Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
openldap
OpenLDAP
Commits
b813a5ba
Commit
b813a5ba
authored
May 27, 2000
by
Kurt Zeilenga
Browse files
SLAPD_SCHEMA_NOT_COMPAT: prelim ACL work
parent
dab0793d
Changes
8
Hide whitespace changes
Inline
Side-by-side
servers/slapd/aclparse.c
View file @
b813a5ba
...
...
@@ -98,8 +98,14 @@ parse_acl(
#ifdef SLAPD_SCHEMA_NOT_COMPAT
int
rc
;
const
char
*
text
;
static
AttributeDescription
*
member
=
NULL
;
static
AttributeDescription
*
aci
=
NULL
;
AttributeDescription
*
ad_distinguishedName
=
slap_schema
.
si_ad_distinguishedName
;
AttributeDescription
*
ad_member
=
slap_schema
.
si_ad_member
;
#ifdef SLAPD_ACI_ENABLED
AttributeDescription
*
ad_aci
=
slap_schema
.
si_ad_aci
;
#endif
#else
static
char
*
ad_aci
=
"aci"
;
static
char
*
ad_member
=
"member"
;
#endif
a
=
NULL
;
...
...
@@ -336,16 +342,17 @@ parse_acl(
acl_usage
();
}
#ifdef SLAPD_OID_DN_SYNTAX
if
(
strcmp
(
b
->
a_dn_at
->
ad_type
->
sat_syntax
_oid
,
SLAPD_OID_DN_SYNTAX
)
!=
0
)
if
(
b
->
a_dn_at
->
ad_type
->
sat_syntax
!=
ad_distinguishedName
->
ad_type
->
sat_syntax
)
{
fprintf
(
stderr
,
"%s: line %d: dnattr attribute type not of DN syntax.
\n
"
,
fname
,
lineno
);
"%s: line %d: dnattr
\"
%s
\"
: inappropriate syntax: %s
\n
"
,
fname
,
lineno
,
right
,
b
->
a_dn_at
->
ad_type
->
sat_syntax_oid
);
acl_usage
();
}
#endif
#else
b
->
a_dn_at
=
ch_strdup
(
right
);
#endif
...
...
@@ -393,6 +400,16 @@ parse_acl(
fname
,
lineno
,
right
,
text
);
acl_usage
();
}
if
(
b
->
a_group_at
->
ad_type
->
sat_syntax
!=
ad_member
->
ad_type
->
sat_syntax
)
{
fprintf
(
stderr
,
"%s: line %d: group
\"
%s
\"
: inappropriate syntax: %s
\n
"
,
fname
,
lineno
,
right
,
b
->
a_group_at
->
ad_type
->
sat_syntax_oid
);
acl_usage
();
}
#else
b
->
a_group_at
=
ch_strdup
(
name
);
#endif
...
...
@@ -400,9 +417,9 @@ parse_acl(
}
else
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
b
->
a_group_at
=
member
;
b
->
a_group_at
=
ad_dup
(
ad_
member
)
;
#else
b
->
a_group_at
=
ch_strdup
(
"
member
"
);
b
->
a_group_at
=
ch_strdup
(
ad_
member
);
#endif
}
...
...
@@ -413,17 +430,6 @@ parse_acl(
fname
,
lineno
);
acl_usage
();
}
#ifdef SLAPD_OID_DN_SYNTAX
if
(
strcmp
(
b
->
a_group_at
->
ad_type
->
sat_syntax_oid
,
SLAPD_OID_DN_SYNTAX
)
!=
0
)
{
fprintf
(
stderr
,
"%s: line %d: group attribute type not of DN syntax.
\n
"
,
fname
,
lineno
);
acl_usage
();
}
#endif
/* SLAPD_OID_DN_SYNTAX */
#endif
/* SLAPD_SCHEMA_NOT_COMPAT */
continue
;
}
...
...
@@ -499,8 +505,18 @@ parse_acl(
fname
,
lineno
,
right
,
text
);
acl_usage
();
}
if
(
b
->
a_aci_at
->
ad_type
->
sat_syntax
!=
ad_aci
->
ad_type
->
sat_syntax
)
{
fprintf
(
stderr
,
"%s: line %d: aci
\"
%s
\"
: inappropriate syntax: %s
\n
"
,
fname
,
lineno
,
right
,
b
->
a_aci_at
->
ad_type
->
sat_syntax_oid
);
acl_usage
();
}
}
else
{
b
->
a_aci_at
=
a
ci
;
b
->
a_aci_at
=
a
d_dup
(
ad_aci
)
;
}
if
(
b
->
a_aci_at
==
NULL
)
{
...
...
