slap_overinst *on;
BerVarray member;
BerVarray memberof;
+ memberof_is_t what;
} memberof_cbinfo_t;
static int
a = attr_find( rs->sr_entry->e_attrs, mc->ad );
if ( a != NULL ) {
ber_bvarray_dup_x( &mc->vals, a->a_nvals, op->o_tmpmemctx );
- }
- if ( a && attr_find( a->a_next, mc->ad ) != NULL ) {
- Debug( LDAP_DEBUG_ANY,
- "%s: memberof_saveMember_cb(\"%s\"): "
- "more than one occurrence of \"%s\" "
- "attribute.\n",
- op->o_log_prefix,
- rs->sr_entry->e_name.bv_val,
- mc->ad->ad_cname.bv_val );
+ assert( attr_find( a->a_next, mc->ad ) == NULL );
}
}
* attribute values of groups being deleted.
*/
static int
-memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo_t *mci )
+memberof_isGroupOrMember( Operation *op, memberof_cbinfo_t *mci )
{
slap_overinst *on = mci->on;
memberof_t *mo = (memberof_t *)on->on_bi.bi_private;
Operation op2 = *op;
- SlapReply rs2 = { REP_RESULT };
slap_callback cb = { 0 };
BackendInfo *bi = op->o_bd->bd_info;
AttributeName an[ 2 ];
memberof_is_t iswhat = MEMBEROF_IS_NONE;
memberof_cookie_t mc;
- assert( iswhatp != NULL );
- assert( *iswhatp != MEMBEROF_IS_NONE );
+ assert( mci->what != MEMBEROF_IS_NONE );
cb.sc_private = &mc;
if ( op->o_tag == LDAP_REQ_DELETE ) {
op2.ors_slimit = 1;
op2.ors_tlimit = SLAP_NO_LIMIT;
- if ( *iswhatp & MEMBEROF_IS_GROUP ) {
+ if ( mci->what & MEMBEROF_IS_GROUP ) {
+ SlapReply rs2 = { REP_RESULT };
+
mc.ad = mo->mo_ad_member;
mc.foundit = 0;
mc.vals = NULL;
if ( mc.foundit ) {
iswhat |= MEMBEROF_IS_GROUP;
- mci->member = mc.vals;
+ if ( mc.vals ) mci->member = mc.vals;
}
}
- if ( *iswhatp & MEMBEROF_IS_MEMBER ) {
+ if ( mci->what & MEMBEROF_IS_MEMBER ) {
+ SlapReply rs2 = { REP_RESULT };
+
mc.ad = mo->mo_ad_memberof;
mc.foundit = 0;
mc.vals = NULL;
if ( mc.foundit ) {
iswhat |= MEMBEROF_IS_MEMBER;
- mci->memberof = mc.vals;
+ if ( mc.vals ) mci->memberof = mc.vals;
}
}
- *iswhatp = iswhat;
+ mci->what = iswhat;
return LDAP_SUCCESS;
}
/*
* response callback that adds memberof values when a group is modified.
