-/*
- ldb database library - map backend
+/*
+ ldb database mapping module
Copyright (C) Jelmer Vernooij 2005
+ Copyright (C) Martin Kuehl <mkhl@samba.org> 2006
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
- version 2 of the License, or (at your option) any later version.
+ version 3 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-*/
+ License along with this library; if not, see <http://www.gnu.org/licenses/>.
-#include "includes.h"
-#include "lib/ldb/include/ldb.h"
-#include "lib/ldb/include/ldb_private.h"
-#include "lib/ldb/ldb_map/ldb_map.h"
+*/
-/* TODO:
- * - objectclass hint in ldb_map_attribute
- * for use when multiple remote attributes (independant of each other)
- * map to one local attribute. E.g.: (uid, gidNumber) -> unixName
- * (use MAP_GENERATE instead ?)
+/*
+ * Name: ldb
+ *
+ * Component: ldb ldb_map module
+ *
+ * Description: Map portions of data into a different format on a
+ * remote partition.
+ *
+ * Author: Jelmer Vernooij, Martin Kuehl
*/
-/*
+#include "ldb_includes.h"
+
+#include "ldb_map.h"
+#include "ldb_map_private.h"
+
+#ifndef _PUBLIC_
+#define _PUBLIC_
+#endif
+
+/* Description of the provided ldb requests:
- special attribute 'isMapped'
- - add/modify
- - split up ldb_message into fallback and mapped parts if is_mappable
- - search:
- - search local one for not isMapped entries
- - remove remote attributes from ldb_parse_tree
- - search remote one
- - per record, search local one for additional data (by dn)
- - test if (full expression) is now true
- - delete
- - delete both
- - rename
- - rename locally and remotely
+
+ - search:
+ - if parse tree can be split
+ - search remote records w/ remote attrs and parse tree
+ - otherwise
+ - enumerate all remote records
+ - for each remote result
+ - map remote result to local message
+ - search local result
+ - is present
+ - merge local into remote result
+ - run callback on merged result
+ - otherwise
+ - run callback on remote result
+
+ - add:
+ - split message into local and remote part
+ - if local message is not empty
+ - add isMapped to local message
+ - add local message
+ - add remote message
+
+ - modify:
+ - split message into local and remote part
+ - if local message is not empty
+ - add isMapped to local message
+ - search for local record
+ - if present
+ - modify local record
+ - otherwise
+ - add local message
+ - modify remote record
+
+ - delete:
+ - search for local record
+ - if present
+ - delete local record
+ - delete remote record
+
+ - rename:
+ - search for local record
+ - if present
+ - rename local record
+ - modify local isMapped
+ - rename remote record
*/
-static const struct ldb_map_attribute builtin_attribute_maps[];
-struct map_private {
- struct ldb_map_context context;
- const char *last_err_string;
-};
-static struct ldb_map_context *map_get_privdat(struct ldb_module *module)
+/* Private data structures
+ * ======================= */
+
+/* Global private data */
+/* Extract mappings from private data. */
+const struct ldb_map_context *map_get_context(struct ldb_module *module)
{
- return &((struct map_private *)module->private_data)->context;
+ const struct map_private *data = talloc_get_type(module->private_data, struct map_private);
+ return data->context;
}
-static const struct ldb_map_objectclass *map_find_objectclass_local(struct ldb_map_context *privdat, const char *name)
+/* Create a generic request context. */
+static struct map_context *map_init_context(struct ldb_handle *h, struct ldb_request *req)
{
- int i;
- for (i = 0; privdat->objectclass_maps[i].local_name; i++) {
- if (!ldb_attr_cmp(privdat->objectclass_maps[i].local_name, name))
- return &privdat->objectclass_maps[i];
+ struct map_context *ac;
+
+ ac = talloc_zero(h, struct map_context);
+ if (ac == NULL) {
+ map_oom(h->module);
+ return NULL;
}
- return NULL;
+ ac->module = h->module;
+ ac->orig_req = req;
+
+ return ac;
}
-/* Decide whether a add/modify should be pushed to the
- * remote LDAP server. We currently only do this if we see an objectClass we know */
-static BOOL map_is_mappable(struct ldb_map_context *privdat, const struct ldb_message *msg)
+/* Create a search request context. */
+struct map_search_context *map_init_search_context(struct map_context *ac, struct ldb_reply *ares)
{
- int i;
- struct ldb_message_element *el = ldb_msg_find_element(msg, "objectClass");
+ struct map_search_context *sc;
- /* No objectClass... */
- if (el == NULL) {
- return False;
+ sc = talloc_zero(ac, struct map_search_context);
+ if (sc == NULL) {
+ map_oom(ac->module);
+ return NULL;
}
- for (i = 0; i < el->num_values; i++) {
- if (map_find_objectclass_local(privdat, (char *)el->values[i].data))
- return True;
- }
+ sc->ac = ac;
+ sc->local_res = NULL;
+ sc->remote_res = ares;
- return False;
+ return sc;
}
-/* find an attribute by the local name */
-static const struct ldb_map_attribute *map_find_attr_local(struct ldb_map_context *privdat, const char *attr)
+/* Create a request context and handle. */
+struct ldb_handle *map_init_handle(struct ldb_request *req, struct ldb_module *module)
{
- int i;
+ struct map_context *ac;
+ struct ldb_handle *h;
- for (i = 0; privdat->attribute_maps[i].local_name; i++) {
- if (!ldb_attr_cmp(privdat->attribute_maps[i].local_name, attr))
- return &privdat->attribute_maps[i];
+ h = talloc_zero(req, struct ldb_handle);
+ if (h == NULL) {
+ map_oom(module);
+ return NULL;
}
- return NULL;
-}
+ h->module = module;
-/* find an attribute by the remote name */
-static const struct ldb_map_attribute *map_find_attr_remote(struct ldb_map_context *privdat, const char *attr)
-{
- int i;
+ ac = map_init_context(h, req);
+ if (ac == NULL) {
+ talloc_free(h);
+ return NULL;
+ }
- for (i = 0; privdat->attribute_maps[i].local_name; i++) {
- if (privdat->attribute_maps[i].type == MAP_IGNORE)
- continue;
+ h->private_data = (void *)ac;
- if (privdat->attribute_maps[i].type == MAP_GENERATE)
- continue;
+ h->state = LDB_ASYNC_INIT;
+ h->status = LDB_SUCCESS;
+
+ return h;
+}
- if (privdat->attribute_maps[i].type == MAP_KEEP &&
- ldb_attr_cmp(privdat->attribute_maps[i].local_name, attr) == 0)
- return &privdat->attribute_maps[i];
- if ((privdat->attribute_maps[i].type == MAP_RENAME ||
- privdat->attribute_maps[i].type == MAP_CONVERT) &&
- ldb_attr_cmp(privdat->attribute_maps[i].u.rename.remote_name, attr) == 0)
- return &privdat->attribute_maps[i];
+/* Dealing with DNs for different partitions
+ * ========================================= */
+/* Check whether any data should be stored in the local partition. */
+bool map_check_local_db(struct ldb_module *module)
+{
+ const struct ldb_map_context *data = map_get_context(module);
+
+ if (!data->remote_base_dn || !data->local_base_dn) {
+ return false;
}
- return NULL;
+ return true;
}
-static struct ldb_parse_tree *ldb_map_parse_tree(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_parse_tree *tree)
+/* Copy a DN with the base DN of the local partition. */
+static struct ldb_dn *ldb_dn_rebase_local(void *mem_ctx, const struct ldb_map_context *data, struct ldb_dn *dn)
{
- int i;
- const struct ldb_map_attribute *attr;
- struct ldb_parse_tree *new_tree;
- enum ldb_map_attr_type map_type;
- struct ldb_val value, newvalue;
- struct ldb_map_context *privdat = map_get_privdat(module);
+ struct ldb_dn *new_dn;
- if (tree == NULL)
+ new_dn = ldb_dn_copy(mem_ctx, dn);
+ if ( ! ldb_dn_validate(new_dn)) {
+ talloc_free(new_dn);
return NULL;
-
-
- /* Find attr in question and:
- * - if it has a convert_operator function, run that
- * - otherwise, replace attr name with required[0] */
-
- if (tree->operation == LDB_OP_AND ||
- tree->operation == LDB_OP_OR) {
-
- new_tree = talloc_memdup(ctx, tree, sizeof(*tree));
- new_tree->u.list.elements = talloc_array(new_tree, struct ldb_parse_tree *, tree->u.list.num_elements);
- new_tree->u.list.num_elements = 0;
- for (i = 0; i < tree->u.list.num_elements; i++) {
- struct ldb_parse_tree *child = ldb_map_parse_tree(module, new_tree, tree->u.list.elements[i]);
-
- if (child) {
- new_tree->u.list.elements[i] = child;
- new_tree->u.list.num_elements++;
- }
- }
+ }
- return new_tree;
+ /* may be we don't need to rebase at all */
+ if ( ! data->remote_base_dn || ! data->local_base_dn) {
+ return new_dn;
}
-
- if (tree->operation == LDB_OP_NOT) {
- struct ldb_parse_tree *child;
-
- new_tree = talloc_memdup(ctx, tree, sizeof(*tree));
- child = ldb_map_parse_tree(module, new_tree, tree->u.isnot.child);
- if (!child) {
- talloc_free(new_tree);
- return NULL;
- }
+ if ( ! ldb_dn_remove_base_components(new_dn, ldb_dn_get_comp_num(data->remote_base_dn))) {
+ talloc_free(new_dn);
+ return NULL;
+ }
- new_tree->u.isnot.child = child;
- return new_tree;
+ if ( ! ldb_dn_add_base(new_dn, data->local_base_dn)) {
+ talloc_free(new_dn);
+ return NULL;
}
- /* tree->operation is LDB_OP_EQUALITY, LDB_OP_SUBSTRING, LDB_OP_GREATER,
- * LDB_OP_LESS, LDB_OP_APPROX, LDB_OP_PRESENT or LDB_OP_EXTENDED
- *
- * (all have attr as the first element)
- */
+ return new_dn;
+}
- attr = map_find_attr_local(privdat, tree->u.equality.attr);
+/* Copy a DN with the base DN of the remote partition. */
+static struct ldb_dn *ldb_dn_rebase_remote(void *mem_ctx, const struct ldb_map_context *data, struct ldb_dn *dn)
+{
+ struct ldb_dn *new_dn;
- if (!attr) {
- ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Unable to find local attribute '%s', leaving as is\n", tree->u.equality.attr);
- map_type = MAP_KEEP;
- } else {
- map_type = attr->type;
+ new_dn = ldb_dn_copy(mem_ctx, dn);
+ if ( ! ldb_dn_validate(new_dn)) {
+ talloc_free(new_dn);
+ return NULL;
}
- if (attr && attr->convert_operator) {
- /* Run convert_operator */
- return attr->convert_operator(privdat, module, tree);
+ /* may be we don't need to rebase at all */
+ if ( ! data->remote_base_dn || ! data->local_base_dn) {
+ return new_dn;
}
- if (map_type == MAP_IGNORE) {
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "Search on ignored attribute '%s'\n", tree->u.equality.attr);
+ if ( ! ldb_dn_remove_base_components(new_dn, ldb_dn_get_comp_num(data->local_base_dn))) {
+ talloc_free(new_dn);
return NULL;
}
- if (map_type == MAP_GENERATE) {
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Can't do conversion for MAP_GENERATE in map_parse_tree without convert_operator for '%s'\n", tree->u.equality.attr);
+ if ( ! ldb_dn_add_base(new_dn, data->remote_base_dn)) {
+ talloc_free(new_dn);
return NULL;
}
- if (tree->operation == LDB_OP_EQUALITY) {
- value = tree->u.equality.value;
- } else if (tree->operation == LDB_OP_LESS || tree->operation == LDB_OP_GREATER ||
- tree->operation == LDB_OP_APPROX) {
- value = tree->u.comparison.value;
- } else if (tree->operation == LDB_OP_EXTENDED) {
- value = tree->u.extended.value;
- }
-
- new_tree = talloc_memdup(ctx, tree, sizeof(*tree));
+ return new_dn;
+}
- if (map_type == MAP_KEEP) {
- new_tree->u.equality.attr = talloc_strdup(new_tree, tree->u.equality.attr);
- } else { /* MAP_RENAME / MAP_CONVERT */
- new_tree->u.equality.attr = talloc_strdup(new_tree, attr->u.rename.remote_name);
- }
+/* Run a request and make sure it targets the remote partition. */
+/* TODO: free old DNs and messages? */
+int ldb_next_remote_request(struct ldb_module *module, struct ldb_request *request)
+{
+ const struct ldb_map_context *data = map_get_context(module);
+ struct ldb_message *msg;
- if (new_tree->operation == LDB_OP_PRESENT)
- return new_tree;
-
- if (new_tree->operation == LDB_OP_SUBSTRING) {
- new_tree->u.substring.chunks = NULL; /* FIXME! */
- return new_tree;
+ switch (request->operation) {
+ case LDB_SEARCH:
+ if (request->op.search.base) {
+ request->op.search.base = ldb_dn_rebase_remote(request, data, request->op.search.base);
+ } else {
+ request->op.search.base = data->remote_base_dn;
+ /* TODO: adjust scope? */
+ }
+ break;
+
+ case LDB_ADD:
+ msg = ldb_msg_copy_shallow(request, request->op.add.message);
+ msg->dn = ldb_dn_rebase_remote(msg, data, msg->dn);
+ request->op.add.message = msg;
+ break;
+
+ case LDB_MODIFY:
+ msg = ldb_msg_copy_shallow(request, request->op.mod.message);
+ msg->dn = ldb_dn_rebase_remote(msg, data, msg->dn);
+ request->op.mod.message = msg;
+ break;
+
+ case LDB_DELETE:
+ request->op.del.dn = ldb_dn_rebase_remote(request, data, request->op.del.dn);
+ break;
+
+ case LDB_RENAME:
+ request->op.rename.olddn = ldb_dn_rebase_remote(request, data, request->op.rename.olddn);
+ request->op.rename.newdn = ldb_dn_rebase_remote(request, data, request->op.rename.newdn);
+ break;
+
+ default:
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "Invalid remote request!\n");
+ return LDB_ERR_OPERATIONS_ERROR;
}
- if (map_type == MAP_CONVERT) {
- newvalue = attr->u.convert.convert_local(privdat, new_tree, &value);
- } else {
- newvalue = ldb_val_dup(new_tree, &value);
+ return ldb_next_request(module, request);
+}
+
+
+/* Finding mappings for attributes and objectClasses
+ * ================================================= */
+
+/* Find an objectClass mapping by the local name. */
+static const struct ldb_map_objectclass *map_objectclass_find_local(const struct ldb_map_context *data, const char *name)
+{
+ int i;
+
+ for (i = 0; data->objectclass_maps && data->objectclass_maps[i].local_name; i++) {
+ if (ldb_attr_cmp(data->objectclass_maps[i].local_name, name) == 0) {
+ return &data->objectclass_maps[i];
+ }
}
- if (new_tree->operation == LDB_OP_EQUALITY) {
- new_tree->u.equality.value = newvalue;
- } else if (new_tree->operation == LDB_OP_LESS || new_tree->operation == LDB_OP_GREATER ||
- new_tree->operation == LDB_OP_APPROX) {
- new_tree->u.comparison.value = newvalue;
- } else if (new_tree->operation == LDB_OP_EXTENDED) {
- new_tree->u.extended.value = newvalue;
- new_tree->u.extended.rule_id = talloc_strdup(new_tree, tree->u.extended.rule_id);
+ return NULL;
+}
+
+/* Find an objectClass mapping by the remote name. */
+static const struct ldb_map_objectclass *map_objectclass_find_remote(const struct ldb_map_context *data, const char *name)
+{
+ int i;
+
+ for (i = 0; data->objectclass_maps && data->objectclass_maps[i].remote_name; i++) {
+ if (ldb_attr_cmp(data->objectclass_maps[i].remote_name, name) == 0) {
+ return &data->objectclass_maps[i];
+ }
}
-
- return new_tree;
+
+ return NULL;
}
-/* Remote DN -> Local DN */
-static struct ldb_dn *map_remote_dn(struct ldb_map_context *privdat, TALLOC_CTX *ctx, const struct ldb_dn *dn)
+/* Find an attribute mapping by the local name. */
+const struct ldb_map_attribute *map_attr_find_local(const struct ldb_map_context *data, const char *name)
{
- struct ldb_dn *newdn;
int i;
- if (dn == NULL)
- return NULL;
+ for (i = 0; data->attribute_maps[i].local_name; i++) {
+ if (ldb_attr_cmp(data->attribute_maps[i].local_name, name) == 0) {
+ return &data->attribute_maps[i];
+ }
+ }
+ for (i = 0; data->attribute_maps[i].local_name; i++) {
+ if (ldb_attr_cmp(data->attribute_maps[i].local_name, "*") == 0) {
+ return &data->attribute_maps[i];
+ }
+ }
- newdn = talloc_memdup(ctx, dn, sizeof(*dn));
- if (!newdn)
- return NULL;
+ return NULL;
+}
- newdn->components = talloc_array(newdn, struct ldb_dn_component, newdn->comp_num);
+/* Find an attribute mapping by the remote name. */
+const struct ldb_map_attribute *map_attr_find_remote(const struct ldb_map_context *data, const char *name)
+{
+ const struct ldb_map_attribute *map;
+ const struct ldb_map_attribute *wildcard = NULL;
+ int i, j;
- if (!newdn->components)
- return NULL;
+ for (i = 0; data->attribute_maps[i].local_name; i++) {
+ map = &data->attribute_maps[i];
+ if (ldb_attr_cmp(map->local_name, "*") == 0) {
+ wildcard = &data->attribute_maps[i];
+ }
- /* For each rdn, map the attribute name and possibly the
- * complete rdn */
-
- for (i = 0; i < dn->comp_num; i++) {
- const struct ldb_map_attribute *attr = map_find_attr_remote(privdat, dn->components[i].name);
- enum ldb_map_attr_type map_type;
-
- /* Unknown attribute - leave this dn as is and hope the best... */
- if (!attr) map_type = MAP_KEEP;
- else map_type = attr->type;
-
- switch (map_type) {
+ switch (map->type) {
case MAP_IGNORE:
- case MAP_GENERATE:
- DEBUG(0, ("Local MAP_IGNORE or MAP_GENERATE attribute '%s' used in DN!", dn->components[i].name));
- talloc_free(newdn);
- return NULL;
+ break;
case MAP_KEEP:
- newdn->components[i].name = talloc_strdup(newdn->components, dn->components[i].name);
- newdn->components[i].value = ldb_val_dup(newdn->components, &dn->components[i].value);
+ if (ldb_attr_cmp(map->local_name, name) == 0) {
+ return map;
+ }
break;
-
+
+ case MAP_RENAME:
case MAP_CONVERT:
- newdn->components[i].name = talloc_strdup(newdn->components, attr->local_name);
- newdn->components[i].value = attr->u.convert.convert_remote(privdat, ctx, &dn->components[i].value);
+ if (ldb_attr_cmp(map->u.rename.remote_name, name) == 0) {
+ return map;
+ }
break;
-
- case MAP_RENAME:
- newdn->components[i].name = talloc_strdup(newdn->components, attr->local_name);
- newdn->components[i].value = ldb_val_dup(newdn->components, &dn->components[i].value);
+
+ case MAP_GENERATE:
+ for (j = 0; map->u.generate.remote_names && map->u.generate.remote_names[j]; j++) {
+ if (ldb_attr_cmp(map->u.generate.remote_names[j], name) == 0) {
+ return map;
+ }
+ }
break;
}
}
- return newdn;
+
+ /* We didn't find it, so return the wildcard record if one was configured */
+ return wildcard;
}
-/* Local DN -> Remote DN */
-static struct ldb_dn *map_local_dn(struct ldb_map_context *privdat, TALLOC_CTX *ctx, const struct ldb_dn *dn)
-{
- struct ldb_dn *newdn;
- int i;
- if (dn == NULL)
- return NULL;
+/* Mapping attributes
+ * ================== */
- newdn = talloc_memdup(ctx, dn, sizeof(*dn));
- if (!newdn)
- return NULL;
+/* Check whether an attribute will be mapped into the remote partition. */
+bool map_attr_check_remote(const struct ldb_map_context *data, const char *attr)
+{
+ const struct ldb_map_attribute *map = map_attr_find_local(data, attr);
+
+ if (map == NULL) {
+ return false;
+ }
+ if (map->type == MAP_IGNORE) {
+ return false;
+ }
- newdn->components = talloc_array(newdn, struct ldb_dn_component, newdn->comp_num);
+ return true;
+}
- if (!newdn->components)
- return NULL;
+/* Map an attribute name into the remote partition. */
+const char *map_attr_map_local(void *mem_ctx, const struct ldb_map_attribute *map, const char *attr)
+{
+ if (map == NULL) {
+ return talloc_strdup(mem_ctx, attr);
+ }
- /* For each rdn, map the attribute name and possibly the
- * complete rdn using an equality convert_operator call */
-
- for (i = 0; i < dn->comp_num; i++) {
- const struct ldb_map_attribute *attr = map_find_attr_local(privdat, dn->components[i].name);
- enum ldb_map_attr_type map_type;
-
- /* Unknown attribute - leave this dn as is and hope the best... */
- if (!attr) map_type = MAP_KEEP; else map_type = attr->type;
-
- switch (map_type)
- {
- case MAP_IGNORE:
- case MAP_GENERATE:
- DEBUG(0, ("Local MAP_IGNORE/MAP_GENERATE attribute '%s' used in DN!", dn->components[i].name));
- talloc_free(newdn);
- return NULL;
+ switch (map->type) {
+ case MAP_KEEP:
+ return talloc_strdup(mem_ctx, attr);
- case MAP_CONVERT:
- newdn->components[i].name = talloc_strdup(newdn->components, attr->u.convert.remote_name);
- newdn->components[i].value = attr->u.convert.convert_local(privdat, newdn->components, &dn->components[i].value);
- break;
-
- case MAP_RENAME:
- newdn->components[i].name = talloc_strdup(newdn->components, attr->u.rename.remote_name);
- newdn->components[i].value = ldb_val_dup(newdn->components, &dn->components[i].value);
- break;
+ case MAP_RENAME:
+ case MAP_CONVERT:
+ return talloc_strdup(mem_ctx, map->u.rename.remote_name);
- case MAP_KEEP:
- newdn->components[i].name = talloc_strdup(newdn->components, dn->components[i].name);
- newdn->components[i].value = ldb_val_dup(newdn->components, &dn->components[i].value);
- continue;
- }
+ default:
+ return NULL;
}
-
- return newdn;
}
-/* Loop over ldb_map_attribute array and add remote_names */
-static const char **ldb_map_attrs(struct ldb_module *module, const char *const attrs[])
+/* Map an attribute name back into the local partition. */
+const char *map_attr_map_remote(void *mem_ctx, const struct ldb_map_attribute *map, const char *attr)
{
- int i;
- const char **ret;
- int ar_size = 0, last_element = 0;
- struct ldb_map_context *privdat = map_get_privdat(module);
-
- if (attrs == NULL)
- return NULL;
+ if (map == NULL) {
+ return talloc_strdup(mem_ctx, attr);
+ }
- /* Start with good guess of number of elements */
- for (i = 0; attrs[i]; i++);
-
- ret = talloc_array(module, const char *, i);
- ar_size = i;
-
- for (i = 0; attrs[i]; i++) {
- int j;
- const struct ldb_map_attribute *attr = map_find_attr_local(privdat, attrs[i]);
- enum ldb_map_attr_type map_type;
-
- if (!attr) {
- ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Local attribute '%s' does not have a definition!\n", attrs[i]);
- map_type = MAP_IGNORE;
- } else map_type = attr->type;
-
- switch (map_type)
- {
- case MAP_IGNORE: break;
- case MAP_KEEP:
- if (last_element >= ar_size) {
- ret = talloc_realloc(module, ret, const char *, ar_size+1);
- ar_size++;
- }
- ret[last_element] = attr->local_name;
- last_element++;
- break;
-
- case MAP_RENAME:
- case MAP_CONVERT:
- if (last_element >= ar_size) {
- ret = talloc_realloc(module, ret, const char *, ar_size+1);
- ar_size++;
- }
- ret[last_element] = attr->u.rename.remote_name;
- last_element++;
- break;
-
- case MAP_GENERATE:
- /* Add remote_names[] for this attribute to the list of
- * attributes to request from the remote server */
- for (j = 0; attr->u.generate.remote_names[j]; j++) {
- if (last_element >= ar_size) {
- ret = talloc_realloc(module, ret, const char *, ar_size+1);
- ar_size++;
- }
- ret[last_element] = attr->u.generate.remote_names[j];
- last_element++;
- }
- break;
- }
+ if (map->type == MAP_KEEP) {
+ return talloc_strdup(mem_ctx, attr);
}
+
+ return talloc_strdup(mem_ctx, map->local_name);
+}
+
+
+/* Merge two lists of attributes into a single one. */
+int map_attrs_merge(struct ldb_module *module, void *mem_ctx,
+ const char ***attrs, const char * const *more_attrs)
+{
+ int i, j, k;
+
+ for (i = 0; *attrs && (*attrs)[i]; i++) /* noop */ ;
+ for (j = 0; more_attrs && more_attrs[j]; j++) /* noop */ ;
- if (last_element >= ar_size) {
- ret = talloc_realloc(module, ret, const char *, ar_size+1);
- ar_size++;
+ *attrs = talloc_realloc(mem_ctx, *attrs, const char *, i+j+1);
+ if (*attrs == NULL) {
+ map_oom(module);
+ return -1;
+ }
+
+ for (k = 0; k < j; k++) {
+ (*attrs)[i + k] = more_attrs[k];
}
- ret[last_element] = NULL;
+ (*attrs)[i+k] = NULL;
- return ret;
+ return 0;
}
-static const char **available_local_attributes(struct ldb_module *module, const struct ldb_message *msg)
-{
- struct ldb_map_context *privdat = map_get_privdat(module);
- int i, j;
- int count = 0;
- const char **ret = talloc_array(module, const char *, 1);
-
- ret[0] = NULL;
-
- for (i = 0; privdat->attribute_maps[i].local_name; i++) {
- BOOL avail = False;
- const struct ldb_map_attribute *attr = &privdat->attribute_maps[i];
-
- /* If all remote attributes for this attribute are present, add the
- * local one to the list */
-
- switch (attr->type) {
- case MAP_IGNORE: break;
- case MAP_KEEP:
- avail = (ldb_msg_find_ldb_val(msg, attr->local_name) != NULL);
- break;
-
- case MAP_RENAME:
- case MAP_CONVERT:
- avail = (ldb_msg_find_ldb_val(msg, attr->u.rename.remote_name) != NULL);
- break;
+/* Mapping ldb values
+ * ================== */
- case MAP_GENERATE:
- avail = True;
- for (j = 0; attr->u.generate.remote_names[j]; j++) {
- avail &= (ldb_msg_find_ldb_val(msg, attr->u.generate.remote_names[j]) != NULL);
- }
- break;
- }
+/* Map an ldb value into the remote partition. */
+struct ldb_val ldb_val_map_local(struct ldb_module *module, void *mem_ctx,
+ const struct ldb_map_attribute *map, const struct ldb_val *val)
+{
+ if (map && (map->type == MAP_CONVERT) && (map->u.convert.convert_local)) {
+ return map->u.convert.convert_local(module, mem_ctx, val);
+ }
- if (!avail)
- continue;
+ return ldb_val_dup(mem_ctx, val);
+}
- ret = talloc_realloc(module, ret, const char *, count+2);
- ret[count] = attr->local_name;
- ret[count+1] = NULL;
- count++;
+/* Map an ldb value back into the local partition. */
+struct ldb_val ldb_val_map_remote(struct ldb_module *module, void *mem_ctx,
+ const struct ldb_map_attribute *map, const struct ldb_val *val)
+{
+ if (map && (map->type == MAP_CONVERT) && (map->u.convert.convert_remote)) {
+ return map->u.convert.convert_remote(module, mem_ctx, val);
}
- return ret;
+ return ldb_val_dup(mem_ctx, val);
}
-/* Used for search */
-static struct ldb_message *ldb_map_message_incoming(struct ldb_module *module, const char * const*attrs, const struct ldb_message *mi)
+
+/* Mapping DNs
+ * =========== */
+
+/* Check whether a DN is below the local baseDN. */
+bool ldb_dn_check_local(struct ldb_module *module, struct ldb_dn *dn)
{
- int i, j;
- struct ldb_message *msg = talloc_zero(module, struct ldb_message);
- struct ldb_message_element *elm, *oldelm;
- struct ldb_map_context *privdat = map_get_privdat(module);
- const char **newattrs = NULL;
+ const struct ldb_map_context *data = map_get_context(module);
- msg->dn = map_remote_dn(privdat, module, mi->dn);
+ if (!data->local_base_dn) {
+ return true;
+ }
- ldb_msg_add_string(module->ldb, msg, "mappedFromDn", ldb_dn_linearize(msg, mi->dn));
+ return ldb_dn_compare_base(data->local_base_dn, dn) == 0;
+}
- /* Loop over attrs, find in ldb_map_attribute array and
- * run generate() */
+/* Map a DN into the remote partition. */
+struct ldb_dn *ldb_dn_map_local(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
+{
+ const struct ldb_map_context *data = map_get_context(module);
+ struct ldb_dn *newdn;
+ const struct ldb_map_attribute *map;
+ enum ldb_map_attr_type map_type;
+ const char *name;
+ struct ldb_val value;
+ int i, ret;
- if (attrs == NULL) {
- /* Generate list of the local attributes that /can/ be generated
- * using the specific remote attributes */
+ if (dn == NULL) {
+ return NULL;
+ }
- attrs = newattrs = available_local_attributes(module, mi);
+ newdn = ldb_dn_copy(mem_ctx, dn);
+ if (newdn == NULL) {
+ map_oom(module);
+ return NULL;
}
- for (i = 0; attrs[i]; i++) {
- const struct ldb_map_attribute *attr = map_find_attr_local(privdat, attrs[i]);
- enum ldb_map_attr_type map_type;
+ /* For each RDN, map the component name and possibly the value */
+ for (i = 0; i < ldb_dn_get_comp_num(newdn); i++) {
+ map = map_attr_find_local(data, ldb_dn_get_component_name(dn, i));
- if (!attr) {
- ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Unable to find local attribute '%s' when generating incoming message\n", attrs[i]);
- map_type = MAP_IGNORE;
- } else map_type = attr->type;
+ /* Unknown attribute - leave this RDN as is and hope the best... */
+ if (map == NULL) {
+ map_type = MAP_KEEP;
+ } else {
+ map_type = map->type;
+ }
switch (map_type) {
- case MAP_IGNORE:break;
- case MAP_RENAME:
- oldelm = ldb_msg_find_element(mi, attr->u.rename.remote_name);
- if (!oldelm) continue;
-
- elm = talloc(msg, struct ldb_message_element);
- elm->name = talloc_strdup(elm, attr->local_name);
- elm->num_values = oldelm->num_values;
- elm->values = talloc_reference(elm, oldelm->values);
-
- ldb_msg_add(module->ldb, msg, elm, oldelm->flags);
- break;
-
- case MAP_CONVERT:
- oldelm = ldb_msg_find_element(mi, attr->u.rename.remote_name);
- if (!oldelm) continue;
-
- elm = talloc(msg, struct ldb_message_element);
- elm->name = talloc_strdup(elm, attr->local_name);
- elm->num_values = oldelm->num_values;
- elm->values = talloc_array(elm, struct ldb_val, elm->num_values);
-
- for (j = 0; j < oldelm->num_values; j++)
- elm->values[j] = attr->u.convert.convert_remote(privdat, elm, &oldelm->values[j]);
-
- ldb_msg_add(module->ldb, msg, elm, oldelm->flags);
- break;
-
- case MAP_KEEP:
- oldelm = ldb_msg_find_element(mi, attr->local_name);
- if (!oldelm) continue;
-
- elm = talloc(msg, struct ldb_message_element);
-
- elm->num_values = oldelm->num_values;
- elm->values = talloc_reference(elm, oldelm->values);
- elm->name = talloc_strdup(elm, oldelm->name);
-
- ldb_msg_add(module->ldb, msg, elm, oldelm->flags);
- break;
-
- case MAP_GENERATE:
- elm = attr->u.generate.generate_local(privdat, msg, attr->local_name, mi);
- if (!elm) continue;
-
- ldb_msg_add(module->ldb, msg, elm, elm->flags);
- break;
- default:
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Unknown attr->type for %s", attr->local_name);
- break;
+ case MAP_IGNORE:
+ case MAP_GENERATE:
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "MAP_IGNORE/MAP_GENERATE attribute '%s' "
+ "used in DN!\n", ldb_dn_get_component_name(dn, i));
+ goto failed;
+
+ case MAP_CONVERT:
+ if (map->u.convert.convert_local == NULL) {
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "'convert_local' not set for attribute '%s' "
+ "used in DN!\n", ldb_dn_get_component_name(dn, i));
+ goto failed;
+ }
+ /* fall through */
+ case MAP_KEEP:
+ case MAP_RENAME:
+ name = map_attr_map_local(newdn, map, ldb_dn_get_component_name(dn, i));
+ if (name == NULL) goto failed;
+
+ value = ldb_val_map_local(module, newdn, map, ldb_dn_get_component_val(dn, i));
+ if (value.data == NULL) goto failed;
+
+ ret = ldb_dn_set_component(newdn, i, name, value);
+ if (ret != LDB_SUCCESS) {
+ goto failed;
+ }
+
+ break;
}
}
- talloc_free(newattrs);
+ return newdn;
- return msg;
+failed:
+ talloc_free(newdn);
+ return NULL;
}
-/* Used for add, modify */
-static int ldb_map_message_outgoing(struct ldb_module *module, const struct ldb_message *mo, struct ldb_message **fb, struct ldb_message **mp)
+/* Map a DN into the local partition. */
+struct ldb_dn *ldb_dn_map_remote(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
{
- struct ldb_map_context *privdat = map_get_privdat(module);
- struct ldb_message *msg = talloc_zero(module, struct ldb_message);
- struct ldb_message_element *elm;
- int i,j;
-
- *fb = talloc_zero(module, struct ldb_message);
- (*fb)->dn = talloc_reference(*fb, mo->dn);
+ const struct ldb_map_context *data = map_get_context(module);
+ struct ldb_dn *newdn;
+ const struct ldb_map_attribute *map;
+ enum ldb_map_attr_type map_type;
+ const char *name;
+ struct ldb_val value;
+ int i, ret;
- *mp = msg;
+ if (dn == NULL) {
+ return NULL;
+ }
- msg->private_data = mo->private_data;
-
- msg->dn = map_local_dn(privdat, module, mo->dn);
+ newdn = ldb_dn_copy(mem_ctx, dn);
+ if (newdn == NULL) {
+ map_oom(module);
+ return NULL;
+ }
- /* Loop over mi and call generate_remote for each attribute */
- for (i = 0; i < mo->num_elements; i++) {
- const struct ldb_map_attribute *attr = map_find_attr_local(privdat, mo->elements[i].name);
- enum ldb_map_attr_type map_type;
+ /* For each RDN, map the component name and possibly the value */
+ for (i = 0; i < ldb_dn_get_comp_num(newdn); i++) {
+ map = map_attr_find_remote(data, ldb_dn_get_component_name(dn, i));
- if (!attr) {
- ldb_debug(module->ldb, LDB_DEBUG_WARNING, "Undefined local attribute '%s', ignoring\n", mo->elements[i].name);
- map_type = MAP_IGNORE;
- continue;
- } else map_type = attr->type;
+ /* Unknown attribute - leave this RDN as is and hope the best... */
+ if (map == NULL) {
+ map_type = MAP_KEEP;
+ } else {
+ map_type = map->type;
+ }
switch (map_type) {
- case MAP_IGNORE: /* Add to fallback message */
- elm = talloc(*fb, struct ldb_message_element);
-
- elm->num_values = mo->elements[i].num_values;
- elm->values = talloc_reference(elm, mo->elements[i].values);
- elm->name = talloc_strdup(elm, mo->elements[i].name);
-
- ldb_msg_add(module->ldb, *fb, elm, mo->elements[i].flags);
- break;
- case MAP_RENAME:
- elm = talloc(msg, struct ldb_message_element);
-
- elm->name = talloc_strdup(elm, attr->u.rename.remote_name);
- elm->num_values = mo->elements[i].num_values;
- elm->values = talloc_reference(elm, mo->elements[i].values);
-
- ldb_msg_add(module->ldb, msg, elm, mo->elements[i].flags);
- break;
+ case MAP_IGNORE:
+ case MAP_GENERATE:
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "MAP_IGNORE/MAP_GENERATE attribute '%s' "
+ "used in DN!\n", ldb_dn_get_component_name(dn, i));
+ goto failed;
case MAP_CONVERT:
- elm = talloc(msg, struct ldb_message_element);
-
- elm->name = talloc_strdup(elm, attr->u.rename.remote_name);
- elm->num_values = mo->elements[i].num_values;
- elm->values = talloc_array(elm, struct ldb_val, elm->num_values);
-
- for (j = 0; j < elm->num_values; j++) {
- elm->values[j] = attr->u.convert.convert_local(privdat, msg, &mo->elements[i].values[j]);
+ if (map->u.convert.convert_remote == NULL) {
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "'convert_remote' not set for attribute '%s' "
+ "used in DN!\n", ldb_dn_get_component_name(dn, i));
+ goto failed;
}
-
- ldb_msg_add(module->ldb, msg, elm, mo->elements[i].flags);
- break;
-
+ /* fall through */
case MAP_KEEP:
- elm = talloc(msg, struct ldb_message_element);
+ case MAP_RENAME:
+ name = map_attr_map_remote(newdn, map, ldb_dn_get_component_name(dn, i));
+ if (name == NULL) goto failed;
- elm->num_values = mo->elements[i].num_values;
- elm->values = talloc_reference(elm, mo->elements[i].values);
- elm->name = talloc_strdup(elm, mo->elements[i].name);
-
- ldb_msg_add(module->ldb, msg, elm, mo->elements[i].flags);
- break;
+ value = ldb_val_map_remote(module, newdn, map, ldb_dn_get_component_val(dn, i));
+ if (value.data == NULL) goto failed;
+
+ ret = ldb_dn_set_component(newdn, i, name, value);
+ if (ret != LDB_SUCCESS) {
+ goto failed;
+ }
- case MAP_GENERATE:
- attr->u.generate.generate_remote(privdat, attr->local_name, mo, msg);
break;
- }
+ }
}
- return 0;
-}
+ return newdn;
+failed:
+ talloc_free(newdn);
+ return NULL;
+}
-/*
- rename a record
-*/
-static int map_rename(struct ldb_module *module, const struct ldb_dn *olddn, const struct ldb_dn *newdn)
+/* Map a DN and its base into the local partition. */
+/* TODO: This should not be required with GUIDs. */
+struct ldb_dn *ldb_dn_map_rebase_remote(struct ldb_module *module, void *mem_ctx, struct ldb_dn *dn)
{
- struct ldb_map_context *privdat = map_get_privdat(module);
- struct ldb_dn *n_olddn, *n_newdn;
- int ret;
-
- ret = ldb_next_rename_record(module, olddn, newdn);
-
- n_olddn = map_local_dn(privdat, module, olddn);
- n_newdn = map_local_dn(privdat, module, newdn);
+ const struct ldb_map_context *data = map_get_context(module);
+ struct ldb_dn *dn1, *dn2;
- ret = ldb_rename(privdat->mapped_ldb, n_olddn, n_newdn);
+ dn1 = ldb_dn_rebase_local(mem_ctx, data, dn);
+ dn2 = ldb_dn_map_remote(module, mem_ctx, dn1);
- talloc_free(n_olddn);
- talloc_free(n_newdn);
-
- return ret;
+ talloc_free(dn1);
+ return dn2;
}
-/*
- delete a record
-*/
-static int map_delete(struct ldb_module *module, const struct ldb_dn *dn)
-{
- struct ldb_map_context *privdat = map_get_privdat(module);
- struct ldb_dn *newdn;
- int ret;
- ret = ldb_next_delete_record(module, dn);
-
- newdn = map_local_dn(privdat, module, dn);
+/* Converting DNs and objectClasses (as ldb values)
+ * ================================================ */
- ret = ldb_delete(privdat->mapped_ldb, newdn);
+/* Map a DN contained in an ldb value into the remote partition. */
+static struct ldb_val ldb_dn_convert_local(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
+{
+ struct ldb_dn *dn, *newdn;
+ struct ldb_val newval;
+
+ dn = ldb_dn_new(mem_ctx, module->ldb, (char *)val->data);
+ if (! ldb_dn_validate(dn)) {
+ newval.length = 0;
+ newval.data = NULL;
+ talloc_free(dn);
+ return newval;
+ }
+ newdn = ldb_dn_map_local(module, mem_ctx, dn);
+ talloc_free(dn);
+ newval.length = 0;
+ newval.data = (uint8_t *)ldb_dn_alloc_linearized(mem_ctx, newdn);
+ if (newval.data) {
+ newval.length = strlen((char *)newval.data);
+ }
talloc_free(newdn);
- return ret;
+ return newval;
}
-/* search fallback database */
-static int map_search_bytree_fb(struct ldb_module *module, const struct ldb_dn *base,
- enum ldb_scope scope, struct ldb_parse_tree *tree,
- const char * const *attrs, struct ldb_message ***res)
+/* Map a DN contained in an ldb value into the local partition. */
+static struct ldb_val ldb_dn_convert_remote(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
{
- int ret;
- struct ldb_parse_tree t_and, t_not, t_present, *childs[2];
-
- t_present.operation = LDB_OP_PRESENT;
- t_present.u.present.attr = talloc_strdup(NULL, "isMapped");
+ struct ldb_dn *dn, *newdn;
+ struct ldb_val newval;
+
+ dn = ldb_dn_new(mem_ctx, module->ldb, (char *)val->data);
+ if (! ldb_dn_validate(dn)) {
+ newval.length = 0;
+ newval.data = NULL;
+ talloc_free(dn);
+ return newval;
+ }
+ newdn = ldb_dn_map_remote(module, mem_ctx, dn);
+ talloc_free(dn);
- t_not.operation = LDB_OP_NOT;
- t_not.u.isnot.child = &t_present;
+ newval.length = 0;
+ newval.data = (uint8_t *)ldb_dn_alloc_linearized(mem_ctx, newdn);
+ if (newval.data) {
+ newval.length = strlen((char *)newval.data);
+ }
+ talloc_free(newdn);
- childs[0] = &t_not;
- childs[1] = tree;
- t_and.operation = LDB_OP_AND;
- t_and.u.list.num_elements = 2;
- t_and.u.list.elements = childs;
-
- ret = ldb_next_search_bytree(module, base, scope, &t_and, attrs, res);
+ return newval;
+}
- talloc_free(t_present.u.present.attr);
+/* Map an objectClass into the remote partition. */
+static struct ldb_val map_objectclass_convert_local(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
+{
+ const struct ldb_map_context *data = map_get_context(module);
+ const char *name = (char *)val->data;
+ const struct ldb_map_objectclass *map = map_objectclass_find_local(data, name);
+ struct ldb_val newval;
+
+ if (map) {
+ newval.data = (uint8_t*)talloc_strdup(mem_ctx, map->remote_name);
+ newval.length = strlen((char *)newval.data);
+ return newval;
+ }
- return ret;
+ return ldb_val_dup(mem_ctx, val);
}
-static int map_search_bytree_mp(struct ldb_module *module, const struct ldb_dn *base,
- enum ldb_scope scope, struct ldb_parse_tree *tree,
- const char * const *attrs, struct ldb_message ***res)
+/* Generate a remote message with a mapped objectClass. */
+static void map_objectclass_generate_remote(struct ldb_module *module, const char *local_attr, const struct ldb_message *old, struct ldb_message *remote, struct ldb_message *local)
{
- struct ldb_parse_tree *new_tree;
- struct ldb_dn *new_base;
- struct ldb_message **newres;
- const char **newattrs;
- int mpret, ret;
- struct ldb_map_context *privdat = map_get_privdat(module);
+ const struct ldb_map_context *data = map_get_context(module);
+ struct ldb_message_element *el, *oc;
+ struct ldb_val val;
+ bool found_extensibleObject = false;
int i;
- /*- search mapped database */
-
- new_tree = ldb_map_parse_tree(module, module, tree);
- newattrs = ldb_map_attrs(module, attrs);
- new_base = map_local_dn(privdat, module, base);
-
- mpret = ldb_search_bytree(privdat->mapped_ldb, new_base, scope, new_tree, newattrs, &newres);
+ /* Find old local objectClass */
+ oc = ldb_msg_find_element(old, "objectClass");
+ if (oc == NULL) {
+ return;
+ }
- talloc_free(new_base);
- talloc_free(new_tree);
- talloc_free(newattrs);
+ /* Prepare new element */
+ el = talloc_zero(remote, struct ldb_message_element);
+ if (el == NULL) {
+ ldb_oom(module->ldb);
+ return; /* TODO: fail? */
+ }
- if (mpret == -1) {
- struct map_private *map_private = module->private_data;
- map_private->last_err_string = ldb_errstring(privdat->mapped_ldb);
- return -1;
+ /* Copy local objectClass element, reverse space for an extra value */
+ el->num_values = oc->num_values + 1;
+ el->values = talloc_array(el, struct ldb_val, el->num_values);
+ if (el->values == NULL) {
+ talloc_free(el);
+ ldb_oom(module->ldb);
+ return; /* TODO: fail? */
}
- /*
- - per returned record, search fallback database for additional data (by dn)
- - test if (full expression) is now true
- */
+ /* Copy local element name "objectClass" */
+ el->name = talloc_strdup(el, local_attr);
- *res = talloc_array(module, struct ldb_message *, mpret);
+ /* Convert all local objectClasses */
+ for (i = 0; i < el->num_values - 1; i++) {
+ el->values[i] = map_objectclass_convert_local(module, el->values, &oc->values[i]);
+ if (ldb_attr_cmp((char *)el->values[i].data, data->add_objectclass) == 0) {
+ found_extensibleObject = true;
+ }
+ }
- ret = 0;
+ if (!found_extensibleObject) {
+ val.data = (uint8_t *)talloc_strdup(el->values, data->add_objectclass);
+ val.length = strlen((char *)val.data);
- for (i = 0; i < mpret; i++) {
- struct ldb_message *merged = ldb_map_message_incoming(module, attrs, newres[i]);
- struct ldb_message **extrares = NULL;
- int extraret;
-
- /* Merge with additional data from local database */
- extraret = ldb_next_search(module, merged->dn, LDB_SCOPE_BASE, "", NULL, &extrares);
+ /* Append additional objectClass data->add_objectclass */
+ el->values[i] = val;
+ } else {
+ el->num_values--;
+ }
- if (extraret == -1) {
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Error searching for extra data!\n");
- } else if (extraret > 1) {
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "More than one result for extra data!\n");
- talloc_free(newres);
- return -1;
- } else if (extraret == 0) {
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "No extra data found for remote DN");
- }
-
- if (extraret == 1) {
- int j;
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "Extra data found for remote DN");
- for (j = 0; j < extrares[0]->num_elements; j++) {
- ldb_msg_add(module->ldb, merged, &(extrares[0]->elements[j]), extrares[0]->elements[j].flags);
- }
+ /* Add new objectClass to remote message */
+ ldb_msg_add(remote, el, 0);
+}
- ldb_msg_add_string(module->ldb, merged, "extraMapped", "TRUE");
- } else {
- ldb_msg_add_string(module->ldb, merged, "extraMapped", "FALSE");
- }
-
- if (ldb_match_msg(module->ldb, merged, tree, base, scope)) {
- (*res)[ret] = merged;
- ret++;
- } else {
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "Discarded merged message because it did not match");
- }
+/* Map an objectClass into the local partition. */
+static struct ldb_val map_objectclass_convert_remote(struct ldb_module *module, void *mem_ctx, const struct ldb_val *val)
+{
+ const struct ldb_map_context *data = map_get_context(module);
+ const char *name = (char *)val->data;
+ const struct ldb_map_objectclass *map = map_objectclass_find_remote(data, name);
+ struct ldb_val newval;
+
+ if (map) {
+ newval.data = (uint8_t*)talloc_strdup(mem_ctx, map->local_name);
+ newval.length = strlen((char *)newval.data);
+ return newval;
}
- talloc_free(newres);
-
- return ret;
+ return ldb_val_dup(mem_ctx, val);
}
-
-/*
- search for matching records using a ldb_parse_tree
-*/
-static int map_search_bytree(struct ldb_module *module, const struct ldb_dn *base,
- enum ldb_scope scope, struct ldb_parse_tree *tree,
- const char * const *attrs, struct ldb_message ***res)
+/* Generate a local message with a mapped objectClass. */
+static struct ldb_message_element *map_objectclass_generate_local(struct ldb_module *module, void *mem_ctx, const char *local_attr, const struct ldb_message *remote)
{
- struct ldb_message **fbres, **mpres;
+ struct ldb_message_element *el, *oc;
+ struct ldb_val val;
int i;
- int ret_fb, ret_mp;
- ret_fb = map_search_bytree_fb(module, base, scope, tree, attrs, &fbres);
- if (ret_fb == -1)
- return -1;
+ /* Find old remote objectClass */
+ oc = ldb_msg_find_element(remote, "objectClass");
+ if (oc == NULL) {
+ return NULL;
+ }
- ret_mp = map_search_bytree_mp(module, base, scope, tree, attrs, &mpres);
- if (ret_mp == -1) {
- return -1;
+ /* Prepare new element */
+ el = talloc_zero(mem_ctx, struct ldb_message_element);
+ if (el == NULL) {
+ ldb_oom(module->ldb);
+ return NULL;
}
- /* Merge results */
- *res = talloc_array(module, struct ldb_message *, ret_fb + ret_mp);
+ /* Copy remote objectClass element */
+ el->num_values = oc->num_values;
+ el->values = talloc_array(el, struct ldb_val, el->num_values);
+ if (el->values == NULL) {
+ talloc_free(el);
+ ldb_oom(module->ldb);
+ return NULL;
+ }
- for (i = 0; i < ret_fb; i++) (*res)[i] = fbres[i];
- for (i = 0; i < ret_mp; i++) (*res)[ret_fb+i] = mpres[i];
+ /* Copy remote element name "objectClass" */
+ el->name = talloc_strdup(el, local_attr);
- return ret_fb + ret_mp;
-}
-/*
- search for matching records
-*/
-static int map_search(struct ldb_module *module, const struct ldb_dn *base,
- enum ldb_scope scope, const char *expression,
- const char * const *attrs, struct ldb_message ***res)
-{
- struct map_private *map = module->private_data;
- struct ldb_parse_tree *tree;
- int ret;
+ /* Convert all remote objectClasses */
+ for (i = 0; i < el->num_values; i++) {
+ el->values[i] = map_objectclass_convert_remote(module, el->values, &oc->values[i]);
+ }
- tree = ldb_parse_tree(NULL, expression);
- if (tree == NULL) {
- map->last_err_string = "expression parse failed";
- return -1;
+ val.data = (uint8_t *)talloc_strdup(el->values, "extensibleObject");
+ val.length = strlen((char *)val.data);
+
+ /* Remove last value if it was "extensibleObject" */
+ if (ldb_val_equal_exact(&val, &el->values[i-1])) {
+ el->num_values--;
+ el->values = talloc_realloc(el, el->values, struct ldb_val, el->num_values);
+ if (el->values == NULL) {
+ talloc_free(el);
+ ldb_oom(module->ldb);
+ return NULL;
+ }
}
- ret = map_search_bytree(module, base, scope, tree, attrs, res);
- talloc_free(tree);
- return ret;
+ return el;
}
-/*
- add a record
-*/
-static int map_add(struct ldb_module *module, const struct ldb_message *msg)
+static const struct ldb_map_attribute objectclass_convert_map = {
+ .local_name = "objectClass",
+ .type = MAP_CONVERT,
+ .u = {
+ .convert = {
+ .remote_name = "objectClass",
+ .convert_local = map_objectclass_convert_local,
+ .convert_remote = map_objectclass_convert_remote,
+ },
+ },
+};
+
+
+/* Mappings for searches on objectClass= assuming a one-to-one
+ * mapping. Needed because this is a generate operator for the
+ * add/modify code */
+static int map_objectclass_convert_operator(struct ldb_module *module, void *mem_ctx,
+ struct ldb_parse_tree **new, const struct ldb_parse_tree *tree)
{
- int ret;
- struct ldb_map_context *privdat = map_get_privdat(module);
- struct ldb_message *fb, *mp;
+
+ return map_subtree_collect_remote_simple(module, mem_ctx, new, tree, &objectclass_convert_map);
+}
+
+/* Auxiliary request construction
+ * ============================== */
+
+/* Store the DN of a single search result in context. */
+static int map_search_self_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares)
+{
+ struct map_context *ac;
- if (!map_is_mappable(privdat, msg)) {
- return ldb_next_add_record(module, msg);
+ if (context == NULL || ares == NULL) {
+ ldb_set_errstring(ldb, talloc_asprintf(ldb, "NULL Context or Result in callback"));
+ return LDB_ERR_OPERATIONS_ERROR;
}
- if (ldb_map_message_outgoing(module, msg, &fb, &mp) == -1)
- return -1;
-
- ldb_msg_add_string(module->ldb, fb, "isMapped", "TRUE");
+ ac = talloc_get_type(context, struct map_context);
- ret = ldb_next_add_record(module, fb);
- if (ret == -1) {
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "Adding fallback record failed");
- return -1;
+ /* We are interested only in the single reply */
+ if (ares->type != LDB_REPLY_ENTRY) {
+ talloc_free(ares);
+ return LDB_SUCCESS;
}
-
- ret = ldb_add(privdat->mapped_ldb, mp);
- if (ret == -1) {
- ldb_debug(module->ldb, LDB_DEBUG_TRACE, "Adding mapped record failed");
- return -1;
+
+ /* We have already found a remote DN */
+ if (ac->local_dn) {
+ ldb_set_errstring(ldb, talloc_asprintf(ldb, "Too many results to base search"));
+ talloc_free(ares);
+ return LDB_ERR_OPERATIONS_ERROR;
}
- talloc_free(fb);
- talloc_free(mp);
+ /* Store local DN */
+ ac->local_dn = ares->message->dn;
- return ret;
+ return LDB_SUCCESS;
}
-
-/*
- modify a record
-*/
-static int map_modify(struct ldb_module *module, const struct ldb_message *msg)
+/* Build a request to search a record by its DN. */
+struct ldb_request *map_search_base_req(struct map_context *ac, struct ldb_dn *dn, const char * const *attrs, const struct ldb_parse_tree *tree, void *context, ldb_search_callback callback)
{
- struct ldb_map_context *privdat = map_get_privdat(module);
- struct ldb_message *fb, *mp;
- int ret;
+ struct ldb_request *req;
- if (!map_is_mappable(privdat, msg))
- return ldb_next_modify_record(module, msg);
-
-
- if (ldb_map_message_outgoing(module, msg, &fb, &mp) == -1)
- return -1;
-
- ldb_msg_add_string(module->ldb, fb, "isMapped", "TRUE");
+ req = talloc_zero(ac, struct ldb_request);
+ if (req == NULL) {
+ map_oom(ac->module);
+ return NULL;
+ }
- ret = ldb_next_modify_record(module, fb);
+ req->operation = LDB_SEARCH;
+ req->op.search.base = dn;
+ req->op.search.scope = LDB_SCOPE_BASE;
+ req->op.search.attrs = attrs;
- ret = ldb_modify(privdat->mapped_ldb, mp);
+ if (tree) {
+ req->op.search.tree = tree;
+ } else {
+ req->op.search.tree = ldb_parse_tree(req, NULL);
+ if (req->op.search.tree == NULL) {
+ talloc_free(req);
+ return NULL;
+ }
+ }
- talloc_free(fb);
- talloc_free(mp);
+ req->controls = NULL;
+ req->context = context;
+ req->callback = callback;
+ ldb_set_timeout_from_prev_req(ac->module->ldb, ac->orig_req, req);
- return ret;
+ return req;
}
-static int map_lock(struct ldb_module *module, const char *lockname)
+/* Build a request to search the local record by its DN. */
+struct ldb_request *map_search_self_req(struct map_context *ac, struct ldb_dn *dn)
{
- return ldb_next_named_lock(module, lockname);
-}
+ /* attrs[] is returned from this function in
+ * ac->search_req->op.search.attrs, so it must be static, as
+ * otherwise the compiler can put it on the stack */
+ static const char * const attrs[] = { IS_MAPPED, NULL };
+ struct ldb_parse_tree *tree;
-static int map_unlock(struct ldb_module *module, const char *lockname)
-{
- return ldb_next_named_unlock(module, lockname);
-}
+ /* Limit search to records with 'IS_MAPPED' present */
+ /* TODO: `tree = ldb_parse_tree(ac, IS_MAPPED);' won't do. */
+ tree = talloc_zero(ac, struct ldb_parse_tree);
+ if (tree == NULL) {
+ map_oom(ac->module);
+ return NULL;
+ }
-/*
- return extended error information
-*/
-static const char *map_errstring(struct ldb_module *module)
-{
- struct map_private *map = module->private_data;
-
- if (map->last_err_string)
- return map->last_err_string;
+ tree->operation = LDB_OP_PRESENT;
+ tree->u.present.attr = talloc_strdup(tree, IS_MAPPED);
- return ldb_next_errstring(module);
+ return map_search_base_req(ac, dn, attrs, tree, ac, map_search_self_callback);
}
-static const struct ldb_module_ops map_ops = {
- .name = "map",
- .search = map_search,
- .search_bytree = map_search_bytree,
- .add_record = map_add,
- .modify_record = map_modify,
- .delete_record = map_delete,
- .rename_record = map_rename,
- .named_lock = map_lock,
- .named_unlock = map_unlock,
- .errstring = map_errstring
-};
-
-static char *map_find_url(struct ldb_context *ldb, const char *name)
+/* Build a request to update the 'IS_MAPPED' attribute */
+struct ldb_request *map_build_fixup_req(struct map_context *ac, struct ldb_dn *olddn, struct ldb_dn *newdn)
{
- const char * const attrs[] = { "@MAP_URL" , NULL};
- struct ldb_message **msg = NULL;
- struct ldb_dn *mods;
- char *url;
- int ret;
-
- mods = ldb_dn_string_compose(ldb, NULL, "@MAP=%s", name);
- if (mods == NULL) {
- ldb_debug(ldb, LDB_DEBUG_ERROR, "Can't construct DN");
+ struct ldb_request *req;
+ struct ldb_message *msg;
+ const char *dn;
+
+ /* Prepare request */
+ req = talloc_zero(ac, struct ldb_request);
+ if (req == NULL) {
+ map_oom(ac->module);
return NULL;
}
- ret = ldb_search(ldb, mods, LDB_SCOPE_BASE, "", attrs, &msg);
- talloc_free(mods);
- if (ret < 1) {
- ldb_debug(ldb, LDB_DEBUG_ERROR, "Not enough results found looking for @MAP");
- return NULL;
+ /* Prepare message */
+ msg = ldb_msg_new(req);
+ if (msg == NULL) {
+ map_oom(ac->module);
+ goto failed;
}
- url = talloc_strdup(ldb, ldb_msg_find_string(msg[0], "@MAP_URL", NULL));
+ /* Update local 'IS_MAPPED' to the new remote DN */
+ msg->dn = ldb_dn_copy(msg, olddn);
+ dn = ldb_dn_alloc_linearized(msg, newdn);
+ if ( ! dn || ! ldb_dn_validate(msg->dn)) {
+ goto failed;
+ }
+ if (ldb_msg_add_empty(msg, IS_MAPPED, LDB_FLAG_MOD_REPLACE, NULL) != 0) {
+ goto failed;
+ }
+ if (ldb_msg_add_string(msg, IS_MAPPED, dn) != 0) {
+ goto failed;
+ }
+
+ req->operation = LDB_MODIFY;
+ req->op.mod.message = msg;
+ req->controls = NULL;
+ req->handle = NULL;
+ req->context = NULL;
+ req->callback = NULL;
- talloc_free(msg);
+ return req;
- return url;
+failed:
+ talloc_free(req);
+ return NULL;
}
-/* the init function */
-struct ldb_module *ldb_map_init(struct ldb_context *ldb, const struct ldb_map_attribute *attrs, const struct ldb_map_objectclass *ocls, const char *name)
+
+/* Asynchronous call structure
+ * =========================== */
+
+/* Figure out which request is currently pending. */
+static struct ldb_request *map_get_req(struct map_context *ac)
{
- int i, j;
- struct ldb_module *ctx;
- struct map_private *data;
- char *url;
+ switch (ac->step) {
+ case MAP_SEARCH_SELF_MODIFY:
+ case MAP_SEARCH_SELF_DELETE:
+ case MAP_SEARCH_SELF_RENAME:
+ return ac->search_req;
+
+ case MAP_ADD_REMOTE:
+ case MAP_MODIFY_REMOTE:
+ case MAP_DELETE_REMOTE:
+ case MAP_RENAME_REMOTE:
+ return ac->remote_req;
+
+ case MAP_RENAME_FIXUP:
+ return ac->down_req;
+
+ case MAP_ADD_LOCAL:
+ case MAP_MODIFY_LOCAL:
+ case MAP_DELETE_LOCAL:
+ case MAP_RENAME_LOCAL:
+ return ac->local_req;
+
+ case MAP_SEARCH_REMOTE:
+ /* Can't happen */
+ break;
+ }
- ctx = talloc(ldb, struct ldb_module);
- if (!ctx)
+ return NULL; /* unreachable; silences a warning */
+}
+
+typedef int (*map_next_function)(struct ldb_handle *handle);
+
+/* Figure out the next request to run. */
+static map_next_function map_get_next(struct map_context *ac)
+{
+ switch (ac->step) {
+ case MAP_SEARCH_REMOTE:
return NULL;
- data = talloc(ctx, struct map_private);
- if (!data) {
- talloc_free(ctx);
+ case MAP_ADD_LOCAL:
+ return map_add_do_remote;
+ case MAP_ADD_REMOTE:
return NULL;
- }
- data->context.mapped_ldb = ldb_init(data);
- url = map_find_url(ldb, name);
+ case MAP_SEARCH_SELF_MODIFY:
+ return map_modify_do_local;
+ case MAP_MODIFY_LOCAL:
+ return map_modify_do_remote;
+ case MAP_MODIFY_REMOTE:
+ return NULL;
- if (!url) {
- ldb_debug(ldb, LDB_DEBUG_FATAL, "@MAP=%s not set!\n", name);
+ case MAP_SEARCH_SELF_DELETE:
+ return map_delete_do_local;
+ case MAP_DELETE_LOCAL:
+ return map_delete_do_remote;
+ case MAP_DELETE_REMOTE:
return NULL;
- }
- if (ldb_connect(data->context.mapped_ldb, url, 0, NULL) != 0) {
- ldb_debug(ldb, LDB_DEBUG_FATAL, "Unable to open mapped database for %s at '%s'\n", name, url);
+ case MAP_SEARCH_SELF_RENAME:
+ return map_rename_do_local;
+ case MAP_RENAME_LOCAL:
+ return map_rename_do_fixup;
+ case MAP_RENAME_FIXUP:
+ return map_rename_do_remote;
+ case MAP_RENAME_REMOTE:
return NULL;
}
- talloc_free(url);
+ return NULL; /* unreachable; silences a warning */
+}
- data->last_err_string = NULL;
+/* Wait for the current pending request to finish and continue with the next. */
+static int map_wait_next(struct ldb_handle *handle)
+{
+ struct map_context *ac;
+ struct ldb_request *req;
+ map_next_function next;
+ int ret;
- /* Get list of attribute maps */
- j = 0;
- data->context.attribute_maps = NULL;
+ if (handle == NULL || handle->private_data == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
- for (i = 0; attrs[i].local_name; i++) {
- data->context.attribute_maps = talloc_realloc(data, data->context.attribute_maps, struct ldb_map_attribute, j+1);
- data->context.attribute_maps[j] = attrs[i];
- j++;
+ if (handle->state == LDB_ASYNC_DONE) {
+ return handle->status;
}
- for (i = 0; builtin_attribute_maps[i].local_name; i++) {
- data->context.attribute_maps = talloc_realloc(data, data->context.attribute_maps, struct ldb_map_attribute, j+1);
- data->context.attribute_maps[j] = builtin_attribute_maps[i];
- j++;
+ handle->state = LDB_ASYNC_PENDING;
+ handle->status = LDB_SUCCESS;
+
+ ac = talloc_get_type(handle->private_data, struct map_context);
+
+ if (ac->step == MAP_SEARCH_REMOTE) {
+ int i;
+ for (i = 0; i < ac->num_searches; i++) {
+ req = ac->search_reqs[i];
+ ret = ldb_wait(req->handle, LDB_WAIT_NONE);
+
+ if (ret != LDB_SUCCESS) {
+ handle->status = ret;
+ goto done;
+ }
+ if (req->handle->status != LDB_SUCCESS) {
+ handle->status = req->handle->status;
+ goto done;
+ }
+ if (req->handle->state != LDB_ASYNC_DONE) {
+ return LDB_SUCCESS;
+ }
+ }
+ } else {
+
+ req = map_get_req(ac);
+
+ ret = ldb_wait(req->handle, LDB_WAIT_NONE);
+
+ if (ret != LDB_SUCCESS) {
+ handle->status = ret;
+ goto done;
+ }
+ if (req->handle->status != LDB_SUCCESS) {
+ handle->status = req->handle->status;
+ goto done;
+ }
+ if (req->handle->state != LDB_ASYNC_DONE) {
+ return LDB_SUCCESS;
+ }
+
+ next = map_get_next(ac);
+ if (next) {
+ return next(handle);
+ }
}
- data->context.attribute_maps = talloc_realloc(data, data->context.attribute_maps, struct ldb_map_attribute, j+1);
- ZERO_STRUCT(data->context.attribute_maps[j].local_name);
+ ret = LDB_SUCCESS;
+
+done:
+ handle->state = LDB_ASYNC_DONE;
+ return ret;
+}
+
+/* Wait for all current pending requests to finish. */
+static int map_wait_all(struct ldb_handle *handle)
+{
+ int ret;
- data->context.objectclass_maps = ocls;
- ctx->private_data = data;
- ctx->ldb = ldb;
- ctx->prev = ctx->next = NULL;
- ctx->ops = &map_ops;
+ while (handle->state != LDB_ASYNC_DONE) {
+ ret = map_wait_next(handle);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ }
- return ctx;
+ return handle->status;
}
-static struct ldb_val map_convert_local_dn(struct ldb_map_context *map, TALLOC_CTX *ctx, const struct ldb_val *val)
+/* Wait for pending requests to finish. */
+static int map_wait(struct ldb_handle *handle, enum ldb_wait_type type)
{
- struct ldb_dn *dn, *newdn;;
- struct ldb_val *newval;
+ if (type == LDB_WAIT_ALL) {
+ return map_wait_all(handle);
+ } else {
+ return map_wait_next(handle);
+ }
+}
- dn = ldb_dn_explode(ctx, (char *)val->data);
- newdn = map_local_dn(map, ctx, dn);
+/* Module initialization
+ * ===================== */
- talloc_free(dn);
+/* Provided module operations */
+static const struct ldb_module_ops map_ops = {
+ .name = "ldb_map",
+ .add = map_add,
+ .modify = map_modify,
+ .del = map_delete,
+ .rename = map_rename,
+ .search = map_search,
+ .wait = map_wait,
+};
- newval = talloc(ctx, struct ldb_val);
- newval->data = (uint8_t *)ldb_dn_linearize(ctx, newdn);
- newval->length = strlen((char *)newval->data);
+/* Builtin mappings for DNs and objectClasses */
+static const struct ldb_map_attribute builtin_attribute_maps[] = {
+ {
+ .local_name = "dn",
+ .type = MAP_CONVERT,
+ .u = {
+ .convert = {
+ .remote_name = "dn",
+ .convert_local = ldb_dn_convert_local,
+ .convert_remote = ldb_dn_convert_remote,
+ },
+ },
+ },
+ {
+ .local_name = NULL,
+ }
+};
- talloc_free(newdn);
+static const struct ldb_map_attribute objectclass_attribute_map = {
+ .local_name = "objectClass",
+ .type = MAP_GENERATE,
+ .convert_operator = map_objectclass_convert_operator,
+ .u = {
+ .generate = {
+ .remote_names = { "objectClass", NULL },
+ .generate_local = map_objectclass_generate_local,
+ .generate_remote = map_objectclass_generate_remote,
+ },
+ },
+};
- return *newval;
-}
-static struct ldb_val map_convert_remote_dn(struct ldb_map_context *map, TALLOC_CTX *ctx, const struct ldb_val *val)
+/* Find the special 'MAP_DN_NAME' record and store local and remote
+ * base DNs in private data. */
+static int map_init_dns(struct ldb_module *module, struct ldb_map_context *data, const char *name)
{
- struct ldb_dn *dn, *newdn;;
- struct ldb_val *newval;
+ static const char * const attrs[] = { MAP_DN_FROM, MAP_DN_TO, NULL };
+ struct ldb_dn *dn;
+ struct ldb_message *msg;
+ struct ldb_result *res;
+ int ret;
- dn = ldb_dn_explode(ctx, (char *)val->data);
+ if (!name) {
+ data->local_base_dn = NULL;
+ data->remote_base_dn = NULL;
+ return LDB_SUCCESS;
+ }
- newdn = map_remote_dn(map, ctx, dn);
+ dn = ldb_dn_new_fmt(data, module->ldb, "%s=%s", MAP_DN_NAME, name);
+ if ( ! ldb_dn_validate(dn)) {
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "Failed to construct '%s' DN!\n", MAP_DN_NAME);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ ret = ldb_search(module->ldb, dn, LDB_SCOPE_BASE, NULL, attrs, &res);
talloc_free(dn);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ if (res->count == 0) {
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "No results for '%s=%s'!\n", MAP_DN_NAME, name);
+ talloc_free(res);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+ if (res->count > 1) {
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "ldb_map: "
+ "Too many results for '%s=%s'!\n", MAP_DN_NAME, name);
+ talloc_free(res);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
- newval = talloc(ctx, struct ldb_val);
- newval->data = (uint8_t *)ldb_dn_linearize(ctx, newdn);
- newval->length = strlen((char *)newval->data);
-
- talloc_free(newdn);
+ msg = res->msgs[0];
+ data->local_base_dn = ldb_msg_find_attr_as_dn(module->ldb, data, msg, MAP_DN_FROM);
+ data->remote_base_dn = ldb_msg_find_attr_as_dn(module->ldb, data, msg, MAP_DN_TO);
+ talloc_free(res);
- return *newval;
+ return LDB_SUCCESS;
}
-static struct ldb_val map_convert_local_objectclass(struct ldb_map_context *map, TALLOC_CTX *ctx, const struct ldb_val *val)
+/* Store attribute maps and objectClass maps in private data. */
+static int map_init_maps(struct ldb_module *module, struct ldb_map_context *data,
+ const struct ldb_map_attribute *attrs,
+ const struct ldb_map_objectclass *ocls,
+ const char * const *wildcard_attributes)
{
- int i;
+ int i, j, last;
+ last = 0;
+
+ /* Count specified attribute maps */
+ for (i = 0; attrs[i].local_name; i++) /* noop */ ;
+ /* Count built-in attribute maps */
+ for (j = 0; builtin_attribute_maps[j].local_name; j++) /* noop */ ;
+
+ /* Store list of attribute maps */
+ data->attribute_maps = talloc_array(data, struct ldb_map_attribute, i+j+2);
+ if (data->attribute_maps == NULL) {
+ map_oom(module);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ /* Specified ones go first */
+ for (i = 0; attrs[i].local_name; i++) {
+ data->attribute_maps[last] = attrs[i];
+ last++;
+ }
- for (i = 0; map->objectclass_maps[i].local_name; i++) {
- if (!strcmp(map->objectclass_maps[i].local_name, (char *)val->data)) {
- struct ldb_val newval;
- newval.data = (uint8_t*)talloc_strdup(ctx, map->objectclass_maps[i].remote_name);
- newval.length = strlen((char *)newval.data);
+ /* Built-in ones go last */
+ for (i = 0; builtin_attribute_maps[i].local_name; i++) {
+ data->attribute_maps[last] = builtin_attribute_maps[i];
+ last++;
+ }
- return ldb_val_dup(ctx, &newval);
- }
+ if (data->add_objectclass) {
+ /* ObjectClass one is very last, if required */
+ data->attribute_maps[last] = objectclass_attribute_map;
+ last++;
+ } else if (ocls) {
+ data->attribute_maps[last] = objectclass_convert_map;
+ last++;
}
- return ldb_val_dup(ctx, val);
+ /* Ensure 'local_name == NULL' for the last entry */
+ memset(&data->attribute_maps[last], 0, sizeof(struct ldb_map_attribute));
+
+ /* Store list of objectClass maps */
+ data->objectclass_maps = ocls;
+
+ data->wildcard_attributes = wildcard_attributes;
+
+ return LDB_SUCCESS;
}
-static struct ldb_val map_convert_remote_objectclass(struct ldb_map_context *map, TALLOC_CTX *ctx, const struct ldb_val *val)
+/* Copy the list of provided module operations. */
+_PUBLIC_ struct ldb_module_ops ldb_map_get_ops(void)
{
- int i;
+ return map_ops;
+}
- for (i = 0; map->objectclass_maps[i].remote_name; i++) {
- if (!strcmp(map->objectclass_maps[i].remote_name, (char *)val->data)) {
- struct ldb_val newval;
- newval.data = (uint8_t*)talloc_strdup(ctx, map->objectclass_maps[i].local_name);
- newval.length = strlen((char *)newval.data);
+/* Initialize global private data. */
+_PUBLIC_ int ldb_map_init(struct ldb_module *module, const struct ldb_map_attribute *attrs,
+ const struct ldb_map_objectclass *ocls,
+ const char * const *wildcard_attributes,
+ const char *add_objectclass,
+ const char *name)
+{
+ struct map_private *data;
+ int ret;
- return ldb_val_dup(ctx, &newval);
- }
+ /* Prepare private data */
+ data = talloc_zero(module, struct map_private);
+ if (data == NULL) {
+ map_oom(module);
+ return LDB_ERR_OPERATIONS_ERROR;
}
- return ldb_val_dup(ctx, val);
-}
+ module->private_data = data;
-static const struct ldb_map_attribute builtin_attribute_maps[] = {
- {
- .local_name = "dn",
- .type = MAP_CONVERT,
- .u.convert.remote_name = "dn",
- .u.convert.convert_local = map_convert_local_dn,
- .u.convert.convert_remote = map_convert_remote_dn,
- },
- {
- .local_name = "objectclass",
- .type = MAP_CONVERT,
- .u.convert.remote_name = "objectclass",
- .u.convert.convert_local = map_convert_local_objectclass,
- .u.convert.convert_remote = map_convert_remote_objectclass,
- },
- {
- .local_name = NULL,
+ data->context = talloc_zero(data, struct ldb_map_context);
+ if (!data->context) {
+ map_oom(module);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ /* Store local and remote baseDNs */
+ ret = map_init_dns(module, data->context, name);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(data);
+ return ret;
}
-};
+ data->context->add_objectclass = add_objectclass;
+
+ /* Store list of attribute and objectClass maps */
+ ret = map_init_maps(module, data->context, attrs, ocls, wildcard_attributes);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(data);
+ return ret;
+ }
+
+ return LDB_SUCCESS;
+}
+
+/* Usage note for initialization of this module:
+ *
+ * ldb_map is meant to be used from a different module that sets up
+ * the mappings and gets registered in ldb.
+ *
+ * 'ldb_map_init' initializes the private data of this module and
+ * stores the attribute and objectClass maps in there. It also looks
+ * up the '@MAP' special DN so requests can be redirected to the
+ * remote partition.
+ *
+ * This function should be called from the 'init_context' op of the
+ * module using ldb_map.
+ *
+ * 'ldb_map_get_ops' returns a copy of ldb_maps module operations.
+ *
+ * It should be called from the initialize function of the using
+ * module, which should then override the 'init_context' op with a
+ * function making the appropriate calls to 'ldb_map_init'.
+ */