X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foverlays%2Frefint.c;h=ee7b326091da8782f88c5a42deeb9d483f986aa7;hb=a255e44bf0fcb703a3a5ac58117fd54a00727fd1;hp=0a7c1aeb09d2decf3d8ca02dffb20f07ecd55d58;hpb=7701c82b685d31271e116600da06e133bf7086b3;p=openldap diff --git a/servers/slapd/overlays/refint.c b/servers/slapd/overlays/refint.c index 0a7c1aeb09..ee7b326091 100644 --- a/servers/slapd/overlays/refint.c +++ b/servers/slapd/overlays/refint.c @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 2004-2007 The OpenLDAP Foundation. + * Copyright 2004-2012 The OpenLDAP Foundation. * Portions Copyright 2004 Symas Corporation. * All rights reserved. * @@ -48,8 +48,14 @@ static BerValue refint_dn = BER_BVC("cn=Referential Integrity Overlay"); static BerValue refint_ndn = BER_BVC("cn=referential integrity overlay"); typedef struct refint_attrs_s { - struct refint_attrs_s *next; - AttributeDescription *attr; + struct refint_attrs_s *next; + AttributeDescription *attr; + BerVarray old_vals; + BerVarray old_nvals; + BerVarray new_vals; + BerVarray new_nvals; + int ra_numvals; + int dont_empty; } refint_attrs; typedef struct dependents_s { @@ -71,11 +77,12 @@ typedef struct refint_q { } refint_q; typedef struct refint_data_s { - const char *message; /* breadcrumbs */ struct refint_attrs_s *attrs; /* list of known attrs */ BerValue dn; /* basedn in parent, */ BerValue nothing; /* the nothing value, if needed */ BerValue nnothing; /* normalized nothingness */ + BerValue refint_dn; /* modifier's name */ + BerValue refint_ndn; /* normalized modifier's name */ struct re_s *qtask; refint_q *qhead; refint_q *qtail; @@ -84,9 +91,12 @@ typedef struct refint_data_s { #define RUNQ_INTERVAL 36000 /* a long time */ +static MatchingRule *mr_dnSubtreeMatch; + enum { REFINT_ATTRS = 1, - REFINT_NOTHING + REFINT_NOTHING, + REFINT_MODIFIERSNAME }; static ConfigDriver refint_cf_gen; @@ -103,6 +113,11 @@ static ConfigTable refintcfg[] = { "( OLcfgOvAt:11.2 NAME 'olcRefintNothing' " "DESC 'Replacement DN to supply when needed' " "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL }, + { "refint_modifiersName", "DN", 2, 2, 0, + ARG_DN|ARG_MAGIC|REFINT_MODIFIERSNAME, refint_cf_gen, + "( OLcfgOvAt:11.3 NAME 'olcRefintModifiersName' " + "DESC 'The DN to use as modifiersName' " + "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL }, { NULL, NULL, 0, 0, 0, ARG_IGNORED } }; @@ -111,7 +126,10 @@ static ConfigOCs refintocs[] = { "NAME 'olcRefintConfig' " "DESC 'Referential integrity configuration' " "SUP olcOverlayConfig " - "MAY ( olcRefintAttribute $ olcRefintNothing ) )", + "MAY ( olcRefintAttribute " + "$ olcRefintNothing " + "$ olcRefintModifiersName " + ") )", Cft_Overlay, refintcfg }, { NULL, 0, NULL } }; @@ -150,6 +168,17 @@ refint_cf_gen(ConfigArgs *c) } rc = 0; break; + case REFINT_MODIFIERSNAME: + if ( !BER_BVISEMPTY( &dd->refint_dn )) { + rc = value_add_one( &c->rvalue_vals, + &dd->refint_dn ); + if ( rc ) return rc; + rc = value_add_one( &c->rvalue_nvals, + &dd->refint_ndn ); + return rc; + } + rc = 0; + break; default: abort (); } @@ -181,12 +210,17 @@ refint_cf_gen(ConfigArgs *c) rc = 0; break; case REFINT_NOTHING: - if ( dd->nothing.bv_val ) - ber_memfree ( dd->nothing.bv_val ); - if ( dd->nnothing.bv_val ) - ber_memfree ( dd->nnothing.bv_val ); - dd->nothing.bv_len = 0; - dd->nnothing.bv_len = 0; + ch_free( dd->nothing.bv_val ); + ch_free( dd->nnothing.bv_val ); + BER_BVZERO( &dd->nothing ); + BER_BVZERO( &dd->nnothing ); + rc = 0; + break; + case REFINT_MODIFIERSNAME: + ch_free( dd->refint_dn.bv_val ); + ch_free( dd->refint_ndn.bv_val ); + BER_BVZERO( &dd->refint_dn ); + BER_BVZERO( &dd->refint_ndn ); rc = 0; break; default: @@ -209,22 +243,35 @@ refint_cf_gen(ConfigArgs *c) ip->next = dd->attrs; dd->attrs = ip; } else { - snprintf( c->msg, sizeof( c->msg ), + snprintf( c->cr_msg, sizeof( c->cr_msg ), "%s <%s>: %s", c->argv[0], c->argv[i], text ); Debug ( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, - "%s: %s\n", c->log, c->msg, 0 ); + "%s: %s\n", c->log, c->cr_msg, 0 ); rc = ARG_BAD_CONF; } } break; case REFINT_NOTHING: - if ( dd->nothing.bv_val ) - ber_memfree ( dd->nothing.bv_val ); - if ( dd->nnothing.bv_val ) - ber_memfree ( dd->nnothing.bv_val ); - dd->nothing = c->value_dn; - dd->nnothing = c->value_ndn; - rc = 0; + if ( !BER_BVISNULL( &c->value_ndn )) { + ch_free ( dd->nothing.bv_val ); + ch_free ( dd->nnothing.bv_val ); + dd->nothing = c->value_dn; + dd->nnothing = c->value_ndn; + rc = 0; + } else { + rc = ARG_BAD_CONF; + } + break; + case REFINT_MODIFIERSNAME: + if ( !BER_BVISNULL( &c->value_ndn )) { + ch_free( dd->refint_dn.bv_val ); + ch_free( dd->refint_ndn.bv_val ); + dd->refint_dn = c->value_dn; + dd->refint_ndn = c->value_ndn; + rc = 0; + } else { + rc = ARG_BAD_CONF; + } break; default: abort (); @@ -245,13 +292,13 @@ refint_cf_gen(ConfigArgs *c) static int refint_db_init( - BackendDB *be + BackendDB *be, + ConfigReply *cr ) { slap_overinst *on = (slap_overinst *)be->bd_info; refint_data *id = ch_calloc(1,sizeof(refint_data)); - id->message = "_init"; on->on_bi.bi_private = id; ldap_pvt_thread_mutex_init( &id->qmutex ); return(0); @@ -259,7 +306,8 @@ refint_db_init( static int refint_db_destroy( - BackendDB *be + BackendDB *be, + ConfigReply *cr ) { slap_overinst *on = (slap_overinst *)be->bd_info; @@ -280,18 +328,22 @@ refint_db_destroy( static int refint_open( - BackendDB *be + BackendDB *be, + ConfigReply *cr ) { slap_overinst *on = (slap_overinst *)be->bd_info; refint_data *id = on->on_bi.bi_private; - id->message = "_open"; if ( BER_BVISNULL( &id->dn )) { if ( BER_BVISNULL( &be->be_nsuffix[0] )) return -1; ber_dupbv( &id->dn, &be->be_nsuffix[0] ); } + if ( BER_BVISNULL( &id->refint_dn ) ) { + ber_dupbv( &id->refint_dn, &refint_dn ); + ber_dupbv( &id->refint_ndn, &refint_ndn ); + } return(0); } @@ -300,7 +352,6 @@ refint_open( ** foreach configured attribute: ** free it; ** free our basedn; -** (do not) free id->message; ** reset on_bi.bi_private; ** free our config data; ** @@ -308,13 +359,13 @@ refint_open( static int refint_close( - BackendDB *be + BackendDB *be, + ConfigReply *cr ) { slap_overinst *on = (slap_overinst *) be->bd_info; refint_data *id = on->on_bi.bi_private; refint_attrs *ii, *ij; - id->message = "_close"; for(ii = id->attrs; ii; ii = ij) { ij = ii->next; @@ -328,6 +379,10 @@ refint_close( BER_BVZERO( &id->nothing ); ch_free( id->nnothing.bv_val ); BER_BVZERO( &id->nnothing ); + ch_free( id->refint_dn.bv_val ); + BER_BVZERO( &id->refint_dn ); + ch_free( id->refint_ndn.bv_val ); + BER_BVZERO( &id->refint_ndn ); return(0); } @@ -361,8 +416,9 @@ refint_search_cb( ** if this attr exists in the search result, ** and it has a value matching the target: ** allocate an attr; - ** if this is a delete and there's only one value: - ** allocate the same attr again; + ** save/build DNs of any subordinate matches; + ** handle special case: found exact + subordinate match; + ** handle olcRefintNothing; ** */ @@ -373,31 +429,267 @@ refint_search_cb( rq->attrs = ip; ip->attrs = NULL; for(ia = da; ia; ia = ia->next) { - if ( (a = attr_find(rs->sr_entry->e_attrs, ia->attr) ) ) - for(i = 0, b = a->a_nvals; b[i].bv_val; i++) - if(bvmatch(&rq->oldndn, &b[i])) { - na = op->o_tmpalloc(sizeof( refint_attrs ), op->o_tmpmemctx ); - na->next = ip->attrs; - ip->attrs = na; - na->attr = ia->attr; - /* If this is a delete and there's only one value, and - * we have a nothing DN configured, allocate the attr again. - */ - if(!b[1].bv_val && BER_BVISEMPTY( &rq->newdn ) && - dd->nothing.bv_val) { - na = op->o_tmpalloc(sizeof( refint_attrs ), op->o_tmpmemctx ); - na->next = ip->attrs; - ip->attrs = na; - na->attr = ia->attr; + if ( (a = attr_find(rs->sr_entry->e_attrs, ia->attr) ) ) { + int exact = -1, is_exact; + + na = NULL; + + for(i = 0, b = a->a_nvals; b[i].bv_val; i++) { + if(dnIsSuffix(&b[i], &rq->oldndn)) { + is_exact = b[i].bv_len == rq->oldndn.bv_len; + + /* Paranoia: skip buggy duplicate exact match, + * it would break ra_numvals + */ + if ( is_exact && exact >= 0 ) + continue; + + /* first match? create structure */ + if ( na == NULL ) { + na = op->o_tmpcalloc( 1, + sizeof( refint_attrs ), + op->o_tmpmemctx ); + na->next = ip->attrs; + ip->attrs = na; + na->attr = ia->attr; + } + + na->ra_numvals++; + + if ( is_exact ) { + /* Exact match: refint_repair will deduce the DNs */ + exact = i; + + } else { + /* Subordinate match */ + struct berval newsub, newdn, olddn, oldndn; + + /* Save old DN */ + ber_dupbv_x( &olddn, &a->a_vals[i], op->o_tmpmemctx ); + ber_bvarray_add_x( &na->old_vals, &olddn, op->o_tmpmemctx ); + + ber_dupbv_x( &oldndn, &a->a_nvals[i], op->o_tmpmemctx ); + ber_bvarray_add_x( &na->old_nvals, &oldndn, op->o_tmpmemctx ); + + if ( BER_BVISEMPTY( &rq->newdn ) ) + continue; + + /* Rename subordinate match: Build new DN */ + newsub = a->a_vals[i]; + newsub.bv_len -= rq->olddn.bv_len + 1; + build_new_dn( &newdn, &rq->newdn, &newsub, op->o_tmpmemctx ); + ber_bvarray_add_x( &na->new_vals, &newdn, op->o_tmpmemctx ); + + newsub = a->a_nvals[i]; + newsub.bv_len -= rq->oldndn.bv_len + 1; + build_new_dn( &newdn, &rq->newndn, &newsub, op->o_tmpmemctx ); + ber_bvarray_add_x( &na->new_nvals, &newdn, op->o_tmpmemctx ); + } + } } - Debug(LDAP_DEBUG_TRACE, "refint_search_cb: %s: %s\n", - a->a_desc->ad_cname.bv_val, rq->olddn.bv_val, 0); - break; - } + + /* If we got both subordinate and exact match, + * refint_repair won't special-case the exact match */ + if ( exact >= 0 && na->old_vals ) { + struct berval dn; + + ber_dupbv_x( &dn, &a->a_vals[exact], op->o_tmpmemctx ); + ber_bvarray_add_x( &na->old_vals, &dn, op->o_tmpmemctx ); + ber_dupbv_x( &dn, &a->a_nvals[exact], op->o_tmpmemctx ); + ber_bvarray_add_x( &na->old_nvals, &dn, op->o_tmpmemctx ); + + if ( !BER_BVISEMPTY( &rq->newdn ) ) { + ber_dupbv_x( &dn, &rq->newdn, op->o_tmpmemctx ); + ber_bvarray_add_x( &na->new_vals, &dn, op->o_tmpmemctx ); + ber_dupbv_x( &dn, &rq->newndn, op->o_tmpmemctx ); + ber_bvarray_add_x( &na->new_nvals, &dn, op->o_tmpmemctx ); + } + } + + /* Deleting/replacing all values and a nothing DN is configured? */ + if ( na && na->ra_numvals == i && !BER_BVISNULL(&dd->nothing) ) + na->dont_empty = 1; + + Debug( LDAP_DEBUG_TRACE, "refint_search_cb: %s: %s (#%d)\n", + a->a_desc->ad_cname.bv_val, rq->olddn.bv_val, i ); + } } + return(0); } +static int +refint_repair( + Operation *op, + refint_data *id, + refint_q *rq ) +{ + dependent_data *dp; + SlapReply rs = {REP_RESULT}; + Operation op2; + int rc; + + op->o_callback->sc_response = refint_search_cb; + op->o_req_dn = op->o_bd->be_suffix[ 0 ]; + op->o_req_ndn = op->o_bd->be_nsuffix[ 0 ]; + op->o_dn = op->o_bd->be_rootdn; + op->o_ndn = op->o_bd->be_rootndn; + + /* search */ + rc = op->o_bd->be_search( op, &rs ); + + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + "refint_repair: search failed: %d\n", + rc, 0, 0 ); + return 0; + } + + /* safety? paranoid just in case */ + if ( op->o_callback->sc_private == NULL ) { + Debug( LDAP_DEBUG_TRACE, + "refint_repair: callback wiped out sc_private?!\n", + 0, 0, 0 ); + return 0; + } + + /* Set up the Modify requests */ + op->o_callback->sc_response = &slap_null_cb; + + /* + * [our search callback builds a list of attrs] + * foreach attr: + * make sure its dn has a backend; + * build Modification* chain; + * call the backend modify function; + * + */ + + op2 = *op; + for ( dp = rq->attrs; dp; dp = dp->next ) { + SlapReply rs2 = {REP_RESULT}; + refint_attrs *ra; + Modifications *m; + + if ( dp->attrs == NULL ) continue; /* TODO: Is this needed? */ + + op2.o_bd = select_backend( &dp->ndn, 1 ); + if ( !op2.o_bd ) { + Debug( LDAP_DEBUG_TRACE, + "refint_repair: no backend for DN %s!