search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Sync usage with man page.
[netbsd-mini2440.git] / external / bsd / openldap / dist / servers / slapd / back-meta / init.c
blob4fd82c1bd414bc119b9453ac900b51c51682fbf1
1 /* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/init.c,v 1.58.2.10 2008/07/09 23:48:40 quanah Exp $ */
2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
3 *
4 * Copyright 1999-2008 The OpenLDAP Foundation.
5 * Portions Copyright 2001-2003 Pierangelo Masarati.
6 * Portions Copyright 1999-2003 Howard Chu.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
11 * Public License.
12 *
13 * A copy of this license is available in the file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
16 */
17
18 #include "portable.h"
19
20 #include <stdio.h>
21
22 #include <ac/string.h>
23 #include <ac/socket.h>
24
25 #include "slap.h"
26 #include "config.h"
27 #include "../back-ldap/back-ldap.h"
28 #include "back-meta.h"
29
30 int
31 meta_back_open(
32 BackendInfo *bi )
33 {
34 /* FIXME: need to remove the pagedResults, and likely more... */
35 bi->bi_controls = slap_known_controls;
36
37 return 0;
38 }
39
40 int
41 meta_back_initialize(
42 BackendInfo *bi )
43 {
44 bi->bi_flags =
45 #if 0
46 /* this is not (yet) set essentially because back-meta does not
47 * directly support extended operations... */
48 #ifdef LDAP_DYNAMIC_OBJECTS
49 /* this is set because all the support a proxy has to provide
50 * is the capability to forward the refresh exop, and to
51 * pass thru entries that contain the dynamicObject class
52 * and the entryTtl attribute */
53 SLAP_BFLAG_DYNAMIC |
54 #endif /* LDAP_DYNAMIC_OBJECTS */
55 #endif
56 0;
57
58 bi->bi_open = meta_back_open;
59 bi->bi_config = 0;
60 bi->bi_close = 0;
61 bi->bi_destroy = 0;
62
63 bi->bi_db_init = meta_back_db_init;
64 bi->bi_db_config = meta_back_db_config;
65 bi->bi_db_open = meta_back_db_open;
66 bi->bi_db_close = 0;
67 bi->bi_db_destroy = meta_back_db_destroy;
68
69 bi->bi_op_bind = meta_back_bind;
70 bi->bi_op_unbind = 0;
71 bi->bi_op_search = meta_back_search;
72 bi->bi_op_compare = meta_back_compare;
73 bi->bi_op_modify = meta_back_modify;
74 bi->bi_op_modrdn = meta_back_modrdn;
75 bi->bi_op_add = meta_back_add;
76 bi->bi_op_delete = meta_back_delete;
77 bi->bi_op_abandon = 0;
78
79 bi->bi_extended = 0;
80
81 bi->bi_chk_referrals = 0;
82
83 bi->bi_connection_init = 0;
84 bi->bi_connection_destroy = meta_back_conn_destroy;
85
86 return 0;
87 }
88
89 int
90 meta_back_db_init(
91 Backend *be,
92 ConfigReply *cr)
93 {
94 metainfo_t *mi;
95 int i;
96 BackendInfo *bi;
97
98 bi = backend_info( "ldap" );
99 if ( !bi || !bi->bi_extra ) {
100 Debug( LDAP_DEBUG_ANY,
101 "meta_back_db_init: needs back-ldap\n",
102 0, 0, 0 );
103 return 1;
104 }
105
106 mi = ch_calloc( 1, sizeof( metainfo_t ) );
107 if ( mi == NULL ) {
108 return -1;
109 }
110
111 /* set default flags */
112 mi->mi_flags =
113 META_BACK_F_DEFER_ROOTDN_BIND;
114
115 /*
116 * At present the default is no default target;
117 * this may change
118 */
119 mi->mi_defaulttarget = META_DEFAULT_TARGET_NONE;
120 mi->mi_bind_timeout.tv_sec = 0;
121 mi->mi_bind_timeout.tv_usec = META_BIND_TIMEOUT;
122
123 mi->mi_rebind_f = meta_back_default_rebind;
124 mi->mi_urllist_f = meta_back_default_urllist;
