#include <ac/ctype.h>
#include "slap.h"
+#include "config.h"
#include "ldif.h"
typedef struct auditlog_data {
char *ad_logfile;
} auditlog_data;
+static ConfigTable auditlogcfg[] = {
+ { "auditlog", "filename", 2, 2, 0,
+ ARG_STRING|ARG_OFFSET,
+ (void *)offsetof(auditlog_data, ad_logfile),
+ "( OLcfgOvAt:15.1 NAME 'olcAuditlogFile' "
+ "DESC 'Filename for auditlogging' "
+ "SYNTAX OMsDirectoryString )", NULL, NULL },
+ { NULL, NULL, 0, 0, 0, ARG_IGNORED }
+};
+
+static ConfigOCs auditlogocs[] = {
+ { "( OLcfgOvOc:15.1 "
+ "NAME 'olcAuditlogConfig' "
+ "DESC 'Auditlog configuration' "
+ "SUP olcOverlayConfig "
+ "MAY ( olcAuditlogFile ) )",
+ Cft_Overlay, auditlogcfg },
+ { NULL, 0, NULL }
+};
+
static int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) {
char *s;
if((s = ldif_put(LDIF_PUT_VALUE, name, val, len)) == NULL)
FILE *f;
Attribute *a;
Modifications *m;
- struct berval *b;
- char *what, *subop, *suffix, *who = NULL;
+ struct berval *b, *who = NULL;
+ char *what, *suffix;
long stamp = slap_get_time();
int i;
if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
- if ( !op->o_bd || !ad->ad_logfile ) return SLAP_CB_CONTINUE;
+ if ( !ad->ad_logfile ) return SLAP_CB_CONTINUE;
/*
** add or modify: use modifiersName if present
what = "add";
for(a = op->ora_e->e_attrs; a; a = a->a_next)
if( a->a_desc == slap_schema.si_ad_modifiersName ) {
- who = a->a_vals[0].bv_val;
+ who = &a->a_vals[0];
break;
}
break;
if( m->sml_desc == slap_schema.si_ad_modifiersName &&
( m->sml_op == LDAP_MOD_ADD ||
m->sml_op == LDAP_MOD_REPLACE )) {
- who = m->sml_values[0].bv_val;
+ who = &m->sml_values[0];
break;
}
break;
** note: this means requestor's dn when modifiersName is null
*/
if ( !who )
- who = op->o_dn.bv_val;
+ who = &op->o_dn;
ldap_pvt_thread_mutex_lock(&ad->ad_mutex);
if((f = fopen(ad->ad_logfile, "a")) == NULL) {
return SLAP_CB_CONTINUE;
}
- fprintf(f, "# %s %ld %s%s%s\ndn: %s\nchangetype: %s\n",
- what, stamp, suffix, who ? " " : "", who ? who : "",
+ fprintf(f, "# %s %ld %s%s%s\n",
+ what, stamp, suffix, who ? " " : "", who ? who->bv_val : "");
+
+ if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) &&
+ (!who || !dn_match( who, &op->o_conn->c_dn )))
+ fprintf(f, "# realdn: %s\n", op->o_conn->c_dn.bv_val );
+
+ fprintf(f, "dn: %s\nchangetype: %s\n",
op->o_req_dn.bv_val, what);
switch(op->o_tag) {
case LDAP_REQ_ADD:
for(a = op->ora_e->e_attrs; a; a = a->a_next)
- if(b = a->a_vals)
+ if((b = a->a_vals) != NULL)
for(i = 0; b[i].bv_val; i++)
fprint_ldif(f, a->a_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
break;
continue;
}
fprintf(f, "%s: %s\n", what, m->sml_desc->ad_cname.bv_val);
- if(b = m->sml_values) for(i = 0; b[i].bv_val; i++)
+ if((b = m->sml_values) != NULL)
+ for(i = 0; b[i].bv_val; i++)
fprint_ldif(f, m->sml_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len);
fprintf(f, "-\n");
}
}
int auditlog_initialize() {
+ int rc;
auditlog.on_bi.bi_type = "auditlog";
auditlog.on_bi.bi_db_init = auditlog_db_init;
- auditlog.on_bi.bi_db_config = auditlog_config;
auditlog.on_bi.bi_db_close = auditlog_db_close;
auditlog.on_bi.bi_db_destroy = auditlog_db_destroy;
auditlog.on_response = auditlog_response;
+ auditlog.on_bi.bi_cf_ocs = auditlogocs;
+ rc = config_register_schema( auditlogcfg, auditlogocs );
+ if ( rc ) return rc;
+
return overlay_register(&auditlog);
}
#include <ac/time.h>
#include <ac/string.h>
#include <ac/ctype.h>
+#include "config.h"
#ifndef MODULE_NAME_SZ
#define MODULE_NAME_SZ 256
static ldap_pvt_thread_mutex_t chk_syntax_mutex;
+enum {
+ PPOLICY_DEFAULT = 1,
+ PPOLICY_HASH_CLEARTEXT,
+ PPOLICY_USE_LOCKOUT
+};
+
+static ConfigDriver ppolicy_cf_default;
+
+static ConfigTable ppolicycfg[] = {
+ { "ppolicy_default", "policyDN", 2, 2, 0,
+ ARG_DN|ARG_MAGIC|PPOLICY_DEFAULT, ppolicy_cf_default,
+ "( OLcfgOvAt:12.1 NAME 'olcPPolicyDefault' "
+ "DESC 'DN of a pwdPolicy object for uncustomized objects' "
+ "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
+ { "ppolicy_hash_cleartext", "on|off", 1, 2, 0,
+ ARG_ON_OFF|ARG_OFFSET|PPOLICY_HASH_CLEARTEXT,
+ (void *)offsetof(pp_info,hash_passwords),
+ "( OLcfgOvAt:12.2 NAME 'olcPPolicyHashCleartext' "
+ "DESC 'Hash passwords on add or modify' "
+ "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
+ { "ppolicy_use_lockout", "on|off", 1, 2, 0,
+ ARG_ON_OFF|ARG_OFFSET|PPOLICY_USE_LOCKOUT,
+ (void *)offsetof(pp_info,use_lockout),
+ "( OLcfgOvAt:12.3 NAME 'olcPPolicyUseLockout' "
+ "DESC 'Warn clients with AccountLocked' "
+ "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
+ { NULL, NULL, 0, 0, 0, ARG_IGNORED }
+};
+
+static ConfigOCs ppolicyocs[] = {
+ { "( OLcfgOvOc:12.1 "
+ "NAME 'olcPPolicyConfig' "
+ "DESC 'Password Policy configuration' "
+ "SUP olcOverlayConfig "
+ "MAY ( olcPPolicyDefault $ olcPPolicyHashCleartext $ "
+ "olcPPolicyUseLockout ) )",
+ Cft_Overlay, ppolicycfg },
+ { NULL, 0, NULL }
+};
+
+static int
+ppolicy_cf_default( ConfigArgs *c )
+{
+ slap_overinst *on = (slap_overinst *)c->bi;
+ pp_info *pi = (pp_info *)on->on_bi.bi_private;
+ BackendDB *be = (BackendDB *)c->be;
+ const char *text;
+ int rc = ARG_BAD_CONF;
+
+ assert ( c->type == PPOLICY_DEFAULT );
+ Debug(LDAP_DEBUG_TRACE, "==> ppolicy_cf_default\n", 0, 0, 0);
+
+ switch ( c->op ) {
+ case SLAP_CONFIG_EMIT:
+ Debug(LDAP_DEBUG_TRACE, "==> ppolicy_cf_default emit\n", 0, 0, 0);
+ rc = 0;
+ if ( !BER_BVISEMPTY( &pi->def_policy )) {
+ rc = value_add_one( &c->rvalue_vals,
+ &pi->def_policy );
+ if ( rc ) return rc;
+ rc = value_add_one( &c->rvalue_nvals,
+ &pi->def_policy );
+ }
+ break;
+ case LDAP_MOD_DELETE:
+ Debug(LDAP_DEBUG_TRACE, "==> ppolicy_cf_default delete\n", 0, 0, 0);
+ if ( pi->def_policy.bv_val ) {
+ ber_memfree ( pi->def_policy.bv_val );
+ pi->def_policy.bv_val = NULL;
+ }
+ pi->def_policy.bv_len = 0;
+ rc = 0;
+ break;
+ case SLAP_CONFIG_ADD:
+ /* fallthrough to LDAP_MOD_ADD */
+ case LDAP_MOD_ADD:
+ Debug(LDAP_DEBUG_TRACE, "==> ppolicy_cf_default add\n", 0, 0, 0);
+ if ( pi->def_policy.bv_val )
+ ber_memfree ( pi->def_policy.bv_val );
+ pi->def_policy = c->value_ndn;
+ rc = 0;
+ break;
+ default:
+ abort ();
+ }
+
+ return rc;
+}
+
static time_t
parse_time( char *atm )
{
return 0;
}
-static int
-ppolicy_config(
- BackendDB *be,
- const char *fname,
- int lineno,
- int argc,
- char **argv
-)
-{
- slap_overinst *on = (slap_overinst *) be->bd_info;
- pp_info *pi = on->on_bi.bi_private;
- struct berval dn;
-
-
- if ( strcasecmp( argv[0], "ppolicy_default" ) == 0 ) {
- if ( argc != 2 ) {
- fprintf( stderr, "%s: line %d: invalid arguments in \"ppolicy_default"
- " <policyDN>\n", fname, lineno );
- return ( 1 );
- }
- ber_str2bv( argv[1], 0, 0, &dn );
- if ( dnNormalize( 0, NULL, NULL, &dn, &pi->def_policy, NULL ) ) {
- fprintf( stderr, "%s: line %d: policyDN is invalid\n",
- fname, lineno );
- return 1;
- }
- return 0;
-
- } else if ( strcasecmp( argv[0], "ppolicy_use_lockout" ) == 0 ) {
- if ( argc != 1 ) {
- fprintf( stderr, "%s: line %d: ppolicy_use_lockout "
- "takes no arguments\n", fname, lineno );
- return ( 1 );
- }
- pi->use_lockout = 1;
- return 0;
- } else if ( strcasecmp( argv[0], "ppolicy_hash_cleartext" ) == 0 ) {
- if ( argc != 1 ) {
- fprintf( stderr, "%s: line %d: ppolicy_hash_cleartext "
- "takes no arguments\n", fname, lineno );
- return ( 1 );
- }
- pi->hash_passwords = 1;
- return 0;
- }
- return SLAP_CONF_UNKNOWN;
-}
-
static char *extops[] = {
LDAP_EXOP_MODIFY_PASSWD,
NULL
ppolicy.on_bi.bi_type = "ppolicy";
ppolicy.on_bi.bi_db_init = ppolicy_db_init;
ppolicy.on_bi.bi_db_open = ppolicy_db_open;
- ppolicy.on_bi.bi_db_config = ppolicy_config;
ppolicy.on_bi.bi_db_close = ppolicy_close;
ppolicy.on_bi.bi_op_add = ppolicy_add;
ppolicy.on_bi.bi_op_search = ppolicy_restrict;
ppolicy.on_bi.bi_connection_destroy = ppolicy_connection_destroy;
+ ppolicy.on_bi.bi_cf_ocs = ppolicyocs;
+ code = config_register_schema( ppolicycfg, ppolicyocs );
+ if ( code ) return code;
+
return overlay_register( &ppolicy );
}
projects / thirdparty / openldap.git / commitdiff
