Commit 373ded8d authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

add URI list resorting feature (ITS#4524)

parent af5b506e
......@@ -784,6 +784,19 @@ ldap_set_nextref_proc LDAP_P((
LDAP_NEXTREF_PROC *nextref_proc,
void *params ));
/* V3 URLLIST Function Callback Prototype */
typedef int (LDAP_URLLIST_PROC) LDAP_P((
LDAP *ld,
LDAPURLDesc **urllist,
LDAPURLDesc **url,
void *params ));
LDAP_F( int )
ldap_set_urllist_proc LDAP_P((
LDAP *ld,
LDAP_URLLIST_PROC *urllist_proc,
void *params ));
/*
* in controls.c:
*/
......
......@@ -41,10 +41,29 @@ ldap_pvt_url_scheme_port LDAP_P((
struct ldap_url_desc; /* avoid pulling in <ldap.h> */
#define LDAP_PVT_URL_PARSE_NONE (0x00U)
#define LDAP_PVT_URL_PARSE_NOEMPTY_HOST (0x01U)
#define LDAP_PVT_URL_PARSE_DEF_PORT (0x02U)
#define LDAP_PVT_URL_PARSE_NOEMPTY_DN (0x04U)
#define LDAP_PVT_URL_PARSE_NODEF_SCOPE (0x08U)
#define LDAP_PVT_URL_PARSE_HISTORIC (LDAP_PVT_URL_PARSE_NODEF_SCOPE | LDAP_PVT_URL_PARSE_NOEMPTY_HOST | LDAP_PVT_URL_PARSE_DEF_PORT)
LDAP_F( int )
ldap_url_parse_ext LDAP_P((
LDAP_CONST char *url,
struct ldap_url_desc **ludpp ));
struct ldap_url_desc **ludpp,
unsigned flags ));
LDAP_F (int) ldap_url_parselist_ext LDAP_P((
struct ldap_url_desc **ludlist,
const char *url,
const char *sep,
unsigned flags ));
LDAP_F (char *) ldap_url_list2urls LDAP_P((
struct ldap_url_desc *ludlist ));
LDAP_F (void) ldap_free_urllist LDAP_P((
struct ldap_url_desc *ludlist ));
LDAP_F( char * )
ldap_pvt_ctime LDAP_P((
......
......@@ -225,6 +225,8 @@ struct ldapoptions {
void *ldo_rebind_params;
LDAP_NEXTREF_PROC *ldo_nextref_proc;
void *ldo_nextref_params;
LDAP_URLLIST_PROC *ldo_urllist_proc;
void *ldo_urllist_params;
LDAP_BOOLEANS ldo_booleans; /* boolean options */
};
......@@ -339,6 +341,8 @@ struct ldap {
#define ld_rebind_params ld_options.ldo_rebind_params
#define ld_nextref_proc ld_options.ldo_nextref_proc
#define ld_nextref_params ld_options.ldo_nextref_params
#define ld_urllist_proc ld_options.ldo_urllist_proc
#define ld_urllist_params ld_options.ldo_urllist_params
#define ld_version ld_options.ldo_version
......@@ -525,8 +529,8 @@ LDAP_F (ber_int_t) ldap_send_initial_request( LDAP *ld, ber_tag_t msgtype,
LDAP_F (BerElement *) ldap_alloc_ber_with_options( LDAP *ld );
LDAP_F (void) ldap_set_ber_options( LDAP *ld, BerElement *ber );
LDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber, ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc *srvlist, LDAPConn *lc, LDAPreqinfo *bind );
LDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb, int connect, LDAPreqinfo *bind );
LDAP_F (int) ldap_send_server_request( LDAP *ld, BerElement *ber, ber_int_t msgid, LDAPRequest *parentreq, LDAPURLDesc **srvlist, LDAPConn *lc, LDAPreqinfo *bind );
LDAP_F (LDAPConn *) ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb, int connect, LDAPreqinfo *bind );
LDAP_F (LDAPRequest *) ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid );
LDAP_F (void) ldap_free_request( LDAP *ld, LDAPRequest *lr );
LDAP_F (void) ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind );
......@@ -589,11 +593,6 @@ LDAP_F (int) ldap_url_parselist LDAP_P((
LDAPURLDesc **ludlist,
const char *url ));
LDAP_F (int) ldap_url_parselist_ext LDAP_P((
LDAPURLDesc **ludlist,
const char *url,
const char *sep ));
LDAP_F (int) ldap_url_parsehosts LDAP_P((
LDAPURLDesc **ludlist,
const char *hosts,
......@@ -602,12 +601,6 @@ LDAP_F (int) ldap_url_parsehosts LDAP_P((
LDAP_F (char *) ldap_url_list2hosts LDAP_P((
LDAPURLDesc *ludlist ));
LDAP_F (char *) ldap_url_list2urls LDAP_P((
LDAPURLDesc *ludlist ));
LDAP_F (void) ldap_free_urllist LDAP_P((
LDAPURLDesc *ludlist ));
/*
* in cyrus.c
*/
......
......@@ -37,8 +37,14 @@
int ldap_open_defconn( LDAP *ld )
{
#ifdef LDAP_R_COMPILE
ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif /* LDAP_R_COMPILE */
ld->ld_defconn = ldap_new_connection( ld,
ld->ld_options.ldo_defludp, 1, 1, NULL );
&ld->ld_options.ldo_defludp, 1, 1, NULL );
#ifdef LDAP_R_COMPILE
ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif /* LDAP_R_COMPILE */
if( ld->ld_defconn == NULL ) {
ld->ld_errno = LDAP_SERVER_DOWN;
......
......@@ -31,6 +31,9 @@
#define LDAP_OPT_NEXTREF_PROC 0x4e815d
#define LDAP_OPT_NEXTREF_PARAMS 0x4e815e
#define LDAP_OPT_URLLIST_PROC 0x4e816d
#define LDAP_OPT_URLLIST_PARAMS 0x4e816e
static const LDAPAPIFeatureInfo features[] = {
#ifdef LDAP_API_FEATURE_X_OPENLDAP
{ /* OpenLDAP Extensions API Feature */
......@@ -475,7 +478,9 @@ ldap_set_option(
* must want global default returned
* to initial condition.
*/
rc = ldap_url_parselist(&ludlist, "ldap://localhost/");
rc = ldap_url_parselist_ext(&ludlist, "ldap://localhost/", NULL,
LDAP_PVT_URL_PARSE_NOEMPTY_HOST
| LDAP_PVT_URL_PARSE_DEF_PORT );
} else {
/*
......@@ -502,13 +507,17 @@ ldap_set_option(
int rc = LDAP_OPT_SUCCESS;
if(urls != NULL) {
rc = ldap_url_parselist(&ludlist, urls);
rc = ldap_url_parselist_ext(&ludlist, urls, NULL,
LDAP_PVT_URL_PARSE_NOEMPTY_HOST
| LDAP_PVT_URL_PARSE_DEF_PORT );
} else if(ld == NULL) {
/*
* must want global default returned
* to initial condition.
*/
rc = ldap_url_parselist(&ludlist, "ldap://localhost/");
rc = ldap_url_parselist_ext(&ludlist, "ldap://localhost/", NULL,
LDAP_PVT_URL_PARSE_NOEMPTY_HOST
| LDAP_PVT_URL_PARSE_DEF_PORT );
} else {
/*
......@@ -638,6 +647,14 @@ ldap_set_option(
lo->ldo_nextref_params = (void *)invalue;
} return LDAP_OPT_SUCCESS;
/* Only accessed from inside this function by ldap_set_urllist_proc() */
case LDAP_OPT_URLLIST_PROC: {
lo->ldo_urllist_proc = (LDAP_URLLIST_PROC *)invalue;
} return LDAP_OPT_SUCCESS;
case LDAP_OPT_URLLIST_PARAMS: {
lo->ldo_urllist_params = (void *)invalue;
} return LDAP_OPT_SUCCESS;
/* read-only options */
case LDAP_OPT_API_INFO:
case LDAP_OPT_DESC:
......@@ -733,3 +750,14 @@ ldap_set_nextref_proc( LDAP *ld, LDAP_NEXTREF_PROC *proc, void *params )
rc = ldap_set_option( ld, LDAP_OPT_NEXTREF_PARAMS, (void *)params );
return rc;
}
int
ldap_set_urllist_proc( LDAP *ld, LDAP_URLLIST_PROC *proc, void *params )
{
int rc;
rc = ldap_set_option( ld, LDAP_OPT_URLLIST_PROC, (void *)proc );
if( rc != LDAP_OPT_SUCCESS ) return rc;
rc = ldap_set_option( ld, LDAP_OPT_URLLIST_PARAMS, (void *)params );
return rc;
}
......@@ -174,7 +174,7 @@ ldap_send_server_request(
BerElement *ber,
ber_int_t msgid,
LDAPRequest *parentreq,
LDAPURLDesc *srvlist,
LDAPURLDesc **srvlist,
LDAPConn *lc,
LDAPreqinfo *bind )
{
......@@ -190,7 +190,7 @@ ldap_send_server_request(
if ( srvlist == NULL ) {
lc = ld->ld_defconn;
} else {
lc = find_connection( ld, srvlist, 1 );
lc = find_connection( ld, *srvlist, 1 );
if ( lc == NULL ) {
if ( (bind != NULL) && (parentreq != NULL) ) {
/* Remember the bind in the parent */
......@@ -300,11 +300,10 @@ ldap_send_server_request(
}
LDAPConn *
ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
int connect, LDAPreqinfo *bind )
{
LDAPConn *lc;
LDAPURLDesc *srv;
Debug( LDAP_DEBUG_TRACE, "ldap_new_connection %d %d %d\n",
use_ldsb, connect, (bind != NULL) );
......@@ -332,9 +331,17 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
}
if ( connect ) {
for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 )
LDAPURLDesc **srvp, *srv = NULL;
for ( srvp = srvlist; *srvp != NULL; srvp = &(*srvp)->lud_next ) {
if ( ldap_int_open_connection( ld, lc, *srvp, 0 ) != -1 )
{
srv = *srvp;
if ( ld->ld_urllist_proc ) {
ld->ld_urllist_proc( ld, srvlist, srvp, ld->ld_urllist_params );
}
break;
}
}
......@@ -361,11 +368,7 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
#endif
/*
* XXX for now, we always do a synchronous bind. This will have
* to change in the long run...
*/
if ( bind != NULL) {
if ( bind != NULL ) {
int err = 0;
LDAPConn *savedefconn;
......@@ -378,7 +381,7 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
if ( ld->ld_rebind_proc != NULL) {
LDAPURLDesc *srvfunc;
srvfunc = ldap_url_dup( srvlist );
srvfunc = ldap_url_dup( *srvlist );
if ( srvfunc == NULL ) {
ld->ld_errno = LDAP_NO_MEMORY;
err = -1;
......@@ -885,7 +888,7 @@ ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char *
{
/* Parse the referral URL */
rc = ldap_url_parse_ext( refarray[i], &srv );
rc = ldap_url_parse_ext( refarray[i], &srv, LDAP_PVT_URL_PARSE_NOEMPTY_DN );
if ( rc != LDAP_URL_SUCCESS ) {
/* ldap_url_parse_ext() returns LDAP_URL_* errors
* which do not map on API errors */
......@@ -901,12 +904,6 @@ ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char *
goto done;
}
/* treat ldap://hostpart and ldap://hostpart/ the same */
if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) {
LDAP_FREE( srv->lud_dn );
srv->lud_dn = NULL;
}
/* check connection for re-bind in progress */
if (( lc = find_connection( ld, srv, 1 )) != NULL ) {
/* See if we've already requested this DN with this conn */
......@@ -1020,7 +1017,7 @@ ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char *
ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
rc = ldap_send_server_request( ld, ber, id,
origreq, srv, NULL, &rinfo );
origreq, &srv, NULL, &rinfo );
#ifdef LDAP_R_COMPILE
ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
......@@ -1152,7 +1149,7 @@ ldap_chase_referrals( LDAP *ld,
*p++ = '\0';
}
rc = ldap_url_parse_ext( ref, &srv );
rc = ldap_url_parse_ext( ref, &srv, LDAP_PVT_URL_PARSE_NOEMPTY_DN );
if ( rc != LDAP_URL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE,
"ignoring %s referral <%s>\n",
......@@ -1162,11 +1159,6 @@ ldap_chase_referrals( LDAP *ld,
continue;
}
if ( srv->lud_dn != NULL && srv->lud_dn == '\0' ) {
LDAP_FREE( srv->lud_dn );
srv->lud_dn = NULL;
}
Debug( LDAP_DEBUG_TRACE,
"chasing LDAP referral: <%s>\n", ref, 0, 0 );
......@@ -1212,7 +1204,7 @@ ldap_chase_referrals( LDAP *ld,
ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
#endif
rc = ldap_send_server_request( ld, ber, id,
lr, srv, NULL, &rinfo );
lr, &srv, NULL, &rinfo );
#ifdef LDAP_R_COMPILE
ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
#endif
......
......@@ -759,7 +759,7 @@ ldap_url_desc2str( LDAPURLDesc *u )
}
int
ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp, unsigned flags )
{
/*
* Pick apart the pieces of an LDAP URL.
......@@ -772,6 +772,8 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
const char *url_tmp;
char *url;
int check_dn = 1;
if( url_in == NULL || ludpp == NULL ) {
return LDAP_URL_ERR_PARAM;
}
......@@ -825,7 +827,7 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
ludp->lud_port = 0;
ludp->lud_dn = NULL;
ludp->lud_attrs = NULL;
ludp->lud_scope = LDAP_SCOPE_DEFAULT;
ludp->lud_scope = ( flags & LDAP_PVT_URL_PARSE_NODEF_SCOPE ) ? LDAP_SCOPE_BASE : LDAP_SCOPE_DEFAULT;
ludp->lud_filter = NULL;
ludp->lud_exts = NULL;
......@@ -879,6 +881,18 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
}
}
if ( ( flags & LDAP_PVT_URL_PARSE_DEF_PORT ) && ludp->lud_port == 0 ) {
if ( strcmp( ludp->lud_scheme, "ldap" ) == 0 ) {
ludp->lud_port = LDAP_PORT;
#ifdef LDAP_CONNECTIONLESS
} else if ( strcmp( ludp->lud_scheme, "cldap" ) == 0 ) {
ludp->lud_port = LDAP_PORT;
#endif
} else if ( strcmp( ludp->lud_scheme, "ldaps" ) == 0 ) {
ludp->lud_port = LDAPS_PORT;
}
}
ldap_pvt_hex_unescape( url );
/* If [ip address]:port syntax, url is [ip and we skip the [ */
......@@ -890,6 +904,14 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
return LDAP_URL_ERR_MEM;
}
if ( ( flags & LDAP_PVT_URL_PARSE_NOEMPTY_HOST )
&& ludp->lud_host != NULL
&& *ludp->lud_host == '\0' )
{
LDAP_FREE( ludp->lud_host );
ludp->lud_host = NULL;
}
/*
* Kludge. ldap://111.222.333.444:389??cn=abc,o=company
*
......@@ -908,11 +930,15 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
/* parse dn part */
ldap_pvt_hex_unescape( q );
ludp->lud_dn = LDAP_STRDUP( q );
} else {
} else if ( !( flags & LDAP_PVT_URL_PARSE_NOEMPTY_DN ) ) {
ludp->lud_dn = LDAP_STRDUP( "" );
} else {
check_dn = 0;
}
if( ludp->lud_dn == NULL ) {
if ( check_dn && ludp->lud_dn == NULL ) {
LDAP_FREE( url );
ldap_free_urldesc( ludp );
return LDAP_URL_ERR_MEM;
......@@ -938,11 +964,15 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
/* parse dn part */
ldap_pvt_hex_unescape( p );
ludp->lud_dn = LDAP_STRDUP( p );
} else {
} else if ( !( flags & LDAP_PVT_URL_PARSE_NOEMPTY_DN ) ) {
ludp->lud_dn = LDAP_STRDUP( "" );
} else {
check_dn = 0;
}
if( ludp->lud_dn == NULL ) {
if( check_dn && ludp->lud_dn == NULL ) {
LDAP_FREE( url );
ldap_free_urldesc( ludp );
return LDAP_URL_ERR_MEM;
......@@ -1092,34 +1122,7 @@ ldap_url_parse_ext( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
int
ldap_url_parse( LDAP_CONST char *url_in, LDAPURLDesc **ludpp )
{
int rc = ldap_url_parse_ext( url_in, ludpp );
if( rc != LDAP_URL_SUCCESS ) {
return rc;
}
if ((*ludpp)->lud_scope == LDAP_SCOPE_DEFAULT) {
(*ludpp)->lud_scope = LDAP_SCOPE_BASE;
}
if ((*ludpp)->lud_host != NULL && *(*ludpp)->lud_host == '\0') {
LDAP_FREE( (*ludpp)->lud_host );
(*ludpp)->lud_host = NULL;
}
if ((*ludpp)->lud_port == 0) {
if( strcmp((*ludpp)->lud_scheme, "ldap") == 0 ) {
(*ludpp)->lud_port = LDAP_PORT;
#ifdef LDAP_CONNECTIONLESS
} else if( strcmp((*ludpp)->lud_scheme, "cldap") == 0 ) {
(*ludpp)->lud_port = LDAP_PORT;
#endif
} else if( strcmp((*ludpp)->lud_scheme, "ldaps") == 0 ) {
(*ludpp)->lud_port = LDAPS_PORT;
}
}
return rc;
return ldap_url_parse_ext( url_in, ludpp, LDAP_PVT_URL_PARSE_HISTORIC );
}
LDAPURLDesc *
......@@ -1218,8 +1221,8 @@ ldap_url_duplist (LDAPURLDesc *ludlist)
}
static int
ldap_url_parselist_int (LDAPURLDesc **ludlist, const char *url, const char *sep,
int (*url_parse)( const char *, LDAPURLDesc ** ) )
ldap_url_parselist_int (LDAPURLDesc **ludlist, const char *url, const char *sep, unsigned flags )
{
int i, rc;
LDAPURLDesc *ludp;
......@@ -1230,7 +1233,11 @@ ldap_url_parselist_int (LDAPURLDesc **ludlist, const char *url, const char *sep,
*ludlist = NULL;
urls = ldap_str2charray(url, sep);
if ( sep == NULL ) {
sep = ", ";
}
urls = ldap_str2charray( url, sep );
if (urls == NULL)
return LDAP_URL_ERR_MEM;
......@@ -1238,30 +1245,30 @@ ldap_url_parselist_int (LDAPURLDesc **ludlist, const char *url, const char *sep,
for (i = 0; urls[i] != NULL; i++) ;
/* ...and put them in the "stack" backward */
while (--i >= 0) {
rc = url_parse( urls[i], &ludp );
rc = ldap_url_parse_ext( urls[i], &ludp, flags );
if ( rc != 0 ) {
ldap_charray_free(urls);
ldap_free_urllist(*ludlist);
ldap_charray_free( urls );
ldap_free_urllist( *ludlist );
*ludlist = NULL;
return rc;
}
ludp->lud_next = *ludlist;
*ludlist = ludp;
}
ldap_charray_free(urls);
ldap_charray_free( urls );
return LDAP_URL_SUCCESS;
}
int
ldap_url_parselist (LDAPURLDesc **ludlist, const char *url )
{
return ldap_url_parselist_int( ludlist, url, ", ", ldap_url_parse );
return ldap_url_parselist_int( ludlist, url, ", ", LDAP_PVT_URL_PARSE_HISTORIC );
}
int
ldap_url_parselist_ext (LDAPURLDesc **ludlist, const char *url, const char *sep )
ldap_url_parselist_ext (LDAPURLDesc **ludlist, const char *url, const char *sep, unsigned flags )
{
return ldap_url_parselist_int( ludlist, url, sep, ldap_url_parse_ext );
return ldap_url_parselist_int( ludlist, url, sep, flags );
}
int
......
......@@ -54,13 +54,15 @@ typedef struct ldapconn_t {
} \
} while ( 0 )
#define LDAP_BACK_FCONN_ISBOUND (0x01)
#define LDAP_BACK_FCONN_ISANON (0x02)
#define LDAP_BACK_FCONN_ISBOUND (0x00000001U)
#define LDAP_BACK_FCONN_ISANON (0x00000002U)
#define LDAP_BACK_FCONN_ISBMASK (LDAP_BACK_FCONN_ISBOUND|LDAP_BACK_FCONN_ISANON)
#define LDAP_BACK_FCONN_ISPRIV (0x04)
#define LDAP_BACK_FCONN_ISTLS (0x08)
#define LDAP_BACK_FCONN_BINDING (0x10)
#define LDAP_BACK_FCONN_TAINTED (0x20)
#define LDAP_BACK_FCONN_ISPRIV (0x00000004U)
#define LDAP_BACK_FCONN_ISTLS (0x00000008U)
#define LDAP_BACK_FCONN_BINDING (0x00000010U)
#define LDAP_BACK_FCONN_TAINTED (0x00000020U)
/* 0x00FF0000 are reserved for back-meta */
#define LDAP_BACK_CONN_ISBOUND(lc) LDAP_BACK_CONN_ISSET((lc), LDAP_BACK_FCONN_ISBOUND)
#define LDAP_BACK_CONN_ISBOUND_SET(lc) LDAP_BACK_CONN_SET((lc), LDAP_BACK_FCONN_ISBOUND)
......@@ -127,6 +129,11 @@ typedef struct ldapinfo_t {
/* li_bvuri: an array of each single URI that is equivalent;
* to be checked for the presence of a certain item */
BerVarray li_bvuri;
ldap_pvt_thread_mutex_t li_uri_mutex;
LDAP_REBIND_PROC *li_rebind_f;
LDAP_URLLIST_PROC *li_urllist_f;
void *li_urllist_p;
slap_bindconf li_acl;
#define li_acl_authcID li_acl.sb_authcId
......@@ -169,21 +176,23 @@ typedef struct ldapinfo_t {
#define LDAP_BACK_RETRY_DEFAULT (3)
unsigned li_flags;
#define LDAP_BACK_F_NONE 0x00U
#define LDAP_BACK_F_SAVECRED 0x01U
#define LDAP_BACK_F_USE_TLS 0x02U
#define LDAP_BACK_F_PROPAGATE_TLS 0x04U
#define LDAP_BACK_F_TLS_CRITICAL 0x08U
#define LDAP_BACK_F_NONE 0x0000U
#define LDAP_BACK_F_SAVECRED 0x0001U
#define LDAP_BACK_F_USE_TLS 0x0002U
#define LDAP_BACK_F_PROPAGATE_TLS 0x0004U
#define LDAP_BACK_F_TLS_CRITICAL 0x0008U
#define LDAP_BACK_F_TLS_USE_MASK (LDAP_BACK_F_USE_TLS|LDAP_BACK_F_TLS_CRITICAL)
#define LDAP_BACK_F_TLS_PROPAGATE_MASK (LDAP_BACK_F_PROPAGATE_TLS|LDAP_BACK_F_TLS_CRITICAL)
#define LDAP_BACK_F_TLS_MASK (LDAP_BACK_F_TLS_USE_MASK|LDAP_BACK_F_TLS_PROPAGATE_MASK)
#define LDAP_BACK_F_CHASE_REFERRALS 0x10U
#define LDAP_BACK_F_PROXY_WHOAMI 0x20U
#define LDAP_BACK_F_CHASE_REFERRALS 0x0010U
#define LDAP_BACK_F_PROXY_WHOAMI 0x0020U
#define LDAP_BACK_F_SUPPORT_T_F 0x80U
#define LDAP_BACK_F_SUPPORT_T_F_DISCOVER 0x40U
#define LDAP_BACK_F_SUPPORT_T_F_DISCOVER 0x0040U
#define LDAP_BACK_F_SUPPORT_T_F 0x0080U
#define LDAP_BACK_F_SUPPORT_T_F_MASK (LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER)
#define LDAP_BACK_F_MONITOR 0x0100U
#define LDAP_BACK_ISSET(li,f) ( ( (li)->li_flags & (f) ) == (f) )
#define LDAP_BACK_SAVECRED(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_SAVECRED )
#define LDAP_BACK_USE_TLS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_USE_TLS )
......@@ -191,6 +200,7 @@ typedef struct ldapinfo_t {
#define LDAP_BACK_TLS_CRITICAL(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_TLS_CRITICAL )
#define LDAP_BACK_CHASE_REFERRALS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_CHASE_REFERRALS )
#define LDAP_BACK_PROXY_WHOAMI(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_PROXY_WHOAMI )
#define LDAP_BACK_MONITOR(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_MONITOR )
int li_version;
......
......@@ -41,10 +41,6 @@
#define LDAP_CONTROL_OBSOLETE_PROXY_AUTHZ "2.16.840.1.113730.3.4.12"
static LDAP_REBIND_PROC ldap_back_default_rebind;
LDAP_REBIND_PROC *ldap_back_rebind_f = ldap_back_default_rebind;
static int
ldap_back_proxy_authz_bind( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok );
......@@ -103,7 +99,7 @@ ldap_back_bind( Operation *op, SlapReply *rs )
lc->lc_cred.bv_len );
}
ber_bvreplace( &lc->lc_cred, &op->orb_cred );
ldap_set_rebind_proc( lc->lc_ld, ldap_back_rebind_f, lc );
ldap_set_rebind_proc( lc->lc_ld, li->li_rebind_f, lc );
}
}
done:;
......@@ -478,11 +474,17 @@ ldap_back_prepare_conn( ldapconn_t **lcp, Operation *op, SlapReply *rs, ldap_bac
assert( lcp != NULL );
ldap_pvt_thread_mutex_lock( &li->li_uri_mutex );
rs->sr_err = ldap_initialize( &ld, li->li_uri );
ldap_pvt_thread_mutex_unlock( &li->li_uri_mutex );
if ( rs->sr_err != LDAP_SUCCESS ) {
goto error_return;
}
if ( li->li_urllist_f ) {
ldap_set_urllist_proc( ld, li->li_urllist_f, li->li_urllist_p );
}