bv_val = RETROCL_ACL;
val.bv_len = strlen(val.bv_val);
slapi_entry_add_values( e, "aci", vals );
pb = slapi_pblock_new ();
slapi_add_entry_internal_set_pb( pb, e, NULL /* controls */,
g_plg_identity[PLUGIN_RETROCL],
0 /* actions */ );
slapi_add_internal_pb (pb);
slapi_pblock_get( pb, SLAPI_PLUGIN_INTOP_RESULT, &rc );
slapi_pblock_destroy(pb);
if (rc == 0) {
slapi_log_error (SLAPI_LOG_PLUGIN, RETROCL_PLUGIN_NAME,
"created cn=changelog\n");
} else if (rc == LDAP_ALREADY_EXISTS) {
slapi_log_error (SLAPI_LOG_PLUGIN, RETROCL_PLUGIN_NAME,
"cn=changelog already existed\n");
} else {
slapi_log_error( SLAPI_LOG_FATAL, RETROCL_PLUGIN_NAME, "cn=changelog could not be created (%d)\n", rc);
}
}
/* consumer connection extension destructor */
void consumer_connection_extension_destructor (void *ext, void *object, void *parent)
{
PRUint64 connid = 0;
if (ext)
{
/* Check to see if this replication session has acquired
* a replica. If so, release it here.
*/
consumer_connection_extension *connext = (consumer_connection_extension *)ext;
if (NULL != connext->replica_acquired)
{
Replica *r = object_get_data ((Object*)connext->replica_acquired);
/* If a total update was in progress, abort it */
if (REPL_PROTOCOL_50_TOTALUPDATE == connext->repl_protocol_version)
{
Slapi_PBlock *pb = slapi_pblock_new();
const Slapi_DN *repl_root_sdn = replica_get_root(r);
PR_ASSERT(NULL != repl_root_sdn);
if (NULL != repl_root_sdn)
{
slapi_pblock_set(pb, SLAPI_CONNECTION, connext->connection);
slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void*)repl_root_sdn);
slapi_pblock_get(pb, SLAPI_CONN_ID, &connid);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"Aborting total update in progress for replicated "
"area %s connid=%" NSPRIu64 "\n", slapi_sdn_get_dn(repl_root_sdn),
connid);
slapi_stop_bulk_import(pb);
}
else
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"consumer_connection_extension_destructor: can't determine root "
"of replicated area.\n");
}
slapi_pblock_destroy(pb);
/* allow reaping again */
replica_set_tombstone_reap_stop(r, PR_FALSE);
}
replica_relinquish_exclusive_access(r, connid, -1);
object_release ((Object*)connext->replica_acquired);
connext->replica_acquired = NULL;
}
if (connext->supplier_ruv)
{
ruv_destroy ((RUV **)&connext->supplier_ruv);
}
connext->connection = NULL;
slapi_ch_free((void **)&ext);
}
}
/*
* dnHasAttribute - read an entry if it has a particular attribute
* Return:
* The entry, or NULL
*/
Slapi_PBlock *
dnHasAttribute( const char *baseDN, const char *attrName ) {
Slapi_PBlock *spb = NULL;
char *filter = NULL;
BEGIN
int sres;
Slapi_Entry **entries;
char *attrs[2];
/* Perform the search - the new pblock needs to be freed */
attrs[0] = (char *)attrName;
attrs[1] = NULL;
filter = PR_smprintf( "%s=*", attrName );
spb = slapi_search_internal((char *)baseDN, LDAP_SCOPE_BASE,
filter, NULL, attrs, 0);
if ( !spb ) {
op_error(20);
break;
}
if ( slapi_pblock_get( spb, SLAPI_PLUGIN_INTOP_RESULT, &sres ) ) {
op_error(21);
break;
} else if (sres) {
op_error(22);
break;
}
if ( slapi_pblock_get(spb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
&entries) ) {
op_error(23);
break;
}
/*
* Can only be one entry returned on a base search; just check
* the first one
*/
if ( !*entries ) {
/* Clean up */
slapi_free_search_results_internal(spb);
slapi_pblock_destroy(spb);
spb = NULL;
}
END
if (filter) {
PR_smprintf_free(filter);
}
return spb;
}
Slapi_ValueSet *
replica_updatedn_list_get_members(Slapi_DN *dn)
{
static char* const filter_groups = "(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs))";
static char* const type_member = "member";
