2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2009 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
15 /* Portions Copyright (c) 1995 Regents of the University of Michigan.
16 * All rights reserved.
18 * Redistribution and use in source and binary forms are permitted
19 * provided that this notice is preserved and that due credit is given
20 * to the University of Michigan at Ann Arbor. The name of the University
21 * may not be used to endorse or promote products derived from this
22 * software without specific prior written permission. This software
23 * is provided ``as is'' without express or implied warranty.
28 #include <ac/string.h>
45 Modification pmod = *mod;
47 switch ( mod->sm_op ) {
51 case LDAP_MOD_REPLACE:
59 /* FIXME: Catch old code that doesn't set sm_numvals.
61 if ( !BER_BVISNULL( &mod->sm_values[mod->sm_numvals] )) {
63 for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ );
64 assert( mod->sm_numvals == i );
67 /* check if values to add exist in attribute */
68 a = attr_find( e->e_attrs, mod->sm_desc );
75 mr = mod->sm_desc->ad_type->sat_equality;
76 if( mr == NULL || !mr->smr_match ) {
77 /* do not allow add of additional attribute
78 if no equality rule exists */
80 snprintf( textbuf, textlen,
81 "modify/%s: %s: no equality matching rule",
82 op, mod->sm_desc->ad_cname.bv_val );
83 return LDAP_INAPPROPRIATE_MATCHING;
88 pmod.sm_values = (BerVarray)ch_malloc(
89 (i + 1) * sizeof( struct berval ));
90 if ( pmod.sm_nvalues != NULL ) {
91 pmod.sm_nvalues = (BerVarray)ch_malloc(
92 (i + 1) * sizeof( struct berval ));
96 /* no normalization is done in this routine nor
97 * in the matching routines called by this routine.
98 * values are now normalized once on input to the
99 * server (whether from LDAP or from the underlying
102 if ( a->a_desc == slap_schema.si_ad_objectClass ) {
103 /* Needed by ITS#5517 */
104 flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX;
107 flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ASSERTION_SYNTAX;
109 if ( mod->sm_nvalues ) {
110 flags |= SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH |
111 SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH;
112 cvals = mod->sm_nvalues;
114 cvals = mod->sm_values;
116 for ( p = i = 0; i < mod->sm_numvals; i++ ) {
119 rc = attr_valfind( a, flags, &cvals[i], &slot, NULL );
120 if ( rc == LDAP_SUCCESS ) {
122 /* value already exists */
124 snprintf( textbuf, textlen,
125 "modify/%s: %s: value #%u already exists",
126 op, mod->sm_desc->ad_cname.bv_val, i );
127 return LDAP_TYPE_OR_VALUE_EXISTS;
129 } else if ( rc != LDAP_NO_SUCH_ATTRIBUTE ) {
133 if ( permissive && rc ) {
134 if ( pmod.sm_nvalues ) {
135 pmod.sm_nvalues[p] = mod->sm_nvalues[i];
137 pmod.sm_values[p++] = mod->sm_values[i];
143 /* all new values match exist */
144 ch_free( pmod.sm_values );
145 if ( pmod.sm_nvalues ) ch_free( pmod.sm_nvalues );
149 BER_BVZERO( &pmod.sm_values[p] );
150 if ( pmod.sm_nvalues ) {
151 BER_BVZERO( &pmod.sm_nvalues[p] );
157 if ( mod->sm_desc->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
158 rc = ordered_value_add( e, mod->sm_desc, a,
159 pmod.sm_values, pmod.sm_nvalues );
161 rc = attr_merge( e, mod->sm_desc, pmod.sm_values, pmod.sm_nvalues );
164 if ( a != NULL && permissive ) {
165 ch_free( pmod.sm_values );
166 if ( pmod.sm_nvalues ) ch_free( pmod.sm_nvalues );
170 /* this should return result of attr_merge */
172 snprintf( textbuf, textlen,
173 "modify/%s: %s: merge error (%d)",
174 op, mod->sm_desc->ad_cname.bv_val, rc );
182 modify_delete_values(
187 char *textbuf, size_t textlen )
189 return modify_delete_vindex( e, m, perm, text, textbuf, textlen, NULL );
193 modify_delete_vindex(
198 char *textbuf, size_t textlen,
202 MatchingRule *mr = mod->sm_desc->ad_type->sat_equality;
203 struct berval *cvals;
206 unsigned i, j, flags;
210 * If permissive is set, then the non-existence of an
211 * attribute is not treated as an error.
214 /* delete the entire attribute */
215 if ( mod->sm_values == NULL ) {
216 rc = attr_delete( &e->e_attrs, mod->sm_desc );
220 } else if( rc != LDAP_SUCCESS ) {
222 snprintf( textbuf, textlen,
223 "modify/delete: %s: no such attribute",
224 mod->sm_desc->ad_cname.bv_val );
225 rc = LDAP_NO_SUCH_ATTRIBUTE;
230 /* FIXME: Catch old code that doesn't set sm_numvals.
232 if ( !BER_BVISNULL( &mod->sm_values[mod->sm_numvals] )) {
233 for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ );
234 assert( mod->sm_numvals == i );
237 id2 = ch_malloc( mod->sm_numvals * sizeof( int ));
241 if( mr == NULL || !mr->smr_match ) {
242 /* disallow specific attributes from being deleted if
245 snprintf( textbuf, textlen,
246 "modify/delete: %s: no equality matching rule",
247 mod->sm_desc->ad_cname.bv_val );
248 rc = LDAP_INAPPROPRIATE_MATCHING;
252 /* delete specific values - find the attribute first */
253 if ( (a = attr_find( e->e_attrs, mod->sm_desc )) == NULL ) {
259 snprintf( textbuf, textlen,
260 "modify/delete: %s: no such attribute",
261 mod->sm_desc->ad_cname.bv_val );
262 rc = LDAP_NO_SUCH_ATTRIBUTE;
266 if ( a->a_desc == slap_schema.si_ad_objectClass ) {
267 /* Needed by ITS#5517,ITS#5963 */
268 flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX;
271 flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ASSERTION_SYNTAX;
273 if ( mod->sm_nvalues ) {
274 flags |= SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH
275 | SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH;
276 cvals = mod->sm_nvalues;
278 cvals = mod->sm_values;
281 /* Locate values to delete */
282 for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ ) {
284 rc = attr_valfind( a, flags, &cvals[i], &sort, NULL );
285 if ( rc == LDAP_SUCCESS ) {
287 } else if ( rc == LDAP_NO_SUCH_ATTRIBUTE ) {
293 snprintf( textbuf, textlen,
294 "modify/delete: %s: no such value",
295 mod->sm_desc->ad_cname.bv_val );
299 snprintf( textbuf, textlen,
300 "modify/delete: %s: matching rule failed",
301 mod->sm_desc->ad_cname.bv_val );
306 /* Delete the values */
307 for ( i = 0; i < mod->sm_numvals; i++ ) {
308 /* Skip permissive values that weren't found */
311 /* Skip duplicate delete specs */
312 if ( a->a_vals[idx[i]].bv_val == &dummy )
314 /* delete value and mark it as gone */
315 free( a->a_vals[idx[i]].bv_val );
316 a->a_vals[idx[i]].bv_val = &dummy;
317 if( a->a_nvals != a->a_vals ) {
318 free( a->a_nvals[idx[i]].bv_val );
319 a->a_nvals[idx[i]].bv_val = &dummy;
324 /* compact array skipping dummies */
325 for ( i = 0, j = 0; !BER_BVISNULL( &a->a_vals[i] ); i++ ) {
327 if( a->a_vals[i].bv_val == &dummy ) {
328 assert( a->a_nvals[i].bv_val == &dummy );
332 a->a_vals[ j ] = a->a_vals[ i ];
333 if (a->a_nvals != a->a_vals) {
334 a->a_nvals[ j ] = a->a_nvals[ i ];
340 BER_BVZERO( &a->a_vals[j] );
341 if (a->a_nvals != a->a_vals) {
342 BER_BVZERO( &a->a_nvals[j] );
345 /* if no values remain, delete the entire attribute */
346 if ( !a->a_numvals ) {
347 if ( attr_delete( &e->e_attrs, mod->sm_desc ) ) {
348 /* Can never happen */
350 snprintf( textbuf, textlen,
351 "modify/delete: %s: no such attribute",
352 mod->sm_desc->ad_cname.bv_val );
353 rc = LDAP_NO_SUCH_ATTRIBUTE;
355 } else if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
356 /* For an ordered attribute, renumber the value indices */
357 ordered_value_sort( a, 1 );
366 modify_replace_values(
371 char *textbuf, size_t textlen )
373 (void) attr_delete( &e->e_attrs, mod->sm_desc );
375 if ( mod->sm_values ) {
376 return modify_add_values( e, mod, permissive, text, textbuf, textlen );
383 modify_increment_values(
388 char *textbuf, size_t textlen )
392 a = attr_find( e->e_attrs, mod->sm_desc );
395 Modification modReplace = *mod;
397 modReplace.sm_op = LDAP_MOD_REPLACE;
399 return modify_add_values(e, &modReplace, permissive, text, textbuf, textlen);
402 snprintf( textbuf, textlen,
403 "modify/increment: %s: no such attribute",
404 mod->sm_desc->ad_cname.bv_val );
405 return LDAP_NO_SUCH_ATTRIBUTE;
409 if ( !strcmp( a->a_desc->ad_type->sat_syntax_oid, SLAPD_INTEGER_SYNTAX )) {
411 char str[sizeof(long)*3 + 2]; /* overly long */
414 if ( lutil_atol( &incr, mod->sm_values[0].bv_val ) != 0 ) {
415 *text = "modify/increment: invalid syntax of increment";
416 return LDAP_INVALID_SYNTAX;
419 /* treat zero and errors as a no-op */
424 for( i = 0; !BER_BVISNULL( &a->a_nvals[i] ); i++ ) {
428 if ( lutil_atol( &value, a->a_nvals[i].bv_val ) != 0 ) {
429 *text = "modify/increment: invalid syntax of original value";
430 return LDAP_INVALID_SYNTAX;
432 strln = snprintf( str, sizeof(str), "%ld", value+incr );
434 tmp = SLAP_REALLOC( a->a_nvals[i].bv_val, strln+1 );
436 *text = "modify/increment: reallocation error";
439 a->a_nvals[i].bv_val = tmp;
440 a->a_nvals[i].bv_len = strln;
442 AC_MEMCPY( a->a_nvals[i].bv_val, str, strln+1 );
446 snprintf( textbuf, textlen,
447 "modify/increment: %s: increment not supported for value syntax %s",
448 mod->sm_desc->ad_cname.bv_val,
449 a->a_desc->ad_type->sat_syntax_oid );
450 return LDAP_CONSTRAINT_VIOLATION;
461 if ( mod->sm_values != NULL ) ber_bvarray_free( mod->sm_values );
462 mod->sm_values = NULL;
464 if ( mod->sm_nvalues != NULL ) ber_bvarray_free( mod->sm_nvalues );
465 mod->sm_nvalues = NULL;
467 if( freeit ) free( mod );
477 for ( ; ml != NULL; ml = next ) {
481 slap_mod_free( &ml->sml_mod, 0 );