slap.h 102 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
/* slap.h - stand alone ldap server include file */
2
/* $OpenLDAP$ */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
3
4
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
5
 * Copyright 1998-2021 The OpenLDAP Foundation.
Kurt Zeilenga's avatar
Kurt Zeilenga committed
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* Portions Copyright (c) 1995 Regents of the University of Michigan.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that this notice is preserved and that due credit is given
 * to the University of Michigan at Ann Arbor. The name of the University
 * may not be used to endorse or promote products derived from this
 * software without specific prior written permission. This software
 * is provided ``as is'' without express or implied warranty.
25
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
26

Kurt Zeilenga's avatar
Kurt Zeilenga committed
27
28
#ifndef _SLAP_H_
#define _SLAP_H_
Kurt Zeilenga's avatar
Kurt Zeilenga committed
29

30
31
#include "ldap_defaults.h"

32
#include <stdio.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
33
#include <ac/stdlib.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
34

35
#include <sys/types.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
36
37
#include <ac/syslog.h>
#include <ac/regex.h>
Howard Chu's avatar
Howard Chu committed
38
#include <ac/signal.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
39
#include <ac/socket.h>
40
#include <ac/time.h>
41
#include <ac/param.h>
Kurt Zeilenga's avatar
Kurt Zeilenga committed
42

Ondřej Kuzník's avatar
Ondřej Kuzník committed
43
#include "ldap_avl.h"
44
45
46
47
48
49
50

#ifndef ldap_debug
#define ldap_debug slap_debug
#endif

#include "ldap_log.h"

Kurt Zeilenga's avatar
Kurt Zeilenga committed
51
52
#include <ldap.h>
#include <ldap_schema.h>
53

54
#include "lber_pvt.h"
55
#include "ldap_pvt.h"
56
#include "ldap_pvt_thread.h"
57
#include "ldap_queue.h"
58

59
60
#include "lutil.h"

61
LDAP_BEGIN_DECL
62

63
#ifdef LDAP_DEVEL
64
#define LDAP_COLLECTIVE_ATTRIBUTES
65
#define LDAP_COMP_MATCH
66
#define LDAP_SYNC_TIMESTAMP
67
#define SLAP_CONTROL_X_WHATFAILED
68
69
70
#ifndef SLAP_SCHEMA_EXPOSE
#define SLAP_SCHEMA_EXPOSE
#endif
71
#endif
Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
72

73
#define SLAP_CONFIG_DELETE
74
#define SLAP_AUXPROP_DONTUSECOPY
75
76
#define LDAP_DYNAMIC_OBJECTS
#define SLAP_CONTROL_X_TREE_DELETE LDAP_CONTROL_X_TREE_DELETE
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
77
#define SLAP_CONTROL_X_SESSION_TRACKING
Kurt Zeilenga's avatar
Kurt Zeilenga committed
78
#define SLAP_DISTPROC
79
#define SLAP_CONTROL_X_LAZY_COMMIT
80

Howard Chu's avatar
Howard Chu committed
81
82
83
84
#ifndef SLAP_STATS_ETIME
#define SLAP_STATS_ETIME	1 /* microsecond op timing */
#endif

Kurt Zeilenga's avatar
Kurt Zeilenga committed
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
/*
 * SLAPD Memory allocation macros
 *
 * Unlike ch_*() routines, these routines do not assert() upon
 * allocation error.  They are intended to be used instead of
 * ch_*() routines where the caller has implemented proper
 * checking for and handling of allocation errors.
 *
 * Patches to convert ch_*() calls to SLAP_*() calls welcomed.
 */
#define SLAP_MALLOC(s)      ber_memalloc((s))
#define SLAP_CALLOC(n,s)    ber_memcalloc((n),(s))
#define SLAP_REALLOC(p,s)   ber_memrealloc((p),(s))
#define SLAP_FREE(p)        ber_memfree((p))
#define SLAP_VFREE(v)       ber_memvfree((void**)(v))
#define SLAP_STRDUP(s)      ber_strdup((s))
#define SLAP_STRNDUP(s,l)   ber_strndup((s),(l))
102

Hallvard Furuseth's avatar
Hallvard Furuseth committed
103
104
105
#ifdef f_next
#undef f_next /* name conflict between sys/file.h on SCO and struct filter */
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
106

Kurt Zeilenga's avatar
Kurt Zeilenga committed
107
#define SERVICE_NAME  OPENLDAP_PACKAGE "-slapd"
108
#define SLAPD_ANONYMOUS ""
Kurt Zeilenga's avatar
Kurt Zeilenga committed
109

110
111
112
113
114
115
116
#ifdef HAVE_TCPD
# include <tcpd.h>
# define SLAP_STRING_UNKNOWN	STRING_UNKNOWN
#else /* ! TCP Wrappers */
# define SLAP_STRING_UNKNOWN	"unknown"
#endif /* ! TCP Wrappers */

117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
/* LDAPMod.mod_op value ===> Must be kept in sync with ldap.h! */
/* These values are used internally by the backends. */
/* SLAP_MOD_SOFTADD allows adding values that already exist without getting
 * an error as required by modrdn when the new rdn was already an attribute
 * value itself.
 */
#define SLAP_MOD_SOFTADD		0x1000
/* SLAP_MOD_SOFTDEL allows deleting values if they exist without getting
 * an error otherwise.
 */
#define SLAP_MOD_SOFTDEL		0x1001
/* SLAP_MOD_ADD_IF_NOT_PRESENT allows adding values unless the attribute
 * is already present without getting an error.
 */
#define SLAP_MOD_ADD_IF_NOT_PRESENT	0x1002
/* SLAP_MOD_DEL_IF_PRESENT allows deleting values if the attribute
 * is present, without getting an error otherwise.
 * The semantics can be obtained using SLAP_MOD_SOFTDEL with NULL values.
Juan Gomez's avatar
Juan Gomez committed
135
136
 */

137
#define MAXREMATCHES (100)
138

139
#define SLAP_MAX_WORKER_THREADS		(16)
140

Kurt Zeilenga's avatar
Kurt Zeilenga committed
141
142
143
#define SLAP_SB_MAX_INCOMING_DEFAULT ((1<<18) - 1)
#define SLAP_SB_MAX_INCOMING_AUTH ((1<<24) - 1)

144
145
#define SLAP_CONN_MAX_PENDING_DEFAULT	100
#define SLAP_CONN_MAX_PENDING_AUTH	1000
146
#define SLAP_MAX_FILTER_DEPTH_DEFAULT	1000
147

148
#define SLAP_TEXT_BUFLEN (256)
149

Pierangelo Masarati's avatar
Pierangelo Masarati committed
150
/* pseudo error code indicating abandoned operation */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
151
#define SLAPD_ABANDON (-1024)
152

Pierangelo Masarati's avatar
Pierangelo Masarati committed
153
/* pseudo error code indicating disconnect */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
154
#define SLAPD_DISCONNECT (-1025)
155

156
/* unknown config file directive */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
157
#define SLAP_CONF_UNKNOWN (-1026)
158

159
160
161
/* pseudo error code indicating async operation */
#define SLAPD_ASYNCOP (-1027)

162
163
/* We assume "C" locale, that is US-ASCII */
#define ASCII_SPACE(c)	( (c) == ' ' )
164
165
166
167
#define ASCII_LOWER(c)	( (c) >= 'a' && (c) <= 'z' )
#define ASCII_UPPER(c)	( (c) >= 'A' && (c) <= 'Z' )
#define ASCII_ALPHA(c)	( ASCII_LOWER(c) || ASCII_UPPER(c) )
#define ASCII_DIGIT(c)	( (c) >= '0' && (c) <= '9' )
Howard Chu's avatar
Howard Chu committed
168
169
#define ASCII_HEXLOWER(c)	( (c) >= 'a' && (c) <= 'f' )
#define ASCII_HEXUPPER(c)	( (c) >= 'A' && (c) <= 'F' )
170
171
#define ASCII_HEX(c)	( ASCII_DIGIT(c) || \
	ASCII_HEXLOWER(c) || ASCII_HEXUPPER(c) )
172
#define ASCII_ALNUM(c)	( ASCII_ALPHA(c) || ASCII_DIGIT(c) )
173
#define ASCII_PRINTABLE(c) ( (c) >= ' ' && (c) <= '~' )
174
175
176
177
178
179
180
181

#define SLAP_NIBBLE(c) ((c)&0x0f)
#define SLAP_ESCAPE_CHAR ('\\')
#define SLAP_ESCAPE_LO(c) ( "0123456789ABCDEF"[SLAP_NIBBLE(c)] )
#define SLAP_ESCAPE_HI(c) ( SLAP_ESCAPE_LO((c)>>4) )

#define FILTER_ESCAPE(c) ( (c) == '*' || (c) == '\\' \
	|| (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) )
182

183
#define DN_ESCAPE(c)	((c) == SLAP_ESCAPE_CHAR)
184
185
186
187
/* NOTE: for consistency, this macro must only operate
 * on normalized/pretty DN, such that ';' is never used
 * as RDN separator, and all occurrences of ';' must be escaped */
#define DN_SEPARATOR(c)	((c) == ',')
Kurt Zeilenga's avatar
Kurt Zeilenga committed
188
#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 4514 */
189
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
190
191
192
193
194
#define RDN_NEEDSESCAPE(c)	((c) == '\\' || (c) == '"')

#define DESC_LEADCHAR(c)	( ASCII_ALPHA(c) )
#define DESC_CHAR(c)	( ASCII_ALNUM(c) || (c) == '-' )
#define OID_LEADCHAR(c)	( ASCII_DIGIT(c) )
195
196
#define OID_SEPARATOR(c)	( (c) == '.' )
#define OID_CHAR(c)	( OID_LEADCHAR(c) || OID_SEPARATOR(c) )
197

198
#define ATTR_LEADCHAR(c)	( DESC_LEADCHAR(c) || OID_LEADCHAR(c) )
199
#define ATTR_CHAR(c)	( DESC_CHAR((c)) || OID_SEPARATOR(c) )
200

201
#define AD_LEADCHAR(c)	( ATTR_LEADCHAR(c) )
202
#define AD_CHAR(c)		( ATTR_CHAR(c) || (c) == ';' )
203

204
205
#define SLAP_NUMERIC(c) ( ASCII_DIGIT(c) || ASCII_SPACE(c) )

206
207
208
#define SLAP_PRINTABLE(c)	( ASCII_ALNUM(c) || (c) == '\'' || \
	(c) == '(' || (c) == ')' || (c) == '+' || (c) == ',' || \
	(c) == '-' || (c) == '.' || (c) == '/' || (c) == ':' || \
209
	(c) == '?' || (c) == ' ' || (c) == '=' )
210
211
#define SLAP_PRINTABLES(c)	( SLAP_PRINTABLE(c) || (c) == '$' )

212
213
/* must match in schema_init.c */
#define SLAPD_DN_SYNTAX			"1.3.6.1.4.1.1466.115.121.1.12"
Kurt Zeilenga's avatar
Kurt Zeilenga committed
214
#define SLAPD_NAMEUID_SYNTAX	"1.3.6.1.4.1.1466.115.121.1.34"
215
#define SLAPD_INTEGER_SYNTAX	"1.3.6.1.4.1.1466.115.121.1.27"
216
217
218
219
220
#define SLAPD_GROUP_ATTR		"member"
#define SLAPD_GROUP_CLASS		"groupOfNames"
#define SLAPD_ROLE_ATTR			"roleOccupant"
#define SLAPD_ROLE_CLASS		"organizationalRole"

221
222
#define SLAPD_TOP_OID			"2.5.6.0"

Howard Chu's avatar
Howard Chu committed
223
LDAP_SLAPD_V (int) slap_debug;
224

225
226
typedef unsigned long slap_mask_t;

227
228
229
230
231
232
233
234
235
236
237
238
/* Security Strength Factor */
typedef unsigned slap_ssf_t;

typedef struct slap_ssf_set {
	slap_ssf_t sss_ssf;
	slap_ssf_t sss_transport;
	slap_ssf_t sss_tls;
	slap_ssf_t sss_sasl;
	slap_ssf_t sss_update_ssf;
	slap_ssf_t sss_update_transport;
	slap_ssf_t sss_update_tls;
	slap_ssf_t sss_update_sasl;
239
	slap_ssf_t sss_simple_bind;
240
} slap_ssf_set_t;
241

242
243
244
245
/* Flags for telling slap_sasl_getdn() what type of identity is being passed */
#define SLAP_GETDN_AUTHCID 2
#define SLAP_GETDN_AUTHZID 4

246
247
248
/*
 * Index types
 */
249
250
251
252
253
254
255
256
257
258
#define SLAP_INDEX_TYPE           0x00FFUL
#define SLAP_INDEX_UNDEFINED      0x0001UL
#define SLAP_INDEX_PRESENT        0x0002UL
#define SLAP_INDEX_EQUALITY       0x0004UL
#define SLAP_INDEX_APPROX         0x0008UL
#define SLAP_INDEX_SUBSTR         0x0010UL
#define SLAP_INDEX_EXTENDED		  0x0020UL

#define SLAP_INDEX_DEFAULT        SLAP_INDEX_EQUALITY

259
#define IS_SLAP_INDEX(mask, type)	(((mask) & (type)) == (type))
260
261
262
263
264
265

#define SLAP_INDEX_SUBSTR_TYPE    0x0F00UL

#define SLAP_INDEX_SUBSTR_INITIAL ( SLAP_INDEX_SUBSTR | 0x0100UL ) 
#define SLAP_INDEX_SUBSTR_ANY     ( SLAP_INDEX_SUBSTR | 0x0200UL )
#define SLAP_INDEX_SUBSTR_FINAL   ( SLAP_INDEX_SUBSTR | 0x0400UL )
266
267
268
269
270
#define SLAP_INDEX_SUBSTR_DEFAULT \
	( SLAP_INDEX_SUBSTR \
	| SLAP_INDEX_SUBSTR_INITIAL \
	| SLAP_INDEX_SUBSTR_ANY \
	| SLAP_INDEX_SUBSTR_FINAL )
271

272
273
274
/* defaults for initial/final substring indices */
#define SLAP_INDEX_SUBSTR_IF_MINLEN_DEFAULT	2
#define SLAP_INDEX_SUBSTR_IF_MAXLEN_DEFAULT	4
275

276
277
278
/* defaults for any substring indices */
#define SLAP_INDEX_SUBSTR_ANY_LEN_DEFAULT		4
#define SLAP_INDEX_SUBSTR_ANY_STEP_DEFAULT		2
279

280
281
282
/* default for ordered integer index keys */
#define SLAP_INDEX_INTLEN_DEFAULT	4

283
284
#define SLAP_INDEX_FLAGS         0xF000UL
#define SLAP_INDEX_NOSUBTYPES    0x1000UL /* don't use index w/ subtypes */
285
#define SLAP_INDEX_NOTAGS        0x2000UL /* don't use index w/ tags */
286
287
288
289
290
291
292
293

/*
 * there is a single index for each attribute.  these prefixes ensure
 * that there is no collision among keys.
 */
#define SLAP_INDEX_EQUALITY_PREFIX	'=' 	/* prefix for equality keys     */
#define SLAP_INDEX_APPROX_PREFIX	'~'		/* prefix for approx keys       */
#define SLAP_INDEX_SUBSTR_PREFIX	'*'		/* prefix for substring keys    */
294
295
#define SLAP_INDEX_SUBSTR_INITIAL_PREFIX '^'
#define SLAP_INDEX_SUBSTR_FINAL_PREFIX '$'
296
#define SLAP_INDEX_CONT_PREFIX		'.'		/* prefix for continuation keys */
297

298
299
300
301
#define SLAP_SYNTAX_MATCHINGRULES_OID	 "1.3.6.1.4.1.1466.115.121.1.30"
#define SLAP_SYNTAX_ATTRIBUTETYPES_OID	 "1.3.6.1.4.1.1466.115.121.1.3"
#define SLAP_SYNTAX_OBJECTCLASSES_OID	 "1.3.6.1.4.1.1466.115.121.1.37"
#define SLAP_SYNTAX_MATCHINGRULEUSES_OID "1.3.6.1.4.1.1466.115.121.1.31"
302
#define SLAP_SYNTAX_CONTENTRULE_OID	 "1.3.6.1.4.1.1466.115.121.1.16"
303

304
305
306
/*
 * represents schema information for a database
 */
307
308
309
310
311
312
enum {
	SLAP_SCHERR_OUTOFMEM = 1,
	SLAP_SCHERR_CLASS_NOT_FOUND,
	SLAP_SCHERR_CLASS_BAD_USAGE,
	SLAP_SCHERR_CLASS_BAD_SUP,
	SLAP_SCHERR_CLASS_DUP,
313
	SLAP_SCHERR_CLASS_INCONSISTENT,
314
315
316
317
318
319
320
321
322
323
324
325
	SLAP_SCHERR_ATTR_NOT_FOUND,
	SLAP_SCHERR_ATTR_BAD_MR,
	SLAP_SCHERR_ATTR_BAD_USAGE,
	SLAP_SCHERR_ATTR_BAD_SUP,
	SLAP_SCHERR_ATTR_INCOMPLETE,
	SLAP_SCHERR_ATTR_DUP,
	SLAP_SCHERR_ATTR_INCONSISTENT,
	SLAP_SCHERR_MR_NOT_FOUND,
	SLAP_SCHERR_MR_INCOMPLETE,
	SLAP_SCHERR_MR_DUP,
	SLAP_SCHERR_SYN_NOT_FOUND,
	SLAP_SCHERR_SYN_DUP,
326
	SLAP_SCHERR_SYN_SUP_NOT_FOUND,
327
328
	SLAP_SCHERR_SYN_SUBST_NOT_SPECIFIED,
	SLAP_SCHERR_SYN_SUBST_NOT_FOUND,
329
330
331
332
333
334
335
336
337
338
339
	SLAP_SCHERR_NO_NAME,
	SLAP_SCHERR_NOT_SUPPORTED,
	SLAP_SCHERR_BAD_DESCR,
	SLAP_SCHERR_OIDM,
	SLAP_SCHERR_CR_DUP,
	SLAP_SCHERR_CR_BAD_STRUCT,
	SLAP_SCHERR_CR_BAD_AUX,
	SLAP_SCHERR_CR_BAD_AT,

	SLAP_SCHERR_LAST
};
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
340

341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
/* forward declarations */
typedef struct Syntax Syntax;
typedef struct MatchingRule MatchingRule;
typedef struct MatchingRuleUse MatchingRuleUse;
typedef struct MatchingRuleAssertion MatchingRuleAssertion;
typedef struct OidMacro OidMacro;
typedef struct ObjectClass ObjectClass;
typedef struct AttributeType AttributeType;
typedef struct AttributeDescription AttributeDescription;
typedef struct AttributeName AttributeName;
typedef struct ContentRule ContentRule;

typedef struct AttributeAssertion AttributeAssertion;
typedef struct SubstringsAssertion SubstringsAssertion;
typedef struct Filter Filter;
typedef struct ValuesReturnFilter ValuesReturnFilter;
typedef struct Attribute Attribute;
#ifdef LDAP_COMP_MATCH
typedef struct ComponentData ComponentData;
typedef struct ComponentFilter ComponentFilter;
#endif

typedef struct Entry Entry;
typedef struct Modification Modification;
typedef struct Modifications Modifications;
typedef struct LDAPModList LDAPModList;

typedef struct BackendInfo BackendInfo;		/* per backend type */
typedef struct BackendDB BackendDB;		/* per backend database */

typedef struct Connection Connection;
typedef struct Operation Operation;
typedef struct SlapReply SlapReply;
/* end of forward declarations */

376
377
extern int slap_inet4or6;

378
struct OidMacro {
379
	struct berval som_oid;
Howard Chu's avatar
Howard Chu committed
380
381
	BerVarray som_names;
	BerVarray som_subs;
Howard Chu's avatar
Howard Chu committed
382
383
#define	SLAP_OM_HARDCODE	0x10000U	/* This is hardcoded schema */
	int som_flags;
Howard Chu's avatar
Howard Chu committed
384
	LDAP_STAILQ_ENTRY(OidMacro) som_next;
385
};
Kurt Zeilenga's avatar
Kurt Zeilenga committed
386

387
typedef int slap_syntax_validate_func LDAP_P((
388
	Syntax *syntax,
389
390
	struct berval * in));

Kurt Zeilenga's avatar
Kurt Zeilenga committed
391
typedef int slap_syntax_transform_func LDAP_P((
392
	Syntax *syntax,
393
	struct berval * in,
Howard Chu's avatar
Howard Chu committed
394
395
	struct berval * out,
	void *memctx));
396

397
398
399
400
401
#ifdef LDAP_COMP_MATCH
typedef void* slap_component_transform_func LDAP_P((
	struct berval * in ));
struct ComponentDesc;
#endif
402

403
struct Syntax {
404
	LDAPSyntax			ssyn_syn;
405
406
#define ssyn_oid		ssyn_syn.syn_oid
#define ssyn_desc		ssyn_syn.syn_desc
Kurt Zeilenga's avatar
Kurt Zeilenga committed
407
#define ssyn_extensions	ssyn_syn.syn_extensions
408
409
	/*
	 * Note: the former
410
	ber_len_t	ssyn_oidlen;
411
412
413
414
415
416
417
	 * has been replaced by a struct berval that uses the value
	 * provided by ssyn_syn.syn_oid; a macro that expands to
	 * the bv_len field of the berval is provided for backward
	 * compatibility.  CAUTION: NEVER FREE THE BERVAL
	 */
	struct berval	ssyn_bvoid;
#define	ssyn_oidlen	ssyn_bvoid.bv_len
418

419
	unsigned int ssyn_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
420

421
422
423
424
#define SLAP_SYNTAX_NONE	0x0000U
#define SLAP_SYNTAX_BLOB	0x0001U /* syntax treated as blob (audio) */
#define SLAP_SYNTAX_BINARY	0x0002U /* binary transfer required (certificate) */
#define SLAP_SYNTAX_BER		0x0004U /* stored in BER encoding (certificate) */
425
#ifdef SLAP_SCHEMA_EXPOSE
426
427
#define SLAP_SYNTAX_HIDE	0x0000U /* publish everything */
#else
428
#define SLAP_SYNTAX_HIDE	0x8000U /* hide (do not publish) */
429
#endif
430
#define	SLAP_SYNTAX_HARDCODE	0x10000U	/* This is hardcoded schema */
Howard Chu's avatar
Howard Chu committed
431
#define	SLAP_SYNTAX_DN		0x20000U	/* Treat like a DN */
432

433
	Syntax				**ssyn_sups;
434

435
	slap_syntax_validate_func	*ssyn_validate;
436
	slap_syntax_transform_func	*ssyn_pretty;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
437

438
#ifdef SLAPD_BINARY_CONVERSION
Kurt Zeilenga's avatar
Kurt Zeilenga committed
439
440
441
	/* convert to and from binary */
	slap_syntax_transform_func	*ssyn_ber2str;
	slap_syntax_transform_func	*ssyn_str2ber;
442
#endif
443
444
#ifdef LDAP_COMP_MATCH
	slap_component_transform_func *ssyn_attr2comp;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
445
	struct ComponentDesc* ssync_comp_syntax;
446
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
447

448
	LDAP_STAILQ_ENTRY(Syntax)	ssyn_next;
449
};
450

451
452
453
454
#define slap_syntax_is_flag(s,flag) ((int)((s)->ssyn_flags & (flag)) ? 1 : 0)
#define slap_syntax_is_blob(s)		slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
#define slap_syntax_is_binary(s)	slap_syntax_is_flag((s),SLAP_SYNTAX_BINARY)
#define slap_syntax_is_ber(s)		slap_syntax_is_flag((s),SLAP_SYNTAX_BER)
455
#define slap_syntax_is_hidden(s)	slap_syntax_is_flag((s),SLAP_SYNTAX_HIDE)
456

457
458
459
typedef struct slap_syntax_defs_rec {
	char *sd_desc;
	int sd_flags;
460
	char **sd_sups;
461
462
463
464
465
466
467
468
	slap_syntax_validate_func *sd_validate;
	slap_syntax_transform_func *sd_pretty;
#ifdef SLAPD_BINARY_CONVERSION
	slap_syntax_transform_func *sd_ber2str;
	slap_syntax_transform_func *sd_str2ber;
#endif
} slap_syntax_defs_rec;

Kurt Zeilenga's avatar
Kurt Zeilenga committed
469
/* X -> Y Converter */
470
471
typedef int slap_mr_convert_func LDAP_P((
	struct berval * in,
Howard Chu's avatar
Howard Chu committed
472
473
	struct berval * out,
	void *memctx ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
474
475
476

/* Normalizer */
typedef int slap_mr_normalize_func LDAP_P((
477
	slap_mask_t use,
478
479
480
481
	Syntax *syntax, /* NULL if in is asserted value */
	MatchingRule *mr,
	struct berval *in,
	struct berval *out,
Howard Chu's avatar
Howard Chu committed
482
	void *memctx ));
Kurt Zeilenga's avatar
Kurt Zeilenga committed
483
484

/* Match (compare) function */
485
typedef int slap_mr_match_func LDAP_P((
486
	int *match,
487
	slap_mask_t use,
488
489
490
491
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
	struct berval *value,
	void *assertValue ));
492

493
494
/* Index generation function */
typedef int slap_mr_indexer_func LDAP_P((
495
496
	slap_mask_t use,
	slap_mask_t mask,
497
498
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
499
	struct berval *prefix,
500
	BerVarray values,
Howard Chu's avatar
Howard Chu committed
501
502
	BerVarray *keys,
	void *memctx ));
503

504
505
/* Filter index function */
typedef int slap_mr_filter_func LDAP_P((
506
507
	slap_mask_t use,
	slap_mask_t mask,
508
509
	Syntax *syntax,	/* syntax of stored value */
	MatchingRule *mr,
510
	struct berval *prefix,
511
	void *assertValue,
Howard Chu's avatar
Howard Chu committed
512
513
	BerVarray *keys,
	void *memctx ));
514

515
struct MatchingRule {
516
	LDAPMatchingRule		smr_mrule;
517
	MatchingRuleUse			*smr_mru;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
518
	/* RFC 4512 string representation */
519
520
521
	struct berval			smr_str;
	/*
	 * Note: the former
522
	 *			ber_len_t	smr_oidlen;
523
524
525
526
527
528
529
530
	 * has been replaced by a struct berval that uses the value
	 * provided by smr_mrule.mr_oid; a macro that expands to
	 * the bv_len field of the berval is provided for backward
	 * compatibility.  CAUTION: NEVER FREE THE BERVAL
	 */
	struct berval			smr_bvoid;
#define	smr_oidlen			smr_bvoid.bv_len

531
	slap_mask_t			smr_usage;
532

533
#ifdef SLAP_SCHEMA_EXPOSE
534
535
#define SLAP_MR_HIDE			0x0000U
#else
536
#define SLAP_MR_HIDE			0x8000U
537
#endif
538

539
#define SLAP_MR_MUTATION_NORMALIZER	0x4000U
540

Kurt Zeilenga's avatar
Kurt Zeilenga committed
541
#define SLAP_MR_TYPE_MASK		0x0F00U
542
#define SLAP_MR_SUBTYPE_MASK		0x00F0U
Kurt Zeilenga's avatar
Kurt Zeilenga committed
543
#define SLAP_MR_USAGE			0x000FU
544
545

#define SLAP_MR_NONE			0x0000U
Kurt Zeilenga's avatar
Kurt Zeilenga committed
546
547
548
#define SLAP_MR_EQUALITY		0x0100U
#define SLAP_MR_ORDERING		0x0200U
#define SLAP_MR_SUBSTR			0x0400U
549
550
#define SLAP_MR_EXT			0x0800U /* implicitly extensible */
#define	SLAP_MR_ORDERED_INDEX		0x1000U
551
#ifdef LDAP_COMP_MATCH
552
#define SLAP_MR_COMPONENT		0x2000U
553
#endif
554

Kurt Zeilenga's avatar
Kurt Zeilenga committed
555
#define SLAP_MR_EQUALITY_APPROX	( SLAP_MR_EQUALITY | 0x0010U )
556

Kurt Zeilenga's avatar
Kurt Zeilenga committed
557
#define SLAP_MR_SUBSTR_INITIAL	( SLAP_MR_SUBSTR | 0x0010U )
558
#define SLAP_MR_SUBSTR_ANY	( SLAP_MR_SUBSTR | 0x0020U )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
559
#define SLAP_MR_SUBSTR_FINAL	( SLAP_MR_SUBSTR | 0x0040U )
560

Kurt Zeilenga's avatar
Kurt Zeilenga committed
561
562
563
564
565
566
567
568
569
570
571
572
573
574

/*
 * The asserted value, depending on the particular usage,
 * is expected to conform to either the assertion syntax
 * or the attribute syntax.   In some cases, the syntax of
 * the value is known.  If so, these flags indicate which
 * syntax the value is expected to conform to.  If not,
 * neither of these flags is set (until the syntax of the
 * provided value is determined).  If the value is of the
 * attribute syntax, the flag is changed once a value of
 * the assertion syntax is derived from the provided value.
 */
#define SLAP_MR_VALUE_OF_ASSERTION_SYNTAX	0x0001U
#define SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX	0x0002U
Pierangelo Masarati's avatar
Pierangelo Masarati committed
575
576
#define SLAP_MR_VALUE_OF_SYNTAX			(SLAP_MR_VALUE_OF_ASSERTION_SYNTAX|SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX)
#define SLAP_MR_DENORMALIZE			(SLAP_MR_MUTATION_NORMALIZER)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
577
578
579
580
581

#define SLAP_MR_IS_VALUE_OF_ATTRIBUTE_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX )
#define SLAP_MR_IS_VALUE_OF_ASSERTION_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_ASSERTION_SYNTAX )
582
583
584
585
586
587
#ifdef LDAP_DEBUG
#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) \
	((usage) & SLAP_MR_VALUE_OF_SYNTAX)
#else
#define SLAP_MR_IS_VALUE_OF_SYNTAX( usage )	(1)
#endif
Pierangelo Masarati's avatar
Pierangelo Masarati committed
588
589
#define SLAP_MR_IS_DENORMALIZE( usage ) \
	((usage) & SLAP_MR_DENORMALIZE )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
590

591
592
593
/* either or both the asserted value or attribute value
 * may be provided in normalized form
 */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
594
595
#define SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH		0x0004U
#define SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH	0x0008U
596
597

#define SLAP_IS_MR_ASSERTION_SYNTAX_MATCH( usage ) \
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
	(!((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_MATCH))
#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_MATCH( usage ) \
	((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_MATCH)

#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH( usage ) \
	(((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH) \
		== SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH)
#define SLAP_IS_MR_ATTRIBUTE_SYNTAX_NONCONVERTED_MATCH( usage ) \
	(((usage) & SLAP_MR_ATTRIBUTE_SYNTAX_CONVERTED_MATCH) \
		== SLAP_MR_ATTRIBUTE_SYNTAX_MATCH)

#define SLAP_IS_MR_ASSERTED_VALUE_NORMALIZED_MATCH( usage ) \
	((usage) & SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH )
#define SLAP_IS_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH( usage ) \
	((usage) & SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH )
613

614
	Syntax			*smr_syntax;
615
	slap_mr_convert_func	*smr_convert;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
616
	slap_mr_normalize_func	*smr_normalize;
617
	slap_mr_match_func	*smr_match;
618
	slap_mr_indexer_func	*smr_indexer;
619
	slap_mr_filter_func	*smr_filter;
620

621
	/*
622
	 * null terminated array of syntaxes compatible with this syntax
623
	 * note: when MS_EXT is set, this MUST NOT contain the assertion
Kurt Zeilenga's avatar
Kurt Zeilenga committed
624
	 * syntax of the rule.  When MS_EXT is not set, it MAY.
625
	 */
626
	Syntax			**smr_compat_syntaxes;
627

628
629
630
631
	/*
	 * For equality rules, refers to an associated approximate rule.
	 * For non-equality rules, refers to an associated equality rule.
	 */
632
	MatchingRule	*smr_associated;
633

Kurt Zeilenga's avatar
cleanup    
Kurt Zeilenga committed
634
635
#define SLAP_MR_ASSOCIATED(mr,amr)	\
	(((mr) == (amr)) || ((mr)->smr_associated == (amr)))
636

637
	LDAP_SLIST_ENTRY(MatchingRule)	smr_next;
638

639
640
641
#define smr_oid				smr_mrule.mr_oid
#define smr_names			smr_mrule.mr_names
#define smr_desc			smr_mrule.mr_desc
Kurt Zeilenga's avatar
Kurt Zeilenga committed
642
643
#define smr_obsolete		smr_mrule.mr_obsolete
#define smr_syntax_oid		smr_mrule.mr_syntax_oid
644
#define smr_extensions		smr_mrule.mr_extensions
645
};
646

647
struct MatchingRuleUse {
648
649
	LDAPMatchingRuleUse		smru_mruleuse;
	MatchingRule			*smru_mr;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
650
	/* RFC 4512 string representation */
651
652
	struct berval			smru_str;

653
	LDAP_SLIST_ENTRY(MatchingRuleUse) smru_next;
654
655
656
657
658
659
660
661
662
663

#define smru_oid			smru_mruleuse.mru_oid
#define smru_names			smru_mruleuse.mru_names
#define smru_desc			smru_mruleuse.mru_desc
#define smru_obsolete			smru_mruleuse.mru_obsolete
#define smru_applies_oids		smru_mruleuse.mru_applies_oids

#define smru_usage			smru_mr->smr_usage
} /* MatchingRuleUse */ ;

664
665
666
typedef struct slap_mrule_defs_rec {
	char *						mrd_desc;
	slap_mask_t					mrd_usage;
667
	char **						mrd_compat_syntaxes;
668
669
670
671
672
673
	slap_mr_convert_func *		mrd_convert;
	slap_mr_normalize_func *	mrd_normalize;
	slap_mr_match_func *		mrd_match;
	slap_mr_indexer_func *		mrd_indexer;
	slap_mr_filter_func *		mrd_filter;

674
675
	/* For equality rule, this may refer to an associated approximate rule */
	/* For non-equality rule, this may refer to an associated equality rule */
676
677
678
	char *						mrd_associated;
} slap_mrule_defs_rec;

679
typedef int (AttributeTypeSchemaCheckFN)(
680
681
682
	BackendDB *be,
	Entry *e,
	Attribute *attr,
683
684
685
	const char** text,
	char *textbuf, size_t textlen );

686
struct AttributeType {
687
	LDAPAttributeType		sat_atype;
688
	struct berval			sat_cname;
689
690
	AttributeType			*sat_sup;
	AttributeType			**sat_subtypes;
691
	MatchingRule			*sat_equality;
692
	MatchingRule			*sat_approx;
693
694
	MatchingRule			*sat_ordering;
	MatchingRule			*sat_substr;
695
	Syntax				*sat_syntax;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
696

697
	AttributeTypeSchemaCheckFN	*sat_check;
698
699
	char				*sat_oidmacro;	/* attribute OID */
	char				*sat_soidmacro;	/* syntax OID */
700

Kurt Zeilenga's avatar
Kurt Zeilenga committed
701
702
703
#define SLAP_AT_NONE			0x0000U
#define SLAP_AT_ABSTRACT		0x0100U /* cannot be instantiated */
#define SLAP_AT_FINAL			0x0200U /* cannot be subtyped */
704
#ifdef SLAP_SCHEMA_EXPOSE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
705
#define SLAP_AT_HIDE			0x0000U /* publish everything */
706
#else
Kurt Zeilenga's avatar
Kurt Zeilenga committed
707
#define SLAP_AT_HIDE			0x8000U /* hide attribute */
708
#endif
Kurt Zeilenga's avatar
Kurt Zeilenga committed
709
710
711
#define	SLAP_AT_DYNAMIC			0x0400U	/* dynamically generated */

#define SLAP_AT_MANAGEABLE		0x0800U	/* no-user-mod can be by-passed */
712

Howard Chu's avatar
Howard Chu committed
713
714
715
716
717
718
719
/* Note: ORDERED values have an ordering specifically set by the
 * user, denoted by the {x} ordering prefix on the values.
 *
 * SORTED values are simply sorted by memcmp. SORTED values can
 * be efficiently located by binary search. ORDERED values have no
 * such advantage. An attribute cannot have both properties.
 */
Howard Chu's avatar
Howard Chu committed
720
721
#define	SLAP_AT_ORDERED_VAL		0x0001U /* values are ordered */
#define	SLAP_AT_ORDERED_SIB		0x0002U /* siblings are ordered */
Kurt Zeilenga's avatar
Kurt Zeilenga committed
722
723
#define	SLAP_AT_ORDERED			0x0003U /* value has order index */

Howard Chu's avatar
Howard Chu committed
724
725
#define	SLAP_AT_SORTED_VAL		0x0010U	/* values should be sorted */

726
727
#define	SLAP_AT_HARDCODE		0x10000U	/* hardcoded schema */
#define	SLAP_AT_DELETED			0x20000U
Howard Chu's avatar
Howard Chu committed
728

729
	slap_mask_t			sat_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
730

731
	LDAP_STAILQ_ENTRY(AttributeType) sat_next;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
732

733
734
735
#define sat_oid				sat_atype.at_oid
#define sat_names			sat_atype.at_names
#define sat_desc			sat_atype.at_desc
736
#define sat_obsolete			sat_atype.at_obsolete
737
#define sat_sup_oid			sat_atype.at_sup_oid
738
739
740
741
742
743
744
#define sat_equality_oid		sat_atype.at_equality_oid
#define sat_ordering_oid		sat_atype.at_ordering_oid
#define sat_substr_oid			sat_atype.at_substr_oid
#define sat_syntax_oid			sat_atype.at_syntax_oid
#define sat_single_value		sat_atype.at_single_value
#define sat_collective			sat_atype.at_collective
#define sat_no_user_mod			sat_atype.at_no_user_mod
745
#define sat_usage			sat_atype.at_usage
746
#define sat_extensions			sat_atype.at_extensions
Kurt Zeilenga's avatar
Kurt Zeilenga committed
747

748
	AttributeDescription		*sat_ad;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
749
	ldap_pvt_thread_mutex_t		sat_ad_mutex;
750
};
751

752
753
754
#define is_at_operational(at)	((at)->sat_usage)
#define is_at_single_value(at)	((at)->sat_single_value)
#define is_at_collective(at)	((at)->sat_collective)
755
#define is_at_obsolete(at)		((at)->sat_obsolete)
756
757
#define is_at_no_user_mod(at)	((at)->sat_no_user_mod)

758
typedef int (ObjectClassSchemaCheckFN)(
759
760
761
	BackendDB *be,
	Entry *e,
	ObjectClass *oc,
762
763
764
	const char** text,
	char *textbuf, size_t textlen );

765
struct ObjectClass {
766
767
	LDAPObjectClass			soc_oclass;
	struct berval			soc_cname;
768
769
770
	ObjectClass			**soc_sups;
	AttributeType			**soc_required;
	AttributeType			**soc_allowed;
771
	ObjectClassSchemaCheckFN	*soc_check;
772
773
	char				*soc_oidmacro;
	slap_mask_t			soc_flags;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
774
775
776
#define soc_oid				soc_oclass.oc_oid
#define soc_names			soc_oclass.oc_names
#define soc_desc			soc_oclass.oc_desc
777
778
#define soc_obsolete			soc_oclass.oc_obsolete
#define soc_sup_oids			soc_oclass.oc_sup_oids
Kurt Zeilenga's avatar
Kurt Zeilenga committed
779
#define soc_kind			soc_oclass.oc_kind
780
781
782
#define soc_at_oids_must		soc_oclass.oc_at_oids_must
#define soc_at_oids_may			soc_oclass.oc_at_oids_may
#define soc_extensions			soc_oclass.oc_extensions
Kurt Zeilenga's avatar
Kurt Zeilenga committed
783

784
785
	LDAP_STAILQ_ENTRY(ObjectClass)	soc_next;
};
786

787
788
789
790
#define	SLAP_OCF_SET_FLAGS	0x1
#define	SLAP_OCF_CHECK_SUP	0x2
#define	SLAP_OCF_MASK		(SLAP_OCF_SET_FLAGS|SLAP_OCF_CHECK_SUP)

791
792
793
794
795
#define	SLAP_OC_ALIAS		0x0001
#define	SLAP_OC_REFERRAL	0x0002
#define	SLAP_OC_SUBENTRY	0x0004
#define	SLAP_OC_DYNAMICOBJECT	0x0008
#define	SLAP_OC_COLLECTIVEATTRIBUTESUBENTRY	0x0010
796
#define SLAP_OC_GLUE		0x0020
797
798
799
800
#define SLAP_OC_SYNCPROVIDERSUBENTRY		0x0040
#define SLAP_OC_SYNCCONSUMERSUBENTRY		0x0080
#define	SLAP_OC__MASK		0x00FF
#define	SLAP_OC__END		0x0100
801
#define SLAP_OC_OPERATIONAL	0x4000
802
#ifdef SLAP_SCHEMA_EXPOSE
803
804
#define SLAP_OC_HIDE		0x0000
#else
805
#define SLAP_OC_HIDE		0x8000
806
#endif
Howard Chu's avatar
Howard Chu committed
807
#define	SLAP_OC_HARDCODE	0x10000U	/* This is hardcoded schema */
808
#define	SLAP_OC_DELETED		0x20000U
809

810
811
812
/*
 * DIT content rule
 */
813
struct ContentRule {
814
	LDAPContentRule		scr_crule;
815
816
	ObjectClass		*scr_sclass;
	ObjectClass		**scr_auxiliaries;	/* optional */
817
818
819
	AttributeType		**scr_required;		/* optional */
	AttributeType		**scr_allowed;		/* optional */
	AttributeType		**scr_precluded;	/* optional */
820
821
822
#define scr_oid			scr_crule.cr_oid
#define scr_names		scr_crule.cr_names
#define scr_desc		scr_crule.cr_desc
823
824
825
826
827
828
#define scr_obsolete		scr_crule.cr_obsolete
#define scr_oc_oids_aux		scr_crule.cr_oc_oids_aux
#define scr_at_oids_must	scr_crule.cr_at_oids_must
#define scr_at_oids_may		scr_crule.cr_at_oids_may
#define scr_at_oids_not		scr_crule.cr_at_oids_not

829
830
831
	char			*scr_oidmacro;
#define	SLAP_CR_HARDCODE	0x10000U
	int			scr_flags;
Howard Chu's avatar
Howard Chu committed
832

833
834
	LDAP_STAILQ_ENTRY( ContentRule ) scr_next;
};
835

836
/* Represents a recognized attribute description ( type + options ). */
837
838
839
840
841
struct AttributeDescription {
	AttributeDescription	*ad_next;
	AttributeType		*ad_type;	/* attribute type, must be specified */
	struct berval		ad_cname;	/* canonical name, must be specified */
	struct berval		ad_tags;	/* empty if no tagging options */
842
	unsigned ad_flags;
843
844
845
846
#define SLAP_DESC_NONE		0x00U
#define SLAP_DESC_BINARY	0x01U
#define SLAP_DESC_TAG_RANGE	0x80U
#define SLAP_DESC_TEMPORARY	0x1000U
Howard Chu's avatar
Howard Chu committed
847
	unsigned ad_index;
848
};
849

850
851
852
/* flags to slap_*2undef_ad to register undefined (0, the default)
 * or proxied (SLAP_AD_PROXIED) AttributeDescriptions; the additional
 * SLAP_AD_NOINSERT is to lookup without insert */
853
854
855
856
#define SLAP_AD_UNDEF		0x00U
#define SLAP_AD_PROXIED		0x01U
#define	SLAP_AD_NOINSERT	0x02U

857
858
859
#define	SLAP_AN_OCEXCLUDE	0x01
#define	SLAP_AN_OCINITED	0x02

860
861
862
struct AttributeName {
	struct berval		an_name;
	AttributeDescription	*an_desc;
863
	int			an_flags;
864
865
	ObjectClass		*an_oc;
};
866

867
868
869
#define slap_ad_is_tagged(ad)			( (ad)->ad_tags.bv_len != 0 )
#define slap_ad_is_tag_range(ad)	\
	( ((ad)->ad_flags & SLAP_DESC_TAG_RANGE) ? 1 : 0 )
Kurt Zeilenga's avatar
Kurt Zeilenga committed
870
#define slap_ad_is_binary(ad)		\
871
	( ((ad)->ad_flags & SLAP_DESC_BINARY) ? 1 : 0 )
872

873
874
875
876
/*
 * pointers to schema elements used internally
 */
struct slap_internal_schema {
877
	/* objectClass */
878
	ObjectClass *si_oc_top;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
879
	ObjectClass *si_oc_extensibleObject;
880
881
	ObjectClass *si_oc_alias;
	ObjectClass *si_oc_referral;
882
	ObjectClass *si_oc_rootdse;
883
884
	ObjectClass *si_oc_subentry;
	ObjectClass *si_oc_subschema;
885
	ObjectClass *si_oc_collectiveAttributeSubentry;
886
	ObjectClass *si_oc_dynamicObject;
887

888
889
890
	ObjectClass *si_oc_glue;
	ObjectClass *si_oc_syncConsumerSubentry;
	ObjectClass *si_oc_syncProviderSubentry;
891

892
	/* objectClass attribute descriptions */
893
894
	AttributeDescription *si_ad_objectClass;

895
	/* operational attribute descriptions */
896
	AttributeDescription *si_ad_structuralObjectClass;
897
898
899
900
	AttributeDescription *si_ad_creatorsName;
	AttributeDescription *si_ad_createTimestamp;
	AttributeDescription *si_ad_modifiersName;
	AttributeDescription *si_ad_modifyTimestamp;
901
	AttributeDescription *si_ad_hasSubordinates;
902
	AttributeDescription *si_ad_subschemaSubentry;
903
	AttributeDescription *si_ad_collectiveSubentries;
904
	AttributeDescription *si_ad_collectiveExclusions;
905
	AttributeDescription *si_ad_entryDN;
906
907
	AttributeDescription *si_ad_entryUUID;
	AttributeDescription *si_ad_entryCSN;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
908
	AttributeDescription *si_ad_namingCSN;
909

910
911
	AttributeDescription *si_ad_dseType;
	AttributeDescription *si_ad_syncreplCookie;
Kurt Zeilenga's avatar
Kurt Zeilenga committed
912
	AttributeDescription *si_ad_syncTimestamp;
Jong Hyuk Choi's avatar
Jong Hyuk Choi committed
913
	AttributeDescription *si_ad_contextCSN;
914

915
	/* root DSE attribute descriptions */
916
	AttributeDescription *si_ad_altServer;
917
918
919
920
921
	AttributeDescription *si_ad_namingContexts;
	AttributeDescription *si_ad_supportedControl;
	AttributeDescription *si_ad_supportedExtension;
	AttributeDescription *si_ad_supportedLDAPVersion;
	AttributeDescription *si_ad_supportedSASLMechanisms;
922
	AttributeDescription *si_ad_supportedFeatures;
923
	AttributeDescription *si_ad_monitorContext;
924
925
	AttributeDescription *si_ad_vendorName;
	AttributeDescription *si_ad_vendorVersion;
926
	AttributeDescription *si_ad_configContext;
927
928
929
930

	/* subentry attribute descriptions */
	AttributeDescription *si_ad_administrativeRole;
	AttributeDescription *si_ad_subtreeSpecification;
931

932
	/* subschema subentry attribute descriptions */
933
	AttributeDescription *si_ad_attributeTypes;
934
935
	AttributeDescription *si_ad_ditContentRules;
	AttributeDescription *si_ad_ditStructureRules;
936
937
	AttributeDescription *si_ad_ldapSyntaxes;
	AttributeDescription *si_ad_matchingRules;
938
	AttributeDescription *si_ad_matchingRuleUse;
939
940
	AttributeDescription *si_ad_nameForms;
	AttributeDescription *si_ad_objectClasses;
941
942
943
944
945

	/* Aliases & Referrals */
	AttributeDescription *si_ad_aliasedObjectName;
	AttributeDescription *si_ad_ref;

946
	/* Access Control Internals */
947
948
	AttributeDescription *si_ad_entry;
	AttributeDescription *si_ad_children;
949
950
	AttributeDescription *si_ad_saslAuthzTo;
	AttributeDescription *si_ad_saslAuthzFrom;
951

952
953
954
955
	/* dynamic entries */
	AttributeDescription *si_ad_entryTtl;
	AttributeDescription *si_ad_dynamicSubtrees;

956
	/* Other attributes descriptions */
957
	AttributeDescription *si_ad_distinguishedName;
958
959
	AttributeDescription *si_ad_name;
	AttributeDescription *si_ad_cn;
960
	AttributeDescription *si_ad_uid;
961
962
	AttributeDescription *si_ad_uidNumber;
	AttributeDescription *si_ad_gidNumber;
963
	AttributeDescription *si_ad_userPassword;
Howard Chu's avatar
Howard Chu committed
964
	AttributeDescription *si_ad_labeledURI;
965
#ifdef SLAPD_AUTHPASSWD
966
	AttributeDescription *si_ad_authPassword;
967
	AttributeDescription *si_ad_authPasswordSchemes;
968
#endif
969