ITS#5186 check for multiple suffixes at config time, not open time

[openldap] / servers / slapd / bconfig.c

diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 7576a2c2f75e3bccbefd1f13cfafeb86c14ca823..a0fa91525988b6a48573f802fe0097b4ee19c653 100644 (file)
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -77,6 +77,7 @@ typedef struct {
 static CfBackInfo cfBackInfo;
 
 static char    *passwd_salt;
+static FILE *logfile;
 static char    *logfileName;
 #ifdef SLAP_AUTH_REWRITE
 static BerVarray authz_rewrites;
@@ -507,7 +508,7 @@ static ConfigTable config_back_cf_table[] = {
                &config_generic, NULL, NULL, NULL },
        { "sasl-host", "host", 2, 2, 0,
 #ifdef HAVE_CYRUS_SASL
-               ARG_STRING|ARG_UNIQUE, &global_host,
+               ARG_STRING|ARG_UNIQUE, &sasl_host,
 #else
                ARG_IGNORED, NULL,
 #endif
@@ -1124,6 +1125,10 @@ config_generic(ConfigArgs *c) {
                case CFG_LOGFILE:
                        ch_free( logfileName );
                        logfileName = NULL;
+                       if ( logfile ) {
+                               fclose( logfile );
+                               logfile = NULL;
+                       }
                        break;
 
                case CFG_SERVERID: {
@@ -1683,7 +1688,6 @@ sortval_reject:
                        }
                        break;
                case CFG_LOGFILE: {
-                               FILE *logfile;
                                if ( logfileName ) ch_free( logfileName );
                                logfileName = c->value_string;
                                logfile = fopen(logfileName, "w");
@@ -2240,8 +2244,17 @@ config_suffix(ConfigArgs *c)
        }
 #endif
 
+       if (SLAP_DB_ONE_SUFFIX( c->be ) && c->be->be_suffix ) {
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> Only one suffix is allowed on this %s backend",
+                       c->argv[0], c->be->bd_info->bi_type );
+               Debug(LDAP_DEBUG_ANY, "%s: %s\n",
+                       c->log, c->cr_msg, 0);
+               return(1);
+       }
+
        pdn = c->value_dn;
        ndn = c->value_ndn;
+
        if (SLAP_DBHIDDEN( c->be ))
                tbe = NULL;
        else
@@ -4187,11 +4200,26 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs,
                rc = LDAP_SUCCESS;
        }
 
+       colst = count_ocs( oc_at, &nocs );
+
        /* Check whether the Add is allowed by its parent, and do
         * any necessary arg setup
         */
        if ( last ) {
                rc = config_add_oc( &coptr, last, e, ca );
+               if ( rc == LDAP_CONSTRAINT_VIOLATION ) {
+                       for ( i = 0; i<nocs; i++ ) {
+                               /* Already checked these */
+                               if ( colst[i]->co_oc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+                                       continue;
+                               if ( colst[i]->co_ldadd &&
+                                       ( rc = colst[i]->co_ldadd( last, e, ca ))
+                                               != LDAP_CONSTRAINT_VIOLATION ) {
+                                       coptr = colst[i];
+                                       break;
+                               }
+                       }
+               }
                if ( rc == LDAP_CONSTRAINT_VIOLATION ) {
                        Debug( LDAP_DEBUG_TRACE, "%s: config_add_internal: "
                                "DN=\"%s\" no structural objectClass add function\n",
@@ -4200,8 +4228,6 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs,
                }
        }
 
-       colst = count_ocs( oc_at, &nocs );
-
        /* Add the entry but don't parse it, we already have its contents */
        if ( rc == LDAP_COMPARE_TRUE ) {
                rc = LDAP_SUCCESS;
@@ -4300,6 +4326,8 @@ ok:
                                rc = ca->bi->bi_db_open( ca->be, &ca->reply );
                                ca->be->bd_info = bi_orig;
                        }
+               } else if ( ca->cleanup ) {
+                       rc = ca->cleanup( ca );
                }
                if ( rc ) {
                        if (ca->cr_msg[0] == '\0')
@@ -4811,6 +4839,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
 out:
        /* Undo for a failed operation */
        if ( rc != LDAP_SUCCESS ) {
+               ConfigReply msg = ca->reply;
                for ( s = save_attrs; s; s = s->a_next ) {
                        if ( s->a_flags & SLAP_ATTR_IXDEL ) {
                                s->a_flags &= ~(SLAP_ATTR_IXDEL|SLAP_ATTR_IXADD);
@@ -4847,6 +4876,7 @@ out:
                                }
                        }
                }
+               ca->reply = msg;
        }
 
        if ( ca->cleanup )
@@ -4913,8 +4943,7 @@ config_back_modify( Operation *op, SlapReply *rs )
 
        slap_mods_opattrs( op, &op->orm_modlist, 1 );
 
-       if ( !slapd_shutdown )
-               ldap_pvt_thread_pool_pause( &connection_pool );
+       ldap_pvt_thread_pool_pause( &connection_pool );
 
        /* Strategy:
         * 1) perform the Modify on the cached Entry.
@@ -4946,8 +4975,7 @@ config_back_modify( Operation *op, SlapReply *rs )
                op->o_ndn = ndn;
        }
 
-       if ( !slapd_shutdown )
-               ldap_pvt_thread_pool_resume( &connection_pool );
+       ldap_pvt_thread_pool_resume( &connection_pool );
 out:
        send_ldap_result( op, rs );
        slap_graduate_commit_csn( op );