forked from pool/openldap2
This commit is contained in:
parent
cbf9f027df
commit
64d457cee6
@ -0,0 +1,227 @@
|
||||
From 732c5646e0a03be8b58e52527b25742f0495807e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Michael=20Str=C3=B6der?= <michael@stroeder.com>
|
||||
Date: Fri, 18 Aug 2017 18:47:41 +0200
|
||||
Subject: [PATCH] ITS#8714 Send out EXTENDED operation message from back-sock
|
||||
to external program
|
||||
|
||||
---
|
||||
doc/man/man5/slapd-sock.5 | 19 +++++++++++-
|
||||
servers/slapd/back-sock/Makefile.in | 4 +--
|
||||
servers/slapd/back-sock/config.c | 12 ++++++--
|
||||
servers/slapd/back-sock/extended.c | 58 ++++++++++++++++++++++++++++++++++++
|
||||
servers/slapd/back-sock/init.c | 2 +-
|
||||
servers/slapd/back-sock/proto-sock.h | 2 ++
|
||||
6 files changed, 91 insertions(+), 6 deletions(-)
|
||||
create mode 100644 servers/slapd/back-sock/extended.c
|
||||
|
||||
diff --git a/doc/man/man5/slapd-sock.5 b/doc/man/man5/slapd-sock.5
|
||||
index 1ac4f7fdd..0c4fc3fdd 100644
|
||||
--- a/doc/man/man5/slapd-sock.5
|
||||
+++ b/doc/man/man5/slapd-sock.5
|
||||
@@ -49,7 +49,7 @@ be sent and from which replies are received.
|
||||
|
||||
When used as an overlay, these additional directives are defined:
|
||||
.TP
|
||||
-.B sockops [ bind | unbind | search | compare | modify | modrdn | add | delete ]*
|
||||
+.B sockops [ bind | unbind | search | compare | modify | modrdn | add | delete | extended ]*
|
||||
Specify which request types to send to the external program. The default is
|
||||
empty (no requests are sent).
|
||||
.TP
|
||||
@@ -115,6 +115,18 @@ dn: <DN>
|
||||
.PP
|
||||
.RS
|
||||
.nf
|
||||
+EXTENDED
|
||||
+msgid: <message id>
|
||||
+<repeat { "suffix:" <database suffix DN> }>
|
||||
+oid: <OID>
|
||||
+valuelen: <length of <value>>
|
||||
+value: <credentials>
|
||||
+<blank line>
|
||||
+.fi
|
||||
+.RE
|
||||
+.PP
|
||||
+.RS
|
||||
+.nf
|
||||
MODIFY
|
||||
msgid: <message id>
|
||||
<repeat { "suffix:" <database suffix DN> }>
|
||||
@@ -292,6 +304,11 @@ access to the
|
||||
pseudo_attribute of the searchBase;
|
||||
.B search (=s)
|
||||
access to the attributes and values used in the filter is not checked.
|
||||
+.LP
|
||||
+The
|
||||
+.B extended
|
||||
+operation does not require any access special rights.
|
||||
+The external program has to implement any sort of access control.
|
||||
|
||||
.SH EXAMPLE
|
||||
There is an example script in the slapd/back\-sock/ directory
|
||||
diff --git a/servers/slapd/back-sock/Makefile.in b/servers/slapd/back-sock/Makefile.in
|
||||
index 3e527e545..efb916246 100644
|
||||
--- a/servers/slapd/back-sock/Makefile.in
|
||||
+++ b/servers/slapd/back-sock/Makefile.in
|
||||
@@ -18,9 +18,9 @@
|
||||
## in OpenLDAP Software.
|
||||
|
||||
SRCS = init.c config.c opensock.c search.c bind.c unbind.c add.c \
|
||||
- delete.c modify.c modrdn.c compare.c result.c
|
||||
+ delete.c modify.c modrdn.c compare.c result.c extended.c
|
||||
OBJS = init.lo config.lo opensock.lo search.lo bind.lo unbind.lo add.lo \
|
||||
- delete.lo modify.lo modrdn.lo compare.lo result.lo
|
||||
+ delete.lo modify.lo modrdn.lo compare.lo result.lo extended.lo
|
||||
|
||||
LDAP_INCDIR= ../../../include
|
||||
LDAP_LIBDIR= ../../../libraries
|
||||
diff --git a/servers/slapd/back-sock/config.c b/servers/slapd/back-sock/config.c
|
||||
index dc3f1365c..2dcf68bf6 100644
|
||||
--- a/servers/slapd/back-sock/config.c
|
||||
+++ b/servers/slapd/back-sock/config.c
|
||||
@@ -106,6 +106,7 @@ static ConfigOCs osocs[] = {
|
||||
#define SOCK_OP_MODRDN 0x020
|
||||
#define SOCK_OP_ADD 0x040
|
||||
#define SOCK_OP_DELETE 0x080
|
||||
+#define SOCK_OP_EXTENDED 0x100
|
||||
|
||||
#define SOCK_REP_RESULT 0x001
|
||||
#define SOCK_REP_SEARCH 0x002
|
||||
@@ -127,6 +128,7 @@ static slap_verbmasks ov_ops[] = {
|
||||
{ BER_BVC("modrdn"), SOCK_OP_MODRDN },
|
||||
{ BER_BVC("add"), SOCK_OP_ADD },
|
||||
{ BER_BVC("delete"), SOCK_OP_DELETE },
|
||||
+ { BER_BVC("extended"), SOCK_OP_EXTENDED },
|
||||
{ BER_BVNULL, 0 }
|
||||
};
|
||||
|
||||
@@ -249,7 +251,9 @@ static BI_op_bind *sockfuncs[] = {
|
||||
sock_back_modify,
|
||||
sock_back_modrdn,
|
||||
sock_back_add,
|
||||
- sock_back_delete
|
||||
+ sock_back_delete,
|
||||
+ 0, /* abandon not supported */
|
||||
+ sock_back_extended
|
||||
};
|
||||
|
||||
static const int sockopflags[] = {
|
||||
@@ -260,7 +264,9 @@ static const int sockopflags[] = {
|
||||
SOCK_OP_MODIFY,
|
||||
SOCK_OP_MODRDN,
|
||||
SOCK_OP_ADD,
|
||||
- SOCK_OP_DELETE
|
||||
+ SOCK_OP_DELETE,
|
||||
+ 0, /* abandon not supported */
|
||||
+ SOCK_OP_EXTENDED
|
||||
};
|
||||
|
||||
static int sock_over_op(
|
||||
@@ -283,6 +289,7 @@ static int sock_over_op(
|
||||
case LDAP_REQ_MODRDN: which = op_modrdn; break;
|
||||
case LDAP_REQ_ADD: which = op_add; break;
|
||||
case LDAP_REQ_DELETE: which = op_delete; break;
|
||||
+ case LDAP_REQ_EXTENDED: which = op_extended; break;
|
||||
default:
|
||||
return SLAP_CB_CONTINUE;
|
||||
}
|
||||
@@ -365,6 +372,7 @@ sock_over_setup()
|
||||
sockover.on_bi.bi_op_modrdn = sock_over_op;
|
||||
sockover.on_bi.bi_op_add = sock_over_op;
|
||||
sockover.on_bi.bi_op_delete = sock_over_op;
|
||||
+ sockover.on_bi.bi_extended = sock_over_op;
|
||||
sockover.on_response = sock_over_response;
|
||||
|
||||
sockover.on_bi.bi_cf_ocs = osocs;
|
||||
diff --git a/servers/slapd/back-sock/extended.c b/servers/slapd/back-sock/extended.c
|
||||
new file mode 100644
|
||||
index 000000000..15493ea98
|
||||
--- /dev/null
|
||||
+++ b/servers/slapd/back-sock/extended.c
|
||||
@@ -0,0 +1,58 @@
|
||||
+/* extended.c - sock backend extended routines */
|
||||
+/* $OpenLDAP$ */
|
||||
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
||||
+ *
|
||||
+ * Copyright 2000-2017 The OpenLDAP Foundation.
|
||||
+ * All rights reserved.
|
||||
+ *
|
||||
+ * Redistribution and use in source and binary forms, with or without
|
||||
+ * modification, are permitted only as authorized by the OpenLDAP
|
||||
+ * Public License.
|
||||
+ *
|
||||
+ * A copy of this license is available in the file LICENSE in the
|
||||
+ * top-level directory of the distribution or, alternatively, at
|
||||
+ * <http://www.OpenLDAP.org/license.html>.
|
||||
+ */
|
||||
+
|
||||
+#include "portable.h"
|
||||
+
|
||||
+#include <stdio.h>
|
||||
+#include <ac/string.h>
|
||||
+
|
||||
+#include "slap.h"
|
||||
+#include "back-sock.h"
|
||||
+
|
||||
+int
|
||||
+sock_back_extended( Operation *op, SlapReply *rs )
|
||||
+{
|
||||
+ int rc;
|
||||
+ struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
|
||||
+ FILE *fp;
|
||||
+
|
||||
+ Debug( LDAP_DEBUG_ARGS, "==> sock_back_extended(%s)\n",
|
||||
+ op->ore_reqoid.bv_val, op->o_req_dn.bv_val, 0 );
|
||||
+
|
||||
+ if ( (fp = opensock( si->si_sockpath )) == NULL ) {
|
||||
+ send_ldap_error( op, rs, LDAP_OTHER,
|
||||
+ "could not open socket" );
|
||||
+ return( -1 );
|
||||
+ }
|
||||
+
|
||||
+ /* write out the request to the extended process */
|
||||
+ fprintf( fp, "EXTENDED\n" );
|
||||
+ fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
|
||||
+ sock_print_conn( fp, op->o_conn, si );
|
||||
+ sock_print_suffixes( fp, op->o_bd );
|
||||
+ fprintf( fp, "oid: %s\n", op->ore_reqoid.bv_val );
|
||||
+ if (op->ore_reqdata) {
|
||||
+ fprintf( fp, "valuelen: %lu\n", op->ore_reqdata->bv_len );
|
||||
+ fprintf( fp, "value: %s\n", op->ore_reqdata->bv_val );
|
||||
+ }
|
||||
+ fprintf( fp, "\n" );
|
||||
+
|
||||
+ /* read in the results and send them along */
|
||||
+ rc = sock_read_and_send_results( op, rs, fp );
|
||||
+ fclose( fp );
|
||||
+
|
||||
+ return( rc );
|
||||
+}
|
||||
diff --git a/servers/slapd/back-sock/init.c b/servers/slapd/back-sock/init.c
|
||||
index dcfe61a44..92e68782f 100644
|
||||
--- a/servers/slapd/back-sock/init.c
|
||||
+++ b/servers/slapd/back-sock/init.c
|
||||
@@ -53,7 +53,7 @@ sock_back_initialize(
|
||||
bi->bi_op_delete = sock_back_delete;
|
||||
bi->bi_op_abandon = 0;
|
||||
|
||||
- bi->bi_extended = 0;
|
||||
+ bi->bi_extended = sock_back_extended;
|
||||
|
||||
bi->bi_chk_referrals = 0;
|
||||
|
||||
diff --git a/servers/slapd/back-sock/proto-sock.h b/servers/slapd/back-sock/proto-sock.h
|
||||
index fa02ab896..8b3b5f3ef 100644
|
||||
--- a/servers/slapd/back-sock/proto-sock.h
|
||||
+++ b/servers/slapd/back-sock/proto-sock.h
|
||||
@@ -40,6 +40,8 @@ extern BI_op_modrdn sock_back_modrdn;
|
||||
extern BI_op_add sock_back_add;
|
||||
extern BI_op_delete sock_back_delete;
|
||||
|
||||
+extern BI_op_extended sock_back_extended;
|
||||
+
|
||||
extern int sock_back_init_cf( BackendInfo *bi );
|
||||
|
||||
LDAP_END_DECL
|
||||
--
|
||||
2.14.0
|
||||
|
Loading…
Reference in New Issue
Block a user