mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-04-06 15:00:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#9636 - Delete shell backend

Browse Source
This commit is contained in:
Quanah Gibson-Mount 2021-08-16 19:56:42 +00:00
parent c6b43dcdc5
commit d943d7f2fb
25 changed files with 5 additions and 2548 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
configure.ac
View File

@ -305,7 +305,6 @@ Backends="dnssrv \
passwd \
perl \
relay \
shell \
sock \
sql \
wt"
@ -333,8 +332,6 @@ OL_ARG_ENABLE(perl, [AS_HELP_STRING([--enable-perl], [enable perl backend])],
no, [no yes mod], ol_enable_backends)dnl
OL_ARG_ENABLE(relay, [AS_HELP_STRING([--enable-relay], [enable relay backend])],
yes, [no yes mod], ol_enable_backends)dnl
OL_ARG_ENABLE(shell, [AS_HELP_STRING([--enable-shell], [enable shell backend])],
no, [no yes mod])dnl
OL_ARG_ENABLE(sock, [AS_HELP_STRING([--enable-sock], [enable sock backend])],
no, [no yes mod], ol_enable_backends)dnl
OL_ARG_ENABLE(sql, [AS_HELP_STRING([--enable-sql], [enable sql backend])],
@ -2664,22 +2661,6 @@ if test "$ol_enable_relay" != no ; then
AC_DEFINE_UNQUOTED(SLAPD_RELAY,$MFLAG,[define to support relay backend])
fi
if test "$ol_enable_shell" != no ; then
if test "$ol_link_threads" != no ; then
AC_MSG_WARN([Use of --without-threads is recommended with back-shell])
fi
BUILD_SLAPD=yes
BUILD_SHELL=$ol_enable_shell
if test "$ol_enable_shell" = mod ; then
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-shell"
MFLAG=SLAPD_MOD_DYNAMIC
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-shell"
MFLAG=SLAPD_MOD_STATIC
fi
AC_DEFINE_UNQUOTED(SLAPD_SHELL,$MFLAG,[define to support SHELL backend])
fi
if test "$ol_enable_sock" != no ; then
BUILD_SLAPD=yes
BUILD_SOCK=$ol_enable_sock
@ -3258,11 +3239,9 @@ AC_CONFIG_FILES([Makefile:build/top.mk:Makefile.in:build/dir.mk]
[servers/slapd/back-passwd/Makefile:build/top.mk:servers/slapd/back-passwd/Makefile.in:build/mod.mk]
[servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/mod.mk]
[servers/slapd/back-relay/Makefile:build/top.mk:servers/slapd/back-relay/Makefile.in:build/mod.mk]
[servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/mod.mk]
[servers/slapd/back-sock/Makefile:build/top.mk:servers/slapd/back-sock/Makefile.in:build/mod.mk]
[servers/slapd/back-sql/Makefile:build/top.mk:servers/slapd/back-sql/Makefile.in:build/mod.mk]
[servers/slapd/back-wt/Makefile:build/top.mk:servers/slapd/back-wt/Makefile.in:build/mod.mk]
[servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk]
[servers/slapd/slapi/Makefile:build/top.mk:servers/slapd/slapi/Makefile.in:build/lib.mk:build/lib-shared.mk]
[servers/slapd/overlays/Makefile:build/top.mk:servers/slapd/overlays/Makefile.in:build/lib.mk]
[servers/slapd/pwmods/Makefile:build/top.mk:servers/slapd/pwmods/Makefile.in:build/lib.mk]

237
doc/man/man5/slapd-shell.5
View File

@ -1,237 +0,0 @@
.TH SLAPD-SHELL 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 1998-2021 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.\" $OpenLDAP$
.SH NAME
slapd\-shell \- Shell backend to slapd
.SH SYNOPSIS
ETCDIR/slapd.conf
.SH DESCRIPTION
The Shell backend to
.BR slapd (8)
executes external programs to implement operations, and is designed to
make it easy to tie an existing database to the
.B slapd
front-end.
.LP
This backend is primarily intended to be used in prototypes.
.SH WARNING
The
.B abandon
shell command has been removed since OpenLDAP 2.1.
.SH CONFIGURATION
These
.B slapd.conf
options apply to the SHELL backend database.
That is, they must follow a "database shell" line and come before any
subsequent "backend" or "database" lines.
Other database options are described in the
.BR slapd.conf (5)
manual page.
.LP
These options specify the pathname and arguments of the program to
execute in response to the given LDAP operation.
Each option is followed by the input lines that the program receives:
.TP
.B add <pathname> <argument>...
.nf
ADD
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
<entry in LDIF format>
.fi
.TP
.B bind <pathname> <argument>...
.nf
BIND
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <DN>
method: <method number>
credlen: <length of <credentials>>
cred: <credentials>
.fi
.TP
.B compare <pathname> <argument>...
.nf
COMPARE
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <DN>
<attribute>: <value>
.fi
.TP
.B delete <pathname> <argument>...
.nf
DELETE
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <DN>
.fi
.TP
.B modify <pathname> <argument>...
.nf
MODIFY
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <DN>
<repeat {
<"add"/"delete"/"replace">: <attribute>
<repeat { <attribute>: <value> }>
\-
}>
.fi
.TP
.B modrdn <pathname> <argument>...
.nf
MODRDN
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <DN>
newrdn: <new RDN>
deleteoldrdn: <0 or 1>
<if new superior is specified: "newSuperior: <DN>">
.fi
.TP
.B search <pathname> <argument>...
.nf
SEARCH
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
base: <base DN>
scope: <0-2, see ldap.h>
deref: <0-3, see ldap.h>
sizelimit: <size limit>
timelimit: <time limit>
filter: <filter>
attrsonly: <0 or 1>
attrs: <"all" or space-separated attribute list>
.fi
.TP
.B unbind <pathname> <argument>...
.nf
UNBIND
msgid: <message id>
<repeat { "suffix:" <database suffix DN> }>
dn: <bound DN>
.fi
.LP
Note that you need only supply configuration lines for those commands you
want the backend to handle.
Operations for which a command is not supplied will be refused with an
"unwilling to perform" error.
.LP
The \fBsearch\fP command should output the entries in LDIF format,
each entry followed by a blank line, and after these the RESULT below.
.LP
All commands except \fBunbind\fP should then output:
.RS
.nf
RESULT
code: <integer>
matched: <matched DN>
info: <text>
.fi
.RE
where only the RESULT line is mandatory.
Lines starting with `#' or `DEBUG:' are ignored.
.SH ACCESS CONTROL
The
.B shell
backend does not honor all ACL semantics as described in
.BR slapd.access (5).
In general, access to objects is checked by using a dummy object
that contains only the DN, so access rules that rely on the contents
of the object are not honored.
In detail:
.LP
The
.B add
operation does not require
.B write (=w)
access to the
.B children
pseudo-attribute of the parent entry.
.LP
The
.B bind
operation requires
.B auth (=x)
access to the
.B entry
pseudo-attribute of the entry whose identity is being assessed;
.B auth (=x)
access to the credentials is not checked, but rather delegated
to the underlying shell script.
.LP
The
.B compare
operation requires
.B read (=r)
access (FIXME: wouldn't
.B compare (=c)
be a more appropriate choice?)
to the
.B entry
pseudo-attribute
of the object whose value is being asserted;
.B compare (=c)
access to the attribute whose value is being asserted is not checked.
.LP
The
.B delete
operation does not require
.B write (=w)
access to the
.B children
pseudo-attribute of the parent entry.
.LP
The
.B modify
operation requires
.B write (=w)
access to the
.B entry
pseudo-attribute;
.B write (=w)
access to the specific attributes that are modified is not checked.
.LP
The
.B modrdn
operation does not require
.B write (=w)
access to the
.B children
pseudo-attribute of the parent entry, nor to that of the new parent,
if different;
.B write (=w)
access to the distinguished values of the naming attributes
is not checked.
.LP
The
.B search
operation does not require
.B search (=s)
access to the
.B entry
pseudo_attribute of the searchBase;
.B search (=s)
access to the attributes and values used in the filter is not checked.
.SH EXAMPLE
There is an example search script in the slapd/back\-shell/ directory
in the OpenLDAP source tree.
.SH LIMITATIONS
The shell backend does not support threaded environments.
When using the shell backend,
.BR slapd (8)
should be built
.IR \-\-without\-threads .
.SH FILES
.TP
ETCDIR/slapd.conf
default slapd configuration file
.SH SEE ALSO
.BR slapd.conf (5),
.BR slapd (8),
.BR sh (1).

12
doc/man/man5/slapd-sock.5
View File

@ -9,11 +9,9 @@ ETCDIR/slapd.conf
.SH DESCRIPTION
The Socket backend to
.BR slapd (8)
uses an external program to handle queries, similarly to
.BR slapd\-shell (5).
However, in this case the external program listens on a Unix domain socket.
This makes it possible to have a pool of processes, which persist between
requests. This allows multithreaded operation and a higher level of
uses an external program to handle queries that listens on a Unix domain
socket. This makes it possible to have a pool of processes, which persist
between requests. This allows multithreaded operation and a high level of
efficiency. The external program must have been started independently;
.BR slapd (8)
itself will not start it.
@ -65,9 +63,7 @@ DNs matching the specified regular expression will be processed. The default
is empty (all DNs are processed).
.SH PROTOCOL
The protocol is essentially the same as
.BR slapd\-shell (5)
with the addition of a newline to terminate the command parameters. The
The protocol uses a newline to terminate the command parameters. The
following commands are sent:
.RS
.nf

2
servers/slapd/Makefile.in
View File

@ -18,7 +18,7 @@ PROGRAMS=slapd $(SLAPTOOLS)
XPROGRAMS=sslapd libbackends.a .backend liboverlays.a
XSRCS=version.c
SUBDIRS=back-* shell-backends slapi overlays pwmods
SUBDIRS=back-* slapi overlays pwmods
NT_SRCS = nt_svc.c
NT_OBJS = nt_svc.o ../../libraries/liblutil/slapdmsg.res

43
servers/slapd/back-shell/Makefile.in
View File

@ -1,43 +0,0 @@
# Makefile.in for back-shell
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
SRCS = init.c config.c fork.c search.c bind.c unbind.c add.c \
delete.c modify.c modrdn.c compare.c result.c
OBJS = init.lo config.lo fork.lo search.lo bind.lo unbind.lo add.lo \
delete.lo modify.lo modrdn.lo compare.lo result.lo
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
BUILD_OPT = "--enable-shell"
BUILD_MOD = @BUILD_SHELL@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_SHELL@_DEFS)
shared_LDAP_LIBS = $(LDAP_LIBLDAP_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
LIBBASE = back_shell
XINCPATH = -I.. -I$(srcdir)/..
XDEFS = $(MODULES_CPPFLAGS)
all-local-lib: ../.backend
../.backend: lib$(LIBBASE).a
@touch $@

84
servers/slapd/back-shell/add.c
View File

@ -1,84 +0,0 @@
/* add.c - shell backend add function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "shell.h"
int
shell_back_add(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
FILE *rfp, *wfp;
int len;
if ( si->si_add == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"add not implemented" );
return( -1 );
}
if ( ! access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WADD, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_add, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the add process */
fprintf( wfp, "ADD\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
ldap_pvt_thread_mutex_lock( &entry2str_mutex );
fprintf( wfp, "%s", entry2str( op->oq_add.rs_e, &len ) );
ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
fclose( wfp );
/* read in the result and send it along */
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

105
servers/slapd/back-shell/bind.c
View File

@ -1,105 +0,0 @@
/* bind.c - shell backend bind function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include <ac/string.h>
#include "slap.h"
#include "shell.h"
int
shell_back_bind(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
int rc;
/* allow rootdn as a means to auth without the need to actually
* contact the proxied DSA */
switch ( be_rootdn_bind( op, rs ) ) {
case SLAP_CB_CONTINUE:
break;
default:
return rs->sr_err;
}
if ( si->si_bind == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"bind not implemented" );
return( -1 );
}
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_AUTH, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_bind, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the bind process */
fprintf( wfp, "BIND\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( wfp, "method: %d\n", op->oq_bind.rb_method );
fprintf( wfp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );
fprintf( wfp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */
fclose( wfp );
/* read in the results and send them along */
rc = read_and_send_results( op, rs, rfp );
fclose( rfp );
return( rc );
}

99
servers/slapd/back-shell/compare.c
View File

@ -1,99 +0,0 @@
/* compare.c - shell backend compare function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "shell.h"
int
shell_back_compare(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_compare == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"compare not implemented" );
return( -1 );
}
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_READ, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_compare, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/*
* FIX ME: This should use LDIF routines so that binary
* values are properly dealt with
*/
/* write out the request to the compare process */
fprintf( wfp, "COMPARE\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( wfp, "%s: %s\n",
op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val,
op->oq_compare.rs_ava->aa_value.bv_val /* could be binary! */ );
fclose( wfp );
/* read in the result and send it along */
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

137
servers/slapd/back-shell/config.c
View File

@ -1,137 +0,0 @@
/* config.c - shell backend configuration file routine */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "shell.h"
#include "slap-config.h"
static ConfigDriver shell_cf;
enum {
SHELL_BIND = 0,
SHELL_UNBIND = 1,
SHELL_SEARCH,
SHELL_COMPARE,
SHELL_MODIFY,
SHELL_MODRDN,
SHELL_ADD,
SHELL_DELETE
};
static ConfigTable shellcfg[] = {
{ "bind", "args", 2, 0, 0, ARG_MAGIC|SHELL_BIND, shell_cf,
"( OLcfgDbAt:10.1 NAME 'olcShellBind' "
"DESC 'Bind command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "unbind", "args", 2, 0, 0, ARG_MAGIC|SHELL_UNBIND, shell_cf,
"( OLcfgDbAt:10.2 NAME 'olcShellUnbind' "
"DESC 'Unbind command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "search", "args", 2, 0, 0, ARG_MAGIC|SHELL_SEARCH, shell_cf,
"( OLcfgDbAt:10.3 NAME 'olcShellSearch' "
"DESC 'Search command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "compare", "args", 2, 0, 0, ARG_MAGIC|SHELL_COMPARE, shell_cf,
"( OLcfgDbAt:10.4 NAME 'olcShellCompare' "
"DESC 'Compare command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "modify", "args", 2, 0, 0, ARG_MAGIC|SHELL_MODIFY, shell_cf,
"( OLcfgDbAt:10.5 NAME 'olcShellModify' "
"DESC 'Modify command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "modrdn", "args", 2, 0, 0, ARG_MAGIC|SHELL_MODRDN, shell_cf,
"( OLcfgDbAt:10.6 NAME 'olcShellModRDN' "
"DESC 'ModRDN command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "add", "args", 2, 0, 0, ARG_MAGIC|SHELL_ADD, shell_cf,
"( OLcfgDbAt:10.7 NAME 'olcShellAdd' "
"DESC 'Add command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ "delete", "args", 2, 0, 0, ARG_MAGIC|SHELL_DELETE, shell_cf,
"( OLcfgDbAt:10.8 NAME 'olcShellDelete' "
"DESC 'Delete command and arguments' "
"EQUALITY caseExactMatch "
"SYNTAX OMsDirectoryString SINGLE-VALUE ) ", NULL, NULL },
{ NULL }
};
static ConfigOCs shellocs[] = {
{ "( OLcfgDbOc:10.1 "
"NAME 'olcShellConfig' "
"DESC 'Shell backend configuration' "
"SUP olcDatabaseConfig "
"MAY ( olcShellBind $ olcShellUnbind $ olcShellSearch $ "
"olcShellCompare $ olcShellModify $ olcShellModRDN $ "
"olcShellAdd $ olcShellDelete ) )",
Cft_Database, shellcfg },
{ NULL }
};
static int
shell_cf( ConfigArgs *c )
{
struct shellinfo *si = (struct shellinfo *) c->be->be_private;
char ***arr = &si->si_bind;
if ( c->op == SLAP_CONFIG_EMIT ) {
struct berval bv;
if ( !arr[c->type] ) return 1;
bv.bv_val = ldap_charray2str( arr[c->type], " " );
bv.bv_len = strlen( bv.bv_val );
ber_bvarray_add( &c->rvalue_vals, &bv );
} else if ( c->op == LDAP_MOD_DELETE ) {
ldap_charray_free( arr[c->type] );
arr[c->type] = NULL;
} else {
arr[c->type] = ldap_charray_dup( &c->argv[1] );
}
return 0;
}
int
shell_back_init_cf( BackendInfo *bi )
{
bi->bi_cf_ocs = shellocs;
return config_register_schema( shellcfg, shellocs );
}

90
servers/slapd/back-shell/delete.c
View File

@ -1,90 +0,0 @@
/* delete.c - shell backend delete function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "shell.h"
int
shell_back_delete(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_delete == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"delete not implemented" );
return( -1 );
}
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_WDEL, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_delete, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the delete process */
fprintf( wfp, "DELETE\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

118
servers/slapd/back-shell/fork.c
View File

@ -1,118 +0,0 @@
/* fork.c - fork and exec a process, connecting stdin/out w/pipes */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/errno.h>
#include <ac/string.h>
#include <ac/socket.h>
#include <ac/unistd.h>
#include "slap.h"
#include "shell.h"
pid_t
forkandexec(
char **args,
FILE **rfp,
FILE **wfp
)
{
int p2c[2] = { -1, -1 }, c2p[2];
pid_t pid;
if ( pipe( p2c ) != 0 || pipe( c2p ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "pipe failed\n" );
close( p2c[0] );
close( p2c[1] );
return( -1 );
}
/*
* what we're trying to set up looks like this:
* parent *wfp -> p2c[1] | p2c[0] -> stdin child
* parent *rfp <- c2p[0] | c2p[1] <- stdout child
*/
fflush( NULL );
# ifdef HAVE_THR
pid = fork1();
# else
pid = fork();
# endif
if ( pid == 0 ) { /* child */
/*
* child could deadlock here due to resources locked
* by our parent
*
* If so, configure --without-threads.
*/
if ( dup2( p2c[0], 0 ) == -1 || dup2( c2p[1], 1 ) == -1 ) {
Debug( LDAP_DEBUG_ANY, "dup2 failed\n" );
exit( EXIT_FAILURE );
}
}
close( p2c[0] );
close( c2p[1] );
if ( pid <= 0 ) {
close( p2c[1] );
close( c2p[0] );
}
switch ( pid ) {
case 0:
execv( args[0], args );
Debug( LDAP_DEBUG_ANY, "execv failed\n" );
exit( EXIT_FAILURE );
case -1: /* trouble */
Debug( LDAP_DEBUG_ANY, "fork failed\n" );
return( -1 );
}
/* parent */
if ( (*rfp = fdopen( c2p[0], "r" )) == NULL || (*wfp = fdopen( p2c[1],
"w" )) == NULL ) {
Debug( LDAP_DEBUG_ANY, "fdopen failed\n" );
if ( *rfp ) {
fclose( *rfp );
*rfp = NULL;
} else {
close( c2p[0] );
}
close( p2c[1] );
return( -1 );
}
return( pid );
}

111
servers/slapd/back-shell/init.c
View File

@ -1,111 +0,0 @@
/* init.c - initialize shell backend */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include "slap.h"
#include "slap-config.h"
#include "shell.h"
int
shell_back_initialize(
BackendInfo *bi
)
{
bi->bi_open = 0;
bi->bi_config = 0;
bi->bi_close = 0;
bi->bi_destroy = 0;
bi->bi_db_init = shell_back_db_init;
bi->bi_db_config = 0;
bi->bi_db_open = 0;
bi->bi_db_close = 0;
bi->bi_db_destroy = shell_back_db_destroy;
bi->bi_op_bind = shell_back_bind;
bi->bi_op_unbind = shell_back_unbind;
bi->bi_op_search = shell_back_search;
bi->bi_op_compare = shell_back_compare;
bi->bi_op_modify = shell_back_modify;
bi->bi_op_modrdn = shell_back_modrdn;
bi->bi_op_add = shell_back_add;
bi->bi_op_delete = shell_back_delete;
bi->bi_op_abandon = 0;
bi->bi_extended = 0;
bi->bi_chk_referrals = 0;
bi->bi_connection_init = 0;
bi->bi_connection_destroy = 0;
return shell_back_init_cf( bi );
}
int
shell_back_db_init(
Backend *be,
ConfigReply *cr
)
{
struct shellinfo *si;
si = (struct shellinfo *) ch_calloc( 1, sizeof(struct shellinfo) );
be->be_private = si;
be->be_cf_ocs = be->bd_info->bi_cf_ocs;
return si == NULL;
}
int
shell_back_db_destroy(
Backend *be,
ConfigReply *cr
)
{
free( be->be_private );
return 0;
}
#if SLAPD_SHELL == SLAPD_MOD_DYNAMIC
/* conditionally define the init_module() function */
SLAP_BACKEND_INIT_MODULE( shell )
#endif /* SLAPD_SHELL == SLAPD_MOD_DYNAMIC */

126
servers/slapd/back-shell/modify.c
View File

@ -1,126 +0,0 @@
/* modify.c - shell backend modify function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "shell.h"
#include "ldif.h"
int
shell_back_modify(
Operation *op,
SlapReply *rs )
{
Modification *mod;
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Modifications *ml = op->orm_modlist;
Entry e;
FILE *rfp, *wfp;
int i;
if ( si->si_modify == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"modify not implemented" );
return( -1 );
}
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_WRITE, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_modify, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the modify process */
fprintf( wfp, "MODIFY\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
for ( ; ml != NULL; ml = ml->sml_next ) {
mod = &ml->sml_mod;
switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
fprintf( wfp, "add: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_DELETE:
fprintf( wfp, "delete: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_REPLACE:
fprintf( wfp, "replace: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
}
if( mod->sm_values != NULL ) {
for ( i = 0; mod->sm_values[i].bv_val != NULL; i++ ) {
char *out = ldif_put( LDIF_PUT_VALUE,
mod->sm_desc->ad_cname.bv_val,
mod->sm_values[i].bv_val,
mod->sm_values[i].bv_len );
if ( out ) {
fprintf( wfp, "%s", out );
ber_memfree( out );
}
}
}
fprintf( wfp, "-\n" );
}
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

96
servers/slapd/back-shell/modrdn.c
View File

@ -1,96 +0,0 @@
/* modrdn.c - shell backend modrdn function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include <ac/string.h>
#include "slap.h"
#include "shell.h"
int
shell_back_modrdn(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *rfp, *wfp;
if ( si->si_modrdn == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"modrdn not implemented" );
return( -1 );
}
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e, entry, NULL,
op->oq_modrdn.rs_newSup ? ACL_WDEL : ACL_WRITE,
NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( forkandexec( si->si_modrdn, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the modrdn process */
fprintf( wfp, "MODRDN\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( wfp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val );
fprintf( wfp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 );
if ( op->oq_modrdn.rs_newSup != NULL ) {
fprintf( wfp, "newSuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val );
}
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

56
servers/slapd/back-shell/proto-shell.h
View File

@ -1,56 +0,0 @@
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#ifndef PROTO_SHELL_H
#define PROTO_SHELL_H
LDAP_BEGIN_DECL
extern BI_init shell_back_initialize;
extern BI_open shell_back_open;
extern BI_close shell_back_close;
extern BI_destroy shell_back_destroy;
extern BI_db_init shell_back_db_init;
extern BI_db_destroy shell_back_db_destroy;
extern BI_op_bind shell_back_bind;
extern BI_op_unbind shell_back_unbind;
extern BI_op_search shell_back_search;
extern BI_op_compare shell_back_compare;
extern BI_op_modify shell_back_modify;
extern BI_op_modrdn shell_back_modrdn;
extern BI_op_add shell_back_add;
extern BI_op_delete shell_back_delete;
extern int shell_back_init_cf( BackendInfo *bi );
LDAP_END_DECL
#endif /* PROTO_SHELL_H */

136
servers/slapd/back-shell/result.c
View File

@ -1,136 +0,0 @@
/* result.c - shell backend result reading function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/errno.h>
#include <ac/string.h>
#include <ac/socket.h>
#include <ac/unistd.h>
#include "slap.h"
#include "shell.h"
int
read_and_send_results(
Operation *op,
SlapReply *rs,
FILE *fp )
{
int bsize, len;
char *buf, *bp;
char line[BUFSIZ];
char ebuf[128];
/* read in the result and send it along */
buf = (char *) ch_malloc( BUFSIZ );
buf[0] = '\0';
bsize = BUFSIZ;
bp = buf;
while ( !feof(fp) ) {
errno = 0;
if ( fgets( line, sizeof(line), fp ) == NULL ) {
int saved_errno = errno;
if ( errno == EINTR ) continue;
Debug( LDAP_DEBUG_ANY, "shell: fgets failed: %s (%d)\n",
AC_STRERROR_R(saved_errno, ebuf, sizeof ebuf), saved_errno );
break;
}
Debug( LDAP_DEBUG_SHELL, "shell search reading line (%s)\n",
line );
/* ignore lines beginning with # (LDIFv1 comments) */
if ( *line == '#' ) {
continue;
}
/* ignore lines beginning with DEBUG: */
if ( strncasecmp( line, "DEBUG:", 6 ) == 0 ) {
continue;
}
len = strlen( line );
while ( bp + len + 1 - buf > bsize ) {
size_t offset = bp - buf;
bsize += BUFSIZ;
buf = (char *) ch_realloc( buf, bsize );
bp = &buf[offset];
}
strcpy( bp, line );
bp += len;
/* line marked the end of an entry or result */
if ( *line == '\n' ) {
if ( strncasecmp( buf, "RESULT", 6 ) == 0 ) {
break;
}
if ( (rs->sr_entry = str2entry( buf )) == NULL ) {
Debug( LDAP_DEBUG_ANY, "str2entry(%s) failed\n",
buf );
} else {
rs->sr_attrs = op->oq_search.rs_attrs;
rs->sr_flags = REP_ENTRY_MODIFIABLE;
send_search_entry( op, rs );
entry_free( rs->sr_entry );
rs->sr_attrs = NULL;
}
bp = buf;
}
}
(void) str2result( buf, &rs->sr_err, (char **)&rs->sr_matched, (char **)&rs->sr_text );
/* otherwise, front end will send this result */
if ( rs->sr_err != 0 || op->o_tag != LDAP_REQ_BIND ) {
send_ldap_result( op, rs );
}
free( buf );
return( rs->sr_err );
}
void
print_suffixes(
FILE *fp,
Backend *be
)
{
int i;
for ( i = 0; be->be_suffix[i].bv_val != NULL; i++ ) {
fprintf( fp, "suffix: %s\n", be->be_suffix[i].bv_val );
}
}

86
servers/slapd/back-shell/search.c
View File

@ -1,86 +0,0 @@
/* search.c - shell backend search function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include <ac/string.h>
#include "slap.h"
#include "shell.h"
int
shell_back_search(
Operation *op,
SlapReply *rs )
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
FILE *rfp, *wfp;
AttributeName *an;
if ( si->si_search == NULL ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"search not implemented" );
return( -1 );
}
if ( forkandexec( si->si_search, &rfp, &wfp ) == (pid_t)-1 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not fork/exec" );
return( -1 );
}
/* write out the request to the search process */
fprintf( wfp, "SEARCH\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "base: %s\n", op->o_req_dn.bv_val );
fprintf( wfp, "scope: %d\n", op->oq_search.rs_scope );
fprintf( wfp, "deref: %d\n", op->oq_search.rs_deref );
fprintf( wfp, "sizelimit: %d\n", op->oq_search.rs_slimit );
fprintf( wfp, "timelimit: %d\n", op->oq_search.rs_tlimit );
fprintf( wfp, "filter: %s\n", op->oq_search.rs_filterstr.bv_val );
fprintf( wfp, "attrsonly: %d\n", op->oq_search.rs_attrsonly ? 1 : 0 );
fprintf( wfp, "attrs:%s", op->oq_search.rs_attrs == NULL ? " all" : "" );
for ( an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++ ) {
fprintf( wfp, " %s", an->an_name.bv_val );
}
fprintf( wfp, "\n" );
fclose( wfp );
/* read in the results and send them along */
rs->sr_attrs = op->oq_search.rs_attrs;
read_and_send_results( op, rs, rfp );
fclose( rfp );
return( 0 );
}

29
servers/slapd/back-shell/searchexample.conf
View File

@ -1,29 +0,0 @@
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
#
## Portions Copyright (c) 1995 Regents of the University of Michigan.
## All rights reserved.
##
## Redistribution and use in source and binary forms are permitted
## provided that this notice is preserved and that due credit is given
## to the University of Michigan at Ann Arbor. The name of the University
## may not be used to endorse or promote products derived from this
## software without specific prior written permission. This software
## is provided ``as is'' without express or implied warranty.
include /usr/local/etc/openldap/schema/core.schema
database shell
suffix "dc=example,dc=com"
search /usr/local/etc/searchexample.sh

65
servers/slapd/back-shell/searchexample.sh
View File

@ -1,65 +0,0 @@
#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
#
## Portions Copyright (c) 1995 Regents of the University of Michigan.
## All rights reserved.
##
## Redistribution and use in source and binary forms are permitted
## provided that this notice is preserved and that due credit is given
## to the University of Michigan at Ann Arbor. The name of the University
## may not be used to endorse or promote products derived from this
## software without specific prior written permission. This software
## is provided ``as is'' without express or implied warranty.
while [ 1 ]; do
read TAG VALUE
if [ $? -ne 0 ]; then
break
fi
case "$TAG" in
base:)
BASE=$VALUE
;;
filter:)
FILTER=$VALUE
;;
# include other parameters here
esac
done
LOGIN=`echo $FILTER | sed -e 's/.*=\(.*\))/\1/'`
PWLINE=`grep -i "^$LOGIN" /etc/passwd`
#sleep 60
# if we found an entry that matches
if [ $? = 0 ]; then
echo $PWLINE | awk -F: '{
printf("dn: cn=%s,%s\n", $1, base);
printf("objectclass: top\n");
printf("objectclass: person\n");
printf("cn: %s\n", $1);
printf("cn: %s\n", $5);
printf("sn: %s\n", $1);
printf("uid: %s\n", $1);
}' base="$BASE"
echo ""
fi
# result
echo "RESULT"
echo "code: 0"
exit 0

65
servers/slapd/back-shell/shell.h
View File

@ -1,65 +0,0 @@
/* shell.h - shell backend header file */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#ifndef SLAPD_SHELL_H
#define SLAPD_SHELL_H
#include "proto-shell.h"
LDAP_BEGIN_DECL
struct shellinfo {
char **si_bind; /* cmd + args to exec for bind */
char **si_unbind; /* cmd + args to exec for unbind */
char **si_search; /* cmd + args to exec for search */
char **si_compare; /* cmd + args to exec for compare */
char **si_modify; /* cmd + args to exec for modify */
char **si_modrdn; /* cmd + args to exec for modrdn */
char **si_add; /* cmd + args to exec for add */
char **si_delete; /* cmd + args to exec for delete */
};
extern pid_t forkandexec LDAP_P((
char **args,
FILE **rfp,
FILE **wfp));
extern void print_suffixes LDAP_P((
FILE *fp,
BackendDB *bd));
extern int read_and_send_results LDAP_P((
Operation *op,
SlapReply *rs,
FILE *fp));
LDAP_END_DECL
#endif

69
servers/slapd/back-shell/unbind.c
View File

@ -1,69 +0,0 @@
/* unbind.c - shell backend unbind function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/socket.h>
#include <ac/string.h>
#include "slap.h"
#include "shell.h"
int
shell_back_unbind(
Operation *op,
SlapReply *rs
)
{
struct shellinfo *si = (struct shellinfo *) op->o_bd->be_private;
FILE *rfp, *wfp;
if ( si->si_unbind == NULL ) {
return 0;
}
if ( forkandexec( si->si_unbind, &rfp, &wfp ) == (pid_t)-1 ) {
return 0;
}
/* write out the request to the unbind process */
fprintf( wfp, "UNBIND\n" );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, op->o_bd );
fprintf( wfp, "dn: %s\n", (op->o_conn->c_dn.bv_len ? op->o_conn->c_dn.bv_val : "") );
fclose( wfp );
/* no response to unbind */
fclose( rfp );
return 0;
}

40
servers/slapd/shell-backends/Makefile.in
View File

@ -1,40 +0,0 @@
# Makefile.in for shell-backends
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
PROGRAMS = passwd-shell
SRCS = passwd-shell.c shellutil.c
XSRCS = pwd-version.c
OBJS = passwd-shell.o shellutil.o
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
BUILD_OPT = "--enable-shell"
BUILD_SRV = @BUILD_SHELL@
all-local-srv: $(PROGRAMS)
# create programs also when using modules
depend-mod: depend-yes
all-mod: all-yes
install-mod: install-yes
passwd-shell: pwd-version.o
$(CC) $(LDFLAGS) -o $@ $(OBJS) pwd-version.o $(LIBS)
pwd-version.c: $(OBJS) $(LDAP_LIBDEPEND)
@-$(RM) $@
$(MKVERSION) passwd-shell > $@

207
servers/slapd/shell-backends/passwd-shell.c
View File

@ -1,207 +0,0 @@
/* passwd-shell.c - passwd(5) shell-based backend for slapd(8) */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/stdlib.h>
#include <ac/string.h>
#include <ac/unistd.h>
#include <pwd.h>
#include <lber.h>
#include <ldap.h>
#include "shellutil.h"
static void pwdfile_search LDAP_P(( struct ldop *op, FILE *ofp ));
static struct ldentry *pw2entry LDAP_P(( struct ldop *op, struct passwd *pw ));
static char tmpbuf[ MAXLINELEN * 2 ];
int
main( int argc, char **argv )
{
int c, errflg;
struct ldop op;
if (( progname = strrchr( argv[ 0 ], '/' )) == NULL ) {
progname = estrdup( argv[ 0 ] );
} else {
progname = estrdup( progname + 1 );
}
errflg = debugflg = 0;
while (( c = getopt( argc, argv, "d" )) != EOF ) {
switch( c ) {
case 'd':
#ifdef LDAP_DEBUG
++debugflg;
#else /* LDAP_DEBUG */
fprintf( stderr, "%s: compile with -DLDAP_DEBUG for debugging\n",
progname );
#endif /* LDAP_DEBUG */
break;
default:
++errflg;
}
}
if ( errflg || optind < argc ) {
fprintf( stderr, "usage: %s [-d]\n", progname );
exit( EXIT_FAILURE );
}
debug_printf( "started\n" );
(void) memset( (char *)&op, '\0', sizeof( op ));
if ( parse_input( stdin, stdout, &op ) < 0 ) {
exit( EXIT_SUCCESS );
}
if ( op.ldop_op != LDOP_SEARCH ) {
write_result( stdout, LDAP_UNWILLING_TO_PERFORM, NULL,
"Command Not Implemented" );
exit( EXIT_SUCCESS );
}
#ifdef LDAP_DEBUG
dump_ldop( &op );
#endif /* LDAP_DEBUG */
pwdfile_search( &op, stdout );
exit( EXIT_SUCCESS );
}
static void
pwdfile_search( struct ldop *op, FILE *ofp )
{
struct passwd *pw;
struct ldentry *entry;
int oneentry;
oneentry = ( strchr( op->ldop_dn, '@' ) != NULL );
for ( pw = getpwent(); pw != NULL; pw = getpwent()) {
if (( entry = pw2entry( op, pw )) != NULL ) {
if ( oneentry ) {
if ( strcasecmp( op->ldop_dn, entry->lde_dn ) == 0 ) {
write_entry( op, entry, ofp );
break;
}
} else if ( test_filter( op, entry ) == LDAP_COMPARE_TRUE ) {
write_entry( op, entry, ofp );
}
free_entry( entry );
}
}
endpwent();
write_result( ofp, LDAP_SUCCESS, NULL, NULL );
}
static struct ldentry *
pw2entry( struct ldop *op, struct passwd *pw )
{
struct ldentry *entry;
struct ldattr *attr;
int i;
/*
* construct the DN from pw_name
*/
if ( strchr( op->ldop_suffixes[ 0 ], '=' ) != NULL ) {
/*
* X.500 style DN
*/
i = snprintf( tmpbuf, sizeof( tmpbuf ), "cn=%s, %s", pw->pw_name, op->ldop_suffixes[ 0 ] );
} else {
/*
* RFC-822 style DN
*/
i = snprintf( tmpbuf, sizeof( tmpbuf ), "%s@%s", pw->pw_name, op->ldop_suffixes[ 0 ] );
}
if ( i < 0 || i >= sizeof( tmpbuf ) ) {
return NULL;
}
entry = (struct ldentry *) ecalloc( 1, sizeof( struct ldentry ));
entry->lde_dn = estrdup( tmpbuf );
/*
* for now, we simply derive the LDAP attribute values as follows:
* objectClass = person
* uid = pw_name
* sn = pw_name
* cn = pw_name
* cn = pw_gecos (second common name)
*/
entry->lde_attrs = (struct ldattr **)ecalloc( 5, sizeof( struct ldattr * ));
i = 0;
attr = (struct ldattr *)ecalloc( 1, sizeof( struct ldattr ));
attr->lda_name = estrdup( "objectClass" );
attr->lda_values = (char **)ecalloc( 2, sizeof( char * ));
attr->lda_values[ 0 ] = estrdup( "person" );
entry->lde_attrs[ i++ ] = attr;
attr = (struct ldattr *)ecalloc( 1, sizeof( struct ldattr ));
attr->lda_name = estrdup( "uid" );
attr->lda_values = (char **)ecalloc( 2, sizeof( char * ));
attr->lda_values[ 0 ] = estrdup( pw->pw_name );
entry->lde_attrs[ i++ ] = attr;
attr = (struct ldattr *)ecalloc( 1, sizeof( struct ldattr ));
attr->lda_name = estrdup( "sn" );
attr->lda_values = (char **)ecalloc( 2, sizeof( char * ));
attr->lda_values[ 0 ] = estrdup( pw->pw_name );
entry->lde_attrs[ i++ ] = attr;
attr = (struct ldattr *)ecalloc( 1, sizeof( struct ldattr ));
attr->lda_name = estrdup( "cn" );
attr->lda_values = (char **)ecalloc( 3, sizeof( char * ));
attr->lda_values[ 0 ] = estrdup( pw->pw_name );
if ( pw->pw_gecos != NULL && *pw->pw_gecos != '\0' ) {
attr->lda_values[ 1 ] = estrdup( pw->pw_gecos );
}
entry->lde_attrs[ i++ ] = attr;
return( entry );
}

396
servers/slapd/shell-backends/shellutil.c
View File

@ -1,396 +0,0 @@
/* shellutil.c - common routines useful when building shell-based backends */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#include "portable.h"
#include <stdio.h>
#include <ac/stdlib.h>
#include <ac/stdarg.h>
#include <pwd.h>
#include <ac/ctype.h>
#include <ac/string.h>
#include <lber.h>
#include <ldap.h>
#include "shellutil.h"
int debugflg;
char *progname;
static struct inputparams ips[] = {
IP_TYPE_SUFFIX, "suffix",
IP_TYPE_BASE, "base",
IP_TYPE_SCOPE, "scope",
IP_TYPE_ALIASDEREF, "deref",
IP_TYPE_SIZELIMIT, "sizelimit",
IP_TYPE_TIMELIMIT, "timelimit",
IP_TYPE_FILTER, "filter",
IP_TYPE_ATTRS, "attrs",
IP_TYPE_ATTRSONLY, "attrsonly",
0, NULL
};
void
write_result( FILE *fp, int code, char *matched, char *info )
{
fprintf( fp, "RESULT\ncode: %d\n", code );
debug_printf( ">> RESULT\n" );
debug_printf( ">> code: %d\n", code );
if ( matched != NULL ) {
fprintf( fp, "matched: %s\n", matched );
debug_printf( ">> matched: %s\n", matched );
}
if ( info != NULL ) {
fprintf( fp, "info: %s\n", info );
debug_printf( ">> info: %s\n", info );
}
}
void
write_entry( struct ldop *op, struct ldentry *entry, FILE *ofp )
{
struct ldattr **app;
char **valp;
fprintf( ofp, "dn: %s\n", entry->lde_dn );
for ( app = entry->lde_attrs; *app != NULL; ++app ) {
if ( attr_requested( (*app)->lda_name, op )) {
for ( valp = (*app)->lda_values; *valp != NULL; ++valp ) {
fprintf( ofp, "%s: %s\n", (*app)->lda_name, *valp );
}
}
}
fputc( '\n', ofp );
}
int
test_filter( struct ldop *op, struct ldentry *entry )
{
return ((random() & 0x07 ) == 0x07) /* XXX random for now */
? LDAP_COMPARE_TRUE : LDAP_COMPARE_FALSE;
}
int
attr_requested( char *name, struct ldop *op )
{
char **ap;
if ( op->ldop_srch.ldsp_attrs == NULL ) { /* special case */
return( 1 );
}
for ( ap = op->ldop_srch.ldsp_attrs; *ap != NULL; ++ap ) {
if ( strcasecmp( name, *ap ) == 0 ) {
return( 1 );
}
}
return( 0 );
}
void
free_entry( struct ldentry *entry )
{
struct ldattr **app;
char **valp;
free( entry->lde_dn );
for ( app = entry->lde_attrs; *app != NULL; ++app ) {
for ( valp = (*app)->lda_values; *valp != NULL; ++valp ) {
free( *valp );
}
free( (*app)->lda_values );
free( (*app)->lda_name );
}
free( entry->lde_attrs );
free( entry );
}
int
parse_input( FILE *ifp, FILE *ofp, struct ldop *op )
{
char *p, *args, line[ MAXLINELEN + 1 ];
struct inputparams *ip;
if ( fgets( line, MAXLINELEN, ifp ) == NULL ) {
write_result( ofp, LDAP_OTHER, NULL, "Empty Input" );
}
line[ strlen( line ) - 1 ] = '\0';
if ( strncasecmp( line, STR_OP_SEARCH, sizeof( STR_OP_SEARCH ) - 1 )
!= 0 ) {
write_result( ofp, LDAP_UNWILLING_TO_PERFORM, NULL,
"Operation Not Supported" );
return( -1 );
}
op->ldop_op = LDOP_SEARCH;
while ( fgets( line, MAXLINELEN, ifp ) != NULL ) {
line[ strlen( line ) - 1 ] = '\0';
debug_printf( "<< %s\n", line );
args = line;
if (( ip = find_input_tag( &args )) == NULL ) {
debug_printf( "ignoring %s\n", line );
continue;
}
switch( ip->ip_type ) {
case IP_TYPE_SUFFIX:
add_strval( &op->ldop_suffixes, args );
break;
case IP_TYPE_BASE:
op->ldop_dn = estrdup( args );
break;
case IP_TYPE_SCOPE:
if ( lutil_atoi( &op->ldop_srch.ldsp_scope, args ) != 0 ||
( op->ldop_srch.ldsp_scope != LDAP_SCOPE_BASE &&
op->ldop_srch.ldsp_scope != LDAP_SCOPE_ONELEVEL &&
op->ldop_srch.ldsp_scope != LDAP_SCOPE_SUBTREE ) )
{
write_result( ofp, LDAP_OTHER, NULL, "Bad scope" );
return( -1 );
}
break;
case IP_TYPE_ALIASDEREF:
if ( lutil_atoi( &op->ldop_srch.ldsp_aliasderef, args ) != 0 ) {
write_result( ofp, LDAP_OTHER, NULL, "Bad alias deref" );
return( -1 );
}
break;
case IP_TYPE_SIZELIMIT:
if ( lutil_atoi( &op->ldop_srch.ldsp_sizelimit, args ) != 0 ) {
write_result( ofp, LDAP_OTHER, NULL, "Bad size limit" );
return( -1 );
}
break;
case IP_TYPE_TIMELIMIT:
if ( lutil_atoi( &op->ldop_srch.ldsp_timelimit, args ) != 0 ) {
write_result( ofp, LDAP_OTHER, NULL, "Bad time limit" );
return( -1 );
}
break;
case IP_TYPE_FILTER:
op->ldop_srch.ldsp_filter = estrdup( args );
break;
case IP_TYPE_ATTRSONLY:
op->ldop_srch.ldsp_attrsonly = ( *args != '0' );
break;
case IP_TYPE_ATTRS:
if ( strcmp( args, "all" ) == 0 ) {
op->ldop_srch.ldsp_attrs = NULL;
} else {
while ( args != NULL ) {
if (( p = strchr( args, ' ' )) != NULL ) {
*p++ = '\0';
while ( isspace( (unsigned char) *p )) {
++p;
}
}
add_strval( &op->ldop_srch.ldsp_attrs, args );
args = p;
}
}
break;
}
}
if ( op->ldop_suffixes == NULL || op->ldop_dn == NULL ||
op->ldop_srch.ldsp_filter == NULL ) {
write_result( ofp, LDAP_OTHER, NULL,
"Required suffix:, base:, or filter: missing" );
return( -1 );
}
return( 0 );
}
struct inputparams *
find_input_tag( char **linep ) /* linep is set to start of args */
{
int i;
char *p;
if (( p = strchr( *linep, ':' )) == NULL || p == *linep ) {
return( NULL );
}
for ( i = 0; ips[ i ].ip_type != 0; ++i ) {
if ( strncasecmp( *linep, ips[ i ].ip_tag, p - *linep ) == 0 ) {
while ( isspace( (unsigned char) *(++p) )) {
;
}
*linep = p;
return( &ips[ i ] );
}
}
return( NULL );
}
void
add_strval( char ***sp, char *val )
{
int i;
char **vallist;
vallist = *sp;
if ( vallist == NULL ) {
i = 0;
} else {
for ( i = 0; vallist[ i ] != NULL; ++i ) {
;
}
}
vallist = (char **)erealloc( vallist, ( i + 2 ) * sizeof( char * ));
vallist[ i ] = estrdup( val );
vallist[ ++i ] = NULL;
*sp = vallist;
}
char *
estrdup( char *s )
{
char *p;
if (( p = strdup( s )) == NULL ) {
debug_printf( "strdup failed\n" );
exit( EXIT_FAILURE );
}
return( p );
}
void *
erealloc( void *s, unsigned size )
{
char *p;
if ( s == NULL ) {
p = malloc( size );
} else {
p = realloc( s, size );
}
if ( p == NULL ) {
debug_printf( "realloc( p, %d ) failed\n", size );
exit( EXIT_FAILURE );
}
return( p );
}
char *
ecalloc( unsigned nelem, unsigned elsize )
{
char *p;
if (( p = calloc( nelem, elsize )) == NULL ) {
debug_printf( "calloc( %d, %d ) failed\n", nelem, elsize );
exit( EXIT_FAILURE );
}
return( p );
}
#ifdef LDAP_DEBUG
/* VARARGS */
void
debug_printf( const char *fmt, ... )
{
va_list ap;
if ( debugflg ) {
va_start( ap, fmt );
fprintf( stderr, "%s: ", progname );
vfprintf( stderr, fmt, ap );
va_end( ap );
}
}
void
dump_ldop( struct ldop *op )
{
if ( !debugflg ) {
return;
}
debug_printf( "SEARCH operation\n" );
if ( op->ldop_suffixes == NULL ) {
debug_printf( " suffix: NONE\n" );
} else {
int i;
for ( i = 0; op->ldop_suffixes[ i ] != NULL; ++i ) {
debug_printf( " suffix: <%s>\n", op->ldop_suffixes[ i ] );
}
}
debug_printf( " dn: <%s>\n", op->ldop_dn );
debug_printf( " scope: <%d>\n", op->ldop_srch.ldsp_scope );
debug_printf( " filter: <%s>\n", op->ldop_srch.ldsp_filter );
debug_printf( "aliasderef: <%d>\n", op->ldop_srch.ldsp_aliasderef );
debug_printf( " sizelimit: <%d>\n", op->ldop_srch.ldsp_sizelimit );
debug_printf( " timelimit: <%d>\n", op->ldop_srch.ldsp_timelimit );
debug_printf( " attrsonly: <%d>\n", op->ldop_srch.ldsp_attrsonly );
if ( op->ldop_srch.ldsp_attrs == NULL ) {
debug_printf( " attrs: ALL\n" );
} else {
int i;
for ( i = 0; op->ldop_srch.ldsp_attrs[ i ] != NULL; ++i ) {
debug_printf( " attrs: <%s>\n", op->ldop_srch.ldsp_attrs[ i ] );
}
}
}
#endif /* LDAP_DEBUG */

