From: Arran Cudbard-Bell Date: Thu, 27 Jun 2024 17:43:20 +0000 (-0600) Subject: Add API level support for deleting objects X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e6950f78e02deaa9ea3bd20590f0a8afc3f0a5de;p=thirdparty%2Ffreeradius-server.git Add API level support for deleting objects This is just for completeness. We don't currently have any use case for it, but it'll likely be called by a delete xlat in the near future. --- diff --git a/src/lib/ldap/base.c b/src/lib/ldap/base.c index df232089e78..20294891838 100644 --- a/src/lib/ldap/base.c +++ b/src/lib/ldap/base.c @@ -802,7 +802,47 @@ fr_ldap_rcode_t fr_ldap_modify_async(int *msgid, request_t *request, fr_ldap_con RDEBUG2("Modifying object with DN \"%s\"", dn); if(ldap_modify_ext(pconn->handle, dn, mods, our_serverctrls, our_clientctrls, msgid) != LDAP_SUCCESS) { fr_ldap_rcode_t ret = fr_ldap_error_check(NULL, pconn, NULL, NULL); - ROPTIONAL(RPEDEBUG, RPERROR, "Failed modifying object"); + ROPTIONAL(RPEDEBUG, RPERROR, "Failed sending request to modify object"); + + return ret; + } + + return LDAP_PROC_SUCCESS; +} + +/** Modify something in the LDAP directory + * + * Used on connections bound as the administrative user to attempt to modify an LDAP object. + * Called by the trunk mux function + * + * @param[out] msgid LDAP message ID. + * @param[in] request Current request. + * @param[in] pconn to use. + * @param[in] dn of the object to delete. + * @param[in] serverctrls Search controls to pass to the server. May be NULL. + * @param[in] clientctrls Search controls for ldap_delete. May be NULL. + * @return One of the LDAP_PROC_* (#fr_ldap_rcode_t) values. + */ +fr_ldap_rcode_t fr_ldap_delete_async(int *msgid, request_t *request, fr_ldap_connection_t *pconn, + char const *dn, + LDAPControl **serverctrls, LDAPControl **clientctrls) +{ + LDAPControl *our_serverctrls[LDAP_MAX_CONTROLS]; + LDAPControl *our_clientctrls[LDAP_MAX_CONTROLS]; + + fr_ldap_control_merge(our_serverctrls, our_clientctrls, + NUM_ELEMENTS(our_serverctrls), + NUM_ELEMENTS(our_clientctrls), + pconn, serverctrls, clientctrls); + + fr_assert(pconn && pconn->handle); + + if (RDEBUG_ENABLED4) fr_ldap_timeout_debug(request, pconn, fr_time_delta_wrap(0), __FUNCTION__); + + RDEBUG2("Deleting object with DN \"%s\"", dn); + if(ldap_delete_ext(pconn->handle, dn, our_serverctrls, our_clientctrls, msgid) != LDAP_SUCCESS) { + fr_ldap_rcode_t ret = fr_ldap_error_check(NULL, pconn, NULL, NULL); + ROPTIONAL(RPEDEBUG, RPERROR, "Failed sending request to delete object"); return ret; } diff --git a/src/lib/ldap/base.h b/src/lib/ldap/base.h index 7daf0888da4..2144b770835 100644 --- a/src/lib/ldap/base.h +++ b/src/lib/ldap/base.h @@ -177,6 +177,7 @@ typedef enum { typedef enum { LDAP_REQUEST_SEARCH = 1, //!< A lookup in an LDAP directory LDAP_REQUEST_MODIFY, //!< A modification to an LDAP entity + LDAP_REQUEST_DELETE, //!< A deletion of an LDAP entity LDAP_REQUEST_EXTENDED //!< An extended LDAP operation } fr_ldap_request_type_t; @@ -774,6 +775,9 @@ fr_ldap_rcode_t fr_ldap_modify_async(int *msgid, request_t *request, fr_ldap_con char const *dn, LDAPMod *mods[], LDAPControl **serverctrls, LDAPControl **clientctrls); +fr_ldap_rcode_t fr_ldap_delete_async(int *msgid, request_t *request, fr_ldap_connection_t *pconn, + char const *dn, + LDAPControl **serverctrls, LDAPControl **clientctrls); fr_ldap_rcode_t fr_ldap_extended_async(int *msgid, request_t *request, fr_ldap_connection_t *pconn, char const *reqiod, struct berval *reqdata); diff --git a/src/lib/ldap/connection.c b/src/lib/ldap/connection.c index 4000c1dfda2..90576c0031b 100644 --- a/src/lib/ldap/connection.c +++ b/src/lib/ldap/connection.c @@ -696,7 +696,7 @@ static void ldap_trunk_request_mux(UNUSED fr_event_list_t *el, trunk_connection_ case LDAP_REQUEST_MODIFY: /* - * This query is an LDAP modification + * Send a request to modify an object */ POPULATE_LDAP_CONTROLS(our_serverctrls, query->serverctrls); POPULATE_LDAP_CONTROLS(our_clientctrls, query->clientctrls); @@ -706,6 +706,18 @@ static void ldap_trunk_request_mux(UNUSED fr_event_list_t *el, trunk_connection_ our_serverctrls, our_clientctrls); break; + case LDAP_REQUEST_DELETE: + /* + * Send a request to delete an object + */ + POPULATE_LDAP_CONTROLS(our_serverctrls, query->serverctrls); + POPULATE_LDAP_CONTROLS(our_clientctrls, query->clientctrls); + + status = fr_ldap_delete_async(&query->msgid, query->treq->request, + ldap_conn, query->dn, + our_serverctrls, our_clientctrls); + break; + case LDAP_REQUEST_EXTENDED: /* * This query is an LDAP extended operation.