#50334 Issue 49730 - MozLDAP bindings have been unsupported for a while
Closed 2 years ago by spichugi. Opened 3 years ago by mhonek.
mhonek/389-ds-base remove-use_openldap  into  master

file modified
-6
@@ -154,15 +154,10 @@ 

  NSPR_LINK = $(NSPR_LIBS)

  NSS_LINK = $(NSS_LIBS)

  

- if OPENLDAP

  # with recent versions of openldap - if you link with both ldap_r and ldap, the

  # shared lib _fini for one will stomp on the other, and the program will crash

  LDAPSDK_LINK_NOTHR = @openldap_lib@ -lldap@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@

  LDAPSDK_LINK = @openldap_lib@ -lldap_r@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@

- else

- LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60

- LDAPSDK_LINK_NOTHR = $(LDAPSDK_LINK)

- endif

  ldaplib = @ldaplib@

  ldaplib_defs = @ldaplib_defs@

  
@@ -519,7 +514,6 @@ 

  	ldap/servers/slapd/http.h \

  	ldap/servers/slapd/intrinsics.h \

  	ldap/servers/slapd/log.h \

- 	ldap/servers/slapd/mozldap.h \

  	ldap/servers/slapd/openldapber.h \

  	ldap/servers/slapd/pblock_v3.h \

  	ldap/servers/slapd/poll_using_select.h \

file modified
-1
@@ -834,7 +834,6 @@ 

  AC_SUBST(nss_libdir)

  

  m4_include(m4/openldap.m4)

- m4_include(m4/mozldap.m4)

  m4_include(m4/db.m4)

  

  PKG_CHECK_MODULES([SASL], [libsasl2])

@@ -17,7 +17,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $dbtype = "ldbm database";

@@ -16,7 +16,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -18,7 +18,7 @@ 

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $dbtype = "ldbm database";

@@ -17,7 +17,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -17,7 +17,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $maxidx = 50;

@@ -16,7 +16,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -16,7 +16,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -16,7 +16,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $maxidx = 50;

@@ -10,7 +10,7 @@ 

  export LD_LIBRARY_PATH

  SHLIB_PATH=$LD_LIBRARY_PATH

  export SHLIB_PATH

- PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap

+ PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin

  

  usage ()

  {

@@ -10,7 +10,7 @@ 

  export LD_LIBRARY_PATH

  SHLIB_PATH=$LD_LIBRARY_PATH

  export SHLIB_PATH

- PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/:/usr/lib64/mozldap

+ PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/

  

  protocol=""

  

@@ -16,7 +16,7 @@ 

  

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  my $single = 0;

@@ -17,7 +17,7 @@ 

  

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  my $single = 0;

@@ -16,7 +16,7 @@ 

  

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $single = 0;

@@ -17,7 +17,7 @@ 

  # all of this nonsense can be omitted if the mozldapsdk and perldap are

  # installed in the operating system locations (e.g. /usr/lib /usr/lib/perl5)

  

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  DSUtil::libpath_add("@nss_libdir@");

@@ -17,7 +17,7 @@ 

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  

  $i = 0;

  

@@ -16,7 +16,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -15,7 +15,7 @@ 

  DSUtil::libpath_add("@nss_libdir@");

  DSUtil::libpath_add("/usr/lib");

  DSUtil::libpath_add("/usr/lib64");

- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";

+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";

  $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";

  

  $i = 0;

@@ -2789,14 +2789,9 @@ 

      PRFileDesc *ldif_fd_out = NULL;

      char *entrystr = NULL;

      char *errstr = NULL;

- #if defined(USE_OPENLDAP)

      int buflen = 0;

      LDIFFP *ldif_fd_in = NULL;

      ldif_record_lineno_t lineno = 0;

- #else

-     FILE *ldif_fd_in = NULL;

-     int lineno = 0;

- #endif

      int rc = 0;

  

      if (!task) {
@@ -2828,15 +2823,9 @@ 

          goto out;

      }

  

- #if defined(USE_OPENLDAP)

      if ((ldif_fd_in = ldif_open(td->ldif_in, "r")) == NULL) {

          rc = errno;

          errstr = strerror(rc);

- #else

-     if ((ldif_fd_in = fopen(td->ldif_in, "r")) == NULL) {

-         rc = PR_GetOSError();

-         errstr = (char *)slapi_system_strerror(rc);

- #endif

          slapi_task_log_notice(task, "The ldif file %s could not be accessed, error %d (%s).  Aborting task.\n",

                                td->ldif_in, rc, errstr);

          slapi_task_log_status(task, "The ldif file %s could not be accessed, error %d (%s).  Aborting task.\n",
@@ -2851,12 +2840,8 @@ 

       *  Convert each LDIF entry to a slapi_entry

       */

      automember_config_read_lock();

- #if defined(USE_OPENLDAP)

      while (ldif_read_record(ldif_fd_in, &lineno, &entrystr, &buflen)) {

          buflen = 0;

- #else

-     while ((entrystr = ldif_get_entry(ldif_fd_in, &lineno)) != NULL) {

- #endif

          e = slapi_str2entry(entrystr, 0);

          if (e != NULL) {

              if (!PR_CLIST_IS_EMPTY(g_automember_config)) {
@@ -2892,11 +2877,7 @@ 

          PR_Close(ldif_fd_out);

      }

      if (ldif_fd_in) {

- #if defined(USE_OPENLDAP)

          ldif_close(ldif_fd_in);

- #else

-         fclose(ldif_fd_in);

- #endif

      }

      slapi_task_inc_progress(task);

      slapi_task_finish(task, result);

@@ -13,10 +13,6 @@ 

  

  #include "cb.h"

  

- #ifndef USE_OPENLDAP

- #include "ldap_ssl.h" /* for start_tls */

- #endif

- 

  /*

   * Most of the complicated connection-related code lives in this file.  Some

   * general notes about how we manage our connections to "remote" LDAP servers:

@@ -2003,9 +2003,7 @@ 

      int ret = LDAP_OPERATIONS_ERROR;

      int port = 0;

      int timelimit;

- #if defined(USE_OPENLDAP)

      struct timeval timeout;

- #endif

      /* See if we're allowed to send a range request now */

      slapi_lock_mutex(config_entry->extend_lock);

      if (config_entry->extend_in_progress) {
@@ -2051,13 +2049,9 @@ 

      ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);

      timelimit = config_entry->timeout / 1000; /* timeout is in msec */

      ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit);

- #if defined(USE_OPENLDAP)

      timeout.tv_sec = config_entry->timeout / 1000;

      timeout.tv_usec = (config_entry->timeout % 1000) * 1000;

      ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &timeout);

- #else

-     ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, &config_entry->timeout);

- #endif

      /* Bind to the replica server */

      ret = slapi_ldap_bind(ld, bind_dn, bind_passwd, bind_method,

                            NULL, NULL, NULL, NULL);

@@ -768,14 +768,9 @@ 

  int

  cl5ImportLDIF(const char *clDir, const char *ldifFile, Object **replicas)

  {

- #if defined(USE_OPENLDAP)

      LDIFFP *file = NULL;

      int buflen = 0;

      ldif_record_lineno_t lineno = 0;

- #else

-     FILE *file = NULL;

-     int lineno = 0;

- #endif

      int rc;

      char *buff = NULL;

      slapi_operation_parameters op;
@@ -834,11 +829,7 @@ 

      }

  

  /* open LDIF file */

- #if defined(USE_OPENLDAP)

      file = ldif_open(ldifFile, "r");

- #else

-     file = fopen(ldifFile, "r"); /* XXXggood Does fopen reliably work if > 255 files open? */

- #endif

      if (file == NULL) {

          slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name_cl,

                        "cl5ImportLDIF - Failed to open (%s) ldif file; system error - %d\n",
@@ -865,11 +856,7 @@ 

      s_cl5Desc.dbState = CL5_STATE_OPEN; /* force to change the state */

  

  /* read entries and write them to changelog */

- #if defined(USE_OPENLDAP)

      while (ldif_read_record(file, &lineno, &buff, &buflen))

- #else

-     while ((buff = ldif_get_entry(file, &lineno)) != NULL)

- #endif

      {

          rc = _cl5LDIF2Operation(buff, &op, &replGen);

          if (rc != CL5_SUCCESS) {
@@ -925,15 +912,11 @@ 

                  }

              }

              slapi_ch_free_string(&buff);

- #if defined(USE_OPENLDAP)

              buflen = 0;

- #endif

              goto next;

          }

          slapi_ch_free_string(&buff);

- #if defined(USE_OPENLDAP)

          buflen = 0;

- #endif

          /* if we perform selective import, check if the operation should be wriiten to changelog */

          replica_obj = _cl5GetReplica(&op, replGen);

          if (replica_obj == NULL) {
@@ -1023,11 +1006,7 @@ 

      slapi_ch_free((void **)&maxvals);

  

      if (file) {

- #if defined(USE_OPENLDAP)

          ldif_close(file);

- #else

-         fclose(file);

- #endif

      }

      if (CL5_STATE_OPEN == s_cl5Desc.dbState) {

          _cl5Close();

@@ -25,12 +25,7 @@ 

  #include "repl5.h"

  #include "repl5_prot_private.h"

  #include "slapi-private.h"

- #if defined(USE_OPENLDAP)

  #include "ldap.h"

- #else

- #include "ldappr.h"

- #include "ldap-extension.h"

- #endif

  #include "nspr.h"

  #include "private/pprio.h"

  #include "nss.h"
@@ -530,7 +525,6 @@ 

   * on the same connection), we need to _first_ verify that the connection

   * is writable. If it isn't, we can deadlock if we proceed any further...

   */

- #if defined(USE_OPENLDAP)

  /* openldap has LBER_SB_OPT_DATA_READY but that doesn't really

     work for our purposes - so we grab the openldap fd from the

     ber sockbuf layer, import it into a PR Poll FD, then
@@ -583,74 +577,6 @@ 

  

      return CONN_OPERATION_SUCCESS;

  }

- #else  /* ! USE_OPENLDAP */

- /* Since we're poking around with ldap c sdk internals, we have to

-    be careful since the PR layer stores different session and socket

-    info than the NSS SSL layer than the SASL layer - and they all

-    use different poll functions too

- */

- static ConnResult

- see_if_write_available(Repl_Connection *conn, PRIntervalTime timeout)

- {

-     LDAP_X_PollFD pollstr;

-     int nfds = 1;

-     struct ldap_x_ext_io_fns iofns;

-     int rc = LDAP_SUCCESS;

-     LDAP_X_EXTIOF_POLL_CALLBACK *ldap_poll;

-     struct lextiof_session_private *private;

- 

-     /* get the poll function to use */

-     memset(&iofns, 0, sizeof(iofns));

-     iofns.lextiof_size = LDAP_X_EXTIO_FNS_SIZE;

-     if (ldap_get_option(conn->ld, LDAP_X_OPT_EXTIO_FN_PTRS, &iofns) < 0) {

-         rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);

-         slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,

-                       "see_if_write_available - %s: Failed call to ldap_get_option to get extiofns: LDAP error %d (%s)\n",

-                       agmt_get_long_name(conn->agmt),

-                       rc, ldap_err2string(rc));

-         conn->last_ldap_error = rc;

-         return CONN_OPERATION_FAILED;

-     }

-     ldap_poll = iofns.lextiof_poll;

- 

-     /* set up the poll structure */

-     if (ldap_get_option(conn->ld, LDAP_OPT_DESC, &pollstr.lpoll_fd) < 0) {

-         rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);

-         slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,

-                       "see_if_write_available - %s: Failed call to ldap_get_option for poll_fd: LDAP error %d (%s)\n",

-                       agmt_get_long_name(conn->agmt),

-                       rc, ldap_err2string(rc));

-         conn->last_ldap_error = rc;

-         return CONN_OPERATION_FAILED;

-     }

- 

-     if (ldap_get_option(conn->ld, LDAP_X_OPT_SOCKETARG,

-                         &pollstr.lpoll_socketarg) < 0) {

-         rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);

-         slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,

-                       "see_if_write_available - %s: Failed call to ldap_get_option for socketarg: LDAP error %d (%s)\n",

-                       agmt_get_long_name(conn->agmt),

-                       rc, ldap_err2string(rc));

-         conn->last_ldap_error = rc;

-         return CONN_OPERATION_FAILED;

-     }

- 

-     pollstr.lpoll_events = LDAP_X_POLLOUT;

-     pollstr.lpoll_revents = 0;

-     private

-     = iofns.lextiof_session_arg;

- 

-     if (0 == (*ldap_poll)(&pollstr, nfds, timeout, private)) {

-         slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name,

-                       "%s: poll timed out - poll interval [%d]\n",

-                       agmt_get_long_name(conn->agmt),

-                       timeout);

-         return CONN_TIMEOUT;

-     }

- 

-     return CONN_OPERATION_SUCCESS;

- }

- #endif /* ! USE_OPENLDAP */

  

  /*

   * During a total update, this function checks how much entries
@@ -1196,9 +1122,6 @@ 

      }

  

      if (return_value == CONN_OPERATION_SUCCESS) {

- #if !defined(USE_OPENLDAP)

-         int io_timeout_ms;

- #endif

          /* Now we initialize the LDAP Structure and set options */

  

          slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name,
@@ -1244,14 +1167,8 @@ 

          /* Don't chase any referrals (although we shouldn't get any) */

          ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);

  

- /* override the default timeout with the specified timeout */

- #if defined(USE_OPENLDAP)

+         /* override the default timeout with the specified timeout */

          ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout);

- #else

-         io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000;

-         prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT,

-                                   io_timeout_ms);

- #endif

          /* We've got an ld. Now bind to the server. */

          conn->last_operation = CONN_BIND;

      }

@@ -24,9 +24,6 @@ 

  

  #include "repl5.h"

  #include "windowsrepl.h"

- #if !defined(USE_OPENLDAP)

- #include "ldappr.h"

- #endif

  #include "slap.h"

  #include "nss.h"

  
@@ -1231,11 +1228,7 @@ 

      }

  

      if (return_value == CONN_OPERATION_SUCCESS) {

- #if !defined(USE_OPENLDAP)

-         int io_timeout_ms;

- #endif

          /* Now we initialize the LDAP Structure and set options */

- 

          slapi_log_err(SLAPI_LOG_REPL, windows_repl_plugin_name,

                        "windows_conn_connect - %s: Trying %s%s slapi_ldap_init_ext\n",

                        agmt_get_long_name(conn->agmt),
@@ -1274,14 +1267,8 @@ 

          /* Don't chase any referrals (although we shouldn't get any) */

          ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);

  

- /* override the default timeout with the specified timeout */

- #if defined(USE_OPENLDAP)

+         /* override the default timeout with the specified timeout */

          ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout);

- #else

-         io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000;

-         prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT,

-                                   io_timeout_ms);

- #endif

          /* We've got an ld. Now bind to the server. */

          conn->last_operation = CONN_BIND;

      }

@@ -23,9 +23,8 @@ 

   * Used for ldap_result passed to ldbm_back_search_cleanup.

   * If (ldap_result == LDBM_SRCH_DEFAULT_RESULT) || (ldap_result == LDAP_SUCCESS),

   * don't call slapi_send_ldap_result.

-  * Note: mozldap ldap_result codes are all positive; openldap result codes could

-  *       be negative values.  OL (-1) is LDAP_SERVER_DOWN.  Thus, it's safe to

-  *       borrow the value here.

+  * Note: openldap result codes could be negative values.  OL (-1) is LDAP_SERVER_DOWN.

+  *       Thus, it's safe to borrow the value here.

   */

  #define LDBM_SRCH_DEFAULT_RESULT (-1)

  

@@ -472,8 +472,7 @@ 

     want to change the ldif string because it will be

     parsed again in the future

     openldap ldif_getline() is more of a problem because

-    it does this for every comment line too, whereas mozldap

-    ldif_getline() just skips comment lines

+    it does this for every comment line too.

  */

  static void

  ldif_getline_fixline(char *start, char *end)

@@ -849,19 +849,11 @@ 

  void

  internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList)

  {

- #if defined(USE_OPENLDAP)

      ldap_free_sort_keylist((LDAPSortKey **)sortKeyList);

- #else

-     ldap_free_sort_keylist(sortKeyList);

- #endif

  }

  

  int

  internal_ldap_create_sort_keylist(LDAPsortkey ***sortKeyList, const char *string_rep)

  {

- #if defined(USE_OPENLDAP)

      return ldap_create_sort_keylist((LDAPSortKey ***)sortKeyList, (char *)string_rep);

- #else

-     return ldap_create_sort_keylist(sortKeyList, string_rep);

- #endif

  }

@@ -26,14 +26,12 @@ 

  extern char *const type_vlvEnabled;

  extern char *const type_vlvUses;

  

- #if defined(USE_OPENLDAP)

  typedef struct LDAPsortkey

  { /* structure for a sort-key */

      char *sk_attrtype;

      char *sk_matchruleoid;

      int sk_reverseorder;

  } LDAPsortkey;

- #endif

  

  void internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList);

  int internal_ldap_create_sort_keylist(LDAPsortkey ***sortKeyList, const char *string_rep);

@@ -534,13 +534,11 @@ 

      /* Copy the Connection DN and SSF into the operation struct */

      op_copy_identity(conn, op);

  

- #if defined(USE_OPENLDAP)

      if (slapi_operation_is_flag_set(op, OP_FLAG_REPLICATED)) {

          /* If it is replicated op, ignore the maxbersize. */

          ber_len_t maxbersize = 0;

          ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);

      }

- #endif

  

      /* If the minimum SSF requirements are not met, only allow

       * bind and extended operations through.  The bind and extop
@@ -780,7 +778,6 @@ 

      int use_buffer;                   /* if true, use the buffer - if false, ber_get_next reads directly from socket */

  };

  

- #if defined(USE_OPENLDAP)

  /* Copy up to bytes_to_read bytes from b into return_buffer.

   * Returns a count of bytes copied (always >= 0).

   */
@@ -834,7 +831,6 @@ 

  done:

      return bytes_to_copy;

  }

- #endif

  

  int

  connection_new_private(Connection *conn)
@@ -988,20 +984,12 @@ 

      return ret;

  }

  

- #ifdef USE_OPENLDAP

  #include "openldapber.h"

- #else

- #include "mozldap.h"

- #endif

  

  static ber_tag_t

  _ber_get_len(BerElement *ber, ber_len_t *lenp)

  {

- #ifdef USE_OPENLDAP

      OLBerElement *lber = (OLBerElement *)ber;

- #else

-     MozElement *lber = (MozElement *)ber;

- #endif

  

      if (NULL == lenp) {

          return LBER_DEFAULT;
@@ -1041,12 +1029,7 @@ 

      ber_len_t bytes_scanned = 0;

  

      *lenp = 0;

- #if defined(USE_OPENLDAP)

      *tagp = ber_get_next(conn->c_sb, &bytes_scanned, ber);

- #else

-     *tagp = ber_get_next_buffer_ext(buffer, buffer_size, lenp, ber,

-                                     &bytes_scanned, conn->c_sb);

- #endif

      /* openldap ber_get_next doesn't return partial bytes_scanned if it hasn't

         read a whole pdu - so we have to check the errno for the

         "would block" condition meaning openldap needs more data to read */
@@ -1080,15 +1063,8 @@ 

              SLAPD_SYSTEM_WOULD_BLOCK_ERROR(errno)) {

              return -2; /* tells connection_read_operation we need to try again */

          }

-     } else {

- /* openldap_read_function will advance c_buffer_offset */

- #if !defined(USE_OPENLDAP)

-         /* success, or need to wait for more data */

-         /* if openldap could not read a whole pdu, bytes_scanned will be zero -

-               it does not return partial results */

-         conn->c_private->c_buffer_offset += bytes_scanned;

- #endif

-     }

+     } /* else, openldap_read_function will advance c_buffer_offset,

+          nothing to do (we had to previously with mozldap) */

      return 0;

  }

  

@@ -37,16 +37,8 @@ 

          ct->c[i].c_sb = ber_sockbuf_alloc();

          invalid_socket = SLAPD_INVALID_SOCKET;

          ct->c[i].c_sd = SLAPD_INVALID_SOCKET;

- #if defined(USE_OPENLDAP)

          ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_FD, &invalid_socket);

          ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);

- #else

-         ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_DESC, &invalid_socket);

-         /* openldap by default does not use readahead - the implementation is

-            via a sockbuf_io layer */

-         ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_NO_READ_AHEAD, LBER_OPT_ON);

-         ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE, &maxbersize);

- #endif /* !USE_OPENLDAP */

          /* all connections start out invalid */

          ct->fd[i].fd = SLAPD_INVALID_SOCKET;

  

@@ -1977,13 +1977,8 @@ 

   * Revision: handle changed to void * and first

   * argument which used to be integer system fd is now ignored.

   */

- #if defined(USE_OPENLDAP)

  static int

  write_function(int ignore __attribute__((unused)), void *buffer, int count, void *handle)

- #else

- static int

- write_function(int ignore, const void *buffer, int count, struct lextiof_socket_private *handle)

- #endif

  {

      int sentbytes = 0;

      int bytes;
@@ -2040,7 +2035,6 @@ 

      return -1;

  }

  

- #if defined(USE_OPENLDAP)

  /* The argument is a pointer to the socket descriptor */

  static int

  openldap_io_setup(Sockbuf_IO_Desc *sbiod, void *arg)
@@ -2095,8 +2089,6 @@ 

      openldap_io_close                      /* sbi_close */

  };

  

- #endif /* USE_OPENLDAP */

- 

  

  int connection_type = -1; /* The type number assigned by the Factory for 'Connection' */

  
@@ -2367,9 +2359,7 @@ 

  void

  handle_closed_connection(Connection *conn)

  {

- #ifdef USE_OPENLDAP

      ber_sockbuf_remove_io(conn->c_sb, &openldap_sockbuf_io, LBER_SBIOD_LEVEL_PROVIDER);

- #endif

  }

  

  /* NOTE: this routine is not reentrant */
@@ -2436,25 +2426,10 @@ 

       * won't have a mapping. */

  /* fds[ns].out_flags = 0; */

  

- #if defined(USE_OPENLDAP)

      ber_sockbuf_add_io(conn->c_sb, &openldap_sockbuf_io,

                         LBER_SBIOD_LEVEL_PROVIDER, conn);

- #else  /* !USE_OPENLDAP */

-     {

-         struct lber_x_ext_io_fns func_pointers = {0};

-         func_pointers.lbextiofn_size = LBER_X_EXTIO_FNS_SIZE;

-         func_pointers.lbextiofn_read = NULL; /* see connection_read_function */

-         func_pointers.lbextiofn_write = write_function;

-         func_pointers.lbextiofn_writev = NULL;

-         func_pointers.lbextiofn_socket_arg = (struct lextiof_socket_private *)pr_clonefd;

-         ber_sockbuf_set_option(conn->c_sb,

-                                LBER_SOCKBUF_OPT_EXT_IO_FNS, &func_pointers);

-     }

- #endif /* !USE_OPENLDAP */

      maxbersize = conn->c_maxbersize;

- #if defined(USE_OPENLDAP)

      ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);

- #endif

      if (secure && config_get_SSLclientAuth() != SLAPD_SSLCLIENTAUTH_OFF) {

          /* Prepare to handle the client's certificate (if any): */

          int rv;

@@ -62,10 +62,6 @@ 

  #include "prtime.h"

  #include "prinrval.h"

  #include "snmp_collator.h"

- #if !defined(USE_OPENLDAP)

- #include <ldap_ssl.h>

- #include <ldappr.h>

- #else

  

  #ifdef HAVE_HEIMDAL_KERBEROS

  #include <com_err.h>
@@ -79,10 +75,8 @@ 

  static PRCallOnceType ol_init_callOnce = {0, 0, 0};

  static PRLock *ol_init_lock = NULL;

  

- #if defined(USE_OPENLDAP)

  extern void getSSLVersionRangeOL(int *min, int *max);

  extern int getSSLVersionRange(char **min, char **max);

- #endif

  

  static PRStatus

  internal_ol_init_init(void)
@@ -97,7 +91,6 @@ 

  

      return PR_SUCCESS;

  }

- #endif

  

  /* the server depends on the old, deprecated ldap_explode behavior which openldap

     does not support - the use of the mozldap code should be discouraged as
@@ -122,7 +115,6 @@ 

      }

  }

  

- #if defined(USE_OPENLDAP)

  /* mozldap ldap_init and ldap_url_parse accept a hostname in the form

     host1[:port1]SPACEhost2[:port2]SPACEhostN[:portN]

     where SPACE is a single space (0x20) character
@@ -199,7 +191,6 @@ 

      slapi_ch_free_string(&my_copy);

      return retstr;

  }

- #endif /* USE_OPENLDAP */

  

  const char *

  slapi_urlparse_err2string(int err)
@@ -219,7 +210,6 @@ 

      case LDAP_URL_ERR_PARAM:

          s = "bad parameter to an LDAP URL function";

          break;

- #if defined(USE_OPENLDAP)

      case LDAP_URL_ERR_BADSCHEME:

          s = "does not begin with ldap://, ldaps://, or ldapi://";

          break;
@@ -241,14 +231,6 @@ 

      case LDAP_URL_ERR_BADEXTS:

          s = "extensions not specified correctly";

          break;

- #else /* !USE_OPENLDAP */

-     case LDAP_URL_ERR_NOTLDAP:

-         s = "missing ldap:// or ldaps:// or ldapi://";

-         break;

-     case LDAP_URL_ERR_NODN:

-         s = "missing suffix";

-         break;

- #endif

      }

  

      return (s);
@@ -268,14 +250,11 @@ 

          return LDAP_PARAM_ERROR;

      }

      const char *url_to_use = url;

- #if defined(USE_OPENLDAP)

      char *urlescaped = NULL;

- #endif

  

      if (secure) {

          *secure = 0;

      }

- #if defined(USE_OPENLDAP)

      /* openldap does not support the non-standard multi host:port URLs supported

         by mozldap - so we have to fake out openldap - replace all spaces with %20 -

         replace all but the last colon with %3A
@@ -332,14 +311,7 @@ 

              }

          }

      }

- #endif

  

- #if defined(HAVE_LDAP_URL_PARSE_NO_DEFAULTS)

-     rc = ldap_url_parse_no_defaults(url_to_use, ludpp, require_dn);

-     if (!rc && *ludpp && secure) {

-         *secure = (*ludpp)->lud_options & LDAP_URL_OPT_SECURE;

-     }

- #else /* openldap */

  #if defined(HAVE_LDAP_URL_PARSE_EXT) && defined(LDAP_PVT_URL_PARSE_NONE) && defined(LDAP_PVT_URL_PARSE_NOEMPTY_DN)

      rc = ldap_url_parse_ext(url_to_use, ludpp, require_dn ? LDAP_PVT_URL_PARSE_NONE : LDAP_PVT_URL_PARSE_NOEMPTY_DN);

  #else
@@ -370,9 +342,7 @@ 

      if (!rc && *ludpp && secure) {

          *secure = (*ludpp)->lud_scheme && !strcmp((*ludpp)->lud_scheme, "ldaps");

      }

- #endif /* openldap */

  

- #if defined(USE_OPENLDAP)

      if (urlescaped && (*ludpp) && (*ludpp)->lud_host) {

          /* have to unescape lud_host - can unescape in place */

          char *p = strstr((*ludpp)->lud_host, "://");
@@ -400,7 +370,6 @@ 

          }

      }

      slapi_ch_free_string(&urlescaped);

- #endif

      return rc;

  }

  
@@ -411,7 +380,6 @@ 

  {

      int rc = LDAP_SUCCESS;

  

- #if defined(USE_OPENLDAP)

      ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &rc);

      if (m) {

          ldap_get_option(ld, LDAP_OPT_MATCHED_DN, m);
@@ -423,16 +391,12 @@ 

          ldap_get_option(ld, LDAP_OPT_ERROR_STRING, s);

  #endif

      }

- #else /* !USE_OPENLDAP */

-     rc = ldap_get_lderrno(ld, m, s);

- #endif

      return rc;

  }

  

  void

  slapi_ldif_put_type_and_value_with_options(char **out, const char *t, const char *val, int vlen, unsigned long options)

  {

- #if defined(USE_OPENLDAP)

      /* openldap always wraps and always does conservative base64 encoding

         we unwrap here, but clients will have to do their own base64 decode */

      int type = LDIF_PUT_VALUE;
@@ -454,29 +418,18 @@ 

          }

          *out = dest; /* move 'out' back if we removed some continuation lines */

      }

- #else

-     ldif_put_type_and_value_with_options(out, (char *)t, (char *)val, vlen, options);

- #endif

  }

  

  void

  slapi_ldap_value_free(char **vals)

  {

- #if defined(USE_OPENLDAP)

      slapi_ch_array_free(vals);

- #else

-     ldap_value_free(vals);

- #endif

  }

  

  int

  slapi_ldap_count_values(char **vals)

  {

- #if defined(USE_OPENLDAP)

      return ldap_count_values_len((struct berval **)vals);

- #else

-     return ldap_count_values(vals);

- #endif

  }

  

  int
@@ -489,7 +442,6 @@ 

      )

  {

      int rc = 0;

- #if defined(USE_OPENLDAP)

      BerElement *ber = NULL;

      int beropts = 0;

      char *berfmtstr = NULL;
@@ -538,13 +490,6 @@ 

      rc = ldap_control_create(ctrloid, ctl_iscritical, bv, 1, ctrlp);

      ber_bvfree(bv);

      ber_free(ber, 1);

- #else

-     if (usev2) {

-         rc = ldap_create_proxiedauth_control(ld, dn, ctrlp);

-     } else {

-         rc = ldap_create_proxyauth_control(ld, dn, ctl_iscritical, ctrlp);

-     }

- #endif

      return rc;

  }

  
@@ -556,21 +501,10 @@ 

      int *freeval)

  {

      int rc;

- #if defined(USE_OPENLDAP)

      rc = ldif_parse_line2(line, type, value, freeval);

- /* check that type and value are null terminated */

- #else

-     int vlen;

-     rc = ldif_parse_line(line, &type->bv_val, &value->bv_val, &vlen);

-     type->bv_len = type->bv_val ? strlen(type->bv_val) : 0;

-     value->bv_len = vlen;

-     *freeval = 0; /* always returns in place */

- #endif

      return rc;

  }

  

- #if defined(USE_OPENLDAP)

- 

  static int

  setup_ol_tls_conn(LDAP *ld, int clientauth)

  {
@@ -654,7 +588,6 @@ 

  

      return rc;

  }

- #endif /* defined(USE_OPENLDAP) */

  

  /*

    Perform LDAP init and return an LDAP* handle.  If ldapurl is given,
@@ -742,14 +675,6 @@ 

          }

      }

  

- /* ldap_url_parse doesn't yet handle ldapi */

- /*

-       if (!ldapi_socket && ludp && ludp->lud_file) {

-       ldapi_socket = ludp->lud_file;

-       }

-     */

- 

- #if defined(USE_OPENLDAP)

      if (ldapurl) {

          if (PR_SUCCESS != PR_CallOnce(&ol_init_callOnce, internal_ol_init_init)) {

              slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",
@@ -811,20 +736,6 @@ 

                            ldapurl, rc, ldap_err2string(rc));

          }

      }

- #else  /* !USE_OPENLDAP */

-     if (ldapi_socket) {

-         /* ldapi in mozldap client is not yet supported */

-     } else if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {

-         ld = ldapssl_init(hostname, port, secure);

-     } else { /* regular ldap and/or starttls */

-         /*

-          * Leverage the libprldap layer to take care of all the NSPR

-          * integration.

-          * Note that ldapssl_init() uses libprldap implicitly.

-          */

-         ld = prldap_init(hostname, port, shared);

-     }

- #endif /* !USE_OPENLDAP */

  

      /* must explicitly set version to 3 */

      ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldap_version3);
@@ -845,7 +756,6 @@ 

          int io_timeout_ms = config_get_outbound_ldap_io_timeout();

  

          if (io_timeout_ms > 0) {

- #if defined(USE_OPENLDAP)

              struct timeval tv;

  

              tv.tv_sec = io_timeout_ms / 1000;
@@ -857,62 +767,16 @@ 

                  ld = NULL;

                  goto done;

              }

- #else  /* !USE_OPENLDAP */

-             if (prldap_set_session_option(ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT, io_timeout_ms) != LDAP_SUCCESS) {

-                 slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",

-                               "failed: unable to set outbound I/O timeout to %dms\n", io_timeout_ms);

-                 slapi_ldap_unbind(ld);

-                 ld = NULL;

-                 goto done;

-             }

- #endif /* !USE_OPENLDAP */

          }

  

          /*

           * Set SSL strength (server certificate validity checking).

           */

          if (secure > 0) {

- #if defined(USE_OPENLDAP)

              if (setup_ol_tls_conn(ld, 0)) {

                  slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",

                                "failed: unable to set SSL/TLS options\n");

              }

- #else

-             int ssl_strength = 0;

-             LDAP *myld = NULL;

- 

-             /*

-              * We can only use the set functions below with a real

-              * LDAP* if it has already gone through ldapssl_init -

-              * so, use NULL if using starttls

-              */

-             if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {

-                 myld = ld;

-             }

- 

-             if (config_get_ssl_check_hostname()) {

-                 /* check hostname against name in certificate */

-                 ssl_strength = LDAPSSL_AUTH_CNCHECK;

-             } else {

-                 /* verify certificate only */

-                 ssl_strength = LDAPSSL_AUTH_CERT;

-             }

- 

-             if ((rc = ldapssl_set_strength(myld, ssl_strength)) ||

-                 (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) ||

-                 (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL3, PR_TRUE)) ||

-                 (rc = ldapssl_set_option(myld, SSL_ENABLE_TLS, PR_TRUE))) {

-                 int prerr = PR_GetError();

- 

-                 slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",

-                               "failed: unable to set SSL options (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)\n",

-                               prerr, slapd_pr_strerror(prerr));

-             }

-             if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {

-                 /* tell bind code we are using SSL */

-                 ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON);

-             }

- #endif /* !USE_OPENLDAP */

          }

      }

  
@@ -1055,7 +919,6 @@ 

          slapi_control_present(clientctrls, START_TLS_OID, NULL, NULL)) {

          secure = SLAPI_LDAP_INIT_FLAG_startTLS;

      } else {

- #if defined(USE_OPENLDAP)

          /* openldap doesn't have a SSL/TLS yes/no flag - so grab the

             ldapurl, parse it, and see if it is a secure one */

          char *ldapurl = NULL;
@@ -1065,27 +928,16 @@ 

              secure = SLAPI_LDAP_INIT_FLAG_SSL;

          }

          slapi_ch_free_string(&ldapurl);

- #else /* !USE_OPENLDAP */

-         ldap_get_option(ld, LDAP_OPT_SSL, &secure);

- #endif

      }

      ldap_controls_free(clientctrls);

      ldap_set_option(ld, LDAP_OPT_CLIENT_CONTROLS, NULL);

  

      if ((secure > 0) && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) {

- #if defined(USE_OPENLDAP)

          /*

           * we already set up a tls context in slapi_ldap_init_ext() - this will

           * free those old settings and context and create a new one

           */

          rc = setup_ol_tls_conn(ld, 1);

- #else

-         /*

-          * SSL connections will use the server's security context

-          * and cert for client auth

-          */

-         rc = slapd_SSL_client_auth(ld);

- #endif

          if (rc != 0) {

              slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_bind",

                            "Error: could not configure the server for cert "
@@ -1300,12 +1152,6 @@ 

           * a SASL mech - set the sasl ssf to 0 if using TLS/SSL.

           * openldap supports tls + sasl security

           */

- #if !defined(USE_OPENLDAP)

-         if (secure) {

-             sasl_ssf_t max_ssf = 0;

-             ldap_set_option(ld, LDAP_OPT_X_SASL_SSF_MAX, &max_ssf);

-         }

- #endif

          /*

           * we are using static variables and sharing an in-memory credentials cache

           * so we put a lock around all kerberos interactions
@@ -1646,16 +1492,9 @@ 

  /* call the bind function */

  /* openldap does not have the ext version - not sure how to get the

         returned controls */

- #if defined(USE_OPENLDAP)

          rc = ldap_sasl_interactive_bind_s(ld, bindid, mech, serverctrls,

                                            NULL, LDAP_SASL_QUIET,

                                            ldap_sasl_interact_cb, defaults);

- #else

-         rc = ldap_sasl_interactive_bind_ext_s(ld, bindid, mech, serverctrls,

-                                               NULL, LDAP_SASL_QUIET,

-                                               ldap_sasl_interact_cb, defaults,

-                                               returnedctrls);

- #endif

          ldap_sasl_free_interact_vals(defaults);

          if (LDAP_SUCCESS != rc) {

              char *errmsg = NULL;
@@ -2495,7 +2334,6 @@ 

  slapi_client_uses_non_nss(LDAP *ld)

  {

      static int not_nss = 0;

- #if defined(USE_OPENLDAP)

      static int initialized = 0;

      char *package_name = NULL;

      int rc;
@@ -2509,7 +2347,6 @@ 

          slapi_ch_free_string(&package_name);

      }

      initialized = 1;

- #endif

      return not_nss;

  }

  
@@ -2517,7 +2354,6 @@ 

  slapi_client_uses_openssl(LDAP *ld)

  {

      static int is_openssl = 0;

- #if defined(USE_OPENLDAP)

      static int initialized = 0;

      char *package_name = NULL;

      int rc;
@@ -2531,6 +2367,5 @@ 

          slapi_ch_free_string(&package_name);

      }

      initialized = 1;

- #endif

      return is_openssl;

  }

@@ -8220,57 +8220,7 @@ 

  char *

  slapi_err2string(int result)

  {

- /*

-      *  If we are using openldap, then we can safely use ldap_err2string with

-      *  positive and negative result codes.  MozLDAP's ldap_err2string can

-      *  only handle positive result codes.

-      */

- #if defined(USE_OPENLDAP)

      return ldap_err2string(result);

- #else

-     if (result >= 0) {

-         return ldap_err2string(result);

-     }

-     switch (result) {

-     case -1:

-         return ("Can't contact LDAP server");

-     case -2:

-         return ("Local error");

-     case -3:

-         return ("Encoding error");

-     case -4:

-         return ("Decoding error");

-     case -5:

-         return ("Timed out");

-     case -6:

-         return ("Unknown authentication method");

-     case -7:

-         return ("Bad search filter");

-     case -8:

-         return ("User canceled operation");

-     case -9:

-         return ("Bad parameter to an ldap routine");

-     case -10:

-         return ("Out of memory");

-     case -11:

-         return ("Connect error");

-     case -12:

-         return ("Not Supported");

-     case -13:

-         return ("Control not found");

-     case -14:

-         return ("No results returned");

-     case -15:

-         return ("More results to return");

-     case -16:

-         return ("Client Loop");

-     case -17:

-         return ("Referral Limit Exceeded");

- 

-     default:

-         return ("Unknown system error");

-     }

- #endif

  }

  

  /* replace commas with spaces */

file modified
+2 -13
@@ -302,15 +302,11 @@ 

          goto free_and_return;

      }

  

- /* check for decoding error */

- /*

-       if using mozldap - will return LBER_END_OF_SEQORSET if loop

-       completed successfully, otherwise, other value

-       if using openldap - will return LBER_DEFAULT in either case

+     /* check for decoding error */

+     /* will return LBER_DEFAULT in either case

          if there was at least one element read, len will be -1

          if there were no elements read (empty modify) len will be 0

      */

- #if defined(USE_OPENLDAP)

      if (tag != LBER_END_OF_SEQORSET) {

          if ((len == 0) && (0 == smods.num_elements) && !ignored_some_mods) {

              /* ok - empty modify - allow empty modifies */
@@ -321,13 +317,6 @@ 

          }

          /* else ok */

      }

- #else

-     if (tag != LBER_END_OF_SEQORSET) {

-         op_shared_log_error_access(pb, "MOD", rawdn, "decoding error");

-         send_ldap_result(pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL);

-         goto free_and_return;

-     }

- #endif

  

      /* decode the optional controls - put them in the pblock */

      if ((err = get_ldapmessage_controls(pb, ber, NULL)) != 0) {

@@ -1,46 +0,0 @@ 

- /*

-  * mozldap does not have all the openldap "ber" functions, like ber_skip_element.

-  * So we need to directly parse the ber element, and see inside the ber struct.

-  * From lber-int.h

-  */

- typedef struct seqorset

- {

-     ber_len_t sos_clen;

-     ber_tag_t sos_tag;

-     char *sos_first;

-     char *sos_ptr;

-     struct seqorset *sos_next;

- } Seqorset;

- 

- #define SOS_STACK_SIZE 8                              /* depth of the pre-allocated sos structure stack */

- #define MAX_TAG_SIZE (1 + sizeof(ber_int_t))          /* One byte for the length of the tag */

- #define MAX_LEN_SIZE (1 + sizeof(ber_int_t))          /* One byte for the length of the length */

- #define MAX_VALUE_PREFIX_SIZE (2 + sizeof(ber_int_t)) /* 1 byte for the tag and 1 for the len (msgid) */

- #define BER_ARRAY_QUANTITY 7                          /* 0:Tag   1:Length   2:Value-prefix   3:Value   4:Value-suffix  */

- 

- struct berelement

- {

-     ldap_x_iovec ber_struct[BER_ARRAY_QUANTITY]; /* See above */

-     char ber_tag_contents[MAX_TAG_SIZE];

-     char ber_len_contents[MAX_LEN_SIZE];

-     char ber_pre_contents[MAX_VALUE_PREFIX_SIZE];

-     char ber_suf_contents[MAX_LEN_SIZE + 1];

-     char *ber_buf; /* update the value value when writing in case realloc is called */

-     char *ber_ptr;

-     char *ber_end;

-     struct seqorset *ber_sos;

-     ber_len_t ber_tag_len_read;

-     ber_tag_t ber_tag; /* Remove me someday */

-     ber_len_t ber_len; /* Remove me someday */

-     int ber_usertag;

-     char ber_options;

-     char *ber_rwptr;

-     BERTranslateProc ber_encode_translate_proc;

-     BERTranslateProc ber_decode_translate_proc;

-     int ber_flags;

- #define LBER_FLAG_NO_FREE_BUFFER 1 /* don't free ber_buf */

-     unsigned int ber_buf_reallocs; /* realloc counter */

-     int ber_sos_stack_posn;

-     Seqorset ber_sos_stack[SOS_STACK_SIZE];

- };

- typedef struct berelement MozElement;

@@ -107,7 +107,6 @@ 

      return operation_type;

  }

  

- #if defined(USE_OPENLDAP)

  /* openldap doesn't have anything like this, nor does it have

     a way to portably and without cheating discover the

     sizeof BerElement - see lber_pvt.h for the trick used
@@ -142,7 +141,6 @@ 

      ber_free(ber, 1);

      slapi_ch_free(&buf);

  }

- #endif

  

  void

  operation_init(Slapi_Operation *o, int flags)
@@ -225,7 +223,6 @@ 

              (*op)->o_results.result_controls = NULL;

          }

          slapi_ch_free_string(&(*op)->o_results.result_matched);

- #if defined(USE_OPENLDAP)

          int options = 0;

          /* save the old options */

          if ((*op)->o_ber) {
@@ -235,12 +232,6 @@ 

              /* clear out the ber for the next operation */

              ber_init2((*op)->o_ber, NULL, options);

          }

- #else

-         if ((*op)->o_ber) {

-             ber_special_free(*op, (*op)->o_ber); /* have to free everything here */

-             *op = NULL;

-         }

- #endif

      }

  }

  

@@ -1450,9 +1450,7 @@ 

  int connection_release_nolock_ext(Connection *conn, int release_only);

  int connection_is_free(Connection *conn, int user_lock);

  int connection_is_active_nolock(Connection *conn);

- #if defined(USE_OPENLDAP)

  ber_slen_t openldap_read_function(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len);

- #endif

  

  /*

   * saslbind.c

@@ -16,13 +16,6 @@ 

  #include "fe.h"

  #include <sasl/sasl.h>

  #include <arpa/inet.h>

- #ifndef USE_OPENLDAP

- #include "mozldap.h"

- #if LDAP_VENDOR_VERSION > 604

- /* garbage to cause build to fail */

- MOZLDAP is newer than expected, if the ber structure has not changed(see ldap / server / slapd / mozldap.h), please bump the version number(604->new version)

- #endif

- #endif

  

  /*

   * I/O Shim Layer for SASL Encryption
@@ -243,12 +236,8 @@ 

       */

      if (!sp->send_encrypted && *sp->encrypted_buffer == LDAP_TAG_MESSAGE) {

          struct berval bv;

- #ifdef USE_OPENLDAP

          BerElement *ber = NULL;

          struct berval tmp_bv;

- #else

-         MozElement *ber = NULL;

- #endif

          ber_len_t maxbersize = config_get_maxbersize();

          ber_len_t ber_len = 0;

          ber_tag_t tag = 0;
@@ -331,11 +320,7 @@ 

          bv.bv_val = sp->encrypted_buffer;

          bv.bv_len = sp->encrypted_buffer_offset;

  

- #ifdef USE_OPENLDAP

          if ((ber = ber_init(&bv)) == NULL) {

- #else

-         if ((ber = (MozElement *)ber_init(&bv)) == NULL) {

- #endif

              goto done;

          }

  
@@ -343,27 +328,16 @@ 

           * Start parsing the berElement.  First skip this tag, and move on to the

           * tag msgid

           */

- #ifdef USE_OPENLDAP

          ber_skip_tag(ber, &ber_len);

          if (ber_peek_tag(ber, &ber_len) == LDAP_TAG_MSGID) {

- #else

-         ber_skip_tag((BerElement *)ber, &ber_len);

-         if (ber_peek_tag((BerElement *)ber, &ber_len) == LDAP_TAG_MSGID) {

- #endif

  /*

               * Skip the entire msgid element, so we can get to the LDAP op tag

               */

- #ifdef USE_OPENLDAP

              if (ber_skip_element(ber, &tmp_bv) == LDAP_TAG_MSGID) {

                  /*

                   * We only allow unbind operations to be processed for unencrypted operations

                   */

                  if ((tag = ber_peek_tag(ber, &ber_len)) == LDAP_REQ_UNBIND) {

- #else

-             {

-                 tag = *ber->ber_ptr++;

-                 if (*ber->ber_ptr == LDAP_REQ_UNBIND) {

- #endif

                      slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d "

                                                                             "Received unencrypted UNBIND operation.\n",

                                    c->c_connid,
@@ -375,11 +349,7 @@ 

                  }

                  slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d "

                                                                         "Error: received an LDAP message (tag 0x%lx) that was not encrypted.\n",

- #ifdef USE_OPENLDAP

                                c->c_connid, c->c_sd, (long unsigned int)tag);

- #else

-                               c->c_connid, c->c_sd, (long unsigned int)*ber->ber_ptr);

- #endif

              }

          }

  

file modified
+114 -1392
@@ -22,9 +22,7 @@ 

  #include <plhash.h>

  #include "slap.h"

  

- #if defined(USE_OPENLDAP)

  #include <ldap_schema.h> /* openldap schema parser */

- #endif

  

  static struct slapdplugin schema_plugin = {0};

  
@@ -184,30 +182,9 @@ 

  static int parse_at_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote);

  static int extension_is_user_defined(schemaext *extensions);

  static size_t strcat_qdlist(char *buf, char *prefix, char **qdlist);

- #if defined(USE_OPENLDAP)

- /*

-  *  openldap

-  */

  static int parse_attr_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote);

  static int parse_objclass_str(const char *input, struct objclass **oc, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, struct objclass *private_schema);

  

- #else

- /*

-  *  mozldap

-  */

- static char **parse_qdescrs(const char *s, int *n);

- static char **parse_qdstrings(const char *s, int *n);

- static char **parse_qdlist(const char *s, int *n, int strip_options);

- static void free_qdlist(char **vals, int n);

- static int read_at_ldif(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat, int is_remote);

- static int read_oc_ldif(const char *input, struct objclass **oc, char *errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat);

- static int get_flag_keyword(const char *keyword, int flag_value, const char **inputp, schema_strstr_fn_t strstr_fn);

- static char *get_tagged_oid(const char *tag, const char **inputp, schema_strstr_fn_t strstr_fn);

- static char **read_dollar_values(char *vals);

- static schemaext *parse_extensions(const char *schema_value, char **default_list);

- #endif

- 

- 

  /*

   * Some utility functions for dealing with a dynamic buffer

   */
@@ -254,11 +231,7 @@ 

      if (asipp) {

          *asipp = NULL;

      }

- #ifdef USE_OPENLDAP

      return parse_attr_str(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote);

- #else

-     return read_at_ldif(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote);

- #endif

  }

  

  static int
@@ -267,11 +240,7 @@ 

      if (oc) {

          *oc = NULL;

      }

- #ifdef USE_OPENLDAP

      return parse_objclass_str(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, private_schema);

- #else

-     return read_oc_ldif(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat);

- #endif

  }

  

  
@@ -527,170 +496,6 @@ 

      return SLAPI_DSE_CALLBACK_ERROR;

  }

  

- #if !defined(USE_OPENLDAP)

- static const char *

- skipWS(const char *s)

- {

-     while (s && isascii(*s) && isspace(*s)) {

-         ++s;

-     }

- 

-     if ((isascii(*s)) == 0) {

-         return NULL;

-     }

-     return s;

- }

- 

- /*

-  * like strchr() but strings within single quotes are skipped.

-  */

- static char *

- strchr_skip_quoted_strings(char *s, int c)

- {

-     int in_quote = 0;

- 

-     while (*s != '\0') {

-         if (*s == '\'') {

-             in_quote = 1 - in_quote; /* toggle */

-         } else if (!in_quote && *s == c) {

-             return s;

-         }

-         ++s;

-     }

- 

-     return (NULL);

- }

- /**

-  * parses a string containing a qdescrs or qdstrings (as described by

-  * RFC 2252, section 4.1) into an array of strings; the second parameter

-  * will hold the actual number of strings in the array.  The returned array

-  * is NULL terminated.

-  *

-  * This function can handle qdescrs or qdstrings because the only

-  * difference between the two is that fewer characters are allowed in

-  * a qdescr (our parsing code does not check anyway) and we want to

-  * strip attribute options when parsing qdescrs (indicated by a non-zero

-  * strip_options parameter).

-  */

- static char **

- parse_qdlist(const char *s, int *n, int strip_options)

- {

-     char **retval = 0;

-     char *work = 0;

-     char *start = 0, *end = 0;

-     int num = 0;

-     int in_quote = 0;

- 

-     if (n)

-         *n = 0;

- 

-     if (!s || !*s || !n) {

-         return retval;

-     }

- 

-     /* make a working copy of the given string */

-     work = slapi_ch_strdup(s);

- 

-     /* count the number of qdescr items in the string e.g. just count

-        the number of spaces */

-     /* for a single qdescr, the terminal character will be the final

-        single quote; for a qdesclist, the terminal will be the close

-        parenthesis */

-     end = strrchr(work, '\'');

-     if ((start = strchr_skip_quoted_strings(work, '(')) != NULL)

-         end = strchr_skip_quoted_strings(work, ')');

-     else

-         start = strchr(work, '\'');

- 

-     if (!end) /* already nulled out */

-         end = work + strlen(work);

- 

-     if (start) {

-         num = 1;

-         /* first pass: count number of items and zero out non useful tokens */

-         for (; *start && (start != end); ++start) {

-             if (*start == '\'') {

-                 in_quote = 1 - in_quote; /* toggle */

-                 *start = 0;

-             } else if (!in_quote && ((*start == ' ') || (*start == '(') ||

-                                      (*start == ')'))) {

-                 if (*start == ' ') {

-                     num++;

-                 }

-                 *start = 0;

-             }

-         }

-         *start = 0;

- 

-         /* allocate retval; num will be >= actual number of items */

-         retval = (char **)slapi_ch_calloc(num + 1, sizeof(char *));

- 

-         /* second pass: copy strings into the return value and set the

-            actual number of items returned */

-         start = work;

-         while (start != end) {

-             /* skip over nulls */

-             while (!*start && (start != end))