static int parse_slappasswdopt( void ) { size_t len = 0; char *p; p = strchr( optarg, '=' ); if ( p != NULL ) { len = p - optarg; p++; } if ( strncasecmp( optarg, "module-path", len ) == 0 ) { if ( modulepath ) ch_free( modulepath ); modulepath = ch_strdup( p ); } else if ( strncasecmp( optarg, "module-load", len ) == 0 ) { if ( moduleload ) ch_free( moduleload ); moduleload = ch_strdup( p ); } else { return -1; } return 0; }
int slap_sasl_regexp_config( const char *match, const char *replace ) { int rc; SaslRegexp_t *reg; SaslRegexp = (SaslRegexp_t *) ch_realloc( (char *) SaslRegexp, (nSaslRegexp + 1) * sizeof(SaslRegexp_t) ); reg = &SaslRegexp[nSaslRegexp]; reg->sr_match = ch_strdup( match ); reg->sr_replace = ch_strdup( replace ); /* Precompile matching pattern */ rc = regcomp( ®->sr_workspace, reg->sr_match, REG_EXTENDED|REG_ICASE ); if ( rc ) { #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ERR, "slap_sasl_regexp_config: \"%s\" could not be compiled.\n", reg->sr_match, 0, 0 ); #else Debug( LDAP_DEBUG_ANY, "SASL match pattern %s could not be compiled by regexp engine\n", reg->sr_match, 0, 0 ); #endif return( LDAP_OTHER ); } rc = slap_sasl_rx_off( reg->sr_replace, reg->sr_offset ); if ( rc != LDAP_SUCCESS ) return rc; nSaslRegexp++; return( LDAP_SUCCESS ); }
int init_module(int argc, char *argv[]) { if (argc > 0) { principal = ch_strdup(argv[0]); } if (argc > 1) { kt_name = ch_strdup(argv[1]); } if (argc > 2) { return -1; } return kinit_initialize(); }
int passwd_back_db_config( BackendDB *be, const char *fname, int lineno, int argc, char **argv ) { /* alternate passwd file */ if ( strcasecmp( argv[0], "file" ) == 0 ) { #ifdef HAVE_SETPWFILE if ( argc < 2 ) { fprintf( stderr, "%s: line %d: missing filename in \"file <filename>\" line\n", fname, lineno ); return( 1 ); } be->be_private = ch_strdup( argv[1] ); #else /* HAVE_SETPWFILE */ fprintf( stderr, "%s: line %d: ignoring \"file\" option (not supported on this platform)\n", fname, lineno ); #endif /* HAVE_SETPWFILE */ /* anything else */ } else { return SLAP_CONF_UNKNOWN; } return( 0 ); }
static int mdb_db_init( BackendDB *be, ConfigReply *cr ) { struct mdb_info *mdb; int rc; Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_db_init) ": Initializing mdb database\n", 0, 0, 0 ); /* allocate backend-database-specific stuff */ mdb = (struct mdb_info *) ch_calloc( 1, sizeof(struct mdb_info) ); /* DBEnv parameters */ mdb->mi_dbenv_home = ch_strdup( SLAPD_DEFAULT_DB_DIR ); mdb->mi_dbenv_flags = 0; mdb->mi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; mdb->mi_search_stack_depth = DEFAULT_SEARCH_STACK_DEPTH; mdb->mi_search_stack = NULL; mdb->mi_mapsize = DEFAULT_MAPSIZE; be->be_private = mdb; be->be_cf_ocs = be->bd_info->bi_cf_ocs; #ifndef MDB_MULTIPLE_SUFFIXES SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_ONE_SUFFIX; #endif rc = mdb_monitor_db_init( be ); return rc; }
static int collect_error_msg_cb( Operation *op, SlapReply *rs) { if(rs->sr_text) { op->o_callback->sc_private = (void *) ch_strdup(rs->sr_text); } return LDAP_SUCCESS; }
int backsql_merge_from_clause( backsql_info *bi, struct berbuf *dest_from, struct berval *src_from ) { char *s, *p, *srcc, *pos, e; struct berbuf res = BB_NULL; #ifdef BACKSQL_TRACE Debug( LDAP_DEBUG_TRACE, "==>backsql_merge_from_clause(): " "dest_from=\"%s\",src_from=\"%s\"\n", dest_from ? dest_from->bb_val.bv_val : "<NULL>", src_from->bv_val, 0 ); #endif /* BACKSQL_TRACE */ srcc = ch_strdup( src_from->bv_val ); p = srcc; if ( dest_from != NULL ) { res = *dest_from; } while ( *p ) { s = backsql_get_table_spec( bi, &p ); #ifdef BACKSQL_TRACE Debug( LDAP_DEBUG_TRACE, "backsql_merge_from_clause(): " "p=\"%s\" s=\"%s\"\n", p, s, 0 ); #endif /* BACKSQL_TRACE */ if ( BER_BVISNULL( &res.bb_val ) ) { backsql_strcat_x( &res, NULL, s, NULL ); } else { pos = strstr( res.bb_val.bv_val, s ); if ( pos == NULL || ( ( e = pos[ strlen( s ) ] ) != '\0' && e != ',' ) ) { backsql_strfcat_x( &res, NULL, "cs", ',', s ); } } if ( s ) { ch_free( s ); } } #ifdef BACKSQL_TRACE Debug( LDAP_DEBUG_TRACE, "<==backsql_merge_from_clause()\n", 0, 0, 0 ); #endif /* BACKSQL_TRACE */ free( srcc ); *dest_from = res; return 1; }
static int mdb_db_init( BackendDB *be, ConfigReply *cr ) { struct mdb_info *mdb; int rc; Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_db_init) ": Initializing mdb database\n" ); #if MDBX_MODE_ENABLED unsigned flags = mdbx_setup_debug(MDBX_DBG_DNT, mdbx_debug, MDBX_DBG_DNT); flags &= ~(MDBX_DBG_TRACE | MDBX_DBG_EXTRA | MDBX_DBG_ASSERT); if (reopenldap_mode_check()) flags |= MDBX_DBG_ASSERT; # if LDAP_DEBUG > 1 flags |= MDBX_DBG_PRINT | MDBX_DBG_TRACE; # endif /* LDAP_DEBUG > 1 */ # if LDAP_DEBUG > 2 flags |= MDBX_DBG_EXTRA; # endif /* LDAP_DEBUG > 2 */ mdbx_setup_debug(flags, (MDBX_debug_func*) MDBX_DBG_DNT, MDBX_DBG_DNT); #endif /* MDBX_MODE_ENABLED */ /* allocate backend-database-specific stuff */ mdb = (struct mdb_info *) ch_calloc( 1, sizeof(struct mdb_info) ); /* DBEnv parameters */ mdb->mi_dbenv_home = ch_strdup( SLAPD_DEFAULT_DB_DIR ); mdb->mi_dbenv_flags = 0; mdb->mi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; mdb->mi_search_stack_depth = DEFAULT_SEARCH_STACK_DEPTH; mdb->mi_search_stack = NULL; mdb->mi_mapsize = DEFAULT_MAPSIZE; mdb->mi_rtxn_size = DEFAULT_RTXN_SIZE; be->be_private = mdb; be->be_cf_ocs = be->bd_info->bi_cf_ocs; #ifndef MDB_MULTIPLE_SUFFIXES SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_ONE_SUFFIX; #endif slap_backtrace_set_dir( mdb->mi_dbenv_home ); ldap_pvt_thread_mutex_init( &mdb->mi_ads_mutex ); rc = mdb_monitor_db_init( be ); return rc; }
static int wt_db_init( BackendDB *be, ConfigReply *cr ) { struct wt_info *wi; Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(wt_db_init) ": Initializing wt backend\n", 0, 0, 0 ); /* allocate backend-database-specific stuff */ wi = ch_calloc( 1, sizeof(struct wt_info) ); wi->wi_dbenv_home = ch_strdup( SLAPD_DEFAULT_DB_DIR ); wi->wi_dbenv_config = ch_strdup("create"); wi->wi_lastid = 0; wi->wi_search_stack_depth = DEFAULT_SEARCH_STACK_DEPTH; wi->wi_search_stack = NULL; be->be_private = wi; be->be_cf_ocs = be->bd_info->bi_cf_ocs; return LDAP_SUCCESS; }
static int bdb_db_init( BackendDB *be, ConfigReply *cr ) { struct bdb_info *bdb; int rc; Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_db_init) ": Initializing " BDB_UCTYPE " database\n", 0, 0, 0 ); /* allocate backend-database-specific stuff */ bdb = (struct bdb_info *) ch_calloc( 1, sizeof(struct bdb_info) ); /* DBEnv parameters */ bdb->bi_dbenv_home = ch_strdup( SLAPD_DEFAULT_DB_DIR ); bdb->bi_dbenv_xflags = DB_TIME_NOTGRANTED; bdb->bi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; bdb->bi_cache.c_maxsize = DEFAULT_CACHE_SIZE; bdb->bi_cache.c_minfree = 1; bdb->bi_lock_detect = DB_LOCK_DEFAULT; bdb->bi_search_stack_depth = DEFAULT_SEARCH_STACK_DEPTH; bdb->bi_search_stack = NULL; ldap_pvt_thread_mutex_init( &bdb->bi_database_mutex ); ldap_pvt_thread_mutex_init( &bdb->bi_lastid_mutex ); #ifdef BDB_HIER ldap_pvt_thread_mutex_init( &bdb->bi_modrdns_mutex ); #endif ldap_pvt_thread_mutex_init( &bdb->bi_cache.c_lru_mutex ); ldap_pvt_thread_mutex_init( &bdb->bi_cache.c_count_mutex ); ldap_pvt_thread_mutex_init( &bdb->bi_cache.c_eifree_mutex ); ldap_pvt_thread_mutex_init( &bdb->bi_cache.c_dntree.bei_kids_mutex ); ldap_pvt_thread_rdwr_init ( &bdb->bi_cache.c_rwlock ); ldap_pvt_thread_rdwr_init( &bdb->bi_idl_tree_rwlock ); ldap_pvt_thread_mutex_init( &bdb->bi_idl_tree_lrulock ); be->be_private = bdb; be->be_cf_ocs = be->bd_info->bi_cf_ocs; #ifndef BDB_MULTIPLE_SUFFIXES SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_ONE_SUFFIX; #endif rc = bdb_monitor_db_init( be ); return rc; }
static char * word_dup( char *w ) { char *s, *ret; char save; for ( s = w; !iswordbreak( *s ); s++ ) ; /* NULL */ save = *s; *s = '\0'; ret = ch_strdup( w ); *s = save; return( ret ); }
static char *v2ref( BerVarray ref, const char *text ) { size_t len = 0, i = 0; char *v2; if(ref == NULL) { if (text) { return ch_strdup(text); } else { return NULL; } } if ( text != NULL ) { len = strlen( text ); if (text[len-1] != '\n') { i = 1; } } v2 = ch_malloc( len+i+sizeof("Referral:") ); if( text != NULL ) { strcpy(v2, text); if( i ) { v2[len++] = '\n'; } } strcpy( v2+len, "Referral:" ); len += sizeof("Referral:"); for( i=0; ref[i].bv_val != NULL; i++ ) { v2 = ch_realloc( v2, len + ref[i].bv_len + 1 ); v2[len-1] = '\n'; memcpy(&v2[len], ref[i].bv_val, ref[i].bv_len ); len += ref[i].bv_len; if (ref[i].bv_val[ref[i].bv_len-1] != '/') { ++len; } } v2[len-1] = '\0'; return v2; }
static char * rwm_suffix_massage_regexize( const char *s ) { char *res, *ptr; const char *p, *r; int i; if ( s[0] == '\0' ) { return ch_strdup( "^(.+)$" ); } for ( i = 0, p = s; ( r = strchr( p, ',' ) ) != NULL; p = r + 1, i++ ) ; res = ch_calloc( sizeof( char ), strlen( s ) + STRLENOF( "((.+),)?" ) + STRLENOF( "[ ]?" ) * i + STRLENOF( "$" ) + 1 ); ptr = lutil_strcopy( res, "((.+),)?" ); for ( i = 0, p = s; ( r = strchr( p, ',' ) ) != NULL; p = r + 1 , i++ ) { ptr = lutil_strncopy( ptr, p, r - p + 1 ); ptr = lutil_strcopy( ptr, "[ ]?" ); if ( r[ 1 ] == ' ' ) { r++; } } ptr = lutil_strcopy( ptr, p ); ptr[0] = '$'; ptr[1] = '\0'; return res; }
int backsql_api_config( backsql_info *bi, const char *name, int argc, char *argv[] ) { backsql_api *ba; assert( bi != NULL ); assert( name != NULL ); for ( ba = backsqlapi; ba; ba = ba->ba_next ) { if ( strcasecmp( name, ba->ba_name ) == 0 ) { backsql_api *ba2; ba2 = ch_malloc( sizeof( backsql_api ) ); *ba2 = *ba; if ( ba2->ba_config ) { if ( ( *ba2->ba_config )( ba2, argc, argv ) ) { ch_free( ba2 ); return 1; } ba2->ba_argc = argc; if ( argc ) { int i; ba2->ba_argv = ch_malloc( argc * sizeof(char *)); for ( i=0; i<argc; i++ ) ba2->ba_argv[i] = ch_strdup( argv[i] ); } } ba2->ba_next = bi->sql_api; bi->sql_api = ba2; return 0; } } return 1; }
int passwd_back_search( Operation *op, SlapReply *rs ) { struct passwd *pw; time_t stoptime = (time_t)-1; LDAPRDN rdn = NULL; struct berval parent = BER_BVNULL; AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; if ( op->ors_tlimit != SLAP_NO_LIMIT ) { stoptime = op->o_time + op->ors_tlimit; } /* Handle a query for the base of this backend */ if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) { struct berval val; rs->sr_matched = op->o_req_dn.bv_val; if( op->ors_scope != LDAP_SCOPE_ONELEVEL ) { AttributeDescription *desc = NULL; char *next; Entry e = { 0 }; /* Create an entry corresponding to the base DN */ e.e_name.bv_val = ch_strdup( op->o_req_dn.bv_val ); e.e_name.bv_len = op->o_req_dn.bv_len; e.e_nname.bv_val = ch_strdup( op->o_req_ndn.bv_val ); e.e_nname.bv_len = op->o_req_ndn.bv_len; /* Use the first attribute of the DN * as an attribute within the entry itself. */ if( ldap_bv2rdn( &op->o_req_dn, &rdn, &next, LDAP_DN_FORMAT_LDAP ) ) { rs->sr_err = LDAP_INVALID_DN_SYNTAX; goto done; } if( slap_bv2ad( &rdn[0]->la_attr, &desc, &rs->sr_text )) { rs->sr_err = LDAP_NO_SUCH_OBJECT; ldap_rdnfree(rdn); goto done; } attr_merge_normalize_one( &e, desc, &rdn[0]->la_value, NULL ); ldap_rdnfree(rdn); rdn = NULL; /* Every entry needs an objectclass. We don't really * know if our hardcoded choice here agrees with the * DN that was configured for this backend, but it's * better than nothing. * * should be a configuratable item */ BER_BVSTR( &val, "organizationalUnit" ); attr_merge_one( &e, ad_objectClass, &val, NULL ); if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) { rs->sr_entry = &e; rs->sr_attrs = op->ors_attrs; rs->sr_flags = REP_ENTRY_MODIFIABLE; send_search_entry( op, rs ); rs->sr_flags = 0; rs->sr_attrs = NULL; } entry_clean( &e ); } if ( op->ors_scope != LDAP_SCOPE_BASE ) { /* check all our "children" */ ldap_pvt_thread_mutex_lock( &passwd_mutex ); pw_start( op->o_bd ); for ( pw = getpwent(); pw != NULL; pw = getpwent() ) { Entry e = { 0 }; /* check for abandon */ if ( op->o_abandon ) { endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); return( SLAPD_ABANDON ); } /* check time limit */ if ( op->ors_tlimit != SLAP_NO_LIMIT && slap_get_time() > stoptime ) { send_ldap_error( op, rs, LDAP_TIMELIMIT_EXCEEDED, NULL ); endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); return( 0 ); } if ( pw2entry( op->o_bd, pw, &e ) ) { rs->sr_err = LDAP_OTHER; endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); goto done; } if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) { /* check size limit */ if ( --op->ors_slimit == -1 ) { send_ldap_error( op, rs, LDAP_SIZELIMIT_EXCEEDED, NULL ); endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); return( 0 ); } rs->sr_entry = &e; rs->sr_attrs = op->ors_attrs; rs->sr_flags = REP_ENTRY_MODIFIABLE; send_search_entry( op, rs ); rs->sr_flags = 0; rs->sr_entry = NULL; } entry_clean( &e ); } endpwent(); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); } } else { char *next; Entry e = { 0 }; int rc; if (! be_issuffix( op->o_bd, &op->o_req_ndn ) ) { dnParent( &op->o_req_ndn, &parent ); } /* This backend is only one layer deep. Don't answer requests for * anything deeper than that. */ if( !be_issuffix( op->o_bd, &parent ) ) { int i; for( i=0; op->o_bd->be_nsuffix[i].bv_val != NULL; i++ ) { if( dnIsSuffix( &op->o_req_ndn, &op->o_bd->be_nsuffix[i] ) ) { rs->sr_matched = op->o_bd->be_suffix[i].bv_val; break; } } rs->sr_err = LDAP_NO_SUCH_OBJECT; goto done; } if( op->ors_scope == LDAP_SCOPE_ONELEVEL ) { goto done; } if ( ldap_bv2rdn( &op->o_req_dn, &rdn, &next, LDAP_DN_FORMAT_LDAP )) { rs->sr_err = LDAP_OTHER; goto done; } ldap_pvt_thread_mutex_lock( &passwd_mutex ); pw_start( op->o_bd ); pw = getpwnam( rdn[0]->la_value.bv_val ); if ( pw == NULL ) { rs->sr_matched = parent.bv_val; rs->sr_err = LDAP_NO_SUCH_OBJECT; ldap_pvt_thread_mutex_unlock( &passwd_mutex ); goto done; } rc = pw2entry( op->o_bd, pw, &e ); ldap_pvt_thread_mutex_unlock( &passwd_mutex ); if ( rc ) { rs->sr_err = LDAP_OTHER; goto done; } if ( test_filter( op, &e, op->ors_filter ) == LDAP_COMPARE_TRUE ) { rs->sr_entry = &e; rs->sr_attrs = op->ors_attrs; rs->sr_flags = REP_ENTRY_MODIFIABLE; send_search_entry( op, rs ); rs->sr_flags = 0; rs->sr_entry = NULL; rs->sr_attrs = NULL; } entry_clean( &e ); } done: if( rs->sr_err != LDAP_NO_SUCH_OBJECT ) rs->sr_matched = NULL; send_ldap_result( op, rs ); if( rdn != NULL ) ldap_rdnfree( rdn ); return( 0 ); }
int ldbm_back_referrals( Backend *be, Connection *conn, Operation *op, struct berval *dn, struct berval *ndn, const char **text ) { struct ldbminfo *li = (struct ldbminfo *) be->be_private; int rc = LDAP_SUCCESS; Entry *e, *matched; if( op->o_tag == LDAP_REQ_SEARCH ) { /* let search take care of itself */ return rc; } if( get_manageDSAit( op ) ) { /* let op take care of DSA management */ return rc; } /* grab giant lock for reading */ ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock); /* get entry with reader lock */ e = dn2entry_r( be, ndn, &matched ); if ( e == NULL ) { char *matched_dn = NULL; BerVarray refs = NULL; if ( matched != NULL ) { matched_dn = ch_strdup( matched->e_dn ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", op->o_tag, dn->bv_val, matched_dn ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", op->o_tag, dn->bv_val, matched_dn ); #endif if( is_entry_referral( matched ) ) { rc = LDAP_OTHER; refs = get_entry_referrals( be, conn, op, matched ); } cache_return_entry_r( &li->li_cache, matched ); } else if ( default_referral != NULL ) { rc = LDAP_OTHER; refs = referral_rewrite( default_referral, NULL, dn, LDAP_SCOPE_DEFAULT ); } ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); if( refs != NULL ) { /* send referrals */ send_ldap_result( conn, op, rc = LDAP_REFERRAL, matched_dn, NULL, refs, NULL ); ber_bvarray_free( refs ); } else if ( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, matched_dn, matched_dn ? "bad referral object" : "bad default referral", NULL, NULL ); } if ( matched_dn ) free( matched_dn ); return rc; } if ( is_entry_referral( e ) ) { /* entry is a referral */ BerVarray refs = get_entry_referrals( be, conn, op, e ); BerVarray rrefs = referral_rewrite( refs, &e->e_name, dn, LDAP_SCOPE_DEFAULT ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", op->o_tag, dn->bv_val, e->e_dn ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_referrals: op=%ld target=\"%s\" matched=\"%s\"\n", op->o_tag, dn->bv_val, e->e_dn ); #endif if( rrefs != NULL ) { send_ldap_result( conn, op, rc = LDAP_REFERRAL, e->e_dn, NULL, rrefs, NULL ); ber_bvarray_free( rrefs ); } else { send_ldap_result( conn, op, rc = LDAP_OTHER, e->e_dn, "bad referral object", NULL, NULL ); } if( refs != NULL ) ber_bvarray_free( refs ); } cache_return_entry_r( &li->li_cache, e ); ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock); return rc; }
int wt_compare( Operation *op, SlapReply *rs ) { struct wt_info *wi = (struct wt_info *) op->o_bd->be_private; Entry *e = NULL; int manageDSAit = get_manageDSAit( op ); int rc; wt_ctx *wc = NULL; Debug( LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(wt_compare) ": %s\n", op->o_req_dn.bv_val, 0, 0 ); wc = wt_ctx_get(op, wi); if( !wc ){ Debug( LDAP_DEBUG_ANY, LDAP_XSTRING(wt_compare) ": wt_ctx_get failed\n", 0, 0, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; send_ldap_result( op, rs ); return rs->sr_err; } rs->sr_err = wt_dn2entry(op->o_bd, wc, &op->o_req_ndn, &e); switch( rs->sr_err ) { case 0: case WT_NOTFOUND: break; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if ( rs->sr_err == WT_NOTFOUND ) { if ( e != NULL ) { /* return referral only if "disclose" is granted on the object */ if ( ! access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { rs->sr_matched = ch_strdup( e->e_dn ); if ( is_entry_referral( e )) { BerVarray ref = get_entry_referrals( op, e ); rs->sr_ref = referral_rewrite( ref, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); ber_bvarray_free( ref ); } else { rs->sr_ref = NULL; } rs->sr_err = LDAP_REFERRAL; } wt_entry_return( e ); e = NULL; } else { rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); rs->sr_err = rs->sr_ref ? LDAP_REFERRAL : LDAP_NO_SUCH_OBJECT; } rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED; send_ldap_result( op, rs ); goto done; } if (!manageDSAit && is_entry_referral( e ) ) { /* return referral only if "disclose" is granted on the object */ if ( !access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { /* entry is a referral, don't allow compare */ rs->sr_ref = get_entry_referrals( op, e ); rs->sr_err = LDAP_REFERRAL; rs->sr_matched = e->e_name.bv_val; } Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 ); send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } rs->sr_err = slap_compare_entry( op, e, op->orc_ava ); return_results: send_ldap_result( op, rs ); switch ( rs->sr_err ) { case LDAP_COMPARE_FALSE: case LDAP_COMPARE_TRUE: rs->sr_err = LDAP_SUCCESS; break; } done: if ( e != NULL ) { wt_entry_return( e ); } return rs->sr_err; }
int slappasswd( int argc, char *argv[] ) { int rc = EXIT_SUCCESS; #ifdef LUTIL_SHA1_BYTES char *default_scheme = "{SSHA}"; #else char *default_scheme = "{SMD5}"; #endif char *scheme = default_scheme; char *newpw = NULL; char *pwfile = NULL; const char *text; const char *progname = "slappasswd"; int i; char *newline = "\n"; struct berval passwd = BER_BVNULL; struct berval hash; #ifdef LDAP_DEBUG /* tools default to "none", so that at least LDAP_DEBUG_ANY * messages show up; use -d 0 to reset */ slap_debug = LDAP_DEBUG_NONE; #endif ldap_syslog = 0; while( (i = getopt( argc, argv, "c:d:gh:no:s:T:vu" )) != EOF ) { switch (i) { case 'c': /* crypt salt format */ scheme = "{CRYPT}"; lutil_salt_format( optarg ); break; case 'g': /* new password (generate) */ if ( pwfile != NULL ) { fprintf( stderr, "Option -g incompatible with -T\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "New password already provided\n" ); return EXIT_FAILURE; } else if ( lutil_passwd_generate( &passwd, 8 )) { fprintf( stderr, "Password generation failed\n" ); return EXIT_FAILURE; } break; case 'h': /* scheme */ if ( scheme != default_scheme ) { fprintf( stderr, "Scheme already provided\n" ); return EXIT_FAILURE; } else { scheme = ch_strdup( optarg ); } break; case 'n': newline = ""; break; case 'o': if ( parse_slappasswdopt() ) { usage ( progname ); } break; case 's': /* new password (secret) */ if ( pwfile != NULL ) { fprintf( stderr, "Option -s incompatible with -T\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "New password already provided\n" ); return EXIT_FAILURE; } else { char* p; newpw = ch_strdup( optarg ); for( p = optarg; *p != '\0'; p++ ) { *p = '\0'; } } break; case 'T': /* password file */ if ( pwfile != NULL ) { fprintf( stderr, "Password file already provided\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "Option -T incompatible with -s/-g\n" ); return EXIT_FAILURE; } pwfile = optarg; break; case 'u': /* RFC2307 userPassword */ break; case 'v': /* verbose */ verbose++; break; default: usage ( progname ); } } if( argc - optind != 0 ) { usage( progname ); } #ifdef SLAPD_MODULES if ( module_init() != 0 ) { fprintf( stderr, "%s: module_init failed\n", progname ); return EXIT_FAILURE; } if ( modulepath && module_path(modulepath) ) { rc = EXIT_FAILURE; goto destroy; } if ( moduleload && module_load(moduleload, 0, NULL) ) { rc = EXIT_FAILURE; goto destroy; } #endif if( pwfile != NULL ) { if( lutil_get_filed_password( pwfile, &passwd )) { rc = EXIT_FAILURE; goto destroy; } } else if ( BER_BVISEMPTY( &passwd )) { if( newpw == NULL ) { /* prompt for new password */ char *cknewpw; newpw = ch_strdup(getpassphrase("New password: "******"Re-enter new password: "******"Password values do not match\n" ); rc = EXIT_FAILURE; goto destroy; } } passwd.bv_val = newpw; passwd.bv_len = strlen(passwd.bv_val); } else { hash = passwd; goto print_pw; } lutil_passwd_hash( &passwd, scheme, &hash, &text ); if( hash.bv_val == NULL ) { fprintf( stderr, "Password generation failed for scheme %s: %s\n", scheme, text ? text : "" ); rc = EXIT_FAILURE; goto destroy; } if( lutil_passwd( &hash, &passwd, NULL, &text ) ) { fprintf( stderr, "Password verification failed. %s\n", text ? text : "" ); rc = EXIT_FAILURE; goto destroy; } print_pw:; printf( "%s%s" , hash.bv_val, newline ); destroy:; #ifdef SLAPD_MODULES module_kill(); #endif return rc; }
/* * This routine generates the DN appropriate to return in * an LDAP referral. */ static char * referral_dn_muck( const char * refDN, struct berval * baseDN, struct berval * targetDN ) { int rc; struct berval bvin; struct berval nrefDN = BER_BVNULL; struct berval nbaseDN = BER_BVNULL; struct berval ntargetDN = BER_BVNULL; if( !baseDN ) { /* no base, return target */ return targetDN ? ch_strdup( targetDN->bv_val ) : NULL; } if( refDN ) { bvin.bv_val = (char *)refDN; bvin.bv_len = strlen( refDN ); rc = dnPretty( NULL, &bvin, &nrefDN, NULL ); if( rc != LDAP_SUCCESS ) { /* Invalid refDN */ return NULL; } } if( !targetDN ) { /* continuation reference * if refDN present return refDN * else return baseDN */ return nrefDN.bv_len ? nrefDN.bv_val : ch_strdup( baseDN->bv_val ); } rc = dnPretty( NULL, targetDN, &ntargetDN, NULL ); if( rc != LDAP_SUCCESS ) { /* Invalid targetDN */ ch_free( nrefDN.bv_val ); return NULL; } if( nrefDN.bv_len ) { rc = dnPretty( NULL, baseDN, &nbaseDN, NULL ); if( rc != LDAP_SUCCESS ) { /* Invalid baseDN */ ch_free( nrefDN.bv_val ); ch_free( ntargetDN.bv_val ); return NULL; } if( dn_match( &nbaseDN, &nrefDN ) ) { ch_free( nrefDN.bv_val ); ch_free( nbaseDN.bv_val ); return ntargetDN.bv_val; } { struct berval muck; if( ntargetDN.bv_len < nbaseDN.bv_len ) { ch_free( nrefDN.bv_val ); ch_free( nbaseDN.bv_val ); return ntargetDN.bv_val; } rc = strcasecmp( &ntargetDN.bv_val[ntargetDN.bv_len-nbaseDN.bv_len], nbaseDN.bv_val ); if( rc ) { /* target not subordinate to base */ ch_free( nrefDN.bv_val ); ch_free( nbaseDN.bv_val ); return ntargetDN.bv_val; } muck.bv_len = ntargetDN.bv_len + nrefDN.bv_len - nbaseDN.bv_len; muck.bv_val = ch_malloc( muck.bv_len + 1 ); strncpy( muck.bv_val, ntargetDN.bv_val, ntargetDN.bv_len-nbaseDN.bv_len ); strcpy( &muck.bv_val[ntargetDN.bv_len-nbaseDN.bv_len], nrefDN.bv_val ); ch_free( nrefDN.bv_val ); ch_free( nbaseDN.bv_val ); ch_free( ntargetDN.bv_val ); return muck.bv_val; } } ch_free( nrefDN.bv_val ); return ntargetDN.bv_val; }
