mirror of
https://git.openldap.org/openldap/openldap.git
synced 2026-02-03 20:40:05 -05:00
Dynamic control management
This commit is contained in:
Howard Chu
parent
2590e26bc7
commit
47dd8d8732
16 changed files with 217 additions and 161 deletions
|
|
@ -737,12 +737,12 @@ bdb_do_search( Operation *op, SlapReply *rs, Operation *sop,
|
|||
|
||||
/* Sync control overrides manageDSAit */
|
||||
if ( !IS_PSEARCH && sop->o_sync_mode & SLAP_SYNC_REFRESH ) {
|
||||
if ( manageDSAit == SLAP_NO_CONTROL ) {
|
||||
manageDSAit = SLAP_CRITICAL_CONTROL;
|
||||
if ( manageDSAit == SLAP_CONTROL_NONE ) {
|
||||
manageDSAit = SLAP_CONTROL_CRITICAL;
|
||||
}
|
||||
} else if ( IS_PSEARCH ) {
|
||||
if ( manageDSAit == SLAP_NO_CONTROL ) {
|
||||
manageDSAit = SLAP_CRITICAL_CONTROL;
|
||||
if ( manageDSAit == SLAP_CONTROL_NONE ) {
|
||||
manageDSAit = SLAP_CONTROL_CRITICAL;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1000,7 +1000,8 @@ dn2entry_retry:
|
|||
tentries = BDB_IDL_N(candidates);
|
||||
}
|
||||
|
||||
if ( get_pagedresults( sop ) > SLAP_NO_CONTROL ) {
|
||||
if ( get_pagedresults( sop ) > SLAP_CONTROL_IGNORED ) {
|
||||
PagedResultsState *ps = sop->o_pagedresults_state;
|
||||
/* deferred cookie parsing */
|
||||
rs->sr_err = parse_paged_cookie( sop, rs );
|
||||
if ( rs->sr_err != LDAP_SUCCESS ) {
|
||||
|
|
@ -1008,11 +1009,11 @@ dn2entry_retry:
|
|||
goto done;
|
||||
}
|
||||
|
||||
if ( (ID)( sop->o_pagedresults_state.ps_cookie ) == 0 ) {
|
||||
if ( (ID)( ps->ps_cookie ) == 0 ) {
|
||||
id = bdb_idl_first( candidates, &cursor );
|
||||
|
||||
} else {
|
||||
if ( sop->o_pagedresults_size == 0 ) {
|
||||
if ( ps->ps_size == 0 ) {
|
||||
rs->sr_err = LDAP_SUCCESS;
|
||||
rs->sr_text = "search abandoned by pagedResult size=0";
|
||||
send_ldap_result( sop, rs );
|
||||
|
|
@ -1020,7 +1021,7 @@ dn2entry_retry:
|
|||
}
|
||||
for ( id = bdb_idl_first( candidates, &cursor );
|
||||
id != NOID &&
|
||||
id <= (ID)( sop->o_pagedresults_state.ps_cookie );
|
||||
id <= (ID)( ps->ps_cookie );
|
||||
id = bdb_idl_next( candidates, &cursor ) )
|
||||
{
|
||||
/* empty */;
|
||||
|
|
@ -1427,8 +1428,8 @@ id2entry_retry:
|
|||
goto done;
|
||||
}
|
||||
|
||||
if ( get_pagedresults(sop) > SLAP_NO_CONTROL ) {
|
||||
if ( rs->sr_nentries >= sop->o_pagedresults_size ) {
|
||||
if ( get_pagedresults(sop) > SLAP_CONTROL_IGNORED ) {
|
||||
if ( rs->sr_nentries >= ((PagedResultsState *)sop->o_pagedresults_state)->ps_size ) {
|
||||
send_paged_response( sop, rs, &lastid, tentries );
|
||||
goto done;
|
||||
}
|
||||
|
|
@ -1766,7 +1767,7 @@ nochange:
|
|||
rs->sr_ref = rs->sr_v2ref;
|
||||
rs->sr_err = (rs->sr_v2ref == NULL) ? LDAP_SUCCESS : LDAP_REFERRAL;
|
||||
rs->sr_rspoid = NULL;
|
||||
if ( get_pagedresults(sop) > SLAP_NO_CONTROL ) {
|
||||
if ( get_pagedresults(sop) > SLAP_CONTROL_IGNORED ) {
|
||||
send_paged_response( sop, rs, NULL, 0 );
|
||||
} else {
|
||||
send_ldap_result( sop, rs );
|
||||
|
|
@ -2007,11 +2008,12 @@ parse_paged_cookie( Operation *op, SlapReply *rs )
|
|||
ber_int_t size;
|
||||
BerElement *ber;
|
||||
struct berval cookie = BER_BVNULL;
|
||||
PagedResultsState *ps = op->o_pagedresults_state;
|
||||
|
||||
/* this function must be invoked only if the pagedResults
|
||||
* control has been detected, parsed and partially checked
|
||||
* by the frontend */
|
||||
assert( get_pagedresults( op ) > SLAP_NO_CONTROL );
|
||||
assert( get_pagedresults( op ) > SLAP_CONTROL_IGNORED );
|
||||
|
||||
/* look for the appropriate ctrl structure */
|
||||
for ( c = op->o_ctrls; c[0] != NULL; c++ ) {
|
||||
|
|
@ -2061,13 +2063,13 @@ parse_paged_cookie( Operation *op, SlapReply *rs )
|
|||
|
||||
AC_MEMCPY( &reqcookie, cookie.bv_val, sizeof( reqcookie ));
|
||||
|
||||
if ( reqcookie > op->o_pagedresults_state.ps_cookie ) {
|
||||
if ( reqcookie > ps->ps_cookie ) {
|
||||
/* bad cookie */
|
||||
rs->sr_text = "paged results cookie is invalid";
|
||||
rc = LDAP_PROTOCOL_ERROR;
|
||||
goto done;
|
||||
|
||||
} else if ( reqcookie < op->o_pagedresults_state.ps_cookie ) {
|
||||
} else if ( reqcookie < ps->ps_cookie ) {
|
||||
rs->sr_text = "paged results cookie is invalid or old";
|
||||
rc = LDAP_UNWILLING_TO_PERFORM;
|
||||
goto done;
|
||||
|
|
@ -2085,8 +2087,8 @@ parse_paged_cookie( Operation *op, SlapReply *rs )
|
|||
goto done;
|
||||
}
|
||||
#endif
|
||||
op->o_pagedresults_state.ps_cookie = 0;
|
||||
op->o_pagedresults_state.ps_count = 0;
|
||||
ps->ps_cookie = 0;
|
||||
ps->ps_count = 0;
|
||||
}
|
||||
|
||||
done:;
|
||||
|
|
@ -2130,7 +2132,7 @@ send_paged_response(
|
|||
|
||||
op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
|
||||
op->o_conn->c_pagedresults_state.ps_count =
|
||||
op->o_pagedresults_state.ps_count + rs->sr_nentries;
|
||||
((PagedResultsState *)op->o_pagedresults_state)->ps_count + rs->sr_nentries;
|
||||
|
||||
/* return size of 0 -- no estimate */
|
||||
ber_printf( ber, "{iO}", 0, &cookie );
|
||||
|
|
|
|||
|
|
@ -231,7 +231,7 @@ fe_op_bind( Operation *op, SlapReply *rs )
|
|||
struct berval mech = op->orb_tmp_mech;
|
||||
|
||||
/* check for inappropriate controls */
|
||||
if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) {
|
||||
if( get_manageDSAit( op ) == SLAP_CONTROL_CRITICAL ) {
|
||||
send_ldap_error( op, rs,
|
||||
LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
|
||||
"manageDSAit control inappropriate" );
|
||||
|
|
|
|||
|
|
@ -1438,15 +1438,10 @@ connection_input(
|
|||
op = slap_op_alloc( ber, msgid, tag, conn->c_n_ops_received++ );
|
||||
|
||||
op->o_conn = conn;
|
||||
op->o_assertion = NULL;
|
||||
op->o_preread_attrs = NULL;
|
||||
op->o_postread_attrs = NULL;
|
||||
op->o_vrFilter = NULL;
|
||||
/* clear state if the connection is being reused from inactive */
|
||||
if ( conn->c_conn_state == SLAP_C_INACTIVE ) {
|
||||
memset( &conn->c_pagedresults_state, 0, sizeof( conn->c_pagedresults_state ) );
|
||||
}
|
||||
op->o_pagedresults_state = conn->c_pagedresults_state;
|
||||
|
||||
op->o_res_ber = NULL;
|
||||
|
||||
|
|
|
|||
|
|
@ -48,10 +48,15 @@ static SLAP_CTRL_PARSE_FN parseLDAPsync;
|
|||
const struct berval slap_pre_read_bv = BER_BVC(LDAP_CONTROL_PRE_READ);
|
||||
const struct berval slap_post_read_bv = BER_BVC(LDAP_CONTROL_POST_READ);
|
||||
|
||||
struct slap_control_ids slap_cids;
|
||||
|
||||
struct slap_control {
|
||||
/* Control OID */
|
||||
char *sc_oid;
|
||||
|
||||
/* The controlID for this control */
|
||||
int sc_cid;
|
||||
|
||||
/* Operations supported by control */
|
||||
slap_mask_t sc_mask;
|
||||
|
||||
|
|
@ -71,6 +76,7 @@ static LDAP_SLIST_HEAD(ControlsList, slap_control) controls_list
|
|||
* all known request control OIDs should be added to this list
|
||||
*/
|
||||
char **slap_known_controls = NULL;
|
||||
static int num_known_controls;
|
||||
|
||||
static char *proxy_authz_extops[] = {
|
||||
LDAP_EXOP_MODIFY_PASSWD,
|
||||
|
|
@ -79,64 +85,79 @@ static char *proxy_authz_extops[] = {
|
|||
};
|
||||
|
||||
static struct slap_control control_defs[] = {
|
||||
{ LDAP_CONTROL_ASSERT,
|
||||
{ LDAP_CONTROL_ASSERT,
|
||||
(int)offsetof(struct slap_control_ids, sc_assert),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_ACCESS, NULL,
|
||||
parseAssert, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_PRE_READ,
|
||||
(int)offsetof(struct slap_control_ids, sc_preRead),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_DELETE|SLAP_CTRL_MODIFY|SLAP_CTRL_RENAME, NULL,
|
||||
parsePreRead, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_POST_READ,
|
||||
(int)offsetof(struct slap_control_ids, sc_postRead),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_ADD|SLAP_CTRL_MODIFY|SLAP_CTRL_RENAME, NULL,
|
||||
parsePostRead, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_VALUESRETURNFILTER,
|
||||
(int)offsetof(struct slap_control_ids, sc_valuesReturnFilter),
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parseValuesReturnFilter, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_PAGEDRESULTS,
|
||||
(int)offsetof(struct slap_control_ids, sc_pagedResults),
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parsePagedResults, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
{ LDAP_CONTROL_X_DOMAIN_SCOPE,
|
||||
(int)offsetof(struct slap_control_ids, sc_domainScope),
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL,
|
||||
parseDomainScope, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
|
||||
{ LDAP_CONTROL_X_PERMISSIVE_MODIFY,
|
||||
(int)offsetof(struct slap_control_ids, sc_permissiveModify),
|
||||
SLAP_CTRL_MODIFY, NULL,
|
||||
parsePermissiveModify, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_X_TREE_DELETE
|
||||
{ LDAP_CONTROL_X_TREE_DELETE,
|
||||
(int)offsetof(struct slap_control_ids, sc_treeDelete),
|
||||
SLAP_CTRL_DELETE, NULL,
|
||||
parseTreeDelete, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
#ifdef LDAP_CONTORL_X_SEARCH_OPTIONS
|
||||
{ LDAP_CONTORL_X_SEARCH_OPTIONS,
|
||||
(int)offsetof(struct slap_control_ids, sc_searchOptions),
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL,
|
||||
parseSearchOptions, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_SUBENTRIES
|
||||
{ LDAP_CONTROL_SUBENTRIES,
|
||||
(int)offsetof(struct slap_control_ids, sc_subentries),
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parseSubentries, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
{ LDAP_CONTROL_NOOP,
|
||||
(int)offsetof(struct slap_control_ids, sc_noOp),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_ACCESS, NULL,
|
||||
parseNoOp, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_SYNC,
|
||||
(int)offsetof(struct slap_control_ids, sc_LDAPsync),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL,
|
||||
parseLDAPsync, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#ifdef LDAP_CONTROL_MODIFY_INCREMENT
|
||||
{ LDAP_CONTROL_MODIFY_INCREMENT,
