1 /* add.c - ldap BerkeleyDB back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2000-2011 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
20 #include <ac/string.h>
25 bdb_add(Operation *op, SlapReply *rs )
27 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
29 Entry *p = NULL, *oe = op->ora_e;
31 char textbuf[SLAP_TEXT_BUFLEN];
32 size_t textlen = sizeof textbuf;
33 AttributeDescription *children = slap_schema.si_ad_children;
34 AttributeDescription *entry = slap_schema.si_ad_entry;
35 DB_TXN *ltid = NULL, *lt2;
37 struct bdb_op_info opinfo = {{{ 0 }}};
44 LDAPControl **postread_ctrl = NULL;
45 LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS];
52 Debug(LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(bdb_add) ": %s\n",
53 op->ora_e->e_name.bv_val, 0, 0);
57 /* acquire connection lock */
58 ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
59 if( op->o_conn->c_txn == CONN_TXN_INACTIVE ) {
60 rs->sr_text = "invalid transaction identifier";
61 rs->sr_err = LDAP_X_TXN_ID_INVALID;
63 } else if( op->o_conn->c_txn == CONN_TXN_SETTLE ) {
68 if( op->o_conn->c_txn_backend == NULL ) {
69 op->o_conn->c_txn_backend = op->o_bd;
71 } else if( op->o_conn->c_txn_backend != op->o_bd ) {
72 rs->sr_text = "transaction cannot span multiple database contexts";
73 rs->sr_err = LDAP_AFFECTS_MULTIPLE_DSAS;
77 /* insert operation into transaction */
79 rs->sr_text = "transaction specified";
80 rs->sr_err = LDAP_X_TXN_SPECIFY_OKAY;
83 /* release connection lock */
84 ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
87 send_ldap_result( op, rs );
95 /* check entry's schema */
96 rs->sr_err = entry_schema_check( op, op->ora_e, NULL,
97 get_relax(op), 1, NULL, &rs->sr_text, textbuf, textlen );
98 if ( rs->sr_err != LDAP_SUCCESS ) {
99 Debug( LDAP_DEBUG_TRACE,
100 LDAP_XSTRING(bdb_add) ": entry failed schema check: "
101 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
105 /* add opattrs to shadow as well, only missing attrs will actually
106 * be added; helps compatibility with older OL versions */
107 rs->sr_err = slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
108 if ( rs->sr_err != LDAP_SUCCESS ) {
109 Debug( LDAP_DEBUG_TRACE,
110 LDAP_XSTRING(bdb_add) ": entry failed op attrs add: "
111 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
115 if ( get_assert( op ) &&
116 ( test_filter( op, op->ora_e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
118 rs->sr_err = LDAP_ASSERTION_FAILED;
122 subentry = is_entry_subentry( op->ora_e );
125 retry: /* transaction retry */
127 /* free parent and reader lock */
128 if ( p != (Entry *)&slap_entry_root ) {
129 bdb_unlocked_cache_return_entry_r( bdb, p );
133 rs->sr_err = TXN_ABORT( ltid );
135 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
136 opinfo.boi_oe.oe_key = NULL;
137 op->o_do_not_cache = opinfo.boi_acl_cache;
138 if( rs->sr_err != 0 ) {
139 rs->sr_err = LDAP_OTHER;
140 rs->sr_text = "internal error";
143 if ( op->o_abandon ) {
144 rs->sr_err = SLAPD_ABANDON;
147 bdb_trans_backoff( ++num_retries );
150 /* begin transaction */
151 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
152 bdb->bi_db_opflags );
154 if( rs->sr_err != 0 ) {
155 Debug( LDAP_DEBUG_TRACE,
156 LDAP_XSTRING(bdb_add) ": txn_begin failed: %s (%d)\n",
157 db_strerror(rs->sr_err), rs->sr_err, 0 );
158 rs->sr_err = LDAP_OTHER;
159 rs->sr_text = "internal error";
163 opinfo.boi_oe.oe_key = bdb;
164 opinfo.boi_txn = ltid;
166 opinfo.boi_acl_cache = op->o_do_not_cache;
167 LDAP_SLIST_INSERT_HEAD( &op->o_extra, &opinfo.boi_oe, oe_next );
170 * Get the parent dn and see if the corresponding entry exists.
