#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,"ldbm_back_add: %s\n",
- e->e_dn ));
+ e->e_dn ));
#else
Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0);
#endif
-
/* nobody else can add until we lock our parent */
ldap_pvt_thread_mutex_lock(&li->li_add_mutex);
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
- "ldbm_back_add: entry (%s) failed schema check.\n",
- e->e_dn ));
+ "ldbm_back_add: entry (%s) failed schema check.\n",
+ e->e_dn ));
#else
Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
text, 0, 0 );
/* get parent with writer lock */
if ( (p = dn2entry_w( be, pdn, &matched )) == NULL ) {
- char *matched_dn;
+ char *matched_dn = NULL;
struct berval **refs;
ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
cache_return_entry_r( &li->li_cache, matched );
} else {
- matched_dn = NULL;
- refs = default_referral;
+ refs = referral_rewrite( default_referral,
+ NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
}
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
- "ldbm_back_add: Parent of (%s) does not exist.\n",
- e->e_dn ));
+ "ldbm_back_add: Parent of (%s) does not exist.\n",
+ e->e_dn ));
#else
Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
0, 0, 0 );
#endif
-
send_ldap_result( conn, op, LDAP_REFERRAL, matched_dn,
refs == NULL ? "parent does not exist" : "parent is referral",
refs, NULL );
- if( matched != NULL ) {
- ber_bvecfree( refs );
- free( matched_dn );
- }
+ ber_bvecfree( refs );
+ free( matched_dn );
- free( pdn );
return -1;
}
/* don't need the add lock anymore */
ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
- free(pdn);
-
if ( ! access_allowed( be, conn, op, p,
children, NULL, ACL_WRITE ) )
{
} else {
if(pdn != NULL) {
assert( *pdn == '\0' );
- free(pdn);
}
/* no parent, must be adding entry to root */
- if ( !be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
- ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
+ if ( !be_isroot( be, &op->o_ndn ) ) {
+ if ( be_issuffix( be, "" ) || be_isupdate( be, &op->o_ndn ) ) {
+ p = (Entry *)&slap_entry_root;
+
+ rc = access_allowed( be, conn, op, p,
+ children, NULL, ACL_WRITE );
+ p = NULL;
+
+ if ( ! rc ) {
+ ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
- "ldbm_back_add: %s add denied.\n",
- pdn == NULL ? "suffix" : "entry at root" ));
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_back_add: No write "
+ "access to parent (\"\").\n" ));
#else
- Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
- pdn == NULL ? "suffix" : "entry at root",
- 0, 0 );
+ Debug( LDAP_DEBUG_TRACE,
+ "no write access to parent\n",
+ 0, 0, 0 );
#endif
+ send_ldap_result( conn, op,
+ LDAP_INSUFFICIENT_ACCESS,
+ NULL,
+ "no write access to parent",
+ NULL, NULL );
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
+ return -1;
+ }
- return -1;
+ } else {
+ ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_back_add: %s add denied.\n",
+ pdn == NULL ? "suffix"
+ : "entry at root" ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
+ pdn == NULL ? "suffix"
+ : "entry at root", 0, 0 );
+#endif
+
+ send_ldap_result( conn, op,
+ LDAP_INSUFFICIENT_ACCESS,
+ NULL, NULL, NULL, NULL );
+
+ return -1;
+ }
}
/*
0 );
#endif
-
send_ldap_result( conn, op,
rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER,
NULL, rc > 0 ? NULL : "cache add failed", NULL, NULL );
projects / openldap / blobdiff