|
||||
(int)offsetof(struct slap_control_ids, sc_modifyIncrement),
|
||||
SLAP_CTRL_HIDE|SLAP_CTRL_MODIFY, NULL,
|
||||
parseModifyIncrement, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
#endif
|
||||
{ LDAP_CONTROL_MANAGEDSAIT,
|
||||
(int)offsetof(struct slap_control_ids, sc_manageDSAit),
|
||||
SLAP_CTRL_ACCESS, NULL,
|
||||
parseManageDSAit, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ LDAP_CONTROL_PROXY_AUTHZ,
|
||||
(int)offsetof(struct slap_control_ids, sc_proxyAuthz),
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops,
|
||||
parseProxyAuthz, LDAP_SLIST_ENTRY_INITIALIZER(next) },
|
||||
{ NULL, 0, NULL, 0, LDAP_SLIST_ENTRY_INITIALIZER(next) }
|
||||
{ NULL, 0, 0, NULL, 0, LDAP_SLIST_ENTRY_INITIALIZER(next) }
|
||||
};
|
||||
|
||||
/*
|
||||
|
|
@ -149,10 +170,10 @@ int
|
|||
register_supported_control(const char *controloid,
|
||||
slap_mask_t controlmask,
|
||||
char **controlexops,
|
||||
SLAP_CTRL_PARSE_FN *controlparsefn)
|
||||
SLAP_CTRL_PARSE_FN *controlparsefn,
|
||||
int *controlcid)
|
||||
{
|
||||
struct slap_control *sc;
|
||||
int i;
|
||||
|
||||
if ( controloid == NULL ) return LDAP_PARAM_ERROR;
|
||||
|
||||
|
|
@ -182,18 +203,12 @@ register_supported_control(const char *controloid,
|
|||
ch_free( sc );
|
||||
return LDAP_NO_MEMORY;
|
||||
}
|
||||
slap_known_controls[0] = ch_strdup( sc->sc_oid );
|
||||
slap_known_controls[1] = NULL;
|
||||
|
||||
} else {
|
||||
char **new_known_controls;
|
||||
|
||||
for ( i = 0; slap_known_controls[i] != NULL; i++ ) {
|
||||
/* EMPTY */ ;
|
||||
}
|
||||
|
||||
new_known_controls = (char **)SLAP_REALLOC(
|
||||
slap_known_controls, (i + 2) * sizeof(char *) );
|
||||
slap_known_controls, (num_known_controls + 2) * sizeof(char *) );
|
||||
|
||||
if ( new_known_controls == NULL ) {
|
||||
if ( sc->sc_extendedops != NULL ) {
|
||||
|
|
@ -203,9 +218,11 @@ register_supported_control(const char *controloid,
|
|||
return LDAP_NO_MEMORY;
|
||||
}
|
||||
slap_known_controls = new_known_controls;
|
||||
slap_known_controls[i++] = ch_strdup( sc->sc_oid );
|
||||
slap_known_controls[i] = NULL;
|
||||
}
|
||||
if ( controlcid ) *controlcid = num_known_controls;
|
||||
sc->sc_cid = num_known_controls;
|
||||
slap_known_controls[num_known_controls++] = ch_strdup( sc->sc_oid );
|
||||
slap_known_controls[num_known_controls] = NULL;
|
||||
|
||||
LDAP_SLIST_NEXT( sc, sc_next ) = NULL;
|
||||
LDAP_SLIST_INSERT_HEAD( &controls_list, sc, sc_next );
|
||||
|
|
@ -224,9 +241,10 @@ slap_controls_init( void )
|
|||
rc = LDAP_SUCCESS;
|
||||
|
||||
for ( i = 0; control_defs[i].sc_oid != NULL; i++ ) {
|
||||
int *cid = (int *)(((char *)&slap_cids) + control_defs[i].sc_cid );
|
||||
rc = register_supported_control( control_defs[i].sc_oid,
|
||||
control_defs[i].sc_mask, control_defs[i].sc_extendedops,
|
||||
control_defs[i].sc_parse );
|
||||
control_defs[i].sc_parse, cid );
|
||||
if ( rc != LDAP_SUCCESS ) break;
|
||||
}
|
||||
|
||||
|
|
@ -636,7 +654,7 @@ static int parseModifyIncrement (
|
|||
LDAPControl *ctrl )
|
||||
{
|
||||
#if 0
|
||||
if ( op->o_modifyIncrement != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_modifyIncrement != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "modifyIncrement control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -649,8 +667,8 @@ static int parseModifyIncrement (
|
|||
|
||||
#if 0
|
||||
op->o_modifyIncrement = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
#endif
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
|
|
@ -661,7 +679,7 @@ static int parseManageDSAit (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_managedsait != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_managedsait != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "manageDSAit control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -672,8 +690,8 @@ static int parseManageDSAit (
|
|||
}
|
||||
|
||||
op->o_managedsait = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -686,14 +704,14 @@ static int parseProxyAuthz (
|
|||
int rc;
|
||||
struct berval dn = BER_BVNULL;
|
||||
|
||||
if ( op->o_proxy_authz != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_proxy_authz != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "proxy authorization control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
op->o_proxy_authz = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
Debug( LDAP_DEBUG_ARGS,
|
||||
"parseProxyAuthz: conn %lu authzid=\"%s\"\n",
|
||||
|
|
@ -766,7 +784,7 @@ static int parseNoOp (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_noop != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_noop != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "noop control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -777,8 +795,8 @@ static int parseNoOp (
|
|||
}
|
||||
|
||||
op->o_noop = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -793,13 +811,14 @@ static int parsePagedResults (
|
|||
ber_int_t size;
|
||||
BerElement *ber;
|
||||
struct berval cookie = BER_BVNULL;
|
||||
PagedResultsState *ps;
|
||||
|
||||
if ( op->o_pagedresults != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_pagedresults != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "paged results control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
if ( op->o_sync != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_sync != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "paged results control specified with sync control";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -879,7 +898,10 @@ static int parsePagedResults (
|
|||
}
|
||||
#endif
|
||||
|
||||
op->o_pagedresults_size = size;
|
||||
ps = op->o_tmpalloc( sizeof(PagedResultsState), op->o_tmpmemctx );
|
||||
*ps = op->o_conn->c_pagedresults_state;
|
||||
ps->ps_size = size;
|
||||
op->o_pagedresults_state = ps;
|
||||
|
||||
/* NOTE: according to RFC 2696 3.:
|
||||
|
||||
|
|
@ -892,13 +914,13 @@ static int parsePagedResults (
|
|||
*/
|
||||
|
||||
if ( op->ors_slimit > 0 && size >= op->ors_slimit ) {
|
||||
op->o_pagedresults = SLAP_IGNORED_CONTROL;
|
||||
op->o_pagedresults = SLAP_CONTROL_IGNORED;
|
||||
|
||||
} else if ( ctrl->ldctl_iscritical ) {
|
||||
op->o_pagedresults = SLAP_CRITICAL_CONTROL;
|
||||
op->o_pagedresults = SLAP_CONTROL_CRITICAL;
|
||||
|
||||
} else {
|
||||
op->o_pagedresults = SLAP_NONCRITICAL_CONTROL;
|
||||
op->o_pagedresults = SLAP_CONTROL_NONCRITICAL;
|
||||
}
|
||||
|
||||
done:;
|
||||
|
|
@ -915,7 +937,7 @@ static int parseAssert (
|
|||
struct berval fstr = BER_BVNULL;
|
||||
const char *err_msg = "";
|
||||
|
||||
if ( op->o_assert != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_assert != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "assert control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -931,7 +953,7 @@ static int parseAssert (
|
|||
return LDAP_OTHER;
|
||||
}
|
||||
|
||||
rs->sr_err = get_filter( op, ber, &(op->o_assertion), &rs->sr_text);
|
||||
rs->sr_err = get_filter( op, ber, (Filter **)&(op->o_assertion), &rs->sr_text);
|
||||
|
||||
if( rs->sr_err != LDAP_SUCCESS ) {
|
||||
if( rs->sr_err == SLAPD_DISCONNECT ) {
|
||||
|
|
@ -956,8 +978,8 @@ static int parseAssert (
|
|||
#endif
|
||||
|
||||
op->o_assert = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
rs->sr_err = LDAP_SUCCESS;
|
||||
return LDAP_SUCCESS;
|
||||
|
|
@ -972,7 +994,7 @@ static int parsePreRead (
|
|||
AttributeName *an = NULL;
|
||||
BerElement *ber;
|
||||
|
||||
if ( op->o_preread != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_preread != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "preread control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1010,8 +1032,8 @@ static int parsePreRead (
|
|||
}
|
||||
|
||||
op->o_preread = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
op->o_preread_attrs = an;
|
||||
|
||||
|
|
@ -1028,7 +1050,7 @@ static int parsePostRead (
|
|||
AttributeName *an = NULL;
|
||||
BerElement *ber;
|
||||
|
||||
if ( op->o_postread != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_postread != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "postread control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1066,8 +1088,8 @@ static int parsePostRead (
|
|||
}
|
||||
|
||||
op->o_postread = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
op->o_postread_attrs = an;
|
||||
|
||||
|
|
@ -1084,7 +1106,7 @@ int parseValuesReturnFilter (
|
|||
struct berval fstr = BER_BVNULL;
|
||||
const char *err_msg = "";
|
||||
|
||||
if ( op->o_valuesreturnfilter != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_valuesreturnfilter != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "valuesReturnFilter control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1100,7 +1122,7 @@ int parseValuesReturnFilter (
|
|||
return LDAP_OTHER;
|
||||
}
|
||||
|
||||
rs->sr_err = get_vrFilter( op, ber, &(op->o_vrFilter), &rs->sr_text);
|
||||
rs->sr_err = get_vrFilter( op, ber, (ValuesReturnFilter **)&(op->o_vrFilter), &rs->sr_text);
|
||||
|
||||
if( rs->sr_err != LDAP_SUCCESS ) {
|
||||
if( rs->sr_err == SLAPD_DISCONNECT ) {
|
||||
|
|
@ -1123,8 +1145,8 @@ int parseValuesReturnFilter (
|
|||
#endif
|
||||
|
||||
op->o_valuesreturnfilter = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
rs->sr_err = LDAP_SUCCESS;
|
||||
return LDAP_SUCCESS;
|
||||
|
|
@ -1136,7 +1158,7 @@ static int parseSubentries (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_subentries != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_subentries != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "subentries control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1151,10 +1173,11 @@ static int parseSubentries (
|
|||
}
|
||||
|
||||
op->o_subentries = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
op->o_subentries_visibility = (ctrl->ldctl_value.bv_val[2] != 0x00);
|
||||
if ( (void *)(ctrl->ldctl_value.bv_val[2] != 0x00))
|
||||
set_subentries_visibility( op );
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -1166,7 +1189,7 @@ static int parsePermissiveModify (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_permissive_modify != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_permissive_modify != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "permissiveModify control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1177,8 +1200,8 @@ static int parsePermissiveModify (
|
|||
}
|
||||
|
||||
op->o_permissive_modify = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -1190,7 +1213,7 @@ static int parseDomainScope (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_domain_scope != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_domain_scope != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "domainScope control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1201,8 +1224,8 @@ static int parseDomainScope (
|
|||
}
|
||||
|
||||
op->o_domain_scope = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -1214,7 +1237,7 @@ static int parseTreeDelete (
|
|||
SlapReply *rs,
|
||||
LDAPControl *ctrl )
|
||||
{
|
||||
if ( op->o_tree_delete != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_tree_delete != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "treeDelete control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1225,8 +1248,8 @@ static int parseTreeDelete (
|
|||
}
|
||||
|
||||
op->o_tree_delete = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -1260,15 +1283,15 @@ static int parseSearchOptions (
|
|||
(void) ber_free( ber, 1 );
|
||||
|
||||
if ( search_flags & LDAP_SEARCH_FLAG_DOMAIN_SCOPE ) {
|
||||
if ( op->o_domain_scope != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_domain_scope != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "searchOptions control specified multiple times "
|
||||
"or with domainScope control";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
op->o_domain_scope = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
}
|
||||
|
||||
if ( search_flags & ~(LDAP_SEARCH_FLAG_DOMAIN_SCOPE) ) {
|
||||
|
|
@ -1292,12 +1315,12 @@ static int parseLDAPsync (
|
|||
ber_len_t len;
|
||||
struct slap_session_entry *se;
|
||||
|
||||
if ( op->o_sync != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_sync != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "Sync control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
if ( op->o_pagedresults != SLAP_NO_CONTROL ) {
|
||||
if ( op->o_pagedresults != SLAP_CONTROL_NONE ) {
|
||||
rs->sr_text = "Sync control specified with pagedResults control";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
|
@ -1370,8 +1393,8 @@ static int parseLDAPsync (
|
|||
op->o_sync_mode = (char) mode;
|
||||
|
||||
op->o_sync = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
? SLAP_CONTROL_CRITICAL
|
||||
: SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -215,7 +215,7 @@ fe_op_delete( Operation *op, SlapReply *rs )
|
|||
org_managedsait = get_manageDSAit( op );
|
||||
op->o_dn = op->o_bd->be_rootdn;
|
||||
op->o_ndn = op->o_bd->be_rootndn;
|
||||
op->o_managedsait = 1;
|
||||
op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
while ( rs->sr_err == LDAP_SUCCESS &&
|
||||
op->o_delete_glue_parent )
|
||||
|
|
|
|||
|
|
@ -169,7 +169,7 @@ do_extended(
|
|||
}
|
||||
|
||||
/* check for controls inappropriate for all extended operations */
|
||||
if( get_manageDSAit( op ) == SLAP_CRITICAL_CONTROL ) {
|
||||
if( get_manageDSAit( op ) == SLAP_CONTROL_CRITICAL ) {
|
||||
send_ldap_error( op, rs,
|
||||
LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
|
||||
"manageDSAit control inappropriate" );
|
||||
|
|
|
|||
|
|
@ -982,9 +982,10 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
}
|
||||
|
||||
/* if paged results is requested */
|
||||
if ( get_pagedresults( op ) > SLAP_NO_CONTROL ) {
|
||||
if ( get_pagedresults( op ) > SLAP_CONTROL_IGNORED ) {
|
||||
int slimit = -2;
|
||||
int pr_total;
|
||||
PagedResultsState *ps = op->o_pagedresults_state;
|
||||
|
||||
/* paged results is not allowed */
|
||||
if ( op->ors_limit->lms_s_pr_total == -2 ) {
|
||||
|
|
@ -996,7 +997,7 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
return -1;
|
||||
}
|
||||
|
||||
if ( op->ors_limit->lms_s_pr > 0 && op->o_pagedresults_size > op->ors_limit->lms_s_pr ) {
|
||||
if ( op->ors_limit->lms_s_pr > 0 && ps->ps_size > op->ors_limit->lms_s_pr ) {
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
rs->sr_text = "illegal pagedResults page size";
|
||||
send_ldap_result( op, rs );
|
||||
|
|
@ -1020,7 +1021,7 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
slimit = -1;
|
||||
|
||||
} else {
|
||||
slimit = op->ors_slimit - op->o_pagedresults_state.ps_count;
|
||||
slimit = op->ors_slimit - ps->ps_count;
|
||||
}
|
||||
|
||||
#ifdef ABOVE_HARD_LIMIT_IS_ERROR
|
||||
|
|
@ -1056,7 +1057,7 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
slimit2 = op->ors_slimit;
|
||||
}
|
||||
|
||||
total = slimit2 - op->o_pagedresults_state.ps_count;
|
||||
total = slimit2 - ps->ps_count;
|
||||
|
||||
if ( total >= 0 ) {
|
||||
if ( op->ors_limit->lms_s_pr > 0 ) {
|
||||
|
|
@ -1092,7 +1093,7 @@ limits_check( Operation *op, SlapReply *rs )
|
|||
op->ors_slimit = slimit;
|
||||
|
||||
} else if ( slimit > 0 ) {
|
||||
if ( op->ors_slimit - op->o_pagedresults_state.ps_count > slimit ) {
|
||||
if ( op->ors_slimit - ps->ps_count > slimit ) {
|
||||
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
|
||||
send_ldap_result( op, rs );
|
||||
rs->sr_err = LDAP_SUCCESS;
|
||||
|
|
|
|||
|
|
@ -338,7 +338,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
|
|||
org_managedsait = get_manageDSAit( op );
|
||||
op->o_dn = op->o_bd->be_rootdn;
|
||||
op->o_ndn = op->o_bd->be_rootndn;
|
||||
op->o_managedsait = 1;
|
||||
op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
while ( rs->sr_err == LDAP_SUCCESS &&
|
||||
op->o_delete_glue_parent ) {
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ void slap_op_destroy(void)
|
|||
while ( (o = LDAP_STAILQ_FIRST( &slap_free_ops )) != NULL) {
|
||||
LDAP_STAILQ_REMOVE_HEAD( &slap_free_ops, o_next );
|
||||
LDAP_STAILQ_NEXT(o, o_next) = NULL;
|
||||
ch_free( o->o_controls );
|
||||
ch_free( o );
|
||||
}
|
||||
ldap_pvt_thread_mutex_destroy( &slap_op_mutex );
|
||||
|
|
@ -62,6 +63,7 @@ void
|
|||
slap_op_free( Operation *op )
|
||||
{
|
||||
struct berval slap_empty_bv_dup;
|
||||
void **controls;
|
||||
|
||||
assert( LDAP_STAILQ_NEXT(op, o_next) == NULL );
|
||||
|
||||
|
|
@ -109,7 +111,10 @@ slap_op_free( Operation *op )
|
|||
ch_free( op->o_sync_csn.bv_val );
|
||||
}
|
||||
|
||||
controls = op->o_controls;
|
||||
memset( controls, 0, sizeof(void *) * SLAP_MAX_CIDS );
|
||||
memset( op, 0, sizeof(Operation) );
|
||||
op->o_controls = controls;
|
||||
|
||||
op->o_sync_state.sid = -1;
|
||||
op->o_sync_slog_size = -1;
|
||||
|
|
@ -138,6 +143,7 @@ slap_op_alloc(
|
|||
|
||||
if (!op) {
|
||||
op = (Operation *) ch_calloc( 1, sizeof(Operation) );
|
||||
op->o_controls = (void **) ch_calloc( SLAP_MAX_CIDS, sizeof( void *));
|
||||
}
|
||||
|
||||
op->o_ber = ber;
|
||||
|
|
|
|||
|
|
@ -73,6 +73,9 @@ refint.la : refint.lo $(@PLAT@_LINK_LIBS)
|
|||
rwm.la : rwm.lo $(@PLAT@_LINK_LIBS)
|
||||
$(LTLINK_MOD) -module -o $@ rwm.lo rwmconf.lo rwmdn.lo rwmmap.lo version.lo $(LINK_LIBS)
|
||||
|
||||
syncprov.la : syncprov.lo $(@PLAT@_LINK_LIBS)
|
||||
$(LTLINK_MOD) -module -o $@ syncprov.lo version.lo $(LINK_LIBS)
|
||||
|
||||
unique.la : unique.lo $(@PLAT@_LINK_LIBS)
|
||||
$(LTLINK_MOD) -module -o $@ unique.lo version.lo $(LINK_LIBS)
|
||||
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@ typedef struct pw_conn {
|
|||
} pw_conn;
|
||||
|
||||
static pw_conn *pwcons;
|
||||
static int ppolicy_cid;
|
||||
|
||||
typedef struct pass_policy {
|
||||
AttributeDescription *ad; /* attribute to which the policy applies */
|
||||
|
|
@ -1000,13 +1001,8 @@ ppolicy_bind( Operation *op, SlapReply *rs )
|
|||
op->o_callback->sc_next = cb;
|
||||
|
||||
/* Did we receive a password policy request control? */
|
||||
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
|
||||
LDAP_CONTROL_PASSWORDPOLICYREQUEST ) )
|
||||
{
|
||||
ppb->send_ctrl = 1;
|
||||
break;
|
||||
}
|
||||
if ( op->o_ctrlflag[ppolicy_cid] ) {
|
||||
ppb->send_ctrl = 1;
|
||||
}
|
||||
|
||||
op->o_bd->bd_info = (BackendInfo *)on;
|
||||
|
|
@ -1047,12 +1043,8 @@ ppolicy_restrict(
|
|||
int i, send_ctrl = 0;
|
||||
|
||||
/* Did we receive a password policy request control? */
|
||||
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
|
||||
LDAP_CONTROL_PASSWORDPOLICYREQUEST ) ) {
|
||||
send_ctrl = 1;
|
||||
break;
|
||||
}
|
||||
if ( op->o_ctrlflag[ppolicy_cid] ) {
|
||||
send_ctrl = 1;
|
||||
}
|
||||
|
||||
if ( op->o_conn && pwcons[op->o_conn->c_conn_idx].restrict ) {
|
||||
|
|
@ -1106,12 +1098,8 @@ ppolicy_add(
|
|||
LDAPPasswordPolicyError pErr = PP_noError;
|
||||
|
||||
/* Did we receive a password policy request control? */
|
||||
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
|
||||
LDAP_CONTROL_PASSWORDPOLICYREQUEST ) ) {
|
||||
send_ctrl = 1;
|
||||
break;
|
||||
}
|
||||
if ( op->o_ctrlflag[ppolicy_cid] ) {
|
||||
send_ctrl = 1;
|
||||
}
|
||||
rc = check_password_quality( bv, &pp, &pErr, op->ora_e );
|
||||
if (rc != LDAP_SUCCESS) {
|
||||
|
|
@ -1206,12 +1194,8 @@ ppolicy_modify( Operation *op, SlapReply *rs )
|
|||
if ( rc != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
|
||||
|
||||
/* Did we receive a password policy request control? */
|
||||
for ( i=0; op->o_ctrls && op->o_ctrls[i]; i++ ) {
|
||||
if ( !strcmp( op->o_ctrls[i]->ldctl_oid,
|
||||
LDAP_CONTROL_PASSWORDPOLICYREQUEST ) ) {
|
||||
send_ctrl = 1;
|
||||
break;
|
||||
}
|
||||
