1 /* database.c - deals with database subsystem */
2 /* $OpenLDAP: pkg/ldap/servers/slapd/back-monitor/database.c,v 1.80.2.10 2008/05/26 18:57:01 ando Exp $ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2001-2008 The OpenLDAP Foundation.
6 * Portions Copyright 2001-2003 Pierangelo Masarati.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
18 * This work was initially developed by Pierangelo Masarati for inclusion
19 * in OpenLDAP Software.
25 #include <ac/string.h>
26 #include <ac/unistd.h>
29 #include "back-monitor.h"
31 #if defined(LDAP_SLAPI)
33 static int monitor_back_add_plugin( monitor_info_t
*mi
, Backend
*be
, Entry
*e
);
34 #endif /* defined(LDAP_SLAPI) */
37 monitor_subsys_database_modify(
42 static struct restricted_ops_t
{
45 } restricted_ops
[] = {
46 { BER_BVC( "add" ), SLAP_RESTRICT_OP_ADD
},
47 { BER_BVC( "bind" ), SLAP_RESTRICT_OP_BIND
},
48 { BER_BVC( "compare" ), SLAP_RESTRICT_OP_COMPARE
},
49 { BER_BVC( "delete" ), SLAP_RESTRICT_OP_DELETE
},
50 { BER_BVC( "extended" ), SLAP_RESTRICT_OP_EXTENDED
},
51 { BER_BVC( "modify" ), SLAP_RESTRICT_OP_MODIFY
},
52 { BER_BVC( "rename" ), SLAP_RESTRICT_OP_RENAME
},
53 { BER_BVC( "search" ), SLAP_RESTRICT_OP_SEARCH
},
55 }, restricted_exops
[] = {
56 { BER_BVC( LDAP_EXOP_START_TLS
), SLAP_RESTRICT_EXOP_START_TLS
},
57 { BER_BVC( LDAP_EXOP_MODIFY_PASSWD
), SLAP_RESTRICT_EXOP_MODIFY_PASSWD
},
58 { BER_BVC( LDAP_EXOP_WHO_AM_I
), SLAP_RESTRICT_EXOP_WHOAMI
},
59 { BER_BVC( LDAP_EXOP_CANCEL
), SLAP_RESTRICT_EXOP_CANCEL
},
64 init_readOnly( monitor_info_t
*mi
, Entry
*e
, slap_mask_t restrictops
)
66 struct berval
*tf
= ( ( restrictops
& SLAP_RESTRICT_OP_MASK
) == SLAP_RESTRICT_OP_WRITES
) ?
67 (struct berval
*)&slap_true_bv
: (struct berval
*)&slap_false_bv
;
69 return attr_merge_one( e
, mi
->mi_ad_readOnly
, tf
, tf
);
73 init_restrictedOperation( monitor_info_t
*mi
, Entry
*e
, slap_mask_t restrictops
)
77 for ( i
= 0; restricted_ops
[ i
].op
.bv_val
; i
++ ) {
78 if ( restrictops
& restricted_ops
[ i
].tag
) {
79 rc
= attr_merge_one( e
, mi
->mi_ad_restrictedOperation
,
80 &restricted_ops
[ i
].op
,
81 &restricted_ops
[ i
].op
);
88 for ( i
= 0; restricted_exops
[ i
].op
.bv_val
; i
++ ) {
89 if ( restrictops
& restricted_exops
[ i
].tag
) {
90 rc
= attr_merge_one( e
, mi
->mi_ad_restrictedOperation
,
91 &restricted_exops
[ i
].op
,
92 &restricted_exops
[ i
].op
);
103 monitor_subsys_database_init_one(
106 monitor_subsys_t
*ms
,
107 monitor_subsys_t
*ms_backend
,
108 monitor_subsys_t
*ms_overlay
,
113 char buf
[ BACKMONITOR_BUFSIZE
];
115 slap_overinfo
*oi
= NULL
;
116 BackendInfo
*bi
, *bi2
;
119 char *rdnval
= strchr( rdn
->bv_val
, '=' ) + 1;
124 if ( overlay_is_over( be
) ) {
125 oi
= (slap_overinfo
*)be
->bd_info
->bi_private
;
129 /* Subordinates are not exposed as their own naming context */
130 if ( SLAP_GLUE_SUBORDINATE( be
) ) {
134 e
= monitor_entry_stub( &ms
->mss_dn
, &ms
->mss_ndn
, rdn
,
135 mi
->mi_oc_monitoredObject
, mi
, NULL
, NULL
);
138 Debug( LDAP_DEBUG_ANY
,
139 "monitor_subsys_database_init: "
140 "unable to create entry \"%s,%s\"\n",
141 rdn
->bv_val
, ms
->mss_dn
.bv_val
, 0 );
145 ber_str2bv( bi
->bi_type
, 0, 0, &bv
);
146 attr_merge_normalize_one( e
, mi
->mi_ad_monitoredInfo
, &bv
, NULL
);
147 attr_merge_one( e
, mi
->mi_ad_monitorIsShadow
,
148 SLAP_SHADOW( be
) ? (struct berval
*)&slap_true_bv
:
149 (struct berval
*)&slap_false_bv
, NULL
);
151 if ( SLAP_MONITOR( be
) ) {
152 attr_merge( e
, slap_schema
.si_ad_monitorContext
,
153 be
->be_suffix
, be
->be_nsuffix
);
154 attr_merge( e_database
, slap_schema
.si_ad_monitorContext
,
155 be
->be_suffix
, be
->be_nsuffix
);
158 if ( be
->be_suffix
== NULL
) {
159 Debug( LDAP_DEBUG_ANY
,
160 "monitor_subsys_database_init: "
161 "missing suffix for %s\n",
165 attr_merge( e
, slap_schema
.si_ad_namingContexts
,
166 be
->be_suffix
, be
->be_nsuffix
);
167 attr_merge( e_database
, slap_schema
.si_ad_namingContexts
,
168 be
->be_suffix
, be
->be_nsuffix
);
171 (void)init_readOnly( mi
, e
, be
->be_restrictops
);
172 (void)init_restrictedOperation( mi
, e
, be
->be_restrictops
);
174 if ( SLAP_SHADOW( be
) && be
->be_update_refs
) {
175 attr_merge_normalize( e
, mi
->mi_ad_monitorUpdateRef
,
176 be
->be_update_refs
, NULL
);
180 slap_overinst
*on
= oi
->oi_list
,
183 for ( ; on
; on
= on
->on_next
) {
186 for ( on2
= on1
; on2
!= on
; on2
= on2
->on_next
) {
187 if ( on2
->on_bi
.bi_type
== on
->on_bi
.bi_type
) {
196 ber_str2bv( on
->on_bi
.bi_type
, 0, 0, &bv
);
197 attr_merge_normalize_one( e
, mi
->mi_ad_monitorOverlay
,
200 /* find the overlay number, j */
201 for ( on2
= overlay_next( NULL
), j
= 0; on2
; on2
= overlay_next( on2
), j
++ ) {
202 if ( on2
->on_bi
.bi_type
== on
->on_bi
.bi_type
) {
206 assert( on2
!= NULL
);
208 snprintf( buf
, sizeof( buf
),
210 j
, ms_overlay
->mss_dn
.bv_val
);
211 ber_str2bv( buf
, 0, 0, &bv
);
212 attr_merge_normalize_one( e
,
213 slap_schema
.si_ad_seeAlso
,
219 LDAP_STAILQ_FOREACH( bi2
, &backendInfo
, bi_next
) {
221 if ( bi2
->bi_type
== bi
->bi_type
) {
222 snprintf( buf
, sizeof( buf
),
224 j
, ms_backend
->mss_dn
.bv_val
);
226 bv
.bv_len
= strlen( buf
);
227 attr_merge_normalize_one( e
,
228 slap_schema
.si_ad_seeAlso
,
233 /* we must find it! */
236 mp
= monitor_entrypriv_create();
240 e
->e_private
= ( void * )mp
;
242 mp
->mp_flags
= ms
->mss_flags
245 if ( monitor_cache_add( mi
, e
) ) {
246 Debug( LDAP_DEBUG_ANY
,
247 "monitor_subsys_database_init: "