123
servers/slapd/shell-backends/shellutil.h
View File

@ -1,123 +0,0 @@
/* shellutil.h */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2021 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that this notice is preserved and that due credit is given
* to the University of Michigan at Ann Arbor. The name of the University
* may not be used to endorse or promote products derived from this
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#ifndef SHELLUTIL_H
#define SHELLUTIL_H
#include <ldap_cdefs.h>
LDAP_BEGIN_DECL
#define MAXLINELEN 512
#define STR_OP_SEARCH "SEARCH"
struct inputparams {
int ip_type;
#define IP_TYPE_SUFFIX 0x01
#define IP_TYPE_BASE 0x02
#define IP_TYPE_SCOPE 0x03
#define IP_TYPE_ALIASDEREF 0x04
#define IP_TYPE_SIZELIMIT 0x05
#define IP_TYPE_TIMELIMIT 0x06
#define IP_TYPE_FILTER 0x07
#define IP_TYPE_ATTRSONLY 0x08
#define IP_TYPE_ATTRS 0x09
char *ip_tag;
};
struct ldsrchparms {
int ldsp_scope;
int ldsp_aliasderef;
int ldsp_sizelimit;
int ldsp_timelimit;
int ldsp_attrsonly;
char *ldsp_filter;
char **ldsp_attrs;
};
struct ldop {
int ldop_op;
#define LDOP_SEARCH 0x01
char **ldop_suffixes;
char *ldop_dn;
union ldapop_params_u {
struct ldsrchparms LDsrchparams;
} ldop_params;
#define ldop_srch ldop_params.LDsrchparams
};
struct ldattr {
char *lda_name;
char **lda_values;
};
struct ldentry {
char *lde_dn;
struct ldattr **lde_attrs;
};
#ifdef LDAP_DEBUG
void debug_printf(const char *, ...) LDAP_GCCATTR((format(printf, 1, 2)));
#else /* LDAP_DEBUG */
#define debug_printf (void) /* Ignore "arguments" */
#endif /* LDAP_DEBUG */
/*
* function prototypes
*/
void write_result( FILE *fp, int code, char *matched, char *info );
void write_entry( struct ldop *op, struct ldentry *entry, FILE *ofp );
int test_filter( struct ldop *op, struct ldentry *entry );
void free_entry( struct ldentry *entry );
int attr_requested( char *name, struct ldop *op );
int parse_input( FILE *ifp, FILE *ofp, struct ldop *op );
struct inputparams *find_input_tag( char **linep );
void add_strval( char ***sp, char *val );
char *ecalloc( unsigned nelem, unsigned elsize );
void *erealloc( void *s, unsigned size );
char *estrdup( char *s );
extern void dump_ldop (struct ldop *op);
/*
* global variables
*/
extern int debugflg;
extern char *progname;
LDAP_END_DECL
#endif