Esempi in C++ (Cpp) per META_BACK_TGT_T_F_DISCOVER

Esempio n. 1

0

Mostra file

File: init.c Progetto: tiniesst/ReOpenLDAP

int
meta_target_finish(
	metainfo_t *mi,
	metatarget_t *mt,
	const char *log,
	char *msg,
	size_t msize
)
{
	slap_bindconf	sb = { BER_BVNULL };
	struct berval mapped;
	int rc;

	ber_str2bv( mt->mt_uri, 0, 0, &sb.sb_uri );
	sb.sb_version = mt->mt_version;
	sb.sb_method = LDAP_AUTH_SIMPLE;
	BER_BVSTR( &sb.sb_binddn, "" );

	if ( META_BACK_TGT_T_F_DISCOVER( mt ) ) {
		rc = slap_discover_feature( &sb,
				slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
				LDAP_FEATURE_ABSOLUTE_FILTERS );
		if ( rc == LDAP_COMPARE_TRUE ) {
			mt->mt_flags |= LDAP_BACK_F_T_F;
		}
	}

	if ( META_BACK_TGT_CANCEL_DISCOVER( mt ) ) {
		rc = slap_discover_feature( &sb,
				slap_schema.si_ad_supportedExtension->ad_cname.bv_val,
				LDAP_EXOP_CANCEL );
		if ( rc == LDAP_COMPARE_TRUE ) {
			mt->mt_flags |= LDAP_BACK_F_CANCEL_EXOP;
		}
	}

	if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE )
		|| mt->mt_idassert_authz != NULL )
	{
		mi->mi_flags &= ~META_BACK_F_PROXYAUTHZ_ALWAYS;
	}

	if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL )
		&& !( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
	{
		snprintf( msg, msize,
			"%s: inconsistent idassert configuration "
			"(likely authz=\"*\" used with \"non-prescriptive\" flag)",
			log );
		Debug( LDAP_DEBUG_ANY, "%s (target %s)\n",
			msg, mt->mt_uri );
		return 1;
	}

	if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL ) )
	{
		mi->mi_flags &= ~META_BACK_F_PROXYAUTHZ_ANON;
	}

	if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
	{
		mi->mi_flags &= ~META_BACK_F_PROXYAUTHZ_NOANON;
	}

	BER_BVZERO( &mapped );
	ldap_back_map( &mt->mt_rwmap.rwm_at,
		&slap_schema.si_ad_entryDN->ad_cname, &mapped,
		BACKLDAP_REMAP );
	if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
		mt->mt_rep_flags |= REP_NO_ENTRYDN;
	}

	BER_BVZERO( &mapped );
	ldap_back_map( &mt->mt_rwmap.rwm_at,
		&slap_schema.si_ad_subschemaSubentry->ad_cname, &mapped,
		BACKLDAP_REMAP );
	if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
		mt->mt_rep_flags |= REP_NO_SUBSCHEMA;
	}

	return 0;
}

Esempio n. 2

0

Mostra file

File: init.c Progetto: ystk/debian-openldap

int
meta_back_db_open(
	Backend		*be,
	ConfigReply	*cr )
{
	metainfo_t	*mi = (metainfo_t *)be->be_private;

	int		i,
			not_always = 0,
			not_always_anon_proxyauthz = 0,
			not_always_anon_non_prescriptive = 0,
			rc;

	if ( mi->mi_ntargets == 0 ) {
		Debug( LDAP_DEBUG_ANY,
			"meta_back_db_open: no targets defined\n",
			0, 0, 0 );
		return 1;
	}

	for ( i = 0; i < mi->mi_ntargets; i++ ) {
		slap_bindconf	sb = { BER_BVNULL };
		metatarget_t	*mt = mi->mi_targets[ i ];

		struct berval mapped;

		ber_str2bv( mt->mt_uri, 0, 0, &sb.sb_uri );
		sb.sb_version = mt->mt_version;
		sb.sb_method = LDAP_AUTH_SIMPLE;
		BER_BVSTR( &sb.sb_binddn, "" );

		if ( META_BACK_TGT_T_F_DISCOVER( mt ) ) {
			rc = slap_discover_feature( &sb,
					slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
					LDAP_FEATURE_ABSOLUTE_FILTERS );
			if ( rc == LDAP_COMPARE_TRUE ) {
				mt->mt_flags |= LDAP_BACK_F_T_F;
			}
		}

		if ( META_BACK_TGT_CANCEL_DISCOVER( mt ) ) {
			rc = slap_discover_feature( &sb,
					slap_schema.si_ad_supportedExtension->ad_cname.bv_val,
					LDAP_EXOP_CANCEL );
			if ( rc == LDAP_COMPARE_TRUE ) {
				mt->mt_flags |= LDAP_BACK_F_CANCEL_EXOP;
			}
		}

		if ( not_always == 0 ) {
			if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE )
				|| mt->mt_idassert_authz != NULL )
			{
				not_always = 1;
			}
		}

		if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL )
			&& !( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
		{
			Debug( LDAP_DEBUG_ANY, "meta_back_db_open(%s): "
				"target #%d inconsistent idassert configuration "
				"(likely authz=\"*\" used with \"non-prescriptive\" flag)\n",
				be->be_suffix[ 0 ].bv_val, i, 0 );
			return 1;
		}

		if ( not_always_anon_proxyauthz == 0 ) {
			if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL ) )
			{
				not_always_anon_proxyauthz = 1;
			}
		}

		if ( not_always_anon_non_prescriptive == 0 ) {
			if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
			{
				not_always_anon_non_prescriptive = 1;
			}
		}

		BER_BVZERO( &mapped );
		ldap_back_map( &mt->mt_rwmap.rwm_at, 
			&slap_schema.si_ad_entryDN->ad_cname, &mapped,
			BACKLDAP_REMAP );
		if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
			mt->mt_rep_flags |= REP_NO_ENTRYDN;
		}

		BER_BVZERO( &mapped );
		ldap_back_map( &mt->mt_rwmap.rwm_at, 
			&slap_schema.si_ad_subschemaSubentry->ad_cname, &mapped,
			BACKLDAP_REMAP );
		if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
			mt->mt_rep_flags |= REP_NO_SUBSCHEMA;
		}
	}

	if ( not_always == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ALWAYS;
	}

	if ( not_always_anon_proxyauthz == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ANON;

	} else if ( not_always_anon_non_prescriptive == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_NOANON;
	}

	return 0;
}

Esempio n. 3

0

Mostra file

File: init.c Progetto: rashoodkhan/ldap-server-mirror

int
meta_back_db_open(
	Backend		*be,
	ConfigReply	*cr )
{
	metainfo_t	*mi = (metainfo_t *)be->be_private;
	BackendInfo *bi;

	int		i,
			not_always = 0,
			not_always_anon_proxyauthz = 0,
			not_always_anon_non_prescriptive = 0,
			rc;

	if ( mi->mi_ntargets == 0 ) {
		Debug( LDAP_DEBUG_ANY,
			"meta_back_db_open: no targets defined\n",
			0, 0, 0 );
		return 1;
	}

	bi = backend_info( "ldap" );
	if ( !bi || !bi->bi_extra ) {
		Debug( LDAP_DEBUG_ANY,
			"meta_back_db_open: needs back-ldap\n",
			0, 0, 0 );
		return 1;
	}
	mi->mi_ldap_extra = (ldap_extra_t *)bi->bi_extra;

	for ( i = 0; i < mi->mi_ntargets; i++ ) {
		slap_bindconf	sb = { BER_BVNULL };
		metatarget_t	*mt = mi->mi_targets[ i ];

		ber_str2bv( mt->mt_uri, 0, 0, &sb.sb_uri );
		sb.sb_version = mt->mt_version;
		sb.sb_method = LDAP_AUTH_SIMPLE;
		BER_BVSTR( &sb.sb_binddn, "" );

		if ( META_BACK_TGT_T_F_DISCOVER( mt ) ) {
			rc = slap_discover_feature( &sb,
					slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
					LDAP_FEATURE_ABSOLUTE_FILTERS );
			if ( rc == LDAP_COMPARE_TRUE ) {
				mt->mt_flags |= LDAP_BACK_F_T_F;
			}
		}

		if ( META_BACK_TGT_CANCEL_DISCOVER( mt ) ) {
			rc = slap_discover_feature( &sb,
					slap_schema.si_ad_supportedExtension->ad_cname.bv_val,
					LDAP_EXOP_CANCEL );
			if ( rc == LDAP_COMPARE_TRUE ) {
				mt->mt_flags |= LDAP_BACK_F_CANCEL_EXOP;
			}
		}

		if ( not_always == 0 ) {
			if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE )
				|| mt->mt_idassert_authz != NULL )
			{
				not_always = 1;
			}
		}

		if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL )
			&& !( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
		{
			Debug( LDAP_DEBUG_ANY, "meta_back_db_open(%s): "
				"target #%d inconsistent idassert configuration "
				"(likely authz=\"*\" used with \"non-prescriptive\" flag)\n",
				be->be_suffix[ 0 ].bv_val, i, 0 );
			return 1;
		}

		if ( not_always_anon_proxyauthz == 0 ) {
			if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL ) )
			{
				not_always_anon_proxyauthz = 1;
			}
		}

		if ( not_always_anon_non_prescriptive == 0 ) {
			if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
			{
				not_always_anon_non_prescriptive = 1;
			}
		}
	}

	if ( not_always == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ALWAYS;
	}

	if ( not_always_anon_proxyauthz == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ANON;

	} else if ( not_always_anon_non_prescriptive == 0 ) {
		mi->mi_flags |= META_BACK_F_PROXYAUTHZ_NOANON;
	}

	return 0;
}