Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
openldap
OpenLDAP
Commits
4b48c05a
Commit
4b48c05a
authored
Sep 04, 2002
by
Jong Hyuk Choi
Browse files
LDAP Client Update Protocol - non-persistent update (TODO: response control ...)
parent
5d062ef5
Changes
6
Hide whitespace changes
Inline
Side-by-side
include/ldap.h
View file @
4b48c05a
...
...
@@ -32,6 +32,9 @@
LDAP_BEGIN_DECL
#define LDAP_CLIENT_UPDATE 1
#undef LDAP_CLIENT_UPDATE
#define LDAP_VERSION1 1
#define LDAP_VERSION2 2
#define LDAP_VERSION3 3
...
...
@@ -201,6 +204,12 @@ typedef struct ldapcontrol {
#define LDAP_CONTROL_PAGEDRESULTS "1.2.840.113556.1.4.319"
#endif
#if LDAP_CLIENT_UPDATE
#define LDAP_CONTROL_CLIENT_UPDATE "1.3.6.1.4.1.4203.666.7.1"
#define LDAP_CONTROL_ENTRY_UPDATE "1.3.6.1.4.1.4203.666.7.2"
#define LDAP_CONTROL_CLIENT_UPDATE_DONE "1.3.6.1.4.1.4203.666.7.3"
#endif
#define LDAP_CONTROL_SORTREQUEST "1.2.840.113556.1.4.473"
#define LDAP_CONTROL_SORTRESPONSE "1.2.840.113556.1.4.474"
#define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
...
...
@@ -254,8 +263,18 @@ typedef struct ldapcontrol {
/* general stuff */
#define LDAP_TAG_MESSAGE ((ber_tag_t) 0x30U)
/* constructed + 16 */
#define LDAP_TAG_MSGID ((ber_tag_t) 0x02U)
/* integer */
#ifdef LDAP_CLIENT_UPDATE
#define LDAP_TAG_INTERVAL ((ber_tag_t) 0x02U)
/* integer */
#endif
/* LDAP_CLIENT_UPDATE */
#define LDAP_TAG_LDAPDN ((ber_tag_t) 0x04U)
/* octet string */
#define LDAP_TAG_LDAPCRED ((ber_tag_t) 0x04U)
/* octet string */
#ifdef LDAP_CLIENT_UPDATE
#define LDAP_TAG_COOKIE ((ber_tag_t) 0x30U)
/* sequence */
#endif
/* LDAP_CLIENT_UPDATE */
#define LDAP_TAG_CONTROLS ((ber_tag_t) 0xa0U)
/* context specific + constructed + 0 */
#define LDAP_TAG_REFERRAL ((ber_tag_t) 0xa3U)
/* context specific + constructed + 3 */
...
...
@@ -442,6 +461,26 @@ typedef struct ldapcontrol {
#define LDAP_CLIENT_LOOP 0x60
/* draft-ietf-ldap-c-api-xx */
#define LDAP_REFERRAL_LIMIT_EXCEEDED 0x61
/* draft-ietf-ldap-c-api-xx */
#ifdef LDAP_CLIENT_UPDATE
/* resultCode for LCUP */
#define LCUP_RESOURCES_EXHAUSTED 0x62
#define LCUP_SECURITY_VIOLATION 0x63
#define LCUP_INVALID_COOKIE 0x64
#define LCUP_UNSUPPORTED_SCHEME 0x65
#define LCUP_CLIENT_DISCONNECT 0x66
#define LCUP_RELOAD_REQUIRED 0x67
#endif
/* LDAP_CLIENT_UPDATE */
#ifdef LDAP_CLIENT_UPDATE
#define SYNCHRONIZE_ONLY 0x00
#define SYNCHRONIZE_AND_PERSIST 0x01
#define PERSIST_ONLY 0x02
#endif
/* LDAP_CLIENT_UPDATE */
#ifdef LDAP_CLIENT_UPDATE
#define LDAP_LCUP_DEFAULT_SEND_COOKIE_INTERVAL 0x01
#endif
/* LDAP_CLIENT_UPDATE */
/*
* This structure represents both ldap messages and ldap responses.
* These are really the same, except in the case of search responses,
...
