1 /* modrdn.c - bdb backend modrdn routine */
4 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
23 struct berval *newrdn,
24 struct berval *nnewrdn,
26 struct berval *newSuperior,
27 struct berval *nnewSuperior )
29 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
30 AttributeDescription *children = slap_schema.si_ad_children;
31 struct berval p_dn, p_ndn;
32 struct berval new_dn = {0, NULL}, new_ndn = {0, NULL};
38 char textbuf[SLAP_TEXT_BUFLEN];
39 size_t textlen = sizeof textbuf;
41 struct bdb_op_info opinfo;
45 LDAPRDN *new_rdn = NULL;
46 LDAPRDN *old_rdn = NULL;
48 Entry *np = NULL; /* newSuperior Entry */
49 struct berval *np_dn = NULL; /* newSuperior dn */
50 struct berval *np_ndn = NULL; /* newSuperior ndn */
51 struct berval *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
53 /* Used to interface with bdb_modify_internal() */
54 Modifications *mod = NULL; /* Used to delete old rdn */
56 int manageDSAit = get_manageDSAit( op );
58 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
59 dn->bv_val, newrdn->bv_val,
60 newSuperior ? newSuperior->bv_val : "NULL" );
63 if( newSuperior != NULL ) {
64 rc = LDAP_UNWILLING_TO_PERFORM;
65 text = "newSuperior not implemented (yet)";
71 retry: /* transaction retry */
73 bdb_cache_delete_entry(&bdb->bi_cache, e);
74 bdb_cache_return_entry_w(&bdb->bi_cache, e);
77 bdb_cache_return_entry_r(&bdb->bi_cache, p);
80 bdb_cache_return_entry_r(&bdb->bi_cache, np);
82 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn: retrying...\n", 0, 0, 0 );
83 rc = TXN_ABORT( ltid );
88 text = "internal error";
91 ldap_pvt_thread_yield();
94 /* begin transaction */
95 rc = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
99 Debug( LDAP_DEBUG_TRACE,
100 "bdb_delete: txn_begin failed: %s (%d)\n",
101 db_strerror(rc), rc, 0 );
103 text = "internal error";
108 opinfo.boi_txn = ltid;
110 op->o_private = &opinfo;
113 rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, 0 );
119 case DB_LOCK_DEADLOCK:
120 case DB_LOCK_NOTGRANTED:
124 text = "internal error";
129 char* matched_dn = NULL;
132 if( matched != NULL ) {
133 matched_dn = ch_strdup( matched->e_dn );
134 refs = is_entry_referral( matched )
135 ? get_entry_referrals( be, conn, op, matched )
137 bdb_cache_return_entry_r( &bdb->bi_cache, matched );
141 refs = referral_rewrite( default_referral,
142 NULL, dn, LDAP_SCOPE_DEFAULT );
145 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
146 matched_dn, NULL, refs, NULL );
148 ber_bvarray_free( refs );
154 if (!manageDSAit && is_entry_referral( e ) ) {
155 /* parent is a referral, don't allow add */
156 /* parent is an alias, don't allow add */
157 BerVarray refs = get_entry_referrals( be,
160 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry %s is referral\n",
163 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
164 e->e_dn, NULL, refs, NULL );
166 ber_bvarray_free( refs );
170 if ( be_issuffix( be, &e->e_nname ) ) {
171 p_ndn = slap_empty_bv;
173 dnParent( &e->e_nname, &p_ndn );
176 if ( p_ndn.bv_len != 0 ) {
177 /* Make sure parent entry exist and we can write its
180 rc = bdb_dn2entry_r( be, ltid, &p_ndn, &p, NULL, 0 );
186 case DB_LOCK_DEADLOCK:
187 case DB_LOCK_NOTGRANTED:
191 text = "internal error";
196 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
202 /* check parent for "children" acl */
203 if ( ! access_allowed( be, conn, op, p,
204 children, NULL, ACL_WRITE, NULL ) )
206 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
208 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
209 NULL, NULL, NULL, NULL );
213 Debug( LDAP_DEBUG_TRACE,
214 "bdb_modrdn: wr to children of entry %s OK\n",
215 p_ndn.bv_val, 0, 0 );
217 if ( p_ndn.bv_val == slap_empty_bv.bv_val ) {
218 p_dn = slap_empty_bv;
220 dnParent( &e->e_name, &p_dn );
223 Debug( LDAP_DEBUG_TRACE,
224 "bdb_modrdn: parent dn=%s\n",
228 /* no parent, modrdn entry directly under root */
229 isroot = be_isroot( be, &op->o_ndn );
231 if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
232 || be_isupdate( be, &op->o_ndn ) ) {
234 p = (Entry *)&slap_entry_root;
236 /* check parent for "children" acl */
237 rc = access_allowed( be, conn, op, p,
238 children, NULL, ACL_WRITE, NULL );
244 Debug( LDAP_DEBUG_TRACE,
245 "no access to parent\n",
247 send_ldap_result( conn, op,
248 LDAP_INSUFFICIENT_ACCESS,
249 NULL, NULL, NULL, NULL );
253 Debug( LDAP_DEBUG_TRACE,
254 "bdb_modrdn: wr to children of entry \"\" OK\n",
260 Debug( LDAP_DEBUG_TRACE,
261 "bdb_modrdn: parent dn=\"\"\n",
265 Debug( LDAP_DEBUG_TRACE,
266 "bdb_modrdn: no parent, not root "
267 "& \"\" is not suffix\n",
269 rc = LDAP_INSUFFICIENT_ACCESS;
275 new_parent_dn = &p_dn; /* New Parent unless newSuperior given */
277 if ( newSuperior != NULL ) {
278 Debug( LDAP_DEBUG_TRACE,
279 "bdb_modrdn: new parent \"%s\" requested...\n",
280 newSuperior->bv_val, 0, 0 );
282 if ( newSuperior->bv_len ) {
284 np_ndn = nnewSuperior;
286 /* newSuperior == oldParent?, if so ==> ERROR */
287 /* newSuperior == entry being moved?, if so ==> ERROR */
288 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
290 rc = bdb_dn2entry_r( be, ltid, nnewSuperior, &np, NULL, 0 );
296 case DB_LOCK_DEADLOCK:
297 case DB_LOCK_NOTGRANTED:
301 text = "internal error";
306 Debug( LDAP_DEBUG_TRACE,
307 "bdb_modrdn: newSup(ndn=%s) not here!\n",
308 np_ndn->bv_val, 0, 0);
313 Debug( LDAP_DEBUG_TRACE,
314 "bdb_modrdn: wr to new parent OK np=%p, id=%ld\n",
315 np, (long) np->e_id, 0 );
317 /* check newSuperior for "children" acl */
318 if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE, NULL ) ) {
319 Debug( LDAP_DEBUG_TRACE,
320 "bdb_modrdn: no wr to newSup children\n",
322 rc = LDAP_INSUFFICIENT_ACCESS;
327 if ( is_entry_alias( np ) ) {
328 /* parent is an alias, don't allow add */
329 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
332 rc = LDAP_ALIAS_PROBLEM;
337 if ( is_entry_referral( np ) ) {
338 /* parent is a referral, don't allow add */
339 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
342 rc = LDAP_OPERATIONS_ERROR;
347 if ( isroot == -1 ) {
348 isroot = be_isroot( be, &op->o_ndn );
353 /* no parent, modrdn entry directly under root */
355 if ( be_issuffix( be, (struct berval *)&slap_empty_bv )
356 || be_isupdate( be, &op->o_ndn ) ) {
357 np = (Entry *)&slap_entry_root;
359 /* check parent for "children" acl */
360 rc = access_allowed( be, conn, op, np,
361 children, NULL, ACL_WRITE, NULL );
367 Debug( LDAP_DEBUG_TRACE,
368 "no access to new superior\n",
370 send_ldap_result( conn, op,
371 LDAP_INSUFFICIENT_ACCESS,
372 NULL, NULL, NULL, NULL );
376 Debug( LDAP_DEBUG_TRACE,
377 "bdb_modrdn: wr to children of entry \"\" OK\n",
381 Debug( LDAP_DEBUG_TRACE,
382 "bdb_modrdn: new superior=\"\", not root "
383 "& \"\" is not suffix\n",
385 rc = LDAP_INSUFFICIENT_ACCESS;
390 Debug( LDAP_DEBUG_TRACE,
391 "bdb_modrdn: new superior=\"\"\n",
395 Debug( LDAP_DEBUG_TRACE,
396 "bdb_modrdn: wr to new parent's children OK\n",
399 new_parent_dn = np_dn;
402 /* Build target dn and make sure target entry doesn't exist already. */
403 build_new_dn( &new_dn, new_parent_dn, newrdn );
405 dnNormalize2( NULL, &new_dn, &new_ndn );
407 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new ndn=%s\n",
408 new_ndn.bv_val, 0, 0 );
410 rc = bdb_dn2id ( be, ltid, &new_ndn, &id );
412 case DB_LOCK_DEADLOCK:
413 case DB_LOCK_NOTGRANTED:
418 rc = LDAP_ALREADY_EXISTS;
422 text = "internal error";
426 Debug( LDAP_DEBUG_TRACE,
427 "bdb_modrdn: new ndn=%s does not exist\n",
428 new_ndn.bv_val, 0, 0 );
430 /* Get attribute type and attribute value of our new rdn, we will
431 * need to add that to our new entry
433 if ( ldap_str2rdn( newrdn->bv_val, &new_rdn, (char **)&text,
434 LDAP_DN_FORMAT_LDAP ) )
436 Debug( LDAP_DEBUG_TRACE,
437 "bdb_modrdn: can't figure out type(s)/values(s) "
438 "of newrdn\n", 0, 0, 0 );
439 rc = LDAP_OPERATIONS_ERROR;
440 text = "unknown type(s) used in RDN";
444 Debug( LDAP_DEBUG_TRACE,
445 "bdb_modrdn: new_rdn_type=\"%s\", new_rdn_val=\"%s\"\n",
446 new_rdn[0][0]->la_attr.bv_val, new_rdn[0][0]->la_value.bv_val, 0 );
448 if ( ldap_str2rdn( dn->bv_val, &old_rdn, (char **)&text,
449 LDAP_DN_FORMAT_LDAP ) )
451 Debug( LDAP_DEBUG_TRACE,
452 "bdb_back_modrdn: can't figure out the old_rdn "
453 "type(s)/value(s)\n", 0, 0, 0 );
455 text = "cannot parse RDN from old DN";
460 if ( newSuperior == NULL
461 && charray_strcasecmp( ( const char ** )old_rdn_types,
462 ( const char ** )new_rdn_types ) != 0 ) {
463 /* Not a big deal but we may say something */
464 Debug( LDAP_DEBUG_TRACE,
465 "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s "
467 old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 );
471 /* Add new attribute values to the entry */
472 for ( a_cnt = 0; new_rdn[0][ a_cnt ]; a_cnt++ ) {
474 AttributeDescription *desc = NULL;
475 Modifications *mod_tmp;
477 rc = slap_bv2ad( &new_rdn[0][ a_cnt ]->la_attr, &desc, &text );
479 if ( rc != LDAP_SUCCESS ) {
480 Debug( LDAP_DEBUG_TRACE,
481 "bdb_modrdn: %s: %s (new)\n",
482 text, new_rdn[0][ a_cnt ]->la_attr.bv_val, 0 );
486 /* ACL check of newly added attrs */
487 if ( !access_allowed( be, conn, op, e, desc,
488 &new_rdn[0][ a_cnt ]->la_value, ACL_WRITE, NULL ) ) {
489 Debug( LDAP_DEBUG_TRACE,
490 "bdb_modrdn: access to attr \"%s\" "
491 "(new) not allowed\n",
492 new_rdn[0][ a_cnt ]->la_attr.bv_val, 0, 0 );
493 rc = LDAP_INSUFFICIENT_ACCESS;
497 /* Apply modification */
498 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications )
499 + 2 * sizeof( struct berval ) );
500 mod_tmp->sml_desc = desc;
501 mod_tmp->sml_bvalues = ( BerVarray )( mod_tmp + 1 );
502 mod_tmp->sml_bvalues[ 0 ] = new_rdn[0][ a_cnt ]->la_value;
503 mod_tmp->sml_bvalues[ 1 ].bv_val = NULL;
504 mod_tmp->sml_op = SLAP_MOD_SOFTADD;
505 mod_tmp->sml_next = mod;
509 /* Remove old rdn value if required */
510 if ( deleteoldrdn ) {
511 /* Get value of old rdn */
512 if ( old_rdn == NULL) {
513 Debug( LDAP_DEBUG_TRACE,
514 "bdb_modrdn: can't figure out old RDN value(s) "
515 "from old RDN\n", 0, 0, 0 );
517 text = "could not parse value(s) from old RDN";
521 for ( d_cnt = 0; old_rdn[0][ d_cnt ]; d_cnt++ ) {
523 AttributeDescription *desc = NULL;
524 Modifications *mod_tmp;
526 rc = slap_bv2ad( &old_rdn[0][ d_cnt ]->la_attr,
529 if ( rc != LDAP_SUCCESS ) {
530 Debug( LDAP_DEBUG_TRACE,
531 "bdb_modrdn: %s: %s (old)\n",
532 text, old_rdn[0][ d_cnt ]->la_attr.bv_val, 0 );
536 /* ACL check of newly added attrs */
537 if ( !access_allowed( be, conn, op, e, desc,
538 &old_rdn[0][d_cnt]->la_value, ACL_WRITE, NULL ) ) {
539 Debug( LDAP_DEBUG_TRACE,
540 "bdb_modrdn: access to attr \"%s\" "
541 "(old) not allowed\n",
542 old_rdn[0][ d_cnt ]->la_attr.bv_val, 0, 0 );
543 rc = LDAP_INSUFFICIENT_ACCESS;
547 /* Apply modification */
548 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications )
549 + 2 * sizeof ( struct berval ) );
550 mod_tmp->sml_desc = desc;
551 mod_tmp->sml_bvalues = ( BerVarray )(mod_tmp+1);
552 mod_tmp->sml_bvalues[ 0 ] = old_rdn[0][ d_cnt ]->la_value;
553 mod_tmp->sml_bvalues[ 1 ].bv_val = NULL;
554 mod_tmp->sml_op = LDAP_MOD_DELETE;
555 mod_tmp->sml_next = mod;
561 rc = bdb_dn2id_delete( be, ltid, p_ndn.bv_val, e );
564 case DB_LOCK_DEADLOCK:
565 case DB_LOCK_NOTGRANTED:
569 text = "DN index delete fail";
573 (void) bdb_cache_delete_entry(&bdb->bi_cache, e);
575 /* Binary format uses a single contiguous block, cannot
576 * free individual fields. Leave new_dn/new_ndn set so
577 * they can be individually freed later.
580 e->e_nname = new_ndn;
582 new_dn.bv_val = NULL;
583 new_ndn.bv_val = NULL;
586 rc = bdb_dn2id_add( be, ltid, np_ndn, e );
589 case DB_LOCK_DEADLOCK:
590 case DB_LOCK_NOTGRANTED:
594 text = "DN index add failed";
599 rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
600 &text, textbuf, textlen );
602 if( rc != LDAP_SUCCESS ) {
604 case DB_LOCK_DEADLOCK:
605 case DB_LOCK_NOTGRANTED:
612 rc = bdb_id2entry_update( be, ltid, e );
615 case DB_LOCK_DEADLOCK:
616 case DB_LOCK_NOTGRANTED:
620 text = "entry update failed";
625 if(( rc=TXN_ABORT( ltid )) != 0 ) {
626 text = "txn_abort (no-op) failed";
632 char gid[DB_XIDDATASIZE];
634 snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx",
635 bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid );
637 if(( rc=TXN_PREPARE( ltid, gid )) != 0 ) {
638 text = "txn_prepare failed";
640 if( bdb_cache_update_entry(&bdb->bi_cache, e) == -1 ) {
641 if(( rc=TXN_ABORT( ltid )) != 0 ) {
642 text ="cache update & txn_abort failed";
645 text = "cache update failed";
649 if(( rc=TXN_COMMIT( ltid, 0 )) != 0 ) {
650 text = "txn_commit failed";
659 op->o_private = NULL;
661 if( rc == LDAP_SUCCESS ) {
662 Debug(LDAP_DEBUG_TRACE,
663 "bdb_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n",
664 op->o_noop ? " (no-op)" : "", e->e_id, e->e_dn );
666 bdb_cache_entry_commit( e );
669 Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n",
670 text, db_strerror(rc), rc );
675 send_ldap_result( conn, op, rc,
676 NULL, text, NULL, NULL );
678 if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
679 ldap_pvt_thread_yield();
680 TXN_CHECKPOINT( bdb->bi_dbenv,
681 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
685 if( new_dn.bv_val != NULL ) free( new_dn.bv_val );
686 if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val );
688 /* LDAP v2 supporting correct attribute handling. */
689 if( new_rdn != NULL ) ldap_rdnfree( new_rdn );
690 if( old_rdn != NULL ) ldap_rdnfree( old_rdn );
693 for (; mod; mod=tmp ) {
699 /* LDAP v3 Support */
701 /* free new parent and reader lock */
702 bdb_cache_return_entry_r(&bdb->bi_cache, np);
706 /* free parent and reader lock */
707 bdb_cache_return_entry_r(&bdb->bi_cache, p);
712 bdb_cache_return_entry_w( &bdb->bi_cache, e );
717 op->o_private = NULL;