X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-ldbm%2Fmodrdn.c;h=de0d99b8868636fcc41b9b8f76a508a019f8d84c;hb=426ca14a868b6edb638b48e14593542a365fcc4b;hp=26c96709aed041d384cd3dd9a4588f6c5cab1638;hpb=76ed17f7942d4e3810fa90b46143e615af311167;p=openldap diff --git a/servers/slapd/back-ldbm/modrdn.c b/servers/slapd/back-ldbm/modrdn.c index 26c96709ae..de0d99b886 100644 --- a/servers/slapd/back-ldbm/modrdn.c +++ b/servers/slapd/back-ldbm/modrdn.c @@ -1,131 +1,677 @@ /* modrdn.c - ldbm backend modrdn routine */ +/* $OpenLDAP$ */ +/* + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +/* + * LDAP v3 newSuperior support. Add new rdn as an attribute. + * (Full support for v2 also used software/ideas contributed + * by Roy Hooper rhooper@cyberus.ca, thanks to him for his + * submission!.) + * + * Copyright 1999, Juan C. Gomez, All rights reserved. + * This software is not subject to any license of Silicon Graphics + * Inc. or Purdue University. + * + * Redistribution and use in source and binary forms are permitted + * without restriction or fee of any kind as long as this notice + * is preserved. + * + */ + +#include "portable.h" #include -#include -#include -#include + +#include +#include + #include "slap.h" #include "back-ldbm.h" #include "proto-back-ldbm.h" -extern char *dn_parent(); - int ldbm_back_modrdn( - Backend *be, - Connection *conn, Operation *op, - char *dn, - char *newrdn, - int deleteoldrdn -) + SlapReply *rs ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; - char *matched; - char *pdn, *newdn, *p; - char sep[2]; - Entry *e; + AttributeDescription *children = slap_schema.si_ad_children; + AttributeDescription *entry = slap_schema.si_ad_entry; + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; + struct berval p_dn, p_ndn; + struct berval new_dn = { 0, NULL}, new_ndn = { 0, NULL }; + Entry *e, *p = NULL; + Entry *matched; + /* LDAP v2 supporting correct attribute handling. */ + LDAPRDN *new_rdn = NULL; + LDAPRDN *old_rdn = NULL; + int isroot = -1; +#define CAN_ROLLBACK -1 +#define MUST_DESTROY 1 + int rc = CAN_ROLLBACK; + int rc_id = 0; + ID id = NOID; + const char *text = NULL; + char textbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof textbuf; + /* Added to support newSuperior */ + Entry *np = NULL; /* newSuperior Entry */ + struct berval *np_ndn = NULL; /* newSuperior ndn */ + struct berval *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */ + /* Used to interface with ldbm_modify_internal() */ + Modifications *mod = NULL; /* Used to delete old/add new rdn */ + int manageDSAit = get_manageDSAit( op ); + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ENTRY, + "ldbm_back_modrdn: dn: %s newSuperior=%s\n", + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL", + ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len ) ? op->oq_modrdn.rs_newSup->bv_val : "NULL",0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "==>ldbm_back_modrdn: dn: %s newSuperior=%s\n", + op->o_req_dn.bv_len ? op->o_req_dn.bv_val : "NULL", + ( op->oq_modrdn.rs_newSup && op->oq_modrdn.rs_newSup->bv_len ) + ? op->oq_modrdn.rs_newSup->bv_val : "NULL", 0 ); +#endif - matched = NULL; + /* grab giant lock for writing */ + ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); /* get entry with writer lock */ - if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) { - send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, "" ); - if ( matched != NULL ) { - free( matched ); + if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { + if( matched != NULL ) { + rs->sr_matched = strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) + : NULL; + cache_return_entry_r( &li->li_cache, matched ); + } else { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } + + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + return( -1 ); } - if ( (pdn = dn_parent( be, dn )) != NULL ) { - /* parent + rdn + separator(s) + null */ - newdn = (char *) ch_malloc( strlen( pdn ) + strlen( newrdn ) - + 3 ); - if ( dn_type( dn ) == DN_X500 ) { - strcpy( newdn, newrdn ); - strcat( newdn, ", " ); - strcat( newdn, pdn ); + /* check entry for "entry" acl */ + if ( ! access_allowed( op, e, + entry, NULL, ACL_WRITE, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: no write access to entry of (%s)\n", + dn->bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_modrdn: no write access to entry\n", 0, + 0, 0 ); +#endif + + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + "no write access to entry" ); + + goto return_results; + } + + if (!manageDSAit && is_entry_referral( e ) ) { + /* parent is a referral, don't allow add */ + /* parent is an alias, don't allow add */ + rs->sr_ref = get_entry_referrals( op, e ); + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: entry %s is a referral\n", e->e_dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "entry %s is referral\n", e->e_dn, + 0, 0 ); +#endif + + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); + + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + goto return_results; + } + + if ( has_children( op->o_bd, e ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: entry %s has children\n", e->e_dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "entry %s has children\n", e->e_dn, + 0, 0 ); +#endif + + send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF, + "subtree rename not supported" ); + goto return_results; + } + + if ( be_issuffix( op->o_bd, &e->e_nname ) ) { + p_ndn = slap_empty_bv ; + } else { + dnParent( &e->e_nname, &p_ndn ); + } + + if ( p_ndn.bv_len != 0 ) { + /* Make sure parent entry exist and we can write its + * children. + */ + + if( (p = dn2entry_w( op->o_bd, &p_ndn, NULL )) == NULL) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: parent of %s does not exist\n", + e->e_ndn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "parent does not exist\n", + 0, 0, 0); +#endif + + send_ldap_error( op, rs, LDAP_OTHER, + "parent entry does not exist" ); + + goto return_results; + } + + /* check parent for "children" acl */ + if ( ! access_allowed( op, p, + children, NULL, ACL_WRITE, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: no access to parent of (%s)\n", + e->e_dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, + 0, 0 ); +#endif + + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, + NULL ); + goto return_results; + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_back_modrdn: wr to children of entry %s OK\n", + p_ndn.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: wr to children of entry %s OK\n", + p_ndn.bv_val, 0, 0 ); +#endif + + if ( p_ndn.bv_val == slap_empty_bv.bv_val ) { + p_dn = slap_empty_bv; } else { - strcpy( newdn, newrdn ); - p = strchr( newrdn, '\0' ); - p--; - if ( *p != '.' && *p != '@' ) { - if ( (p = strpbrk( dn, ".@" )) != NULL ) { - sep[0] = *p; - sep[1] = '\0'; - strcat( newdn, sep ); + dnParent( &e->e_name, &p_dn ); + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_back_modrdn: parent dn=%s\n", p_dn.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: parent dn=%s\n", + p_dn.bv_val, 0, 0 ); +#endif + + } else { + /* no parent, must be root to modify rdn */ + isroot = be_isroot( op->o_bd, &op->o_ndn ); + if ( ! isroot ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { + int can_access; + p = (Entry *)&slap_entry_root; + + can_access = access_allowed( op, p, + children, NULL, ACL_WRITE, NULL ); + p = NULL; + + /* check parent for "children" acl */ + if ( ! can_access ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: no access to parent \"\"\n", 0,0,0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_modrdn: no " + "access to parent\n", 0, 0, 0 ); +#endif + + send_ldap_error( op, rs, + LDAP_INSUFFICIENT_ACCESS, + NULL ); + goto return_results; } + + } else { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: (%s) has no parent & not a root.\n", + dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_modrdn: no parent & " + "not root\n", 0, 0, 0); +#endif + + send_ldap_error( op, rs, + LDAP_INSUFFICIENT_ACCESS, + NULL ); + goto return_results; } - strcat( newdn, pdn ); } - } else { - newdn = strdup( newrdn ); + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: (%s) no parent, locked root.\n", e->e_dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: no parent, locked root\n", + 0, 0, 0 ); +#endif } - (void) dn_normalize( newdn ); - /* get entry with writer lock */ - if ( (dn2id ( be, newdn ) ) != NOID ) { - free( newdn ); - free( pdn ); - send_ldap_result( conn, op, LDAP_ALREADY_EXISTS, NULL, NULL ); - goto error_return; + new_parent_dn = &p_dn; /* New Parent unless newSuperior given */ + + if ( op->oq_modrdn.rs_newSup != NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_back_modrdn: new parent \"%s\" requested\n", + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: new parent \"%s\" requested...\n", + op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); +#endif + + np_ndn = op->oq_modrdn.rs_nnewSup; + + /* newSuperior == oldParent? */ + if ( dn_match( &p_ndn, np_ndn ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: " + "new parent\"%s\" seems to be the same as the " + "old parent \"%s\"\n", op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: " + "new parent\"%s\" seems to be the same as the " + "old parent \"%s\"\n", + op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val, 0 ); +#endif + + op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ + } + } + + if ( op->oq_modrdn.rs_newSup != NULL ) { + /* newSuperior == entry being moved?, if so ==> ERROR */ + /* Get Entry with dn=newSuperior. Does newSuperior exist? */ + + if ( op->oq_modrdn.rs_nnewSup->bv_len ) { + if( (np = dn2entry_w( op->o_bd, np_ndn, NULL )) == NULL) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: newSup(ndn=%s) not found.\n", + np_ndn->bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: newSup(ndn=%s) not here!\n", + np_ndn->bv_val, 0, 0); +#endif + + send_ldap_error( op, rs, LDAP_OTHER, + "newSuperior not found" ); + goto return_results; + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_back_modrdn: wr to new parent OK np=%p, id=%ld\n", + np, np->e_id, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: wr to new parent OK np=%p, id=%ld\n", + np, np->e_id, 0 ); +#endif + + /* check newSuperior for "children" acl */ + if ( !access_allowed( op, np, children, NULL, + ACL_WRITE, NULL ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: no wr to newSup children.\n", 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: no wr to newSup children\n", + 0, 0, 0 ); +#endif + + send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL ); + goto return_results; + } + + if ( is_entry_alias( np ) ) { + /* parent is an alias, don't allow add */ +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: entry (%s) is an alias.\n", np->e_dn,0,0); +#else + Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0, 0, 0 ); +#endif + + + send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM, + "newSuperior is an alias" ); + + goto return_results; + } + + if ( is_entry_referral( np ) ) { + /* parent is a referral, don't allow add */ +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modrdn: entry (%s) is a referral\n", + np->e_dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "entry (%s) is referral\n", + np->e_dn, 0, 0 ); +#endif + + send_ldap_error( op, rs, LDAP_OTHER, + "newSuperior is a referral" ); + + goto return_results; + } + + } else { + + /* no parent, must be root to modify newSuperior */ + if ( isroot == -1 ) { + isroot = be_isroot( op->o_bd, &op->o_ndn ); + } + + if ( ! isroot ) { + if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) { + int can_access; + np = (Entry *)&slap_entry_root; + + can_access = access_allowed( op, np, + children, NULL, ACL_WRITE, NULL ); + np = NULL; + + /* check parent for "children" acl */ + if ( ! can_access ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: no access " + "to new superior \"\"\n", 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_modrdn: no " + "access to new superior\n", 0, 0, 0 ); +#endif + + send_ldap_error( op, rs, + LDAP_INSUFFICIENT_ACCESS, + NULL ); + goto return_results; + } + + } else { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_modrdn: \"\" not allowed as new superior\n", + 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_modrdn: \"\" " + "not allowed as new superior\n", + 0, 0, 0); +#endif + + send_ldap_error( op, rs, + LDAP_INSUFFICIENT_ACCESS, + NULL ); + goto return_results; + } + } + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_back_modrdn: wr to new parent's children OK.\n", 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: wr to new parent's children OK\n", + 0, 0, 0 ); +#endif + + new_parent_dn = op->oq_modrdn.rs_newSup; } + + /* Build target dn and make sure target entry doesn't exist already. */ + build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn ); + dnNormalize2( NULL, &new_dn, &new_ndn ); + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_modrdn: new ndn=%s\n", + new_ndn.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: new ndn=%s\n", + new_ndn.bv_val, 0, 0 ); +#endif /* check for abandon */ - pthread_mutex_lock( &op->o_abandonmutex ); if ( op->o_abandon ) { - pthread_mutex_unlock( &op->o_abandonmutex ); - free( newdn ); - free( pdn ); - goto error_return; + goto return_results; } - pthread_mutex_unlock( &op->o_abandonmutex ); - /* add new one */ - if ( dn2id_add( be, newdn, e->e_id ) != 0 ) { - free( newdn ); - free( pdn ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL ); - goto error_return; + if ( ( rc_id = dn2id ( op->o_bd, &new_ndn, &id ) ) || id != NOID ) { + /* if (rc_id) something bad happened to ldbm cache */ + rs->sr_err = rc_id ? LDAP_OTHER : LDAP_ALREADY_EXISTS; + send_ldap_result( op, rs ); + goto return_results; + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, "ldbm_back_modrdn: new ndn (%s) does not exist\n", + new_ndn.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: new ndn=%s does not exist\n", + new_ndn.bv_val, 0, 0 ); +#endif + + /* Get attribute type and attribute value of our new rdn, we will + * need to add that to our new entry + */ + if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, (char **)&rs->sr_text, + LDAP_DN_FORMAT_LDAP ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", + 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", + 0, 0, 0 ); +#endif + goto return_results; + } + +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, RESULTS, + "ldbm_back_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); +#endif + + if ( op->oq_modrdn.rs_deleteoldrdn ) { + if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn, (char **)&rs->sr_text, + LDAP_DN_FORMAT_LDAP ) ) + { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of old_rdn\n", + 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: can't figure out " + "the old_rdn type(s)/value(s)\n", + 0, 0, 0 ); +#endif + goto return_results; + } + } + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_modrdn: DN_X500\n", 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: DN_X500\n", + 0, 0, 0 ); +#endif + + if ( slap_modrdn2mods( op, rs, e, old_rdn, new_rdn, &mod ) != LDAP_SUCCESS ) { + goto return_results; + } + + + /* check for abandon */ + if ( op->o_abandon ) { + goto return_results; } /* delete old one */ - if ( dn2id_delete( be, dn ) != 0 ) { - free( newdn ); - free( pdn ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL ); - goto error_return; + if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "DN index delete fail" ); + goto return_results; } (void) cache_delete_entry( &li->li_cache, e ); + rc = MUST_DESTROY; + + /* XXX: there is no going back! */ + free( e->e_dn ); - e->e_dn = newdn; - - /* XXX - * At some point here we need to update the attribute values in - * the entry itself that were effected by this RDN change - * (respecting the value of the deleteoldrdn parameter). - * - * Since the code to do this has not yet been written, treat this - * omission as a (documented) bug. + free( e->e_ndn ); + e->e_name = new_dn; + e->e_nname = new_ndn; + new_dn.bv_val = NULL; + new_ndn.bv_val = NULL; + + /* NOTE: after this you must not free new_dn or new_ndn! + * They are used by cache. */ + /* add new one */ + if ( dn2id_add( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "DN index add failed" ); + goto return_results; + } + + /* modify memory copy of entry */ + rc_id = ldbm_modify_internal( op, &mod[0], e, + &rs->sr_text, textbuf, textlen ); + switch ( rc_id ) { + case LDAP_SUCCESS: + break; + + case SLAPD_ABANDON: + /* too late ... */ + rs->sr_err = rc_id; + send_ldap_result( op, rs ); + goto return_results; + + default: + /* here we may try to delete the newly added dn */ + if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) { + /* we already are in trouble ... */ + ; + } + goto return_results; + } + + (void) cache_update_entry( &li->li_cache, e ); + /* id2entry index */ - if ( id2entry_add( be, e ) != 0 ) { - entry_free( e ); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, "", "" ); - goto error_return; + if ( id2entry_add( op->o_bd, e ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "entry update failed" ); + goto return_results; } - free( pdn ); - /* free entry and writer lock */ - cache_return_entry_w( &li->li_cache, e ); - send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL ); + rs->sr_err = LDAP_SUCCESS; + send_ldap_result( op, rs ); + rc = 0; + cache_entry_commit( e ); - return( 0 ); +return_results: + if( new_dn.bv_val != NULL ) free( new_dn.bv_val ); + if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); + + /* LDAP v2 supporting correct attribute handling. */ + if ( new_rdn != NULL ) { + ldap_rdnfree( new_rdn ); + } + if ( old_rdn != NULL ) { + ldap_rdnfree( old_rdn ); + } + if ( mod != NULL ) { + Modifications *tmp; + for (; mod; mod = tmp ) { + if ( mod->sml_nvalues ) free( mod->sml_nvalues[0].bv_val ); + tmp = mod->sml_next; + free( mod ); + } + } + + /* LDAP v3 Support */ + if( np != NULL ) { + /* free new parent and writer lock */ + cache_return_entry_w( &li->li_cache, np ); + } + + if( p != NULL ) { + /* free parent and writer lock */ + cache_return_entry_w( &li->li_cache, p ); + } -error_return: /* free entry and writer lock */ cache_return_entry_w( &li->li_cache, e ); - return( -1 ); + if ( rc == MUST_DESTROY ) { + /* if rc == MUST_DESTROY the entry is uncached + * and its private data is destroyed; + * the entry must be freed */ + entry_free( e ); + } + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + return( rc ); }