X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fmodrdn.c;h=328f49ec60feac9ea65b2c7790ecd362980ca96f;hb=4361a942abb69d6b3dbae637cddb4055080fe6fa;hp=3412b9319b2b57b7f5261c182e148057626e138f;hpb=9487629061b6964053e11d1c4f6a2183ff5c740d;p=openldap diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c index 3412b9319b..328f49ec60 100644 --- a/servers/slapd/modrdn.c +++ b/servers/slapd/modrdn.c @@ -1,7 +1,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1998-2005 The OpenLDAP Foundation. + * Copyright 1998-2006 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -171,21 +171,29 @@ do_modrdn( } } - /* FIXME: temporary? */ op->orr_deleteoldrdn = deloldrdn; + op->orr_modlist = NULL; + + /* prepare modlist of modifications from old/new RDN */ + rs->sr_err = slap_modrdn2mods( op, rs ); + if ( rs->sr_err != LDAP_SUCCESS ) { + send_ldap_result( op, rs ); + goto cleanup; + } op->o_bd = frontendDB; rs->sr_err = frontendDB->be_modrdn( op, rs ); cleanup: - slap_graduate_commit_csn( op ); - op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( op->orr_newrdn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( op->orr_nnewrdn.bv_val, op->o_tmpmemctx ); + if ( op->orr_modlist != NULL ) + slap_mods_free( op->orr_modlist, 1 ); + if ( !BER_BVISNULL( &pnewSuperior ) ) op->o_tmpfree( pnewSuperior.bv_val, op->o_tmpmemctx ); if ( !BER_BVISNULL( &nnewSuperior ) ) @@ -200,7 +208,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) Backend *newSuperior_be = NULL; int manageDSAit; struct berval pdn = BER_BVNULL; - BackendDB *op_be; + BackendDB *op_be, *bd = op->o_bd; if( op->o_req_ndn.bv_len == 0 ) { Debug( LDAP_DEBUG_ANY, "do_modrdn: root dse!\n", 0, 0, 0 ); @@ -230,22 +238,19 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) */ op->o_bd = select_backend( &op->o_req_ndn, manageDSAit, 1 ); if ( op->o_bd == NULL ) { + op->o_bd = bd; rs->sr_ref = referral_rewrite( default_referral, NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); if (!rs->sr_ref) rs->sr_ref = default_referral; if ( rs->sr_ref != NULL ) { rs->sr_err = LDAP_REFERRAL; - op->o_bd = frontendDB; send_ldap_result( op, rs ); - op->o_bd = NULL; if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref ); } else { - op->o_bd = frontendDB; send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "no global superior knowledge" ); - op->o_bd = NULL; } goto cleanup; } @@ -293,7 +298,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) int repl_user = be_isupdate( op ); #ifndef SLAPD_MULTIMASTER if ( !SLAP_SHADOW(op->o_bd) || repl_user ) -#endif +#endif /* ! SLAPD_MULTIMASTER */ { slap_callback cb = { NULL, slap_replog_cb, NULL, NULL }; @@ -301,7 +306,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) #ifdef SLAPD_MULTIMASTER if ( !op->o_bd->be_update_ndn.bv_len || !repl_user ) -#endif +#endif /* SLAPD_MULTIMASTER */ { cb.sc_next = op->o_callback; op->o_callback = &cb; @@ -365,7 +370,7 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, "shadow context; no update referral" ); } -#endif +#endif /* ! SLAPD_MULTIMASTER */ } } else { send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM, @@ -373,27 +378,43 @@ fe_op_modrdn( Operation *op, SlapReply *rs ) } cleanup:; + op->o_bd = bd; return rs->sr_err; } int slap_modrdn2mods( Operation *op, - SlapReply *rs, - Entry *e, - LDAPRDN old_rdn, - LDAPRDN new_rdn, - Modifications **pmod ) + SlapReply *rs ) { - Modifications *mod = NULL; - Modifications **modtail = &mod; int a_cnt, d_cnt; - int repl_user; - - assert( new_rdn != NULL ); - assert( !op->orr_deleteoldrdn || old_rdn != NULL ); + LDAPRDN old_rdn = NULL; + LDAPRDN new_rdn = NULL; + + assert( !BER_BVISEMPTY( &op->oq_modrdn.rs_newrdn ) ); + assert( !op->orr_deleteoldrdn || !BER_BVISEMPTY( &op->o_req_dn ) ); + + if ( ldap_bv2rdn_x( &op->oq_modrdn.rs_newrdn, &new_rdn, + (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx ) ) { + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2mods: can't figure out " + "type(s)/value(s) of newrdn\n", 0, 0, 0 ); + rs->sr_err = LDAP_INVALID_DN_SYNTAX; + rs->sr_text = "unknown type(s) used in RDN"; + goto done; + } - repl_user = be_isupdate( op ); + if ( op->oq_modrdn.rs_deleteoldrdn ) { + if ( ldap_bv2rdn_x( &op->o_req_dn, &old_rdn, + (char **)&rs->sr_text, LDAP_DN_FORMAT_LDAP, op->o_tmpmemctx ) ) { + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2mods: can't figure out " + "type(s)/value(s) of oldrdn\n", 0, 0, 0 ); + rs->sr_err = LDAP_OTHER; + rs->sr_text = "cannot parse RDN from old DN"; + goto done; + } + } /* Add new attribute values to the entry */ for ( a_cnt = 0; new_rdn[a_cnt]; a_cnt++ ) { @@ -404,33 +425,21 @@ slap_modrdn2mods( if ( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, - "slap_modrdn2modlist: %s: %s (new)\n", + "slap_modrdn2mods: %s: %s (new)\n", rs->sr_text, new_rdn[ a_cnt ]->la_attr.bv_val, 0 ); goto done; } - /* ACL check of newly added attrs */ - if ( op->o_bd && !access_allowed( op, e, desc, - &new_rdn[a_cnt]->la_value, ACL_WADD, NULL ) ) { - Debug( LDAP_DEBUG_TRACE, - "slap_modrdn2modlist: access to attr \"%s\" " - "(new) not allowed\n", - new_rdn[ a_cnt ]->la_attr.bv_val, 0, 0 ); - rs->sr_text = "access to naming attributes (new) not allowed"; - rs->sr_err = LDAP_INSUFFICIENT_ACCESS; - goto done; - } - /* Apply modification */ - mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) - + 4 * sizeof( struct berval ) ); + mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) ); mod_tmp->sml_desc = desc; - mod_tmp->sml_values = ( BerVarray )( mod_tmp + 1 ); - mod_tmp->sml_values[0] = new_rdn[a_cnt]->la_value; + BER_BVZERO( &mod_tmp->sml_type ); + mod_tmp->sml_values = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) ); + ber_dupbv( &mod_tmp->sml_values[0], &new_rdn[a_cnt]->la_value ); mod_tmp->sml_values[1].bv_val = NULL; if( desc->ad_type->sat_equality->smr_normalize) { - mod_tmp->sml_nvalues = &mod_tmp->sml_values[2]; + mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) ); (void) (*desc->ad_type->sat_equality->smr_normalize)( SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX, desc->ad_type->sat_syntax, @@ -442,10 +451,9 @@ slap_modrdn2mods( mod_tmp->sml_nvalues = NULL; } mod_tmp->sml_op = SLAP_MOD_SOFTADD; - mod_tmp->sml_flags = SLAP_MOD_INTERNAL; - mod_tmp->sml_managing = 0; - mod_tmp->sml_next = mod; - mod = mod_tmp; + mod_tmp->sml_flags = 0; + mod_tmp->sml_next = op->orr_modlist; + op->orr_modlist = mod_tmp; } /* Remove old rdn value if required */ @@ -457,81 +465,65 @@ slap_modrdn2mods( rs->sr_err = slap_bv2ad( &old_rdn[d_cnt]->la_attr, &desc, &rs->sr_text ); if ( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, - "slap_modrdn2modlist: %s: %s (old)\n", + "slap_modrdn2mods: %s: %s (old)\n", rs->sr_text, old_rdn[d_cnt]->la_attr.bv_val, 0 ); goto done; } - /* ACL check of old rdn attrs removal */ - if ( op->o_bd && !access_allowed( op, e, desc, - &old_rdn[d_cnt]->la_value, ACL_WDEL, - NULL ) ) { - Debug( LDAP_DEBUG_TRACE, - "slap_modrdn2modlist: access " - "to attr \"%s\" (old) not allowed\n", - old_rdn[ d_cnt ]->la_attr.bv_val, - 0, 0 ); - rs->sr_text = "access to naming attributes (old) not allowed"; - rs->sr_err = LDAP_INSUFFICIENT_ACCESS; - goto done; - } - /* Apply modification */ - mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) - + 4 * sizeof ( struct berval ) ); + mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) ); mod_tmp->sml_desc = desc; - mod_tmp->sml_values = ( BerVarray )(mod_tmp+1); - mod_tmp->sml_values[0] = old_rdn[d_cnt]->la_value; + BER_BVZERO( &mod_tmp->sml_type ); + mod_tmp->sml_values = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) ); + ber_dupbv( &mod_tmp->sml_values[0], &old_rdn[d_cnt]->la_value ); mod_tmp->sml_values[1].bv_val = NULL; if( desc->ad_type->sat_equality->smr_normalize) { - mod_tmp->sml_nvalues = &mod_tmp->sml_values[2]; + mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) ); (void) (*desc->ad_type->sat_equality->smr_normalize)( SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX, desc->ad_type->sat_syntax, desc->ad_type->sat_equality, &mod_tmp->sml_values[0], - &mod_tmp->sml_nvalues[0], op->o_tmpmemctx ); + &mod_tmp->sml_nvalues[0], NULL ); mod_tmp->sml_nvalues[1].bv_val = NULL; } else { mod_tmp->sml_nvalues = NULL; } mod_tmp->sml_op = LDAP_MOD_DELETE; - mod_tmp->sml_flags = SLAP_MOD_INTERNAL; - mod_tmp->sml_managing = 0; - mod_tmp->sml_next = mod; - mod = mod_tmp; + mod_tmp->sml_flags = 0; + mod_tmp->sml_next = op->orr_modlist; + op->orr_modlist = mod_tmp; } } done: +#if 0 + /* should be done by backend */ if ( rs->sr_err == LDAP_SUCCESS && !repl_user ) { - char textbuf[ SLAP_TEXT_BUFLEN ]; - size_t textlen = sizeof textbuf; - - for( modtail = &mod; - *modtail != NULL; - modtail = &(*modtail)->sml_next ) - { - /* empty */ - } - - rs->sr_err = slap_mods_opattrs( op, mod, modtail, - &rs->sr_text, textbuf, textlen, 1 ); + slap_mods_opattrs( op, &op->orr_modlist, 1 ); } +#endif /* LDAP v2 supporting correct attribute handling. */ - if ( rs->sr_err != LDAP_SUCCESS && mod != NULL ) { + if ( rs->sr_err != LDAP_SUCCESS && op->orr_modlist != NULL ) { Modifications *tmp; - for ( ; mod; mod = tmp ) { - tmp = mod->sml_next; - ch_free( mod ); + + for ( ; op->orr_modlist != NULL; op->orr_modlist = tmp ) { + tmp = op->orr_modlist->sml_next; + ch_free( op->orr_modlist ); } } - *pmod = mod; + if ( new_rdn != NULL ) { + ldap_rdnfree_x( new_rdn, op->o_tmpmemctx ); + } + if ( old_rdn != NULL ) { + ldap_rdnfree_x( old_rdn, op->o_tmpmemctx ); + } return rs->sr_err; } +