172 if ( be_issuffix( op->o_bd, &op->ora_e->e_nname ) ) {
175 dnParent( &op->ora_e->e_nname, &pdn );
178 /* get entry or parent */
179 rs->sr_err = bdb_dn2entry( op, ltid, &op->ora_e->e_nname, &ei,
181 switch( rs->sr_err ) {
183 rs->sr_err = LDAP_ALREADY_EXISTS;
187 case DB_LOCK_DEADLOCK:
188 case DB_LOCK_NOTGRANTED:
191 rs->sr_text = "ldap server busy";
194 rs->sr_err = LDAP_OTHER;
195 rs->sr_text = "internal error";
201 p = (Entry *)&slap_entry_root;
203 if ( !bvmatch( &pdn, &p->e_nname ) ) {
204 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
206 rs->sr_ref = is_entry_referral( p )
207 ? get_entry_referrals( op, p )
209 if ( p != (Entry *)&slap_entry_root )
210 bdb_unlocked_cache_return_entry_r( bdb, p );
212 Debug( LDAP_DEBUG_TRACE,
213 LDAP_XSTRING(bdb_add) ": parent "
214 "does not exist\n", 0, 0, 0 );
216 rs->sr_err = LDAP_REFERRAL;
217 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
221 rs->sr_err = access_allowed( op, p,
222 children, NULL, ACL_WADD, NULL );
224 if ( ! rs->sr_err ) {
225 switch( opinfo.boi_err ) {
226 case DB_LOCK_DEADLOCK:
227 case DB_LOCK_NOTGRANTED:
231 if ( p != (Entry *)&slap_entry_root )
232 bdb_unlocked_cache_return_entry_r( bdb, p );
235 Debug( LDAP_DEBUG_TRACE,
236 LDAP_XSTRING(bdb_add) ": no write access to parent\n",
238 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
239 rs->sr_text = "no write access to parent";
240 goto return_results;;
243 if ( p != (Entry *)&slap_entry_root ) {
244 if ( is_entry_subentry( p ) ) {
245 bdb_unlocked_cache_return_entry_r( bdb, p );
247 /* parent is a subentry, don't allow add */
248 Debug( LDAP_DEBUG_TRACE,
249 LDAP_XSTRING(bdb_add) ": parent is subentry\n",
251 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
252 rs->sr_text = "parent is a subentry";
253 goto return_results;;
256 if ( is_entry_alias( p ) ) {
257 bdb_unlocked_cache_return_entry_r( bdb, p );
259 /* parent is an alias, don't allow add */
260 Debug( LDAP_DEBUG_TRACE,
261 LDAP_XSTRING(bdb_add) ": parent is alias\n",
263 rs->sr_err = LDAP_ALIAS_PROBLEM;
264 rs->sr_text = "parent is an alias";
265 goto return_results;;
268 if ( is_entry_referral( p ) ) {
269 /* parent is a referral, don't allow add */
270 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
272 rs->sr_ref = get_entry_referrals( op, p );
273 bdb_unlocked_cache_return_entry_r( bdb, p );
275 Debug( LDAP_DEBUG_TRACE,
276 LDAP_XSTRING(bdb_add) ": parent is referral\n",
279 rs->sr_err = LDAP_REFERRAL;
280 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
288 /* parent must be an administrative point of the required kind */
291 /* free parent and reader lock */
292 if ( p != (Entry *)&slap_entry_root ) {
293 if ( p->e_nname.bv_len ) {
296 /* ITS#5326: use parent's DN if differs from provided one */
297 dnParent( &op->ora_e->e_name, &ppdn );
298 if ( !dn_match( &p->e_name, &ppdn ) ) {
302 dnRdn( &op->ora_e->e_name, &rdn );
304 build_new_dn( &newdn, &p->e_name, &rdn, NULL );
305 if ( op->ora_e->e_name.bv_val != op->o_req_dn.bv_val )
306 ber_memfree( op->ora_e->e_name.bv_val );
307 op->ora_e->e_name = newdn;
309 /* FIXME: should check whether
310 * dnNormalize(newdn) == e->e_nname ... */
314 bdb_unlocked_cache_return_entry_r( bdb, p );
318 rs->sr_err = access_allowed( op, op->ora_e,
319 entry, NULL, ACL_WADD, NULL );
321 if ( ! rs->sr_err ) {
322 switch( opinfo.boi_err ) {
323 case DB_LOCK_DEADLOCK:
324 case DB_LOCK_NOTGRANTED:
328 Debug( LDAP_DEBUG_TRACE,
329 LDAP_XSTRING(bdb_add) ": no write access to entry\n",
331 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
332 rs->sr_text = "no write access to entry";
333 goto return_results;;
337 * Check ACL for attribute write access
339 if (!acl_check_modlist(op, oe, op->ora_modlist)) {
340 switch( opinfo.boi_err ) {
341 case DB_LOCK_DEADLOCK:
342 case DB_LOCK_NOTGRANTED:
346 Debug( LDAP_DEBUG_TRACE,
347 LDAP_XSTRING(bdb_add) ": no write access to attribute\n",
349 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
350 rs->sr_text = "no write access to attribute";
351 goto return_results;;
355 rs->sr_err = bdb_next_id( op->o_bd, &eid );
356 if( rs->sr_err != 0 ) {
357 Debug( LDAP_DEBUG_TRACE,
358 LDAP_XSTRING(bdb_add) ": next_id failed (%d)\n",
360 rs->sr_err = LDAP_OTHER;
361 rs->sr_text = "internal error";
364 op->ora_e->e_id = eid;
367 /* nested transaction */
368 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, <2,
369 bdb->bi_db_opflags );
371 if( rs->sr_err != 0 ) {
372 Debug( LDAP_DEBUG_TRACE,
373 LDAP_XSTRING(bdb_add) ": txn_begin(2) failed: "
374 "%s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
375 rs->sr_err = LDAP_OTHER;
376 rs->sr_text = "internal error";
381 rs->sr_err = bdb_dn2id_add( op, lt2, ei, op->ora_e );
382 if ( rs->sr_err != 0 ) {
383 Debug( LDAP_DEBUG_TRACE,
384 LDAP_XSTRING(bdb_add) ": dn2id_add failed: %s (%d)\n",
385 db_strerror(rs->sr_err), rs->sr_err, 0 );
387 switch( rs->sr_err ) {
388 case DB_LOCK_DEADLOCK:
389 case DB_LOCK_NOTGRANTED:
392 rs->sr_err = LDAP_ALREADY_EXISTS;
395 rs->sr_err = LDAP_OTHER;
400 /* attribute indexes */
401 rs->sr_err = bdb_index_entry_add( op, lt2, op->ora_e );
402 if ( rs->sr_err != LDAP_SUCCESS ) {
403 Debug( LDAP_DEBUG_TRACE,
404 LDAP_XSTRING(bdb_add) ": index_entry_add failed\n",
406 switch( rs->sr_err ) {
407 case DB_LOCK_DEADLOCK:
408 case DB_LOCK_NOTGRANTED:
411 rs->sr_err = LDAP_OTHER;
413 rs->sr_text = "index generation failed";
418 rs->sr_err = bdb_id2entry_add( op->o_bd, lt2, op->ora_e );
419 if ( rs->sr_err != 0 ) {
420 Debug( LDAP_DEBUG_TRACE,
421 LDAP_XSTRING(bdb_add) ": id2entry_add failed\n",
423 switch( rs->sr_err ) {
424 case DB_LOCK_DEADLOCK:
425 case DB_LOCK_NOTGRANTED:
428 rs->sr_err = LDAP_OTHER;
430 rs->sr_text = "entry store failed";
434 if ( TXN_COMMIT( lt2, 0 ) != 0 ) {
435 rs->sr_err = LDAP_OTHER;
436 rs->sr_text = "txn_commit(2) failed";
441 if( op->o_postread ) {
442 if( postread_ctrl == NULL ) {
443 postread_ctrl = &ctrls[num_ctrls++];
444 ctrls[num_ctrls] = NULL;
446 if ( slap_read_controls( op, rs, op->ora_e,
447 &slap_post_read_bv, postread_ctrl ) )
449 Debug( LDAP_DEBUG_TRACE,
450 "<=- " LDAP_XSTRING(bdb_add) ": post-read "
451 "failed!\n", 0, 0, 0 );
452 if ( op->o_postread & SLAP_CONTROL_CRITICAL ) {
453 /* FIXME: is it correct to abort
454 * operation if control fails? */
461 if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
462 rs->sr_text = "txn_abort (no-op) failed";
464 rs->sr_err = LDAP_X_NO_OPERATION;
472 /* pick the RDN if not suffix; otherwise pick the entire DN */
474 nrdn.bv_val = op->ora_e->e_nname.bv_val;
475 nrdn.bv_len = pdn.bv_val - op->ora_e->e_nname.bv_val - 1;
477 nrdn = op->ora_e->e_nname;
480 bdb_cache_add( bdb, ei, op->ora_e, &nrdn, ltid, &lock );
482 if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
483 rs->sr_text = "txn_commit failed";
485 rs->sr_err = LDAP_SUCCESS;
490 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
491 opinfo.boi_oe.oe_key = NULL;
493 if ( rs->sr_err != LDAP_SUCCESS ) {
494 Debug( LDAP_DEBUG_TRACE,
495 LDAP_XSTRING(bdb_add) ": %s : %s (%d)\n",
496 rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
497 rs->sr_err = LDAP_OTHER;
501 Debug(LDAP_DEBUG_TRACE,
502 LDAP_XSTRING(bdb_add) ": added%s id=%08lx dn=\"%s\"\n",
503 op->o_noop ? " (no-op)" : "",
504 op->ora_e->e_id, op->ora_e->e_dn );
507 if( num_ctrls ) rs->sr_ctrls = ctrls;
510 success = rs->sr_err;
511 send_ldap_result( op, rs );
516 if ( opinfo.boi_oe.oe_key ) {
517 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
520 if( success == LDAP_SUCCESS ) {
521 /* We own the entry now, and it can be purged at will
522 * Check to make sure it's the same entry we entered with.
523 * Possibly a callback may have mucked with it, although
524 * in general callbacks should treat the entry as read-only.
526 bdb_cache_deref( oe->e_private );
527 if ( op->ora_e == oe )
530 if ( bdb->bi_txn_cp_kbyte ) {
531 TXN_CHECKPOINT( bdb->bi_dbenv,
532 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
536 slap_graduate_commit_csn( op );
538 if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) {
539 slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx );
540 slap_sl_free( *postread_ctrl, op->o_tmpmemctx );
projects / openldap / blob