Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Isaac Boukris
OpenLDAP
Commits
54884edf
Commit
54884edf
authored
Jul 10, 2008
by
Quanah Gibson-Mount
Browse files
ITS#5593
parent
9dd2d1d1
Changes
9
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
54884edf
...
@@ -15,6 +15,7 @@ OpenLDAP 2.4.11 Engineering
...
@@ -15,6 +15,7 @@ OpenLDAP 2.4.11 Engineering
Fixed slapd sortvals binary search (ITS#5578)
Fixed slapd sortvals binary search (ITS#5578)
Fixed slapd syncrepl updates with multiple masters (ITS#5597)
Fixed slapd syncrepl updates with multiple masters (ITS#5597)
Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
Added slapd-ldap/slapd-meta option to filter out search references (ITS#5593)
Fixed slapd-meta link to slapd-ldap (ITS#5355)
Fixed slapd-meta link to slapd-ldap (ITS#5355)
Fixed slapd-sock, back-shell buffer count (ITS#5558)
Fixed slapd-sock, back-shell buffer count (ITS#5558)
Fixed slapo-dynlist dg attrs lookup (ITS#5583)
Fixed slapo-dynlist dg attrs lookup (ITS#5583)
...
...
doc/man/man5/slapd-ldap.5
View file @
54884edf
...
@@ -384,6 +384,13 @@ returns in case of no activity.
...
@@ -384,6 +384,13 @@ returns in case of no activity.
The value is in seconds, and it can be specified as for
The value is in seconds, and it can be specified as for
.BR idle-timeout .
.BR idle-timeout .
.TP
.B norefs <NO|yes>
If
.BR yes ,
do not return search reference responses.
By default, they are returned unless request is LDAPv2.
.TP
.TP
.B protocol\-version {0,2,3}
.B protocol\-version {0,2,3}
This directive indicates what protocol version must be used to contact
This directive indicates what protocol version must be used to contact
...
...
doc/man/man5/slapd-meta.5
View file @
54884edf
...
@@ -127,6 +127,15 @@ If the value is set to \fBreport\fP, the search is continuated to the end
...
@@ -127,6 +127,15 @@ If the value is set to \fBreport\fP, the search is continuated to the end
but, in case at least one target returned an error code, the first
but, in case at least one target returned an error code, the first
non-success error code is returned.
non-success error code is returned.
.TP
.B norefs <NO|yes>
If
.BR yes ,
do not return search reference responses.
By default, they are returned unless request is LDAPv2.
If set before any target specification, it affects all targets, unless
overridden by any per-target directive.
.TP
.TP
.B protocol\-version {0,2,3}
.B protocol\-version {0,2,3}
This directive indicates what protocol version must be used to contact
This directive indicates what protocol version must be used to contact
...
...
servers/slapd/back-ldap/back-ldap.h
View file @
54884edf
...
@@ -315,6 +315,8 @@ typedef struct ldapinfo_t {
...
@@ -315,6 +315,8 @@ typedef struct ldapinfo_t {
#define LDAP_BACK_F_ST_RESPONSE (0x00040000U)
#define LDAP_BACK_F_ST_RESPONSE (0x00040000U)
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#define LDAP_BACK_F_NOREFS (0x00080000U)
#define LDAP_BACK_ISSET_F(ff,f) ( ( (ff) & (f) ) == (f) )
#define LDAP_BACK_ISSET_F(ff,f) ( ( (ff) & (f) ) == (f) )
#define LDAP_BACK_ISMASK_F(ff,m,f) ( ( (ff) & (m) ) == (f) )
#define LDAP_BACK_ISMASK_F(ff,m,f) ( ( (ff) & (m) ) == (f) )
...
@@ -353,6 +355,8 @@ typedef struct ldapinfo_t {
...
@@ -353,6 +355,8 @@ typedef struct ldapinfo_t {
#define LDAP_BACK_ST_RESPONSE(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ST_RESPONSE)
#define LDAP_BACK_ST_RESPONSE(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_ST_RESPONSE)
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#define LDAP_BACK_NOREFS(li) LDAP_BACK_ISSET( (li), LDAP_BACK_F_NOREFS)
int
li_version
;
int
li_version
;
/* cached connections;
/* cached connections;
...
...
servers/slapd/back-ldap/config.c
View file @
54884edf
...
@@ -70,6 +70,8 @@ enum {
...
@@ -70,6 +70,8 @@ enum {
LDAP_BACK_CFG_CANCEL
,
LDAP_BACK_CFG_CANCEL
,
LDAP_BACK_CFG_QUARANTINE
,
LDAP_BACK_CFG_QUARANTINE
,
LDAP_BACK_CFG_ST_REQUEST
,
LDAP_BACK_CFG_ST_REQUEST
,
LDAP_BACK_CFG_NOREFS
,
LDAP_BACK_CFG_REWRITE
,
LDAP_BACK_CFG_REWRITE
,
LDAP_BACK_CFG_LAST
LDAP_BACK_CFG_LAST
...
@@ -306,6 +308,14 @@ static ConfigTable ldapcfg[] = {
...
@@ -306,6 +308,14 @@ static ConfigTable ldapcfg[] = {
"SINGLE-VALUE )"
,
"SINGLE-VALUE )"
,
NULL
,
NULL
},
NULL
,
NULL
},
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
{
"norefs"
,
"true|FALSE"
,
2
,
2
,
0
,
ARG_MAGIC
|
ARG_ON_OFF
|
LDAP_BACK_CFG_NOREFS
,
ldap_back_cf_gen
,
"( OLcfgDbAt:3.25 "
"NAME 'olcDbNorefs' "
"DESC 'Do not return search reference responses' "
"SYNTAX OMsBoolean "
"SINGLE-VALUE )"
,
NULL
,
NULL
},
{
"suffixmassage"
,
"[virtual]> <real"
,
2
,
3
,
0
,
{
"suffixmassage"
,
"[virtual]> <real"
,
2
,
3
,
0
,
ARG_STRING
|
ARG_MAGIC
|
LDAP_BACK_CFG_REWRITE
,
ARG_STRING
|
ARG_MAGIC
|
LDAP_BACK_CFG_REWRITE
,
ldap_back_cf_gen
,
NULL
,
NULL
,
NULL
},
ldap_back_cf_gen
,
NULL
,
NULL
,
NULL
},
...
@@ -345,6 +355,10 @@ static ConfigOCs ldapocs[] = {
...
@@ -345,6 +355,10 @@ static ConfigOCs ldapocs[] = {
"$ olcDbQuarantine "
"$ olcDbQuarantine "
"$ olcDbUseTemporaryConn "
"$ olcDbUseTemporaryConn "
"$ olcDbConnectionPoolMax "
"$ olcDbConnectionPoolMax "
#ifdef SLAP_CONTROL_X_SESSION_TRACKING
"$ olcDbSessionTrackingRequest "
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
"$ olcDbNorefs "
") )"
,
") )"
,
Cft_Database
,
ldapcfg
},
Cft_Database
,
ldapcfg
},
{
NULL
,
0
,
NULL
}
{
NULL
,
0
,
NULL
}
...
@@ -1134,6 +1148,10 @@ ldap_back_cf_gen( ConfigArgs *c )
...
@@ -1134,6 +1148,10 @@ ldap_back_cf_gen( ConfigArgs *c )
break
;
break
;
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
case
LDAP_BACK_CFG_NOREFS
:
c
->
value_int
=
LDAP_BACK_NOREFS
(
li
);
break
;
default:
default:
/* FIXME: we need to handle all... */
/* FIXME: we need to handle all... */
assert
(
0
);
assert
(
0
);
...
@@ -1256,6 +1274,10 @@ ldap_back_cf_gen( ConfigArgs *c )
...
@@ -1256,6 +1274,10 @@ ldap_back_cf_gen( ConfigArgs *c )
break
;
break
;
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
case
LDAP_BACK_CFG_NOREFS
:
li
->
li_flags
&=
~
LDAP_BACK_F_NOREFS
;
break
;
default:
default:
/* FIXME: we need to handle all... */
/* FIXME: we need to handle all... */
assert
(
0
);
assert
(
0
);
...
@@ -1900,6 +1922,15 @@ done_url:;
...
@@ -1900,6 +1922,15 @@ done_url:;
break
;
break
;
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
case
LDAP_BACK_CFG_NOREFS
:
if
(
c
->
value_int
)
{
li
->
li_flags
|=
LDAP_BACK_F_NOREFS
;
}
else
{
li
->
li_flags
&=
~
LDAP_BACK_F_NOREFS
;
}
break
;
case
LDAP_BACK_CFG_REWRITE
:
case
LDAP_BACK_CFG_REWRITE
:
snprintf
(
c
->
cr_msg
,
sizeof
(
c
->
cr_msg
),
snprintf
(
c
->
cr_msg
,
sizeof
(
c
->
cr_msg
),
"rewrite/remap capabilities have been moved "
"rewrite/remap capabilities have been moved "
...
...
servers/slapd/back-ldap/search.c
View file @
54884edf
...
@@ -363,6 +363,11 @@ retry:
...
@@ -363,6 +363,11 @@ retry:
}
}
}
else
if
(
rc
==
LDAP_RES_SEARCH_REFERENCE
)
{
}
else
if
(
rc
==
LDAP_RES_SEARCH_REFERENCE
)
{
if
(
LDAP_BACK_NOREFS
(
li
)
)
{
ldap_msgfree
(
res
);
continue
;
}
do_retry
=
0
;
do_retry
=
0
;
rc
=
ldap_parse_reference
(
lc
->
lc_ld
,
res
,
rc
=
ldap_parse_reference
(
lc
->
lc_ld
,
res
,
&
references
,
&
rs
->
sr_ctrls
,
1
);
&
references
,
&
rs
->
sr_ctrls
,
1
);
...
...
servers/slapd/back-meta/back-meta.h
View file @
54884edf
...
@@ -315,6 +315,8 @@ typedef struct metatarget_t {
...
@@ -315,6 +315,8 @@ typedef struct metatarget_t {
#define META_BACK_TGT_ST_RESPONSE(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_ST_RESPONSE )
#define META_BACK_TGT_ST_RESPONSE(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_ST_RESPONSE )
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#endif
/* SLAP_CONTROL_X_SESSION_TRACKING */
#define META_BACK_TGT_NOREFS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOREFS )
int
mt_version
;
int
mt_version
;
time_t
mt_network_timeout
;
time_t
mt_network_timeout
;
struct
timeval
mt_bind_timeout
;
struct
timeval
mt_bind_timeout
;
...
...
servers/slapd/back-meta/config.c
View file @
54884edf
...
@@ -1453,6 +1453,36 @@ idassert-authzFrom "dn:<rootdn>"
...
@@ -1453,6 +1453,36 @@ idassert-authzFrom "dn:<rootdn>"
return
1
;
return
1
;
}
}
/* do not return search references */
}
else
if
(
strcasecmp
(
argv
[
0
],
"norefs"
)
==
0
)
{
unsigned
*
flagsp
=
mi
->
mi_ntargets
?
&
mi
->
mi_targets
[
mi
->
mi_ntargets
-
1
]
->
mt_flags
:
&
mi
->
mi_flags
;
if
(
argc
!=
2
)
{
Debug
(
LDAP_DEBUG_ANY
,
"%s: line %d:
\"
norefs {TRUE|false}
\"
needs 1 argument.
\n
"
,
fname
,
lineno
,
0
);
return
(
1
);
}
/* this is the default; we add it because the default might change... */
switch
(
check_true_false
(
argv
[
1
]
)
)
{
case
1
:
*
flagsp
|=
LDAP_BACK_F_NOREFS
;
break
;
case
0
:
*
flagsp
&=
~
LDAP_BACK_F_NOREFS
;
break
;
default:
Debug
(
LDAP_DEBUG_ANY
,
"%s: line %d:
\"
norefs {TRUE|false}
\"
: unknown argument
\"
%s
\"
.
\n
"
,
fname
,
lineno
,
argv
[
1
]
);
return
(
1
);
}
/* anything else */
/* anything else */
}
else
{
}
else
{
return
SLAP_CONF_UNKNOWN
;
return
SLAP_CONF_UNKNOWN
;
...
...
servers/slapd/back-meta/search.c
View file @
54884edf
...
@@ -1155,6 +1155,10 @@ really_bad:;
...
@@ -1155,6 +1155,10 @@ really_bad:;
char
**
references
=
NULL
;
char
**
references
=
NULL
;
int
cnt
;
int
cnt
;
if
(
META_BACK_TGT_NOREFS
(
mi
->
mi_targets
[
i
]
)
)
{
continue
;
}
if
(
candidates
[
i
].
sr_type
==
REP_INTERMEDIATE
)
{
if
(
candidates
[
i
].
sr_type
==
REP_INTERMEDIATE
)
{
/* don't retry any more... */
/* don't retry any more... */
candidates
[
i
].
sr_type
=
REP_RESULT
;
candidates
[
i
].
sr_type
=
REP_RESULT
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment