1 /* add.c - ldap BerkeleyDB back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2000-2014 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
20 #include <ac/string.h>
25 bdb_add(Operation *op, SlapReply *rs )
27 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
29 Entry *p = NULL, *oe = op->ora_e;
31 char textbuf[SLAP_TEXT_BUFLEN];
32 size_t textlen = sizeof textbuf;
33 AttributeDescription *children = slap_schema.si_ad_children;
34 AttributeDescription *entry = slap_schema.si_ad_entry;
35 DB_TXN *ltid = NULL, *lt2;
37 struct bdb_op_info opinfo = {{{ 0 }}};
44 LDAPControl **postread_ctrl = NULL;
45 LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS];
48 Debug(LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(bdb_add) ": %s\n",
49 op->ora_e->e_name.bv_val, 0, 0);
52 if( op->o_txnSpec && txn_preop( op, rs ))
58 /* check entry's schema */
59 rs->sr_err = entry_schema_check( op, op->ora_e, NULL,
60 get_relax(op), 1, NULL, &rs->sr_text, textbuf, textlen );
61 if ( rs->sr_err != LDAP_SUCCESS ) {
62 Debug( LDAP_DEBUG_TRACE,
63 LDAP_XSTRING(bdb_add) ": entry failed schema check: "
64 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
68 /* add opattrs to shadow as well, only missing attrs will actually
69 * be added; helps compatibility with older OL versions */
70 rs->sr_err = slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
71 if ( rs->sr_err != LDAP_SUCCESS ) {
72 Debug( LDAP_DEBUG_TRACE,
73 LDAP_XSTRING(bdb_add) ": entry failed op attrs add: "
74 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
78 if ( get_assert( op ) &&
79 ( test_filter( op, op->ora_e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
81 rs->sr_err = LDAP_ASSERTION_FAILED;
85 subentry = is_entry_subentry( op->ora_e );
88 retry: /* transaction retry */
90 /* free parent and reader lock */
91 if ( p != (Entry *)&slap_entry_root ) {
92 bdb_unlocked_cache_return_entry_r( bdb, p );
96 rs->sr_err = TXN_ABORT( ltid );
98 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
99 opinfo.boi_oe.oe_key = NULL;
100 op->o_do_not_cache = opinfo.boi_acl_cache;
101 if( rs->sr_err != 0 ) {
102 rs->sr_err = LDAP_OTHER;
103 rs->sr_text = "internal error";
106 if ( op->o_abandon ) {
107 rs->sr_err = SLAPD_ABANDON;
110 bdb_trans_backoff( ++num_retries );
113 /* begin transaction */
114 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
115 bdb->bi_db_opflags );
117 if( rs->sr_err != 0 ) {
118 Debug( LDAP_DEBUG_TRACE,
119 LDAP_XSTRING(bdb_add) ": txn_begin failed: %s (%d)\n",
120 db_strerror(rs->sr_err), rs->sr_err, 0 );
121 rs->sr_err = LDAP_OTHER;
122 rs->sr_text = "internal error";
125 Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_add) ": txn1 id: %x\n",
126 ltid->id(ltid), 0, 0 );
128 opinfo.boi_oe.oe_key = bdb;
129 opinfo.boi_txn = ltid;
131 opinfo.boi_acl_cache = op->o_do_not_cache;
132 LDAP_SLIST_INSERT_HEAD( &op->o_extra, &opinfo.boi_oe, oe_next );
135 * Get the parent dn and see if the corresponding entry exists.
137 if ( be_issuffix( op->o_bd, &op->ora_e->e_nname ) ) {
140 dnParent( &op->ora_e->e_nname, &pdn );
143 /* get entry or parent */
144 rs->sr_err = bdb_dn2entry( op, ltid, &op->ora_e->e_nname, &ei,
146 switch( rs->sr_err ) {
148 rs->sr_err = LDAP_ALREADY_EXISTS;
152 case DB_LOCK_DEADLOCK:
153 case DB_LOCK_NOTGRANTED:
156 rs->sr_text = "ldap server busy";
159 rs->sr_err = LDAP_OTHER;
160 rs->sr_text = "internal error";
166 p = (Entry *)&slap_entry_root;
168 if ( !bvmatch( &pdn, &p->e_nname ) ) {
169 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
171 rs->sr_ref = is_entry_referral( p )
172 ? get_entry_referrals( op, p )
174 if ( p != (Entry *)&slap_entry_root )
175 bdb_unlocked_cache_return_entry_r( bdb, p );
177 Debug( LDAP_DEBUG_TRACE,
178 LDAP_XSTRING(bdb_add) ": parent "
179 "does not exist\n", 0, 0, 0 );
181 rs->sr_err = LDAP_REFERRAL;
182 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
186 rs->sr_err = access_allowed( op, p,
187 children, NULL, ACL_WADD, NULL );
189 if ( ! rs->sr_err ) {
190 switch( opinfo.boi_err ) {
191 case DB_LOCK_DEADLOCK:
192 case DB_LOCK_NOTGRANTED:
196 if ( p != (Entry *)&slap_entry_root )
197 bdb_unlocked_cache_return_entry_r( bdb, p );
200 Debug( LDAP_DEBUG_TRACE,
201 LDAP_XSTRING(bdb_add) ": no write access to parent\n",
203 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
204 rs->sr_text = "no write access to parent";
205 goto return_results;;
208 if ( p != (Entry *)&slap_entry_root ) {
209 if ( is_entry_subentry( p ) ) {
210 bdb_unlocked_cache_return_entry_r( bdb, p );
212 /* parent is a subentry, don't allow add */
213 Debug( LDAP_DEBUG_TRACE,
214 LDAP_XSTRING(bdb_add) ": parent is subentry\n",
216 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
217 rs->sr_text = "parent is a subentry";
218 goto return_results;;
221 if ( is_entry_alias( p ) ) {
222 bdb_unlocked_cache_return_entry_r( bdb, p );
224 /* parent is an alias, don't allow add */
225 Debug( LDAP_DEBUG_TRACE,
226 LDAP_XSTRING(bdb_add) ": parent is alias\n",
228 rs->sr_err = LDAP_ALIAS_PROBLEM;
229 rs->sr_text = "parent is an alias";
230 goto return_results;;
233 if ( is_entry_referral( p ) ) {
234 /* parent is a referral, don't allow add */
235 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
237 rs->sr_ref = get_entry_referrals( op, p );
238 bdb_unlocked_cache_return_entry_r( bdb, p );
240 Debug( LDAP_DEBUG_TRACE,
241 LDAP_XSTRING(bdb_add) ": parent is referral\n",
244 rs->sr_err = LDAP_REFERRAL;
245 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
253 /* parent must be an administrative point of the required kind */
256 /* free parent and reader lock */
257 if ( p != (Entry *)&slap_entry_root ) {
258 if ( p->e_nname.bv_len ) {
261 /* ITS#5326: use parent's DN if differs from provided one */
262 dnParent( &op->ora_e->e_name, &ppdn );
263 if ( !dn_match( &p->e_name, &ppdn ) ) {
267 dnRdn( &op->ora_e->e_name, &rdn );
269 build_new_dn( &newdn, &p->e_name, &rdn, NULL );
270 if ( op->ora_e->e_name.bv_val != op->o_req_dn.bv_val )
271 ber_memfree( op->ora_e->e_name.bv_val );
272 op->ora_e->e_name = newdn;
274 /* FIXME: should check whether
275 * dnNormalize(newdn) == e->e_nname ... */
279 bdb_unlocked_cache_return_entry_r( bdb, p );
283 rs->sr_err = access_allowed( op, op->ora_e,
284 entry, NULL, ACL_WADD, NULL );
286 if ( ! rs->sr_err ) {
287 switch( opinfo.boi_err ) {
288 case DB_LOCK_DEADLOCK:
289 case DB_LOCK_NOTGRANTED:
293 Debug( LDAP_DEBUG_TRACE,
294 LDAP_XSTRING(bdb_add) ": no write access to entry\n",
296 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
297 rs->sr_text = "no write access to entry";
298 goto return_results;;
302 * Check ACL for attribute write access
304 if (!acl_check_modlist(op, oe, op->ora_modlist)) {
305 switch( opinfo.boi_err ) {
306 case DB_LOCK_DEADLOCK:
307 case DB_LOCK_NOTGRANTED:
311 Debug( LDAP_DEBUG_TRACE,
312 LDAP_XSTRING(bdb_add) ": no write access to attribute\n",
314 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
315 rs->sr_text = "no write access to attribute";
316 goto return_results;;
320 rs->sr_err = bdb_next_id( op->o_bd, &eid );
321 if( rs->sr_err != 0 ) {
322 Debug( LDAP_DEBUG_TRACE,
323 LDAP_XSTRING(bdb_add) ": next_id failed (%d)\n",
325 rs->sr_err = LDAP_OTHER;
326 rs->sr_text = "internal error";
329 op->ora_e->e_id = eid;
332 /* nested transaction */
333 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, <2,
334 bdb->bi_db_opflags );
336 if( rs->sr_err != 0 ) {
337 Debug( LDAP_DEBUG_TRACE,
338 LDAP_XSTRING(bdb_add) ": txn_begin(2) failed: "
339 "%s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
340 rs->sr_err = LDAP_OTHER;
341 rs->sr_text = "internal error";
344 Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_add) ": txn2 id: %x\n",
345 lt2->id(lt2), 0, 0 );
348 rs->sr_err = bdb_dn2id_add( op, lt2, ei, op->ora_e );
349 if ( rs->sr_err != 0 ) {
350 Debug( LDAP_DEBUG_TRACE,
351 LDAP_XSTRING(bdb_add) ": dn2id_add failed: %s (%d)\n",
352 db_strerror(rs->sr_err), rs->sr_err, 0 );
354 switch( rs->sr_err ) {
355 case DB_LOCK_DEADLOCK:
356 case DB_LOCK_NOTGRANTED:
359 rs->sr_err = LDAP_ALREADY_EXISTS;
362 rs->sr_err = LDAP_OTHER;
367 /* attribute indexes */
368 rs->sr_err = bdb_index_entry_add( op, lt2, op->ora_e );
369 if ( rs->sr_err != LDAP_SUCCESS ) {
370 Debug( LDAP_DEBUG_TRACE,
371 LDAP_XSTRING(bdb_add) ": index_entry_add failed\n",
373 switch( rs->sr_err ) {
374 case DB_LOCK_DEADLOCK:
375 case DB_LOCK_NOTGRANTED:
378 rs->sr_err = LDAP_OTHER;
380 rs->sr_text = "index generation failed";
385 rs->sr_err = bdb_id2entry_add( op->o_bd, lt2, op->ora_e );
386 if ( rs->sr_err != 0 ) {
387 Debug( LDAP_DEBUG_TRACE,
388 LDAP_XSTRING(bdb_add) ": id2entry_add failed\n",
390 switch( rs->sr_err ) {
391 case DB_LOCK_DEADLOCK:
392 case DB_LOCK_NOTGRANTED:
395 rs->sr_err = LDAP_OTHER;
397 rs->sr_text = "entry store failed";
401 if ( TXN_COMMIT( lt2, 0 ) != 0 ) {
402 rs->sr_err = LDAP_OTHER;
403 rs->sr_text = "txn_commit(2) failed";
408 if( op->o_postread ) {
409 if( postread_ctrl == NULL ) {
410 postread_ctrl = &ctrls[num_ctrls++];
411 ctrls[num_ctrls] = NULL;
413 if ( slap_read_controls( op, rs, op->ora_e,
414 &slap_post_read_bv, postread_ctrl ) )
416 Debug( LDAP_DEBUG_TRACE,
417 "<=- " LDAP_XSTRING(bdb_add) ": post-read "
418 "failed!\n", 0, 0, 0 );
419 if ( op->o_postread & SLAP_CONTROL_CRITICAL ) {
420 /* FIXME: is it correct to abort
421 * operation if control fails? */
428 if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
429 rs->sr_text = "txn_abort (no-op) failed";
431 rs->sr_err = LDAP_X_NO_OPERATION;
439 /* pick the RDN if not suffix; otherwise pick the entire DN */
441 nrdn.bv_val = op->ora_e->e_nname.bv_val;
442 nrdn.bv_len = pdn.bv_val - op->ora_e->e_nname.bv_val - 1;
444 nrdn = op->ora_e->e_nname;
447 bdb_cache_add( bdb, ei, op->ora_e, &nrdn, ltid, &lock );
449 if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
450 rs->sr_text = "txn_commit failed";
452 rs->sr_err = LDAP_SUCCESS;
457 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
458 opinfo.boi_oe.oe_key = NULL;
460 if ( rs->sr_err != LDAP_SUCCESS ) {
461 Debug( LDAP_DEBUG_TRACE,
462 LDAP_XSTRING(bdb_add) ": %s : %s (%d)\n",
463 rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
464 rs->sr_err = LDAP_OTHER;
468 Debug(LDAP_DEBUG_TRACE,
469 LDAP_XSTRING(bdb_add) ": added%s id=%08lx dn=\"%s\"\n",
470 op->o_noop ? " (no-op)" : "",
471 op->ora_e->e_id, op->ora_e->e_dn );
474 if( num_ctrls ) rs->sr_ctrls = ctrls;
477 success = rs->sr_err;
478 send_ldap_result( op, rs );
483 if ( opinfo.boi_oe.oe_key ) {
484 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
487 if( success == LDAP_SUCCESS ) {
488 /* We own the entry now, and it can be purged at will
489 * Check to make sure it's the same entry we entered with.
490 * Possibly a callback may have mucked with it, although
491 * in general callbacks should treat the entry as read-only.
493 bdb_cache_deref( oe->e_private );
494 if ( op->ora_e == oe )
497 if ( bdb->bi_txn_cp_kbyte ) {
498 TXN_CHECKPOINT( bdb->bi_dbenv,
499 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
503 slap_graduate_commit_csn( op );
505 if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) {
506 slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx );
507 slap_sl_free( *postread_ctrl, op->o_tmpmemctx );