int slappasswd( int argc, char *argv[] ) { #ifdef LUTIL_SHA1_BYTES char *default_scheme = "{SSHA}"; #else char *default_scheme = "{SMD5}"; #endif char *scheme = default_scheme; char *newpw = NULL; char *pwfile = NULL; const char *text; const char *progname = "slappasswd"; int i; char *newline = "\n"; struct berval passwd = BER_BVNULL; struct berval hash; while( (i = getopt( argc, argv, "c:d:gh:ns:T:vu" )) != EOF ) { switch (i) { case 'c': /* crypt salt format */ scheme = "{CRYPT}"; lutil_salt_format( optarg ); break; case 'g': /* new password (generate) */ if ( pwfile != NULL ) { fprintf( stderr, "Option -g incompatible with -T\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "New password already provided\n" ); return EXIT_FAILURE; } else if ( lutil_passwd_generate( &passwd, 8 )) { fprintf( stderr, "Password generation failed\n" ); return EXIT_FAILURE; } break; case 'h': /* scheme */ if ( scheme != default_scheme ) { fprintf( stderr, "Scheme already provided\n" ); return EXIT_FAILURE; } else { scheme = ch_strdup( optarg ); } break; case 'n': newline = ""; break; case 's': /* new password (secret) */ if ( pwfile != NULL ) { fprintf( stderr, "Option -s incompatible with -T\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "New password already provided\n" ); return EXIT_FAILURE; } else { char* p; newpw = ch_strdup( optarg ); for( p = optarg; *p != '\0'; p++ ) { *p = '\0'; } } break; case 'T': /* password file */ if ( pwfile != NULL ) { fprintf( stderr, "Password file already provided\n" ); return EXIT_FAILURE; } else if ( newpw != NULL ) { fprintf( stderr, "Option -T incompatible with -s/-g\n" ); return EXIT_FAILURE; } pwfile = optarg; break; case 'u': /* RFC2307 userPassword */ break; case 'v': /* verbose */ verbose++; break; default: usage ( progname ); } } if( argc - optind != 0 ) { usage( progname ); } if( pwfile != NULL ) { if( lutil_get_filed_password( pwfile, &passwd )) { return EXIT_FAILURE; } } else if ( BER_BVISEMPTY( &passwd )) { if( newpw == NULL ) { /* prompt for new password */ char *cknewpw; newpw = ch_strdup(getpassphrase("New password: "******"Re-enter new password: "******"Password values do not match\n" ); return EXIT_FAILURE; } } passwd.bv_val = newpw; passwd.bv_len = strlen(passwd.bv_val); } else { hash = passwd; goto print_pw; } lutil_passwd_hash( &passwd, scheme, &hash, &text ); if( hash.bv_val == NULL ) { fprintf( stderr, "Password generation failed for scheme %s: %s\n", scheme, text ? text : "" ); return EXIT_FAILURE; } if( lutil_passwd( &hash, &passwd, NULL, &text ) ) { fprintf( stderr, "Password verification failed. %s\n", text ? text : "" ); return EXIT_FAILURE; } print_pw:; printf( "%s%s" , hash.bv_val, newline ); return EXIT_SUCCESS; }
static int autoca_cf( ConfigArgs *c ) { slap_overinst *on = (slap_overinst *)c->bi; autoca_info *ai = on->on_bi.bi_private; int rc = 0; switch( c->op ) { case SLAP_CONFIG_EMIT: switch( c->type ) { case ACA_USRCLASS: if ( ai->ai_usrclass ) { c->value_string = ch_strdup( ai->ai_usrclass->soc_cname.bv_val ); } else { rc = 1; } break; case ACA_SRVCLASS: if ( ai->ai_srvclass ) { c->value_string = ch_strdup( ai->ai_srvclass->soc_cname.bv_val ); } else { rc = 1; } break; case ACA_USRKEYBITS: c->value_int = ai->ai_usrkeybits; break; case ACA_SRVKEYBITS: c->value_int = ai->ai_srvkeybits; break; case ACA_CAKEYBITS: c->value_int = ai->ai_cakeybits; break; case ACA_USRDAYS: c->value_int = ai->ai_usrdays; break; case ACA_SRVDAYS: c->value_int = ai->ai_srvdays; break; case ACA_CADAYS: c->value_int = ai->ai_cadays; break; case ACA_LOCALDN: if ( !BER_BVISNULL( &ai->ai_localdn )) { rc = value_add_one( &c->rvalue_vals, &ai->ai_localdn ); } else { rc = 1; } break; } break; case LDAP_MOD_DELETE: switch( c->type ) { case ACA_USRCLASS: ai->ai_usrclass = NULL; break; case ACA_SRVCLASS: ai->ai_srvclass = NULL; break; case ACA_LOCALDN: if ( ai->ai_localdn.bv_val ) { ch_free( ai->ai_localdn.bv_val ); ch_free( ai->ai_localndn.bv_val ); BER_BVZERO( &ai->ai_localdn ); BER_BVZERO( &ai->ai_localndn ); } break; /* single-valued attrs, all no-ops */ } break; case SLAP_CONFIG_ADD: case LDAP_MOD_ADD: switch( c->type ) { case ACA_USRCLASS: { ObjectClass *oc = oc_find( c->value_string ); if ( oc ) ai->ai_usrclass = oc; else rc = 1; } break; case ACA_SRVCLASS: { ObjectClass *oc = oc_find( c->value_string ); if ( oc ) ai->ai_srvclass = oc; else rc = 1; } case ACA_USRKEYBITS: if ( c->value_int < MIN_KEYBITS ) rc = 1; else ai->ai_usrkeybits = c->value_int; break; case ACA_SRVKEYBITS: if ( c->value_int < MIN_KEYBITS ) rc = 1; else ai->ai_srvkeybits = c->value_int; break; case ACA_CAKEYBITS: if ( c->value_int < MIN_KEYBITS ) rc = 1; else ai->ai_cakeybits = c->value_int; break; case ACA_USRDAYS: ai->ai_usrdays = c->value_int; break; case ACA_SRVDAYS: ai->ai_srvdays = c->value_int; break; case ACA_CADAYS: ai->ai_cadays = c->value_int; break; case ACA_LOCALDN: if ( c->be->be_nsuffix == NULL ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "suffix must be set" ); Debug( LDAP_DEBUG_CONFIG, "autoca_config: %s\n", c->cr_msg, NULL, NULL ); rc = ARG_BAD_CONF; break; } if ( !dnIsSuffix( &c->value_ndn, c->be->be_nsuffix )) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "DN is not a subordinate of backend" ); Debug( LDAP_DEBUG_CONFIG, "autoca_config: %s\n", c->cr_msg, NULL, NULL ); rc = ARG_BAD_CONF; break; } if ( ai->ai_localdn.bv_val ) { ch_free( ai->ai_localdn.bv_val ); ch_free( ai->ai_localndn.bv_val ); } ai->ai_localdn = c->value_dn; ai->ai_localndn = c->value_ndn; } } return rc; }
int bdb_compare( Operation *op, SlapReply *rs ) { struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; Entry *e = NULL; EntryInfo *ei; int manageDSAit = get_manageDSAit( op ); DB_TXN *rtxn; DB_LOCK lock; rs->sr_err = bdb_reader_get(op, bdb->bi_dbenv, &rtxn); switch(rs->sr_err) { case 0: break; default: send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); return rs->sr_err; } dn2entry_retry: /* get entry */ rs->sr_err = bdb_dn2entry( op, rtxn, &op->o_req_ndn, &ei, 1, &lock ); switch( rs->sr_err ) { case DB_NOTFOUND: case 0: break; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } e = ei->bei_e; if ( rs->sr_err == DB_NOTFOUND ) { if ( e != NULL ) { /* return referral only if "disclose" is granted on the object */ if ( ! access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { rs->sr_matched = ch_strdup( e->e_dn ); rs->sr_ref = is_entry_referral( e ) ? get_entry_referrals( op, e ) : NULL; rs->sr_err = LDAP_REFERRAL; } bdb_cache_return_entry_r( bdb, e, &lock ); e = NULL; } else { rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); rs->sr_err = rs->sr_ref ? LDAP_REFERRAL : LDAP_NO_SUCH_OBJECT; } send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); free( (char *)rs->sr_matched ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } if (!manageDSAit && is_entry_referral( e ) ) { /* return referral only if "disclose" is granted on the object */ if ( !access_allowed( op, e, slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) ) { rs->sr_err = LDAP_NO_SUCH_OBJECT; } else { /* entry is a referral, don't allow compare */ rs->sr_ref = get_entry_referrals( op, e ); rs->sr_err = LDAP_REFERRAL; rs->sr_matched = e->e_name.bv_val; } Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 ); send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } rs->sr_err = slap_compare_entry( op, e, op->orc_ava ); return_results: send_ldap_result( op, rs ); switch ( rs->sr_err ) { case LDAP_COMPARE_FALSE: case LDAP_COMPARE_TRUE: rs->sr_err = LDAP_SUCCESS; break; } done: /* free entry */ if ( e != NULL ) { bdb_cache_return_entry_r( bdb, e, &lock ); } return rs->sr_err; }
void slap_init_user( char *user, char *group ) { uid_t uid = 0; gid_t gid = 0; int got_uid = 0, got_gid = 0; if ( user ) { struct passwd *pwd; if ( isdigit( (unsigned char) *user ) ) { unsigned u; got_uid = 1; if ( lutil_atou( &u, user ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Unble to parse user %s\n", user ); exit( EXIT_FAILURE ); } uid = (uid_t)u; #ifdef HAVE_GETPWUID pwd = getpwuid( uid ); goto did_getpw; #else free( user ); user = NULL; #endif } else { pwd = getpwnam( user ); did_getpw: if ( pwd == NULL ) { Debug( LDAP_DEBUG_ANY, "No passwd entry for user %s\n", user ); exit( EXIT_FAILURE ); } if ( got_uid ) { free( user ); user = (pwd != NULL ? ch_strdup( pwd->pw_name ) : NULL); } else { got_uid = 1; uid = pwd->pw_uid; } got_gid = 1; gid = pwd->pw_gid; #ifdef HAVE_ENDPWENT endpwent(); #endif } } if ( group ) { struct group *grp; if ( isdigit( (unsigned char) *group )) { unsigned g; if ( lutil_atou( &g, group ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Unble to parse group %s\n", group ); exit( EXIT_FAILURE ); } gid = (uid_t)g; #ifdef HAVE_GETGRGID grp = getgrgid( gid ); goto did_group; #endif } else { grp = getgrnam( group ); if ( grp != NULL ) gid = grp->gr_gid; did_group: if ( grp == NULL ) { Debug( LDAP_DEBUG_ANY, "No group entry for group %s\n", group ); exit( EXIT_FAILURE ); } } free( group ); got_gid = 1; } if ( user ) { if ( getuid() == 0 && initgroups( user, gid ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Could not set the group access (gid) list\n" ); exit( EXIT_FAILURE ); } free( user ); } #ifdef HAVE_ENDGRENT endgrent(); #endif if ( got_gid ) { if ( setgid( gid ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Could not set real group id to %d\n", (int) gid ); exit( EXIT_FAILURE ); } #ifdef HAVE_SETEGID if ( setegid( gid ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Could not set effective group id to %d\n", (int) gid ); exit( EXIT_FAILURE ); } #endif } if ( got_uid ) { if ( setuid( uid ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n", (int) uid ); exit( EXIT_FAILURE ); } #ifdef HAVE_SETEUID if ( seteuid( uid ) != 0 ) { Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n", (int) uid ); exit( EXIT_FAILURE ); } #endif } }
