/* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2006 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
-/*
- * Copyright (c) 1995 Regents of the University of Michigan.
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
#include <ac/string.h>
#include <ac/socket.h>
-#include "ldap_pvt.h"
#include "slap.h"
+#include "lutil.h"
+
int
do_delete(
- Connection *conn,
- Operation *op
-)
+ Operation *op,
+ SlapReply *rs )
{
- char *dn, *ndn = NULL;
- const char *text;
- Backend *be;
- int rc;
+ struct berval dn = BER_BVNULL;
Debug( LDAP_DEBUG_TRACE, "do_delete\n", 0, 0, 0 );
* DelRequest := DistinguishedName
*/
- if ( ber_scanf( op->o_ber, "a", &dn ) == LBER_ERROR ) {
+ if ( ber_scanf( op->o_ber, "m", &dn ) == LBER_ERROR ) {
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
- send_ldap_disconnect( conn, op,
- LDAP_PROTOCOL_ERROR, "decoding error" );
+ send_ldap_discon( op, rs, LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
}
- if( ( rc = get_ctrls( conn, op, 1 ) ) != LDAP_SUCCESS ) {
+ if( get_ctrls( op, rs, 1 ) != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "do_delete: get_ctrls failed\n", 0, 0, 0 );
goto cleanup;
}
- ndn = ch_strdup( dn );
+ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn,
+ op->o_tmpmemctx );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY,
+ "do_delete: invalid dn (%s)\n", dn.bv_val, 0, 0 );
+ send_ldap_error( op, rs, LDAP_INVALID_DN_SYNTAX, "invalid DN" );
+ goto cleanup;
+ }
+
+ if( op->o_req_ndn.bv_len == 0 ) {
+ Debug( LDAP_DEBUG_ANY, "do_delete: root dse!\n", 0, 0, 0 );
+ /* protocolError would likely be a more appropriate error */
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot delete the root DSE" );
+ goto cleanup;
- if( dn_normalize( ndn ) == NULL ) {
- Debug( LDAP_DEBUG_ANY, "do_delete: invalid dn (%s)\n", dn, 0, 0 );
- send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid DN", NULL, NULL );
+ } else if ( bvmatch( &op->o_req_ndn, &frontendDB->be_schemandn ) ) {
+ Debug( LDAP_DEBUG_ANY, "do_delete: subschema subentry!\n", 0, 0, 0 );
+ /* protocolError would likely be a more appropriate error */
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "cannot delete the root DSE" );
goto cleanup;
}
- Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d DEL dn=\"%s\"\n",
- op->o_connid, op->o_opid, dn, 0, 0 );
+ Statslog( LDAP_DEBUG_STATS, "%s DEL dn=\"%s\"\n",
+ op->o_log_prefix, op->o_req_dn.bv_val, 0, 0, 0 );
+
+ op->o_bd = frontendDB;
+ rs->sr_err = frontendDB->be_delete( op, rs );
+
+#ifdef LDAP_X_TXN
+ if( rs->sr_err == LDAP_X_TXN_SPECIFY_OKAY ) {
+ /* skip cleanup */
+ return rs->sr_err;
+ }
+#endif
+
+cleanup:;
+ op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
+ op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
+ return rs->sr_err;
+}
+
+int
+fe_op_delete( Operation *op, SlapReply *rs )
+{
+ struct berval pdn = BER_BVNULL;
+ int manageDSAit;
+ BackendDB *op_be, *bd = op->o_bd;
+
+ manageDSAit = get_manageDSAit( op );
/*
* We could be serving multiple database backends. Select the
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
- if ( (be = select_backend( ndn )) == NULL ) {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, default_referral, NULL );
+ op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 1 );
+ if ( op->o_bd == NULL ) {
+ op->o_bd = bd;
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+
+ if (!rs->sr_ref) rs->sr_ref = default_referral;
+ if ( rs->sr_ref != NULL ) {
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+
+ if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
+ } else {
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "no global superior knowledge" );
+ }
goto cleanup;
}
- /* make sure this backend recongizes critical controls */
- rc = backend_check_controls( be, conn, op, &text ) ;
-
- if( rc != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc,
- NULL, text, NULL, NULL );
- goto cleanup;
+ /* If we've got a glued backend, check the real backend */
+ op_be = op->o_bd;
+ if ( SLAP_GLUE_INSTANCE( op->o_bd )) {
+ op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 0 );
}
- /* check for referrals */
- rc = backend_check_referrals( be, conn, op,
- dn, ndn, &text );
-
- if ( rc != LDAP_SUCCESS ) {
+ /* check restrictions */
+ if( backend_check_restrictions( op, rs, NULL ) != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
goto cleanup;
}
- if ( global_readonly || be->be_readonly ) {
- Debug( LDAP_DEBUG_ANY, "do_delete: database is read-only\n",
- 0, 0, 0 );
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "directory is read-only", NULL, NULL );
+ /* check for referrals */
+ if( backend_check_referrals( op, rs ) != LDAP_SUCCESS ) {
goto cleanup;
}
- /* deref suffix alias if appropriate */
- ndn = suffix_alias( be, ndn );
-
/*
* do the delete if 1 && (2 || 3)
* 1) there is a delete function implemented in this backend;
* 2) this backend is master for what it holds;
* 3) it's a replica and the dn supplied is the update_ndn.
*/
- if ( be->be_delete ) {
+ if ( op->o_bd->be_delete ) {
/* do the update here */
-#ifndef SLAPD_MULTIMASTER
- if ( be->be_update_ndn == NULL ||
- strcmp( be->be_update_ndn, op->o_ndn ) == 0 )
-#endif
- {
- if ( (*be->be_delete)( be, conn, op, dn, ndn ) == 0 ) {
-#ifdef SLAPD_MULTIMASTER
- if (be->be_update_ndn == NULL ||
- strcmp( be->be_update_ndn, op->o_ndn ))
-#endif
- {
- replog( be, op, dn, NULL );
+ int repl_user = be_isupdate( op );
+ if ( !SLAP_SINGLE_SHADOW(op->o_bd) || repl_user ) {
+ struct berval org_req_dn = BER_BVNULL;
+ struct berval org_req_ndn = BER_BVNULL;
+ struct berval org_dn = BER_BVNULL;
+ struct berval org_ndn = BER_BVNULL;
+ int org_managedsait;
+ slap_callback cb = { NULL, slap_replog_cb, NULL, NULL };
+
+ op->o_bd = op_be;
+
+ if ( !op->o_bd->be_update_ndn.bv_len || !repl_user ) {
+ cb.sc_next = op->o_callback;
+ op->o_callback = &cb;
+ }
+
+ op->o_bd->be_delete( op, rs );
+
+ org_req_dn = op->o_req_dn;
+ org_req_ndn = op->o_req_ndn;
+ org_dn = op->o_dn;
+ org_ndn = op->o_ndn;
+ org_managedsait = get_manageDSAit( op );
+ op->o_dn = op->o_bd->be_rootdn;
+ op->o_ndn = op->o_bd->be_rootndn;
+ op->o_managedsait = SLAP_CONTROL_NONCRITICAL;
+
+ while ( rs->sr_err == LDAP_SUCCESS &&
+ op->o_delete_glue_parent )
+ {
+ op->o_delete_glue_parent = 0;
+ if ( !be_issuffix( op->o_bd, &op->o_req_ndn )) {
+ slap_callback cb = { NULL, NULL, NULL, NULL };
+ cb.sc_response = slap_null_cb;
+ dnParent( &op->o_req_ndn, &pdn );
+ op->o_req_dn = pdn;
+ op->o_req_ndn = pdn;
+ op->o_callback = &cb;
+ op->o_bd->be_delete( op, rs );
+ } else {
+ break;
}
}
-#ifndef SLAPD_MULTIMASTER
+
+ op->o_managedsait = org_managedsait;
+ op->o_dn = org_dn;
+ op->o_ndn = org_ndn;
+ op->o_req_dn = org_req_dn;
+ op->o_req_ndn = org_req_ndn;
+ op->o_delete_glue_parent = 0;
+
} else {
- send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL,
- be->be_update_refs ? be->be_update_refs : default_referral, NULL );
-#endif
+ BerVarray defref = op->o_bd->be_update_refs
+ ? op->o_bd->be_update_refs : default_referral;
+
+ if ( defref != NULL ) {
+ rs->sr_ref = referral_rewrite( defref,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
+ if (!rs->sr_ref) rs->sr_ref = defref;
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+
+ if (rs->sr_ref != defref) ber_bvarray_free( rs->sr_ref );
+
+ } else {
+ send_ldap_error( op, rs,
+ LDAP_UNWILLING_TO_PERFORM,
+ "shadow context; no update referral" );
+ }
}
} else {
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "operation not supported within namingContext", NULL, NULL );
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "operation not supported within namingContext" );
}
-cleanup:
- if( ndn != NULL ) free( ndn );
- free( dn );
- return rc;
+
+cleanup:;
+ op->o_bd = bd;
+ return rs->sr_err;
}