248 "unable to add entry \"%s,%s\"\n",
249 rdn
->bv_val
, ms
->mss_dn
.bv_val
, 0 );
253 #if defined(LDAP_SLAPI)
254 monitor_back_add_plugin( mi
, be
, e
);
255 #endif /* defined(LDAP_SLAPI) */
258 Entry
**ep_overlay
= &mp
->mp_children
;
259 monitor_entry_t
*mp_overlay
;
260 slap_overinst
*on
= oi
->oi_list
;
263 for ( o
= 0; on
; o
++, on
= on
->on_next
) {
267 /* find the overlay number, j */
268 for ( on2
= overlay_next( NULL
), j
= 0; on2
; on2
= overlay_next( on2
), j
++ ) {
269 if ( on2
->on_bi
.bi_type
== on
->on_bi
.bi_type
) {
273 assert( on2
!= NULL
);
275 bv
.bv_len
= snprintf( buf
, sizeof( buf
), "cn=Overlay %d", o
);
278 e_overlay
= monitor_entry_stub( &e
->e_name
, &e
->e_nname
, &bv
,
279 mi
->mi_oc_monitoredObject
, mi
, NULL
, NULL
);
281 if ( e_overlay
== NULL
) {
282 Debug( LDAP_DEBUG_ANY
,
283 "monitor_subsys_database_init: "
284 "unable to create entry "
285 "\"cn=Overlay %d,%s,%s\"\n",
286 o
, rdn
->bv_val
, ms
->mss_dn
.bv_val
);
289 ber_str2bv( on
->on_bi
.bi_type
, 0, 0, &bv
);
290 attr_merge_normalize_one( e_overlay
, mi
->mi_ad_monitoredInfo
, &bv
, NULL
);
292 bv
.bv_len
= snprintf( buf
, sizeof( buf
), "cn=Overlay %d,%s",
293 j
, ms_overlay
->mss_dn
.bv_val
);
295 attr_merge_normalize_one( e_overlay
, slap_schema
.si_ad_seeAlso
,
298 if ( SLAP_MONITOR( be
) ) {
299 attr_merge( e_overlay
, slap_schema
.si_ad_monitorContext
,
300 be
->be_suffix
, be
->be_nsuffix
);
303 attr_merge( e_overlay
, slap_schema
.si_ad_namingContexts
,
304 be
->be_suffix
, be
->be_nsuffix
);
307 mp_overlay
= monitor_entrypriv_create();
308 if ( mp_overlay
== NULL
) {
311 e_overlay
->e_private
= ( void * )mp_overlay
;
312 mp_overlay
->mp_info
= ms
;
313 mp_overlay
->mp_flags
= ms
->mss_flags
316 if ( monitor_cache_add( mi
, e_overlay
) ) {
317 Debug( LDAP_DEBUG_ANY
,
318 "monitor_subsys_database_init: "
319 "unable to add entry "
320 "\"cn=Overlay %d,%s,%s\"\n",
321 o
, rdn
->bv_val
, ms
->mss_dn
.bv_val
);
325 *ep_overlay
= e_overlay
;
326 ep_overlay
= &mp_overlay
->mp_next
;
337 monitor_back_register_database(
342 Entry
*e_database
, **ep
;
345 monitor_subsys_t
*ms_backend
,
349 char buf
[ BACKMONITOR_BUFSIZE
];
351 assert( be_monitor
!= NULL
);
353 if ( !monitor_subsys_is_opened() ) {
354 return monitor_back_register_database_limbo( be
, ndn
);
357 mi
= ( monitor_info_t
* )be_monitor
->be_private
;
359 ms_backend
= monitor_back_get_subsys( SLAPD_MONITOR_BACKEND_NAME
);
360 if ( ms_backend
== NULL
) {
361 Debug( LDAP_DEBUG_ANY
,
362 "monitor_back_register_database: "
364 "\"" SLAPD_MONITOR_BACKEND_NAME
"\" "
370 ms_database
= monitor_back_get_subsys( SLAPD_MONITOR_DATABASE_NAME
);
371 if ( ms_database
== NULL
) {
372 Debug( LDAP_DEBUG_ANY
,
373 "monitor_back_register_database: "
375 "\"" SLAPD_MONITOR_DATABASE_NAME
"\" "
381 ms_overlay
= monitor_back_get_subsys( SLAPD_MONITOR_OVERLAY_NAME
);
382 if ( ms_overlay
== NULL
) {
383 Debug( LDAP_DEBUG_ANY
,
384 "monitor_back_register_database: "
386 "\"" SLAPD_MONITOR_OVERLAY_NAME
"\" "
392 if ( monitor_cache_get( mi
, &ms_database
->mss_ndn
, &e_database
) ) {
393 Debug( LDAP_DEBUG_ANY
,
394 "monitor_subsys_database_init: "
395 "unable to get entry \"%s\"\n",
396 ms_database
->mss_ndn
.bv_val
, 0, 0 );
400 mp
= ( monitor_entry_t
* )e_database
->e_private
;
401 for ( i
= -1, ep
= &mp
->mp_children
; *ep
; i
++ ) {
404 a
= attr_find( (*ep
)->e_attrs
, slap_schema
.si_ad_namingContexts
);
408 for ( j
= 0; !BER_BVISNULL( &a
->a_nvals
[ j
] ); j
++ ) {
409 for ( k
= 0; !BER_BVISNULL( &be
->be_nsuffix
[ k
] ); k
++ ) {
410 if ( dn_match( &a
->a_nvals
[ j
], &be
->be_nsuffix
[ k
] ) ) {
418 mp
= ( monitor_entry_t
* )(*ep
)->e_private
;
420 assert( mp
!= NULL
);
425 bv
.bv_len
= snprintf( buf
, sizeof( buf
), "cn=Database %d", i
);
426 if ( bv
.bv_len
>= sizeof( buf
) ) {
431 rc
= monitor_subsys_database_init_one( mi
, be
,
432 ms_database
, ms_backend
, ms_overlay
, &bv
, e_database
, &ep
);
436 /* database_init_one advanced ep past where we want.
437 * But it stored the entry we want in mp->mp_next.
442 monitor_cache_release( mi
, e_database
);
443 if ( rc
== 0 && ndn
&& ep
&& *ep
) {
444 *ndn
= (*ep
)->e_nname
;
451 monitor_subsys_database_init(
453 monitor_subsys_t
*ms
)
456 Entry
*e_database
, **ep
;
459 monitor_subsys_t
*ms_backend
,
463 assert( be
!= NULL
);
465 ms
->mss_modify
= monitor_subsys_database_modify
;
467 mi
= ( monitor_info_t
* )be
->be_private
;
469 ms_backend
= monitor_back_get_subsys( SLAPD_MONITOR_BACKEND_NAME
);
470 if ( ms_backend
== NULL
) {
471 Debug( LDAP_DEBUG_ANY
,
472 "monitor_subsys_database_init: "
474 "\"" SLAPD_MONITOR_BACKEND_NAME
"\" "
480 ms_overlay
= monitor_back_get_subsys( SLAPD_MONITOR_OVERLAY_NAME
);
481 if ( ms_overlay
== NULL
) {
482 Debug( LDAP_DEBUG_ANY
,
483 "monitor_subsys_database_init: "
485 "\"" SLAPD_MONITOR_OVERLAY_NAME
"\" "
491 if ( monitor_cache_get( mi
, &ms
->mss_ndn
, &e_database
) ) {
492 Debug( LDAP_DEBUG_ANY
,
493 "monitor_subsys_database_init: "
494 "unable to get entry \"%s\"\n",
495 ms
->mss_ndn
.bv_val
, 0, 0 );
499 (void)init_readOnly( mi
, e_database
, frontendDB
->be_restrictops
);
500 (void)init_restrictedOperation( mi
, e_database
, frontendDB
->be_restrictops
);
502 mp
= ( monitor_entry_t
* )e_database
->e_private
;
503 mp
->mp_children
= NULL
;
504 ep
= &mp
->mp_children
;
506 BER_BVSTR( &bv
, "cn=Frontend" );
507 rc
= monitor_subsys_database_init_one( mi
, frontendDB
,
508 ms
, ms_backend
, ms_overlay
, &bv
, e_database
, &ep
);
514 LDAP_STAILQ_FOREACH( be
, &backendDB
, be_next
) {
515 char buf
[ BACKMONITOR_BUFSIZE
];
518 bv
.bv_len
= snprintf( buf
, sizeof( buf
), "cn=Database %d", ++i
);
519 if ( bv
.bv_len
>= sizeof( buf
) ) {
523 rc
= monitor_subsys_database_init_one( mi
, be
,
524 ms
, ms_backend
, ms_overlay
, &bv
, e_database
, &ep
);
530 monitor_cache_release( mi
, e_database
);
537 * cur: must not contain the tags corresponding to the values in v
538 * delta: will contain the tags corresponding to the values in v
541 value_mask( BerVarray v
, slap_mask_t cur
, slap_mask_t
*delta
)
543 for ( ; !BER_BVISNULL( v
); v
++ ) {
544 struct restricted_ops_t
*rops
;
547 if ( OID_LEADCHAR( v
->bv_val
[ 0 ] ) ) {
548 rops
= restricted_exops
;
551 rops
= restricted_ops
;
554 for ( i
= 0; !BER_BVISNULL( &rops
[ i
].op
); i
++ ) {
555 if ( ber_bvstrcasecmp( v
, &rops
[ i
].op
) != 0 ) {
559 if ( rops
[ i
].tag
& *delta
) {
563 if ( rops
[ i
].tag
& cur
) {
567 cur
|= rops
[ i
].tag
;
568 *delta
|= rops
[ i
].tag
;
573 if ( BER_BVISNULL( &rops
[ i
].op
) ) {
574 return LDAP_INVALID_SYNTAX
;
582 monitor_subsys_database_modify(
587 monitor_info_t
*mi
= (monitor_info_t
*)op
->o_bd
->be_private
;
589 Attribute
*save_attrs
, *a
;
592 int ro_gotval
= 1, i
, n
;
593 slap_mask_t rp_add
= 0, rp_delete
= 0, rp_cur
;
596 i
= sscanf( e
->e_nname
.bv_val
, "cn=database %d,", &n
);
598 return SLAP_CB_CONTINUE
;
601 if ( n
< 0 || n
>= nBackendDB
) {
602 rs
->sr_text
= "invalid database index";
603 return ( rs
->sr_err
= LDAP_NO_SUCH_OBJECT
);
606 LDAP_STAILQ_FOREACH( be
, &backendDB
, be_next
) {
612 /* do not allow some changes on back-monitor (needs work)... */
613 if ( SLAP_MONITOR( be
) ) {
614 rs
->sr_text
= "no modifications allowed to monitor database entry";
615 return ( rs
->sr_err
= LDAP_UNWILLING_TO_PERFORM
);
618 rp_cur
= be
->be_restrictops
;
620 save_attrs
= e
->e_attrs
;
621 e
->e_attrs
= attrs_dup( e
->e_attrs
);
623 for ( ml
= op
->orm_modlist
; ml
; ml
= ml
->sml_next
) {
624 Modification
*mod
= &ml
->sml_mod
;
626 if ( mod
->sm_desc
== mi
->mi_ad_readOnly
) {
629 if ( mod
->sm_values
) {
630 if ( !BER_BVISNULL( &mod
->sm_values
[ 1 ] ) ) {
631 rs
->sr_text
= "attempting to modify multiple values of single-valued attribute";
632 rc
= rs
->sr_err
= LDAP_CONSTRAINT_VIOLATION
;
636 if ( bvmatch( &slap_true_bv
, mod
->sm_values
)) {
639 } else if ( bvmatch( &slap_false_bv
, mod
->sm_values
)) {
644 rc
= rs
->sr_err
= LDAP_INVALID_SYNTAX
;
649 switch ( mod
->sm_op
) {
650 case LDAP_MOD_DELETE
:
651 if ( ro_gotval
< 1 ) {
652 rc
= rs
->sr_err
= LDAP_CONSTRAINT_VIOLATION
;
657 if ( val
== 0 && ( rp_cur
& SLAP_RESTRICT_OP_WRITES
) == SLAP_RESTRICT_OP_WRITES
) {
658 rc
= rs
->sr_err
= LDAP_NO_SUCH_ATTRIBUTE
;
662 if ( val
== 1 && ( rp_cur
& SLAP_RESTRICT_OP_WRITES
) != SLAP_RESTRICT_OP_WRITES
) {
663 rc
= rs
->sr_err
= LDAP_NO_SUCH_ATTRIBUTE
;
669 case LDAP_MOD_REPLACE
:
674 if ( ro_gotval
> 0 ) {
675 rc
= rs
->sr_err
= LDAP_CONSTRAINT_VIOLATION
;
681 rp_add
|= (~rp_cur
) & SLAP_RESTRICT_OP_WRITES
;
682 rp_cur
|= SLAP_RESTRICT_OP_WRITES
;
683 rp_delete
&= ~SLAP_RESTRICT_OP_WRITES
;
685 } else if ( val
== 0 ) {
686 rp_delete
|= rp_cur
& SLAP_RESTRICT_OP_WRITES
;
687 rp_cur
&= ~SLAP_RESTRICT_OP_WRITES
;
688 rp_add
&= ~SLAP_RESTRICT_OP_WRITES
;
693 rc
= rs
->sr_err
= LDAP_OTHER
;
697 } else if ( mod
->sm_desc
== mi
->mi_ad_restrictedOperation
) {
698 slap_mask_t mask
= 0;
700 switch ( mod
->sm_op
) {
701 case LDAP_MOD_DELETE
:
702 if ( mod
->sm_values
== NULL
) {
708 rc
= value_mask( mod
->sm_values
, ~rp_cur
, &mask
);
709 if ( rc
== LDAP_SUCCESS
) {
714 } else if ( rc
== LDAP_OTHER
) {
715 rc
= LDAP_NO_SUCH_ATTRIBUTE
;
719 case LDAP_MOD_REPLACE
:
726 rc
= value_mask( mod
->sm_values
, rp_cur
, &mask
);
727 if ( rc
== LDAP_SUCCESS
) {
732 } else if ( rc
== LDAP_OTHER
) {
733 rc
= rs
->sr_err
= LDAP_TYPE_OR_VALUE_EXISTS
;
738 rc
= rs
->sr_err
= LDAP_OTHER
;
742 if ( rc
!= LDAP_SUCCESS
) {
746 } else if ( is_at_operational( mod
->sm_desc
->ad_type
)) {
747 /* accept all operational attributes */
748 attr_delete( &e
->e_attrs
, mod
->sm_desc
);
749 rc
= attr_merge( e
, mod
->sm_desc
, mod
->sm_values
,
752 rc
= rs
->sr_err
= LDAP_OTHER
;
757 rc
= rs
->sr_err
= LDAP_UNWILLING_TO_PERFORM
;
763 if ( ro_gotval
< 1 ) {
764 rc
= rs
->sr_err
= LDAP_CONSTRAINT_VIOLATION
;
768 if ( ( rp_cur
& SLAP_RESTRICT_OP_EXTENDED
) && ( rp_cur
& SLAP_RESTRICT_EXOP_MASK
) ) {
769 rc
= rs
->sr_err
= LDAP_CONSTRAINT_VIOLATION
;
773 if ( rp_delete
& rp_add
) {
774 rc
= rs
->sr_err
= LDAP_OTHER
;
778 /* check current value of readOnly */
779 if ( ( rp_cur
& SLAP_RESTRICT_OP_WRITES
) == SLAP_RESTRICT_OP_WRITES
) {
780 tf
= (struct berval
*)&slap_true_bv
;
783 tf
= (struct berval
*)&slap_false_bv
;
786 a
= attr_find( e
->e_attrs
, mi
->mi_ad_readOnly
);
792 if ( !bvmatch( &a
->a_vals
[ 0 ], tf
) ) {
793 attr_delete( &e
->e_attrs
, mi
->mi_ad_readOnly
);
794 rc
= attr_merge_one( e
, mi
->mi_ad_readOnly
, tf
, tf
);
797 if ( rc
== LDAP_SUCCESS
) {
799 if ( rp_delete
== be
->be_restrictops
) {
800 attr_delete( &e
->e_attrs
, mi
->mi_ad_restrictedOperation
);
803 a
= attr_find( e
->e_attrs
, mi
->mi_ad_restrictedOperation
);
805 rc
= rs
->sr_err
= LDAP_OTHER
;
809 for ( i
= 0; !BER_BVISNULL( &restricted_ops
[ i
].op
); i
++ ) {
810 if ( rp_delete
& restricted_ops
[ i
].tag
) {
813 for ( j
= 0; !BER_BVISNULL( &a
->a_nvals
[ j
] ); j
++ ) {
816 if ( !bvmatch( &a
->a_nvals
[ j
], &restricted_ops
[ i
].op
) ) {
820 ch_free( a
->a_vals
[ j
].bv_val
);
821 ch_free( a
->a_nvals
[ j
].bv_val
);
823 for ( k
= j
+ 1; !BER_BVISNULL( &a
->a_nvals
[ k
] ); k
++ ) {
824 a
->a_vals
[ k
- 1 ] = a
->a_vals
[ k
];
825 a
->a_nvals
[ k
- 1 ] = a
->a_nvals
[ k
];
828 BER_BVZERO( &a
->a_vals
[ k
- 1 ] );
829 BER_BVZERO( &a
->a_nvals
[ k
- 1 ] );
835 for ( i
= 0; !BER_BVISNULL( &restricted_exops
[ i
].op
); i
++ ) {
836 if ( rp_delete
& restricted_exops
[ i
].tag
) {
839 for ( j
= 0; !BER_BVISNULL( &a
->a_nvals
[ j
] ); j
++ ) {
842 if ( !bvmatch( &a
->a_nvals
[ j
], &restricted_exops
[ i
].op
) ) {
846 ch_free( a
->a_vals
[ j
].bv_val
);
847 ch_free( a
->a_nvals
[ j
].bv_val
);
849 for ( k
= j
+ 1; !BER_BVISNULL( &a
->a_nvals
[ k
] ); k
++ ) {
850 a
->a_vals
[ k
- 1 ] = a
->a_vals
[ k
];
851 a
->a_nvals
[ k
- 1 ] = a
->a_nvals
[ k
];
854 BER_BVZERO( &a
->a_vals
[ k
- 1 ] );
855 BER_BVZERO( &a
->a_nvals
[ k
- 1 ] );
861 if ( a
->a_vals
== NULL
) {
862 assert( a
->a_numvals
== 0 );
864 attr_delete( &e
->e_attrs
, mi
->mi_ad_restrictedOperation
);
870 for ( i
= 0; !BER_BVISNULL( &restricted_ops
[ i
].op
); i
++ ) {
871 if ( rp_add
& restricted_ops
[ i
].tag
) {
872 attr_merge_one( e
, mi
->mi_ad_restrictedOperation
,
873 &restricted_ops
[ i
].op
,
874 &restricted_ops
[ i
].op
);
878 for ( i
= 0; !BER_BVISNULL( &restricted_exops
[ i
].op
); i
++ ) {
879 if ( rp_add
& restricted_exops
[ i
].tag
) {
880 attr_merge_one( e
, mi
->mi_ad_restrictedOperation
,
881 &restricted_exops
[ i
].op
,
882 &restricted_exops
[ i
].op
);
888 be
->be_restrictops
= rp_cur
;
891 if ( rc
== LDAP_SUCCESS
) {
892 attrs_free( save_attrs
);
893 rc
= SLAP_CB_CONTINUE
;
896 Attribute
*tmp
= e
->e_attrs
;
897 e
->e_attrs
= save_attrs
;
903 #if defined(LDAP_SLAPI)
905 monitor_back_add_plugin( monitor_info_t
*mi
, Backend
*be
, Entry
*e_database
)
907 Slapi_PBlock
*pCurrentPB
;
908 int i
, rc
= LDAP_SUCCESS
;
910 if ( slapi_int_pblock_get_first( be
, &pCurrentPB
) != LDAP_SUCCESS
) {
912 * LDAP_OTHER is returned if no plugins are installed
920 Slapi_PluginDesc
*srchdesc
;
921 char buf
[ BACKMONITOR_BUFSIZE
];
924 rc
= slapi_pblock_get( pCurrentPB
, SLAPI_PLUGIN_DESCRIPTION
,
926 if ( rc
!= LDAP_SUCCESS
) {
930 snprintf( buf
, sizeof(buf
),
931 "plugin %d name: %s; "
937 srchdesc
->spd_vendor
,
938 srchdesc
->spd_version
,
939 srchdesc
->spd_description
);
941 snprintf( buf
, sizeof(buf
),
942 "plugin %d name: <no description available>", i
);
945 ber_str2bv( buf
, 0, 0, &bv
);
946 attr_merge_normalize_one( e_database
,
947 mi
->mi_ad_monitoredInfo
, &bv
, NULL
);
951 } while ( ( slapi_int_pblock_get_next( &pCurrentPB
) == LDAP_SUCCESS
)
952 && ( pCurrentPB
!= NULL
) );
957 #endif /* defined(LDAP_SLAPI) */
