1 /* $NetBSD: collect.c,v 1.1.1.4 2014/05/28 09:58:51 tron Exp $ */ 2 3 /* collect.c - Demonstration of overlay code */ 4 /* $OpenLDAP$ */ 5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 6 * 7 * Copyright 2003-2014 The OpenLDAP Foundation. 8 * Portions Copyright 2003 Howard Chu. 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted only as authorized by the OpenLDAP 13 * Public License. 14 * 15 * A copy of this license is available in the file LICENSE in the 16 * top-level directory of the distribution or, alternatively, at 17 * <http://www.OpenLDAP.org/license.html>. 18 */ 19 /* ACKNOWLEDGEMENTS: 20 * This work was initially developed by the Howard Chu for inclusion 21 * in OpenLDAP Software. 22 */ 23 24 #include "portable.h" 25 26 #ifdef SLAPD_OVER_COLLECT 27 28 #include <stdio.h> 29 30 #include <ac/string.h> 31 #include <ac/socket.h> 32 33 #include "slap.h" 34 #include "config.h" 35 36 #include "lutil.h" 37 38 /* This is a cheap hack to implement a collective attribute. 39 * 40 * This demonstration overlay looks for a specified attribute in an 41 * ancestor of a given entry and adds that attribute to the given 42 * entry when it is returned in a search response. It takes no effect 43 * for any other operations. If the ancestor does not exist, there 44 * is no effect. If no attribute was configured, there is no effect. 45 */ 46 47 typedef struct collect_info { 48 struct collect_info *ci_next; 49 struct berval ci_dn; 50 int ci_ad_num; 51 AttributeDescription *ci_ad[1]; 52 } collect_info; 53 54 static int collect_cf( ConfigArgs *c ); 55 56 static ConfigTable collectcfg[] = { 57 { "collectinfo", "dn> <attribute", 3, 3, 0, 58 ARG_MAGIC, collect_cf, 59 "( OLcfgOvAt:19.1 NAME 'olcCollectInfo' " 60 "DESC 'DN of entry and attribute to distribute' " 61 "EQUALITY caseIgnoreMatch " 62 "SYNTAX OMsDirectoryString )", NULL, NULL }, 63 { NULL, NULL, 0, 0, 0, ARG_IGNORED } 64 }; 65 66 static ConfigOCs collectocs[] = { 67 { "( OLcfgOvOc:19.1 " 68 "NAME 'olcCollectConfig' " 69 "DESC 'Collective Attribute configuration' " 70 "SUP olcOverlayConfig " 71 "MAY olcCollectInfo )", 72 Cft_Overlay, collectcfg }, 73 { NULL, 0, NULL } 74 }; 75 76 /* 77 * inserts a collect_info into on->on_bi.bi_private taking into account 78 * order. this means longer dn's (i.e. more specific dn's) will be found 79 * first when searching, allowing some limited overlap of dn's 80 */ 81 static void 82 insert_ordered( slap_overinst *on, collect_info *ci ) { 83 collect_info *find = on->on_bi.bi_private; 84 collect_info *prev = NULL; 85 int found = 0; 86 87 while (!found) { 88 if (find == NULL) { 89 if (prev == NULL) { 90 /* base case - empty list */ 91 on->on_bi.bi_private = ci; 92 ci->ci_next = NULL; 93 } else { 94 /* final case - end of list */ 95 prev->ci_next = ci; 96 ci->ci_next = NULL; 97 } 98 found = 1; 99 } else if (find->ci_dn.bv_len < ci->ci_dn.bv_len) { 100 /* insert into list here */ 101 if (prev == NULL) { 102 /* entry is head of list */ 103 ci->ci_next = on->on_bi.bi_private; 104 on->on_bi.bi_private = ci; 105 } else { 106 /* entry is not head of list */ 107 prev->ci_next = ci; 108 ci->ci_next = find; 109 } 110 found = 1; 111 } else { 112 /* keep looking */ 113 prev = find; 114 find = find->ci_next; 115 } 116 } 117 } 118 119 static int 120 collect_cf( ConfigArgs *c ) 121 { 122 slap_overinst *on = (slap_overinst *)c->bi; 123 int rc = 1, idx; 124 125 switch( c->op ) { 126 case SLAP_CONFIG_EMIT: 127 { 128 collect_info *ci; 129 for ( ci = on->on_bi.bi_private; ci; ci = ci->ci_next ) { 130 struct berval bv; 131 char *ptr; 132 int len; 133 134 /* calculate the length & malloc memory */ 135 bv.bv_len = ci->ci_dn.bv_len + STRLENOF("\"\" "); 136 for (idx=0; idx<ci->ci_ad_num; idx++) { 137 bv.bv_len += ci->ci_ad[idx]->ad_cname.bv_len; 138 if (idx<(ci->ci_ad_num-1)) { 139 bv.bv_len++; 140 } 141 } 142 bv.bv_val = ch_malloc( bv.bv_len + 1 ); 143 144 /* copy the value and update len */ 145 len = snprintf( bv.bv_val, bv.bv_len + 1, "\"%s\" ", 146 ci->ci_dn.bv_val); 147 ptr = bv.bv_val + len; 148 for (idx=0; idx<ci->ci_ad_num; idx++) { 149 ptr = lutil_strncopy( ptr, 150 ci->ci_ad[idx]->ad_cname.bv_val, 151 ci->ci_ad[idx]->ad_cname.bv_len); 152 if (idx<(ci->ci_ad_num-1)) { 153 *ptr++ = ','; 154 } 155 } 156 *ptr = '\0'; 157 bv.bv_len = ptr - bv.bv_val; 158 159 ber_bvarray_add( &c->rvalue_vals, &bv ); 160 rc = 0; 161 } 162 } 163 break; 164 case LDAP_MOD_DELETE: 165 if ( c->valx == -1 ) { 166 /* Delete entire attribute */ 167 collect_info *ci; 168 while (( ci = on->on_bi.bi_private )) { 169 on->on_bi.bi_private = ci->ci_next; 170 ch_free( ci->ci_dn.bv_val ); 171 ch_free( ci ); 172 } 173 } else { 174 /* Delete just one value */ 175 collect_info **cip, *ci; 176 int i; 177 cip = (collect_info **)&on->on_bi.bi_private; 178 ci = *cip; 179 for ( i=0; i < c->valx; i++ ) { 180 cip = &ci->ci_next; 181 ci = *cip; 182 } 183 *cip = ci->ci_next; 184 ch_free( ci->ci_dn.bv_val ); 185 ch_free( ci ); 186 } 187 rc = 0; 188 break; 189 case SLAP_CONFIG_ADD: 190 case LDAP_MOD_ADD: 191 { 192 collect_info *ci; 193 struct berval bv, dn; 194 const char *text; 195 int idx, count=0; 196 char *arg; 197 198 /* count delimiters in attribute argument */ 199 arg = strtok(c->argv[2], ","); 200 while (arg!=NULL) { 201 count++; 202 arg = strtok(NULL, ","); 203 } 204 205 /* validate and normalize dn */ 206 ber_str2bv( c->argv[1], 0, 0, &bv ); 207 if ( dnNormalize( 0, NULL, NULL, &bv, &dn, NULL ) ) { 208 snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s invalid DN: \"%s\"", 209 c->argv[0], c->argv[1] ); 210 Debug( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 211 "%s: %s\n", c->log, c->cr_msg, 0 ); 212 return ARG_BAD_CONF; 213 } 214 215 /* check for duplicate DNs */ 216 for ( ci = (collect_info *)on->on_bi.bi_private; ci; 217 ci = ci->ci_next ) { 218 /* If new DN is longest, there are no possible matches */ 219 if ( dn.bv_len > ci->ci_dn.bv_len ) { 220 ci = NULL; 221 break; 222 } 223 if ( bvmatch( &dn, &ci->ci_dn )) { 224 break; 225 } 226 } 227 if ( ci ) { 228 snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s DN already configured: \"%s\"", 229 c->argv[0], c->argv[1] ); 230 Debug( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 231 "%s: %s\n", c->log, c->cr_msg, 0 ); 232 return ARG_BAD_CONF; 233 } 234 235 /* allocate config info with room for attribute array */ 236 ci = ch_malloc( sizeof( collect_info ) + 237 sizeof( AttributeDescription * ) * count ); 238 239 /* load attribute description for attribute list */ 240 arg = c->argv[2]; 241 for( idx=0; idx<count; idx++) { 242 ci->ci_ad[idx] = NULL; 243 244 if ( slap_str2ad( arg, &ci->ci_ad[idx], &text ) ) { 245 snprintf( c->cr_msg, sizeof( c->cr_msg ), 246 "%s attribute description unknown: \"%s\"", 247 c->argv[0], arg); 248 Debug( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, 249 "%s: %s\n", c->log, c->cr_msg, 0 ); 250 ch_free( ci ); 251 return ARG_BAD_CONF; 252 } 253 while(*arg!='\0') { 254 arg++; /* skip to end of argument */ 255 } 256 if (idx<count-1) { 257 arg++; /* skip inner delimiters */ 258 } 259 } 260 261 /* The on->on_bi.bi_private pointer can be used for 262 * anything this instance of the overlay needs. 263 */ 264 ci->ci_ad[count] = NULL; 265 ci->ci_ad_num = count; 266 ci->ci_dn = dn; 267 268 /* creates list of ci's ordered by dn length */ 269 insert_ordered ( on, ci ); 270 271 /* New ci wasn't simply appended to end, adjust its 272 * position in the config entry's a_vals 273 */ 274 if ( c->ca_entry && ci->ci_next ) { 275 Attribute *a = attr_find( c->ca_entry->e_attrs, 276 collectcfg[0].ad ); 277 if ( a ) { 278 struct berval bv, nbv; 279 collect_info *c2 = (collect_info *)on->on_bi.bi_private; 280 int i, j; 281 for ( i=0; c2 != ci; i++, c2 = c2->ci_next ); 282 bv = a->a_vals[a->a_numvals-1]; 283 nbv = a->a_nvals[a->a_numvals-1]; 284 for ( j=a->a_numvals-1; j>i; j-- ) { 285 a->a_vals[j] = a->a_vals[j-1]; 286 a->a_nvals[j] = a->a_nvals[j-1]; 287 } 288 a->a_vals[j] = bv; 289 a->a_nvals[j] = nbv; 290 } 291 } 292 293 rc = 0; 294 } 295 } 296 return rc; 297 } 298 299 static int 300 collect_destroy( 301 BackendDB *be, 302 ConfigReply *cr 303 ) 304 { 305 slap_overinst *on = (slap_overinst *)be->bd_info; 306 collect_info *ci; 307 308 while (( ci = on->on_bi.bi_private )) { 309 on->on_bi.bi_private = ci->ci_next; 310 ch_free( ci->ci_dn.bv_val ); 311 ch_free( ci ); 312 } 313 return 0; 314 } 315 316 static int 317 collect_modify( Operation *op, SlapReply *rs) 318 { 319 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 320 collect_info *ci = on->on_bi.bi_private; 321 Modifications *ml; 322 char errMsg[100]; 323 int idx; 324 325 for ( ml = op->orm_modlist; ml != NULL; ml = ml->sml_next) { 326 for (; ci; ci=ci->ci_next ) { 327 /* Is this entry an ancestor of this collectinfo ? */ 328 if (!dnIsSuffix(&op->o_req_ndn, &ci->ci_dn)) { 329 /* this collectinfo does not match */ 330 continue; 331 } 332 333 /* Is this entry the same as the template DN ? */ 334 if ( dn_match(&op->o_req_ndn, &ci->ci_dn)) { 335 /* all changes in this ci are allowed */ 336 continue; 337 } 338 339 /* check for collect attributes - disallow modify if present */ 340 for(idx=0; idx<ci->ci_ad_num; idx++) { 341 if (ml->sml_desc == ci->ci_ad[idx]) { 342 rs->sr_err = LDAP_UNWILLING_TO_PERFORM; 343 snprintf( errMsg, sizeof( errMsg ), 344 "cannot change virtual attribute '%s'", 345 ci->ci_ad[idx]->ad_cname.bv_val); 346 rs->sr_text = errMsg; 347 send_ldap_result( op, rs ); 348 return rs->sr_err; 349 } 350 } 351 } 352 353 } 354 355 return SLAP_CB_CONTINUE; 356 } 357 358 static int 359 collect_response( Operation *op, SlapReply *rs ) 360 { 361 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; 362 collect_info *ci = on->on_bi.bi_private; 363 364 /* If we've been configured and the current response is 365 * a search entry 366 */ 367 if ( ci && rs->sr_type == REP_SEARCH ) { 368 int rc; 369 370 op->o_bd->bd_info = (BackendInfo *)on->on_info; 371 372 for (; ci; ci=ci->ci_next ) { 373 int idx=0; 374 375 /* Is this entry an ancestor of this collectinfo ? */ 376 if (!dnIsSuffix(&rs->sr_entry->e_nname, &ci->ci_dn)) { 377 /* collectinfo does not match */ 378 continue; 379 } 380 381 /* Is this entry the same as the template DN ? */ 382 if ( dn_match(&rs->sr_entry->e_nname, &ci->ci_dn)) { 383 /* dont apply change to parent */ 384 continue; 385 } 386 387 /* The current entry may live in a cache, so 388 * don't modify it directly. Make a copy and 389 * work with that instead. 390 */ 391 rs_entry2modifiable( op, rs, on ); 392 393 /* Loop for each attribute in this collectinfo */ 394 for(idx=0; idx<ci->ci_ad_num; idx++) { 395 BerVarray vals = NULL; 396 397 /* Extract the values of the desired attribute from 398 * the ancestor entry */ 399 rc = backend_attribute( op, NULL, &ci->ci_dn, 400 ci->ci_ad[idx], &vals, ACL_READ ); 401 402 /* If there are any values, merge them into the 403 * current search result 404 */ 405 if ( vals ) { 406 attr_merge( rs->sr_entry, ci->ci_ad[idx], 407 vals, NULL ); 408 ber_bvarray_free_x( vals, op->o_tmpmemctx ); 409 } 410 } 411 } 412 } 413 414 /* Default is to just fall through to the normal processing */ 415 return SLAP_CB_CONTINUE; 416 } 417 418 static slap_overinst collect; 419 420 int collect_initialize() { 421 int code; 422 423 collect.on_bi.bi_type = "collect"; 424 collect.on_bi.bi_db_destroy = collect_destroy; 425 collect.on_bi.bi_op_modify = collect_modify; 426 collect.on_response = collect_response; 427 428 collect.on_bi.bi_cf_ocs = collectocs; 429 code = config_register_schema( collectcfg, collectocs ); 430 if ( code ) return code; 431 432 return overlay_register( &collect ); 433 } 434 435 #if SLAPD_OVER_COLLECT == SLAPD_MOD_DYNAMIC 436 int init_module(int argc, char *argv[]) { 437 return collect_initialize(); 438 } 439 #endif 440 441 #endif /* SLAPD_OVER_COLLECT */ 442