--- servers/slapd/overlays/rwm.c 2004/12/01 20:47:13 1.37
+++ servers/slapd/overlays/rwm.c 2006/01/03 22:16:25 1.37.2.15
@@ -1,8 +1,8 @@
/* rwm.c - rewrite/remap operations */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.36 2004/11/13 16:27:15 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.37.2.14 2005/11/26 23:54:52 kurt Exp $ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2003-2006 The OpenLDAP Foundation.
* Portions Copyright 2003 Pierangelo Masarati.
* All rights reserved.
*
@@ -34,7 +34,6 @@ rwm_op_dn_massage( Operation *op, SlapRe
(struct ldaprwmap *)on->on_bi.bi_private;
struct berval dn = BER_BVNULL,
- *dnp = NULL,
ndn = BER_BVNULL;
int rc = 0;
dncookie dc;
@@ -56,34 +55,38 @@ rwm_op_dn_massage( Operation *op, SlapRe
* and the caller sets op->o_req_dn = op->o_req_ndn,
* only rewrite the op->o_req_ndn and use it as
* op->o_req_dn as well */
+ ndn = op->o_req_ndn;
if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
- dnp = &dn;
+ dn = op->o_req_dn;
+ rc = rwm_dn_massage_pretty_normalize( &dc, &op->o_req_dn, &dn, &ndn );
+ } else {
+ rc = rwm_dn_massage_normalize( &dc, &op->o_req_ndn, &ndn );
}
- rc = rwm_dn_massage( &dc, &op->o_req_dn, dnp, &ndn );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
- if ( ( dnp && dn.bv_val == op->o_req_dn.bv_val ) ||
- ( !dnp && ndn.bv_val == op->o_req_ndn.bv_val ) ) {
+ if ( ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val && dn.bv_val == op->o_req_dn.bv_val )
+ || ndn.bv_val == op->o_req_ndn.bv_val )
+ {
return LDAP_SUCCESS;
}
- op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
- if ( dnp ) {
+ if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
op->o_req_dn = dn;
} else {
op->o_req_dn = ndn;
}
+ op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
op->o_req_ndn = ndn;
return LDAP_SUCCESS;
}
static int
-rwm_add( Operation *op, SlapReply *rs )
+rwm_op_add( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -93,6 +96,7 @@ rwm_add( Operation *op, SlapReply *rs )
i;
Attribute **ap = NULL;
char *olddn = op->o_req_dn.bv_val;
+ int isupdate;
#ifdef ENABLE_REWRITE
rc = rwm_op_dn_massage( op, rs, "addDN" );
@@ -107,64 +111,105 @@ rwm_add( Operation *op, SlapReply *rs )
}
if ( olddn != op->o_req_dn.bv_val ) {
- ch_free( op->ora_e->e_name.bv_val );
- ch_free( op->ora_e->e_nname.bv_val );
-
- ber_dupbv( &op->ora_e->e_name, &op->o_req_dn );
- ber_dupbv( &op->ora_e->e_nname, &op->o_req_ndn );
+ ber_bvreplace( &op->ora_e->e_name, &op->o_req_dn );
+ ber_bvreplace( &op->ora_e->e_nname, &op->o_req_ndn );
}
/* Count number of attributes in entry */
+ isupdate = be_shadow_update( op );
for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
- struct berval mapped;
Attribute *a;
- if ( (*ap)->a_desc->ad_type->sat_no_user_mod ) {
- goto next_attr;
- }
+ if ( (*ap)->a_desc == slap_schema.si_ad_objectClass ||
+ (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
+ {
+ int j, last;
- rwm_map( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
- &mapped, RWM_MAP );
- if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
- goto cleanup_attr;
- }
+ for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[ last ] ); last++ )
+ /* count values */ ;
+ last--;
+ for ( j = 0; !BER_BVISNULL( &(*ap)->a_vals[ j ] ); j++ ) {
+ struct ldapmapping *mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_oc, &(*ap)->a_vals[ j ],
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ /* FIXME: we allow to remove objectClasses as well;
+ * if the resulting entry is inconsistent, that's
+ * the relayed database's business...
