Commit 02153708 authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

conversion to berval DN

parent 7d63865e
......@@ -102,8 +102,10 @@ meta_back_add(
* get the current connection
*/
lc = meta_back_getconn( li, conn, op, META_OP_REQUIRE_SINGLE,
e->e_ndn, &candidate );
if ( !lc || !meta_back_dobind( lc, op ) ) {
&e->e_nname, &candidate );
if ( !lc || !meta_back_dobind( lc, op ) || !meta_back_is_valid( lc, candidate ) ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
NULL, NULL, NULL, NULL );
return -1;
}
......
......@@ -89,7 +89,7 @@ meta_back_attribute(
Connection *conn,
Operation *op,
Entry *target,
const char *ndn,
struct berval *ndn,
AttributeDescription *entry_at,
struct berval ***vals
)
......@@ -104,7 +104,7 @@ meta_back_attribute(
LDAP *ld;
*vals = NULL;
if ( target != NULL && strcmp( target->e_ndn, ndn ) == 0 ) {
if ( target != NULL && strcmp( target->e_ndn, ndn->bv_val ) == 0 ) {
/* we already have a copy of the entry */
/* attribute and objectclass mapping has already been done */
attr = attr_find( target->e_attrs, entry_at );
......@@ -147,15 +147,16 @@ meta_back_attribute(
return 1;
}
rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn,
li->targets[ candidate ]->bindpw, LDAP_AUTH_SIMPLE );
rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn->bv_val,
li->targets[ candidate ]->bindpw->bv_val, LDAP_AUTH_SIMPLE );
if ( rc != LDAP_SUCCESS) {
return 1;
}
gattr[ 0 ] = mapped;
gattr[ 1 ] = NULL;
if ( ldap_search_ext_s( ld, ndn, LDAP_SCOPE_BASE, "(objectclass=*)",
if ( ldap_search_ext_s( ld, ndn->bv_val, LDAP_SCOPE_BASE,
"(objectclass=*)",
gattr, 0, NULL, NULL, LDAP_NO_LIMIT,
LDAP_NO_LIMIT, &result) == LDAP_SUCCESS) {
if ( ( e = ldap_first_entry( ld, result ) ) != NULL ) {
......
......@@ -89,7 +89,7 @@ struct metasingleconn {
#define META_CANDIDATE 1
LDAP *ld;
char *bound_dn;
struct berval *bound_dn;
int bound;
#define META_UNBOUND 0
#define META_BOUND 1
......@@ -113,12 +113,13 @@ struct metaconn {
struct metatarget {
char *uri;
char *suffix;/* normalized suffix */
char *binddn;
char *bindpw;
struct berval *psuffix; /* pretty suffix */
struct berval *suffix; /* normalized suffix */
struct berval *binddn;
struct berval *bindpw;
char *pseudorootdn;
char *pseudorootpw;
struct berval *pseudorootdn;
struct berval *pseudorootpw;
struct rewrite_info *rwinfo;
......@@ -151,9 +152,9 @@ extern int
meta_back_do_single_bind(
struct metainfo *li,
struct metaconn *lc,
const char *dn,
const char *ndn,
const char *cred,
struct berval *dn,
struct berval *ndn,
struct berval *cred,
int method,
int candidate
);
......@@ -168,7 +169,7 @@ meta_back_getconn(
struct slap_conn *conn,
struct slap_op *op,
int op_type,
const char *dn,
struct berval *dn,
int *candidate
);
......@@ -178,6 +179,12 @@ meta_back_dobind(
Operation *op
);
extern int
meta_back_is_valid(
struct metaconn *lc,
int candidate
);
extern int
meta_back_op_result(
struct metaconn *lc,
......@@ -207,27 +214,26 @@ meta_back_conn_dup(
*/
extern int
meta_back_is_candidate(
const char *nsuffix,
const char *ndn,
int ndnlen
struct berval *nsuffix,
struct berval *ndn
);
extern int
meta_back_count_candidates(
struct metainfo *li,
const char *ndn
struct berval *ndn
);
extern int
meta_back_is_candidate_unique(
struct metainfo *li,
const char *ndn
struct berval *ndn
);
extern int
meta_back_select_unique_candidate(
struct metainfo *li,
const char *ndn
struct berval *ndn
);
extern int
......@@ -262,20 +268,20 @@ meta_dncache_dup(
extern int
meta_dncache_get_target(
struct metadncache *cache,
const char *ndn
struct berval *ndn
);
extern int
meta_dncache_update_entry(
struct metadncache *cache,
const char *ndn,
struct berval *ndn,
int target
);
extern int
meta_dncache_delete_entry(
struct metadncache *cache,
const char *ndn
struct berval *ndn
);
extern void
......
......@@ -96,9 +96,9 @@ meta_back_bind(
int op_type = META_OP_ALLOW_MULTIPLE;
int err = LDAP_SUCCESS;
char *realdn = (char *)dn->bv_val;
char *realndn = (char *)ndn->bv_val;
char *realcred = cred->bv_val;
struct berval *realdn = dn;
struct berval *realndn = ndn;
struct berval *realcred = cred;
int realmethod = method;
#ifdef NEW_LOGGING
......@@ -114,7 +114,7 @@ meta_back_bind(
ber_dupbv( edn, be_root_dn( be ) );
op_type = META_OP_REQUIRE_ALL;
}
lc = meta_back_getconn( li, conn, op, op_type, ndn->bv_val, NULL );
lc = meta_back_getconn( li, conn, op, op_type, ndn, NULL );
if ( !lc ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_NOTICE,
......@@ -214,9 +214,9 @@ int
meta_back_do_single_bind(
struct metainfo *li,
struct metaconn *lc,
const char *dn,
const char *ndn,
const char *cred,
struct berval *dn,
struct berval *ndn,
struct berval *cred,
int method,
int candidate
)
......@@ -228,18 +228,18 @@ meta_back_do_single_bind(
* Rewrite the bind dn if needed
*/
switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
"bindDn", dn, lc->conn, &mdn ) ) {
"bindDn", dn->bv_val, lc->conn, &mdn ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn == NULL ) {
mdn = ( char * )dn;
mdn = ( char * )dn->bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
"[rw] bindDn: \"%s\" -> \"%s\"\n", dn, mdn ));
"[rw] bindDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn ));
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> bindDn: \"%s\" -> \"%s\"\n%s",
dn, mdn, "" );
dn->bv_val, mdn, "" );
#endif /* !NEW_LOGGING */
break;
......@@ -250,22 +250,22 @@ meta_back_do_single_bind(
return LDAP_OPERATIONS_ERROR;
}
rc = ldap_bind_s( lc->conns[ candidate ]->ld, mdn, cred, method );
rc = ldap_bind_s( lc->conns[ candidate ]->ld, mdn, cred->bv_val, method );
if ( rc != LDAP_SUCCESS ) {
rc = ldap_back_map_result( rc );
} else {
lc->conns[ candidate ]->bound_dn = ch_strdup( dn );
lc->conns[ candidate ]->bound_dn = ber_bvdup( dn );
lc->conns[ candidate ]->bound = META_BOUND;
lc->bound_target = candidate;
if ( li->cache.ttl != META_DNCACHE_DISABLED
&& ndn[ 0 ] != '\0' ) {
&& ndn->bv_len != 0 ) {
( void )meta_dncache_update_entry( &li->cache,
ch_strdup( ndn ), candidate );
ber_bvdup( ndn ), candidate );
}
}
if ( mdn != dn ) {
if ( mdn != dn->bv_val ) {
free( mdn );
}
......@@ -311,7 +311,7 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
* (note: if the target was already bound, the anonymous
* bind clears the previous bind).
*/
rc = ldap_bind_s( lsc[ 0 ]->ld, lsc[ 0 ]->bound_dn,
rc = ldap_bind_s( lsc[ 0 ]->ld, lsc[ 0 ]->bound_dn->bv_val,
NULL, LDAP_AUTH_SIMPLE );
if ( rc != LDAP_SUCCESS ) {
......@@ -320,14 +320,14 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
"meta_back_dobind: (anonymous)"
" bind as \"%s\" failed"
" with error \"%s\"\n",
lsc[ 0 ]->bound_dn,
lsc[ 0 ]->bound_dn->bv_val,
ldap_err2string( rc ) ));
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ANY,
"==>meta_back_dobind: (anonymous)"
" bind as \"%s\" failed"
" with error \"%s\"\n%s",
lsc[ 0 ]->bound_dn,
lsc[ 0 ]->bound_dn->bv_val,
ldap_err2string( rc ), "" );
#endif /* !NEW_LOGGING */
......@@ -349,6 +349,32 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
return( bound > 0 );
}
/*
*
*/
int
meta_back_is_valid( struct metaconn *lc, int candidate )
{
struct metasingleconn **lsc;
int i;
assert( lc );
if ( candidate < 0 ) {
return 0;
}
for ( i = 0, lsc = lc->conns;
lsc[ 0 ] != NULL && i < candidate;
++i, ++lsc );
if ( lsc[ 0 ] ) {
return( lsc[ 0 ]->ld != NULL );
}
return 0;
}
/*
* FIXME: error return must be handled in a cleaner way ...
*/
......
......@@ -101,43 +101,14 @@
*/
int
meta_back_is_candidate(
const char *nsuffix,
const char *ndn,
int ndnlen
struct berval *nsuffix,
struct berval *ndn
)
{
int len = strlen( nsuffix );
if ( len > ndnlen ) {
if ( dnIsSuffix( nsuffix, ndn ) || dnIsSuffix( ndn, nsuffix ) ) {
/*
* suffix longer than dn
*/
if ( ! DN_SEPARATOR( nsuffix[ ( len - ndnlen ) - 1 ] ) ) {
/*
* not a separator begins the possible common part
*/
return META_NOT_CANDIDATE;
}
if ( strcmp( &nsuffix[ len - ndnlen ] , ndn ) == 0 ) {
/*
* Got it!
*/
return META_CANDIDATE;
}
}
if ( len < ndnlen && ! DN_SEPARATOR( ndn[ ( ndnlen - len ) - 1 ] ) ) {
/*
* not a separator begins the possible common part
*/
return META_NOT_CANDIDATE;
}
if ( strcmp( nsuffix, &ndn[ ndnlen - len ] ) == 0 ) {
/*
* Got it!
*/
return META_CANDIDATE;
}
......@@ -154,10 +125,10 @@ meta_back_is_candidate(
int
meta_back_count_candidates(
struct metainfo *li,
const char *ndn
struct berval *ndn
)
{
int i, cnt = 0, ndnlen = strlen( ndn );
int i, cnt = 0;
/*
* I know assertions should not check run-time values;
......@@ -168,8 +139,7 @@ meta_back_count_candidates(
assert( li->ntargets != 0 );
for ( i = 0; i < li->ntargets; ++i ) {
if ( meta_back_is_candidate( li->targets[ i ]->suffix,
ndn, ndnlen ) ) {
if ( meta_back_is_candidate( li->targets[ i ]->suffix, ndn ) ) {
++cnt;
}
}
......@@ -186,7 +156,7 @@ meta_back_count_candidates(
int
meta_back_is_candidate_unique(
struct metainfo *li,
const char *ndn
struct berval *ndn
)
{
return ( meta_back_count_candidates( li, ndn ) == 1 );
......@@ -202,10 +172,10 @@ meta_back_is_candidate_unique(
int
meta_back_select_unique_candidate(
struct metainfo *li,
const char *ndn
struct berval *ndn
)
{
int i, ndnlen;
int i;
switch ( meta_back_count_candidates( li, ndn ) ) {
case 1:
......@@ -216,10 +186,8 @@ meta_back_select_unique_candidate(
? -1 : li->defaulttarget );
}
ndnlen = strlen( ndn );
for ( i = 0; i < li->ntargets; ++i ) {
if ( meta_back_is_candidate( li->targets[ i ]->suffix,
ndn, ndnlen ) ) {
if ( meta_back_is_candidate( li->targets[ i ]->suffix, ndn ) ) {
return i;
}
}
......@@ -275,7 +243,7 @@ meta_clear_one_candidate(
}
if ( lsc->bound_dn != NULL ) {
free( lsc->bound_dn );
ber_bvfree( lsc->bound_dn );
lsc->bound_dn = NULL;
}
......
......@@ -80,8 +80,8 @@ meta_back_compare(
Backend *be,
Connection *conn,
Operation *op,
const char *dn,
const char *ndn,
struct berval *dn,
struct berval *ndn,
AttributeAssertion *ava
)
{
......@@ -120,19 +120,20 @@ meta_back_compare(
* Rewrite the compare dn, if needed
*/
switch ( rewrite_session( li->targets[ i ]->rwinfo,
"compareDn", dn, conn, &mdn ) ) {
"compareDn",
dn->bv_val, conn, &mdn ) ) {
case REWRITE_REGEXEC_OK:
if ( mdn == NULL ) {
mdn = ( char * )dn;
mdn = ( char * )dn->bv_val;
}
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
"[rw] compareDn: \"%s\" -> \"%s\"\n",
dn, mdn ));
dn->bv_val, mdn ));
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> compareDn: \"%s\" -> \"%s\"\n%s",
dn, mdn, "" );
dn->bv_val, mdn, "" );
#endif /* !NEW_LOGGING */
break;
......@@ -185,7 +186,7 @@ meta_back_compare(
continue;
}
if ( mdn != dn ) {
if ( mdn != dn->bv_val ) {
free( mdn );
}
if ( mapped_attr != ava->aa_desc->ad_cname.bv_val ) {
......@@ -243,7 +244,7 @@ meta_back_compare(
* sending to cache ...
*/
if ( li->cache.ttl != META_DNCACHE_DISABLED ) {
( void )meta_dncache_update_entry( &li->cache, ch_strdup( ndn ), i );
( void )meta_dncache_update_entry( &li->cache, ber_bvdup( ndn ), i );
}
count++;
......
......@@ -137,12 +137,14 @@ meta_back_db_config(
/* URI of server to query */
if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
int i = li->ntargets;
int i = li->ntargets;
#if 0
int j;
int j;
#endif /* uncomment if uri MUST be a branch of suffix */
LDAPURLDesc *ludp;
char *last;
LDAPURLDesc *ludp;
char *last;
struct berval dn, *pdn = NULL, *ndn = NULL;
int rc;
if ( argc != 2 ) {
fprintf( stderr,
......@@ -197,17 +199,33 @@ meta_back_db_config(
/*
* copies and stores uri and suffix
*/
li->targets[ i ]->suffix = ch_strdup( ludp->lud_dn );
dn.bv_val = ludp->lud_dn;
dn.bv_len = strlen( ludp->lud_dn );
rc = dnPretty( NULL, &dn, &pdn );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"target '%s' DN is invalid\n",
fname, lineno, argv[ 1 ] );
return( 1 );
}
rc = dnNormalize( NULL, &dn, &ndn );
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"target '%s' DN is invalid\n",
fname, lineno, argv[ 1 ] );
ber_bvfree( ndn );
return( 1 );
}
li->targets[ i ]->psuffix = pdn;
li->targets[ i ]->suffix = ndn;
li->targets[ i ]->uri = ch_strdup( argv[ 1 ] );
last = strstr( li->targets[ i ]->uri,
li->targets[ i ]->suffix );
last = strstr( li->targets[ i ]->uri, ludp->lud_dn );
assert( last != NULL );
last[ 0 ] = '\0'; /* wasting memory ... */
/*
* Need to store the suffix in normalized form
*/
(void) dn_normalize( li->targets[ i ]->suffix );
last[ 0 ] = '\0';
/*
* uri MUST be a branch of suffix!
......@@ -241,8 +259,8 @@ meta_back_db_config(
* or worked out, at least, in some manner
*/
for ( j = 0; j < i-1; j++ ) {
if ( strcmp( li->targets[ i ]->suffix,
li->targets[ j ]->suffix ) == 0 ) {
if ( strcmp( li->targets[ i ]->suffix->bv_val,
li->targets[ j ]->suffix->bv_val ) == 0 ) {
fprintf( stderr,
"%s: line %d: naming context \"%s\" already used"
" in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
......@@ -254,21 +272,13 @@ meta_back_db_config(
ldap_free_urldesc( ludp );
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"meta_back_db_config:"
" URI \"%s\", suffix \"%s\"\n",
li->targets[ i ]->uri,
li->targets[ i ]->suffix ));
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_CONFIG,
"==>meta_back_db_config: URI \"%s\", suffix \"%s\"\n%s",
li->targets[ i ]->uri, li->targets[ i ]->suffix, "" );
#endif /* !NEW_LOGGING */
fprintf(stderr, "%s: line %d: URI \"%s\", suffix \"%s\"\n",
fname, lineno, li->targets[ i ]->uri,
li->targets[ i ]->psuffix->bv_val );
/* default target directive */
} else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
int i = li->ntargets-1;
int i = li->ntargets-1;
if ( argc == 1 ) {
if ( i < 0 ) {
......@@ -319,7 +329,8 @@ meta_back_db_config(
/* name to use for meta_back_group */
} else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
int i = li->ntargets-1;
int i = li->ntargets-1;
struct berval dn, *ndn = NULL;
if ( i < 0 ) {
fprintf( stderr,
......@@ -333,11 +344,21 @@ meta_back_db_config(
fname, lineno );
return 1;
}
li->targets[ i ]->binddn = ch_strdup( argv[ 1 ] );
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( argv[ 1 ] );
if ( dnNormalize( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: "
"bind DN '%s' is invalid\n",
fname, lineno, argv[ 1 ] );
return( 1 );
}
li->targets[ i ]->binddn = ndn;
/* password to use for meta_back_group */
} else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
int i = li->ntargets-1;
int i = li->ntargets-1;
if ( i < 0 ) {
fprintf( stderr,
......@@ -351,11 +372,12 @@ meta_back_db_config(
fname, lineno );
return 1;
}
li->targets[ i ]->bindpw</