Commit d0868eae authored by Jong Hyuk Choi's avatar Jong Hyuk Choi
Browse files

Various changes

- SyncRepl support in back-ldbm
- back-ldbm functions return LDAP return codes for internal operations (callback)
- subentry code copy from back-bdb
- Misc udpates
parent aaa66d25
......@@ -29,6 +29,9 @@ ldbm_back_add(
AttributeDescription *entry = slap_schema.si_ad_entry;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
#ifdef LDBM_SUBENTRIES
int subentry;
#endif
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_add: %s\n", op->o_req_dn.bv_val, 0, 0 );
......@@ -56,9 +59,17 @@ ldbm_back_add(
#endif
send_ldap_result( op, rs );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
#ifdef LDBM_SUBENTRIES
subentry = is_entry_subentry( op->oq_add.rs_e );
#endif
#ifdef LDAP_CACHING
if ( !op->o_caching_on ) {
#endif /* LDAP_CACHING */
......@@ -77,7 +88,11 @@ ldbm_back_add(
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
"no write access to entry" );
#ifdef LDAP_SYNCREPL
return LDAP_INSUFFICIENT_ACCESS;
#else
return -1;
#endif
}
#ifdef LDAP_CACHING
}
......@@ -91,7 +106,11 @@ ldbm_back_add(
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
send_ldap_result( op, rs );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
/*
......@@ -146,7 +165,11 @@ ldbm_back_add(
ber_bvarray_free( rs->sr_ref );
free( (char *)rs->sr_matched );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return -1;
#endif
}
if ( ! access_allowed( op, p,
......@@ -168,9 +191,28 @@ ldbm_back_add(
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
"no write access to parent" );
#ifdef LDAP_SYNCREPL
return LDAP_INSUFFICIENT_ACCESS;
#else
return -1;
#endif
}
#ifdef LDBM_SUBENTRIES
if ( is_entry_subentry( p )) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
"bdb_add: parent is subentry\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
0, 0, 0 );
#endif
rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
rs->sr_text = "parent is a subentry";
goto return_results;
}
#endif
if ( is_entry_alias( p ) ) {
/* parent is an alias, don't allow add */
......@@ -190,7 +232,11 @@ ldbm_back_add(
send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
"parent is an alias" );
#ifdef LDAP_SYNCREPL
return LDAP_ALIAS_PROBLEM;
#else
return -1;
#endif
}
if ( is_entry_referral( p ) ) {
......@@ -216,8 +262,19 @@ ldbm_back_add(
ber_bvarray_free( rs->sr_ref );
free( (char *)rs->sr_matched );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return -1;
#endif
}
#ifdef LDBM_SUBENTRIES
if ( subentry ) {
/* FIXME: */
/* parent must be an administrative point of the required kind */
}
#endif
} else {
#ifndef LDAP_CACHING
......@@ -260,10 +317,17 @@ ldbm_back_add(
LDAP_INSUFFICIENT_ACCESS,
"no write access to parent" );
#ifdef LDAP_SYNCREPL
return LDAP_INSUFFICIENT_ACCESS;
#else
return -1;
#endif
}
#ifdef LDAP_SYNCREPL
} else if ( !is_entry_glue( op->oq_add.rs_e )) {
#else
} else {
#endif
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
#ifdef NEW_LOGGING
......@@ -278,11 +342,31 @@ ldbm_back_add(
#endif
send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS, NULL );
LDAP_NO_SUCH_OBJECT, NULL );
return -1;
#ifdef LDAP_SYNCREPL
return LDAP_NO_SUCH_OBJECT;
#else
return -1;
#endif
}
}
#ifdef LDBM_SUBENTRIES
if( subentry ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
"bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
#endif
rs->sr_err = LDAP_NO_SUCH_OBJECT;
rs->sr_text = "no parent, cannot add subentry";
goto return_results;
}
#endif
}
if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
......@@ -304,7 +388,11 @@ ldbm_back_add(
send_ldap_error( op, rs, LDAP_OTHER,
"next_id add failed" );
#ifdef LDAP_SYNCREPL
return LDAP_OTHER;
#else
return( -1 );
#endif
}
/*
......@@ -332,7 +420,11 @@ ldbm_back_add(
rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
send_ldap_result( op, rs );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
rs->sr_err = -1;
......
......@@ -12,6 +12,10 @@
LDAP_BEGIN_DECL
#ifdef LDAP_SYNCREPL
#define LDBM_SUBENTRIES 1
#endif
#define DEFAULT_CACHE_SIZE 1000
#if defined(HAVE_BERKELEY_DB) && DB_VERSION_MAJOR >= 2
......
......@@ -81,12 +81,31 @@ ldbm_back_bind(
if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
if ( rs->sr_matched ) free( (char *)rs->sr_matched );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( rc );
#endif
}
ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
/* check for deleted */
#ifdef LDBM_SUBENTRIES
if ( is_entry_subentry( e ) ) {
/* entry is an subentry, don't allow bind */
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, DETAIL1,
"bdb_bind: entry is subentry\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"entry is subentry\n", 0, 0, 0 );
#endif
rs->sr_err = LDAP_INVALID_CREDENTIALS;
send_ldap_result( op, rs );
goto return_results;
}
#endif
if ( is_entry_alias( e ) ) {
/* entry is an alias, don't allow bind */
......@@ -102,7 +121,11 @@ ldbm_back_bind(
send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
"entry is alias" );
#ifdef LDAP_SYNCREPL
rc = LDAP_ALIAS_PROBLEM;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -130,7 +153,11 @@ ldbm_back_bind(
ber_bvarray_free( rs->sr_ref );
#ifdef LDAP_SYNCREPL
rc = rs->sr_err;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -140,7 +167,11 @@ ldbm_back_bind(
password, NULL, ACL_AUTH, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
#ifdef LDAP_SYNCREPL
rc = LDAP_INSUFFICIENT_ACCESS;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -148,14 +179,22 @@ ldbm_back_bind(
send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
/* stop front end from sending result */
#ifdef LDAP_SYNCREPL
rc = LDAP_INAPPROPRIATE_AUTH;
#else
rc = 1;
#endif
goto return_results;
}
if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred, &rs->sr_text ) != 0 ) {
send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
/* stop front end from sending result */
#ifdef LDAP_SYNCREPL
rc = LDAP_INVALID_CREDENTIALS;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -166,7 +205,11 @@ ldbm_back_bind(
case LDAP_AUTH_KRBV41:
if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) {
send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
#ifdef LDAP_SYNCREPL
rc = LDAP_INVALID_CREDENTIALS;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -175,7 +218,11 @@ ldbm_back_bind(
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
NULL );
#ifdef LDAP_SYNCREPL
rc = LDAP_INSUFFICIENT_ACCESS;
#else
rc = 1;
#endif
goto return_results;
}
......@@ -191,7 +238,11 @@ ldbm_back_bind(
break;
}
send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
#ifdef LDAP_SYNCREPL
rc = LDAP_INAPPROPRIATE_AUTH;
#else
rc = 1;
#endif
goto return_results;
} else { /* look for krbname match */
......@@ -203,7 +254,11 @@ ldbm_back_bind(
if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
send_ldap_error( op, rs,
LDAP_INVALID_CREDENTIALS, NULL );
#ifdef LDAP_SYNCREPL
rc = LDAP_INVALID_CREDENTIALS;
#else
rc = 1;
#endif
goto return_results;
}
}
......@@ -221,7 +276,11 @@ ldbm_back_bind(
default:
send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED,
"authentication method not supported" );
#ifdef LDAP_SYNCREPL
rc = LDAP_STRONG_AUTH_NOT_SUPPORTED;
#else
rc = 1;
#endif
goto return_results;
}
......
......@@ -511,11 +511,11 @@ try_again:
#ifdef NEW_LOGGING
LDAP_LOG( CACHE, INFO,
"cache_find_entry_dn2id: (%s) %ld not ready: %d\n",
"cache_find_entry_ndn2id: (%s) %ld not ready: %d\n",
ndn->bv_val, id, state );
#else
Debug(LDAP_DEBUG_TRACE,
"====> cache_find_entry_dn2id(\"%s\"): %ld (not ready) %d\n",
"====> cache_find_entry_ndn2id(\"%s\"): %ld (not ready) %d\n",
ndn->bv_val, id, state);
#endif
......@@ -532,11 +532,11 @@ try_again:
#ifdef NEW_LOGGING
LDAP_LOG( CACHE, DETAIL1,
"cache_find_entry_dn2id: (%s): %ld %d tries\n",
"cache_find_entry_ndn2id: (%s): %ld %d tries\n",
ndn->bv_val, id, count );
#else
Debug(LDAP_DEBUG_TRACE,
"====> cache_find_entry_dn2id(\"%s\"): %ld (%d tries)\n",
"====> cache_find_entry_ndn2id(\"%s\"): %ld (%d tries)\n",
ndn->bv_val, id, count);
#endif
......
......@@ -40,7 +40,13 @@ ldbm_back_delete(
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* get entry with writer lock */
if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched );
#ifdef LDAP_SYNCREPL /* FIXME : dn2entry() should return non-glue entry */
if ( e == NULL || ( !manageDSAit && is_entry_glue( e ))) {
#else
if ( e == NULL ) {
#endif
#ifdef NEW_LOGGING
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0 );
......@@ -57,8 +63,13 @@ ldbm_back_delete(
cache_return_entry_r( &li->li_cache, matched );
} else {
rs->sr_ref = referral_rewrite( default_referral,
NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
#ifdef LDAP_SYNCREPL
BerVarray deref = op->o_bd->syncinfo ?
op->o_bd->syncinfo->provideruri_bv : default_referral;
#else
BerVarray deref = default_referral;
#endif
rs->sr_ref = referral_rewrite( deref, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
......
......@@ -419,7 +419,8 @@ dn2entry_rw(
/* entry does not exist - see how much of the dn does exist */
if ( !be_issuffix( be, dn ) && (dnParent( dn, &pdn ), pdn.bv_len) ) {
/* get entry with reader lock */
if ( (e = dn2entry_r( be, &pdn, matched )) != NULL ) {
if ((e = dn2entry_r( be, &pdn, matched )) != NULL )
{
*matched = e;
}
}
......
......@@ -65,9 +65,9 @@ int ldbm_back_entry_get(
const char *at_name = at->ad_cname.bv_val;
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, ARGS,
LDAP_LOG( BACK_LDBM, ARGS,
"ldbm_back_entry_get: ndn: \"%s\"\n", ndn->bv_val, 0, 0 );
LDAP_LOG( BACK_BDB, ARGS,
LDAP_LOG( BACK_LDBM, ARGS,
"ldbm_back_entry_get: oc: \"%s\", at: \"%s\"\n",
oc ? oc->soc_cname.bv_val : "(null)", at_name, 0);
#else
......@@ -84,7 +84,7 @@ int ldbm_back_entry_get(
e = dn2entry_rw( op->o_bd, ndn, NULL, rw );
if (e == NULL) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO,
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_entry_get: cannot find entry (%s)\n",
ndn->bv_val, 0, 0 );
#else
......@@ -96,7 +96,7 @@ int ldbm_back_entry_get(
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, DETAIL1, "ldbm_back_entry_get: found entry (%s)\n",
LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_entry_get: found entry (%s)\n",
ndn->bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_ACL,
......@@ -108,7 +108,7 @@ int ldbm_back_entry_get(
/* find attribute values */
if( is_entry_alias( e ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO,
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_entry_get: entry (%s) is an alias\n", e->e_name.bv_val, 0, 0 );
#else
Debug( LDAP_DEBUG_ACL,
......@@ -121,7 +121,7 @@ int ldbm_back_entry_get(
if( is_entry_referral( e ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO,
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_entry_get: entry (%s) is a referral.\n", e->e_name.bv_val, 0, 0);
#else
Debug( LDAP_DEBUG_ACL,
......@@ -133,7 +133,7 @@ int ldbm_back_entry_get(
if ( oc && !is_entry_objectclass( e, oc, 0 )) {
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, INFO,
LDAP_LOG( BACK_LDBM, INFO,
"ldbm_back_entry_get: failed to find objectClass.\n", 0, 0, 0 );
#else
Debug( LDAP_DEBUG_ACL,
......@@ -155,7 +155,7 @@ return_results:
}
#ifdef NEW_LOGGING
LDAP_LOG( BACK_BDB, ENTRY, "ldbm_back_entry_get: rc=%d\n", rc, 0, 0 );
LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_entry_get: rc=%d\n", rc, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"ldbm_back_entry_get: rc=%d\n",
......
......@@ -129,6 +129,9 @@ ldbm_back_db_init(
/* indicate system schema supported */
be->be_flags |=
#ifdef LDBM_SUBENTRIES
SLAP_BFLAG_SUBENTRIES |
#endif
SLAP_BFLAG_ALIASES |
SLAP_BFLAG_REFERRALS;
......
......@@ -299,7 +299,13 @@ ldbm_back_modify(
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* acquire and lock entry */
if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched );
#ifdef LDAP_SYNCREPL /* FIXME: dn2entry() should return non-glue entry */
if (( e == NULL ) || ( !manageDSAit && e && is_entry_glue( e ))) {
#else
if ( e == NULL ) {
#endif
if ( matched != NULL ) {
rs->sr_matched = ch_strdup( matched->e_dn );
rs->sr_ref = is_entry_referral( matched )
......@@ -307,8 +313,13 @@ ldbm_back_modify(
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
rs->sr_ref = referral_rewrite( default_referral,
NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
#ifdef LDAP_SYNCREPL
BerVarray deref = op->o_bd->syncinfo ?
op->o_bd->syncinfo->provideruri_bv : default_referral;
#else
BerVarray deref = default_referral;
#endif
rs->sr_ref = referral_rewrite( deref, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
......@@ -318,7 +329,11 @@ ldbm_back_modify(
if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
free( (char *)rs->sr_matched );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
#ifndef LDAP_CACHING
......@@ -364,6 +379,7 @@ ldbm_back_modify(
if ( id2entry_add( op->o_bd, e ) != 0 ) {
send_ldap_error( op, rs, LDAP_OTHER,
"id2entry failure" );
rs->sr_err = LDAP_OTHER;
goto error_return;
}
......@@ -372,10 +388,15 @@ ldbm_back_modify(
cache_return_entry_w( &li->li_cache, e );
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
return( 0 );
return LDAP_SUCCESS;
error_return:;
cache_return_entry_w( &li->li_cache, e );
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
......@@ -80,17 +80,28 @@ ldbm_back_modrdn(
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched );
/* get entry with writer lock */
if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if( matched != NULL ) {
#ifdef LDAP_SYNCREPL /* FIXME: dn2entry() should return non-glue entry */
if (( e == NULL ) || ( !manageDSAit && e && is_entry_glue( e ))) {
#else
if ( e == NULL ) {
#endif
if ( matched != NULL ) {
rs->sr_matched = strdup( matched->e_dn );
rs->sr_ref = is_entry_referral( matched )
? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
rs->sr_ref = referral_rewrite( default_referral,
NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
#ifdef LDAP_SYNCREPL
BerVarray deref = op->o_bd->syncinfo ?
op->o_bd->syncinfo->provideruri_bv : default_referral;
#else
BerVarray deref = default_referral;
#endif
rs->sr_ref = referral_rewrite( deref, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
......@@ -101,7 +112,11 @@ ldbm_back_modrdn(
if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
free( (char *)rs->sr_matched );
#ifdef LDAP_SYNCREPL
return rs->sr_err;
#else
return( -1 );
#endif
}
/* check entry for "entry" acl */
......
......@@ -102,13 +102,28 @@ ldbm_back_exop_passwd(
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
e = dn2entry_w( op->o_bd, &ndn, NULL );
#ifdef LDAP_SYNCREPL
if ( e == NULL || is_entry_glue( e )) {
/* FIXME : dn2entry() should return non-glue entry */
#else
if( e == NULL ) {
#endif
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
rs->sr_text = "could not locate authorization entry";
rc = LDAP_NO_SUCH_OBJECT;
goto done;