*/
-static int
+static void
memberof_value_modify(
Operation *op,
- SlapReply *rs,
struct berval *ndn,
AttributeDescription *ad,
struct berval *old_dn,
ml->sml_flags = SLAP_MOD_INTERNAL;
ml->sml_next = op2.orm_modlist;
op2.orm_modlist = ml;
+ op2.orm_no_opattrs = 0;
if ( new_ndn != NULL ) {
+ BackendInfo *bi = op2.o_bd->bd_info;
+ OpExtra oex;
+
assert( !BER_BVISNULL( new_dn ) );
assert( !BER_BVISNULL( new_ndn ) );
ml->sml_values[ 0 ] = *new_dn;
ml->sml_nvalues[ 0 ] = *new_ndn;
+ oex.oe_key = (void *)&memberof;
+ LDAP_SLIST_INSERT_HEAD(&op2.o_extra, &oex, oe_next);
+ BER_BVZERO( &op2.o_csn );
+ op2.o_bd->bd_info = (BackendInfo *)on->on_info;
(void)op->o_bd->be_modify( &op2, &rs2 );
+ op2.o_bd->bd_info = bi;
+ LDAP_SLIST_REMOVE(&op2.o_extra, &oex, OpExtra, oe_next);
if ( rs2.sr_err != LDAP_SUCCESS ) {
char buf[ SLAP_TEXT_BUFLEN ];
snprintf( buf, sizeof( buf ),
- "memberof_value_modify %s=\"%s\" failed err=%d text=%s",
- ad->ad_cname.bv_val, new_dn->bv_val, rs2.sr_err,
- rs2.sr_text ? rs2.sr_text : "" );
+ "memberof_value_modify DN=\"%s\" add %s=\"%s\" failed err=%d",
+ op2.o_req_dn.bv_val, ad->ad_cname.bv_val, new_dn->bv_val, rs2.sr_err );
Debug( LDAP_DEBUG_ANY, "%s: %s\n",
op->o_log_prefix, buf, 0 );
}
}
if ( old_ndn != NULL ) {
+ BackendInfo *bi = op2.o_bd->bd_info;
+ OpExtra oex;
+
assert( !BER_BVISNULL( old_dn ) );
assert( !BER_BVISNULL( old_ndn ) );
ml->sml_values[ 0 ] = *old_dn;
ml->sml_nvalues[ 0 ] = *old_ndn;
+ oex.oe_key = (void *)&memberof;
+ LDAP_SLIST_INSERT_HEAD(&op2.o_extra, &oex, oe_next);
+ BER_BVZERO( &op2.o_csn );
+ op2.o_bd->bd_info = (BackendInfo *)on->on_info;
(void)op->o_bd->be_modify( &op2, &rs2 );
+ op2.o_bd->bd_info = bi;
+ LDAP_SLIST_REMOVE(&op2.o_extra, &oex, OpExtra, oe_next);
if ( rs2.sr_err != LDAP_SUCCESS ) {
char buf[ SLAP_TEXT_BUFLEN ];
snprintf( buf, sizeof( buf ),
- "memberof_value_modify %s=\"%s\" failed err=%d text=%s",
- ad->ad_cname.bv_val, old_dn->bv_val, rs2.sr_err,
- rs2.sr_text ? rs2.sr_text : "" );
+ "memberof_value_modify DN=\"%s\" delete %s=\"%s\" failed err=%d",
+ op2.o_req_dn.bv_val, ad->ad_cname.bv_val, old_dn->bv_val, rs2.sr_err );
Debug( LDAP_DEBUG_ANY, "%s: %s\n",
op->o_log_prefix, buf, 0 );
}
* add will fail; better split in two operations, although
* not optimal in terms of performance. At least it would
* move towards self-repairing capabilities. */
-
- return rs2.sr_err;
}
static int
struct berval save_dn, save_ndn;
slap_callback *sc;
memberof_cbinfo_t *mci;
+ OpExtra *oex;
+
+ LDAP_SLIST_FOREACH( oex, &op->o_extra, oe_next ) {
+ if ( oex->oe_key == (void *)&memberof )
+ return SLAP_CB_CONTINUE;
+ }
if ( op->ora_e->e_attrs == NULL ) {
/* FIXME: global overlay; need to deal with */
for ( i = 0; !BER_BVISNULL( &a->a_nvals[ i ] ); i++ ) {
Entry *e = NULL;
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &a->a_nvals[i], &save_ndn ))
+ continue;
+
rc = be_entry_get_rw( op, &a->a_nvals[ i ],
NULL, NULL, 0, &e );
if ( rc == LDAP_SUCCESS ) {
sizeof( struct berval ) * ( j - i ) );
}
i--;
+ a->a_numvals--;
}
}
send_ldap_result( op, rs );
goto done;
}
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &a->a_nvals[i], &save_ndn ))
+ continue;
+
rc = be_entry_get_rw( op, &a->a_nvals[ i ],
NULL, NULL, 0, &e );
op->o_bd->bd_info = (BackendInfo *)on;
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
