search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Sync usage with man page.
[netbsd-mini2440.git] / external / bsd / openldap / dist / servers / slapd / root_dse.c
blobe6f9842f32ea548c5257aaae34d1140760a1917d
1 /* root_dse.c - Provides the Root DSA-Specific Entry */
2 /* $OpenLDAP: pkg/ldap/servers/slapd/root_dse.c,v 1.113.2.8 2008/02/11 23:26:44 kurt Exp $ */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 *
5 * Copyright 1999-2008 The OpenLDAP Foundation.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
10 * Public License.
11 *
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
15 */
16
17 #include "portable.h"
18
19 #include <stdio.h>
20
21 #include <ac/string.h>
22
23 #include "slap.h"
24 #include <ldif.h>
25 #include "lber_pvt.h"
26
27 #ifdef LDAP_SLAPI
28 #include "slapi/slapi.h"
29 #endif
30
31 static struct berval builtin_supportedFeatures[] = {
32 BER_BVC(LDAP_FEATURE_MODIFY_INCREMENT), /* Modify/increment */
33 BER_BVC(LDAP_FEATURE_ALL_OP_ATTRS), /* All Op Attrs (+) */
34 BER_BVC(LDAP_FEATURE_OBJECTCLASS_ATTRS), /* OCs in Attrs List (@class) */
35 BER_BVC(LDAP_FEATURE_ABSOLUTE_FILTERS), /* (&) and (|) search filters */
36 BER_BVC(LDAP_FEATURE_LANGUAGE_TAG_OPTIONS), /* Language Tag Options */
37 BER_BVC(LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS), /* Language Range Options */
38 #ifdef LDAP_DEVEL
39 BER_BVC(LDAP_FEATURE_SUBORDINATE_SCOPE), /* "children" search scope */
40 #endif
41 BER_BVNULL
42 };
43 static struct berval *supportedFeatures;
44
45 static Entry *usr_attr = NULL;
46
47 /*
48 * allow modules to register functions that muck with the root DSE entry
49 */
50
51 typedef struct entry_info_t {
52 SLAP_ENTRY_INFO_FN func;
53 void *arg;
54 struct entry_info_t *next;
55 } entry_info_t;
56
57 static entry_info_t *extra_info;
58
59 int
60 entry_info_register( SLAP_ENTRY_INFO_FN func, void *arg )
61 {
62 entry_info_t *ei = ch_calloc( 1, sizeof( entry_info_t ) );
63
64 ei->func = func;
65 ei->arg = arg;
66
67 ei->next = extra_info;
68 extra_info = ei;
69
70 return 0;
71 }
72
73 int
74 entry_info_unregister( SLAP_ENTRY_INFO_FN func, void *arg )
75 {
76 entry_info_t **eip;
77
78 for ( eip = &extra_info; *eip != NULL; eip = &(*eip)->next ) {
79 if ( (*eip)->func == func && (*eip)->arg == arg ) {
80 entry_info_t *ei = *eip;
81
82 *eip = ei->next;
83
84 ch_free( ei );
85
86 return 0;
87 }
88 }
89
90 return -1;
91 }
92
93 void
94 entry_info_destroy( void )
95 {
96 entry_info_t **eip;
97
98 for ( eip = &extra_info; *eip != NULL; ) {
99 entry_info_t *ei = *eip;
100
101 eip = &(*eip)->next;
102
103 ch_free( ei );
104 }
105 }
106
107 /*
108 * Allow modules to register supported features
109 */
110
111 static int
112 supported_feature_init( void )
113 {
114 int i;
115
116 if ( supportedFeatures != NULL ) {
117 return 0;
118 }
119
120 for ( i = 0; !BER_BVISNULL( &builtin_supportedFeatures[ i ] ); i++ )
121 ;
122
123 supportedFeatures = ch_calloc( sizeof( struct berval ), i + 1 );
124 if ( supportedFeatures == NULL ) {
125 return -1;
126 }
127
128 for ( i = 0; !BER_BVISNULL( &builtin_supportedFeatures[ i ] ); i++ ) {
129 ber_dupbv( &supportedFeatures[ i ], &builtin_supportedFeatures[ i ] );
130 }
131 BER_BVZERO( &supportedFeatures[ i ] );
132
133 return 0;
134 }
135
136 int
137 supported_feature_destroy( void )
138 {
139 int i;
140
141 if ( supportedFeatures == NULL ) {
142 return 0;
143 }
144
145 for ( i = 0; !BER_BVISNULL( &supportedFeatures[ i ] ); i++ ) {
146 ch_free( supportedFeatures[ i ].bv_val );
147 }
148
149 ch_free( supportedFeatures );
150 supportedFeatures = NULL;
151
152 return 0;
153 }
154
155 int
156 supported_feature_load( struct berval *f )
157 {
158 struct berval *tmp;
159 int i;
160
161 supported_feature_init();
162
163 for ( i = 0; !BER_BVISNULL( &supportedFeatures[ i ] ); i++ )
164 ;
165
166 tmp = ch_realloc( supportedFeatures, sizeof( struct berval ) * ( i + 2 ) );
167 if ( tmp == NULL ) {
168 return -1;
169 }
170 supportedFeatures = tmp;
171
172 ber_dupbv( &supportedFeatures[ i ], f );
173 BER_BVZERO( &supportedFeatures[ i + 1 ] );
174
175 return 0;
176 }
177
178 int
179 root_dse_info(
180 Connection *conn,
181 Entry **entry,
182 const char **text )
183 {
184 Entry *e;
185 struct berval val;
186 #ifdef LDAP_SLAPI
187 struct berval *bv;
188 #endif
189 int i, j;
190 char ** supportedSASLMechanisms;
191 BackendDB *be;
192
193 AttributeDescription *ad_structuralObjectClass
194 = slap_schema.si_ad_structuralObjectClass;
195 AttributeDescription *ad_objectClass
196 = slap_schema.si_ad_objectClass;
197 AttributeDescription *ad_namingContexts
198 = slap_schema.si_ad_namingContexts;
199 #ifdef LDAP_SLAPI
200 AttributeDescription *ad_supportedExtension
201 = slap_schema.si_ad_supportedExtension;
202 #endif
203 AttributeDescription *ad_supportedLDAPVersion
204 = slap_schema.si_ad_supportedLDAPVersion;
205 AttributeDescription *ad_supportedSASLMechanisms
206 = slap_schema.si_ad_supportedSASLMechanisms;
207 AttributeDescription *ad_supportedFeatures
208 = slap_schema.si_ad_supportedFeatures;
209 AttributeDescription *ad_monitorContext
210 = slap_schema.si_ad_monitorContext;
211 AttributeDescription *ad_configContext
212 = slap_schema.si_ad_configContext;
213 AttributeDescription *ad_ref
214 = slap_schema.si_ad_ref;
215
216 e = entry_alloc();
217 if( e == NULL ) {
218 Debug( LDAP_DEBUG_ANY,
219 "root_dse_info: entry_alloc failed", 0, 0, 0 );
220 return LDAP_OTHER;
221 }
222
223 e->e_attrs = NULL;
224 e->e_name.bv_val = ch_strdup( LDAP_ROOT_DSE );
225 e->e_name.bv_len = sizeof( LDAP_ROOT_DSE )-1;
226 e->e_nname.bv_val = ch_strdup( LDAP_ROOT_DSE );
227 e->e_nname.bv_len = sizeof( LDAP_ROOT_DSE )-1;
228
229 /* the DN is an empty string so no pretty/normalization is needed */
230 assert( !e->e_name.bv_len );
231 assert( !e->e_nname.bv_len );
232
233 e->e_private = NULL;
234
235 /* FIXME: is this really needed? */
236 BER_BVSTR( &val, "top" );
237 if( attr_merge_one( e, ad_objectClass, &val, NULL ) ) {
238 fail:
239 entry_free( e );
240 return LDAP_OTHER;
241 }
242
243 BER_BVSTR( &val, "OpenLDAProotDSE" );
244 if( attr_merge_one( e, ad_objectClass, &val, NULL ) ) {
245 goto fail;
246 }
247 if( attr_merge_one( e, ad_structuralObjectClass, &val, NULL ) ) {
248 goto fail;
249 }
250
251 LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
252 if ( be->be_suffix == NULL
253 || be->be_nsuffix == NULL ) {
254 /* no suffix! */
255 continue;
256 }
257 if ( SLAP_MONITOR( be )) {
258 if( attr_merge_one( e, ad_monitorContext,
259 &be->be_suffix[0],
260 &be->be_nsuffix[0] ) )
261 {
262 goto fail;
263 }
264 continue;
265 }
266 if ( SLAP_CONFIG( be )) {
267 if( attr_merge_one( e, ad_configContext,
268 &be->be_suffix[0],
269 & be->be_nsuffix[0] ) )
270 {
271 goto fail;
272 }
273 continue;
274 }
275 if ( SLAP_GLUE_SUBORDINATE( be ) && !SLAP_GLUE_ADVERTISE( be ) ) {
276 continue;
277 }
278 for ( j = 0; be->be_suffix[j].bv_val != NULL; j++ ) {
279 if( attr_merge_one( e, ad_namingContexts,
280 &be->be_suffix[j],
281 &be->be_nsuffix[0] ) )
282 {
283 goto fail;
284 }
285 }
286 }
287
288 /* altServer unsupported */
289
290 /* supportedControl */
291 if ( controls_root_dse_info( e ) != 0 ) {
292 goto fail;
293 }
294
295 /* supportedExtension */
296 if ( exop_root_dse_info( e ) != 0 ) {
297 goto fail;
298 }
299
300 #ifdef LDAP_SLAPI
301 /* netscape supportedExtension */
302 for ( i = 0; (bv = slapi_int_get_supported_extop(i)) != NULL; i++ ) {
303 if( attr_merge_one( e, ad_supportedExtension, bv, NULL ) ) {
304 goto fail;
305 }
306 }
307 #endif /* LDAP_SLAPI */
308
309 /* supportedFeatures */
310 if ( supportedFeatures == NULL ) {
311 supported_feature_init();
312 }
313
314 if( attr_merge( e, ad_supportedFeatures, supportedFeatures, NULL ) ) {
315 goto fail;
316 }
317
318 /* supportedLDAPVersion */
319 /* don't publish version 2 as we don't really support it
320 * (even when configured to accept version 2 Bind requests)
321 * and the value would never be used by true LDAPv2 (or LDAPv3)
322 * clients.
323 */
324 for ( i=LDAP_VERSION3; i<=LDAP_VERSION_MAX; i++ ) {
325 char buf[sizeof("255")];
326 snprintf(buf, sizeof buf, "%d", i);
327 val.bv_val = buf;
328 val.bv_len = strlen( val.bv_val );
329 if( attr_merge_one( e, ad_supportedLDAPVersion, &val, NULL ) ) {
330 goto fail;
331 }
332 }
333
334 /* supportedSASLMechanism */
335 supportedSASLMechanisms = slap_sasl_mechs( conn );
336
337 if( supportedSASLMechanisms != NULL ) {
338 for ( i=0; supportedSASLMechanisms[i] != NULL; i++ ) {
339 val.bv_val = supportedSASLMechanisms[i];
340 val.bv_len = strlen( val.bv_val );
341 if( attr_merge_one( e, ad_supportedSASLMechanisms, &val, NULL ) ) {
342 ldap_charray_free( supportedSASLMechanisms );
343 goto fail;
344 }
345 }
346 ldap_charray_free( supportedSASLMechanisms );
347 }
348
349 if ( default_referral != NULL ) {
350 if( attr_merge( e, ad_ref, default_referral, NULL /* FIXME */ ) ) {
351 goto fail;
352 }
353 }
354
355 if( usr_attr != NULL) {
356 Attribute *a;
357 for( a = usr_attr->e_attrs; a != NULL; a = a->a_next ) {
358 if( attr_merge( e, a->a_desc, a->a_vals,
359 (a->a_nvals == a->a_vals) ? NULL : a->a_nvals ) )
360 {
361 goto fail;
362 }
363 }
364 }
365
366 if ( extra_info ) {
367 entry_info_t *ei = extra_info;
368
369 for ( ; ei; ei = ei->next ) {
370 ei->func( ei->arg, e );
371 }
372 }
373
374 *entry = e;
375 return LDAP_SUCCESS;
376 }
377
378 int
379 root_dse_init( void )
380 {
381 return 0;
382 }
383
384 int
385 root_dse_destroy( void )
386 {
387 if ( usr_attr ) {
388 entry_free( usr_attr );
389 usr_attr = NULL;
390 }
391
392 return 0;
393 }
394
395 /*
396 * Read the entries specified in fname and merge the attributes
397 * to the user defined rootDSE. Note thaat if we find any errors
398 * what so ever, we will discard the entire entries, print an
399 * error message and return.
400 */
401 int
402 root_dse_read_file( const char *fname )
403 {
404 struct LDIFFP *fp;
405 int rc = 0, lineno = 0, lmax = 0;
406 char *buf = NULL;
407
408 if ( (fp = ldif_open( fname, "r" )) == NULL ) {
409 Debug( LDAP_DEBUG_ANY,
410 "root_dse_read_file: could not open rootdse attr file \"%s\" - absolute path?\n",
411 fname, 0, 0 );
412 perror( fname );
413 return EXIT_FAILURE;
414 }
415
416 usr_attr = entry_alloc();
417 if( usr_attr == NULL ) {
418 Debug( LDAP_DEBUG_ANY,
419 "root_dse_read_file: entry_alloc failed", 0, 0, 0 );
420 ldif_close( fp );
421 return LDAP_OTHER;
422 }
423 usr_attr->e_attrs = NULL;
424
425 while( ldif_read_record( fp, &lineno, &buf, &lmax ) ) {
426 Entry *e = str2entry( buf );
427 Attribute *a;
428
429 if( e == NULL ) {
430 Debug( LDAP_DEBUG_ANY, "root_dse_read_file: "
431 "could not parse entry (file=\"%s\" line=%d)\n",
432 fname, lineno, 0 );
433 rc = EXIT_FAILURE;
434 break;
435 }
436
437 /* make sure the DN is the empty DN */
438 if( e->e_nname.bv_len ) {
439 Debug( LDAP_DEBUG_ANY,
440 "root_dse_read_file: invalid rootDSE "
441 "- dn=\"%s\" (file=\"%s\" line=%d)\n",
442 e->e_dn, fname, lineno );
443 entry_free( e );
444 rc = EXIT_FAILURE;
445 break;
446 }
447
448 /*
449 * we found a valid entry, so walk thru all the attributes in the
450 * entry, and add each attribute type and description to the
451 * usr_attr entry
452 */
453
454 for(a = e->e_attrs; a != NULL; a = a->a_next) {
455 if( attr_merge( usr_attr, a->a_desc, a->a_vals,
456 (a->a_nvals == a->a_vals) ? NULL : a->a_nvals ) )
457 {
458 rc = LDAP_OTHER;
459 break;
460 }
461 }
462
463 entry_free( e );
464 if (rc) break;
465 }
466
467 if (rc) {
468 entry_free( usr_attr );
469 usr_attr = NULL;
470 }
471
472 ch_free( buf );
473
474 ldif_close( fp );
475
476 Debug(LDAP_DEBUG_CONFIG, "rootDSE file=\"%s\" read.\n", fname, 0, 0);
477 return rc;
478 }
479
480 int
481 slap_discover_feature(
482 slap_bindconf *sb,
483 const char *attr,
484 const char *val )
485 {
486 LDAP *ld = NULL;
487 LDAPMessage *res = NULL, *entry;
488 int rc, i;
489 struct berval bv_val,
490 **values = NULL;
491 char *attrs[ 2 ] = { NULL, NULL };
492
493 rc = slap_client_connect( &ld, sb );
494 if ( rc != LDAP_SUCCESS ) {
495 goto done;
496 }
497
498 attrs[ 0 ] = (char *) attr;
499 rc = ldap_search_ext_s( ld, "", LDAP_SCOPE_BASE, "(objectClass=*)",
500 attrs, 0, NULL, NULL, NULL, 0, &res );
501 if ( rc != LDAP_SUCCESS ) {
502 goto done;
503 }
504
505 entry = ldap_first_entry( ld, res );
506 if ( entry == NULL ) {
507 goto done;
508 }
509
510 values = ldap_get_values_len( ld, entry, attrs[ 0 ] );
511 if ( values == NULL ) {
512 rc = LDAP_NO_SUCH_ATTRIBUTE;
513 goto done;
514 }
515
516 ber_str2bv( val, 0, 0, &bv_val );
517 for ( i = 0; values[ i ] != NULL; i++ ) {
518 if ( bvmatch( &bv_val, values[ i ] ) ) {
519 rc = LDAP_COMPARE_TRUE;
520 goto done;
521 }
522 }
523
524 rc = LDAP_COMPARE_FALSE;
525
526 done:;
527 if ( values != NULL ) {
528 ldap_value_free_len( values );
529 }
530
531 if ( res != NULL ) {
532 ldap_msgfree( res );
533 }
534
535 ldap_unbind_ext( ld, NULL, NULL );
536
537 return rc;
538 }
539
NetBSD on the FriendlyARM MINI2440