Back to index

openldap  2.4.31
log.c
Go to the documentation of this file.
00001 /* log.c - deal with log subsystem */
00002 /* $OpenLDAP$ */
00003 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
00004  *
00005  * Copyright 2001-2012 The OpenLDAP Foundation.
00006  * Portions Copyright 2001-2003 Pierangelo Masarati.
00007  * All rights reserved.
00008  *
00009  * Redistribution and use in source and binary forms, with or without
00010  * modification, are permitted only as authorized by the OpenLDAP
00011  * Public License.
00012  *
00013  * A copy of this license is available in file LICENSE in the
00014  * top-level directory of the distribution or, alternatively, at
00015  * <http://www.OpenLDAP.org/license.html>.
00016  */
00017 /* ACKNOWLEDGEMENTS:
00018  * This work was initially developed by Pierangelo Masarati for inclusion
00019  * in OpenLDAP Software.
00020  */
00021 
00022 #include "portable.h"
00023 
00024 #include <stdio.h>
00025 
00026 #include <ac/string.h>
00027 
00028 #include "slap.h"
00029 #include <lber_pvt.h>
00030 #include "lutil.h"
00031 #include "ldif.h"
00032 #include "back-monitor.h"
00033 
00034 static int 
00035 monitor_subsys_log_open( 
00036        BackendDB            *be,
00037        monitor_subsys_t     *ms );
00038 
00039 static int 
00040 monitor_subsys_log_modify( 
00041        Operation            *op,
00042        SlapReply            *rs,
00043        Entry                *e );
00044 
00045 /*
00046  * log mutex
00047  */
00048 ldap_pvt_thread_mutex_t            monitor_log_mutex;
00049 
00050 static int add_values( Operation *op, Entry *e, Modification *mod, int *newlevel );
00051 static int delete_values( Operation *op, Entry *e, Modification *mod, int *newlevel );
00052 static int replace_values( Operation *op, Entry *e, Modification *mod, int *newlevel );
00053 
00054 /*
00055  * initializes log subentry
00056  */
00057 int
00058 monitor_subsys_log_init(
00059        BackendDB            *be,
00060        monitor_subsys_t     *ms )
00061 {
00062        ms->mss_open = monitor_subsys_log_open;
00063        ms->mss_modify = monitor_subsys_log_modify;
00064 
00065        ldap_pvt_thread_mutex_init( &monitor_log_mutex );
00066 
00067        return( 0 );
00068 }
00069 
00070 /*
00071  * opens log subentry
00072  */
00073 int
00074 monitor_subsys_log_open(
00075        BackendDB            *be,
00076        monitor_subsys_t     *ms )
00077 {
00078        BerVarray     bva = NULL;
00079 
00080        if ( loglevel2bvarray( ldap_syslog, &bva ) == 0 && bva != NULL ) {
00081               monitor_info_t       *mi;
00082               Entry         *e;
00083 
00084               mi = ( monitor_info_t * )be->be_private;
00085 
00086               if ( monitor_cache_get( mi, &ms->mss_ndn, &e ) ) {
00087                      Debug( LDAP_DEBUG_ANY,
00088                             "monitor_subsys_log_init: "
00089                             "unable to get entry \"%s\"\n",
00090                             ms->mss_ndn.bv_val, 0, 0 );
00091                      ber_bvarray_free( bva );
00092                      return( -1 );
00093               }
00094 
00095               attr_merge_normalize( e, mi->mi_ad_managedInfo, bva, NULL );
00096               ber_bvarray_free( bva );
00097 
00098               monitor_cache_release( mi, e );
00099        }
00100 
00101        return( 0 );
00102 }
00103 
00104 static int 
00105 monitor_subsys_log_modify( 
00106        Operation            *op,
00107        SlapReply            *rs,
00108        Entry                *e )
00109 {
00110        monitor_info_t       *mi = ( monitor_info_t * )op->o_bd->be_private;
00111        int           rc = LDAP_OTHER;
00112        int           newlevel = ldap_syslog;
00113        Attribute     *save_attrs;
00114        Modifications *modlist = op->orm_modlist;
00115        Modifications *ml;
00116 
00117        ldap_pvt_thread_mutex_lock( &monitor_log_mutex );
00118 
00119        save_attrs = e->e_attrs;
00120        e->e_attrs = attrs_dup( e->e_attrs );
00121 
00122        for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
00123               Modification  *mod = &ml->sml_mod;
00124 
00125               /*
00126                * accept all operational attributes;
00127                * this includes modifersName and modifyTimestamp
00128                * if lastmod is "on"
00129                */
00130               if ( is_at_operational( mod->sm_desc->ad_type ) ) {
00131                      ( void ) attr_delete( &e->e_attrs, mod->sm_desc );
00132                      rc = rs->sr_err = attr_merge( e, mod->sm_desc,
00133                                    mod->sm_values, mod->sm_nvalues );
00134                      if ( rc != LDAP_SUCCESS ) {
00135                             break;
00136                      }
00137                      continue;
00138 
00139               /*
00140                * only the "managedInfo" attribute can be modified
00141                */
00142               } else if ( mod->sm_desc != mi->mi_ad_managedInfo ) {
00143                      rc = rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
00144                      break;
00145               }
00146 
00147               switch ( mod->sm_op ) {
00148               case LDAP_MOD_ADD:
00149                      rc = add_values( op, e, mod, &newlevel );
00150                      break;
00151                      
00152               case LDAP_MOD_DELETE:
00153                      rc = delete_values( op, e, mod, &newlevel );
00154                      break;
00155 
00156               case LDAP_MOD_REPLACE:
00157                      rc = replace_values( op, e, mod, &newlevel );
00158                      break;
00159 
00160               default:
00161                      rc = LDAP_OTHER;
00162                      break;
00163               }
00164 
00165               if ( rc != LDAP_SUCCESS ) {
00166                      rs->sr_err = rc;
00167                      break;
00168               }
00169        }
00170 
00171        /* set the new debug level */
00172        if ( rc == LDAP_SUCCESS ) {
00173               const char    *text;
00174               static char   textbuf[ BACKMONITOR_BUFSIZE ];
00175 
00176               /* check for abandon */
00177               if ( op->o_abandon ) {
00178                      rc = rs->sr_err = SLAPD_ABANDON;
00179 
00180                      goto cleanup;
00181               }
00182 
00183               /* check that the entry still obeys the schema */
00184               rc = entry_schema_check( op, e, save_attrs, 0, 0, NULL,
00185                      &text, textbuf, sizeof( textbuf ) );
00186               if ( rc != LDAP_SUCCESS ) {
00187                      rs->sr_err = rc;
00188                      goto cleanup;
00189               }
00190 
00191               /*
00192                * Do we need to protect this with a mutex?
00193                */
00194               ldap_syslog = newlevel;
00195 
00196 #if 0  /* debug rather than log */
00197               slap_debug = newlevel;
00198               lutil_set_debug_level( "slapd", slap_debug );
00199               ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &slap_debug);
00200               ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &slap_debug);
00201               ldif_debug = slap_debug;
00202 #endif
00203        }
00204 
00205 cleanup:;
00206        if ( rc == LDAP_SUCCESS ) {
00207               attrs_free( save_attrs );
00208 
00209        } else {
00210               attrs_free( e->e_attrs );
00211               e->e_attrs = save_attrs;
00212        }
00213        
00214        ldap_pvt_thread_mutex_unlock( &monitor_log_mutex );
00215 
00216        if ( rc == LDAP_SUCCESS ) {
00217               rc = SLAP_CB_CONTINUE;
00218        }
00219 
00220        return rc;
00221 }
00222 
00223 static int
00224 check_constraints( Modification *mod, int *newlevel )
00225 {
00226        int           i;
00227 
00228        if ( mod->sm_nvalues != NULL ) {
00229               ber_bvarray_free( mod->sm_nvalues );
00230               mod->sm_nvalues = NULL;
00231        }
00232 
00233        for ( i = 0; !BER_BVISNULL( &mod->sm_values[ i ] ); i++ ) {
00234               int           l;
00235               struct berval bv;
00236 
00237               if ( str2loglevel( mod->sm_values[ i ].bv_val, &l ) ) {
00238                      return LDAP_CONSTRAINT_VIOLATION;
00239               }
00240 
00241               if ( loglevel2bv( l, &bv ) ) {
00242                      return LDAP_CONSTRAINT_VIOLATION;
00243               }
00244               
00245               assert( bv.bv_len == mod->sm_values[ i ].bv_len );
00246               
00247               AC_MEMCPY( mod->sm_values[ i ].bv_val,
00248                             bv.bv_val, bv.bv_len );
00249 
00250               *newlevel |= l;
00251        }
00252 
00253        return LDAP_SUCCESS;
00254 }      
00255 
00256 static int 
00257 add_values( Operation *op, Entry *e, Modification *mod, int *newlevel )
00258 {
00259        Attribute     *a;
00260        int           i, rc;
00261        MatchingRule  *mr = mod->sm_desc->ad_type->sat_equality;
00262 
00263        assert( mod->sm_values != NULL );
00264 
00265        rc = check_constraints( mod, newlevel );
00266        if ( rc != LDAP_SUCCESS ) {
00267               return rc;
00268        }
00269 
00270        a = attr_find( e->e_attrs, mod->sm_desc );
00271 
00272        if ( a != NULL ) {
00273               /* "managedInfo" SHOULD have appropriate rules ... */
00274               if ( mr == NULL || !mr->smr_match ) {
00275                      return LDAP_INAPPROPRIATE_MATCHING;
00276               }
00277 
00278               for ( i = 0; !BER_BVISNULL( &mod->sm_values[ i ] ); i++ ) {
00279                      int rc;
00280                      int j;
00281                      const char *text = NULL;
00282                      struct berval asserted;
00283 
00284                      rc = asserted_value_validate_normalize(
00285                             mod->sm_desc, mr, SLAP_MR_EQUALITY,
00286                             &mod->sm_values[ i ], &asserted, &text,
00287                             op->o_tmpmemctx );
00288 
00289                      if ( rc != LDAP_SUCCESS ) {
00290                             return rc;
00291                      }
00292 
00293                      for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) {
00294                             int match;
00295                             int rc = value_match( &match, mod->sm_desc, mr,
00296                                    0, &a->a_nvals[ j ], &asserted, &text );
00297 
00298                             if ( rc == LDAP_SUCCESS && match == 0 ) {
00299                                    free( asserted.bv_val );
00300                                    return LDAP_TYPE_OR_VALUE_EXISTS;
00301                             }
00302                      }
00303 
00304                      free( asserted.bv_val );
00305               }
00306        }
00307 
00308        /* no - add them */
00309        rc = attr_merge_normalize( e, mod->sm_desc, mod->sm_values,
00310               op->o_tmpmemctx );
00311        if ( rc != LDAP_SUCCESS ) {
00312               return rc;
00313        }
00314 
00315        return LDAP_SUCCESS;
00316 }
00317 
00318 static int
00319 delete_values( Operation *op, Entry *e, Modification *mod, int *newlevel )
00320 {
00321        int             i, j, k, found, rc, nl = 0;
00322        Attribute       *a;
00323        MatchingRule  *mr = mod->sm_desc->ad_type->sat_equality;
00324 
00325        /* delete the entire attribute */
00326        if ( mod->sm_values == NULL ) {
00327               int rc = attr_delete( &e->e_attrs, mod->sm_desc );
00328 
00329               if ( rc ) {
00330                      rc = LDAP_NO_SUCH_ATTRIBUTE;
00331 
00332               } else {
00333                      *newlevel = 0;
00334                      rc = LDAP_SUCCESS;
00335               }
00336               return rc;
00337        }
00338 
00339        rc = check_constraints( mod, &nl );
00340        if ( rc != LDAP_SUCCESS ) {
00341               return rc;
00342        }
00343 
00344        *newlevel &= ~nl;
00345 
00346        if ( mr == NULL || !mr->smr_match ) {
00347               /* disallow specific attributes from being deleted if
00348                * no equality rule */
00349               return LDAP_INAPPROPRIATE_MATCHING;
00350        }
00351 
00352        /* delete specific values - find the attribute first */
00353        if ( (a = attr_find( e->e_attrs, mod->sm_desc )) == NULL ) {
00354               return( LDAP_NO_SUCH_ATTRIBUTE );
00355        }
00356 
00357        /* find each value to delete */
00358        for ( i = 0; !BER_BVISNULL( &mod->sm_values[ i ] ); i++ ) {
00359               int rc;
00360               const char *text = NULL;
00361 
00362               struct berval asserted;
00363 
00364               rc = asserted_value_validate_normalize(
00365                             mod->sm_desc, mr, SLAP_MR_EQUALITY,
00366                             &mod->sm_values[ i ], &asserted, &text,
00367                             op->o_tmpmemctx );
00368 
00369               if( rc != LDAP_SUCCESS ) return rc;
00370 
00371               found = 0;
00372               for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) {
00373                      int match;
00374                      int rc = value_match( &match, mod->sm_desc, mr,
00375                             0, &a->a_nvals[ j ], &asserted, &text );
00376 
00377                      if( rc == LDAP_SUCCESS && match != 0 ) {
00378                             continue;
00379                      }
00380 
00381                      /* found a matching value */
00382                      found = 1;
00383 
00384                      /* delete it */
00385                      if ( a->a_nvals != a->a_vals ) {
00386                             free( a->a_nvals[ j ].bv_val );
00387                             for ( k = j + 1; !BER_BVISNULL( &a->a_nvals[ k ] ); k++ ) {
00388                                    a->a_nvals[ k - 1 ] = a->a_nvals[ k ];
00389                             }
00390                             BER_BVZERO( &a->a_nvals[ k - 1 ] );
00391                      }
00392 
00393                      free( a->a_vals[ j ].bv_val );
00394                      for ( k = j + 1; !BER_BVISNULL( &a->a_vals[ k ] ); k++ ) {
00395                             a->a_vals[ k - 1 ] = a->a_vals[ k ];
00396                      }
00397                      BER_BVZERO( &a->a_vals[ k - 1 ] );
00398                      a->a_numvals--;
00399 
00400                      break;
00401               }
00402 
00403               free( asserted.bv_val );
00404 
00405               /* looked through them all w/o finding it */
00406               if ( ! found ) {
00407                      return LDAP_NO_SUCH_ATTRIBUTE;
00408               }
00409        }
00410 
00411        /* if no values remain, delete the entire attribute */
00412        if ( BER_BVISNULL( &a->a_vals[ 0 ] ) ) {
00413               assert( a->a_numvals == 0 );
00414 
00415               /* should already be zero */
00416               *newlevel = 0;
00417               
00418               if ( attr_delete( &e->e_attrs, mod->sm_desc ) ) {
00419                      return LDAP_NO_SUCH_ATTRIBUTE;
00420               }
00421        }
00422 
00423        return LDAP_SUCCESS;
00424 }
00425 
00426 static int
00427 replace_values( Operation *op, Entry *e, Modification *mod, int *newlevel )
00428 {
00429        int rc;
00430 
00431        if ( mod->sm_values != NULL ) {
00432               *newlevel = 0;
00433               rc = check_constraints( mod, newlevel );
00434               if ( rc != LDAP_SUCCESS ) {
00435                      return rc;
00436               }
00437        }
00438 
00439        rc = attr_delete( &e->e_attrs, mod->sm_desc );
00440 
00441        if ( rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_ATTRIBUTE ) {
00442               return rc;
00443        }
00444 
00445        if ( mod->sm_values != NULL ) {
00446               rc = attr_merge_normalize( e, mod->sm_desc, mod->sm_values,
00447                             op->o_tmpmemctx );
00448               if ( rc != LDAP_SUCCESS ) {
00449                      return rc;
00450               }
00451        }
00452 
00453        return LDAP_SUCCESS;
00454 }
00455