/* $OpenLDAP$ */
/*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
/*
Operation *op
)
{
- char *dn, *ndn, *newrdn;
+ char *dn, *ndn = NULL, *newrdn;
ber_int_t deloldrdn;
Backend *be;
/* Vars for LDAP v3 newSuperior support */
char *newSuperior = NULL;
- char *nnewSuperior = NULL;
+ char *nnewSuperior = NULL;
Backend *newSuperior_be = NULL;
ber_len_t length;
int rc;
+ const char *text;
+ int manageDSAit;
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
+ "do_modrdn: begin\n" ));
+#else
Debug( LDAP_DEBUG_TRACE, "do_modrdn\n", 0, 0, 0 );
+#endif
- if( op->o_bind_in_progress ) {
- Debug( LDAP_DEBUG_ANY, "do_modrdn: SASL bind in progress.\n",
- 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_SASL_BIND_IN_PROGRESS,
- NULL, "SASL bind in progress", NULL, NULL );
- return LDAP_SASL_BIND_IN_PROGRESS;
- }
/*
* Parse the modrdn request. It looks like this:
if ( ber_scanf( op->o_ber, "{aab", &dn, &newrdn, &deloldrdn )
== LBER_ERROR ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: ber_scanf failed\n" ));
+#else
Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
+#endif
+
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
return SLAPD_DISCONNECT;
/* Conection record indicates v2 but field
* newSuperior is present: report error.
*/
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: (v2) invalid field newSuperior.\n" ));
+#else
Debug( LDAP_DEBUG_ANY,
"modrdn(v2): invalid field newSuperior!\n",
0, 0, 0 );
+#endif
+
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "newSuperior requires LDAPv3" );
rc = SLAPD_DISCONNECT;
if ( ber_scanf( op->o_ber, "a", &newSuperior )
== LBER_ERROR ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: ber_scanf(\"a\") failed\n" ));
+#else
Debug( LDAP_DEBUG_ANY, "ber_scanf(\"a\") failed\n",
0, 0, 0 );
+#endif
+
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
rc = SLAPD_DISCONNECT;
nnewSuperior = ch_strdup( newSuperior );
if( dn_normalize( nnewSuperior ) == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: invalid new superior (%s)\n", newSuperior ));
+#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid new superior (%s)\n",
newSuperior, 0, 0 );
+#endif
+
send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid (new superior) DN", NULL, NULL );
+ "invalid new superior DN", NULL, NULL );
goto cleanup;
}
}
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
+ "do_modrdn: dn (%s) newrdn (%s) newsuperior(%s)\n",
+ dn, newrdn, newSuperior != NULL ? newSuperior : "" ));
+#else
Debug( LDAP_DEBUG_ARGS,
"do_modrdn: dn (%s) newrdn (%s) newsuperior (%s)\n",
dn, newrdn,
newSuperior != NULL ? newSuperior : "" );
+#endif
+
if ( ber_scanf( op->o_ber, /*{*/ "}") == LBER_ERROR ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: ber_scanf failed\n" ));
+#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: ber_scanf failed\n", 0, 0, 0 );
+#endif
+
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
rc = SLAPD_DISCONNECT;
}
if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: get_ctrls failed\n" ));
+#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: get_ctrls failed\n", 0, 0, 0 );
- /* get_ctrls has sent results. Now clean up. */
+#endif
+
+ /* get_ctrls has sent results. Now clean up. */
goto cleanup;
}
ndn = ch_strdup( dn );
if( dn_normalize( ndn ) == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: invalid dn (%s)\n", dn ));
+#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid dn (%s)\n", dn, 0, 0 );
+#endif
+
send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
"invalid DN", NULL, NULL );
goto cleanup;
}
if( !rdn_validate( newrdn ) ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: invalid rdn (%s).\n", newrdn ));
+#else
Debug( LDAP_DEBUG_ANY, "do_modrdn: invalid rdn (%s)\n", newrdn, 0, 0 );
+#endif
+
send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
"invalid RDN", NULL, NULL );
goto cleanup;
}
+ if( *ndn == '\0' ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_modrdn: attempt to modify root DSE.\n" ));
+#else
+ Debug( LDAP_DEBUG_ANY, "do_modrdn: root dse!\n", 0, 0, 0 );
+#endif
+
+ send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
+ NULL, "cannot rename the root DSE", NULL, NULL );
+ goto cleanup;
+ }
+
Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d MODRDN dn=\"%s\"\n",
op->o_connid, op->o_opid, dn, 0, 0 );
+ manageDSAit = get_manageDSAit( op );
+
/*
* We could be serving multiple database backends. Select the
* appropriate one, or send a referral to our "referral server"
* if we don't hold it.
*/
-
- if ( (be = select_backend( ndn )) == NULL ) {
+ if ( (be = select_backend( ndn, manageDSAit )) == NULL ) {
send_ldap_result( conn, op, rc = LDAP_REFERRAL,
NULL, NULL, default_referral, NULL );
goto cleanup;
}
- /* make sure this backend recongizes critical controls */
- rc = backend_check_controls( be, conn, op ) ;
-
+ /* check restrictions */
+ rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
- NULL, NULL, NULL, NULL );
+ NULL, text, NULL, NULL );
goto cleanup;
}
- if ( global_readonly || be->be_readonly ) {
- Debug( LDAP_DEBUG_ANY, "do_modrdn: database is read-only\n",
- 0, 0, 0 );
- send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "database is read-only", NULL, NULL );
+ /* check for referrals */
+ rc = backend_check_referrals( be, conn, op, dn, ndn );
+ if ( rc != LDAP_SUCCESS ) {
goto cleanup;
}
* the same backend, otherwise we return an error.
*/
if( newSuperior != NULL ) {
- newSuperior_be = select_backend( nnewSuperior );
+ newSuperior_be = select_backend( nnewSuperior, 0 );
if ( newSuperior_be != be ) {
/* newSuperior is in same backend */
rc = LDAP_AFFECTS_MULTIPLE_DSAS;
send_ldap_result( conn, op, rc,
- NULL, NULL, NULL, NULL );
+ NULL, "cannot rename between DSAa", NULL, NULL );
goto cleanup;
}
#endif
) {
struct replog_moddn moddn;
- moddn.newrdn = newrdn;
+ moddn.newrdn = newrdn;
moddn.deloldrdn = deloldrdn;
moddn.newsup = newSuperior;
}
} else {
send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
- NULL, "Function not implemented", NULL, NULL );
+ NULL, "operation not supported within namingContext", NULL, NULL );
}
cleanup:
free( dn );
- free( ndn );
+ if( ndn != NULL ) free( ndn );
free( newrdn );
if ( newSuperior != NULL )
free( newSuperior );
projects / openldap / blobdiff