summaryrefslogtreecommitdiffstats
path: root/contrib/slapd-modules/allop
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:11:40 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:11:40 +0000
commit7731832751ab9f3c6ddeb66f186d3d7fa1934a6d (patch)
treee91015872543a59be2aad26c2fea02e41b57005d /contrib/slapd-modules/allop
parentInitial commit. (diff)
downloadopenldap-upstream.tar.xz
openldap-upstream.zip
Adding upstream version 2.4.57+dfsg.upstream/2.4.57+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/slapd-modules/allop')
-rw-r--r--contrib/slapd-modules/allop/Makefile46
-rw-r--r--contrib/slapd-modules/allop/README26
-rw-r--r--contrib/slapd-modules/allop/allop.c261
-rw-r--r--contrib/slapd-modules/allop/slapo-allop.563
4 files changed, 396 insertions, 0 deletions
diff --git a/contrib/slapd-modules/allop/Makefile b/contrib/slapd-modules/allop/Makefile
new file mode 100644
index 0000000..1af134c
--- /dev/null
+++ b/contrib/slapd-modules/allop/Makefile
@@ -0,0 +1,46 @@
+# $OpenLDAP$
+
+LDAP_SRC = ../../..
+LDAP_BUILD = $(LDAP_SRC)
+LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd
+LDAP_LIB = $(LDAP_BUILD)/libraries/libldap_r/libldap_r.la \
+ $(LDAP_BUILD)/libraries/liblber/liblber.la
+
+LIBTOOL = $(LDAP_BUILD)/libtool
+CC = gcc
+OPT = -g -O2 -Wall
+DEFS =
+INCS = $(LDAP_INC)
+LIBS = $(LDAP_LIB)
+
+PROGRAMS = allop.la
+LTVER = 0:0:0
+
+prefix=/usr/local
+exec_prefix=$(prefix)
+ldap_subdir=/openldap
+
+libdir=$(exec_prefix)/lib
+libexecdir=$(exec_prefix)/libexec
+moduledir = $(libexecdir)$(ldap_subdir)
+
+.SUFFIXES: .c .o .lo
+
+.c.lo:
+ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+
+all: $(PROGRAMS)
+
+allop.la: allop.lo
+ $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+clean:
+ rm -rf *.o *.lo *.la .libs
+
+install: $(PROGRAMS)
+ mkdir -p $(DESTDIR)$(moduledir)
+ for p in $(PROGRAMS) ; do \
+ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \
+ done
+
diff --git a/contrib/slapd-modules/allop/README b/contrib/slapd-modules/allop/README
new file mode 100644
index 0000000..6809d34
--- /dev/null
+++ b/contrib/slapd-modules/allop/README
@@ -0,0 +1,26 @@
+This directory contains a slapd overlay, allop.
+The intended usage is as a global overlay for use with those clients
+that do not make use of the RFC3673 allOp ("+") in the requested
+attribute list, but expect all operational attributes to be returned.
+Usage: add to slapd.conf(5)
+
+moduleload path/to/allop.so
+
+overlay allop
+allop-URI <ldapURI>
+
+if the allop-URI is not given, the rootDSE, i.e. "ldap:///??base",
+is assumed.
+
+Use Makefile to compile this plugin or use a command line similar to:
+
+gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
+ -o allop.so allop.c
+
+---
+Copyright 2004-2021 The OpenLDAP Foundation. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted only as authorized by the OpenLDAP
+Public License.
+
diff --git a/contrib/slapd-modules/allop/allop.c b/contrib/slapd-modules/allop/allop.c
new file mode 100644
index 0000000..fc7d0f6
--- /dev/null
+++ b/contrib/slapd-modules/allop/allop.c
@@ -0,0 +1,261 @@
+/* allop.c - returns all operational attributes when appropriate */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2005-2021 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Pierangelo Masarati for inclusion in
+ * OpenLDAP Software.
+ */
+
+/*
+ * The intended usage is as a global overlay for use with those clients
+ * that do not make use of the RFC3673 allOp ("+") in the requested
+ * attribute list, but expect all operational attributes to be returned.
+ * Usage: add
+ *
+
+overlay allop
+allop-URI <ldapURI>
+
+ *
+ * if the allop-URI is not given, the rootDSE, i.e. "ldap:///??base",
+ * is assumed.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+#include <ac/string.h>
+
+#include "slap.h"
+#include "config.h"
+
+#define SLAP_OVER_VERSION_REQUIRE(major,minor,patch) \
+ ( \
+ ( LDAP_VENDOR_VERSION_MAJOR == X || LDAP_VENDOR_VERSION_MAJOR >= (major) ) \
+ && ( LDAP_VENDOR_VERSION_MINOR == X || LDAP_VENDOR_VERSION_MINOR >= (minor) ) \
+ && ( LDAP_VENDOR_VERSION_PATCH == X || LDAP_VENDOR_VERSION_PATCH >= (patch) ) \
+ )
+
+#if !SLAP_OVER_VERSION_REQUIRE(2,3,0)
+#error "version mismatch"
+#endif
+
+typedef struct allop_t {
+ struct berval ao_ndn;
+ int ao_scope;
+} allop_t;
+
+static int
+allop_db_config(
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ allop_t *ao = (allop_t *)on->on_bi.bi_private;
+
+ if ( strcasecmp( argv[ 0 ], "allop-uri" ) == 0 ) {
+ LDAPURLDesc *lud;
+ struct berval dn,
+ ndn;
+ int scope,
+ rc = LDAP_SUCCESS;
+
+ if ( argc != 2 ) {
+ fprintf( stderr, "%s line %d: "
+ "need exactly 1 arg "
+ "in \"allop-uri <ldapURI>\" "
+ "directive.\n",
+ fname, lineno );
+ return 1;
+ }
+
+ if ( ldap_url_parse( argv[ 1 ], &lud ) != LDAP_URL_SUCCESS ) {
+ return -1;
+ }
+
+ scope = lud->lud_scope;
+ if ( scope == LDAP_SCOPE_DEFAULT ) {
+ scope = LDAP_SCOPE_BASE;
+ }
+
+ if ( lud->lud_dn == NULL || lud->lud_dn[ 0 ] == '\0' ) {
+ if ( scope == LDAP_SCOPE_BASE ) {
+ BER_BVZERO( &ndn );
+
+ } else {
+ ber_str2bv( "", 0, 1, &ndn );
+ }
+
+ } else {
+
+ ber_str2bv( lud->lud_dn, 0, 0, &dn );
+ rc = dnNormalize( 0, NULL, NULL, &dn, &ndn, NULL );
+ }
+
+ ldap_free_urldesc( lud );
+ if ( rc != LDAP_SUCCESS ) {
+ return -1;
+ }
+
+ if ( BER_BVISNULL( &ndn ) ) {
+ /* rootDSE */
+ if ( ao != NULL ) {
+ ch_free( ao->ao_ndn.bv_val );
+ ch_free( ao );
+ on->on_bi.bi_private = NULL;
+ }
+
+ } else {
+ if ( ao == NULL ) {
+ ao = ch_calloc( 1, sizeof( allop_t ) );
+ on->on_bi.bi_private = (void *)ao;
+
+ } else {
+ ch_free( ao->ao_ndn.bv_val );
+ }
+
+ ao->ao_ndn = ndn;
+ ao->ao_scope = scope;
+ }
+
+ } else {
+ return SLAP_CONF_UNKNOWN;
+ }
+
+ return 0;
+}
+
+static int
+allop_db_destroy( BackendDB *be, ConfigReply *cr )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ allop_t *ao = (allop_t *)on->on_bi.bi_private;
+
+ if ( ao != NULL ) {
+ assert( !BER_BVISNULL( &ao->ao_ndn ) );
+
+ ch_free( ao->ao_ndn.bv_val );
+ ch_free( ao );
+ on->on_bi.bi_private = NULL;
+ }
+
+ return 0;
+}
+
+static int
+allop_op_search( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
+ allop_t *ao = (allop_t *)on->on_bi.bi_private;
+
+ slap_mask_t mask;
+ int i,
+ add_allUser = 0;
+
+ if ( ao == NULL ) {
+ if ( !BER_BVISEMPTY( &op->o_req_ndn )
+ || op->ors_scope != LDAP_SCOPE_BASE )
+ {
+ return SLAP_CB_CONTINUE;
+ }
+
+ } else {
+ if ( !dnIsSuffix( &op->o_req_ndn, &ao->ao_ndn ) ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ switch ( ao->ao_scope ) {
+ case LDAP_SCOPE_BASE:
+ if ( op->o_req_ndn.bv_len != ao->ao_ndn.bv_len ) {
+ return SLAP_CB_CONTINUE;
+ }
+ break;
+
+ case LDAP_SCOPE_ONELEVEL:
+ if ( op->ors_scope == LDAP_SCOPE_BASE ) {
+ struct berval rdn = op->o_req_ndn;
+
+ rdn.bv_len -= ao->ao_ndn.bv_len + STRLENOF( "," );
+ if ( !dnIsOneLevelRDN( &rdn ) ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ break;
+ }
+ return SLAP_CB_CONTINUE;
+
+ case LDAP_SCOPE_SUBTREE:
+ break;
+ }
+ }
+
+ mask = slap_attr_flags( op->ors_attrs );
+ if ( SLAP_OPATTRS( mask ) ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ if ( !SLAP_USERATTRS( mask ) ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ i = 0;
+ if ( op->ors_attrs == NULL ) {
+ add_allUser = 1;
+
+ } else {
+ for ( ; !BER_BVISNULL( &op->ors_attrs[ i ].an_name ); i++ )
+ ;
+ }
+
+ op->ors_attrs = op->o_tmprealloc( op->ors_attrs,
+ sizeof( AttributeName ) * ( i + add_allUser + 2 ),
+ op->o_tmpmemctx );
+
+ if ( add_allUser ) {
+ op->ors_attrs[ i ] = slap_anlist_all_user_attributes[ 0 ];
+ i++;
+ }
+
+ op->ors_attrs[ i ] = slap_anlist_all_operational_attributes[ 0 ];
+
+ BER_BVZERO( &op->ors_attrs[ i + 1 ].an_name );
+
+ return SLAP_CB_CONTINUE;
+}
+
+static slap_overinst allop;
+
+int
+allop_init()
+{
+ allop.on_bi.bi_type = "allop";
+
+ allop.on_bi.bi_db_config = allop_db_config;
+ allop.on_bi.bi_db_destroy = allop_db_destroy;
+
+ allop.on_bi.bi_op_search = allop_op_search;
+
+ return overlay_register( &allop );
+}
+
+int
+init_module( int argc, char *argv[] )
+{
+ return allop_init();
+}
+
diff --git a/contrib/slapd-modules/allop/slapo-allop.5 b/contrib/slapd-modules/allop/slapo-allop.5
new file mode 100644
index 0000000..9bb7d83
--- /dev/null
+++ b/contrib/slapd-modules/allop/slapo-allop.5
@@ -0,0 +1,63 @@
+.TH SLAPO-ALLOP 5 "RELEASEDATE" "OpenLDAP LDVERSION"
+.\" Copyright 2005-2021 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapo-allop \- All Operational Attributes overlay
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The All Operational Attributes overlay is designed to allow slapd to
+interoperate with dumb clients that expect all attributes, including
+operational ones, to be returned when "*" or an empty attribute list
+is requested, as opposed to RFC2251 and RFC3673.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the All Operational overlay.
+They should appear after the
+.B overlay
+directive and before any subsequent
+.B database
+directive.
+.TP
+.B allop-URI <ldapURI>
+Specify the base and the scope of search operations that trigger the overlay.
+By default, it is "ldap:///??base", i.e. it only applies to the rootDSE.
+This requires the overlay to be instantited as global.
+
+.SH EXAMPLES
+.LP
+default behavior: only affects requests to the rootDSE
+.nf
+ # global
+ overlay allop
+.fi
+.LP
+affects all requests
+.nf
+ # global
+ overlay allop
+ allop-URI "ldap:///??sub"
+.fi
+.LP
+affects only requests directed to the suffix of a database
+.nf
+ # per database
+ database bdb
+ suffix "dc=example,dc=com"
+ # database specific directives ...
+ overlay allop
+ allop-URI "ldap:///dc=example,dc=com??base"
+.fi
+
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5).
+
+.SH ACKNOWLEDGEMENTS
+.P
+This module was written in 2005 by Pierangelo Masarati for SysNet s.n.c.