Commit c1b415ce authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Sync with HEAD

parent da94927a
......@@ -775,7 +775,8 @@ and the {{TERM:HDB}} database.
They are used in an olcDatabase entry in addition to the generic
database directives defined above. For a complete reference
of BDB/HDB configuration directives, see {{slapd-bdb}}(5). BDB and
HDB database entries must have the {{EX:olcBdbConfig}} objectClass.
HDB database entries must have the {{EX:olcBdbConfig}} objectClass in
addition to the {{EX:olcDatabaseConfig}} class.
H4: olcDbDirectory: <directory>
......@@ -1447,38 +1448,39 @@ protected from unauthorized access.
E: 21. # BDB definition for example.com
E: 22. dn: olcDatabase=bdb,cn=config
E: 23. objectClass: olcDatabaseConfig
E: 24. olcDatabase: bdb
E: 25. olcSuffix: "dc=example,dc=com"
E: 26. olcDbDirectory: /usr/local/var/openldap-data
E: 27. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 28. olcRootPW: secret
E: 29. olcDbIndex: uid pres,eq
E: 30. olcDbIndex: cn,sn,uid pres,eq,approx,sub
E: 31. olcDbIndex: objectClass eq
E: 32. olcAccess: to attr=userPassword
E: 33. by self write
E: 34. by anonymous auth
E: 35. by dn.base="cn=Admin,dc=example,dc=com" write
E: 36. by * none
E: 37. olcAccess: to *
E: 38. by self write
E: 39. by dn.base="cn=Admin,dc=example,dc=com" write
E: 40. by * read
E: 41.
Line 21 is a comment. Lines 22-24 identify this entry as a BDB database
configuration entry. Line 25 specifies the DN suffix
for queries to pass to this database. Line 26 specifies the directory
E: 24. objectClass: olcBdbConfig
E: 25. olcDatabase: bdb
E: 26. olcSuffix: "dc=example,dc=com"
E: 27. olcDbDirectory: /usr/local/var/openldap-data
E: 28. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 29. olcRootPW: secret
E: 30. olcDbIndex: uid pres,eq
E: 31. olcDbIndex: cn,sn,uid pres,eq,approx,sub
E: 32. olcDbIndex: objectClass eq
E: 33. olcAccess: to attr=userPassword
E: 34. by self write
E: 35. by anonymous auth
E: 36. by dn.base="cn=Admin,dc=example,dc=com" write
E: 37. by * none
E: 38. olcAccess: to *
E: 39. by self write
E: 40. by dn.base="cn=Admin,dc=example,dc=com" write
E: 41. by * read
E: 42.
Line 21 is a comment. Lines 22-25 identify this entry as a BDB database
configuration entry. Line 26 specifies the DN suffix
for queries to pass to this database. Line 27 specifies the directory
in which the database files will live.
Lines 27 and 28 identify the database {{super-user}} entry and associated
Lines 28 and 29 identify the database {{super-user}} entry and associated
password. This entry is not subject to access control or size or
time limit restrictions.
Lines 29 through 31 indicate the indices to maintain for various
Lines 30 through 32 indicate the indices to maintain for various
attributes.
Lines 32 through 40 specify access control for entries in this
Lines 33 through 41 specify access control for entries in this
database. As this is the first database, the controls also apply
to entries not held in any database (such as the Root DSE). For
all applicable entries, the {{EX:userPassword}} attribute is writable
......@@ -1487,20 +1489,21 @@ authentication/authorization purposes, but is otherwise not readable.
All other attributes are writable by the entry and the "admin"
entry, but may be read by all users (authenticated or not).
Line 41 is a blank line, indicating the end of this entry.
Line 42 is a blank line, indicating the end of this entry.
The next section of the example configuration file defines another
BDB database. This one handles queries involving the
{{EX:dc=example,dc=net}} subtree but is managed by the same entity
as the first database. Note that without line 50, the read access
as the first database. Note that without line 51, the read access
would be allowed due to the global access rule at line 19.
E: 42. # BDB definition for example.net
E: 43. dn: olcDatabase=bdb,cn=config
E: 44. objectClass: olcDatabaseConfig
E: 45. olcDatabase: bdb
E: 46. olcSuffix: "dc=example,dc=net"
E: 47. olcDbDirectory: /usr/local/var/openldap-data-net
E: 48. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 49. olcDbIndex: objectClass eq
E: 50. olcAccess: to * by users read
E: 45. objectClass: olcBdbConfig
E: 46. olcDatabase: bdb
E: 47. olcSuffix: "dc=example,dc=net"
E: 48. olcDbDirectory: /usr/local/var/openldap-data-net
E: 49. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 50. olcDbIndex: objectClass eq
E: 51. olcAccess: to * by users read
......@@ -595,7 +595,7 @@ hdb_dn2id_delete(
/* Delete our ID from the parent's list */
rc = cursor->c_get( cursor, &key, &data, DB_GET_BOTH_RANGE );
if ( rc == 0 ) {
if ( dlen[1] == d->nrdnlen[1] && dlen[0] != d->nrdnlen[0] &&
if ( dlen[1] == d->nrdnlen[1] && dlen[0] == d->nrdnlen[0] &&
!strcmp( d->nrdn, BEI(e)->bei_nrdn.bv_val ))
rc = cursor->c_del( cursor, 0 );
else
......
......@@ -392,49 +392,54 @@ int backend_shutdown( Backend *be )
return 0;
}
void backend_destroy_one( BackendDB *bd )
{
LDAP_STAILQ_REMOVE(&backendDB, bd, slap_backend_db, be_next );
if ( bd->be_syncinfo ) {
syncinfo_free( bd->be_syncinfo );
}
if ( bd->be_pending_csn_list ) {
struct slap_csn_entry *csne;
csne = LDAP_TAILQ_FIRST( bd->be_pending_csn_list );
while ( csne ) {
struct slap_csn_entry *tmp_csne = csne;
LDAP_TAILQ_REMOVE( bd->be_pending_csn_list, csne, ce_csn_link );
ch_free( csne->ce_csn.bv_val );
csne = LDAP_TAILQ_NEXT( csne, ce_csn_link );
ch_free( tmp_csne );
}
}
if ( bd->bd_info->bi_db_destroy ) {
bd->bd_info->bi_db_destroy( bd );
}
ber_bvarray_free( bd->be_suffix );
ber_bvarray_free( bd->be_nsuffix );
if ( !BER_BVISNULL( &bd->be_rootdn ) ) {
free( bd->be_rootdn.bv_val );
}
if ( !BER_BVISNULL( &bd->be_rootndn ) ) {
free( bd->be_rootndn.bv_val );
}
if ( !BER_BVISNULL( &bd->be_rootpw ) ) {
free( bd->be_rootpw.bv_val );
}
acl_destroy( bd->be_acl, frontendDB->be_acl );
free( bd );
}
int backend_destroy(void)
{
int i;
BackendDB *bd;
BackendInfo *bi;
struct slap_csn_entry *csne;
/* destroy each backend database */
while (( bd = LDAP_STAILQ_FIRST(&backendDB))) {
LDAP_STAILQ_REMOVE_HEAD(&backendDB, be_next);
if ( bd->be_syncinfo ) {
syncinfo_free( bd->be_syncinfo );
}
if ( bd->be_pending_csn_list ) {
csne = LDAP_TAILQ_FIRST( bd->be_pending_csn_list );
while ( csne ) {
struct slap_csn_entry *tmp_csne = csne;
LDAP_TAILQ_REMOVE( bd->be_pending_csn_list, csne, ce_csn_link );
ch_free( csne->ce_csn.bv_val );
csne = LDAP_TAILQ_NEXT( csne, ce_csn_link );
ch_free( tmp_csne );
}
}
if ( bd->bd_info->bi_db_destroy ) {
bd->bd_info->bi_db_destroy( bd );
}
ber_bvarray_free( bd->be_suffix );
ber_bvarray_free( bd->be_nsuffix );
if ( !BER_BVISNULL( &bd->be_rootdn ) ) {
free( bd->be_rootdn.bv_val );
}
if ( !BER_BVISNULL( &bd->be_rootndn ) ) {
free( bd->be_rootndn.bv_val );
}
if ( !BER_BVISNULL( &bd->be_rootpw ) ) {
free( bd->be_rootpw.bv_val );
}
acl_destroy( bd->be_acl, frontendDB->be_acl );
free( bd );
backend_destroy_one( bd );
}
/* destroy each backend type */
......
......@@ -659,6 +659,27 @@ overlay_register_control( BackendDB *be, const char *oid )
return rc;
}
void
overlay_destroy_one( BackendDB *be, slap_overinst *on )
{
slap_overinfo *oi = on->on_info;
slap_overinst **oidx;
for ( oidx = &oi->oi_list; *oidx; oidx = &(*oidx)->on_next ) {
if ( *oidx == on ) {
*oidx = on->on_next;
if ( on->on_bi.bi_db_destroy ) {
BackendInfo *bi_orig = be->bd_info;
be->bd_info = (BackendInfo *)on;
on->on_bi.bi_db_destroy( be );
be->bd_info = bi_orig;
}
free( on );
break;
}
}
}
/* add an overlay to a particular backend. */
int
overlay_config( BackendDB *be, const char *ov )
......
......@@ -3169,6 +3169,10 @@ ok:
Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n",
ca->log, ca->msg, ca->argv[1] );
rc = LDAP_OTHER;
if ( colst[0]->co_type == Cft_Database )
backend_destroy_one( ca->be );
else
overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
goto leave;
}
}
......
......@@ -258,6 +258,7 @@ LDAP_SLAPD_F (int) backend_startup_one LDAP_P((Backend *be));
LDAP_SLAPD_F (int) backend_sync LDAP_P((Backend *be));
LDAP_SLAPD_F (int) backend_shutdown LDAP_P((Backend *be));
LDAP_SLAPD_F (int) backend_destroy LDAP_P((void));
LDAP_SLAPD_F (void) backend_destroy_one LDAP_P((BackendDB *bd));
LDAP_SLAPD_F (BackendInfo *) backend_info LDAP_P(( const char *type ));
LDAP_SLAPD_F (BackendDB *) backend_db_init LDAP_P(( const char *type ));
......@@ -348,6 +349,9 @@ LDAP_SLAPD_F (int) glue_sub_init( void );
LDAP_SLAPD_F (int) overlay_register LDAP_P(( slap_overinst *on ));
LDAP_SLAPD_F (int) overlay_config LDAP_P(( BackendDB *be, const char *ov ));
LDAP_SLAPD_F (void) overlay_destroy_one LDAP_P((
BackendDB *be,
slap_overinst *on ));
LDAP_SLAPD_F (slap_overinst *) overlay_next LDAP_P(( slap_overinst *on ));
LDAP_SLAPD_F (slap_overinst *) overlay_find LDAP_P(( const char *name ));
LDAP_SLAPD_F (int) overlay_is_over LDAP_P(( BackendDB *be ));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment