LDAPext discussions).
Add attrs and attrsonly support to monitor/config info.
Add rdn attributes to schema/monitor/config.
Add extensibleObject objectclass to schema/monitor/config.
Add top objectclass to rootdse/monitor/config.
Remove opattrs option from send_search_entry().
added slap_ and ldbm_ to many structures
added typedefs to many structures
used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
of a bind request and, upon failure, are left "anonymous."
Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.
Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls. Adds ACL_AUTH "auth" access level (above none,
below "compare"). bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName". This allows administrators to restrict
which entries can be bound to. (This will likely become default behavior
after testing has completed).
specific which methods may be used. This will facilate development
of a slapd config directive "passwordMethod ..." to specify which
methods should be allowed.
added lber_types.h.nt, lber_types.h.in
removal of NULLxxx internal macros (in favor of NULL).
ch_free added to slapd,slurpd/ch_malloc.c
#define free ch_free (should be removed after s/free/ch_free/g) in proto-slap.h
ch_malloc and friends use ber_memalloc and friends
ldap_defaults.h incorporates non-generated ldapconfig.h values.
ldap_config.h.in is new template for autoconf generated defaults
(namely directories and paths)
ldap_config.h.nt, NT template (must be manually copied)
s/<ldapconfig.h>/<ldap_defaults.h>/
s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
Added validation to exposed opaque data structures (BerElement, Sockbuf,
and LDAP). Added macros BER_VALID, SOCKBUF_VALID, LDAP_VALID.
Added ber_pvt_ber_bytes() and ber_pvt_ber_remaining() macros to hide
some ber internals. These really should be handled by ber_get_option().
This commit includes many changes. All changes compile under NT but
have not been tested under UNIX.
A Summary of changes (likely incomplete):
NT changes:
Removed lint.
Clean up configuration support for "Debug", "Release", "SDebug",
and "SRelease" configurations.
Share output directories for clients, libraries,
and slapd. (maybe they should be combined further
and moved to build/{,S}{Debug,Release}).
Enable threading when _MT is defined.
Enable debuging when _DEBUG is defined.
Disable setting of NDEBUG under Release/SRelease. Asserts
are disabled in <ac/assert.h> when LDAP_DEBUG is not
defined.
Added 'build/main.dsp' Master project.
Removed non-slapd projects from slapd.dsp (see main.dsp).
Removed replaced many uses of _WIN32 macro with feature based
macros.
ldap_cdefs.h changes
#define LDAP_CONST const
(see below)
#define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST
To allow specifiers to be added before and after
the type declaration. (For DLL handling)
LBER/LDAP changes
Namespace changes:
s/lber_/ber_/ for here and there.
s/NAME_ERROR/LDAP_NAME_ERROR/g
Deleted NULLMSG and other NULL* macros for namespace reasons.
"const" libraries. Installed headers (ie: lber.h, ldap.h)
use LDAP_CONST macro. Normally set to 'const' when
__STDC__. Can be set externally to enable/disable
'constification' of external interface. Internal
interface always uses 'const'. Did not fix warnings
in -lldif (in lieu of new LDIF parser).
Added _ext API implementations (excepting search and bind).
Need to implement ldap_int_get_controls() for reponses
with controls.
Added numberous assert() checks.
LDAP_R
_MT defines HAVE_NT_THREADS
Added numberous assert() checks.
Changed ldap_pthread_t back to unsigned long. Used cast
to HANDLE in _join().
LDBM
Replaced _WIN32 with HAVE_SYSLOG
ud
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
slapd
Made connection sockbuf field a pointer to a sockbuf. This
removed slap.h dependency on lber-int.h. lber-int.h now only
included by those files needing to mess with the sockbuf.
Used ber_* functions/macros to access sockbuf internals whenever
possible.
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
Removed FD_SET unsigned lint
slapd/tools
Used EXEEXT to added ".exe" to routines. Need to define EXEEXT
under UNIX.
ldappasswd
Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand().
nt_debug
Minor cleanup. Added "portable.h" include and used <ac/*.h> where
appropriate. Added const to char* format argument.
Move cache_return_entry_w() out of ldbm_back_add when the add is successful.
This change breaks back-bdb2, it needs equvalent changes of those in back-ldbm.
id2entry: when an error occurs attempting to insert fetched
entry into cache, check to see if entry was added by another
thread. If so, return the entry added by the other thread.
The concurrency tests now run without the dreaded "no such object"
error messages!
Removed external include/library paths from projects. External paths should
be set via Tools | Options | Directories. This allows each developer the
freedom to install external libraries where they desire.
Used libdb.lib instead of libdbs.lib to avoid thread conflicts.
Added hs_regex.lib to library input. We require some form of regex, this
library works (and is relatively easy for the user to install).
Removed a little lint which MCVC5 detected.
Need to sort out single-threaded vs multithreaded library generation.
remove race conditions on connection close.
BROKEN: various counters for dn=monitor.
Initial testing on FreeBSD (with and without pthreads) was successfull.
Have not yet tested preemptive threading environments.
Have not built against backends other than LDBM.
cache_set_state() and state args are no history.
Move cache_entry_cmp() and friends to slapd/entry.c to allow sharing
of functions between backends.. Renamed to entry_cmp().
The new e_private field can be used for any backend purpose. In LDBM,
it's used to point th the private entry info struct. The LDBM entry
info struct is only visible to the LDBM cache.
WARNING: This change has not be ported to other backends! Breakage is likely.
Integration into ./configure ( --enable-bdb2 ).
Adaptation of the test-suite ( 'make' -> ldbm; 'make bdb2-local' -> bdb2 ).
Minor fixes in slapd/libldbm.
BEWARE: the backend will be compiled.
the backend will NOT be invoked, yet.
the backend CANNOT be invoked, yet, because it is NOT yet
integrated into the new initialization/startup environment
of the slapd server.
Separates per backend type from per backend database initialization
and startup. Also supports per type / per backend shutdown.
New frontend startup/shutdown routines are also provided:
slap_init() slap_startup() slap_shutdown() slap_destroy()
New frontend->backend startup/shutdown is managed by:
backend_init() backend_startup() backend_shutdown backend_destroy
backend_init() now calls bi_init() to initial all function pointers
for the backend (excepting bi_init() which is now the only hardcoded
entry point). New entry points are detailed in slap.h struct
backend_info. backend_info is a per database type structure.
Besides the new startup/shutdown entry points, the new interface
also supports per backend type configuration options. One could have:
backend bdb2 (new Berkeley DB 2 backend)
bdb2_home /directory
database bdb2
...
*** This code is fairly experimental ***
*** Much cleanup and testing is still needed ***
see slap.h for details on struct backend_db and backend_info.
okay to read and write LDBM specific fields (state, refcnt,
LRU. The id field, though is read-only once set.
cache_find_entry_dn2id(), hence, does not require any entry locks.
cache_find_entry_id() must do a entry_rdwr_trylock() and back
off if busy.
Add new rdwr lock code with trylock() functionality.
Implement entry_rdwr_trylock().
Fix idl_nextid not to skip an ID if ID not in list.
Both of these should not occur if used correctly, but cheap insurance
against incorrect usage is welcomed.
instead of array with overlayed struct fields. (which is inherently
non-portable).
Change maxid check in insert to be greater than or equal instead
of equal.
Use SAFEMEMCPY.
Likely broke things for non-posix threadings....
Update -lldap_r implementation to:
remove attribute support
hide thread detachment
provide concurrency accessors
provide initialization function
fix gethostby{addr,name}_r codes (not coverred by HAVE_REENTRANT_FUNCTIONS)
Update servers/libraries to use ldap_pvt_thread_ calls.
Cleanup server codes (no #ifdef HAVE_PTHREAD_THIS or _THATs)!
Removed -llthread
back-ldbm was using a cache specific lock to protect non-reentrant
database routines from being reenterred. This is inadequate.
Also, reentrant database systems calls were serialized unnecessarily.
Non-reentrant database calls must have a big_mutex. Implemented
this within -lldbm itself. library requires ldbm_initialize()
be called before any other ldbm call to initialize the big_mutex
and to do any other db specific initialization (ie: such as
required for DB2).
The dbc_mutex, dbc_cv, & dbc_readers fileds of dbcache are history.
The "reentrant_database" (REENTRANT_DATABASE) define is also axed.
behind REENTRANT_DATABASE. rename reentrant_database -> REENTRANT_DATABASE.
When REENTRANT_DATABASE is defined, the simple lock is replaced
with a simple reader/writer lock. This functionality should be removed
from back-ldbm to libldbm.
SLAPD_NEXTID_CHUNK. Code protects NEXTID file to ensure
its equal to or greater than nextid. Updated on close
to actual nextid. next_id_save() could be called periodically
if desired. Default chunk size is 32. Define to 1 to disable
chunking.
