/* modify.c - ldbm backend modify routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
#include <ac/string.h>
#include <ac/socket.h>
+#include <ac/time.h>
#include "slap.h"
#include "back-ldbm.h"
#include "proto-back-ldbm.h"
-static void add_lastmods(Operation *op, LDAPModList **ml);
-
-
-static void
-add_lastmods( Operation *op, LDAPModList **modlist )
-{
- char buf[22];
- struct berval bv;
- struct berval *bvals[2];
- LDAPModList **m;
- LDAPModList *tmp;
- struct tm *ltm;
- time_t currenttime;
-
- Debug( LDAP_DEBUG_TRACE, "add_lastmods\n", 0, 0, 0 );
-
- bvals[0] = &bv;
- bvals[1] = NULL;
-
- /* remove any attempts by the user to modify these attrs */
- for ( m = modlist; *m != NULL; m = &(*m)->ml_next ) {
- if ( strcasecmp( (*m)->ml_type, "modifytimestamp" ) == 0 ||
- strcasecmp( (*m)->ml_type, "modifiersname" ) == 0 ||
- strcasecmp( (*m)->ml_type, "createtimestamp" ) == 0 ||
- strcasecmp( (*m)->ml_type, "creatorsname" ) == 0 ) {
-
- Debug( LDAP_DEBUG_TRACE,
- "add_lastmods: found lastmod attr: %s\n",
- (*m)->ml_type, 0, 0 );
- tmp = *m;
- *m = (*m)->ml_next;
- free( tmp->ml_type );
- if ( tmp->ml_bvalues != NULL ) {
- ber_bvecfree( tmp->ml_bvalues );
- }
- free( tmp );
- if (!*m)
- break;
- }
- }
-
- if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) {
- bv.bv_val = "NULLDN";
- bv.bv_len = strlen( bv.bv_val );
- } else {
- bv.bv_val = op->o_dn;
- bv.bv_len = strlen( bv.bv_val );
- }
- tmp = (LDAPModList *) ch_calloc( 1, sizeof(LDAPModList) );
- tmp->ml_type = ch_strdup( "modifiersname" );
- tmp->ml_op = LDAP_MOD_REPLACE;
- tmp->ml_bvalues = (struct berval **) ch_calloc(2, sizeof(struct berval *));
- tmp->ml_bvalues[0] = ber_bvdup( &bv );
- tmp->ml_next = *modlist;
- *modlist = tmp;
-
- currenttime = slap_get_time();
- ldap_pvt_thread_mutex_lock( &gmtime_mutex );
-#ifndef LDAP_LOCALTIME
- ltm = gmtime( ¤ttime );
- strftime( buf, sizeof(buf), "%Y%m%d%H%M%SZ", ltm );
-#else
- ltm = localtime( ¤ttime );
- strftime( buf, sizeof(buf), "%y%m%d%H%M%SZ", ltm );
-#endif
- ldap_pvt_thread_mutex_unlock( &gmtime_mutex );
-
- bv.bv_val = buf;
- bv.bv_len = strlen( bv.bv_val );
- tmp = (LDAPModList *) ch_calloc( 1, sizeof(LDAPModList) );
- tmp->ml_type = ch_strdup( "modifytimestamp" );
- tmp->ml_op = LDAP_MOD_REPLACE;
- tmp->ml_bvalues = (struct berval **) ch_calloc(2, sizeof(struct berval *));
- tmp->ml_bvalues[0] = ber_bvdup( &bv );
- tmp->ml_next = *modlist;
- *modlist = tmp;
-
-}
-
/* We need this function because of LDAP modrdn. If we do not
* add this there would be a bunch of code replication here
* and there and of course the likelihood of bugs increases.
* Juan C. Gomez (gomez@engr.sgi.com) 05/18/99
*/
-
int ldbm_modify_internal(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- LDAPModList *modlist,
- Entry *e
+ const char *dn,
+ Modifications *modlist,
+ Entry *e,
+ const char **text,
+ char *textbuf,
+ size_t textlen
)
{
- int i, err;
- LDAPMod *mod;
- LDAPModList *ml;
-
- if ( ((be->be_lastmod == ON)
- || ((be->be_lastmod == UNDEFINED)&&(global_lastmod == ON)))
- && (be->be_update_ndn == NULL)) {
-
- /* XXX: It may be wrong, it changes mod time even if
- * mod fails!
