mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-23 08:09:34 -05:00
rename "permit modify" control to "permissive modify"
rename "no referrals" controls to "domain scope" misc cleanup
This commit is contained in:
Kurt Zeilenga
parent
c34e59be35
commit
c04e9ac993
10 changed files with 77 additions and 62 deletions
|
|
@ -230,8 +230,8 @@ typedef struct ldapcontrol {
|
|||
#define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
|
||||
|
||||
#ifdef LDAP_DEVEL
|
||||
#define LDAP_CONTROL_PERMITMODIFY "1.2.840.113556.1.4.1413"
|
||||
#define LDAP_CONTROL_NOREFERRALS "1.2.840.113556.1.4.1339"
|
||||
#define LDAP_CONTROL_X_PERMISSIVE_MODIFY "1.2.840.113556.1.4.1413"
|
||||
#define LDAP_CONTROL_X_DOMAIN_SCOPE "1.2.840.113556.1.4.1339"
|
||||
#endif
|
||||
|
||||
/* LDAP Unsolicited Notifications */
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ int bdb_modify_internal(
|
|||
#else
|
||||
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: add\n", 0, 0, 0);
|
||||
#endif
|
||||
err = modify_add_values( e, mod, get_permitmodify(op),
|
||||
err = modify_add_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if( err != LDAP_SUCCESS ) {
|
||||
#ifdef NEW_LOGGING
|
||||
|
|
@ -76,7 +76,7 @@ int bdb_modify_internal(
|
|||
#else
|
||||
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: delete\n", 0, 0, 0);
|
||||
#endif
|
||||
err = modify_delete_values( e, mod, get_permitmodify(op),
|
||||
err = modify_delete_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
|
||||
if( err != LDAP_SUCCESS ) {
|
||||
|
|
@ -97,7 +97,7 @@ int bdb_modify_internal(
|
|||
#else
|
||||
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: replace\n", 0, 0, 0);
|
||||
#endif
|
||||
err = modify_replace_values( e, mod, get_permitmodify(op),
|
||||
err = modify_replace_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if( err != LDAP_SUCCESS ) {
|
||||
#ifdef NEW_LOGGING
|
||||
|
|
@ -122,7 +122,7 @@ int bdb_modify_internal(
|
|||
*/
|
||||
mod->sm_op = LDAP_MOD_ADD;
|
||||
|
||||
err = modify_add_values( e, mod, get_permitmodify(op),
|
||||
err = modify_add_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) {
|
||||
err = LDAP_SUCCESS;
|
||||
|
|
|
|||
|
|
@ -1049,7 +1049,8 @@ static int search_candidates(
|
|||
* these clauses are redundant.
|
||||
*/
|
||||
if (!oc_filter(filter, 1, &depth) && !get_subentries_visibility(op) ) {
|
||||
if( !get_manageDSAit(op) ) { /* match referrals */
|
||||
if( !get_manageDSAit(op) && !get_domainScope(op) ) {
|
||||
/* match referral objects */
|
||||
struct berval bv_ref = { sizeof("referral")-1, "referral" };
|
||||
rf.f_choice = LDAP_FILTER_EQUALITY;
|
||||
rf.f_ava = &aa_ref;
|
||||
|
|
@ -1060,7 +1061,8 @@ static int search_candidates(
|
|||
}
|
||||
|
||||
#ifdef BDB_ALIASES
|
||||
if( deref & LDAP_DEREF_SEARCHING ) { /* match aliases */
|
||||
if( deref & LDAP_DEREF_SEARCHING ) {
|
||||
/* match alias objects */
|
||||
struct berval bv_alias = { sizeof("alias")-1, "alias" };
|
||||
af.f_choice = LDAP_FILTER_EQUALITY;
|
||||
af.f_ava = &aa_alias;
|
||||
|
|
|
|||
|
|
@ -65,7 +65,8 @@ int ldbm_modify_internal(
|
|||
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0);
|
||||
#endif
|
||||
|
||||
rc = modify_add_values( e, mod, op->o_permitmodify, text, textbuf, textlen );
|
||||
rc = modify_add_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if( rc != LDAP_SUCCESS ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( BACK_LDBM, INFO,
|
||||
|
|
@ -84,7 +85,8 @@ int ldbm_modify_internal(
|
|||
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0);
|
||||
#endif
|
||||
|
||||
rc = modify_delete_values( e, mod, op->o_permitmodify, text, textbuf, textlen );
|
||||
rc = modify_delete_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
assert( rc != LDAP_TYPE_OR_VALUE_EXISTS );
|
||||
if( rc != LDAP_SUCCESS ) {
|
||||
#ifdef NEW_LOGGING
|
||||
|
|
@ -104,7 +106,8 @@ int ldbm_modify_internal(
|
|||
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0);
|
||||
#endif
|
||||
|
||||
rc = modify_replace_values( e, mod, op->o_permitmodify, text, textbuf, textlen );
|
||||
rc = modify_replace_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if( rc != LDAP_SUCCESS ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( BACK_LDBM, INFO,
|
||||
|
|
@ -129,7 +132,8 @@ int ldbm_modify_internal(
|
|||
*/
|
||||
mod->sm_op = LDAP_MOD_ADD;
|
||||
|
||||
rc = modify_add_values( e, mod, op->o_permitmodify, text, textbuf, textlen );
|
||||
rc = modify_add_values( e, mod, get_permissiveModify(op),
|
||||
text, textbuf, textlen );
|
||||
if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) {
|
||||
rc = LDAP_SUCCESS;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ ldbm_back_search(
|
|||
ber_dupbv( &realbase, &e->e_nname );
|
||||
|
||||
candidates = search_candidates( be, e, filter,
|
||||
scope, deref, manageDSAit );
|
||||
scope, deref, manageDSAit || get_domainScope(op) );
|
||||
|
||||
goto searchit;
|
||||
|
||||
|
|
|
|||
|
|
@ -49,8 +49,8 @@ static SLAP_CTRL_PARSE_FN parseManageDSAit;
|
|||
static SLAP_CTRL_PARSE_FN parseNoOp;
|
||||
static SLAP_CTRL_PARSE_FN parsePagedResults;
|
||||
static SLAP_CTRL_PARSE_FN parseValuesReturnFilter;
|
||||
static SLAP_CTRL_PARSE_FN parsePermitModify;
|
||||
static SLAP_CTRL_PARSE_FN parseNoReferrals;
|
||||
static SLAP_CTRL_PARSE_FN parsePermissiveModify;
|
||||
static SLAP_CTRL_PARSE_FN parseDomainScope;
|
||||
|
||||
#ifdef LDAP_CONTROL_SUBENTRIES
|
||||
static SLAP_CTRL_PARSE_FN parseSubentries;
|
||||
|
|
@ -113,6 +113,21 @@ static struct slap_control {
|
|||
{ LDAP_CONTROL_VALUESRETURNFILTER,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parseValuesReturnFilter },
|
||||
#ifdef LDAP_CONTROL_PAGEDRESULTS
|
||||
{ LDAP_CONTROL_PAGEDRESULTS,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parsePagedResults },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
{ LDAP_CONTROL_X_DOMAIN_SCOPE,
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL,
|
||||
parseDomainScope },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
|
||||
{ LDAP_CONTROL_X_PERMISSIVE_MODIFY,
|
||||
SLAP_CTRL_MODIFY, NULL,
|
||||
parsePermissiveModify },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_SUBENTRIES
|
||||
{ LDAP_CONTROL_SUBENTRIES,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
|
|
@ -121,27 +136,6 @@ static struct slap_control {
|
|||
{ LDAP_CONTROL_NOOP,
|
||||
SLAP_CTRL_ACCESS, NULL,
|
||||
parseNoOp },
|
||||
#ifdef LDAP_CONTROL_PAGEDRESULTS
|
||||
{ LDAP_CONTROL_PAGEDRESULTS,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parsePagedResults },
|
||||
#endif
|
||||
{ LDAP_CONTROL_MANAGEDSAIT,
|
||||
SLAP_CTRL_ACCESS, NULL,
|
||||
parseManageDSAit },
|
||||
{ LDAP_CONTROL_PROXY_AUTHZ,
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops,
|
||||
parseProxyAuthz },
|
||||
#ifdef LDAP_CONTROL_PERMITMODIFY
|
||||
{ LDAP_CONTROL_PERMITMODIFY,
|
||||
SLAP_CTRL_UPDATE, NULL,
|
||||
parsePermitModify },
|
||||
#endif
|
||||
#ifdef LDAP_CONTROL_NOREFERRALS
|
||||
{ LDAP_CONTROL_NOREFERRALS,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
parseNoReferrals },
|
||||
#endif
|
||||
#ifdef LDAP_CLIENT_UPDATE
|
||||
{ LDAP_CONTROL_CLIENT_UPDATE,
|
||||
SLAP_CTRL_SEARCH, NULL,
|
||||
|
|
@ -152,6 +146,12 @@ static struct slap_control {
|
|||
SLAP_CTRL_SEARCH, NULL,
|
||||
parseLdupSync },
|
||||
#endif
|
||||
{ LDAP_CONTROL_MANAGEDSAIT,
|
||||
SLAP_CTRL_ACCESS, NULL,
|
||||
parseManageDSAit },
|
||||
{ LDAP_CONTROL_PROXY_AUTHZ,
|
||||
SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops,
|
||||
parseProxyAuthz },
|
||||
{ NULL, 0, NULL, 0 }
|
||||
};
|
||||
|
||||
|
|
@ -813,24 +813,24 @@ static int parseSubentries (
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_PERMITMODIFY
|
||||
static int parsePermitModify (
|
||||
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
|
||||
static int parsePermissiveModify (
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
LDAPControl *ctrl,
|
||||
const char **text )
|
||||
{
|
||||
if ( op->o_permitmodify != SLAP_NO_CONTROL ) {
|
||||
*text = "permitmodify control specified multiple times";
|
||||
if ( op->o_permissive_modify != SLAP_NO_CONTROL ) {
|
||||
*text = "permissiveModify control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
if ( ctrl->ldctl_value.bv_len ) {
|
||||
*text = "permitmodify control value not empty";
|
||||
*text = "permissiveModify control value not empty";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
op->o_permitmodify = ctrl->ldctl_iscritical
|
||||
op->o_permissive_modify = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
|
||||
|
|
@ -838,24 +838,24 @@ static int parsePermitModify (
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_NOREFERRALS
|
||||
static int parseNoReferrals (
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
static int parseDomainScope (
|
||||
Connection *conn,
|
||||
Operation *op,
|
||||
LDAPControl *ctrl,
|
||||
const char **text )
|
||||
{
|
||||
if ( op->o_noreferrals != SLAP_NO_CONTROL ) {
|
||||
*text = "noreferrals control specified multiple times";
|
||||
if ( op->o_domain_scope != SLAP_NO_CONTROL ) {
|
||||
*text = "domainScope control specified multiple times";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
if ( ctrl->ldctl_value.bv_len ) {
|
||||
*text = "noreferrals control value not empty";
|
||||
*text = "domainScope control value not empty";
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
op->o_noreferrals = ctrl->ldctl_iscritical
|
||||
op->o_domain_scope = ctrl->ldctl_iscritical
|
||||
? SLAP_CRITICAL_CONTROL
|
||||
: SLAP_NONCRITICAL_CONTROL;
|
||||
|
||||
|
|
|
|||
|
|
@ -59,11 +59,11 @@ static struct {
|
|||
struct berval oid;
|
||||
SLAP_EXTOP_MAIN_FN *ext_main;
|
||||
} builtin_extops[] = {
|
||||
{ BVC(LDAP_EXOP_X_WHO_AM_I), whoami_extop },
|
||||
{ BVC(LDAP_EXOP_MODIFY_PASSWD), passwd_extop },
|
||||
#ifdef LDAP_EXOP_X_CANCEL
|
||||
{ BVC(LDAP_EXOP_X_CANCEL), cancel_extop },
|
||||
#endif
|
||||
{ BVC(LDAP_EXOP_X_WHO_AM_I), whoami_extop },
|
||||
{ BVC(LDAP_EXOP_MODIFY_PASSWD), passwd_extop },
|
||||
#ifdef HAVE_TLS
|
||||
{ BVC(LDAP_EXOP_START_TLS), starttls_extop },
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -480,8 +480,8 @@ slap_send_ldap_result(
|
|||
assert( err != LDAP_PARTIAL_RESULTS );
|
||||
|
||||
if ( err == LDAP_REFERRAL ) {
|
||||
#ifdef LDAP_CONTROL_NOREFERRALS
|
||||
if( op->o_noreferrals ) {
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
if( op->o_domain_scope ) {
|
||||
ref = NULL;
|
||||
}
|
||||
#endif
|
||||
|
|
@ -1383,15 +1383,15 @@ slap_send_search_reference(
|
|||
return( 1 );
|
||||
}
|
||||
|
||||
#ifdef LDAP_CONTROL_NOREFERRALS
|
||||
