X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fmods.c;h=ffe10faea651c3549e25246238563d85200e4549;hb=b3c3d89140dadff2de0bf987d48b1dfe77035811;hp=cb09775ac8217b12ec0b9f07c15059d2b372c3d4;hpb=c75be97ae946dab41f002a31d8347cc38cda7658;p=openldap
diff --git a/servers/slapd/mods.c b/servers/slapd/mods.c
index cb09775ac8..ffe10faea6 100644
--- a/servers/slapd/mods.c
+++ b/servers/slapd/mods.c
@@ -1,9 +1,18 @@
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2012 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
*/
-/*
- * Copyright (c) 1995 Regents of the University of Michigan.
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
@@ -16,40 +25,26 @@
#include "portable.h"
-#include "slap.h"
+#include
-int
-modify_check_duplicates(
- AttributeDescription *ad,
- MatchingRule *mr,
- BerVarray vals,
- BerVarray mods,
- int permissive,
- const char **text,
- char *textbuf, size_t textlen )
-{
- int i, j, numvals = 0, nummods,
- rc = LDAP_SUCCESS, matched;
- /* this function is no longer used */
- return rc;
-}
+#include "slap.h"
+#include "lutil.h"
int
modify_add_values(
- Entry *e,
+ Entry *e,
Modification *mod,
- int permissive,
+ int permissive,
const char **text,
- char *textbuf, size_t textlen
-)
+ char *textbuf,
+ size_t textlen )
{
- int i, j;
- int matched;
+ int rc;
+ const char *op;
Attribute *a;
- MatchingRule *mr = mod->sm_desc->ad_type->sat_equality;
- const char *op;
+ Modification pmod = *mod;
- switch( mod->sm_op ) {
+ switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
op = "add";
break;
@@ -61,17 +56,24 @@ modify_add_values(
assert( 0 );
}
- a = attr_find( e->e_attrs, mod->sm_desc );
-
- /*
- * With permissive set, as long as the attribute being added
- * has the same value(s?) as the existing attribute, then the
- * modify will succeed.
+ /* FIXME: Catch old code that doesn't set sm_numvals.
*/
+ if ( !BER_BVISNULL( &mod->sm_values[mod->sm_numvals] )) {
+ unsigned i;
+ for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ );
+ assert( mod->sm_numvals == i );
+ }
- /* check if the values we're adding already exist */
- if( mr == NULL || !mr->smr_match ) {
- if ( a != NULL ) {
+ /* check if values to add exist in attribute */
+ a = attr_find( e->e_attrs, mod->sm_desc );
+ if ( a != NULL ) {
+ MatchingRule *mr;
+ struct berval *cvals;
+ int rc;
+ unsigned i, p, flags;
+
+ mr = mod->sm_desc->ad_type->sat_equality;
+ if( mr == NULL || !mr->smr_match ) {
/* do not allow add of additional attribute
if no equality rule exists */
*text = textbuf;
@@ -81,122 +83,95 @@ modify_add_values(
return LDAP_INAPPROPRIATE_MATCHING;
}
- for ( i = 0; mod->sm_bvalues[i].bv_val != NULL; i++ ) {
- /* test asserted values against existing values */
- if( a ) {
- for( matched = 0, j = 0; a->a_vals[j].bv_val != NULL; j++ ) {
- if ( bvmatch( &mod->sm_bvalues[i], &a->a_vals[j] ) ) {
- if ( permissive ) {
- matched++;
- continue;
- }
- /* value exists already */
- *text = textbuf;
- snprintf( textbuf, textlen,
- "modify/%s: %s: value #%i already exists",
- op, mod->sm_desc->ad_cname.bv_val, j );
- return LDAP_TYPE_OR_VALUE_EXISTS;
- }
- }
- if ( permissive && matched == j ) {
- /* values already exist; do nothing */
- return LDAP_SUCCESS;
- }
- }
-
- /* test asserted values against themselves */
- for( j = 0; j < i; j++ ) {
- if ( bvmatch( &mod->sm_bvalues[i], &mod->sm_bvalues[j] ) ) {
- /* value exists already */
- *text = textbuf;
- snprintf( textbuf, textlen,
- "modify/%s: %s: value #%i already exists",
- op, mod->sm_desc->ad_cname.bv_val, j );
- return LDAP_TYPE_OR_VALUE_EXISTS;
- }
+ if ( permissive ) {
+ i = mod->sm_numvals;
+ pmod.sm_values = (BerVarray)ch_malloc(
+ (i + 1) * sizeof( struct berval ));
+ if ( pmod.sm_nvalues != NULL ) {
+ pmod.sm_nvalues = (BerVarray)ch_malloc(
+ (i + 1) * sizeof( struct berval ));
}
}
- } else {
/* no normalization is done in this routine nor
* in the matching routines called by this routine.
* values are now normalized once on input to the
* server (whether from LDAP or from the underlying
* database).
- * This should outperform the old code. No numbers
- * are available yet.
*/
+ if ( a->a_desc == slap_schema.si_ad_objectClass ) {
+ /* Needed by ITS#5517 */
+ flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX;
- int rc;
+ } else {
+ flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ASSERTION_SYNTAX;
+ }
+ if ( mod->sm_nvalues ) {
+ flags |= SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH |
+ SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH;
+ cvals = mod->sm_nvalues;
+ } else {
+ cvals = mod->sm_values;
+ }
+ for ( p = i = 0; i < mod->sm_numvals; i++ ) {
+ unsigned slot;
- if ( mod->sm_bvalues[1].bv_val == 0 ) {
- if ( a != NULL ) {
- int i;
-
- for ( matched = 0, i = 0; a->a_vals[ i ].bv_val; i++ ) {
- int match;
-
- if( mod->sm_nvalues ) {
- rc = value_match( &match, mod->sm_desc, mr,
- SLAP_MR_EQUALITY
- | SLAP_MR_VALUE_OF_ASSERTION_SYNTAX
- | SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH
- | SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH,
- &a->a_nvals[i],
- &mod->sm_nvalues[0],
- text );
-
- } else {
- rc = value_match( &match, mod->sm_desc, mr,
- SLAP_MR_EQUALITY
- | SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
- &a->a_vals[i],
- &mod->sm_values[0],
- text );
- }
-
-
- if( rc == LDAP_SUCCESS && match == 0 ) {
- if ( permissive ) {
- matched++;
- continue;
- }
- *text = textbuf;
- snprintf( textbuf, textlen,
- "modify/%s: %s: value #0 already exists",
- op, mod->sm_desc->ad_cname.bv_val, 0 );
- return LDAP_TYPE_OR_VALUE_EXISTS;
- }
- }
- if ( permissive && matched == i ) {
- /* values already exist; do nothing */
- return LDAP_SUCCESS;
+ rc = attr_valfind( a, flags, &cvals[i], &slot, NULL );
+ if ( rc == LDAP_SUCCESS ) {
+ if ( !permissive ) {
+ /* value already exists */
+ *text = textbuf;
+ snprintf( textbuf, textlen,
+ "modify/%s: %s: value #%u already exists",
+ op, mod->sm_desc->ad_cname.bv_val, i );
+ return LDAP_TYPE_OR_VALUE_EXISTS;
}
+ } else if ( rc != LDAP_NO_SUCH_ATTRIBUTE ) {
+ return rc;
}
- } else {
- rc = modify_check_duplicates( mod->sm_desc, mr,
- a ? a->a_vals : NULL, mod->sm_bvalues,
- permissive, text, textbuf, textlen );
+ if ( permissive && rc ) {
+ if ( pmod.sm_nvalues ) {
+ pmod.sm_nvalues[p] = mod->sm_nvalues[i];
+ }
+ pmod.sm_values[p++] = mod->sm_values[i];
+ }
+ }
- if ( permissive && rc == LDAP_TYPE_OR_VALUE_EXISTS ) {
+ if ( permissive ) {
+ if ( p == 0 ) {
+ /* all new values match exist */
+ ch_free( pmod.sm_values );
+ if ( pmod.sm_nvalues ) ch_free( pmod.sm_nvalues );
return LDAP_SUCCESS;
}
- if ( rc != LDAP_SUCCESS ) {
- return rc;
+ BER_BVZERO( &pmod.sm_values[p] );
+ if ( pmod.sm_nvalues ) {
+ BER_BVZERO( &pmod.sm_nvalues[p] );
}
}
}
/* no - add them */
- if( attr_merge( e, mod->sm_desc, mod->sm_values, mod->sm_nvalues ) != 0 )
- {
+ if ( mod->sm_desc->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
+ rc = ordered_value_add( e, mod->sm_desc, a,
+ pmod.sm_values, pmod.sm_nvalues );
+ } else {
+ rc = attr_merge( e, mod->sm_desc, pmod.sm_values, pmod.sm_nvalues );
+ }
+
+ if ( a != NULL && permissive ) {
+ ch_free( pmod.sm_values );
+ if ( pmod.sm_nvalues ) ch_free( pmod.sm_nvalues );
+ }
+
+ if ( rc != 0 ) {
/* this should return result of attr_merge */
*text = textbuf;
snprintf( textbuf, textlen,
- "modify/%s: %s: merge error",
- op, mod->sm_desc->ad_cname.bv_val );
+ "modify/%s: %s: merge error (%d)",
+ op, mod->sm_desc->ad_cname.bv_val, rc );
return LDAP_OTHER;
}
@@ -205,16 +180,30 @@ modify_add_values(
int
modify_delete_values(
+ Entry *e,
+ Modification *m,
+ int perm,
+ const char **text,
+ char *textbuf, size_t textlen )
+{
+ return modify_delete_vindex( e, m, perm, text, textbuf, textlen, NULL );
+}
+
+int
+modify_delete_vindex(
Entry *e,
Modification *mod,
int permissive,
const char **text,
- char *textbuf, size_t textlen
-)
+ char *textbuf, size_t textlen,
+ int *idx )
{
- int i, j, k, rc = LDAP_SUCCESS;
Attribute *a;
MatchingRule *mr = mod->sm_desc->ad_type->sat_equality;
+ struct berval *cvals;
+ int *id2 = NULL;
+ int rc = 0;
+ unsigned i, j, flags;
char dummy = '\0';
/*
@@ -223,7 +212,7 @@ modify_delete_values(
*/
/* delete the entire attribute */
- if ( mod->sm_bvalues == NULL ) {
+ if ( mod->sm_values == NULL ) {
rc = attr_delete( &e->e_attrs, mod->sm_desc );
if( permissive ) {
@@ -238,6 +227,17 @@ modify_delete_values(
return rc;
}
+ /* FIXME: Catch old code that doesn't set sm_numvals.
+ */
+ if ( !BER_BVISNULL( &mod->sm_values[mod->sm_numvals] )) {
+ for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ );
+ assert( mod->sm_numvals == i );
+ }
+ if ( !idx ) {
+ id2 = ch_malloc( mod->sm_numvals * sizeof( int ));
+ idx = id2;
+ }
+
if( mr == NULL || !mr->smr_match ) {
/* disallow specific attributes from being deleted if
no equality rule */
@@ -245,118 +245,120 @@ modify_delete_values(
snprintf( textbuf, textlen,
"modify/delete: %s: no equality matching rule",
mod->sm_desc->ad_cname.bv_val );
- return LDAP_INAPPROPRIATE_MATCHING;
+ rc = LDAP_INAPPROPRIATE_MATCHING;
+ goto return_result;
}
/* delete specific values - find the attribute first */
if ( (a = attr_find( e->e_attrs, mod->sm_desc )) == NULL ) {
if( permissive ) {
- return LDAP_SUCCESS;
+ rc = LDAP_SUCCESS;
+ goto return_result;
}
*text = textbuf;
snprintf( textbuf, textlen,
"modify/delete: %s: no such attribute",
mod->sm_desc->ad_cname.bv_val );
- return LDAP_NO_SUCH_ATTRIBUTE;
+ rc = LDAP_NO_SUCH_ATTRIBUTE;
+ goto return_result;
}
+ if ( a->a_desc == slap_schema.si_ad_objectClass ) {
+ /* Needed by ITS#5517,ITS#5963 */
+ flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX;
- for ( i = 0; mod->sm_values[i].bv_val != NULL; i++ ) {
- int found = 0;
- for ( j = 0; a->a_vals[j].bv_val != NULL; j++ )
- {
- int match;
-
- if( mod->sm_nvalues ) {
- assert( a->a_nvals );
- rc = (*mr->smr_match)( &match,
- SLAP_MR_VALUE_OF_ASSERTION_SYNTAX
- | SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH
- | SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH,
- a->a_desc->ad_type->sat_syntax,
- mr, &a->a_nvals[j],
- &mod->sm_nvalues[i] );
- } else {
-#if 0
- assert( a->a_nvals == NULL );
-#endif
- rc = (*mr->smr_match)( &match,
- SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
- a->a_desc->ad_type->sat_syntax,
- mr, &a->a_vals[j],
- &mod->sm_values[i] );
- }
-
- if ( rc != LDAP_SUCCESS ) {
- *text = textbuf;
- snprintf( textbuf, textlen,
- "%s: matching rule failed",
- mod->sm_desc->ad_cname.bv_val );
- goto return_results;
- }
+ } else {
+ flags = SLAP_MR_EQUALITY | SLAP_MR_VALUE_OF_ASSERTION_SYNTAX;
+ }
+ if ( mod->sm_nvalues ) {
+ flags |= SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH
+ | SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH;
+ cvals = mod->sm_nvalues;
+ } else {
+ cvals = mod->sm_values;
+ }
- if ( match != 0 ) {
+ /* Locate values to delete */
+ for ( i = 0; !BER_BVISNULL( &mod->sm_values[i] ); i++ ) {
+ unsigned sort;
+ rc = attr_valfind( a, flags, &cvals[i], &sort, NULL );
+ if ( rc == LDAP_SUCCESS ) {
+ idx[i] = sort;
+ } else if ( rc == LDAP_NO_SUCH_ATTRIBUTE ) {
+ if ( permissive ) {
+ idx[i] = -1;
continue;
}
-
- found = 1;
-
- /* delete value and mark it as dummy */
- free( a->a_vals[j].bv_val );
- a->a_vals[j].bv_val = &dummy;
- if( a->a_nvals != a->a_vals ) {
- free( a->a_nvals[j].bv_val );
- a->a_nvals[j].bv_val = &dummy;
- }
-
- break;
- }
-
-
- if ( found == 0 ) {
*text = textbuf;
snprintf( textbuf, textlen,
"modify/delete: %s: no such value",
mod->sm_desc->ad_cname.bv_val );
- rc = LDAP_NO_SUCH_ATTRIBUTE;
- goto return_results;
+ goto return_result;
+ } else {
+ *text = textbuf;
+ snprintf( textbuf, textlen,
+ "modify/delete: %s: matching rule failed",
+ mod->sm_desc->ad_cname.bv_val );
+ goto return_result;
+ }
+ }
+
+ /* Delete the values */
+ for ( i = 0; i < mod->sm_numvals; i++ ) {
+ /* Skip permissive values that weren't found */
+ if ( idx[i] < 0 )
+ continue;
+ /* Skip duplicate delete specs */
+ if ( a->a_vals[idx[i]].bv_val == &dummy )
+ continue;
+ /* delete value and mark it as gone */
+ free( a->a_vals[idx[i]].bv_val );
+ a->a_vals[idx[i]].bv_val = &dummy;
+ if( a->a_nvals != a->a_vals ) {
+ free( a->a_nvals[idx[i]].bv_val );
+ a->a_nvals[idx[i]].bv_val = &dummy;
}
+ a->a_numvals--;
}
/* compact array skipping dummies */
- for ( k = 0, j = 0; a->a_vals[k].bv_val != NULL; k++ )
- {
+ for ( i = 0, j = 0; !BER_BVISNULL( &a->a_vals[i] ); i++ ) {
/* skip dummies */
- if( a->a_vals[k].bv_val == &dummy ) {
- assert( a->a_nvals == NULL || a->a_nvals[k].bv_val == &dummy );
+ if( a->a_vals[i].bv_val == &dummy ) {
+ assert( a->a_nvals[i].bv_val == &dummy );
continue;
}
- if ( j != k ) {
- a->a_vals[ j ] = a->a_vals[ k ];
+ if ( j != i ) {
+ a->a_vals[ j ] = a->a_vals[ i ];
if (a->a_nvals != a->a_vals) {
- a->a_nvals[ j ] = a->a_nvals[ k ];
+ a->a_nvals[ j ] = a->a_nvals[ i ];
}
}
-
j++;
}
- a->a_vals[j].bv_val = NULL;
- if (a->a_nvals != a->a_vals) a->a_nvals[j].bv_val = NULL;
+ BER_BVZERO( &a->a_vals[j] );
+ if (a->a_nvals != a->a_vals) {
+ BER_BVZERO( &a->a_nvals[j] );
+ }
/* if no values remain, delete the entire attribute */
- if ( a->a_vals[0].bv_val == NULL ) {
+ if ( !a->a_numvals ) {
if ( attr_delete( &e->e_attrs, mod->sm_desc ) ) {
+ /* Can never happen */
