This is a multi-part message in MIME format. --------------4BA376E6A3936AB8C247B47A Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
The attached patch file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Michael Ströder <[email protected]>. I have not assigned rights and/or interest in this work to any party. I, Michael Ströder, hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. This patch can also be found here: ftp://ftp.openldap.org/incoming/0001-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch --------------4BA376E6A3936AB8C247B47A Content-Type: text/x-patch; name="0001-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename*0="0001-ITS-8714-Send-out-EXTENDED-operation-message-from-back-"; filename*1="sock.patch" =46rom 732c5646e0a03be8b58e52527b25742f0495807e Mon Sep 17 00:00:00 2001 From: =3D?UTF-8?q?Michael=3D20Str=3DC3=3DB6der?=3D <[email protected]>= Date: Fri, 18 Aug 2017 18:47:41 +0200 Subject: [PATCH] ITS#8714 Send out EXTENDED operation message from back-s= ock to external program --- doc/man/man5/slapd-sock.5 | 19 +++++++++++- servers/slapd/back-sock/Makefile.in | 4 +-- servers/slapd/back-sock/config.c | 12 ++++++-- servers/slapd/back-sock/extended.c | 58 ++++++++++++++++++++++++++++++= ++++++ servers/slapd/back-sock/init.c | 2 +- servers/slapd/back-sock/proto-sock.h | 2 ++ 6 files changed, 91 insertions(+), 6 deletions(-) create mode 100644 servers/slapd/back-sock/extended.c diff --git a/doc/man/man5/slapd-sock.5 b/doc/man/man5/slapd-sock.5 index 1ac4f7fdd..0c4fc3fdd 100644 --- a/doc/man/man5/slapd-sock.5 +++ b/doc/man/man5/slapd-sock.5 @@ -49,7 +49,7 @@ be sent and from which replies are received. =20 When used as an overlay, these additional directives are defined: .TP -.B sockops [ bind | unbind | search | compare | modify | modrdn | add | = delete ]* +.B sockops [ bind | unbind | search | compare | modify | modrdn | add | = delete | extended ]* Specify which request types to send to the external program. The default= is empty (no requests are sent). .TP @@ -115,6 +115,18 @@ dn: <DN> .PP .RS .nf +EXTENDED +msgid: <message id> +<repeat { "suffix:" <database suffix DN> }> +oid: <OID> +valuelen: <length of <value>> +value: <credentials> +<blank line> +.fi +.RE +.PP +.RS +.nf MODIFY msgid: <message id> <repeat { "suffix:" <database suffix DN> }> @@ -292,6 +304,11 @@ access to the pseudo_attribute of the searchBase; .B search (=3Ds) access to the attributes and values used in the filter is not checked. +.LP +The +.B extended +operation does not require any access special rights. +The external program has to implement any sort of access control. =20 .SH EXAMPLE There is an example script in the slapd/back\-sock/ directory diff --git a/servers/slapd/back-sock/Makefile.in b/servers/slapd/back-soc= k/Makefile.in index 3e527e545..efb916246 100644 --- a/servers/slapd/back-sock/Makefile.in +++ b/servers/slapd/back-sock/Makefile.in @@ -18,9 +18,9 @@ ## in OpenLDAP Software. =20 SRCS =3D init.c config.c opensock.c search.c bind.c unbind.c add.c \ - delete.c modify.c modrdn.c compare.c result.c + delete.c modify.c modrdn.c compare.c result.c extended.c OBJS =3D init.lo config.lo opensock.lo search.lo bind.lo unbind.lo add.l= o \ - delete.lo modify.lo modrdn.lo compare.lo result.lo + delete.lo modify.lo modrdn.lo compare.lo result.lo extended.lo =20 LDAP_INCDIR=3D ../../../include =20 LDAP_LIBDIR=3D ../../../libraries diff --git a/servers/slapd/back-sock/config.c b/servers/slapd/back-sock/c= onfig.c index dc3f1365c..2dcf68bf6 100644 --- a/servers/slapd/back-sock/config.c +++ b/servers/slapd/back-sock/config.c @@ -106,6 +106,7 @@ static ConfigOCs osocs[] =3D { #define SOCK_OP_MODRDN 0x020 #define SOCK_OP_ADD 0x040 #define SOCK_OP_DELETE 0x080 +#define SOCK_OP_EXTENDED 0x100 =20 #define SOCK_REP_RESULT 0x001 #define SOCK_REP_SEARCH 0x002 @@ -127,6 +128,7 @@ static slap_verbmasks ov_ops[] =3D { { BER_BVC("modrdn"), SOCK_OP_MODRDN }, { BER_BVC("add"), SOCK_OP_ADD }, { BER_BVC("delete"), SOCK_OP_DELETE }, + { BER_BVC("extended"), SOCK_OP_EXTENDED }, { BER_BVNULL, 0 } }; =20 @@ -249,7 +251,9 @@ static BI_op_bind *sockfuncs[] =3D { sock_back_modify, sock_back_modrdn, sock_back_add, - sock_back_delete + sock_back_delete, + 0, /* abandon not supported */ + sock_back_extended }; =20 static const int sockopflags[] =3D { @@ -260,7 +264,9 @@ static const int sockopflags[] =3D { SOCK_OP_MODIFY, SOCK_OP_MODRDN, SOCK_OP_ADD, - SOCK_OP_DELETE + SOCK_OP_DELETE, + 0, /* abandon not supported */ + SOCK_OP_EXTENDED }; =20 static int sock_over_op( @@ -283,6 +289,7 @@ static int sock_over_op( case LDAP_REQ_MODRDN: which =3D op_modrdn; break; case LDAP_REQ_ADD: which =3D op_add; break; case LDAP_REQ_DELETE: which =3D op_delete; break; + case LDAP_REQ_EXTENDED: which =3D op_extended; break; default: return SLAP_CB_CONTINUE; } @@ -365,6 +372,7 @@ sock_over_setup() sockover.on_bi.bi_op_modrdn =3D sock_over_op; sockover.on_bi.bi_op_add =3D sock_over_op; sockover.on_bi.bi_op_delete =3D sock_over_op; + sockover.on_bi.bi_extended =3D sock_over_op; sockover.on_response =3D sock_over_response; =20 sockover.on_bi.bi_cf_ocs =3D osocs; diff --git a/servers/slapd/back-sock/extended.c b/servers/slapd/back-sock= /extended.c new file mode 100644 index 000000000..15493ea98 --- /dev/null +++ b/servers/slapd/back-sock/extended.c @@ -0,0 +1,58 @@ +/* extended.c - sock backend extended routines */ +/* $OpenLDAP$ */ +/* This work is part of OpenLDAP Software <http://www.openldap.org/>. + * + * Copyright 2000-2017 The OpenLDAP Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. + * + * A copy of this license is available in the file LICENSE in the + * top-level directory of the distribution or, alternatively, at + * <http://www.OpenLDAP.org/license.html>. + */ + +#include "portable.h" + +#include <stdio.h> +#include <ac/string.h> + +#include "slap.h" +#include "back-sock.h" + +int +sock_back_extended( Operation *op, SlapReply *rs ) +{ + int rc; + struct sockinfo *si =3D (struct sockinfo *) op->o_bd->be_private; + FILE *fp; + + Debug( LDAP_DEBUG_ARGS, "=3D=3D> sock_back_extended(%s)\n", + op->ore_reqoid.bv_val, op->o_req_dn.bv_val, 0 ); + + if ( (fp =3D opensock( si->si_sockpath )) =3D=3D NULL ) { + send_ldap_error( op, rs, LDAP_OTHER, + "could not open socket" ); + return( -1 ); + } + + /* write out the request to the extended process */ + fprintf( fp, "EXTENDED\n" ); + fprintf( fp, "msgid: %ld\n", (long) op->o_msgid ); + sock_print_conn( fp, op->o_conn, si ); + sock_print_suffixes( fp, op->o_bd ); + fprintf( fp, "oid: %s\n", op->ore_reqoid.bv_val ); + if (op->ore_reqdata) { + fprintf( fp, "valuelen: %lu\n", op->ore_reqdata->bv_len ); + fprintf( fp, "value: %s\n", op->ore_reqdata->bv_val ); + } + fprintf( fp, "\n" ); + + /* read in the results and send them along */ + rc =3D sock_read_and_send_results( op, rs, fp ); + fclose( fp ); + + return( rc ); +} diff --git a/servers/slapd/back-sock/init.c b/servers/slapd/back-sock/ini= t.c index dcfe61a44..92e68782f 100644 --- a/servers/slapd/back-sock/init.c +++ b/servers/slapd/back-sock/init.c @@ -53,7 +53,7 @@ sock_back_initialize( bi->bi_op_delete =3D sock_back_delete; bi->bi_op_abandon =3D 0; =20 - bi->bi_extended =3D 0; + bi->bi_extended =3D sock_back_extended; =20 bi->bi_chk_referrals =3D 0; =20 diff --git a/servers/slapd/back-sock/proto-sock.h b/servers/slapd/back-so= ck/proto-sock.h index fa02ab896..8b3b5f3ef 100644 --- a/servers/slapd/back-sock/proto-sock.h +++ b/servers/slapd/back-sock/proto-sock.h @@ -40,6 +40,8 @@ extern BI_op_modrdn sock_back_modrdn; extern BI_op_add sock_back_add; extern BI_op_delete sock_back_delete; =20 +extern BI_op_extended sock_back_extended; + extern int sock_back_init_cf( BackendInfo *bi ); =20 LDAP_END_DECL --=20 2.14.0 --------------4BA376E6A3936AB8C247B47A--