if( op->o_noreferrals ) {
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
if( op->o_domain_scope ) {
|
||||
#ifdef NEW_LOGGING
|
||||
LDAP_LOG( OPERATION, ERR,
|
||||
"send_search_reference: conn %lu noreferrals control in (%s).\n",
|
||||
"send_search_reference: conn %lu domainScope control in (%s).\n",
|
||||
op->o_connid, e->e_dn, 0 );
|
||||
#else
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"send_search_reference: noreferrals control in (%s)\n",
|
||||
"send_search_reference: domainScope control in (%s)\n",
|
||||
e->e_dn, 0, 0 );
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -320,6 +320,7 @@ static struct slap_schema_oc_map {
|
|||
"MUST cn )",
|
||||
0, SLAP_OC_OPERATIONAL,
|
||||
offsetof(struct slap_internal_schema, si_oc_monitor) },
|
||||
#ifdef LDAP_DEVEL
|
||||
{ "collectiveAttributeSubentry", "( 2.5.17.2 "
|
||||
"NAME 'collectiveAttributeSubentry' "
|
||||
"AUXILIARY )",
|
||||
|
|
@ -332,6 +333,7 @@ static struct slap_schema_oc_map {
|
|||
"SUP top AUXILIARY )",
|
||||
dynamicObjectClass, SLAP_OC_DYNAMICOBJECT,
|
||||
offsetof(struct slap_internal_schema, si_oc_dynamicObject) },
|
||||
#endif
|
||||
{ NULL, NULL, NULL, 0, 0 }
|
||||
};
|
||||
|
||||
|
|
@ -423,6 +425,7 @@ static struct slap_schema_ad_map {
|
|||
NULL, 0,
|
||||
NULL, NULL, NULL, NULL, NULL,
|
||||
offsetof(struct slap_internal_schema, si_ad_subschemaSubentry) },
|
||||
#ifdef LDAP_DEVEL
|
||||
{ "collectiveAttributeSubentries", "( 2.5.18.12 "
|
||||
"NAME 'collectiveAttributeSubentries' "
|
||||
"EQUALITY distinguishedNameMatch "
|
||||
|
|
@ -438,6 +441,7 @@ static struct slap_schema_ad_map {
|
|||
NULL, SLAP_AT_HIDE,
|
||||
NULL, NULL, NULL, NULL, NULL,
|
||||
offsetof(struct slap_internal_schema, si_ad_collectiveExclusions) },
|
||||
#endif
|
||||
|
||||
{ "entryUUID", "( 1.3.6.1.4.1.4203.666.1.6 NAME 'entryUUID' "
|
||||
"DESC 'LCUP/LDUP: UUID of the entry' "
|
||||
|
|
@ -687,6 +691,7 @@ static struct slap_schema_ad_map {
|
|||
offsetof(struct slap_internal_schema, si_ad_aci) },
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_DEVEL
|
||||
{ "entryTtl", "( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' "
|
||||
"DESC 'RFC2589: entry time-to-live' "
|
||||
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE "
|
||||
|
|
@ -702,6 +707,7 @@ static struct slap_schema_ad_map {
|
|||
rootDseAttribute, 0,
|
||||
NULL, NULL, NULL, NULL, NULL,
|
||||
offsetof(struct slap_internal_schema, si_ad_dynamicSubtrees) },
|
||||
#endif
|
||||
|
||||
/* userApplication attributes (which system schema depends upon) */
|
||||
{ "distinguishedName", "( 2.5.4.49 NAME 'distinguishedName' "
|
||||
|
|
|
|||
|
|
@ -1683,15 +1683,18 @@ typedef struct slap_op {
|
|||
|
||||
char o_valuesreturnfilter;
|
||||
|
||||
#ifdef LDAP_CONTROL_PERMITMODIFY
|
||||
char o_permitmodify;
|
||||
#define get_permitmodify(op) ((int)(op)->o_permitmodify)
|
||||
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
|
||||
char o_permissive_modify;
|
||||
#define get_permissiveModify(op) ((int)(op)->o_permissive_modify)
|
||||
#else
|
||||
#define get_permitmodify(op) (0)
|
||||
#define get_permissiveModify(op) (0)
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_NOREFERRALS
|
||||
char o_noreferrals;
|
||||
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
|
||||
char o_domain_scope;
|
||||
#define get_domainScope(op) ((int)(op)->o_domain_scope)
|
||||
#else
|
||||
#define get_domainScope(op) (0)
|
||||
#endif
|
||||
|
||||
#ifdef LDAP_CONTROL_PAGEDRESULTS
|
||||
|
|
|
|||
Loading…
Reference in a new issue