unique.c revision 1.1.1.4.24.1
1 1.1.1.4.24.1 tls /* $NetBSD: unique.c,v 1.1.1.4.24.1 2014/08/10 07:09:51 tls Exp $ */ 2 1.1.1.3 lukem 3 1.1 lukem /* unique.c - attribute uniqueness module */ 4 1.1.1.4.24.1 tls /* $OpenLDAP$ */ 5 1.1 lukem /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 6 1.1 lukem * 7 1.1.1.4.24.1 tls * Copyright 2004-2014 The OpenLDAP Foundation. 8 1.1 lukem * Portions Copyright 2004,2006-2007 Symas Corporation. 9 1.1 lukem * All rights reserved. 10 1.1 lukem * 11 1.1 lukem * Redistribution and use in source and binary forms, with or without 12 1.1 lukem * modification, are permitted only as authorized by the OpenLDAP 13 1.1 lukem * Public License. 14 1.1 lukem * 15 1.1 lukem * A copy of this license is available in the file LICENSE in the 16 1.1 lukem * top-level directory of the distribution or, alternatively, at 17 1.1 lukem * <http://www.OpenLDAP.org/license.html>. 18 1.1 lukem */ 19 1.1 lukem /* ACKNOWLEDGEMENTS: 20 1.1 lukem * This work was initially developed by Symas Corporation for 21 1.1 lukem * inclusion in OpenLDAP Software, with subsequent enhancements by 22 1.1.1.4.24.1 tls * Emily Backes at Symas Corporation. This work was sponsored by 23 1.1 lukem * Hewlett-Packard. 24 1.1 lukem */ 25 1.1 lukem 26 1.1 lukem #include "portable.h" 27 1.1 lukem 28 1.1 lukem #ifdef SLAPD_OVER_UNIQUE 29 1.1 lukem 30 1.1 lukem #include <stdio.h> 31 1.1 lukem 32 1.1 lukem #include <ac/string.h> 33 1.1 lukem #include <ac/socket.h> 34 1.1 lukem 35 1.1 lukem #include "slap.h" 36 1.1 lukem #include "config.h" 37 1.1 lukem 38 1.1 lukem #define UNIQUE_DEFAULT_URI ("ldap:///??sub") 39 1.1 lukem 40 1.1 lukem static slap_overinst unique; 41 1.1 lukem 42 1.1 lukem typedef struct unique_attrs_s { 43 1.1 lukem struct unique_attrs_s *next; /* list of attrs */ 44 1.1 lukem AttributeDescription *attr; 45 1.1 lukem } unique_attrs; 46 1.1 lukem 47 1.1 lukem typedef struct unique_domain_uri_s { 48 1.1 lukem struct unique_domain_uri_s *next; 49 1.1.1.2 lukem struct berval dn; 50 1.1.1.2 lukem struct berval ndn; 51 1.1.1.2 lukem struct berval filter; 52 1.1.1.3 lukem Filter *f; 53 1.1 lukem struct unique_attrs_s *attrs; 54 1.1 lukem int scope; 55 1.1 lukem } unique_domain_uri; 56 1.1 lukem 57 1.1 lukem typedef struct unique_domain_s { 58 1.1 lukem struct unique_domain_s *next; 59 1.1.1.2 lukem struct berval domain_spec; 60 1.1 lukem struct unique_domain_uri_s *uri; 61 1.1 lukem char ignore; /* polarity of attributes */ 62 1.1 lukem char strict; /* null considered unique too */ 63 1.1 lukem } unique_domain; 64 1.1 lukem 65 1.1 lukem typedef struct unique_data_s { 66 1.1 lukem struct unique_domain_s *domains; 67 1.1 lukem struct unique_domain_s *legacy; 68 1.1 lukem char legacy_strict_set; 69 1.1 lukem } unique_data; 70 1.1 lukem 71 1.1 lukem typedef struct unique_counter_s { 72 1.1 lukem struct berval *ndn; 73 1.1 lukem int count; 74 1.1 lukem } unique_counter; 75 1.1 lukem 76 1.1 lukem enum { 77 1.1 lukem UNIQUE_BASE = 1, 78 1.1 lukem UNIQUE_IGNORE, 79 1.1 lukem UNIQUE_ATTR, 80 1.1 lukem UNIQUE_STRICT, 81 1.1 lukem UNIQUE_URI 82 1.1 lukem }; 83 1.1 lukem 84 1.1 lukem static ConfigDriver unique_cf_base; 85 1.1 lukem static ConfigDriver unique_cf_attrs; 86 1.1 lukem static ConfigDriver unique_cf_strict; 87 1.1 lukem static ConfigDriver unique_cf_uri; 88 1.1 lukem 89 1.1 lukem static ConfigTable uniquecfg[] = { 90 1.1 lukem { "unique_base", "basedn", 2, 2, 0, ARG_DN|ARG_MAGIC|UNIQUE_BASE, 91 1.1 lukem unique_cf_base, "( OLcfgOvAt:10.1 NAME 'olcUniqueBase' " 92 1.1 lukem "DESC 'Subtree for uniqueness searches' " 93 1.1 lukem "EQUALITY distinguishedNameMatch " 94 1.1 lukem "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL }, 95 1.1 lukem { "unique_ignore", "attribute...", 2, 0, 0, ARG_MAGIC|UNIQUE_IGNORE, 96 1.1 lukem unique_cf_attrs, "( OLcfgOvAt:10.2 NAME 'olcUniqueIgnore' " 97 1.1 lukem "DESC 'Attributes for which uniqueness shall not be enforced' " 98 1.1 lukem "EQUALITY caseIgnoreMatch " 99 1.1 lukem "ORDERING caseIgnoreOrderingMatch " 100 1.1 lukem "SUBSTR caseIgnoreSubstringsMatch " 101 1.1 lukem "SYNTAX OMsDirectoryString )", NULL, NULL }, 102 1.1 lukem { "unique_attributes", "attribute...", 2, 0, 0, ARG_MAGIC|UNIQUE_ATTR, 103 1.1 lukem unique_cf_attrs, "( OLcfgOvAt:10.3 NAME 'olcUniqueAttribute' " 104 1.1 lukem "DESC 'Attributes for which uniqueness shall be enforced' " 105 1.1 lukem "EQUALITY caseIgnoreMatch " 106 1.1 lukem "ORDERING caseIgnoreOrderingMatch " 107 1.1 lukem "SUBSTR caseIgnoreSubstringsMatch " 108 1.1 lukem "SYNTAX OMsDirectoryString )", NULL, NULL }, 109 1.1 lukem { "unique_strict", "on|off", 1, 2, 0, ARG_MAGIC|UNIQUE_STRICT, 110 1.1 lukem unique_cf_strict, "( OLcfgOvAt:10.4 NAME 'olcUniqueStrict' " 111 1.1 lukem "DESC 'Enforce uniqueness of null values' " 112 1.1 lukem "EQUALITY booleanMatch " 113 1.1 lukem "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL }, 114 1.1 lukem { "unique_uri", "ldapuri", 2, 3, 0, ARG_MAGIC|UNIQUE_URI, 115 1.1 lukem unique_cf_uri, "( OLcfgOvAt:10.5 NAME 'olcUniqueURI' " 116 1.1 lukem "DESC 'List of keywords and LDAP URIs for a uniqueness domain' " 117 1.1 lukem "EQUALITY caseExactMatch " 118 1.1 lukem "ORDERING caseExactOrderingMatch " 119 1.1 lukem "SUBSTR caseExactSubstringsMatch " 120 1.1 lukem "SYNTAX OMsDirectoryString )", NULL, NULL }, 121 1.1 lukem { NULL, NULL, 0, 0, 0, ARG_IGNORED } 122 1.1 lukem }; 123 1.1 lukem 124 1.1 lukem static ConfigOCs uniqueocs[] = { 125 1.1 lukem { "( OLcfgOvOc:10.1 " 126 1.1 lukem "NAME 'olcUniqueConfig' " 127 1.1 lukem "DESC 'Attribute value uniqueness configuration' " 128 1.1 lukem "SUP olcOverlayConfig " 129 1.1 lukem "MAY ( olcUniqueBase $ olcUniqueIgnore $ " 130 1.1 lukem "olcUniqueAttribute $ olcUniqueStrict $ " 131 1.1 lukem "olcUniqueURI ) )", 132 1.1 lukem Cft_Overlay, uniquecfg }, 133 1.1 lukem { NULL, 0, NULL } 134 1.1 lukem }; 135 1.1 lukem 136 1.1 lukem static void 137 1.1 lukem unique_free_domain_uri ( unique_domain_uri *uri ) 138 1.1 lukem { 139 1.1 lukem unique_domain_uri *next_uri = NULL; 140 1.1 lukem unique_attrs *attr, *next_attr = NULL; 141 1.1 lukem 142 1.1 lukem while ( uri ) { 143 1.1 lukem next_uri = uri->next; 144 1.1.1.2 lukem ch_free ( uri->dn.bv_val ); 145 1.1.1.2 lukem ch_free ( uri->ndn.bv_val ); 146 1.1.1.2 lukem ch_free ( uri->filter.bv_val ); 147 1.1.1.3 lukem filter_free( uri->f ); 148 1.1 lukem attr = uri->attrs; 149 1.1 lukem while ( attr ) { 150 1.1 lukem next_attr = attr->next; 151 1.1 lukem ch_free (attr); 152 1.1 lukem attr = next_attr; 153 1.1 lukem } 154 1.1 lukem ch_free ( uri ); 155 1.1 lukem uri = next_uri; 156 1.1 lukem } 157 1.1 lukem } 158 1.1 lukem 159 1.1 lukem /* free an entire stack of domains */ 160 1.1 lukem static void 161 1.1 lukem unique_free_domain ( unique_domain *domain ) 162 1.1 lukem { 163 1.1 lukem unique_domain *next_domain = NULL; 164 1.1 lukem 165 1.1 lukem while ( domain ) { 166 1.1 lukem next_domain = domain->next; 167 1.1.1.2 lukem ch_free ( domain->domain_spec.bv_val ); 168 1.1 lukem unique_free_domain_uri ( domain->uri ); 169 1.1 lukem ch_free ( domain ); 170 1.1 lukem domain = next_domain; 171 1.1 lukem } 172 1.1 lukem } 173 1.1 lukem 174 1.1 lukem static int 175 1.1 lukem unique_new_domain_uri ( unique_domain_uri **urip, 176 1.1 lukem const LDAPURLDesc *url_desc, 177 1.1 lukem ConfigArgs *c ) 178 1.1 lukem { 179 1.1 lukem int i, rc = LDAP_SUCCESS; 180 1.1 lukem unique_domain_uri *uri; 181 1.1 lukem struct berval bv = {0, NULL}; 182 1.1 lukem BackendDB *be = (BackendDB *)c->be; 183 1.1 lukem char ** attr_str; 184 1.1 lukem AttributeDescription * ad; 185 1.1 lukem const char * text; 186 1.1 lukem 187 1.1 lukem uri = ch_calloc ( 1, sizeof ( unique_domain_uri ) ); 188 1.1 lukem 189 1.1.1.4.24.1 tls if ( url_desc->lud_host && url_desc->lud_host[0] ) { 190 1.1.1.4.24.1 tls snprintf( c->cr_msg, sizeof( c->cr_msg ), 191 1.1.1.4.24.1 tls "host <%s> not allowed in URI", 192 1.1.1.4.24.1 tls url_desc->lud_host ); 193 1.1.1.4.24.1 tls rc = ARG_BAD_CONF; 194 1.1.1.4.24.1 tls goto exit; 195 1.1.1.4.24.1 tls } 196 1.1.1.4.24.1 tls 197 1.1 lukem if ( url_desc->lud_dn && url_desc->lud_dn[0] ) { 198 1.1.1.2 lukem ber_str2bv( url_desc->lud_dn, 0, 0, &bv ); 199 1.1 lukem rc = dnPrettyNormal( NULL, 200 1.1 lukem &bv, 201 1.1.1.2 lukem &uri->dn, 202 1.1.1.2 lukem &uri->ndn, 203 1.1 lukem NULL ); 204 1.1 lukem if ( rc != LDAP_SUCCESS ) { 205 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 206 1.1 lukem "<%s> invalid DN %d (%s)", 207 1.1 lukem url_desc->lud_dn, rc, ldap_err2string( rc )); 208 1.1 lukem rc = ARG_BAD_CONF; 209 1.1 lukem goto exit; 210 1.1 lukem } 211 1.1 lukem 212 1.1.1.3 lukem if ( be->be_nsuffix == NULL ) { 213 1.1.1.3 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 214 1.1.1.3 lukem "suffix must be set" ); 215 1.1.1.3 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 216 1.1.1.3 lukem c->cr_msg, NULL, NULL ); 217 1.1.1.3 lukem rc = ARG_BAD_CONF; 218 1.1.1.3 lukem goto exit; 219 1.1.1.3 lukem } 220 1.1.1.3 lukem 221 1.1.1.2 lukem if ( !dnIsSuffix ( &uri->ndn, &be->be_nsuffix[0] ) ) { 222 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 223 1.1 lukem "dn <%s> is not a suffix of backend base dn <%s>", 224 1.1.1.2 lukem uri->dn.bv_val, 225 1.1 lukem be->be_nsuffix[0].bv_val ); 226 1.1 lukem rc = ARG_BAD_CONF; 227 1.1 lukem goto exit; 228 1.1 lukem } 229 1.1.1.3 lukem 230 1.1.1.3 lukem if ( BER_BVISNULL( &be->be_rootndn ) || BER_BVISEMPTY( &be->be_rootndn ) ) { 231 1.1.1.3 lukem Debug( LDAP_DEBUG_ANY, 232 1.1.1.3 lukem "slapo-unique needs a rootdn; " 233 1.1.1.3 lukem "backend <%s> has none, YMMV.\n", 234 1.1.1.3 lukem be->be_nsuffix[0].bv_val, 0, 0 ); 235 1.1.1.3 lukem } 236 1.1 lukem } 237 1.1 lukem 238 1.1 lukem attr_str = url_desc->lud_attrs; 239 1.1 lukem if ( attr_str ) { 240 1.1 lukem for ( i=0; attr_str[i]; ++i ) { 241 1.1 lukem unique_attrs * attr; 242 1.1 lukem ad = NULL; 243 1.1 lukem if ( slap_str2ad ( attr_str[i], &ad, &text ) 244 1.1 lukem == LDAP_SUCCESS) { 245 1.1 lukem attr = ch_calloc ( 1, 246 1.1 lukem sizeof ( unique_attrs ) ); 247 1.1 lukem attr->attr = ad; 248 1.1 lukem attr->next = uri->attrs; 249 1.1 lukem uri->attrs = attr; 250 1.1 lukem } else { 251 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 252 1.1 lukem "unique: attribute: %s: %s", 253 1.1 lukem attr_str[i], text ); 254 1.1 lukem rc = ARG_BAD_CONF; 255 1.1 lukem goto exit; 256 1.1 lukem } 257 1.1 lukem } 258 1.1 lukem } 259 1.1 lukem 260 1.1 lukem uri->scope = url_desc->lud_scope; 261 1.1 lukem if ( !uri->scope ) { 262 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 263 1.1 lukem "unique: uri with base scope will always be unique"); 264 1.1 lukem rc = ARG_BAD_CONF; 265 1.1 lukem goto exit; 266 1.1 lukem } 267 1.1 lukem 268 1.1 lukem if (url_desc->lud_filter) { 269 1.1.1.3 lukem char *ptr; 270 1.1.1.3 lukem uri->f = str2filter( url_desc->lud_filter ); 271 1.1.1.3 lukem if ( !uri->f ) { 272 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 273 1.1 lukem "unique: bad filter"); 274 1.1 lukem rc = ARG_BAD_CONF; 275 1.1 lukem goto exit; 276 1.1 lukem } 277 1.1.1.2 lukem /* make sure the strfilter is in normal form (ITS#5581) */ 278 1.1.1.3 lukem filter2bv( uri->f, &uri->filter ); 279 1.1.1.3 lukem ptr = strstr( uri->filter.bv_val, "(?=" /*)*/ ); 280 1.1.1.3 lukem if ( ptr != NULL && ptr <= ( uri->filter.bv_val - STRLENOF( "(?=" /*)*/ ) + uri->filter.bv_len ) ) 281 1.1.1.3 lukem { 282 1.1.1.3 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 283 1.1.1.3 lukem "unique: bad filter"); 284 1.1.1.3 lukem rc = ARG_BAD_CONF; 285 1.1.1.3 lukem goto exit; 286 1.1.1.3 lukem } 287 1.1 lukem } 288 1.1 lukem exit: 289 1.1 lukem uri->next = *urip; 290 1.1 lukem *urip = uri; 291 1.1 lukem if ( rc ) { 292 1.1 lukem Debug ( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 293 1.1 lukem "%s: %s\n", c->log, c->cr_msg, 0 ); 294 1.1 lukem unique_free_domain_uri ( uri ); 295 1.1 lukem *urip = NULL; 296 1.1 lukem } 297 1.1 lukem return rc; 298 1.1 lukem } 299 1.1 lukem 300 1.1 lukem static int 301 1.1 lukem unique_new_domain_uri_basic ( unique_domain_uri **urip, 302 1.1 lukem ConfigArgs *c ) 303 1.1 lukem { 304 1.1 lukem LDAPURLDesc *url_desc = NULL; 305 1.1 lukem int rc; 306 1.1 lukem 307 1.1 lukem rc = ldap_url_parse ( UNIQUE_DEFAULT_URI, &url_desc ); 308 1.1 lukem if ( rc ) return rc; 309 1.1 lukem rc = unique_new_domain_uri ( urip, url_desc, c ); 310 1.1 lukem ldap_free_urldesc ( url_desc ); 311 1.1 lukem return rc; 312 1.1 lukem } 313 1.1 lukem 314 1.1 lukem /* if *domain is non-null, it's pushed down the stack. 315 1.1 lukem * note that the entire stack is freed if there is an error, 316 1.1 lukem * so build added domains in a separate stack before adding them 317 1.1 lukem * 318 1.1 lukem * domain_specs look like 319 1.1 lukem * 320 1.1 lukem * [strict ][ignore ]uri[[ uri]...] 321 1.1 lukem * e.g. "ldap:///ou=foo,o=bar?uid?sub ldap:///ou=baz,o=bar?uid?sub" 322 1.1 lukem * "strict ldap:///ou=accounts,o=bar?uid,uidNumber?one" 323 1.1 lukem * etc 324 1.1 lukem * 325 1.1 lukem * so finally strictness is per-domain 326 1.1 lukem * but so is ignore-state, and that would be better as a per-url thing 327 1.1 lukem */ 328 1.1 lukem static int 329 1.1 lukem unique_new_domain ( unique_domain **domainp, 330 1.1 lukem char *domain_spec, 331 1.1 lukem ConfigArgs *c ) 332 1.1 lukem { 333 1.1 lukem char *uri_start; 334 1.1 lukem int rc = LDAP_SUCCESS; 335 1.1 lukem int uri_err = 0; 336 1.1 lukem unique_domain * domain; 337 1.1 lukem LDAPURLDesc *url_desc, *url_descs = NULL; 338 1.1 lukem 339 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_new_domain <%s>\n", 340 1.1 lukem domain_spec, 0, 0); 341 1.1 lukem 342 1.1 lukem domain = ch_calloc ( 1, sizeof (unique_domain) ); 343 1.1.1.2 lukem ber_str2bv( domain_spec, 0, 1, &domain->domain_spec ); 344 1.1 lukem 345 1.1 lukem uri_start = domain_spec; 346 1.1 lukem if ( strncasecmp ( uri_start, "ignore ", 347 1.1 lukem STRLENOF( "ignore " ) ) == 0 ) { 348 1.1 lukem domain->ignore = 1; 349 1.1 lukem uri_start += STRLENOF( "ignore " ); 350 1.1 lukem } 351 1.1 lukem if ( strncasecmp ( uri_start, "strict ", 352 1.1 lukem STRLENOF( "strict " ) ) == 0 ) { 353 1.1 lukem domain->strict = 1; 354 1.1 lukem uri_start += STRLENOF( "strict " ); 355 1.1 lukem if ( !domain->ignore 356 1.1 lukem && strncasecmp ( uri_start, "ignore ", 357 1.1 lukem STRLENOF( "ignore " ) ) == 0 ) { 358 1.1 lukem domain->ignore = 1; 359 1.1 lukem uri_start += STRLENOF( "ignore " ); 360 1.1 lukem } 361 1.1 lukem } 362 1.1 lukem rc = ldap_url_parselist_ext ( &url_descs, uri_start, " ", 0 ); 363 1.1 lukem if ( rc ) { 364 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 365 1.1 lukem "<%s> invalid ldap urilist", 366 1.1 lukem uri_start ); 367 1.1 lukem rc = ARG_BAD_CONF; 368 1.1 lukem goto exit; 369 1.1 lukem } 370 1.1 lukem 371 1.1 lukem for ( url_desc = url_descs; 372 1.1 lukem url_desc; 373 1.1 lukem url_desc = url_descs->lud_next ) { 374 1.1 lukem rc = unique_new_domain_uri ( &domain->uri, 375 1.1 lukem url_desc, 376 1.1 lukem c ); 377 1.1 lukem if ( rc ) { 378 1.1 lukem rc = ARG_BAD_CONF; 379 1.1 lukem uri_err = 1; 380 1.1 lukem goto exit; 381 1.1 lukem } 382 1.1 lukem } 383 1.1 lukem 384 1.1 lukem exit: 385 1.1 lukem if ( url_descs ) ldap_free_urldesc ( url_descs ); 386 1.1 lukem domain->next = *domainp; 387 1.1 lukem *domainp = domain; 388 1.1 lukem if ( rc ) { 389 1.1 lukem Debug ( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 390 1.1 lukem "%s: %s\n", c->log, c->cr_msg, 0 ); 391 1.1 lukem unique_free_domain ( domain ); 392 1.1 lukem *domainp = NULL; 393 1.1 lukem } 394 1.1 lukem return rc; 395 1.1 lukem } 396 1.1 lukem 397 1.1 lukem static int 398 1.1 lukem unique_cf_base( ConfigArgs *c ) 399 1.1 lukem { 400 1.1 lukem BackendDB *be = (BackendDB *)c->be; 401 1.1 lukem slap_overinst *on = (slap_overinst *)c->bi; 402 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 403 1.1 lukem unique_domain *domains = private->domains; 404 1.1 lukem unique_domain *legacy = private->legacy; 405 1.1 lukem int rc = ARG_BAD_CONF; 406 1.1 lukem 407 1.1 lukem switch ( c->op ) { 408 1.1 lukem case SLAP_CONFIG_EMIT: 409 1.1 lukem rc = 0; 410 1.1.1.2 lukem if ( legacy && legacy->uri && legacy->uri->dn.bv_val ) { 411 1.1 lukem rc = value_add_one ( &c->rvalue_vals, 412 1.1.1.2 lukem &legacy->uri->dn ); 413 1.1 lukem if ( rc ) return rc; 414 1.1 lukem rc = value_add_one ( &c->rvalue_nvals, 415 1.1.1.2 lukem &legacy->uri->ndn ); 416 1.1 lukem if ( rc ) return rc; 417 1.1 lukem } 418 1.1 lukem break; 419 1.1 lukem case LDAP_MOD_DELETE: 420 1.1.1.2 lukem assert ( legacy && legacy->uri && legacy->uri->dn.bv_val ); 421 1.1 lukem rc = 0; 422 1.1.1.2 lukem ch_free ( legacy->uri->dn.bv_val ); 423 1.1.1.2 lukem ch_free ( legacy->uri->ndn.bv_val ); 424 1.1.1.2 lukem BER_BVZERO( &legacy->uri->dn ); 425 1.1.1.2 lukem BER_BVZERO( &legacy->uri->ndn ); 426 1.1.1.2 lukem if ( !legacy->uri->attrs ) { 427 1.1 lukem unique_free_domain_uri ( legacy->uri ); 428 1.1 lukem legacy->uri = NULL; 429 1.1 lukem } 430 1.1 lukem if ( !legacy->uri && !private->legacy_strict_set ) { 431 1.1 lukem unique_free_domain ( legacy ); 432 1.1 lukem private->legacy = legacy = NULL; 433 1.1 lukem } 434 1.1 lukem break; 435 1.1 lukem case LDAP_MOD_ADD: 436 1.1 lukem case SLAP_CONFIG_ADD: 437 1.1 lukem if ( domains ) { 438 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 439 1.1 lukem "cannot set legacy attrs when URIs are present" ); 440 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 441 1.1 lukem c->cr_msg, NULL, NULL ); 442 1.1 lukem rc = ARG_BAD_CONF; 443 1.1 lukem break; 444 1.1 lukem } 445 1.1.1.3 lukem if ( be->be_nsuffix == NULL ) { 446 1.1.1.3 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 447 1.1.1.3 lukem "suffix must be set" ); 448 1.1.1.3 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 449 1.1.1.3 lukem c->cr_msg, NULL, NULL ); 450 1.1.1.3 lukem rc = ARG_BAD_CONF; 451 1.1.1.3 lukem break; 452 1.1.1.3 lukem } 453 1.1 lukem if ( !dnIsSuffix ( &c->value_ndn, 454 1.1 lukem &be->be_nsuffix[0] ) ) { 455 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 456 1.1 lukem "dn is not a suffix of backend base" ); 457 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 458 1.1 lukem c->cr_msg, NULL, NULL ); 459 1.1 lukem rc = ARG_BAD_CONF; 460 1.1 lukem break; 461 1.1 lukem } 462 1.1 lukem if ( !legacy ) { 463 1.1 lukem unique_new_domain ( &private->legacy, 464 1.1 lukem UNIQUE_DEFAULT_URI, 465 1.1 lukem c ); 466 1.1 lukem legacy = private->legacy; 467 1.1 lukem } 468 1.1 lukem if ( !legacy->uri ) 469 1.1 lukem unique_new_domain_uri_basic ( &legacy->uri, c ); 470 1.1.1.2 lukem ch_free ( legacy->uri->dn.bv_val ); 471 1.1.1.2 lukem ch_free ( legacy->uri->ndn.bv_val ); 472 1.1.1.2 lukem legacy->uri->dn = c->value_dn; 473 1.1.1.2 lukem legacy->uri->ndn = c->value_ndn; 474 1.1 lukem rc = 0; 475 1.1 lukem break; 476 1.1 lukem default: 477 1.1 lukem abort(); 478 1.1 lukem } 479 1.1 lukem 480 1.1.1.3 lukem if ( rc ) { 481 1.1.1.3 lukem ch_free( c->value_dn.bv_val ); 482 1.1.1.3 lukem BER_BVZERO( &c->value_dn ); 483 1.1.1.3 lukem ch_free( c->value_ndn.bv_val ); 484 1.1.1.3 lukem BER_BVZERO( &c->value_ndn ); 485 1.1.1.3 lukem } 486 1.1.1.3 lukem 487 1.1 lukem return rc; 488 1.1 lukem } 489 1.1 lukem 490 1.1 lukem static int 491 1.1 lukem unique_cf_attrs( ConfigArgs *c ) 492 1.1 lukem { 493 1.1 lukem slap_overinst *on = (slap_overinst *)c->bi; 494 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 495 1.1 lukem unique_domain *domains = private->domains; 496 1.1 lukem unique_domain *legacy = private->legacy; 497 1.1 lukem unique_attrs *new_attrs = NULL; 498 1.1 lukem unique_attrs *attr, *next_attr, *reverse_attrs; 499 1.1 lukem unique_attrs **attrp; 500 1.1 lukem int rc = ARG_BAD_CONF; 501 1.1 lukem int i; 502 1.1 lukem 503 1.1 lukem switch ( c->op ) { 504 1.1 lukem case SLAP_CONFIG_EMIT: 505 1.1 lukem if ( legacy 506 1.1 lukem && (c->type == UNIQUE_IGNORE) == legacy->ignore 507 1.1 lukem && legacy->uri ) 508 1.1 lukem for ( attr = legacy->uri->attrs; 509 1.1 lukem attr; 510 1.1 lukem attr = attr->next ) 511 1.1 lukem value_add_one( &c->rvalue_vals, 512 1.1 lukem &attr->attr->ad_cname ); 513 1.1 lukem rc = 0; 514 1.1 lukem break; 515 1.1 lukem case LDAP_MOD_DELETE: 516 1.1 lukem if ( legacy 517 1.1 lukem && (c->type == UNIQUE_IGNORE) == legacy->ignore 518 1.1 lukem && legacy->uri 519 1.1 lukem && legacy->uri->attrs) { 520 1.1 lukem if ( c->valx < 0 ) { /* delete all */ 521 1.1 lukem for ( attr = legacy->uri->attrs; 522 1.1 lukem attr; 523 1.1 lukem attr = next_attr ) { 524 1.1 lukem next_attr = attr->next; 525 1.1 lukem ch_free ( attr ); 526 1.1 lukem } 527 1.1 lukem legacy->uri->attrs = NULL; 528 1.1 lukem } else { /* delete by index */ 529 1.1 lukem attrp = &legacy->uri->attrs; 530 1.1 lukem for ( i=0; i < c->valx; ++i ) 531 1.1 lukem attrp = &(*attrp)->next; 532 1.1 lukem attr = *attrp; 533 1.1 lukem *attrp = attr->next; 534 1.1 lukem ch_free (attr); 535 1.1 lukem } 536 1.1 lukem if ( !legacy->uri->attrs 537 1.1.1.2 lukem && !legacy->uri->dn.bv_val ) { 538 1.1 lukem unique_free_domain_uri ( legacy->uri ); 539 1.1 lukem legacy->uri = NULL; 540 1.1 lukem } 541 1.1 lukem if ( !legacy->uri && !private->legacy_strict_set ) { 542 1.1 lukem unique_free_domain ( legacy ); 543 1.1 lukem private->legacy = legacy = NULL; 544 1.1 lukem } 545 1.1 lukem } 546 1.1 lukem rc = 0; 547 1.1 lukem break; 548 1.1 lukem case LDAP_MOD_ADD: 549 1.1 lukem case SLAP_CONFIG_ADD: 550 1.1 lukem if ( domains ) { 551 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 552 1.1 lukem "cannot set legacy attrs when URIs are present" ); 553 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 554 1.1 lukem c->cr_msg, NULL, NULL ); 555 1.1 lukem rc = ARG_BAD_CONF; 556 1.1 lukem break; 557 1.1 lukem } 558 1.1 lukem if ( legacy 559 1.1 lukem && legacy->uri 560 1.1 lukem && legacy->uri->attrs 561 1.1 lukem && (c->type == UNIQUE_IGNORE) != legacy->ignore ) { 562 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 563 1.1 lukem "cannot set both attrs and ignore-attrs" ); 564 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 565 1.1 lukem c->cr_msg, NULL, NULL ); 566 1.1 lukem rc = ARG_BAD_CONF; 567 1.1 lukem break; 568 1.1 lukem } 569 1.1 lukem if ( !legacy ) { 570 1.1 lukem unique_new_domain ( &private->legacy, 571 1.1 lukem UNIQUE_DEFAULT_URI, 572 1.1 lukem c ); 573 1.1 lukem legacy = private->legacy; 574 1.1 lukem } 575 1.1 lukem if ( !legacy->uri ) 576 1.1 lukem unique_new_domain_uri_basic ( &legacy->uri, c ); 577 1.1 lukem rc = 0; 578 1.1 lukem for ( i=1; c->argv[i]; ++i ) { 579 1.1 lukem AttributeDescription * ad = NULL; 580 1.1 lukem const char * text; 581 1.1 lukem if ( slap_str2ad ( c->argv[i], &ad, &text ) 582 1.1 lukem == LDAP_SUCCESS) { 583 1.1 lukem 584 1.1 lukem attr = ch_calloc ( 1, 585 1.1 lukem sizeof ( unique_attrs ) ); 586 1.1 lukem attr->attr = ad; 587 1.1 lukem attr->next = new_attrs; 588 1.1 lukem new_attrs = attr; 589 1.1 lukem } else { 590 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 591 1.1 lukem "unique: attribute: %s: %s", 592 1.1 lukem c->argv[i], text ); 593 1.1 lukem for ( attr = new_attrs; 594 1.1 lukem attr; 595 1.1 lukem attr=next_attr ) { 596 1.1 lukem next_attr = attr->next; 597 1.1 lukem ch_free ( attr ); 598 1.1 lukem } 599 1.1 lukem rc = ARG_BAD_CONF; 600 1.1 lukem break; 601 1.1 lukem } 602 1.1 lukem } 603 1.1 lukem if ( rc ) break; 604 1.1 lukem 605 1.1 lukem /* (nconc legacy->uri->attrs (nreverse new_attrs)) */ 606 1.1 lukem reverse_attrs = NULL; 607 1.1 lukem for ( attr = new_attrs; 608 1.1 lukem attr; 609 1.1 lukem attr = next_attr ) { 610 1.1 lukem next_attr = attr->next; 611 1.1 lukem attr->next = reverse_attrs; 612 1.1 lukem reverse_attrs = attr; 613 1.1 lukem } 614 1.1 lukem for ( attrp = &legacy->uri->attrs; 615 1.1 lukem *attrp; 616 1.1 lukem attrp = &(*attrp)->next ) ; 617 1.1 lukem *attrp = reverse_attrs; 618 1.1 lukem 619 1.1 lukem legacy->ignore = ( c->type == UNIQUE_IGNORE ); 620 1.1 lukem break; 621 1.1 lukem default: 622 1.1 lukem abort(); 623 1.1 lukem } 624 1.1 lukem 625 1.1 lukem if ( rc ) { 626 1.1 lukem Debug ( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 627 1.1 lukem "%s: %s\n", c->log, c->cr_msg, 0 ); 628 1.1 lukem } 629 1.1 lukem return rc; 630 1.1 lukem } 631 1.1 lukem 632 1.1 lukem static int 633 1.1 lukem unique_cf_strict( ConfigArgs *c ) 634 1.1 lukem { 635 1.1 lukem slap_overinst *on = (slap_overinst *)c->bi; 636 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 637 1.1 lukem unique_domain *domains = private->domains; 638 1.1 lukem unique_domain *legacy = private->legacy; 639 1.1 lukem int rc = ARG_BAD_CONF; 640 1.1 lukem 641 1.1 lukem switch ( c->op ) { 642 1.1 lukem case SLAP_CONFIG_EMIT: 643 1.1 lukem /* We process the boolean manually instead of using 644 1.1 lukem * ARG_ON_OFF so that we can three-state it; 645 1.1 lukem * olcUniqueStrict is either TRUE, FALSE, or missing, 646 1.1 lukem * and missing is necessary to add olcUniqueURIs... 647 1.1 lukem */ 648 1.1 lukem if ( private->legacy_strict_set ) { 649 1.1 lukem struct berval bv; 650 1.1 lukem bv.bv_val = legacy->strict ? "TRUE" : "FALSE"; 651 1.1 lukem bv.bv_len = legacy->strict ? 652 1.1 lukem STRLENOF("TRUE") : 653 1.1 lukem STRLENOF("FALSE"); 654 1.1 lukem value_add_one ( &c->rvalue_vals, &bv ); 655 1.1 lukem } 656 1.1 lukem rc = 0; 657 1.1 lukem break; 658 1.1 lukem case LDAP_MOD_DELETE: 659 1.1 lukem if ( legacy ) { 660 1.1 lukem legacy->strict = 0; 661 1.1 lukem if ( ! legacy->uri ) { 662 1.1 lukem unique_free_domain ( legacy ); 663 1.1 lukem private->legacy = NULL; 664 1.1 lukem } 665 1.1 lukem } 666 1.1 lukem private->legacy_strict_set = 0; 667 1.1 lukem rc = 0; 668 1.1 lukem break; 669 1.1 lukem case LDAP_MOD_ADD: 670 1.1 lukem case SLAP_CONFIG_ADD: 671 1.1 lukem if ( domains ) { 672 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 673 1.1 lukem "cannot set legacy attrs when URIs are present" ); 674 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 675 1.1 lukem c->cr_msg, NULL, NULL ); 676 1.1 lukem rc = ARG_BAD_CONF; 677 1.1 lukem break; 678 1.1 lukem } 679 1.1 lukem if ( ! legacy ) { 680 1.1 lukem unique_new_domain ( &private->legacy, 681 1.1 lukem UNIQUE_DEFAULT_URI, 682 1.1 lukem c ); 683 1.1 lukem legacy = private->legacy; 684 1.1 lukem } 685 1.1 lukem /* ... not using ARG_ON_OFF makes this necessary too */ 686 1.1 lukem assert ( c->argc == 2 ); 687 1.1 lukem legacy->strict = (strcasecmp ( c->argv[1], "TRUE" ) == 0); 688 1.1 lukem private->legacy_strict_set = 1; 689 1.1 lukem rc = 0; 690 1.1 lukem break; 691 1.1 lukem default: 692 1.1 lukem abort(); 693 1.1 lukem } 694 1.1 lukem 695 1.1 lukem return rc; 696 1.1 lukem } 697 1.1 lukem 698 1.1 lukem static int 699 1.1 lukem unique_cf_uri( ConfigArgs *c ) 700 1.1 lukem { 701 1.1 lukem slap_overinst *on = (slap_overinst *)c->bi; 702 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 703 1.1 lukem unique_domain *domains = private->domains; 704 1.1 lukem unique_domain *legacy = private->legacy; 705 1.1 lukem unique_domain *domain = NULL, **domainp = NULL; 706 1.1 lukem int rc = ARG_BAD_CONF; 707 1.1 lukem int i; 708 1.1 lukem 709 1.1 lukem switch ( c->op ) { 710 1.1 lukem case SLAP_CONFIG_EMIT: 711 1.1 lukem for ( domain = domains; 712 1.1 lukem domain; 713 1.1 lukem domain = domain->next ) { 714 1.1 lukem rc = value_add_one ( &c->rvalue_vals, 715 1.1.1.2 lukem &domain->domain_spec ); 716 1.1 lukem if ( rc ) break; 717 1.1 lukem } 718 1.1 lukem break; 719 1.1 lukem case LDAP_MOD_DELETE: 720 1.1 lukem if ( c->valx < 0 ) { /* delete them all! */ 721 1.1 lukem unique_free_domain ( domains ); 722 1.1 lukem private->domains = NULL; 723 1.1 lukem } else { /* delete just one */ 724 1.1 lukem domainp = &private->domains; 725 1.1 lukem for ( i=0; i < c->valx && *domainp; ++i ) 726 1.1 lukem domainp = &(*domainp)->next; 727 1.1 lukem 728 1.1 lukem /* If *domainp is null, we walked off the end 729 1.1 lukem * of the list. This happens when back-config 730 1.1 lukem * and the overlay are out-of-sync, like when 731 1.1 lukem * rejecting changes before ITS#4752 gets 732 1.1 lukem * fixed. 733 1.1 lukem * 734 1.1 lukem * This should never happen, but will appear 735 1.1 lukem * if you backport this version of 736 1.1 lukem * slapo-unique without the config-undo fixes 737 1.1 lukem * 738 1.1 lukem * test024 Will hit this case in such a 739 1.1 lukem * situation. 740 1.1 lukem */ 741 1.1 lukem assert (*domainp != NULL); 742 1.1 lukem 743 1.1 lukem domain = *domainp; 744 1.1 lukem *domainp = domain->next; 745 1.1 lukem domain->next = NULL; 746 1.1 lukem unique_free_domain ( domain ); 747 1.1 lukem } 748 1.1 lukem rc = 0; 749 1.1 lukem break; 750 1.1 lukem 751 1.1 lukem case SLAP_CONFIG_ADD: /* fallthrough */ 752 1.1 lukem case LDAP_MOD_ADD: 753 1.1 lukem if ( legacy ) { 754 1.1 lukem snprintf( c->cr_msg, sizeof( c->cr_msg ), 755 1.1 lukem "cannot set Uri when legacy attrs are present" ); 756 1.1 lukem Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n", 757 1.1 lukem c->cr_msg, NULL, NULL ); 758 1.1 lukem rc = ARG_BAD_CONF; 759 1.1 lukem break; 760 1.1 lukem } 761 1.1 lukem rc = 0; 762 1.1 lukem if ( c->line ) rc = unique_new_domain ( &domain, c->line, c ); 763 1.1 lukem else rc = unique_new_domain ( &domain, c->argv[1], c ); 764 1.1 lukem if ( rc ) break; 765 1.1 lukem assert ( domain->next == NULL ); 766 1.1 lukem for ( domainp = &private->domains; 767 1.1 lukem *domainp; 768 1.1 lukem domainp = &(*domainp)->next ) ; 769 1.1 lukem *domainp = domain; 770 1.1 lukem 771 1.1 lukem break; 772 1.1 lukem 773 1.1 lukem default: 774 1.1 lukem abort (); 775 1.1 lukem } 776 1.1 lukem 777 1.1 lukem return rc; 778 1.1 lukem } 779 1.1 lukem 780 1.1 lukem /* 781 1.1 lukem ** allocate new unique_data; 782 1.1 lukem ** initialize, copy basedn; 783 1.1 lukem ** store in on_bi.bi_private; 784 1.1 lukem ** 785 1.1 lukem */ 786 1.1 lukem 787 1.1 lukem static int 788 1.1 lukem unique_db_init( 789 1.1 lukem BackendDB *be, 790 1.1 lukem ConfigReply *cr 791 1.1 lukem ) 792 1.1 lukem { 793 1.1 lukem slap_overinst *on = (slap_overinst *)be->bd_info; 794 1.1 lukem unique_data **privatep = (unique_data **) &on->on_bi.bi_private; 795 1.1 lukem 796 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_db_init\n", 0, 0, 0); 797 1.1 lukem 798 1.1 lukem *privatep = ch_calloc ( 1, sizeof ( unique_data ) ); 799 1.1 lukem 800 1.1 lukem return 0; 801 1.1 lukem } 802 1.1 lukem 803 1.1 lukem static int 804 1.1 lukem unique_db_destroy( 805 1.1 lukem BackendDB *be, 806 1.1 lukem ConfigReply *cr 807 1.1 lukem ) 808 1.1 lukem { 809 1.1 lukem slap_overinst *on = (slap_overinst *)be->bd_info; 810 1.1 lukem unique_data **privatep = (unique_data **) &on->on_bi.bi_private; 811 1.1 lukem unique_data *private = *privatep; 812 1.1 lukem 813 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_db_destroy\n", 0, 0, 0); 814 1.1 lukem 815 1.1 lukem if ( private ) { 816 1.1 lukem unique_domain *domains = private->domains; 817 1.1 lukem unique_domain *legacy = private->legacy; 818 1.1 lukem 819 1.1 lukem unique_free_domain ( domains ); 820 1.1 lukem unique_free_domain ( legacy ); 821 1.1 lukem ch_free ( private ); 822 1.1 lukem *privatep = NULL; 823 1.1 lukem } 824 1.1 lukem 825 1.1 lukem return 0; 826 1.1 lukem } 827 1.1 lukem 828 1.1 lukem static int 829 1.1 lukem unique_open( 830 1.1 lukem BackendDB *be, 831 1.1 lukem ConfigReply *cr 832 1.1 lukem ) 833 1.1 lukem { 834 1.1 lukem Debug(LDAP_DEBUG_TRACE, "unique_open: overlay initialized\n", 0, 0, 0); 835 1.1 lukem 836 1.1 lukem return 0; 837 1.1 lukem } 838 1.1 lukem 839 1.1 lukem 840 1.1 lukem /* 841 1.1 lukem ** Leave unique_data but wipe out config 842 1.1 lukem ** 843 1.1 lukem */ 844 1.1 lukem 845 1.1 lukem static int 846 1.1 lukem unique_close( 847 1.1 lukem BackendDB *be, 848 1.1 lukem ConfigReply *cr 849 1.1 lukem ) 850 1.1 lukem { 851 1.1 lukem slap_overinst *on = (slap_overinst *) be->bd_info; 852 1.1 lukem unique_data **privatep = (unique_data **) &on->on_bi.bi_private; 853 1.1 lukem unique_data *private = *privatep; 854 1.1 lukem 855 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_close\n", 0, 0, 0); 856 1.1 lukem 857 1.1 lukem if ( private ) { 858 1.1 lukem unique_domain *domains = private->domains; 859 1.1 lukem unique_domain *legacy = private->legacy; 860 1.1 lukem 861 1.1 lukem unique_free_domain ( domains ); 862 1.1 lukem unique_free_domain ( legacy ); 863 1.1 lukem memset ( private, 0, sizeof ( unique_data ) ); 864 1.1 lukem } 865 1.1 lukem 866 1.1 lukem return ( 0 ); 867 1.1 lukem } 868 1.1 lukem 869 1.1 lukem 870 1.1 lukem /* 871 1.1 lukem ** search callback 872 1.1 lukem ** if this is a REP_SEARCH, count++; 873 1.1 lukem ** 874 1.1 lukem */ 875 1.1 lukem 876 1.1 lukem static int count_attr_cb( 877 1.1 lukem Operation *op, 878 1.1 lukem SlapReply *rs 879 1.1 lukem ) 880 1.1 lukem { 881 1.1 lukem unique_counter *uc; 882 1.1 lukem 883 1.1 lukem /* because you never know */ 884 1.1 lukem if(!op || !rs) return(0); 885 1.1 lukem 886 1.1 lukem /* Only search entries are interesting */ 887 1.1 lukem if(rs->sr_type != REP_SEARCH) return(0); 888 1.1 lukem 889 1.1 lukem uc = op->o_callback->sc_private; 890 1.1 lukem 891 1.1 lukem /* Ignore the current entry */ 892 1.1 lukem if ( dn_match( uc->ndn, &rs->sr_entry->e_nname )) return(0); 893 1.1 lukem 894 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> count_attr_cb <%s>\n", 895 1.1 lukem rs->sr_entry ? rs->sr_entry->e_name.bv_val : "UNKNOWN_DN", 0, 0); 896 1.1 lukem 897 1.1 lukem uc->count++; 898 1.1 lukem 899 1.1 lukem return(0); 900 1.1 lukem } 901 1.1 lukem 902 1.1 lukem /* count the length of one attribute ad 903 1.1 lukem * (and all of its values b) 904 1.1 lukem * in the proposed filter 905 1.1 lukem */ 906 1.1 lukem static int 907 1.1 lukem count_filter_len( 908 1.1 lukem unique_domain *domain, 909 1.1 lukem unique_domain_uri *uri, 910 1.1 lukem AttributeDescription *ad, 911 1.1 lukem BerVarray b 912 1.1 lukem ) 913 1.1 lukem { 914 1.1 lukem unique_attrs *attr; 915 1.1 lukem int i; 916 1.1 lukem int ks = 0; 917 1.1 lukem 918 1.1 lukem while ( !is_at_operational( ad->ad_type ) ) { 919 1.1 lukem if ( uri->attrs ) { 920 1.1 lukem for ( attr = uri->attrs; attr; attr = attr->next ) { 921 1.1 lukem if ( ad == attr->attr ) { 922 1.1 lukem break; 923 1.1 lukem } 924 1.1 lukem } 925 1.1 lukem if ( ( domain->ignore && attr ) 926 1.1 lukem || (!domain->ignore && !attr )) { 927 1.1 lukem break; 928 1.1 lukem } 929 1.1 lukem } 930 1.1 lukem if ( b && b[0].bv_val ) { 931 1.1 lukem for (i = 0; b[i].bv_val; i++ ) { 932 1.1 lukem /* note: make room for filter escaping... */ 933 1.1 lukem ks += ( 3 * b[i].bv_len ) + ad->ad_cname.bv_len + STRLENOF( "(=)" ); 934 1.1 lukem } 935 1.1 lukem } else if ( domain->strict ) { 936 1.1 lukem ks += ad->ad_cname.bv_len + STRLENOF( "(=*)" ); /* (attr=*) */ 937 1.1 lukem } 938 1.1 lukem break; 939 1.1 lukem } 940 1.1 lukem 941 1.1 lukem return ks; 942 1.1 lukem } 943 1.1 lukem 944 1.1 lukem static char * 945 1.1 lukem build_filter( 946 1.1 lukem unique_domain *domain, 947 1.1 lukem unique_domain_uri *uri, 948 1.1 lukem AttributeDescription *ad, 949 1.1 lukem BerVarray b, 950 1.1 lukem char *kp, 951 1.1 lukem int ks, 952 1.1 lukem void *ctx 953 1.1 lukem ) 954 1.1 lukem { 955 1.1 lukem unique_attrs *attr; 956 1.1 lukem int i; 957 1.1 lukem 958 1.1 lukem while ( !is_at_operational( ad->ad_type ) ) { 959 1.1 lukem if ( uri->attrs ) { 960 1.1 lukem for ( attr = uri->attrs; attr; attr = attr->next ) { 961 1.1 lukem if ( ad == attr->attr ) { 962 1.1 lukem break; 963 1.1 lukem } 964 1.1 lukem } 965 1.1 lukem if ( ( domain->ignore && attr ) 966 1.1 lukem || (!domain->ignore && !attr )) { 967 1.1 lukem break; 968 1.1 lukem } 969 1.1 lukem } 970 1.1 lukem if ( b && b[0].bv_val ) { 971 1.1 lukem for ( i = 0; b[i].bv_val; i++ ) { 972 1.1 lukem struct berval bv; 973 1.1 lukem int len; 974 1.1 lukem 975 1.1 lukem ldap_bv2escaped_filter_value_x( &b[i], &bv, 1, ctx ); 976 1.1.1.4.24.1 tls if (!b[i].bv_len) 977 1.1.1.4.24.1 tls bv.bv_val = b[i].bv_val; 978 1.1 lukem len = snprintf( kp, ks, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val ); 979 1.1 lukem assert( len >= 0 && len < ks ); 980 1.1 lukem kp += len; 981 1.1 lukem if ( bv.bv_val != b[i].bv_val ) { 982 1.1 lukem ber_memfree_x( bv.bv_val, ctx ); 983 1.1 lukem } 984 1.1 lukem } 985 1.1 lukem } else if ( domain->strict ) { 986 1.1 lukem int len; 987 1.1 lukem len = snprintf( kp, ks, "(%s=*)", ad->ad_cname.bv_val ); 988 1.1 lukem assert( len >= 0 && len < ks ); 989 1.1 lukem kp += len; 990 1.1 lukem } 991 1.1 lukem break; 992 1.1 lukem } 993 1.1 lukem return kp; 994 1.1 lukem } 995 1.1 lukem 996 1.1 lukem static int 997 1.1 lukem unique_search( 998 1.1 lukem Operation *op, 999 1.1 lukem Operation *nop, 1000 1.1 lukem struct berval * dn, 1001 1.1 lukem int scope, 1002 1.1 lukem SlapReply *rs, 1003 1.1.1.2 lukem struct berval *key 1004 1.1 lukem ) 1005 1.1 lukem { 1006 1.1 lukem slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 1007 1.1 lukem SlapReply nrs = { REP_RESULT }; 1008 1.1 lukem slap_callback cb = { NULL, NULL, NULL, NULL }; /* XXX */ 1009 1.1 lukem unique_counter uq = { NULL, 0 }; 1010 1.1 lukem int rc; 1011 1.1 lukem 1012 1.1.1.3 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_search %s\n", key->bv_val, 0, 0); 1013 1.1 lukem 1014 1.1.1.2 lukem nop->ors_filter = str2filter_x(nop, key->bv_val); 1015 1.1.1.3 lukem if(nop->ors_filter == NULL) { 1016 1.1.1.3 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1017 1.1.1.3 lukem send_ldap_error(op, rs, LDAP_OTHER, 1018 1.1.1.3 lukem "unique_search invalid filter"); 1019 1.1.1.3 lukem return(rs->sr_err); 1020 1.1.1.3 lukem } 1021 1.1.1.3 lukem 1022 1.1.1.2 lukem nop->ors_filterstr = *key; 1023 1.1 lukem 1024 1.1 lukem cb.sc_response = (slap_response*)count_attr_cb; 1025 1.1 lukem cb.sc_private = &uq; 1026 1.1 lukem nop->o_callback = &cb; 1027 1.1 lukem nop->o_tag = LDAP_REQ_SEARCH; 1028 1.1 lukem nop->ors_scope = scope; 1029 1.1 lukem nop->ors_deref = LDAP_DEREF_NEVER; 1030 1.1 lukem nop->ors_limit = NULL; 1031 1.1 lukem nop->ors_slimit = SLAP_NO_LIMIT; 1032 1.1 lukem nop->ors_tlimit = SLAP_NO_LIMIT; 1033 1.1 lukem nop->ors_attrs = slap_anlist_no_attrs; 1034 1.1 lukem nop->ors_attrsonly = 1; 1035 1.1 lukem 1036 1.1 lukem uq.ndn = &op->o_req_ndn; 1037 1.1 lukem 1038 1.1 lukem nop->o_req_ndn = *dn; 1039 1.1 lukem nop->o_ndn = op->o_bd->be_rootndn; 1040 1.1 lukem 1041 1.1 lukem nop->o_bd = on->on_info->oi_origdb; 1042 1.1 lukem rc = nop->o_bd->be_search(nop, &nrs); 1043 1.1.1.3 lukem filter_free_x(nop, nop->ors_filter, 1); 1044 1.1.1.2 lukem op->o_tmpfree( key->bv_val, op->o_tmpmemctx ); 1045 1.1 lukem 1046 1.1 lukem if(rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT) { 1047 1.1 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1048 1.1 lukem send_ldap_error(op, rs, rc, "unique_search failed"); 1049 1.1 lukem return(rs->sr_err); 1050 1.1 lukem } 1051 1.1 lukem 1052 1.1 lukem Debug(LDAP_DEBUG_TRACE, "=> unique_search found %d records\n", uq.count, 0, 0); 1053 1.1 lukem 1054 1.1 lukem if(uq.count) { 1055 1.1 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1056 1.1 lukem send_ldap_error(op, rs, LDAP_CONSTRAINT_VIOLATION, 1057 1.1 lukem "some attributes not unique"); 1058 1.1 lukem return(rs->sr_err); 1059 1.1 lukem } 1060 1.1 lukem 1061 1.1 lukem return(SLAP_CB_CONTINUE); 1062 1.1 lukem } 1063 1.1 lukem 1064 1.1 lukem static int 1065 1.1 lukem unique_add( 1066 1.1 lukem Operation *op, 1067 1.1 lukem SlapReply *rs 1068 1.1 lukem ) 1069 1.1 lukem { 1070 1.1 lukem slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 1071 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 1072 1.1 lukem unique_domain *domains = private->domains; 1073 1.1 lukem unique_domain *legacy = private->legacy; 1074 1.1 lukem unique_domain *domain; 1075 1.1 lukem Operation nop = *op; 1076 1.1 lukem Attribute *a; 1077 1.1 lukem char *key, *kp; 1078 1.1.1.2 lukem struct berval bvkey; 1079 1.1 lukem int rc = SLAP_CB_CONTINUE; 1080 1.1 lukem 1081 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_add <%s>\n", 1082 1.1 lukem op->o_req_dn.bv_val, 0, 0); 1083 1.1 lukem 1084 1.1.1.4.24.1 tls /* skip the checks if the operation has manageDsaIt control in it 1085 1.1.1.4.24.1 tls * (for replication) */ 1086 1.1.1.4.24.1 tls if ( op->o_managedsait > SLAP_CONTROL_IGNORED ) { 1087 1.1.1.4.24.1 tls Debug(LDAP_DEBUG_TRACE, "unique_add: administrative bypass, skipping\n", 0, 0, 0); 1088 1.1.1.4.24.1 tls return rc; 1089 1.1.1.4.24.1 tls } 1090 1.1.1.4.24.1 tls 1091 1.1 lukem for ( domain = legacy ? legacy : domains; 1092 1.1 lukem domain; 1093 1.1 lukem domain = domain->next ) 1094 1.1 lukem { 1095 1.1 lukem unique_domain_uri *uri; 1096 1.1 lukem 1097 1.1 lukem for ( uri = domain->uri; 1098 1.1 lukem uri; 1099 1.1 lukem uri = uri->next ) 1100 1.1 lukem { 1101 1.1 lukem int len; 1102 1.1.1.3 lukem int ks = 0; 1103 1.1 lukem 1104 1.1.1.2 lukem if ( uri->ndn.bv_val 1105 1.1.1.2 lukem && !dnIsSuffix( &op->o_req_ndn, &uri->ndn )) 1106 1.1 lukem continue; 1107 1.1 lukem 1108 1.1.1.3 lukem if ( uri->f ) { 1109 1.1.1.3 lukem if ( test_filter( NULL, op->ora_e, uri->f ) 1110 1.1.1.3 lukem == LDAP_COMPARE_FALSE ) 1111 1.1.1.3 lukem { 1112 1.1.1.3 lukem Debug( LDAP_DEBUG_TRACE, 1113 1.1.1.3 lukem "==> unique_add_skip<%s>\n", 1114 1.1.1.3 lukem op->o_req_dn.bv_val, 0, 0 ); 1115 1.1.1.3 lukem continue; 1116 1.1.1.3 lukem } 1117 1.1.1.3 lukem } 1118 1.1.1.3 lukem 1119 1.1 lukem if(!