void aclg_regen_ugroup_signature( aclUserGroup *ugroup) { ugroup->aclug_signature = aclutil_gen_signature ( ugroup->aclug_signature ); }
int aclinit_main() { Slapi_PBlock *pb; int rv; Slapi_DN *sdn; void *node; if (acl_initialized) { /* There is no need to do anything more */ return 0; } /* Initialize the LIBACCESS ACL library */ if (ACL_Init() != 0) { slapi_log_err(SLAPI_LOG_ERR, plugin_name, "aclinit_main - ACL Library Initialization failed\n"); return 1; } /* register all the LASes supported by the DS */ if (ACL_ERR == __aclinit__RegisterLases()) { /* Error is already logged */ return 1; } /* Register all the Attrs */ if (ACL_ERR == __aclinit__RegisterAttributes()) { /* Error is already logged */ return 1; } /* * Register to get backend state changes so we can add/remove * acis from backends that come up and go down. */ slapi_register_backend_state_change((void *) NULL, acl_be_state_change_fnc); /* register the extensions */ /* ONREPL Moved to the acl_init function because extensions need to be registered before any operations are issued if ( 0 != acl_init_ext() ) { slapi_log_err(SLAPI_LOG_ERR, plugin_name, "Unable to initialize the extensions\n"); return 1; } */ /* create the mutex array */ if ( 0 != aclext_alloc_lockarray ( ) ) { slapi_log_err(SLAPI_LOG_ERR, plugin_name, "aclinit_main - Unable to create the mutext array\n"); return 1; } /* Allocate the pool */ if ( 0 != acl_create_aclpb_pool () ) { slapi_log_err(SLAPI_LOG_ERR, plugin_name, "aclinit_main - Unable to create the acl private pool\n"); return 1; } /* * Now read all the ACLs from all the backends and put it * in a list */ /* initialize the ACLLIST sub-system */ if ( 0 != (rv = acllist_init ( ))) { slapi_log_err(SLAPI_LOG_ERR, plugin_name, "aclinit_main - Unable to initialize the plugin:%d\n", rv ); return 1; } /* Initialize the anonymous profile i.e., generate it */ rv = aclanom_init (); pb = slapi_pblock_new(); /* * search for the aci_attr_type attributes of all entries. * * slapi_get_fist_suffix() and slapi_get_next_suffix() do not return the * rootdse entry so we search for acis in there explicitly here. */ sdn = slapi_sdn_new_ndn_byval(""); slapi_log_err(SLAPI_LOG_ACL, plugin_name, "aclinit_main - Searching for all acis(scope base) at suffix ''\n"); aclinit_search_and_update_aci ( 0, /* thisbeonly */ sdn, /* base */ NULL, /* be name*/ LDAP_SCOPE_BASE, ACL_ADD_ACIS, DO_TAKE_ACLCACHE_WRITELOCK); slapi_sdn_free(&sdn); sdn = slapi_get_first_suffix( &node, 1 ); while (sdn) { slapi_log_err(SLAPI_LOG_ACL, plugin_name, "aclinit_main - Searching for all acis(scope subtree) at suffix '%s'\n", slapi_sdn_get_dn(sdn) ); aclinit_search_and_update_aci ( 0, /* thisbeonly */ sdn, /* base */ NULL, /* be name*/ LDAP_SCOPE_SUBTREE, ACL_ADD_ACIS, DO_TAKE_ACLCACHE_WRITELOCK); sdn = slapi_get_next_suffix( &node, 1 ); } /* Initialize it. */ acl_initialized = 1; /* generate the signatures */ acl_set_aclsignature ( aclutil_gen_signature ( 100 ) ); /* Initialize the user-group cache */ rv = aclgroup_init ( ); aclanom_gen_anomProfile (DO_TAKE_ACLCACHE_READLOCK); /* Register both of the proxied authorization controls (version 1 and 2) */ slapi_register_supported_control( LDAP_CONTROL_PROXYAUTH, SLAPI_OPERATION_SEARCH | SLAPI_OPERATION_COMPARE | SLAPI_OPERATION_ADD | SLAPI_OPERATION_DELETE | SLAPI_OPERATION_MODIFY | SLAPI_OPERATION_MODDN | SLAPI_OPERATION_EXTENDED ); slapi_register_supported_control( LDAP_CONTROL_PROXIEDAUTH, SLAPI_OPERATION_SEARCH | SLAPI_OPERATION_COMPARE | SLAPI_OPERATION_ADD | SLAPI_OPERATION_DELETE | SLAPI_OPERATION_MODIFY | SLAPI_OPERATION_MODDN | SLAPI_OPERATION_EXTENDED ); slapi_pblock_destroy ( pb ); return 0; }
void aclg_regen_group_signature( ) { aclUserGroups->aclg_signature = aclutil_gen_signature ( aclUserGroups->aclg_signature ); }