memberof_t *mo = (memberof_t *)on->on_bi.bi_private;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
slap_callback *sc;
memberof_cbinfo_t *mci;
+ OpExtra *oex;
- if ( MEMBEROF_REFINT( mo ) ) {
- iswhat = MEMBEROF_IS_BOTH;
+ LDAP_SLIST_FOREACH( oex, &op->o_extra, oe_next ) {
+ if ( oex->oe_key == (void *)&memberof )
+ return SLAP_CB_CONTINUE;
}
sc = op->o_tmpalloc( sizeof(slap_callback)+sizeof(*mci), op->o_tmpmemctx );
mci->on = on;
mci->member = NULL;
mci->memberof = NULL;
+ mci->what = MEMBEROF_IS_GROUP;
+ if ( MEMBEROF_REFINT( mo ) ) {
+ mci->what = MEMBEROF_IS_BOTH;
+ }
- memberof_isGroupOrMember( op, &iswhat, mci );
+ memberof_isGroupOrMember( op, mci );
sc->sc_next = op->o_callback;
op->o_callback = sc;
Modifications **mlp, **mmlp = NULL;
int rc = SLAP_CB_CONTINUE, save_member = 0;
struct berval save_dn, save_ndn;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
slap_callback *sc;
memberof_cbinfo_t *mci, mcis;
+ OpExtra *oex;
+
+ LDAP_SLIST_FOREACH( oex, &op->o_extra, oe_next ) {
+ if ( oex->oe_key == (void *)&memberof )
+ return SLAP_CB_CONTINUE;
+ }
if ( MEMBEROF_REVERSE( mo ) ) {
for ( mlp = &op->orm_modlist; *mlp; mlp = &(*mlp)->sml_next ) {
save_dn = op->o_dn;
save_ndn = op->o_ndn;
mcis.on = on;
+ mcis.what = MEMBEROF_IS_GROUP;
- if ( memberof_isGroupOrMember( op, &iswhat, &mcis ) == LDAP_SUCCESS
- && ( iswhat & MEMBEROF_IS_GROUP ) )
+ if ( memberof_isGroupOrMember( op, &mcis ) == LDAP_SUCCESS
+ && ( mcis.what & MEMBEROF_IS_GROUP ) )
{
Modifications *ml;
int rc;
Entry *e;
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &ml->sml_nvalues[i], &save_ndn ))
+ continue;
+
if ( be_entry_get_rw( op, &ml->sml_nvalues[ i ],
NULL, NULL, 0, &e ) == LDAP_SUCCESS )
{
goto done2;
}
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &ml->sml_nvalues[i], &save_ndn ))
+ continue;
+
rc = be_entry_get_rw( op, &ml->sml_nvalues[ i ],
NULL, NULL, 0, &e );
op->o_bd->bd_info = (BackendInfo *)on;
mci->on = on;
mci->member = NULL;
mci->memberof = NULL;
+ mci->what = mcis.what;
if ( save_member ) {
op->o_dn = op->o_bd->be_rootdn;
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
slap_callback *sc;
memberof_cbinfo_t *mci;
+ OpExtra *oex;
+
+ LDAP_SLIST_FOREACH( oex, &op->o_extra, oe_next ) {
+ if ( oex->oe_key == (void *)&memberof )
+ return SLAP_CB_CONTINUE;
+ }
sc = op->o_tmpalloc( sizeof(slap_callback)+sizeof(*mci), op->o_tmpmemctx );
sc->sc_private = sc+1;
ma = attr_find( op->ora_e->e_attrs, mo->mo_ad_memberof );
if ( ma != NULL ) {
- char relax = op->o_relax;
-
/* relax is required to allow to add
* a non-existing member */
op->o_relax = SLAP_CONTROL_CRITICAL;
for ( i = 0; !BER_BVISNULL( &ma->a_nvals[ i ] ); i++ ) {
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &ma->a_nvals[i], &op->o_req_ndn ))
+ continue;
+
/* the modification is attempted
* with the original identity */
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&ma->a_nvals[ i ], mo->mo_ad_member,
NULL, NULL, &op->o_req_dn, &op->o_req_ndn );
}
a = attrs_find( a->a_next, mo->mo_ad_member ) )
{
for ( i = 0; !BER_BVISNULL( &a->a_nvals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ /* ITS#6670 Ignore member pointing to this entry */
+ if ( dn_match( &a->a_nvals[i], &op->o_req_ndn ))
+ continue;
+
+ memberof_value_modify( op,
&a->a_nvals[ i ],
mo->mo_ad_memberof,
NULL, NULL,
vals = mci->member;
if ( vals != NULL ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_memberof,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
vals = mci->memberof;
if ( vals != NULL ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_member,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
int i, rc;
Modifications *ml, *mml = NULL;
BerVarray vals;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
if ( rs->sr_err != LDAP_SUCCESS ) {
return SLAP_CB_CONTINUE;
case LDAP_MOD_DELETE:
if ( vals != NULL ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_member,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
op->o_bd->bd_info = (BackendInfo *)on;
if ( rc == LDAP_SUCCESS ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_member,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
assert( vals != NULL );
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_member,
NULL, NULL,
&op->o_req_dn, &op->o_req_ndn );
}
}
- if ( memberof_isGroupOrMember( op, &iswhat, mci ) == LDAP_SUCCESS
- && ( iswhat & MEMBEROF_IS_GROUP ) )
+ if ( mci->what & MEMBEROF_IS_GROUP )
{
for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
if ( ml->sml_desc != mo->mo_ad_member ) {
vals = ml->sml_nvalues;
if ( vals != NULL ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_memberof,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
/* delete all ... */
if ( vals != NULL ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_memberof,
&op->o_req_dn, &op->o_req_ndn,
NULL, NULL );
assert( ml->sml_nvalues != NULL );
vals = ml->sml_nvalues;
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_memberof,
NULL, NULL,
&op->o_req_dn, &op->o_req_ndn );
BerVarray vals;
struct berval save_dn, save_ndn;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
if ( rs->sr_err != LDAP_SUCCESS ) {
return SLAP_CB_CONTINUE;
}
+ mci->what = MEMBEROF_IS_GROUP;
if ( MEMBEROF_REFINT( mo ) ) {
- iswhat |= MEMBEROF_IS_MEMBER;
+ mci->what |= MEMBEROF_IS_MEMBER;
}
if ( op->orr_nnewSup ) {
op->o_req_dn = newNDN;
op->o_req_ndn = newNDN;
- rc = memberof_isGroupOrMember( op, &iswhat, mci );
+ rc = memberof_isGroupOrMember( op, mci );
op->o_req_dn = save_dn;
op->o_req_ndn = save_ndn;
- if ( rc != LDAP_SUCCESS || iswhat == MEMBEROF_IS_NONE ) {
+ if ( rc != LDAP_SUCCESS || mci->what == MEMBEROF_IS_NONE ) {
goto done;
}
build_new_dn( &newDN, &newPDN, &op->orr_newrdn, op->o_tmpmemctx );
- if ( iswhat & MEMBEROF_IS_GROUP ) {
+ if ( mci->what & MEMBEROF_IS_GROUP ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
rc = backend_attribute( op, NULL, &newNDN,
mo->mo_ad_member, &vals, ACL_READ );
if ( rc == LDAP_SUCCESS ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_memberof,
&op->o_req_dn, &op->o_req_ndn,
&newDN, &newNDN );
}
}
- if ( MEMBEROF_REFINT( mo ) && ( iswhat & MEMBEROF_IS_MEMBER ) ) {
+ if ( MEMBEROF_REFINT( mo ) && ( mci->what & MEMBEROF_IS_MEMBER ) ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
rc = backend_attribute( op, NULL, &newNDN,
mo->mo_ad_memberof, &vals, ACL_READ );
if ( rc == LDAP_SUCCESS ) {
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
- (void)memberof_value_modify( op, rs,
+ memberof_value_modify( op,
&vals[ i ], mo->mo_ad_member,
&op->o_req_dn, &op->o_req_ndn,
&newDN, &newNDN );