Fix -USLAPD_RLOOKUPS

[openldap] / servers / slapd / back-ldbm / modify.c

diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c
index 99048ce61c6d7b4857be2dc969eed9a9a297a31e..b5fc2c19a91b719cd2123f2b2f8dbc38cc6aa66b 100644 (file)
--- a/servers/slapd/back-ldbm/modify.c
+++ b/servers/slapd/back-ldbm/modify.c
@@ -33,13 +33,9 @@ add_lastmods( Operation *op, LDAPModList **modlist )
 
        /* remove any attempts by the user to modify these attrs */
        for ( m = modlist; *m != NULL; m = &(*m)->ml_next ) {
-            if ( strcasecmp( (*m)->ml_type, "modifytimestamp" ) == 0 || 
-                               strcasecmp( (*m)->ml_type, "modifiersname" ) == 0 ||
-                               strcasecmp( (*m)->ml_type, "createtimestamp" ) == 0 || 
-                               strcasecmp( (*m)->ml_type, "creatorsname" ) == 0 ) {
-
+            if ( oc_check_no_usermod_attr( (*m)->ml_type ) ) {
                 Debug( LDAP_DEBUG_TRACE,
-                                       "add_lastmods: found lastmod attr: %s\n",
+                                       "add_lastmods: found no user mod attr: %s\n",
                                        (*m)->ml_type, 0, 0 );
                 tmp = *m;
                 *m = (*m)->ml_next;
@@ -124,8 +120,10 @@ int ldbm_modify_internal(
 
 
        if ( (err = acl_check_modlist( be, conn, op, e, modlist ))
-            != LDAP_SUCCESS ) {
-               send_ldap_result( conn, op, err, NULL, NULL );
+            != LDAP_SUCCESS )
+       {
+               send_ldap_result( conn, op, err,
+                       NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -150,8 +148,11 @@ int ldbm_modify_internal(
                            && ((a = attr_find( e->e_attrs, mod->mod_type ))
                           != NULL) ) {
 
-                           (void) index_delete_values( be, mod->mod_type,
-                                                       a->a_vals, e->e_id );
+                           (void) index_change_values( be,
+                                                       mod->mod_type,
+                                                       a->a_vals,
+                                                       e->e_id,
+                                                       __INDEX_DELETE_OP);
                        }
 
                        err = replace_values( e, mod, op->o_ndn );
@@ -174,7 +175,8 @@ int ldbm_modify_internal(
 
                if ( err != LDAP_SUCCESS ) {
                        /* unlock entry, delete from cache */
-                       send_ldap_result( conn, op, err, NULL, NULL );
+                       send_ldap_result( conn, op, err,
+                               NULL, NULL, NULL, NULL );
                        return -1;
                }
        }
@@ -182,7 +184,8 @@ int ldbm_modify_internal(
        /* check that the entry still obeys the schema */
        if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
                Debug( LDAP_DEBUG_ANY, "entry failed schema check\n", 0, 0, 0 );
-               send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION, NULL, NULL );
+               send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION,
+                       NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -196,7 +199,8 @@ int ldbm_modify_internal(
 
        /* modify indexes */
        if ( index_add_mods( be, modlist, e->e_id ) != 0 ) {
-               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                       NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -223,35 +227,69 @@ ldbm_back_modify(
 )
 {
        struct ldbminfo *li = (struct ldbminfo *) be->be_private;
-       char            *matched;
+       Entry           *matched;
        Entry           *e;
+       int             manageDSAit = get_manageDSAit( op );
 
        Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
 
        /* acquire and lock entry */
        if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) {
-               send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched,
-                   NULL );
+               char* matched_dn = NULL;
+               struct berval **refs = NULL;
+
                if ( matched != NULL ) {
-                       free( matched );
+                       matched_dn = ch_strdup( matched->e_dn );
+                       refs = is_entry_referral( matched )
+                               ? get_entry_referrals( be, conn, op, matched )
+                               : NULL;
+                       cache_return_entry_r( &li->li_cache, matched );
+               } else {
+                       refs = default_referral;
                }
+
+               send_ldap_result( conn, op, LDAP_REFERRAL,
+                       matched_dn, NULL, refs, NULL );
+
+               if ( matched != NULL ) {
+                       ber_bvecfree( refs );
+                       free( matched_dn );
+               }
+
                return( -1 );
        }
 
+    if ( !manageDSAit && is_entry_referral( e ) ) {
+               /* parent is a referral, don't allow add */
+               /* parent is an alias, don't allow add */
+               struct berval **refs = get_entry_referrals( be,
+                       conn, op, e );
+
+               Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
+                   0, 0 );
+
+               send_ldap_result( conn, op, LDAP_REFERRAL,
+                   e->e_dn, NULL, refs, NULL );
+
+               ber_bvecfree( refs );
+
+               goto error_return;
+       }
+       
        /* Modify the entry */
        if ( ldbm_modify_internal( be, conn, op, dn, modlist, e ) != 0 ) {
-
                goto error_return;
-
        }
 
        /* change the entry itself */
        if ( id2entry_add( be, e ) != 0 ) {
-               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                       NULL, NULL, NULL, NULL );
                goto error_return;
        }
 
-       send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
+       send_ldap_result( conn, op, LDAP_SUCCESS,
+               NULL, NULL, NULL, NULL );
        cache_return_entry_w( &li->li_cache, e );
        return( 0 );
 
@@ -329,6 +367,17 @@ delete_values(
                                a->a_vals[k - 1] = a->a_vals[k];
                        }
                        a->a_vals[k - 1] = NULL;
+
+                       /* delete the entire attribute, if no values remain */
+                       if ( a->a_vals[0] == NULL) {
+                               Debug( LDAP_DEBUG_ARGS,
+                                       "removing entire attribute %s\n",
+                                       mod->mod_type, 0, 0 );
+                               if ( attr_delete( &e->e_attrs, mod->mod_type ) ) {
+                                       return LDAP_NO_SUCH_ATTRIBUTE;
+                               }
+                       }
+
                        break;
                }