Never let ldif_parse_line() return a NULL value with success.

[openldap] / servers / slapd / back-bdb / delete.c

diff --git a/servers/slapd/back-bdb/delete.c b/servers/slapd/back-bdb/delete.c
index 6052c6ea91ef40a0b8eeda3f8bee6d8075fa683b..8d4c14e9c724c90b5b98205a085acb3eb1ee511d 100644 (file)
--- a/servers/slapd/back-bdb/delete.c
+++ b/servers/slapd/back-bdb/delete.c
@@ -31,6 +31,7 @@ bdb_delete(
        const char *text;
        int             manageDSAit = get_manageDSAit( op );
        AttributeDescription *children = slap_schema.si_ad_children;
+       AttributeDescription *entry = slap_schema.si_ad_entry;
        DB_TXN          *ltid = NULL;
        struct bdb_op_info opinfo;
 
@@ -43,6 +44,10 @@ bdb_delete(
 
        int             noop = 0;
 
+#ifdef LDAP_CLIENT_UPDATE
+       Operation* ps_list;
+#endif
+
 #ifdef NEW_LOGGING
        LDAP_LOG ( OPERATION, ARGS,  "==> bdb_delete: %s\n", dn->bv_val, 0, 0 );
 #else
@@ -165,13 +170,14 @@ retry:    /* transaction retry */
                if ( !rc  ) {
 #ifdef NEW_LOGGING
                        LDAP_LOG ( OPERATION, DETAIL1, 
-                               "<=- bdb_delete: no access to parent\n", 0, 0, 0 );
+                               "<=- bdb_delete: no write access to parent\n", 0, 0, 0 );
 #else
                        Debug( LDAP_DEBUG_TRACE,
-                               "<=- bdb_delete: no access to parent\n",
+                               "<=- bdb_delete: no write access to parent\n",
                                0, 0, 0 );
 #endif
                        rc = LDAP_INSUFFICIENT_ACCESS;
+                       text = "no write access to parent";
                        goto return_results;
                }
 
@@ -185,6 +191,7 @@ retry:      /* transaction retry */
                                /* check parent for "children" acl */
                                rc = access_allowed( be, conn, op, p,
                                        children, NULL, ACL_WRITE, NULL );
+
                                p = NULL;
 
                                switch( opinfo.boi_err ) {
@@ -203,6 +210,7 @@ retry:      /* transaction retry */
                                                "to parent\n", 0, 0, 0 );
 #endif
                                        rc = LDAP_INSUFFICIENT_ACCESS;
+                                       text = "no write access to parent";
                                        goto return_results;
                                }
 
@@ -286,6 +294,29 @@ retry:     /* transaction retry */
                goto done;
        }
 
+       rc = access_allowed( be, conn, op, e,
+               entry, NULL, ACL_WRITE, NULL );
+
+       switch( opinfo.boi_err ) {
+       case DB_LOCK_DEADLOCK:
+       case DB_LOCK_NOTGRANTED:
+               goto retry;
+       }
+
+       if ( !rc  ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG ( OPERATION, DETAIL1, 
+                       "<=- bdb_delete: no write access to entry\n", 0, 0, 0 );
+#else
+               Debug( LDAP_DEBUG_TRACE,
+                       "<=- bdb_delete: no write access to entry\n",
+                       0, 0, 0 );
+#endif
+               rc = LDAP_INSUFFICIENT_ACCESS;
+               text = "no write access to entry";
+               goto return_results;
+       }
+
        if ( !manageDSAit && is_entry_referral( e ) ) {
                /* entry is a referral, don't allow delete */
                BerVarray refs = get_entry_referrals( be,
@@ -462,6 +493,14 @@ retry:     /* transaction retry */
 return_results:
        send_ldap_result( conn, op, rc, NULL, text, NULL, NULL );
 
+#ifdef LDAP_CLIENT_UPDATE
+        if ( rc == LDAP_SUCCESS && !noop ) {
+               LDAP_LIST_FOREACH( ps_list, &bdb->psearch_list, link ) {
+                       bdb_psearch( be, conn, op, ps_list, e, LCUP_PSEARCH_BY_DELETE );
+               }
+       }
+#endif /* LDAP_CLIENT_UPDATE */
+
        if(rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
                ldap_pvt_thread_yield();
                TXN_CHECKPOINT( bdb->bi_dbenv,