1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206
|
/** BEGIN COPYRIGHT BLOCK
* Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
*
* License: GPL (version 3 or any later version).
* See LICENSE for details.
* END COPYRIGHT BLOCK **/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/*
* defbackend.c - implement a "backend of last resort" which is used only
* when a request's basedn does not match one of the suffixes of any of the
* configured backends.
*
*/
#include "slap.h"
/*
* ---------------- Macros ---------------------------------------------------
*/
#define DEFBACKEND_OP_NOT_HANDLED 0
#define DEFBACKEND_OP_HANDLED 1
/*
* ---------------- Static Variables -----------------------------------------
*/
static struct slapdplugin defbackend_plugin = {0};
static Slapi_Backend *defbackend_backend = NULL;
/*
* ---------------- Prototypes for Private Functions -------------------------
*/
static int defbackend_default(Slapi_PBlock *pb);
static int defbackend_noop(Slapi_PBlock *pb);
static int defbackend_abandon(Slapi_PBlock *pb);
static int defbackend_bind(Slapi_PBlock *pb);
static int defbackend_next_search_entry(Slapi_PBlock *pb);
/*
* ---------------- Public Functions -----------------------------------------
*/
/*
* defbackend_init: instantiate the default backend
*/
void
defbackend_init(void)
{
int rc;
char *errmsg;
Slapi_PBlock *pb = slapi_pblock_new();
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_init", "<==\n");
/*
* create a new backend
*/
defbackend_backend = slapi_be_new(DEFBACKEND_TYPE, DEFBACKEND_NAME, 1 /* Private */, 0 /* Do Not Log Changes */);
if ((rc = slapi_pblock_set(pb, SLAPI_BACKEND, defbackend_backend)) != 0) {
errmsg = "slapi_pblock_set SLAPI_BACKEND failed";
goto cleanup_and_return;
}
/*
* create a plugin structure for this backend since the
* slapi_pblock_set()/slapi_pblock_get() functions assume there is one.
*/
defbackend_plugin.plg_type = SLAPI_PLUGIN_DATABASE;
defbackend_backend->be_database = &defbackend_plugin;
if ((rc = slapi_pblock_set(pb, SLAPI_PLUGIN, &defbackend_plugin)) != 0) {
errmsg = "slapi_pblock_set SLAPI_PLUGIN failed";
goto cleanup_and_return;
}
/* default backend is managed as if it would */
/* contain remote data. */
slapi_be_set_flag(defbackend_backend, SLAPI_BE_FLAG_REMOTE_DATA);
/*
* install handler functions, etc.
*/
errmsg = "slapi_pblock_set handlers failed";
rc = slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
(void *)SLAPI_PLUGIN_CURRENT_VERSION);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_BIND_FN,
(void *)defbackend_bind);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_UNBIND_FN,
(void *)defbackend_noop);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_SEARCH_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_NEXT_SEARCH_ENTRY_FN,
(void *)defbackend_next_search_entry);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_COMPARE_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_MODIFY_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_MODRDN_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_ADD_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_DELETE_FN,
(void *)defbackend_default);
rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DB_ABANDON_FN,
(void *)defbackend_abandon);
cleanup_and_return:
slapi_pblock_destroy(pb);
if (rc != 0) {
slapi_log_err(SLAPI_LOG_ERR, "defbackend_init", "Failed (%s)\n", errmsg);
exit(1);
}
}
/*
* defbackend_get_backend: return a pointer to the default backend.
* we never return NULL.
*/
Slapi_Backend *
defbackend_get_backend(void)
{
return (defbackend_backend);
}
/*
* ---------------- Private Functions ----------------------------------------
*/
static int
defbackend_default(Slapi_PBlock *pb)
{
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_default", "<==\n");
send_nobackend_ldap_result(pb);
return (DEFBACKEND_OP_HANDLED);
}
static int
defbackend_noop(Slapi_PBlock *pb __attribute__((unused)))
{
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_noop", "<==\n");
return (DEFBACKEND_OP_HANDLED);
}
static int
defbackend_abandon(Slapi_PBlock *pb __attribute__((unused)))
{
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_abandon", "<==\n");
/* nothing to do */
return (DEFBACKEND_OP_HANDLED);
}
#define DEFBE_NO_SUCH_SUFFIX "No suffix for bind dn found"
static int
defbackend_bind(Slapi_PBlock *pb)
{
int rc;
ber_tag_t method;
struct berval *cred;
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_bind", "<==\n");
/*
* Accept simple binds that do not contain passwords (but do not
* update the bind DN field in the connection structure since we don't
* grant access based on these "NULL binds")
*/
slapi_pblock_get(pb, SLAPI_BIND_METHOD, &method);
slapi_pblock_get(pb, SLAPI_BIND_CREDENTIALS, &cred);
if (method == LDAP_AUTH_SIMPLE && cred->bv_len == 0) {
slapi_counter_increment(g_get_per_thread_snmp_vars()->ops_tbl.dsAnonymousBinds);
rc = SLAPI_BIND_ANONYMOUS;
} else {
slapi_pblock_set(pb, SLAPI_PB_RESULT_TEXT, DEFBE_NO_SUCH_SUFFIX);
send_ldap_result(pb, LDAP_INVALID_CREDENTIALS, NULL, "", 0, NULL);
rc = SLAPI_BIND_FAIL;
}
return (rc);
}
static int
defbackend_next_search_entry(Slapi_PBlock *pb __attribute__((unused)))
{
slapi_log_err(SLAPI_LOG_TRACE, "defbackend_next_search_entry", "<==\n");
return (0); /* no entries and no error */
}
|