summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile.am1
-rw-r--r--configure.ac6
-rw-r--r--doc/design.txt66
-rw-r--r--src/Makefile.am24
4 files changed, 59 insertions, 38 deletions
diff --git a/Makefile.am b/Makefile.am
index af437a6..0806892 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1 +1,2 @@
+EXTRA_DIST = STATUS doc/*.txt
SUBDIRS = src
diff --git a/configure.ac b/configure.ac
index 8fd6239..05003d1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -64,7 +64,13 @@ dirsrv)
AC_ERROR([<slapi-plugin.h> not found])
fi
AC_DEFINE(USE_PTHREADS,1,[Define to use POSIX threading functions.])
+ saved_LIBS="$LIBS"
+ LIBS=
+ AC_CHECK_FUNC(pthread_create,,AC_CHECK_LIB(pthread,pthread_create))
+ LIBPTHREAD="$LIBS"
+ LIBS="$saved_LIBS"
esac
+AC_SUBST(LIBPTHREAD)
mylibdir=`eval echo "$libdir" | sed "s,NONE,${ac_default_prefix},g"`
mylibdir=`eval echo "$mylibdir" | sed "s,NONE,${ac_prefix},g"`
diff --git a/doc/design.txt b/doc/design.txt
index 41c8be1..e9c3e27 100644
--- a/doc/design.txt
+++ b/doc/design.txt
@@ -102,14 +102,14 @@ server has not yet dropped privileges, and the portmapper will not allow
registrations to unprivileged clients.) The plugin then starts a
listening thread to handle its clients.
-[The plugin listens for datagram queries from clients, processing them
- as they come in, as well as answering connections from clients.
- Because connected clients may not always transmit an entire request at
- once, and because the server may find itself unable to transmit an
- entire response at once, it buffers traffic for connected clients,
- multiplexing the work it does for all of its clients from inside of the
- thread.] The actual protocol datagram parsing is performed by libnsl,
- which is provided as a part of the C library.
+The plugin listens for datagram queries from clients, processing them
+as they come in, as well as answering connections from clients.
+Because connected clients may not always transmit an entire request at
+once, and because the server may find itself unable to transmit an
+entire response at once, it buffers traffic for connected clients,
+multiplexing the work it does for all of its clients from inside of the
+thread.] The actual protocol datagram parsing is performed by libnsl,
+which is provided as a part of the C library.
[Unless explicitly disabled in the module's configuration or in a
map's configuration, the local /etc/securenets file is consulted to
@@ -128,13 +128,7 @@ configurable via internal APIs -- the map cache itself has no forehand
knowledge of domain names, map names, or formats, as it merely models
data in the way that a NIS server might.
-[While currently the cache is implemented in a prototyping-friendly list
- of lists structure, I anticipate that searching through maps of larger
- than trivial size will be expensive enough that a better internal
- representation will need to be used. The main requirement from the NIS
- protocol-handler side is the ability to find a given key and/or the
- successor key for a given key, and their matching data items. The
- backend requires that the cache also be able to track one or more DNs
+[The backend requires that the cache also be able to track one or more DNs
which are relevant to the value which is being stored for a given key
in the map, so that it can be updated if a directory entry with that DN
is added, removed, modified, or renamed.]
@@ -155,8 +149,8 @@ cache. At startup time, it configures the map cache with the list of
domains and maps, and populates the maps with initial data. Using
postoperation plugin hooks, the backend interface also notes when
entries are added, modified, renamed (modrdn'd), or deleted from the
-directory server. It uses this information to [create or destroy maps in
-the map cache, and to] add, remove, or update entries in the map cache's
+directory server. It uses this information to create or destroy maps in
+the map cache, and to add, remove, or update entries in the map cache's
maps, thereby ensuring that the map cache always reflects the current
contents of the directory server.
@@ -167,16 +161,15 @@ plugin's entry, the backend checks for entries with these attributes:
* map
* base
* filter
- * key[Format]
- * value[Format]
+ * keyFormat
+ * valueFormat
The backend then instructs the map cache to prepare to hold a map in the
given domain with the given map name, and then performs a subtree search
under the specified base for entries which match the provided filter.
-Each found entry is then "added" to the map, using the value of the
-attribute named by the "key[Format]" as the key for the entry in the
-map, with the corresponding value in the map being the value of the
-attribute named by the "value" [being constructed using the format
-specifier given as the "valueFormat"].
+Each found entry is then "added" to the map, using the format specifier
+stored in "keyFormat" to construct the key for the entry in the map,
+with the corresponding value in the map being constructed using the
+format specifier given as the "valueFormat".
The "valueFormat" specifier resembles an RPM format specifier, and can
include the values of multiple attributes in any part of the specifier.
@@ -208,13 +201,18 @@ processes zero or more values of the "memberUid" attribute and
concatenates them together with a "," separator, to generate the list
of group members.
-[The filter, key, and value have sensible defaults for the maps which we
- expect to be using -- this is important because it's easy to subtly
- construct malformed result strings which could trigger undefined
- behavior on clients -- for example by leaving the user's numeric UID
- empty in a passwd entry, which may be treated as "0" by inattentive
- clients.]
-
-[The format specifier includes function-like invocations to allow the
- backend to be instructed to chase references to other entries, for
- example to handle flattening of nested groups or netgroups.]
+The filter, key, and value have sensible defaults for the maps which we
+expect to be using -- this is important because it's easy to subtly
+construct malformed result strings which could trigger undefined
+behavior on clients -- for example by leaving the user's numeric UID
+empty in a passwd entry, which may be treated as "0" by inattentive
+clients.
+
+The format specifier includes function-like invocations to allow the
+backend to be instructed to chase references to other entries, for
+example to handle flattening of nested groups or netgroups.
+
+A function-like invocation expects a comma-separated list of
+double-quoted arguments. and any arguments which contain a double-quote
+need to escape the double-quote using a '\' character -- this character
+itself also needs to be escaped whenever it appears.
diff --git a/src/Makefile.am b/src/Makefile.am
index 77179bb..27d9e74 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,27 +1,43 @@
AM_CFLAGS = $(RUNTIME_CFLAGS)
AM_LDFLAGS = -module -avoid-version -export-symbols-regex nis_plugin_init
+LIBPTHREAD = @LIBPTHREAD@
LIBWRAP = @LIBWRAP@
plugindir = $(libdir)/dirsrv/plugins
+dist_noinst_SCRIPTS = ypmaplist.py
plugin_LTLIBRARIES = nis-plugin.la
nis_plugin_la_SOURCES = \
backend.c \
+ backend.h \
+ defaults.c \
+ defaults.h \
dispatch.c \
+ dispatch.h \
format.c \
- defaults.c \
+ format.h \
map.c \
+ map.h \
nis.c \
+ nis.h \
plugin.c \
+ plugin.h \
portmap.c \
- wrap.c
-nis_plugin_la_LIBADD = $(RUNTIME_LIBS) $(LIBWRAP) -lnsl -lpthread
+ portmap.h \
+ wrap.c \
+ wrap.h
+nis_plugin_la_LIBADD = $(RUNTIME_LIBS) $(LIBWRAP) -lnsl $(LIBPTHREAD)
noinst_LTLIBRARIES = dummy-nis-plugin.la
dummy_nis_plugin_la_SOURCES = \
dispatch.c \
+ dispatch.h \
dummymap.c \
+ map.h \
nis.c \
+ nis.h \
plugin.c \
- portmap.c
+ plugin.h \
+ portmap.c \
+ portmap.h
dummy_nis_plugin_la_LIBADD = $(RUNTIME_LIBS) -lnsl -lpthread
generated by cgit (git 2.34.1) at 2024-05-18 02:25:54 +0000