(a = op->ora_e->e_attrs)) { 1120 1.1 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1121 1.1 lukem send_ldap_error(op, rs, LDAP_INVALID_SYNTAX, 1122 1.1 lukem "unique_add() got null op.ora_e.e_attrs"); 1123 1.1 lukem rc = rs->sr_err; 1124 1.1 lukem break; 1125 1.1 lukem 1126 1.1 lukem } else { 1127 1.1 lukem for(; a; a = a->a_next) { 1128 1.1 lukem ks += count_filter_len ( domain, 1129 1.1 lukem uri, 1130 1.1 lukem a->a_desc, 1131 1.1 lukem a->a_vals); 1132 1.1 lukem } 1133 1.1 lukem } 1134 1.1 lukem 1135 1.1 lukem /* skip this domain-uri if it isn't involved */ 1136 1.1 lukem if ( !ks ) continue; 1137 1.1 lukem 1138 1.1.1.2 lukem /* terminating NUL */ 1139 1.1.1.3 lukem ks += sizeof("(|)"); 1140 1.1.1.2 lukem 1141 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) 1142 1.1.1.2 lukem ks += uri->filter.bv_len + STRLENOF ("(&)"); 1143 1.1 lukem kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx); 1144 1.1 lukem 1145 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1146 1.1.1.2 lukem len = snprintf (kp, ks, "(&%s", uri->filter.bv_val); 1147 1.1 lukem assert( len >= 0 && len < ks ); 1148 1.1 lukem kp += len; 1149 1.1 lukem } 1150 1.1 lukem len = snprintf(kp, ks - (kp - key), "(|"); 1151 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1152 1.1 lukem kp += len; 1153 1.1 lukem 1154 1.1 lukem for(a = op->ora_e->e_attrs; a; a = a->a_next) 1155 1.1 lukem kp = build_filter(domain, 1156 1.1 lukem uri, 1157 1.1 lukem a->a_desc, 1158 1.1 lukem a->a_vals, 1159 1.1 lukem kp, 1160 1.1 lukem ks - ( kp - key ), 1161 1.1 lukem op->o_tmpmemctx); 1162 1.1 lukem 1163 1.1 lukem len = snprintf(kp, ks - (kp - key), ")"); 1164 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1165 1.1 lukem kp += len; 1166 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1167 1.1 lukem len = snprintf(kp, ks - (kp - key), ")"); 1168 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1169 1.1 lukem kp += len; 1170 1.1 lukem } 1171 1.1.1.2 lukem bvkey.bv_val = key; 1172 1.1.1.2 lukem bvkey.bv_len = kp - key; 1173 1.1 lukem 1174 1.1 lukem rc = unique_search ( op, 1175 1.1 lukem &nop, 1176 1.1.1.2 lukem uri->ndn.bv_val ? 1177 1.1.1.2 lukem &uri->ndn : 1178 1.1 lukem &op->o_bd->be_nsuffix[0], 1179 1.1 lukem uri->scope, 1180 1.1 lukem rs, 1181 1.1.1.2 lukem &bvkey); 1182 1.1 lukem 1183 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1184 1.1 lukem } 1185 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1186 1.1 lukem } 1187 1.1 lukem 1188 1.1 lukem return rc; 1189 1.1 lukem } 1190 1.1 lukem 1191 1.1 lukem 1192 1.1 lukem static int 1193 1.1 lukem unique_modify( 1194 1.1 lukem Operation *op, 1195 1.1 lukem SlapReply *rs 1196 1.1 lukem ) 1197 1.1 lukem { 1198 1.1 lukem slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 1199 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 1200 1.1 lukem unique_domain *domains = private->domains; 1201 1.1 lukem unique_domain *legacy = private->legacy; 1202 1.1 lukem unique_domain *domain; 1203 1.1 lukem Operation nop = *op; 1204 1.1 lukem Modifications *m; 1205 1.1 lukem char *key, *kp; 1206 1.1.1.2 lukem struct berval bvkey; 1207 1.1 lukem int rc = SLAP_CB_CONTINUE; 1208 1.1 lukem 1209 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_modify <%s>\n", 1210 1.1 lukem op->o_req_dn.bv_val, 0, 0); 1211 1.1 lukem 1212 1.1.1.4.24.1 tls /* skip the checks if the operation has manageDsaIt control in it 1213 1.1.1.4.24.1 tls * (for replication) */ 1214 1.1.1.4.24.1 tls if ( op->o_managedsait > SLAP_CONTROL_IGNORED ) { 1215 1.1.1.4.24.1 tls Debug(LDAP_DEBUG_TRACE, "unique_modify: administrative bypass, skipping\n", 0, 0, 0); 1216 1.1.1.4.24.1 tls return rc; 1217 1.1.1.4.24.1 tls } 1218 1.1.1.4.24.1 tls 1219 1.1 lukem for ( domain = legacy ? legacy : domains; 1220 1.1 lukem domain; 1221 1.1 lukem domain = domain->next ) 1222 1.1 lukem { 1223 1.1 lukem unique_domain_uri *uri; 1224 1.1 lukem 1225 1.1 lukem for ( uri = domain->uri; 1226 1.1 lukem uri; 1227 1.1 lukem uri = uri->next ) 1228 1.1 lukem { 1229 1.1 lukem int len; 1230 1.1.1.3 lukem int ks = 0; 1231 1.1 lukem 1232 1.1.1.2 lukem if ( uri->ndn.bv_val 1233 1.1.1.2 lukem && !dnIsSuffix( &op->o_req_ndn, &uri->ndn )) 1234 1.1 lukem continue; 1235 1.1 lukem 1236 1.1 lukem if ( !(m = op->orm_modlist) ) { 1237 1.1 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1238 1.1 lukem send_ldap_error(op, rs, LDAP_INVALID_SYNTAX, 1239 1.1 lukem "unique_modify() got null op.orm_modlist"); 1240 1.1 lukem rc = rs->sr_err; 1241 1.1 lukem break; 1242 1.1 lukem 1243 1.1 lukem } else 1244 1.1 lukem for ( ; m; m = m->sml_next) 1245 1.1 lukem if ( (m->sml_op & LDAP_MOD_OP) 1246 1.1 lukem != LDAP_MOD_DELETE ) 1247 1.1 lukem ks += count_filter_len 1248 1.1 lukem ( domain, 1249 1.1 lukem uri, 1250 1.1 lukem m->sml_desc, 1251 1.1 lukem m->sml_values); 1252 1.1 lukem 1253 1.1 lukem /* skip this domain-uri if it isn't involved */ 1254 1.1 lukem if ( !ks ) continue; 1255 1.1 lukem 1256 1.1.1.2 lukem /* terminating NUL */ 1257 1.1.1.3 lukem ks += sizeof("(|)"); 1258 1.1.1.2 lukem 1259 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) 1260 1.1.1.2 lukem ks += uri->filter.bv_len + STRLENOF ("(&)"); 1261 1.1 lukem kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx); 1262 1.1 lukem 1263 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1264 1.1.1.2 lukem len = snprintf(kp, ks, "(&%s", uri->filter.bv_val); 1265 1.1 lukem assert( len >= 0 && len < ks ); 1266 1.1 lukem kp += len; 1267 1.1 lukem } 1268 1.1 lukem len = snprintf(kp, ks - (kp - key), "(|"); 1269 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1270 1.1 lukem kp += len; 1271 1.1 lukem 1272 1.1 lukem for(m = op->orm_modlist; m; m = m->sml_next) 1273 1.1 lukem if ( (m->sml_op & LDAP_MOD_OP) 1274 1.1 lukem != LDAP_MOD_DELETE ) 1275 1.1 lukem kp = build_filter ( domain, 1276 1.1 lukem uri, 1277 1.1 lukem m->sml_desc, 1278 1.1 lukem m->sml_values, 1279 1.1 lukem kp, 1280 1.1 lukem ks - (kp - key), 1281 1.1 lukem op->o_tmpmemctx ); 1282 1.1 lukem 1283 1.1 lukem len = snprintf(kp, ks - (kp - key), ")"); 1284 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1285 1.1 lukem kp += len; 1286 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1287 1.1 lukem len = snprintf (kp, ks - (kp - key), ")"); 1288 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1289 1.1 lukem kp += len; 1290 1.1 lukem } 1291 1.1.1.2 lukem bvkey.bv_val = key; 1292 1.1.1.2 lukem bvkey.bv_len = kp - key; 1293 1.1 lukem 1294 1.1 lukem rc = unique_search ( op, 1295 1.1 lukem &nop, 1296 1.1.1.2 lukem uri->ndn.bv_val ? 1297 1.1.1.2 lukem &uri->ndn : 1298 1.1 lukem &op->o_bd->be_nsuffix[0], 1299 1.1 lukem uri->scope, 1300 1.1 lukem rs, 1301 1.1.1.2 lukem &bvkey); 1302 1.1 lukem 1303 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1304 1.1 lukem } 1305 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1306 1.1 lukem } 1307 1.1 lukem 1308 1.1 lukem return rc; 1309 1.1 lukem } 1310 1.1 lukem 1311 1.1 lukem 1312 1.1 lukem static int 1313 1.1 lukem unique_modrdn( 1314 1.1 lukem Operation *op, 1315 1.1 lukem SlapReply *rs 1316 1.1 lukem ) 1317 1.1 lukem { 1318 1.1 lukem slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 1319 1.1 lukem unique_data *private = (unique_data *) on->on_bi.bi_private; 1320 1.1 lukem unique_domain *domains = private->domains; 1321 1.1 lukem unique_domain *legacy = private->legacy; 1322 1.1 lukem unique_domain *domain; 1323 1.1 lukem Operation nop = *op; 1324 1.1 lukem char *key, *kp; 1325 1.1.1.2 lukem struct berval bvkey; 1326 1.1 lukem LDAPRDN newrdn; 1327 1.1 lukem struct berval bv[2]; 1328 1.1 lukem int rc = SLAP_CB_CONTINUE; 1329 1.1 lukem 1330 1.1 lukem Debug(LDAP_DEBUG_TRACE, "==> unique_modrdn <%s> <%s>\n", 1331 1.1 lukem op->o_req_dn.bv_val, op->orr_newrdn.bv_val, 0); 1332 1.1 lukem 1333 1.1.1.4.24.1 tls /* skip the checks if the operation has manageDsaIt control in it 1334 1.1.1.4.24.1 tls * (for replication) */ 1335 1.1.1.4.24.1 tls if ( op->o_managedsait > SLAP_CONTROL_IGNORED ) { 1336 1.1.1.4.24.1 tls Debug(LDAP_DEBUG_TRACE, "unique_modrdn: administrative bypass, skipping\n", 0, 0, 0); 1337 1.1.1.4.24.1 tls return rc; 1338 1.1.1.4.24.1 tls } 1339 1.1.1.4.24.1 tls 1340 1.1 lukem for ( domain = legacy ? legacy : domains; 1341 1.1 lukem domain; 1342 1.1 lukem domain = domain->next ) 1343 1.1 lukem { 1344 1.1 lukem unique_domain_uri *uri; 1345 1.1 lukem 1346 1.1 lukem for ( uri = domain->uri; 1347 1.1 lukem uri; 1348 1.1 lukem uri = uri->next ) 1349 1.1 lukem { 1350 1.1 lukem int i, len; 1351 1.1.1.3 lukem int ks = 0; 1352 1.1 lukem 1353 1.1.1.2 lukem if ( uri->ndn.bv_val 1354 1.1.1.2 lukem && !dnIsSuffix( &op->o_req_ndn, &uri->ndn ) 1355 1.1 lukem && (!op->orr_nnewSup 1356 1.1.1.2 lukem || !dnIsSuffix( op->orr_nnewSup, &uri->ndn ))) 1357 1.1 lukem continue; 1358 1.1 lukem 1359 1.1 lukem if ( ldap_bv2rdn_x ( &op->oq_modrdn.rs_newrdn, 1360 1.1 lukem &newrdn, 1361 1.1 lukem (char **)&rs->sr_text, 1362 1.1 lukem LDAP_DN_FORMAT_LDAP, 1363 1.1 lukem op->o_tmpmemctx ) ) { 1364 1.1 lukem op->o_bd->bd_info = (BackendInfo *) on->on_info; 1365 1.1 lukem send_ldap_error(op, rs, LDAP_INVALID_SYNTAX, 1366 1.1 lukem "unknown type(s) used in RDN"); 1367 1.1 lukem rc = rs->sr_err; 1368 1.1 lukem break; 1369 1.1 lukem } 1370 1.1 lukem 1371 1.1 lukem rc = SLAP_CB_CONTINUE; 1372 1.1 lukem for ( i=0; newrdn[i]; i++) { 1373 1.1 lukem AttributeDescription *ad = NULL; 1374 1.1 lukem if ( slap_bv2ad( &newrdn[i]->la_attr, &ad, &rs->sr_text )) { 1375 1.1 lukem ldap_rdnfree_x( newrdn, op->o_tmpmemctx ); 1376 1.1 lukem rs->sr_err = LDAP_INVALID_SYNTAX; 1377 1.1 lukem send_ldap_result( op, rs ); 1378 1.1 lukem rc = rs->sr_err; 1379 1.1 lukem break; 1380 1.1 lukem } 1381 1.1 lukem newrdn[i]->la_private = ad; 1382 1.1 lukem } 1383 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1384 1.1 lukem 1385 1.1 lukem bv[1].bv_val = NULL; 1386 1.1 lukem bv[1].bv_len = 0; 1387 1.1 lukem 1388 1.1 lukem for ( i=0; newrdn[i]; i++ ) { 1389 1.1 lukem bv[0] = newrdn[i]->la_value; 1390 1.1 lukem ks += count_filter_len ( domain, 1391 1.1 lukem uri, 1392 1.1 lukem newrdn[i]->la_private, 1393 1.1 lukem bv); 1394 1.1 lukem } 1395 1.1 lukem 1396 1.1 lukem /* skip this domain if it isn't involved */ 1397 1.1 lukem if ( !ks ) continue; 1398 1.1 lukem 1399 1.1.1.2 lukem /* terminating NUL */ 1400 1.1.1.3 lukem ks += sizeof("(|)"); 1401 1.1.1.2 lukem 1402 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) 1403 1.1.1.2 lukem ks += uri->filter.bv_len + STRLENOF ("(&)"); 1404 1.1 lukem kp = key = op->o_tmpalloc(ks, op->o_tmpmemctx); 1405 1.1 lukem 1406 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1407 1.1.1.2 lukem len = snprintf(kp, ks, "(&%s", uri->filter.bv_val); 1408 1.1 lukem assert( len >= 0 && len < ks ); 1409 1.1 lukem kp += len; 1410 1.1 lukem } 1411 1.1 lukem len = snprintf(kp, ks - (kp - key), "(|"); 1412 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1413 1.1 lukem kp += len; 1414 1.1 lukem 1415 1.1 lukem for ( i=0; newrdn[i]; i++) { 1416 1.1 lukem bv[0] = newrdn[i]->la_value; 1417 1.1 lukem kp = build_filter ( domain, 1418 1.1 lukem uri, 1419 1.1 lukem newrdn[i]->la_private, 1420 1.1 lukem bv, 1421 1.1 lukem kp, 1422 1.1 lukem ks - (kp - key ), 1423 1.1 lukem op->o_tmpmemctx); 1424 1.1 lukem } 1425 1.1 lukem 1426 1.1 lukem len = snprintf(kp, ks - (kp - key), ")"); 1427 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1428 1.1 lukem kp += len; 1429 1.1.1.2 lukem if ( uri->filter.bv_val && uri->filter.bv_len ) { 1430 1.1 lukem len = snprintf (kp, ks - (kp - key), ")"); 1431 1.1 lukem assert( len >= 0 && len < ks - (kp - key) ); 1432 1.1 lukem kp += len; 1433 1.1 lukem } 1434 1.1.1.2 lukem bvkey.bv_val = key; 1435 1.1.1.2 lukem bvkey.bv_len = kp - key; 1436 1.1 lukem 1437 1.1 lukem rc = unique_search ( op, 1438 1.1 lukem &nop, 1439 1.1.1.2 lukem uri->ndn.bv_val ? 1440 1.1.1.2 lukem &uri->ndn : 1441 1.1 lukem &op->o_bd->be_nsuffix[0], 1442 1.1 lukem uri->scope, 1443 1.1 lukem rs, 1444 1.1.1.2 lukem &bvkey); 1445 1.1 lukem 1446 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1447 1.1 lukem } 1448 1.1 lukem if ( rc != SLAP_CB_CONTINUE ) break; 1449 1.1 lukem } 1450 1.1 lukem 1451 1.1 lukem return rc; 1452 1.1 lukem } 1453 1.1 lukem 1454 1.1 lukem /* 1455 1.1 lukem ** init_module is last so the symbols resolve "for free" -- 1456 1.1 lukem ** it expects to be called automagically during dynamic module initialization 1457 1.1 lukem */ 1458 1.1 lukem 1459 1.1 lukem int 1460 1.1 lukem unique_initialize() 1461 1.1 lukem { 1462 1.1 lukem int rc; 1463 1.1 lukem 1464 1.1 lukem /* statically declared just after the #includes at top */ 1465 1.1 lukem memset (&unique, 0, sizeof(unique)); 1466 1.1 lukem 1467 1.1 lukem unique.on_bi.bi_type = "unique"; 1468 1.1 lukem unique.on_bi.bi_db_init = unique_db_init; 1469 1.1 lukem unique.on_bi.bi_db_destroy = unique_db_destroy; 1470 1.1 lukem unique.on_bi.bi_db_open = unique_open; 1471 1.1 lukem unique.on_bi.bi_db_close = unique_close; 1472 1.1 lukem unique.on_bi.bi_op_add = unique_add; 1473 1.1 lukem unique.on_bi.bi_op_modify = unique_modify; 1474 1.1 lukem unique.on_bi.bi_op_modrdn = unique_modrdn; 1475 1.1 lukem 1476 1.1 lukem unique.on_bi.bi_cf_ocs = uniqueocs; 1477 1.1 lukem rc = config_register_schema( uniquecfg, uniqueocs ); 1478 1.1 lukem if ( rc ) return rc; 1479 1.1 lukem 1480 1.1 lukem return(overlay_register(&unique)); 1481 1.1 lukem } 1482 1.1 lukem 1483 1.1 lukem #if SLAPD_OVER_UNIQUE == SLAPD_MOD_DYNAMIC && defined(PIC) 1484 1.1 lukem int init_module(int argc, char *argv[]) { 1485 1.1 lukem return unique_initialize(); 1486 1.1 lukem } 1487 1.1 lukem #endif 1488 1.1 lukem 1489 1.1 lukem #endif /* SLAPD_OVER_UNIQUE */ 1490
Indexes created Sun Apr 26 00:22:38 UTC 2026