\n", + dp->dn.bv_val, 0, 0 ); + continue; + } + op2.o_tag = LDAP_REQ_MODIFY; + op2.orm_modlist = NULL; + op2.o_req_dn = dp->dn; + op2.o_req_ndn = dp->ndn; + /* Internal ops, never replicate these */ + op2.orm_no_opattrs = 1; + op2.o_dont_replicate = 1; + + /* Set our ModifiersName */ + if ( SLAP_LASTMOD( op->o_bd ) ) { + m = op2.o_tmpalloc( sizeof(Modifications) + + 4*sizeof(BerValue), op2.o_tmpmemctx ); + m->sml_next = op2.orm_modlist; + op2.orm_modlist = m; + m->sml_op = LDAP_MOD_REPLACE; + m->sml_flags = SLAP_MOD_INTERNAL; + m->sml_desc = slap_schema.si_ad_modifiersName; + m->sml_type = m->sml_desc->ad_cname; + m->sml_numvals = 1; + m->sml_values = (BerVarray)(m+1); + m->sml_nvalues = m->sml_values+2; + BER_BVZERO( &m->sml_values[1] ); + BER_BVZERO( &m->sml_nvalues[1] ); + m->sml_values[0] = id->refint_dn; + m->sml_nvalues[0] = id->refint_ndn; + } + + for ( ra = dp->attrs; ra; ra = ra->next ) { + size_t len; + + /* Add values */ + if ( ra->dont_empty || !BER_BVISEMPTY( &rq->newdn ) ) { + len = sizeof(Modifications); + + if ( ra->new_vals == NULL ) { + len += 4*sizeof(BerValue); + } + + m = op2.o_tmpalloc( len, op2.o_tmpmemctx ); + m->sml_next = op2.orm_modlist; + op2.orm_modlist = m; + m->sml_op = LDAP_MOD_ADD; + m->sml_flags = 0; + m->sml_desc = ra->attr; + m->sml_type = ra->attr->ad_cname; + if ( ra->new_vals == NULL ) { + m->sml_values = (BerVarray)(m+1); + m->sml_nvalues = m->sml_values+2; + BER_BVZERO( &m->sml_values[1] ); + BER_BVZERO( &m->sml_nvalues[1] ); + m->sml_numvals = 1; + if ( BER_BVISEMPTY( &rq->newdn ) ) { + m->sml_values[0] = id->nothing; + m->sml_nvalues[0] = id->nnothing; + } else { + m->sml_values[0] = rq->newdn; + m->sml_nvalues[0] = rq->newndn; + } + } else { + m->sml_values = ra->new_vals; + m->sml_nvalues = ra->new_nvals; + m->sml_numvals = ra->ra_numvals; + } + } + + /* Delete values */ + len = sizeof(Modifications); + if ( ra->old_vals == NULL ) { + len += 4*sizeof(BerValue); + } + m = op2.o_tmpalloc( len, op2.o_tmpmemctx ); + m->sml_next = op2.orm_modlist; + op2.orm_modlist = m; + m->sml_op = LDAP_MOD_DELETE; + m->sml_flags = 0; + m->sml_desc = ra->attr; + m->sml_type = ra->attr->ad_cname; + if ( ra->old_vals == NULL ) { + m->sml_numvals = 1; + m->sml_values = (BerVarray)(m+1); + m->sml_nvalues = m->sml_values+2; + m->sml_values[0] = rq->olddn; + m->sml_nvalues[0] = rq->oldndn; + BER_BVZERO( &m->sml_values[1] ); + BER_BVZERO( &m->sml_nvalues[1] ); + } else { + m->sml_values = ra->old_vals; + m->sml_nvalues = ra->old_nvals; + m->sml_numvals = ra->ra_numvals; + } + } + + op2.o_dn = op2.o_bd->be_rootdn; + op2.o_ndn = op2.o_bd->be_rootndn; + rc = op2.o_bd->be_modify( &op2, &rs2 ); + if ( rc != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + "refint_repair: dependent modify failed: %d\n", + rs2.sr_err, 0, 0 ); + } + + while ( ( m = op2.orm_modlist ) ) { + op2.orm_modlist = m->sml_next; + op2.o_tmpfree( m, op2.o_tmpmemctx ); + } + } + + return 0; +} + static void * refint_qtask( void *ctx, void *arg ) { @@ -406,16 +698,13 @@ refint_qtask( void *ctx, void *arg ) Connection conn = {0}; OperationBuffer opbuf; Operation *op; - SlapReply rs = {REP_RESULT}; slap_callback cb = { NULL, NULL, NULL, NULL }; Filter ftop, *fptr; refint_q *rq; - dependent_data *dp; - refint_attrs *ra, *ip; - int rc; + refint_attrs *ip; - op = (Operation *) &opbuf; - connection_fake_init( &conn, op, ctx ); + connection_fake_init( &conn, &opbuf, ctx ); + op = &opbuf.ob_op; /* ** build a search filter for all configured attributes; @@ -432,16 +721,24 @@ refint_qtask( void *ctx, void *arg ) ftop.f_or = NULL; op->ors_filter = &ftop; for(ip = id->attrs; ip; ip = ip->next) { - fptr = op->o_tmpalloc( sizeof(Filter) + sizeof(AttributeAssertion), - op->o_tmpmemctx ); - fptr->f_choice = LDAP_FILTER_EQUALITY; - fptr->f_ava = (AttributeAssertion *)(fptr+1); - fptr->f_ava->aa_desc = ip->attr; + fptr = op->o_tmpcalloc( sizeof(Filter) + sizeof(MatchingRuleAssertion), + 1, op->o_tmpmemctx ); + /* Use (attr:dnSubtreeMatch:=value) to catch subtree rename + * and subtree delete where supported */ + fptr->f_choice = LDAP_FILTER_EXT; + fptr->f_mra = (MatchingRuleAssertion *)(fptr+1); + fptr->f_mr_rule = mr_dnSubtreeMatch; + fptr->f_mr_rule_text = mr_dnSubtreeMatch->smr_bvoid; + fptr->f_mr_desc = ip->attr; + fptr->f_mr_dnattrs = 0; fptr->f_next = ftop.f_or; ftop.f_or = fptr; } for (;;) { + dependent_data *dp, *dp_next; + refint_attrs *ra, *ra_next; + /* Dequeue an op */ ldap_pvt_thread_mutex_lock( &id->qmutex ); rq = id->qhead; @@ -454,8 +751,8 @@ refint_qtask( void *ctx, void *arg ) if ( !rq ) break; - for (fptr = ftop.f_or; fptr; fptr=fptr->f_next ) - fptr->f_av_value = rq->oldndn; + for (fptr = ftop.f_or; fptr; fptr = fptr->f_next ) + fptr->f_mr_value = rq->oldndn; filter2bv_x( op, op->ors_filter, &op->ors_filterstr ); @@ -473,148 +770,44 @@ refint_qtask( void *ctx, void *arg ) /* no attrs! */ op->ors_attrs = slap_anlist_no_attrs; - op->o_req_ndn = id->dn; - op->o_req_dn = id->dn; - op->o_bd = rq->db; - op->o_dn = op->o_bd->be_rootdn; - op->o_ndn = op->o_bd->be_rootndn; slap_op_time( &op->o_time, &op->o_tincr ); - /* search */ - rc = op->o_bd->be_search(op, &rs); + if ( rq->db != NULL ) { + op->o_bd = rq->db; + refint_repair( op, id, rq ); - op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx ); - - if(rc != LDAP_SUCCESS) { - Debug( LDAP_DEBUG_TRACE, - "refint_response: search failed: %d\n", - rc, 0, 0 ); - continue; - } - - /* safety? paranoid just in case */ - if(!cb.sc_private) { - Debug( LDAP_DEBUG_TRACE, - "refint_response: callback wiped out sc_private?!\n", - 0, 0, 0 ); - continue; - } - - /* Set up the Modify requests */ - cb.sc_response = &slap_null_cb; - op->o_tag = LDAP_REQ_MODIFY; - - /* - ** [our search callback builds a list of attrs] - ** foreach attr: - ** make sure its dn has a backend; - ** build Modification* chain; - ** call the backend modify function; - ** - */ - - for(dp = rq->attrs; dp; dp = dp->next) { - Modifications *m, *first = NULL; - - op->orm_modlist = NULL; + } else { + BackendDB *be; - op->o_req_dn = dp->dn; - op->o_req_ndn = dp->ndn; - op->o_bd = select_backend(&dp->ndn, 0, 1); - if(!op->o_bd) { - Debug( LDAP_DEBUG_TRACE, - "refint_response: no backend for DN %s!