--- servers/slapd/root_dse.c 1999/06/17 19:48:04 1.5.2.1 +++ servers/slapd/root_dse.c 2002/04/15 15:21:56 1.61.2.1 @@ -1,6 +1,7 @@ +/* $OpenLDAP: pkg/ldap/servers/slapd/root_dse.c,v 1.62 2002/04/08 16:37:38 ando Exp $ */ /* root_dse.c - Provides the ROOT DSA-Specific Entry * - * Copyright 1999 The OpenLDAP Foundation. + * Copyright 1999-2002 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms are permitted only @@ -12,75 +13,212 @@ #include "portable.h" #include +#include -#include "ldap_defaults.h" #include "slap.h" +#include +#include "lber_pvt.h" -void -root_dse_info( Connection *conn, Operation *op, char **attrs, int attrsonly ) +static struct berval supportedFeatures[] = { + BER_BVC("1.3.6.1.4.1.4203.1.5.1"), /* all Operational Attributes ("+") */ + BER_BVC("1.3.6.1.4.1.4203.1.5.2"), /* OCs in Attributes List */ + BER_BVC("1.3.6.1.4.1.4203.1.5.3"), /* (&) and (|) search filters */ + BER_BVC("1.3.6.1.4.1.4203.1.5.4"), /* Language Tag Options */ + BER_BVC("1.3.6.1.4.1.4203.1.5.5"), /* Language Range Options */ + {0,NULL} +}; + +static Entry *usr_attr = NULL; + +int +root_dse_info( + Connection *conn, + Entry **entry, + const char **text ) { + char buf[BUFSIZ]; Entry *e; - char buf[BUFSIZ]; - struct berval val; - struct berval *vals[2]; + struct berval vals[2], *bv; int i, j; + char ** supportedSASLMechanisms; - vals[0] = &val; - vals[1] = NULL; + AttributeDescription *ad_structuralObjectClass + = slap_schema.si_ad_structuralObjectClass; + AttributeDescription *ad_objectClass + = slap_schema.si_ad_objectClass; + AttributeDescription *ad_namingContexts + = slap_schema.si_ad_namingContexts; + AttributeDescription *ad_supportedControl + = slap_schema.si_ad_supportedControl; + AttributeDescription *ad_supportedExtension + = slap_schema.si_ad_supportedExtension; + AttributeDescription *ad_supportedLDAPVersion + = slap_schema.si_ad_supportedLDAPVersion; + AttributeDescription *ad_supportedSASLMechanisms + = slap_schema.si_ad_supportedSASLMechanisms; + AttributeDescription *ad_supportedFeatures + = slap_schema.si_ad_supportedFeatures; + AttributeDescription *ad_ref + = slap_schema.si_ad_ref; + + vals[1].bv_val = NULL; e = (Entry *) ch_calloc( 1, sizeof(Entry) ); e->e_attrs = NULL; - e->e_dn = ch_strdup( LDAP_ROOT_DSE ); - e->e_ndn = dn_normalize_case( ch_strdup( LDAP_ROOT_DSE )); + e->e_name.bv_val = ch_strdup( LDAP_ROOT_DSE ); + e->e_name.bv_len = sizeof( LDAP_ROOT_DSE )-1; + e->e_nname.bv_val = ch_strdup( LDAP_ROOT_DSE ); + e->e_nname.bv_len = sizeof( LDAP_ROOT_DSE )-1; + + /* the DN is an empty string so no pretty/normalization is needed */ + assert( !e->e_name.bv_len ); + assert( !e->e_nname.bv_len ); + e->e_private = NULL; + vals[0].bv_val = "OpenLDAProotDSE"; + vals[0].bv_len = sizeof("OpenLDAProotDSE")-1; + attr_merge( e, ad_structuralObjectClass, vals ); + + vals[0].bv_val = "top"; + vals[0].bv_len = sizeof("top")-1; + attr_merge( e, ad_objectClass, vals ); + + vals[0].bv_val = "OpenLDAProotDSE"; + vals[0].bv_len = sizeof("OpenLDAProotDSE")-1; + attr_merge( e, ad_objectClass, vals ); + for ( i = 0; i < nbackends; i++ ) { + if ( backends[i].be_flags & SLAP_BFLAG_GLUE_SUBORDINATE ) { + continue; + } for ( j = 0; backends[i].be_suffix[j] != NULL; j++ ) { - strcpy( buf, backends[i].be_suffix[j] ); - val.bv_val = buf; - val.bv_len = strlen( buf ); - attr_merge( e, "namingContexts", vals ); + vals[0] = *backends[i].be_suffix[j]; + attr_merge( e, ad_namingContexts, vals ); } } -#if defined( SLAPD_MONITOR_DN ) - strcpy( buf, SLAPD_MONITOR_DN ); - val.bv_val = buf; - val.bv_len = strlen( buf ); - attr_merge( e, "namingContexts", vals ); -#endif - -#if defined( SLAPD_CONFIG_DN ) - strcpy( buf, SLAPD_CONFIG_DN ); - val.bv_val = buf; - val.bv_len = strlen( buf ); - attr_merge( e, "namingContexts", vals ); -#endif - -#if defined( SLAPD_SCHEMA_DN ) - val.bv_val = ch_strdup( SLAPD_SCHEMA_DN ); - val.bv_len = strlen( val.bv_val ); - attr_merge( e, "namingContexts", vals ); - attr_merge( e, "subschemaSubentry", vals ); - ldap_memfree( val.bv_val ); -#endif - /* altServer unsupported */ - /* supportedExtension: no extensions supported */ - /* supportedControl: no controls supported */ - /* supportedSASLMechanism: not yet */ + /* supportedControl */ + for ( i=0; (vals[0].bv_val = get_supported_ctrl(i)) != NULL; i++ ) { + vals[0].bv_len = strlen( vals[0].bv_val ); + attr_merge( e, ad_supportedControl, vals ); + } + + /* supportedExtension */ + for ( i=0; (bv = get_supported_extop(i)) != NULL; i++ ) { + vals[0] = *bv; + attr_merge( e, ad_supportedExtension, vals ); + } + + /* supportedFeatures */ + attr_merge( e, ad_supportedFeatures, supportedFeatures ); + + /* supportedLDAPVersion */ for ( i=LDAP_VERSION_MIN; i<=LDAP_VERSION_MAX; i++ ) { + if (!( global_allows & SLAP_ALLOW_BIND_V2 ) && + ( i < LDAP_VERSION3 ) ) + { + /* version 2 and lower are disallowed */ + continue; + } sprintf(buf,"%d",i); - val.bv_val = buf; - val.bv_len = strlen( buf ); - attr_merge( e, "supportedLDAPVersion", vals ); - } - - send_search_entry( &backends[0], conn, op, e, attrs, attrsonly ); - send_ldap_search_result( conn, op, LDAP_SUCCESS, NULL, NULL, 1 ); + vals[0].bv_val = buf; + vals[0].bv_len = strlen( vals[0].bv_val ); + attr_merge( e, ad_supportedLDAPVersion, vals ); + } + + /* supportedSASLMechanism */ + supportedSASLMechanisms = slap_sasl_mechs( conn ); - entry_free( e ); + if( supportedSASLMechanisms != NULL ) { + for ( i=0; supportedSASLMechanisms[i] != NULL; i++ ) { + vals[0].bv_val = supportedSASLMechanisms[i]; + vals[0].bv_len = strlen( vals[0].bv_val ); + attr_merge( e, ad_supportedSASLMechanisms, vals ); + } + charray_free( supportedSASLMechanisms ); + } + + if ( default_referral != NULL ) { + attr_merge( e, ad_ref, default_referral ); + } + + if( usr_attr != NULL) { + Attribute *a; + for( a = usr_attr->e_attrs; a != NULL; a = a->a_next ) { + attr_merge( e, a->a_desc, a->a_vals ); + } + } + + *entry = e; + return LDAP_SUCCESS; } +/* + * Read the entries specified in fname and merge the attributes + * to the user defined rootDSE. Note thaat if we find any errors + * what so ever, we will discard the entire entries, print an + * error message and return. + */ +int read_root_dse_file( const char *fname ) +{ + FILE *fp; + int rc = 0, lineno = 0, lmax = 0; + char *buf = NULL; + + if ( (fp = fopen( fname, "r" )) == NULL ) { + Debug( LDAP_DEBUG_ANY, + "could not open rootdse attr file \"%s\" - absolute path?\n", + fname, 0, 0 ); + perror( fname ); + return EXIT_FAILURE; + } + + usr_attr = (Entry *) ch_calloc( 1, sizeof(Entry) ); + usr_attr->e_attrs = NULL; + + while( ldif_read_record( fp, &lineno, &buf, &lmax ) ) { + Entry *e = str2entry( buf ); + Attribute *a; + + if( e == NULL ) { + fprintf( stderr, "root_dse: could not parse entry (line=%d)\n", + lineno ); + entry_free( e ); + entry_free( usr_attr ); + usr_attr = NULL; + return EXIT_FAILURE; + } + + /* make sure the DN is the empty DN */ + if( e->e_nname.bv_len ) { + fprintf( stderr, + "root_dse: invalid rootDSE - dn=\"%s\" (line=%d)\n", + e->e_dn, lineno ); + entry_free( e ); + entry_free( usr_attr ); + usr_attr = NULL; + return EXIT_FAILURE; + } + + /* + * we found a valid entry, so walk thru all the attributes in the + * entry, and add each attribute type and description to the + * usr_attr entry + */ + + for(a = e->e_attrs; a != NULL; a = a->a_next) { + attr_merge( usr_attr, a->a_desc, a->a_vals ); + } + + entry_free( e ); + } + + ch_free( buf ); + + Debug(LDAP_DEBUG_CONFIG, "rootDSE file %s read.\n", fname, 0, 0); + return rc; +}