slapo-retcode.5 5.83 KB
Newer Older
Pierangelo Masarati's avatar
Pierangelo Masarati committed
1
2
3
4
.TH SLAPO-RETCODE5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 1998-2004 The OpenLDAP Foundation, All Rights Reserved.
.\" Copying restrictions apply.  See the COPYRIGHT file.
.\" Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
Hallvard Furuseth's avatar
Hallvard Furuseth committed
5
.\" $OpenLDAP$
Pierangelo Masarati's avatar
Pierangelo Masarati committed
6
.SH NAME
Hallvard Furuseth's avatar
Hallvard Furuseth committed
7
slapo-retcode \- return code overlay
Pierangelo Masarati's avatar
Pierangelo Masarati committed
8
9
10
11
12
13
14
.SH SYNOPSIS
ETCDIR/slapd.conf
.SH DESCRIPTION
The
.B retcode
overlay to
.BR slapd (8)
Hallvard Furuseth's avatar
Hallvard Furuseth committed
15
is useful to test the behavior of clients when server-generated erroneous
Pierangelo Masarati's avatar
Pierangelo Masarati committed
16
17
18
19
20
21
22
23
and/or unusual responses occur, e.g. error codes, referrals, 
excessive response times and so on.

The error responses are generated according to different strategies.
.LP
In the first case, all operations targeted at a specific configurable
subtree cause the object related to the request DN to be looked up
and checked for return code data: a response code, plus an optional
24
25
textual message, an optional configurable delay, an optional matched DN
field, and, when the response code is "referral", a (list of) referral(s).
Pierangelo Masarati's avatar
Pierangelo Masarati committed
26
27
28
29
30
.LP
Well-known response codes from standard track documents are provided
in \fBretcode.conf\fP, which can be included after instantiating
the overlay.
.LP
31
32
33
34
In the second case, objects of classes inherited from 
the \fBerrAbsObject\fP, like \fBerrObject\fP or \fBerrAuxObject\fP,
when returned as intermediate responses of a search request, are changed
into the response dictated by their content.
Pierangelo Masarati's avatar
Pierangelo Masarati committed
35
36
.LP
A third mode causes objects to be looked up from the underlying database 
37
to discover if their class inherits from \fBerrABsObject\fP;
38
in that case, their content is used to compute the corresponding response.
Pierangelo Masarati's avatar
Pierangelo Masarati committed
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
.LP
The behavior is disabled by using the \fBmanageDSAit\fP control (RFC 3296);
in that case, the resulting object, either present in the directory 
or dynamically generated by the overlay, or contained in the request,
is handled as usual.
.LP 
The config directives that are specific to the
.B retcode
overlay must be prefixed by
.BR retcode\- ,
to avoid conflicts with directives specific to the underlying database
or to other stacked overlays.  The following specific directives 
can be used to configure the retcode overlay: 
.TP
.B retcode\-parent <DN>
This directive defines the parent DN where dynamically generated
entries reside.
If not defined, the suffix of the database is used.
.HP
.hy 0
.B retcode\-item <RDN> <errCode> [op=<oplist>] [text=<message>]
60
.B [ref=<referral>] [sleeptime=<sec>] [matched=<DN>]
Pierangelo Masarati's avatar
Pierangelo Masarati committed
61
62
63
64
65
66
.RS
A dynamically generated entry, located below \fBretcode\-parent\fP.
The \fB<errCode>\fP is the number of the response code;
it can be in any format supported by strtol.
The optional \fB<oplist>\fP is a list of operations that cause
response code generation; if absent, all operations are affected.
67
68
The \fBmatched\fP field is the matched DN that is returned
along with the error.
Pierangelo Masarati's avatar
Pierangelo Masarati committed
69
70
71
72
73
The \fBref\fP field is only allowed for the \fBreferral\fP 
response code.
.RE
.TP
.B retcode\-indir
74
Enables exploitation of in-directory stored errAbsObject.
75
May result in a lot of unnecessary overhead.
Pierangelo Masarati's avatar
Pierangelo Masarati committed
76
77

.SH SCHEMA
78
79
80
81
82
83
84
85
86
87
88
89
90
91
The
.B retcode
overlay utilizes the "return code" schema described herein. 
This schema is specifically designed for use with this
overlay and is not intended to be used otherwise.
It is also noted that the schema describe here is
.I a work in
.IR progress ,
and hence subject to change without notice.
The schema is loaded automatically by the overlay.

The schema includes a number of object classes and associated
attribute types as described below.

Pierangelo Masarati's avatar
Pierangelo Masarati committed
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
.LP
The error code:
.RS 4
(  1.3.6.1.4.1.4203.666.11.4.1.1
    NAME ( 'errCode' )
    DESC 'LDAP error code'
    EQUALITY integerMatch
    ORDERING integerOrderingMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
    SINGLE-VALUE )
.RE
.LP
The operations that trigger the response code:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.1.2
    NAME ( 'errOp' )
    DESC 'Operations the errObject applies to'
    EQUALITY caseIgnoreMatch
    SUBSTR caseIgnoreSubstringsMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
.RE
.LP
The text message:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.1.3
    NAME ( 'errText' )
    DESC 'LDAP error textual description'
    EQUALITY caseIgnoreMatch
    SUBSTR caseIgnoreSubstringsMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
    SINGLE-VALUE )
.RE
.LP
The sleep time before the response is actually returned to the client:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.1.4
    NAME ( 'errSleepTime' )
    DESC 'Time to wait before returning the error'
    EQUALITY integerMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
    SINGLE-VALUE )
.RE
.LP
135
136
137
138
139
140
141
142
143
144
The matched DN returned to the client:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.1.5
    NAME ( 'errMatchedDN' )
    DESC 'Value to be returned as matched DN'
    EQUALITY distinguishedNameMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
    SINGLE-VALUE )
.RE
.LP
145
146
147
148
149
150
The abstract class that triggers the overlay:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.3.0
    NAME ( 'errAbsObject' )
    SUP top ABSTRACT
    MUST ( errCode )
151
152
    MAY ( cn $ description $ errOp $ errText $ errSleepTime
        $ errMatchedDN ) )
153
154
.RE
.LP
155
The standalone structural objectclass for specifically created data:
Pierangelo Masarati's avatar
Pierangelo Masarati committed
156
157
158
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.3.1
    NAME ( 'errObject' )
159
    SUP errAbsObject STRUCTURAL )
Pierangelo Masarati's avatar
Pierangelo Masarati committed
160
.RE
161
162
163
164
165
.LP
The auxiliary objectclass to alter the behavior of existing objects:
.RS 4
( 1.3.6.1.4.1.4203.666.11.4.3.2
    NAME ( 'errAuxObject' )
166
    SUP errAbsObject AUXILIARY )
167
.RE
Pierangelo Masarati's avatar
Pierangelo Masarati committed
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192

.SH EXAMPLE
.LP
.RS
.nf
overlay         retcode
retcode-parent  "ou=RetCodes,dc=example,dc=com"
include         ./retcode.conf

# Wait 10 seconds, then return success (0x00)
retcode-item    "cn=Success after 10 seconds" 0x00 sleeptime=10
# Wait 10 seconds, then return timelimitExceeded (0x03)
retcode-item    "cn=Timelimit after 10 seconds" 0x03 sleeptime=10
.fi
.RE
.LP
.LP

.SH FILES
.TP
ETCDIR/slapd.conf
default slapd configuration file
.SH SEE ALSO
.BR slapd.conf (5),
.BR slapd (8),
Pierangelo Masarati's avatar
Pierangelo Masarati committed
193
194
195
.SH ACKNOWLEDGEMENTS
.P
This module was written in 2005 by Pierangelo Masarati for SysNet s.n.c.