\n", - dp->dn.bv_val, 0, 0 ); - goto done; - } - rs.sr_type = REP_RESULT; - for (ra = dp->attrs; ra; ra = dp->attrs) { - dp->attrs = ra->next; - /* Set our ModifiersName */ - if ( SLAP_LASTMOD( op->o_bd )) { - m = op->o_tmpalloc( sizeof(Modifications) + - 4*sizeof(BerValue), op->o_tmpmemctx ); - m->sml_next = op->orm_modlist; - if ( !first ) - first = m; - op->orm_modlist = m; - m->sml_op = LDAP_MOD_REPLACE; - m->sml_flags = SLAP_MOD_INTERNAL; - m->sml_desc = slap_schema.si_ad_modifiersName; - m->sml_type = m->sml_desc->ad_cname; - m->sml_values = (BerVarray)(m+1); - m->sml_nvalues = m->sml_values+2; - BER_BVZERO( &m->sml_values[1] ); - BER_BVZERO( &m->sml_nvalues[1] ); - m->sml_values[0] = refint_dn; - m->sml_nvalues[0] = refint_ndn; + LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) { + /* we may want to skip cn=config */ + if ( be == LDAP_STAILQ_FIRST(&backendDB) ) { + continue; } - if ( !BER_BVISEMPTY( &rq->newdn ) || ( ra->next && - ra->attr == ra->next->attr )) { - m = op->o_tmpalloc( sizeof(Modifications) + - 4*sizeof(BerValue), op->o_tmpmemctx ); - m->sml_next = op->orm_modlist; - if ( !first ) - first = m; - op->orm_modlist = m; - m->sml_op = LDAP_MOD_ADD; - m->sml_flags = 0; - m->sml_desc = ra->attr; - m->sml_type = ra->attr->ad_cname; - m->sml_values = (BerVarray)(m+1); - m->sml_nvalues = m->sml_values+2; - BER_BVZERO( &m->sml_values[1] ); - BER_BVZERO( &m->sml_nvalues[1] ); - if ( BER_BVISEMPTY( &rq->newdn )) { - op->o_tmpfree( ra, op->o_tmpmemctx ); - ra = dp->attrs; - dp->attrs = ra->next; - m->sml_values[0] = id->nothing; - m->sml_nvalues[0] = id->nnothing; - } else { - m->sml_values[0] = rq->newdn; - m->sml_nvalues[0] = rq->newndn; - } - } - m = op->o_tmpalloc( sizeof(Modifications) + 4*sizeof(BerValue), - op->o_tmpmemctx ); - m->sml_next = op->orm_modlist; - op->orm_modlist = m; - if ( !first ) - first = m; - m->sml_op = LDAP_MOD_DELETE; - m->sml_flags = 0; - m->sml_desc = ra->attr; - m->sml_type = ra->attr->ad_cname; - m->sml_values = (BerVarray)(m+1); - m->sml_nvalues = m->sml_values+2; - m->sml_values[0] = rq->olddn; - m->sml_nvalues[0] = rq->oldndn; - BER_BVZERO( &m->sml_values[1] ); - BER_BVZERO( &m->sml_nvalues[1] ); - op->o_tmpfree( ra, op->o_tmpmemctx ); - } - op->o_dn = op->o_bd->be_rootdn; - op->o_ndn = op->o_bd->be_rootndn; - slap_op_time( &op->o_time, &op->o_tincr ); - if((rc = op->o_bd->be_modify(op, &rs)) != LDAP_SUCCESS) { - Debug( LDAP_DEBUG_TRACE, - "refint_response: dependent modify failed: %d\n", - rs.sr_err, 0, 0 ); + if ( be->be_search && be->be_modify ) { + op->o_bd = be; + refint_repair( op, id, rq ); + } } + } - while (( m = op->orm_modlist )) { - op->orm_modlist = m->sml_next; - op->o_tmpfree( m, op->o_tmpmemctx ); - if ( m == first ) break; + for ( dp = rq->attrs; dp; dp = dp_next ) { + dp_next = dp->next; + for ( ra = dp->attrs; ra; ra = ra_next ) { + ra_next = ra->next; + ber_bvarray_free_x( ra->new_nvals, op->o_tmpmemctx ); + ber_bvarray_free_x( ra->new_vals, op->o_tmpmemctx ); + ber_bvarray_free_x( ra->old_nvals, op->o_tmpmemctx ); + ber_bvarray_free_x( ra->old_vals, op->o_tmpmemctx ); + op->o_tmpfree( ra, op->o_tmpmemctx ); } - slap_mods_free( op->orm_modlist, 1 ); op->o_tmpfree( dp->ndn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( dp->dn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( dp, op->o_tmpmemctx ); } -done: + op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx ); + if ( !BER_BVISNULL( &rq->newndn )) { ch_free( rq->newndn.bv_val ); ch_free( rq->newdn.bv_val ); @@ -624,6 +817,13 @@ done: ch_free( rq ); } + /* free filter */ + for ( fptr = ftop.f_or; fptr; ) { + Filter *f_next = fptr->f_next; + op->o_tmpfree( fptr, op->o_tmpmemctx ); + fptr = f_next; + } + /* wait until we get explicitly scheduled again */ ldap_pvt_thread_mutex_lock( &slapd_rq.rq_mutex ); ldap_pvt_runqueue_stoptask( &slapd_rq, id->qtask ); @@ -649,11 +849,9 @@ refint_response( BerValue pdn; int ac; refint_q *rq; - BackendDB *db; + BackendDB *db = NULL; refint_attrs *ip; - id->message = "_refint_response"; - /* If the main op failed or is not a Delete or ModRdn, ignore it */ if (( op->o_tag != LDAP_REQ_DELETE && op->o_tag != LDAP_REQ_MODRDN ) || rs->sr_err != LDAP_SUCCESS ) @@ -677,20 +875,22 @@ refint_response( ** */ - db = select_backend(&id->dn, 0, 1); + if ( on->on_info->oi_origdb != frontendDB ) { + db = select_backend(&id->dn, 1); - if(db) { - if (!db->be_search || !db->be_modify) { + if ( db ) { + if ( !db->be_search || !db->be_modify ) { + Debug( LDAP_DEBUG_TRACE, + "refint_response: backend missing search and/or modify\n", + 0, 0, 0 ); + return SLAP_CB_CONTINUE; + } + } else { Debug( LDAP_DEBUG_TRACE, - "refint_response: backend missing search and/or modify\n", - 0, 0, 0 ); + "refint_response: no backend for our baseDN %s??\n", + id->dn.bv_val, 0, 0 ); return SLAP_CB_CONTINUE; } - } else { - Debug( LDAP_DEBUG_TRACE, - "refint_response: no backend for our baseDN %s??\n", - id->dn.bv_val, 0, 0 ); - return SLAP_CB_CONTINUE; } rq = ch_calloc( 1, sizeof( refint_q )); @@ -699,7 +899,7 @@ refint_response( rq->db = db; rq->rdata = id; - if(op->o_tag == LDAP_REQ_MODRDN) { + if ( op->o_tag == LDAP_REQ_MODRDN ) { if ( op->oq_modrdn.rs_newSup ) { pdn = *op->oq_modrdn.rs_newSup; } else { @@ -754,6 +954,14 @@ refint_response( int refint_initialize() { int rc; + mr_dnSubtreeMatch = mr_find( "dnSubtreeMatch" ); + if ( mr_dnSubtreeMatch == NULL ) { + Debug( LDAP_DEBUG_ANY, "refint_initialize: " + "unable to find MatchingRule 'dnSubtreeMatch'.\n", + 0, 0, 0 ); + return 1; + } + /* statically declared just after the #includes at top */ refint.on_bi.bi_type = "refint"; refint.on_bi.bi_db_init = refint_db_init;