Remove abandon cruft

[openldap] / servers / slapd / back-ldbm / add.c

diff --git a/servers/slapd/back-ldbm/add.c b/servers/slapd/back-ldbm/add.c
index 71fb24b1859f1eb265b7353e4472f954ea30d4a5..059abb031189cfb3ed8d1572005687e892c08922 100644 (file)
--- a/servers/slapd/back-ldbm/add.c
+++ b/servers/slapd/back-ldbm/add.c
@@ -97,14 +97,13 @@ ldbm_back_add(
                        if ( matched != NULL ) {
                                matched_dn = ch_strdup( matched->e_dn );
                                refs = is_entry_referral( matched )
-                                       ? get_entry_referrals( be, conn, op, matched,
-                                               e->e_dn, LDAP_SCOPE_DEFAULT )
+                                       ? get_entry_referrals( be, conn, op, matched )
                                        : NULL;
                                cache_return_entry_r( &li->li_cache, matched );
 
                        } else {
                                refs = referral_rewrite( default_referral,
-                                       NULL, e->e_dn, LDAP_SCOPE_DEFAULT );
+                                       NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
                        }
 
 #ifdef NEW_LOGGING
@@ -123,15 +122,12 @@ ldbm_back_add(
                        ber_bvecfree( refs );
                        free( matched_dn );
 
-                       free( pdn );
                        return -1;
                }
 
                /* don't need the add lock anymore */
                ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 
-               free(pdn);
-
                if ( ! access_allowed( be, conn, op, p,
                        children, NULL, ACL_WRITE ) )
                {
@@ -179,8 +175,7 @@ ldbm_back_add(
                        /* parent is a referral, don't allow add */
                        char *matched_dn = ch_strdup( p->e_dn );
                        struct berval **refs = is_entry_referral( p )
-                               ? get_entry_referrals( be, conn, op, p,
-                                       e->e_dn, LDAP_SCOPE_DEFAULT )
+                               ? get_entry_referrals( be, conn, op, p )
                                : NULL;
 
                        /* free parent and writer lock */
@@ -205,28 +200,59 @@ ldbm_back_add(
        } else {
                if(pdn != NULL) {
                        assert( *pdn == '\0' );
-                       free(pdn);
                }
 
                /* no parent, must be adding entry to root */
-               if ( !be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
-                       ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
+               if ( !be_isroot( be, &op->o_ndn ) ) {
+                       if ( be_issuffix( be, "" ) || be_isupdate( be, &op->o_ndn ) ) {
+                               p = (Entry *)&slap_entry_root;
+                               
+                               rc = access_allowed( be, conn, op, p,
+                                       children, NULL, ACL_WRITE );
+                               p = NULL;
+                               
+                               if ( ! rc ) {
+                                       ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 
 #ifdef NEW_LOGGING
-                       LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
-                                  "ldbm_back_add: %s add denied.\n",
-                                  pdn == NULL ? "suffix" : "entry at root" ));
+                                       LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+                                               "ldbm_back_add: No write "
+                                               "access to parent (\"\").\n" ));
 #else
-                       Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
-                                       pdn == NULL ? "suffix" : "entry at root",
-                                       0, 0 );
+                                       Debug( LDAP_DEBUG_TRACE, 
+                                               "no write access to parent\n", 
+                                               0, 0, 0 );
 #endif
 
+                                       send_ldap_result( conn, op, 
+                                               LDAP_INSUFFICIENT_ACCESS,
+                                               NULL, 
+                                               "no write access to parent", 
+                                               NULL, NULL );
 
-                       send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
-                           NULL, NULL, NULL, NULL );
+                                       return -1;
+                               }
 
-                       return -1;
+                       } else {
+                               ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
+
+#ifdef NEW_LOGGING
+                               LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+                                          "ldbm_back_add: %s add denied.\n",
+                                          pdn == NULL ? "suffix" 
+                                          : "entry at root" ));
+#else
+                               Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
+                                               pdn == NULL ? "suffix" 
+                                               : "entry at root", 0, 0 );
+#endif
+
+                               send_ldap_result( conn, op, 
+                                               LDAP_INSUFFICIENT_ACCESS,
+                                               NULL, NULL, NULL, NULL );
+
+                               return -1;
+                       }
                }
 
                /*