if ( op->o_ctrlflag[ppolicy_cid] ) {
|
||||
send_ctrl = 1;
|
||||
}
|
||||
|
||||
/* See if this is a pwdModify exop. If so, we can
|
||||
|
|
@ -1691,6 +1675,7 @@ ppolicy_parseCtrl(
|
|||
rs->sr_text = "passwordPolicyRequest control invalid criticality";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
op->o_ctrlflag[ppolicy_cid] = SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
|
@ -1821,7 +1806,7 @@ int ppolicy_init()
|
|||
|
||||
code = register_supported_control( LDAP_CONTROL_PASSWORDPOLICYREQUEST,
|
||||
SLAP_CTRL_ADD|SLAP_CTRL_BIND|SLAP_CTRL_MODIFY, extops,
|
||||
ppolicy_parseCtrl );
|
||||
ppolicy_parseCtrl, &ppolicy_cid );
|
||||
if ( code != LDAP_SUCCESS ) {
|
||||
fprintf( stderr, "Failed to register control %d\n", code );
|
||||
return code;
|
||||
|
|
|
|||
|
|
@ -372,6 +372,7 @@ LDAP_SLAPD_F (int) allComponentsValidate LDAP_P((
|
|||
/*
|
||||
* controls.c
|
||||
*/
|
||||
LDAP_SLAPD_V( struct slap_control_ids ) slap_cids;
|
||||
LDAP_SLAPD_F (void) slap_free_ctrls LDAP_P((
|
||||
Operation *op,
|
||||
LDAPControl **ctrls ));
|
||||
|
|
@ -383,7 +384,8 @@ LDAP_SLAPD_F (int) register_supported_control LDAP_P((
|
|||
const char *controloid,
|
||||
slap_mask_t controlmask,
|
||||
char **controlexops,
|
||||
SLAP_CTRL_PARSE_FN *controlparsefn ));
|
||||
SLAP_CTRL_PARSE_FN *controlparsefn,
|
||||
int *controlcid ));
|
||||
LDAP_SLAPD_F (int) slap_controls_init LDAP_P ((void));
|
||||
LDAP_SLAPD_F (void) controls_destroy LDAP_P ((void));
|
||||
LDAP_SLAPD_F (int) controls_root_dse_info LDAP_P ((Entry *e));
|
||||
|
|
|
|||
|
|
@ -351,9 +351,9 @@ fe_op_search( Operation *op, SlapReply *rs )
|
|||
|
||||
/* Sync control overrides manageDSAit */
|
||||
|
||||
if ( manageDSAit != SLAP_NO_CONTROL ) {
|
||||
if ( manageDSAit != SLAP_CONTROL_NONE ) {
|
||||
if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) {
|
||||
be_manageDSAit = SLAP_NO_CONTROL;
|
||||
be_manageDSAit = SLAP_CONTROL_NONE;
|
||||
} else {
|
||||
be_manageDSAit = manageDSAit;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2045,6 +2045,7 @@ typedef struct slap_overinfo {
|
|||
typedef unsigned long PagedResultsCookie;
|
||||
typedef struct slap_paged_state {
|
||||
Backend *ps_be;
|
||||
ber_int_t ps_size;
|
||||
PagedResultsCookie ps_cookie;
|
||||
int ps_count;
|
||||
} PagedResultsState;
|
||||
|
|
@ -2109,6 +2110,28 @@ typedef struct slap_gacl {
|
|||
char ga_ndn[1];
|
||||
} GroupAssertion;
|
||||
|
||||
#ifndef SLAP_MAX_CIDS
|
||||
#define SLAP_MAX_CIDS 32 /* Maximum number of supported controls */
|
||||
#endif
|
||||
|
||||
struct slap_control_ids {
|
||||
int sc_assert;
|
||||
int sc_preRead;
|
||||
int sc_postRead;
|
||||
int sc_proxyAuthz;
|
||||
int sc_manageDSAit;
|
||||
int sc_modifyIncrement;
|
||||
int sc_noOp;
|
||||
int sc_pagedResults;
|
||||
int sc_valuesReturnFilter;
|
||||
int sc_permissiveModify;
|
||||
int sc_domainScope;
|
||||
int sc_treeDelete;
|
||||
int sc_searchOptions;
|
||||
int sc_subentries;
|
||||
int sc_LDAPsync;
|
||||
};
|
||||
|
||||
/*
|
||||
* represents an operation pending from an ldap client
|
||||
*/
|
||||
|
|
@ -2200,58 +2223,77 @@ typedef struct slap_op {
|
|||
char o_do_not_cache; /* don't cache groups from this op */
|
||||
char o_is_auth_check; /* authorization in progress */
|
||||
|
||||
#define SLAP_IGNORED_CONTROL -1
|
||||
#define SLAP_NO_CONTROL 0
|
||||
#define SLAP_NONCRITICAL_CONTROL 1
|
||||
#define SLAP_CRITICAL_CONTROL 2
|
||||
char o_managedsait;
|
||||
#define get_manageDSAit(op) ((int)(op)->o_managedsait)
|
||||
#define SLAP_CONTROL_NONE 0
|
||||
#define SLAP_CONTROL_IGNORED 1
|
||||
#define SLAP_CONTROL_NONCRITICAL 2
|
||||
#define SLAP_CONTROL_CRITICAL 3
|
||||
#define SLAP_CONTROL_MASK 3
|
||||
#define SLAP_CONTROL_DATA0 0x10
|
||||
#define SLAP_CONTROL_DATA1 0x20
|
||||
#define SLAP_CONTROL_DATA2 0x40
|
||||
#define SLAP_CONTROL_DATA3 0x80
|
||||
|
||||
char o_noop;
|
||||
char o_proxy_authz;
|
||||
|
||||
char o_subentries;
|
||||
#define get_subentries(op) ((int)(op)->o_subentries)
|
||||
char o_subentries_visibility;
|
||||
#define get_subentries_visibility(op) ((int)(op)->o_subentries_visibility)
|
||||
#define _SCM(x) ((x) & SLAP_CONTROL_MASK)
|
||||
|
||||
char o_assert;
|
||||
char o_ctrlflag[SLAP_MAX_CIDS]; /* per-control flags */
|
||||
void **o_controls; /* per-control state */
|
||||
|
||||
#define o_managedsait o_ctrlflag[slap_cids.sc_manageDSAit]
|
||||
#define get_manageDSAit(op) _SCM((op)->o_managedsait)
|
||||
|
||||
#define o_noop o_ctrlflag[slap_cids.sc_noOp]
|
||||
#define o_proxy_authz o_ctrlflag[slap_cids.sc_proxyAuthz]
|
||||
#define o_subentries o_ctrlflag[slap_cids.sc_subentries]
|
||||
|
||||
#define get_subentries(op) _SCM((op)->o_subentries)
|
||||
#define o_subentries_visibility o_ctrlflag[slap_cids.sc_subentries]
|
||||
|
||||
#define set_subentries_visibility(op) ((op)->o_subentries |= SLAP_CONTROL_DATA0)
|
||||
#define get_subentries_visibility(op) ((op)->o_subentries & SLAP_CONTROL_DATA0)
|
||||
|
||||
#define o_assert o_ctrlflag[slap_cids.sc_assert]
|
||||
#define get_assert(op) ((int)(op)->o_assert)
|
||||
#define o_assertion o_controls[slap_cids.sc_assert]
|
||||
#define get_assertion(op) ((op)->o_assertion)
|
||||
|
||||
char o_valuesreturnfilter;
|
||||
#define o_valuesreturnfilter o_ctrlflag[slap_cids.sc_valuesReturnFilter]
|
||||
#define o_vrFilter o_controls[slap_cids.sc_valuesReturnFilter]
|
||||
|
||||
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
|
||||
char o_permissive_modify;
|
||||
#define o_permissive_modify o_ctrlflag[slap_cids.sc_permissiveModify]
|
||||
#define get_permissiveModify(op) ((int)(op)->o_permissive_modify)
|
||||
#else
|
||||
#define get_permissiveModify(op) (0)
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
char o_domain_scope;
|
||||
#define o_domain_scope o_ctrlflag[slap_cids.sc_domainScope]
|
||||
#define get_domainScope(op) ((int)(op)->o_domain_scope)
|
||||
#else
|
||||
#define get_domainScope(op) (0)
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_X_TREE_DELETE
|
||||
char o_tree_delete;
|
||||
#define o_tree_delete o_ctrlflag[slap_cids.sc_treeDelete]
|
||||
#define get_treeDelete(op) ((int)(op)->o_tree_delete)
|
||||
#else
|
||||
#define get_treeDelete(op) (0)
|
||||
#endif
|
||||
|
||||
char o_preread;
|
||||
char o_postread;
|
||||
AttributeName *o_preread_attrs;
|
||||
AttributeName *o_postread_attrs;
|
||||
#define o_preread o_ctrlflag[slap_cids.sc_preRead]
|
||||
#define o_postread o_ctrlflag[slap_cids.sc_postRead]
|
||||
|
||||
#define o_preread_attrs o_controls[slap_cids.sc_preRead]
|
||||
#define o_postread_attrs o_controls[slap_cids.sc_postRead]
|
||||
|
||||
#define o_pagedresults o_ctrlflag[slap_cids.sc_pagedResults]
|
||||
#define o_pagedresults_state o_controls[slap_cids.sc_pagedResults]
|
||||
|
||||
char o_pagedresults;
|
||||
#define get_pagedresults(op) ((int)(op)->o_pagedresults)
|
||||
ber_int_t o_pagedresults_size;
|
||||
PagedResultsState o_pagedresults_state;
|
||||
|
||||
char o_sync;
|
||||
#define o_sync o_ctrlflag[slap_cids.sc_LDAPsync]
|
||||
|
||||
char o_sync_mode;
|
||||
#define SLAP_SYNC_NONE LDAP_SYNC_NONE
|
||||
#define SLAP_SYNC_REFRESH LDAP_SYNC_REFRESH_ONLY
|
||||
|
|
@ -2296,10 +2338,6 @@ typedef struct slap_op {
|
|||
|
||||
LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
|
||||
|
||||
Filter *o_assertion; /* Assert control filter */
|
||||
#define get_assertion(op) ((op)->o_assertion)
|
||||
|
||||
ValuesReturnFilter *o_vrFilter; /* ValuesReturnFilter */
|
||||
|
||||
int o_nocaching;
|
||||
int o_delete_glue_parent;
|
||||
|
|
@ -2308,6 +2346,7 @@ typedef struct slap_op {
|
|||
void *o_pb; /* NS-SLAPI plugin */
|
||||
void *o_extensions; /* NS-SLAPI plugin */
|
||||
#endif
|
||||
|
||||
} Operation;
|
||||
|
||||
#define send_ldap_error( op, rs, err, text ) do { \
|
||||
|
|
|
|||
|
|
@ -1422,7 +1422,7 @@ slapi_register_supported_control(
|
|||
|
||||
slapiControlOp2SlapControlMask( controlops, &controlmask );
|
||||
|
||||
register_supported_control( controloid, controlmask, NULL, slapi_int_parse_control );
|
||||
register_supported_control( controloid, controlmask, NULL, slapi_int_parse_control, NULL );
|
||||
#endif /* LDAP_SLAPI */
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -926,7 +926,7 @@ do_syncrepl(
|
|||
|
||||
op.o_dn = si->si_updatedn;
|
||||
op.o_ndn = si->si_updatedn;
|
||||
op.o_managedsait = 1;
|
||||
op.o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
op.o_bd = be = si->si_be;
|
||||
|
||||
op.o_sync_state.ctxcsn = NULL;
|
||||
|
|
@ -1326,7 +1326,7 @@ syncrepl_entry(
|
|||
org_managedsait = get_manageDSAit( op );
|
||||
op->o_dn = op->o_bd->be_rootdn;
|
||||
op->o_ndn = op->o_bd->be_rootndn;
|
||||
op->o_managedsait = 1;
|
||||
op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
while ( rs_delete.sr_err == LDAP_SUCCESS && op->o_delete_glue_parent ) {
|
||||
op->o_delete_glue_parent = 0;
|
||||
|
|
@ -1517,13 +1517,13 @@ syncrepl_del_nonpresent(
|
|||
op->ors_filterstr = si->si_filterstr;
|
||||
|
||||
op->o_nocaching = 1;
|
||||
op->o_managedsait = 0;
|
||||
op->o_managedsait = SLAP_CONTROL_NONE;
|
||||
|
||||
if ( limits_check( op, &rs_search ) == 0 ) {
|
||||
rc = be->be_search( op, &rs_search );
|
||||
}
|
||||
|
||||
op->o_managedsait = 1;
|
||||
op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
op->o_nocaching = 0;
|
||||
|
||||
if ( op->ors_filter ) filter_free_x( op, op->ors_filter );
|
||||
|
|
@ -1578,7 +1578,7 @@ syncrepl_del_nonpresent(
|
|||
org_managedsait = get_manageDSAit( op );
|
||||
op->o_dn = op->o_bd->be_rootdn;
|
||||
op->o_ndn = op->o_bd->be_rootndn;
|
||||
op->o_managedsait = 1;
|
||||
op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
|
||||
|
||||
while ( rs_delete.sr_err == LDAP_SUCCESS &&
|
||||
op->o_delete_glue_parent ) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue