ITS#3846 don't give hashed passwords to SASL, it only wants cleartext.

[openldap] / servers / slapd / oc.c
diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c

index 2b5b5f06f7f661d5494d9b921236427e55e26ef7..cd381f1bf3443d3c69845924aa0cbfc8a32b2e17 100644 (file)
--- a/servers/slapd/oc.c
+++ b/servers/slapd/oc.c
@@ -396,6 +396,57 @@ oc_destroy( void )
         }
  }
  
+/*
+ * check whether the two ObjectClasses actually __are__ identical,
+ * or rather inconsistent
+ */
+static int
+oc_check_dup(
+       ObjectClass     *soc,
+       ObjectClass     *new_soc )
+{
+       if ( new_soc->soc_oid != NULL ) {
+               if ( soc->soc_oid == NULL ) {
+                       return SLAP_SCHERR_CLASS_INCONSISTENT;
+               }
+
+               if ( strcmp( soc->soc_oid, new_soc->soc_oid ) != 0 ) {
+                       return SLAP_SCHERR_CLASS_INCONSISTENT;
+               }
+
+       } else {
+               if ( soc->soc_oid != NULL ) {
+                       return SLAP_SCHERR_CLASS_INCONSISTENT;
+               }
+       }
+
+       if ( new_soc->soc_names ) {
+               int     i;
+
+               if ( soc->soc_names == NULL ) {
+                       return SLAP_SCHERR_CLASS_INCONSISTENT;
+               }
+
+               for ( i = 0; new_soc->soc_names[ i ]; i++ ) {
+                       if ( soc->soc_names[ i ] == NULL ) {
+                               return SLAP_SCHERR_CLASS_INCONSISTENT;
+                       }
+                       
+                       if ( strcasecmp( soc->soc_names[ i ],
+                                       new_soc->soc_names[ i ] ) != 0 )
+                       {
+                               return SLAP_SCHERR_CLASS_INCONSISTENT;
+                       }
+               }
+       } else {
+               if ( soc->soc_names != NULL ) {
+                       return SLAP_SCHERR_CLASS_INCONSISTENT;
+               }
+       }
+
+       return SLAP_SCHERR_CLASS_DUP;
+}
+
  static int
  oc_insert(
      ObjectClass                *soc,
@@ -417,13 +468,21 @@ oc_insert(
                 if ( avl_insert( &oc_index, (caddr_t) oir,
                         oc_index_cmp, avl_dup_error ) )
                 {
+                       ObjectClass     *old_soc;
+                       int             rc;
+
                         *err = soc->soc_oid;
-                       ldap_memfree(oir);
-                       return SLAP_SCHERR_CLASS_DUP;
+
+                       old_soc = oc_bvfind( &oir->oir_name );
+                       assert( old_soc != NULL );
+                       rc = oc_check_dup( old_soc, soc );
+
+                       ldap_memfree( oir );
+                       return rc;
                 }
  
                 /* FIX: temporal consistency check */
-               assert( oc_bvfind(&oir->oir_name) != NULL );
+               assert( oc_bvfind( &oir->oir_name ) != NULL );
         }
  
         if ( (names = soc->soc_names) ) {
@@ -440,9 +499,17 @@ oc_insert(
                         if ( avl_insert( &oc_index, (caddr_t) oir,
                                 oc_index_cmp, avl_dup_error ) )
                         {
+                               ObjectClass     *old_soc;
+                               int             rc;
+
                                 *err = *names;
-                               ldap_memfree(oir);
-                               return SLAP_SCHERR_CLASS_DUP;
+
+                               old_soc = oc_bvfind( &oir->oir_name );
+                               assert( old_soc != NULL );
+                               rc = oc_check_dup( old_soc, soc );
+
+                               ldap_memfree( oir );
+                               return rc;
                         }
  
                         /* FIX: temporal consistency check */
@@ -453,7 +520,6 @@ oc_insert(
         }
         LDAP_STAILQ_INSERT_TAIL( &oc_list, soc, soc_next );
  
-
         return 0;
  }
  
@@ -467,6 +533,7 @@ oc_add(
         ObjectClass     *soc;
         int             code;
         int             op = 0;
+       char    *oidm = NULL;
  
         if ( oc->oc_names != NULL ) {
                 int i;
@@ -486,7 +553,7 @@ oc_add(
                         return SLAP_SCHERR_OIDM;
                 }
                 if ( oid != oc->oc_oid ) {
-                       ldap_memfree( oc->oc_oid );
+                       oidm = oc->oc_oid;
                         oc->oc_oid = oid;
                 }
         }
@@ -494,6 +561,7 @@ oc_add(
         soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
         AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
  
+       soc->soc_oidmacro = oidm;
         if( oc->oc_names != NULL ) {
                 soc->soc_cname.bv_val = soc->soc_names[0];
         } else {
@@ -560,12 +628,20 @@ oc_unparse( BerVarray *res, ObjectClass *start, ObjectClass *end, int sys )
         }
         i = 0;
         for ( oc=start; oc; oc=LDAP_STAILQ_NEXT(oc, soc_next)) {
+               LDAPObjectClass loc, *locp;
                 if ( sys && !(oc->soc_flags & SLAP_OC_HARDCODE)) continue;
-               if ( ldap_objectclass2bv( &oc->soc_oclass, &bv ) == NULL ) {
+               if ( oc->soc_oidmacro ) {
+                       loc = oc->soc_oclass;
+                       loc.oc_oid = oc->soc_oidmacro;
+                       locp = &loc;
+               } else {
+                       locp = &oc->soc_oclass;
+               }
+               if ( ldap_objectclass2bv( locp, &bv ) == NULL ) {
                         ber_bvarray_free( bva );
                 }
                 if ( !sys ) {
-                       idx.bv_len = sprintf(idx.bv_val, "{%02d}", i);
+                       idx.bv_len = sprintf(idx.bv_val, "{%d}", i);
                 }
                 bva[i].bv_len = idx.bv_len + bv.bv_len;
                 bva[i].bv_val = ch_malloc( bva[i].bv_len + 1 );