static int sql_cf_gen( ConfigArgs *c ) { backsql_info *bi = (backsql_info *)c->be->be_private; int rc = 0; if ( c->op == SLAP_CONFIG_EMIT ) { switch( c->type ) { case BSQL_CONCAT_PATT: if ( bi->sql_concat_patt ) { c->value_string = ch_strdup( bi->sql_concat_patt ); } else { rc = 1; } break; case BSQL_CREATE_NEEDS_SEL: if ( bi->sql_flags & BSQLF_CREATE_NEEDS_SELECT ) c->value_int = 1; break; case BSQL_UPPER_NEEDS_CAST: if ( bi->sql_flags & BSQLF_UPPER_NEEDS_CAST ) c->value_int = 1; break; case BSQL_HAS_LDAPINFO_DN_RU: if ( !(bi->sql_flags & BSQLF_DONTCHECK_LDAPINFO_DN_RU) ) return 1; if ( bi->sql_flags & BSQLF_HAS_LDAPINFO_DN_RU ) c->value_int = 1; break; case BSQL_FAIL_IF_NO_MAPPING: if ( bi->sql_flags & BSQLF_FAIL_IF_NO_MAPPING ) c->value_int = 1; break; case BSQL_ALLOW_ORPHANS: if ( bi->sql_flags & BSQLF_ALLOW_ORPHANS ) c->value_int = 1; break; case BSQL_SUBTREE_SHORTCUT: if ( bi->sql_flags & BSQLF_USE_SUBTREE_SHORTCUT ) c->value_int = 1; break; case BSQL_FETCH_ALL_ATTRS: if ( bi->sql_flags & BSQLF_FETCH_ALL_ATTRS ) c->value_int = 1; break; case BSQL_CHECK_SCHEMA: if ( bi->sql_flags & BSQLF_CHECK_SCHEMA ) c->value_int = 1; break; case BSQL_AUTOCOMMIT: if ( bi->sql_flags & BSQLF_AUTOCOMMIT_ON ) c->value_int = 1; break; case BSQL_BASE_OBJECT: if ( bi->sql_base_ob_file ) { c->value_string = ch_strdup( bi->sql_base_ob_file ); } else if ( bi->sql_baseObject ) { c->value_string = ch_strdup( "TRUE" ); } else { rc = 1; } break; case BSQL_LAYER: if ( bi->sql_api ) { backsql_api *ba; struct berval bv; char *ptr; int i; for ( ba = bi->sql_api; ba; ba = ba->ba_next ) { bv.bv_len = strlen( ba->ba_name ); if ( ba->ba_argc ) { for ( i = 0; i<ba->ba_argc; i++ ) bv.bv_len += strlen( ba->ba_argv[i] ) + 3; } bv.bv_val = ch_malloc( bv.bv_len + 1 ); ptr = lutil_strcopy( bv.bv_val, ba->ba_name ); if ( ba->ba_argc ) { for ( i = 0; i<ba->ba_argc; i++ ) { *ptr++ = ' '; *ptr++ = '"'; ptr = lutil_strcopy( ptr, ba->ba_argv[i] ); *ptr++ = '"'; } } ber_bvarray_add( &c->rvalue_vals, &bv ); } } else { rc = 1; } break; case BSQL_ALIASING_KEYWORD: if ( !BER_BVISNULL( &bi->sql_aliasing )) { struct berval bv; bv = bi->sql_aliasing; bv.bv_len--; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } break; case BSQL_FETCH_ATTRS: if ( bi->sql_anlist || ( bi->sql_flags & (BSQLF_FETCH_ALL_USERATTRS| BSQLF_FETCH_ALL_OPATTRS))) { char buf[BUFSIZ*2], *ptr; struct berval bv; # define WHATSLEFT ((ber_len_t) (&buf[sizeof( buf )] - ptr)) ptr = buf; if ( bi->sql_anlist ) { ptr = anlist_unparse( bi->sql_anlist, ptr, WHATSLEFT ); if ( ptr == NULL ) return 1; } if ( bi->sql_flags & BSQLF_FETCH_ALL_USERATTRS ) { if ( WHATSLEFT <= STRLENOF( ",*" )) return 1; if ( ptr != buf ) *ptr++ = ','; *ptr++ = '*'; } if ( bi->sql_flags & BSQLF_FETCH_ALL_OPATTRS ) { if ( WHATSLEFT <= STRLENOF( ",+" )) return 1; if ( ptr != buf ) *ptr++ = ','; *ptr++ = '+'; } bv.bv_val = buf; bv.bv_len = ptr - buf; value_add_one( &c->rvalue_vals, &bv ); } break; } return rc; } else if ( c->op == LDAP_MOD_DELETE ) { /* FIXME */ return -1; } switch( c->type ) { case BSQL_CONCAT_PATT: if ( backsql_split_pattern( c->argv[ 1 ], &bi->sql_concat_func, 2 ) ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: unable to parse pattern \"%s\"", c->log, c->argv[ 1 ] ); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } bi->sql_concat_patt = c->value_string; break; case BSQL_CREATE_NEEDS_SEL: if ( c->value_int ) bi->sql_flags |= BSQLF_CREATE_NEEDS_SELECT; else bi->sql_flags &= ~BSQLF_CREATE_NEEDS_SELECT; break; case BSQL_UPPER_NEEDS_CAST: if ( c->value_int ) bi->sql_flags |= BSQLF_UPPER_NEEDS_CAST; else bi->sql_flags &= ~BSQLF_UPPER_NEEDS_CAST; break; case BSQL_HAS_LDAPINFO_DN_RU: bi->sql_flags |= BSQLF_DONTCHECK_LDAPINFO_DN_RU; if ( c->value_int ) bi->sql_flags |= BSQLF_HAS_LDAPINFO_DN_RU; else bi->sql_flags &= ~BSQLF_HAS_LDAPINFO_DN_RU; break; case BSQL_FAIL_IF_NO_MAPPING: if ( c->value_int ) bi->sql_flags |= BSQLF_FAIL_IF_NO_MAPPING; else bi->sql_flags &= ~BSQLF_FAIL_IF_NO_MAPPING; break; case BSQL_ALLOW_ORPHANS: if ( c->value_int ) bi->sql_flags |= BSQLF_ALLOW_ORPHANS; else bi->sql_flags &= ~BSQLF_ALLOW_ORPHANS; break; case BSQL_SUBTREE_SHORTCUT: if ( c->value_int ) bi->sql_flags |= BSQLF_USE_SUBTREE_SHORTCUT; else bi->sql_flags &= ~BSQLF_USE_SUBTREE_SHORTCUT; break; case BSQL_FETCH_ALL_ATTRS: if ( c->value_int ) bi->sql_flags |= BSQLF_FETCH_ALL_ATTRS; else bi->sql_flags &= ~BSQLF_FETCH_ALL_ATTRS; break; case BSQL_CHECK_SCHEMA: if ( c->value_int ) bi->sql_flags |= BSQLF_CHECK_SCHEMA; else bi->sql_flags &= ~BSQLF_CHECK_SCHEMA; break; case BSQL_AUTOCOMMIT: if ( c->value_int ) bi->sql_flags |= BSQLF_AUTOCOMMIT_ON; else bi->sql_flags &= ~BSQLF_AUTOCOMMIT_ON; break; case BSQL_BASE_OBJECT: if ( c->be->be_nsuffix == NULL ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: suffix must be set", c->log ); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); rc = ARG_BAD_CONF; break; } if ( bi->sql_baseObject ) { Debug( LDAP_DEBUG_CONFIG, "%s: " "\"baseObject\" already provided (will be overwritten)\n", c->log, 0, 0 ); entry_free( bi->sql_baseObject ); } if ( c->argc == 2 && !strcmp( c->argv[1], "TRUE" )) c->argc = 1; switch( c->argc ) { case 1: return create_baseObject( c->be, c->fname, c->lineno ); case 2: rc = read_baseObject( c->be, c->argv[ 1 ] ); if ( rc == 0 ) { ch_free( bi->sql_base_ob_file ); bi->sql_base_ob_file = c->value_string; } return rc; default: snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: trailing values in directive", c->log ); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return 1; } break; case BSQL_LAYER: if ( backsql_api_config( bi, c->argv[ 1 ], c->argc - 2, &c->argv[ 2 ] ) ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: unable to load sql layer", c->log ); Debug( LDAP_DEBUG_ANY, "%s \"%s\"\n", c->cr_msg, c->argv[1], 0 ); return 1; } break; case BSQL_ALIASING_KEYWORD: if ( ! BER_BVISNULL( &bi->sql_aliasing ) ) { ch_free( bi->sql_aliasing.bv_val ); } ber_str2bv( c->argv[ 1 ], strlen( c->argv[ 1 ] ) + 1, 1, &bi->sql_aliasing ); /* add a trailing space... */ bi->sql_aliasing.bv_val[ bi->sql_aliasing.bv_len - 1] = ' '; break; case BSQL_FETCH_ATTRS: { char *str, *s, *next; const char *delimstr = ","; str = ch_strdup( c->argv[ 1 ] ); for ( s = ldap_pvt_strtok( str, delimstr, &next ); s != NULL; s = ldap_pvt_strtok( NULL, delimstr, &next ) ) { if ( strlen( s ) == 1 ) { if ( *s == '*' ) { bi->sql_flags |= BSQLF_FETCH_ALL_USERATTRS; c->argv[ 1 ][ s - str ] = ','; } else if ( *s == '+' ) { bi->sql_flags |= BSQLF_FETCH_ALL_OPATTRS; c->argv[ 1 ][ s - str ] = ','; } } } ch_free( str ); bi->sql_anlist = str2anlist( bi->sql_anlist, c->argv[ 1 ], delimstr ); if ( bi->sql_anlist == NULL ) { return -1; } } break; } return rc; }
static int bdb_cf_gen( ConfigArgs *c ) { struct bdb_info *bdb = c->be->be_private; int rc; if ( c->op == SLAP_CONFIG_EMIT ) { rc = 0; switch( c->type ) { case BDB_MODE: { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "0%o", bdb->bi_dbenv_mode ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } break; case BDB_CHKPT: if ( bdb->bi_txn_cp ) { char buf[64]; struct berval bv; bv.bv_len = snprintf( buf, sizeof(buf), "%d %d", bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min ); if ( bv.bv_len > 0 && bv.bv_len < sizeof(buf) ) { bv.bv_val = buf; value_add_one( &c->rvalue_vals, &bv ); } else { rc = 1; } } else { rc = 1; } break; case BDB_CRYPTFILE: if ( bdb->bi_db_crypt_file ) { c->value_string = ch_strdup( bdb->bi_db_crypt_file ); } else { rc = 1; } break; /* If a crypt file has been set, its contents are copied here. * But we don't want the key to be incorporated here. */ case BDB_CRYPTKEY: if ( !bdb->bi_db_crypt_file && !BER_BVISNULL( &bdb->bi_db_crypt_key )) { value_add_one( &c->rvalue_vals, &bdb->bi_db_crypt_key ); } else { rc = 1; } break; case BDB_DIRECTORY: if ( bdb->bi_dbenv_home ) { c->value_string = ch_strdup( bdb->bi_dbenv_home ); } else { rc = 1; } break; case BDB_CONFIG: if ( !( bdb->bi_flags & BDB_IS_OPEN ) && !bdb->bi_db_config ) { char buf[SLAP_TEXT_BUFLEN]; FILE *f = fopen( bdb->bi_db_config_path, "r" ); struct berval bv; if ( f ) { bdb->bi_flags |= BDB_HAS_CONFIG; while ( fgets( buf, sizeof(buf), f )) { ber_str2bv( buf, 0, 1, &bv ); if ( bv.bv_len > 0 && bv.bv_val[bv.bv_len-1] == '\n' ) { bv.bv_len--; bv.bv_val[bv.bv_len] = '\0'; } /* shouldn't need this, but ... */ if ( bv.bv_len > 0 && bv.bv_val[bv.bv_len-1] == '\r' ) { bv.bv_len--; bv.bv_val[bv.bv_len] = '\0'; } ber_bvarray_add( &bdb->bi_db_config, &bv ); } fclose( f ); } } if ( bdb->bi_db_config ) { int i; struct berval bv; bv.bv_val = c->log; for (i=0; !BER_BVISNULL(&bdb->bi_db_config[i]); i++) { bv.bv_len = sprintf( bv.bv_val, "{%d}%s", i, bdb->bi_db_config[i].bv_val ); value_add_one( &c->rvalue_vals, &bv ); } } if ( !c->rvalue_vals ) rc = 1; break; case BDB_NOSYNC: if ( bdb->bi_dbenv_xflags & DB_TXN_NOSYNC ) c->value_int = 1; break; case BDB_CHECKSUM: if ( bdb->bi_flags & BDB_CHKSUM ) c->value_int = 1; break; case BDB_INDEX: bdb_attr_index_unparse( bdb, &c->rvalue_vals ); if ( !c->rvalue_vals ) rc = 1; break; case BDB_LOCKD: rc = 1; if ( bdb->bi_lock_detect != DB_LOCK_DEFAULT ) { int i; for (i=0; !BER_BVISNULL(&bdb_lockd[i].word); i++) { if ( bdb->bi_lock_detect == (u_int32_t)bdb_lockd[i].mask ) { value_add_one( &c->rvalue_vals, &bdb_lockd[i].word ); rc = 0; break; } } } break; case BDB_SSTACK: c->value_int = bdb->bi_search_stack_depth; break; case BDB_PGSIZE: { struct bdb_db_pgsize *ps; char buf[SLAP_TEXT_BUFLEN]; struct berval bv; int rc = 1; bv.bv_val = buf; for ( ps = bdb->bi_pagesizes; ps; ps = ps->bdp_next ) { bv.bv_len = sprintf( buf, "%s %d", ps->bdp_name.bv_val, ps->bdp_size / 1024 ); value_add_one( &c->rvalue_vals, &bv ); rc = 0; } break; } } return rc; } else if ( c->op == LDAP_MOD_DELETE ) { rc = 0; switch( c->type ) { case BDB_MODE: #if 0 /* FIXME: does it make any sense to change the mode, * if we don't exec a chmod()? */ bdb->bi_dbenv_mode = SLAPD_DEFAULT_DB_MODE; break; #endif /* single-valued no-ops */ case BDB_LOCKD: case BDB_SSTACK: break; case BDB_CHKPT: if ( bdb->bi_txn_cp_task ) { struct re_s *re = bdb->bi_txn_cp_task; bdb->bi_txn_cp_task = NULL; ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ) ) ldap_pvt_runqueue_stoptask( &slapd_rq, re ); ldap_pvt_runqueue_remove( &slapd_rq, re ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } bdb->bi_txn_cp = 0; break; case BDB_CONFIG: if ( c->valx < 0 ) { ber_bvarray_free( bdb->bi_db_config ); bdb->bi_db_config = NULL; } else { int i = c->valx; ch_free( bdb->bi_db_config[i].bv_val ); for (; bdb->bi_db_config[i].bv_val; i++) bdb->bi_db_config[i] = bdb->bi_db_config[i+1]; } bdb->bi_flags |= BDB_UPD_CONFIG; c->cleanup = bdb_cf_cleanup; break; /* Doesn't really make sense to change these on the fly; * the entire DB must be dumped and reloaded */ case BDB_CRYPTFILE: if ( bdb->bi_db_crypt_file ) { ch_free( bdb->bi_db_crypt_file ); bdb->bi_db_crypt_file = NULL; } /* FALLTHRU */ case BDB_CRYPTKEY: if ( !BER_BVISNULL( &bdb->bi_db_crypt_key )) { ch_free( bdb->bi_db_crypt_key.bv_val ); BER_BVZERO( &bdb->bi_db_crypt_key ); } break; case BDB_DIRECTORY: bdb->bi_flags |= BDB_RE_OPEN; bdb->bi_flags ^= BDB_HAS_CONFIG; ch_free( bdb->bi_dbenv_home ); bdb->bi_dbenv_home = NULL; ch_free( bdb->bi_db_config_path ); bdb->bi_db_config_path = NULL; c->cleanup = bdb_cf_cleanup; ldap_pvt_thread_pool_purgekey( bdb->bi_dbenv ); break; case BDB_NOSYNC: bdb->bi_dbenv->set_flags( bdb->bi_dbenv, DB_TXN_NOSYNC, 0 ); break; case BDB_CHECKSUM: bdb->bi_flags &= ~BDB_CHKSUM; break; case BDB_INDEX: if ( c->valx == -1 ) { int i; /* delete all (FIXME) */ for ( i = 0; i < bdb->bi_nattrs; i++ ) { bdb->bi_attrs[i]->ai_indexmask |= BDB_INDEX_DELETING; } bdb->bi_flags |= BDB_DEL_INDEX; c->cleanup = bdb_cf_cleanup; } else { struct berval bv, def = BER_BVC("default"); char *ptr; for (ptr = c->line; !isspace( (unsigned char) *ptr ); ptr++); bv.bv_val = c->line; bv.bv_len = ptr - bv.bv_val; if ( bvmatch( &bv, &def )) { bdb->bi_defaultmask = 0; } else { int i; char **attrs; char sep; sep = bv.bv_val[ bv.bv_len ]; bv.bv_val[ bv.bv_len ] = '\0'; attrs = ldap_str2charray( bv.bv_val, "," ); for ( i = 0; attrs[ i ]; i++ ) { AttributeDescription *ad = NULL; const char *text; AttrInfo *ai; slap_str2ad( attrs[ i ], &ad, &text ); /* if we got here... */ assert( ad != NULL ); ai = bdb_attr_mask( bdb, ad ); /* if we got here... */ assert( ai != NULL ); ai->ai_indexmask |= BDB_INDEX_DELETING; bdb->bi_flags |= BDB_DEL_INDEX; c->cleanup = bdb_cf_cleanup; } bv.bv_val[ bv.bv_len ] = sep; ldap_charray_free( attrs ); } } break; /* doesn't make sense on the fly; the DB file must be * recreated */ case BDB_PGSIZE: { struct bdb_db_pgsize *ps, **prev; int i; for ( i = 0, prev = &bdb->bi_pagesizes, ps = *prev; ps; prev = &ps->bdp_next, ps = ps->bdp_next, i++ ) { if ( c->valx == -1 || i == c->valx ) { *prev = ps->bdp_next; ch_free( ps ); ps = *prev; if ( i == c->valx ) break; } } } break; } return rc; } switch( c->type ) { case BDB_MODE: if ( ASCII_DIGIT( c->argv[1][0] ) ) { long mode; char *next; errno = 0; mode = strtol( c->argv[1], &next, 0 ); if ( errno != 0 || next == c->argv[1] || next[0] != '\0' ) { fprintf( stderr, "%s: " "unable to parse mode=\"%s\".