slap.h 98.5 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
/* slap.h - stand alone ldap server include file */
2
/* $OpenLDAP$ */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
3
4
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
5
 * Copyright 1998-2009 The OpenLDAP Foundation.
Kurt Zeilenga's avatar
Kurt Zeilenga committed
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that this notice is preserved and that due credit is given
 * to the University of Michigan at Ann Arbor. The name of the University
 * may not be used to endorse or promote products derived from this
 * software without specific prior written permission. This software
 * is provided ``as is'' without express or implied warranty.
25
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
26

Kurt Zeilenga's avatar
Kurt Zeilenga committed
27
28
#ifndef _SLAP_H_
#define _SLAP_H_
Kurt Zeilenga's avatar
Kurt Zeilenga committed
29

30
31
#include "ldap_defaults.h"

32
#include <stdio.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
33
#include <ac/stdlib.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
34

35
#include <sys/types.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
36
37
#include <ac/syslog.h>
#include <ac/regex.h>
Howard Chu's avatar
Howard Chu committed
38
#include <ac/signal.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
39
#include <ac/socket.h>
40
#include <ac/time.h>
41
#include <ac/param.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
42

Kurt Zeilenga's avatar
Kurt Zeilenga committed
43
#include "avl.h"
44
45
46
47
48
49
50

#ifndef ldap_debug
#define ldap_debug slap_debug
#endif

#include "ldap_log.h"

Kurt Zeilenga's avatar
Kurt Zeilenga committed
51
52
#include <ldap.h>
#include <ldap_schema.h>
53

54
#include "lber_pvt.h"
55
#include "ldap_pvt.h"
56
#include "ldap_pvt_thread.h"
57
#include "ldap_queue.h"
58
59

LDAP_BEGIN_DECL
60

61
62
#ifdef LDAP_DEVEL
#define LDAP_COLLECTIVE_ATTRIBUTES
63
#define LDAP_COMP_MATCH
64
#define LDAP_SYNC_TIMESTAMP
65
#define SLAP_CONTROL_X_SESSION_TRACKING
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
66
#define SLAP_CONTROL_X_WHATFAILED
67
#define SLAP_CONFIG_DELETE
68
#endif
Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
69

70
71
#define LDAP_DYNAMIC_OBJECTS
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
72
#define SLAP_DISTPROC
73

Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
74
75
76
#ifdef ENABLE_REWRITE
#define SLAP_AUTH_REWRITE	1 /* use librewrite for sasl-regexp */
#endif
77

Kurt Zeilenga's avatar
Kurt Zeilenga committed
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
/*
 * SLAPD Memory allocation macros
 *
 * Unlike ch_*() routines, these routines do not assert() upon
 * allocation error.  They are intended to be used instead of
 * ch_*() routines where the caller has implemented proper
 * checking for and handling of allocation errors.
 *
 * Patches to convert ch_*() calls to SLAP_*() calls welcomed.
 */
#define SLAP_MALLOC(s)      ber_memalloc((s))
#define SLAP_CALLOC(n,s)    ber_memcalloc((n),(s))
#define SLAP_REALLOC(p,s)   ber_memrealloc((p),(s))
#define SLAP_FREE(p)        ber_memfree((p))
#define SLAP_VFREE(v)       ber_memvfree((void**)(v))
#define SLAP_STRDUP(s)      ber_strdup((s))
#define SLAP_STRNDUP(s,l)   ber_strndup((s),(l))
95

Hallvard Furuseth's avatar
Hallvard Furuseth committed
96
97
98
#ifdef f_next
#undef f_next /* name conflict between sys/file.h on SCO and struct filter */
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
99

Kurt Zeilenga's avatar
Kurt Zeilenga committed
100
#define SERVICE_NAME  OPENLDAP_PACKAGE "-slapd"
101
#define SLAPD_ANONYMOUS ""
Kurt Zeilenga's avatar
Kurt Zeilenga committed
102

103
104
105
106
107
108
109
#ifdef HAVE_TCPD
# include <tcpd.h>
# define SLAP_STRING_UNKNOWN	STRING_UNKNOWN
#else /* ! TCP Wrappers */
# define SLAP_STRING_UNKNOWN	"unknown"
#endif /* ! TCP Wrappers */

Juan Gomez's avatar
Juan Gomez committed
110
111
112
113
114
/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h!
 * This is a value used internally by the backends. It is needed to allow
 * adding values that already exist without getting an error as required by
 * modrdn when the new rdn was already an attribute value itself.
 */
115
#define SLAP_MOD_SOFTADD	0x1000
Juan Gomez's avatar
Juan Gomez committed
116

117
#define MAXREMATCHES (100)
118

119
#define SLAP_MAX_WORKER_THREADS		(16)
120

Kurt Zeilenga's avatar
Kurt Zeilenga committed
121
122
123
#define SLAP_SB_MAX_INCOMING_DEFAULT ((1<<18) - 1)
#define SLAP_SB_MAX_INCOMING_AUTH ((1<<24) - 1)

124
125
126
#define SLAP_CONN_MAX_PENDING_DEFAULT	100
#define SLAP_CONN_MAX_PENDING_AUTH	1000

127
#define SLAP_TEXT_BUFLEN (256)
128
129

/* psuedo error code indicating abandoned operation */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
130
#define SLAPD_ABANDON (-1024)
131
132

/* psuedo error code indicating disconnect */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
133
#define SLAPD_DISCONNECT (-1025)
134

135
/* unknown config file directive */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
136
#define SLAP_CONF_UNKNOWN (-1026)
137

138
139
/* We assume "C" locale, that is US-ASCII */
#define ASCII_SPACE(c)	( (c) == ' ' )
140
141
142
143
#define ASCII_LOWER(c)	( (c) >= 'a' && (c) <= 'z' )
#define ASCII_UPPER(c)	( (c) >= 'A' && (c) <= 'Z' )
#define ASCII_ALPHA(c)	( ASCII_LOWER(c) || ASCII_UPPER(c) )
#define ASCII_DIGIT(c)	( (c) >= '0' && (c) <= '9' )
Howard Chu's avatar
Howard Chu committed
144
145
#define ASCII_HEXLOWER(c)	( (c) >= 'a' && (c) <= 'f' )
#define ASCII_HEXUPPER(c)	( (c) >= 'A' && (c) <= 'F' )
146
147
#define ASCII_HEX(c)	( ASCII_DIGIT(c) || \
	ASCII_HEXLOWER(c) || ASCII_HEXUPPER(c) )
148
#define ASCII_ALNUM(c)	( ASCII_ALPHA(c) || ASCII_DIGIT(c) )
149
#define ASCII_PRINTABLE(c) ( (c) >= ' ' && (c) <= '~' )
150
151
152
153
154
155
156
157

#define SLAP_NIBBLE(c) ((c)&0x0f)
#define SLAP_ESCAPE_CHAR ('\\')
#define SLAP_ESCAPE_LO(c) ( "0123456789ABCDEF"[SLAP_NIBBLE(c)] )
#define SLAP_ESCAPE_HI(c) ( SLAP_ESCAPE_LO((c)>>4) )

#define FILTER_ESCAPE(c) ( (c) == '*' || (c) == '\\' \
	|| (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) )
158

159
#define DN_ESCAPE(c)	((c) == SLAP_ESCAPE_CHAR)
160
161
162
163
/* NOTE: for consistency, this macro must only operate
 * on normalized/pretty DN, such that ';' is never used
 * as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c)	((c) == ',')
Kurt Zeilenga's avatar
Kurt Zeilenga committed
164
#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
165
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
166
167
168
169
170
#define RDN_NEEDSESCAPE(c)	((c) == '\\' || (c) == '"')

#define DESC_LEADCHAR(c)	( ASCII_ALPHA(c) )
#define DESC_CHAR(c)	( ASCII_ALNUM(c) || (c) == '-' )
#define OID_LEADCHAR(c)	( ASCII_DIGIT(c) )
171
172
#define OID_SEPARATOR(c)	( (c) == '.' )
#define OID_CHAR(c)	( OID_LEADCHAR(c) || OID_SEPARATOR(c) )
173

174
#define ATTR_LEADCHAR(c)	( DESC_LEADCHAR(c) || OID_LEADCHAR(c) )
175
#define ATTR_CHAR(c)	( DESC_CHAR((c)) || OID_SEPARATOR(c) )
176

177
#define AD_LEADCHAR(c)	( ATTR_LEADCHAR(c) )
178
#define AD_CHAR(c)		( ATTR_CHAR(c) || (c) == ';' )
179

180
181
#define SLAP_NUMERIC(c) ( ASCII_DIGIT(c) || ASCII_SPACE(c) )

182
183
184
#define SLAP_PRINTABLE(c)	( ASCII_ALNUM(c) || (c) == '\'' || \
	(c) == '(' || (c) == ')' || (c) == '+' || (c) == ',' || \
	(c) == '-' || (c) == '.' || (c) == '/' || (c) == ':' || \
185
	(c) == '?' || (c) == ' ' || (c) == '=' )
186
187
#define SLAP_PRINTABLES(c)	( SLAP_PRINTABLE(c) || (c) == '$' )

188
189
/* must match in schema_init.c */
#define SLAPD_DN_SYNTAX			"1.3.6.1.4.1.1466.115.121.1.12"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
190
#define SLAPD_NAMEUID_SYNTAX	"1.3.6.1.4.1.1466.115.121.1.34"
191
#define SLAPD_INTEGER_SYNTAX	"1.3.6.1.4.1.1466.115.121.1.27"
192
193
194
195
196
#define SLAPD_GROUP_ATTR		"member"
#define SLAPD_GROUP_CLASS		"groupOfNames"
#define SLAPD_ROLE_ATTR			"roleOccupant"
#define SLAPD_ROLE_CLASS		"organizationalRole"

197
198
#define SLAPD_TOP_OID			"2.5.6.0"

Howard Chu's avatar
Howard Chu committed
199
LDAP_SLAPD_V (int) slap_debug;
200

201
202
typedef unsigned long slap_mask_t;

203
204
205
206
207
208
209
210
211
212
213
214
/* Security Strength Factor */
typedef unsigned slap_ssf_t;

typedef struct slap_ssf_set {
	slap_ssf_t sss_ssf;
	slap_ssf_t sss_transport;
	slap_ssf_t sss_tls;
	slap_ssf_t sss_sasl;
	slap_ssf_t sss_update_ssf;
	slap_ssf_t sss_update_transport;
	slap_ssf_t sss_update_tls;
	slap_ssf_t sss_update_sasl;
215
	slap_ssf_t sss_simple_bind;
216
} slap_ssf_set_t;
217

218
219
220
221
/* Flags for telling slap_sasl_getdn() what type of identity is being passed */
#define SLAP_GETDN_AUTHCID 2
#define SLAP_GETDN_AUTHZID 4

222
223
224
/*
 * Index types
 */
225
226
227
228
229
230
231
232
233
234
#define SLAP_INDEX_TYPE           0x00FFUL
#define SLAP_INDEX_UNDEFINED      0x0001UL
#define SLAP_INDEX_PRESENT        0x0002UL
#define SLAP_INDEX_EQUALITY       0x0004UL
#define SLAP_INDEX_APPROX         0x0008UL
#define SLAP_INDEX_SUBSTR         0x0010UL
#define SLAP_INDEX_EXTENDED		  0x0020UL

#define SLAP_INDEX_DEFAULT        SLAP_INDEX_EQUALITY

235
#define IS_SLAP_INDEX(mask, type)	(((mask) & (type)) == (type))
236
237
238
239
240
241

#define SLAP_INDEX_SUBSTR_TYPE    0x0F00UL

#define SLAP_INDEX_SUBSTR_INITIAL ( SLAP_INDEX_SUBSTR | 0x0100UL ) 
#define SLAP_INDEX_SUBSTR_ANY     ( SLAP_INDEX_SUBSTR | 0x0200UL )
#define SLAP_INDEX_SUBSTR_FINAL   ( SLAP_INDEX_SUBSTR | 0x0400UL )
242
243
244
245
246
#define SLAP_INDEX_SUBSTR_DEFAULT \
	( SLAP_INDEX_SUBSTR \
	| SLAP_INDEX_SUBSTR_INITIAL \
	| SLAP_INDEX_SUBSTR_ANY \
	| SLAP_INDEX_SUBSTR_FINAL )
247

248
249
250
/* defaults for initial/final substring indices */
#define SLAP_INDEX_SUBSTR_IF_MINLEN_DEFAULT	2
#define SLAP_INDEX_SUBSTR_IF_MAXLEN_DEFAULT	4
251

252
253
254
/* defaults for any substring indices */
#define SLAP_INDEX_SUBSTR_ANY_LEN_DEFAULT		4
#define SLAP_INDEX_SUBSTR_ANY_STEP_DEFAULT		2
255

256
257
258
/* default for ordered integer index keys */
#define SLAP_INDEX_INTLEN_DEFAULT	4

259
260
#define SLAP_INDEX_FLAGS         0xF000UL
#define SLAP_INDEX_NOSUBTYPES    0x1000UL /* don't use index w/ subtypes */
261
#define SLAP_INDEX_NOTAGS        0x2000UL /* don't use index w/ tags */
262
263
264
265
266
267
268
269

/*
 * there is a single index for each attribute.  these prefixes ensure
 * that there is no collision among keys.
 */
#define SLAP_INDEX_EQUALITY_PREFIX	'=' 	/* prefix for equality keys     */
#define SLAP_INDEX_APPROX_PREFIX	'~'		/* prefix for approx keys       */
#define SLAP_INDEX_SUBSTR_PREFIX	'*'		/* prefix for substring keys    */
270
271
#define SLAP_INDEX_SUBSTR_INITIAL_PREFIX '^'
#define SLAP_INDEX_SUBSTR_FINAL_PREFIX '$'
272
#define SLAP_INDEX_CONT_PREFIX		'.'		/* prefix for continuation keys */
273

274
275
276
277
#define SLAP_SYNTAX_MATCHINGRULES_OID	 "1.3.6.1.4.1.1466.115.121.1.30"
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID	 "1.3.6.1.4.1.1466.115.121.1.3"
#define SLAP_SYNTAX_OBJECTCLASSES_OID	 "1.3.6.1.4.1.1466.115.121.1.37"
#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31"
278
#define SLAP_SYNTAX_CONTENTRULE_OID	 "1.3.6.1.4.1.1466.115.121.1.16"
279

280
281
282
/*
 * represents schema information for a database
 */
283
284
285
286
287
288
enum {
	SLAP_SCHERR_OUTOFMEM = 1,
	SLAP_SCHERR_CLASS_NOT_FOUND,
	SLAP_SCHERR_CLASS_BAD_USAGE,
	SLAP_SCHERR_CLASS_BAD_SUP,
	SLAP_SCHERR_CLASS_DUP,
289
	SLAP_SCHERR_CLASS_INCONSISTENT,
290
291
292
293
294
295
296
297
298
299
300
301
	SLAP_SCHERR_ATTR_NOT_FOUND,
	SLAP_SCHERR_ATTR_BAD_MR,
	SLAP_SCHERR_ATTR_BAD_USAGE,
	SLAP_SCHERR_ATTR_BAD_SUP,
	SLAP_SCHERR_ATTR_INCOMPLETE,
	SLAP_SCHERR_ATTR_DUP,
	SLAP_SCHERR_ATTR_INCONSISTENT,
	SLAP_SCHERR_MR_NOT_FOUND,
	SLAP_SCHERR_MR_INCOMPLETE,
	SLAP_SCHERR_MR_DUP,
	SLAP_SCHERR_SYN_NOT_FOUND,
	SLAP_SCHERR_SYN_DUP,
302
	SLAP_SCHERR_SYN_SUP_NOT_FOUND,
303
304
	SLAP_SCHERR_SYN_SUBST_NOT_SPECIFIED,
	SLAP_SCHERR_SYN_SUBST_NOT_FOUND,
305
306
307
308
309
310
311
312
313
314
315
	SLAP_SCHERR_NO_NAME,
	SLAP_SCHERR_NOT_SUPPORTED,
	SLAP_SCHERR_BAD_DESCR,
	SLAP_SCHERR_OIDM,
	SLAP_SCHERR_CR_DUP,
	SLAP_SCHERR_CR_BAD_STRUCT,
	SLAP_SCHERR_CR_BAD_AUX,
	SLAP_SCHERR_CR_BAD_AT,

	SLAP_SCHERR_LAST
};
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
316

317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
/* forward declarations */
typedef struct Syntax Syntax;
typedef struct MatchingRule MatchingRule;
typedef struct MatchingRuleUse MatchingRuleUse;
typedef struct MatchingRuleAssertion MatchingRuleAssertion;
typedef struct OidMacro OidMacro;
typedef struct ObjectClass ObjectClass;
typedef struct AttributeType AttributeType;
typedef struct AttributeDescription AttributeDescription;
typedef struct AttributeName AttributeName;
typedef struct ContentRule ContentRule;

typedef struct AttributeAssertion AttributeAssertion;
typedef struct SubstringsAssertion SubstringsAssertion;
typedef struct Filter Filter;
typedef struct ValuesReturnFilter ValuesReturnFilter;
typedef struct Attribute Attribute;
#ifdef LDAP_COMP_MATCH
typedef struct ComponentData ComponentData;
typedef struct ComponentFilter ComponentFilter;
#endif

typedef struct Entry Entry;
typedef struct Modification Modification;
typedef struct Modifications Modifications;
typedef struct LDAPModList LDAPModList;

typedef struct BackendInfo BackendInfo;		/* per backend type */
typedef struct BackendDB BackendDB;		/* per backend database */

typedef struct Connection Connection;
typedef struct Operation Operation;
typedef struct SlapReply SlapReply;
/* end of forward declarations */

typedef union Sockaddr {
353
354
355
	struct sockaddr sa_addr;
	struct sockaddr_in sa_in_addr;
#ifdef LDAP_PF_INET6
Kurt Zeilenga's avatar
Kurt Zeilenga committed
356
	struct sockaddr_storage sa_storage;
357
358
359
360
361
362
363
	struct sockaddr_in6 sa_in6_addr;
#endif
#ifdef LDAP_PF_LOCAL
	struct sockaddr_un sa_un_addr;
#endif
} Sockaddr;

364
365
366
367
#ifdef LDAP_PF_INET6
extern int slap_inet4or6;
#endif

368
struct OidMacro {
369
	struct berval som_oid;
Howard Chu's avatar
Howard Chu committed
370
371
	BerVarray som_names;
	BerVarray som_subs;
Howard Chu's avatar
Howard Chu committed
372
373
#define	SLAP_OM_HARDCODE	0x10000U	/* This is hardcoded schema */
	int som_flags;
374
375
	LDAP_STAILQ_ENTRY(OidMacro) som_next;
};
Kurt Zeilenga's avatar
Kurt Zeilenga committed
376

377
typedef int slap_syntax_validate_func LDAP_P((
378
	Syntax *syntax,
379
380
	struct berval * in));

Kurt Zeilenga's avatar
Kurt Zeilenga committed
381
typedef int slap_syntax_transform_func LDAP_P((
382
	Syntax *syntax,
383
	struct berval * in,
Howard Chu's avatar
Howard Chu committed
384
385
	struct berval * out,
	void *memctx));
386

387
388
389
390
391
#ifdef LDAP_COMP_MATCH
typedef void* slap_component_transform_func LDAP_P((
	struct berval * in ));
struct ComponentDesc;
#endif
392

393
struct Syntax {
394
	LDAPSyntax			ssyn_syn;
395
396
#define ssyn_oid		ssyn_syn.syn_oid
#define ssyn_desc		ssyn_syn.syn_desc
Kurt Zeilenga's avatar
Kurt Zeilenga committed
397
#define ssyn_extensions	ssyn_syn.syn_extensions
398
399
	/*
	 * Note: the former
400
	ber_len_t	ssyn_oidlen;
401
402
403
404
405
406
407
	 * has been replaced by a struct berval that uses the value
	 * provided by ssyn_syn.syn_oid; a macro that expands to
	 * the bv_len field of the berval is provided for backward
	 * compatibility.  CAUTION: NEVER FREE THE BERVAL
	 */
	struct berval	ssyn_bvoid;
#define	ssyn_oidlen	ssyn_bvoid.bv_len
408

409
	unsigned int ssyn_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
410

411
412
413
414
#define SLAP_SYNTAX_NONE	0x0000U
#define SLAP_SYNTAX_BLOB	0x0001U /* syntax treated as blob (audio) */
#define SLAP_SYNTAX_BINARY	0x0002U /* binary transfer required (certificate) */
#define SLAP_SYNTAX_BER		0x0004U /* stored in BER encoding (certificate) */
415
416
417
#ifdef LDAP_DEVEL
#define SLAP_SYNTAX_HIDE	0x0000U /* publish everything */
#else
418
#define SLAP_SYNTAX_HIDE	0x8000U /* hide (do not publish) */
419
#endif
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
420
#define	SLAP_SYNTAX_HARDCODE	0x10000U	/* This is hardcoded schema */
421

422
423
	Syntax				**ssyn_sups;

424
	slap_syntax_validate_func	*ssyn_validate;
425
	slap_syntax_transform_func	*ssyn_pretty;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
426

427
#ifdef SLAPD_BINARY_CONVERSION
Kurt Zeilenga's avatar
Kurt Zeilenga committed
428
429
430
	/* convert to and from binary */
	slap_syntax_transform_func	*ssyn_ber2str;
	slap_syntax_transform_func	*ssyn_str2ber;
431
#endif
432
433
#ifdef LDAP_COMP_MATCH
	slap_component_transform_func *ssyn_attr2comp;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
434
	struct ComponentDesc* ssync_comp_syntax;
435
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
436

Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
437
	LDAP_STAILQ_ENTRY(Syntax)	ssyn_next;
438
};
439

440
441
442
443
#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
#define slap_syntax_is_blob(s)		slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
#define slap_syntax_is_binary(s)	slap_syntax_is_flag((s),SLAP_SYNTAX_BINARY)
#define slap_syntax_is_ber(s)		slap_syntax_is_flag((s),SLAP_SYNTAX_BER)
444
#define slap_syntax_is_hidden(s)	slap_syntax_is_flag((s),SLAP_SYNTAX_HIDE)
445

446
447
448
typedef struct slap_syntax_defs_rec {
	char *sd_desc;
	int sd_flags;
449
	char **sd_sups;
450
451
452
453
454
455
456
457
	slap_syntax_validate_func *sd_validate;
	slap_syntax_transform_func *sd_pretty;
#ifdef SLAPD_BINARY_CONVERSION
	slap_syntax_transform_func *sd_ber2str;
	slap_syntax_transform_func *sd_str2ber;
#endif
} slap_syntax_defs_rec;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
458
/* X -> Y Converter */
459
460
typedef int slap_mr_convert_func LDAP_P((
	struct berval * in,
Howard Chu's avatar
Howard Chu committed
461
462
	struct berval * out,
	void *memctx ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
463
464
465

/* Normalizer */
typedef int slap_mr_normalize_func LDAP_P((
466
	slap_mask_t use,
467
468
469
470
	Syntax *syntax, /* NULL if in is asserted value */
	MatchingRule *mr,
	struct berval *in,
	struct berval *out,
Howard Chu's avatar
Howard Chu committed
471
	void *memctx ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
472
473

/* Match (compare) function */
474
typedef int slap_mr_match_func LDAP_P((
475
	int *match,
476
	slap_mask_t use,
477
478
479
480
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
	struct berval *value,
	void *assertValue ));
481

482
483
/* Index generation function */
typedef int slap_mr_indexer_func LDAP_P((
484
485
	slap_mask_t use,
	slap_mask_t mask,
486
487
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
488
	struct berval *prefix,
489
	BerVarray values,
Howard Chu's avatar
Howard Chu committed
490
491
	BerVarray *keys,
	void *memctx ));
492

493
494
/* Filter index function */
typedef int slap_mr_filter_func LDAP_P((
495
496
	slap_mask_t use,
	slap_mask_t mask,
497
498
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
499
	struct berval *prefix,
500
	void *assertValue,
Howard Chu's avatar
Howard Chu committed
501
502
	BerVarray *keys,
	void *memctx ));
503

504
struct MatchingRule {
505
	LDAPMatchingRule		smr_mrule;
506
	MatchingRuleUse			*smr_mru;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
507
	/* RFC 4512 string representation */
508
509
510
	struct berval			smr_str;
	/*
	 * Note: the former
511
	 *			ber_len_t	smr_oidlen;
512
513
514
515
516
517
518
519
	 * has been replaced by a struct berval that uses the value
	 * provided by smr_mrule.mr_oid; a macro that expands to
	 * the bv_len field of the berval is provided for backward
	 * compatibility.  CAUTION: NEVER FREE THE BERVAL
	 */
	struct berval			smr_bvoid;
#define	smr_oidlen			smr_bvoid.bv_len

520
	slap_mask_t			smr_usage;
521

522
523
524
#ifdef LDAP_DEVEL
#define SLAP_MR_HIDE			0x0000U
#else
525
#define SLAP_MR_HIDE			0x8000U
526
#endif
527

528
#define SLAP_MR_MUTATION_NORMALIZER	0x4000U
529

Kurt Zeilenga's avatar
Kurt Zeilenga committed
530
#define SLAP_MR_TYPE_MASK		0x0F00U
531
#define SLAP_MR_SUBTYPE_MASK		0x00F0U
Kurt Zeilenga's avatar
Kurt Zeilenga committed
532
#define SLAP_MR_USAGE			0x000FU
533
534

#define SLAP_MR_NONE			0x0000U
Kurt Zeilenga's avatar
Kurt Zeilenga committed
535
536
537
#define SLAP_MR_EQUALITY		0x0100U
#define SLAP_MR_ORDERING		0x0200U
#define SLAP_MR_SUBSTR			0x0400U
538
539
#define SLAP_MR_EXT			0x0800U /* implicitly extensible */
#define	SLAP_MR_ORDERED_INDEX		0x1000U
540
#ifdef LDAP_COMP_MATCH
541
#define SLAP_MR_COMPONENT		0x2000U
542
#endif
543

Kurt Zeilenga's avatar
Kurt Zeilenga committed
544
#define SLAP_MR_EQUALITY_APPROX	( SLAP_MR_EQUALITY | 0x0010U )
545

Kurt Zeilenga's avatar
Kurt Zeilenga committed
546
#define SLAP_MR_SUBSTR_INITIAL	( SLAP_MR_SUBSTR | 0x0010U )
547
#define SLAP_MR_SUBSTR_ANY	( SLAP_MR_SUBSTR | 0x0020U )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
548
#define SLAP_MR_SUBSTR_FINAL	( SLAP_MR_SUBSTR | 0x0040U )
549

Kurt Zeilenga's avatar
Kurt Zeilenga committed
550
551
552
553
554
555
556
557
558
559
560
561
562
563

/*
 * The asserted value, depending on the particular usage,
 * is expected to conform to either the assertion syntax
 * or the attribute syntax.   In some cases, the syntax of
 * the value is known.  If so, these flags indicate which
 * syntax the value is expected to conform to.  If not,
 * neither of these flags is set (until the syntax of the
 * provided value is determined).  If the value is of the
 * attribute syntax, the flag is changed once a value of
 * the assertion syntax is derived from the provided value.
 */
#define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX	0x0001U
#define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX	0x0002U
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
564
565
#define SLAP_MR_VALUE_OF_SYNTAX			(SLAP_MR_VALUE_OF_ASSERTION_SYNTAX|SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX)
#define SLAP_MR_DENORMALIZE			(SLAP_MR_MUTATION_NORMALIZER)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
566
567
568
569
570

#define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
#define SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_ASSERTION_SYNTAX )
571
572
573
574
575
576
#ifdef LDAP_DEBUG
#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_SYNTAX)
#else
#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage )	(1)
#endif
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
577
578
#define SLAP_MR_IS_DENORMALIZE( usage ) \
	((usage) & SLAP_MR_DENORMALIZE )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
579

580
581
582
/* either or both the asserted value or attribute value
 * may be provided in normalized form
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
583
584
#define SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH		0x0004U
#define SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH	0x0008U
585
586

#define SLAP_IS_MR_ASSERTION_SYNTAX_MATCH( usage ) \
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
	(!((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_MATCH))
#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_MATCH( usage ) \
	((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_MATCH)

#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH( usage ) \
	(((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH) \
		== SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH)
#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_NONCONVERTED_MATCH( usage ) \
	(((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH) \
		== SLAP_MR_ATTRIBUTE_SYNTAX_MATCH)

#define SLAP_IS_MR_ASSERTED_VALUE_NORMALIZED_MATCH( usage ) \
	((usage) & SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH )
#define SLAP_IS_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH( usage ) \
	((usage) & SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH )
602

603
	Syntax			*smr_syntax;
604
	slap_mr_convert_func	*smr_convert;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
605
	slap_mr_normalize_func	*smr_normalize;
606
	slap_mr_match_func	*smr_match;
607
	slap_mr_indexer_func	*smr_indexer;
608
	slap_mr_filter_func	*smr_filter;
609

610
	/*
611
	 * null terminated array of syntaxes compatible with this syntax
612
	 * note: when MS_EXT is set, this MUST NOT contain the assertion
Kurt Zeilenga's avatar
Kurt Zeilenga committed
613
	 * syntax of the rule.  When MS_EXT is not set, it MAY.
614
	 */
615
	Syntax			**smr_compat_syntaxes;
616

617
618
619
620
	/*
	 * For equality rules, refers to an associated approximate rule.
	 * For non-equality rules, refers to an associated equality rule.
	 */
621
	MatchingRule	*smr_associated;
622

Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
623
624
#define SLAP_MR_ASSOCIATED(mr,amr)	\
	(((mr) == (amr)) || ((mr)->smr_associated == (amr)))
625

626
	LDAP_SLIST_ENTRY(MatchingRule)	smr_next;
627

628
629
630
#define smr_oid				smr_mrule.mr_oid
#define smr_names			smr_mrule.mr_names
#define smr_desc			smr_mrule.mr_desc
Kurt Zeilenga's avatar
Kurt Zeilenga committed
631
632
#define smr_obsolete		smr_mrule.mr_obsolete
#define smr_syntax_oid		smr_mrule.mr_syntax_oid
633
#define smr_extensions		smr_mrule.mr_extensions
634
};
635

636
struct MatchingRuleUse {
637
638
	LDAPMatchingRuleUse		smru_mruleuse;
	MatchingRule			*smru_mr;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
639
	/* RFC 4512 string representation */
640
641
	struct berval			smru_str;

642
	LDAP_SLIST_ENTRY(MatchingRuleUse) smru_next;
643
644
645
646
647
648
649
650
651
652

#define smru_oid			smru_mruleuse.mru_oid
#define smru_names			smru_mruleuse.mru_names
#define smru_desc			smru_mruleuse.mru_desc
#define smru_obsolete			smru_mruleuse.mru_obsolete
#define smru_applies_oids		smru_mruleuse.mru_applies_oids

#define smru_usage			smru_mr->smr_usage
} /* MatchingRuleUse */ ;

653
654
655
typedef struct slap_mrule_defs_rec {
	char *						mrd_desc;
	slap_mask_t					mrd_usage;
656
	char **						mrd_compat_syntaxes;
657
658
659
660
661
662
	slap_mr_convert_func *		mrd_convert;
	slap_mr_normalize_func *	mrd_normalize;
	slap_mr_match_func *		mrd_match;
	slap_mr_indexer_func *		mrd_indexer;
	slap_mr_filter_func *		mrd_filter;

663
664
	/* For equality rule, this may refer to an associated approximate rule */
	/* For non-equality rule, this may refer to an associated equality rule */
665
666
667
	char *						mrd_associated;
} slap_mrule_defs_rec;

668
typedef int (AttributeTypeSchemaCheckFN)(
669
670
671
	BackendDB *be,
	Entry *e,
	Attribute *attr,
672
673
674
	const char** text,
	char *textbuf, size_t textlen );

675
struct AttributeType {
676
	LDAPAttributeType		sat_atype;
677
	struct berval			sat_cname;
678
679
	AttributeType			*sat_sup;
	AttributeType			**sat_subtypes;
680
	MatchingRule			*sat_equality;
681
	MatchingRule			*sat_approx;
682
683
	MatchingRule			*sat_ordering;
	MatchingRule			*sat_substr;
684
	Syntax				*sat_syntax;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
685

686
	AttributeTypeSchemaCheckFN	*sat_check;
687
688
	char				*sat_oidmacro;	/* attribute OID */
	char				*sat_soidmacro;	/* syntax OID */
689

Kurt Zeilenga's avatar
Kurt Zeilenga committed
690
691
692
#define SLAP_AT_NONE			0x0000U
#define SLAP_AT_ABSTRACT		0x0100U /* cannot be instantiated */
#define SLAP_AT_FINAL			0x0200U /* cannot be subtyped */
693
#ifdef LDAP_DEVEL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
694
#define SLAP_AT_HIDE			0x0000U /* publish everything */
695
#else
Kurt Zeilenga's avatar
Kurt Zeilenga committed
696
#define SLAP_AT_HIDE			0x8000U /* hide attribute */
697
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
698
699
700
#define	SLAP_AT_DYNAMIC			0x0400U	/* dynamically generated */

#define SLAP_AT_MANAGEABLE		0x0800U	/* no-user-mod can be by-passed */
701

702
703
704
705
706
707
708
/* Note: ORDERED values have an ordering specifically set by the
 * user, denoted by the {x} ordering prefix on the values.
 *
 * SORTED values are simply sorted by memcmp. SORTED values can
 * be efficiently located by binary search. ORDERED values have no
 * such advantage. An attribute cannot have both properties.
 */
Howard Chu's avatar
Howard Chu committed
709
710
#define	SLAP_AT_ORDERED_VAL		0x0001U /* values are ordered */
#define	SLAP_AT_ORDERED_SIB		0x0002U /* siblings are ordered */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
711
712
#define	SLAP_AT_ORDERED			0x0003U /* value has order index */

713
714
#define	SLAP_AT_SORTED_VAL		0x0010U	/* values should be sorted */

715
716
#define	SLAP_AT_HARDCODE		0x10000U	/* hardcoded schema */
#define	SLAP_AT_DELETED			0x20000U
Howard Chu's avatar
Howard Chu committed
717

718
	slap_mask_t			sat_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
719

720
	LDAP_STAILQ_ENTRY(AttributeType) sat_next;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
721

722
723
724
#define sat_oid				sat_atype.at_oid
#define sat_names			sat_atype.at_names
#define sat_desc			sat_atype.at_desc
725
#define sat_obsolete			sat_atype.at_obsolete
726
#define sat_sup_oid			sat_atype.at_sup_oid
727
728
729
730
731
732
733
#define sat_equality_oid		sat_atype.at_equality_oid
#define sat_ordering_oid		sat_atype.at_ordering_oid
#define sat_substr_oid			sat_atype.at_substr_oid
#define sat_syntax_oid			sat_atype.at_syntax_oid
#define sat_single_value		sat_atype.at_single_value
#define sat_collective			sat_atype.at_collective
#define sat_no_user_mod			sat_atype.at_no_user_mod
734
#define sat_usage			sat_atype.at_usage
735
#define sat_extensions			sat_atype.at_extensions
Kurt Zeilenga's avatar
Kurt Zeilenga committed
736

737
	AttributeDescription		*sat_ad;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
738
	ldap_pvt_thread_mutex_t		sat_ad_mutex;
739
};
740

741
742
743
#define is_at_operational(at)	((at)->sat_usage)
#define is_at_single_value(at)	((at)->sat_single_value)
#define is_at_collective(at)	((at)->sat_collective)
744
#define is_at_obsolete(at)		((at)->sat_obsolete)
745
746
#define is_at_no_user_mod(at)	((at)->sat_no_user_mod)

747
typedef int (ObjectClassSchemaCheckFN)(
748
749
750
	BackendDB *be,
	Entry *e,
	ObjectClass *oc,
751
752
753
	const char** text,
	char *textbuf, size_t textlen );

754
struct ObjectClass {
755
756
	LDAPObjectClass			soc_oclass;
	struct berval			soc_cname;
757
758
759
	ObjectClass			**soc_sups;
	AttributeType			**soc_required;
	AttributeType			**soc_allowed;
760
	ObjectClassSchemaCheckFN	*soc_check;
761
762
	char				*soc_oidmacro;
	slap_mask_t			soc_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
763
764
765
#define soc_oid				soc_oclass.oc_oid
#define soc_names			soc_oclass.oc_names
#define soc_desc			soc_oclass.oc_desc
766
767
#define soc_obsolete			soc_oclass.oc_obsolete
#define soc_sup_oids			soc_oclass.oc_sup_oids
Kurt Zeilenga's avatar
Kurt Zeilenga committed
768
#define soc_kind			soc_oclass.oc_kind
769
770
771
#define soc_at_oids_must		soc_oclass.oc_at_oids_must
#define soc_at_oids_may			soc_oclass.oc_at_oids_may
#define soc_extensions			soc_oclass.oc_extensions
Kurt Zeilenga's avatar
Kurt Zeilenga committed
772

773
774
	LDAP_STAILQ_ENTRY(ObjectClass)	soc_next;
};
775

776
777
778
779
#define	SLAP_OCF_SET_FLAGS	0x1
#define	SLAP_OCF_CHECK_SUP	0x2
#define	SLAP_OCF_MASK		(SLAP_OCF_SET_FLAGS|SLAP_OCF_CHECK_SUP)

780
781
782
783
784
#define	SLAP_OC_ALIAS		0x0001
#define	SLAP_OC_REFERRAL	0x0002
#define	SLAP_OC_SUBENTRY	0x0004
#define	SLAP_OC_DYNAMICOBJECT	0x0008
#define	SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY	0x0010
785
#define SLAP_OC_GLUE		0x0020
786
787
788
789
#define SLAP_OC_SYNCPROVIDERSUBENTRY		0x0040
#define SLAP_OC_SYNCCONSUMERSUBENTRY		0x0080
#define	SLAP_OC__MASK		0x00FF
#define	SLAP_OC__END		0x0100
790
#define SLAP_OC_OPERATIONAL	0x4000
791
792
793
#ifdef LDAP_DEVEL
#define SLAP_OC_HIDE		0x0000
#else
794
#define SLAP_OC_HIDE		0x8000
795
#endif
Howard Chu's avatar
Howard Chu committed
796
#define	SLAP_OC_HARDCODE	0x10000U	/* This is hardcoded schema */
797
#define	SLAP_OC_DELETED		0x20000U
798

799
800
801
/*
 * DIT content rule
 */
802
struct ContentRule {
803
	LDAPContentRule		scr_crule;
804
805
	ObjectClass		*scr_sclass;
	ObjectClass		**scr_auxiliaries;	/* optional */
806
807
808
	AttributeType		**scr_required;		/* optional */
	AttributeType		**scr_allowed;		/* optional */
	AttributeType		**scr_precluded;	/* optional */
809
810
811
#define scr_oid			scr_crule.cr_oid
#define scr_names		scr_crule.cr_names
#define scr_desc		scr_crule.cr_desc
812
813
814
815
816
817
#define scr_obsolete		scr_crule.cr_obsolete
#define scr_oc_oids_aux		scr_crule.cr_oc_oids_aux
#define scr_at_oids_must	scr_crule.cr_at_oids_must
#define scr_at_oids_may		scr_crule.cr_at_oids_may
#define scr_at_oids_not		scr_crule.cr_at_oids_not

818
819
820
	char			*scr_oidmacro;
#define	SLAP_CR_HARDCODE	0x10000U
	int			scr_flags;
Howard Chu's avatar
Howard Chu committed
821

822
823
	LDAP_STAILQ_ENTRY( ContentRule ) scr_next;
};
824

825
/* Represents a recognized attribute description ( type + options ). */
826
827
828
829
830
struct AttributeDescription {
	AttributeDescription	*ad_next;
	AttributeType		*ad_type;	/* attribute type, must be specified */
	struct berval		ad_cname;	/* canonical name, must be specified */
	struct berval		ad_tags;	/* empty if no tagging options */
831
	unsigned ad_flags;
832
833
834
835
836
#define SLAP_DESC_NONE		0x00U
#define SLAP_DESC_BINARY	0x01U
#define SLAP_DESC_TAG_RANGE	0x80U
#define SLAP_DESC_TEMPORARY	0x1000U
};
837

838
839
840
/* flags to slap_*2undef_ad to register undefined (0, the default)
 * or proxied (SLAP_AD_PROXIED) AttributeDescriptions; the additional
 * SLAP_AD_NOINSERT is to lookup without insert */
841
842
843
844
#define SLAP_AD_UNDEF		0x00U
#define SLAP_AD_PROXIED		0x01U
#define	SLAP_AD_NOINSERT	0x02U

845
846
847
#define	SLAP_AN_OCEXCLUDE	0x01
#define	SLAP_AN_OCINITED	0x02

848
849
850
struct AttributeName {
	struct berval		an_name;
	AttributeDescription	*an_desc;
851
	int			an_flags;
852
853
	ObjectClass		*an_oc;
};
854

855
856
857
#define slap_ad_is_tagged(ad)			( (ad)->ad_tags.bv_len != 0 )
#define slap_ad_is_tag_range(ad)	\
	( ((ad)->ad_flags & SLAP_DESC_TAG_RANGE) ? 1 : 0 )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
858
#define slap_ad_is_binary(ad)		\
859
	( ((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 )
860

861
862
863
864
/*
 * pointers to schema elements used internally
 */
struct slap_internal_schema {
865
	/* objectClass */
866
	ObjectClass *si_oc_top;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
867
	ObjectClass *si_oc_extensibleObject;
868
869
	ObjectClass *si_oc_alias;
	ObjectClass *si_oc_referral;
870
	ObjectClass *si_oc_rootdse;
871
872
	ObjectClass *si_oc_subentry;
	ObjectClass *si_oc_subschema;
873
	ObjectClass *si_oc_collectiveAttributeSubentry;
874
	ObjectClass *si_oc_dynamicObject;
875

876
877
878
	ObjectClass *si_oc_glue;
	ObjectClass *si_oc_syncConsumerSubentry;
	ObjectClass *si_oc_syncProviderSubentry;
879

880
	/* objectClass attribute descriptions */
881
882
	AttributeDescription *si_ad_objectClass;

883
	/* operational attribute descriptions */
884
	AttributeDescription *si_ad_structuralObjectClass;
885
886
887
888
	AttributeDescription *si_ad_creatorsName;
	AttributeDescription *si_ad_createTimestamp;
	AttributeDescription *si_ad_modifiersName;
	AttributeDescription *si_ad_modifyTimestamp;
889
	AttributeDescription *si_ad_hasSubordinates;
890
	AttributeDescription *si_ad_subschemaSubentry;
891
	AttributeDescription *si_ad_collectiveSubentries;
892
	AttributeDescription *si_ad_collectiveExclusions;
893
	AttributeDescription *si_ad_entryDN;
894
895
	AttributeDescription *si_ad_entryUUID;
	AttributeDescription *si_ad_entryCSN;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
896
	AttributeDescription *si_ad_namingCSN;
897

898
899
	AttributeDescription *si_ad_dseType;
	AttributeDescription *si_ad_syncreplCookie;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
900
	AttributeDescription *si_ad_syncTimestamp;
Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
901
	AttributeDescription *si_ad_contextCSN;
902

903
	/* root DSE attribute descriptions */
904
	AttributeDescription *si_ad_altServer;
905
906
907
908
909
	AttributeDescription *si_ad_namingContexts;
	AttributeDescription *si_ad_supportedControl;
	AttributeDescription *si_ad_supportedExtension;
	AttributeDescription *si_ad_supportedLDAPVersion;
	AttributeDescription *si_ad_supportedSASLMechanisms;
910
	AttributeDescription *si_ad_supportedFeatures;
911
	AttributeDescription *si_ad_monitorContext;
912
913
	AttributeDescription *si_ad_vendorName;
	AttributeDescription *si_ad_vendorVersion;
914
	AttributeDescription *si_ad_configContext;
915
916
917
918

	/* subentry attribute descriptions */
	AttributeDescription *si_ad_administrativeRole;
	AttributeDescription *si_ad_subtreeSpecification;
919

920
	/* subschema subentry attribute descriptions */
921
	AttributeDescription *si_ad_attributeTypes;
922
923
	AttributeDescription *si_ad_ditContentRules;
	AttributeDescription *si_ad_ditStructureRules;
924
925
	AttributeDescription *si_ad_ldapSyntaxes;
	AttributeDescription *si_ad_matchingRules;
926
	AttributeDescription *si_ad_matchingRuleUse;
927
928
	AttributeDescription *si_ad_nameForms;
	AttributeDescription *si_ad_objectClasses;
929
930
931
932
933

	/* Aliases & Referrals */
	AttributeDescription *si_ad_aliasedObjectName;
	AttributeDescription *si_ad_ref;

934
	/* Access Control Internals */
935
936
	AttributeDescription *si_ad_entry;
	AttributeDescription *si_ad_children;
937
938
	AttributeDescription *si_ad_saslAuthzTo;
	AttributeDescription *si_ad_saslAuthzFrom;
939

940
941
942
943
	/* dynamic entries */
	AttributeDescription *si_ad_entryTtl;
	AttributeDescription *si_ad_dynamicSubtrees;

944
	/* Other attributes descriptions */
945
	AttributeDescription *si_ad_distinguishedName;
946
947
	AttributeDescription *si_ad_name;
	AttributeDescription *si_ad_cn;
948
	AttributeDescription *si_ad_uid;
949
950
	AttributeDescription *si_ad_uidNumber;
	AttributeDescription *si_ad_gidNumber;
951
	AttributeDescription *si_ad_userPassword;
Howard Chu's avatar
Howard Chu committed
952
	AttributeDescription *si_ad_labeledURI;
953
#ifdef SLAPD_AUTHPASSWD
954
	AttributeDescription *si_ad_authPassword;
955
	AttributeDescription *si_ad_authPasswordSchemes;
956
#endif
957
958
	AttributeDescription *si_ad_description;
	AttributeDescription *si_ad_seeAlso;
959

960
961
	/* Undefined Attribute Type */
	AttributeType	*si_at_undefined;
962

963
964
965
	/* "Proxied" Attribute Type */
	AttributeType	*si_at_proxied;

966
967
	/* Matching Rules */
	MatchingRule	*si_mr_distinguishedNameMatch;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
968
969
970
971
	MatchingRule	*si_mr_dnSubtreeMatch;
	MatchingRule	*si_mr_dnOneLevelMatch;
	MatchingRule	*si_mr_dnSubordinateMatch;
	MatchingRule	*si_mr_dnSuperiorMatch;
972
973
	MatchingRule    *si_mr_caseExactMatch;
	MatchingRule    *si_mr_caseExactSubstringsMatch;
974
	MatchingRule    *si_mr_caseExactIA5Match;