--- servers/slapd/overlays/rwm.c 2004/12/01 20:47:13 1.37
+++ servers/slapd/overlays/rwm.c 2007/09/07 07:40:11 1.37.2.21
@@ -1,8 +1,8 @@
/* rwm.c - rewrite/remap operations */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.36 2004/11/13 16:27:15 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.37.2.20 2007/08/14 09:59:44 ando Exp $ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2003-2007 The OpenLDAP Foundation.
* Portions Copyright 2003 Pierangelo Masarati.
* All rights reserved.
*
@@ -26,15 +26,112 @@
#include "slap.h"
#include "rwm.h"
+typedef struct rwm_op_state {
+ ber_tag_t r_tag;
+ struct berval ro_dn;
+ struct berval ro_ndn;
+ struct berval r_dn;
+ struct berval r_ndn;
+ AttributeName *mapped_attrs;
+ OpRequest o_request;
+} rwm_op_state;
+
+static int
+rwm_db_destroy( BackendDB *be );
+
+typedef struct rwm_op_cb {
+ slap_callback cb;
+ rwm_op_state ros;
+} rwm_op_cb;
+
+static int
+rwm_op_cleanup( Operation *op, SlapReply *rs )
+{
+ slap_callback *cb = op->o_callback;
+ rwm_op_state *ros = cb->sc_private;
+
+ if ( rs->sr_type == REP_RESULT || rs->sr_type == REP_EXTENDED ||
+ op->o_abandon || rs->sr_err == SLAPD_ABANDON ) {
+
+ op->o_req_dn = ros->ro_dn;
+ op->o_req_ndn = ros->ro_ndn;
+
+ if ( !BER_BVISEMPTY( &ros->r_dn )) ch_free( ros->r_dn.bv_val );
+ if ( !BER_BVISEMPTY( &ros->r_ndn )) ch_free( ros->r_ndn.bv_val );
+
+ switch( ros->r_tag ) {
+ case LDAP_REQ_COMPARE:
+ if ( op->orc_ava->aa_value.bv_val != ros->orc_ava->aa_value.bv_val )
+ op->o_tmpfree( op->orc_ava->aa_value.bv_val, op->o_tmpmemctx );
+ op->orc_ava = ros->orc_ava;
+ break;
+ case LDAP_REQ_MODIFY:
+ slap_mods_free( op->orm_modlist, 1 );
+ op->orm_modlist = ros->orm_modlist;
+ break;
+ case LDAP_REQ_MODRDN:
+ if ( op->orr_newSup != ros->orr_newSup ) {
+ ch_free( op->orr_newSup->bv_val );
+ ch_free( op->orr_nnewSup->bv_val );
+ op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
+ op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
+ op->orr_newSup = ros->orr_newSup;
+ op->orr_nnewSup = ros->orr_nnewSup;
+ }
+ break;
+ case LDAP_REQ_SEARCH:
+ ch_free( ros->mapped_attrs );
+ filter_free_x( op, op->ors_filter );
+ ch_free( op->ors_filterstr.bv_val );
+ op->ors_attrs = ros->ors_attrs;
+ op->ors_filter = ros->ors_filter;
+ op->ors_filterstr = ros->ors_filterstr;
+ break;
+ case LDAP_REQ_EXTENDED:
+ if ( op->ore_reqdata != ros->ore_reqdata ) {
+ ber_bvfree( op->ore_reqdata );
+ op->ore_reqdata = ros->ore_reqdata;
+ }
+ break;
+ default: break;
+ }
+ op->o_callback = op->o_callback->sc_next;
+ op->o_tmpfree( cb, op->o_tmpmemctx );
+ }
+
+ return SLAP_CB_CONTINUE;
+}
+
+static rwm_op_cb *
+rwm_callback_get( Operation *op, SlapReply *rs )
+{
+ rwm_op_cb *roc = NULL;
+
+ roc = op->o_tmpalloc( sizeof( struct rwm_op_cb ), op->o_tmpmemctx );
+ roc->cb.sc_cleanup = rwm_op_cleanup;
+ roc->cb.sc_response = NULL;
+ roc->cb.sc_next = op->o_callback;
+ roc->cb.sc_private = &roc->ros;
+ roc->ros.r_tag = op->o_tag;
+ roc->ros.ro_dn = op->o_req_dn;
+ roc->ros.ro_ndn = op->o_req_ndn;
+ roc->ros.o_request = op->o_request;
+ BER_BVZERO( &roc->ros.r_dn );
+ BER_BVZERO( &roc->ros.r_ndn );
+
+ return roc;
+}
+
+
static int
-rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie )
+rwm_op_dn_massage( Operation *op, SlapReply *rs, void *cookie,
+ rwm_op_state *ros )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
struct berval dn = BER_BVNULL,
- *dnp = NULL,
ndn = BER_BVNULL;
int rc = 0;
dncookie dc;
@@ -56,34 +153,38 @@ rwm_op_dn_massage( Operation *op, SlapRe
* and the caller sets op->o_req_dn = op->o_req_ndn,
* only rewrite the op->o_req_ndn and use it as
* op->o_req_dn as well */
+ ndn = op->o_req_ndn;
if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
- dnp = &dn;
+ dn = op->o_req_dn;
+ rc = rwm_dn_massage_pretty_normalize( &dc, &op->o_req_dn, &dn, &ndn );
+ } else {
+ rc = rwm_dn_massage_normalize( &dc, &op->o_req_ndn, &ndn );
}
- rc = rwm_dn_massage( &dc, &op->o_req_dn, dnp, &ndn );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
- if ( ( dnp && dn.bv_val == op->o_req_dn.bv_val ) ||
- ( !dnp && ndn.bv_val == op->o_req_ndn.bv_val ) ) {
+ if ( ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val && dn.bv_val == op->o_req_dn.bv_val )
+ || ndn.bv_val == op->o_req_ndn.bv_val )
+ {
return LDAP_SUCCESS;
}
- op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
- if ( dnp ) {
- op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
+ if ( op->o_req_dn.bv_val != op->o_req_ndn.bv_val ) {
op->o_req_dn = dn;
+ ros->r_dn = dn;
} else {
op->o_req_dn = ndn;
}
+ ros->r_ndn = ndn;
op->o_req_ndn = ndn;
return LDAP_SUCCESS;
}
static int
-rwm_add( Operation *op, SlapReply *rs )
+rwm_op_add( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -93,12 +194,15 @@ rwm_add( Operation *op, SlapReply *rs )
i;
Attribute **ap = NULL;
char *olddn = op->o_req_dn.bv_val;
+ int isupdate;
+
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "addDN" );
+ rc = rwm_op_dn_massage( op, rs, "addDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -107,64 +211,105 @@ rwm_add( Operation *op, SlapReply *rs )
}
if ( olddn != op->o_req_dn.bv_val ) {
- ch_free( op->ora_e->e_name.bv_val );
- ch_free( op->ora_e->e_nname.bv_val );
-
- ber_dupbv( &op->ora_e->e_name, &op->o_req_dn );
- ber_dupbv( &op->ora_e->e_nname, &op->o_req_ndn );
+ ber_bvreplace( &op->ora_e->e_name, &op->o_req_dn );
+ ber_bvreplace( &op->ora_e->e_nname, &op->o_req_ndn );
}
/* Count number of attributes in entry */
+ isupdate = be_shadow_update( op );
for ( i = 0, ap = &op->oq_add.rs_e->e_attrs; *ap; ) {
- struct berval mapped;
Attribute *a;
- if ( (*ap)->a_desc->ad_type->sat_no_user_mod ) {
- goto next_attr;
- }
+ if ( (*ap)->a_desc == slap_schema.si_ad_objectClass ||
+ (*ap)->a_desc == slap_schema.si_ad_structuralObjectClass )
+ {
+ int j, last;
- rwm_map( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
- &mapped, RWM_MAP );
- if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
- goto cleanup_attr;
- }
+ for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[ last ] ); last++ )
+ /* count values */ ;
+ last--;
+ for ( j = 0; !BER_BVISNULL( &(*ap)->a_vals[ j ] ); j++ ) {
+ struct ldapmapping *mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_oc, &(*ap)->a_vals[ j ],
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ /* FIXME: we allow to remove objectClasses as well;
+ * if the resulting entry is inconsistent, that's
+ * the relayed database's business...
