DWORD
VmDirReplicationLibInit(
VOID
)
{
DWORD dwError = 0;
VmDirLog( LDAP_DEBUG_TRACE, "VmDirReplicationLibInit: Begin" );
dwError = LoadReplicationAgreements( );
BAIL_ON_VMDIR_ERROR(dwError);
// fire up replication thread
dwError = InitializeReplicationThread();
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirClusterLibInit();
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "VmDirReplicationLibInit: End" );
return dwError;
error:
goto cleanup;
}
/*
* Close all opened database.
*
* Called during server shutdown, so it is safe to access gVdirMdbGlobals
* w/o protection.
*/
static
void
MDBCloseDBs(
PVDIR_MDB_DB pDB
)
{
VmDirLog( LDAP_DEBUG_TRACE, "MdbCloseDBs: Begin" );
if (pDB->mdbEntryDB.pMdbDataFiles)
{
// close entry db
mdb_close(pDB->mdbEnv, pDB->mdbEntryDB.pMdbDataFiles[0].mdbDBi);
}
// close sequence db
if (pDB->mdbSeqDBi)
{
mdb_close(pDB->mdbEnv, pDB->mdbSeqDBi);
}
// close generic dbs
if (pDB->mdbGenericDupKeyDBi)
{
mdb_close(pDB->mdbEnv, pDB->mdbGenericDupKeyDBi);
}
if (pDB->mdbGenericUniqKeyDBi)
{
mdb_close(pDB->mdbEnv, pDB->mdbGenericUniqKeyDBi);
}
VmDirLog( LDAP_DEBUG_TRACE, "MdbCloseDBs: End" );
}
/*
* Open Entry/Blob Database.
*
* Called during server startup, so it is safe to access gVdirMdbGlobals
* w/o protection.
*/
static
DWORD
MDBOpenMainDB(
PVDIR_MDB_DB pDB
)
{
DWORD dwError = 0;
unsigned int iDbFlags = 0;
VmDirLog( LDAP_DEBUG_TRACE, "MdbOpenDBs: Begin" );
// default database has unique key. i.e. no DUP key allowed.
iDbFlags |= MDB_CREATE;
// iDbFlags |= MDB_INTEGERKEY; our keys do not have same size
dwError = MDBOpenDB(pDB,
&pDB->mdbEntryDB.pMdbDataFiles[0].mdbDBi,
pDB->mdbEntryDB.pMdbDataFiles[0].pszDBName,
pDB->mdbEntryDB.pMdbDataFiles[0].pszDBFile,
pDB->mdbEntryDB.btKeyCmpFcn,
iDbFlags);
BAIL_ON_VMDIR_ERROR( dwError );
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "MdbOpenDBs: End" );
return dwError;
error:
goto cleanup;
}
/* NotFilterResults: Move the src filter candidates one level up in the filter tree to dst filter candidates,
* and in this process negate the computeResult, if set, or negative the "positive" flag in src candidates.
*
*/
void
NotFilterResults(
VDIR_FILTER * src,
VDIR_FILTER * dst)
{
VmDirLog( LDAP_DEBUG_TRACE, "NotFilterResults: Begin" );
switch( src->computeResult )
{
case FILTER_RES_NORMAL:
dst->computeResult = FILTER_RES_NORMAL;
break;
case FILTER_RES_TRUE:
dst->computeResult = FILTER_RES_FALSE;
goto done;
case FILTER_RES_FALSE:
dst->computeResult = FILTER_RES_TRUE;
goto done;
case FILTER_RES_UNDEFINED:
dst->computeResult = FILTER_RES_UNDEFINED;
goto done;
default:
assert( FALSE );
}
if (src->candidates == NULL)
{
goto done;
}
dst->candidates = src->candidates;
dst->candidates->positive = src->candidates->positive ? FALSE : TRUE;
src->candidates = NULL;
done:
VmDirLog( LDAP_DEBUG_TRACE, "NotFilterResults: End" );
}
PVDIR_CANDIDATES
NewCandidates(
int startAllocSize,
BOOLEAN positive)
{
VDIR_CANDIDATES * cans = NULL;
int retVal = 0;
VmDirLog( LDAP_DEBUG_TRACE, "NewCandidates: Begin" );
assert( startAllocSize >= 0);
retVal = VmDirAllocateMemory( sizeof( VDIR_CANDIDATES ), (PVOID *)&cans );
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirAllocateMemory( startAllocSize * sizeof( ENTRYID ), (PVOID *)&cans->eIds );
BAIL_ON_VMDIR_ERROR( retVal );
cans->size = 0;
cans->max = startAllocSize;
cans->positive = positive;
cans->eIdsSorted = FALSE;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "NewCandidates: End" );
return cans;
error:
cans = NULL;
goto cleanup;
}
DWORD
VmDirAppendAMod(
PVDIR_OPERATION pOperation,
int modOp,
char * attrName,
int attrNameLen,
char * attrVal,
size_t attrValLen
)
{
DWORD dwError = 0;
VDIR_MODIFICATION * mod = NULL;
ModifyReq * modReq = &(pOperation->request.modifyReq);
VmDirLog( LDAP_DEBUG_TRACE, "appendAMod: Begin, entry DN = %s", modReq->dn.lberbv.bv_val );
dwError = VmDirAllocateMemory( sizeof( VDIR_MODIFICATION ), (PVOID *)&(mod) );
BAIL_ON_VMDIR_ERROR( dwError );
mod->operation = modOp;
mod->attr.next = NULL;
if ((mod->attr.pATDesc = VmDirSchemaAttrNameToDesc( pOperation->pSchemaCtx, attrName)) == NULL)
{
VmDirLog( LDAP_DEBUG_ANY, "appendAMod: VmDirSchemaAttrNameToDesc failed.");
dwError = -1; /* Any value except 0 should do. */
BAIL_ON_VMDIR_ERROR( dwError );
}
mod->attr.type.lberbv.bv_val = mod->attr.pATDesc->pszName;
mod->attr.type.lberbv.bv_len = VmDirStringLenA(mod->attr.pATDesc->pszName);
dwError = VmDirAllocateMemory( 2 * sizeof( VDIR_BERVALUE ), (PVOID *)&(mod->attr.vals) );
BAIL_ON_VMDIR_ERROR( dwError );
if ( attrVal && attrValLen > 0 )
{
dwError = VmDirAllocateMemory( attrValLen + 1, (PVOID *)&(mod->attr.vals[0].lberbv.bv_val) );
BAIL_ON_VMDIR_ERROR( dwError );
dwError = VmDirCopyMemory( mod->attr.vals[0].lberbv.bv_val, attrValLen + 1, attrVal, attrValLen);
BAIL_ON_VMDIR_ERROR( dwError );
mod->attr.vals[0].lberbv.bv_len = attrValLen;
mod->attr.vals[0].bOwnBvVal = TRUE;
mod->attr.numVals = 1;
}
mod->next = modReq->mods;
modReq->mods = mod;
modReq->numMods++;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "appendAMod: End." );
return dwError;
error:
goto cleanup;
}
int
VmDirExternalOperationCreate(
BerElement* ber,
ber_int_t msgId,
ber_tag_t reqCode,
PVDIR_CONNECTION pConn,
PVDIR_OPERATION* ppOperation
)
{
int retVal = 0;
PVDIR_OPERATION pOperation = NULL;
VmDirLog( LDAP_DEBUG_TRACE, "NewOperation: Begin" );
retVal = VmDirAllocateMemory( sizeof(*pOperation), (PVOID *)&pOperation );
BAIL_ON_VMDIR_ERROR( retVal );
pOperation->protocol = 0;
pOperation->reqCode = reqCode;
pOperation->ber = ber;
pOperation->msgId = msgId;
pOperation->conn = pConn;
pOperation->opType = VDIR_OPERATION_TYPE_EXTERNAL;
retVal = VmDirAllocateMemory( sizeof(*pOperation->pBECtx), (PVOID)&(pOperation->pBECtx));
BAIL_ON_VMDIR_ERROR( retVal );
retVal = VmDirSchemaCtxAcquire(&pOperation->pSchemaCtx);
BAIL_ON_VMDIR_ERROR( retVal );
pOperation->lowestPendingUncommittedUsn = 0;
if ( pOperation->reqCode == LDAP_REQ_ADD )
{
retVal = VmDirAllocateMemory( sizeof(*(pOperation->request.addReq.pEntry)),
(PVOID)&(pOperation->request.addReq.pEntry) );
BAIL_ON_VMDIR_ERROR( retVal );
}
*ppOperation = pOperation;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "%s: End", __FUNCTION__ );
return retVal;
error:
VmDirLog( LDAP_DEBUG_TRACE, "%s: acquire schema context failed",
__FUNCTION__ );
VmDirFreeOperation(pOperation);
*ppOperation = NULL;
goto cleanup;
}
static
DWORD
VdirSubstrMatchingRuleLoad(
VOID
)
{
DWORD dwError = 0;
DWORD dwCnt = 0;
static VDIR_MATCHING_RULE_DESC gSubstrMatchingRuleTbl[] =
VDIR_SUBSTR_MATCHING_RULE_INIT_TABLE_INITIALIZER;
if (gVdirMatchingRuleGlobals.pSubstrMatchingRule)
{
return 0;
}
gVdirMatchingRuleGlobals.pSubstrMatchingRule = &gSubstrMatchingRuleTbl[0];
gVdirMatchingRuleGlobals.usSubstrMRSize = sizeof(gSubstrMatchingRuleTbl)/sizeof(gSubstrMatchingRuleTbl[0]);
qsort(gVdirMatchingRuleGlobals.pSubstrMatchingRule,
gVdirMatchingRuleGlobals.usSubstrMRSize,
sizeof(VDIR_MATCHING_RULE_DESC),
matchingrulePSyntaxOidCmp);
for (dwCnt = 0; dwCnt < gVdirMatchingRuleGlobals.usSubstrMRSize; dwCnt++)
{
PSTR pszOid = gVdirMatchingRuleGlobals.pSubstrMatchingRule[dwCnt].pszSyntaxOid;
PVDIR_SYNTAX_DESC pSyntax = NULL;
dwError = VdirSyntaxLookupByOid(pszOid, &pSyntax);
BAIL_ON_VMDIR_ERROR(dwError);
gVdirMatchingRuleGlobals.pSubstrMatchingRule[dwCnt].pSyntax = pSyntax;
}
#ifdef LDAP_DEBUG
VmDirLog( LDAP_DEBUG_TRACE, "Supported Substr MatchingRules" );
for (dwCnt=0; dwCnt<gVdirMatchingRuleGlobals.usSubstrMRSize; dwCnt++)
{
VmDirLog( LDAP_DEBUG_TRACE, "[%3d][%28s](%s)\n", dwCnt,
gVdirMatchingRuleGlobals.pSubstrMatchingRule[dwCnt].pszName,
gVdirMatchingRuleGlobals.pSubstrMatchingRule[dwCnt].pszOid);
}
#endif
cleanup:
return dwError;
error:
goto cleanup;
}
/*
* BDB configuration are done in two stages -
* 1. startup stage for fix DB (i.e. non configurable one like ENTRY)
* in InitBdbConfig()
* 2. cn=indices stage to open all index DB
* in InitializeBDBIndexDB
*
*/
DWORD
InitBdbConfig()
{
DWORD dwError = 0;
VmDirLog( LDAP_DEBUG_TRACE, "InitBdbConfig: Begin" );
// Initialize entry database
dwError = VmDirAllocateMemory(
sizeof(VDIR_CFG_BDB_DATAFILE_DESC) * 1,
(PVOID)&gVdirBdbGlobals.bdbEntryDB.pBdbDataFiles);
BAIL_ON_VMDIR_ERROR(dwError);
gVdirBdbGlobals.bdbEntryDB.usNumDataFiles = 1;
gVdirBdbGlobals.bdbEntryDB.pBdbDataFiles[0].bIsUnique = TRUE;
dwError = VmDirAllocateStringA(
VMDIR_ENTRY_DB,
&gVdirBdbGlobals.bdbEntryDB.pBdbDataFiles[0].pszDBName);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirAllocateStringA(
VMDIR_DB_FILE_NAME,
&gVdirBdbGlobals.bdbEntryDB.pBdbDataFiles[0].pszDBFile);
BAIL_ON_VMDIR_ERROR(dwError);
gVdirBdbGlobals.bdbEntryDB.btKeyCmpFcn = NULL;
// Set hard limit of MAX index attribute
//TODO, could make this configurable
gVdirBdbGlobals.bdbIndexDBs.usMaxSize = BDB_MAX_INDEX_ATTRIBUTE;
dwError = VmDirAllocateMemory(
sizeof(VDIR_BDB_INDEX_DATABASE) * BDB_MAX_INDEX_ATTRIBUTE,
(PVOID)&gVdirBdbGlobals.bdbIndexDBs.pIndexDBs);
BAIL_ON_VMDIR_ERROR(dwError);
VmDirLog( LDAP_DEBUG_TRACE, "InitBdbConfig: End" );
cleanup:
return dwError;
error:
goto cleanup;
}
/*
* add ENTRYID to candidate list
*/
DWORD
VmDirAddToCandidates(
PVDIR_CANDIDATES pCands,
ENTRYID eId
)
{
DWORD dwError = 0;
assert(pCands);
if (pCands->size == pCands->max)
{
dwError = VmDirReallocCandidates(pCands);
BAIL_ON_VMDIR_ERROR(dwError);
}
pCands->eIds[pCands->size] = eId;
pCands->size++;
VmDirLog( LDAP_DEBUG_TRACE, "AddToCandidates: eId = %lld", eId );
error:
return dwError;
}
static
DWORD
_VmDirSASLGSSBind(
LDAP* pLD
)
{
DWORD dwError = 0;
dwError = ldap_sasl_interactive_bind_s( pLD,
NULL,
"GSSAPI",
NULL,
NULL,
LDAP_SASL_QUIET,
_VmDirSASLInteraction,
NULL);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
return dwError;
error:
VmDirLog(LDAP_DEBUG_ANY, "VmDirSASLGSSBind failed. (%d)(%s)\n", dwError, ldap_err2string(dwError));
goto cleanup;
}
DWORD
VmDirAllocateMemory(
size_t dwSize,
PVOID* ppMemory
)
{
DWORD dwError = 0;
void* pMemory = NULL;
if (!ppMemory || !dwSize)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
pMemory = calloc(1, dwSize);
if (!pMemory)
{
dwError = ERROR_NO_MEMORY;
BAIL_ON_VMDIR_ERROR(dwError);
}
cleanup:
*ppMemory = pMemory;
return dwError;
error:
VMDIR_SAFE_FREE_MEMORY(pMemory);
pMemory = NULL;
VmDirLog( LDAP_DEBUG_ANY, "VmDirAllocateMemory failed, (%u) requested.", dwSize );
goto cleanup;
}
static
VOID
VmDirRegConfigHandleClose(
PVMDIR_CONFIG_CONNECTION_HANDLE pCfgHandle
)
{
#ifndef _WIN32
if (pCfgHandle->hConnection)
{
if (pCfgHandle->hKey)
{
DWORD dwError = RegCloseKey(
pCfgHandle->hConnection,
pCfgHandle->hKey);
if (dwError != 0)
{ // Do not bail, best effort to cleanup.
VmDirLog(
LDAP_DEBUG_ANY,
"RegCloseKey failed, Error code: (%u)(%s)",
dwError,
VDIR_SAFE_STRING(LwWin32ErrorToName(dwError)));
}
}
RegCloseServer(pCfgHandle->hConnection);
}
#else
if (pCfgHandle->hKey)
{
RegCloseKey(pCfgHandle->hKey);
}
#endif
VMDIR_SAFE_FREE_MEMORY(pCfgHandle);
}
/*
* Create an Attribute on the heap and establish its pATDesc
* two memory allocate
* 1. pAttribute
* 2. pAttribute->vals (BerValue array is one more then requested)
*/
DWORD
VmDirAttributeAllocate(
PCSTR pszName,
USHORT usBerSize,
PVDIR_SCHEMA_CTX pCtx,
PVDIR_ATTRIBUTE* ppOutAttr)
{
DWORD dwError = 0;
PVDIR_ATTRIBUTE pAttr = NULL;
if (!ppOutAttr)
{
return 0;
}
dwError = VmDirAllocateMemory(
sizeof(VDIR_ATTRIBUTE),
(PVOID*)&pAttr);
BAIL_ON_VMDIR_ERROR(dwError);
// add one more BerValue as Encode/Decode entry in data store layer needs it.
dwError = VmDirAllocateMemory(
sizeof(VDIR_BERVALUE) * (usBerSize + 1),
(PVOID*)&pAttr->vals);
BAIL_ON_VMDIR_ERROR(dwError);
pAttr->numVals = usBerSize;
pAttr->pATDesc = VmDirSchemaAttrNameToDesc(
pCtx,
pszName);
if (!pAttr->pATDesc)
{
dwError = VMDIR_ERROR_NO_SUCH_ATTRIBUTE;
BAIL_ON_VMDIR_ERROR(dwError);
}
// pAttr->type.lberbv.bv_val always store in-place
pAttr->type.lberbv.bv_val = pAttr->pATDesc->pszName;
pAttr->type.lberbv.bv_len = VmDirStringLenA(pAttr->type.lberbv.bv_val);
*ppOutAttr = pAttr;
cleanup:
return dwError;
error:
if (pAttr)
{
VmDirFreeAttribute(pAttr);
}
VmDirLog( LDAP_DEBUG_ANY, "AllocateAttribute failed (%d)(%s)",
dwError, VDIR_SAFE_STRING(pszName));
goto cleanup;
}
DWORD
VmDirComputeEncodedEntrySize(
PVDIR_ENTRY pEntry,
int * nAttrs,
int * nVals,
ber_len_t* pEncodedEntrySize)
{
DWORD dwError = 0;
ber_len_t size = 0;
int i = 0;
PVDIR_ATTRIBUTE pAttr = NULL;
VmDirLog( LDAP_DEBUG_TRACE, "ComputeEncodedEntrySize: Begin, DN: %s", pEntry->dn.lberbv.bv_val );
if ( pEntry == NULL || nAttrs == NULL || nVals == NULL || pEncodedEntrySize == NULL)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
*nAttrs = *nVals = 0;
size += LEN_OF_LEN; // to store number of attributes
size += LEN_OF_LEN; // to store number of attribute values
for (pAttr = pEntry->attrs; pAttr != NULL; pAttr = pAttr->next, (*nAttrs)++)
{
size += LEN_OF_LEN; // store attribute id map in 2 bytes
size += LEN_OF_LEN; // to store number of attribute values
for (i = 0; pAttr->vals[i].lberbv.bv_val; i++, (*nVals)++)
{
size += LEN_OF_LEN; // to store attribute value len
size += pAttr->vals[i].lberbv.bv_len + 1; // trailing NUL byte
}
(*nVals)++; // Empty (with bv_val = NULL) BerValue at the end
}
*pEncodedEntrySize = size;
error:
VmDirLog( LDAP_DEBUG_TRACE, "ComputeEncodedEntrySize: End, Size: %ld", size );
return dwError;
}
void
DeleteCandidates(
VDIR_CANDIDATES **cans)
{
VmDirLog( LDAP_DEBUG_TRACE, "DeleteCandidates: Begin" );
if (cans)
{
if (*cans)
{
VMDIR_SAFE_FREE_MEMORY( (*cans)->eIds );
VMDIR_SAFE_FREE_MEMORY( *cans );
}
*cans = NULL;
}
VmDirLog( LDAP_DEBUG_TRACE, "DeleteCandidates: End" );
}
/*
* Mark MUST attributes presented.
*/
static
DWORD
_VmDirSchemaCheckMustAttrPresent(
PVDIR_SCHEMA_CTX pCtx,
PVDIR_SCHEMA_OC_DESC pOCDesc,
PVDIR_ENTRY pEntry,
PBOOLEAN pbPresentList
)
{
DWORD dwError = 0;
int iCnt = 0;
assert(pCtx && pOCDesc && pEntry && pbPresentList);
for (iCnt = 0; pOCDesc->ppAllMustATs[iCnt] != NULL; iCnt++)
{
int iIdx = 0;
PVDIR_ATTRIBUTE pAttr = pEntry->attrs;
for (iIdx = 0; pAttr != NULL; pAttr = pAttr->next, iIdx++)
{
if (pAttr->pATDesc->usAttrID == pOCDesc->ppAllMustATs[iCnt]->usAttrID)
{
pbPresentList[iIdx] = TRUE; // find must attribute
break;
}
}
// ignore missing "nTSecurityDescriptor" must attribute for now.
// ADSI needs it to be a must attribute. However, it is NOT easy/clean to make and
// enforce this change in Lotus. (e.g. in VmDirInteralAddEntry, schema check is called
// prior to SD generation currently.)
// TODO, clean up SD generation in bootstratp/promo/normal paths.
if ( pAttr == NULL
&&
VmDirStringCompareA( pOCDesc->ppAllMustATs[iCnt]->pszName,
ATTR_OBJECT_SECURITY_DESCRIPTOR,
FALSE) != 0
)
{
VMDIR_SAFE_FREE_MEMORY(pCtx->pszErrorMsg);
VmDirAllocateStringAVsnprintf(&pCtx->pszErrorMsg,
"Missing must attribute (%s)",
VDIR_SAFE_STRING(pOCDesc->ppAllMustATs[iCnt]->pszName));
VmDirLog( LDAP_DEBUG_ANY, "%s", pCtx->pszErrorMsg);
dwError = pCtx->dwErrorCode = ERROR_INVALID_ENTRY;
BAIL_ON_VMDIR_ERROR(dwError);
}
}
error:
return dwError;
}
DWORD
VmDirInitializeEntry(
VDIR_ENTRY * e,
VDIR_ENTRY_ALLOCATION_TYPE allocType,
int nAttrs,
int nVals
)
{
DWORD dwError = 0;
PVDIR_ATTRIBUTE pLocalAttrs = NULL;
PVDIR_BERVALUE pLocalBervs = NULL;
VDIR_BERVALUE localDNBerv = VDIR_BERVALUE_INIT;
VmDirLog( LDAP_DEBUG_TRACE, "InitializeEntry: Begin, allocType = %d", allocType );
e->allocType = allocType;
e->dn = localDNBerv;
dwError = VmDirAllocateMemory( nAttrs * sizeof(VDIR_ATTRIBUTE), (PVOID *)&pLocalAttrs);
BAIL_ON_VMDIR_ERROR( dwError );
dwError = VmDirAllocateMemory( nVals * sizeof( VDIR_BERVALUE ), (PVOID *)&pLocalBervs );
BAIL_ON_VMDIR_ERROR( dwError );
e->pAclCtx = NULL;
e->pszGuid = NULL;
e->attrs = pLocalAttrs;
e->savedAttrsPtr = e->attrs;
e->bvs = pLocalBervs;
e->usNumBVs = nVals;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "InitializeEntry: End" );
return dwError;
error:
VMDIR_SAFE_FREE_MEMORY(pLocalAttrs);
VMDIR_SAFE_FREE_MEMORY(pLocalBervs);
goto cleanup;
}
/*
* MDB has not SEQUENCE support.
* Use a separate database and have one record representing one logic sequence.
*/
static
DWORD
MDBOpenSequence(
PVDIR_MDB_DB pDB
)
{
DWORD dwError = 0;
unsigned int iDbFlags = 0;
VDIR_DB mdbDBi = 0;
VmDirLog( LDAP_DEBUG_TRACE, "MdbOpenSequence: Begin" );
// default database has unique key. i.e. no DUP key allowed.
iDbFlags |= MDB_CREATE;
// iDbFlags |= MDB_INTEGERKEY; our keys do not have same size
dwError = MDBOpenDB( pDB,
&mdbDBi,
BE_MDB_SEQ_DB_NAME,
pDB->mdbEntryDB.pMdbDataFiles[0].pszDBFile, // use same file as Entry DB
NULL,
iDbFlags);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = MDBInitSequence(pDB, mdbDBi);
BAIL_ON_VMDIR_ERROR(dwError);
pDB->mdbSeqDBi = mdbDBi;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "MdbOpenSequence: End" );
return dwError;
error:
goto cleanup;
}
/*
* Called during entry add
*
* grouptype :
*
http://msdn.microsoft.com/en-us/library/windows/desktop/ms675935%28v=vs.85%29.aspx
Value Description
1 (0x00000001) Specifies a group that is created by the system.
2 (0x00000002) Specifies a group with global scope.
4 (0x00000004) Specifies a group with domain local scope.
8 (0x00000008) Specifies a group with universal scope.
16 (0x00000010) Specifies an APP_BASIC group for Windows Server Authorization Manager.
32 (0x00000020) Specifies an APP_QUERY group for Windows Server Authorization Manager.
2147483648 (0x80000000) Specifies a security group. If this flag is not set, then the group is a distribution group.
Currently, Lotus only supports global scope (2).
*/
DWORD
VmDirPluginGroupTypePreAdd(
PVDIR_OPERATION pOperation,
PVDIR_ENTRY pEntry,
DWORD dwPriorResult
)
{
DWORD dwError = 0;
PSTR pszLocalErrorMsg = NULL;
if ( pOperation->opType != VDIR_OPERATION_TYPE_REPL
&&
TRUE == VmDirIsEntryWithObjectclass(pEntry, OC_GROUP)
)
{
PVDIR_ATTRIBUTE pAttrGroupType = VmDirFindAttrByName(pEntry, ATTR_GROUPTYPE);
if (pAttrGroupType == NULL)
{
dwError = VmDirEntryAddSingleValueStrAttribute(pEntry, ATTR_GROUPTYPE, GROUPTYPE_GLOBAL_SCOPE);
BAIL_ON_VMDIR_ERROR(dwError);
}
else
{
if ( pAttrGroupType->numVals != 1 // grouptype is a single value attribute
||
VmDirStringCompareA( VDIR_SAFE_STRING( pAttrGroupType->vals[0].lberbv.bv_val),
GROUPTYPE_GLOBAL_SCOPE, FALSE) != 0
)
{
dwError = ERROR_INVALID_ENTRY;
BAIL_ON_VMDIR_ERROR_WITH_MSG( dwError, pszLocalErrorMsg, "invalid or unsupported grouptype (%s)",
VDIR_SAFE_STRING( pAttrGroupType->vals[0].lberbv.bv_val));
}
}
}
cleanup:
VMDIR_SAFE_FREE_MEMORY(pszLocalErrorMsg);
return dwError;
error:
VmDirLog( LDAP_DEBUG_ANY, "Group check: (%d)(%s)", dwError, VDIR_SAFE_STRING(pszLocalErrorMsg));
VMDIR_APPEND_ERROR_MSG(pOperation->ldapResult.pszErrMsg, pszLocalErrorMsg);
goto cleanup;
}
/*
* Close all opened DBs and free environment
*/
DWORD
VmDirMDBShutdownDB(
PVDIR_DB_HANDLE hDB
)
{
PVDIR_MDB_DB pDB = (PVDIR_MDB_DB)hDB;
VmDirLog( LDAP_DEBUG_TRACE, "MDBShutdownDB: Begin" );
VmDirLogDBStats(pDB);
if (pDB->mdbEnv != NULL)
{
MDBCloseDBs(pDB);
VmDirMDBShutdownIndexDB(pDB);
// force buffer sync
mdb_env_sync(pDB->mdbEnv, 1);
mdb_env_close(pDB->mdbEnv);
pDB->mdbEnv = NULL;
}
if (pDB->mdbEntryDB.pMdbDataFiles)
{
VMDIR_SAFE_FREE_MEMORY(pDB->mdbEntryDB.pMdbDataFiles->pszDBFile);
VMDIR_SAFE_FREE_MEMORY(pDB->mdbEntryDB.pMdbDataFiles->pszDBName);
VMDIR_SAFE_FREE_MEMORY(pDB->mdbEntryDB.pMdbDataFiles);
}
VMDIR_SAFE_FREE_MEMORY(pDB->pszDBPath);
VMDIR_SAFE_FREE_MEMORY(pDB);
VmDirLog( LDAP_DEBUG_TRACE, "MDBShutdownDB: End" );
return 0;
}
static
DWORD
MDBOpenGeneric(
PVDIR_MDB_DB pDB
)
{
DWORD dwError = 0;
unsigned int iDbFlags = 0;
VDIR_DB mdbDBi = 0;
assert(pDB);
iDbFlags |= MDB_CREATE;
dwError = MDBOpenDB(
pDB,
&mdbDBi,
BE_MDB_GENERIC_UNIQKEY_DB_NAME,
pDB->mdbEntryDB.pMdbDataFiles[0].pszDBFile, // use same file as Entry DB
NULL,
iDbFlags);
BAIL_ON_VMDIR_ERROR(dwError);
pDB->mdbGenericUniqKeyDBi = mdbDBi;
iDbFlags |= MDB_DUPSORT; // allow dup keys
dwError = MDBOpenDB(
pDB,
&mdbDBi,
BE_MDB_GENERIC_DUPKEY_DB_NAME,
pDB->mdbEntryDB.pMdbDataFiles[0].pszDBFile, // use same file as Entry DB
NULL,
iDbFlags);
BAIL_ON_VMDIR_ERROR(dwError);
pDB->mdbGenericDupKeyDBi = mdbDBi;
cleanup:
VmDirLog( LDAP_DEBUG_TRACE, "MDBOpenGeneric: End" );
return dwError;
error:
goto cleanup;
}
VOID
VmDirRpcFreeMemory(
PVOID pMemory
)
{
idl_ulong_int ulStatus = 0;
if (pMemory)
{
rpc_sm_free(pMemory, &ulStatus);
if (ulStatus != rpc_s_ok)
{
VmDirLog( LDAP_DEBUG_ANY, "VmDirRpcFreeMemory failed, status (%u)", ulStatus);
}
}
}
DWORD
VmDirSrvSetupTenantInstance(
PCSTR pszFQDomainName,
PCSTR pszUsername,
PCSTR pszPassword
)
{
DWORD dwError = 0;
PSTR pszDomainDN = NULL;
PVDIR_SCHEMA_CTX pSchemaCtx = NULL;
VMDIR_LOG_INFO(VMDIR_LOG_MASK_ALL, "Setting up a tenant instance (%s).",
VDIR_SAFE_STRING(pszFQDomainName));
dwError = VmDirSrvCreateDomainDN(pszFQDomainName, &pszDomainDN);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSchemaCtxAcquire(&pSchemaCtx);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSrvSetupDomainInstance(
pSchemaCtx,
FALSE,
FALSE,
pszFQDomainName,
pszDomainDN,
pszUsername,
pszPassword);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
VMDIR_SAFE_FREE_MEMORY(pszDomainDN);
if (pSchemaCtx)
{
VmDirSchemaCtxRelease(pSchemaCtx);
}
return dwError;
error:
VmDirLog(LDAP_DEBUG_ANY, "VmDirSrvSetupTenantInstance failed. Error(%u)", dwError);
goto cleanup;
}
DWORD
VmDirReallocateMemory(
PVOID pMemory,
PVOID* ppNewMemory,
size_t dwSize
)
{
DWORD dwError = 0;
void* pNewMemory = NULL;
if (!ppNewMemory)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
if (pMemory)
{
pNewMemory = realloc(pMemory, dwSize);
}
else
{
dwError = VmDirAllocateMemory(dwSize, &pNewMemory);
BAIL_ON_VMDIR_ERROR(dwError);
}
if (!pNewMemory)
{
dwError = ERROR_NO_MEMORY;
BAIL_ON_VMDIR_ERROR(dwError);
}
*ppNewMemory = pNewMemory;
cleanup:
return dwError;
error:
VmDirLog( LDAP_DEBUG_ANY, "VmDirReallocateMemory failed, (%u) requested.", dwSize );
goto cleanup;
}
DWORD
VmDirConfigSetDefaultSiteandLduGuid(
PCSTR pszDefaultSiteGuid,
PCSTR pszDefaultLduGuid
)
#ifndef _WIN32
{
DWORD dwError = 0;
if (IsNullOrEmptyString(pszDefaultSiteGuid) || IsNullOrEmptyString(pszDefaultLduGuid))
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(dwError);
}
dwError = RegUtilSetValue(
NULL,
HKEY_THIS_MACHINE,
VMDIR_CONFIG_PARAMETER_KEY_PATH,
NULL,
VMDIR_REG_KEY_SITE_GUID,
REG_SZ,
(PVOID)pszDefaultSiteGuid,
VmDirStringLenA(pszDefaultSiteGuid)+1);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = RegUtilSetValue(
NULL,
HKEY_THIS_MACHINE,
VMDIR_CONFIG_PARAMETER_KEY_PATH,
NULL,
VMDIR_REG_KEY_LDU_GUID,
REG_SZ,
(PVOID)pszDefaultLduGuid,
VmDirStringLenA(pszDefaultLduGuid)+1);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
return dwError;
error:
VmDirLog(LDAP_DEBUG_ANY, "VmDirConfigSetDefaultSiteandLduGuid failed with error (%u)", dwError);
goto cleanup;
}
ULONG
VmDirRpcAllocateMemory(
size_t size,
PVOID* ppMemory
)
{
ULONG ulError = 0;
PVOID pMemory = NULL;
idl_ulong_int ulStatus = 0;
if (size <= 0 || !ppMemory)
{
ulError = VMDIR_ERROR_INVALID_PARAMETER;
BAIL_ON_VMDIR_ERROR(ulError);
}
pMemory = rpc_sm_allocate((idl_size_t) size, &ulStatus);
if ( ulStatus != rpc_s_ok || !pMemory)
{
ulError = VMDIR_ERROR_NO_MEMORY;
BAIL_ON_VMDIR_ERROR(ulError);
}
memset(pMemory,0, size);
*ppMemory = pMemory;
cleanup:
return ulError;
error:
VmDirLog( LDAP_DEBUG_ANY, "VmDirRpcAllocateMemory failed, size (%u), status (%u), error (%u)",
size, ulStatus, ulError);
if (ppMemory)
{
*ppMemory = NULL;
}
goto cleanup;
}
DWORD
VmDirGetVmDirLogPath(
PSTR pszPath,
PCSTR pszLogFile)
{
DWORD dwError = 0;
#ifndef _WIN32
//BUGBUG, should NOT hard code path
dwError = VmDirStringCpyA(pszPath, MAX_PATH, "/var/log/vmware/vmdir/");
BAIL_ON_VMDIR_ERROR(dwError);
#else
_TCHAR* programDataPath = NULL;
if ((dwError = VmDirGetRegKeyValue( VMDIR_CONFIG_SOFTWARE_KEY_PATH, VMDIR_REG_KEY_LOG_PATH, pszPath,
MAX_PATH )) != 0)
{
dwError = VmDirGetProgramDataEnvVar((_TCHAR *)"PROGRAMDATA", &programDataPath);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirStringPrintFA(pszPath, MAX_PATH, "%s%s", programDataPath, "\\vmware\\cis\\logs\\vmdird\\");
BAIL_ON_VMDIR_ERROR(dwError);
}
#endif
dwError = VmDirStringCatA(pszPath, MAX_PATH, pszLogFile);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
#ifdef _WIN32
VMDIR_SAFE_FREE_MEMORY(programDataPath);
#endif
return dwError;
error:
VmDirLog(LDAP_DEBUG_ERROR, "VmDirGetVmDirLogPath failed with error (%u)\n", dwError);
goto cleanup;
}
/* UnionCandidates: Take a union of 2 candidates lists.
*
*/
static void
UnionCandidates(
VDIR_CANDIDATES ** srcCandidates,
VDIR_CANDIDATES ** dstCandidates)
{
DWORD dwError = 0;
VDIR_CANDIDATES * resCandidates = NULL;
int i = 0;
int j = 0;
VmDirLog( LDAP_DEBUG_TRACE, "UnionCandidates: Begin" );
assert( srcCandidates != NULL && *srcCandidates != NULL && dstCandidates != NULL && *dstCandidates != NULL );
assert( (*srcCandidates)->positive == (*dstCandidates)->positive );
if ((*srcCandidates)->size == 0)
{
goto done;
}
if ((*dstCandidates)->size == 0)
{
DeleteCandidates( dstCandidates );
*dstCandidates = *srcCandidates;
*srcCandidates = NULL;
goto done;
}
if ((*dstCandidates)->eIdsSorted == FALSE)
{
qsort ( (*dstCandidates)->eIds, (*dstCandidates)->size, sizeof( ENTRYID ), _VmDirCompareEntryIds );
(*dstCandidates)->eIdsSorted = TRUE;
}
if ((*srcCandidates)->eIdsSorted == FALSE)
{
qsort ( (*srcCandidates)->eIds, (*srcCandidates)->size, sizeof( ENTRYID ), _VmDirCompareEntryIds );
(*srcCandidates)->eIdsSorted = TRUE;
}
resCandidates = NewCandidates( (*srcCandidates)->size + (*dstCandidates)->size, (*srcCandidates)->positive );
for (i = 0, j = 0; (i < (*srcCandidates)->size) && (j < (*dstCandidates)->size); )
{
if ((*srcCandidates)->eIds[i] < (*dstCandidates)->eIds[j])
{
dwError = VmDirAddToCandidates( resCandidates, (*srcCandidates)->eIds[i]);
BAIL_ON_VMDIR_ERROR(dwError);
i++;
continue;
}
if ((*dstCandidates)->eIds[j] < (*srcCandidates)->eIds[i])
{
dwError = VmDirAddToCandidates( resCandidates, (*dstCandidates)->eIds[j]);
BAIL_ON_VMDIR_ERROR(dwError);
j++;
continue;
}
dwError = VmDirAddToCandidates( resCandidates, (*dstCandidates)->eIds[j]);
BAIL_ON_VMDIR_ERROR(dwError);
i++;
j++;
}
for (; i < (*srcCandidates)->size; i++)
{
dwError = VmDirAddToCandidates( resCandidates, (*srcCandidates)->eIds[i]);
BAIL_ON_VMDIR_ERROR(dwError);
}
for (; j < (*dstCandidates)->size; j++)
{
dwError = VmDirAddToCandidates( resCandidates, (*dstCandidates)->eIds[j]);
BAIL_ON_VMDIR_ERROR(dwError);
}
resCandidates->eIdsSorted = TRUE;
DeleteCandidates( dstCandidates );
*dstCandidates = resCandidates;
done:
VmDirLog( LDAP_DEBUG_TRACE, "UnionCandidates: End" );
return;
error:
DeleteCandidates( dstCandidates );
resCandidates->size = 0;
*dstCandidates = resCandidates;
goto done;
}
/* OrFilterResults: ORs src filter processing result (computeResult and candidates list) with the dst filter
* processing result (computeResult and candidates list). For an AND top level filter, this function is expected to be
* called first for the "positive" filter components, and then for the "negative" filter components.
*
* Cases that are handled are:
* - both src and dst are positive candidates list. => Intersection needs to be done.
* - both src and dst are negative candidates list. => Union is needed.
* - dst is positive candidates list and src is negative candidates list. => Subtraction is needed.
*
* RFC 4511, Section 4.5.1.7:
* A filter of the "or" choice is FALSE if all the filters in the SET OF evaluate to FALSE, TRUE if at least one filter
* is TRUE, and Undefined otherwise.
*/
void
OrFilterResults(
VDIR_FILTER * src,
VDIR_FILTER * dst)
{
VmDirLog( LDAP_DEBUG_TRACE, "OrFilterResults: Begin" );
// First process computeResults, and then candidates lists.
switch (src->computeResult)
{
case FILTER_RES_NORMAL:
switch (dst->computeResult)
{
case FILTER_RES_NORMAL:
break; // normal processing of candidates lists is required.
case FILTER_RES_TRUE:
goto done;
case FILTER_RES_FALSE:
case FILTER_RES_UNDEFINED:
dst->computeResult = FILTER_RES_NORMAL;
break;
}
break;
case FILTER_RES_TRUE:
DeleteCandidates( &(dst->candidates) );
dst->computeResult = FILTER_RES_TRUE;
goto done;
case FILTER_RES_FALSE:
switch (dst->computeResult)
{
case FILTER_RES_NORMAL:
case FILTER_RES_TRUE:
case FILTER_RES_FALSE:
case FILTER_RES_UNDEFINED:
goto done;
}
case FILTER_RES_UNDEFINED:
switch (dst->computeResult)
{
case FILTER_RES_NORMAL:
case FILTER_RES_TRUE:
goto done;
case FILTER_RES_FALSE:
dst->computeResult = FILTER_RES_UNDEFINED;
goto done;
case FILTER_RES_UNDEFINED:
goto done;
}
break;
}
// Handling a non-indexed attribute or a -ve candidates list.
if (src->candidates == NULL || src->candidates->positive == FALSE)
{
DeleteCandidates( &(dst->candidates) );
dst->computeResult = FILTER_RES_TRUE;
goto done;
}
// 1st time initialization of the top of the OR filter.
if (dst->candidates == NULL)
{
dst->candidates = src->candidates;
src->candidates = NULL;
goto done;
}
if (dst->candidates->positive && src->candidates->positive)
{ // Do an OR of +ve candidate lists
UnionCandidates( &(src->candidates), &(dst->candidates) );
} else
{
assert( FALSE );
}
done:
VmDirLog( LDAP_DEBUG_TRACE, "OrFilterResults: End" );
}