static char* const type_uniquemember = "uniquemember";
static char* const type_memberURL = "memberURL";
int rval;
char *attrs[4];
Slapi_PBlock *mpb = slapi_pblock_new ();
Slapi_ValueSet *members = slapi_valueset_new();
attrs[0] = type_member;
attrs[1] = type_uniquemember;
attrs[2] = type_memberURL;
attrs[3] = NULL;
slapi_search_internal_set_pb ( mpb, slapi_sdn_get_ndn(dn), LDAP_SCOPE_BASE, filter_groups,
&attrs[0], 0, NULL /* controls */, NULL /* uniqueid */,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_search_internal_pb(mpb);
slapi_pblock_get(mpb, SLAPI_PLUGIN_INTOP_RESULT, &rval);
if (rval == LDAP_SUCCESS) {
Slapi_Entry **ep;
slapi_pblock_get(mpb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &ep);
if ((ep != NULL) && (ep[0] != NULL)) {
Slapi_Attr *attr = NULL;
Slapi_Attr *nextAttr = NULL;
Slapi_ValueSet *vs = NULL;
char *attrType;
slapi_entry_first_attr ( ep[0], &attr);
while (attr) {
slapi_attr_get_type ( attr, &attrType );
if ((strcasecmp (attrType, type_member) == 0) ||
(strcasecmp (attrType, type_uniquemember) == 0 )) {
slapi_attr_get_valueset(attr, &vs);
slapi_valueset_join_attr_valueset(attr, members, vs);
slapi_valueset_free(vs);
} else if (strcasecmp (attrType, type_memberURL) == 0) {
/* not yet supported */
}
slapi_entry_next_attr ( ep[0], attr, &nextAttr );
attr = nextAttr;
}
}
}
slapi_free_search_results_internal(mpb);
slapi_pblock_destroy (mpb);
return(members);
}
static int ipa_cldap_get_domain_entry(struct ipa_cldap_ctx *ctx,
char *domain,
char **guid, char **sid, char **name)
{
Slapi_PBlock *pb;
Slapi_Entry **e = NULL;
char *filter;
int ret;
pb = slapi_pblock_new();
if (!pb) {
return ENOMEM;
}
ret = asprintf(&filter, "(&(cn=%s)(objectclass=ipaNTDomainAttrs))", domain);
if (ret == -1) {
ret = ENOMEM;
goto done;
}
slapi_search_internal_set_pb(pb, ctx->base_dn,
LDAP_SCOPE_SUBTREE, filter,
NULL, 0, NULL, NULL, ctx->plugin_id, 0);
slapi_search_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
if (ret) {
ret = ENOENT;
goto done;
}
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &e);
if (!e || !e[0] || e[1]) {
/* no matches or too many matches */
ret = ENOENT;
goto done;
}
*guid = slapi_entry_attr_get_charptr(e[0], "ipaNTDomainGUID");
*sid = slapi_entry_attr_get_charptr(e[0], "ipaNTSecurityIdentifier");
*name = slapi_entry_attr_get_charptr(e[0], "ipaNTFlatName");
ret = 0;
done:
slapi_free_search_results_internal(pb);
slapi_pblock_destroy(pb);
free(filter);
return ret;
}
/* Name: changelog4_start_be
* Parameters: none
* Return: 0 if successful, non 0 otherwise
* Description: starts the changelog backend; backend must be configured
* first via call to changelog4_create_be
*/
static int
changelog4_start_be ()
{
int rc;
IFP startfn = NULL;
Slapi_PBlock *pb;
Slapi_Backend *rbe = get_repl_backend ();
if (rbe)
{
pb = slapi_pblock_new();
rc = slapi_be_getentrypoint(rbe, SLAPI_PLUGIN_START_FN, (void**)&startfn, pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,
"Error: backend start entry point is missing. "
"Replication subsystem disabled.\n");
slapi_pblock_destroy (pb);
set_repl_backend( NULL );
return -1;
}
rc = startfn (pb);
slapi_pblock_destroy (pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,
"Error: Failed to start changelog backend. "
"Replication subsystem disabled.\n");
set_repl_backend( NULL );
return -1;
}
}
return 0;
}
static int
changelog4_remove()
{
int rc= 0 /* OK */;
Slapi_Backend *rbe= get_repl_backend();
Slapi_PBlock *pb = slapi_pblock_new ();
IFP rmdbfn = NULL;
rc = slapi_be_getentrypoint (rbe, SLAPI_PLUGIN_DB_RMDB_FN, (void**)&rmdbfn, pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,
