Back to index

openldap  2.4.31
lastmod.c
Go to the documentation of this file.
00001 /* lastmod.c - returns last modification info */
00002 /* $OpenLDAP$ */
00003 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
00004  *
00005  * Copyright 2004-2012 The OpenLDAP Foundation.
00006  * All rights reserved.
00007  *
00008  * Redistribution and use in source and binary forms, with or without
00009  * modification, are permitted only as authorized by the OpenLDAP
00010  * Public License.
00011  *
00012  * A copy of this license is available in the file LICENSE in the
00013  * top-level directory of the distribution or, alternatively, at
00014  * <http://www.OpenLDAP.org/license.html>.
00015  */
00016 /* ACKNOWLEDGEMENTS:
00017  * This work was initially developed by Pierangelo Masarati for inclusion in
00018  * OpenLDAP Software.
00019  */
00020 
00021 #include "portable.h"
00022 
00023 #ifdef SLAPD_OVER_LASTMOD
00024 
00025 #include <stdio.h>
00026 
00027 #include <ac/string.h>
00028 #include <ac/socket.h>
00029 
00030 #include "slap.h"
00031 #include "lutil.h"
00032 
00033 typedef struct lastmod_info_t {
00034        struct berval        lmi_rdnvalue;
00035        Entry                *lmi_e;
00036        ldap_pvt_thread_mutex_t     lmi_entry_mutex;
00037        int                  lmi_enabled;
00038 } lastmod_info_t;
00039 
00040 struct lastmod_schema_t {
00041        ObjectClass          *lms_oc_lastmod;
00042        AttributeDescription *lms_ad_lastmodDN;
00043        AttributeDescription *lms_ad_lastmodType;
00044        AttributeDescription *lms_ad_lastmodEnabled;
00045 } lastmod_schema;
00046 
00047 enum lastmodType_e {
00048        LASTMOD_ADD = 0,
00049        LASTMOD_DELETE,
00050        LASTMOD_EXOP,
00051        LASTMOD_MODIFY,
00052        LASTMOD_MODRDN,
00053        LASTMOD_UNKNOWN
00054 };
00055 
00056 struct berval lastmodType[] = {
00057        BER_BVC( "add" ),
00058        BER_BVC( "delete" ),
00059        BER_BVC( "exop" ),
00060        BER_BVC( "modify" ),
00061        BER_BVC( "modrdn" ),
00062        BER_BVC( "unknown" ),
00063        BER_BVNULL
00064 };
00065 
00066 static struct m_s {
00067        char                 *schema;
00068        slap_mask_t          flags;
00069        int                  offset;
00070 } moc[] = {
00071        { "( 1.3.6.1.4.1.4203.666.3.13"
00072               "NAME 'lastmod' "
00073               "DESC 'OpenLDAP per-database last modification monitoring' "
00074               "STRUCTURAL "
00075               "SUP top "
00076               "MUST cn "
00077               "MAY ( "
00078                      "lastmodDN "
00079                      "$ lastmodType "
00080                      "$ description "
00081                      "$ seeAlso "
00082               ") )", SLAP_OC_OPERATIONAL|SLAP_OC_HIDE,
00083               offsetof( struct lastmod_schema_t, lms_oc_lastmod ) },
00084        { NULL }
00085 }, mat[] = {
00086        { "( 1.3.6.1.4.1.4203.666.1.28"
00087               "NAME 'lastmodDN' "
00088               "DESC 'DN of last modification' "
00089               "EQUALITY distinguishedNameMatch "
00090               "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 "
00091               "NO-USER-MODIFICATION "
00092               "USAGE directoryOperation )", SLAP_AT_HIDE,
00093               offsetof( struct lastmod_schema_t, lms_ad_lastmodDN ) },
00094        { "( 1.3.6.1.4.1.4203.666.1.29"
00095               "NAME 'lastmodType' "
00096               "DESC 'Type of last modification' "
00097               "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 "
00098               "EQUALITY caseIgnoreMatch "
00099               "SINGLE-VALUE "
00100               "NO-USER-MODIFICATION "
00101               "USAGE directoryOperation )", SLAP_AT_HIDE,
00102               offsetof( struct lastmod_schema_t, lms_ad_lastmodType ) },
00103        { "( 1.3.6.1.4.1.4203.666.1.30"
00104               "NAME 'lastmodEnabled' "
00105               "DESC 'Lastmod overlay state' "
00106               "SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 "
00107               "EQUALITY booleanMatch "
00108               "SINGLE-VALUE )", 0,
00109               offsetof( struct lastmod_schema_t, lms_ad_lastmodEnabled ) },
00110        { NULL }
00111 
00112        /* FIXME: what about UUID of last modified entry? */
00113 };
00114 
00115 static int
00116 lastmod_search( Operation *op, SlapReply *rs )
00117 {
00118        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00119        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00120        int                  rc;
00121 
00122        /* if we get here, it must be a success */
00123        rs->sr_err = LDAP_SUCCESS;
00124 
00125        ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
00126 
00127        rc = test_filter( op, lmi->lmi_e, op->oq_search.rs_filter );
00128        if ( rc == LDAP_COMPARE_TRUE ) {
00129               rs->sr_attrs = op->ors_attrs;
