From 20c5ec953c2de7c4276a4076c9cee23408b7fd04 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Sun, 27 Nov 2005 00:54:32 +0000
Subject: [PATCH] Sync with HEAD
---
configure | 2769 +++++++++++++++++-----
doc/man/man1/ldapsearch.1 | 14 +-
doc/man/man5/slapd.conf.5 | 3 +-
doc/man/man5/slapo-accesslog.5 | 6 +-
doc/man/man5/slapo-chain.5 | 94 +-
doc/man/man5/slapo-pcache.5 | 62 +
libraries/librewrite/config.c | 22 +-
servers/slapd/aci.c | 10 +-
servers/slapd/acl.c | 14 +-
servers/slapd/aclparse.c | 21 +-
servers/slapd/at.c | 66 +-
servers/slapd/back-bdb/config.c | 21 +-
servers/slapd/back-bdb/dn2id.c | 55 +-
servers/slapd/back-bdb/filterindex.c | 5 +-
servers/slapd/back-bdb/idl.c | 6 +-
servers/slapd/back-bdb/init.c | 49 +-
servers/slapd/back-bdb/search.c | 36 +-
servers/slapd/back-bdb/tools.c | 3 +-
servers/slapd/back-ldap/add.c | 8 +-
servers/slapd/back-ldap/back-ldap.h | 97 +-
servers/slapd/back-ldap/bind.c | 265 ++-
servers/slapd/back-ldap/chain.c | 1017 +++++---
servers/slapd/back-ldap/compare.c | 4 +-
servers/slapd/back-ldap/config.c | 1350 ++---------
servers/slapd/back-ldap/delete.c | 8 +-
servers/slapd/back-ldap/extended.c | 10 +-
servers/slapd/back-ldap/init.c | 167 +-
servers/slapd/back-ldap/modify.c | 8 +-
servers/slapd/back-ldap/modrdn.c | 8 +-
servers/slapd/back-ldap/proto-ldap.h | 20 +-
servers/slapd/back-ldap/search.c | 55 +-
servers/slapd/back-ldap/unbind.c | 10 +-
servers/slapd/back-ldbm/config.c | 32 +-
servers/slapd/back-ldbm/init.c | 2 -
servers/slapd/back-ldbm/search.c | 31 +-
servers/slapd/back-meta/back-meta.h | 14 +-
servers/slapd/back-meta/bind.c | 14 +-
servers/slapd/back-meta/candidates.c | 2 -
servers/slapd/back-meta/config.c | 361 +--
servers/slapd/back-meta/conn.c | 38 +-
servers/slapd/back-meta/dncache.c | 26 +-
servers/slapd/back-meta/init.c | 15 +-
servers/slapd/back-meta/search.c | 71 +-
servers/slapd/back-meta/unbind.c | 6 +-
servers/slapd/back-monitor/database.c | 86 +-
servers/slapd/back-monitor/init.c | 6 +-
servers/slapd/back-monitor/search.c | 2 +-
servers/slapd/back-perl/search.c | 12 +-
servers/slapd/back-sql/entry-id.c | 81 +-
servers/slapd/back-sql/schema-map.c | 25 +-
servers/slapd/back-sql/search.c | 66 +-
servers/slapd/back-sql/util.c | 4 +
servers/slapd/backend.c | 2 -
servers/slapd/backglue.c | 23 +-
servers/slapd/backover.c | 18 +-
servers/slapd/bconfig.c | 196 +-
servers/slapd/config.c | 95 +-
servers/slapd/config.h | 13 +
servers/slapd/connection.c | 2 -
servers/slapd/controls.c | 65 +-
servers/slapd/daemon.c | 6 +-
servers/slapd/filter.c | 41 -
servers/slapd/ldapsync.c | 1 -
servers/slapd/limits.c | 76 +-
servers/slapd/main.c | 11 +-
servers/slapd/mods.c | 19 +-
servers/slapd/oc.c | 24 +
servers/slapd/overlays/Makefile.in | 6 +
servers/slapd/overlays/accesslog.c | 107 +-
servers/slapd/overlays/auditlog.c | 8 +-
servers/slapd/overlays/collect.c | 4 +-
servers/slapd/overlays/denyop.c | 4 +-
servers/slapd/overlays/dyngroup.c | 8 +-
servers/slapd/overlays/dynlist.c | 39 +-
servers/slapd/overlays/lastmod.c | 4 +-
servers/slapd/overlays/overlays.c | 106 +-
servers/slapd/overlays/pcache.c | 254 +-
servers/slapd/overlays/ppolicy.c | 62 +-
servers/slapd/overlays/refint.c | 4 +-
servers/slapd/overlays/retcode.c | 20 +-
servers/slapd/overlays/rwm.c | 4 +-
servers/slapd/overlays/seqmod.c | 4 +-
servers/slapd/overlays/syncprov.c | 47 +-
servers/slapd/overlays/translucent.c | 11 +-
servers/slapd/overlays/unique.c | 96 +-
servers/slapd/overlays/valsort.c | 4 +-
servers/slapd/proto-slap.h | 4 +-
servers/slapd/result.c | 51 +-
servers/slapd/sasl.c | 42 +-
servers/slapd/saslauthz.c | 2 -
servers/slapd/schema_prep.c | 1 +
servers/slapd/schemaparse.c | 1 +
servers/slapd/search.c | 10 +-
servers/slapd/shell-backends/shellutil.c | 21 +-
servers/slapd/slap.h | 106 +-
servers/slapd/slapcommon.c | 41 +-
servers/slapd/syncrepl.c | 313 ++-
servers/slapd/user.c | 23 +-
servers/slapd/value.c | 2 +-
tests/data/meta.out | 21 +
tests/data/proxycache.out | 23 +-
tests/data/slapd-chain1.conf | 8 +-
tests/data/slapd-chain2.conf | 7 +-
tests/data/slapd-unique.conf | 2 +-
tests/progs/slapd-addel.c | 17 +-
tests/progs/slapd-bind.c | 8 +-
tests/progs/slapd-modify.c | 17 +-
tests/progs/slapd-modrdn.c | 17 +-
tests/progs/slapd-read.c | 17 +-
tests/progs/slapd-search.c | 17 +-
tests/progs/slapd-tester.c | 5 +-
tests/run.in | 7 +-
tests/scripts/conf.sh | 1 +
tests/scripts/test004-modify | 29 +
tests/scripts/test020-proxycache | 21 +-
tests/scripts/test024-unique | 4 +-
tests/scripts/test035-meta | 27 +
tests/scripts/test043-delta-syncrepl | 13 -
118 files changed, 5726 insertions(+), 3713 deletions(-)
diff --git a/configure b/configure
index 46d44a87c9..c08f2ae492 100755
--- a/configure
+++ b/configure
@@ -1,5 +1,5 @@
#! /bin/sh
-# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.560.2.16 2005/11/03 18:02:53 kurt Exp .
+# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.560.2.18 2005/11/26 17:01:54 kurt Exp .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.59.
#
@@ -1551,6 +1551,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
ac_aux_dir=
@@ -5686,7 +5687,7 @@ ia64-*-hpux*)
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 5689 "configure"' > conftest.$ac_ext
+ echo '#line 5690 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -7666,11 +7667,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7669: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7670: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:7673: \$? = $ac_status" >&5
+ echo "$as_me:7674: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -7928,11 +7929,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7931: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7932: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:7935: \$? = $ac_status" >&5
+ echo "$as_me:7936: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -7990,11 +7991,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7993: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7994: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:7997: \$? = $ac_status" >&5
+ echo "$as_me:7998: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -10238,7 +10239,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 10241 "configure"
+#line 10242 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -10336,7 +10337,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 10339 "configure"
+#line 10340 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -27831,14 +27832,385 @@ echo "${ECHO_T}$ol_cv_header_db1" >&6
if test $ol_cv_header_db1 = yes ; then
ol_cv_lib_db=no
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (default)" >&5
-echo $ECHO_N "checking for Berkeley DB link (default)... $ECHO_C" >&6
-if test "${ol_cv_db_none+set}" = set; then
+
+echo "$as_me:$LINENO: checking for Berkeley DB major version" >&5
+echo $ECHO_N "checking for Berkeley DB major version... $ECHO_C" >&6
+if test "${ol_cv_bdb_major+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=
+ ol_cv_bdb_major=0
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 4
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=4
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 3
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=3
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 2
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=2
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 1
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=1
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+
+ if test $ol_cv_bdb_major = 0 ; then
+ { { echo "$as_me:$LINENO: error: Unknown Berkeley DB major version" >&5
+echo "$as_me: error: Unknown Berkeley DB major version" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_bdb_major" >&5
+echo "${ECHO_T}$ol_cv_bdb_major" >&6
+
+echo "$as_me:$LINENO: checking for Berkeley DB minor version" >&5
+echo $ECHO_N "checking for Berkeley DB minor version... $ECHO_C" >&6
+if test "${ol_cv_bdb_minor+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_cv_bdb_minor=0
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 9
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=9
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 8
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=8
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 7
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=7
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 6
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=6
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 5
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=5
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 4
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=4
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 3
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=3
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 2
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=2
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 1
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=1
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_bdb_minor" >&5
+echo "${ECHO_T}$ol_cv_bdb_minor" >&6
+
+if test $ol_cv_bdb_major = 4 ; then
+ if test $ol_cv_bdb_minor = 4 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb44)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb44)... $ECHO_C" >&6
+if test "${ol_cv_db_db44+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb44
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -27919,12 +28291,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_none=yes
+ ol_cv_db_db44=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_none=no
+ol_cv_db_db44=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -27932,22 +28304,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_none" >&5
-echo "${ECHO_T}$ol_cv_db_none" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db44" >&5
+echo "${ECHO_T}$ol_cv_db_db44" >&6
- if test $ol_cv_db_none = yes ; then
- ol_cv_lib_db=yes
+ if test $ol_cv_db_db44 = yes ; then
+ ol_cv_lib_db=-ldb44
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb43)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb43)... $ECHO_C" >&6
-if test "${ol_cv_db_db43+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-44)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-44)... $ECHO_C" >&6
+if test "${ol_cv_db_db_44+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb43
+ ol_DB_LIB=-ldb-44
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28028,12 +28400,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db43=yes
+ ol_cv_db_db_44=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db43=no
+ol_cv_db_db_44=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28041,22 +28413,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db43" >&5
-echo "${ECHO_T}$ol_cv_db_db43" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_44" >&5
+echo "${ECHO_T}$ol_cv_db_db_44" >&6
- if test $ol_cv_db_db43 = yes ; then
- ol_cv_lib_db=-ldb43
+ if test $ol_cv_db_db_44 = yes ; then
+ ol_cv_lib_db=-ldb-44
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-43)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-43)... $ECHO_C" >&6
-if test "${ol_cv_db_db_43+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4.4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_dot_4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-43
+ ol_DB_LIB=-ldb-4.4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28137,12 +28509,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_43=yes
+ ol_cv_db_db_4_dot_4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_43=no
+ol_cv_db_db_4_dot_4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28150,22 +28522,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_43" >&5
-echo "${ECHO_T}$ol_cv_db_db_43" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_dot_4" >&6
- if test $ol_cv_db_db_43 = yes ; then
- ol_cv_lib_db=-ldb-43
+ if test $ol_cv_db_db_4_dot_4 = yes ; then
+ ol_cv_lib_db=-ldb-4.4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4.3)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_dot_3+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4-4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4.3
+ ol_DB_LIB=-ldb-4-4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28246,12 +28618,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_dot_3=yes
+ ol_cv_db_db_4_4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_dot_3=no
+ol_cv_db_db_4_4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28259,22 +28631,23 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_3" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_dot_3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_4" >&6
- if test $ol_cv_db_db_4_dot_3 = yes ; then
- ol_cv_lib_db=-ldb-4.3
+ if test $ol_cv_db_db_4_4 = yes ; then
+ ol_cv_lib_db=-ldb-4-4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4-3)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_3+set}" = set; then
+ elif test $ol_cv_bdb_minor = 3 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb43)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb43)... $ECHO_C" >&6
+if test "${ol_cv_db_db43+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4-3
+ ol_DB_LIB=-ldb43
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28355,12 +28728,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_3=yes
+ ol_cv_db_db43=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_3=no
+ol_cv_db_db43=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28368,22 +28741,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_3" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db43" >&5
+echo "${ECHO_T}$ol_cv_db_db43" >&6
- if test $ol_cv_db_db_4_3 = yes ; then
- ol_cv_lib_db=-ldb-4-3
+ if test $ol_cv_db_db43 = yes ; then
+ ol_cv_lib_db=-ldb43
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb42)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb42)... $ECHO_C" >&6
-if test "${ol_cv_db_db42+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-43)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-43)... $ECHO_C" >&6
+if test "${ol_cv_db_db_43+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb42
+ ol_DB_LIB=-ldb-43
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28464,12 +28837,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db42=yes
+ ol_cv_db_db_43=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db42=no
+ol_cv_db_db_43=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28477,22 +28850,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db42" >&5
-echo "${ECHO_T}$ol_cv_db_db42" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_43" >&5
+echo "${ECHO_T}$ol_cv_db_db_43" >&6
- if test $ol_cv_db_db42 = yes ; then
- ol_cv_lib_db=-ldb42
+ if test $ol_cv_db_db_43 = yes ; then
+ ol_cv_lib_db=-ldb-43
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-42)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-42)... $ECHO_C" >&6
-if test "${ol_cv_db_db_42+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4.3)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_dot_3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-42
+ ol_DB_LIB=-ldb-4.3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28573,12 +28946,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_42=yes
+ ol_cv_db_db_4_dot_3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_42=no
+ol_cv_db_db_4_dot_3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28586,22 +28959,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_42" >&5
-echo "${ECHO_T}$ol_cv_db_db_42" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_3" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_dot_3" >&6
- if test $ol_cv_db_db_42 = yes ; then
- ol_cv_lib_db=-ldb-42
+ if test $ol_cv_db_db_4_dot_3 = yes ; then
+ ol_cv_lib_db=-ldb-4.3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4.2)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_dot_2+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4-3)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4.2
+ ol_DB_LIB=-ldb-4-3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28682,12 +29055,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_dot_2=yes
+ ol_cv_db_db_4_3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_dot_2=no
+ol_cv_db_db_4_3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28695,22 +29068,23 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_2" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_dot_2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_3" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_3" >&6
- if test $ol_cv_db_db_4_dot_2 = yes ; then
- ol_cv_lib_db=-ldb-4.2
+ if test $ol_cv_db_db_4_3 = yes ; then
+ ol_cv_lib_db=-ldb-4-3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4-2)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_2+set}" = set; then
+ elif test $ol_cv_bdb_minor = 2 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb42)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb42)... $ECHO_C" >&6
+if test "${ol_cv_db_db42+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4-2
+ ol_DB_LIB=-ldb42
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28791,12 +29165,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_2=yes
+ ol_cv_db_db42=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_2=no
+ol_cv_db_db42=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28804,22 +29178,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_2" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db42" >&5
+echo "${ECHO_T}$ol_cv_db_db42" >&6
- if test $ol_cv_db_db_4_2 = yes ; then
- ol_cv_lib_db=-ldb-4-2
+ if test $ol_cv_db_db42 = yes ; then
+ ol_cv_lib_db=-ldb42
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-42)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-42)... $ECHO_C" >&6
+if test "${ol_cv_db_db_42+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4
+ ol_DB_LIB=-ldb-42
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -28900,12 +29274,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4=yes
+ ol_cv_db_db_42=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4=no
+ol_cv_db_db_42=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -28913,22 +29287,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4" >&5
-echo "${ECHO_T}$ol_cv_db_db_4" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_42" >&5
+echo "${ECHO_T}$ol_cv_db_db_42" >&6
- if test $ol_cv_db_db_4 = yes ; then
- ol_cv_lib_db=-ldb-4
+ if test $ol_cv_db_db_42 = yes ; then
+ ol_cv_lib_db=-ldb-42
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb4)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb4)... $ECHO_C" >&6
-if test "${ol_cv_db_db4+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4.2)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_dot_2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb4
+ ol_DB_LIB=-ldb-4.2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29009,12 +29383,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db4=yes
+ ol_cv_db_db_4_dot_2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db4=no
+ol_cv_db_db_4_dot_2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -29022,22 +29396,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db4" >&5
-echo "${ECHO_T}$ol_cv_db_db4" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_2" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_dot_2" >&6
- if test $ol_cv_db_db4 = yes ; then
- ol_cv_lib_db=-ldb4
+ if test $ol_cv_db_db_4_dot_2 = yes ; then
+ ol_cv_lib_db=-ldb-4.2
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb)... $ECHO_C" >&6
-if test "${ol_cv_db_db+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4-2)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb
+ ol_DB_LIB=-ldb-4-2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29118,12 +29492,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db=yes
+ ol_cv_db_db_4_2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db=no
+ol_cv_db_db_4_2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -29131,15 +29505,16 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db" >&5
-echo "${ECHO_T}$ol_cv_db_db" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_2" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_2" >&6
- if test $ol_cv_db_db = yes ; then
- ol_cv_lib_db=-ldb
+ if test $ol_cv_db_db_4_2 = yes ; then
+ ol_cv_lib_db=-ldb-4-2
fi
fi
-if test $ol_cv_lib_db = no ; then
+ elif test $ol_cv_bdb_minor = 1 ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb41)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb41)... $ECHO_C" >&6
if test "${ol_cv_db_db41+set}" = set; then
@@ -29248,7 +29623,7 @@ echo "${ECHO_T}$ol_cv_db_db41" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-41)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-41)... $ECHO_C" >&6
if test "${ol_cv_db_db_41+set}" = set; then
@@ -29357,7 +29732,7 @@ echo "${ECHO_T}$ol_cv_db_db_41" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.1)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4.1)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_dot_1+set}" = set; then
@@ -29466,7 +29841,7 @@ echo "${ECHO_T}$ol_cv_db_db_4_dot_1" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-1)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4-1)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_1+set}" = set; then
@@ -29575,14 +29950,15 @@ echo "${ECHO_T}$ol_cv_db_db_4_1" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb3)... $ECHO_C" >&6
-if test "${ol_cv_db_db3+set}" = set; then
+ fi
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb3
+ ol_DB_LIB=-ldb-4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29663,12 +30039,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db3=yes
+ ol_cv_db_db_4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db3=no
+ol_cv_db_db_4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -29676,22 +30052,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db3" >&5
-echo "${ECHO_T}$ol_cv_db_db3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4" >&6
- if test $ol_cv_db_db3 = yes ; then
- ol_cv_lib_db=-ldb3
+ if test $ol_cv_db_db_4 = yes ; then
+ ol_cv_lib_db=-ldb-4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-3)... $ECHO_C" >&6
-if test "${ol_cv_db_db_3+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb4)... $ECHO_C" >&6
+if test "${ol_cv_db_db4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-3
+ ol_DB_LIB=-ldb4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29772,12 +30148,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_3=yes
+ ol_cv_db_db4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_3=no
+ol_cv_db_db4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -29785,22 +30161,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_3" >&5
-echo "${ECHO_T}$ol_cv_db_db_3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db4" >&5
+echo "${ECHO_T}$ol_cv_db_db4" >&6
- if test $ol_cv_db_db_3 = yes ; then
- ol_cv_lib_db=-ldb-3
+ if test $ol_cv_db_db4 = yes ; then
+ ol_cv_lib_db=-ldb4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb2)... $ECHO_C" >&6
-if test "${ol_cv_db_db2+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb)... $ECHO_C" >&6
+if test "${ol_cv_db_db+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb2
+ ol_DB_LIB=-ldb
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29881,12 +30257,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db2=yes
+ ol_cv_db_db=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db2=no
+ol_cv_db_db=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -29894,22 +30270,24 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db2" >&5
-echo "${ECHO_T}$ol_cv_db_db2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db" >&5
+echo "${ECHO_T}$ol_cv_db_db" >&6
- if test $ol_cv_db_db2 = yes ; then
- ol_cv_lib_db=-ldb2
+ if test $ol_cv_db_db = yes ; then
+ ol_cv_lib_db=-ldb
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-2)... $ECHO_C" >&6
-if test "${ol_cv_db_db_2+set}" = set; then
+
+elif test $ol_cv_bdb_major = 3 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb3)... $ECHO_C" >&6
+if test "${ol_cv_db_db3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-2
+ ol_DB_LIB=-ldb3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -29990,12 +30368,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_2=yes
+ ol_cv_db_db3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_2=no
+ol_cv_db_db3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -30003,22 +30381,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_2" >&5
-echo "${ECHO_T}$ol_cv_db_db_2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db3" >&5
+echo "${ECHO_T}$ol_cv_db_db3" >&6
- if test $ol_cv_db_db_2 = yes ; then
- ol_cv_lib_db=-ldb-2
+ if test $ol_cv_db_db3 = yes ; then
+ ol_cv_lib_db=-ldb3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb1)... $ECHO_C" >&6
-if test "${ol_cv_db_db1+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-3)... $ECHO_C" >&6
+if test "${ol_cv_db_db_3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb1
+ ol_DB_LIB=-ldb-3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -30099,12 +30477,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db1=yes
+ ol_cv_db_db_3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db1=no
+ol_cv_db_db_3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -30112,22 +30490,24 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db1" >&5
-echo "${ECHO_T}$ol_cv_db_db1" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_3" >&5
+echo "${ECHO_T}$ol_cv_db_db_3" >&6
- if test $ol_cv_db_db1 = yes ; then
- ol_cv_lib_db=-ldb1
+ if test $ol_cv_db_db_3 = yes ; then
+ ol_cv_lib_db=-ldb-3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-1)... $ECHO_C" >&6
-if test "${ol_cv_db_db_1+set}" = set; then
+
+elif test $ol_cv_bdb_major = 2 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb2)... $ECHO_C" >&6
+if test "${ol_cv_db_db2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-1
+ ol_DB_LIB=-ldb2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -30208,12 +30588,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_1=yes
+ ol_cv_db_db2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_1=no
+ol_cv_db_db2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -30221,183 +30601,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_1" >&5
-echo "${ECHO_T}$ol_cv_db_db_1" >&6
-
- if test $ol_cv_db_db_1 = yes ; then
- ol_cv_lib_db=-ldb-1
- fi
-fi
-
+echo "$as_me:$LINENO: result: $ol_cv_db_db2" >&5
+echo "${ECHO_T}$ol_cv_db_db2" >&6
- if test "$ol_cv_lib_db" != no ; then
- ol_cv_berkeley_db=yes
- fi
+ if test $ol_cv_db_db2 = yes ; then
+ ol_cv_lib_db=-ldb2
fi
fi
- else
- ol_cv_berkeley_db=no
-
-for ac_header in db.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
- # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -z "$ac_c_werror_flag"
- || test ! -s conftest.err'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
- (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null; then
- if test -s conftest.err; then
- ac_cpp_err=$ac_c_preproc_warn_flag
- ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
- else
- ac_cpp_err=
- fi
-else
- ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- (
- cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to the AC_PACKAGE_NAME lists. ##
-## ------------------------------------------ ##
-_ASBOX
- ) |
- sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-if test $ac_cv_header_db_h = yes; then
- ol_cv_lib_db=no
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (default)" >&5
-echo $ECHO_N "checking for Berkeley DB link (default)... $ECHO_C" >&6
-if test "${ol_cv_db_none+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-2)... $ECHO_C" >&6
+if test "${ol_cv_db_db_2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=
+ ol_DB_LIB=-ldb-2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -30478,12 +30697,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_none=yes
+ ol_cv_db_db_2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_none=no
+ol_cv_db_db_2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -30491,22 +30710,1321 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_none" >&5
-echo "${ECHO_T}$ol_cv_db_none" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_2" >&5
+echo "${ECHO_T}$ol_cv_db_db_2" >&6
- if test $ol_cv_db_none = yes ; then
- ol_cv_lib_db=yes
+ if test $ol_cv_db_db_2 = yes ; then
+ ol_cv_lib_db=-ldb-2
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb43)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb43)... $ECHO_C" >&6
-if test "${ol_cv_db_db43+set}" = set; then
+
+elif test $ol_cv_bdb_major = 1 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb1)... $ECHO_C" >&6
+if test "${ol_cv_db_db1+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb43
+ ol_DB_LIB=-ldb1
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db1=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db1=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db1" >&5
+echo "${ECHO_T}$ol_cv_db_db1" >&6
+
+ if test $ol_cv_db_db1 = yes ; then
+ ol_cv_lib_db=-ldb1
+ fi
+fi
+
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-1)... $ECHO_C" >&6
+if test "${ol_cv_db_db_1+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb-1
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db_1=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db_1=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db_1" >&5
+echo "${ECHO_T}$ol_cv_db_db_1" >&6
+
+ if test $ol_cv_db_db_1 = yes ; then
+ ol_cv_lib_db=-ldb-1
+ fi
+fi
+
+fi
+if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (default)" >&5
+echo $ECHO_N "checking for Berkeley DB link (default)... $ECHO_C" >&6
+if test "${ol_cv_db_none+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_none=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_none=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_none" >&5
+echo "${ECHO_T}$ol_cv_db_none" >&6
+
+ if test $ol_cv_db_none = yes ; then
+ ol_cv_lib_db=yes
+ fi
+fi
+
+
+ if test "$ol_cv_lib_db" != no ; then
+ ol_cv_berkeley_db=yes
+ fi
+ fi
+fi
+
+ else
+ ol_cv_berkeley_db=no
+
+for ac_header in db.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_header_compiler=no
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ (
+ cat <<\_ASBOX
+## ------------------------------------------ ##
+## Report this to the AC_PACKAGE_NAME lists. ##
+## ------------------------------------------ ##
+_ASBOX
+ ) |
+ sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+if test $ac_cv_header_db_h = yes; then
+ ol_cv_lib_db=no
+
+echo "$as_me:$LINENO: checking for Berkeley DB major version" >&5
+echo $ECHO_N "checking for Berkeley DB major version... $ECHO_C" >&6
+if test "${ol_cv_bdb_major+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_cv_bdb_major=0
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 4
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=4
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 3
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=3
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 2
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=2
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_major = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+#if DB_VERSION_MAJOR == 1
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_major=1
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+
+ if test $ol_cv_bdb_major = 0 ; then
+ { { echo "$as_me:$LINENO: error: Unknown Berkeley DB major version" >&5
+echo "$as_me: error: Unknown Berkeley DB major version" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_bdb_major" >&5
+echo "${ECHO_T}$ol_cv_bdb_major" >&6
+
+echo "$as_me:$LINENO: checking for Berkeley DB minor version" >&5
+echo $ECHO_N "checking for Berkeley DB minor version... $ECHO_C" >&6
+if test "${ol_cv_bdb_minor+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_cv_bdb_minor=0
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 9
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=9
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 8
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=8
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 7
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=7
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 6
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=6
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 5
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=5
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 4
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=4
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 3
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=3
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 2
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=2
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+ if test $ol_cv_bdb_minor = 0 ; then
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#include <db.h>
+#ifndef DB_VERSION_MINOR
+# define DB_VERSION_MINOR 0
+#endif
+#if DB_VERSION_MINOR == 1
+__db_version
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "__db_version" >/dev/null 2>&1; then
+ ol_cv_bdb_minor=1
+else
+ :
+fi
+rm -f conftest*
+
+ fi
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_bdb_minor" >&5
+echo "${ECHO_T}$ol_cv_bdb_minor" >&6
+
+if test $ol_cv_bdb_major = 4 ; then
+ if test $ol_cv_bdb_minor = 4 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb44)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb44)... $ECHO_C" >&6
+if test "${ol_cv_db_db44+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb44
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db44=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db44=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db44" >&5
+echo "${ECHO_T}$ol_cv_db_db44" >&6
+
+ if test $ol_cv_db_db44 = yes ; then
+ ol_cv_lib_db=-ldb44
+ fi
+fi
+
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-44)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-44)... $ECHO_C" >&6
+if test "${ol_cv_db_db_44+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb-44
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db_44=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db_44=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db_44" >&5
+echo "${ECHO_T}$ol_cv_db_db_44" >&6
+
+ if test $ol_cv_db_db_44 = yes ; then
+ ol_cv_lib_db=-ldb-44
+ fi
+fi
+
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4.4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_dot_4+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb-4.4
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db_4_dot_4=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db_4_dot_4=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_dot_4" >&6
+
+ if test $ol_cv_db_db_4_dot_4 = yes ; then
+ ol_cv_lib_db=-ldb-4.4
+ fi
+fi
+
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4-4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_4+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb-4-4
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db_4_4=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db_4_4=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_4" >&6
+
+ if test $ol_cv_db_db_4_4 = yes ; then
+ ol_cv_lib_db=-ldb-4-4
+ fi
+fi
+
+ elif test $ol_cv_bdb_minor = 3 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb43)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb43)... $ECHO_C" >&6
+if test "${ol_cv_db_db43+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb43
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -30608,7 +32126,7 @@ echo "${ECHO_T}$ol_cv_db_db43" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-43)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-43)... $ECHO_C" >&6
if test "${ol_cv_db_db_43+set}" = set; then
@@ -30717,7 +32235,7 @@ echo "${ECHO_T}$ol_cv_db_db_43" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.3)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4.3)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_dot_3+set}" = set; then
@@ -30826,7 +32344,7 @@ echo "${ECHO_T}$ol_cv_db_db_4_dot_3" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-3)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4-3)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_3+set}" = set; then
@@ -30935,7 +32453,8 @@ echo "${ECHO_T}$ol_cv_db_db_4_3" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ elif test $ol_cv_bdb_minor = 2 ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb42)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb42)... $ECHO_C" >&6
if test "${ol_cv_db_db42+set}" = set; then
@@ -31044,7 +32563,7 @@ echo "${ECHO_T}$ol_cv_db_db42" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-42)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-42)... $ECHO_C" >&6
if test "${ol_cv_db_db_42+set}" = set; then
@@ -31153,7 +32672,7 @@ echo "${ECHO_T}$ol_cv_db_db_42" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.2)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4.2)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_dot_2+set}" = set; then
@@ -31262,7 +32781,7 @@ echo "${ECHO_T}$ol_cv_db_db_4_dot_2" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
+ if test $ol_cv_lib_db = no ; then
echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-2)" >&5
echo $ECHO_N "checking for Berkeley DB link (-ldb-4-2)... $ECHO_C" >&6
if test "${ol_cv_db_db_4_2+set}" = set; then
@@ -31371,14 +32890,15 @@ echo "${ECHO_T}$ol_cv_db_db_4_2" >&6
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4+set}" = set; then
+ elif test $ol_cv_bdb_minor = 1 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb41)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb41)... $ECHO_C" >&6
+if test "${ol_cv_db_db41+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4
+ ol_DB_LIB=-ldb41
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -31459,12 +32979,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4=yes
+ ol_cv_db_db41=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4=no
+ol_cv_db_db41=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -31472,22 +32992,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4" >&5
-echo "${ECHO_T}$ol_cv_db_db_4" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db41" >&5
+echo "${ECHO_T}$ol_cv_db_db41" >&6
- if test $ol_cv_db_db_4 = yes ; then
- ol_cv_lib_db=-ldb-4
+ if test $ol_cv_db_db41 = yes ; then
+ ol_cv_lib_db=-ldb41
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb4)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb4)... $ECHO_C" >&6
-if test "${ol_cv_db_db4+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-41)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-41)... $ECHO_C" >&6
+if test "${ol_cv_db_db_41+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb4
+ ol_DB_LIB=-ldb-41
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -31568,12 +33088,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db4=yes
+ ol_cv_db_db_41=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db4=no
+ol_cv_db_db_41=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -31581,22 +33101,131 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db4" >&5
-echo "${ECHO_T}$ol_cv_db_db4" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_41" >&5
+echo "${ECHO_T}$ol_cv_db_db_41" >&6
- if test $ol_cv_db_db4 = yes ; then
- ol_cv_lib_db=-ldb4
+ if test $ol_cv_db_db_41 = yes ; then
+ ol_cv_lib_db=-ldb-41
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb)... $ECHO_C" >&6
-if test "${ol_cv_db_db+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4.1)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_dot_1+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb
+ ol_DB_LIB=-ldb-4.1
+ ol_LIBS=$LIBS
+ LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
+
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+#ifdef HAVE_DB_185_H
+# include <db_185.h>
+#else
+# include <db.h>
+#endif
+
+#ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+#endif
+
+#ifndef NULL
+#define NULL ((void*)0)
+#endif
+
+int
+main ()
+{
+
+#if DB_VERSION_MAJOR > 1
+ {
+ char *version;
+ int major, minor, patch;
+
+ version = db_version( &major, &minor, &patch );
+
+ if( major != DB_VERSION_MAJOR ||
+ minor < DB_VERSION_MINOR )
+ {
+ printf("Berkeley DB version mismatch\n"
+ "\theader: %s\n\tlibrary: %s\n",
+ DB_VERSION_STRING, version);
+ return 1;
+ }
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ db_env_create( NULL, 0 );
+#elif DB_VERSION_MAJOR > 1
+ db_appexit( NULL );
+#else
+ (void) dbopen( NULL, 0, 0, 0, NULL);
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ol_cv_db_db_4_dot_1=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ol_cv_db_db_4_dot_1=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+ LIBS="$ol_LIBS"
+
+fi
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_1" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_dot_1" >&6
+
+ if test $ol_cv_db_db_4_dot_1 = yes ; then
+ ol_cv_lib_db=-ldb-4.1
+ fi
+fi
+
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4-1)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4_1+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+ ol_DB_LIB=-ldb-4-1
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -31677,12 +33306,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db=yes
+ ol_cv_db_db_4_1=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db=no
+ol_cv_db_db_4_1=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -31690,22 +33319,23 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db" >&5
-echo "${ECHO_T}$ol_cv_db_db" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4_1" >&5
+echo "${ECHO_T}$ol_cv_db_db_4_1" >&6
- if test $ol_cv_db_db = yes ; then
- ol_cv_lib_db=-ldb
+ if test $ol_cv_db_db_4_1 = yes ; then
+ ol_cv_lib_db=-ldb-4-1
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb41)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb41)... $ECHO_C" >&6
-if test "${ol_cv_db_db41+set}" = set; then
+ fi
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-4)... $ECHO_C" >&6
+if test "${ol_cv_db_db_4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb41
+ ol_DB_LIB=-ldb-4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -31786,12 +33416,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db41=yes
+ ol_cv_db_db_4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db41=no
+ol_cv_db_db_4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -31799,22 +33429,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db41" >&5
-echo "${ECHO_T}$ol_cv_db_db41" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_4" >&5
+echo "${ECHO_T}$ol_cv_db_db_4" >&6
- if test $ol_cv_db_db41 = yes ; then
- ol_cv_lib_db=-ldb41
+ if test $ol_cv_db_db_4 = yes ; then
+ ol_cv_lib_db=-ldb-4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-41)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-41)... $ECHO_C" >&6
-if test "${ol_cv_db_db_41+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb4)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb4)... $ECHO_C" >&6
+if test "${ol_cv_db_db4+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-41
+ ol_DB_LIB=-ldb4
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -31895,12 +33525,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_41=yes
+ ol_cv_db_db4=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_41=no
+ol_cv_db_db4=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -31908,22 +33538,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_41" >&5
-echo "${ECHO_T}$ol_cv_db_db_41" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db4" >&5
+echo "${ECHO_T}$ol_cv_db_db4" >&6
- if test $ol_cv_db_db_41 = yes ; then
- ol_cv_lib_db=-ldb-41
+ if test $ol_cv_db_db4 = yes ; then
+ ol_cv_lib_db=-ldb4
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4.1)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_dot_1+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb)... $ECHO_C" >&6
+if test "${ol_cv_db_db+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4.1
+ ol_DB_LIB=-ldb
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32004,12 +33634,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_dot_1=yes
+ ol_cv_db_db=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_dot_1=no
+ol_cv_db_db=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32017,22 +33647,24 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_1" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_dot_1" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db" >&5
+echo "${ECHO_T}$ol_cv_db_db" >&6
- if test $ol_cv_db_db_4_dot_1 = yes ; then
- ol_cv_lib_db=-ldb-4.1
+ if test $ol_cv_db_db = yes ; then
+ ol_cv_lib_db=-ldb
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-4-1)... $ECHO_C" >&6
-if test "${ol_cv_db_db_4_1+set}" = set; then
+
+elif test $ol_cv_bdb_major = 3 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb3)... $ECHO_C" >&6
+if test "${ol_cv_db_db3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-4-1
+ ol_DB_LIB=-ldb3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32113,12 +33745,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_4_1=yes
+ ol_cv_db_db3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_4_1=no
+ol_cv_db_db3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32126,22 +33758,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_1" >&5
-echo "${ECHO_T}$ol_cv_db_db_4_1" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db3" >&5
+echo "${ECHO_T}$ol_cv_db_db3" >&6
- if test $ol_cv_db_db_4_1 = yes ; then
- ol_cv_lib_db=-ldb-4-1
+ if test $ol_cv_db_db3 = yes ; then
+ ol_cv_lib_db=-ldb3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb3)... $ECHO_C" >&6
-if test "${ol_cv_db_db3+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-3)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-3)... $ECHO_C" >&6
+if test "${ol_cv_db_db_3+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb3
+ ol_DB_LIB=-ldb-3
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32222,12 +33854,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db3=yes
+ ol_cv_db_db_3=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db3=no
+ol_cv_db_db_3=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32235,22 +33867,24 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db3" >&5
-echo "${ECHO_T}$ol_cv_db_db3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_3" >&5
+echo "${ECHO_T}$ol_cv_db_db_3" >&6
- if test $ol_cv_db_db3 = yes ; then
- ol_cv_lib_db=-ldb3
+ if test $ol_cv_db_db_3 = yes ; then
+ ol_cv_lib_db=-ldb-3
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-3)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-3)... $ECHO_C" >&6
-if test "${ol_cv_db_db_3+set}" = set; then
+
+elif test $ol_cv_bdb_major = 2 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb2)... $ECHO_C" >&6
+if test "${ol_cv_db_db2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-3
+ ol_DB_LIB=-ldb2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32331,12 +33965,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_3=yes
+ ol_cv_db_db2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_3=no
+ol_cv_db_db2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32344,22 +33978,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_3" >&5
-echo "${ECHO_T}$ol_cv_db_db_3" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db2" >&5
+echo "${ECHO_T}$ol_cv_db_db2" >&6
- if test $ol_cv_db_db_3 = yes ; then
- ol_cv_lib_db=-ldb-3
+ if test $ol_cv_db_db2 = yes ; then
+ ol_cv_lib_db=-ldb2
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb2)... $ECHO_C" >&6
-if test "${ol_cv_db_db2+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-2)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-2)... $ECHO_C" >&6
+if test "${ol_cv_db_db_2+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb2
+ ol_DB_LIB=-ldb-2
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32440,12 +34074,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db2=yes
+ ol_cv_db_db_2=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db2=no
+ol_cv_db_db_2=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32453,22 +34087,24 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db2" >&5
-echo "${ECHO_T}$ol_cv_db_db2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_2" >&5
+echo "${ECHO_T}$ol_cv_db_db_2" >&6
- if test $ol_cv_db_db2 = yes ; then
- ol_cv_lib_db=-ldb2
+ if test $ol_cv_db_db_2 = yes ; then
+ ol_cv_lib_db=-ldb-2
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-2)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-2)... $ECHO_C" >&6
-if test "${ol_cv_db_db_2+set}" = set; then
+
+elif test $ol_cv_bdb_major = 1 ; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb1)... $ECHO_C" >&6
+if test "${ol_cv_db_db1+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-2
+ ol_DB_LIB=-ldb1
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32549,12 +34185,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_2=yes
+ ol_cv_db_db1=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_2=no
+ol_cv_db_db1=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32562,22 +34198,22 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_2" >&5
-echo "${ECHO_T}$ol_cv_db_db_2" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db1" >&5
+echo "${ECHO_T}$ol_cv_db_db1" >&6
- if test $ol_cv_db_db_2 = yes ; then
- ol_cv_lib_db=-ldb-2
+ if test $ol_cv_db_db1 = yes ; then
+ ol_cv_lib_db=-ldb1
fi
fi
-if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb1)... $ECHO_C" >&6
-if test "${ol_cv_db_db1+set}" = set; then
+ if test $ol_cv_lib_db = no ; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-1)" >&5
+echo $ECHO_N "checking for Berkeley DB link (-ldb-1)... $ECHO_C" >&6
+if test "${ol_cv_db_db_1+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb1
+ ol_DB_LIB=-ldb-1
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32658,12 +34294,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db1=yes
+ ol_cv_db_db_1=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db1=no
+ol_cv_db_db_1=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32671,22 +34307,23 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db1" >&5
-echo "${ECHO_T}$ol_cv_db_db1" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_db_1" >&5
+echo "${ECHO_T}$ol_cv_db_db_1" >&6
- if test $ol_cv_db_db1 = yes ; then
- ol_cv_lib_db=-ldb1
+ if test $ol_cv_db_db_1 = yes ; then
+ ol_cv_lib_db=-ldb-1
fi
fi
+fi
if test $ol_cv_lib_db = no ; then
- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-1)" >&5
-echo $ECHO_N "checking for Berkeley DB link (-ldb-1)... $ECHO_C" >&6
-if test "${ol_cv_db_db_1+set}" = set; then
+ echo "$as_me:$LINENO: checking for Berkeley DB link (default)" >&5
+echo $ECHO_N "checking for Berkeley DB link (default)... $ECHO_C" >&6
+if test "${ol_cv_db_none+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- ol_DB_LIB=-ldb-1
+ ol_DB_LIB=
ol_LIBS=$LIBS
LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS"
@@ -32767,12 +34404,12 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
- ol_cv_db_db_1=yes
+ ol_cv_db_none=yes
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
-ol_cv_db_db_1=no
+ol_cv_db_none=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
@@ -32780,11 +34417,11 @@ rm -f conftest.err conftest.$ac_objext \
LIBS="$ol_LIBS"
fi
-echo "$as_me:$LINENO: result: $ol_cv_db_db_1" >&5
-echo "${ECHO_T}$ol_cv_db_db_1" >&6
+echo "$as_me:$LINENO: result: $ol_cv_db_none" >&5
+echo "${ECHO_T}$ol_cv_db_none" >&6
- if test $ol_cv_db_db_1 = yes ; then
- ol_cv_lib_db=-ldb-1
+ if test $ol_cv_db_none = yes ; then
+ ol_cv_lib_db=yes
fi
fi
@@ -43227,7 +44864,10 @@ cat >>$CONFIG_STATUS <<_ACEOF
#
AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"
+
STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS"
+STATIC_OVERLAYS="$SLAPD_STATIC_OVERLAYS"
+
_ACEOF
@@ -44249,6 +45889,59 @@ ENDX
/* end of generated file */
ENDX
fi
+OVERLAYSC="servers/slapd/overlays/statover.c"
+echo "Making $OVERLAYSC"
+rm -f $OVERLAYSC
+cat > $OVERLAYSC << ENDX
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* This file is automatically generated by configure; please do not edit. */
+
+#include "portable.h"
+#include "slap.h"
+
+ENDX
+if test "${STATIC_OVERLAYS}"; then
+ for o in ${STATIC_OVERLAYS}; do
+ oo=`echo "${o}" | sed -e 's/.o$//' -e 's/_x$//'`
+ cat >> $OVERLAYSC << ENDX
+extern OV_init ${oo}_initialize;
+ENDX
+ done
+fi
+
+cat >> $OVERLAYSC << ENDX
+
+OverlayInit slap_oinfo[] = {
+ENDX
+
+if test "${STATIC_OVERLAYS}"; then
+ for o in ${STATIC_OVERLAYS}; do
+ oo=`echo "${o}" | sed -e 's/.o$//' -e 's/_x$//'`
+ echo " Add ${oo} ..."
+ cat >> $OVERLAYSC << ENDX
+ { "${oo}", ${oo}_initialize },
+ENDX
+ done
+fi
+
+ cat >> $OVERLAYSC << ENDX
+ { NULL, NULL },
+};
+
+/* end of generated file */
+ENDX
echo Please run \"make depend\" to build dependencies
;;
diff --git a/doc/man/man1/ldapsearch.1 b/doc/man/man1/ldapsearch.1
index 628712b01e..d7b82a0366 100644
--- a/doc/man/man1/ldapsearch.1
+++ b/doc/man/man1/ldapsearch.1
@@ -43,7 +43,7 @@ ldapsearch \- LDAP search tool
[\c
.BI \-b \ searchbase\fR]
[\c
-.BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub\fR]
+.BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub\fR\||\|\fIchildren\fR]
[\c
.BI \-a \ never\fR\||\|\fIalways\fR\||\|\fIsearch\fR\||\|\fIfind\fR]
[\c
@@ -183,15 +183,19 @@ Deprecated in favor of -H.
Use \fIsearchbase\fP as the starting point for the search instead of
the default.
.TP
-.BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub
+.BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub\fR\||\|\fIchildren
Specify the scope of the search to be one of
.IR base ,
.IR one ,
+.IR sub ,
or
-.I sub
-to specify a base object, one-level, or subtree search. The default
-is
+.I children
+to specify a base object, one-level, subtree, or children search.
+The default is
.IR sub .
+Note:
+.I children
+scope requires LDAPv3 subordinate feature extension.
.TP
.BI \-a \ never\fR\||\|\fIalways\fR\||\|\fIsearch\fR\||\|\fIfind
Specify how aliases dereferencing is done. Should be one of
diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 580a084765..a552f4db8c 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1758,7 +1758,8 @@ By default it is not built.
.B chain
Chaining.
This overlay allows automatic referral chasing when a referral would
-have been returned.
+have been returned, either when configured by the server or when
+requested by the client.
.TP
.B denyop
Deny Operation.
diff --git a/doc/man/man5/slapo-accesslog.5 b/doc/man/man5/slapo-accesslog.5
index 9e869a2cc5..49d6bb3f38 100644
--- a/doc/man/man5/slapo-accesslog.5
+++ b/doc/man/man5/slapo-accesslog.5
@@ -28,9 +28,9 @@ directive.
.B logdb <suffix>
Specify the suffix of a database to be used for storing the log records.
The specified database must have already been configured in a prior section
-of the config file. The suffix entry of the database must also already
-exist. The log entries will be generated as the immediate children of the
-suffix entry.
+of the config file. The suffix entry of the log database will be created
+automatically by this overlay. The log entries will be generated as the
+immediate children of the suffix entry.
.TP
.B logops <operations>
Specify which types of operations to log. The valid operation types are
diff --git a/doc/man/man5/slapo-chain.5 b/doc/man/man5/slapo-chain.5
index 27f9b5a2ba..96cc0d4904 100644
--- a/doc/man/man5/slapo-chain.5
+++ b/doc/man/man5/slapo-chain.5
@@ -13,7 +13,7 @@ overlay to
.BR slapd (8)
allows automatic referral chasing.
Any time a referral is returned (except for bind operations),
-it is chased by using an instance of the ldap backend.
+it chased by using an instance of the ldap backend.
If operations are performed with an identity (i.e. after a bind),
that identity can be asserted while chasing the referrals
by means of the \fIidentity assertion\fP feature of back-ldap
@@ -21,52 +21,104 @@ by means of the \fIidentity assertion\fP feature of back-ldap
.BR slapd-ldap (5)
for details), which is essentially based on the
.B proxyAuthz
-control (see \fIdraft-weltman-ldapv3-proxy\fP for details).
+control (see \fIdraft-weltman-ldapv3-proxy\fP for details.)
+Referral chasing can be controlled by the client by issuing the
+\fBchaining\fP control
+(see \fIdraft-sermersheim-ldap-chaining\fP for details.)
.LP
The config directives that are specific to the
.B chain
-overlay can be prefixed by
+overlay are prefixed by
.BR chain\- ,
to avoid potential conflicts with directives specific to the underlying
database or to other stacked overlays.
.LP
-There are no chain overlay specific directives; however, directives
-related to the \fIldap\fP database that is implicitly instantiated
-by the overlay may assume a special meaning when used in conjunction
-with this overlay. They are described in
-.BR slapd-ldap (5).
+There are very few chain overlay specific directives; however, directives
+related to the instances of the \fIldap\fP backend that may be implicitly
+instantiated by the overlay may assume a special meaning when used
+in conjunction with this overlay. They are described in
+.BR slapd-ldap (5),
+and they also need be prefixed by
+.BR chain\- .
.TP
.B overlay chain
This directive adds the chain overlay to the current backend.
The chain overlay may be used with any backend, but it is mainly
intended for use with local storage backends that may return referrals.
-It is useless in conjunction with the \fIldap\fP and \fImeta\fP backends
-because they already exploit the libldap specific referral chase feature.
+It is useless in conjunction with the \fIslapd-ldap\fP and \fIslapd-meta\fP
+backends because they already exploit the libldap specific referral chase
+feature.
+[Note: this may change in the future, as the \fBldap\fP(5) and
+\fBmeta\fP(5) backends might no longer chase referrals on their own.]
+.TP
+.B chain-chaining [resolve=<r>] [continuation=<c>] [critical]
+This directive enables the \fIchaining\fP control
+(see \fIdraft-sermersheim-ldap-chaining\fP for details)
+with the desired resolve and continuation behaviors and criticality.
+The \fBresolve\fP parameter refers to the behavior while discovering
+a resource, namely when accessing the object indicated by the request DN;
+the \fBcontinuation\fP parameter refers to the behavior while handling
+intermediate responses, which is mostly significant for the search
+operation, but may affect extended operations that return intermediate
+responses.
+The values \fBr\fP and \fBc\fP can be any of
+.BR chainingPreferred ,
+.BR chainingRequired ,
+.BR referralsPreferred ,
+.BR referralsRequired .
+If the \fBcritical\fP flag affects the control criticality if provided.
+[This control is experimental and its support may change in the future.]
+.TP
+.B chain-cache-uris {FALSE|true}
+This directive instructs the \fIchain\fP overlay to cache
+connections to URIs parsed out of referrals that are not predefined,
+to be reused for later chaining.
.TP
.B chain-uri <ldapuri>
-This directive instructs the underlying ldap database about which
-URI to contact to chase referrals.
-If not present, the referral itself is parsed, and the protocol/host/port
-portions are used to establish a connection.
-
+This directive instantiates a new underlying \fIldap\fP database
+and instructs it about which URI to contact to chase referrals.
+As opposed to what stated in \fBslapd-ldap\fP(5), only one URI
+can appear after this directive; all subsequent \fBslapd-ldap\fP(5)
+directives prefixed by \fBchain-\fP refer to this specific instance
+of a remote server.
.LP
+
Directives for configuring the underlying ldap database may also
-be required, as shown here:
+be required, as shown in this example:
.LP
.RS
.nf
-chain-idassert-method "simple"
-chain-idassert-authcDN "cn=Auth,dc=example,dc=com"
-chain-idassert-passwd "secret"
-chain-idassert-mode "self"
+overlay chain
+chain-rebind-as-user FALSE
+
+chain-uri "ldap://ldap1.example.com"
+chain-rebind-as-user TRUE
+chain-idassert-bind bindmethod="simple"
+ binddn="cn=Auth,dc=example,dc=com"
+ credentials="secret"
+ mode="self"
+
+chain-uri "ldap://ldap2.example.com"
+chain-idassert-bind bindmethod="simple"
+ binddn="cn=Auth,dc=example,dc=com"
+ credentials="secret"
+ mode="none"
+
.fi
.RE
.LP
Any valid directives for the ldap database may be used; see
.BR slapd-ldap (5)
for details.
+Multiple occurrences of the \fBchain-uri\fP directive may appear,
+to define multiple "trusted" URIs where operations with
+\fIidentity assertion\fP are chained.
+All URIs not listed in the configuration are chained anonymously.
+All \fBslapd-ldap\fP(5) directives appearing before the first
+occurrence of \fBchain-uri\fP are inherited by all URIs,
+unless specifically overridden inside each URI configuration.
.SH FILES
.TP
ETCDIR/slapd.conf
@@ -76,4 +128,4 @@ default slapd configuration file
.BR slapd\-ldap (5),
.BR slapd (8).
.SH AUTHOR
-Originally implemented by Howard Chu.
+Originally implemented by Howard Chu; extended by Pierangelo Masarati.
diff --git a/doc/man/man5/slapo-pcache.5 b/doc/man/man5/slapo-pcache.5
index 0a7a733cb9..a0e1bb6370 100644
--- a/doc/man/man5/slapo-pcache.5
+++ b/doc/man/man5/slapo-pcache.5
@@ -93,6 +93,23 @@ at response, it would cache entries that may be later "massaged"
by other databases and thus returned \fIafter\fP massaging the first
time, and \fIbefore\fP massaging when cached.
+.TP
+There are some constraints:
+
+all values must be positive;
+
+.B <entry_limit>
+must be less than or equal to
+.BR <max_entries> ;
+
+.B <numattrsets>
+attribute sets SHOULD be defined by using the directive
+.BR proxyattrset ;
+
+all attribute sets SHOULD be referenced by (at least) one
+.B proxytemplate
+directive;
+
.LP
The following adds a template with filter string \fB((&sn=)(givenName=))\fP
and attributes mail, postaladdress, telephonenumber and a TTL of 1 hour.
@@ -116,7 +133,52 @@ cachesize 100
.RE
.LP
Any valid directives for the chosen database type may be used.
+.SH CAVEATS
+Caching data is prone to inconsistencies because updates on the remote server
+will not be reflected in the response of the cache at least (and at most)
+for the duration of the
+.B proxytemplate
+.BR TTL .
+
+Another potential (and subtle) inconsistency may occur when data is retrieved
+with different identities and specific per-identity access control
+is enforced by the remote server.
+If data was retrieved with an identity that collected only partial results
+because of access rules enforcement on the remote server, other users
+with different access privileges on the remote server will get different
+results from the remote server and from the cache.
+If those users have higher access privileges on the remote server, they will
+get from the cache only a subset of the results they would get directly
+from the remote server; but if they have lower access privileges, they will
+get from the cache a superset of the results they would get directly
+from the remote server.
+Either occurrence may or may not be acceptable, based on the security policy
+of the cache and of the remote server.
+It is important to note that in this case the proxy is violating the security
+of the remote server by disclosing to an identity data that was collected
+by another identity.
+For this reason, it is suggested that, when using
+.BR back-ldap ,
+proxy caching be used in conjunction with the
+.I identity assertion
+feature of
+.BR slapd-ldap (5)
+(see the
+.B idassert-bind
+and the
+.B idassert-authz
+statements), so that remote server interrogation occurs with a vanilla identity
+that has some relatively high
+.B search
+and
+.B read
+access privileges, and the "real" access control is delegated to the proxy's ACLs.
+Beware that since only the cached fraction of the real datum is available
+to the cache, it may not be possible to enforce the same access rules that
+are defined on the remote server.
+When security is a concern, cached proxy access must be carefully tailored.
.SH FILES
+
.TP
ETCDIR/slapd.conf
default slapd configuration file
diff --git a/libraries/librewrite/config.c b/libraries/librewrite/config.c
index b6c729406e..a3956ec923 100644
--- a/libraries/librewrite/config.c
+++ b/libraries/librewrite/config.c
@@ -104,19 +104,33 @@ rewrite_parse(
return -1;
}
- info->li_max_passes = atoi( argv[ 1 ] );
+ if ( lutil_atoi( &info->li_max_passes, argv[ 1 ] ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "[%s:%d] unable to parse rewriteMaxPasses=\"%s\"\n",
+ fname, lineno, argv[ 1 ] );
+ return -1;
+ }
+
if ( info->li_max_passes <= 0 ) {
Debug( LDAP_DEBUG_ANY,
- "[%s:%d] negative or null rewriteMaxPasses'\n",
+ "[%s:%d] negative or null rewriteMaxPasses\n",
fname, lineno, 0 );
+ return -1;
}
if ( argc > 2 ) {
- info->li_max_passes_per_rule = atoi( argv[ 2 ] );
+ if ( lutil_atoi( &info->li_max_passes_per_rule, argv[ 2 ] ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "[%s:%d] unable to parse rewriteMaxPassesPerRule=\"%s\"\n",
+ fname, lineno, argv[ 2 ] );
+ return -1;
+ }
+
if ( info->li_max_passes_per_rule <= 0 ) {
Debug( LDAP_DEBUG_ANY,
- "[%s:%d] negative or null rewriteMaxPassesPerRule'\n",
+ "[%s:%d] negative or null rewriteMaxPassesPerRule\n",
fname, lineno, 0 );
+ return -1;
}
} else {
diff --git a/servers/slapd/aci.c b/servers/slapd/aci.c
index 50bef60b75..70e749ef0a 100644
--- a/servers/slapd/aci.c
+++ b/servers/slapd/aci.c
@@ -696,7 +696,7 @@ aci_init( void )
&rc, &text, LDAP_SCHEMA_ALLOW_ALL );
if ( !at ) {
Debug( LDAP_DEBUG_ANY,
- "%s AttributeType load failed: %s %s\n",
+ "aci_init: AttributeType \"%s\" parse failed: %s %s\n",
aci_at.name, ldap_scherr2str( rc ), text );
return rc;
}
@@ -704,9 +704,9 @@ aci_init( void )
rc = at_add( at, 0, &sat, &text );
if ( rc != LDAP_SUCCESS ) {
ldap_attributetype_free( at );
- fprintf( stderr, "iMUX_monitor_schema_init: "
- "AttributeType load failed: %s %s\n",
- scherr2str( rc ), text );
+ Debug( LDAP_DEBUG_ANY,
+ "aci_init: AttributeType \"%s\" load failed: %s %s\n",
+ aci_at.name, scherr2str( rc ), text );
return rc;
}
ldap_memfree( at );
@@ -715,7 +715,7 @@ aci_init( void )
aci_at.ad, &text );
if ( rc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
- "unable to find AttributeDescription "
+ "aci_init: unable to find AttributeDescription "
"\"%s\": %d (%s)\n",
aci_at.name, rc, text );
return 1;
diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index 5b84f9e304..48d5eb7f14 100644
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -310,9 +310,10 @@ fe_access_allowed(
*/
be_orig = op->o_bd;
- op->o_bd = select_backend( &op->o_req_ndn, 0, 0 );
if ( op->o_bd == NULL ) {
- op->o_bd = frontendDB;
+ op->o_bd = select_backend( &op->o_req_ndn, 0, 0 );
+ if ( op->o_bd == NULL )
+ op->o_bd = frontendDB;
}
rc = slap_access_allowed( op, e, desc, val, access, state, maskp );
op->o_bd = be_orig;
@@ -423,14 +424,10 @@ access_allowed_mask(
desc, val, access, state, &mask );
} else {
- BackendDB *be_orig = op->o_bd;
-
/* use default (but pass through frontend
* for global ACL overlays) */
- op->o_bd = frontendDB;
ret = frontendDB->bd_info->bi_access_allowed( op, e,
desc, val, access, state, &mask );
- op->o_bd = be_orig;
}
if ( !ret ) {
@@ -1603,12 +1600,9 @@ slap_acl_mask(
port = strrchr( ip.bv_val, ':' );
if ( port ) {
- char *next;
-
ip.bv_len = port - ip.bv_val;
++port;
- port_number = strtol( port, &next, 10 );
- if ( next[0] != '\0' )
+ if ( lutil_atoi( &port_number, port ) != 0 )
continue;
}
diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index 3c52759f70..5a666a4650 100644
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -325,7 +325,7 @@ parse_acl(
int pos )
{
int i;
- char *left, *right, *style, *next;
+ char *left, *right, *style;
struct berval bv;
AccessControl *a;
Access *b;
@@ -776,10 +776,7 @@ parse_acl(
} else if ( strcasecmp( style, "level" ) == 0 )
{
- char *next;
-
- level = strtol( style_level, &next, 10 );
- if ( next[0] != '\0' ) {
+ if ( lutil_atoi( &level, style_level ) != 0 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to parse level "
"in \"level{n}\"\n",
@@ -1385,7 +1382,7 @@ parse_acl(
char *end = NULL;
b->a_peername_port = strtol( port, &end, 10 );
- if ( end[0] != '}' ) {
+ if ( end == port || end[0] != '}' ) {
/* illegal port */
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"illegal peername port specification "
@@ -1700,8 +1697,7 @@ parse_acl(
return acl_usage();
}
- b->a_authz.sai_ssf = strtol( right, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( lutil_atou( &b->a_authz.sai_ssf, right ) != 0 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to parse ssf value (%s).\n",
fname, lineno, right );
@@ -1739,8 +1735,7 @@ parse_acl(
return acl_usage();
}
- b->a_authz.sai_transport_ssf = strtol( right, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( lutil_atou( &b->a_authz.sai_transport_ssf, right ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"unable to parse transport_ssf value (%s).\n",
fname, lineno, right );
@@ -1778,8 +1773,7 @@ parse_acl(
return acl_usage();
}
- b->a_authz.sai_tls_ssf = strtol( right, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( lutil_atou( &b->a_authz.sai_tls_ssf, right ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"unable to parse tls_ssf value (%s).\n",
fname, lineno, right );
@@ -1817,8 +1811,7 @@ parse_acl(
return acl_usage();
}
- b->a_authz.sai_sasl_ssf = strtol( right, &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if ( lutil_atou( &b->a_authz.sai_sasl_ssf, right ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"unable to parse sasl_ssf value (%s).\n",
fname, lineno, right );
diff --git a/servers/slapd/at.c b/servers/slapd/at.c
index 8829b5541f..b9239013fd 100644
--- a/servers/slapd/at.c
+++ b/servers/slapd/at.c
@@ -345,14 +345,13 @@ at_insert(
const char **err )
{
struct aindexrec *air;
- char **names;
+ char **names = NULL;
if ( sat->sat_oid ) {
air = (struct aindexrec *)
ch_calloc( 1, sizeof(struct aindexrec) );
- air->air_name.bv_val = sat->sat_oid;
- air->air_name.bv_len = strlen(sat->sat_oid);
+ ber_str2bv( sat->sat_oid, 0, 0, &air->air_name );
air->air_at = sat;
if ( avl_insert( &attr_index, (caddr_t) air,
attr_index_cmp, avl_dup_error ) )
@@ -379,8 +378,7 @@ at_insert(
while ( *names ) {
air = (struct aindexrec *)
ch_calloc( 1, sizeof(struct aindexrec) );
- air->air_name.bv_val = *names;
- air->air_name.bv_len = strlen(*names);
+ ber_str2bv( *names, 0, 0, &air->air_name );
air->air_at = sat;
if ( avl_insert( &attr_index, (caddr_t) air,
attr_index_cmp, avl_dup_error ) )
@@ -396,6 +394,29 @@ at_insert(
ldap_memfree(air);
+ while ( names > sat->sat_names ) {
+ struct aindexrec tmpair;
+
+ names--;
+ ber_str2bv( *names, 0, 0, &tmpair.air_name );
+ tmpair.air_at = sat;
+ air = (struct aindexrec *)avl_delete( &attr_index,
+ (caddr_t)&tmpair, attr_index_cmp );
+ assert( air != NULL );
+ ldap_memfree( air );
+ }
+
+ if ( sat->sat_oid ) {
+ struct aindexrec tmpair;
+
+ ber_str2bv( sat->sat_oid, 0, 0, &tmpair.air_name );
+ tmpair.air_at = sat;
+ air = (struct aindexrec *)avl_delete( &attr_index,
+ (caddr_t)&tmpair, attr_index_cmp );
+ assert( air != NULL );
+ ldap_memfree( air );
+ }
+
return rc;
}
/* FIX: temporal consistency check */
@@ -428,16 +449,17 @@ at_add(
AttributeType **rsat,
const char **err )
{
- AttributeType *sat;
- MatchingRule *mr;
- Syntax *syn;
+ AttributeType *sat = NULL;
+ MatchingRule *mr = NULL;
+ Syntax *syn = NULL;
int i;
- int code;
- char *cname;
- char *oid;
- char *oidm = NULL;
+ int code = LDAP_SUCCESS;
+ char *cname = NULL;
+ char *oidm = NULL;
if ( !OID_LEADCHAR( at->at_oid[0] )) {
+ char *oid;
+
/* Expand OID macros */
oid = oidm_find( at->at_oid );
if ( !oid ) {
@@ -451,11 +473,14 @@ at_add(
}
if ( at->at_syntax_oid && !OID_LEADCHAR( at->at_syntax_oid[0] )) {
+ char *oid;
+
/* Expand OID macros */
oid = oidm_find( at->at_syntax_oid );
if ( !oid ) {
*err = at->at_syntax_oid;
- return SLAP_SCHERR_OIDM;
+ code = SLAP_SCHERR_OIDM;
+ goto error_return;
}
if ( oid != at->at_syntax_oid ) {
ldap_memfree( at->at_syntax_oid );
@@ -469,7 +494,8 @@ at_add(
for( i=0; at->at_names[i]; i++ ) {
if( !slap_valid_descr( at->at_names[i] ) ) {
*err = at->at_names[i];
- return SLAP_SCHERR_BAD_DESCR;
+ code = SLAP_SCHERR_BAD_DESCR;
+ goto error_return;
}
}
@@ -480,25 +506,29 @@ at_add(
} else {
*err = "";
- return SLAP_SCHERR_ATTR_INCOMPLETE;
+ code = SLAP_SCHERR_ATTR_INCOMPLETE;
+ goto error_return;
}
*err = cname;
if ( !at->at_usage && at->at_no_user_mod ) {
/* user attribute must be modifable */
- return SLAP_SCHERR_ATTR_BAD_USAGE;
+ code = SLAP_SCHERR_ATTR_BAD_USAGE;
+ goto error_return;
}
if ( at->at_collective ) {
if( at->at_usage ) {
/* collective attributes cannot be operational */
- return SLAP_SCHERR_ATTR_BAD_USAGE;
+ code = SLAP_SCHERR_ATTR_BAD_USAGE;
+ goto error_return;
}
if( at->at_single_value ) {
/* collective attributes cannot be single-valued */
- return SLAP_SCHERR_ATTR_BAD_USAGE;
+ code = SLAP_SCHERR_ATTR_BAD_USAGE;
+ goto error_return;
}
}
diff --git a/servers/slapd/back-bdb/config.c b/servers/slapd/back-bdb/config.c
index fa2bf98de5..637bc027ac 100644
--- a/servers/slapd/back-bdb/config.c
+++ b/servers/slapd/back-bdb/config.c
@@ -484,10 +484,23 @@ bdb_cf_gen(ConfigArgs *c)
}
switch( c->type ) {
- case BDB_CHKPT:
+ case BDB_CHKPT: {
+ long l;
bdb->bi_txn_cp = 1;
- bdb->bi_txn_cp_kbyte = strtol( c->argv[1], NULL, 0 );
- bdb->bi_txn_cp_min = strtol( c->argv[2], NULL, 0 );
+ if ( lutil_atolx( &l, c->argv[1], 0 ) != 0 ) {
+ fprintf( stderr, "%s: "
+ "invalid kbyte \"%s\" in \"checkpoint\".\n",
+ c->log, c->argv[1] );
+ return 1;
+ }
+ bdb->bi_txn_cp_kbyte = l;
+ if ( lutil_atolx( &l, c->argv[2], 0 ) != 0 ) {
+ fprintf( stderr, "%s: "
+ "invalid minutes \"%s\" in \"checkpoint\".\n",
+ c->log, c->argv[2] );
+ return 1;
+ }
+ bdb->bi_txn_cp_min = l;
/* If we're in server mode and time-based checkpointing is enabled,
* submit a task to perform periodic checkpoints.
