1 /* $NetBSD: back-meta.h,v 1.2 2020/08/11 13:15:40 christos Exp $ */ 2 3 /* $OpenLDAP$ */ 4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1999-2020 The OpenLDAP Foundation. 7 * Portions Copyright 2001-2003 Pierangelo Masarati. 8 * Portions Copyright 1999-2003 Howard Chu. 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted only as authorized by the OpenLDAP 13 * Public License. 14 * 15 * A copy of this license is available in the file LICENSE in the 16 * top-level directory of the distribution or, alternatively, at 17 * <http://www.OpenLDAP.org/license.html>. 18 */ 19 /* ACKNOWLEDGEMENTS: 20 * This work was initially developed by the Howard Chu for inclusion 21 * in OpenLDAP Software and subsequently enhanced by Pierangelo 22 * Masarati. 23 */ 24 25 #ifndef SLAPD_LDAP_H 26 #error "include servers/slapd/back-ldap/back-ldap.h before this file!" 27 #endif /* SLAPD_LDAP_H */ 28 29 #ifndef SLAPD_META_H 30 #define SLAPD_META_H 31 32 #ifdef LDAP_DEVEL 33 #define SLAPD_META_CLIENT_PR 1 34 #endif /* LDAP_DEVEL */ 35 36 #include "proto-meta.h" 37 38 /* String rewrite library */ 39 #include "rewrite.h" 40 41 LDAP_BEGIN_DECL 42 43 /* 44 * Set META_BACK_PRINT_CONNTREE larger than 0 to dump the connection tree (debug only) 45 */ 46 #ifndef META_BACK_PRINT_CONNTREE 47 #define META_BACK_PRINT_CONNTREE 0 48 #endif /* !META_BACK_PRINT_CONNTREE */ 49 50 /* from back-ldap.h before rwm removal */ 51 struct ldapmap { 52 int drop_missing; 53 54 Avlnode *map; 55 Avlnode *remap; 56 }; 57 58 struct ldapmapping { 59 struct berval src; 60 struct berval dst; 61 }; 62 63 struct ldaprwmap { 64 /* 65 * DN rewriting 66 */ 67 #ifdef ENABLE_REWRITE 68 struct rewrite_info *rwm_rw; 69 #else /* !ENABLE_REWRITE */ 70 /* some time the suffix massaging without librewrite 71 * will be disabled */ 72 BerVarray rwm_suffix_massage; 73 #endif /* !ENABLE_REWRITE */ 74 BerVarray rwm_bva_rewrite; 75 76 /* 77 * Attribute/objectClass mapping 78 */ 79 struct ldapmap rwm_oc; 80 struct ldapmap rwm_at; 81 BerVarray rwm_bva_map; 82 }; 83 84 /* Whatever context ldap_back_dn_massage needs... */ 85 typedef struct dncookie { 86 struct metatarget_t *target; 87 88 #ifdef ENABLE_REWRITE 89 Connection *conn; 90 char *ctx; 91 SlapReply *rs; 92 #else 93 int normalized; 94 int tofrom; 95 #endif 96 } dncookie; 97 98 int ldap_back_dn_massage(dncookie *dc, struct berval *dn, 99 struct berval *res); 100 101 extern int ldap_back_conn_cmp( const void *c1, const void *c2); 102 extern int ldap_back_conn_dup( void *c1, void *c2 ); 103 extern void ldap_back_conn_free( void *c ); 104 105 /* attributeType/objectClass mapping */ 106 int mapping_cmp (const void *, const void *); 107 int mapping_dup (void *, void *); 108 109 void ldap_back_map_init ( struct ldapmap *lm, struct ldapmapping ** ); 110 int ldap_back_mapping ( struct ldapmap *map, struct berval *s, 111 struct ldapmapping **m, int remap ); 112 void ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *m, 113 int remap ); 114 #define BACKLDAP_MAP 0 115 #define BACKLDAP_REMAP 1 116 char * 117 ldap_back_map_filter( 118 struct ldapmap *at_map, 119 struct ldapmap *oc_map, 120 struct berval *f, 121 int remap ); 122 123 int 124 ldap_back_map_attrs( 125 Operation *op, 126 struct ldapmap *at_map, 127 AttributeName *a, 128 int remap, 129 char ***mapped_attrs ); 130 131 extern int 132 ldap_back_filter_map_rewrite( 133 dncookie *dc, 134 Filter *f, 135 struct berval *fstr, 136 int remap, 137 void *memctx ); 138 139 /* suffix massaging by means of librewrite */ 140 #ifdef ENABLE_REWRITE 141 extern int 142 suffix_massage_config( struct rewrite_info *info, 143 struct berval *pvnc, 144 struct berval *nvnc, 145 struct berval *prnc, 146 struct berval *nrnc ); 147 #endif /* ENABLE_REWRITE */ 148 extern int 149 ldap_back_referral_result_rewrite( 150 dncookie *dc, 151 BerVarray a_vals, 152 void *memctx ); 153 extern int 154 ldap_dnattr_rewrite( 155 dncookie *dc, 156 BerVarray a_vals ); 157 extern int 158 ldap_dnattr_result_rewrite( 159 dncookie *dc, 160 BerVarray a_vals ); 161 162 /* (end of) from back-ldap.h before rwm removal */ 163 164 /* 165 * A metasingleconn_t can be in the following, mutually exclusive states: 166 * 167 * - none (0x0U) 168 * - creating META_BACK_FCONN_CREATING 169 * - initialized META_BACK_FCONN_INITED 170 * - binding LDAP_BACK_FCONN_BINDING 171 * - bound/anonymous LDAP_BACK_FCONN_ISBOUND/LDAP_BACK_FCONN_ISANON 172 * 173 * possible modifiers are: 174 * 175 * - privileged LDAP_BACK_FCONN_ISPRIV 176 * - privileged, TLS LDAP_BACK_FCONN_ISTLS 177 * - subjected to idassert LDAP_BACK_FCONN_ISIDASR 178 * - tainted LDAP_BACK_FCONN_TAINTED 179 */ 180 181 #define META_BACK_FCONN_INITED (0x00100000U) 182 #define META_BACK_FCONN_CREATING (0x00200000U) 183 184 #define META_BACK_CONN_INITED(lc) LDAP_BACK_CONN_ISSET((lc), META_BACK_FCONN_INITED) 185 #define META_BACK_CONN_INITED_SET(lc) LDAP_BACK_CONN_SET((lc), META_BACK_FCONN_INITED) 186 #define META_BACK_CONN_INITED_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), META_BACK_FCONN_INITED) 187 #define META_BACK_CONN_INITED_CPY(lc, mlc) LDAP_BACK_CONN_CPY((lc), META_BACK_FCONN_INITED, (mlc)) 188 #define META_BACK_CONN_CREATING(lc) LDAP_BACK_CONN_ISSET((lc), META_BACK_FCONN_CREATING) 189 #define META_BACK_CONN_CREATING_SET(lc) LDAP_BACK_CONN_SET((lc), META_BACK_FCONN_CREATING) 190 #define META_BACK_CONN_CREATING_CLEAR(lc) LDAP_BACK_CONN_CLEAR((lc), META_BACK_FCONN_CREATING) 191 #define META_BACK_CONN_CREATING_CPY(lc, mlc) LDAP_BACK_CONN_CPY((lc), META_BACK_FCONN_CREATING, (mlc)) 192 193 struct metainfo_t; 194 195 #define META_NOT_CANDIDATE ((ber_tag_t)0x0) 196 #define META_CANDIDATE ((ber_tag_t)0x1) 197 #define META_BINDING ((ber_tag_t)0x2) 198 #define META_RETRYING ((ber_tag_t)0x4) 199 200 typedef struct metasingleconn_t { 201 #define META_CND_ISSET(rs,f) ( ( (rs)->sr_tag & (f) ) == (f) ) 202 #define META_CND_SET(rs,f) ( (rs)->sr_tag |= (f) ) 203 #define META_CND_CLEAR(rs,f) ( (rs)->sr_tag &= ~(f) ) 204 205 #define META_CANDIDATE_RESET(rs) ( (rs)->sr_tag = 0 ) 206 #define META_IS_CANDIDATE(rs) META_CND_ISSET( (rs), META_CANDIDATE ) 207 #define META_CANDIDATE_SET(rs) META_CND_SET( (rs), META_CANDIDATE ) 208 #define META_CANDIDATE_CLEAR(rs) META_CND_CLEAR( (rs), META_CANDIDATE ) 209 #define META_IS_BINDING(rs) META_CND_ISSET( (rs), META_BINDING ) 210 #define META_BINDING_SET(rs) META_CND_SET( (rs), META_BINDING ) 211 #define META_BINDING_CLEAR(rs) META_CND_CLEAR( (rs), META_BINDING ) 212 #define META_IS_RETRYING(rs) META_CND_ISSET( (rs), META_RETRYING ) 213 #define META_RETRYING_SET(rs) META_CND_SET( (rs), META_RETRYING ) 214 #define META_RETRYING_CLEAR(rs) META_CND_CLEAR( (rs), META_RETRYING ) 215 216 LDAP *msc_ld; 217 time_t msc_time; 218 struct berval msc_bound_ndn; 219 struct berval msc_cred; 220 unsigned msc_mscflags; 221 /* NOTE: lc_lcflags is redefined to msc_mscflags to reuse the macros 222 * defined for back-ldap */ 223 #define lc_lcflags msc_mscflags 224 } metasingleconn_t; 225 226 typedef struct metaconn_t { 227 ldapconn_base_t lc_base; 228 #define mc_base lc_base 229 #define mc_conn mc_base.lcb_conn 230 #define mc_local_ndn mc_base.lcb_local_ndn 231 #define mc_refcnt mc_base.lcb_refcnt 232 #define mc_create_time mc_base.lcb_create_time 233 #define mc_time mc_base.lcb_time 234 235 LDAP_TAILQ_ENTRY(metaconn_t) mc_q; 236 237 /* NOTE: msc_mscflags is used to recycle the #define 238 * in metasingleconn_t */ 239 unsigned msc_mscflags; 240 241 /* 242 * means that the connection is bound; 243 * of course only one target actually is ... 244 */ 245 int mc_authz_target; 246 #define META_BOUND_NONE (-1) 247 #define META_BOUND_ALL (-2) 248 249 struct metainfo_t *mc_info; 250 251 /* supersedes the connection stuff */ 252 metasingleconn_t mc_conns[ 1 ]; 253 /* NOTE: mc_conns must be last, because 254 * the required number of conns is malloc'ed 255 * in one block with the metaconn_t structure */ 256 } metaconn_t; 257 258 typedef enum meta_st_t { 259 #if 0 /* todo */ 260 META_ST_EXACT = LDAP_SCOPE_BASE, 261 #endif 262 META_ST_SUBTREE = LDAP_SCOPE_SUBTREE, 263 META_ST_SUBORDINATE = LDAP_SCOPE_SUBORDINATE, 264 META_ST_REGEX /* last + 1 */ 265 } meta_st_t; 266 267 typedef struct metasubtree_t { 268 meta_st_t ms_type; 269 union { 270 struct berval msu_dn; 271 struct { 272 struct berval msr_regex_pattern; 273 regex_t msr_regex; 274 } msu_regex; 275 } ms_un; 276 #define ms_dn ms_un.msu_dn 277 #define ms_regex ms_un.msu_regex.msr_regex 278 #define ms_regex_pattern ms_un.msu_regex.msr_regex_pattern 279 280 struct metasubtree_t *ms_next; 281 } metasubtree_t; 282 283 typedef struct metafilter_t { 284 struct metafilter_t *mf_next; 285 struct berval mf_regex_pattern; 286 regex_t mf_regex; 287 } metafilter_t; 288 289 typedef struct metacommon_t { 290 int mc_version; 291 int mc_nretries; 292 #define META_RETRY_UNDEFINED (-2) 293 #define META_RETRY_FOREVER (-1) 294 #define META_RETRY_NEVER (0) 295 #define META_RETRY_DEFAULT (10) 296 297 unsigned mc_flags; 298 #define META_BACK_CMN_ISSET(mc,f) ( ( (mc)->mc_flags & (f) ) == (f) ) 299 #define META_BACK_CMN_QUARANTINE(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_QUARANTINE ) 300 #define META_BACK_CMN_CHASE_REFERRALS(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_CHASE_REFERRALS ) 301 #define META_BACK_CMN_NOREFS(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_NOREFS ) 302 #define META_BACK_CMN_NOUNDEFFILTER(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_NOUNDEFFILTER ) 303 #define META_BACK_CMN_SAVECRED(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_SAVECRED ) 304 #define META_BACK_CMN_ST_REQUEST(mc) META_BACK_CMN_ISSET( (mc), LDAP_BACK_F_ST_REQUEST ) 305 306 #ifdef SLAPD_META_CLIENT_PR 307 /* 308 * client-side paged results: 309 * -1: accept unsolicited paged results responses 310 * 0: off 311 * >0: always request paged results with size == mt_ps 312 */ 313 #define META_CLIENT_PR_DISABLE (0) 314 #define META_CLIENT_PR_ACCEPT_UNSOLICITED (-1) 315 ber_int_t mc_ps; 316 #endif /* SLAPD_META_CLIENT_PR */ 317 318 slap_retry_info_t mc_quarantine; 319 time_t mc_network_timeout; 320 struct timeval mc_bind_timeout; 321 #define META_BIND_TIMEOUT LDAP_BACK_RESULT_UTIMEOUT 322 time_t mc_timeout[ SLAP_OP_LAST ]; 323 } metacommon_t; 324 325 typedef struct metatarget_t { 326 char *mt_uri; 327 ldap_pvt_thread_mutex_t mt_uri_mutex; 328 329 /* TODO: we might want to enable different strategies 330 * for different targets */ 331 LDAP_REBIND_PROC *mt_rebind_f; 332 LDAP_URLLIST_PROC *mt_urllist_f; 333 void *mt_urllist_p; 334 335 metafilter_t *mt_filter; 336 metasubtree_t *mt_subtree; 337 /* F: subtree-include; T: subtree-exclude */ 338 int mt_subtree_exclude; 339 340 int mt_scope; 341 342 struct berval mt_psuffix; /* pretty suffix */ 343 struct berval mt_nsuffix; /* normalized suffix */ 344 345 struct berval mt_binddn; 346 struct berval mt_bindpw; 347 348 /* we only care about the TLS options here */ 349 slap_bindconf mt_tls; 350 351 slap_idassert_t mt_idassert; 352 #define mt_idassert_mode mt_idassert.si_mode 353 #define mt_idassert_authcID mt_idassert.si_bc.sb_authcId 354 #define mt_idassert_authcDN mt_idassert.si_bc.sb_binddn 355 #define mt_idassert_passwd mt_idassert.si_bc.sb_cred 356 #define mt_idassert_authzID mt_idassert.si_bc.sb_authzId 357 #define mt_idassert_authmethod mt_idassert.si_bc.sb_method 358 #define mt_idassert_sasl_mech mt_idassert.si_bc.sb_saslmech 359 #define mt_idassert_sasl_realm mt_idassert.si_bc.sb_realm 360 #define mt_idassert_secprops mt_idassert.si_bc.sb_secprops 361 #define mt_idassert_tls mt_idassert.si_bc.sb_tls 362 #define mt_idassert_flags mt_idassert.si_flags 363 #define mt_idassert_authz mt_idassert.si_authz 364 365 struct ldaprwmap mt_rwmap; 366 367 sig_atomic_t mt_isquarantined; 368 ldap_pvt_thread_mutex_t mt_quarantine_mutex; 369 370 metacommon_t mt_mc; 371 #define mt_nretries mt_mc.mc_nretries 372 #define mt_flags mt_mc.mc_flags 373 #define mt_version mt_mc.mc_version 374 #define mt_ps mt_mc.mc_ps 375 #define mt_network_timeout mt_mc.mc_network_timeout 376 #define mt_bind_timeout mt_mc.mc_bind_timeout 377 #define mt_timeout mt_mc.mc_timeout 378 #define mt_quarantine mt_mc.mc_quarantine 379 380 #define META_BACK_TGT_ISSET(mt,f) ( ( (mt)->mt_flags & (f) ) == (f) ) 381 #define META_BACK_TGT_ISMASK(mt,m,f) ( ( (mt)->mt_flags & (m) ) == (f) ) 382 383 #define META_BACK_TGT_SAVECRED(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_SAVECRED ) 384 385 #define META_BACK_TGT_USE_TLS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_USE_TLS ) 386 #define META_BACK_TGT_PROPAGATE_TLS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_PROPAGATE_TLS ) 387 #define META_BACK_TGT_TLS_CRITICAL(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_TLS_CRITICAL ) 388 389 #define META_BACK_TGT_CHASE_REFERRALS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_CHASE_REFERRALS ) 390 391 #define META_BACK_TGT_T_F(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_T_F_MASK, LDAP_BACK_F_T_F ) 392 #define META_BACK_TGT_T_F_DISCOVER(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_T_F_MASK2, LDAP_BACK_F_T_F_DISCOVER ) 393 394 #define META_BACK_TGT_ABANDON(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_CANCEL_MASK, LDAP_BACK_F_CANCEL_ABANDON ) 395 #define META_BACK_TGT_IGNORE(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_CANCEL_MASK, LDAP_BACK_F_CANCEL_IGNORE ) 396 #define META_BACK_TGT_CANCEL(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_CANCEL_MASK, LDAP_BACK_F_CANCEL_EXOP ) 397 #define META_BACK_TGT_CANCEL_DISCOVER(mt) META_BACK_TGT_ISMASK( (mt), LDAP_BACK_F_CANCEL_MASK2, LDAP_BACK_F_CANCEL_EXOP_DISCOVER ) 398 #define META_BACK_TGT_QUARANTINE(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_QUARANTINE ) 399 400 #ifdef SLAP_CONTROL_X_SESSION_TRACKING 401 #define META_BACK_TGT_ST_REQUEST(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_ST_REQUEST ) 402 #define META_BACK_TGT_ST_RESPONSE(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_ST_RESPONSE ) 403 #endif /* SLAP_CONTROL_X_SESSION_TRACKING */ 404 405 #define META_BACK_TGT_NOREFS(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOREFS ) 406 #define META_BACK_TGT_NOUNDEFFILTER(mt) META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOUNDEFFILTER ) 407 408 slap_mask_t mt_rep_flags; 409 410 } metatarget_t; 411 412 typedef struct metadncache_t { 413 ldap_pvt_thread_mutex_t mutex; 414 Avlnode *tree; 415 416 #define META_DNCACHE_DISABLED (0) 417 #define META_DNCACHE_FOREVER ((time_t)(-1)) 418 time_t ttl; /* seconds; 0: no cache, -1: no expiry */ 419 } metadncache_t; 420 421 typedef struct metacandidates_t { 422 int mc_ntargets; 423 SlapReply *mc_candidates; 424 } metacandidates_t; 425 426 /* 427 * Hook to allow mucking with metainfo_t/metatarget_t when quarantine is over 428 */ 429 typedef int (*meta_back_quarantine_f)( struct metainfo_t *, int target, void * ); 430 431 typedef struct metainfo_t { 432 int mi_ntargets; 433 int mi_defaulttarget; 434 #define META_DEFAULT_TARGET_NONE (-1) 435 436 #define mi_nretries mi_mc.mc_nretries 437 #define mi_flags mi_mc.mc_flags 438 #define mi_version mi_mc.mc_version 439 #define mi_ps mi_mc.mc_ps 440 #define mi_network_timeout mi_mc.mc_network_timeout 441 #define mi_bind_timeout mi_mc.mc_bind_timeout 442 #define mi_timeout mi_mc.mc_timeout 443 #define mi_quarantine mi_mc.mc_quarantine 444 445 metatarget_t **mi_targets; 446 metacandidates_t *mi_candidates; 447 448 LDAP_REBIND_PROC *mi_rebind_f; 449 LDAP_URLLIST_PROC *mi_urllist_f; 450 451 metadncache_t mi_cache; 452 453 /* cached connections; 454 * special conns are in tailq rather than in tree */ 455 ldap_avl_info_t mi_conninfo; 456 struct { 457 int mic_num; 458 LDAP_TAILQ_HEAD(mc_conn_priv_q, metaconn_t) mic_priv; 459 } mi_conn_priv[ LDAP_BACK_PCONN_LAST ]; 460 int mi_conn_priv_max; 461 462 /* NOTE: quarantine uses the connection mutex */ 463 meta_back_quarantine_f mi_quarantine_f; 464 void *mi_quarantine_p; 465 466 #define li_flags mi_flags 467 /* uses flags as defined in <back-ldap/back-ldap.h> */ 468 #define META_BACK_F_ONERR_STOP LDAP_BACK_F_ONERR_STOP 469 #define META_BACK_F_ONERR_REPORT (0x02000000U) 470 #define META_BACK_F_ONERR_MASK (META_BACK_F_ONERR_STOP|META_BACK_F_ONERR_REPORT) 471 #define META_BACK_F_DEFER_ROOTDN_BIND (0x04000000U) 472 #define META_BACK_F_PROXYAUTHZ_ALWAYS (0x08000000U) /* users always proxyauthz */ 473 #define META_BACK_F_PROXYAUTHZ_ANON (0x10000000U) /* anonymous always proxyauthz */ 474 #define META_BACK_F_PROXYAUTHZ_NOANON (0x20000000U) /* anonymous remains anonymous */ 475 476 #define META_BACK_ONERR_STOP(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_ONERR_STOP ) 477 #define META_BACK_ONERR_REPORT(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_ONERR_REPORT ) 478 #define META_BACK_ONERR_CONTINUE(mi) ( !LDAP_BACK_ISSET( (mi), META_BACK_F_ONERR_MASK ) ) 479 480 #define META_BACK_DEFER_ROOTDN_BIND(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_DEFER_ROOTDN_BIND ) 481 #define META_BACK_PROXYAUTHZ_ALWAYS(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_PROXYAUTHZ_ALWAYS ) 482 #define META_BACK_PROXYAUTHZ_ANON(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_PROXYAUTHZ_ANON ) 483 #define META_BACK_PROXYAUTHZ_NOANON(mi) LDAP_BACK_ISSET( (mi), META_BACK_F_PROXYAUTHZ_NOANON ) 484 485 #define META_BACK_QUARANTINE(mi) LDAP_BACK_ISSET( (mi), LDAP_BACK_F_QUARANTINE ) 486 487 time_t mi_conn_ttl; 488 time_t mi_idle_timeout; 489 490 metacommon_t mi_mc; 491 ldap_extra_t *mi_ldap_extra; 492 493 } metainfo_t; 494 495 typedef enum meta_op_type { 496 META_OP_ALLOW_MULTIPLE = 0, 497 META_OP_REQUIRE_SINGLE, 498 META_OP_REQUIRE_ALL 499 } meta_op_type; 500 501 SlapReply * 502 meta_back_candidates_get( Operation *op ); 503 504 extern metaconn_t * 505 meta_back_getconn( 506 Operation *op, 507 SlapReply *rs, 508 int *candidate, 509 ldap_back_send_t sendok ); 510 511 extern void 512 meta_back_release_conn_lock( 513 metainfo_t *mi, 514 metaconn_t *mc, 515 int dolock ); 516 #define meta_back_release_conn(mi, mc) meta_back_release_conn_lock( (mi), (mc), 1 ) 517 518 extern int 519 meta_back_retry( 520 Operation *op, 521 SlapReply *rs, 522 metaconn_t **mcp, 523 int candidate, 524 ldap_back_send_t sendok ); 525 526 extern void 527 meta_back_conn_free( 528 void *v_mc ); 529 530 #if META_BACK_PRINT_CONNTREE > 0 531 extern void 532 meta_back_print_conntree( 533 metainfo_t *mi, 534 char *msg ); 535 #endif 536 537 extern int 538 meta_back_init_one_conn( 539 Operation *op, 540 SlapReply *rs, 541 metaconn_t *mc, 542 int candidate, 543 int ispriv, 544 ldap_back_send_t sendok, 545 int dolock ); 546 547 extern void 548 meta_back_quarantine( 549 Operation *op, 550 SlapReply *rs, 551 int candidate ); 552 553 extern int 554 meta_back_dobind( 555 Operation *op, 556 SlapReply *rs, 557 metaconn_t *mc, 558 ldap_back_send_t sendok ); 559 560 extern int 561 meta_back_single_dobind( 562 Operation *op, 563 SlapReply *rs, 564 metaconn_t **mcp, 565 int candidate, 566 ldap_back_send_t sendok, 567 int retries, 568 int dolock ); 569 570 extern int 571 meta_back_proxy_authz_cred( 572 metaconn_t *mc, 573 int candidate, 574 Operation *op, 575 SlapReply *rs, 576 ldap_back_send_t sendok, 577 struct berval *binddn, 578 struct berval *bindcred, 579 int *method ); 580 581 extern int 582 meta_back_cancel( 583 metaconn_t *mc, 584 Operation *op, 585 SlapReply *rs, 586 ber_int_t msgid, 587 int candidate, 588 ldap_back_send_t sendok ); 589 590 extern int 591 meta_back_op_result( 592 metaconn_t *mc, 593 Operation *op, 594 SlapReply *rs, 595 int candidate, 596 ber_int_t msgid, 597 time_t timeout, 598 ldap_back_send_t sendok ); 599 600 extern int 601 meta_back_controls_add( 602 Operation *op, 603 SlapReply *rs, 604 metaconn_t *mc, 605 int candidate, 606 LDAPControl ***pctrls ); 607 608 extern int 609 back_meta_LTX_init_module( 610 int argc, 611 char *argv[] ); 612 613 extern int 614 meta_back_conn_cmp( 615 const void *c1, 616 const void *c2 ); 617 618 extern int 619 meta_back_conndn_cmp( 620 const void *c1, 621 const void *c2 ); 622 623 extern int 624 meta_back_conndn_dup( 625 void *c1, 626 void *c2 ); 627 628 /* 629 * Candidate stuff 630 */ 631 extern int 632 meta_back_is_candidate( 633 metatarget_t *mt, 634 struct berval *ndn, 635 int scope ); 636 637 extern int 638 meta_back_select_unique_candidate( 639 metainfo_t *mi, 640 struct berval *ndn ); 641 642 extern int 643 meta_clear_unused_candidates( 644 Operation *op, 645 int candidate ); 646 647 extern int 648 meta_clear_one_candidate( 649 Operation *op, 650 metaconn_t *mc, 651 int candidate ); 652 653 /* 654 * Dn cache stuff (experimental) 655 */ 656 extern int 657 meta_dncache_cmp( 658 const void *c1, 659 const void *c2 ); 660 661 extern int 662 meta_dncache_dup( 663 void *c1, 664 void *c2 ); 665 666 #define META_TARGET_NONE (-1) 667 #define META_TARGET_MULTIPLE (-2) 668 extern int 669 meta_dncache_get_target( 670 metadncache_t *cache, 671 struct berval *ndn ); 672 673 extern int 674 meta_dncache_update_entry( 675 metadncache_t *cache, 676 struct berval *ndn, 677 int target ); 678 679 extern int 680 meta_dncache_delete_entry( 681 metadncache_t *cache, 682 struct berval *ndn ); 683 684 extern void 685 meta_dncache_free( void *entry ); 686 687 extern void 688 meta_back_map_free( struct ldapmap *lm ); 689 690 extern int 691 meta_subtree_destroy( metasubtree_t *ms ); 692 693 extern void 694 meta_filter_destroy( metafilter_t *mf ); 695 696 extern int 697 meta_target_finish( metainfo_t *mi, metatarget_t *mt, 698 const char *log, char *msg, size_t msize 699 ); 700 701 extern LDAP_REBIND_PROC meta_back_default_rebind; 702 extern LDAP_URLLIST_PROC meta_back_default_urllist; 703 704 LDAP_END_DECL 705 706 #endif /* SLAPD_META_H */ 707 708