X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fback-meta%2Fmodrdn.c;h=90f708e9d645e34128feac7525a7697130ec0c07;hb=f7e3566ceb66c65a5f581f073ceaead4d6b9e860;hp=d7b3068ef2dcbca0d24f006e0307c2c9d85995f1;hpb=6ef22ccdcb5c2d0adcf2854375f13e8bd06d4f02;p=openldap

diff --git a/servers/slapd/back-meta/modrdn.c b/servers/slapd/back-meta/modrdn.c
index d7b3068ef2..90f708e9d6 100644
--- a/servers/slapd/back-meta/modrdn.c
+++ b/servers/slapd/back-meta/modrdn.c
@@ -1,67 +1,23 @@
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+ * Copyright 1999-2008 The OpenLDAP Foundation.
+ * Portions Copyright 2001-2003 Pierangelo Masarati.
+ * Portions Copyright 1999-2003 Howard Chu.
+ * All rights reserved.
  *
- * This work has been developed to fulfill the requirements
- * of SysNet s.n.c. <http:www.sys-net.it> and it has been donated
- * to the OpenLDAP Foundation in the hope that it may be useful
- * to the Open Source community, but WITHOUT ANY WARRANTY.
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author and SysNet s.n.c. are not responsible for the consequences
- *    of use of this software, no matter how awful, even if they arise from 
- *    flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- *    explicit claim or by omission.  Since few users ever read sources,
- *    credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.  Since few users
- *    ever read sources, credits should appear in the documentation.
- *    SysNet s.n.c. cannot be responsible for the consequences of the
- *    alterations.
- *
- * 4. This notice may not be removed or altered.
- *
- *
- * This software is based on the backend back-ldap, implemented
- * by Howard Chu <hyc@highlandsun.com>, and modified by Mark Valence
- * <kurash@sassafras.com>, Pierangelo Masarati <ando@sys-net.it> and other
- * contributors. The contribution of the original software to the present
- * implementation is acknowledged in this copyright statement.
- *
- * A special acknowledgement goes to Howard for the overall architecture
- * (and for borrowing large pieces of code), and to Mark, who implemented
- * from scratch the attribute/objectclass mapping.
- *
- * The original copyright statement follows.
- *
- * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author is not responsible for the consequences of use of this
- *    software, no matter how awful, even if they arise from flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- *    explicit claim or by omission.  Since few users ever read sources,
- *    credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.  Since few users
- *    ever read sources, credits should appear in the
- *    documentation.
- *
- * 4. This notice may not be removed or altered.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
  *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by the Howard Chu for inclusion
+ * in OpenLDAP Software and subsequently enhanced by Pierangelo
+ * Masarati.
  */
 
 #include "portable.h"
@@ -77,101 +33,78 @@
 
 int
 meta_back_modrdn( Operation *op, SlapReply *rs )
-		/*
-		Backend		*be,
-		Connection	*conn,
-		Operation	*op,
-		struct berval	*dn,
-		struct berval	*ndn,
-		struct berval	*newrdn,
-		struct berval	*nnewrdn,
-		int		deleteoldrdn,
-		struct berval	*newSuperior,
-		struct berval	*nnewSuperior
-) */
 {
-	struct metainfo		*li = ( struct metainfo * )op->o_bd->be_private;
-	struct metaconn		*lc;
-	int			rc = 0;
-	int			candidate = -1;
-	char			*mdn = NULL,
-				*mnewSuperior = NULL;
-
-	lc = meta_back_getconn( op, rs, META_OP_REQUIRE_SINGLE,
-			&op->o_req_ndn, &candidate );
-	if ( !lc ) {
-		rc = -1;
-		goto cleanup;
+	metainfo_t	*mi = ( metainfo_t * )op->o_bd->be_private;
+	metatarget_t	*mt;
+	metaconn_t	*mc;
+	int		candidate = -1;
+	struct berval	mdn = BER_BVNULL,
+			mnewSuperior = BER_BVNULL;
+	dncookie	dc;
+	int		msgid;
+	int		do_retry = 1;
+	LDAPControl	**ctrls = NULL;
+	struct berval	newrdn = BER_BVNULL;
+
+	mc = meta_back_getconn( op, rs, &candidate, LDAP_BACK_SENDERR );
+	if ( !mc || !meta_back_dobind( op, rs, mc, LDAP_BACK_SENDERR ) ) {
+		return rs->sr_err;
 	}
 
-	if ( !meta_back_dobind( lc, op ) 
-			|| !meta_back_is_valid( lc, candidate ) ) {
-		rs->sr_err = LDAP_OTHER;
-		rc = -1;
-		goto cleanup;
-	}
+	assert( mc->mc_conns[ candidate ].msc_ld != NULL );
+
+	mt = mi->mi_targets[ candidate ];
+	dc.target = mt;
+	dc.conn = op->o_conn;
+	dc.rs = rs;
+
+	if ( op->orr_newSup ) {
+
+		/*
+		 * NOTE: the newParent, if defined, must be on the 
+		 * same target as the entry to be renamed.  This check
+		 * has been anticipated in meta_back_getconn()
+		 */
+		/*
+		 * FIXME: one possibility is to delete the entry
+		 * from one target and add it to the other;
+		 * unfortunately we'd need write access to both,
+		 * which is nearly impossible; for administration
+		 * needs, the rootdn of the metadirectory could
+		 * be mapped to an administrative account on each
+		 * target (the binddn?); we'll see.
+		 */
+		/*
+		 * NOTE: we need to port the identity assertion
+		 * feature from back-ldap
+		 */
+
+		/* needs LDAPv3 */
+		switch ( mt->mt_version ) {
+		case LDAP_VERSION3:
+			break;
 
-	if ( op->oq_modrdn.rs_newSup ) {
-		int nsCandidate, version = LDAP_VERSION3;
-
-		nsCandidate = meta_back_select_unique_candidate( li,
-				op->oq_modrdn.rs_newSup );
-
-		if ( nsCandidate != candidate ) {
-			/*
-			 * FIXME: one possibility is to delete the entry
-			 * from one target and add it to the other;
-			 * unfortunately we'd need write access to both,
-			 * which is nearly impossible; for administration
-			 * needs, the rootdn of the metadirectory could
-			 * be mapped to an administrative account on each
-			 * target (the binddn?); we'll see.
-			 */
-			/*
-			 * FIXME: is this the correct return code?
-			 */
+		case 0:
+			if ( op->o_protocol == 0 || op->o_protocol == LDAP_VERSION3 ) {
+				break;
+			}
+			/* fall thru */
+
+		default:
+			/* op->o_protocol cannot be anything but LDAPv3,
+			 * otherwise wouldn't be here */
 			rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
-			rc = -1;
+			send_ldap_result( op, rs );
 			goto cleanup;
 		}
-
-		ldap_set_option( lc->conns[ nsCandidate ].ld,
-				LDAP_OPT_PROTOCOL_VERSION, &version );
 		
 		/*
 		 * Rewrite the new superior, if defined and required
 	 	 */
-		switch ( rewrite_session( li->targets[ nsCandidate ]->rwmap.rwm_rw,
-					"newSuperiorDn",
-					op->oq_modrdn.rs_newSup->bv_val, 
-					op->o_conn, 
-					&mnewSuperior ) ) {
-		case REWRITE_REGEXEC_OK:
-			if ( mnewSuperior == NULL ) {
-				mnewSuperior = ( char * )op->oq_modrdn.rs_newSup;
-			}
-#ifdef NEW_LOGGING
-			LDAP_LOG( BACK_META, DETAIL1,
-				"[rw] newSuperiorDn: \"%s\" -> \"%s\"\n",
-				op->oq_modrdn.rs_newSup, mnewSuperior, 0 );
-#else /* !NEW_LOGGING */
-			Debug( LDAP_DEBUG_ARGS, "rw> newSuperiorDn:"
-					" \"%s\" -> \"%s\"\n",
-					op->oq_modrdn.rs_newSup->bv_val,
-					mnewSuperior, 0 );
-#endif /* !NEW_LOGGING */
-			break;
-
-		case REWRITE_REGEXEC_UNWILLING:
-			rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
-			rs->sr_text = "Operation not allowed";
-			rc = -1;
-			goto cleanup;
-
-		case REWRITE_REGEXEC_ERR:
+		dc.ctx = "newSuperiorDN";
+		if ( ldap_back_dn_massage( &dc, op->orr_newSup, &mnewSuperior ) ) {
 			rs->sr_err = LDAP_OTHER;
-			rs->sr_text = "Rewrite error";
-			rc = -1;
+			send_ldap_result( op, rs );
 			goto cleanup;
 		}
 	}
@@ -179,57 +112,66 @@ meta_back_modrdn( Operation *op, SlapReply *rs )
 	/*
 	 * Rewrite the modrdn dn, if required
 	 */
-	switch ( rewrite_session( li->targets[ candidate ]->rwmap.rwm_rw,
-				"modrDn", op->o_req_dn.bv_val,
-				op->o_conn, &mdn ) ) {
-	case REWRITE_REGEXEC_OK:
-		if ( mdn == NULL ) {
-			mdn = ( char * )op->o_req_dn.bv_val;
-		}
-#ifdef NEW_LOGGING
-		LDAP_LOG( BACK_META, DETAIL1,
-				"[rw] modrDn: \"%s\" -> \"%s\"\n",
-				op->o_req_dn.bv_val, mdn, 0 );
-#else /* !NEW_LOGGING */
-		Debug( LDAP_DEBUG_ARGS, "rw> modrDn: \"%s\" -> \"%s\"\n",
-				op->o_req_dn.bv_val, mdn, 0 );
-#endif /* !NEW_LOGGING */
-		break;
-		
-	case REWRITE_REGEXEC_UNWILLING:
-		rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
-		rs->sr_text = "Operation not allowed";
-		rc = -1;
+	dc.ctx = "modrDN";
+	if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
+		rs->sr_err = LDAP_OTHER;
+		send_ldap_result( op, rs );
 		goto cleanup;
+	}
 
-	case REWRITE_REGEXEC_ERR:
-		rs->sr_err = LDAP_OTHER;
-		rs->sr_text = "Rewrite error";
-		rc = -1;
+	/* NOTE: we need to copy the newRDN in case it was formed
+	 * from a DN by simply changing the length (ITS#5397) */
+	newrdn = op->orr_newrdn;
+	if ( newrdn.bv_val[ newrdn.bv_len ] != '\0' ) {
+		ber_dupbv_x( &newrdn, &op->orr_newrdn, op->o_tmpmemctx );
+	}
+
+retry:;
+	ctrls = op->o_ctrls;
+	if ( meta_back_controls_add( op, rs, mc, candidate, &ctrls ) != LDAP_SUCCESS )
+	{
+		send_ldap_result( op, rs );
 		goto cleanup;
 	}
 
-	ldap_rename2_s( lc->conns[ candidate ].ld, mdn,
-			op->oq_modrdn.rs_newrdn.bv_val,
-			mnewSuperior, op->oq_modrdn.rs_deleteoldrdn );
+	rs->sr_err = ldap_rename( mc->mc_conns[ candidate ].msc_ld,
+			mdn.bv_val, newrdn.bv_val,
+			mnewSuperior.bv_val, op->orr_deleteoldrdn,
+			ctrls, NULL, &msgid );
+	rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid,
+		mt->mt_timeout[ SLAP_OP_MODRDN ], LDAP_BACK_SENDRESULT );
+	if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
+		do_retry = 0;
+		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+			/* if the identity changed, there might be need to re-authz */
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
+			goto retry;
+		}
+	}
 
 cleanup:;
-	if ( mdn != op->o_req_dn.bv_val ) {
-		free( mdn );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
+
+	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
+		free( mdn.bv_val );
+		BER_BVZERO( &mdn );
 	}
 	
-	if ( mnewSuperior != NULL 
-			&& mnewSuperior != op->oq_modrdn.rs_newSup->bv_val ) {
-		free( mnewSuperior );
+	if ( !BER_BVISNULL( &mnewSuperior )
+			&& mnewSuperior.bv_val != op->orr_newSup->bv_val )
+	{
+		free( mnewSuperior.bv_val );
+		BER_BVZERO( &mnewSuperior );
 	}
 
-	if ( rc == 0 ) {
-		return meta_back_op_result( lc, op, rs ) == LDAP_SUCCESS
-			? 0 : 1;
-	} /* else */
+	if ( newrdn.bv_val != op->orr_newrdn.bv_val ) {
+		op->o_tmpfree( newrdn.bv_val, op->o_tmpmemctx );
+	}
 
-	send_ldap_result( op, rs );
-	return rc;
+	if ( mc ) {
+		meta_back_release_conn( mi, mc );
+	}
 
+	return rs->sr_err;
 }