Notices and acknowledgements

[openldap] / servers / slapd / back-ldbm / passwd.c

diff --git a/servers/slapd/back-ldbm/passwd.c b/servers/slapd/back-ldbm/passwd.c
index 58d545283290db421167b2a0bd91cd1e7cac3eb9..b5d0c5ebdcce00a6a05111968bf8832a1ee82fb4 100644 (file)
--- a/servers/slapd/back-ldbm/passwd.c
+++ b/servers/slapd/back-ldbm/passwd.c
@@ -1,7 +1,7 @@
 /* passwd.c - ldbm backend password routines */
 /* $OpenLDAP$ */
 /*
- * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -15,22 +15,14 @@
 #include "slap.h"
 #include "back-ldbm.h"
 #include "proto-back-ldbm.h"
+#include "lber_pvt.h"
 
 int
 ldbm_back_exop_passwd(
-    Backend            *be,
-    Connection         *conn,
-    Operation          *op,
-       const char              *reqoid,
-    struct berval      *reqdata,
-       char                    **rspoid,
-    struct berval      **rspdata,
-       LDAPControl             *** rspctrls,
-       const char              **text,
-    BerVarray *refs
-)
+       Operation       *op,
+       SlapReply       *rs )
 {
-       struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+       struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
        int rc;
        Entry *e = NULL;
        struct berval hash = { 0, NULL };
@@ -38,25 +30,22 @@ ldbm_back_exop_passwd(
        struct berval id = { 0, NULL };
        struct berval new = { 0, NULL };
 
-       struct berval dn;
-       struct berval ndn;
+       struct berval dn = { 0, NULL };
+       struct berval ndn = { 0, NULL };
 
-       assert( reqoid != NULL );
-       assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );
+       assert( ber_bvcmp( &slap_EXOP_MODIFY_PASSWD, &op->oq_extended.rs_reqoid ) == 0 );
 
-       rc = slap_passwd_parse( reqdata,
-               &id, NULL, &new, text );
+       rc = slap_passwd_parse( op->oq_extended.rs_reqdata,
+               &id, NULL, &new, &rs->sr_text );
 
 #ifdef NEW_LOGGING
-       LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
-                  "ldbm_back_exop_passwd: \"%s\"\n",
-                  id.bv_val ? id.bv_val : "" ));
+       LDAP_LOG( BACK_LDBM, ENTRY,
+               "ldbm_back_exop_passwd: \"%s\"\n", id.bv_val ? id.bv_val : "", 0,0 );
 #else
        Debug( LDAP_DEBUG_ARGS, "==> ldbm_back_exop_passwd: \"%s\"\n",
                id.bv_val ? id.bv_val : "", 0, 0 );
 #endif
 
-
        if( rc != LDAP_SUCCESS ) {
                goto done;
        }
@@ -65,18 +54,18 @@ ldbm_back_exop_passwd(
                slap_passwd_generate(&new);
 
                if( new.bv_len == 0 ) {
-                       *text = "password generation failed.";
+                       rs->sr_text = "password generation failed.";
                        rc = LDAP_OTHER;
                        goto done;
                }
                
-               *rspdata = slap_passwd_return( &new );
+               rs->sr_rspdata = slap_passwd_return( &new );
        }
 
-       slap_passwd_hash( &new, &hash );
+       slap_passwd_hash( &new, &hash, &rs->sr_text );
 
        if( hash.bv_len == 0 ) {
-               *text = "password hash failed";
+               if( !rs->sr_text ) rs->sr_text = "password hash failed";
                rc = LDAP_OTHER;
                goto done;
        }
@@ -88,45 +77,60 @@ ldbm_back_exop_passwd(
        }
 
 #ifdef NEW_LOGGING
-       LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
+       LDAP_LOG( BACK_LDBM, DETAIL1,
                "ldbm_back_exop_passwd: \"%s\"%s\n",
-               dn.bv_val, id.bv_len ? " (proxy)" : "" ));
+               dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
 #else
        Debug( LDAP_DEBUG_TRACE, "passwd: \"%s\"%s\n",
                dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
 #endif
 
        if( dn.bv_len == 0 ) {
-               *text = "No password is associated with the Root DSE";
-               rc = LDAP_OPERATIONS_ERROR;
+               rs->sr_text = "No password is associated with the Root DSE";
+               rc = LDAP_UNWILLING_TO_PERFORM;
                goto done;
        }
 