00130               rs->sr_flags = 0;
00131               rs->sr_entry = lmi->lmi_e;
00132               rs->sr_err = send_search_entry( op, rs );
00133               rs->sr_entry = NULL;
00134               rs->sr_flags = 0;
00135               rs->sr_attrs = NULL;
00136        }
00137 
00138        ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00139 
00140        send_ldap_result( op, rs );
00141 
00142        return 0;
00143 }
00144 
00145 static int
00146 lastmod_compare( Operation *op, SlapReply *rs )
00147 {
00148        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00149        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00150        Attribute            *a;
00151 
00152        ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
00153 
00154        if ( get_assert( op ) &&
00155               ( test_filter( op, lmi->lmi_e, get_assertion( op ) ) != LDAP_COMPARE_TRUE ) )
00156        {
00157               rs->sr_err = LDAP_ASSERTION_FAILED;
00158               goto return_results;
00159        }
00160 
00161        rs->sr_err = access_allowed( op, lmi->lmi_e, op->oq_compare.rs_ava->aa_desc,
00162               &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
00163        if ( ! rs->sr_err ) {
00164               rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
00165               goto return_results;
00166        }
00167 
00168        rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
00169 
00170        for ( a = attr_find( lmi->lmi_e->e_attrs, op->oq_compare.rs_ava->aa_desc );
00171               a != NULL;
00172               a = attr_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
00173        {
00174               rs->sr_err = LDAP_COMPARE_FALSE;
00175 
00176               if ( value_find_ex( op->oq_compare.rs_ava->aa_desc,
00177                      SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
00178                             SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
00179                      a->a_nvals, &op->oq_compare.rs_ava->aa_value, op->o_tmpmemctx ) == 0 )
00180               {
00181                      rs->sr_err = LDAP_COMPARE_TRUE;
00182                      break;
00183               }
00184        }
00185 
00186 return_results:;
00187 
00188        ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00189 
00190        send_ldap_result( op, rs );
00191 
00192        if( rs->sr_err == LDAP_COMPARE_FALSE || rs->sr_err == LDAP_COMPARE_TRUE ) {
00193               rs->sr_err = LDAP_SUCCESS;
00194        }
00195 
00196        return rs->sr_err;
00197 }
00198 
00199 static int
00200 lastmod_exop( Operation *op, SlapReply *rs )
00201 {
00202        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00203 
00204        /* Temporary */
00205 
00206        op->o_bd->bd_info = (BackendInfo *)on->on_info;
00207        rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00208        rs->sr_text = "not allowed within namingContext";
00209        send_ldap_result( op, rs );
00210        rs->sr_text = NULL;
00211        
00212        return -1;
00213 }
00214 
00215 static int
00216 lastmod_modify( Operation *op, SlapReply *rs )
00217 {
00218        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00219        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00220        Modifications        *ml;
00221 
00222        ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
00223 
00224        if ( !acl_check_modlist( op, lmi->lmi_e, op->orm_modlist ) ) {
00225               rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
00226               goto cleanup;
00227        }
00228 
00229        for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
00230               Attribute     *a;
00231 
00232               if ( ml->sml_desc != lastmod_schema.lms_ad_lastmodEnabled ) {
00233                      continue;
00234               }
00235 
00236               if ( ml->sml_op != LDAP_MOD_REPLACE ) {
00237                      rs->sr_text = "unsupported mod type";
00238                      rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00239                      goto cleanup;
00240               }
00241               
00242               a = attr_find( lmi->lmi_e->e_attrs, ml->sml_desc );
00243 
00244               if ( a == NULL ) {
00245                      rs->sr_text = "lastmod overlay internal error";
00246                      rs->sr_err = LDAP_OTHER;
00247                      goto cleanup;
00248               }
00249 
00250               ch_free( a->a_vals[ 0 ].bv_val );
00251               ber_dupbv( &a->a_vals[ 0 ], &ml->sml_values[ 0 ] );
00252               if ( a->a_nvals ) {
00253                      ch_free( a->a_nvals[ 0 ].bv_val );
00254                      if ( ml->sml_nvalues && !BER_BVISNULL( &ml->sml_nvalues[ 0 ] ) ) {
00255                             ber_dupbv( &a->a_nvals[ 0 ], &ml->sml_nvalues[ 0 ] );
00256                      } else {
00257                             ber_dupbv( &a->a_nvals[ 0 ], &ml->sml_values[ 0 ] );
00258                      }
00259               }
00260 
00261               if ( strcmp( ml->sml_values[ 0 ].bv_val, "TRUE" ) == 0 ) {
00262                      lmi->lmi_enabled = 1;
00263               } else if ( strcmp( ml->sml_values[ 0 ].bv_val, "FALSE" ) == 0 ) {
00264                      lmi->lmi_enabled = 0;
00265               } else {
00266                      assert( 0 );
00267               }
00268        }
00269 
00270        rs->sr_err = LDAP_SUCCESS;
00271 
00272 cleanup:;
00273        ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00274 
00275        send_ldap_result( op, rs );
00276        rs->sr_text = NULL;
00277 
00278        return rs->sr_err;
00279 }
00280 
00281 static int
00282 lastmod_op_func( Operation *op, SlapReply *rs )
00283 {
00284        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00285        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00286        Modifications        *ml;
00287 
00288        if ( dn_match( &op->o_req_ndn, &lmi->lmi_e->e_nname ) ) {
00289               switch ( op->o_tag ) {
00290               case LDAP_REQ_SEARCH:
00291                      if ( op->ors_scope != LDAP_SCOPE_BASE ) {
00292                             goto return_referral;
00293                      }
00294                      /* process */
00295                      return lastmod_search( op, rs );
00296 
00297               case LDAP_REQ_COMPARE:
00298                      return lastmod_compare( op, rs );
00299 
00300               case LDAP_REQ_EXTENDED:
00301                      /* if write, reject; otherwise process */
00302                      if ( exop_is_write( op )) {
00303                             rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00304                             rs->sr_text = "not allowed within namingContext";
00305                             goto return_error;
00306                      }
00307                      return lastmod_exop( op, rs );
00308 
00309               case LDAP_REQ_MODIFY:
00310                      /* allow only changes to overlay status */
00311                      for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
00312                             if ( ad_cmp( ml->sml_desc, slap_schema.si_ad_modifiersName ) != 0
00313                                           && ad_cmp( ml->sml_desc, slap_schema.si_ad_modifyTimestamp ) != 0
00314                                           && ad_cmp( ml->sml_desc, slap_schema.si_ad_entryCSN ) != 0
00315                                           && ad_cmp( ml->sml_desc, lastmod_schema.lms_ad_lastmodEnabled ) != 0 )
00316                             {
00317                                    rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00318                                    rs->sr_text = "not allowed within namingContext";
00319                                    goto return_error;
00320                             }
00321                      }
00322                      return lastmod_modify( op, rs );
00323 
00324               default:
00325                      rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00326                      rs->sr_text = "not allowed within namingContext";
00327                      goto return_error;
00328               }
00329        }
00330 
00331        if ( dnIsSuffix( &op->o_req_ndn, &lmi->lmi_e->e_nname ) ) {
00332               goto return_referral;
00333        }
00334 
00335        return SLAP_CB_CONTINUE;
00336 
00337 return_referral:;
00338        op->o_bd->bd_info = (BackendInfo *)on->on_info;
00339        rs->sr_ref = referral_rewrite( default_referral,
00340                      NULL, &op->o_req_dn, op->ors_scope );
00341 
00342        if ( !rs->sr_ref ) {
00343               rs->sr_ref = default_referral;
00344        }
00345        rs->sr_err = LDAP_REFERRAL;
00346        send_ldap_result( op, rs );
00347 
00348        if ( rs->sr_ref != default_referral ) {
00349               ber_bvarray_free( rs->sr_ref );
00350        }
00351        rs->sr_ref = NULL;
00352 
00353        return -1;
00354 
00355 return_error:;
00356        op->o_bd->bd_info = (BackendInfo *)on->on_info;
00357        send_ldap_result( op, rs );
00358        rs->sr_text = NULL;
00359 
00360        return -1;
00361 }
00362 
00363 static int
00364 best_guess( Operation *op,
00365               struct berval *bv_entryCSN, struct berval *bv_nentryCSN,
00366               struct berval *bv_modifyTimestamp, struct berval *bv_nmodifyTimestamp,
00367               struct berval *bv_modifiersName, struct berval *bv_nmodifiersName )
00368 {
00369        if ( bv_entryCSN ) {
00370               char          csnbuf[ LDAP_PVT_CSNSTR_BUFSIZE ];
00371               struct berval entryCSN;
00372        
00373               entryCSN.bv_val = csnbuf;
00374               entryCSN.bv_len = sizeof( csnbuf );
00375               slap_get_csn( NULL, &entryCSN, 0 );
00376 
00377               ber_dupbv( bv_entryCSN, &entryCSN );
00378               ber_dupbv( bv_nentryCSN, &entryCSN );
00379        }
00380 
00381        if ( bv_modifyTimestamp ) {
00382               char          tmbuf[ LDAP_LUTIL_GENTIME_BUFSIZE ];
00383               struct berval timestamp;
00384               time_t        currtime;
00385 
00386               /* best guess */
00387 #if 0
00388               currtime = slap_get_time();
00389 #endif
00390               /* maybe we better use the time the operation was initiated */
00391               currtime = op->o_time;
00392 
00393               timestamp.bv_val = tmbuf;
00394               timestamp.bv_len = sizeof(tmbuf);
00395               slap_timestamp( &currtime, &timestamp );
00396 
00397               ber_dupbv( bv_modifyTimestamp, &timestamp );
00398               ber_dupbv( bv_nmodifyTimestamp, bv_modifyTimestamp );
00399        }
00400 
00401        if ( bv_modifiersName ) {
00402               /* best guess */
00403               ber_dupbv( bv_modifiersName, &op->o_dn );
00404               ber_dupbv( bv_nmodifiersName, &op->o_ndn );
00405        }
00406 
00407        return 0;
00408 }
00409 
00410 static int
00411 lastmod_update( Operation *op, SlapReply *rs )
00412 {
00413        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00414        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00415        Attribute            *a;
00416        Modifications        *ml = NULL;
00417        struct berval        bv_entryCSN = BER_BVNULL,
00418                             bv_nentryCSN = BER_BVNULL,
00419                             bv_modifyTimestamp = BER_BVNULL,
00420                             bv_nmodifyTimestamp = BER_BVNULL,
00421                             bv_modifiersName = BER_BVNULL,
00422                             bv_nmodifiersName = BER_BVNULL,
00423                             bv_name = BER_BVNULL,
00424                             bv_nname = BER_BVNULL;
00425        enum lastmodType_e   lmt = LASTMOD_UNKNOWN;
00426        Entry                *e = NULL;
00427        int                  rc = -1;
00428 
00429        /* FIXME: timestamp? modifier? */
00430        switch ( op->o_tag ) {
00431        case LDAP_REQ_ADD:
00432               lmt = LASTMOD_ADD;
00433               e = op->ora_e;
00434               a = attr_find( e->e_attrs, slap_schema.si_ad_entryCSN );
00435               if ( a != NULL ) {
00436                      ber_dupbv( &bv_entryCSN, &a->a_vals[0] );
00437                      if ( a->a_nvals && !BER_BVISNULL( &a->a_nvals[0] ) ) {
00438                             ber_dupbv( &bv_nentryCSN, &a->a_nvals[0] );
00439                      } else {
00440                             ber_dupbv( &bv_nentryCSN, &a->a_vals[0] );
00441                      }
00442               }
00443               a = attr_find( e->e_attrs, slap_schema.si_ad_modifyTimestamp );
00444               if ( a != NULL ) {
00445                      ber_dupbv( &bv_modifyTimestamp, &a->a_vals[0] );
00446                      if ( a->a_nvals && !BER_BVISNULL( &a->a_nvals[0] ) ) {
00447                             ber_dupbv( &bv_nmodifyTimestamp, &a->a_nvals[0] );
00448                      } else {
00449                             ber_dupbv( &bv_nmodifyTimestamp, &a->a_vals[0] );
00450                      }
00451               }
00452               a = attr_find( e->e_attrs, slap_schema.si_ad_modifiersName );
00453               if ( a != NULL ) {
00454                      ber_dupbv( &bv_modifiersName, &a->a_vals[0] );
00455                      ber_dupbv( &bv_nmodifiersName, &a->a_nvals[0] );
00456               }
00457               ber_dupbv( &bv_name, &e->e_name );
00458               ber_dupbv( &bv_nname, &e->e_nname );
00459               break;
00460 
00461        case LDAP_REQ_DELETE:
00462               lmt = LASTMOD_DELETE;
00463 
00464               best_guess( op, &bv_entryCSN, &bv_nentryCSN,
00465                             &bv_modifyTimestamp, &bv_nmodifyTimestamp,
00466                             &bv_modifiersName, &bv_nmodifiersName );
00467 
00468               ber_dupbv( &bv_name, &op->o_req_dn );
00469               ber_dupbv( &bv_nname, &op->o_req_ndn );
00470               break;
00471 
00472        case LDAP_REQ_EXTENDED:
00473               lmt = LASTMOD_EXOP;
00474 
00475               /* actually, password change is wrapped around a backend 
00476                * call to modify, so it never shows up as an exop... */
00477               best_guess( op, &bv_entryCSN, &bv_nentryCSN,
00478                             &bv_modifyTimestamp, &bv_nmodifyTimestamp,
00479                             &bv_modifiersName, &bv_nmodifiersName );
00480 
00481               ber_dupbv( &bv_name, &op->o_req_dn );
00482               ber_dupbv( &bv_nname, &op->o_req_ndn );
00483               break;
00484 
00485        case LDAP_REQ_MODIFY:
00486               lmt = LASTMOD_MODIFY;
00487               rc = 3;
00488 
00489               for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
00490                      if ( ad_cmp( ml->sml_desc , slap_schema.si_ad_modifiersName ) == 0 ) {
00491                             ber_dupbv( &bv_modifiersName, &ml->sml_values[0] );
00492                             ber_dupbv( &bv_nmodifiersName, &ml->sml_nvalues[0] );
00493 
00494                             rc--;
00495                             if ( !rc ) {
00496                                    break;
00497                             }
00498 
00499                      } else if ( ad_cmp( ml->sml_desc, slap_schema.si_ad_entryCSN ) == 0 ) {
00500                             ber_dupbv( &bv_entryCSN, &ml->sml_values[0] );
00501                             if ( ml->sml_nvalues && !BER_BVISNULL( &ml->sml_nvalues[0] ) ) {
00502                                    ber_dupbv( &bv_nentryCSN, &ml->sml_nvalues[0] );
00503                             } else {
00504                                    ber_dupbv( &bv_nentryCSN, &ml->sml_values[0] );
00505                             }
00506 
00507                             rc --;
00508                             if ( !rc ) {
00509                                    break;
00510                             }
00511 
00512                      } else if ( ad_cmp( ml->sml_desc, slap_schema.si_ad_modifyTimestamp ) == 0 ) {
00513                             ber_dupbv( &bv_modifyTimestamp, &ml->sml_values[0] );
00514                             if ( ml->sml_nvalues && !BER_BVISNULL( &ml->sml_nvalues[0] ) ) {
00515                                    ber_dupbv( &bv_nmodifyTimestamp, &ml->sml_nvalues[0] );
00516                             } else {
00517                                    ber_dupbv( &bv_nmodifyTimestamp, &ml->sml_values[0] );
00518                             }
00519 
00520                             rc --;
00521                             if ( !rc ) {
00522                                    break;
00523                             }
00524                      }
00525               }
00526 
00527               /* if rooted at global overlay, opattrs are not yet in place */
00528               if ( BER_BVISNULL( &bv_modifiersName ) ) {
00529                      best_guess( op, NULL, NULL, NULL, NULL, &bv_modifiersName, &bv_nmodifiersName );
00530               }
00531 
00532               if ( BER_BVISNULL( &bv_entryCSN ) ) {
00533                      best_guess( op, &bv_entryCSN, &bv_nentryCSN, NULL, NULL, NULL, NULL );
00534               }
00535 
00536               if ( BER_BVISNULL( &bv_modifyTimestamp ) ) {
00537                      best_guess( op, NULL, NULL, &bv_modifyTimestamp, &bv_nmodifyTimestamp, NULL, NULL );
00538               }
00539 
00540               ber_dupbv( &bv_name, &op->o_req_dn );
00541               ber_dupbv( &bv_nname, &op->o_req_ndn );
00542               break;
00543 
00544        case LDAP_REQ_MODRDN:
00545               lmt = LASTMOD_MODRDN;
00546               e = NULL;
00547 
00548               if ( op->orr_newSup && !BER_BVISNULL( op->orr_newSup ) ) {
00549                      build_new_dn( &bv_name, op->orr_newSup, &op->orr_newrdn, NULL );
00550                      build_new_dn( &bv_nname, op->orr_nnewSup, &op->orr_nnewrdn, NULL );
00551 
00552               } else {
00553                      struct berval pdn;
00554 
00555                      dnParent( &op->o_req_dn, &pdn );
00556                      build_new_dn( &bv_name, &pdn, &op->orr_newrdn, NULL );
00557 
00558                      dnParent( &op->o_req_ndn, &pdn );
00559                      build_new_dn( &bv_nname, &pdn, &op->orr_nnewrdn, NULL );
00560               }
00561 
00562               if ( on->on_info->oi_orig->bi_entry_get_rw ) {
00563                      BackendInfo   *bi = op->o_bd->bd_info;
00564                      int           rc;
00565 
00566                      op->o_bd->bd_info = (BackendInfo *)on->on_info->oi_orig;
00567                      rc = op->o_bd->bd_info->bi_entry_get_rw( op, &bv_name, NULL, NULL, 0, &e );
00568                      if ( rc == LDAP_SUCCESS ) {
00569                             a = attr_find( e->e_attrs, slap_schema.si_ad_modifiersName );
00570                             if ( a != NULL ) {
00571                                    ber_dupbv( &bv_modifiersName, &a->a_vals[0] );
00572                                    ber_dupbv( &bv_nmodifiersName, &a->a_nvals[0] );
00573                             }
00574                             a = attr_find( e->e_attrs, slap_schema.si_ad_entryCSN );
00575                             if ( a != NULL ) {
00576                                    ber_dupbv( &bv_entryCSN, &a->a_vals[0] );
00577                                    if ( a->a_nvals && !BER_BVISNULL( &a->a_nvals[0] ) ) {
00578                                           ber_dupbv( &bv_nentryCSN, &a->a_nvals[0] );
00579                                    } else {
00580                                           ber_dupbv( &bv_nentryCSN, &a->a_vals[0] );
00581                                    }
00582                             }
00583                             a = attr_find( e->e_attrs, slap_schema.si_ad_modifyTimestamp );
00584                             if ( a != NULL ) {
00585                                    ber_dupbv( &bv_modifyTimestamp, &a->a_vals[0] );
00586                                    if ( a->a_nvals && !BER_BVISNULL( &a->a_nvals[0] ) ) {
00587                                           ber_dupbv( &bv_nmodifyTimestamp, &a->a_nvals[0] );
00588                                    } else {
00589                                           ber_dupbv( &bv_nmodifyTimestamp, &a->a_vals[0] );
00590                                    }
00591                             }
00592 
00593                             assert( dn_match( &bv_name, &e->e_name ) );
00594                             assert( dn_match( &bv_nname, &e->e_nname ) );
00595 
00596                             op->o_bd->bd_info->bi_entry_release_rw( op, e, 0 );
00597                      }
00598 
00599                      op->o_bd->bd_info = bi;
00600 
00601               }
00602 
00603               /* if !bi_entry_get_rw || bi_entry_get_rw failed for any reason... */
00604               if ( e == NULL ) {
00605                      best_guess( op, &bv_entryCSN, &bv_nentryCSN,
00606                                    &bv_modifyTimestamp, &bv_nmodifyTimestamp,
00607                                    &bv_modifiersName, &bv_nmodifiersName );
00608               }
00609 
00610               break;
00611 
00612        default:
00613               return -1;
00614        }
00615        
00616        ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
00617 
00618 #if 0
00619        fprintf( stderr, "### lastmodDN: %s %s\n", bv_name.bv_val, bv_nname.bv_val );
00620 #endif
00621 
00622        a = attr_find( lmi->lmi_e->e_attrs, lastmod_schema.lms_ad_lastmodDN );
00623        if ( a == NULL ) {
00624               goto error_return;
00625        }
00626        ch_free( a->a_vals[0].bv_val );
00627        a->a_vals[0] = bv_name;
00628        ch_free( a->a_nvals[0].bv_val );
00629        a->a_nvals[0] = bv_nname;
00630 
00631 #if 0
00632        fprintf( stderr, "### lastmodType: %s %s\n", lastmodType[ lmt ].bv_val, lastmodType[ lmt ].bv_val );
00633 #endif
00634 
00635        a = attr_find( lmi->lmi_e->e_attrs, lastmod_schema.lms_ad_lastmodType );
00636        if ( a == NULL ) {
00637               goto error_return;
00638        } 
00639        ch_free( a->a_vals[0].bv_val );
00640        ber_dupbv( &a->a_vals[0], &lastmodType[ lmt ] );
00641        ch_free( a->a_nvals[0].bv_val );
00642        ber_dupbv( &a->a_nvals[0], &lastmodType[ lmt ] );
00643 
00644 #if 0
00645        fprintf( stderr, "### modifiersName: %s %s\n", bv_modifiersName.bv_val, bv_nmodifiersName.bv_val );
00646 #endif
00647 
00648        a = attr_find( lmi->lmi_e->e_attrs, slap_schema.si_ad_modifiersName );
00649        if ( a == NULL ) {
00650               goto error_return;
00651        } 
00652        ch_free( a->a_vals[0].bv_val );
00653        a->a_vals[0] = bv_modifiersName;
00654        ch_free( a->a_nvals[0].bv_val );
00655        a->a_nvals[0] = bv_nmodifiersName;
00656 
00657 #if 0
00658        fprintf( stderr, "### modifyTimestamp: %s %s\n", bv_nmodifyTimestamp.bv_val, bv_modifyTimestamp.bv_val );
00659 #endif
00660 
00661        a = attr_find( lmi->lmi_e->e_attrs, slap_schema.si_ad_modifyTimestamp );
00662        if ( a == NULL ) {
00663               goto error_return;
00664        } 
00665        ch_free( a->a_vals[0].bv_val );
00666        a->a_vals[0] = bv_modifyTimestamp;
00667        ch_free( a->a_nvals[0].bv_val );
00668        a->a_nvals[0] = bv_nmodifyTimestamp;
00669 
00670 #if 0
00671        fprintf( stderr, "### entryCSN: %s %s\n", bv_nentryCSN.bv_val, bv_entryCSN.bv_val );
00672 #endif
00673 
00674        a = attr_find( lmi->lmi_e->e_attrs, slap_schema.si_ad_entryCSN );
00675        if ( a == NULL ) {
00676               goto error_return;
00677        } 
00678        ch_free( a->a_vals[0].bv_val );
00679        a->a_vals[0] = bv_entryCSN;
00680        ch_free( a->a_nvals[0].bv_val );
00681        a->a_nvals[0] = bv_nentryCSN;
00682 
00683        rc = 0;
00684 
00685 error_return:;
00686        ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00687        
00688        return rc;
00689 }
00690 
00691 static int
00692 lastmod_response( Operation *op, SlapReply *rs )
00693 {
00694        slap_overinst        *on = (slap_overinst *)op->o_bd->bd_info;
00695        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00696 
00697        /* don't record failed operations */
00698        switch ( rs->sr_err ) {
00699        case LDAP_SUCCESS:
00700               /* FIXME: other cases? */
00701               break;
00702 
00703        default:
00704               return SLAP_CB_CONTINUE;
00705        }
00706 
00707        /* record only write operations */
00708        switch ( op->o_tag ) {
00709        case LDAP_REQ_ADD:
00710        case LDAP_REQ_MODIFY:
00711        case LDAP_REQ_MODRDN:
00712        case LDAP_REQ_DELETE:
00713               break;
00714 
00715        case LDAP_REQ_EXTENDED:
00716               /* if write, process */
00717               if ( exop_is_write( op ))
00718                      break;
00719 
00720               /* fall thru */
00721        default:
00722               return SLAP_CB_CONTINUE;
00723        }
00724 
00725        /* skip if disabled */
00726        ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
00727        if ( !lmi->lmi_enabled ) {
00728               ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00729               return SLAP_CB_CONTINUE;
00730        }
00731        ldap_pvt_thread_mutex_unlock( &lmi->lmi_entry_mutex );
00732 
00733        (void)lastmod_update( op, rs );
00734 
00735        return SLAP_CB_CONTINUE;
00736 }
00737 
00738 static int
00739 lastmod_db_init(
00740        BackendDB *be
00741 )
00742 {
00743        slap_overinst        *on = (slap_overinst *)be->bd_info;
00744        lastmod_info_t              *lmi;
00745 
00746        if ( lastmod_schema.lms_oc_lastmod == NULL ) {
00747               int           i;
00748               const char    *text;
00749 
00750               /* schema integration */
00751               for ( i = 0; mat[i].schema; i++ ) {
00752                      int                  code;
00753                      AttributeDescription **ad =
00754                             ((AttributeDescription **)&(((char *)&lastmod_schema)[mat[i].offset]));
00755                      ad[0] = NULL;
00756 
00757                      code = register_at( mat[i].schema, ad, 0 );
00758                      if ( code ) {
00759                             Debug( LDAP_DEBUG_ANY,
00760                                    "lastmod_init: register_at failed\n", 0, 0, 0 );
00761                             return -1;
00762                      }
00763                      (*ad)->ad_type->sat_flags |= mat[i].flags;
00764               }
00765 
00766               for ( i = 0; moc[i].schema; i++ ) {
00767                      int                  code;
00768                      ObjectClass          **Oc =
00769                             ((ObjectClass **)&(((char *)&lastmod_schema)[moc[i].offset]));
00770        
00771                      code = register_oc( moc[i].schema, Oc, 0 );
00772                      if ( code ) {
00773                             Debug( LDAP_DEBUG_ANY,
00774                                    "lastmod_init: register_oc failed\n", 0, 0, 0 );
00775                             return -1;
00776                      }
00777                      (*Oc)->soc_flags |= moc[i].flags;
00778               }
00779        }
00780 
00781        lmi = (lastmod_info_t *)ch_malloc( sizeof( lastmod_info_t ) );
00782 
00783        memset( lmi, 0, sizeof( lastmod_info_t ) );
00784        lmi->lmi_enabled = 1;
00785        
00786        on->on_bi.bi_private = lmi;
00787 
00788        return 0;
00789 }
00790 
00791 static int
00792 lastmod_db_config(
00793        BackendDB     *be,
00794        const char    *fname,
00795        int           lineno,
00796        int           argc,
00797        char   **argv
00798 )
00799 {
00800        slap_overinst        *on = (slap_overinst *)be->bd_info;
00801        lastmod_info_t              *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00802 
00803        if ( strcasecmp( argv[ 0 ], "lastmod-rdnvalue" ) == 0 ) {
00804               if ( lmi->lmi_rdnvalue.bv_val ) {
00805                      /* already defined! */
00806                      ch_free( lmi->lmi_rdnvalue.bv_val );
00807               }
00808 
00809               ber_str2bv( argv[ 1 ], 0, 1, &lmi->lmi_rdnvalue );
00810 
00811        } else if ( strcasecmp( argv[ 0 ], "lastmod-enabled" ) == 0 ) {
00812               if ( strcasecmp( argv[ 1 ], "yes" ) == 0 ) {
00813                      lmi->lmi_enabled = 1;
00814 
00815               } else if ( strcasecmp( argv[ 1 ], "no" ) == 0 ) {
00816                      lmi->lmi_enabled = 0;
00817 
00818               } else {
00819                      return -1;
00820               }
00821 
00822        } else {
00823               return SLAP_CONF_UNKNOWN;
00824        }
00825 
00826        return 0;
00827 }
00828 
00829 static int
00830 lastmod_db_open(
00831        BackendDB *be
00832 )
00833 {
00834        slap_overinst *on = (slap_overinst *) be->bd_info;
00835        lastmod_info_t       *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00836        char          buf[ 8192 ];
00837        static char          tmbuf[ LDAP_LUTIL_GENTIME_BUFSIZE ];
00838 
00839        char                 csnbuf[ LDAP_PVT_CSNSTR_BUFSIZE ];
00840        struct berval        entryCSN;
00841        struct berval timestamp;
00842 
00843        if ( !SLAP_LASTMOD( be ) ) {
00844               fprintf( stderr, "set \"lastmod on\" to make this overlay effective\n" );
00845               return -1;
00846        }
00847 
00848        /*
00849         * Start
00850         */
00851        timestamp.bv_val = tmbuf;
00852        timestamp.bv_len = sizeof(tmbuf);
00853        slap_timestamp( &starttime, &timestamp );
00854 
00855        entryCSN.bv_val = csnbuf;
00856        entryCSN.bv_len = sizeof( csnbuf );
00857        slap_get_csn( NULL, &entryCSN, 0 );
00858 
00859        if ( BER_BVISNULL( &lmi->lmi_rdnvalue ) ) {
00860               ber_str2bv( "Lastmod", 0, 1, &lmi->lmi_rdnvalue );
00861        }
00862 
00863        snprintf( buf, sizeof( buf ),
00864                      "dn: cn=%s%s%s\n"
00865                      "objectClass: %s\n"
00866                      "structuralObjectClass: %s\n"
00867                      "cn: %s\n"
00868                      "description: This object contains the last modification to this database\n"
00869                      "%s: cn=%s%s%s\n"
00870                      "%s: %s\n"
00871                      "%s: %s\n"
00872                      "createTimestamp: %s\n"
00873                      "creatorsName: %s\n"
00874                      "entryCSN: %s\n"
00875                      "modifyTimestamp: %s\n"
00876                      "modifiersName: %s\n"
00877                      "hasSubordinates: FALSE\n",
00878                      lmi->lmi_rdnvalue.bv_val, BER_BVISEMPTY( &be->be_suffix[ 0 ] ) ? "" : ",", be->be_suffix[ 0 ].bv_val,
00879                      lastmod_schema.lms_oc_lastmod->soc_cname.bv_val,
00880                      lastmod_schema.lms_oc_lastmod->soc_cname.bv_val,
00881                      lmi->lmi_rdnvalue.bv_val,
00882                      lastmod_schema.lms_ad_lastmodDN->ad_cname.bv_val,
00883                             lmi->lmi_rdnvalue.bv_val, BER_BVISEMPTY( &be->be_suffix[ 0 ] ) ? "" : ",", be->be_suffix[ 0 ].bv_val,
00884                      lastmod_schema.lms_ad_lastmodType->ad_cname.bv_val, lastmodType[ LASTMOD_ADD ].bv_val,
00885                      lastmod_schema.lms_ad_lastmodEnabled->ad_cname.bv_val, lmi->lmi_enabled ? "TRUE" : "FALSE",
00886                      tmbuf,
00887                      BER_BVISNULL( &be->be_rootdn ) ? SLAPD_ANONYMOUS : be->be_rootdn.bv_val,
00888                      entryCSN.bv_val,
00889                      tmbuf,
00890                      BER_BVISNULL( &be->be_rootdn ) ? SLAPD_ANONYMOUS : be->be_rootdn.bv_val );
00891 
00892 #if 0
00893        fprintf( stderr, "# entry:\n%s\n", buf );
00894 #endif
00895 
00896        lmi->lmi_e = str2entry( buf );
00897        if ( lmi->lmi_e == NULL ) {
00898               return -1;
00899        }
00900 
00901        ldap_pvt_thread_mutex_init( &lmi->lmi_entry_mutex );
00902 
00903        return 0;
00904 }
00905 
00906 static int
00907 lastmod_db_destroy(
00908        BackendDB *be
00909 )
00910 {
00911        slap_overinst *on = (slap_overinst *)be->bd_info;
00912        lastmod_info_t       *lmi = (lastmod_info_t *)on->on_bi.bi_private;
00913 
00914        if ( lmi ) {
00915               if ( !BER_BVISNULL( &lmi->lmi_rdnvalue ) ) {
00916                      ch_free( lmi->lmi_rdnvalue.bv_val );
00917               }
00918 
00919               if ( lmi->lmi_e ) {
00920                      entry_free( lmi->lmi_e );
00921 
00922                      ldap_pvt_thread_mutex_destroy( &lmi->lmi_entry_mutex );
00923               }
00924 
00925               ch_free( lmi );
00926        }
00927 
00928        return 0;
00929 }
00930 
00931 /* This overlay is set up for dynamic loading via moduleload. For static
00932  * configuration, you'll need to arrange for the slap_overinst to be
00933  * initialized and registered by some other function inside slapd.
00934  */
00935 
00936 static slap_overinst               lastmod;
00937 
00938 int
00939 lastmod_initialize()
00940 {
00941        lastmod.on_bi.bi_type = "lastmod";
00942        lastmod.on_bi.bi_db_init = lastmod_db_init;
00943        lastmod.on_bi.bi_db_config = lastmod_db_config;
00944        lastmod.on_bi.bi_db_destroy = lastmod_db_destroy;
00945        lastmod.on_bi.bi_db_open = lastmod_db_open;
00946 
00947        lastmod.on_bi.bi_op_add = lastmod_op_func;
00948        lastmod.on_bi.bi_op_compare = lastmod_op_func;
00949        lastmod.on_bi.bi_op_delete = lastmod_op_func;
00950        lastmod.on_bi.bi_op_modify = lastmod_op_func;
00951        lastmod.on_bi.bi_op_modrdn = lastmod_op_func;
00952        lastmod.on_bi.bi_op_search = lastmod_op_func;
00953        lastmod.on_bi.bi_extended = lastmod_op_func;
00954 
00955        lastmod.on_response = lastmod_response;
00956 
00957        return overlay_register( &lastmod );
00958 }
00959 
00960 #if SLAPD_OVER_LASTMOD == SLAPD_MOD_DYNAMIC
00961 int
00962 init_module( int argc, char *argv[] )
00963 {
00964        return lastmod_initialize();
00965 }
00966 #endif /* SLAPD_OVER_LASTMOD == SLAPD_MOD_DYNAMIC */
00967 
00968 #endif /* defined(SLAPD_OVER_LASTMOD) */