+ */
+ ch_free( (*ap)->a_vals[ j ].bv_val );
+ if ( last > j ) {
+ (*ap)->a_vals[ j ] = (*ap)->a_vals[ last ];
+ }
+ BER_BVZERO( &(*ap)->a_vals[ last ] );
+ last--;
+ j--;
+ }
- if ( (*ap)->a_desc->ad_type->sat_syntax
- == slap_schema.si_syn_distinguishedName )
+ } else {
+ ch_free( (*ap)->a_vals[ j ].bv_val );
+ ber_dupbv( &(*ap)->a_vals[ j ], &mapping->m_dst );
+ }
+ }
+
+ } else if ( !isupdate && !get_manageDIT( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
{
- /*
- * FIXME: rewrite could fail; in this case
- * the operation should give up, right?
- */
-#ifdef ENABLE_REWRITE
- rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
- (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ goto next_attr;
+
+ } else {
+ struct ldapmapping *mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ goto cleanup_attr;
+ }
+ }
+
+ if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
+ {
+ /*
+ * FIXME: rewrite could fail; in this case
+ * the operation should give up, right?
+ */
+#ifdef ENABLE_REWRITE
+ rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
+ (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#else /* ! ENABLE_REWRITE */
- rc = 1;
- rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = 1;
+ rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#endif /* ! ENABLE_REWRITE */
- if ( rc ) {
- goto cleanup_attr;
- }
+ if ( rc ) {
+ goto cleanup_attr;
+ }
- } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
+ } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
#ifdef ENABLE_REWRITE
- rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
- (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
+ (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#else /* ! ENABLE_REWRITE */
- rc = 1;
- rc = rwm_referral_rewrite( op, rs, &rc, (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = 1;
+ rc = rwm_referral_rewrite( op, rs, &rc, (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#endif /* ! ENABLE_REWRITE */
- if ( rc != LDAP_SUCCESS ) {
- goto cleanup_attr;
+ if ( rc != LDAP_SUCCESS ) {
+ goto cleanup_attr;
+ }
+ }
+
+ if ( mapping != NULL ) {
+ assert( mapping->m_dst_ad != NULL );
+ (*ap)->a_desc = mapping->m_dst_ad;
}
}
-
next_attr:;
ap = &(*ap)->a_next;
continue;
@@ -181,18 +226,39 @@ cleanup_attr:;
return SLAP_CB_CONTINUE;
}
+#ifdef ENABLE_REWRITE
static int
-rwm_bind( Operation *op, SlapReply *rs )
+rwm_conn_init( BackendDB *be, Connection *conn )
{
- slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
+
+ ( void )rewrite_session_init( rwmap->rwm_rw, conn );
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+rwm_conn_destroy( BackendDB *be, Connection *conn )
+{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ struct ldaprwmap *rwmap =
+ (struct ldaprwmap *)on->on_bi.bi_private;
+
+ ( void )rewrite_session_delete( rwmap->rwm_rw, conn );
+
+ return SLAP_CB_CONTINUE;
+}
+#endif /* ENABLE_REWRITE */
+
+static int
+rwm_op_bind( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
#ifdef ENABLE_REWRITE
- ( void )rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
- ( void )rewrite_session_init( rwmap->rwm_rw, op->o_conn );
-
rc = rwm_op_dn_massage( op, rs, "bindDN" );
#else /* ! ENABLE_REWRITE */
rc = 1;
@@ -208,7 +274,7 @@ rwm_bind( Operation *op, SlapReply *rs )
}
static int
-rwm_unbind( Operation *op, SlapReply *rs )
+rwm_op_unbind( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -222,7 +288,7 @@ rwm_unbind( Operation *op, SlapReply *rs
}
static int
-rwm_compare( Operation *op, SlapReply *rs )
+rwm_op_compare( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -257,21 +323,30 @@ rwm_compare( Operation *op, SlapReply *r
return -1;
} else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
- free( op->orc_ava->aa_value.bv_val );
- op->orc_ava->aa_value = mapped_vals[0];
+ ber_bvreplace_x( &op->orc_ava->aa_value, &mapped_vals[0], op->o_tmpmemctx );
}
mapped_at = op->orc_ava->aa_desc->ad_cname;
} else {
- rwm_map( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
- &mapped_at, RWM_MAP );
- if ( BER_BVISNULL( &mapped_at ) || BER_BVISEMPTY( &mapped_at ) )
- {
- op->o_bd->bd_info = (BackendInfo *)on->on_info;
- send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
- return -1;
+ struct ldapmapping *mapping = NULL;
+ AttributeDescription *ad = op->orc_ava->aa_desc;
+
+ ( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
+ return -1;
+ }
+
+ } else {
+ assert( mapping->m_dst_ad != NULL );
+ ad = mapping->m_dst_ad;
}
- if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
+
+ if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
struct berval *mapped_valsp[2];
@@ -293,15 +368,23 @@ rwm_compare( Operation *op, SlapReply *r
return -1;
}
- op->orc_ava->aa_value = mapped_vals[0];
+ if ( mapped_vals[ 0 ].bv_val != op->orc_ava->aa_value.bv_val ) {
+ /* NOTE: if we get here, rwm_dnattr_rewrite()
+ * already freed the old value, so now
+ * it's invalid */
+ ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
+ op->o_tmpmemctx );
+ ber_memfree_x( mapped_vals[ 0 ].bv_val, NULL );
+ }
}
+ op->orc_ava->aa_desc = ad;
}
return SLAP_CB_CONTINUE;
}
static int
-rwm_delete( Operation *op, SlapReply *rs )
+rwm_op_delete( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
@@ -322,12 +405,13 @@ rwm_delete( Operation *op, SlapReply *rs
}
static int
-rwm_modify( Operation *op, SlapReply *rs )
+rwm_op_modify( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
+ int isupdate;
Modifications **mlp;
int rc;
@@ -343,72 +427,70 @@ rwm_modify( Operation *op, SlapReply *rs
return -1;
}
+ isupdate = be_shadow_update( op );
for ( mlp = &op->oq_modify.rs_modlist; *mlp; ) {
- int is_oc = 0;
- Modifications *ml;
-
- if ( (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
- goto next_mod;
- }
+ int is_oc = 0;
+ Modifications *ml;
+ struct ldapmapping *mapping = NULL;
if ( (*mlp)->sml_desc == slap_schema.si_ad_objectClass
- || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass ) {
+ || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass )
+ {
is_oc = 1;
+ } else if ( !isupdate && !get_manageDIT( op ) && (*mlp)->sml_desc->ad_type->sat_no_user_mod )
+ {
+ goto next_mod;
+
} else {
- struct ldapmapping *m;
int drop_missing;
- drop_missing = rwm_mapping( &rwmap->rwm_at, &(*mlp)->sml_desc->ad_cname, &m, RWM_MAP );
- if ( drop_missing || ( m != NULL && BER_BVISNULL( &m->m_dst ) ) )
+ drop_missing = rwm_mapping( &rwmap->rwm_at,
+ &(*mlp)->sml_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( drop_missing || ( mapping != NULL && BER_BVISNULL( &mapping->m_dst ) ) )
{
goto cleanup_mod;
}
-
- if ( m ) {
- /* use new attribute description */
- assert( m->m_dst_ad );
- (*mlp)->sml_desc = m->m_dst_ad;
- }
}
if ( (*mlp)->sml_values != NULL ) {
if ( is_oc ) {
int last, j;
- for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[last] ); last++ )
+ for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[ last ] ); last++ )
/* count values */ ;
last--;
- for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[j] ); j++ ) {
- struct berval mapped = BER_BVNULL;
-
- rwm_map( &rwmap->rwm_oc,
- &(*mlp)->sml_values[j],
- &mapped, RWM_MAP );
- if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
- /* FIXME: we allow to remove objectClasses as well;
- * if the resulting entry is inconsistent, that's
- * the relayed database's business...
- */
-#if 0
- goto cleanup_mod;
-#endif
- if ( last > j ) {
- (*mlp)->sml_values[j] = (*mlp)->sml_values[last];
- BER_BVZERO( &(*mlp)->sml_values[last] );
+ for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[ j ] ); j++ ) {
+ struct ldapmapping *oc_mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_oc, &(*mlp)->sml_values[ j ],
+ &oc_mapping, RWM_MAP );
+ if ( oc_mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ /* FIXME: we allow to remove objectClasses as well;
+ * if the resulting entry is inconsistent, that's
+ * the relayed database's business...
+ */
+ ch_free( (*mlp)->sml_values[ j ].bv_val );
+ if ( last > j ) {
+ (*mlp)->sml_values[ j ] = (*mlp)->sml_values[ last ];
+ }
+ BER_BVZERO( &(*mlp)->sml_values[ last ] );
+ last--;
+ j--;
}
- last--;
-
+
} else {
- ch_free( (*mlp)->sml_values[j].bv_val );
- ber_dupbv( &(*mlp)->sml_values[j], &mapped );
+ ch_free( (*mlp)->sml_values[ j ].bv_val );
+ ber_dupbv( &(*mlp)->sml_values[ j ], &oc_mapping->m_dst );
}
}
} else {
- if ( (*mlp)->sml_desc->ad_type->sat_syntax ==
- slap_schema.si_syn_distinguishedName )
+ if ( (*mlp)->sml_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
#ifdef ENABLE_REWRITE
rc = rwm_dnattr_rewrite( op, rs, "modifyAttrDN",
@@ -445,6 +527,12 @@ rwm_modify( Operation *op, SlapReply *rs
}
next_mod:;
+ if ( mapping != NULL ) {
+ /* use new attribute description */
+ assert( mapping->m_dst_ad != NULL );
+ (*mlp)->sml_desc = mapping->m_dst_ad;
+ }
+
mlp = &(*mlp)->sml_next;
continue;
@@ -455,12 +543,11 @@ cleanup_mod:;
free( ml );
}
- /* TODO: rewrite attribute types, values of DN-valued attributes ... */
return SLAP_CB_CONTINUE;
}
static int
-rwm_modrdn( Operation *op, SlapReply *rs )
+rwm_op_modrdn( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -485,7 +572,9 @@ rwm_modrdn( Operation *op, SlapReply *rs
dc.tofrom = 0;
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
- rc = rwm_dn_massage( &dc, op->orr_newSup, &newSup, &nnewSup );
+ newSup = *op->orr_newSup;
+ nnewSup = *op->orr_nnewSup;
+ rc = rwm_dn_massage_pretty_normalize( &dc, op->orr_newSup, &newSup, &nnewSup );
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
@@ -515,10 +604,41 @@ rwm_modrdn( Operation *op, SlapReply *rs
return -1;
}
- /* TODO: rewrite attribute types, values of DN-valued attributes ... */
+ /* TODO: rewrite newRDN, attribute types,
+ * values of DN-valued attributes ... */
return SLAP_CB_CONTINUE;
}
+static slap_callback rwm_cb;
+
+static void
+rwm_keyfree(
+ void *key,
+ void *data )
+{
+ ber_memfree_x( data, NULL );
+}
+
+static slap_callback *
+rwm_callback_get( Operation *op )
+{
+ void *data = NULL;
+
+ if ( op->o_threadctx == NULL ) {
+ return &rwm_cb;
+ }
+
+ ldap_pvt_thread_pool_getkey( op->o_threadctx,
+ rwm_keyfree, &data, NULL );
+ if ( data == NULL ) {
+ data = ch_calloc( sizeof( slap_callback ), 1 );
+ ldap_pvt_thread_pool_setkey( op->o_threadctx,
+ rwm_keyfree, data, rwm_keyfree );
+ }
+
+ return (slap_callback *)data;
+}
+
static int
rwm_swap_attrs( Operation *op, SlapReply *rs )
{
@@ -530,20 +650,8 @@ rwm_swap_attrs( Operation *op, SlapReply
return SLAP_CB_CONTINUE;
}
-static int rwm_freeself( Operation *op, SlapReply *rs )
-{
- if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_RESULT ) {
- assert( op->o_callback );
-
- op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
- op->o_callback = NULL;
- }
-
- return SLAP_CB_CONTINUE;
-}
-
static int
-rwm_search( Operation *op, SlapReply *rs )
+rwm_op_search( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -555,13 +663,16 @@ rwm_search( Operation *op, SlapReply *rs
struct berval fstr = BER_BVNULL;
Filter *f = NULL;
- slap_callback *cb;
+ slap_callback *cb = NULL;
AttributeName *an = NULL;
char *text = NULL;
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "searchDN" );
+ rc = rewrite_session_var_set( rwmap->rwm_rw, op->o_conn,
+ "searchFilter", op->ors_filterstr.bv_val );
+ if ( rc == LDAP_SUCCESS )
+ rc = rwm_op_dn_massage( op, rs, "searchDN" );
#else /* ! ENABLE_REWRITE */
rc = 1;
rc = rwm_op_dn_massage( op, rs, &rc );
@@ -584,7 +695,7 @@ rwm_search( Operation *op, SlapReply *rs
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
- rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
+ rc = rwm_filter_map_rewrite( op, &dc, op->ors_filter, &fstr );
if ( rc != LDAP_SUCCESS ) {
text = "searchFilter/searchFilterAttrDN massage error";
goto error_return;
@@ -615,15 +726,10 @@ rwm_search( Operation *op, SlapReply *rs
goto error_return;
}
- cb = (slap_callback *) op->o_tmpcalloc( sizeof( slap_callback ),
- 1, op->o_tmpmemctx );
- if ( cb == NULL ) {
- rc = LDAP_NO_MEMORY;
- goto error_return;
- }
+ cb = rwm_callback_get( op );
cb->sc_response = rwm_swap_attrs;
- cb->sc_cleanup = rwm_freeself;
+ cb->sc_cleanup = NULL;
cb->sc_private = (void *)op->ors_attrs;
cb->sc_next = op->o_callback;
@@ -699,7 +805,8 @@ rwm_matched( Operation *op, SlapReply *r
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
ber_str2bv( rs->sr_matched, 0, 0, &dn );
- rc = rwm_dn_massage( &dc, &dn, &mdn, NULL );
+ mdn = dn;
+ rc = rwm_dn_massage_pretty( &dc, &dn, &mdn );
if ( rc != LDAP_SUCCESS ) {
rs->sr_err = rc;
rs->sr_text = "Rewrite error";
@@ -720,7 +827,7 @@ rwm_matched( Operation *op, SlapReply *r
}
static int
-rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first )
+rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -729,6 +836,7 @@ rwm_attrs( Operation *op, SlapReply *rs,
dncookie dc;
int rc;
Attribute **ap;
+ int isupdate;
/*
* Rewrite the dn attrs, if needed
@@ -754,8 +862,9 @@ rwm_attrs( Operation *op, SlapReply *rs,
* an error (because multiple instances of attrs in
* response are not valid), or merge the values (what
* about duplicate values?) */
+ isupdate = be_shadow_update( op );
for ( ap = a_first; *ap; ) {
- struct ldapmapping *m;
+ struct ldapmapping *mapping = NULL;
int drop_missing;
int last;
Attribute *a;
@@ -764,30 +873,45 @@ rwm_attrs( Operation *op, SlapReply *rs,
{
/* go on */ ;
- } else if ( op->ors_attrs != NULL &&
- !SLAP_USERATTRS( rs->sr_attr_flags ) &&
- !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
- {
- goto cleanup_attr;
+ } else {
+ if ( op->ors_attrs != NULL &&
+ !SLAP_USERATTRS( rs->sr_attr_flags ) &&
+ !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
+ {
+ goto cleanup_attr;
+ }
+
+ drop_missing = rwm_mapping( &rwmap->rwm_at,
+ &(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
+ if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
+ {
+ goto cleanup_attr;
+ }
+
+ if ( mapping != NULL ) {
+ (*ap)->a_desc = mapping->m_dst_ad;
+ }
}
- if ( (*ap)->a_desc->ad_type->sat_no_user_mod
+ if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
+ if ( stripEntryDN ) {
+ /* will be generated by frontend */
+ goto cleanup_attr;
+ }
+
+ } else if ( !isupdate
+ && !get_manageDIT( op )
+ && (*ap)->a_desc->ad_type->sat_no_user_mod
&& (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
{
goto next_attr;
}
- drop_missing = rwm_mapping( &rwmap->rwm_at,
- &(*ap)->a_desc->ad_cname, &m, RWM_REMAP );
- if ( drop_missing || ( m != NULL && BER_BVISEMPTY( &m->m_dst ) ) ) {
- goto cleanup_attr;
- }
-
for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[last] ); last++ )
/* just count */ ;
if ( last == 0 ) {
- /* empty? for now, we leave it in place */
+ /* empty? leave it in place because of attrsonly and vlv */
goto next_attr;
}
last--;
@@ -817,8 +941,7 @@ rwm_attrs( Operation *op, SlapReply *rs,
* the value is replaced by
* ch_alloc'ed memory
*/
- ch_free( bv[0].bv_val );
- ber_dupbv( &bv[0], &mapped );
+ ber_bvreplace( &bv[0], &mapped );
}
}
@@ -834,8 +957,8 @@ rwm_attrs( Operation *op, SlapReply *rs,
* everything pass thru the ldap backend. */
/* FIXME: handle distinguishedName-like syntaxes, like
* nameAndOptionalUID */
- } else if ( (*ap)->a_desc->ad_type->sat_syntax ==
- slap_schema.si_syn_distinguishedName )
+ } else if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_src_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
#ifdef ENABLE_REWRITE
dc.ctx = "searchAttrDN";
@@ -855,10 +978,10 @@ rwm_attrs( Operation *op, SlapReply *rs,
}
}
- if ( m != NULL ) {
+ if ( mapping != NULL ) {
/* rewrite the attribute description */
- assert( m->m_dst_ad );
- (*ap)->a_desc = m->m_dst_ad;
+ assert( mapping->m_dst_ad != NULL );
+ (*ap)->a_desc = mapping->m_dst_ad;
}
next_attr:;
@@ -883,13 +1006,13 @@ rwm_send_entry( Operation *op, SlapReply
(struct ldaprwmap *)on->on_bi.bi_private;
Entry *e = NULL;
- int flags;
+ slap_mask_t flags;
struct berval dn = BER_BVNULL,
ndn = BER_BVNULL;
dncookie dc;
int rc;
- assert( rs->sr_entry );
+ assert( rs->sr_entry != NULL );
/*
* Rewrite the dn of the result, if needed
@@ -920,6 +1043,7 @@ rwm_send_entry( Operation *op, SlapReply
goto fail;
}
+ flags &= ~REP_ENTRY_MUSTRELEASE;
flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
}
@@ -928,7 +1052,9 @@ rwm_send_entry( Operation *op, SlapReply
* from the one known to the meta, and a DN with unknown
* attributes is returned.
*/
- rc = rwm_dn_massage( &dc, &e->e_name, &dn, &ndn );
+ dn = e->e_name;
+ ndn = e->e_nname;
+ rc = rwm_dn_massage_pretty_normalize( &dc, &e->e_name, &dn, &ndn );
if ( rc != LDAP_SUCCESS ) {
rc = 1;
goto fail;
@@ -948,7 +1074,11 @@ rwm_send_entry( Operation *op, SlapReply
/* FIXME: the entries are in the remote mapping form;
* so we need to select those attributes we are willing
* to return, and remap them accordingly */
- (void)rwm_attrs( op, rs, &e->e_attrs );
+ (void)rwm_attrs( op, rs, &e->e_attrs, 1 );
+
+ if ( rs->sr_flags & REP_ENTRY_MUSTRELEASE ) {
+ be_entry_release_rw( op, rs->sr_entry, 0 );
+ }
rs->sr_entry = e;
rs->sr_flags = flags;
@@ -956,6 +1086,18 @@ rwm_send_entry( Operation *op, SlapReply
return SLAP_CB_CONTINUE;
fail:;
+ if ( e != NULL && e != rs->sr_entry ) {
+ if ( e->e_name.bv_val == dn.bv_val ) {
+ BER_BVZERO( &e->e_name );
+ }
+
+ if ( e->e_nname.bv_val == ndn.bv_val ) {
+ BER_BVZERO( &e->e_nname );
+ }
+
+ entry_free( e );
+ }
+
if ( !BER_BVISNULL( &dn ) ) {
ch_free( dn.bv_val );
}
@@ -964,10 +1106,6 @@ fail:;
ch_free( ndn.bv_val );
}
- if ( e != NULL && e != rs->sr_entry ) {
- entry_free( e );
- }
-
return rc;
}
@@ -978,11 +1116,37 @@ rwm_operational( Operation *op, SlapRepl
* so we need to select those attributes we are willing
* to return, and remap them accordingly */
if ( rs->sr_operational_attrs ) {
- rwm_attrs( op, rs, &rs->sr_operational_attrs );
+ rwm_attrs( op, rs, &rs->sr_operational_attrs, 1 );
+ }
+
+ return SLAP_CB_CONTINUE;
+}
+
+#if 0
+/* don't use this; it cannot be reverted, and leaves op->o_req_dn
+ * rewritten for subsequent operations; fine for plain suffixmassage,
+ * but destroys everything else */
+static int
+rwm_chk_referrals( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ int rc;
+
+#ifdef ENABLE_REWRITE
+ rc = rwm_op_dn_massage( op, rs, "referralCheckDN" );
+#else /* ! ENABLE_REWRITE */
+ rc = 1;
+ rc = rwm_op_dn_massage( op, rs, &rc );
+#endif /* ! ENABLE_REWRITE */
+ if ( rc != LDAP_SUCCESS ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, rc, "referralCheckDN massage error" );
+ return -1;
}
return SLAP_CB_CONTINUE;
}
+#endif
static int
rwm_rw_config(
@@ -1138,7 +1302,9 @@ rwm_response( Operation *op, SlapReply *
switch( op->o_tag ) {
case LDAP_REQ_SEARCH:
/* Note: the operation attrs are remapped */
- if ( op->ors_attrs != NULL && op->ors_attrs != rs->sr_attrs )
+ if ( rs->sr_type == REP_RESULT
+ && op->ors_attrs != NULL
+ && op->ors_attrs != rs->sr_attrs )
{
ch_free( op->ors_attrs );
op->ors_attrs = rs->sr_attrs;
@@ -1193,6 +1359,10 @@ rwm_db_config(
char **argv
)
{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ struct ldaprwmap *rwmap =
+ (struct ldaprwmap *)on->on_bi.bi_private;
+
int rc = 0;
char *argv0 = NULL;
@@ -1210,6 +1380,38 @@ rwm_db_config(
} else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
+ } else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ rwmap->rwm_flags &= ~(RWM_F_SUPPORT_T_F|RWM_F_SUPPORT_T_F_DISCOVER);
+
+ } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
+
+ /* TODO: not implemented yet */
+ } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
+ fprintf( stderr,
+ "%s: line %d: \"discover\" not supported yet "
+ "in \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno );
+ return( 1 );
+#if 0
+ rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
+#endif
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+