125
126 ldap_pvt_thread_mutex_init( &mi->mi_conninfo.lai_mutex );
127 ldap_pvt_thread_mutex_init( &mi->mi_cache.mutex );
128
129 /* safe default */
130 mi->mi_nretries = META_RETRY_DEFAULT;
131 mi->mi_version = LDAP_VERSION3;
132
133 for ( i = LDAP_BACK_PCONN_FIRST; i < LDAP_BACK_PCONN_LAST; i++ ) {
134 mi->mi_conn_priv[ i ].mic_num = 0;
135 LDAP_TAILQ_INIT( &mi->mi_conn_priv[ i ].mic_priv );
136 }
137 mi->mi_conn_priv_max = LDAP_BACK_CONN_PRIV_DEFAULT;
138
139 mi->mi_ldap_extra = (ldap_extra_t *)bi->bi_extra;
140
141 be->be_private = mi;
142
143 return 0;
144 }
145
146 int
147 meta_back_db_open(
148 Backend *be,
149 ConfigReply *cr )
150 {
151 metainfo_t *mi = (metainfo_t *)be->be_private;
152
153 int i,
154 not_always = 0,
155 not_always_anon_proxyauthz = 0,
156 not_always_anon_non_prescriptive = 0,
157 rc;
158
159 if ( mi->mi_ntargets == 0 ) {
160 Debug( LDAP_DEBUG_ANY,
161 "meta_back_db_open: no targets defined\n",
162 0, 0, 0 );
163 return 1;
164 }
165
166 for ( i = 0; i < mi->mi_ntargets; i++ ) {
167 slap_bindconf sb = { BER_BVNULL };
168 metatarget_t *mt = mi->mi_targets[ i ];
169
170 ber_str2bv( mt->mt_uri, 0, 0, &sb.sb_uri );
171 sb.sb_version = mt->mt_version;
172 sb.sb_method = LDAP_AUTH_SIMPLE;
173 BER_BVSTR( &sb.sb_binddn, "" );
174
175 if ( META_BACK_TGT_T_F_DISCOVER( mt ) ) {
176 rc = slap_discover_feature( &sb,
177 slap_schema.si_ad_supportedFeatures->ad_cname.bv_val,
178 LDAP_FEATURE_ABSOLUTE_FILTERS );
179 if ( rc == LDAP_COMPARE_TRUE ) {
180 mt->mt_flags |= LDAP_BACK_F_T_F;
181 }
182 }
183
184 if ( META_BACK_TGT_CANCEL_DISCOVER( mt ) ) {
185 rc = slap_discover_feature( &sb,
186 slap_schema.si_ad_supportedExtension->ad_cname.bv_val,
187 LDAP_EXOP_CANCEL );
188 if ( rc == LDAP_COMPARE_TRUE ) {
189 mt->mt_flags |= LDAP_BACK_F_CANCEL_EXOP;
190 }
191 }
192
193 if ( not_always == 0 ) {
194 if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_OVERRIDE )
195 || mt->mt_idassert_authz != NULL )
196 {
197 not_always = 1;
198 }
199 }
200
201 if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL )
202 && !( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
203 {
204 Debug( LDAP_DEBUG_ANY, "meta_back_db_open(%s): "
205 "target #%d inconsistent idassert configuration "
206 "(likely authz=\"*\" used with \"non-prescriptive\" flag)\n",
207 be->be_suffix[ 0 ].bv_val, i, 0 );
208 return 1;
209 }
210
211 if ( not_always_anon_proxyauthz == 0 ) {
212 if ( !( mt->mt_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL ) )
213 {
214 not_always_anon_proxyauthz = 1;
215 }
216 }
217
218 if ( not_always_anon_non_prescriptive == 0 ) {
219 if ( ( mt->mt_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) )
220 {
221 not_always_anon_non_prescriptive = 1;
222 }
223 }
224 }
225
226 if ( not_always == 0 ) {
227 mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ALWAYS;
228 }
229
230 if ( not_always_anon_proxyauthz == 0 ) {
231 mi->mi_flags |= META_BACK_F_PROXYAUTHZ_ANON;
232
233 } else if ( not_always_anon_non_prescriptive == 0 ) {
234 mi->mi_flags |= META_BACK_F_PROXYAUTHZ_NOANON;
235 }
236
237 return 0;
238 }
239
240 /*
241 * meta_back_conn_free()
242 *
243 * actually frees a connection; the reference count must be 0,
244 * and it must not (or no longer) be in the cache.
245 */
246 void
247 meta_back_conn_free(
248 void *v_mc )
249 {
250 metaconn_t *mc = v_mc;
251 int ntargets;
252
253 assert( mc != NULL );
254 assert( mc->mc_refcnt == 0 );
255
256 /* at least one must be present... */
257 ntargets = mc->mc_info->mi_ntargets;
258 assert( ntargets > 0 );
259
260 for ( ; ntargets--; ) {
261 (void)meta_clear_one_candidate( NULL, mc, ntargets );
262 }
263
264 if ( !BER_BVISNULL( &mc->mc_local_ndn ) ) {
265 free( mc->mc_local_ndn.bv_val );
266 }
267
268 free( mc );
269 }
270
271 static void
272 mapping_free(
273 void *v_mapping )
274 {
275 struct ldapmapping *mapping = v_mapping;
276 ch_free( mapping->src.bv_val );
277 ch_free( mapping->dst.bv_val );
278 ch_free( mapping );
279 }
280
281 static void
282 mapping_dst_free(
283 void *v_mapping )
284 {
285 struct ldapmapping *mapping = v_mapping;
286
287 if ( BER_BVISEMPTY( &mapping->dst ) ) {
288 mapping_free( &mapping[ -1 ] );
289 }
290 }
291
292 static void
293 target_free(
294 metatarget_t *mt )
295 {
296 if ( mt->mt_uri ) {
297 free( mt->mt_uri );
298 ldap_pvt_thread_mutex_destroy( &mt->mt_uri_mutex );
299 }
300 if ( mt->mt_subtree_exclude ) {
301 ber_bvarray_free( mt->mt_subtree_exclude );
302 }
303 if ( !BER_BVISNULL( &mt->mt_psuffix ) ) {
304 free( mt->mt_psuffix.bv_val );
305 }
306 if ( !BER_BVISNULL( &mt->mt_nsuffix ) ) {
307 free( mt->mt_nsuffix.bv_val );
308 }
309 if ( !BER_BVISNULL( &mt->mt_binddn ) ) {
310 free( mt->mt_binddn.bv_val );
311 }
312 if ( !BER_BVISNULL( &mt->mt_bindpw ) ) {
313 free( mt->mt_bindpw.bv_val );
314 }
315 if ( !BER_BVISNULL( &mt->mt_idassert_authcID ) ) {
316 ch_free( mt->mt_idassert_authcID.bv_val );
317 }
318 if ( !BER_BVISNULL( &mt->mt_idassert_authcDN ) ) {
319 ch_free( mt->mt_idassert_authcDN.bv_val );
320 }
321 if ( !BER_BVISNULL( &mt->mt_idassert_passwd ) ) {
322 ch_free( mt->mt_idassert_passwd.bv_val );
323 }
324 if ( !BER_BVISNULL( &mt->mt_idassert_authzID ) ) {
325 ch_free( mt->mt_idassert_authzID.bv_val );
326 }
327 if ( !BER_BVISNULL( &mt->mt_idassert_sasl_mech ) ) {
328 ch_free( mt->mt_idassert_sasl_mech.bv_val );
329 }
330 if ( !BER_BVISNULL( &mt->mt_idassert_sasl_realm ) ) {
331 ch_free( mt->mt_idassert_sasl_realm.bv_val );
332 }
333 if ( mt->mt_idassert_authz != NULL ) {
334 ber_bvarray_free( mt->mt_idassert_authz );
335 }
336 if ( mt->mt_rwmap.rwm_rw ) {
337 rewrite_info_delete( &mt->mt_rwmap.rwm_rw );
338 }
339 avl_free( mt->mt_rwmap.rwm_oc.remap, mapping_dst_free );
340 avl_free( mt->mt_rwmap.rwm_oc.map, mapping_free );
341 avl_free( mt->mt_rwmap.rwm_at.remap, mapping_dst_free );
342 avl_free( mt->mt_rwmap.rwm_at.map, mapping_free );
343
344 free( mt );
345 }
346
347 int
348 meta_back_db_destroy(
349 Backend *be,
350 ConfigReply *cr )
351 {
352 metainfo_t *mi;
353
354 if ( be->be_private ) {
355 int i;
356
357 mi = ( metainfo_t * )be->be_private;
358
359 /*
360 * Destroy the connection tree
361 */
362 ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
363
364 if ( mi->mi_conninfo.lai_tree ) {
365 avl_free( mi->mi_conninfo.lai_tree, meta_back_conn_free );
366 }
367 for ( i = LDAP_BACK_PCONN_FIRST; i < LDAP_BACK_PCONN_LAST; i++ ) {
368 while ( !LDAP_TAILQ_EMPTY( &mi->mi_conn_priv[ i ].mic_priv ) ) {
369 metaconn_t *mc = LDAP_TAILQ_FIRST( &mi->mi_conn_priv[ i ].mic_priv );
370
371 LDAP_TAILQ_REMOVE( &mi->mi_conn_priv[ i ].mic_priv, mc, mc_q );
372 meta_back_conn_free( mc );
373 }
374 }
375
376 /*
377 * Destroy the per-target stuff (assuming there's at
378 * least one ...)
379 */
380 if ( mi->mi_targets != NULL ) {
381 for ( i = 0; i < mi->mi_ntargets; i++ ) {
382 metatarget_t *mt = mi->mi_targets[ i ];
383
384 if ( META_BACK_TGT_QUARANTINE( mt ) ) {
385 if ( mt->mt_quarantine.ri_num != mi->mi_quarantine.ri_num )
386 {
387 mi->mi_ldap_extra->retry_info_destroy( &mt->mt_quarantine );
388 }
389
390 ldap_pvt_thread_mutex_destroy( &mt->mt_quarantine_mutex );
391 }
392
393 target_free( mt );
394 }
395
396 free( mi->mi_targets );
397 }
398
399 ldap_pvt_thread_mutex_lock( &mi->mi_cache.mutex );
400 if ( mi->mi_cache.tree ) {
401 avl_free( mi->mi_cache.tree, meta_dncache_free );
402 }
403
404 ldap_pvt_thread_mutex_unlock( &mi->mi_cache.mutex );
405 ldap_pvt_thread_mutex_destroy( &mi->mi_cache.mutex );
406
407 ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
408 ldap_pvt_thread_mutex_destroy( &mi->mi_conninfo.lai_mutex );
409
410 if ( mi->mi_candidates != NULL ) {
411 ber_memfree_x( mi->mi_candidates, NULL );
412 }
413
414 if ( META_BACK_QUARANTINE( mi ) ) {
415 mi->mi_ldap_extra->retry_info_destroy( &mi->mi_quarantine );
416 }
417 }
418
419 free( be->be_private );
420 return 0;
421 }
422
423 #if SLAPD_META == SLAPD_MOD_DYNAMIC
424
425 /* conditionally define the init_module() function */
426 SLAP_BACKEND_INIT_MODULE( meta )
427
428 #endif /* SLAPD_META == SLAPD_MOD_DYNAMIC */
429
430
NetBSD on the FriendlyARM MINI2440