@@ -510,14 +526,6 @@ parse_acl(
acl_usage
();
}
if
(
strcmp
(
b
->
a_aci_at
->
ad_type
->
sat_syntax_oid
,
SLAPD_OID_ACI_SYNTAX
)
!=
0
)
{
fprintf
(
stderr
,
"%s: line %d: aci attribute type not of ACI syntax.
\n
"
,
fname
,
lineno
);
acl_usage
();
}
#else
if
(
right
!=
NULL
&&
*
right
!=
'\0'
)
{
b
->
a_aci_at
=
ch_strdup
(
right
);
...
...
@@ -939,7 +947,11 @@ print_access( Access *b )
}
if
(
b
->
a_dn_at
!=
NULL
)
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf
(
stderr
,
" dnattr=%s"
,
b
->
a_dn_at
->
ad_cname
->
bv_val
);
#else
fprintf
(
stderr
,
" dnattr=%s"
,
b
->
a_dn_at
);
#endif
}
if
(
b
->
a_group_pat
!=
NULL
)
{
...
...
@@ -949,7 +961,11 @@ print_access( Access *b )
fprintf
(
stderr
,
" objectClass: %s"
,
b
->
a_group_oc
);
if
(
b
->
a_group_at
)
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf
(
stderr
,
" attributeType: %s"
,
b
->
a_group_at
->
ad_cname
->
bv_val
);
#else
fprintf
(
stderr
,
" attributeType: %s"
,
b
->
a_group_at
);
#endif
}
}
}
...
...
@@ -972,7 +988,11 @@ print_access( Access *b )
#ifdef SLAPD_ACI_ENABLED
if
(
b
->
a_aci_at
!=
NULL
)
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf
(
stderr
,
" aci=%s"
,
b
->
a_aci_at
->
ad_cname
->
bv_val
);
#else
fprintf
(
stderr
,
" aci=%s"
,
b
->
a_aci_at
);
#endif
}
#endif
...
...
servers/slapd/at.c
View file @
b813a5ba
...
...
@@ -92,7 +92,7 @@ at_config(
#define SYNTAX_DSCE_OID "2.5.13.5"
#define SYNTAX_IA5_OID "1.3.6.1.4.1.1466.115.121.1.26"
#define SYNTAX_IA5CE_OID "1.3.6.1.4.1.1466.109.114.1"
#define SYNTAX_DN_OID
SLAPD_OID_DN_SYNTAX
#define SYNTAX_DN_OID
"1.3.6.1.4.1.1466.115.121.1.12"
#define SYNTAX_TEL_OID "1.3.6.1.4.1.1466.115.121.1.50"
#define SYNTAX_BIN_OID "1.3.6.1.4.1.1466.115.121.1.40"
/* octetString */
...
...
servers/slapd/back-ldbm/alias.c
View file @
b813a5ba
...
...
@@ -218,9 +218,9 @@ static char* get_alias_dn(
{
Attribute
*
a
;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
static
AttributeDescription
*
aliasedObjectName
=
NULL
;
AttributeDescription
*
aliasedObjectName
=
slap_schema
.
si_ad_aliasedObjectName
;
#else
static
const
char
*
aliasedObjectName
=
NULL
;
static
const
char
*
aliasedObjectName
=
"aliasedObjectName"
;
#endif
a
=
attr_find
(
e
->
e_attrs
,
aliasedObjectName
);
...
...
servers/slapd/back-ldbm/group.c
View file @
b813a5ba
...
...
@@ -41,7 +41,7 @@ ldbm_back_group(
Attribute
*
attr
;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
static
AttributeDescription
*
objectClass
=
NULL
;
AttributeDescription
*
objectClass
=
slap_schema
.
si_ad_objectClass
;
const
char
*
groupattrName
=
group_at
->
ad_cname
->
bv_val
;
#else
struct
berval
bv
;
...
...
servers/slapd/proto-slap.h
View file @
b813a5ba
...
...
@@ -92,7 +92,6 @@ LIBSLAPD_F (AttributeType *) at_find LDAP_P(( const char *name ));
LIBSLAPD_F
(
int
)
at_find_in_list
LDAP_P
((
AttributeType
*
sat
,
AttributeType
**
list
));
LIBSLAPD_F
(
int
)
at_append_to_list
LDAP_P
((
AttributeType
*
sat
,
AttributeType
***
listp
));
LIBSLAPD_F
(
int
)
at_delete_from_list
LDAP_P
((
int
pos
,
AttributeType
***
listp
));
LIBSLAPD_F
(
int
)
at_fake_if_needed
LDAP_P
((
const
char
*
name
));
LIBSLAPD_F
(
int
)
at_schema_info
LDAP_P
((
Entry
*
e
));
LIBSLAPD_F
(
int
)
at_add
LDAP_P
((
LDAP_ATTRIBUTE_TYPE
*
at
,
const
char
**
err
));
...
...
@@ -103,6 +102,7 @@ LIBSLAPD_F (int) is_at_subtype LDAP_P((
# define at_canonical_name(at) ((at)->sat_cname)
#else
LIBSLAPD_F
(
int
)
at_fake_if_needed
LDAP_P
((
const
char
*
name
));
LIBSLAPD_F
(
char
*
)
at_canonical_name
LDAP_P
((
const
char
*
a_type
));
#endif
...
...
servers/slapd/schema_init.c
View file @
b813a5ba
...
...
@@ -16,7 +16,15 @@
#include
"slap.h"
#include
"ldap_pvt.h"
#define berValidate blobValidate
static
int
inValidate
(
Syntax
*
syntax
,
struct
berval
*
in
)
{
/* any value allowed */
return
LDAP_OTHER
;
}
static
int
blobValidate
(
Syntax
*
syntax
,
...
...
@@ -26,6 +34,8 @@ blobValidate(
return
LDAP_SUCCESS
;
}
#define berValidate blobValidate
static
int
UTF8StringValidate
(
Syntax
*
syntax
,
...
...
@@ -341,6 +351,7 @@ struct syntax_defs_rec {
#endif
};
#define X_HIDE "X-HIDE 'TRUE' "
#define X_BINARY "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
#define X_NOT_H_R "X-NOT-HUMAN-READABLE 'TRUE' "
...
...
@@ -457,8 +468,12 @@ struct syntax_defs_rec syntax_defs[] = {
0
,
NULL
,
NULL
,
NULL
},
/* OpenLDAP Experimental Syntaxes */
{
"(
"
SLAPD_OID_ACI_SYNTAX
"
DESC 'OpenLDAP Experimental ACI' )"
,
{
"(
1.3.6.1.4.1.4203.666.2.1
DESC 'OpenLDAP Experimental ACI' )"
,
0
,
NULL
,
NULL
,
NULL
},
{
"( 1.3.6.1.4.1.4203.666.2.2 DESC 'OpenLDAP void' "
X_HIDE
")"
,
SLAP_SYNTAX_HIDE
,
NULL
,
NULL
,
NULL
},
{
"( 1.3.6.1.4.1.4203.666.2.3 DESC 'OpenLDAP DN' "
X_HIDE
")"
,
SLAP_SYNTAX_HIDE
,
NULL
,
NULL
,
NULL
},
{
NULL
,
0
,
NULL
,
NULL
,
NULL
}
};
...
...
servers/slapd/schema_prep.c
View file @
b813a5ba
...
...
@@ -41,8 +41,15 @@ struct slap_schema_oc_map {
char
*
ssom_name
;
size_t
ssom_offset
;
}
oc_map
[]
=
{
{
"top"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_top
)
},
{
"alias"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_alias
)
},
{
"referral"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_referral
)
},
{
"LDAProotDSE"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_rootdse
)
},
{
"LDAPsubentry"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_subentry
)
},
{
"subschema"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_subschema
)
},
#ifdef SLAPD_ACI_ENABLED
{
"groupOfNames"
,
offsetof
(
struct
slap_internal_schema
,
si_oc_groupOfNames
)
},
#endif
{
NULL
,
0
}
};
...
...
@@ -54,6 +61,7 @@ struct slap_schema_ad_map {
{
"objectClass"
,
objectClassMatch
,
offsetof
(
struct
slap_internal_schema
,
si_ad_objectClass
)
},
/* user entry operational attributes */
{
"creatorsName"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_creatorsName
)
},
{
"createTimestamp"
,
NULL
,
...
...
@@ -62,10 +70,10 @@ struct slap_schema_ad_map {
offsetof
(
struct
slap_internal_schema
,
si_ad_modifiersName
)
},
{
"modifyTimestamp"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_modifyTimestamp
)
},
{
"subschemaSubentry"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_subschemaSubentry
)
},
/* root DSE attributes */
{
"namingContexts"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_namingContexts
)
},
{
"supportedControl"
,
NULL
,
...
...
@@ -74,14 +82,14 @@ struct slap_schema_ad_map {
offsetof
(
struct
slap_internal_schema
,
si_ad_supportedExtension
)
},
{
"supportedLDAPVersion"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_supportedLDAPVersion
)
},
#ifdef L
D
AP_A
P
I_
FEATURE_X_OPENLDAP_V2_KBIN
D
#ifdef
S
LAP
D
_A
C
I_
ENABLE
D
{
"supportedACIMechanisms"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_supportedACIMechanisms
)
},
#endif
{
"supportedSASLMechanisms"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_supportedSASLMechanisms
)
},
/* subschema subentry attributes */
{
"attributeTypes"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_attributeTypes
)
},
{
"ldapSyntaxes"
,
NULL
,
...
...
@@ -91,13 +99,25 @@ struct slap_schema_ad_map {
{
"objectClasses"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_objectClasses
)
},
/* knowledge information */
{
"aliasedObjectName"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_aliasedObjectName
)
},
{
"ref"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_ref
)
},
/* access control information */
{
"entry"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_entry
)
},
{
"children"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_children
)
},
{
"distinguishedName"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_distinguishedName
)
},
{
"member"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_member
)
},
#ifdef SLAPD_ACI_ENABLED
{
"aci"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_aci
)
},
#endif
{
"userPassword"
,
NULL
,
offsetof
(
struct
slap_internal_schema
,
si_ad_userPassword
)
},
...
...
servers/slapd/slap.h
View file @
b813a5ba
...
...
@@ -93,11 +93,12 @@ LDAP_BEGIN_DECL
#define AD_LEADCHAR(c) ( ATTR_CHAR(c) )
#define AD_CHAR(c) ( ATTR_CHAR(c) || (c) == ';' )
#define SLAPD_ACI_DEFAULT_ATTR "aci"
#ifndef SLAPD_SCHEMA_NOT_COMPAT
/* schema needed by slapd */
#define SLAPD_OID_DN_SYNTAX "1.3.6.1.4.1.1466.115.121.1.12"
#define SLAPD_OID_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
/* experimental */
#define SLAPD_ACI_DEFAULT_ATTR "aci"
#endif
LIBSLAPD_F
(
int
)
slap_debug
;
...
...
@@ -155,10 +156,11 @@ typedef struct slap_syntax {
unsigned
ssyn_flags
;
#define SLAP_SYNTAX_NONE 0x0U
#define SLAP_SYNTAX_BLOB 0x1U
/* syntax treated as blob (audio) */
#define SLAP_SYNTAX_BINARY 0x2U
/* binary transfer required (certificate) */
#define SLAP_SYNTAX_BER 0x4U
/* stored using BER encoding (binary,certificate) */
#define SLAP_SYNTAX_NONE 0x00U
#define SLAP_SYNTAX_BLOB 0x01U
/* syntax treated as blob (audio) */
#define SLAP_SYNTAX_BINARY 0x02U
/* binary transfer required (certificate) */
#define SLAP_SYNTAX_BER 0x04U
/* stored using BER encoding (binary,certificate) */
#define SLAP_SYNTAX_HIDE 0x80U
/* hide (do not publish) */
slap_syntax_validate_func
*
ssyn_validate
;
slap_syntax_transform_func
*
ssyn_normalize
;
...
...
@@ -177,6 +179,7 @@ typedef struct slap_syntax {
#define slap_syntax_is_blob(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BLOB)
#define slap_syntax_is_binary(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BINARY)
#define slap_syntax_is_ber(s) slap_syntax_is_flag((s),SLAP_SYNTAX_BER)
#define slap_syntax_is_hidden(s) slap_syntax_is_flag((s),SLAP_SYNTAX_HIDE)
/* XXX -> UCS-2 Converter */
typedef
int
slap_mr_convert_func
LDAP_P
((
...
...
@@ -327,8 +330,15 @@ typedef struct slap_attr_desc {
*/
struct
slap_internal_schema
{
/* objectClass */
ObjectClass
*
si_oc_top
;
ObjectClass
*
si_oc_alias
;
ObjectClass
*
si_oc_referral
;
ObjectClass
*
si_oc_subentry
;
ObjectClass
*
si_oc_subschema
;
ObjectClass
*
si_oc_rootdse
;
#ifdef SLAPD_ACI_ENABLED
ObjectClass
*
si_oc_groupOfNames
;
#endif
/* objectClass attribute */
AttributeDescription
*
si_ad_objectClass
;
...
...
@@ -361,9 +371,14 @@ struct slap_internal_schema {
AttributeDescription
*
si_ad_aliasedObjectName
;
AttributeDescription
*
si_ad_ref
;
/* A
CL
Internals */
/* A
ccess Control
Internals */
AttributeDescription
*
si_ad_entry
;
AttributeDescription
*
si_ad_children
;
AttributeDescription
*
si_ad_member
;
AttributeDescription
*
si_ad_distinguishedName
;
#ifdef SLAPD_ACI_ENABLED
AttributeDescription
*
si_ad_aci
;
#endif
/* Other */
AttributeDescription
*
si_ad_userPassword
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment