mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
3b3070d223
openldap/servers/slapd/overlays/unique.c
Howard Chu 8b06446b10 back-config support, cleanup init/destroy
2006-04-27 02:28:07 +00:00

736 lines
16 KiB
C
Raw Blame History

/* unique.c - attribute uniqueness module */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2004-2006 The OpenLDAP Foundation.
* Portions Copyright 2004 Symas Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/* ACKNOWLEDGEMENTS:
* This work was initially developed by Symas Corp. for inclusion in
* OpenLDAP Software. This work was sponsored by Hewlett-Packard.
*/
#include "portable.h"
#ifdef SLAPD_OVER_UNIQUE
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "config.h"
static slap_overinst unique;
typedef struct unique_attrs_s {
struct unique_attrs_s *next; /* list of attrs */
AttributeDescription *attr;
} unique_attrs;
typedef struct unique_data_s {
const char *message; /* breadcrumbs */
struct unique_attrs_s *attrs; /* list of known attrs */
struct unique_attrs_s *ignore; /* list of ignored attrs */
BerValue dn; /* base of "unique tree" */
char strict; /* null considered unique too */
} unique_data;
typedef struct unique_counter_s {
struct berval *ndn;
int count;
} unique_counter;
enum {
UNIQUE_BASE = 1,
UNIQUE_IGNORE,
UNIQUE_ATTR,
UNIQUE_STRICT
};
static ConfigDriver unique_cf_gen;
static ConfigTable uniquecfg[] = {
{ "unique_base", "basedn", 2, 2, 0, ARG_DN|ARG_MAGIC|UNIQUE_BASE,
unique_cf_gen, "( OLcfgOvAt:10.1 NAME 'olcUniqueBase' "
"DESC 'Subtree for uniqueness searches' "
"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
{ "unique_ignore", "attribute...", 2, 0, 0, ARG_MAGIC|UNIQUE_IGNORE,
unique_cf_gen, "( OLcfgOvAt:10.2 NAME 'olcUniqueIgnore' "
"DESC 'Attributes for which uniqueness shall not be enforced' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "unique_attributes", "attribute...", 2, 0, 0, ARG_MAGIC|UNIQUE_ATTR,
unique_cf_gen, "( OLcfgOvAt:10.3 NAME 'olcUniqueAttribute' "
"DESC 'Attributes for which uniqueness shall be enforced' "
"SYNTAX OMsDirectoryString )", NULL, NULL },
{ "unique_strict", "on|off", 1, 2, 0,
ARG_ON_OFF|ARG_OFFSET|UNIQUE_STRICT,
(void *)offsetof(unique_data, strict),
"( OLcfgOvAt:10.4 NAME 'olcUniqueStrict' "
"DESC 'Enforce uniqueness of null values' "
"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
{ NULL, NULL, 0, 0, 0, ARG_IGNORED }
};
static ConfigOCs uniqueocs[] = {
{ "( OLcfgOvOc:10.1 "
"NAME 'olcUniqueConfig' "
"DESC 'Attribute value uniqueness configuration' "
"SUP olcOverlayConfig "
"MAY ( olcUniqueBase $ olcUniqueIgnore $ "
"olcUniqueAttribute $ olcUniqueStrict ) )",
Cft_Overlay, uniquecfg },
{ NULL, 0, NULL }
};
static int
unique_cf_gen( ConfigArgs *c )
{
slap_overinst *on = (slap_overinst *)c->bi;
unique_data *ud = (unique_data *)on->on_bi.bi_private;
BackendDB *be = (BackendDB *)c->be;
unique_attrs *up, *pup, **pupp = NULL;
AttributeDescription *ad;
const char *text;
int rc = ARG_BAD_CONF;
int i;
switch ( c->op ) {
case SLAP_CONFIG_EMIT:
switch ( c->type ) {
case UNIQUE_BASE:
if ( !BER_BVISEMPTY( &ud->dn )) {
rc = value_add_one( &c->rvalue_vals, &ud->dn );
if ( rc ) return rc;
rc = value_add_one( &c->rvalue_nvals, &ud->dn );
return rc;
}
break;
case UNIQUE_IGNORE:
/* fallthrough to UNIQUE_ATTR */
case UNIQUE_ATTR:
if ( c->type == UNIQUE_IGNORE ) up = ud->ignore;
else up = ud->attrs;
while ( up ) {
value_add_one( &c->rvalue_vals,
&up->attr->ad_cname );
up = up->next;
}
rc = 0;
break;
case UNIQUE_STRICT:
/* handled via ARG_OFFSET */
/* fallthrough to default */
default:
abort ();
}
break;
case LDAP_MOD_DELETE:
switch ( c->type ) {
case UNIQUE_BASE:
/* default to the base of our configured database */
if ( ud->dn.bv_val ) ber_memfree ( ud->dn.bv_val );
ber_dupbv( &ud->dn, &be->be_nsuffix[0] );
rc = 0;
break;
case UNIQUE_IGNORE:
/* fallthrough to UNIQUE_ATTR */
case UNIQUE_ATTR:
if ( c->type == UNIQUE_IGNORE ) pupp = &ud->ignore;
else pupp = &ud->attrs;
if ( c->valx < 0 ) {
up = *pupp;
*pupp = NULL;
while ( up ) {
pup = up;
up = up->next;
ch_free ( pup );
}
} else {
/* delete from linked list */
for ( i=0; i < c->valx; ++i ) {
pupp = &(*pupp)->next;
}
up = *pupp;
*pupp = (*pupp)->next;
/* AttributeDescriptions are global so
* shouldn't be freed here... */
ch_free ( up );
}
rc = 0;
break;
case UNIQUE_STRICT:
/* handled via ARG_OFFSET */
/* fallthrough to default */
default:
abort ();
}
break;
case SLAP_CONFIG_ADD:
/* fallthrough to LDAP_MOD_ADD */
case LDAP_MOD_ADD:
switch ( c->type ) {
case UNIQUE_BASE:
if ( !dnIsSuffix ( &c->value_ndn,
&be->be_nsuffix[0] ) ) {
sprintf ( c->msg, "dn is not a suffix of backend base" );
Debug ( LDAP_DEBUG_CONFIG, "unique add: %s\n",
c->msg, NULL, NULL );
rc = ARG_BAD_CONF;
}
if ( ud->dn.bv_val ) ber_memfree ( ud->dn.bv_val );
ud->dn = c->value_ndn;
rc = 0;
break;
case UNIQUE_IGNORE:
/* fallthrough to UNIQUE_ATTR */
case UNIQUE_ATTR:
rc = 0;
for ( i=1; i < c->argc; ++i ) {
ad = NULL;
if ( slap_str2ad ( c->argv[i], &ad, &text )
== LDAP_SUCCESS) {
up = ch_malloc (
sizeof ( unique_attrs ) );
up->attr = ad;
if ( c->type == UNIQUE_IGNORE ) {
up->next = ud->ignore;
ud->ignore = up;
} else {
up->next = ud->attrs;
ud->attrs = up;
}
} else {
Debug ( LDAP_DEBUG_CONFIG,
"unique add: <%s>: %s\n",
c->argv[i], text, NULL );
strncpy ( c->msg,
text,
SLAP_TEXT_BUFLEN-1 );
c->msg[SLAP_TEXT_BUFLEN-1] = '\0';
rc = ARG_BAD_CONF;
}
}
break;
case UNIQUE_STRICT:
/* handled via ARG_OFFSET */
/* fallthrough to default */
default:
abort ();
}
break;
default:
abort ();
}
return rc;
}
/*
** allocate new unique_data;
** initialize, copy basedn;
** store in on_bi.bi_private;
**
*/
static int unique_db_init(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
unique_data *ud = ch_calloc(1,sizeof(unique_data));
/* Debug(LDAP_DEBUG_TRACE, "==> unique_init\n", 0, 0, 0); */
ud->message = "_init";
on->on_bi.bi_private = ud;
return 0;
}
static int unique_db_destroy(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
if ( on->on_bi.bi_private ) {
ch_free( on->on_bi.bi_private );
on->on_bi.bi_private = NULL;
}
return 0;
}
/*
** mostly, just print the init message;
**
*/
static int
unique_open(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
unique_data *ud = on->on_bi.bi_private;
ud->message = "_open";
Debug(LDAP_DEBUG_TRACE, "unique_open: overlay initialized\n", 0, 0, 0);
if ( BER_BVISNULL( &ud->dn )) {
if ( BER_BVISNULL( &be->be_nsuffix[0] ))
return -1;
/* default to the base of our configured database */
ber_dupbv(&ud->dn, &be->be_nsuffix[0]);
}
return(0);
}
/*
** foreach configured attribute:
** free it;
** free our basedn;
**
*/
static int
unique_close(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *) be->bd_info;
unique_data *ud = on->on_bi.bi_private;
unique_attrs *ii, *ij;
ud->message = "_close";
Debug(LDAP_DEBUG_TRACE, "==> unique_close\n", 0, 0, 0);
for(ii = ud->attrs; ii; ii = ij) {
ij = ii->next;
ch_free(ii);
}
for(ii = ud->ignore; ii; ii = ij) {
ij = ii->next;
ch_free(ii);
}
ch_free(ud->dn.bv_val);
memset( ud, 0, sizeof(*ud));
return(0);
}
/*
** search callback
** if this is a REP_SEARCH, count++;
**
*/
static int count_attr_cb(
Operation *op,
SlapReply *rs
)
{
unique_counter *uc;
/* because you never know */
if(!op || !rs) return(0);
/* Only search entries are interesting */
if(rs->sr_type != REP_SEARCH) return(0);
uc = op->o_callback->sc_private;
/* Ignore the current entry */
if ( dn_match( uc->ndn, &rs->sr_entry->e_nname )) return(0);
Debug(LDAP_DEBUG_TRACE, "==> count_attr_cb <%s>\n",
rs->sr_entry ? rs->sr_entry->e_name.bv_val : "UNKNOWN_DN", 0, 0);
uc->count++;
return(0);
}
static int count_filter_len(
unique_data *ud,
AttributeDescription *ad,
BerVarray b,
int ks
)
{
unique_attrs *up;
int i;
while ( !is_at_operational( ad->ad_type ) ) {
if ( ud->ignore ) {
for ( up = ud->ignore; up; up = up->next ) {
if (ad == up->attr ) {
break;
}
}
if ( up ) {
break;
}
}
if ( ud->attrs ) {
for ( up = ud->attrs; up; up = up->next ) {
if ( ad == up->attr ) {
break;
}
}
if ( !up ) {
break;
}
}
if ( b && b[0].bv_val ) {
for (i = 0; b[i].bv_val; i++ ) {
/* note: make room for filter escaping... */
ks += ( 3 * b[i].bv_len ) + ad->ad_cname.bv_len + STRLENOF( "(=)" );
}
} else if ( ud->strict ) {
ks += ad->ad_cname.bv_len + STRLENOF( "(=*)" ); /* (attr=*) */
}
break;
}
return ks;
}
static char *build_filter(
unique_data *ud,
AttributeDescription *ad,
BerVarray b,
char *kp,
void *ctx
)
{
unique_attrs *up;
int i;
while ( !is_at_operational( ad->ad_type ) ) {
if ( ud->ignore ) {
for ( up = ud->ignore; up; up = up->next ) {
if ( ad == up->attr ) {
break;
}
}
if ( up ) {
break;
}
}
if ( ud->attrs ) {
for ( up = ud->attrs; up; up = up->next ) {
if ( ad == up->attr ) {
break;
}
}
if ( !up ) {
break;
}
}
if ( b && b[0].bv_val ) {
for ( i = 0; b[i].bv_val; i++ ) {
struct berval bv;
ldap_bv2escaped_filter_value_x( &b[i], &bv, 1, ctx );
kp += sprintf( kp, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val );
if ( bv.bv_val != b[i].bv_val ) {
ber_memfree_x( bv.bv_val, ctx );
}
}
} else if ( ud->strict ) {
kp += sprintf( kp, "(%s=*)", ad->ad_cname.bv_val );
}
break;
}
return kp;
}
static int unique_search(
Operation *op,
Operation *nop,
SlapReply *rs,
char *key
)
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
unique_data *ud = on->on_bi.bi_private;
SlapReply nrs = { REP_RESULT };
slap_callback cb = { NULL, NULL, NULL, NULL }; /* XXX */
unique_counter uq = { NULL, 0 };
int rc;
nop->ors_filter = str2filter_x(nop, key);
ber_str2bv(key, 0, 0, &nop->ors_filterstr);
cb.sc_response = (slap_response*)count_attr_cb;
cb.sc_private = &uq;
nop->o_callback = &cb;
nop->o_tag = LDAP_REQ_SEARCH;
nop->ors_scope = LDAP_SCOPE_SUBTREE;
nop->ors_deref = LDAP_DEREF_NEVER;
nop->ors_limit = NULL;
nop->ors_slimit = SLAP_NO_LIMIT;
nop->ors_tlimit = SLAP_NO_LIMIT;
nop->ors_attrs = slap_anlist_no_attrs;
nop->ors_attrsonly = 1;
uq.ndn = &op->o_req_ndn;
nop->o_req_ndn = ud->dn;
nop->o_ndn = op->o_bd->be_rootndn;
nop->o_bd = on->on_info->oi_origdb;
rc = nop->o_bd->be_search(nop, &nrs);
filter_free_x(nop, nop->ors_filter);
op->o_tmpfree( key, op->o_tmpmemctx );
if(rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT) {
op->o_bd->bd_info = (BackendInfo *) on->on_info;
send_ldap_error(op, rs, rc, "unique_search failed");
return(rs->sr_err);
}
Debug(LDAP_DEBUG_TRACE, "=> unique_search found %d records\n", uq.count, 0, 0);
if(uq.count) {
op->o_bd->bd_info = (BackendInfo *) on->on_info;
send_ldap_error(op, rs, LDAP_CONSTRAINT_VIOLATION,
"some attributes not unique");
return(rs->sr_err);
}
return(SLAP_CB_CONTINUE);
}
#define ALLOC_EXTRA 16 /* extra slop */
static int unique_add(
Operation *op,
SlapReply *rs
)
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
unique_data *ud = on->on_bi.bi_private;
Operation nop = *op;
Attribute *a;
char *key, *kp;
int ks = 0;
Debug(LDAP_DEBUG_TRACE, "==> unique_add <%s>\n", op->o_req_dn.bv_val, 0, 0);
if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ))
return SLAP_CB_CONTINUE;
/*
** count everything first;
** allocate some memory;
** write the search key;
**
*/
if(!(a = op->ora_e->e_attrs)) {
op->o_bd->bd_info = (BackendInfo *) on->on_info;
send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
"unique_add() got null op.ora_e.e_attrs");
return(rs->sr_err);
} else for(; a; a = a->a_next) {
ks = count_filter_len(ud, a->a_desc, a->a_vals, ks);
}
if ( !ks )
return SLAP_CB_CONTINUE;
ks += ALLOC_EXTRA;
key = op->o_tmpalloc(ks, op->o_tmpmemctx);
kp = key + sprintf(key, "(|");
for(a = op->ora_e->e_attrs; a; a = a->a_next) {
kp = build_filter(ud, a->a_desc, a->a_vals, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
Debug(LDAP_DEBUG_TRACE, "=> unique_add %s\n", key, 0, 0);
return unique_search(op, &nop, rs, key);
}
static int unique_modify(
Operation *op,
SlapReply *rs
)
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
unique_data *ud = on->on_bi.bi_private;
Operation nop = *op;
Modifications *m;
char *key, *kp;
int ks = 0;
Debug(LDAP_DEBUG_TRACE, "==> unique_modify <%s>\n", op->o_req_dn.bv_val, 0, 0);
if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ))
return SLAP_CB_CONTINUE;
/*
** count everything first;
** allocate some memory;
** write the search key;
**
*/
if(!(m = op->orm_modlist)) {
op->o_bd->bd_info = (BackendInfo *) on->on_info;
send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
"unique_modify() got null op.orm_modlist");
return(rs->sr_err);
} else for(; m; m = m->sml_next) {