...
servers/slapd/back-bdb/search.c
View file @
4b48c05a
...
...
@@ -56,6 +56,13 @@ bdb_search(
int
nentries
=
0
;
int
manageDSAit
;
#ifdef LDAP_CLIENT_UPDATE
Filter
lcupf
,
csnfnot
,
csnfeq
,
csnfand
,
csnfge
;
AttributeAssertion
aa_ge
,
aa_eq
;
LDAPControl
ctrl
;
int
entry_count
=
0
;
#endif
/* LDAP_CLIENT_UPDATE */
struct
slap_limits_set
*
limit
=
NULL
;
int
isroot
=
0
;
...
...
@@ -334,6 +341,34 @@ dn2entry_retry:
filter_hasSubordinates
=
filter_has_subordinates
(
filter
);
#endif
/* SLAP_X_FILTER_HASSUBORDINATES */
#ifdef LDAP_CLIENT_UPDATE
if
(
op
->
o_clientupdatetype
==
SYNCHRONIZE_ONLY
||
op
->
o_clientupdatetype
==
SYNCHRONIZE_AND_PERSIST
)
{
lcupf
.
f_choice
=
LDAP_FILTER_AND
;
lcupf
.
f_and
=
&
csnfnot
;
lcupf
.
f_next
=
NULL
;
csnfnot
.
f_choice
=
LDAP_FILTER_NOT
;
csnfnot
.
f_not
=
&
csnfeq
;
csnfnot
.
f_next
=
&
csnfand
;
csnfeq
.
f_choice
=
LDAP_FILTER_EQUALITY
;
csnfeq
.
f_ava
=
&
aa_eq
;
csnfeq
.
f_av_desc
=
slap_schema
.
si_ad_entryCSN
;
ber_dupbv
(
&
csnfeq
.
f_av_value
,
op
->
o_clientupdatestate
);
csnfand
.
f_choice
=
LDAP_FILTER_AND
;
csnfand
.
f_and
=
&
csnfge
;
csnfand
.
f_next
=
NULL
;
csnfge
.
f_choice
=
LDAP_FILTER_GE
;
csnfge
.
f_ava
=
&
aa_ge
;
csnfge
.
f_av_desc
=
slap_schema
.
si_ad_entryCSN
;
ber_dupbv
(
&
csnfge
.
f_av_value
,
op
->
o_clientupdatestate
);
csnfge
.
f_next
=
filter
;
}
#endif
/* LDAP_CLIENT_UPDATE */
for
(
id
=
bdb_idl_first
(
candidates
,
&
cursor
);
id
!=
NOID
;
id
=
bdb_idl_next
(
candidates
,
&
cursor
)
)
...
...
@@ -529,7 +564,17 @@ id2entry_retry:
#endif
/* SLAP_X_FILTER_HASSUBORDINATES */
/* if it matches the filter and scope, send it */
#ifdef LDAP_CLIENT_UPDATE
if
(
op
->
o_clientupdatetype
==
SYNCHRONIZE_ONLY
||
op
->
o_clientupdatetype
==
SYNCHRONIZE_AND_PERSIST
)
{
rc
=
test_filter
(
be
,
conn
,
op
,
e
,
&
lcupf
);
}
else
{
rc
=
test_filter
(
be
,
conn
,
op
,
e
,
filter
);
}
#else
/* LDAP_CLIENT_UPDATE */
rc
=
test_filter
(
be
,
conn
,
op
,
e
,
filter
);
#endif
/* LDAP_CLIENT_UPDATE */
#ifdef SLAP_X_FILTER_HASSUBORDINATES
if
(
hasSubordinates
)
{
...
...
@@ -586,6 +631,7 @@ id2entry_retry:
#endif
result
=
send_search_entry
(
be
,
conn
,
op
,
e
,
attrs
,
attrsonly
,
NULL
);
#if 0
}
#endif
...
...
@@ -633,6 +679,7 @@ loop_continue:
ldap_pvt_thread_yield
();
}
send_search_result
(
conn
,
op
,
v2refs
==
NULL
?
LDAP_SUCCESS
:
LDAP_REFERRAL
,
NULL
,
NULL
,
v2refs
,
NULL
,
nentries
);
...
...
servers/slapd/controls.c
View file @
4b48c05a
...
...
@@ -50,6 +50,10 @@ static SLAP_CTRL_PARSE_FN parseNoOp;
static
SLAP_CTRL_PARSE_FN
parsePagedResults
;
static
SLAP_CTRL_PARSE_FN
parseValuesReturnFilter
;
#ifdef LDAP_CLIENT_UPDATE
static
SLAP_CTRL_PARSE_FN
parseClientUpdate
;
#endif
/* LDAP_CLIENT_UPDATE */
#undef sc_mask
/* avoid conflict with Irix 6.5 <sys/signal.h> */
static
struct
slap_control
{
...
...
@@ -81,6 +85,11 @@ static struct slap_control {
{
LDAP_CONTROL_VALUESRETURNFILTER
,
SLAP_CTRL_SEARCH
,
NULL
,
parseValuesReturnFilter
},
#endif
#ifdef LDAP_CLIENT_UPDATE
{
LDAP_CONTROL_CLIENT_UPDATE
,
SLAP_CTRL_SEARCH
,
NULL
,
parseClientUpdate
},
#endif
{
NULL
}
};
...
...
@@ -117,6 +126,10 @@ int get_ctrls(
int
rc
=
LDAP_SUCCESS
;
const
char
*
errmsg
=
NULL
;
#ifdef LDAP_CLIENT_UPDATE
op
->
o_clientupdatetype
=
-
1
;
#endif
len
=
ber_pvt_ber_remaining
(
ber
);
if
(
len
==
0
)
{
...
...
@@ -595,3 +608,119 @@ int parseValuesReturnFilter (
return
LDAP_SUCCESS
;
}
#endif
#ifdef LDAP_CLIENT_UPDATE
static
int
parseClientUpdate
(
Connection
*
conn
,
Operation
*
op
,
LDAPControl
*
ctrl
,
const
char
**
text
)
{
ber_tag_t
tag
;
BerElement
*
ber
;
ber_int_t
type
;
ber_int_t
interval
;
ber_len_t
len
;
struct
berval
scheme
=
{
0
,
NULL
};
struct
berval
cookie
=
{
0
,
NULL
};
if
(
op
->
o_noop
!=
SLAP_NO_CONTROL
)
{
*
text
=
"LCUP client update control specified multiple times"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
ctrl
->
ldctl_value
.
bv_len
==
0
)
{
*
text
=
"LCUP client update control value is empty"
;
return
LDAP_PROTOCOL_ERROR
;
}
/* Parse the control value
* ClientUpdateControlValue ::= SEQUENCE {
* updateType ENUMERATED {
* synchronizeOnly {0},
* synchronizeAndPersist {1},
* persistOnly {2} },
* sendCookieInterval INTEGER OPTIONAL,
* cookie LCUPCookie OPTIONAL
* }
*/
ber
=
ber_init
(
&
ctrl
->
ldctl_value
);
if
(
ber
==
NULL
)
{
*
text
=
"internal error"
;
return
LDAP_OTHER
;
}
if
(
(
tag
=
ber_scanf
(
ber
,
"{i"
/*}*/
,
&
type
))
==
LBER_ERROR
)
{
*
text
=
"LCUP client update control : decoding error"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
type
!=
SYNCHRONIZE_ONLY
&&
type
!=
SYNCHRONIZE_AND_PERSIST
&&
type
!=
PERSIST_ONLY
)
{
*
text
=
"LCUP client update control : unknown update type"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
(
tag
=
ber_peek_tag
(
ber
,
&
len
))
==
LBER_DEFAULT
)
{
*
text
=
"LCUP client update control : decoding error"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
tag
==
LDAP_TAG_INTERVAL
)
{
if
(
(
tag
=
ber_scanf
(
ber
,
"i"
,
&
interval
))
==
LBER_ERROR
)
{
*
text
=
"LCUP client update control : decoding error"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
interval
<=
0
)
{
/* server chooses interval */
interval
=
LDAP_LCUP_DEFAULT_SEND_COOKIE_INTERVAL
;
}
}
else
{
/* server chooses interval */
interval
=
LDAP_LCUP_DEFAULT_SEND_COOKIE_INTERVAL
;
}
if
(
(
tag
=
ber_peek_tag
(
ber
,
&
len
))
==
LBER_DEFAULT
)
{
*
text
=
"LCUP client update control : decoding error"
;
return
LDAP_PROTOCOL_ERROR
;
}
if
(
tag
==
LDAP_TAG_COOKIE
)
{
if
(
(
tag
=
ber_scanf
(
ber
,
/*{*/
"{mm}}"
,
&
scheme
,
&
cookie
))
==
LBER_ERROR
)
{
*
text
=
"LCUP client update control : decoding error"
;
return
LDAP_PROTOCOL_ERROR
;
}
}
/* TODO : Cookie Scheme Validation */
#if 0
if ( lcup_cookie_validate(scheme, cookie) != LDAP_SUCCESS ) {
*text = "Invalid LCUP cookie";
return LCUP_INVALID_COOKIE;
}
if ( lcup_cookie_scheme_validate(scheme) != LDAP_SUCCESS ) {
*text = "Unsupported LCUP cookie scheme";
return LCUP_UNSUPPORTED_SCHEME;
}
#endif
op
->
o_clientupdatestate
=
ber_dupbv
(
NULL
,
&
cookie
);
(
void
)
ber_free
(
ber
,
1
);
op
->
o_clientupdatetype
=
type
;
op
->
o_clientupdateinterval
=
interval
;
op
->
o_clientupdate
=
ctrl
->
ldctl_iscritical
?
SLAP_CRITICAL_CONTROL
:
SLAP_NONCRITICAL_CONTROL
;
return
LDAP_SUCCESS
;
}
#endif
servers/slapd/schema_init.c
View file @
4b48c05a
...
...
@@ -60,6 +60,10 @@
#define caseExactOrderingMatch caseExactMatch
#define integerOrderingMatch integerMatch
#ifdef LDAP_CLIENT_UPDATE
#define octetStringOrderingMatch octetStringMatch
#endif
/* LDAP_CLIENT_UPDATE */
/* unimplemented matching routines */
#define caseIgnoreListMatch NULL
#define caseIgnoreListSubstringsMatch NULL
...
...
@@ -4631,6 +4635,15 @@ static slap_mrule_defs_rec mrule_defs[] = {
octetStringMatch
,
octetStringIndexer
,
octetStringFilter
,
NULL
},
#ifdef LDAP_CLIENT_UPDATE
{
"( 2.5.13.18 NAME 'octetStringOrderingMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )"
,
SLAP_MR_ORDERING
,
NULL
,
NULL
,
NULL
,
octetStringOrderingMatch
,
NULL
,
NULL
,
NULL
},
#endif
/* LDAP_CLIENT_UPDATE */
{
"( 2.5.13.20 NAME 'telephoneNumberMatch' "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )"
,
SLAP_MR_EQUALITY
|
SLAP_MR_EXT
|
SLAP_MR_DN_FOLD
,
NULL
,
...
...
servers/slapd/schema_prep.c
View file @
4b48c05a
...
...
@@ -450,6 +450,9 @@ static struct slap_schema_ad_map {
{
"entryCSN"
,
"( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' "
"DESC 'LCUP/LDUP: change sequence number' "
"EQUALITY octetStringMatch "
#ifdef LDAP_CLIENT_UPDATE
"ORDERING octetStringOrderingMatch "
#endif
/* LDAP_CLIENT_UPDATE */
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64} "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )"
,
NULL
,
SLAP_AT_HIDE
,
...
...
servers/slapd/slap.h
View file @
4b48c05a
...
...
@@ -1585,6 +1585,13 @@ typedef struct slap_op {
ber_int_t
o_pagedresults_size
;
PagedResultsState
o_pagedresults_state
;
#ifdef LDAP_CLIENT_UPDATE
char
o_clientupdate
;
ber_int_t
o_clientupdatetype
;
ber_int_t
o_clientupdateinterval
;
struct
berval
*
o_clientupdatestate
;
#endif
#ifdef LDAP_CONNECTIONLESS
Sockaddr
o_peeraddr
;
/* UDP peer address */
#endif
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment