mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-15 03:01:09 +08:00
Updated sasl response to support returning of referrals.
Updates to extended operation framework to support arbitrary referrals and extended results without OIDs. Updated passwd extended operation to support returning update_refs as needed. Needs replog support.
This commit is contained in:
parent
7b2f498415
commit
6253e7c278
@ -29,20 +29,23 @@ ldbm_back_extended(
|
||||
Backend *be,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
char *oid,
|
||||
char *reqoid,
|
||||
struct berval *reqdata,
|
||||
char **rspoid,
|
||||
struct berval **rspdata,
|
||||
LDAPControl *** rspctrls,
|
||||
char** text
|
||||
char** text,
|
||||
struct berval *** refs
|
||||
)
|
||||
{
|
||||
int i;
|
||||
|
||||
for( i=0; exop_table[i].oid != NULL; i++ ) {
|
||||
if( strcmp( exop_table[i].oid, oid ) == 0 ) {
|
||||
if( strcmp( exop_table[i].oid, reqoid ) == 0 ) {
|
||||
return (exop_table[i].extended)(
|
||||
be, conn, op, oid,
|
||||
reqdata, rspdata, rspctrls, text );
|
||||
be, conn, op,
|
||||
reqoid, reqdata,
|
||||
rspoid, rspdata, rspctrls, text, refs );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -26,9 +26,11 @@ extern int ldbm_back_extended LDAP_P(( BackendDB *bd,
|
||||
Connection *conn, Operation *op,
|
||||
char *reqoid,
|
||||
struct berval *reqdata,
|
||||
char **rspoid,
|
||||
struct berval **rspdata,
|
||||
LDAPControl *** rspctrls,
|
||||
char **text ));
|
||||
char **text,
|
||||
struct berval *** refs ));
|
||||
|
||||
extern int ldbm_back_bind LDAP_P(( BackendDB *bd,
|
||||
Connection *conn, Operation *op,
|
||||
|
@ -21,11 +21,13 @@ ldbm_back_exop_passwd(
|
||||
Backend *be,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
char *oid,
|
||||
char *reqoid,
|
||||
struct berval *reqdata,
|
||||
char **rspoid,
|
||||
struct berval **rspdata,
|
||||
LDAPControl *** rspctrls,
|
||||
char** text
|
||||
char** text,
|
||||
struct berval *** refs
|
||||
)
|
||||
{
|
||||
struct ldbminfo *li = (struct ldbminfo *) be->be_private;
|
||||
@ -38,8 +40,8 @@ ldbm_back_exop_passwd(
|
||||
|
||||
char *dn;
|
||||
|
||||
assert( oid != NULL );
|
||||
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, oid ) == 0 );
|
||||
assert( reqoid != NULL );
|
||||
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );
|
||||
|
||||
rc = slap_passwd_parse( reqdata,
|
||||
&id, NULL, &new, text );
|
||||
|
@ -148,11 +148,13 @@ int index_change_values LDAP_P(( Backend *be,
|
||||
*/
|
||||
extern int ldbm_back_exop_passwd LDAP_P(( BackendDB *bd,
|
||||
Connection *conn, Operation *op,
|
||||
char *oid,
|
||||
char *reqoid,
|
||||
struct berval *reqdata,
|
||||
char **rspoid,
|
||||
struct berval **rspdata,
|
||||
LDAPControl ***rspctrls,
|
||||
char **text ));
|
||||
char **text,
|
||||
struct berval *** refs ));
|
||||
|
||||
|
||||
/*
|
||||
|
@ -86,19 +86,20 @@ do_extended(
|
||||
)
|
||||
{
|
||||
int rc = LDAP_SUCCESS;
|
||||
char* oid;
|
||||
char* reqoid;
|
||||
struct berval *reqdata;
|
||||
ber_tag_t tag;
|
||||
ber_len_t len;
|
||||
extop_list_t *ext;
|
||||
char *text;
|
||||
struct berval **refs;
|
||||
char *rspoid;
|
||||
struct berval *rspdata;
|
||||
LDAPControl **rspctrls;
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE, "do_extended\n", 0, 0, 0 );
|
||||
|
||||
oid = NULL;
|
||||
reqoid = NULL;
|
||||
reqdata = NULL;
|
||||
|
||||
if( op->o_protocol < LDAP_VERSION3 ) {
|
||||
@ -110,7 +111,7 @@ do_extended(
|
||||
goto done;
|
||||
}
|
||||
|
||||
if ( ber_scanf( op->o_ber, "{a" /*}*/, &oid ) == LBER_ERROR ) {
|
||||
if ( ber_scanf( op->o_ber, "{a" /*}*/, &reqoid ) == LBER_ERROR ) {
|
||||
Debug( LDAP_DEBUG_ANY, "do_extended: ber_scanf failed\n", 0, 0 ,0 );
|
||||
send_ldap_disconnect( conn, op,
|
||||
LDAP_PROTOCOL_ERROR, "decoding error" );
|
||||
@ -118,9 +119,9 @@ do_extended(
|
||||
goto done;
|
||||
}
|
||||
|
||||
if( !(ext = find_extop(supp_ext_list, oid)) ) {
|
||||
if( !(ext = find_extop(supp_ext_list, reqoid)) ) {
|
||||
Debug( LDAP_DEBUG_ANY, "do_extended: unsupported operation \"%s\"\n",
|
||||
oid, 0 ,0 );
|
||||
reqoid, 0 ,0 );
|
||||
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
|
||||
NULL, "unsupported extended operation", NULL, NULL );
|
||||
goto done;
|
||||
@ -143,22 +144,29 @@ do_extended(
|
||||
return rc;
|
||||
}
|
||||
|
||||
Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", oid, 0 ,0 );
|
||||
Debug( LDAP_DEBUG_ARGS, "do_extended: oid=%s\n", reqoid, 0 ,0 );
|
||||
|
||||
rspoid = NULL;
|
||||
rspdata = NULL;
|
||||
rspctrls = NULL;
|
||||
text = NULL;
|
||||
refs = NULL;
|
||||
|
||||
rc = (ext->ext_main)( extop_callback, conn, op,
|
||||
oid, reqdata, &rspdata, &rspctrls, &text );
|
||||
reqoid, reqdata,
|
||||
&rspoid, &rspdata, &rspctrls, &text, &refs );
|
||||
|
||||
if( rc != SLAPD_ABANDON ) {
|
||||
refs = NULL;
|
||||
if (rc == LDAP_REFERRAL)
|
||||
if (rc == LDAP_REFERRAL) {
|
||||
refs = default_referral;
|
||||
}
|
||||
|
||||
send_ldap_extended( conn, op, rc, NULL, text,
|
||||
refs, oid, rspdata, rspctrls );
|
||||
send_ldap_extended( conn, op, rc, NULL, text, refs,
|
||||
rspoid, rspdata, rspctrls );
|
||||
}
|
||||
|
||||
if ( rspoid != NULL ) {
|
||||
free( rspoid );
|
||||
}
|
||||
|
||||
if ( rspdata != NULL )
|
||||
@ -171,8 +179,8 @@ done:
|
||||
if ( reqdata != NULL ) {
|
||||
ber_bvfree( reqdata );
|
||||
}
|
||||
if ( oid != NULL ) {
|
||||
free( oid );
|
||||
if ( reqoid != NULL ) {
|
||||
free( reqoid );
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
@ -20,28 +20,43 @@
|
||||
|
||||
int passwd_extop(
|
||||
SLAP_EXTOP_CALLBACK_FN ext_callback,
|
||||
Connection *conn, Operation *op, char *oid,
|
||||
Connection *conn, Operation *op,
|
||||
char *reqoid,
|
||||
struct berval *reqdata,
|
||||
char **rspoid,
|
||||
struct berval **rspdata,
|
||||
LDAPControl ***rspctrls,
|
||||
char **text )
|
||||
char **text,
|
||||
struct berval ***refs )
|
||||
{
|
||||
int rc;
|
||||
|
||||
assert( oid != NULL );
|
||||
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, oid ) == 0 );
|
||||
assert( reqoid != NULL );
|
||||
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );
|
||||
|
||||
if( op->o_dn == NULL || op->o_dn[0] == '\0' ) {
|
||||
*text = ch_strdup("only authenicated users may change passwords");
|
||||
return LDAP_STRONG_AUTH_REQUIRED;
|
||||
}
|
||||
|
||||
if( conn->c_authz_backend != NULL &&
|
||||
conn->c_authz_backend->be_extended )
|
||||
if( conn->c_authz_backend != NULL && conn->c_authz_backend->be_extended )
|
||||
{
|
||||
rc = conn->c_authz_backend->be_extended(
|
||||
conn->c_authz_backend,
|
||||
conn, op, oid, reqdata, rspdata, rspctrls, text );
|
||||
if( global_readonly || conn->c_authz_backend->be_readonly ) {
|
||||
*text = ch_strdup("authorization database is read only");
|
||||
rc = LDAP_UNWILLING_TO_PERFORM;
|
||||
|
||||
} else if( conn->c_authz_backend->be_update_ndn != NULL ) {
|
||||
/* we SHOULD return a referral in this case */
|
||||
*refs = conn->c_authz_backend->be_update_refs;
|
||||
rc = LDAP_REFERRAL;
|
||||
|
||||
} else {
|
||||
rc = conn->c_authz_backend->be_extended(
|
||||
conn->c_authz_backend, conn, op,
|
||||
reqoid, reqdata,
|
||||
rspoid, rspdata, rspctrls,
|
||||
text, refs );
|
||||
}
|
||||
|
||||
} else {
|
||||
*text = ch_strdup("operation not supported for current user");
|
||||
|
@ -256,11 +256,13 @@ typedef int (*SLAP_EXTOP_CALLBACK_FN) LDAP_P((
|
||||
typedef int (*SLAP_EXTOP_MAIN_FN) LDAP_P((
|
||||
SLAP_EXTOP_CALLBACK_FN,
|
||||
Connection *conn, Operation *op,
|
||||
char * oid,
|
||||
char * reqoid,
|
||||
struct berval * reqdata,
|
||||
char ** rspoid,
|
||||
struct berval ** rspdata,
|
||||
LDAPControl *** rspctrls,
|
||||
char ** text ));
|
||||
char ** text,
|
||||
struct berval *** refs ));
|
||||
|
||||
typedef int (*SLAP_EXTOP_GETOID_FN) LDAP_P((
|
||||
int index, char *oid, int blen ));
|
||||
@ -377,6 +379,7 @@ LIBSLAPD_F (void) send_ldap_sasl LDAP_P((
|
||||
Connection *conn, Operation *op,
|
||||
ber_int_t err, const char *matched,
|
||||
const char *text,
|
||||
struct berval **refs,
|
||||
LDAPControl **ctrls,
|
||||
struct berval *cred ));
|
||||
|
||||
@ -391,6 +394,11 @@ LIBSLAPD_F (void) send_ldap_extended LDAP_P((
|
||||
char *rspoid, struct berval *rspdata,
|
||||
LDAPControl **ctrls ));
|
||||
|
||||
LIBSLAPD_F (void) send_ldap_partial LDAP_P((
|
||||
Connection *conn, Operation *op,
|
||||
char *rspoid, struct berval *rspdata,
|
||||
LDAPControl **ctrls ));
|
||||
|
||||
LIBSLAPD_F (void) send_search_result LDAP_P((
|
||||
Connection *conn, Operation *op,
|
||||
ber_int_t err, const char *matched, const char *text,
|
||||
@ -465,11 +473,13 @@ LIBSLAPD_F (int) dscompare LDAP_P(( const char *s1, const char *s2del, char deli
|
||||
LIBSLAPD_F (int) starttls_extop LDAP_P((
|
||||
SLAP_EXTOP_CALLBACK_FN,
|
||||
Connection *conn, Operation *op,
|
||||
char * oid,
|
||||
char * reqoid,
|
||||
struct berval * reqdata,
|
||||
char ** rspoid,
|
||||
struct berval ** rspdata,
|
||||
LDAPControl ***rspctrls,
|
||||
char ** text ));
|
||||
char ** text,
|
||||
struct berval *** refs ));
|
||||
|
||||
|
||||
/*
|
||||
@ -506,11 +516,13 @@ LIBSLAPD_F (void) slap_init_user LDAP_P(( char *username, char *groupname ));
|
||||
LIBSLAPD_F (int) passwd_extop LDAP_P((
|
||||
SLAP_EXTOP_CALLBACK_FN,
|
||||
Connection *conn, Operation *op,
|
||||
char * oid,
|
||||
char * reqoid,
|
||||
struct berval * reqdata,
|
||||
char ** rspoid,
|
||||
struct berval ** rspdata,
|
||||
LDAPControl *** rspctrls,
|
||||
char ** text ));
|
||||
char ** text,
|
||||
struct berval *** refs ));
|
||||
|
||||
LIBSLAPD_F (int) slap_passwd_check(
|
||||
Attribute *attr,
|
||||
|
@ -457,6 +457,7 @@ send_ldap_sasl(
|
||||
ber_int_t err,
|
||||
const char *matched,
|
||||
const char *text,
|
||||
struct berval **ref,
|
||||
LDAPControl **ctrls,
|
||||
struct berval *cred
|
||||
)
|
||||
@ -482,7 +483,7 @@ send_ldap_sasl(
|
||||
#endif
|
||||
|
||||
send_ldap_response( conn, op, tag, msgid,
|
||||
err, matched, text, NULL,
|
||||
err, matched, text, ref,
|
||||
NULL, NULL, cred, ctrls );
|
||||
}
|
||||
|
||||
|
@ -535,11 +535,13 @@ typedef int (*SLAP_EXTENDED_FN) LDAP_P((
|
||||
Backend *be,
|
||||
struct slap_conn *conn,
|
||||
struct slap_op *op,
|
||||
char *oid,
|
||||
char *reqoid,
|
||||
struct berval * reqdata,
|
||||
char **rspoid,
|
||||
struct berval ** rspdata,
|
||||
LDAPControl ***rspctrls,
|
||||
char** text ));
|
||||
LDAPControl *** rspctrls,
|
||||
char ** text,
|
||||
struct berval *** refs ));
|
||||
|
||||
struct slap_backend_info {
|
||||
char *bi_type; /* type of backend */
|
||||
|
@ -23,11 +23,13 @@ starttls_extop (
|
||||
SLAP_EXTOP_CALLBACK_FN cb,
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
char * oid,
|
||||
char * reqoid,
|
||||
struct berval * reqdata,
|
||||
char ** rspoid,
|
||||
struct berval ** rspdata,
|
||||
LDAPControl ***rspctrls,
|
||||
char ** text )
|
||||
char ** text,
|
||||
struct berval *** refs )
|
||||
{
|
||||
void *ctx;
|
||||
|
||||
|
@ -62,6 +62,7 @@ send_ldap_sasl(
|
||||
ber_int_t err,
|
||||
const char *matched,
|
||||
const char *text,
|
||||
struct berval **refs,
|
||||
LDAPControl **ctrls,
|
||||
struct berval *cred
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user