X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fback-meta%2Fmodify.c;h=3ca7cf821f8c8a183f63b72152107e265ddaee0a;hb=843e327a39e1ba023001fbbbe89733a431956549;hp=62ae54b1e5b112e1d80333d9cc6e9a4c7149f86c;hpb=44725e73034f8a077ca73f1ad359f913d37a89ac;p=openldap

diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c
index 62ae54b1e5..3ca7cf821f 100644
--- a/servers/slapd/back-meta/modify.c
+++ b/servers/slapd/back-meta/modify.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1999-2004 The OpenLDAP Foundation.
+ * Copyright 1999-2007 The OpenLDAP Foundation.
  * Portions Copyright 2001-2003 Pierangelo Masarati.
  * Portions Copyright 1999-2003 Howard Chu.
  * All rights reserved.
@@ -34,73 +34,82 @@
 int
 meta_back_modify( Operation *op, SlapReply *rs )
 {
-	struct metainfo		*li = ( struct metainfo * )op->o_bd->be_private;
-	struct metaconn 	*lc;
-	int			rc = 0;
-	LDAPMod			**modv = NULL;
-	LDAPMod			*mods = NULL;
-	Modifications		*ml;
-	int			candidate = -1, i;
-	struct berval		mdn = BER_BVNULL;
-	struct berval		mapped;
-	dncookie		dc;
-
-	lc = meta_back_getconn( op, rs, META_OP_REQUIRE_SINGLE,
-			&op->o_req_ndn, &candidate );
-	if ( !lc ) {
-		rc = -1;
-		goto cleanup;
-	}
-	
-	if ( !meta_back_dobind( lc, op )
-			|| !meta_back_is_valid( lc, candidate ) ) {
-		rs->sr_err = LDAP_OTHER;
-		rc = -1;
-		goto cleanup;
+	metainfo_t	*mi = ( metainfo_t * )op->o_bd->be_private;
+	metatarget_t	*mt;
+	metaconn_t	*mc;
+	int		rc = 0;
+	LDAPMod		**modv = NULL;
+	LDAPMod		*mods = NULL;
+	Modifications	*ml;
+	int		candidate = -1, i;
+	int		isupdate;
+	struct berval	mdn = BER_BVNULL;
+	struct berval	mapped;
+	dncookie	dc;
+	int		msgid;
+	int		do_retry = 1;
+	LDAPControl	**ctrls = NULL;
+
+	mc = meta_back_getconn( op, rs, &candidate, LDAP_BACK_SENDERR );
+	if ( !mc || !meta_back_dobind( op, rs, mc, LDAP_BACK_SENDERR ) ) {
+		return rs->sr_err;
 	}
 
+	assert( mc->mc_conns[ candidate ].msc_ld != NULL );
+
 	/*
 	 * Rewrite the modify dn, if needed
 	 */
-	dc.rwmap = &li->targets[ candidate ]->rwmap;
+	mt = mi->mi_targets[ candidate ];
+	dc.target = mt;
 	dc.conn = op->o_conn;
 	dc.rs = rs;
 	dc.ctx = "modifyDN";
 
 	if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
-		rc = -1;
+		send_ldap_result( op, rs );
 		goto cleanup;
 	}
 
-	for ( i = 0, ml = op->oq_modify.rs_modlist; ml; i++ ,ml = ml->sml_next )
+	for ( i = 0, ml = op->orm_modlist; ml; i++ ,ml = ml->sml_next )
 		;
 
 	mods = ch_malloc( sizeof( LDAPMod )*i );
 	if ( mods == NULL ) {
-		rs->sr_err = LDAP_NO_MEMORY;
-		rc = -1;
+		rs->sr_err = LDAP_OTHER;
+		send_ldap_result( op, rs );
 		goto cleanup;
 	}
 	modv = ( LDAPMod ** )ch_malloc( ( i + 1 )*sizeof( LDAPMod * ) );
 	if ( modv == NULL ) {
-		rs->sr_err = LDAP_NO_MEMORY;
-		rc = -1;
+		rs->sr_err = LDAP_OTHER;
+		send_ldap_result( op, rs );
 		goto cleanup;
 	}
 
 	dc.ctx = "modifyAttrDN";
-	for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) {
-		int j;
+	isupdate = be_shadow_update( op );
+	for ( i = 0, ml = op->orm_modlist; ml; ml = ml->sml_next ) {
+		int	j, is_oc = 0;
 
-		if ( ml->sml_desc->ad_type->sat_no_user_mod  ) {
+		if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod  )
+		{
 			continue;
 		}
 
-		ldap_back_map( &li->targets[ candidate ]->rwmap.rwm_at,
-				&ml->sml_desc->ad_cname, &mapped,
-				BACKLDAP_MAP );
-		if ( mapped.bv_val == NULL || mapped.bv_val[0] == '\0' ) {
-			continue;
+		if ( ml->sml_desc == slap_schema.si_ad_objectClass 
+				|| ml->sml_desc == slap_schema.si_ad_structuralObjectClass )
+		{
+			is_oc = 1;
+			mapped = ml->sml_desc->ad_cname;
+
+		} else {
+			ldap_back_map( &mt->mt_rwmap.rwm_at,
+					&ml->sml_desc->ad_cname, &mapped,
+					BACKLDAP_MAP );
+			if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) {
+				continue;
+			}
 		}
 
 		modv[ i ] = &mods[ i ];
@@ -112,18 +121,52 @@ meta_back_modify( Operation *op, SlapReply *rs )
 		 * to allow their use in ACLs at the back-ldap
 		 * level.
 		 */
-		if ( strcmp( ml->sml_desc->ad_type->sat_syntax->ssyn_oid,
-					SLAPD_DN_SYNTAX ) == 0 ) {
-			( void )ldap_dnattr_rewrite( &dc, ml->sml_bvalues );
-		}
-
-		if ( ml->sml_bvalues != NULL ){
-			for (j = 0; ml->sml_bvalues[ j ].bv_val; j++);
-			mods[ i ].mod_bvalues = (struct berval **)ch_malloc((j+1) *
-				sizeof(struct berval *));
-			for (j = 0; ml->sml_bvalues[ j ].bv_val; j++)
-				mods[ i ].mod_bvalues[ j ] = &ml->sml_bvalues[j];
-			mods[ i ].mod_bvalues[ j ] = NULL;
+		if ( ml->sml_values != NULL ) {
+			if ( is_oc ) {
+				for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )
+					;
+				mods[ i ].mod_bvalues =
+					(struct berval **)ch_malloc( ( j + 1 ) *
+					sizeof( struct berval * ) );
+				for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); ) {
+					struct ldapmapping	*mapping;
+
+					ldap_back_mapping( &mt->mt_rwmap.rwm_oc,
+							&ml->sml_values[ j ], &mapping, BACKLDAP_MAP );
+
+					if ( mapping == NULL ) {
+						if ( mt->mt_rwmap.rwm_oc.drop_missing ) {
+							continue;
+						}
+						mods[ i ].mod_bvalues[ j ] = &ml->sml_values[ j ];
+
+					} else {
+						mods[ i ].mod_bvalues[ j ] = &mapping->dst;
+					}
+					j++;
+				}
+				mods[ i ].mod_bvalues[ j ] = NULL;
+
+			} else {
+				if ( ml->sml_desc->ad_type->sat_syntax ==
+						slap_schema.si_syn_distinguishedName )
+				{
+					( void )ldap_dnattr_rewrite( &dc, ml->sml_values );
+					if ( ml->sml_values == NULL ) {
+						continue;
+					}
+				}
+
+				for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )
+					;
+				mods[ i ].mod_bvalues =
+					(struct berval **)ch_malloc( ( j + 1 ) *
+					sizeof( struct berval * ) );
+				for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ ) {
+					mods[ i ].mod_bvalues[ j ] = &ml->sml_values[ j ];
+				}
+				mods[ i ].mod_bvalues[ j ] = NULL;
+			}
 
 		} else {
 			mods[ i ].mod_bvalues = NULL;
@@ -133,27 +176,47 @@ meta_back_modify( Operation *op, SlapReply *rs )
 	}
 	modv[ i ] = 0;
 
-	ldap_modify_s( lc->conns[ candidate ].ld, mdn.bv_val, modv );
+retry:;
+	ctrls = op->o_ctrls;
+	rc = ldap_back_proxy_authz_ctrl( &mc->mc_conns[ candidate ].msc_bound_ndn,
+		mt->mt_version, &mt->mt_idassert, op, rs, &ctrls );
+	if ( rc != LDAP_SUCCESS ) {
+		send_ldap_result( op, rs );
+		goto cleanup;
+	}
+
+	rs->sr_err = ldap_modify_ext( mc->mc_conns[ candidate ].msc_ld, mdn.bv_val,
+			modv, ctrls, NULL, &msgid );
+	rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid,
+		mt->mt_timeout[ SLAP_OP_MODIFY ], LDAP_BACK_SENDRESULT );
+	if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
+		do_retry = 0;
+		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+			/* if the identity changed, there might be need to re-authz */
+			(void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
+			goto retry;
+		}
+	}
 
 cleanup:;
+	(void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
+
 	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
 		free( mdn.bv_val );
+		BER_BVZERO( &mdn );
 	}
 	if ( modv != NULL ) {
-		for ( i = 0; modv[ i ]; i++) {
+		for ( i = 0; modv[ i ]; i++ ) {
 			free( modv[ i ]->mod_bvalues );
 		}
 	}
 	free( mods );
 	free( modv );
-	
-	if ( rc == 0 ) {
-		return meta_back_op_result( lc, op, rs ) == LDAP_SUCCESS
-			? 0 : 1;
-	} /* else */
 
-	send_ldap_result( op, rs );
+	if ( mc ) {
+		meta_back_release_conn( mi, mc );
+	}
 
-	return rc;
+	return rs->sr_err;
 }