if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
ks = count_filter_len(ud, m->sml_desc, m->sml_values, ks);
}
if ( !ks )
return SLAP_CB_CONTINUE;
ks += ALLOC_EXTRA;
key = op->o_tmpalloc(ks, op->o_tmpmemctx);
kp = key + sprintf(key, "(|");
for(m = op->orm_modlist; m; m = m->sml_next) {
if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
kp = build_filter(ud, m->sml_desc, m->sml_values, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
Debug(LDAP_DEBUG_TRACE, "=> unique_modify %s\n", key, 0, 0);
return unique_search(op, &nop, rs, key);
}
static int unique_modrdn(
Operation *op,
SlapReply *rs
)
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
unique_data *ud = on->on_bi.bi_private;
Operation nop = *op;
char *key, *kp;
int i, ks = 0;
LDAPRDN newrdn;
struct berval bv[2];
Debug(LDAP_DEBUG_TRACE, "==> unique_modrdn <%s> <%s>\n",
op->o_req_dn.bv_val, op->orr_newrdn.bv_val, 0);
if ( !dnIsSuffix( &op->o_req_ndn, &ud->dn ) &&
(!op->orr_nnewSup || !dnIsSuffix( op->orr_nnewSup, &ud->dn )))
return SLAP_CB_CONTINUE;
if(ldap_bv2rdn_x(&op->oq_modrdn.rs_newrdn, &newrdn,
(char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx )) {
op->o_bd->bd_info = (BackendInfo *) on->on_info;
send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
"unknown type(s) used in RDN");
return(rs->sr_err);
}
for(i = 0; newrdn[i]; i++) {
AttributeDescription *ad = NULL;
if ( slap_bv2ad( &newrdn[i]->la_attr, &ad, &rs->sr_text )) {
ldap_rdnfree_x( newrdn, op->o_tmpmemctx );
rs->sr_err = LDAP_INVALID_SYNTAX;
send_ldap_result( op, rs );
return(rs->sr_err);
}
newrdn[i]->la_private = ad;
}
bv[1].bv_val = NULL;
bv[1].bv_len = 0;
for(i = 0; newrdn[i]; i++) {
bv[0] = newrdn[i]->la_value;
ks = count_filter_len(ud, newrdn[i]->la_private, bv, ks);
}
if ( !ks )
return SLAP_CB_CONTINUE;
ks += ALLOC_EXTRA;
key = op->o_tmpalloc(ks, op->o_tmpmemctx);
kp = key + sprintf(key, "(|");
for(i = 0; newrdn[i]; i++) {
bv[0] = newrdn[i]->la_value;
kp = build_filter(ud, newrdn[i]->la_private, bv, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
Debug(LDAP_DEBUG_TRACE, "=> unique_modrdn %s\n", key, 0, 0);
return unique_search(op, &nop, rs, key);
}
/*
** init_module is last so the symbols resolve "for free" --
** it expects to be called automagically during dynamic module initialization
*/
int unique_initialize() {
int rc;
/* statically declared just after the #includes at top */
unique.on_bi.bi_type = "unique";
unique.on_bi.bi_db_init = unique_db_init;
unique.on_bi.bi_db_destroy = unique_db_destroy;
unique.on_bi.bi_db_open = unique_open;
unique.on_bi.bi_db_close = unique_close;
unique.on_bi.bi_op_add = unique_add;
unique.on_bi.bi_op_modify = unique_modify;
unique.on_bi.bi_op_modrdn = unique_modrdn;
unique.on_bi.bi_op_delete = NULL;
unique.on_bi.bi_cf_ocs = uniqueocs;
rc = config_register_schema( uniquecfg, uniqueocs );
if ( rc ) return rc;
return(overlay_register(&unique));
}
#if SLAPD_OVER_UNIQUE == SLAPD_MOD_DYNAMIC && defined(PIC)
int init_module(int argc, char *argv[]) {
return unique_initialize();
}
#endif
#endif /* SLAPD_OVER_UNIQUE */
Reference in New Issue View Git Blame Copy Permalink