-       rc = dnNormalize2( NULL, &dn, &ndn );
+       rc = dnNormalize( 0, NULL, NULL, &dn, &ndn, op->o_tmpmemctx );
        if( rc != LDAP_SUCCESS ) {
-               *text = "Invalid DN";
+               rs->sr_text = "Invalid DN";
                goto done;
        }
 
-       e = dn2entry_w( be, &ndn, NULL );
-       if( e == NULL ) {
-               *text = "could not locate authorization entry";
+       /* grab giant lock for writing */
+       ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
+
+       e = dn2entry_w( op->o_bd, &ndn, NULL );
+
+       if ( e == NULL || is_entry_glue( e )) {
+               /* FIXME : dn2entry() should return non-glue entry */
+               ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+               rs->sr_text = "could not locate authorization entry";
                rc = LDAP_NO_SUCH_OBJECT;
                goto done;
        }
 
+#ifdef LDBM_SUBENTRIES
+       if( is_entry_subentry( e ) ) {
+               /* entry is a subentry, don't allow operation */
+               rs->sr_text = "authorization entry is subentry";
+               rc = LDAP_OTHER;
+               goto done;
+       }
+#endif
+
        if( is_entry_alias( e ) ) {
                /* entry is an alias, don't allow operation */
-               *text = "authorization entry is alias";
+               rs->sr_text = "authorization entry is alias";
                rc = LDAP_ALIAS_PROBLEM;
                goto done;
        }
 
-       rc = LDAP_OPERATIONS_ERROR;
+       rc = LDAP_OTHER;
 
        if( is_entry_referral( e ) ) {
                /* entry is an referral, don't allow operation */
-               *text = "authorization entry is referral";
+               rs->sr_text = "authorization entry is referral";
                goto done;
        }
 
@@ -139,40 +143,42 @@ ldbm_back_exop_passwd(
                vals[1].bv_val = NULL;
 
                ml.sml_desc = slap_schema.si_ad_userPassword;
-               ml.sml_bvalues = vals;
+               ml.sml_values = vals;
+               ml.sml_nvalues = vals;
                ml.sml_op = LDAP_MOD_REPLACE;
                ml.sml_next = NULL;
 
-               rc = ldbm_modify_internal( be,
-                       conn, op, op->o_ndn.bv_val, &ml, e, text, textbuf, 
+               rc = ldbm_modify_internal( op,
+                       &ml, e, &rs->sr_text, textbuf, 
                        sizeof( textbuf ) );
 
                /* FIXME: ldbm_modify_internal may set *text = textbuf,
                 * which is BAD */
-               if ( *text == textbuf ) {
-                       *text = NULL;
+               if ( rs->sr_text == textbuf ) {
+                       rs->sr_text = NULL;
                }
 
                if( rc ) {
                        /* cannot return textbuf */
-                       *text = "entry modify failed";
+                       rs->sr_text = "entry modify failed";
                        goto done;
                }
 
                /* change the entry itself */
-               if( id2entry_add( be, e ) != 0 ) {
-                       *text = "entry update failed";
+               if( id2entry_add( op->o_bd, e ) != 0 ) {
+                       rs->sr_text = "entry update failed";
                        rc = LDAP_OTHER;
                }
 
                if( rc == LDAP_SUCCESS ) {
-                       replog( be, op, &e->e_name, &e->e_nname, &ml );
+                       replog( op );
                }
        }
 
 done:
        if( e != NULL ) {
                cache_return_entry_w( &li->li_cache, e );
+               ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
        }
 
        if( hash.bv_val != NULL ) {
@@ -180,7 +186,7 @@ done:
        }
 
        if( ndn.bv_val != NULL ) {
-               free( ndn.bv_val );
+               op->o_tmpfree( ndn.bv_val, op->o_tmpmemctx );
        }
 
        return rc;