Commit a71f3288 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Import Ben Collins <bcollins@debian.org> Back-TCL for SLAPD.

parent 44c8baea
......@@ -198,7 +198,7 @@
/* define this to use SLAPD passwd backend */
#undef SLAPD_PASSWD
/* define this to use SLAPD perl backend */
/* define this to use SLAPD Perl backend */
#undef SLAPD_PERL
/* define this for phonetic support */
......@@ -210,6 +210,9 @@
/* define this to use SLAPD shell backend */
#undef SLAPD_SHELL
/* define this to use SLAPD TCL backend */
#undef SLAPD_TCL
/* define this to be empty if your compiler doesn't support volatile */
#undef volatile
......
This diff is collapsed.
......@@ -87,6 +87,7 @@ OL_ARG_WITH(ldbm_type,[ --with-ldbm-type use LDBM type], auto,
OL_ARG_ENABLE(passwd,[ --enable-passwd enable passwd backend], no)dnl
OL_ARG_ENABLE(perl,[ --enable-perl enable perl backend], no)dnl
OL_ARG_ENABLE(shell,[ --enable-shell enable shell backend], no)dnl
OL_ARG_ENABLE(tcl,[ --enable-tcl enable tcl backend], no)dnl
dnl SLURPD OPTIONS
AC_ARG_WITH(xxslurpdoptions,[SLURPD Options:])
......@@ -126,6 +127,9 @@ if test $ol_enable_slapd = no ; then
if test $ol_enable_shell = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable_shell argument])
fi
if test $ol_enable_tcl = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable_tcl argument])
fi
if test $ol_enable_aclgroups = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable_aclgroups argument])
fi
......@@ -154,6 +158,7 @@ if test $ol_enable_slapd = no ; then
ol_enable_passwd=no
ol_enable_perl=no
ol_enable_shell=no
ol_enable_tcl=no
ol_enable_aclgroups=no
ol_enable_wrappers=no
ol_enable_phonetic=no
......@@ -179,7 +184,8 @@ elif test $ol_enable_ldbm = no ; then
if test $ol_enable_passwd = no -a \
$ol_enable_perl = no -a \
$ol_enable_shell = no ; then
$ol_enable_shell = no -a \
$ol_enable_tcl = no ; then
AC_MSG_ERROR([slapd requires a backend])
fi
......@@ -247,6 +253,7 @@ BUILD_LDBM=no
BUILD_PASSWD=no
BUILD_PERL=no
BUILD_SHELL=no
BUILD_TCL=no
BUILD_THREAD=no
SLAPD_PERL_LDFLAGS=
......@@ -1291,6 +1298,39 @@ if test $ol_enable_dmalloc != no ; then
AC_CHECK_LIB(dmalloc, dmalloc_shutdown)
fi
if test $ol_enable_tcl != no ; then
AC_CHECK_HEADERS(tcl.h)
if test $ac_cv_header_tcl_h != yes ; then
have_tcl=no
else
AC_CHECK_LIB(tcl,main,
[have_tcl=yes; SLAPD_LIBS="$SLAPD_LIBS -ltcl"],
[have_tcl=no])
if test $have_tcl != yes; then
AC_CHECK_LIB(tcl7.6,main,
[have_tcl=yes; SLAPD_LIBS="$SLAPD_LIBS -ltcl7.6"],
[have_tcl=no])
fi
if test $have_tcl != yes; then
AC_CHECK_LIB(tcl8.0,main,
[have_tcl=yes; SLAPD_LIBS="$SLAPD_LIBS -ltcl8.0"],
[have_tcl=no])
fi
fi
if test $have_tcl != yes ; then
AC_MSG_WARN([could not find -ltcl])
if test $ol_enable_tcl = yes ; then
AC_MSG_ERROR([could not find tcl, select appropriate options or disable])
fi
ol_enable_tcl=no
fi
fi
# ud needs termcap (should insert check here)
ol_link_termcap=no
AC_CHECK_HEADERS(termcap.h ncurses.h)
......@@ -1584,6 +1624,12 @@ if test "$ol_enable_shell" != no ; then
BUILD_SHELL=yes
fi
if test "$ol_enable_tcl" != no ; then
AC_DEFINE(SLAPD_TCL,1)
BUILD_SLAPD=yes
BUILD_TCL=yes
fi
if test "$ol_enable_slurpd" != no -a "$ol_link_threads" != no -a \
$BUILD_SLAPD = yes ; then
BUILD_SLURPD=yes
......@@ -1602,6 +1648,7 @@ AC_SUBST(BUILD_SLAPD)
AC_SUBST(BUILD_PASSWD)
AC_SUBST(BUILD_PERL)
AC_SUBST(BUILD_SHELL)
AC_SUBST(BUILD_TCL)
AC_SUBST(BUILD_SLURPD)
AC_SUBST(LDAP_LIBS)
......@@ -1655,6 +1702,7 @@ servers/slapd/back-ldbm/Makefile:build/top.mk:servers/slapd/back-ldbm/Makefile.i
servers/slapd/back-passwd/Makefile:build/top.mk:servers/slapd/back-passwd/Makefile.in:build/srv.mk \
servers/slapd/back-perl/Makefile:build/top.mk:servers/slapd/back-perl/Makefile.in:build/srv.mk \
servers/slapd/back-shell/Makefile:build/top.mk:servers/slapd/back-shell/Makefile.in:build/srv.mk \
servers/slapd/back-tcl/Makefile:build/top.mk:servers/slapd/back-tcl/Makefile.in:build/srv.mk \
servers/slapd/shell-backends/Makefile:build/top.mk:servers/slapd/shell-backends/Makefile.in:build/srv.mk \
servers/slapd/tools/Makefile:build/top.mk:servers/slapd/tools/Makefile.in \
servers/slurpd/Makefile:build/top.mk:servers/slurpd/Makefile.in:build/srv.mk \
......
......@@ -190,7 +190,7 @@
/* define this to use SLAPD passwd backend */
#undef SLAPD_PASSWD
/* define this to use SLAPD perl backend */
/* define this to use SLAPD Perl backend */
#undef SLAPD_PERL
/* define this for phonetic support */
......@@ -202,6 +202,9 @@
/* define this to use SLAPD shell backend */
#undef SLAPD_SHELL
/* define this to use SLAPD TCL backend */
#undef SLAPD_TCL
/* define this to be empty if your compiler doesn't support volatile */
#undef volatile
......@@ -513,6 +516,9 @@
/* Define if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
/* Define if you have the <tcl.h> header file. */
#undef HAVE_TCL_H
/* Define if you have the <tcpd.h> header file. */
#undef HAVE_TCPD_H
......
###########################################################################
#
# Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
#
# Redistribution and use in source and binary forms are permitted only
# as authorized by the OpenLDAP Public License. A copy of this
# license is available at http://www.OpenLDAP.org/license.html or
# in file LICENSE in the top-level directory of the distribution.
#
##########################################################################
XSRCS = version.c
SRCS = tcl_init.c tcl_search.c tcl_close.c tcl_config.c tcl_bind.c \
tcl_unbind.c tcl_compare.c tcl_modify.c tcl_add.c tcl_modrdn.c \
tcl_delete.c tcl_abandon.c tcl_util.c
OBJS = tcl_init.o tcl_search.o tcl_close.o tcl_config.o tcl_bind.o \
tcl_unbind.o tcl_compare.o tcl_modify.o tcl_add.o tcl_modrdn.o \
tcl_delete.o tcl_abandon.o tcl_util.o
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
BUILD_OPT = "--enable-tcl"
BUILD_SRV = @BUILD_TCL@
PROGRAMS = libback-tcl.a
XINCPATH = -I.. -I$(srcdir)/..
all-local-srv: FORCE
$(MAKE) $(MFLAGS) libback-tcl.a
libback-tcl.a: version.o
$(AR) ruv $@ $(OBJS) version.o
@$(RANLIB) $@
@touch ../.backend
version.c: $(OBJS) $(LDAP_LIBDEPEND)
$(RM) $@
(u=$${USER-root} v=`$(CAT) $(VERSIONFILE)` d=`$(PWD)` h=`$(HOSTNAME)` \
t=`$(DATE)`; $(SED) -e "s|%WHEN%|$${t}|" \
-e "s|%WHOANDWHERE%|$${u}@$${h}:$${d}|" \
-e "s|%VERSION%|$${v}|" \
< $(srcdir)/Version.c > $@)
Tcl Backend Interface for OpenLDAP
----------------------------
Synopsis of slapd.conf setup
----------------------------
database tcl
suffix o=Suffix
# The full path to the tcl script used for this database
scriptpath /usr/lib/ldap/database.tcl
# The procs for each ldap function. This similar to how
# the shell backend setup works, but these refer to
# the tcl procs in the 'scriptpath' script that handle them
search <proc>
add <proc>
delete <proc>
modify <proc>
bind <proc>
unbind <proc>
modrdn <proc>
compare <proc>
abandon <proc>
# This is one of the biggest pluses of using the tcl backend.
# The realm let's you group several databases to the same interpretor.
# This basically means they share the same global variables and proc
# space. So global variables, as well as all the procs are callable
# between databases. If no tclrealm is specified, it is put into the
# "default" realm.
tclrealm <interpretor name>
-----------------------------------------
Synopsis of variables passed to the procs
-----------------------------------------
abandon { action msgid suffix }
action - Always equal to ABANDON
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one is
and entry in a tcl formatted list (surrounded by {}'s)
add { action msgid suffix entry }
action - Always equal to ADD
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one is
and entry in a tcl formatted list (surrounded by {}'s)
entry - Full entry to add. Each "type: val" is an element in a
tcl formatted list.
bind { action msgid suffix dn method cred_len cred }
action - Always equal to BIND
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN being bound to
method - One of the ldap authentication methods
cred_len - Length of cred
cred - Credentials being used to authenticate, according to
RFC, if this value is empty, then it should be
considered an anonomous bind (??)
compare { action msgid suffix dn ava_type ava_value }
action - Always equal to COMPARE
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN for compare
ava_type - Type for comparison
ava_value - Value to compare
delete { action msgid suffix dn }
action - Always equal to DELETE
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN to delete
modify { action msgid suffix dn mods }
action - Always equal to MODIFY
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN to modify
mods - Tcl list of modifications. List is formatted in this way:
{
{ {op: type} {type: val} }
{ {op: type} {type: val} {type: val} }
...
}
Newlines are not present in the actual var, they are
present here for clarification. "op" is the type of
modification (add, delete, replace).
modrdn { action msgid suffix dn newrdn deleteoldrdn }
action - Always equal to MODRDN
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN who's RDN is being renamed
newrdn - New RDN
deleteoldrdn - Boolean stating whether or not the old RDN should
be removed after being renamed
search { action msgid suffix base scope deref sizelimit timelimit
filterstr attrsonly attrlist }
action - Always equal to SEARCH
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
base - Base for this search
scope - Scope of search, ( 0 | 1 | 2 )
deref - Alias dereferencing ( 0 | 1 | 2 | 3 )
sizelimit - Script should try not to return more data that this
timelimit - Time limit for search
filterstr - Filter string as sent by the requestor.
attrsonly - Boolean for whether to list only the attributes
instead of attributes and their values.
attrlist - Tcl list if to retrieve.
unbind { action msgid suffix dn }
action - Always equal to UNBIND
msgid - The msgid of this ldap session
suffix - List of suffix(es) associated with the call. Each one
is and entry in a tcl formatted list (surrounded by {}'s)
dn - DN to unbind
------------------------------------
Synopsis of Return Method and Syntax
------------------------------------
There are only 2 return types. All procs must return a result to show
status of the operation. The result is in this form:
{ RESULT {code: <integer>} {matched: <partialdn>} {info: <string>} {} }
This is best accomplished with this type of tcl code
lappend ret_val "RESULT"
lappend ret_val "code: 0"
lappend ret_val ""
return $ret_val
The final empty string (item in list) is neccesary to point to the end of
list. The 'code', 'matched', and 'info' values are not neccesary, and
default values are given if not specified. The 'code' value is usually an
LDAP error in decimal notation from ldap.h. The 'info', may be sent back
to the client, depending on the function. LDAP uses the value of 'code' to
indicate whether or not the authentication is acceptible in the bind proc.
The other type of return is for searches. It is similar format to the
shell backend return (as is most of the syntax here). It's format follows:
{dn: o=Company, c=US} {attr: val} {objectclass: val} {}
{dn: o=CompanyB, c=US} {attr: val} {objectclass: val} {}
Again, newlines are for visual purposes here. Also note the {} marking the
end of the entry (same affect as a newline in ldif format). Here is some
example code again, showing a full search proc example.
# Note that 'args' let's you lump all possible args into one var, used
# here for simplicity of exmaple
proc ldap:search { args } {
# perform some operations
lappend ret_val "dn: $rdn,$base"
lappend ret_val "objectclass: $objcl"
lappend ret_val "sn: $rdn"
lappend ret_val "mail: $email"
lappend ret_val ""
# Now setup the result
lappend ret_val "RESULT"
lappend ret_val "code: 0"
lappend ret_val ""
return $ret_val
}
NOTE: Newlines in the return value is acceptible in search entries (ie.
when returning base64 encoded binary entries).
-------------------------------------
Synopsis of Builtin Commands and Vars
-------------------------------------
ldap:debug <msg>
Allows you to send debug messages through OpenLDAP's native debuging
system, this is sent as a LDAP_DEBUG_ANY and will be logged. Useful for
debugging scripts or logging bind failures.
* lock mutex on a per interpreter basis instead of global
* Add a version callable from the tcl script for checking features
/*
* Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
*
* Redistribution and use in source and binary forms are permitted only
* as authorized by the OpenLDAP Public License. A copy of this
* license is available at http://www.OpenLDAP.org/license.html or
* in file LICENSE in the top-level directory of the distribution.
*/
static char Versionstr[] = " tcl backend %VERSION% (%WHEN%)\n\t%WHOANDWHERE%\n";
#ifndef _TCL_EXTERNAL_H
#define _TCL_EXTERNAL_H
LDAP_BEGIN_DECL
extern int tcl_back_initialize LDAP_P(( BackendInfo *bi ));
extern int tcl_back_open LDAP_P(( BackendInfo *bi ));
extern int tcl_back_close LDAP_P(( BackendInfo *bi ));
extern int tcl_back_destroy LDAP_P(( BackendInfo *bi ));
extern int tcl_back_db_init LDAP_P(( BackendDB *bd ));
extern int tcl_back_db_open LDAP_P(( BackendDB *bd ));
extern int tcl_back_db_destroy LDAP_P(( BackendDB *bd ));
extern int tcl_back_db_config LDAP_P(( BackendDB *bd,
char *fname, int lineno, int argc, char **argv ));
extern int tcl_back_bind LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op,
char *dn, int method, struct berval *cred, char** edn ));
extern int tcl_back_unbind LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op ));
extern int tcl_back_search LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op,
char *base, int scope, int deref, int sizelimit, int timelimit,
Filter *filter, char *filterstr, char **attrs, int attrsonly ));
extern int tcl_back_compare LDAP_P((BackendDB *bd,
Connection *conn, Operation *op,
char *dn, Ava *ava ));
extern int tcl_back_modify LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op,
char *dn, LDAPModList *ml ));
extern int tcl_back_modrdn LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op,
char *dn, char*newrdn, int deleteoldrdn ));
extern int tcl_back_add LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op, Entry *e ));
extern int tcl_back_delete LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op, char *dn ));
extern int tcl_back_abandon LDAP_P(( BackendDB *bd,
Connection *conn, Operation *op, int msgid ));
LDAP_END_DECL
#endif /* _TCL_EXTERNAL_H */
/*
* abandon.c - tcl abandon routine
*
* Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
*
* Redistribution and use in source and binary forms are permitted only
* as authorized by the OpenLDAP Public License. A copy of this
* license is available at http://www.OpenLDAP.org/license.html or
* in file LICENSE in the top-level directory of the distribution.
*/
#include "portable.h"
#include <stdio.h>
#include "slap.h"
#include "tcl_back.h"
int tcl_back_abandon (
Backend *be,
Connection *conn,
Operation *op,
int msgid
)
{
char *suf_tcl, *results, *command;
int i, code, err = 0;
struct tclinfo *ti = (struct tclinfo *) be->be_private;
if (ti->ti_abandon == NULL) {
return;
}
for ( i = 0; be->be_suffix[i] != NULL; i++ )
;
suf_tcl = Tcl_Merge(i, be->be_suffix);
command = (char *) ch_malloc (strlen(ti->ti_abandon) + strlen(suf_tcl)
+ 20);
sprintf(command, "%s ABANDON {%ld} {%s}",
ti->ti_abandon, op->o_msgid, suf_tcl);
Tcl_Free(suf_tcl);
ldap_pvt_thread_mutex_lock( &tcl_interpreter_mutex );
code = Tcl_GlobalEval(ti->ti_ii->interp, command);
results = (char *) strdup(ti->ti_ii->interp->result);
ldap_pvt_thread_mutex_unlock( &tcl_interpreter_mutex );
free(command);
if (code != TCL_OK) {
Debug(LDAP_DEBUG_ANY, "tcl_abandon_error: %s\n", results, 0, 0);
}
}
/*
* add.c - tcl add routine
*
* Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
*
* Redistribution and use in source and binary forms are permitted only
* as authorized by the OpenLDAP Public License. A copy of this
* license is available at http://www.OpenLDAP.org/license.html or
* in file LICENSE in the top-level directory of the distribution.
*/
#include "portable.h"
#include <stdio.h>
#include "slap.h"
#include "tcl_back.h"
int tcl_back_add (
Backend * be,
Connection * conn,
Operation * op,
Entry * e
)
{
char *command, *suf_tcl, *entrystr, *results;
int i, code, err = 0;
struct tclinfo *ti = (struct tclinfo *) be->be_private;
if (ti->ti_add == NULL) {
send_ldap_result (conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
"add not implemented");
return (-1);
}
for ( i = 0; be->be_suffix[i] != NULL; i++ )
;
suf_tcl = Tcl_Merge(i, be->be_suffix);
entrystr = tcl_clean_entry(e);
command = (char *) ch_malloc (strlen(ti->ti_add) + strlen(suf_tcl) +
strlen(entrystr) + 32);
sprintf(command, "%s ADD {%ld} {%s} {%s}",
ti->ti_add, op->o_msgid, suf_tcl, entrystr);
Tcl_Free(suf_tcl);
free (entrystr);
ldap_pvt_thread_mutex_lock( &tcl_interpreter_mutex );
code = Tcl_GlobalEval(ti->ti_ii->interp, command);
results = (char *) strdup(ti->ti_ii->interp->result);
ldap_pvt_thread_mutex_unlock( &tcl_interpreter_mutex );
free(command);
if (code != TCL_OK) {
err = LDAP_OPERATIONS_ERROR;
Debug(LDAP_DEBUG_ANY, "tcl_add_error: %s\n", results, 0, 0);
} else {
interp_send_results ( be, conn, op, results, NULL, 0 );
}
if (err != LDAP_SUCCESS)
send_ldap_result (conn, op, err, NULL, "internal backend error");
return (err);
}
/*
* bind.c - tcl bind routines
*
* Copyright 1999, Ben Collins <bcollins@debian.org>, All rights reserved.
*
* Redistribution and use in source and binary forms are permitted only
* as authorized by the OpenLDAP Public License. A copy of this
* license is available at http://www.OpenLDAP.org/license.html or
* in file LICENSE in the top-level directory of the distribution.
*/
#include "portable.h"
#include <stdio.h>
#include "slap.h"
#include "tcl_back.h"
int tcl_back_bind (
Backend * be,
Connection * conn,
Operation * op,
char *dn,
int method,