+ */
+ ch_free( (*ap)->a_vals[ j ].bv_val );
+ if ( last > j ) {
+ (*ap)->a_vals[ j ] = (*ap)->a_vals[ last ];
+ }
+ BER_BVZERO( &(*ap)->a_vals[ last ] );
+ last--;
+ j--;
+ }
- if ( (*ap)->a_desc->ad_type->sat_syntax
- == slap_schema.si_syn_distinguishedName )
+ } else {
+ ch_free( (*ap)->a_vals[ j ].bv_val );
+ ber_dupbv( &(*ap)->a_vals[ j ], &mapping->m_dst );
+ }
+ }
+
+ } else if ( !isupdate && !get_manageDIT( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
{
- /*
- * FIXME: rewrite could fail; in this case
- * the operation should give up, right?
- */
-#ifdef ENABLE_REWRITE
- rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
- (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ goto next_attr;
+
+ } else {
+ struct ldapmapping *mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_at, &(*ap)->a_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ goto cleanup_attr;
+ }
+ }
+
+ if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
+ {
+ /*
+ * FIXME: rewrite could fail; in this case
+ * the operation should give up, right?
+ */
+#ifdef ENABLE_REWRITE
+ rc = rwm_dnattr_rewrite( op, rs, "addAttrDN",
+ (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#else /* ! ENABLE_REWRITE */
- rc = 1;
- rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = 1;
+ rc = rwm_dnattr_rewrite( op, rs, &rc, (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#endif /* ! ENABLE_REWRITE */
- if ( rc ) {
- goto cleanup_attr;
- }
+ if ( rc ) {
+ goto cleanup_attr;
+ }
- } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
+ } else if ( (*ap)->a_desc == slap_schema.si_ad_ref ) {
#ifdef ENABLE_REWRITE
- rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
- (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = rwm_referral_rewrite( op, rs, "referralAttrDN",
+ (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#else /* ! ENABLE_REWRITE */
- rc = 1;
- rc = rwm_referral_rewrite( op, rs, &rc, (*ap)->a_vals,
- (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
+ rc = 1;
+ rc = rwm_referral_rewrite( op, rs, &rc, (*ap)->a_vals,
+ (*ap)->a_nvals ? &(*ap)->a_nvals : NULL );
#endif /* ! ENABLE_REWRITE */
- if ( rc != LDAP_SUCCESS ) {
- goto cleanup_attr;
+ if ( rc != LDAP_SUCCESS ) {
+ goto cleanup_attr;
+ }
+ }
+
+ if ( mapping != NULL ) {
+ assert( mapping->m_dst_ad != NULL );
+ (*ap)->a_desc = mapping->m_dst_ad;
}
}
-
next_attr:;
ap = &(*ap)->a_next;
continue;
@@ -177,26 +322,50 @@ cleanup_attr:;
attr_free( a );
}
- /* TODO: map attribute types, values of DN-valued attributes ... */
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
+#ifdef ENABLE_REWRITE
static int
-rwm_bind( Operation *op, SlapReply *rs )
+rwm_conn_init( BackendDB *be, Connection *conn )
{
- slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ struct ldaprwmap *rwmap =
+ (struct ldaprwmap *)on->on_bi.bi_private;
+
+ ( void )rewrite_session_init( rwmap->rwm_rw, conn );
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+rwm_conn_destroy( BackendDB *be, Connection *conn )
+{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
+
+ ( void )rewrite_session_delete( rwmap->rwm_rw, conn );
+
+ return SLAP_CB_CONTINUE;
+}
+#endif /* ENABLE_REWRITE */
+
+static int
+rwm_op_bind( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
-#ifdef ENABLE_REWRITE
- ( void )rewrite_session_delete( rwmap->rwm_rw, op->o_conn );
- ( void )rewrite_session_init( rwmap->rwm_rw, op->o_conn );
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
- rc = rwm_op_dn_massage( op, rs, "bindDN" );
+#ifdef ENABLE_REWRITE
+ rc = rwm_op_dn_massage( op, rs, "bindDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -204,11 +373,13 @@ rwm_bind( Operation *op, SlapReply *rs )
return -1;
}
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
static int
-rwm_unbind( Operation *op, SlapReply *rs )
+rwm_op_unbind( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -222,21 +393,22 @@ rwm_unbind( Operation *op, SlapReply *rs
}
static int
-rwm_compare( Operation *op, SlapReply *rs )
+rwm_op_compare( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
int rc;
- struct berval mapped_at = BER_BVNULL,
- mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
+ struct berval mapped_vals[2] = { BER_BVNULL, BER_BVNULL };
+
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "compareDN" );
+ rc = rwm_op_dn_massage( op, rs, "compareDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -257,21 +429,30 @@ rwm_compare( Operation *op, SlapReply *r
return -1;
} else if ( mapped_vals[0].bv_val != op->orc_ava->aa_value.bv_val ) {
- free( op->orc_ava->aa_value.bv_val );
- op->orc_ava->aa_value = mapped_vals[0];
+ ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
+ op->o_tmpmemctx );
}
- mapped_at = op->orc_ava->aa_desc->ad_cname;
} else {
- rwm_map( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
- &mapped_at, RWM_MAP );
- if ( BER_BVISNULL( &mapped_at ) || BER_BVISEMPTY( &mapped_at ) )
- {
- op->o_bd->bd_info = (BackendInfo *)on->on_info;
- send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
- return -1;
+ struct ldapmapping *mapping = NULL;
+ AttributeDescription *ad = op->orc_ava->aa_desc;
+
+ ( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
+ return -1;
+ }
+
+ } else {
+ assert( mapping->m_dst_ad != NULL );
+ ad = mapping->m_dst_ad;
}
- if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
+
+ if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
struct berval *mapped_valsp[2];
@@ -293,24 +474,36 @@ rwm_compare( Operation *op, SlapReply *r
return -1;
}
- op->orc_ava->aa_value = mapped_vals[0];
+ if ( mapped_vals[ 0 ].bv_val != op->orc_ava->aa_value.bv_val ) {
+ /* NOTE: if we get here, rwm_dnattr_rewrite()
+ * already freed the old value, so now
+ * it's invalid */
+ ber_dupbv_x( &op->orc_ava->aa_value, &mapped_vals[0],
+ op->o_tmpmemctx );
+ ber_memfree_x( mapped_vals[ 0 ].bv_val, NULL );
+ }
}
+ op->orc_ava->aa_desc = ad;
}
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
static int
-rwm_delete( Operation *op, SlapReply *rs )
+rwm_op_delete( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
+
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "deleteDN" );
+ rc = rwm_op_dn_massage( op, rs, "deleteDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -318,24 +511,57 @@ rwm_delete( Operation *op, SlapReply *rs
return -1;
}
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
+/* imported from HEAD */
+static int
+ber_bvarray_dup_x( BerVarray *dst, BerVarray src, void *ctx )
+{
+ int i, j;
+ BerVarray new;
+
+ if ( !src ) {
+ *dst = NULL;
+ return 0;
+ }
+
+ for (i=0; !BER_BVISNULL( &src[i] ); i++) ;
+ new = ber_memalloc_x(( i+1 ) * sizeof(BerValue), ctx );
+ if ( !new )
+ return -1;
+ for (j=0; jo_bd->bd_info;
struct ldaprwmap *rwmap =
(struct ldaprwmap *)on->on_bi.bi_private;
+ int isupdate;
Modifications **mlp;
int rc;
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
+
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "modifyDN" );
+ rc = rwm_op_dn_massage( op, rs, "modifyDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -343,95 +569,126 @@ rwm_modify( Operation *op, SlapReply *rs
return -1;
}
+ isupdate = be_shadow_update( op );
for ( mlp = &op->oq_modify.rs_modlist; *mlp; ) {
- int is_oc = 0;
- Modifications *ml;
+ int is_oc = 0;
+ Modifications *ml = *mlp;
+ struct ldapmapping *mapping = NULL;
+
+ /* ml points to a temporary mod until needs duplication */
+ if ( ml->sml_desc == slap_schema.si_ad_objectClass
+ || ml->sml_desc == slap_schema.si_ad_structuralObjectClass )
+ {
+ is_oc = 1;
- if ( (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
+ } else if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod )
+ {
+ ml = ch_malloc( sizeof( Modifications ) );
+ *ml = **mlp;
+ if ( (*mlp)->sml_values ) {
+ ber_bvarray_dup_x( &ml->sml_values, (*mlp)->sml_values, NULL );
+ if ( (*mlp)->sml_nvalues ) {
+ ber_bvarray_dup_x( &ml->sml_nvalues, (*mlp)->sml_nvalues, NULL );
+ }
+ }
+ *mlp = ml;
goto next_mod;
- }
-
- if ( (*mlp)->sml_desc == slap_schema.si_ad_objectClass
- || (*mlp)->sml_desc == slap_schema.si_ad_structuralObjectClass ) {
- is_oc = 1;
} else {
- struct ldapmapping *m;
int drop_missing;
- drop_missing = rwm_mapping( &rwmap->rwm_at, &(*mlp)->sml_desc->ad_cname, &m, RWM_MAP );
- if ( drop_missing || ( m != NULL && BER_BVISNULL( &m->m_dst ) ) )
+ drop_missing = rwm_mapping( &rwmap->rwm_at,
+ &ml->sml_desc->ad_cname,
+ &mapping, RWM_MAP );
+ if ( drop_missing || ( mapping != NULL && BER_BVISNULL( &mapping->m_dst ) ) )
{
goto cleanup_mod;
}
+ }
- if ( m ) {
- /* use new attribute description */
- assert( m->m_dst_ad );
- (*mlp)->sml_desc = m->m_dst_ad;
+ /* duplicate the modlist */
+ ml = ch_malloc( sizeof( Modifications ));
+ *ml = **mlp;
+ *mlp = ml;
+
+ if ( ml->sml_values != NULL ) {
+ int i, num;
+ struct berval *bva;
+
+ for ( num = 0; !BER_BVISNULL( &ml->sml_values[ num ] ); num++ )
+ /* count values */ ;
+
+ bva = ch_malloc( (num+1) * sizeof( struct berval ));
+ for (i=0; isml_values[i] );
+ BER_BVZERO( &bva[i] );
+ ml->sml_values = bva;
+
+ if ( ml->sml_nvalues ) {
+ bva = ch_malloc( (num+1) * sizeof( struct berval ));
+ for (i=0; isml_nvalues[i] );
+ BER_BVZERO( &bva[i] );
+ ml->sml_nvalues = bva;
}
- }
- if ( (*mlp)->sml_values != NULL ) {
if ( is_oc ) {
int last, j;
- for ( last = 0; !BER_BVISNULL( &(*mlp)->sml_values[last] ); last++ )
- /* count values */ ;
- last--;
+ last = num-1;
- for ( j = 0; !BER_BVISNULL( &(*mlp)->sml_values[j] ); j++ ) {
- struct berval mapped = BER_BVNULL;
-
- rwm_map( &rwmap->rwm_oc,
- &(*mlp)->sml_values[j],
- &mapped, RWM_MAP );
- if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
- /* FIXME: we allow to remove objectClasses as well;
- * if the resulting entry is inconsistent, that's
- * the relayed database's business...
- */
-#if 0
- goto cleanup_mod;
-#endif
- if ( last > j ) {
- (*mlp)->sml_values[j] = (*mlp)->sml_values[last];
- BER_BVZERO( &(*mlp)->sml_values[last] );
+ for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ ) {
+ struct ldapmapping *oc_mapping = NULL;
+
+ ( void )rwm_mapping( &rwmap->rwm_oc, &ml->sml_values[ j ],
+ &oc_mapping, RWM_MAP );
+ if ( oc_mapping == NULL ) {
+ if ( rwmap->rwm_at.drop_missing ) {
+ /* FIXME: we allow to remove objectClasses as well;
+ * if the resulting entry is inconsistent, that's
+ * the relayed database's business...
+ */
+ if ( last > j ) {
+ ch_free( ml->sml_values[ j ].bv_val );
+ ml->sml_values[ j ] = ml->sml_values[ last ];
+ }
+ BER_BVZERO( &ml->sml_values[ last ] );
+ last--;
+ j--;
}
- last--;
-
+
} else {
- ch_free( (*mlp)->sml_values[j].bv_val );
- ber_dupbv( &(*mlp)->sml_values[j], &mapped );
+ ch_free( ml->sml_values[ j ].bv_val );
+ ber_dupbv( &ml->sml_values[ j ], &oc_mapping->m_dst );
}
}
} else {
- if ( (*mlp)->sml_desc->ad_type->sat_syntax ==
- slap_schema.si_syn_distinguishedName )
+ if ( ml->sml_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
#ifdef ENABLE_REWRITE
rc = rwm_dnattr_rewrite( op, rs, "modifyAttrDN",
- (*mlp)->sml_values,
- (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
+ ml->sml_values,
+ ml->sml_nvalues ? &ml->sml_nvalues : NULL );
#else /* ! ENABLE_REWRITE */
rc = 1;
rc = rwm_dnattr_rewrite( op, rs, &rc,
- (*mlp)->sml_values,
- (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
+ ml->sml_values,
+ ml->sml_nvalues ? &ml->sml_nvalues : NULL );
#endif /* ! ENABLE_REWRITE */
- } else if ( (*mlp)->sml_desc == slap_schema.si_ad_ref ) {
+ } else if ( ml->sml_desc == slap_schema.si_ad_ref ) {
#ifdef ENABLE_REWRITE
rc = rwm_referral_rewrite( op, rs,
"referralAttrDN",
- (*mlp)->sml_values,
- (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
+ ml->sml_values,
+ ml->sml_nvalues ? &ml->sml_nvalues : NULL );
#else /* ! ENABLE_REWRITE */
rc = 1;
rc = rwm_referral_rewrite( op, rs, &rc,
- (*mlp)->sml_values,
- (*mlp)->sml_nvalues ? &(*mlp)->sml_nvalues : NULL );
+ ml->sml_values,
+ ml->sml_nvalues ? &ml->sml_nvalues : NULL );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
goto cleanup_mod;
@@ -445,7 +702,13 @@ rwm_modify( Operation *op, SlapReply *rs
}
next_mod:;
- mlp = &(*mlp)->sml_next;
+ if ( mapping != NULL ) {
+ /* use new attribute description */
+ assert( mapping->m_dst_ad != NULL );
+ ml->sml_desc = mapping->m_dst_ad;
+ }
+
+ mlp = &ml->sml_next;
continue;
cleanup_mod:;
@@ -455,12 +718,13 @@ cleanup_mod:;
free( ml );
}
- /* TODO: rewrite attribute types, values of DN-valued attributes ... */
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
static int
-rwm_modrdn( Operation *op, SlapReply *rs )
+rwm_op_modrdn( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -468,6 +732,8 @@ rwm_modrdn( Operation *op, SlapReply *rs
int rc;
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
+
if ( op->orr_newSup ) {
dncookie dc;
struct berval nnewSup = BER_BVNULL;
@@ -485,7 +751,9 @@ rwm_modrdn( Operation *op, SlapReply *rs
dc.tofrom = 0;
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
- rc = rwm_dn_massage( &dc, op->orr_newSup, &newSup, &nnewSup );
+ newSup = *op->orr_newSup;
+ nnewSup = *op->orr_nnewSup;
+ rc = rwm_dn_massage_pretty_normalize( &dc, op->orr_newSup, &newSup, &nnewSup );
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, rc, "newSuperiorDN massage error" );
@@ -493,8 +761,10 @@ rwm_modrdn( Operation *op, SlapReply *rs
}
if ( op->orr_newSup->bv_val != newSup.bv_val ) {
- op->o_tmpfree( op->orr_newSup->bv_val, op->o_tmpmemctx );
- op->o_tmpfree( op->orr_nnewSup->bv_val, op->o_tmpmemctx );
+ op->orr_newSup = op->o_tmpalloc( sizeof( struct berval ),
+ op->o_tmpmemctx );
+ op->orr_nnewSup = op->o_tmpalloc( sizeof( struct berval ),
+ op->o_tmpmemctx );
*op->orr_newSup = newSup;
*op->orr_nnewSup = nnewSup;
}
@@ -504,46 +774,52 @@ rwm_modrdn( Operation *op, SlapReply *rs
* Rewrite the dn, if needed
*/
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "renameDN" );
+ rc = rwm_op_dn_massage( op, rs, "renameDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, rc, "renameDN massage error" );
+ if ( op->orr_newSup != roc->ros.orr_newSup ) {
+ ch_free( op->orr_newSup->bv_val );
+ ch_free( op->orr_nnewSup->bv_val );
+ op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
+ op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
+ op->orr_newSup = roc->ros.orr_newSup;
+ op->orr_nnewSup = roc->ros.orr_nnewSup;
+ }
return -1;
}
- /* TODO: rewrite attribute types, values of DN-valued attributes ... */
+ /* TODO: rewrite newRDN, attribute types,
+ * values of DN-valued attributes ... */
+
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
+
static int
rwm_swap_attrs( Operation *op, SlapReply *rs )
{
slap_callback *cb = op->o_callback;
- AttributeName *an = (AttributeName *)cb->sc_private;
-
- rs->sr_attrs = an;
-
- return SLAP_CB_CONTINUE;
-}
-
-static int rwm_freeself( Operation *op, SlapReply *rs )
-{
- if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_RESULT ) {
- assert( op->o_callback );
+ rwm_op_state *ros = cb->sc_private;
- op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
- op->o_callback = NULL;
- }
+ rs->sr_attrs = ros->ors_attrs;
- return SLAP_CB_CONTINUE;
+ /* other overlays might have touched op->ors_attrs,
+ * so we restore the original version here, otherwise
+ * attribute-mapping might fail */
+ op->ors_attrs = ros->mapped_attrs;
+
+ return SLAP_CB_CONTINUE;
}
static int
-rwm_search( Operation *op, SlapReply *rs )
+rwm_op_search( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -555,16 +831,20 @@ rwm_search( Operation *op, SlapReply *rs
struct berval fstr = BER_BVNULL;
Filter *f = NULL;
- slap_callback *cb;
AttributeName *an = NULL;
char *text = NULL;
+ rwm_op_cb *roc = rwm_callback_get( op, rs );
+
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "searchDN" );
+ rc = rewrite_session_var_set( rwmap->rwm_rw, op->o_conn,
+ "searchFilter", op->ors_filterstr.bv_val );
+ if ( rc == LDAP_SUCCESS )
+ rc = rwm_op_dn_massage( op, rs, "searchDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
text = "searchDN massage error";
@@ -584,7 +864,7 @@ rwm_search( Operation *op, SlapReply *rs
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
- rc = rwm_filter_map_rewrite( &dc, op->ors_filter, &fstr );
+ rc = rwm_filter_map_rewrite( op, &dc, op->ors_filter, &fstr );
if ( rc != LDAP_SUCCESS ) {
text = "searchFilter/searchFilterAttrDN massage error";
goto error_return;
@@ -597,14 +877,6 @@ rwm_search( Operation *op, SlapReply *rs
goto error_return;
}
- if ( !BER_BVISNULL( &op->ors_filterstr ) ) {
- ch_free( op->ors_filterstr.bv_val );
- }
-
- if( op->ors_filter ) {
- filter_free_x( op, op->ors_filter );
- }
-
op->ors_filter = f;
op->ors_filterstr = fstr;
@@ -615,20 +887,13 @@ rwm_search( Operation *op, SlapReply *rs
goto error_return;
}
- cb = (slap_callback *) op->o_tmpcalloc( sizeof( slap_callback ),
- 1, op->o_tmpmemctx );
- if ( cb == NULL ) {
- rc = LDAP_NO_MEMORY;
- goto error_return;
- }
-
- cb->sc_response = rwm_swap_attrs;
- cb->sc_cleanup = rwm_freeself;
- cb->sc_private = (void *)op->ors_attrs;
- cb->sc_next = op->o_callback;
-
- op->o_callback = cb;
op->ors_attrs = an;
+ /* store the mapped Attributes for later usage, in
+ * the case that other overlays change op->ors_attrs */
+ roc->ros.mapped_attrs = an;
+ roc->cb.sc_response = rwm_swap_attrs;
+
+ op->o_callback = &roc->cb;
return SLAP_CB_CONTINUE;
@@ -645,6 +910,8 @@ error_return:;
ch_free( fstr.bv_val );
}
+ op->oq_search = roc->ros.oq_search;
+
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, rc, text );
@@ -653,16 +920,129 @@ error_return:;
}
static int
+rwm_exop_passwd( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ int rc;
+ rwm_op_cb *roc;
+
+ struct berval id = BER_BVNULL,
+ pwold = BER_BVNULL,
+ pwnew = BER_BVNULL;
+ BerElement *ber = NULL;
+
+ if ( !BER_BVISNULL( &op->o_req_ndn ) ) {
+ return LDAP_SUCCESS;
+ }
+
+ if ( !SLAP_ISGLOBALOVERLAY( op->o_bd ) ) {
+ rs->sr_err = LDAP_OTHER;
+ return rs->sr_err;
+ }
+
+ rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
+ &pwold, &pwnew, &rs->sr_text );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ return rs->sr_err;
+ }
+
+ if ( !BER_BVISNULL( &id ) ) {
+ rs->sr_err = dnPrettyNormal( NULL, &id, &op->o_req_dn,
+ &op->o_req_ndn, op->o_tmpmemctx );
+ if ( rs->sr_err != LDAP_SUCCESS ) {
+ rs->sr_text = "Invalid DN";
+ return rs->sr_err;
+ }
+
+ } else {
+ ber_dupbv_x( &op->o_req_dn, &op->o_dn, op->o_tmpmemctx );
+ ber_dupbv_x( &op->o_req_ndn, &op->o_ndn, op->o_tmpmemctx );
+ }
+
+ roc = rwm_callback_get( op, rs );
+
+#ifdef ENABLE_REWRITE
+ rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
+#else /* ! ENABLE_REWRITE */
+ rc = 1;
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
+#endif /* ! ENABLE_REWRITE */
+ if ( rc != LDAP_SUCCESS ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, rc, "extendedDN massage error" );
+ return -1;
+ }
+
+ ber = ber_alloc_t( LBER_USE_DER );
+ if ( !ber ) {
+ rs->sr_err = LDAP_OTHER;
+ rs->sr_text = "No memory";
+ return rs->sr_err;
+ }
+ ber_printf( ber, "{" );
+ if ( !BER_BVISNULL( &id )) {
+ ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID,
+ &op->o_req_dn );
+ }
+ if ( !BER_BVISNULL( &pwold )) {
+ ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, &pwold );
+ }
+ if ( !BER_BVISNULL( &pwnew )) {
+ ber_printf( ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, &pwnew );
+ }
+ ber_printf( ber, "N}" );
+ ber_flatten( ber, &op->ore_reqdata );
+ ber_free( ber, 1 );
+
+ op->o_callback = &roc->cb;
+
+ return SLAP_CB_CONTINUE;
+}
+
+static struct exop {
+ struct berval oid;
+ BI_op_extended *extended;
+} exop_table[] = {
+ { BER_BVC(LDAP_EXOP_MODIFY_PASSWD), rwm_exop_passwd },
+ { BER_BVNULL, NULL }
+};
+
+static int
rwm_extended( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
int rc;
+ rwm_op_cb *roc;
+
+ int i;
+
