int register_method (pblock *pb, Session *sn, Request *rq) { char *method = pblock_findval(ACL_ATTR_METHOD, pb); ACLMethod_t t; NSErr_t *errp = 0; ACL_REG(ACL_MethodRegister (errp, method, &t), "Failed to register method \"%s\"", method); return REQ_PROCEED; }
/*************************************************************************** * * __acl__RegisterAttributes * * Register all the attributes supported by the DS. * * Input: * None. * * Returns: * ACL_OK - No error * ACL_ERR - in case of errror * * Error Handling: * None. * **************************************************************************/ static int __aclinit__RegisterAttributes(void) { ACLMethod_t methodinfo; NSErr_t errp; int rv; memset (&errp, 0, sizeof(NSErr_t)); rv = ACL_MethodRegister(&errp, DS_METHOD, &methodinfo); if (rv < 0) { acl_print_acllib_err(&errp, NULL); slapi_log_err(SLAPI_LOG_ERR, plugin_name, "__aclinit__RegisterAttributes - Unable to Register the methods\n"); return ACL_ERR; } rv = ACL_MethodSetDefault (&errp, methodinfo); if (rv < 0) { acl_print_acllib_err(&errp, NULL); slapi_log_err(SLAPI_LOG_ERR, plugin_name, "__aclinit__RegisterAttributes - Unable to Set the default method\n"); return ACL_ERR; } rv = ACL_AttrGetterRegister(&errp, ACL_ATTR_IP, DS_LASIpGetter, methodinfo, ACL_DBTYPE_ANY, ACL_AT_FRONT, NULL); if (rv < 0) { acl_print_acllib_err(&errp, NULL); slapi_log_err(SLAPI_LOG_ERR, plugin_name, "__aclinit__RegisterAttributes - Unable to Register Attr ip\n"); return ACL_ERR; } rv = ACL_AttrGetterRegister(&errp, ACL_ATTR_DNS, DS_LASDnsGetter, methodinfo, ACL_DBTYPE_ANY, ACL_AT_FRONT, NULL); if (rv < 0) { acl_print_acllib_err(&errp, NULL); slapi_log_err(SLAPI_LOG_ERR, plugin_name, "__aclinit__RegisterAttributes - Unable to Register Attr dns\n"); return ACL_ERR; } return ACL_OK; }
/*----------------------------------------------------------------------------- * Various ACL/authdb initializations. See also libaccess/aclinit.cpp for * additional initializations (which run before this one). * */ int init_acl_modules (NSErr_t *errp) { int pos = ACL_AT_END; /* Register the basic method */ ACL_REG(ACL_MethodRegister(errp, ACL_AUTHTYPE_BASIC, &ACL_MethodBasic), "Failed to register the method \"%s\"", ACL_AUTHTYPE_BASIC); /* Register the ssl method */ ACL_REG(ACL_MethodRegister(errp, ACL_AUTHTYPE_SSL, &ACL_MethodSSL), "Failed to register the method \"%s\"", ACL_AUTHTYPE_SSL); /* Register the digest method */ ACL_REG(ACL_MethodRegister(errp, ACL_AUTHTYPE_DIGEST, &ACL_MethodDigest), "Failed to register the method \"%s\"", ACL_AUTHTYPE_DIGEST); #ifdef FEAT_GSS /* Register the gssapi method */ ACL_REG(ACL_MethodRegister(errp, ACL_AUTHTYPE_GSSAPI, &ACL_MethodGSSAPI), "Failed to register the method \"%s\"", ACL_AUTHTYPE_GSSAPI); #endif //------------------------------------------------------------------------ // Generic getters for "any" authdb // method "any" - generic attrs which don't depend on method/authdb ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_AUTHORIZATION, get_authorization_basic, ACL_METHOD_ANY, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_AUTHORIZATION); ACL_REG(ACL_AttrGetterRegister(NULL, ACL_ATTR_IP, LASIpv6Getter, ACL_METHOD_ANY, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_IP); ACL_REG(ACL_AttrGetterRegister(NULL, ACL_ATTR_DNS, LASDnsGetter, ACL_METHOD_ANY, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_DNS); // XXX? why ldap fn for any/any? ACL_REG(ACL_AttrGetterRegister(NULL, ACL_ATTR_USERDN, get_userdn_ldap, ACL_METHOD_ANY, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USERDN); // method "basic" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER, get_auth_user_basic, ACL_MethodBasic, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_RAW_USER, get_user_login_basic, ACL_MethodBasic, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_RAW_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_RAW_PASSWORD, get_user_login_basic, ACL_MethodBasic, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_RAW_PASSWORD); // method "digest" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER, get_auth_user_basic, ACL_MethodDigest, ACL_DBTYPE_ANY, pos,NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_RAW_USER, get_user_login_basic, ACL_MethodDigest, ACL_DBTYPE_ANY, pos,NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_RAW_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_RAW_PASSWORD, get_user_login_basic, ACL_MethodDigest, ACL_DBTYPE_ANY, pos,NULL), "Failed to register attr getter for \"%s\"",ACL_ATTR_RAW_PASSWORD); // method "ssl" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_CERT, get_user_cert_ssl, ACL_MethodSSL, ACL_DBTYPE_ANY, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER_CERT); #ifdef FEAT_GSS // method "gssapi" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER, get_auth_user_gssapi, ACL_MethodGSSAPI, ACL_DBTYPE_ANY, pos,NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, gssapi_authenticate_user, ACL_MethodGSSAPI, ACL_DBTYPE_ANY, pos, NULL), "Failed to register PAM attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); #endif //------------------------------------------------------------------------ // LDAP authdb getters // method "any" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISMEMBER, get_user_ismember_ldap, ACL_METHOD_ANY, ACL_DbTypeLdap, pos, NULL), "Failed to register LDAP attr getter for \"%s\"", ACL_ATTR_USER_ISMEMBER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISINROLE, get_user_isinrole_ldap, ACL_METHOD_ANY, ACL_DbTypeLdap, pos, NULL), "Failed to register LDAP attr getter for \"%s\"", ACL_ATTR_USER_ISINROLE); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_EXISTS, get_user_exists_ldap, ACL_METHOD_ANY, ACL_DbTypeLdap, pos, NULL), "Failed to register LDAP attr getter for \"%s\"", ACL_ATTR_USER_EXISTS); // method "basic" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, get_is_valid_password_ldap, ACL_MethodBasic, ACL_DbTypeLdap, pos, NULL), "Failed to register LDAP attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); // method "digest" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, get_is_valid_password_ldap, ACL_MethodDigest, ACL_DbTypeLdap, pos,NULL), "Failed to register LDAP attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); // method "ssl" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER, get_auth_user_ssl, ACL_MethodSSL, ACL_DbTypeLdap, pos, NULL), "Failed to register SSL LDAP attr getter for \"%s\"", ACL_ATTR_USER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_CERT2GROUP, get_cert2group_ldap, ACL_MethodSSL, ACL_DbTypeLdap, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_CERT2GROUP); //------------------------------------------------------------------------ // NULL authdb getters // method "any" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_EXISTS, get_user_exists_null, ACL_METHOD_ANY, ACL_DbTypeNull, pos, NULL), "Failed to register NULL attr getter for \"%s\"", ACL_ATTR_USER_EXISTS); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISINROLE, get_user_isinrole_null, ACL_METHOD_ANY, ACL_DbTypeNull, pos, NULL), "Failed to register NULL attr getter for \"%s\"", ACL_ATTR_USER_ISINROLE); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISMEMBER, get_user_ismember_null, ACL_METHOD_ANY, ACL_DbTypeNull, pos, NULL), "Failed to register NULL attr getter for \"%s\"", ACL_ATTR_USER_ISMEMBER); // method "basic" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, get_is_valid_password_null, ACL_MethodBasic, ACL_DbTypeNull, pos, NULL), "Failed to register NULL attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); // method "digest" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, get_is_valid_password_null, ACL_MethodDigest, ACL_DbTypeNull, pos,NULL), "Failed to register NULL attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); // method "ssl" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER, get_auth_user_ssl, ACL_MethodSSL, ACL_DbTypeNull, pos, NULL), "Failed to register SSL NULL attr getter for \"%s\"", ACL_ATTR_USER); #ifdef FEAT_PAM //------------------------------------------------------------------------ // PAM authdb getters (see p.103 of ACPG) // method "basic" ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, pam_authenticate_user, ACL_MethodBasic, ACL_DbTypePAM, pos, NULL), "Failed to register PAM attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISMEMBER, pam_user_ismember_get, ACL_MethodBasic, ACL_DbTypePAM, pos, NULL), "Failed to register PAM attr getter for \"%s\"", ACL_ATTR_USER_ISMEMBER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_EXISTS, pam_userexists_get, ACL_MethodBasic, ACL_DbTypePAM, pos, NULL), "Failed to register PAM attr getter for \"%s\"", ACL_ATTR_USER_EXISTS); #endif //------------------------------------------------------------------------ // File authdb getters // method "any" (file supports both basic+digest) ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_IS_VALID_PASSWORD, fileacl_user_get, ACL_METHOD_ANY, ACL_DbTypeFile, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_IS_VALID_PASSWORD); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_ISMEMBER, fileacl_user_ismember_get, ACL_METHOD_ANY, ACL_DbTypeFile, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER_ISMEMBER); ACL_REG(ACL_AttrGetterRegister(errp, ACL_ATTR_USER_EXISTS, fileacl_userexists_get, ACL_METHOD_ANY, ACL_DbTypeFile, pos, NULL), "Failed to register attr getter for \"%s\"", ACL_ATTR_USER_EXISTS); return REQ_PROCEED; }