*text = textbuf;
snprintf( textbuf, textlen,
"modify/delete: %s: no such attribute",
mod->sm_desc->ad_cname.bv_val );
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
+ } else if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
+ /* For an ordered attribute, renumber the value indices */
+ ordered_value_sort( a, 1 );
}
-
-return_results:;
-
+return_result:
+ if ( id2 )
+ ch_free( id2 );
return rc;
}
@@ -366,23 +368,95 @@ modify_replace_values(
Modification *mod,
int permissive,
const char **text,
- char *textbuf, size_t textlen
-)
+ char *textbuf, size_t textlen )
{
(void) attr_delete( &e->e_attrs, mod->sm_desc );
- if ( mod->sm_bvalues ) {
+ if ( mod->sm_values ) {
return modify_add_values( e, mod, permissive, text, textbuf, textlen );
}
return LDAP_SUCCESS;
}
+int
+modify_increment_values(
+ Entry *e,
+ Modification *mod,
+ int permissive,
+ const char **text,
+ char *textbuf, size_t textlen )
+{
+ Attribute *a;
+
+ a = attr_find( e->e_attrs, mod->sm_desc );
+ if( a == NULL ) {
+ if ( permissive ) {
+ Modification modReplace = *mod;
+
+ modReplace.sm_op = LDAP_MOD_REPLACE;
+
+ return modify_add_values(e, &modReplace, permissive, text, textbuf, textlen);
+ } else {
+ *text = textbuf;
+ snprintf( textbuf, textlen,
+ "modify/increment: %s: no such attribute",
+ mod->sm_desc->ad_cname.bv_val );
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
+ }
+
+ if ( !strcmp( a->a_desc->ad_type->sat_syntax_oid, SLAPD_INTEGER_SYNTAX )) {
+ int i;
+ char str[sizeof(long)*3 + 2]; /* overly long */
+ long incr;
+
+ if ( lutil_atol( &incr, mod->sm_values[0].bv_val ) != 0 ) {
+ *text = "modify/increment: invalid syntax of increment";
+ return LDAP_INVALID_SYNTAX;
+ }
+
+ /* treat zero and errors as a no-op */
+ if( incr == 0 ) {
+ return LDAP_SUCCESS;
+ }
+
+ for( i = 0; !BER_BVISNULL( &a->a_nvals[i] ); i++ ) {
+ char *tmp;
+ long value;
+ size_t strln;
+ if ( lutil_atol( &value, a->a_nvals[i].bv_val ) != 0 ) {
+ *text = "modify/increment: invalid syntax of original value";
+ return LDAP_INVALID_SYNTAX;
+ }
+ strln = snprintf( str, sizeof(str), "%ld", value+incr );
+
+ tmp = SLAP_REALLOC( a->a_nvals[i].bv_val, strln+1 );
+ if( tmp == NULL ) {
+ *text = "modify/increment: reallocation error";
+ return LDAP_OTHER;
+ }
+ a->a_nvals[i].bv_val = tmp;
+ a->a_nvals[i].bv_len = strln;
+
+ AC_MEMCPY( a->a_nvals[i].bv_val, str, strln+1 );
+ }
+
+ } else {
+ snprintf( textbuf, textlen,
+ "modify/increment: %s: increment not supported for value syntax %s",
+ mod->sm_desc->ad_cname.bv_val,
+ a->a_desc->ad_type->sat_syntax_oid );
+ return LDAP_CONSTRAINT_VIOLATION;
+ }
+
+ return LDAP_SUCCESS;
+}
+
void
slap_mod_free(
Modification *mod,
- int freeit
-)
+ int freeit )
{
if ( mod->sm_values != NULL ) ber_bvarray_free( mod->sm_values );
mod->sm_values = NULL;
@@ -395,15 +469,16 @@ slap_mod_free(
void
slap_mods_free(
- Modifications *ml
-)
+ Modifications *ml,
+ int freevals )
{
Modifications *next;
for ( ; ml != NULL; ml = next ) {
next = ml->sml_next;
- slap_mod_free( &ml->sml_mod, 0 );
+ if ( freevals )
+ slap_mod_free( &ml->sml_mod, 0 );
free( ml );
}
}