From b770ac72317e1bdd018b9e3c1a22a403facf2180 Mon Sep 17 00:00:00 2001 From: Matúš Honěk Date: May 10 2019 13:41:36 +0000 Subject: Issue 49730 - MozLDAP bindings have been unsupported for a while Bug Description: We haven't been supporting MozLDAP for a long time. In fact, it is not possible to build without OpenLDAP as MozLDAP specifics were not maintained properly. Fix Description: Remove all MozLDAP-only features from the code. Fixes https://pagure.io/389-ds-base/issue/49730 Relates https://pagure.io/389-ds-base/pull-request/50332 Author: mhonek Review by: hmc, firstyear, spichugi (Thanks!) --- diff --git a/Makefile.am b/Makefile.am index 5649cbc..01ac3a0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -154,15 +154,10 @@ PROFILING_LINKS = @profiling_links@ NSPR_LINK = $(NSPR_LIBS) NSS_LINK = $(NSS_LIBS) -if OPENLDAP # with recent versions of openldap - if you link with both ldap_r and ldap, the # shared lib _fini for one will stomp on the other, and the program will crash LDAPSDK_LINK_NOTHR = @openldap_lib@ -lldap@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@ LDAPSDK_LINK = @openldap_lib@ -lldap_r@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@ -else -LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60 -LDAPSDK_LINK_NOTHR = $(LDAPSDK_LINK) -endif ldaplib = @ldaplib@ ldaplib_defs = @ldaplib_defs@ @@ -519,7 +514,6 @@ dist_noinst_HEADERS = \ ldap/servers/slapd/http.h \ ldap/servers/slapd/intrinsics.h \ ldap/servers/slapd/log.h \ - ldap/servers/slapd/mozldap.h \ ldap/servers/slapd/openldapber.h \ ldap/servers/slapd/pblock_v3.h \ ldap/servers/slapd/poll_using_select.h \ diff --git a/configure.ac b/configure.ac index 5872ed8..3660e68 100644 --- a/configure.ac +++ b/configure.ac @@ -834,7 +834,6 @@ fi AC_SUBST(nss_libdir) m4_include(m4/openldap.m4) -m4_include(m4/mozldap.m4) m4_include(m4/db.m4) PKG_CHECK_MODULES([SASL], [libsasl2]) diff --git a/ldap/admin/src/scripts/bak2db.pl.in b/ldap/admin/src/scripts/bak2db.pl.in index 7987756..0dcd304 100644 --- a/ldap/admin/src/scripts/bak2db.pl.in +++ b/ldap/admin/src/scripts/bak2db.pl.in @@ -17,7 +17,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $dbtype = "ldbm database"; diff --git a/ldap/admin/src/scripts/cleanallruv.pl.in b/ldap/admin/src/scripts/cleanallruv.pl.in index 8129625..81a6bb4 100644 --- a/ldap/admin/src/scripts/cleanallruv.pl.in +++ b/ldap/admin/src/scripts/cleanallruv.pl.in @@ -16,7 +16,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/admin/src/scripts/db2bak.pl.in b/ldap/admin/src/scripts/db2bak.pl.in index 352a01e..0f74e89 100644 --- a/ldap/admin/src/scripts/db2bak.pl.in +++ b/ldap/admin/src/scripts/db2bak.pl.in @@ -18,7 +18,7 @@ DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $dbtype = "ldbm database"; diff --git a/ldap/admin/src/scripts/db2index.pl.in b/ldap/admin/src/scripts/db2index.pl.in index 0cfaeca..af426e9 100644 --- a/ldap/admin/src/scripts/db2index.pl.in +++ b/ldap/admin/src/scripts/db2index.pl.in @@ -17,7 +17,7 @@ use Getopt::Std; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/admin/src/scripts/db2ldif.pl.in b/ldap/admin/src/scripts/db2ldif.pl.in index f7d12b4..cb1ef1a 100644 --- a/ldap/admin/src/scripts/db2ldif.pl.in +++ b/ldap/admin/src/scripts/db2ldif.pl.in @@ -17,7 +17,7 @@ use Cwd; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $maxidx = 50; diff --git a/ldap/admin/src/scripts/fixup-linkedattrs.pl.in b/ldap/admin/src/scripts/fixup-linkedattrs.pl.in index d4ee200..fa76e27 100644 --- a/ldap/admin/src/scripts/fixup-linkedattrs.pl.in +++ b/ldap/admin/src/scripts/fixup-linkedattrs.pl.in @@ -16,7 +16,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/admin/src/scripts/fixup-memberof.pl.in b/ldap/admin/src/scripts/fixup-memberof.pl.in index 2e67450..9ae41f8 100644 --- a/ldap/admin/src/scripts/fixup-memberof.pl.in +++ b/ldap/admin/src/scripts/fixup-memberof.pl.in @@ -16,7 +16,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/admin/src/scripts/ldif2db.pl.in b/ldap/admin/src/scripts/ldif2db.pl.in index 486dcd0..909cfa7 100644 --- a/ldap/admin/src/scripts/ldif2db.pl.in +++ b/ldap/admin/src/scripts/ldif2db.pl.in @@ -16,7 +16,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $maxidx = 50; diff --git a/ldap/admin/src/scripts/ldif2ldap.in b/ldap/admin/src/scripts/ldif2ldap.in index eaaba7a..99497d5 100755 --- a/ldap/admin/src/scripts/ldif2ldap.in +++ b/ldap/admin/src/scripts/ldif2ldap.in @@ -10,7 +10,7 @@ libpath_add "@libdir@/@package_name@/" export LD_LIBRARY_PATH SHLIB_PATH=$LD_LIBRARY_PATH export SHLIB_PATH -PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap +PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin usage () { diff --git a/ldap/admin/src/scripts/monitor.in b/ldap/admin/src/scripts/monitor.in index 7edd254..d833d87 100755 --- a/ldap/admin/src/scripts/monitor.in +++ b/ldap/admin/src/scripts/monitor.in @@ -10,7 +10,7 @@ libpath_add "@nss_libdir@" export LD_LIBRARY_PATH SHLIB_PATH=$LD_LIBRARY_PATH export SHLIB_PATH -PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/:/usr/lib64/mozldap +PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/ protocol="" diff --git a/ldap/admin/src/scripts/ns-accountstatus.pl.in b/ldap/admin/src/scripts/ns-accountstatus.pl.in index 2b94051..d5d60d9 100644 --- a/ldap/admin/src/scripts/ns-accountstatus.pl.in +++ b/ldap/admin/src/scripts/ns-accountstatus.pl.in @@ -16,7 +16,7 @@ use Time::Local; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; my $single = 0; diff --git a/ldap/admin/src/scripts/ns-activate.pl.in b/ldap/admin/src/scripts/ns-activate.pl.in index bec19c8..99c97d6 100644 --- a/ldap/admin/src/scripts/ns-activate.pl.in +++ b/ldap/admin/src/scripts/ns-activate.pl.in @@ -17,7 +17,7 @@ use POSIX qw(strftime); DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; my $single = 0; diff --git a/ldap/admin/src/scripts/ns-inactivate.pl.in b/ldap/admin/src/scripts/ns-inactivate.pl.in index ef37527..88c84a3 100644 --- a/ldap/admin/src/scripts/ns-inactivate.pl.in +++ b/ldap/admin/src/scripts/ns-inactivate.pl.in @@ -16,7 +16,7 @@ use File::Spec; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $single = 0; diff --git a/ldap/admin/src/scripts/ns-newpwpolicy.pl.in b/ldap/admin/src/scripts/ns-newpwpolicy.pl.in index cb60c68..87161fc 100755 --- a/ldap/admin/src/scripts/ns-newpwpolicy.pl.in +++ b/ldap/admin/src/scripts/ns-newpwpolicy.pl.in @@ -17,7 +17,7 @@ use DSUtil; # all of this nonsense can be omitted if the mozldapsdk and perldap are # installed in the operating system locations (e.g. /usr/lib /usr/lib/perl5) -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; DSUtil::libpath_add("@nss_libdir@"); diff --git a/ldap/admin/src/scripts/schema-reload.pl.in b/ldap/admin/src/scripts/schema-reload.pl.in index 03bb610..6c260f8 100644 --- a/ldap/admin/src/scripts/schema-reload.pl.in +++ b/ldap/admin/src/scripts/schema-reload.pl.in @@ -17,7 +17,7 @@ DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $i = 0; diff --git a/ldap/admin/src/scripts/syntax-validate.pl.in b/ldap/admin/src/scripts/syntax-validate.pl.in index 717a6ed..68ce1e0 100644 --- a/ldap/admin/src/scripts/syntax-validate.pl.in +++ b/ldap/admin/src/scripts/syntax-validate.pl.in @@ -16,7 +16,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in b/ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in index 4168433..c9d364a 100644 --- a/ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in +++ b/ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in @@ -15,7 +15,7 @@ use DSUtil; DSUtil::libpath_add("@nss_libdir@"); DSUtil::libpath_add("/usr/lib"); DSUtil::libpath_add("/usr/lib64"); -$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/"; +$ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin"; $ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}"; $i = 0; diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c index 24fd874..4ad9db9 100644 --- a/ldap/servers/plugins/automember/automember.c +++ b/ldap/servers/plugins/automember/automember.c @@ -2789,14 +2789,9 @@ automember_map_task_thread(void *arg) PRFileDesc *ldif_fd_out = NULL; char *entrystr = NULL; char *errstr = NULL; -#if defined(USE_OPENLDAP) int buflen = 0; LDIFFP *ldif_fd_in = NULL; ldif_record_lineno_t lineno = 0; -#else - FILE *ldif_fd_in = NULL; - int lineno = 0; -#endif int rc = 0; if (!task) { @@ -2828,15 +2823,9 @@ automember_map_task_thread(void *arg) goto out; } -#if defined(USE_OPENLDAP) if ((ldif_fd_in = ldif_open(td->ldif_in, "r")) == NULL) { rc = errno; errstr = strerror(rc); -#else - if ((ldif_fd_in = fopen(td->ldif_in, "r")) == NULL) { - rc = PR_GetOSError(); - errstr = (char *)slapi_system_strerror(rc); -#endif slapi_task_log_notice(task, "The ldif file %s could not be accessed, error %d (%s). Aborting task.\n", td->ldif_in, rc, errstr); slapi_task_log_status(task, "The ldif file %s could not be accessed, error %d (%s). Aborting task.\n", @@ -2851,12 +2840,8 @@ automember_map_task_thread(void *arg) * Convert each LDIF entry to a slapi_entry */ automember_config_read_lock(); -#if defined(USE_OPENLDAP) while (ldif_read_record(ldif_fd_in, &lineno, &entrystr, &buflen)) { buflen = 0; -#else - while ((entrystr = ldif_get_entry(ldif_fd_in, &lineno)) != NULL) { -#endif e = slapi_str2entry(entrystr, 0); if (e != NULL) { if (!PR_CLIST_IS_EMPTY(g_automember_config)) { @@ -2892,11 +2877,7 @@ out: PR_Close(ldif_fd_out); } if (ldif_fd_in) { -#if defined(USE_OPENLDAP) ldif_close(ldif_fd_in); -#else - fclose(ldif_fd_in); -#endif } slapi_task_inc_progress(task); slapi_task_finish(task, result); diff --git a/ldap/servers/plugins/chainingdb/cb_conn_stateless.c b/ldap/servers/plugins/chainingdb/cb_conn_stateless.c index e244859..9beb459 100644 --- a/ldap/servers/plugins/chainingdb/cb_conn_stateless.c +++ b/ldap/servers/plugins/chainingdb/cb_conn_stateless.c @@ -13,10 +13,6 @@ #include "cb.h" -#ifndef USE_OPENLDAP -#include "ldap_ssl.h" /* for start_tls */ -#endif - /* * Most of the complicated connection-related code lives in this file. Some * general notes about how we manage our connections to "remote" LDAP servers: diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c index b9a6f4c..1ee2713 100644 --- a/ldap/servers/plugins/dna/dna.c +++ b/ldap/servers/plugins/dna/dna.c @@ -2003,9 +2003,7 @@ dna_request_range(struct configEntry *config_entry, int ret = LDAP_OPERATIONS_ERROR; int port = 0; int timelimit; -#if defined(USE_OPENLDAP) struct timeval timeout; -#endif /* See if we're allowed to send a range request now */ slapi_lock_mutex(config_entry->extend_lock); if (config_entry->extend_in_progress) { @@ -2051,13 +2049,9 @@ dna_request_range(struct configEntry *config_entry, ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); timelimit = config_entry->timeout / 1000; /* timeout is in msec */ ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit); -#if defined(USE_OPENLDAP) timeout.tv_sec = config_entry->timeout / 1000; timeout.tv_usec = (config_entry->timeout % 1000) * 1000; ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &timeout); -#else - ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, &config_entry->timeout); -#endif /* Bind to the replica server */ ret = slapi_ldap_bind(ld, bind_dn, bind_passwd, bind_method, NULL, NULL, NULL, NULL); diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c index 65801bc..c035db2 100644 --- a/ldap/servers/plugins/replication/cl5_api.c +++ b/ldap/servers/plugins/replication/cl5_api.c @@ -768,14 +768,9 @@ done:; int cl5ImportLDIF(const char *clDir, const char *ldifFile, Object **replicas) { -#if defined(USE_OPENLDAP) LDIFFP *file = NULL; int buflen = 0; ldif_record_lineno_t lineno = 0; -#else - FILE *file = NULL; - int lineno = 0; -#endif int rc; char *buff = NULL; slapi_operation_parameters op; @@ -834,11 +829,7 @@ cl5ImportLDIF(const char *clDir, const char *ldifFile, Object **replicas) } /* open LDIF file */ -#if defined(USE_OPENLDAP) file = ldif_open(ldifFile, "r"); -#else - file = fopen(ldifFile, "r"); /* XXXggood Does fopen reliably work if > 255 files open? */ -#endif if (file == NULL) { slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name_cl, "cl5ImportLDIF - Failed to open (%s) ldif file; system error - %d\n", @@ -865,11 +856,7 @@ cl5ImportLDIF(const char *clDir, const char *ldifFile, Object **replicas) s_cl5Desc.dbState = CL5_STATE_OPEN; /* force to change the state */ /* read entries and write them to changelog */ -#if defined(USE_OPENLDAP) while (ldif_read_record(file, &lineno, &buff, &buflen)) -#else - while ((buff = ldif_get_entry(file, &lineno)) != NULL) -#endif { rc = _cl5LDIF2Operation(buff, &op, &replGen); if (rc != CL5_SUCCESS) { @@ -925,15 +912,11 @@ cl5ImportLDIF(const char *clDir, const char *ldifFile, Object **replicas) } } slapi_ch_free_string(&buff); -#if defined(USE_OPENLDAP) buflen = 0; -#endif goto next; } slapi_ch_free_string(&buff); -#if defined(USE_OPENLDAP) buflen = 0; -#endif /* if we perform selective import, check if the operation should be wriiten to changelog */ replica_obj = _cl5GetReplica(&op, replGen); if (replica_obj == NULL) { @@ -1023,11 +1006,7 @@ done: slapi_ch_free((void **)&maxvals); if (file) { -#if defined(USE_OPENLDAP) ldif_close(file); -#else - fclose(file); -#endif } if (CL5_STATE_OPEN == s_cl5Desc.dbState) { _cl5Close(); diff --git a/ldap/servers/plugins/replication/repl5_connection.c b/ldap/servers/plugins/replication/repl5_connection.c index c31b3df..fb7d871 100644 --- a/ldap/servers/plugins/replication/repl5_connection.c +++ b/ldap/servers/plugins/replication/repl5_connection.c @@ -25,12 +25,7 @@ replica locked. Seems like right thing to do. #include "repl5.h" #include "repl5_prot_private.h" #include "slapi-private.h" -#if defined(USE_OPENLDAP) #include "ldap.h" -#else -#include "ldappr.h" -#include "ldap-extension.h" -#endif #include "nspr.h" #include "private/pprio.h" #include "nss.h" @@ -530,7 +525,6 @@ conn_read_result(Repl_Connection *conn, int *message_id) * on the same connection), we need to _first_ verify that the connection * is writable. If it isn't, we can deadlock if we proceed any further... */ -#if defined(USE_OPENLDAP) /* openldap has LBER_SB_OPT_DATA_READY but that doesn't really work for our purposes - so we grab the openldap fd from the ber sockbuf layer, import it into a PR Poll FD, then @@ -583,74 +577,6 @@ see_if_write_available(Repl_Connection *conn, PRIntervalTime timeout) return CONN_OPERATION_SUCCESS; } -#else /* ! USE_OPENLDAP */ -/* Since we're poking around with ldap c sdk internals, we have to - be careful since the PR layer stores different session and socket - info than the NSS SSL layer than the SASL layer - and they all - use different poll functions too -*/ -static ConnResult -see_if_write_available(Repl_Connection *conn, PRIntervalTime timeout) -{ - LDAP_X_PollFD pollstr; - int nfds = 1; - struct ldap_x_ext_io_fns iofns; - int rc = LDAP_SUCCESS; - LDAP_X_EXTIOF_POLL_CALLBACK *ldap_poll; - struct lextiof_session_private *private; - - /* get the poll function to use */ - memset(&iofns, 0, sizeof(iofns)); - iofns.lextiof_size = LDAP_X_EXTIO_FNS_SIZE; - if (ldap_get_option(conn->ld, LDAP_X_OPT_EXTIO_FN_PTRS, &iofns) < 0) { - rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL); - slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, - "see_if_write_available - %s: Failed call to ldap_get_option to get extiofns: LDAP error %d (%s)\n", - agmt_get_long_name(conn->agmt), - rc, ldap_err2string(rc)); - conn->last_ldap_error = rc; - return CONN_OPERATION_FAILED; - } - ldap_poll = iofns.lextiof_poll; - - /* set up the poll structure */ - if (ldap_get_option(conn->ld, LDAP_OPT_DESC, &pollstr.lpoll_fd) < 0) { - rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL); - slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, - "see_if_write_available - %s: Failed call to ldap_get_option for poll_fd: LDAP error %d (%s)\n", - agmt_get_long_name(conn->agmt), - rc, ldap_err2string(rc)); - conn->last_ldap_error = rc; - return CONN_OPERATION_FAILED; - } - - if (ldap_get_option(conn->ld, LDAP_X_OPT_SOCKETARG, - &pollstr.lpoll_socketarg) < 0) { - rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL); - slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, - "see_if_write_available - %s: Failed call to ldap_get_option for socketarg: LDAP error %d (%s)\n", - agmt_get_long_name(conn->agmt), - rc, ldap_err2string(rc)); - conn->last_ldap_error = rc; - return CONN_OPERATION_FAILED; - } - - pollstr.lpoll_events = LDAP_X_POLLOUT; - pollstr.lpoll_revents = 0; - private - = iofns.lextiof_session_arg; - - if (0 == (*ldap_poll)(&pollstr, nfds, timeout, private)) { - slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name, - "%s: poll timed out - poll interval [%d]\n", - agmt_get_long_name(conn->agmt), - timeout); - return CONN_TIMEOUT; - } - - return CONN_OPERATION_SUCCESS; -} -#endif /* ! USE_OPENLDAP */ /* * During a total update, this function checks how much entries @@ -1196,9 +1122,6 @@ conn_connect(Repl_Connection *conn) } if (return_value == CONN_OPERATION_SUCCESS) { -#if !defined(USE_OPENLDAP) - int io_timeout_ms; -#endif /* Now we initialize the LDAP Structure and set options */ slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name, @@ -1244,14 +1167,8 @@ conn_connect(Repl_Connection *conn) /* Don't chase any referrals (although we shouldn't get any) */ ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); -/* override the default timeout with the specified timeout */ -#if defined(USE_OPENLDAP) + /* override the default timeout with the specified timeout */ ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout); -#else - io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000; - prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT, - io_timeout_ms); -#endif /* We've got an ld. Now bind to the server. */ conn->last_operation = CONN_BIND; } diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c index 8efa23b..011b328 100644 --- a/ldap/servers/plugins/replication/windows_connection.c +++ b/ldap/servers/plugins/replication/windows_connection.c @@ -24,9 +24,6 @@ replica locked. Seems like right thing to do. #include "repl5.h" #include "windowsrepl.h" -#if !defined(USE_OPENLDAP) -#include "ldappr.h" -#endif #include "slap.h" #include "nss.h" @@ -1231,11 +1228,7 @@ windows_conn_connect(Repl_Connection *conn) } if (return_value == CONN_OPERATION_SUCCESS) { -#if !defined(USE_OPENLDAP) - int io_timeout_ms; -#endif /* Now we initialize the LDAP Structure and set options */ - slapi_log_err(SLAPI_LOG_REPL, windows_repl_plugin_name, "windows_conn_connect - %s: Trying %s%s slapi_ldap_init_ext\n", agmt_get_long_name(conn->agmt), @@ -1274,14 +1267,8 @@ windows_conn_connect(Repl_Connection *conn) /* Don't chase any referrals (although we shouldn't get any) */ ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); -/* override the default timeout with the specified timeout */ -#if defined(USE_OPENLDAP) + /* override the default timeout with the specified timeout */ ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout); -#else - io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000; - prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT, - io_timeout_ms); -#endif /* We've got an ld. Now bind to the server. */ conn->last_operation = CONN_BIND; } diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c index 7f3600e..cabc8bd 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_search.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c @@ -23,9 +23,8 @@ * Used for ldap_result passed to ldbm_back_search_cleanup. * If (ldap_result == LDBM_SRCH_DEFAULT_RESULT) || (ldap_result == LDAP_SUCCESS), * don't call slapi_send_ldap_result. - * Note: mozldap ldap_result codes are all positive; openldap result codes could - * be negative values. OL (-1) is LDAP_SERVER_DOWN. Thus, it's safe to - * borrow the value here. + * Note: openldap result codes could be negative values. OL (-1) is LDAP_SERVER_DOWN. + * Thus, it's safe to borrow the value here. */ #define LDBM_SRCH_DEFAULT_RESULT (-1) diff --git a/ldap/servers/slapd/back-ldbm/misc.c b/ldap/servers/slapd/back-ldbm/misc.c index c52e58a..124d5f6 100644 --- a/ldap/servers/slapd/back-ldbm/misc.c +++ b/ldap/servers/slapd/back-ldbm/misc.c @@ -472,8 +472,7 @@ is_fullpath(char *path) want to change the ldif string because it will be parsed again in the future openldap ldif_getline() is more of a problem because - it does this for every comment line too, whereas mozldap - ldif_getline() just skips comment lines + it does this for every comment line too. */ static void ldif_getline_fixline(char *start, char *end) diff --git a/ldap/servers/slapd/back-ldbm/vlv_srch.c b/ldap/servers/slapd/back-ldbm/vlv_srch.c index c4c0875..3684174 100644 --- a/ldap/servers/slapd/back-ldbm/vlv_srch.c +++ b/ldap/servers/slapd/back-ldbm/vlv_srch.c @@ -849,19 +849,11 @@ vlv_isvlv(char *filename) void internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList) { -#if defined(USE_OPENLDAP) ldap_free_sort_keylist((LDAPSortKey **)sortKeyList); -#else - ldap_free_sort_keylist(sortKeyList); -#endif } int internal_ldap_create_sort_keylist(LDAPsortkey ***sortKeyList, const char *string_rep) { -#if defined(USE_OPENLDAP) return ldap_create_sort_keylist((LDAPSortKey ***)sortKeyList, (char *)string_rep); -#else - return ldap_create_sort_keylist(sortKeyList, string_rep); -#endif } diff --git a/ldap/servers/slapd/back-ldbm/vlv_srch.h b/ldap/servers/slapd/back-ldbm/vlv_srch.h index 5c04431..08a13a7 100644 --- a/ldap/servers/slapd/back-ldbm/vlv_srch.h +++ b/ldap/servers/slapd/back-ldbm/vlv_srch.h @@ -26,14 +26,12 @@ extern char *const type_vlvFilename; extern char *const type_vlvEnabled; extern char *const type_vlvUses; -#if defined(USE_OPENLDAP) typedef struct LDAPsortkey { /* structure for a sort-key */ char *sk_attrtype; char *sk_matchruleoid; int sk_reverseorder; } LDAPsortkey; -#endif void internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList); int internal_ldap_create_sort_keylist(LDAPsortkey ***sortKeyList, const char *string_rep); diff --git a/ldap/servers/slapd/connection.c b/ldap/servers/slapd/connection.c index 5fcb1dd..00be876 100644 --- a/ldap/servers/slapd/connection.c +++ b/ldap/servers/slapd/connection.c @@ -534,13 +534,11 @@ connection_dispatch_operation(Connection *conn, Operation *op, Slapi_PBlock *pb) /* Copy the Connection DN and SSF into the operation struct */ op_copy_identity(conn, op); -#if defined(USE_OPENLDAP) if (slapi_operation_is_flag_set(op, OP_FLAG_REPLICATED)) { /* If it is replicated op, ignore the maxbersize. */ ber_len_t maxbersize = 0; ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize); } -#endif /* If the minimum SSF requirements are not met, only allow * bind and extended operations through. The bind and extop @@ -780,7 +778,6 @@ struct Conn_private int use_buffer; /* if true, use the buffer - if false, ber_get_next reads directly from socket */ }; -#if defined(USE_OPENLDAP) /* Copy up to bytes_to_read bytes from b into return_buffer. * Returns a count of bytes copied (always >= 0). */ @@ -834,7 +831,6 @@ openldap_read_function(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len) done: return bytes_to_copy; } -#endif int connection_new_private(Connection *conn) @@ -988,20 +984,12 @@ connection_wait_for_new_work(Slapi_PBlock *pb, PRIntervalTime interval) return ret; } -#ifdef USE_OPENLDAP #include "openldapber.h" -#else -#include "mozldap.h" -#endif static ber_tag_t _ber_get_len(BerElement *ber, ber_len_t *lenp) { -#ifdef USE_OPENLDAP OLBerElement *lber = (OLBerElement *)ber; -#else - MozElement *lber = (MozElement *)ber; -#endif if (NULL == lenp) { return LBER_DEFAULT; @@ -1041,12 +1029,7 @@ get_next_from_buffer(void *buffer __attribute__((unused)), size_t buffer_size __ ber_len_t bytes_scanned = 0; *lenp = 0; -#if defined(USE_OPENLDAP) *tagp = ber_get_next(conn->c_sb, &bytes_scanned, ber); -#else - *tagp = ber_get_next_buffer_ext(buffer, buffer_size, lenp, ber, - &bytes_scanned, conn->c_sb); -#endif /* openldap ber_get_next doesn't return partial bytes_scanned if it hasn't read a whole pdu - so we have to check the errno for the "would block" condition meaning openldap needs more data to read */ @@ -1080,15 +1063,8 @@ get_next_from_buffer(void *buffer __attribute__((unused)), size_t buffer_size __ SLAPD_SYSTEM_WOULD_BLOCK_ERROR(errno)) { return -2; /* tells connection_read_operation we need to try again */ } - } else { -/* openldap_read_function will advance c_buffer_offset */ -#if !defined(USE_OPENLDAP) - /* success, or need to wait for more data */ - /* if openldap could not read a whole pdu, bytes_scanned will be zero - - it does not return partial results */ - conn->c_private->c_buffer_offset += bytes_scanned; -#endif - } + } /* else, openldap_read_function will advance c_buffer_offset, + nothing to do (we had to previously with mozldap) */ return 0; } diff --git a/ldap/servers/slapd/conntable.c b/ldap/servers/slapd/conntable.c index d4f36d3..45bcab2 100644 --- a/ldap/servers/slapd/conntable.c +++ b/ldap/servers/slapd/conntable.c @@ -37,16 +37,8 @@ connection_table_new(int table_size) ct->c[i].c_sb = ber_sockbuf_alloc(); invalid_socket = SLAPD_INVALID_SOCKET; ct->c[i].c_sd = SLAPD_INVALID_SOCKET; -#if defined(USE_OPENLDAP) ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_FD, &invalid_socket); ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize); -#else - ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_DESC, &invalid_socket); - /* openldap by default does not use readahead - the implementation is - via a sockbuf_io layer */ - ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_NO_READ_AHEAD, LBER_OPT_ON); - ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE, &maxbersize); -#endif /* !USE_OPENLDAP */ /* all connections start out invalid */ ct->fd[i].fd = SLAPD_INVALID_SOCKET; diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 1432344..9e7d3e5 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -1977,13 +1977,8 @@ slapd_poll(void *handle, int output) * Revision: handle changed to void * and first * argument which used to be integer system fd is now ignored. */ -#if defined(USE_OPENLDAP) static int write_function(int ignore __attribute__((unused)), void *buffer, int count, void *handle) -#else -static int -write_function(int ignore, const void *buffer, int count, struct lextiof_socket_private *handle) -#endif { int sentbytes = 0; int bytes; @@ -2040,7 +2035,6 @@ write_function(int ignore, const void *buffer, int count, struct lextiof_socket_ return -1; } -#if defined(USE_OPENLDAP) /* The argument is a pointer to the socket descriptor */ static int openldap_io_setup(Sockbuf_IO_Desc *sbiod, void *arg) @@ -2095,8 +2089,6 @@ static Sockbuf_IO openldap_sockbuf_io = { openldap_io_close /* sbi_close */ }; -#endif /* USE_OPENLDAP */ - int connection_type = -1; /* The type number assigned by the Factory for 'Connection' */ @@ -2367,9 +2359,7 @@ bail: void handle_closed_connection(Connection *conn) { -#ifdef USE_OPENLDAP ber_sockbuf_remove_io(conn->c_sb, &openldap_sockbuf_io, LBER_SBIOD_LEVEL_PROVIDER); -#endif } /* NOTE: this routine is not reentrant */ @@ -2436,25 +2426,10 @@ handle_new_connection(Connection_Table *ct, int tcps, PRFileDesc *pr_acceptfd, i * won't have a mapping. */ /* fds[ns].out_flags = 0; */ -#if defined(USE_OPENLDAP) ber_sockbuf_add_io(conn->c_sb, &openldap_sockbuf_io, LBER_SBIOD_LEVEL_PROVIDER, conn); -#else /* !USE_OPENLDAP */ - { - struct lber_x_ext_io_fns func_pointers = {0}; - func_pointers.lbextiofn_size = LBER_X_EXTIO_FNS_SIZE; - func_pointers.lbextiofn_read = NULL; /* see connection_read_function */ - func_pointers.lbextiofn_write = write_function; - func_pointers.lbextiofn_writev = NULL; - func_pointers.lbextiofn_socket_arg = (struct lextiof_socket_private *)pr_clonefd; - ber_sockbuf_set_option(conn->c_sb, - LBER_SOCKBUF_OPT_EXT_IO_FNS, &func_pointers); - } -#endif /* !USE_OPENLDAP */ maxbersize = conn->c_maxbersize; -#if defined(USE_OPENLDAP) ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize); -#endif if (secure && config_get_SSLclientAuth() != SLAPD_SSLCLIENTAUTH_OFF) { /* Prepare to handle the client's certificate (if any): */ int rv; diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c index c2eff21..5971376 100644 --- a/ldap/servers/slapd/ldaputil.c +++ b/ldap/servers/slapd/ldaputil.c @@ -62,10 +62,6 @@ #include "prtime.h" #include "prinrval.h" #include "snmp_collator.h" -#if !defined(USE_OPENLDAP) -#include -#include -#else #ifdef HAVE_HEIMDAL_KERBEROS #include @@ -79,10 +75,8 @@ static PRCallOnceType ol_init_callOnce = {0, 0, 0}; static PRLock *ol_init_lock = NULL; -#if defined(USE_OPENLDAP) extern void getSSLVersionRangeOL(int *min, int *max); extern int getSSLVersionRange(char **min, char **max); -#endif static PRStatus internal_ol_init_init(void) @@ -97,7 +91,6 @@ internal_ol_init_init(void) return PR_SUCCESS; } -#endif /* the server depends on the old, deprecated ldap_explode behavior which openldap does not support - the use of the mozldap code should be discouraged as @@ -122,7 +115,6 @@ slapi_ldap_unbind(LDAP *ld) } } -#if defined(USE_OPENLDAP) /* mozldap ldap_init and ldap_url_parse accept a hostname in the form host1[:port1]SPACEhost2[:port2]SPACEhostN[:portN] where SPACE is a single space (0x20) character @@ -199,7 +191,6 @@ end: slapi_ch_free_string(&my_copy); return retstr; } -#endif /* USE_OPENLDAP */ const char * slapi_urlparse_err2string(int err) @@ -219,7 +210,6 @@ slapi_urlparse_err2string(int err) case LDAP_URL_ERR_PARAM: s = "bad parameter to an LDAP URL function"; break; -#if defined(USE_OPENLDAP) case LDAP_URL_ERR_BADSCHEME: s = "does not begin with ldap://, ldaps://, or ldapi://"; break; @@ -241,14 +231,6 @@ slapi_urlparse_err2string(int err) case LDAP_URL_ERR_BADEXTS: s = "extensions not specified correctly"; break; -#else /* !USE_OPENLDAP */ - case LDAP_URL_ERR_NOTLDAP: - s = "missing ldap:// or ldaps:// or ldapi://"; - break; - case LDAP_URL_ERR_NODN: - s = "missing suffix"; - break; -#endif } return (s); @@ -268,14 +250,11 @@ slapi_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int * return LDAP_PARAM_ERROR; } const char *url_to_use = url; -#if defined(USE_OPENLDAP) char *urlescaped = NULL; -#endif if (secure) { *secure = 0; } -#if defined(USE_OPENLDAP) /* openldap does not support the non-standard multi host:port URLs supported by mozldap - so we have to fake out openldap - replace all spaces with %20 - replace all but the last colon with %3A @@ -332,14 +311,7 @@ slapi_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int * } } } -#endif -#if defined(HAVE_LDAP_URL_PARSE_NO_DEFAULTS) - rc = ldap_url_parse_no_defaults(url_to_use, ludpp, require_dn); - if (!rc && *ludpp && secure) { - *secure = (*ludpp)->lud_options & LDAP_URL_OPT_SECURE; - } -#else /* openldap */ #if defined(HAVE_LDAP_URL_PARSE_EXT) && defined(LDAP_PVT_URL_PARSE_NONE) && defined(LDAP_PVT_URL_PARSE_NOEMPTY_DN) rc = ldap_url_parse_ext(url_to_use, ludpp, require_dn ? LDAP_PVT_URL_PARSE_NONE : LDAP_PVT_URL_PARSE_NOEMPTY_DN); #else @@ -370,9 +342,7 @@ slapi_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int * if (!rc && *ludpp && secure) { *secure = (*ludpp)->lud_scheme && !strcmp((*ludpp)->lud_scheme, "ldaps"); } -#endif /* openldap */ -#if defined(USE_OPENLDAP) if (urlescaped && (*ludpp) && (*ludpp)->lud_host) { /* have to unescape lud_host - can unescape in place */ char *p = strstr((*ludpp)->lud_host, "://"); @@ -400,7 +370,6 @@ slapi_ldap_url_parse(const char *url, LDAPURLDesc **ludpp, int require_dn, int * } } slapi_ch_free_string(&urlescaped); -#endif return rc; } @@ -411,7 +380,6 @@ slapi_ldap_get_lderrno(LDAP *ld, char **m, char **s) { int rc = LDAP_SUCCESS; -#if defined(USE_OPENLDAP) ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &rc); if (m) { ldap_get_option(ld, LDAP_OPT_MATCHED_DN, m); @@ -423,16 +391,12 @@ slapi_ldap_get_lderrno(LDAP *ld, char **m, char **s) ldap_get_option(ld, LDAP_OPT_ERROR_STRING, s); #endif } -#else /* !USE_OPENLDAP */ - rc = ldap_get_lderrno(ld, m, s); -#endif return rc; } void slapi_ldif_put_type_and_value_with_options(char **out, const char *t, const char *val, int vlen, unsigned long options) { -#if defined(USE_OPENLDAP) /* openldap always wraps and always does conservative base64 encoding we unwrap here, but clients will have to do their own base64 decode */ int type = LDIF_PUT_VALUE; @@ -454,29 +418,18 @@ slapi_ldif_put_type_and_value_with_options(char **out, const char *t, const char } *out = dest; /* move 'out' back if we removed some continuation lines */ } -#else - ldif_put_type_and_value_with_options(out, (char *)t, (char *)val, vlen, options); -#endif } void slapi_ldap_value_free(char **vals) { -#if defined(USE_OPENLDAP) slapi_ch_array_free(vals); -#else - ldap_value_free(vals); -#endif } int slapi_ldap_count_values(char **vals) { -#if defined(USE_OPENLDAP) return ldap_count_values_len((struct berval **)vals); -#else - return ldap_count_values(vals); -#endif } int @@ -489,7 +442,6 @@ slapi_ldap_create_proxyauth_control( ) { int rc = 0; -#if defined(USE_OPENLDAP) BerElement *ber = NULL; int beropts = 0; char *berfmtstr = NULL; @@ -538,13 +490,6 @@ slapi_ldap_create_proxyauth_control( rc = ldap_control_create(ctrloid, ctl_iscritical, bv, 1, ctrlp); ber_bvfree(bv); ber_free(ber, 1); -#else - if (usev2) { - rc = ldap_create_proxiedauth_control(ld, dn, ctrlp); - } else { - rc = ldap_create_proxyauth_control(ld, dn, ctl_iscritical, ctrlp); - } -#endif return rc; } @@ -556,21 +501,10 @@ slapi_ldif_parse_line( int *freeval) { int rc; -#if defined(USE_OPENLDAP) rc = ldif_parse_line2(line, type, value, freeval); -/* check that type and value are null terminated */ -#else - int vlen; - rc = ldif_parse_line(line, &type->bv_val, &value->bv_val, &vlen); - type->bv_len = type->bv_val ? strlen(type->bv_val) : 0; - value->bv_len = vlen; - *freeval = 0; /* always returns in place */ -#endif return rc; } -#if defined(USE_OPENLDAP) - static int setup_ol_tls_conn(LDAP *ld, int clientauth) { @@ -654,7 +588,6 @@ setup_ol_tls_conn(LDAP *ld, int clientauth) return rc; } -#endif /* defined(USE_OPENLDAP) */ /* Perform LDAP init and return an LDAP* handle. If ldapurl is given, @@ -742,14 +675,6 @@ slapi_ldap_init_ext( } } -/* ldap_url_parse doesn't yet handle ldapi */ -/* - if (!ldapi_socket && ludp && ludp->lud_file) { - ldapi_socket = ludp->lud_file; - } - */ - -#if defined(USE_OPENLDAP) if (ldapurl) { if (PR_SUCCESS != PR_CallOnce(&ol_init_callOnce, internal_ol_init_init)) { slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext", @@ -811,20 +736,6 @@ slapi_ldap_init_ext( ldapurl, rc, ldap_err2string(rc)); } } -#else /* !USE_OPENLDAP */ - if (ldapi_socket) { - /* ldapi in mozldap client is not yet supported */ - } else if (secure == SLAPI_LDAP_INIT_FLAG_SSL) { - ld = ldapssl_init(hostname, port, secure); - } else { /* regular ldap and/or starttls */ - /* - * Leverage the libprldap layer to take care of all the NSPR - * integration. - * Note that ldapssl_init() uses libprldap implicitly. - */ - ld = prldap_init(hostname, port, shared); - } -#endif /* !USE_OPENLDAP */ /* must explicitly set version to 3 */ ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldap_version3); @@ -845,7 +756,6 @@ slapi_ldap_init_ext( int io_timeout_ms = config_get_outbound_ldap_io_timeout(); if (io_timeout_ms > 0) { -#if defined(USE_OPENLDAP) struct timeval tv; tv.tv_sec = io_timeout_ms / 1000; @@ -857,62 +767,16 @@ slapi_ldap_init_ext( ld = NULL; goto done; } -#else /* !USE_OPENLDAP */ - if (prldap_set_session_option(ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT, io_timeout_ms) != LDAP_SUCCESS) { - slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext", - "failed: unable to set outbound I/O timeout to %dms\n", io_timeout_ms); - slapi_ldap_unbind(ld); - ld = NULL; - goto done; - } -#endif /* !USE_OPENLDAP */ } /* * Set SSL strength (server certificate validity checking). */ if (secure > 0) { -#if defined(USE_OPENLDAP) if (setup_ol_tls_conn(ld, 0)) { slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext", "failed: unable to set SSL/TLS options\n"); } -#else - int ssl_strength = 0; - LDAP *myld = NULL; - - /* - * We can only use the set functions below with a real - * LDAP* if it has already gone through ldapssl_init - - * so, use NULL if using starttls - */ - if (secure == SLAPI_LDAP_INIT_FLAG_SSL) { - myld = ld; - } - - if (config_get_ssl_check_hostname()) { - /* check hostname against name in certificate */ - ssl_strength = LDAPSSL_AUTH_CNCHECK; - } else { - /* verify certificate only */ - ssl_strength = LDAPSSL_AUTH_CERT; - } - - if ((rc = ldapssl_set_strength(myld, ssl_strength)) || - (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) || - (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL3, PR_TRUE)) || - (rc = ldapssl_set_option(myld, SSL_ENABLE_TLS, PR_TRUE))) { - int prerr = PR_GetError(); - - slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext", - "failed: unable to set SSL options (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)\n", - prerr, slapd_pr_strerror(prerr)); - } - if (secure == SLAPI_LDAP_INIT_FLAG_SSL) { - /* tell bind code we are using SSL */ - ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON); - } -#endif /* !USE_OPENLDAP */ } } @@ -1055,7 +919,6 @@ slapi_ldap_bind( slapi_control_present(clientctrls, START_TLS_OID, NULL, NULL)) { secure = SLAPI_LDAP_INIT_FLAG_startTLS; } else { -#if defined(USE_OPENLDAP) /* openldap doesn't have a SSL/TLS yes/no flag - so grab the ldapurl, parse it, and see if it is a secure one */ char *ldapurl = NULL; @@ -1065,27 +928,16 @@ slapi_ldap_bind( secure = SLAPI_LDAP_INIT_FLAG_SSL; } slapi_ch_free_string(&ldapurl); -#else /* !USE_OPENLDAP */ - ldap_get_option(ld, LDAP_OPT_SSL, &secure); -#endif } ldap_controls_free(clientctrls); ldap_set_option(ld, LDAP_OPT_CLIENT_CONTROLS, NULL); if ((secure > 0) && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) { -#if defined(USE_OPENLDAP) /* * we already set up a tls context in slapi_ldap_init_ext() - this will * free those old settings and context and create a new one */ rc = setup_ol_tls_conn(ld, 1); -#else - /* - * SSL connections will use the server's security context - * and cert for client auth - */ - rc = slapd_SSL_client_auth(ld); -#endif if (rc != 0) { slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_bind", "Error: could not configure the server for cert " @@ -1300,12 +1152,6 @@ slapi_ldap_bind( * a SASL mech - set the sasl ssf to 0 if using TLS/SSL. * openldap supports tls + sasl security */ -#if !defined(USE_OPENLDAP) - if (secure) { - sasl_ssf_t max_ssf = 0; - ldap_set_option(ld, LDAP_OPT_X_SASL_SSF_MAX, &max_ssf); - } -#endif /* * we are using static variables and sharing an in-memory credentials cache * so we put a lock around all kerberos interactions @@ -1646,16 +1492,9 @@ slapd_ldap_sasl_interactive_bind( /* call the bind function */ /* openldap does not have the ext version - not sure how to get the returned controls */ -#if defined(USE_OPENLDAP) rc = ldap_sasl_interactive_bind_s(ld, bindid, mech, serverctrls, NULL, LDAP_SASL_QUIET, ldap_sasl_interact_cb, defaults); -#else - rc = ldap_sasl_interactive_bind_ext_s(ld, bindid, mech, serverctrls, - NULL, LDAP_SASL_QUIET, - ldap_sasl_interact_cb, defaults, - returnedctrls); -#endif ldap_sasl_free_interact_vals(defaults); if (LDAP_SUCCESS != rc) { char *errmsg = NULL; @@ -2495,7 +2334,6 @@ int slapi_client_uses_non_nss(LDAP *ld) { static int not_nss = 0; -#if defined(USE_OPENLDAP) static int initialized = 0; char *package_name = NULL; int rc; @@ -2509,7 +2347,6 @@ slapi_client_uses_non_nss(LDAP *ld) slapi_ch_free_string(&package_name); } initialized = 1; -#endif return not_nss; } @@ -2517,7 +2354,6 @@ int slapi_client_uses_openssl(LDAP *ld) { static int is_openssl = 0; -#if defined(USE_OPENLDAP) static int initialized = 0; char *package_name = NULL; int rc; @@ -2531,6 +2367,5 @@ slapi_client_uses_openssl(LDAP *ld) slapi_ch_free_string(&package_name); } initialized = 1; -#endif return is_openssl; } diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index 4789ec5..8169863 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -8220,57 +8220,7 @@ config_get_malloc_mmap_threshold() char * slapi_err2string(int result) { -/* - * If we are using openldap, then we can safely use ldap_err2string with - * positive and negative result codes. MozLDAP's ldap_err2string can - * only handle positive result codes. - */ -#if defined(USE_OPENLDAP) return ldap_err2string(result); -#else - if (result >= 0) { - return ldap_err2string(result); - } - switch (result) { - case -1: - return ("Can't contact LDAP server"); - case -2: - return ("Local error"); - case -3: - return ("Encoding error"); - case -4: - return ("Decoding error"); - case -5: - return ("Timed out"); - case -6: - return ("Unknown authentication method"); - case -7: - return ("Bad search filter"); - case -8: - return ("User canceled operation"); - case -9: - return ("Bad parameter to an ldap routine"); - case -10: - return ("Out of memory"); - case -11: - return ("Connect error"); - case -12: - return ("Not Supported"); - case -13: - return ("Control not found"); - case -14: - return ("No results returned"); - case -15: - return ("More results to return"); - case -16: - return ("Client Loop"); - case -17: - return ("Referral Limit Exceeded"); - - default: - return ("Unknown system error"); - } -#endif } /* replace commas with spaces */ diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c index de46746..896cccf 100644 --- a/ldap/servers/slapd/modify.c +++ b/ldap/servers/slapd/modify.c @@ -302,15 +302,11 @@ do_modify(Slapi_PBlock *pb) goto free_and_return; } -/* check for decoding error */ -/* - if using mozldap - will return LBER_END_OF_SEQORSET if loop - completed successfully, otherwise, other value - if using openldap - will return LBER_DEFAULT in either case + /* check for decoding error */ + /* will return LBER_DEFAULT in either case if there was at least one element read, len will be -1 if there were no elements read (empty modify) len will be 0 */ -#if defined(USE_OPENLDAP) if (tag != LBER_END_OF_SEQORSET) { if ((len == 0) && (0 == smods.num_elements) && !ignored_some_mods) { /* ok - empty modify - allow empty modifies */ @@ -321,13 +317,6 @@ do_modify(Slapi_PBlock *pb) } /* else ok */ } -#else - if (tag != LBER_END_OF_SEQORSET) { - op_shared_log_error_access(pb, "MOD", rawdn, "decoding error"); - send_ldap_result(pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL); - goto free_and_return; - } -#endif /* decode the optional controls - put them in the pblock */ if ((err = get_ldapmessage_controls(pb, ber, NULL)) != 0) { diff --git a/ldap/servers/slapd/mozldap.h b/ldap/servers/slapd/mozldap.h deleted file mode 100644 index c5c7af2..0000000 --- a/ldap/servers/slapd/mozldap.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * mozldap does not have all the openldap "ber" functions, like ber_skip_element. - * So we need to directly parse the ber element, and see inside the ber struct. - * From lber-int.h - */ -typedef struct seqorset -{ - ber_len_t sos_clen; - ber_tag_t sos_tag; - char *sos_first; - char *sos_ptr; - struct seqorset *sos_next; -} Seqorset; - -#define SOS_STACK_SIZE 8 /* depth of the pre-allocated sos structure stack */ -#define MAX_TAG_SIZE (1 + sizeof(ber_int_t)) /* One byte for the length of the tag */ -#define MAX_LEN_SIZE (1 + sizeof(ber_int_t)) /* One byte for the length of the length */ -#define MAX_VALUE_PREFIX_SIZE (2 + sizeof(ber_int_t)) /* 1 byte for the tag and 1 for the len (msgid) */ -#define BER_ARRAY_QUANTITY 7 /* 0:Tag 1:Length 2:Value-prefix 3:Value 4:Value-suffix */ - -struct berelement -{ - ldap_x_iovec ber_struct[BER_ARRAY_QUANTITY]; /* See above */ - char ber_tag_contents[MAX_TAG_SIZE]; - char ber_len_contents[MAX_LEN_SIZE]; - char ber_pre_contents[MAX_VALUE_PREFIX_SIZE]; - char ber_suf_contents[MAX_LEN_SIZE + 1]; - char *ber_buf; /* update the value value when writing in case realloc is called */ - char *ber_ptr; - char *ber_end; - struct seqorset *ber_sos; - ber_len_t ber_tag_len_read; - ber_tag_t ber_tag; /* Remove me someday */ - ber_len_t ber_len; /* Remove me someday */ - int ber_usertag; - char ber_options; - char *ber_rwptr; - BERTranslateProc ber_encode_translate_proc; - BERTranslateProc ber_decode_translate_proc; - int ber_flags; -#define LBER_FLAG_NO_FREE_BUFFER 1 /* don't free ber_buf */ - unsigned int ber_buf_reallocs; /* realloc counter */ - int ber_sos_stack_posn; - Seqorset ber_sos_stack[SOS_STACK_SIZE]; -}; -typedef struct berelement MozElement; diff --git a/ldap/servers/slapd/operation.c b/ldap/servers/slapd/operation.c index 4a05e0a..f85a67b 100644 --- a/ldap/servers/slapd/operation.c +++ b/ldap/servers/slapd/operation.c @@ -107,7 +107,6 @@ get_operation_object_type() return operation_type; } -#if defined(USE_OPENLDAP) /* openldap doesn't have anything like this, nor does it have a way to portably and without cheating discover the sizeof BerElement - see lber_pvt.h for the trick used @@ -142,7 +141,6 @@ ber_special_free(void *buf, BerElement *ber) ber_free(ber, 1); slapi_ch_free(&buf); } -#endif void operation_init(Slapi_Operation *o, int flags) @@ -225,7 +223,6 @@ operation_done(Slapi_Operation **op, Connection *conn) (*op)->o_results.result_controls = NULL; } slapi_ch_free_string(&(*op)->o_results.result_matched); -#if defined(USE_OPENLDAP) int options = 0; /* save the old options */ if ((*op)->o_ber) { @@ -235,12 +232,6 @@ operation_done(Slapi_Operation **op, Connection *conn) /* clear out the ber for the next operation */ ber_init2((*op)->o_ber, NULL, options); } -#else - if ((*op)->o_ber) { - ber_special_free(*op, (*op)->o_ber); /* have to free everything here */ - *op = NULL; - } -#endif } } diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 6f20097..b3167b8 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -1450,9 +1450,7 @@ int connection_release_nolock(Connection *conn); int connection_release_nolock_ext(Connection *conn, int release_only); int connection_is_free(Connection *conn, int user_lock); int connection_is_active_nolock(Connection *conn); -#if defined(USE_OPENLDAP) ber_slen_t openldap_read_function(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len); -#endif /* * saslbind.c diff --git a/ldap/servers/slapd/sasl_io.c b/ldap/servers/slapd/sasl_io.c index b889c2c..d10ab8d 100644 --- a/ldap/servers/slapd/sasl_io.c +++ b/ldap/servers/slapd/sasl_io.c @@ -16,13 +16,6 @@ #include "fe.h" #include #include -#ifndef USE_OPENLDAP -#include "mozldap.h" -#if LDAP_VENDOR_VERSION > 604 -/* garbage to cause build to fail */ -MOZLDAP is newer than expected, if the ber structure has not changed(see ldap / server / slapd / mozldap.h), please bump the version number(604->new version) -#endif -#endif /* * I/O Shim Layer for SASL Encryption @@ -243,12 +236,8 @@ sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt */ if (!sp->send_encrypted && *sp->encrypted_buffer == LDAP_TAG_MESSAGE) { struct berval bv; -#ifdef USE_OPENLDAP BerElement *ber = NULL; struct berval tmp_bv; -#else - MozElement *ber = NULL; -#endif ber_len_t maxbersize = config_get_maxbersize(); ber_len_t ber_len = 0; ber_tag_t tag = 0; @@ -331,11 +320,7 @@ sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt bv.bv_val = sp->encrypted_buffer; bv.bv_len = sp->encrypted_buffer_offset; -#ifdef USE_OPENLDAP if ((ber = ber_init(&bv)) == NULL) { -#else - if ((ber = (MozElement *)ber_init(&bv)) == NULL) { -#endif goto done; } @@ -343,27 +328,16 @@ sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt * Start parsing the berElement. First skip this tag, and move on to the * tag msgid */ -#ifdef USE_OPENLDAP ber_skip_tag(ber, &ber_len); if (ber_peek_tag(ber, &ber_len) == LDAP_TAG_MSGID) { -#else - ber_skip_tag((BerElement *)ber, &ber_len); - if (ber_peek_tag((BerElement *)ber, &ber_len) == LDAP_TAG_MSGID) { -#endif /* * Skip the entire msgid element, so we can get to the LDAP op tag */ -#ifdef USE_OPENLDAP if (ber_skip_element(ber, &tmp_bv) == LDAP_TAG_MSGID) { /* * We only allow unbind operations to be processed for unencrypted operations */ if ((tag = ber_peek_tag(ber, &ber_len)) == LDAP_REQ_UNBIND) { -#else - { - tag = *ber->ber_ptr++; - if (*ber->ber_ptr == LDAP_REQ_UNBIND) { -#endif slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d " "Received unencrypted UNBIND operation.\n", c->c_connid, @@ -375,11 +349,7 @@ sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt } slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d " "Error: received an LDAP message (tag 0x%lx) that was not encrypted.\n", -#ifdef USE_OPENLDAP c->c_connid, c->c_sd, (long unsigned int)tag); -#else - c->c_connid, c->c_sd, (long unsigned int)*ber->ber_ptr); -#endif } } diff --git a/ldap/servers/slapd/schema.c b/ldap/servers/slapd/schema.c index 68c9834..379fe20 100644 --- a/ldap/servers/slapd/schema.c +++ b/ldap/servers/slapd/schema.c @@ -22,9 +22,7 @@ #include #include "slap.h" -#if defined(USE_OPENLDAP) #include /* openldap schema parser */ -#endif static struct slapdplugin schema_plugin = {0}; @@ -184,30 +182,9 @@ static int schema_at_superset_check_mr(struct asyntaxinfo *a1, struct asyntaxinf static int parse_at_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote); static int extension_is_user_defined(schemaext *extensions); static size_t strcat_qdlist(char *buf, char *prefix, char **qdlist); -#if defined(USE_OPENLDAP) -/* - * openldap - */ static int parse_attr_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote); static int parse_objclass_str(const char *input, struct objclass **oc, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, struct objclass *private_schema); -#else -/* - * mozldap - */ -static char **parse_qdescrs(const char *s, int *n); -static char **parse_qdstrings(const char *s, int *n); -static char **parse_qdlist(const char *s, int *n, int strip_options); -static void free_qdlist(char **vals, int n); -static int read_at_ldif(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat, int is_remote); -static int read_oc_ldif(const char *input, struct objclass **oc, char *errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat); -static int get_flag_keyword(const char *keyword, int flag_value, const char **inputp, schema_strstr_fn_t strstr_fn); -static char *get_tagged_oid(const char *tag, const char **inputp, schema_strstr_fn_t strstr_fn); -static char **read_dollar_values(char *vals); -static schemaext *parse_extensions(const char *schema_value, char **default_list); -#endif - - /* * Some utility functions for dealing with a dynamic buffer */ @@ -254,11 +231,7 @@ parse_at_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size if (asipp) { *asipp = NULL; } -#ifdef USE_OPENLDAP return parse_attr_str(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote); -#else - return read_at_ldif(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote); -#endif } static int @@ -267,11 +240,7 @@ parse_oc_str(const char *input, struct objclass **oc, char *errorbuf, size_t err if (oc) { *oc = NULL; } -#ifdef USE_OPENLDAP return parse_objclass_str(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, private_schema); -#else - return read_oc_ldif(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat); -#endif } @@ -527,170 +496,6 @@ dont_allow_that(Slapi_PBlock *pb __attribute__((unused)), return SLAPI_DSE_CALLBACK_ERROR; } -#if !defined(USE_OPENLDAP) -static const char * -skipWS(const char *s) -{ - while (s && isascii(*s) && isspace(*s)) { - ++s; - } - - if ((isascii(*s)) == 0) { - return NULL; - } - return s; -} - -/* - * like strchr() but strings within single quotes are skipped. - */ -static char * -strchr_skip_quoted_strings(char *s, int c) -{ - int in_quote = 0; - - while (*s != '\0') { - if (*s == '\'') { - in_quote = 1 - in_quote; /* toggle */ - } else if (!in_quote && *s == c) { - return s; - } - ++s; - } - - return (NULL); -} -/** - * parses a string containing a qdescrs or qdstrings (as described by - * RFC 2252, section 4.1) into an array of strings; the second parameter - * will hold the actual number of strings in the array. The returned array - * is NULL terminated. - * - * This function can handle qdescrs or qdstrings because the only - * difference between the two is that fewer characters are allowed in - * a qdescr (our parsing code does not check anyway) and we want to - * strip attribute options when parsing qdescrs (indicated by a non-zero - * strip_options parameter). - */ -static char ** -parse_qdlist(const char *s, int *n, int strip_options) -{ - char **retval = 0; - char *work = 0; - char *start = 0, *end = 0; - int num = 0; - int in_quote = 0; - - if (n) - *n = 0; - - if (!s || !*s || !n) { - return retval; - } - - /* make a working copy of the given string */ - work = slapi_ch_strdup(s); - - /* count the number of qdescr items in the string e.g. just count - the number of spaces */ - /* for a single qdescr, the terminal character will be the final - single quote; for a qdesclist, the terminal will be the close - parenthesis */ - end = strrchr(work, '\''); - if ((start = strchr_skip_quoted_strings(work, '(')) != NULL) - end = strchr_skip_quoted_strings(work, ')'); - else - start = strchr(work, '\''); - - if (!end) /* already nulled out */ - end = work + strlen(work); - - if (start) { - num = 1; - /* first pass: count number of items and zero out non useful tokens */ - for (; *start && (start != end); ++start) { - if (*start == '\'') { - in_quote = 1 - in_quote; /* toggle */ - *start = 0; - } else if (!in_quote && ((*start == ' ') || (*start == '(') || - (*start == ')'))) { - if (*start == ' ') { - num++; - } - *start = 0; - } - } - *start = 0; - - /* allocate retval; num will be >= actual number of items */ - retval = (char **)slapi_ch_calloc(num + 1, sizeof(char *)); - - /* second pass: copy strings into the return value and set the - actual number of items returned */ - start = work; - while (start != end) { - /* skip over nulls */ - while (!*start && (start != end)) - ++start; - if (start == end) - break; - retval[*n] = slapi_ch_strdup(start); - /* - * A qdescr list may contain attribute options; we just strip - * them here. In the future, we may want to support them or do - * something really fancy with them - */ - if (strip_options) { - stripOption(retval[*n]); - } - (*n)++; - start += strlen(start); - } - PR_ASSERT(*n <= num); /* sanity check */ - retval[*n] = NULL; - } else { - /* syntax error - no start and/or end delimiters */ - } - - /* free the working string */ - slapi_ch_free((void **)&work); - - return retval; -} - -/** - * parses a string containing a qdescrs (as described by RFC 2252, section 4.1) - * into an array of strings; the second parameter will hold the actual number - * of strings in the array. The returned array is NULL terminated. - */ -static char ** -parse_qdescrs(const char *s, int *n) -{ - return parse_qdlist(s, n, 1 /* strip attribute options */); -} - - -/* - * Parses a string containing a qdstrings (see RFC 2252, section 4.1) into - * an array of strings; the second parameter will hold the actual number - * of strings in the array. - */ -static char ** -parse_qdstrings(const char *s, int *n) -{ - return parse_qdlist(s, n, 0 /* DO NOT strip attribute options */); -} - -static void -free_qdlist(char **vals, int n) -{ - int ii; - for (ii = 0; ii < n; ++ii) - slapi_ch_free((void **)&(vals[ii])); - slapi_ch_free((void **)&vals); -} - -#endif /* not openldap */ /* * slapi_entry_schema_check - check that entry e conforms to the schema @@ -1582,7 +1387,6 @@ schema_attr_enum_callback(struct asyntaxinfo *asip, void *arg) } if (!aew->schema_ds4x_compat) { -#if defined(USE_OPENLDAP) /* * These values in quotes are not supported by the openldap parser. * Even if nsslapd-enquote-sup-oc is on, quotes should not be added. @@ -1591,16 +1395,6 @@ schema_attr_enum_callback(struct asyntaxinfo *asip, void *arg) outp += put_tagged_oid(outp, "EQUALITY ", asip->asi_mr_equality, NULL, 0); outp += put_tagged_oid(outp, "ORDERING ", asip->asi_mr_ordering, NULL, 0); outp += put_tagged_oid(outp, "SUBSTR ", asip->asi_mr_substring, NULL, 0); -#else - outp += put_tagged_oid(outp, "SUP ", - asip->asi_superior, NULL, aew->enquote_sup_oc); - outp += put_tagged_oid(outp, "EQUALITY ", - asip->asi_mr_equality, NULL, aew->enquote_sup_oc); - outp += put_tagged_oid(outp, "ORDERING ", - asip->asi_mr_ordering, NULL, aew->enquote_sup_oc); - outp += put_tagged_oid(outp, "SUBSTR ", - asip->asi_mr_substring, NULL, aew->enquote_sup_oc); -#endif } outp += put_tagged_oid(outp, "SYNTAX ", syntaxoid, syntaxlengthbuf, @@ -3215,976 +3009,147 @@ oc_free(struct objclass **ocp) } } -#if !defined(USE_OPENLDAP) - -/* - * read_oc_ldif_return - * Free all the memory that read_oc_ldif() allocated, and return the retVal - * - * It's nice to do all the freeing in one spot, as read_oc_ldif() returns sideways - */ - -static int -read_oc_ldif_return(int retVal, - char *oid, - struct sizedbuffer *name, - char *sup, - char *desc) -{ - slapi_ch_free((void **)&oid); - sizedbuffer_destroy(name); - slapi_ch_free((void **)&sup); - slapi_ch_free((void **)&desc); - return retVal; -} +/* openldap attribute parser */ /* - * read_oc_ldif - * Read the value of the objectclasses attribute in cn=schema, convert it - * into an objectclass struct. - * - * Arguments: - * - * input : value of objectclasses attribute to read - * oc : pointer write the objectclass to - * errorbuf : buffer to write any errors to - * is_user_defined : if non-zero, force objectclass to be user defined - * schema_flags : Any or none of the following bits could be set - * DSE_SCHEMA_NO_CHECK -- schema won't be checked - * DSE_SCHEMA_NO_GLOCK -- don't lock global resources - * DSE_SCHEMA_LOCKED -- already locked with - * reload_schemafile_lock; - * no further lock needed - * schema_ds4x_compat: if non-zero, act like Netscape DS 4.x + * if asipp is NULL, the attribute type is added to the global set of schema. + * if asipp is not NULL, the AT is not added but *asipp is set. When you are + * finished with *asipp, use attr_syntax_free() to dispose of it. * - * Returns: an LDAP error code + * schema_flags: Any or none of the following bits could be set + * DSE_SCHEMA_NO_CHECK -- schema won't be checked + * DSE_SCHEMA_NO_GLOCK -- locking of global resources is turned off; + * this saves time during initialization since + * the server operates in single threaded mode + * at that time or in reload_schemafile_lock. + * DSE_SCHEMA_LOCKED -- already locked with reload_schemafile_lock; + * no further lock needed * - * LDAP_SUCCESS if the objectclass was sucessfully read, the new - * objectclass will be written to oc + * if is_user_defined is true, force attribute type to be user defined. * - * All others: there was an error, an error message will - * be written to errorbuf - */ + * returns an LDAP error code (LDAP_SUCCESS if all goes well) +*/ static int -read_oc_ldif(const char *input, struct objclass **oc, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat) +parse_attr_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote __attribute__((unused))) { - int i, j; - const char *pstart, *nextinput; - struct objclass *pnew_oc, *psup_oc; - char **RequiredAttrsArray, **AllowedAttrsArray; - char **OrigRequiredAttrsArray, **OrigAllowedAttrsArray; - char *pend, *pOcOid, *pOcSup, *pOcDesc; - struct sizedbuffer *psbOcName = sizedbuffer_construct(BUFSIZ); - PRUint8 kind, flags; + struct asyntaxinfo *tmpasip; + struct asyntaxinfo *tmpasi; + schemaext *extensions = NULL, *head = NULL; + struct objclass *poc; + LDAPAttributeType *atype = NULL; + const char *errp; + char *first_attr_name = NULL; + char **attr_names = NULL; + unsigned long flags = SLAPI_ATTR_FLAG_OVERRIDE; + /* If we ever accept openldap schema directly, then make parser_flags configurable */ + unsigned int parser_flags = LDAP_SCHEMA_ALLOW_NONE | LDAP_SCHEMA_ALLOW_NO_OID; int invalid_syntax_error; - schema_strstr_fn_t keyword_strstr_fn; - schemaext *extensions = NULL; + int syntaxlength = SLAPI_SYNTAXLENGTH_NONE; + int num_names = 0; + int status = 0; + int rc = 0; + int a, aa; + + if (config_get_enquote_sup_oc()) { + parser_flags |= LDAP_SCHEMA_ALLOW_QUOTED; + } else if (getenv("LDAP_SCHEMA_ALLOW_QUOTED")) { + char ebuf[SLAPI_DSE_RETURNTEXT_SIZE]; + parser_flags |= LDAP_SCHEMA_ALLOW_QUOTED; + if (config_set_enquote_sup_oc(CONFIG_ENQUOTE_SUP_OC_ATTRIBUTE, "on", ebuf, CONFIG_APPLY)) { + slapi_log_err(SLAPI_LOG_ERR, "parse_attr_str", "Failed to enable %s: %s\n", + CONFIG_ENQUOTE_SUP_OC_ATTRIBUTE, ebuf); + } + } /* - * From RFC 2252 section 4.4: - * - * ObjectClassDescription = "(" whsp - * numericoid whsp ; ObjectClass identifier - * [ "NAME" qdescrs ] - * [ "DESC" qdstring ] - * [ "OBSOLETE" whsp ] - * [ "SUP" oids ] ; Superior ObjectClasses - * [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ] - * ; default structural - * [ "MUST" oids ] ; AttributeTypes - * [ "MAY" oids ] ; AttributeTypes - * whsp ")" - * - * XXXmcs: Our parsing technique is poor. In (Netscape) DS 4.12 and earlier - * releases, parsing was mostly done by looking anywhere within the input - * string for various keywords such as "MUST". But if, for example, a - * description contains the word "must", the parser would take assume that - * the tokens following the word were attribute types or OIDs. Bad news. - * - * In iDS 5.0 and later, we parse in order left to right and advance a - * pointer as we consume the input string (the nextinput variable). We - * also use a case-insensitive search when looking for keywords such as - * DESC. But the parser will still be fooled by sequences like: - * - * ( 1.2.3.4 NAME 'testOC' MUST ( DESC cn ) ) - * - * Someday soon we will need to write a real parser. - * - * Compatibility notes: if schema_ds4x_compat is set, we: - * 1. always parse from the beginning of the string - * 2. use a case-insensitive compare when looking for keywords, e.g., MUST - */ + * OpenLDAP AttributeType struct + * + * typedef struct ldap_attributetype { + * char *at_oid; OID + * char **at_names; Names + * char *at_desc; Description + * int at_obsolete; Is obsolete? + * char *at_sup_oid; OID of superior type + * char *at_equality_oid; OID of equality matching rule + * char *at_ordering_oid; OID of ordering matching rule + * char *at_substr_oid; OID of substrings matching rule + * char *at_syntax_oid; OID of syntax of values + * int at_syntax_len; Suggested minimum maximum length + * int at_single_value; Is single-valued? + * int at_collective; Is collective? + * int at_no_user_mod; Are changes forbidden through LDAP? + * int at_usage; Usage, see below + * LDAPSchemaExtensionItem **at_extensions; Extensions + * } LDAPAttributeType; + */ + /* + * Set the appropriate error code + */ if (schema_ds4x_compat) { - keyword_strstr_fn = PL_strcasestr; invalid_syntax_error = LDAP_OPERATIONS_ERROR; } else { - keyword_strstr_fn = PL_strstr; invalid_syntax_error = LDAP_INVALID_SYNTAX; } - - flags = 0; - pOcOid = pOcSup = pOcDesc = NULL; - - if (NULL == input || '\0' == input[0]) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_oc, NULL, - "One or more values are required for the objectClasses attribute"); - slapi_log_err(SLAPI_LOG_ERR, "read_oc_ldif", "NULL args passed to read_oc_ldif\n"); - return read_oc_ldif_return(LDAP_OPERATIONS_ERROR, pOcOid, psbOcName, - pOcSup, pOcDesc); - } - - nextinput = input; - - /* look for the OID */ - if (NULL == (pOcOid = get_tagged_oid("(", &nextinput, - keyword_strstr_fn))) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_oc, - input, "Value is malformed. It must include a \"(\""); - return read_oc_ldif_return(invalid_syntax_error, pOcOid, psbOcName, - pOcSup, pOcDesc); - } - - if (schema_ds4x_compat || (strcasecmp(pOcOid, "NAME") == 0)) - nextinput = input; - - /* look for the NAME */ - if ((pstart = (*keyword_strstr_fn)(nextinput, "NAME '")) != NULL) { - pstart += 6; - sizedbuffer_allocate(psbOcName, strlen(pstart) + 1); - if (sscanf(pstart, "%s", psbOcName->buffer) > 0) { - /* strip the trailing single quote */ - if (psbOcName->buffer[strlen(psbOcName->buffer) - 1] == '\'') { - psbOcName->buffer[strlen(psbOcName->buffer) - 1] = '\0'; - nextinput = pstart + strlen(psbOcName->buffer) + 1; - } else { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_oc, - input, "Value is malformed. It must include a single quote around" - " the name"); - return read_oc_ldif_return(invalid_syntax_error, pOcOid, psbOcName, - pOcSup, pOcDesc); - } - } - } else { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_oc, - input, "Value is malformed. It must include a \"NAME '\""); - return read_oc_ldif_return(invalid_syntax_error, pOcOid, psbOcName, - pOcSup, pOcDesc); + /* + * Verify we have input + */ + if (input == NULL || '\0' == input[0]) { + schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, NULL, + "One or more values are required for the attributeTypes attribute"); + slapi_log_err(SLAPI_LOG_ERR, "parse_attr_str", "NULL args passed to parse_attr_str\n"); + return invalid_syntax_error; } - /* - ** if the objectclass ldif doesn't have an OID, we'll make the oid - ** ocname-oid - */ - if (strcasecmp(pOcOid, "NAME") == 0) { - slapi_ch_free_string(&pOcOid); - pOcOid = slapi_ch_smprintf("%s-oid", psbOcName->buffer); + * Parse the line and create of attribute structure + */ + while (isspace(*input)) { + /* trim any leading spaces */ + input++; + } + if ((atype = ldap_str2attributetype(input, &rc, &errp, (const unsigned int)parser_flags)) == NULL) { + schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, input, + "Failed to parse attribute, error(%d - %s) at (%s)", rc, ldap_scherr2str(rc), errp); + return invalid_syntax_error; } - if (schema_ds4x_compat) - nextinput = input; - - /* look for an optional DESCription */ - if ((pstart = (*keyword_strstr_fn)(nextinput, " DESC '")) != NULL) { - pstart += 7; - if ((pend = strchr(pstart, '\'')) == NULL) { - pend = (char *)(pstart + strlen(pstart)); + if (schema_flags & DSE_SCHEMA_NO_GLOCK) { + flags |= SLAPI_ATTR_FLAG_NOLOCKING; + } + /* + * Check the NAME and update our name list + */ + if (NULL != atype->at_names) { + for (; atype->at_names[num_names]; num_names++) { + charray_add(&attr_names, slapi_ch_strdup(atype->at_names[num_names])); } - pOcDesc = slapi_ch_malloc(pend - pstart + 1); - memcpy(pOcDesc, pstart, pend - pstart); - pOcDesc[pend - pstart] = '\0'; - nextinput = pend + 1; + first_attr_name = atype->at_names[0]; + } else { /* NAME followed by nothing violates syntax */ + schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, input, + "Missing or invalid attribute name"); + status = invalid_syntax_error; + goto done; } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional OBSOLETE marker */ - flags |= get_flag_keyword(schema_obsolete_with_spaces, - OC_FLAG_OBSOLETE, &nextinput, keyword_strstr_fn); - - if (!(schema_flags & DSE_SCHEMA_NO_GLOCK)) { - oc_lock_read(); /* needed because we access the superior oc */ + /* + * If the attribute type doesn't have an OID, we'll make the oid attrname-oid. + */ + if (NULL == atype->at_oid) { + atype->at_oid = slapi_ch_smprintf("%s-oid", first_attr_name); } - - if (schema_ds4x_compat) - nextinput = input; - /* - * Look for the superior objectclass. We first look for a parenthesized - * list and if not found we look for a simple OID. - * - * XXXmcs: Since we do not yet support multiple superior objectclasses, we - * just grab the first OID in a parenthesized list. - */ - if (NULL == (pOcSup = get_tagged_oid(" SUP (", &nextinput, - keyword_strstr_fn))) { - pOcSup = get_tagged_oid(" SUP ", &nextinput, keyword_strstr_fn); + * Set the flags + */ + if (atype->at_obsolete) { + flags |= SLAPI_ATTR_FLAG_OBSOLETE; } - psup_oc = oc_find_nolock(pOcSup, NULL, PR_FALSE); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional kind (ABSTRACT, STRUCTURAL, AUXILIARY) */ - for (i = 0; i < SCHEMA_OC_KIND_COUNT; ++i) { - if (NULL != (pstart = (*keyword_strstr_fn)(nextinput, - schema_oc_kind_strings_with_spaces[i]))) { - kind = i; - nextinput = pstart + strlen(schema_oc_kind_strings_with_spaces[i]) - 1; - break; - } + if (atype->at_single_value) { + flags |= SLAPI_ATTR_FLAG_SINGLE; } - if (i >= SCHEMA_OC_KIND_COUNT) { /* not found */ - if (NULL != psup_oc && OC_KIND_ABSTRACT != psup_oc->oc_kind) { - /* inherit kind from superior class if not ABSTRACT */ - kind = psup_oc->oc_kind; - } else { - /* according to RFC 2252, the default is structural */ - kind = OC_KIND_STRUCTURAL; - } + if (atype->at_collective) { + flags |= SLAPI_ATTR_FLAG_COLLECTIVE; } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for required attributes (MUST) */ - if ((pstart = (*keyword_strstr_fn)(nextinput, " MUST ")) != NULL) { - char *pRequiredAttrs; - int saw_open_paren = 0; - - pstart += 6; - pstart = skipWS(pstart); /* skip past any extra white space */ - if (*pstart == '(') { - saw_open_paren = 1; - ++pstart; - } - pRequiredAttrs = slapi_ch_strdup(pstart); - if (saw_open_paren && (pend = strchr(pRequiredAttrs, ')')) != NULL) { - *pend = '\0'; - } else if ((pend = strchr(pRequiredAttrs, ' ')) != NULL) { - *pend = '\0'; - } else { - pend = pRequiredAttrs + strlen(pRequiredAttrs); /* at end of string */ - } - nextinput = pstart + (pend - pRequiredAttrs); - RequiredAttrsArray = read_dollar_values(pRequiredAttrs); - slapi_ch_free((void **)&pRequiredAttrs); - } else { - RequiredAttrsArray = (char **)slapi_ch_malloc(1 * sizeof(char *)); - RequiredAttrsArray[0] = NULL; - } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for allowed attributes (MAY) */ - if ((pstart = (*keyword_strstr_fn)(nextinput, " MAY ")) != NULL) { - char *pAllowedAttrs; - int saw_open_paren = 0; - - pstart += 5; - pstart = skipWS(pstart); /* skip past any extra white space */ - if (*pstart == '(') { - saw_open_paren = 1; - ++pstart; - } - pAllowedAttrs = slapi_ch_strdup(pstart); - if (saw_open_paren && (pend = strchr(pAllowedAttrs, ')')) != NULL) { - *pend = '\0'; - } else if ((pend = strchr(pAllowedAttrs, ' ')) != NULL) { - *pend = '\0'; - } else { - pend = pAllowedAttrs + strlen(pAllowedAttrs); /* at end of string */ - } - nextinput = pstart + (pend - pAllowedAttrs); - AllowedAttrsArray = read_dollar_values(pAllowedAttrs); - slapi_ch_free((void **)&pAllowedAttrs); - } else { - AllowedAttrsArray = (char **)slapi_ch_malloc(1 * sizeof(char *)); - AllowedAttrsArray[0] = NULL; - } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for X-ORIGIN list */ - if (is_user_defined) { - /* add X-ORIGIN 'user defined' */ - extensions = parse_extensions(nextinput, schema_user_defined_origin); - flags |= OC_FLAG_USER_OC; - } else { - /* add nothing */ - extensions = parse_extensions(nextinput, NULL); - flags |= OC_FLAG_STANDARD_OC; - } - - /* generate OrigRequiredAttrsArray and OrigAllowedAttrsArray */ - if (psup_oc) { - int found_it; - - OrigRequiredAttrsArray = (char **)slapi_ch_malloc(1 * sizeof(char *)); - OrigRequiredAttrsArray[0] = NULL; - OrigAllowedAttrsArray = (char **)slapi_ch_malloc(1 * sizeof(char *)); - OrigAllowedAttrsArray[0] = NULL; - - if (psup_oc->oc_required) { - for (i = 0; RequiredAttrsArray[i]; i++) { - for (j = 0, found_it = 0; psup_oc->oc_required[j]; j++) { - if (strcasecmp(psup_oc->oc_required[j], RequiredAttrsArray[i]) == 0) { - found_it = 1; - } - } - if (!found_it) { - charray_add(&OrigRequiredAttrsArray, slapi_ch_strdup(RequiredAttrsArray[i])); - } - } - } - if (psup_oc->oc_allowed) { - for (i = 0; AllowedAttrsArray[i]; i++) { - for (j = 0, found_it = 0; psup_oc->oc_allowed[j]; j++) { - if (strcasecmp(psup_oc->oc_allowed[j], AllowedAttrsArray[i]) == 0) { - found_it = 1; - } - } - if (!found_it) { - charray_add(&OrigAllowedAttrsArray, slapi_ch_strdup(AllowedAttrsArray[i])); - } - } - } - } else { - /* if no parent oc */ - OrigRequiredAttrsArray = charray_dup(RequiredAttrsArray); - OrigAllowedAttrsArray = charray_dup(AllowedAttrsArray); - } - - if (!(schema_flags & DSE_SCHEMA_NO_GLOCK)) { - oc_unlock(); /* we are done accessing superior oc (psup_oc) */ - } - - /* finally -- create new objclass structure */ - pnew_oc = (struct objclass *)slapi_ch_malloc(1 * sizeof(struct objclass)); - pnew_oc->oc_name = slapi_ch_strdup(psbOcName->buffer); - pnew_oc->oc_superior = pOcSup; - pOcSup = NULL; /* don't free this later */ - pnew_oc->oc_oid = pOcOid; - pOcOid = NULL; /* don't free this later */ - pnew_oc->oc_desc = pOcDesc; - pOcDesc = NULL; /* don't free this later */ - pnew_oc->oc_required = RequiredAttrsArray; - pnew_oc->oc_allowed = AllowedAttrsArray; - pnew_oc->oc_orig_required = OrigRequiredAttrsArray; - pnew_oc->oc_orig_allowed = OrigAllowedAttrsArray; - pnew_oc->oc_extensions = extensions; - pnew_oc->oc_next = NULL; - pnew_oc->oc_flags = flags; - pnew_oc->oc_kind = kind; - - *oc = pnew_oc; - - return read_oc_ldif_return(LDAP_SUCCESS, pOcOid, psbOcName, pOcSup, pOcDesc); -} - -static char ** -read_dollar_values(char *vals) -{ - int i, k; - char **retVal; - static const char *charsToRemove = " ()"; - - /* get rid of all the parens and spaces */ - for (i = 0, k = 0; vals[i]; i++) { - if (!strchr(charsToRemove, vals[i])) { - vals[k++] = vals[i]; - } - } - vals[k] = '\0'; - retVal = slapi_str2charray(vals, "$"); - return retVal; -} - -/* - * if asipp is NULL, the attribute type is added to the global set of schema. - * if asipp is not NULL, the AT is not added but *asipp is set. When you are - * finished with *asipp, use attr_syntax_free() to dispose of it. - * - * schema_flags: Any or none of the following bits could be set - * DSE_SCHEMA_NO_CHECK -- schema won't be checked - * DSE_SCHEMA_NO_GLOCK -- locking of global resources is turned off; - * this saves time during initialization since - * the server operates in single threaded mode - * at that time or in reload_schemafile_lock. - * DSE_SCHEMA_LOCKED -- already locked with reload_schemafile_lock; - * no further lock needed - * - * if is_user_defined is true, force attribute type to be user defined. - * - * returns an LDAP error code (LDAP_SUCCESS if all goes well) -*/ -static int -read_at_ldif(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote) -{ - char *pStart, *pEnd; - char *pOid, *pSyntax, *pSuperior, *pMREquality, *pMROrdering, *pMRSubstring; - const char *nextinput; - struct sizedbuffer *psbAttrName = sizedbuffer_construct(BUFSIZ); - struct sizedbuffer *psbAttrDesc = sizedbuffer_construct(BUFSIZ); - int status = 0; - int syntaxlength; - char **attr_names = NULL; - char *first_attr_name = NULL; - int num_names = 0; - unsigned long flags = SLAPI_ATTR_FLAG_OVERRIDE; - const char *ss = 0; - struct asyntaxinfo *tmpasip; - int invalid_syntax_error; - schema_strstr_fn_t keyword_strstr_fn; - schemaext *extensions = NULL; - - /* - * From RFC 2252 section 4.2: - * - * AttributeTypeDescription = "(" whsp - * numericoid whsp ; AttributeType identifier - * [ "NAME" qdescrs ] ; name used in AttributeType - * [ "DESC" qdstring ] ; description - * [ "OBSOLETE" whsp ] - * [ "SUP" woid ] ; derived from this other - * ; AttributeType - * [ "EQUALITY" woid ; Matching Rule name - * [ "ORDERING" woid ; Matching Rule name - * [ "SUBSTR" woid ] ; Matching Rule name - * [ "SYNTAX" whsp noidlen whsp ] ; see section 4.3 - * [ "SINGLE-VALUE" whsp ] ; default multi-valued - * [ "COLLECTIVE" whsp ] ; default not collective - * [ "NO-USER-MODIFICATION" whsp ]; default user modifiable - * [ "USAGE" whsp AttributeUsage ]; default userApplications - * whsp ")" - * - * AttributeUsage = - * "userApplications" / - * "directoryOperation" / - * "distributedOperation" / ; DSA-shared - * "dSAOperation" ; DSA-specific, value depends on server - * - * XXXmcs: Our parsing technique is poor. In (Netscape) DS 4.12 and earlier - * releases, parsing was mostly done by looking anywhere within the input - * string for various keywords such as "EQUALITY". But if, for example, a - * description contains the word "equality", the parser would take assume - * that the token following the word was a matching rule. Bad news. - * - * In iDS 5.0 and later, we parse in order left to right and advance a - * pointer as we consume the input string (the nextinput variable). We - * also use a case-insensitive search when looking for keywords such as - * DESC. This is still less than ideal. - * - * Someday soon we will need to write a real parser. - * - * Compatibility notes: if schema_ds4x_compat is set, we: - * 1. always parse from the beginning of the string - * 2. use a case-insensitive compare when looking for keywords, e.g., DESC - */ - - if (schema_ds4x_compat) { - keyword_strstr_fn = PL_strcasestr; - invalid_syntax_error = LDAP_OPERATIONS_ERROR; - } else { - keyword_strstr_fn = PL_strstr; - invalid_syntax_error = LDAP_INVALID_SYNTAX; - } - - if (schema_flags & DSE_SCHEMA_NO_GLOCK) - flags |= SLAPI_ATTR_FLAG_NOLOCKING; - - psbAttrName->buffer[0] = '\0'; - psbAttrDesc->buffer[0] = '\0'; - pOid = pSyntax = pSuperior = NULL; - pMREquality = pMROrdering = pMRSubstring = NULL; - syntaxlength = SLAPI_SYNTAXLENGTH_NONE; - - nextinput = input; - - /* get the OID */ - pOid = get_tagged_oid("(", &nextinput, keyword_strstr_fn); - - if (NULL == pOid) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - input, "Missing or invalid OID"); - status = invalid_syntax_error; - goto done; - } - - if (schema_ds4x_compat || (strcasecmp(pOid, "NAME") == 0)) - nextinput = input; - - /* look for the NAME (single or list of names) */ - if ((pStart = (*keyword_strstr_fn)(nextinput, "NAME ")) != NULL) { - pStart += 5; - sizedbuffer_allocate(psbAttrName, strlen(pStart) + 1); - strcpy(psbAttrName->buffer, pStart); - if (*pStart == '(') - pEnd = strchr(psbAttrName->buffer, ')'); - else - pEnd = strchr(psbAttrName->buffer + 1, '\''); - if (pEnd) - *(pEnd + 1) = 0; - nextinput = pStart + strlen(psbAttrName->buffer) + 1; - attr_names = parse_qdescrs(psbAttrName->buffer, &num_names); - if (NULL != attr_names) { - first_attr_name = attr_names[0]; - } else { /* NAME followed by nothing violates syntax */ - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - input, "Missing or invalid attribute name"); - status = invalid_syntax_error; - goto done; - } - } - - if (schema_ds4x_compat) - nextinput = input; - - /* - * if the attribute ldif doesn't have an OID, we'll make the oid - * attrname-oid - */ - if ((strcasecmp(pOid, "NAME") == 0) && (first_attr_name)) { - slapi_ch_free_string(&pOid); - pOid = slapi_ch_smprintf("%s-oid", first_attr_name); - } - - /* look for the optional DESCription */ - if ((pStart = (*keyword_strstr_fn)(nextinput, "DESC '")) != NULL) { - pStart += 6; - sizedbuffer_allocate(psbAttrDesc, strlen(pStart) + 1); - strcpy(psbAttrDesc->buffer, pStart); - if ((pEnd = strchr(psbAttrDesc->buffer, '\'')) != NULL) { - *pEnd = '\0'; - } - nextinput = pStart + strlen(psbAttrDesc->buffer) + 1; - } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional OBSOLETE marker */ - flags |= get_flag_keyword(schema_obsolete_with_spaces, - SLAPI_ATTR_FLAG_OBSOLETE, &nextinput, keyword_strstr_fn); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional SUPerior type */ - pSuperior = get_tagged_oid("SUP ", &nextinput, keyword_strstr_fn); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional matching rules */ - pMREquality = get_tagged_oid("EQUALITY ", &nextinput, keyword_strstr_fn); - if (schema_ds4x_compat) - nextinput = input; - pMROrdering = get_tagged_oid("ORDERING ", &nextinput, keyword_strstr_fn); - if (schema_ds4x_compat) - nextinput = input; - pMRSubstring = get_tagged_oid("SUBSTR ", &nextinput, keyword_strstr_fn); - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional SYNTAX */ - if (NULL != (pSyntax = get_tagged_oid("SYNTAX ", &nextinput, - keyword_strstr_fn))) { - /* - * Check for an optional {LEN}, which if present indicates a - * suggested maximum size for values of this attribute type. - * - * XXXmcs: we do not enforce length restrictions, but we do read - * and include them in the subschemasubentry. - */ - if ((pEnd = strchr(pSyntax, '{')) != NULL /* balance } */) { - *pEnd = '\0'; - syntaxlength = atoi(pEnd + 1); - } - } - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional SINGLE-VALUE marker */ - flags |= get_flag_keyword(" SINGLE-VALUE ", - SLAPI_ATTR_FLAG_SINGLE, &nextinput, keyword_strstr_fn); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional COLLECTIVE marker */ - flags |= get_flag_keyword(schema_collective_with_spaces, - SLAPI_ATTR_FLAG_COLLECTIVE, &nextinput, keyword_strstr_fn); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional NO-USER-MODIFICATION marker */ - flags |= get_flag_keyword(schema_nousermod_with_spaces, - SLAPI_ATTR_FLAG_NOUSERMOD, &nextinput, keyword_strstr_fn); - - if (schema_ds4x_compat) - nextinput = input; - - /* look for the optional USAGE */ - if (NULL != (ss = (*keyword_strstr_fn)(nextinput, " USAGE "))) { - ss += 7; - ss = skipWS(ss); - if (ss) { - if (!PL_strncmp(ss, "directoryOperation", - strlen("directoryOperation"))) { - flags |= SLAPI_ATTR_FLAG_OPATTR; - } - if (!PL_strncmp(ss, "distributedOperation", - strlen("distributedOperation"))) { - flags |= SLAPI_ATTR_FLAG_OPATTR | SLAPI_ATTR_FLAG_DISTRIBUTED_OPERATION; - } - if (!PL_strncmp(ss, "dSAOperation", - strlen("dSAOperation"))) { - flags |= SLAPI_ATTR_FLAG_OPATTR | SLAPI_ATTR_FLAG_DSA_OPERATION; - } - if (NULL == (nextinput = strchr(ss, ' '))) { - nextinput = ss + strlen(ss); - } - } - } - - if (schema_ds4x_compat) - nextinput = input; - - /* X-ORIGIN list */ - if (is_user_defined) { - /* add X-ORIGIN 'user defined' */ - extensions = parse_extensions(nextinput, schema_user_defined_origin); - } else { - /* add nothing extra*/ - extensions = parse_extensions(nextinput, NULL); - flags |= SLAPI_ATTR_FLAG_STD_ATTR; - } - - /* Do some sanity checking to make sure everything was read correctly */ - - if (NULL == pOid) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - first_attr_name, "Missing OID"); - status = invalid_syntax_error; - } - if (!status && (!attr_names || !num_names)) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - first_attr_name, - "Missing name (OID is \"%s\")", pOid); - status = invalid_syntax_error; - } - - if (!status && (NULL != pSuperior)) { - struct asyntaxinfo *asi_parent; - - asi_parent = attr_syntax_get_by_name(pSuperior, schema_flags); - /* if we find no match then server won't start or add the attribute type */ - if (asi_parent == NULL) { - slapi_log_err(SLAPI_LOG_PARSE, "read_at_ldif", - "Cannot find parent attribute type \"%s\"\n", pSuperior); - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "Missing parent attribute syntax OID"); - status = invalid_syntax_error; - /* We only want to use the parent syntax if a SYNTAX - * wasn't explicitly specified for this attribute. */ - } else if ((NULL == pSyntax) || (NULL == pMREquality) || (NULL == pMRSubstring) || - (NULL == pMROrdering)) { - char *pso = asi_parent->asi_plugin->plg_syntax_oid; - - if (pso && (NULL == pSyntax)) { - pSyntax = slapi_ch_strdup(pso); - slapi_log_err(SLAPI_LOG_TRACE, "read_at_ldif", - "Inheriting syntax %s from parent type %s\n", - pSyntax, pSuperior); - } else if (NULL == pSyntax) { - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "Missing parent attribute syntax OID"); - status = invalid_syntax_error; - } - - if (NULL == pMREquality) { - pMREquality = slapi_ch_strdup(asi_parent->asi_mr_equality); - } - if (NULL == pMRSubstring) { - pMRSubstring = slapi_ch_strdup(asi_parent->asi_mr_substring); - } - if (NULL == pMROrdering) { - pMROrdering = slapi_ch_strdup(asi_parent->asi_mr_ordering); - } - attr_syntax_return(asi_parent); - } - } - - if (!status && (NULL == pSyntax)) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - first_attr_name, "Missing attribute syntax OID"); - status = invalid_syntax_error; - } - - if (!status && (plugin_syntax_find(pSyntax) == NULL)) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, - first_attr_name, "Unknown attribute syntax OID \"%s\"", - pSyntax); - status = invalid_syntax_error; - } - - if (!status) { - struct objclass *poc; - /* check to make sure that the OID isn't being used by an objectclass */ - if (!(schema_flags & DSE_SCHEMA_LOCKED)) - oc_lock_read(); - poc = oc_find_oid_nolock(pOid); - if (poc != NULL) { - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "The OID \"%s\" is also used by the object class \"%s\"", - pOid, poc->oc_name); - status = LDAP_TYPE_OR_VALUE_EXISTS; - } - if (!(schema_flags & DSE_SCHEMA_LOCKED)) - oc_unlock(); - } - - if (!(schema_flags & DSE_SCHEMA_NO_CHECK) && !status) { - int ii; - /* check to see if the attribute name is valid */ - for (ii = 0; !status && (ii < num_names); ++ii) { - if (schema_check_name(attr_names[ii], PR_TRUE, errorbuf, - errorbufsize) == 0) { - status = invalid_syntax_error; - } else if (!(flags & SLAPI_ATTR_FLAG_OVERRIDE) && - attr_syntax_exists(attr_names[ii])) { - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, attr_names[ii], - "Could not be added because it already exists"); - status = LDAP_TYPE_OR_VALUE_EXISTS; - } - } - } - - if (!(schema_flags & DSE_SCHEMA_NO_CHECK) && !status) { - if (schema_check_oid(first_attr_name, pOid, PR_TRUE, errorbuf, - errorbufsize) == 0) { - status = invalid_syntax_error; - } - } - - if (!status) { - struct asyntaxinfo *tmpasi; - - if (!(flags & SLAPI_ATTR_FLAG_OVERRIDE) && - (NULL != (tmpasi = attr_syntax_get_by_oid(pOid, schema_flags)))) { - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "Could not be added because the OID \"%s\" is already in use", - pOid); - status = LDAP_TYPE_OR_VALUE_EXISTS; - attr_syntax_return(tmpasi); - } - } - - - if (!status) { - status = attr_syntax_create(pOid, attr_names, - *psbAttrDesc->buffer == '\0' ? NULL : psbAttrDesc->buffer, - pSuperior, pMREquality, pMROrdering, pMRSubstring, extensions, - pSyntax, syntaxlength, flags, &tmpasip); - } - - if (!status) { - if (NULL != asipp) { - *asipp = tmpasip; /* just return it */ - } else { /* add the new attribute to the global store */ - status = attr_syntax_add(tmpasip, schema_flags); - if (LDAP_SUCCESS != status) { - if (0 != (flags & SLAPI_ATTR_FLAG_OVERRIDE) && - LDAP_TYPE_OR_VALUE_EXISTS == status) { - /* - * This can only occur if the name and OID don't match the - * attribute we are trying to override (all other cases of - * "type or value exists" were trapped above). - */ - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "Does not match the OID \"%s\". Another attribute" - " type is already using the name or OID.", - pOid); - } else { - schema_create_errormsg(errorbuf, errorbufsize, - schema_errprefix_at, first_attr_name, - "Could not be added (OID is \"%s\")", pOid); - } - attr_syntax_free(tmpasip); - } - } - } - -done: - /* free everything */ - free_qdlist(attr_names, num_names); - sizedbuffer_destroy(psbAttrName); - sizedbuffer_destroy(psbAttrDesc); - slapi_ch_free((void **)&pOid); - slapi_ch_free((void **)&pSuperior); - slapi_ch_free((void **)&pMREquality); - slapi_ch_free((void **)&pMROrdering); - slapi_ch_free((void **)&pMRSubstring); - slapi_ch_free((void **)&pSyntax); - schema_free_extensions(extensions); - return status; -} - -#else /* (USE_OPENLDAP) */ - - -/* openldap attribute parser */ -/* - * if asipp is NULL, the attribute type is added to the global set of schema. - * if asipp is not NULL, the AT is not added but *asipp is set. When you are - * finished with *asipp, use attr_syntax_free() to dispose of it. - * - * schema_flags: Any or none of the following bits could be set - * DSE_SCHEMA_NO_CHECK -- schema won't be checked - * DSE_SCHEMA_NO_GLOCK -- locking of global resources is turned off; - * this saves time during initialization since - * the server operates in single threaded mode - * at that time or in reload_schemafile_lock. - * DSE_SCHEMA_LOCKED -- already locked with reload_schemafile_lock; - * no further lock needed - * - * if is_user_defined is true, force attribute type to be user defined. - * - * returns an LDAP error code (LDAP_SUCCESS if all goes well) -*/ -static int -parse_attr_str(const char *input, struct asyntaxinfo **asipp, char *errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote __attribute__((unused))) -{ - struct asyntaxinfo *tmpasip; - struct asyntaxinfo *tmpasi; - schemaext *extensions = NULL, *head = NULL; - struct objclass *poc; - LDAPAttributeType *atype = NULL; - const char *errp; - char *first_attr_name = NULL; - char **attr_names = NULL; - unsigned long flags = SLAPI_ATTR_FLAG_OVERRIDE; - /* If we ever accept openldap schema directly, then make parser_flags configurable */ - unsigned int parser_flags = LDAP_SCHEMA_ALLOW_NONE | LDAP_SCHEMA_ALLOW_NO_OID; - int invalid_syntax_error; - int syntaxlength = SLAPI_SYNTAXLENGTH_NONE; - int num_names = 0; - int status = 0; - int rc = 0; - int a, aa; - - if (config_get_enquote_sup_oc()) { - parser_flags |= LDAP_SCHEMA_ALLOW_QUOTED; - } else if (getenv("LDAP_SCHEMA_ALLOW_QUOTED")) { - char ebuf[SLAPI_DSE_RETURNTEXT_SIZE]; - parser_flags |= LDAP_SCHEMA_ALLOW_QUOTED; - if (config_set_enquote_sup_oc(CONFIG_ENQUOTE_SUP_OC_ATTRIBUTE, "on", ebuf, CONFIG_APPLY)) { - slapi_log_err(SLAPI_LOG_ERR, "parse_attr_str", "Failed to enable %s: %s\n", - CONFIG_ENQUOTE_SUP_OC_ATTRIBUTE, ebuf); - } - } - - /* - * OpenLDAP AttributeType struct - * - * typedef struct ldap_attributetype { - * char *at_oid; OID - * char **at_names; Names - * char *at_desc; Description - * int at_obsolete; Is obsolete? - * char *at_sup_oid; OID of superior type - * char *at_equality_oid; OID of equality matching rule - * char *at_ordering_oid; OID of ordering matching rule - * char *at_substr_oid; OID of substrings matching rule - * char *at_syntax_oid; OID of syntax of values - * int at_syntax_len; Suggested minimum maximum length - * int at_single_value; Is single-valued? - * int at_collective; Is collective? - * int at_no_user_mod; Are changes forbidden through LDAP? - * int at_usage; Usage, see below - * LDAPSchemaExtensionItem **at_extensions; Extensions - * } LDAPAttributeType; - */ - - /* - * Set the appropriate error code - */ - if (schema_ds4x_compat) { - invalid_syntax_error = LDAP_OPERATIONS_ERROR; - } else { - invalid_syntax_error = LDAP_INVALID_SYNTAX; - } - /* - * Verify we have input - */ - if (input == NULL || '\0' == input[0]) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, NULL, - "One or more values are required for the attributeTypes attribute"); - slapi_log_err(SLAPI_LOG_ERR, "parse_attr_str", "NULL args passed to parse_attr_str\n"); - return invalid_syntax_error; - } - /* - * Parse the line and create of attribute structure - */ - while (isspace(*input)) { - /* trim any leading spaces */ - input++; - } - if ((atype = ldap_str2attributetype(input, &rc, &errp, (const unsigned int)parser_flags)) == NULL) { - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, input, - "Failed to parse attribute, error(%d - %s) at (%s)", rc, ldap_scherr2str(rc), errp); - return invalid_syntax_error; - } - - if (schema_flags & DSE_SCHEMA_NO_GLOCK) { - flags |= SLAPI_ATTR_FLAG_NOLOCKING; - } - /* - * Check the NAME and update our name list - */ - if (NULL != atype->at_names) { - for (; atype->at_names[num_names]; num_names++) { - charray_add(&attr_names, slapi_ch_strdup(atype->at_names[num_names])); - } - first_attr_name = atype->at_names[0]; - } else { /* NAME followed by nothing violates syntax */ - schema_create_errormsg(errorbuf, errorbufsize, schema_errprefix_at, input, - "Missing or invalid attribute name"); - status = invalid_syntax_error; - goto done; - } - /* - * If the attribute type doesn't have an OID, we'll make the oid attrname-oid. - */ - if (NULL == atype->at_oid) { - atype->at_oid = slapi_ch_smprintf("%s-oid", first_attr_name); - } - /* - * Set the flags - */ - if (atype->at_obsolete) { - flags |= SLAPI_ATTR_FLAG_OBSOLETE; - } - if (atype->at_single_value) { - flags |= SLAPI_ATTR_FLAG_SINGLE; - } - if (atype->at_collective) { - flags |= SLAPI_ATTR_FLAG_COLLECTIVE; - } - if (atype->at_no_user_mod) { - flags |= SLAPI_ATTR_FLAG_NOUSERMOD; + if (atype->at_no_user_mod) { + flags |= SLAPI_ATTR_FLAG_NOUSERMOD; } if (atype->at_usage == LDAP_SCHEMA_DIRECTORY_OPERATION) { flags |= SLAPI_ATTR_FLAG_OPATTR; @@ -4724,7 +3689,6 @@ done: return rc; } -#endif /* * schema_check_oc_attrs: @@ -5265,15 +4229,9 @@ init_schema_dse_ext(char *schemadir, Slapi_Backend *be, struct dse **local_psche checking during initialization; this will be overridden when its "real" definition is read from the schema conf files */ -#ifdef USE_OPENLDAP attr_str = "( 2.5.4.0 NAME 'objectClass' " "DESC 'Standard schema for LDAP' SYNTAX " "1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )"; -#else - attr_str = "attributeTypes: ( 2.5.4.0 NAME 'objectClass' " - "DESC 'Standard schema for LDAP' SYNTAX " - "1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )"; -#endif if (schema_flags & DSE_SCHEMA_NO_LOAD) { struct asyntaxinfo *tmpasip = NULL; rc = parse_at_str(attr_str, &tmpasip, errorbuf, sizeof(errorbuf), @@ -5365,242 +4323,6 @@ init_schema_dse(const char *configdir) return rc; } -#if !defined(USE_OPENLDAP) - -static char ** -parse_xstring_list(const char *schema_value, const char *name, size_t namelen, int *num_xvalsp, char **default_list) -{ - char *start, *end, *xval_tmp; - char **xvals = NULL; - - if ((start = PL_strstr(schema_value, name)) != NULL) { - start += namelen + 1; /* +1 for space */ - xval_tmp = slapi_ch_strdup(start); - if (*start == '(') { - end = strchr(xval_tmp, ')'); - } else { - end = strchr(xval_tmp + 1, '\''); - } - if (end) { - *(end + 1) = 0; - } - xvals = parse_qdstrings(xval_tmp, num_xvalsp); - slapi_ch_free((void **)&xval_tmp); - } else { - xvals = NULL; - *num_xvalsp = 0; - } - - if (NULL == xvals && NULL != default_list) { - int i; - - for (i = 0; default_list[i] != NULL; ++i) { - ; - } - *num_xvalsp = i; - xvals = (char **)slapi_ch_malloc((i + 1) * sizeof(char *)); - for (i = 0; default_list[i] != NULL; ++i) { - xvals[i] = slapi_ch_strdup(default_list[i]); - } - xvals[i] = NULL; - } - - /* for debugging -if ( xvals == NULL || xvals[0] == NULL ) { - slapi_log_err(SLAPI_LOG_ERR, "no xstring values for xstring (%s) in (%s)\n", name, schema_value, 0 ); -} -*/ - - return xvals; -} - -/* used by mozldap read_at_ldif() & read_oc_ldif() */ -static schemaext * -parse_extensions(const char *schema_value, char **default_list) -{ - schemaext *extensions = NULL, *head = NULL; - char *input, *token, *iter = NULL; - int i; - - /* - * First make a copy of the input, then grab all the "X-" words, - * and extract the values. - */ - input = slapi_ch_strdup(schema_value); - token = ldap_utf8strtok_r(input, " ", &iter); - while (token) { - if (strncmp(token, "X-", 2) == 0) { - /* we have a new extension */ - schemaext *newext; - newext = (schemaext *)slapi_ch_calloc(1, sizeof(schemaext)); - newext->term = slapi_ch_strdup(token); - newext->values = parse_xstring_list(schema_value, token, strlen(token), &newext->value_count, default_list); - if (extensions == NULL) { - extensions = newext; - head = newext; - } else { - extensions->next = newext; - extensions = extensions->next; - } - } - token = ldap_utf8strtok_r(iter, " ", &iter); - } - extensions = head; - /* - * Ok, if X-ORIGIN was not specified, then add it with the default values - */ - if (!extension_is_user_defined(extensions) && default_list) { - int added = 0; - while (extensions) { - if (strcmp(extensions->term, "X-ORIGIN") == 0) { - charray_add(&extensions->values, slapi_ch_strdup(default_list[0])); - extensions->value_count++; - added = 1; - extensions = head; - break; - } - extensions = extensions->next; - } - if (!added) { - schemaext *newext = (schemaext *)slapi_ch_calloc(1, sizeof(schemaext)); - newext->term = slapi_ch_strdup("X-ORIGIN"); - for (i = 0; default_list[i]; ++i) { - newext->value_count++; - charray_add(&newext->values, slapi_ch_strdup(default_list[i])); - } - extensions = head; - while (extensions && extensions->next) { - /* move to the end of the list */ - extensions = extensions->next; - } - if (extensions == NULL) { - extensions = newext; - } else { - extensions->next = newext; - } - } - } - slapi_ch_free_string(&input); - - return extensions; -} - -/* - * Look for `keyword' within `*inputp' and return the flag_value if found - * (zero if returned if not found). - * - * If the keyword is found, `*inputp' is set to point just beyond the end of - * the keyword. If the keyword is not found, `*inputp' is not changed. - * - * The `strstr_fn' function pointer is used to search for `keyword', e.g., it - * could be PL_strcasestr(). - * - * The string passed in `keyword' MUST include a trailing space, e.g., - * - * flag |= get_flag_keyword( " COLLECTIVE ", SLAPI_ATTR_FLAG_COLLECTIVE, - * &input, PL_strcasestr ); - * - */ -static int -get_flag_keyword(const char *keyword, int flag_value, const char **inputp, schema_strstr_fn_t strstr_fn) -{ - const char *kw; - - PR_ASSERT(NULL != inputp); - PR_ASSERT(NULL != *inputp); - PR_ASSERT(' ' == keyword[strlen(keyword) - 1]); - - if (NULL == strstr_fn) { - strstr_fn = PL_strcasestr; - } - - kw = (*strstr_fn)(*inputp, keyword); - if (NULL == kw) { - flag_value = 0; /* not found -- return no value */ - } else { - *inputp = kw + strlen(keyword) - 1; /* advance input */ - } - - return flag_value; -} - -/* - * Look for `tag' within `*inputp' and return the OID string following `tag'. - * If the OID has single quotes around it they are removed (they are allowed - * for compatibility with DS 3.x and 4.x). - * - * If the tag is found, `*inputp' is set to point just beyond the end of - * the OID that was extracted and returned. If the tag is not found, - * `*inputp' is not changed. - * - * The `strstr_fn' function pointer is used to search for `tag', e.g., it - * could be PL_strcasestr(). - * - * The string passed in `tag' SHOULD generally include a trailing space, e.g., - * - * pSuperior = get_tagged_oid( "SUP ", &input, PL_strcasestr ); - * - * The exception to this is when the tag contains '(' as a trailing character. - * This is used to process lists of oids, such as the following: - * - * SUP (inetOrgPerson $ testUser) - * - * A malloc'd string is returned if `tag; is found and NULL if not. - */ -static char * -get_tagged_oid(const char *tag, const char **inputp, schema_strstr_fn_t strstr_fn) -{ - const char *startp, *endp; - char *oid; - - PR_ASSERT(NULL != inputp); - PR_ASSERT(NULL != *inputp); - PR_ASSERT(NULL != tag); - PR_ASSERT('\0' != tag[0]); - if ('(' != tag[0]) - PR_ASSERT((' ' == tag[strlen(tag) - 1]) || ('(' == tag[strlen(tag) - 1])); - - if (NULL == strstr_fn) { - strstr_fn = PL_strcasestr; - } - - oid = NULL; - if (NULL != (startp = (*strstr_fn)(*inputp, tag))) { - startp += strlen(tag); - - /* skip past any extra white space */ - if (NULL == (startp = skipWS(startp))) { - return (NULL); - } - - /* skip past the leading single quote, if present */ - if (*startp == '\'') { - ++startp; - /* skip past any extra white space */ - startp = skipWS(startp); - } - - /* locate the end of the OID */ - if ((NULL != (endp = strchr(startp, ' '))) || - (NULL != (endp = strchr(startp, ')')))) { - if ('\'' == *(endp - 1) && endp > startp) { - --endp; /* ignore trailing quote */ - } - } else { - endp = startp + strlen(startp); /* remainder of input */ - } - - oid = slapi_ch_malloc(endp - startp + 1); - memcpy(oid, startp, endp - startp); - oid[endp - startp] = '\0'; - *inputp = endp; - } - - return (oid); -} - -#endif - /* * sprintf to `outp' the contents of `tag' followed by `oid' followed by a * trailing space. If enquote is non-zero, single quotes are included diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h index 9135a12..a4a9ee9 100644 --- a/ldap/servers/slapd/slapi-plugin.h +++ b/ldap/servers/slapd/slapi-plugin.h @@ -63,15 +63,10 @@ PR_fprintf(struct PRFileDesc *fd, const char *fmt, ...) ; #endif -/* OpenLDAP uses unsigned long for ber_tag_t and ber_len_t but mozldap uses unsigned int */ +/* OpenLDAP uses unsigned long for ber_tag_t and ber_len_t */ /* use this macro for printf statements for ber_tag_t and ber_len_t */ -#if defined(USE_OPENLDAP) #define BERTAG_T "lu" #define BERLEN_T "lu" -#else -#define BERTAG_T "u" -#define BERLEN_T "u" -#endif #define DEFINETOSTR(xxx) #xxx #define STRINGIFYDEFINE(xxx) DEFINETOSTR(xxx) @@ -220,43 +215,9 @@ PR_fprintf(struct PRFileDesc *fd, const char *fmt, ...) /* * filter types - * openldap defines these, but not mozldap + * openldap defines these, except the 'extended' is called 'ext' so just redefine */ -#ifndef LDAP_FILTER_AND -#define LDAP_FILTER_AND 0xa0L -#endif -#ifndef LDAP_FILTER_OR -#define LDAP_FILTER_OR 0xa1L -#endif -#ifndef LDAP_FILTER_NOT -#define LDAP_FILTER_NOT 0xa2L -#endif -#ifndef LDAP_FILTER_EQUALITY -#define LDAP_FILTER_EQUALITY 0xa3L -#endif -#ifndef LDAP_FILTER_SUBSTRINGS -#define LDAP_FILTER_SUBSTRINGS 0xa4L -#endif -#ifndef LDAP_FILTER_GE -#define LDAP_FILTER_GE 0xa5L -#endif -#ifndef LDAP_FILTER_LE -#define LDAP_FILTER_LE 0xa6L -#endif -#ifndef LDAP_FILTER_PRESENT -#define LDAP_FILTER_PRESENT 0x87L -#endif -#ifndef LDAP_FILTER_APPROX -#define LDAP_FILTER_APPROX 0xa8L -#endif - -#ifndef LDAP_FILTER_EXTENDED -#ifdef LDAP_FILTER_EXT #define LDAP_FILTER_EXTENDED LDAP_FILTER_EXT -#else -#define LDAP_FILTER_EXTENDED 0xa9L -#endif -#endif #ifndef LBER_END_OF_SEQORSET #define LBER_END_OF_SEQORSET ((ber_tag_t)-2) /* 0xfffffffeU */ @@ -366,32 +327,6 @@ PR_fprintf(struct PRFileDesc *fd, const char *fmt, ...) #define LBER_OVERFLOW ((ber_tag_t)-3) /* 0xfffffffdU */ #endif -#ifndef LDAP_MAXINT -/* RFC 4511: maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) -- */ -#define LDAP_MAXINT (2147483647) -#endif - -/* for mozldap builds */ -#ifndef LDAP_CANCELLED -#define LDAP_CANCELLED 0x76 -#endif - -#ifndef LDAP_RES_INTERMEDIATE -#define LDAP_RES_INTERMEDIATE ((ber_tag_t)0x79U) -#endif - -#ifndef LDAP_TAG_IM_RES_OID -#define LDAP_TAG_IM_RES_OID ((ber_tag_t)0x80U) -#endif - -#ifndef LDAP_TAG_IM_RES_VALUE -#define LDAP_TAG_IM_RES_VALUE ((ber_tag_t)0x81U) -#endif - -#ifndef LDAP_SCOPE_ONE -#define LDAP_SCOPE_ONE LDAP_SCOPE_ONELEVEL -#endif - #ifndef LDAP_SYNC_OID /* LDAP Content Synchronization Operation -- RFC 4533 */ #define LDAP_SYNC_OID "1.3.6.1.4.1.4203.1.9.1" @@ -7569,15 +7504,12 @@ int slapi_ldap_get_lderrno(LDAP *ld, char **m, char **s); void slapi_ldif_put_type_and_value_with_options(char **out, const char *t, const char *val, int vlen, unsigned long options); /* ldif_read_record lineno argument type depends on openldap version */ -#if defined(USE_OPENLDAP) #if LDAP_VENDOR_VERSION >= 20434 /* changed in 2.4.34 */ typedef unsigned long int ldif_record_lineno_t; #else typedef int ldif_record_lineno_t; #endif -#endif -#if defined(USE_OPENLDAP) /* * UTF-8 routines (should these move into libnls?) */ @@ -7621,7 +7553,6 @@ int ldap_utf8isspace(char *s); #define LDAP_UTF8COPY(d, s) ((0x80 & *(unsigned char *)(s)) ? ldap_utf8copy(d, s) : ((*(d) = *(s)), 1)) #define LDAP_UTF8GETCC(s) ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc(&s) : *s++) #define LDAP_UTF8GETC(s) ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc((const char **)&s) : *s++) -#endif /* USE_OPENLDAP */ /* by default will allow dups */ char **slapi_str2charray(char *str, char *brkstr); diff --git a/ldap/servers/slapd/tools/ldclt/ldapfct.c b/ldap/servers/slapd/tools/ldclt/ldapfct.c index 163ec88..3730765 100644 --- a/ldap/servers/slapd/tools/ldclt/ldapfct.c +++ b/ldap/servers/slapd/tools/ldclt/ldapfct.c @@ -41,9 +41,6 @@ #include #include "ldaptool-sasl.h" -#if !defined(USE_OPENLDAP) -#include /* ldapssl_init(), etc... */ -#endif #include #include @@ -55,9 +52,6 @@ #define LDCLT_DEREF_ATTR "secretary" int ldclt_create_deref_control(LDAP *ld, char *derefAttr, char **attrs, LDAPControl **ctrlp); -#if !defined(USE_OPENLDAP) -int ldclt_build_control(char *oid, BerElement *ber, int freeber, char iscritical, LDAPControl **ctrlp); -#endif int ldclt_alloc_ber(LDAP *ld, BerElement **berp); static SSLVersionRange enabledNSSVersions; @@ -239,7 +233,6 @@ buildNewBindDN( } -#if defined(USE_OPENLDAP) int refRebindProc( LDAP *ldapCtx, @@ -258,47 +251,6 @@ refRebindProc( return ldap_sasl_bind_s(ldapCtx, tttctx->bufBindDN, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL); } -#else /* !USE_OPENLDAP */ -/* New function */ /*JLS 08-03-01*/ -/* **************************************************************************** - FUNCTION : refRebindProc - PURPOSE : This function is intended to perform the rebind when - a referral requires it. - INPUT : None. - OUTPUT : None. - RETURN : Always LDAP_SUCCESS for the moment... - DESCRIPTION : - *****************************************************************************/ -int -refRebindProc( - LDAP *ldapCtx, - char **dnp, - char **passwdp, - int *authmethodp, - int freeit, - void *arg) -{ - thread_context *tttctx; - - tttctx = (thread_context *)arg; - - /* - * We will assume here that the same DN and passwd will be used to - * bind to the referred server, so we will just get the values used - * previously from the thread's context. - */ - *dnp = tttctx->bufBindDN; - *passwdp = tttctx->bufPasswd; - *authmethodp = LDAP_AUTH_SIMPLE; - - /* - * What should we do with the "freeit" argument ? I do not have any - * memory to free, so let's just ignore it. - */ - - return (LDAP_SUCCESS); -} -#endif /* !USE_OPENLDAP */ /* **************************************************************************** @@ -349,15 +301,14 @@ referralSetup( } -#if defined(USE_OPENLDAP) -/* **************************************************************************** +/***************************************************************************** FUNCTION : dirname - PURPOSE : given a relative or absolute path name, return - the name of the directory containing the path - INPUT : path - OUTPUT : none - RETURN : directory part of path or "." - DESCRIPTION : caller must free return value when done + PURPOSE : given a relative or absolute path name, return + the name of the directory containing the path + INPUT : path + OUTPUT : none + RETURN : directory part of path or "." + DESCRIPTION : caller must free return value when done *****************************************************************************/ static char * ldclt_dirname(const char *path) @@ -464,7 +415,6 @@ internal_ol_init_init(void) return PR_SUCCESS; } -#endif /* USE_OPENLDAP */ /* mctx is a global */ LDAP * @@ -474,9 +424,7 @@ connectToLDAP(thread_context *tttctx, const char *bufBindDN, const char *bufPass struct berval cred = {0, NULL}; int v2v3 = LDAP_VERSION3; const char *passwd = NULL; -#if defined(USE_OPENLDAP) char *ldapurl = NULL; -#endif int thrdNum = 0; int ret = -1; int binded = 0; @@ -486,7 +434,6 @@ connectToLDAP(thread_context *tttctx, const char *bufBindDN, const char *bufPass thrdNum = tttctx->thrdNum; } -#if defined(USE_OPENLDAP) if (mctx.ldapurl != NULL) { ldapurl = PL_strdup(mctx.ldapurl); } else { @@ -560,62 +507,6 @@ connectToLDAP(thread_context *tttctx, const char *bufBindDN, const char *bufPass } free(certdir); } -#else /* !USE_OPENLDAP */ - /* - * SSL is enabled ? - */ - if (mode & SSL) { - /* - * LDAP session initialization in SSL mode - * added by: B Kolics (11/10/00) - */ - ld = ldapssl_init(mctx.hostname, mctx.port, 1); - if (mode & VERY_VERBOSE) - printf("ldclt[%d]: T%03d: After ldapssl_init (%s, %d), ldapCtx=0x%p\n", - mctx.pid, thrdNum, mctx.hostname, mctx.port, - ld); - if (ld == NULL) { - printf("ldclt[%d]: T%03d: Cannot ldapssl_init (%s, %d), errno=%d\n", - mctx.pid, thrdNum, mctx.hostname, mctx.port, errno); - fflush(stdout); - ret = -1; - goto done; - } - /* - * Client authentication is used ? - */ - if (mode & CLTAUTH) { - ret = ldapssl_enable_clientauth(ld, "", mctx.keydbpin, mctx.cltcertname); - if (mode & VERY_VERBOSE) - printf("ldclt[%d]: T%03d: After ldapssl_enable_clientauth (ldapCtx=0x%p, %s, %s)", - mctx.pid, thrdNum, ld, mctx.keydbpin, - mctx.cltcertname); - if (ret < 0) { - printf("ldclt[%d]: T%03d: Cannot ldapssl_enable_clientauth (ldapCtx=0x%p, %s, %s)", - mctx.pid, thrdNum, ld, mctx.keydbpin, mctx.cltcertname); - ldap_perror(ld, "ldapssl_enable_clientauth"); - fflush(stdout); - goto done; - } - } - } else { - /* - * connection initialization in normal, unencrypted mode - */ - ld = ldap_init(mctx.hostname, mctx.port); - if (mode & VERY_VERBOSE) - printf("ldclt[%d]: T%03d: After ldap_init (%s, %d), ldapCtx=0x%p\n", - mctx.pid, thrdNum, mctx.hostname, mctx.port, - ld); - if (ld == NULL) { - printf("ldclt[%d]: T%03d: Cannot ldap_init (%s, %d), errno=%d\n", - mctx.pid, thrdNum, mctx.hostname, mctx.port, errno); - fflush(stdout); - ret = -1; - goto done; - } - } -#endif /* !USE_OPENLDAP */ if (mode & CLTAUTH) { passwd = NULL; @@ -760,15 +651,9 @@ connectToLDAP(thread_context *tttctx, const char *bufBindDN, const char *bufPass perror("malloc"); exit(LDAP_NO_MEMORY); } -#if defined(USE_OPENLDAP) ret = ldap_sasl_interactive_bind_s(ld, mctx.bindDN, mctx.sasl_mech, NULL, NULL, mctx.sasl_flags, ldaptool_sasl_interact, defaults); -#else - ret = ldap_sasl_interactive_bind_ext_s(ld, mctx.bindDN, mctx.sasl_mech, - NULL, NULL, mctx.sasl_flags, - ldaptool_sasl_interact, defaults, NULL); -#endif if (ret != LDAP_SUCCESS) { if (tttctx) { tttctx->binded = 0; @@ -865,12 +750,10 @@ done: ldap_unbind_ext(ld, NULL, NULL); ld = NULL; } -#if defined(USE_OPENLDAP) if (ldapurl) { PR_smprintf_free(ldapurl); ldapurl = NULL; } -#endif return ld; } @@ -3701,9 +3584,7 @@ ldclt_create_deref_control( { BerElement *ber; int rc; -#if defined(USE_OPENLDAP) struct berval *bv = NULL; -#endif if (ld == 0) { return (LDAP_PARAM_ERROR); @@ -3723,7 +3604,6 @@ ldclt_create_deref_control( return (LDAP_ENCODING_ERROR); } -#if defined(USE_OPENLDAP) if (LBER_ERROR == ber_flatten(ber, &bv)) { ber_bvfree(bv); ber_free(ber, 1); @@ -3736,70 +3616,10 @@ ldclt_create_deref_control( rc = ldap_control_create(LDAP_CONTROL_X_DEREF, 1, bv, 1, ctrlp); ber_bvfree(bv); ber_free(ber, 1); -#else - rc = ldclt_build_control(LDAP_CONTROL_X_DEREF, ber, 1, 1, ctrlp); - ber_free(ber, 1); -#endif return (rc); } -#if !defined(USE_OPENLDAP) -/* - * Duplicated nsldapi_build_control from - * mozilla/directory/c-sdk/ldap/libraries/libldap/control.c - * - * build an allocated LDAPv3 control. Returns an LDAP error code. - */ -int -ldclt_build_control(char *oid, BerElement *ber, int freeber, char iscritical, LDAPControl **ctrlp) -{ - int rc; - struct berval *bvp; - - if (ber == NULL) { - bvp = NULL; - } else { - /* allocate struct berval with contents of the BER encoding */ - rc = ber_flatten(ber, &bvp); - if (freeber) { - ber_free(ber, 1); - } - if (rc == -1) { - return (LDAP_NO_MEMORY); - } - } - - /* allocate the new control structure */ - if ((*ctrlp = (LDAPControl *)malloc(sizeof(LDAPControl))) == NULL) { - if (bvp != NULL) { - ber_bvfree(bvp); - } - return (LDAP_NO_MEMORY); - } - - /* fill in the fields of this new control */ - (*ctrlp)->ldctl_iscritical = iscritical; - if (((*ctrlp)->ldctl_oid = strdup(oid)) == NULL) { - free(*ctrlp); - if (bvp != NULL) { - ber_bvfree(bvp); - } - return (LDAP_NO_MEMORY); - } - - if (bvp == NULL) { - (*ctrlp)->ldctl_value.bv_len = 0; - (*ctrlp)->ldctl_value.bv_val = NULL; - } else { - (*ctrlp)->ldctl_value = *bvp; /* struct copy */ - free(bvp); /* free container, not contents! */ - } - - return (LDAP_SUCCESS); -} -#endif - /* * Duplicated nsldapi_build_control from * mozilla/directory/c-sdk/ldap/libraries/libldap/request.c @@ -3811,11 +3631,7 @@ ldclt_alloc_ber(LDAP *ld __attribute__((unused)), BerElement **berp) { int err; int beropt; -#if defined(USE_OPENLDAP) beropt = LBER_USE_DER; -#else - beropt = LBER_OPT_USE_DER; -#endif /* We use default lberoptions since the value is not public in mozldap. */ if ((*berp = ber_alloc_t(beropt)) == (BerElement *)NULL) { err = LDAP_NO_MEMORY; diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c index 9128e8d..e72b775 100644 --- a/ldap/servers/slapd/tools/ldclt/ldclt.c +++ b/ldap/servers/slapd/tools/ldclt/ldclt.c @@ -39,9 +39,6 @@ #include /* ctime(), etc... */ /*JLS 18-08-00*/ #include /* ldap C-API BER decl. */ #include /* ldap C-API decl. */ -#if !defined(USE_OPENLDAP) -#include /* ldapssl_init(), etc... */ -#endif #ifdef LDAP_H_FROM_QA_WKA #include /* ldap C-API prototypes */ #endif @@ -693,7 +690,6 @@ printGlobalStatistics(void) mctx.pid, i, buf, mctx.errors[i]); } } -#if defined(USE_OPENLDAP) for (i = 0; i < ABS(NEGATIVE_MAX_ERROR_NB); i++) { if (mctx.negativeErrors[i] > 0) { found = 1; @@ -702,16 +698,11 @@ printGlobalStatistics(void) mctx.pid, -i, buf, mctx.negativeErrors[i]); } } -#endif if (mctx.errorsBad > 0) { found = 1; printf("ldclt[%d]: Global illegal errors (codes not in [%d, %d]) occurs %5d times\n", mctx.pid, -#if defined(USE_OPENLDAP) NEGATIVE_MAX_ERROR_NB, -#else - 0, -#endif MAX_ERROR_NB - 1, mctx.errorsBad); } if (!found) @@ -1273,11 +1264,9 @@ basicInit(void) for (i = 0; i < MAX_ERROR_NB; i++) { mctx.errors[i] = 0; } -#if defined(USE_OPENLDAP) for (i = 0; i < ABS(NEGATIVE_MAX_ERROR_NB); i++) { mctx.negativeErrors[i] = 0; } -#endif /* * Initiate the mutex that protect the errors statistics */ @@ -1342,35 +1331,6 @@ basicInit(void) } } -#if !defined(USE_OPENLDAP) - /* - * SSL is enabled ? - */ - if (mctx.mode & SSL) { - /* - * The initialization of certificate based and basic authentication differs - * B Kolics 23-11-00 - */ - if (mctx.mode & CLTAUTH) { - if (ldapssl_clientauth_init(mctx.certfile, NULL, 1, mctx.keydbfile, NULL) < 0) { - fprintf(stderr, "ldclt: %s\n", strerror(errno)); - fprintf(stderr, "Cannot ldapssl_clientauth_init (%s,%s)\n", - mctx.certfile, mctx.keydbfile); - fflush(stderr); - return (-1); - } - } else { - if (ldapssl_client_init(mctx.certfile, NULL) < 0) { - fprintf(stderr, "ldclt: %s\n", strerror(errno)); - fprintf(stderr, "Cannot ldapssl_client_init (%s)\n", /*JLS 08-11-00*/ - mctx.certfile); /*JLS 08-11-00*/ - fflush(stderr); - return (-1); - } - } - } -#endif /* !defined(USE_OPENLDAP) */ - /* * Specific scenarios initialization... */ diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.h b/ldap/servers/slapd/tools/ldclt/ldclt.h index 1cfae35..814773c 100644 --- a/ldap/servers/slapd/tools/ldclt/ldclt.h +++ b/ldap/servers/slapd/tools/ldclt/ldclt.h @@ -169,9 +169,7 @@ dd/mm/yy | Author | Comments #ifndef LDCLT_H #define LDCLT_H -#if defined(USE_OPENLDAP) #define ABS(x) ((x > 0) ? (x) : (-x)) -#endif #ifdef HAVE_SYS_TIME_H #include @@ -192,9 +190,7 @@ dd/mm/yy | Author | Comments #define MAX_ATTRIBS 40 /* Max number of attributes */ /*JLS 28-03-01*/ #define MAX_DN_LENGTH 1024 /* Max length for a DN */ #define MAX_ERROR_NB 0x7b /* Max ldap err number + 1 */ -#if defined(USE_OPENLDAP) #define NEGATIVE_MAX_ERROR_NB (LDAP_X_CONNECTING - 1) /* Mininum ldap err number */ -#endif #define MAX_IGN_ERRORS 20 /* Max errors ignored */ #define MAX_FILTER 4096 /* Max filters length */ #define MAX_THREADS 1000 /* Max number of threads */ /*JLS 21-11-00*/ @@ -524,9 +520,7 @@ typedef struct main_context char *certfile; /* certificate file */ /* BK 11-10-00 */ char *cltcertname; /* client cert name */ /* BK 23 11-00 */ data_list_file *dlf; /* Data list files */ /*JLS 23-03-01*/ -#if defined(USE_OPENLDAP) int negativeErrors[ABS(NEGATIVE_MAX_ERROR_NB)]; /* Err stats */ -#endif int errors[MAX_ERROR_NB]; /* Err stats */ int errorsBad; /* Bad errors */ ldclt_mutex_t errors_mutex; /* Protect errors */ /*JLS 28-11-00*/ diff --git a/ldap/servers/slapd/tools/ldclt/scalab01.c b/ldap/servers/slapd/tools/ldclt/scalab01.c index e125674..d198552 100644 --- a/ldap/servers/slapd/tools/ldclt/scalab01.c +++ b/ldap/servers/slapd/tools/ldclt/scalab01.c @@ -59,9 +59,6 @@ dd/mm/yy | Author | Comments #include /* ldap C-API BER declarations */ #include /* ldap C-API declarations */ -#if !defined(USE_OPENLDAP) -#include /* ldapssl_init(), etc... */ -#endif #include #include "port.h" /* Portability definitions */ #include "ldclt.h" /* This tool's include file */ diff --git a/ldap/servers/slapd/tools/ldclt/threadMain.c b/ldap/servers/slapd/tools/ldclt/threadMain.c index 9e3e0b9..1ffeedb 100644 --- a/ldap/servers/slapd/tools/ldclt/threadMain.c +++ b/ldap/servers/slapd/tools/ldclt/threadMain.c @@ -415,21 +415,15 @@ addErrorStat( /* * Update the counters */ -#if defined(USE_OPENLDAP) if ((err <= NEGATIVE_MAX_ERROR_NB) || (err >= MAX_ERROR_NB)) -#else - if ((err <= 0) || (err >= MAX_ERROR_NB)) -#endif { fprintf(stderr, "ldclt[%d]: Illegal error number %d\n", mctx.pid, err); fflush(stderr); mctx.errorsBad++; } -#if defined(USE_OPENLDAP) else if (err < 0) { mctx.negativeErrors[abs(err)]++; } -#endif else { mctx.errors[err]++; } @@ -453,11 +447,7 @@ addErrorStat( * Ok, we should not ignore this error... * Maybe the limit is reached ? */ -#if defined(USE_OPENLDAP) if ((err <= NEGATIVE_MAX_ERROR_NB) || (err >= MAX_ERROR_NB)) -#else - if ((err <= 0) || (err >= MAX_ERROR_NB)) -#endif { if (mctx.errorsBad > mctx.maxErrors) { printf("ldclt[%d]: Max error limit reached - exiting.\n", mctx.pid); @@ -467,7 +457,6 @@ addErrorStat( ldcltExit(EXIT_MAX_ERRORS); /*JLS 25-08-00*/ } } -#if defined(USE_OPENLDAP) else if (err < 0) { if (mctx.negativeErrors[abs(err)] > mctx.maxErrors) { printf("ldclt[%d]: Max error limit reached - exiting.\n", mctx.pid); @@ -477,7 +466,6 @@ addErrorStat( ldcltExit(EXIT_MAX_ERRORS); /*JLS 25-08-00*/ } } -#endif else { if (mctx.errors[err] > mctx.maxErrors) { printf("ldclt[%d]: Max error limit reached - exiting.\n", mctx.pid); diff --git a/ldap/servers/slapd/tools/ldif.c b/ldap/servers/slapd/tools/ldif.c index 5ae5de4..3548c7d 100644 --- a/ldap/servers/slapd/tools/ldif.c +++ b/ldap/servers/slapd/tools/ldif.c @@ -24,7 +24,6 @@ int ldap_syslog; int ldap_syslog_level; -#if defined(USE_OPENLDAP) static char * ldif_type_and_value(const char *type, const char *val, int vlen) { @@ -41,7 +40,6 @@ ldif_type_and_value(const char *type, const char *val, int vlen) return (buf); } -#endif static void display_usage(char *name) diff --git a/ldap/servers/slapd/tools/rsearch/addthread.c b/ldap/servers/slapd/tools/rsearch/addthread.c index 9b7ad28..816f01c 100644 --- a/ldap/servers/slapd/tools/rsearch/addthread.c +++ b/ldap/servers/slapd/tools/rsearch/addthread.c @@ -155,7 +155,6 @@ static void at_disconnect(AddThread *at) } #endif -#if defined(USE_OPENLDAP) /* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ static PRCallOnceType ol_init_callOnce = {0, 0, 0}; static PRLock *ol_init_lock = NULL; @@ -172,14 +171,12 @@ internal_ol_init_init(void) return PR_SUCCESS; } -#endif static void at_bind(AddThread *at) { int ret; int retry = 0; -#if defined(USE_OPENLDAP) char *ldapurl = NULL; at->ld = NULL; @@ -199,9 +196,6 @@ at_bind(AddThread *at) ret, ldap_err2string(ret)); return; } -#else - at->ld = ldap_init(hostname, port); -#endif if (!at->ld) { fprintf(stderr, "T%d: failed to init: %s port %d\n", at->id, hostname, port); return; diff --git a/ldap/servers/slapd/tools/rsearch/searchthread.c b/ldap/servers/slapd/tools/rsearch/searchthread.c index 2ad3a43..4949952 100644 --- a/ldap/servers/slapd/tools/rsearch/searchthread.c +++ b/ldap/servers/slapd/tools/rsearch/searchthread.c @@ -158,7 +158,6 @@ st_bind_core(SearchThread *st, LDAP **ld, char *dn, char *pw) return 1; } -#if defined(USE_OPENLDAP) /* need mutex around ldap_initialize - see https://fedorahosted.org/389/ticket/348 */ static PRCallOnceType ol_init_callOnce = {0, 0, 0}; static PRLock *ol_init_lock = NULL; @@ -175,12 +174,11 @@ internal_ol_init_init(void) return PR_SUCCESS; } -#endif + static int st_bind(SearchThread *st) { if (!st->ld) { -#if defined(USE_OPENLDAP) int ret = 0; char *ldapurl = NULL; @@ -201,16 +199,12 @@ st_bind(SearchThread *st) ret, ldap_err2string(ret)); return 0; } -#else - st->ld = ldap_init(hostname, port); -#endif if (!st->ld) { fprintf(stderr, "T%d: failed to init\n", st->id); return 0; } } if (!st->ld2) { /* aux LDAP handle */ -#if defined(USE_OPENLDAP) int ret = 0; char *ldapurl = NULL; @@ -231,9 +225,6 @@ st_bind(SearchThread *st) ret, ldap_err2string(ret)); return 0; } -#else - st->ld2 = ldap_init(hostname, port); -#endif if (!st->ld2) { fprintf(stderr, "T%d: failed to init 2\n", st->id); return 0; diff --git a/ldap/servers/slapd/utf8.c b/ldap/servers/slapd/utf8.c index 4538625..92724e9 100644 --- a/ldap/servers/slapd/utf8.c +++ b/ldap/servers/slapd/utf8.c @@ -40,8 +40,6 @@ #include #endif -#if defined(USE_OPENLDAP) - /* uft8.c - misc. utf8 "string" functions. */ #include "slapi-plugin.h" @@ -410,5 +408,3 @@ ldap_utf8isspace(char *s) /* should never reach here */ return 0; } - -#endif /* USE_OPENLDAP */ diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c index 1cfdd21..e1219c5 100644 --- a/ldap/servers/slapd/util.c +++ b/ldap/servers/slapd/util.c @@ -77,27 +77,6 @@ special_np_and_punct(unsigned char c) return UTIL_ESCAPE_NONE; } -#ifndef USE_OPENLDAP -static int -special_filter(unsigned char c) -{ - /* - * Escape all non-printing chars and double-quotes in addition - * to those required by RFC 2254 so that we can use the string - * in log files. - */ - return (c < 32 || - c > 126 || - c == '*' || - c == '(' || - c == ')' || - c == '\\' || - c == '"') - ? UTIL_ESCAPE_HEX - : UTIL_ESCAPE_NONE; -} -#endif - /* * Used by filter_stuff_func to help extract an attribute so we know * how to normalize the value. @@ -255,10 +234,8 @@ static PRIntn filter_stuff_func(void *arg, const char *val, PRUint32 slen) { struct filter_ctx *ctx = (struct filter_ctx *)arg; -#if defined(USE_OPENLDAP) struct berval escaped_filter; struct berval raw_filter; -#endif char *buf = (char *)val; int extra_space; int filter_len = (int)slen; @@ -351,7 +328,6 @@ filter_stuff_func(void *arg, const char *val, PRUint32 slen) * Escape the filter value */ if (ctx->next_arg_needs_esc_norm & ESCAPE_FILTER) { -#if defined(USE_OPENLDAP) raw_filter.bv_val = (char *)buf; raw_filter.bv_len = filter_len; if (ldap_bv2escaped_filter_value(&raw_filter, &escaped_filter) != 0) { @@ -362,21 +338,6 @@ filter_stuff_func(void *arg, const char *val, PRUint32 slen) filter_len = escaped_filter.bv_len; buf = escaped_filter.bv_val; } -#else - char *val2 = NULL; - buf = slapi_ch_calloc(sizeof(char), filter_len * 3 + 1); - val2 = (char *)do_escape_string(val, filter_len, buf, special_filter); - if (val2 == NULL) { - slapi_log_err(SLAPI_LOG_TRACE, "filter_stuff_func", "Failed to escape filter value(%s)\n", val); - ctx->next_arg_needs_esc_norm = 0; - slapi_ch_free_string(&buf); - return -1; - } else if (val == val2) { /* value did not need escaping and was just returned */ - strcpy(buf, val); /* just use value as-is - len did not change */ - } else { - filter_len = strlen(buf); - } -#endif } /* @@ -475,10 +436,8 @@ slapi_filter_sprintf(const char *fmt, ...) char * slapi_escape_filter_value(char *filter_str, int len) { -#if defined(USE_OPENLDAP) struct berval escaped_filter; struct berval raw_filter; -#endif int filter_len; /* @@ -494,7 +453,6 @@ slapi_escape_filter_value(char *filter_str, int len) /* the len is the length */ filter_len = len; } -#if defined(USE_OPENLDAP) /* * Construct the berval and escape it */ @@ -507,17 +465,6 @@ slapi_escape_filter_value(char *filter_str, int len) } else { return escaped_filter.bv_val; } -#else - char *buf = slapi_ch_calloc(sizeof(char), filter_len * 3 + 1); - char *esc_str = (char *)do_escape_string(filter_str, filter_len, buf, special_filter); - - if (esc_str != buf) { - slapi_ch_free_string(&buf); - return slapi_ch_strdup(esc_str); - } else { - return buf; - } -#endif } /* diff --git a/ldap/servers/snmp/main.c b/ldap/servers/snmp/main.c index ccfb9b8..4b672ea 100644 --- a/ldap/servers/snmp/main.c +++ b/ldap/servers/snmp/main.c @@ -247,13 +247,11 @@ main(int argc, char *argv[]) } /* ldif_read_record lineno argument type depends on openldap version */ -#if defined(USE_OPENLDAP) #if LDAP_VENDOR_VERSION >= 20434 /* changed in 2.4.34 */ typedef unsigned long int ldif_record_lineno_t; #else typedef int ldif_record_lineno_t; #endif -#endif /************************************************************************ * load_config @@ -265,14 +263,9 @@ load_config(char *conf_path) { server_instance *serv_p = NULL; FILE *conf_file = NULL; -#if defined(USE_OPENLDAP) LDIFFP *dse_fp = NULL; int buflen = 0; ldif_record_lineno_t lineno = 0; -#else - FILE *dse_fp = NULL; - int lineno = 0; -#endif char line[MAXLINE]; char *p = NULL; int error = 0; @@ -406,13 +399,9 @@ load_config(char *conf_path) goto close_and_exit; } -/* Open dse.ldif */ -#if defined(USE_OPENLDAP) + /* Open dse.ldif */ dse_fp = ldif_open(serv_p->dse_ldif, "r"); buflen = 0; -#else - dse_fp = fopen(serv_p->dse_ldif, "r"); -#endif if (dse_fp == NULL) { printf("ldap-agent: Error opening server config file: %s\n", serv_p->dse_ldif); @@ -422,26 +411,18 @@ load_config(char *conf_path) goto close_and_exit; } -/* ldif_get_entry will realloc the entry if it's not null, + /* ldif_get_entry will realloc the entry if it's not null, * so we can just free it when we're done fetching entries * from the dse.ldif. Unfortunately, ldif_getline moves * the pointer that is passed to it, so we need to save a * pointer to the beginning of the entry so we can free it * later. */ -#if defined(USE_OPENLDAP) while (ldif_read_record(dse_fp, &lineno, &entry, &buflen)) -#else - while ((entry = ldif_get_entry(dse_fp, &lineno)) != NULL) -#endif { char *entryp = entry; char *attr = NULL; char *val = NULL; -#if defined(USE_OPENLDAP) ber_len_t vlen; -#else - int vlen; -#endif /* Check if this is the cn=config entry */ if (ldif_parse_line(ldif_getline(&entryp), &attr, &val, &vlen)) { printf("ldap-agent: error parsing ldif line from [%s]\n", serv_p->dse_ldif); @@ -554,11 +535,7 @@ close_and_exit: if (conf_file) fclose(conf_file); if (dse_fp) { -#if defined(USE_OPENLDAP) ldif_close(dse_fp); -#else - fclose(dse_fp); -#endif } if (error) exit(error); diff --git a/m4/mozldap.m4 b/m4/mozldap.m4 deleted file mode 100644 index 76d3300..0000000 --- a/m4/mozldap.m4 +++ /dev/null @@ -1,167 +0,0 @@ -# BEGIN COPYRIGHT BLOCK -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# -# License: GPL (version 3 or any later version). -# See LICENSE for details. -# END COPYRIGHT BLOCK - -AC_CHECKING(for Mozilla LDAPSDK) - -# check for --with-ldapsdk -AC_MSG_CHECKING(for --with-ldapsdk) -AC_ARG_WITH(ldapsdk, AS_HELP_STRING([--with-ldapsdk@<:@=PATH@:>@],[Mozilla LDAP SDK directory]), -[ - if test "$withval" = yes - then - AC_MSG_RESULT(yes) - ldaplib="mozldap" - ldaplib_defs="" - elif test "$withval" = no - then - AC_MSG_RESULT(no) - elif test -e "$withval"/include/ldap.h -a -d "$withval"/lib - then - AC_MSG_RESULT([using $withval]) - LDAPSDKDIR=$withval - ldaplib="mozldap" - ldaplib_defs="" - ldapsdk_inc="-I$LDAPSDKDIR/include" - ldapsdk_lib="-L$LDAPSDKDIR/lib" - ldapsdk_libdir="$LDAPSDKDIR/lib" - ldapsdk_bindir="$LDAPSDKDIR/bin" - with_ldapsdk=yes - else - echo - AC_MSG_ERROR([$withval not found]) - fi - - if test "$with_ldapsdk" = yes -a "$with_openldap" = yes - then - AC_MSG_ERROR([Cannot use both LDAPSDK and OpenLDAP.]) - fi - if test "$with_ldapsdk" != yes -a "$with_openldap" != yes - then - AC_MSG_ERROR([Either LDAPSDK or OpenLDAP must be used.]) - fi -], -[ - if test "$with_openldap" = yes - then - AC_MSG_RESULT(no) - else - AC_MSG_RESULT(yes) - with_ldapsdk=yes - fi -]) - -# check for --with-ldapsdk-inc -AC_MSG_CHECKING(for --with-ldapsdk-inc) -AC_ARG_WITH(ldapsdk-inc, AS_HELP_STRING([--with-ldapsdk-inc=PATH],[Mozilla LDAP SDK include directory]), -[ - if test -e "$withval"/ldap.h - then - AC_MSG_RESULT([using $withval]) - ldapsdk_inc="-I$withval" - with_ldapsdk=yes - else - echo - AC_MSG_ERROR([$withval not found]) - fi -], -AC_MSG_RESULT(no)) - -# check for --with-ldapsdk-lib -AC_MSG_CHECKING(for --with-ldapsdk-lib) -AC_ARG_WITH(ldapsdk-lib, AS_HELP_STRING([--with-ldapsdk-lib=PATH],[Mozilla LDAP SDK library directory]), -[ - if test -d "$withval" - then - AC_MSG_RESULT([using $withval]) - ldapsdk_lib="-L$withval" - ldapsdk_libdir="$withval" - with_ldapsdk=yes - else - echo - AC_MSG_ERROR([$withval not found]) - fi -], -AC_MSG_RESULT(no)) - -# check for --with-ldapsdk-bin -AC_MSG_CHECKING(for --with-ldapsdk-bin) -AC_ARG_WITH(ldapsdk-bin, AS_HELP_STRING([--with-ldapsdk-bin=PATH],[Mozilla LDAP SDK binary directory]), -[ - if test -d "$withval" - then - AC_MSG_RESULT([using $withval]) - ldapsdk_bindir="$withval" - with_ldapsdk=yes - else - echo - AC_MSG_ERROR([$withval not found]) - fi -], -AC_MSG_RESULT(no)) - -# if LDAPSDK is not found yet, try pkg-config - -# last resort -if test "$with_ldapsdk" = yes ; then - if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir" -o -z "$ldapsdk_bindir"; then - AC_MSG_CHECKING(for mozldap with pkg-config) - if test -n "$PKG_CONFIG"; then - if $PKG_CONFIG --exists mozldap6; then - mozldappkg=mozldap6 - elif $PKG_CONFIG --exists mozldap; then - mozldappkg=mozldap - else - AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib|-bin].]) - fi - ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg` - ldapsdk_lib=`$PKG_CONFIG --libs-only-L $mozldappkg` - ldapsdk_libdir=`$PKG_CONFIG --libs-only-L $mozldappkg | sed -e s/-L// | sed -e s/\ .*$//` - ldapsdk_bindir=`$PKG_CONFIG --variable=bindir $mozldappkg` - AC_MSG_RESULT([using system $mozldappkg]) - fi - fi -fi - -if test "$with_ldapsdk" = yes ; then - if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then - AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib|-bin].]) - fi -dnl default path for the ldap c sdk tools (see [210947] for more details) - if test -z "$ldapsdk_bindir" ; then - if [ -d $libdir/mozldap6 ] ; then - ldapsdk_bindir=$libdir/mozldap6 - else - ldapsdk_bindir=$libdir/mozldap - fi - fi - - dnl make sure the ldap sdk version is 6 or greater - we do not support - dnl the old 5.x or prior versions - the ldap server code expects the new - dnl ber types and other code used with version 6 - save_cppflags="$CPPFLAGS" - CPPFLAGS="$ldapsdk_inc $NSS_CFLAGS $NSPR_CFLAGS" - AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=], - [#include -#if LDAP_VENDOR_VERSION < 600 -#error The LDAP C SDK version is not supported -#endif - ]) - CPPFLAGS="$save_cppflags" - - if test -z "$isversion6" ; then - AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported]) - fi - AC_DEFINE([USE_MOZLDAP], [1], [If defined, using MozLDAP for LDAP SDK]) - AC_DEFINE([HAVE_LDAP_URL_PARSE_NO_DEFAULTS], [1], [have the function ldap_url_parse_no_defaults]) - # where to find ldapsearch, et. al. - ldaptool_bindir=$ldapsdk_bindir - # default options to pass to the tools - ldaptool_opts= - # get plain output from ldapsearch - no version - plainldif_opts=-1 -fi