diff --git a/servers/slapd/back-relay/README b/servers/slapd/back-relay/README
index 36f64e9582..81f152c53c 100644
--- a/servers/slapd/back-relay/README
+++ b/servers/slapd/back-relay/README
@@ -13,8 +13,7 @@ database. This also causes the rewrite-remap overlay
to be automatically instantiated. If the optional keyword
"massage" is present, the rewrite-remap overlay is
automatically configured to map the virtual to the real
-naming context and vice-versa; in this case, the "suffix"
-directive must precede the "relay" directive.
+naming context and vice-versa.
Otherwise, the rewrite-remap overlay must be explicitly
instantiated, by using the "overlay" directive, as
@@ -26,10 +25,30 @@ not bound to a single target database; on the contrary,
the target database is selected on a per-operation basis.
This allows, for instance, to relay one database for
-authentication and anothe for search/modify, or allows
+authentication and anotheir for search/modify, or allows
to use one target for persons and another for groups
and so on.
+To summarize: the "relay" directive:
+- explicitly bounds the database to a single database
+ holding the real naming context;
+- automatically instantiates the rewrite-remap overlay;
+- automatically configures the naming context massaging
+ if the optional "massage" keyword is added
+
+If the "relay" directive is not used, the rewrite-remap
+overlay must be explicitly instantiated and the massaging
+must be configured, either by using the "suffixmassage"
+directive, or by issuing more sophisticate rewrite
+instructions.
+
+AttributeType/objectClass mapping must be explicitly
+required.
+
+Note that the rewrite-remap overlay is not complete nor
+production- ready yet.
+Examples are given of all the suggested usages.
+
# automatically massage from virtual to real naming context
database relay
suffix "dc=virtual,dc=naming,dc=context"
@@ -38,6 +57,13 @@ relay "dc=real,dc=naming,dc=context" massage
# explicitly massage (same as above)
database relay
suffix "dc=virtual,dc=naming,dc=context"
+relay "dc=real,dc=naming,dc=context"
+suffixmassage "dc=virtual,dc=naming,dc=context" \
+ "dc=real,dc=naming,dc=context"
+
+# explicitly massage (same as above, but dynamic backend resolution)
+database relay
+suffix "dc=virtual,dc=naming,dc=context"
overlay rewrite-remap
suffixmassage "dc=virtual,dc=naming,dc=context" \
"dc=real,dc=naming,dc=context"
@@ -46,9 +72,12 @@ suffixmassage "dc=virtual,dc=naming,dc=context" \
# from virtual to real naming context, but not the reverse...
database relay
suffix "dc=virtual,dc=naming,dc=context"
-overlay rewrite-remap
-rewriteEngine on
+relay "dc=real,dc=naming,dc=context"
rewriteContext default
rewriteRule "(.*)dc=virtual,dc=naming,dc=context$" \
"$1dc=real,dc=naming,dc=context"
+rewriteContext searchFilter
+rewriteContext searchResult
+rewriteContext searchResultAttrDN
+rewriteContext matchedDN
diff --git a/servers/slapd/back-relay/back-relay.h b/servers/slapd/back-relay/back-relay.h
index d62474ea33..9e447a7448 100644
--- a/servers/slapd/back-relay/back-relay.h
+++ b/servers/slapd/back-relay/back-relay.h
@@ -1,7 +1,7 @@
/* back-relay.h - relay backend header file */
/* This work is part of OpenLDAP Software .
*
- * Copyright 1999-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
diff --git a/servers/slapd/back-relay/config.c b/servers/slapd/back-relay/config.c
index f02a85e3a7..ba1d3da544 100644
--- a/servers/slapd/back-relay/config.c
+++ b/servers/slapd/back-relay/config.c
@@ -1,7 +1,7 @@
/* config.c - relay backend configuration file routine */
/* This work is part of OpenLDAP Software .
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
@@ -66,7 +66,8 @@ relay_back_db_config(
rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
- "relay dn \"%s\" is invalid\n",
+ "relay dn \"%s\" is invalid "
+ "in \"relay [massage]\" line\n",
fname, lineno, argv[ 1 ] );
return 1;
}
@@ -75,13 +76,15 @@ relay_back_db_config(
if ( bd == NULL ) {
fprintf( stderr, "%s: line %d: "
"cannot find database "
- "of relay dn \"%s\"\n",
+ "of relay dn \"%s\" "
+ "in \"relay [massage]\" line\n",
fname, lineno, argv[ 1 ] );
return 1;
} else if ( bd == be ) {
fprintf( stderr, "%s: line %d: "
- "relay dn \"%s\" would call self\n",
+ "relay dn \"%s\" would call self "
+ "in \"relay [massage]\" line\n",
fname, lineno, pdn.bv_val );
return 1;
}
@@ -91,33 +94,16 @@ relay_back_db_config(
if ( overlay_config( be, "rewrite-remap" ) ) {
fprintf( stderr, "%s: line %d: unable to install "
"rewrite-remap overlay "
- "in back-relay\n",
+ "in back-relay "
+ "in \"relay [massage]\" line\n",
fname, lineno );
return 1;
}
-#if 0
- {
+ if ( argc == 3 ) {
char *cargv[ 4 ];
- cargv[ 0 ] = "overlay";
- cargv[ 1 ] = "rewrite-remap";
- cargv[ 2 ] = NULL;
-
- be->be_config( be, fname, lineno, 2, cargv );
-
- cargv[ 0 ] = "suffixmassage";
- cargv[ 1 ] = be->be_suffix[0].bv_val;
- cargv[ 2 ] = ri->ri_bd->be_suffix[0].bv_val;
- cargv[ 3 ] = NULL;
-
- if ( be->be_config( be, fname, lineno, 3, cargv ) ) {
- return 1;
- }
- }
-
- if ( argc == 3 ) {
- if ( strcmp( argv[2], "massage" ) ) {
+ if ( strcmp( argv[2], "massage" ) != 0 ) {
fprintf( stderr, "%s: line %d: "
"unknown directive \"%s\" "
"in \"relay [massage]\" line\n",
@@ -125,9 +111,17 @@ relay_back_db_config(
return 1;
}
- ri->ri_massage = 1;
+ cargv[ 0 ] = "suffixmassage";
+ cargv[ 1 ] = be->be_suffix[0].bv_val;
+ cargv[ 2 ] = pdn.bv_val;
+ cargv[ 3 ] = NULL;
+
+ if ( be->be_config( be, fname, lineno, 3, cargv ) ) {
+ return 1;
+ }
}
-#endif
+
+ ch_free( pdn.bv_val );
/* anything else */
} else {
diff --git a/servers/slapd/back-relay/init.c b/servers/slapd/back-relay/init.c
index 66631c2e60..3122858fd6 100644
--- a/servers/slapd/back-relay/init.c
+++ b/servers/slapd/back-relay/init.c
@@ -1,7 +1,7 @@
/* init.c - initialize relay backend */
/* This work is part of OpenLDAP Software .
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
@@ -110,29 +110,10 @@ relay_back_db_open( Backend *be )
if ( ri->ri_realsuffix.bv_val != NULL ) {
ri->ri_bd = select_backend( &ri->ri_realsuffix, 0, 1 );
+ /* must be there: it was during config! */
assert( ri->ri_bd );
}
-#if 0
- if ( ri->ri_massage ) {
- char *argv[ 4 ];
-
- if ( be->be_suffix[0].bv_val == NULL ) {
- fprintf( stderr, "suffix must be defined to require suffix massage\n" );
- return 1;
- }
-
- argv[ 0 ] = "suffixmassage";
- argv[ 1 ] = be->be_suffix[0].bv_val;
- argv[ 2 ] = ri->ri_bd->be_suffix[0].bv_val;
- argv[ 3 ] = NULL;
-
- if ( be->be_config( be, "back-relay", 1, 3, argv ) ) {
- return 1;
- }
- }
-#endif
-
return 0;
}
@@ -148,8 +129,12 @@ relay_back_db_destroy( Backend *be )
relay_back_info *ri = (relay_back_info *)be->be_private;
if ( ri ) {
+ if ( ri->ri_realsuffix.bv_val ) {
+ ch_free( ri->ri_realsuffix.bv_val );
+ }
ch_free( ri );
}
return 0;
}
+
diff --git a/servers/slapd/back-relay/op.c b/servers/slapd/back-relay/op.c
index 868c381033..d2137d339c 100644
--- a/servers/slapd/back-relay/op.c
+++ b/servers/slapd/back-relay/op.c
@@ -1,7 +1,7 @@
/* op.c - relay backend operations */
/* This work is part of OpenLDAP Software .
*
- * Copyright 2003-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
@@ -37,6 +37,16 @@ relay_back_swap_bd( struct slap_op *op, struct slap_rep *rs )
return SLAP_CB_CONTINUE;
}
+static void
+relay_back_add_cb( slap_callback *cb, struct slap_op *op )
+{
+ cb->sc_next = op->o_callback;
+ cb->sc_response = relay_back_swap_bd;
+ cb->sc_cleanup = relay_back_swap_bd;
+ cb->sc_private = op->o_bd;
+ op->o_callback = cb;
+}
+
static BackendDB *
relay_back_select_backend( struct slap_op *op, struct slap_rep *rs, int err )
{
@@ -95,11 +105,16 @@ relay_back_op_bind( struct slap_op *op, struct slap_rep *rs )
if ( bd->be_bind ) {
BackendDB *be = op->o_bd;
+ slap_callback cb;
+
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_bind )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -125,15 +140,13 @@ relay_back_op_unbind( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_unbind )( op, rs );
op->o_bd = be;
+
+ op->o_callback = op->o_callback->sc_next;
}
return 0;
@@ -155,16 +168,14 @@ relay_back_op_search( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_search )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -190,16 +201,14 @@ relay_back_op_compare( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_compare )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -225,16 +234,14 @@ relay_back_op_modify( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_modify )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -260,16 +267,14 @@ relay_back_op_modrdn( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_modrdn )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -295,16 +300,14 @@ relay_back_op_add( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_add )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -330,15 +333,13 @@ relay_back_op_delete( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_delete )( op, rs );
op->o_bd = be;
+
+ op->o_callback = op->o_callback->sc_next;
}
return rc;
@@ -360,16 +361,14 @@ relay_back_op_abandon( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_abandon )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -395,16 +394,14 @@ relay_back_op_cancel( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_cancel )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -430,16 +427,14 @@ relay_back_op_extended( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_extended )( op, rs );
op->o_bd = be;
+ op->o_callback = op->o_callback->sc_next;
+
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"operation not supported "
@@ -520,15 +515,13 @@ relay_back_chk_referrals( struct slap_op *op, struct slap_rep *rs )
BackendDB *be = op->o_bd;
slap_callback cb;
- cb.sc_next = op->o_callback;
- cb.sc_response = relay_back_swap_bd;
- cb.sc_cleanup = relay_back_swap_bd;
- cb.sc_private = op->o_bd;
- op->o_callback = &cb;
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_chk_referrals )( op, rs );
op->o_bd = be;
+
+ op->o_callback = op->o_callback->sc_next;
}
return rc;
@@ -553,10 +546,15 @@ relay_back_operational( struct slap_op *op, struct slap_rep *rs,
if ( bd->be_operational ) {
BackendDB *be = op->o_bd;
+ slap_callback cb;
+
+ relay_back_add_cb( &cb, op );
op->o_bd = bd;
rc = ( bd->be_operational )( op, rs, opattrs, ap );
op->o_bd = be;
+
+ op->o_callback = op->o_callback->sc_next;
}
return rc;
diff --git a/servers/slapd/back-relay/proto-back-relay.h b/servers/slapd/back-relay/proto-back-relay.h
index 3fd023e12b..afaba21bf1 100644
--- a/servers/slapd/back-relay/proto-back-relay.h
+++ b/servers/slapd/back-relay/proto-back-relay.h
@@ -1,6 +1,6 @@
/* This work is part of OpenLDAP Software .
*
- * Copyright 2001-2004 The OpenLDAP Foundation.
+ * Copyright 2004 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*