X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fadd.c;h=e5d7a1105e2268c0a603daec1a304ab6320fa8f4;hb=6b5611cbacaa221e72dc7a9e11749612d031af0d;hp=97b618ce277082dd73ed0a092ef147ff0227f7e8;hpb=bf3a2294231de245cd5d76d0f90473521a0f1fbf;p=openldap diff --git a/servers/slapd/add.c b/servers/slapd/add.c index 97b618ce27..e5d7a1105e 100644 --- a/servers/slapd/add.c +++ b/servers/slapd/add.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ /* @@ -18,42 +18,40 @@ #include "portable.h" #include - #include #include #include #include "ldap_pvt.h" #include "slap.h" - -#ifdef SLAPD_SCHEMA_NOT_COMPAT -static int slap_mods2entry( - Modifications *mods, - Entry **e, - const char **text ); -#else -static int add_created_attrs(Operation *op, Entry *e); -#endif +#include "slapi.h" int do_add( Connection *conn, Operation *op ) { BerElement *ber = op->o_ber; - char *dn, *ndn, *last; + char *last; + struct berval dn = { 0, NULL }; ber_len_t len; ber_tag_t tag; Entry *e; Backend *be; -#ifdef SLAPD_SCHEMA_NOT_COMPAT - LDAPModList *modlist = NULL; - LDAPModList **modtail = &modlist; - Modifications *mods = NULL; -#endif + Modifications *modlist = NULL; + Modifications **modtail = &modlist; + Modifications tmp; const char *text; + LDAPRDN *rdn = NULL; + int a_cnt; int rc = LDAP_SUCCESS; + int manageDSAit; - Debug( LDAP_DEBUG_TRACE, "do_add\n", 0, 0, 0 ); + Slapi_PBlock *pb = op->o_pb; +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ENTRY, "do_add: conn %d enter\n", conn->c_connid,0,0 ); +#else + Debug( LDAP_DEBUG_TRACE, "do_add\n", 0, 0, 0 ); +#endif /* * Parse the add request. It looks like this: * @@ -67,84 +65,95 @@ do_add( Connection *conn, Operation *op ) */ /* get the name */ - if ( ber_scanf( ber, "{a", /*}*/ &dn ) == LBER_ERROR ) { + if ( ber_scanf( ber, "{m", /*}*/ &dn ) == LBER_ERROR ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "do_add: conn %d ber_scanf failed\n", conn->c_connid,0,0 ); +#else Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 ); +#endif send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, "decoding error" ); return -1; } - ndn = ch_strdup( dn ); - - if ( dn_normalize( ndn ) == NULL ) { - Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn, 0, 0 ); - send_ldap_result( conn, op, LDAP_INVALID_DN_SYNTAX, NULL, - "invalid DN", NULL, NULL ); - free( dn ); - free( ndn ); - return LDAP_INVALID_DN_SYNTAX; - } - e = (Entry *) ch_calloc( 1, sizeof(Entry) ); - e->e_dn = dn; - e->e_ndn = ndn; - e->e_attrs = NULL; - e->e_private = NULL; + rc = dnPrettyNormal( NULL, &dn, &e->e_name, &e->e_nname ); + + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "do_add: conn %d invalid dn (%s)\n", conn->c_connid, dn.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_ANY, "do_add: invalid dn (%s)\n", dn.bv_val, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL, + "invalid DN", NULL, NULL ); + goto done; + } - Debug( LDAP_DEBUG_ARGS, " do_add: ndn (%s)\n", e->e_ndn, 0, 0 ); +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ARGS, + "do_add: conn %d dn (%s)\n", conn->c_connid, e->e_dn, 0 ); +#else + Debug( LDAP_DEBUG_ARGS, "do_add: dn (%s)\n", e->e_dn, 0, 0 ); +#endif /* get the attrs */ for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT; tag = ber_next_element( ber, &len, last ) ) { -#ifdef SLAPD_SCHEMA_NOT_COMPAT - LDAPModList *mod = (LDAPModList *) ch_malloc( sizeof(LDAPModList) ); -#else - LDAPModList tmpmod; - LDAPModList *mod = &tmpmod; -#endif - mod->ml_op = LDAP_MOD_ADD; - mod->ml_next = NULL; + Modifications *mod; + ber_tag_t rtag; - rc = ber_scanf( ber, "{a{V}}", &mod->ml_type, &mod->ml_bvalues ); + rtag = ber_scanf( ber, "{m{W}}", &tmp.sml_type, &tmp.sml_bvalues ); - if ( rc == LBER_ERROR ) { + if ( rtag == LBER_ERROR ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "do_add: conn %d decoding error \n", conn->c_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "do_add: decoding error\n", 0, 0, 0 ); +#endif send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, "decoding error" ); rc = -1; -#ifdef SLAPD_SCHEMA_NOT_COMPAT - free( mod ); -#endif goto done; } - if ( mod->ml_bvalues == NULL ) { + if ( tmp.sml_bvalues == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, + "do_add: conn %d no values for type %s\n", + conn->c_connid, tmp.sml_type.bv_val, 0 ); +#else Debug( LDAP_DEBUG_ANY, "no values for type %s\n", - mod->ml_type, 0, 0 ); + tmp.sml_type.bv_val, 0, 0 ); +#endif send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL, "no values for attribute type", NULL, NULL ); - free( mod->ml_type ); -#ifdef SLAPD_SCHEMA_NOT_COMPAT - free( mod ); -#endif goto done; } + mod = (Modifications *) ch_malloc( sizeof(Modifications) ); + + mod->sml_op = LDAP_MOD_ADD; + mod->sml_next = NULL; + mod->sml_desc = NULL; + mod->sml_type = tmp.sml_type; + mod->sml_bvalues = tmp.sml_bvalues; -#ifdef SLAPD_SCHEMA_NOT_COMPAT *modtail = mod; - modtail = &mod->ml_next; -#else - attr_merge( e, mod->ml_type, mod->ml_bvalues ); - - free( mod->ml_type ); - ber_bvecfree( mod->ml_bvalues ); -#endif + modtail = &mod->sml_next; } if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "do_add: conn %d ber_scanf failed\n", conn->c_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "do_add: ber_scanf failed\n", 0, 0, 0 ); +#endif send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, "decoding error" ); rc = -1; @@ -152,53 +161,220 @@ do_add( Connection *conn, Operation *op ) } if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, + "do_add: conn %d get_ctrls failed\n", conn->c_connid, 0, 0 ); +#else Debug( LDAP_DEBUG_ANY, "do_add: get_ctrls failed\n", 0, 0, 0 ); +#endif goto done; } -#ifdef SLAPD_SCHEMA_NOT_COMPAT - if ( modlist == NULL ) -#else - if ( e->e_attrs == NULL ) -#endif - { + if ( modlist == NULL ) { send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR, NULL, "no attributes provided", NULL, NULL ); goto done; } - Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d ADD dn=\"%s\"\n", - op->o_connid, op->o_opid, e->e_ndn, 0, 0 ); + Statslog( LDAP_DEBUG_STATS, "conn=%lu op=%lu ADD dn=\"%s\"\n", + op->o_connid, op->o_opid, e->e_dn, 0, 0 ); + + if( e->e_nname.bv_len == 0 ) { + /* protocolError may be a more appropriate error */ + send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS, + NULL, "root DSE already exists", + NULL, NULL ); + goto done; + + } else if ( bvmatch( &e->e_nname, &global_schemandn ) ) { + send_ldap_result( conn, op, rc = LDAP_ALREADY_EXISTS, + NULL, "subschema subentry already exists", + NULL, NULL ); + goto done; + } + + /* + * Get attribute type(s) and attribute value(s) of our rdn, + */ + if ( ldap_bv2rdn( &e->e_name, &rdn, (char **)&text, + LDAP_DN_FORMAT_LDAP ) ) + { + send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, + NULL, "unknown type(s) used in RDN", + NULL, NULL ); + goto done; + } + + /* Check for RDN attrs in entry */ + for ( a_cnt = 0; rdn[ 0 ][ a_cnt ]; a_cnt++ ) { + AttributeDescription *desc = NULL; + Modifications *mod; + MatchingRule *mr; + int i; + + rc = slap_bv2ad( &rdn[ 0 ][ a_cnt ]->la_attr, + &desc, &text ); + + if ( rc != LDAP_SUCCESS ) { + send_ldap_result( conn, op, rc, + NULL, text, NULL, NULL ); + goto done; + } + + for (mod = modlist; mod; mod = mod->sml_next) { + AttributeDescription *mod_desc = NULL; + + rc = slap_bv2ad( &mod->sml_type, + &mod_desc, &text ); + if ( rc != LDAP_SUCCESS ) { + send_ldap_result( conn, op, rc, + NULL, text, NULL, NULL ); + goto done; + } + + if (mod_desc == desc) { + break; + } + } + + if (mod == NULL) { +#ifdef BAILOUT + /* for now, bail out; we might end up + * adding the missing value, as iPlanet + * allegedly does */ + send_ldap_result( conn, op, + rc = LDAP_CONSTRAINT_VIOLATION, + NULL, + "attribute in RDN not listed in entry", + NULL, NULL ); + goto done; + +#else /* ! BAILOUT */ + struct berval bv; + + mod = (Modifications *) ch_malloc( sizeof(Modifications) ); + + mod->sml_op = LDAP_MOD_ADD; + mod->sml_next = NULL; + mod->sml_desc = NULL; + + ber_dupbv( &mod->sml_type, + &rdn[ 0 ][ a_cnt ]->la_attr ); + + mod->sml_bvalues = NULL; + ber_dupbv( &bv, &rdn[ 0 ][ a_cnt ]->la_value ); + ber_bvarray_add( &mod->sml_bvalues, &bv ); + + *modtail = mod; + modtail = &mod->sml_next; + continue; +#endif /* ! BAILOUT */ + } + + mr = desc->ad_type->sat_equality; + if (mr == NULL || !mr->smr_match ) { + /* brrrr ... */ + continue; + } + + for (i = 0; mod->sml_bvalues[ i ].bv_val; i++) { + int match = 0; + + rc = value_match(&match, desc, mr, + SLAP_MR_VALUE_SYNTAX_MATCH, + &mod->sml_bvalues[ i ], + &rdn[ 0 ][ a_cnt ]->la_value, &text); + + if ( rc != LDAP_SUCCESS ) { + send_ldap_result( conn, op, rc, + NULL, text, NULL, NULL); + goto done; + } + + if (match == 0) { + break; + } + } + + /* not found? */ + if (mod->sml_bvalues[ i ].bv_val == NULL) { +#ifdef BAILOUT + send_ldap_result( conn, op, + rc = LDAP_CONSTRAINT_VIOLATION, + NULL, + "value in RDN not listed in entry", + NULL, NULL ); + goto done; +#else /* ! BAILOUT */ + struct berval bv; + + ber_dupbv( &bv, &rdn[ 0 ][ a_cnt ]->la_value ); + ber_bvarray_add( &mod->sml_bvalues, &bv ); + continue; +#endif /* ! BAILOUT */ + } + } + + manageDSAit = get_manageDSAit( op ); /* * We could be serving multiple database backends. Select the * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - be = select_backend( e->e_ndn ); + be = select_backend( &e->e_nname, manageDSAit, 0 ); if ( be == NULL ) { + BerVarray ref = referral_rewrite( default_referral, + NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); + send_ldap_result( conn, op, rc = LDAP_REFERRAL, - NULL, NULL, default_referral, NULL ); + NULL, NULL, ref ? ref : default_referral, NULL ); + + if ( ref ) ber_bvarray_free( ref ); goto done; } - /* make sure this backend recongizes critical controls */ - rc = backend_check_controls( be, conn, op, &text ) ; - + /* check restrictions */ + rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); goto done; } - if ( global_readonly || be->be_readonly ) { - Debug( LDAP_DEBUG_ANY, "do_add: database is read-only\n", - 0, 0, 0 ); - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "directory is read-only", NULL, NULL ); + /* check for referrals */ + rc = backend_check_referrals( be, conn, op, &e->e_name, &e->e_nname ); + if ( rc != LDAP_SUCCESS ) { goto done; } +#if defined( LDAP_SLAPI ) + slapi_x_backend_set_pb( pb, be ); + slapi_x_connection_set_pb( pb, conn ); + slapi_x_operation_set_pb( pb, op ); + slapi_pblock_set( pb, SLAPI_ADD_ENTRY, (void *)e ); + slapi_pblock_set( pb, SLAPI_ADD_TARGET, (void *)dn.bv_val ); + slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)manageDSAit ); + + rc = doPluginFNs( be, SLAPI_PLUGIN_PRE_ADD_FN, pb ); + if ( rc != 0 ) { + /* + * A preoperation plugin failure will abort the + * entire operation. + */ +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, "do_add: add preoperation plugin failed\n", + 0, 0, 0); +#else + Debug(LDAP_DEBUG_TRACE, "do_add: add preoperation plugin failed.\n", + 0, 0, 0); + if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&rc ) != 0 ) + rc = LDAP_OTHER; + goto done; +#endif + } +#endif /* defined( LDAP_SLAPI ) */ + /* * do the add if 1 && (2 || 3) * 1) there is an add function implemented in this backend; @@ -207,37 +383,34 @@ do_add( Connection *conn, Operation *op ) */ if ( be->be_add ) { /* do the update here */ -#ifdef SLAPD_MULTIMASTER - if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED && - global_lastmod == ON)) && (be->be_update_ndn == NULL || - strcmp( be->be_update_ndn, op->o_ndn )) ) -#else - if ( be->be_update_ndn == NULL || - strcmp( be->be_update_ndn, op->o_ndn ) == 0 ) + int repl_user = be_isupdate(be, &op->o_ndn ); +#ifndef SLAPD_MULTIMASTER + if ( !be->be_update_ndn.bv_len || repl_user ) #endif { - int update = be->be_update_ndn != NULL; + int update = be->be_update_ndn.bv_len; + char textbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof textbuf; + + rc = slap_mods_check( modlist, update, &text, + textbuf, textlen ); -#ifdef SLAPD_SCHEMA_NOT_COMPAT - rc = slap_modlist2mods( modlist, update, &mods, &text ); if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); goto done; } -#endif -#ifndef SLAPD_MULTIMASTER - if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED && - global_lastmod == ON)) && !update ) -#endif - { -#ifdef SLAPD_SCHEMA_NOT_COMPAT - rc = slap_mods_opattrs( op, &mods, &text ); -#else - char *text = "no-user-modification attribute type"; - rc = add_created_attrs( op, e ); -#endif + if ( !repl_user ) { + for( modtail = &modlist; + *modtail != NULL; + modtail = &(*modtail)->sml_next ) + { + assert( (*modtail)->sml_op == LDAP_MOD_ADD ); + assert( (*modtail)->sml_desc != NULL ); + } + rc = slap_mods_opattrs( be, op, modlist, modtail, &text, + textbuf, textlen ); if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); @@ -245,48 +418,69 @@ do_add( Connection *conn, Operation *op ) } } -#ifdef SLAPD_SCHEMA_NOT_COMPAT - rc = slap_mods2entry( mods, &e, &text ); + rc = slap_mods2entry( modlist, &e, repl_user, &text, + textbuf, textlen ); if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); goto done; } -#endif if ( (*be->be_add)( be, conn, op, e ) == 0 ) { #ifdef SLAPD_MULTIMASTER - if (be->be_update_ndn == NULL || - strcmp( be->be_update_ndn, op->o_ndn )) + if ( !repl_user ) #endif { - replog( be, op, e->e_dn, e ); + replog( be, op, &e->e_name, &e->e_nname, e ); } - be_entry_release_w( be, e ); + be_entry_release_w( be, conn, op, e ); e = NULL; } #ifndef SLAPD_MULTIMASTER } else { + BerVarray defref = be->be_update_refs + ? be->be_update_refs : default_referral; + BerVarray ref = referral_rewrite( defref, + NULL, &e->e_name, LDAP_SCOPE_DEFAULT ); + send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, - be->be_update_refs ? be->be_update_refs : default_referral, NULL ); + ref ? ref : defref, NULL ); + + if ( ref ) ber_bvarray_free( ref ); #endif } } else { - Debug( LDAP_DEBUG_ARGS, " do_add: no backend support\n", 0, 0, 0 ); - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "operation not supported within namingContext", NULL, NULL ); +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, + "do_add: conn %d no backend support\n", conn->c_connid, 0, 0 ); +#else + Debug( LDAP_DEBUG_ARGS, " do_add: no backend support\n", 0, 0, 0 ); +#endif + send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, + NULL, "operation not supported within namingContext", NULL, NULL ); + } + +#if defined( LDAP_SLAPI ) + /* + * Postoperation errors are silently ignored; the work has + * been done. + */ + if ( doPluginFNs( be, SLAPI_PLUGIN_POST_ADD_FN, pb ) != 0) { +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, INFO, "do_add: Add postoperation plugins failed\n", + 0, 0, 0); +#else + Debug(LDAP_DEBUG_TRACE, "do_add: Add postoperation plugins failed.\n", + 0, 0, 0); +#endif } +#endif /* defined( LDAP_SLAPI ) */ done: -#ifdef SLAPD_SCHEMA_NOT_COMPAT if( modlist != NULL ) { - slap_modlist_free( modlist ); - } - if( mods != NULL ) { - slap_mods_free( mods ); + slap_mods_free( modlist ); } -#endif if( e != NULL ) { entry_free( e ); } @@ -294,85 +488,118 @@ done: return rc; } -#ifdef SLAPD_SCHEMA_NOT_COMPAT -static int slap_mods2entry( +int +slap_mods2entry( Modifications *mods, Entry **e, - const char **text ) + int repl_user, + const char **text, + char *textbuf, size_t textlen ) { Attribute **tail = &(*e)->e_attrs; assert( *tail == NULL ); + *text = textbuf; + for( ; mods != NULL; mods = mods->sml_next ) { Attribute *attr; assert( mods->sml_op == LDAP_MOD_ADD ); + assert( mods->sml_desc != NULL ); attr = attr_find( (*e)->e_attrs, mods->sml_desc ); if( attr != NULL ) { - *text = "attribute provided more than once"; - return LDAP_OPERATIONS_ERROR; - } +#define SLURPD_FRIENDLY +#ifdef SLURPD_FRIENDLY + ber_len_t i,j; + + if( !repl_user ) { + snprintf( textbuf, textlen, + "attribute '%s' provided more than once", + mods->sml_desc->ad_cname.bv_val ); + return LDAP_TYPE_OR_VALUE_EXISTS; + } - attr = ch_calloc( 1, sizeof(Attribute) ); + for( i=0; attr->a_vals[i].bv_val; i++ ) { + /* count them */ + } + for( j=0; mods->sml_bvalues[j].bv_val; j++ ) { + /* count them */ + } + j++; /* NULL */ + + attr->a_vals = ch_realloc( attr->a_vals, + sizeof( struct berval ) * (i+j) ); - /* should check for duplicates */ - attr->a_vals = mods->sml_bvalues; - mods->sml_bvalues = NULL; + /* should check for duplicates */ - *tail = attr; - tail = &attr->a_next; - } + AC_MEMCPY( &attr->a_vals[i], mods->sml_bvalues, + sizeof( struct berval ) * j ); - return LDAP_SUCCESS; -} + /* trim the mods array */ + ch_free( mods->sml_bvalues ); + mods->sml_bvalues = NULL; + continue; #else -static int -add_created_attrs( Operation *op, Entry *e ) -{ - char buf[22]; - struct berval bv; - struct berval *bvals[2]; - Attribute *a; - struct tm *ltm; - time_t currenttime; - - Debug( LDAP_DEBUG_TRACE, "add_created_attrs\n", 0, 0, 0 ); - - bvals[0] = &bv; - bvals[1] = NULL; - - /* return error on any attempts by the user to add these attrs */ - for ( a = e->e_attrs; a != NULL; a = a->a_next ) { - if ( oc_check_op_no_usermod_attr( a->a_type ) ) { - return LDAP_CONSTRAINT_VIOLATION; + snprintf( textbuf, textlen, + "attribute '%s' provided more than once", + mods->sml_desc->ad_cname.bv_val ); + return LDAP_TYPE_OR_VALUE_EXISTS; +#endif } - } - if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) { - bv.bv_val = SLAPD_ANONYMOUS; - bv.bv_len = sizeof(SLAPD_ANONYMOUS)-1; -; - } else { - bv.bv_val = op->o_dn; - bv.bv_len = strlen( bv.bv_val ); - } - attr_merge( e, "creatorsname", bvals ); - attr_merge( e, "modifiersname", bvals ); + if( mods->sml_bvalues[1].bv_val != NULL ) { + /* check for duplicates */ + int i, j; + MatchingRule *mr = mods->sml_desc->ad_type->sat_equality; + + /* check if the values we're adding already exist */ + if( mr == NULL || !mr->smr_match ) { + for ( i = 0; mods->sml_bvalues[i].bv_val != NULL; i++ ) { + /* test asserted values against themselves */ + for( j = 0; j < i; j++ ) { + if ( bvmatch( &mods->sml_bvalues[i], + &mods->sml_bvalues[j] ) ) { + /* value exists already */ + snprintf( textbuf, textlen, + "%s: value #%d provided more than once", + mods->sml_desc->ad_cname.bv_val, j ); + return LDAP_TYPE_OR_VALUE_EXISTS; + } + } + } - currenttime = slap_get_time(); - ldap_pvt_thread_mutex_lock( &gmtime_mutex ); - ltm = gmtime( ¤ttime ); - strftime( buf, sizeof(buf), "%Y%m%d%H%M%SZ", ltm ); - ldap_pvt_thread_mutex_unlock( &gmtime_mutex ); + } else { + int rc; + const char *text = NULL; + char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' }; + + rc = modify_check_duplicates( mods->sml_desc, mr, + NULL, mods->sml_bvalues, 0, + &text, textbuf, sizeof( textbuf ) ); + + if ( rc != LDAP_SUCCESS ) { + return rc; + } + } + } - bv.bv_val = buf; - bv.bv_len = strlen( bv.bv_val ); - attr_merge( e, "createtimestamp", bvals ); - attr_merge( e, "modifytimestamp", bvals ); + attr = ch_calloc( 1, sizeof(Attribute) ); + + /* move ad to attr structure */ + attr->a_desc = mods->sml_desc; + mods->sml_desc = NULL; + + /* move values to attr structure */ + /* should check for duplicates */ + attr->a_vals = mods->sml_bvalues; + mods->sml_bvalues = NULL; + + *tail = attr; + tail = &attr->a_next; + } return LDAP_SUCCESS; } -#endif