mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-24 13:24:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

s/saslAuthz/authz/

Browse Source
This commit is contained in:
Kurt Zeilenga 2004-04-16 06:12:13 +00:00
parent cfd495857d
commit a54900be42
10 changed files with 138 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
servers/slapd/Makefile.in
View File

@ -13,7 +13,7 @@
## top-level directory of the distribution or, alternatively, at ## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>. ## <http://www.OpenLDAP.org/license.html>.
SLAPTOOLS=slapadd slapcat slapdn slapindex slappasswd slaptest slapsaslauth SLAPTOOLS=slapadd slapcat slapdn slapindex slappasswd slaptest slapauth
PROGRAMS=slapd $(SLAPTOOLS) PROGRAMS=slapd $(SLAPTOOLS)
XPROGRAMS=sslapd libbackends.a .backend liboverlays.a XPROGRAMS=sslapd libbackends.a .backend liboverlays.a
XSRCS=version.c XSRCS=version.c
@ -37,7 +37,7 @@ SRCS = main.c globals.c config.c daemon.c \
backglue.c operational.c matchedValues.c cancel.c syncrepl.c \ backglue.c operational.c matchedValues.c cancel.c syncrepl.c \
backover.c ctxcsn.c ldapsync.c sessionlog.c \ backover.c ctxcsn.c ldapsync.c sessionlog.c \
slapadd.c slapcat.c slapcommon.c slapdn.c slapindex.c \ slapadd.c slapcat.c slapcommon.c slapdn.c slapindex.c \
slappasswd.c slaptest.c slapsaslauth.c \ slappasswd.c slaptest.c slapauth.c \
$(@PLAT@_SRCS) $(@PLAT@_SRCS)
OBJS = main.o globals.o config.o daemon.o \ OBJS = main.o globals.o config.o daemon.o \
@ -54,7 +54,7 @@ OBJS = main.o globals.o config.o daemon.o \
backglue.o operational.o matchedValues.o cancel.o syncrepl.o \ backglue.o operational.o matchedValues.o cancel.o syncrepl.o \
backover.o ctxcsn.o ldapsync.o sessionlog.o \ backover.o ctxcsn.o ldapsync.o sessionlog.o \
slapadd.o slapcat.o slapcommon.o slapdn.o slapindex.o \ slapadd.o slapcat.o slapcommon.o slapdn.o slapindex.o \
slappasswd.o slaptest.o slapsaslauth.o \ slappasswd.o slaptest.o slapauth.o \
$(@PLAT@_OBJS) $(@PLAT@_OBJS)
LDAP_INCDIR= ../../include -I$(srcdir)/slapi LDAP_INCDIR= ../../include -I$(srcdir)/slapi

16
servers/slapd/config.c
View File

@ -683,13 +683,11 @@ read_config( const char *fname, int depth )
lutil_salt_format( cargv[1] ); lutil_salt_format( cargv[1] );
/* SASL config options */
} else if ( strncasecmp( cargv[0], "sasl", 4 ) == 0 ) {
if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
return 1;
#ifdef SLAP_SASL_REWRITE #ifdef SLAP_SASL_REWRITE
/* use authid rewrite instead of sasl regexp */ /* use authid rewrite instead of sasl regexp */
} else if ( strncasecmp( cargv[0], "authid-rewrite", sizeof("authid-rewrite") - 1 ) == 0 ) { } else if ( strncasecmp( cargv[0], "auth-rewrite",
sizeof("auth-rewrite") - 1 ) == 0 )
{
int rc = slap_sasl_rewrite_config( fname, lineno, int rc = slap_sasl_rewrite_config( fname, lineno,
cargc, cargv ); cargc, cargv );
if ( rc ) { if ( rc ) {
@ -697,6 +695,14 @@ read_config( const char *fname, int depth )
} }
#endif /* SLAP_SASL_REWRITE */ #endif /* SLAP_SASL_REWRITE */
/* Auth + SASL config options */
} else if ( !strncasecmp( cargv[0], "auth", sizeof("auth")-1 ) ||
!strncasecmp( cargv[0], "sasl", sizeof("sasl")-1 ))
{
if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
return 1;
} else if ( strcasecmp( cargv[0], "schemadn" ) == 0 ) { } else if ( strcasecmp( cargv[0], "schemadn" ) == 0 ) {
struct berval dn; struct berval dn;
if ( cargc < 2 ) { if ( cargc < 2 ) {

5
servers/slapd/main.c
View File

@ -65,7 +65,8 @@ static struct sockaddr_in bind_addr;
#endif #endif
typedef int (MainFunc) LDAP_P(( int argc, char *argv[] )); typedef int (MainFunc) LDAP_P(( int argc, char *argv[] ));
extern MainFunc slapadd, slapcat, slapdn, slapindex, slappasswd, slaptest, slapsaslauth; extern MainFunc slapadd, slapcat, slapdn, slapindex, slappasswd,
slaptest, slapauth;
static struct { static struct {
char *name; char *name;
@ -77,7 +78,7 @@ static struct {
{"slapindex", slapindex}, {"slapindex", slapindex},
{"slappasswd", slappasswd}, {"slappasswd", slappasswd},
{"slaptest", slaptest}, {"slaptest", slaptest},
{"slapsaslauth", slapsaslauth}, {"slapauth", slapauth},
{NULL, NULL} {NULL, NULL}
}; };

35
servers/slapd/sasl.c
View File

@ -70,55 +70,54 @@ int slap_sasl_config( int cargc, char **cargv, char *line,
const char *fname, int lineno ) const char *fname, int lineno )
{ {
/* set SASL proxy authorization policy */ /* set SASL proxy authorization policy */
if ( strcasecmp( cargv[0], "sasl-authz-policy" ) == 0 ) { if ( !strcasecmp( cargv[0], "authz-policy" ) ||
!strcasecmp( cargv[0], "sasl-authz-policy" ))
{
if ( cargc != 2 ) { if ( cargc != 2 ) {
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT, LDAP_LOG( CONFIG, CRIT,
"%s: line %d: missing policy in" "%s: line %d: missing policy in"
" \"sasl-authz-policy <policy>\" line\n", " \"%s <policy>\" line\n",
fname, lineno, 0 ); cargv[0], fname, lineno );
#else #else
Debug( LDAP_DEBUG_ANY, Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing policy in" "%s: line %d: missing policy in"
" \"sasl-authz-policy <policy>\" line\n", " \"%s <policy>\" line\n",
fname, lineno, 0 ); cargv[0], fname, lineno );
#endif #endif
return( 1 ); return( 1 );
} }
if ( slap_sasl_setpolicy( cargv[1] ) ) { if ( slap_sasl_setpolicy( cargv[1] ) ) {
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT, LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
"%s: line %d: unable " "unable to parse value \"%s\" in \"authz-policy "
"to parse value \"%s\" "
"in \"sasl-authz-policy "
"<policy>\" line.\n", "<policy>\" line.\n",
fname, lineno, cargv[1] ); fname, lineno, cargv[1] );
#else #else
Debug( LDAP_DEBUG_ANY, Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"%s: line %d: unable " "unable to parse value \"%s\" in \"authz-policy "
"to parse value \"%s\" " "<policy>\" line.\n",
"in \"sasl-authz-policy "
"<policy>\" line\n",
fname, lineno, cargv[1] ); fname, lineno, cargv[1] );
#endif #endif
return( 1 ); return( 1 );
} }
} else if ( !strcasecmp( cargv[0], "sasl-regexp" ) } else if ( !strcasecmp( cargv[0], "authz-regexp" ) ||
|| !strcasecmp( cargv[0], "saslregexp" ) ) !strcasecmp( cargv[0], "sasl-regexp" ) ||
!strcasecmp( cargv[0], "saslregexp" ) )
{ {
int rc; int rc;
if ( cargc != 3 ) { if ( cargc != 3 ) {
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT, LDAP_LOG( CONFIG, CRIT,
"%s: line %d: need 2 args in " "%s: line %d: need 2 args in "
"\"saslregexp <match> <replace>\"\n", "\"authz-regexp <match> <replace>\"\n",
fname, lineno, 0 ); fname, lineno, 0 );
#else #else
Debug( LDAP_DEBUG_ANY, Debug( LDAP_DEBUG_ANY,
"%s: line %d: need 2 args in " "%s: line %d: need 2 args in "
"\"saslregexp <match> <replace>\"\n", "\"authz-regexp <match> <replace>\"\n",
fname, lineno, 0 ); fname, lineno, 0 );
#endif #endif

2
servers/slapd/saslauthz.c
View File

@ -45,7 +45,7 @@
* dn.exact: the value must pass normalization and is used * dn.exact: the value must pass normalization and is used
* in exact DN match. * in exact DN match.
* dn.regex: the value is treated as a regular expression * dn.regex: the value is treated as a regular expression
* in matching DN values in saslAuthz{To|From} * in matching DN values in authz{To|From}
* attributes. * attributes.
* dn: for backwards compatibility reasons, the value * dn: for backwards compatibility reasons, the value
* is treated as a regular expression, and thus * is treated as a regular expression, and thus

12
servers/slapd/schema_prep.c
View File

@ -667,9 +667,9 @@ static struct slap_schema_ad_map {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_children) }, offsetof(struct slap_internal_schema, si_ad_children) },
{ "saslAuthzTo", "( 1.3.6.1.4.1.4203.666.1.8 " { "authzTo", "( 1.3.6.1.4.1.4203.666.1.8 "
"NAME 'saslAuthzTo' " "NAME ( 'authzTo' 'saslAuthzTo' ) "
"DESC 'SASL proxy authorization targets' " "DESC 'proxy authorization targets' "
"EQUALITY caseExactMatch " "EQUALITY caseExactMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 "
"USAGE distributedOperation )", "USAGE distributedOperation )",
@ -677,9 +677,9 @@ static struct slap_schema_ad_map {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_saslAuthzTo) }, offsetof(struct slap_internal_schema, si_ad_saslAuthzTo) },
{ "saslAuthzFrom", "( 1.3.6.1.4.1.4203.666.1.9 " { "authzFrom", "( 1.3.6.1.4.1.4203.666.1.9 "
"NAME 'saslAuthzFrom' " "NAME ( 'authzFrom' 'saslAuthzFrom' ) "
"DESC 'SASL proxy authorization sources' " "DESC 'proxy authorization sources' "
"EQUALITY caseExactMatch " "EQUALITY caseExactMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 "
"USAGE distributedOperation )", "USAGE distributedOperation )",

6
servers/slapd/slapsaslauth.c → servers/slapd/slapauth.c
View File

@ -75,17 +75,17 @@ do_check( Connection *c, Operation *op, struct berval *id )
} }
int int
slapsaslauth( int argc, char **argv ) slapauth( int argc, char **argv )
{ {
int rc = EXIT_SUCCESS; int rc = EXIT_SUCCESS;
const char *progname = "slapsaslauth"; const char *progname = "slapauth";
Connection conn; Connection conn;
Operation op; Operation op;
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
lutil_log_initialize( argc, argv ); lutil_log_initialize( argc, argv );
#endif #endif
slap_tool_init( progname, SLAPSASLAUTH, argc, argv ); slap_tool_init( progname, SLAPAUTH, argc, argv );
argv = &argv[ optind ]; argv = &argv[ optind ];
argc -= optind; argc -= optind;

8
servers/slapd/slapcommon.c
View File

@ -70,7 +70,7 @@ usage( int tool, const char *progname )
options = "\t[-n databasenumber | -b suffix]\n"; options = "\t[-n databasenumber | -b suffix]\n";
break; break;
case SLAPSASLAUTH: case SLAPAUTH:
options = "\t[-U authcID] [-X authzID] ID [...]\n"; options = "\t[-U authcID] [-X authzID] ID [...]\n";
break; break;
} }
@ -129,7 +129,7 @@ slap_tool_init(
options = "d:f:v"; options = "d:f:v";
break; break;
case SLAPSASLAUTH: case SLAPAUTH:
options = "d:f:U:vX:"; options = "d:f:U:vX:";
break; break;
@ -272,7 +272,7 @@ slap_tool_init(
} }
break; break;
case SLAPSASLAUTH: case SLAPAUTH:
if ( argc == optind && BER_BVISNULL( &authcID ) ) { if ( argc == optind && BER_BVISNULL( &authcID ) ) {
usage( tool, progname ); usage( tool, progname );
} }
@ -371,7 +371,7 @@ slap_tool_init(
case SLAPTEST: case SLAPTEST:
return; return;
case SLAPSASLAUTH: case SLAPAUTH:
be = NULL; be = NULL;
goto startup; goto startup;

2
servers/slapd/slapcommon.h
View File

@ -27,7 +27,7 @@ enum slaptool {
SLAPINDEX, /* database index tool */ SLAPINDEX, /* database index tool */
SLAPPASSWD, /* password generation tool */ SLAPPASSWD, /* password generation tool */
SLAPTEST, /* slapd.conf test tool */ SLAPTEST, /* slapd.conf test tool */
SLAPSASLAUTH, /* test sasl-regexp and authc/authz stuff */ SLAPAUTH, /* test authz-regexp and authc/authz stuff */
SLAPLAST SLAPLAST
}; };

140
servers/slapd/syncrepl.c
View File

@ -87,6 +87,7 @@ init_syncrepl(syncinfo_t *si)
Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 ); Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
#endif #endif
} }
} else { } else {
tmp = ( char ** ) ch_realloc( si->si_attrs, 5 * sizeof( char * )); tmp = ( char ** ) ch_realloc( si->si_attrs, 5 * sizeof( char * ));
if ( tmp == NULL ) { if ( tmp == NULL ) {
@ -102,7 +103,6 @@ init_syncrepl(syncinfo_t *si)
si->si_attrs = tmp; si->si_attrs = tmp;
/* Add Attributes */ /* Add Attributes */
for ( i = 0; sync_descs[ i ] != NULL; i++ ) { for ( i = 0; sync_descs[ i ] != NULL; i++ ) {
si->si_attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val ); si->si_attrs[ n++ ] = ch_strdup ( sync_descs[i]->ad_cname.bv_val );
si->si_attrs[ n ] = NULL; si->si_attrs[ n ] = NULL;
@ -112,8 +112,7 @@ init_syncrepl(syncinfo_t *si)
static int static int
ldap_sync_search( ldap_sync_search(
syncinfo_t *si, syncinfo_t *si,
void *ctx void *ctx )
)
{ {
BerElementBuffer berbuf; BerElementBuffer berbuf;
BerElement *ber = (BerElement *)&berbuf; BerElement *ber = (BerElement *)&berbuf;
@ -127,11 +126,14 @@ ldap_sync_search(
ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx ); ber_set_option( ber, LBER_OPT_BER_MEMCTX, &ctx );
if ( si->si_syncCookie.octet_str && if ( si->si_syncCookie.octet_str &&
si->si_syncCookie.octet_str[0].bv_val ) { si->si_syncCookie.octet_str[0].bv_val )
ber_printf( ber, "{eO}", abs(si->si_type), {
ber_printf( ber, "{eO}",
abs(si->si_type),
&si->si_syncCookie.octet_str[0] ); &si->si_syncCookie.octet_str[0] );
} else { } else {
ber_printf( ber, "{e}", abs(si->si_type) ); ber_printf( ber, "{e}",
abs(si->si_type) );
} }
if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) { if ( (rc = ber_flatten2( ber, &c[0].ldctl_value, 0 )) == LBER_ERROR ) {
@ -161,7 +163,6 @@ ldap_sync_search(
ctrls, NULL, si->si_tlimit < 0 ? NULL : &timeout, ctrls, NULL, si->si_tlimit < 0 ? NULL : &timeout,
si->si_slimit, &msgid ); si->si_slimit, &msgid );
ber_free_buf( ber ); ber_free_buf( ber );
return rc; return rc;
} }
@ -182,7 +183,6 @@ do_syncrep1(
psub = &si->si_be->be_nsuffix[0]; psub = &si->si_be->be_nsuffix[0];
/* Init connection to master */ /* Init connection to master */
rc = ldap_initialize( &si->si_ld, si->si_provideruri ); rc = ldap_initialize( &si->si_ld, si->si_provideruri );
if ( rc != LDAP_SUCCESS ) { if ( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
@ -242,9 +242,8 @@ do_syncrep1(
} }
} }
defaults = lutil_sasl_defaults( si->si_ld, defaults = lutil_sasl_defaults( si->si_ld, si->si_saslmech,
si->si_saslmech, si->si_realm, si->si_realm, si->si_authcId, si->si_passwd, si->si_authzId );
si->si_authcId, si->si_passwd, si->si_authzId );
rc = ldap_sasl_interactive_bind_s( si->si_ld, rc = ldap_sasl_interactive_bind_s( si->si_ld,
si->si_binddn, si->si_binddn,
@ -283,10 +282,12 @@ do_syncrep1(
} }
#else /* HAVE_CYRUS_SASL */ #else /* HAVE_CYRUS_SASL */
/* Should never get here, we trapped this at config time */ /* Should never get here, we trapped this at config time */
assert(0);
fprintf( stderr, "not compiled with SASL support\n" ); fprintf( stderr, "not compiled with SASL support\n" );
rc = LDAP_OTHER; rc = LDAP_OTHER;
goto done; goto done;
#endif #endif
} else { } else {
rc = ldap_bind_s( si->si_ld, rc = ldap_bind_s( si->si_ld,
si->si_binddn, si->si_passwd, si->si_bindmethod ); si->si_binddn, si->si_passwd, si->si_bindmethod );
@ -303,7 +304,6 @@ do_syncrep1(
} }
/* get syncrepl cookie of shadow replica from subentry */ /* get syncrepl cookie of shadow replica from subentry */
assert( si->si_rid < 1000 ); assert( si->si_rid < 1000 );
syncrepl_cn_bv.bv_val = syncrepl_cbuf; syncrepl_cn_bv.bv_val = syncrepl_cbuf;
syncrepl_cn_bv.bv_len = snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf), syncrepl_cn_bv.bv_len = snprintf(syncrepl_cbuf, sizeof(syncrepl_cbuf),
@ -341,6 +341,7 @@ do_syncrep1(
slap_dup_sync_cookie( &si->si_syncCookie, sc ); slap_dup_sync_cookie( &si->si_syncCookie, sc );
slap_sync_cookie_free( sc, 1 ); slap_sync_cookie_free( sc, 1 );
sc = NULL; sc = NULL;
} else { } else {
/* stored cookie */ /* stored cookie */
struct berval newcookie = BER_BVNULL; struct berval newcookie = BER_BVNULL;
@ -374,6 +375,7 @@ do_syncrep1(
si->si_syncCookie.sid, si->si_syncCookie.rid ); si->si_syncCookie.sid, si->si_syncCookie.rid );
ber_bvarray_add( &si->si_syncCookie.octet_str, &newcookie ); ber_bvarray_add( &si->si_syncCookie.octet_str, &newcookie );
} }
} else { } else {
/* no command line cookie is specified */ /* no command line cookie is specified */
if ( si->si_syncCookie.octet_str == NULL ) { if ( si->si_syncCookie.octet_str == NULL ) {
@ -476,14 +478,14 @@ do_syncrep2(
slap_dup_sync_cookie( &syncCookie_req, &si->si_syncCookie ); slap_dup_sync_cookie( &syncCookie_req, &si->si_syncCookie );
if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ){ if ( abs(si->si_type) == LDAP_SYNC_REFRESH_AND_PERSIST ) {
tout_p = &tout; tout_p = &tout;
} else { } else {
tout_p = NULL; tout_p = NULL;
} }
while (( rc = ldap_result( si->si_ld, LDAP_RES_ANY, LDAP_MSG_ONE, tout_p, &res )) while (( rc = ldap_result( si->si_ld, LDAP_RES_ANY, LDAP_MSG_ONE,
> 0 ) tout_p, &res )) > 0 )
{ {
if ( slapd_shutdown ) { if ( slapd_shutdown ) {
rc = -2; rc = -2;
@ -503,9 +505,9 @@ do_syncrep2(
} }
rctrlp = *rctrls; rctrlp = *rctrls;
ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
ber_scanf( ber, "{em", &syncstate, &syncUUID ); ber_scanf( ber, "{em" /*"}"*/, &syncstate, &syncUUID );
if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) { if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
ber_scanf( ber, "m}", &cookie ); ber_scanf( ber, /*"{"*/ "m}", &cookie );
if ( cookie.bv_val ) { if ( cookie.bv_val ) {
struct berval tmp_bv; struct berval tmp_bv;
ber_dupbv( &tmp_bv, &cookie ); ber_dupbv( &tmp_bv, &cookie );
@ -520,7 +522,8 @@ do_syncrep2(
rc_efree = syncrepl_entry( si, op, entry, modlist, rc_efree = syncrepl_entry( si, op, entry, modlist,
syncstate, &syncUUID, &syncCookie_req ); syncstate, &syncUUID, &syncCookie_req );
if ( syncCookie.octet_str && if ( syncCookie.octet_str &&
syncCookie.octet_str[0].bv_val ) { syncCookie.octet_str[0].bv_val )
{
syncrepl_updateCookie( si, op, psub, &syncCookie ); syncrepl_updateCookie( si, op, psub, &syncCookie );
} }
} }
@ -552,8 +555,7 @@ do_syncrep2(
ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER ); ber_init2( ber, &rctrlp->ldctl_value, LBER_USE_DER );
ber_scanf( ber, "{" /*"}"*/); ber_scanf( ber, "{" /*"}"*/);
if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) {
{
ber_scanf( ber, "m", &cookie ); ber_scanf( ber, "m", &cookie );
if ( cookie.bv_val ) { if ( cookie.bv_val ) {
struct berval tmp_bv; struct berval tmp_bv;
@ -562,13 +564,15 @@ do_syncrep2(
} }
if ( syncCookie.octet_str && if ( syncCookie.octet_str &&
syncCookie.octet_str[0].bv_val ) syncCookie.octet_str[0].bv_val )
{
slap_parse_sync_cookie( &syncCookie ); slap_parse_sync_cookie( &syncCookie );
} }
}
if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES ) if ( ber_peek_tag( ber, &len ) == LDAP_TAG_REFRESHDELETES )
{ {
ber_scanf( ber, "b", &refreshDeletes ); ber_scanf( ber, "b", &refreshDeletes );
} }
ber_scanf( ber, "}" ); ber_scanf( ber, /*"{"*/ "}" );
} }
if ( syncCookie_req.ctxcsn == NULL ) { if ( syncCookie_req.ctxcsn == NULL ) {
match = -1; match = -1;
@ -578,10 +582,12 @@ do_syncrep2(
value_match( &match, slap_schema.si_ad_entryCSN, value_match( &match, slap_schema.si_ad_entryCSN,
slap_schema.si_ad_entryCSN->ad_type->sat_ordering, slap_schema.si_ad_entryCSN->ad_type->sat_ordering,
SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX, SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
&syncCookie_req.ctxcsn[0], &syncCookie.ctxcsn[0], &text ); &syncCookie_req.ctxcsn[0], &syncCookie.ctxcsn[0],
&text );
} }
if ( syncCookie.octet_str && syncCookie.octet_str->bv_val if ( syncCookie.octet_str && syncCookie.octet_str->bv_val &&
&& match < 0 && err == LDAP_SUCCESS ) { match < 0 && err == LDAP_SUCCESS )
{
syncrepl_updateCookie( si, op, psub, &syncCookie ); syncrepl_updateCookie( si, op, psub, &syncCookie );
} }
if ( rctrls ) { if ( rctrls ) {
@ -593,7 +599,8 @@ do_syncrep2(
* 2) on err policy : stop service, stop sync, retry * 2) on err policy : stop service, stop sync, retry
*/ */
if ( refreshDeletes == 0 && match < 0 && if ( refreshDeletes == 0 && match < 0 &&
err == LDAP_SUCCESS ) { err == LDAP_SUCCESS )
{
syncrepl_del_nonpresent( op, si ); syncrepl_del_nonpresent( op, si );
} else { } else {
avl_free( si->si_presentlist, avl_ber_bvfree ); avl_free( si->si_presentlist, avl_ber_bvfree );
@ -621,30 +628,34 @@ do_syncrep2(
si_refreshDelete = 1; si_refreshDelete = 1;
case LDAP_TAG_SYNC_REFRESH_PRESENT: case LDAP_TAG_SYNC_REFRESH_PRESENT:
si_refreshPresent = 1; si_refreshPresent = 1;
ber_scanf( ber, "t{", &tag ); ber_scanf( ber, "t{" /*"}"*/, &tag );
if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE ) if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SYNC_COOKIE )
{ {
ber_scanf( ber, "m", &cookie ); ber_scanf( ber, "m", &cookie );
if ( cookie.bv_val ) { if ( cookie.bv_val ) {
struct berval tmp_bv; struct berval tmp_bv;
ber_dupbv( &tmp_bv, &cookie ); ber_dupbv( &tmp_bv, &cookie );
ber_bvarray_add( &syncCookie.octet_str, &tmp_bv); ber_bvarray_add( &syncCookie.octet_str,
&tmp_bv);
} }
if ( syncCookie.octet_str && if ( syncCookie.octet_str &&
syncCookie.octet_str[0].bv_val ) syncCookie.octet_str[0].bv_val )
{
slap_parse_sync_cookie( &syncCookie ); slap_parse_sync_cookie( &syncCookie );
} }
}
if ( ber_peek_tag( ber, &len ) == if ( ber_peek_tag( ber, &len ) ==
LDAP_TAG_REFRESHDONE ) LDAP_TAG_REFRESHDONE )
{ {
ber_scanf( ber, "b", &refreshDone ); ber_scanf( ber, "b", &refreshDone );
} }
ber_scanf( ber, "}" ); ber_scanf( ber, /*"{"*/ "}" );
break; break;
case LDAP_TAG_SYNC_ID_SET: case LDAP_TAG_SYNC_ID_SET:
ber_scanf( ber, "t{", &tag ); ber_scanf( ber, "t{" /*"}"*/, &tag );
if ( ber_peek_tag( ber, &len ) == if ( ber_peek_tag( ber, &len ) ==
LDAP_TAG_SYNC_COOKIE ) { LDAP_TAG_SYNC_COOKIE )
{
ber_scanf( ber, "m", &cookie ); ber_scanf( ber, "m", &cookie );
if ( cookie.bv_val ) { if ( cookie.bv_val ) {
struct berval tmp_bv; struct berval tmp_bv;
@ -654,15 +665,17 @@ do_syncrep2(
} }
if ( syncCookie.octet_str && if ( syncCookie.octet_str &&
syncCookie.octet_str[0].bv_val ) syncCookie.octet_str[0].bv_val )
{
slap_parse_sync_cookie( &syncCookie ); slap_parse_sync_cookie( &syncCookie );
} }
}
if ( ber_peek_tag( ber, &len ) == if ( ber_peek_tag( ber, &len ) ==
LDAP_TAG_REFRESHDELETES ) LDAP_TAG_REFRESHDELETES )
{ {
ber_scanf( ber, "b", &refreshDeletes ); ber_scanf( ber, "b", &refreshDeletes );
} }
ber_scanf( ber, "[W]", &syncUUIDs ); ber_scanf( ber, "[W]", &syncUUIDs );
ber_scanf( ber, "}" ); ber_scanf( ber, /*"{"*/ "}" );
for ( i = 0; syncUUIDs[i].bv_val; i++ ) { for ( i = 0; syncUUIDs[i].bv_val; i++ ) {
struct berval *syncuuid_bv; struct berval *syncuuid_bv;
syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] ); syncuuid_bv = ber_dupbv( NULL, &syncUUIDs[i] );
@ -699,8 +712,9 @@ do_syncrep2(
&syncCookie.ctxcsn[0], &text ); &syncCookie.ctxcsn[0], &text );
} }
if ( syncCookie.ctxcsn && syncCookie.ctxcsn[0].bv_val if ( syncCookie.ctxcsn && syncCookie.ctxcsn[0].bv_val &&
&& match < 0 ) { match < 0 )
{
syncrepl_updateCookie( si, op, psub, &syncCookie); syncrepl_updateCookie( si, op, psub, &syncCookie);
} }
@ -713,9 +727,10 @@ do_syncrep2(
ldap_memfree( retoid ); ldap_memfree( retoid );
ber_bvfree( retdata ); ber_bvfree( retdata );
break; break;
} else { } else {
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR,"do_syncrep2 :" LDAP_LOG( OPERATION, ERR, "do_syncrep2 :"
" unknown intermediate " " unknown intermediate "
"response\n", 0, 0, 0 ); "response\n", 0, 0, 0 );
#else #else
@ -728,6 +743,7 @@ do_syncrep2(
break; break;
} }
break; break;
default: default:
#ifdef NEW_LOGGING #ifdef NEW_LOGGING
LDAP_LOG( OPERATION, ERR, "do_syncrep2 : " LDAP_LOG( OPERATION, ERR, "do_syncrep2 : "
@ -950,8 +966,7 @@ syncrepl_message_to_entry(
sl_free( ndn.bv_val, op->o_tmpmemctx ); sl_free( ndn.bv_val, op->o_tmpmemctx );
sl_free( dn.bv_val, op->o_tmpmemctx ); sl_free( dn.bv_val, op->o_tmpmemctx );
if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) if ( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_DELETE ) {
{
return LDAP_SUCCESS; return LDAP_SUCCESS;
} }
@ -1036,8 +1051,7 @@ syncrepl_entry(
Modifications* modlist, Modifications* modlist,
int syncstate, int syncstate,
struct berval* syncUUID, struct berval* syncUUID,
struct sync_cookie* syncCookie_req struct sync_cookie* syncCookie_req )
)
{ {
Backend *be = op->o_bd; Backend *be = op->o_bd;
slap_callback cb = { NULL }; slap_callback cb = { NULL };
@ -1059,8 +1073,7 @@ syncrepl_entry(
struct berval org_ndn = BER_BVNULL; struct berval org_ndn = BER_BVNULL;
int org_managedsait; int org_managedsait;
if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD )) {
{
syncuuid_bv = ber_dupbv( NULL, syncUUID ); syncuuid_bv = ber_dupbv( NULL, syncUUID );
avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv, avl_insert( &si->si_presentlist, (caddr_t) syncuuid_bv,
syncuuid_cmp, avl_dup_error ); syncuuid_cmp, avl_dup_error );
@ -1110,8 +1123,7 @@ syncrepl_entry(
cb.sc_response = null_callback; cb.sc_response = null_callback;
cb.sc_private = si; cb.sc_private = si;
if ( rc == LDAP_SUCCESS && si->si_syncUUID_ndn.bv_val ) if ( rc == LDAP_SUCCESS && si->si_syncUUID_ndn.bv_val ) {
{
char *subseq_ptr; char *subseq_ptr;
if ( syncstate != LDAP_SYNC_DELETE ) { if ( syncstate != LDAP_SYNC_DELETE ) {
@ -1139,8 +1151,7 @@ syncrepl_entry(
op->o_ndn = op->o_bd->be_rootndn; op->o_ndn = op->o_bd->be_rootndn;
op->o_managedsait = 1; op->o_managedsait = 1;
while ( rs.sr_err == LDAP_SUCCESS && while ( rs.sr_err == LDAP_SUCCESS && op->o_delete_glue_parent ) {
op->o_delete_glue_parent ) {
op->o_delete_glue_parent = 0; op->o_delete_glue_parent = 0;
if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) { if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
slap_callback cb = { NULL }; slap_callback cb = { NULL };
@ -1292,8 +1303,7 @@ static struct berval gcbva[] = {
static void static void
syncrepl_del_nonpresent( syncrepl_del_nonpresent(
Operation *op, Operation *op,
syncinfo_t *si syncinfo_t *si )
)
{ {
Backend* be = op->o_bd; Backend* be = op->o_bd;
slap_callback cb = { NULL }; slap_callback cb = { NULL };
@ -1429,12 +1439,10 @@ syncrepl_del_nonpresent(
return; return;
} }
void void
syncrepl_add_glue( syncrepl_add_glue(
Operation* op, Operation* op,
Entry *e Entry *e )
)
{ {
Backend *be = op->o_bd; Backend *be = op->o_bd;
slap_callback cb = { NULL }; slap_callback cb = { NULL };
@ -1586,8 +1594,7 @@ syncrepl_updateCookie(
syncinfo_t *si, syncinfo_t *si,
Operation *op, Operation *op,
struct berval *pdn, struct berval *pdn,
struct sync_cookie *syncCookie struct sync_cookie *syncCookie )
)
{ {
Backend *be = op->o_bd; Backend *be = op->o_bd;
Modifications *ml; Modifications *ml;
@ -1656,7 +1663,7 @@ syncrepl_updateCookie(
op->o_tag = LDAP_REQ_ADD; op->o_tag = LDAP_REQ_ADD;
rc = slap_mods_opattrs( op, modlist, modtail, rc = slap_mods_opattrs( op, modlist, modtail,
&text,txtbuf, textlen ); &text, txtbuf, textlen );
for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
ml->sml_op = LDAP_MOD_REPLACE; ml->sml_op = LDAP_MOD_REPLACE;
@ -1799,8 +1806,7 @@ syncrepl_isupdate( Operation *op )
int int
syncrepl_isupdate_dn( syncrepl_isupdate_dn(
Backend* be, Backend* be,
struct berval* ndn struct berval* ndn )
)
{ {
syncinfo_t* si; syncinfo_t* si;
int ret = 0; int ret = 0;
@ -1818,8 +1824,7 @@ syncrepl_isupdate_dn(
static int static int
dn_callback( dn_callback(
Operation* op, Operation* op,
SlapReply* rs SlapReply* rs )
)
{ {
syncinfo_t *si = op->o_callback->sc_private; syncinfo_t *si = op->o_callback->sc_private;
@ -1843,8 +1848,7 @@ dn_callback(
static int static int
nonpresent_callback( nonpresent_callback(
Operation* op, Operation* op,
SlapReply* rs SlapReply* rs )
)
{ {
syncinfo_t *si = op->o_callback->sc_private; syncinfo_t *si = op->o_callback->sc_private;
Attribute *a; Attribute *a;
@ -1950,12 +1954,8 @@ slap_uuidstr_from_normalized(
unsigned char nibble; unsigned char nibble;
int i, d = 0; int i, d = 0;
if ( normalized == NULL ) if ( normalized == NULL ) return NULL;
return NULL; if ( normalized->bv_len != 16 ) return NULL;
if ( normalized->bv_len != 16 ) {
return NULL;
}
if ( uuidstr ) { if ( uuidstr ) {
new = uuidstr; new = uuidstr;
@ -1966,8 +1966,7 @@ slap_uuidstr_from_normalized(
new->bv_len = 36; new->bv_len = 36;
if (( new->bv_val = sl_malloc( new->bv_len + 1, ctx )) == NULL) { if (( new->bv_val = sl_malloc( new->bv_len + 1, ctx )) == NULL) {
if ( !uuidstr ) if ( !uuidstr ) sl_free( new, ctx );
sl_free( new, ctx );
return NULL; return NULL;
} }
@ -1993,7 +1992,6 @@ slap_uuidstr_from_normalized(
} }
new->bv_val[new->bv_len] = '\0'; new->bv_val[new->bv_len] = '\0';
return new; return new;
} }
@ -2010,11 +2008,9 @@ syncuuid_cmp( const void* v_uuid1, const void* v_uuid2 )
static void static void
avl_ber_bvfree( void *bv ) avl_ber_bvfree( void *bv )
{ {
if( bv == NULL ) { if( bv == NULL ) return;
return;
}
if ( ((struct berval *)bv)->bv_val != NULL ) { if ( ((struct berval *)bv)->bv_val != NULL ) {
ch_free ( ((struct berval *)bv)->bv_val ); ch_free( ((struct berval *)bv)->bv_val );
} }
ch_free ( (char *) bv ); ch_free( (char *) bv );
} }