X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fmodify.c;h=99e31fe033bec6a696287ce17a0da2fbde2dbb05;hb=b44cc963c2b021821ccac582054e2ffa04f4f1e1;hp=d0427f7e7b02fb720c35e078b97a0b1eb5c2305b;hpb=79ebfbc4fe7ff53c49eadac57210b1396e63d016;p=openldap diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index d0427f7e7b..99e31fe033 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -45,6 +45,7 @@ do_modify( Backend *be; int rc; const char *text; + int manageDSAit; Debug( LDAP_DEBUG_TRACE, "do_modify\n", 0, 0, 0 ); @@ -145,6 +146,13 @@ do_modify( goto cleanup; } + if( ndn == '\0' ) { + Debug( LDAP_DEBUG_ANY, "do_modify: root dse!\n", 0, 0, 0 ); + send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, + NULL, "modify upon the root DSE not supported", NULL, NULL ); + goto cleanup; + } + #ifdef LDAP_DEBUG Debug( LDAP_DEBUG_ARGS, "modifications:\n", 0, 0, 0 ); for ( tmp = modlist; tmp != NULL; tmp = tmp->ml_next ) { @@ -158,20 +166,21 @@ do_modify( Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d MOD dn=\"%s\"\n", op->o_connid, op->o_opid, dn, 0, 0 ); + manageDSAit = get_manageDSAit( op ); + /* * We could be serving multiple database backends. Select the * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( ndn )) == NULL ) { + if ( (be = select_backend( ndn, manageDSAit )) == NULL ) { send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, default_referral, NULL ); goto cleanup; } - /* make sure this backend recongizes critical controls */ - rc = backend_check_controls( be, conn, op, &text ) ; - + /* check restrictions */ + rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); @@ -179,21 +188,11 @@ do_modify( } /* check for referrals */ - rc = backend_check_referrals( be, conn, op, - dn, ndn, &text ); - + rc = backend_check_referrals( be, conn, op, dn, ndn ); if ( rc != LDAP_SUCCESS ) { goto cleanup; } - if ( global_readonly || be->be_readonly ) { - Debug( LDAP_DEBUG_ANY, "do_modify: database is read-only\n", - 0, 0, 0 ); - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "directory is read-only", NULL, NULL ); - goto cleanup; - } - /* deref suffix alias if appropriate */ ndn = suffix_alias( be, ndn );