Update slap_op to maintain dn and ndn (derived from conn->c_dn).
Update ldbm_back_bind to return actual bound dn (including rootdn)
for use in slapd_conn. Other backends use client dn.
Modify other codes to use ndn (normalized uppercase dn) most everywhere.
Aliasing, Suffixing and modrdn could use more work.
Applied suffixing to compare and modrdn.
creation codes to provide this field. Update cache_entrydn_cmp
to strcasecmp() the e_ndn instead of e_dn. Note: strcasecmp()
is still used as e_ndn isn't in uppercase. Maybe it should
be. Did not update other codes to use e_ndn. Hence, there
are lots of dn_normalize() calls that could be eliminated.
(The case determination of e_ndn should be made first).
parent's "children" attribute. Write lock parent to prevent
multiple clients making conflicting operations concurrently.
If parent doesn't exist (ie: is backend root), acquire a writer
lock (a simple mutex) on the "root."
Use -DSLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL to use the child's
"entry" acl for modrdn/delete operations.
- slapd's pid/args file names are based on the servers binary file names,
providing for multiple servers beeing run on one host.
- slapd supports the -l command line parameter for selection of a
syslog LOCAL user (-lLOCAL0 .. -lLOCAL7)
- db_appinit() is called during first ldbm_open() in DB 2.x to initialize
DB debugging features (good to find bugs in the DB code :-)
- a patch for a non-initialized variable in DB's 2.x db_open is provided.
Resolved deadlock by passing target entry to be_group and using
this if dn same as bdn. It might actually be safer to check
entry ids instead of dns.
Resolved bogus add to cache after failed acl check by deferring
cache add until after parent/acl checks have successful been
completed.
Eliminated race condition caused by concurrent adds
of same dn by adding 'li_add_mutex' around the critical section
of code (most of ldbm_back_add).
This code is preliminary and still needs significant testing.
struct friendly (Friendly) changed to ldap_friendly (LDAPFriendly)
ldap_friendly friend prefix changed to 'lf_' from 'f_'
removed mod_next field from LDAPMod (struct ldapmod)
modified slapd to use new LDAPModList (struct ldapmodlist) struct.
Added LDAPv3 result codes to ldap.h
"Check that the entry has no writers before removing it from the
cache" sounds more sensible to me than "check that it *has* writers"
before removing it.
I've also changed the default cachesize for tests to 4. This
should help discover such problems.
Remove MD5 and SHA1 options (both are now always on). Rename
functions to be lutil_ instead of ldap_.
Create --enable-cleartext option. Default is currently 'on'.
This could cause problems on odd systems. The generic
headers should be extended as needed to include necessary
system headers or, if necessary, make explicit declarations.
Extended ac/string.h header to look for string.h/strings.h if
STDC_HEADERS is not defined. Also provide basic declarations for
str*() functions. This could cause problems on odd systems.
Extended ac/unistd.h header to define basic declaration for misc
functions that might be missing from headers. This includes
externs for getenv(), getopt(), mktemp(), tempname().
Protect fax500.h from multiple inclusion. Moved includes of
system/generic headers back to source files.
Made mail500 helper functions static.
Fixed includes of ctype.h, signal.h, etc. to use generics.
lutil/tempname.c: was including stdlib.h twice, one should stdio.h.
Wrapped <sys/resource.h> with HAVE_SYS_RESOURCE_H.
lber/io.c/ber_get_next(): Changed noctets back to signed.
Used with BerRead which expects signed int as second arg and
returns signed int.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
#include <stdlib.h> to get malloc & co various places,
#include <ac/string.h> to get strlen & co in (liblutil/setproctitle.c),
declare ch_malloc & co (slurp.h), avl_find_lin (avl.h), Malloc (ud/edit.c).
Also changed ch_malloc & co from char* to void* functions.
SHA1 support is contributed by Daniel J. Gregor <dj@gregor.com>
MD5 support is contributed by me <kurt@OpenLDAP.org>
Uses public domain MD5 routines
Uses ISC/IBM freely redistributable Base64 routines
SHA1 support requires external SHA1 routines
adds POSIX RegEx (and removes BSD re_comp/re_exec) support.
* POSIX RegEx is not currently included in the distribution, however
we will probably add Henry Spencer's REGEX library soon.
* ACL Group functionality is also included in this merge!