[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
diffs for suffix aliasing
I have put the suffix alias capability in add/mod/del/bind. I have
attached the diffs. Done minimal testing. Let me know if you need the
source in a different format or if I should contribute in a different
way.
Have not heard back about anyone else working on the items outlined in
my original note. If no one is looking at those items I will look into
at least some of them, starting with host and object based access
control. Let me know if interested or you know of standards (and where
to get the full specification of those standards) that may be
applicable.
--
Will Ballantyne GEMS Technical Architect
mailto:Will.Ballantyne@gems1.gov.bc.ca
Only in new.ldap: .make-platform
Only in new.ldap: .makefiles
Only in new.ldap: Make-common
diff -ur -x CVS -x Makefile ldap/clients/ud/string_to_key.c new.ldap/clients/ud/string_to_key.c
--- ldap/clients/ud/string_to_key.c Mon Aug 31 12:11:18 1998
+++ new.ldap/clients/ud/string_to_key.c Mon Oct 5 23:05:51 1998
@@ -1,7 +1,7 @@
#if defined(KERBEROS) && !defined(openbsd)
/*
- * $Source: /repo/OpenLDAP/pkg/ldap/clients/ud/string_to_key.c,v $
- * $Author: kurt $
+ * $Source: /usr/local/cvsroot/ldap/clients/ud/string_to_key.c,v $
+ * $Author: wballant $
*
* Copyright 1985, 1986, 1987, 1988, 1989 by the Massachusetts Institute
* of Technology.
Only in new.ldap/include: ldapconfig.h
diff -ur -x CVS -x Makefile ldap/servers/slapd/add.c new.ldap/servers/slapd/add.c
--- ldap/servers/slapd/add.c Tue Aug 18 16:30:57 1998
+++ new.ldap/servers/slapd/add.c Wed Oct 14 23:37:57 1998
@@ -19,6 +19,7 @@
extern Backend *select_backend();
extern char *dn_normalize();
+extern char *suffixAlias();
extern char *default_referral;
extern time_t currenttime;
@@ -32,6 +33,7 @@
Connection *conn;
Operation *op;
{
+ int j, dnLength;
BerElement *ber = op->o_ber;
char *dn, *last;
unsigned long len, tag;
@@ -61,6 +63,9 @@
"decoding error" );
return;
}
+
+
+
e->e_dn = dn;
dn = dn_normalize( strdup( dn ) );
Debug( LDAP_DEBUG_ARGS, " do_add: dn (%s)\n", dn, 0, 0 );
@@ -108,6 +113,9 @@
default_referral );
return;
}
+
+ /* translate the base if it matches an aliased part. */
+ e->e_dn = suffixAlias ( e->e_dn, op, be );
/*
* do the add if 1 && (2 || 3)
diff -ur -x CVS -x Makefile ldap/servers/slapd/backend.c new.ldap/servers/slapd/backend.c
--- ldap/servers/slapd/backend.c Tue Sep 15 20:10:53 1998
+++ new.ldap/servers/slapd/backend.c Tue Oct 13 13:46:58 1998
@@ -186,6 +186,25 @@
}
}
+ /* if no proper suffix could be found then check for aliases */
+ for ( i = 0; i < nbackends; i++ ) {
+ for ( j = 0; backends[i].be_suffixAlias != NULL &&
+ backends[i].be_suffixAlias[j] != NULL; j += 2 )
+ {
+ len = strlen( backends[i].be_suffixAlias[j] );
+
+ if ( len > dnlen ) {
+ continue;
+ }
+
+ if ( strcasecmp( backends[i].be_suffixAlias[j],
+ dn + (dnlen - len) ) == 0 ) {
+ return( &backends[i] );
+ }
+ }
+ }
+
+
return( NULL );
}
diff -ur -x CVS -x Makefile ldap/servers/slapd/bind.c new.ldap/servers/slapd/bind.c
--- ldap/servers/slapd/bind.c Sat Aug 8 15:43:13 1998
+++ new.ldap/servers/slapd/bind.c Wed Oct 14 23:54:03 1998
@@ -19,6 +19,7 @@
#include "slap.h"
extern Backend *select_backend();
+extern char *suffixAlias();
extern char *default_referral;
@@ -150,6 +151,9 @@
}
return;
}
+
+ /* alias suffix */
+ dn = suffixAlias ( dn, op, be );
if ( be->be_bind != NULL ) {
if ( (*be->be_bind)( be, conn, op, dn, method, &cred ) == 0 ) {
diff -ur -x CVS -x Makefile ldap/servers/slapd/config.c new.ldap/servers/slapd/config.c
--- ldap/servers/slapd/config.c Sat Aug 8 15:43:13 1998
+++ new.ldap/servers/slapd/config.c Tue Oct 13 13:46:58 1998
@@ -131,6 +131,37 @@
charray_add( &be->be_suffix, dn );
}
+ /* set database suffixAlias */
+ } else if ( strcasecmp( cargv[0], "suffixAlias" ) == 0 ) {
+ if ( cargc < 2 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing alias and aliased_dn in \"suffixAlias <alias> <aliased_dn>\" line\n",
+ fname, lineno, 0 );
+ exit( 1 );
+ } else if ( cargc < 3 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing aliased_dn in \"suffixAlias <alias> <aliased_dn>\" line\n",
+ fname, lineno, 0 );
+ exit( 1 );
+ } else if ( cargc > 3 ) {
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: extra cruft in suffixAlias line (ignored)\n",
+ fname, lineno, 0 );
+ }
+ if ( be == NULL ) {
+ Debug( LDAP_DEBUG_ANY,
+"%s: line %d: suffixAlias line must appear inside a database definition (ignored)\n",
+ fname, lineno, 0 );
+ } else {
+ dn = strdup( cargv[1] );
+ (void) dn_normalize( dn );
+ charray_add( &be->be_suffixAlias, dn );
+
+ dn = strdup( cargv[2] );
+ (void) dn_normalize( dn );
+ charray_add( &be->be_suffixAlias, dn );
+ }
+
/* set magic "root" dn for this database */
} else if ( strcasecmp( cargv[0], "rootdn" ) == 0 ) {
if ( cargc < 2 ) {
diff -ur -x CVS -x Makefile ldap/servers/slapd/delete.c new.ldap/servers/slapd/delete.c
--- ldap/servers/slapd/delete.c Sat Aug 8 15:43:13 1998
+++ new.ldap/servers/slapd/delete.c Wed Oct 14 23:48:25 1998
@@ -17,6 +17,7 @@
#include "slap.h"
extern Backend *select_backend();
+extern char *suffixAlias();
extern char *default_referral;
@@ -61,6 +62,9 @@
default_referral );
return;
}
+
+ /* alias suffix if approp */
+ dn = suffixAlias ( dn, op, be );
/*
* do the delete if 1 && (2 || 3)
diff -ur -x CVS -x Makefile ldap/servers/slapd/modify.c new.ldap/servers/slapd/modify.c
--- ldap/servers/slapd/modify.c Tue Aug 18 16:30:57 1998
+++ new.ldap/servers/slapd/modify.c Wed Oct 14 23:51:59 1998
@@ -147,6 +147,9 @@
return;
}
+ /* alias suffix if approp */
+ dn = suffixAlias ( dn, op, be );
+
/*
* do the modify if 1 && (2 || 3)
* 1) there is a modify function implemented in this backend;
diff -ur -x CVS -x Makefile ldap/servers/slapd/operation.c new.ldap/servers/slapd/operation.c
--- ldap/servers/slapd/operation.c Sat Aug 8 15:43:13 1998
+++ new.ldap/servers/slapd/operation.c Tue Oct 13 13:46:58 1998
@@ -17,6 +17,12 @@
if ( op->o_dn != NULL ) {
free( op->o_dn );
}
+ if ( op->o_suffix != NULL ) {
+ free( op->o_suffix );
+ }
+ if ( op->o_suffixAliased != NULL ) {
+ free( op->o_suffixAliased );
+ }
/* pthread_mutex_destroy( &op->o_abandonmutex ); */
free( (char *) op );
}
diff -ur -x CVS -x Makefile ldap/servers/slapd/result.c new.ldap/servers/slapd/result.c
--- ldap/servers/slapd/result.c Thu Aug 20 21:33:42 1998
+++ new.ldap/servers/slapd/result.c Tue Oct 13 13:46:58 1998
@@ -23,6 +23,7 @@
extern long num_entries_sent;
extern long num_bytes_sent;
extern pthread_mutex_t num_sent_mutex;
+extern char *ch_malloc();
void close_connection();
@@ -196,9 +197,9 @@
{
BerElement *ber;
Attribute *a;
- int i, rc, bytes, sd;
+ int i, rc, bytes, sd, prefixLength;
struct acl *acl;
- char *edn;
+ char *edn, *resultDN;
Debug( LDAP_DEBUG_TRACE, "=> send_search_entry (%s)\n", e->e_dn, 0, 0 );
@@ -211,6 +212,29 @@
edn = dn_normalize_case( strdup( e->e_dn ) );
+ resultDN = strdup( e->e_dn );
+ if (op->o_suffixAliased != NULL) {
+ Debug( LDAP_DEBUG_TRACE, "=> dereferencing suffix alias for (%s)\n", resultDN, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "=> converting (%s) to (%s)\n", op->o_suffix, op->o_suffixAliased, 0 );
+ prefixLength = strlen (resultDN) - strlen (op->o_suffix);
+ if (prefixLength > 0) {
+ if (!strcasecmp(op->o_suffix, resultDN + prefixLength)) {
+ char *newDN;
+ Debug( LDAP_DEBUG_TRACE, "=> match found for (%s)\n", resultDN, 0, 0 );
+ newDN = ch_malloc (prefixLength + strlen(op->o_suffixAliased) + 1);
+ strncpy (newDN, resultDN, prefixLength);
+ strcpy (newDN + prefixLength, op->o_suffixAliased);
+ Debug( LDAP_DEBUG_TRACE, "=> newDN built to be (%s)\n", newDN, 0, 0 );
+ free (resultDN);
+ resultDN = strdup (newDN);
+ }
+ else {
+ Debug( LDAP_DEBUG_TRACE, "=> deref failed for (%s)\n", edn, 0, 0 );
+ }
+ }
+ }
+
+
#ifdef COMPAT30
if ( (ber = ber_alloc_t( conn->c_version == 30 ? 0 : LBER_USE_DER ))
== NULLBER )
@@ -228,12 +252,12 @@
#ifdef COMPAT30
if ( conn->c_version == 30 ) {
rc = ber_printf( ber, "{it{{s{", op->o_msgid,
- LDAP_RES_SEARCH_ENTRY, e->e_dn );
+ LDAP_RES_SEARCH_ENTRY, resultDN );
} else
#endif
{
rc = ber_printf( ber, "{it{s{", op->o_msgid,
- LDAP_RES_SEARCH_ENTRY, e->e_dn );
+ LDAP_RES_SEARCH_ENTRY, resultDN );
}
if ( rc == -1 ) {
@@ -242,6 +266,7 @@
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
"ber_printf dn" );
free(edn);
+ free(resultDN);
return( 1 );
}
@@ -278,6 +303,7 @@
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
NULL, "ber_printf type" );
free(edn);
+ free(resultDN);
return( 1 );
}
@@ -301,6 +327,7 @@
LDAP_OPERATIONS_ERROR, NULL,
"ber_printf value" );
free(edn);
+ free(resultDN);
return( 1 );
}
}
@@ -312,11 +339,13 @@
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
NULL, "ber_printf type end" );
free(edn);
+ free(resultDN);
return( 1 );
}
}
free(edn);
+ free(resultDN);
#ifdef COMPAT30
if ( conn->c_version == 30 ) {
diff -ur -x CVS -x Makefile ldap/servers/slapd/search.c new.ldap/servers/slapd/search.c
--- ldap/servers/slapd/search.c Sat Aug 8 15:43:13 1998
+++ new.ldap/servers/slapd/search.c Wed Oct 14 23:45:15 1998
@@ -19,6 +19,8 @@
extern int get_filter();
extern Backend *select_backend();
+extern char *ch_malloc();
+extern char *suffixAlias();
extern char *default_referral;
@@ -27,7 +29,7 @@
Connection *conn; /* where to send results */
Operation *op; /* info about the op to which we're responding */
{
- int i, err;
+ int i, j, err;
int scope, deref, attrsonly;
int sizelimit, timelimit;
char *base, *fstr;
@@ -161,6 +163,9 @@
return;
}
+ /* translate the base if it matches an aliased base part */
+ base = suffixAlias ( base, op, be );
+
/* actually do the search and send the result(s) */
if ( be->be_search != NULL ) {
(*be->be_search)( be, conn, op, base, scope, deref, sizelimit,
@@ -177,3 +182,4 @@
charray_free( attrs );
}
}
+
diff -ur -x CVS -x Makefile ldap/servers/slapd/slap.h new.ldap/servers/slapd/slap.h
--- ldap/servers/slapd/slap.h Thu Aug 20 21:33:42 1998
+++ new.ldap/servers/slapd/slap.h Tue Oct 13 13:46:58 1998
@@ -172,6 +172,7 @@
typedef struct backend {
char **be_suffix; /* the DN suffixes of data in this backend */
+ char **be_suffixAlias; /* the DN suffix aliases of data in this backend */
char *be_rootdn; /* the magic "root" dn for this db */
char *be_rootpw; /* the magic "root" password for this db */
int be_readonly; /* 1 => db is in "read only" mode */
@@ -215,6 +216,8 @@
unsigned long o_tag; /* tag of the request */
time_t o_time; /* time op was initiated */
char *o_dn; /* dn bound when op was initiated */
+ char *o_suffix; /* suffix if aliased */
+ char *o_suffixAliased; /* pending suffix translation */
int o_authtype; /* auth method used to bind dn */
/* values taken from ldap.h */
/* LDAP_AUTH_* */
Only in new.ldap/servers/slapd: suffixAlias.c