int shell_back_unbind( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; FILE *rfp, *wfp; if ( si->si_unbind == NULL ) { return 0; } if ( forkandexec( si->si_unbind, &rfp, &wfp ) == (pid_t)-1 ) { return 0; } /* write out the request to the unbind process */ fprintf( wfp, "UNBIND\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "dn: %s\n", (op->o_conn->c_dn.bv_len ? op->o_conn->c_dn.bv_val : "") ); fclose( wfp ); /* no response to unbind */ fclose( rfp ); return 0; }
int shell_back_compare( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; if ( si->si_compare == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "compare not implemented" ); return( -1 ); } e.e_id = NOID; e.e_name = op->o_req_dn; e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; if ( ! access_allowed( op, &e, entry, NULL, ACL_READ, NULL ) ) { send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( forkandexec( si->si_compare, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* * FIX ME: This should use LDIF routines so that binary * values are properly dealt with */ /* write out the request to the compare process */ fprintf( wfp, "COMPARE\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); fprintf( wfp, "%s: %s\n", op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val, op->oq_compare.rs_ava->aa_value.bv_val /* could be binary! */ ); fclose( wfp ); /* read in the result and send it along */ read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); }
int shell_back_search( Backend *be, Connection *conn, Operation *op, struct berval *base, struct berval *nbase, int scope, int deref, int size, int time, Filter *filter, struct berval *filterstr, AttributeName *attrs, int attrsonly ) { struct shellinfo *si = (struct shellinfo *) be->be_private; FILE *rfp, *wfp; AttributeName *an; if ( si->si_search == NULL ) { send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, "search not implemented", NULL, NULL ); return( -1 ); } if ( (op->o_private = (void *) forkandexec( si->si_search, &rfp, &wfp )) == (void *) -1 ) { send_ldap_result( conn, op, LDAP_OTHER, NULL, "could not fork/exec", NULL, NULL ); return( -1 ); } /* write out the request to the search process */ fprintf( wfp, "SEARCH\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, be ); fprintf( wfp, "base: %s\n", base->bv_val ); fprintf( wfp, "scope: %d\n", scope ); fprintf( wfp, "deref: %d\n", deref ); fprintf( wfp, "sizelimit: %d\n", size ); fprintf( wfp, "timelimit: %d\n", time ); fprintf( wfp, "filter: %s\n", filterstr->bv_val ); fprintf( wfp, "attrsonly: %d\n", attrsonly ? 1 : 0 ); fprintf( wfp, "attrs:%s", attrs == NULL ? " all" : "" ); for ( an = attrs; an && an->an_name.bv_val; an++ ) { fprintf( wfp, " %s", an->an_name.bv_val ); } fprintf( wfp, "\n" ); fclose( wfp ); /* read in the results and send them along */ read_and_send_results( be, conn, op, rfp, attrs, attrsonly ); fclose( rfp ); return( 0 ); }
int shell_back_modrdn( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; if ( si->si_modrdn == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "modrdn not implemented" ); return( -1 ); } e.e_id = NOID; e.e_name = op->o_req_dn; e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; if ( ! access_allowed( op, &e, entry, NULL, op->oq_modrdn.rs_newSup ? ACL_WDEL : ACL_WRITE, NULL ) ) { send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( forkandexec( si->si_modrdn, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* write out the request to the modrdn process */ fprintf( wfp, "MODRDN\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); fprintf( wfp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val ); fprintf( wfp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 ); if ( op->oq_modrdn.rs_newSup != NULL ) { fprintf( wfp, "newSuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val ); } fclose( wfp ); /* read in the results and send them along */ read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); }
int shell_back_search( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; FILE *rfp, *wfp; AttributeName *an; if ( si->si_search == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "search not implemented" ); return( -1 ); } if ( forkandexec( si->si_search, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* write out the request to the search process */ fprintf( wfp, "SEARCH\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "base: %s\n", op->o_req_dn.bv_val ); fprintf( wfp, "scope: %d\n", op->oq_search.rs_scope ); fprintf( wfp, "deref: %d\n", op->oq_search.rs_deref ); fprintf( wfp, "sizelimit: %d\n", op->oq_search.rs_slimit ); fprintf( wfp, "timelimit: %d\n", op->oq_search.rs_tlimit ); fprintf( wfp, "filter: %s\n", op->oq_search.rs_filterstr.bv_val ); fprintf( wfp, "attrsonly: %d\n", op->oq_search.rs_attrsonly ? 1 : 0 ); fprintf( wfp, "attrs:%s", op->oq_search.rs_attrs == NULL ? " all" : "" ); for ( an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++ ) { fprintf( wfp, " %s", an->an_name.bv_val ); } fprintf( wfp, "\n" ); fclose( wfp ); /* read in the results and send them along */ rs->sr_attrs = op->oq_search.rs_attrs; read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); }
int shell_back_add( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; FILE *rfp, *wfp; int len; if ( si->si_add == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "add not implemented" ); return( -1 ); } if ( ! access_allowed( op, op->oq_add.rs_e, entry, NULL, ACL_WADD, NULL ) ) { send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( forkandexec( si->si_add, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* write out the request to the add process */ fprintf( wfp, "ADD\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); ldap_pvt_thread_mutex_lock( &entry2str_mutex ); fprintf( wfp, "%s", entry2str( op->oq_add.rs_e, &len ) ); ldap_pvt_thread_mutex_unlock( &entry2str_mutex ); fclose( wfp ); /* read in the result and send it along */ read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); }
int shell_back_bind( Operation *op, SlapReply *rs ) { struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; int rc; /* allow rootdn as a means to auth without the need to actually * contact the proxied DSA */ switch ( be_rootdn_bind( op, rs ) ) { case SLAP_CB_CONTINUE: break; default: return rs->sr_err; } if ( si->si_bind == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "bind not implemented" ); return( -1 ); } e.e_id = NOID; e.e_name = op->o_req_dn; e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; if ( ! access_allowed( op, &e, entry, NULL, ACL_AUTH, NULL ) ) { send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( forkandexec( si->si_bind, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* write out the request to the bind process */ fprintf( wfp, "BIND\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); fprintf( wfp, "method: %d\n", op->oq_bind.rb_method ); fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len ); fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */ fclose( wfp ); /* read in the results and send them along */ rc = read_and_send_results( op, rs, rfp ); fclose( rfp ); return( rc ); }
int shell_back_modify( Operation *op, SlapReply *rs ) { Modification *mod; struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Modifications *ml = op->orm_modlist; Entry e; FILE *rfp, *wfp; int i; if ( si->si_modify == NULL ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "modify not implemented" ); return( -1 ); } e.e_id = NOID; e.e_name = op->o_req_dn; e.e_nname = op->o_req_ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; if ( ! access_allowed( op, &e, entry, NULL, ACL_WRITE, NULL ) ) { send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); return -1; } if ( forkandexec( si->si_modify, &rfp, &wfp ) == (pid_t)-1 ) { send_ldap_error( op, rs, LDAP_OTHER, "could not fork/exec" ); return( -1 ); } /* write out the request to the modify process */ fprintf( wfp, "MODIFY\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, op->o_bd ); fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val ); for ( ; ml != NULL; ml = ml->sml_next ) { mod = &ml->sml_mod; switch ( mod->sm_op ) { case LDAP_MOD_ADD: fprintf( wfp, "add: %s\n", mod->sm_desc->ad_cname.bv_val ); break; case LDAP_MOD_DELETE: fprintf( wfp, "delete: %s\n", mod->sm_desc->ad_cname.bv_val ); break; case LDAP_MOD_REPLACE: fprintf( wfp, "replace: %s\n", mod->sm_desc->ad_cname.bv_val ); break; } if( mod->sm_values != NULL ) { for ( i = 0; mod->sm_values[i].bv_val != NULL; i++ ) { char *out = ldif_put( LDIF_PUT_VALUE, mod->sm_desc->ad_cname.bv_val, mod->sm_values[i].bv_val, mod->sm_values[i].bv_len ); if ( out ) { fprintf( wfp, "%s", out ); ber_memfree( out ); } } } fprintf( wfp, "-\n" ); } fclose( wfp ); /* read in the results and send them along */ read_and_send_results( op, rs, rfp ); fclose( rfp ); return( 0 ); }
int shell_back_bind( Backend *be, Connection *conn, Operation *op, struct berval *dn, struct berval *ndn, int method, struct berval *cred, struct berval *edn ) { struct shellinfo *si = (struct shellinfo *) be->be_private; AttributeDescription *entry = slap_schema.si_ad_entry; Entry e; FILE *rfp, *wfp; int rc; if ( si->si_bind == NULL ) { send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL, "bind not implemented", NULL, NULL ); return( -1 ); } e.e_id = NOID; e.e_name = *dn; e.e_nname = *ndn; e.e_attrs = NULL; e.e_ocflags = 0; e.e_bv.bv_len = 0; e.e_bv.bv_val = NULL; e.e_private = NULL; if ( ! access_allowed( be, conn, op, &e, entry, NULL, ACL_AUTH, NULL ) ) { send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, NULL, NULL, NULL, NULL ); return -1; } if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp )) == (void *) -1 ) { send_ldap_result( conn, op, LDAP_OTHER, NULL, "could not fork/exec", NULL, NULL ); return( -1 ); } /* write out the request to the bind process */ fprintf( wfp, "BIND\n" ); fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid ); print_suffixes( wfp, be ); fprintf( wfp, "dn: %s\n", dn->bv_val ); fprintf( wfp, "method: %d\n", method ); fprintf( wfp, "credlen: %lu\n", cred->bv_len ); fprintf( wfp, "cred: %s\n", cred->bv_val ); /* XXX */ fclose( wfp ); /* read in the results and send them along */ rc = read_and_send_results( be, conn, op, rfp, NULL, 0 ); fclose( rfp ); return( rc ); }