]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/bconfig.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ITS#7935 fix schema RDN normalization
[openldap] / servers / slapd / bconfig.c
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 931ae9ff630c3a2c90ee7f82799209c6213b1e46..c501135236665d02ad5f5a6236763d9a1ef87e08 100644 (file)
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2005-2013 The OpenLDAP Foundation.
+ * Copyright 2005-2014 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -807,7 +807,7 @@ static ConfigOCs cf_ocs[] = {
                 "olcDisallows $ olcGentleHUP $ olcIdleTimeout $ "
                 "olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
                 "olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ "
-                "olcLocalSSF $ olcLogFile $ olcLogLevel $ "
+                "olcListenerThreads $ olcLocalSSF $ olcLogFile $ olcLogLevel $ "
                 "olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ "
                 "olcPluginLogFile $ olcReadOnly $ olcReferral $ "
                 "olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
@@ -820,7 +820,7 @@ static ConfigOCs cf_ocs[] = {
                 "olcTLSCACertificatePath $ olcTLSCertificateFile $ "
                 "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
                 "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ "
-                "olcTLSCRLFile $ olcToolThreads $ olcWriteTimeout $ "
+                "olcTLSCRLFile $ olcTLSProtocolMin $ olcToolThreads $ olcWriteTimeout $ "
                 "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
                 "olcDitContentRules $ olcLdapSyntaxes ) )", Cft_Global },
        { "( OLcfgGlOc:2 "
@@ -3415,7 +3415,8 @@ loglevel2bvarray( int l, BerVarray *bva )
        }
 
        if ( l == 0 ) {
-               return value_add_one( bva, ber_bvstr( "0" ) );
+               struct berval bv = BER_BVC("0");
+               return value_add_one( bva, &bv );
        }
 
        return mask_to_verbs( loglevel_ops, l, bva );
@@ -3792,6 +3793,7 @@ config_tls_cleanup(ConfigArgs *c) {
                int opt = 1;
 
                ldap_pvt_tls_ctx_free( slap_tls_ctx );
+               slap_tls_ctx = NULL;
 
                /* Force new ctx to be created */
                rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
@@ -3800,6 +3802,11 @@ config_tls_cleanup(ConfigArgs *c) {
                        ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
                        /* This is a no-op if it's already loaded */
                        load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
+               } else {
+                       if ( rc == LDAP_NOT_SUPPORTED )
+                               rc = LDAP_UNWILLING_TO_PERFORM;
+                       else
+                               rc = LDAP_OTHER;
                }
        }
        return rc;
@@ -6427,8 +6434,6 @@ config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent,
 {
        Entry *e = entry_alloc();
        CfEntryInfo *ce = ch_calloc( 1, sizeof(CfEntryInfo) );
-       struct berval val;
-       struct berval ad_name;
        AttributeDescription *ad = NULL;
        int rc;
        char *ptr;
@@ -6437,6 +6442,7 @@ config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent,
        struct berval pdn;
        ObjectClass *oc;
        CfEntryInfo *ceprev = NULL;
+       LDAPRDN srdn = NULL;
 
        Debug( LDAP_DEBUG_TRACE, "config_build_entry: \"%s\"\n", rdn->bv_val, 0, 0);
        e->e_private = ce;
@@ -6465,16 +6471,17 @@ config_build_entry( Operation *op, SlapReply *rs, CfEntryInfo *parent,
        if ( extra )
                attr_merge_normalize_one(e, slap_schema.si_ad_objectClass,
                        extra->co_name, NULL );
-       ptr = strchr(rdn->bv_val, '=');
-       ad_name.bv_val = rdn->bv_val;
-       ad_name.bv_len = ptr - rdn->bv_val;
-       rc = slap_bv2ad( &ad_name, &ad, &text );
+       if ( ldap_bv2rdn_x( rdn, &srdn, &ptr, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx ))
+               goto fail;
+
+       rc = slap_bv2ad( &srdn[0]->la_attr, &ad, &text );
        if ( rc ) {
+               ldap_rdnfree_x( srdn, op->o_tmpmemctx );
                goto fail;
        }
-       val.bv_val = ptr+1;
-       val.bv_len = rdn->bv_len - (val.bv_val - rdn->bv_val);
-       attr_merge_normalize_one(e, ad, &val, NULL );
+       attr_merge_normalize_one(e, ad, &srdn[0]->la_value, NULL );
+       ldap_rdnfree_x( srdn, op->o_tmpmemctx );
+       srdn = NULL;
 
        oc = main->co_oc;
        c->table = main->co_type;
@@ -6550,7 +6557,7 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent,
 
        for (; cf; cf=cf->c_sibs, c->depth++) {
                if ( !cf->c_at_head && !cf->c_cr_head && !cf->c_oc_head &&
-                       !cf->c_om_head && !cf->c_syn_head ) continue;
+                       !cf->c_om_head && !cf->c_syn_head && !cf->c_kids ) continue;
                c->value_dn.bv_val = c->log;
                LUTIL_SLASHPATH( cf->c_file.bv_val );
                bv.bv_val = strrchr(cf->c_file.bv_val, LDAP_DIRSEP[0]);
@@ -6563,7 +6570,7 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent,
                ptr = strchr( bv.bv_val, '.' );
                if ( ptr )
                        bv.bv_len = ptr - bv.bv_val;
-               c->value_dn.bv_len = snprintf(c->value_dn.bv_val, sizeof( c->log ), "cn=" SLAP_X_ORDERED_FMT, c->depth);
+               c->value_dn.bv_len = snprintf(c->value_dn.bv_val, sizeof( c->log ), "cn=\"" SLAP_X_ORDERED_FMT, c->depth);
                if ( c->value_dn.bv_len >= sizeof( c->log ) ) {
                        /* FIXME: how can indicate error? */
                        return -1;
@@ -6571,8 +6578,15 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent,
                strncpy( c->value_dn.bv_val + c->value_dn.bv_len, bv.bv_val,
                        bv.bv_len );
                c->value_dn.bv_len += bv.bv_len;
+               c->value_dn.bv_val[c->value_dn.bv_len] ='"';
+               c->value_dn.bv_len++;
                c->value_dn.bv_val[c->value_dn.bv_len] ='\0';
-               rdnNormalize( 0, NULL, NULL, &c->value_dn, &rdn, NULL );
+               if ( rdnNormalize( 0, NULL, NULL, &c->value_dn, &rdn, NULL )) {
+                       Debug( LDAP_DEBUG_ANY,
+                               "config_build_schema_inc: invalid schema name \"%s\"\n",
+                               bv.bv_val, 0, 0 );
+                       return -1;
+               }
 
                c->ca_private = cf;
                e = config_build_entry( op, rs, ceparent, c, &rdn,
Cloned from git://git.openldap.org/openldap.git