1 /* modrdn.c - ldbm backend modrdn routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
9 * LDAP v3 newSuperior support. Add new rdn as an attribute.
10 * (Full support for v2 also used software/ideas contributed
11 * by Roy Hooper rhooper@cyberus.ca, thanks to him for his
14 * Copyright 1999, Juan C. Gomez, All rights reserved.
15 * This software is not subject to any license of Silicon Graphics
16 * Inc. or Purdue University.
18 * Redistribution and use in source and binary forms are permitted
19 * without restriction or fee of any kind as long as this notice
28 #include <ac/string.h>
29 #include <ac/socket.h>
32 #include "back-ldbm.h"
33 #include "proto-back-ldbm.h"
44 const char *newSuperior
47 AttributeDescription *children = slap_schema.si_ad_children;
48 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
49 char *p_dn = NULL, *p_ndn = NULL;
50 char *new_dn = NULL, *new_ndn = NULL;
55 const char *text = NULL;
56 char textbuf[SLAP_TEXT_BUFLEN];
57 size_t textlen = sizeof textbuf;
58 /* Added to support LDAP v2 correctly (deleteoldrdn thing) */
59 char *new_rdn_val = NULL; /* Val of new rdn */
60 char *new_rdn_type = NULL; /* Type of new rdn */
61 char *old_rdn = NULL; /* Old rdn's attr type & val */
62 char *old_rdn_type = NULL; /* Type of old rdn attr. */
63 char *old_rdn_val = NULL; /* Old rdn attribute value */
64 /* Added to support newSuperior */
65 Entry *np = NULL; /* newSuperior Entry */
66 char *np_dn = NULL; /* newSuperior dn */
67 char *np_ndn = NULL; /* newSuperior ndn */
68 char *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
69 /* Used to interface with ldbm_modify_internal() */
70 struct berval add_bv; /* Stores new rdn att */
71 struct berval *add_bvals[2]; /* Stores new rdn att */
72 struct berval del_bv; /* Stores old rdn att */
73 struct berval *del_bvals[2]; /* Stores old rdn att */
74 Modifications mod[2]; /* Used to delete old rdn */
75 int manageDSAit = get_manageDSAit( op );
78 LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
79 "ldbm_back_modrdn: dn: %s newSuperior=%s\n",
80 dn ? dn : "NULL", newSuperior ? newSuperior : "NULL" ));
82 Debug( LDAP_DEBUG_TRACE, "==>ldbm_back_modrdn(newSuperior=%s)\n",
83 (newSuperior ? newSuperior : "NULL"),
87 /* get entry with writer lock */
88 if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
89 char* matched_dn = NULL;
90 struct berval** refs = NULL;
92 if( matched != NULL ) {
93 matched_dn = strdup( matched->e_dn );
94 refs = is_entry_referral( matched )
95 ? get_entry_referrals( be, conn, op, matched )
97 cache_return_entry_r( &li->li_cache, matched );
99 refs = default_referral;
102 send_ldap_result( conn, op, LDAP_REFERRAL,
103 matched_dn, NULL, refs, NULL );
105 if ( matched != NULL ) {
106 ber_bvecfree( refs );
113 if (!manageDSAit && is_entry_referral( e ) ) {
114 /* parent is a referral, don't allow add */
115 /* parent is an alias, don't allow add */
116 struct berval **refs = get_entry_referrals( be,
120 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
121 "ldbm_back_modrdn: entry %s is a referral\n", e->e_dn ));
123 Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
127 send_ldap_result( conn, op, LDAP_REFERRAL,
128 e->e_dn, NULL, refs, NULL );
130 ber_bvecfree( refs );
134 if ( (p_ndn = dn_parent( be, e->e_ndn )) != NULL ) {
135 /* Make sure parent entry exist and we can write its
139 if( (p = dn2entry_w( be, p_ndn, NULL )) == NULL) {
141 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
142 "ldbm_back_modrdn: parent of %s does not exist\n", e->e_ndn ));
144 Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
148 send_ldap_result( conn, op, LDAP_OTHER,
149 NULL, NULL, NULL, NULL );
154 /* check parent for "children" acl */
155 if ( ! access_allowed( be, conn, op, p,
156 children, NULL, ACL_WRITE ) )
159 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
160 "ldbm_back_modrdn: no access to parent of (%s)\n", e->e_dn ));
162 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
166 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
167 NULL, NULL, NULL, NULL );
172 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
173 "ldbm_back_modrdn: wr to children of entry %s OK\n",
176 Debug( LDAP_DEBUG_TRACE,
177 "ldbm_back_modrdn: wr to children of entry %s OK\n",
181 p_dn = dn_parent( be, e->e_dn );
184 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
185 "ldbm_back_modrdn: parent dn=%s\n", p_dn ));
187 Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: parent dn=%s\n",
192 /* no parent, modrdn entry directly under root */
193 if( ! be_isroot( be, op->o_ndn ) ) {
195 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
196 "ldbm_back_modrdn: (%s) no parent & not a root.\n",
199 Debug( LDAP_DEBUG_TRACE, "no parent & not root\n",
203 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
204 NULL, NULL, NULL, NULL );
208 ldap_pvt_thread_mutex_lock(&li->li_root_mutex);
212 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
213 "ldbm_back_modrdn: (%s) no parent, locked root.\n", e->e_dn ));
215 Debug( LDAP_DEBUG_TRACE,
216 "ldbm_back_modrdn: no parent, locked root\n",
221 new_parent_dn = p_dn; /* New Parent unless newSuperior given */
223 if ( newSuperior != NULL ) {
225 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
226 "ldbm_back_modrdn: new parent \"%s\" requested\n", newSuperior ));
228 Debug( LDAP_DEBUG_TRACE,
229 "ldbm_back_modrdn: new parent \"%s\" requested...\n",
233 np_dn = ch_strdup( newSuperior );
234 np_ndn = ch_strdup( np_dn );
235 (void) dn_normalize( np_ndn );
237 /* newSuperior == oldParent? */
238 if ( strcmp( p_ndn, np_ndn ) == 0 ) {
240 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
241 "ldbm_back_modrdn: new parent\"%s\" seems to be the same as the old parent \"%s\"\n",
242 newSuperior, p_dn ));
244 Debug( LDAP_DEBUG_TRACE,
245 "ldbm_back_modrdn: new parent \"%s\" seems to be the same as old parent \"%s\"...\n",
246 newSuperior, p_dn, 0 );
249 newSuperior = NULL; /* ignore newSuperior */
253 if ( newSuperior != NULL ) {
254 /* newSuperior == entry being moved?, if so ==> ERROR */
255 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
257 if( (np = dn2entry_w( be, np_ndn, NULL )) == NULL) {
259 LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
260 "ldbm_back_modrdn: newSup(ndn=%s) not found.\n", np_ndn ));
262 Debug( LDAP_DEBUG_TRACE,
263 "ldbm_back_modrdn: newSup(ndn=%s) not here!\n",
267 send_ldap_result( conn, op, LDAP_OTHER,
268 NULL, NULL, NULL, NULL );
273 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
274 "ldbm_back_modrdn: wr to new parent OK np=%p, id=%ld\n",
277 Debug( LDAP_DEBUG_TRACE,
278 "ldbm_back_modrdn: wr to new parent OK np=%p, id=%ld\n",
282 /* check newSuperior for "children" acl */
283 if ( !access_allowed( be, conn, op, np, children, NULL,
287 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
288 "ldbm_back_modrdn: no wr to newSup children.\n" ));
290 Debug( LDAP_DEBUG_TRACE,
291 "ldbm_back_modrdn: no wr to newSup children\n",
295 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
296 NULL, NULL, NULL, NULL );
300 if ( is_entry_alias( np ) ) {
301 /* entry is an alias, don't allow bind */
303 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
304 "ldbm_back_modrdn: entry (%s) is an alias.\n", np->e_dn ));
306 Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0,
311 send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
312 NULL, NULL, NULL, NULL );
317 if ( is_entry_referral( np ) ) {
318 /* parent is a referral, don't allow add */
319 /* parent is an alias, don't allow add */
321 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
322 "ldbm_back_modrdn: entry (%s) is a referral\n",
325 Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
329 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
330 NULL, NULL, NULL, NULL );
336 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
337 "ldbm_back_modrdn: wr to new parent's children OK.\n" ));
339 Debug( LDAP_DEBUG_TRACE,
340 "ldbm_back_modrdn: wr to new parent's children OK\n",
344 new_parent_dn = np_dn;
347 /* Build target dn and make sure target entry doesn't exist already. */
348 build_new_dn( &new_dn, e->e_dn, new_parent_dn, newrdn );
350 new_ndn = ch_strdup(new_dn);
351 (void) dn_normalize( new_ndn );
354 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
355 "ldbm_back_modrdn: new ndn=%s\n", new_ndn ));
357 Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: new ndn=%s\n",
361 /* check for abandon */
362 ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
363 if ( op->o_abandon ) {
364 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
368 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
369 if (dn2id ( be, new_ndn ) != NOID) {
370 send_ldap_result( conn, op, LDAP_ALREADY_EXISTS,
371 NULL, NULL, NULL, NULL );
376 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
377 "ldbm_back_modrdn: new ndn (%s) does not exist\n", new_ndn ));
379 Debug( LDAP_DEBUG_TRACE,
380 "ldbm_back_modrdn: new ndn=%s does not exist\n",
384 /* Get attribute type and attribute value of our new rdn, we will
385 * need to add that to our new entry
387 if ( (new_rdn_type = rdn_attr_type( newrdn )) == NULL ) {
389 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
390 "ldbm_back_modrdn: can't figure out type of newrdn\n" ));
392 Debug( LDAP_DEBUG_TRACE,
393 "ldbm_back_modrdn: can't figure out type of newrdn\n",
397 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
398 NULL, "unknown type used in RDN", NULL, NULL );
402 if ( (new_rdn_val = rdn_attr_value( newrdn )) == NULL ) {
404 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
405 "ldbm_back_modrdn: can't figure out val of newrdn\n"));
407 Debug( LDAP_DEBUG_TRACE,
408 "ldbm_back_modrdn: can't figure out val of newrdn\n",
412 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
413 NULL, "could not parse RDN value", NULL, NULL );
418 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
419 "ldbm_back_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
420 new_rdn_val, new_rdn_type ));
422 Debug( LDAP_DEBUG_TRACE,
423 "ldbm_back_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
424 new_rdn_val, new_rdn_type, 0 );
427 /* Retrieve the old rdn from the entry's dn */
428 if ( (old_rdn = dn_rdn( be, dn )) == NULL ) {
430 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
431 "ldbm_back_modrdn: can't figure out old_rdn from dn (%s)\n",
434 Debug( LDAP_DEBUG_TRACE,
435 "ldbm_back_modrdn: can't figure out old_rdn from dn\n",
439 send_ldap_result( conn, op, LDAP_OTHER,
440 NULL, "could not parse old DN", NULL, NULL );
444 if ( (old_rdn_type = rdn_attr_type( old_rdn )) == NULL ) {
446 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
447 "ldbm_back_modrdn: can't figure out the old_rdn type.\n" ));
449 Debug( LDAP_DEBUG_TRACE,
450 "ldbm_back_modrdn: can't figure out the old_rdn type\n",
454 send_ldap_result( conn, op, LDAP_OTHER,
455 NULL, "count parse RDN from old DN", NULL, NULL );
459 if ( newSuperior == NULL
460 && strcasecmp( old_rdn_type, new_rdn_type ) != 0 )
462 /* Not a big deal but we may say something */
464 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
465 "ldbm_back_modrdn: old_rdn_type=%s new_rdn_type-%s\n",
466 old_rdn_type, new_rdn_type ));
468 Debug( LDAP_DEBUG_TRACE,
469 "ldbm_back_modrdn: old_rdn_type=%s, new_rdn_type=%s!\n",
470 old_rdn_type, new_rdn_type, 0 );
475 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
476 "ldbm_back_modrdn: DN_X500\n" ));
478 Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: DN_X500\n",
482 /* Add new attribute value to the entry.