- */
- add_lastmods( op, &modlist );
-
- }
+ int rc = LDAP_SUCCESS;
+ Modification *mod;
+ Modifications *ml;
+ Attribute *save_attrs;
+ Attribute *ap;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
+ "ldbm_modify_internal: %s\n", dn ));
+#else
+ Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", dn, 0, 0);
+#endif
- if ( (err = acl_check_modlist( be, conn, op, e, modlist ))
- != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, err, NULL, NULL );
- return -1;
+ if ( !acl_check_modlist( be, conn, op, e, modlist )) {
+ return LDAP_INSUFFICIENT_ACCESS;
}
- for ( ml = modlist; ml != NULL; ml = ml->ml_next ) {
+ save_attrs = e->e_attrs;
+ e->e_attrs = attrs_dup( e->e_attrs );
- mod = &ml->ml_mod;
+ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ mod = &ml->sml_mod;
- switch ( mod->mod_op & ~LDAP_MOD_BVALUES ) {
+ switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
- err = add_values( e, mod, op->o_ndn );
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+ "ldbm_modify_internal: add\n" ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0);
+#endif
+
+ rc = modify_add_values( e, mod, text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_modify_internal: failed %d (%s)\n",
+ rc, *text ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
case LDAP_MOD_DELETE:
- err = delete_values( e, mod, op->o_ndn );
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+ "ldbm_modify_internal: delete\n" ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0);
+#endif
+
+ rc = modify_delete_values( e, mod, text, textbuf, textlen );
+ assert( rc != LDAP_TYPE_OR_VALUE_EXISTS );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
case LDAP_MOD_REPLACE:
- err = replace_values( e, mod, op->o_ndn );
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+ "ldbm_modify_internal: replace\n" ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0);
+#endif
+
+ rc = modify_replace_values( e, mod, text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
+
+ case SLAP_MOD_SOFTADD:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+ "ldbm_modify_internal: softadd\n" ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: softadd\n", 0, 0, 0);
+#endif
+
+ /* Avoid problems in index_add_mods()
+ * We need to add index if necessary.
+ */
+ mod->sm_op = LDAP_MOD_ADD;
+
+ rc = modify_add_values( e, mod, text, textbuf, textlen );
+ if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) {
+ rc = LDAP_SUCCESS;
+ }
+
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
+ break;
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_modify_internal: invalid op %d\n", mod->sm_op ));
+#else
+ Debug(LDAP_DEBUG_ANY, "ldbm_modify_internal: invalid op %d\n",
+ mod->sm_op, 0, 0);
+#endif
+
+ rc = LDAP_OTHER;
+ *text = "Invalid modify operation";
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_modify_internal: %d (%s)\n", rc, *text ));
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
+
+ if ( rc != LDAP_SUCCESS ) {
+ goto exit;
}
- if ( err != LDAP_SUCCESS ) {
- /* unlock entry, delete from cache */
- send_ldap_result( conn, op, err, NULL, NULL );
- return -1;
+ /* If objectClass was modified, reset the flags */
+ if ( mod->sm_desc == slap_schema.si_ad_objectClass ) {
+ e->e_ocflags = 0;
+ }
+
+ /* check if modified attribute was indexed */
+ rc = index_is_indexed( be, mod->sm_desc );
+ if ( rc == LDAP_SUCCESS ) {
+ ap = attr_find( save_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
+
+ ap = attr_find( e->e_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD;
}
}
/* check that the entry still obeys the schema */
- if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
- Debug( LDAP_DEBUG_ANY, "entry failed schema check\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION, NULL, NULL );
- return -1;
+ rc = entry_schema_check( be, e, save_attrs, text, textbuf, textlen );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_modify_internal: entry failed schema check: %s\n",
+ *text ));
+#else
+ Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n",
+ *text, 0, 0 );
+#endif
+
+ goto exit;
}
/* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
if ( op->o_abandon ) {
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return -1;
+ rc = SLAPD_ABANDON;
+ goto exit;
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- /* modify indexes */
- if ( index_add_mods( be, modlist, e->e_id ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
- return -1;
+ /* update the indices of the modified attributes */
+
+ /* start with deleting the old index entries */
+ for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXDEL ) {
+ rc = index_values( be, ap->a_desc, ap->a_vals, e->e_id,
+ SLAP_INDEX_DELETE_OP );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_modify_internal: Attribute index delete failure\n" ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "Attribute index delete failure",
+ 0, 0, 0 );
+#endif
+ goto exit;
+ }
+ ap->a_flags &= ~SLAP_ATTR_IXDEL;
+ }
}
- /* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
- if ( op->o_abandon ) {
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return -1;
+ /* add the new index entries */
+ for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXADD ) {
+ rc = index_values( be, ap->a_desc, ap->a_vals, e->e_id,
+ SLAP_INDEX_ADD_OP );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+ "ldbm_modify_internal: Attribute index add failure\n" ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "Attribute index add failure",
+ 0, 0, 0 );
+#endif
+ goto exit;
+ }
+ ap->a_flags &= ~SLAP_ATTR_IXADD;
+ }
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
-
- return 0;
-}/* int ldbm_modify_internal() */
+exit:
+ if ( rc == LDAP_SUCCESS ) {
+ attrs_free( save_attrs );
+ } else {
+ for ( ap = save_attrs; ap; ap = ap->a_next ) {
+ ap->a_flags = 0;
+ }
+ attrs_free( e->e_attrs );
+ e->e_attrs = save_attrs;
+ }
+ return rc;
+}
int
ldbm_back_modify(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- LDAPModList *modlist
+ struct berval *dn,
+ struct berval *ndn,
+ Modifications *modlist
)
{
+ int rc;
struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- char *matched;
+ Entry *matched;
Entry *e;
- int err;
-
+ int manageDSAit = get_manageDSAit( op );
+ const char *text = NULL;
+ char textbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof textbuf;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
+ "ldbm_back_modify: enter\n" ));
+#else
Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
+#endif
+
+ /* grab giant lock for writing */
+ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* acquire and lock entry */
- if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) {
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched,
- NULL );
+ if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
+ char* matched_dn = NULL;
+ BerVarray refs;
+
if ( matched != NULL ) {
- free( matched );
+ matched_dn = ch_strdup( matched->e_dn );
+ refs = is_entry_referral( matched )
+ ? get_entry_referrals( be, conn, op, matched )
+ : NULL;
+ cache_return_entry_r( &li->li_cache, matched );
+ } else {
+ refs = referral_rewrite( default_referral,
+ NULL, dn, LDAP_SCOPE_DEFAULT );
}
+
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ send_ldap_result( conn, op, LDAP_REFERRAL,
+ matched_dn, NULL, refs, NULL );
+
+ if ( refs ) ber_bvarray_free( refs );
+ free( matched_dn );
+
return( -1 );
}
- /* Modify the entry */
- if ( ldbm_modify_internal( be, conn, op, dn, modlist, e ) != 0 ) {
+ if ( !manageDSAit && is_entry_referral( e ) ) {
+ /* parent is a referral, don't allow add */
+ /* parent is an alias, don't allow add */
+ BerVarray refs = get_entry_referrals( be,
+ conn, op, e );
- goto error_return;
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_back_modify: entry (%s) is referral\n", ndn->bv_val ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
+ 0, 0 );
+#endif
+
+
+ send_ldap_result( conn, op, LDAP_REFERRAL,
+ e->e_dn, NULL, refs, NULL );
+
+ if ( refs ) ber_bvarray_free( refs );
+ goto error_return;
}
+
+ /* Modify the entry */
+ rc = ldbm_modify_internal( be, conn, op, ndn->bv_val, modlist, e,
+ &text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+ if( rc != SLAPD_ABANDON ) {
+ send_ldap_result( conn, op, rc,
+ NULL, text, NULL, NULL );
+ }
+ goto error_return;
+ }
/* change the entry itself */
if ( id2entry_add( be, e ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "id2entry failure", NULL, NULL );
goto error_return;
}
- send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
+ send_ldap_result( conn, op, LDAP_SUCCESS,
+ NULL, NULL, NULL, NULL );
+
cache_return_entry_w( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
return( 0 );
error_return:;
cache_return_entry_w( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
return( -1 );
}
-
-int
-add_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- int i;
- Attribute *a;
-
- /* check if the values we're adding already exist */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) != NULL ) {
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- if ( value_find( a->a_vals, mod->mod_bvalues[i],
- a->a_syntax, 3 ) == 0 ) {
- return( LDAP_TYPE_OR_VALUE_EXISTS );
- }
- }
- }
-
- /* no - add them */
- if( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
- return( LDAP_CONSTRAINT_VIOLATION );
- }
-
- return( LDAP_SUCCESS );
-}
-
-int
-delete_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- int i, j, k, found;
- Attribute *a;
-
- /* delete the entire attribute */
- if ( mod->mod_bvalues == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "removing entire attribute %s\n",
- mod->mod_type, 0, 0 );
- return( attr_delete( &e->e_attrs, mod->mod_type ) ?
- LDAP_NO_SUCH_ATTRIBUTE : LDAP_SUCCESS );
- }
-
- /* delete specific values - find the attribute first */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "could not find attribute %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
-
- /* find each value to delete */
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- found = 0;
- for ( j = 0; a->a_vals[j] != NULL; j++ ) {
- if ( value_cmp( mod->mod_bvalues[i], a->a_vals[j],
- a->a_syntax, 3 ) != 0 ) {
- continue;
- }
- found = 1;
-
- /* found a matching value - delete it */
- ber_bvfree( a->a_vals[j] );
- for ( k = j + 1; a->a_vals[k] != NULL; k++ ) {
- a->a_vals[k - 1] = a->a_vals[k];
- }
- a->a_vals[k - 1] = NULL;
- break;
- }
-
- /* looked through them all w/o finding it */
- if ( ! found ) {
- Debug( LDAP_DEBUG_ARGS,
- "could not find value for attr %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
- }
-
- return( LDAP_SUCCESS );
-}
-
-int
-replace_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- (void) attr_delete( &e->e_attrs, mod->mod_type );
-
- if ( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
- return( LDAP_CONSTRAINT_VIOLATION );
- }
-
- return( LDAP_SUCCESS );
-}