RFC 4511 calls for unavailableCriticalExtension to returned when

[openldap] / servers / slapd / modrdn.c

diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c
index 496abe34d7a300599bbc6b0538c283d357cc0a3c..258519349e9e00f95ae07c5fa867b4eb86f1dce0 100644 (file)
--- a/servers/slapd/modrdn.c
+++ b/servers/slapd/modrdn.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -171,12 +171,25 @@ do_modrdn(
                }
        }
 
-       /* FIXME: temporary? */
        op->orr_deleteoldrdn = deloldrdn;
+       op->orr_modlist = NULL;
+
+       /* prepare modlist of modifications from old/new RDN */
+       rs->sr_err = slap_modrdn2mods( op, rs );
+       if ( rs->sr_err != LDAP_SUCCESS ) {
+               send_ldap_result( op, rs );
+               goto cleanup;
+       }
 
        op->o_bd = frontendDB;
        rs->sr_err = frontendDB->be_modrdn( op, rs );
 
+#ifdef LDAP_X_TXN
+       if( rs->sr_err == LDAP_X_TXN_SPECIFY_OKAY ) {
+               /* skip cleanup */
+       }
+#endif
+
 cleanup:
        op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
        op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
@@ -184,10 +197,15 @@ cleanup:
        op->o_tmpfree( op->orr_newrdn.bv_val, op->o_tmpmemctx );        
        op->o_tmpfree( op->orr_nnewrdn.bv_val, op->o_tmpmemctx );       
 
-       if ( !BER_BVISNULL( &pnewSuperior ) ) 
+       if ( op->orr_modlist != NULL )
+               slap_mods_free( op->orr_modlist, 1 );
+
+       if ( !BER_BVISNULL( &pnewSuperior ) ) {
                op->o_tmpfree( pnewSuperior.bv_val, op->o_tmpmemctx );
-       if ( !BER_BVISNULL( &nnewSuperior ) )
+       }
+       if ( !BER_BVISNULL( &nnewSuperior ) ) {
                op->o_tmpfree( nnewSuperior.bv_val, op->o_tmpmemctx );
+       }
 
        return rs->sr_err;
 }
@@ -198,7 +216,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
        Backend         *newSuperior_be = NULL;
        int             manageDSAit;
        struct berval   pdn = BER_BVNULL;
-       BackendDB *op_be;
+       BackendDB       *op_be, *bd = op->o_bd;
        
        if( op->o_req_ndn.bv_len == 0 ) {
                Debug( LDAP_DEBUG_ANY, "do_modrdn: root dse!\n", 0, 0, 0 );
@@ -228,22 +246,19 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
         */
        op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 1 );
        if ( op->o_bd == NULL ) {
+               op->o_bd = bd;
                rs->sr_ref = referral_rewrite( default_referral,
                        NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
                if (!rs->sr_ref) rs->sr_ref = default_referral;
 
                if ( rs->sr_ref != NULL ) {
                        rs->sr_err = LDAP_REFERRAL;
-                       op->o_bd = frontendDB;
                        send_ldap_result( op, rs );
-                       op->o_bd = NULL;
 
                        if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
                } else {
-                       op->o_bd = frontendDB;
                        send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                "no global superior knowledge" );
-                       op->o_bd = NULL;
                }
                goto cleanup;
        }
@@ -289,17 +304,13 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
        if ( op->o_bd->be_modrdn ) {
                /* do the update here */
                int repl_user = be_isupdate( op );
-#ifndef SLAPD_MULTIMASTER
-               if ( !SLAP_SHADOW(op->o_bd) || repl_user )
-#endif
+               if ( !SLAP_SINGLE_SHADOW(op->o_bd) || repl_user )
                {
                        slap_callback cb = { NULL, slap_replog_cb, NULL, NULL };
 
                        op->o_bd = op_be;
 
-#ifdef SLAPD_MULTIMASTER
                        if ( !op->o_bd->be_update_ndn.bv_len || !repl_user )
-#endif
                        {
                                cb.sc_next = op->o_callback;
                                op->o_callback = &cb;
@@ -345,7 +356,6 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
                                op->o_delete_glue_parent = 0;
                        }
 
-#ifndef SLAPD_MULTIMASTER
                } else {
                        BerVarray defref = op->o_bd->be_update_refs
                                ? op->o_bd->be_update_refs : default_referral;
@@ -363,7 +373,6 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
                                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
                                        "shadow context; no update referral" );
                        }
-#endif
                }
        } else {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
@@ -371,26 +380,43 @@ fe_op_modrdn( Operation *op, SlapReply *rs )
        }
 
 cleanup:;
+       op->o_bd = bd;
        return rs->sr_err;
 }
 
 int
 slap_modrdn2mods(
        Operation       *op,
-       SlapReply       *rs,
-       Entry           *e,
-       LDAPRDN         old_rdn,
-       LDAPRDN         new_rdn,
-       Modifications   **pmod )
+       SlapReply       *rs )
 {
-       Modifications   *mod = NULL;
        int             a_cnt, d_cnt;
-       int repl_user;
-
-       assert( new_rdn != NULL );
-       assert( !op->orr_deleteoldrdn || old_rdn != NULL );
+       LDAPRDN         old_rdn = NULL;
+       LDAPRDN         new_rdn = NULL;
+
+       assert( !BER_BVISEMPTY( &op->oq_modrdn.rs_newrdn ) );
+       assert( !op->orr_deleteoldrdn || !BER_BVISEMPTY( &op->o_req_dn ) );
+
+       if ( ldap_bv2rdn_x( &op->oq_modrdn.rs_newrdn, &new_rdn,
+               (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx ) ) {
+               Debug( LDAP_DEBUG_TRACE,
+                       "slap_modrdn2mods: can't figure out "
+                       "type(s)/value(s) of newrdn\n", 0, 0, 0 );
+               rs->sr_err = LDAP_INVALID_DN_SYNTAX;
+               rs->sr_text = "unknown type(s) used in RDN";
+               goto done;
+       }
 
-       repl_user = be_isupdate( op );
+       if ( op->oq_modrdn.rs_deleteoldrdn ) {
+               if ( ldap_bv2rdn_x( &op->o_req_dn, &old_rdn,
+                       (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx ) ) {
+                       Debug( LDAP_DEBUG_TRACE,
+                               "slap_modrdn2mods: can't figure out "
+                               "type(s)/value(s) of oldrdn\n", 0, 0, 0 );
+                       rs->sr_err = LDAP_OTHER;
+                       rs->sr_text = "cannot parse RDN from old DN";
+                       goto done;
+               }
+       }
 
        /* Add new attribute values to the entry */
        for ( a_cnt = 0; new_rdn[a_cnt]; a_cnt++ ) {
@@ -401,33 +427,21 @@ slap_modrdn2mods(
 
                if ( rs->sr_err != LDAP_SUCCESS ) {
                        Debug( LDAP_DEBUG_TRACE,
-                               "slap_modrdn2modlist: %s: %s (new)\n",
+                               "slap_modrdn2mods: %s: %s (new)\n",
                                rs->sr_text, 
                                new_rdn[ a_cnt ]->la_attr.bv_val, 0 );
                        goto done;              
                }
 
-               /* ACL check of newly added attrs */
-               if ( op->o_bd && !access_allowed( op, e, desc,
-                       &new_rdn[a_cnt]->la_value, ACL_WADD, NULL ) ) {
-                       Debug( LDAP_DEBUG_TRACE,
-                               "slap_modrdn2modlist: access to attr \"%s\" "
-                               "(new) not allowed\n", 
-                               new_rdn[ a_cnt ]->la_attr.bv_val, 0, 0 );
-                       rs->sr_text = "access to naming attributes (new) not allowed";
-                       rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
-                       goto done;
-               }
-
                /* Apply modification */
-               mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications )
-                       + 4 * sizeof( struct berval ) );
+               mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
                mod_tmp->sml_desc = desc;
-               mod_tmp->sml_values = ( BerVarray )( mod_tmp + 1 );
-               mod_tmp->sml_values[0] = new_rdn[a_cnt]->la_value;
+               BER_BVZERO( &mod_tmp->sml_type );
+               mod_tmp->sml_values = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
+               ber_dupbv( &mod_tmp->sml_values[0], &new_rdn[a_cnt]->la_value );
                mod_tmp->sml_values[1].bv_val = NULL;
                if( desc->ad_type->sat_equality->smr_normalize) {
-                       mod_tmp->sml_nvalues = &mod_tmp->sml_values[2];
+                       mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
                        (void) (*desc->ad_type->sat_equality->smr_normalize)(
                                SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
                                desc->ad_type->sat_syntax,
@@ -439,9 +453,9 @@ slap_modrdn2mods(
                        mod_tmp->sml_nvalues = NULL;
                }
                mod_tmp->sml_op = SLAP_MOD_SOFTADD;
-               mod_tmp->sml_flags = SLAP_MOD_INTERNAL;
-               mod_tmp->sml_next = mod;
-               mod = mod_tmp;
+               mod_tmp->sml_flags = 0;
+               mod_tmp->sml_next = op->orr_modlist;
+               op->orr_modlist = mod_tmp;
        }
 
        /* Remove old rdn value if required */
@@ -453,69 +467,58 @@ slap_modrdn2mods(
                        rs->sr_err = slap_bv2ad( &old_rdn[d_cnt]->la_attr, &desc, &rs->sr_text );
                        if ( rs->sr_err != LDAP_SUCCESS ) {
                                Debug( LDAP_DEBUG_TRACE,
-                                       "slap_modrdn2modlist: %s: %s (old)\n",
+                                       "slap_modrdn2mods: %s: %s (old)\n",
                                        rs->sr_text, 
                                        old_rdn[d_cnt]->la_attr.bv_val, 
                                        0 );
                                goto done;              
                        }
 
-                       /* ACL check of old rdn attrs removal */
-                       if ( op->o_bd && !access_allowed( op, e, desc,
-                               &old_rdn[d_cnt]->la_value, ACL_WDEL, 
-                               NULL ) ) {
-                               Debug( LDAP_DEBUG_TRACE,
-                                       "slap_modrdn2modlist: access "
-                                       "to attr \"%s\" (old) not allowed\n", 
-                                       old_rdn[ d_cnt ]->la_attr.bv_val,
-                                       0, 0 );
-                               rs->sr_text = "access to naming attributes (old) not allowed";
-                               rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
-                               goto done;
-                       }
-
                        /* Apply modification */
-                       mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications )
-                               + 4 * sizeof ( struct berval ) );
+                       mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
                        mod_tmp->sml_desc = desc;
-                       mod_tmp->sml_values = ( BerVarray )(mod_tmp+1);
-                       mod_tmp->sml_values[0] = old_rdn[d_cnt]->la_value;
+                       BER_BVZERO( &mod_tmp->sml_type );
+                       mod_tmp->sml_values = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
+                       ber_dupbv( &mod_tmp->sml_values[0], &old_rdn[d_cnt]->la_value );
                        mod_tmp->sml_values[1].bv_val = NULL;
                        if( desc->ad_type->sat_equality->smr_normalize) {
-                               mod_tmp->sml_nvalues = &mod_tmp->sml_values[2];
+                               mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
                                (void) (*desc->ad_type->sat_equality->smr_normalize)(
                                        SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
                                        desc->ad_type->sat_syntax,
                                        desc->ad_type->sat_equality,
                                        &mod_tmp->sml_values[0],
-                                       &mod_tmp->sml_nvalues[0], op->o_tmpmemctx );
+                                       &mod_tmp->sml_nvalues[0], NULL );
                                mod_tmp->sml_nvalues[1].bv_val = NULL;
                        } else {
                                mod_tmp->sml_nvalues = NULL;
                        }
                        mod_tmp->sml_op = LDAP_MOD_DELETE;
-                       mod_tmp->sml_flags = SLAP_MOD_INTERNAL;
-                       mod_tmp->sml_next = mod;
-                       mod = mod_tmp;
+                       mod_tmp->sml_flags = 0;
+                       mod_tmp->sml_next = op->orr_modlist;
+                       op->orr_modlist = mod_tmp;
                }
        }
        
 done:
 
-       if ( rs->sr_err == LDAP_SUCCESS && !repl_user ) {
-               slap_mods_opattrs( op, mod, 1 );
-       }
-
        /* LDAP v2 supporting correct attribute handling. */
-       if ( rs->sr_err != LDAP_SUCCESS && mod != NULL ) {
+       if ( rs->sr_err != LDAP_SUCCESS && op->orr_modlist != NULL ) {
                Modifications *tmp;
-               for ( ; mod; mod = tmp ) {
-                       tmp = mod->sml_next;
-                       ch_free( mod );
+
+               for ( ; op->orr_modlist != NULL; op->orr_modlist = tmp ) {
+                       tmp = op->orr_modlist->sml_next;
+                       ch_free( op->orr_modlist );
                }
        }
 
-       *pmod = mod;
+       if ( new_rdn != NULL ) {
+               ldap_rdnfree_x( new_rdn, op->o_tmpmemctx );
+       }
+       if ( old_rdn != NULL ) {
+               ldap_rdnfree_x( old_rdn, op->o_tmpmemctx );
+       }
 
        return rs->sr_err;
 }
+