Ignore attempts to Add cn=schema,cn=config

[openldap] / servers / slapd / filter.c

diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c
index 46a5c7a6d3572467640c23b6b55a3f7281136817..02467fb301e45431ad92f9d3a5c8dd16b23327ad 100644 (file)
--- a/servers/slapd/filter.c
+++ b/servers/slapd/filter.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -348,7 +348,7 @@ get_ssa(
 {
        ber_tag_t       tag;
        ber_len_t       len;
-       ber_tag_t       rc;
+       int     rc;
        struct berval desc, value, nvalue;
        char            *last;
        SubstringsAssertion ssa;
@@ -385,6 +385,17 @@ get_ssa(
 
        rc = LDAP_PROTOCOL_ERROR;
 
+       /* If there is no substring matching rule, there's nothing
+        * we can do with this filter. But we continue to parse it
+        * for logging purposes.
+        */
+       if ( ssa.sa_desc->ad_type->sat_substr == NULL ) {
+               f->f_choice |= SLAPD_FILTER_UNDEFINED;
+               Debug( LDAP_DEBUG_FILTER,
+               "get_ssa: no substring matching rule for attributeType %s\n",
+                       desc.bv_val, 0, 0 );
+       }
+
        for ( tag = ber_first_element( ber, &len, &last );
                tag != LBER_DEFAULT;
                tag = ber_next_element( ber, &len, last ) )
@@ -444,7 +455,13 @@ get_ssa(
                rc = asserted_value_validate_normalize(
                        ssa.sa_desc, ssa.sa_desc->ad_type->sat_equality,
                        usage, &value, &nvalue, text, op->o_tmpmemctx );
-               if( rc != LDAP_SUCCESS ) goto return_error;
+               if( rc != LDAP_SUCCESS ) {
+                       f->f_choice |= SLAPD_FILTER_UNDEFINED;
+                       Debug( LDAP_DEBUG_FILTER,
+                       "get_ssa: illegal value for attributeType %s (%d) %s\n",
+                               desc.bv_val, rc, *text );
+                       ber_dupbv_x( &nvalue, &value, op->o_tmpmemctx );
+               }
 
                switch ( tag ) {
                case LDAP_SUBSTRING_INITIAL:
@@ -478,6 +495,7 @@ return_error:
                        return rc;
                }
 
+               *text = NULL;
                rc = LDAP_SUCCESS;
        }
 
@@ -491,7 +509,7 @@ return_error:
 }
 
 void
-filter_free_x( Operation *op, Filter *f )
+filter_free_x( Operation *op, Filter *f, int freeme )
 {
        Filter  *p, *next;
 
@@ -530,7 +548,7 @@ filter_free_x( Operation *op, Filter *f )
        case LDAP_FILTER_NOT:
                for ( p = f->f_list; p != NULL; p = next ) {
                        next = p->f_next;
-                       filter_free_x( op, p );
+                       filter_free_x( op, p, 1 );
                }
                break;
 
@@ -547,7 +565,9 @@ filter_free_x( Operation *op, Filter *f )
                break;
        }
 
-       op->o_tmpfree( f, op->o_tmpmemctx );
+       if ( freeme ) {
+               op->o_tmpfree( f, op->o_tmpmemctx );
+       }
 }
 
 void
@@ -559,7 +579,7 @@ filter_free( Filter *f )
        op.o_hdr = &ohdr;
        op.o_tmpmemctx = slap_sl_context( f );
        op.o_tmpmfuncs = &slap_sl_mfuncs;
-       filter_free_x( &op, f );
+       filter_free_x( &op, f, 1 );
 }
 
 void
@@ -608,7 +628,9 @@ filter2bv_x( Operation *op, Filter *f, struct berval *fstr )
 simple:
                value = f->f_av_value;
                if ( f->f_av_desc->ad_type->sat_equality &&
-                       f->f_av_desc->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ) {
+                       !undef &&
+                       ( f->f_av_desc->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ))
+               {
                        f->f_av_desc->ad_type->sat_equality->smr_normalize(
                                (SLAP_MR_DENORMALIZE|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX),
                                NULL, NULL, &f->f_av_value, &value, op->o_tmpmemctx );