+ for ( i = 0; exop_table[i].extended != NULL; i++ ) {
+ if ( bvmatch( &exop_table[i].oid, &op->oq_extended.rs_reqoid ) )
+ {
+ rc = exop_table[i].extended( op, rs );
+ switch ( rc ) {
+ case LDAP_SUCCESS:
+ break;
+
+ case SLAP_CB_CONTINUE:
+ case SLAPD_ABANDON:
+ return rc;
+
+ default:
+ send_ldap_result( op, rs );
+ return rc;
+ }
+ break;
+ }
+ }
+
+ roc = rwm_callback_get( op, rs );
#ifdef ENABLE_REWRITE
- rc = rwm_op_dn_massage( op, rs, "extendedDN" );
+ rc = rwm_op_dn_massage( op, rs, "extendedDN", &roc->ros );
#else /* ! ENABLE_REWRITE */
rc = 1;
- rc = rwm_op_dn_massage( op, rs, &rc );
+ rc = rwm_op_dn_massage( op, rs, &rc, &roc->ros );
#endif /* ! ENABLE_REWRITE */
if ( rc != LDAP_SUCCESS ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -671,6 +1051,8 @@ rwm_extended( Operation *op, SlapReply *
}
/* TODO: rewrite/map extended data ? ... */
+ op->o_callback = &roc->cb;
+
return SLAP_CB_CONTINUE;
}
@@ -699,7 +1081,8 @@ rwm_matched( Operation *op, SlapReply *r
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
ber_str2bv( rs->sr_matched, 0, 0, &dn );
- rc = rwm_dn_massage( &dc, &dn, &mdn, NULL );
+ mdn = dn;
+ rc = rwm_dn_massage_pretty( &dc, &dn, &mdn );
if ( rc != LDAP_SUCCESS ) {
rs->sr_err = rc;
rs->sr_text = "Rewrite error";
@@ -720,7 +1103,7 @@ rwm_matched( Operation *op, SlapReply *r
}
static int
-rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first )
+rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
struct ldaprwmap *rwmap =
@@ -729,6 +1112,8 @@ rwm_attrs( Operation *op, SlapReply *rs,
dncookie dc;
int rc;
Attribute **ap;
+ int isupdate;
+ int check_duplicate_attrs = 0;
/*
* Rewrite the dn attrs, if needed
@@ -754,8 +1139,9 @@ rwm_attrs( Operation *op, SlapReply *rs,
* an error (because multiple instances of attrs in
* response are not valid), or merge the values (what
* about duplicate values?) */
+ isupdate = be_shadow_update( op );
for ( ap = a_first; *ap; ) {
- struct ldapmapping *m;
+ struct ldapmapping *mapping = NULL;
int drop_missing;
int last;
Attribute *a;
@@ -764,30 +1150,48 @@ rwm_attrs( Operation *op, SlapReply *rs,
{
/* go on */ ;
- } else if ( op->ors_attrs != NULL &&
- !SLAP_USERATTRS( rs->sr_attr_flags ) &&
- !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
- {
- goto cleanup_attr;
+ } else {
+ if ( op->ors_attrs != NULL &&
+ !SLAP_USERATTRS( rs->sr_attr_flags ) &&
+ !ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
+ {
+ goto cleanup_attr;
+ }
+
+ drop_missing = rwm_mapping( &rwmap->rwm_at,
+ &(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
+ if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
+ {
+ goto cleanup_attr;
+ }
+
+ if ( mapping != NULL ) {
+ (*ap)->a_desc = mapping->m_dst_ad;
+
+ /* will need to check for duplicate attrs */
+ check_duplicate_attrs++;
+ }
}
- if ( (*ap)->a_desc->ad_type->sat_no_user_mod
+ if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
+ if ( stripEntryDN ) {
+ /* will be generated by frontend */
+ goto cleanup_attr;
+ }
+
+ } else if ( !isupdate
+ && !get_manageDIT( op )
+ && (*ap)->a_desc->ad_type->sat_no_user_mod
&& (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
{
goto next_attr;
}
- drop_missing = rwm_mapping( &rwmap->rwm_at,
- &(*ap)->a_desc->ad_cname, &m, RWM_REMAP );
- if ( drop_missing || ( m != NULL && BER_BVISEMPTY( &m->m_dst ) ) ) {
- goto cleanup_attr;
- }
-
for ( last = 0; !BER_BVISNULL( &(*ap)->a_vals[last] ); last++ )
/* just count */ ;
if ( last == 0 ) {
- /* empty? for now, we leave it in place */
+ /* empty? leave it in place because of attrsonly and vlv */
goto next_attr;
}
last--;
@@ -802,6 +1206,7 @@ rwm_attrs( Operation *op, SlapReply *rs,
rwm_map( &rwmap->rwm_oc, &bv[0], &mapped, RWM_REMAP );
if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
+remove_oc:;
ch_free( bv[0].bv_val );
BER_BVZERO( &bv[0] );
if ( &(*ap)->a_vals[last] > &bv[0] ) {
@@ -812,13 +1217,32 @@ rwm_attrs( Operation *op, SlapReply *rs,
bv--;
} else if ( mapped.bv_val != bv[0].bv_val ) {
+ int i;
+
+ for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[ i ] ); i++ ) {
+ if ( &(*ap)->a_vals[ i ] == bv ) {
+ continue;
+ }
+
+ if ( ber_bvstrcasecmp( &mapped, &(*ap)->a_vals[ i ] ) == 0 ) {
+ break;
+ }
+ }
+
+ if ( !BER_BVISNULL( &(*ap)->a_vals[ i ] ) ) {
+ goto remove_oc;
+ }
+
/*
* FIXME: after LBER_FREEing
* the value is replaced by
* ch_alloc'ed memory
*/
- ch_free( bv[0].bv_val );
- ber_dupbv( &bv[0], &mapped );
+ ber_bvreplace( &bv[0], &mapped );
+
+ /* FIXME: will need to check
+ * if the structuralObjectClass
+ * changed */
}
}
@@ -834,8 +1258,8 @@ rwm_attrs( Operation *op, SlapReply *rs,
* everything pass thru the ldap backend. */
/* FIXME: handle distinguishedName-like syntaxes, like
* nameAndOptionalUID */
- } else if ( (*ap)->a_desc->ad_type->sat_syntax ==
- slap_schema.si_syn_distinguishedName )
+ } else if ( (*ap)->a_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
+ || ( mapping != NULL && mapping->m_src_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
{
#ifdef ENABLE_REWRITE
dc.ctx = "searchAttrDN";
@@ -855,10 +1279,10 @@ rwm_attrs( Operation *op, SlapReply *rs,
}
}
- if ( m != NULL ) {
+ if ( mapping != NULL ) {
/* rewrite the attribute description */
- assert( m->m_dst_ad );
- (*ap)->a_desc = m->m_dst_ad;
+ assert( mapping->m_dst_ad != NULL );
+ (*ap)->a_desc = mapping->m_dst_ad;
}
next_attr:;
@@ -872,6 +1296,45 @@ cleanup_attr:;
attr_free( a );
}
+ /* only check if some mapping occurred */
+ if ( check_duplicate_attrs ) {
+ for ( ap = a_first; *ap != NULL; ap = &(*ap)->a_next ) {
+ Attribute **tap;
+
+ for ( tap = &(*ap)->a_next; *tap != NULL; ) {
+ if ( (*tap)->a_desc == (*ap)->a_desc ) {
+ Entry e = { 0 };
+ Modification mod = { 0 };
+ const char *text = NULL;
+ char textbuf[ SLAP_TEXT_BUFLEN ];
+ Attribute *next = (*tap)->a_next;
+
+ BER_BVSTR( &e.e_name, "" );
+ BER_BVSTR( &e.e_nname, "" );
+ e.e_attrs = *ap;
+ mod.sm_op = LDAP_MOD_ADD;
+ mod.sm_desc = (*ap)->a_desc;
+ mod.sm_type = mod.sm_desc->ad_cname;
+ mod.sm_values = (*tap)->a_vals;
+ mod.sm_nvalues = (*tap)->a_nvals;
+
+ (void)modify_add_values( &e, &mod,
+ /* permissive */ 1,
+ &text, textbuf, sizeof( textbuf ) );
+
+ /* should not insert new attrs! */
+ assert( e.e_attrs == *ap );
+
+ attr_free( *tap );
+ *tap = next;
+
+ } else {
+ tap = &(*tap)->a_next;
+ }
+ }
+ }
+ }
+
return 0;
}
@@ -883,13 +1346,13 @@ rwm_send_entry( Operation *op, SlapReply
(struct ldaprwmap *)on->on_bi.bi_private;
Entry *e = NULL;
- int flags;
+ slap_mask_t flags;
struct berval dn = BER_BVNULL,
ndn = BER_BVNULL;
dncookie dc;
int rc;
- assert( rs->sr_entry );
+ assert( rs->sr_entry != NULL );
/*
* Rewrite the dn of the result, if needed
@@ -920,6 +1383,7 @@ rwm_send_entry( Operation *op, SlapReply
goto fail;
}
+ flags &= ~REP_ENTRY_MUSTRELEASE;
flags |= ( REP_ENTRY_MODIFIABLE | REP_ENTRY_MUSTBEFREED );
}
@@ -928,7 +1392,9 @@ rwm_send_entry( Operation *op, SlapReply
* from the one known to the meta, and a DN with unknown
* attributes is returned.
*/
- rc = rwm_dn_massage( &dc, &e->e_name, &dn, &ndn );
+ dn = e->e_name;
+ ndn = e->e_nname;
+ rc = rwm_dn_massage_pretty_normalize( &dc, &e->e_name, &dn, &ndn );
if ( rc != LDAP_SUCCESS ) {
rc = 1;
goto fail;
@@ -948,7 +1414,11 @@ rwm_send_entry( Operation *op, SlapReply
/* FIXME: the entries are in the remote mapping form;
* so we need to select those attributes we are willing
* to return, and remap them accordingly */
- (void)rwm_attrs( op, rs, &e->e_attrs );
+ (void)rwm_attrs( op, rs, &e->e_attrs, 1 );
+
+ if ( rs->sr_flags & REP_ENTRY_MUSTRELEASE ) {
+ be_entry_release_rw( op, rs->sr_entry, 0 );
+ }
rs->sr_entry = e;
rs->sr_flags = flags;
@@ -956,6 +1426,18 @@ rwm_send_entry( Operation *op, SlapReply
return SLAP_CB_CONTINUE;
fail:;
+ if ( e != NULL && e != rs->sr_entry ) {
+ if ( e->e_name.bv_val == dn.bv_val ) {
+ BER_BVZERO( &e->e_name );
+ }
+
+ if ( e->e_nname.bv_val == ndn.bv_val ) {
+ BER_BVZERO( &e->e_nname );
+ }
+
+ entry_free( e );
+ }
+
if ( !BER_BVISNULL( &dn ) ) {
ch_free( dn.bv_val );
}
@@ -964,10 +1446,6 @@ fail:;
ch_free( ndn.bv_val );
}
- if ( e != NULL && e != rs->sr_entry ) {
- entry_free( e );
- }
-
return rc;
}
@@ -978,20 +1456,45 @@ rwm_operational( Operation *op, SlapRepl
* so we need to select those attributes we are willing
* to return, and remap them accordingly */
if ( rs->sr_operational_attrs ) {
- rwm_attrs( op, rs, &rs->sr_operational_attrs );
+ rwm_attrs( op, rs, &rs->sr_operational_attrs, 1 );
+ }
+
+ return SLAP_CB_CONTINUE;
+}
+
+#if 0
+/* don't use this; it cannot be reverted, and leaves op->o_req_dn
+ * rewritten for subsequent operations; fine for plain suffixmassage,
+ * but destroys everything else */
+static int
+rwm_chk_referrals( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ int rc;
+
+#ifdef ENABLE_REWRITE
+ rc = rwm_op_dn_massage( op, rs, "referralCheckDN" );
+#else /* ! ENABLE_REWRITE */
+ rc = 1;
+ rc = rwm_op_dn_massage( op, rs, &rc );
+#endif /* ! ENABLE_REWRITE */
+ if ( rc != LDAP_SUCCESS ) {
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ send_ldap_error( op, rs, rc, "referralCheckDN massage error" );
+ return -1;
}
return SLAP_CB_CONTINUE;
}
+#endif
static int
rwm_rw_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
#ifdef ENABLE_REWRITE
slap_overinst *on = (slap_overinst *) be->bd_info;
@@ -1011,12 +1514,11 @@ rwm_rw_config(
static int
rwm_suffixmassage_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
@@ -1105,12 +1607,11 @@ rwm_suffixmassage_config(
static int
rwm_m_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
struct ldaprwmap *rwmap =
@@ -1137,14 +1638,6 @@ rwm_response( Operation *op, SlapReply *
switch( op->o_tag ) {
case LDAP_REQ_SEARCH:
- /* Note: the operation attrs are remapped */
- if ( op->ors_attrs != NULL && op->ors_attrs != rs->sr_attrs )
- {
- ch_free( op->ors_attrs );
- op->ors_attrs = rs->sr_attrs;
- }
- /* fall thru */
-
case LDAP_REQ_BIND:
case LDAP_REQ_ADD:
case LDAP_REQ_DELETE:
@@ -1186,13 +1679,16 @@ rwm_response( Operation *op, SlapReply *
static int
rwm_db_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ struct ldaprwmap *rwmap =
+ (struct ldaprwmap *)on->on_bi.bi_private;
+
int rc = 0;
char *argv0 = NULL;
@@ -1210,6 +1706,38 @@ rwm_db_config(
} else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
rc = rwm_suffixmassage_config( be, fname, lineno, argc, argv );
+ } else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
+ rwmap->rwm_flags &= ~(RWM_F_SUPPORT_T_F|RWM_F_SUPPORT_T_F_DISCOVER);
+
+ } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
+ rwmap->rwm_flags |= RWM_F_SUPPORT_T_F;
+
+ /* TODO: not implemented yet */
+ } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
+ fprintf( stderr,
+ "%s: line %d: \"discover\" not supported yet "
+ "in \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno );
+ return( 1 );
+#if 0
+ rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
+#endif
+
+ } else {
+ fprintf( stderr,
+ "%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+
} else {
rc = SLAP_CONF_UNKNOWN;
}
@@ -1223,56 +1751,50 @@ rwm_db_config(
static int
rwm_db_init(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
- struct ldapmapping *mapping = NULL;
struct ldaprwmap *rwmap;
+#ifdef ENABLE_REWRITE
+ char *rargv[ 3 ];
+#endif /* ENABLE_REWRITE */
+ int rc = 0;
- rwmap = (struct ldaprwmap *)ch_malloc(sizeof(struct ldaprwmap));
- memset(rwmap, 0, sizeof(struct ldaprwmap));
+ rwmap = (struct ldaprwmap *)ch_calloc( 1, sizeof( struct ldaprwmap ) );
#ifdef ENABLE_REWRITE
rwmap->rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
if ( rwmap->rwm_rw == NULL ) {
- ch_free( rwmap );
- return -1;
+ rc = -1;
+ goto error_return;
}
- {
- char *rargv[3];
-
- /* this rewriteContext by default must be null;
- * rules can be added if required */
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "searchFilter";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "", 1, 2, rargv );
-
- rargv[ 0 ] = "rewriteContext";
- rargv[ 1 ] = "default";
- rargv[ 2 ] = NULL;
- rewrite_parse( rwmap->rwm_rw, "", 2, 2, rargv );
- }
-
+ /* this rewriteContext by default must be null;
+ * rules can be added if required */
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "searchFilter";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "", 1, 2, rargv );
+
+ rargv[ 0 ] = "rewriteContext";
+ rargv[ 1 ] = "default";
+ rargv[ 2 ] = NULL;
+ rewrite_parse( rwmap->rwm_rw, "", 2, 2, rargv );
#endif /* ENABLE_REWRITE */
- if ( rwm_map_init( &rwmap->rwm_oc, &mapping ) != LDAP_SUCCESS ||
- rwm_map_init( &rwmap->rwm_at, &mapping ) != LDAP_SUCCESS )
- {
- return 1;
- }
-
+error_return:;
on->on_bi.bi_private = (void *)rwmap;
- return 0;
+ if ( rc ) {
+ (void)rwm_db_destroy( be );
+ }
+
+ return rc;
}
static int
rwm_db_destroy(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
int rc = 0;
@@ -1282,7 +1804,7 @@ rwm_db_destroy(
(struct ldaprwmap *)on->on_bi.bi_private;
#ifdef ENABLE_REWRITE
- if (rwmap->rwm_rw) {
+ if ( rwmap->rwm_rw ) {
rewrite_info_delete( &rwmap->rwm_rw );
}
#else /* !ENABLE_REWRITE */
@@ -1291,10 +1813,12 @@ rwm_db_destroy(
}
#endif /* !ENABLE_REWRITE */
- avl_free( rwmap->rwm_oc.remap, NULL );
+ avl_free( rwmap->rwm_oc.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_oc.map, rwm_mapping_free );
- avl_free( rwmap->rwm_at.remap, NULL );
+ avl_free( rwmap->rwm_at.remap, rwm_mapping_dst_free );
avl_free( rwmap->rwm_at.map, rwm_mapping_free );
+
+ ch_free( rwmap );
}
return rc;
@@ -1302,8 +1826,11 @@ rwm_db_destroy(
static slap_overinst rwm = { { NULL } };
+#if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
+static
+#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
int
-rwm_init(void)
+rwm_initialize( void )
{
memset( &rwm, 0, sizeof( slap_overinst ) );
@@ -1313,16 +1840,23 @@ rwm_init(void)
rwm.on_bi.bi_db_config = rwm_db_config;
rwm.on_bi.bi_db_destroy = rwm_db_destroy;
- rwm.on_bi.bi_op_bind = rwm_bind;
- rwm.on_bi.bi_op_search = rwm_search;
- rwm.on_bi.bi_op_compare = rwm_compare;
- rwm.on_bi.bi_op_modify = rwm_modify;
- rwm.on_bi.bi_op_modrdn = rwm_modrdn;
- rwm.on_bi.bi_op_add = rwm_add;
- rwm.on_bi.bi_op_delete = rwm_delete;
- rwm.on_bi.bi_op_unbind = rwm_unbind;
+ rwm.on_bi.bi_op_bind = rwm_op_bind;
+ rwm.on_bi.bi_op_search = rwm_op_search;
+ rwm.on_bi.bi_op_compare = rwm_op_compare;
+ rwm.on_bi.bi_op_modify = rwm_op_modify;
+ rwm.on_bi.bi_op_modrdn = rwm_op_modrdn;
+ rwm.on_bi.bi_op_add = rwm_op_add;
+ rwm.on_bi.bi_op_delete = rwm_op_delete;
+ rwm.on_bi.bi_op_unbind = rwm_op_unbind;
rwm.on_bi.bi_extended = rwm_extended;
+
rwm.on_bi.bi_operational = rwm_operational;
+ rwm.on_bi.bi_chk_referrals = 0 /* rwm_chk_referrals */ ;
+
+#ifdef ENABLE_REWRITE
+ rwm.on_bi.bi_connection_init = rwm_conn_init;
+ rwm.on_bi.bi_connection_destroy = rwm_conn_destroy;
+#endif /* ENABLE_REWRITE */
rwm.on_response = rwm_response;
@@ -1333,7 +1867,7 @@ rwm_init(void)
int
init_module( int argc, char *argv[] )
{
- return rwm_init();
+ return rwm_initialize();
}
#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */