summaryrefslogtreecommitdiffstats
path: root/contrib/slapd-modules/usn
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/slapd-modules/usn')
-rw-r--r--contrib/slapd-modules/usn/Makefile46
-rw-r--r--contrib/slapd-modules/usn/README44
-rw-r--r--contrib/slapd-modules/usn/usn.c330
3 files changed, 420 insertions, 0 deletions
diff --git a/contrib/slapd-modules/usn/Makefile b/contrib/slapd-modules/usn/Makefile
new file mode 100644
index 0000000..d7af04b
--- /dev/null
+++ b/contrib/slapd-modules/usn/Makefile
@@ -0,0 +1,46 @@
+# $OpenLDAP$
+
+LDAP_SRC = ../../..
+LDAP_BUILD = $(LDAP_SRC)
+LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd
+LDAP_LIB = $(LDAP_BUILD)/libraries/libldap/libldap.la \
+ $(LDAP_BUILD)/libraries/liblber/liblber.la
+
+LIBTOOL = $(LDAP_BUILD)/libtool
+CC = gcc
+OPT = -g -O2
+DEFS = -DSLAPD_OVER_USN=SLAPD_MOD_DYNAMIC
+INCS = $(LDAP_INC)
+LIBS = $(LDAP_LIB)
+
+PROGRAMS = usn.la
+LTVER = 0:0:0
+
+prefix=/usr/local
+exec_prefix=$(prefix)
+ldap_subdir=/openldap
+
+libdir=$(exec_prefix)/lib
+libexecdir=$(exec_prefix)/libexec
+moduledir = $(libexecdir)$(ldap_subdir)
+
+.SUFFIXES: .c .o .lo
+
+.c.lo:
+ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(OPT) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
+
+all: $(PROGRAMS)
+
+usn.la: usn.lo
+ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+clean:
+ rm -rf *.o *.lo *.la .libs
+
+install: $(PROGRAMS)
+ mkdir -p $(DESTDIR)$(moduledir)
+ for p in $(PROGRAMS) ; do \
+ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \
+ done
+
diff --git a/contrib/slapd-modules/usn/README b/contrib/slapd-modules/usn/README
new file mode 100644
index 0000000..3bfb096
--- /dev/null
+++ b/contrib/slapd-modules/usn/README
@@ -0,0 +1,44 @@
+This directory contains a slapd overlay, usn, that extends slapd
+to maintain the usnCreated and usnChanged operational attributes
+normally used by Microsoft ActiveDirectory.
+
+To use the overlay, add:
+
+ moduleload <path to>usn.so
+ ...
+
+ database mdb
+ ...
+ overlay usn
+
+to your slapd configuration file. The schema definitions for the
+two USN attributes are hardcoded in this overlay.
+
+Use Makefile to compile this plugin or use a command line similar to:
+
+ gcc -c -I ../../include/ -I ../../servers/slapd -DSLAPD_OVER_USN=SLAPD_MOD_DYNAMIC usn.c
+ gcc -shared -o usn.so usn.o
+
+This overlay is only set up to be built as a dynamically loaded module.
+On most platforms, in order for the module to be usable, all of the
+library dependencies must also be available as shared libraries.
+
+If you need to build the overlay statically, you will have to move it into the
+slapd/overlays directory and edit the Makefile and overlays.c to reference
+it. You will also have to define SLAPD_OVER_USN to SLAPD_MOD_STATIC,
+and add the relevant libraries to the main slapd link command.
+
+---
+This work is part of OpenLDAP Software <http://www.openldap.org/>.
+
+Copyright 2007-2022 The OpenLDAP Foundation.
+Portions Copyright 2007 Howard Chu, Symas Corp. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted only as authorized by the OpenLDAP
+Public License.
+
+A copy of this license is available in the file LICENSE in the
+top-level directory of the distribution or, alternatively, at
+<http://www.OpenLDAP.org/license.html>.
+
diff --git a/contrib/slapd-modules/usn/usn.c b/contrib/slapd-modules/usn/usn.c
new file mode 100644
index 0000000..abd6d13
--- /dev/null
+++ b/contrib/slapd-modules/usn/usn.c
@@ -0,0 +1,330 @@
+/* usn.c - Maintain Microsoft-style Update Sequence Numbers */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2007-2022 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Howard Chu for inclusion in
+ * OpenLDAP Software.
+ */
+
+#include "portable.h"
+
+#ifdef SLAPD_OVER_USN
+
+#include <stdio.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
+#include "slap.h"
+#include "slap-config.h"
+
+/* This overlay intercepts write operations and adds a Microsoft-style
+ * USN to the target entry.
+ */
+
+typedef struct usn_info {
+ int ui_current;
+ ldap_pvt_thread_mutex_t ui_mutex;
+} usn_info_t;
+
+static AttributeDescription *ad_usnCreated, *ad_usnChanged;
+
+static struct {
+ char *desc;
+ AttributeDescription **adp;
+} as[] = {
+ { "( 1.2.840.113556.1.2.19 "
+ "NAME 'uSNCreated' "
+ "SYNTAX '1.2.840.113556.1.4.906' "
+ "SINGLE-VALUE "
+ "NO-USER-MODIFICATION )",
+ &ad_usnCreated },
+ { "( 1.2.840.113556.1.2.120 "
+ "NAME 'uSNChanged' "
+ "SYNTAX '1.2.840.113556.1.4.906' "
+ "SINGLE-VALUE "
+ "NO-USER-MODIFICATION )",
+ &ad_usnChanged },
+ { NULL }
+};
+
+static int
+usn_func( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ usn_info_t *ui = on->on_bi.bi_private;
+ int my_usn;
+ char intbuf[64];
+ struct berval bv[2];
+
+ ldap_pvt_thread_mutex_lock( &ui->ui_mutex );
+ ui->ui_current++;
+ my_usn = ui->ui_current;
+ ldap_pvt_thread_mutex_unlock( &ui->ui_mutex );
+
+ BER_BVZERO(&bv[1]);
+ bv[0].bv_val = intbuf;
+ bv[0].bv_len = snprintf( intbuf, sizeof(intbuf), "%d", my_usn );
+ switch(op->o_tag) {
+ case LDAP_REQ_ADD:
+ attr_merge( op->ora_e, ad_usnCreated, bv, NULL );
+ attr_merge( op->ora_e, ad_usnChanged, bv, NULL );
+ break;
+ case LDAP_REQ_DELETE:
+ /* Probably need to update root usnLastObjRem */
+ break;
+ default: {
+ /* Modify, ModDN */
+ Modifications *ml, *mod = ch_calloc( sizeof( Modifications ), 1 );
+ for ( ml = op->orm_modlist; ml && ml->sml_next; ml = ml->sml_next );
+ ml->sml_next = mod;
+ mod->sml_desc = ad_usnChanged;
+ mod->sml_numvals = 1;
+ value_add_one( &mod->sml_values, &bv[0] );
+ mod->sml_nvalues = NULL;
+ mod->sml_op = LDAP_MOD_REPLACE;
+ mod->sml_flags = 0;
+ mod->sml_next = NULL;
+ break;
+ }
+ }
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+usn_operational(
+ Operation *op,
+ SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
+ usn_info_t *ui = (usn_info_t *)on->on_bi.bi_private;
+
+ if ( rs->sr_entry &&
+ dn_match( &rs->sr_entry->e_nname, op->o_bd->be_nsuffix )) {
+
+ if ( SLAP_OPATTRS( rs->sr_attr_flags ) ||
+ ad_inlist( ad_usnChanged, rs->sr_attrs )) {
+ Attribute *a, **ap = NULL;
+ char intbuf[64];
+ struct berval bv;
+ int my_usn;
+
+ for ( a=rs->sr_entry->e_attrs; a; a=a->a_next ) {
+ if ( a->a_desc == ad_usnChanged )
+ break;
+ }
+
+ if ( !a ) {
+ for ( ap = &rs->sr_operational_attrs; *ap;
+ ap=&(*ap)->a_next );
+
+ a = attr_alloc( ad_usnChanged );
+ *ap = a;
+ }
+
+ if ( !ap ) {
+ if ( rs_entry2modifiable( op,rs, on )) {
+ a = attr_find( rs->sr_entry->e_attrs,
+ ad_usnChanged );
+ }
+ ber_bvarray_free( a->a_vals );
+ a->a_vals = NULL;
+ a->a_numvals = 0;
+ }
+ ldap_pvt_thread_mutex_lock( &ui->ui_mutex );
+ my_usn = ui->ui_current;
+ ldap_pvt_thread_mutex_unlock( &ui->ui_mutex );
+ bv.bv_len = snprintf( intbuf, sizeof(intbuf), "%d", my_usn );
+ bv.bv_val = intbuf;
+ attr_valadd( a, &bv, NULL, 1 );
+ }
+ }
+ return SLAP_CB_CONTINUE;
+}
+
+/* Read the old USN from the underlying DB. This code is
+ * stolen from the syncprov overlay.
+ */
+static int
+usn_db_open(
+ BackendDB *be,
+ ConfigReply *cr)
+{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ usn_info_t *ui = (usn_info_t *)on->on_bi.bi_private;
+
+ Connection conn = { 0 };
+ OperationBuffer opbuf;
+ Operation *op;
+ Entry *e = NULL;
+ Attribute *a;
+ int rc;
+ void *thrctx = NULL;
+
+ thrctx = ldap_pvt_thread_pool_context();
+ connection_fake_init( &conn, &opbuf, thrctx );
+ op = &opbuf.ob_op;
+ op->o_bd = be;
+ op->o_dn = be->be_rootdn;
+ op->o_ndn = be->be_rootndn;
+
+ rc = overlay_entry_get_ov( op, be->be_nsuffix, NULL,
+ slap_schema.si_ad_contextCSN, 0, &e, on );
+
+ if ( e ) {
+ a = attr_find( e->e_attrs, ad_usnChanged );
+ if ( a ) {
+ ui->ui_current = atoi( a->a_vals[0].bv_val );
+ }
+ overlay_entry_release_ov( op, e, 0, on );
+ }
+ return 0;
+}
+
+static int
+usn_db_init(
+ BackendDB *be,
+ ConfigReply *cr
+)
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ usn_info_t *ui;
+
+ if ( SLAP_ISGLOBALOVERLAY( be ) ) {
+ Debug( LDAP_DEBUG_ANY,
+ "usn must be instantiated within a database.\n" );
+ return 1;
+ }
+
+ ui = ch_calloc(1, sizeof(usn_info_t));
+ ldap_pvt_thread_mutex_init( &ui->ui_mutex );
+ on->on_bi.bi_private = ui;
+ return 0;
+}
+
+static int
+usn_db_close(
+ BackendDB *be,
+ ConfigReply *cr
+)
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ usn_info_t *ui = on->on_bi.bi_private;
+ Connection conn = {0};
+ OperationBuffer opbuf;
+ Operation *op;
+ SlapReply rs = {REP_RESULT};
+ void *thrctx;
+
+ Modifications mod;
+ slap_callback cb = {0};
+ char intbuf[64];
+ struct berval bv[2];
+
+ thrctx = ldap_pvt_thread_pool_context();
+ connection_fake_init( &conn, &opbuf, thrctx );
+ op = &opbuf.ob_op;
+ op->o_bd = be;
+ BER_BVZERO( &bv[1] );
+ bv[0].bv_len = snprintf( intbuf, sizeof(intbuf), "%d", ui->ui_current );
+ bv[0].bv_val = intbuf;
+ mod.sml_numvals = 1;
+ mod.sml_values = bv;
+ mod.sml_nvalues = NULL;
+ mod.sml_desc = ad_usnChanged;
+ mod.sml_op = LDAP_MOD_REPLACE;
+ mod.sml_flags = 0;
+ mod.sml_next = NULL;
+
+ cb.sc_response = slap_null_cb;
+ op->o_tag = LDAP_REQ_MODIFY;
+ op->o_callback = &cb;
+ op->orm_modlist = &mod;
+ op->orm_no_opattrs = 1;
+ op->o_dn = be->be_rootdn;
+ op->o_ndn = be->be_rootndn;
+ op->o_req_dn = op->o_bd->be_suffix[0];
+ op->o_req_ndn = op->o_bd->be_nsuffix[0];
+ op->o_bd->bd_info = on->on_info->oi_orig;
+ op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
+ op->o_no_schema_check = 1;
+ op->o_bd->be_modify( op, &rs );
+ if ( mod.sml_next != NULL ) {
+ slap_mods_free( mod.sml_next, 1 );
+ }
+ return 0;
+}
+
+static int
+usn_db_destroy(
+ BackendDB *be,
+ ConfigReply *cr
+)
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ usn_info_t *ui = on->on_bi.bi_private;
+
+ ldap_pvt_thread_mutex_destroy( &ui->ui_mutex );
+ ch_free( ui );
+ on->on_bi.bi_private = NULL;
+ return 0;
+}
+
+/* This overlay is set up for dynamic loading via moduleload. For static
+ * configuration, you'll need to arrange for the slap_overinst to be
+ * initialized and registered by some other function inside slapd.
+ */
+
+static slap_overinst usn;
+
+int
+usn_init( void )
+{
+ int i, code;
+
+ memset( &usn, 0, sizeof( slap_overinst ) );
+ usn.on_bi.bi_type = "usn";
+ usn.on_bi.bi_flags = SLAPO_BFLAG_SINGLE;
+ usn.on_bi.bi_db_init = usn_db_init;
+ usn.on_bi.bi_db_destroy = usn_db_destroy;
+ usn.on_bi.bi_db_open = usn_db_open;
+ usn.on_bi.bi_db_close = usn_db_close;
+
+ usn.on_bi.bi_op_modify = usn_func;
+ usn.on_bi.bi_op_modrdn = usn_func;
+ usn.on_bi.bi_op_add = usn_func;
+ usn.on_bi.bi_op_delete = usn_func;
+ usn.on_bi.bi_operational = usn_operational;
+
+ for ( i = 0; as[i].desc; i++ ) {
+ code = register_at( as[i].desc, as[i].adp, 0 );
+ if ( code ) {
+ Debug( LDAP_DEBUG_ANY,
+ "usn_init: register_at #%d failed\n", i );
+ return code;
+ }
+ }
+ return overlay_register( &usn );
+}
+
+#if SLAPD_OVER_USN == SLAPD_MOD_DYNAMIC
+int
+init_module( int argc, char *argv[] )
+{
+ return usn_init();
+}
+#endif /* SLAPD_OVER_USN == SLAPD_MOD_DYNAMIC */
+
+#endif /* defined(SLAPD_OVER_USN) */