X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fmodify.c;h=99e31fe033bec6a696287ce17a0da2fbde2dbb05;hb=b44cc963c2b021821ccac582054e2ffa04f4f1e1;hp=38f6038300152a51e87bf4d376bc332345204364;hpb=bf3a2294231de245cd5d76d0f90473521a0f1fbf;p=openldap diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index 38f6038300..99e31fe033 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -27,15 +27,10 @@ #include "slap.h" -#ifndef SLAPD_SCHEMA_NOT_COMPAT -static int add_modified_attrs( Operation *op, Modifications **modlist ); -#endif - int do_modify( Connection *conn, - Operation *op -) + Operation *op ) { char *dn, *ndn = NULL; char *last; @@ -50,6 +45,7 @@ do_modify( Backend *be; int rc; const char *text; + int manageDSAit; Debug( LDAP_DEBUG_TRACE, "do_modify\n", 0, 0, 0 ); @@ -132,11 +128,6 @@ do_modify( } (*modtail)->ml_op = mop; - -#ifndef SLAPD_SCHEMA_NOT_COMPAT - attr_normalize( (*modtail)->ml_type ); -#endif - modtail = &(*modtail)->ml_next; } *modtail = NULL; @@ -155,6 +146,13 @@ do_modify( goto cleanup; } + if( ndn == '\0' ) { + Debug( LDAP_DEBUG_ANY, "do_modify: root dse!\n", 0, 0, 0 ); + send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, + NULL, "modify upon the root DSE not supported", NULL, NULL ); + goto cleanup; + } + #ifdef LDAP_DEBUG Debug( LDAP_DEBUG_ARGS, "modifications:\n", 0, 0, 0 ); for ( tmp = modlist; tmp != NULL; tmp = tmp->ml_next ) { @@ -165,35 +163,33 @@ do_modify( } #endif - Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d MOD dn=\"%s\"\n", op->o_connid, op->o_opid, dn, 0, 0 ); + manageDSAit = get_manageDSAit( op ); + /* * We could be serving multiple database backends. Select the * appropriate one, or send a referral to our "referral server" * if we don't hold it. */ - if ( (be = select_backend( ndn )) == NULL ) { + if ( (be = select_backend( ndn, manageDSAit )) == NULL ) { send_ldap_result( conn, op, rc = LDAP_REFERRAL, NULL, NULL, default_referral, NULL ); goto cleanup; } - /* make sure this backend recongizes critical controls */ - rc = backend_check_controls( be, conn, op, &text ) ; - + /* check restrictions */ + rc = backend_check_restrictions( be, conn, op, NULL, &text ) ; if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, NULL, text, NULL, NULL ); goto cleanup; } - if ( global_readonly || be->be_readonly ) { - Debug( LDAP_DEBUG_ANY, "do_modify: database is read-only\n", - 0, 0, 0 ); - send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM, - NULL, "directory is read-only", NULL, NULL ); + /* check for referrals */ + rc = backend_check_referrals( be, conn, op, dn, ndn ); + if ( rc != LDAP_SUCCESS ) { goto cleanup; } @@ -217,7 +213,6 @@ do_modify( #endif { int update = be->be_update_ndn != NULL; -#ifdef SLAPD_SCHEMA_NOT_COMPAT const char *text; rc = slap_modlist2mods( modlist, update, &mods, &text ); @@ -226,20 +221,18 @@ do_modify( NULL, text, NULL, NULL ); goto cleanup; } -#else - mods = modlist; - modlist = NULL; -#endif if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED && global_lastmod == ON)) && !update ) { -#ifdef SLAPD_SCHEMA_NOT_COMPAT - rc = slap_mods_opattrs( op, &mods, &text ); -#else - char *text = "no-user-modification attribute type"; - rc = add_modified_attrs( op, &mods ); -#endif + Modifications **modstail; + for( modstail = &mods; + *modstail != NULL; + modstail = &(*modstail)->sml_next ) + { + /* empty */ + } + rc = slap_mods_opattrs( op, modstail, &text ); if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, @@ -282,7 +275,6 @@ cleanup: return rc; } -#ifdef SLAPD_SCHEMA_NOT_COMPAT /* * convert a raw list of modifications to internal format * Do basic attribute type checking and syntax validation. @@ -303,16 +295,19 @@ int slap_modlist2mods( mod = (Modifications *) ch_calloc( 1, sizeof(Modifications) ); - ad = mod->sml_desc; + /* copy the op */ + mod->sml_op = ml->ml_op; /* convert to attribute description */ - rc = slap_str2ad( ml->ml_type, &ad, text ); + rc = slap_str2ad( ml->ml_type, &mod->sml_desc, text ); if( rc != LDAP_SUCCESS ) { slap_mods_free( mod ); return rc; } + ad = mod->sml_desc; + if( slap_syntax_is_binary( ad->ad_type->sat_syntax ) && !slap_ad_is_binary( ad )) { @@ -372,7 +367,7 @@ int slap_modlist2mods( * a rough single value check... an additional check is needed * to catch add of single value to existing single valued attribute */ - if( ( ml->ml_op == LDAP_MOD_ADD || ml->ml_op == LDAP_MOD_REPLACE ) + if( ( mod->sml_op == LDAP_MOD_ADD || mod->sml_op == LDAP_MOD_REPLACE ) && nvals > 1 && is_at_single_value( ad->ad_type )) { slap_mods_free( mod ); @@ -405,6 +400,9 @@ int slap_mods_opattrs( int mop = op->o_tag == LDAP_REQ_ADD ? LDAP_MOD_ADD : LDAP_MOD_REPLACE; + assert( modtail != NULL ); + assert( *modtail == NULL ); + ldap_pvt_thread_mutex_lock( &gmtime_mutex ); ltm = gmtime( &now ); strftime( timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", ltm ); @@ -423,7 +421,7 @@ int slap_mods_opattrs( if( op->o_tag == LDAP_REQ_ADD ) { mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ) ); mod->sml_op = mop; - mod->sml_desc = slap_schema.si_ad_creatorsName; + mod->sml_desc = ad_dup( slap_schema.si_ad_creatorsName ); mod->sml_bvalues = (struct berval **) malloc( 2 * sizeof( struct berval * ) ); mod->sml_bvalues[0] = ber_bvdup( &name ); mod->sml_bvalues[1] = NULL; @@ -433,7 +431,7 @@ int slap_mods_opattrs( mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ) ); mod->sml_op = mop; - mod->sml_desc = slap_schema.si_ad_createTimestamp; + mod->sml_desc = ad_dup( slap_schema.si_ad_createTimestamp ); mod->sml_bvalues = (struct berval **) malloc( 2 * sizeof( struct berval * ) ); mod->sml_bvalues[0] = ber_bvdup( ×tamp ); mod->sml_bvalues[1] = NULL; @@ -443,7 +441,7 @@ int slap_mods_opattrs( mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ) ); mod->sml_op = mop; - mod->sml_desc = slap_schema.si_ad_modifiersName; + mod->sml_desc = ad_dup( slap_schema.si_ad_modifiersName ); mod->sml_bvalues = (struct berval **) malloc( 2 * sizeof( struct berval * ) ); mod->sml_bvalues[0] = ber_bvdup( &name ); mod->sml_bvalues[1] = NULL; @@ -452,7 +450,7 @@ int slap_mods_opattrs( mod = (Modifications *) ch_calloc( 1, sizeof( Modifications ) ); mod->sml_op = mop; - mod->sml_desc = slap_schema.si_ad_modifyTimestamp; + mod->sml_desc = ad_dup( slap_schema.si_ad_modifyTimestamp ); mod->sml_bvalues = (struct berval **) malloc( 2 * sizeof( struct berval * ) ); mod->sml_bvalues[0] = ber_bvdup( ×tamp ); mod->sml_bvalues[1] = NULL; @@ -462,61 +460,6 @@ int slap_mods_opattrs( return LDAP_SUCCESS; } -#else -static int -add_modified_attrs( Operation *op, Modifications **modlist ) -{ - char buf[22]; - struct berval bv; - struct berval *bvals[2]; - Modifications *m; - struct tm *ltm; - time_t currenttime; - - bvals[0] = &bv; - bvals[1] = NULL; - - /* remove any attempts by the user to modify these attrs */ - for ( m = *modlist; m != NULL; m = m->ml_next ) { - if ( oc_check_op_no_usermod_attr( m->ml_type ) ) { - return LDAP_CONSTRAINT_VIOLATION; - } - } - - if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) { - bv.bv_val = SLAPD_ANONYMOUS; - bv.bv_len = sizeof(SLAPD_ANONYMOUS)-1; - } else { - bv.bv_val = op->o_dn; - bv.bv_len = strlen( bv.bv_val ); - } - m = (Modifications *) ch_calloc( 1, sizeof(Modifications) ); - m->ml_type = ch_strdup( "modifiersname" ); - m->ml_op = LDAP_MOD_REPLACE; - m->ml_bvalues = (struct berval **) ch_calloc(2, sizeof(struct berval *)); - m->ml_bvalues[0] = ber_bvdup( &bv ); - m->ml_next = *modlist; - *modlist = m; - - currenttime = slap_get_time(); - ldap_pvt_thread_mutex_lock( &gmtime_mutex ); - ltm = gmtime( ¤ttime ); - strftime( buf, sizeof(buf), "%Y%m%d%H%M%SZ", ltm ); - ldap_pvt_thread_mutex_unlock( &gmtime_mutex ); - - bv.bv_val = buf; - bv.bv_len = strlen( bv.bv_val ); - m = (Modifications *) ch_calloc( 1, sizeof(Modifications) ); - m->ml_type = ch_strdup( "modifytimestamp" ); - m->ml_op = LDAP_MOD_REPLACE; - m->ml_bvalues = (struct berval **) ch_calloc(2, sizeof(struct berval *)); - m->ml_bvalues[0] = ber_bvdup( &bv ); - m->ml_next = *modlist; - *modlist = m; - - return LDAP_SUCCESS; -} -#endif void slap_mod_free( @@ -524,13 +467,7 @@ slap_mod_free( int freeit ) { -#ifdef SLAPD_SCHEMA_NOT_COMPAT ad_free( mod->sm_desc, 1 ); -#else - if (mod->sm_desc) { - free( mod->sm_desc ); - } -#endif if ( mod->sm_bvalues != NULL ) ber_bvecfree( mod->sm_bvalues );