} else {
rc = SLAP_CONF_UNKNOWN;
}
@@ -1229,9 +1431,11 @@ rwm_db_init(
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldapmapping *mapping = NULL;
struct ldaprwmap *rwmap;
+#ifdef ENABLE_REWRITE
+ char *rargv[ 3 ];
+#endif /* ENABLE_REWRITE */
- rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
- memset(rwmap, 0, sizeof(struct ldaprwmap));
+ rwmap = (struct ldaprwmap *)ch_calloc( 1, sizeof( struct ldaprwmap ) );
#ifdef ENABLE_REWRITE
rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
@@ -1240,22 +1444,17 @@ rwm_db_init(
return -1;
}
- {
- char *rargv[3];
-
- /* this rewriteContext by default must be null;
- * rules can be added if required */
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "searchFilter";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "", 1, 2, rargv );
-
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "default";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "", 2, 2, rargv );
- }
-
+ /* this rewriteContext by default must be null;
+ * rules can be added if required */
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "searchFilter";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "", 1, 2, rargv );
+
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "default";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "", 2, 2, rargv );
#endif /* ENABLE_REWRITE */
if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
@@ -1282,7 +1481,7 @@ rwm_db_destroy(
(struct ldaprwmap *)on->on_bi.bi_private;
#ifdef ENABLE_REWRITE
- if (rwmap->rwm_rw) {
+ if ( rwmap->rwm_rw ) {
rewrite_info_delete( &rwmap->rwm_rw );
}
#else /* !ENABLE_REWRITE */
@@ -1291,10 +1490,12 @@ rwm_db_destroy(
}
#endif /* !ENABLE_REWRITE */
- avl_free( rwmap->rwm_oc.remap, NULL );
+ avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
- avl_free( rwmap->rwm_at.remap, NULL );
+ avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_at.map, rwm_mapping_free );
+
+ ch_free( rwmap );
}
return rc;
@@ -1303,7 +1504,7 @@ rwm_db_destroy(
static slap_overinst rwm = { { NULL } };
int
-rwm_init(void)
+rwm_initialize(void)
{
memset( &rwm, 0, sizeof( slap_overinst ) );
@@ -1313,16 +1514,23 @@ rwm_init(void)
rwm.on_bi.bi_db_config = rwm_db_config;
rwm.on_bi.bi_db_destroy = rwm_db_destroy;
- rwm.on_bi.bi_op_bind = rwm_bind;
- rwm.on_bi.bi_op_search = rwm_search;
- rwm.on_bi.bi_op_compare = rwm_compare;
- rwm.on_bi.bi_op_modify = rwm_modify;
- rwm.on_bi.bi_op_modrdn = rwm_modrdn;
- rwm.on_bi.bi_op_add = rwm_add;
- rwm.on_bi.bi_op_delete = rwm_delete;
- rwm.on_bi.bi_op_unbind = rwm_unbind;
+ rwm.on_bi.bi_op_bind = rwm_op_bind;
+ rwm.on_bi.bi_op_search = rwm_op_search;
+ rwm.on_bi.bi_op_compare = rwm_op_compare;
+ rwm.on_bi.bi_op_modify = rwm_op_modify;
+ rwm.on_bi.bi_op_modrdn = rwm_op_modrdn;
+ rwm.on_bi.bi_op_add = rwm_op_add;
+ rwm.on_bi.bi_op_delete = rwm_op_delete;
+ rwm.on_bi.bi_op_unbind = rwm_op_unbind;
rwm.on_bi.bi_extended = rwm_extended;
+
rwm.on_bi.bi_operational = rwm_operational;
+ rwm.on_bi.bi_chk_referrals = 0 /* rwm_chk_referrals */ ;
+
+#ifdef ENABLE_REWRITE
+ rwm.on_bi.bi_connection_init = rwm_conn_init;
+ rwm.on_bi.bi_connection_destroy = rwm_conn_destroy;
+#endif /* ENABLE_REWRITE */
rwm.on_response = rwm_response;
@@ -1333,7 +1541,7 @@ rwm_init(void)
int
init_module( int argc, char *argv[] )
{
- return rwm_init();
+ return rwm_initialize();
}
#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */