Commit e9c28954 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add support for unsolicited notifications.

parent b8edef2b
......@@ -9,7 +9,7 @@ SRCS = main.c daemon.c connection.c search.c filter.c add.c charray.c \
dn.c compare.c modify.c delete.c modrdn.c ch_malloc.c \
value.c ava.c bind.c unbind.c abandon.c filterentry.c \
phonetic.c acl.c str2filter.c aclparse.c init.c user.c \
repl.c lock.c controls.c \
repl.c lock.c controls.c extended.c \
suffixalias.c schema.c schemaparse.c monitor.c configinfo.c \
root_dse.c module.c
OBJS = main.o daemon.o connection.o search.o filter.o add.o charray.o \
......@@ -17,7 +17,7 @@ OBJS = main.o daemon.o connection.o search.o filter.o add.o charray.o \
dn.o compare.o modify.o delete.o modrdn.o ch_malloc.o \
value.o ava.o bind.o unbind.o abandon.o filterentry.o \
phonetic.o acl.o str2filter.o aclparse.o init.o user.o \
repl.o lock.o controls.o \
repl.o lock.o controls.o extended.o \
suffixalias.o schema.o schemaparse.o monitor.o configinfo.o \
root_dse.o module.o
......
......@@ -40,7 +40,9 @@ do_abandon(
if ( ber_scanf( op->o_ber, "i", &id ) == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "do_abandon: ber_scanf failed\n", 0, 0 ,0 );
return LDAP_PROTOCOL_ERROR;
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
if( (rc = get_ctrls( conn, op, 0 )) != LDAP_SUCCESS ) {
......
......@@ -55,7 +55,7 @@ access_allowed(
e->e_dn, attr, 0 );
/* the lastmod attributes are ignored by ACL checking */
if ( oc_check_operational( attr ) ) {
if ( oc_check_no_usermod_attr( attr ) ) {
Debug( LDAP_DEBUG_ACL, "Operational attribute: %s access allowed\n",
attr, 0, 0 );
return(1);
......@@ -212,7 +212,6 @@ acl_access_allowed(
)
{
int i;
char *odn;
struct access *b;
Attribute *at;
struct berval bv;
......@@ -244,11 +243,9 @@ acl_access_allowed(
return( default_access >= access );
}
odn = op->o_ndn;
if ( odn != NULL ) {
bv.bv_val = odn;
bv.bv_len = strlen( odn );
if ( op->o_ndn != NULL ) {
bv.bv_val = op->o_ndn;
bv.bv_len = strlen( bv.bv_val );
}
for ( i = 1, b = a->acl_access; b != NULL; b = b->a_next, i++ ) {
......@@ -282,7 +279,7 @@ acl_access_allowed(
return ACL_GRANT(b->a_access, access );
}
} else {
if ( regex_matches( b->a_dnpat, odn, edn, matches ) ) {
if ( regex_matches( b->a_dnpat, op->o_ndn, edn, matches ) ) {
Debug( LDAP_DEBUG_ACL,
"<= acl_access_allowed: matched by clause #%d access %s\n",
i, ACL_GRANT(b->a_access, access)
......@@ -365,7 +362,7 @@ acl_access_allowed(
string_expand(buf, sizeof(buf), b->a_group, edn, matches);
(void) dn_normalize_case(buf);
if (backend_group(be, e, buf, odn,
if (backend_group(be, e, buf, op->o_ndn,
b->a_group_oc, b->a_group_at) == 0)
{
Debug( LDAP_DEBUG_ACL,
......@@ -408,7 +405,7 @@ acl_check_modlist(
regmatch_t matches[MAXREMATCHES];
/* the lastmod attributes are ignored by ACL checking */
if ( oc_check_operational( mlist->ml_type ) ) {
if ( oc_check_no_usermod_attr( mlist->ml_type ) ) {
Debug( LDAP_DEBUG_ACL, "Operational attribute: %s access allowed\n",
mlist->ml_type, 0, 0 );
continue;
......
......@@ -57,9 +57,9 @@ do_add( Connection *conn, Operation *op )
/* get the name */
if ( ber_scanf( ber, "{a", /*}*/ &dn ) == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, NULL,
"decoding error" );
return LDAP_PROTOCOL_ERROR;
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
e = (Entry *) ch_calloc( 1, sizeof(Entry) );
......@@ -80,17 +80,17 @@ do_add( Connection *conn, Operation *op )
struct berval **vals;
if ( ber_scanf( ber, "{a{V}}", &type, &vals ) == LBER_ERROR ) {
send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR,
NULL, "decoding error" );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
entry_free( e );
return LDAP_PROTOCOL_ERROR;
return -1;
}
if ( vals == NULL ) {
Debug( LDAP_DEBUG_ANY, "no values for type %s\n", type,
0, 0 );
send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, NULL,
NULL );
send_ldap_result( conn, op,
LDAP_PROTOCOL_ERROR, NULL, "no values for type" );
free( type );
entry_free( e );
return LDAP_PROTOCOL_ERROR;
......@@ -105,9 +105,9 @@ do_add( Connection *conn, Operation *op )
if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) {
entry_free( e );
Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, NULL,
"decoding error" );
return LDAP_PROTOCOL_ERROR;
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
......@@ -186,7 +186,7 @@ add_created_attrs( Operation *op, Entry *e )
/* remove any attempts by the user to add these attrs */
for ( a = &e->e_attrs; *a != NULL; a = next ) {
if ( oc_check_operational( (*a)->a_type ) ) {
if ( oc_check_no_usermod_attr( (*a)->a_type ) ) {
tmp = *a;
*a = (*a)->a_next;
attr_free( tmp );
......@@ -197,7 +197,7 @@ add_created_attrs( Operation *op, Entry *e )
}
if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) {
bv.bv_val = "NULLDN";
bv.bv_val = "<anonymous>";
bv.bv_len = strlen( bv.bv_val );
} else {
bv.bv_val = op->o_dn;
......
......@@ -18,12 +18,12 @@ get_ava(
if ( ber_scanf( ber, "{ao}", &ava->ava_type, &ava->ava_value )
== LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, " get_ava ber_scanf\n", 0, 0, 0 );
return( LDAP_PROTOCOL_ERROR );
return( -1 );
}
attr_normalize( ava->ava_type );
value_normalize( ava->ava_value.bv_val, attr_syntax( ava->ava_type ) );
return( 0 );
return( LDAP_SUCCESS );
}
void
......
......@@ -33,9 +33,9 @@ add_lastmods( Operation *op, LDAPModList **modlist )
/* remove any attempts by the user to modify these attrs */
for ( m = modlist; *m != NULL; m = &(*m)->ml_next ) {
if ( oc_check_operational( (*m)->ml_type ) ) {
if ( oc_check_no_usermod_attr( (*m)->ml_type ) ) {
Debug( LDAP_DEBUG_TRACE,
"add_lastmods: found operational attr: %s\n",
"add_lastmods: found no user mod attr: %s\n",
(*m)->ml_type, 0, 0 );
tmp = *m;
*m = (*m)->ml_next;
......
......@@ -265,7 +265,7 @@ bdb2i_back_search_internal(
if (e) {
switch ( send_search_entry( be, conn, op, e,
attrs, attrsonly ) ) {
attrs, attrsonly, 0 ) ) {
case 0: /* entry sent ok */
nentries++;
break;
......
......@@ -158,7 +158,7 @@ ldap_send_entry(
if (!attr->a_vals)
attr->a_vals = &dummy;
}
send_search_entry( be, lc->conn, op, &ent, attrs, attrsonly );
send_search_entry( be, lc->conn, op, &ent, attrs, attrsonly, 0 );
for (;ent.e_attrs;) {
attr=ent.e_attrs;
ent.e_attrs = attr->a_next;
......
......@@ -33,9 +33,9 @@ add_lastmods( Operation *op, LDAPModList **modlist )
/* remove any attempts by the user to modify these attrs */
for ( m = modlist; *m != NULL; m = &(*m)->ml_next ) {
if ( oc_check_operational( (*m)->ml_type ) ) {
if ( oc_check_no_usermod_attr( (*m)->ml_type ) ) {
Debug( LDAP_DEBUG_TRACE,
"add_lastmods: found operational attr: %s\n",
"add_lastmods: found no user mod attr: %s\n",
(*m)->ml_type, 0, 0 );
tmp = *m;
*m = (*m)->ml_next;
......
......@@ -264,7 +264,7 @@ ldbm_back_search(
}
if (e) {
switch ( send_search_entry( be, conn, op, e,
attrs, attrsonly ) ) {
attrs, attrsonly, 0 ) ) {
case 0: /* entry sent ok */
nentries++;
break;
......
......@@ -139,7 +139,7 @@ passwd_back_search(
return( 0 );
}
send_search_entry( be, conn, op, e, attrs, attrsonly );
send_search_entry( be, conn, op, e, attrs, attrsonly, 0 );
sent++;
}
......@@ -176,7 +176,7 @@ passwd_back_search(
e = pw2entry( be, pw, rdn );
if ( test_filter( be, conn, op, e, filter ) == 0 ) {
send_search_entry( be, conn, op, e, attrs, attrsonly );
send_search_entry( be, conn, op, e, attrs, attrsonly, 0 );
sent++;
}
......
......@@ -91,7 +91,8 @@ perl_back_search(
op,
e,
attrs,
attrsonly );
attrsonly,
0 );
entry_free( e );
}
......
......@@ -59,7 +59,7 @@ read_and_send_results(
buf, 0, 0 );
} else {
send_search_entry( be, conn, op, e, attrs,
attrsonly );
attrsonly, 0 );
entry_free( e );
}
......
/* result.c - tcl backend utility functions
*
* $Id: tcl_util.c,v 1.4 1999/02/19 06:55:20 bcollins Exp $
* $Id: tcl_util.c,v 1.5 1999/02/28 04:55:49 bcollins Exp $
*
* Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
*
......@@ -80,7 +80,7 @@ interp_send_results (
buf, 0, 0);
} else {
send_search_entry (be, conn, op, e, attrs,
attrsonly);
attrsonly, 0 );
entry_free (e);
}
......
......@@ -22,7 +22,6 @@
#include "slap.h"
char *supportedSASLMechanisms[] = {
"X-CRAM-MD5",
"X-DIGEST-MD5",
NULL
};
......@@ -103,8 +102,9 @@ do_bind(
if ( tag == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "bind: ber_scanf failed\n", 0, 0, 0 );
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL,
"decoding error" );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
rc = -1;
goto cleanup;
}
......@@ -131,8 +131,10 @@ do_bind(
}
if ( tag == LBER_ERROR ) {
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL,
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR,
"decoding error" );
rc = -1;
goto cleanup;
}
......@@ -156,8 +158,8 @@ do_bind(
if ( version < LDAP_VERSION_MIN || version > LDAP_VERSION_MAX ) {
Debug( LDAP_DEBUG_ANY, "unknown version %d\n", version, 0, 0 );
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL,
"version not supported" );
send_ldap_result( conn, op,
rc = LDAP_PROTOCOL_ERROR, NULL, "version not supported" );
goto cleanup;
}
......@@ -165,8 +167,9 @@ do_bind(
if ( version < LDAP_VERSION3 ) {
Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%d\n",
version, 0, 0 );
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL,
"sasl bind requires LDAPv3" );
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "sasl bind requires LDAPv3" );
rc = -1;
goto cleanup;
}
......
......@@ -54,8 +54,9 @@ do_compare(
if ( ber_scanf( op->o_ber, "{a{ao}}", &ndn, &ava.ava_type,
&ava.ava_value ) == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL, "" );
return rc;
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
if( ( rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
......
......@@ -63,7 +63,7 @@ config_info( Connection *conn, Operation *op )
attr_merge( e, "database", vals );
}
send_search_entry( &backends[0], conn, op, e, NULL, 0 );
send_search_entry( &backends[0], conn, op, e, NULL, 0, 1 );
send_ldap_search_result( conn, op, LDAP_SUCCESS, NULL, NULL, 1 );
entry_free( e );
......
......@@ -681,18 +681,22 @@ connection_operation( void *arg_v )
rc = do_abandon( conn, arg->co_op );
break;
#if 0
case LDAP_REQ_EXTENDED:
rc = do_extended( conn, arg->co_op );
break;
#endif
default:
Debug( LDAP_DEBUG_ANY, "unknown request 0x%lx\n",
arg->co_op->o_tag, 0, 0 );
Debug( LDAP_DEBUG_ANY, "unknown LDAP request 0x%lx\n",
tag, 0, 0 );
arg->co_op->o_tag = LBER_ERROR;
send_ldap_disconnect( conn, arg->co_op,
LDAP_PROTOCOL_ERROR, "unknown LDAP request" );
rc = -1;
break;
}
if( rc == -1 ) tag = LBER_ERROR;
ldap_pvt_thread_mutex_lock( &num_ops_mutex );
num_ops_completed++;
ldap_pvt_thread_mutex_unlock( &num_ops_mutex );
......@@ -710,6 +714,7 @@ connection_operation( void *arg_v )
arg = NULL;
switch( tag ) {
case LBER_ERROR:
case LDAP_REQ_UNBIND:
/* c_mutex is locked */
connection_closing( conn );
......
......@@ -32,6 +32,7 @@ int get_ctrls(
BerElement *ber = op->o_ber;
LDAPControl ***ctrls = &op->o_ctrls;
int rc = LDAP_SUCCESS;
char *errmsg = NULL;
len = ber_pvt_ber_remaining(ber);
......@@ -43,14 +44,16 @@ int get_ctrls(
if(( tag = ber_peek_tag( ber, &len )) != LDAP_TAG_CONTROLS ) {
if( tag == LBER_ERROR ) {
rc = LDAP_PROTOCOL_ERROR;
rc = -1;
errmsg = "unexpected data in PDU";
}
goto return_results;
}
if( op->o_protocol < LDAP_VERSION3 ) {
rc = LDAP_PROTOCOL_ERROR;
rc = -1;
errmsg = "controls require LDAPv3";
goto return_results;
}
......@@ -61,6 +64,7 @@ int get_ctrls(
#if 0
if( *ctrls == NULL ) {
rc = LDAP_NO_MEMORY;
errmsg = "no memory";
goto return_results;
}
#endif
......@@ -94,6 +98,7 @@ int get_ctrls(
*ctrls = NULL;
rc = LDAP_NO_MEMORY;
errmsg = "no memory";
goto return_results;
}
#endif
......@@ -128,7 +133,8 @@ int get_ctrls(
if( tag == LBER_ERROR ) {
*ctrls = NULL;
ldap_controls_free( tctrls );
rc = LDAP_DECODING_ERROR;
rc = -1;
errmsg = "decoding controls error";
goto return_results;
}
......@@ -136,6 +142,7 @@ int get_ctrls(
!charray_inlist( supportedControls, tctrl->ldctl_oid ) )
{
rc = LDAP_UNAVAILABLE_CRITICAL_EXTENSION;
errmsg = "critical extension is unavailable ";
goto return_results;
}
......@@ -144,7 +151,11 @@ int get_ctrls(
return_results:
if( sendres && rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc, NULL, NULL );
if( rc == -1 ) {
send_ldap_disconnect( conn, op, rc, errmsg );
} else {
send_ldap_result( conn, op, rc, NULL, errmsg );
}
}
return rc;
......
......@@ -47,8 +47,9 @@ do_delete(
if ( ber_scanf( op->o_ber, "a", &ndn ) == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL, "" );
return rc;
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return -1;
}
if( ( rc = get_ctrls( conn, op, 1 ) ) != LDAP_SUCCESS ) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment