upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-19 02:28:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sync with HEAD

Browse source
This commit is contained in:
Kurt Zeilenga 2004-12-30 22:29:49 +00:00
commit 182ad0ff27
24 changed files with 485 additions and 3069 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

95
README
View file

@ -1,35 +1,86 @@
OpenLDAP Devel README
This software was obtained from the development branch (HEAD) of
the OpenLDAP Software Repository. This copy is likely already
not current, the development branch changes frequently. These
changes include code implementing experimental features and
unproven bug fixes. Please do NOT redistribute copies of the
development branch.
OpenLDAP 2.3 README
For a description of what this distribution contains, see the
ANNOUNCEMENT file in this directory. For a description of
changes from previous releases, see the CHANGES file in this
directory.
The OpenLDAP Developer's FAQ is available at:
http://www.openldap.org/faq/index.cgi?file=4
This is 2.3 release, it includes significant changes from prior
releases.
Client developers seeking a suitable development platform
should use "release" or "stable" versions.
http://www.openldap.org/software/
REQUIRED SOFTWARE
Building OpenLDAP Software requires a number of software packages
to be preinstalled. Additional information regarding prerequisite
software can be found in the OpenLDAP Administrator's Guide.
Contributing
Base system (libraries and tools):
Standard C compiler (required)
Cyrus SASL 2.1.18+ (recommended)
OpenSSL 0.9.7+ (recommended)
POSIX REGEX software (required)
See http://www.openldap.org/devel/contributing.html for how to
contribute code or documentation to OpenLDAP. Use the Issue Tracking
System <http://www.openldap.org/its/> to submit contributions.
While you are encouraged to coordinate and discuss the development
activities on the openldap-devel@openldap.org mailing list prior
to submission, it is noted that contributions must be submitted
using the Issue Tracking System to be considered.
SLAPD:
BDB backend requires Sleepycat Berkeley DB 4.3
LDBM backend requires a compatible database manager
[Berkeley DB, GDBM, etc.]
SLURPD:
LTHREAD compatible thread package
[POSIX threads, Mach Cthreads, select others]
CLIENTS/CONTRIB ware:
Depends on package. See per package README.
MAKING AND INSTALLING THE DISTRIBUTION
Please see the INSTALL file for basic instructions. More
detailed instructions can be found in the OpenLDAP Admnistrator's
Guide (see DOCUMENTATION section).
DOCUMENTATION
There are man pages for most programs in the distribution and
routines in the various libraries. See ldap(3) for details.
The OpenLDAP website is available and contains the latest LDAP
news, releases announcements, pointers to other LDAP resources,
etc.. It is located at <http://www.OpenLDAP.org/>.
The OpenLDAP Administrator's Guide and other documentation is
available at <http://www.openldap.org/doc/>.
The OpenLDAP Software FAQ is available at
<http://www.openldap.org/faq/>.
SUPPORT / FEEDBACK / PROBLEM REPORTS / DISCUSSIONS
OpenLDAP is user supported. If you have problems, please review
the OpenLDAP FAQ <http://www.openldap.org/faq/> and archives
of the OpenLDAP-software and OpenLDAP-bugs mailing lists
<http://www.openldap.org/lists/>. If you cannot find the answer,
please enquire on the OpenLDAP-software list.
Issues, such as bug reports, should be reported using our our
Issue Tracking System <http://www.OpenLDAP.org/its/>. Do not
use this system for software enquiries. Please direct these
to an appropriate mailing list.
CONTRIBUTING
See <http://www.openldap.org/devel/contributing.html> for
information regarding how to contribute code or documentation
to the OpenLDAP Project for inclusion in OpenLDAP Software.
While you are encouraged to coordinate and discuss the development
activities on the <openldap-devel@openldap.org> mailing list
prior to submission, it is noted that contributions must be
submitted using the Issue Tracking System
<http://www.openldap.org/its/> to be considered.
---
$OpenLDAP$
This work is part of OpenLDAP Software <http://www.openldap.org/>.
Copyright 1998-2004 The OpenLDAP Foundation.
All rights reserved.
Copyright 1998-2004 The OpenLDAP Foundation. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP

58
configure vendored
View file

@ -1,6 +1,6 @@
#! /bin/sh
# $OpenLDAP$
# from OpenLDAP: pkg/ldap/configure.in,v 1.559 2004/11/30 22:25:26 slim Exp
# from OpenLDAP: pkg/ldap/configure.in,v 1.560 2004/12/04 18:48:48 hyc Exp
# This work is part of OpenLDAP Software <http://www.openldap.org/>.
#
@ -8464,7 +8464,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
exit (0); }
EOF
if { (eval echo configure:8468: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:8468: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
:
else
@ -9549,7 +9549,7 @@ int main(int argc, char *argv)
exit (epfd == -1 ? 1 : 0);
}
EOF
if { (eval echo configure:9553: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:9553: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "$ac_t""yes" 1>&6
cat >> confdefs.h <<\EOF
@ -9762,7 +9762,7 @@ else
}
EOF
if { (eval echo configure:9766: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:9766: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_nonposix_strerror_r=yes
else
@ -10010,7 +10010,7 @@ main()
return rc;
}
EOF
if { (eval echo configure:10014: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:10014: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_c_posix_regex=yes
else
@ -12190,7 +12190,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:12194: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:12194: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_create=yes
else
@ -12377,7 +12377,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:12381: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:12381: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_kthread=yes
else
@ -12569,7 +12569,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:12573: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:12573: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_pthread=yes
else
@ -12761,7 +12761,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:12765: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:12765: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_pthreads=yes
else
@ -12953,7 +12953,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:12957: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:12957: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_mthreads=yes
else
@ -13145,7 +13145,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:13149: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:13149: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_thread=yes
else
@ -13338,7 +13338,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:13342: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:13342: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread_lmach_lexc_lc_r=yes
else
@ -13530,7 +13530,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:13534: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:13534: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread_lmach_lexc=yes
else
@ -13723,7 +13723,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:13727: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:13727: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lib_lpthread_woff=yes
else
@ -13916,7 +13916,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:13920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:13920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread=yes
else
@ -14108,7 +14108,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:14112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:14112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lc_r=yes
else
@ -14301,7 +14301,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:14305: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:14305: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_threads=yes
else
@ -14494,7 +14494,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:14498: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:14498: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lmach_lexc_lc_r=yes
else
@ -14686,7 +14686,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:14690: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:14690: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lmach_lexc=yes
else
@ -14878,7 +14878,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:14882: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:14882: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lexc=yes
else
@ -15071,7 +15071,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:15075: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:15075: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lib_lpthreads=yes
else
@ -15557,7 +15557,7 @@ int main(argc, argv)
}
EOF
if { (eval echo configure:15561: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:15561: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_create_works=yes
else
@ -15665,7 +15665,7 @@ int main(argc, argv)
exit(2);
}
EOF
if { (eval echo configure:15669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:15669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_select_yields=no
else
@ -20732,7 +20732,7 @@ main()
return 0;
}
EOF
if { (eval echo configure:20736: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:20736: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_berkeley_db_version=yes
else
@ -20838,7 +20838,7 @@ main()
return rc;
}
EOF
if { (eval echo configure:20842: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:20842: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_berkeley_db_thread=yes
else
@ -22896,7 +22896,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
exit (0); }
EOF
if { (eval echo configure:22900: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:22900: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
:
else
@ -23523,7 +23523,7 @@ main()
exit(1);
}
EOF
if { (eval echo configure:23527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:23527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_c_upper_lower=no
else
@ -23732,7 +23732,7 @@ main () {
exit (u.c[sizeof (long) - 1] == 1);
}
EOF
if { (eval echo configure:23736: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:23736: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_c_bigendian=no
else
@ -23964,7 +23964,7 @@ main()
}
EOF
if { (eval echo configure:23968: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>&5
if { (eval echo configure:23968: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_func_memcmp_clean=yes
else

1
include/ldap.h
View file

@ -472,6 +472,7 @@ typedef struct ldapcontrol {
#define LDAP_AUTH_METHOD_NOT_SUPPORTED 0x07
#define LDAP_STRONG_AUTH_NOT_SUPPORTED LDAP_AUTH_METHOD_NOT_SUPPORTED
#define LDAP_STRONG_AUTH_REQUIRED 0x08
#define LDAP_STRONGER_AUTH_REQUIRED LDAP_STRONG_AUTH_REQUIRED
#define LDAP_PARTIAL_RESULTS 0x09 /* LDAPv2+ (not LDAPv3) */
#define LDAP_REFERRAL 0x0a /* LDAPv3 */

3
servers/slapd/attr.c
View file

@ -43,8 +43,9 @@
void
attr_free( Attribute *a )
{
if ( a->a_nvals && a->a_nvals != a->a_vals )
if ( a->a_nvals && a->a_nvals != a->a_vals ) {
ber_bvarray_free( a->a_nvals );
}
ber_bvarray_free( a->a_vals );
free( a );
}

1
servers/slapd/back-meta/back-meta.h
View file

@ -144,6 +144,7 @@ extern int suffix_massage_config( struct rewrite_info *info,
struct berval *pvnc, struct berval *nvnc,
struct berval *prnc, struct berval *nrnc);
#endif /* ENABLE_REWRITE */
extern int ldap_back_referral_result_rewrite( dncookie *dc, BerVarray a_vals );
extern int ldap_dnattr_rewrite( dncookie *dc, BerVarray a_vals );
extern int ldap_dnattr_result_rewrite( dncookie *dc, BerVarray a_vals );

18
servers/slapd/back-meta/compare.c
View file

@ -114,6 +114,21 @@ meta_back_compare( Operation *op, SlapReply *rs )
if ( mapped_attr.bv_val == NULL || mapped_attr.bv_val[0] == '\0' ) {
continue;
}
if ( op->oq_compare.rs_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
{
dc.ctx = "compareAttrDN";
switch ( ldap_back_dn_massage( &dc, &op->oq_compare.rs_ava->aa_value, &mapped_value ) )
{
case LDAP_UNWILLING_TO_PERFORM:
rc = 1;
goto finish;
default:
break;
}
}
}
/*
@ -123,13 +138,16 @@ meta_back_compare( Operation *op, SlapReply *rs )
*/
msgid[ i ] = ldap_compare( lc->conns[ i ].ld, mdn.bv_val,
mapped_attr.bv_val, mapped_value.bv_val );
if ( mdn.bv_val != op->o_req_dn.bv_val ) {
free( mdn.bv_val );
mdn.bv_val = NULL;
}
if ( mapped_attr.bv_val != op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val ) {
free( mapped_attr.bv_val );
}
if ( mapped_value.bv_val != op->oq_compare.rs_ava->aa_value.bv_val ) {
free( mapped_value.bv_val );
}

28
servers/slapd/back-meta/config.c
View file

@ -771,10 +771,10 @@ suffix_massage_config(
ch_free( rargv[ 2 ] );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "searchResult";
rargv[ 1 ] = "searchEntryDN";
rargv[ 2 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteRule";
rargv[ 1 ] = suffix_massage_regexize( prnc->bv_val );
rargv[ 2 ] = suffix_massage_patternize( pvnc->bv_val );
@ -784,20 +784,40 @@ suffix_massage_config(
ch_free( rargv[ 1 ] );
ch_free( rargv[ 2 ] );
/* backward compatibility */
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "searchResult";
rargv[ 2 ] = "alias";
rargv[ 3 ] = "searchEntryDN";
rargv[ 4 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "matchedDN";
rargv[ 2 ] = "alias";
rargv[ 3 ] = "searchResult";
rargv[ 3 ] = "searchEntryDN";
rargv[ 4 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "searchAttrDN";
rargv[ 2 ] = "alias";
rargv[ 3 ] = "searchResult";
rargv[ 3 ] = "searchEntryDN";
rargv[ 4 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
/* NOTE: this corresponds to #undef'ining RWM_REFERRAL_REWRITE;
* see servers/slapd/overlays/rwm.h for details */
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "referralAttrDN";
rargv[ 2 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "referralDN";
rargv[ 2 ] = NULL;
rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
return 0;
}
#endif /* ENABLE_REWRITE */

172
servers/slapd/back-meta/map.c
View file

@ -209,7 +209,7 @@ map_attr_value(
dncookie fdc = *dc;
#ifdef ENABLE_REWRITE
fdc.ctx = "searchFilter";
fdc.ctx = "searchFilterAttrDN";
#endif
switch ( ldap_back_dn_massage( &fdc, value, &vtmp ) ) {
@ -245,8 +245,8 @@ map_attr_value(
return 0;
}
int
ldap_back_filter_map_rewrite(
static int
ldap_back_int_filter_map_rewrite(
dncookie *dc,
Filter *f,
struct berval *fstr,
@ -421,7 +421,7 @@ ldap_back_filter_map_rewrite(
for ( p = f->f_list; p != NULL; p = p->f_next ) {
len = fstr->bv_len;
if ( ldap_back_filter_map_rewrite( dc, p, &vtmp, remap ) )
if ( ldap_back_int_filter_map_rewrite( dc, p, &vtmp, remap ) )
{
return -1;
}
@ -469,26 +469,163 @@ ldap_back_filter_map_rewrite(
} break;
case SLAPD_FILTER_COMPUTED:
ber_str2bv(
f->f_result == LDAP_COMPARE_FALSE ? "(?=false)" :
f->f_result == LDAP_COMPARE_TRUE ? "(?=true)" :
f->f_result == SLAPD_COMPARE_UNDEFINED ? "(?=undefined)" :
"(?=error)",
f->f_result == LDAP_COMPARE_FALSE ? sizeof("(?=false)")-1 :
f->f_result == LDAP_COMPARE_TRUE ? sizeof("(?=true)")-1 :
f->f_result == SLAPD_COMPARE_UNDEFINED ? sizeof("(?=undefined)")-1 :
sizeof("(?=error)")-1,
1, fstr );
switch ( f->f_result ) {
case LDAP_COMPARE_FALSE:
ber_str2bv( "(?=false)", STRLENOF( "(?=false)" ), 1, fstr );
break;
case LDAP_COMPARE_TRUE:
ber_str2bv( "(?=true)", STRLENOF( "(?=true)" ), 1, fstr );
break;
case SLAPD_COMPARE_UNDEFINED:
ber_str2bv( "(?=undefined)", STRLENOF( "(?=undefined)" ), 1, fstr );
break;
default:
ber_str2bv( "(?=error)", STRLENOF( "(?=error)" ), 1, fstr );
break;
}
break;
default:
ber_str2bv( "(?=unknown)", sizeof("(?=unknown)")-1, 1, fstr );
ber_str2bv( "(?=unknown)", STRLENOF( "(?=unknown)" ), 1, fstr );
break;
}
return 0;
}
int
ldap_back_filter_map_rewrite(
dncookie *dc,
Filter *f,
struct berval *fstr,
int remap )
{
int rc;
dncookie fdc;
struct berval ftmp;
rc = ldap_back_int_filter_map_rewrite( dc, f, fstr, remap );
#ifdef ENABLE_REWRITE
if ( rc != LDAP_SUCCESS ) {
return rc;
}
fdc = *dc;
ftmp = *fstr;
fdc.ctx = "searchFilter";
switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
fdc.conn, &fstr->bv_val ) )
{
case REWRITE_REGEXEC_OK:
if ( !BER_BVISNULL( fstr ) ) {
fstr->bv_len = strlen( fstr->bv_val );
} else {
*fstr = ftmp;
}
Debug( LDAP_DEBUG_ARGS,
"[rw] %s: \"%s\" -> \"%s\"\n",
fdc.ctx, ftmp.bv_val, fstr->bv_val );
rc = LDAP_SUCCESS;
break;
case REWRITE_REGEXEC_UNWILLING:
if ( fdc.rs ) {
fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
fdc.rs->sr_text = "Operation not allowed";
}
rc = LDAP_UNWILLING_TO_PERFORM;
break;
case REWRITE_REGEXEC_ERR:
if ( fdc.rs ) {
fdc.rs->sr_err = LDAP_OTHER;
fdc.rs->sr_text = "Rewrite error";
}
rc = LDAP_OTHER;
break;
}
#endif /* ENABLE_REWRITE */
return rc;
}
int
ldap_back_referral_result_rewrite(
dncookie *dc,
BerVarray a_vals
)
{
int i, last;
assert( dc );
assert( a_vals );
for ( last = 0; !BER_BVISNULL( &a_vals[ last ] ); last++ )
;
last--;
for ( i = 0; !BER_BVISNULL( &a_vals[ i ] ); i++ ) {
struct berval dn, olddn;
int rc;
LDAPURLDesc *ludp;
rc = ldap_url_parse( a_vals[ i ].bv_val, &ludp );
if ( rc != LDAP_URL_SUCCESS ) {
/* leave attr untouched if massage failed */
continue;
}
ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
rc = ldap_back_dn_massage( dc, &olddn, &dn );
switch ( rc ) {
case LDAP_UNWILLING_TO_PERFORM:
/*
* FIXME: need to check if it may be considered
* legal to trim values when adding/modifying;
* it should be when searching (e.g. ACLs).
*/
LBER_FREE( a_vals[ i ].bv_val );
if ( last > i ) {
a_vals[ i ] = a_vals[ last ];
}
BER_BVZERO( &a_vals[ last ] );
last--;
i--;
break;
default:
/* leave attr untouched if massage failed */
if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val )
{
char *newurl;
ludp->lud_dn = dn.bv_val;
newurl = ldap_url_desc2str( ludp );
if ( newurl == NULL ) {
/* FIXME: leave attr untouched
* even if ldap_url_desc2str failed... */
break;
}
LBER_FREE( a_vals[ i ].bv_val );
ber_str2bv( newurl, 0, 1, &a_vals[ i ] );
LDAP_FREE( newurl );
ludp->lud_dn = olddn.bv_val;
}
break;
}
ldap_free_urldesc( ludp );
}
return 0;
}
/*
* I don't like this much, but we need two different
* functions because different heap managers may be
@ -558,12 +695,11 @@ ldap_dnattr_result_rewrite(
* legal to trim values when adding/modifying;
* it should be when searching (e.g. ACLs).
*/
LBER_FREE( &a_vals[i].bv_val );
LBER_FREE( a_vals[i].bv_val );
if ( last > i ) {
a_vals[i] = a_vals[last];
}
a_vals[last].bv_val = NULL;
a_vals[last].bv_len = 0;
BER_BVZERO( &a_vals[last] );
last--;
break;

14
servers/slapd/back-meta/modrdn.c
View file

@ -33,18 +33,6 @@
int
meta_back_modrdn( Operation *op, SlapReply *rs )
/*
Backend *be,
Connection *conn,
Operation *op,
struct berval *dn,
struct berval *ndn,
struct berval *newrdn,
struct berval *nnewrdn,
int deleteoldrdn,
struct berval *newSuperior,
struct berval *nnewSuperior
) */
{
struct metainfo *li = ( struct metainfo * )op->o_bd->be_private;
struct metaconn *lc;
@ -75,7 +63,7 @@ meta_back_modrdn( Operation *op, SlapReply *rs )
int nsCandidate, version = LDAP_VERSION3;
nsCandidate = meta_back_select_unique_candidate( li,
op->oq_modrdn.rs_newSup );
op->oq_modrdn.rs_nnewSup );
if ( nsCandidate != candidate ) {
/*

37
servers/slapd/back-meta/search.c
View file

@ -380,11 +380,6 @@ new_candidate:;
char **references = NULL;
int cnt;
/*
* FIXME: should we collect references
* and send them alltogether at the end?
*/
rc = ldap_parse_reference( lsc->ld, res,
&references, &rs->sr_ctrls, 1 );
res = NULL;
@ -397,24 +392,35 @@ new_candidate:;
continue;
}
#ifdef ENABLE_REWRITE
dc.ctx = "referralDN";
#else /* ! ENABLE_REWRITE */
dc.tofrom = 0;
dc.normalized = 0;
#endif /* ! ENABLE_REWRITE */
for ( cnt = 0; references[ cnt ]; cnt++ )
/* NO OP */ ;
rs->sr_ref = ch_calloc( cnt + 1, sizeof( struct berval ) );
;
rs->sr_ref = ch_calloc( sizeof( struct berval ), cnt + 1 );
for ( cnt = 0; references[ cnt ]; cnt++ ) {
rs->sr_ref[ cnt ].bv_val = references[ cnt ];
rs->sr_ref[ cnt ].bv_len = strlen( references[ cnt ] );
ber_str2bv( references[ cnt ], 0, 1, &rs->sr_ref[ cnt ] );
}
BER_BVZERO( &rs->sr_ref[ cnt ] );
/* ignore return value by now */
( void )send_search_reference( op, rs );
( void )ldap_back_referral_result_rewrite( &dc, rs->sr_ref );
if ( rs->sr_ref != NULL && !BER_BVISNULL( &rs->sr_ref[ 0 ] ) ) {
/* ignore return value by now */
( void )send_search_reference( op, rs );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
}
/* cleanup */
if ( references ) {
ldap_value_free( references );
ch_free( rs->sr_ref );
rs->sr_ref = NULL;
}
if ( rs->sr_ctrls ) {
@ -677,6 +683,9 @@ meta_send_entry(
} else if ( attr->a_desc->ad_type->sat_syntax ==
slap_schema.si_syn_distinguishedName ) {
ldap_dnattr_result_rewrite( &dc, attr->a_vals );
} else if ( attr->a_desc == slap_schema.si_ad_ref ) {
ldap_back_referral_result_rewrite( &dc, attr->a_vals );
}
if ( last && attr->a_desc->ad_type->sat_equality &&

8
servers/slapd/controls.c
View file

@ -1040,7 +1040,9 @@ static int parsePreRead (
an[i].an_oc_exclude = 0;
rc = slap_bv2ad( &an[i].an_name, &an[i].an_desc, &dummy );
if ( rc != LDAP_SUCCESS && ctrl->ldctl_iscritical ) {
rs->sr_text = dummy ? dummy : "postread control: unknown attributeType";
rs->sr_text = dummy
? dummy
: "postread control: unknown attributeType";
return rc;
}
}
@ -1096,7 +1098,9 @@ static int parsePostRead (
an[i].an_oc_exclude = 0;
rc = slap_bv2ad( &an[i].an_name, &an[i].an_desc, &dummy );
if ( rc != LDAP_SUCCESS && ctrl->ldctl_iscritical ) {
rs->sr_text = dummy ? dummy : "postread control: unknown attributeType";
rs->sr_text = dummy
? dummy
: "postread control: unknown attributeType";
return rc;
}
}

26
servers/slapd/overlays/rwm.c
View file

@ -263,14 +263,22 @@ rwm_op_compare( Operation *op, SlapReply *rs )
mapped_at = op->orc_ava->aa_desc->ad_cname;
} else {
rwm_map( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
&mapped_at, RWM_MAP );
if ( BER_BVISNULL( &mapped_at ) || BER_BVISEMPTY( &mapped_at ) )
{
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
return -1;
struct ldapmapping *mapping = NULL;
AttributeDescription *ad = op->orc_ava->aa_desc;
( void )rwm_mapping( &rwmap->rwm_at, &op->orc_ava->aa_desc->ad_cname,
&mapping, RWM_MAP );
if ( mapping == NULL ) {
if ( rwmap->rwm_at.drop_missing ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
send_ldap_error( op, rs, LDAP_OTHER, "compare attributeType map error" );
return -1;
}
} else {
ad = mapping->m_dst_ad;
}
if ( op->orc_ava->aa_desc->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName )
{
struct berval *mapped_valsp[2];
@ -295,6 +303,7 @@ rwm_op_compare( Operation *op, SlapReply *rs )
op->orc_ava->aa_value = mapped_vals[0];
}
op->orc_ava->aa_desc = ad;
}
return SLAP_CB_CONTINUE;
@ -515,7 +524,8 @@ rwm_op_modrdn( Operation *op, SlapReply *rs )
return -1;
}
/* TODO: rewrite attribute types, values of DN-valued attributes ... */
/* TODO: rewrite newRDN, attribute types,
* values of DN-valued attributes ... */
return SLAP_CB_CONTINUE;
}

12
servers/slapd/overlays/rwmmap.c
View file

@ -136,7 +136,7 @@ rwm_map( struct ldapmap *map, struct berval *s, struct berval *bv, int remap )
struct ldapmapping *mapping;
BER_BVZERO( bv );
rwm_mapping( map, s, &mapping, remap );
( void )rwm_mapping( map, s, &mapping, remap );
if ( mapping != NULL ) {
if ( !BER_BVISNULL( &mapping->m_dst ) ) {
*bv = mapping->m_dst;
@ -702,7 +702,8 @@ rwm_filter_map_rewrite(
switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
fdc.conn, &fstr->bv_val )) {
fdc.conn, &fstr->bv_val ) )
{
case REWRITE_REGEXEC_OK:
if ( !BER_BVISNULL( fstr ) ) {
fstr->bv_len = strlen( fstr->bv_val );
@ -714,7 +715,7 @@ rwm_filter_map_rewrite(
Debug( LDAP_DEBUG_ARGS,
"[rw] %s: \"%s\" -> \"%s\"\n",
dc->ctx, ftmp.bv_val, fstr->bv_val );
fdc.ctx, ftmp.bv_val, fstr->bv_val );
rc = LDAP_SUCCESS;
break;
@ -1031,12 +1032,13 @@ rwm_referral_result_rewrite(
* legal to trim values when adding/modifying;
* it should be when searching (e.g. ACLs).
*/
ch_free( &a_vals[i].bv_val );
ch_free( a_vals[i].bv_val );
if ( last > i ) {
a_vals[i] = a_vals[last];
}
BER_BVZERO( &a_vals[last] );
last--;
i--;
break;
default:
@ -1089,7 +1091,7 @@ rwm_dnattr_result_rewrite(
* legal to trim values when adding/modifying;
* it should be when searching (e.g. ACLs).
*/
ch_free( &a_vals[i].bv_val );
ch_free( a_vals[i].bv_val );
if ( last > i ) {
a_vals[i] = a_vals[last];
}

3
servers/slapd/search.c
View file

@ -164,7 +164,8 @@ do_search(
op->ors_attrs[i].an_desc = NULL;
op->ors_attrs[i].an_oc = NULL;
op->ors_attrs[i].an_oc_exclude = 0;
slap_bv2ad(&op->ors_attrs[i].an_name, &op->ors_attrs[i].an_desc, &dummy);
slap_bv2ad(&op->ors_attrs[i].an_name,
&op->ors_attrs[i].an_desc, &dummy);
}
if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {

2544
tests/data/proxymassage.out
View file

File diff suppressed because it is too large Load diff

36
tests/data/relay.out
View file

@ -1965,6 +1965,7 @@ dn: cn=Jane Q. Doe,ou=Information Technology Division,ou=People,o=Beispiel,c=D
objectClass: OpenLDAPperson
cn: Jane Alverson
cn: Jane Q. Doe
cn: Jane Qissapaolo Doe
sn: Doe
uid: jdoe
title: Programmer Analyst, UM Alumni Association
@ -2053,7 +2054,7 @@ mail: auser@mail.alumni.example.com
telephoneNumber: +49 1234-567-890
description: Just added in o=Beispiel,c=DE naming context
# refldap://ldap.example.com/ou=Referrals,o=Beispiel,c=DE??sub
# refldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE??sub
# searching base="o=Esempio,c=IT"...
dn: o=Esempio,c=IT
@ -2377,6 +2378,7 @@ dn: cn=Jane Q. Doe,ou=Information Technology Division,ou=People,o=Esempio,c=IT
objectClass: OpenLDAPperson
cn: Jane Alverson
cn: Jane Q. Doe
cn: Jane Qissapaolo Doe
sn: Doe
uid: jdoe
title: Programmer Analyst, UM Alumni Association
@ -2464,28 +2466,30 @@ mail: auser@mail.alumni.example.com
telephoneNumber: +49 1234-567-890
description: Just added in o=Beispiel,c=DE naming context
# refldap://ldap.example.com/ou=Referrals,o=Beispiel,c=DE??sub
# refldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE??sub
# searching filter="(objectClass=referral)"
# attrs="'*' ref"
# base="dc=example,dc=com"...
dn: ou=Referrals,dc=example,dc=com
objectClass: referral
objectClass: extensibleObject
ou: Referrals
description: Just added as ldap://localhost.localdomain/ou=Referrals,o=Beispie
l,c=DE
description: ...and modified as ldap://ldap.example.com/ou=Referrals,o=Beispie
l,c=DE
ref: ldap://ldap.example.com/ou=Referrals,o=Beispiel,c=DE
description: Just added as ldap://localhost.localdomain:389/ou=Referrals,o=Bei
spiel,c=DE
description: ...and modified as ldap://ldap.example.com:389/ou=Referrals,o=Bei
spiel,c=DE
ref: ldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE
# base="o=Example,c=US"...
dn: ou=Referrals,o=Example,c=US
objectClass: referral
objectClass: extensibleObject
ou: Referrals
description: Just added as ldap://localhost.localdomain/ou=Referrals,o=Beispie
l,c=DE
description: ...and modified as ldap://ldap.example.com/ou=Referrals,o=Beispie
l,c=DE
description: Just added as ldap://localhost.localdomain:389/ou=Referrals,o=Bei
spiel,c=DE
description: ...and modified as ldap://ldap.example.com:389/ou=Referrals,o=Bei
spiel,c=DE
ref: ldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE??base
# base="o=Esempio,c=IT"...
@ -2493,10 +2497,10 @@ dn: ou=Referrals,o=Esempio,c=IT
objectClass: referral
objectClass: extensibleObject
ou: Referrals
description: Just added as ldap://localhost.localdomain/ou=Referrals,o=Beispie
l,c=DE
description: ...and modified as ldap://ldap.example.com/ou=Referrals,o=Beispie
l,c=DE
description: Just added as ldap://localhost.localdomain:389/ou=Referrals,o=Bei
spiel,c=DE
description: ...and modified as ldap://ldap.example.com:389/ou=Referrals,o=Bei
spiel,c=DE
ref: ldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE??base
# searching filter="(seeAlso=cn=all staff,ou=Groups,o=Example,c=US)"
@ -2536,5 +2540,5 @@ seeAlso: cn=Ursula Hampster,ou=Alumni Association,ou=People,o=Example,c=US
dn: cn=Added User,ou=Alumni Association,ou=People,o=Example,c=US
seeAlso: cn=All Staff,ou=Groups,o=Example,c=US
# refldap://ldap.example.com/ou=Referrals,o=Beispiel,c=DE??sub
# refldap://ldap.example.com:389/ou=Referrals,o=Beispiel,c=DE??sub

