git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/modrdn.c

   1 /* modrdn.c - ldbm backend modrdn routine */
   2
   3 #include "portable.h"
   4
   5 #include <stdio.h>
   6
   7 #include <ac/string.h>
   8 #include <ac/socket.h>
   9
  10 #include "slap.h"
  11 #include "back-ldbm.h"
  12 #include "proto-back-ldbm.h"
  13
  14 int
  15 ldbm_back_modrdn(
  16     Backend     *be,
  17     Connection  *conn,
  18     Operation   *op,
  19     char        *dn,
  20     char        *newrdn,
  21     int         deleteoldrdn
  22 )
  23 {
  24         struct ldbminfo *li = (struct ldbminfo *) be->be_private;
  25         char            *matched = NULL;
  26         char            *pdn = NULL, *newdn = NULL;
  27         char            sep[2];
  28         Entry           *e, *p = NULL;
  29         int                     rootlock = 0;
  30         int                     rc = -1;
  31
  32         /* get entry with writer lock */
  33         if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) {
  34                 send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, "" );
  35                 if ( matched != NULL ) {
  36                         free( matched );
  37                 }
  38                 return( -1 );
  39         }
  40
  41 #ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
  42                 /* check parent for "children" acl */
  43         if ( ! access_allowed( be, conn, op, e, "entry", NULL,
  44                 op->o_dn, ACL_WRITE ) )
  45         {
  46                 Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
  47                         0, 0 );
  48                 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
  49                         "", "" );
  50                 goto return_results;
  51         }
  52 #endif
  53
  54         if ( (pdn = dn_parent( be, dn )) != NULL ) {
  55                 /* parent + rdn + separator(s) + null */
  56                 if( (p = dn2entry_w( be, pdn, &matched )) == NULL) {
  57                         Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
  58                                 0, 0, 0);
  59                         send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
  60                                 "", "");
  61                         goto return_results;
  62                 }
  63
  64 #ifndef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
  65                 /* check parent for "children" acl */
  66                 if ( ! access_allowed( be, conn, op, p, "children", NULL,
  67                         op->o_dn, ACL_WRITE ) )
  68                 {
  69                         Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
  70                                 0, 0 );
  71                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
  72                                 "", "" );
  73                         goto return_results;
  74                 }
  75 #endif
  76
  77                 newdn = (char *) ch_malloc( strlen( pdn ) + strlen( newrdn )
  78                     + 3 );
  79                 if ( dn_type( dn ) == DN_X500 ) {
  80                         strcpy( newdn, newrdn );
  81                         strcat( newdn, ", " );
  82                         strcat( newdn, pdn );
  83                 } else {
  84                         char *s;
  85                         strcpy( newdn, newrdn );
  86                         s = strchr( newrdn, '\0' );
  87                         s--;
  88                         if ( *s != '.' && *s != '@' ) {
  89                                 if ( (s = strpbrk( dn, ".@" )) != NULL ) {
  90                                         sep[0] = *s;
  91                                         sep[1] = '\0';
  92                                         strcat( newdn, sep );
  93                                 }
  94                         }
  95                         strcat( newdn, pdn );
  96                 }
  97         } else {
  98                 /* no parent, modrdn entry directly under root */
  99                 if( ! be_isroot( be, op->o_dn ) ) {
 100                         Debug( LDAP_DEBUG_TRACE, "no parent & not root\n",
 101                                 0, 0, 0);
 102                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 103                                 "", "");
 104                         goto return_results;
 105                 }
 106
 107                 pthread_mutex_lock(&li->li_root_mutex);
 108                 rootlock = 1;
 109
 110                 newdn = ch_strdup( newrdn );
 111         }
 112
 113         (void) dn_normalize( newdn );
 114
 115         if ( (dn2id ( be, newdn ) ) != NOID ) {
 116                 send_ldap_result( conn, op, LDAP_ALREADY_EXISTS, NULL, NULL );
 117                 goto return_results;
 118         }
 119
 120         /* check for abandon */
 121         pthread_mutex_lock( &op->o_abandonmutex );
 122         if ( op->o_abandon ) {
 123                 pthread_mutex_unlock( &op->o_abandonmutex );
 124                 goto return_results;
 125         }
 126         pthread_mutex_unlock( &op->o_abandonmutex );
 127
 128         /* add new one */
 129         if ( dn2id_add( be, newdn, e->e_id ) != 0 ) {
 130                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
 131                 goto return_results;
 132         }
 133
 134         /* delete old one */
 135         if ( dn2id_delete( be, dn ) != 0 ) {
 136                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
 137                 goto return_results;
 138         }
 139
 140         (void) cache_delete_entry( &li->li_cache, e );
 141         free( e->e_dn );
 142         e->e_dn = newdn;
 143
 144         /* XXX
 145          * At some point here we need to update the attribute values in
 146          * the entry itself that were effected by this RDN change
 147          * (respecting the value of the deleteoldrdn parameter).
 148          *
 149          * Since the code to do this has not yet been written, treat this
 150          * omission as a (documented) bug.
 151          */
 152
 153         /* id2entry index */
 154         if ( id2entry_add( be, e ) != 0 ) {
 155                 entry_free( e );
 156                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, "", "" );
 157                 goto return_results;
 158         }
 159
 160         send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
 161         rc = 0;
 162
 163 return_results:
 164         if( newdn != NULL ) free( newdn );
 165         if( pdn != NULL ) free( pdn );
 166         if( matched != NULL ) free( matched );
 167
 168         if( p != NULL ) {
 169                 /* free parent and writer lock */
 170                 cache_return_entry_w( &li->li_cache, p );
 171
 172         } else if ( rootlock ) {
 173                 /* release root writer lock */
 174                 pthread_mutex_unlock(&li->li_root_mutex);
 175         }
 176
 177         /* free entry and writer lock */
 178         cache_return_entry_w( &li->li_cache, e );
 179         return( rc );
 180 }