"Error: backend rmdb entry point is missing. "
"Replication subsystem disabled.\n");
slapi_pblock_destroy (pb);
set_repl_backend( NULL );
return -1;
}
rc = rmdbfn (pb);
if (rc != 0)
{
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, "Error: the changelog database could "
"not be removed. Replication subsystem disabled.\n");
rc = -1;
}
else
{
slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name, "New database generation computed. "
"Changelog database removed.\n");
}
slapi_pblock_destroy (pb);
return rc;
}
/* writes the current cookie into dse.ldif under the replication agreement entry
returns: ldap result code of the operation. */
int
windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Mods *mods = NULL;
LDAPDebug0Args( LDAP_DEBUG_TRACE, "=> windows_private_save_dirsync_cookie\n" );
PR_ASSERT(ra);
dp = (Dirsync_Private *) agmt_get_priv(ra);
PR_ASSERT (dp);
pb = slapi_pblock_new ();
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_REPLACE);
sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc == LDAP_NO_SUCH_ATTRIBUTE)
{ /* try again, but as an add instead */
slapi_mods_free(&mods);
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_ADD);
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
}
slapi_pblock_destroy (pb);
slapi_mods_free(&mods);
slapi_sdn_free(&sdn);
LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_save_dirsync_cookie\n" );
return rc;
}
void
slap_op_free( Operation *op )
{
assert( LDAP_STAILQ_NEXT(op, o_next) == NULL );
if ( op->o_ber != NULL ) {
ber_free( op->o_ber, 1 );
}
if ( op->o_dn.bv_val != NULL ) {
free( op->o_dn.bv_val );
}
if ( op->o_ndn.bv_val != NULL ) {
free( op->o_ndn.bv_val );
}
if ( op->o_authmech.bv_val != NULL ) {
free( op->o_authmech.bv_val );
}
if ( op->o_ctrls != NULL ) {
ldap_controls_free( op->o_ctrls );
}
#ifdef LDAP_CONNECTIONLESS
if ( op->o_res_ber != NULL ) {
ber_free( op->o_res_ber, 1 );
}
#endif
#ifdef LDAP_CLIENT_UPDATE
if ( op->o_clientupdate_state.bv_val != NULL ) {
free( op->o_clientupdate_state.bv_val );
}
#endif
#ifdef LDAP_SYNC
if ( op->o_sync_state.bv_val != NULL ) {
free( op->o_sync_state.bv_val );
}
#endif
#if defined( LDAP_SLAPI )
if ( op->o_pb != NULL ) {
slapi_pblock_destroy( (Slapi_PBlock *)op->o_pb );
}
#endif /* defined( LDAP_SLAPI ) */
memset( op, 0, sizeof(Operation) );
ldap_pvt_thread_mutex_lock( &slap_op_mutex );
LDAP_STAILQ_INSERT_HEAD( &slap_free_ops, op, o_next );
ldap_pvt_thread_mutex_unlock( &slap_op_mutex );
}
static int
slapi_over_extended( Operation *op, SlapReply *rs )
{
Slapi_PBlock *pb;
SLAPI_FUNC callback;
int rc;
int internal_op;
slap_callback cb;
slapi_int_get_extop_plugin( &op->ore_reqoid, &callback );
if ( callback == NULL ) {
return SLAP_CB_CONTINUE;
}
internal_op = slapi_op_internal_p( op, rs, &cb );
if ( internal_op ) {
return SLAP_CB_CONTINUE;
}
pb = SLAPI_OPERATION_PBLOCK( op );
rc = (*callback)( pb );
if ( rc == SLAPI_PLUGIN_EXTENDED_SENT_RESULT ) {
goto cleanup;
} else if ( rc == SLAPI_PLUGIN_EXTENDED_NOT_HANDLED ) {
rc = SLAP_CB_CONTINUE;
goto cleanup;
}
assert( rs->sr_rspoid != NULL );
send_ldap_extended( op, rs );
#if 0
slapi_ch_free_string( (char **)&rs->sr_rspoid );
#endif
if ( rs->sr_rspdata != NULL )
ber_bvfree( rs->sr_rspdata );
rc = rs->sr_err;
cleanup:
slapi_pblock_destroy( pb );
op->o_callback = cb.sc_next;
return rc;
}
static int
slapi_over_db_close(
BackendDB *be,
ConfigReply *cr )
{
Slapi_PBlock *pb;
int rc;
pb = slapi_pblock_new();
rc = slapi_int_call_plugins( be, SLAPI_PLUGIN_CLOSE_FN, pb );
slapi_pblock_destroy( pb );
return rc;
}
/*
* Create the entry at the top of the replication configuration subtree.
*/
static int
create_config_top(void)
{
/* DN part of this entry_string: no need to be optimized. */
char *entry_string = slapi_ch_strdup("dn: cn=replication,cn=config\nobjectclass: top\nobjectclass: extensibleobject\ncn: replication\n");
Slapi_PBlock *pb = slapi_pblock_new();
Slapi_Entry *e = slapi_str2entry(entry_string, 0);
int return_value;
slapi_add_entry_internal_set_pb(pb, e, NULL, /* controls */
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0 /* flags */);
slapi_add_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &return_value);
slapi_pblock_destroy(pb);
slapi_ch_free((void **)&entry_string);
return return_value;
}
int
sync_refresh_update_content(Slapi_PBlock *pb, Sync_Cookie *client_cookie, Sync_Cookie *server_cookie)
{
Slapi_PBlock *seq_pb;
char *filter;
Sync_CallBackData cb_data;
int rc;
int chg_count = server_cookie->cookie_change_info -
client_cookie->cookie_change_info + 1;
cb_data.cb_updates = (Sync_UpdateNode *)slapi_ch_calloc(chg_count, sizeof(Sync_UpdateNode));
seq_pb = slapi_pblock_new();
slapi_pblock_init(seq_pb);
cb_data.orig_pb = pb;
cb_data.change_start = client_cookie->cookie_change_info;
filter = slapi_ch_smprintf("(&(changenumber>=%lu)(changenumber<=%lu))",
client_cookie->cookie_change_info,
server_cookie->cookie_change_info);
slapi_search_internal_set_pb(
seq_pb,
CL_SRCH_BASE,
LDAP_SCOPE_ONE,
filter,
NULL,
0,
NULL, NULL,
plugin_get_default_component_id(),
0);
rc = slapi_search_internal_callback_pb (
seq_pb, &cb_data, NULL, sync_read_entry_from_changelog, NULL);
slapi_pblock_destroy(seq_pb);
/* Now send the deleted entries in a sync info message
* and the modified entries as single entries
*/
sync_send_deleted_entries(pb, cb_data.cb_updates, chg_count, server_cookie);
sync_send_modified_entries(pb, cb_data.cb_updates, chg_count);
sync_free_update_nodes(&cb_data.cb_updates, chg_count);
slapi_ch_free((void **)&filter);
return (rc);
}
/* When a new instance is started, we need to read the dse to
* find out what attributes should be encrypted. This function
* does that. Returns 0 on success. */
static int
read_instance_attrcrypt_entries(ldbm_instance *inst)
{
Slapi_PBlock *tmp_pb;
int scope = LDAP_SCOPE_SUBTREE;
const char *searchfilter = ldbm_instance_attrcrypt_filter;
char *basedn = NULL;
/* Construct the base dn of the subtree that holds the index entries
* for this instance. */
basedn = slapi_create_dn_string("cn=encrypted attributes,cn=%s,cn=%s,cn=plugins,cn=config",
inst->inst_name, inst->inst_li->li_plugin->plg_name);
if (NULL == basedn) {
LDAPDebug2Args(LDAP_DEBUG_ANY,
"read_instance_attrcrypt_entries: "
"failed create encrypted attributes dn for plugin %s, "
"instance %s\n",
inst->inst_li->li_plugin->plg_name, inst->inst_name);
return 1;
}
/* Set up a tmp callback that will handle the init for each index entry */
slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP,
basedn, scope, searchfilter, ldbm_attrcrypt_init_entry_callback,
(void *) inst);
/* Do a search of the subtree containing the index entries */
tmp_pb = slapi_pblock_new();
slapi_search_internal_set_pb(tmp_pb, basedn, LDAP_SCOPE_SUBTREE,
searchfilter, NULL, 0, NULL, NULL, inst->inst_li->li_identity, 0);
slapi_search_internal_pb (tmp_pb);
/* Remove the tmp callback */
slapi_config_remove_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP,
basedn, scope, searchfilter, ldbm_attrcrypt_init_entry_callback);
slapi_free_search_results_internal(tmp_pb);
slapi_pblock_destroy(tmp_pb);
slapi_ch_free_string(&basedn);
return 0;
}
static int
slapi_over_search( Operation *op, SlapReply *rs, int type )
{
int rc;
Slapi_PBlock *pb;
assert( rs->sr_type == REP_SEARCH || rs->sr_type == REP_SEARCHREF );
/* create a new pblock to not trample on result controls */
pb = slapi_over_pblock_new( op, rs );
rc = slapi_over_call_plugins( pb, type );
if ( rc >= 0 ) /* 1 means no plugins called */
rc = SLAP_CB_CONTINUE;
else
rc = LDAP_SUCCESS; /* confusing: don't abort, but don't send */
slapi_pblock_destroy(pb);
return rc;
}
static int
slapi_over_aux_operational( Operation *op, SlapReply *rs )
{
/* Support for computed attribute plugins */
computed_attr_context ctx;
AttributeName *anp;
if ( slapi_op_internal_p( op, rs, NULL ) ) {
return SLAP_CB_CONTINUE;
}
ctx.cac_pb = slapi_over_pblock_new( op, rs );
ctx.cac_op = op;
ctx.cac_private = rs;
if ( rs->sr_entry != NULL ) {
/*
* For each client requested attribute, call the plugins.
*/
if ( rs->sr_attrs != NULL ) {
for ( anp = rs->sr_attrs; anp->an_name.bv_val != NULL; anp++ ) {
if ( compute_evaluator( &ctx, anp->an_name.bv_val,
rs->sr_entry, slapi_over_compute_output ) == 1 ) {
break;
}
}
} else {
/*
* Technically we shouldn't be returning operational attributes
* when the user requested only user attributes. We'll let the
* plugin decide whether to be naughty or not.
*/
compute_evaluator( &ctx, "*", rs->sr_entry, slapi_over_compute_output );
}
}
slapi_pblock_destroy( ctx.cac_pb );
return SLAP_CB_CONTINUE;
}
/*
* dnHasObjectClass - read an entry if it has a particular object class
* Return:
* A pblock containing the entry, or NULL
*/
Slapi_PBlock *
dnHasObjectClass( const char *baseDN, const char *objectClass ) {
char *filter = NULL;
Slapi_PBlock *spb = NULL;
BEGIN
Slapi_Entry **entries;
char *attrs[2];
/* Perform the search - the new pblock needs to be freed */
attrs[0] = "objectclass";
attrs[1] = NULL;
filter = PR_smprintf("objectclass=%s", objectClass );
if ( !(spb = readPblockAndEntry( baseDN, filter, attrs) ) ) {
break;
}
if ( slapi_pblock_get(spb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
&entries) ) {
op_error(23);
break;
}
/*
* Can only be one entry returned on a base search; just check
* the first one
*/
if ( !*entries ) {
/* Clean up */
slapi_free_search_results_internal(spb);
slapi_pblock_destroy(spb);
spb = NULL;
}
END
if (filter) {
PR_smprintf_free(filter);
}
return spb;
}
int
urp_fixup_add_entry (Slapi_Entry *e, const char *target_uniqueid, const char *parentuniqueid, CSN *opcsn, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new ();
/*
* Mark this operation as replicated, so that the front end
* doesn't add extra attributes.
*/
slapi_add_entry_internal_set_pb (
newpb,
e, /* entry will be consumed */
NULL, /*Controls*/
repl_get_plugin_identity ( PLUGIN_MULTIMASTER_REPLICATION ),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
if (target_uniqueid)
{
slapi_pblock_set( newpb, SLAPI_TARGET_UNIQUEID, (void*)target_uniqueid);
}
if (parentuniqueid)
{
struct slapi_operation_parameters *op_params;
slapi_pblock_get( newpb, SLAPI_OPERATION_PARAMETERS, &op_params );
op_params->p.p_add.parentuniqueid = (char*)parentuniqueid; /* Consumes parentuniqueid */
}
slapi_pblock_get ( newpb, SLAPI_OPERATION, &op );
operation_set_csn ( op, opcsn );
slapi_add_internal_pb ( newpb );
slapi_pblock_get ( newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result );
slapi_pblock_destroy ( newpb );
return op_result;
}
/* Construct Mods pblock and perform the modify operation
* Sets result of operation in SLAPI_PLUGIN_INTOP_RESULT
*/
int ipapwd_apply_mods(const char *dn, Slapi_Mods *mods)
{
Slapi_PBlock *pb;
int ret;
LOG_TRACE("=>\n");
if (!mods || (slapi_mods_get_num_mods(mods) == 0)) {
return -1;
}
pb = slapi_pblock_new();
slapi_modify_internal_set_pb(pb, dn,
slapi_mods_get_ldapmods_byref(mods),
NULL, /* Controls */
NULL, /* UniqueID */
ipapwd_plugin_id, /* PluginID */
0); /* Flags */
ret = slapi_modify_internal_pb(pb);
if (ret) {
LOG_TRACE("WARNING: modify error %d on entry '%s'\n", ret, dn);
} else {
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
if (ret != LDAP_SUCCESS){
LOG_TRACE("WARNING: modify error %d on entry '%s'\n", ret, dn);
} else {
LOG_TRACE("<= Successful\n");
}
}
slapi_pblock_destroy(pb);
return ret;
}