63
tests/data/slapd-proxymassage.conf
View file

@ -1,63 +0,0 @@
# master slapd config -- for testing
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2004 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/openldap.schema
include ./schema/nis.schema
include ./schema/ppolicy.schema
pidfile ./test-db/slapd.pid
argsfile ./test-db/slapd.args
#mod#modulepath ../servers/slapd/back-@BACKEND@/
#mod#moduleload back_@BACKEND@.la
#ldapmod#modulepath ../servers/slapd/back-ldap/
#ldapmod#moduleload back_ldap.la
#monitormod#modulepath ../servers/slapd/back-monitor/
#monitormod#moduleload back_monitor.la
#rwmmod#modulepath ../servers/slapd/overlays/
#rwmmod#moduleload rwm.la
#######################################################################
# database definitions
#######################################################################
database @BACKEND@
suffix "dc=example,dc=com"
directory ./testrun/db.1.a
rootdn "cn=Manager,dc=example,dc=com"
rootpw secret
index objectClass eq
database ldap
suffix "o=Example,c=US"
uri "@URI1@"
overlay rwm
rwm-suffixmassage "dc=example,dc=com"
database ldap
suffix "o=Esempio,c=IT"
uri "@URI1@"
overlay rwm
rwm-suffixmassage "dc=example,dc=com"
database ldap
suffix "o=Beispiel,c=DE"
uri "@URI1@"
overlay rwm
rwm-suffixmassage "dc=example,dc=com"
#monitor#database monitor

43
tests/data/slapd-relay.conf
View file

@ -26,6 +26,10 @@ argsfile ./test-db/slapd.args
#mod#moduleload back_@BACKEND@.la
#relaymod#modulepath ../servers/slapd/back-relay/
#relaymod#moduleload back_relay.la
#ldapmod#modulepath ../servers/slapd/back-ldap/
#ldapmod#moduleload back_ldap.la
#metamod#modulepath ../servers/slapd/back-meta/
#metamod#moduleload back_meta.la
#monitormod#modulepath ../servers/slapd/back-monitor/
#monitormod#moduleload back_monitor.la
#rwmmod#modulepath ../servers/slapd/overlays/
@ -42,20 +46,39 @@ rootdn "cn=Manager,dc=example,dc=com"
rootpw secret
index objectClass eq
database relay
database @RELAY@
suffix "o=Example,c=US"
relay "dc=example,dc=com" massage
### back-relay can automatically instantiate the rwm overlay
#relay#relay "dc=example,dc=com" massage
### back-ldap needs explicit instantiation of the rwm overlay
#ldap#uri "@URI1@"
#ldap#overlay rwm
#ldap#rwm-suffixmassage "dc=example,dc=com"
#meta#uri "@URI1@o=Example,c=US"
#meta#suffixmassage "o=Example,c=US" "dc=example,dc=com"
database relay
database @RELAY@
suffix "o=Esempio,c=IT"
# relay "dc=example,dc=com" massage
# use this alternate form, which causes the target database
# to be selected after DN massaging
overlay rwm
rwm-suffixmassage "o=Esempio,c=IT" "dc=example,dc=com"
### use this alternate form of back-relay, without the "relay" directive,
### which causes the target database to be selected after DN massaging
#relay#overlay rwm
#relay#rwm-suffixmassage "dc=example,dc=com"
### back-ldap needs URI
#ldap#uri "@URI1@"
#ldap#overlay rwm
#ldap#rwm-suffixmassage "dc=example,dc=com"
#meta#uri "@URI1@o=Esempio,c=IT"
#meta#suffixmassage "o=Esempio,c=IT" "dc=example,dc=com"
database relay
database @RELAY@
suffix "o=Beispiel,c=DE"
relay "dc=example,dc=com" massage
### back-relay can automatically instantiate the rwm overlay
#relay#relay "dc=example,dc=com" massage
### back-ldap needs explicit instantiation of the rwm overlay
#ldap#uri "@URI1@"
#ldap#overlay rwm
#ldap#rwm-suffixmassage "dc=example,dc=com"
#meta#uri "@URI1@o=Beispiel,c=DE"
#meta#suffixmassage "o=Beispiel,c=DE" "dc=example,dc=com"
#monitor#database monitor

3
tests/run.in
View file

@ -27,6 +27,7 @@ AC_bdb=@BUILD_BDB@
AC_hdb=@BUILD_HDB@
AC_ldap=ldap@BUILD_LDAP@
AC_ldbm=@BUILD_LDBM@
AC_meta=meta@BUILD_META@
AC_monitor=@BUILD_MONITOR@
AC_relay=relay@BUILD_RELAY@
AC_sql=sql@BUILD_SQL@
@ -45,7 +46,7 @@ AC_WITH_SASL=@WITH_SASL@
AC_WITH_TLS=@WITH_TLS@
AC_WITH_MODULES_ENABLED=@WITH_MODULES_ENABLED@
export AC_bdb AC_hdb AC_ldap AC_ldbm AC_monitor AC_relay AC_sql
export AC_bdb AC_hdb AC_ldap AC_ldbm AC_meta AC_monitor AC_relay AC_sql
export AC_glue AC_pcache AC_ppolicy AC_refint AC_unique AC_rwm AC_syncprov
export AC_WITH_SASL AC_WITH_TLS AC_WITH_MODULES_ENABLED

3
tests/scripts/conf.sh
View file

@ -34,8 +34,11 @@ else
fi
sed -e "s/@BACKEND@/${BACKEND}/" \
-e "s/^#${BACKEND}#//" \
-e "s/@RELAY@/${RELAY}/" \
-e "s/^#${RELAY}#//" \
-e "s/^#${BACKENDTYPE}#//" \
-e "s/^#${AC_ldap}#//" \
-e "s/^#${AC_meta}#//" \
-e "s/^#${AC_relay}#//" \
-e "s/^#${AC_sql}#//" \
-e "s/^#${RDBMS}#//" \

3
tests/scripts/defines.sh
View file

@ -15,6 +15,7 @@
MONITORDB=${AC_monitor-no}
BACKLDAP=${AC_ldap-ldapno}
BACKMETA=${AC_meta-metano}
BACKRELAY=${AC_relay-relayno}
BACKSQL=${AC_sql-sqlno}
RDBMS=${SLAPD_USE_SQL-rdbmsno}
@ -76,7 +77,6 @@ LDAPGLUECONF1=$DATADIR/slapd-ldapglue.conf
LDAPGLUECONF2=$DATADIR/slapd-ldapgluepeople.conf
LDAPGLUECONF3=$DATADIR/slapd-ldapgluegroups.conf
RWMCONF=$DATADIR/slapd-relay.conf
PROXYMASSAGECONF=$DATADIR/slapd-proxymassage.conf
SQLCONF=$DATADIR/slapd-sql.conf
CONF1=$TESTDIR/slapd.1.conf
@ -230,7 +230,6 @@ IDASSERTOUT=$DATADIR/idassert.out
LDAPGLUEOUT=$DATADIR/ldapglue.out
LDAPGLUEANONYMOUSOUT=$DATADIR/ldapglueanonymous.out
RELAYOUT=$DATADIR/relay.out
PROXYMASSAGEOUT=$DATADIR/proxymassage.out
SQLREAD=$DATADIR/sql-read.out
SQLWRITE=$DATADIR/sql-write.out

52
tests/scripts/test032-proxymassage → tests/scripts/relay
View file

@ -13,23 +13,11 @@
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
if test $RWM = rwmno ; then
echo "Rewrite/remap overlay not available, test skipped"
exit 0
fi
if test $BACKLDAP = "ldapno" ; then
echo "LDAP backend not available, test skipped"
exit 0
fi
mkdir -p $TESTDIR $DBDIR1
echo "Testing virtual naming context mapping with $RELAY backend..."
echo ""
echo "Starting slapd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND $MONITORDB < $PROXYMASSAGECONF > $CONF1
. $CONFFILTER $BACKEND $MONITORDB < $RWMCONF > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
@ -118,7 +106,7 @@ fi
BASEDN="o=Beispiel,c=DE"
echo "modifying database \"$BASEDN\"..."
$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
-e manageDSAit >> $TESTOUT 2>&1 << EOMODS
-M >> $TESTOUT 2>&1 << EOMODS
dn: cn=Added User,ou=Alumni Association,ou=People,$BASEDN
changetype: add
objectClass: OpenLDAPperson
@ -172,13 +160,14 @@ description: Just added as ldap://localhost.localdomain:389/ou=Referrals,$BASEDN
dn: ou=Referrals,$BASEDN
changetype: modify
replace: ref
ref: ldap://ldap.example.com:389/ou=Referrals,${BASEDN}
ref: ldap://ldap.example.com:389/ou=Referrals,$BASEDN
-
add: description
description: ...and modified as ldap://ldap.example.com:389/ou=Referrals,${BASEDN}
description: ...and modified as ldap://ldap.example.com:389/ou=Referrals,$BASEDN
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "Modify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
@ -186,7 +175,7 @@ if test $RC != 0 ; then
fi
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
@ -197,7 +186,7 @@ fi
BASEDN="o=Esempio,c=IT"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
@ -215,8 +204,8 @@ echo "# attrs=\"'*' ref\"" >> $SEARCHOUT
BASEDN="dc=example,dc=com"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" -M "$FILTER" "*" ref \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
@ -227,8 +216,8 @@ fi
BASEDN="o=Example,c=US"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" -M "$FILTER" "*" ref \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
@ -239,8 +228,8 @@ fi
BASEDN="o=Esempio,c=IT"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" -M "$FILTER" "*" ref \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
@ -268,12 +257,12 @@ fi
echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
. $LDIFFILTER < $PROXYMASSAGEOUT > $LDIFFLT
. $LDIFFILTER < $RELAYOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - back-ldap search/modification didn't succeed"
echo "comparison failed - relay search/modification didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
@ -281,8 +270,8 @@ fi
BASEDN="o=Example,c=US"
echo "changing password to database \"$BASEDN\"..."
$LDAPPASSWD -h $LOCALHOST -p $PORT1 -D "cn=Manager,$BASEDN" -w $PASSWD \
"cn=Added User,ou=Alumni Association,ou=People,$BASEDN" \
-s $PASSWD >> $TESTOUT 2>&1
-s $PASSWD "cn=Added User,ou=Alumni Association,ou=People,$BASEDN" \
>> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Passwd ExOp failed ($RC)!"
@ -316,6 +305,3 @@ fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
exit 0

6
tests/scripts/test020-proxycache
View file

@ -99,6 +99,12 @@ for i in 0 1 2 3 4 5; do
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Making queries on the proxy cache..."
echo "Query 1: filter:(sn=Jon) attrs: all"
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \

325
tests/scripts/test030-relay
View file

@ -16,297 +16,56 @@
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
if test $BACKRELAY = relayno ; then
echo "relay backend not available, test skipped"
exit 0
fi
if test $RWM = rwmno ; then
echo "Rewrite/remap overlay not available, test skipped"
exit 0
fi
mkdir -p $TESTDIR $DBDIR1
echo ""
echo "Starting slapd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND $MONITORDB < $RWMCONF > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$PID"
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
if test "x$RELAYS" = "x" ; then
RELAYS=
# back-relay
if test $BACKRELAY = relayno ; then
echo "relay backend not available, test skipped"
else
RELAYS="${RELAYS}relay "
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
# back-ldap
if test $BACKLDAP = ldapno ; then
echo "ldap backend not available, test skipped"
else
RELAYS="${RELAYS}ldap "
fi
# back-meta
if test $BACKMETA = metano ; then
echo "meta backend not available, test skipped"
else
RELAYS="${RELAYS}meta "
fi
fi
echo "Using $RELAYS..."
echo ""
first=1
for RELAY in $RELAYS ; do
if test $first = 1 ; then
first=0
else
echo ">>>>> waiting 10 seconds for things to exit"
sleep 10
echo ""
rm -rf $TESTDIR
fi
mkdir -p $TESTDIR $DBDIR1
. $SRCDIR/scripts/relay
done
if test $RC != 0 ; then
echo "ldapsearch failed $(RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Using ldapadd to populate the database..."
$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
$LDIFORDERED > $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
cat /dev/null > $SEARCHOUT
BASEDN="dc=example,dc=com"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Example,c=US"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Esempio,c=IT"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Beispiel,c=DE"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
#
# Do some modifications
#
BASEDN="o=Beispiel,c=DE"
echo "modifying database \"$BASEDN\"..."
$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
-e manageDSAit >> $TESTOUT 2>&1 << EOMODS
dn: cn=Added User,ou=Alumni Association,ou=People,$BASEDN
changetype: add
objectClass: OpenLDAPperson
cn: Added User
sn: User
uid: auser
seealso: cn=All Staff,ou=Groups,$BASEDN
homephone: +49 1234567890
drink: Beer
mail: auser@mail.alumni.example.com
telephonenumber: +49 1234-567-890
description: Just added in o=Beispiel,c=DE naming context
dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
changetype: modify
add: seeAlso
seeAlso: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
-
add: description
description: Just added self to seeAlso in $BASEDN virtual naming context
-
dn: cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN
changetype: delete
dn: cn=John Doe,ou=Information Technology Division,ou=People,$BASEDN
changetype: modrdn
newrdn: cn=John P. Doe
deleteoldrdn: 1
dn: cn=Jane Doe,ou=Alumni Association,ou=People,$BASEDN
changetype: modrdn
newrdn: cn=Jane Q. Doe
deleteoldrdn: 1
newsuperior: ou=Information Technology Division,ou=People,$BASEDN
dn: ou=Referrals,$BASEDN
changetype: add
objectclass: referral
objectclass: extensibleObject
ou: Referrals
ref: ldap://localhost.localdomain/ou=Referrals,$BASEDN
description: Just added as ldap://localhost.localdomain/ou=Referrals,$BASEDN
dn: ou=Referrals,$BASEDN
changetype: modify
replace: ref
ref: ldap://ldap.example.com/ou=Referrals,$BASEDN
-
add: description
description: ...and modified as ldap://ldap.example.com/ou=Referrals,$BASEDN
-
EOMODS
if test $RC != 0 ; then
echo "Modify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Esempio,c=IT"
echo "searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
FILTER="(objectClass=referral)"
echo "searching filter=\"$FILTER\""
echo " attrs=\"'*' ref\""
BASEDN="dc=example,dc=com"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Example,c=US"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Esempio,c=IT"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" "*" ref \
-e manageDSAit >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Example,c=US"
FILTER="(seeAlso=cn=all staff,ou=Groups,$BASEDN)"
echo "searching filter=\"$FILTER\""
echo " attrs=\"seeAlso\""
echo " base=\"$BASEDN\"..."
echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
echo "# attrs=\"seeAlso\"" >> $SEARCHOUT
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" "$FILTER" seeAlso \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
. $LDIFFILTER < $RELAYOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - relay search/modification didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
BASEDN="o=Example,c=US"
echo "changing password to database \"$BASEDN\"..."
$LDAPPASSWD -h $LOCALHOST -p $PORT1 -D "cn=Manager,$BASEDN" -w $PASSWD \
"cn=Added User,ou=Alumni Association,ou=People,$BASEDN" \
-s $PASSWD >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Passwd ExOp failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Beispiel,c=DE"
echo "binding with newly changed password to database \"$BASEDN\"..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 \
-D "cn=Added User,ou=Alumni Association,ou=People,$BASEDN" \
-w $PASSWD >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "WhoAmI failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
BASEDN="o=Esempio,c=IT"
echo "comparing to database \"$BASEDN\"..."
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
"cn=Added User,ou=Alumni Association,ou=People,$BASEDN" \
"seeAlso:cn=All Staff,ou=Groups,$BASEDN" >> $TESTOUT 2>&1
RC=$?
if test $RC != 6 ; then
echo "Compare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
exit 0