*/
@@ -507,7 +520,7 @@ bdb_cf_gen(ConfigArgs *c)
LDAP_XSTRING(bdb_checkpoint), c->be->be_suffix[0].bv_val );
}
}
- break;
+ } break;
case BDB_CONFIG: {
char *ptr = c->line;
diff --git a/servers/slapd/back-bdb/dn2id.c b/servers/slapd/back-bdb/dn2id.c
index 51beedb2f4..311fb30f19 100644
--- a/servers/slapd/back-bdb/dn2id.c
+++ b/servers/slapd/back-bdb/dn2id.c
@@ -948,35 +948,38 @@ hdb_dn2idl_internal(
cx->data.ulen = BDB_IDL_UM_SIZE * sizeof(ID);
cx->data.flags = DB_DBT_USERMEM;
- /* Fetch the rest of the IDs in a loop... */
- while ( (cx->rc = cx->dbc->c_get( cx->dbc, &cx->key, &cx->data,
- DB_MULTIPLE | DB_NEXT_DUP )) == 0 ) {
- u_int8_t *j;
- size_t len;
- void *ptr;
- DB_MULTIPLE_INIT( ptr, &cx->data );
- while (ptr) {
- DB_MULTIPLE_NEXT( ptr, &cx->data, j, len );
- if (j) {
- EntryInfo *ei2;
- diskNode *d = (diskNode *)j;
- short nrlen;
-
- BDB_DISK2ID( j + len - sizeof(ID), &ei.bei_id );
- nrlen = ((d->nrdnlen[0] ^ 0x80) << 8) | d->nrdnlen[1];
- ei.bei_nrdn.bv_len = nrlen;
- /* nrdn/rdn are set in-place.
- * hdb_cache_load will copy them as needed
- */
- ei.bei_nrdn.bv_val = d->nrdn;
- ei.bei_rdn.bv_len = len - sizeof(diskNode)
- - ei.bei_nrdn.bv_len;
- ei.bei_rdn.bv_val = d->nrdn + ei.bei_nrdn.bv_len + 1;
- bdb_idl_append_one( cx->tmp, ei.bei_id );
- hdb_cache_load( cx->bdb, &ei, &ei2 );
+ if ( dkids > 1 ) {
+ /* Fetch the rest of the IDs in a loop... */
+ while ( (cx->rc = cx->dbc->c_get( cx->dbc, &cx->key, &cx->data,
+ DB_MULTIPLE | DB_NEXT_DUP )) == 0 ) {
+ u_int8_t *j;
+ size_t len;
+ void *ptr;
+ DB_MULTIPLE_INIT( ptr, &cx->data );
+ while (ptr) {
+ DB_MULTIPLE_NEXT( ptr, &cx->data, j, len );
+ if (j) {
+ EntryInfo *ei2;
+ diskNode *d = (diskNode *)j;
+ short nrlen;
+
+ BDB_DISK2ID( j + len - sizeof(ID), &ei.bei_id );
+ nrlen = ((d->nrdnlen[0] ^ 0x80) << 8) | d->nrdnlen[1];
+ ei.bei_nrdn.bv_len = nrlen;
+ /* nrdn/rdn are set in-place.
+ * hdb_cache_load will copy them as needed
+ */
+ ei.bei_nrdn.bv_val = d->nrdn;
+ ei.bei_rdn.bv_len = len - sizeof(diskNode)
+ - ei.bei_nrdn.bv_len;
+ ei.bei_rdn.bv_val = d->nrdn + ei.bei_nrdn.bv_len + 1;
+ bdb_idl_append_one( cx->tmp, ei.bei_id );
+ hdb_cache_load( cx->bdb, &ei, &ei2 );
+ }
}
}
}
+
cx->rc = cx->dbc->c_close( cx->dbc );
done_one:
bdb_cache_entryinfo_lock( cx->ei );
diff --git a/servers/slapd/back-bdb/filterindex.c b/servers/slapd/back-bdb/filterindex.c
index 21431fec2d..a1e124d614 100644
--- a/servers/slapd/back-bdb/filterindex.c
+++ b/servers/slapd/back-bdb/filterindex.c
@@ -978,7 +978,6 @@ inequality_candidates(
{
struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
DB *db;
- int i;
int rc;
slap_mask_t mask;
struct berval prefix = {0, NULL};
@@ -1066,9 +1065,9 @@ inequality_candidates(
bdb_idl_union( ids, tmp );
- if( BDB_IDL_IS_ZERO( ids ) )
+ if( op->ors_limit && op->ors_limit->lms_s_unchecked != -1 &&
+ BDB_IDL_N( ids ) >= (unsigned) op->ors_limit->lms_s_unchecked )
break;
- i++;
}
ber_bvarray_free_x( keys, op->o_tmpmemctx );
diff --git a/servers/slapd/back-bdb/idl.c b/servers/slapd/back-bdb/idl.c
index d43d210e33..c29d9228ce 100644
--- a/servers/slapd/back-bdb/idl.c
+++ b/servers/slapd/back-bdb/idl.c
@@ -1311,7 +1311,7 @@ int bdb_idl_append_one( ID *ids, ID id )
*/
int bdb_idl_append( ID *a, ID *b )
{
- ID ida, idb, tmp;
+ ID ida, idb, tmp, swap = 0;
if ( BDB_IDL_IS_ZERO( b ) ) {
return 0;
@@ -1333,6 +1333,7 @@ int bdb_idl_append( ID *a, ID *b )
}
if ( b[0] > 1 && ida > idb ) {
+ swap = idb;
a[a[0]] = idb;
b[b[0]] = ida;
}
@@ -1351,6 +1352,9 @@ int bdb_idl_append( ID *a, ID *b )
AC_MEMCPY(a+a[0]+1, b+2, i * sizeof(ID));
a[0] += i;
}
+ if ( swap ) {
+ b[b[0]] = swap;
+ }
return 0;
}
diff --git a/servers/slapd/back-bdb/init.c b/servers/slapd/back-bdb/init.c
index 3fbf91bf6d..991bbc033f 100644
--- a/servers/slapd/back-bdb/init.c
+++ b/servers/slapd/back-bdb/init.c
@@ -81,6 +81,9 @@ bdb_db_init( BackendDB *be )
return 0;
}
+static int
+bdb_db_close( BackendDB *be );
+
static int
bdb_db_open( BackendDB *be )
{
@@ -180,7 +183,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_env_create failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
bdb->bi_dbenv->set_errpfx( bdb->bi_dbenv, be->be_suffix[0].bv_val );
@@ -198,7 +201,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: dbenv_set_flags failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
}
@@ -248,7 +251,8 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: Database cannot be recovered. "
"Restore from backup!\n", 0, 0, 0);
- return -1;
+ rc = -1;
+ goto fail;
}
/* We need to recover, and we had TXN support before:
* Close this env, open a new one with recovery flags.
@@ -261,7 +265,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_env_create failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
bdb->bi_dbenv->set_errpfx( bdb->bi_dbenv,
be->be_suffix[0].bv_val );
@@ -272,7 +276,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: recovery failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
do_recover = 0;
}
@@ -285,7 +289,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_env_create failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
bdb->bi_dbenv->remove( bdb->bi_dbenv, dbhome, 0 );
bdb->bi_dbenv = NULL;
@@ -297,7 +301,8 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: Database cannot be recovered. "
"Restore from backup!\n", 0, 0, 0);
- return -1;
+ rc = -1;
+ goto fail;
}
/* Prev environment had no TXN support, close it */
if ( !flags_ok ) {
@@ -321,7 +326,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_env_create failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
bdb->bi_dbenv->set_errpfx( bdb->bi_dbenv, be->be_suffix[0].bv_val );
@@ -338,7 +343,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: dbenv_set_flags failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
}
}
@@ -375,7 +380,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: dbenv_open failed: %s (%d)\n",
db_strerror(rc), rc, 0 );
- return rc;
+ goto fail;
}
}
@@ -383,7 +388,8 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: alock_recover failed\n",
0, 0, 0 );
- return -1;
+ rc = -1;
+ goto fail;
}
#ifdef SLAP_ZONE_ALLOC
@@ -422,7 +428,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_create(%s) failed: %s (%d)\n",
bdb->bi_dbenv_home, db_strerror(rc), rc );
- return rc;
+ goto fail;
}
if( i == BDB_ID2ENTRY ) {
@@ -483,7 +489,8 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: db_open(%s) failed: %s (%d)\n",
buf, db_strerror(rc), rc );
- return rc;
+ db->bdi_db->close( db->bdi_db, 0 );
+ goto fail;
}
flags &= ~(DB_CREATE | DB_RDONLY);
@@ -500,7 +507,7 @@ bdb_db_open( BackendDB *be )
Debug( LDAP_DEBUG_ANY,
"bdb_db_open: last_id(%s) failed: %s (%d)\n",
bdb->bi_dbenv_home, db_strerror(rc), rc );
- return rc;
+ goto fail;
}
if ( !( slapMode & SLAP_TOOL_QUICK )) {
@@ -510,6 +517,10 @@ bdb_db_open( BackendDB *be )
bdb->bi_flags |= BDB_IS_OPEN;
return 0;
+
+fail:
+ bdb_db_close( be );
+ return rc;
}
static int
@@ -520,10 +531,6 @@ bdb_db_close( BackendDB *be )
struct bdb_db_info *db;
bdb_idl_cache_entry_t *entry, *next_entry;
- /* backend_shutdown closes everything, even if not all were opened */
- if ( !( bdb->bi_flags & BDB_IS_OPEN ))
- return 0;
-
bdb->bi_flags &= ~BDB_IS_OPEN;
ber_bvarray_free( bdb->bi_db_config );
@@ -543,7 +550,6 @@ bdb_db_close( BackendDB *be )
bdb_cache_release_all (&bdb->bi_cache);
if ( bdb->bi_idl_cache_max_size ) {
- ldap_pvt_thread_rdwr_wlock ( &bdb->bi_idl_tree_rwlock );
avl_free( bdb->bi_idl_tree, NULL );
bdb->bi_idl_tree = NULL;
entry = bdb->bi_idl_lru_head;
@@ -556,7 +562,6 @@ bdb_db_close( BackendDB *be )
entry = next_entry;
}
bdb->bi_idl_lru_head = bdb->bi_idl_lru_tail = NULL;
- ldap_pvt_thread_rdwr_wunlock ( &bdb->bi_idl_tree_rwlock );
}
if ( !( slapMode & SLAP_TOOL_QUICK ) && bdb->bi_dbenv ) {
@@ -636,12 +641,8 @@ bdb_back_initialize(
LDAP_CONTROL_MANAGEDSAIT,
LDAP_CONTROL_NOOP,
LDAP_CONTROL_PAGEDRESULTS,
-#ifdef LDAP_CONTROL_SUBENTRIES
LDAP_CONTROL_SUBENTRIES,
-#endif
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
LDAP_CONTROL_X_PERMISSIVE_MODIFY,
-#endif
NULL
};
diff --git a/servers/slapd/back-bdb/search.c b/servers/slapd/back-bdb/search.c
index 3151d3d6aa..e39c23daf9 100644
--- a/servers/slapd/back-bdb/search.c
+++ b/servers/slapd/back-bdb/search.c
@@ -858,21 +858,6 @@ fetch_entry_retry:
if ( rs->sr_err == LDAP_COMPARE_TRUE ) {
/* check size limit */
- if ( --op->ors_slimit == -1 ) {
-#ifdef SLAP_ZONE_ALLOC
- slap_zn_runlock(bdb->bi_cache.c_zctx, e);
-#endif
- bdb_cache_return_entry_r( bdb->bi_dbenv,
- &bdb->bi_cache, e, &lock );
- e = NULL;
- rs->sr_entry = NULL;
- rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- rs->sr_ref = rs->sr_v2ref;
- send_ldap_result( op, rs );
- rs->sr_err = LDAP_SUCCESS;
- goto done;
- }
-
if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
#ifdef SLAP_ZONE_ALLOC
@@ -889,20 +874,20 @@ fetch_entry_retry:
if (e) {
/* safe default */
- int result = -1;
rs->sr_attrs = op->oq_search.rs_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_ctrls = NULL;
rs->sr_flags = 0;
rs->sr_err = LDAP_SUCCESS;
- result = send_search_entry( op, rs );
+ rs->sr_err = send_search_entry( op, rs );
- switch (result) {
- case 0: /* entry sent ok */
+ switch ( rs->sr_err ) {
+ case LDAP_SUCCESS: /* entry sent ok */
break;
- case 1: /* entry not sent */
+ default: /* entry not sent */
break;
- case -1: /* connection closed */
+ case LDAP_UNAVAILABLE:
+ case LDAP_SIZELIMIT_EXCEEDED:
#ifdef SLAP_ZONE_ALLOC
slap_zn_runlock(bdb->bi_cache.c_zctx, e);
#endif
@@ -910,7 +895,14 @@ fetch_entry_retry:
&bdb->bi_cache, e, &lock);
e = NULL;
rs->sr_entry = NULL;
- rs->sr_err = LDAP_OTHER;
+ if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) {
+ rs->sr_ref = rs->sr_v2ref;
+ send_ldap_result( op, rs );
+ rs->sr_err = LDAP_SUCCESS;
+
+ } else {
+ rs->sr_err = LDAP_OTHER;
+ }
goto done;
}
}
diff --git a/servers/slapd/back-bdb/tools.c b/servers/slapd/back-bdb/tools.c
index 09d25571ae..9c97048485 100644
--- a/servers/slapd/back-bdb/tools.c
+++ b/servers/slapd/back-bdb/tools.c
@@ -93,7 +93,8 @@ int bdb_tool_entry_open(
}
/* Set up for threaded slapindex */
- if (( slapMode & (SLAP_TOOL_QUICK|SLAP_TOOL_READONLY)) == SLAP_TOOL_QUICK) {
+ if (( slapMode & (SLAP_TOOL_QUICK|SLAP_TOOL_READONLY)) == SLAP_TOOL_QUICK
+ && bdb->bi_nattrs ) {
if ( !bdb_tool_info ) {
int i;
ldap_pvt_thread_mutex_init( &bdb_tool_index_mutex );
diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c
index 0c394c3645..c15fdd0e9f 100644
--- a/servers/slapd/back-ldap/add.c
+++ b/servers/slapd/back-ldap/add.c
@@ -36,9 +36,9 @@ ldap_back_add(
Operation *op,
SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- struct ldapconn *lc;
+ ldapconn_t *lc;
int i = 0,
j = 0;
Attribute *a;
@@ -103,10 +103,10 @@ retry:
rs->sr_err = ldap_add_ext( lc->lc_ld, op->o_req_dn.bv_val, attrs,
ctrls, NULL, &msgid );
rs->sr_err = ldap_back_op_result( lc, op, rs, msgid,
- li->timeout[ LDAP_BACK_OP_ADD ], LDAP_BACK_SENDRESULT );
+ li->li_timeout[ LDAP_BACK_OP_ADD ], LDAP_BACK_SENDRESULT );
if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h
index f0a4330ac4..8ec1a372bc 100644
--- a/servers/slapd/back-ldap/back-ldap.h
+++ b/servers/slapd/back-ldap/back-ldap.h
@@ -26,7 +26,7 @@
LDAP_BEGIN_DECL
-struct ldapconn {
+typedef struct ldapconn_t {
Connection *lc_conn;
#define LDAP_BACK_PCONN ((void *)0x0)
#define LDAP_BACK_PCONN_TLS ((void *)0x1)
@@ -79,7 +79,7 @@ struct ldapconn {
unsigned lc_refcnt;
unsigned lc_flags;
-};
+} ldapconn_t;
/*
* identity assertion modes
@@ -104,50 +104,58 @@ enum {
LDAP_BACK_OP_LAST
};
-struct ldapinfo {
- char *url;
- LDAPURLDesc *lud;
-
- slap_bindconf acl_sb;
-#define acl_authcID acl_sb.sb_authcId
-#define acl_authcDN acl_sb.sb_binddn
-#define acl_passwd acl_sb.sb_cred
-#define acl_authzID acl_sb.sb_authzId
-#define acl_authmethod acl_sb.sb_method
-#define acl_sasl_mech acl_sb.sb_saslmech
-#define acl_sasl_realm acl_sb.sb_realm
-#define acl_secprops acl_sb.sb_secprops
+typedef struct ldap_avl_info_t {
+ ldap_pvt_thread_mutex_t lai_mutex;
+ Avlnode *lai_tree;
+} ldap_avl_info_t;
+
+typedef struct ldapinfo_t {
+ /* li_uri: the string that goes into ldap_initialize()
+ * TODO: use li_acl.sb_uri instead */
+ char *li_uri;
+ /* li_bvuri: an array of each single URI that is equivalent;
+ * to be checked for the presence of a certain item */
+ BerVarray li_bvuri;
+
+ slap_bindconf li_acl;
+#define li_acl_authcID li_acl.sb_authcId
+#define li_acl_authcDN li_acl.sb_binddn
+#define li_acl_passwd li_acl.sb_cred
+#define li_acl_authzID li_acl.sb_authzId
+#define li_acl_authmethod li_acl.sb_method
+#define li_acl_sasl_mech li_acl.sb_saslmech
+#define li_acl_sasl_realm li_acl.sb_realm
+#define li_acl_secprops li_acl.sb_secprops
/* ID assert stuff */
- int idassert_mode;
-
- slap_bindconf idassert_sb;
-#define idassert_authcID idassert_sb.sb_authcId
-#define idassert_authcDN idassert_sb.sb_binddn
-#define idassert_passwd idassert_sb.sb_cred
-#define idassert_authzID idassert_sb.sb_authzId
-#define idassert_authmethod idassert_sb.sb_method
-#define idassert_sasl_mech idassert_sb.sb_saslmech
-#define idassert_sasl_realm idassert_sb.sb_realm
-#define idassert_secprops idassert_sb.sb_secprops
-
- unsigned idassert_flags;
+ int li_idassert_mode;
+
+ slap_bindconf li_idassert;
+#define li_idassert_authcID li_idassert.sb_authcId
+#define li_idassert_authcDN li_idassert.sb_binddn
+#define li_idassert_passwd li_idassert.sb_cred
+#define li_idassert_authzID li_idassert.sb_authzId
+#define li_idassert_authmethod li_idassert.sb_method
+#define li_idassert_sasl_mech li_idassert.sb_saslmech
+#define li_idassert_sasl_realm li_idassert.sb_realm
+#define li_idassert_secprops li_idassert.sb_secprops
+
+ unsigned li_idassert_flags;
#define LDAP_BACK_AUTH_NONE 0x00U
#define LDAP_BACK_AUTH_NATIVE_AUTHZ 0x01U
#define LDAP_BACK_AUTH_OVERRIDE 0x02U
#define LDAP_BACK_AUTH_PRESCRIPTIVE 0x04U
- BerVarray idassert_authz;
+ BerVarray li_idassert_authz;
/* end of ID assert stuff */
- int nretries;
+ int li_nretries;
#define LDAP_BACK_RETRY_UNDEFINED (-2)
#define LDAP_BACK_RETRY_FOREVER (-1)
#define LDAP_BACK_RETRY_NEVER (0)
#define LDAP_BACK_RETRY_DEFAULT (3)
- ldap_pvt_thread_mutex_t conn_mutex;
- unsigned flags;
+ unsigned li_flags;
#define LDAP_BACK_F_NONE 0x00U
#define LDAP_BACK_F_SAVECRED 0x01U
#define LDAP_BACK_F_USE_TLS 0x02U
@@ -163,23 +171,20 @@ struct ldapinfo {
#define LDAP_BACK_F_SUPPORT_T_F_DISCOVER 0x40U
#define LDAP_BACK_F_SUPPORT_T_F_MASK (LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER)
-#define LDAP_BACK_SAVECRED(li) ( (li)->flags & LDAP_BACK_F_SAVECRED )
-#define LDAP_BACK_USE_TLS(li) ( (li)->flags & LDAP_BACK_F_USE_TLS )
-#define LDAP_BACK_PROPAGATE_TLS(li) ( (li)->flags & LDAP_BACK_F_PROPAGATE_TLS )
-#define LDAP_BACK_TLS_CRITICAL(li) ( (li)->flags & LDAP_BACK_F_TLS_CRITICAL )
-#define LDAP_BACK_CHASE_REFERRALS(li) ( (li)->flags & LDAP_BACK_F_CHASE_REFERRALS )
+#define LDAP_BACK_ISSET(li,f) ( ( (li)->li_flags & (f) ) == (f) )
+#define LDAP_BACK_SAVECRED(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_SAVECRED )
+#define LDAP_BACK_USE_TLS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_USE_TLS )
+#define LDAP_BACK_PROPAGATE_TLS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_PROPAGATE_TLS )
+#define LDAP_BACK_TLS_CRITICAL(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_TLS_CRITICAL )
+#define LDAP_BACK_CHASE_REFERRALS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_CHASE_REFERRALS )
+#define LDAP_BACK_PROXY_WHOAMI(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_PROXY_WHOAMI )
- int version;
+ int li_version;
- Avlnode *conntree;
+ ldap_avl_info_t li_conninfo;
-#if 0
- /* FIXME: automatic rwm instantiation removed */
- int rwm_started;
-#endif
-
- time_t timeout[ LDAP_BACK_OP_LAST ];
-};
+ time_t li_timeout[ LDAP_BACK_OP_LAST ];
+} ldapinfo_t;
typedef enum ldap_back_send_t {
LDAP_BACK_DONTSEND = 0x00,
diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index a77af50c9f..6d7899e44d 100644
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -42,16 +42,16 @@ static LDAP_REBIND_PROC ldap_back_default_rebind;
LDAP_REBIND_PROC *ldap_back_rebind_f = ldap_back_default_rebind;
static int
-ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs );
+ldap_back_proxy_authz_bind( ldapconn_t *lc, Operation *op, SlapReply *rs );
static int
-ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok );
+ldap_back_prepare_conn( ldapconn_t **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok );
int
ldap_back_bind( Operation *op, SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
- struct ldapconn *lc;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
+ ldapconn_t *lc;
int rc = 0;
ber_int_t msgid;
@@ -79,7 +79,7 @@ ldap_back_bind( Operation *op, SlapReply *rs )
* purpose, a successful bind is followed by a
* bind with the configured identity assertion */
/* NOTE: use with care */
- if ( li->idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) {
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) {
ldap_back_proxy_authz_bind( lc, op, rs );
if ( !LDAP_BACK_CONN_ISBOUND( lc ) ) {
rc = 1;
@@ -109,22 +109,22 @@ done:;
/* wait for all other ops to release the connection */
retry_lock:;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
if ( lc->lc_refcnt > 1 ) {
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
ldap_pvt_thread_yield();
goto retry_lock;
}
assert( lc->lc_refcnt == 1 );
- lc = avl_delete( &li->conntree, (caddr_t)lc,
+ lc = avl_delete( &li->li_conninfo.lai_tree, (caddr_t)lc,
ldap_back_conn_cmp );
assert( lc != NULL );
ber_bvreplace( &lc->lc_local_ndn, &op->o_req_ndn );
- lerr = avl_insert( &li->conntree, (caddr_t)lc,
+ lerr = avl_insert( &li->li_conninfo.lai_tree, (caddr_t)lc,
ldap_back_conn_cmp, ldap_back_conn_dup );
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
if ( lerr == -1 ) {
/* we can do this because lc_refcnt == 1 */
ldap_back_conn_free( lc );
@@ -142,14 +142,14 @@ retry_lock:;
/*
* ldap_back_conn_cmp
*
- * compares two struct ldapconn based on the value of the conn pointer;
+ * compares two ldapconn_t based on the value of the conn pointer;
* used by avl stuff
*/
int
ldap_back_conn_cmp( const void *c1, const void *c2 )
{
- const struct ldapconn *lc1 = (const struct ldapconn *)c1;
- const struct ldapconn *lc2 = (const struct ldapconn *)c2;
+ const ldapconn_t *lc1 = (const ldapconn_t *)c1;
+ const ldapconn_t *lc2 = (const ldapconn_t *)c2;
int rc;
/* If local DNs don't match, it is definitely not a match */
@@ -167,14 +167,14 @@ ldap_back_conn_cmp( const void *c1, const void *c2 )
/*
* ldap_back_conn_dup
*
- * returns -1 in case a duplicate struct ldapconn has been inserted;
+ * returns -1 in case a duplicate ldapconn_t has been inserted;
* used by avl stuff
*/
int
ldap_back_conn_dup( void *c1, void *c2 )
{
- struct ldapconn *lc1 = (struct ldapconn *)c1;
- struct ldapconn *lc2 = (struct ldapconn *)c2;
+ ldapconn_t *lc1 = (ldapconn_t *)c1;
+ ldapconn_t *lc2 = (ldapconn_t *)c2;
/* Cannot have more than one shared session with same DN */
if ( dn_match( &lc1->lc_local_ndn, &lc2->lc_local_ndn ) &&
@@ -190,8 +190,8 @@ ldap_back_conn_dup( void *c1, void *c2 )
static void
ravl_print( Avlnode *root, int depth )
{
- int i;
- struct ldapconn *lc;
+ int i;
+ ldapconn_t *lc;
if ( root == 0 ) {
return;
@@ -227,22 +227,26 @@ myprint( Avlnode *root )
#endif /* PRINT_CONNTREE */
int
-ldap_back_freeconn( Operation *op, struct ldapconn *lc )
+ldap_back_freeconn( Operation *op, ldapconn_t *lc, int dolock )
{
- struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ if ( dolock ) {
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
+ }
assert( lc->lc_refcnt > 0 );
if ( --lc->lc_refcnt == 0 ) {
- lc = avl_delete( &li->conntree, (caddr_t)lc,
+ lc = avl_delete( &li->li_conninfo.lai_tree, (caddr_t)lc,
ldap_back_conn_cmp );
assert( lc != NULL );
ldap_back_conn_free( (void *)lc );
}
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ if ( dolock ) {
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
+ }
return 0;
}
@@ -259,10 +263,10 @@ ldap_back_start_tls(
const char **text )
{
int rc = LDAP_SUCCESS;
- struct ldapinfo dummy;
+ ldapinfo_t dummy;
/* this is ridiculous... */
- dummy.flags = flags;
+ dummy.li_flags = flags;
/* start TLS ("tls-[try-]{start,propagate}" statements) */
if ( ( LDAP_BACK_USE_TLS( &dummy ) || ( *is_tls && LDAP_BACK_PROPAGATE_TLS( &dummy ) ) )
@@ -392,9 +396,9 @@ retry:;
#endif /* HAVE_TLS */
static int
-ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
+ldap_back_prepare_conn( ldapconn_t **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
int vers = op->o_protocol;
LDAP *ld = NULL;
#ifdef HAVE_TLS
@@ -403,7 +407,7 @@ ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, lda
assert( lcp != NULL );
- rs->sr_err = ldap_initialize( &ld, li->url );
+ rs->sr_err = ldap_initialize( &ld, li->li_uri );
if ( rs->sr_err != LDAP_SUCCESS ) {
goto error_return;
}
@@ -420,7 +424,7 @@ ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, lda
#ifdef HAVE_TLS
rs->sr_err = ldap_back_start_tls( ld, op->o_protocol, &is_tls,
- li->url, li->flags, li->nretries, &rs->sr_text );
+ li->li_uri, li->li_flags, li->li_nretries, &rs->sr_text );
if ( rs->sr_err != LDAP_SUCCESS ) {
ldap_unbind_ext( ld, NULL, NULL );
goto error_return;
@@ -428,8 +432,8 @@ ldap_back_prepare_conn( struct ldapconn **lcp, Operation *op, SlapReply *rs, lda
#endif /* HAVE_TLS */
if ( *lcp == NULL ) {
- *lcp = (struct ldapconn *)ch_calloc( 1, sizeof( struct ldapconn ) );
- (*lcp)->lc_flags= li->flags;
+ *lcp = (ldapconn_t *)ch_calloc( 1, sizeof( ldapconn_t ) );
+ (*lcp)->lc_flags= li->li_flags;
}
(*lcp)->lc_ld = ld;
(*lcp)->lc_refcnt = 1;
@@ -456,11 +460,11 @@ error_return:;
return rs->sr_err;
}
-struct ldapconn *
+ldapconn_t *
ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
- struct ldapconn *lc,
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
+ ldapconn_t *lc,
lc_curr = { 0 };
int refcnt = 1;
@@ -482,14 +486,14 @@ ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok )
}
/* Searches for a ldapconn in the avl tree */
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
- lc = (struct ldapconn *)avl_find( li->conntree,
+ lc = (ldapconn_t *)avl_find( li->li_conninfo.lai_tree,
(caddr_t)&lc_curr, ldap_back_conn_cmp );
if ( lc != NULL ) {
refcnt = ++lc->lc_refcnt;
}
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
/* Looks like we didn't get a bind. Open a new session... */
if ( lc == NULL ) {
@@ -501,8 +505,8 @@ ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok )
ber_dupbv( &lc->lc_local_ndn, &lc_curr.lc_local_ndn );
if ( LDAP_BACK_CONN_ISPRIV( &lc_curr ) ) {
- ber_dupbv( &lc->lc_cred, &li->acl_passwd );
- ber_dupbv( &lc->lc_bound_ndn, &li->acl_authcDN );
+ ber_dupbv( &lc->lc_cred, &li->li_acl_passwd );
+ ber_dupbv( &lc->lc_bound_ndn, &li->li_acl_authcDN );
LDAP_BACK_CONN_ISPRIV_SET( lc );
} else {
@@ -527,18 +531,18 @@ ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok )
if ( lc->lc_conn == LDAP_BACK_PCONN_TLS
&& !ldap_tls_inplace( lc->lc_ld ) )
{
- struct ldapconn *tmplc;
+ ldapconn_t *tmplc;
lc_curr.lc_conn = LDAP_BACK_PCONN;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
- tmplc = (struct ldapconn *)avl_find( li->conntree,
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
+ tmplc = (ldapconn_t *)avl_find( li->li_conninfo.lai_tree,
(caddr_t)&lc_curr, ldap_back_conn_cmp );
if ( tmplc != NULL ) {
refcnt = ++tmplc->lc_refcnt;
ldap_back_conn_free( lc );
lc = tmplc;
}
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
if ( tmplc != NULL ) {
goto done;
@@ -549,17 +553,17 @@ ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok )
LDAP_BACK_CONN_ISBOUND_CLEAR( lc );
/* Inserts the newly created ldapconn in the avl tree */
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
assert( lc->lc_refcnt == 1 );
- rs->sr_err = avl_insert( &li->conntree, (caddr_t)lc,
+ rs->sr_err = avl_insert( &li->li_conninfo.lai_tree, (caddr_t)lc,
ldap_back_conn_cmp, ldap_back_conn_dup );
#if PRINT_CONNTREE > 0
- myprint( li->conntree );
+ myprint( li->li_conninfo.lai_tree );
#endif /* PRINT_CONNTREE */
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
Debug( LDAP_DEBUG_TRACE,
"=>ldap_back_getconn: conn %p inserted (refcnt=%u)\n",
@@ -590,14 +594,14 @@ void
ldap_back_release_conn(
Operation *op,
SlapReply *rs,
- struct ldapconn *lc )
+ ldapconn_t *lc )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
assert( lc->lc_refcnt > 0 );
lc->lc_refcnt--;
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
}
/*
@@ -607,18 +611,18 @@ ldap_back_release_conn(
* it from all the callers, and I made the function return the flag, so
* it can be used to simplify the check.
*
- * Note: dolock indicates whether li->conn_mutex must be locked or not
+ * Note: dolock indicates whether li->li_conninfo.lai_mutex must be locked or not
*/
static int
ldap_back_dobind_int(
- struct ldapconn *lc,
+ ldapconn_t *lc,
Operation *op,
SlapReply *rs,
ldap_back_send_t sendok,
int retries,
int dolock )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
int rc = LDAP_BACK_CONN_ISBOUND( lc );
ber_int_t msgid;
@@ -654,7 +658,7 @@ ldap_back_dobind_int(
if ( op->o_conn != NULL &&
!op->o_do_not_cache &&
( BER_BVISNULL( &lc->lc_bound_ndn ) ||
- ( li->idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) ) )
+ ( li->li_idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) ) )
{
(void)ldap_back_proxy_authz_bind( lc, op, rs );
goto done;
@@ -662,32 +666,32 @@ ldap_back_dobind_int(
#ifdef HAVE_CYRUS_SASL
if ( LDAP_BACK_CONN_ISPRIV( lc )
- && li->acl_authmethod == LDAP_AUTH_SASL )
+ && li->li_acl_authmethod == LDAP_AUTH_SASL )
{
void *defaults = NULL;
- if ( li->acl_secprops != NULL ) {
+ if ( li->li_acl_secprops != NULL ) {
rc = ldap_set_option( lc->lc_ld,
- LDAP_OPT_X_SASL_SECPROPS, li->acl_secprops);
+ LDAP_OPT_X_SASL_SECPROPS, li->li_acl_secprops);
if ( rc != LDAP_OPT_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "Error: ldap_set_option "
"(%s,SECPROPS,\"%s\") failed!\n",
- li->url, li->acl_secprops, 0 );
+ li->li_uri, li->li_acl_secprops, 0 );
goto done;
}
}
defaults = lutil_sasl_defaults( lc->lc_ld,
- li->acl_sasl_mech.bv_val,
- li->acl_sasl_realm.bv_val,
- li->acl_authcID.bv_val,
- li->acl_passwd.bv_val,
+ li->li_acl_sasl_mech.bv_val,
+ li->li_acl_sasl_realm.bv_val,
+ li->li_acl_authcID.bv_val,
+ li->li_acl_passwd.bv_val,
NULL );
rs->sr_err = ldap_sasl_interactive_bind_s( lc->lc_ld,
- li->acl_authcDN.bv_val,
- li->acl_sasl_mech.bv_val, NULL, NULL,
+ li->li_acl_authcDN.bv_val,
+ li->li_acl_sasl_mech.bv_val, NULL, NULL,
LDAP_SASL_QUIET, lutil_sasl_interact,
defaults );
@@ -714,7 +718,7 @@ retry:;
if ( rs->sr_err == LDAP_SERVER_DOWN ) {
if ( retries != LDAP_BACK_RETRY_NEVER ) {
if ( dolock ) {
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
}
assert( lc->lc_refcnt > 0 );
@@ -726,7 +730,7 @@ retry:;
rs->sr_err = ldap_back_prepare_conn( &lc, op, rs, sendok );
}
if ( dolock ) {
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
}
if ( rs->sr_err == LDAP_SUCCESS ) {
if ( retries > 0 ) {
@@ -736,7 +740,7 @@ retry:;
}
}
- ldap_back_freeconn( op, lc );
+ ldap_back_freeconn( op, lc, dolock );
rs->sr_err = slap_map_api2result( rs );
return 0;
@@ -757,11 +761,11 @@ done:;
}
int
-ldap_back_dobind( struct ldapconn *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
+ldap_back_dobind( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- return ldap_back_dobind_int( lc, op, rs, sendok, li->nretries, 1 );
+ return ldap_back_dobind_int( lc, op, rs, sendok, li->li_nretries, 1 );
}
/*
@@ -774,7 +778,7 @@ static int
ldap_back_default_rebind( LDAP *ld, LDAP_CONST char *url, ber_tag_t request,
ber_int_t msgid, void *params )
{
- struct ldapconn *lc = (struct ldapconn *)params;
+ ldapconn_t *lc = (ldapconn_t *)params;
#ifdef HAVE_TLS
/* ... otherwise we couldn't get here */
@@ -801,7 +805,7 @@ ldap_back_default_rebind( LDAP *ld, LDAP_CONST char *url, ber_tag_t request,
int
ldap_back_op_result(
- struct ldapconn *lc,
+ ldapconn_t *lc,
Operation *op,
SlapReply *rs,
ber_int_t msgid,
@@ -862,6 +866,16 @@ retry:;
default:
rc = ldap_parse_result( lc->lc_ld, res, &rs->sr_err,
&match, &text, NULL, NULL, 1 );
+#ifndef LDAP_NULL_IS_NULL
+ if ( match != NULL && match[ 0 ] == '\0' ) {
+ ldap_memfree( match );
+ match = NULL;
+ }
+ if ( text != NULL && text[ 0 ] == '\0' ) {
+ ldap_memfree( text );
+ text = NULL;
+ }
+#endif /* LDAP_NULL_IS_NULL */
rs->sr_text = text;
if ( rc != LDAP_SUCCESS ) {
rs->sr_err = rc;
@@ -906,40 +920,43 @@ retry:;
/* return true if bound, false if failed */
int
-ldap_back_retry( struct ldapconn *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
+ldap_back_retry( ldapconn_t **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok )
{
int rc = 0;
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
-
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
+
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
- if ( lc->lc_refcnt == 1 ) {
+ if ( (*lcp)->lc_refcnt == 1 ) {
Debug( LDAP_DEBUG_ANY,
"%s ldap_back_retry: retrying URI=\"%s\" DN=\"%s\"\n",
- op->o_log_prefix, li->url,
- BER_BVISNULL( &lc->lc_bound_ndn ) ?
- "" : lc->lc_bound_ndn.bv_val );
+ op->o_log_prefix, li->li_uri,
+ BER_BVISNULL( &(*lcp)->lc_bound_ndn ) ?
+ "" : (*lcp)->lc_bound_ndn.bv_val );
- ldap_unbind_ext( lc->lc_ld, NULL, NULL );
- lc->lc_ld = NULL;
- LDAP_BACK_CONN_ISBOUND_CLEAR( lc );
+ ldap_unbind_ext( (*lcp)->lc_ld, NULL, NULL );
+ (*lcp)->lc_ld = NULL;
+ LDAP_BACK_CONN_ISBOUND_CLEAR( (*lcp) );
/* lc here must be the regular lc, reset and ready for init */
- rc = ldap_back_prepare_conn( &lc, op, rs, sendok );
+ rc = ldap_back_prepare_conn( lcp, op, rs, sendok );
if ( rc == LDAP_SUCCESS ) {
- rc = ldap_back_dobind_int( lc, op, rs, sendok, 0, 0 );
+ rc = ldap_back_dobind_int( *lcp, op, rs, sendok, 0, 0 );
+ if ( rc == 0 ) {
+ *lcp = NULL;
+ }
}
}
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
return rc;
}
static int
-ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
+ldap_back_proxy_authz_bind( ldapconn_t *lc, Operation *op, SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
struct berval binddn = slap_empty_bv;
struct berval bindcred = slap_empty_bv;
int dobind = 0;
@@ -969,13 +986,13 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
/* bind as proxyauthzdn only if no idassert mode
* is requested, or if the client's identity
* is authorized */
- switch ( li->idassert_mode ) {
+ switch ( li->li_idassert_mode ) {
case LDAP_BACK_IDASSERT_LEGACY:
if ( !BER_BVISNULL( &op->o_conn->c_ndn ) && !BER_BVISEMPTY( &op->o_conn->c_ndn ) ) {
- if ( !BER_BVISNULL( &li->idassert_authcDN ) && !BER_BVISEMPTY( &li->idassert_authcDN ) )
+ if ( !BER_BVISNULL( &li->li_idassert_authcDN ) && !BER_BVISEMPTY( &li->li_idassert_authcDN ) )
{
- binddn = li->idassert_authcDN;
- bindcred = li->idassert_passwd;
+ binddn = li->li_idassert_authcDN;
+ bindcred = li->li_idassert_passwd;
dobind = 1;
}
}
@@ -983,7 +1000,7 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
default:
/* NOTE: rootdn can always idassert */
- if ( li->idassert_authz && !be_isroot( op ) ) {
+ if ( li->li_idassert_authz && !be_isroot( op ) ) {
struct berval authcDN;
if ( BER_BVISNULL( &op->o_conn->c_ndn ) ) {
@@ -992,10 +1009,10 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
} else {
authcDN = op->o_conn->c_ndn;
}
- rs->sr_err = slap_sasl_matches( op, li->idassert_authz,
+ rs->sr_err = slap_sasl_matches( op, li->li_idassert_authz,
&authcDN, &authcDN );
if ( rs->sr_err != LDAP_SUCCESS ) {
- if ( li->idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) {
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) {
send_ldap_result( op, rs );
LDAP_BACK_CONN_ISBOUND_CLEAR( lc );
@@ -1010,13 +1027,13 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
}
}
- binddn = li->idassert_authcDN;
- bindcred = li->idassert_passwd;
+ binddn = li->li_idassert_authcDN;
+ bindcred = li->li_idassert_passwd;
dobind = 1;
break;
}
- if ( dobind && li->idassert_authmethod == LDAP_AUTH_SASL ) {
+ if ( dobind && li->li_idassert_authmethod == LDAP_AUTH_SASL ) {
#ifdef HAVE_CYRUS_SASL
void *defaults = NULL;
struct berval authzID = BER_BVNULL;
@@ -1024,12 +1041,12 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
/* if SASL supports native authz, prepare for it */
if ( ( !op->o_do_not_cache || !op->o_is_auth_check ) &&
- ( li->idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ ) )
+ ( li->li_idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ ) )
{
- switch ( li->idassert_mode ) {
+ switch ( li->li_idassert_mode ) {
case LDAP_BACK_IDASSERT_OTHERID:
case LDAP_BACK_IDASSERT_OTHERDN:
- authzID = li->idassert_authzID;
+ authzID = li->li_idassert_authzID;
break;
case LDAP_BACK_IDASSERT_ANONYMOUS:
@@ -1055,10 +1072,10 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
}
}
- if ( li->idassert_secprops != NULL ) {
+ if ( li->li_idassert_secprops != NULL ) {
rs->sr_err = ldap_set_option( lc->lc_ld,
LDAP_OPT_X_SASL_SECPROPS,
- (void *)li->idassert_secprops );
+ (void *)li->li_idassert_secprops );
if ( rs->sr_err != LDAP_OPT_SUCCESS ) {
send_ldap_result( op, rs );
@@ -1068,14 +1085,14 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
}
defaults = lutil_sasl_defaults( lc->lc_ld,
- li->idassert_sasl_mech.bv_val,
- li->idassert_sasl_realm.bv_val,
- li->idassert_authcID.bv_val,
- li->idassert_passwd.bv_val,
+ li->li_idassert_sasl_mech.bv_val,
+ li->li_idassert_sasl_realm.bv_val,
+ li->li_idassert_authcID.bv_val,
+ li->li_idassert_passwd.bv_val,
authzID.bv_val );
rs->sr_err = ldap_sasl_interactive_bind_s( lc->lc_ld, binddn.bv_val,
- li->idassert_sasl_mech.bv_val, NULL, NULL,
+ li->li_idassert_sasl_mech.bv_val, NULL, NULL,
LDAP_SASL_QUIET, lutil_sasl_interact,
defaults );
@@ -1097,7 +1114,7 @@ ldap_back_proxy_authz_bind( struct ldapconn *lc, Operation *op, SlapReply *rs )
#endif /* HAVE_CYRUS_SASL */
}
- switch ( li->idassert_authmethod ) {
+ switch ( li->li_idassert_authmethod ) {
case LDAP_AUTH_NONE:
LDAP_BACK_CONN_ISBOUND_SET( lc );
goto done;
@@ -1152,12 +1169,12 @@ done:;
*/
int
ldap_back_proxy_authz_ctrl(
- struct ldapconn *lc,
+ ldapconn_t *lc,
Operation *op,
SlapReply *rs,
LDAPControl ***pctrls )
{
- struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
LDAPControl **ctrls = NULL;
int i = 0,
mode;
@@ -1170,8 +1187,8 @@ ldap_back_proxy_authz_ctrl(
/* FIXME: SASL/EXTERNAL over ldapi:// doesn't honor the authcID,
* but if it is not set this test fails. We need a different
* means to detect if idassert is enabled */
- if ( ( BER_BVISNULL( &li->idassert_authcID ) || BER_BVISEMPTY( &li->idassert_authcID ) )
- && ( BER_BVISNULL( &li->idassert_authcDN ) || BER_BVISEMPTY( &li->idassert_authcDN ) ) )
+ if ( ( BER_BVISNULL( &li->li_idassert_authcID ) || BER_BVISEMPTY( &li->li_idassert_authcID ) )
+ && ( BER_BVISNULL( &li->li_idassert_authcDN ) || BER_BVISEMPTY( &li->li_idassert_authcDN ) ) )
{
goto done;
}
@@ -1180,7 +1197,7 @@ ldap_back_proxy_authz_ctrl(
goto done;
}
- if ( li->idassert_mode == LDAP_BACK_IDASSERT_LEGACY ) {
+ if ( li->li_idassert_mode == LDAP_BACK_IDASSERT_LEGACY ) {
if ( op->o_proxy_authz ) {
/*
* FIXME: we do not want to perform proxyAuthz
@@ -1207,12 +1224,12 @@ ldap_back_proxy_authz_ctrl(
goto done;
}
- if ( BER_BVISNULL( &li->idassert_authcDN ) ) {
+ if ( BER_BVISNULL( &li->li_idassert_authcDN ) ) {
goto done;
}
- } else if ( li->idassert_authmethod == LDAP_AUTH_SASL ) {
- if ( ( li->idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ )
+ } else if ( li->li_idassert_authmethod == LDAP_AUTH_SASL ) {
+ if ( ( li->li_idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ )
/* && ( !BER_BVISNULL( &op->o_conn->c_ndn )
|| LDAP_BACK_CONN_ISBOUND( lc ) ) */ )
{
@@ -1223,7 +1240,7 @@ ldap_back_proxy_authz_ctrl(
goto done;
}
- } else if ( li->idassert_authz && !be_isroot( op ) ) {
+ } else if ( li->li_idassert_authz && !be_isroot( op ) ) {
int rc;
struct berval authcDN;
@@ -1232,10 +1249,10 @@ ldap_back_proxy_authz_ctrl(
} else {
authcDN = op->o_conn->c_ndn;
}
- rc = slap_sasl_matches( op, li->idassert_authz,
+ rc = slap_sasl_matches( op, li->li_idassert_authz,
&authcDN, & authcDN );
if ( rc != LDAP_SUCCESS ) {
- if ( li->idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE )
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE )
{
/* op->o_conn->c_ndn is not authorized
* to use idassert */
@@ -1271,7 +1288,7 @@ ldap_back_proxy_authz_ctrl(
mode = LDAP_BACK_IDASSERT_NOASSERT;
} else {
- mode = li->idassert_mode;
+ mode = li->li_idassert_mode;
}
switch ( mode ) {
@@ -1298,7 +1315,7 @@ ldap_back_proxy_authz_ctrl(
case LDAP_BACK_IDASSERT_OTHERID:
case LDAP_BACK_IDASSERT_OTHERDN:
/* assert idassert DN */
- assertedID = li->idassert_authzID;
+ assertedID = li->li_idassert_authzID;
break;
default:
@@ -1320,7 +1337,7 @@ ldap_back_proxy_authz_ctrl(
ctrls[ 0 ]->ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
ctrls[ 0 ]->ldctl_iscritical = 1;
- switch ( li->idassert_mode ) {
+ switch ( li->li_idassert_mode ) {
/* already in u:ID or dn:DN form */
case LDAP_BACK_IDASSERT_OTHERID:
case LDAP_BACK_IDASSERT_OTHERDN:
diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
index 3a582883c3..f42beab8d5 100644
--- a/servers/slapd/back-ldap/chain.c
+++ b/servers/slapd/back-ldap/chain.c
@@ -17,6 +17,7 @@
/* ACKNOWLEDGEMENTS:
* This work was initially developed by the Howard Chu for inclusion
* in OpenLDAP Software.
+ * This work was subsequently modified by Pierangelo Masarati.
*/
#include "portable.h"
@@ -64,12 +65,35 @@ static int sc_chainingBehavior;
static BackendInfo *lback;
typedef struct ldap_chain_t {
- struct ldapinfo *lc_li;
+ /*
+ * A "template" ldapinfo_t gets all common configuration items;
+ * then, for each configured URI, an entry is created in the tree;
+ * all the specific configuration items get in the current URI
+ * structure.
+ *
+ * Then, for each referral, extract the URI and lookup the
+ * related structure. If configured to do so, allow URIs
+ * not found in the structure to create a temporary one
+ * that chains anonymously; maybe it can also be added to
+ * the tree? Should be all configurable.
+ */
+
+ /* "common" configuration info (all occurring before an "uri") */
+ ldapinfo_t *lc_common_li;
+
+ /* current configuration info */
+ ldapinfo_t *lc_cfg_li;
+
+ /* tree of configured[/generated?] "uri" info */
+ ldap_avl_info_t lc_lai;
+
unsigned lc_flags;
-#define LDAP_CHAIN_F_NONE 0x00U
-#define LDAP_CHAIN_F_CHAINING 0x01U
+#define LDAP_CHAIN_F_NONE (0x00U)
+#define LDAP_CHAIN_F_CHAINING (0x01U)
+#define LDAP_CHAIN_F_CACHE_URI (0x10U)
- ldap_pvt_thread_mutex_t lc_mutex;
+#define LDAP_CHAIN_CHAINING( lc ) ( ( (lc)->lc_flags & LDAP_CHAIN_F_CHAINING ) == LDAP_CHAIN_F_CHAINING )
+#define LDAP_CHAIN_CACHE_URI( lc ) ( ( (lc)->lc_flags & LDAP_CHAIN_F_CACHE_URI ) == LDAP_CHAIN_F_CACHE_URI )
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
LDAPControl lc_chaining_ctrl;
@@ -77,6 +101,12 @@ typedef struct ldap_chain_t {
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
} ldap_chain_t;
+static int ldap_chain_db_init_common( BackendDB *be );
+static int ldap_chain_db_init_one( BackendDB *be );
+#define ldap_chain_db_open_one(be) (lback)->bi_db_open( (be) )
+#define ldap_chain_db_close_one(be) (0)
+#define ldap_chain_db_destroy_one(be) (lback)->bi_db_destroy( (be) )
+
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
static int
chaining_control_add(
@@ -90,7 +120,7 @@ chaining_control_add(
*oldctrlsp = op->o_ctrls;
/* default chaining control not defined */
- if ( !( lc->lc_flags & LDAP_CHAIN_F_CHAINING ) ) {
+ if ( !LDAP_CHAIN_CHAINING( lc ) ) {
return 0;
}
@@ -149,6 +179,46 @@ chaining_control_remove(
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+static int
+ldap_chain_uri_cmp( const void *c1, const void *c2 )
+{
+ const ldapinfo_t *li1 = (const ldapinfo_t *)c1;
+ const ldapinfo_t *li2 = (const ldapinfo_t *)c2;
+
+ assert( li1->li_bvuri != NULL );
+ assert( !BER_BVISNULL( &li1->li_bvuri[ 0 ] ) );
+ assert( BER_BVISNULL( &li1->li_bvuri[ 1 ] ) );
+
+ assert( li2->li_bvuri != NULL );
+ assert( !BER_BVISNULL( &li2->li_bvuri[ 0 ] ) );
+ assert( BER_BVISNULL( &li2->li_bvuri[ 1 ] ) );
+
+ /* If local DNs don't match, it is definitely not a match */
+ return ber_bvcmp( &li1->li_bvuri[ 0 ], &li2->li_bvuri[ 0 ] );
+}
+
+static int
+ldap_chain_uri_dup( void *c1, void *c2 )
+{
+ ldapinfo_t *li1 = (ldapinfo_t *)c1;
+ ldapinfo_t *li2 = (ldapinfo_t *)c2;
+
+ assert( li1->li_bvuri != NULL );
+ assert( !BER_BVISNULL( &li1->li_bvuri[ 0 ] ) );
+ assert( BER_BVISNULL( &li1->li_bvuri[ 1 ] ) );
+
+ assert( li2->li_bvuri != NULL );
+ assert( !BER_BVISNULL( &li2->li_bvuri[ 0 ] ) );
+ assert( BER_BVISNULL( &li2->li_bvuri[ 1 ] ) );
+
+ /* Cannot have more than one shared session with same DN */
+ if ( ber_bvcmp( &li1->li_bvuri[ 0 ], &li2->li_bvuri[ 0 ] ) == 0 ) {
+ return -1;
+ }
+
+ return 0;
+}
+
static int
ldap_chain_operational( Operation *op, SlapReply *rs )
{
@@ -211,7 +281,7 @@ ldap_chain_cb_search_response( Operation *op, SlapReply *rs )
switch ( get_continuationBehavior( op ) ) {
case SLAP_CH_RESOLVE_CHAINING_REQUIRED:
op->o_callback->sc_private = LDAP_CH_ERR;
- return -1;
+ return rs->sr_err = LDAP_X_CANNOT_CHAIN;
default:
break;
@@ -241,7 +311,36 @@ ldap_chain_cb_response( Operation *op, SlapReply *rs )
}
if ( rs->sr_type == REP_RESULT ) {
- op->o_callback->sc_private = LDAP_CH_RES;
+ switch ( rs->sr_err ) {
+ case LDAP_COMPARE_TRUE:
+ case LDAP_COMPARE_FALSE:
+ if ( op->o_tag != LDAP_REQ_COMPARE ) {
+ return rs->sr_err;
+ }
+ /* fallthru */
+
+ case LDAP_SUCCESS:
+ op->o_callback->sc_private = LDAP_CH_RES;
+ break;
+
+ case LDAP_REFERRAL:
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+ if ( get_chaining( op ) > SLAP_CONTROL_IGNORED ) {
+ switch ( get_continuationBehavior( op ) ) {
+ case SLAP_CH_RESOLVE_CHAINING_REQUIRED:
+ op->o_callback->sc_private = LDAP_CH_ERR;
+ return rs->sr_err = LDAP_X_CANNOT_CHAIN;
+
+ default:
+ break;
+ }
+ }
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ break;
+
+ default:
+ return rs->sr_err;
+ }
} else if ( op->o_tag == LDAP_REQ_SEARCH && rs->sr_type == REP_SEARCH )
{
@@ -261,10 +360,8 @@ ldap_chain_op(
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
-
- struct ldapinfo *lip = lc->lc_li;
- char *save_url = NULL;
- SlapReply rs2 = { 0 };
+ ldapinfo_t li = { 0 }, *lip = NULL;
+ struct berval bvuri[ 2 ] = { { 0 } };
/* NOTE: returned if ref is empty... */
int rc = LDAP_OTHER;
@@ -275,27 +372,11 @@ ldap_chain_op(
(void)chaining_control_add( lc, op, &ctrls );
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- if ( lip->url != NULL ) {
- op->o_bd->be_private = lip;
- rc = ( *op_f )( op, &rs2 );
- rs->sr_err = rs2.sr_err;
- goto done;
- }
-
- save_url = lip->url;
- lip->url = NULL;
- op->o_bd->be_private = lip;
-
- /* if we parse the URI then by no means
- * we can cache stuff or reuse connections,
- * because in back-ldap there's no caching
- * based on the URI value, which is supposed
- * to be set once for all (correct?) */
- op->o_do_not_cache = 1;
-
+ li.li_bvuri = bvuri;
for ( ; !BER_BVISNULL( ref ); ref++ ) {
LDAPURLDesc *srv;
char *save_dn;
+ int temporary = 0;
/* We're setting the URI of the first referral;
* what if there are more?
@@ -328,30 +409,76 @@ Document: draft-ietf-ldapbis-protocol-27.txt
save_dn = srv->lud_dn;
srv->lud_dn = "";
srv->lud_scope = LDAP_SCOPE_DEFAULT;
- lip->url = ldap_url_desc2str( srv );
+ li.li_uri = ldap_url_desc2str( srv );
srv->lud_dn = save_dn;
ldap_free_urldesc( srv );
- if ( lip->url == NULL ) {
+ if ( li.li_uri == NULL ) {
/* try next */
rc = LDAP_OTHER;
continue;
}
- rc = ( *op_f )( op, &rs2 );
- rs->sr_err = rs2.sr_err;
+ ber_str2bv( li.li_uri, 0, 0, &li.li_bvuri[ 0 ] );
+
+ /* Searches for a ldapinfo in the avl tree */
+ ldap_pvt_thread_mutex_lock( &lc->lc_lai.lai_mutex );
+ lip = (ldapinfo_t *)avl_find( lc->lc_lai.lai_tree,
+ (caddr_t)&li, ldap_chain_uri_cmp );
+ ldap_pvt_thread_mutex_unlock( &lc->lc_lai.lai_mutex );
+
+ if ( lip != NULL ) {
+ op->o_bd->be_private = (void *)lip;
+
+ } else {
+ rc = ldap_chain_db_init_one( op->o_bd );
+ if ( rc != 0 ) {
+ goto cleanup;
+ }
+ lip = (ldapinfo_t *)op->o_bd->be_private;
+ lip->li_uri = li.li_uri;
+ lip->li_bvuri = bvuri;
+ rc = ldap_chain_db_open_one( op->o_bd );
+ if ( rc != 0 ) {
+ (void)ldap_chain_db_destroy_one( op->o_bd );
+ goto cleanup;
+ }
+
+ if ( LDAP_CHAIN_CACHE_URI( lc ) ) {
+ ldap_pvt_thread_mutex_lock( &lc->lc_lai.lai_mutex );
+ if ( avl_insert( &lc->lc_lai.lai_tree,
+ (caddr_t)lip, ldap_chain_uri_cmp, ldap_chain_uri_dup ) )
+ {
+ /* someone just inserted another;
+ * don't bother, use this and then
+ * just free it */
+ temporary = 1;
+ }
+ ldap_pvt_thread_mutex_unlock( &lc->lc_lai.lai_mutex );
+
+ } else {
+ temporary = 1;
+ }
+ }
+
+ rc = ( *op_f )( op, rs );
+
+cleanup:;
+ ldap_memfree( li.li_uri );
+ li.li_uri = NULL;
- ldap_memfree( lip->url );
- lip->url = NULL;
+ if ( temporary ) {
+ lip->li_uri = NULL;
+ lip->li_bvuri = NULL;
+ (void)ldap_chain_db_close_one( op->o_bd );
+ (void)ldap_chain_db_destroy_one( op->o_bd );
+ }
if ( rc == LDAP_SUCCESS && rs->sr_err == LDAP_SUCCESS ) {
break;
}
}
- lip->url = save_url;
-
-done:;
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
(void)chaining_control_remove( op, &ctrls );
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
@@ -367,17 +494,13 @@ ldap_chain_response( Operation *op, SlapReply *rs )
slap_callback *sc = op->o_callback,
sc2 = { 0 };
int rc = 0;
- int cache = op->o_do_not_cache;
- char *matched;
+ const char *matched;
BerVarray ref;
struct berval ndn = op->o_ndn;
- ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
- struct ldapinfo *lip = lc->lc_li;
-
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
int sr_err = rs->sr_err;
slap_reply_t sr_type = rs->sr_type;
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
slap_mask_t chain_mask = 0;
ber_len_t chain_shift = 0;
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
@@ -413,8 +536,6 @@ ldap_chain_response( Operation *op, SlapReply *rs )
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- ldap_pvt_thread_mutex_lock( &lc->lc_mutex );
-
/*
* TODO: add checks on who/when chain operations; e.g.:
* a) what identities are authorized
@@ -455,28 +576,39 @@ ldap_chain_response( Operation *op, SlapReply *rs )
op->o_conn = conn;
}
break;
+
case LDAP_REQ_ADD:
rc = ldap_chain_op( op, rs, lback->bi_op_add, ref );
break;
+
case LDAP_REQ_DELETE:
rc = ldap_chain_op( op, rs, lback->bi_op_delete, ref );
break;
+
case LDAP_REQ_MODRDN:
rc = ldap_chain_op( op, rs, lback->bi_op_modrdn, ref );
break;
+
case LDAP_REQ_MODIFY:
rc = ldap_chain_op( op, rs, lback->bi_op_modify, ref );
break;
+
case LDAP_REQ_COMPARE:
rc = ldap_chain_op( op, rs, lback->bi_op_compare, ref );
+ if ( rs->sr_err == LDAP_COMPARE_TRUE || rs->sr_err == LDAP_COMPARE_FALSE ) {
+ rc = LDAP_SUCCESS;
+ }
break;
+
case LDAP_REQ_SEARCH:
if ( rs->sr_type == REP_SEARCHREF ) {
+ ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
+ ldapinfo_t li = { 0 }, *lip = NULL;
+ struct berval bvuri[ 2 ] = { { 0 } };
+
struct berval *curr = ref,
odn = op->o_req_dn,
ondn = op->o_req_ndn;
- char *save_url = NULL;
- SlapReply rs2 = { 0 };
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
LDAPControl **ctrls = NULL;
@@ -488,21 +620,16 @@ ldap_chain_response( Operation *op, SlapReply *rs )
sc2.sc_response = ldap_chain_cb_search_response;
- save_url = lip->url;
- lip->url = NULL;
- op->o_bd->be_private = lip;
-
/* if we parse the URI then by no means
* we can cache stuff or reuse connections,
* because in back-ldap there's no caching
* based on the URI value, which is supposed
* to be set once for all (correct?) */
- op->o_do_not_cache = 1;
-
- /* copy the private info because we need to modify it */
+ li.li_bvuri = bvuri;
for ( ; !BER_BVISNULL( &curr[0] ); curr++ ) {
LDAPURLDesc *srv;
char *save_dn;
+ int temporary = 0;
/* parse reference and use
* proto://[host][:port]/ only */
@@ -519,8 +646,8 @@ ldap_chain_response( Operation *op, SlapReply *rs )
save_dn = srv->lud_dn;
srv->lud_dn = "";
srv->lud_scope = LDAP_SCOPE_DEFAULT;
- lip->url = ldap_url_desc2str( srv );
- if ( lip->url != NULL ) {
+ li.li_uri = ldap_url_desc2str( srv );
+ if ( li.li_uri != NULL ) {
ber_str2bv_x( save_dn, 0, 1, &op->o_req_dn,
op->o_tmpmemctx );
ber_dupbv_x( &op->o_req_ndn, &op->o_req_dn,
@@ -530,26 +657,75 @@ ldap_chain_response( Operation *op, SlapReply *rs )
srv->lud_dn = save_dn;
ldap_free_urldesc( srv );
- if ( lip->url == NULL ) {
+ if ( li.li_uri == NULL ) {
/* try next */
rs->sr_err = LDAP_OTHER;
continue;
}
+ ber_str2bv( li.li_uri, 0, 0, &li.li_bvuri[ 0 ] );
+
+ /* Searches for a ldapinfo in the avl tree */
+ ldap_pvt_thread_mutex_lock( &lc->lc_lai.lai_mutex );
+ lip = (ldapinfo_t *)avl_find( lc->lc_lai.lai_tree,
+ (caddr_t)&li, ldap_chain_uri_cmp );
+ ldap_pvt_thread_mutex_unlock( &lc->lc_lai.lai_mutex );
+
+ if ( lip != NULL ) {
+ op->o_bd->be_private = (void *)lip;
+
+ } else {
+ /* if none is found, create a temporary... */
+ rc = ldap_chain_db_init_one( op->o_bd );
+ if ( rc != 0 ) {
+ goto cleanup;
+ }
+ lip = (ldapinfo_t *)op->o_bd->be_private;
+ lip->li_uri = li.li_uri;
+ lip->li_bvuri = bvuri;
+ rc = ldap_chain_db_open_one( op->o_bd );
+ if ( rc != 0 ) {
+ (void)ldap_chain_db_destroy_one( op->o_bd );
+ goto cleanup;
+ }
+
+ if ( LDAP_CHAIN_CACHE_URI( lc ) ) {
+ ldap_pvt_thread_mutex_lock( &lc->lc_lai.lai_mutex );
+ if ( avl_insert( &lc->lc_lai.lai_tree,
+ (caddr_t)lip, ldap_chain_uri_cmp, ldap_chain_uri_dup ) )
+ {
+ /* someone just inserted another;
+ * don't bother, use this and then
+ * just free it */
+ temporary = 1;
+ }
+ ldap_pvt_thread_mutex_unlock( &lc->lc_lai.lai_mutex );
+
+ } else {
+ temporary = 1;
+ }
+ }
/* FIXME: should we also copy filter and scope?
* according to RFC3296, no */
- rc = lback->bi_op_search( op, &rs2 );
- rs->sr_err = rs2.sr_err;
+ rc = lback->bi_op_search( op, rs );
- ldap_memfree( lip->url );
- lip->url = NULL;
+cleanup:;
+ ldap_memfree( li.li_uri );
+ li.li_uri = NULL;
op->o_tmpfree( op->o_req_dn.bv_val,
op->o_tmpmemctx );
op->o_tmpfree( op->o_req_ndn.bv_val,
op->o_tmpmemctx );
+ if ( temporary ) {
+ lip->li_uri = NULL;
+ lip->li_bvuri = NULL;
+ (void)ldap_chain_db_close_one( op->o_bd );
+ (void)ldap_chain_db_destroy_one( op->o_bd );
+ }
+
if ( rc == LDAP_SUCCESS && rs->sr_err == LDAP_SUCCESS ) {
break;
}
@@ -561,8 +737,6 @@ ldap_chain_response( Operation *op, SlapReply *rs )
(void)chaining_control_remove( op, &ctrls );
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- lip->url = save_url;
-
op->o_req_dn = odn;
op->o_req_ndn = ondn;
rs->sr_type = REP_SEARCHREF;
@@ -577,24 +751,38 @@ ldap_chain_response( Operation *op, SlapReply *rs )
rc = ldap_chain_op( op, rs, lback->bi_op_search, ref );
}
break;
+
case LDAP_REQ_EXTENDED:
rc = ldap_chain_op( op, rs, lback->bi_extended, ref );
/* FIXME: ldap_back_extended() by design
* doesn't send result; frontend is expected
* to send it... */
+ /* FIXME: what aboit chaining? */
if ( rc != SLAPD_ABANDON ) {
send_ldap_extended( op, rs );
rc = LDAP_SUCCESS;
}
+ sc2.sc_private = LDAP_CH_RES;
break;
+
default:
rc = SLAP_CB_CONTINUE;
break;
}
+ switch ( rc ) {
+ case SLAPD_ABANDON:
+ goto dont_chain;
+
+ case LDAP_SUCCESS:
+ case LDAP_REFERRAL:
+ /* slapd-ldap sent response */
+ assert( sc2.sc_private == LDAP_CH_RES );
+ break;
+
+ default:
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
- if ( rc != LDAP_SUCCESS || sc2.sc_private == LDAP_CH_ERR ) {
- if ( rs->sr_err == LDAP_X_CANNOT_CHAIN ) {
+ if ( sc2.sc_private == LDAP_CH_ERR && rs->sr_err == LDAP_X_CANNOT_CHAIN ) {
goto cannot_chain;
}
@@ -604,35 +792,35 @@ cannot_chain:;
op->o_callback = NULL;
send_ldap_error( op, rs, LDAP_X_CANNOT_CHAIN,
"operation cannot be completed without chaining" );
- break;
+ goto dont_chain;
default:
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
rc = SLAP_CB_CONTINUE;
rs->sr_err = sr_err;
rs->sr_type = sr_type;
+ rs->sr_matched = matched;
+ rs->sr_ref = ref;
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
break;
}
- goto dont_chain;
- }
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ }
- if ( sc2.sc_private == LDAP_CH_NONE ) {
+ if ( sc2.sc_private == LDAP_CH_NONE && rc != SLAPD_ABANDON ) {
op->o_callback = NULL;
rc = rs->sr_err = slap_map_api2result( rs );
send_ldap_result( op, rs );
}
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
dont_chain:;
-#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- op->o_do_not_cache = cache;
+ rs->sr_err = sr_err;
+ rs->sr_type = sr_type;
+ rs->sr_matched = matched;
+ rs->sr_ref = ref;
op->o_bd->be_private = private;
op->o_callback = sc;
op->o_ndn = ndn;
- rs->sr_matched = matched;
- rs->sr_ref = ref;
-
- ldap_pvt_thread_mutex_unlock( &lc->lc_mutex );
return rc;
}
@@ -664,53 +852,179 @@ str2chain( const char *s )
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+/*
+ * configuration...
+ */
+
enum {
- PC_CHAINING = 1
+ CH_CHAINING = 1,
+ CH_CACHE_URI = 2,
+
+ CH_LAST
};
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
static ConfigDriver chain_cf_gen;
static ConfigCfAdd chain_cfadd;
-#endif
static ConfigLDAPadd chain_ldadd;
static ConfigTable chaincfg[] = {
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
{ "chain-chaining", "args",
- 2, 4, 0, ARG_MAGIC|ARG_BERVAL|PC_CHAINING, chain_cf_gen,
+ 2, 4, 0, ARG_MAGIC|ARG_BERVAL|CH_CHAINING, chain_cf_gen,
"( OLcfgOvAt:3.1 NAME 'olcChainingBehavior' "
"DESC 'Chaining behavior control parameters (draft-sermersheim-ldap-chaining)' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ { "chain-cache-uris", "TRUE/FALSE",
+ 2, 2, 0, ARG_MAGIC|ARG_ON_OFF|CH_CACHE_URI, chain_cf_gen,
+ "( OLcfgOvAt:3.2 NAME 'olcCacheURIs' "
+ "DESC 'Enables caching of URIs not present in configuration' "
+ "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
{ NULL, NULL, 0, 0, 0, ARG_IGNORED }
};
static ConfigOCs chainocs[] = {
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
{ "( OLcfgOvOc:3.1 "
"NAME 'olcChainConfig' "
"DESC 'Chain configuration' "
"SUP olcOverlayConfig "
- "MAY olcChainingBehavior )", Cft_Overlay, chaincfg, NULL, chain_cfadd },
-#endif
+ "MAY ( "
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+ "olcChainingBehavior $ "
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ "olcCacheURIs "
+ ") )",
+ Cft_Overlay, chaincfg, NULL, chain_cfadd },
{ "( OLcfgOvOc:3.2 "
"NAME 'olcChainDatabase' "
"DESC 'Chain remote server configuration' "
- "AUXILIARY )", Cft_Misc, chaincfg, chain_ldadd },
+ "AUXILIARY )",
+ Cft_Misc, chaincfg, chain_ldadd },
{ NULL, 0, NULL }
};
static int
chain_ldadd( CfEntryInfo *p, Entry *e, ConfigArgs *ca )
{
- if ( p->ce_type != Cft_Overlay || !p->ce_bi ||
- p->ce_bi->bi_cf_ocs != chainocs )
+ slap_overinst *on;
+ ldap_chain_t *lc;
+
+ ldapinfo_t *li;
+
+ AttributeDescription *ad = NULL;
+ Attribute *at;
+ const char *text;
+
+ int rc;
+
+ if ( p->ce_type != Cft_Overlay
+ || !p->ce_bi
+ || p->ce_bi->bi_cf_ocs != chainocs )
+ {
return LDAP_CONSTRAINT_VIOLATION;
+ }
- return LDAP_SUCCESS;
+ on = (slap_overinst *)p->ce_bi;
+ lc = (ldap_chain_t *)on->on_bi.bi_private;
+
+ assert( ca->be == NULL );
+ ca->be = (BackendDB *)ch_calloc( 1, sizeof( BackendDB ) );
+
+ ca->be->bd_info = (BackendInfo *)on;
+
+ rc = slap_str2ad( "olcDbURI", &ad, &text );
+ assert( rc == LDAP_SUCCESS );
+
+ at = attr_find( e->e_attrs, ad );
+ if ( lc->lc_common_li == NULL && at != NULL ) {
+ /* FIXME: we should generate an empty default entry
+ * if none is supplied */
+ Debug( LDAP_DEBUG_ANY, "slapd-chain: "
+ "first underlying database \"%s\" "
+ "cannot contain attribute \"%s\".\n",
+ e->e_name.bv_val, ad->ad_cname.bv_val, 0 );
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto done;
+
+ } else if ( lc->lc_common_li != NULL && at == NULL ) {
+ /* FIXME: we should generate an empty default entry
+ * if none is supplied */
+ Debug( LDAP_DEBUG_ANY, "slapd-chain: "
+ "subsequent underlying database \"%s\" "
+ "must contain attribute \"%s\".\n",
+ e->e_name.bv_val, ad->ad_cname.bv_val, 0 );
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto done;
+ }
+
+ if ( lc->lc_common_li == NULL ) {
+ rc = ldap_chain_db_init_common( ca->be );
+
+ } else {
+ rc = ldap_chain_db_init_one( ca->be );
+ }
+
+ if ( rc != 0 ) {
+ Debug( LDAP_DEBUG_ANY, "slapd-chain: "
+ "unable to init %sunderlying database \"%s\".\n",
+ lc->lc_common_li == NULL ? "common " : "", e->e_name.bv_val, 0 );
+ return LDAP_CONSTRAINT_VIOLATION;
+ }
+
+ li = ca->be->be_private;
+
+ if ( lc->lc_common_li == NULL ) {
+ lc->lc_common_li = li;
+
+ } else if ( avl_insert( &lc->lc_lai.lai_tree, (caddr_t)li,
+ ldap_chain_uri_cmp, ldap_chain_uri_dup ) )
+ {
+ Debug( LDAP_DEBUG_ANY, "slapd-chain: "
+ "database \"%s\" insert failed.\n",
+ e->e_name.bv_val, 0, 0 );
+ rc = LDAP_CONSTRAINT_VIOLATION;
+ goto done;
+ }
+
+done:;
+ if ( rc != LDAP_SUCCESS ) {
+ (void)ldap_chain_db_destroy_one( ca->be );
+ ch_free( ca->be );
+ ca->be = NULL;
+ }
+
+ return rc;
}
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
+typedef struct ldap_chain_cfadd_apply_t {
+ Operation *op;
+ SlapReply *rs;
+ Entry *p;
+ ConfigArgs *ca;
+ int count;
+} ldap_chain_cfadd_apply_t;
+
+static int
+ldap_chain_cfadd_apply( void *datum, void *arg )
+{
+ ldapinfo_t *li = (ldapinfo_t *)datum;
+ ldap_chain_cfadd_apply_t *lca = (ldap_chain_cfadd_apply_t *)arg;
+
+ struct berval bv;
+
+ /* FIXME: should not hardcode "olcDatabase" here */
+ bv.bv_len = snprintf( lca->ca->msg, sizeof( lca->ca->msg ),
+ "olcDatabase={%d}%s", lca->count, lback->bi_type );
+ bv.bv_val = lca->ca->msg;
+
+ lca->ca->be->be_private = (void *)li;
+ config_build_entry( lca->op, lca->rs, lca->p->e_private, lca->ca,
+ &bv, lback->bi_cf_ocs, &chainocs[1] );
+
+ lca->count++;
+
+ return 0;
+}
static int
chain_cfadd( Operation *op, SlapReply *rs, Entry *p, ConfigArgs *ca )
@@ -719,22 +1033,28 @@ chain_cfadd( Operation *op, SlapReply *rs, Entry *p, ConfigArgs *ca )
slap_overinst *on = (slap_overinst *)pe->ce_bi;
ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
void *priv = (void *)ca->be->be_private;
- struct berval bv;
-
- /* FIXME: should not hardcode "olcDatabase" here */
- bv.bv_len = sprintf( ca->msg, "olcDatabase=%s", lback->bi_type );
- bv.bv_val = ca->msg;
- /* We can only create this entry if the database is table-driven */
if ( lback->bi_cf_ocs ) {
- ca->be->be_private = (void *)lc->lc_li;
- config_build_entry( op, rs, pe, ca, &bv, lback->bi_cf_ocs, &chainocs[1] );
+ ldap_chain_cfadd_apply_t lca = { 0 };
+
+ lca.op = op;
+ lca.rs = rs;
+ lca.p = p;
+ lca.ca = ca;
+ lca.count = 0;
+
+ (void)ldap_chain_cfadd_apply( (void *)lc->lc_common_li, (void *)&lca );
+
+ (void)avl_apply( lc->lc_lai.lai_tree, ldap_chain_cfadd_apply,
+ &lca, 1, AVL_INORDER );
+
ca->be->be_private = priv;
}
return 0;
}
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
static slap_verbmasks chaining_mode[] = {
{ BER_BVC("referralsRequired"), LDAP_REFERRALS_REQUIRED },
{ BER_BVC("referralsPreferred"), LDAP_REFERRALS_PREFERRED },
@@ -742,25 +1062,24 @@ static slap_verbmasks chaining_mode[] = {
{ BER_BVC("chainingPreferred"), LDAP_CHAINING_PREFERRED },
{ BER_BVNULL, 0 }
};
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
static int
chain_cf_gen( ConfigArgs *c )
{
slap_overinst *on = (slap_overinst *)c->bi;
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
-#endif
int rc = 0;
if ( c->op == SLAP_CONFIG_EMIT ) {
switch( c->type ) {
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
- case PC_CHAINING: {
+ case CH_CHAINING: {
struct berval resolve = BER_BVNULL,
continuation = BER_BVNULL;
- if ( !( lc->lc_flags & LDAP_CHAIN_F_CHAINING ) ) {
+ if ( !LDAP_CHAIN_CHAINING( lc ) ) {
return 1;
}
@@ -787,6 +1106,10 @@ chain_cf_gen( ConfigArgs *c )
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ case CH_CACHE_URI:
+ c->value_int = LDAP_CHAIN_CACHE_URI( lc );
+ break;
+
default:
assert( 0 );
rc = 1;
@@ -794,19 +1117,23 @@ chain_cf_gen( ConfigArgs *c )
return rc;
} else if ( c->op == LDAP_MOD_DELETE ) {
- return 1; /* FIXME */
-#if 0
switch( c->type ) {
- case PC_ATTR:
- case PC_TEMP:
+ case CH_CHAINING:
+ return 1;
+
+ case CH_CACHE_URI:
+ lc->lc_flags &= ~LDAP_CHAIN_F_CACHE_URI;
+ break;
+
+ default:
+ return 1;
}
return rc;
-#endif
}
switch( c->type ) {
+ case CH_CHAINING: {
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
- case PC_CHAINING: {
char **argv = c->argv;
int argc = c->argc;
BerElementBuffer berbuf;
@@ -823,20 +1150,20 @@ chain_cf_gen( ConfigArgs *c )
if ( strncasecmp( argv[ 0 ], "resolve=", STRLENOF( "resolve=" ) ) == 0 ) {
resolve = str2chain( argv[ 0 ] + STRLENOF( "resolve=" ) );
if ( resolve == -1 ) {
- fprintf( stderr, "%s line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: "
"illegal <resolve> value %s "
- "in \"chain-chaining>\"\n",
- c->fname, c->lineno, argv[ 0 ] );
+ "in \"chain-chaining>\".\n",
+ c->log, argv[ 0 ], 0 );
return 1;
}
} else if ( strncasecmp( argv[ 0 ], "continuation=", STRLENOF( "continuation=" ) ) == 0 ) {
continuation = str2chain( argv[ 0 ] + STRLENOF( "continuation=" ) );
if ( continuation == -1 ) {
- fprintf( stderr, "%s line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: "
"illegal <continuation> value %s "
- "in \"chain-chaining\"\n",
- c->fname, c->lineno, argv[ 0 ] );
+ "in \"chain-chaining\".\n",
+ c->log, argv[ 0 ], 0 );
return 1;
}
@@ -844,9 +1171,9 @@ chain_cf_gen( ConfigArgs *c )
iscritical = 1;
} else {
- fprintf( stderr, "%s line %d: "
- "unknown option in \"chain-chaining\"\n",
- c->fname, c->lineno );
+ Debug( LDAP_DEBUG_ANY, "%s: "
+ "unknown option in \"chain-chaining\".\n",
+ c->log, 0, 0 );
return 1;
}
}
@@ -864,9 +1191,9 @@ chain_cf_gen( ConfigArgs *c )
err = ber_printf( ber, "{e" /* } */, resolve );
if ( err == -1 ) {
ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: "
"chaining behavior control encoding error!\n",
- c->fname, c->lineno );
+ c->log, 0, 0 );
return 1;
}
@@ -874,9 +1201,9 @@ chain_cf_gen( ConfigArgs *c )
err = ber_printf( ber, "e", continuation );
if ( err == -1 ) {
ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: "
"chaining behavior control encoding error!\n",
- c->fname, c->lineno );
+ c->log, 0, 0 );
return 1;
}
}
@@ -884,9 +1211,9 @@ chain_cf_gen( ConfigArgs *c )
err = ber_printf( ber, /* { */ "N}" );
if ( err == -1 ) {
ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: "
"chaining behavior control encoding error!\n",
- c->fname, c->lineno );
+ c->log, 0, 0 );
return 1;
}
@@ -903,10 +1230,9 @@ chain_cf_gen( ConfigArgs *c )
if ( ldap_chain_parse_ctrl( &op, &rs, &lc->lc_chaining_ctrl ) != LDAP_SUCCESS )
{
- fprintf( stderr, "%s line %d: "
- "unable to parse chaining control%s%s\n",
- c->fname, c->lineno,
- rs.sr_text ? ": " : "",
+ Debug( LDAP_DEBUG_ANY, "%s: "
+ "unable to parse chaining control%s%s.\n",
+ c->log, rs.sr_text ? ": " : "",
rs.sr_text ? rs.sr_text : "" );
return 1;
}
@@ -916,10 +1242,20 @@ chain_cf_gen( ConfigArgs *c )
lc->lc_flags |= LDAP_CHAIN_F_CHAINING;
rc = 0;
+#else /* ! LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ Debug( LDAP_DEBUG_ANY, "%s: "
+ "\"chaining\" control unsupported (ignored).\n",
+ c->log, 0, 0 );
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+ } break;
+ case CH_CACHE_URI:
+ if ( c->value_int ) {
+ lc->lc_flags |= LDAP_CHAIN_F_CACHE_URI;
+ } else {
+ lc->lc_flags &= ~LDAP_CHAIN_F_CACHE_URI;
+ }
break;
- }
-#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
default:
assert( 0 );
@@ -928,7 +1264,31 @@ chain_cf_gen( ConfigArgs *c )
return rc;
}
-#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
+static int
+ldap_chain_db_init(
+ BackendDB *be )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ ldap_chain_t *lc = NULL;
+
+ if ( lback == NULL ) {
+ lback = backend_info( "ldap" );
+
+ if ( lback == NULL ) {
+ return 1;
+ }
+ }
+
+ lc = ch_malloc( sizeof( ldap_chain_t ) );
+ if ( lc == NULL ) {
+ return 1;
+ }
+ memset( lc, 0, sizeof( ldap_chain_t ) );
+
+ on->on_bi.bi_private = (void *)lc;
+
+ return 0;
+}
static int
ldap_chain_db_config(
@@ -938,219 +1298,302 @@ ldap_chain_db_config(
int argc,
char **argv )
{
- slap_overinst *on = (slap_overinst *) be->bd_info;
+ slap_overinst *on = (slap_overinst *)be->bd_info;
ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
- char *argv0 = NULL;
- int rc;
- BackendDB db = *be;
- if ( strncasecmp( argv[ 0 ], "chain-", STRLENOF( "chain-" ) ) == 0 ) {
- argv0 = argv[ 0 ];
- argv[ 0 ] = &argv[ 0 ][ STRLENOF( "chain-" ) ];
-
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
- if ( strcasecmp( argv[ 0 ], "chaining" ) == 0 ) {
- char **tmpargv = argv;
- BerElementBuffer berbuf;
- BerElement *ber = (BerElement *)&berbuf;
- int resolve = -1,
- continuation = -1,
- iscritical = 0;
- Operation op = { 0 };
- SlapReply rs = { 0 };
-
- lc->lc_chaining_ctrlflag = 0;
-
- for ( argc--, tmpargv++; argc > 0; argc--, tmpargv++ ) {
- if ( strncasecmp( tmpargv[ 0 ], "resolve=", STRLENOF( "resolve=" ) ) == 0 ) {
- resolve = str2chain( tmpargv[ 0 ] + STRLENOF( "resolve=" ) );
- if ( resolve == -1 ) {
- fprintf( stderr, "%s line %d: "
- "illegal <resolve> value %s "
- "in \"chain-chaining>\"\n",
- fname, lineno, tmpargv[ 0 ] );
- return 1;
- }
-
- } else if ( strncasecmp( tmpargv[ 0 ], "continuation=", STRLENOF( "continuation=" ) ) == 0 ) {
- continuation = str2chain( tmpargv[ 0 ] + STRLENOF( "continuation=" ) );
- if ( continuation == -1 ) {
- fprintf( stderr, "%s line %d: "
- "illegal <continuation> value %s "
- "in \"chain-chaining\"\n",
- fname, lineno, tmpargv[ 0 ] );
- return 1;
- }
-
- } else if ( strcasecmp( tmpargv[ 0 ], "critical" ) == 0 ) {
- iscritical = 1;
+ int rc = SLAP_CONF_UNKNOWN;
+
+ if ( lc->lc_common_li == NULL ) {
+ void *be_private = be->be_private;
+ ldap_chain_db_init_common( be );
+ lc->lc_common_li = lc->lc_cfg_li = (ldapinfo_t *)be->be_private;
+ be->be_private = be_private;
+ }
- } else {
- fprintf( stderr, "%s line %d: "
- "unknown option in \"chain-chaining\"\n",
- fname, lineno );
- return 1;
- }
+ /* Something for the chain database? */
+ if ( strncasecmp( argv[ 0 ], "chain-", STRLENOF( "chain-" ) ) == 0 ) {
+ char *save_argv0 = argv[ 0 ];
+ BackendInfo *bd_info = be->bd_info;
+ void *be_private = be->be_private;
+ ConfigOCs *be_cf_ocs = be->be_cf_ocs;
+ int is_uri = 0;
+
+ argv[ 0 ] += STRLENOF( "chain-" );
+
+ if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
+ rc = ldap_chain_db_init_one( be );
+ if ( rc != 0 ) {
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "underlying slapd-ldap initialization failed.\n.",
+ fname, lineno, 0 );
+ return 1;
}
+ lc->lc_cfg_li = be->be_private;
+ is_uri = 1;
+ }
- if ( resolve != -1 || continuation != -1 ) {
- int err;
+ /* TODO: add checks on what other slapd-ldap(5) args
+ * should be put in the template; this is not quite
+ * harmful, because attributes that shouldn't don't
+ * get actually used, but the user should at least
+ * be warned.
+ */
- if ( resolve == -1 ) {
- /* default */
- resolve = SLAP_CHAINING_DEFAULT;
- }
+ be->bd_info = lback;
+ be->be_private = (void *)lc->lc_cfg_li;
+ be->be_cf_ocs = lback->bi_cf_ocs;
- ber_init2( ber, NULL, LBER_USE_DER );
+ rc = config_generic_wrapper( be, fname, lineno, argc, argv );
- err = ber_printf( ber, "{e" /* } */, resolve );
- if ( err == -1 ) {
- ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
- "chaining behavior control encoding error!\n",
- fname, lineno );
- return 1;
- }
+ argv[ 0 ] = save_argv0;
+ be->be_cf_ocs = be_cf_ocs;
+ be->be_private = be_private;
+ be->bd_info = bd_info;
- if ( continuation > -1 ) {
- err = ber_printf( ber, "e", continuation );
- if ( err == -1 ) {
- ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
- "chaining behavior control encoding error!\n",
- fname, lineno );
- return 1;
- }
- }
+ if ( is_uri ) {
+private_destroy:;
+ if ( rc != 0 ) {
+ BackendDB db = *be;
- err = ber_printf( ber, /* { */ "N}" );
- if ( err == -1 ) {
- ber_free( ber, 1 );
- fprintf( stderr, "%s line %d: "
- "chaining behavior control encoding error!\n",
- fname, lineno );
- return 1;
- }
-
- if ( ber_flatten2( ber, &lc->lc_chaining_ctrl.ldctl_value, 0 ) == -1 ) {
- exit( EXIT_FAILURE );
- }
+ db.bd_info = lback;
+ db.be_private = (void *)lc->lc_cfg_li;
+ ldap_chain_db_destroy_one( &db );
+ lc->lc_cfg_li = NULL;
} else {
- BER_BVZERO( &lc->lc_chaining_ctrl.ldctl_value );
- }
-
- lc->lc_chaining_ctrl.ldctl_oid = LDAP_CONTROL_X_CHAINING_BEHAVIOR;
- lc->lc_chaining_ctrl.ldctl_iscritical = iscritical;
+ if ( lc->lc_cfg_li->li_bvuri == NULL
+ || BER_BVISNULL( &lc->lc_cfg_li->li_bvuri[ 0 ] )
+ || !BER_BVISNULL( &lc->lc_cfg_li->li_bvuri[ 1 ] ) )
+ {
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "no URI list allowed in slapo-chain.\n",
+ fname, lineno, 0 );
+ rc = 1;
+ goto private_destroy;
+ }
- if ( ldap_chain_parse_ctrl( &op, &rs, &lc->lc_chaining_ctrl ) != LDAP_SUCCESS )
- {
- fprintf( stderr, "%s line %d: "
- "unable to parse chaining control%s%s\n",
- fname, lineno,
- rs.sr_text ? ": " : "",
- rs.sr_text ? rs.sr_text : "" );
- return 1;
+ if ( avl_insert( &lc->lc_lai.lai_tree,
+ (caddr_t)lc->lc_cfg_li,
+ ldap_chain_uri_cmp, ldap_chain_uri_dup ) )
+ {
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "duplicate URI in slapo-chain.\n",
+ fname, lineno, 0 );
+ rc = 1;
+ goto private_destroy;
+ }
}
+ }
+ }
+
+ return rc;
+}
- lc->lc_chaining_ctrlflag = op.o_chaining;
+enum db_which {
+ db_open = 0,
+ db_close,
+ db_destroy,
- lc->lc_flags |= LDAP_CHAIN_F_CHAINING;
+ db_last
+};
- rc = 0;
- goto done;
- }
-#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- }
+typedef struct ldap_chain_db_apply_t {
+ BackendDB *be;
+ BI_db_func *func;
+} ldap_chain_db_apply_t;
- db.be_cf_ocs = lback->bi_cf_ocs;
- db.be_private = lc->lc_li;
- rc = lback->bi_db_config( &db, fname, lineno, argc, argv );
+static int
+ldap_chain_db_apply( void *datum, void *arg )
+{
+ ldapinfo_t *li = (ldapinfo_t *)datum;
+ ldap_chain_db_apply_t *lca = (ldap_chain_db_apply_t *)arg;
-done:;
- if ( argv0 ) {
- argv[ 0 ] = argv0;
- }
+ lca->be->be_private = (void *)li;
- return rc;
+ return lca->func( lca->be );
}
static int
-ldap_chain_db_init(
- BackendDB *be )
+ldap_chain_db_func(
+ BackendDB *be,
+ enum db_which which
+)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
- ldap_chain_t *lc = NULL;
- int rc;
- BackendDB bd = *be;
+ ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
- if ( lback == NULL ) {
- lback = backend_info( "ldap" );
+ int rc = 0;
- if ( lback == NULL ) {
- return -1;
- }
- }
+ if ( lc ) {
+ BI_db_func *func = (&lback->bi_db_open)[ which ];
- lc = ch_malloc( sizeof( ldap_chain_t ) );
- memset( lc, 0, sizeof( ldap_chain_t ) );
+ if ( func != NULL && lc->lc_common_li != NULL ) {
+ BackendDB db = *be;
- ldap_pvt_thread_mutex_init( &lc->lc_mutex );
+ db.bd_info = lback;
+ db.be_private = lc->lc_common_li;
- bd.be_private = NULL;
- rc = lback->bi_db_init( &bd );
- lc->lc_li = (struct ldapinfo *)bd.be_private;
- on->on_bi.bi_private = (void *)lc;
+ rc = func( &db );
+
+ if ( rc != 0 ) {
+ return rc;
+ }
+
+ if ( lc->lc_lai.lai_tree != NULL ) {
+ ldap_chain_db_apply_t lca;
+
+ lca.be = &db;
+ lca.func = func;
+
+ rc = avl_apply( lc->lc_lai.lai_tree,
+ ldap_chain_db_apply, (void *)&lca,
+ 1, AVL_INORDER ) != AVL_NOMORE;
+ }
+ }
+ }
return rc;
}
static int
ldap_chain_db_open(
- BackendDB *be
-)
+ BackendDB *be )
{
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
int rc = 0;
-#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
rc = overlay_register_control( be, LDAP_CONTROL_X_CHAINING_BEHAVIOR );
+ if ( rc != 0 ) {
+ return rc;
+ }
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
- return rc;
+ return ldap_chain_db_func( be, db_open );
+}
+
+static int
+ldap_chain_db_close(
+ BackendDB *be )
+{
+ return ldap_chain_db_func( be, db_close );
}
static int
ldap_chain_db_destroy(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
- void *private = be->be_private;
+
int rc;
- be->be_private = (void *)lc->lc_li;
- rc = lback->bi_db_destroy( be );
- ldap_pvt_thread_mutex_destroy( &lc->lc_mutex );
- ch_free( lc );
- on->on_bi.bi_private = NULL;
- be->be_private = private;
+ rc = ldap_chain_db_func( be, db_destroy );
+
+ if ( lc ) {
+ avl_free( lc->lc_lai.lai_tree, NULL );
+ ch_free( lc );
+ }
+
return rc;
}
+/*
+ * inits one instance of the slapd-ldap backend, and stores
+ * the private info in be_private of the arg
+ */
+static int
+ldap_chain_db_init_common(
+ BackendDB *be )
+{
+ BackendInfo *bi = be->bd_info;
+ int t;
+
+ be->bd_info = lback;
+ be->be_private = NULL;
+ t = lback->bi_db_init( be );
+ if ( t != 0 ) {
+ return t;
+ }
+ be->bd_info = bi;
+
+ return 0;
+}
+
+/*
+ * inits one instance of the slapd-ldap backend, stores
+ * the private info in be_private of the arg and fills
+ * selected fields with data from the template.
+ *
+ * NOTE: add checks about the other fields of the template,
+ * which are ignored and SHOULD NOT be configured by the user.
+ */
+static int
+ldap_chain_db_init_one(
+ BackendDB *be )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
+
+ BackendInfo *bi = be->bd_info;
+ ldapinfo_t *li;
+
+ int t;
+
+ be->bd_info = lback;
+ be->be_private = NULL;
+ t = lback->bi_db_init( be );
+ if ( t != 0 ) {
+ return t;
+ }
+ li = (ldapinfo_t *)be->be_private;
+
+ /* copy common data */
+ li->li_nretries = lc->lc_common_li->li_nretries;
+ li->li_flags = lc->lc_common_li->li_flags;
+ li->li_version = lc->lc_common_li->li_version;
+ for ( t = 0; t < LDAP_BACK_OP_LAST; t++ ) {
+ li->li_timeout[ t ] = lc->lc_common_li->li_timeout[ t ];
+ }
+ be->bd_info = bi;
+
+ return 0;
+}
+
+typedef struct ldap_chain_conn_apply_t {
+ BackendDB *be;
+ Connection *conn;
+} ldap_chain_conn_apply_t;
+
+static int
+ldap_chain_conn_apply( void *datum, void *arg )
+{
+ ldapinfo_t *li = (ldapinfo_t *)datum;
+ ldap_chain_conn_apply_t *lca = (ldap_chain_conn_apply_t *)arg;
+
+ lca->be->be_private = (void *)li;
+
+ return lback->bi_connection_destroy( lca->be, lca->conn );
+}
+
static int
ldap_chain_connection_destroy(
BackendDB *be,
Connection *conn
)
{
- slap_overinst *on = (slap_overinst *) be->bd_info;
- ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
- void *private = be->be_private;
- int rc;
-
- be->be_private = (void *)lc->lc_li;
- rc = lback->bi_connection_destroy( be, conn );
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ ldap_chain_t *lc = (ldap_chain_t *)on->on_bi.bi_private;
+ void *private = be->be_private;
+ ldap_chain_conn_apply_t lca;
+ int rc;
+
+ be->be_private = NULL;
+ lca.be = be;
+ lca.conn = conn;
+ ldap_pvt_thread_mutex_lock( &lc->lc_lai.lai_mutex );
+ rc = avl_apply( lc->lc_lai.lai_tree, ldap_chain_conn_apply,
+ (void *)&lca, 1, AVL_INORDER ) != AVL_NOMORE;
+ ldap_pvt_thread_mutex_unlock( &lc->lc_lai.lai_mutex );
be->be_private = private;
return rc;
@@ -1291,20 +1734,26 @@ chain_init( void )
{
int rc;
+ /* Make sure we don't exceed the bits reserved for userland */
+ config_check_userland( CH_LAST );
+
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
rc = register_supported_control( LDAP_CONTROL_X_CHAINING_BEHAVIOR,
/* SLAP_CTRL_GLOBAL| */ SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL,
ldap_chain_parse_ctrl, &sc_chainingBehavior );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "Failed to register chaining behavior control: %d\n", rc );
+ Debug( LDAP_DEBUG_ANY, "slapd-chain: "
+ "unable to register chaining behavior control: %d.\n",
+ rc, 0, 0 );
return rc;
}
#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
ldapchain.on_bi.bi_type = "chain";
ldapchain.on_bi.bi_db_init = ldap_chain_db_init;
- ldapchain.on_bi.bi_db_open = ldap_chain_db_open;
ldapchain.on_bi.bi_db_config = ldap_chain_db_config;
+ ldapchain.on_bi.bi_db_open = ldap_chain_db_open;
+ ldapchain.on_bi.bi_db_close = ldap_chain_db_close;
ldapchain.on_bi.bi_db_destroy = ldap_chain_db_destroy;
/* ... otherwise the underlying backend's function would be called,
diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c
index 64caac368a..0d0a90ed49 100644
--- a/servers/slapd/back-ldap/compare.c
+++ b/servers/slapd/back-ldap/compare.c
@@ -36,7 +36,7 @@ ldap_back_compare(
Operation *op,
SlapReply *rs )
{
- struct ldapconn *lc;
+ ldapconn_t *lc;
ber_int_t msgid;
int do_retry = 1;
LDAPControl **ctrls = NULL;
@@ -63,7 +63,7 @@ retry:
rc = ldap_back_op_result( lc, op, rs, msgid, 0, LDAP_BACK_SENDRESULT );
if ( rc == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c
index 3e5573f7bb..b3ef34d0e8 100644
--- a/servers/slapd/back-ldap/config.c
+++ b/servers/slapd/back-ldap/config.c
@@ -60,12 +60,14 @@ enum {
LDAP_BACK_CFG_T_F,
LDAP_BACK_CFG_WHOAMI,
LDAP_BACK_CFG_TIMEOUT,
- LDAP_BACK_CFG_REWRITE
+ LDAP_BACK_CFG_REWRITE,
+
+ LDAP_BACK_CFG_LAST
};
static ConfigTable ldapcfg[] = {
{ "uri", "uri", 2, 2, 0,
- ARG_STRING|ARG_MAGIC|LDAP_BACK_CFG_URI,
+ ARG_MAGIC|LDAP_BACK_CFG_URI,
ldap_back_cf_gen, "( OLcfgDbAt:0.14 "
"NAME 'olcDbURI' "
"DESC 'URI (list) for remote DSA' "
@@ -173,19 +175,19 @@ static ConfigTable ldapcfg[] = {
"X-ORDERED 'VALUES' )",
NULL, NULL },
{ "rebind-as-user", "NO|yes", 1, 2, 0,
- ARG_MAGIC|LDAP_BACK_CFG_REBIND,
+ ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_REBIND,
ldap_back_cf_gen, "( OLcfgDbAt:3.10 "
"NAME 'olcDbRebindAsUser' "
"DESC 'Rebind as user' "
- "SYNTAX OMsDirectoryString "
+ "SYNTAX OMsBoolean "
"SINGLE-VALUE )",
NULL, NULL },
{ "chase-referrals", "YES|no", 2, 2, 0,
- ARG_MAGIC|LDAP_BACK_CFG_CHASE,
+ ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_CHASE,
ldap_back_cf_gen, "( OLcfgDbAt:3.11 "
"NAME 'olcDbChaseReferrals' "
"DESC 'Chase referrals' "
- "SYNTAX OMsDirectoryString "
+ "SYNTAX OMsBoolean "
"SINGLE-VALUE )",
NULL, NULL },
{ "t-f-support", "NO|yes|discover", 2, 2, 0,
@@ -197,14 +199,14 @@ static ConfigTable ldapcfg[] = {
"SINGLE-VALUE )",
NULL, NULL },
{ "proxy-whoami", "NO|yes", 1, 2, 0,
- ARG_MAGIC|LDAP_BACK_CFG_WHOAMI,
+ ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_WHOAMI,
ldap_back_cf_gen, "( OLcfgDbAt:3.13 "
"NAME 'olcDbProxyWhoAmI' "
"DESC 'Proxy whoAmI exop' "
- "SYNTAX OMsDirectoryString "
+ "SYNTAX OMsBoolean "
"SINGLE-VALUE )",
NULL, NULL },
- { "timeout", "timeout", 0, 2, 0,
+ { "timeout", "timeout(list)", 2, 0, 0,
ARG_MAGIC|LDAP_BACK_CFG_TIMEOUT,
ldap_back_cf_gen, "( OLcfgDbAt:3.14 "
"NAME 'olcDbTimeout' "
@@ -250,14 +252,6 @@ static ConfigOCs ldapocs[] = {
{ NULL, 0, NULL }
};
-#define LDAP_BACK_C_NO (0x0U)
-#define LDAP_BACK_C_YES (0x1U)
-static slap_verbmasks yn_mode[] = {
- { BER_BVC( "yes" ), LDAP_BACK_C_YES},
- { BER_BVC( "no" ), LDAP_BACK_C_NO },
- { BER_BVNULL, 0 }
-};
-
static slap_verbmasks idassert_mode[] = {
{ BER_BVC("self"), LDAP_BACK_IDASSERT_SELF },
{ BER_BVC("anonymous"), LDAP_BACK_IDASSERT_ANONYMOUS },
@@ -271,14 +265,14 @@ static slap_verbmasks tls_mode[] = {
{ BER_BVC( "try-propagate" ), LDAP_BACK_F_PROPAGATE_TLS },
{ BER_BVC( "start" ), LDAP_BACK_F_TLS_USE_MASK },
{ BER_BVC( "try-start" ), LDAP_BACK_F_USE_TLS },
- { BER_BVC( "none" ), LDAP_BACK_C_NO },
+ { BER_BVC( "none" ), LDAP_BACK_F_NONE },
{ BER_BVNULL, 0 }
};
static slap_verbmasks t_f_mode[] = {
{ BER_BVC( "yes" ), LDAP_BACK_F_SUPPORT_T_F },
{ BER_BVC( "discover" ), LDAP_BACK_F_SUPPORT_T_F_DISCOVER },
- { BER_BVC( "no" ), LDAP_BACK_C_NO },
+ { BER_BVC( "no" ), LDAP_BACK_F_NONE },
{ BER_BVNULL, 0 }
};
@@ -293,7 +287,7 @@ static slap_cf_aux_table timeout_table[] = {
static int
ldap_back_cf_gen( ConfigArgs *c )
{
- struct ldapinfo *li = ( struct ldapinfo * )c->be->be_private;
+ ldapinfo_t *li = ( ldapinfo_t * )c->be->be_private;
int rc;
int i;
@@ -303,8 +297,11 @@ ldap_back_cf_gen( ConfigArgs *c )
switch( c->type ) {
case LDAP_BACK_CFG_URI:
- if ( li->url != NULL ) {
- c->value_string = ch_strdup( li->url );
+ if ( li->li_uri != NULL ) {
+ struct berval bv;
+
+ ber_str2bv( li->li_uri, 0, 0, &bv );
+ value_add_one( &c->rvalue_vals, &bv );
} else {
rc = 1;
@@ -312,7 +309,7 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_BACK_CFG_TLS:
- enum_to_verb( tls_mode, ( li->flags & LDAP_BACK_F_TLS_MASK ), &bv );
+ enum_to_verb( tls_mode, ( li->li_flags & LDAP_BACK_F_TLS_MASK ), &bv );
if ( BER_BVISNULL( &bv ) ) {
/* there's something wrong... */
assert( 0 );
@@ -333,7 +330,7 @@ ldap_back_cf_gen( ConfigArgs *c )
case LDAP_BACK_CFG_ACL_BIND: {
int i;
- bindconf_unparse( &li->acl_sb, &bv );
+ bindconf_unparse( &li->li_acl, &bv );
for ( i = 0; isspace( bv.bv_val[ i ] ); i++ )
/* count spaces */ ;
@@ -359,14 +356,14 @@ ldap_back_cf_gen( ConfigArgs *c )
case LDAP_BACK_CFG_IDASSERT_AUTHZFROM: {
int i;
- if ( li->idassert_authz == NULL ) {
+ if ( li->li_idassert_authz == NULL ) {
rc = 1;
break;
}
- for ( i = 0; !BER_BVISNULL( &li->idassert_authz[ i ] ); i++ )
+ for ( i = 0; !BER_BVISNULL( &li->li_idassert_authz[ i ] ); i++ )
{
- value_add_one( &c->rvalue_vals, &li->idassert_authz[ i ] );
+ value_add_one( &c->rvalue_vals, &li->li_idassert_authz[ i ] );
}
break;
}
@@ -376,10 +373,10 @@ ldap_back_cf_gen( ConfigArgs *c )
struct berval bc = BER_BVNULL;
char *ptr;
- if ( li->idassert_authmethod != LDAP_AUTH_NONE ) {
+ if ( li->li_idassert_authmethod != LDAP_AUTH_NONE ) {
ber_len_t len;
- switch ( li->idassert_mode ) {
+ switch ( li->li_idassert_mode ) {
case LDAP_BACK_IDASSERT_OTHERID:
case LDAP_BACK_IDASSERT_OTHERDN:
break;
@@ -387,7 +384,7 @@ ldap_back_cf_gen( ConfigArgs *c )
default: {
struct berval mode = BER_BVNULL;
- enum_to_verb( idassert_mode, li->idassert_mode, &mode );
+ enum_to_verb( idassert_mode, li->li_idassert_mode, &mode );
if ( BER_BVISNULL( &mode ) ) {
/* there's something wrong... */
assert( 0 );
@@ -404,7 +401,7 @@ ldap_back_cf_gen( ConfigArgs *c )
}
}
- if ( li->idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ ) {
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_NATIVE_AUTHZ ) {
len = bv.bv_len + STRLENOF( "authz=native" );
if ( !BER_BVISEMPTY( &bv ) ) {
@@ -438,13 +435,13 @@ ldap_back_cf_gen( ConfigArgs *c )
ptr = lutil_strcopy( ptr, "flags=" );
- if ( li->idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) {
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) {
ptr = lutil_strcopy( ptr, "prescriptive" );
} else {
ptr = lutil_strcopy( ptr, "non-prescriptive" );
}
- if ( li->idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) {
+ if ( li->li_idassert_flags & LDAP_BACK_AUTH_OVERRIDE ) {
ptr = lutil_strcopy( ptr, ",override" );
}
@@ -452,7 +449,7 @@ ldap_back_cf_gen( ConfigArgs *c )
/* end-of-flags */
}
- bindconf_unparse( &li->idassert_sb, &bc );
+ bindconf_unparse( &li->li_idassert, &bc );
if ( !BER_BVISNULL( &bv ) ) {
ber_len_t len = bv.bv_len + bc.bv_len;
@@ -483,31 +480,15 @@ ldap_back_cf_gen( ConfigArgs *c )
}
case LDAP_BACK_CFG_REBIND:
- enum_to_verb( yn_mode, ( ( li->flags & LDAP_BACK_F_SAVECRED ) == LDAP_BACK_F_SAVECRED ), &bv );
- if ( BER_BVISNULL( &bv ) ) {
- /* there's something wrong... */
- assert( 0 );
- rc = 1;
-
- } else {
- value_add_one( &c->rvalue_vals, &bv );
- }
+ c->value_int = LDAP_BACK_SAVECRED( li );
break;
case LDAP_BACK_CFG_CHASE:
- enum_to_verb( yn_mode, ( ( li->flags & LDAP_BACK_F_CHASE_REFERRALS ) == LDAP_BACK_F_CHASE_REFERRALS ), &bv );
- if ( BER_BVISNULL( &bv ) ) {
- /* there's something wrong... */
- assert( 0 );
- rc = 1;
-
- } else {
- value_add_one( &c->rvalue_vals, &bv );
- }
+ c->value_int = LDAP_BACK_CHASE_REFERRALS( li );
break;
case LDAP_BACK_CFG_T_F:
- enum_to_verb( t_f_mode, ( ( li->flags & LDAP_BACK_F_SUPPORT_T_F_MASK ) == LDAP_BACK_F_SUPPORT_T_F_MASK ), &bv );
+ enum_to_verb( t_f_mode, (li->li_flags & LDAP_BACK_F_SUPPORT_T_F_MASK), &bv );
if ( BER_BVISNULL( &bv ) ) {
/* there's something wrong... */
assert( 0 );
@@ -519,21 +500,13 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_BACK_CFG_WHOAMI:
- enum_to_verb( yn_mode, ( ( li->flags & LDAP_BACK_F_PROXY_WHOAMI ) == LDAP_BACK_F_PROXY_WHOAMI ), &bv );
- if ( BER_BVISNULL( &bv ) ) {
- /* there's something wrong... */
- assert( 0 );
- rc = 1;
-
- } else {
- value_add_one( &c->rvalue_vals, &bv );
- }
+ c->value_int = LDAP_BACK_PROXY_WHOAMI( li );
break;
case LDAP_BACK_CFG_TIMEOUT:
BER_BVZERO( &bv );
- slap_cf_aux_table_unparse( li->timeout, &bv, timeout_table );
+ slap_cf_aux_table_unparse( li->li_timeout, &bv, timeout_table );
if ( !BER_BVISNULL( &bv ) ) {
for ( i = 0; isspace( bv.bv_val[ i ] ); i++ )
@@ -560,21 +533,22 @@ ldap_back_cf_gen( ConfigArgs *c )
rc = 0;
switch( c->type ) {
case LDAP_BACK_CFG_URI:
- if ( li->url != NULL ) {
- ch_free( li->url );
- li->url = NULL;
- }
+ if ( li->li_uri != NULL ) {
+ ch_free( li->li_uri );
+ li->li_uri = NULL;
- if ( li->lud != NULL ) {
- ldap_free_urllist( li->lud );
- li->lud = NULL;
+ assert( li->li_bvuri != NULL );
+ ber_bvarray_free( li->li_bvuri );
+ li->li_bvuri = NULL;
}
-
+
/* better cleanup the cached connections... */
/* NOTE: don't worry about locking: if we got here,
* other threads are suspended. */
- avl_free( li->conntree, ldap_back_conn_free );
- li->conntree = NULL;
+ if ( li->li_conninfo.lai_tree != NULL ) {
+ avl_free( li->li_conninfo.lai_tree, ldap_back_conn_free );
+ li->li_conninfo.lai_tree = NULL;
+ }
break;
@@ -590,7 +564,7 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_BACK_CFG_ACL_BIND:
- bindconf_free( &li->acl_sb );
+ bindconf_free( &li->li_acl );
break;
case LDAP_BACK_CFG_IDASSERT_MODE:
@@ -602,14 +576,14 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_BACK_CFG_IDASSERT_AUTHZFROM:
- if ( li->idassert_authz != NULL ) {
- ber_bvarray_free( li->idassert_authz );
- li->idassert_authz = NULL;
+ if ( li->li_idassert_authz != NULL ) {
+ ber_bvarray_free( li->li_idassert_authz );
+ li->li_idassert_authz = NULL;
}
break;
case LDAP_BACK_CFG_IDASSERT_BIND:
- bindconf_free( &li->idassert_sb );
+ bindconf_free( &li->li_idassert );
break;
case LDAP_BACK_CFG_REBIND:
@@ -621,7 +595,7 @@ ldap_back_cf_gen( ConfigArgs *c )
case LDAP_BACK_CFG_TIMEOUT:
for ( i = 0; i < LDAP_BACK_OP_LAST; i++ ) {
- li->timeout[ i ] = 0;
+ li->li_timeout[ i ] = 0;
}
break;
@@ -636,11 +610,9 @@ ldap_back_cf_gen( ConfigArgs *c )
switch( c->type ) {
case LDAP_BACK_CFG_URI: {
- LDAPURLDesc *tmpludp;
-#if 0
- char **urllist;
-#endif
- int urlrc, i;
+ LDAPURLDesc *tmpludp, *lud;
+ char **urllist = NULL;
+ int urlrc = LDAP_URL_SUCCESS, i;
if ( c->argc != 2 ) {
fprintf( stderr, "%s: line %d: "
@@ -650,20 +622,17 @@ ldap_back_cf_gen( ConfigArgs *c )
return 1;
}
- if ( li->url != NULL ) {
- ch_free( li->url );
- }
+ if ( li->li_uri != NULL ) {
+ ch_free( li->li_uri );
+ li->li_uri = NULL;
- if ( li->lud != NULL ) {
- ldap_free_urllist( li->lud );
+ assert( li->li_bvuri != NULL );
+ ber_bvarray_free( li->li_bvuri );
+ li->li_bvuri = NULL;
}
-#if 0
/* PARANOID: DN and more are not required nor allowed */
- urlrc = ldap_url_parselist_ext( &li->lud, c->value_string, "\t" );
-#else
- urlrc = ldap_url_parselist( &li->lud, c->value_string );
-#endif
+ urlrc = ldap_url_parselist_ext( &lud, c->argv[ 1 ], ", \t" );
if ( urlrc != LDAP_URL_SUCCESS ) {
char *why;
@@ -682,6 +651,7 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_URL_ERR_BADURL:
why = "URL is bad";
+ break;
case LDAP_URL_ERR_BADHOST:
why = "host/port is bad";
break;
@@ -705,10 +675,11 @@ ldap_back_cf_gen( ConfigArgs *c )
"unable to parse uri \"%s\" "
"in \"uri <uri>\" line: %s\n",
c->fname, c->lineno, c->value_string, why );
- return 1;
+ urlrc = 1;
+ goto done_url;
}
- for ( i = 0, tmpludp = li->lud;
+ for ( i = 0, tmpludp = lud;
tmpludp;
i++, tmpludp = tmpludp->lud_next )
{
@@ -728,20 +699,18 @@ ldap_back_cf_gen( ConfigArgs *c )
}
}
-#if 0
- for ( i = 0, tmpludp = li->lud;
+ for ( i = 0, tmpludp = lud;
tmpludp;
i++, tmpludp = tmpludp->lud_next )
/* just count */
;
urllist = ch_calloc( sizeof( char * ), i + 1 );
- for ( i = 0, tmpludp = li->lud;
+ for ( i = 0, tmpludp = lud;
tmpludp;
i++, tmpludp = tmpludp->lud_next )
{
LDAPURLDesc tmplud;
- ber_len_t oldlen = 0, len;
tmplud = *tmpludp;
tmplud.lud_dn = "";
@@ -759,17 +728,33 @@ ldap_back_cf_gen( ConfigArgs *c )
"unable to rebuild uri "
"in \"uri <uri>\" statement "
"for \"%s\"\n",
- c->fname, c->lineno, argv[ 1 ] );
- return 1;
+ c->fname, c->lineno, c->argv[ 1 ] );
+ urlrc = 1;
+ goto done_url;
}
}
- li->url = ldap_charray2str( urllist, " " );
- ldap_charray_free( urllist );
-#else
- li->url = c->value_string;
- c->value_string = NULL;
-#endif
+ li->li_uri = ldap_charray2str( urllist, " " );
+ for ( i = 0; urllist[ i ] != NULL; i++ ) {
+ struct berval bv;
+
+ ber_str2bv( urllist[ i ], 0, 0, &bv );
+ ber_bvarray_add( &li->li_bvuri, &bv );
+ urllist[ i ] = NULL;
+ }
+ ldap_memfree( urllist );
+ urllist = NULL;
+
+done_url:;
+ if ( urllist ) {
+ ldap_charray_free( urllist );
+ }
+ if ( lud ) {
+ ldap_free_urllist( lud );
+ }
+ if ( urlrc != LDAP_URL_SUCCESS ) {
+ return 1;
+ }
break;
}
@@ -778,14 +763,14 @@ ldap_back_cf_gen( ConfigArgs *c )
if ( BER_BVISNULL( &tls_mode[i].word ) ) {
return 1;
}
- li->flags &= ~LDAP_BACK_F_TLS_MASK;
- li->flags |= tls_mode[i].mask;
+ li->li_flags &= ~LDAP_BACK_F_TLS_MASK;
+ li->li_flags |= tls_mode[i].mask;
break;
case LDAP_BACK_CFG_ACL_AUTHCDN:
- switch ( li->acl_authmethod ) {
+ switch ( li->li_acl_authmethod ) {
case LDAP_AUTH_NONE:
- li->acl_authmethod = LDAP_AUTH_SIMPLE;
+ li->li_acl_authmethod = LDAP_AUTH_SIMPLE;
break;
case LDAP_AUTH_SIMPLE:
@@ -795,22 +780,22 @@ ldap_back_cf_gen( ConfigArgs *c )
fprintf( stderr, "%s: line %d: "
"\"acl-authcDN <DN>\" incompatible "
"with auth method %d.",
- c->fname, c->lineno, li->acl_authmethod );
+ c->fname, c->lineno, li->li_acl_authmethod );
return 1;
}
- if ( !BER_BVISNULL( &li->acl_authcDN ) ) {
- free( li->acl_authcDN.bv_val );
+ if ( !BER_BVISNULL( &li->li_acl_authcDN ) ) {
+ free( li->li_acl_authcDN.bv_val );
}
ber_memfree_x( c->value_dn.bv_val, NULL );
- li->acl_authcDN = c->value_ndn;
+ li->li_acl_authcDN = c->value_ndn;
BER_BVZERO( &c->value_dn );
BER_BVZERO( &c->value_ndn );
break;
case LDAP_BACK_CFG_ACL_PASSWD:
- switch ( li->acl_authmethod ) {
+ switch ( li->li_acl_authmethod ) {
case LDAP_AUTH_NONE:
- li->acl_authmethod = LDAP_AUTH_SIMPLE;
+ li->li_acl_authmethod = LDAP_AUTH_SIMPLE;
break;
case LDAP_AUTH_SIMPLE:
@@ -820,19 +805,19 @@ ldap_back_cf_gen( ConfigArgs *c )
fprintf( stderr, "%s: line %d: "
"\"acl-passwd <cred>\" incompatible "
"with auth method %d.",
- c->fname, c->lineno, li->acl_authmethod );
+ c->fname, c->lineno, li->li_acl_authmethod );
return 1;
}
- if ( !BER_BVISNULL( &li->acl_passwd ) ) {
- free( li->acl_passwd.bv_val );
+ if ( !BER_BVISNULL( &li->li_acl_passwd ) ) {
+ free( li->li_acl_passwd.bv_val );
}
- ber_str2bv( c->argv[ 1 ], 0, 1, &li->acl_passwd );
+ ber_str2bv( c->argv[ 1 ], 0, 1, &li->li_acl_passwd );
break;
case LDAP_BACK_CFG_ACL_METHOD:
case LDAP_BACK_CFG_ACL_BIND:
for ( i = 1; i < c->argc; i++ ) {
- if ( bindconf_parse( c->argv[ i ], &li->acl_sb ) ) {
+ if ( bindconf_parse( c->argv[ i ], &li->li_acl ) ) {
return 1;
}
}
@@ -842,9 +827,9 @@ ldap_back_cf_gen( ConfigArgs *c )
i = verb_to_mask( c->argv[1], idassert_mode );
if ( BER_BVISNULL( &idassert_mode[i].word ) ) {
if ( strncasecmp( c->argv[1], "u:", STRLENOF( "u:" ) ) == 0 ) {
- li->idassert_mode = LDAP_BACK_IDASSERT_OTHERID;
- ber_str2bv( c->argv[1], 0, 1, &li->idassert_authzID );
- li->idassert_authzID.bv_val[ 0 ] = 'u';
+ li->li_idassert_mode = LDAP_BACK_IDASSERT_OTHERID;
+ ber_str2bv( c->argv[1], 0, 1, &li->li_idassert_authzID );
+ li->li_idassert_authzID.bv_val[ 0 ] = 'u';
} else {
struct berval id, ndn;
@@ -864,17 +849,17 @@ ldap_back_cf_gen( ConfigArgs *c )
return 1;
}
- li->idassert_authzID.bv_len = STRLENOF( "dn:" ) + ndn.bv_len;
- li->idassert_authzID.bv_val = ch_malloc( li->idassert_authzID.bv_len + 1 );
- AC_MEMCPY( li->idassert_authzID.bv_val, "dn:", STRLENOF( "dn:" ) );
- AC_MEMCPY( &li->idassert_authzID.bv_val[ STRLENOF( "dn:" ) ], ndn.bv_val, ndn.bv_len + 1 );
+ li->li_idassert_authzID.bv_len = STRLENOF( "dn:" ) + ndn.bv_len;
+ li->li_idassert_authzID.bv_val = ch_malloc( li->li_idassert_authzID.bv_len + 1 );
+ AC_MEMCPY( li->li_idassert_authzID.bv_val, "dn:", STRLENOF( "dn:" ) );
+ AC_MEMCPY( &li->li_idassert_authzID.bv_val[ STRLENOF( "dn:" ) ], ndn.bv_val, ndn.bv_len + 1 );
ch_free( ndn.bv_val );
- li->idassert_mode = LDAP_BACK_IDASSERT_OTHERDN;
+ li->li_idassert_mode = LDAP_BACK_IDASSERT_OTHERDN;
}
} else {
- li->idassert_mode = idassert_mode[i].mask;
+ li->li_idassert_mode = idassert_mode[i].mask;
}
if ( c->argc > 2 ) {
@@ -882,13 +867,13 @@ ldap_back_cf_gen( ConfigArgs *c )
for ( i = 2; i < c->argc; i++ ) {
if ( strcasecmp( c->argv[ i ], "override" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_OVERRIDE;
+ li->li_idassert_flags |= LDAP_BACK_AUTH_OVERRIDE;
} else if ( strcasecmp( c->argv[ i ], "prescriptive" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_PRESCRIPTIVE;
+ li->li_idassert_flags |= LDAP_BACK_AUTH_PRESCRIPTIVE;
} else if ( strcasecmp( c->argv[ i ], "non-prescriptive" ) == 0 ) {
- li->idassert_flags &= ( ~LDAP_BACK_AUTH_PRESCRIPTIVE );
+ li->li_idassert_flags &= ( ~LDAP_BACK_AUTH_PRESCRIPTIVE );
} else {
Debug( LDAP_DEBUG_ANY,
@@ -903,9 +888,9 @@ ldap_back_cf_gen( ConfigArgs *c )
break;
case LDAP_BACK_CFG_IDASSERT_AUTHCDN:
- switch ( li->idassert_authmethod ) {
+ switch ( li->li_idassert_authmethod ) {
case LDAP_AUTH_NONE:
- li->idassert_authmethod = LDAP_AUTH_SIMPLE;
+ li->li_idassert_authmethod = LDAP_AUTH_SIMPLE;
break;
case LDAP_AUTH_SIMPLE:
@@ -915,22 +900,22 @@ ldap_back_cf_gen( ConfigArgs *c )
fprintf( stderr, "%s: line %d: "
"\"idassert-authcDN <DN>\" incompatible "
"with auth method %d.",
- c->fname, c->lineno, li->idassert_authmethod );
+ c->fname, c->lineno, li->li_idassert_authmethod );
return 1;
}
- if ( !BER_BVISNULL( &li->idassert_authcDN ) ) {
- free( li->idassert_authcDN.bv_val );
+ if ( !BER_BVISNULL( &li->li_idassert_authcDN ) ) {
+ free( li->li_idassert_authcDN.bv_val );
}
ber_memfree_x( c->value_dn.bv_val, NULL );
- li->idassert_authcDN = c->value_ndn;
+ li->li_idassert_authcDN = c->value_ndn;
BER_BVZERO( &c->value_dn );
BER_BVZERO( &c->value_ndn );
break;
case LDAP_BACK_CFG_IDASSERT_PASSWD:
- switch ( li->idassert_authmethod ) {
+ switch ( li->li_idassert_authmethod ) {
case LDAP_AUTH_NONE:
- li->idassert_authmethod = LDAP_AUTH_SIMPLE;
+ li->li_idassert_authmethod = LDAP_AUTH_SIMPLE;
break;
case LDAP_AUTH_SIMPLE:
@@ -940,13 +925,13 @@ ldap_back_cf_gen( ConfigArgs *c )
fprintf( stderr, "%s: line %d: "
"\"idassert-passwd <cred>\" incompatible "
"with auth method %d.",
- c->fname, c->lineno, li->idassert_authmethod );
+ c->fname, c->lineno, li->li_idassert_authmethod );
return 1;
}
- if ( !BER_BVISNULL( &li->idassert_passwd ) ) {
- free( li->idassert_passwd.bv_val );
+ if ( !BER_BVISNULL( &li->li_idassert_passwd ) ) {
+ free( li->li_idassert_passwd.bv_val );
}
- ber_str2bv( c->argv[ 1 ], 0, 1, &li->idassert_passwd );
+ ber_str2bv( c->argv[ 1 ], 0, 1, &li->li_idassert_passwd );
break;
case LDAP_BACK_CFG_IDASSERT_AUTHZFROM: {
@@ -967,7 +952,7 @@ ldap_back_cf_gen( ConfigArgs *c )
#else /* !SLAP_AUTHZ_SYNTAX */
ber_str2bv( c->argv[ 1 ], 0, 1, &bv );
#endif /* !SLAP_AUTHZ_SYNTAX */
- ber_bvarray_add( &li->idassert_authz, &bv );
+ ber_bvarray_add( &li->li_idassert_authz, &bv );
} break;
case LDAP_BACK_CFG_IDASSERT_METHOD:
@@ -993,13 +978,13 @@ ldap_back_cf_gen( ConfigArgs *c )
return 1;
}
- li->idassert_mode = idassert_mode[ j ].mask;
+ li->li_idassert_mode = idassert_mode[ j ].mask;
} else if ( strncasecmp( c->argv[ i ], "authz=", STRLENOF( "authz=" ) ) == 0 ) {
char *argvi = c->argv[ i ] + STRLENOF( "authz=" );
if ( strcasecmp( argvi, "native" ) == 0 ) {
- if ( li->idassert_authmethod != LDAP_AUTH_SASL ) {
+ if ( li->li_idassert_authmethod != LDAP_AUTH_SASL ) {
fprintf( stderr, "%s: %d: "
"\"idassert-bind <args>\": "
"authz=\"native\" incompatible "
@@ -1007,10 +992,10 @@ ldap_back_cf_gen( ConfigArgs *c )
c->fname, c->lineno );
return 1;
}
- li->idassert_flags |= LDAP_BACK_AUTH_NATIVE_AUTHZ;
+ li->li_idassert_flags |= LDAP_BACK_AUTH_NATIVE_AUTHZ;
} else if ( strcasecmp( argvi, "proxyAuthz" ) == 0 ) {
- li->idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
+ li->li_idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
} else {
fprintf( stderr, "%s: %d: "
@@ -1035,13 +1020,13 @@ ldap_back_cf_gen( ConfigArgs *c )
for ( j = 0; flags[ j ] != NULL; j++ ) {
if ( strcasecmp( flags[ j ], "override" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_OVERRIDE;
+ li->li_idassert_flags |= LDAP_BACK_AUTH_OVERRIDE;
} else if ( strcasecmp( flags[ j ], "prescriptive" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_PRESCRIPTIVE;
+ li->li_idassert_flags |= LDAP_BACK_AUTH_PRESCRIPTIVE;
} else if ( strcasecmp( flags[ j ], "non-prescriptive" ) == 0 ) {
- li->idassert_flags &= ( ~LDAP_BACK_AUTH_PRESCRIPTIVE );
+ li->li_idassert_flags &= ( ~LDAP_BACK_AUTH_PRESCRIPTIVE );
} else {
fprintf( stderr, "%s: %d: "
@@ -1054,98 +1039,49 @@ ldap_back_cf_gen( ConfigArgs *c )
ldap_charray_free( flags );
- } else if ( bindconf_parse( c->argv[ i ], &li->idassert_sb ) ) {
+ } else if ( bindconf_parse( c->argv[ i ], &li->li_idassert ) ) {
return 1;
}
}
break;
- case LDAP_BACK_CFG_REBIND: {
- int dorebind = 0;
-
- if ( c->argc == 1 ) {
- /* legacy */
- dorebind = 1;
-
- } else {
- i = verb_to_mask( c->argv[1], yn_mode );
- if ( BER_BVISNULL( &yn_mode[i].word ) ) {
- return 1;
- }
- if ( yn_mode[i].mask & LDAP_BACK_C_YES ) {
- dorebind = 1;
- }
- }
-
- if ( dorebind ) {
- li->flags |= LDAP_BACK_F_SAVECRED;
-
- } else {
- li->flags &= ~LDAP_BACK_F_SAVECRED;
- }
- } break;
-
- case LDAP_BACK_CFG_CHASE: {
- int dochase = 0;
-
- if ( c->argc == 1 ) {
- /* legacy */
- dochase = 1;
+ case LDAP_BACK_CFG_REBIND:
+ if ( c->argc == 1 || c->value_int ) {
+ li->li_flags |= LDAP_BACK_F_SAVECRED;
} else {
- i = verb_to_mask( c->argv[1], yn_mode );
- if ( BER_BVISNULL( &yn_mode[i].word ) ) {
- return 1;
- }
- if ( yn_mode[i].mask & LDAP_BACK_C_YES ) {
- dochase = 1;
- }
+ li->li_flags &= ~LDAP_BACK_F_SAVECRED;
}
+ break;
- if ( dochase ) {
- li->flags |= LDAP_BACK_F_CHASE_REFERRALS;
+ case LDAP_BACK_CFG_CHASE:
+ if ( c->argc == 1 || c->value_int ) {
+ li->li_flags |= LDAP_BACK_F_CHASE_REFERRALS;
} else {
- li->flags &= ~LDAP_BACK_F_CHASE_REFERRALS;
+ li->li_flags &= ~LDAP_BACK_F_CHASE_REFERRALS;
}
- } break;
+ break;
case LDAP_BACK_CFG_T_F:
i = verb_to_mask( c->argv[1], t_f_mode );
if ( BER_BVISNULL( &t_f_mode[i].word ) ) {
return 1;
}
- li->flags &= ~LDAP_BACK_F_SUPPORT_T_F_MASK;
- li->flags |= t_f_mode[i].mask;
+ li->li_flags &= ~LDAP_BACK_F_SUPPORT_T_F_MASK;
+ li->li_flags |= t_f_mode[i].mask;
break;
- case LDAP_BACK_CFG_WHOAMI: {
- int dowhoami = 0;
-
- if ( c->argc == 1 ) {
- /* legacy */
- dowhoami = 1;
-
- } else {
- i = verb_to_mask( c->argv[1], yn_mode );
- if ( BER_BVISNULL( &yn_mode[i].word ) ) {
- return 1;
- }
- if ( yn_mode[i].mask & LDAP_BACK_C_YES ) {
- dowhoami = 1;
- }
- }
-
- if ( dowhoami ) {
- li->flags |= LDAP_BACK_F_PROXY_WHOAMI;
-
+ case LDAP_BACK_CFG_WHOAMI:
+ if ( c->argc == 1 || c->value_int ) {
+ li->li_flags |= LDAP_BACK_F_PROXY_WHOAMI;
load_extop( (struct berval *)&slap_EXOP_WHOAMI,
0, ldap_back_exop_whoami );
} else {
- li->flags &= ~LDAP_BACK_F_PROXY_WHOAMI;
+ li->li_flags &= ~LDAP_BACK_F_PROXY_WHOAMI;
}
- } break;
+ break;
case LDAP_BACK_CFG_TIMEOUT:
if ( c->argc < 2 ) {
@@ -1154,23 +1090,21 @@ ldap_back_cf_gen( ConfigArgs *c )
for ( i = 1; i < c->argc; i++ ) {
if ( isdigit( c->argv[ i ][ 0 ] ) ) {
- char *next;
int j;
unsigned u;
- u = strtoul( c->argv[ i ], &next, 0 );
- if ( next == c->argv[ i ] || next[ 0 ] != '\0' ) {
+ if ( lutil_atoux( &u, c->argv[ i ], 0 ) != 0 ) {
return 1;
}
for ( j = 0; j < LDAP_BACK_OP_LAST; j++ ) {
- li->timeout[ j ] = u;
+ li->li_timeout[ j ] = u;
}
continue;
}
- if ( slap_cf_aux_table_parse( c->argv[ i ], li->timeout, timeout_table, "slapd-ldap timeout" ) ) {
+ if ( slap_cf_aux_table_parse( c->argv[ i ], li->li_timeout, timeout_table, "slapd-ldap timeout" ) ) {
return 1;
}
}
@@ -1201,6 +1135,9 @@ ldap_back_init_cf( BackendInfo *bi )
AttributeDescription *ad = NULL;
const char *text;
+ /* Make sure we don't exceed the bits reserved for userland */
+ config_check_userland( LDAP_BACK_CFG_LAST );
+
bi->bi_cf_ocs = ldapocs;
rc = config_register_schema( ldapcfg, ldapocs );
@@ -1238,400 +1175,6 @@ ldap_back_init_cf( BackendInfo *bi )
}
-static int
-parse_idassert( BackendDB *be, const char *fname, int lineno,
- int argc, char **argv );
-
-static int
-parse_acl_auth( BackendDB *be, const char *fname, int lineno,
- int argc, char **argv );
-
-int
-ldap_back_db_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv )
-{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
-
- if ( li == NULL ) {
- fprintf( stderr, "%s: line %d: ldap backend info is null!\n",
- fname, lineno );
- return 1;
- }
-
- /* server address to query (no longer supported, use "uri" directive) */
- if ( strcasecmp( argv[0], "server" ) == 0 ) {
- fprintf( stderr,
- "%s: line %d: \"server <address>\" directive is no longer supported.\n",
- fname, lineno );
- return 1;
-
- /* URI of server to query (obsoletes "server" directive) */
- } else if ( strcasecmp( argv[0], "uri" ) == 0 ) {
- LDAPURLDesc *tmpludp;
-#if 0
- char **urllist;
-#endif
- int urlrc, i;
-
- if ( argc != 2 ) {
- fprintf( stderr, "%s: line %d: "
- "missing uri "
- "in \"uri <uri>\" line\n",
- fname, lineno );
- return 1;
- }
- if ( li->url != NULL ) {
- ch_free( li->url );
- }
- if ( li->lud != NULL ) {
- ldap_free_urllist( li->lud );
- }
-
-#if 0
- /* PARANOID: DN and more are not required nor allowed */
- urlrc = ldap_url_parselist_ext( &li->lud, argv[ 1 ], "\t" );
-#else
- urlrc = ldap_url_parselist( &li->lud, argv[ 1 ] );
-#endif
- if ( urlrc != LDAP_URL_SUCCESS ) {
- char *why;
-
- switch ( urlrc ) {
- case LDAP_URL_ERR_MEM:
- why = "no memory";
- break;
- case LDAP_URL_ERR_PARAM:
- why = "parameter is bad";
- break;
- case LDAP_URL_ERR_BADSCHEME:
- why = "URL doesn't begin with \"[c]ldap[si]://\"";
- break;
- case LDAP_URL_ERR_BADENCLOSURE:
- why = "URL is missing trailing \">\"";
- break;
- case LDAP_URL_ERR_BADURL:
- why = "URL is bad";
- case LDAP_URL_ERR_BADHOST:
- why = "host/port is bad";
- break;
- case LDAP_URL_ERR_BADATTRS:
- why = "bad (or missing) attributes";
- break;
- case LDAP_URL_ERR_BADSCOPE:
- why = "scope string is invalid (or missing)";
- break;
- case LDAP_URL_ERR_BADFILTER:
- why = "bad or missing filter";
- break;
- case LDAP_URL_ERR_BADEXTS:
- why = "bad or missing extensions";
- break;
- default:
- why = "unknown reason";
- break;
- }
- fprintf( stderr, "%s: line %d: "
- "unable to parse uri \"%s\" "
- "in \"uri <uri>\" line: %s\n",
- fname, lineno, argv[ 1 ], why );
- return 1;
- }
-
- for ( i = 0, tmpludp = li->lud;
- tmpludp;
- i++, tmpludp = tmpludp->lud_next )
- {
- if ( ( tmpludp->lud_dn != NULL
- && tmpludp->lud_dn[0] != '\0' )
- || tmpludp->lud_attrs != NULL
- /* || tmpludp->lud_scope != LDAP_SCOPE_DEFAULT */
- || tmpludp->lud_filter != NULL
- || tmpludp->lud_exts != NULL )
- {
- fprintf( stderr, "%s: line %d: "
- "warning, only protocol, "
- "host and port allowed "
- "in \"uri <uri>\" statement "
- "for uri #%d of \"%s\"\n",
- fname, lineno, i, argv[1] );
- }
- }
-
-#if 0
- for ( i = 0, tmpludp = li->lud;
- tmpludp;
- i++, tmpludp = tmpludp->lud_next )
- /* just count */
- ;
- urllist = ch_calloc( sizeof( char * ), i + 1 );
-
- for ( i = 0, tmpludp = li->lud;
- tmpludp;
- i++, tmpludp = tmpludp->lud_next )
- {
- LDAPURLDesc tmplud;
- ber_len_t oldlen = 0, len;
-
- tmplud = *tmpludp;
- tmplud.lud_dn = "";
- tmplud.lud_attrs = NULL;
- tmplud.lud_filter = NULL;
- if ( !ldap_is_ldapi_url( tmplud.lud_scheme ) ) {
- tmplud.lud_exts = NULL;
- tmplud.lud_crit_exts = 0;
- }
-
- urllist[ i ] = ldap_url_desc2str( &tmplud );
-
- if ( urllist[ i ] == NULL ) {
- fprintf( stderr, "%s: line %d: "
- "unable to rebuild uri "
- "in \"uri <uri>\" statement "
- "for \"%s\"\n",
- fname, lineno, argv[ 1 ] );
- return 1;
- }
- }
-
- li->url = ldap_charray2str( urllist, " " );
- ldap_charray_free( urllist );
-#else
- li->url = ch_strdup( argv[ 1 ] );
-#endif
-
- } else if ( strcasecmp( argv[0], "tls" ) == 0 ) {
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: \"tls <what>\" needs 1 argument.\n",
- fname, lineno );
- return( 1 );
- }
-
- /* none */
- if ( strcasecmp( argv[1], "none" ) == 0 ) {
- li->flags &= ~LDAP_BACK_F_TLS_MASK;
-
- /* try start tls */
- } else if ( strcasecmp( argv[1], "start" ) == 0 ) {
- li->flags |= LDAP_BACK_F_TLS_USE_MASK;
-
- /* try start tls */
- } else if ( strcasecmp( argv[1], "try-start" ) == 0 ) {
- li->flags &= ~LDAP_BACK_F_TLS_CRITICAL;
- li->flags |= LDAP_BACK_F_USE_TLS;
-
- /* propagate start tls */
- } else if ( strcasecmp( argv[1], "propagate" ) == 0 ) {
- li->flags |= LDAP_BACK_F_TLS_PROPAGATE_MASK;
-
- /* try start tls */
- } else if ( strcasecmp( argv[1], "try-propagate" ) == 0 ) {
- li->flags &= ~LDAP_BACK_F_TLS_CRITICAL;
- li->flags |= LDAP_BACK_F_PROPAGATE_TLS;
-
- } else {
- fprintf( stderr,
- "%s: line %d: \"tls <what>\": unknown argument \"%s\".\n",
- fname, lineno, argv[1] );
- return( 1 );
- }
-
- /* remote ACL stuff... */
- } else if ( strncasecmp( argv[0], "acl-", STRLENOF( "acl-" ) ) == 0
- || strncasecmp( argv[0], "bind", STRLENOF( "bind" ) ) == 0 )
- {
- /* NOTE: "bind{DN,pw}" was initially used; it's now
- * deprected and undocumented, it can be dropped at some
- * point, since nobody should be really using it */
- return parse_acl_auth( be, fname, lineno, argc, argv );
-
- /* identity assertion stuff... */
- } else if ( strncasecmp( argv[0], "idassert-", STRLENOF( "idassert-" ) ) == 0
- || strncasecmp( argv[0], "proxyauthz", STRLENOF( "proxyauthz" ) ) == 0 )
- {
- /* NOTE: "proxyauthz{DN,pw}" was initially used; it's now
- * deprected and undocumented, it can be dropped at some
- * point, since nobody should be really using it */
- return parse_idassert( be, fname, lineno, argc, argv );
-
- /* save bind creds for referral rebinds? */
- } else if ( strcasecmp( argv[0], "rebind-as-user" ) == 0 ) {
- switch ( argc ) {
- case 1:
- fprintf( stderr,
- "%s: line %d: \"rebind-as-user {NO|yes}\": use without args is deprecated.\n",
- fname, lineno );
-
- li->flags |= LDAP_BACK_F_SAVECRED;
- break;
-
- case 2:
- if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
- li->flags |= LDAP_BACK_F_SAVECRED;
-
- } else if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
- li->flags &= ~LDAP_BACK_F_SAVECRED;
-
- } else {
- fprintf( stderr,
- "%s: line %d: \"rebind-as-user {NO|yes}\": unknown argument \"%s\".\n",
- fname, lineno, argv[ 1 ] );
- return( 1 );
- }
- break;
-
- default:
- fprintf( stderr,
- "%s: line %d: \"rebind-as-user {NO|yes}\" needs 1 argument.\n",
- fname, lineno );
- return( 1 );
- }
-
- } else if ( strcasecmp( argv[0], "chase-referrals" ) == 0 ) {
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: \"chase-referrals {YES|no}\" needs 1 argument.\n",
- fname, lineno );
- return( 1 );
- }
-
- /* this is the default; we add it because the default might change... */
- if ( strcasecmp( argv[1], "yes" ) == 0 ) {
- li->flags |= LDAP_BACK_F_CHASE_REFERRALS;
-
- } else if ( strcasecmp( argv[1], "no" ) == 0 ) {
- li->flags &= ~LDAP_BACK_F_CHASE_REFERRALS;
-
- } else {
- fprintf( stderr,
- "%s: line %d: \"chase-referrals {YES|no}\": unknown argument \"%s\".\n",
- fname, lineno, argv[1] );
- return( 1 );
- }
-
- } else if ( strcasecmp( argv[ 0 ], "t-f-support" ) == 0 ) {
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: \"t-f-support {NO|yes|discover}\" needs 1 argument.\n",
- fname, lineno );
- return( 1 );
- }
-
- if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
- li->flags &= ~(LDAP_BACK_F_SUPPORT_T_F|LDAP_BACK_F_SUPPORT_T_F_DISCOVER);
-
- } else if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
- li->flags |= LDAP_BACK_F_SUPPORT_T_F;
-
- } else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
- li->flags |= LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
-
- } else {
- fprintf( stderr,
- "%s: line %d: \"t-f-support {NO|yes|discover}\": unknown argument \"%s\".\n",
- fname, lineno, argv[ 1 ] );
- return 1;
- }
-
- /* intercept exop_who_am_i? */
- } else if ( strcasecmp( argv[0], "proxy-whoami" ) == 0 ) {
- int doload_extop = 0;
-
- switch ( argc ) {
- case 1:
- fprintf( stderr,
- "%s: line %d: \"proxy-whoami {NO|yes}\": use without args is deprecated.\n",
- fname, lineno );
-
- doload_extop = 1;
- break;
-
- case 2:
- if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
- doload_extop = 1;
-
- } else if ( strcasecmp( argv[ 1 ], "no" ) != 0 ) {
- fprintf( stderr,
- "%s: line %d: \"proxy-whoami {NO|yes}\": unknown argument \"%s\".\n",
- fname, lineno, argv[ 1 ] );
- return( 1 );
- }
- break;
-
- default:
- fprintf( stderr,
- "%s: line %d: \"proxy-whoami {NO|yes}\" needs 1 argument.\n",
- fname, lineno );
- return( 1 );
- }
-
- if ( doload_extop ) {
- li->flags |= LDAP_BACK_F_PROXY_WHOAMI;
-
- load_extop( (struct berval *)&slap_EXOP_WHOAMI,
- 0, ldap_back_exop_whoami );
- }
-
- /* FIXME: legacy: intercept old rewrite/remap directives
- * and try to start the rwm overlay */
- } else if ( strcasecmp( argv[0], "suffixmassage" ) == 0
- || strcasecmp( argv[0], "map" ) == 0
- || strncasecmp( argv[0], "rewrite", STRLENOF( "rewrite" ) ) == 0 )
- {
-#if 0
- fprintf( stderr, "%s: line %d: "
- "rewrite/remap capabilities have been moved "
- "to the \"rwm\" overlay; see slapo-rwm(5) "
- "for details. I'm trying to do my best "
- "to preserve backwards compatibility...\n",
- fname, lineno );
-
- if ( li->rwm_started == 0 ) {
- if ( overlay_config( be, "rwm" ) ) {
- fprintf( stderr, "%s: line %d: "
- "unable to configure the \"rwm\" "
- "overlay, required by directive "
- "\"%s\".\n",
- fname, lineno, argv[0] );
-#if SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC
- fprintf( stderr, "\thint: try loading the \"rwm.la\" dynamic module.\n" );
-#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
- return( 1 );
- }
-
- fprintf( stderr, "%s: line %d: back-ldap: "
- "automatically starting \"rwm\" overlay, "
- "triggered by \"%s\" directive.\n",
- fname, lineno, argv[ 0 ] );
-
- /* this is the default; we add it because the default might change... */
- li->rwm_started = 1;
-
- return ( *be->bd_info->bi_db_config )( be, fname, lineno, argc, argv );
- }
-#else
- fprintf( stderr, "%s: line %d: "
- "rewrite/remap capabilities have been moved "
- "to the \"rwm\" overlay; see slapo-rwm(5) "
- "for details (hint: add \"overlay rwm\" "
- "and prefix all directives with \"rwm-\").\n",
- fname, lineno );
-#endif
-
- return 1;
-
- /* anything else */
- } else {
- return SLAP_CONF_UNKNOWN;
- }
-
- return 0;
-}
-
static int
ldap_back_exop_whoami(
Operation *op,
@@ -1654,7 +1197,7 @@ ldap_back_exop_whoami(
/* if auth'd by back-ldap and request is proxied, forward it */
if ( op->o_conn->c_authz_backend && !strcmp(op->o_conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &op->o_conn->c_ndn)) {
- struct ldapconn *lc;
+ ldapconn_t *lc;
LDAPControl c, *ctrls[2] = {NULL, NULL};
LDAPMessage *res;
@@ -1683,10 +1226,10 @@ retry:
&rs->sr_err);
if ( rs->sr_err == LDAP_SERVER_DOWN && doretry ) {
doretry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) )
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) )
goto retry;
}
- ldap_back_freeconn( op, lc );
+ ldap_back_freeconn( op, lc, 1 );
lc = NULL;
} else {
@@ -1724,562 +1267,3 @@ retry:
}
-static int
-parse_idassert(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
-{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
-
- /* identity assertion mode */
- if ( strcasecmp( argv[0], "idassert-mode" ) == 0 ) {
- if ( argc < 2 ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: illegal args number %d in \"idassert-mode <args> [<flag> [...]]\" line.\n",
- fname, lineno, argc );
- return 1;
- }
-
- if ( strcasecmp( argv[1], "legacy" ) == 0 ) {
- /* will proxyAuthz as client's identity only if bound */
- li->idassert_mode = LDAP_BACK_IDASSERT_LEGACY;
-
- } else if ( strcasecmp( argv[1], "self" ) == 0 ) {
- /* will proxyAuthz as client's identity */
- li->idassert_mode = LDAP_BACK_IDASSERT_SELF;
-
- } else if ( strcasecmp( argv[1], "anonymous" ) == 0 ) {
- /* will proxyAuthz as anonymous */
- li->idassert_mode = LDAP_BACK_IDASSERT_ANONYMOUS;
-
- } else if ( strcasecmp( argv[1], "none" ) == 0 ) {
- /* will not proxyAuthz */
- li->idassert_mode = LDAP_BACK_IDASSERT_NOASSERT;
-
- } else {
- struct berval id;
- int rc;
-
- /* will proxyAuthz as argv[1] */
- ber_str2bv( argv[1], 0, 0, &id );
-
- if ( strncasecmp( id.bv_val, "u:", STRLENOF( "u:" ) ) == 0 ) {
- /* force lowercase... */
- id.bv_val[0] = 'u';
- li->idassert_mode = LDAP_BACK_IDASSERT_OTHERID;
- ber_dupbv( &li->idassert_authzID, &id );
-
- } else {
- struct berval dn;
-
- /* default is DN? */
- if ( strncasecmp( id.bv_val, "dn:", STRLENOF( "dn:" ) ) == 0 ) {
- id.bv_val += STRLENOF( "dn:" );
- id.bv_len -= STRLENOF( "dn:" );
- }
-
- rc = dnNormalize( 0, NULL, NULL, &id, &dn, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: idassert ID \"%s\" is not a valid DN\n",
- fname, lineno, argv[1] );
- return 1;
- }
-
- li->idassert_authzID.bv_len = STRLENOF( "dn:" ) + dn.bv_len;
- li->idassert_authzID.bv_val = ch_malloc( li->idassert_authzID.bv_len + 1 );
- AC_MEMCPY( li->idassert_authzID.bv_val, "dn:", STRLENOF( "dn:" ) );
- AC_MEMCPY( &li->idassert_authzID.bv_val[ STRLENOF( "dn:" ) ], dn.bv_val, dn.bv_len + 1 );
- ch_free( dn.bv_val );
-
- li->idassert_mode = LDAP_BACK_IDASSERT_OTHERDN;
- }
- }
-
- for ( argc -= 2, argv += 2; argc--; argv++ ) {
- if ( strcasecmp( argv[0], "override" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_OVERRIDE;
-
- } else {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: unknown flag \"%s\" "
- "in \"idassert-mode <args> "
- "[<flags>]\" line.\n",
- fname, lineno, argv[0] );
- return 1;
- }
- }
-
- /* name to use for proxyAuthz propagation */
- } else if ( strcasecmp( argv[0], "idassert-authcdn" ) == 0
- || strcasecmp( argv[0], "proxyauthzdn" ) == 0 )
- {
- struct berval dn;
- int rc;
-
- /* FIXME: "proxyauthzdn" is no longer documented, and
- * temporarily supported for backwards compatibility */
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: missing name in \"%s <name>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- if ( !BER_BVISNULL( &li->idassert_authcDN ) ) {
- fprintf( stderr, "%s: line %d: "
- "authcDN already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_authcDN.bv_val );
- }
-
- ber_str2bv( argv[1], 0, 0, &dn );
- rc = dnNormalize( 0, NULL, NULL, &dn, &li->idassert_authcDN, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: idassert ID \"%s\" is not a valid DN\n",
- fname, lineno, argv[1] );
- return 1;
- }
-
- /* password to use for proxyAuthz propagation */
- } else if ( strcasecmp( argv[0], "idassert-passwd" ) == 0
- || strcasecmp( argv[0], "proxyauthzpw" ) == 0 )
- {
- /* FIXME: "proxyauthzpw" is no longer documented, and
- * temporarily supported for backwards compatibility */
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: missing password in \"%s <password>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- if ( !BER_BVISNULL( &li->idassert_passwd ) ) {
- fprintf( stderr, "%s: line %d: "
- "passwd already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_passwd.bv_val );
- }
-
- ber_str2bv( argv[1], 0, 1, &li->idassert_passwd );
-
- /* rules to accept identity assertion... */
- } else if ( strcasecmp( argv[0], "idassert-authzFrom" ) == 0 ) {
- struct berval rule;
-
- ber_str2bv( argv[1], 0, 1, &rule );
-
- ber_bvarray_add( &li->idassert_authz, &rule );
-
- } else if ( strcasecmp( argv[0], "idassert-method" ) == 0 ) {
- char *argv1;
-
- if ( argc < 2 ) {
- fprintf( stderr,
- "%s: line %d: missing method in \"%s <method>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- argv1 = argv[1];
- if ( strncasecmp( argv1, "bindmethod=", STRLENOF( "bindmethod=" ) ) == 0 ) {
- argv1 += STRLENOF( "bindmethod=" );
- }
-
- if ( strcasecmp( argv1, "none" ) == 0 ) {
- /* FIXME: is this at all useful? */
- li->idassert_authmethod = LDAP_AUTH_NONE;
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: trailing args in \"%s %s ...\" line ignored\"\n",
- fname, lineno, argv[0], argv[1] );
- }
-
- } else if ( strcasecmp( argv1, "simple" ) == 0 ) {
- int arg;
-
- for ( arg = 2; arg < argc; arg++ ) {
- if ( strncasecmp( argv[arg], "authcdn=", STRLENOF( "authcdn=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authcdn=" );
- struct berval dn;
- int rc;
-
- if ( !BER_BVISNULL( &li->idassert_authcDN ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL authcDN already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_authcDN.bv_val );
- }
- if ( strncasecmp( argv[arg], "dn:", STRLENOF( "dn:" ) ) == 0 ) {
- val += STRLENOF( "dn:" );
- }
-
- ber_str2bv( val, 0, 0, &dn );
- rc = dnNormalize( 0, NULL, NULL, &dn, &li->idassert_authcDN, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: SASL authcdn \"%s\" is not a valid DN\n",
- fname, lineno, val );
- return 1;
- }
-
- } else if ( strncasecmp( argv[arg], "cred=", STRLENOF( "cred=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "cred=" );
-
- if ( !BER_BVISNULL( &li->idassert_passwd ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL cred already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_passwd.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->idassert_passwd );
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unknown parameter %s\n",
- fname, lineno, argv[arg] );
- return 1;
- }
- }
-
- li->idassert_authmethod = LDAP_AUTH_SIMPLE;
-
- } else if ( strcasecmp( argv1, "sasl" ) == 0 ) {
-#ifdef HAVE_CYRUS_SASL
- int arg;
-
- for ( arg = 2; arg < argc; arg++ ) {
- if ( strncasecmp( argv[arg], "mech=", STRLENOF( "mech=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "mech=" );
-
- if ( !BER_BVISNULL( &li->idassert_sasl_mech ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL mech already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_sasl_mech.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->idassert_sasl_mech );
-
- } else if ( strncasecmp( argv[arg], "realm=", STRLENOF( "realm=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "realm=" );
-
- if ( !BER_BVISNULL( &li->idassert_sasl_realm ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL realm already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_sasl_realm.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->idassert_sasl_realm );
-
- } else if ( strncasecmp( argv[arg], "authcdn=", STRLENOF( "authcdn=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authcdn=" );
- struct berval dn;
- int rc;
-
- if ( !BER_BVISNULL( &li->idassert_authcDN ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL authcDN already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_authcDN.bv_val );
- }
- if ( strncasecmp( argv[arg], "dn:", STRLENOF( "dn:" ) ) == 0 ) {
- val += STRLENOF( "dn:" );
- }
-
- ber_str2bv( val, 0, 0, &dn );
- rc = dnNormalize( 0, NULL, NULL, &dn, &li->idassert_authcDN, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: SASL authcdn \"%s\" is not a valid DN\n",
- fname, lineno, val );
- return 1;
- }
-
- } else if ( strncasecmp( argv[arg], "authcid=", STRLENOF( "authcid=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authcid=" );
-
- if ( !BER_BVISNULL( &li->idassert_authcID ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL authcID already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_authcID.bv_val );
- }
- if ( strncasecmp( argv[arg], "u:", STRLENOF( "u:" ) ) == 0 ) {
- val += STRLENOF( "u:" );
- }
- ber_str2bv( val, 0, 1, &li->idassert_authcID );
-
- } else if ( strncasecmp( argv[arg], "cred=", STRLENOF( "cred=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "cred=" );
-
- if ( !BER_BVISNULL( &li->idassert_passwd ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL cred already defined; replacing...\n",
- fname, lineno );
- ch_free( li->idassert_passwd.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->idassert_passwd );
-
- } else if ( strncasecmp( argv[arg], "authz=", STRLENOF( "authz=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authz=" );
-
- if ( strcasecmp( val, "proxyauthz" ) == 0 ) {
- li->idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
-
- } else if ( strcasecmp( val, "native" ) == 0 ) {
- li->idassert_flags |= LDAP_BACK_AUTH_NATIVE_AUTHZ;
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unknown authz mode \"%s\"\n",
- fname, lineno, val );
- return 1;
- }
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unknown SASL parameter %s\n",
- fname, lineno, argv[arg] );
- return 1;
- }
- }
-
- li->idassert_authmethod = LDAP_AUTH_SASL;
-
-#else /* !HAVE_CYRUS_SASL */
- fprintf( stderr, "%s: line %d: "
- "compile --with-cyrus-sasl to enable SASL auth\n",
- fname, lineno );
- return 1;
-#endif /* !HAVE_CYRUS_SASL */
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unhandled idassert-method method %s\n",
- fname, lineno, argv[1] );
- return 1;
- }
-
- } else {
- return SLAP_CONF_UNKNOWN;
- }
-
- return 0;
-}
-
-static int
-parse_acl_auth(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
-{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
-
- /* name to use for remote ACL access */
- if ( strcasecmp( argv[0], "acl-authcdn" ) == 0
- || strcasecmp( argv[0], "binddn" ) == 0 )
- {
- struct berval dn;
- int rc;
-
- /* FIXME: "binddn" is no longer documented, and
- * temporarily supported for backwards compatibility */
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: missing name in \"%s <name>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- if ( !BER_BVISNULL( &li->acl_authcDN ) ) {
- fprintf( stderr, "%s: line %d: "
- "authcDN already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_authcDN.bv_val );
- }
-
- ber_str2bv( argv[1], 0, 0, &dn );
- rc = dnNormalize( 0, NULL, NULL, &dn, &li->acl_authcDN, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: acl ID \"%s\" is not a valid DN\n",
- fname, lineno, argv[1] );
- return 1;
- }
-
- /* password to use for remote ACL access */
- } else if ( strcasecmp( argv[0], "acl-passwd" ) == 0
- || strcasecmp( argv[0], "bindpw" ) == 0 )
- {
- /* FIXME: "bindpw" is no longer documented, and
- * temporarily supported for backwards compatibility */
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: missing password in \"%s <password>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- if ( !BER_BVISNULL( &li->acl_passwd ) ) {
- fprintf( stderr, "%s: line %d: "
- "passwd already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_passwd.bv_val );
- }
-
- ber_str2bv( argv[1], 0, 1, &li->acl_passwd );
-
- } else if ( strcasecmp( argv[0], "acl-method" ) == 0 ) {
- char *argv1;
-
- if ( argc < 2 ) {
- fprintf( stderr,
- "%s: line %d: missing method in \"%s <method>\" line\n",
- fname, lineno, argv[0] );
- return( 1 );
- }
-
- argv1 = argv[1];
- if ( strncasecmp( argv1, "bindmethod=", STRLENOF( "bindmethod=" ) ) == 0 ) {
- argv1 += STRLENOF( "bindmethod=" );
- }
-
- if ( strcasecmp( argv1, "none" ) == 0 ) {
- /* FIXME: is this at all useful? */
- li->acl_authmethod = LDAP_AUTH_NONE;
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: trailing args in \"%s %s ...\" line ignored\"\n",
- fname, lineno, argv[0], argv[1] );
- }
-
- } else if ( strcasecmp( argv1, "simple" ) == 0 ) {
- li->acl_authmethod = LDAP_AUTH_SIMPLE;
-
- if ( argc != 2 ) {
- fprintf( stderr,
- "%s: line %d: trailing args in \"%s %s ...\" line ignored\"\n",
- fname, lineno, argv[0], argv[1] );
- }
-
- } else if ( strcasecmp( argv1, "sasl" ) == 0 ) {
-#ifdef HAVE_CYRUS_SASL
- int arg;
-
- for ( arg = 2; arg < argc; arg++ ) {
- if ( strncasecmp( argv[arg], "mech=", STRLENOF( "mech=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "mech=" );
-
- if ( !BER_BVISNULL( &li->acl_sasl_mech ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL mech already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_sasl_mech.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->acl_sasl_mech );
-
- } else if ( strncasecmp( argv[arg], "realm=", STRLENOF( "realm=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "realm=" );
-
- if ( !BER_BVISNULL( &li->acl_sasl_realm ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL realm already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_sasl_realm.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->acl_sasl_realm );
-
- } else if ( strncasecmp( argv[arg], "authcdn=", STRLENOF( "authcdn=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authcdn=" );
- struct berval dn;
- int rc;
-
- if ( !BER_BVISNULL( &li->acl_authcDN ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL authcDN already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_authcDN.bv_val );
- }
- if ( strncasecmp( argv[arg], "dn:", STRLENOF( "dn:" ) ) == 0 ) {
- val += STRLENOF( "dn:" );
- }
-
- ber_str2bv( val, 0, 0, &dn );
- rc = dnNormalize( 0, NULL, NULL, &dn, &li->acl_authcDN, NULL );
- if ( rc != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: SASL authcdn \"%s\" is not a valid DN\n",
- fname, lineno, val );
- return 1;
- }
-
- } else if ( strncasecmp( argv[arg], "authcid=", STRLENOF( "authcid=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "authcid=" );
-
- if ( !BER_BVISNULL( &li->acl_authcID ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL authcID already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_authcID.bv_val );
- }
- if ( strncasecmp( argv[arg], "u:", STRLENOF( "u:" ) ) == 0 ) {
- val += STRLENOF( "u:" );
- }
- ber_str2bv( val, 0, 1, &li->acl_authcID );
-
- } else if ( strncasecmp( argv[arg], "cred=", STRLENOF( "cred=" ) ) == 0 ) {
- char *val = argv[arg] + STRLENOF( "cred=" );
-
- if ( !BER_BVISNULL( &li->acl_passwd ) ) {
- fprintf( stderr, "%s: line %d: "
- "SASL cred already defined; replacing...\n",
- fname, lineno );
- ch_free( li->acl_passwd.bv_val );
- }
- ber_str2bv( val, 0, 1, &li->acl_passwd );
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unknown SASL parameter %s\n",
- fname, lineno, argv[arg] );
- return 1;
- }
- }
-
- li->acl_authmethod = LDAP_AUTH_SASL;
-
-#else /* !HAVE_CYRUS_SASL */
- fprintf( stderr, "%s: line %d: "
- "compile --with-cyrus-sasl to enable SASL auth\n",
- fname, lineno );
- return 1;
-#endif /* !HAVE_CYRUS_SASL */
-
- } else {
- fprintf( stderr, "%s: line %d: "
- "unhandled acl-method method %s\n",
- fname, lineno, argv[1] );
- return 1;
- }
-
- } else {
- return SLAP_CONF_UNKNOWN;
- }
-
- return 0;
-}
-
diff --git a/servers/slapd/back-ldap/delete.c b/servers/slapd/back-ldap/delete.c
index dcce01ae74..03afa19083 100644
--- a/servers/slapd/back-ldap/delete.c
+++ b/servers/slapd/back-ldap/delete.c
@@ -36,9 +36,9 @@ ldap_back_delete(
Operation *op,
SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- struct ldapconn *lc;
+ ldapconn_t *lc;
ber_int_t msgid;
LDAPControl **ctrls = NULL;
int do_retry = 1;
@@ -62,10 +62,10 @@ retry:
rs->sr_err = ldap_delete_ext( lc->lc_ld, op->o_req_ndn.bv_val,
ctrls, NULL, &msgid );
rc = ldap_back_op_result( lc, op, rs, msgid,
- li->timeout[ LDAP_BACK_OP_DELETE], LDAP_BACK_SENDRESULT );
+ li->li_timeout[ LDAP_BACK_OP_DELETE], LDAP_BACK_SENDRESULT );
if ( rs->sr_err == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c
index fde2c489b0..dae58547f0 100644
--- a/servers/slapd/back-ldap/extended.c
+++ b/servers/slapd/back-ldap/extended.c
@@ -48,7 +48,7 @@ ldap_back_extended(
for ( i = 0; exop_table[i].extended != NULL; i++ ) {
if ( bvmatch( &exop_table[i].oid, &op->oq_extended.rs_reqoid ) )
{
- struct ldapconn *lc;
+ ldapconn_t *lc;
LDAPControl **oldctrls = NULL;
int rc;
@@ -98,7 +98,7 @@ ldap_back_exop_passwd(
Operation *op,
SlapReply *rs )
{
- struct ldapconn *lc;
+ ldapconn_t *lc;
req_pwdexop_s *qpw = &op->oq_pwdexop;
LDAPMessage *res;
ber_int_t msgid;
@@ -124,7 +124,7 @@ retry:
if ( rc == LDAP_SUCCESS ) {
if ( ldap_result( lc->lc_ld, msgid, 1, NULL, &res ) == -1 ) {
ldap_get_option( lc->lc_ld, LDAP_OPT_ERROR_NUMBER, &rc );
- ldap_back_freeconn( op, lc );
+ ldap_back_freeconn( op, lc, 0 );
lc = NULL;
} else {
@@ -135,6 +135,7 @@ retry:
(char **)&rs->sr_matched,
(char **)&rs->sr_text,
NULL, NULL, 0 );
+#ifndef LDAP_NULL_IS_NULL
if ( rs->sr_matched && rs->sr_matched[ 0 ] == '\0' ) {
free( (char *)rs->sr_matched );
rs->sr_matched = NULL;
@@ -143,6 +144,7 @@ retry:
free( (char *)rs->sr_text );
rs->sr_text = NULL;
}
+#endif /* LDAP_NULL_IS_NULL */
if ( rc == LDAP_SUCCESS ) {
if ( rs->sr_err == LDAP_SUCCESS ) {
struct berval newpw;
@@ -168,7 +170,7 @@ retry:
rs->sr_err = slap_map_api2result( rs );
if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c
index f250f6d0d9..013e62306e 100644
--- a/servers/slapd/back-ldap/init.c
+++ b/servers/slapd/back-ldap/init.c
@@ -80,45 +80,45 @@ ldap_back_initialize( BackendInfo *bi )
int
ldap_back_db_init( Backend *be )
{
- struct ldapinfo *li;
+ ldapinfo_t *li;
- li = (struct ldapinfo *)ch_calloc( 1, sizeof( struct ldapinfo ) );
+ li = (ldapinfo_t *)ch_calloc( 1, sizeof( ldapinfo_t ) );
if ( li == NULL ) {
return -1;
}
- BER_BVZERO( &li->acl_authcID );
- BER_BVZERO( &li->acl_authcDN );
- BER_BVZERO( &li->acl_passwd );
+ BER_BVZERO( &li->li_acl_authcID );
+ BER_BVZERO( &li->li_acl_authcDN );
+ BER_BVZERO( &li->li_acl_passwd );
- li->acl_authmethod = LDAP_AUTH_NONE;
- BER_BVZERO( &li->acl_sasl_mech );
- li->acl_sb.sb_tls = SB_TLS_DEFAULT;
+ li->li_acl_authmethod = LDAP_AUTH_NONE;
+ BER_BVZERO( &li->li_acl_sasl_mech );
+ li->li_acl.sb_tls = SB_TLS_DEFAULT;
- li->idassert_mode = LDAP_BACK_IDASSERT_LEGACY;
+ li->li_idassert_mode = LDAP_BACK_IDASSERT_LEGACY;
- BER_BVZERO( &li->idassert_authcID );
- BER_BVZERO( &li->idassert_authcDN );
- BER_BVZERO( &li->idassert_passwd );
+ BER_BVZERO( &li->li_idassert_authcID );
+ BER_BVZERO( &li->li_idassert_authcDN );
+ BER_BVZERO( &li->li_idassert_passwd );
- BER_BVZERO( &li->idassert_authzID );
+ BER_BVZERO( &li->li_idassert_authzID );
- li->idassert_authmethod = LDAP_AUTH_NONE;
- BER_BVZERO( &li->idassert_sasl_mech );
- li->idassert_sb.sb_tls = SB_TLS_DEFAULT;
+ li->li_idassert_authmethod = LDAP_AUTH_NONE;
+ BER_BVZERO( &li->li_idassert_sasl_mech );
+ li->li_idassert.sb_tls = SB_TLS_DEFAULT;
/* by default, use proxyAuthz control on each operation */
- li->idassert_flags = LDAP_BACK_AUTH_PRESCRIPTIVE;
+ li->li_idassert_flags = LDAP_BACK_AUTH_PRESCRIPTIVE;
- li->idassert_authz = NULL;
+ li->li_idassert_authz = NULL;
/* initialize flags */
- li->flags = LDAP_BACK_F_CHASE_REFERRALS;
+ li->li_flags = LDAP_BACK_F_CHASE_REFERRALS;
/* initialize version */
- li->version = LDAP_VERSION3;
+ li->li_version = LDAP_VERSION3;
- ldap_pvt_thread_mutex_init( &li->conn_mutex );
+ ldap_pvt_thread_mutex_init( &li->li_conninfo.lai_mutex );
be->be_private = li;
SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_NOLASTMOD;
@@ -131,19 +131,19 @@ ldap_back_db_init( Backend *be )
int
ldap_back_db_open( BackendDB *be )
{
- struct ldapinfo *li = (struct ldapinfo *)be->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)be->be_private;
Debug( LDAP_DEBUG_TRACE,
"ldap_back_db_open: URI=%s\n",
- li->url != NULL ? li->url : "", 0, 0 );
+ li->li_uri != NULL ? li->li_uri : "", 0, 0 );
/* by default, use proxyAuthz control on each operation */
- switch ( li->idassert_mode ) {
+ switch ( li->li_idassert_mode ) {
case LDAP_BACK_IDASSERT_LEGACY:
case LDAP_BACK_IDASSERT_SELF:
/* however, since admin connections are pooled and shared,
* only static authzIDs can be native */
- li->idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
+ li->li_idassert_flags &= ~LDAP_BACK_AUTH_NATIVE_AUTHZ;
break;
default:
@@ -159,7 +159,6 @@ ldap_back_db_open( BackendDB *be )
* the normalized one. See ITS#3406 */
struct berval filter,
base = BER_BVC( "cn=Databases," SLAPD_MONITOR );
- struct berval vals[ 2 ];
Attribute a = { 0 };
filter.bv_len = STRLENOF( "(&(namingContexts:distinguishedNameMatch:=)(monitoredInfo=ldap))" )
@@ -170,10 +169,8 @@ ldap_back_db_open( BackendDB *be )
be->be_nsuffix[ 0 ].bv_val );
a.a_desc = slap_schema.si_ad_labeledURI;
- ber_str2bv( li->url, 0, 0, &vals[ 0 ] );
- BER_BVZERO( &vals[ 1 ] );
- a.a_vals = vals;
- a.a_nvals = vals;
+ a.a_vals = li->li_bvuri;
+ a.a_nvals = li->li_bvuri;
if ( monitor_back_register_entry_attrs( NULL, &a, NULL, &base, LDAP_SCOPE_SUBTREE, &filter ) ) {
/* error */
}
@@ -182,16 +179,16 @@ ldap_back_db_open( BackendDB *be )
}
#endif /* SLAPD_MONITOR */
- if ( li->flags & LDAP_BACK_F_SUPPORT_T_F_DISCOVER ) {
+ if ( li->li_flags & LDAP_BACK_F_SUPPORT_T_F_DISCOVER ) {
int rc;
- li->flags &= ~LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
+ li->li_flags &= ~LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
- rc = slap_discover_feature( li->url, li->version,
+ rc = slap_discover_feature( li->li_uri, li->li_version,
slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
LDAP_FEATURE_ABSOLUTE_FILTERS );
if ( rc == LDAP_COMPARE_TRUE ) {
- li->flags |= LDAP_BACK_F_SUPPORT_T_F;
+ li->li_flags |= LDAP_BACK_F_SUPPORT_T_F;
}
}
@@ -201,7 +198,7 @@ ldap_back_db_open( BackendDB *be )
void
ldap_back_conn_free( void *v_lc )
{
- struct ldapconn *lc = v_lc;
+ ldapconn_t *lc = v_lc;
if ( lc->lc_ld != NULL ) {
ldap_unbind_ext( lc->lc_ld, NULL, NULL );
@@ -224,75 +221,73 @@ ldap_back_db_destroy(
Backend *be
)
{
- struct ldapinfo *li;
-
if ( be->be_private ) {
- li = ( struct ldapinfo * )be->be_private;
+ ldapinfo_t *li = ( ldapinfo_t * )be->be_private;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
- if ( li->url != NULL ) {
- ch_free( li->url );
- li->url = NULL;
- }
- if ( li->lud ) {
- ldap_free_urldesc( li->lud );
- li->lud = NULL;
+ if ( li->li_uri != NULL ) {
+ ch_free( li->li_uri );
+ li->li_uri = NULL;
+
+ assert( li->li_bvuri != NULL );
+ ber_bvarray_free( li->li_bvuri );
+ li->li_bvuri = NULL;
}
- if ( !BER_BVISNULL( &li->acl_authcID ) ) {
- ch_free( li->acl_authcID.bv_val );
- BER_BVZERO( &li->acl_authcID );
+ if ( !BER_BVISNULL( &li->li_acl_authcID ) ) {
+ ch_free( li->li_acl_authcID.bv_val );
+ BER_BVZERO( &li->li_acl_authcID );
}
- if ( !BER_BVISNULL( &li->acl_authcDN ) ) {
- ch_free( li->acl_authcDN.bv_val );
- BER_BVZERO( &li->acl_authcDN );
+ if ( !BER_BVISNULL( &li->li_acl_authcDN ) ) {
+ ch_free( li->li_acl_authcDN.bv_val );
+ BER_BVZERO( &li->li_acl_authcDN );
}
- if ( !BER_BVISNULL( &li->acl_passwd ) ) {
- ch_free( li->acl_passwd.bv_val );
- BER_BVZERO( &li->acl_passwd );
+ if ( !BER_BVISNULL( &li->li_acl_passwd ) ) {
+ ch_free( li->li_acl_passwd.bv_val );
+ BER_BVZERO( &li->li_acl_passwd );
}
- if ( !BER_BVISNULL( &li->acl_sasl_mech ) ) {
- ch_free( li->acl_sasl_mech.bv_val );
- BER_BVZERO( &li->acl_sasl_mech );
+ if ( !BER_BVISNULL( &li->li_acl_sasl_mech ) ) {
+ ch_free( li->li_acl_sasl_mech.bv_val );
+ BER_BVZERO( &li->li_acl_sasl_mech );
}
- if ( !BER_BVISNULL( &li->acl_sasl_realm ) ) {
- ch_free( li->acl_sasl_realm.bv_val );
- BER_BVZERO( &li->acl_sasl_realm );
+ if ( !BER_BVISNULL( &li->li_acl_sasl_realm ) ) {
+ ch_free( li->li_acl_sasl_realm.bv_val );
+ BER_BVZERO( &li->li_acl_sasl_realm );
}
- if ( !BER_BVISNULL( &li->idassert_authcID ) ) {
- ch_free( li->idassert_authcID.bv_val );
- BER_BVZERO( &li->idassert_authcID );
+ if ( !BER_BVISNULL( &li->li_idassert_authcID ) ) {
+ ch_free( li->li_idassert_authcID.bv_val );
+ BER_BVZERO( &li->li_idassert_authcID );
}
- if ( !BER_BVISNULL( &li->idassert_authcDN ) ) {
- ch_free( li->idassert_authcDN.bv_val );
- BER_BVZERO( &li->idassert_authcDN );
+ if ( !BER_BVISNULL( &li->li_idassert_authcDN ) ) {
+ ch_free( li->li_idassert_authcDN.bv_val );
+ BER_BVZERO( &li->li_idassert_authcDN );
}
- if ( !BER_BVISNULL( &li->idassert_passwd ) ) {
- ch_free( li->idassert_passwd.bv_val );
- BER_BVZERO( &li->idassert_passwd );
+ if ( !BER_BVISNULL( &li->li_idassert_passwd ) ) {
+ ch_free( li->li_idassert_passwd.bv_val );
+ BER_BVZERO( &li->li_idassert_passwd );
}
- if ( !BER_BVISNULL( &li->idassert_authzID ) ) {
- ch_free( li->idassert_authzID.bv_val );
- BER_BVZERO( &li->idassert_authzID );
+ if ( !BER_BVISNULL( &li->li_idassert_authzID ) ) {
+ ch_free( li->li_idassert_authzID.bv_val );
+ BER_BVZERO( &li->li_idassert_authzID );
}
- if ( !BER_BVISNULL( &li->idassert_sasl_mech ) ) {
- ch_free( li->idassert_sasl_mech.bv_val );
- BER_BVZERO( &li->idassert_sasl_mech );
+ if ( !BER_BVISNULL( &li->li_idassert_sasl_mech ) ) {
+ ch_free( li->li_idassert_sasl_mech.bv_val );
+ BER_BVZERO( &li->li_idassert_sasl_mech );
}
- if ( !BER_BVISNULL( &li->idassert_sasl_realm ) ) {
- ch_free( li->idassert_sasl_realm.bv_val );
- BER_BVZERO( &li->idassert_sasl_realm );
+ if ( !BER_BVISNULL( &li->li_idassert_sasl_realm ) ) {
+ ch_free( li->li_idassert_sasl_realm.bv_val );
+ BER_BVZERO( &li->li_idassert_sasl_realm );
}
- if ( li->idassert_authz != NULL ) {
- ber_bvarray_free( li->idassert_authz );
- li->idassert_authz = NULL;
+ if ( li->li_idassert_authz != NULL ) {
+ ber_bvarray_free( li->li_idassert_authz );
+ li->li_idassert_authz = NULL;
}
- if ( li->conntree ) {
- avl_free( li->conntree, ldap_back_conn_free );
+ if ( li->li_conninfo.lai_tree ) {
+ avl_free( li->li_conninfo.lai_tree, ldap_back_conn_free );
}
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
- ldap_pvt_thread_mutex_destroy( &li->conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
+ ldap_pvt_thread_mutex_destroy( &li->li_conninfo.lai_mutex );
}
ch_free( be->be_private );
diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c
index ae0820ff53..c5889fb4f5 100644
--- a/servers/slapd/back-ldap/modify.c
+++ b/servers/slapd/back-ldap/modify.c
@@ -36,9 +36,9 @@ ldap_back_modify(
Operation *op,
SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- struct ldapconn *lc;
+ ldapconn_t *lc;
LDAPMod **modv = NULL,
*mods = NULL;
Modifications *ml;
@@ -110,10 +110,10 @@ retry:
rs->sr_err = ldap_modify_ext( lc->lc_ld, op->o_req_ndn.bv_val, modv,
ctrls, NULL, &msgid );
rc = ldap_back_op_result( lc, op, rs, msgid,
- li->timeout[ LDAP_BACK_OP_MODIFY], LDAP_BACK_SENDRESULT );
+ li->li_timeout[ LDAP_BACK_OP_MODIFY], LDAP_BACK_SENDRESULT );
if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/modrdn.c b/servers/slapd/back-ldap/modrdn.c
index 254038570e..17836b4aa1 100644
--- a/servers/slapd/back-ldap/modrdn.c
+++ b/servers/slapd/back-ldap/modrdn.c
@@ -36,9 +36,9 @@ ldap_back_modrdn(
Operation *op,
SlapReply *rs )
{
- struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *)op->o_bd->be_private;
- struct ldapconn *lc;
+ ldapconn_t *lc;
ber_int_t msgid;
LDAPControl **ctrls = NULL;
int do_retry = 1;
@@ -70,10 +70,10 @@ retry:
op->orr_newrdn.bv_val, newSup,
op->orr_deleteoldrdn, ctrls, NULL, &msgid );
rc = ldap_back_op_result( lc, op, rs, msgid,
- li->timeout[ LDAP_BACK_OP_MODRDN ], LDAP_BACK_SENDRESULT );
+ li->li_timeout[ LDAP_BACK_OP_MODRDN ], LDAP_BACK_SENDRESULT );
if ( rs->sr_err == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/proto-ldap.h b/servers/slapd/back-ldap/proto-ldap.h
index f705bf521c..4c911da13d 100644
--- a/servers/slapd/back-ldap/proto-ldap.h
+++ b/servers/slapd/back-ldap/proto-ldap.h
@@ -32,7 +32,6 @@ extern BI_destroy ldap_back_destroy;
extern BI_db_init ldap_back_db_init;
extern BI_db_open ldap_back_db_open;
extern BI_db_destroy ldap_back_db_destroy;
-extern BI_db_config ldap_back_db_config;
extern BI_op_bind ldap_back_bind;
extern BI_op_search ldap_back_search;
@@ -48,15 +47,14 @@ extern BI_connection_destroy ldap_back_conn_destroy;
extern BI_entry_get_rw ldap_back_entry_get;
-int ldap_back_freeconn( Operation *op, struct ldapconn *lc );
-struct ldapconn *ldap_back_getconn(struct slap_op *op, struct slap_rep *rs, ldap_back_send_t sendok);
-void ldap_back_release_conn( struct slap_op *op, struct slap_rep *rs, struct ldapconn *lc );
-int ldap_back_dobind(struct ldapconn *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok);
-int ldap_back_retry(struct ldapconn *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok);
-int ldap_back_map_result(SlapReply *rs);
-int ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
- ber_int_t msgid, time_t timeout, ldap_back_send_t sendok);
-int back_ldap_LTX_init_module(int argc, char *argv[]);
+int ldap_back_freeconn( Operation *op, ldapconn_t *lc, int dolock );
+ldapconn_t *ldap_back_getconn( Operation *op, SlapReply *rs, ldap_back_send_t sendok );
+void ldap_back_release_conn( Operation *op, SlapReply *rs, ldapconn_t *lc );
+int ldap_back_dobind( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_back_send_t sendok );
+int ldap_back_retry( ldapconn_t **lcp, Operation *op, SlapReply *rs, ldap_back_send_t sendok );
+int ldap_back_map_result( SlapReply *rs );
+int ldap_back_op_result( ldapconn_t *lc, Operation *op, SlapReply *rs,
+ ber_int_t msgid, time_t timeout, ldap_back_send_t sendok );
int ldap_back_init_cf( BackendInfo *bi );
@@ -66,7 +64,7 @@ extern void ldap_back_conn_free( void *c );
extern int
ldap_back_proxy_authz_ctrl(
- struct ldapconn *lc,
+ ldapconn_t *lc,
Operation *op,
SlapReply *rs,
LDAPControl ***pctrls );
diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c
index 625f3b0550..1a30eb6960 100644
--- a/servers/slapd/back-ldap/search.c
+++ b/servers/slapd/back-ldap/search.c
@@ -49,7 +49,7 @@ ldap_back_munge_filter(
Operation *op,
struct berval *filter )
{
- struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
char *ptr;
int gotit = 0;
@@ -75,7 +75,7 @@ ldap_back_munge_filter(
if ( strncmp( ptr, bv_true.bv_val, bv_true.bv_len ) == 0 ) {
oldbv = &bv_true;
- if ( li->flags & LDAP_BACK_F_SUPPORT_T_F ) {
+ if ( li->li_flags & LDAP_BACK_F_SUPPORT_T_F ) {
newbv = &bv_t;
} else {
@@ -85,7 +85,7 @@ ldap_back_munge_filter(
} else if ( strncmp( ptr, bv_false.bv_val, bv_false.bv_len ) == 0 )
{
oldbv = &bv_false;
- if ( li->flags & LDAP_BACK_F_SUPPORT_T_F ) {
+ if ( li->li_flags & LDAP_BACK_F_SUPPORT_T_F ) {
newbv = &bv_f;
} else {
@@ -141,7 +141,7 @@ ldap_back_search(
Operation *op,
SlapReply *rs )
{
- struct ldapconn *lc;
+ ldapconn_t *lc;
struct timeval tv;
time_t stoptime = (time_t)-1;
LDAPMessage *res,
@@ -216,18 +216,24 @@ retry:
op->ors_slimit, &msgid );
if ( rs->sr_err != LDAP_SUCCESS ) {
-fail:;
switch ( rs->sr_err ) {
case LDAP_SERVER_DOWN:
if ( do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_DONTSEND ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_DONTSEND ) ) {
goto retry;
}
}
- rc = ldap_back_op_result( lc, op, rs, msgid, 0, LDAP_BACK_DONTSEND );
- ldap_back_freeconn( op, lc );
- lc = NULL;
+ if ( lc == NULL ) {
+ /* reset by ldap_back_retry ... */
+ rs->sr_err = slap_map_api2result( rs );
+
+ } else {
+ rc = ldap_back_op_result( lc, op, rs, msgid, 0, LDAP_BACK_DONTSEND );
+ ldap_back_freeconn( op, lc, 0 );
+ lc = NULL;
+ }
+
goto finish;
case LDAP_FILTER_ERROR:
@@ -280,7 +286,6 @@ fail:;
} else if ( rc == LDAP_RES_SEARCH_ENTRY ) {
Entry ent = { 0 };
struct berval bdn = BER_BVNULL;
- int abort = 0;
do_retry = 0;
@@ -291,7 +296,7 @@ fail:;
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_flags = 0;
- abort = send_search_entry( op, rs );
+ rc = rs->sr_err = send_search_entry( op, rs );
if ( !BER_BVISNULL( &ent.e_name ) ) {
assert( ent.e_name.bv_val != bdn.bv_val );
free( ent.e_name.bv_val );
@@ -304,8 +309,12 @@ fail:;
entry_clean( &ent );
}
ldap_msgfree( res );
- if ( abort ) {
- ldap_abandon_ext( lc->lc_ld, msgid, NULL, NULL );
+ if ( rc != LDAP_SUCCESS ) {
+ if ( rc == LDAP_UNAVAILABLE ) {
+ rc = rs->sr_err = LDAP_OTHER;
+ } else {
+ ldap_abandon_ext( lc->lc_ld, msgid, NULL, NULL );
+ }
goto finish;
}
@@ -396,13 +405,22 @@ fail:;
}
if ( match.bv_val != NULL ) {
+#ifndef LDAP_NULL_IS_NULL
if ( match.bv_val[ 0 ] == '\0' ) {
LDAP_FREE( match.bv_val );
BER_BVZERO( &match );
- } else {
+ } else
+#endif /* LDAP_NULL_IS_NULL */
+ {
match.bv_len = strlen( match.bv_val );
}
}
+#ifndef LDAP_NULL_IS_NULL
+ if ( rs->sr_text != NULL && rs->sr_text[ 0 ] == '\0' ) {
+ LDAP_FREE( (char *)rs->sr_text );
+ rs->sr_text = NULL;
+ }
+#endif /* LDAP_NULL_IS_NULL */
/* cleanup */
if ( references ) {
@@ -417,12 +435,13 @@ fail:;
if ( rc == -1 ) {
if ( do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
goto retry;
}
}
rs->sr_err = LDAP_SERVER_DOWN;
- goto fail;
+ rs->sr_err = slap_map_api2result( rs );
+ goto finish;
}
/*
@@ -688,7 +707,7 @@ ldap_back_entry_get(
Entry **ent
)
{
- struct ldapconn *lc;
+ ldapconn_t *lc;
int rc = 1,
do_not_cache;
struct berval bdn;
@@ -746,7 +765,7 @@ retry:
if ( rc != LDAP_SUCCESS ) {
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
+ if ( ldap_back_retry( &lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
goto retry;
}
}
diff --git a/servers/slapd/back-ldap/unbind.c b/servers/slapd/back-ldap/unbind.c
index e097d0ae7a..6cc2c797da 100644
--- a/servers/slapd/back-ldap/unbind.c
+++ b/servers/slapd/back-ldap/unbind.c
@@ -38,8 +38,8 @@ ldap_back_conn_destroy(
Connection *conn
)
{
- struct ldapinfo *li = (struct ldapinfo *) be->be_private;
- struct ldapconn *lc = NULL, lc_curr;
+ ldapinfo_t *li = (ldapinfo_t *) be->be_private;
+ ldapconn_t *lc = NULL, lc_curr;
Debug( LDAP_DEBUG_TRACE,
"=>ldap_back_conn_destroy: fetching conn %ld\n",
@@ -48,9 +48,9 @@ ldap_back_conn_destroy(
lc_curr.lc_conn = conn;
lc_curr.lc_local_ndn = conn->c_ndn;
- ldap_pvt_thread_mutex_lock( &li->conn_mutex );
- lc = avl_delete( &li->conntree, (caddr_t)&lc_curr, ldap_back_conn_cmp );
- ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_lock( &li->li_conninfo.lai_mutex );
+ lc = avl_delete( &li->li_conninfo.lai_tree, (caddr_t)&lc_curr, ldap_back_conn_cmp );
+ ldap_pvt_thread_mutex_unlock( &li->li_conninfo.lai_mutex );
if ( lc ) {
Debug( LDAP_DEBUG_TRACE,
diff --git a/servers/slapd/back-ldbm/config.c b/servers/slapd/back-ldbm/config.c
index 2a0a5759ee..5309f2e0c3 100644
--- a/servers/slapd/back-ldbm/config.c
+++ b/servers/slapd/back-ldbm/config.c
@@ -23,6 +23,7 @@
#include "slap.h"
#include "back-ldbm.h"
+#include "lutil.h"
int
ldbm_back_db_config(
@@ -62,7 +63,12 @@ ldbm_back_db_config(
fname, lineno );
return( 1 );
}
- li->li_mode = strtol( argv[1], NULL, 0 );
+ if ( lutil_atoix( &li->li_mode, argv[1], 0 ) != 0 ) {
+ fprintf( stderr,
+ "%s: line %d: unable to parse mode=\"%s\" in \"mode <mode>\" line\n",
+ fname, lineno, argv[1] );
+ return( 1 );
+ }
/* attribute to index */
} else if ( strcasecmp( argv[0], "index" ) == 0 ) {
@@ -91,7 +97,12 @@ ldbm_back_db_config(
fname, lineno );
return( 1 );
}
- li->li_cache.c_maxsize = atoi( argv[1] );
+ if ( lutil_atoi( &li->li_cache.c_maxsize, argv[1] ) != 0 ) {
+ fprintf( stderr,
+ "%s: line %d: unable to parse cachesize \"%s\"\n",
+ fname, lineno, argv[1] );
+ return( 1 );
+ }
/* size of each dbcache in bytes */
} else if ( strcasecmp( argv[0], "dbcachesize" ) == 0 ) {
@@ -101,7 +112,12 @@ ldbm_back_db_config(
fname, lineno );
return( 1 );
}
- li->li_dbcachesize = atoi( argv[1] );
+ if ( lutil_atoi( &li->li_dbcachesize, argv[1] ) ) {
+ fprintf( stderr,
+ "%s: line %d: unable to parse dbcachesize \"%s\"\n",
+ fname, lineno, argv[1] );
+ return( 1 );
+ }
/* no locking (not safe) */
} else if ( strcasecmp( argv[0], "dbnolocking" ) == 0 ) {
@@ -124,9 +140,7 @@ ldbm_back_db_config(
return 1;
}
- i = atoi( argv[1] );
-
- if( i < 0 ) {
+ if ( lutil_atoi( &i, argv[1] ) != 0 || i < 0 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: frquency value (%d) invalid \"dbsync <frequency> [<wait-times> [wait-interval]]\" line\n",
fname, lineno, i );
@@ -136,8 +150,7 @@ ldbm_back_db_config(
li->li_dbsyncfreq = i;
if ( argc > 2 ) {
- i = atoi( argv[2] );
- if ( i < 0 ) {
+ if ( lutil_atoi( &i, argv[2] ) != 0 || i < 0 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: frquency value (%d) invalid \"dbsync <frequency> [<wait-times> [wait-interval]]\" line\n",
fname, lineno, i );
@@ -147,8 +160,7 @@ ldbm_back_db_config(
}
if ( argc > 3 ) {
- i = atoi( argv[3] );
- if ( i <= 0 ) {
+ if ( lutil_atoi( &i, argv[3] ) != 0 || i <= 0 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: frquency value (%d) invalid \"dbsync <frequency> [<wait-times> [wait-interval]]\" line\n",
fname, lineno, i );
diff --git a/servers/slapd/back-ldbm/init.c b/servers/slapd/back-ldbm/init.c
index 1ceb19bc5c..0f82638dca 100644
--- a/servers/slapd/back-ldbm/init.c
+++ b/servers/slapd/back-ldbm/init.c
@@ -32,9 +32,7 @@ ldbm_back_initialize(
{
static char *controls[] = {
LDAP_CONTROL_MANAGEDSAIT,
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
LDAP_CONTROL_X_PERMISSIVE_MODIFY,
-#endif
NULL
};
diff --git a/servers/slapd/back-ldbm/search.c b/servers/slapd/back-ldbm/search.c
index 47e7886ee1..455e31ccd9 100644
--- a/servers/slapd/back-ldbm/search.c
+++ b/servers/slapd/back-ldbm/search.c
@@ -417,40 +417,31 @@ searchit:
{
scopeok = dnIsSuffix( &e->e_nname, &realbase );
-#ifdef LDAP_SCOPE_SUBORDINATE
} else if ( !scopeok &&
op->ors_scope == LDAP_SCOPE_SUBORDINATE )
{
scopeok = !dn_match( &e->e_nname, &realbase )
&& dnIsSuffix( &e->e_nname, &realbase );
-#endif
} else {
scopeok = 1;
}
if ( scopeok ) {
- /* check size limit */
- if ( --op->ors_slimit == -1 ) {
- cache_return_entry_r( &li->li_cache, e );
- rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- rs->sr_entry = NULL;
- send_ldap_result( op, rs );
- rc = LDAP_SUCCESS;
- goto done;
- }
-
if (e) {
rs->sr_flags = 0;
- result = send_search_entry( op, rs );
-
- switch (result) {
- case 0: /* entry sent ok */
- break;
- case 1: /* entry not sent */
- break;
- case -1: /* connection closed */
+ rs->sr_err = send_search_entry( op, rs );
+
+ switch ( rs->sr_err ) {
+ case LDAP_UNAVAILABLE: /* connection closed */
+ cache_return_entry_r( &li->li_cache, e );
+ rc = LDAP_SUCCESS;
+ goto done;
+ case LDAP_SIZELIMIT_EXCEEDED:
cache_return_entry_r( &li->li_cache, e );
+ rc = rs->sr_err;
+ rs->sr_entry = NULL;
+ send_ldap_result( op, rs );
rc = LDAP_SUCCESS;
goto done;
}
diff --git a/servers/slapd/back-meta/back-meta.h b/servers/slapd/back-meta/back-meta.h
index 87ba1badf0..8ac932bb99 100644
--- a/servers/slapd/back-meta/back-meta.h
+++ b/servers/slapd/back-meta/back-meta.h
@@ -236,8 +236,8 @@ typedef struct metadncache_t {
Avlnode *tree;
#define META_DNCACHE_DISABLED (0)
-#define META_DNCACHE_FOREVER (-1)
- long int ttl; /* seconds; 0: no cache, -1: no expiry */
+#define META_DNCACHE_FOREVER ((time_t)(-1))
+ time_t ttl; /* seconds; 0: no cache, -1: no expiry */
} metadncache_t;
typedef struct metacandidates_t {
@@ -257,18 +257,18 @@ typedef struct metainfo_t {
metadncache_t mi_cache;
- ldap_pvt_thread_mutex_t mi_conn_mutex;
- Avlnode *mi_conntree;
+ ldap_avl_info_t mi_conninfo;
- unsigned flags;
+ unsigned mi_flags;
+#define li_flags mi_flags
/* uses flags as defined in <back-ldap/back-ldap.h> */
#define META_BACK_F_ONERR_STOP 0x00010000U
#define META_BACK_F_DEFER_ROOTDN_BIND 0x00020000U
-#define META_BACK_ONERR_STOP(mi) ( (mi)->flags & META_BACK_F_ONERR_STOP )
+#define META_BACK_ONERR_STOP(mi) ( (mi)->mi_flags & META_BACK_F_ONERR_STOP )
#define META_BACK_ONERR_CONTINUE(mi) ( !META_BACK_ONERR_CONTINUE( (mi) ) )
-#define META_BACK_DEFER_ROOTDN_BIND(mi) ( (mi)->flags & META_BACK_F_DEFER_ROOTDN_BIND )
+#define META_BACK_DEFER_ROOTDN_BIND(mi) ( (mi)->mi_flags & META_BACK_F_DEFER_ROOTDN_BIND )
int mi_version;
time_t mi_timeout[ LDAP_BACK_OP_LAST ];
diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 3d68674336..ccd2a6c275 100644
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -206,22 +206,22 @@ meta_back_bind( Operation *op, SlapReply *rs )
/* wait for all other ops to release the connection */
retry_lock:;
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
if ( mc->mc_refcnt > 1 ) {
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
ldap_pvt_thread_yield();
goto retry_lock;
}
assert( mc->mc_refcnt == 1 );
- mc = avl_delete( &mi->mi_conntree, (caddr_t)mc,
+ mc = avl_delete( &mi->mi_conninfo.lai_tree, (caddr_t)mc,
meta_back_conn_cmp );
assert( mc != NULL );
ber_bvreplace( &mc->mc_local_ndn, &op->o_req_ndn );
- lerr = avl_insert( &mi->mi_conntree, (caddr_t)mc,
+ lerr = avl_insert( &mi->mi_conninfo.lai_tree, (caddr_t)mc,
meta_back_conn_cmp, meta_back_conn_dup );
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
if ( lerr == -1 ) {
for ( i = 0; i < mi->mi_ntargets; ++i ) {
if ( mc->mc_conns[ i ].msc_ld != NULL ) {
@@ -548,7 +548,7 @@ retry:;
* to avoid circular loops; mc_mutex is set
* by the caller */
if ( dolock ) {
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
}
if ( mc->mc_refcnt == 1 ) {
@@ -571,7 +571,7 @@ retry:;
}
if ( dolock ) {
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
}
if ( rc == LDAP_SUCCESS ) {
diff --git a/servers/slapd/back-meta/candidates.c b/servers/slapd/back-meta/candidates.c
index 1cc8d83a87..a73cc1516e 100644
--- a/servers/slapd/back-meta/candidates.c
+++ b/servers/slapd/back-meta/candidates.c
@@ -70,13 +70,11 @@ meta_back_is_candidate(
default:
return META_CANDIDATE;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
if ( ndn->bv_len > nsuffix->bv_len ) {
return META_CANDIDATE;
}
break;
-#endif /* LDAP_SCOPE_SUBORDINATE */
/* nearly useless; not allowed by config */
case LDAP_SCOPE_ONELEVEL:
diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c
index 58cba85096..3516b82e35 100644
--- a/servers/slapd/back-meta/config.c
+++ b/servers/slapd/back-meta/config.c
@@ -95,12 +95,7 @@ meta_back_db_config(
{
metainfo_t *mi = ( metainfo_t * )be->be_private;
- if ( mi == NULL ) {
- fprintf( stderr,
- "%s: line %d: meta backend info is null!\n",
- fname, lineno );
- return 1;
- }
+ assert( mi != NULL );
/* URI of server to query */
if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
@@ -115,27 +110,27 @@ meta_back_db_config(
switch ( argc ) {
case 1:
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing URI "
"in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
case 2:
break;
default:
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: too many args "
"in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( be->be_nsuffix == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: the suffix must be defined before any target.\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -144,23 +139,23 @@ meta_back_db_config(
mi->mi_targets = ( metatarget_t * )ch_realloc( mi->mi_targets,
sizeof( metatarget_t ) * mi->mi_ntargets );
if ( mi->mi_targets == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: out of memory while storing server name"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( new_target( &mi->mi_targets[ i ] ) != 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to init server"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
mi->mi_targets[ i ].mt_nretries = mi->mi_nretries;
- mi->mi_targets[ i ].mt_flags = mi->flags;
+ mi->mi_targets[ i ].mt_flags = mi->mi_flags;
mi->mi_targets[ i ].mt_version = mi->mi_version;
for ( c = 0; c < LDAP_BACK_OP_LAST; c++ ) {
@@ -171,10 +166,10 @@ meta_back_db_config(
* uri MUST be legal!
*/
if ( ldap_url_parselist_ext( &ludp, argv[ 1 ], "\t" ) != LDAP_SUCCESS ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to parse URI"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -182,10 +177,10 @@ meta_back_db_config(
* uri MUST have the <dn> part!
*/
if ( ludp->lud_dn == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing <naming context> "
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
} else if ( ludp->lud_dn[ 0 ] == '\0' ) {
@@ -198,10 +193,10 @@ meta_back_db_config(
}
if ( BER_BVISNULL( &be->be_nsuffix[ j ] ) ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing <naming context> "
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
}
@@ -213,9 +208,9 @@ meta_back_db_config(
rc = dnPrettyNormal( NULL, &dn, &mi->mi_targets[ i ].mt_psuffix,
&mi->mi_targets[ i ].mt_nsuffix, NULL );
if( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "%s: line %d: "
- "target '%s' DN is invalid\n",
- fname, lineno, argv[ 1 ] );
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "target \"%s\" DN is invalid\n",
+ fname, lineno, argv[ 1 ] );
return( 1 );
}
@@ -227,26 +222,24 @@ meta_back_db_config(
break;
case LDAP_SCOPE_SUBTREE:
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif /* LDAP_SCOPE_SUBORDINATE */
mi->mi_targets[ i ].mt_scope = ludp->lud_scope;
break;
default:
- fprintf( stderr, "%s: line %d: "
- "invalid scope for target '%s'\n",
- fname, lineno, argv[ 1 ] );
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "invalid scope for target \"%s\"\n",
+ fname, lineno, argv[ 1 ] );
return( 1 );
}
/* check all, to apply the scope check on the first one */
for ( tmpludp = ludp; tmpludp; tmpludp = tmpludp->lud_next ) {
if ( tmpludp->lud_dn != NULL && tmpludp->lud_dn[ 0 ] != '\0' ) {
- fprintf( stderr, "%s: line %d: "
- "multiple URIs must have "
- "no DN part\n",
- fname, lineno );
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "multiple URIs must have "
+ "no DN part\n",
+ fname, lineno, 0 );
return( 1 );
}
@@ -255,8 +248,8 @@ meta_back_db_config(
mi->mi_targets[ i ].mt_uri = ldap_url_list2urls( ludp );
ldap_free_urllist( ludp );
if ( mi->mi_targets[ i ].mt_uri == NULL) {
- fprintf( stderr, "%s: line %d: no memory?\n",
- fname, lineno );
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: no memory?\n",
+ fname, lineno, 0 );
return( 1 );
}
@@ -265,10 +258,10 @@ meta_back_db_config(
*/
#if 0 /* too strict a constraint */
if ( select_backend( &mi->mi_targets[ i ].suffix, 0, 0 ) != be ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: <naming context> of URI does not refer to current backend"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
#else
@@ -276,10 +269,10 @@ meta_back_db_config(
* uri MUST be a branch of a suffix!
*/
if ( select_backend( &mi->mi_targets[ i ].mt_nsuffix, 0, 0 ) == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: <naming context> of URI does not resolve to a backend"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
#endif
@@ -290,62 +283,85 @@ meta_back_db_config(
if ( argc == 1 ) {
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"default-target\" alone need be"
" inside a \"uri\" directive\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
mi->mi_defaulttarget = i;
+
} else {
if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
if ( i >= 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"default-target none\""
" should go before uri definitions\n",
- fname, lineno );
+ fname, lineno, 0 );
}
mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
} else {
- char *next;
- int n = strtol( argv[ 1 ], &next, 10 );
- if ( n < 0 || n >= i - 1 ) {
- fprintf( stderr,
+
+ if ( lutil_atoi( &mi->mi_defaulttarget, argv[ 1 ] ) != 0
+ || mi->mi_defaulttarget < 0
+ || mi->mi_defaulttarget >= i - 1 )
+ {
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: illegal target number %d\n",
- fname, lineno, n );
+ fname, lineno, mi->mi_defaulttarget );
return 1;
}
- mi->mi_defaulttarget = n;
}
}
/* ttl of dn cache */
} else if ( strcasecmp( argv[ 0 ], "dncache-ttl" ) == 0 ) {
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing ttl in \"dncache-ttl <ttl>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
mi->mi_cache.ttl = META_DNCACHE_FOREVER;
+
} else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
mi->mi_cache.ttl = META_DNCACHE_DISABLED;
+
} else {
- mi->mi_cache.ttl = atol( argv[ 1 ] );
+ unsigned long t;
+
+ if ( lutil_parse_time( argv[ 1 ], &t ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: unable to parse ttl \"%s\" in \"dncache-ttl <ttl>\" line\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+ mi->mi_cache.ttl = (time_t)t;
}
/* network timeout when connecting to ldap servers */
} else if ( strcasecmp( argv[ 0 ], "network-timeout" ) == 0 ) {
+ unsigned long t;
+
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing network timeout in \"network-timeout <seconds>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
+ return 1;
+ }
+
+ if ( lutil_parse_time( argv[ 1 ], &t ) ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: unable to parse timeout \"%s\" in \"network-timeout <seconds>\" line\n",
+ fname, lineno, argv[ 1 ] );
return 1;
+
}
- mi->mi_network_timeout = atol(argv[ 1 ]);
+
+ mi->mi_network_timeout = (int)t;
/* name to use for meta_back_group */
} else if ( strcasecmp( argv[ 0 ], "acl-authcDN" ) == 0
@@ -355,24 +371,24 @@ meta_back_db_config(
struct berval dn;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing name in \"binddn <name>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"\"binddn\" statement is deprecated; "
"use \"acl-authcDN\" instead\n",
- fname, lineno );
+ fname, lineno, 0 );
/* FIXME: some day we'll need to throw an error */
}
@@ -381,7 +397,7 @@ meta_back_db_config(
if ( dnNormalize( 0, NULL, NULL, &dn, &mi->mi_targets[ i ].mt_binddn,
NULL ) != LDAP_SUCCESS )
{
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"bind DN '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
return( 1 );
@@ -394,24 +410,24 @@ meta_back_db_config(
int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing password in \"bindpw <password>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"\"bindpw\" statement is deprecated; "
"use \"acl-passwd\" instead\n",
- fname, lineno );
+ fname, lineno, 0 );
/* FIXME: some day we'll need to throw an error */
}
@@ -420,30 +436,30 @@ meta_back_db_config(
/* save bind creds for referral rebinds? */
} else if ( strcasecmp( argv[ 0 ], "rebind-as-user" ) == 0 ) {
if ( argc > 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"rebind-as-user {NO|yes}\" takes 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
if ( argc == 1 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: deprecated use of \"rebind-as-user {FALSE|true}\" with no arguments.\n",
- fname, lineno );
- mi->flags |= LDAP_BACK_F_SAVECRED;
+ fname, lineno, 0 );
+ mi->mi_flags |= LDAP_BACK_F_SAVECRED;
} else {
switch ( check_true_false( argv[ 1 ] ) ) {
case 0:
- mi->flags &= ~LDAP_BACK_F_SAVECRED;
+ mi->mi_flags &= ~LDAP_BACK_F_SAVECRED;
break;
case 1:
- mi->flags |= LDAP_BACK_F_SAVECRED;
+ mi->mi_flags |= LDAP_BACK_F_SAVECRED;
break;
default:
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"rebind-as-user {FALSE|true}\" unknown argument \"%s\".\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -453,12 +469,12 @@ meta_back_db_config(
} else if ( strcasecmp( argv[ 0 ], "chase-referrals" ) == 0 ) {
unsigned *flagsp = mi->mi_ntargets ?
&mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
- : &mi->flags;
+ : &mi->mi_flags;
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"chase-referrals {TRUE|false}\" needs 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
@@ -473,21 +489,21 @@ meta_back_db_config(
break;
default:
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"chase-referrals {TRUE|false}\": unknown argument \"%s\".\n",
- fname, lineno, argv[ 1 ] );
+ fname, lineno, argv[ 1 ] );
return( 1 );
}
} else if ( strcasecmp( argv[ 0 ], "tls" ) == 0 ) {
unsigned *flagsp = mi->mi_ntargets ?
&mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
- : &mi->flags;
+ : &mi->mi_flags;
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"tls <what>\" needs 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
@@ -510,21 +526,21 @@ meta_back_db_config(
*flagsp |= LDAP_BACK_F_PROPAGATE_TLS;
} else {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"tls <what>\": unknown argument \"%s\".\n",
- fname, lineno, argv[ 1 ] );
+ fname, lineno, argv[ 1 ] );
return( 1 );
}
} else if ( strcasecmp( argv[ 0 ], "t-f-support" ) == 0 ) {
unsigned *flagsp = mi->mi_ntargets ?
&mi->mi_targets[ mi->mi_ntargets - 1 ].mt_flags
- : &mi->flags;
+ : &mi->mi_flags;
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"t-f-support {FALSE|true|discover}\" needs 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
@@ -542,7 +558,7 @@ meta_back_db_config(
*flagsp |= LDAP_BACK_F_SUPPORT_T_F_DISCOVER;
} else {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -553,20 +569,20 @@ meta_back_db_config(
/* onerr? */
} else if ( strcasecmp( argv[ 0 ], "onerr" ) == 0 ) {
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"onerr {CONTINUE|stop}\" takes 1 argument\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
if ( strcasecmp( argv[ 1 ], "continue" ) == 0 ) {
- mi->flags &= ~META_BACK_F_ONERR_STOP;
+ mi->mi_flags &= ~META_BACK_F_ONERR_STOP;
} else if ( strcasecmp( argv[ 1 ], "stop" ) == 0 ) {
- mi->flags |= META_BACK_F_ONERR_STOP;
+ mi->mi_flags |= META_BACK_F_ONERR_STOP;
} else {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"onerr {CONTINUE|stop}\": invalid arg \"%s\".\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -575,44 +591,45 @@ meta_back_db_config(
/* bind-defer? */
} else if ( strcasecmp( argv[ 0 ], "pseudoroot-bind-defer" ) == 0 ) {
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"pseudoroot-bind-defer {FALSE|true}\" takes 1 argument\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
switch ( check_true_false( argv[ 1 ] ) ) {
case 0:
- mi->flags &= ~META_BACK_F_DEFER_ROOTDN_BIND;
+ mi->mi_flags &= ~META_BACK_F_DEFER_ROOTDN_BIND;
break;
case 1:
- mi->flags |= META_BACK_F_DEFER_ROOTDN_BIND;
+ mi->mi_flags |= META_BACK_F_DEFER_ROOTDN_BIND;
break;
default:
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"pseudoroot-bind-defer {FALSE|true}\": invalid arg \"%s\".\n",
fname, lineno, argv[ 1 ] );
return 1;
}
} else if ( strcasecmp( argv[ 0 ], "timeout" ) == 0 ) {
- char *sep, *next;
+ char *sep;
time_t *tv = mi->mi_ntargets ?
mi->mi_targets[ mi->mi_ntargets - 1 ].mt_timeout
: mi->mi_timeout;
int c;
if ( argc < 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"timeout [{add|delete|modify|modrdn}=]<val> [...]\" takes at least 1 argument\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
for ( c = 1; c < argc; c++ ) {
- time_t *t = NULL, val;
+ time_t *t = NULL;
+ unsigned long val;
sep = strchr( argv[ c ], '=' );
if ( sep != NULL ) {
@@ -627,9 +644,13 @@ meta_back_db_config(
} else if ( strncasecmp( argv[ c ], "modrdn", len ) == 0 ) {
t = &tv[ LDAP_BACK_OP_MODRDN ];
} else {
- fprintf( stderr,
- "%s: line %d: unknown operation \"%s\" for timeout #%d.\n",
- fname, lineno, argv[ c ], c );
+ char buf[ SLAP_TEXT_BUFLEN ];
+ snprintf( buf, sizeof( buf ),
+ "unknown operation \"%s\" for timeout #%d",
+ argv[ c ], c );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: %s.\n",
+ fname, lineno, buf );
return 1;
}
sep++;
@@ -638,22 +659,21 @@ meta_back_db_config(
sep = argv[ c ];
}
- val = strtoul( sep, &next, 10 );
- if ( next == sep || next[ 0 ] != '\0' ) {
- fprintf( stderr,
+ if ( lutil_parse_time( sep, &val ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to parse value \"%s\" for timeout.\n",
fname, lineno, sep );
return 1;
}
if ( t ) {
- *t = val;
+ *t = (time_t)val;
} else {
int i;
for ( i = 0; i < LDAP_BACK_OP_LAST; i++ ) {
- tv[ i ] = val;
+ tv[ i ] = (time_t)val;
}
}
}
@@ -664,16 +684,16 @@ meta_back_db_config(
struct berval dn;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing name in \"pseudorootdn <name>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -682,7 +702,7 @@ meta_back_db_config(
if ( dnNormalize( 0, NULL, NULL, &dn,
&mi->mi_targets[ i ].mt_pseudorootdn, NULL ) != LDAP_SUCCESS )
{
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"pseudoroot DN '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
return( 1 );
@@ -693,16 +713,16 @@ meta_back_db_config(
int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing password in \"pseudorootpw <password>\" line\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
ber_str2bv( argv[ 1 ], 0L, 1, &mi->mi_targets[ i ].mt_pseudorootpw );
@@ -714,9 +734,9 @@ meta_back_db_config(
struct berval dn, nvnc, pvnc, nrnc, prnc;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -732,15 +752,15 @@ meta_back_db_config(
* current server
*/
if ( argc != 3 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: syntax is \"suffixMassage <suffix> <massaged suffix>\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
ber_str2bv( argv[ 1 ], 0, 0, &dn );
if ( dnPrettyNormal( NULL, &dn, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"suffix '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -748,10 +768,10 @@ meta_back_db_config(
tmp_be = select_backend( &nvnc, 0, 0 );
if ( tmp_be != NULL && tmp_be != be ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: suffix already in use by another backend in"
" \"suffixMassage <suffix> <massaged suffix>\"\n",
- fname, lineno );
+ fname, lineno, 0 );
free( pvnc.bv_val );
free( nvnc.bv_val );
return 1;
@@ -759,9 +779,9 @@ meta_back_db_config(
ber_str2bv( argv[ 2 ], 0, 0, &dn );
if ( dnPrettyNormal( NULL, &dn, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
- fprintf( stderr, "%s: line %d: "
- "massaged suffix '%s' is invalid\n",
- fname, lineno, argv[ 2 ] );
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "massaged suffix '%s' is invalid\n",
+ fname, lineno, argv[ 2 ] );
free( pvnc.bv_val );
free( nvnc.bv_val );
return 1;
@@ -770,10 +790,10 @@ meta_back_db_config(
#if 0
tmp_be = select_backend( &nrnc, 0, 0 );
if ( tmp_be != NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: massaged suffix already in use by another backend in"
" \"suffixMassage <suffix> <massaged suffix>\"\n",
- fname, lineno );
+ fname, lineno, 0 );
free( pvnc.bv_val );
free( nvnc.bv_val );
free( prnc.bv_val );
@@ -803,9 +823,9 @@ meta_back_db_config(
int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
- fprintf( stderr, "%s: line %d: \"rewrite\" "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: \"rewrite\" "
"statement outside target definition.\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -817,9 +837,9 @@ meta_back_db_config(
int i = mi->mi_ntargets - 1;
if ( i < 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need \"uri\" directive first\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -832,9 +852,9 @@ meta_back_db_config(
int nretries = META_RETRY_UNDEFINED;
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: need value in \"nretries <value>\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -845,11 +865,8 @@ meta_back_db_config(
nretries = META_RETRY_NEVER;
} else {
- char *next;
-
- nretries = strtol( argv[ 1 ], &next, 10 );
- if ( next == argv[ 1 ] || next[ 0 ] != '\0' ) {
- fprintf( stderr,
+ if ( lutil_atoi( &nretries, argv[ 1 ] ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to parse value \"%s\" in \"nretries <value>\"\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -885,9 +902,9 @@ ldap_back_map_config(
int is_oc = 0;
if ( argc < 3 || argc > 4 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: syntax is \"map {objectclass | attribute} [<local> | *] {<foreign> | *}\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -899,10 +916,10 @@ ldap_back_map_config(
map = at_map;
} else {
- fprintf( stderr, "%s: line %d: syntax is "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: syntax is "
"\"map {objectclass | attribute} [<local> | *] "
"{<foreign> | *}\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -926,17 +943,17 @@ ldap_back_map_config(
&& ( strcasecmp( src, "objectclass" ) == 0
|| strcasecmp( dst, "objectclass" ) == 0 ) )
{
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: objectclass attribute cannot be mapped\n",
- fname, lineno );
+ fname, lineno, 0 );
}
mapping = (struct ldapmapping *)ch_calloc( 2,
sizeof(struct ldapmapping) );
if ( mapping == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: out of memory\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
ber_str2bv( src, 0, 1, &mapping[ 0 ].src );
@@ -950,7 +967,7 @@ ldap_back_map_config(
if ( is_oc ) {
if ( src[ 0 ] != '\0' ) {
if ( oc_bvfind( &mapping[ 0 ].src ) == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, source objectClass '%s' "
"should be defined in schema\n",
fname, lineno, src );
@@ -963,7 +980,7 @@ ldap_back_map_config(
}
if ( oc_bvfind( &mapping[ 0 ].dst ) == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, destination objectClass '%s' "
"is not defined in schema\n",
fname, lineno, dst );
@@ -976,7 +993,7 @@ ldap_back_map_config(
if ( src[ 0 ] != '\0' ) {
rc = slap_bv2ad( &mapping[ 0 ].src, &ad, &text );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, source attributeType '%s' "
"should be defined in schema\n",
fname, lineno, src );
@@ -992,10 +1009,14 @@ ldap_back_map_config(
rc = slap_bv2undef_ad( &mapping[ 0 ].src,
&ad, &text, SLAP_AD_PROXIED );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "%s: line %d: source attributeType '%s': %d (%s)\n",
- fname, lineno, src,
- rc, text ? text : "" );
+ char buf[ SLAP_TEXT_BUFLEN ];
+
+ snprintf( buf, sizeof( buf ),
+ "source attributeType \"%s\": %d (%s)",
+ src, rc, text ? text : "" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: %s\n",
+ fname, lineno, buf );
goto error_return;
}
}
@@ -1005,7 +1026,7 @@ ldap_back_map_config(
rc = slap_bv2ad( &mapping[ 0 ].dst, &ad, &text );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, destination attributeType '%s' "
"is not defined in schema\n",
fname, lineno, dst );
@@ -1018,10 +1039,14 @@ ldap_back_map_config(
rc = slap_bv2undef_ad( &mapping[ 0 ].dst,
&ad, &text, SLAP_AD_PROXIED );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "%s: line %d: source attributeType '%s': %d (%s)\n",
- fname, lineno, dst,
- rc, text ? text : "" );
+ char buf[ SLAP_TEXT_BUFLEN ];
+
+ snprintf( buf, sizeof( buf ),
+ "source attributeType \"%s\": %d (%s)\n",
+ dst, rc, text ? text : "" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: %s\n",
+ fname, lineno, buf );
return 1;
}
}
@@ -1030,9 +1055,9 @@ ldap_back_map_config(
if ( (src[ 0 ] != '\0' && avl_find( map->map, (caddr_t)&mapping[ 0 ], mapping_cmp ) != NULL)
|| avl_find( map->remap, (caddr_t)&mapping[ 1 ], mapping_cmp ) != NULL)
{
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: duplicate mapping found" SLAPD_CONF_UNKNOWN_IGNORED ".\n",
- fname, lineno );
+ fname, lineno, 0 );
goto error_return;
}
diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index caaff03b5a..772771abf9 100644
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -186,13 +186,13 @@ meta_back_freeconn(
assert( mc != NULL );
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
if ( --mc->mc_refcnt == 0 ) {
meta_back_conn_free( mc );
}
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
}
/*
@@ -444,13 +444,13 @@ meta_back_retry(
metasingleconn_t *msc = &mc->mc_conns[ candidate ];
retry_lock:;
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
assert( mc->mc_refcnt > 0 );
if ( mc->mc_refcnt == 1 ) {
while ( ldap_pvt_thread_mutex_trylock( &mc->mc_mutex ) ) {
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
ldap_pvt_thread_yield();
goto retry_lock;
}
@@ -483,7 +483,7 @@ retry_lock:;
mc->mc_tainted = 1;
}
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
return rc == LDAP_SUCCESS ? 1 : 0;
}
@@ -734,20 +734,20 @@ meta_back_getconn(
}
/* Searches for a metaconn in the avl tree */
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
- mc = (metaconn_t *)avl_find( mi->mi_conntree,
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
+ mc = (metaconn_t *)avl_find( mi->mi_conninfo.lai_tree,
(caddr_t)&mc_curr, meta_back_conn_cmp );
if ( mc ) {
if ( mc->mc_tainted ) {
rs->sr_err = LDAP_UNAVAILABLE;
rs->sr_text = "remote server unavailable";
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
return NULL;
}
mc->mc_refcnt++;
}
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
switch ( op->o_tag ) {
case LDAP_REQ_ADD:
@@ -927,13 +927,13 @@ meta_back_getconn(
/* Retries searching for a metaconn in the avl tree
* the reason is that the connection might have been
* created by meta_back_get_candidate() */
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
- mc = (metaconn_t *)avl_find( mi->mi_conntree,
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
+ mc = (metaconn_t *)avl_find( mi->mi_conninfo.lai_tree,
(caddr_t)&mc_curr, meta_back_conn_cmp );
if ( mc != NULL ) {
mc->mc_refcnt++;
}
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
/* Looks like we didn't get a bind. Open a new session... */
if ( mc == NULL ) {
@@ -1088,15 +1088,15 @@ done:;
/*
* Inserts the newly created metaconn in the avl tree
*/
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
- err = avl_insert( &mi->mi_conntree, ( caddr_t )mc,
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
+ err = avl_insert( &mi->mi_conninfo.lai_tree, ( caddr_t )mc,
meta_back_conn_cmp, meta_back_conn_dup );
#if PRINT_CONNTREE > 0
- myprint( mi->mi_conntree );
+ myprint( mi->mi_conninfo.lai_tree );
#endif /* PRINT_CONNTREE */
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
/*
* Err could be -1 in case a duplicate metaconn is inserted
@@ -1144,13 +1144,13 @@ meta_back_release_conn(
assert( mc != NULL );
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
assert( mc->mc_refcnt > 0 );
mc->mc_refcnt--;
if ( mc->mc_refcnt == 0 && mc->mc_tainted ) {
- (void)avl_delete( &mi->mi_conntree, ( caddr_t )mc,
+ (void)avl_delete( &mi->mi_conninfo.lai_tree, ( caddr_t )mc,
meta_back_conn_cmp );
meta_back_conn_free( mc );
}
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
}
diff --git a/servers/slapd/back-meta/dncache.c b/servers/slapd/back-meta/dncache.c
index ccaf446de6..1257862ee8 100644
--- a/servers/slapd/back-meta/dncache.c
+++ b/servers/slapd/back-meta/dncache.c
@@ -94,7 +94,6 @@ meta_dncache_get_target(
{
metadncacheentry_t tmp_entry,
*entry;
- time_t curr_time;
int target = META_TARGET_NONE;
assert( cache != NULL );
@@ -116,13 +115,7 @@ meta_dncache_get_target(
target = entry->target;
} else {
-
- /*
- * Need mutex?
- */
- curr_time = time( NULL );
-
- if ( entry->lastupdated+cache->ttl > curr_time ) {
+ if ( entry->lastupdated+cache->ttl > slap_get_time() ) {
target = entry->target;
}
}
@@ -158,11 +151,7 @@ meta_dncache_update_entry(
* else, cache is used with ttl
*/
if ( cache->ttl > 0 ) {
-
- /*
- * Need mutex?
- */
- curr_time = time( NULL );
+ curr_time = slap_get_time();
}
tmp_entry.dn = *ndn;
@@ -178,18 +167,23 @@ meta_dncache_update_entry(
} else {
entry = ch_malloc( sizeof( metadncacheentry_t ) + ndn->bv_len + 1 );
if ( entry == NULL ) {
- ldap_pvt_thread_mutex_unlock( &cache->mutex );
- return -1;
+ err = -1;
+ goto error_return;
}
+ entry->dn.bv_len = ndn->bv_len;
entry->dn.bv_val = (char *)&entry[ 1 ];
- AC_MEMCPY( entry->dn.bv_val, ndn->bv_val, ndn->bv_len + 1 );
+ AC_MEMCPY( entry->dn.bv_val, ndn->bv_val, ndn->bv_len );
+ entry->dn.bv_val[ ndn->bv_len ] = '\0';
+
entry->target = target;
entry->lastupdated = curr_time;
err = avl_insert( &cache->tree, ( caddr_t )entry,
meta_dncache_cmp, meta_dncache_dup );
}
+
+error_return:;
ldap_pvt_thread_mutex_unlock( &cache->mutex );
return err;
diff --git a/servers/slapd/back-meta/init.c b/servers/slapd/back-meta/init.c
index a978646f1f..627a26c27b 100644
--- a/servers/slapd/back-meta/init.c
+++ b/servers/slapd/back-meta/init.c
@@ -77,11 +77,10 @@ meta_back_db_init(
{
metainfo_t *mi;
- mi = ch_malloc( sizeof( metainfo_t ) );
+ mi = ch_calloc( 1, sizeof( metainfo_t ) );
if ( mi == NULL ) {
return -1;
}
- memset( mi, 0, sizeof( metainfo_t ) );
/*
* At present the default is no default target;
@@ -89,7 +88,7 @@ meta_back_db_init(
*/
mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
- ldap_pvt_thread_mutex_init( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_init( &mi->mi_conninfo.lai_mutex );
ldap_pvt_thread_mutex_init( &mi->mi_cache.mutex );
/* safe default */
@@ -222,10 +221,10 @@ meta_back_db_destroy(
/*
* Destroy the connection tree
*/
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
- if ( mi->mi_conntree ) {
- avl_free( mi->mi_conntree, meta_back_conn_free );
+ if ( mi->mi_conninfo.lai_tree ) {
+ avl_free( mi->mi_conninfo.lai_tree, meta_back_conn_free );
}
/*
@@ -248,8 +247,8 @@ meta_back_db_destroy(
ldap_pvt_thread_mutex_unlock( &mi->mi_cache.mutex );
ldap_pvt_thread_mutex_destroy( &mi->mi_cache.mutex );
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
- ldap_pvt_thread_mutex_destroy( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
+ ldap_pvt_thread_mutex_destroy( &mi->mi_conninfo.lai_mutex );
if ( mi->mi_candidates != NULL ) {
ber_memfree_x( mi->mi_candidates, NULL );
diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index dbcab08c8b..08f61b904d 100644
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -102,11 +102,9 @@ meta_back_search_start(
&op->o_req_ndn ) )
{
realbase = mi->mi_targets[ candidate ].mt_nsuffix;
-#ifdef LDAP_SCOPE_SUBORDINATE
if ( mi->mi_targets[ candidate ].mt_scope == LDAP_SCOPE_SUBORDINATE ) {
realscope = LDAP_SCOPE_SUBORDINATE;
}
-#endif /* LDAP_SCOPE_SUBORDINATE */
} else {
/*
@@ -116,9 +114,7 @@ meta_back_search_start(
}
break;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_ONELEVEL:
{
struct berval rdn = mi->mi_targets[ candidate ].mt_nsuffix;
@@ -132,16 +128,13 @@ meta_back_search_start(
* base, and make scope "base"
*/
realbase = mi->mi_targets[ candidate ].mt_nsuffix;
-#ifdef LDAP_SCOPE_SUBORDINATE
if ( op->ors_scope == LDAP_SCOPE_SUBORDINATE ) {
if ( mi->mi_targets[ candidate ].mt_scope == LDAP_SCOPE_SUBORDINATE ) {
realscope = LDAP_SCOPE_SUBORDINATE;
} else {
realscope = LDAP_SCOPE_SUBTREE;
}
- } else
-#endif /* LDAP_SCOPE_SUBORDINATE */
- {
+ } else {
realscope = LDAP_SCOPE_BASE;
}
break;
@@ -451,29 +444,30 @@ really_bad:;
candidates[ i ].sr_type = REP_RESULT;
}
- if ( --op->ors_slimit == -1 ) {
- ldap_msgfree( res );
- res = NULL;
+ is_ok++;
- rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
+ e = ldap_first_entry( msc->msc_ld, res );
+ savepriv = op->o_private;
+ op->o_private = (void *)i;
+ rs->sr_err = meta_send_entry( op, rs, mc, i, e );
+ ldap_msgfree( res );
+ res = NULL;
+
+ switch ( rc ) {
+ case LDAP_SIZELIMIT_EXCEEDED:
savepriv = op->o_private;
op->o_private = (void *)i;
send_ldap_result( op, rs );
op->o_private = savepriv;
+ rs->sr_err = LDAP_SUCCESS;
goto finish;
- }
-
- is_ok++;
- e = ldap_first_entry( msc->msc_ld, res );
- savepriv = op->o_private;
- op->o_private = (void *)i;
- meta_send_entry( op, rs, mc, i, e );
+ case LDAP_UNAVAILABLE:
+ rs->sr_err = LDAP_OTHER;
+ goto finish;
+ }
op->o_private = savepriv;
- ldap_msgfree( res );
- res = NULL;
-
gotit = 1;
#if 0
@@ -595,19 +589,22 @@ really_bad:;
/* massage matchedDN if need be */
if ( candidates[ i ].sr_matched != NULL ) {
+#ifndef LDAP_NULL_IS_NULL
if ( candidates[ i ].sr_matched[ 0 ] == '\0' ) {
ldap_memfree( (char *)candidates[ i ].sr_matched );
candidates[ i ].sr_matched = NULL;
- } else {
+ } else
+#endif /* LDAP_NULL_IS_NULL */
+ {
struct berval match, mmatch;
ber_str2bv( candidates[ i ].sr_matched,
0, 0, &match );
+ candidates[ i ].sr_matched = NULL;
dc.ctx = "matchedDN";
dc.target = &mi->mi_targets[ i ];
-
if ( !ldap_back_dn_massage( &dc, &match, &mmatch ) ) {
if ( mmatch.bv_val == match.bv_val ) {
candidates[ i ].sr_matched = ch_strdup( mmatch.bv_val );
@@ -622,12 +619,14 @@ really_bad:;
}
}
+#ifndef LDAP_NULL_IS_NULL
/* just get rid of the error message, if any */
if ( candidates[ i ].sr_text && candidates[ i ].sr_text[ 0 ] == '\0' )
{
ldap_memfree( (char *)candidates[ i ].sr_text );
candidates[ i ].sr_text = NULL;
}
+#endif /* LDAP_NULL_IS_NULL */
/* add references to array */
if ( references ) {
@@ -766,11 +765,24 @@ really_bad:;
/* we use the first one */
for ( i = 0; i < mi->mi_ntargets; i++ ) {
if ( candidates[ i ].sr_tag == META_CANDIDATE
- && candidates[ i ].sr_matched )
+ && candidates[ i ].sr_matched != NULL )
{
struct berval bv, pbv;
int rc;
+ /* if we got success, and this target
+ * returned noSuchObject, and its suffix
+ * is a superior of the searchBase,
+ * ignore the matchedDN */
+ if ( sres == LDAP_SUCCESS
+ && candidates[ i ].sr_err == LDAP_NO_SUCH_OBJECT
+ && op->o_req_ndn.bv_len > mi->mi_targets[ i ].mt_nsuffix.bv_len )
+ {
+ free( (char *)candidates[ i ].sr_matched );
+ candidates[ i ].sr_matched = NULL;
+ continue;
+ }
+
ber_str2bv( candidates[ i ].sr_matched, 0, 0, &bv );
rc = dnPretty( NULL, &bv, &pbv, op->o_tmpmemctx );
@@ -1137,7 +1149,12 @@ next_attr:;
rs->sr_entry = &ent;
rs->sr_attrs = op->ors_attrs;
rs->sr_flags = 0;
- send_search_entry( op, rs );
+ rc = send_search_entry( op, rs );
+ switch ( rc ) {
+ case LDAP_UNAVAILABLE:
+ rc = LDAP_OTHER;
+ break;
+ }
rs->sr_entry = NULL;
rs->sr_attrs = NULL;
@@ -1151,6 +1168,6 @@ next_attr:;
}
entry_clean( &ent );
- return LDAP_SUCCESS;
+ return rc;
}
diff --git a/servers/slapd/back-meta/unbind.c b/servers/slapd/back-meta/unbind.c
index a38bfa2b07..ed98015e57 100644
--- a/servers/slapd/back-meta/unbind.c
+++ b/servers/slapd/back-meta/unbind.c
@@ -50,10 +50,10 @@ meta_back_conn_destroy(
mc_curr.mc_conn = conn;
mc_curr.mc_local_ndn = conn->c_ndn;
- ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
- mc = avl_delete( &mi->mi_conntree, ( caddr_t )&mc_curr,
+ ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
+ mc = avl_delete( &mi->mi_conninfo.lai_tree, ( caddr_t )&mc_curr,
meta_back_conn_cmp );
- ldap_pvt_thread_mutex_unlock( &mi->mi_conn_mutex );
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
if ( mc ) {
Debug( LDAP_DEBUG_TRACE,
diff --git a/servers/slapd/back-monitor/database.c b/servers/slapd/back-monitor/database.c
index ae234a143b..6672c611cf 100644
--- a/servers/slapd/back-monitor/database.c
+++ b/servers/slapd/back-monitor/database.c
@@ -45,6 +45,9 @@ static int monitor_back_add_plugin( monitor_info_t *mi, Backend *be, Entry *e );
#if 0 && defined(SLAPD_LDBM)
#include "../back-ldbm/back-ldbm.h"
#endif /* defined(SLAPD_LDBM) */
+#if defined(SLAPD_META)
+#include "../back-meta/back-meta.h"
+#endif /* defined(SLAPD_META) */
/* for PATH_MAX on some systems (e.g. Solaris) */
#ifdef HAVE_LIMITS_H
@@ -300,34 +303,19 @@ monitor_subsys_database_init(
}
}
+
+ if ( 0 ) {
+ assert( 0 );
+
#if defined(SLAPD_BDB) || defined(SLAPD_HDB)
- if ( strcmp( bi->bi_type, "bdb" ) == 0
+ } else if ( strcmp( bi->bi_type, "bdb" ) == 0
|| strcmp( bi->bi_type, "hdb" ) == 0 )
{
struct berval bv;
ber_len_t pathlen = 0, len = 0;
char path[ PATH_MAX ] = { '\0' };
- char *fname = NULL;
-
- if ( strcmp( bi->bi_type, "bdb" ) == 0
- || strcmp( bi->bi_type, "hdb" ) == 0 )
- {
- struct bdb_info *bdb = (struct bdb_info *) be->be_private;
-
- fname = bdb->bi_dbenv_home;
-#if 0
- } else if ( strcmp( bi->bi_type, "ldbm" ) == 0 ) {
- struct ldbminfo *ldbm = (struct ldbminfo *) be->be_private;
-
- /* FIXME: there's a conflict
- * between back-bdb.h and back.ldbm.h;
- * anyway, this code will be moved
- * to the backends as soon as the
- * issue with filtering on namingContexts
- * is fixed */
- fname = ldbm->li_directory;
-#endif
- }
+ struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ char *fname = bdb->bi_dbenv_home;
len = strlen( fname );
if ( fname[ 0 ] != '/' ) {
@@ -363,22 +351,54 @@ monitor_subsys_database_init(
&bv, NULL );
ch_free( bv.bv_val );
- }
-#endif /* defined(SLAPD_LDAP) || defined(SLAPD_HDB) */
+#endif /* defined(SLAPD_BDB) || defined(SLAPD_HDB) */
#if defined(SLAPD_LDAP)
- if ( strcmp( bi->bi_type, "ldap" ) == 0 ) {
- struct ldapinfo *li =
- (struct ldapinfo *)be->be_private;
- struct berval bv;
+ } else if ( strcmp( bi->bi_type, "ldap" ) == 0 ) {
+ ldapinfo_t *li = (ldapinfo_t *)be->be_private;
+#if 0
+ attr_merge_normalize( e, slap_schema.si_ad_labeledURI,
+ li->li_bvuri, NULL );
+#else
+ char **urls = ldap_str2charray( li->li_uri, " " );
+ int u;
- ber_str2bv( li->url, 0, 0, &bv );
+ for ( u = 0; urls[ u ] != NULL; u++ ) {
+ struct berval bv;
+
+ ber_str2bv( urls[ u ], 0, 0, &bv );
+
+ attr_merge_normalize_one( e,
+ slap_schema.si_ad_labeledURI,
+ &bv, NULL );
+ }
+
+ ldap_charray_free( urls );
+#endif
- attr_merge_normalize_one( e,
- slap_schema.si_ad_labeledURI,
- &bv, NULL );
- }
#endif /* defined(SLAPD_LDAP) */
+#if defined(SLAPD_META)
+ } else if ( strcmp( bi->bi_type, "meta" ) == 0 ) {
+ metainfo_t *mi = (metainfo_t *)be->be_private;
+ int t;
+
+ for ( t = 0; t < mi->mi_ntargets; t++ ) {
+ char **urls = ldap_str2charray( mi->mi_targets[ t ].mt_uri, " " );
+ int u;
+
+ for ( u = 0; urls[ u ] != NULL; u++ ) {
+ struct berval bv;
+
+ ber_str2bv( urls[ u ], 0, 0, &bv );
+
+ attr_merge_normalize_one( e,
+ slap_schema.si_ad_labeledURI,
+ &bv, NULL );
+ }
+ ldap_charray_free( urls );
+ }
+#endif /* defined(SLAPD_META) */
+ }
j = -1;
LDAP_STAILQ_FOREACH( bi2, &backendInfo, bi_next ) {
diff --git a/servers/slapd/back-monitor/init.c b/servers/slapd/back-monitor/init.c
index e9332c79ed..14b3a60b88 100644
--- a/servers/slapd/back-monitor/init.c
+++ b/servers/slapd/back-monitor/init.c
@@ -1366,7 +1366,9 @@ monitor_back_initialize(
bi->bi_destroy = 0;
bi->bi_db_init = monitor_back_db_init;
+#if 0
bi->bi_db_config = monitor_back_db_config;
+#endif
bi->bi_db_open = monitor_back_db_open;
bi->bi_db_close = 0;
bi->bi_db_destroy = monitor_back_db_destroy;
@@ -1812,6 +1814,7 @@ monitor_back_config(
return SLAP_CONF_UNKNOWN;
}
+#if 0
int
monitor_back_db_config(
Backend *be,
@@ -1820,15 +1823,14 @@ monitor_back_db_config(
int argc,
char **argv )
{
-#if 0
monitor_info_t *mi = ( monitor_info_t * )be->be_private;
-#endif
/*
* eventually, will hold database specific configuration parameters
*/
return SLAP_CONF_UNKNOWN;
}
+#endif
int
monitor_back_db_destroy(
diff --git a/servers/slapd/back-monitor/search.c b/servers/slapd/back-monitor/search.c
index 591287d06c..ab5c475c07 100644
--- a/servers/slapd/back-monitor/search.c
+++ b/servers/slapd/back-monitor/search.c
@@ -113,7 +113,7 @@ monitor_send_children(
if ( rc == LDAP_COMPARE_TRUE ) {
rs->sr_entry = e;
rs->sr_flags = 0;
- send_search_entry( op, rs );
+ rc = send_search_entry( op, rs );
rs->sr_entry = NULL;
}
diff --git a/servers/slapd/back-perl/search.c b/servers/slapd/back-perl/search.c
index 33d4822553..3709ac18d2 100644
--- a/servers/slapd/back-perl/search.c
+++ b/servers/slapd/back-perl/search.c
@@ -84,10 +84,17 @@ perl_back_search(
send_entry = 1;
if (send_entry) {
+ int rc;
+
rs->sr_entry = e;
rs->sr_attrs = op->ors_attrs;
rs->sr_flags = REP_ENTRY_MODIFIABLE;
- send_search_entry( op, rs );
+ rs->sr_err = LDAP_SUCCESS;
+ rs->sr_err = send_search_entry( op, rs );
+ if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED ) {
+ rs->sr_entry = NULL;
+ goto done;
+ }
}
entry_free( e );
@@ -106,8 +113,7 @@ perl_back_search(
rs->sr_err = POPi;
-
-
+done:;
PUTBACK; FREETMPS; LEAVE;
}
diff --git a/servers/slapd/back-sql/entry-id.c b/servers/slapd/back-sql/entry-id.c
index 213fd7096c..9d33b9df72 100644
--- a/servers/slapd/back-sql/entry-id.c
+++ b/servers/slapd/back-sql/entry-id.c
@@ -27,6 +27,7 @@
#include <sys/types.h>
#include "ac/string.h"
+#include "lutil.h"
#include "slap.h"
#include "proto-sql.h"
@@ -250,43 +251,52 @@ backsql_dn2id(
if ( id != NULL ) {
struct berval dn;
+ id->eid_next = NULL;
+
#ifdef BACKSQL_ARBITRARY_KEY
ber_str2bv_x( row.cols[ 0 ], 0, 1, &id->eid_id,
op->o_tmpmemctx );
ber_str2bv_x( row.cols[ 1 ], 0, 1, &id->eid_keyval,
op->o_tmpmemctx );
#else /* ! BACKSQL_ARBITRARY_KEY */
- id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
- id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
+ if ( lutil_atoulx( &id->eid_id, row.cols[ 0 ], 0 ) != 0 ) {
+ res = LDAP_OTHER;
+ goto done;
+ }
+ if ( lutil_atoulx( &id->eid_keyval, row.cols[ 1 ], 0 ) != 0 ) {
+ res = LDAP_OTHER;
+ goto done;
+ }
#endif /* ! BACKSQL_ARBITRARY_KEY */
- id->eid_oc_id = strtol( row.cols[ 2 ], NULL, 0 );
+ if ( lutil_atoulx( &id->eid_oc_id, row.cols[ 2 ], 0 ) != 0 ) {
+ res = LDAP_OTHER;
+ goto done;
+ }
ber_str2bv( row.cols[ 3 ], 0, 0, &dn );
if ( backsql_api_odbc2dn( op, rs, &dn ) ) {
res = LDAP_OTHER;
-
- } else {
- res = dnPrettyNormal( NULL, &dn,
- &id->eid_dn, &id->eid_ndn,
- op->o_tmpmemctx );
- if ( res != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_TRACE,
- " backsql_dn2id(\"%s\"): "
- "dnPrettyNormal failed (%d: %s)\n",
- realndn.bv_val, res,
- ldap_err2string( res ) );
-
- /* cleanup... */
- (void)backsql_free_entryID( op, id, 0 );
- }
-
- if ( dn.bv_val != row.cols[ 3 ] ) {
- free( dn.bv_val );
- }
+ goto done;
+ }
+
+ res = dnPrettyNormal( NULL, &dn,
+ &id->eid_dn, &id->eid_ndn,
+ op->o_tmpmemctx );
+ if ( res != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_TRACE,
+ " backsql_dn2id(\"%s\"): "
+ "dnPrettyNormal failed (%d: %s)\n",
+ realndn.bv_val, res,
+ ldap_err2string( res ) );
+
+ /* cleanup... */
+ (void)backsql_free_entryID( op, id, 0 );
}
- id->eid_next = NULL;
+ if ( dn.bv_val != row.cols[ 3 ] ) {
+ free( dn.bv_val );
+ }
}
} else {
@@ -408,11 +418,28 @@ backsql_count_children(
char *end;
*nchildren = strtol( row.cols[ 0 ], &end, 0 );
- if ( end[ 0 ] != '\0' && end[0] != '.' ) {
- /* FIXME: braindead RDBMSes return
- * a fractional number from COUNT!
- */
+ if ( end == row.cols[ 0 ] ) {
res = LDAP_OTHER;
+
+ } else {
+ switch ( end[ 0 ] ) {
+ case '\0':
+ break;
+
+ case '.': {
+ unsigned long ul;
+
+ /* FIXME: braindead RDBMSes return
+ * a fractional number from COUNT!
+ */
+ if ( lutil_atoul( &ul, end + 1 ) != 0 || ul != 0 ) {
+ res = LDAP_OTHER;
+ }
+ } break;
+
+ default:
+ res = LDAP_OTHER;
+ }
}
} else {
diff --git a/servers/slapd/back-sql/schema-map.c b/servers/slapd/back-sql/schema-map.c
index 11056f039e..24342fcc66 100644
--- a/servers/slapd/back-sql/schema-map.c
+++ b/servers/slapd/back-sql/schema-map.c
@@ -27,6 +27,7 @@
#include <sys/types.h>
#include "ac/string.h"
+#include "lutil.h"
#include "slap.h"
#include "proto-sql.h"
@@ -316,7 +317,6 @@ backsql_oc_get_attr_mapping( void *v_oc, void *v_bas )
backsql_BindRowAsStrings( bas->bas_sth, &at_row );
for ( ; rc = SQLFetch( bas->bas_sth ), BACKSQL_SUCCESS( rc ); ) {
const char *text = NULL;
- char *next = NULL;
struct berval bv;
struct berbuf bb = BB_NULL;
@@ -377,14 +377,10 @@ backsql_oc_get_attr_mapping( void *v_oc, void *v_bas )
if ( at_row.value_len[ 5 ] > 0 ) {
at_map->bam_delete_proc = ch_strdup( at_row.cols[ 5 ] );
}
- at_map->bam_param_order = strtol( at_row.cols[ 6 ],
- &next, 0 );
- if ( next == at_row.cols[ 6 ] || next[0] != '\0' ) {
+ if ( lutil_atoix( &at_map->bam_param_order, at_row.cols[ 6 ], 0 ) != 0 ) {
/* error */
}
- at_map->bam_expect_return = strtol( at_row.cols[ 7 ],
- &next, 0 );
- if ( next == at_row.cols[ 7 ] || next[0] != '\0' ) {
+ if ( lutil_atoix( &at_map->bam_expect_return, at_row.cols[ 7 ], 0 ) != 0 ) {
/* error */
}
backsql_make_attr_query( bas->bas_bi, oc_map, at_map );
@@ -485,7 +481,12 @@ backsql_load_schema_map( backsql_info *bi, SQLHDBC dbh )
oc_map = (backsql_oc_map_rec *)ch_calloc( 1,
sizeof( backsql_oc_map_rec ) );
- oc_map->bom_id = strtol( oc_row.cols[ 0 ], NULL, 0 );
+ if ( lutil_atoulx( &oc_map->bom_id, oc_row.cols[ 0 ], 0 ) != 0 ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_load_schema_map(): "
+ "unable to parse id=\"%s\"\n",
+ oc_row.cols[ 0 ], 0, 0 );
+ return LDAP_OTHER;
+ }
oc_map->bom_oc = oc_find( oc_row.cols[ 1 ] );
if ( oc_map->bom_oc == NULL ) {
@@ -508,8 +509,12 @@ backsql_load_schema_map( backsql_info *bi, SQLHDBC dbh )
}
oc_map->bom_delete_proc = ( oc_row.value_len[ colnum ] < 0 ) ? NULL
: ch_strdup( oc_row.cols[ colnum ] );
- oc_map->bom_expect_return = strtol( oc_row.cols[ colnum + 1 ],
- NULL, 0 );
+ if ( lutil_atoix( &oc_map->bom_expect_return, oc_row.cols[ colnum + 1 ], 0 ) != 0 ) {
+ Debug( LDAP_DEBUG_TRACE, "backsql_load_schema_map(): "
+ "unable to parse expect_return=\"%s\" for objectClass \"%s\"\n",
+ oc_row.cols[ colnum + 1 ], oc_row.cols[ 1 ], 0 );
+ return LDAP_OTHER;
+ }
colnum += 2;
if ( ( oc_row.ncols > colnum ) &&
diff --git a/servers/slapd/back-sql/search.c b/servers/slapd/back-sql/search.c
index 2fe00acb2c..ba54bef33b 100644
--- a/servers/slapd/back-sql/search.c
+++ b/servers/slapd/back-sql/search.c
@@ -28,6 +28,7 @@
#include "ac/string.h"
#include "ac/ctype.h"
+#include "lutil.h"
#include "slap.h"
#include "proto-sql.h"
@@ -1435,9 +1436,7 @@ backsql_srch_query( backsql_srch_info *bsi, struct berval *query )
"ldap_entries.parent=?" );
break;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_SUBTREE:
if ( BACKSQL_USE_SUBTREE_SHORTCUT( bi ) ) {
int i;
@@ -1678,9 +1677,7 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
}
break;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif /* LDAP_SCOPE_SUBORDINATE */
case LDAP_SCOPE_SUBTREE:
{
/* if short-cutting the search base,
@@ -1719,11 +1716,9 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
tmp_base_ndn[ i ] = bsi->bsi_base_ndn->bv_val[ j ];
}
-#ifdef LDAP_SCOPE_SUBORDINATE
if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
tmp_base_ndn[ i++ ] = ',';
}
-#endif /* LDAP_SCOPE_SUBORDINATE */
tmp_base_ndn[ i ] = '%';
tmp_base_ndn[ i + 1 ] = '\0';
@@ -1733,11 +1728,9 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
tmp_base_ndn[ i++ ] = '%';
-#ifdef LDAP_SCOPE_SUBORDINATE
if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
tmp_base_ndn[ i++ ] = ',';
}
-#endif /* LDAP_SCOPE_SUBORDINATE */
AC_MEMCPY( &tmp_base_ndn[ i ], bsi->bsi_base_ndn->bv_val,
bsi->bsi_base_ndn->bv_len + 1 );
@@ -1749,13 +1742,10 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
ldap_pvt_str2upper( tmp_base_ndn );
}
-#ifdef LDAP_SCOPE_SUBORDINATE
if ( bsi->bsi_scope == LDAP_SCOPE_SUBORDINATE ) {
Debug( LDAP_DEBUG_TRACE, "(children)dn: \"%s\"\n",
tmp_base_ndn, 0, 0 );
- } else
-#endif /* LDAP_SCOPE_SUBORDINATE */
- {
+ } else {
Debug( LDAP_DEBUG_TRACE, "(sub)dn: \"%s\"\n",
tmp_base_ndn, 0, 0 );
}
@@ -1828,21 +1818,23 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
}
if ( bi->sql_baseObject && dn_match( &ndn, &bi->sql_baseObject->e_nname ) ) {
- op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
- op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
- continue;
+ goto cleanup;
}
- c_id = (backsql_entryID *)ch_calloc( 1,
- sizeof( backsql_entryID ) );
+ c_id = (backsql_entryID *)op->o_tmpcalloc( 1,
+ sizeof( backsql_entryID ), op->o_tmpmemctx );
#ifdef BACKSQL_ARBITRARY_KEY
ber_str2bv_x( row.cols[ 0 ], 0, 1, &c_id->eid_id,
op->o_tmpmemctx );
ber_str2bv_x( row.cols[ 1 ], 0, 1, &c_id->eid_keyval,
op->o_tmpmemctx );
#else /* ! BACKSQL_ARBITRARY_KEY */
- c_id->eid_id = strtol( row.cols[ 0 ], NULL, 0 );
- c_id->eid_keyval = strtol( row.cols[ 1 ], NULL, 0 );
+ if ( lutil_atoulx( &c_id->eid_id, row.cols[ 0 ], 0 ) != 0 ) {
+ goto cleanup;
+ }
+ if ( lutil_atoulx( &c_id->eid_keyval, row.cols[ 1 ], 0 ) != 0 ) {
+ goto cleanup;
+ }
#endif /* ! BACKSQL_ARBITRARY_KEY */
c_id->eid_oc_id = bsi->bsi_oc->bom_id;
@@ -1870,6 +1862,18 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi )
if ( bsi->bsi_n_candidates == -1 ) {
break;
}
+ continue;
+
+cleanup:;
+ if ( !BER_BVISNULL( &pdn ) ) {
+ op->o_tmpfree( pdn.bv_val, op->o_tmpmemctx );
+ }
+ if ( !BER_BVISNULL( &ndn ) ) {
+ op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
+ }
+ if ( c_id != NULL ) {
+ ch_free( c_id );
+ }
}
backsql_FreeRow_x( &row, bsi->bsi_op->o_tmpmemctx );
SQLFreeStmt( sth, SQL_DROP );
@@ -1897,7 +1901,7 @@ backsql_search( Operation *op, SlapReply *rs )
Debug( LDAP_DEBUG_TRACE, "==>backsql_search(): "
"base=\"%s\", filter=\"%s\", scope=%d,",
op->o_req_ndn.bv_val,
- op->ors_filterstr.bv_val ? op->ors_filterstr.bv_val : "(no filter)",
+ op->ors_filterstr.bv_val,
op->ors_scope );
Debug( LDAP_DEBUG_TRACE, " deref=%d, attrsonly=%d, "
"attributes to load: %s\n",
@@ -2142,15 +2146,12 @@ backsql_search( Operation *op, SlapReply *rs )
/* fall thru */
}
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
/* discard the baseObject entry */
if ( dn_match( &eid->eid_ndn, &op->o_req_ndn ) ) {
goto next_entry2;
}
- /* FALLTHRU */
-#endif /* LDAP_SCOPE_SUBORDINATE */
-
+ /* FALLTHRU */
case LDAP_SCOPE_SUBTREE:
/* FIXME: this should never fail... */
if ( !dnIsSuffix( &eid->eid_ndn, &op->o_req_ndn ) ) {
@@ -2305,24 +2306,18 @@ backsql_search( Operation *op, SlapReply *rs )
if ( test_filter( op, e, op->ors_filter ) == LDAP_COMPARE_TRUE )
{
- if ( --op->ors_slimit == -1 ) {
- rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
- goto send_results;
- }
-
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
rs->sr_entry = e;
- if ( e == &user_entry ) {
- rs->sr_flags = REP_ENTRY_MODIFIABLE;
- }
+ rs->sr_flags = ( e == &user_entry ) ? REP_ENTRY_MODIFIABLE : 0;
/* FIXME: need the whole entry (ITS#3480) */
- sres = send_search_entry( op, rs );
+ rs->sr_err = send_search_entry( op, rs );
rs->sr_entry = NULL;
rs->sr_attrs = NULL;
rs->sr_operational_attrs = NULL;
- if ( sres == -1 ) {
+ switch ( rs->sr_err ) {
+ case LDAP_UNAVAILABLE:
/*
* FIXME: send_search_entry failed;
* better stop
@@ -2330,6 +2325,9 @@ backsql_search( Operation *op, SlapReply *rs )
Debug( LDAP_DEBUG_TRACE, "backsql_search(): "
"connection lost\n", 0, 0, 0 );
goto end_of_search;
+
+ case LDAP_SIZELIMIT_EXCEEDED:
+ goto send_results;
}
}
diff --git a/servers/slapd/back-sql/util.c b/servers/slapd/back-sql/util.c
index 316f2bc5ee..361a465ebe 100644
--- a/servers/slapd/back-sql/util.c
+++ b/servers/slapd/back-sql/util.c
@@ -544,7 +544,9 @@ backsql_entryUUID_decode(
#endif /* ! BACKSQL_ARBITRARY_KEY */
)
{
+#if 0
fprintf( stderr, "==> backsql_entryUUID_decode()\n" );
+#endif
*oc_id = ( entryUUID->bv_val[0] << 030 /* 24 */ )
+ ( entryUUID->bv_val[1] << 020 /* 16 */ )
@@ -560,8 +562,10 @@ backsql_entryUUID_decode(
+ entryUUID->bv_val[7];
#endif /* ! BACKSQL_ARBITRARY_KEY */
+#if 0
fprintf( stderr, "<== backsql_entryUUID_decode(): oc=%lu id=%lu\n",
*oc_id, *keyval );
+#endif
return LDAP_SUCCESS;
}
diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index 97cd302a34..35f4f2336d 100644
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -1311,14 +1311,12 @@ fe_acl_group(
goto loopit;
}
break;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
if ( dn_match( &nbase, op_ndn ) ||
!dnIsSuffix( op_ndn, &nbase ) )
{
goto loopit;
}
-#endif
}
filter = str2filter_x( op, ludp->lud_filter );
if ( filter ) {
diff --git a/servers/slapd/backglue.c b/servers/slapd/backglue.c
index 99d88b0816..ec2f78ac17 100644
--- a/servers/slapd/backglue.c
+++ b/servers/slapd/backglue.c
@@ -79,7 +79,6 @@ glue_back_select (
typedef struct glue_state {
int err;
- int slimit;
int matchlen;
char *matched;
int nrefs;
@@ -93,13 +92,6 @@ glue_op_response ( Operation *op, SlapReply *rs )
switch(rs->sr_type) {
case REP_SEARCH:
- if ( gs->slimit != SLAP_NO_LIMIT
- && rs->sr_nentries >= gs->slimit )
- {
- rs->sr_err = gs->err = LDAP_SIZELIMIT_EXCEEDED;
- return -1;
- }
- /* fallthru */
case REP_SEARCHREF:
return SLAP_CB_CONTINUE;
@@ -242,9 +234,9 @@ glue_op_search ( Operation *op, SlapReply *rs )
BackendInfo *bi0 = op->o_bd->bd_info;
int i;
long stoptime = 0;
- glue_state gs = {0, 0, 0, NULL, 0, NULL};
+ glue_state gs = {0, 0, NULL, 0, NULL};
slap_callback cb = { NULL, glue_op_response, NULL, NULL };
- int scope0, slimit0, tlimit0;
+ int scope0, tlimit0;
struct berval dn, ndn, *pdn;
cb.sc_private = &gs;
@@ -266,9 +258,7 @@ glue_op_search ( Operation *op, SlapReply *rs )
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE: /* FIXME */
-#endif
#if 0
if ( op->o_sync ) {
@@ -285,7 +275,6 @@ glue_op_search ( Operation *op, SlapReply *rs )
op->o_callback = &cb;
rs->sr_err = gs.err = LDAP_UNWILLING_TO_PERFORM;
scope0 = op->ors_scope;
- slimit0 = gs.slimit = op->ors_slimit;
tlimit0 = op->ors_tlimit;
dn = op->o_req_dn;
ndn = op->o_req_ndn;
@@ -313,13 +302,6 @@ glue_op_search ( Operation *op, SlapReply *rs )
break;
}
}
- if (slimit0 != SLAP_NO_LIMIT) {
- op->ors_slimit = slimit0 - rs->sr_nentries;
- if (op->ors_slimit < 0) {
- rs->sr_err = gs.err = LDAP_SIZELIMIT_EXCEEDED;
- break;
- }
- }
rs->sr_err = 0;
/*
* check for abandon
@@ -380,7 +362,6 @@ glue_op_search ( Operation *op, SlapReply *rs )
}
end_of_loop:;
op->ors_scope = scope0;
- op->ors_slimit = slimit0;
op->ors_tlimit = tlimit0;
op->o_req_dn = dn;
op->o_req_ndn = ndn;
diff --git a/servers/slapd/backover.c b/servers/slapd/backover.c
index 054edbe11a..b87500ebc2 100644
--- a/servers/slapd/backover.c
+++ b/servers/slapd/backover.c
@@ -137,6 +137,9 @@ over_db_config(
ca.fname = fname;
ca.lineno = lineno;
ca.be = be;
+ snprintf( ca.log, sizeof( ca.log ), "%s: line %d",
+ ca.fname, ca.lineno );
+
for (; on; on=on->on_next) {
rc = SLAP_CONF_UNKNOWN;
if (on->on_bi.bi_cf_ocs) {
@@ -249,7 +252,7 @@ over_access_allowed(
{
slap_overinfo *oi;
slap_overinst *on;
- BackendInfo *bi = op->o_bd->bd_info;
+ BackendInfo *bi;
BackendDB *be = op->o_bd, db;
int rc = SLAP_CB_CONTINUE;
@@ -257,7 +260,13 @@ over_access_allowed(
* when global overlays are used... */
assert( op->o_bd != NULL );
- oi = op->o_bd->bd_info->bi_private;
+ bi = op->o_bd->bd_info;
+ /* Were we invoked on the frontend? */
+ if ( !bi->bi_access_allowed ) {
+ oi = frontendDB->bd_info->bi_private;
+ } else {
+ oi = op->o_bd->bd_info->bi_private;
+ }
on = oi->oi_list;
for ( ; on; on = on->on_next ) {
@@ -795,7 +804,6 @@ overlay_is_inst( BackendDB *be, const char *over_type )
int
overlay_register_control( BackendDB *be, const char *oid )
{
- int rc = 0;
int gotit = 0;
int cid;
@@ -818,12 +826,12 @@ overlay_register_control( BackendDB *be, const char *oid )
}
- if ( rc == 0 && !gotit ) {
+ if ( !gotit ) {
be->be_ctrls[ cid ] = 1;
be->be_ctrls[ SLAP_MAX_CIDS ] = 1;
}
- return rc;
+ return 0;
}
void
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 688d6e815b..16bd6cfe6c 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -1489,7 +1489,6 @@ config_schema_dn(ConfigArgs *c) {
static int
config_sizelimit(ConfigArgs *c) {
int i, rc = 0;
- char *next;
struct slap_limits_set *lim = &c->be->be_def_limit;
if (c->op == SLAP_CONFIG_EMIT) {
char buf[8192];
@@ -1525,20 +1524,11 @@ config_sizelimit(ConfigArgs *c) {
if(!strcasecmp(c->argv[i], "unlimited")) {
lim->lms_s_soft = -1;
} else {
- lim->lms_s_soft = strtol(c->argv[i], &next, 0);
- if(next == c->argv[i]) {
+ if ( lutil_atoix( &lim->lms_s_soft, c->argv[i], 0 ) != 0 ) {
snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse limit", c->argv[0]);
Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, c->argv[i]);
return(1);
- } else if(next[0] != '\0') {
- Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: "
- "trailing chars \"%s\" in \"sizelimit <limit>\" line"
- SLAPD_CONF_UNKNOWN_IGNORED ".\n",
- c->log, next, 0);
-#ifdef SLAPD_CONF_UNKNOWN_BAILOUT
- return 1;
-#endif /* SLAPD_CONF_UNKNOWN_BAILOUT */
}
}
lim->lms_s_hard = 0;
@@ -1550,7 +1540,6 @@ config_sizelimit(ConfigArgs *c) {
static int
config_timelimit(ConfigArgs *c) {
int i, rc = 0;
- char *next;
struct slap_limits_set *lim = &c->be->be_def_limit;
if (c->op == SLAP_CONFIG_EMIT) {
char buf[8192];
@@ -1582,20 +1571,11 @@ config_timelimit(ConfigArgs *c) {
if(!strcasecmp(c->argv[i], "unlimited")) {
lim->lms_t_soft = -1;
} else {
- lim->lms_t_soft = strtol(c->argv[i], &next, 0);
- if(next == c->argv[i]) {
+ if ( lutil_atoix( &lim->lms_t_soft, c->argv[i], 0 ) != 0 ) {
snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse limit", c->argv[0]);
Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, c->argv[i]);
return(1);
- } else if(next[0] != '\0') {
- Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: "
- "trailing chars \"%s\" in \"timelimit <limit>\" line"
- SLAPD_CONF_UNKNOWN_IGNORED ".\n",
- c->log, next, 0);
-#ifdef SLAPD_CONF_UNKNOWN_BAILOUT
- return 1;
-#endif /* SLAPD_CONF_UNKNOWN_BAILOUT */
}
}
lim->lms_t_hard = 0;
@@ -2155,7 +2135,6 @@ static int config_syslog;
static int
config_loglevel(ConfigArgs *c) {
int i;
- char *next;
if ( loglevel_ops == NULL ) {
loglevel_init();
@@ -2186,8 +2165,7 @@ config_loglevel(ConfigArgs *c) {
int level;
if ( isdigit( c->argv[i][0] ) || c->argv[i][0] == '-' ) {
- level = strtol( c->argv[i], &next, 10 );
- if ( next == NULL || next[0] != '\0' ) {
+ if( lutil_atoi( &level, c->argv[i] ) != 0 ) {
snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse level", c->argv[0] );
Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, c->argv[i]);
@@ -2308,8 +2286,7 @@ config_security(ConfigArgs *c) {
return(1);
}
- *tgt = strtol(src, &next, 10);
- if(next == NULL || next[0] != '\0' ) {
+ if ( lutil_atou( tgt, src ) != 0 ) {
snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse factor", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, c->argv[i]);
@@ -2568,8 +2545,32 @@ config_updatedn(ConfigArgs *c) {
BER_BVZERO( &c->value_dn );
BER_BVZERO( &c->value_ndn );
- SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SLURP_SHADOW);
- return(0);
+ return config_slurp_shadow( c );
+}
+
+int
+config_shadow( ConfigArgs *c, int flag )
+{
+ char *notallowed = NULL;
+
+ if ( c->be == frontendDB ) {
+ notallowed = "frontend";
+
+ } else if ( SLAP_MONITOR(c->be) ) {
+ notallowed = "monitor";
+
+ } else if ( SLAP_CONFIG(c->be) ) {
+ notallowed = "config";
+ }
+
+ if ( notallowed != NULL ) {
+ Debug( LDAP_DEBUG_ANY, "%s: %s database cannot be shadow.\n", c->log, notallowed, 0 );
+ return 1;
+ }
+
+ SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | flag);
+
+ return 0;
}
static int
@@ -2718,8 +2719,13 @@ config_tls_config(ConfigArgs *c) {
return ldap_pvt_tls_set_option( NULL, flag, &i );
}
ch_free( c->value_string );
- if(isdigit((unsigned char)c->argv[1][0])) {
- i = atoi(c->argv[1]);
+ if ( isdigit( (unsigned char)c->argv[1][0] ) ) {
+ if ( lutil_atoi( &i, c->argv[1] ) != 0 ) {
+ Debug(LDAP_DEBUG_ANY, "%s: "
+ "unable to parse %s \"%s\"\n",
+ c->log, c->argv[0], c->argv[1] );
+ return 1;
+ }
return(ldap_pvt_tls_set_option(NULL, flag, &i));
} else {
return(ldap_int_tls_config(NULL, flag, c->argv[1]));
@@ -2822,8 +2828,12 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) {
cfb->cb_db.be_suffix = be->be_suffix;
cfb->cb_db.be_nsuffix = be->be_nsuffix;
- cfb->cb_db.be_rootdn = be->be_rootdn;
- cfb->cb_db.be_rootndn = be->be_rootndn;
+
+ /* The suffix is always "cn=config". The underlying DB's rootdn
+ * is always the same as the suffix.
+ */
+ cfb->cb_db.be_rootdn = be->be_suffix[0];
+ cfb->cb_db.be_rootndn = be->be_nsuffix[0];
ber_str2bv( dir, 0, 1, &cfdir );
@@ -2859,8 +2869,8 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) {
op->ors_filterstr = filterstr;
op->ors_scope = LDAP_SCOPE_SUBTREE;
- op->o_dn = be->be_rootdn;
- op->o_ndn = be->be_rootndn;
+ op->o_dn = c.be->be_rootdn;
+ op->o_ndn = c.be->be_rootndn;
op->o_req_dn = be->be_suffix[0];
op->o_req_ndn = be->be_nsuffix[0];
@@ -2882,7 +2892,9 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) {
ldap_pvt_thread_pool_context_reset( thrctx );
}
- cfb->cb_use_ldif = 1;
+ /* ITS#4194 - only use if it's present, or we're converting. */
+ if ( !readit || rc == LDAP_SUCCESS )
+ cfb->cb_use_ldif = 1;
return rc;
}
@@ -2950,9 +2962,16 @@ read_config(const char *fname, const char *dir) {
/* if fname is defaulted, try reading .d */
rc = config_setup_ldif( be, cfdir, !fname );
- /* It's OK if the base object doesn't exist yet */
- if ( rc && rc != LDAP_NO_SUCH_OBJECT )
- return 1;
+ if ( rc ) {
+ /* It may be OK if the base object doesn't exist yet. */
+ if ( rc != LDAP_NO_SUCH_OBJECT )
+ return 1;
+ /* ITS#4194: But if dir was specified and no fname,
+ * then we were supposed to read the dir.
+ */
+ if ( dir && !fname )
+ return 1;
+ }
/* If we read the config from back-ldif, nothing to do here */
if ( cfb->cb_got_ldif ) {
@@ -3030,6 +3049,7 @@ config_send( Operation *op, SlapReply *rs, CfEntryInfo *ce, int depth )
{
rs->sr_attrs = op->ors_attrs;
rs->sr_entry = ce->ce_entry;
+ rs->sr_flags = 0;
rc = send_search_entry( op, rs );
}
if ( op->ors_scope == LDAP_SCOPE_SUBTREE ) {
@@ -3183,13 +3203,17 @@ check_name_index( CfEntryInfo *parent, ConfigType ce_type, Entry *e,
dnRdn( &e->e_name, &rdn );
ptr1 = ber_bvchr( &e->e_name, '{' );
if ( ptr1 && ptr1 - e->e_name.bv_val < rdn.bv_len ) {
+ char *next;
ptr2 = strchr( ptr1, '}' );
if (!ptr2 || ptr2 - e->e_name.bv_val > rdn.bv_len)
return LDAP_NAMING_VIOLATION;
if ( ptr2-ptr1 == 1)
return LDAP_NAMING_VIOLATION;
gotindex = 1;
- index = atoi(ptr1+1);
+ index = strtol( ptr1 + 1, &next, 10 );
+ if ( next == ptr1 + 1 || next[ 0 ] != '}' ) {
+ return LDAP_NAMING_VIOLATION;
+ }
if ( index < 0 ) {
/* Special case, we allow -1 for the frontendDB */
if ( index != -1 || ce_type != Cft_Database ||
@@ -3612,17 +3636,23 @@ config_back_add( Operation *op, SlapReply *rs )
} else if ( cfb->cb_use_ldif ) {
BackendDB *be = op->o_bd;
slap_callback sc = { NULL, slap_null_cb, NULL, NULL };
+ struct berval dn, ndn;
+
op->o_bd = &cfb->cb_db;
- /* FIXME: there must be a better way. */
- if ( ber_bvcmp( &op->o_bd->be_rootndn, &be->be_rootndn )) {
- op->o_bd->be_rootdn = be->be_rootdn;
- op->o_bd->be_rootndn= be->be_rootndn;
- }
+
+ /* Save current rootdn; use the underlying DB's rootdn */
+ dn = op->o_dn;
+ ndn = op->o_ndn;
+ op->o_dn = op->o_bd->be_rootdn;
+ op->o_ndn = op->o_bd->be_rootndn;
+
sc.sc_next = op->o_callback;
op->o_callback = ≻
op->o_bd->be_add( op, rs );
op->o_bd = be;
op->o_callback = sc.sc_next;
+ op->o_dn = dn;
+ op->o_ndn = ndn;
}
if ( renumber ) {
}
@@ -3731,9 +3761,13 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
}
for ( i=0; !BER_BVISNULL( &ml->sml_values[i] ); i++ ) {
if ( ml->sml_values[i].bv_val[0] == '{' &&
- navals >= 0 ) {
- int j = strtol( ml->sml_values[i].bv_val+1, NULL, 0 );
- if ( j < navals ) {
+ navals >= 0 )
+ {
+ char *next, *val = ml->sml_values[i].bv_val + 1;
+ int j;
+
+ j = strtol( val, &next, 0 );
+ if ( next == val || next[ 0 ] != '}' || j < navals ) {
rc = LDAP_OTHER;
snprintf(ca->msg, sizeof(ca->msg), "cannot insert %s",
ml->sml_desc->ad_cname.bv_val );
@@ -3851,10 +3885,17 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
ca->line = ml->sml_values[i].bv_val;
ca->valx = -1;
if ( ml->sml_desc->ad_type->sat_flags & SLAP_AT_ORDERED &&
- ca->line[0] == '{' ) {
- ptr = strchr( ca->line, '}' );
+ ca->line[0] == '{' )
+ {
+ ptr = strchr( ca->line + 1, '}' );
if ( ptr ) {
- ca->valx = strtol( ca->line+1, NULL, 0 );
+ char *next;
+
+ ca->valx = strtol( ca->line + 1, &next, 0 );
+ if ( next == ca->line + 1 || next[ 0 ] != '}' ) {
+ rc = LDAP_OTHER;
+ goto out;
+ }
ca->line = ptr+1;
}
}
@@ -3941,16 +3982,22 @@ config_back_modify( Operation *op, SlapReply *rs )
} else if ( cfb->cb_use_ldif ) {
BackendDB *be = op->o_bd;
slap_callback sc = { NULL, slap_null_cb, NULL, NULL };
+ struct berval dn, ndn;
+
op->o_bd = &cfb->cb_db;
- if ( ber_bvcmp( &op->o_bd->be_rootndn, &be->be_rootndn )) {
- op->o_bd->be_rootdn = be->be_rootdn;
- op->o_bd->be_rootndn= be->be_rootndn;
- }
+
+ dn = op->o_dn;
+ ndn = op->o_ndn;
+ op->o_dn = op->o_bd->be_rootdn;
+ op->o_ndn = op->o_bd->be_rootndn;
+
sc.sc_next = op->o_callback;
op->o_callback = ≻
op->o_bd->be_modify( op, rs );
op->o_bd = be;
op->o_callback = sc.sc_next;
+ op->o_dn = dn;
+ op->o_ndn = ndn;
}
ldap_pvt_thread_pool_resume( &connection_pool );
@@ -4247,7 +4294,7 @@ config_back_db_open( BackendDB *be )
struct berval rdn;
Entry *e, *parent;
CfEntryInfo *ce, *ceparent;
- int i;
+ int i, unsupp = 0;
BackendInfo *bi;
ConfigArgs c;
Connection conn = {0};
@@ -4266,12 +4313,11 @@ config_back_db_open( BackendDB *be )
op = (Operation *) &opbuf;
connection_fake_init( &conn, op, thrctx );
- op->o_dn = be->be_rootdn;
- op->o_ndn = be->be_rootndn;
-
op->o_tag = LDAP_REQ_ADD;
op->o_callback = &cb;
op->o_bd = &cfb->cb_db;
+ op->o_dn = op->o_bd->be_rootdn;
+ op->o_ndn = op->o_bd->be_rootndn;
} else {
op = NULL;
}
@@ -4323,7 +4369,16 @@ config_back_db_open( BackendDB *be )
c.line = 0;
LDAP_STAILQ_FOREACH( bi, &backendInfo, bi_next) {
- if (!bi->bi_cf_ocs) continue;
+ if (!bi->bi_cf_ocs) {
+ /* If it only supports the old config mech, complain. */
+ if ( bi->bi_config ) {
+ Debug( LDAP_DEBUG_ANY,
+ "WARNING: No dynamic config support for backend %s.\n",
+ bi->bi_type, 0, 0 );
+ unsupp++;
+ }
+ continue;
+ }
if (!bi->bi_private) continue;
rdn.bv_val = c.log;
@@ -4350,6 +4405,16 @@ config_back_db_open( BackendDB *be )
} else {
bi = be->bd_info;
}
+
+ /* If this backend supports the old config mechanism, but not
+ * the new mech, complain.
+ */
+ if ( !be->be_cf_ocs && bi->bi_db_config ) {
+ Debug( LDAP_DEBUG_ANY,
+ "WARNING: No dynamic config support for database %s.\n",
+ bi->bi_type, 0, 0 );
+ unsupp++;
+ }
rdn.bv_val = c.log;
rdn.bv_len = snprintf(rdn.bv_val, sizeof( c.log ),
"%s=" SLAP_X_ORDERED_FMT "%s", cfAd_database->ad_cname.bv_val,
@@ -4371,6 +4436,12 @@ config_back_db_open( BackendDB *be )
int j;
for (j=0,on=oi->oi_list; on; j++,on=on->on_next) {
+ if ( on->on_bi.bi_db_config && !on->on_bi.bi_cf_ocs ) {
+ Debug( LDAP_DEBUG_ANY,
+ "WARNING: No dynamic config support for overlay %s.\n",
+ on->on_bi.bi_type, 0, 0 );
+ unsupp++;
+ }
rdn.bv_val = c.log;
rdn.bv_len = snprintf(rdn.bv_val, sizeof( c.log ),
"%s=" SLAP_X_ORDERED_FMT "%s",
@@ -4390,6 +4461,11 @@ config_back_db_open( BackendDB *be )
if ( thrctx )
ldap_pvt_thread_pool_context_reset( thrctx );
+ if ( unsupp && cfb->cb_use_ldif ) {
+ Debug( LDAP_DEBUG_ANY, "\nWARNING: The converted cn=config "
+ "directory is incomplete and may not work.\n\n", 0, 0, 0 );
+ }
+
return 0;
}
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index cbc9f21ec6..5e57b2703c 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -191,17 +191,50 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
int j;
iarg = 0; larg = 0; barg = 0;
switch(arg_type & ARGS_NUMERIC) {
- case ARG_INT: iarg = strtol(c->argv[1], NULL, 0); break;
- case ARG_LONG: larg = strtol(c->argv[1], NULL, 0); break;
- case ARG_BER_LEN_T: barg = (ber_len_t)atol(c->argv[1]); break;
+ case ARG_INT:
+ if ( lutil_atoi( &iarg, c->argv[1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "<%s> unable to parse \"%s\" as int",
+ c->argv[0], c->argv[1] );
+ Debug(LDAP_DEBUG_CONFIG, "%s: %s\n",
+ c->log, c->msg, 0);
+ return(ARG_BAD_CONF);
+ }
+ break;
+ case ARG_LONG:
+ if ( lutil_atol( &larg, c->argv[1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "<%s> unable to parse \"%s\" as long",
+ c->argv[0], c->argv[1] );
+ Debug(LDAP_DEBUG_CONFIG, "%s: %s\n",
+ c->log, c->msg, 0);
+ return(ARG_BAD_CONF);
+ }
+ break;
+ case ARG_BER_LEN_T: {
+ unsigned long l;
+ if ( lutil_atoul( &l, c->argv[1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "<%s> unable to parse \"%s\" as ber_len_t",
+ c->argv[0], c->argv[1] );
+ Debug(LDAP_DEBUG_CONFIG, "%s: %s\n",
+ c->log, c->msg, 0);
+ return(ARG_BAD_CONF);
+ }
+ barg = (ber_len_t)l;
+ } break;
case ARG_ON_OFF:
- if(c->argc == 1) {
+ if (c->argc == 1) {
iarg = 1;
- } else if(!strcasecmp(c->argv[1], "on") ||
- !strcasecmp(c->argv[1], "true")) {
+ } else if ( !strcasecmp(c->argv[1], "on") ||
+ !strcasecmp(c->argv[1], "true") ||
+ !strcasecmp(c->argv[1], "yes") )
+ {
iarg = 1;
- } else if(!strcasecmp(c->argv[1], "off") ||
- !strcasecmp(c->argv[1], "false")) {
+ } else if ( !strcasecmp(c->argv[1], "off") ||
+ !strcasecmp(c->argv[1], "false") ||
+ !strcasecmp(c->argv[1], "no") )
+ {
iarg = 0;
} else {
snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value, ignored",
@@ -448,6 +481,7 @@ init_config_attrs(ConfigTable *ct) {
freeit = 1;
} else {
+ ldap_attributetype_free( at );
fprintf( stderr, "init_config_attrs: AttributeType \"%s\": %s, %s\n",
ct[i].attribute, scherr2str(code), err );
return code;
@@ -1013,9 +1047,11 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L
for (tab = tab0; !BER_BVISNULL(&tab->key); tab++ ) {
if ( !strncasecmp( word, tab->key.bv_val, tab->key.bv_len )) {
- char **cptr, *next;
+ char **cptr;
int *iptr, j;
unsigned *uptr;
+ long *lptr;
+ unsigned long *ulptr;
struct berval *bptr;
const char *val = word + tab->key.bv_len;
@@ -1046,19 +1082,25 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L
case 'i':
iptr = (int *)((char *)dst + tab->off);
- *iptr = strtol( val, &next, 0 );
- if ( next == val || next[ 0 ] != '\0' ) {
- rc = 1;
- }
+ rc = lutil_atoix( iptr, val, 0 );
break;
case 'u':
uptr = (unsigned *)((char *)dst + tab->off);
- *uptr = strtoul( val, &next, 0 );
- if ( next == val || next[ 0 ] != '\0' ) {
- rc = 1;
- }
+ rc = lutil_atoux( uptr, val, 0 );
+ break;
+
+ case 'I':
+ lptr = (long *)((char *)dst + tab->off);
+
+ rc = lutil_atolx( lptr, val, 0 );
+ break;
+
+ case 'U':
+ ulptr = (unsigned long *)((char *)dst + tab->off);
+
+ rc = lutil_atoulx( ulptr, val, 0 );
break;
}
@@ -1086,6 +1128,8 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0
char **cptr;
int *iptr, i;
unsigned *uptr;
+ long *lptr;
+ unsigned long *ulptr;
struct berval *bptr;
cptr = (char **)((char *)src + tab->off);
@@ -1131,6 +1175,23 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0
ptr = lutil_strcopy( ptr, tab->key.bv_val );
ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%u", *uptr );
break;
+
+ case 'I':
+ lptr = (long *)((char *)src + tab->off);
+ *ptr++ = ' ';
+ ptr = lutil_strcopy( ptr, tab->key.bv_val );
+ ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%ld", *lptr );
+ break;
+
+ case 'U':
+ ulptr = (unsigned long *)((char *)src + tab->off);
+ *ptr++ = ' ';
+ ptr = lutil_strcopy( ptr, tab->key.bv_val );
+ ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr );
+ break;
+
+ default:
+ assert( 0 );
}
}
tmp.bv_val = buf;
diff --git a/servers/slapd/config.h b/servers/slapd/config.h
index 3dc2592803..b5085e2a15 100644
--- a/servers/slapd/config.h
+++ b/servers/slapd/config.h
@@ -14,6 +14,9 @@
* <http://www.OpenLDAP.org/license.html>.
*/
+#ifndef CONFIG_H
+#define CONFIG_H
+
typedef struct ConfigTable {
char *name;
char *what;
@@ -169,3 +172,13 @@ int read_config_file(const char *fname, int depth, ConfigArgs *cf,
ConfigTable * config_find_keyword(ConfigTable *ct, ConfigArgs *c);
Entry * config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent,
ConfigArgs *c, struct berval *rdn, ConfigOCs *main, ConfigOCs *extra );
+
+int config_shadow( ConfigArgs *c, int flag );
+#define config_slurp_shadow(c) config_shadow((c), SLAP_DBFLAG_SLURP_SHADOW)
+#define config_sync_shadow(c) config_shadow((c), SLAP_DBFLAG_SYNC_SHADOW)
+
+ /* Make sure we don't exceed the bits reserved for userland */
+#define config_check_userland(last) \
+ assert( ( ( (last) - 1 ) & ARGS_USERLAND ) == ( (last) - 1 ) );
+
+#endif /* CONFIG_H */
diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index c2be214f59..a83739966d 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -606,9 +606,7 @@ long connection_init(
c->c_send_search_entry = slap_send_search_entry;
c->c_send_search_reference = slap_send_search_reference;
c->c_send_ldap_extended = slap_send_ldap_extended;
-#ifdef LDAP_RES_INTERMEDIATE
c->c_send_ldap_intermediate = slap_send_ldap_intermediate;
-#endif
BER_BVZERO( &c->c_authmech );
BER_BVZERO( &c->c_dn );
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index 942749519c..63b6b31dc4 100644
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -29,6 +29,7 @@ static SLAP_CTRL_PARSE_FN parsePreRead;
static SLAP_CTRL_PARSE_FN parsePostRead;
static SLAP_CTRL_PARSE_FN parseProxyAuthz;
#ifdef LDAP_DEVEL
+static SLAP_CTRL_PARSE_FN parseDontUseCopy;
static SLAP_CTRL_PARSE_FN parseManageDIT;
#endif
static SLAP_CTRL_PARSE_FN parseManageDSAit;
@@ -125,41 +126,37 @@ static struct slap_control control_defs[] = {
SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH|SLAP_CTRL_HIDE, NULL,
parseSortedResults, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#endif
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
{ LDAP_CONTROL_X_DOMAIN_SCOPE,
(int)offsetof(struct slap_control_ids, sc_domainScope),
- SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH, NULL,
+ SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH|SLAP_CTRL_HIDE, NULL,
parseDomainScope, LDAP_SLIST_ENTRY_INITIALIZER(next) },
-#endif
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
{ LDAP_CONTROL_X_PERMISSIVE_MODIFY,
(int)offsetof(struct slap_control_ids, sc_permissiveModify),
- SLAP_CTRL_MODIFY, NULL,
+ SLAP_CTRL_MODIFY|SLAP_CTRL_HIDE, NULL,
parsePermissiveModify, LDAP_SLIST_ENTRY_INITIALIZER(next) },
-#endif
#ifdef SLAP_CONTROL_X_TREE_DELETE
{ LDAP_CONTROL_X_TREE_DELETE,
(int)offsetof(struct slap_control_ids, sc_treeDelete),
- SLAP_CTRL_HIDE|SLAP_CTRL_DELETE, NULL,
+ SLAP_CTRL_DELETE|SLAP_CTRL_HIDE, NULL,
parseTreeDelete, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#endif
-#ifdef LDAP_CONTROL_X_SEARCH_OPTIONS
{ LDAP_CONTROL_X_SEARCH_OPTIONS,
(int)offsetof(struct slap_control_ids, sc_searchOptions),
- SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH, NULL,
+ SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH|SLAP_CTRL_HIDE, NULL,
parseSearchOptions, LDAP_SLIST_ENTRY_INITIALIZER(next) },
-#endif
-#ifdef LDAP_CONTROL_SUBENTRIES
{ LDAP_CONTROL_SUBENTRIES,
(int)offsetof(struct slap_control_ids, sc_subentries),
SLAP_CTRL_SEARCH, NULL,
parseSubentries, LDAP_SLIST_ENTRY_INITIALIZER(next) },
-#endif
{ LDAP_CONTROL_NOOP,
(int)offsetof(struct slap_control_ids, sc_noOp),
- SLAP_CTRL_HIDE|SLAP_CTRL_ACCESS, NULL,
+ SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL,
parseNoOp, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#ifdef LDAP_DEVEL
+ { LDAP_CONTROL_DONTUSECOPY,
+ (int)offsetof(struct slap_control_ids, sc_dontUseCopy),
+ SLAP_CTRL_INTROGATE|SLAP_CTRL_HIDE, NULL,
+ parseDontUseCopy, LDAP_SLIST_ENTRY_INITIALIZER(next) },
{ LDAP_CONTROL_MANAGEDIT,
(int)offsetof(struct slap_control_ids, sc_manageDIT),
SLAP_CTRL_GLOBAL|SLAP_CTRL_UPDATE|SLAP_CTRL_HIDE, NULL,
@@ -706,7 +703,8 @@ slap_remove_control(
switch ( op->o_ctrlflag[ ctrl ] ) {
case SLAP_CONTROL_NONCRITICAL:
for ( i = 0, j = -1; op->o_ctrls[ i ] != NULL; i++ ) {
- if ( strcmp( op->o_ctrls[ i ]->ldctl_oid, slap_known_controls[ ctrl - 1 ] ) == 0 )
+ if ( strcmp( op->o_ctrls[ i ]->ldctl_oid,
+ slap_known_controls[ ctrl - 1 ] ) == 0 )
{
j = i;
}
@@ -763,6 +761,30 @@ slap_remove_control(
}
#ifdef LDAP_DEVEL
+static int parseDontUseCopy (
+ Operation *op,
+ SlapReply *rs,
+ LDAPControl *ctrl )
+{
+ if ( op->o_dontUseCopy != SLAP_CONTROL_NONE ) {
+ rs->sr_text = "dontUseCopy control specified multiple times";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if ( ctrl->ldctl_value.bv_len ) {
+ rs->sr_text = "dontUseCopy control value not empty";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ if ( ctrl->ldctl_iscritical != SLAP_CONTROL_CRITICAL ) {
+ rs->sr_text = "dontUseCopy criticality of FALSE not allowed";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ op->o_dontUseCopy = SLAP_CONTROL_CRITICAL;
+ return LDAP_SUCCESS;
+}
+
static int parseManageDIT (
Operation *op,
SlapReply *rs,
@@ -1042,8 +1064,8 @@ static int parseAssert (
return LDAP_OTHER;
}
- rs->sr_err = get_filter( op, ber, (Filter **)&(op->o_assertion), &rs->sr_text);
-
+ rs->sr_err = get_filter( op, ber, (Filter **)&(op->o_assertion),
+ &rs->sr_text);
if( rs->sr_err != LDAP_SUCCESS ) {
if( rs->sr_err == SLAPD_DISCONNECT ) {
rs->sr_err = LDAP_PROTOCOL_ERROR;
@@ -1214,7 +1236,8 @@ static int parseValuesReturnFilter (
return LDAP_OTHER;
}
- rs->sr_err = get_vrFilter( op, ber, (ValuesReturnFilter **)&(op->o_vrFilter), &rs->sr_text);
+ rs->sr_err = get_vrFilter( op, ber,
+ (ValuesReturnFilter **)&(op->o_vrFilter), &rs->sr_text);
if( rs->sr_err != LDAP_SUCCESS ) {
if( rs->sr_err == SLAPD_DISCONNECT ) {
@@ -1244,7 +1267,6 @@ static int parseValuesReturnFilter (
return LDAP_SUCCESS;
}
-#ifdef LDAP_CONTROL_SUBENTRIES
static int parseSubentries (
Operation *op,
SlapReply *rs,
@@ -1274,9 +1296,7 @@ static int parseSubentries (
return LDAP_SUCCESS;
}
-#endif
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
static int parsePermissiveModify (
Operation *op,
SlapReply *rs,
@@ -1298,9 +1318,7 @@ static int parsePermissiveModify (
return LDAP_SUCCESS;
}
-#endif
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
static int parseDomainScope (
Operation *op,
SlapReply *rs,
@@ -1322,7 +1340,6 @@ static int parseDomainScope (
return LDAP_SUCCESS;
}
-#endif
#ifdef SLAP_CONTROL_X_TREE_DELETE
static int parseTreeDelete (
@@ -1348,7 +1365,6 @@ static int parseTreeDelete (
}
#endif
-#ifdef LDAP_CONTROL_X_SEARCH_OPTIONS
static int parseSearchOptions (
Operation *op,
SlapReply *rs,
@@ -1399,5 +1415,4 @@ static int parseSearchOptions (
return LDAP_SUCCESS;
}
-#endif
diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 9d1df57a12..99c2f7c579 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -1729,9 +1729,13 @@ slapd_daemon_task(
ber_socket_t active;
if( slapd_gentle_shutdown == 1 ) {
+ BackendDB *be;
Debug( LDAP_DEBUG_ANY, "slapd gentle shutdown\n", 0, 0, 0 );
close_listeners( 1 );
frontendDB->be_restrictops |= SLAP_RESTRICT_OP_WRITES;
+ LDAP_STAILQ_FOREACH(be, &backendDB, be_next) {
+ be->be_restrictops |= SLAP_RESTRICT_OP_WRITES;
+ }
slapd_gentle_shutdown = 2;
}
@@ -1739,7 +1743,7 @@ slapd_daemon_task(
active = slap_daemon.sd_nactives;
ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
if( active == 0 ) {
- slapd_shutdown = 2;
+ slapd_shutdown = 1;
break;
}
}
diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c
index eea855a4ae..4f7b151664 100644
--- a/servers/slapd/filter.c
+++ b/servers/slapd/filter.c
@@ -45,11 +45,6 @@ static int get_ssa(
SubstringsAssertion **s,
const char **text );
-static int filter_escape_value_x(
- struct berval *in,
- struct berval *out,
- void *ctx );
-
static void simple_vrFilter2bv(
Operation *op,
ValuesReturnFilter *f,
@@ -782,42 +777,6 @@ filter2bv( Filter *f, struct berval *fstr )
filter2bv_x( &op, f, fstr );
}
-static int
-filter_escape_value_x(
- struct berval *in,
- struct berval *out,
- void *ctx )
-{
- ber_len_t i;
- assert( in != NULL );
- assert( out != NULL );
-
- i = in->bv_len * 3 + 1;
- out->bv_val = ctx ? slap_sl_malloc( i, ctx ) : ch_malloc( i );
- out->bv_len = 0;
-
- for( i=0; i < in->bv_len ; i++ ) {
- if( FILTER_ESCAPE(in->bv_val[i]) ) {
- out->bv_val[out->bv_len++] = SLAP_ESCAPE_CHAR;
- out->bv_val[out->bv_len++] = SLAP_ESCAPE_HI( in->bv_val[i] );
- out->bv_val[out->bv_len++] = SLAP_ESCAPE_LO( in->bv_val[i] );
- } else {
- out->bv_val[out->bv_len++] = in->bv_val[i];
- }
- }
-
- out->bv_val[out->bv_len] = '\0';
- return LDAP_SUCCESS;
-}
-
-int
-filter_escape_value(
- struct berval *in,
- struct berval *out )
-{
- return filter_escape_value_x( in, out, NULL );
-}
-
static int
get_simple_vrFilter(
Operation *op,
diff --git a/servers/slapd/ldapsync.c b/servers/slapd/ldapsync.c
index e203781191..f4e80ac873 100644
--- a/servers/slapd/ldapsync.c
+++ b/servers/slapd/ldapsync.c
@@ -112,7 +112,6 @@ slap_parse_sync_cookie(
|| rid_ptr > &cookie->octet_str.bv_val[ cookie->octet_str.bv_len - STRLENOF( "rid=" ) ] )
{
return -1;
-
}
cookie->rid = strtoul( &rid_ptr[ STRLENOF( "rid=" ) ], &next, 10 );
diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c
index 691a116366..053efd90bd 100644
--- a/servers/slapd/limits.c
+++ b/servers/slapd/limits.c
@@ -650,14 +650,9 @@ limits_parse_one(
limit->lms_t_soft = -1;
} else {
- char *next = NULL;
- int soft = strtol( arg, &next, 10 );
+ int soft;
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
-
- if ( soft < -1 ) {
+ if ( lutil_atoi( &soft, arg ) != 0 || soft < -1 ) {
return( 1 );
}
@@ -677,14 +672,9 @@ limits_parse_one(
limit->lms_t_hard = -1;
} else {
- char *next = NULL;
- int hard = strtol( arg, &next, 10 );
-
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
+ int hard;
- if ( hard < -1 ) {
+ if ( lutil_atoi( &hard, arg ) != 0 || hard < -1 ) {
return( 1 );
}
@@ -709,10 +699,9 @@ limits_parse_one(
limit->lms_t_soft = -1;
} else {
- char *next = NULL;
-
- limit->lms_t_soft = strtol( arg, &next, 10 );
- if ( next == arg || limit->lms_t_soft < -1 ) {
+ if ( lutil_atoi( &limit->lms_t_soft, arg ) != 0
+ || limit->lms_t_soft < -1 )
+ {
return( 1 );
}
}
@@ -733,14 +722,9 @@ limits_parse_one(
limit->lms_s_soft = -1;
} else {
- char *next = NULL;
- int soft = strtol( arg, &next, 10 );
-
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
+ int soft;
- if ( soft < -1 ) {
+ if ( lutil_atoi( &soft, arg ) != 0 || soft < -1 ) {
return( 1 );
}
@@ -760,14 +744,9 @@ limits_parse_one(
limit->lms_s_hard = -1;
} else {
- char *next = NULL;
- int hard = strtol( arg, &next, 10 );
+ int hard;
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
-
- if ( hard < -1 ) {
+ if ( lutil_atoi( &hard, arg ) != 0 || hard < -1 ) {
return( 1 );
}
@@ -791,14 +770,9 @@ limits_parse_one(
limit->lms_s_unchecked = 0;
} else {
- char *next = NULL;
- int unchecked = strtol( arg, &next, 10 );
-
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
+ int unchecked;
- if ( unchecked < -1 ) {
+ if ( lutil_atoi( &unchecked, arg ) != 0 || unchecked < -1 ) {
return( 1 );
}
@@ -818,14 +792,9 @@ limits_parse_one(
limit->lms_s_pr = -1;
} else {
- char *next = NULL;
- int pr = strtol( arg, &next, 10 );
+ int pr;
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
-
- if ( pr < -1 ) {
+ if ( lutil_atoi( &pr, arg ) != 0 || pr < -1 ) {
return( 1 );
}
@@ -849,15 +818,9 @@ limits_parse_one(
limit->lms_s_pr_total = 0;
} else {
- char *next = NULL;
int total;
- total = strtol( arg, &next, 10 );
- if ( next == arg || next[ 0 ] != '\0' ) {
- return( 1 );
- }
-
- if ( total < -1 ) {
+ if ( lutil_atoi( &total, arg ) != 0 || total < -1 ) {
return( 1 );
}
@@ -882,10 +845,9 @@ limits_parse_one(
limit->lms_s_soft = -1;
} else {
- char *next = NULL;
-
- limit->lms_s_soft = strtol( arg, &next, 10 );
- if ( next == arg || limit->lms_s_soft < -1 ) {
+ if ( lutil_atoi( &limit->lms_s_soft, arg ) != 0
+ || limit->lms_s_soft < -1 )
+ {
return( 1 );
}
}
diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index f74bc4f231..c47f477893 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -406,10 +406,8 @@ int main( int argc, char **argv )
slap_debug |= level;
} else {
int level;
- char *next = NULL;
- level = strtol( optarg, &next, 0 );
- if ( next == NULL || next[ 0 ] != '\0' ) {
+ if ( lutil_atoix( &level, optarg, 0 ) != 0 ) {
fprintf( stderr,
"unrecognized log level "
"\"%s\"\n", optarg );
@@ -418,7 +416,7 @@ int main( int argc, char **argv )
slap_debug |= level;
}
#else
- if ( atoi( optarg ) != 0 )
+ if ( lutil_atoi( &level, optarg ) != 0 || level != 0 )
fputs( "must compile with LDAP_DEBUG for debugging\n",
stderr );
#endif
@@ -467,7 +465,10 @@ int main( int argc, char **argv )
}
case 's': /* set syslog level */
- ldap_syslog = atoi( optarg );
+ if ( lutil_atoi( &ldap_syslog, optarg ) != 0 ) {
+ fprintf( stderr, "unable to parse syslog level \"%s\"", optarg );
+ goto destroy;
+ }
break;
#ifdef LOG_LOCAL4
diff --git a/servers/slapd/mods.c b/servers/slapd/mods.c
index 40945fd21f..918a25a4ff 100644
--- a/servers/slapd/mods.c
+++ b/servers/slapd/mods.c
@@ -28,6 +28,7 @@
#include <ac/string.h>
#include "slap.h"
+#include "lutil.h"
int
modify_add_values(
@@ -386,7 +387,12 @@ modify_increment_values(
if ( !strcmp( a->a_desc->ad_type->sat_syntax_oid, SLAPD_INTEGER_SYNTAX )) {
int i;
char str[sizeof(long)*3 + 2]; /* overly long */
- long incr = atol( mod->sm_values[0].bv_val );
+ long incr;
+
+ if ( lutil_atol( &incr, mod->sm_values[0].bv_val ) != 0 ) {
+ *text = "modify/increment: invalid syntax of increment";
+ return LDAP_INVALID_SYNTAX;
+ }
/* treat zero and errors as a no-op */
if( incr == 0 ) {
@@ -395,13 +401,18 @@ modify_increment_values(
for( i = 0; !BER_BVISNULL( &a->a_nvals[i] ); i++ ) {
char *tmp;
- long value = atol( a->a_nvals[i].bv_val );
- size_t strln = snprintf( str, sizeof(str), "%ld", value+incr );
+ long value;
+ size_t strln;
+ if ( lutil_atol( &value, a->a_nvals[i].bv_val ) != 0 ) {
+ *text = "modify/increment: invalid syntax of original value";
+ return LDAP_INVALID_SYNTAX;
+ }
+ strln = snprintf( str, sizeof(str), "%ld", value+incr );
tmp = SLAP_REALLOC( a->a_nvals[i].bv_val, strln+1 );
if( tmp == NULL ) {
*text = "modify/increment: reallocation error";
- return LDAP_OTHER;;
+ return LDAP_OTHER;
}
a->a_nvals[i].bv_val = tmp;
a->a_nvals[i].bv_len = strln;
diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c
index af3913b602..acf8a5ff8b 100644
--- a/servers/slapd/oc.c
+++ b/servers/slapd/oc.c
@@ -524,6 +524,30 @@ oc_insert(
rc = oc_check_dup( old_soc, soc );
ldap_memfree( oir );
+
+ while ( names > soc->soc_names ) {
+ struct oindexrec tmpoir;
+
+ names--;
+ ber_str2bv( *names, 0, 0, &tmpoir.oir_name );
+ tmpoir.oir_oc = soc;
+ oir = (struct oindexrec *)avl_delete( &oc_index,
+ (caddr_t)&tmpoir, oc_index_cmp );
+ assert( oir != NULL );
+ ldap_memfree( oir );
+ }
+
+ if ( soc->soc_oid ) {
+ struct oindexrec tmpoir;
+
+ ber_str2bv( soc->soc_oid, 0, 0, &tmpoir.oir_name );
+ tmpoir.oir_oc = soc;
+ oir = (struct oindexrec *)avl_delete( &oc_index,
+ (caddr_t)&tmpoir, oc_index_cmp );
+ assert( oir != NULL );
+ ldap_memfree( oir );
+ }
+
return rc;
}
diff --git a/servers/slapd/overlays/Makefile.in b/servers/slapd/overlays/Makefile.in
index 86c8f043ca..5468620ba2 100644
--- a/servers/slapd/overlays/Makefile.in
+++ b/servers/slapd/overlays/Makefile.in
@@ -29,6 +29,7 @@ SRCS = overlays.c \
unique.c \
valsort.c
OBJS = overlays.o \
+ statover.o \
@SLAPD_STATIC_OVERLAYS@
# Add here the objs that are needed by overlays, but do not make it
@@ -113,6 +114,8 @@ MKDEPFLAG = -l
.c.lo:
$(LTCOMPILE_MOD) $<
+statover.o: statover.c $(srcdir)/../slap.h
+
$(LIBRARY): $(OBJS) version.lo
$(AR) rs $@ $(OBJS)
@@ -124,3 +127,6 @@ depend-local:
mv Makefile Makefile.bak; $(SED) $$SCR Makefile.bak > Makefile && \
$(RM) Makefile.bak; fi
+veryclean-local:
+ $(RM) statover.c
+
diff --git a/servers/slapd/overlays/accesslog.c b/servers/slapd/overlays/accesslog.c
index 4b37dce011..e802492e8f 100644
--- a/servers/slapd/overlays/accesslog.c
+++ b/servers/slapd/overlays/accesslog.c
@@ -990,7 +990,9 @@ static int accesslog_response(Operation *op, SlapReply *rs) {
bv.bv_len = sprintf( bv.bv_val, "%d", op->ors_tlimit );
attr_merge_one( e, ad_reqTimeLimit, &bv, NULL );
- /* FIXME: slimit was zeroed by the backends */
+
+ bv.bv_len = sprintf( bv.bv_val, "%d", op->ors_slimit );
+ attr_merge_one( e, ad_reqSizeLimit, &bv, NULL );
break;
case LOG_EN_BIND:
@@ -1200,20 +1202,113 @@ accesslog_db_destroy(
{
slap_overinst *on = (slap_overinst *)be->bd_info;
log_info *li = on->on_bi.bi_private;
-
+
ldap_pvt_thread_mutex_destroy( &li->li_log_mutex );
ldap_pvt_thread_mutex_destroy( &li->li_op_mutex );
free( li );
return LDAP_SUCCESS;
}
-int accesslog_init()
+static int
+accesslog_db_open(
+ BackendDB *be
+)
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ log_info *li = on->on_bi.bi_private;
+
+ Connection conn;
+ OperationBuffer opbuf;
+ Operation *op = (Operation *) &opbuf;
+ Entry *e;
+ int rc;
+ void *thrctx;
+
+ if ( slapMode & SLAP_TOOL_MODE )
+ return 0;
+
+ thrctx = ldap_pvt_thread_pool_context();
+ connection_fake_init( &conn, op, thrctx );
+ op->o_bd = li->li_db;
+ op->o_dn = li->li_db->be_rootdn;
+ op->o_ndn = li->li_db->be_rootndn;
+
+ rc = be_entry_get_rw( op, li->li_db->be_nsuffix, NULL, NULL, 0, &e );
+
+ if ( e ) {
+ be_entry_release_rw( op, e, 0 );
+ } else {
+ SlapReply rs = {REP_RESULT};
+ struct berval rdn, nrdn, attr;
+ char *ptr;
+ AttributeDescription *ad = NULL;
+ const char *text = NULL;
+ Entry *e_ctx;
+
+ e = ch_calloc( 1, sizeof( Entry ));
+ e->e_name = *li->li_db->be_suffix;
+ e->e_nname = *li->li_db->be_nsuffix;
+
+ attr_merge_one( e, slap_schema.si_ad_objectClass,
+ &log_container->soc_cname, NULL );
+
+ dnRdn( &e->e_name, &rdn );
+ dnRdn( &e->e_nname, &nrdn );
+ ptr = ber_bvchr( &rdn, '=' );
+
+ assert( ptr != NULL );
+
+ attr.bv_val = rdn.bv_val;
+ attr.bv_len = ptr - rdn.bv_val;
+
+ slap_bv2ad( &attr, &ad, &text );
+
+ rdn.bv_val = ptr+1;
+ rdn.bv_len -= attr.bv_len + 1;
+ ptr = ber_bvchr( &nrdn, '=' );
+ nrdn.bv_len -= ptr - nrdn.bv_val + 1;
+ nrdn.bv_val = ptr+1;
+ attr_merge_one( e, ad, &rdn, &nrdn );
+
+ /* Get contextCSN from main DB */
+ op->o_bd = be;
+ op->o_bd->bd_info = on->on_info->oi_orig;
+ rc = be_entry_get_rw( op, be->be_nsuffix, NULL,
+ slap_schema.si_ad_contextCSN, 0, &e_ctx );
+
+ if ( e_ctx ) {
+ Attribute *a;
+
+ a = attr_find( e_ctx->e_attrs, slap_schema.si_ad_contextCSN );
+ if ( a )
+ attr_merge( e, a->a_desc, a->a_vals, NULL );
+ be_entry_release_rw( op, e_ctx, 0 );
+ }
+ op->o_bd->bd_info = (BackendInfo *)on;
+ op->o_bd = li->li_db;
+
+ op->ora_e = e;
+ op->o_req_dn = e->e_name;
+ op->o_req_ndn = e->e_nname;
+ op->o_callback = &nullsc;
+ SLAP_DBFLAGS( op->o_bd ) |= SLAP_DBFLAG_NOLASTMOD;
+ rc = op->o_bd->be_add( op, &rs );
+ SLAP_DBFLAGS( op->o_bd ) ^= SLAP_DBFLAG_NOLASTMOD;
+ attrs_free( e->e_attrs );
+ ch_free( e );
+ }
+ ldap_pvt_thread_pool_context_reset( thrctx );
+ return rc;
+}
+
+int accesslog_initialize()
{
int i, rc;
accesslog.on_bi.bi_type = "accesslog";
accesslog.on_bi.bi_db_init = accesslog_db_init;
accesslog.on_bi.bi_db_destroy = accesslog_db_destroy;
+ accesslog.on_bi.bi_db_open = accesslog_db_open;
accesslog.on_bi.bi_op_add = accesslog_op_mod;
accesslog.on_bi.bi_op_bind = accesslog_op_bind;
@@ -1292,8 +1387,10 @@ int accesslog_init()
}
#if SLAPD_OVER_ACCESSLOG == SLAPD_MOD_DYNAMIC
-int init_module( int argc, char *argv[]) {
- return accesslog_init();
+int
+init_module( int argc, char *argv[] )
+{
+ return accesslog_initialize();
}
#endif
diff --git a/servers/slapd/overlays/auditlog.c b/servers/slapd/overlays/auditlog.c
index 41da39cbc8..ab24579419 100644
--- a/servers/slapd/overlays/auditlog.c
+++ b/servers/slapd/overlays/auditlog.c
@@ -215,7 +215,7 @@ auditlog_config(
return SLAP_CONF_UNKNOWN;
}
-int auditlog_init() {
+int auditlog_initialize() {
auditlog.on_bi.bi_type = "auditlog";
auditlog.on_bi.bi_db_init = auditlog_db_init;
@@ -228,8 +228,10 @@ int auditlog_init() {
}
#if SLAPD_OVER_AUDITLOG == SLAPD_MOD_DYNAMIC && defined(PIC)
-int init_module( int argc, char *argv[]) {
- return auditlog_init();
+int
+init_module( int argc, char *argv[] )
+{
+ return auditlog_initialize();
}
#endif
diff --git a/servers/slapd/overlays/collect.c b/servers/slapd/overlays/collect.c
index 84bb00947c..f87fed8565 100644
--- a/servers/slapd/overlays/collect.c
+++ b/servers/slapd/overlays/collect.c
@@ -153,7 +153,7 @@ static int collect_config(
static slap_overinst collect;
-int collect_init() {
+int collect_initialize() {
collect.on_bi.bi_type = "collect";
collect.on_bi.bi_db_config = collect_config;
collect.on_response = collect_response;
@@ -163,7 +163,7 @@ int collect_init() {
#if SLAPD_OVER_COLLECT == SLAPD_MOD_DYNAMIC
int init_module(int argc, char *argv[]) {
- return collect_init();
+ return collect_initialize();
}
#endif
diff --git a/servers/slapd/overlays/denyop.c b/servers/slapd/overlays/denyop.c
index 759a831d8d..b3db024a99 100644
--- a/servers/slapd/overlays/denyop.c
+++ b/servers/slapd/overlays/denyop.c
@@ -224,7 +224,7 @@ denyop_destroy(
static slap_overinst denyop;
int
-denyop_init( void )
+denyop_initialize( void )
{
memset( &denyop, 0, sizeof( slap_overinst ) );
denyop.on_bi.bi_type = "denyop";
@@ -251,7 +251,7 @@ denyop_init( void )
int
init_module( int argc, char *argv[] )
{
- return denyop_init();
+ return denyop_initialize();
}
#endif /* SLAPD_OVER_DENYOP == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/dyngroup.c b/servers/slapd/overlays/dyngroup.c
index 1bdd95e14e..620224c14c 100644
--- a/servers/slapd/overlays/dyngroup.c
+++ b/servers/slapd/overlays/dyngroup.c
@@ -146,7 +146,7 @@ static slap_overinst dyngroup;
* initialized and registered by some other function inside slapd.
*/
-int dyngroup_init() {
+int dyngroup_initialize() {
dyngroup.on_bi.bi_type = "dyngroup";
dyngroup.on_bi.bi_db_config = dyngroup_config;
dyngroup.on_bi.bi_db_close = dyngroup_close;
@@ -156,8 +156,10 @@ int dyngroup_init() {
}
#if SLAPD_OVER_DYNGROUP == SLAPD_MOD_DYNAMIC
-int init_module(int argc, char *argv[]) {
- return dyngroup_init();
+int
+init_module( int argc, char *argv[] )
+{
+ return dyngroup_initialize();
}
#endif
diff --git a/servers/slapd/overlays/dynlist.c b/servers/slapd/overlays/dynlist.c
index e28d7315bc..5ccccaf3b9 100644
--- a/servers/slapd/overlays/dynlist.c
+++ b/servers/slapd/overlays/dynlist.c
@@ -588,7 +588,17 @@ dynlist_response( Operation *op, SlapReply *rs )
break;
case LDAP_REQ_COMPARE:
- if ( rs->sr_err == LDAP_NO_SUCH_ATTRIBUTE ) {
+ switch ( rs->sr_err ) {
+ /* NOTE: we waste a few cycles running the dynamic list
+ * also when the result is FALSE, which occurs if the
+ * dynamic entry itself contains the AVA attribute */
+ /* FIXME: this approach is less than optimal; a dedicated
+ * compare op should be implemented, that fetches the
+ * entry, checks if it has the appropriate objectClass
+ * and, in case, runs a compare thru all the URIs,
+ * stopping at the first positive occurrence; see ITS#3756 */
+ case LDAP_COMPARE_FALSE:
+ case LDAP_NO_SUCH_ATTRIBUTE:
return dynlist_compare( op, rs );
}
break;
@@ -602,12 +612,11 @@ dynlist_response( Operation *op, SlapReply *rs )
static int
dynlist_db_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
{
slap_overinst *on = (slap_overinst *)be->bd_info;
dynlist_info *dli = (dynlist_info *)on->on_bi.bi_private;
@@ -668,8 +677,7 @@ dynlist_db_config(
static int
dynlist_db_init(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
dynlist_info *dli;
@@ -684,8 +692,7 @@ dynlist_db_init(
static int
dynlist_db_open(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
dynlist_info *dli = (dynlist_info *)on->on_bi.bi_private;
@@ -719,8 +726,7 @@ dynlist_db_open(
static int
dynlist_db_destroy(
- BackendDB *be
-)
+ BackendDB *be )
{
slap_overinst *on = (slap_overinst *) be->bd_info;
int rc = 0;
@@ -739,8 +745,11 @@ dynlist_db_destroy(
static slap_overinst dynlist = { { NULL } };
+#if SLAPD_OVER_DYNLIST == SLAPD_MOD_DYNAMIC
+static
+#endif /* SLAPD_OVER_DYNLIST == SLAPD_MOD_DYNAMIC */
int
-dynlist_init(void)
+dynlist_initialize(void)
{
dynlist.on_bi.bi_type = "dynlist";
dynlist.on_bi.bi_db_init = dynlist_db_init;
@@ -757,7 +766,7 @@ dynlist_init(void)
int
init_module( int argc, char *argv[] )
{
- return dynlist_init();
+ return dynlist_initialize();
}
#endif
diff --git a/servers/slapd/overlays/lastmod.c b/servers/slapd/overlays/lastmod.c
index 63a30e6301..2e6170fb0f 100644
--- a/servers/slapd/overlays/lastmod.c
+++ b/servers/slapd/overlays/lastmod.c
@@ -995,7 +995,7 @@ lastmod_db_destroy(
static slap_overinst lastmod;
int
-lastmod_init()
+lastmod_initialize()
{
lastmod.on_bi.bi_type = "lastmod";
lastmod.on_bi.bi_db_init = lastmod_db_init;
@@ -1020,7 +1020,7 @@ lastmod_init()
int
init_module( int argc, char *argv[] )
{
- return lastmod_init();
+ return lastmod_initialize();
}
#endif /* SLAPD_OVER_LASTMOD == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/overlays.c b/servers/slapd/overlays/overlays.c
index 0f46ae2cf2..edf4fb3ea6 100644
--- a/servers/slapd/overlays/overlays.c
+++ b/servers/slapd/overlays/overlays.c
@@ -23,116 +23,22 @@
#include "slap.h"
-#if SLAPD_OVER_ACCESSLOG == SLAPD_MOD_STATIC
-extern int accesslog_init();
-#endif
-#if SLAPD_OVER_DENYOP == SLAPD_MOD_STATIC
-extern int denyop_init();
-#endif
-#if SLAPD_OVER_DYNGROUP == SLAPD_MOD_STATIC
-extern int dyngroup_init();
-#endif
-#if SLAPD_OVER_DYNLIST == SLAPD_MOD_STATIC
-extern int dynlist_init();
-#endif
-#if SLAPD_OVER_GLUE == SLAPD_MOD_STATIC
-extern int glue_init();
-#endif
-#if SLAPD_OVER_LASTMOD == SLAPD_MOD_STATIC
-extern int lastmod_init();
-#endif
-#if SLAPD_OVER_PPOLICY == SLAPD_MOD_STATIC
-extern int ppolicy_init();
-#endif
-#if SLAPD_OVER_PROXYCACHE == SLAPD_MOD_STATIC
-extern int pcache_init();
-#endif
-#if SLAPD_OVER_REFINT == SLAPD_MOD_STATIC
-extern int refint_init();
-#endif
-#if SLAPD_OVER_RETCODE == SLAPD_MOD_STATIC
-extern int retcode_init();
-#endif
-#if SLAPD_OVER_RWM == SLAPD_MOD_STATIC
-extern int rwm_init();
-#endif
-#if SLAPD_OVER_SYNCPROV == SLAPD_MOD_STATIC
-extern int syncprov_init();
-#endif
-#if SLAPD_OVER_TRANSLUCENT == SLAPD_MOD_STATIC
-extern int translucent_init();
-#endif
-#if SLAPD_OVER_UNIQUE == SLAPD_MOD_STATIC
-extern int unique_init();
-#endif
-#if SLAPD_OVER_VALSORT == SLAPD_MOD_STATIC
-extern int valsort_init();
-#endif
-
-static struct {
- char *name;
- int (*func)();
-} funcs[] = {
-#if SLAPD_OVER_ACCESSLOG == SLAPD_MOD_STATIC
- { "Access Log", accesslog_init },
-#endif
-#if SLAPD_OVER_DENYOP == SLAPD_MOD_STATIC
- { "Deny Operation", denyop_init },
-#endif
-#if SLAPD_OVER_DYNGROUP == SLAPD_MOD_STATIC
- { "Dynamic Group", dyngroup_init },
-#endif
-#if SLAPD_OVER_DYNLIST == SLAPD_MOD_STATIC
- { "Dynamic List", dynlist_init },
-#endif
-#if SLAPD_OVER_GLUE == SLAPD_MOD_STATIC
- { "Backend Glue", glue_init },
-#endif
-#if SLAPD_OVER_LASTMOD == SLAPD_MOD_STATIC
- { "Last Modification", lastmod_init },
-#endif
-#if SLAPD_OVER_PPOLICY == SLAPD_MOD_STATIC
- { "Password Policy", ppolicy_init },
-#endif
-#if SLAPD_OVER_PROXYCACHE == SLAPD_MOD_STATIC
- { "Proxy Cache", pcache_init },
-#endif
-#if SLAPD_OVER_REFINT == SLAPD_MOD_STATIC
- { "Referential Integrity", refint_init },
-#endif
-#if SLAPD_OVER_RETCODE == SLAPD_MOD_STATIC
- { "Return Code", retcode_init },
-#endif
-#if SLAPD_OVER_RWM == SLAPD_MOD_STATIC
- { "Rewrite/Remap", rwm_init },
-#endif
-#if SLAPD_OVER_SYNCPROV == SLAPD_MOD_STATIC
- { "Syncrepl Provider", syncprov_init },
-#endif
-#if SLAPD_OVER_TRANSLUCENT == SLAPD_MOD_STATIC
- { "Translucent Proxy", translucent_init },
-#endif
-#if SLAPD_OVER_UNIQUE == SLAPD_MOD_STATIC
- { "Attribute Uniqueness", unique_init },
-#endif
-#if SLAPD_OVER_VALSORT == SLAPD_MOD_STATIC
- { "Value Sorting", valsort_init },
-#endif
- { NULL, NULL }
-};
+extern OverlayInit slap_oinfo[];
int
overlay_init(void)
{
int i, rc = 0;
- for ( i=0; funcs[i].name; i++ ) {
- rc = funcs[i].func();
+ for ( i= 0 ; slap_oinfo[i].ov_type; i++ ) {
+ rc = slap_oinfo[i].ov_init();
if ( rc ) {
Debug( LDAP_DEBUG_ANY,
- "%s overlay setup failed, err %d\n", funcs[i].name, rc, 0 );
+ "%s overlay setup failed, err %d\n",
+ slap_oinfo[i].ov_type, rc, 0 );
break;
}
}
+
return rc;
}
diff --git a/servers/slapd/overlays/pcache.c b/servers/slapd/overlays/pcache.c
index b34ab149ad..61e80fe022 100644
--- a/servers/slapd/overlays/pcache.c
+++ b/servers/slapd/overlays/pcache.c
@@ -68,7 +68,7 @@ typedef struct query_template_s {
CachedQuery* query_last; /* oldest query cached for the template */
int no_of_queries; /* Total number of queries in the template */
- long ttl; /* TTL for the queries of this template */
+ time_t ttl; /* TTL for the queries of this template */
ldap_pvt_thread_rdwr_t t_rwlock; /* Rd/wr lock for accessing queries in the template */
} QueryTemplate;
@@ -78,6 +78,9 @@ typedef struct query_template_s {
*/
struct attr_set {
+ unsigned flags;
+#define PC_CONFIGURED (0x1)
+#define PC_REFERENCED (0x2)
AttributeName* attrs; /* specifies the set */
int count; /* number of attributes */
int* ID_array; /* array of indices of supersets of 'attrs' */
@@ -124,7 +127,7 @@ typedef struct cache_manager_s {
#define PCACHE_RESPONSE_CB_HEAD 0
#define PCACHE_RESPONSE_CB_TAIL 1
- int cc_period; /* interval between successive consistency checks (sec) */
+ time_t cc_period; /* interval between successive consistency checks (sec) */
int cc_paused;
void *cc_arg;
@@ -730,6 +733,7 @@ static void cache_replacement(query_manager* qm, struct berval *result)
Debug ( LDAP_DEBUG_ANY,
"Cache replacement invoked without "
"any query in LRU list\n", 0, 0, 0 );
+ ldap_pvt_thread_mutex_unlock(&qm->lru_mutex);
return;
}
@@ -1082,7 +1086,7 @@ cache_entries(
}
static int
-proxy_cache_response(
+pcache_response(
Operation *op,
SlapReply *rs )
{
@@ -1117,13 +1121,16 @@ proxy_cache_response(
}
}
- if (rs->sr_attrs != op->ors_attrs ) {
+ if ( rs->sr_attrs != op->ors_attrs ) {
op->o_tmpfree( rs->sr_attrs, op->o_tmpmemctx );
}
- rs->sr_attrs = si->query.save_attrs;
- op->o_tmpfree( op->ors_attrs, op->o_tmpmemctx );
- op->ors_attrs = si->query.save_attrs;
- si->query.save_attrs = NULL;
+
+ if ( si->query.save_attrs != NULL ) {
+ rs->sr_attrs = si->query.save_attrs;
+ op->o_tmpfree( op->ors_attrs, op->o_tmpmemctx );
+ op->ors_attrs = si->query.save_attrs;
+ si->query.save_attrs = NULL;
+ }
} else if ( rs->sr_type == REP_RESULT ) {
if ( si->count && cache_entries( op, rs, &uuid ) == 0 ) {
@@ -1211,7 +1218,7 @@ add_filter_attrs(
* performing the pagedResults search only within the client
* and the proxy. This requires pcache to understand pagedResults. */
static int
-proxy_cache_chk_controls(
+pcache_chk_controls(
Operation *op,
SlapReply *rs )
{
@@ -1242,7 +1249,7 @@ proxy_cache_chk_controls(
}
static int
-proxy_cache_search(
+pcache_op_search(
Operation *op,
SlapReply *rs )
{
@@ -1370,7 +1377,7 @@ proxy_cache_search(
add_filter_attrs(op, &op->ors_attrs, query.attrs, filter_attrs);
cb = op->o_tmpalloc( sizeof(*cb) + sizeof(*si), op->o_tmpmemctx);
- cb->sc_response = proxy_cache_response;
+ cb->sc_response = pcache_response;
cb->sc_cleanup = NULL;
cb->sc_private = (cb+1);
si = cb->sc_private;
@@ -1710,21 +1717,22 @@ pc_cfadd( Operation *op, SlapReply *rs, Entry *p, ConfigArgs *ca )
static int
pc_cf_gen( ConfigArgs *c )
{
- slap_overinst *on = (slap_overinst *)c->bi;
+ slap_overinst *on = (slap_overinst *)c->bi;
cache_manager* cm = on->on_bi.bi_private;
query_manager* qm = cm->qm;
QueryTemplate* temp;
AttributeName* attr_name;
AttributeName* attrarray;
const char* text=NULL;
- int i, num, rc = 0;
- char *ptr;
+ int i, num, rc = 0;
+ char *ptr;
+ unsigned long t;
if ( c->op == SLAP_CONFIG_EMIT ) {
struct berval bv;
switch( c->type ) {
case PC_MAIN:
- bv.bv_len = sprintf( c->msg, "%s %d %d %d %d",
+ bv.bv_len = snprintf( c->msg, sizeof( c->msg ), "%s %d %d %d %ld",
cm->db.bd_info->bi_type, cm->max_entries, cm->numattrsets,
cm->num_entries_limit, cm->cc_period );
bv.bv_val = c->msg;
@@ -1734,7 +1742,7 @@ pc_cf_gen( ConfigArgs *c )
for (i=0; i<cm->numattrsets; i++) {
if ( !qm->attr_sets[i].count ) continue;
- bv.bv_len = sprintf( c->msg, "%d", i );
+ bv.bv_len = snprintf( c->msg, sizeof( c->msg ), "%d", i );
/* count the attr length */
for ( attr_name = qm->attr_sets[i].attrs;
@@ -1755,7 +1763,7 @@ pc_cf_gen( ConfigArgs *c )
break;
case PC_TEMP:
for (i=0; i<cm->numtemplates; i++) {
- bv.bv_len = sprintf( c->msg, " %d %ld",
+ bv.bv_len = snprintf( c->msg, sizeof( c->msg ), " %d %ld",
qm->templates[i].attr_set_index,
qm->templates[i].ttl );
bv.bv_len += qm->templates[i].querystr.bv_len + 2;
@@ -1793,38 +1801,98 @@ pc_cf_gen( ConfigArgs *c )
switch( c->type ) {
case PC_MAIN:
- cm->numattrsets = atoi( c->argv[3] );
+ if ( cm->numattrsets > 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "\"proxycache\" directive already provided" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+
+ if ( lutil_atoi( &cm->numattrsets, c->argv[3] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse num attrsets=\"%s\" (arg #3)",
+ c->argv[3] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( cm->numattrsets <= 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "numattrsets (arg #3) must be positive" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
if ( cm->numattrsets > MAX_ATTR_SETS ) {
- sprintf( c->msg, "numattrsets must be <= %d", MAX_ATTR_SETS );
- Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
+ snprintf( c->msg, sizeof( c->msg ), "numattrsets (arg #3) must be <= %d", MAX_ATTR_SETS );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return( 1 );
}
+
if ( !backend_db_init( c->argv[1], &cm->db )) {
- sprintf( c->msg, "unknown backend type" );
+ snprintf( c->msg, sizeof( c->msg ), "unknown backend type (arg #1)" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+
+ if ( lutil_atoi( &cm->max_entries, c->argv[2] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse max entries=\"%s\" (arg #2)",
+ c->argv[2] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( cm->max_entries <= 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "max entries (arg #2) must be positive.\n" );
Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
return( 1 );
}
- cm->max_entries = atoi( c->argv[2] );
- cm->num_entries_limit = atoi( c->argv[4] );
- cm->cc_period = atoi( c->argv[5] );
+ if ( lutil_atoi( &cm->num_entries_limit, c->argv[4] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse entry limit=\"%s\" (arg #4)",
+ c->argv[4] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( cm->num_entries_limit <= 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "entry limit (arg #4) must be positive" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( cm->num_entries_limit > cm->max_entries ) {
+ snprintf( c->msg, sizeof( c->msg ), "entry limit (arg #4) must be less than max entries %d (arg #2)", cm->max_entries );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+
+ if ( lutil_parse_time( c->argv[5], &t ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse period=\"%s\" (arg #5)",
+ c->argv[5] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ cm->cc_period = (time_t)t;
Debug( LDAP_DEBUG_TRACE,
- "Total # of attribute sets to be cached = %d\n",
+ "Total # of attribute sets to be cached = %d.\n",
cm->numattrsets, 0, 0 );
- qm->attr_sets = ( struct attr_set * )ch_malloc( cm->numattrsets *
- sizeof( struct attr_set ));
- for ( i = 0; i < cm->numattrsets; i++ ) {
- qm->attr_sets[i].attrs = NULL;
- }
+ qm->attr_sets = ( struct attr_set * )ch_calloc( cm->numattrsets,
+ sizeof( struct attr_set ) );
break;
case PC_ATTR:
- num = atoi( c->argv[1] );
- if (num >= cm->numattrsets) {
- sprintf( c->msg, "attrset index out of bounds" );
- Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
+ if ( cm->numattrsets == 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "\"proxycache\" directive not provided yet" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( lutil_atoi( &num, c->argv[1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse attrset #=\"%s\"",
+ c->argv[1] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+
+ if ( num < 0 || num >= cm->numattrsets ) {
+ snprintf( c->msg, sizeof( c->msg ), "attrset index %d out of bounds (must be %s%d)",
+ num, cm->numattrsets > 1 ? "0->" : "", cm->numattrsets - 1 );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return 1;
}
- if ( c->argv[2] && strcmp( c->argv[2], "*" ) ) {
+ qm->attr_sets[num].flags |= PC_CONFIGURED;
+ if ( c->argc > 2 && strcmp( c->argv[2], "*" ) ) {
qm->attr_sets[num].count = c->argc - 2;
qm->attr_sets[num].attrs = (AttributeName*)ch_malloc(
(c->argc-1) * sizeof( AttributeName ));
@@ -1833,9 +1901,10 @@ pc_cf_gen( ConfigArgs *c )
ber_str2bv( c->argv[i], 0, 1, &attr_name->an_name);
attr_name->an_desc = NULL;
if ( slap_bv2ad( &attr_name->an_name,
- &attr_name->an_desc, &text )) {
+ &attr_name->an_desc, &text ) )
+ {
strcpy( c->msg, text );
- Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
ch_free( qm->attr_sets[num].attrs );
qm->attr_sets[num].attrs = NULL;
qm->attr_sets[num].count = 0;
@@ -1849,9 +1918,22 @@ pc_cf_gen( ConfigArgs *c )
}
break;
case PC_TEMP:
- if (( i = atoi( c->argv[2] )) >= cm->numattrsets ) {
- sprintf( c->msg, "template index invalid" );
- Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
+ if ( cm->numattrsets == 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "\"proxycache\" directive not provided yet" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ if ( lutil_atoi( &i, c->argv[2] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse template #=\"%s\"",
+ c->argv[2] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+
+ if ( i < 0 || i >= cm->numattrsets ) {
+ snprintf( c->msg, sizeof( c->msg ), "template index %d invalid (%s%d)",
+ i, cm->numattrsets > 1 ? "0->" : "", cm->numattrsets - 1 );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return 1;
}
num = cm->numtemplates;
@@ -1862,7 +1944,14 @@ pc_cf_gen( ConfigArgs *c )
temp = qm->templates + num;
ldap_pvt_thread_rdwr_init( &temp->t_rwlock );
temp->query = temp->query_last = NULL;
- temp->ttl = atoi( c->argv[3] );
+ if ( lutil_parse_time( c->argv[3], &t ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ), "unable to parse template ttl=\"%s\"",
+ c->argv[3] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return( 1 );
+ }
+ temp->ttl = (time_t)t;
+
temp->no_of_queries = 0;
ber_str2bv( c->argv[1], 0, 1, &temp->querystr );
@@ -1870,6 +1959,7 @@ pc_cf_gen( ConfigArgs *c )
Debug( LDAP_DEBUG_TRACE, " query template: %s\n",
temp->querystr.bv_val, 0, 0 );
temp->attr_set_index = i;
+ qm->attr_sets[i].flags |= PC_REFERENCED;
Debug( LDAP_DEBUG_TRACE, " attributes: \n", 0, 0, 0 );
if ( ( attrarray = qm->attr_sets[i].attrs ) != NULL ) {
for ( i=0; attrarray[i].an_name.bv_val; i++ )
@@ -1888,8 +1978,8 @@ pc_cf_gen( ConfigArgs *c )
cm->response_cb = PCACHE_RESPONSE_CB_TAIL;
} else {
- sprintf( c->msg, "unknown specifier" );
- Debug( LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 );
+ snprintf( c->msg, sizeof( c->msg ), "unknown specifier" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return 1;
}
break;
@@ -1898,7 +1988,7 @@ pc_cf_gen( ConfigArgs *c )
}
static int
-proxy_cache_config(
+pcache_db_config(
BackendDB *be,
const char *fname,
int lineno,
@@ -1917,7 +2007,7 @@ proxy_cache_config(
}
static int
-proxy_cache_init(
+pcache_db_init(
BackendDB *be
)
{
@@ -1962,13 +2052,42 @@ proxy_cache_init(
}
static int
-proxy_cache_open(
+pcache_db_open(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *)be->bd_info;
cache_manager *cm = on->on_bi.bi_private;
- int rc = 0;
+ query_manager* qm = cm->qm;
+ int i, ncf = 0, rf = 0, nrf = 0, rc = 0;
+
+ /* check attr sets */
+ for ( i = 0; i < cm->numattrsets; i++) {
+ if ( !( qm->attr_sets[i].flags & PC_CONFIGURED ) ) {
+ if ( qm->attr_sets[i].flags & PC_REFERENCED ) {
+ Debug( LDAP_DEBUG_ANY, "pcache: attr set #%d not configured but referenced.\n", i, 0, 0 );
+ rf++;
+
+ } else {
+ Debug( LDAP_DEBUG_ANY, "pcache: warning, attr set #%d not configured.\n", i, 0, 0 );
+ }
+ ncf++;
+
+ } else if ( !( qm->attr_sets[i].flags & PC_REFERENCED ) ) {
+ Debug( LDAP_DEBUG_ANY, "pcache: attr set #%d configured but not referenced.\n", i, 0, 0 );
+ nrf++;
+ }
+ }
+
+ if ( ncf || rf || nrf ) {
+ Debug( LDAP_DEBUG_ANY, "pcache: warning, %d attr sets configured but not referenced.\n", nrf, 0, 0 );
+ Debug( LDAP_DEBUG_ANY, "pcache: warning, %d attr sets not configured.\n", ncf, 0, 0 );
+ Debug( LDAP_DEBUG_ANY, "pcache: %d attr sets not configured but referenced.\n", rf, 0, 0 );
+
+ if ( rf > 0 ) {
+ return 1;
+ }
+ }
/* need to inherit something from the original database... */
cm->db.be_def_limit = be->be_def_limit;
@@ -1990,7 +2109,7 @@ proxy_cache_open(
if ( BER_BVISNULL( &cm->db.be_rootndn )
|| BER_BVISEMPTY( &cm->db.be_rootndn ) )
{
- Debug( LDAP_DEBUG_ANY, "proxy_cache_open(): "
+ Debug( LDAP_DEBUG_ANY, "pcache_db_open(): "
"underlying database of type \"%s\"\n"
" serving naming context \"%s\"\n"
" has no \"rootdn\", required by \"proxycache\".\n",
@@ -2004,7 +2123,7 @@ proxy_cache_open(
}
static int
-proxy_cache_close(
+pcache_db_close(
BackendDB *be
)
{
@@ -2046,7 +2165,7 @@ proxy_cache_close(
}
static int
-proxy_cache_destroy(
+pcache_db_destroy(
BackendDB *be
)
{
@@ -2062,7 +2181,9 @@ proxy_cache_destroy(
BER_BVZERO( &cm->db.be_rootpw );
/* FIXME: there might be more... */
- backend_destroy_one( &cm->db, 0 );
+ if ( cm->db.be_private != NULL ) {
+ backend_destroy_one( &cm->db, 0 );
+ }
ldap_pvt_thread_mutex_destroy( &qm->lru_mutex );
ldap_pvt_thread_mutex_destroy( &cm->cache_mutex );
@@ -2073,9 +2194,9 @@ proxy_cache_destroy(
return 0;
}
-static slap_overinst proxy_cache;
+static slap_overinst pcache;
-int pcache_init()
+int pcache_initialize()
{
LDAPAttributeType *at;
int code;
@@ -2085,7 +2206,7 @@ int pcache_init()
LDAP_SCHEMA_ALLOW_ALL );
if ( !at ) {
Debug( LDAP_DEBUG_ANY,
- "pcache_init: ldap_str2attributetype failed %s %s\n",
+ "pcache_initialize: ldap_str2attributetype failed %s %s\n",
ldap_scherr2str(code), err, 0 );
return code;
}
@@ -2096,32 +2217,33 @@ int pcache_init()
ldap_memfree( at );
if ( code ) {
Debug( LDAP_DEBUG_ANY,
- "pcache_init: at_add failed %s %s\n",
+ "pcache_initialize: at_add failed %s %s\n",
scherr2str(code), err, 0 );
return code;
}
- proxy_cache.on_bi.bi_type = "pcache";
- proxy_cache.on_bi.bi_db_init = proxy_cache_init;
- proxy_cache.on_bi.bi_db_config = proxy_cache_config;
- proxy_cache.on_bi.bi_db_open = proxy_cache_open;
- proxy_cache.on_bi.bi_db_close = proxy_cache_close;
- proxy_cache.on_bi.bi_db_destroy = proxy_cache_destroy;
- proxy_cache.on_bi.bi_op_search = proxy_cache_search;
+ pcache.on_bi.bi_type = "pcache";
+ pcache.on_bi.bi_db_init = pcache_db_init;
+ pcache.on_bi.bi_db_config = pcache_db_config;
+ pcache.on_bi.bi_db_open = pcache_db_open;
+ pcache.on_bi.bi_db_close = pcache_db_close;
+ pcache.on_bi.bi_db_destroy = pcache_db_destroy;
+
+ pcache.on_bi.bi_op_search = pcache_op_search;
- proxy_cache.on_bi.bi_chk_controls = proxy_cache_chk_controls;
+ pcache.on_bi.bi_chk_controls = pcache_chk_controls;
- proxy_cache.on_bi.bi_cf_ocs = pcocs;
+ pcache.on_bi.bi_cf_ocs = pcocs;
code = config_register_schema( pccfg, pcocs );
if ( code ) return code;
- return overlay_register( &proxy_cache );
+ return overlay_register( &pcache );
}
#if SLAPD_OVER_PROXYCACHE == SLAPD_MOD_DYNAMIC
int init_module(int argc, char *argv[]) {
- return pcache_init();
+ return pcache_initialize();
}
#endif
diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index 2a5568add9..88633d167c 100644
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -357,30 +357,40 @@ ppolicy_get( Operation *op, Entry *e, PassPolicy *pp )
pp->ad = slap_schema.si_ad_userPassword;
#endif
- if ((a = attr_find( pe->e_attrs, ad_pwdMinAge )))
- pp->pwdMinAge = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdMaxAge )))
- pp->pwdMaxAge = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdInHistory )))
- pp->pwdInHistory = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdCheckQuality )))
- pp->pwdCheckQuality = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdMinLength )))
- pp->pwdMinLength = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdMaxFailure )))
- pp->pwdMaxFailure = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdGraceAuthNLimit )))
- pp->pwdGraceAuthNLimit = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdExpireWarning )))
- pp->pwdExpireWarning = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdFailureCountInterval )))
- pp->pwdFailureCountInterval = atoi(a->a_vals[0].bv_val );
- if ((a = attr_find( pe->e_attrs, ad_pwdLockoutDuration )))
- pp->pwdLockoutDuration = atoi(a->a_vals[0].bv_val );
-
- if ((a = attr_find( pe->e_attrs, ad_pwdCheckModule ))) {
- strncpy(pp->pwdCheckModule, a->a_vals[0].bv_val,
- sizeof(pp->pwdCheckModule));
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdMinAge ) )
+ && lutil_atoi( &pp->pwdMinAge, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdMaxAge ) )
+ && lutil_atoi( &pp->pwdMaxAge, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdInHistory ) )
+ && lutil_atoi( &pp->pwdInHistory, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdCheckQuality ) )
+ && lutil_atoi( &pp->pwdCheckQuality, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdMinLength ) )
+ && lutil_atoi( &pp->pwdMinLength, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdMaxFailure ) )
+ && lutil_atoi( &pp->pwdMaxFailure, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdGraceAuthNLimit ) )
+ && lutil_atoi( &pp->pwdGraceAuthNLimit, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdExpireWarning ) )
+ && lutil_atoi( &pp->pwdExpireWarning, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdFailureCountInterval ) )
+ && lutil_atoi( &pp->pwdFailureCountInterval, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdLockoutDuration ) )
+ && lutil_atoi( &pp->pwdLockoutDuration, a->a_vals[0].bv_val ) != 0 )
+ goto defaultpol;
+
+ if ( ( a = attr_find( pe->e_attrs, ad_pwdCheckModule ) ) ) {
+ strncpy( pp->pwdCheckModule, a->a_vals[0].bv_val,
+ sizeof(pp->pwdCheckModule) );
pp->pwdCheckModule[sizeof(pp->pwdCheckModule)-1] = '\0';
}
@@ -1932,7 +1942,7 @@ static char *extops[] = {
static slap_overinst ppolicy;
-int ppolicy_init()
+int ppolicy_initialize()
{
LDAPAttributeType *at;
const char *err;
@@ -1992,7 +2002,7 @@ int ppolicy_init()
#if SLAPD_OVER_PPOLICY == SLAPD_MOD_DYNAMIC
int init_module(int argc, char *argv[]) {
- return ppolicy_init();
+ return ppolicy_initialize();
}
#endif
diff --git a/servers/slapd/overlays/refint.c b/servers/slapd/overlays/refint.c
index 9004f902f9..5333da6062 100644
--- a/servers/slapd/overlays/refint.c
+++ b/servers/slapd/overlays/refint.c
@@ -659,7 +659,7 @@ done:
** it expects to be called automagically during dynamic module initialization
*/
-int refint_init() {
+int refint_initialize() {
/* statically declared just after the #includes at top */
refint.on_bi.bi_type = "refint";
@@ -674,7 +674,7 @@ int refint_init() {
#if SLAPD_OVER_REFINT == SLAPD_MOD_DYNAMIC && defined(PIC)
int init_module(int argc, char *argv[]) {
- return refint_init();
+ return refint_initialize();
}
#endif
diff --git a/servers/slapd/overlays/retcode.c b/servers/slapd/overlays/retcode.c
index 845370a812..79db976854 100644
--- a/servers/slapd/overlays/retcode.c
+++ b/servers/slapd/overlays/retcode.c
@@ -114,8 +114,6 @@ retcode_send_onelevel( Operation *op, SlapReply *rs )
retcode_item_t *rdi;
for ( rdi = rd->rd_item; rdi != NULL; rdi = rdi->rdi_next ) {
- int rc;
-
if ( op->o_abandon ) {
return rs->sr_err = SLAPD_ABANDON;
}
@@ -135,16 +133,14 @@ retcode_send_onelevel( Operation *op, SlapReply *rs )
rs->sr_err = LDAP_SUCCESS;
rs->sr_entry = &rdi->rdi_e;
- rc = send_search_entry( op, rs );
+ rs->sr_err = send_search_entry( op, rs );
+ rs->sr_entry = NULL;
- switch ( rc ) {
- case 0: /* entry sent ok */
- break;
- case 1: /* entry not sent */
- break;
- case -1: /* connection closed */
- rs->sr_entry = NULL;
+ switch ( rs->sr_err ) {
+ case LDAP_UNAVAILABLE: /* connection closed */
rs->sr_err = LDAP_OTHER;
+ /* fallthru */
+ case LDAP_SIZELIMIT_EXCEEDED:
goto done;
}
}
@@ -1062,7 +1058,7 @@ retcode_db_destroy( BackendDB *be )
static
#endif /* SLAPD_OVER_RETCODE == SLAPD_MOD_DYNAMIC */
int
-retcode_init( void )
+retcode_initialize( void )
{
int i, code;
const char *err;
@@ -1239,7 +1235,7 @@ retcode_init( void )
int
init_module( int argc, char *argv[] )
{
- return retcode_init();
+ return retcode_initialize();
}
#endif /* SLAPD_OVER_RETCODE == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/rwm.c b/servers/slapd/overlays/rwm.c
index 42bf3f8c1e..d4c5f1b9ed 100644
--- a/servers/slapd/overlays/rwm.c
+++ b/servers/slapd/overlays/rwm.c
@@ -1504,7 +1504,7 @@ rwm_db_destroy(
static slap_overinst rwm = { { NULL } };
int
-rwm_init(void)
+rwm_initialize(void)
{
memset( &rwm, 0, sizeof( slap_overinst ) );
@@ -1541,7 +1541,7 @@ rwm_init(void)
int
init_module( int argc, char *argv[] )
{
- return rwm_init();
+ return rwm_initialize();
}
#endif /* SLAPD_OVER_RWM == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/seqmod.c b/servers/slapd/overlays/seqmod.c
index 18f5ded5d7..5018700d8e 100644
--- a/servers/slapd/overlays/seqmod.c
+++ b/servers/slapd/overlays/seqmod.c
@@ -178,7 +178,7 @@ seqmod_db_close(
static slap_overinst seqmod;
int
-seqmod_init()
+seqmod_initialize()
{
seqmod.on_bi.bi_type = "seqmod";
seqmod.on_bi.bi_db_open = seqmod_db_open;
@@ -195,7 +195,7 @@ seqmod_init()
int
init_module( int argc, char *argv[] )
{
- return seqmod_init();
+ return seqmod_initialize();
}
#endif /* SLAPD_OVER_SEQMOD == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c
index 4e090b0fc9..a62d0a0d0d 100644
--- a/servers/slapd/overlays/syncprov.c
+++ b/servers/slapd/overlays/syncprov.c
@@ -450,12 +450,10 @@ syncprov_findbase( Operation *op, fbase_cookie *fc )
case LDAP_SCOPE_SUBTREE:
fc->fscope = dnIsSuffix( fc->fdn, &fc->fss->s_base );
break;
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
fc->fscope = dnIsSuffix( fc->fdn, &fc->fss->s_base ) &&
!dn_match( fc->fdn, &fc->fss->s_base );
break;
-#endif
}
}
@@ -510,7 +508,11 @@ findcsn_cb( Operation *op, SlapReply *rs )
{
slap_callback *sc = op->o_callback;
- if ( rs->sr_type == REP_SEARCH && rs->sr_err == LDAP_SUCCESS ) {
+ /* We just want to know that at least one exists, so it's OK if
+ * we exceed the unchecked limit.
+ */
+ if ( rs->sr_err == LDAP_ADMINLIMIT_EXCEEDED ||
+ (rs->sr_type == REP_SEARCH && rs->sr_err == LDAP_SUCCESS )) {
sc->sc_private = (void *)1;
}
return LDAP_SUCCESS;
@@ -583,10 +585,10 @@ syncprov_findcsn( Operation *op, find_csn_t mode )
#else
AttributeAssertion eq = { NULL, BER_BVNULL };
#endif
- int i, rc = LDAP_SUCCESS;
fpres_cookie pcookie;
sync_control *srs = NULL;
- int findcsn_retry = 1;
+ struct slap_limits_set fc_limits;
+ int i, rc = LDAP_SUCCESS, findcsn_retry = 1;
if ( mode != FIND_MAXCSN ) {
srs = op->o_controls[slap_cids.sc_LDAPsync];
@@ -637,6 +639,8 @@ again:
/* On retry, look for <= */
} else {
cf.f_choice = LDAP_FILTER_LE;
+ fop.ors_limit = &fc_limits;
+ fc_limits.lms_s_unchecked = 1;
fop.ors_filterstr.bv_len = sprintf( buf, "(entryCSN<=%s)",
cf.f_av_value.bv_val );
}
@@ -1244,7 +1248,9 @@ syncprov_checkpoint( Operation *op, SlapReply *rs, slap_overinst *on )
opm.o_req_ndn = op->o_bd->be_nsuffix[0];
opm.o_bd->bd_info = on->on_info->oi_orig;
opm.o_managedsait = SLAP_CONTROL_NONCRITICAL;
+ SLAP_DBFLAGS( opm.o_bd ) |= SLAP_DBFLAG_NOLASTMOD;
opm.o_bd->be_modify( &opm, &rsm );
+ SLAP_DBFLAGS( opm.o_bd ) ^= SLAP_DBFLAG_NOLASTMOD;
if ( mod.sml_next != NULL ) {
slap_mods_free( mod.sml_next, 1 );
}
@@ -2187,8 +2193,31 @@ sp_cf_gen(ConfigArgs *c)
}
switch ( c->type ) {
case SP_CHKPT:
- si->si_chkops = atoi( c->argv[1] );
- si->si_chktime = atoi( c->argv[2] ) * 60;
+ if ( lutil_atoi( &si->si_chkops, c->argv[1] ) != 0 ) {
+ sprintf( c->msg, "%s unable to parse checkpoint ops # \"%s\"",
+ c->argv[0], c->argv[1] );
+ Debug( LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 );
+ return ARG_BAD_CONF;
+ }
+ if ( si->si_chkops <= 0 ) {
+ sprintf( c->msg, "%s invalid checkpoint ops # \"%d\"",
+ c->argv[0], si->si_chkops );
+ Debug( LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 );
+ return ARG_BAD_CONF;
+ }
+ if ( lutil_atoi( &si->si_chktime, c->argv[2] ) != 0 ) {
+ sprintf( c->msg, "%s unable to parse checkpoint time \"%s\"",
+ c->argv[0], c->argv[1] );
+ Debug( LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 );
+ return ARG_BAD_CONF;
+ }
+ if ( si->si_chktime <= 0 ) {
+ sprintf( c->msg, "%s invalid checkpoint time \"%d\"",
+ c->argv[0], si->si_chkops );
+ Debug( LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 );
+ return ARG_BAD_CONF;
+ }
+ si->si_chktime *= 60;
break;
case SP_SESSL: {
sessionlog *sl;
@@ -2508,7 +2537,7 @@ static int syncprov_parseCtrl (
static slap_overinst syncprov;
int
-syncprov_init()
+syncprov_initialize()
{
int rc;
@@ -2553,7 +2582,7 @@ syncprov_init()
int
init_module( int argc, char *argv[] )
{
- return syncprov_init();
+ return syncprov_initialize();
}
#endif /* SLAPD_OVER_SYNCPROV == SLAPD_MOD_DYNAMIC */
diff --git a/servers/slapd/overlays/translucent.c b/servers/slapd/overlays/translucent.c
index 13e37ff9be..8b1e8f3693 100644
--- a/servers/slapd/overlays/translucent.c
+++ b/servers/slapd/overlays/translucent.c
@@ -29,6 +29,7 @@
#include <ac/socket.h>
#include "slap.h"
+#include "lutil.h"
/* config block */
@@ -620,7 +621,11 @@ static int translucent_config(
ov->config->debug = 0xFFFF;
rc = 0;
} else if(argc == 2) {
- ov->config->debug = atoi(argv[1]);
+ if ( lutil_atoi( &ov->config->debug, argv[1]) != 0 ) {
+ fprintf(stderr, "%s: line %d: unable to parse debug \"%s\"\n",
+ fname, lineno, argv[1]);
+ return 1;
+ }
rc = 0;
} else {
fprintf(stderr, "%s: line %d: too many arguments (%d) to debug\n",
@@ -730,7 +735,7 @@ static int translucent_close(BackendDB *be) {
**
*/
-int translucent_init() {
+int translucent_initialize() {
translucent.on_bi.bi_type = "translucent";
translucent.on_bi.bi_db_init = translucent_db_init;
@@ -750,7 +755,7 @@ int translucent_init() {
#if SLAPD_OVER_TRANSLUCENT == SLAPD_MOD_DYNAMIC && defined(PIC)
int init_module(int argc, char *argv[]) {
- return translucent_init();
+ return translucent_initialize();
}
#endif
diff --git a/servers/slapd/overlays/unique.c b/servers/slapd/overlays/unique.c
index d1df4dbb3e..5802b4a9d1 100644
--- a/servers/slapd/overlays/unique.c
+++ b/servers/slapd/overlays/unique.c
@@ -263,21 +263,35 @@ static int count_filter_len(
unique_attrs *up;
int i;
- while(!is_at_operational(ad->ad_type)) {
- if(ud->ignore) {
- for(up = ud->ignore; up; up = up->next)
- if(ad == up->attr) break;
- if(up) break;
+ while ( !is_at_operational( ad->ad_type ) ) {
+ if ( ud->ignore ) {
+ for ( up = ud->ignore; up; up = up->next ) {
+ if (ad == up->attr ) {
+ break;
+ }
+ }
+ if ( up ) {
+ break;
+ }
}
- if(ud->attrs) {
- for(up = ud->attrs; up; up = up->next)
- if(ad == up->attr) break;
- if(!up) break;
+ if ( ud->attrs ) {
+ for ( up = ud->attrs; up; up = up->next ) {
+ if ( ad == up->attr ) {
+ break;
+ }
+ }
+ if ( !up ) {
+ break;
+ }
}
- if(b && b[0].bv_val) for(i = 0; b[i].bv_val; i++)
- ks += b[i].bv_len + ad->ad_cname.bv_len + STRLENOF( "(=)" );
- else if(ud->strict)
+ if ( b && b[0].bv_val ) {
+ for (i = 0; b[i].bv_val; i++ ) {
+ /* note: make room for filter escaping... */
+ ks += ( 3 * b[i].bv_len ) + ad->ad_cname.bv_len + STRLENOF( "(=)" );
+ }
+ } else if ( ud->strict ) {
ks += ad->ad_cname.bv_len + STRLENOF( "(=*)" ); /* (attr=*) */
+ }
break;
}
return ks;
@@ -287,27 +301,47 @@ static char *build_filter(
unique_data *ud,
AttributeDescription *ad,
BerVarray b,
- char *kp
+ char *kp,
+ void *ctx
)
{
unique_attrs *up;
int i;
- while(!is_at_operational(ad->ad_type)) {
- if(ud->ignore) {
- for(up = ud->ignore; up; up = up->next)
- if(ad == up->attr) break;
- if(up) break;
+ while ( !is_at_operational( ad->ad_type ) ) {
+ if ( ud->ignore ) {
+ for ( up = ud->ignore; up; up = up->next ) {
+ if ( ad == up->attr ) {
+ break;
+ }
+ }
+ if ( up ) {
+ break;
+ }
}
- if(ud->attrs) {
- for(up = ud->attrs; up; up = up->next)
- if(ad == up->attr) break;
- if(!up) break;
+ if ( ud->attrs ) {
+ for ( up = ud->attrs; up; up = up->next ) {
+ if ( ad == up->attr ) {
+ break;
+ }
+ }
+ if ( !up ) {
+ break;
+ }
+ }
+ if ( b && b[0].bv_val ) {
+ for ( i = 0; b[i].bv_val; i++ ) {
+ struct berval bv;
+
+ ldap_bv2escaped_filter_value_x( &b[i], &bv, 1, ctx );
+ kp += sprintf( kp, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val );
+ if ( bv.bv_val != b[i].bv_val ) {
+ ber_memfree_x( bv.bv_val, ctx );
+ }
+ }
+ } else if ( ud->strict ) {
+ kp += sprintf( kp, "(%s=*)", ad->ad_cname.bv_val );
}
- if(b && b[0].bv_val) for(i = 0; b[i].bv_val; i++)
- kp += sprintf(kp, "(%s=%s)", ad->ad_cname.bv_val, b[i].bv_val);
- else if(ud->strict)
- kp += sprintf(kp, "(%s=*)", ad->ad_cname.bv_val);
break;
}
return kp;
@@ -409,7 +443,7 @@ static int unique_add(
kp = key + sprintf(key, "(|");
for(a = op->ora_e->e_attrs; a; a = a->a_next) {
- kp = build_filter(ud, a->a_desc, a->a_vals, kp);
+ kp = build_filter(ud, a->a_desc, a->a_vals, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
@@ -461,7 +495,7 @@ static int unique_modify(
for(m = op->orm_modlist; m; m = m->sml_next) {
if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
- kp = build_filter(ud, m->sml_desc, m->sml_values, kp);
+ kp = build_filter(ud, m->sml_desc, m->sml_values, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
@@ -524,7 +558,7 @@ static int unique_modrdn(
for(i = 0; newrdn[i]; i++) {
bv[0] = newrdn[i]->la_value;
- kp = build_filter(ud, newrdn[i]->la_private, bv, kp);
+ kp = build_filter(ud, newrdn[i]->la_private, bv, kp, op->o_tmpmemctx);
}
sprintf(kp, ")");
@@ -539,7 +573,7 @@ static int unique_modrdn(
** it expects to be called automagically during dynamic module initialization
*/
-int unique_init() {
+int unique_initialize() {
/* statically declared just after the #includes at top */
unique.on_bi.bi_type = "unique";
@@ -557,7 +591,7 @@ int unique_init() {
#if SLAPD_OVER_UNIQUE == SLAPD_MOD_DYNAMIC && defined(PIC)
int init_module(int argc, char *argv[]) {
- return unique_init();
+ return unique_initialize();
}
#endif
diff --git a/servers/slapd/overlays/valsort.c b/servers/slapd/overlays/valsort.c
index 1fe209b3c7..1f42a13b3a 100644
--- a/servers/slapd/overlays/valsort.c
+++ b/servers/slapd/overlays/valsort.c
@@ -531,7 +531,7 @@ valsort_parseCtrl(
static slap_overinst valsort;
-int valsort_init()
+int valsort_initialize( void )
{
int rc;
@@ -564,7 +564,7 @@ int valsort_init()
#if SLAPD_OVER_VALSORT == SLAPD_MOD_DYNAMIC
int init_module( int argc, char *argv[]) {
- return valsort_init();
+ return valsort_initialize();
}
#endif
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 14a7b8ea77..6727669d99 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -913,8 +913,8 @@ LDAP_SLAPD_F (void) vrFilter_free LDAP_P(( Operation *op, ValuesReturnFilter *f
LDAP_SLAPD_F (void) vrFilter2bv LDAP_P(( Operation *op, ValuesReturnFilter *f, struct berval *fstr ));
LDAP_SLAPD_F (int) filter_has_subordinates LDAP_P(( Filter *filter ));
-LDAP_SLAPD_F (int) filter_escape_value LDAP_P(( struct berval *in,
- struct berval *out ));
+#define filter_escape_value( in, out ) ldap_bv2escaped_filter_value_x( (in), (out), 0, NULL )
+#define filter_escape_value_x( in, out, ctx ) ldap_bv2escaped_filter_value_x( (in), (out), 0, ctx )
/*
* filterentry.c
diff --git a/servers/slapd/result.c b/servers/slapd/result.c
index 52a67ea2f8..29bdb2ff7e 100644
--- a/servers/slapd/result.c
+++ b/servers/slapd/result.c
@@ -36,6 +36,7 @@
#include <ac/unistd.h>
#include "slap.h"
+#include "lutil.h"
const struct berval slap_dummy_bv = BER_BVNULL;
@@ -556,11 +557,8 @@ slap_send_ldap_result( Operation *op, SlapReply *rs )
assert( rs->sr_err != LDAP_PARTIAL_RESULTS );
if ( rs->sr_err == LDAP_REFERRAL ) {
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
- if( op->o_domain_scope ) {
- rs->sr_ref = NULL;
- }
-#endif
+ if( op->o_domain_scope ) rs->sr_ref = NULL;
+
if( rs->sr_ref == NULL ) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else if ( op->o_protocol < LDAP_VERSION3 ) {
@@ -661,13 +659,23 @@ slap_send_ldap_intermediate( Operation *op, SlapReply *rs )
}
}
+/*
+ * returns:
+ *
+ * LDAP_SUCCESS entry sent
+ * LDAP_OTHER entry not sent (other)
+ * LDAP_INSUFFICIENT_ACCESS entry not sent (ACL)
+ * LDAP_UNAVAILABLE entry not sent (connection closed)
+ * LDAP_SIZELIMIT_EXCEEDED entry not sent (caller must send sizelimitExceeded)
+ */
+
int
slap_send_search_entry( Operation *op, SlapReply *rs )
{
BerElementBuffer berbuf;
BerElement *ber = (BerElement *) &berbuf;
Attribute *a;
- int i, j, rc=-1, bytes;
+ int i, j, rc = LDAP_UNAVAILABLE, bytes;
char *edn;
int userattrs;
AccessControlState acl_state = ACL_STATE_INIT;
@@ -679,7 +687,11 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
* e_flags: array of a_flags
*/
char **e_flags = NULL;
-
+
+ if ( op->ors_slimit >= 0 && rs->sr_nentries >= op->ors_slimit ) {
+ return LDAP_SIZELIMIT_EXCEEDED;
+ }
+
rs->sr_type = REP_SEARCH;
/* eventually will loop through generated operational attribute types
@@ -730,7 +742,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
"send_search_entry: conn %lu access to entry (%s) not allowed\n",
op->o_connid, rs->sr_entry->e_name.bv_val, 0 );
- rc = 1;
+ rc = LDAP_INSUFFICIENT_ACCESS;
goto error_return;
}
@@ -776,6 +788,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER, "encoding DN error" );
+ rc = rs->sr_err;
goto error_return;
}
@@ -823,6 +836,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"matched values filtering error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -872,6 +886,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"encoding description error");
+ rc = rs->sr_err;
goto error_return;
}
finish = 1;
@@ -905,6 +920,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"encoding description error");
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -916,6 +932,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"encoding values error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -928,6 +945,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER, "encode end error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -981,6 +999,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"matched values filtering error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -1030,6 +1049,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"encoding description error" );
+ rc = rs->sr_err;
goto error_return;
}
@@ -1058,6 +1078,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER,
"encoding values error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -1070,6 +1091,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER, "encode end error" );
+ rc = rs->sr_err;
goto error_return;
}
}
@@ -1104,7 +1126,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
if ( op->o_res_ber == NULL ) ber_free_buf( ber );
send_ldap_error( op, rs, LDAP_OTHER, "encode entry end error" );
- rc = 1;
+ rc = rs->sr_err;
goto error_return;
}
@@ -1123,7 +1145,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
"send_search_entry: conn %lu ber write failed.\n",
op->o_connid, 0, 0 );
- rc = -1;
+ rc = LDAP_UNAVAILABLE;
goto error_return;
}
rs->sr_nentries++;
@@ -1141,7 +1163,7 @@ slap_send_search_entry( Operation *op, SlapReply *rs )
Debug( LDAP_DEBUG_TRACE,
"<= send_search_entry: conn %lu exit.\n", op->o_connid, 0, 0 );
- rc = 0;
+ rc = LDAP_SUCCESS;
error_return:;
if ( op->o_callback ) {
@@ -1246,7 +1268,6 @@ slap_send_search_reference( Operation *op, SlapReply *rs )
goto rel;
}
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
if( op->o_domain_scope ) {
Debug( LDAP_DEBUG_ANY,
"send_search_reference: domainScope control in (%s)\n",
@@ -1254,7 +1275,6 @@ slap_send_search_reference( Operation *op, SlapReply *rs )
rc = 0;
goto rel;
}
-#endif
if( rs->sr_ref == NULL ) {
Debug( LDAP_DEBUG_ANY,
@@ -1397,8 +1417,8 @@ str2result(
}
if ( strncasecmp( s, "code", STRLENOF( "code" ) ) == 0 ) {
- if ( c != NULL ) {
- *code = atoi( c );
+ if ( c != NULL && lutil_atoi( code, c ) != 0 ) {
+ goto bailout;
}
} else if ( strncasecmp( s, "matched", STRLENOF( "matched" ) ) == 0 ) {
if ( c != NULL ) {
@@ -1409,6 +1429,7 @@ str2result(
*info = c;
}
} else {
+bailout:;
Debug( LDAP_DEBUG_ANY, "str2result (%s) unknown\n",
s, 0, 0 );
diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 58f8a96342..3867dfcef9 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -150,10 +150,10 @@ static const char *slap_propnames[] = {
static Filter generic_filter = { LDAP_FILTER_PRESENT, { 0 }, NULL };
static struct berval generic_filterstr = BER_BVC("(objectclass=*)");
-#define PROP_CONN 0
-#define PROP_AUTHC 1
-#define PROP_AUTHZ 2
-#define PROP_COUNT 3 /* Number of properties we used */
+#define SLAP_SASL_PROP_CONN 0
+#define SLAP_SASL_PROP_AUTHC 1
+#define SLAP_SASL_PROP_AUTHZ 2
+#define SLAP_SASL_PROP_COUNT 3 /* Number of properties we used */
typedef struct lookup_info {
int flags;
@@ -185,7 +185,7 @@ sasl_ap_lookup( Operation *op, SlapReply *rs )
if ( sl->flags & SASL_AUXPROP_AUTHZID ) continue;
/* Skip our private properties */
if ( !strcmp( name, slap_propnames[0] )) {
- i += PROP_COUNT-1;
+ i += SLAP_SASL_PROP_COUNT - 1;
continue;
}
name++;
@@ -275,19 +275,19 @@ slap_auxprop_lookup(
/* Find our DN and conn first */
for( i = 0; sl.list[i].name; i++ ) {
if ( sl.list[i].name[0] == '*' ) {
- if ( !strcmp( sl.list[i].name, slap_propnames[PROP_CONN] ) ) {
+ if ( !strcmp( sl.list[i].name, slap_propnames[SLAP_SASL_PROP_CONN] ) ) {
if ( sl.list[i].values && sl.list[i].values[0] )
AC_MEMCPY( &conn, sl.list[i].values[0], sizeof( conn ) );
continue;
}
if ( (flags & SASL_AUXPROP_AUTHZID) &&
- !strcmp( sl.list[i].name, slap_propnames[PROP_AUTHZ] ) ) {
+ !strcmp( sl.list[i].name, slap_propnames[SLAP_SASL_PROP_AUTHZ] ) ) {
if ( sl.list[i].values && sl.list[i].values[0] )
AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) );
break;
}
- if ( !strcmp( sl.list[i].name, slap_propnames[PROP_AUTHC] ) ) {
+ if ( !strcmp( sl.list[i].name, slap_propnames[SLAP_SASL_PROP_AUTHC] ) ) {
if ( sl.list[i].values && sl.list[i].values[0] ) {
AC_MEMCPY( &op.o_req_ndn, sl.list[i].values[0], sizeof( struct berval ) );
if ( !(flags & SASL_AUXPROP_AUTHZID) )
@@ -305,7 +305,7 @@ slap_auxprop_lookup(
if ( flags & SASL_AUXPROP_AUTHZID ) continue;
/* Skip our private properties */
if ( !strcmp( name, slap_propnames[0] )) {
- i += PROP_COUNT-1;
+ i += SLAP_SASL_PROP_COUNT - 1;
continue;
}
name++;
@@ -423,12 +423,12 @@ slap_auxprop_store(
/* Find our DN and conn first */
for( i = 0; pr[i].name; i++ ) {
if ( pr[i].name[0] == '*' ) {
- if ( !strcmp( pr[i].name, slap_propnames[PROP_CONN] ) ) {
+ if ( !strcmp( pr[i].name, slap_propnames[SLAP_SASL_PROP_CONN] ) ) {
if ( pr[i].values && pr[i].values[0] )
AC_MEMCPY( &conn, pr[i].values[0], sizeof( conn ) );
continue;
}
- if ( !strcmp( pr[i].name, slap_propnames[PROP_AUTHC] ) ) {
+ if ( !strcmp( pr[i].name, slap_propnames[SLAP_SASL_PROP_AUTHC] ) ) {
if ( pr[i].values && pr[i].values[0] ) {
AC_MEMCPY( &op.o_req_ndn, pr[i].values[0], sizeof( struct berval ) );
}
@@ -542,7 +542,7 @@ slap_sasl_canonicalize(
{
Connection *conn = (Connection *)context;
struct propctx *props = sasl_auxprop_getctx( sconn );
- struct propval auxvals[3];
+ struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { { 0 } };
struct berval dn;
int rc, which;
const char *names[2];
@@ -575,13 +575,13 @@ slap_sasl_canonicalize(
prop_request( props, slap_propnames );
if ( flags & SASL_CU_AUTHID )
- which = PROP_AUTHC;
+ which = SLAP_SASL_PROP_AUTHC;
else
- which = PROP_AUTHZ;
+ which = SLAP_SASL_PROP_AUTHZ;
/* Need to store the Connection for auxprop_lookup */
- if ( !auxvals[PROP_CONN].values ) {
- names[0] = slap_propnames[PROP_CONN];
+ if ( !auxvals[SLAP_SASL_PROP_CONN].values ) {
+ names[0] = slap_propnames[SLAP_SASL_PROP_CONN];
names[1] = NULL;
prop_set( props, names[0], (char *)&conn, sizeof( conn ) );
}
@@ -605,7 +605,7 @@ slap_sasl_canonicalize(
* it does authzID before the authcID. If we see that authzID
* has already been done, don't do anything special with authcID.
*/
- if ( flags == SASL_CU_AUTHID && !auxvals[PROP_AUTHZ].values ) {
+ if ( flags == SASL_CU_AUTHID && !auxvals[SLAP_SASL_PROP_AUTHZ].values ) {
conn->c_sasl_dn.bv_val = (char *) in;
} else if ( flags == SASL_CU_AUTHZID && conn->c_sasl_dn.bv_val ) {
rc = strcmp( in, conn->c_sasl_dn.bv_val );
@@ -654,7 +654,11 @@ slap_sasl_authorize(
struct propctx *props)
{
Connection *conn = (Connection *)context;
- struct propval auxvals[3];
+ /* actually:
+ * (SLAP_SASL_PROP_COUNT - 1) because we skip "conn",
+ * + 1 for NULL termination?
+ */
+ struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { { 0 } };
struct berval authcDN, authzDN = BER_BVNULL;
int rc;
@@ -670,7 +674,7 @@ slap_sasl_authorize(
BER_BVZERO( &conn->c_sasl_dn );
}
- /* Skip PROP_CONN */
+ /* Skip SLAP_SASL_PROP_CONN */
prop_getnames( props, slap_propnames+1, auxvals );
/* Should not happen */
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index 106dca9112..42bb8a1368 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -1969,9 +1969,7 @@ slap_sasl2dn(
case LDAP_SCOPE_BASE:
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif
/* do a search */
break;
diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c
index 7349628240..ca06f11100 100644
--- a/servers/slapd/schema_prep.c
+++ b/servers/slapd/schema_prep.c
@@ -1207,6 +1207,7 @@ slap_schema_load( void )
code = at_add( at, 0, NULL, &err );
if ( code ) {
+ ldap_attributetype_free( at );
fprintf( stderr, "slap_schema_load: AttributeType "
"\"%s\": %s: \"%s\"\n",
ad_map[i].ssam_name, scherr2str(code), err );
diff --git a/servers/slapd/schemaparse.c b/servers/slapd/schemaparse.c
index 0834dc0ae8..7aa7d61ba3 100644
--- a/servers/slapd/schemaparse.c
+++ b/servers/slapd/schemaparse.c
@@ -280,6 +280,7 @@ parse_at(
code = at_add(at,1,sat,&err);
if ( code ) {
+ ldap_attributetype_free( at );
fprintf( stderr, "%s: line %d: %s: \"%s\"\n",
fname, lineno, scherr2str(code), err);
return 1;
diff --git a/servers/slapd/search.c b/servers/slapd/search.c
index 11b5f0733d..97f3e923c1 100644
--- a/servers/slapd/search.c
+++ b/servers/slapd/search.c
@@ -92,9 +92,7 @@ do_search(
case LDAP_SCOPE_BASE:
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
-#ifdef LDAP_SCOPE_SUBORDINATE
case LDAP_SCOPE_SUBORDINATE:
-#endif
break;
default:
send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid scope" );
@@ -283,9 +281,17 @@ fe_op_search( Operation *op, SlapReply *rs )
rs->sr_err = test_filter( op, entry, op->ors_filter );
if( rs->sr_err == LDAP_COMPARE_TRUE ) {
+ /* note: we set no limits because either
+ * no limit is specified, or at least 1
+ * is specified, and we're going to return
+ * at most one entry */
+ op->ors_slimit = SLAP_NO_LIMIT;
+ op->ors_tlimit = SLAP_NO_LIMIT;
+
rs->sr_entry = entry;
rs->sr_attrs = op->ors_attrs;
rs->sr_operational_attrs = NULL;
+ rs->sr_flags = 0;
send_search_entry( op, rs );
rs->sr_entry = NULL;
rs->sr_operational_attrs = NULL;
diff --git a/servers/slapd/shell-backends/shellutil.c b/servers/slapd/shell-backends/shellutil.c
index 2731b52b86..b519cf4d5c 100644
--- a/servers/slapd/shell-backends/shellutil.c
+++ b/servers/slapd/shell-backends/shellutil.c
@@ -185,21 +185,32 @@ parse_input( FILE *ifp, FILE *ofp, struct ldop *op )
op->ldop_dn = estrdup( args );
break;
case IP_TYPE_SCOPE:
- if (( op->ldop_srch.ldsp_scope = atoi( args )) != LDAP_SCOPE_BASE &&
+ if ( lutil_atoi( &op->ldop_srch.ldsp_scope, args ) != 0 ||
+ ( op->ldop_srch.ldsp_scope != LDAP_SCOPE_BASE &&
op->ldop_srch.ldsp_scope != LDAP_SCOPE_ONELEVEL &&
- op->ldop_srch.ldsp_scope != LDAP_SCOPE_SUBTREE ) {
+ op->ldop_srch.ldsp_scope != LDAP_SCOPE_SUBTREE ) )
+ {
write_result( ofp, LDAP_OTHER, NULL, "Bad scope" );
return( -1 );
}
break;
case IP_TYPE_ALIASDEREF:
- op->ldop_srch.ldsp_aliasderef = atoi( args );
+ if ( lutil_atoi( &op->ldop_srch.ldsp_aliasderef, args ) != 0 ) {
+ write_result( ofp, LDAP_OTHER, NULL, "Bad alias deref" );
+ return( -1 );
+ }
break;
case IP_TYPE_SIZELIMIT:
- op->ldop_srch.ldsp_sizelimit = atoi( args );
+ if ( lutil_atoi( &op->ldop_srch.ldsp_sizelimit, args ) != 0 ) {
+ write_result( ofp, LDAP_OTHER, NULL, "Bad size limit" );
+ return( -1 );
+ }
break;
case IP_TYPE_TIMELIMIT:
- op->ldop_srch.ldsp_timelimit = atoi( args );
+ if ( lutil_atoi( &op->ldop_srch.ldsp_timelimit, args ) != 0 ) {
+ write_result( ofp, LDAP_OTHER, NULL, "Bad time limit" );
+ return( -1 );
+ }
break;
case IP_TYPE_FILTER:
op->ldop_srch.ldsp_filter = estrdup( args );
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 5f280d3663..4379a6dadc 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -74,8 +74,8 @@ LDAP_BEGIN_DECL
#define LDAP_DYNAMIC_OBJECTS
#define LDAP_SYNC_TIMESTAMP
#define LDAP_COLLECTIVE_ATTRIBUTES
-#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
#define SLAPD_CONF_UNKNOWN_BAILOUT
+#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
#define SLAP_ORDERED_PRETTYNORM
#define SLAP_AUTHZ_SYNTAX
@@ -1005,9 +1005,7 @@ typedef struct slap_filter {
#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
-#ifdef LDAP_SCOPE_SUBORDINATE
#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
-#endif
union f_un_u {
/* precomputed result */
@@ -1846,21 +1844,23 @@ struct slap_conn;
struct slap_op;
/* Backend function typedefs */
-typedef int (BI_init) LDAP_P((BackendInfo *bi));
+typedef int (BI_bi_func) LDAP_P((BackendInfo *bi));
+typedef BI_bi_func BI_init;
+typedef BI_bi_func BI_open;
+typedef BI_bi_func BI_close;
+typedef BI_bi_func BI_destroy;
typedef int (BI_config) LDAP_P((BackendInfo *bi,
const char *fname, int lineno,
int argc, char **argv));
-typedef int (BI_open) LDAP_P((BackendInfo *bi));
-typedef int (BI_close) LDAP_P((BackendInfo *bi));
-typedef int (BI_destroy) LDAP_P((BackendInfo *bi));
-typedef int (BI_db_init) LDAP_P((Backend *bd));
+typedef int (BI_db_func) LDAP_P((Backend *bd));
+typedef BI_db_func BI_db_init;
+typedef BI_db_func BI_db_open;
+typedef BI_db_func BI_db_close;
+typedef BI_db_func BI_db_destroy;
typedef int (BI_db_config) LDAP_P((Backend *bd,
const char *fname, int lineno,
int argc, char **argv));
-typedef int (BI_db_open) LDAP_P((Backend *bd));
-typedef int (BI_db_close) LDAP_P((Backend *bd));
-typedef int (BI_db_destroy) LDAP_P((Backend *bd));
typedef struct req_bind_s {
int rb_method;
@@ -2001,22 +2001,20 @@ typedef struct slap_rep {
#define sr_rspdata sr_un.sru_extended.r_rspdata
#define sr_sasldata sr_un.sru_sasl.r_sasldata
-typedef int (BI_op_bind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_unbind) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_search) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_compare) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_modify) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_modrdn) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_add) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_delete) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_abandon) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_cancel) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_op_extended) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_chk_referrals) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
-typedef int (BI_chk_controls) LDAP_P((
- struct slap_op *op, struct slap_rep *rs ));
+typedef int (BI_op_func) LDAP_P(( struct slap_op *op, struct slap_rep *rs ));
+typedef BI_op_func BI_op_bind;
+typedef BI_op_func BI_op_unbind;
+typedef BI_op_func BI_op_search;
+typedef BI_op_func BI_op_compare;
+typedef BI_op_func BI_op_modify;
+typedef BI_op_func BI_op_modrdn;
+typedef BI_op_func BI_op_add;
+typedef BI_op_func BI_op_delete;
+typedef BI_op_func BI_op_abandon;
+typedef BI_op_func BI_op_cancel;
+typedef BI_op_func BI_op_extended;
+typedef BI_op_func BI_chk_referrals;
+typedef BI_op_func BI_chk_controls;
typedef int (BI_entry_release_rw)
LDAP_P(( struct slap_op *op, Entry *e, int rw ));
typedef int (BI_entry_get_rw) LDAP_P(( struct slap_op *op, struct berval *ndn,
@@ -2036,10 +2034,9 @@ typedef int (BI_acl_attribute) LDAP_P(( struct slap_op *op, Entry *target,
BerVarray *vals, slap_access_t access ));
#endif /* SLAP_OVERLAY_ACCESS */
-typedef int (BI_connection_init) LDAP_P(( BackendDB *bd,
- struct slap_conn *c ));
-typedef int (BI_connection_destroy) LDAP_P(( BackendDB *bd,
- struct slap_conn *c ));
+typedef int (BI_conn_func) LDAP_P(( BackendDB *bd, struct slap_conn *c ));
+typedef BI_conn_func BI_connection_init;
+typedef BI_conn_func BI_connection_destroy;
typedef int (BI_tool_entry_open) LDAP_P(( BackendDB *be, int mode ));
typedef int (BI_tool_entry_close) LDAP_P(( BackendDB *be ));
@@ -2253,8 +2250,8 @@ typedef struct slap_overinfo {
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
-#define SLAP_CB_FREEME 0x4000
-#define SLAP_CB_CONTINUE 0x8000
+#define SLAP_CB_FREEME 0x04000
+#define SLAP_CB_CONTINUE 0x08000
/*
* Paged Results state
@@ -2291,25 +2288,26 @@ typedef struct slap_gacl {
} GroupAssertion;
struct slap_control_ids {
+ int sc_LDAPsync;
int sc_assert;
- int sc_preRead;
- int sc_postRead;
- int sc_proxyAuthz;
+ int sc_domainScope;
+ int sc_dontUseCopy;
int sc_manageDIT;
int sc_manageDSAit;
int sc_modifyIncrement;
int sc_noOp;
int sc_pagedResults;
+ int sc_permissiveModify;
+ int sc_postRead;
+ int sc_preRead;
+ int sc_proxyAuthz;
+ int sc_searchOptions;
#ifdef LDAP_DEVEL
int sc_sortedResults;
#endif
- int sc_valuesReturnFilter;
- int sc_permissiveModify;
- int sc_domainScope;
- int sc_treeDelete;
- int sc_searchOptions;
int sc_subentries;
- int sc_LDAPsync;
+ int sc_treeDelete;
+ int sc_valuesReturnFilter;
};
/*
@@ -2457,6 +2455,9 @@ typedef struct slap_op {
char o_ctrlflag[SLAP_MAX_CIDS]; /* per-control flags */
void **o_controls; /* per-control state */
+#define o_dontUseCopy o_ctrlflag[slap_cids.sc_dontUseCopy]
+#define get_dontUseCopy(op) _SCM((op)->o_dontUseCopy)
+
#define o_managedit o_ctrlflag[slap_cids.sc_manageDIT]
#define get_manageDIT(op) _SCM((op)->o_managedit)
@@ -2481,26 +2482,14 @@ typedef struct slap_op {
#define o_valuesreturnfilter o_ctrlflag[slap_cids.sc_valuesReturnFilter]
#define o_vrFilter o_controls[slap_cids.sc_valuesReturnFilter]
-#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
#define o_permissive_modify o_ctrlflag[slap_cids.sc_permissiveModify]
#define get_permissiveModify(op) ((int)(op)->o_permissive_modify)
-#else
-#define get_permissiveModify(op) (0)
-#endif
-#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
#define o_domain_scope o_ctrlflag[slap_cids.sc_domainScope]
#define get_domainScope(op) ((int)(op)->o_domain_scope)
-#else
-#define get_domainScope(op) (0)
-#endif
-#ifdef SLAP_CONTROL_X_TREE_DELETE
#define o_tree_delete o_ctrlflag[slap_cids.sc_treeDelete]
#define get_treeDelete(op) ((int)(op)->o_tree_delete)
-#else
-#define get_treeDelete(op) (0)
-#endif
#define o_preread o_ctrlflag[slap_cids.sc_preRead]
#define o_postread o_ctrlflag[slap_cids.sc_postRead]
@@ -2670,10 +2659,7 @@ typedef struct slap_conn {
SEND_SEARCH_ENTRY *c_send_search_entry;
SEND_SEARCH_REFERENCE *c_send_search_reference;
SEND_LDAP_EXTENDED *c_send_ldap_extended;
-#ifdef LDAP_RES_INTERMEDIATE
SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
-#endif
-
} Connection;
#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
@@ -3096,6 +3082,12 @@ struct zone_heap {
return 0; \
}
+typedef int (OV_init)(void);
+typedef struct slap_oinit_t {
+ const char *ov_type;
+ OV_init *ov_init;
+} OverlayInit;
+
LDAP_END_DECL
#include "proto-slap.h"
diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c
index 906d7a6046..389998655a 100644
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -133,16 +133,28 @@ parse_slapacl( void )
ber_str2bv( p, 0, 1, &sock_name );
} else if ( strncasecmp( optarg, "ssf", len ) == 0 ) {
- ssf = atoi( p );
+ if ( lutil_atou( &ssf, p ) ) {
+ Debug( LDAP_DEBUG_ANY, "unable to parse ssf=\"%s\".\n", p, 0, 0 );
+ return -1;
+ }
} else if ( strncasecmp( optarg, "transport_ssf", len ) == 0 ) {
- transport_ssf = atoi( p );
+ if ( lutil_atou( &transport_ssf, p ) ) {
+ Debug( LDAP_DEBUG_ANY, "unable to parse transport_ssf=\"%s\".\n", p, 0, 0 );
+ return -1;
+ }
} else if ( strncasecmp( optarg, "tls_ssf", len ) == 0 ) {
- tls_ssf = atoi( p );
+ if ( lutil_atou( &tls_ssf, p ) ) {
+ Debug( LDAP_DEBUG_ANY, "unable to parse tls_ssf=\"%s\".\n", p, 0, 0 );
+ return -1;
+ }
} else if ( strncasecmp( optarg, "sasl_ssf", len ) == 0 ) {
- sasl_ssf = atoi( p );
+ if ( lutil_atou( &sasl_ssf, p ) ) {
+ Debug( LDAP_DEBUG_ANY, "unable to parse sasl_ssf=\"%s\".\n", p, 0, 0 );
+ return -1;
+ }
} else if ( strncasecmp( optarg, "authzDN", len ) == 0 ) {
ber_str2bv( p, 0, 1, &authzDN );
@@ -264,16 +276,11 @@ slap_tool_init(
exit( EXIT_FAILURE );
}
- } else {
- char *next = NULL;
-
- level = strtol( optarg, &next, 0 );
- if ( next == NULL || next[ 0 ] != '\0' ) {
- fprintf( stderr,
- "unrecognized log level "
- "\"%s\"\n", optarg );
- exit( EXIT_FAILURE );
- }
+ } else if ( lutil_atoix( &level, optarg, 0 ) != 0 ) {
+ fprintf( stderr,
+ "unrecognized log level "
+ "\"%s\"\n", optarg );
+ exit( EXIT_FAILURE );
}
if ( level ) {
@@ -283,7 +290,7 @@ slap_tool_init(
ldap_debug = 0;
}
#else
- if ( atoi( optarg ) != 0 )
+ if ( lutil_atoi( &level, optarg ) != 0 || level != 0 )
fputs( "must compile with LDAP_DEBUG for debugging\n",
stderr );
#endif
@@ -321,7 +328,9 @@ slap_tool_init(
break;
case 'n': /* which config file db to index */
- dbnum = atoi( optarg );
+ if ( lutil_atoi( &dbnum, optarg ) ) {
+ usage( tool, progname );
+ }
break;
case 'o':
diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c
index a801e54a7c..abce34456c 100644
--- a/servers/slapd/syncrepl.c
+++ b/servers/slapd/syncrepl.c
@@ -188,7 +188,7 @@ init_syncrepl(syncinfo_t *si)
}
if ( attrs == NULL ) {
- Debug( LDAP_DEBUG_ANY, "out of memory\n", 0,0,0 );
+ Debug( LDAP_DEBUG_ANY, "out of memory\n", 0, 0, 0 );
}
/* Add Attributes */
@@ -500,7 +500,7 @@ do_syncrep1(
#else /* HAVE_CYRUS_SASL */
/* Should never get here, we trapped this at config time */
assert(0);
- fprintf( stderr, "not compiled with SASL support\n" );
+ Debug( LDAP_DEBUG_SYNC, "not compiled with SASL support\n", 0, 0, 0 );
rc = LDAP_OTHER;
goto done;
#endif
@@ -756,7 +756,7 @@ do_syncrep2(
si->si_logstate = SYNCLOG_FALLBACK;
}
rc = err;
- break;
+ goto done;
}
if ( rctrls ) {
rctrlp = *rctrls;
@@ -2683,10 +2683,8 @@ static struct {
{ BER_BVC("base"), LDAP_SCOPE_BASE },
{ BER_BVC("one"), LDAP_SCOPE_ONELEVEL },
{ BER_BVC("onelevel"), LDAP_SCOPE_ONELEVEL }, /* OpenLDAP extension */
-#ifdef LDAP_SCOPE_SUBORDINATE
{ BER_BVC("children"), LDAP_SCOPE_SUBORDINATE },
{ BER_BVC("subordinate"), LDAP_SCOPE_SUBORDINATE },
-#endif
{ BER_BVC("sub"), LDAP_SCOPE_SUBTREE },
{ BER_BVC("subtree"), LDAP_SCOPE_SUBTREE }, /* OpenLDAP extension */
{ BER_BVNULL, 0 }
@@ -2701,40 +2699,46 @@ static slap_verbmasks datamodes[] = {
static int
parse_syncrepl_line(
- char **cargv,
- int cargc,
- syncinfo_t *si
-)
+ ConfigArgs *c,
+ syncinfo_t *si )
{
int gots = 0;
int i;
char *val;
- for ( i = 1; i < cargc; i++ ) {
- if ( !strncasecmp( cargv[ i ], IDSTR "=",
+ for ( i = 1; i < c->argc; i++ ) {
+ if ( !strncasecmp( c->argv[ i ], IDSTR "=",
STRLENOF( IDSTR "=" ) ) )
{
int tmp;
/* '\0' string terminator accounts for '=' */
- val = cargv[ i ] + STRLENOF( IDSTR "=" );
- tmp= atoi( val );
+ val = c->argv[ i ] + STRLENOF( IDSTR "=" );
+ if ( lutil_atoi( &tmp, val ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "unable to parse syncrepl id \"%s\"", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return -1;
+ }
if ( tmp >= 1000 || tmp < 0 ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "syncrepl id %d is out of range [0..999]\n", tmp );
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "syncrepl id %d is out of range [0..999]", tmp );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
si->si_rid = tmp;
gots |= GOT_ID;
- } else if ( !strncasecmp( cargv[ i ], PROVIDERSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], PROVIDERSTR "=",
STRLENOF( PROVIDERSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( PROVIDERSTR "=" );
+ val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" );
ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri );
gots |= GOT_PROVIDER;
- } else if ( !strncasecmp( cargv[ i ], SCHEMASTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=",
STRLENOF( SCHEMASTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( SCHEMASTR "=" );
+ val = c->argv[ i ] + STRLENOF( SCHEMASTR "=" );
if ( !strncasecmp( val, "on", STRLENOF( "on" ) )) {
si->si_schemachecking = 1;
} else if ( !strncasecmp( val, "off", STRLENOF( "off" ) ) ) {
@@ -2742,59 +2746,63 @@ parse_syncrepl_line(
} else {
si->si_schemachecking = 1;
}
- } else if ( !strncasecmp( cargv[ i ], FILTERSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], FILTERSTR "=",
STRLENOF( FILTERSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( FILTERSTR "=" );
+ val = c->argv[ i ] + STRLENOF( FILTERSTR "=" );
if ( si->si_filterstr.bv_val )
ch_free( si->si_filterstr.bv_val );
ber_str2bv( val, 0, 1, &si->si_filterstr );
- } else if ( !strncasecmp( cargv[ i ], LOGFILTERSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], LOGFILTERSTR "=",
STRLENOF( LOGFILTERSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( LOGFILTERSTR "=" );
+ val = c->argv[ i ] + STRLENOF( LOGFILTERSTR "=" );
if ( si->si_logfilterstr.bv_val )
ch_free( si->si_logfilterstr.bv_val );
ber_str2bv( val, 0, 1, &si->si_logfilterstr );
- } else if ( !strncasecmp( cargv[ i ], SEARCHBASESTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], SEARCHBASESTR "=",
STRLENOF( SEARCHBASESTR "=" ) ) )
{
struct berval bv;
int rc;
- val = cargv[ i ] + STRLENOF( SEARCHBASESTR "=" );
+ val = c->argv[ i ] + STRLENOF( SEARCHBASESTR "=" );
if ( si->si_base.bv_val ) {
ch_free( si->si_base.bv_val );
}
ber_str2bv( val, 0, 0, &bv );
rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_base, NULL );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "Invalid base DN \"%s\": %d (%s)\n",
+ snprintf( c->msg, sizeof( c->msg ),
+ "Invalid base DN \"%s\": %d (%s)",
val, rc, ldap_err2string( rc ) );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- } else if ( !strncasecmp( cargv[ i ], LOGBASESTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], LOGBASESTR "=",
STRLENOF( LOGBASESTR "=" ) ) )
{
struct berval bv;
int rc;
- val = cargv[ i ] + STRLENOF( LOGBASESTR "=" );
+ val = c->argv[ i ] + STRLENOF( LOGBASESTR "=" );
if ( si->si_logbase.bv_val ) {
ch_free( si->si_logbase.bv_val );
}
ber_str2bv( val, 0, 0, &bv );
rc = dnNormalize( 0, NULL, NULL, &bv, &si->si_logbase, NULL );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "Invalid logbase DN \"%s\": %d (%s)\n",
+ snprintf( c->msg, sizeof( c->msg ),
+ "Invalid logbase DN \"%s\": %d (%s)",
val, rc, ldap_err2string( rc ) );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- } else if ( !strncasecmp( cargv[ i ], SCOPESTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], SCOPESTR "=",
STRLENOF( SCOPESTR "=" ) ) )
{
int j;
- val = cargv[ i ] + STRLENOF( SCOPESTR "=" );
+ val = c->argv[ i ] + STRLENOF( SCOPESTR "=" );
for ( j=0; !BER_BVISNULL(&scopes[j].key); j++ ) {
if (!strcasecmp( val, scopes[j].key.bv_val )) {
si->si_scope = scopes[j].val;
@@ -2802,18 +2810,20 @@ parse_syncrepl_line(
}
}
if ( BER_BVISNULL(&scopes[j].key) ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown scope \"%s\"\n", val);
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "unknown scope \"%s\"", val);
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- } else if ( !strncasecmp( cargv[ i ], ATTRSONLYSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], ATTRSONLYSTR "=",
STRLENOF( ATTRSONLYSTR "=" ) ) )
{
si->si_attrsonly = 1;
- } else if ( !strncasecmp( cargv[ i ], ATTRSSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], ATTRSSTR "=",
STRLENOF( ATTRSSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( ATTRSSTR "=" );
+ val = c->argv[ i ] + STRLENOF( ATTRSSTR "=" );
if ( !strncasecmp( val, ":include:", STRLENOF(":include:") ) ) {
char *attr_fname;
attr_fname = ch_strdup( val + STRLENOF(":include:") );
@@ -2846,15 +2856,15 @@ parse_syncrepl_line(
return -1;
}
}
- } else if ( !strncasecmp( cargv[ i ], EXATTRSSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], EXATTRSSTR "=",
STRLENOF( EXATTRSSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( EXATTRSSTR "=" );
+ val = c->argv[ i ] + STRLENOF( EXATTRSSTR "=" );
if ( !strncasecmp( val, ":include:", STRLENOF(":include:") )) {
char *attr_fname;
attr_fname = ch_strdup( val + STRLENOF(":include:") );
si->si_exanlist = file2anlist(
- si->si_exanlist, attr_fname, " ,\t" );
+ si->si_exanlist, attr_fname, " ,\t" );
if ( si->si_exanlist == NULL ) {
ch_free( attr_fname );
return -1;
@@ -2866,85 +2876,98 @@ parse_syncrepl_line(
return -1;
}
}
- } else if ( !strncasecmp( cargv[ i ], TYPESTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], TYPESTR "=",
STRLENOF( TYPESTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( TYPESTR "=" );
+ val = c->argv[ i ] + STRLENOF( TYPESTR "=" );
if ( !strncasecmp( val, "refreshOnly",
- STRLENOF("refreshOnly") ))
+ STRLENOF("refreshOnly") ) )
{
si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_ONLY;
} else if ( !strncasecmp( val, "refreshAndPersist",
- STRLENOF("refreshAndPersist") ))
+ STRLENOF("refreshAndPersist") ) )
{
si->si_type = si->si_ctype = LDAP_SYNC_REFRESH_AND_PERSIST;
si->si_interval = 60;
} else {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown sync type \"%s\"\n", val);
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "unknown sync type \"%s\"", val);
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- } else if ( !strncasecmp( cargv[ i ], INTERVALSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], INTERVALSTR "=",
STRLENOF( INTERVALSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( INTERVALSTR "=" );
+ val = c->argv[ i ] + STRLENOF( INTERVALSTR "=" );
if ( si->si_type == LDAP_SYNC_REFRESH_AND_PERSIST ) {
si->si_interval = 0;
- } else {
- char *hstr;
- char *mstr;
- char *dstr;
- char *sstr;
- int dd, hh, mm, ss;
- dstr = val;
- hstr = strchr( dstr, ':' );
- if ( hstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
+ } else if ( strchr( val, ':' ) != NULL ) {
+ char *next, *ptr = val;
+ unsigned dd, hh, mm, ss;
+ dd = strtoul( ptr, &next, 10 );
+ if ( next == ptr || next[0] != ':' ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%s\", unable to parse days", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- *hstr++ = '\0';
- mstr = strchr( hstr, ':' );
- if ( mstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
+ ptr = next + 1;
+ hh = strtoul( ptr, &next, 10 );
+ if ( next == ptr || next[0] != ':' || hh > 24 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%s\", unable to parse hours", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- *mstr++ = '\0';
- sstr = strchr( mstr, ':' );
- if ( sstr == NULL ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
+ ptr = next + 1;
+ mm = strtoul( ptr, &next, 10 );
+ if ( next == ptr || next[0] != ':' || mm > 60 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%s\", unable to parse minutes", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- *sstr++ = '\0';
-
- dd = atoi( dstr );
- hh = atoi( hstr );
- mm = atoi( mstr );
- ss = atoi( sstr );
- if (( hh > 24 ) || ( hh < 0 ) ||
- ( mm > 60 ) || ( mm < 0 ) ||
- ( ss > 60 ) || ( ss < 0 ) || ( dd < 0 )) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%s\"\n", val );
+ ptr = next + 1;
+ ss = strtoul( ptr, &next, 10 );
+ if ( next == ptr || next[0] != '\0' || ss > 60 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%s\", unable to parse seconds", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
si->si_interval = (( dd * 24 + hh ) * 60 + mm ) * 60 + ss;
+ } else {
+ unsigned long t;
+
+ if ( lutil_parse_time( val, &t ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%s\"", val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return -1;
+ }
+ si->si_interval = (time_t)t;
}
if ( si->si_interval < 0 ) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "invalid interval \"%ld\"\n",
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "invalid interval \"%ld\"",
(long) si->si_interval);
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
- } else if ( !strncasecmp( cargv[ i ], RETRYSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], RETRYSTR "=",
STRLENOF( RETRYSTR "=" ) ) )
{
char **retry_list;
int j, k, n;
- val = cargv[ i ] + STRLENOF( RETRYSTR "=" );
+ val = c->argv[ i ] + STRLENOF( RETRYSTR "=" );
retry_list = (char **) ch_calloc( 1, sizeof( char * ));
retry_list[0] = NULL;
@@ -2953,27 +2976,51 @@ parse_syncrepl_line(
for ( k = 0; retry_list && retry_list[k]; k++ ) ;
n = k / 2;
if ( k % 2 ) {
- fprintf( stderr,
- "Error: incomplete syncrepl retry list\n" );
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: incomplete syncrepl retry list" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
for ( k = 0; retry_list && retry_list[k]; k++ ) {
ch_free( retry_list[k] );
}
ch_free( retry_list );
- exit( EXIT_FAILURE );
+ return 1;
}
si->si_retryinterval = (time_t *) ch_calloc( n + 1, sizeof( time_t ));
si->si_retrynum = (int *) ch_calloc( n + 1, sizeof( int ));
si->si_retrynum_init = (int *) ch_calloc( n + 1, sizeof( int ));
for ( j = 0; j < n; j++ ) {
- si->si_retryinterval[j] = atoi( retry_list[j*2] );
+ unsigned long t;
+ if ( lutil_atoul( &t, retry_list[j*2] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: invalid retry interval \"%s\" (#%d)",
+ retry_list[j*2], j );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ /* do some cleanup */
+ return 1;
+ }
+ si->si_retryinterval[j] = (time_t)t;
if ( *retry_list[j*2+1] == '+' ) {
si->si_retrynum_init[j] = -1;
si->si_retrynum[j] = -1;
j++;
break;
} else {
- si->si_retrynum_init[j] = atoi( retry_list[j*2+1] );
- si->si_retrynum[j] = atoi( retry_list[j*2+1] );
+ if ( lutil_atoi( &si->si_retrynum_init[j], retry_list[j*2+1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: invalid initial retry number \"%s\" (#%d)",
+ retry_list[j*2+1], j );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ /* do some cleanup */
+ return 1;
+ }
+ if ( lutil_atoi( &si->si_retrynum[j], retry_list[j*2+1] ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: invalid retry number \"%s\" (#%d)",
+ retry_list[j*2+1], j );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ /* do some cleanup */
+ return 1;
+ }
}
}
si->si_retrynum_init[j] = -2;
@@ -2984,36 +3031,59 @@ parse_syncrepl_line(
ch_free( retry_list[k] );
}
ch_free( retry_list );
- } else if ( !strncasecmp( cargv[ i ], MANAGEDSAITSTR "=",
+ } else if ( !strncasecmp( c->argv[ i ], MANAGEDSAITSTR "=",
STRLENOF( MANAGEDSAITSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( MANAGEDSAITSTR "=" );
- si->si_manageDSAit = atoi( val );
- } else if ( !strncasecmp( cargv[ i ], SLIMITSTR "=",
+ val = c->argv[ i ] + STRLENOF( MANAGEDSAITSTR "=" );
+ if ( lutil_atoi( &si->si_manageDSAit, val ) != 0
+ || si->si_manageDSAit < 0 || si->si_manageDSAit > 1 )
+ {
+ snprintf( c->msg, sizeof( c->msg ),
+ "invalid manageDSAit value \"%s\".\n",
+ val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return 1;
+ }
+ } else if ( !strncasecmp( c->argv[ i ], SLIMITSTR "=",
STRLENOF( SLIMITSTR "=") ) )
{
- val = cargv[ i ] + STRLENOF( SLIMITSTR "=" );
- si->si_slimit = atoi( val );
- } else if ( !strncasecmp( cargv[ i ], TLIMITSTR "=",
+ val = c->argv[ i ] + STRLENOF( SLIMITSTR "=" );
+ if ( lutil_atoi( &si->si_slimit, val ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "invalid size limit value \"%s\".\n",
+ val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return 1;
+ }
+ } else if ( !strncasecmp( c->argv[ i ], TLIMITSTR "=",
STRLENOF( TLIMITSTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( TLIMITSTR "=" );
- si->si_tlimit = atoi( val );
- } else if ( !strncasecmp( cargv[ i ], SYNCDATASTR "=",
+ val = c->argv[ i ] + STRLENOF( TLIMITSTR "=" );
+ if ( lutil_atoi( &si->si_tlimit, val ) != 0 ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "invalid time limit value \"%s\".\n",
+ val );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
+ return 1;
+ }
+ } else if ( !strncasecmp( c->argv[ i ], SYNCDATASTR "=",
STRLENOF( SYNCDATASTR "=" ) ) )
{
- val = cargv[ i ] + STRLENOF( SYNCDATASTR "=" );
+ val = c->argv[ i ] + STRLENOF( SYNCDATASTR "=" );
si->si_syncdata = verb_to_mask( val, datamodes );
- } else if ( bindconf_parse( cargv[i], &si->si_bindconf )) {
- fprintf( stderr, "Error: parse_syncrepl_line: "
- "unknown keyword \"%s\"\n", cargv[ i ] );
+ } else if ( bindconf_parse( c->argv[i], &si->si_bindconf ) ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "Error: parse_syncrepl_line: "
+ "unknown keyword \"%s\"\n", c->argv[ i ] );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
}
if ( gots != GOT_ALL ) {
- fprintf( stderr,
+ snprintf( c->msg, sizeof( c->msg ),
"Error: Malformed \"syncrepl\" line in slapd config file" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->msg, 0 );
return -1;
}
@@ -3022,17 +3092,14 @@ parse_syncrepl_line(
static int
add_syncrepl(
- Backend *be,
- char **cargv,
- int cargc
-)
+ ConfigArgs *c )
{
syncinfo_t *si;
int rc = 0;
- if ( !( be->be_search && be->be_add && be->be_modify && be->be_delete )) {
- Debug( LDAP_DEBUG_ANY, "database %s does not support operations "
- "required for syncrepl\n", be->be_type, 0, 0 );
+ if ( !( c->be->be_search && c->be->be_add && c->be->be_modify && c->be->be_delete ) ) {
+ Debug( LDAP_DEBUG_ANY, "%s: database %s does not support operations "
+ "required for syncrepl\n", c->log, c->be->be_type, 0 );
return 1;
}
si = (syncinfo_t *) ch_calloc( 1, sizeof( syncinfo_t ) );
@@ -3070,13 +3137,13 @@ add_syncrepl(
LDAP_LIST_INIT( &si->si_nonpresentlist );
ldap_pvt_thread_mutex_init( &si->si_mutex );
- rc = parse_syncrepl_line( cargv, cargc, si );
+ rc = parse_syncrepl_line( c, si );
if ( rc == 0 ) {
- si->si_be = be;
+ si->si_be = c->be;
init_syncrepl( si );
si->si_re = ldap_pvt_runqueue_insert( &slapd_rq, si->si_interval,
- do_syncrepl, si, "do_syncrepl", be->be_suffix[0].bv_val );
+ do_syncrepl, si, "do_syncrepl", c->be->be_suffix[0].bv_val );
if ( !si->si_re )
rc = -1;
}
@@ -3090,9 +3157,9 @@ add_syncrepl(
BER_BVISNULL( &si->si_bindconf.sb_uri ) ?
"(null)" : si->si_bindconf.sb_uri.bv_val, 0, 0 );
if ( !si->si_schemachecking ) {
- SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
+ SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
}
- be->be_syncinfo = si;
+ c->be->be_syncinfo = si;
return 0;
}
}
@@ -3226,7 +3293,8 @@ syncrepl_unparse( syncinfo_t *si, struct berval *bv )
}
int
-syncrepl_config(ConfigArgs *c) {
+syncrepl_config( ConfigArgs *c )
+{
if (c->op == SLAP_CONFIG_EMIT) {
if ( c->be->be_syncinfo ) {
struct berval bv;
@@ -3241,24 +3309,23 @@ syncrepl_config(ConfigArgs *c) {
if ( c->be->be_syncinfo ) {
re = c->be->be_syncinfo->si_re;
if ( re ) {
- if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ))
+ if ( ldap_pvt_runqueue_isrunning( &slapd_rq, re ) )
ldap_pvt_runqueue_stoptask( &slapd_rq, re );
ldap_pvt_runqueue_remove( &slapd_rq, re );
}
syncinfo_free( c->be->be_syncinfo );
c->be->be_syncinfo = NULL;
}
- SLAP_DBFLAGS(c->be) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW);
+ SLAP_DBFLAGS( c->be ) &= ~(SLAP_DBFLAG_SHADOW|SLAP_DBFLAG_SYNC_SHADOW);
return 0;
}
- if(SLAP_SHADOW(c->be)) {
+ if ( SLAP_SHADOW( c->be ) ) {
Debug(LDAP_DEBUG_ANY, "%s: "
"syncrepl: database already shadowed.\n",
c->log, 0, 0);
return(1);
- } else if(add_syncrepl(c->be, c->argv, c->argc)) {
+ } else if ( add_syncrepl( c ) ) {
return(1);
}
- SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SYNC_SHADOW);
- return(0);
+ return config_sync_shadow( c );
}
diff --git a/servers/slapd/user.c b/servers/slapd/user.c
index 29aa25b429..7143802f31 100644
--- a/servers/slapd/user.c
+++ b/servers/slapd/user.c
@@ -34,6 +34,7 @@
#include <ac/unistd.h>
#include "slap.h"
+#include "lutil.h"
/*
* Set real and effective user id and group id, and group access list
@@ -49,9 +50,17 @@ slap_init_user( char *user, char *group )
if ( user ) {
struct passwd *pwd;
- if ( isdigit( (unsigned char) *user )) {
+ if ( isdigit( (unsigned char) *user ) ) {
+ unsigned u;
+
got_uid = 1;
- uid = atoi( user );
+ if ( lutil_atou( &u, user ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY, "Unble to parse user %s\n",
+ user, 0, 0 );
+
+ exit( EXIT_FAILURE );
+ }
+ uid = (uid_t)u;
#ifdef HAVE_GETPWUID
pwd = getpwuid( uid );
goto did_getpw;
@@ -86,7 +95,15 @@ slap_init_user( char *user, char *group )
if ( group ) {
struct group *grp;
if ( isdigit( (unsigned char) *group )) {
- gid = atoi( group );
+ unsigned g;
+
+ if ( lutil_atou( &g, group ) != 0 ) {
+ Debug( LDAP_DEBUG_ANY, "Unble to parse group %s\n",
+ group, 0, 0 );
+
+ exit( EXIT_FAILURE );
+ }
+ gid = (uid_t)g;
#ifdef HAVE_GETGRGID
grp = getgrgid( gid );
goto did_group;
diff --git a/servers/slapd/value.c b/servers/slapd/value.c
index cf2d73075e..2a544c050c 100644
--- a/servers/slapd/value.c
+++ b/servers/slapd/value.c
@@ -700,7 +700,7 @@ ordered_value_add(
k = -1;
if ( vals[i].bv_val[0] == '{' ) {
- k = strtol( vals[i].bv_val+1, &next, 0 );
+ k = strtol( vals[i].bv_val + 1, &next, 0 );
if ( next == vals[i].bv_val + 1 ||
next[ 0 ] != '}' ||
next - vals[i].bv_val > vals[i].bv_len )
diff --git a/tests/data/meta.out b/tests/data/meta.out
index 97b9ed4f06..4826865aa7 100644
--- a/tests/data/meta.out
+++ b/tests/data/meta.out
@@ -429,6 +429,27 @@ telephoneNumber: +1 313 555 5331
# refldap://localhost:9016/cn=Somewhere,ou=Meta,dc=example,dc=com??sub
+# searching base="ou=Meta,o=Example,c=US"...
+dn: cn=Dan Aykroyd,ou=Meta,o=Example,c=US
+objectClass: inetOrgPerson
+cn: Dan Aykroyd
+sn: Aykroyd
+userPassword:: ZWx3b29k
+description: Elwood Blues
+
+dn: cn=John Belushi,ou=Meta,o=Example,c=US
+objectClass: inetOrgPerson
+cn: John Belushi
+sn: Belushi
+userPassword:: amFjaw==
+description: Joliet Jack Blues
+
+dn: ou=Meta,o=Example,c=US
+objectClass: organizationalUnit
+ou: Meta
+
+# refldap://localhost:9016/cn=Somewhere,ou=Meta,dc=example,dc=com??sub
+
# searching base="o=Example,c=US"...
dn: cn=Added Group,ou=Groups,o=Example,c=US
objectClass: groupOfNames
diff --git a/tests/data/proxycache.out b/tests/data/proxycache.out
index c2e2337e85..b52e6e3c4d 100644
--- a/tests/data/proxycache.out
+++ b/tests/data/proxycache.out
@@ -1,3 +1,5 @@
+# Query 1: filter:(sn=Jon) attrs: all
+# Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1
cn: James Jones
@@ -8,7 +10,6 @@ title: Mad Cow Researcher, UM Alumni Association
dn: cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example
,dc=com
-objectClass: OpenLDAPperson
cn: James A Jones 2
cn: James Jones
cn: Jim Jones
@@ -17,13 +18,13 @@ uid: jjones
title: Senior Manager, Information Technology Division
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: John Doe
cn: Jonathon Doe
sn: Doe
uid: johnd
title: System Administrator, Information Technology Division
+# Query 3: filter:(sn=Smith*) attrs:cn sn title uid
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Jennifer Smith
cn: Jen Smith
@@ -31,6 +32,7 @@ sn: Smith
uid: jen
title: Telemarketer, UM Alumni Association
+# Query 4: filter:(sn=Doe*) attrs:cn sn title uid
dn: cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example
,dc=com
cn: James A Jones 2
@@ -41,7 +43,6 @@ uid: jjones
title: Senior Manager, Information Technology Division
dn: cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: Jane Doe
cn: Jane Alverson
sn: Doe
@@ -49,13 +50,13 @@ uid: jdoe
title: Programmer Analyst, UM Alumni Association
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: John Doe
cn: Jonathon Doe
sn: Doe
uid: johnd
title: System Administrator, Information Technology Division
+# Query 5: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com
cn: Bjorn Jensen
@@ -65,6 +66,7 @@ postalAddress: Info Tech Division $ 535 W. William St. $ Anytown, MI 48103
mail: bjorn@mailgw.example.com
telephoneNumber: +1 313 555 0355
+# Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid
dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Dorothy Stevens
cn: Dot Stevens
@@ -73,41 +75,34 @@ uid: dots
title: Secretary, UM Alumni Association
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: James A Jones 1
cn: James Jones
cn: Jim Jones
sn: Jones
uid: jaj
title: Mad Cow Researcher, UM Alumni Association
-mail: jaj@mail.alumni.example.com
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: Jennifer Smith
cn: Jen Smith
sn: Smith
uid: jen
title: Telemarketer, UM Alumni Association
-mail: jen@mail.alumni.example.com
dn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: Mark Elliot
cn: Mark A Elliot
sn: Elliot
uid: melliot
title: Director, UM Alumni Association
-mail: melliot@mail.alumni.example.com
dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com
-objectClass: OpenLDAPperson
cn: Ursula Hampster
sn: Hampster
uid: uham
title: Secretary, UM Alumni Association
-mail: uham@mail.alumni.example.com
+# Query 7: filter:(mail=*) cn sn title uid
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com
cn: Barbara Jensen
@@ -182,6 +177,7 @@ sn: Hampster
uid: uham
title: Secretary, UM Alumni Association
+# Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1
cn: James Jones
@@ -199,6 +195,7 @@ sn: Doe
uid: jjones
title: Senior Manager, Information Technology Division
+# Query 9: filter:(sn=Smith) attrs:cn sn title uid
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Jennifer Smith
cn: Jen Smith
@@ -206,6 +203,7 @@ sn: Smith
uid: jen
title: Telemarketer, UM Alumni Association
+# Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com
cn: Bjorn Jensen
@@ -215,6 +213,7 @@ postalAddress: Info Tech Division $ 535 W. William St. $ Anytown, MI 48103
mail: bjorn@mailgw.example.com
telephoneNumber: +1 313 555 0355
+# Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1
cn: James Jones
diff --git a/tests/data/slapd-chain1.conf b/tests/data/slapd-chain1.conf
index 8f3554718b..0ca328c311 100644
--- a/tests/data/slapd-chain1.conf
+++ b/tests/data/slapd-chain1.conf
@@ -33,9 +33,11 @@ argsfile @TESTDIR@/slapd.1.args
# uses the chain overlay as global;
# no chain-URI is configured, so the URI is parsed out of the referral
overlay chain
-chain-acl-bind bindmethod=simple
- binddn="cn=Manager,dc=example,dc=com"
- credentials=secret
+chain-uri @URI2@
+chain-idassert-bind bindmethod=simple
+ binddn="cn=Manager,dc=example,dc=com"
+ credentials=secret
+ mode=self
#######################################################################
# database definitions
diff --git a/tests/data/slapd-chain2.conf b/tests/data/slapd-chain2.conf
index acc434ba55..b7abea1da3 100644
--- a/tests/data/slapd-chain2.conf
+++ b/tests/data/slapd-chain2.conf
@@ -56,8 +56,9 @@ rootpw secret
# the chain-URI is configured, so only that URI is chained
overlay chain
chain-uri @URI1@
-chain-acl-bind bindmethod=simple
- binddn="cn=Manager,dc=example,dc=com"
- credentials=secret
+chain-idassert-bind bindmethod=simple
+ binddn="cn=Manager,dc=example,dc=com"
+ credentials=secret
+ mode=self
#monitor#database monitor
diff --git a/tests/data/slapd-unique.conf b/tests/data/slapd-unique.conf
index 8e069516e4..f2898b3ac9 100644
--- a/tests/data/slapd-unique.conf
+++ b/tests/data/slapd-unique.conf
@@ -48,6 +48,6 @@ rootpw secret
overlay unique
unique_ignore o cn sn ou objectClass
-unique_attributes employeeNumber
+unique_attributes employeeNumber displayName
#monitor#database monitor
diff --git a/tests/progs/slapd-addel.c b/tests/progs/slapd-addel.c
index 8acd88a810..07c0d175f0 100644
--- a/tests/progs/slapd-addel.c
+++ b/tests/progs/slapd-addel.c
@@ -32,6 +32,7 @@
#define LDAP_DEPRECATED 1
#include <ldap.h>
+#include <lutil.h>
#define LOOPS 100
#define RETRIES 0
@@ -93,7 +94,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'D': /* the servers manager */
@@ -109,15 +112,21 @@ main( int argc, char **argv )
break;
case 'l': /* the number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'r': /* number of retries */
- retries = atoi( optarg );
+ if ( lutil_atoi( &retries, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 't': /* delay in seconds */
- delay = atoi( optarg );
+ if ( lutil_atoi( &delay, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
default:
diff --git a/tests/progs/slapd-bind.c b/tests/progs/slapd-bind.c
index 25175590f8..be604834a2 100644
--- a/tests/progs/slapd-bind.c
+++ b/tests/progs/slapd-bind.c
@@ -90,7 +90,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'D':
@@ -102,7 +104,9 @@ main( int argc, char **argv )
break;
case 'l': /* the number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'f':
diff --git a/tests/progs/slapd-modify.c b/tests/progs/slapd-modify.c
index 727f1c741e..cfda8b67e3 100644
--- a/tests/progs/slapd-modify.c
+++ b/tests/progs/slapd-modify.c
@@ -28,6 +28,7 @@
#define LDAP_DEPRECATED 1
#include <ldap.h>
+#include <lutil.h>
#define LOOPS 100
#define RETRIES 0
@@ -87,7 +88,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'D': /* the servers manager */
@@ -107,15 +110,21 @@ main( int argc, char **argv )
break;
case 'l': /* the number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'r': /* number of retries */
- retries = atoi( optarg );
+ if ( lutil_atoi( &retries, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 't': /* delay in seconds */
- delay = atoi( optarg );
+ if ( lutil_atoi( &delay, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
default:
diff --git a/tests/progs/slapd-modrdn.c b/tests/progs/slapd-modrdn.c
index d6c5f9257f..908d189251 100644
--- a/tests/progs/slapd-modrdn.c
+++ b/tests/progs/slapd-modrdn.c
@@ -32,6 +32,7 @@
#define LDAP_DEPRECATED 1
#include <ldap.h>
+#include <lutil.h>
#define LOOPS 100
#define RETRIES 0
@@ -88,7 +89,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'D': /* the servers manager */
@@ -104,15 +107,21 @@ main( int argc, char **argv )
break;
case 'l': /* the number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'r': /* the number of retries */
- retries = atoi( optarg );
+ if ( lutil_atoi( &retries, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 't': /* delay in seconds */
- delay = atoi( optarg );
+ if ( lutil_atoi( &delay, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
default:
diff --git a/tests/progs/slapd-read.c b/tests/progs/slapd-read.c
index c5cb56ce33..b70ace580f 100644
--- a/tests/progs/slapd-read.c
+++ b/tests/progs/slapd-read.c
@@ -32,6 +32,7 @@
#define LDAP_DEPRECATED 1
#include <ldap.h>
+#include <lutil.h>
#define LOOPS 100
#define RETRIES 0
@@ -77,7 +78,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'e': /* DN to search for */
@@ -85,15 +88,21 @@ main( int argc, char **argv )
break;
case 'l': /* the number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'r': /* the number of retries */
- retries = atoi( optarg );
+ if ( lutil_atoi( &retries, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 't': /* delay in seconds */
- delay = atoi( optarg );
+ if ( lutil_atoi( &delay, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
default:
diff --git a/tests/progs/slapd-search.c b/tests/progs/slapd-search.c
index 9d9afe1e4f..0f3c1e63a0 100644
--- a/tests/progs/slapd-search.c
+++ b/tests/progs/slapd-search.c
@@ -32,6 +32,7 @@
#define LDAP_DEPRECATED 1
#include <ldap.h>
+#include <lutil.h>
#define LOOPS 100
#define RETRIES 0
@@ -83,7 +84,9 @@ main( int argc, char **argv )
break;
case 'p': /* the servers port */
- port = atoi( optarg );
+ if ( lutil_atoi( &port, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'D': /* the servers manager */
@@ -103,15 +106,21 @@ main( int argc, char **argv )
break;
case 'l': /* number of loops */
- loops = atoi( optarg );
+ if ( lutil_atoi( &loops, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'r': /* number of retries */
- retries = atoi( optarg );
+ if ( lutil_atoi( &retries, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 't': /* delay in seconds */
- delay = atoi( optarg );
+ if ( lutil_atoi( &delay, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
default:
diff --git a/tests/progs/slapd-tester.c b/tests/progs/slapd-tester.c
index e49947198b..8cf65ef9e7 100644
--- a/tests/progs/slapd-tester.c
+++ b/tests/progs/slapd-tester.c
@@ -33,6 +33,7 @@
#include "ldap_defaults.h"
+#include "lutil.h"
#define SEARCHCMD "slapd-search"
@@ -159,7 +160,9 @@ main( int argc, char **argv )
break;
case 'j': /* the number of parallel clients */
- maxkids = atoi( optarg );
+ if ( lutil_atoi( &maxkids, optarg ) != 0 ) {
+ usage( argv[0] );
+ }
break;
case 'l': /* the number of loops per client */
diff --git a/tests/run.in b/tests/run.in
index f044bce5a2..1becdae104 100644
--- a/tests/run.in
+++ b/tests/run.in
@@ -35,6 +35,7 @@ AC_sql=sql@BUILD_SQL@
# overlays
AC_accesslog=accesslog@BUILD_ACCESSLOG@
+AC_dynlist=dynlist@BUILD_DYNLIST@
AC_pcache=pcache@BUILD_PROXYCACHE@
AC_ppolicy=ppolicy@BUILD_PPOLICY@
AC_refint=refint@BUILD_REFINT@
@@ -52,9 +53,9 @@ AC_WITH_MODULES_ENABLED=@WITH_MODULES_ENABLED@
AC_ACI_ENABLED=aci@WITH_ACI_ENABLED@
export AC_bdb AC_hdb AC_ldap AC_ldbm AC_meta AC_monitor AC_relay AC_sql
-export AC_pcache AC_ppolicy AC_refint AC_retcode AC_rwm AC_unique AC_syncprov
-export AC_translucent AC_WITH_SASL AC_WITH_TLS AC_WITH_MODULES_ENABLED AC_ACI_ENABLED
-export AC_valsort AC_accesslog
+export AC_accesslog AC_dynlist AC_pcache AC_ppolicy AC_refint AC_retcode
+export AC_rwm AC_unique AC_syncprov AC_translucent AC_valsort
+export AC_WITH_SASL AC_WITH_TLS AC_WITH_MODULES_ENABLED AC_ACI_ENABLED
if test ! -x ../servers/slapd/slapd ; then
echo "Could not locate slapd(8)"
diff --git a/tests/scripts/conf.sh b/tests/scripts/conf.sh
index 2491091f4d..4b2a675951 100755
--- a/tests/scripts/conf.sh
+++ b/tests/scripts/conf.sh
@@ -42,6 +42,7 @@ sed -e "s/@BACKEND@/${BACKEND}/" \
-e "s/^#${AC_sql}#//" \
-e "s/^#${RDBMS}#//" \
-e "s/^#${AC_accesslog}#//" \
+ -e "s/^#${AC_dynlist}#//" \
-e "s/^#${AC_pcache}#//" \
-e "s/^#${AC_ppolicy}#//" \
-e "s/^#${AC_refint}#//" \
diff --git a/tests/scripts/test004-modify b/tests/scripts/test004-modify
index 649fde2c5a..de2952569c 100755
--- a/tests/scripts/test004-modify
+++ b/tests/scripts/test004-modify
@@ -165,6 +165,10 @@ uidNumber: 1
increment: gidNumber
gidNumber: -1
+dn: dc=example,dc=com
+changetype: modify
+# EMPTY SEQUENCE OF CHANGE
+
EOMODS
RC=$?
@@ -174,6 +178,31 @@ if test $RC != 0 ; then
exit $RC
fi
+echo "Using ldapmodify to add an empty entry (should fail with protocolError)..."
+$LDAPMODIFY -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
+ >> $TESTOUT 2>&1 << EOMODS
+dn: cn=Foo Bar,dc=example,dc=com
+changetype: add
+# EMPTY SEQUENCE OF ATTRS
+EOMODS
+
+RC=$?
+case $RC in
+2)
+ echo " ldapmodify failed ($RC)"
+ ;;
+0)
+ echo " ldapmodify should have failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit -1
+ ;;
+*)
+ echo " ldapmodify failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+ ;;
+esac
+
echo "Using ldapsearch to retrieve all the entries..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
'objectClass=*' > $SEARCHOUT 2>&1
diff --git a/tests/scripts/test020-proxycache b/tests/scripts/test020-proxycache
index 0fc9f8b719..c6ec3db525 100755
--- a/tests/scripts/test020-proxycache
+++ b/tests/scripts/test020-proxycache
@@ -13,7 +13,7 @@
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
-CACHETTL=60
+CACHETTL="1m"
CACHE_ENTRY_LIMIT=10
. $SRCDIR/scripts/defines.sh
@@ -114,10 +114,13 @@ if test $RC != 0 ; then
exit $RC
fi
+cat /dev/null > $SLAVEOUT
+
echo "Making queries on the proxy cache..."
echo "Query 1: filter:(sn=Jon) attrs: all"
+echo "# Query 1: filter:(sn=Jon) attrs: all" >> $SLAVEOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
- 'sn=Jon' > $SLAVEOUT 2>&1
+ 'sn=Jon' >> $SLAVEOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
@@ -126,6 +129,7 @@ if test $RC != 0 ; then
fi
echo "Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid"
+echo "# Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'(|(cn=*Jon*)(sn=Jon*))' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -136,6 +140,7 @@ if test $RC != 0 ; then
fi
echo "Query 3: filter:(sn=Smith*) attrs:cn sn title uid"
+echo "# Query 3: filter:(sn=Smith*) attrs:cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Smith*' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -146,6 +151,7 @@ if test $RC != 0 ; then
fi
echo "Query 4: filter:(sn=Doe*) attrs:cn sn title uid"
+echo "# Query 4: filter:(sn=Doe*) attrs:cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Doe' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -156,6 +162,7 @@ if test $RC != 0 ; then
fi
echo "Query 5: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid"
+echo "# Query 5: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'uid=bjorn' mail postaladdress telephonenumber cn uid >> $SLAVEOUT 2>&1
RC=$?
@@ -166,6 +173,7 @@ if test $RC != 0 ; then
fi
echo "Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid"
+echo "# Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=*@mail.alumni.example.com' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -176,6 +184,7 @@ if test $RC != 0 ; then
fi
echo "Query 7: filter:(mail=*) cn sn title uid"
+echo "# Query 7: filter:(mail=*) cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=*' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -209,6 +218,7 @@ else
fi
echo "Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid"
+echo "# Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'(|(cn=*Jones)(sn=Jones))' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -219,6 +229,7 @@ if test $RC != 0 ; then
fi
echo "Query 9: filter:(sn=Smith) attrs:cn sn title uid"
+echo "# Query 9: filter:(sn=Smith) attrs:cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Smith' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -229,6 +240,7 @@ if test $RC != 0 ; then
fi
echo "Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid"
+echo "# Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'uid=bjorn' mail postaladdress telephonenumber cn uid >> $SLAVEOUT 2>&1
RC=$?
@@ -239,6 +251,7 @@ if test $RC != 0 ; then
fi
echo "Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid"
+echo "# Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=jaj@mail.alumni.example.com' cn sn title uid >> $SLAVEOUT 2>&1
RC=$?
@@ -279,8 +292,10 @@ fi
echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SLAVEOUT > $SEARCHFLT
+echo "Filtering original ldif..."
+. $LDIFFILTER < $PROXYCACHEOUT > $LDIFFLT
echo "Comparing filter output..."
-$CMP $SEARCHFLT $PROXYCACHEOUT > $CMPOUT
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "Comparison failed"
diff --git a/tests/scripts/test024-unique b/tests/scripts/test024-unique
index d14d6222bb..72ff91a94c 100755
--- a/tests/scripts/test024-unique
+++ b/tests/scripts/test024-unique
@@ -75,7 +75,9 @@ cn: dave
businessCategory: otest
carLicense: TEST
departmentNumber: 42
-displayName: Dave
+# NOTE: use special chars in attr value to be used
+# in internal searches ITS#4212
+displayName: Dave (ITS#4212)
employeeNumber: 69
employeeType: contractor
givenName: Dave
diff --git a/tests/scripts/test035-meta b/tests/scripts/test035-meta
index 6a2c2d2b2a..f66d5cc984 100755
--- a/tests/scripts/test035-meta
+++ b/tests/scripts/test035-meta
@@ -161,6 +161,33 @@ case $RC in
;;
esac
+# ITS#4195: spurious matchedDN when the search scopes the main target,
+# and the searchBase is not present, so that target returns noSuchObject
+BASEDN="ou=Meta,o=Example,c=US"
+echo "Searching base=\"$BASEDN\"..."
+echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" >> $SEARCHOUT 2>&1
+RC=$?
+#if test $RC != 0 ; then
+# echo "Search failed ($RC)!"
+# test $KILLSERVERS != no && kill -HUP $KILLPIDS
+# exit $RC
+#fi
+case $RC in
+ 0)
+ ;;
+ 51)
+ echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit 0
+ ;;
+ *)
+ echo "Search failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+ ;;
+esac
+
#
# Do some modifications
#
diff --git a/tests/scripts/test043-delta-syncrepl b/tests/scripts/test043-delta-syncrepl
index edff472b21..ab71809d88 100755
--- a/tests/scripts/test043-delta-syncrepl
+++ b/tests/scripts/test043-delta-syncrepl
@@ -73,19 +73,6 @@ if test $RC != 0 ; then
fi
echo "Using ldapadd to create the context prefix entries in the master..."
-$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD <<EOF \
- > /dev/null 2>&1
-dn: cn=log
-objectclass: applicationProcess
-cn: log
-
-EOF
-RC=$?
-if test $RC != 0 ; then
- echo "ldapadd failed ($RC)!"
- test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
-fi
$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
$LDIFORDEREDCP > /dev/null 2>&1
RC=$?
--
GitLab