Commit e8a2eb7f authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Update slurpd(8)

parent 4f8a4889
OpenLDAP 2.1 Change Log
OpenLDAP 2.1.25 Release
Update librewrite (misc bug fixes)
OpenLDAP 2.1.26 Engineering
Fixed libldap sort references bug
Updated lutil_passwd
Updated librewrite (misc bug fixes)
Updated slurpd (misc bug fixes)
OpenLDAP 2.1.25 Engineering
Build Environment
Fix LDBM link bug (ITS#2863)
......
......@@ -7,7 +7,7 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=1
ol_patch=25
ol_patch=X
ol_api_inc=20124
ol_api_lib=2:124:0
ol_release_date="2003-12-05"
# Makefile.in for slurpd
# $OpenLDAP$
## Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Makefile.in for slurpd
## Copyright 1998-2003 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
PROGRAMS = slurpd
XPROGRAMS = sslurpd
......@@ -44,7 +52,7 @@ sslurpd: version.o
version.c: Makefile
@-$(RM) $@
$(MKVERSION) slurpd > $@
$(MKVERSION) -s -n Versionstr slurpd > $@
version.o: version.c $(OBJS) $(SLURPD_L)
......
Written by Ganesan Rajagopal <rganesan@debian.org> and placed in the public
domain.
Replication in OpenLDAP
-----------------------
Please read "Section 10. Replication with slurpd" in the OpenLDAP guide for
an overview and configuration of single-master replication. This document
describes the internals of the replication mechanism.
slapd/repl.c contains routines add_replica_info() and
add_replica_suffix(). add_replica_info() adds a new host to the list of
replicas for a backend. add_replica_info() returns a number for the
replica. add_replica_suffix() must then be called with the replica number to
add a suffix that is hosted on this replica. add_replica_info() and add_replica_suffix() do not lock the
replog_mutex.
Replicas are specified in the slapd.conf file. When slapd/config.c sees a
"replica" line in slapd.conf, it calls add_replica_info() with the host
specified in the "host=" directive and then calls add_replica_suffix() with
the replica number and and the suffix specified in the "suffix="
directive.
slapd writes out a replication log file containing LDIF change records for
each configured replica for a suffix. The change records are generated for
add, modify, delete and modrdn operations. A function called replog() is
called at the end of the routines do_add (slapd/add.c),
do_modify(slapd/modify.c), do_delete(slapd/delete.c) and
do_modrdn(slapd/modrnd.c) to write out the change records.
In master/slave replication, updates are not allowed on slave
replicas. Therefore replog() is not called if the suffix is configured with
a updatedn (which indicates that this is a slave replica), instead a
referral is returned back to the client. If multi-master replication is
enabled, replog() is always called whenever any of the above updates happen
unless the dn which is making the change is the updatedn. When the dn making
the change is the same as the updatedn, it is assumed that this entry is
being replicated by a slurpd instance on another host. (Note: For this
reason, the updatedn must not be a "regular" admin/user object in
multi-master replication).
The function replog() in slapd/repl.c generates the actual change
records. Each change record is preceded by the list of replicas to which
this change record needs to be replicated, the time when this change
happened and the dn this change applies to. The pseudo code for replog() is
follows
1. Check that a replog exists.
2. Lock the replog mutex.
3. Open and lock the replog file.
4. Normalize the dn for the entry and write out a "replica:" entry for each
replica with a matching suffix.
5. Write out the the timestamp and the dn for the entry.
6. Depending on the type of change, write out an appropriate changetype
record.
7. Close the replication log
8. Unlock the replog mutex
slurpd has a file manager routine (function fm()) which watches for any
change in the replication log. Whenever fm() detects a change in the
replication log it locks the log, appends the records to slurpd's private
copy of the replication log and truncates the log. See the slurpd/DESIGN
file for a description of how slurpd works.
slapd can be configured to write out a replication log even if no replicas
are configured. In this case the administrator has to truncate the
replication log manually (under a lock!).
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
/*
* admin.c - routines for performing administrative tasks, e.g. on-the-fly
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
/*
* args.c - process command-line arguments, and set appropriate globals.
......@@ -68,7 +80,7 @@ doargs(
g->myname = strdup( g->myname + 1 );
}
while ( (i = getopt( argc, argv, "d:f:n:or:t:" )) != EOF ) {
while ( (i = getopt( argc, argv, "d:f:n:or:t:V" )) != EOF ) {
switch ( i ) {
case 'd': /* set debug level and 'do not detach' flag */
g->no_detach = 1;
......@@ -128,6 +140,9 @@ doargs(
snprintf(g->slurpd_rdir, sz,
"%s" LDAP_DIRSEP "replica", optarg);
} break;
case 'V':
(g->version)++;
break;
default:
usage( g->myname );
return( -1 );
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#define CH_FREE 1
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* Portions Copyright 2003 Mark Benson.
* Portions Copyright 2002 John Morrissey.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +24,13 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP). Additional signficant contributors
* include:
* John Morrissey
* Mark Benson
*/
/*
......@@ -64,8 +81,10 @@ slurpd_read_config(
FILE *fp;
char *line;
if ( cargv == NULL ) {
cargv = ch_calloc( ARGS_STEP + 1, sizeof(*cargv) );
cargv_size = ARGS_STEP + 1;
}
#ifdef NEW_LOGGING
LDAP_LOG ( CONFIG, ARGS,
......@@ -442,9 +461,16 @@ parse_replica_line(
int gots = 0;
int i;
char *hp, *val;
LDAPURLDesc *ludp;
for ( i = 1; i < cargc; i++ ) {
if ( !strncasecmp( cargv[ i ], HOSTSTR, sizeof( HOSTSTR ) - 1 ) ) {
if ( gots & GOT_HOST ) {
fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
fprintf( stderr, "file, too many host or uri names specified, line %d\n",
lineno );
return -1;
}
val = cargv[ i ] + sizeof( HOSTSTR ); /* '\0' string terminator accounts for '=' */
if (( hp = strchr( val, ':' )) != NULL ) {
*hp = '\0';
......@@ -456,15 +482,46 @@ parse_replica_line(
}
ri->ri_hostname = strdup( val );
gots |= GOT_HOST;
} else if ( !strncasecmp( cargv[ i ], URISTR, sizeof( URISTR ) - 1 ) ) {
if ( gots & GOT_HOST ) {
fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
fprintf( stderr, "file, too many host or uri names specified, line %d\n",
lineno );
return -1;
}
if ( ldap_url_parse( cargv[ i ] + sizeof( URISTR ), &ludp ) != LDAP_SUCCESS ) {
fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
fprintf( stderr, "file, bad uri format specified, line %d\n",
lineno );
return -1;
}
if (ludp->lud_host == NULL) {
fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
fprintf( stderr, "file, missing uri hostname, line %d\n",
lineno );
return -1;
}
ri->ri_hostname = strdup ( ludp->lud_host );
ri->ri_port = ludp->lud_port;
ri->ri_uri = strdup ( cargv[ i ] + sizeof( URISTR ) );
ldap_free_urldesc( ludp );
gots |= GOT_HOST;
} else if ( !strncasecmp( cargv[ i ],
ATTRSTR, sizeof( ATTRSTR ) - 1 ) ) {
/* ignore it */ ;
} else if ( !strncasecmp( cargv[ i ],
SUFFIXSTR, sizeof( SUFFIXSTR ) - 1 ) ) {
/* ignore it */ ;
} else if ( !strncasecmp( cargv[i], STARTTLSSTR, sizeof(STARTTLSSTR)-1 )) {
val = cargv[ i ] + sizeof( STARTTLSSTR );
if( !strcasecmp( val, CRITICALSTR ) ) {
ri->ri_tls = TLS_CRITICAL;
} else {
ri->ri_tls = TLS_ON;
}
} else if ( !strncasecmp( cargv[ i ], TLSSTR, sizeof( TLSSTR ) - 1 ) ) {
val = cargv[ i ] + sizeof( TLSSTR );
if( !strcasecmp( val, TLSCRITICALSTR ) ) {
if( !strcasecmp( val, CRITICALSTR ) ) {
ri->ri_tls = TLS_CRITICAL;
} else {
ri->ri_tls = TLS_ON;
......@@ -483,10 +540,10 @@ parse_replica_line(
fprintf( stderr, "slurpd no longer supports Kerberos.\n" );
exit( EXIT_FAILURE );
} else if ( !strcasecmp( val, SIMPLESTR )) {
ri->ri_bind_method = AUTH_SIMPLE;
ri->ri_bind_method = LDAP_AUTH_SIMPLE;
gots |= GOT_METHOD;
} else if ( !strcasecmp( val, SASLSTR )) {
ri->ri_bind_method = AUTH_SASL;
ri->ri_bind_method = LDAP_AUTH_SASL;
gots |= GOT_METHOD;
} else {
ri->ri_bind_method = -1;
......@@ -535,14 +592,13 @@ parse_replica_line(
}
}
if ( ri->ri_bind_method == AUTH_SASL) {
if ( ri->ri_bind_method == LDAP_AUTH_SASL) {
if ((gots & GOT_MECH) == 0) {
fprintf( stderr, "Error: \"replica\" line needs SASLmech flag in " );
fprintf( stderr, "slapd config file, line %d\n", lineno );
return -1;
}
}
else if ( gots != GOT_ALL ) {
} else if ( gots != GOT_ALL ) {
fprintf( stderr, "Error: Malformed \"replica\" line in slapd " );
fprintf( stderr, "config file, line %d\n", lineno );
return -1;
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
/*
* fm.c - file management routines.
......@@ -27,6 +39,7 @@
#include <ac/string.h>
#include <ac/signal.h>
#include <ac/socket.h>
#include <ac/unistd.h>
#include "slurp.h"
#include "globals.h"
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
/*
* globals.c - initialization code for global data
......@@ -72,6 +84,7 @@ init_globals( void )
g->myname = NULL;
g->serverName = NULL;
g->srpos = 0L;
g->version = 0;
if ( St_init( &(g->st)) < 0 ) {
fprintf( stderr, "Cannot initialize status data\n" );
exit( EXIT_FAILURE );
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +22,10 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP).
*/
#ifndef SLURPD_GLOBALS_H
#define SLURPD_GLOBALS_H 1
......@@ -69,6 +81,8 @@ typedef struct globals {
/* Default name of kerberos srvtab file */
char *default_srvtab;
#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
/* Non-zero if we shall print the version */
int version;
} Globals;
......
/* $OpenLDAP$ */
/*
* Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2003 The OpenLDAP Foundation.
* Portions Copyright 2003 Mark Benson.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
/*
* Copyright (c) 1996 Regents of the University of Michigan.
/* Portions Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
......@@ -14,6 +23,12 @@
* software without specific prior written permission. This software
* is provided ``as is'' without express or implied warranty.
*/
/* ACKNOWLEDGEMENTS:
* This work was originally developed by the University of Michigan
* (as part of U-MICH LDAP). Additional significant contributors
* include:
* Mark Benson
*/
/*
* ldap_op.c - routines to perform LDAP operations
......@@ -31,16 +46,17 @@
#include <ac/time.h>
#include <ac/unistd.h>
#define LDAP_DEPRECATED 1
#include <ldap.h>
#include "lutil_ldap.h"
#include "slurp.h"
/* Forward references */
static struct berval **make_singlevalued_berval LDAP_P(( char *, int ));
static int op_ldap_add LDAP_P(( Ri *, Re *, char ** ));
static int op_ldap_modify LDAP_P(( Ri *, Re *, char ** ));
static int op_ldap_delete LDAP_P(( Ri *, Re *, char ** ));
static int op_ldap_modrdn LDAP_P(( Ri *, Re *, char ** ));
static int op_ldap_add LDAP_P(( Ri *, Re *, char **, int * ));
static int op_ldap_modify LDAP_P(( Ri *, Re *, char **, int * ));
static int op_ldap_delete LDAP_P(( Ri *, Re *, char **, int * ));
static int op_ldap_modrdn LDAP_P(( Ri *, Re *, char **, int * ));
static LDAPMod *alloc_ldapmod LDAP_P(( void ));
static void free_ldapmod LDAP_P(( LDAPMod * ));
static void free_ldmarr LDAP_P(( LDAPMod ** ));
......@@ -64,11 +80,13 @@ int
do_ldap(
Ri *ri,
Re *re,
char **errmsg
char **errmsg,
int *errfree
)
{
int retry = 2;
*errmsg = NULL;
*errfree = 0;
do {
int lderr;
......@@ -82,7 +100,7 @@ do_ldap(
switch ( re->re_changetype ) {
case T_ADDCT:
lderr = op_ldap_add( ri, re, errmsg );
lderr = op_ldap_add( ri, re, errmsg, errfree );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR, "do_ldap: "
......@@ -99,7 +117,7 @@ do_ldap(
break;
case T_MODIFYCT:
lderr = op_ldap_modify( ri, re, errmsg );
lderr = op_ldap_modify( ri, re, errmsg, errfree );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR, "do_ldap: "
......@@ -116,7 +134,7 @@ do_ldap(
break;
case T_DELETECT:
lderr = op_ldap_delete( ri, re, errmsg );
lderr = op_ldap_delete( ri, re, errmsg, errfree );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR, "do_ldap: "
......@@ -133,7 +151,7 @@ do_ldap(
break;
case T_MODRDNCT:
lderr = op_ldap_modrdn( ri, re, errmsg );
lderr = op_ldap_modrdn( ri, re, errmsg, errfree );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR, "do_ldap: "
......@@ -192,7 +210,8 @@ static int
op_ldap_add(
Ri *ri,
Re *re,
char **errmsg
char **errmsg,
int *errfree
)
{
Mi *mi;
......@@ -235,6 +254,8 @@ op_ldap_add(
rc = ldap_add_s( ri->ri_ldp, re->re_dn, ldmarr );