DataMuseum.dk

Presents historical artifacts from the history of:

DKUUG/EUUG Conference tapes

This is an automatic "excavation" of a thematic subset of
artifacts from Datamuseum.dk's BitArchive.

See our Wiki for more about DKUUG/EUUG Conference tapes

Excavated with: AutoArchaeologist - Free & Open Source Software. 

top - metrics - download
Index: T d

⟦ab4cf927b⟧ TextFile

    Length: 8794 (0x225a)
    Types: TextFile
    Names: »ds_read.c«

Derivation

└─⟦2d1937cfd⟧ Bits:30007241 EUUGD22: P.P 5.0
    └─⟦35176feda⟧ »EurOpenD22/isode/isode-6.tar.Z« 
        └─⟦de7628f85⟧ 
            └─⟦this⟧ »isode-6.0/quipu/ds_read.c«

TextFile

/* ds_read.c - */

#ifndef lint
static char *rcsid = "$Header: /f/osi/quipu/RCS/ds_read.c,v 7.0 89/11/23 22:17:14 mrose Rel $";
#endif

/*
 * $Header: /f/osi/quipu/RCS/ds_read.c,v 7.0 89/11/23 22:17:14 mrose Rel $
 *
 *
 * $Log:	ds_read.c,v $
 * Revision 7.0  89/11/23  22:17:14  mrose
 * Release 6.0
 * 
 */

/*
 *                                NOTICE
 *
 *    Acquisition, use, and distribution of this module and related
 *    materials are subject to the restrictions of a license agreement.
 *    Consult the Preface in the User's Manual for the full terms of
 *    this agreement.
 *
 */


#include "quipu/util.h"
#include "quipu/entry.h"
#include "quipu/read.h"

extern LLog * log_dsap;

extern int encode_DAS_ReadArgumentData();
Attr_Sequence eis_select ();
static cant_use_cache();
static as_find_oid();
static attribute_not_cached ();
extern AttributeType at_control;

do_ds_read (arg, error, result, binddn, target, di_p, dsp, quipu_ctx)
    struct ds_read_arg          *arg;
    struct ds_read_result       *result;
    struct DSError              *error;
    DN                          binddn;
    DN                          target;
    struct di_block		**di_p;
    char 			dsp;
    char 			quipu_ctx;
{
Entry  entryptr;
int retval;

	DLOG (log_dsap,LLOG_TRACE,("ds_read"));

	if (!dsp)
		target = arg->rda_object;

	(void) dn_decode (target);

	if (!dsp && dsa_read_control(arg,result))
		return (DS_OK);

	if (target == NULLDN) {
		/* can't read from the root */
		error->dse_type = DSE_NAMEERROR;
		error->ERR_NAME.DSE_na_problem = DSE_NA_NOSUCHOBJECT;
		error->ERR_NAME.DSE_na_matched = NULLDN;
		return (DS_ERROR_REMOTE);
	}

	switch(find_entry(target,&(arg->rda_common),binddn,NULLDNSEQ,FALSE,&(entryptr), error, di_p))
	{
	case DS_OK:
	    /* Filled out entryptr - carry on */
	    break;
	case DS_CONTINUE:
	    /* Filled out di_p - what do we do with it ?? */
	    return(DS_CONTINUE);

	case DS_X500_ERROR:
	    /* Filled out error - what do we do with it ?? */
	    return(DS_X500_ERROR);
	default:
	    /* SCREAM */
	    LLOG(log_dsap, LLOG_EXCEPTIONS, ("do_ds_read() - find_entry failed"));
	    return(DS_ERROR_LOCAL);
	}

	/* entry has got a full list of attributes,  eventually
	   select one required */
	if (check_acl (dsp ? NULLDN : binddn,ACL_READ,entryptr->e_acl->ac_entry, target) == NOTOK) {
		if (dsp && (check_acl (binddn,ACL_READ,entryptr->e_acl->ac_entry, target) == OK)) {
			error->dse_type = DSE_SECURITYERROR;
			error->ERR_SECURITY.DSE_sc_problem = DSE_SC_AUTHENTICATION;
			return (DS_ERROR_REMOTE);
		} else {
			error->dse_type = DSE_SECURITYERROR;
			error->ERR_SECURITY.DSE_sc_problem = DSE_SC_ACCESSRIGHTS;
			return (DS_ERROR_REMOTE);
		}
	}

	/* Strong authentication  */
	if ((retval = check_security_parms((caddr_t) arg,
			encode_DAS_ReadArgumentData,
			arg->rda_common.ca_security,
			arg->rda_common.ca_sig, &binddn)) != 0)
	{
		error->dse_type = DSE_SECURITYERROR;
		error->ERR_SECURITY.DSE_sc_problem = retval;
		return (DS_ERROR_REMOTE);
	}

	if (cant_use_cache (entryptr,binddn,arg->rda_eis,target))
		return (referral_dsa_info(target,NULLDNSEQ,FALSE,entryptr,error,di_p, 
				arg->rda_common.ca_servicecontrol.svc_options & SVC_OPT_PREFERCHAIN));

	if (dsp && (eis_check (arg->rda_eis,entryptr, binddn) != OK)) {
		/* Can only send public things over DSP - but user is entitled to more */
		error->dse_type = DSE_SECURITYERROR;
		error->ERR_SECURITY.DSE_sc_problem = DSE_SC_AUTHENTICATION;
		return (DS_ERROR_REMOTE);
	}
		
	if ((result->rdr_entry.ent_attr = eis_select (arg->rda_eis,entryptr, dsp ? NULLDN : binddn, quipu_ctx)) == NULLATTR)
		if (! arg->rda_eis.eis_allattributes) {
			error->dse_type = DSE_ATTRIBUTEERROR;
                        error->ERR_ATTRIBUTE.DSE_at_name = get_copy_dn (entryptr);
                        error->ERR_ATTRIBUTE.DSE_at_plist.DSE_at_what =DSE_AT_NOSUCHATTRIBUTE;
			if (arg->rda_eis.eis_select != NULLATTR)
	                        error->ERR_ATTRIBUTE.DSE_at_plist.DSE_at_type = AttrT_cpy(&arg->rda_eis.eis_select->attr_type);
			else
	                        error->ERR_ATTRIBUTE.DSE_at_plist.DSE_at_type = NULLAttrT;
                        error->ERR_ATTRIBUTE.DSE_at_plist.DSE_at_value = NULLAttrV;
                        error->ERR_ATTRIBUTE.DSE_at_plist.dse_at_next = DSE_AT_NOPROBLEM;
			return (DS_ERROR_REMOTE);
		}

	result->rdr_entry.ent_dn = get_copy_dn (entryptr);

	result->rdr_entry.ent_iscopy = entryptr->e_data;
	result->rdr_entry.ent_age = (time_t) 0;
	result->rdr_entry.ent_next = NULLENTRYINFO;
	result->rdr_common.cr_requestor = NULLDN;
	/* if no error and NOT SVC_OPT_DONTDEREFERENCEALIASES then */
	/* the alias will have been derefeferenced -signified by   */
	/* NO_ERROR !!! */
	result->rdr_common.cr_aliasdereferenced = (error->dse_type == DSE_NOERROR) ? FALSE : TRUE;
	return (DS_OK);

}

static cant_use_cache (ptr,dn,eis,target)
Entry ptr;
DN dn;
EntryInfoSelection eis;
DN target;
{
register Attr_Sequence as;
char dfltacl = FALSE;

	if (dn == NULLDN) 
		return FALSE;

	if ((ptr->e_data == E_DATA_MASTER) || (ptr->e_data == E_TYPE_SLAVE))
		return FALSE;

	/* see if more than cached data is required */	

	if (eis.eis_allattributes) {
		struct acl_attr * aa;
		struct oid_seq * oidptr;
		/* look for attr acl */
		/* see if any attributes use can see */

		if (check_acl (NULLDN,ACL_READ,ptr->e_acl->ac_default,target) == NOTOK) 
			if (check_acl (dn,ACL_READ,ptr->e_acl->ac_default,target) == OK) 
				return TRUE;

		if (ptr->e_acl->ac_attributes == NULLACL_ATTR)
			return FALSE;

		for ( aa = ptr->e_acl->ac_attributes; aa!=NULLACL_ATTR; aa=aa->aa_next)
			for ( oidptr=aa->aa_types;oidptr != NULLOIDSEQ; oidptr=oidptr->oid_next)
				/* The attribute is in the attribute ACL list */
				/* Would a referral help the DUA ? */
				if (check_acl (NULLDN,ACL_READ,aa->aa_acl,target) == NOTOK) 
					if (check_acl (dn,ACL_READ,aa->aa_acl,target) == OK) 
						return TRUE;

	} else {
		/* for each attribute in eis.eis_select, see is user
		   entitled to it. */
 		(void) as_decode (eis.eis_select);

		if (check_acl (NULLDN,ACL_READ,ptr->e_acl->ac_default,target) == NOTOK) 
			if (check_acl (dn,ACL_READ,ptr->e_acl->ac_default,target) == OK) 
				dfltacl = TRUE;

		for(as=eis.eis_select; as != NULLATTR; as=as->attr_link) {
			if (as_find_type (ptr->e_attributes, &as->attr_type) == NULLATTR) 
				if (attribute_not_cached (ptr,dn,grab_oid(&as->attr_type),target,ACL_READ,dfltacl))
					return TRUE;

		}
	}
	return FALSE;
}

static attribute_not_cached (ptr,dn,at,target,level,dfltacl)
Entry ptr;
DN dn;
OID at;
DN target;
int level;
char dfltacl;
{
register struct acl_attr * aa;
register struct oid_seq * oidptr;

	/* see if more than cached data is required */	
	if (ptr->e_acl->ac_attributes == NULLACL_ATTR)
		return (dfltacl);

	for ( aa = ptr->e_acl->ac_attributes; aa!=NULLACL_ATTR; aa=aa->aa_next)
		for ( oidptr=aa->aa_types;oidptr != NULLOIDSEQ; oidptr=oidptr->oid_next)
			if (oid_cmp (oidptr->oid_oid,at) == 0) {
				/* The attribute is in the attribute ACL list */
				/* Would a referral help the DUA ? */
				if (check_acl (NULLDN,level,aa->aa_acl,target) == NOTOK) 
					if (check_acl (dn,level,aa->aa_acl,target) == OK) 
						return TRUE;
				return FALSE;
			}	
	return (dfltacl);

}


static Attr_Sequence  dsa_control_info()
{
extern int slave_edbs;
extern int master_edbs;
extern int local_master_size;
extern int local_slave_size;
extern int local_cache_size;
char buffer [LINESIZE];
Attr_Sequence as;

	(void) sprintf (buffer,"%d Master entries (in %d EDBs), %d Slave entries (in %d EDBs), %d Cached entries",
		local_master_size,master_edbs,local_slave_size,slave_edbs,local_cache_size);

	as=as_comp_alloc();
	as->attr_acl = NULLACL_INFO;
	as->attr_type.at_oid = NULLOID;
	as->attr_type.at_table = at_control->at_table;
	as->attr_link = NULLATTR;
        if ((as->attr_value = str2avs (buffer,&as->attr_type)) == NULLAV) {
                as_free (as);
                return (NULLATTR);
	}

	return (as);
}

dsa_read_control (arg,result)
    struct ds_read_arg          *arg;
    struct ds_read_result       *result;
{
extern DN mydsadn;

	if ((arg->rda_eis.eis_allattributes) || 
		(arg->rda_eis.eis_infotypes == EIS_ATTRIBUTETYPESONLY))
		return FALSE;

	if (arg->rda_eis.eis_select->attr_link != NULLATTR)
		return FALSE;

	if (AttrT_cmp (at_control,&arg->rda_eis.eis_select->attr_type) != 0)
		return FALSE;

	if ((result->rdr_entry.ent_attr = dsa_control_info()) == NULLATTR)
		return FALSE;

	/* Fiddle DN - for DUA caching !!! */
	result->rdr_entry.ent_dn = dn_cpy (mydsadn);

	result->rdr_entry.ent_iscopy = FALSE;
	result->rdr_entry.ent_age = (time_t) 0;
	result->rdr_entry.ent_next = NULLENTRYINFO;
	result->rdr_common.cr_requestor = NULLDN;
	result->rdr_common.cr_aliasdereferenced = FALSE;

	return TRUE;
}