forked from jengelh/openldap2
129 lines
4.2 KiB
Diff
129 lines
4.2 KiB
Diff
|
From 328612d3370290c7f42ad835e1b0e3189eadef7b Mon Sep 17 00:00:00 2001
|
||
|
From: Howard Chu <hyc@openldap.org>
|
||
|
Date: Wed, 4 Feb 2015 03:53:13 +0000
|
||
|
Subject: [PATCH] ITS#8051 add DN qualifier
|
||
|
|
||
|
---
|
||
|
doc/man/man5/slapd-sock.5 | 5 +++++
|
||
|
servers/slapd/back-sock/back-sock.h | 2 ++
|
||
|
servers/slapd/back-sock/config.c | 32 +++++++++++++++++++++++++++++---
|
||
|
3 files changed, 36 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/doc/man/man5/slapd-sock.5 b/doc/man/man5/slapd-sock.5
|
||
|
index ee8cc919f..1ac4f7fdd 100644
|
||
|
--- a/doc/man/man5/slapd-sock.5
|
||
|
+++ b/doc/man/man5/slapd-sock.5
|
||
|
@@ -58,6 +58,11 @@ Specify which response types to send to the external program. "result"
|
||
|
sends just the results of an operation. "search" sends all entries that
|
||
|
the database returned for a search request. The default is empty
|
||
|
(no responses are sent).
|
||
|
+.TP
|
||
|
+.B sockdnpat <regexp>
|
||
|
+Specify DN patterns for which the overlay will act. Only operations on
|
||
|
+DNs matching the specified regular expression will be processed. The default
|
||
|
+is empty (all DNs are processed).
|
||
|
|
||
|
.SH PROTOCOL
|
||
|
The protocol is essentially the same as
|
||
|
diff --git a/servers/slapd/back-sock/back-sock.h b/servers/slapd/back-sock/back-sock.h
|
||
|
index 15495a6bc..7a083a8df 100644
|
||
|
--- a/servers/slapd/back-sock/back-sock.h
|
||
|
+++ b/servers/slapd/back-sock/back-sock.h
|
||
|
@@ -30,6 +30,8 @@ struct sockinfo {
|
||
|
slap_mask_t si_extensions;
|
||
|
slap_mask_t si_ops; /* overlay: operations to act on */
|
||
|
slap_mask_t si_resps; /* overlay: responses to forward */
|
||
|
+ regex_t si_dnpat; /* overlay: DN pattern to match */
|
||
|
+ struct berval si_dnpatstr;
|
||
|
};
|
||
|
|
||
|
#define SOCK_EXT_BINDDN 1
|
||
|
diff --git a/servers/slapd/back-sock/config.c b/servers/slapd/back-sock/config.c
|
||
|
index d8ff95ceb..dc3f1365c 100644
|
||
|
--- a/servers/slapd/back-sock/config.c
|
||
|
+++ b/servers/slapd/back-sock/config.c
|
||
|
@@ -36,11 +36,12 @@ static slap_response sock_over_response;
|
||
|
enum {
|
||
|
BS_EXT = 1,
|
||
|
BS_OPS,
|
||
|
- BS_RESP
|
||
|
+ BS_RESP,
|
||
|
+ BS_DNPAT
|
||
|
};
|
||
|
|
||
|
/* The number of overlay-only config attrs */
|
||
|
-#define NUM_OV_ATTRS 2
|
||
|
+#define NUM_OV_ATTRS 3
|
||
|
|
||
|
static ConfigTable bscfg[] = {
|
||
|
{ "sockops", "ops", 2, 0, 0, ARG_MAGIC|BS_OPS,
|
||
|
@@ -53,6 +54,11 @@ static ConfigTable bscfg[] = {
|
||
|
"DESC 'Response types to forward' "
|
||
|
"EQUALITY caseIgnoreMatch "
|
||
|
"SYNTAX OMsDirectoryString )", NULL, NULL },
|
||
|
+ { "sockdnpat", "regexp", 2, 2, 0, ARG_MAGIC|BS_DNPAT,
|
||
|
+ bs_cf_gen, "( OLcfgDbAt:7.5 NAME 'olcOvSocketDNpat' "
|
||
|
+ "DESC 'DN pattern to match' "
|
||
|
+ "EQUALITY caseIgnoreMatch "
|
||
|
+ "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
|
||
|
|
||
|
{ "socketpath", "pathname", 2, 2, 0, ARG_STRING|ARG_OFFSET,
|
||
|
(void *)offsetof(struct sockinfo, si_sockpath),
|
||
|
@@ -86,7 +92,8 @@ static ConfigOCs osocs[] = {
|
||
|
"SUP olcOverlayConfig "
|
||
|
"MUST olcDbSocketPath "
|
||
|
"MAY ( olcDbSocketExtensions $ "
|
||
|
- " olcOvSocketOps $ olcOvSocketResps ) )",
|
||
|
+ " olcOvSocketOps $ olcOvSocketResps $ "
|
||
|
+ " olcOvSocketDNpat ) )",
|
||
|
Cft_Overlay, bscfg },
|
||
|
{ NULL, 0, NULL }
|
||
|
};
|
||
|
@@ -150,6 +157,9 @@ bs_cf_gen( ConfigArgs *c )
|
||
|
return mask_to_verbs( ov_ops, si->si_ops, &c->rvalue_vals );
|
||
|
case BS_RESP:
|
||
|
return mask_to_verbs( ov_resps, si->si_resps, &c->rvalue_vals );
|
||
|
+ case BS_DNPAT:
|
||
|
+ value_add_one( &c->rvalue_vals, &si->si_dnpatstr );
|
||
|
+ return 0;
|
||
|
}
|
||
|
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||
|
switch( c->type ) {
|
||
|
@@ -186,6 +196,11 @@ bs_cf_gen( ConfigArgs *c )
|
||
|
si->si_resps ^= dels;
|
||
|
}
|
||
|
return rc;
|
||
|
+ case BS_DNPAT:
|
||
|
+ regfree( &si->si_dnpat );
|
||
|
+ ch_free( si->si_dnpatstr.bv_val );
|
||
|
+ BER_BVZERO( &si->si_dnpatstr );
|
||
|
+ return 0;
|
||
|
}
|
||
|
|
||
|
} else {
|
||
|
@@ -196,6 +211,13 @@ bs_cf_gen( ConfigArgs *c )
|
||
|
return verbs_to_mask( c->argc, c->argv, ov_ops, &si->si_ops );
|
||
|
case BS_RESP:
|
||
|
return verbs_to_mask( c->argc, c->argv, ov_resps, &si->si_resps );
|
||
|
+ case BS_DNPAT:
|
||
|
+ if ( !regcomp( &si->si_dnpat, c->argv[1], REG_EXTENDED|REG_ICASE|REG_NOSUB )) {
|
||
|
+ ber_str2bv( c->argv[1], 0, 1, &si->si_dnpatstr );
|
||
|
+ return 0;
|
||
|
+ } else {
|
||
|
+ return 1;
|
||
|
+ }
|
||
|
}
|
||
|
}
|
||
|
return 1;
|
||
|
@@ -268,6 +290,10 @@ static int sock_over_op(
|
||
|
if ( !(si->si_ops & sockopflags[which]))
|
||
|
return SLAP_CB_CONTINUE;
|
||
|
|
||
|
+ if ( !BER_BVISEMPTY( &si->si_dnpatstr ) &&
|
||
|
+ regexec( &si->si_dnpat, op->o_req_ndn.bv_val, 0, NULL, 0 ))
|
||
|
+ return SLAP_CB_CONTINUE;
|
||
|
+
|
||
|
op->o_bd->be_private = si;
|
||
|
sc = op->o_callback;
|
||
|
op->o_callback = NULL;
|