485 add_bvals[0] = &add_bv; /* Array of bervals */
488 add_bv.bv_val = new_rdn_val;
489 add_bv.bv_len = strlen(new_rdn_val);
494 mod[0].sml_desc = NULL;
495 rc = slap_str2ad( new_rdn_type, &mod[0].sml_desc, &text );
497 if( rc != LDAP_SUCCESS ) {
499 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
500 "ldbm_back_modrdn: slap_str2ad error: %s (%s)\n",
501 text, new_rdn_type ));
503 Debug( LDAP_DEBUG_TRACE,
504 "ldbm_back_modrdn: %s: %s (new)\n",
505 text, new_rdn_type, 0 );
508 send_ldap_result( conn, op, rc,
509 NULL, text, NULL, NULL );
514 mod[0].sml_bvalues = add_bvals;
515 mod[0].sml_op = SLAP_MOD_SOFTADD;
516 mod[0].sml_next = NULL;
518 /* Remove old rdn value if required */
520 /* Get value of old rdn */
522 if ((old_rdn_val = rdn_attr_value( old_rdn )) == NULL) {
524 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
525 "ldbm_back_modrdn: can't figure out old_rdn_val from old_rdn\n" ));
527 Debug( LDAP_DEBUG_TRACE,
528 "ldbm_back_modrdn: can't figure out old_rdn_val from old_rdn\n",
532 send_ldap_result( conn, op, LDAP_OTHER,
533 NULL, "could not parse value from old RDN", NULL, NULL );
537 del_bvals[0] = &del_bv; /* Array of bervals */
540 /* Remove old value of rdn as an attribute. */
542 del_bv.bv_val = old_rdn_val;
543 del_bv.bv_len = strlen(old_rdn_val);
548 mod[1].sml_desc = NULL;
549 rc = slap_str2ad( old_rdn_type, &mod[1].sml_desc, &text );
551 if( rc != LDAP_SUCCESS ) {
553 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
554 "ldbm_back_modrdn: %s: %s (old)\n",
555 text, old_rdn_type ));
557 Debug( LDAP_DEBUG_TRACE,
558 "ldbm_back_modrdn: %s: %s (old)\n",
559 text, old_rdn_type, 0 );
562 send_ldap_result( conn, op, rc,
563 NULL, text, NULL, NULL );
568 mod[0].sml_next = &mod[1];
569 mod[1].sml_bvalues = del_bvals;
570 mod[1].sml_op = LDAP_MOD_DELETE;
571 mod[1].sml_next = NULL;
574 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
575 "ldbm_back_modrdn: removing old_rdn_val=%s\n", old_rdn_val ));
577 Debug( LDAP_DEBUG_TRACE,
578 "ldbm_back_modrdn: removing old_rdn_val=%s\n",
583 /* check for abandon */
584 ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
585 if ( op->o_abandon ) {
586 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
589 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
592 if ( dn2id_delete( be, e->e_ndn, e->e_id ) != 0 ) {
593 send_ldap_result( conn, op, LDAP_OTHER,
594 NULL, "DN index delete fail", NULL, NULL );
598 (void) cache_delete_entry( &li->li_cache, e );
600 /* XXX: there is no going back! */
610 if ( dn2id_add( be, e->e_ndn, e->e_id ) != 0 ) {
611 send_ldap_result( conn, op, LDAP_OTHER,
612 NULL, "DN index add failed", NULL, NULL );
616 /* modify memory copy of entry */
617 rc = ldbm_modify_internal( be, conn, op, dn, &mod[0], e,
618 &text, textbuf, textlen );
620 if( rc != LDAP_SUCCESS ) {
621 if( rc != SLAPD_ABANDON ) {
622 send_ldap_result( conn, op, rc,
623 NULL, text, NULL, NULL );
629 (void) cache_update_entry( &li->li_cache, e );
631 /* NOTE: after this you must not free new_dn or new_ndn!
632 * They are used by cache.
636 if ( id2entry_add( be, e ) != 0 ) {
638 send_ldap_result( conn, op, LDAP_OTHER,
639 NULL, "entry update failed", NULL, NULL );
643 send_ldap_result( conn, op, LDAP_SUCCESS,
644 NULL, NULL, NULL, NULL );
648 if( new_dn != NULL ) free( new_dn );
649 if( new_ndn != NULL ) free( new_ndn );
651 if( p_dn != NULL ) free( p_dn );
652 if( p_ndn != NULL ) free( p_ndn );
654 /* LDAP v2 supporting correct attribute handling. */
655 if( new_rdn_type != NULL ) free(new_rdn_type);
656 if( new_rdn_val != NULL ) free(new_rdn_val);
657 if( old_rdn != NULL ) free(old_rdn);
658 if( old_rdn_type != NULL ) free(old_rdn_type);
659 if( old_rdn_val != NULL ) free(old_rdn_val);
661 /* LDAP v3 Support */
662 if ( np_dn != NULL ) free( np_dn );
663 if ( np_ndn != NULL ) free( np_ndn );
666 /* free new parent and writer lock */
667 cache_return_entry_w( &li->li_cache, np );
671 /* free parent and writer lock */
672 cache_return_entry_w( &li->li_cache, p );
676 /* release root writer lock */
677 ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
680 /* free entry and writer lock */
681 cache_return_entry_w( &li->li_cache, e );
projects / openldap / blob