/* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * * Copyright 1999-2011 The OpenLDAP Foundation. * Portions Copyright 2001-2003 Pierangelo Masarati. * Portions Copyright 1999-2003 Howard Chu. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP * Public License. * * A copy of this license is available in the file LICENSE in the * top-level directory of the distribution or, alternatively, at * . */ /* ACKNOWLEDGEMENTS: * This work was initially developed by the Howard Chu for inclusion * in OpenLDAP Software and subsequently enhanced by Pierangelo * Masarati. */ #include "portable.h" #include #include #include #include "slap.h" #include "lutil.h" #include "../back-ldap/back-ldap.h" #include "back-meta.h" static int meta_back_new_target( metatarget_t **mtp ) { char *rargv[ 3 ]; metatarget_t *mt; *mtp = NULL; mt = ch_calloc( sizeof( metatarget_t ), 1 ); mt->mt_rwmap.rwm_rw = rewrite_info_init( REWRITE_MODE_USE_DEFAULT ); if ( mt->mt_rwmap.rwm_rw == NULL ) { ch_free( mt ); return -1; } /* * the filter rewrite as a string must be disabled * by default; it can be re-enabled by adding rules; * this creates an empty rewriteContext */ rargv[ 0 ] = "rewriteContext"; rargv[ 1 ] = "searchFilter"; rargv[ 2 ] = NULL; rewrite_parse( mt->mt_rwmap.rwm_rw, "", 1, 2, rargv ); rargv[ 0 ] = "rewriteContext"; rargv[ 1 ] = "default"; rargv[ 2 ] = NULL; rewrite_parse( mt->mt_rwmap.rwm_rw, "", 1, 2, rargv ); ldap_pvt_thread_mutex_init( &mt->mt_uri_mutex ); mt->mt_idassert_mode = LDAP_BACK_IDASSERT_LEGACY; mt->mt_idassert_authmethod = LDAP_AUTH_NONE; mt->mt_idassert_tls = SB_TLS_DEFAULT; /* by default, use proxyAuthz control on each operation */ mt->mt_idassert_flags = LDAP_BACK_AUTH_PRESCRIPTIVE; *mtp = mt; return 0; } static int check_true_false( char *str ) { if ( strcasecmp( str, "true" ) == 0 || strcasecmp( str, "yes" ) == 0 ) { return 1; } if ( strcasecmp( str, "false" ) == 0 || strcasecmp( str, "no" ) == 0 ) { return 0; } return -1; } int meta_subtree_destroy( metasubtree_t *ms ) { if ( ms->ms_next ) { meta_subtree_destroy( ms->ms_next ); } switch ( ms->ms_type ) { case META_ST_SUBTREE: case META_ST_SUBORDINATE: ber_memfree( ms->ms_dn.bv_val ); break; case META_ST_REGEX: regfree( &ms->ms_regex ); ch_free( ms->ms_regex_pattern ); break; default: return -1; } ch_free( ms ); return 0; } static int meta_subtree_config( metatarget_t *mt, int argc, char **argv, char *buf, ber_len_t buflen, char *log_prefix ) { meta_st_t type = META_ST_SUBTREE; char *pattern; struct berval ndn = BER_BVNULL; metasubtree_t *ms = NULL; if ( strcasecmp( argv[0], "subtree-exclude" ) == 0 ) { if ( mt->mt_subtree && !mt->mt_subtree_exclude ) { snprintf( buf, buflen, "\"subtree-exclude\" incompatible with previous \"subtree-include\" directives" ); return 1; } mt->mt_subtree_exclude = 1; } else { if ( mt->mt_subtree && mt->mt_subtree_exclude ) { snprintf( buf, buflen, "\"subtree-include\" incompatible with previous \"subtree-exclude\" directives" ); return 1; } } switch ( argc ) { case 1: snprintf( buf, buflen, "missing pattern" ); return 1; case 2: break; default: snprintf( buf, buflen, "too many args" ); return 1; } pattern = argv[1]; if ( strncasecmp( pattern, "dn", STRLENOF( "dn" ) ) == 0 ) { char *style; pattern = &pattern[STRLENOF( "dn")]; if ( pattern[0] == '.' ) { style = &pattern[1]; if ( strncasecmp( style, "subtree", STRLENOF( "subtree" ) ) == 0 ) { type = META_ST_SUBTREE; pattern = &style[STRLENOF( "subtree" )]; } else if ( strncasecmp( style, "children", STRLENOF( "children" ) ) == 0 ) { type = META_ST_SUBORDINATE; pattern = &style[STRLENOF( "children" )]; } else if ( strncasecmp( style, "sub", STRLENOF( "sub" ) ) == 0 ) { type = META_ST_SUBTREE; pattern = &style[STRLENOF( "sub" )]; } else if ( strncasecmp( style, "regex", STRLENOF( "regex" ) ) == 0 ) { type = META_ST_REGEX; pattern = &style[STRLENOF( "regex" )]; } else { snprintf( buf, buflen, "unknown style in \"dn.