Commit 09d05a57 authored by Howard Chu's avatar Howard Chu
Browse files

More overlay tweaks. Added LDAP chaining overlay.

parent 2a29233c
......@@ -4,10 +4,10 @@
SRCS = init.c config.c search.c bind.c unbind.c add.c compare.c \
delete.c modify.c modrdn.c \
suffixmassage.c map.c extended.c
suffixmassage.c map.c extended.c chain.c
OBJS = init.lo config.lo search.lo bind.lo unbind.lo add.lo compare.lo \
delete.lo modify.lo modrdn.lo \
suffixmassage.lo map.lo extended.lo
suffixmassage.lo map.lo extended.lo chain.lo
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
......
......@@ -194,6 +194,8 @@ extern int suffix_massage_config( struct rewrite_info *info,
extern int ldap_dnattr_rewrite( dncookie *dc, BerVarray a_vals );
extern int ldap_dnattr_result_rewrite( dncookie *dc, BerVarray a_vals );
extern int ldap_chain_setup();
LDAP_END_DECL
#endif /* SLAPD_LDAP_H */
/* chain.c - chain LDAP operations */
/* $OpenLDAP$ */
/*
* Copyright 2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
/*
* Copyright 2003, Howard Chu, All rights reserved. <hyc@highlandsun.com>
*
* Permission is granted to anyone to use this software for any purpose
* on any computer system, and to alter it and redistribute it, subject
* to the following restrictions:
*
* 1. The author is not responsible for the consequences of use of this
* software, no matter how awful, even if they arise from flaws in it.
*
* 2. The origin of this software must not be misrepresented, either by
* explicit claim or by omission. Since few users ever read sources,
* credits should appear in the documentation.
*
* 3. Altered versions must be plainly marked as such, and must not be
* misrepresented as being the original software. Since few users
* ever read sources, credits should appear in the documentation.
*
* 4. This notice may not be removed or altered.
*/
#include "portable.h"
#include <stdio.h>
#include <ac/string.h>
#include <ac/socket.h>
#include "slap.h"
#include "back-ldap.h"
static int
ldap_chain_response( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
void *private = op->o_bd->be_private;
LDAPControl **prev = op->o_ctrls;
LDAPControl **ctrls, authz;
int i, nctrls, rc;
int cache = op->o_do_not_cache;
if ( rs->sr_err != LDAP_REFERRAL )
return SLAP_CB_CONTINUE;
op->o_bd->be_private = on->on_bi.bi_private;
for (i=0; prev && prev[i]; i++);
nctrls = i;
ctrls = op->o_tmpalloc((i+1)*sizeof(LDAPControl *), op->o_tmpmemctx);
for (i=0; i <nctrls; i++)
ctrls[i] = prev[i];
ctrls[nctrls] = &authz;
ctrls[nctrls+1] = NULL;
authz.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
authz.ldctl_iscritical = 1;
authz.ldctl_value = op->o_dn;
/* Chaining is performed by a privileged user on behalf
* of a normal user
*/
op->o_do_not_cache = 1;
op->o_ctrls = ctrls;
switch( op->o_tag ) {
case LDAP_REQ_BIND:
rc = ldap_back_bind( op, rs );
break;
case LDAP_REQ_ADD:
rc = ldap_back_add( op, rs );
break;
case LDAP_REQ_DELETE:
rc = ldap_back_delete( op, rs );
break;
case LDAP_REQ_MODRDN:
rc = ldap_back_modrdn( op, rs );
break;
case LDAP_REQ_MODIFY:
rc = ldap_back_modify( op, rs );
break;
case LDAP_REQ_COMPARE:
rc = ldap_back_compare( op, rs );
break;
case LDAP_REQ_SEARCH:
rc = ldap_back_search( op, rs );
break;
case LDAP_REQ_EXTENDED:
rc = ldap_back_extended( op, rs );
break;
default:
rc = SLAP_CB_CONTINUE;
break;
}
op->o_do_not_cache = cache;
op->o_ctrls = prev;
op->o_bd->be_private = private;
op->o_tmpfree( ctrls, op->o_tmpmemctx );
return rc;
}
static int ldap_chain_config(
BackendDB *be,
const char *fname,
int lineno,
int argc,
char **argv
)
{
slap_overinst *on = (slap_overinst *) be->bd_info;
void *private = be->be_private;
int rc;
be->be_private = on->on_bi.bi_private;
rc = ldap_back_db_config( be, fname, lineno, argc, argv );
be->be_private = private;
return rc;
}
static int ldap_chain_init(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *) be->bd_info;
void *private = be->be_private;
int rc;
be->be_private = NULL;
rc = ldap_back_db_init( be );
on->on_bi.bi_private = be->be_private;
be->be_private = private;
return rc;
}
static int ldap_chain_destroy(
BackendDB *be
)
{
slap_overinst *on = (slap_overinst *) be->bd_info;
void *private = be->be_private;
int rc;
be->be_private = on->on_bi.bi_private;
rc = ldap_back_db_destroy( be );
on->on_bi.bi_private = be->be_private;
be->be_private = private;
return rc;
}
static slap_overinst ldapchain;
int ldap_chain_setup()
{
ldapchain.on_bi.bi_type = "chain";
ldapchain.on_bi.bi_db_init = ldap_chain_init;
ldapchain.on_bi.bi_db_config = ldap_chain_config;
ldapchain.on_bi.bi_db_destroy = ldap_chain_destroy;
ldapchain.on_response = ldap_chain_response;
return overlay_register( &ldapchain );
}
......@@ -96,6 +96,8 @@ ldap_back_initialize(
bi->bi_connection_init = 0;
bi->bi_connection_destroy = ldap_back_conn_destroy;
ldap_chain_setup();
return 0;
}
......
......@@ -127,7 +127,7 @@ over_back_response ( Operation *op, SlapReply *rs )
{
slap_overinfo *oi = (slap_overinfo *) op->o_bd->bd_info;
slap_overinst *on = oi->oi_list;
int rc = 0;
int rc = SLAP_CB_CONTINUE;
BackendDB *be = op->o_bd, db = *op->o_bd;
slap_callback *sc = op->o_callback->sc_private;
......@@ -136,14 +136,15 @@ over_back_response ( Operation *op, SlapReply *rs )
if ( on->on_response ) {
db.bd_info = (BackendInfo *)on;
rc = on->on_response( op, rs );
if ( rc ) break;
if ( ! (rc & SLAP_CB_CONTINUE) ) break;
}
}
op->o_callback = sc;
if ( rc == 0 && sc ) {
if ( sc && (rc & SLAP_CB_CONTINUE) ) {
rc = sc->sc_response( op, rs );
}
op->o_bd = be;
rc &= ~SLAP_CB_CONTINUE;
return rc;
}
......@@ -282,6 +283,9 @@ overlay_config( BackendDB *be, const char *ov )
return 1;
}
/* If this is the first overlay on this backend, set up the
* overlay info structure
*/
if ( be->bd_info->bi_type != overtype ) {
oi = ch_malloc( sizeof(slap_overinfo) );
oi->oi_bd = *be;
......@@ -311,6 +315,9 @@ overlay_config( BackendDB *be, const char *ov )
be->bd_info = bi;
}
/* Walk to the end of the list of overlays, add the new
* one onto the end
*/
oi = (slap_overinfo *) be->bd_info;
for ( prev=NULL, on2 = oi->oi_list; on2; prev=on2, on2=on2->on_next );
on2 = ch_malloc( sizeof(slap_overinst) );
......@@ -321,6 +328,13 @@ overlay_config( BackendDB *be, const char *ov )
}
*on2 = *on;
/* Any initialization needed? */
if ( on->on_bi.bi_db_init ) {
be->bd_info = (BackendInfo *)on2;
on2->on_bi.bi_db_init( be );
be->bd_info = (BackendInfo *)oi;
}
return 0;
}
......@@ -1768,7 +1768,6 @@ struct slap_overinfo;
typedef struct slap_overinst {
BackendInfo on_bi;
slap_response *on_response;
void *on_private;
struct slap_overinfo *on_info;
struct slap_overinst *on_next;
} slap_overinst;
......@@ -1779,6 +1778,9 @@ typedef struct slap_overinfo {
slap_overinst *oi_list;
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */
#define SLAP_CB_CONTINUE 0x8000
/*
* Paged Results state
*/
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment