YaST Commits
Threads by month
- ----- 2023 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
September 2008
- 26 participants
- 1212 discussions
[yast-commit] r50549 - in /trunk/ldap-server/src/lib: slapd-config.cpp slapd-config.h
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:33:01 2008
New Revision: 50549
URL: http://svn.opensuse.org/viewcvs/yast?rev=50549&view=rev
Log:
return List of OlcAccess Objects back to agent
Modified:
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h
Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Tue Sep 2 10:33:01 2008
@@ -420,6 +420,226 @@
}
}
+static int extractAlcToken( const std::string& acl, std::string::size_type& startpos, bool quoted )
+{
+ std::string::size_type pos;
+
+ // skip leading whitespaces
+ startpos = acl.find_first_not_of("\t ", startpos );
+
+ if ( quoted && acl[startpos] == '"' )
+ {
+ // find matching (unescapted) quote
+ startpos++;
+ pos = startpos;
+ bool found=false;
+ while( ! found )
+ {
+ pos = acl.find_first_of('"', pos+1 );
+ if ( pos == std::string::npos )
+ {
+ break;
+ }
+ if ( acl[pos-1] != '\\' )
+ {
+ found = true;
+ }
+ }
+ if ( !found )
+ {
+ log_it(SLAPD_LOG_ERR, "Not matching quote found" );
+ }
+ }
+ else
+ {
+ pos = acl.find_first_of("\t ", startpos );
+ }
+ return pos;
+}
+
+OlcAccess::OlcAccess( const std::string& aclString )
+{
+ std::string::size_type spos = 0;
+ std::string::size_type tmppos = 0;
+ // every ACL starts with "to"
+ if ( aclString.compare(0, 2, "to") != 0 )
+ {
+ log_it(SLAPD_LOG_ERR, "acl does not start with \"to\"" );
+ throw std::runtime_error( "acl does not start with \"to\"" );
+ }
+ spos+=2;
+
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "what" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "acl matches all entries" );
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, true );
+ m_all = true;
+ }
+ else
+ {
+ m_all = false;
+ while ( true )
+ {
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ throw std::runtime_error( "Unexpected end of ACL" );
+ }
+ else
+ {
+ std::string whatType = aclString.substr(spos, tmppos-spos);
+ log_it(SLAPD_LOG_INFO, "Whattype: " + whatType );
+ if ( aclString.substr(spos, tmppos-spos) == "by" )
+ {
+ break;
+ }
+ spos = tmppos+1;
+
+ tmppos = extractAlcToken( aclString, spos, true );
+
+ log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
+ if ( whatType == "filter" )
+ {
+ m_filter = aclString.substr(spos, tmppos-spos);
+ }
+ else if (whatType == "attrs")
+ {
+ m_attributes = aclString.substr(spos, tmppos-spos);
+ }
+ else if (whatType == "dn.base" || whatType == "dn.subtree" )
+ {
+ m_dn_type = whatType;
+ m_dn_value = aclString.substr(spos, tmppos-spos);
+ }
+ else
+ {
+ throw std::runtime_error( "Can't parse ACL unsupported \"what\": \"" + whatType + "\"" );
+ }
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ }
+ }
+ }
+ // we should have reached the "by"-clauses now
+ while ( true )
+ {
+ if ( aclString.substr(spos, tmppos-spos) != "by" )
+ {
+ break;
+ }
+ else
+ {
+ spos = tmppos+1;
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "by" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "by clause matches all entries" );
+ }
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ break;
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO, "bytype: " + aclString.substr(spos, tmppos-spos) );
+ if ( aclString[tmppos] == '=' )
+ {
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, true );
+ // is this a quoted string ?
+ log_it(SLAPD_LOG_INFO, "byvalue: " + aclString.substr(spos, tmppos-spos) );
+ }
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, false );
+ log_it(SLAPD_LOG_INFO, "access: " + aclString.substr(spos, tmppos-spos) );
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ tmppos = aclString.find_first_of("\t ", spos );
+ }
+ }
+ }
+}
+
+void OlcAccess::setFilter( const std::string& filter )
+{
+ m_filter = filter;
+}
+
+
+void OlcAccess::setAttributes( const std::string& attrs )
+{
+ m_attributes = attrs;
+}
+
+void OlcAccess::setDnType( const std::string& dnType )
+{
+ if ( dnType == "dn.base" || dnType == "dn.subtree" )
+ {
+ m_dn_type = dnType;
+ }
+}
+
+void OlcAccess::setDn( const std::string& dn )
+{
+ m_dn_value = dn;
+}
+
+void OlcAccess::setMatchAll( bool matchAll )
+{
+ m_all = matchAll;
+ if ( matchAll )
+ {
+ m_attributes = "";
+ m_dn_type = "";
+ m_dn_value = "";
+ m_filter = "";
+ }
+}
+
+std::string OlcAccess::getFilter() const
+{
+ return m_filter;
+}
+
+std::string OlcAccess::getAttributes() const
+{
+ return m_attributes;
+}
+
+std::string OlcAccess::getDnType() const
+{
+ return m_dn_type;
+}
+
+std::string OlcAccess::getDnValue() const
+{
+ return m_dn_value;
+}
+
+bool OlcAccess::matchesAll() const
+{
+ return m_all;
+}
+
OlcDatabase::OlcDatabase( const LDAPEntry& le=LDAPEntry()) : OlcConfigEntry(le)
{
@@ -476,46 +696,10 @@
return this->m_type;
}
-static int extractAlcToken( const std::string& acl, std::string::size_type& startpos, bool quoted )
-{
- std::string::size_type pos;
-
- // skip leading whitespaces
- startpos = acl.find_first_not_of("\t ", startpos );
-
- if ( quoted && acl[startpos] == '"' )
- {
- // find matching (unescapted) quote
- startpos++;
- pos = startpos;
- bool found=false;
- while( ! found )
- {
- pos = acl.find_first_of('"', pos+1 );
- if ( pos == std::string::npos )
- {
- break;
- }
- if ( acl[pos-1] != '\\' )
- {
- found = true;
- }
- }
- if ( !found )
- {
- log_it(SLAPD_LOG_ERR, "Not matching quote found" );
- }
- }
- else
- {
- pos = acl.find_first_of("\t ", startpos );
- }
- return pos;
-}
-
-void OlcDatabase::getAcl() const
+OlcAccessList OlcDatabase::getAcl() const
{
const LDAPAttribute* aclAttr = m_dbEntryChanged.getAttributeByName("olcAccess");
+ OlcAccessList aclList;
if ( aclAttr )
{
StringList values = aclAttr->getValues();
@@ -525,9 +709,15 @@
log_it(SLAPD_LOG_INFO, "acl VALUE: " + *i );
std::string aclString;
int index = splitIndexFromString( *i, aclString );
- OlcAccess acl(aclString);
+ try {
+ boost::shared_ptr<OlcAccess> acl( new OlcAccess(aclString) );
+ aclList.push_back(acl);
+ }
+ catch ( std::runtime_error e )
+ {}
}
}
+ return aclList;
}
void OlcDatabase::addAccessControl(const std::string& acl, int index )
@@ -941,187 +1131,6 @@
m_dbEntryChanged.replaceAttribute(attr);
}
-OlcAccess::OlcAccess( const std::string& aclString )
-{
- std::string::size_type spos = 0;
- std::string::size_type tmppos = 0;
- // every ACL starts with "to"
- if ( aclString.compare(0, 2, "to") != 0 )
- {
- log_it(SLAPD_LOG_ERR, "acl does not start with \"to\"" );
- throw std::runtime_error( "acl does not start with \"to\"" );
- }
- spos+=2;
-
- // skip whitespaces
- tmppos = aclString.find_first_not_of("\t ", spos );
- if ( tmppos != std::string::npos && tmppos > spos )
- {
- spos = tmppos;
- }
-
- // we should be at the start of the "what" part now, might `*`
- // or a string followed by '='
- if ( aclString[spos] == '*' )
- {
- log_it(SLAPD_LOG_ERR, "acl matches all entries" );
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, true );
- m_all = true;
- }
- else
- {
- while ( true )
- {
- tmppos = aclString.find_first_of("=\t ", spos );
- if ( tmppos == std::string::npos )
- {
- log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
- throw std::runtime_error( "Unexpected end of ACL" );
- }
- else
- {
- std::string whatType = aclString.substr(spos, tmppos-spos);
- log_it(SLAPD_LOG_INFO, "Whattype: " + whatType );
- if ( aclString.substr(spos, tmppos-spos) == "by" )
- {
- break;
- }
- spos = tmppos+1;
-
- tmppos = extractAlcToken( aclString, spos, true );
-
- log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
- if ( whatType == "filter" )
- {
- m_filter = aclString.substr(spos, tmppos-spos);
- }
- else if (whatType == "attrs")
- {
- m_attributes = aclString.substr(spos, tmppos-spos);
- }
- else if (whatType == "dn.base" || whatType == "dn.subtree" )
- {
- m_dn_type = whatType;
- m_dn_value = aclString.substr(spos, tmppos-spos);
- }
- else
- {
- throw std::runtime_error( "Can't parse ACL unsupported \"what\": \"" + whatType + "\"" );
- }
- spos = aclString.find_first_not_of("\t ", tmppos+1 );
- }
- }
- }
- // we should have reached the "by"-clauses now
- while ( true )
- {
- if ( aclString.substr(spos, tmppos-spos) != "by" )
- {
- break;
- }
- else
- {
- spos = tmppos+1;
- // skip whitespaces
- tmppos = aclString.find_first_not_of("\t ", spos );
- if ( tmppos != std::string::npos && tmppos > spos )
- {
- spos = tmppos;
- }
-
- // we should be at the start of the "by" part now, might `*`
- // or a string followed by '='
- if ( aclString[spos] == '*' )
- {
- log_it(SLAPD_LOG_ERR, "by clause matches all entries" );
- }
- tmppos = aclString.find_first_of("=\t ", spos );
- if ( tmppos == std::string::npos )
- {
- log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
- break;
- }
- else
- {
- log_it(SLAPD_LOG_INFO, "bytype: " + aclString.substr(spos, tmppos-spos) );
- if ( aclString[tmppos] == '=' )
- {
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, true );
- // is this a quoted string ?
- log_it(SLAPD_LOG_INFO, "byvalue: " + aclString.substr(spos, tmppos-spos) );
- }
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, false );
- log_it(SLAPD_LOG_INFO, "access: " + aclString.substr(spos, tmppos-spos) );
- spos = aclString.find_first_not_of("\t ", tmppos+1 );
- tmppos = aclString.find_first_of("\t ", spos );
- }
- }
- }
-}
-
-void OlcAccess::setFilter( const std::string& filter )
-{
- m_filter = filter;
-}
-
-
-void OlcAccess::setAttributes( const std::string& attrs )
-{
- m_attributes = attrs;
-}
-
-void OlcAccess::setDnType( const std::string& dnType )
-{
- if ( dnType == "dn.base" || dnType == "dn.subtree" )
- {
- m_dn_type = dnType;
- }
-}
-
-void OlcAccess::setDn( const std::string& dn )
-{
- m_dn_value = dn;
-}
-
-void OlcAccess::setMatchAll( bool matchAll )
-{
- m_all = matchAll;
- if ( matchAll )
- {
- m_attributes = "";
- m_dn_type = "";
- m_dn_value = "";
- m_filter = "";
- }
-}
-
-std::string OlcAccess::getFilter() const
-{
- return m_filter;
-}
-
-std::string OlcAccess::getAttributes() const
-{
- return m_attributes;
-}
-
-std::string OlcAccess::getDnType() const
-{
- return m_dn_type;
-}
-
-std::string OlcAccess::getDnValue() const
-{
- return m_dn_value;
-}
-
-bool OlcAccess::matchesAll() const
-{
- return m_all;
-}
OlcTlsSettings OlcGlobalConfig::getTlsSettings() const
Modified: trunk/ldap-server/src/lib/slapd-config.h
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.h (original)
+++ trunk/ldap-server/src/lib/slapd-config.h Tue Sep 2 10:33:01 2008
@@ -122,7 +122,32 @@
std::string m_parent;
};
+class OlcAccess
+{
+ public:
+ OlcAccess( const std::string &aclString);
+ void setFilter( const std::string& filter );
+ void setAttributes( const std::string& attrs );
+ void setDnType( const std::string& dnType );
+ void setDn( const std::string& dn );
+ void setMatchAll( bool matchAll );
+
+ std::string getFilter() const;
+ std::string getAttributes() const;
+ std::string getDnType() const;
+ std::string getDnValue() const;
+ bool matchesAll() const;
+
+ private:
+ std::string m_filter;
+ std::string m_attributes;
+ std::string m_dn_value;
+ std::string m_dn_type;
+ bool m_all;
+};
+
typedef std::list<boost::shared_ptr<OlcOverlay> > OlcOverlayList;
+typedef std::list<boost::shared_ptr<OlcAccess> > OlcAccessList;
class OlcDatabase : public OlcConfigEntry
{
public :
@@ -140,7 +165,7 @@
const std::string getSuffix() const;
const std::string getType() const;
- void getAcl() const;
+ OlcAccessList getAcl() const;
virtual void addAccessControl( const std::string& acl, int index=-1 );
virtual void replaceAccessControl( const StringList acllist );
@@ -213,30 +238,6 @@
std::string m_name;
};
-class OlcAccess
-{
- public:
- OlcAccess( const std::string &aclString);
- void setFilter( const std::string& filter );
- void setAttributes( const std::string& attrs );
- void setDnType( const std::string& dnType );
- void setDn( const std::string& dn );
- void setMatchAll( bool matchAll );
-
- std::string getFilter() const;
- std::string getAttributes() const;
- std::string getDnType() const;
- std::string getDnValue() const;
- bool matchesAll() const;
-
- private:
- std::string m_filter;
- std::string m_attributes;
- std::string m_dn_value;
- std::string m_dn_type;
- bool m_all;
-};
-
class OlcTlsSettings {
public :
OlcTlsSettings( const OlcGlobalConfig &ogc );
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50548 - in /trunk/ldap-server/src/lib: slapd-config.cpp slapd-config.h
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:57 2008
New Revision: 50548
URL: http://svn.opensuse.org/viewcvs/yast?rev=50548&view=rev
Log:
new class OlcAccess, does ACL parsing now
Modified:
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h
Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Tue Sep 2 10:32:57 2008
@@ -525,104 +525,7 @@
log_it(SLAPD_LOG_INFO, "acl VALUE: " + *i );
std::string aclString;
int index = splitIndexFromString( *i, aclString );
- std::string::size_type spos = 0;
- std::string::size_type tmppos = 0;
- // every ACL starts with "to"
- if ( aclString.compare(0, 2, "to") != 0 )
- {
- log_it(SLAPD_LOG_ERR, "acl does not start with \"to\"" );
- break;
- }
- spos+=2;
-
- // skip whitespaces
- tmppos = aclString.find_first_not_of("\t ", spos );
- if ( tmppos != std::string::npos && tmppos > spos )
- {
- spos = tmppos;
- }
-
- // we should be at the start of the "what" part now, might `*`
- // or a string followed by '='
- if ( aclString[spos] == '*' )
- {
- log_it(SLAPD_LOG_ERR, "acl matches all entries" );
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, true );
- }
- else
- {
- while ( true )
- {
- tmppos = aclString.find_first_of("=\t ", spos );
- if ( tmppos == std::string::npos )
- {
- log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
- break;
- }
- else
- {
- log_it(SLAPD_LOG_INFO, "Whattype: " + aclString.substr(spos, tmppos-spos) );
- if ( aclString.substr(spos, tmppos-spos) == "by" )
- {
- break;
- }
- spos = tmppos+1;
-
- tmppos = extractAlcToken( aclString, spos, true );
-
- log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
- spos = aclString.find_first_not_of("\t ", tmppos+1 );
- }
- }
- }
- // we should have reached the "by"-clauses now
- while ( true )
- {
- if ( aclString.substr(spos, tmppos-spos) != "by" )
- {
- break;
- }
- else
- {
- spos = tmppos+1;
- // skip whitespaces
- tmppos = aclString.find_first_not_of("\t ", spos );
- if ( tmppos != std::string::npos && tmppos > spos )
- {
- spos = tmppos;
- }
-
- // we should be at the start of the "by" part now, might `*`
- // or a string followed by '='
- if ( aclString[spos] == '*' )
- {
- log_it(SLAPD_LOG_ERR, "by clause matches all entries" );
- }
- tmppos = aclString.find_first_of("=\t ", spos );
- if ( tmppos == std::string::npos )
- {
- log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
- break;
- }
- else
- {
- log_it(SLAPD_LOG_INFO, "bytype: " + aclString.substr(spos, tmppos-spos) );
- if ( aclString[tmppos] == '=' )
- {
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, true );
- // is this a quoted string ?
- log_it(SLAPD_LOG_INFO, "byvalue: " + aclString.substr(spos, tmppos-spos) );
- }
- spos = tmppos+1;
- tmppos = extractAlcToken( aclString, spos, false );
- log_it(SLAPD_LOG_INFO, "access: " + aclString.substr(spos, tmppos-spos) );
- spos = aclString.find_first_not_of("\t ", tmppos+1 );
- tmppos = aclString.find_first_of("\t ", spos );
- }
- }
- }
+ OlcAccess acl(aclString);
}
}
}
@@ -1038,6 +941,189 @@
m_dbEntryChanged.replaceAttribute(attr);
}
+OlcAccess::OlcAccess( const std::string& aclString )
+{
+ std::string::size_type spos = 0;
+ std::string::size_type tmppos = 0;
+ // every ACL starts with "to"
+ if ( aclString.compare(0, 2, "to") != 0 )
+ {
+ log_it(SLAPD_LOG_ERR, "acl does not start with \"to\"" );
+ throw std::runtime_error( "acl does not start with \"to\"" );
+ }
+ spos+=2;
+
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "what" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "acl matches all entries" );
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, true );
+ m_all = true;
+ }
+ else
+ {
+ while ( true )
+ {
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ throw std::runtime_error( "Unexpected end of ACL" );
+ }
+ else
+ {
+ std::string whatType = aclString.substr(spos, tmppos-spos);
+ log_it(SLAPD_LOG_INFO, "Whattype: " + whatType );
+ if ( aclString.substr(spos, tmppos-spos) == "by" )
+ {
+ break;
+ }
+ spos = tmppos+1;
+
+ tmppos = extractAlcToken( aclString, spos, true );
+
+ log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
+ if ( whatType == "filter" )
+ {
+ m_filter = aclString.substr(spos, tmppos-spos);
+ }
+ else if (whatType == "attrs")
+ {
+ m_attributes = aclString.substr(spos, tmppos-spos);
+ }
+ else if (whatType == "dn.base" || whatType == "dn.subtree" )
+ {
+ m_dn_type = whatType;
+ m_dn_value = aclString.substr(spos, tmppos-spos);
+ }
+ else
+ {
+ throw std::runtime_error( "Can't parse ACL unsupported \"what\": \"" + whatType + "\"" );
+ }
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ }
+ }
+ }
+ // we should have reached the "by"-clauses now
+ while ( true )
+ {
+ if ( aclString.substr(spos, tmppos-spos) != "by" )
+ {
+ break;
+ }
+ else
+ {
+ spos = tmppos+1;
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "by" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "by clause matches all entries" );
+ }
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ break;
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO, "bytype: " + aclString.substr(spos, tmppos-spos) );
+ if ( aclString[tmppos] == '=' )
+ {
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, true );
+ // is this a quoted string ?
+ log_it(SLAPD_LOG_INFO, "byvalue: " + aclString.substr(spos, tmppos-spos) );
+ }
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, false );
+ log_it(SLAPD_LOG_INFO, "access: " + aclString.substr(spos, tmppos-spos) );
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ tmppos = aclString.find_first_of("\t ", spos );
+ }
+ }
+ }
+}
+
+void OlcAccess::setFilter( const std::string& filter )
+{
+ m_filter = filter;
+}
+
+
+void OlcAccess::setAttributes( const std::string& attrs )
+{
+ m_attributes = attrs;
+}
+
+void OlcAccess::setDnType( const std::string& dnType )
+{
+ if ( dnType == "dn.base" || dnType == "dn.subtree" )
+ {
+ m_dn_type = dnType;
+ }
+}
+
+void OlcAccess::setDn( const std::string& dn )
+{
+ m_dn_value = dn;
+}
+
+void OlcAccess::setMatchAll( bool matchAll )
+{
+ m_all = matchAll;
+ if ( matchAll )
+ {
+ m_attributes = "";
+ m_dn_type = "";
+ m_dn_value = "";
+ m_filter = "";
+ }
+}
+
+std::string OlcAccess::getFilter() const
+{
+ return m_filter;
+}
+
+std::string OlcAccess::getAttributes() const
+{
+ return m_attributes;
+}
+
+std::string OlcAccess::getDnType() const
+{
+ return m_dn_type;
+}
+
+std::string OlcAccess::getDnValue() const
+{
+ return m_dn_value;
+}
+
+bool OlcAccess::matchesAll() const
+{
+ return m_all;
+}
+
+
OlcTlsSettings OlcGlobalConfig::getTlsSettings() const
{
log_it(SLAPD_LOG_INFO, "OlcTlsSettings OlcGlobalConfig::getTlsSettings() const ");
Modified: trunk/ldap-server/src/lib/slapd-config.h
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.h (original)
+++ trunk/ldap-server/src/lib/slapd-config.h Tue Sep 2 10:32:57 2008
@@ -213,6 +213,30 @@
std::string m_name;
};
+class OlcAccess
+{
+ public:
+ OlcAccess( const std::string &aclString);
+ void setFilter( const std::string& filter );
+ void setAttributes( const std::string& attrs );
+ void setDnType( const std::string& dnType );
+ void setDn( const std::string& dn );
+ void setMatchAll( bool matchAll );
+
+ std::string getFilter() const;
+ std::string getAttributes() const;
+ std::string getDnType() const;
+ std::string getDnValue() const;
+ bool matchesAll() const;
+
+ private:
+ std::string m_filter;
+ std::string m_attributes;
+ std::string m_dn_value;
+ std::string m_dn_type;
+ bool m_all;
+};
+
class OlcTlsSettings {
public :
OlcTlsSettings( const OlcGlobalConfig &ogc );
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50547 - /trunk/ldap-server/testsuite/testacl-0.ldif
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:54 2008
New Revision: 50547
URL: http://svn.opensuse.org/viewcvs/yast?rev=50547&view=rev
Log:
LDIF file to collect ACL testcases
Added:
trunk/ldap-server/testsuite/testacl-0.ldif
Added: trunk/ldap-server/testsuite/testacl-0.ldif
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/testsuite/testacl-0.…
==============================================================================
--- trunk/ldap-server/testsuite/testacl-0.ldif (added)
+++ trunk/ldap-server/testsuite/testacl-0.ldif Tue Sep 2 10:32:54 2008
@@ -0,0 +1,11 @@
+dn: olcDatabase={1}hdb,cn=config
+changetype: modify
+replace: olcAccess
+olcAccess: {0}to dn.subtree="ou=ldapconfig,dc=site"
+ filter="objectclass=posixAccount" attrs=uid,loginshell
+ by self manage
+ by dn.subtree="ou=ldapconfig,dc=site" write
+ by users read
+ by anonymous auth
+ by * none
+olcAccess: {1}to * by * none
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50546 - /trunk/ldap-server/src/lib/slapd-config.cpp
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:51 2008
New Revision: 50546
URL: http://svn.opensuse.org/viewcvs/yast?rev=50546&view=rev
Log:
parsing "by"-clauses
Modified:
trunk/ldap-server/src/lib/slapd-config.cpp
Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Tue Sep 2 10:32:51 2008
@@ -476,6 +476,43 @@
return this->m_type;
}
+static int extractAlcToken( const std::string& acl, std::string::size_type& startpos, bool quoted )
+{
+ std::string::size_type pos;
+
+ // skip leading whitespaces
+ startpos = acl.find_first_not_of("\t ", startpos );
+
+ if ( quoted && acl[startpos] == '"' )
+ {
+ // find matching (unescapted) quote
+ startpos++;
+ pos = startpos;
+ bool found=false;
+ while( ! found )
+ {
+ pos = acl.find_first_of('"', pos+1 );
+ if ( pos == std::string::npos )
+ {
+ break;
+ }
+ if ( acl[pos-1] != '\\' )
+ {
+ found = true;
+ }
+ }
+ if ( !found )
+ {
+ log_it(SLAPD_LOG_ERR, "Not matching quote found" );
+ }
+ }
+ else
+ {
+ pos = acl.find_first_of("\t ", startpos );
+ }
+ return pos;
+}
+
void OlcDatabase::getAcl() const
{
const LDAPAttribute* aclAttr = m_dbEntryChanged.getAttributeByName("olcAccess");
@@ -510,6 +547,8 @@
if ( aclString[spos] == '*' )
{
log_it(SLAPD_LOG_ERR, "acl matches all entries" );
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, true );
}
else
{
@@ -529,43 +568,61 @@
break;
}
spos = tmppos+1;
- tmppos = aclString.find_first_not_of("\t ", spos );
- // is this a quoted string ?
- if ( aclString[tmppos] == '"' )
+
+ tmppos = extractAlcToken( aclString, spos, true );
+
+ log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ }
+ }
+ }
+ // we should have reached the "by"-clauses now
+ while ( true )
+ {
+ if ( aclString.substr(spos, tmppos-spos) != "by" )
+ {
+ break;
+ }
+ else
+ {
+ spos = tmppos+1;
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "by" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "by clause matches all entries" );
+ }
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ break;
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO, "bytype: " + aclString.substr(spos, tmppos-spos) );
+ if ( aclString[tmppos] == '=' )
{
- // find matching (unescapted) quote
spos = tmppos+1;
- bool found=false;
- while( ! found )
- {
- tmppos = aclString.find_first_of('"', tmppos+1 );
- if ( tmppos == std::string::npos )
- {
- break;
- }
- if ( aclString[tmppos-1] != '\\' )
- {
- found = true;
- }
- }
- if ( !found )
- {
- log_it(SLAPD_LOG_ERR, "Not matching quote found" );
- break;
- }
+ tmppos = extractAlcToken( aclString, spos, true );
+ // is this a quoted string ?
+ log_it(SLAPD_LOG_INFO, "byvalue: " + aclString.substr(spos, tmppos-spos) );
}
- else
- {
- spos = tmppos;
- tmppos = aclString.find_first_of("\t ", spos );
- }
- log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
+ spos = tmppos+1;
+ tmppos = extractAlcToken( aclString, spos, false );
+ log_it(SLAPD_LOG_INFO, "access: " + aclString.substr(spos, tmppos-spos) );
spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ tmppos = aclString.find_first_of("\t ", spos );
}
}
- // we should have reached the "by"-clauses now
}
-
}
}
}
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50545 - in /trunk/ldap-server/src: agent/SlapdConfigAgent.cc lib/slapd-config.cpp lib/slapd-config.h
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:47 2008
New Revision: 50545
URL: http://svn.opensuse.org/viewcvs/yast?rev=50545&view=rev
Log:
initial work on ACL parser
Modified:
trunk/ldap-server/src/agent/SlapdConfigAgent.cc
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h
Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfi…
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Tue Sep 2 10:32:47 2008
@@ -619,6 +619,7 @@
}
else if ( dbComponent == "acl" )
{
+ (*i)->getAcl();
return resMap;
}
else
Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Tue Sep 2 10:32:47 2008
@@ -476,6 +476,100 @@
return this->m_type;
}
+void OlcDatabase::getAcl() const
+{
+ const LDAPAttribute* aclAttr = m_dbEntryChanged.getAttributeByName("olcAccess");
+ if ( aclAttr )
+ {
+ StringList values = aclAttr->getValues();
+ StringList::const_iterator i;
+ for ( i = values.begin(); i != values.end(); i++ )
+ {
+ log_it(SLAPD_LOG_INFO, "acl VALUE: " + *i );
+ std::string aclString;
+ int index = splitIndexFromString( *i, aclString );
+ std::string::size_type spos = 0;
+ std::string::size_type tmppos = 0;
+ // every ACL starts with "to"
+ if ( aclString.compare(0, 2, "to") != 0 )
+ {
+ log_it(SLAPD_LOG_ERR, "acl does not start with \"to\"" );
+ break;
+ }
+ spos+=2;
+
+ // skip whitespaces
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ if ( tmppos != std::string::npos && tmppos > spos )
+ {
+ spos = tmppos;
+ }
+
+ // we should be at the start of the "what" part now, might `*`
+ // or a string followed by '='
+ if ( aclString[spos] == '*' )
+ {
+ log_it(SLAPD_LOG_ERR, "acl matches all entries" );
+ }
+ else
+ {
+ while ( true )
+ {
+ tmppos = aclString.find_first_of("=\t ", spos );
+ if ( tmppos == std::string::npos )
+ {
+ log_it(SLAPD_LOG_ERR, "Unexpected end of ACL" );
+ break;
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO, "Whattype: " + aclString.substr(spos, tmppos-spos) );
+ if ( aclString.substr(spos, tmppos-spos) == "by" )
+ {
+ break;
+ }
+ spos = tmppos+1;
+ tmppos = aclString.find_first_not_of("\t ", spos );
+ // is this a quoted string ?
+ if ( aclString[tmppos] == '"' )
+ {
+ // find matching (unescapted) quote
+ spos = tmppos+1;
+ bool found=false;
+ while( ! found )
+ {
+ tmppos = aclString.find_first_of('"', tmppos+1 );
+ if ( tmppos == std::string::npos )
+ {
+ break;
+ }
+ if ( aclString[tmppos-1] != '\\' )
+ {
+ found = true;
+ }
+ }
+ if ( !found )
+ {
+ log_it(SLAPD_LOG_ERR, "Not matching quote found" );
+ break;
+ }
+ }
+ else
+ {
+ spos = tmppos;
+ tmppos = aclString.find_first_of("\t ", spos );
+ }
+ log_it(SLAPD_LOG_INFO, "Whatvalue: " + aclString.substr(spos, tmppos-spos) );
+ spos = aclString.find_first_not_of("\t ", tmppos+1 );
+ }
+ }
+ // we should have reached the "by"-clauses now
+ }
+
+ }
+ }
+}
+
void OlcDatabase::addAccessControl(const std::string& acl, int index )
{
if ( index < 0 )
Modified: trunk/ldap-server/src/lib/slapd-config.h
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.h (original)
+++ trunk/ldap-server/src/lib/slapd-config.h Tue Sep 2 10:32:47 2008
@@ -140,6 +140,8 @@
const std::string getSuffix() const;
const std::string getType() const;
+ void getAcl() const;
+
virtual void addAccessControl( const std::string& acl, int index=-1 );
virtual void replaceAccessControl( const StringList acllist );
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50544 - /trunk/ldap-server/src/lib/slapd-config.cpp
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:43 2008
New Revision: 50544
URL: http://svn.opensuse.org/viewcvs/yast?rev=50544&view=rev
Log:
regroup methods (reformat patch, no real code changes)
Modified:
trunk/ldap-server/src/lib/slapd-config.cpp
Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config…
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Tue Sep 2 10:32:43 2008
@@ -21,14 +21,6 @@
-static void defaultLogCallback( int level, const std::string &msg,
- const char* file=0, const int line=0, const char* function=0)
-{
- std::cerr << msg << std::endl;
-}
-
-SlapdConfigLogCallback *OlcConfig::logCallback = defaultLogCallback;
-
#define log_it( level, string ) \
OlcConfig::logCallback( level, string, __FILE__, __LINE__ , __FUNCTION__ )
@@ -62,929 +54,1025 @@
return false;
}
+bool OlcConfigEntry::isDatabaseEntry ( const LDAPEntry& e )
+{
+ StringList oc = e.getAttributeByName("objectclass")->getValues();
+ for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
+ {
+ if ( strCaseIgnoreEquals(*i, "olcDatabaseConfig" ) )
+ {
+ return true;
+ }
+ }
+ return false;
+}
-OlcDatabase::OlcDatabase( const LDAPEntry& le=LDAPEntry()) : OlcConfigEntry(le)
+bool OlcConfigEntry::isGlobalEntry ( const LDAPEntry& e )
{
- std::string type(this->getStringValue("olcdatabase"));
- entryIndex = splitIndexFromString( type, m_type );
+ StringList oc = e.getAttributeByName("objectclass")->getValues();
+ for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
+ {
+ if ( strCaseIgnoreEquals(*i, "olcGlobal" ) )
+ {
+ return true;
+ }
+ }
+ return false;
}
-OlcDatabase::OlcDatabase( const std::string& type ) : m_type(type)
+bool OlcConfigEntry::isOverlayEntry ( const LDAPEntry& e )
{
- std::ostringstream dnstr;
- dnstr << "olcDatabase=" << m_type << ",cn=config";
- m_dbEntryChanged.setDN(dnstr.str());
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcDatabaseConfig"));
- m_dbEntryChanged.addAttribute(LDAPAttribute("olcDatabase", m_type));
+ StringList oc = e.getAttributeByName("objectclass")->getValues();
+ for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
+ {
+ if ( strCaseIgnoreEquals(*i, "olcOverlayConfig" ) )
+ {
+ return true;
+ }
+ }
+ return false;
}
-void OlcDatabase::updateEntryDn(bool origEntry )
+bool OlcConfigEntry::isScheamEntry ( const LDAPEntry& e )
{
- log_it(SLAPD_LOG_INFO, "updateEntryDN()");
- std::ostringstream dn, name;
- name << "{" << entryIndex << "}" << m_type;
- dn << "olcDatabase=" << name.str() << ",cn=config" ;
- m_dbEntryChanged.setDN(dn.str());
- m_dbEntryChanged.replaceAttribute(LDAPAttribute("olcDatabase", name.str()));
- if ( origEntry && (! m_dbEntry.getDN().empty()) )
+ StringList oc = e.getAttributeByName("objectclass")->getValues();
+ for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
{
- m_dbEntry.setDN(dn.str());
- m_dbEntry.replaceAttribute(LDAPAttribute("olcDatabase", name.str()));
+ if ( strCaseIgnoreEquals(*i, "olcSchemaConfig" ) )
+ {
+ return true;
+ }
}
+ return false;
}
-OlcBdbDatabase::OlcBdbDatabase( const std::string& type ) : OlcDatabase(type)
-{
- if ( type == "hdb" )
+OlcConfigEntry* OlcConfigEntry::createFromLdapEntry( const LDAPEntry& e )
+{
+ if ( OlcConfigEntry::isGlobalEntry(e) )
{
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcHdbConfig"));
+ log_it(SLAPD_LOG_INFO,"creating OlcGlobalConfig" );
+ return new OlcGlobalConfig(e);
+ }
+ else if ( OlcConfigEntry::isScheamEntry(e) )
+ {
+ log_it(SLAPD_LOG_INFO,"creating OlcSchemaConfig" );
+ return new OlcSchemaConfig(e);
+ }
+ else if ( OlcConfigEntry::isDatabaseEntry(e) )
+ {
+ log_it(SLAPD_LOG_INFO,"creating OlcDatabase" );;
+ return OlcDatabase::createFromLdapEntry(e);
+ }
+ else if ( OlcConfigEntry::isOverlayEntry(e) )
+ {
+ log_it(SLAPD_LOG_INFO,"creating OlcOverlay");
+ return new OlcConfigEntry(e);
}
else
{
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcBdbConfig"));
+ log_it(SLAPD_LOG_INFO,"unknown Config Object" );
+ return 0;
}
}
-OlcBdbDatabase::OlcBdbDatabase( const LDAPEntry& le) : OlcDatabase(le) { }
-
-inline void splitIndexString( const std::string &indexString, std::string &attr, std::string &indexes )
+void OlcConfigEntry::setIndex( int index, bool origEntry )
{
- std::string::size_type pos = indexString.find_first_of(" \t");
- attr = indexString.substr(0, pos);
- log_it(SLAPD_LOG_DEBUG, "AttributeType: " + attr );
- if ( pos != std::string::npos ) {
- pos = indexString.find_first_not_of(" \t", pos);
- if ( pos != std::string::npos ) {
- indexes = indexString.substr( pos, std::string::npos );
- }
- }
+ this->entryIndex = index;
+ this->updateEntryDn( origEntry );
}
-inline std::vector<IndexType> indexString2Type( const std::string &indexes )
+int OlcConfigEntry::getEntryIndex() const
{
- std::string::size_type pos, oldpos = 0;
- std::vector<IndexType> idx;
- do {
- pos = indexes.find( ',', oldpos );
- std::string index = indexes.substr( oldpos,
- (pos == std::string::npos ? std::string::npos : pos - oldpos) );
- log_it(SLAPD_LOG_INFO, std::string("Index: ") + index );
- oldpos = indexes.find_first_not_of( ", ", pos );
- if ( index == "pres" ) {
- idx.push_back(Present);
- } else if (index == "eq" ) {
- idx.push_back(Eq);
- } else if (index == "approx" ) {
- idx.push_back(Approx);
- } else if (index == "sub" ) {
- idx.push_back(Sub);
- } else if (index == "subinital" ) {
- idx.push_back(SpecialSubInitial);
- } else if (index == "subany" ) {
- idx.push_back(SpecialSubAny);
- } else if (index == "subfinal" ) {
- idx.push_back(SpecialSubFinal);
- } else if (index == "nolang" ) {
- idx.push_back(SpecialNoLang);
- } else if (index == "nosubtypes" ) {
- idx.push_back(SpecialNoSubTypes);
- }
- } while (pos != std::string::npos);
- return idx;
+ return this->entryIndex;
}
-IndexMap OlcBdbDatabase::getDatabaseIndexes() const
+void OlcConfigEntry::updateEntryDn( bool origEntry )
{
- const LDAPAttributeList *al = m_dbEntryChanged.getAttributes();
- const LDAPAttribute *attr = al->getAttributeByName("olcdbindex");
- IndexMap res;
- if (! attr ) {
- return res;
- };
-
- StringList sl = attr->getValues();
- StringList::const_iterator i;
- for (i = sl.begin(); i != sl.end(); i++ ) {
- std::string attrType;
- std::string indexes;
- splitIndexString(*i, attrType, indexes );
- log_it(SLAPD_LOG_INFO, "Indexes: " + indexes );
- std::vector<IndexType> idx = indexString2Type(indexes);
- res.insert(make_pair(attrType, idx));
- }
- return res;
}
-std::vector<IndexType> OlcBdbDatabase::getDatabaseIndex( const std::string &type ) const
+void OlcConfigEntry::clearChangedEntry()
{
- const LDAPAttributeList *al = m_dbEntryChanged.getAttributes();
- const LDAPAttribute *attr = al->getAttributeByName("olcdbindex");
- std::vector<IndexType> res;
- if (! attr ) {
- return res;
- };
-
- StringList sl = attr->getValues();
- StringList::const_iterator i;
- for (i = sl.begin(); i != sl.end(); i++ ) {
- std::string attrType;
- std::string indexes;
- splitIndexString(*i, attrType, indexes );
- if ( attrType == type )
- {
- res = indexString2Type(indexes);
- break;
- }
- }
- return res;
+ m_dbEntryChanged = LDAPEntry();
}
-void OlcBdbDatabase::addIndex(const std::string& attr, const std::vector<IndexType>& idx)
+void OlcConfigEntry::resetEntries( const LDAPEntry &e )
{
- std::string indexString = attr;
- std::vector<IndexType>::const_iterator i;
- bool first = true;
- for ( i = idx.begin(); i != idx.end(); i++ )
- {
- if (! first)
- {
- indexString += ",";
- } else {
- indexString += " ";
- first = false;
- }
- if ( *i == Present ) {
- indexString += "pres";
- }
- else if ( *i == Eq )
- {
- indexString += "eq";
- }
- else if ( *i == Sub )
- {
- indexString += "sub";
- }
- }
- log_it(SLAPD_LOG_INFO, "indexString: '" + indexString + "'");
- this->addStringValue( "olcDbIndex", indexString );
+ m_dbEntry = e;
+ m_dbEntryChanged = e;
+ this->resetMemberAttrs();
}
-void OlcBdbDatabase::deleteIndex(const std::string& type)
+StringList OlcConfigEntry::getStringValues(const std::string &type) const
{
- const LDAPAttribute *attr = m_dbEntryChanged.getAttributes()->getAttributeByName("olcdbindex");
- if (! attr ) {
- return;
- };
-
- StringList sl = attr->getValues();
- StringList newValues;
- StringList::const_iterator i;
- for (i = sl.begin(); i != sl.end(); i++ ) {
- std::string attrType;
- std::string indexes;
- splitIndexString(*i, attrType, indexes );
- if ( attrType != type )
- {
- newValues.add(*i);
- }
+ const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName(type);
+ if ( attr ) {
+ return attr->getValues();
+ } else {
+ return StringList();
}
- this->setStringValues("olcdbindex", newValues );
}
-void OlcBdbDatabase::setDirectory( const std::string &dir )
-{
- this->setStringValue("olcDbDirectory", dir);
+std::string OlcConfigEntry::getStringValue(const std::string &type) const
+{
+ StringList sl = this->getStringValues(type);
+ if ( sl.size() == 1 ) {
+ return *(sl.begin());
+ } else {
+ return "";
+ }
}
-int OlcBdbDatabase::getEntryCache() const
+void OlcConfigEntry::setStringValues(const std::string &type, const StringList &values)
{
- return this->getIntValue( "olcDbCachesize" );
+ LDAPAttribute attr(type, values);
+ m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcBdbDatabase::setEntryCache( int cachesize )
+void OlcConfigEntry::setStringValue(const std::string &type, const std::string &value)
{
- if (! cachesize )
+ log_it(SLAPD_LOG_INFO,"setStringValue() " + type + " " + value);
+ if ( value.empty() )
{
- this->setStringValue( "olcDbCachesize", "" );
+ m_dbEntryChanged.delAttribute(type);
}
else
{
- this->setIntValue( "olcDbCachesize", cachesize );
+ LDAPAttribute attr(type, value);
+ m_dbEntryChanged.replaceAttribute(attr);
}
}
-int OlcBdbDatabase::getIdlCache() const
+void OlcConfigEntry::addStringValue(const std::string &type, const std::string &value)
{
- return this->getIntValue( "olcDbIdlCachesize" );
+ const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName(type);
+ if ( attr ) {
+ LDAPAttribute newAttr(*attr);
+ newAttr.addValue(value);
+ m_dbEntryChanged.replaceAttribute(newAttr);
+ } else {
+ LDAPAttribute newAttr(type, value);
+ m_dbEntryChanged.addAttribute(newAttr);
+ }
}
-void OlcBdbDatabase::setIdlCache( int cachesize )
+void OlcConfigEntry::addIndexedStringValue(const std::string &type,
+ const std::string &value, int index)
{
- if (! cachesize )
+ std::ostringstream oStr;
+ oStr << "{" << index << "}" << value;
+ this->addStringValue( type, oStr.str() );
+}
+
+int OlcConfigEntry::getIntValue( const std::string &type ) const
+{
+ StringList sl = this->getStringValues(type);
+ if ( sl.empty() )
{
- this->setStringValue( "olcDbIdlCachesize", "" );
+ return -1;
}
- else
- {
- this->setIntValue( "olcDbIdlCachesize", cachesize );
+ else if(sl.size() == 1 ) {
+ std::istringstream iStr(*sl.begin());
+ int value;
+ iStr >> value;
+ return value;
+ } else {
+ throw(std::runtime_error("Attribute is not single-valued") );
}
}
-void OlcBdbDatabase::setCheckPoint( int kbytes, int min )
+void OlcConfigEntry::setIntValue( const std::string &type, int value )
{
- if ( !kbytes && !min )
+ std::ostringstream oStr;
+ oStr << value;
+ this->setStringValue( type, oStr.str() );
+}
+
+std::string OlcConfigEntry::toLdif() const
+{
+ std::ostringstream ldifStream;
+ LdifWriter ldif(ldifStream);
+ ldif.writeRecord( m_dbEntryChanged );
+ return ldifStream.str();
+}
+
+bool OlcConfigEntry::isNewEntry() const
+{
+ return ( this->getDn().empty() );
+}
+bool OlcConfigEntry::isDeletedEntry() const
+{
+ return ( (!this->getDn().empty()) && this->getUpdatedDn().empty() );
+}
+
+LDAPModList OlcConfigEntry::entryDifftoMod() const {
+ LDAPAttributeList::const_iterator i = m_dbEntry.getAttributes()->begin();
+ LDAPModList modifications;
+ log_it(SLAPD_LOG_INFO, "Old Entry DN: " + m_dbEntry.getDN());
+ log_it(SLAPD_LOG_INFO,"New Entry DN: " + m_dbEntryChanged.getDN());
+ for(; i != m_dbEntry.getAttributes()->end(); i++ )
{
- this->setStringValue( "olcDbCheckpoint", "" );
+ log_it(SLAPD_LOG_INFO,i->getName());
+ const LDAPAttribute *changedAttr = m_dbEntryChanged.getAttributeByName(i->getName());
+ if ( changedAttr ) {
+ StringList::const_iterator j = i->getValues().begin();
+ StringList delValues, addValues;
+ for(; j != i->getValues().end(); j++ )
+ {
+ bool deleted = true;
+ StringList::const_iterator k = changedAttr->getValues().begin();
+ for( ; k != changedAttr->getValues().end(); k++ ) {
+ if ( *k == *j ) {
+ deleted = false;
+ break;
+ }
+ }
+ if ( deleted )
+ {
+ delValues.add(*j);
+ log_it(SLAPD_LOG_INFO,"Value deleted: " + *j );
+ }
+ }
+ j = changedAttr->getValues().begin();
+ for(; j != changedAttr->getValues().end(); j++ )
+ {
+ bool added = true;
+ StringList::const_iterator k = i->getValues().begin();
+ for( ; k != i->getValues().end(); k++ ) {
+ if ( *k == *j ) {
+ log_it(SLAPD_LOG_INFO,"Value unchanged: " + *k );
+ added = false;
+ break;
+ }
+ }
+ if ( added )
+ {
+ addValues.add(*j);
+ log_it(SLAPD_LOG_INFO,"Value added: " + *j);
+ }
+ }
+ bool replace = false;
+ if ( delValues.size() > 0 ) {
+ if ( (addValues.size() > 0) && ( (int)delValues.size() == i->getNumValues()) ) {
+ log_it(SLAPD_LOG_INFO,"All Values deleted, this is a replace" );
+ modifications.addModification(
+ LDAPModification( LDAPAttribute(i->getName(), addValues),
+ LDAPModification::OP_REPLACE)
+ );
+ replace = true;
+ } else {
+ modifications.addModification(
+ LDAPModification( LDAPAttribute(i->getName(), delValues ),
+ LDAPModification::OP_DELETE)
+ );
+ }
+ }
+ if (addValues.size() > 0 && !replace ) {
+ modifications.addModification(
+ LDAPModification( LDAPAttribute(i->getName(), addValues),
+ LDAPModification::OP_ADD)
+ );
+ }
+ } else {
+ log_it(SLAPD_LOG_INFO,"removed Attribute: " + i->getName() );
+ modifications.addModification(
+ LDAPModification( LDAPAttribute(i->getName()),
+ LDAPModification::OP_DELETE)
+ );
+ }
}
- else
+ i = m_dbEntryChanged.getAttributes()->begin();
+ for(; i != m_dbEntryChanged.getAttributes()->end(); i++ )
{
- std::ostringstream oStr;
- oStr << kbytes << " " << min;
- this->setStringValue( "olcDbCheckpoint", oStr.str() );
+ log_it(SLAPD_LOG_INFO,i->getName() );
+ const LDAPAttribute *old = m_dbEntry.getAttributeByName(i->getName());
+ if (! old ) {
+ log_it(SLAPD_LOG_INFO,"Attribute added: " + i->getName());
+ if (! i->getValues().empty() )
+ {
+ modifications.addModification(
+ LDAPModification( LDAPAttribute(i->getName(), i->getValues()),
+ LDAPModification::OP_ADD)
+ );
+ }
+ }
}
+ return modifications;
}
-void OlcBdbDatabase::getCheckPoint( int& kbytes, int& min) const
+OlcOverlay* OlcOverlay::createFromLdapEntry( const LDAPEntry& e)
{
- kbytes=0;
- min=0;
- std::string checkpointStr = this->getStringValue("olcDbCheckpoint");
- if (! checkpointStr.empty() )
- {
- std::istringstream iStr(checkpointStr);
- iStr >> kbytes >> std::skipws >> min;
- }
- return;
+ return new OlcOverlay(e);
}
-OlcGlobalConfig::OlcGlobalConfig() : OlcConfigEntry()
+OlcOverlay::OlcOverlay( const LDAPEntry& e) : OlcConfigEntry(e)
{
- m_dbEntryChanged.setDN("cn=config");
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcGlobal"));
- m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "config"));
+ log_it(SLAPD_LOG_INFO,"OlcOverlay::OlcOverlay()" );
+ std::string type(this->getStringValue("olcoverlay"));
+ entryIndex = splitIndexFromString( type, m_type );
}
-OlcGlobalConfig::OlcGlobalConfig( const LDAPEntry &le) : OlcConfigEntry(le)
+OlcOverlay::OlcOverlay( const std::string &type, const std::string &parent )
+ : m_type(type), m_parent(parent)
{
- log_it(SLAPD_LOG_INFO, "OlcGlobalConfig::OlcGlobalConfig( const LDAPEntry &le) : OlcConfigEntry(le)");
+ std::ostringstream dnstr;
+ dnstr << "olcOverlay=" << m_type << "," << parent;
+ m_dbEntryChanged.setDN(dnstr.str());
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcPpolicyConfig"));
+ m_dbEntryChanged.addAttribute(LDAPAttribute("olcoverlay", m_type));
+}
+const std::string OlcOverlay::getType() const
+{
+ return m_type;
}
-const std::vector<std::string> OlcGlobalConfig::getLogLevelString() const
+void OlcOverlay::newParentDn( const std::string& parent )
{
- StringList lvalues = this->getStringValues("olcLogLevel");
- StringList::const_iterator i;
- std::vector<std::string> lvls;
- for ( i = lvalues.begin(); i != lvalues.end(); i++ )
+ std::ostringstream dnstr;
+ m_parent = parent;
+ dnstr << "olcOverlay={" << entryIndex << "}" << m_type << "," << parent;
+ log_it(SLAPD_LOG_INFO, "Changing Overlay DN from: " + m_dbEntryChanged.getDN()
+ + " to: " + dnstr.str() );
+ if (! m_dbEntry.getDN().empty() )
{
- std::istringstream iss(*i);
- int intlogValue;
- if ( iss >> intlogValue ) {
- log_it(SLAPD_LOG_INFO,"IntegerValue " + *i );
- }
- else
- {
- log_it(SLAPD_LOG_INFO,"StringValue " + *i );
- lvls.push_back(*i);
- }
+ m_dbEntry.setDN(dnstr.str());
}
- return lvls;
+ m_dbEntryChanged.setDN(dnstr.str());
}
-//int OlcGlobalConfig::getIdleTimeout()
-//{
-//
-//}
-
-void OlcGlobalConfig::setLogLevel(const std::list<std::string> &level) {
- const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel");
- LDAPAttribute attr( "olcloglevel" );
- if ( sattr ) {
- attr = *sattr;
- }
- StringList values;
- std::list<std::string>::const_iterator i = level.begin();
- for(; i != level.end(); i++ )
+void OlcOverlay::resetMemberAttrs()
+{
+ std::string type(this->getStringValue("olcoverlay"));
+ entryIndex = splitIndexFromString( type, m_type );
+}
+void OlcOverlay::updateEntryDn(bool origEntry )
+{
+ log_it(SLAPD_LOG_INFO, "updateEntryDN()");
+ std::ostringstream dn, name;
+ name << "{" << entryIndex << "}" << m_type;
+ dn << "olcOverlay=" << name.str() << "," << m_parent;
+ m_dbEntryChanged.setDN(dn.str());
+ m_dbEntryChanged.replaceAttribute(LDAPAttribute("olcOverlay", name.str()));
+ if ( origEntry && (! m_dbEntry.getDN().empty()) )
{
- values.add(*i);
+ m_dbEntry.setDN(dn.str());
+ m_dbEntry.replaceAttribute(LDAPAttribute("olcOverlay", name.str()));
}
- attr.setValues(values);
- m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcGlobalConfig::addLogLevel(std::string level) {
- const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel");
- LDAPAttribute attr;
- if ( sattr ) {
- attr = *sattr;
- }
- attr.addValue(level);
- m_dbEntryChanged.replaceAttribute(attr);
+
+OlcDatabase::OlcDatabase( const LDAPEntry& le=LDAPEntry()) : OlcConfigEntry(le)
+{
+ std::string type(this->getStringValue("olcdatabase"));
+ entryIndex = splitIndexFromString( type, m_type );
}
-const std::vector<std::string> OlcGlobalConfig::getAllowFeatures() const
+OlcDatabase::OlcDatabase( const std::string& type ) : m_type(type)
{
- StringList values = this->getStringValues("olcAllows");
- StringList::const_iterator i;
- std::vector<std::string> allow;
- for ( i = values.begin(); i != values.end(); i++ )
+ std::ostringstream dnstr;
+ dnstr << "olcDatabase=" << m_type << ",cn=config";
+ m_dbEntryChanged.setDN(dnstr.str());
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcDatabaseConfig"));
+ m_dbEntryChanged.addAttribute(LDAPAttribute("olcDatabase", m_type));
+}
+
+void OlcDatabase::updateEntryDn(bool origEntry )
+{
+ log_it(SLAPD_LOG_INFO, "updateEntryDN()");
+ std::ostringstream dn, name;
+ name << "{" << entryIndex << "}" << m_type;
+ dn << "olcDatabase=" << name.str() << ",cn=config" ;
+ m_dbEntryChanged.setDN(dn.str());
+ m_dbEntryChanged.replaceAttribute(LDAPAttribute("olcDatabase", name.str()));
+ if ( origEntry && (! m_dbEntry.getDN().empty()) )
{
- allow.push_back(*i);
+ m_dbEntry.setDN(dn.str());
+ m_dbEntry.replaceAttribute(LDAPAttribute("olcDatabase", name.str()));
}
- return allow;
}
-void OlcGlobalConfig::setAllowFeatures(const std::list<std::string> &allow )
+void OlcDatabase::setSuffix( const std::string &suffix)
{
- const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcAllows");
- LDAPAttribute attr( "olcAllows" );
- if ( sattr ) {
- attr = *sattr;
- }
- StringList values;
- std::list<std::string>::const_iterator i = allow.begin();
- for(; i != allow.end(); i++ )
+ this->setStringValue("olcSuffix", suffix);
+}
+
+void OlcDatabase::setRootDn( const std::string &rootdn)
+{
+ this->setStringValue("olcRootDN", rootdn);
+}
+
+void OlcDatabase::setRootPw( const std::string &rootpw)
+{
+ this->setStringValue("olcRootPW", rootpw);
+}
+
+const std::string OlcDatabase::getSuffix() const
+{
+ return this->getStringValue("olcSuffix");
+}
+
+const std::string OlcDatabase::getType() const
+{
+ return this->m_type;
+}
+
+void OlcDatabase::addAccessControl(const std::string& acl, int index )
+{
+ if ( index < 0 )
{
- values.add(*i);
+ StringList sl = this->getStringValues( "olcAccess" );
+ index = sl.size();
}
- attr.setValues(values);
- m_dbEntryChanged.replaceAttribute(attr);
+ this->addIndexedStringValue( "olcAccess", acl, index );
}
-const std::vector<std::string> OlcGlobalConfig::getDisallowFeatures() const
+void OlcDatabase::replaceAccessControl(const StringList acllist )
{
- StringList values = this->getStringValues("olcDisallows");
+ // delete old Values first
+ this->setStringValue( "olcAccess", "" );
+
StringList::const_iterator i;
- std::vector<std::string> allow;
- for ( i = values.begin(); i != values.end(); i++ )
+ int j = 0;
+
+ for ( i = acllist.begin(); i != acllist.end(); i++ )
{
- allow.push_back(*i);
+ this->addAccessControl( *i, j );
+ j++;
}
- return allow;
}
-void OlcGlobalConfig::setDisallowFeatures(const std::list<std::string> &disallow )
+void OlcDatabase::addOverlay(boost::shared_ptr<OlcOverlay> overlay)
{
- const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcDisallows");
- LDAPAttribute attr( "olcDisallows" );
- if ( sattr ) {
- attr = *sattr;
- }
- StringList values;
- std::list<std::string>::const_iterator i = disallow.begin();
- for(; i != disallow.end(); i++ )
- {
- values.add(*i);
- }
- attr.setValues(values);
- m_dbEntryChanged.replaceAttribute(attr);
+ m_overlays.push_back(overlay);
}
+OlcOverlayList& OlcDatabase::getOverlays()
+{
+ return m_overlays;
+}
-OlcSchemaConfig::OlcSchemaConfig() : OlcConfigEntry()
+void OlcDatabase::resetMemberAttrs()
{
- m_dbEntryChanged.setDN("cn=schema,cn=config");
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcSchemaConfig"));
- m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "schema"));
+ std::string type(this->getStringValue("olcdatabase"));
+ entryIndex = splitIndexFromString( type, m_type );
}
-OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)
+bool OlcDatabase::isBdbDatabase( const LDAPEntry& e )
{
- log_it(SLAPD_LOG_INFO, "OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)");
- std::string name(this->getStringValue("cn"));
- if ( name[0] == '{' )
+ StringList oc = e.getAttributeByName("objectclass")->getValues();
+ for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
{
- std::string::size_type pos = name.find('}');
- std::istringstream indexstr(name.substr(1, pos-1));
- indexstr >> entryIndex;
- m_name = name.substr( pos+1, std::string::npos );
- } else {
- m_name = name;
- entryIndex = 0;
+ if ( strCaseIgnoreEquals(*i, "olcBdbConfig" ) || strCaseIgnoreEquals(*i, "olcHdbConfig" ) )
+ {
+ return true;
+ }
}
+ return false;
}
-OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e1, const LDAPEntry &e2) : OlcConfigEntry(e1, e2)
+
+OlcDatabase* OlcDatabase::createFromLdapEntry( const LDAPEntry& e)
{
- log_it(SLAPD_LOG_INFO, "OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)");
- std::string name(this->getStringValue("cn"));
- entryIndex = splitIndexFromString( name, m_name );
+ if ( OlcDatabase::isBdbDatabase( e ) )
+ {
+ log_it(SLAPD_LOG_INFO,"creating OlcBbdDatabase()" );
+ return new OlcBdbDatabase(e);
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO,"creating OlcDatabase()" );
+ return new OlcDatabase(e);
+ }
}
-void OlcSchemaConfig::clearChangedEntry()
+
+OlcBdbDatabase::OlcBdbDatabase( const std::string& type ) : OlcDatabase(type)
+{
+ if ( type == "hdb" )
+ {
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcHdbConfig"));
+ }
+ else
+ {
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcBdbConfig"));
+ }
+}
+
+OlcBdbDatabase::OlcBdbDatabase( const LDAPEntry& le) : OlcDatabase(le) { }
+
+inline void splitIndexString( const std::string &indexString, std::string &attr, std::string &indexes )
{
- OlcConfigEntry::clearChangedEntry();
- m_name = "";
+ std::string::size_type pos = indexString.find_first_of(" \t");
+ attr = indexString.substr(0, pos);
+ log_it(SLAPD_LOG_DEBUG, "AttributeType: " + attr );
+ if ( pos != std::string::npos ) {
+ pos = indexString.find_first_not_of(" \t", pos);
+ if ( pos != std::string::npos ) {
+ indexes = indexString.substr( pos, std::string::npos );
+ }
+ }
}
-const std::string& OlcSchemaConfig::getName() const
+inline std::vector<IndexType> indexString2Type( const std::string &indexes )
{
- return m_name;
+ std::string::size_type pos, oldpos = 0;
+ std::vector<IndexType> idx;
+ do {
+ pos = indexes.find( ',', oldpos );
+ std::string index = indexes.substr( oldpos,
+ (pos == std::string::npos ? std::string::npos : pos - oldpos) );
+ log_it(SLAPD_LOG_INFO, std::string("Index: ") + index );
+ oldpos = indexes.find_first_not_of( ", ", pos );
+ if ( index == "pres" ) {
+ idx.push_back(Present);
+ } else if (index == "eq" ) {
+ idx.push_back(Eq);
+ } else if (index == "approx" ) {
+ idx.push_back(Approx);
+ } else if (index == "sub" ) {
+ idx.push_back(Sub);
+ } else if (index == "subinital" ) {
+ idx.push_back(SpecialSubInitial);
+ } else if (index == "subany" ) {
+ idx.push_back(SpecialSubAny);
+ } else if (index == "subfinal" ) {
+ idx.push_back(SpecialSubFinal);
+ } else if (index == "nolang" ) {
+ idx.push_back(SpecialNoLang);
+ } else if (index == "nosubtypes" ) {
+ idx.push_back(SpecialNoSubTypes);
+ }
+ } while (pos != std::string::npos);
+ return idx;
}
-const std::vector<LDAPAttrType> OlcSchemaConfig::getAttributeTypes() const
+IndexMap OlcBdbDatabase::getDatabaseIndexes() const
{
- std::vector<LDAPAttrType> res;
- StringList types = this->getStringValues("olcAttributeTypes");
- StringList::const_iterator j;
- for ( j = types.begin(); j != types.end(); j++ )
- {
- LDAPAttrType currentAttr;
- std::string tmp;
- splitIndexFromString( *j, tmp );
- currentAttr = LDAPAttrType( tmp, LDAP_SCHEMA_ALLOW_NO_OID |
- LDAP_SCHEMA_ALLOW_QUOTED | LDAP_SCHEMA_ALLOW_OID_MACRO );
- res.push_back(currentAttr);
+ const LDAPAttributeList *al = m_dbEntryChanged.getAttributes();
+ const LDAPAttribute *attr = al->getAttributeByName("olcdbindex");
+ IndexMap res;
+ if (! attr ) {
+ return res;
+ };
+
+ StringList sl = attr->getValues();
+ StringList::const_iterator i;
+ for (i = sl.begin(); i != sl.end(); i++ ) {
+ std::string attrType;
+ std::string indexes;
+ splitIndexString(*i, attrType, indexes );
+ log_it(SLAPD_LOG_INFO, "Indexes: " + indexes );
+ std::vector<IndexType> idx = indexString2Type(indexes);
+ res.insert(make_pair(attrType, idx));
}
return res;
}
-void OlcSchemaConfig::resetMemberAttrs()
-{
- std::string name(this->getStringValue("cn"));
- entryIndex = splitIndexFromString( name, m_name );
-}
-
-OlcTlsSettings OlcGlobalConfig::getTlsSettings() const
-{
- log_it(SLAPD_LOG_INFO, "OlcTlsSettings OlcGlobalConfig::getTlsSettings() const ");
- return OlcTlsSettings( *this );
-}
-
-void OlcGlobalConfig::setTlsSettings( const OlcTlsSettings& tls )
+std::vector<IndexType> OlcBdbDatabase::getDatabaseIndex( const std::string &type ) const
{
- tls.applySettings( *this );
-}
-
+ const LDAPAttributeList *al = m_dbEntryChanged.getAttributes();
+ const LDAPAttribute *attr = al->getAttributeByName("olcdbindex");
+ std::vector<IndexType> res;
+ if (! attr ) {
+ return res;
+ };
-bool OlcConfigEntry::isDatabaseEntry ( const LDAPEntry& e )
-{
- StringList oc = e.getAttributeByName("objectclass")->getValues();
- for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
- {
- if ( strCaseIgnoreEquals(*i, "olcDatabaseConfig" ) )
+ StringList sl = attr->getValues();
+ StringList::const_iterator i;
+ for (i = sl.begin(); i != sl.end(); i++ ) {
+ std::string attrType;
+ std::string indexes;
+ splitIndexString(*i, attrType, indexes );
+ if ( attrType == type )
{
- return true;
+ res = indexString2Type(indexes);
+ break;
}
}
- return false;
+ return res;
}
-bool OlcConfigEntry::isGlobalEntry ( const LDAPEntry& e )
+void OlcBdbDatabase::addIndex(const std::string& attr, const std::vector<IndexType>& idx)
{
- StringList oc = e.getAttributeByName("objectclass")->getValues();
- for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
+ std::string indexString = attr;
+ std::vector<IndexType>::const_iterator i;
+ bool first = true;
+ for ( i = idx.begin(); i != idx.end(); i++ )
{
- if ( strCaseIgnoreEquals(*i, "olcGlobal" ) )
+ if (! first)
{
- return true;
+ indexString += ",";
+ } else {
+ indexString += " ";
+ first = false;
+ }
+ if ( *i == Present ) {
+ indexString += "pres";
+ }
+ else if ( *i == Eq )
+ {
+ indexString += "eq";
+ }
+ else if ( *i == Sub )
+ {
+ indexString += "sub";
}
}
- return false;
+ log_it(SLAPD_LOG_INFO, "indexString: '" + indexString + "'");
+ this->addStringValue( "olcDbIndex", indexString );
}
-bool OlcConfigEntry::isOverlayEntry ( const LDAPEntry& e )
+void OlcBdbDatabase::deleteIndex(const std::string& type)
{
- StringList oc = e.getAttributeByName("objectclass")->getValues();
- for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
- {
- if ( strCaseIgnoreEquals(*i, "olcOverlayConfig" ) )
+ const LDAPAttribute *attr = m_dbEntryChanged.getAttributes()->getAttributeByName("olcdbindex");
+ if (! attr ) {
+ return;
+ };
+
+ StringList sl = attr->getValues();
+ StringList newValues;
+ StringList::const_iterator i;
+ for (i = sl.begin(); i != sl.end(); i++ ) {
+ std::string attrType;
+ std::string indexes;
+ splitIndexString(*i, attrType, indexes );
+ if ( attrType != type )
{
- return true;
+ newValues.add(*i);
}
}
- return false;
+ this->setStringValues("olcdbindex", newValues );
}
-bool OlcConfigEntry::isScheamEntry ( const LDAPEntry& e )
+void OlcBdbDatabase::setDirectory( const std::string &dir )
+{
+ this->setStringValue("olcDbDirectory", dir);
+}
+
+int OlcBdbDatabase::getEntryCache() const
{
- StringList oc = e.getAttributeByName("objectclass")->getValues();
- for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
- {
- if ( strCaseIgnoreEquals(*i, "olcSchemaConfig" ) )
- {
- return true;
- }
- }
- return false;
+ return this->getIntValue( "olcDbCachesize" );
}
-OlcConfigEntry* OlcConfigEntry::createFromLdapEntry( const LDAPEntry& e )
+void OlcBdbDatabase::setEntryCache( int cachesize )
{
- if ( OlcConfigEntry::isGlobalEntry(e) )
- {
- log_it(SLAPD_LOG_INFO,"creating OlcGlobalConfig" );
- return new OlcGlobalConfig(e);
- }
- else if ( OlcConfigEntry::isScheamEntry(e) )
- {
- log_it(SLAPD_LOG_INFO,"creating OlcSchemaConfig" );
- return new OlcSchemaConfig(e);
- }
- else if ( OlcConfigEntry::isDatabaseEntry(e) )
- {
- log_it(SLAPD_LOG_INFO,"creating OlcDatabase" );;
- return OlcDatabase::createFromLdapEntry(e);
- }
- else if ( OlcConfigEntry::isOverlayEntry(e) )
+ if (! cachesize )
{
- log_it(SLAPD_LOG_INFO,"creating OlcOverlay");
- return new OlcConfigEntry(e);
+ this->setStringValue( "olcDbCachesize", "" );
}
else
{
- log_it(SLAPD_LOG_INFO,"unknown Config Object" );
- return 0;
+ this->setIntValue( "olcDbCachesize", cachesize );
}
}
-//std::map<std::string, std::list<std::string> > OlcConfigEntry::toMap() const
-//{
-// std::map<std::string, std::list<std::string> > resMap;
-//// std::string value = this->getStringValue("olcConcurrency");
-//// resMap.insert( std::make_pair( "concurrency", value ) );
-////
-//// value = this->getStringValue("olcThreads");
-//// resMap.insert( std::make_pair("threads", value ) );
-//
-// return resMap;
-//}
-
-void OlcConfigEntry::setIndex( int index, bool origEntry )
+int OlcBdbDatabase::getIdlCache() const
{
- this->entryIndex = index;
- this->updateEntryDn( origEntry );
+ return this->getIntValue( "olcDbIdlCachesize" );
}
-int OlcConfigEntry::getEntryIndex() const
+void OlcBdbDatabase::setIdlCache( int cachesize )
{
- return this->entryIndex;
+ if (! cachesize )
+ {
+ this->setStringValue( "olcDbIdlCachesize", "" );
+ }
+ else
+ {
+ this->setIntValue( "olcDbIdlCachesize", cachesize );
+ }
}
-void OlcConfigEntry::updateEntryDn( bool origEntry )
+void OlcBdbDatabase::setCheckPoint( int kbytes, int min )
{
+ if ( !kbytes && !min )
+ {
+ this->setStringValue( "olcDbCheckpoint", "" );
+ }
+ else
+ {
+ std::ostringstream oStr;
+ oStr << kbytes << " " << min;
+ this->setStringValue( "olcDbCheckpoint", oStr.str() );
+ }
}
-void OlcConfigEntry::clearChangedEntry()
+void OlcBdbDatabase::getCheckPoint( int& kbytes, int& min) const
{
- m_dbEntryChanged = LDAPEntry();
+ kbytes=0;
+ min=0;
+ std::string checkpointStr = this->getStringValue("olcDbCheckpoint");
+ if (! checkpointStr.empty() )
+ {
+ std::istringstream iStr(checkpointStr);
+ iStr >> kbytes >> std::skipws >> min;
+ }
+ return;
}
-void OlcConfigEntry::resetEntries( const LDAPEntry &e )
+OlcGlobalConfig::OlcGlobalConfig() : OlcConfigEntry()
{
- m_dbEntry = e;
- m_dbEntryChanged = e;
- this->resetMemberAttrs();
+ m_dbEntryChanged.setDN("cn=config");
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcGlobal"));
+ m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "config"));
}
-OlcOverlay* OlcOverlay::createFromLdapEntry( const LDAPEntry& e)
+OlcGlobalConfig::OlcGlobalConfig( const LDAPEntry &le) : OlcConfigEntry(le)
{
- return new OlcOverlay(e);
-}
+ log_it(SLAPD_LOG_INFO, "OlcGlobalConfig::OlcGlobalConfig( const LDAPEntry &le) : OlcConfigEntry(le)");
-OlcOverlay::OlcOverlay( const LDAPEntry& e) : OlcConfigEntry(e)
-{
- log_it(SLAPD_LOG_INFO,"OlcOverlay::OlcOverlay()" );
- std::string type(this->getStringValue("olcoverlay"));
- entryIndex = splitIndexFromString( type, m_type );
}
-OlcOverlay::OlcOverlay( const std::string &type, const std::string &parent )
- : m_type(type), m_parent(parent)
+const std::vector<std::string> OlcGlobalConfig::getLogLevelString() const
{
- std::ostringstream dnstr;
- dnstr << "olcOverlay=" << m_type << "," << parent;
- m_dbEntryChanged.setDN(dnstr.str());
- m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcPpolicyConfig"));
- m_dbEntryChanged.addAttribute(LDAPAttribute("olcoverlay", m_type));
+ StringList lvalues = this->getStringValues("olcLogLevel");
+ StringList::const_iterator i;
+ std::vector<std::string> lvls;
+ for ( i = lvalues.begin(); i != lvalues.end(); i++ )
+ {
+ std::istringstream iss(*i);
+ int intlogValue;
+ if ( iss >> intlogValue ) {
+ log_it(SLAPD_LOG_INFO,"IntegerValue " + *i );
+ }
+ else
+ {
+ log_it(SLAPD_LOG_INFO,"StringValue " + *i );
+ lvls.push_back(*i);
+ }
+ }
+ return lvls;
}
-const std::string OlcOverlay::getType() const
-{
- return m_type;
+void OlcGlobalConfig::setLogLevel(const std::list<std::string> &level) {
+ const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel");
+ LDAPAttribute attr( "olcloglevel" );
+ if ( sattr ) {
+ attr = *sattr;
+ }
+ StringList values;
+ std::list<std::string>::const_iterator i = level.begin();
+ for(; i != level.end(); i++ )
+ {
+ values.add(*i);
+ }
+ attr.setValues(values);
+ m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcOverlay::newParentDn( const std::string& parent )
-{
- std::ostringstream dnstr;
- m_parent = parent;
- dnstr << "olcOverlay={" << entryIndex << "}" << m_type << "," << parent;
- log_it(SLAPD_LOG_INFO, "Changing Overlay DN from: " + m_dbEntryChanged.getDN()
- + " to: " + dnstr.str() );
- if (! m_dbEntry.getDN().empty() )
- {
- m_dbEntry.setDN(dnstr.str());
+void OlcGlobalConfig::addLogLevel(std::string level) {
+ const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel");
+ LDAPAttribute attr;
+ if ( sattr ) {
+ attr = *sattr;
}
- m_dbEntryChanged.setDN(dnstr.str());
+ attr.addValue(level);
+ m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcOverlay::resetMemberAttrs()
-{
- std::string type(this->getStringValue("olcoverlay"));
- entryIndex = splitIndexFromString( type, m_type );
-}
-void OlcOverlay::updateEntryDn(bool origEntry )
+const std::vector<std::string> OlcGlobalConfig::getAllowFeatures() const
{
- log_it(SLAPD_LOG_INFO, "updateEntryDN()");
- std::ostringstream dn, name;
- name << "{" << entryIndex << "}" << m_type;
- dn << "olcOverlay=" << name.str() << "," << m_parent;
- m_dbEntryChanged.setDN(dn.str());
- m_dbEntryChanged.replaceAttribute(LDAPAttribute("olcOverlay", name.str()));
- if ( origEntry && (! m_dbEntry.getDN().empty()) )
+ StringList values = this->getStringValues("olcAllows");
+ StringList::const_iterator i;
+ std::vector<std::string> allow;
+ for ( i = values.begin(); i != values.end(); i++ )
{
- m_dbEntry.setDN(dn.str());
- m_dbEntry.replaceAttribute(LDAPAttribute("olcOverlay", name.str()));
+ allow.push_back(*i);
}
+ return allow;
}
-void OlcDatabase::setSuffix( const std::string &suffix)
+void OlcGlobalConfig::setAllowFeatures(const std::list<std::string> &allow )
{
- this->setStringValue("olcSuffix", suffix);
+ const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcAllows");
+ LDAPAttribute attr( "olcAllows" );
+ if ( sattr ) {
+ attr = *sattr;
+ }
+ StringList values;
+ std::list<std::string>::const_iterator i = allow.begin();
+ for(; i != allow.end(); i++ )
+ {
+ values.add(*i);
+ }
+ attr.setValues(values);
+ m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcDatabase::setRootDn( const std::string &rootdn)
+const std::vector<std::string> OlcGlobalConfig::getDisallowFeatures() const
{
- this->setStringValue("olcRootDN", rootdn);
+ StringList values = this->getStringValues("olcDisallows");
+ StringList::const_iterator i;
+ std::vector<std::string> allow;
+ for ( i = values.begin(); i != values.end(); i++ )
+ {
+ allow.push_back(*i);
+ }
+ return allow;
}
-void OlcDatabase::setRootPw( const std::string &rootpw)
+void OlcGlobalConfig::setDisallowFeatures(const std::list<std::string> &disallow )
{
- this->setStringValue("olcRootPW", rootpw);
+ const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcDisallows");
+ LDAPAttribute attr( "olcDisallows" );
+ if ( sattr ) {
+ attr = *sattr;
+ }
+ StringList values;
+ std::list<std::string>::const_iterator i = disallow.begin();
+ for(; i != disallow.end(); i++ )
+ {
+ values.add(*i);
+ }
+ attr.setValues(values);
+ m_dbEntryChanged.replaceAttribute(attr);
}
-const std::string OlcDatabase::getSuffix() const
+OlcTlsSettings OlcGlobalConfig::getTlsSettings() const
{
- return this->getStringValue("olcSuffix");
+ log_it(SLAPD_LOG_INFO, "OlcTlsSettings OlcGlobalConfig::getTlsSettings() const ");
+ return OlcTlsSettings( *this );
}
-const std::string OlcDatabase::getType() const
+void OlcGlobalConfig::setTlsSettings( const OlcTlsSettings& tls )
{
- return this->m_type;
+ tls.applySettings( *this );
}
-void OlcDatabase::addAccessControl(const std::string& acl, int index )
+OlcSchemaConfig::OlcSchemaConfig() : OlcConfigEntry()
{
- if ( index < 0 )
- {
- StringList sl = this->getStringValues( "olcAccess" );
- index = sl.size();
- }
- this->addIndexedStringValue( "olcAccess", acl, index );
+ m_dbEntryChanged.setDN("cn=schema,cn=config");
+ m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcSchemaConfig"));
+ m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "schema"));
}
-void OlcDatabase::replaceAccessControl(const StringList acllist )
+OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)
{
- // delete old Values first
- this->setStringValue( "olcAccess", "" );
-
- StringList::const_iterator i;
- int j = 0;
-
- for ( i = acllist.begin(); i != acllist.end(); i++ )
+ log_it(SLAPD_LOG_INFO, "OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)");
+ std::string name(this->getStringValue("cn"));
+ if ( name[0] == '{' )
{
- this->addAccessControl( *i, j );
- j++;
+ std::string::size_type pos = name.find('}');
+ std::istringstream indexstr(name.substr(1, pos-1));
+ indexstr >> entryIndex;
+ m_name = name.substr( pos+1, std::string::npos );
+ } else {
+ m_name = name;
+ entryIndex = 0;
}
}
-
-void OlcDatabase::addOverlay(boost::shared_ptr<OlcOverlay> overlay)
+OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e1, const LDAPEntry &e2) : OlcConfigEntry(e1, e2)
{
- m_overlays.push_back(overlay);
+ log_it(SLAPD_LOG_INFO, "OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConfigEntry(e)");
+ std::string name(this->getStringValue("cn"));
+ entryIndex = splitIndexFromString( name, m_name );
}
-OlcOverlayList& OlcDatabase::getOverlays()
+void OlcSchemaConfig::clearChangedEntry()
{
- return m_overlays;
+ OlcConfigEntry::clearChangedEntry();
+ m_name = "";
}
-void OlcDatabase::resetMemberAttrs()
+const std::string& OlcSchemaConfig::getName() const
{
- std::string type(this->getStringValue("olcdatabase"));
- entryIndex = splitIndexFromString( type, m_type );
+ return m_name;
}
-bool OlcDatabase::isBdbDatabase( const LDAPEntry& e )
+const std::vector<LDAPAttrType> OlcSchemaConfig::getAttributeTypes() const
{
- StringList oc = e.getAttributeByName("objectclass")->getValues();
- for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ )
+ std::vector<LDAPAttrType> res;
+ StringList types = this->getStringValues("olcAttributeTypes");
+ StringList::const_iterator j;
+ for ( j = types.begin(); j != types.end(); j++ )
{
- if ( strCaseIgnoreEquals(*i, "olcBdbConfig" ) || strCaseIgnoreEquals(*i, "olcHdbConfig" ) )
- {
- return true;
- }
+ LDAPAttrType currentAttr;
+ std::string tmp;
+ splitIndexFromString( *j, tmp );
+ currentAttr = LDAPAttrType( tmp, LDAP_SCHEMA_ALLOW_NO_OID |
+ LDAP_SCHEMA_ALLOW_QUOTED | LDAP_SCHEMA_ALLOW_OID_MACRO );
+ res.push_back(currentAttr);
}
- return false;
+ return res;
}
-OlcDatabase* OlcDatabase::createFromLdapEntry( const LDAPEntry& e)
+void OlcSchemaConfig::resetMemberAttrs()
{
- if ( OlcDatabase::isBdbDatabase( e ) )
+ std::string name(this->getStringValue("cn"));
+ entryIndex = splitIndexFromString( name, m_name );
+}
+
+OlcTlsSettings::OlcTlsSettings( const OlcGlobalConfig &ogc )
+ : m_crlCheck(0), m_verifyCient(0)
+{
+ log_it(SLAPD_LOG_INFO,"OlcTlsSettings::OlcTlsSettings( const OlcGlobalConfig &ogc )" );
+ std::string value = ogc.getStringValue("olcTLSCRLCheck");
+ if ( value == "none" )
{
- log_it(SLAPD_LOG_INFO,"creating OlcBbdDatabase()" );
- return new OlcBdbDatabase(e);
+ m_crlCheck = 0;
}
- else
+ else if ( value == "peer" )
{
- log_it(SLAPD_LOG_INFO,"creating OlcDatabase()" );
- return new OlcDatabase(e);
+ m_crlCheck = 1;
+ }
+ else if ( value == "all" )
+ {
+ m_crlCheck = 2;
+ }
+ value = ogc.getStringValue("olcTLSVerifyClient");
+ if ( value == "never" )
+ {
+ m_verifyCient = 0;
+ }
+ else if ( value == "allow" )
+ {
+ m_verifyCient = 1;
+ }
+ else if ( value == "try" )
+ {
+ m_verifyCient = 2;
+ }
+ else if ( value == "demand" )
+ {
+ m_verifyCient = 3;
}
+
+ m_caCertDir = ogc.getStringValue("olcTlsCaCertificatePath");
+ m_caCertFile = ogc.getStringValue("olcTlsCaCertificateFile");
+ m_certFile = ogc.getStringValue("olcTlsCertificateFile");
+ m_certKeyFile = ogc.getStringValue("olcTlsCertificateKeyFile");
+ m_crlFile = ogc.getStringValue("olcTlsCrlFile");
}
-StringList OlcConfigEntry::getStringValues(const std::string &type) const
+void OlcTlsSettings::applySettings( OlcGlobalConfig &ogc ) const
{
- const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName(type);
- if ( attr ) {
- return attr->getValues();
- } else {
- return StringList();
- }
+ log_it(SLAPD_LOG_INFO,"OlcTlsSettings::applySettings( OlcGlobalConfig &ogc )" );
+ ogc.setStringValue("olcTlsCaCertificatePath", m_caCertDir);
+ ogc.setStringValue("olcTlsCaCertificateFile", m_caCertFile);
+ ogc.setStringValue("olcTlsCertificateFile", m_certFile);
+ ogc.setStringValue("olcTlsCertificateKeyFile", m_certKeyFile);
+ ogc.setStringValue("olcTlsCrlFile", m_crlFile);
}
-std::string OlcConfigEntry::getStringValue(const std::string &type) const
+int OlcTlsSettings::getCrlCheck() const
{
- StringList sl = this->getStringValues(type);
- if ( sl.size() == 1 ) {
- return *(sl.begin());
- } else {
- return "";
- }
+ return m_crlCheck;
}
-void OlcConfigEntry::setStringValues(const std::string &type, const StringList &values)
+void OlcTlsSettings::setCrlCheck()
{
- LDAPAttribute attr(type, values);
- m_dbEntryChanged.replaceAttribute(attr);
}
-void OlcConfigEntry::setStringValue(const std::string &type, const std::string &value)
+int OlcTlsSettings::getVerifyClient() const
{
- log_it(SLAPD_LOG_INFO,"setStringValue() " + type + " " + value);
- if ( value.empty() )
- {
- m_dbEntryChanged.delAttribute(type);
- }
- else
- {
- LDAPAttribute attr(type, value);
- m_dbEntryChanged.replaceAttribute(attr);
- }
+ return m_verifyCient;
}
-void OlcConfigEntry::addStringValue(const std::string &type, const std::string &value)
+const std::string& OlcTlsSettings::getCaCertDir() const
{
- const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName(type);
- if ( attr ) {
- LDAPAttribute newAttr(*attr);
- newAttr.addValue(value);
- m_dbEntryChanged.replaceAttribute(newAttr);
- } else {
- LDAPAttribute newAttr(type, value);
- m_dbEntryChanged.addAttribute(newAttr);
- }
+ return m_caCertDir;
}
-void OlcConfigEntry::addIndexedStringValue(const std::string &type,
- const std::string &value, int index)
+const std::string& OlcTlsSettings::getCaCertFile() const
+{
+ return m_caCertFile;
+}
+
+const std::string& OlcTlsSettings::getCertFile() const
+{
+ return m_certFile;
+}
+const std::string& OlcTlsSettings::getCertKeyFile() const
{
- std::ostringstream oStr;
- oStr << "{" << index << "}" << value;
- this->addStringValue( type, oStr.str() );
+ return m_certKeyFile;
}
-
-int OlcConfigEntry::getIntValue( const std::string &type ) const
+const std::string& OlcTlsSettings::getCrlFile() const
{
- StringList sl = this->getStringValues(type);
- if ( sl.empty() )
- {
- return -1;
- }
- else if(sl.size() == 1 ) {
- std::istringstream iStr(*sl.begin());
- int value;
- iStr >> value;
- return value;
- } else {
- throw(std::runtime_error("Attribute is not single-valued") );
- }
+ return m_crlFile;
}
-void OlcConfigEntry::setIntValue( const std::string &type, int value )
+void OlcTlsSettings::setCaCertDir(const std::string& dir)
{
- std::ostringstream oStr;
- oStr << value;
- this->setStringValue( type, oStr.str() );
+ m_caCertDir = dir;
}
-std::string OlcConfigEntry::toLdif() const
+void OlcTlsSettings::setCaCertFile(const std::string& file)
{
- std::ostringstream ldifStream;
- LdifWriter ldif(ldifStream);
- ldif.writeRecord( m_dbEntryChanged );
- return ldifStream.str();
+ m_caCertFile = file;
}
-bool OlcConfigEntry::isNewEntry() const
+void OlcTlsSettings::setCertFile(const std::string& file)
{
- return ( this->getDn().empty() );
+ m_certFile = file;
}
-bool OlcConfigEntry::isDeletedEntry() const
+
+void OlcTlsSettings::setCertKeyFile(const std::string& file)
{
- return ( (!this->getDn().empty()) && this->getUpdatedDn().empty() );
+ m_certKeyFile = file;
}
-LDAPModList OlcConfigEntry::entryDifftoMod() const {
- LDAPAttributeList::const_iterator i = m_dbEntry.getAttributes()->begin();
- LDAPModList modifications;
- log_it(SLAPD_LOG_INFO, "Old Entry DN: " + m_dbEntry.getDN());
- log_it(SLAPD_LOG_INFO,"New Entry DN: " + m_dbEntryChanged.getDN());
- for(; i != m_dbEntry.getAttributes()->end(); i++ )
- {
- log_it(SLAPD_LOG_INFO,i->getName());
- const LDAPAttribute *changedAttr = m_dbEntryChanged.getAttributeByName(i->getName());
- if ( changedAttr ) {
- StringList::const_iterator j = i->getValues().begin();
- StringList delValues, addValues;
- for(; j != i->getValues().end(); j++ )
- {
- bool deleted = true;
- StringList::const_iterator k = changedAttr->getValues().begin();
- for( ; k != changedAttr->getValues().end(); k++ ) {
- if ( *k == *j ) {
- deleted = false;
- break;
- }
- }
- if ( deleted )
- {
- delValues.add(*j);
- log_it(SLAPD_LOG_INFO,"Value deleted: " + *j );
- }
- }
- j = changedAttr->getValues().begin();
- for(; j != changedAttr->getValues().end(); j++ )
- {
- bool added = true;
- StringList::const_iterator k = i->getValues().begin();
- for( ; k != i->getValues().end(); k++ ) {
- if ( *k == *j ) {
- log_it(SLAPD_LOG_INFO,"Value unchanged: " + *k );
- added = false;
- break;
- }
- }
- if ( added )
- {
- addValues.add(*j);
- log_it(SLAPD_LOG_INFO,"Value added: " + *j);
- }
- }
- bool replace = false;
- if ( delValues.size() > 0 ) {
- if ( (addValues.size() > 0) && ( (int)delValues.size() == i->getNumValues()) ) {
- log_it(SLAPD_LOG_INFO,"All Values deleted, this is a replace" );
- modifications.addModification(
- LDAPModification( LDAPAttribute(i->getName(), addValues),
- LDAPModification::OP_REPLACE)
- );
- replace = true;
- } else {
- modifications.addModification(
- LDAPModification( LDAPAttribute(i->getName(), delValues ),
- LDAPModification::OP_DELETE)
- );
- }
- }
- if (addValues.size() > 0 && !replace ) {
- modifications.addModification(
- LDAPModification( LDAPAttribute(i->getName(), addValues),
- LDAPModification::OP_ADD)
- );
- }
- } else {
- log_it(SLAPD_LOG_INFO,"removed Attribute: " + i->getName() );
- modifications.addModification(
- LDAPModification( LDAPAttribute(i->getName()),
- LDAPModification::OP_DELETE)
- );
- }
- }
- i = m_dbEntryChanged.getAttributes()->begin();
- for(; i != m_dbEntryChanged.getAttributes()->end(); i++ )
- {
- log_it(SLAPD_LOG_INFO,i->getName() );
- const LDAPAttribute *old = m_dbEntry.getAttributeByName(i->getName());
- if (! old ) {
- log_it(SLAPD_LOG_INFO,"Attribute added: " + i->getName());
- if (! i->getValues().empty() )
- {
- modifications.addModification(
- LDAPModification( LDAPAttribute(i->getName(), i->getValues()),
- LDAPModification::OP_ADD)
- );
- }
- }
- }
- return modifications;
+void OlcTlsSettings::setCrlFile(const std::string& file)
+{
+ m_crlFile = file;
}
OlcConfig::OlcConfig(LDAPConnection *lc) : m_lc(lc)
@@ -1127,121 +1215,12 @@
OlcConfig::logCallback = lcb;
}
-OlcTlsSettings::OlcTlsSettings( const OlcGlobalConfig &ogc )
- : m_crlCheck(0), m_verifyCient(0)
-{
- log_it(SLAPD_LOG_INFO,"OlcTlsSettings::OlcTlsSettings( const OlcGlobalConfig &ogc )" );
- std::string value = ogc.getStringValue("olcTLSCRLCheck");
- if ( value == "none" )
- {
- m_crlCheck = 0;
- }
- else if ( value == "peer" )
- {
- m_crlCheck = 1;
- }
- else if ( value == "all" )
- {
- m_crlCheck = 2;
- }
- value = ogc.getStringValue("olcTLSVerifyClient");
- if ( value == "never" )
- {
- m_verifyCient = 0;
- }
- else if ( value == "allow" )
- {
- m_verifyCient = 1;
- }
- else if ( value == "try" )
- {
- m_verifyCient = 2;
- }
- else if ( value == "demand" )
- {
- m_verifyCient = 3;
- }
-
- m_caCertDir = ogc.getStringValue("olcTlsCaCertificatePath");
- m_caCertFile = ogc.getStringValue("olcTlsCaCertificateFile");
- m_certFile = ogc.getStringValue("olcTlsCertificateFile");
- m_certKeyFile = ogc.getStringValue("olcTlsCertificateKeyFile");
- m_crlFile = ogc.getStringValue("olcTlsCrlFile");
-}
-
-void OlcTlsSettings::applySettings( OlcGlobalConfig &ogc ) const
-{
- log_it(SLAPD_LOG_INFO,"OlcTlsSettings::applySettings( OlcGlobalConfig &ogc )" );
- ogc.setStringValue("olcTlsCaCertificatePath", m_caCertDir);
- ogc.setStringValue("olcTlsCaCertificateFile", m_caCertFile);
- ogc.setStringValue("olcTlsCertificateFile", m_certFile);
- ogc.setStringValue("olcTlsCertificateKeyFile", m_certKeyFile);
- ogc.setStringValue("olcTlsCrlFile", m_crlFile);
-}
-
-int OlcTlsSettings::getCrlCheck() const
-{
- return m_crlCheck;
-}
-
-void OlcTlsSettings::setCrlCheck()
-{
-}
-
-int OlcTlsSettings::getVerifyClient() const
-{
- return m_verifyCient;
-}
-
-void setVerifyClient()
-{
-}
-
-const std::string& OlcTlsSettings::getCaCertDir() const
-{
- return m_caCertDir;
-}
-
-const std::string& OlcTlsSettings::getCaCertFile() const
-{
- return m_caCertFile;
-}
-
-const std::string& OlcTlsSettings::getCertFile() const
-{
- return m_certFile;
-}
-const std::string& OlcTlsSettings::getCertKeyFile() const
-{
- return m_certKeyFile;
-}
-const std::string& OlcTlsSettings::getCrlFile() const
-{
- return m_crlFile;
-}
-
-void OlcTlsSettings::setCaCertDir(const std::string& dir)
-{
- m_caCertDir = dir;
-}
-
-void OlcTlsSettings::setCaCertFile(const std::string& file)
-{
- m_caCertFile = file;
-}
-
-void OlcTlsSettings::setCertFile(const std::string& file)
-{
- m_certFile = file;
-}
-void OlcTlsSettings::setCertKeyFile(const std::string& file)
+static void defaultLogCallback( int level, const std::string &msg,
+ const char* file=0, const int line=0, const char* function=0)
{
- m_certKeyFile = file;
+ std::cerr << msg << std::endl;
}
-void OlcTlsSettings::setCrlFile(const std::string& file)
-{
- m_crlFile = file;
-}
+SlapdConfigLogCallback *OlcConfig::logCallback = defaultLogCallback;
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50543 - in /trunk/ldap-server/src: LdapServer.pm agent/SlapdConfigAgent.cc tree_structure.ycp
by rhafer@svn.opensuse.org 02 Sep '08
by rhafer@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: rhafer
Date: Tue Sep 2 10:32:39 2008
New Revision: 50543
URL: http://svn.opensuse.org/viewcvs/yast?rev=50543&view=rev
Log:
Stubs for ACL read support
Modified:
trunk/ldap-server/src/LdapServer.pm
trunk/ldap-server/src/agent/SlapdConfigAgent.cc
trunk/ldap-server/src/tree_structure.ycp
Modified: trunk/ldap-server/src/LdapServer.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?re…
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Tue Sep 2 10:32:39 2008
@@ -1167,6 +1167,16 @@
return $rc;
}
+BEGIN { $TYPEINFO {ReadDatabaseAcl} = ["function", [ "list", [ "map", "string", "any" ] ], "integer" ]; }
+sub ReadDatabaseAcl
+{
+ my ($self, $index) = @_;
+ y2milestone("ReadDatabaseAcl ".$index);
+ my $rc = SCR->Read(".ldapserver.database.{".$index."}.acl" );
+ y2milestone( "ACL: ".Data::Dumper->Dump([$rc]) );
+ return $rc;
+}
+
BEGIN { $TYPEINFO {ChangeDatabaseAcl} = ["function", "boolean" , "integer", ["list", [ "map", "string", "any" ] ] ]; }
sub ChangeDatabaseAcl
{
Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfi…
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Tue Sep 2 10:32:39 2008
@@ -590,7 +590,6 @@
{
OlcOverlayList overlays = (*i)->getOverlays();
OlcOverlayList::const_iterator j = overlays.begin();
- YCPList resList;
for (; j != overlays.end(); j++ )
{
if ( (*j)->getType() == "ppolicy" )
@@ -617,7 +616,11 @@
}
}
return resMap;
- }
+ }
+ else if ( dbComponent == "acl" )
+ {
+ return resMap;
+ }
else
{
lastError->add(YCPString("summary"), YCPString("Read Failed") );
Modified: trunk/ldap-server/src/tree_structure.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/tree_structure.y…
==============================================================================
--- trunk/ldap-server/src/tree_structure.ycp (original)
+++ trunk/ldap-server/src/tree_structure.ycp Tue Sep 2 10:32:39 2008
@@ -753,6 +753,7 @@
y2milestone("cb_read_acl()");
string treeItem = current_tree_item;
integer index = (integer)widget_map[current_tree_item,"index"]:nil;
+ list<map> acllist = LdapServer::ReadDatabaseAcl( index );
return LdapDatabase::DbAclRead( index );
}
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50542 - in /trunk/storage/storage/src/include: ep-loop-lib.ycp ep-loop.ycp
by aschnell@svn.opensuse.org 02 Sep '08
by aschnell@svn.opensuse.org 02 Sep '08
02 Sep '08
Author: aschnell
Date: Tue Sep 2 10:24:27 2008
New Revision: 50542
URL: http://svn.opensuse.org/viewcvs/yast?rev=50542&view=rev
Log:
- work on messages
Modified:
trunk/storage/storage/src/include/ep-loop-lib.ycp
trunk/storage/storage/src/include/ep-loop.ycp
Modified: trunk/storage/storage/src/include/ep-loop-lib.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/storage/storage/src/include/ep-l…
==============================================================================
--- trunk/storage/storage/src/include/ep-loop-lib.ycp (original)
+++ trunk/storage/storage/src/include/ep-loop-lib.ycp Tue Sep 2 10:24:27 2008
@@ -20,8 +20,6 @@
if (DlgCreateLoop(data))
{
- Debug("create loop from data", data);
-
Storage::UpdateLoop(data["device"]:"", data["fpath"]:"",
data["create_file"]:false, data["size_k"]:0);
@@ -53,6 +51,7 @@
if (data["used_by"]:"" != "")
{
+ // error popup, %1 is replaced by device name
Popup::Error(sformat(_("The Crypt File %1 is in use. It cannot be
edited. To edit %1, make sure it is not used."), device));
return;
@@ -60,8 +59,6 @@
if (DlgEditLoop(data))
{
- Debug("edit loop from data", data);
-
Storage::ChangeVolumeProperties(data);
UpdateNavigationTree(nil);
@@ -75,6 +72,7 @@
{
if (device == nil)
{
+ // error popup
Popup::Error(_("No crypt file selected."));
return;
}
Modified: trunk/storage/storage/src/include/ep-loop.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/storage/storage/src/include/ep-l…
==============================================================================
--- trunk/storage/storage/src/include/ep-loop.ycp (original)
+++ trunk/storage/storage/src/include/ep-loop.ycp Tue Sep 2 10:24:27 2008
@@ -31,10 +31,12 @@
Greasemonkey::Transform(
`VBox(
`HStretch(),
+ // heading
`IconAndHeading(_("Crypt Files"), loop_icon),
`Table(`id(`table), `opt(`keepSorting, `notify),
table_header, table_contents),
`HBox(
+ // push button text
`Left(`PushButton(`id(`add), _("Add Crypt File..."))),
`HStretch()
)
@@ -42,7 +44,8 @@
)
);
- string helptext = _("<p>Crypt Files TODO</p>");
+ // helptext
+ string helptext = _("<p>This view shows all crypt files.</p>");
Wizard::RestoreHelp(helptext + StorageFields::TableHelptext(fields));
}
@@ -71,18 +74,23 @@
UI::ReplaceWidget(`tree_panel,
Greasemonkey::Transform(
`VBox(
+ // heading
`IconAndHeading(sformat(_("Crypt File: %1"), part_device), loop_icon),
`HStretch(),
StorageFields::Overview(fields, target_map, part_device),
`HBox(
+ // push button text
`PushButton(`id(`edit), _("Edit...")),
+ // push button text
`PushButton(`id(`delete), _("Delete...")),
`HStretch()
)
))
);
- string helptext = _("<p>Crypt Files TODO</p>");
+ // helptext
+ string helptext = _("<p>This view shows detailed information of the
+selected crypt file.</p>");
Wizard::RestoreHelp(helptext + StorageFields::OverviewHelptext(fields));
}
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50541 - /trunk/storage/storage/src/storage_finish.ycp
by aschnell@svn.opensuse.org 01 Sep '08
by aschnell@svn.opensuse.org 01 Sep '08
01 Sep '08
Author: aschnell
Date: Mon Sep 1 21:12:32 2008
New Revision: 50541
URL: http://svn.opensuse.org/viewcvs/yast?rev=50541&view=rev
Log:
- removed obsolete include
Modified:
trunk/storage/storage/src/storage_finish.ycp
Modified: trunk/storage/storage/src/storage_finish.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/storage/storage/src/storage_fini…
==============================================================================
--- trunk/storage/storage/src/storage_finish.ycp (original)
+++ trunk/storage/storage/src/storage_finish.ycp Mon Sep 1 21:12:32 2008
@@ -22,8 +22,6 @@
import "Installation";
import "Initrd";
-include "installation/misc.ycp";
-
any ret = nil;
string func = "";
map param = $[];
@@ -52,10 +50,9 @@
else if (func == "Write")
{
list<string> storage_initrdm = (list<string>)Storage::GetRootInitrdModules();
-
foreach(string m, storage_initrdm, {
Initrd::AddModule (m, "");
- });
+ });
if( !Mode::update () )
{
SCR::Execute (.target.mkdir, Installation::sourcedir);
@@ -82,5 +79,4 @@
y2milestone("storage_finish finished");
return ret;
-
} /* EOF */
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0
[yast-commit] r50540 - /trunk/storage/libstorage/src/Storage.cc
by aschnell@svn.opensuse.org 01 Sep '08
by aschnell@svn.opensuse.org 01 Sep '08
01 Sep '08
Author: aschnell
Date: Mon Sep 1 20:54:20 2008
New Revision: 50540
URL: http://svn.opensuse.org/viewcvs/yast?rev=50540&view=rev
Log:
- added text for TODOs (for better greping)
Modified:
trunk/storage/libstorage/src/Storage.cc
Modified: trunk/storage/libstorage/src/Storage.cc
URL: http://svn.opensuse.org/viewcvs/yast/trunk/storage/libstorage/src/Storage.c…
==============================================================================
--- trunk/storage/libstorage/src/Storage.cc (original)
+++ trunk/storage/libstorage/src/Storage.cc Mon Sep 1 20:54:20 2008
@@ -486,7 +486,7 @@
if( glob( (testdir+"/dmraid_*[!~0-9]").c_str(), GLOB_NOSORT, 0,
&globbuf) == 0)
{
- // TODO
+ // TODO: load test data
}
globfree (&globbuf);
}
@@ -527,7 +527,7 @@
if( glob( (testdir+"/dmmultipath_*[!~0-9]").c_str(), GLOB_NOSORT, 0,
&globbuf) == 0)
{
- // TODO
+ // TODO: load test data
}
globfree (&globbuf);
}
@@ -568,7 +568,7 @@
if( glob( (testdir+"/dm_*[!~0-9]").c_str(), GLOB_NOSORT, 0,
&globbuf) == 0)
{
- // TODO
+ // TODO: load test data
}
globfree (&globbuf);
}
--
To unsubscribe, e-mail: yast-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-commit+help(a)opensuse.org
1
0