X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fadd.c;h=196a3189d5fd7b90d85bb7d14f347d0605e45481;hb=f90ed5aef8f41ee90e1f67b0badbb793cb99f3ed;hp=efb4e18d6d9b04a676c2534e87735f656d82e86a;hpb=68d561a97b9f634f033eae0f2d9c7453ea02c4c7;p=openldap

diff --git a/servers/slapd/add.c b/servers/slapd/add.c
index efb4e18d6d..196a3189d5 100644
--- a/servers/slapd/add.c
+++ b/servers/slapd/add.c
@@ -20,7 +20,7 @@
 
 #include "slap.h"
 
-static void	add_created_attrs(Operation *op, Entry *e);
+static int	add_created_attrs(Operation *op, Entry *e);
 
 int
 do_add( Connection *conn, Operation *op )
@@ -155,12 +155,21 @@ do_add( Connection *conn, Operation *op )
 			strcmp( be->be_update_ndn, op->o_ndn ) == 0 )
 		{
 			if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED &&
-				global_lastmod == ON)) && be->be_update_ndn == NULL ) {
-
-				add_created_attrs( op, e );
+				global_lastmod == ON)) && be->be_update_ndn == NULL )
+			{
+				rc = add_created_attrs( op, e );
+
+				if( rc != LDAP_SUCCESS ) {
+					entry_free( e );
+					send_ldap_result( conn, op, rc,
+						NULL, "no-user-modification attribute type",
+						NULL, NULL );
+					return rc;
+				}
 			}
+
 			if ( (*be->be_add)( be, conn, op, e ) == 0 ) {
-				replog( be, LDAP_REQ_ADD, e->e_dn, e, 0 );
+				replog( be, op, e->e_dn, e );
 				be_entry_release_w( be, e );
 			}
 
@@ -179,13 +188,13 @@ do_add( Connection *conn, Operation *op )
 	return rc;
 }
 
-static void
+static int
 add_created_attrs( Operation *op, Entry *e )
 {
 	char		buf[22];
 	struct berval	bv;
 	struct berval	*bvals[2];
-	Attribute	**a, **next;
+	Attribute	*a;
 	Attribute	*tmp;
 	struct tm	*ltm;
 	time_t		currenttime;
@@ -195,15 +204,10 @@ add_created_attrs( Operation *op, Entry *e )
 	bvals[0] = &bv;
 	bvals[1] = NULL;
 
-	/* remove any attempts by the user to add these attrs */
-	for ( a = &e->e_attrs; *a != NULL; a = next ) {
-		if ( oc_check_no_usermod_attr( (*a)->a_type ) ) {
-			tmp = *a;
-			*a = (*a)->a_next;
-			attr_free( tmp );
-			next = a;
-		} else {
-			next = &(*a)->a_next;
+	/* return error on any attempts by the user to add these attrs */
+	for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
+		if ( oc_check_no_usermod_attr( a->a_type ) ) {
+			return LDAP_CONSTRAINT_VIOLATION;
 		}
 	}
 
@@ -230,4 +234,6 @@ add_created_attrs( Operation *op, Entry *e )
 	bv.bv_val = buf;
 	bv.bv_len = strlen( bv.bv_val );
 	attr_merge( e, "createtimestamp", bvals );
+
+	return LDAP_SUCCESS;
 }