\n", c->log, c->argv[1] ); return 1; } bdb->bi_dbenv_mode = mode; } else { char *m = c->argv[1]; int who, what, mode = 0; if ( strlen( m ) != STRLENOF("-rwxrwxrwx") ) { return 1; } if ( m[0] != '-' ) { return 1; } m++; for ( who = 0; who < 3; who++ ) { for ( what = 0; what < 3; what++, m++ ) { if ( m[0] == '-' ) { continue; } else if ( m[0] != "rwx"[what] ) { return 1; } mode += ((1 << (2 - what)) << 3*(2 - who)); } } bdb->bi_dbenv_mode = mode; } break; case BDB_CHKPT: { long l; bdb->bi_txn_cp = 1; if ( lutil_atolx( &l, c->argv[1], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid kbyte \"%s\" in \"checkpoint\".\n", c->log, c->argv[1] ); return 1; } bdb->bi_txn_cp_kbyte = l; if ( lutil_atolx( &l, c->argv[2], 0 ) != 0 ) { fprintf( stderr, "%s: " "invalid minutes \"%s\" in \"checkpoint\".\n", c->log, c->argv[2] ); return 1; } bdb->bi_txn_cp_min = l; /* If we're in server mode and time-based checkpointing is enabled, * submit a task to perform periodic checkpoints. */ if ((slapMode & SLAP_SERVER_MODE) && bdb->bi_txn_cp_min ) { struct re_s *re = bdb->bi_txn_cp_task; if ( re ) { re->interval.tv_sec = bdb->bi_txn_cp_min * 60; } else { if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"checkpoint\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); bdb->bi_txn_cp_task = ldap_pvt_runqueue_insert( &slapd_rq, bdb->bi_txn_cp_min * 60, bdb_checkpoint, bdb, LDAP_XSTRING(bdb_checkpoint), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } } } break; case BDB_CONFIG: { char *ptr = c->line; struct berval bv; if ( c->op == SLAP_CONFIG_ADD ) { ptr += STRLENOF("dbconfig"); while (!isspace((unsigned char)*ptr)) ptr++; while (isspace((unsigned char)*ptr)) ptr++; } if ( bdb->bi_flags & BDB_IS_OPEN ) { bdb->bi_flags |= BDB_UPD_CONFIG; c->cleanup = bdb_cf_cleanup; } else { /* If we're just starting up... */ FILE *f; /* If a DB_CONFIG file exists, or we don't know the path * to the DB_CONFIG file, ignore these directives */ if (( bdb->bi_flags & BDB_HAS_CONFIG ) || !bdb->bi_db_config_path ) break; f = fopen( bdb->bi_db_config_path, "a" ); if ( f ) { /* FIXME: EBCDIC probably needs special handling */ fprintf( f, "%s\n", ptr ); fclose( f ); } } ber_str2bv( ptr, 0, 1, &bv ); ber_bvarray_add( &bdb->bi_db_config, &bv ); } break; case BDB_CRYPTFILE: rc = lutil_get_filed_password( c->value_string, &bdb->bi_db_crypt_key ); if ( rc == 0 ) { bdb->bi_db_crypt_file = c->value_string; } break; /* Cannot set key if file was already set */ case BDB_CRYPTKEY: if ( bdb->bi_db_crypt_file ) { rc = 1; } else { bdb->bi_db_crypt_key = c->value_bv; } break; case BDB_DIRECTORY: { FILE *f; char *ptr, *testpath; int len; len = strlen( c->value_string ); testpath = ch_malloc( len + STRLENOF(LDAP_DIRSEP) + STRLENOF("DUMMY") + 1 ); ptr = lutil_strcopy( testpath, c->value_string ); *ptr++ = LDAP_DIRSEP[0]; strcpy( ptr, "DUMMY" ); f = fopen( testpath, "w" ); if ( f ) { fclose( f ); unlink( testpath ); } ch_free( testpath ); if ( !f ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: invalid path: %s", c->log, strerror( errno )); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } if ( bdb->bi_dbenv_home ) ch_free( bdb->bi_dbenv_home ); bdb->bi_dbenv_home = c->value_string; /* See if a DB_CONFIG file already exists here */ if ( bdb->bi_db_config_path ) ch_free( bdb->bi_db_config_path ); bdb->bi_db_config_path = ch_malloc( len + STRLENOF(LDAP_DIRSEP) + STRLENOF("DB_CONFIG") + 1 ); ptr = lutil_strcopy( bdb->bi_db_config_path, bdb->bi_dbenv_home ); *ptr++ = LDAP_DIRSEP[0]; strcpy( ptr, "DB_CONFIG" ); f = fopen( bdb->bi_db_config_path, "r" ); if ( f ) { bdb->bi_flags |= BDB_HAS_CONFIG; fclose(f); } } break; case BDB_NOSYNC: if ( c->value_int ) bdb->bi_dbenv_xflags |= DB_TXN_NOSYNC; else bdb->bi_dbenv_xflags &= ~DB_TXN_NOSYNC; if ( bdb->bi_flags & BDB_IS_OPEN ) { bdb->bi_dbenv->set_flags( bdb->bi_dbenv, DB_TXN_NOSYNC, c->value_int ); } break; case BDB_CHECKSUM: if ( c->value_int ) bdb->bi_flags |= BDB_CHKSUM; else bdb->bi_flags &= ~BDB_CHKSUM; break; case BDB_INDEX: rc = bdb_attr_index_config( bdb, c->fname, c->lineno, c->argc - 1, &c->argv[1], &c->reply); if( rc != LDAP_SUCCESS ) return 1; if (( bdb->bi_flags & BDB_IS_OPEN ) && !bdb->bi_index_task ) { /* Start the task as soon as we finish here. Set a long * interval (10 hours) so that it only gets scheduled once. */ if ( c->be->be_suffix == NULL || BER_BVISNULL( &c->be->be_suffix[0] ) ) { fprintf( stderr, "%s: " "\"index\" must occur after \"suffix\".\n", c->log ); return 1; } ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); bdb->bi_index_task = ldap_pvt_runqueue_insert( &slapd_rq, 36000, bdb_online_index, c->be, LDAP_XSTRING(bdb_online_index), c->be->be_suffix[0].bv_val ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); } break; case BDB_LOCKD: rc = verb_to_mask( c->argv[1], bdb_lockd ); if ( BER_BVISNULL(&bdb_lockd[rc].word) ) { fprintf( stderr, "%s: " "bad policy (%s) in \"lockDetect <policy>\" line\n", c->log, c->argv[1] ); return 1; } bdb->bi_lock_detect = (u_int32_t)rc; break; case BDB_SSTACK: if ( c->value_int < MINIMUM_SEARCH_STACK_DEPTH ) { fprintf( stderr, "%s: depth %d too small, using %d\n", c->log, c->value_int, MINIMUM_SEARCH_STACK_DEPTH ); c->value_int = MINIMUM_SEARCH_STACK_DEPTH; } bdb->bi_search_stack_depth = c->value_int; break; case BDB_PGSIZE: { struct bdb_db_pgsize *ps, **prev; int i, s; s = atoi(c->argv[2]); if ( s < 1 || s > 64 ) { snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s: size must be > 0 and <= 64: %d", c->log, s ); Debug( LDAP_DEBUG_ANY, "%s\n", c->cr_msg, 0, 0 ); return -1; } i = strlen(c->argv[1]); ps = ch_malloc( sizeof(struct bdb_db_pgsize) + i + 1 ); ps->bdp_next = NULL; ps->bdp_name.bv_len = i; ps->bdp_name.bv_val = (char *)(ps+1); strcpy( ps->bdp_name.bv_val, c->argv[1] ); ps->bdp_size = s * 1024; for ( prev = &bdb->bi_pagesizes; *prev; prev = &(*prev)->bdp_next ) ; *prev = ps; } break; } return 0; }
int backsql_split_pattern( const char *_pattern, BerVarray *split_pattern, int expected ) { char *pattern, *start, *end; struct berval bv; int rc = 0; #define SPLIT_CHAR '?' assert( _pattern != NULL ); assert( split_pattern != NULL ); pattern = ch_strdup( _pattern ); start = pattern; end = strchr( start, SPLIT_CHAR ); for ( ; start; expected-- ) { char *real_end = end; ber_len_t real_len; if ( real_end == NULL ) { real_end = start + strlen( start ); } else if ( real_end[ 1 ] == SPLIT_CHAR ) { expected++; AC_MEMCPY( real_end, real_end + 1, strlen( real_end ) ); end = strchr( real_end + 1, SPLIT_CHAR ); continue; } real_len = real_end - start; if ( real_len == 0 ) { ber_str2bv( "", 0, 1, &bv ); } else { ber_str2bv( start, real_len, 1, &bv ); } ber_bvarray_add( split_pattern, &bv ); if ( expected == 0 ) { if ( end != NULL ) { rc = -1; goto done; } break; } if ( end != NULL ) { start = end + 1; end = strchr( start, SPLIT_CHAR ); } } done:; ch_free( pattern ); return rc; }
int bdb_modrdn( Operation *op, SlapReply *rs ) { struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private; AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; struct berval p_dn, p_ndn; struct berval new_dn = {0, NULL}, new_ndn = {0, NULL}; Entry *e = NULL; Entry *p = NULL; EntryInfo *ei = NULL, *eip = NULL, *nei = NULL, *neip = NULL; /* LDAP v2 supporting correct attribute handling. */ char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; DB_TXN *ltid = NULL, *lt2; struct bdb_op_info opinfo = {{{ 0 }}}; Entry dummy = {0}; Entry *np = NULL; /* newSuperior Entry */ struct berval *np_dn = NULL; /* newSuperior dn */ struct berval *np_ndn = NULL; /* newSuperior ndn */ struct berval *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */ int manageDSAit = get_manageDSAit( op ); DB_LOCK lock, plock, nplock; int num_retries = 0; LDAPControl **preread_ctrl = NULL; LDAPControl **postread_ctrl = NULL; LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS]; int num_ctrls = 0; int rc; int parent_is_glue = 0; int parent_is_leaf = 0; #ifdef LDAP_X_TXN int settle = 0; #endif Debug( LDAP_DEBUG_TRACE, "==>" LDAP_XSTRING(bdb_modrdn) "(%s,%s,%s)\n", op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" ); #ifdef LDAP_X_TXN if( op->o_txnSpec ) { /* acquire connection lock */ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); if( op->o_conn->c_txn == CONN_TXN_INACTIVE ) { rs->sr_text = "invalid transaction identifier"; rs->sr_err = LDAP_X_TXN_ID_INVALID; goto txnReturn; } else if( op->o_conn->c_txn == CONN_TXN_SETTLE ) { settle=1; goto txnReturn; } if( op->o_conn->c_txn_backend == NULL ) { op->o_conn->c_txn_backend = op->o_bd; } else if( op->o_conn->c_txn_backend != op->o_bd ) { rs->sr_text = "transaction cannot span multiple database contexts"; rs->sr_err = LDAP_AFFECTS_MULTIPLE_DSAS; goto txnReturn; } /* insert operation into transaction */ rs->sr_text = "transaction specified"; rs->sr_err = LDAP_X_TXN_SPECIFY_OKAY; txnReturn: /* release connection lock */ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if( !settle ) { send_ldap_result( op, rs ); return rs->sr_err; } } #endif ctrls[num_ctrls] = NULL; slap_mods_opattrs( op, &op->orr_modlist, 1 ); if( 0 ) { retry: /* transaction retry */ if ( dummy.e_attrs ) { attrs_free( dummy.e_attrs ); dummy.e_attrs = NULL; } if (e != NULL) { bdb_unlocked_cache_return_entry_w(&bdb->bi_cache, e); e = NULL; } if (p != NULL) { bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p); p = NULL; } if (np != NULL) { bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, np); np = NULL; } Debug( LDAP_DEBUG_TRACE, "==>" LDAP_XSTRING(bdb_modrdn) ": retrying...\n", 0, 0, 0 ); rs->sr_err = TXN_ABORT( ltid ); ltid = NULL; LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next ); opinfo.boi_oe.oe_key = NULL; op->o_do_not_cache = opinfo.boi_acl_cache; if( rs->sr_err != 0 ) { rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if ( op->o_abandon ) { rs->sr_err = SLAPD_ABANDON; goto return_results; } parent_is_glue = 0; parent_is_leaf = 0; bdb_trans_backoff( ++num_retries ); } /* begin transaction */ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id, bdb->bi_db_opflags ); rs->sr_text = NULL; if( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": txn_begin failed: " "%s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": txn1 id: %x\n", ltid->id(ltid), 0, 0 ); opinfo.boi_oe.oe_key = bdb; opinfo.boi_txn = ltid; opinfo.boi_err = 0; opinfo.boi_acl_cache = op->o_do_not_cache; LDAP_SLIST_INSERT_HEAD( &op->o_extra, &opinfo.boi_oe, oe_next ); /* get entry */ rs->sr_err = bdb_dn2entry( op, ltid, &op->o_req_ndn, &ei, 1, &lock ); switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } e = ei->bei_e; /* FIXME: dn2entry() should return non-glue entry */ if (( rs->sr_err == DB_NOTFOUND ) || ( !manageDSAit && e && is_entry_glue( e ))) { if( e != NULL ) { rs->sr_matched = ch_strdup( e->e_dn ); rs->sr_ref = is_entry_referral( e ) ? get_entry_referrals( op, e ) : NULL; bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, e); e = NULL; } else { rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } rs->sr_err = LDAP_REFERRAL; send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); free( (char *)rs->sr_matched ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } if ( get_assert( op ) && ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE )) { rs->sr_err = LDAP_ASSERTION_FAILED; goto return_results; } /* check write on old entry */ rs->sr_err = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ); if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0, 0, 0 ); rs->sr_text = "no write access to old entry"; rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } #ifndef BDB_HIER rs->sr_err = bdb_cache_children( op, ltid, e ); if ( rs->sr_err != DB_NOTFOUND ) { switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case 0: Debug(LDAP_DEBUG_ARGS, "<=- " LDAP_XSTRING(bdb_modrdn) ": non-leaf %s\n", op->o_req_dn.bv_val, 0, 0); rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF; rs->sr_text = "subtree rename not supported"; break; default: Debug(LDAP_DEBUG_ARGS, "<=- " LDAP_XSTRING(bdb_modrdn) ": has_children failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; } goto return_results; } ei->bei_state |= CACHE_ENTRY_NO_KIDS; #endif if (!manageDSAit && is_entry_referral( e ) ) { /* parent is a referral, don't allow add */ rs->sr_ref = get_entry_referrals( op, e ); Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": entry %s is referral\n", e->e_dn, 0, 0 ); rs->sr_err = LDAP_REFERRAL, rs->sr_matched = e->e_name.bv_val; send_ldap_result( op, rs ); ber_bvarray_free( rs->sr_ref ); rs->sr_ref = NULL; rs->sr_matched = NULL; goto done; } if ( be_issuffix( op->o_bd, &e->e_nname ) ) { #ifdef BDB_MULTIPLE_SUFFIXES /* Allow renaming one suffix entry to another */ p_ndn = slap_empty_bv; #else /* There can only be one suffix entry */ rs->sr_err = LDAP_NAMING_VIOLATION; rs->sr_text = "cannot rename suffix entry"; goto return_results; #endif } else { dnParent( &e->e_nname, &p_ndn ); } np_ndn = &p_ndn; eip = ei->bei_parent; if ( eip && eip->bei_id ) { /* Make sure parent entry exist and we can write its * children. */ rs->sr_err = bdb_cache_find_id( op, ltid, eip->bei_id, &eip, 0, &plock ); switch( rs->sr_err ) { case 0: case DB_NOTFOUND: break; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } p = eip->bei_e; if( p == NULL) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": parent does not exist\n", 0, 0, 0); rs->sr_err = LDAP_OTHER; rs->sr_text = "old entry's parent does not exist"; goto return_results; } } else { p = (Entry *)&slap_entry_root; } /* check parent for "children" acl */ rs->sr_err = access_allowed( op, p, children, NULL, op->oq_modrdn.rs_newSup == NULL ? ACL_WRITE : ACL_WDEL, NULL ); if ( !p_ndn.bv_len ) p = NULL; if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } rs->sr_err = LDAP_INSUFFICIENT_ACCESS; Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, 0, 0 ); rs->sr_text = "no write access to old parent's children"; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": wr to children " "of entry %s OK\n", p_ndn.bv_val, 0, 0 ); if ( p_ndn.bv_val == slap_empty_bv.bv_val ) { p_dn = slap_empty_bv; } else { dnParent( &e->e_name, &p_dn ); } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": parent dn=%s\n", p_dn.bv_val, 0, 0 ); new_parent_dn = &p_dn; /* New Parent unless newSuperior given */ if ( op->oq_modrdn.rs_newSup != NULL ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": new parent \"%s\" requested...\n", op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); /* newSuperior == oldParent? */ if( dn_match( &p_ndn, op->oq_modrdn.rs_nnewSup ) ) { Debug( LDAP_DEBUG_TRACE, "bdb_back_modrdn: " "new parent \"%s\" same as the old parent \"%s\"\n", op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ } } /* There's a BDB_MULTIPLE_SUFFIXES case here that this code doesn't * support. E.g., two suffixes dc=foo,dc=com and dc=bar,dc=net. * We do not allow modDN * dc=foo,dc=com * newrdn dc=bar * newsup dc=net * and we probably should. But since MULTIPLE_SUFFIXES is deprecated * I'm ignoring this problem for now. */ if ( op->oq_modrdn.rs_newSup != NULL ) { if ( op->oq_modrdn.rs_newSup->bv_len ) { np_dn = op->oq_modrdn.rs_newSup; np_ndn = op->oq_modrdn.rs_nnewSup; /* newSuperior == oldParent? - checked above */ /* newSuperior == entry being moved?, if so ==> ERROR */ if ( dnIsSuffix( np_ndn, &e->e_nname )) { rs->sr_err = LDAP_NO_SUCH_OBJECT; rs->sr_text = "new superior not found"; goto return_results; } /* Get Entry with dn=newSuperior. Does newSuperior exist? */ rs->sr_err = bdb_dn2entry( op, ltid, np_ndn, &neip, 0, &nplock ); switch( rs->sr_err ) { case 0: np = neip->bei_e; case DB_NOTFOUND: break; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if( np == NULL) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": newSup(ndn=%s) not here!\n", np_ndn->bv_val, 0, 0); rs->sr_text = "new superior not found"; rs->sr_err = LDAP_NO_SUCH_OBJECT; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": wr to new parent OK np=%p, id=%ld\n", (void *) np, (long) np->e_id, 0 ); /* check newSuperior for "children" acl */ rs->sr_err = access_allowed( op, np, children, NULL, ACL_WADD, NULL ); if( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": no wr to newSup children\n", 0, 0, 0 ); rs->sr_text = "no write access to new superior's children"; rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } if ( is_entry_alias( np ) ) { /* parent is an alias, don't allow add */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": entry is alias\n", 0, 0, 0 ); rs->sr_text = "new superior is an alias"; rs->sr_err = LDAP_ALIAS_PROBLEM; goto return_results; } if ( is_entry_referral( np ) ) { /* parent is a referral, don't allow add */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": entry is referral\n", 0, 0, 0 ); rs->sr_text = "new superior is a referral"; rs->sr_err = LDAP_OTHER; goto return_results; } } else { np_dn = NULL; /* no parent, modrdn entry directly under root */ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op ) ) { np = (Entry *)&slap_entry_root; /* check parent for "children" acl */ rs->sr_err = access_allowed( op, np, children, NULL, ACL_WADD, NULL ); np = NULL; if ( ! rs->sr_err ) { switch( opinfo.boi_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } rs->sr_err = LDAP_INSUFFICIENT_ACCESS; Debug( LDAP_DEBUG_TRACE, "no access to new superior\n", 0, 0, 0 ); rs->sr_text = "no write access to new superior's children"; goto return_results; } } } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": wr to new parent's children OK\n", 0, 0, 0 ); new_parent_dn = np_dn; } /* Build target dn and make sure target entry doesn't exist already. */ if (!new_dn.bv_val) { build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn, NULL ); } if (!new_ndn.bv_val) { struct berval bv = {0, NULL}; dnNormalize( 0, NULL, NULL, &new_dn, &bv, op->o_tmpmemctx ); ber_dupbv( &new_ndn, &bv ); /* FIXME: why not call dnNormalize() w/o ctx? */ op->o_tmpfree( bv.bv_val, op->o_tmpmemctx ); } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": new ndn=%s\n", new_ndn.bv_val, 0, 0 ); /* Shortcut the search */ nei = neip ? neip : eip; rs->sr_err = bdb_cache_find_ndn ( op, ltid, &new_ndn, &nei ); if ( nei ) bdb_cache_entryinfo_unlock( nei ); switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case DB_NOTFOUND: break; case 0: /* Allow rename to same DN */ if ( nei == ei ) break; rs->sr_err = LDAP_ALREADY_EXISTS; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } assert( op->orr_modlist != NULL ); if( op->o_preread ) { if( preread_ctrl == NULL ) { preread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if( slap_read_controls( op, rs, e, &slap_pre_read_bv, preread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": pre-read failed!\n", 0, 0, 0 ); if ( op->o_preread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } /* nested transaction */ rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, <2, bdb->bi_db_opflags ); rs->sr_text = NULL; if( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": txn_begin(2) failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": txn2 id: %x\n", lt2->id(lt2), 0, 0 ); /* delete old DN */ rs->sr_err = bdb_dn2id_delete( op, lt2, eip, e ); if ( rs->sr_err != 0 ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": dn2id del failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } rs->sr_err = LDAP_OTHER; rs->sr_text = "DN index delete fail"; goto return_results; } /* copy the entry, then override some fields */ dummy = *e; dummy.e_name = new_dn; dummy.e_nname = new_ndn; dummy.e_attrs = NULL; /* add new DN */ rs->sr_err = bdb_dn2id_add( op, lt2, neip ? neip : eip, &dummy ); if ( rs->sr_err != 0 ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": dn2id add failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } rs->sr_err = LDAP_OTHER; rs->sr_text = "DN index add failed"; goto return_results; } dummy.e_attrs = e->e_attrs; /* modify entry */ rs->sr_err = bdb_modify_internal( op, lt2, op->orr_modlist, &dummy, &rs->sr_text, textbuf, textlen ); if( rs->sr_err != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": modify failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); if ( ( rs->sr_err == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) { rs->sr_err = opinfo.boi_err; } if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } goto return_results; } /* id2entry index */ rs->sr_err = bdb_id2entry_update( op->o_bd, lt2, &dummy ); if ( rs->sr_err != 0 ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": id2entry failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } rs->sr_err = LDAP_OTHER; rs->sr_text = "entry update failed"; goto return_results; } if ( p_ndn.bv_len != 0 ) { parent_is_glue = is_entry_glue(p); rs->sr_err = bdb_cache_children( op, lt2, p ); if ( rs->sr_err != DB_NOTFOUND ) { switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; case 0: break; default: Debug(LDAP_DEBUG_ARGS, "<=- " LDAP_XSTRING(bdb_modrdn) ": has_children failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } parent_is_leaf = 1; } bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p); p = NULL; } if ( TXN_COMMIT( lt2, 0 ) != 0 ) { rs->sr_err = LDAP_OTHER; rs->sr_text = "txn_commit(2) failed"; goto return_results; } if( op->o_postread ) { if( postread_ctrl == NULL ) { postread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if( slap_read_controls( op, rs, &dummy, &slap_post_read_bv, postread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(bdb_modrdn) ": post-read failed!\n", 0, 0, 0 ); if ( op->o_postread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } if( op->o_noop ) { if(( rs->sr_err=TXN_ABORT( ltid )) != 0 ) { rs->sr_text = "txn_abort (no-op) failed"; } else { rs->sr_err = LDAP_X_NO_OPERATION; ltid = NULL; /* Only free attrs if they were dup'd. */ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; goto return_results; } } else { rc = bdb_cache_modrdn( bdb, e, &op->orr_nnewrdn, &dummy, neip, ltid, &lock ); switch( rc ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } dummy.e_attrs = NULL; new_dn.bv_val = NULL; new_ndn.bv_val = NULL; if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) { rs->sr_text = "txn_commit failed"; } else { rs->sr_err = LDAP_SUCCESS; } } ltid = NULL; LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next ); opinfo.boi_oe.oe_key = NULL; if( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": %s : %s (%d)\n", rs->sr_text, db_strerror(rs->sr_err), rs->sr_err ); rs->sr_err = LDAP_OTHER; goto return_results; } Debug(LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_modrdn) ": rdn modified%s id=%08lx dn=\"%s\"\n", op->o_noop ? " (no-op)" : "", dummy.e_id, op->o_req_dn.bv_val ); rs->sr_text = NULL; if( num_ctrls ) rs->sr_ctrls = ctrls; return_results: if ( dummy.e_attrs ) { attrs_free( dummy.e_attrs ); } send_ldap_result( op, rs ); if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp_kbyte ) { TXN_CHECKPOINT( bdb->bi_dbenv, bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 ); } if ( rs->sr_err == LDAP_SUCCESS && parent_is_glue && parent_is_leaf ) { op->o_delete_glue_parent = 1; } done: slap_graduate_commit_csn( op ); if( new_dn.bv_val != NULL ) free( new_dn.bv_val ); if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); /* LDAP v3 Support */ if( np != NULL ) { /* free new parent and reader lock */ bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, np); } if( p != NULL ) { /* free parent and reader lock */ bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p); } /* free entry */ if( e != NULL ) { bdb_unlocked_cache_return_entry_w( &bdb->bi_cache, e); } if( ltid != NULL ) { TXN_ABORT( ltid ); } if ( opinfo.boi_oe.oe_key ) { LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next ); } if( preread_ctrl != NULL && (*preread_ctrl) != NULL ) { slap_sl_free( (*preread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *preread_ctrl, op->o_tmpmemctx ); } if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) { slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *postread_ctrl, op->o_tmpmemctx ); } return rs->sr_err; }
int asyncmeta_handle_search_msg(LDAPMessage *res, a_metaconn_t *mc, bm_context_t *bc, int candidate) { a_metainfo_t *mi; a_metatarget_t *mt; a_metasingleconn_t *msc; Operation *op = bc->op; SlapReply *rs; int i, rc = LDAP_SUCCESS, sres; SlapReply *candidates; char **references = NULL; LDAPControl **ctrls = NULL; a_dncookie dc; LDAPMessage *msg; ber_int_t id; rs = &bc->rs; mi = mc->mc_info; mt = mi->mi_targets[ candidate ]; msc = &mc->mc_conns[ candidate ]; dc.op = op; dc.target = mt; dc.to_from = MASSAGE_REP; id = ldap_msgid(res); candidates = bc->candidates; i = candidate; while (res && !META_BACK_CONN_INVALID(msc)) { for (msg = ldap_first_message(msc->msc_ldr, res); msg; msg = ldap_next_message(msc->msc_ldr, msg)) { switch(ldap_msgtype(msg)) { case LDAP_RES_SEARCH_ENTRY: Debug( LDAP_DEBUG_TRACE, "%s asyncmeta_handle_search_msg: msc %p entry\n", op->o_log_prefix, msc ); if ( candidates[ i ].sr_type == REP_INTERMEDIATE ) { /* don't retry any more... */ candidates[ i ].sr_type = REP_RESULT; } /* count entries returned by target */ candidates[ i ].sr_nentries++; if (bc->c_peer_name.bv_val == op->o_conn->c_peer_name.bv_val && !op->o_abandon) { rs->sr_err = asyncmeta_send_entry( &bc->copy_op, rs, mc, i, msg ); } else { goto err_cleanup; } switch ( rs->sr_err ) { case LDAP_SIZELIMIT_EXCEEDED: asyncmeta_send_ldap_result(bc, op, rs); rs->sr_err = LDAP_SUCCESS; goto err_cleanup; case LDAP_UNAVAILABLE: rs->sr_err = LDAP_OTHER; break; default: break; } bc->is_ok++; break; case LDAP_RES_SEARCH_REFERENCE: if ( META_BACK_TGT_NOREFS( mt ) ) { rs->sr_err = LDAP_OTHER; asyncmeta_send_ldap_result(bc, op, rs); goto err_cleanup; } if ( candidates[ i ].sr_type == REP_INTERMEDIATE ) { /* don't retry any more... */ candidates[ i ].sr_type = REP_RESULT; } bc->is_ok++; rc = ldap_parse_reference( msc->msc_ldr, msg, &references, &rs->sr_ctrls, 0 ); if ( rc != LDAP_SUCCESS || references == NULL ) { rs->sr_err = LDAP_OTHER; asyncmeta_send_ldap_result(bc, op, rs); goto err_cleanup; } /* FIXME: merge all and return at the end */ { int cnt; for ( cnt = 0; references[ cnt ]; cnt++ ) ; rs->sr_ref = ber_memalloc_x( sizeof( struct berval ) * ( cnt + 1 ), op->o_tmpmemctx ); for ( cnt = 0; references[ cnt ]; cnt++ ) { ber_str2bv_x( references[ cnt ], 0, 1, &rs->sr_ref[ cnt ], op->o_tmpmemctx ); } BER_BVZERO( &rs->sr_ref[ cnt ] ); } { dc.memctx = op->o_tmpmemctx; ( void )asyncmeta_referral_result_rewrite( &dc, rs->sr_ref ); } if ( rs->sr_ref != NULL ) { if (!BER_BVISNULL( &rs->sr_ref[ 0 ] ) ) { /* ignore return value by now */ ( void )send_search_reference( op, rs ); } ber_bvarray_free_x( rs->sr_ref, op->o_tmpmemctx ); rs->sr_ref = NULL; } /* cleanup */ if ( references ) { ber_memvfree( (void **)references ); } if ( rs->sr_ctrls ) { ldap_controls_free( rs->sr_ctrls ); rs->sr_ctrls = NULL; } break; case LDAP_RES_INTERMEDIATE: if ( candidates[ i ].sr_type == REP_INTERMEDIATE ) { /* don't retry any more... */ candidates[ i ].sr_type = REP_RESULT; } bc->is_ok++; /* FIXME: response controls * are passed without checks */ rs->sr_err = ldap_parse_intermediate( msc->msc_ldr, msg, (char **)&rs->sr_rspoid, &rs->sr_rspdata, &rs->sr_ctrls, 0 ); if ( rs->sr_err != LDAP_SUCCESS ) { candidates[ i ].sr_type = REP_RESULT; rs->sr_err = LDAP_OTHER; asyncmeta_send_ldap_result(bc, op, rs); goto err_cleanup; } slap_send_ldap_intermediate( op, rs ); if ( rs->sr_rspoid != NULL ) { ber_memfree( (char *)rs->sr_rspoid ); rs->sr_rspoid = NULL; } if ( rs->sr_rspdata != NULL ) { ber_bvfree( rs->sr_rspdata ); rs->sr_rspdata = NULL; } if ( rs->sr_ctrls != NULL ) { ldap_controls_free( rs->sr_ctrls ); rs->sr_ctrls = NULL; } break; case LDAP_RES_SEARCH_RESULT: if ( mi->mi_idle_timeout != 0 ) { asyncmeta_set_msc_time(msc); } Debug( LDAP_DEBUG_TRACE, "%s asyncmeta_handle_search_msg: msc %p result\n", op->o_log_prefix, msc ); candidates[ i ].sr_type = REP_RESULT; candidates[ i ].sr_msgid = META_MSGID_IGNORE; /* NOTE: ignores response controls * (and intermediate response controls * as well, except for those with search * references); this may not be correct, * but if they're not ignored then * back-meta would need to merge them * consistently (think of pagedResults...) */ /* FIXME: response controls? */ rs->sr_err = ldap_parse_result( msc->msc_ldr, msg, &candidates[ i ].sr_err, (char **)&candidates[ i ].sr_matched, (char **)&candidates[ i ].sr_text, &references, &ctrls /* &candidates[ i ].sr_ctrls (unused) */ , 0 ); if ( rs->sr_err != LDAP_SUCCESS ) { candidates[ i ].sr_err = rs->sr_err; sres = slap_map_api2result( &candidates[ i ] ); candidates[ i ].sr_type = REP_RESULT; goto finish; } rs->sr_err = candidates[ i ].sr_err; /* massage matchedDN if need be */ if ( candidates[ i ].sr_matched != NULL ) { struct berval match, mmatch; ber_str2bv( candidates[ i ].sr_matched, 0, 0, &match ); candidates[ i ].sr_matched = NULL; dc.memctx = NULL; asyncmeta_dn_massage( &dc, &match, &mmatch ); if ( mmatch.bv_val == match.bv_val ) { candidates[ i ].sr_matched = ch_strdup( mmatch.bv_val ); } else { candidates[ i ].sr_matched = mmatch.bv_val; } bc->candidate_match++; ldap_memfree( match.bv_val ); } /* add references to array */ /* RFC 4511: referrals can only appear * if result code is LDAP_REFERRAL */ if ( references != NULL && references[ 0 ] != NULL && references[ 0 ][ 0 ] != '\0' ) { if ( rs->sr_err != LDAP_REFERRAL ) { Debug( LDAP_DEBUG_ANY, "%s asncmeta_search_result[%d]: " "got referrals with err=%d\n", op->o_log_prefix, i, rs->sr_err ); } else { BerVarray sr_ref; int cnt; for ( cnt = 0; references[ cnt ]; cnt++ ) ; sr_ref = ber_memalloc_x( sizeof( struct berval ) * ( cnt + 1 ), op->o_tmpmemctx ); for ( cnt = 0; references[ cnt ]; cnt++ ) { ber_str2bv_x( references[ cnt ], 0, 1, &sr_ref[ cnt ], op->o_tmpmemctx ); } BER_BVZERO( &sr_ref[ cnt ] ); dc.memctx = op->o_tmpmemctx; ( void )asyncmeta_referral_result_rewrite( &dc, sr_ref ); if ( rs->sr_v2ref == NULL ) { rs->sr_v2ref = sr_ref; } else { for ( cnt = 0; !BER_BVISNULL( &sr_ref[ cnt ] ); cnt++ ) { ber_bvarray_add_x( &rs->sr_v2ref, &sr_ref[ cnt ], op->o_tmpmemctx ); } ber_memfree_x( sr_ref, op->o_tmpmemctx ); } } } else if ( rs->sr_err == LDAP_REFERRAL ) { Debug( LDAP_DEBUG_TRACE, "%s asyncmeta_search_result[%d]: " "got err=%d with null " "or empty referrals\n", op->o_log_prefix, i, rs->sr_err ); rs->sr_err = LDAP_NO_SUCH_OBJECT; } /* cleanup */ ber_memvfree( (void **)references ); sres = slap_map_api2result( rs ); if ( candidates[ i ].sr_err == LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "%s asyncmeta_search_result[%d] " "match=\"%s\" err=%ld", op->o_log_prefix, i, candidates[ i ].sr_matched ? candidates[ i ].sr_matched : "", (long) candidates[ i ].sr_err ); } else { Debug( LDAP_DEBUG_ANY, "%s asyncmeta_search_result[%d] " "match=\"%s\" err=%ld (%s)", op->o_log_prefix, i, candidates[ i ].sr_matched ? candidates[ i ].sr_matched : "", (long) candidates[ i ].sr_err, ldap_err2string( candidates[ i ].sr_err ) ); } switch ( sres ) { case LDAP_NO_SUCH_OBJECT: /* is_ok is touched any time a valid * (even intermediate) result is * returned; as a consequence, if * a candidate returns noSuchObject * it is ignored and the candidate * is simply demoted. */ if ( bc->is_ok ) { sres = LDAP_SUCCESS; } break; case LDAP_SUCCESS: if ( ctrls != NULL && ctrls[0] != NULL ) { #ifdef SLAPD_META_CLIENT_PR LDAPControl *pr_c; pr_c = ldap_control_find( LDAP_CONTROL_PAGEDRESULTS, ctrls, NULL ); if ( pr_c != NULL ) { BerElementBuffer berbuf; BerElement *ber = (BerElement *)&berbuf; ber_tag_t tag; ber_int_t prsize; struct berval prcookie; /* unsolicited, do not accept */ if ( mt->mt_ps == 0 ) { rs->sr_err = LDAP_OTHER; goto err_pr; } ber_init2( ber, &pr_c->ldctl_value, LBER_USE_DER ); tag = ber_scanf( ber, "{im}", &prsize, &prcookie ); if ( tag == LBER_ERROR ) { rs->sr_err = LDAP_OTHER; goto err_pr; } /* more pages? new search request */ if ( !BER_BVISNULL( &prcookie ) && !BER_BVISEMPTY( &prcookie ) ) { if ( mt->mt_ps > 0 ) { /* ignore size if specified */ prsize = 0; } else if ( prsize == 0 ) { /* guess the page size from the entries returned so far */ prsize = candidates[ i ].sr_nentries; } candidates[ i ].sr_nentries = 0; candidates[ i ].sr_msgid = META_MSGID_IGNORE; candidates[ i ].sr_type = REP_INTERMEDIATE; assert( candidates[ i ].sr_matched == NULL ); assert( candidates[ i ].sr_text == NULL ); assert( candidates[ i ].sr_ref == NULL ); switch ( asyncmeta_back_search_start( &bc->copy_op, rs, mc, bc, i, &prcookie, prsize, 1 ) ) { case META_SEARCH_CANDIDATE: assert( candidates[ i ].sr_msgid >= 0 ); ldap_controls_free( ctrls ); // goto free_message; case META_SEARCH_ERR: case META_SEARCH_NEED_BIND: err_pr:; candidates[ i ].sr_err = rs->sr_err; candidates[ i ].sr_type = REP_RESULT; if ( META_BACK_ONERR_STOP( mi ) ) { asyncmeta_send_ldap_result(bc, op, rs); ldap_controls_free( ctrls ); goto err_cleanup; } /* fallthru */ case META_SEARCH_NOT_CANDIDATE: /* means that asyncmeta_back_search_start() * failed but onerr == continue */ candidates[ i ].sr_msgid = META_MSGID_IGNORE; candidates[ i ].sr_type = REP_RESULT; break; default: /* impossible */ assert( 0 ); break; } break; } } #endif /* SLAPD_META_CLIENT_PR */ ldap_controls_free( ctrls ); } /* fallthru */ case LDAP_REFERRAL: bc->is_ok++; break; case LDAP_SIZELIMIT_EXCEEDED: /* if a target returned sizelimitExceeded * and the entry count is equal to the * proxy's limit, the target would have * returned more, and the error must be * propagated to the client; otherwise, * the target enforced a limit lower * than what requested by the proxy; * ignore it */ candidates[ i ].sr_err = rs->sr_err; if ( rs->sr_nentries == op->ors_slimit || META_BACK_ONERR_STOP( mi ) ) { const char *save_text; got_err: save_text = rs->sr_text; rs->sr_text = candidates[ i ].sr_text; asyncmeta_send_ldap_result(bc, op, rs); if (candidates[ i ].sr_text != NULL) { ch_free( (char *)candidates[ i ].sr_text ); candidates[ i ].sr_text = NULL; } rs->sr_text = save_text; ldap_controls_free( ctrls ); goto err_cleanup; } break; default: candidates[ i ].sr_err = rs->sr_err; if ( META_BACK_ONERR_STOP( mi ) ) { goto got_err; } break; } /* if this is the last result we will ever receive, send it back */ rc = rs->sr_err; if (asyncmeta_is_last_result(mc, bc, i) == 0) { Debug( LDAP_DEBUG_TRACE, "%s asyncmeta_handle_search_msg: msc %p last result\n", op->o_log_prefix, msc ); asyncmeta_search_last_result(mc, bc, i, sres); err_cleanup: rc = rs->sr_err; ldap_pvt_thread_mutex_lock( &mc->mc_om_mutex ); asyncmeta_drop_bc( mc, bc); asyncmeta_clear_bm_context(bc); ldap_pvt_thread_mutex_unlock( &mc->mc_om_mutex ); ldap_msgfree(res); return rc; } finish: break; default: continue; } } ldap_msgfree(res); res = NULL; if (candidates[ i ].sr_type != REP_RESULT) { struct timeval tv = {0}; rc = ldap_result( msc->msc_ldr, id, LDAP_MSG_RECEIVED, &tv, &res ); if (res != NULL) { msc->msc_result_time = slap_get_time(); } } } ldap_pvt_thread_mutex_lock( &mc->mc_om_mutex ); bc->bc_active--; ldap_pvt_thread_mutex_unlock( &mc->mc_om_mutex ); return rc; }
int dnssrv_back_search( Operation *op, SlapReply *rs ) { int i; int rc; char *domain = NULL; char *hostlist = NULL; char **hosts = NULL; char *refdn; struct berval nrefdn = BER_BVNULL; BerVarray urls = NULL; int manageDSAit; rs->sr_ref = NULL; if ( BER_BVISEMPTY( &op->o_req_ndn ) ) { /* FIXME: need some means to determine whether the database * is a glue instance; if we got here with empty DN, then * we passed this same test in dnssrv_back_referrals() */ if ( !SLAP_GLUE_INSTANCE( op->o_bd ) ) { rs->sr_err = LDAP_UNWILLING_TO_PERFORM; rs->sr_text = "DNS SRV operation upon null (empty) DN disallowed"; } else { rs->sr_err = LDAP_SUCCESS; } goto done; } manageDSAit = get_manageDSAit( op ); /* * FIXME: we may return a referral if manageDSAit is not set */ if ( !manageDSAit ) { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "manageDSAit must be set" ); goto done; } if( ldap_dn2domain( op->o_req_dn.bv_val, &domain ) || domain == NULL ) { rs->sr_err = LDAP_REFERRAL; rs->sr_ref = default_referral; send_ldap_result( op, rs ); rs->sr_ref = NULL; goto done; } Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" -> domain=\"%s\"\n", op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", domain ); if( ( rc = ldap_domain2hostlist( domain, &hostlist ) ) ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: domain2hostlist returned %d\n", rc ); send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, "no DNS SRV RR available for DN" ); goto done; } hosts = ldap_str2charray( hostlist, " " ); if( hosts == NULL ) { Debug( LDAP_DEBUG_TRACE, "DNSSRV: str2charray error\n" ); send_ldap_error( op, rs, LDAP_OTHER, "problem processing DNS SRV records for DN" ); goto done; } for( i=0; hosts[i] != NULL; i++) { struct berval url; url.bv_len = STRLENOF( "ldap://" ) + strlen(hosts[i]); url.bv_val = ch_malloc( url.bv_len + 1 ); strcpy( url.bv_val, "ldap://" ); strcpy( &url.bv_val[STRLENOF( "ldap://" )], hosts[i] ); if( ber_bvarray_add( &urls, &url ) < 0 ) { free( url.bv_val ); send_ldap_error( op, rs, LDAP_OTHER, "problem processing DNS SRV records for DN" ); goto done; } } Debug( LDAP_DEBUG_STATS, "%s DNSSRV p=%d dn=\"%s\" url=\"%s\"\n", op->o_log_prefix, op->o_protocol, op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", urls[0].bv_val ); Debug( LDAP_DEBUG_TRACE, "DNSSRV: ManageDSAit scope=%d dn=\"%s\" -> url=\"%s\"\n", op->oq_search.rs_scope, op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", urls[0].bv_val ); rc = ldap_domain2dn(domain, &refdn); if( rc != LDAP_SUCCESS ) { send_ldap_error( op, rs, LDAP_OTHER, "DNS SRV problem processing manageDSAit control" ); goto done; } else { struct berval bv; bv.bv_val = refdn; bv.bv_len = strlen( refdn ); rc = dnNormalize( 0, NULL, NULL, &bv, &nrefdn, op->o_tmpmemctx ); if( rc != LDAP_SUCCESS ) { send_ldap_error( op, rs, LDAP_OTHER, "DNS SRV problem processing manageDSAit control" ); goto done; } } if( !dn_match( &nrefdn, &op->o_req_ndn ) ) { /* requested dn is subordinate */ Debug( LDAP_DEBUG_TRACE, "DNSSRV: dn=\"%s\" subordinate to refdn=\"%s\"\n", op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "", refdn == NULL ? "" : refdn ); rs->sr_matched = refdn; rs->sr_err = LDAP_NO_SUCH_OBJECT; send_ldap_result( op, rs ); rs->sr_matched = NULL; } else if ( op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL ) { send_ldap_error( op, rs, LDAP_SUCCESS, NULL ); } else { Entry e = { 0 }; AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; AttributeDescription *ad_ref = slap_schema.si_ad_ref; e.e_name.bv_val = ch_strdup( op->o_req_dn.bv_val ); e.e_name.bv_len = op->o_req_dn.bv_len; e.e_nname.bv_val = ch_strdup( op->o_req_ndn.bv_val ); e.e_nname.bv_len = op->o_req_ndn.bv_len; e.e_attrs = NULL; e.e_private = NULL; attr_merge_one( &e, ad_objectClass, &slap_schema.si_oc_referral->soc_cname, NULL ); attr_merge_one( &e, ad_objectClass, &slap_schema.si_oc_extensibleObject->soc_cname, NULL ); if ( ad_dc ) { char *p; struct berval bv; bv.bv_val = domain; p = strchr( bv.bv_val, '.' ); if ( p == bv.bv_val ) { bv.bv_len = 1; } else if ( p != NULL ) { bv.bv_len = p - bv.bv_val; } else { bv.bv_len = strlen( bv.bv_val ); } attr_merge_normalize_one( &e, ad_dc, &bv, NULL ); } if ( ad_associatedDomain ) { struct berval bv; ber_str2bv( domain, 0, 0, &bv ); attr_merge_normalize_one( &e, ad_associatedDomain, &bv, NULL ); } attr_merge_normalize_one( &e, ad_ref, urls, NULL ); rc = test_filter( op, &e, op->oq_search.rs_filter ); if( rc == LDAP_COMPARE_TRUE ) { rs->sr_entry = &e; rs->sr_attrs = op->oq_search.rs_attrs; rs->sr_flags = REP_ENTRY_MODIFIABLE; send_search_entry( op, rs ); rs->sr_entry = NULL; rs->sr_attrs = NULL; rs->sr_flags = 0; } entry_clean( &e ); rs->sr_err = LDAP_SUCCESS; send_ldap_result( op, rs ); } free( refdn ); if ( nrefdn.bv_val ) free( nrefdn.bv_val ); done: if( domain != NULL ) ch_free( domain ); if( hostlist != NULL ) ch_free( hostlist ); if( hosts != NULL ) ldap_charray_free( hosts ); if( urls != NULL ) ber_bvarray_free( urls ); return 0; }
int mdb_modify( Operation *op, SlapReply *rs ) { struct mdb_info *mdb = (struct mdb_info *) op->o_bd->be_private; Entry *e = NULL; int manageDSAit = get_manageDSAit( op ); char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; MDB_txn *txn = NULL; mdb_op_info opinfo = {{{ 0 }}}, *moi = &opinfo; Entry dummy = {0}; LDAPControl **preread_ctrl = NULL; LDAPControl **postread_ctrl = NULL; LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS]; int num_ctrls = 0; #ifdef LDAP_X_TXN int settle = 0; #endif Debug( LDAP_DEBUG_ARGS, LDAP_XSTRING(mdb_modify) ": %s\n", op->o_req_dn.bv_val, 0, 0 ); #ifdef LDAP_X_TXN if( op->o_txnSpec ) { /* acquire connection lock */ ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); if( op->o_conn->c_txn == CONN_TXN_INACTIVE ) { rs->sr_text = "invalid transaction identifier"; rs->sr_err = LDAP_X_TXN_ID_INVALID; goto txnReturn; } else if( op->o_conn->c_txn == CONN_TXN_SETTLE ) { settle=1; goto txnReturn; } if( op->o_conn->c_txn_backend == NULL ) { op->o_conn->c_txn_backend = op->o_bd; } else if( op->o_conn->c_txn_backend != op->o_bd ) { rs->sr_text = "transaction cannot span multiple database contexts"; rs->sr_err = LDAP_AFFECTS_MULTIPLE_DSAS; goto txnReturn; } /* insert operation into transaction */ rs->sr_text = "transaction specified"; rs->sr_err = LDAP_X_TXN_SPECIFY_OKAY; txnReturn: /* release connection lock */ ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); if( !settle ) { send_ldap_result( op, rs ); return rs->sr_err; } } #endif ctrls[num_ctrls] = NULL; /* Don't touch the opattrs, if this is a contextCSN update * initiated from updatedn */ if ( !be_isupdate(op) || !op->orm_modlist || op->orm_modlist->sml_next || op->orm_modlist->sml_desc != slap_schema.si_ad_contextCSN ) { slap_mods_opattrs( op, &op->orm_modlist, 1 ); } /* begin transaction */ rs->sr_err = mdb_opinfo_get( op, mdb, 0, &moi ); rs->sr_text = NULL; if( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": txn_begin failed: " "%s (%d)\n", mdb_strerror(rs->sr_err), rs->sr_err, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } txn = moi->moi_txn; /* get entry or ancestor */ rs->sr_err = mdb_dn2entry( op, txn, NULL, &op->o_req_ndn, &e, 1 ); if ( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": dn2entry failed (%d)\n", rs->sr_err, 0, 0 ); switch( rs->sr_err ) { case MDB_NOTFOUND: break; case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } } /* acquire and lock entry */ /* FIXME: dn2entry() should return non-glue entry */ if (( rs->sr_err == MDB_NOTFOUND ) || ( !manageDSAit && e && is_entry_glue( e ))) { if ( e != NULL ) { rs->sr_matched = ch_strdup( e->e_dn ); if ( is_entry_referral( e )) { BerVarray ref = get_entry_referrals( op, e ); rs->sr_ref = referral_rewrite( ref, &e->e_name, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); ber_bvarray_free( ref ); } else { rs->sr_ref = NULL; } mdb_entry_return( op, e ); e = NULL; } else { rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED; rs->sr_err = LDAP_REFERRAL; send_ldap_result( op, rs ); goto done; } if ( !manageDSAit && is_entry_referral( e ) ) { /* entry is a referral, don't allow modify */ rs->sr_ref = get_entry_referrals( op, e ); Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": entry is referral\n", 0, 0, 0 ); rs->sr_err = LDAP_REFERRAL; rs->sr_matched = e->e_name.bv_val; rs->sr_flags = REP_REF_MUSTBEFREED; send_ldap_result( op, rs ); rs->sr_matched = NULL; goto done; } if ( get_assert( op ) && ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE )) { rs->sr_err = LDAP_ASSERTION_FAILED; goto return_results; } if( op->o_preread ) { if( preread_ctrl == NULL ) { preread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if ( slap_read_controls( op, rs, e, &slap_pre_read_bv, preread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(mdb_modify) ": pre-read " "failed!\n", 0, 0, 0 ); if ( op->o_preread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } /* Modify the entry */ dummy = *e; rs->sr_err = mdb_modify_internal( op, txn, op->orm_modlist, &dummy, &rs->sr_text, textbuf, textlen ); if( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": modify failed (%d)\n", rs->sr_err, 0, 0 ); /* Only free attrs if they were dup'd. */ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; goto return_results; } /* change the entry itself */ rs->sr_err = mdb_id2entry_update( op, txn, NULL, &dummy ); if ( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": id2entry update failed " "(%d)\n", rs->sr_err, 0, 0 ); rs->sr_text = "entry update failed"; goto return_results; } if( op->o_postread ) { if( postread_ctrl == NULL ) { postread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if( slap_read_controls( op, rs, &dummy, &slap_post_read_bv, postread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(mdb_modify) ": post-read failed!\n", 0, 0, 0 ); if ( op->o_postread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } /* Only free attrs if they were dup'd. */ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; if( moi == &opinfo ) { LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.moi_oe, OpExtra, oe_next ); opinfo.moi_oe.oe_key = NULL; if( op->o_noop ) { mdb_txn_abort( txn ); rs->sr_err = LDAP_X_NO_OPERATION; txn = NULL; goto return_results; } else { rs->sr_err = mdb_txn_commit( txn ); txn = NULL; } } if( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": txn_%s failed: %s (%d)\n", op->o_noop ? "abort (no-op)" : "commit", mdb_strerror(rs->sr_err), rs->sr_err ); rs->sr_err = LDAP_OTHER; rs->sr_text = "commit failed"; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(mdb_modify) ": updated%s id=%08lx dn=\"%s\"\n", op->o_noop ? " (no-op)" : "", dummy.e_id, op->o_req_dn.bv_val ); rs->sr_err = LDAP_SUCCESS; rs->sr_text = NULL; if( num_ctrls ) rs->sr_ctrls = ctrls; return_results: if( dummy.e_attrs ) { attrs_free( dummy.e_attrs ); } send_ldap_result( op, rs ); #if 0 if( rs->sr_err == LDAP_SUCCESS && mdb->bi_txn_cp_kbyte ) { TXN_CHECKPOINT( mdb->bi_dbenv, mdb->bi_txn_cp_kbyte, mdb->bi_txn_cp_min, 0 ); } #endif done: slap_graduate_commit_csn( op ); if( moi == &opinfo ) { if( txn != NULL ) { mdb_txn_abort( txn ); } if ( opinfo.moi_oe.oe_key ) { LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.moi_oe, OpExtra, oe_next ); } } if( e != NULL ) { mdb_entry_return( op, e ); } if( preread_ctrl != NULL && (*preread_ctrl) != NULL ) { slap_sl_free( (*preread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *preread_ctrl, op->o_tmpmemctx ); } if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) { slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *postread_ctrl, op->o_tmpmemctx ); } rs->sr_text = NULL; return rs->sr_err; }